sf at apache
Jul 3, 2012, 12:33 PM
Post #1 of 1
(31 views)
Permalink
|
|
svn commit: r1356881 - in /httpd/httpd/branches/2.4.x: ./ CHANGES STATUS modules/proxy/mod_proxy_http.c
|
|
Author: sf
Date: Tue Jul 3 19:32:59 2012
New Revision: 1356881
URL: http://svn.apache.org/viewvc?rev=1356881&view=rev
Log:
Merge r1333969:
Use the the same hostname for SNI as for the HTTP request when forwarding
to SSL backends.
PR: 53134
Based on a patch from: Michael Weiser <michael weiser.dinsnail.net>
Reviewed by: rpluem, druggeri, covener
Modified:
httpd/httpd/branches/2.4.x/ (props changed)
httpd/httpd/branches/2.4.x/CHANGES
httpd/httpd/branches/2.4.x/STATUS
httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_http.c
Propchange: httpd/httpd/branches/2.4.x/
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk:r1333969
Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1356881&r1=1356880&r2=1356881&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Tue Jul 3 19:32:59 2012
@@ -3,6 +3,10 @@
Changes with Apache 2.4.3
+ *) mod_proxy: Use the the same hostname for SNI as for the HTTP request when
+ forwarding to SSL backends. PR 53134.
+ [Michael Weiser <michael weiser.dinsnail.net>, Ruediger Pluem]
+
*) mod_info: Display all registered providers. [Stefan Fritsch]
*) mod_ssl: Send the error message for speaking http to an https port using
Modified: httpd/httpd/branches/2.4.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1356881&r1=1356880&r2=1356881&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/STATUS (original)
+++ httpd/httpd/branches/2.4.x/STATUS Tue Jul 3 19:32:59 2012
@@ -88,14 +88,6 @@ RELEASE SHOWSTOPPERS:
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * mod_proxy: Use the the same hostname for SNI as for the HTTP request when
- forwarding to SSL backends. PR 53134.
- Trunk version of patch:
- http://svn.apache.org/viewcvs.cgi?rev=1333969&view=rev
- Backport version for 2.4.x of patch:
- Trunk version of patch works
- +1: rpluem, druggeri, covener
-
* core: Use a TLS/10 close_notify for dummy connection to SSL listener.
trunk patches: http://svn.apache.org/viewvc?rev=1327036&view=rev
http://svn.apache.org/viewvc?rev=1327080&view=rev
Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_http.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_http.c?rev=1356881&r1=1356880&r2=1356881&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_http.c (original)
+++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_http.c Tue Jul 3 19:32:59 2012
@@ -2236,8 +2236,24 @@ static int proxy_http_handler(request_re
* so.
*/
if (is_ssl) {
+ proxy_dir_conf *dconf;
+ const char *ssl_hostname;
+
+ /*
+ * In the case of ProxyPreserveHost on use the hostname of
+ * the request if present otherwise use the one from the
+ * backend request URI.
+ */
+ dconf = ap_get_module_config(r->per_dir_config, &proxy_module);
+ if ((dconf->preserve_host != 0) && (r->hostname != NULL)) {
+ ssl_hostname = r->hostname;
+ }
+ else {
+ ssl_hostname = uri->hostname;
+ }
+
apr_table_set(backend->connection->notes, "proxy-request-hostname",
- uri->hostname);
+ ssl_hostname);
}
}
|
