proxy_util.c revision 834fc281be8e0f7f2614961f12d8bbf603382a17
/* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/* Utility routines for Apache proxy */
#include "mod_proxy.h"
#include "ap_mpm.h"
#include "scoreboard.h"
#include "apr_version.h"
#include <unistd.h> /* for getpid() */
#endif
#if (APR_MAJOR_VERSION < 1)
#endif
/* Global balancer counter */
int PROXY_DECLARE_DATA proxy_lb_workers = 0;
static int lb_workers_limit = 0;
/* already called in the knowledge that the characters are hex digits */
PROXY_DECLARE(int) ap_proxy_hex2c(const char *x)
{
int i, ch;
#if !APR_CHARSET_EBCDIC
ch = x[0];
if (apr_isdigit(ch)) {
i = ch - '0';
}
else if (apr_isupper(ch)) {
}
else {
}
i <<= 4;
ch = x[1];
if (apr_isdigit(ch)) {
i += ch - '0';
}
else if (apr_isupper(ch)) {
}
else {
}
return i;
#else /*APR_CHARSET_EBCDIC*/
/*
* we assume that the hex value refers to an ASCII character
* so convert to EBCDIC so that it makes sense locally;
*
* example:
*
* client specifies %20 in URL to refer to a space char;
* at this point we're called with EBCDIC "20"; after turning
* EBCDIC "20" into binary 0x20, we then need to assume that 0x20
* represents an ASCII char and convert 0x20 to EBCDIC, yielding
* 0x40
*/
char buf[1];
buf[0] = i & 0xFF;
return buf[0];
}
else {
return 0;
}
#endif /*APR_CHARSET_EBCDIC*/
}
{
#if !APR_CHARSET_EBCDIC
int i;
x[0] = '%';
if (i >= 10) {
x[1] = ('A' - 10) + i;
}
else {
x[1] = '0' + i;
}
i = ch & 0x0F;
if (i >= 10) {
x[2] = ('A' - 10) + i;
}
else {
x[2] = '0' + i;
}
#else /*APR_CHARSET_EBCDIC*/
static const char ntoa[] = { "0123456789ABCDEF" };
char buf[1];
ch &= 0xFF;
x[0] = '%';
x[3] = '\0';
#endif /*APR_CHARSET_EBCDIC*/
}
/*
* canonicalise a URL-encoded string
*/
/*
* Convert a URL-encoded string to canonical form.
* It decodes characters which need not be encoded,
* and encodes those which must be encoded, and does not touch
* those which must not be touched.
*/
int proxyreq)
{
int i, j, ch;
char *y;
char *allowed; /* characters which should not be encoded */
/*
* N.B. in addition to :@&=, this allows ';' in an http path
* and '?' in an ftp path -- this may be revised
*
* Also, it makes a '+' character in a search string reserved, as
* it may be form-encoded. (Although RFC 1738 doesn't allow this -
* it only permits ; / ? : @ = & as reserved chars.)
*/
if (t == enc_path) {
allowed = "~$-_.+!*'(),;:@&=";
}
else if (t == enc_search) {
allowed = "$-_.!*'(),;:@&=";
}
else if (t == enc_user) {
allowed = "$-_.+!*'(),;@&=";
}
else if (t == enc_fpath) {
allowed = "$-_.+!*'(),?:@&=";
}
else { /* if (t == enc_parm) */
allowed = "$-_.+!*'(),?/:@&=";
}
if (t == enc_path) {
reserved = "/";
}
else if (t == enc_search) {
reserved = "+";
}
else {
reserved = "";
}
for (i = 0, j = 0; i < len; i++, j++) {
/* always handle '/' first */
ch = x[i];
y[j] = ch;
continue;
}
/*
* decode it if not already done. do not decode reverse proxied URLs
* unless specifically forced
*/
return NULL;
}
i += 2;
ap_proxy_c2hex(ch, &y[j]);
j += 2;
continue;
}
}
/* recode it, if necessary */
ap_proxy_c2hex(ch, &y[j]);
j += 2;
}
else {
y[j] = ch;
}
}
y[j] = '\0';
return y;
}
/*
* Parses network-location.
* urlp on input the URL; on output the path, after the leading /
* password holder for password
* host holder for host
* port port number; only set if one is supplied.
*
* Returns an error string.
*/
PROXY_DECLARE(char *)
{
return "Malformed URL";
}
url = "";
}
else {
}
*strp = '\0';
/* find password */
*strp = '\0';
return "Bad %-escape in URL (password)";
}
}
return "Bad %-escape in URL (username)";
}
}
}
}
/*
* Parse the host string to separate host portion from optional port.
* Perform range checking on port.
*/
}
if (tmp_port != 0) { /* only update caller's port if port was specified */
}
return NULL;
}
/*
* If the date is a valid RFC 850 date or asctime() date, then it
* is converted to the RFC 1123 format.
*/
PROXY_DECLARE(const char *)
{
char* ndate;
if (!time) {
return date;
}
if (rv != APR_SUCCESS) {
return date;
}
return ndate;
}
{
rp->connection = c;
proxy_run_create_req(r, rp);
return rp;
}
/*
* list is a comma-separated list of case-insensitive tokens, with
* optional whitespace around the tokens.
* The return returns 1 if the token val is found in the list, or 0
* otherwise.
*/
{
int len, i;
const char *p;
if (p != NULL) {
i = p - list;
do {
p++;
} while (apr_isspace(*p));
}
else {
}
i--;
}
return 1;
}
list = p;
}
return 0;
}
/*
* list is a comma-separated list of case-insensitive tokens, with
* optional whitespace around the tokens.
* if val appears on the list of tokens, it is removed from the list,
* and the new list is returned.
*/
{
int len, i;
const char *p;
if (p != NULL) {
i = p - list;
do {
p++;
} while (apr_isspace(*p));
}
else {
}
i--;
}
/* do nothing */
}
else {
if (new) {
}
else {
}
}
list = p;
}
return new;
}
/*
* Converts 8 hex digits to a time integer
*/
PROXY_DECLARE(int) ap_proxy_hex2sec(const char *x)
{
int i, ch;
unsigned int j;
for (i = 0, j = 0; i < 8; i++) {
ch = x[i];
j <<= 4;
if (apr_isdigit(ch)) {
j |= ch - '0';
}
else if (apr_isupper(ch)) {
}
else {
}
}
if (j == 0xffffffff) {
return -1; /* so that it works with 8-byte ints */
}
else {
return j;
}
}
/*
* Converts a time integer to 8 hex digits
*/
PROXY_DECLARE(void) ap_proxy_sec2hex(int t, char *y)
{
int i, ch;
unsigned int j = t;
for (i = 7; i >= 0; i--) {
ch = j & 0xF;
j >>= 4;
if (ch >= 10) {
}
else {
y[i] = ch + '0';
}
}
y[8] = '\0';
}
{
apr_pstrcat(r->pool,
"The proxy server could not handle the request "
" ",
"Reason: <strong>",
"</strong></p>", NULL));
/* Allow "error-notes" string to be printed by ap_send_error_response() */
return statuscode;
}
static const char *
{
return r->hostname;
}
/* Set url to the first char after "scheme://" */
return NULL;
}
url = apr_pstrdup(r->pool, &url[1]); /* make it point to "//", which is what proxy_canon_netloc expects */
}
return host; /* ought to return the port, too */
}
/* Return TRUE if addr represents an IP address (or an IP network address) */
{
long ip_addr[4];
int i, quads;
long bits;
/*
* if the address is given with an explicit netmask, use that
* Due to a deficiency in apr_inet_addr(), it is impossible to parse
* "partial" addresses (with less than 4 quads) correctly, i.e.
* 192.168.123 is parsed as 192.168.0.123, which is not what I want.
* I therefore have to parse the IP address manually:
* addr and mask were set by proxy_readmask()
* return 1;
*/
/*
* Parse IP addr manually, optionally allowing
* abbreviated net addresses like 192.168.
*/
/* Iterate over up to 4 (dotted) quads. */
char *tmp;
break;
}
if (!apr_isdigit(*addr)) {
return 0; /* no digit at start of quad */
}
return 0;
}
/* invalid octet */
return 0;
}
++addr; /* after the 4th quad, a dot would be illegal */
}
}
}
char *tmp;
++addr;
return 0;
}
return 0;
}
}
else {
/*
* Determine (i.e., "guess") netmask by counting the
* number of trailing .0's; reduce #quads appropriately
* (so that 192.168.0.0 is equivalent to 192.168.)
*/
--quads;
}
/* "IP Address should be given in dotted-quad form, optionally followed by a netmask (e.g., 192.168.111.0/24)"; */
if (quads < 1) {
return 0;
}
/* every zero-byte counts as 8 zero-bits */
"Warning: NetMask not supplied with IP-Addr; guessing: %s/%ld",
}
}
"Warning: NetMask and IP-Addr disagree in %s/%ld",
}
if (*addr == '\0') {
return 1;
}
else {
}
}
/* Return TRUE if addr represents an IP address (or an IP network address) */
{
int i, ip_addr[4];
const char *host = proxy_get_host_of_request(r);
return 0;
}
/* ap_proxy_is_ipaddr() already confirmed that we have
* a valid octet in ip_addr[i]
*/
}
#if DEBUGGING
#endif
return 1;
}
#if DEBUGGING
else {
}
#endif
}
else {
struct apr_sockaddr_t *reqaddr;
!= APR_SUCCESS) {
#if DEBUGGING
"2)IP-NoMatch: hostname=%s msg=Host not found", host);
#endif
return 0;
}
/* Try to deal with multiple IP addr's for a host */
/* FIXME: This needs to be able to deal with IPv6 */
while (reqaddr) {
#if DEBUGGING
#endif
return 1;
}
#if DEBUGGING
else {
}
#endif
}
}
return 0;
}
/* Return TRUE if addr represents a domain name */
{
int i;
/* Domain name must start with a '.' */
if (addr[0] != '.') {
return 0;
}
/* rfc1035 says DNS names must consist of "[-a-zA-Z0-9]" and '.' */
continue;
}
#if 0
if (addr[i] == ':') {
"@@@@ handle optional port in proxy_is_domainname()");
/* @@@@ handle optional port */
}
#endif
if (addr[i] != '\0') {
return 0;
}
/* Strip trailing dots */
addr[i] = '\0';
}
return 1;
}
/* Return TRUE if host "host" is in domain "domain" */
{
const char *host = proxy_get_host_of_request(r);
return 0;
}
/* @@@ do this within the setup? */
/* Ignore trailing dots in domain comparison: */
--d_len;
}
--h_len;
}
}
/* Return TRUE if host represents a host name */
{
struct apr_sockaddr_t *addr;
int i;
/* Host names must not start with a '.' */
if (host[0] == '.') {
return 0;
}
/* rfc1035 says DNS names must consist of "[-a-zA-Z0-9]" and '.' */
return 0;
}
/* Strip trailing dots */
host[i] = '\0';
}
return 1;
}
/* Return TRUE if host "host" is equal to host2 "host2" */
{
const char *host2 = proxy_get_host_of_request(r);
int h2_len;
int h1_len;
return 0; /* oops! */
}
#if 0
/* Try to deal with multiple IP addr's for a host */
while (addr) {
if (addr->ipaddr_ptr == ? ? ? ? ? ? ? ? ? ? ? ? ?)
return 1;
}
#endif
/* Ignore trailing dots in host2 comparison: */
--h2_len;
}
--h1_len;
}
}
/* Return TRUE if addr is to be matched as a word */
{
return 1;
}
/* Return TRUE if string "str2" occurs literally in "str1" */
{
const char *host = proxy_get_host_of_request(r);
}
/* checks whether a host in uri_addr matches proxyblock */
{
int j;
/* XXX FIXME: conf->noproxies->elts is part of an opaque structure */
return HTTP_FORBIDDEN;
}
while (conf_addr) {
while (uri_addr) {
char *conf_ip;
char *uri_ip;
return HTTP_FORBIDDEN;
}
}
}
}
return OK;
}
/* set up the minimal filter set */
{
return OK;
}
/*
* converts a series of buckets into a string
* XXX: BillS says this function performs essentially the same function as
* ap_rgetline() in protocol.c. Deprecate this function and use ap_rgetline()
* instead? I think ap_proxy_string_read() will not work properly on non ASCII
* (EBCDIC) machines either.
*/
{
apr_bucket *e;
char *response;
int found = 0;
/* start with an empty string */
buff[0] = 0;
*eos = 0;
/* loop through each brigade */
while (!found) {
/* get brigade from network one line at a time */
0))) {
return rv;
}
/* loop through each bucket */
while (!found) {
/* The connection aborted or timed out */
return APR_ECONNABORTED;
}
e = APR_BRIGADE_FIRST(bb);
if (APR_BUCKET_IS_EOS(e)) {
*eos = 1;
}
else {
(const char **)&response,
&len,
APR_BLOCK_READ))) {
return rv;
}
/*
* is string LF terminated?
* XXX: This check can be made more efficient by simply checking
* if the last character in the 'response' buffer is an ASCII_LF.
* See ap_rgetline() for an example.
*/
found = 1;
}
/* concat strings until buff is full - then throw the data away */
}
if (len > 0) {
}
}
}
*pos = '\0';
}
return APR_SUCCESS;
}
/* unmerge an element in the table */
{
/* get the value to unmerge */
if (!initial) {
return;
}
/* remove the value from the headers */
apr_table_unset(t, key);
/* find each comma */
}
count++;
}
}
{
struct proxy_alias *ent;
char *u;
/*
* XXX FIXME: Make sure this handled the ambiguous case of the :<PORT>
* after the hostname
* XXX FIXME: Ensure the /uri component is a case sensitive match
*/
if (r->proxyreq != PROXYREQ_REVERSE) {
return url;
}
}
else {
}
/*
* First check if mapping against a balancer and see
* if we have such a entity. If so, then we need to
* find the particulars of the actual worker which may
* or may not be the right one... basically, we need
* to find which member actually handled this request.
*/
int n, l3 = 0;
if (urlpart) {
if (!urlpart[1])
else
}
/* The balancer comparison is a bit trickier. Given the context
* BalancerMember balancer://alias http://example.com/foo
* translate url http://example.com/foo/bar/that to /bash/that
*/
if (urlpart) {
/* urlpart (l3) assuredly starts with its own '/' */
--l2;
NULL);
return ap_construct_url(r->pool, u, r);
}
}
return ap_construct_url(r->pool, u, r);
}
worker++;
}
}
else {
return ap_construct_url(r->pool, u, r);
}
}
}
return url;
}
/*
* Cookies are a bit trickier to match: we've got two substrings to worry
* about, and we can't just find them with strstr 'cos of case. Regexp
* matching would be an easy fix, but for better consistency with all the
* other matches we'll refrain and use apr_strmatch to find path=/domain=
* and stick to plain strings for the config values.
*/
{
&proxy_module);
struct proxy_alias *ent;
const char *pathp;
const char *domainp;
int i;
int ddiff = 0;
int pdiff = 0;
char *ret;
if (r->proxyreq != PROXYREQ_REVERSE) {
return str;
}
/*
* Find the match and replacement, but save replacing until we've done
* both path and domain so we know the new strlen
*/
pathp += 5;
}
else {
}
break;
}
}
}
domainp += 7;
}
else {
}
break;
}
}
}
if (newpath) {
if (newdomain) {
}
else {
}
}
else {
}
}
else {
if (newdomain) {
}
else {
}
}
return ret;
}
const char *url)
{
int i;
return NULL;
}
/* remove path from uri */
*c = '\0';
}
return balancer;
}
balancer++;
}
return NULL;
}
apr_pool_t *p,
const char *url)
{
return "Bad syntax for a balancer name";
/* remove path from uri */
*q = '\0';
/*
* NOTE: The default method is byrequests, which we assume
* exists!
*/
if (!lbmethod) {
return "Can't find 'byrequests' lb method";
}
/* XXX Is this a right place to create mutex */
#if APR_HAS_THREADS
APR_THREAD_MUTEX_DEFAULT, p) != APR_SUCCESS) {
/* XXX: Do we need to log something here */
return "can not create thread mutex";
}
#endif
return NULL;
}
const char *url)
{
int max_match = 0;
int url_length;
int min_match;
int worker_name_length;
const char *c;
char *url_copy;
int i;
return NULL;
}
/*
* We need to find the start of the path and
* therefore we know the length of the scheme://hostname/
* part to we can force-lowercase everything up to
* the start of the path.
*/
if (c) {
char *pathstart;
*pathstart = '\0';
*pathstart = '/';
}
else {
}
/*
* Do a "longest match" on the worker name to find the worker that
* fits best to the URL, but keep in mind that we must have at least
* a minimum matching of length min_match such that
* scheme://hostname[:port] matches between worker and url.
*/
&& (worker_name_length >= min_match)
&& (worker_name_length > max_match)
max_worker = worker;
}
worker++;
}
return max_worker;
}
#if APR_HAS_THREADS
{
}
return APR_SUCCESS;
}
#endif
{
/*
* Create a connection pool's subpool.
* This pool is used for connection recycling.
* Once the worker is added it is never removed but
* it can be disabled.
*/
apr_pool_create(&pool, p);
/*
* Alloc from the same pool as worker.
* proxy_conn_pool is permanently attached to the worker.
*/
}
apr_pool_t *p,
const char *url)
{
int rv;
if (rv != APR_SUCCESS) {
return "Unable to parse URL";
}
return "URL must be absolute!";
}
/* Increase the total worker count */
init_conn_pool(p, *worker);
#if APR_HAS_THREADS
APR_THREAD_MUTEX_DEFAULT, p) != APR_SUCCESS) {
/* XXX: Do we need to log something here */
return "can not create thread mutex";
}
#endif
return NULL;
}
{
/* Increase the total worker count */
init_conn_pool(p, worker);
return worker;
}
PROXY_DECLARE(void)
{
/* Increase the total runtime count */
}
request_rec *r,
{
int access_status;
if (*worker) {
"proxy: %s: found worker %s for %s",
access_status = OK;
}
else if (r->proxyreq == PROXYREQ_PROXY) {
"proxy: *: found forward proxy worker for %s",
*url);
access_status = OK;
}
}
else if (r->proxyreq == PROXYREQ_REVERSE) {
"proxy: *: found reverse proxy worker for %s",
*url);
access_status = OK;
}
}
}
/* All the workers are busy */
"proxy: all workers are busy. Unable to serve %s",
*url);
}
return access_status;
}
request_rec *r,
{
int access_status = OK;
if (balancer) {
if (access_status == DECLINED) {
/* TODO: recycle direct worker */
}
}
return access_status;
}
/* DEPRECATED */
const char *proxy_function,
const char *backend_name,
server_rec *s,
apr_pool_t *p)
{
int connected = 0;
int loglevel;
while (backend_addr && !connected) {
SOCK_STREAM, 0, p)) != APR_SUCCESS) {
"proxy: %s: error creating fam %d socket for target %s",
/*
* this could be an IPv6 address from the DNS but the
* local machine won't give us an IPv6 socket; hopefully the
* DNS returned an additional address to try
*/
continue;
}
if (conf->recv_buffer_size > 0 &&
conf->recv_buffer_size))) {
"apr_socket_opt_set(SO_RCVBUF): Failed to set "
"ProxyReceiveBufferSize, using default");
}
"apr_socket_opt_set(APR_TCP_NODELAY): "
"Failed to set");
}
/* Set a timeout on the socket */
}
else {
}
"proxy: %s: fam %d socket created to connect to %s",
/* make the connection out of the socket */
/* if an error occurred, loop round and try again */
if (rv != APR_SUCCESS) {
"proxy: %s: attempt to connect to %pI (%s) failed",
continue;
}
connected = 1;
}
return connected ? 0 : 1;
}
{
/*
* If the connection pool is NULL the worker
* cleanup has been run. Just return.
*/
return APR_SUCCESS;
}
#if APR_HAS_THREADS
/* Sanity check: Did we already return the pooled connection? */
"proxy: Pooled connection 0x%pp for worker %s has been"
" already returned to the connection pool.", conn,
return APR_SUCCESS;
}
#endif
/* determine if the connection need to be closed */
apr_pool_clear(p);
}
#if APR_HAS_THREADS
}
else
#endif
{
}
/* Always return the SUCCESS */
return APR_SUCCESS;
}
{
}
request_rec *r)
{
/*
* If we have an existing SSL connection it might be possible that the
* server sent some SSL message we have not read so far (e.g. a SSL
* shutdown message if the server closed the keepalive connection while
* the connection was held unused in our pool).
* So ensure that if present (=> APR_NONBLOCK_READ) it is read and
* processed. We don't expect any data to be in the returned brigade.
*/
}
if (!APR_BRIGADE_EMPTY(bb)) {
"proxy: SSL cleanup brigade contained %"
}
}
return APR_SUCCESS;
}
/* reslist constructor */
{
/*
* Create the subpool for each connection
* This keeps the memory consumption constant
* when disconnecting from backend.
*/
/*
* Create another subpool that manages the data for the
* socket and the connection member of the proxy_conn_rec struct as we
* destroy this data more frequently than other data in the proxy_conn_rec
* struct like hostname and addr (at least in the case where we have
* keepalive connections that timed out).
*/
#if APR_HAS_THREADS
#endif
return APR_SUCCESS;
}
#if APR_HAS_THREADS /* only needed when threads are used */
/* reslist destructor */
{
/* Destroy the pool only if not called from reslist_destroy */
}
return APR_SUCCESS;
}
#endif
/*
* ap_proxy_initialize_worker_share() concerns itself
* with initializing those parts of worker which
* are, or could be, shared. Basically worker->s
*/
server_rec *s)
{
if (PROXY_WORKER_IS_INITIALIZED(worker)) {
/* The worker share is already initialized */
"proxy: worker %s already initialized",
return;
}
/* Get scoreboard slot */
if (ap_scoreboard_image) {
if (!score) {
}
else {
}
}
if (!score) {
}
/*
* recheck to see if we've already been here. Possible
* if proxy is using scoreboard to hold shared stats
*/
if (PROXY_WORKER_IS_INITIALIZED(worker)) {
/* The worker share is already initialized */
"proxy: worker %s already initialized",
return;
}
}
else {
}
}
else {
}
}
{
#if APR_HAS_THREADS
int mpm_threads;
#endif
/* The worker is already initialized */
return APR_SUCCESS;
}
/* Set default parameters */
}
/* By default address is reusable unless DisableReuse is set */
if (worker->disablereuse) {
worker->is_address_reusable = 0;
}
else {
}
#if APR_HAS_THREADS
if (mpm_threads > 1) {
/* Set hard max to no more then mpm_threads */
}
}
/* Set min to be lower then smax */
}
}
else {
/* This will supress the apr_reslist creation */
}
#if (APR_MAJOR_VERSION > 0)
/* Set the acquire timeout */
}
#endif
}
else
#endif
{
void *conn;
}
if (rv == APR_SUCCESS) {
}
return rv;
}
server_rec *s)
{
"proxy: %s: retrying the worker for (%s)",
"proxy: %s: worker for (%s) has been marked for retry",
return OK;
}
else {
return DECLINED;
}
}
else {
return OK;
}
}
server_rec *s)
{
if (!PROXY_WORKER_IS_USABLE(worker)) {
/* Retry the worker */
if (!PROXY_WORKER_IS_USABLE(worker)) {
"proxy: %s: disabled connection for (%s)",
return HTTP_SERVICE_UNAVAILABLE;
}
}
#if APR_HAS_THREADS
}
else
#endif
{
/* create the new connection if the previous was destroyed */
}
else {
}
rv = APR_SUCCESS;
}
if (rv != APR_SUCCESS) {
"proxy: %s: failed to acquire connection for (%s)",
return HTTP_SERVICE_UNAVAILABLE;
}
"proxy: %s: has acquired connection for (%s)",
#if APR_HAS_THREADS
#endif
return OK;
}
server_rec *s)
{
"proxy: %s: has released connection for (%s)",
return OK;
}
PROXY_DECLARE(int)
char **url,
const char *proxyname,
char *server_portstr,
int server_portstr_size)
{
int server_port;
/*
* Break up the URL to determine the host to connect to
*/
/* we break the URL into host, port, uri */
return ap_proxyerror(r, HTTP_BAD_REQUEST,
NULL));
}
}
/*
* allocate these out of the specified connection pool
* The scheme handler decides if this is permanent or
* short living pool.
*/
/* are we connecting directly, or via a proxy? */
if (!proxyname) {
}
/*
* Make sure that we pick the the correct and valid worker.
* If a single keepalive connection triggers different workers,
* then we have a problem (we don't select the correct one).
* Do an expensive check in this case, where we compare the
* the hostnames associated between the two.
*
* TODO: Handle this much better...
*/
worker->disablereuse ||
(r->connection->keepalives &&
if (proxyname) {
}
else {
}
}
"proxy: lock");
return HTTP_INTERNAL_SERVER_ERROR;
}
/*
* Worker can have the single constant backend adress.
* The single DNS lookup is used once per worker.
* If dynamic change is needed then set the addr to NULL
* inside dynamic config to force the lookup.
*/
"proxy: unlock");
}
}
else {
}
/* Close a possible existing socket if we are told to do so */
}
if (err != APR_SUCCESS) {
return ap_proxyerror(r, HTTP_BAD_GATEWAY,
apr_pstrcat(p, "DNS lookup failure for: ",
}
/* Get the server port for the Via headers */
{
if (ap_is_default_port(server_port, r)) {
}
else {
}
}
/* check if ProxyBlock directive on this host */
return ap_proxyerror(r, HTTP_FORBIDDEN,
"Connect to remote machine blocked");
}
return OK;
}
#define USE_ALTERNATE_IS_CONNECTED 1
#if !defined(APR_MSG_PEEK) && defined(MSG_PEEK)
#define APR_MSG_PEEK MSG_PEEK
#endif
#if USE_ALTERNATE_IS_CONNECTED && defined(APR_MSG_PEEK)
{
do {
} while (APR_STATUS_IS_EINTR(status));
char buf[1];
/* The socket might be closed in which case
* the poll will return POLLIN.
* If there is no data available the socket
* is closed.
*/
return 1;
else
return 0;
}
return 1;
}
return 0;
}
#else
{
char test_buffer[1];
/* save timeout */
/* set no timeout */
/* put back old timeout */
return 0;
}
else {
return 1;
}
}
#endif /* USE_ALTERNATE_IS_CONNECTED */
server_rec *s)
{
int connected = 0;
int loglevel;
void *sconf = s->module_config;
"proxy: %s: backend socket is disconnected.",
}
}
while (backend_addr && !connected) {
"proxy: %s: error creating fam %d socket for target %s",
/*
* this could be an IPv6 address from the DNS but the
* local machine won't give us an IPv6 socket; hopefully the
* DNS returned an additional address to try
*/
continue;
}
if (worker->recv_buffer_size > 0 &&
worker->recv_buffer_size))) {
"apr_socket_opt_set(SO_RCVBUF): Failed to set "
"ProxyReceiveBufferSize, using default");
}
"apr_socket_opt_set(APR_TCP_NODELAY): "
"Failed to set");
}
/* Set a timeout for connecting to the backend on the socket */
if (worker->conn_timeout_set) {
}
}
}
else {
}
/* Set a keepalive option */
"apr_socket_opt_set(SO_KEEPALIVE): Failed to set"
" Keepalive");
}
}
"proxy: %s: fam %d socket created to connect to %s",
/* make the connection out of the socket */
/* if an error occurred, loop round and try again */
if (rv != APR_SUCCESS) {
"proxy: %s: attempt to connect to %pI (%s) failed",
continue;
}
/* Set a timeout on the socket */
}
}
else {
}
connected = 1;
}
/*
* Put the entire worker to error state if
* the PROXY_WORKER_IGNORE_ERRORS flag is not set.
* Altrough some connections may be alive
* no further connections to the worker could be made
*/
"ap_proxy_connect_backend disabling worker for (%s)",
}
else {
/*
* A worker came back. So here is where we need to
* either reset all params to initial conditions or
* apply some sort of aging
*/
}
worker->s->error_time = 0;
}
}
conn_rec *c,
server_rec *s)
{
int rc;
if (conn->connection) {
return OK;
}
/*
* The socket is now open, create a new backend server connection
*/
0, NULL,
if (!conn->connection) {
/*
* the peer reset the connection already; ap_run_create_connection()
* closed the socket
*/
s, "proxy: %s: an error occurred creating a "
"new connection to %pI (%s)", proxy_function,
/* XXX: Will be closed when proxy_conn is closed */
return HTTP_INTERNAL_SERVER_ERROR;
}
/* For ssl connection to backend */
s, "proxy: %s: failed to enable ssl support "
"for %pI (%s)", proxy_function,
return HTTP_INTERNAL_SERVER_ERROR;
}
}
else {
/* TODO: See if this will break FTP */
}
"proxy: %s: connection complete to %pI (%s)",
/*
* save the timeout of the socket because core_pre_connection
* will set it to base_server->timeout
* (core TimeOut directive).
*/
/* set up the connection filters */
"proxy: %s: pre_connection setup failed (%d)",
proxy_function, rc);
return rc;
}
return OK;
}
int ap_proxy_lb_workers(void)
{
/*
* Since we can't resize the scoreboard when reconfiguring, we
* have to impose a limit on the number of workers, we are
* able to reconfigure to.
*/
if (!lb_workers_limit)
return lb_workers_limit;
}
{
apr_bucket *e;
conn_rec *c = r->connection;
r->no_cache = 1;
/*
* If this is a subrequest, then prevent also caching of the main
* request.
*/
if (r->main)
c->bucket_alloc);
e = apr_bucket_eos_create(c->bucket_alloc);
}
/*
* Transform buckets from one bucket allocator to another one by creating a
* transient bucket for each data bucket and let it use the data read from
* the old bucket. Metabuckets are transformed by just recreating them.
* Attention: Currently only the following bucket types are handled:
*
* All data buckets
* FLUSH
* EOS
*
* If an other bucket type is found its type is logged as a debug message
* and APR_EGENERAL is returned.
*/
{
apr_bucket *e;
const char *data;
for (e = APR_BRIGADE_FIRST(from);
e != APR_BRIGADE_SENTINEL(from);
e = APR_BUCKET_NEXT(e)) {
if (!APR_BUCKET_IS_METADATA(e)) {
}
else if (APR_BUCKET_IS_FLUSH(e)) {
}
else if (APR_BUCKET_IS_EOS(e)) {
}
else {
"proxy: Unhandled bucket type of type %s in"
rv = APR_EGENERAL;
}
}
return rv;
}