Bug 48721 - [Patch] Add ProxyAllow to mod_proxy
Summary: [Patch] Add ProxyAllow to mod_proxy
Status: NEW
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_proxy (show other bugs)
Version: 2.5-HEAD
Hardware: PC Linux
: P2 normal with 3 votes (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords: PatchAvailable
Depends on:
Blocks:
 
Reported: 2010-02-10 02:04 UTC by Deti
Modified: 2012-11-15 16:34 UTC (History)
2 users (show)



Attachments
implement ProxyAllow statement (8.17 KB, patch)
2010-02-10 02:04 UTC, Deti
Details | Diff
Patch against trunk (7.80 KB, patch)
2010-02-10 23:19 UTC, Deti
Details | Diff
Patch against trunk (7.91 KB, patch)
2010-02-10 23:28 UTC, Deti
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Deti 2010-02-10 02:04:18 UTC
Created attachment 24960 [details]
implement ProxyAllow statement

The current configuration directives of mod_proxy do not allow to set a white list of valid connection targets.There is only a ProxyBlock directive that denies certain destinations. This patch adds a ProxyAllow statement to the configuration that works exactly inverted to ProxyBlock.
The order of these restrictions are set by implementation to first block and then allow. Both statements can be combined but in most setups one is sufficient.

The patch attached to this mail is against 2.2.8 patched with a fix for mod_proxy_connect to make it work via SSL (https://issues.apache.org/bugzilla/attachment.cgi?id=24615)
Comment 1 Ruediger Pluem 2010-02-10 07:36:53 UTC
A few comments:

1. Please provide a patch against trunk. All changes must go through trunk first.
2. Please add new struct members to the end of a struct to keep things backportable
Comment 2 Deti 2010-02-10 23:19:52 UTC
Created attachment 24968 [details]
Patch against trunk

Here we go...(In reply to comment #1)

> 1. Please provide a patch against trunk. All changes must go through trunk
> first.
done.

> 2. Please add new struct members to the end of a struct to keep things
> backportable
done.

New patch attached.
Comment 3 Deti 2010-02-10 23:28:45 UTC
Created attachment 24969 [details]
Patch against trunk

fix compilation.