From: Yann Ylavic Date: Wed, 15 Dec 2021 11:35:36 +0000 (+0000) Subject: mod_proxy: follow up to r1895921: Don't prevent forwarding URIs w/ no hostname. X-Git-Tag: 2.5.0-alpha2-ci-test-only~642 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=15a5cde91626a68425f7f5e215f5a816dbb956f7;p=thirdparty%2Fapache%2Fhttpd.git mod_proxy: follow up to r1895921: Don't prevent forwarding URIs w/ no hostname. r1895921 changed proxy_detect() to disable forward proxying for URIs with no hostname which is wrong, there might exist a third-party proxy module handling the "urn:" scheme for instance (thanks Roy for the catch!). For this to work, we also need to leave the forward proxied URI alone in ap_proxy_pre_request() with no UDS special case or alike, a proxy module can then catch (or not) the original URI as expected. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1895981 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/modules/proxy/mod_proxy.c b/modules/proxy/mod_proxy.c index b0dc09ecdf1..27f31185787 100644 --- a/modules/proxy/mod_proxy.c +++ b/modules/proxy/mod_proxy.c @@ -781,9 +781,10 @@ static int proxy_detect(request_rec *r) /* Ick... msvc (perhaps others) promotes ternary short results to int */ - if (conf->req && r->parsed_uri.scheme && r->parsed_uri.hostname) { + if (conf->req && r->parsed_uri.scheme) { /* but it might be something vhosted */ - if (ap_cstr_casecmp(r->parsed_uri.scheme, ap_http_scheme(r)) != 0 + if (!r->parsed_uri.hostname + || ap_cstr_casecmp(r->parsed_uri.scheme, ap_http_scheme(r)) != 0 || !ap_matches_request_vhost(r, r->parsed_uri.hostname, (apr_port_t)(r->parsed_uri.port_str ? r->parsed_uri.port diff --git a/modules/proxy/mod_proxy.h b/modules/proxy/mod_proxy.h index f0f09947886..9ba736d01f1 100644 --- a/modules/proxy/mod_proxy.h +++ b/modules/proxy/mod_proxy.h @@ -768,6 +768,7 @@ PROXY_DECLARE(int) ap_proxy_worker_can_upgrade(apr_pool_t *p, #define AP_PROXY_WORKER_IS_PREFIX (1u << 0) #define AP_PROXY_WORKER_IS_MATCH (1u << 1) #define AP_PROXY_WORKER_IS_MALLOCED (1u << 2) +#define AP_PROXY_WORKER_NO_UDS (1u << 3) /** * Get the worker from proxy configuration, looking for either PREFIXED or diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c index f4adfe55426..b77b92f7b8f 100644 --- a/modules/proxy/proxy_util.c +++ b/modules/proxy/proxy_util.c @@ -1734,9 +1734,11 @@ PROXY_DECLARE(proxy_worker *) ap_proxy_get_worker_ex(apr_pool_t *p, return NULL; } - url = ap_proxy_de_socketfy(p, url); - if (!url) { - return NULL; + if (!(mask & AP_PROXY_WORKER_NO_UDS)) { + url = ap_proxy_de_socketfy(p, url); + if (!url) { + return NULL; + } } c = ap_strchr_c(url, ':'); @@ -2319,18 +2321,20 @@ PROXY_DECLARE(int) ap_proxy_pre_request(proxy_worker **worker, access_status = proxy_run_pre_request(worker, balancer, r, conf, url); if (access_status == DECLINED && *balancer == NULL) { - *worker = ap_proxy_get_worker(r->pool, NULL, conf, *url); + const int forward = (r->proxyreq == PROXYREQ_PROXY); + *worker = ap_proxy_get_worker_ex(r->pool, NULL, conf, *url, + forward ? AP_PROXY_WORKER_NO_UDS : 0); if (*worker) { ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r, "%s: found worker %s for %s", (*worker)->s->scheme, (*worker)->s->name, *url); *balancer = NULL; - if (!fix_uds_filename(r, url)) { + if (!forward && !fix_uds_filename(r, url)) { return HTTP_INTERNAL_SERVER_ERROR; } access_status = OK; } - else if (r->proxyreq == PROXYREQ_PROXY) { + else if (forward) { if (conf->forward) { ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r, "*: found forward proxy worker for %s", *url);