You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by do...@apache.org on 2002/03/29 08:29:11 UTC
cvs commit: httpd-2.0/modules/proxy mod_proxy.c mod_proxy.h proxy_http.c
dougm 02/03/28 23:29:11
Modified: modules/proxy mod_proxy.c mod_proxy.h proxy_http.c
Log:
hook into mod_ssl for https support
Revision Changes Path
1.77 +21 -0 httpd-2.0/modules/proxy/mod_proxy.c
Index: mod_proxy.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/proxy/mod_proxy.c,v
retrieving revision 1.76
retrieving revision 1.77
diff -u -r1.76 -r1.77
--- mod_proxy.c 21 Mar 2002 12:05:45 -0000 1.76
+++ mod_proxy.c 29 Mar 2002 07:29:11 -0000 1.77
@@ -61,6 +61,8 @@
#include "mod_proxy.h"
#include "mod_core.h"
+#include "apr_optional.h"
+
extern module AP_MODULE_DECLARE_DATA proxy_module;
#ifndef MAX
@@ -1045,6 +1047,23 @@
{NULL}
};
+APR_DECLARE_OPTIONAL_FN(int, ssl_proxy_enable, (conn_rec *));
+
+static APR_OPTIONAL_FN_TYPE(ssl_proxy_enable) *proxy_ssl_enable = NULL;
+
+int ap_proxy_ssl_enable(conn_rec *c)
+{
+ /*
+ * if c == NULL just check if the optional function was imported
+ * else run the optional function so ssl filters are inserted
+ */
+ if (proxy_ssl_enable) {
+ return c ? proxy_ssl_enable(c) : 1;
+ }
+
+ return 0;
+}
+
static void register_hooks(apr_pool_t *p)
{
/* handler */
@@ -1057,6 +1076,8 @@
ap_hook_fixups(proxy_fixup, NULL, NULL, APR_HOOK_FIRST);
/* post read_request handling */
ap_hook_post_read_request(proxy_detect, NULL, NULL, APR_HOOK_FIRST);
+
+ proxy_ssl_enable = APR_RETRIEVE_OPTIONAL_FN(ssl_proxy_enable);
}
module AP_MODULE_DECLARE_DATA proxy_module =
1.77 +2 -0 httpd-2.0/modules/proxy/mod_proxy.h
Index: mod_proxy.h
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/proxy/mod_proxy.h,v
retrieving revision 1.76
retrieving revision 1.77
diff -u -r1.76 -r1.77
--- mod_proxy.h 13 Mar 2002 20:47:53 -0000 1.76
+++ mod_proxy.h 29 Mar 2002 07:29:11 -0000 1.77
@@ -208,6 +208,7 @@
conn_rec *connection;
char *hostname;
apr_port_t port;
+ int is_ssl;
} proxy_conn_rec;
typedef struct {
@@ -273,5 +274,6 @@
PROXY_DECLARE(void) ap_proxy_reset_output_filters(conn_rec *c);
PROXY_DECLARE(void) ap_proxy_table_unmerge(apr_pool_t *p, apr_table_t *t, char *key);
PROXY_DECLARE(int) ap_proxy_connect_to_backend(apr_socket_t **, const char *, apr_sockaddr_t *, const char *, proxy_server_conf *, server_rec *, apr_pool_t *);
+PROXY_DECLARE(int) ap_proxy_ssl_enable(conn_rec *c);
#endif /*MOD_PROXY_H*/
1.139 +17 -1 httpd-2.0/modules/proxy/proxy_http.c
Index: proxy_http.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/proxy/proxy_http.c,v
retrieving revision 1.138
retrieving revision 1.139
diff -u -r1.138 -r1.139
--- proxy_http.c 21 Mar 2002 12:05:45 -0000 1.138
+++ proxy_http.c 29 Mar 2002 07:29:11 -0000 1.139
@@ -391,6 +391,10 @@
backend->hostname = apr_pstrdup(c->pool, p_conn->name);
backend->port = p_conn->port;
+ if (backend->is_ssl) {
+ ap_proxy_ssl_enable(backend->connection);
+ }
+
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: connection complete to %pI (%s)",
p_conn->addr, p_conn->name);
@@ -937,6 +941,7 @@
char server_portstr[32];
conn_rec *origin = NULL;
proxy_conn_rec *backend = NULL;
+ int is_ssl = 0;
/* Note: Memory pool allocation.
* A downstream keepalive connection is always connected to the existence
@@ -959,7 +964,16 @@
sizeof(*p_conn));
/* is it for us? */
- if (strncasecmp(url, "http:", 5)) {
+ if (strncasecmp(url, "https:", 6) == 0) {
+ if (!ap_proxy_ssl_enable(NULL)) {
+ ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
+ "proxy: HTTPS: declining URL %s"
+ " (mod_ssl not configured?)", url);
+ return DECLINED;
+ }
+ is_ssl = 1;
+ }
+ else if (strncasecmp(url, "http:", 5)) {
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: HTTP: declining URL %s", url);
return DECLINED; /* only interested in HTTP */
@@ -985,6 +999,8 @@
ap_set_module_config(c->conn_config, &proxy_http_module, backend);
}
}
+
+ backend->is_ssl = is_ssl;
/* Step One: Determine Who To Connect To */
status = ap_proxy_http_determine_connection(p, r, p_conn, c, conf, uri,