You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by mt...@apache.org on 2004/09/09 15:03:06 UTC
cvs commit: httpd-2.0/modules/proxy proxy_util.c mod_proxy.h
mturk 2004/09/09 06:03:06
Modified: modules/proxy proxy_util.c mod_proxy.h
Log:
Add sockaddr to proxy_conn_rec. Using the workers address
is unsafe for forward proxy workers, cause unlike reverse
proxies the forward can have each connection with different
remote address.
Revision Changes Path
1.138 +10 -7 httpd-2.0/modules/proxy/proxy_util.c
Index: proxy_util.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/proxy/proxy_util.c,v
retrieving revision 1.137
retrieving revision 1.138
diff -u -r1.137 -r1.138
--- proxy_util.c 9 Sep 2004 10:26:29 -0000 1.137
+++ proxy_util.c 9 Sep 2004 13:03:06 -0000 1.138
@@ -1657,14 +1657,16 @@
uri->fragment ? "#" : "",
uri->fragment ? uri->fragment : "", NULL);
}
-
+
+ /* TODO: add address cache for forward proxies */
+ conn->addr = worker->cp->addr;
if (r->proxyreq == PROXYREQ_PROXY) {
- err = apr_sockaddr_info_get(&(worker->cp->addr),
+ err = apr_sockaddr_info_get(&(conn->addr),
conn->hostname, APR_UNSPEC,
conn->port, 0,
p);
}
- else if (!worker->cp->addr)
+ else if (!worker->cp->addr) {
/* Worker can have the single constant backend adress.
* The single DNS lookup is used once per worker.
* If dynamic change is needed then set the addr to NULL
@@ -1674,7 +1676,8 @@
conn->hostname, APR_UNSPEC,
conn->port, 0,
worker->cp->pool);
-
+ conn->addr = worker->cp->addr;
+ }
if (err != APR_SUCCESS) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY,
apr_pstrcat(p, "DNS lookup failure for: ",
@@ -1693,7 +1696,7 @@
}
/* check if ProxyBlock directive on this host */
- if (OK != ap_proxy_checkproxyblock(r, conf, worker->cp->addr)) {
+ if (OK != ap_proxy_checkproxyblock(r, conf, conn->addr)) {
return ap_proxyerror(r, HTTP_FORBIDDEN,
"Connect to remote machine blocked");
}
@@ -1729,7 +1732,7 @@
apr_status_t rv;
int connected = 0;
int loglevel;
- apr_sockaddr_t *backend_addr = worker->cp->addr;
+ apr_sockaddr_t *backend_addr = conn->addr;
apr_socket_t *newsock;
if (conn->sock) {
@@ -1833,7 +1836,7 @@
server_rec *s)
{
proxy_worker *worker = conn->worker;
- apr_sockaddr_t *backend_addr = worker->cp->addr;
+ apr_sockaddr_t *backend_addr = conn->addr;
/* The socket is now open, create a new backend server connection
*
1.127 +1 -0 httpd-2.0/modules/proxy/mod_proxy.h
Index: mod_proxy.h
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/proxy/mod_proxy.h,v
retrieving revision 1.126
retrieving revision 1.127
diff -u -r1.126 -r1.127
--- mod_proxy.h 9 Sep 2004 10:22:19 -0000 1.126
+++ mod_proxy.h 9 Sep 2004 13:03:06 -0000 1.127
@@ -198,6 +198,7 @@
int is_ssl;
apr_pool_t *pool; /* Subpool used for creating socket */
apr_socket_t *sock; /* Connection socket */
+ apr_sockaddr_t *addr; /* Preparsed remote address info */
apr_uint32_t flags; /* Conection flags */
int close; /* Close 'this' connection */
int close_on_recycle; /* Close the connection when returning to pool */