Resolves: #1397243 - Backport Apache Bug 53098 - mod_proxy_ajp:

patch to set worker secret passed to tomcat
This commit is contained in:
Luboš Uhliarik 2017-03-30 16:20:00 +02:00
parent c58fda3be9
commit ee11bdee06

View File

@ -1,10 +1,13 @@
--- a/modules/proxy/ajp.h 2016/04/12 22:47:36 1738877 diff --git a/modules/proxy/ajp.h b/modules/proxy/ajp.h
+++ b/modules/proxy/ajp.h 2016/04/12 23:09:07 1738878 index c119a7e..267150a 100644
@@ -412,11 +412,13 @@ --- a/modules/proxy/ajp.h
+++ b/modules/proxy/ajp.h
@@ -413,12 +413,14 @@ apr_status_t ajp_ilink_receive(apr_socket_t *sock, ajp_msg_t *msg);
* @param sock backend socket
* @param r current request * @param r current request
* @param buffsize max size of the AJP packet. * @param buffsize max size of the AJP packet.
* @param uri requested uri
+ * @param secret authentication secret + * @param secret authentication secret
* @param uri requested uri
* @return APR_SUCCESS or error * @return APR_SUCCESS or error
*/ */
apr_status_t ajp_send_header(apr_socket_t *sock, request_rec *r, apr_status_t ajp_send_header(apr_socket_t *sock, request_rec *r,
@ -15,9 +18,11 @@
/** /**
* Read the ajp message and return the type of the message. * Read the ajp message and return the type of the message.
--- a/modules/proxy/ajp_header.c 2016/04/12 22:47:36 1738877 diff --git a/modules/proxy/ajp_header.c b/modules/proxy/ajp_header.c
+++ b/modules/proxy/ajp_header.c 2016/04/12 23:09:07 1738878 index 67353a7..680a8f3 100644
@@ -213,7 +213,8 @@ --- a/modules/proxy/ajp_header.c
+++ b/modules/proxy/ajp_header.c
@@ -213,7 +213,8 @@ AJPV13_REQUEST/AJPV14_REQUEST=
static apr_status_t ajp_marshal_into_msgb(ajp_msg_t *msg, static apr_status_t ajp_marshal_into_msgb(ajp_msg_t *msg,
request_rec *r, request_rec *r,
@ -27,7 +32,7 @@
{ {
int method; int method;
apr_uint32_t i, num_headers = 0; apr_uint32_t i, num_headers = 0;
@@ -293,17 +294,15 @@ @@ -293,17 +294,15 @@ static apr_status_t ajp_marshal_into_msgb(ajp_msg_t *msg,
i, elts[i].key, elts[i].val); i, elts[i].key, elts[i].val);
} }
@ -48,7 +53,7 @@
if (r->user) { if (r->user) {
if (ajp_msg_append_uint8(msg, SC_A_REMOTE_USER) || if (ajp_msg_append_uint8(msg, SC_A_REMOTE_USER) ||
@@ -671,7 +670,8 @@ @@ -671,7 +670,8 @@ static apr_status_t ajp_unmarshal_response(ajp_msg_t *msg,
apr_status_t ajp_send_header(apr_socket_t *sock, apr_status_t ajp_send_header(apr_socket_t *sock,
request_rec *r, request_rec *r,
apr_size_t buffsize, apr_size_t buffsize,
@ -58,7 +63,7 @@
{ {
ajp_msg_t *msg; ajp_msg_t *msg;
apr_status_t rc; apr_status_t rc;
@@ -683,7 +683,7 @@ @@ -683,7 +683,7 @@ apr_status_t ajp_send_header(apr_socket_t *sock,
return rc; return rc;
} }
@ -67,11 +72,13 @@
if (rc != APR_SUCCESS) { if (rc != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00988) ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00988)
"ajp_send_header: ajp_marshal_into_msgb failed"); "ajp_send_header: ajp_marshal_into_msgb failed");
--- a/modules/proxy/mod_proxy.c 2016/04/12 22:47:36 1738877 diff --git a/modules/proxy/mod_proxy.c b/modules/proxy/mod_proxy.c
+++ b/modules/proxy/mod_proxy.c 2016/04/12 23:09:07 1738878 index d6e6500..2fe71b9 100644
@@ -308,6 +308,12 @@ --- a/modules/proxy/mod_proxy.c
(int)sizeof(worker->s->flusher)); +++ b/modules/proxy/mod_proxy.c
} @@ -308,6 +308,12 @@ static const char *set_worker_param(apr_pool_t *p,
(int)sizeof(worker->s->flusher));
PROXY_STRNCPY(worker->s->flusher, val);
} }
+ else if (!strcasecmp(key, "secret")) { + else if (!strcasecmp(key, "secret")) {
+ if (PROXY_STRNCPY(worker->s->secret, val) != APR_SUCCESS) { + if (PROXY_STRNCPY(worker->s->secret, val) != APR_SUCCESS) {
@ -82,27 +89,31 @@
else { else {
if (set_worker_hc_param_f) { if (set_worker_hc_param_f) {
return set_worker_hc_param_f(p, s, worker, key, val, NULL); return set_worker_hc_param_f(p, s, worker, key, val, NULL);
--- a/modules/proxy/mod_proxy.h 2016/04/12 22:47:36 1738877 diff --git a/modules/proxy/mod_proxy.h b/modules/proxy/mod_proxy.h
+++ b/modules/proxy/mod_proxy.h 2016/04/12 23:09:07 1738878 index 281a776..b416db4 100644
@@ -348,6 +348,7 @@ --- a/modules/proxy/mod_proxy.h
#define PROXY_WORKER_MAX_HOSTNAME_SIZE 96 +++ b/modules/proxy/mod_proxy.h
#define PROXY_BALANCER_MAX_HOSTNAME_SIZE 64 @@ -352,6 +352,7 @@ PROXY_WORKER_HC_FAIL )
#define PROXY_BALANCER_MAX_STICKY_SIZE 64 #define PROXY_WORKER_MAX_HOSTNAME_SIZE 64
+#define PROXY_WORKER_MAX_SECRET_SIZE 64 #define PROXY_BALANCER_MAX_HOSTNAME_SIZE PROXY_WORKER_MAX_HOSTNAME_SIZE
#define PROXY_BALANCER_MAX_STICKY_SIZE 64
+#define PROXY_WORKER_MAX_SECRET_SIZE 64
/* RFC-1035 mentions limits of 255 for host-names and 253 for domain-names, /* RFC-1035 mentions limits of 255 for host-names and 253 for domain-names,
* dotted together(?) this would fit the below size (+ trailing NUL). * dotted together(?) this would fit the below size (+ trailing NUL).
@@ -444,6 +445,7 @@ @@ -442,6 +443,7 @@ typedef struct {
unsigned int disablereuse_set:1; int fcount; /* current count of failures */
unsigned int was_malloced:1; hcmethod_t method; /* method to use for health check */
unsigned int is_name_matchable:1; apr_interval_time_t interval;
+ char secret[PROXY_WORKER_MAX_SECRET_SIZE]; /* authentication secret (e.g. AJP13) */ + char secret[PROXY_WORKER_MAX_SECRET_SIZE]; /* authentication secret (e.g. AJP13) */
} proxy_worker_shared; } proxy_worker_shared;
#define ALIGNED_PROXY_WORKER_SHARED_SIZE (APR_ALIGN_DEFAULT(sizeof(proxy_worker_shared))) #define ALIGNED_PROXY_WORKER_SHARED_SIZE (APR_ALIGN_DEFAULT(sizeof(proxy_worker_shared)))
--- a/modules/proxy/mod_proxy_ajp.c 2016/04/12 22:47:36 1738877 diff --git a/modules/proxy/mod_proxy_ajp.c b/modules/proxy/mod_proxy_ajp.c
+++ b/modules/proxy/mod_proxy_ajp.c 2016/04/12 23:09:07 1738878 index 051724e..e706518 100644
@@ -193,6 +193,7 @@ --- a/modules/proxy/mod_proxy_ajp.c
+++ b/modules/proxy/mod_proxy_ajp.c
@@ -193,6 +193,7 @@ static int ap_proxy_ajp_request(apr_pool_t *p, request_rec *r,
apr_off_t content_length = 0; apr_off_t content_length = 0;
int original_status = r->status; int original_status = r->status;
const char *original_status_line = r->status_line; const char *original_status_line = r->status_line;
@ -110,7 +121,7 @@
if (psf->io_buffer_size_set) if (psf->io_buffer_size_set)
maxsize = psf->io_buffer_size; maxsize = psf->io_buffer_size;
@@ -202,12 +203,15 @@ @@ -202,12 +203,15 @@ static int ap_proxy_ajp_request(apr_pool_t *p, request_rec *r,
maxsize = AJP_MSG_BUFFER_SZ; maxsize = AJP_MSG_BUFFER_SZ;
maxsize = APR_ALIGN(maxsize, 1024); maxsize = APR_ALIGN(maxsize, 1024);