function and so this *could* be more streamlined, but
use this to show how the other would work, since we need
brigades, SSL/TLS support, etc.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1724879 13f79535-47bb-0310-9956-ffa450edef68
Failing to do this may lead to a race condition where we send a new request
before the backend really closes the connection (or lost SSL-Alert/FIN make
us think the connection is still alive, until the retransmission).
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1703807 13f79535-47bb-0310-9956-ffa450edef68
whose address can still be reused.
This saves unnecessary socket pool destroy and creation at cleanup and reuse
time, plus the same initialization of conn->pool's associated data which can
be reused in that case.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1678763 13f79535-47bb-0310-9956-ffa450edef68
for requests embedded in CONNECT payloads used to connect SSL backends via
a ProxyRemote forward-proxy. PR 55892.
Submitted by: Hendrik Harms <hendrik.harms gmail com>
Reviewed by: wrowe, ylavic
Committed by: ylavic
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1665215 13f79535-47bb-0310-9956-ffa450edef68
if the connection to the backend was successful. It was likely set into
error by a different thread / process in parallel e.g. for a timeout or
bad status. We should respect this and should not continue with a connection
via this worker even if we got one.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1664709 13f79535-47bb-0310-9956-ffa450edef68
The goal is to minimize the delay between this connection is considered alive
and the first bytes sent (should the client's link be slow or some input filter
retain the data).
This is a best effort to prevent the backend from closing (from under us) what
it thinks is an idle connection, hence to reduce to the minimum the unavoidable
local ap_proxy_is_socket_connected() vs remote keepalive race condition.
PR 56541.
Also, allow the new subprocess_env variable "proxy-flushall" to prevent any
buffering of the request body before it is forwarded to the backend.
When set, the prefetch is still done (although non-blocking), so we can still
determine Content-Length vs chunked vs spooled (depending on data available
with the header or while reading it), and then all brigades are flushed when
passed to the backend.
PR 37920.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1656259 13f79535-47bb-0310-9956-ffa450edef68
opting in to connection reuse and other proxy options (max=, etc).
adds 'enablereuse' proxyoption and a minor MMN bump to share
proxy_desocketfy outside of mod_proxy.c, which is required to
match workers to URLs.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1647009 13f79535-47bb-0310-9956-ffa450edef68
proxy configuration, a remote attacker could send a carefully crafted
request which could crash a server process, resulting in denial of
service.
Thanks to Marek Kroemeke working with HP's Zero Day Initiative for
reporting this issue.
* server/util.c (ap_parse_token_list_strict): New function.
* modules/proxy/proxy_util.c (find_conn_headers): Use it here.
* modules/proxy/mod_proxy_http.c (ap_proxy_http_process_response):
Send a 400 for a malformed Connection header.
Submitted by: Edward Lu, breser, covener
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1610674 13f79535-47bb-0310-9956-ffa450edef68
and ProxyMatch section to distinguish between normal workers and workers
with regex substitutions in the name. Implement handling of such workers
in ap_proxy_get_worker(). PR 43513
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1609680 13f79535-47bb-0310-9956-ffa450edef68
the backend worker match whatever the scheme of the
incoming request was...
For example:
ProxyPass / auto://foo.example.com/
If the incoming request is http:.../lala then
the resultant will be http://foo.example.com/lala
If it's wws:.../lolo then we'd send
wws://foo.example.com/lolo
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1602523 13f79535-47bb-0310-9956-ffa450edef68
Since deferred_write_pool is needed by the core_output_filter and is a subpool
of the connection, shutdown in a pre_cleanup of the connection's pool to avoid
a freed memory access (SEGV).
Reported By: takashi
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1601630 13f79535-47bb-0310-9956-ffa450edef68
Shouldn't have commited the latter without disussing it on dev@.
Since the former creates upper APLOGNOs, revert and then recommit with the reverted next tag number.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1601290 13f79535-47bb-0310-9956-ffa450edef68
to ap_proxy_determine_connection(): it must be a buffer of at
least one byte in size.
(And don't bother with using strcpy in order to zap a string.)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1592514 13f79535-47bb-0310-9956-ffa450edef68
