231 lines
9.7 KiB
Diff
231 lines
9.7 KiB
Diff
|
diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c
|
||
|
index 3af5aed..bc86253 100644
|
||
|
--- a/modules/proxy/proxy_util.c
|
||
|
+++ b/modules/proxy/proxy_util.c
|
||
|
@@ -3854,12 +3854,14 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
|
||
|
char **old_cl_val,
|
||
|
char **old_te_val)
|
||
|
{
|
||
|
+ int rc = OK;
|
||
|
conn_rec *c = r->connection;
|
||
|
int counter;
|
||
|
char *buf;
|
||
|
+ apr_table_t *saved_headers_in = r->headers_in;
|
||
|
+ const char *saved_host = apr_table_get(saved_headers_in, "Host");
|
||
|
const apr_array_header_t *headers_in_array;
|
||
|
const apr_table_entry_t *headers_in;
|
||
|
- apr_table_t *saved_headers_in;
|
||
|
apr_bucket *e;
|
||
|
int do_100_continue;
|
||
|
conn_rec *origin = p_conn->connection;
|
||
|
@@ -3896,6 +3898,52 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
|
||
|
ap_xlate_proto_to_ascii(buf, strlen(buf));
|
||
|
e = apr_bucket_pool_create(buf, strlen(buf), p, c->bucket_alloc);
|
||
|
APR_BRIGADE_INSERT_TAIL(header_brigade, e);
|
||
|
+
|
||
|
+ /*
|
||
|
+ * Make a copy on r->headers_in for the request we make to the backend,
|
||
|
+ * modify the copy in place according to our configuration and connection
|
||
|
+ * handling, use it to fill in the forwarded headers' brigade, and finally
|
||
|
+ * restore the saved/original ones in r->headers_in.
|
||
|
+ *
|
||
|
+ * Note: We need to take r->pool for apr_table_copy as the key / value
|
||
|
+ * pairs in r->headers_in have been created out of r->pool and
|
||
|
+ * p might be (and actually is) a longer living pool.
|
||
|
+ * This would trigger the bad pool ancestry abort in apr_table_copy if
|
||
|
+ * apr is compiled with APR_POOL_DEBUG.
|
||
|
+ *
|
||
|
+ * icing: if p indeed lives longer than r->pool, we should allocate
|
||
|
+ * all new header values from r->pool as well and avoid leakage.
|
||
|
+ */
|
||
|
+ r->headers_in = apr_table_copy(r->pool, saved_headers_in);
|
||
|
+
|
||
|
+ /* Return the original Transfer-Encoding and/or Content-Length values
|
||
|
+ * then drop the headers, they must be set by the proxy handler based
|
||
|
+ * on the actual body being forwarded.
|
||
|
+ */
|
||
|
+ if ((*old_te_val = (char *)apr_table_get(r->headers_in,
|
||
|
+ "Transfer-Encoding"))) {
|
||
|
+ apr_table_unset(r->headers_in, "Transfer-Encoding");
|
||
|
+ }
|
||
|
+ if ((*old_cl_val = (char *)apr_table_get(r->headers_in,
|
||
|
+ "Content-Length"))) {
|
||
|
+ apr_table_unset(r->headers_in, "Content-Length");
|
||
|
+ }
|
||
|
+
|
||
|
+ /* Clear out hop-by-hop request headers not to forward */
|
||
|
+ if (ap_proxy_clear_connection(r, r->headers_in) < 0) {
|
||
|
+ rc = HTTP_BAD_REQUEST;
|
||
|
+ goto cleanup;
|
||
|
+ }
|
||
|
+
|
||
|
+ /* RFC2616 13.5.1 says we should strip these */
|
||
|
+ apr_table_unset(r->headers_in, "Keep-Alive");
|
||
|
+ apr_table_unset(r->headers_in, "Upgrade");
|
||
|
+ apr_table_unset(r->headers_in, "Trailer");
|
||
|
+ apr_table_unset(r->headers_in, "TE");
|
||
|
+
|
||
|
+ /* We used to send `Host: ` always first, so let's keep it that
|
||
|
+ * way. No telling which legacy backend is relying no this.
|
||
|
+ */
|
||
|
if (dconf->preserve_host == 0) {
|
||
|
if (ap_strchr_c(uri->hostname, ':')) { /* if literal IPv6 address */
|
||
|
if (uri->port_str && uri->port != DEFAULT_HTTP_PORT) {
|
||
|
@@ -3917,7 +3965,7 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
|
||
|
/* don't want to use r->hostname, as the incoming header might have a
|
||
|
* port attached
|
||
|
*/
|
||
|
- const char* hostname = apr_table_get(r->headers_in,"Host");
|
||
|
+ const char* hostname = saved_host;
|
||
|
if (!hostname) {
|
||
|
hostname = r->server->server_hostname;
|
||
|
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(01092)
|
||
|
@@ -3931,21 +3979,7 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
|
||
|
ap_xlate_proto_to_ascii(buf, strlen(buf));
|
||
|
e = apr_bucket_pool_create(buf, strlen(buf), p, c->bucket_alloc);
|
||
|
APR_BRIGADE_INSERT_TAIL(header_brigade, e);
|
||
|
-
|
||
|
- /*
|
||
|
- * Save the original headers in here and restore them when leaving, since
|
||
|
- * we will apply proxy purpose only modifications (eg. clearing hop-by-hop
|
||
|
- * headers, add Via or X-Forwarded-* or Expect...), whereas the originals
|
||
|
- * will be needed later to prepare the correct response and logging.
|
||
|
- *
|
||
|
- * Note: We need to take r->pool for apr_table_copy as the key / value
|
||
|
- * pairs in r->headers_in have been created out of r->pool and
|
||
|
- * p might be (and actually is) a longer living pool.
|
||
|
- * This would trigger the bad pool ancestry abort in apr_table_copy if
|
||
|
- * apr is compiled with APR_POOL_DEBUG.
|
||
|
- */
|
||
|
- saved_headers_in = r->headers_in;
|
||
|
- r->headers_in = apr_table_copy(r->pool, saved_headers_in);
|
||
|
+ apr_table_unset(r->headers_in, "Host");
|
||
|
|
||
|
/* handle Via */
|
||
|
if (conf->viaopt == via_block) {
|
||
|
@@ -4012,8 +4046,6 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
|
||
|
*/
|
||
|
if (dconf->add_forwarded_headers) {
|
||
|
if (PROXYREQ_REVERSE == r->proxyreq) {
|
||
|
- const char *buf;
|
||
|
-
|
||
|
/* Add X-Forwarded-For: so that the upstream has a chance to
|
||
|
* determine, where the original request came from.
|
||
|
*/
|
||
|
@@ -4023,8 +4055,9 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
|
||
|
/* Add X-Forwarded-Host: so that upstream knows what the
|
||
|
* original request hostname was.
|
||
|
*/
|
||
|
- if ((buf = apr_table_get(r->headers_in, "Host"))) {
|
||
|
- apr_table_mergen(r->headers_in, "X-Forwarded-Host", buf);
|
||
|
+ if (saved_host) {
|
||
|
+ apr_table_mergen(r->headers_in, "X-Forwarded-Host",
|
||
|
+ saved_host);
|
||
|
}
|
||
|
|
||
|
/* Add X-Forwarded-Server: so that upstream knows what the
|
||
|
@@ -4036,11 +4069,28 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
|
||
|
}
|
||
|
}
|
||
|
|
||
|
- proxy_run_fixups(r);
|
||
|
- if (ap_proxy_clear_connection(r, r->headers_in) < 0) {
|
||
|
- return HTTP_BAD_REQUEST;
|
||
|
+ /* Do we want to strip Proxy-Authorization ?
|
||
|
+ * If we haven't used it, then NO
|
||
|
+ * If we have used it then MAYBE: RFC2616 says we MAY propagate it.
|
||
|
+ * So let's make it configurable by env.
|
||
|
+ */
|
||
|
+ if (r->user != NULL /* we've authenticated */
|
||
|
+ && !apr_table_get(r->subprocess_env, "Proxy-Chain-Auth")) {
|
||
|
+ apr_table_unset(r->headers_in, "Proxy-Authorization");
|
||
|
}
|
||
|
|
||
|
+ /* for sub-requests, ignore freshness/expiry headers */
|
||
|
+ if (r->main) {
|
||
|
+ apr_table_unset(r->headers_in, "If-Match");
|
||
|
+ apr_table_unset(r->headers_in, "If-Modified-Since");
|
||
|
+ apr_table_unset(r->headers_in, "If-Range");
|
||
|
+ apr_table_unset(r->headers_in, "If-Unmodified-Since");
|
||
|
+ apr_table_unset(r->headers_in, "If-None-Match");
|
||
|
+ }
|
||
|
+
|
||
|
+ /* run hook to fixup the request we are about to send */
|
||
|
+ proxy_run_fixups(r);
|
||
|
+
|
||
|
creds = apr_table_get(r->notes, "proxy-basic-creds");
|
||
|
if (creds) {
|
||
|
apr_table_mergen(r->headers_in, "Proxy-Authorization", creds);
|
||
|
@@ -4051,55 +4101,8 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
|
||
|
headers_in = (const apr_table_entry_t *) headers_in_array->elts;
|
||
|
for (counter = 0; counter < headers_in_array->nelts; counter++) {
|
||
|
if (headers_in[counter].key == NULL
|
||
|
- || headers_in[counter].val == NULL
|
||
|
-
|
||
|
- /* Already sent */
|
||
|
- || !ap_cstr_casecmp(headers_in[counter].key, "Host")
|
||
|
-
|
||
|
- /* Clear out hop-by-hop request headers not to send
|
||
|
- * RFC2616 13.5.1 says we should strip these headers
|
||
|
- */
|
||
|
- || !ap_cstr_casecmp(headers_in[counter].key, "Keep-Alive")
|
||
|
- || !ap_cstr_casecmp(headers_in[counter].key, "TE")
|
||
|
- || !ap_cstr_casecmp(headers_in[counter].key, "Trailer")
|
||
|
- || !ap_cstr_casecmp(headers_in[counter].key, "Upgrade")
|
||
|
-
|
||
|
- ) {
|
||
|
- continue;
|
||
|
- }
|
||
|
- /* Do we want to strip Proxy-Authorization ?
|
||
|
- * If we haven't used it, then NO
|
||
|
- * If we have used it then MAYBE: RFC2616 says we MAY propagate it.
|
||
|
- * So let's make it configurable by env.
|
||
|
- */
|
||
|
- if (!ap_cstr_casecmp(headers_in[counter].key,"Proxy-Authorization")) {
|
||
|
- if (r->user != NULL) { /* we've authenticated */
|
||
|
- if (!apr_table_get(r->subprocess_env, "Proxy-Chain-Auth")) {
|
||
|
- continue;
|
||
|
- }
|
||
|
- }
|
||
|
- }
|
||
|
-
|
||
|
- /* Skip Transfer-Encoding and Content-Length for now.
|
||
|
- */
|
||
|
- if (!ap_cstr_casecmp(headers_in[counter].key, "Transfer-Encoding")) {
|
||
|
- *old_te_val = headers_in[counter].val;
|
||
|
- continue;
|
||
|
- }
|
||
|
- if (!ap_cstr_casecmp(headers_in[counter].key, "Content-Length")) {
|
||
|
- *old_cl_val = headers_in[counter].val;
|
||
|
- continue;
|
||
|
- }
|
||
|
-
|
||
|
- /* for sub-requests, ignore freshness/expiry headers */
|
||
|
- if (r->main) {
|
||
|
- if ( !ap_cstr_casecmp(headers_in[counter].key, "If-Match")
|
||
|
- || !ap_cstr_casecmp(headers_in[counter].key, "If-Modified-Since")
|
||
|
- || !ap_cstr_casecmp(headers_in[counter].key, "If-Range")
|
||
|
- || !ap_cstr_casecmp(headers_in[counter].key, "If-Unmodified-Since")
|
||
|
- || !ap_cstr_casecmp(headers_in[counter].key, "If-None-Match")) {
|
||
|
- continue;
|
||
|
- }
|
||
|
+ || headers_in[counter].val == NULL) {
|
||
|
+ continue;
|
||
|
}
|
||
|
|
||
|
buf = apr_pstrcat(p, headers_in[counter].key, ": ",
|
||
|
@@ -4110,11 +4113,9 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
|
||
|
APR_BRIGADE_INSERT_TAIL(header_brigade, e);
|
||
|
}
|
||
|
|
||
|
- /* Restore the original headers in (see comment above),
|
||
|
- * we won't modify them anymore.
|
||
|
- */
|
||
|
+cleanup:
|
||
|
r->headers_in = saved_headers_in;
|
||
|
- return OK;
|
||
|
+ return rc;
|
||
|
}
|
||
|
|
||
|
PROXY_DECLARE(int) ap_proxy_prefetch_input(request_rec *r,
|