ASF Bugzilla – Attachment 22058 Details for
Bug 44806
Set the IP address+port used for backend proxy requests.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Updated patch as suggested
patch (text/plain), 6.36 KB, created by
rahul
on 2008-06-03 00:19:25 UTC
(
hide
)
Description:
Updated patch as suggested
Filename:
MIME Type:
Creator:
rahul
Created:
2008-06-03 00:19:25 UTC
Size:
6.36 KB
patch
obsolete
>Index: modules/proxy/proxy_util.c >=================================================================== >--- modules/proxy/proxy_util.c (revision 662660) >+++ modules/proxy/proxy_util.c (working copy) >@@ -2267,6 +2267,30 @@ > } > #endif /* USE_ALTERNATE_IS_CONNECTED */ > >+apr_status_t bind_to_addr(apr_socket_t *newsock, apr_sockaddr_t *laddr, >+ const char *proxy_function, proxy_server_conf *conf, server_rec *s) >+{ >+ const int idx = conf->bind_idx; >+ const int range = conf->bind_range; >+ const int start = conf->bind_port; >+ for(int i = 0; i < range; ++i) { /* loop until we can bind correctly*/ >+ int port = start + ((idx + i) % range); >+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, "proxy: %s: trying to bind to %s:%u", >+ proxy_function, laddr,port, NULL); >+ >+ laddr->sa.sin.sin_port = htons(port); >+ laddr->port = port; >+ if (apr_socket_bind(newsock, laddr) == APR_SUCCESS) { >+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, "proxy: %s: bound to %s:%u", >+ proxy_function, laddr, laddr->port, NULL); >+ conf->bind_idx = i + 1; >+ return APR_SUCCESS; >+ } >+ } >+ return APR_EINVAL; >+} >+ >+ > PROXY_DECLARE(int) ap_proxy_connect_backend(const char *proxy_function, > proxy_conn_rec *conn, > proxy_worker *worker, >@@ -2349,6 +2373,21 @@ > "proxy: %s: fam %d socket created to connect to %s", > proxy_function, backend_addr->family, worker->hostname); > >+ if (conf->bindopt_set) { >+ apr_sockaddr_t *laddr = NULL; >+ for(apr_sockaddr_t *addr = conf->bind_addr; addr; addr = addr->next) { >+ if (addr->family != backend_addr->family) continue; >+ laddr = addr; >+ break; >+ } >+ if (!laddr || (bind_to_addr(newsock, laddr, proxy_function, conf, s) >+ != APR_SUCCESS)) { >+ ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, "proxy: %s: can not bind to %s:%u+%u", >+ proxy_function,conf->bind_addr, conf->bind_port, conf->bind_range, NULL); >+ return DECLINED; >+ } >+ } >+ > /* make the connection out of the socket */ > rv = apr_socket_connect(newsock, backend_addr); > >Index: modules/proxy/mod_proxy.c >=================================================================== >--- modules/proxy/mod_proxy.c (revision 662660) >+++ modules/proxy/mod_proxy.c (working copy) >@@ -35,6 +35,12 @@ > #define MAX(x,y) ((x) >= (y) ? (x) : (y)) > #endif > >+/* Value from /usr/sys/port_kernel.h is it exposed in any portable header? */ >+#define PORT_MAX_PORTS 0x10000 >+ >+/* a sane value for RANGE of bind */ >+#define MIN_RANGE_HINT 8 >+ > /* return the sizeof of one lb_worker in scoreboard. */ > static int ap_proxy_lb_worker_size(void) > { >@@ -1066,6 +1072,8 @@ > ps->timeout_set = 0; > ps->badopt = bad_error; > ps->badopt_set = 0; >+ ps->bindopt_set = 0; >+ ps->bind_idx = 0; > ps->pool = p; > > return ps; >@@ -1109,6 +1117,7 @@ > ps->badopt_set = overrides->badopt_set || base->badopt_set; > ps->proxy_status = (overrides->proxy_status_set == 0) ? base->proxy_status : overrides->proxy_status; > ps->proxy_status_set = overrides->proxy_status_set || base->proxy_status_set; >+ ps->bindopt_set = overrides->bindopt_set || base->bindopt_set; > ps->pool = p; > return ps; > } >@@ -1706,6 +1715,56 @@ > return NULL; > } > >+static const char* >+ set_proxy_bindaddr(cmd_parms *parms, void *dummy, const char *addr) >+{ >+ char *range, *host, *scope_id; >+ apr_port_t port; >+ int r = 0; >+ >+ proxy_server_conf *psf = >+ ap_get_module_config(parms->server->module_config, &proxy_module); >+ >+ range = ap_strrchr((char*)addr, '+'); >+ if (range) { >+ *range++ = 0; >+ r = atoi(range); >+ if (r < MIN_RANGE_HINT) >+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, >+ "range %u is too low, consider increasing the bind range.", r, NULL); >+ } >+ >+ /* We dont accept a single port with out a range as it would be same >+ * as a single threaded single process http-client >+ * >+ * We do not allow ip:0+0 or ip:0 as it can be specified more clearly >+ * as just ip. >+ * >+ * we dont accept a range with out a port either. >+ */ >+ if((apr_parse_addr_port(&host, &scope_id, &port, addr, parms->pool) >+ != APR_SUCCESS) >+ || scope_id /* we dont know how to use scope_id */ >+ || (!port && range) /* only a combo [port+range] is valid */ >+ || (port && (!range || r < 0)) /* Let admin specify r=0 if he wants to */ >+ || ((port + r) > PORT_MAX_PORTS) >+ ) >+ return "ProxyBindAddress: Invalid address -" >+ " format is <addr>[:<port>+<range>]"; >+ >+ /* Preparse the address */ >+ apr_sockaddr_info_get(&(psf->bind_addr), host, APR_UNSPEC, 0, 0, parms->pool); >+ >+ psf->bind_port = port; >+ /* If there didn't exist a port then there was no range either. so we have the >+ * starting value 0 for r when no port was specified.*/ >+ psf->bind_range = r + 1; >+ psf->bind_idx = 0; >+ psf->bindopt_set = 1; >+ >+ return NULL; >+} >+ > static const char *add_member(cmd_parms *cmd, void *dummy, const char *arg) > { > server_rec *s = cmd->server; >@@ -2088,6 +2147,8 @@ > "A balancer or worker name with list of params"), > AP_INIT_TAKE1("ProxyFtpDirCharset", set_ftp_directory_charset, NULL, > RSRC_CONF|ACCESS_CONF, "Define the character set for proxied FTP listings"), >+ AP_INIT_TAKE1("ProxyBindAddress", set_proxy_bindaddr, NULL, RSRC_CONF, >+ "Set the source address for a proxied connection. "), > {NULL} > }; > >Index: modules/proxy/mod_proxy.h >=================================================================== >--- modules/proxy/mod_proxy.h (revision 662660) >+++ modules/proxy/mod_proxy.h (working copy) >@@ -190,6 +190,12 @@ > status_full > } proxy_status; /* Status display options */ > char proxy_status_set; >+ /*bind to local ports*/ >+ apr_sockaddr_t *bind_addr; >+ apr_port_t bind_port; >+ apr_port_t bind_range; /* restrict the source ports used by mod_proxy */ >+ int bind_idx; >+ char bindopt_set; > apr_pool_t *pool; /* Pool used for allocating this struct */ > } proxy_server_conf; >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 44806
:
22038
|
22039
|
22040
|
22051
|
22058
|
22068
|
22074
|
22134