You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by Marc Slemko <ma...@hyperreal.org> on 1997/09/05 02:26:35 UTC
cvs commit: apachen/src/modules/proxy mod_proxy.c mod_proxy.h proxy_connect.c
marc 97/09/04 17:26:34
Modified: src CHANGES
src/modules/proxy mod_proxy.c mod_proxy.h proxy_connect.c
Log:
Fix mod_proxy to properly handle CONNECT requests when we are
talking to a proxy via ProxyRemote. Some of the code in here should
be better abstracted, but the current API doesn't allow for it. The
CONNECT request is special and is handled seperately from the rest
of the proxy.
PR: 1024
Reviewed by: Martin Kraemer, Randy Terbush, Lars Eilebrecht
Revision Changes Path
1.428 +8 -0 apachen/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /export/home/cvs/apachen/src/CHANGES,v
retrieving revision 1.427
retrieving revision 1.428
diff -u -r1.427 -r1.428
--- CHANGES 1997/09/03 15:56:07 1.427
+++ CHANGES 1997/09/05 00:26:29 1.428
@@ -1,5 +1,13 @@
Changes with Apache 1.3a2
+ *) The proxy now properly handles CONNECT requests which are sent
+ to proxy servers when using ProxyRemote. [Marc Slemko, PR#1024]
+
+ *) A script called apachectl has been added to the support
+ directory. This script allows you to do things such as
+ "apachectl start" and "apachectl restart" from the command
+ line. [Marc Slemko]
+
*) Modules and core routines are now put into libraries, which
simplifies the link line tremendously (among other advantages).
[Paul Sutton]
1.24 +8 -2 apachen/src/modules/proxy/mod_proxy.c
Index: mod_proxy.c
===================================================================
RCS file: /export/home/cvs/apachen/src/modules/proxy/mod_proxy.c,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- mod_proxy.c 1997/09/01 03:07:26 1.23
+++ mod_proxy.c 1997/09/05 00:26:32 1.24
@@ -331,8 +331,14 @@
(p != NULL &&
strncmp(url, ents[i].scheme, strlen(ents[i].scheme)) == 0))
{
+ /* CONNECT is a special method that bypasses the normal
+ * proxy code.
+ */
+ if (r->method_number == M_CONNECT)
+ rc = proxy_connect_handler(r, cr, url, ents[i].hostname,
+ ents[i].port);
/* we only know how to handle communication to a proxy via http */
- if (strcmp(ents[i].protocol, "http") == 0)
+ else if (strcmp(ents[i].protocol, "http") == 0)
rc = proxy_http_handler(r, cr, url, ents[i].hostname,
ents[i].port);
else rc = DECLINED;
@@ -349,7 +355,7 @@
*/
/* handle the scheme */
if (r->method_number == M_CONNECT)
- return proxy_connect_handler(r, cr, url);
+ return proxy_connect_handler(r, cr, url, NULL, 0);
if (strcmp(scheme, "http") == 0)
return proxy_http_handler(r, cr, url, NULL, 0);
if (strcmp(scheme, "ftp") == 0)
1.20 +2 -1 apachen/src/modules/proxy/mod_proxy.h
Index: mod_proxy.h
===================================================================
RCS file: /export/home/cvs/apachen/src/modules/proxy/mod_proxy.h,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- mod_proxy.h 1997/08/23 22:59:10 1.19
+++ mod_proxy.h 1997/09/05 00:26:33 1.20
@@ -237,7 +237,8 @@
/* proxy_connect.c */
-int proxy_connect_handler(request_rec *r, struct cache_req *c, char *url);
+int proxy_connect_handler(request_rec *r, struct cache_req *c, char *url,
+ const char *proxyhost, int proxyport);
/* proxy_ftp.c */
1.15 +34 -9 apachen/src/modules/proxy/proxy_connect.c
Index: proxy_connect.c
===================================================================
RCS file: /export/home/cvs/apachen/src/modules/proxy/proxy_connect.c,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- proxy_connect.c 1997/09/01 03:07:27 1.14
+++ proxy_connect.c 1997/09/05 00:26:33 1.15
@@ -71,6 +71,9 @@
* "Tunneling SSL Through a WWW Proxy" currently at
* http://www.mcom.com/newsref/std/tunneling_ssl.html.
*
+ * If proxyhost and proxyport are set, we send a CONNECT to
+ * the specified proxy..
+ *
* FIXME: this is bad, because it does its own socket I/O
* instead of using the I/O in buff.c. However,
* the I/O in buff.c blocks on reads, and because
@@ -90,7 +93,8 @@
*/
int
-proxy_connect_handler(request_rec *r, struct cache_req *c, char *url)
+proxy_connect_handler(request_rec *r, struct cache_req *c, char *url,
+ const char *proxyhost, int proxyport)
{
struct sockaddr_in server;
struct in_addr destaddr;
@@ -140,10 +144,15 @@
return HTTP_SERVICE_UNAVAILABLE;
}
- Explain2("CONNECT to %s on port %d", host, port);
+ if (proxyhost) {
+ Explain2("CONNECT to remote proxy %s on port %d", proxyhost, proxyport);
+ } else {
+ Explain2("CONNECT to %s on port %d", host, port);
+ }
- server.sin_port = htons(port);
- err = proxy_host2addr(host, &server_hp);
+ server.sin_port = (proxyport ? htons(proxyport) : htons(port));
+ err = proxy_host2addr(proxyhost ? proxyhost : host, &server_hp);
+
if (err != NULL)
return proxyerror(r, err); /* give up */
@@ -169,11 +178,27 @@
return proxyerror(r, "Could not connect to remote machine");
}
- Explain0("Returning 200 OK Status");
-
- rvputs(r, "HTTP/1.0 200 Connection established\015\012", NULL);
- rvputs(r, "Proxy-agent: ", SERVER_VERSION, "\015\012\015\012", NULL);
- bflush(r->connection->client);
+ /* If we are connecting through a remote proxy, we need to pass
+ * the CONNECT request on to it.
+ */
+ if (proxyport) {
+ /* FIXME: We should not be calling write() directly, but we currently
+ * have no alternative. Error checking ignored. Also, we force
+ * a HTTP/1.0 request to keep things simple.
+ */
+ Explain0("Sending the CONNECT request to the remote proxy");
+ ap_snprintf(buffer, sizeof(buffer), "CONNECT %s HTTP/1.0\015\012",
+ r->uri);
+ write(sock, buffer, strlen(buffer));
+ ap_snprintf(buffer, sizeof(buffer),
+ "Proxy-agent: %s\015\012\015\012", SERVER_VERSION);
+ write(sock, buffer, strlen(buffer));
+ } else {
+ Explain0("Returning 200 OK Status");
+ rvputs(r, "HTTP/1.0 200 Connection established\015\012", NULL);
+ rvputs(r, "Proxy-agent: ", SERVER_VERSION, "\015\012\015\012", NULL);
+ bflush(r->connection->client);
+ }
while (1) /* Infinite loop until error (one side closes the connection) */
{