* requested, such that mod_ssl can check if it is requested to do
* so.
*/
- if (backend->ssl_hostname) {
- apr_table_setn(backend->connection->notes,
- "proxy-request-hostname",
- backend->ssl_hostname);
+ if (is_ssl) {
+ proxy_dir_conf *dconf;
+ const char *ssl_hostname;
+
+ /*
+ * In the case of ProxyPreserveHost on use the hostname of
+ * the request if present otherwise use the one from the
+ * backend request URI.
+ */
+ dconf = ap_get_module_config(r->per_dir_config, &proxy_module);
+ if ((dconf->preserve_host != 0) && (r->hostname != NULL)) {
+ ssl_hostname = r->hostname;
+ }
+ else {
+ ssl_hostname = uri->hostname;
+ }
+
+ apr_table_set(backend->connection->notes, "proxy-request-hostname",
+ ssl_hostname);
}
/* Step Three-and-a-Half: See if the socket is still connected (if
{
conn->sock = NULL;
conn->connection = NULL;
- conn->ssl_hostname = NULL;
apr_pool_clear(conn->scpool);
}
return ap_proxyerror(r, HTTP_FORBIDDEN,
"Connect to remote machine blocked");
}
- /*
- * When SSL is configured, determine the hostname (SNI) for the request
- * and save it in conn->ssl_hostname. Close any reused connection whose
- * SNI differs.
- */
- if (conn->is_ssl) {
- proxy_dir_conf *dconf;
- const char *ssl_hostname;
- /*
- * In the case of ProxyPreserveHost on use the hostname of
- * the request if present otherwise use the one from the
- * backend request URI.
- */
- dconf = ap_get_module_config(r->per_dir_config, &proxy_module);
- if (dconf->preserve_host) {
- ssl_hostname = r->hostname;
- }
- else {
- ssl_hostname = conn->hostname;
- }
- if (conn->ssl_hostname != NULL &&
- (!ssl_hostname || strcasecmp(conn->ssl_hostname,
- ssl_hostname) != 0)) {
- socket_cleanup(conn);
- }
- if (conn->ssl_hostname == NULL) {
- conn->ssl_hostname = apr_pstrdup(conn->scpool, ssl_hostname);
- }
- }
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(00947)
"connected %s to %s:%d", *url, conn->hostname, conn->port);
return OK;
projects / thirdparty / apache / httpd.git / commitdiff
