I've rolled a fairly extensive mod_proxy patch, which seems rather
big to commit without review. Comments please:
(1) Bug #10722 - cookie paths and domains in reverse proxy
Following my patch to 2.0.49, I've adapted it for 2.1, taking into account
Jim's patch. In doing so, I made some organisational changes:
* moved rewriting of headers that need it (ap_proxy_date_canon and
ap_proxy_location_reverse_map) to a new function process_proxy_header
called from ap_proxy_read_headers.
* Removed the same from ap_proxy_http_process_response
* moved ap_proxy_read_headers from proxy_utils to proxy_http
* Retained Jim's patch, but removed the line merging err_headers_out
(2) Bug #29554 - URL munging
I've ported Francois-Rene Rideau's patch to 2.1, subject to the
question over proxy_fixup discussed in my last post.
Any problems with committing this?
--
Nick Kew
diff -u proxy-old/mod_proxy.c proxy/mod_proxy.c
--- proxy-old/mod_proxy.c 2004-06-26 07:18:10.000000000 +0100
+++ proxy/mod_proxy.c 2004-06-26 07:13:46.000000000 +0100
@@ -94,9 +94,10 @@
static int proxy_detect(request_rec *r)
{
void *sconf = r->server->module_config;
- proxy_server_conf *conf;
-
- conf = (proxy_server_conf *) ap_get_module_config(sconf, &proxy_module);
+ proxy_server_conf *conf =
+ (proxy_server_conf *) ap_get_module_config(sconf, &proxy_module);
+ int i, len;
+ struct proxy_alias *ent = (struct proxy_alias *)conf->aliases->elts;
/* Ick... msvc (perhaps others) promotes ternary short results to int */
@@ -121,6 +122,19 @@
r->uri = r->unparsed_uri;
r->filename = apr_pstrcat(r->pool, "proxy:", r->uri, NULL);
r->handler = "proxy-server";
+ } else {
+ /* test for a ProxyPass */
+ for (i = 0; i < conf->aliases->nelts; i++) {
+ len = alias_match(r->unparsed_uri, ent[i].fake);
+ if (len > 0) {
+ r->filename = apr_pstrcat(r->pool, "proxy:", ent[i].real,
+ r->unparsed_uri + len, NULL);
+ r->handler = "proxy-server";
+ r->proxyreq = PROXYREQ_REVERSE;
+ r->uri = r->unparsed_uri;
+ break;
+ }
+ }
}
return DECLINED;
}
@@ -140,26 +154,6 @@
return OK;
}
- /* XXX: since r->uri has been manipulated already we're not really
- * compliant with RFC1945 at this point. But this probably isn't
- * an issue because this is a hybrid proxy/origin server.
- */
-
- for (i = 0; i < conf->aliases->nelts; i++) {
- len = alias_match(r->uri, ent[i].fake);
-
- if (len > 0) {
- if ((ent[i].real[0] == '!' ) && ( ent[i].real[1] == 0 )) {
- return DECLINED;
- }
-
- r->filename = apr_pstrcat(r->pool, "proxy:", ent[i].real,
- (r->uri + len ), NULL);
- r->handler = "proxy-server";
- r->proxyreq = PROXYREQ_REVERSE;
- return OK;
- }
- }
return DECLINED;
}
@@ -221,7 +215,7 @@
return OK;
}
-
+#if 0
/* -------------------------------------------------------------- */
/* Fixup the filename */
@@ -236,6 +230,13 @@
if (!r->proxyreq || !r->filename || strncmp(r->filename, "proxy:", 6) != 0)
return DECLINED;
+/* We definitely shouldn't canonicalize a proxy_pass.
+ * But should we really canonicalize a STD_PROXY??? -- Fahree
+ */
+ if (r->proxyreq == PROXYREQ_REVERSE) {
+ return OK;
+ }
+
/* XXX: Shouldn't we try this before we run the proxy_walk? */
url = &r->filename[6];
@@ -250,7 +251,7 @@
return OK; /* otherwise; we've done the best we can */
}
-
+#endif
/* Send a redirection if the request contains a hostname which is not */
/* fully qualified, i.e. doesn't have a domain name appended. Some proxy */
/* servers like Netscape's allow this and access hosts from the local */
@@ -439,6 +440,10 @@
ps->proxies = apr_array_make(p, 10, sizeof(struct proxy_remote));
ps->aliases = apr_array_make(p, 10, sizeof(struct proxy_alias));
ps->raliases = apr_array_make(p, 10, sizeof(struct proxy_alias));
+ ps->cookie_paths = apr_array_make(p, 10, sizeof(struct proxy_alias));
+ ps->cookie_domains = apr_array_make(p, 10, sizeof(struct proxy_alias));
+ ps->cookie_path_str = apr_strmatch_precompile(p, "path=", 0) ;
+ ps->cookie_domain_str = apr_strmatch_precompile(p, "domain=", 0) ;
ps->noproxies = apr_array_make(p, 10, sizeof(struct noproxy_entry));
ps->dirconn = apr_array_make(p, 10, sizeof(struct dirconn_entry));
ps->allowed_connect_ports = apr_array_make(p, 10, sizeof(int));
@@ -474,6 +479,12 @@
ps->sec_proxy = apr_array_append(p, base->sec_proxy, overrides->sec_proxy);
ps->aliases = apr_array_append(p, base->aliases, overrides->aliases);
ps->raliases = apr_array_append(p, base->raliases, overrides->raliases);
+ ps->cookie_paths
+ = apr_array_append(p, base->cookie_paths, overrides->cookie_paths);
+ ps->cookie_domains
+ = apr_array_append(p, base->cookie_domains, overrides->cookie_domains) ;
+ ps->cookie_path_str = base->cookie_path_str;
+ ps->cookie_domain_str = base->cookie_domain_str;
ps->noproxies = apr_array_append(p, base->noproxies, overrides->noproxies);
ps->dirconn = apr_array_append(p, base->dirconn, overrides->dirconn);
ps->allowed_connect_ports = apr_array_append(p, base->allowed_connect_ports,
overrides->allowed_connect_ports);
@@ -639,6 +650,34 @@
return NULL;
}
+static const char*
+ cookie_path(cmd_parms *cmd, void *dummy, const char *f, const char *r)
+{
+ server_rec *s = cmd->server;
+ proxy_server_conf *conf;
+ struct proxy_alias *new;
+
+ conf = (proxy_server_conf *)ap_get_module_config(s->module_config,
+ &proxy_module);
+ new = apr_array_push(conf->cookie_paths) ;
+ new->fake = f;
+ new->real = r;
+ return NULL ;
+}
+static const char*
+ cookie_domain(cmd_parms *cmd, void *dummy, const char *f, const char *r)
+{
+ server_rec *s = cmd->server;
+ proxy_server_conf *conf;
+ struct proxy_alias *new;
+
+ conf = (proxy_server_conf *)ap_get_module_config(s->module_config,
+ &proxy_module);
+ new = apr_array_push(conf->cookie_domains) ;
+ new->fake = f;
+ new->real = r;
+ return NULL ;
+}
static const char *
set_proxy_exclude(cmd_parms *parms, void *dummy, const char *arg)
@@ -1005,6 +1044,10 @@
"a virtual path and a URL"),
AP_INIT_TAKE12("ProxyPassReverse", add_pass_reverse, NULL, RSRC_CONF|ACCESS_CONF,
"a virtual path and a URL for reverse proxy behaviour"),
+ AP_INIT_TAKE2("ProxyPassReverseCookiePath", cookie_path, NULL,
+ RSRC_CONF|ACCESS_CONF, "Path rewrite rule for proxying cookies") ,
+ AP_INIT_TAKE2("ProxyPassReverseCookieDomain", cookie_domain, NULL,
+ RSRC_CONF|ACCESS_CONF, "Domain rewrite rule for proxying cookies") ,
AP_INIT_ITERATE("ProxyBlock", set_proxy_exclude, NULL, RSRC_CONF,
"A list of names, hosts or domains to which the proxy will not connect"),
AP_INIT_TAKE1("ProxyReceiveBufferSize", set_recv_buffer_size, NULL, RSRC_CONF,
@@ -1082,7 +1125,7 @@
/* walk <Proxy > entries and suppress default TRACE behavior */
ap_hook_map_to_storage(proxy_map_location, NULL,NULL, APR_HOOK_FIRST);
/* fixups */
- ap_hook_fixups(proxy_fixup, NULL, aszSucc, APR_HOOK_FIRST);
+ /*ap_hook_fixups(proxy_fixup, NULL, aszSucc, APR_HOOK_FIRST);*/
/* post read_request handling */
ap_hook_post_read_request(proxy_detect, NULL, NULL, APR_HOOK_FIRST);
/* post config handling */
diff -u proxy-old/mod_proxy.h proxy/mod_proxy.h
--- proxy-old/mod_proxy.h 2004-06-26 07:18:10.000000000 +0100
+++ proxy/mod_proxy.h 2004-06-26 07:08:25.000000000 +0100
@@ -49,6 +49,7 @@
#include "apr_strings.h"
#include "apr_uri.h"
#include "apr_date.h"
+#include "apr_strmatch.h"
#include "apr_fnmatch.h"
#define APR_WANT_STRFUNC
#include "apr_want.h"
@@ -158,6 +159,14 @@
bad_body
} badopt; /* how to deal with bad headers */
char badopt_set;
+/* putting new stuff on the end maximises binary back-compatibility.
+ * the strmatch_patterns are really a const just to have a
+ * case-independent strstr.
+ */
+ apr_array_header_t* cookie_paths ;
+ apr_array_header_t* cookie_domains ;
+ const apr_strmatch_pattern* cookie_path_str ;
+ const apr_strmatch_pattern* cookie_domain_str ;
} proxy_server_conf;
@@ -229,7 +238,6 @@
PROXY_DECLARE(char *)ap_proxy_canon_netloc(apr_pool_t *p, char **const urlp, char
**userp,
char **passwordp, char **hostp, apr_port_t *port);
PROXY_DECLARE(const char *)ap_proxy_date_canon(apr_pool_t *p, const char *x);
-PROXY_DECLARE(apr_table_t *)ap_proxy_read_headers(request_rec *r, request_rec *rp,
char *buffer, int size, conn_rec *c);
PROXY_DECLARE(int) ap_proxy_liststr(const char *list, const char *val);
PROXY_DECLARE(char *)ap_proxy_removestr(apr_pool_t *pool, const char *list, const
char *val);
PROXY_DECLARE(int) ap_proxy_hex2sec(const char *x);
diff -u proxy-old/proxy_http.c proxy/proxy_http.c
--- proxy-old/proxy_http.c 2004-06-26 07:18:11.000000000 +0100
+++ proxy/proxy_http.c 2004-06-26 07:07:33.000000000 +0100
@@ -129,6 +129,99 @@
}
return url;
}
+/* cookies are a bit trickier to match: we've got two substrings to worry
+ * about, and we can't just find them with strstr 'cos of case. Regexp
+ * matching would be an easy fix, but for better consistency with all the
+ * other matches we'll refrain and use apr_strmatch to find path=/domain=
+ * and stick to plain strings for the config values.
+ */
+static const char *proxy_cookie_reverse_map(request_rec *r,
+ proxy_server_conf *conf, const char *str)
+{
+ struct proxy_alias *ent;
+ size_t len = strlen(str);
+ const char* newpath = NULL ;
+ const char* newdomain = NULL ;
+ const char* pathp ;
+ const char* domainp ;
+ const char* pathe ;
+ const char* domaine ;
+ size_t l1, l2, i, poffs, doffs ;
+ int ddiff = 0 ;
+ int pdiff = 0 ;
+ char* ret ;
+
+/* find the match and replacement, but save replacing until we've done
+ both path and domain so we know the new strlen
+*/
+ if ( pathp = apr_strmatch(conf->cookie_path_str, str, len) , pathp ) {
+ pathp += 5 ;
+ poffs = pathp - str ;
+ pathe = strchr(pathp, ';') ;
+ l1 = pathe ? (pathe-pathp) : strlen(pathp) ;
+ pathe = pathp + l1 ;
+ ent = (struct proxy_alias *)conf->cookie_paths->elts;
+ for (i = 0; i < conf->cookie_paths->nelts; i++) {
+ l2 = strlen(ent[i].fake);
+ if (l1 >= l2 && strncmp(ent[i].fake, pathp, l2) == 0) {
+ newpath = ent[i].real ;
+ pdiff = strlen(newpath) - l1 ;
+ break ;
+ }
+ }
+ }
+ if ( domainp = apr_strmatch(conf->cookie_domain_str, str, len) , domainp ) {
+ domainp += 7 ;
+ doffs = domainp - str ;
+ domaine = strchr(domainp, ';') ;
+ l1 = domaine ? (domaine-domainp) : strlen(domainp) ;
+ domaine = domainp + l1 ;
+ ent = (struct proxy_alias *)conf->cookie_domains->elts;
+ for (i = 0; i < conf->cookie_domains->nelts; i++) {
+ l2 = strlen(ent[i].fake);
+ if (l1 >= l2 && strncmp(ent[i].fake, domainp, l2) == 0) {
+ newdomain = ent[i].real ;
+ ddiff = strlen(newdomain) - l1 ;
+ break ;
+ }
+ }
+ }
+ if ( newpath ) {
+ ret = apr_palloc(r->pool, len+pdiff+ddiff+1) ;
+ l1 = strlen(newpath) ;
+ if ( newdomain ) {
+ l2 = strlen(newdomain) ;
+ if ( doffs > poffs ) {
+ memcpy(ret, str, poffs) ;
+ memcpy(ret+poffs, newpath, l1) ;
+ memcpy(ret+poffs+l1, pathe, domainp-pathe) ;
+ memcpy(ret+doffs+pdiff, newdomain, l2) ;
+ strcpy(ret+doffs+pdiff+l2, domaine) ;
+ } else {
+ memcpy(ret, str, doffs) ;
+ memcpy(ret+doffs, newdomain, l2) ;
+ memcpy(ret+doffs+l2, domaine, pathp-domaine) ;
+ memcpy(ret+poffs+ddiff, newpath, l1) ;
+ strcpy(ret+poffs+ddiff+l1, pathe) ;
+ }
+ } else {
+ memcpy(ret, str, poffs) ;
+ memcpy(ret+poffs, newpath, l1) ;
+ strcpy(ret+poffs+l1, pathe) ;
+ }
+ } else {
+ if ( newdomain ) {
+ ret = apr_palloc(r->pool, len+pdiff+ddiff+1) ;
+ l2 = strlen(newdomain) ;
+ memcpy(ret, str, doffs) ;
+ memcpy(ret+doffs, newdomain, l2) ;
+ strcpy(ret+doffs+l2, domaine) ;
+ } else {
+ ret = (char*) str ; /* no change */
+ }
+ }
+ return ret ;
+}
/* Clear all connection-based headers from the incoming headers table */
static void ap_proxy_clear_connection(apr_pool_t *p, apr_table_t *headers)
@@ -375,6 +468,7 @@
return OK;
}
+
static
apr_status_t ap_proxy_http_request(apr_pool_t *p, request_rec *r,
proxy_http_conn_t *p_conn, conn_rec *origin,
@@ -751,6 +845,139 @@
return APR_SUCCESS;
}
+static void process_proxy_header(request_rec* r, proxy_server_conf* c,
+ const char* key, const char* value)
+{
+ static const char* date_hdrs[]
+ = { "Date", "Expires", "Last-Modified", NULL } ;
+ static const struct {
+ const char* name ;
+ const char* (*func)(request_rec*, proxy_server_conf*, const char*) ;
+ } transform_hdrs[] = {
+ { "Location", ap_proxy_location_reverse_map } ,
+ { "Content-Location", ap_proxy_location_reverse_map } ,
+ { "URI", ap_proxy_location_reverse_map } ,
+ { "Set-Cookie", proxy_cookie_reverse_map } ,
+ { NULL, NULL }
+ } ;
+ int i ;
+ for ( i = 0 ; date_hdrs[i] ; ++i ) {
+ if ( !strcasecmp(date_hdrs[i], key) ) {
+ apr_table_add(r->headers_out, key,
+ ap_proxy_date_canon(r->pool, value)) ;
+ return ;
+ }
+ }
+ for ( i = 0 ; transform_hdrs[i].name ; ++i ) {
+ if ( !strcasecmp(transform_hdrs[i].name, key) ) {
+ apr_table_add(r->headers_out, key,
+ (*transform_hdrs[i].func)(r, c, value)) ;
+ return ;
+ }
+ }
+ apr_table_add(r->headers_out, key, value) ;
+ return ;
+}
+
+static void ap_proxy_read_headers(request_rec *r, request_rec *rr, char *buffer, int
size, conn_rec *c)
+{
+ int len;
+ char *value, *end;
+ char field[MAX_STRING_LEN];
+ int saw_headers = 0;
+ void *sconf = r->server->module_config;
+ proxy_server_conf *psc;
+
+ psc = (proxy_server_conf *) ap_get_module_config(sconf, &proxy_module);
+
+ r->headers_out = apr_table_make(r->pool, 20);
+
+ /*
+ * Read header lines until we get the empty separator line, a read error,
+ * the connection closes (EOF), or we timeout.
+ */
+ while ((len = ap_getline(buffer, size, rr, 1)) > 0) {
+
+ if (!(value = strchr(buffer, ':'))) { /* Find the colon separator */
+
+ /* We may encounter invalid headers, usually from buggy
+ * MS IIS servers, so we need to determine just how to handle
+ * them. We can either ignore them, assume that they mark the
+ * start-of-body (eg: a missing CRLF) or (the default) mark
+ * the headers as totally bogus and return a 500. The sole
+ * exception is an extra "HTTP/1.0 200, OK" line sprinkled
+ * in between the usual MIME headers, which is a favorite
+ * IIS bug.
+ */
+ /* XXX: The mask check is buggy if we ever see an HTTP/1.10 */
+
+ if (!apr_date_checkmask(buffer, "HTTP/#.# ###*")) {
+ if (psc->badopt == bad_error) {
+ /* Nope, it wasn't even an extra HTTP header. Give up. */
+ return ;
+ }
+ else if (psc->badopt == bad_body) {
+ /* if we've already started loading headers_out, then
+ * return what we've accumulated so far, in the hopes
+ * that they are useful. Otherwise, we completely bail.
+ */
+ /* FIXME: We've already scarfed the supposed 1st line of
+ * the body, so the actual content may end up being bogus
+ * as well. If the content is HTML, we may be lucky.
+ */
+ if (saw_headers) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, r->server,
+ "proxy: Starting body due to bogus non-header in headers "
+ "returned by %s (%s)", r->uri, r->method);
+ return ;
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, r->server,
+ "proxy: No HTTP headers "
+ "returned by %s (%s)", r->uri, r->method);
+ return ;
+ }
+ }
+ }
+ /* this is the psc->badopt == bad_ignore case */
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, r->server,
+ "proxy: Ignoring bogus HTTP header "
+ "returned by %s (%s)", r->uri, r->method);
+ continue;
+ }
+
+ *value = '\0';
+ ++value;
+ /* XXX: RFC2068 defines only SP and HT as whitespace, this test is
+ * wrong... and so are many others probably.
+ */
+ while (apr_isspace(*value))
+ ++value; /* Skip to start of value */
+
+ /* should strip trailing whitespace as well */
+ for (end = &value[strlen(value)-1]; end > value && apr_isspace(*end); --
+end)
+ *end = '\0';
+
+ /* make sure we add so as not to destroy duplicated headers
+ * Modify headers requiring canonicalisation and/or affected
+ * by ProxyPassReverse and family with process_proxy_header
+ */
+ process_proxy_header(r, psc, buffer, value) ;
+ saw_headers = 1;
+
+ /* the header was too long; at the least we should skip extra data */
+ if (len >= size - 1) {
+ while ((len = ap_getline(field, MAX_STRING_LEN, rr, 1))
+ >= MAX_STRING_LEN - 1) {
+ /* soak up the extra data */
+ }
+ if (len == 0) /* time to exit the larger loop as well */
+ break;
+ }
+ }
+}
+
+
static int addit_dammit(void *v, const char *key, const char *val)
{
@@ -850,13 +1077,11 @@
/* First, tuck away all already existing cookies */
save_table = apr_table_make(r->pool, 2);
- apr_table_do(addit_dammit, save_table, r->err_headers_out,
- "Set-Cookie", NULL);
apr_table_do(addit_dammit, save_table, r->headers_out,
"Set-Cookie", NULL);
- r->headers_out = ap_proxy_read_headers(r, rp, buffer,
- sizeof(buffer), origin);
+ /* shove the headers direct into r->headers_out */
+ ap_proxy_read_headers(r, rp, buffer, sizeof(buffer), origin);
if (r->headers_out == NULL) {
ap_log_error(APLOG_MARK, APLOG_WARNING, 0,
@@ -946,42 +1171,9 @@
"proxy: HTTP: received interim %d response",
r->status);
}
-
- /* we must accept 3 kinds of date, but generate only 1 kind of date */
- {
- const char *buf;
- if ((buf = apr_table_get(r->headers_out, "Date")) != NULL) {
- apr_table_set(r->headers_out, "Date",
- ap_proxy_date_canon(p, buf));
- }
- if ((buf = apr_table_get(r->headers_out, "Expires")) != NULL) {
- apr_table_set(r->headers_out, "Expires",
- ap_proxy_date_canon(p, buf));
- }
- if ((buf = apr_table_get(r->headers_out, "Last-Modified")) != NULL) {
- apr_table_set(r->headers_out, "Last-Modified",
- ap_proxy_date_canon(p, buf));
- }
- }
-
- /* munge the Location and URI response headers according to
- * ProxyPassReverse
+ /* Moved the fixups of Date headers and those affected by
+ * ProxyPassReverse/etc from here to ap_proxy_read_headers
*/
- {
- const char *buf;
- if ((buf = apr_table_get(r->headers_out, "Location")) != NULL) {
- apr_table_set(r->headers_out, "Location",
- ap_proxy_location_reverse_map(r, conf, buf));
- }
- if ((buf = apr_table_get(r->headers_out, "Content-Location")) != NULL) {
- apr_table_set(r->headers_out, "Content-Location",
- ap_proxy_location_reverse_map(r, conf, buf));
- }
- if ((buf = apr_table_get(r->headers_out, "URI")) != NULL) {
- apr_table_set(r->headers_out, "URI",
- ap_proxy_location_reverse_map(r, conf, buf));
- }
- }
if ((r->status == 401) && (conf->error_override != 0)) {
const char *buf;
diff -u proxy-old/proxy_util.c proxy/proxy_util.c
--- proxy-old/proxy_util.c 2004-05-19 14:30:14.000000000 +0100
+++ proxy/proxy_util.c 2004-06-26 07:08:09.000000000 +0100
@@ -352,112 +352,6 @@
return rp;
}
-/*
- * Reads headers from a buffer and returns an array of headers.
- * Returns NULL on file error
- * This routine tries to deal with too long lines and continuation lines.
- *
- * Note: Currently the headers are passed through unmerged. This has to be
- * done so that headers which react badly to merging (such as Set-Cookie
- * headers, which contain commas within the date field) do not get stuffed
- * up.
- */
-PROXY_DECLARE(apr_table_t *)ap_proxy_read_headers(request_rec *r, request_rec *rr,
char *buffer, int size, conn_rec *c)
-{
- apr_table_t *headers_out;
- int len;
- char *value, *end;
- char field[MAX_STRING_LEN];
- int saw_headers = 0;
- void *sconf = r->server->module_config;
- proxy_server_conf *psc;
-
- psc = (proxy_server_conf *) ap_get_module_config(sconf, &proxy_module);
-
- headers_out = apr_table_make(r->pool, 20);
-
- /*
- * Read header lines until we get the empty separator line, a read error,
- * the connection closes (EOF), or we timeout.
- */
- while ((len = ap_getline(buffer, size, rr, 1)) > 0) {
-
- if (!(value = strchr(buffer, ':'))) { /* Find the colon separator */
-
- /* We may encounter invalid headers, usually from buggy
- * MS IIS servers, so we need to determine just how to handle
- * them. We can either ignore them, assume that they mark the
- * start-of-body (eg: a missing CRLF) or (the default) mark
- * the headers as totally bogus and return a 500. The sole
- * exception is an extra "HTTP/1.0 200, OK" line sprinkled
- * in between the usual MIME headers, which is a favorite
- * IIS bug.
- */
- /* XXX: The mask check is buggy if we ever see an HTTP/1.10 */
-
- if (!apr_date_checkmask(buffer, "HTTP/#.# ###*")) {
- if (psc->badopt == bad_error) {
- /* Nope, it wasn't even an extra HTTP header. Give up. */
- return NULL;
- }
- else if (psc->badopt == bad_body) {
- /* if we've already started loading headers_out, then
- * return what we've accumulated so far, in the hopes
- * that they are useful. Otherwise, we completely bail.
- */
- /* FIXME: We've already scarfed the supposed 1st line of
- * the body, so the actual content may end up being bogus
- * as well. If the content is HTML, we may be lucky.
- */
- if (saw_headers) {
- ap_log_error(APLOG_MARK, APLOG_WARNING, 0, r->server,
- "proxy: Starting body due to bogus non-header in headers "
- "returned by %s (%s)", r->uri, r->method);
- return headers_out;
- } else {
- ap_log_error(APLOG_MARK, APLOG_WARNING, 0, r->server,
- "proxy: No HTTP headers "
- "returned by %s (%s)", r->uri, r->method);
- return NULL;
- }
- }
- }
- /* this is the psc->badopt == bad_ignore case */
- ap_log_error(APLOG_MARK, APLOG_WARNING, 0, r->server,
- "proxy: Ignoring bogus HTTP header "
- "returned by %s (%s)", r->uri, r->method);
- continue;
- }
-
- *value = '\0';
- ++value;
- /* XXX: RFC2068 defines only SP and HT as whitespace, this test is
- * wrong... and so are many others probably.
- */
- while (apr_isspace(*value))
- ++value; /* Skip to start of value */
-
- /* should strip trailing whitespace as well */
- for (end = &value[strlen(value)-1]; end > value && apr_isspace(*end); --end)
- *end = '\0';
-
- /* make sure we add so as not to destroy duplicated headers */
- apr_table_add(headers_out, buffer, value);
- saw_headers = 1;
-
- /* the header was too long; at the least we should skip extra data */
- if (len >= size - 1) {
- while ((len = ap_getline(field, MAX_STRING_LEN, rr, 1))
- >= MAX_STRING_LEN - 1) {
- /* soak up the extra data */
- }
- if (len == 0) /* time to exit the larger loop as well */
- break;
- }
- }
- return headers_out;
-}
-
/*
* list is a comma-separated list of case-insensitive tokens, with