FreeBSD Bugzilla – Attachment 121683 Details for
Bug 164711
www/apache22 2.2.22 proxy connect patch update
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
apache22.patch
apache22.patch (text/plain), 11.68 KB, created by
freebsd
on 2012-02-02 16:40:10 UTC
(
hide
)
Description:
apache22.patch
Filename:
MIME Type:
Creator:
freebsd
Created:
2012-02-02 16:40:10 UTC
Size:
11.68 KB
patch
obsolete
>diff -Naur apache22.old/Makefile.options apache22/Makefile.options >--- apache22.old/Makefile.options 2011-04-01 10:50:00.000000000 +0200 >+++ apache22/Makefile.options 2012-02-02 17:16:56.000000000 +0100 >@@ -65,7 +65,6 @@ > VERSION "Enable mod_version" ON \ > PROXY "Enable mod_proxy" OFF \ > PROXY_CONNECT "Enable mod_proxy_connect" OFF \ >- PATCH_PROXY_CONNECT "Patch proxy_connect SSL support" ON \ > PROXY_FTP "Enable mod_proxy_ftp" OFF \ > PROXY_HTTP "Enable mod_proxy_http" OFF \ > PROXY_AJP "Enable mod_proxy_ajp" OFF \ >diff -Naur apache22.old/files/patch-modules__proxy__mod_proxy_connect.c apache22/files/patch-modules__proxy__mod_proxy_connect.c >--- apache22.old/files/patch-modules__proxy__mod_proxy_connect.c 2010-05-07 02:02:15.000000000 +0200 >+++ apache22/files/patch-modules__proxy__mod_proxy_connect.c 2012-02-02 17:15:38.000000000 +0100 >@@ -1,5 +1,5 @@ >---- ./modules/proxy/mod_proxy_connect.c.orig 2009-11-19 09:07:46.000000000 -0500 >-+++ ./modules/proxy/mod_proxy_connect.c 2010-05-06 19:37:54.227730259 -0400 >+--- ./modules/proxy/mod_proxy_connect.c.orig 2010-12-08 20:31:34.000000000 +0100 >++++ ./modules/proxy/mod_proxy_connect.c 2012-02-02 17:12:20.000000000 +0100 > @@ -21,6 +21,8 @@ > #include "mod_proxy.h" > #include "apr_poll.h" >@@ -25,27 +25,27 @@ > + do { > + apr_brigade_cleanup(bb); > + rv = ap_get_brigade(c_i->input_filters, bb, AP_MODE_READBYTES, >-+ APR_NONBLOCK_READ, CONN_BLKSZ); >++ APR_NONBLOCK_READ, CONN_BLKSZ); > + if (rv == APR_SUCCESS) { >-+ if (APR_BRIGADE_EMPTY(bb)) >++ if (APR_BRIGADE_EMPTY(bb)) > + break; > +#ifdef DEBUGGING >-+ len = -1; >-+ apr_brigade_length(bb, 0, &len); >-+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, >++ len = -1; >++ apr_brigade_length(bb, 0, &len); >++ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, > + "proxy: CONNECT: read %" APR_OFF_T_FMT > + " bytes from %s", len, name); > +#endif >-+ rv = ap_pass_brigade(c_o->output_filters, bb); >-+ if (rv == APR_SUCCESS) { >++ rv = ap_pass_brigade(c_o->output_filters, bb); >++ if (rv == APR_SUCCESS) { > + ap_fflush(c_o->output_filters, bb); >-+ } else { >++ } else { > + ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, >-+ "proxy: CONNECT: error on %s - ap_pass_brigade", >-+ name); >-+ } >++ "proxy: CONNECT: error on %s - ap_pass_brigade", >++ name); >++ } > + } else if (!APR_STATUS_IS_EAGAIN(rv)) { >-+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, rv, r, >++ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, rv, r, > + "proxy: CONNECT: error on %s - ap_get_brigade", > + name); > + } >@@ -69,8 +69,7 @@ > + > + apr_bucket_brigade *bb = apr_brigade_create(p, c->bucket_alloc); > apr_status_t err, rv; >-- apr_size_t i, o, nbytes; >-+ apr_size_t nbytes; >+ apr_size_t i, o, nbytes; > char buffer[HUGE_STRING_LEN]; > - apr_socket_t *client_socket = ap_get_module_config(r->connection->conn_config, &core_module); > - int failed; >@@ -85,25 +84,25 @@ > default: > - /* XXX can we call ap_proxyerror() here to get a nice log message? */ > - return HTTP_FORBIDDEN; >-+ return ap_proxyerror(r, HTTP_FORBIDDEN, "Connect to remote machine blocked"); >++ return ap_proxyerror(r, HTTP_FORBIDDEN, "Connect to remote machine blocked"); > } > } else if(!allowed_port(conf, uri.port)) { > - /* XXX can we call ap_proxyerror() here to get a nice log message? */ > - return HTTP_FORBIDDEN; >-+ return ap_proxyerror(r, HTTP_FORBIDDEN, "Connect to remote machine blocked"); >++ return ap_proxyerror(r, HTTP_FORBIDDEN, "Connect to remote machine blocked"); > } > > /* >-@@ -205,18 +253,57 @@ >+@@ -205,19 +253,57 @@ > } > } > > + /* setup polling for connection */ > + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, >-+ "proxy: CONNECT: setting up poll()"); >++ "proxy: CONNECT: setting up poll()"); > + > + if ((rv = apr_pollset_create(&pollset, 2, r->pool, 0)) != APR_SUCCESS) { >-+ apr_socket_close(sock); >++ apr_socket_close(sock); > + ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, > + "proxy: CONNECT: error apr_pollset_create()"); > + return HTTP_INTERNAL_SERVER_ERROR; >@@ -133,74 +132,76 @@ > - */ > - r->output_filters = NULL; > - r->connection->output_filters = NULL; >+- > + backconn = ap_run_create_connection(c->pool, r->server, sock, >-+ c->id, c->sbh, c->bucket_alloc); >++ c->id, c->sbh, c->bucket_alloc); > + if (!backconn) { >-+ /* peer reset */ >-+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, >-+ "proxy: an error occurred creating a new connection " >-+ "to %pI (%s)", connect_addr, connectname); >-+ apr_socket_close(sock); >-+ return HTTP_INTERNAL_SERVER_ERROR; >-+ } >-+ ap_proxy_ssl_disable(backconn); >-+ rc = ap_run_pre_connection(backconn, sock); >-+ if (rc != OK && rc != DONE) { >-+ backconn->aborted = 1; >-+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, >-+ "proxy: CONNECT: pre_connection setup failed (%d)", rc); >-+ return HTTP_INTERNAL_SERVER_ERROR; >-+ } >-+ >++ /* peer reset */ >++ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, >++ "proxy: an error occurred creating a new connection " >++ "to %pI (%s)", connect_addr, connectname); >++ apr_socket_close(sock); >++ return HTTP_INTERNAL_SERVER_ERROR; >++ } >++ ap_proxy_ssl_disable(backconn); >++ rc = ap_run_pre_connection(backconn, sock); >++ if (rc != OK && rc != DONE) { >++ backconn->aborted = 1; > + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, >-+ "proxy: CONNECT: connection complete to %pI (%s)", >-+ connect_addr, connectname); >- >++ "proxy: CONNECT: pre_connection setup failed (%d)", rc); >++ return HTTP_INTERNAL_SERVER_ERROR; >++ } >++ >++ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, >++ "proxy: CONNECT: connection complete to %pI (%s)", >++ connect_addr, connectname); > > /* If we are connecting through a remote proxy, we need to pass >-@@ -227,12 +314,11 @@ >+ * the CONNECT request on to it. >+@@ -227,12 +313,11 @@ > */ > ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, > "proxy: CONNECT: sending the CONNECT request to the remote proxy"); > - nbytes = apr_snprintf(buffer, sizeof(buffer), >-+ ap_fprintf(backconn->output_filters, bb, >++ ap_fprintf(backconn->output_filters, bb, > "CONNECT %s HTTP/1.0" CRLF, r->uri); > - apr_socket_send(sock, buffer, &nbytes); > - nbytes = apr_snprintf(buffer, sizeof(buffer), > - "Proxy-agent: %s" CRLF CRLF, ap_get_server_banner()); > - apr_socket_send(sock, buffer, &nbytes); >-+ ap_fprintf(backconn->output_filters, bb, >-+ "Proxy-agent: %s" CRLF CRLF, ap_get_server_version()); >-+ ap_fflush(backconn->output_filters, bb); >++ ap_fprintf(backconn->output_filters, bb, >++ "Proxy-agent: %s" CRLF CRLF, ap_get_server_version()); >++ ap_fflush(backconn->output_filters, bb); > } > else { > ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, >-@@ -240,11 +326,12 @@ >+@@ -240,11 +325,12 @@ > nbytes = apr_snprintf(buffer, sizeof(buffer), > "HTTP/1.0 200 Connection Established" CRLF); > ap_xlate_proto_to_ascii(buffer, nbytes); > - apr_socket_send(client_socket, buffer, &nbytes); >-+ ap_fwrite(c->output_filters, bb, buffer, nbytes); >++ ap_fwrite(c->output_filters, bb, buffer, nbytes); > nbytes = apr_snprintf(buffer, sizeof(buffer), > "Proxy-agent: %s" CRLF CRLF, ap_get_server_banner()); > ap_xlate_proto_to_ascii(buffer, nbytes); > - apr_socket_send(client_socket, buffer, &nbytes); > + ap_fwrite(c->output_filters, bb, buffer, nbytes); >-+ ap_fflush(c->output_filters, bb); >++ ap_fflush(c->output_filters, bb); > #if 0 > /* This is safer code, but it doesn't work yet. I'm leaving it > * here so that I can fix it later. >-@@ -265,27 +352,15 @@ >+@@ -264,28 +350,16 @@ >+ * > * Handle two way transfer of data over the socket (this is a tunnel). > */ >++ /* we are now acting as a tunnel - the input/output filter stacks should >++ * not contain any non-connection filters. >++ */ >++ r->output_filters = c->output_filters; >++ r->proto_output_filters = c->output_filters; >++ r->input_filters = c->input_filters; >++ r->proto_input_filters = c->input_filters; > >-+ /* we are now acting as a tunnel - the input/output filter stacks should >-+ * not contain any non-connection filters. >-+ */ >-+ r->output_filters = c->output_filters; >-+ r->proto_output_filters = c->output_filters; >-+ r->input_filters = c->input_filters; >-+ r->proto_input_filters = c->input_filters; > /* r->sent_bodyct = 1;*/ > > - if ((rv = apr_pollset_create(&pollset, 2, r->pool, 0)) != APR_SUCCESS) { >@@ -224,8 +225,8 @@ > - > while (1) { /* Infinite loop until error (one side closes the connection) */ > if ((rv = apr_pollset_poll(pollset, -1, &pollcnt, &signalled)) != APR_SUCCESS) { >- apr_socket_close(sock); >-@@ -294,7 +369,7 @@ >+ if (APR_STATUS_IS_EINTR(rv)) { >+@@ -297,7 +371,7 @@ > } > #ifdef DEBUGGING > ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, >@@ -234,13 +235,13 @@ > #endif > > for (pi = 0; pi < pollcnt; pi++) { >-@@ -304,72 +379,32 @@ >+@@ -307,72 +381,31 @@ > pollevent = cur->rtnevents; > if (pollevent & APR_POLLIN) { > #ifdef DEBUGGING > - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, > - "proxy: CONNECT: sock was set"); >-+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, >++ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r, > + "proxy: CONNECT: sock was readable"); > #endif > - nbytes = sizeof(buffer); >@@ -267,9 +268,9 @@ > } > - else > - break; >-+ else if ((pollevent & APR_POLLERR) || (pollevent & APR_POLLHUP)) { >-+ rv = APR_EPIPE; >-+ ap_log_rerror(APLOG_MARK, APLOG_NOTICE, 0, r, "proxy: CONNECT: err/hup on backconn"); >++ else if ((pollevent & APR_POLLERR) || (pollevent & APR_POLLHUP)) { >++ rv = APR_EPIPE; >++ ap_log_rerror(APLOG_MARK, APLOG_NOTICE, 0, r, "proxy: CONNECT: err/hup on backconn"); > } > - else if ((pollevent & APR_POLLERR) || (pollevent & APR_POLLHUP)) > - break; >@@ -289,8 +290,8 @@ > -#ifdef DEBUGGING > - ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, > - "proxy: CONNECT: read %d from client", i); >-+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, >-+ "proxy: CONNECT: client was readable"); >++ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r, >++ "proxy: CONNECT: client was readable"); > #endif > - while(i > 0) > - { >@@ -310,18 +311,17 @@ > - rv = APR_EOF; > - break; > } >-+ else { >-+ rv = APR_EBADF; >-+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, >-+ "proxy: CONNECT: unknown socket in pollset"); >++ else { >++ rv = APR_EBADF; >++ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, >++ "proxy: CONNECT: unknown socket in pollset"); > } > - else > - break; >-+ > } > if (rv != APR_SUCCESS) { > break; >-@@ -385,7 +420,9 @@ >+@@ -388,7 +421,9 @@ > * Close the socket and clean up > */
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=121683">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 164711
: 121683