mod_proxy.c revision 7708bd70088b64148d7d78fd84ede43ced63c713
252N/A/* ==================================================================== 252N/A * The Apache Software License, Version 1.1 252N/A * Copyright (c) 2000-2001 The Apache Software Foundation. All rights 252N/A * Redistribution and use in source and binary forms, with or without 252N/A * modification, are permitted provided that the following conditions 252N/A * 1. Redistributions of source code must retain the above copyright 252N/A * notice, this list of conditions and the following disclaimer. 252N/A * 2. Redistributions in binary form must reproduce the above copyright 252N/A * notice, this list of conditions and the following disclaimer in 252N/A * the documentation and/or other materials provided with the 252N/A * 3. The end-user documentation included with the redistribution, 252N/A * if any, must include the following acknowledgment: 252N/A * "This product includes software developed by the 252N/A * Alternately, this acknowledgment may appear in the software itself, 252N/A * if and wherever such third-party acknowledgments normally appear. 252N/A * 4. The names "Apache" and "Apache Software Foundation" must 252N/A * not be used to endorse or promote products derived from this 252N/A * software without prior written permission. For written 252N/A * permission, please contact apache@apache.org. 252N/A * 5. Products derived from this software may not be called "Apache", 252N/A * nor may "Apache" appear in their name, without prior written 252N/A * permission of the Apache Software Foundation. 252N/A * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED 252N/A * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 252N/A * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 252N/A * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR 252N/A * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 252N/A * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 252N/A * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 252N/A * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 252N/A * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 252N/A * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 252N/A * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 252N/A * ==================================================================== 252N/A * This software consists of voluntary contributions made by many 252N/A * individuals on behalf of the Apache Software Foundation. For more 252N/A * information on the Apache Software Foundation, please see 252N/A * Portions of this software are based upon public domain software 252N/A * originally written at the National Center for Supercomputing Applications, 252N/A * University of Illinois, Urbana-Champaign. 252N/A * A Web proxy module. Stages: 252N/A * translate_name: set filename to proxy:<URL> 252N/A * type_checker: set type to PROXY_MAGIC_TYPE if filename begins proxy: 252N/A * fix_ups: convert the URL stored in the filename to the 252N/A * handler: handle proxy requests 252N/A/* -------------------------------------------------------------- */ 252N/A/* Translate the URL into a 'filename' */ 252N/A /* any number of '/' in the alias matches any number in 252N/A * the supplied URI, but there must be at least one... 252N/A /* Other characters are compared literally */ 252N/A /* Check last alias path component matched all the way */ 252N/A /* Return number of characters from URI which matched (may be 252N/A * greater than length of alias, since we may have matched 252N/A/* Detect if an absoluteURI should be proxied or not. Note that we 252N/A * have to do this during this phase because later phases are 252N/A * "short-circuiting"... i.e. translate_names will end when the first 252N/A * module returns OK. So for example, if the request is something like: 252N/A * mod_alias will notice the /cgi-bin part and ScriptAlias it and 252N/A * short-circuit the proxy... just because of the ordering in the 252N/A /* but it might be something vhosted */ 252N/A /* We need special treatment for CONNECT proxying: it has no scheme part */ 252N/A /* someone has already set up the proxy, it was possibly ourselves 252N/A /* XXX: since r->uri has been manipulated already we're not really 252N/A * compliant with RFC1945 at this point. But this probably isn't 252N/A/* -------------------------------------------------------------- */ 252N/A/* Fixup the filename */ 252N/A/* canonicalise each specific scheme */ 252N/A return OK;
/* otherwise; we've done the best we can */ 252N/A/* Send a redirection if the request contains a hostname which is not */ 252N/A/* fully qualified, i.e. doesn't have a domain name appended. Some proxy */ 252N/A/* servers like Netscape's allow this and access hosts from the local */ 252N/A/* domain in this case. I think it is better to redirect to a FQDN, since */ 252N/A/* these will later be found in the bookmarks files. */ 252N/A/* The "ProxyDomain" directive determines what domain will be appended */ 252N/A /* We only want to worry about GETs */ 252N/A /* If host does contain a dot already, or it is "localhost", decline */ 252N/A /* Reassemble the request, but insert the domain after the host name */ 252N/A /* Note that the domain name always starts with a dot */ 252N/A "Domain missing: %s sent to %s%s%s", r->
uri,
252N/A/* -------------------------------------------------------------- */ 252N/A "Request for %s, pragma=%s, auth=%s, imstr=%s",
url,
252N/A /* If the host doesn't have a domain name, add one and redirect. */ 252N/A /* Check URI's destination host against NoProxy hosts */ 252N/A /* Bypass ProxyRemote server lookup if configured as NoProxy */ 252N/A /* we only know how to handle communication to a proxy via http */ 252N/A /*if (strcasecmp(scheme, "http") == 0) */ 252N/A/* firstly, try a proxy, unless a NoProxy directive is active */ 252N/A /* CONNECT is a special method that bypasses the normal 252N/A/* we only know how to handle communication to a proxy via http */ 252N/A /* an error or success */ 252N/A /* we failed to talk to the upstream proxy */ 252N/A/* otherwise, try it direct */ 252N/A/* N.B. what if we're behind a firewall, where we must use a proxy or 252N/A /* handle the scheme */ 252N/A "Neither CONNECT, HTTP or FTP for %s",
252N/A/* -------------------------------------------------------------- */ 252N/A/* Setup configurable data */ 252N/A if (p ==
NULL || p[
1] !=
'/' || p[
2] !=
'/' || p[
3] ==
'\0') {
252N/A return "ProxyRemote: Bad syntax for a remote proxy server";
252N/A return "ProxyRemote: Bad syntax for a remote proxy server (bad port number)";
252N/A /* Don't duplicate entries */ 252N/A * Set the ports CONNECT can use 252N/A return "AllowCONNECT: port number must be numeric";
252N/A/* Similar to set_proxy_exclude(), but defining directly connected hosts, 252N/A * which should never be accessed via the configured ProxyRemote servers 252N/A /* Don't duplicate entries */ 252N/A return "ProxyDomain: domain name must start with a dot.";
252N/A if (s <
512 && s != 0) {
252N/A return "ProxyReceiveBufferSize must be >= 512 bytes, or 0 for system default.";
252N/A return "ProxyVia must be one of: " 252N/A "off | on | full | block";
252N/A "on if the true proxy requests should be accepted"),
252N/A "a scheme, partial URL or '*' and a proxy server"),
252N/A "a virtual path and a URL"),
252N/A "a virtual path and a URL for reverse proxy behaviour"),
252N/A "A list of names, hosts or domains to which the proxy will not connect"),
252N/A "Receive buffer size for outgoing HTTP and FTP connections in bytes"),
252N/A "A list of domains, hosts, or subnets to which the proxy will connect directly"),
252N/A "The default intranet domain name (in absence of a domain in the URL)"),
252N/A "A list of ports which CONNECT may connect to"),
252N/A "Configure Via: proxy header header to one of: on | off | block | full"),
252N/A /* filename-to-URI translation */ 252N/A /* post read_request handling */ 252N/A NULL,
/* create per-directory config structure */ 252N/A NULL,
/* merge per-directory config structures */