#include "mod_proxy.h"
#include "mod_core.h"
+#include "apr_optional.h"
+
extern module AP_MODULE_DECLARE_DATA proxy_module;
#ifndef MAX
{NULL}
};
+APR_DECLARE_OPTIONAL_FN(int, ssl_proxy_enable, (conn_rec *));
+
+static APR_OPTIONAL_FN_TYPE(ssl_proxy_enable) *proxy_ssl_enable = NULL;
+
+int ap_proxy_ssl_enable(conn_rec *c)
+{
+ /*
+ * if c == NULL just check if the optional function was imported
+ * else run the optional function so ssl filters are inserted
+ */
+ if (proxy_ssl_enable) {
+ return c ? proxy_ssl_enable(c) : 1;
+ }
+
+ return 0;
+}
+
static void register_hooks(apr_pool_t *p)
{
/* handler */
ap_hook_fixups(proxy_fixup, NULL, NULL, APR_HOOK_FIRST);
/* post read_request handling */
ap_hook_post_read_request(proxy_detect, NULL, NULL, APR_HOOK_FIRST);
+
+ proxy_ssl_enable = APR_RETRIEVE_OPTIONAL_FN(ssl_proxy_enable);
}
module AP_MODULE_DECLARE_DATA proxy_module =
conn_rec *connection;
char *hostname;
apr_port_t port;
+ int is_ssl;
} proxy_conn_rec;
typedef struct {
PROXY_DECLARE(void) ap_proxy_reset_output_filters(conn_rec *c);
PROXY_DECLARE(void) ap_proxy_table_unmerge(apr_pool_t *p, apr_table_t *t, char *key);
PROXY_DECLARE(int) ap_proxy_connect_to_backend(apr_socket_t **, const char *, apr_sockaddr_t *, const char *, proxy_server_conf *, server_rec *, apr_pool_t *);
+PROXY_DECLARE(int) ap_proxy_ssl_enable(conn_rec *c);
#endif /*MOD_PROXY_H*/
backend->hostname = apr_pstrdup(c->pool, p_conn->name);
backend->port = p_conn->port;
+ if (backend->is_ssl) {
+ ap_proxy_ssl_enable(backend->connection);
+ }
+
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: connection complete to %pI (%s)",
p_conn->addr, p_conn->name);
char server_portstr[32];
conn_rec *origin = NULL;
proxy_conn_rec *backend = NULL;
+ int is_ssl = 0;
/* Note: Memory pool allocation.
* A downstream keepalive connection is always connected to the existence
sizeof(*p_conn));
/* is it for us? */
- if (strncasecmp(url, "http:", 5)) {
+ if (strncasecmp(url, "https:", 6) == 0) {
+ if (!ap_proxy_ssl_enable(NULL)) {
+ ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
+ "proxy: HTTPS: declining URL %s"
+ " (mod_ssl not configured?)", url);
+ return DECLINED;
+ }
+ is_ssl = 1;
+ }
+ else if (strncasecmp(url, "http:", 5)) {
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r->server,
"proxy: HTTP: declining URL %s", url);
return DECLINED; /* only interested in HTTP */
}
}
+ backend->is_ssl = is_ssl;
+
/* Step One: Determine Who To Connect To */
status = ap_proxy_http_determine_connection(p, r, p_conn, c, conf, uri,
&url, proxyname, proxyport,
projects / thirdparty / apache / httpd.git / commitdiff
