[vcl] 01/01: added support for offloading SSL to loadbalancer. the vcl application will not force HTTPS when config option SSLOFFLOAD is enabled within conf.php

[junaid]

This is an automated email from the ASF dual-hosted git repository.

junaid pushed a commit to branch VCL-1112_ssl_offload
in repository https://gitbox.apache.org/repos/asf/vcl.git

commit eee98890a27232addbb1b61830343b0c617e001c
Author: Junaid Ali <jun...@apache.org>
AuthorDate: Mon Mar 11 12:34:36 2019 -0500

    added support for offloading SSL to loadbalancer. the vcl application will 
not force HTTPS when config option SSLOFFLOAD is enabled within conf.php
---
 web/.ht-inc/conf-default.php | 3 +++
 web/index.php                | 9 ++++++---
 web/testsetup.php            | 2 ++
 3 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/web/.ht-inc/conf-default.php b/web/.ht-inc/conf-default.php
index e64ea50..d9022e3 100644
--- a/web/.ht-inc/conf-default.php
+++ b/web/.ht-inc/conf-default.php
@@ -61,6 +61,9 @@ if (strpos($host, ':')) {
        $host = substr($host, 0, strpos($host, ':'));
 }
 
+define("SSLOFFLOAD", 0); // set this to 1 to use external load balancer to 
manage SSL termination
+                         // set the BASEURL and HOMEURL paths to also be plain 
HTTP
+                         // The VCL application will not force HTTPS urls as 
HTTPS is enforced at the load balancer
 define("BASEURL", "https://{$_SERVER['HTTP_HOST']}/vcl");   // no trailing 
slash - all of the URL except /index.php
 define("SCRIPT", "/index.php");                 // this should only be 
"/index.php" unless you rename index.php to something else
 define("HOMEURL", "https://{$_SERVER['HTTP_HOST']}/vcl/"); // url to go to 
when someone clicks HOME or Logout
diff --git a/web/index.php b/web/index.php
index 6ac26f6..0d059c9 100644
--- a/web/index.php
+++ b/web/index.php
@@ -20,9 +20,12 @@
 $VCLversion = '2.5';
 
 require_once(".ht-inc/conf.php");
-if(! isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") {
-       header("Location: " . BASEURL . "/");
-       exit;
+
+if (SSLOFFLOAD == 0) {
+    if(! isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") {
+        header("Location: " . BASEURL . "/");
+        exit;
+    }
 }
 
 $user = '';
diff --git a/web/testsetup.php b/web/testsetup.php
index 8f384d2..c07a0db 100644
--- a/web/testsetup.php
+++ b/web/testsetup.php
@@ -222,6 +222,8 @@ if($includeconf && include('.ht-inc/conf.php')) {
        else {
                if(substr_compare(BASEURL, 'https:', 0, 6, true) == 0)
                        pass("BASEURL correctly set to use https");
+               elseif(SSLOFFLOAD == 1)
+                       pass("BASEURL set to use http as SSL is offloaded to 
load balancer");
                else
                        fail("BASEURL is not set to use https. https is 
required.");
        }