From: Ruediger Pluem Date: Sat, 25 Apr 2009 10:04:21 +0000 (+0000) Subject: Merge r764239 from trunk: X-Git-Tag: 2.2.12~155 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=50760bc0dc93dfa3ba851087e7cb057f45a2af43;p=thirdparty%2Fapache%2Fhttpd.git Merge r764239 from trunk: * Check more strictly that the backend follows the AJP protocol. Submitted by: mturk Reviewed by: rpluem, jim, jfclere git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@768507 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 013398d3cf0..5fecdafcee1 100644 --- a/CHANGES +++ b/CHANGES @@ -5,6 +5,9 @@ Changes with Apache 2.2.12 mod_proxy_ajp: Avoid delivering content from a previous request which failed to send a request body. PR 46949 [Ruediger Pluem] + *) mod_proxy_ajp: Check more strictly that the backend follows the AJP + protocol. [Mladen Turk] + *) mod_ssl: Add SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN directives to enable stricter checking of remote server certificates. [Ruediger Pluem] diff --git a/STATUS b/STATUS index 0f4d79ef9ba..360b4e780d3 100644 --- a/STATUS +++ b/STATUS @@ -87,12 +87,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - * mod_proxy_ajp: Check more strictly that the backend follows the AJP protocol. - Trunk version of patch: - http://svn.apache.org/viewvc?rev=764239&view=rev - Backport version for 2.2.x of patch: - Trunk version of patch works - +1: rpluem, jim, jfclere PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ New proposals should be added at the end of the list ] diff --git a/modules/proxy/mod_proxy_ajp.c b/modules/proxy/mod_proxy_ajp.c index 6601cb2c886..66693aa9bfe 100644 --- a/modules/proxy/mod_proxy_ajp.c +++ b/modules/proxy/mod_proxy_ajp.c @@ -180,6 +180,7 @@ static int ap_proxy_ajp_request(apr_pool_t *p, request_rec *r, int backend_failed = 0; apr_off_t bb_len; int data_sent = 0; + int request_ended = 0; int headers_sent = 0; int rv = 0; apr_int32_t conn_poll_fd; @@ -415,6 +416,15 @@ static int ap_proxy_ajp_request(apr_pool_t *p, request_rec *r, } break; case CMD_AJP13_SEND_HEADERS: + if (headers_sent) { + /* Do not send anything to the client. + * Backend already send us the headers. + */ + backend_failed = 1; + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, + "proxy: Backend sent headers twice."); + break; + } /* AJP13_SEND_HEADERS: process them */ status = ajp_parse_header(r, conf, conn->data); if (status != APR_SUCCESS) { @@ -480,6 +490,7 @@ static int ap_proxy_ajp_request(apr_pool_t *p, request_rec *r, } /* XXX: what about flush here? See mod_jk */ data_sent = 1; + request_ended = 1; break; default: backend_failed = 1; @@ -536,6 +547,17 @@ static int ap_proxy_ajp_request(apr_pool_t *p, request_rec *r, rv = DONE; } } + else if (!request_ended) { + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, + "proxy: Processing of request didn't terminate cleanly"); + /* We had a failure: Close connection to backend */ + conn->close++; + backend_failed = 1; + /* Return DONE to avoid error messages being added to the stream */ + if (data_sent) { + rv = DONE; + } + } else { ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, "proxy: got response from %pI (%s)",