httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matthew Hodgson <matt...@mxtelecom.com>
Subject <Directory proxy:> fails to inherit per_dir_config on 1.3
Date Fri, 19 Nov 2004 15:59:11 GMT
I'm not sure whether this is a bug or a feature, but I've found myself 
needing to combine ProxyPass with http authentication on a legacy Apache 1.3 
box (which I'm unfortunately not in a position to upgrade to Apache 2 yet).

If I specify something like:

ProxyRequests off

ProxyPass / http://localhost:9998/
ProxyPassReverse / http://localhost:9998/

<Directory proxy:http://localhost:9998>
	AuthType Basic
	<Limit GET POST>
	    	Order deny,allow
	    	Deny from all
	    	require group foobar
	    	Satisfy Any
	</Limit>
</Directory>

none of the Auth configuration from the <Directory /> of either the server's 
base config or the enclosing vhost is inherited.  This means that I have to 
copy & paste the rather extensive mod_*_auth config commands for each 
proxied Directory and maintain them individually.  I cannot include them 
from a separate file as because dirsection() doesn't seem to follow Include 
statements.

This seems wrong, especially as adding another Directory section along the 
lines of

<Directory proxy:http://localhost:9998/topsecret>
	AuthType Basic
	<Limit GET POST>
	    	Order deny,allow
	    	Deny from all
	    	require group admin
	    	Satisfy Any
	</Limit>
</Directory>

inherits the auth from the 'parent' proxy definition correctly.

I realise there is an inconsistency in how <Directory proxy:> would know 
which non-special <Directory> sections to inherit from - it'd have to 
crossreference the ProxyPass to see where the 'virtual' proxy paths would 
sit on the real filesystem, and the whole thing is incompatible with the 
idea of rewriting r->filename to be proxy:http://hostname/path internally 
anyway.

However, all I want to do is inherit per_dir_config for the <Directory 
proxy:> from the enclosing vhost or server root Directory, rather than the 
default null config.

Alternatively, is there any way to juse use <Directory /foo> to set config 
on the virtual directory /foo as exposed by the ProxyPass?

I've experimented a little in trying to merge the 'topmost' <Directory> 
section's config into <Directory proxy:> sections:

diff -rup apache_1.3.33/src/main/http_config.c 
apache_1.3.33-mjh/src/main/http_config.c
--- apache_1.3.33/src/main/http_config.c        2004-11-19 
15:43:37.000000000 +0000
+++ apache_1.3.33-mjh/src/main/http_config.c    2004-11-19 
15:42:40.000000000 +0000
@@ -1531,6 +1531,36 @@ static void fixup_virtual_hosts(pool *p,
      ap_core_reorder_directories(p, main_server);
  }

+
+static void fixup_proxypass_config(pool *p, server_rec *server)
+{
+    core_server_config *sconf = ap_get_module_config(server->module_config,
+                                                     &core_module);
+    void **sec = (void **) sconf->sec->elts;
+    int num_sec = sconf->sec->nelts;
+    int j;
+
+    void *this_conf, *entry_config;
+    core_dir_config *entry_core;
+
+    for (j = 1; j < num_sec; ++j) {
+
+        entry_config = sec[j];
+        entry_core = (core_dir_config *)
+            ap_get_module_config(entry_config, &core_module);
+
+        if (!strncmp(entry_core->d, "proxy:", 6)) {
+            /* merge in config from the 'top-level' <Directory> section */
+            entry_config = ap_merge_per_dir_configs(p,
+                                                    sec[0],
+                                                    entry_config
+                                                    );
+            sec[j] = entry_config;
+        }
+    }
+}
+
+
  /*****************************************************************
   *
   * Getting *everything* configured...
@@ -1639,6 +1669,7 @@ API_EXPORT(server_rec *) ap_read_config(
      process_command_config(s, ap_server_post_read_config, p, ptemp);

      fixup_virtual_hosts(p, s);
+    fixup_proxypass_config(p, s);
      default_listeners(p, s);
      ap_fini_vhost_config(p, s);



but with no success - I'm not even sure if the API allows me to merge 
per_dir_config in after the initial config pass, and before serving an 
actual request.

Any insight would be hugely appreciated (and yes, I know how much nicer 
proxying is in Apache 2 - if I had time to shift everything over, I would ;)

thanks,

Matthew.

-- 
______________________________________________________________
Matthew Hodgson   matthew@mxtelecom.com   Tel: +44 845 6667778
                 Systems Analyst, MX Telecom Ltd.


Mime
View raw message