📄 proxy_util.c
字号:
/* Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. *//* Utility routines for Apache proxy */#include "mod_proxy.h"#include "ap_mpm.h"#include "scoreboard.h"#include "apr_version.h"#if APR_HAVE_UNISTD_H#include <unistd.h> /* for getpid() */#endif#if (APR_MAJOR_VERSION < 1)#undef apr_socket_create#define apr_socket_create apr_socket_create_ex#endif/* Global balancer counter */int PROXY_DECLARE_DATA proxy_lb_workers = 0;static int lb_workers_limit = 0;static int proxy_match_ipaddr(struct dirconn_entry *This, request_rec *r);static int proxy_match_domainname(struct dirconn_entry *This, request_rec *r);static int proxy_match_hostname(struct dirconn_entry *This, request_rec *r);static int proxy_match_word(struct dirconn_entry *This, request_rec *r);APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL(proxy, PROXY, int, create_req, (request_rec *r, request_rec *pr), (r, pr), OK, DECLINED)/* already called in the knowledge that the characters are hex digits */PROXY_DECLARE(int) ap_proxy_hex2c(const char *x){ int i, ch;#if !APR_CHARSET_EBCDIC ch = x[0]; if (apr_isdigit(ch)) { i = ch - '0'; } else if (apr_isupper(ch)) { i = ch - ('A' - 10); } else { i = ch - ('a' - 10); } i <<= 4; ch = x[1]; if (apr_isdigit(ch)) { i += ch - '0'; } else if (apr_isupper(ch)) { i += ch - ('A' - 10); } else { i += ch - ('a' - 10); } return i;#else /*APR_CHARSET_EBCDIC*/ /* * we assume that the hex value refers to an ASCII character * so convert to EBCDIC so that it makes sense locally; * * example: * * client specifies %20 in URL to refer to a space char; * at this point we're called with EBCDIC "20"; after turning * EBCDIC "20" into binary 0x20, we then need to assume that 0x20 * represents an ASCII char and convert 0x20 to EBCDIC, yielding * 0x40 */ char buf[1]; if (1 == sscanf(x, "%2x", &i)) { buf[0] = i & 0xFF; ap_xlate_proto_from_ascii(buf, 1); return buf[0]; } else { return 0; }#endif /*APR_CHARSET_EBCDIC*/}PROXY_DECLARE(void) ap_proxy_c2hex(int ch, char *x){#if !APR_CHARSET_EBCDIC int i; x[0] = '%'; i = (ch & 0xF0) >> 4; if (i >= 10) { x[1] = ('A' - 10) + i; } else { x[1] = '0' + i; } i = ch & 0x0F; if (i >= 10) { x[2] = ('A' - 10) + i; } else { x[2] = '0' + i; }#else /*APR_CHARSET_EBCDIC*/ static const char ntoa[] = { "0123456789ABCDEF" }; char buf[1]; ch &= 0xFF; buf[0] = ch; ap_xlate_proto_to_ascii(buf, 1); x[0] = '%'; x[1] = ntoa[(buf[0] >> 4) & 0x0F]; x[2] = ntoa[buf[0] & 0x0F]; x[3] = '\0';#endif /*APR_CHARSET_EBCDIC*/}/* * canonicalise a URL-encoded string *//* * Convert a URL-encoded string to canonical form. * It decodes characters which need not be encoded, * and encodes those which must be encoded, and does not touch * those which must not be touched. */PROXY_DECLARE(char *)ap_proxy_canonenc(apr_pool_t *p, const char *x, int len, enum enctype t, int forcedec, int proxyreq){ int i, j, ch; char *y; char *allowed; /* characters which should not be encoded */ char *reserved; /* characters which much not be en/de-coded *//* * N.B. in addition to :@&=, this allows ';' in an http path * and '?' in an ftp path -- this may be revised * * Also, it makes a '+' character in a search string reserved, as * it may be form-encoded. (Although RFC 1738 doesn't allow this - * it only permits ; / ? : @ = & as reserved chars.) */ if (t == enc_path) { allowed = "~$-_.+!*'(),;:@&="; } else if (t == enc_search) { allowed = "$-_.!*'(),;:@&="; } else if (t == enc_user) { allowed = "$-_.+!*'(),;@&="; } else if (t == enc_fpath) { allowed = "$-_.+!*'(),?:@&="; } else { /* if (t == enc_parm) */ allowed = "$-_.+!*'(),?/:@&="; } if (t == enc_path) { reserved = "/"; } else if (t == enc_search) { reserved = "+"; } else { reserved = ""; } y = apr_palloc(p, 3 * len + 1); for (i = 0, j = 0; i < len; i++, j++) {/* always handle '/' first */ ch = x[i]; if (strchr(reserved, ch)) { y[j] = ch; continue; }/* * decode it if not already done. do not decode reverse proxied URLs * unless specifically forced */ if ((forcedec || (proxyreq && proxyreq != PROXYREQ_REVERSE)) && ch == '%') { if (!apr_isxdigit(x[i + 1]) || !apr_isxdigit(x[i + 2])) { return NULL; } ch = ap_proxy_hex2c(&x[i + 1]); i += 2; if (ch != 0 && strchr(reserved, ch)) { /* keep it encoded */ ap_proxy_c2hex(ch, &y[j]); j += 2; continue; } }/* recode it, if necessary */ if (!apr_isalnum(ch) && !strchr(allowed, ch)) { ap_proxy_c2hex(ch, &y[j]); j += 2; } else { y[j] = ch; } } y[j] = '\0'; return y;}/* * Parses network-location. * urlp on input the URL; on output the path, after the leading / * user NULL if no user/password permitted * password holder for password * host holder for host * port port number; only set if one is supplied. * * Returns an error string. */PROXY_DECLARE(char *) ap_proxy_canon_netloc(apr_pool_t *p, char **const urlp, char **userp, char **passwordp, char **hostp, apr_port_t *port){ char *addr, *scope_id, *strp, *host, *url = *urlp; char *user = NULL, *password = NULL; apr_port_t tmp_port; apr_status_t rv; if (url[0] != '/' || url[1] != '/') { return "Malformed URL"; } host = url + 2; url = strchr(host, '/'); if (url == NULL) { url = ""; } else { *(url++) = '\0'; /* skip seperating '/' */ } /* find _last_ '@' since it might occur in user/password part */ strp = strrchr(host, '@'); if (strp != NULL) { *strp = '\0'; user = host; host = strp + 1;/* find password */ strp = strchr(user, ':'); if (strp != NULL) { *strp = '\0'; password = ap_proxy_canonenc(p, strp + 1, strlen(strp + 1), enc_user, 1, 0); if (password == NULL) { return "Bad %-escape in URL (password)"; } } user = ap_proxy_canonenc(p, user, strlen(user), enc_user, 1, 0); if (user == NULL) { return "Bad %-escape in URL (username)"; } } if (userp != NULL) { *userp = user; } if (passwordp != NULL) { *passwordp = password; } /* * Parse the host string to separate host portion from optional port. * Perform range checking on port. */ rv = apr_parse_addr_port(&addr, &scope_id, &tmp_port, host, p); if (rv != APR_SUCCESS || addr == NULL || scope_id != NULL) { return "Invalid host/port"; } if (tmp_port != 0) { /* only update caller's port if port was specified */ *port = tmp_port; } ap_str_tolower(addr); /* DNS names are case-insensitive */ *urlp = url; *hostp = addr; return NULL;}/* * If the date is a valid RFC 850 date or asctime() date, then it * is converted to the RFC 1123 format. */PROXY_DECLARE(const char *) ap_proxy_date_canon(apr_pool_t *p, const char *date){ apr_status_t rv; char* ndate; apr_time_t time = apr_date_parse_http(date); if (!time) { return date; } ndate = apr_palloc(p, APR_RFC822_DATE_LEN); rv = apr_rfc822_date(ndate, time); if (rv != APR_SUCCESS) { return date; } return ndate;}PROXY_DECLARE(request_rec *)ap_proxy_make_fake_req(conn_rec *c, request_rec *r){ request_rec *rp = apr_pcalloc(r->pool, sizeof(*r)); rp->pool = r->pool; rp->status = HTTP_OK; rp->headers_in = apr_table_make(r->pool, 50); rp->subprocess_env = apr_table_make(r->pool, 50); rp->headers_out = apr_table_make(r->pool, 12); rp->err_headers_out = apr_table_make(r->pool, 5); rp->notes = apr_table_make(r->pool, 5); rp->server = r->server; rp->proxyreq = r->proxyreq; rp->request_time = r->request_time; rp->connection = c; rp->output_filters = c->output_filters; rp->input_filters = c->input_filters; rp->proto_output_filters = c->output_filters; rp->proto_input_filters = c->input_filters; rp->request_config = ap_create_request_config(r->pool); proxy_run_create_req(r, rp); return rp;}/* * list is a comma-separated list of case-insensitive tokens, with * optional whitespace around the tokens. * The return returns 1 if the token val is found in the list, or 0 * otherwise. */PROXY_DECLARE(int) ap_proxy_liststr(const char *list, const char *val){ int len, i; const char *p; len = strlen(val); while (list != NULL) { p = ap_strchr_c(list, ','); if (p != NULL) { i = p - list; do { p++; } while (apr_isspace(*p)); } else { i = strlen(list); } while (i > 0 && apr_isspace(list[i - 1])) { i--; } if (i == len && strncasecmp(list, val, len) == 0) { return 1; } list = p; } return 0;}/* * list is a comma-separated list of case-insensitive tokens, with * optional whitespace around the tokens. * if val appears on the list of tokens, it is removed from the list, * and the new list is returned. */PROXY_DECLARE(char *)ap_proxy_removestr(apr_pool_t *pool, const char *list, const char *val){ int len, i; const char *p; char *new = NULL; len = strlen(val); while (list != NULL) { p = ap_strchr_c(list, ','); if (p != NULL) { i = p - list; do {⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -