From: Sander Temme Date: Fri, 5 May 2006 04:17:36 +0000 (+0000) Subject: Add optional 'scheme://' prefix to ServerName directive. For X-Git-Tag: 2.3.0~2404 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=646a8ad3c8fbe91882b87b67cffb13292ad770b5;p=thirdparty%2Fapache%2Fhttpd.git Add optional 'scheme://' prefix to ServerName directive. For 'https', mod_http returns "https" for the ap_hook_http_scheme and DEFAULT_HTTPS_PORT for ap_hook_default_port. This fixes Redirect responses to requests for directories without a trailing slash when httpd runs behind a proxy or offload device that processes SSL. It also enables support for Subversion in that configuration. This change is completely backwards compatible and passes the perl-framework. Minor mmn bump because I add a field to server_rec. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@399947 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index c29ff3b6429..94832fe3072 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,15 @@ Changes with Apache 2.3.0 [Remove entries to the current 2.0 and 2.2 section below, when backported] + *) core, mod_http: add optional 'scheme://' prefix to ServerName directive. + For 'https', mod_http returns "https" for the ap_hook_http_scheme and + DEFAULT_HTTPS_PORT for ap_hook_default_port. This fixes Redirect + responses to requests for directories without a trailing slash when + httpd runs behind a proxy or offload device that processes SSL. It + also enables support for Subversion in that configuration. This change is + completely backwards compatible and passes the perl-framework. Minor + mmn bump because I add a field to server_rec. [Sander Temme] + *) mod_charset_lite: Bypass translation when the source and dest charsets are the same. [Jeff Trawick] @@ -139,7 +148,7 @@ Changes with Apache 2.2.1 non-SSL request is processed for an SSL vhost (such as the "HTTP request received on SSL port" error message when an 400 ErrorDocument is configured, or if using "SSLEngine optional"). - PR 37791. [Rüdiger Plüm, Joe Orton] + PR 37791. [Rüdiger Plüm, Joe Orton] *) SECURITY: CVE-2005-3352 (cve.mitre.org) mod_imagemap: Escape untrusted referer header before outputting diff --git a/include/ap_mmn.h b/include/ap_mmn.h index 9ea046da138..0298304bcf1 100644 --- a/include/ap_mmn.h +++ b/include/ap_mmn.h @@ -120,6 +120,7 @@ * 20060110.2 (2.3.0-dev) flush_packets and flush_wait members added to * proxy_server (minor) * 20060110.3 (2.3.0-dev) added inreslist member to proxy_conn_rec (minor) + * 20060110.4 (2.3.0-dev) Added server_scheme member to server_rec (minor) */ #define MODULE_MAGIC_COOKIE 0x41503234UL /* "AP24" */ @@ -127,7 +128,7 @@ #ifndef MODULE_MAGIC_NUMBER_MAJOR #define MODULE_MAGIC_NUMBER_MAJOR 20060110 #endif -#define MODULE_MAGIC_NUMBER_MINOR 3 /* 0...n */ +#define MODULE_MAGIC_NUMBER_MINOR 4 /* 0...n */ /** * Determine if the server's current MODULE_MAGIC_NUMBER is at least a diff --git a/include/httpd.h b/include/httpd.h index 8feaebb37bd..21dbc65d1e5 100644 --- a/include/httpd.h +++ b/include/httpd.h @@ -1197,6 +1197,9 @@ struct server_rec { int limit_req_fieldsize; /** limit on number of request header fields */ int limit_req_fields; + + /** The server request scheme for redirect responses */ + const char *server_scheme; }; typedef struct core_output_filter_ctx { diff --git a/modules/http/http_core.c b/modules/http/http_core.c index 09d14f25f52..5a14ada306f 100644 --- a/modules/http/http_core.c +++ b/modules/http/http_core.c @@ -99,11 +99,23 @@ static const command_rec http_cmds[] = { static const char *http_scheme(const request_rec *r) { + /* + * The http module shouldn't return anything other than + * "http" (the default) or "https". + */ + if (r->server->server_scheme && + (strcmp(r->server->server_scheme, "https") == 0)) + return "https"; + return "http"; } static apr_port_t http_port(const request_rec *r) { + if (r->server->server_scheme && + (strcmp(r->server->server_scheme, "https") == 0)) + return DEFAULT_HTTPS_PORT; + return DEFAULT_HTTP_PORT; } diff --git a/server/config.c b/server/config.c index 06c31f43219..01597f4c3a7 100644 --- a/server/config.c +++ b/server/config.c @@ -1855,6 +1855,7 @@ AP_CORE_DECLARE(const char *) ap_init_virtual_host(apr_pool_t *p, s->process = main_server->process; s->server_admin = NULL; s->server_hostname = NULL; + s->server_scheme = NULL; s->error_fname = NULL; s->timeout = 0; s->keep_alive_timeout = 0; @@ -1940,6 +1941,7 @@ static server_rec *init_server_config(process_rec *process, apr_pool_t *p) s->port = 0; s->server_admin = DEFAULT_ADMIN; s->server_hostname = NULL; + s->server_scheme = NULL; s->error_fname = DEFAULT_ERRORLOG; s->loglevel = DEFAULT_LOGLEVEL; s->limit_req_line = DEFAULT_LIMIT_REQUEST_LINE; diff --git a/server/core.c b/server/core.c index fee65b98cf2..c940bc944af 100644 --- a/server/core.c +++ b/server/core.c @@ -2225,20 +2225,41 @@ static const char *set_server_string_slot(cmd_parms *cmd, void *dummy, return NULL; } +/* + * The ServerName directive takes one argument with format + * [scheme://]fully-qualified-domain-name[:port], for instance + * ServerName www.example.com + * ServerName www.example.com:80 + * ServerName https://www.example.com:443 + */ + static const char *server_hostname_port(cmd_parms *cmd, void *dummy, const char *arg) { const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_LOC_FILE|NOT_IN_LIMIT); - const char *portstr; + core_server_config *conf; + const char *portstr, *part; + char *scheme; int port; if (err != NULL) { return err; } - portstr = ap_strchr_c(arg, ':'); + part = ap_strstr_c(arg, "://"); + + if (part) { + scheme = apr_pstrndup(cmd->pool, arg, part - arg); + ap_str_tolower(scheme); + cmd->server->server_scheme = (const char *)scheme; + part += 3; + } else { + part = arg; + } + + portstr = ap_strchr_c(part, ':'); if (portstr) { - cmd->server->server_hostname = apr_pstrndup(cmd->pool, arg, - portstr - arg); + cmd->server->server_hostname = apr_pstrndup(cmd->pool, part, + portstr - part); portstr++; port = atoi(portstr); if (port <= 0 || port >= 65536) { /* 65536 == 1<<16 */ @@ -2248,7 +2269,7 @@ static const char *server_hostname_port(cmd_parms *cmd, void *dummy, const char } } else { - cmd->server->server_hostname = apr_pstrdup(cmd->pool, arg); + cmd->server->server_hostname = apr_pstrdup(cmd->pool, part); port = 0; }