From: Yann Ylavic <ylavic@apache.org>
Date: Thu, 19 Jul 2018 15:25:40 +0000 (+0000)
Subject: mod_proxy_hcheck: take balancer's SSLProxy* directives into account.
X-Git-Tag: 2.5.0-alpha2-ci-test-only~2456
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=98ca03954d4404652eb6a0a6eaf661dd8250474c;p=thirdparty%2Fapache%2Fhttpd.git

mod_proxy_hcheck: take balancer's SSLProxy* directives into account.

mod_proxy_hcheck was missing the merge of SSLProxy* directives defined by
balancer with the ones of the VirtualHost.

Since ap_proxy_connection_create_ex() needs a merged r->per_dir_config to apply
the correct SSL configuration, let's split create_request_rec() in two:
- create_request_rec() to only initialize the non-connection fields and merge
  balancer->section_config into r->per_dir_config,
- set_request_connection() to associate the connection with the request once
  it's been created from the merged configuration of the minimal request.

The issue was reported on the users@ mailing list:
https://lists.apache.org/thread.html/895cf250104b081b789101b1086b71a26d9c337db7123c5a552b7c69@%3Cusers.httpd.apache.org%3E


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1836276 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/proxy/mod_proxy_hcheck.c b/modules/proxy/mod_proxy_hcheck.c
index 0265b4ab979..0ee68452650 100644
--- a/modules/proxy/mod_proxy_hcheck.c
+++ b/modules/proxy/mod_proxy_hcheck.c
@@ -70,6 +70,7 @@ typedef struct {
 typedef struct {
     apr_pool_t *ptemp;
     sctx_t *ctx;
+    proxy_balancer *balancer;
     proxy_worker *worker;
     proxy_worker *hc;
     apr_time_t now;
@@ -330,16 +331,22 @@ static const char *set_hc_tpsize (cmd_parms *cmd, void *dummy, const char *arg)
  * Use our short-lived pool for bucket_alloc so that we can simply move
  * buckets and use them after the backend connection is released.
  */
-static request_rec *create_request_rec(apr_pool_t *p, conn_rec *conn, const char *method)
+static request_rec *create_request_rec(apr_pool_t *p, server_rec *s,
+                                       proxy_balancer *balancer,
+                                       const char *method)
 {
     request_rec *r;
-    apr_bucket_alloc_t *ba;
+
     r = apr_pcalloc(p, sizeof(request_rec));
-    ba = apr_bucket_alloc_create(p);
     r->pool            = p;
-    r->connection      = conn;
-    r->connection->bucket_alloc = ba;
-    r->server          = conn->base_server;
+    r->server          = s;
+
+    r->per_dir_config = r->server->lookup_defaults;
+    if (balancer->section_config) {
+        r->per_dir_config = ap_merge_per_dir_configs(r->pool,
+                                                     r->per_dir_config,
+                                                     balancer->section_config);
+    }
 
     r->proxyreq        = PROXYREQ_RESPONSE;
 
@@ -356,16 +363,9 @@ static request_rec *create_request_rec(apr_pool_t *p, conn_rec *conn, const char
     r->trailers_out    = apr_table_make(r->pool, 1);
     r->notes           = apr_table_make(r->pool, 5);
 
-    r->kept_body       = apr_brigade_create(r->pool, r->connection->bucket_alloc);
     r->request_config  = ap_create_request_config(r->pool);
     /* Must be set before we run create request hook */
 
-    r->proto_output_filters = conn->output_filters;
-    r->output_filters  = r->proto_output_filters;
-    r->proto_input_filters = conn->input_filters;
-    r->input_filters   = r->proto_input_filters;
-    r->per_dir_config  = r->server->lookup_defaults;
-
     r->sent_bodyct     = 0;                      /* bytect isn't for body */
 
     r->read_length     = 0;
@@ -379,9 +379,6 @@ static request_rec *create_request_rec(apr_pool_t *p, conn_rec *conn, const char
      */
     r->used_path_info = AP_REQ_DEFAULT_PATH_INFO;
 
-    r->useragent_addr = conn->client_addr;
-    r->useragent_ip = conn->client_ip;
-
 
     /* Time to populate r with the data we have. */
     r->method = method;
@@ -403,6 +400,19 @@ static request_rec *create_request_rec(apr_pool_t *p, conn_rec *conn, const char
     return r;
 }
 
+static void set_request_connection(request_rec *r, conn_rec *conn)
+{
+    conn->bucket_alloc = apr_bucket_alloc_create(r->pool);
+    r->connection = conn;
+
+    r->kept_body = apr_brigade_create(r->pool, conn->bucket_alloc);
+    r->output_filters = r->proto_output_filters = conn->output_filters;
+    r->input_filters = r->proto_input_filters = conn->input_filters;
+
+    r->useragent_addr = conn->client_addr;
+    r->useragent_ip = conn->client_ip;
+}
+
 static void create_hcheck_req(wctx_t *wctx, proxy_worker *hc,
                               apr_pool_t *p)
 {
@@ -752,13 +762,14 @@ static apr_status_t hc_check_http(baton_t *baton)
         return backend_cleanup("HCOH", backend, ctx->s, status);
     }
 
+    r = create_request_rec(ptemp, ctx->s, baton->balancer, wctx->method);
     if (!backend->connection) {
-        if ((status = ap_proxy_connection_create("HCOH", backend, NULL, ctx->s)) != OK) {
+        if ((status = ap_proxy_connection_create_ex("HCOH", backend, r)) != OK) {
             return backend_cleanup("HCOH", backend, ctx->s, status);
         }
     }
+    set_request_connection(r, backend->connection);
 
-    r = create_request_rec(ptemp, backend->connection, wctx->method);
     bb = apr_brigade_create(r->pool, r->connection->bucket_alloc);
 
     if ((status = hc_send(r, wctx->req, bb)) != OK) {
@@ -942,6 +953,7 @@ static apr_status_t hc_watchdog_callback(int state, void *data,
                             baton = apr_palloc(ptemp, sizeof(baton_t));
                             baton->ctx = ctx;
                             baton->now = now;
+                            baton->balancer = balancer;
                             baton->worker = worker;
                             baton->ptemp = ptemp;
                             baton->hc = hc_get_hcworker(ctx, worker, ptemp);