On 7 February 2017 at 18:08, Sander Hoentjen <san...@hoentjen.eu> wrote:
> Hi guys,
>
> I am trying to have haproxy added in front of our Apache servers, for
> SSL termination. This is not hard to do, and especially with the recent
> addition of ProxyProtocol support to mod_remoteip it works almost as we
> need it.
> Unfortunately we have a lot of users that use things like:
> RewriteCond %{HTTPS} !on
> in their .htaccess, and stuff like:
> if $_SERVER['HTTPS']
> in their PHP code.
>
> Long story short, I need httpd to act like SSL is on, if the haproxy
> instance says it is.
> Fortunately the proxy protocol supports this, and haproxy can send it.
> I have created a patch [1] that adds support for reading this in httpd,
> but I have never before done something with the httpd source code. And,
> as a matter of fact, have never really programmed in C before.
>
> I am hoping you would be willing to have a look at it and tell me all
> the things I am doing wrong. Eventually it would be awesome if the code
> could be added to apache itself.
>
> [1] https://github.com/AntagonistHQ/httpd/tree/remote-ssl
>
> Kind regards,
> Sander HoentjenI submitted an issue and a patch for that some time ago. https://bz.apache.org/bugzilla/show_bug.cgi?id=59829 Recently updated it to the 2.5 trunk version, but it does not respect the new ProxyProtocol stuff, which frankly I know nothing about. It only works for the older proxy method.
