httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ch...@apache.org
Subject cvs commit: httpd-2.0/server protocol.c
Date Fri, 16 Mar 2001 07:28:09 GMT
chuck       01/03/15 23:28:09

  Modified:    .        CHANGES
               include  httpd.h
               modules/aaa mod_auth_digest.c
               modules/http http_request.c mod_mime.c
               modules/mappers mod_rewrite.c
               server   protocol.c
  Log:
  This is a fix that went into v1.3 quite a while back, but not into v2.0.
  It sorts out the problem when a password protected reverse proxy URL
  sends a Proxy-Authenticate to a browser instead of a WWW-Authenticate.
  
  This patch covers the changes to the httpd-2.0 tree.
  
  Submitted by:	Graham Leggett
  Reviewed by:	Chuck Murcko
  
  Revision  Changes    Path
  1.133     +4 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.132
  retrieving revision 1.133
  diff -u -r1.132 -r1.133
  --- CHANGES	2001/03/16 04:17:37	1.132
  +++ CHANGES	2001/03/16 07:28:01	1.133
  @@ -37,6 +37,10 @@
        entire content.  It is far safer to just remove the C-L as long
        as we are scanning it.  [Ryan Bloom]
   
  +  *) Make sure Apache sends WWW-Authenticate during a reverse proxy
  +     request and not Proxy-Authenticate.
  +     [Graham Leggett <minfrin@sharp.fm>]
  +
   Changes with Apache 2.0.14
   
     *) Fix content-length computation.  We ONLY compute a content-length if
  
  
  
  1.143     +13 -1     httpd-2.0/include/httpd.h
  
  Index: httpd.h
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/include/httpd.h,v
  retrieving revision 1.142
  retrieving revision 1.143
  diff -u -r1.142 -r1.143
  --- httpd.h	2001/03/11 23:24:56	1.142
  +++ httpd.h	2001/03/16 07:28:03	1.143
  @@ -615,7 +615,9 @@
       char *the_request;
       /** HTTP/0.9, "simple" request */
       int assbackwards;
  -    /** A proxy request (calculated during post_read_request/translate_name) */
  +    /** A proxy request (calculated during post_read_request/translate_name)
  +     *  possible values PROXYREQ_NONE, PROXYREQ_PROXY, PROXYREQ_REVERSE
  +     */
       int proxyreq;
       /** HEAD request, as opposed to GET */
       int header_only;
  @@ -806,6 +808,16 @@
    * binary compatibility for some other reason.
    */
   };
  +
  +/** Possible values of request_rec->proxyreq. A request could be normal,
  + *  proxied or reverse proxied. Normally proxied and reverse proxied are
  + *  grouped together as just "proxied", but sometimes it's necessary to
  + *  tell the difference between the two, such as for authentication.
  + */
  +
  +#define PROXYREQ_NONE 0
  +#define PROXYREQ_PROXY 1
  +#define PROXYREQ_REVERSE 2
   
   
   /** Structure to store things which are per connection */
  
  
  
  1.44      +3 -3      httpd-2.0/modules/aaa/mod_auth_digest.c
  
  Index: mod_auth_digest.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/aaa/mod_auth_digest.c,v
  retrieving revision 1.43
  retrieving revision 1.44
  diff -u -r1.43 -r1.44
  --- mod_auth_digest.c	2001/03/01 00:55:03	1.43
  +++ mod_auth_digest.c	2001/03/16 07:28:04	1.44
  @@ -854,7 +854,7 @@
       char *key, *value;
   
       auth_line = apr_table_get(r->headers_in,
  -			     r->proxyreq ? "Proxy-Authorization"
  +			     (PROXYREQ_PROXY == r->proxyreq) ? "Proxy-Authorization"
   					 : "Authorization");
       if (!auth_line) {
   	resp->auth_hdr_sts = NO_HEADER;
  @@ -1322,7 +1322,7 @@
       }
   
       apr_table_mergen(r->err_headers_out,
  -		    r->proxyreq ? "Proxy-Authenticate" : "WWW-Authenticate",
  +		    (PROXYREQ_PROXY == r->proxyreq) ? "Proxy-Authenticate" : "WWW-Authenticate",
   		    apr_psprintf(r->pool, "Digest realm=\"%s\", nonce=\"%s\", "
   					 "algorithm=%s%s%s%s%s",
   				ap_auth_name(r), nonce, conf->algorithm,
  @@ -2050,7 +2050,7 @@
   
       if (ai && ai[0])
   	apr_table_mergen(r->headers_out,
  -			r->proxyreq ? "Proxy-Authentication-Info"
  +			(PROXYREQ_PROXY == r->proxyreq) ? "Proxy-Authentication-Info"
   				    : "Authentication-Info",
   			ai);
       return OK;
  
  
  
  1.92      +1 -1      httpd-2.0/modules/http/http_request.c
  
  Index: http_request.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/http/http_request.c,v
  retrieving revision 1.91
  retrieving revision 1.92
  diff -u -r1.91 -r1.92
  --- http_request.c	2001/03/05 04:43:56	1.91
  +++ http_request.c	2001/03/16 07:28:05	1.92
  @@ -135,7 +135,7 @@
        * about proxy authentication.  They treat it like normal auth, and then
        * we tweak the status.
        */
  -    if (r->status == HTTP_UNAUTHORIZED && r->proxyreq) {
  +    if (HTTP_UNAUTHORIZED == r->status && PROXYREQ_PROXY == r->proxyreq)
{
           r->status = HTTP_PROXY_AUTHENTICATION_REQUIRED;
       }
   
  
  
  
  1.41      +1 -4      httpd-2.0/modules/http/mod_mime.c
  
  Index: mod_mime.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/http/mod_mime.c,v
  retrieving revision 1.40
  retrieving revision 1.41
  diff -u -r1.40 -r1.41
  --- mod_mime.c	2001/02/25 00:51:31	1.40
  +++ mod_mime.c	2001/03/16 07:28:06	1.41
  @@ -720,10 +720,7 @@
   
           /* Check for a special handler, but not for proxy request */
           if ((type = apr_table_get(conf->handlers, ext))
  -#if 0	
  -	/* XXX fix me when the proxy code is updated */
  -	    && r->proxyreq == NOT_PROXY) 
  -#endif
  +	    && (PROXYREQ_NONE == r->proxyreq) 
           ) {
               r->handler = type;
               found = 1;
  
  
  
  1.76      +2 -2      httpd-2.0/modules/mappers/mod_rewrite.c
  
  Index: mod_rewrite.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/mappers/mod_rewrite.c,v
  retrieving revision 1.75
  retrieving revision 1.76
  diff -u -r1.75 -r1.76
  --- mod_rewrite.c	2001/03/09 20:30:33	1.75
  +++ mod_rewrite.c	2001/03/16 07:28:07	1.76
  @@ -1127,7 +1127,7 @@
               }
   
               /* now make sure the request gets handled by the proxy handler */
  -            r->proxyreq = 1;
  +            r->proxyreq = PROXYREQ_REVERSE;
               r->handler  = "proxy-server";
   
               rewritelog(r, 1, "go-ahead with proxy request %s [OK]",
  @@ -1378,7 +1378,7 @@
               }
   
               /* now make sure the request gets handled by the proxy handler */
  -            r->proxyreq = 1;
  +            r->proxyreq = PROXYREQ_REVERSE;
               r->handler  = "proxy-server";
   
               rewritelog(r, 1, "[per-dir %s] go-ahead with proxy request "
  
  
  
  1.6       +3 -3      httpd-2.0/server/protocol.c
  
  Index: protocol.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/protocol.c,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- protocol.c	2001/03/16 04:17:38	1.5
  +++ protocol.c	2001/03/16 07:28:08	1.6
  @@ -1081,7 +1081,7 @@
           ap_note_auth_failure(r);
       else
           apr_table_setn(r->err_headers_out,
  -                  r->proxyreq ? "Proxy-Authenticate" : "WWW-Authenticate",
  +                  (PROXYREQ_PROXY == r->proxyreq) ? "Proxy-Authenticate" : "WWW-Authenticate",
                     apr_pstrcat(r->pool, "Basic realm=\"", ap_auth_name(r), "\"",
                             NULL));
   }
  @@ -1089,7 +1089,7 @@
   AP_DECLARE(void) ap_note_digest_auth_failure(request_rec *r)
   {
       apr_table_setn(r->err_headers_out,
  -	    r->proxyreq ? "Proxy-Authenticate" : "WWW-Authenticate",
  +	    (PROXYREQ_PROXY == r->proxyreq) ? "Proxy-Authenticate" : "WWW-Authenticate",
   	    apr_psprintf(r->pool, "Digest realm=\"%s\", nonce=\"%llx\"",
   		ap_auth_name(r), r->request_time));
   }
  @@ -1097,7 +1097,7 @@
   AP_DECLARE(int) ap_get_basic_auth_pw(request_rec *r, const char **pw)
   {
       const char *auth_line = apr_table_get(r->headers_in,
  -                                      r->proxyreq ? "Proxy-Authorization"
  +                                      (PROXYREQ_PROXY == r->proxyreq) ? "Proxy-Authorization"
                                                     : "Authorization");
       const char *t;
   
  
  
  

Mime
View raw message