Chris Monson wrote:
(patch)
A couple of comments:
Why not just store whatever flags should be passed in to apr_sockaddr_info_get()
I have changed it to store the flag itself, rather than an enumeration of possible settings.
In the code below, we already have an IPv4 address and we're getting apr_sockaddr_info_get() to build a representation of it. I don't think the IP lookup flags should be specified here.
You are correct. I have removed the offending code. The new patch against Apache 2.0.44 is included (do I need to send a patch against the CVS head?).
I still want to know whether it makes sense to change the entries in proxy_util.c, and that requires a little discussion as to whether a request_rec pointer should be required in the ap_get_iplookup_flags function or not. Currently it is required so that we can allow for per-directory configuration of IPLookups (which may seem like overkill, but I am thinking of mod_rewrite and friends that may want to use it to do things on a per-directory basis).
C
*** server/core.c Tue Mar 4 09:15:54 2003
--- new/server/core.c Tue Mar 4 09:41:53 2003
***************
*** 144,149 ****
--- 144,150 ----
conf->use_canonical_name = USE_CANONICAL_NAME_UNSET;
conf->hostname_lookups = HOSTNAME_LOOKUP_UNSET;
+ conf->ip_lookup_flags = 0; /* the default flag is to attempt all query types */
conf->do_rfc1413 = DEFAULT_RFC1413 | 2; /* set bit 1 to indicate default */
conf->satisfy = SATISFY_NOSPEC;
***************
*** 620,625 ****
--- 621,634 ----
* here...
*/
+ AP_DECLARE(apr_int32_t) ap_get_iplookup_flags(request_rec *r)
+ {
+ core_dir_config *conf;
+ conf = (core_dir_config *)ap_get_module_config(r->per_dir_config,
+ &core_module);
+ return conf->ip_lookup_flags;
+ }
+
AP_DECLARE(int) ap_allow_options(request_rec *r)
{
core_dir_config *conf =
***************
*** 2113,2118 ****
--- 2122,2153 ----
return NULL;
}
+ static const char *set_ip_lookups(cmd_parms *cmd, void *d_,
+ const char *arg)
+ {
+ core_dir_config *d = d_;
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_LIMIT);
+
+ if (err != NULL) {
+ return err;
+ }
+
+ if (!strcasecmp(arg, "all")) {
+ d->ip_lookup_flags = 0;
+ }
+ else if (!strcasecmp(arg, "ipv4okay")) {
+ d->ip_lookup_flags = APR_IPV4_ADDR_OK;
+ }
+ else if (!strcasecmp(arg, "ipv6okay")) {
+ d->ip_lookup_flags = APR_IPV6_ADDR_OK;
+ }
+ else {
+ return "parameter must be 'all', 'ipv4okay', or 'ipv6okay'";
+ }
+
+ return NULL;
+ }
+
static const char *set_serverpath(cmd_parms *cmd, void *dummy,
const char *arg)
{
***************
*** 2982,2987 ****
--- 3017,3024 ----
ACCESS_CONF|RSRC_CONF,
"\"on\" to enable, \"off\" to disable reverse DNS lookups, or \"double\" to "
"enable double-reverse DNS lookups"),
+ AP_INIT_TAKE1("IPLookups", set_ip_lookups, NULL, ACCESS_CONF | RSRC_CONF,
+ "Set the IP lookup order (All|IPv4Okay|IPv6Okay)"),
AP_INIT_TAKE1("ServerAdmin", set_server_string_slot,
(void *)APR_OFFSETOF(server_rec, server_admin), RSRC_CONF,
"The email address of the server administrator"),
*** include/http_core.h Tue Mar 4 09:16:25 2003
--- new/include/http_core.h Tue Mar 4 09:37:47 2003
***************
*** 135,140 ****
--- 135,148 ----
#define AP_MIN_BYTES_TO_WRITE 8000
/**
+ * Retrieve the value of IPLookups as flags for apr_sockaddr_info_get
+ * @param r The current request
+ * @return the flags bitmask for apr_sockaddr_info_get
+ * @deffunc apr_int32_t ap_get_iplookup_flags(request_rec *r)
+ */
+ AP_DECLARE(apr_int32_t) ap_get_iplookup_flags(request_rec *r);
+
+ /**
* Retrieve the value of Options for this request
* @param r The current request
* @return the Options bitmask
***************
*** 464,469 ****
--- 472,482 ----
#define HOSTNAME_LOOKUP_UNSET 3
unsigned int hostname_lookups : 4;
+ /* The lookup flags provide hints to any module that is interested
+ * in doing a DNS query via apr_sockaddr_info_get. Config is IPLookups.
+ */
+ apr_int32_t ip_lookup_flags;
+
signed int do_rfc1413 : 2; /* See if client is advertising a username? */
signed int content_md5 : 2; /* calculate Content-MD5? */
*** modules/proxy/proxy_http.c Tue Mar 4 09:17:42 2003
--- new/modules/proxy/proxy_http.c Tue Mar 4 09:20:12 2003
***************
*** 204,209 ****
--- 204,210 ----
int server_port;
apr_status_t err;
apr_sockaddr_t *uri_addr;
+ apr_int32_t lookup_flags;
/*
* Break up the URL to determine the host to connect to
*/
***************
*** 222,231 ****
"proxy: HTTP connecting %s to %s:%d", *url, uri->hostname,
uri->port);
/* do a DNS lookup for the destination host */
/* see memory note above */
err = apr_sockaddr_info_get(&uri_addr, apr_pstrdup(c->pool, uri->hostname),
! APR_UNSPEC, uri->port, 0, c->pool);
/* allocate these out of the connection pool - the check on
* r->connection->id makes sure that this string does not get accessed
--- 223,234 ----
"proxy: HTTP connecting %s to %s:%d", *url, uri->hostname,
uri->port);
+ lookup_flags = ap_get_iplookup_flags(r);
+
/* do a DNS lookup for the destination host */
/* see memory note above */
err = apr_sockaddr_info_get(&uri_addr, apr_pstrdup(c->pool, uri->hostname),
! APR_UNSPEC, uri->port, lookup_flags, c->pool);
/* allocate these out of the connection pool - the check on
* r->connection->id makes sure that this string does not get accessed
***************
*** 236,242 ****
p_conn->port = proxyport;
/* see memory note above */
err = apr_sockaddr_info_get(&p_conn->addr, p_conn->name, APR_UNSPEC,
! p_conn->port, 0, c->pool);
} else {
p_conn->name = apr_pstrdup(c->pool, uri->hostname);
p_conn->port = uri->port;
--- 239,245 ----
p_conn->port = proxyport;
/* see memory note above */
err = apr_sockaddr_info_get(&p_conn->addr, p_conn->name, APR_UNSPEC,
! p_conn->port, lookup_flags, c->pool);
} else {
p_conn->name = apr_pstrdup(c->pool, uri->hostname);
p_conn->port = uri->port;
*** modules/proxy/proxy_ftp.c Tue Mar 4 09:17:50 2003
--- new/modules/proxy/proxy_ftp.c Tue Mar 4 09:41:00 2003
***************
*** 801,806 ****
--- 801,807 ----
#if defined(USE_MDTM) && (defined(HAVE_TIMEGM) || defined(HAVE_GMTOFF))
apr_time_t mtime = 0L;
#endif
+ apr_int32_t lookup_flags;
/* stuff for PASV mode */
int connect = 0, use_port = 0;
***************
*** 820,825 ****
--- 821,829 ----
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
"proxy: FTP: serving URL %s", url);
+ /* Get the appropriate DNS lookup flags */
+ lookup_flags = ap_get_iplookup_flags(r);
+
/* create space for state information */
backend = (proxy_conn_rec *) ap_get_module_config(c->conn_config,
&proxy_ftp_module);
if (!backend) {
***************
*** 914,920 ****
"proxy: FTP: connecting %s to %s:%d", url, connectname, connectport);
/* do a DNS lookup for the destination host */
! err = apr_sockaddr_info_get(&connect_addr, connectname, APR_UNSPEC, connectport,
0, p);
/* check if ProxyBlock directive on this host */
if (OK != ap_proxy_checkproxyblock(r, conf, connect_addr)) {
--- 918,924 ----
"proxy: FTP: connecting %s to %s:%d", url, connectname, connectport);
/* do a DNS lookup for the destination host */
! err = apr_sockaddr_info_get(&connect_addr, connectname, APR_UNSPEC, connectport,
lookup_flags, p);
/* check if ProxyBlock directive on this host */
if (OK != ap_proxy_checkproxyblock(r, conf, connect_addr)) {
*** modules/proxy/proxy_connect.c Tue Mar 4 09:17:47 2003
--- new/modules/proxy/proxy_connect.c Tue Mar 4 09:41:11 2003
***************
*** 135,140 ****
--- 135,141 ----
apr_int32_t pollcnt;
apr_int16_t pollevent;
apr_sockaddr_t *uri_addr, *connect_addr;
+ apr_int32_t lookup_flags;
apr_uri_t uri;
const char *connectname;
***************
*** 165,178 ****
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
"proxy: CONNECT: connecting %s to %s:%d", url, uri.hostname,
uri.port);
/* do a DNS lookup for the destination host */
! err = apr_sockaddr_info_get(&uri_addr, uri.hostname, APR_UNSPEC, uri.port, 0, p);
/* are we connecting directly, or via a proxy? */
if (proxyname) {
connectname = proxyname;
connectport = proxyport;
! err = apr_sockaddr_info_get(&connect_addr, proxyname, APR_UNSPEC, proxyport,
0, p);
}
else {
connectname = uri.hostname;
--- 166,181 ----
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
"proxy: CONNECT: connecting %s to %s:%d", url, uri.hostname,
uri.port);
+ lookup_flags = ap_get_iplookup_flags(r);
+
/* do a DNS lookup for the destination host */
! err = apr_sockaddr_info_get(&uri_addr, uri.hostname, APR_UNSPEC, uri.port,
lookup_flags, p);
/* are we connecting directly, or via a proxy? */
if (proxyname) {
connectname = proxyname;
connectport = proxyport;
! err = apr_sockaddr_info_get(&connect_addr, proxyname, APR_UNSPEC, proxyport,
lookup_flags, p);
}
else {
connectname = uri.hostname;
