mod_proxy.c revision 647a99e0e82160a0dc53368c898e3d4744145f17
842ae4bd224140319ae7feec1872b93dfd491143fielding/* Licensed to the Apache Software Foundation (ASF) under one or more
842ae4bd224140319ae7feec1872b93dfd491143fielding * contributor license agreements. See the NOTICE file distributed with
842ae4bd224140319ae7feec1872b93dfd491143fielding * this work for additional information regarding copyright ownership.
842ae4bd224140319ae7feec1872b93dfd491143fielding * The ASF licenses this file to You under the Apache License, Version 2.0
842ae4bd224140319ae7feec1872b93dfd491143fielding * (the "License"); you may not use this file except in compliance with
842ae4bd224140319ae7feec1872b93dfd491143fielding * the License. You may obtain a copy of the License at
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd * Unless required by applicable law or agreed to in writing, software
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd * distributed under the License is distributed on an "AS IS" BASIS,
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd * See the License for the specific language governing permissions and
ce9621257ef9e54c1bbe5ad8a5f445a1f211c2dcnd * limitations under the License.
2d2eda71267231c2526be701fe655db125852c1ffieldingAPR_DECLARE_OPTIONAL_FN(int, ssl_proxy_enable, (conn_rec *));
2d2eda71267231c2526be701fe655db125852c1ffieldingAPR_DECLARE_OPTIONAL_FN(int, ssl_engine_disable, (conn_rec *));
fcc25eda7b150e226d3c1cdaea66a943d3fdee4erbbAPR_DECLARE_OPTIONAL_FN(int, ssl_is_https, (conn_rec *));
2d2eda71267231c2526be701fe655db125852c1ffielding#define MAX(x,y) ((x) >= (y) ? (x) : (y))
52de7a47876ce1748910cf3a0ee97f78842fab54rederpj * A Web proxy module. Stages:
52de7a47876ce1748910cf3a0ee97f78842fab54rederpj * translate_name: set filename to proxy:<URL>
9d129b55f5a43abf43865c6b0eb6dd19bc22aba8ianh * map_to_storage: run proxy_walk (rather than directory_walk/file_walk)
fd492f9543f14fb5bae78e04b135c3448eb9cc56rbb * can't trust directory_walk/file_walk since these are
fd492f9543f14fb5bae78e04b135c3448eb9cc56rbb * not in our filesystem. Prevents mod_http from serving
fd492f9543f14fb5bae78e04b135c3448eb9cc56rbb * the TRACE request we will set aside to handle later.
fd492f9543f14fb5bae78e04b135c3448eb9cc56rbb * fix_ups: convert the URL stored in the filename to the
2d2eda71267231c2526be701fe655db125852c1ffielding * canonical form.
2d2eda71267231c2526be701fe655db125852c1ffielding * handler: handle proxy requests
2d2eda71267231c2526be701fe655db125852c1ffielding/* -------------------------------------------------------------- */
61fd0cab072a05b855cbef9c585702401ac5ae29rbb/* Translate the URL into a 'filename' */
61fd0cab072a05b855cbef9c585702401ac5ae29rbb const char *key,
2d2eda71267231c2526be701fe655db125852c1ffielding const char *val)
50e60f30bdc074fbc887f0b98f4d570457ac97c9brianp /* Normalized load factor. Used with BalancerMamber,
50e60f30bdc074fbc887f0b98f4d570457ac97c9brianp * it is a number between 1 and 100.
50e60f30bdc074fbc887f0b98f4d570457ac97c9brianp if (worker->s->lbfactor < 1 || worker->s->lbfactor > 100)
50e60f30bdc074fbc887f0b98f4d570457ac97c9brianp return "LoadFactor must be a number between 1..100";
50e60f30bdc074fbc887f0b98f4d570457ac97c9brianp /* If set it will give the retry timeout for the worker
8af88bd6958b80c224e964892b8237720b13ab1ajerenkrantz * The default value is 60 seconds, meaning that if
bfb62a96023822c56c9120e4ee627d4091cc59c2rbb * in error state, it will be retried after that timeout.
61fd0cab072a05b855cbef9c585702401ac5ae29rbb return "Retry must be a positive value";
61fd0cab072a05b855cbef9c585702401ac5ae29rbb /* Time in seconds that will destroy all the connections
61fd0cab072a05b855cbef9c585702401ac5ae29rbb * that exceed the smax
61fd0cab072a05b855cbef9c585702401ac5ae29rbb return "TTL must be at least one second";
3d96ee83babeec32482c9082c9426340cee8c44dwrowe /* Initial number of connections to remote
2d2eda71267231c2526be701fe655db125852c1ffielding return "Min must be a positive number";
2d2eda71267231c2526be701fe655db125852c1ffielding /* Maximum number of connections to remote
61fd0cab072a05b855cbef9c585702401ac5ae29rbb return "Max must be a positive number";
7bdef86e15d47d16dcbe7a5611683191774bd5fbgstein /* XXX: More inteligent naming needed */
61fd0cab072a05b855cbef9c585702401ac5ae29rbb /* Maximum number of connections to remote that
61fd0cab072a05b855cbef9c585702401ac5ae29rbb * will not be destroyed
7bdef86e15d47d16dcbe7a5611683191774bd5fbgstein return "Smax must be a positive number";
61fd0cab072a05b855cbef9c585702401ac5ae29rbb /* Acquire timeout in given unit (default is milliseconds).
61fd0cab072a05b855cbef9c585702401ac5ae29rbb * If set this will be the maximum time to
61fd0cab072a05b855cbef9c585702401ac5ae29rbb * wait for a free connection.
3d96ee83babeec32482c9082c9426340cee8c44dwrowe if (ap_timeout_parameter_parse(val, &timeout, "ms") != APR_SUCCESS)
7bdef86e15d47d16dcbe7a5611683191774bd5fbgstein return "Acquire timeout has wrong format";
c9a95767fbf0f5fb0976a06b97a256033925e433rbb return "Acquire must be at least one millisecond";
c9a95767fbf0f5fb0976a06b97a256033925e433rbb /* Connection timeout in seconds.
c9a95767fbf0f5fb0976a06b97a256033925e433rbb * Defaults to server timeout.
d82d78a97558238d16c52ec5278fe921bb7d7ec3brianp return "Timeout must be at least one second";
d82d78a97558238d16c52ec5278fe921bb7d7ec3brianp if (s < 512 && s) {
d82d78a97558238d16c52ec5278fe921bb7d7ec3brianp return "IOBufferSize must be >= 512 bytes, or 0 for system default.";
61fd0cab072a05b855cbef9c585702401ac5ae29rbb return "ReceiveBufferSize must be >= 512 bytes, or 0 for system default.";
61fd0cab072a05b855cbef9c585702401ac5ae29rbb return "KeepAlive must be On|Off";
61fd0cab072a05b855cbef9c585702401ac5ae29rbb return "DisableReuse must be On|Off";
3d96ee83babeec32482c9082c9426340cee8c44dwrowe /* Worker route.
2d2eda71267231c2526be701fe655db125852c1ffielding return "Route length must be < 64 characters";
2d2eda71267231c2526be701fe655db125852c1ffielding /* Worker redirection route.
2d2eda71267231c2526be701fe655db125852c1ffielding return "Redirect length must be < 64 characters";
61fd0cab072a05b855cbef9c585702401ac5ae29rbb const char *v;
61fd0cab072a05b855cbef9c585702401ac5ae29rbb /* Worker status.
61fd0cab072a05b855cbef9c585702401ac5ae29rbb for (v = val; *v; v++) {
61fd0cab072a05b855cbef9c585702401ac5ae29rbb if (*v == '+') {
7bdef86e15d47d16dcbe7a5611683191774bd5fbgstein else if (*v == '-') {
61fd0cab072a05b855cbef9c585702401ac5ae29rbb return "Unknown status parameter option";
62db15de4c1f335a64d45821796ae197cff94ef8rbb return "flushpackets must be on|off|auto";
62db15de4c1f335a64d45821796ae197cff94ef8rbb return "flushwait must be <= 1000, or 0 for system default of 10 millseconds.";
62db15de4c1f335a64d45821796ae197cff94ef8rbb worker->s->flush_wait = ival * 1000; /* change to microseconds */
62db15de4c1f335a64d45821796ae197cff94ef8rbb /* Ping/Pong timeout in given unit (default is second).
9d129b55f5a43abf43865c6b0eb6dd19bc22aba8ianh if (ap_timeout_parameter_parse(val, &timeout, "s") != APR_SUCCESS)
62db15de4c1f335a64d45821796ae197cff94ef8rbb return "Ping/Pong timeout has wrong format";
62db15de4c1f335a64d45821796ae197cff94ef8rbb return "Ping/Pong timeout must be at least one millisecond";
91f0d8da77152d24e4bbb31ce199282b3fd6e3b2coar return "lbset must be between 0 and 99";
91f0d8da77152d24e4bbb31ce199282b3fd6e3b2coar /* Request timeout in given unit (default is second).
91f0d8da77152d24e4bbb31ce199282b3fd6e3b2coar * Defaults to connection timeout
9d129b55f5a43abf43865c6b0eb6dd19bc22aba8ianh if (ap_timeout_parameter_parse(val, &timeout, "s") != APR_SUCCESS)
9d129b55f5a43abf43865c6b0eb6dd19bc22aba8ianh return "Connectiontimeout has wrong format";
9d129b55f5a43abf43865c6b0eb6dd19bc22aba8ianh return "Connectiontimeout must be at least one millisecond.";
91f0d8da77152d24e4bbb31ce199282b3fd6e3b2coar return "flusher name length must be < 16 characters";
91f0d8da77152d24e4bbb31ce199282b3fd6e3b2coar return "unknown Worker parameter";
91f0d8da77152d24e4bbb31ce199282b3fd6e3b2coarstatic const char *set_balancer_param(proxy_server_conf *conf,
91f0d8da77152d24e4bbb31ce199282b3fd6e3b2coar const char *key,
91f0d8da77152d24e4bbb31ce199282b3fd6e3b2coar const char *val)
91f0d8da77152d24e4bbb31ce199282b3fd6e3b2coar /* Balancer sticky session name.
3d96ee83babeec32482c9082c9426340cee8c44dwrowe * Set to something like JSESSIONID or
91f0d8da77152d24e4bbb31ce199282b3fd6e3b2coar * PHPSESSIONID, etc..,
91f0d8da77152d24e4bbb31ce199282b3fd6e3b2coar return "stickysession length must be < 64 characters";
91f0d8da77152d24e4bbb31ce199282b3fd6e3b2coar if ((path = strchr((char *)balancer->s->sticky, '|'))) {
91f0d8da77152d24e4bbb31ce199282b3fd6e3b2coar /* separator/delimiter for sessionid and route,
41287245b1632a4722b55f6dfe5fcf81f361f043wrowe * normally '.'
db08da9ddcd65c31f9ea44b823898b72a1b24fbestoddard return "stickysessionsep must be a single character or Off";
db08da9ddcd65c31f9ea44b823898b72a1b24fbestoddard /* If set to 'on' the session will break
2864362ca8266097928e84f101010bdf814ffa08stoddard * if the worker is in error state or
af7cd2711a9737c0a2aa1b8475455a7dd8ce6113covener * disabled.
2d2eda71267231c2526be701fe655db125852c1ffielding return "failover must be On|Off";
2d2eda71267231c2526be701fe655db125852c1ffielding /* Balancer timeout in seconds.
61fd0cab072a05b855cbef9c585702401ac5ae29rbb * If set this will be the maximum time to
61fd0cab072a05b855cbef9c585702401ac5ae29rbb * wait for a free worker.
61fd0cab072a05b855cbef9c585702401ac5ae29rbb * Default is not to wait.
3d96ee83babeec32482c9082c9426340cee8c44dwrowe return "timeout must be at least one second";
b5c963a560a55d08763229330dc661b16b726da0sf /* Maximum number of failover attempts before
b5c963a560a55d08763229330dc661b16b726da0sf * giving up.
b5c963a560a55d08763229330dc661b16b726da0sf return "maximum number of attempts must be a positive number";
b5c963a560a55d08763229330dc661b16b726da0sf return "unknown lbmethod";
61fd0cab072a05b855cbef9c585702401ac5ae29rbb provider = ap_lookup_provider(PROXY_LBMETHOD, val, "0");
b5c963a560a55d08763229330dc661b16b726da0sf if (PROXY_STRNCPY(balancer->s->lbpname, val) == APR_SUCCESS) {
61fd0cab072a05b855cbef9c585702401ac5ae29rbb return "lbmethod name too large";
61fd0cab072a05b855cbef9c585702401ac5ae29rbb return "unknown lbmethod";
5043abfdca708cb5acb2e43ec4d63b0a68e2012asf /* If set to 'on' then ';' will also be
a6b9ed64fdf548c61de9714e2cfb999ec59d149cgstein * used as a session path separator/delim (ala
aecb17a45c6d3ee4729ed5f68dc4270f211ee7a8fielding return "scolonpathdelim must be On|Off";
aecb17a45c6d3ee4729ed5f68dc4270f211ee7a8fielding balancer->errstatuses = apr_array_make(p, 1, sizeof(int));
2d2eda71267231c2526be701fe655db125852c1ffielding return "failonstatus must be one or more HTTP response codes";
d839a9822ee53ce00da24c15f2d9fe054233d342gstein return "failontimeout must be On|Off";
2d2eda71267231c2526be701fe655db125852c1ffielding if (PROXY_STRNCPY(balancer->s->nonce, val) != APR_SUCCESS) {
61fd0cab072a05b855cbef9c585702401ac5ae29rbb return "Provided nonce is too large";
61fd0cab072a05b855cbef9c585702401ac5ae29rbb return "growth must be between 1 and 100";
61fd0cab072a05b855cbef9c585702401ac5ae29rbb return "forcerecovery must be On|Off";
61fd0cab072a05b855cbef9c585702401ac5ae29rbb return "unknown Balancer parameter";
61fd0cab072a05b855cbef9c585702401ac5ae29rbbstatic int alias_match(const char *uri, const char *alias_fakename)
61fd0cab072a05b855cbef9c585702401ac5ae29rbb const char *end_fakename = alias_fakename + strlen(alias_fakename);
aecb17a45c6d3ee4729ed5f68dc4270f211ee7a8fielding /* any number of '/' in the alias matches any number in
a6b9ed64fdf548c61de9714e2cfb999ec59d149cgstein * the supplied URI, but there must be at least one...
3d96ee83babeec32482c9082c9426340cee8c44dwrowe /* Other characters are compared literally */
61fd0cab072a05b855cbef9c585702401ac5ae29rbb /* fixup badly encoded stuff (e.g. % as last character) */
61fd0cab072a05b855cbef9c585702401ac5ae29rbb /* We reach the end of the uri before the end of "alias_fakename"
a44d29a3794110c558c940bd903a1930d717a7d7sf * for example uri is "/" and alias_fakename "/examples"
a44d29a3794110c558c940bd903a1930d717a7d7sf /* Check last alias path component matched all the way */
a44d29a3794110c558c940bd903a1930d717a7d7sf /* Return number of characters from URI which matched (may be
a44d29a3794110c558c940bd903a1930d717a7d7sf * greater than length of alias, since we may have matched
a44d29a3794110c558c940bd903a1930d717a7d7sf * doubled slashes)
94d240fc213d4a96160d7014633374cc22a204d8trawick/* Detect if an absoluteURI should be proxied or not. Note that we
61fd0cab072a05b855cbef9c585702401ac5ae29rbb * have to do this during this phase because later phases are
61fd0cab072a05b855cbef9c585702401ac5ae29rbb * "short-circuiting"... i.e. translate_names will end when the first
61fd0cab072a05b855cbef9c585702401ac5ae29rbb * module returns OK. So for example, if the request is something like:
3d96ee83babeec32482c9082c9426340cee8c44dwrowe * mod_alias will notice the /cgi-bin part and ScriptAlias it and
2d2eda71267231c2526be701fe655db125852c1ffielding * short-circuit the proxy... just because of the ordering in the
61fd0cab072a05b855cbef9c585702401ac5ae29rbb * configuration file.
61fd0cab072a05b855cbef9c585702401ac5ae29rbb (proxy_server_conf *) ap_get_module_config(sconf, &proxy_module);
61fd0cab072a05b855cbef9c585702401ac5ae29rbb /* Ick... msvc (perhaps others) promotes ternary short results to int */
fd8b91502bc200ed4cca3810560a2a570522b3debrianp /* but it might be something vhosted */
fd8b91502bc200ed4cca3810560a2a570522b3debrianp && !strcasecmp(r->parsed_uri.scheme, ap_http_scheme(r))
fd8b91502bc200ed4cca3810560a2a570522b3debrianp && ap_matches_request_vhost(r, r->parsed_uri.hostname,
fd8b91502bc200ed4cca3810560a2a570522b3debrianp (apr_port_t)(r->parsed_uri.port_str ? r->parsed_uri.port
fd8b91502bc200ed4cca3810560a2a570522b3debrianp r->filename = apr_pstrcat(r->pool, "proxy:", r->uri, NULL);
fd8b91502bc200ed4cca3810560a2a570522b3debrianp /* We need special treatment for CONNECT proxying: it has no scheme part */
4111de96e9f75c58e77c2bdda23be83b8ebf81ccgregames r->filename = apr_pstrcat(r->pool, "proxy:", r->uri, NULL);
fd8b91502bc200ed4cca3810560a2a570522b3debrianpstatic const char *proxy_interpolate(request_rec *r, const char *str)
45613d36b9466a48def0498cffa07f48980720f8jerenkrantz /* Interpolate an env str in a configuration string
fd8b91502bc200ed4cca3810560a2a570522b3debrianp * Syntax ${var} --> value_of(var)
fd8b91502bc200ed4cca3810560a2a570522b3debrianp * Method: replace one var, and recurse on remainder of string
50e60f30bdc074fbc887f0b98f4d570457ac97c9brianp * Nothing clever here, and crap like nested vars may do silly things
45613d36b9466a48def0498cffa07f48980720f8jerenkrantz * but we'll at least avoid sending the unwary into a loop
45613d36b9466a48def0498cffa07f48980720f8jerenkrantz const char *start;
fd8b91502bc200ed4cca3810560a2a570522b3debrianp const char *end;
4111de96e9f75c58e77c2bdda23be83b8ebf81ccgregames const char *var;
4111de96e9f75c58e77c2bdda23be83b8ebf81ccgregames const char *val;
4111de96e9f75c58e77c2bdda23be83b8ebf81ccgregames /* OK, this is syntax we want to interpolate. Is there such a var ? */
344f3bc38dfccf6261d5bb8d689794cde113b3d6coar apr_array_header_t *ret = apr_array_make(r->pool, hdr->nelts,
5a9667916c79d8c699b069068e5570aa1c331c80gstein sizeof (struct proxy_alias));
344f3bc38dfccf6261d5bb8d689794cde113b3d6coar struct proxy_alias *old = (struct proxy_alias *) hdr->elts;
a2930b0b01bfdbaa9e5c3324266bce9ef74158c2jimPROXY_DECLARE(int) ap_proxy_trans_match(request_rec *r, struct proxy_alias *ent,
a2930b0b01bfdbaa9e5c3324266bce9ef74158c2jim const char *fake;
a2930b0b01bfdbaa9e5c3324266bce9ef74158c2jim const char *real;
61fd0cab072a05b855cbef9c585702401ac5ae29rbb const char *use_uri = nocanon ? r->unparsed_uri : r->uri;
61fd0cab072a05b855cbef9c585702401ac5ae29rbb if (dconf && (dconf->interpolate_env == 1) && (ent->flags & PROXYPASS_INTERPOLATE)) {
61fd0cab072a05b855cbef9c585702401ac5ae29rbb if (!ap_regexec(ent->regex, r->uri, AP_MAX_REG_MATCH, regm, 0)) {
7b6ba9c468f26bdb3492d5e8cb79628a3b04e8c8wrowe /* test that we haven't reduced the URI */
7b6ba9c468f26bdb3492d5e8cb79628a3b04e8c8wrowe if (nocanon && ap_regexec(ent->regex, r->unparsed_uri,
a6b9ed64fdf548c61de9714e2cfb999ec59d149cgstein found = ap_pregsub(r->pool, real, use_uri, AP_MAX_REG_MATCH,
61fd0cab072a05b855cbef9c585702401ac5ae29rbb ap_log_rerror(APLOG_MARK, APLOG_CRIT, 0, r, APLOGNO(01135)
61fd0cab072a05b855cbef9c585702401ac5ae29rbb "Substitution in regular expression failed. "
61fd0cab072a05b855cbef9c585702401ac5ae29rbb "Replacement too long?");
fcc25eda7b150e226d3c1cdaea66a943d3fdee4erbb /* Note: The strcmp() below catches cases where there
a6b9ed64fdf548c61de9714e2cfb999ec59d149cgstein * was no regex substitution. This is so cases like:
9d129b55f5a43abf43865c6b0eb6dd19bc22aba8ianh * ProxyPassMatch \.gif balancer://foo
9d129b55f5a43abf43865c6b0eb6dd19bc22aba8ianh * will work "as expected". The upshot is that the 2
fcc25eda7b150e226d3c1cdaea66a943d3fdee4erbb * directives below act the exact same way (ie: $1 is implied):
fcc25eda7b150e226d3c1cdaea66a943d3fdee4erbb * ProxyPassMatch ^(/.*\.gif)$ balancer://foo
fcc25eda7b150e226d3c1cdaea66a943d3fdee4erbb * ProxyPassMatch ^(/.*\.gif)$ balancer://foo$1
fcc25eda7b150e226d3c1cdaea66a943d3fdee4erbb * which may be confusing.
6d00a43be9ab145c89e8cc22bad59e3aa746f761jwoolley found = apr_pstrcat(r->pool, "proxy:", real, use_uri, NULL);
2e75499d05677dd589f7ce6b5139ae15ba049419jerenkrantz if (nocanon && len != alias_match(r->unparsed_uri, ent->fake)) {
fcc25eda7b150e226d3c1cdaea66a943d3fdee4erbb found = apr_pstrcat(r->pool, "proxy:", real, use_uri + len, NULL);
fcc25eda7b150e226d3c1cdaea66a943d3fdee4erbb /* We made a reducing transformation, so we can't safely use
fcc25eda7b150e226d3c1cdaea66a943d3fdee4erbb * unparsed_uri. Safe fallback is to ignore nocanon.
fcc25eda7b150e226d3c1cdaea66a943d3fdee4erbb ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(01136)
fcc25eda7b150e226d3c1cdaea66a943d3fdee4erbb "Unescaped URL path matched ProxyPass; ignoring unsafe nocanon");
fcc25eda7b150e226d3c1cdaea66a943d3fdee4erbb /* mod_proxy_http needs to be told. Different module. */
9d129b55f5a43abf43865c6b0eb6dd19bc22aba8ianh /* someone has already set up the proxy, it was possibly ourselves
9d129b55f5a43abf43865c6b0eb6dd19bc22aba8ianh * in proxy_detect
f5abdb59b6579717b5de18de9de340f4b67d6f26niq if ((r->unparsed_uri[0] == '*' && r->unparsed_uri[1] == '\0')
c2213b3a46a2666e2e7606ceec509cc4978f187fminfrin /* XXX: since r->uri has been manipulated already we're not really
2d2eda71267231c2526be701fe655db125852c1ffielding * compliant with RFC1945 at this point. But this probably isn't
2d2eda71267231c2526be701fe655db125852c1ffielding * an issue because this is a hybrid proxy/origin server.
2d2eda71267231c2526be701fe655db125852c1ffielding dconf = ap_get_module_config(r->per_dir_config, &proxy_module);
return rv;
&proxy_module);
return rv;
return DECLINED;
&proxy_module);
for (j = 0; j < num_sec; ++j)
if (entry_proxy->r
return OK;
int access_status;
return DECLINED;
return access_status;
return OK;
char *url, *p;
int access_status;
&proxy_module);
return DECLINED;
return access_status;
return HTTP_BAD_REQUEST;
char *nuri;
const char *ref;
return DECLINED;
&r->parsed_uri,
return HTTP_MOVED_PERMANENTLY;
const char *p2;
int direct_connect = 0;
const char *str;
return DECLINED;
char *end;
else if (maxfwd == 0) {
switch (r->method_number) {
case M_TRACE: {
int access_status;
return OK;
case M_OPTIONS: {
int access_status;
return OK;
if (maxfwd >= 0) {
return HTTP_METHOD_NOT_ALLOWED;
return HTTP_REQUEST_ENTITY_TOO_LARGE;
if (p == NULL) {
return HTTP_BAD_REQUEST;
return HTTP_MOVED_PERMANENTLY;
!direct_connect; i++) {
#if DEBUGGING
r->uri);
return access_status;
if (!worker)
goto cleanup;
if (balancer) {
if (!direct_connect) {
const char *cl_a;
char *end;
goto cleanup;
if (cl_a) {
if (cl > 0) {
goto cleanup;
goto cleanup;
if (balancer) {
if (balancer) {
goto cleanup;
return access_status;
return ps;
ps->recv_buffer_size = (overrides->recv_buffer_size_set == 0) ? base->recv_buffer_size : overrides->recv_buffer_size;
ps->io_buffer_size = (overrides->io_buffer_size_set == 0) ? base->io_buffer_size : overrides->io_buffer_size;
ps->proxy_status = (overrides->proxy_status_set == 0) ? base->proxy_status : overrides->proxy_status;
ps->source_address = (overrides->source_address_set == 0) ? base->source_address : overrides->source_address;
return ps;
const char *arg)
return NULL;
return (void *) new;
return new;
char *r, *f, *scheme;
int port;
if (regex)
scheme[p-r] = 0;
if (q != NULL) {
if (regex)
if (regex) {
if (!reg)
return NULL;
char *r = NULL;
char *word;
unsigned int flags = 0;
const char *err;
if (err) {
return err;
while (*arg) {
if (is_regex) {
f = word;
r = word;
if (!val) {
if (r == NULL) {
if (apr_fnmatch_test(f)) {
if (use_regex) {
return NULL;
if (!balancer) {
if (err)
if (err)
int reuse = 0;
if (!worker) {
if (err)
if (reuse) {
if (err)
return NULL;
const char *fake;
const char *real;
const char *interp;
const char *err;
if (err) {
return err;
fake = f;
real = r;
interp = i;
real = f;
interp = r;
return NULL;
const char *r, const char *interp)
return NULL;
const char *r, const char *interp)
return NULL;
int found = 0;
if (!found) {
return NULL;
int found = 0;
if (!found) {
#if DEBUGGING
#if DEBUGGING
#if DEBUGGING
#if DEBUGGING
return NULL;
return NULL;
return NULL;
return NULL;
return NULL;
return NULL;
return NULL;
return NULL;
return NULL;
int timeout;
return NULL;
return NULL;
return NULL;
return NULL;
return NULL;
return NULL;
return NULL;
return NULL;
char *word;
int reuse = 0;
if (err)
return err;
while (*arg) {
char *val;
if (!val) {
if (!path)
else if (!name)
if (!path)
if (!name)
if (!balancer) {
if (err)
if (!worker) {
if (reuse) {
if (err)
return NULL;
int in_proxy_section = 0;
if (err)
return err;
if (!balancer) {
if (in_proxy_section) {
if (err)
if (!worker) {
if (in_proxy_section) {
if (err)
while (*arg) {
if (!val) {
if (worker)
if (err)
return NULL;
&proxy_module);
const char *errmsg;
return err;
if (!arg) {
return errmsg;
conf->r = r;
NULL);
NULL);
if (!balancer) {
if (err)
conf->p);
if (!worker) {
if (err)
NULL);
while (*arg) {
if (!val) {
if (worker)
if (err)
return NULL;
{NULL}
if (proxy_ssl_enable) {
if (proxy_ssl_disable) {
return proxy_ssl_disable(c);
if (proxy_is_https) {
return proxy_is_https(c);
const char *var)
if (proxy_ssl_val) {
return NULL;
return rv;
return OK;
return OK;
++worker;
++balancer;
return OK;
if (!reverse) {
s = s->next;
APR_LOCK_DEFAULT, 0);
proxy_lb_workers = 0;
return OK;
/* register optional functions within proxy_util.c */
request_rec *r,
request_rec *r,
(request_rec *r), (r),
(status, r),