ProxyPass /example http://backend.example.com max=20 ttl=120 retry=300
</example>
+ <table border="2"><tr><th>BalancerMember parameters</th></tr></table>
<table>
<tr><th>Parameter</th>
<th>Default</th>
parameters can be add to this virtual worker. See <module>mod_proxy_balancer</module>
for more information about how the balancer works.
</p>
+ <table border="2"><tr><th>Balancer parameters</th></tr></table>
<table>
<tr><th>Parameter</th>
<th>Default</th>
force the worker into error state when the backend returns any status code
in the list. Worker recovery behaves the same as other worker errors.
</td></tr>
+ <tr><td>nonce</td>
+ <td><auto></td>
+ <td>The protective nonce used in the <code>balancer-manager</code> application page.
+ The default is to use an automatically determined UUID-based
+ nonce, to provide for further protection for the page. If set,
+ then the nonce is set to that value. A setting of <code>None</code>
+ disables all nonce checking.
+ <note><title>Note</title>
+ <p>In addition to the nonce, the <code>balancer-manager</code> page
+ should be protected via an ACL.</p>
+ </note>
+ </td></tr>
+ <tr><td>growth</td>
+ <td>0</td>
+ <td>Number of additional BalancerMembers to allow to be added
+ to this balancer in addition to those defined at configuration.
+ </td></tr>
</table>
<p>A sample balancer setup</p>
for use: Request Counting, Weighted Traffic Counting and Pending Request
Counting. These are controlled via the <code>lbmethod</code> value of
the Balancer definition. See the <directive module="mod_proxy">ProxyPass</directive>
- directive for more information.</p>
+ directive for more information, especially regarding how to
+ configure the Balancer and BalancerMembers.</p>
</section>
<section id="stickyness">
be to high for production servers under high load.</p>
</section>
-<directivesynopsis>
-<name>BalancerNonce</name>
-<description>Set the nonce used in the balancer-manager application</description>
-<syntax>BalancerNonce Default|None|Set "value"</syntax>
-<default>ProxyStatus Default</default>
-<contextlist><context>server config</context>
-<context>virtual host</context>
-</contextlist>
-<compatibility>Available in version 2.4 and later</compatibility>
-
-<usage>
- <p>This directive specifies the protective nonce used in the
- <code>balancer-manager</code> application page.</p>
- <p>The default is to use an automatically determined UUID-based
- nonce, to provide for further protection for the page. If set
- to <code>Set</code>, then the next argument sets the nonce to that
- value. A setting of <code>None</code> disables all nonce checking.</p>
-
- <example>
- BalancerNonce Set "RealGudSharedSecret"
- </example>
-
- <note><title>Note</title>
- <p>In addition to the nonce, the <code>balancer-manager</code> page
- should be protected via an ACL.</p>
- </note>
-
-</usage>
-</directivesynopsis>
-
</modulesynopsis>
#include "ap_mpm.h"
#include "apr_version.h"
#include "apr_hooks.h"
-#include "apr_uuid.h"
#include "apr_date.h"
static const char *balancer_mutex_type = "proxy-balancer-shm";
module AP_MODULE_DECLARE_DATA proxy_balancer_module;
-static char balancer_nonce[APR_UUID_FORMATTED_LENGTH + 1];
-
/*
* Register our mutex type before the config is read so we
* can adjust the mutex settings using the Mutex directive.
static int balancer_post_config(apr_pool_t *pconf, apr_pool_t *plog,
apr_pool_t *ptemp, server_rec *s)
{
- apr_uuid_t uuid;
void *data;
void *sconf = s->module_config;
proxy_server_conf *conf = (proxy_server_conf *) ap_get_module_config(sconf, &proxy_module);
apr_pool_cleanup_null, s->process->pool);
return OK;
}
- /* Retrieve a UUID and store the nonce for the lifetime of
- * the process. */
- apr_uuid_get(&uuid);
- apr_uuid_format(balancer_nonce, &uuid);
/*
* Get worker slotmem setup
}
}
- /* Check that the supplied nonce matches this server's nonce;
- * otherwise ignore all parameters, to prevent a CSRF attack. */
- if (*balancer_nonce &&
- ((name = apr_table_get(params, "nonce")) == NULL
- || strcmp(balancer_nonce, name) != 0)) {
- apr_table_clear(params);
- }
-
if ((name = apr_table_get(params, "b")))
bsel = ap_proxy_get_balancer(r->pool, conf,
apr_pstrcat(r->pool, BALANCER_PREFIX, name, NULL));
+
if ((name = apr_table_get(params, "w"))) {
wsel = ap_proxy_get_worker(r->pool, bsel, conf, name);
}
+
+#if 0
+ /* Check that the supplied nonce matches this server's nonce;
+ * otherwise ignore all parameters, to prevent a CSRF attack. */
+ if (*balancer_nonce &&
+ ((name = apr_table_get(params, "nonce")) == NULL
+ || strcmp(balancer_nonce, name) != 0)) {
+ apr_table_clear(params);
+ }
+#endif
/* First set the params */
/*
* Note that it is not possible set the proxy_balancer because it is not
ap_rvputs(r, "<tr>\n<td><a href=\"", r->uri, "?b=",
balancer->name + sizeof(BALANCER_PREFIX) - 1, "&w=",
ap_escape_uri(r->pool, worker->s->name),
- "&nonce=", balancer_nonce,
+ "&nonce=", balancer->nonce,
"\">", NULL);
ap_rvputs(r, worker->s->name, "</a></td>", NULL);
ap_rvputs(r, "<td>", ap_escape_html(r->pool, worker->s->route),
ap_rvputs(r, "value=\"", bsel->name + sizeof(BALANCER_PREFIX) - 1,
"\">\n", NULL);
ap_rvputs(r, "<input type=hidden name=\"nonce\" value=\"",
- balancer_nonce, "\">\n", NULL);
+ bsel->nonce, "\">\n", NULL);
ap_rvputs(r, "</form>\n", NULL);
ap_rputs("<hr />\n", r);
}
p);
if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
- "Failed to reopen mutex %: %s in child",
+ "Failed to reopen mutex %s: %s in child",
balancer->name, balancer_mutex_type);
exit(1); /* Ugly, but what else? */
}
}
-static const char *set_balancer_nonce (cmd_parms *cmd, void *dummy, const char *arg,
- const char *val)
-{
- const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
- if (err != NULL) {
- return err;
- }
-
- if (!strcasecmp(arg, "None")) {
- *balancer_nonce = '\0';
- } else if (!strcasecmp(arg, "Set")) {
- if (val) {
- apr_cpystrn(balancer_nonce, val, sizeof(balancer_nonce));
- } else {
- return "BalancerNonce Set requires an argument";
- }
- } else if (strcasecmp(arg, "Default")) {
- return "Bad argument for BalancerNonce: Must be 'Set', 'None' or 'Default'";
- }
- return NULL;
-}
-
-static const command_rec balancer_cmds[] =
-{
- AP_INIT_TAKE12("BalancerNonce", set_balancer_nonce, NULL,
- RSRC_CONF, "Set value for balancer-manager nonce"),
- {NULL}
-};
-
static void ap_proxy_balancer_register_hook(apr_pool_t *p)
{
/* Only the mpm_winnt has child init hook handler.
NULL, /* merge per-directory config structures */
NULL, /* create per-server config structure */
NULL, /* merge per-server config structures */
- balancer_cmds, /* command apr_table_t */
+ NULL, /* command apr_table_t */
ap_proxy_balancer_register_hook /* register hooks */
};
projects / thirdparty / apache / httpd.git / commitdiff
