mod_proxy.c revision d9efe39afed3db4bbdc32e40ddb67075c56e689d
/* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "mod_proxy.h"
#include "mod_core.h"
#include "apr_optional.h"
#include "scoreboard.h"
#include "mod_status.h"
#if (MODULE_MAGIC_NUMBER_MAJOR > 20020903)
#include "mod_ssl.h"
#else
APR_DECLARE_OPTIONAL_FN(char *, ssl_var_lookup,
(apr_pool_t *, server_rec *,
conn_rec *, request_rec *, char *));
#endif
#ifndef MAX
#define MAX(x,y) ((x) >= (y) ? (x) : (y))
#endif
/* return the sizeof of one lb_worker in scoreboard. */
static int ap_proxy_lb_worker_size(void)
{
return sizeof(proxy_worker_stat);
}
/*
* A Web proxy module. Stages:
*
* translate_name: set filename to proxy:<URL>
* map_to_storage: run proxy_walk (rather than directory_walk/file_walk)
* can't trust directory_walk/file_walk since these are
* not in our filesystem. Prevents mod_http from serving
* the TRACE request we will set aside to handle later.
* type_checker: set type to PROXY_MAGIC_TYPE if filename begins proxy:
* fix_ups: convert the URL stored in the filename to the
* canonical form.
* handler: handle proxy requests
*/
/* -------------------------------------------------------------- */
/* Translate the URL into a 'filename' */
#define PROXY_COPY_CONF_PARAMS(w, c) \
do { \
(w)->timeout_set = (c)->timeout_set; \
(w)->recv_buffer_size = (c)->recv_buffer_size; \
(w)->recv_buffer_size_set = (c)->recv_buffer_size_set; \
(w)->io_buffer_size = (c)->io_buffer_size; \
(w)->io_buffer_size_set = (c)->io_buffer_size_set; \
} while (0)
static const char *set_worker_param(apr_pool_t *p,
const char *key,
const char *val)
{
int ival;
/* Normalized load factor. Used with BalancerMamber,
* it is a number between 1 and 100.
*/
return "LoadFactor must be number between 1..100";
}
/* If set it will give the retry timeout for the worker
* The default value is 60 seconds, meaning that if
* in error state, it will be retried after that timeout.
*/
if (ival < 0)
return "Retry must be a positive value";
}
/* Time in seconds that will destroy all the connections
* that exced the smax
*/
if (ival < 1)
return "TTL must be at least one second";
}
/* Initial number of connections to remote
*/
if (ival < 0)
return "Min must be a positive number";
}
/* Maximum number of connections to remote
*/
if (ival < 0)
return "Max must be a positive number";
}
/* XXX: More inteligent naming needed */
/* Maximum number of connections to remote that
* will not be destroyed
*/
if (ival < 0)
return "Smax must be a positive number";
}
/* Acquire timeout in milliseconds.
* If set this will be the maximum time to
* wait for a free connection.
*/
if (ival < 1)
return "Acquire must be at least one mili second";
}
/* Connection timeout in seconds.
* Defaults to server timeout.
*/
if (ival < 1)
return "Timeout must be at least one second";
}
}
return "ReceiveBufferSize must be >= 512 bytes, or 0 for system default.";
}
}
else
return "KeepAlive must be On|Off";
}
worker->disablereuse = 0;
else
return "DisableReuse must be On|Off";
}
/* Worker route.
*/
return "Route length must be < 64 characters";
}
/* Worker redirection route.
*/
return "Redirect length must be < 64 characters";
}
const char *v;
int mode = 1;
/* Worker status.
*/
for (v = val; *v; v++) {
if (*v == '+') {
mode = 1;
v++;
}
else if (*v == '-') {
mode = 0;
v++;
}
if (*v == 'D' || *v == 'd') {
if (mode)
else
}
else if (*v == 'S' || *v == 's') {
if (mode)
else
}
else if (*v == 'E' || *v == 'e') {
if (mode)
else
}
else if (*v == 'H' || *v == 'h') {
if (mode)
else
}
else if (*v == 'I' || *v == 'i') {
if (mode)
else
}
else {
return "Unknown status parameter option";
}
}
}
else
return "flushpackets must be on|off|auto";
}
return "flushwait must be <= 1000, or 0 for system default of 10 millseconds.";
}
if (ival == 0)
else
}
*/
if (ival < 1)
}
return "lbset must be between 0 and 99";
}
else {
return "unknown Worker parameter";
}
return NULL;
}
apr_pool_t *p,
const char *key,
const char *val)
{
int ival;
char *path;
/* Balancer sticky session name.
* Set to something like JSESSIONID or
* PHPSESSIONID, etc..,
*/
*path++ = '\0';
}
}
/* If set to 'on' the session will break
* if the worker is in error state or
* disabled.
*/
balancer->sticky_force = 0;
else
return "failover must be On|Off";
}
/* Balancer timeout in seconds.
* If set this will be the maximum time to
* wait for a free worker.
* Default is not to wait.
*/
if (ival < 1)
return "timeout must be at least one second";
}
/* Maximum number of failover attempts before
* giving up.
*/
if (ival < 0)
return "maximum number of attempts must be a positive number";
}
if (provider) {
return NULL;
}
return "unknown lbmethod";
}
else {
return "unknown Balancer parameter";
}
return NULL;
}
{
if (*aliasp == '/') {
/* any number of '/' in the alias matches any number in
* the supplied URI, but there must be at least one...
*/
if (*urip != '/')
return 0;
while (*aliasp == '/')
++aliasp;
while (*urip == '/')
++urip;
}
else {
/* Other characters are compared literally */
return 0;
}
}
/* fixup badly encoded stuff (e.g. % as last character) */
if (aliasp > end_fakename) {
}
}
/* We reach the end of the uri before the end of "alias_fakename"
* for example uri is "/" and alias_fakename "/examples"
*/
return 0;
}
/* Check last alias path component matched all the way */
return 0;
/* Return number of characters from URI which matched (may be
* greater than length of alias, since we may have matched
* doubled slashes)
*/
}
/* Detect if an absoluteURI should be proxied or not. Note that we
* have to do this during this phase because later phases are
* "short-circuiting"... i.e. translate_names will end when the first
* module returns OK. So for example, if the request is something like:
*
* GET http://othervhost/cgi-bin/printenv HTTP/1.0
*
* mod_alias will notice the /cgi-bin part and ScriptAlias it and
* short-circuit the proxy... just because of the ordering in the
* configuration file.
*/
static int proxy_detect(request_rec *r)
{
/* Ick... msvc (perhaps others) promotes ternary short results to int */
/* but it might be something vhosted */
if (!(r->parsed_uri.hostname
: ap_default_port(r))))) {
r->proxyreq = PROXYREQ_PROXY;
r->uri = r->unparsed_uri;
r->handler = "proxy-server";
}
}
/* We need special treatment for CONNECT proxying: it has no scheme part */
&& r->parsed_uri.hostname
&& r->parsed_uri.port_str) {
r->proxyreq = PROXYREQ_PROXY;
r->uri = r->unparsed_uri;
r->handler = "proxy-server";
}
return DECLINED;
}
{
/* Interpolate an env str in a configuration string
* Syntax ${var} --> value_of(var)
* Method: replace one var, and recurse on remainder of string
* Nothing clever here, and crap like nested vars may do silly things
* but we'll at least avoid sending the unwary into a loop
*/
const char *start;
const char *end;
const char *var;
const char *val;
const char *firstpart;
return str;
}
return str;
}
/* OK, this is syntax we want to interpolate. Is there such a var ? */
}
else {
}
}
{
int i;
sizeof (struct proxy_alias));
}
return ret;
}
static int proxy_trans(request_rec *r)
{
int i, len;
&proxy_module);
const char *fake;
const char *real;
int mismatch = 0;
if (r->proxyreq) {
/* someone has already set up the proxy, it was possibly ourselves
* in proxy_detect
*/
return OK;
}
/* XXX: since r->uri has been manipulated already we're not really
* compliant with RFC1945 at this point. But this probably isn't
*/
}
else {
}
return DECLINED;
}
/* test that we haven't reduced the URI */
AP_MAX_REG_MATCH, reg1, 0)) {
mismatch = 1;
}
/* Note: The strcmp() below catches cases where there
* was no regex substitution. This is so cases like:
*
* ProxyPassMatch \.gif balancer://foo
*
* will work "as expected". The upshot is that the 2
* directives below act the exact same way (ie: $1 is implied):
*
* ProxyPassMatch ^(/.*\.gif)$ balancer://foo
* ProxyPassMatch ^(/.*\.gif)$ balancer://foo$1
*
* which may be confusing.
*/
}
else {
}
}
}
else {
if (len != 0) {
return DECLINED;
}
if (nocanon
mismatch = 1;
}
}
}
if (mismatch) {
/* We made a reducing transformation, so we can't safely use
* unparsed_uri. Safe fallback is to ignore nocanon.
*/
"Unescaped URL path matched ProxyPass; ignoring unsafe nocanon");
}
if (found) {
r->handler = "proxy-server";
r->proxyreq = PROXYREQ_REVERSE;
/* mod_proxy_http needs to be told. Different module. */
}
return OK;
}
}
return DECLINED;
}
static int proxy_walk(request_rec *r)
{
&proxy_module);
/* XXX: shouldn't we use URI here? Canonicalize it first?
* Pass over "proxy:" prefix
*/
int j;
for (j = 0; j < num_sec; ++j)
{
entry_config = sec_proxy[j];
/* XXX: What about case insensitive matching ???
* Compare regex, fnmatch or string as appropriate
* If the entry doesn't relate, then continue
*/
if (entry_proxy->r
strlen(entry_proxy->p)))) {
continue;
}
}
return OK;
}
static int proxy_map_location(request_rec *r)
{
int access_status;
return DECLINED;
/* Don't let the core or mod_http map_to_storage hooks handle this,
*/
if ((access_status = proxy_walk(r))) {
ap_die(access_status, r);
return access_status;
}
return OK;
}
/* -------------------------------------------------------------- */
/* Fixup the filename */
/*
* Canonicalise the URL
*/
static int proxy_fixup(request_rec *r)
{
char *url, *p;
int access_status;
&proxy_module);
return DECLINED;
/* XXX: Shouldn't we try this before we run the proxy_walk? */
/* create per-request copy of reverse proxy conf,
* and interpolate vars in it
*/
}
/* canonicalise each specific scheme */
return access_status;
}
return HTTP_BAD_REQUEST;
return OK; /* otherwise; we've done the best we can */
}
/* Send a redirection if the request contains a hostname which is not */
/* fully qualified, i.e. doesn't have a domain name appended. Some proxy */
/* servers like Netscape's allow this and access hosts from the local */
/* domain in this case. I think it is better to redirect to a FQDN, since */
/* these will later be found in the bookmarks files. */
/* The "ProxyDomain" directive determines what domain will be appended */
{
char *nuri;
const char *ref;
/* We only want to worry about GETs */
return DECLINED;
/* If host does contain a dot already, or it is "localhost", decline */
return DECLINED; /* host name has a dot already */
/* Reassemble the request, but insert the domain after the host name */
/* Note that the domain name always starts with a dot */
&r->parsed_uri,
"Domain missing: %s sent to %s%s%s", r->uri,
return HTTP_MOVED_PERMANENTLY;
}
/* -------------------------------------------------------------- */
/* Invoke handler */
static int proxy_handler(request_rec *r)
{
const char *p2;
int i, rc, access_status;
int direct_connect = 0;
const char *str;
long maxfwd;
int attempts = 0, max_attempts = 0;
/* is this for us? */
return DECLINED;
/* handle max-forwards / OPTIONS / TRACE */
if (maxfwd < 1) {
switch (r->method_number) {
case M_TRACE: {
int access_status;
r->proxyreq = PROXYREQ_NONE;
if ((access_status = ap_send_http_trace(r)))
ap_die(access_status, r);
else
return OK;
}
case M_OPTIONS: {
int access_status;
r->proxyreq = PROXYREQ_NONE;
if ((access_status = ap_send_http_options(r)))
ap_die(access_status, r);
else
return OK;
}
default: {
return ap_proxyerror(r, HTTP_BAD_GATEWAY,
"Max-Forwards has reached zero - proxy loop?");
}
}
}
}
else {
/* set configured max-forwards */
}
if (maxfwd >= 0) {
}
if (r->method_number == M_TRACE) {
{
/* Allow "error-notes" string to be printed by ap_send_error_response()
* Note; this goes nowhere, canned error response need an overhaul.
*/
"TRACE forbidden by server configuration");
"proxy: TRACE forbidden by server configuration");
return HTTP_METHOD_NOT_ALLOWED;
}
/* Can't test ap_should_client_block, we aren't ready to send
* the client a 100 Continue response till the connection has
* been established
*/
{
/* Allow "error-notes" string to be printed by ap_send_error_response()
* Note; this goes nowhere, canned error response need an overhaul.
*/
"TRACE with request body is not allowed");
"proxy: TRACE with request body is not allowed");
return HTTP_REQUEST_ENTITY_TOO_LARGE;
}
}
if (p == NULL) {
"proxy_handler no URL in %s", r->filename);
return HTTP_BAD_REQUEST;
}
/* If the host doesn't have a domain name, add one and redirect. */
if (ap_is_HTTP_REDIRECT(rc))
return HTTP_MOVED_PERMANENTLY;
}
/* Check URI's destination host against NoProxy hosts */
/* Bypass ProxyRemote server lookup if configured as NoProxy */
!direct_connect; i++) {
}
#if DEBUGGING
r->uri);
#endif
do {
/* Try to obtain the most suitable worker */
if (access_status != OK) {
/*
* Only return if access_status is not HTTP_SERVICE_UNAVAILABLE
* This gives other modules the chance to hook into the
* request_status hook and decide what to do in this situation.
*/
return access_status;
/*
* Ensure that balancer is NULL if worker is NULL to prevent
* potential problems in the post_request hook.
*/
if (!worker)
goto cleanup;
}
/* firstly, try a proxy, unless a NoProxy directive is active */
if (!direct_connect) {
/* handle the scheme */
"Trying to run scheme_handler against proxy");
/* Did the scheme handler process the request? */
if (access_status != DECLINED) {
const char *cl_a;
char *end;
/*
* An fatal error or success, so no point in
* retrying with a direct connection.
*/
if (access_status != HTTP_BAD_GATEWAY) {
goto cleanup;
}
if (cl_a) {
/*
* The request body is of length > 0. We cannot
* retry with a direct connection since we already
* sent (parts of) the request body to the proxy
* and do not have any longer.
*/
if (cl > 0) {
goto cleanup;
}
}
/*
* Transfer-Encoding was set as input header, so we had
* a request body. We cannot retry with a direct
* connection for the same reason as above.
*/
goto cleanup;
}
}
}
}
}
/* otherwise, try it direct */
/* N.B. what if we're behind a firewall, where we must use a proxy or
* give up??
*/
/* handle the scheme */
"Running scheme %s handler (attempt %d)",
if (access_status == OK)
break;
else if (access_status == HTTP_INTERNAL_SERVER_ERROR) {
/* Unrecoverable server error.
* We can not failover to another worker.
* Mark the worker as unusable if member of load balancer
*/
if (balancer)
break;
}
else if (access_status == HTTP_SERVICE_UNAVAILABLE) {
/* Recoverable server error.
* We can failover to another worker
* Mark the worker as unusable if member of load balancer
*/
if (balancer) {
}
}
else {
/* Unrecoverable error.
* Return the origin status code to the client.
*/
break;
}
/* Try again if the worker is unusable and the service is
* unavailable.
*/
} while (!PROXY_WORKER_IS_USABLE(worker) &&
max_attempts > attempts++);
if (DECLINED == access_status) {
"proxy: No protocol handler was valid for the URL %s. "
"If you are using a DSO version of mod_proxy, make sure "
"the proxy submodules are included in the configuration "
"using LoadModule.", r->uri);
goto cleanup;
}
return access_status;
}
/* -------------------------------------------------------------- */
/* Setup configurable data */
{
ps->recv_buffer_size_set = 0;
ps->io_buffer_size_set = 0;
ps->maxfwd_set = 0;
ps->error_override = 0;
ps->error_override_set = 0;
ps->preserve_host_set = 0;
ps->preserve_host = 0;
ps->timeout_set = 0;
ps->badopt_set = 0;
return ps;
}
{
ps->allowed_connect_ports = apr_array_append(p, base->allowed_connect_ports, overrides->allowed_connect_ports);
ps->recv_buffer_size = (overrides->recv_buffer_size_set == 0) ? base->recv_buffer_size : overrides->recv_buffer_size;
ps->io_buffer_size = (overrides->io_buffer_size_set == 0) ? base->io_buffer_size : overrides->io_buffer_size;
ps->error_override = (overrides->error_override_set == 0) ? base->error_override : overrides->error_override;
ps->preserve_host = (overrides->preserve_host_set == 0) ? base->preserve_host : overrides->preserve_host;
ps->proxy_status = (overrides->proxy_status_set == 0) ? base->proxy_status : overrides->proxy_status;
return ps;
}
{
/* Filled in by proxysection, when applicable */
/* Put these in the dir config so they work inside <Location> */
return (void *) new;
}
{
/* Put these in the dir config so they work inside <Location> */
: add->interpolate_env;
return new;
}
static const char *
{
struct proxy_remote *new;
char *p, *q;
char *r, *f, *scheme;
int port;
p = strchr(r, ':');
if (regex)
return "ProxyRemoteMatch: Bad syntax for a remote proxy server";
else
return "ProxyRemote: Bad syntax for a remote proxy server";
}
else {
scheme[p-r] = 0;
}
if (q != NULL) {
if (regex)
return "ProxyRemoteMatch: Bad syntax for a remote proxy server (bad port number)";
else
return "ProxyRemote: Bad syntax for a remote proxy server (bad port number)";
}
*q = '\0';
}
else
port = -1;
*p = '\0';
if (regex) {
if (!reg)
return "Regular expression for ProxyRemoteMatch could not be compiled.";
}
else
ap_str_tolower(f); /* lowercase scheme */
if (port == -1) {
}
return NULL;
}
static const char *
{
}
static const char *
{
}
static const char *
{
struct proxy_alias *new;
char *r = NULL;
char *word;
const apr_array_header_t *arr;
const apr_table_entry_t *elts;
int i;
unsigned int flags = 0;
while (*arg) {
if (!f) {
if (is_regex) {
return "ProxyPassMatch invalid syntax ('~' usage).";
}
use_regex = 1;
continue;
}
f = word;
}
else if (!r) {
r = word;
}
}
}
else {
if (!val) {
if (*r == '/') {
return "ProxyPass|ProxyPassMatch can not have a path when defined in "
"a location.";
}
else {
return "Invalid ProxyPass|ProxyPassMatch parameter. Parameter must "
"be in the form 'key=value'.";
}
}
else {
return "Invalid ProxyPass|ProxyPassMatch parameter. Parameter must be "
"in the form 'key=value'.";
}
}
else
*val++ = '\0';
}
};
if (r == NULL)
return "ProxyPass|ProxyPassMatch needs a path when not defined in a location";
if (use_regex) {
return "Regular expression could not be compiled.";
}
else {
}
if (r[0] == '!' && r[1] == '\0')
return NULL;
/* Distinguish the balancer from worker */
if (!balancer) {
conf, r);
if (err)
}
if (err)
}
}
else {
if (!worker) {
if (err)
} else {
}
if (err)
}
}
return NULL;
}
static const char *
{
}
static const char *
{
}
const char *r, const char *i)
{
struct proxy_alias *new;
const char *fake;
const char *real;
const char *interp;
fake = f;
real = r;
interp = i;
return "ProxyPassReverse needs a path when not defined in a location";
}
}
else {
real = f;
if (r && strcasecmp(r, "interpolate")) {
return "ProxyPassReverse can not have a path when defined in a location";
}
interp = r;
}
return NULL;
}
const char *r, const char *interp)
{
struct proxy_alias *new;
return NULL;
}
const char *r, const char *interp)
{
struct proxy_alias *new;
return NULL;
}
static const char *
{
struct noproxy_entry *new;
struct apr_sockaddr_t *addr;
int found = 0;
int i;
/* Don't duplicate entries */
found = 1;
}
}
if (!found) {
}
else {
}
}
return NULL;
}
/*
* Set the ports CONNECT can use
*/
static const char *
{
int *New;
if (!apr_isdigit(arg[0]))
return "AllowCONNECT: port number must be numeric";
return NULL;
}
/* Similar to set_proxy_exclude(), but defining directly connected hosts,
* which should never be accessed via the configured ProxyRemote servers
*/
static const char *
{
struct dirconn_entry *New;
int found = 0;
int i;
/* Don't duplicate entries */
found = 1;
}
if (!found) {
#if DEBUGGING
#endif
}
#if DEBUGGING
#endif
}
#if DEBUGGING
#endif
}
else {
#if DEBUGGING
#endif
}
}
return NULL;
}
static const char *
{
if (arg[0] != '.')
return "ProxyDomain: domain name must start with a dot.";
return NULL;
}
static const char *
{
}
return NULL;
}
static const char *
{
return NULL;
}
static const char *
{
return NULL;
}
static const char *
{
if (s < 512 && s != 0) {
return "ProxyReceiveBufferSize must be >= 512 bytes, or 0 for system default.";
}
psf->recv_buffer_size = s;
return NULL;
}
static const char *
{
return NULL;
}
static const char *
{
return NULL;
}
static const char*
{
int timeout;
if (timeout<1) {
return "Proxy Timeout must be at least 1 second.";
}
return NULL;
}
static const char*
{
else {
return "ProxyVia must be one of: "
"off | on | full | block";
}
return NULL;
}
static const char*
{
else {
return "ProxyBadHeader must be one of: "
"IsError | Ignore | StartBody";
}
return NULL;
}
static const char*
{
else {
return "ProxyStatus must be one of: "
"off | on | full";
}
return NULL;
}
{
char *word;
const apr_array_header_t *arr;
const apr_table_entry_t *elts;
int i;
while (*arg) {
if (!path)
else if (!name)
else {
if (!val)
return "BalancerMember can not have a balancer name when defined in a location";
else
return "Invalid BalancerMember parameter. Parameter must "
"be in the form 'key=value'";
else
*val++ = '\0';
}
}
if (!path)
return "BalancerMember must define balancer name when outside <Proxy > section";
if (!name)
return "BalancerMember must define remote proxy server";
/* Try to find existing worker */
if (!worker) {
const char *err;
} else {
}
if (err)
}
/* Try to find the balancer */
if (!balancer) {
if (err)
}
/* Add the worker to the load balancer */
return NULL;
}
static const char *
{
const char *err;
int in_proxy_section = 0;
"<Proxy", 6) == 0) {
/* Directive inside <Proxy section
*/
*word = '\0';
in_proxy_section = 1;
}
else {
* name as first param.
*/
}
if (!balancer) {
if (in_proxy_section) {
if (err)
}
else
}
}
else {
if (!worker) {
if (in_proxy_section) {
if (err)
}
else
}
}
while (*arg) {
if (!val) {
return "Invalid ProxySet parameter. Parameter must be "
"in the form 'key=value'";
}
else
*val++ = '\0';
if (worker)
else
if (err)
}
return NULL;
}
const char *arg)
{
return NULL;
}
{
&proxy_module);
*new_space = dir_config;
}
{
const char *errmsg;
ap_regex_t *r = NULL;
return err;
}
"> directive missing closing '>'", NULL);
}
if (!arg) {
return "<ProxyMatch > block must specify a path";
else
return "<Proxy > block must specify a path";
}
/* XXX Ignore case? What if we proxy a case-insensitive server?!?
* While we are at it, shouldn't we also canonicalize the entire
* scheme? See proxy_fixup()
*/
if (!r) {
return "Regex could not be compiled";
}
}
return "<Proxy ~ > block must specify a path";
if (!r) {
return "Regex could not be compiled";
}
}
/* initialize our config and fetch it */
return errmsg;
conf->r = r;
if (*arg != '\0') {
return "Multiple <ProxyMatch> arguments not (yet) supported.";
if (conf->p_is_fnmatch)
"> arguments are not supported for wildchar url.",
NULL);
"> arguments are not supported for non url.",
NULL);
if (!balancer) {
if (err)
}
}
else {
conf->p);
if (!worker) {
if (err)
}
}
"> arguments are supported only for workers.",
NULL);
}
while (*arg) {
if (!val) {
return "Invalid Proxy parameter. Parameter must be "
"in the form 'key=value'";
}
else
*val++ = '\0';
if (worker)
else
if (err)
}
}
return NULL;
}
static const command_rec proxy_cmds[] =
{
"Container for directives affecting resources located in the proxied "
"location"),
"Container for directives affecting resources located in the proxied "
"location, in regular expression syntax"),
"on if the true proxy requests should be accepted"),
"a scheme, partial URL or '*' and a proxy server"),
"a regex pattern and a proxy server"),
"a virtual path and a URL"),
"a virtual path and a URL"),
"a virtual path and a URL for reverse proxy behaviour"),
"A list of names, hosts or domains to which the proxy will not connect"),
"Receive buffer size for outgoing HTTP and FTP connections in bytes"),
"IO buffer size for outgoing HTTP and FTP connections in bytes"),
"The maximum number of proxies a request may be forwarded through."),
"A list of domains, hosts, or subnets to which the proxy will connect directly"),
"The default intranet domain name (in absence of a domain in the URL)"),
"A list of ports which CONNECT may connect to"),
"Configure Via: proxy header header to one of: on | off | block | full"),
"use our error handling pages instead of the servers' we are proxying"),
"on if we should preserve host header while proxying"),
"Set the timeout (in seconds) for a proxied connection. "
"This overrides the server timeout"),
"How to handle bad header line in response: IsError | Ignore | StartBody"),
"A balancer name and scheme with list of params"),
"Configure Status: proxy status to one of: on | off | full"),
"A balancer or worker name with list of params"),
{NULL}
};
{
/*
* if c == NULL just check if the optional function was imported
* else run the optional function so ssl filters are inserted
*/
if (proxy_ssl_enable) {
return c ? proxy_ssl_enable(c) : 1;
}
return 0;
}
{
if (proxy_ssl_disable) {
return proxy_ssl_disable(c);
}
return 0;
}
{
if (proxy_is_https) {
return proxy_is_https(c);
}
else
return 0;
}
conn_rec *c, request_rec *r,
const char *var)
{
if (proxy_ssl_val) {
/* XXX Perhaps the casting useless */
return (const char *)proxy_ssl_val(p, s, c, r, (char *)var);
}
else
return NULL;
}
{
return OK;
}
/*
* proxy Extension to mod_status
*/
{
int i, n;
return OK;
ap_rputs("<hr />\n<h1>Proxy LoadBalancer Status for ", r);
ap_rputs("\n\n<table border=\"0\"><tr>"
"<th>SSes</th><th>Timeout</th><th>Method</th>"
"</tr>\n<tr>", r);
}
else {
}
}
else {
ap_rputs("<td> - ", r);
}
ap_rprintf(r, "<td>%s</td>\n",
ap_rputs("</table>\n", r);
ap_rputs("\n\n<table border=\"0\"><tr>"
"<th>Sch</th><th>Host</th><th>Stat</th>"
"<th>Route</th><th>Redir</th>"
"<th>F</th><th>Set</th><th>Acc</th><th>Wr</th><th>Rd</th>"
"</tr>\n", r);
char fbuf[50];
ap_rputs("Dis", r);
ap_rputs("Err", r);
ap_rputs("Ok", r);
else
ap_rputs("-", r);
ap_rputs("</td><td>", r);
ap_rputs("</td>\n", r);
/* TODO: Add the rest of dynamic worker data */
ap_rputs("</tr>\n", r);
++worker;
}
ap_rputs("</table>\n", r);
++balancer;
}
ap_rputs("<hr /><table>\n"
"<tr><th>SSes</th><td>Sticky session name</td></tr>\n"
"<tr><th>Timeout</th><td>Balancer Timeout</td></tr>\n"
"<tr><th>Sch</th><td>Connection scheme</td></tr>\n"
"<tr><th>Host</th><td>Backend Hostname</td></tr>\n"
"<tr><th>Stat</th><td>Worker status</td></tr>\n"
"<tr><th>Route</th><td>Session Route</td></tr>\n"
"<tr><th>Redir</th><td>Session Route Redirection</td></tr>\n"
"<tr><th>F</th><td>Load Balancer Factor in %</td></tr>\n"
"<tr><th>Acc</th><td>Number of requests</td></tr>\n"
"<tr><th>Wr</th><td>Number of bytes transferred</td></tr>\n"
"<tr><th>Rd</th><td>Number of bytes read</td></tr>\n"
"</table>", r);
return OK;
}
{
while (s) {
void *sconf = s->module_config;
int i;
/* Initialize worker's shared scoreboard data */
worker++;
}
/* Initialize forward worker if defined */
/* Do not disable worker in case of errors */
/* Disable address cache for generic forward worker */
}
if (!reverse) {
/* Do not disable worker in case of errors */
/* Disable address cache for generic reverse worker */
reverse->is_address_reusable = 0;
}
s = s->next;
}
}
/*
* This routine is called before the server processes the configuration
* files. There is no return value.
*/
{
/* Reset workers count on gracefull restart */
proxy_lb_workers = 0;
return OK;
}
static void register_hooks(apr_pool_t *p)
{
/* fixup before mod_rewrite, so that the proxied url will not
* escaped accidentally by our fixup.
*/
/* Only the mpm_winnt has child init hook handler.
* make sure that we are called after the mpm
* initializes.
*/
/* handler */
/* filename-to-URI translation */
/* walk <Proxy > entries and suppress default TRACE behavior */
/* fixups */
/* post read_request handling */
/* pre config handling */
/* post config handling */
/* child init handling */
}
{
create_proxy_dir_config, /* create per-directory config structure */
merge_proxy_dir_config, /* merge per-directory config structures */
create_proxy_config, /* create per-server config structure */
merge_proxy_config, /* merge per-server config structures */
proxy_cmds, /* command table */
};
)
(request_rec *r, char *url),(r,
request_rec *r,
request_rec *r,
(request_rec *r), (r),
(int *status, request_rec *r),
(status, r),