let wstunnel run first
Since wstunnel can step aside based on the Upgrade: header.
mod_proxy: Add proxy check_trans hook.
This allows proxy modules to decline request handling at early stage.
Then mod_proxy_wstunnel can implement that hook to verify that an Upgrade
is requested, and otherwise hand over to mod_proxy_http.
Submitted by: covener, ylavic
Reviewed by: jim, rpluem, jfclere
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1883534 13f79535-47bb-0310-9956-
ffa450edef68
-*- coding: utf-8 -*-
Changes with Apache 2.4.47
+ *) mod_proxy: Add proxy check_trans hook. This allows proxy
+ modules to decline request handling at early stage.
+
+ *) mod_proxy_wstunnel: Decline requests without an Upgrade
+ header so ws/wss can be enabled overlapping with later
+ http/https.
+
*) mod_http2: Log requests and sent the configured error response in case of
early detected errors like too many or too long headers.
[Ruediger Pluem, Stefan Eissing]
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- *) mod_http2: Remove .gitignore. It is not present in trunk and
- contains problematic entries for our tree (especially Makefile.in).
-
- 2.4.x patch: "svn rm modules/http2/.gitignore"
- +1 rjung, jim, rpluem, gbechis
- -1
-
- *) mod_proxy: Add proxy check_trans() hook and allow mod_proxy_wtunnel
- to step out of the way of mod_proxy_http.
- i.e.
-
- trunk patch: http://svn.apache.org/r1869399
- http://svn.apache.org/r1776290
- 2.4.x patch: http://people.apache.org/~covener/patches/wstunnel-decline.diff
- +1 covener, jim, rpluem, jfclere
-
*) core: Avoid a core dump if 'AllowOverride nonfatal' is used in a configuration
file.
Trunk version of patch:
* 20120211.92 (2.4.42-dev) AP_REG_NO_DEFAULT macro in ap_regex.h
* 20120211.93 (2.4.44-dev) Add ap_parse_strict_length()
* 20120211.94 (2.4.47-dev) Add ap_proxy_define_match_worker()
+ * 20120211.95 (2.4.47-dev) Add proxy check_trans hook
*/
#define MODULE_MAGIC_COOKIE 0x41503234UL /* "AP24" */
#ifndef MODULE_MAGIC_NUMBER_MAJOR
#define MODULE_MAGIC_NUMBER_MAJOR 20120211
#endif
-#define MODULE_MAGIC_NUMBER_MINOR 94 /* 0...n */
+#define MODULE_MAGIC_NUMBER_MINOR 95 /* 0...n */
/**
* Determine if the server's current MODULE_MAGIC_NUMBER is at least a
}
if (found) {
+ /* A proxy module is assigned this URL, check whether it's interested
+ * in the request itself (e.g. proxy_wstunnel cares about Upgrade
+ * requests only, and could hand over to proxy_http otherwise).
+ */
+ int rc = proxy_run_check_trans(r, found + 6);
+ if (rc != OK && rc != DECLINED) {
+ return DONE;
+ }
+
r->filename = found;
r->handler = "proxy-server";
r->proxyreq = PROXYREQ_REVERSE;
APR_HOOK_LINK(pre_request)
APR_HOOK_LINK(post_request)
APR_HOOK_LINK(request_status)
+ APR_HOOK_LINK(check_trans)
)
APR_IMPLEMENT_EXTERNAL_HOOK_RUN_FIRST(proxy, PROXY, int, scheme_handler,
char *url, const char *proxyhost,
apr_port_t proxyport),(r,worker,conf,
url,proxyhost,proxyport),DECLINED)
+APR_IMPLEMENT_EXTERNAL_HOOK_RUN_FIRST(proxy, PROXY, int, check_trans,
+ (request_rec *r, const char *url),
+ (r, url), DECLINED)
APR_IMPLEMENT_EXTERNAL_HOOK_RUN_FIRST(proxy, PROXY, int, canon_handler,
(request_rec *r, char *url),(r,
url),DECLINED)
(request_rec *r, proxy_worker *worker,
proxy_server_conf *conf, char *url,
const char *proxyhost, apr_port_t proxyport))
+APR_DECLARE_EXTERNAL_HOOK(proxy, PROXY, int, check_trans,
+ (request_rec *r, const char *url))
APR_DECLARE_EXTERNAL_HOOK(proxy, PROXY, int, canon_handler,
(request_rec *r, char *url))
module AP_MODULE_DECLARE_DATA proxy_wstunnel_module;
+static int proxy_wstunnel_check_trans(request_rec *r, const char *url)
+{
+ if (ap_cstr_casecmpn(url, "ws:", 3) != 0
+ && ap_cstr_casecmpn(url, "wss:", 4) != 0) {
+ return DECLINED;
+ }
+
+ if (!apr_table_get(r->headers_in, "Upgrade")) {
+ /* No Upgrade, let mod_proxy_http handle it (for instance).
+ * Note: anything but OK/DECLINED will do (i.e. bypass wstunnel w/o
+ * aborting the request), HTTP_UPGRADE_REQUIRED is documentary...
+ */
+ return HTTP_UPGRADE_REQUIRED;
+ }
+
+ return OK;
+}
+
/*
* Canonicalise http-like URLs.
* scheme is the scheme for the URL
static void ap_proxy_http_register_hook(apr_pool_t *p)
{
- proxy_hook_scheme_handler(proxy_wstunnel_handler, NULL, NULL, APR_HOOK_FIRST);
- proxy_hook_canon_handler(proxy_wstunnel_canon, NULL, NULL, APR_HOOK_FIRST);
+ static const char * const aszSucc[] = { "mod_proxy_http.c", NULL};
+ proxy_hook_scheme_handler(proxy_wstunnel_handler, NULL, aszSucc, APR_HOOK_FIRST);
+ proxy_hook_check_trans(proxy_wstunnel_check_trans, NULL, aszSucc, APR_HOOK_MIDDLE);
+ proxy_hook_canon_handler(proxy_wstunnel_canon, NULL, aszSucc, APR_HOOK_FIRST);
}
AP_DECLARE_MODULE(proxy_wstunnel) = {
projects / thirdparty / apache / httpd.git / commitdiff
