Now I understand better, thanks. The issue that prompted me to implement the fixes for 2.1 and 1.3 manifested themselves primarily on NetWare due to the way NetWare implements the SSL functionality (NetWare doesn't use mod_ssl). In some cases requrests on an SSL port were being redirected to port 80 rather than the port that they came from. This problem has been solved in 2.x for NetWare by implementing the default_port hook in mod_nw_ssl and doing something similar in 1.3. It sounds like there are really two issues that need to be addressed at least for the 2.0 branch although they could be tied together. One issue, as you have described, is how or when to use a port value which UseCanonicalPort would solve. The other issue, which has already been address in 1.3 and 2.1, is where to get the port value from. Allowing Apache to look at the physical port would need to be added to 2.0 as it does in 1.3 and 2.1.
Brad Brad Nicholes Senior Software Engineer Novell, Inc., the leading provider of Net business solutions http://www.novell.com >>> [EMAIL PROTECTED] Wednesday, May 12, 2004 7:28:24 AM >>> On May 11, 2004, at 6:18 PM, Brad Nicholes wrote: > +1 to Bill's comment. I don't quite understand what is confusing and > why we would need UseCanonicalPort. IMO, all that really needs to be > done is to fix UseCanonicalName so that it works according to the > documentation. As was explained previously, when UseCanonicalName is > OFF, both 1.3 and 2.1 try to pull the port information from the client > in any way that it can before defaulting to values supplied in the > .conf > file or the hard-coded standard port values. The problem with the 2.0 > tree is that it only looks for the port value as part of the URL before > defaulting to the known values. Before using known values, it should > look for the port in the connection information (ie. > r->connection->local_addr->port). The current result can produce > incorrect port information when a port value is not supplied as part of > the URL. According to the documentation, if UseCanonicalName is OFF it > should construct the self-referential information from the client. By > skipping the port information held in the connection record, it isn't > doing what it claims to be doing. > The rub is that with UCN Off, we either choose the port number sent within the Host header or we choose the actual physical port number; we *never* choose the configured or default port. The docs say: With UseCanonicalName off Apache will form self-referential URLs using the hostname and port supplied by the client if any are supplied (otherwise it will use the canonical name, as defined above). which is does not do currently but *is* a viable and required implementation in some cases, as you know since IIRC you were the one to adjust 2.1 to the current behavior to correctly handle some problems you were seeing. However, the 2.0 case is also required when Apache (on port 8000, eg) is behind a load-balancer (on port 80) and the LB splices the request to Apache. In this case, if Apache needs to create a self-ref with UCN Off, then it returns the hostname from Host (as it should) but assuming no port information it returns port 8000: LB: www.foo.com:80 Apache: foo1.foo.com:8000 Apache should send www.foo.com:80, but instead it'll send www.foo.com:8000 unless the client appends ':80' to the Host header :/ So both the 1.3/2.1 and the 2.0 methods may be required for different environments. Which means that at least there should be a 4th option (after On, Off and DNS) which says "Ignore physical port" or alternatively "Use physical port". But use_canonical_name is a bitfield of width 2, which doesn't give us enough room, so in order to prevent breaking the API (we can't expand it), we could tack another element to the end of core_dir_config to extend how the port is determined, hence UseCanonicalPort.