You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by do...@apache.org on 2002/03/29 08:29:11 UTC

cvs commit: httpd-2.0/modules/proxy mod_proxy.c mod_proxy.h proxy_http.c

dougm       02/03/28 23:29:11

  Modified:    modules/proxy mod_proxy.c mod_proxy.h proxy_http.c
  Log:
  hook into mod_ssl for https support
  
  Revision  Changes    Path
  1.77      +21 -0     httpd-2.0/modules/proxy/mod_proxy.c
  
  Index: mod_proxy.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/proxy/mod_proxy.c,v
  retrieving revision 1.76
  retrieving revision 1.77
  diff -u -r1.76 -r1.77
  --- mod_proxy.c	21 Mar 2002 12:05:45 -0000	1.76
  +++ mod_proxy.c	29 Mar 2002 07:29:11 -0000	1.77
  @@ -61,6 +61,8 @@
   #include "mod_proxy.h"
   #include "mod_core.h"
   
  +#include "apr_optional.h"
  +
   extern module AP_MODULE_DECLARE_DATA proxy_module;
   
   #ifndef MAX
  @@ -1045,6 +1047,23 @@
       {NULL}
   };
   
  +APR_DECLARE_OPTIONAL_FN(int, ssl_proxy_enable, (conn_rec *));
  +
  +static APR_OPTIONAL_FN_TYPE(ssl_proxy_enable) *proxy_ssl_enable = NULL;
  +
  +int ap_proxy_ssl_enable(conn_rec *c)
  +{
  +    /* 
  +     * if c == NULL just check if the optional function was imported
  +     * else run the optional function so ssl filters are inserted
  +     */
  +    if (proxy_ssl_enable) {
  +        return c ? proxy_ssl_enable(c) : 1;
  +    }
  +
  +    return 0;
  +}
  +
   static void register_hooks(apr_pool_t *p)
   {
       /* handler */
  @@ -1057,6 +1076,8 @@
       ap_hook_fixups(proxy_fixup, NULL, NULL, APR_HOOK_FIRST);
       /* post read_request handling */
       ap_hook_post_read_request(proxy_detect, NULL, NULL, APR_HOOK_FIRST);
  +
  +    proxy_ssl_enable = APR_RETRIEVE_OPTIONAL_FN(ssl_proxy_enable);
   }
   
   module AP_MODULE_DECLARE_DATA proxy_module =
  
  
  
  1.77      +2 -0      httpd-2.0/modules/proxy/mod_proxy.h
  
  Index: mod_proxy.h
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/proxy/mod_proxy.h,v
  retrieving revision 1.76
  retrieving revision 1.77
  diff -u -r1.76 -r1.77
  --- mod_proxy.h	13 Mar 2002 20:47:53 -0000	1.76
  +++ mod_proxy.h	29 Mar 2002 07:29:11 -0000	1.77
  @@ -208,6 +208,7 @@
       conn_rec *connection;
       char *hostname;
       apr_port_t port;
  +    int is_ssl;
   } proxy_conn_rec;
   
   typedef struct {
  @@ -273,5 +274,6 @@
   PROXY_DECLARE(void) ap_proxy_reset_output_filters(conn_rec *c);
   PROXY_DECLARE(void) ap_proxy_table_unmerge(apr_pool_t *p, apr_table_t *t, char *key);
   PROXY_DECLARE(int) ap_proxy_connect_to_backend(apr_socket_t **, const char *, apr_sockaddr_t *, const char *, proxy_server_conf *, server_rec *, apr_pool_t *);
  +PROXY_DECLARE(int) ap_proxy_ssl_enable(conn_rec *c);
   
   #endif /*MOD_PROXY_H*/
  
  
  
  1.139     +17 -1     httpd-2.0/modules/proxy/proxy_http.c
  
  Index: proxy_http.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/proxy/proxy_http.c,v
  retrieving revision 1.138
  retrieving revision 1.139
  diff -u -r1.138 -r1.139
  --- proxy_http.c	21 Mar 2002 12:05:45 -0000	1.138
  +++ proxy_http.c	29 Mar 2002 07:29:11 -0000	1.139
  @@ -391,6 +391,10 @@
           backend->hostname = apr_pstrdup(c->pool, p_conn->name);
           backend->port = p_conn->port;
   
  +        if (backend->is_ssl) {
  +            ap_proxy_ssl_enable(backend->connection);
  +        }
  +
           ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
                        "proxy: connection complete to %pI (%s)",
                        p_conn->addr, p_conn->name);
  @@ -937,6 +941,7 @@
       char server_portstr[32];
       conn_rec *origin = NULL;
       proxy_conn_rec *backend = NULL;
  +    int is_ssl = 0;
   
       /* Note: Memory pool allocation.
        * A downstream keepalive connection is always connected to the existence
  @@ -959,7 +964,16 @@
                                              sizeof(*p_conn));
   
       /* is it for us? */
  -    if (strncasecmp(url, "http:", 5)) {
  +    if (strncasecmp(url, "https:", 6) == 0) {
  +        if (!ap_proxy_ssl_enable(NULL)) {
  +            ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
  +                         "proxy: HTTPS: declining URL %s"
  +                         " (mod_ssl not configured?)", url);
  +            return DECLINED;
  +        }
  +        is_ssl = 1;
  +    }
  +    else if (strncasecmp(url, "http:", 5)) {
           ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
                        "proxy: HTTP: declining URL %s", url);
           return DECLINED; /* only interested in HTTP */
  @@ -985,6 +999,8 @@
               ap_set_module_config(c->conn_config, &proxy_http_module, backend);
           }
       }
  +
  +    backend->is_ssl = is_ssl;
   
       /* Step One: Determine Who To Connect To */
       status = ap_proxy_http_determine_connection(p, r, p_conn, c, conf, uri,