Return-Path: Delivered-To: apache-cvs-archive@hyperreal.org Received: (qmail 26526 invoked by uid 6000); 11 Jan 2000 14:13:53 -0000 Received: (qmail 26510 invoked by uid 2016); 11 Jan 2000 14:13:51 -0000 Delivered-To: apcore-apache-1.3-cvs@apache.org Received: (qmail 26507 invoked by uid 124); 11 Jan 2000 14:13:50 -0000 Date: 11 Jan 2000 14:13:50 -0000 Message-ID: <20000111141350.26506.qmail@hyperreal.org> From: ben@hyperreal.org To: apache-1.3-cvs@apache.org Subject: cvs commit: apache-1.3/src/modules/standard mod_mime.c Sender: apache-cvs-owner@apache.org Precedence: bulk Reply-To: new-httpd@apache.org ben 00/01/11 06:13:50 Modified: src CHANGES src/include httpd.h src/main http_core.c http_protocol.c http_request.c src/modules/proxy mod_proxy.c mod_proxy.h proxy_ftp.c proxy_http.c proxy_util.c src/modules/standard mod_mime.c Log: Don't convert auth to proxy auth when it shouldn't be. Revision Changes Path 1.1491 +4 -0 apache-1.3/src/CHANGES Index: CHANGES =================================================================== RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v retrieving revision 1.1490 retrieving revision 1.1491 diff -u -r1.1490 -r1.1491 --- CHANGES 2000/01/10 21:33:06 1.1490 +++ CHANGES 2000/01/11 14:13:37 1.1491 @@ -1,5 +1,9 @@ Changes with Apache 1.3.10 + *) ProxyPass erroneously converted authentication requests to proxy + authentication requests. Fixed. + [Ben Laurie] + *) Reverse a patch which broke HPUX shared builds. Basically we comment out the SHLIB_SUFFIX_NAME=sl line in Configure. [Ryan Bloom] 1.298 +7 -1 apache-1.3/src/include/httpd.h Index: httpd.h =================================================================== RCS file: /export/home/cvs/apache-1.3/src/include/httpd.h,v retrieving revision 1.297 retrieving revision 1.298 diff -u -r1.297 -r1.298 --- httpd.h 1999/12/09 12:05:02 1.297 +++ httpd.h 2000/01/11 14:13:39 1.298 @@ -658,6 +658,12 @@ #include "util_uri.h" +enum proxyreqtype { + NOT_PROXY=0, + STD_PROXY, + PROXY_PASS +}; + struct request_rec { ap_pool *pool; @@ -681,7 +687,7 @@ char *the_request; /* First line of request, so we can log it */ int assbackwards; /* HTTP/0.9, "simple" request */ - int proxyreq; /* A proxy request (calculated during + enum proxyreqtype proxyreq;/* A proxy request (calculated during * post_read_request or translate_name) */ int header_only; /* HEAD request, as opposed to GET */ char *protocol; /* Protocol, as given to us, or HTTP/0.9 */ 1.277 +1 -1 apache-1.3/src/main/http_core.c Index: http_core.c =================================================================== RCS file: /export/home/cvs/apache-1.3/src/main/http_core.c,v retrieving revision 1.276 retrieving revision 1.277 diff -u -r1.276 -r1.277 --- http_core.c 1999/12/21 07:52:55 1.276 +++ http_core.c 2000/01/11 14:13:40 1.277 @@ -2956,7 +2956,7 @@ void *sconf = r->server->module_config; core_server_config *conf = ap_get_module_config(sconf, &core_module); - if (r->proxyreq) { + if (r->proxyreq != NOT_PROXY) { return HTTP_FORBIDDEN; } if ((r->uri[0] != '/') && strcmp(r->uri, "*")) { 1.286 +8 -5 apache-1.3/src/main/http_protocol.c Index: http_protocol.c =================================================================== RCS file: /export/home/cvs/apache-1.3/src/main/http_protocol.c,v retrieving revision 1.285 retrieving revision 1.286 diff -u -r1.285 -r1.286 --- http_protocol.c 2000/01/04 10:20:39 1.285 +++ http_protocol.c 2000/01/11 14:13:41 1.286 @@ -1162,7 +1162,8 @@ ap_note_auth_failure(r); else ap_table_setn(r->err_headers_out, - r->proxyreq ? "Proxy-Authenticate" : "WWW-Authenticate", + r->proxyreq == STD_PROXY ? "Proxy-Authenticate" + : "WWW-Authenticate", ap_pstrcat(r->pool, "Basic realm=\"", ap_auth_name(r), "\"", NULL)); } @@ -1170,7 +1171,8 @@ API_EXPORT(void) ap_note_digest_auth_failure(request_rec *r) { ap_table_setn(r->err_headers_out, - r->proxyreq ? "Proxy-Authenticate" : "WWW-Authenticate", + r->proxyreq == STD_PROXY ? "Proxy-Authenticate" + : "WWW-Authenticate", ap_psprintf(r->pool, "Digest realm=\"%s\", nonce=\"%lu\"", ap_auth_name(r), r->request_time)); } @@ -1178,8 +1180,9 @@ API_EXPORT(int) ap_get_basic_auth_pw(request_rec *r, const char **pw) { const char *auth_line = ap_table_get(r->headers_in, - r->proxyreq ? "Proxy-Authorization" - : "Authorization"); + r->proxyreq == STD_PROXY + ? "Proxy-Authorization" + : "Authorization"); const char *t; if (!(t = ap_auth_type(r)) || strcasecmp(t, "Basic")) @@ -1352,7 +1355,7 @@ /* mod_proxy is only HTTP/1.0, so avoid sending HTTP/1.1 error response; * kluge around broken browsers when indicated by force-response-1.0 */ - if (r->proxyreq + if (r->proxyreq != NOT_PROXY || (r->proto_num == HTTP_VERSION(1,0) && ap_table_get(r->subprocess_env, "force-response-1.0"))) { 1.152 +7 -6 apache-1.3/src/main/http_request.c Index: http_request.c =================================================================== RCS file: /export/home/cvs/apache-1.3/src/main/http_request.c,v retrieving revision 1.151 retrieving revision 1.152 diff -u -r1.151 -r1.152 --- http_request.c 1999/11/09 18:02:19 1.151 +++ http_request.c 2000/01/11 14:13:41 1.152 @@ -983,7 +983,7 @@ * about proxy authentication. They treat it like normal auth, and then * we tweak the status. */ - if (r->status == AUTH_REQUIRED && r->proxyreq) { + if (r->status == AUTH_REQUIRED && r->proxyreq == STD_PROXY) { r->status = HTTP_PROXY_AUTHENTICATION_REQUIRED; } @@ -1088,7 +1088,7 @@ int access_status; /* Ignore embedded %2F's in path for proxy requests */ - if (!r->proxyreq && r->parsed_uri.path) { + if (r->proxyreq == NOT_PROXY && r->parsed_uri.path) { access_status = ap_unescape_url(r->parsed_uri.path); if (access_status) { ap_die(access_status, r); @@ -1108,7 +1108,7 @@ return; } - if (!r->proxyreq) { + if (r->proxyreq == NOT_PROXY) { /* * We don't want TRACE to run through the normal handler set, we * handle it specially. @@ -1176,8 +1176,9 @@ case SATISFY_ANY: if (((access_status = ap_check_access(r)) != 0) || !ap_auth_type(r)) { if (!ap_some_auth_required(r)) { - decl_die(access_status ? access_status : HTTP_INTERNAL_SERVER_ERROR, ap_auth_type(r) - ? "check access" + decl_die(access_status ? access_status : + HTTP_INTERNAL_SERVER_ERROR, + ap_auth_type(r) ? "check access" : "perform authentication. AuthType not set!", r); return; } @@ -1197,7 +1198,7 @@ break; } - if (! (r->proxyreq + if (! (r->proxyreq != NOT_PROXY && r->parsed_uri.scheme != NULL && strcmp(r->parsed_uri.scheme, "http") == 0) ) { if ((access_status = ap_find_types(r)) != 0) { 1.68 +8 -8 apache-1.3/src/modules/proxy/mod_proxy.c Index: mod_proxy.c =================================================================== RCS file: /export/home/cvs/apache-1.3/src/modules/proxy/mod_proxy.c,v retrieving revision 1.67 retrieving revision 1.68 diff -u -r1.67 -r1.68 --- mod_proxy.c 1999/10/21 20:45:01 1.67 +++ mod_proxy.c 2000/01/11 14:13:43 1.68 @@ -153,7 +153,7 @@ && !strcasecmp(r->parsed_uri.scheme, ap_http_method(r)) && ap_matches_request_vhost(r, r->parsed_uri.hostname, r->parsed_uri.port_str ? r->parsed_uri.port : ap_default_port(r)))) { - r->proxyreq = 1; + r->proxyreq = STD_PROXY; r->uri = r->unparsed_uri; r->filename = ap_pstrcat(r->pool, "proxy:", r->uri, NULL); r->handler = "proxy-server"; @@ -163,7 +163,7 @@ else if (conf->req && r->method_number == M_CONNECT && r->parsed_uri.hostname && r->parsed_uri.port_str) { - r->proxyreq = 1; + r->proxyreq = STD_PROXY; r->uri = r->unparsed_uri; r->filename = ap_pstrcat(r->pool, "proxy:", r->uri, NULL); r->handler = "proxy-server"; @@ -179,7 +179,7 @@ int i, len; struct proxy_alias *ent = (struct proxy_alias *) conf->aliases->elts; - if (r->proxyreq) { + if (r->proxyreq != NOT_PROXY) { /* someone has already set up the proxy, it was possibly ourselves * in proxy_detect */ @@ -198,7 +198,7 @@ r->filename = ap_pstrcat(r->pool, "proxy:", ent[i].real, r->uri + len, NULL); r->handler = "proxy-server"; - r->proxyreq = 1; + r->proxyreq = PROXY_PASS; return OK; } } @@ -215,7 +215,7 @@ { char *url, *p; - if (!r->proxyreq || strncmp(r->filename, "proxy:", 6) != 0) + if (r->proxyreq == NOT_PROXY || strncmp(r->filename, "proxy:", 6) != 0) return DECLINED; url = &r->filename[6]; @@ -252,7 +252,7 @@ const char *ref; /* We only want to worry about GETs */ - if (!r->proxyreq || r->method_number != M_GET || !r->parsed_uri.hostname) + if (r->proxyreq == NOT_PROXY || r->method_number != M_GET || !r->parsed_uri.hostname) return DECLINED; /* If host does contain a dot already, or it is "localhost", decline */ @@ -296,7 +296,7 @@ int direct_connect = 0; const char *maxfwd_str; - if (!r->proxyreq || strncmp(r->filename, "proxy:", 6) != 0) + if (r->proxyreq == NOT_PROXY || strncmp(r->filename, "proxy:", 6) != 0) return DECLINED; if (r->method_number == M_TRACE && @@ -304,7 +304,7 @@ int maxfwd = strtol(maxfwd_str, NULL, 10); if (maxfwd < 1) { int access_status; - r->proxyreq = 0; + r->proxyreq = NOT_PROXY; if ((access_status = ap_send_http_trace(r))) ap_die(access_status, r); else 1.46 +1 -1 apache-1.3/src/modules/proxy/mod_proxy.h Index: mod_proxy.h =================================================================== RCS file: /export/home/cvs/apache-1.3/src/modules/proxy/mod_proxy.h,v retrieving revision 1.45 retrieving revision 1.46 diff -u -r1.45 -r1.46 --- mod_proxy.h 1999/12/09 12:05:06 1.45 +++ mod_proxy.h 2000/01/11 14:13:44 1.46 @@ -293,7 +293,7 @@ int ap_proxy_hex2c(const char *x); void ap_proxy_c2hex(int ch, char *x); char *ap_proxy_canonenc(pool *p, const char *x, int len, enum enctype t, - int isenc); + enum proxyreqtype isenc); char *ap_proxy_canon_netloc(pool *p, char **const urlp, char **userp, char **passwordp, char **hostp, int *port); const char *ap_proxy_date_canon(pool *p, const char *x); 1.81 +6 -5 apache-1.3/src/modules/proxy/proxy_ftp.c Index: proxy_ftp.c =================================================================== RCS file: /export/home/cvs/apache-1.3/src/modules/proxy/proxy_ftp.c,v retrieving revision 1.80 retrieving revision 1.81 diff -u -r1.80 -r1.81 --- proxy_ftp.c 1999/12/09 12:05:06 1.80 +++ proxy_ftp.c 2000/01/11 14:13:45 1.81 @@ -136,7 +136,8 @@ strp = strchr(url, ';'); if (strp != NULL) { *(strp++) = '\0'; - parms = ap_proxy_canonenc(p, strp, strlen(strp), enc_parm, r->proxyreq); + parms = ap_proxy_canonenc(p, strp, strlen(strp), enc_parm, + r->proxyreq); if (parms == NULL) return HTTP_BAD_REQUEST; } @@ -149,15 +150,15 @@ if (!ftp_check_string(path)) return HTTP_BAD_REQUEST; - if (!r->proxyreq && r->args != NULL) { + if (r->proxyreq == NOT_PROXY && r->args != NULL) { if (strp != NULL) { - strp = ap_proxy_canonenc(p, r->args, strlen(r->args), enc_parm, 1); + strp = ap_proxy_canonenc(p, r->args, strlen(r->args), enc_parm, STD_PROXY); if (strp == NULL) return HTTP_BAD_REQUEST; parms = ap_pstrcat(p, parms, "?", strp, NULL); } else { - strp = ap_proxy_canonenc(p, r->args, strlen(r->args), enc_fpath, 1); + strp = ap_proxy_canonenc(p, r->args, strlen(r->args), enc_fpath, STD_PROXY); if (strp == NULL) return HTTP_BAD_REQUEST; path = ap_pstrcat(p, path, "?", strp, NULL); @@ -416,7 +417,7 @@ */ static int ftp_unauthorized (request_rec *r, int log_it) { - r->proxyreq = 0; + r->proxyreq = NOT_PROXY; /* Log failed requests if they supplied a password * (log username/password guessing attempts) */ 1.66 +2 -1 apache-1.3/src/modules/proxy/proxy_http.c Index: proxy_http.c =================================================================== RCS file: /export/home/cvs/apache-1.3/src/modules/proxy/proxy_http.c,v retrieving revision 1.65 retrieving revision 1.66 diff -u -r1.65 -r1.66 --- proxy_http.c 1999/12/08 23:02:52 1.65 +++ proxy_http.c 2000/01/11 14:13:45 1.66 @@ -97,7 +97,8 @@ search = r->args; /* process path */ - path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, r->proxyreq); + path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, + r->proxyreq); if (path == NULL) return HTTP_BAD_REQUEST; 1.83 +3 -3 apache-1.3/src/modules/proxy/proxy_util.c Index: proxy_util.c =================================================================== RCS file: /export/home/cvs/apache-1.3/src/modules/proxy/proxy_util.c,v retrieving revision 1.82 retrieving revision 1.83 diff -u -r1.82 -r1.83 --- proxy_util.c 1999/12/08 23:02:56 1.82 +++ proxy_util.c 2000/01/11 14:13:47 1.83 @@ -134,8 +134,8 @@ * and encodes those which must be encoded, and does not touch * those which must not be touched. */ -char * - ap_proxy_canonenc(pool *p, const char *x, int len, enum enctype t, int isenc) +char *ap_proxy_canonenc(pool *p, const char *x, int len, enum enctype t, + enum proxyreqtype isenc) { int i, j, ch; char *y; @@ -177,7 +177,7 @@ continue; } /* decode it if not already done */ - if (isenc && ch == '%') { + if (isenc != NOT_PROXY && ch == '%') { if (!ap_isxdigit(x[i + 1]) || !ap_isxdigit(x[i + 2])) return NULL; ch = ap_proxy_hex2c(&x[i + 1]); 1.53 +2 -1 apache-1.3/src/modules/standard/mod_mime.c Index: mod_mime.c =================================================================== RCS file: /export/home/cvs/apache-1.3/src/modules/standard/mod_mime.c,v retrieving revision 1.52 retrieving revision 1.53 diff -u -r1.52 -r1.53 --- mod_mime.c 1999/12/13 14:17:37 1.52 +++ mod_mime.c 2000/01/11 14:13:49 1.53 @@ -626,7 +626,8 @@ } /* Check for a special handler, but not for proxy request */ - if ((type = ap_table_get(conf->handlers, ext)) && !r->proxyreq) { + if ((type = ap_table_get(conf->handlers, ext)) + && r->proxyreq == NOT_PROXY) { r->handler = type; found = 1; }