Resolves: #1397243 - Backport Apache Bug 53098 - mod_proxy_ajp:
patch to set worker secret passed to tomcat
This commit is contained in:
parent
c58fda3be9
commit
ee11bdee06
@ -1,10 +1,13 @@
|
|||||||
--- a/modules/proxy/ajp.h 2016/04/12 22:47:36 1738877
|
diff --git a/modules/proxy/ajp.h b/modules/proxy/ajp.h
|
||||||
+++ b/modules/proxy/ajp.h 2016/04/12 23:09:07 1738878
|
index c119a7e..267150a 100644
|
||||||
@@ -412,11 +412,13 @@
|
--- a/modules/proxy/ajp.h
|
||||||
|
+++ b/modules/proxy/ajp.h
|
||||||
|
@@ -413,12 +413,14 @@ apr_status_t ajp_ilink_receive(apr_socket_t *sock, ajp_msg_t *msg);
|
||||||
|
* @param sock backend socket
|
||||||
* @param r current request
|
* @param r current request
|
||||||
* @param buffsize max size of the AJP packet.
|
* @param buffsize max size of the AJP packet.
|
||||||
* @param uri requested uri
|
|
||||||
+ * @param secret authentication secret
|
+ * @param secret authentication secret
|
||||||
|
* @param uri requested uri
|
||||||
* @return APR_SUCCESS or error
|
* @return APR_SUCCESS or error
|
||||||
*/
|
*/
|
||||||
apr_status_t ajp_send_header(apr_socket_t *sock, request_rec *r,
|
apr_status_t ajp_send_header(apr_socket_t *sock, request_rec *r,
|
||||||
@ -15,9 +18,11 @@
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Read the ajp message and return the type of the message.
|
* Read the ajp message and return the type of the message.
|
||||||
--- a/modules/proxy/ajp_header.c 2016/04/12 22:47:36 1738877
|
diff --git a/modules/proxy/ajp_header.c b/modules/proxy/ajp_header.c
|
||||||
+++ b/modules/proxy/ajp_header.c 2016/04/12 23:09:07 1738878
|
index 67353a7..680a8f3 100644
|
||||||
@@ -213,7 +213,8 @@
|
--- a/modules/proxy/ajp_header.c
|
||||||
|
+++ b/modules/proxy/ajp_header.c
|
||||||
|
@@ -213,7 +213,8 @@ AJPV13_REQUEST/AJPV14_REQUEST=
|
||||||
|
|
||||||
static apr_status_t ajp_marshal_into_msgb(ajp_msg_t *msg,
|
static apr_status_t ajp_marshal_into_msgb(ajp_msg_t *msg,
|
||||||
request_rec *r,
|
request_rec *r,
|
||||||
@ -27,7 +32,7 @@
|
|||||||
{
|
{
|
||||||
int method;
|
int method;
|
||||||
apr_uint32_t i, num_headers = 0;
|
apr_uint32_t i, num_headers = 0;
|
||||||
@@ -293,17 +294,15 @@
|
@@ -293,17 +294,15 @@ static apr_status_t ajp_marshal_into_msgb(ajp_msg_t *msg,
|
||||||
i, elts[i].key, elts[i].val);
|
i, elts[i].key, elts[i].val);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -48,7 +53,7 @@
|
|||||||
|
|
||||||
if (r->user) {
|
if (r->user) {
|
||||||
if (ajp_msg_append_uint8(msg, SC_A_REMOTE_USER) ||
|
if (ajp_msg_append_uint8(msg, SC_A_REMOTE_USER) ||
|
||||||
@@ -671,7 +670,8 @@
|
@@ -671,7 +670,8 @@ static apr_status_t ajp_unmarshal_response(ajp_msg_t *msg,
|
||||||
apr_status_t ajp_send_header(apr_socket_t *sock,
|
apr_status_t ajp_send_header(apr_socket_t *sock,
|
||||||
request_rec *r,
|
request_rec *r,
|
||||||
apr_size_t buffsize,
|
apr_size_t buffsize,
|
||||||
@ -58,7 +63,7 @@
|
|||||||
{
|
{
|
||||||
ajp_msg_t *msg;
|
ajp_msg_t *msg;
|
||||||
apr_status_t rc;
|
apr_status_t rc;
|
||||||
@@ -683,7 +683,7 @@
|
@@ -683,7 +683,7 @@ apr_status_t ajp_send_header(apr_socket_t *sock,
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -67,11 +72,13 @@
|
|||||||
if (rc != APR_SUCCESS) {
|
if (rc != APR_SUCCESS) {
|
||||||
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00988)
|
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00988)
|
||||||
"ajp_send_header: ajp_marshal_into_msgb failed");
|
"ajp_send_header: ajp_marshal_into_msgb failed");
|
||||||
--- a/modules/proxy/mod_proxy.c 2016/04/12 22:47:36 1738877
|
diff --git a/modules/proxy/mod_proxy.c b/modules/proxy/mod_proxy.c
|
||||||
+++ b/modules/proxy/mod_proxy.c 2016/04/12 23:09:07 1738878
|
index d6e6500..2fe71b9 100644
|
||||||
@@ -308,6 +308,12 @@
|
--- a/modules/proxy/mod_proxy.c
|
||||||
(int)sizeof(worker->s->flusher));
|
+++ b/modules/proxy/mod_proxy.c
|
||||||
}
|
@@ -308,6 +308,12 @@ static const char *set_worker_param(apr_pool_t *p,
|
||||||
|
(int)sizeof(worker->s->flusher));
|
||||||
|
PROXY_STRNCPY(worker->s->flusher, val);
|
||||||
}
|
}
|
||||||
+ else if (!strcasecmp(key, "secret")) {
|
+ else if (!strcasecmp(key, "secret")) {
|
||||||
+ if (PROXY_STRNCPY(worker->s->secret, val) != APR_SUCCESS) {
|
+ if (PROXY_STRNCPY(worker->s->secret, val) != APR_SUCCESS) {
|
||||||
@ -82,27 +89,31 @@
|
|||||||
else {
|
else {
|
||||||
if (set_worker_hc_param_f) {
|
if (set_worker_hc_param_f) {
|
||||||
return set_worker_hc_param_f(p, s, worker, key, val, NULL);
|
return set_worker_hc_param_f(p, s, worker, key, val, NULL);
|
||||||
--- a/modules/proxy/mod_proxy.h 2016/04/12 22:47:36 1738877
|
diff --git a/modules/proxy/mod_proxy.h b/modules/proxy/mod_proxy.h
|
||||||
+++ b/modules/proxy/mod_proxy.h 2016/04/12 23:09:07 1738878
|
index 281a776..b416db4 100644
|
||||||
@@ -348,6 +348,7 @@
|
--- a/modules/proxy/mod_proxy.h
|
||||||
#define PROXY_WORKER_MAX_HOSTNAME_SIZE 96
|
+++ b/modules/proxy/mod_proxy.h
|
||||||
#define PROXY_BALANCER_MAX_HOSTNAME_SIZE 64
|
@@ -352,6 +352,7 @@ PROXY_WORKER_HC_FAIL )
|
||||||
#define PROXY_BALANCER_MAX_STICKY_SIZE 64
|
#define PROXY_WORKER_MAX_HOSTNAME_SIZE 64
|
||||||
+#define PROXY_WORKER_MAX_SECRET_SIZE 64
|
#define PROXY_BALANCER_MAX_HOSTNAME_SIZE PROXY_WORKER_MAX_HOSTNAME_SIZE
|
||||||
|
#define PROXY_BALANCER_MAX_STICKY_SIZE 64
|
||||||
|
+#define PROXY_WORKER_MAX_SECRET_SIZE 64
|
||||||
|
|
||||||
/* RFC-1035 mentions limits of 255 for host-names and 253 for domain-names,
|
/* RFC-1035 mentions limits of 255 for host-names and 253 for domain-names,
|
||||||
* dotted together(?) this would fit the below size (+ trailing NUL).
|
* dotted together(?) this would fit the below size (+ trailing NUL).
|
||||||
@@ -444,6 +445,7 @@
|
@@ -442,6 +443,7 @@ typedef struct {
|
||||||
unsigned int disablereuse_set:1;
|
int fcount; /* current count of failures */
|
||||||
unsigned int was_malloced:1;
|
hcmethod_t method; /* method to use for health check */
|
||||||
unsigned int is_name_matchable:1;
|
apr_interval_time_t interval;
|
||||||
+ char secret[PROXY_WORKER_MAX_SECRET_SIZE]; /* authentication secret (e.g. AJP13) */
|
+ char secret[PROXY_WORKER_MAX_SECRET_SIZE]; /* authentication secret (e.g. AJP13) */
|
||||||
} proxy_worker_shared;
|
} proxy_worker_shared;
|
||||||
|
|
||||||
#define ALIGNED_PROXY_WORKER_SHARED_SIZE (APR_ALIGN_DEFAULT(sizeof(proxy_worker_shared)))
|
#define ALIGNED_PROXY_WORKER_SHARED_SIZE (APR_ALIGN_DEFAULT(sizeof(proxy_worker_shared)))
|
||||||
--- a/modules/proxy/mod_proxy_ajp.c 2016/04/12 22:47:36 1738877
|
diff --git a/modules/proxy/mod_proxy_ajp.c b/modules/proxy/mod_proxy_ajp.c
|
||||||
+++ b/modules/proxy/mod_proxy_ajp.c 2016/04/12 23:09:07 1738878
|
index 051724e..e706518 100644
|
||||||
@@ -193,6 +193,7 @@
|
--- a/modules/proxy/mod_proxy_ajp.c
|
||||||
|
+++ b/modules/proxy/mod_proxy_ajp.c
|
||||||
|
@@ -193,6 +193,7 @@ static int ap_proxy_ajp_request(apr_pool_t *p, request_rec *r,
|
||||||
apr_off_t content_length = 0;
|
apr_off_t content_length = 0;
|
||||||
int original_status = r->status;
|
int original_status = r->status;
|
||||||
const char *original_status_line = r->status_line;
|
const char *original_status_line = r->status_line;
|
||||||
@ -110,7 +121,7 @@
|
|||||||
|
|
||||||
if (psf->io_buffer_size_set)
|
if (psf->io_buffer_size_set)
|
||||||
maxsize = psf->io_buffer_size;
|
maxsize = psf->io_buffer_size;
|
||||||
@@ -202,12 +203,15 @@
|
@@ -202,12 +203,15 @@ static int ap_proxy_ajp_request(apr_pool_t *p, request_rec *r,
|
||||||
maxsize = AJP_MSG_BUFFER_SZ;
|
maxsize = AJP_MSG_BUFFER_SZ;
|
||||||
maxsize = APR_ALIGN(maxsize, 1024);
|
maxsize = APR_ALIGN(maxsize, 1024);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user