You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Michael Douglass <mi...@texas.net> on 1998/01/22 06:28:20 UTC
construct_url hardcoding "http" [was: solution to 'mod_rewrite.c wierdness' => mod_dir.c]
On Wed, Jan 21, 1998 at 11:06:53PM -0600, Michael Douglass said:
> ! char *construct_url(pool *p, const char *uri, const request_rec *r) {
> return pstrcat (p, "http://",
> ! construct_server(p, r->hostname ? r->hostname :
> ! r->server->server_hostname,
> ! r->server->port),
> uri, NULL);
> }
Oh, and I meant to raise a question about the way construct_url hardcoded
http:// into the string. I've noted throughtout the source in other
locations that this piece is #ifdef(ed) for SSL use, etc. Should it not
be the case here?
--
Michael Douglass
Texas Networking, Inc.
<tnet admin> anyway, I'm off, perl code is making me [a] crosseyed toady
Re: construct_url hardcoding "http" [was: solution to 'mod_rewrite.c wierdness' => mod_dir.c]
Posted by Ben Laurie <be...@algroup.co.uk>.
Michael Douglass wrote:
>
> On Fri, Jan 23, 1998 at 11:06:52AM +0000, Ben Laurie said:
>
> > Well, the way Apache-SSL does this is it assumes that appropriate type
> > can be deduced from the request_rec. This means (if memory serves, but
> > feel free to check the code) that construct_url takes the wrong
> > arguments.
>
> Well, the current version of construct_url does; my modified version (which
> was submitted to new-httpd) and dean's subsequent 'suggested' version takes
> the request_rec in place of the server_rec (the request_rec holds a pointer
> to the current server_rec).
Which, as it happens, is what Apache-SSL does. What a coincidence :-)
Cheers,
Ben.
--
Ben Laurie |Phone: +44 (181) 735 0686|Apache Group member
Freelance Consultant |Fax: +44 (181) 735 0689|http://www.apache.org
and Technical Director|Email: ben@algroup.co.uk |Apache-SSL author
A.L. Digital Ltd, |http://www.algroup.co.uk/Apache-SSL
London, England. |"Apache: TDG" http://www.ora.com/catalog/apache
Re: construct_url hardcoding "http" [was: solution to 'mod_rewrite.c wierdness' => mod_dir.c]
Posted by Michael Douglass <mi...@texas.net>.
On Fri, Jan 23, 1998 at 11:06:52AM +0000, Ben Laurie said:
> Well, the way Apache-SSL does this is it assumes that appropriate type
> can be deduced from the request_rec. This means (if memory serves, but
> feel free to check the code) that construct_url takes the wrong
> arguments.
Well, the current version of construct_url does; my modified version (which
was submitted to new-httpd) and dean's subsequent 'suggested' version takes
the request_rec in place of the server_rec (the request_rec holds a pointer
to the current server_rec).
So this is doable. :)
--
Michael Douglass
Texas Networking, Inc.
<tnet admin> anyway, I'm off, perl code is making me [a] crosseyed toady
Re: construct_url hardcoding "http" [was: solution to 'mod_rewrite.c wierdness' => mod_dir.c]
Posted by Ben Laurie <be...@algroup.co.uk>.
Michael Douglass wrote:
>
> On Thu, Jan 22, 1998 at 07:51:44AM -0500, Jim Jagielski said:
>
> > The "official" Apache source has to be stupidly safe about the US's
> > export control laws wrt SSL and encryption :/
>
> Okay.... can it be sneaky by storing the connection time in the
> request_rec (or does it already do so?) so you could just do
> something like:
>
> pstrcat( p, r->connection_protocol, "://", construct_server ... );
>
> This way you are simply duplicating the incoming protocol. :)
Well, the way Apache-SSL does this is it assumes that appropriate type
can be deduced from the request_rec. This means (if memory serves, but
feel free to check the code) that construct_url takes the wrong
arguments.
Cheers,
Ben.
--
Ben Laurie |Phone: +44 (181) 735 0686|Apache Group member
Freelance Consultant |Fax: +44 (181) 735 0689|http://www.apache.org
and Technical Director|Email: ben@algroup.co.uk |Apache-SSL author
A.L. Digital Ltd, |http://www.algroup.co.uk/Apache-SSL
London, England. |"Apache: TDG" http://www.ora.com/catalog/apache
Re: construct_url hardcoding "http" [was: solution to 'mod_rewrite.c wierdness' => mod_dir.c]
Posted by Michael Douglass <mi...@texas.net>.
On Thu, Jan 22, 1998 at 07:51:44AM -0500, Jim Jagielski said:
> The "official" Apache source has to be stupidly safe about the US's
> export control laws wrt SSL and encryption :/
Okay.... can it be sneaky by storing the connection time in the
request_rec (or does it already do so?) so you could just do
something like:
pstrcat( p, r->connection_protocol, "://", construct_server ... );
This way you are simply duplicating the incoming protocol. :)
--
Michael Douglass
Texas Networking, Inc.
<tnet admin> anyway, I'm off, perl code is making me [a] crosseyed toady
Re: construct_url hardcoding "http" [was: solution to 'mod_rewrite.c wierdness' => mod_dir.c]
Posted by Michael Douglass <mi...@texas.net>.
On Wed, Jan 21, 1998 at 10:30:51PM -0700, Marc Slemko said:
> It isn't ifdefed in other places. Well, mod_rewrite is the only place and
> it is somewhat modern. The reason for this is that the US gov't is
> moronic. Such code could be considered hooks for encryption and be export
> restricted.
*eyes rolling to back of head*... Tell me about it, I sincerely
wish the US government would get it's head out of it's arse. :)
It's not like the encryption schemes are not _ALREADY_ outside of
the US... I'm so confused by our governement sometimes until I
think about how the whole world runs.... It's all run by people
who haven't got a friggen clue one as to how this stuff even works...
*sigh*
For those Monty Python lovers out there:
"Help, help! I'm being repressed!!!"
--
Michael Douglass
Texas Networking, Inc.
<tnet admin> anyway, I'm off, perl code is making me [a] crosseyed toady
Re: construct_url hardcoding "http" [was: solution to 'mod_rewrite.c wierdness' => mod_dir.c]
Posted by Marc Slemko <ma...@worldgate.com>.
On Wed, 21 Jan 1998, Michael Douglass wrote:
> On Wed, Jan 21, 1998 at 11:06:53PM -0600, Michael Douglass said:
>
> > ! char *construct_url(pool *p, const char *uri, const request_rec *r) {
> > return pstrcat (p, "http://",
> > ! construct_server(p, r->hostname ? r->hostname :
> > ! r->server->server_hostname,
> > ! r->server->port),
> > uri, NULL);
> > }
>
> Oh, and I meant to raise a question about the way construct_url hardcoded
> http:// into the string. I've noted throughtout the source in other
> locations that this piece is #ifdef(ed) for SSL use, etc. Should it not
> be the case here?
It isn't ifdefed in other places. Well, mod_rewrite is the only place and
it is somewhat modern. The reason for this is that the US gov't is
moronic. Such code could be considered hooks for encryption and be export
restricted.
Now, the current way of the world is somewhat less anal about such things
so they would probably be ok, but...
How about everyone moves up here to Canada then we can do real SSL support
as a part of the base distribution and avoid all the crap.