-*- coding: utf-8 -*-
Changes with Apache 2.2.3
+ *) Add optional 'scheme://' prefix to ServerName directive,
+ allowing correct determination of the canonical server URL
+ for use behind a proxy or offload device handling SSL; fixing
+ redirect generation in those cases. PR 33398. [Sander Temme]
+
+ *) Added server_scheme field to server_rec for above. Minor MMN bump.
+ [Sander Temme]
+
*) mod_cache: Make caching of reverse SSL proxies possible again. PR 39593.
[Ruediger Pluem, Joe Orton]
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * Add optional 'scheme://' part to ServerName directive for cases
- where httpd runs behind an external SSL processor and has to
- learn from its configuration how to generate correct
- self-referential URLs.
- Code:
- http://people.apache.org/~sctemme/servername_22x.patch
- Documentation:
- http://svn.apache.org/viewcvs.cgi?diff_format=h&view=rev&rev=406697
- +1 sctemme, rpluem, wrowe
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
* mod_isapi: Simply backport the host of fixes for compilation on unix,
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Hostname and port that the server uses to identify
itself</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ServerName <var>fully-qualified-domain-name</var>[:<var>port</var>]</code></td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ServerName [<var>scheme</var>://]<var>fully-qualified-domain-name</var>[:<var>port</var>]</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Core</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>core</td></tr>
directive supersedes the functionality of the <code class="directive">Port</code>
directive from version 1.3.</td></tr>
</table>
- <p>The <code class="directive">ServerName</code> directive sets the hostname and
+ <p>The <code class="directive">ServerName</code> directive sets the
+ request scheme, hostname and
port that the server uses to identify itself. This is used when
creating redirection URLs. For example, if the name of the
machine hosting the web server is <code>simple.example.com</code>,
<p>If no <code class="directive">ServerName</code> is specified, then the
server attempts to deduce the hostname by performing a reverse
lookup on the IP address. If no port is specified in the
- <code class="directive">ServerName</code>, then the server will use the port
- from the incoming
- request. For optimal reliability and predictability, you should
- specify an explicit hostname and port using the
- <code class="directive">ServerName</code> directive.</p>
+ <code class="directive">ServerName</code>, then the server will use the
+ port from the incoming request. For optimal reliability and
+ predictability, you should specify an explicit hostname and port
+ using the <code class="directive">ServerName</code> directive.</p>
<p>If you are using <a href="../vhosts/name-based.html">name-based virtual hosts</a>,
the <code class="directive">ServerName</code> inside a
section specifies what hostname must appear in the request's
<code>Host:</code> header to match this virtual host.</p>
+
+ <p>Sometimes, the server runs behind a device that processes SSL,
+ such as a reverse proxy, load balancer or SSL offload
+ appliance. When this is the case, specify the
+ <code>https://</code> scheme and the port number to which the
+ clients connect in the <code class="directive">ServerName</code> directive
+ to make sure that the server generates the correct
+ self-referential URLs.
+ </p>
+
<p>See the description of the
<code class="directive"><a href="#usecanonicalname">UseCanonicalName</a></code> and
<code class="directive"><a href="#usecanonicalphysicalport">UseCanonicalPhysicalPort</a></code>directives for
- settings which determine whether self-referential URL's (e.g., by the
+ settings which determine whether self-referential URLs (e.g., by the
<code class="module"><a href="../mod/mod_dir.html">mod_dir</a></code> module) will refer to the
specified port, or to the port number given in the client's request.
</p>
+
<h3>See also</h3>
<ul>
<li><a href="../dns-caveats.html">Issues Regarding DNS and
<name>ServerName</name>
<description>Hostname and port that the server uses to identify
itself</description>
-<syntax>ServerName <var>fully-qualified-domain-name</var>[:<var>port</var>]</syntax>
+<syntax>ServerName [<var>scheme</var>://]<var>fully-qualified-domain-name</var>[:<var>port</var>]</syntax>
<contextlist><context>server config</context><context>virtual host</context>
</contextlist>
<compatibility>In version 2.0, this
directive from version 1.3.</compatibility>
<usage>
- <p>The <directive>ServerName</directive> directive sets the hostname and
+ <p>The <directive>ServerName</directive> directive sets the
+ request scheme, hostname and
port that the server uses to identify itself. This is used when
creating redirection URLs. For example, if the name of the
machine hosting the web server is <code>simple.example.com</code>,
<p>If no <directive>ServerName</directive> is specified, then the
server attempts to deduce the hostname by performing a reverse
lookup on the IP address. If no port is specified in the
- <directive>ServerName</directive>, then the server will use the port
- from the incoming
- request. For optimal reliability and predictability, you should
- specify an explicit hostname and port using the
- <directive>ServerName</directive> directive.</p>
+ <directive>ServerName</directive>, then the server will use the
+ port from the incoming request. For optimal reliability and
+ predictability, you should specify an explicit hostname and port
+ using the <directive>ServerName</directive> directive.</p>
<p>If you are using <a
href="../vhosts/name-based.html">name-based virtual hosts</a>,
section specifies what hostname must appear in the request's
<code>Host:</code> header to match this virtual host.</p>
+
+ <p>Sometimes, the server runs behind a device that processes SSL,
+ such as a reverse proxy, load balancer or SSL offload
+ appliance. When this is the case, specify the
+ <code>https://</code> scheme and the port number to which the
+ clients connect in the <directive>ServerName</directive> directive
+ to make sure that the server generates the correct
+ self-referential URLs.
+ </p>
+
<p>See the description of the
<directive module="core">UseCanonicalName</directive> and
<directive module="core">UseCanonicalPhysicalPort</directive>directives for
- settings which determine whether self-referential URL's (e.g., by the
+ settings which determine whether self-referential URLs (e.g., by the
<module>mod_dir</module> module) will refer to the
specified port, or to the port number given in the client's request.
</p>
+
</usage>
<seealso><a href="../dns-caveats.html">Issues Regarding DNS and
<tr><td><a href="core.html#serveralias">ServerAlias <var>hostname</var> [<var>hostname</var>] ...</a></td><td></td><td>v</td><td>C</td></tr><tr><td class="descr" colspan="4">Alternate names for a host used when matching requests
to name-virtual hosts</td></tr>
<tr class="odd"><td><a href="mpm_common.html#serverlimit">ServerLimit <var>number</var></a></td><td></td><td>s</td><td>M</td></tr><tr class="odd"><td class="descr" colspan="4">Upper limit on configurable number of processes</td></tr>
-<tr><td><a href="core.html#servername">ServerName <var>fully-qualified-domain-name</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Hostname and port that the server uses to identify
+<tr><td><a href="core.html#servername">ServerName [<var>scheme</var>://]<var>fully-qualified-domain-name</var>[:<var>port</var>]</a></td><td></td><td>sv</td><td>C</td></tr><tr><td class="descr" colspan="4">Hostname and port that the server uses to identify
itself</td></tr>
<tr class="odd"><td><a href="core.html#serverpath">ServerPath <var>URL-path</var></a></td><td></td><td>v</td><td>C</td></tr><tr class="odd"><td class="descr" colspan="4">Legacy URL pathname for a name-based virtual host that
is accessed by an incompatible browser</td></tr>
* 20051115.1 (2.2.1) flush_packets and flush_wait members added to
* proxy_server (minor)
* 20051115.2 (2.2.2) added inreslist member to proxy_conn_rec (minor)
+ * 20051115.3 (2.2.3) Added server_scheme member to server_rec (minor)
*/
#define MODULE_MAGIC_COOKIE 0x41503232UL /* "AP22" */
#ifndef MODULE_MAGIC_NUMBER_MAJOR
#define MODULE_MAGIC_NUMBER_MAJOR 20051115
#endif
-#define MODULE_MAGIC_NUMBER_MINOR 2 /* 0...n */
+#define MODULE_MAGIC_NUMBER_MINOR 3 /* 0...n */
/**
* Determine if the server's current MODULE_MAGIC_NUMBER is at least a
int limit_req_fieldsize;
/** limit on number of request header fields */
int limit_req_fields;
+
+ /** The server request scheme for redirect responses */
+ const char *server_scheme;
};
typedef struct core_output_filter_ctx {
static const char *http_scheme(const request_rec *r)
{
+ /*
+ * The http module shouldn't return anything other than
+ * "http" (the default) or "https".
+ */
+ if (r->server->server_scheme &&
+ (strcmp(r->server->server_scheme, "https") == 0))
+ return "https";
+
return "http";
}
static apr_port_t http_port(const request_rec *r)
{
+ if (r->server->server_scheme &&
+ (strcmp(r->server->server_scheme, "https") == 0))
+ return DEFAULT_HTTPS_PORT;
+
return DEFAULT_HTTP_PORT;
}
s->process = main_server->process;
s->server_admin = NULL;
s->server_hostname = NULL;
+ s->server_scheme = NULL;
s->error_fname = NULL;
s->timeout = 0;
s->keep_alive_timeout = 0;
s->port = 0;
s->server_admin = DEFAULT_ADMIN;
s->server_hostname = NULL;
+ s->server_scheme = NULL;
s->error_fname = DEFAULT_ERRORLOG;
s->loglevel = DEFAULT_LOGLEVEL;
s->limit_req_line = DEFAULT_LIMIT_REQUEST_LINE;
return NULL;
}
+/*
+ * The ServerName directive takes one argument with format
+ * [scheme://]fully-qualified-domain-name[:port], for instance
+ * ServerName www.example.com
+ * ServerName www.example.com:80
+ * ServerName https://www.example.com:443
+ */
+
static const char *server_hostname_port(cmd_parms *cmd, void *dummy, const char *arg)
{
const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_LOC_FILE|NOT_IN_LIMIT);
- const char *portstr;
+ const char *portstr, *part;
+ char *scheme;
int port;
if (err != NULL) {
return err;
}
- portstr = ap_strchr_c(arg, ':');
+ part = ap_strstr_c(arg, "://");
+
+ if (part) {
+ scheme = apr_pstrmemdup(cmd->pool, arg, part - arg);
+ ap_str_tolower(scheme);
+ cmd->server->server_scheme = scheme;
+ part += 3;
+ } else {
+ part = arg;
+ }
+
+ portstr = ap_strchr_c(part, ':');
if (portstr) {
- cmd->server->server_hostname = apr_pstrndup(cmd->pool, arg,
- portstr - arg);
+ cmd->server->server_hostname = apr_pstrmemdup(cmd->pool, part,
+ portstr - part);
portstr++;
port = atoi(portstr);
if (port <= 0 || port >= 65536) { /* 65536 == 1<<16 */
}
}
else {
- cmd->server->server_hostname = apr_pstrdup(cmd->pool, arg);
+ cmd->server->server_hostname = apr_pstrdup(cmd->pool, part);
port = 0;
}
projects / thirdparty / apache / httpd.git / commitdiff
