Use two optional functions from mod_ssl so that we

can receive both is_ssl and ssl_var for ajp protocol.
This is combined work based on patch from Brad Boyer and
Joe Orton's suggestion to use ssl_var_lookup.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@160690 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/proxy/ajp_header.c b/modules/proxy/ajp_header.c
index d871059345c47d25fac690c252a771ca613cbefb..b1766f88601e56e00703ec33376254403bc95b15 100644 (file)
--- a/modules/proxy/ajp_header.c
+++ b/modules/proxy/ajp_header.c
@@ -225,8 +225,7 @@ static apr_status_t ajp_marshal_into_msgb(ajp_msg_t *msg,
         return AJP_EBAD_METHOD;
     }
 
-    /* XXXX need something */
-    is_ssl = (apr_byte_t) 0; /* s->is_ssl */
+    is_ssl = (apr_byte_t) ap_proxy_conn_is_https(r->connection);
 
     if (r->headers_in && apr_table_elts(r->headers_in)) {
         const apr_array_header_t *t = apr_table_elts(r->headers_in);
@@ -342,7 +341,7 @@ static apr_status_t ajp_marshal_into_msgb(ajp_msg_t *msg,
  *   SetEnv SSL_SESSION_ID CUSTOM_SSL_SESSION_ID
  * </Location>
  */
-    if ((envvar = apr_table_get(r->subprocess_env,
+    if ((envvar = ap_proxy_ssl_val(r->pool, r->server, r->connection, r,
                                 AJP13_SSL_CLIENT_CERT_INDICATOR))) {
         if (ajp_msg_append_uint8(msg, SC_A_SSL_CERT) ||
             ajp_msg_append_string(msg, envvar)) {
@@ -353,7 +352,7 @@ static apr_status_t ajp_marshal_into_msgb(ajp_msg_t *msg,
         }
     }
 
-    if ((envvar = apr_table_get(r->subprocess_env,
+    if ((envvar = ap_proxy_ssl_val(r->pool, r->server, r->connection, r,
                                 AJP13_SSL_CIPHER_INDICATOR))) {
         if (ajp_msg_append_uint8(msg, SC_A_SSL_CIPHER) ||
             ajp_msg_append_string(msg, envvar)) {
@@ -364,7 +363,7 @@ static apr_status_t ajp_marshal_into_msgb(ajp_msg_t *msg,
         }
     }
 
-    if ((envvar = apr_table_get(r->subprocess_env,
+    if ((envvar = ap_proxy_ssl_val(r->pool, r->server, r->connection, r,
                                 AJP13_SSL_SESSION_INDICATOR))) {
         if (ajp_msg_append_uint8(msg, SC_A_SSL_SESSION) ||
             ajp_msg_append_string(msg, envvar)) {

diff --git a/modules/proxy/mod_proxy.c b/modules/proxy/mod_proxy.c
index 8fabf2106d5209b30c9e7b830be220b81864539c..30bde09b6433799ce4a99c346d1c5d629a5b16da 100644 (file)
--- a/modules/proxy/mod_proxy.c
+++ b/modules/proxy/mod_proxy.c
@@ -27,6 +27,10 @@
 #else
 APR_DECLARE_OPTIONAL_FN(int, ssl_proxy_enable, (conn_rec *));
 APR_DECLARE_OPTIONAL_FN(int, ssl_engine_disable, (conn_rec *));
+APR_DECLARE_OPTIONAL_FN(int, ssl_is_https, (conn_rec *));
+APR_DECLARE_OPTIONAL_FN(char *, ssl_var_lookup,
+                        (apr_pool_t *, server_rec *,
+                         conn_rec *, request_rec *, char *));
 #endif
 
 #ifndef MAX
@@ -1575,6 +1579,8 @@ static const command_rec proxy_cmds[] =
 
 static APR_OPTIONAL_FN_TYPE(ssl_proxy_enable) *proxy_ssl_enable = NULL;
 static APR_OPTIONAL_FN_TYPE(ssl_engine_disable) *proxy_ssl_disable = NULL;
+static APR_OPTIONAL_FN_TYPE(ssl_is_https) *proxy_is_https = NULL;
+static APR_OPTIONAL_FN_TYPE(ssl_var_lookup) *proxy_ssl_val = NULL;
 
 PROXY_DECLARE(int) ap_proxy_ssl_enable(conn_rec *c)
 {
@@ -1598,12 +1604,35 @@ PROXY_DECLARE(int) ap_proxy_ssl_disable(conn_rec *c)
     return 0;
 }
 
+PROXY_DECLARE(int) ap_proxy_conn_is_https(conn_rec *c)
+{
+    if (proxy_is_https) {
+        return proxy_is_https(c);
+    }
+    else
+        return 0;
+}
+
+PROXY_DECLARE(const char *) ap_proxy_ssl_val(apr_pool_t *p, server_rec *s,
+                                             conn_rec *c, request_rec *r,
+                                             const char *var)
+{
+    if (proxy_ssl_val) {
+        /* XXX Perhaps the casting useless */
+        return (const char *)proxy_ssl_val(p, s, c, r, (char *)var);
+    }
+    else
+        return NULL;
+}
+
 static int proxy_post_config(apr_pool_t *pconf, apr_pool_t *plog,
                              apr_pool_t *ptemp, server_rec *s)
 {
 
     proxy_ssl_enable = APR_RETRIEVE_OPTIONAL_FN(ssl_proxy_enable);
     proxy_ssl_disable = APR_RETRIEVE_OPTIONAL_FN(ssl_engine_disable);
+    proxy_is_https = APR_RETRIEVE_OPTIONAL_FN(ssl_is_https);
+    proxy_ssl_val = APR_RETRIEVE_OPTIONAL_FN(ssl_var_lookup);
 
     return OK;
 }

diff --git a/modules/proxy/mod_proxy.h b/modules/proxy/mod_proxy.h
index e037388383172c2c488cbca2a8609f159347b84a..8ea9e2b409a743343d68d31bf8856761d8745f20 100644 (file)
--- a/modules/proxy/mod_proxy.h
+++ b/modules/proxy/mod_proxy.h
@@ -403,6 +403,8 @@ PROXY_DECLARE(void) ap_proxy_table_unmerge(apr_pool_t *p, apr_table_t *t, char *
 PROXY_DECLARE(int) ap_proxy_connect_to_backend(apr_socket_t **, const char *, apr_sockaddr_t *, const char *, proxy_server_conf *, server_rec *, apr_pool_t *);
 PROXY_DECLARE(int) ap_proxy_ssl_enable(conn_rec *c);
 PROXY_DECLARE(int) ap_proxy_ssl_disable(conn_rec *c);
+PROXY_DECLARE(int) ap_proxy_conn_is_https(conn_rec *c);
+PROXY_DECLARE(const char *) ap_proxy_ssl_val(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r, const char *var);
 
 /* Header mapping functions, and a typedef of their signature */
 PROXY_DECLARE(const char *) ap_proxy_location_reverse_map(request_rec *r, proxy_server_conf *conf, const char *url);