martin 99/02/07 12:48:34
Modified: src/modules/proxy mod_proxy.h proxy_cache.c proxy_connect.c
proxy_ftp.c proxy_http.c proxy_util.c
Log:
The various calls to ap_proxyerror() now have a new third parameter:
the HTTP/1.1 status code can now be different for the individual calls.
This allows the proxy to, e.g., return "403 Forbidden" for ProxyBlock'ed
URL's.
Revision Changes Path
1.43 +1 -1 apache-1.3/src/modules/proxy/mod_proxy.h
Index: mod_proxy.h
===================================================================
RCS file: /export/home/cvs/apache-1.3/src/modules/proxy/mod_proxy.h,v
retrieving revision 1.42
retrieving revision 1.43
diff -u -r1.42 -r1.43
--- mod_proxy.h 1999/01/01 19:05:02 1.42
+++ mod_proxy.h 1999/02/07 20:48:31 1.43
@@ -301,7 +301,7 @@
int ap_proxy_hex2sec(const char *x);
void ap_proxy_sec2hex(int t, char *y);
cache_req *ap_proxy_cache_error(cache_req *r);
-int ap_proxyerror(request_rec *r, const char *message);
+int ap_proxyerror(request_rec *r, int statuscode, const char *message);
const char *ap_proxy_host2addr(const char *host, struct hostent *reqhp);
int ap_proxy_is_ipaddr(struct dirconn_entry *This, pool *p);
int ap_proxy_is_domainname(struct dirconn_entry *This, pool *p);
1.55 +1 -1 apache-1.3/src/modules/proxy/proxy_cache.c
Index: proxy_cache.c
===================================================================
RCS file: /export/home/cvs/apache-1.3/src/modules/proxy/proxy_cache.c,v
retrieving revision 1.54
retrieving revision 1.55
diff -u -r1.54 -r1.55
--- proxy_cache.c 1999/01/01 19:05:02 1.54
+++ proxy_cache.c 1999/02/07 20:48:31 1.55
@@ -826,7 +826,7 @@
* requests with an Authorization header, or
* protocol requests nocache (e.g. ftp with user/password)
*/
-/* @@@ XXX FIXME: is the test "r->status != HTTP_MOVED_PERMANENTLY" corerct?
+/* @@@ XXX FIXME: is the test "r->status != HTTP_MOVED_PERMANENTLY" correct?
* or shouldn't it be "ap_is_HTTP_REDIRECT(r->status)" ? -MnKr */
if ((r->status != HTTP_OK && r->status != HTTP_MOVED_PERMANENTLY &&
r->status != HTTP_NOT_MODIFIED) ||
(expire != NULL && expc == BAD_DATE) ||
1.37 +6 -3 apache-1.3/src/modules/proxy/proxy_connect.c
Index: proxy_connect.c
===================================================================
RCS file: /export/home/cvs/apache-1.3/src/modules/proxy/proxy_connect.c,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -r1.36 -r1.37
--- proxy_connect.c 1999/01/01 19:05:03 1.36
+++ proxy_connect.c 1999/02/07 20:48:31 1.37
@@ -148,7 +148,8 @@
for (i = 0; i < conf->noproxies->nelts; i++) {
if ((npent[i].name != NULL && strstr(host, npent[i].name) != NULL)
|| destaddr.s_addr == npent[i].addr.s_addr || npent[i].name[0] ==
'*')
- return ap_proxyerror(r, "Connect to remote machine blocked");
+ return ap_proxyerror(r, HTTP_FORBIDDEN,
+ "Connect to remote machine blocked");
}
/* Check if it is an allowed port */
@@ -175,7 +176,9 @@
err = ap_proxy_host2addr(proxyhost ? proxyhost : host, &server_hp);
if (err != NULL)
- return ap_proxyerror(r, err); /* give up */
+ return ap_proxyerror(r,
+ proxyhost ? HTTP_BAD_GATEWAY :
HTTP_INTERNAL_SERVER_ERROR,
+ err);
sock = ap_psocket(r->pool, PF_INET, SOCK_STREAM, IPPROTO_TCP);
if (sock == -1) {
@@ -207,7 +210,7 @@
}
if (i == -1) {
ap_pclosesocket(r->pool, sock);
- return ap_proxyerror(r, ap_pstrcat(r->pool,
+ return ap_proxyerror(r, HTTP_INTERNAL_SERVER_ERROR, ap_pstrcat(r->pool,
"Could not connect to remote
machine:<br>",
strerror(errno), NULL));
}
1.70 +34 -20 apache-1.3/src/modules/proxy/proxy_ftp.c
Index: proxy_ftp.c
===================================================================
RCS file: /export/home/cvs/apache-1.3/src/modules/proxy/proxy_ftp.c,v
retrieving revision 1.69
retrieving revision 1.70
diff -u -r1.69 -r1.70
--- proxy_ftp.c 1999/01/01 19:05:03 1.69
+++ proxy_ftp.c 1999/02/07 20:48:32 1.70
@@ -533,7 +533,8 @@
for (i = 0; i < conf->noproxies->nelts; i++) {
if ((npent[i].name != NULL && strstr(host, npent[i].name) != NULL)
|| destaddr.s_addr == npent[i].addr.s_addr || npent[i].name[0] ==
'*')
- return ap_proxyerror(r, /*HTTP_FORBIDDEN*/ "Connect to remote
machine blocked");
+ return ap_proxyerror(r, HTTP_FORBIDDEN,
+ "Connect to remote machine blocked");
}
Explain2("FTP: connect to %s:%d", host, port);
@@ -547,7 +548,7 @@
server.sin_port = htons(port);
err = ap_proxy_host2addr(host, &server_hp);
if (err != NULL)
- return ap_proxyerror(r, err); /* give up */
+ return ap_proxyerror(r, HTTP_INTERNAL_SERVER_ERROR, err);
sock = ap_psocket(p, PF_INET, SOCK_STREAM, IPPROTO_TCP);
if (sock == -1) {
@@ -598,7 +599,7 @@
#endif
if (i == -1) {
ap_pclosesocket(p, sock);
- return ap_proxyerror(r, /*HTTP_BAD_GATEWAY*/ ap_pstrcat(r->pool,
+ return ap_proxyerror(r, HTTP_BAD_GATEWAY, ap_pstrcat(r->pool,
"Could not connect to remote machine: ",
strerror(errno), NULL));
}
@@ -620,7 +621,8 @@
Explain1("FTP: returned status %d", i);
if (i == -1) {
ap_kill_timeout(r);
- return ap_proxyerror(r, /*HTTP_BAD_GATEWAY*/ "Error reading from remote
server");
+ return ap_proxyerror(r, HTTP_BAD_GATEWAY,
+ "Error reading from remote server");
}
#if 0
if (i == 120) {
@@ -636,12 +638,12 @@
* Retry-After = "Retry-After" ":" ( HTTP-date | delta-seconds )
*/
ap_set_header("Retry-After", ap_psprintf(p, "%u", 60*wait_mins);
- return ap_proxyerror(r, /*HTTP_SERVICE_UNAVAILABLE*/ resp);
+ return ap_proxyerror(r, HTTP_SERVICE_UNAVAILABLE, resp);
}
#endif
if (i != 220) {
ap_kill_timeout(r);
- return ap_proxyerror(r, /*HTTP_BAD_GATEWAY*/ resp);
+ return ap_proxyerror(r, HTTP_BAD_GATEWAY, resp);
}
Explain0("FTP: connected.");
@@ -664,7 +666,8 @@
Explain1("FTP: returned status %d", i);
if (i == -1) {
ap_kill_timeout(r);
- return ap_proxyerror(r, /*HTTP_BAD_GATEWAY*/ "Error reading from remote
server");
+ return ap_proxyerror(r, HTTP_BAD_GATEWAY,
+ "Error reading from remote server");
}
if (i == 530) {
ap_kill_timeout(r);
@@ -694,11 +697,13 @@
Explain1("FTP: returned status %d", i);
if (i == -1) {
ap_kill_timeout(r);
- return ap_proxyerror(r, /*HTTP_BAD_GATEWAY*/ "Error reading from
remote server");
+ return ap_proxyerror(r, HTTP_BAD_GATEWAY,
+ "Error reading from remote server");
}
if (i == 332) {
ap_kill_timeout(r);
- return ap_proxyerror(r, /*HTTP_UNAUTHORIZED*/ "Need account for
login");
+ return ap_proxyerror(r, HTTP_UNAUTHORIZED,
+ "Need account for login");
}
/* @@@ questionable -- we might as well return a 403 Forbidden here */
if (i == 530) {
@@ -738,7 +743,8 @@
Explain1("FTP: returned status %d", i);
if (i == -1) {
ap_kill_timeout(r);
- return ap_proxyerror(r, /*HTTP_BAD_GATEWAY*/ "Error reading from
remote server");
+ return ap_proxyerror(r, HTTP_BAD_GATEWAY,
+ "Error reading from remote server");
}
if (i == 550) {
ap_kill_timeout(r);
@@ -781,7 +787,8 @@
Explain1("FTP: returned status %d", i);
if (i == -1) {
ap_kill_timeout(r);
- return ap_proxyerror(r, /*HTTP_BAD_GATEWAY*/ "Error reading from
remote server");
+ return ap_proxyerror(r, HTTP_BAD_GATEWAY,
+ "Error reading from remote server");
}
if (i != 200 && i != 504) {
ap_kill_timeout(r);
@@ -862,9 +869,10 @@
if (i == -1) {
ap_kill_timeout(r);
- return ap_proxyerror(r, /*HTTP_BAD_GATEWAY*/ ap_pstrcat(r->pool,
- "Could not connect to remote machine: ",
- strerror(errno), NULL));
+ return ap_proxyerror(r, HTTP_BAD_GATEWAY,
+ ap_pstrcat(r->pool,
+ "Could not connect to remote
machine: ",
+ strerror(errno), NULL));
}
else {
pasvmode = 1;
@@ -952,7 +960,8 @@
Explain1("FTP: returned status %d", i);
if (i == -1) {
ap_kill_timeout(r);
- return ap_proxyerror(r, /*HTTP_BAD_GATEWAY*/ "Error reading
from remote server");
+ return ap_proxyerror(r, HTTP_BAD_GATEWAY,
+ "Error reading from remote server");
}
if (i == 550) {
ap_kill_timeout(r);
@@ -990,7 +999,8 @@
Explain1("FTP: PWD returned status %d", i);
if (i == -1 || i == 421) {
ap_kill_timeout(r);
- return ap_proxyerror(r, /*HTTP_BAD_GATEWAY*/ "Error reading from remote
server");
+ return ap_proxyerror(r, HTTP_BAD_GATEWAY,
+ "Error reading from remote server");
}
if (i == 550) {
ap_kill_timeout(r);
@@ -1034,7 +1044,8 @@
Explain1("FTP: returned status %d", rc);
if (rc == -1) {
ap_kill_timeout(r);
- return ap_proxyerror(r, /*HTTP_BAD_GATEWAY*/ "Error reading from remote
server");
+ return ap_proxyerror(r, HTTP_BAD_GATEWAY,
+ "Error reading from remote server");
}
if (rc == 550) {
Explain0("FTP: RETR failed, trying LIST instead");
@@ -1054,7 +1065,8 @@
Explain1("FTP: returned status %d", rc);
if (rc == -1) {
ap_kill_timeout(r);
- return ap_proxyerror(r, /*HTTP_BAD_GATEWAY*/ "Error reading from
remote server");
+ return ap_proxyerror(r, HTTP_BAD_GATEWAY,
+ "Error reading from remote server");
}
if (rc == 550) {
ap_kill_timeout(r);
@@ -1080,7 +1092,8 @@
Explain1("FTP: PWD returned status %d", i);
if (i == -1 || i == 421) {
ap_kill_timeout(r);
- return ap_proxyerror(r, /*HTTP_BAD_GATEWAY*/ "Error reading from
remote server");
+ return ap_proxyerror(r, HTTP_BAD_GATEWAY,
+ "Error reading from remote server");
}
if (i == 550) {
ap_kill_timeout(r);
@@ -1098,7 +1111,8 @@
rc = ftp_getrc(f);
Explain1("FTP: returned status %d", rc);
if (rc == -1)
- return ap_proxyerror(r, /*HTTP_BAD_GATEWAY*/ "Error reading from
remote server");
+ return ap_proxyerror(r, HTTP_BAD_GATEWAY,
+ "Error reading from remote server");
}
ap_kill_timeout(r);
if (rc != 125 && rc != 150 && rc != 226 && rc != 250)
1.62 +6 -4 apache-1.3/src/modules/proxy/proxy_http.c
Index: proxy_http.c
===================================================================
RCS file: /export/home/cvs/apache-1.3/src/modules/proxy/proxy_http.c,v
retrieving revision 1.61
retrieving revision 1.62
diff -u -r1.61 -r1.62
--- proxy_http.c 1999/01/01 19:05:03 1.61
+++ proxy_http.c 1999/02/07 20:48:32 1.62
@@ -233,7 +233,8 @@
for (i = 0; i < conf->noproxies->nelts; i++) {
if ((npent[i].name != NULL && strstr(desthost, npent[i].name) != NULL)
|| destaddr.s_addr == npent[i].addr.s_addr || npent[i].name[0] ==
'*')
- return ap_proxyerror(r, "Connect to remote machine blocked");
+ return ap_proxyerror(r, HTTP_FORBIDDEN,
+ "Connect to remote machine blocked");
}
if (proxyhost != NULL) {
@@ -246,7 +247,7 @@
server.sin_port = htons(destport);
err = ap_proxy_host2addr(desthost, &server_hp);
if (err != NULL)
- return ap_proxyerror(r, err); /* give up */
+ return ap_proxyerror(r, HTTP_INTERNAL_SERVER_ERROR, err);
}
sock = ap_psocket(p, PF_INET, SOCK_STREAM, IPPROTO_TCP);
@@ -291,7 +292,7 @@
if (proxyhost != NULL)
return DECLINED; /* try again another way */
else
- return ap_proxyerror(r, /*HTTP_BAD_GATEWAY*/ ap_pstrcat(r->pool,
+ return ap_proxyerror(r, HTTP_BAD_GATEWAY, ap_pstrcat(r->pool,
"Could not connect to remote machine: ",
strerror(errno), NULL));
}
@@ -369,7 +370,8 @@
ap_log_rerror(APLOG_MARK, APLOG_ERR, r,
"ap_bgets() - proxy receive - Error reading from remote
server %s",
proxyhost ? proxyhost : desthost);
- return ap_proxyerror(r, "Error reading from remote server");
+ return ap_proxyerror(r, HTTP_BAD_GATEWAY,
+ "Error reading from remote server");
}
/* Is it an HTTP/1 response? This is buggy if we ever see an HTTP/1.10 */
1.76 +3 -3 apache-1.3/src/modules/proxy/proxy_util.c
Index: proxy_util.c
===================================================================
RCS file: /export/home/cvs/apache-1.3/src/modules/proxy/proxy_util.c,v
retrieving revision 1.75
retrieving revision 1.76
diff -u -r1.75 -r1.76
--- proxy_util.c 1999/02/07 20:37:26 1.75
+++ proxy_util.c 1999/02/07 20:48:32 1.76
@@ -832,7 +832,7 @@
return NULL;
}
-int ap_proxyerror(request_rec *r, const char *message)
+int ap_proxyerror(request_rec *r, int statuscode, const char *message)
{
ap_table_setn(r->notes, "error-notes",
ap_pstrcat(r->pool,
@@ -840,8 +840,8 @@
"<EM><A HREF=\"", r->uri, "\">",
r->method, " ", r->uri, "</A></EM>.<P>\n"
"Reason: <STRONG>", message, "</STRONG>", NULL));
- r->status_line = "500 Proxy Error";
- return HTTP_INTERNAL_SERVER_ERROR;
+ r->status_line = ap_psprintf(r->pool, "%3.3u Proxy Error", statuscode);
+ return statuscode;
}
/*
