1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
22 * @brief Proxy Extension Module for Apache
24 * @defgroup MOD_PROXY mod_proxy
25 * @ingroup APACHE_MODS
29 #include "apr_hooks.h"
30 #include "apr_optional.h"
33 #include "apr_strings.h"
34 #include "apr_buckets.h"
36 #include "apr_network_io.h"
37 #include "apr_pools.h"
38 #include "apr_strings.h"
41 #include "apr_strmatch.h"
42 #include "apr_fnmatch.h"
43 #include "apr_reslist.h"
44 #define APR_WANT_STRFUNC
47 #include "util_mutex.h"
48 #include "apr_global_mutex.h"
49 #include "apr_thread_mutex.h"
52 #include "http_config.h"
53 #include "ap_config.h"
54 #include "http_core.h"
55 #include "http_protocol.h"
56 #include "http_request.h"
57 #include "http_vhost.h"
58 #include "http_main.h"
60 #include "http_connection.h"
61 #include "util_filter.h"
62 #include "util_ebcdic.h"
63 #include "ap_provider.h"
64 #include "ap_slotmem.h"
66 #if APR_HAVE_NETINET_IN_H
67 #include <netinet/in.h>
69 #if APR_HAVE_ARPA_INET_H
70 #include <arpa/inet.h>
73 /* for proxy_canonenc() */
75 enc_path, enc_search, enc_user, enc_fpath, enc_parm
78 #define BALANCER_PREFIX "balancer://"
80 #if APR_CHARSET_EBCDIC
82 #else /*APR_CHARSET_EBCDIC*/
83 #define CRLF "\015\012"
84 #endif /*APR_CHARSET_EBCDIC*/
86 /* default Max-Forwards header setting */
87 /* Set this to -1, which complies with RFC2616 by not setting
88 * max-forwards if the client didn't send it to us.
90 #define DEFAULT_MAX_FORWARDS -1
92 typedef struct proxy_balancer proxy_balancer;
93 typedef struct proxy_worker proxy_worker;
94 typedef struct proxy_conn_pool proxy_conn_pool;
95 typedef struct proxy_balancer_method proxy_balancer_method;
97 /* static information about a remote proxy */
99 const char *scheme; /* the schemes handled by this proxy, or '*' */
100 const char *protocol; /* the scheme used to talk to this proxy */
101 const char *hostname; /* the hostname of this proxy */
102 ap_regex_t *regexp; /* compiled regex (if any) for the remote */
103 int use_regex; /* simple boolean. True if we have a regex pattern */
104 apr_port_t port; /* the port for this proxy */
107 #define PROXYPASS_NOCANON 0x01
108 #define PROXYPASS_INTERPOLATE 0x02
109 #define PROXYPASS_NOQUERY 0x04
115 proxy_balancer *balancer; /* only valid for reverse-proxys */
118 struct dirconn_entry {
120 struct in_addr addr, mask;
121 struct apr_sockaddr_t *hostaddr;
122 int (*matcher) (struct dirconn_entry * This, request_rec *r);
125 struct noproxy_entry {
127 struct apr_sockaddr_t *addr;
131 apr_array_header_t *proxies;
132 apr_array_header_t *sec_proxy;
133 apr_array_header_t *aliases;
134 apr_array_header_t *noproxies;
135 apr_array_header_t *dirconn;
136 apr_array_header_t *workers; /* non-balancer workers, eg ProxyPass http://example.com */
137 apr_array_header_t *balancers; /* list of balancers @ config time */
138 proxy_worker *forward; /* forward proxy worker */
139 proxy_worker *reverse; /* reverse "module-driven" proxy worker */
140 const char *domain; /* domain name to use in absence of a domain name in the request */
142 apr_pool_t *pool; /* Pool used for allocating this struct */
143 int req; /* true if proxy requests are enabled */
144 int max_balancers; /* maximum number of allowed balancers */
145 int bgrowth; /* number of post-config balancers can added */
151 } viaopt; /* how to deal with proxy Via: headers */
152 apr_size_t recv_buffer_size;
153 apr_size_t io_buffer_size;
155 apr_interval_time_t timeout;
160 } badopt; /* how to deal with bad headers */
165 } proxy_status; /* Status display options */
166 apr_sockaddr_t *source_address;
167 apr_global_mutex_t *mutex; /* global lock, for pool, etc */
168 ap_slotmem_instance_t *bslot; /* balancers shm data - runtime */
169 ap_slotmem_provider_t *storage;
171 unsigned int req_set:1;
172 unsigned int viaopt_set:1;
173 unsigned int recv_buffer_size_set:1;
174 unsigned int io_buffer_size_set:1;
175 unsigned int maxfwd_set:1;
176 unsigned int timeout_set:1;
177 unsigned int badopt_set:1;
178 unsigned int proxy_status_set:1;
179 unsigned int source_address_set:1;
180 unsigned int bgrowth_set:1;
181 unsigned int bal_persist:1;
182 unsigned int inherit:1;
183 unsigned int inherit_set:1;
184 unsigned int ppinherit:1;
185 unsigned int ppinherit_set:1;
190 const char *p; /* The path */
191 ap_regex_t *r; /* Is this a regex? */
194 * ProxyPassReverse and friends are documented as working inside
195 * <Location>. But in fact they never have done in the case of
196 * more than one <Location>, because the server_conf can't see it.
197 * We need to move them to the per-dir config.
198 * Discussed in February 2005:
199 * http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=110726027118798&w=2
201 apr_array_header_t *raliases;
202 apr_array_header_t* cookie_paths;
203 apr_array_header_t* cookie_domains;
204 signed char p_is_fnmatch; /* Is the path an fnmatch candidate? */
205 signed char interpolate_env;
206 struct proxy_alias *alias;
209 * the following setting masks the error page
210 * returned from the 'proxied server' and just
211 * forwards the status code upwards.
212 * This allows the main server (us) to generate
213 * the error page, (so it will look like a error
214 * returned from the rest of the system
216 unsigned int error_override:1;
217 unsigned int preserve_host:1;
218 unsigned int preserve_host_set:1;
219 unsigned int error_override_set:1;
220 unsigned int alias_set:1;
221 unsigned int add_forwarded_headers:1;
223 /** Named back references */
224 apr_array_header_t *refs;
228 /* if we interpolate env vars per-request, we'll need a per-request
229 * copy of the reverse proxy config
232 apr_array_header_t *raliases;
233 apr_array_header_t* cookie_paths;
234 apr_array_header_t* cookie_domains;
238 conn_rec *connection;
239 request_rec *r; /* Request record of the backend request
240 * that is used over the backend connection. */
241 proxy_worker *worker; /* Connection pool this connection belongs to */
242 apr_pool_t *pool; /* Subpool for hostname and addr data */
243 const char *hostname;
244 apr_sockaddr_t *addr; /* Preparsed remote address info */
245 apr_pool_t *scpool; /* Subpool used for socket and connection data */
246 apr_socket_t *sock; /* Connection socket */
247 void *data; /* per scheme connection data */
248 void *forward; /* opaque forward proxy data */
249 apr_uint32_t flags; /* Connection flags */
251 unsigned int is_ssl:1;
252 unsigned int close:1; /* Close 'this' connection */
253 unsigned int need_flush:1; /* Flag to decide whether we need to flush the
254 * filter chain or not */
255 unsigned int inreslist:1; /* connection in apr_reslist? */
256 const char *uds_path; /* Unix domain socket path */
257 const char *ssl_hostname;/* Hostname (SNI) in use by SSL connection */
261 float cache_completion; /* completion percentage */
262 int content_length; /* length of the content */
265 /* Connection pool */
266 struct proxy_conn_pool {
267 apr_pool_t *pool; /* The pool used in constructor and destructor calls */
268 apr_sockaddr_t *addr; /* Preparsed remote address info */
269 apr_reslist_t *res; /* Connection resource list */
270 proxy_conn_rec *conn; /* Single connection for prefork mpm */
273 /* Keep below in sync with proxy_util.c! */
274 /* worker status bits */
275 #define PROXY_WORKER_INITIALIZED 0x0001
276 #define PROXY_WORKER_IGNORE_ERRORS 0x0002
277 #define PROXY_WORKER_DRAIN 0x0004
278 #define PROXY_WORKER_GENERIC 0x0008
279 #define PROXY_WORKER_IN_SHUTDOWN 0x0010
280 #define PROXY_WORKER_DISABLED 0x0020
281 #define PROXY_WORKER_STOPPED 0x0040
282 #define PROXY_WORKER_IN_ERROR 0x0080
283 #define PROXY_WORKER_HOT_STANDBY 0x0100
284 #define PROXY_WORKER_FREE 0x0200
286 /* worker status flags */
287 #define PROXY_WORKER_INITIALIZED_FLAG 'O'
288 #define PROXY_WORKER_IGNORE_ERRORS_FLAG 'I'
289 #define PROXY_WORKER_DRAIN_FLAG 'N'
290 #define PROXY_WORKER_GENERIC_FLAG 'G'
291 #define PROXY_WORKER_IN_SHUTDOWN_FLAG 'U'
292 #define PROXY_WORKER_DISABLED_FLAG 'D'
293 #define PROXY_WORKER_STOPPED_FLAG 'S'
294 #define PROXY_WORKER_IN_ERROR_FLAG 'E'
295 #define PROXY_WORKER_HOT_STANDBY_FLAG 'H'
296 #define PROXY_WORKER_FREE_FLAG 'F'
298 #define PROXY_WORKER_NOT_USABLE_BITMAP ( PROXY_WORKER_IN_SHUTDOWN | \
299 PROXY_WORKER_DISABLED | PROXY_WORKER_STOPPED | PROXY_WORKER_IN_ERROR )
301 /* NOTE: these check the shared status */
302 #define PROXY_WORKER_IS_INITIALIZED(f) ( (f)->s->status & PROXY_WORKER_INITIALIZED )
304 #define PROXY_WORKER_IS_STANDBY(f) ( (f)->s->status & PROXY_WORKER_HOT_STANDBY )
306 #define PROXY_WORKER_IS_USABLE(f) ( ( !( (f)->s->status & PROXY_WORKER_NOT_USABLE_BITMAP) ) && \
307 PROXY_WORKER_IS_INITIALIZED(f) )
309 #define PROXY_WORKER_IS_DRAINING(f) ( (f)->s->status & PROXY_WORKER_DRAIN )
311 #define PROXY_WORKER_IS_GENERIC(f) ( (f)->s->status & PROXY_WORKER_GENERIC )
313 /* default worker retry timeout in seconds */
314 #define PROXY_WORKER_DEFAULT_RETRY 60
316 /* Some max char string sizes, for shm fields */
317 #define PROXY_WORKER_MAX_SCHEME_SIZE 16
318 #define PROXY_WORKER_MAX_ROUTE_SIZE 64
319 #define PROXY_BALANCER_MAX_ROUTE_SIZE PROXY_WORKER_MAX_ROUTE_SIZE
320 #define PROXY_WORKER_MAX_NAME_SIZE 96
321 #define PROXY_BALANCER_MAX_NAME_SIZE PROXY_WORKER_MAX_NAME_SIZE
322 #define PROXY_WORKER_MAX_HOSTNAME_SIZE 64
323 #define PROXY_BALANCER_MAX_HOSTNAME_SIZE PROXY_WORKER_MAX_HOSTNAME_SIZE
324 #define PROXY_BALANCER_MAX_STICKY_SIZE 64
326 #define PROXY_MAX_PROVIDER_NAME_SIZE 16
328 #define PROXY_STRNCPY(dst, src) ap_proxy_strncpy((dst), (src), (sizeof(dst)))
330 #define PROXY_COPY_CONF_PARAMS(w, c) \
332 (w)->s->timeout = (c)->timeout; \
333 (w)->s->timeout_set = (c)->timeout_set; \
334 (w)->s->recv_buffer_size = (c)->recv_buffer_size; \
335 (w)->s->recv_buffer_size_set = (c)->recv_buffer_size_set; \
336 (w)->s->io_buffer_size = (c)->io_buffer_size; \
337 (w)->s->io_buffer_size_set = (c)->io_buffer_size_set; \
346 /* Runtime worker status informations. Shared in scoreboard */
348 char name[PROXY_WORKER_MAX_NAME_SIZE];
349 char scheme[PROXY_WORKER_MAX_SCHEME_SIZE]; /* scheme to use ajp|http|https */
350 char hostname[PROXY_WORKER_MAX_HOSTNAME_SIZE]; /* remote backend address */
351 char route[PROXY_WORKER_MAX_ROUTE_SIZE]; /* balancing route */
352 char redirect[PROXY_WORKER_MAX_ROUTE_SIZE]; /* temporary balancing redirection route */
353 char flusher[PROXY_WORKER_MAX_SCHEME_SIZE]; /* flush provider used by mod_proxy_fdpass */
354 char uds_path[PROXY_WORKER_MAX_NAME_SIZE]; /* path to worker's unix domain socket if applicable */
355 int lbset; /* load balancer cluster set */
356 int retries; /* number of retries on this worker */
357 int lbstatus; /* Current lbstatus */
358 int lbfactor; /* dynamic lbfactor */
359 int min; /* Desired minimum number of available connections */
360 int smax; /* Soft maximum on the total number of connections */
361 int hmax; /* Hard maximum on the total number of connections */
362 int flush_wait; /* poll wait time in microseconds if flush_auto */
363 int index; /* shm array index */
364 proxy_hashes hash; /* hash of worker name */
365 unsigned int status; /* worker status bitfield */
370 } flush_packets; /* control AJP flushing */
371 apr_time_t updated; /* timestamp of last update */
372 apr_time_t error_time; /* time of the last error */
373 apr_interval_time_t ttl; /* maximum amount of time in seconds a connection
374 * may be available while exceeding the soft limit */
375 apr_interval_time_t retry; /* retry interval */
376 apr_interval_time_t timeout; /* connection timeout */
377 apr_interval_time_t acquire; /* acquire timeout when the maximum number of connections is exceeded */
378 apr_interval_time_t ping_timeout;
379 apr_interval_time_t conn_timeout;
380 apr_size_t recv_buffer_size;
381 apr_size_t io_buffer_size;
382 apr_size_t elected; /* Number of times the worker was elected */
383 apr_size_t busy; /* busyness factor */
385 apr_off_t transferred;/* Number of bytes transferred to remote */
386 apr_off_t read; /* Number of bytes read from remote */
387 void *context; /* general purpose storage */
388 unsigned int keepalive:1;
389 unsigned int disablereuse:1;
390 unsigned int is_address_reusable:1;
391 unsigned int retry_set:1;
392 unsigned int timeout_set:1;
393 unsigned int acquire_set:1;
394 unsigned int ping_timeout_set:1;
395 unsigned int conn_timeout_set:1;
396 unsigned int recv_buffer_size_set:1;
397 unsigned int io_buffer_size_set:1;
398 unsigned int keepalive_set:1;
399 unsigned int disablereuse_set:1;
400 unsigned int was_malloced:1;
401 } proxy_worker_shared;
403 #define ALIGNED_PROXY_WORKER_SHARED_SIZE (APR_ALIGN_DEFAULT(sizeof(proxy_worker_shared)))
405 /* Worker configuration */
406 struct proxy_worker {
407 proxy_hashes hash; /* hash of worker name */
408 unsigned int local_status; /* status of per-process worker */
409 proxy_conn_pool *cp; /* Connection pool to use */
410 proxy_worker_shared *s; /* Shared data */
411 proxy_balancer *balancer; /* which balancer am I in? */
412 apr_thread_mutex_t *tmutex; /* Thread lock for updating address cache */
413 void *context; /* general purpose storage */
417 * Time to wait (in microseconds) to find out if more data is currently
418 * available at the backend.
420 #define PROXY_FLUSH_WAIT 10000
423 char sticky_path[PROXY_BALANCER_MAX_STICKY_SIZE]; /* URL sticky session identifier */
424 char sticky[PROXY_BALANCER_MAX_STICKY_SIZE]; /* sticky session identifier */
425 char lbpname[PROXY_MAX_PROVIDER_NAME_SIZE]; /* lbmethod provider name */
426 char nonce[APR_UUID_FORMATTED_LENGTH + 1];
427 char name[PROXY_BALANCER_MAX_NAME_SIZE];
428 char sname[PROXY_BALANCER_MAX_NAME_SIZE];
429 char vpath[PROXY_BALANCER_MAX_ROUTE_SIZE];
430 char vhost[PROXY_BALANCER_MAX_HOSTNAME_SIZE];
431 apr_interval_time_t timeout; /* Timeout for waiting on free connection */
432 apr_time_t wupdated; /* timestamp of last change to workers list */
433 int max_attempts; /* Number of attempts before failing */
434 int index; /* shm array index */
436 unsigned int sticky_force:1; /* Disable failover for sticky sessions */
437 unsigned int scolonsep:1; /* true if ';' seps sticky session paths */
438 unsigned int max_attempts_set:1;
439 unsigned int was_malloced:1;
440 unsigned int need_reset:1;
441 unsigned int vhosted:1;
442 unsigned int inactive:1;
443 unsigned int forcerecovery:1;
444 char sticky_separator; /* separator for sessionid/route */
445 } proxy_balancer_shared;
447 #define ALIGNED_PROXY_BALANCER_SHARED_SIZE (APR_ALIGN_DEFAULT(sizeof(proxy_balancer_shared)))
449 struct proxy_balancer {
450 apr_array_header_t *workers; /* initially configured workers */
451 apr_array_header_t *errstatuses; /* statuses to force members into error */
452 ap_slotmem_instance_t *wslot; /* worker shm data - runtime */
453 ap_slotmem_provider_t *storage;
454 int growth; /* number of post-config workers can added */
455 int max_workers; /* maximum number of allowed workers */
457 apr_time_t wupdated; /* timestamp of last change to workers list */
458 proxy_balancer_method *lbmethod;
459 apr_global_mutex_t *gmutex; /* global lock for updating list of workers */
460 apr_thread_mutex_t *tmutex; /* Thread lock for updating shm */
461 proxy_server_conf *sconf;
462 void *context; /* general purpose storage */
463 proxy_balancer_shared *s; /* Shared data */
464 int failontimeout; /* Whether to mark a member in Err if IO timeout occurs */
467 struct proxy_balancer_method {
468 const char *name; /* name of the load balancer method*/
469 proxy_worker *(*finder)(proxy_balancer *balancer,
471 void *context; /* general purpose storage */
472 apr_status_t (*reset)(proxy_balancer *balancer, server_rec *s);
473 apr_status_t (*age)(proxy_balancer *balancer, server_rec *s);
474 apr_status_t (*updatelbstatus)(proxy_balancer *balancer, proxy_worker *elected, server_rec *s);
477 #define PROXY_THREAD_LOCK(x) ( (x) && (x)->tmutex ? apr_thread_mutex_lock((x)->tmutex) : APR_SUCCESS)
478 #define PROXY_THREAD_UNLOCK(x) ( (x) && (x)->tmutex ? apr_thread_mutex_unlock((x)->tmutex) : APR_SUCCESS)
480 #define PROXY_GLOBAL_LOCK(x) ( (x) && (x)->gmutex ? apr_global_mutex_lock((x)->gmutex) : APR_SUCCESS)
481 #define PROXY_GLOBAL_UNLOCK(x) ( (x) && (x)->gmutex ? apr_global_mutex_unlock((x)->gmutex) : APR_SUCCESS)
485 /* Create a set of PROXY_DECLARE(type), PROXY_DECLARE_NONSTD(type) and
486 * PROXY_DECLARE_DATA with appropriate export and import tags for the platform
489 #define PROXY_DECLARE(type) type
490 #define PROXY_DECLARE_NONSTD(type) type
491 #define PROXY_DECLARE_DATA
492 #elif defined(PROXY_DECLARE_STATIC)
493 #define PROXY_DECLARE(type) type __stdcall
494 #define PROXY_DECLARE_NONSTD(type) type
495 #define PROXY_DECLARE_DATA
496 #elif defined(PROXY_DECLARE_EXPORT)
497 #define PROXY_DECLARE(type) __declspec(dllexport) type __stdcall
498 #define PROXY_DECLARE_NONSTD(type) __declspec(dllexport) type
499 #define PROXY_DECLARE_DATA __declspec(dllexport)
501 #define PROXY_DECLARE(type) __declspec(dllimport) type __stdcall
502 #define PROXY_DECLARE_NONSTD(type) __declspec(dllimport) type
503 #define PROXY_DECLARE_DATA __declspec(dllimport)
506 APR_DECLARE_EXTERNAL_HOOK(proxy, PROXY, int, scheme_handler, (request_rec *r,
507 proxy_worker *worker, proxy_server_conf *conf, char *url,
508 const char *proxyhost, apr_port_t proxyport))
509 APR_DECLARE_EXTERNAL_HOOK(proxy, PROXY, int, canon_handler, (request_rec *r,
512 APR_DECLARE_EXTERNAL_HOOK(proxy, PROXY, int, create_req, (request_rec *r, request_rec *pr))
513 APR_DECLARE_EXTERNAL_HOOK(proxy, PROXY, int, fixups, (request_rec *r))
517 * It will return the most suitable worker at the moment
518 * and coresponding balancer.
519 * The url is rewritten from balancer://cluster/uri to scheme://host:port/uri
520 * and then the scheme_handler is called.
523 APR_DECLARE_EXTERNAL_HOOK(proxy, PROXY, int, pre_request, (proxy_worker **worker,
524 proxy_balancer **balancer,
526 proxy_server_conf *conf, char **url))
529 * It is called after request for updating runtime balancer status.
531 APR_DECLARE_EXTERNAL_HOOK(proxy, PROXY, int, post_request, (proxy_worker *worker,
532 proxy_balancer *balancer, request_rec *r,
533 proxy_server_conf *conf))
536 * request status hook
537 * It is called after all proxy processing has been done. This gives other
538 * modules a chance to create default content on failure, for example
540 APR_DECLARE_EXTERNAL_HOOK(proxy, PROXY, int, request_status,
541 (int *status, request_rec *r))
545 PROXY_DECLARE(apr_status_t) ap_proxy_strncpy(char *dst, const char *src,
547 PROXY_DECLARE(int) ap_proxy_hex2c(const char *x);
548 PROXY_DECLARE(void) ap_proxy_c2hex(int ch, char *x);
549 PROXY_DECLARE(char *)ap_proxy_canonenc(apr_pool_t *p, const char *x, int len, enum enctype t,
550 int forcedec, int proxyreq);
551 PROXY_DECLARE(char *)ap_proxy_canon_netloc(apr_pool_t *p, char **const urlp, char **userp,
552 char **passwordp, char **hostp, apr_port_t *port);
553 PROXY_DECLARE(int) ap_proxyerror(request_rec *r, int statuscode, const char *message);
554 PROXY_DECLARE(int) ap_proxy_checkproxyblock(request_rec *r, proxy_server_conf *conf, apr_sockaddr_t *uri_addr);
556 /** Test whether the hostname/address of the request are blocked by the ProxyBlock
559 * @param conf server configuration
560 * @param hostname hostname from request URI
561 * @param addr resolved address of hostname, or NULL if not known
562 * @return OK on success, or else an errro
564 PROXY_DECLARE(int) ap_proxy_checkproxyblock2(request_rec *r, proxy_server_conf *conf,
565 const char *hostname, apr_sockaddr_t *addr);
567 PROXY_DECLARE(int) ap_proxy_pre_http_request(conn_rec *c, request_rec *r);
568 /* DEPRECATED (will be replaced with ap_proxy_connect_backend */
569 PROXY_DECLARE(int) ap_proxy_connect_to_backend(apr_socket_t **, const char *, apr_sockaddr_t *, const char *, proxy_server_conf *, request_rec *);
570 PROXY_DECLARE(apr_status_t) ap_proxy_ssl_connection_cleanup(proxy_conn_rec *conn,
572 PROXY_DECLARE(int) ap_proxy_ssl_enable(conn_rec *c);
573 PROXY_DECLARE(int) ap_proxy_ssl_disable(conn_rec *c);
574 PROXY_DECLARE(int) ap_proxy_conn_is_https(conn_rec *c);
575 PROXY_DECLARE(const char *) ap_proxy_ssl_val(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r, const char *var);
577 /* Header mapping functions, and a typedef of their signature */
578 PROXY_DECLARE(const char *) ap_proxy_location_reverse_map(request_rec *r, proxy_dir_conf *conf, const char *url);
579 PROXY_DECLARE(const char *) ap_proxy_cookie_reverse_map(request_rec *r, proxy_dir_conf *conf, const char *str);
582 typedef const char *(*ap_proxy_header_reverse_map_fn)(request_rec *,
583 proxy_dir_conf *, const char *);
584 #elif defined(PROXY_DECLARE_STATIC)
585 typedef const char *(__stdcall *ap_proxy_header_reverse_map_fn)(request_rec *,
586 proxy_dir_conf *, const char *);
587 #elif defined(PROXY_DECLARE_EXPORT)
588 typedef __declspec(dllexport) const char *
589 (__stdcall *ap_proxy_header_reverse_map_fn)(request_rec *,
590 proxy_dir_conf *, const char *);
592 typedef __declspec(dllimport) const char *
593 (__stdcall *ap_proxy_header_reverse_map_fn)(request_rec *,
594 proxy_dir_conf *, const char *);
598 /* Connection pool API */
600 * Return the user-land, UDS aware worker name
601 * @param p memory pool used for displaying worker name
602 * @param worker the worker
606 PROXY_DECLARE(char *) ap_proxy_worker_name(apr_pool_t *p,
607 proxy_worker *worker);
610 * Get the worker from proxy configuration
611 * @param p memory pool used for finding worker
612 * @param balancer the balancer that the worker belongs to
613 * @param conf current proxy server configuration
614 * @param url url to find the worker from
615 * @return proxy_worker or NULL if not found
617 PROXY_DECLARE(proxy_worker *) ap_proxy_get_worker(apr_pool_t *p,
618 proxy_balancer *balancer,
619 proxy_server_conf *conf,
622 * Define and Allocate space for the worker to proxy configuration
623 * @param p memory pool to allocate worker from
624 * @param worker the new worker
625 * @param balancer the balancer that the worker belongs to
626 * @param conf current proxy server configuration
627 * @param url url containing worker name
628 * @param do_malloc true if shared struct should be malloced
629 * @return error message or NULL if successful (*worker is new worker)
631 PROXY_DECLARE(char *) ap_proxy_define_worker(apr_pool_t *p,
632 proxy_worker **worker,
633 proxy_balancer *balancer,
634 proxy_server_conf *conf,
639 * Share a defined proxy worker via shm
640 * @param worker worker to be shared
641 * @param shm location of shared info
642 * @param i index into shm
643 * @return APR_SUCCESS or error code
645 PROXY_DECLARE(apr_status_t) ap_proxy_share_worker(proxy_worker *worker,
646 proxy_worker_shared *shm,
650 * Initialize the worker by setting up worker connection pool and mutex
651 * @param worker worker to initialize
652 * @param s current server record
653 * @param p memory pool used for mutex and connection pool
654 * @return APR_SUCCESS or error code
656 PROXY_DECLARE(apr_status_t) ap_proxy_initialize_worker(proxy_worker *worker,
661 * Verifies valid balancer name (eg: balancer://foo)
662 * @param name name to test
663 * @param i number of chars to test; 0 for all.
666 PROXY_DECLARE(int) ap_proxy_valid_balancer_name(char *name, int i);
670 * Get the balancer from proxy configuration
671 * @param p memory pool used for temporary storage while finding balancer
672 * @param conf current proxy server configuration
673 * @param url url to find the worker from; must have balancer:// prefix
674 * @param careactive true if we care if the balancer is active or not
675 * @return proxy_balancer or NULL if not found
677 PROXY_DECLARE(proxy_balancer *) ap_proxy_get_balancer(apr_pool_t *p,
678 proxy_server_conf *conf,
683 * Update the balancer's vhost related fields
684 * @param p memory pool used for temporary storage while finding balancer
685 * @param balancer balancer to be updated
686 * @param url url to find vhost info
687 * @return error string or NULL if OK
689 PROXY_DECLARE(char *) ap_proxy_update_balancer(apr_pool_t *p,
690 proxy_balancer *balancer,
694 * Define and Allocate space for the balancer to proxy configuration
695 * @param p memory pool to allocate balancer from
696 * @param balancer the new balancer
697 * @param conf current proxy server configuration
698 * @param url url containing balancer name
699 * @param alias alias/fake-path to this balancer
700 * @param do_malloc true if shared struct should be malloced
701 * @return error message or NULL if successfull
703 PROXY_DECLARE(char *) ap_proxy_define_balancer(apr_pool_t *p,
704 proxy_balancer **balancer,
705 proxy_server_conf *conf,
711 * Share a defined proxy balancer via shm
712 * @param balancer balancer to be shared
713 * @param shm location of shared info
714 * @param i index into shm
715 * @return APR_SUCCESS or error code
717 PROXY_DECLARE(apr_status_t) ap_proxy_share_balancer(proxy_balancer *balancer,
718 proxy_balancer_shared *shm,
722 * Initialize the balancer as needed
723 * @param balancer balancer to initialize
724 * @param s current server record
725 * @param p memory pool used for mutex and connection pool
726 * @return APR_SUCCESS or error code
728 PROXY_DECLARE(apr_status_t) ap_proxy_initialize_balancer(proxy_balancer *balancer,
733 * Find the shm of the worker as needed
734 * @param storage slotmem provider
735 * @param slot slotmem instance
736 * @param worker worker to find
737 * @param index pointer to index within slotmem of worker
738 * @return pointer to shm of worker, or NULL
740 PROXY_DECLARE(proxy_worker_shared *) ap_proxy_find_workershm(ap_slotmem_provider_t *storage,
741 ap_slotmem_instance_t *slot,
742 proxy_worker *worker,
743 unsigned int *index);
746 * Find the shm of the balancer as needed
747 * @param storage slotmem provider
748 * @param slot slotmem instance
749 * @param balancer balancer of shm to find
750 * @param index pointer to index within slotmem of balancer
751 * @return pointer to shm of balancer, or NULL
753 PROXY_DECLARE(proxy_balancer_shared *) ap_proxy_find_balancershm(ap_slotmem_provider_t *storage,
754 ap_slotmem_instance_t *slot,
755 proxy_balancer *balancer,
756 unsigned int *index);
759 * Get the most suitable worker and/or balancer for the request
760 * @param worker worker used for processing request
761 * @param balancer balancer used for processing request
762 * @param r current request
763 * @param conf current proxy server configuration
764 * @param url request url that balancer can rewrite.
765 * @return OK or HTTP_XXX error
766 * @note It calls balancer pre_request hook if the url starts with balancer://
767 * The balancer then rewrites the url to particular worker, like http://host:port
769 PROXY_DECLARE(int) ap_proxy_pre_request(proxy_worker **worker,
770 proxy_balancer **balancer,
772 proxy_server_conf *conf,
775 * Post request worker and balancer cleanup
776 * @param worker worker used for processing request
777 * @param balancer balancer used for processing request
778 * @param r current request
779 * @param conf current proxy server configuration
780 * @return OK or HTTP_XXX error
781 * @note Whenever the pre_request is called, the post_request has to be
784 PROXY_DECLARE(int) ap_proxy_post_request(proxy_worker *worker,
785 proxy_balancer *balancer,
787 proxy_server_conf *conf);
790 * Determine backend hostname and port
791 * @param p memory pool used for processing
792 * @param r current request
793 * @param conf current proxy server configuration
794 * @param worker worker used for processing request
795 * @param conn proxy connection struct
796 * @param uri processed uri
797 * @param url request url
798 * @param proxyname are we connecting directly or via a proxy
799 * @param proxyport proxy host port
800 * @param server_portstr Via headers server port, must be non-NULL
801 * @param server_portstr_size size of the server_portstr buffer; must
802 * be at least one, even if the protocol doesn't use this
803 * @return OK or HTTP_XXX error
805 PROXY_DECLARE(int) ap_proxy_determine_connection(apr_pool_t *p, request_rec *r,
806 proxy_server_conf *conf,
807 proxy_worker *worker,
808 proxy_conn_rec *conn,
811 const char *proxyname,
812 apr_port_t proxyport,
813 char *server_portstr,
814 int server_portstr_size);
817 * Mark a worker for retry
818 * @param proxy_function calling proxy scheme (http, ajp, ...)
819 * @param worker worker used for retrying
820 * @param s current server record
821 * @return OK if marked for retry, DECLINED otherwise
822 * @note The error status of the worker will cleared if the retry interval has
823 * elapsed since the last error.
825 APR_DECLARE_OPTIONAL_FN(int, ap_proxy_retry_worker,
826 (const char *proxy_function, proxy_worker *worker, server_rec *s));
829 * Acquire a connection from worker connection pool
830 * @param proxy_function calling proxy scheme (http, ajp, ...)
831 * @param conn acquired connection
832 * @param worker worker used for obtaining connection
833 * @param s current server record
834 * @return OK or HTTP_XXX error
835 * @note If the connection limit has been reached, the function will
836 * block until a connection becomes available or the timeout has
839 PROXY_DECLARE(int) ap_proxy_acquire_connection(const char *proxy_function,
840 proxy_conn_rec **conn,
841 proxy_worker *worker,
844 * Release a connection back to worker connection pool
845 * @param proxy_function calling proxy scheme (http, ajp, ...)
846 * @param conn acquired connection
847 * @param s current server record
848 * @return OK or HTTP_XXX error
849 * @note The connection will be closed if conn->close_on_release is set
851 PROXY_DECLARE(int) ap_proxy_release_connection(const char *proxy_function,
852 proxy_conn_rec *conn,
855 * Make a connection to the backend
856 * @param proxy_function calling proxy scheme (http, ajp, ...)
857 * @param conn acquired connection
858 * @param worker connection worker
859 * @param s current server record
860 * @return OK or HTTP_XXX error
861 * @note In case the socket already exists for conn, just check the link
864 PROXY_DECLARE(int) ap_proxy_connect_backend(const char *proxy_function,
865 proxy_conn_rec *conn,
866 proxy_worker *worker,
870 * Make a connection to a Unix Domain Socket (UDS) path
871 * @param sock UDS to connect
872 * @param uds_path UDS path to connect to
873 * @param p pool to make the sock addr
874 * @return APR_SUCCESS or error status
876 PROXY_DECLARE(apr_status_t) ap_proxy_connect_uds(apr_socket_t *sock,
877 const char *uds_path,
880 * Make a connection record for backend connection
881 * @param proxy_function calling proxy scheme (http, ajp, ...)
882 * @param conn acquired connection
883 * @param c client connection record
884 * @param s current server record
885 * @return OK or HTTP_XXX error
886 * @note The function will return immediately if conn->connection
889 PROXY_DECLARE(int) ap_proxy_connection_create(const char *proxy_function,
890 proxy_conn_rec *conn,
891 conn_rec *c, server_rec *s);
894 * Determine if proxy connection can potentially be reused at the
895 * end of this request.
896 * @param conn proxy connection
897 * @return non-zero if reusable, 0 otherwise
898 * @note Even if this function returns non-zero, the connection may
899 * be subsequently marked for closure.
901 PROXY_DECLARE(int) ap_proxy_connection_reusable(proxy_conn_rec *conn);
904 * Signal the upstream chain that the connection to the backend broke in the
905 * middle of the response. This is done by sending an error bucket with
906 * status HTTP_BAD_GATEWAY and an EOS bucket up the filter chain.
907 * @param r current request record of client request
908 * @param brigade The brigade that is sent through the output filter chain
910 PROXY_DECLARE(void) ap_proxy_backend_broke(request_rec *r,
911 apr_bucket_brigade *brigade);
914 * Return a hash based on the passed string
915 * @param str string to produce hash from
916 * @param method hashing method to use
917 * @return hash as unsigned int
920 typedef enum { PROXY_HASHFUNC_DEFAULT, PROXY_HASHFUNC_APR, PROXY_HASHFUNC_FNV } proxy_hash_t;
922 PROXY_DECLARE(unsigned int) ap_proxy_hashfunc(const char *str, proxy_hash_t method);
926 * Set/unset the worker status bitfield depending on flag
928 * @param set set or unset bit
929 * @param w worker to use
930 * @return APR_SUCCESS if valid flag
932 PROXY_DECLARE(apr_status_t) ap_proxy_set_wstatus(char c, int set, proxy_worker *w);
936 * Create readable representation of worker status bitfield
938 * @param w worker to use
939 * @return string representation of status
941 PROXY_DECLARE(char *) ap_proxy_parse_wstatus(apr_pool_t *p, proxy_worker *w);
945 * Sync balancer and workers based on any updates w/i shm
946 * @param b balancer to check/update member list of
947 * @param s server rec
949 * @return APR_SUCCESS if all goes well
951 PROXY_DECLARE(apr_status_t) ap_proxy_sync_balancer(proxy_balancer *b,
953 proxy_server_conf *conf);
957 * Find the matched alias for this request and setup for proxy handler
959 * @param ent proxy_alias record
960 * @param dconf per-dir config or NULL
961 * @return DECLINED, DONE or OK if matched
963 PROXY_DECLARE(int) ap_proxy_trans_match(request_rec *r,
964 struct proxy_alias *ent,
965 proxy_dir_conf *dconf);
968 * Create a HTTP request header brigade, old_cl_val and old_te_val as required.
970 * @param header_brigade header brigade to use/fill
972 * @param p_conn proxy connection rec
973 * @param worker selected worker
974 * @param conf per-server proxy config
977 * @param server_portstr port as string
978 * @param old_cl_val stored old content-len val
979 * @param old_te_val stored old TE val
980 * @return OK or HTTP_EXPECTATION_FAILED
982 PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p,
983 apr_bucket_brigade *header_brigade,
985 proxy_conn_rec *p_conn,
986 proxy_worker *worker,
987 proxy_server_conf *conf,
989 char *url, char *server_portstr,
994 * @param bucket_alloc bucket allocator
996 * @param p_conn proxy connection
997 * @param origin connection rec of origin
998 * @param bb brigade to send to origin
1000 * @return status (OK)
1002 PROXY_DECLARE(int) ap_proxy_pass_brigade(apr_bucket_alloc_t *bucket_alloc,
1003 request_rec *r, proxy_conn_rec *p_conn,
1004 conn_rec *origin, apr_bucket_brigade *bb,
1008 * Clear the headers referenced by the Connection header from the given
1009 * table, and remove the Connection header.
1011 * @param headers table of headers to clear
1012 * @return 1 if "close" was present, 0 otherwise.
1014 APR_DECLARE_OPTIONAL_FN(int, ap_proxy_clear_connection,
1015 (request_rec *r, apr_table_t *headers));
1017 #define PROXY_LBMETHOD "proxylbmethod"
1019 /* The number of dynamic workers that can be added when reconfiguring.
1020 * If this limit is reached you must stop and restart the server.
1022 #define PROXY_DYNAMIC_BALANCER_LIMIT 16
1025 * Calculate maximum number of workers in scoreboard.
1026 * @return number of workers to allocate in the scoreboard
1028 int ap_proxy_lb_workers(void);
1031 * Return the port number of a known scheme (eg: http -> 80).
1032 * @param scheme scheme to test
1033 * @return port number or 0 if unknown
1035 PROXY_DECLARE(apr_port_t) ap_proxy_port_of_scheme(const char *scheme);
1038 * Strip a unix domain socket (UDS) prefix from the input URL
1039 * @param p pool to allocate result from
1040 * @param url a URL potentially prefixed with a UDS path
1041 * @return URL with the UDS prefix removed
1043 PROXY_DECLARE(const char *) ap_proxy_de_socketfy(apr_pool_t *p, const char *url);
1046 * Transform buckets from one bucket allocator to another one by creating a
1047 * transient bucket for each data bucket and let it use the data read from
1048 * the old bucket. Metabuckets are transformed by just recreating them.
1049 * Attention: Currently only the following bucket types are handled:
1055 * If an other bucket type is found its type is logged as a debug message
1056 * and APR_EGENERAL is returned.
1058 * @param r request_rec of the actual request. Used for logging purposes
1059 * @param from the bucket brigade to take the buckets from
1060 * @param to the bucket brigade to store the transformed buckets
1061 * @return apr_status_t of the operation. Either APR_SUCCESS or
1064 PROXY_DECLARE(apr_status_t) ap_proxy_buckets_lifetime_transform(request_rec *r,
1065 apr_bucket_brigade *from,
1066 apr_bucket_brigade *to);
1069 * Sends all data that can be read non blocking from the input filter chain of
1070 * c_i and send it down the output filter chain of c_o. For reading it uses
1071 * the bucket brigade bb_i which should be created from the bucket allocator
1072 * associated with c_i. For sending through the output filter chain it uses
1073 * the bucket brigade bb_o which should be created from the bucket allocator
1074 * associated with c_o. In order to get the buckets from bb_i to bb_o
1075 * ap_proxy_buckets_lifetime_transform is used.
1077 * @param r request_rec of the actual request. Used for logging purposes
1078 * @param c_i inbound connection conn_rec
1079 * @param c_o outbound connection conn_rec
1080 * @param bb_i bucket brigade for pulling data from the inbound connection
1081 * @param bb_o bucket brigade for sending data through the outbound connection
1082 * @param name string for logging from where data was pulled
1083 * @param sent if not NULL will be set to 1 if data was sent through c_o
1084 * @param bsize maximum amount of data pulled in one iteration from c_i
1085 * @param after if set flush data on c_o only once after the loop
1086 * @return apr_status_t of the operation. Could be any error returned from
1087 * either the input filter chain of c_i or the output filter chain
1088 * of c_o. APR_EPIPE if the outgoing connection was aborted.
1090 PROXY_DECLARE(apr_status_t) ap_proxy_transfer_between_connections(
1094 apr_bucket_brigade *bb_i,
1095 apr_bucket_brigade *bb_o,
1101 extern module PROXY_DECLARE_DATA proxy_module;
1103 #endif /*MOD_PROXY_H*/