RE: [PATCH] Apache as a transparent proxy

Mon, 03 Nov 2003 03:57:55 -0800 

>-----Original Message-----
>From: Graham Leggett [mailto:[EMAIL PROTECTED] 
>
>The main config should have a ServerName directive though, so can the 
>patch not detect for both virtualhost directives and the servername 
>directive?

Hey, great idea! (Even though the ServerName is optional, AFAIK.) Anyway,
I've improved my patch as suggested. Please find it as attachment.
-- 
Sami Tikka, senior software engineer, F-Secure Corporation
tel: +358 9 2520 5115, fax: +358 9 2520 5015
http://www.F-Secure.com
F-Secure: Securing the Mobile Enterprise

RCS file: /export/sw-projects/avgw/development/avigw/httpd/modules/proxy/mod_proxy.c,v
retrieving revision 1.2
retrieving revision 1.2.14.2
diff -u -w -b -r1.2 -r1.2.14.2
--- mod_proxy.c 10 Feb 2003 16:34:55 -0000      1.2
+++ mod_proxy.c 3 Nov 2003 10:43:14 -0000       1.2.14.2
@@ -164,6 +164,47 @@
         r->filename = apr_pstrcat(r->pool, "proxy:", r->uri, NULL);
         r->handler = "proxy-server";
     }
+       /* Try to be a catch-all for non-proxy requests that are not meant for us.
+        * We might be getting these because someone wants to use us as a 
+        * transparent proxy. 
+        * Construct the full URL by fishing the target web server from the Host 
+        * request header. */
+    else if (conf->req && !r->parsed_uri.scheme) {
+       const char *target = apr_table_get(r->headers_in, "Host");
+       char *target_host = NULL;
+       int colon = -1;
+       ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "CATCHALL: target = %s", target ? 
target : "none");
+       
+       if (target) {
+           colon = ap_ind(target, ':');
+           if (colon < 0) {
+               target_host = (char *)target;
+           } else {
+               target_host = apr_pstrndup(r->pool, target, colon);
+           }
+           if ((r->server->defn_name && !strcasecmp(target_host, 
r->server->defn_name))
+               || (r->server->server_hostname && !strcasecmp(target_host, 
r->server->server_hostname))
+               || ap_matches_request_vhost(r, target_host,
+                                             (apr_port_t)(r->parsed_uri.port_str ? 
r->parsed_uri.port 
+                                             : ap_default_port(r)))) {
+               return DECLINED;
+           } else {
+               r->proxyreq = PROXYREQ_PROXY;
+               r->uri = apr_pstrcat(r->pool, ap_http_method(r), "://", NULL);
+               if (r->parsed_uri.user) {
+                   r->uri = apr_pstrcat(r->pool, r->uri, r->parsed_uri.user, NULL);
+                   if (r->parsed_uri.password) {
+                       r->uri = apr_pstrcat(r->pool, r->uri, ":", 
r->parsed_uri.password, NULL);
+                   }
+                   r->uri = apr_pstrcat(r->pool, r->uri, "@", NULL);
+               }
+               r->uri = apr_pstrcat(r->pool, r->uri, target, r->unparsed_uri, NULL);
+               ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, "CATCHALL: Constructed 
url = %s", r->uri);
+               r->filename = apr_pstrcat(r->pool, "proxy:", r->uri, NULL);
+               r->handler = "proxy-server";
+           }
+       }
+    }
     return DECLINED;
 }

Reply via email to