mod_proxy_http.c

Checkout Tools
  • last updated 2 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Merge of r1426802,1744460,1829799,1824716,1838318,1840678,1861294

*) easy patches to synch 2.4.x and trunk:

- core: extend description of r->hostname

- mod_proxy_http: Avoid memory allocation before making sure that this handler can handle the URL

- core: Save a few cycles in 'ap_parse_form_data()'

- mod_cache_socache: Save some cycles

- mod_proxy_ftp: Save some cycle

- vhost: move an assignment to the end of the loop to ease readability and please a compiler

- core: Be a little more verbose when an error in trigerred in 'ap_set_file_slot()'

  1. … 8 more files in changeset.
mod_proxy_http: forward 100-continue, and minimize race conditions when

reusing backend connections. PR 60330.

+1: ylavic, icing, jim

ylavic: plus http://svn.apache.org/r1856036 (opt-out)

2.4.x patch: http://people.apache.org/~ylavic/patches/httpd-2.4.x-forward_100_continue-v6.patch

+1: ylavic, jim, minfrin

  1. … 10 more files in changeset.
Merge r1859371, r1859422 from trunk:

mod_proxy/ssl: Proxy SSL client certificate

configuration and other proxy SSL configurations

broken inside <Proxy> context.

PR 63430

Triggered by r1855646+r1855748.

Patch from rpluem (proxy) and ylavic (ssl).

Follow up to r1859371: extend to other ap_proxy_connection_create[_ex]() users.

This function now now handles SSL reuse as well as the "proxy-request-hostname"

note (SNI), so let's also call it unconditionnaly in all proxy modules.

On the mod_ssl side, since this note has the lifetime of the connection, don't

reset/unset it during handshake (ssl_io_filter_handshake).

Submitted by: rjung, ylavic

Reviewed by: rjung, rpluem, ylavic

  1. … 10 more files in changeset.
Merge r1818726 from trunk:

mod_proxy: allow SSLProxyCheckPeer* usage for all proxy modules.

PR 61857.

Proposed by: Markus Gausling <markusgausling googlemail.com>

Reviewed by: ylavic, rjung, rpluem

  1. … 4 more files in changeset.
Merge r1837056 from trunk:

*) http: Enforce consistently no response body with both 204 and 304

statuses. [Yann Ylavic]

  1. … 8 more files in changeset.
Merge r1836381, r1836382, r1836383, r1836386, r1836603 from trunk:

* mod_proxy: Remove load order and link dependency between mod_lbmethod_*

modules and mod_proxy by providing mod_proxy's ap_proxy_balancer_get_best_worker

as an optional function.

PR: 62557

* Remove invalid copy and paste comments

* Always retrieve conditional function. static variable might contain garbage if module was reloaded in a static build.

* Add missing log numbers

* ap_proxy_balancer_get_best_worker cannot be exported and used as an optional

function at the same time. So rename ap_proxy_balancer_get_best_worker to

proxy_balancer_get_best_worker and make it static which is then used as an

optional function and recreate ap_proxy_balancer_get_best_worker as an

exported thin wrapper of proxy_balancer_get_best_worker.

Submitted by: rpluem

Reviewed by: covener, jim, ylavic

  1. … 11 more files in changeset.
Merge r1827362, r1828926, r1828927, r1829557, r1829573, r1829645, r1829657 from trunk:

core: ap_getline_core() reads nothing for n == 0.

PR62199: add worker parameter ResponseFieldSize to mod_proxy

Submitted By: Hank Ibell

Committed By: covener

add log id for r1828926

core: Add and handle AP_GETLINE_NOSPC_EOL flag in ap_rgetline_core().

This tells the ap_getline() family of functions to consume the end of line

when the buffer is exhausted.

PR 62198.

mod_proxy_http: make use of AP_GETLINE_NOSPC_EOL in ap_proxygetline().

Fixes response header thrown away after the previous one was considered too

large and truncated.

PR 62196.

core: forward flags to recursive/folding call to ap_rgetline_core().

We still need them when folding, other than AP_GETLINE_FOLD itself of course.

mod_proxy_http: follow up to r1829573: remain EBCDIC friendly.

Keep using ap_rgetline() as before r1829573, since ap_rgetline_core() is

EBCDIC agnostic.

Submitted by: ylavic, covener, covener, ylavic, ylavic, ylavic, ylavic

Reviewed by: ylavic, covener, rpluem

  1. … 8 more files in changeset.
Merge r1824176, r1824460, r1824482 from trunk:

mod_proxy: Provide an RFC1035 compliant version of the hostname in the

proxy_worker_shared structure. PR62085

Tone down the message that worker hostname is too long noting it only

affects legacy modules not yet using hostname_ex.

Set the notice when hostname is too long for legacy proxy modules to info level.

Submitted by: minfrin

Reviewed by: minfrin, jim, ylavic

  1. … 10 more files in changeset.
  1. … 30 more files in changeset.
Merge of r1750392,r1750412,r1750416,r1750474,r1750494,r1750508 from trunk:

mod_proxy_{http,ajp,fcgi}: don't reuse backend connections with data

available before the request is sent. PR 57832.

  1. … 8 more files in changeset.
mod_proxy_wstunnel, mod_proxy_connect: Use the correct pool and allocator

lifetime when sending brigades and buckets down the filter chain

  1. … 5 more files in changeset.
Merge r1715567, r1715568, r1715570, r1715571, r1715572, r1715576, r1715581, r1715582, r1715583, r1715584, r1715585 from trunk:

Remove some useless 'return' statements.

Remove some useless 'return' statements.

Remove some useless 'return' statements.

Remove some useless 'return' statements.

Remove some useless 'return' statements.

Add a blank line between functions.

Remove some useless 'return' statements.

Fix style and alignment.

Remove some useless 'return' statements.

Fix style.

Remove some useless 'return' statements.

Add a blank line between functions.

Remove some useless 'return' statements.

Remove some useless 'return' statements.

Remove some useless 'return' statements.

Submitted by: jailletc36

Reviewed/backported by: jim

  1. … 14 more files in changeset.
Merge r1602978, r1683044, r1683884, r1673368, r1701717, r1683047 from trunk:

Core filters do not need mod_proxy.h

Small speed optimization when parsing <Limit>, <LimitExcept> and environment variables

Save a few bytes in conf pool

Remove some spaces between some return statements and ';' + fix a strange formating in a 'for' loop

In order to save a few cycles, delay a hash table lookup which is not necessary needed

Constify + save a few bytes in conf pool

Submitted by: ylavic, jailletc36, jailletc36, jailletc36, jailletc36, jailletc36

Reviewed/backported by: jim

  1. … 7 more files in changeset.
Backport r1690137.

Doc and comment fix only

  1. … 11 more files in changeset.
Merge r1681694, r1682907 from trunk:

mod_proxy: Don't put the worker in error state for 500 or 503 errors

returned by the backend unless failonstatus is configured to. PR 56925.

mod_proxy: follow up to r1681694.

Handle the proxy-error-override note also in mod_proxy_ajp.

The note is not needed in mod_proxy_fcgi (which also handles

ProxyErrorOverride) since it calls ap_die() by itself, and always

returns OK to proxy_handler().

Add a comment about the note where used.

Submitted by: ylavic

Reviewed/backported by: jim

  1. … 5 more files in changeset.
core, modules: Avoid error response/document handling by the core if some

handler or input filter already did it while reading the request (causing

a double response body).

Submitted by: ylavic

Backports: r1482522 (partial, ap_map_http_request_error() things only!),

r1529988, r1529991, r1643537, r1643543, r1657897, r1665625,

r1665721, r1674056

Reviewed by: ylavic, minfrin, wrowe

  1. … 26 more files in changeset.
mod_proxy_http: Use the "Connection: close" header for requests to

backends not recycling connections (disablereuse), including the default

reverse and forward proxies.

Submitted by: ylavic (and trawick for an old helper function)

Reviewed by: rjung, covener

  1. … 7 more files in changeset.
Merge r1658760 from trunk:

mod_proxy_http: Don't expect the backend to ack the "Connection: close" to

finally close those not meant to be kept alive by SetEnv proxy-nokeepalive

or force-proxy-request-1.0, and respond with 502 instead of 400 if its

Connection header is invalid.

Submitted by: ylavic

Reviewed/backported by: jim

  1. … 3 more files in changeset.
Merge r1588527 from trunk:

mod_proxy: Preserve original request headers even if they differ

from the ones to be forwarded to the backend. PR 45387.

Submitted by: ylavic

Reviewed/backported by: jim

  1. … 4 more files in changeset.
Merge r1599486 from trunk

mod_proxy_http: Avoid (unlikely) access to freed memory.

Submitted by: ylavic

Reviewed by: ylavic, jorton, rjung

Backported by: jailletc36

  1. … 2 more files in changeset.
Merge r1615289, r1620324 from trunk:

PR53420: Proxy responses with error status and

"ProxyErrorOverride On" hang until proxy timeout.

Regression from 2.2. It was introduced by r912063

in order to fix PR41646.

Switch preference for headers, Transfer-Encoding

first, Content-Length second.

Addition to r1615289.

Submitted by: rjung

Reviewed/backported by: jim

  1. … 3 more files in changeset.
SECURITY: CVE-2013-5704 (cve.mitre.org)

core: HTTP trailers could be used to replace HTTP headers

late during request processing, potentially undoing or

otherwise confusing modules that examined or modified

request headers earlier. Adds "MergeTrailers" directive to restore

legacy behavior.

Submitted by: Edward Lu, Yann Ylavic, Joe Orton, Eric Covener

Backports: r1610814

Reviewed by: covener, wrowe, ylavic

  1. … 11 more files in changeset.
Merge r1572561 from trunk:

Avoid useless functions calls.

Submitted by: ylavic

Reviewed/backported by: jim

  1. … 3 more files in changeset.
Merge r1546730, r1583008, r1571369, r1552130, r1578760, r1592615, r1592632, r1595321, r1550302, r1550307, r1585435 from trunk:

fix whitespace in a debug message

s/comment/self-documenting/

normalize an ugly construct which somehow manages to return the correct value

This is annoying to see in a casual "LogLevel debug foo:traceX ..."

Use 'apr_table_setn' instead of 'apr_table_set' when possible in order to save memory.

Follow-up to r1592529:

Define default port for "scgi" schemes (as chosen by

mod_proxy_scgi) in a common location.

Suggested by: jailletc36

fix Doxygen markup error

Submitted by: jailletc36

Tweak a AP_DEBUG_ASSERT condition.

Valid index to use 'req_header_var_names' are 0...6

mod_auth_form: Add a debug message when the fields on a form are not

recognised.

mod_auth_form: Make the trace logging consistent through the notes, session

and form authentication steps.

mod_auth_form: update empty log tags.

Submitted by: trawick, covener, jailletc36, trawick, trawick, jailletc36, minfrin, minfrin, ylavic

Reviewed/backported by: jim

  1. … 11 more files in changeset.
Merge r1572630, r1572611, r1572967, r1573229 from trunk:

Redo what was reverted in r1572627.

Don't reuse a SSL backend connection whose SNI differs. PR 55782.

This may happen when ProxyPreserveHost is on and the proxy-worker

handles connections to different Hosts.

Follows up r1572606.

MMN minor bump required by proxy_conn_rec change.

mod_proxy: follows up r1572630.

Don't reuse a SSL backend connection with no SNI for a request requiring SNI.

mod_proxy: Add comment and avoid ternary operator as condition (no functional change).

Submitted by: ylavic

Reviewed/backported by: jim

  1. … 5 more files in changeset.
Typo in comment (was r1575958)
Merge r1568404 from trunk:

mod_proxy_http: don't recycle backend connections known to be closed (eg. EOS by close).

This saves a useless ap_is_socket_connected() call when reused.

Submitted by: ylavic

Reviewed/backported by: jim

  1. … 2 more files in changeset.
Merge r1570598 from trunk:

Log an error in mod_proxy_http when reading the request body fails.

Follow-up to r1538776 where incomplete bodies are detected and an error returned through the input filters.

Submitted by: ylavic

Reviewed/backported by: jim

  1. … 2 more files in changeset.
Merge r1542562 from trunk:

We were not being consistent between http and others

if we added the default port or not during the canonizing

phase... Baseline the http method (don't add unless the

port provided isn't the default).

Reviewed/backported by: jim

  1. … 12 more files in changeset.
mod_proxy_http: Core dumped under high load. PR 50335

trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1534321

http://svn.apache.org/viewvc?view=revision&revision=1550061

Submitted by: Jan Kaluza <jkaluza redhat.com>

Reviewed by: jim, jorton, minfrin

  1. … 3 more files in changeset.