1 /* ====================================================================
2 * The Apache Software License, Version 1.1
4 * Copyright (c) 2000-2001 The Apache Software Foundation. All rights
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
19 * 3. The end-user documentation included with the redistribution,
20 * if any, must include the following acknowledgment:
21 * "This product includes software developed by the
22 * Apache Software Foundation (http://www.apache.org/)."
23 * Alternately, this acknowledgment may appear in the software itself,
24 * if and wherever such third-party acknowledgments normally appear.
26 * 4. The names "Apache" and "Apache Software Foundation" must
27 * not be used to endorse or promote products derived from this
28 * software without prior written permission. For written
29 * permission, please contact apache@apache.org.
31 * 5. Products derived from this software may not be called "Apache",
32 * nor may "Apache" appear in their name, without prior written
33 * permission of the Apache Software Foundation.
35 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
36 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
37 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
38 * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
41 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
42 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
43 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
44 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
45 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
47 * ====================================================================
49 * This software consists of voluntary contributions made by many
50 * individuals on behalf of the Apache Software Foundation. For more
51 * information on the Apache Software Foundation, please see
52 * <http://www.apache.org/>.
54 * Portions of this software are based upon public domain software
55 * originally written at the National Center for Supercomputing Applications,
56 * University of Illinois, Urbana-Champaign.
60 * http_vhost.c: functions pertaining to virtual host addresses
61 * (configuration and run-time)
65 #include "apr_strings.h"
68 #define APR_WANT_STRFUNC
72 #include "ap_config.h"
74 #include "http_config.h"
76 #include "http_vhost.h"
77 #include "http_protocol.h"
78 #include "http_core.h"
80 #if APR_HAVE_ARPA_INET_H
81 #include <arpa/inet.h>
85 * After all the definitions there's an explanation of how it's all put
89 /* meta-list of name-vhosts. Each server_rec can be in possibly multiple
90 * lists of name-vhosts.
92 typedef struct name_chain name_chain;
95 server_addr_rec *sar; /* the record causing it to be in
96 * this chain (needed for port comparisons) */
97 server_rec *server; /* the server to use on a match */
100 /* meta-list of ip addresses. Each server_rec can be in possibly multiple
101 * hash chains since it can have multiple ips.
103 typedef struct ipaddr_chain ipaddr_chain;
104 struct ipaddr_chain {
106 server_addr_rec *sar; /* the record causing it to be in
107 * this chain (need for both ip addr and port
109 server_rec *server; /* the server to use if this matches */
110 name_chain *names; /* if non-NULL then a list of name-vhosts
111 * sharing this address */
114 /* This defines the size of the hash apr_table_t used for hashing ip addresses
115 * of virtual hosts. It must be a power of two.
117 #ifndef IPHASH_TABLE_SIZE
118 #define IPHASH_TABLE_SIZE 256
121 /* A (n) bucket hash table, each entry has a pointer to a server rec and
122 * a pointer to the other entries in that bucket. Each individual address,
123 * even for virtualhosts with multiple addresses, has an entry in this hash
124 * table. There are extra buckets for _default_, and name-vhost entries.
126 * Note that after config time this is constant, so it is thread-safe.
128 static ipaddr_chain *iphash_table[IPHASH_TABLE_SIZE];
130 /* dump out statistics about the hash function */
131 /* #define IPHASH_STATISTICS */
133 /* list of the _default_ servers */
134 static ipaddr_chain *default_list;
136 /* list of the NameVirtualHost addresses */
137 static server_addr_rec *name_vhost_list;
138 static server_addr_rec **name_vhost_list_tail;
143 * The ip address determines which chain in iphash_table is interesting, then
144 * a comparison is done down that chain to find the first ipaddr_chain whose
145 * sar matches the address:port pair.
147 * If that ipaddr_chain has names == NULL then you're done, it's an ip-vhost.
149 * Otherwise it's a name-vhost list, and the default is the server in the
150 * ipaddr_chain record. We tuck away the ipaddr_chain record in the
151 * conn_rec field vhost_lookup_data. Later on after the headers we get a
152 * second chance, and we use the name_chain to figure out what name-vhost
153 * matches the headers.
155 * If there was no ip address match in the iphash_table then do a lookup
156 * in the default_list.
158 * How it's put together ... well you should be able to figure that out
159 * from how it's used. Or something like that.
163 /* called at the beginning of the config */
164 void ap_init_vhost_config(apr_pool_t *p)
166 memset(iphash_table, 0, sizeof(iphash_table));
168 name_vhost_list = NULL;
169 name_vhost_list_tail = &name_vhost_list;
174 * Parses a host of the form <address>[:port]
175 * paddr is used to create a list in the order of input
176 * **paddr is the ->next pointer of the last entry (or s->addrs)
177 * *paddr is the variable used to keep track of **paddr between calls
178 * port is the default port to assume
180 static const char *get_addresses(apr_pool_t *p, const char *w_,
181 server_addr_rec ***paddr,
182 apr_port_t default_port)
184 apr_sockaddr_t *my_addr;
185 server_addr_rec *sar;
186 char *w, *host, *scope_id;
195 w = apr_pstrdup(p, w_);
196 /* apr_parse_addr_port() doesn't understand ":*" so handle that first. */
198 if (wlen > 2 && w[wlen - 1] == '*' && w[wlen - 2] == ':') {
205 rv = apr_parse_addr_port(&host, &scope_id, &port, w, p);
206 if (rv != APR_SUCCESS) {
207 return "The address or port is invalid";
210 return "Scope ids are not supported";
212 if (!port && !wild_port) {
216 if (strcmp(host, "*") == 0) {
217 rv = apr_sockaddr_info_get(&my_addr, NULL, APR_INET, port, 0, p);
218 my_addr->sa.sin.sin_addr.s_addr = htonl(INADDR_ANY);
219 } else if (strcasecmp(host, "_default_") == 0
220 || strcmp(host, "255.255.255.255") == 0) {
221 rv = apr_sockaddr_info_get(&my_addr, NULL, APR_INET, port, 0, p);
222 ap_assert(rv == APR_SUCCESS); /* must be bug or out of storage */
223 my_addr->sa.sin.sin_addr.s_addr = DEFAULT_VHOST_ADDR;
225 rv = apr_sockaddr_info_get(&my_addr, host, APR_UNSPEC, port, 0, p);
226 if (rv != APR_SUCCESS) {
227 ap_log_error(APLOG_MARK, APLOG_ERR, rv, NULL,
228 "Cannot resolve host name %s --- ignoring!", host);
233 /* XXX Gotta go through *all* addresses for the host name!
234 * Fix apr_sockaddr_info_get() to save them! */
236 sar = apr_pcalloc(p, sizeof(server_addr_rec));
239 sar->host_addr = my_addr;
240 sar->host_port = port;
241 sar->virthost = host;
246 /* parse the <VirtualHost> addresses */
247 const char *ap_parse_vhost_addrs(apr_pool_t *p, const char *hostname, server_rec *s)
249 server_addr_rec **addrs;
252 /* start the list of addreses */
254 while (hostname[0]) {
255 err = get_addresses(p, ap_getword_conf(p, &hostname), &addrs, s->port);
261 /* terminate the list */
264 if (s->addrs->host_port) {
265 /* override the default port which is inherited from main_server */
266 s->port = s->addrs->host_port;
273 const char *ap_set_name_virtual_host (cmd_parms *cmd, void *dummy,
276 /* use whatever port the main server has at this point */
277 return get_addresses(cmd->pool, arg, &name_vhost_list_tail,
282 /* hash apr_table_t statistics, keep this in here for the beta period so
283 * we can find out if the hash function is ok
285 #ifdef IPHASH_STATISTICS
286 static int iphash_compare(const void *a, const void *b)
288 return (*(const int *) b - *(const int *) a);
292 static void dump_iphash_statistics(server_rec *main_s)
294 unsigned count[IPHASH_TABLE_SIZE];
298 char buf[HUGE_STRING_LEN];
302 for (i = 0; i < IPHASH_TABLE_SIZE; ++i) {
304 for (src = iphash_table[i]; src; src = src->next) {
306 if (i < IPHASH_TABLE_SIZE) {
307 /* don't count the slop buckets in the total */
312 qsort(count, IPHASH_TABLE_SIZE, sizeof(count[0]), iphash_compare);
313 p = buf + apr_snprintf(buf, sizeof(buf),
314 "iphash: total hashed = %u, avg chain = %u, "
315 "chain lengths (count x len):",
316 total, total / IPHASH_TABLE_SIZE);
318 for (i = 1; i < IPHASH_TABLE_SIZE; ++i) {
319 if (count[i - 1] != count[i]) {
320 p += apr_snprintf(p, sizeof(buf) - (p - buf), " %ux%u",
321 total, count[i - 1]);
328 p += apr_snprintf(p, sizeof(buf) - (p - buf), " %ux%u",
329 total, count[IPHASH_TABLE_SIZE - 1]);
330 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_DEBUG, main_s, buf);
335 /* This hashing function is designed to get good distribution in the cases
336 * where the server is handling entire "networks" of servers. i.e. a
337 * whack of /24s. This is probably the most common configuration for
338 * ISPs with large virtual servers.
340 * NOTE: This function is symmetric (i.e. collapses all 4 octets
341 * into one), so machine byte order (big/little endianness) does not matter.
343 * Hash function provided by David Hankins.
345 static APR_INLINE unsigned hash_inaddr(unsigned key)
348 return ((key >> 8) ^ key) % IPHASH_TABLE_SIZE;
351 static APR_INLINE unsigned hash_addr(struct apr_sockaddr_t *sa)
355 /* The key is the last four bytes of the IP address.
356 * For IPv4, this is the entire address, as always.
357 * For IPv6, this is usually part of the MAC address.
359 key = *(unsigned *)((char *)sa->ipaddr_ptr + sa->ipaddr_len - 4);
360 return hash_inaddr(key);
363 static ipaddr_chain *new_ipaddr_chain(apr_pool_t *p,
364 server_rec *s, server_addr_rec *sar)
368 new = apr_palloc(p, sizeof(*new));
377 static name_chain *new_name_chain(apr_pool_t *p, server_rec *s, server_addr_rec *sar)
381 new = apr_palloc(p, sizeof(*new));
389 static APR_INLINE ipaddr_chain *find_ipaddr(apr_sockaddr_t *sa)
394 /* scan the hash apr_table_t for an exact match first */
395 bucket = hash_addr(sa);
396 for (trav = iphash_table[bucket]; trav; trav = trav->next) {
397 server_addr_rec *sar = trav->sar;
398 apr_sockaddr_t *cur = sar->host_addr;
400 if (cur->sa.sin.sin_port == 0 ||
401 sa->sa.sin.sin_port == 0 ||
402 cur->sa.sin.sin_port == sa->sa.sin.sin_port) {
403 if (cur->ipaddr_len == sa->ipaddr_len &&
404 !memcmp(cur->ipaddr_ptr,
415 static ipaddr_chain *find_default_server(apr_port_t port)
417 server_addr_rec *sar;
420 for (trav = default_list; trav; trav = trav->next) {
422 if (sar->host_port == 0 || sar->host_port == port) {
430 static void dump_a_vhost(apr_file_t *f, ipaddr_chain *ic)
434 char buf[MAX_STRING_LEN];
435 apr_sockaddr_t *ha = ic->sar->host_addr;
437 if (ha->sa.sin.sin_family == APR_INET &&
438 ha->sa.sin.sin_addr.s_addr == DEFAULT_VHOST_ADDR) {
439 len = apr_snprintf(buf, sizeof(buf), "_default_:%u",
442 else if (ha->sa.sin.sin_family == APR_INET &&
443 ha->sa.sin.sin_addr.s_addr == INADDR_ANY) {
444 len = apr_snprintf(buf, sizeof(buf), "*:%u",
448 len = apr_snprintf(buf, sizeof(buf), "%pI", ha);
450 if (ic->sar->host_port == 0) {
453 if (ic->names == NULL) {
454 apr_file_printf(f, "%-22s %s (%s:%u)\n", buf, ic->server->server_hostname,
455 ic->server->defn_name, ic->server->defn_line_number);
458 apr_file_printf(f, "%-22s is a NameVirtualHost\n"
459 "%8s default server %s (%s:%u)\n",
460 buf, "", ic->server->server_hostname,
461 ic->server->defn_name, ic->server->defn_line_number);
462 for (nc = ic->names; nc; nc = nc->next) {
463 if (nc->sar->host_port) {
464 apr_file_printf(f, "%8s port %u ", "", nc->sar->host_port);
467 apr_file_printf(f, "%8s port * ", "");
469 apr_file_printf(f, "namevhost %s (%s:%u)\n", nc->server->server_hostname,
470 nc->server->defn_name, nc->server->defn_line_number);
474 static void dump_vhost_config(apr_file_t *f)
479 apr_file_printf(f, "VirtualHost configuration:\n");
480 for (i = 0; i < IPHASH_TABLE_SIZE; ++i) {
481 for (ic = iphash_table[i]; ic; ic = ic->next) {
486 apr_file_printf(f, "wildcard NameVirtualHosts and _default_ servers:\n");
487 for (ic = default_list; ic; ic = ic->next) {
494 * Two helper functions for ap_fini_vhost_config()
496 static int add_name_vhost_config(apr_pool_t *p, server_rec *main_s, server_rec *s,
497 server_addr_rec *sar, ipaddr_chain *ic)
499 /* the first time we encounter a NameVirtualHost address
500 * ic->server will be NULL, on subsequent encounters
501 * ic->names will be non-NULL.
503 if (ic->names || ic->server == NULL) {
504 name_chain *nc = new_name_chain(p, s, sar);
505 nc->next = ic->names;
508 if (sar->host_port != ic->sar->host_port) {
509 /* one of the two is a * port, the other isn't */
510 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, main_s,
511 "VirtualHost %s:%u -- mixing * "
512 "ports and non-* ports with "
513 "a NameVirtualHost address is not supported,"
514 " proceeding with undefined results",
515 sar->virthost, sar->host_port);
520 /* IP-based vhosts are handled by the caller */
525 static void remove_unused_name_vhosts(server_rec *main_s, ipaddr_chain **pic)
528 ipaddr_chain *ic = *pic;
530 if (ic->server == NULL) {
531 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_WARNING, 0, main_s,
532 "NameVirtualHost %s:%u has no VirtualHosts",
533 ic->sar->virthost, ic->sar->host_port);
536 else if (ic->names == NULL) {
537 /* if server != NULL and names == NULL then we're done
538 * looking at NameVirtualHosts
548 /* compile the tables and such we need to do the run-time vhost lookups */
549 AP_DECLARE(void) ap_fini_vhost_config(apr_pool_t *p, server_rec *main_s)
551 server_addr_rec *sar;
552 int has_default_vhost_addr;
555 ipaddr_chain **iphash_table_tail[IPHASH_TABLE_SIZE];
557 /* terminate the name_vhost list */
558 *name_vhost_list_tail = NULL;
560 /* Main host first */
563 if (!s->server_hostname) {
564 s->server_hostname = ap_get_local_host(p);
567 /* initialize the tails */
568 for (i = 0; i < IPHASH_TABLE_SIZE; ++i) {
569 iphash_table_tail[i] = &iphash_table[i];
572 /* The first things to go into the hash apr_table_t are the NameVirtualHosts
573 * Since name_vhost_list is in the same order that the directives
574 * occured in the config file, we'll copy it in that order.
576 for (sar = name_vhost_list; sar; sar = sar->next) {
577 unsigned bucket = hash_addr(sar->host_addr);
578 ipaddr_chain *ic = new_ipaddr_chain(p, NULL, sar);
580 if (sar->host_addr->sa.sin.sin_addr.s_addr != INADDR_ANY) {
581 *iphash_table_tail[bucket] = ic;
582 iphash_table_tail[bucket] = &ic->next;
585 /* A wildcard NameVirtualHost goes on the default_list so
586 * that it can catch incoming requests on any address.
588 ic->next = default_list;
591 /* Notice that what we've done is insert an ipaddr_chain with
592 * both server and names NULL. This fact is used to spot name-
593 * based vhosts in add_name_vhost_config().
597 /* The next things to go into the hash apr_table_t are the virtual hosts
598 * themselves. They're listed off of main_s->next in the reverse
599 * order they occured in the config file, so we insert them at
600 * the iphash_table_tail but don't advance the tail.
603 for (s = main_s->next; s; s = s->next) {
604 has_default_vhost_addr = 0;
605 for (sar = s->addrs; sar; sar = sar->next) {
608 if (sar->host_addr->sa.sin.sin_addr.s_addr == DEFAULT_VHOST_ADDR
609 || sar->host_addr->sa.sin.sin_addr.s_addr == INADDR_ANY) {
610 ic = find_default_server(sar->host_port);
611 if (!ic || !add_name_vhost_config(p, main_s, s, sar, ic)) {
612 if (ic && ic->sar->host_port != 0) {
613 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_WARNING,
614 0, main_s, "_default_ VirtualHost overlap on port %u,"
615 " the first has precedence", sar->host_port);
617 ic = new_ipaddr_chain(p, s, sar);
618 ic->next = default_list;
621 has_default_vhost_addr = 1;
624 /* see if it matches something we've already got */
625 ic = find_ipaddr(sar->host_addr);
628 unsigned bucket = hash_addr(sar->host_addr);
630 ic = new_ipaddr_chain(p, s, sar);
631 ic->next = *iphash_table_tail[bucket];
632 *iphash_table_tail[bucket] = ic;
634 else if (!add_name_vhost_config(p, main_s, s, sar, ic)) {
635 ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_WARNING, 0, main_s,
636 "VirtualHost %s:%u overlaps with "
637 "VirtualHost %s:%u, the first has precedence, "
638 "perhaps you need a NameVirtualHost directive",
639 sar->virthost, sar->host_port,
640 ic->sar->virthost, ic->sar->host_port);
647 /* Ok now we want to set up a server_hostname if the user was
648 * silly enough to forget one.
649 * XXX: This is silly we should just crash and burn.
651 if (!s->server_hostname) {
652 if (has_default_vhost_addr) {
653 s->server_hostname = main_s->server_hostname;
655 else if (!s->addrs) {
656 /* what else can we do? at this point this vhost has
657 no configured name, probably because they used
658 DNS in the VirtualHost statement. It's disabled
659 anyhow by the host matching code. -djg */
661 apr_pstrdup(p, "bogus_host_without_forward_dns");
667 rv = apr_getnameinfo(&hostname, s->addrs->host_addr, 0);
668 if (rv == APR_SUCCESS) {
669 s->server_hostname = apr_pstrdup(p, hostname);
672 /* again, what can we do? They didn't specify a
673 ServerName, and their DNS isn't working. -djg */
676 apr_sockaddr_ip_get(&ipaddr_str, s->addrs->host_addr);
677 ap_log_error(APLOG_MARK, APLOG_ERR, rv, main_s,
678 "Failed to resolve server name "
679 "for %s (check DNS) -- or specify an explicit "
683 apr_pstrdup(p, "bogus_host_without_reverse_dns");
689 /* now go through and delete any NameVirtualHosts that didn't have any
690 * hosts associated with them. Lamers.
692 for (i = 0; i < IPHASH_TABLE_SIZE; ++i) {
693 remove_unused_name_vhosts(main_s, &iphash_table[i]);
695 remove_unused_name_vhosts(main_s, &default_list);
697 #ifdef IPHASH_STATISTICS
698 dump_iphash_statistics(main_s);
700 if (ap_exists_config_define("DUMP_VHOSTS")) {
701 apr_file_t *thefile = NULL;
702 apr_file_open_stderr(&thefile, p);
703 dump_vhost_config(thefile);
708 /*****************************************************************************
709 * run-time vhost matching functions
712 /* Lowercase and remove any trailing dot and/or :port from the hostname,
713 * and check that it is sane.
715 * In most configurations the exact syntax of the hostname isn't
716 * important so strict sanity checking isn't necessary. However, in
717 * mass hosting setups (using mod_vhost_alias or mod_rewrite) where
718 * the hostname is interpolated into the filename, we need to be sure
719 * that the interpolation doesn't expose parts of the filesystem.
720 * We don't do strict RFC 952 / RFC 1123 syntax checking in order
721 * to support iDNS and people who erroneously use underscores.
722 * Instead we just check for filesystem metacharacters: directory
723 * separators / and \ and sequences of more than one dot.
725 static void fix_hostname(request_rec *r)
727 char *host, *scope_id;
732 rv = apr_parse_addr_port(&host, &scope_id, &port, r->hostname, r->pool);
733 if (rv != APR_SUCCESS || scope_id) {
738 /* silly looking host ("Host: 123") but that isn't our job
739 * here to judge; apr_parse_addr_port() would think we had a port
742 host = apr_psprintf(r->pool, "%d", (int)port);
745 /* if the hostname is an IPv6 numeric address string, it was validated
746 * already; otherwise, further validation is needed
748 if (r->hostname[0] != '[') {
749 for (dst = host; *dst; dst++) {
755 else if (*dst == '/' || *dst == '\\') {
759 /* strip trailing gubbins */
760 if (dst > host && dst[-1] == '.') {
768 r->status = HTTP_BAD_REQUEST;
769 ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
770 "Client sent malformed Host header");
775 /* return 1 if host matches ServerName or ServerAliases */
776 static int matches_aliases(server_rec *s, const char *host)
779 apr_array_header_t *names;
781 /* match ServerName */
782 if (!strcasecmp(host, s->server_hostname)) {
786 /* search all the aliases from ServerAlias directive */
789 char **name = (char **) names->elts;
790 for (i = 0; i < names->nelts; ++i) {
791 if(!name[i]) continue;
792 if (!strcasecmp(host, name[i]))
796 names = s->wild_names;
798 char **name = (char **) names->elts;
799 for (i = 0; i < names->nelts; ++i) {
800 if(!name[i]) continue;
801 if (!ap_strcasecmp_match(host, name[i]))
809 /* Suppose a request came in on the same socket as this r, and included
810 * a header "Host: host:port", would it map to r->server? It's more
811 * than just that though. When we do the normal matches for each request
812 * we don't even bother considering Host: etc on non-namevirtualhosts,
813 * we just call it a match. But here we require the host:port to match
814 * the ServerName and/or ServerAliases.
816 AP_DECLARE(int) ap_matches_request_vhost(request_rec *r, const char *host,
820 server_addr_rec *sar;
824 /* search all the <VirtualHost> values */
825 /* XXX: If this is a NameVirtualHost then we may not be doing the Right Thing
828 * NameVirtualHost 10.1.1.1
829 * <VirtualHost 10.1.1.1>
832 * <VirtualHost 10.1.1.1>
836 * Suppose r->server is v2, and we're asked to match "10.1.1.1". We'll say
837 * "yup it's v2", when really it isn't... if a request came in for 10.1.1.1
838 * it would really go to v1.
840 for (sar = s->addrs; sar; sar = sar->next) {
841 if ((sar->host_port == 0 || port == sar->host_port)
842 && !strcasecmp(host, sar->virthost)) {
847 /* the Port has to match now, because the rest don't have ports associated
849 if (port != s->port) {
853 return matches_aliases(s, host);
857 static void check_hostalias(request_rec *r)
860 * Even if the request has a Host: header containing a port we ignore
861 * that port. We always use the physical port of the socket. There
862 * are a few reasons for this:
864 * - the default of 80 or 443 for SSL is easier to handle this way
865 * - there is less of a possibility of a security problem
866 * - it simplifies the data structure
867 * - the client may have no idea that a proxy somewhere along the way
868 * translated the request to another ip:port
869 * - except for the addresses from the VirtualHost line, none of the other
870 * names we'll match have ports associated with them
872 const char *host = r->hostname;
877 apr_sockaddr_t *localsa;
880 apr_socket_addr_get(&localsa, APR_LOCAL, r->connection->client_socket);
881 apr_sockaddr_port_get(&port, localsa);
883 /* Recall that the name_chain is a list of server_addr_recs, some of
884 * whose ports may not match. Also each server may appear more than
885 * once in the chain -- specifically, it will appear once for each
886 * address from its VirtualHost line which matched. We only want to
887 * do the full ServerName/ServerAlias comparisons once for each
888 * server, fortunately we know that all the VirtualHost addresses for
889 * a single server are adjacent to each other.
892 for (src = r->connection->vhost_lookup_data; src; src = src->next) {
893 server_addr_rec *sar;
895 /* We only consider addresses on the name_chain which have a matching
899 if (sar->host_port != 0 && port != sar->host_port) {
905 /* does it match the virthost from the sar? */
906 if (!strcasecmp(host, sar->virthost)) {
911 /* we've already done ServerName and ServerAlias checks for this
918 if (matches_aliases(s, host)) {
925 /* s is the first matching server, we're done */
930 static void check_serverpath(request_rec *r)
936 apr_sockaddr_t *localsa;
938 apr_socket_addr_get(&localsa, APR_LOCAL, r->connection->client_socket);
939 apr_sockaddr_port_get(&port, localsa);
942 * This is in conjunction with the ServerPath code in http_core, so we
943 * get the right host attached to a non- Host-sending request.
945 * See the comment in check_hostalias about how each vhost can be
946 * listed multiple times.
950 for (src = r->connection->vhost_lookup_data; src; src = src->next) {
951 /* We only consider addresses on the name_chain which have a matching
954 if (src->sar->host_port != 0 && port != src->sar->host_port) {
964 if (s->path && !strncmp(r->uri, s->path, s->pathlen) &&
965 (s->path[s->pathlen - 1] == '/' ||
966 r->uri[s->pathlen] == '/' ||
967 r->uri[s->pathlen] == '\0')) {
975 void ap_update_vhost_from_headers(request_rec *r)
977 /* must set this for HTTP/1.1 support */
978 if (r->hostname || (r->hostname = apr_table_get(r->headers_in, "Host"))) {
980 if (r->status != HTTP_OK)
983 /* check if we tucked away a name_chain */
984 if (r->connection->vhost_lookup_data) {
993 /* Called for a new connection which has a known local_addr. Note that the
994 * new connection is assumed to have conn->server == main server.
996 void ap_update_vhost_given_ip(conn_rec *conn)
1001 /* scan the hash apr_table_t for an exact match first */
1002 trav = find_ipaddr(conn->local_addr);
1004 /* save the name_chain for later in case this is a name-vhost */
1005 conn->vhost_lookup_data = trav->names;
1006 conn->base_server = trav->server;
1010 /* maybe there's a default server or wildcard name-based vhost
1011 * matching this port
1013 apr_sockaddr_port_get(&port, conn->local_addr);
1014 trav = find_default_server(port);
1016 conn->vhost_lookup_data = trav->names;
1017 conn->base_server = trav->server;
1021 /* otherwise we're stuck with just the main server
1022 * and no name-based vhosts
1024 conn->vhost_lookup_data = NULL;
projects / apache / blob