httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From n..@apache.org
Subject svn commit: r582635 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS docs/manual/mod/mod_proxy.xml modules/proxy/mod_proxy.c modules/proxy/mod_proxy.h
Date Sun, 07 Oct 2007 14:14:35 GMT
Author: niq
Date: Sun Oct  7 07:14:32 2007
New Revision: 582635

URL: http://svn.apache.org/viewvc?rev=582635&view=rev
Log:
Backport r581117
Default to NOT setting Max-Forwards in violation of RFC2616
PR 16137

Modified:
    httpd/httpd/branches/2.2.x/CHANGES
    httpd/httpd/branches/2.2.x/STATUS
    httpd/httpd/branches/2.2.x/docs/manual/mod/mod_proxy.xml
    httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy.c
    httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy.h

Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=582635&r1=582634&r2=582635&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Sun Oct  7 07:14:32 2007
@@ -1,6 +1,11 @@
                                                         -*- coding: utf-8 -*-
 Changes with Apache 2.2.7
 
+  *) mod_proxy: Don't by default violate RFC2616 by setting
+     Max-Forwards when the client didn't send it to us.
+     Leave that as a configuration option.
+     PR 16137 [Nick Kew]
+
   *) scoreboard: improve error message on apr_shm_create failure
      PR 40037 [Nick Kew]
 

Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=582635&r1=582634&r2=582635&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Sun Oct  7 07:14:32 2007
@@ -79,15 +79,6 @@
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-   * mod_proxy: Don't by default violate RFC2616 by setting
-     Max-Forwards when the client didn't send it to us.
-     PR 16137
-     http://svn.apache.org/viewvc?view=rev&revision=581117 (code)
-     http://svn.apache.org/viewvc?view=rev&revision=581253 (docs)
-     +1: niq, rpluem, trawick (who assumes that the "/2.3" in "default
-         behaviour changed in 2.2.7/2.3" will be stripped from trunk 
-         and 2.2.x as part of the backport operation)
-
 PATCHES PROPOSED TO BACKPORT FROM TRUNK:
   [ New proposals should be added at the end of the list ]
 

Modified: httpd/httpd/branches/2.2.x/docs/manual/mod/mod_proxy.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/docs/manual/mod/mod_proxy.xml?rev=582635&r1=582634&r2=582635&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/docs/manual/mod/mod_proxy.xml (original)
+++ httpd/httpd/branches/2.2.x/docs/manual/mod/mod_proxy.xml Sun Oct  7 07:14:32 2007
@@ -1080,20 +1080,29 @@
 <description>Maximium number of proxies that a request can be forwarded
 through</description>
 <syntax>ProxyMaxForwards <var>number</var></syntax>
-<default>ProxyMaxForwards 10</default>
+<default>ProxyMaxForwards -1</default>
 <contextlist><context>server config</context><context>virtual host</context>
 </contextlist>
-<compatibility>Available in Apache 2.0 and later</compatibility>
+<compatibility>Available in Apache 2.0 and later;
+	default behaviour changed in 2.2.7</compatibility>
 
 <usage>
     <p>The <directive>ProxyMaxForwards</directive> directive specifies
the
     maximum number of proxies through which a request may pass, if there's no
-    <code>Max-Forwards</code> header supplied with the request. This is
-    set to prevent infinite proxy loops, or a DoS attack.</p>
+    <code>Max-Forwards</code> header supplied with the request. This may
+    be set to prevent infinite proxy loops, or a DoS attack.</p>
 
     <example><title>Example</title>
       ProxyMaxForwards 15
     </example>
+
+    <p>Note that setting <directive>ProxyMaxForwards</directive> is a
+    violation of the HTTP/1.1 protocol (RFC2616), which forbids a Proxy
+    setting <code>Max-Forwards</code> if the Client didn't set it.
+    Earlier Apache versions would always set it.  A negative
+    <directive>ProxyMaxForwards</directive> value, including the
+    default -1, gives you protocol-compliant behaviour, but may
+    leave you open to loops.</p>
 </usage>
 </directivesynopsis>
 

Modified: httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy.c?rev=582635&r1=582634&r2=582635&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy.c (original)
+++ httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy.c Sun Oct  7 07:14:32 2007
@@ -692,8 +692,10 @@
         /* set configured max-forwards */
         maxfwd = conf->maxfwd;
     }
-    apr_table_set(r->headers_in, "Max-Forwards",
-                  apr_psprintf(r->pool, "%ld", (maxfwd > 0) ? maxfwd : 0));
+    if (maxfwd > 0) {
+        apr_table_set(r->headers_in, "Max-Forwards",
+                      apr_psprintf(r->pool, "%ld", (maxfwd > 0) ? maxfwd : 0));
+    }
 
     if (r->method_number == M_TRACE) {
         core_server_config *coreconf = (core_server_config *)
@@ -1440,9 +1442,6 @@
     proxy_server_conf *psf =
     ap_get_module_config(parms->server->module_config, &proxy_module);
     long s = atol(arg);
-    if (s < 0) {
-        return "ProxyMaxForwards must be greater or equal to zero..";
-    }
 
     psf->maxfwd = s;
     psf->maxfwd_set = 1;

Modified: httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy.h
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy.h?rev=582635&r1=582634&r2=582635&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy.h (original)
+++ httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy.h Sun Oct  7 07:14:32 2007
@@ -94,7 +94,10 @@
 #endif /*APR_CHARSET_EBCDIC*/
 
 /* default Max-Forwards header setting */
-#define DEFAULT_MAX_FORWARDS    10
+/* Set this to -1, which complies with RFC2616 by not setting
+ * max-forwards if the client didn't send it to us.
+ */
+#define DEFAULT_MAX_FORWARDS    -1
 
 /* static information about a remote proxy */
 struct proxy_remote {



Mime
View raw message