/** * Writes headers to srun. */ static void write_headers(stream_t *s, request_rec *r) { const apr_array_header_t *header = apr_table_elts(r->headers_in); apr_table_entry_t *headers = (apr_table_entry_t *) header->elts; int i; for (i = 0; i < header->nelts; ++i) { if (! headers[i].key || ! headers[i].val) continue; /* * Content-type and Content-Length are special cased for a little * added efficiency. */ if (! strcasecmp(headers[i].key, "Content-type")) cse_write_string(s, CSE_CONTENT_TYPE, headers[i].val); else if (! strcasecmp(headers[i].key, "Content-length")) cse_write_string(s, CSE_CONTENT_LENGTH, headers[i].val); else if (! strcasecmp(headers[i].key, "Expect")) { /* expect=continue-100 shouldn't be passed to backend */ } else { cse_write_string(s, HMUX_HEADER, headers[i].key); cse_write_string(s, HMUX_STRING, headers[i].val); } } }
/** * Writes headers to srun. */ static void write_headers(stream_t *s, request_rec *r) { array_header *hdrs_arr = ap_table_elts(r->headers_in); table_entry *hdrs = (table_entry *) hdrs_arr->elts; int i; for (i = 0; i < hdrs_arr->nelts; ++i) { char *key = hdrs[i].key; char *value = hdrs[i].val; if (! key) continue; /* * Content-type and Content-Length are special cased for a little * added efficiency. */ if (! strcasecmp(key, "Content-type")) cse_write_string(s, CSE_CONTENT_TYPE, value); else if (! strcasecmp(key, "Content-length")) cse_write_string(s, CSE_CONTENT_LENGTH, value); else { cse_write_string(s, HMUX_HEADER, key); cse_write_string(s, HMUX_STRING, value); } } }
/** * Writes SSL data, including client certificates. */ static void write_ssl(stream_t *s, EXTENSION_CONTROL_BLOCK *r) { char buf[BUF_LENGTH]; unsigned long size = sizeof(buf); if (! r->GetServerVariable(r->ConnID, "SERVER_PORT_SECURE", buf, &size) || size <= 0 || buf[0] != '1') return; cse_write_string(s, CSE_IS_SECURE, ""); // Anh : Add SSL connection informations cse_write_string(s, HMUX_HEADER, "HTTPS"); cse_write_string(s, HMUX_STRING, "on"); write_header(s, r, "HTTPS_KEYSIZE"); write_header(s, r, "HTTPS_SECRETKEYSIZE"); // Anh : Check client certificate existence size = sizeof(buf); buf[0] = 0; if (! r->GetServerVariable(r->ConnID, "CERT_FLAGS", buf, &size) || size <= 0 || buf[0] != '1') return; // There is a client certificate char cert_buf[BUF_LENGTH]={0}; CERT_CONTEXT_EX cert; cert.cbAllocated = sizeof(cert_buf); cert.CertContext.pbCertEncoded = (BYTE*) cert_buf; cert.CertContext.cbCertEncoded = 0; DWORD dwSize = sizeof(cert); if (r->ServerSupportFunction(r->ConnID, (DWORD)HSE_REQ_GET_CERT_INFO_EX, (LPVOID)&cert, &dwSize,NULL) != FALSE) { // cert now contains valid client certificate information LOG(("\ndwCertEncodingType = %d (%d) %ld\n", cert.CertContext.dwCertEncodingType & X509_ASN_ENCODING , cert.CertContext.cbCertEncoded, cert.dwCertificateFlags)); cse_write_packet(s, CSE_CLIENT_CERT, (char *)cert.CertContext.pbCertEncoded, cert.CertContext.cbCertEncoded); write_header(s, r, "CERT_ISSUER"); write_header(s, r, "CERT_SERIALNUMBER"); write_header(s, r, "CERT_SUBJECT"); write_header(s, r, "CERT_SERVER_ISSUER"); write_header(s, r, "CERT_SERVER_SUBJECT"); } }
static void write_added_headers(stream_t *s, request_rec *r) { const apr_array_header_t *header = apr_table_elts(r->subprocess_env); apr_table_entry_t *headers = (apr_table_entry_t *) header->elts; int i; for (i = 0; i < header->nelts; ++i) { if (! headers[i].key || ! headers[i].val) continue; if (! strcmp(headers[i].key, "HTTPS") && ! strcmp(headers[i].val, "on")) { cse_write_string(s, CSE_IS_SECURE, ""); } else if (! r->user && ! strcmp(headers[i].key, "SSL_CLIENT_DN")) cse_write_string(s, CSE_REMOTE_USER, headers[i].val); cse_write_string(s, HMUX_HEADER, headers[i].key); cse_write_string(s, HMUX_STRING, headers[i].val); } if (r->prev) { if (r->prev->args) { cse_write_string(s, HMUX_HEADER, "REDIRECT_QUERY_STRING"); cse_write_string(s, HMUX_STRING, r->prev->args); } if (r->prev->uri) { cse_write_string(s, HMUX_HEADER, "REDIRECT_URL"); cse_write_string(s, HMUX_STRING, r->prev->uri); } } }
static void write_header(stream_t *s, EXTENSION_CONTROL_BLOCK *r, char *name) { char buf[BUF_LENGTH]; unsigned long size = sizeof(buf); char *ptr = buf; buf[0] = 0; if (r->GetServerVariable(r->ConnID, name, buf, &size) && size > 0 && buf[0]) { for (; size > 0 && isspace(buf[size - 1]); size--) { } buf[size] = 0; cse_write_string(s, HMUX_HEADER, name); for (ptr = buf; isspace(*ptr); ptr++) { } cse_write_string(s, HMUX_STRING, ptr); } }
static void write_added_headers(stream_t *s, request_rec *r) { array_header *hdrs_arr = ap_table_elts(r->subprocess_env); table_entry *hdrs = (table_entry *) hdrs_arr->elts; int i; int has_ssl = 0; for (i = 0; i < hdrs_arr->nelts; ++i) { char *key = hdrs[i].key; char *value = hdrs[i].val; if (! key) continue; /* skip leading whitespace */ for (; isspace(*value); value++) { } if (! strcmp(key, "HTTPS") && ! strcasecmp(value, "on")) { has_ssl = 1; cse_write_string(s, CSE_IS_SECURE, ""); } else if (*key == 'S' && ! r->connection->user && ! strcmp(key, "SSL_CLIENT_DN")) cse_write_string(s, CSE_REMOTE_USER, value); cse_write_string(s, HMUX_HEADER, key); cse_write_string(s, HMUX_STRING, value); } if (has_ssl) write_ssl_env(s, r); if (r->prev) { if (r->prev->args) { cse_write_string(s, HMUX_HEADER, "REDIRECT_QUERY_STRING"); cse_write_string(s, HMUX_STRING, r->prev->args); } if (r->prev->uri) { cse_write_string(s, HMUX_HEADER, "REDIRECT_URL"); cse_write_string(s, HMUX_STRING, r->prev->uri); } } }
static void write_ssl_env(stream_t *s, request_rec *r) { /* mod_ssl */ #ifdef EAPI { static char *vars[] = { "SSL_CLIENT_S_DN", "SSL_CIPHER", "SSL_CIPHER_EXPORT", "SSL_PROTOCOL", "SSL_CIPHER_USEKEYSIZE", "SSL_CIPHER_ALGKEYSIZE", 0}; char *var; int i; int v; if ((v = ap_hook_call("ap::mod_ssl::var_lookup", &var, r->pool, r->server, r->connection, r, "SSL_CLIENT_CERT"))) { cse_write_string(s, CSE_CLIENT_CERT, var); } else if ((v = ap_hook_call("ap::mod_ssl::var_lookup", &var, r->pool, r->server, r->connection, r, "SSL_CLIENT_CERTIFICATE"))) { cse_write_string(s, CSE_CLIENT_CERT, var); } for (i = 0; vars[i]; i++) { if ((v = ap_hook_call("ap::mod_ssl::var_lookup", &var, r->pool, r->server, r->connection, r, vars[i]))) { cse_write_string(s, HMUX_HEADER, vars[i]); cse_write_string(s, HMUX_STRING, var); } } } #endif }
static void write_var(stream_t *s, EXTENSION_CONTROL_BLOCK *r, char *name, int code) { char buf[BUF_LENGTH]; char *ptr; unsigned long size = sizeof(buf); buf[0] = 0; if (r->GetServerVariable(r->ConnID, name, buf, &size) && size > 0 && buf[0]) { buf[size] = 0; for (ptr = buf; isspace(*ptr); ptr++) { } cse_write_string(s, code, ptr); } }
/** * Writes request parameters to srun. */ static void write_env(stream_t *s, request_rec *r) { char buf[4096]; int ch; int i, j; conn_rec *c = r->connection; const char *host; const char *uri; int port; int is_sub_request = 1; /* for mod_rewrite */ /* * is_sub_request is always true, since we can't detect mod_rewrite * and mod_rewrite doesn't change the unparsed_uri. */ if (is_sub_request) uri = r->uri; else uri = r->unparsed_uri; /* #937 */ j = 0; for (i = 0; (ch = uri[i]) && ch != '?' && j + 2 < sizeof(buf); i++) { if (ch == '%') { /* #1661 */ buf[j++] = '%'; buf[j++] = '2'; buf[j++] = '5'; } else buf[j++] = ch; } buf[j] = 0; cse_write_string(s, HMUX_URL, buf); cse_write_string(s, HMUX_METHOD, r->method); cse_write_string(s, CSE_PROTOCOL, r->protocol); if (r->args) cse_write_string(s, CSE_QUERY_STRING, r->args); /* Gets the server name */ host = ap_get_server_name(r); port = ap_get_server_port(r); cse_write_string(s, HMUX_SERVER_NAME, host); sprintf(buf, "%u", port); cse_write_string(s, CSE_SERVER_PORT, buf); if (c->remote_host) cse_write_string(s, CSE_REMOTE_HOST, c->remote_host); else cse_write_string(s, CSE_REMOTE_HOST, c->REMOTE_IP); cse_write_string(s, CSE_REMOTE_ADDR, c->REMOTE_IP); sprintf(buf, "%u", ntohs(c->REMOTE_ADDR->port)); cse_write_string(s, CSE_REMOTE_PORT, buf); if (r->user) cse_write_string(s, CSE_REMOTE_USER, r->user); if (r->ap_auth_type) cse_write_string(s, CSE_AUTH_TYPE, r->ap_auth_type); /* mod_ssl */ if (g_ssl_lookup) { static char *vars[] = { "SSL_CLIENT_S_DN", "SSL_CIPHER", "SSL_CIPHER_EXPORT", "SSL_PROTOCOL", "SSL_CIPHER_USEKEYSIZE", "SSL_CIPHER_ALGKEYSIZE", 0}; char *var; int i; if ((var = g_ssl_lookup(r->pool, r->server, r->connection, r, "SSL_CLIENT_CERT"))) { cse_write_string(s, CSE_CLIENT_CERT, var); } for (i = 0; vars[i]; i++) { if ((var = g_ssl_lookup(r->pool, r->server, r->connection, r, vars[i]))) { cse_write_string(s, HMUX_HEADER, vars[i]); cse_write_string(s, HMUX_STRING, var); } } } }
/** * Writes request parameters to srun. */ static void write_env(stream_t *s, request_rec *r, char *session_id) { char buf[4096]; int ch; int i; conn_rec *c = r->connection; const char *host; int port; int is_sub_request = 1; char *uri; /* * is_sub_request is always true, since we can't detect mod_rewrite * and mod_rewrite doesn't change the unparsed_uri. */ if (is_sub_request) uri = r->uri; /* for mod_rewrite */ else uri = r->unparsed_uri; /* #937 */ for (i = 0; (ch = uri[i]) && ch != '?' && i + 1 < sizeof(buf); i++) buf[i] = ch; if (session_id) { buf[i++] = *s->config->session_url_prefix; for (session_id++; *session_id && i + 1 < sizeof(buf); i++) buf[i] = *session_id++; } buf[i] = 0; cse_write_string(s, HMUX_URL, buf); cse_write_string(s, HMUX_METHOD, r->method); if (*s->config->alt_session_url_prefix && r->request_config) { char *suburi = ap_get_module_config(r->request_config, &caucho_module); if (suburi) uri = suburi; } cse_write_string(s, CSE_PROTOCOL, r->protocol); if (r->args) cse_write_string(s, CSE_QUERY_STRING, r->args); /* Gets the server name */ host = ap_get_server_name(r); port = ap_get_server_port(r); cse_write_string(s, HMUX_SERVER_NAME, host); cse_write_string(s, CSE_SERVER_PORT, ap_psprintf(r->pool, "%u", port)); host = ap_get_remote_host(c, r->per_dir_config, REMOTE_HOST); if (host) cse_write_string(s, CSE_REMOTE_HOST, host); else cse_write_string(s, CSE_REMOTE_HOST, c->remote_ip); cse_write_string(s, CSE_REMOTE_ADDR, c->remote_ip); cse_write_string(s, CSE_REMOTE_PORT, ap_psprintf(r->pool, "%d", ntohs(c->remote_addr.sin_port))); if (c->user) cse_write_string(s, CSE_REMOTE_USER, c->user); if (c->ap_auth_type) cse_write_string(s, CSE_AUTH_TYPE, c->ap_auth_type); }