dgaudet 98/02/01 14:05:44
Modified: conf httpd.conf-dist httpd.conf-dist-win htdocs/manual new_features_1_3.html htdocs/manual/mod core.html src CHANGES src/include http_config.h http_core.h httpd.h src/main http_core.c util.c util_script.c src/modules/standard mod_dir.c mod_imap.c mod_rewrite.c mod_speling.c Log: Add the UseCanonicalName directive which controls how self-referential redirects are generated. This was at least approved in spirit by a handful of folks two weeks ago. The default should be no behaviour change. This changes the prototype of construct_url(), and adds two new API functions: get_server_name() and get_server_port(). So the MODULE_MAGIC_NUMBER has been bumped. PR: 315, 459, 485, 1433 Submitted by: Michael Douglass <[EMAIL PROTECTED]>, Dean Gaudet Revision Changes Path 1.19 +8 -0 apache-1.3/conf/httpd.conf-dist Index: httpd.conf-dist =================================================================== RCS file: /export/home/cvs/apache-1.3/conf/httpd.conf-dist,v retrieving revision 1.18 retrieving revision 1.19 diff -u -r1.18 -r1.19 --- httpd.conf-dist 1997/12/22 21:39:58 1.18 +++ httpd.conf-dist 1998/02/01 22:05:26 1.19 @@ -92,6 +92,14 @@ #ServerName new.host.name +# UseCanonicalName: (new for 1.3) With this setting turned on, whenever +# Apache needs to construct a self-referencing URL (a url that refers back +# to the server the response is coming from) it will use ServerName and +# Port to form a "canonical" name. With this setting off, Apache will +# use the hostname:port that the client supplied, when possible. This +# also affects SERVER_NAME and SERVER_PORT in CGIs. +UseCanonicalName on + # CacheNegotiatedDocs: By default, Apache sends Pragma: no-cache with each # document that was negotiated on the basis of content. This asks proxy # servers not to cache the document. Uncommenting the following line disables 1.8 +8 -0 apache-1.3/conf/httpd.conf-dist-win Index: httpd.conf-dist-win =================================================================== RCS file: /export/home/cvs/apache-1.3/conf/httpd.conf-dist-win,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- httpd.conf-dist-win 1997/11/21 15:39:32 1.7 +++ httpd.conf-dist-win 1998/02/01 22:05:27 1.8 @@ -79,6 +79,14 @@ #ServerName new.host.name +# UseCanonicalName: (new for 1.3) With this setting turned on, whenever +# Apache needs to construct a self-referencing URL (a url that refers back +# to the server the response is coming from) it will use ServerName and +# Port to form a "canonical" name. With this setting off, Apache will +# use the hostname:port that the client supplied, when possible. This +# also affects SERVER_NAME and SERVER_PORT in CGIs. +UseCanonicalName on + # CacheNegotiatedDocs: By default, Apache sends Pragma: no-cache with each # document that was negotiated on the basis of content. This asks proxy # servers not to cache the document. Uncommenting the following line disables 1.41 +19 -0 apache-1.3/htdocs/manual/new_features_1_3.html Index: new_features_1_3.html =================================================================== RCS file: /export/home/cvs/apache-1.3/htdocs/manual/new_features_1_3.html,v retrieving revision 1.40 retrieving revision 1.41 diff -u -r1.40 -r1.41 --- new_features_1_3.html 1998/01/30 09:35:54 1.40 +++ new_features_1_3.html 1998/02/01 22:05:28 1.41 @@ -480,6 +480,15 @@ also some debugging support to ensure code uses them properly. See <code>src/CHANGES</code> for more information. + <li><strong><code>construct_url</code></strong><br> + The function prototype for this changed from taking a + <code>server_rec *</code> to taking a <code>request_rec *</code>. + + <li><strong><code>get_server_name</code>, <code>get_server_port</code></strong><br> + These are wrappers which deal with the + <a href="mod/core.html#usecanonicalname">UseCanonicalName</a> directive + when retrieving the server name and port for a request. + </UL> <LI><STRONG>Year-2000 Improvements</STRONG> @@ -518,6 +527,16 @@ to tell which server produced the error message, especially in a proxy chain (often found in intranet environments). </LI> + + <li><strong>New <samp><a href="mod/core.html#usecanonicalname">UseCanonicalName</a></samp> directive</strong> + <br> + This directive gives control over how Apache creates self-referential URLs. + Previously Apache would always use the <a href="mod/core.html#servername"> + ServerName</a> and <a href="mod/core.html#port">Port</a> directives to + construct a "canonical" name for the server. With <samp>UseCanonicalName + off</samp> Apache will use the hostname and port supplied by the client, + if available. + </li> </UL> <!--#include virtual="footer.html" --> 1.96 +63 -4 apache-1.3/htdocs/manual/mod/core.html Index: core.html =================================================================== RCS file: /export/home/cvs/apache-1.3/htdocs/manual/mod/core.html,v retrieving revision 1.95 retrieving revision 1.96 diff -u -r1.95 -r1.96 --- core.html 1998/01/30 09:48:47 1.95 +++ core.html 1998/02/01 22:05:29 1.96 @@ -79,6 +79,7 @@ <LI><A HREF="#startservers">StartServers</A> <LI><A HREF="#threadsperchild">ThreadsPerChild</A> <LI><A HREF="#timeout">TimeOut</A> +<LI><A HREF="#usecanonicalname">UseCanonicalName</A> <LI><A HREF="#user">User</A> <LI><A HREF="#virtualhost"><VirtualHost></A> </UL> @@ -1788,7 +1789,9 @@ sets the <CODE>SERVER_PORT</CODE> environment variable (for <A HREF="mod_cgi.html">CGI</A> and <A HREF="mod_include.html">SSI</A>), and is used when the server must generate a URL that refers to itself -(for example when creating an external redirect to itself). +(for example when creating an external redirect to itself). This +behaviour is modified by +<a href="#usecanonicalname">UseCanonicalName</a>. </UL> In no event does a Port setting affect @@ -1798,7 +1801,8 @@ The primary behaviour of Port should be considered to be similar to that of the <A HREF="#servername">ServerName</A> directive. The ServerName and Port together specify what you consider to be the <EM>canonical</EM> -address of the server.<P> +address of the server. +(See also <a href="#usecanonicalname">UseCanonicalName</a>.)<P> Port 80 is one of Unix's special ports. All ports numbered below 1024 are reserved for system use, i.e. regular (non-root) users cannot @@ -2186,8 +2190,10 @@ <BLOCKQUOTE><CODE>ServerName www.wibble.com</CODE></BLOCKQUOTE> would be used if the canonical (main) name of the actual machine were <CODE>monster.wibble.com</CODE>.<P> -<P><STRONG>See Also</STRONG>: -<A HREF="../dns-caveats.html">DNS Issues</A></P> +<P><STRONG>See Also</STRONG>:<br> +<A HREF="../dns-caveats.html">DNS Issues</A><br> +<A HREF="#usecanonicalname">UseCanonicalName</A><br> +</P> <HR> <H2><A name="serverpath">ServerPath directive</A></H2> @@ -2432,6 +2438,59 @@ a packet is sent. <P><HR> + +<H2><A name="usecanonicalname">UseCanonicalName directive</A></H2> +<!--%plaintext <?INDEX {\tt UseCanonicalName} directive> --> +<A HREF="directive-dict.html#Syntax" REL="Help"> +<STRONG>Syntax:</STRONG></A> UseCanonicalName <EM>on|off</EM><BR> +<A HREF="directive-dict.html#Default" REL="Help"> +<STRONG>Default:</STRONG></A> <CODE>UseCanonicalName on</CODE><BR> +<A HREF="directive-dict.html#Context" REL="Help"> +<STRONG>Context:</STRONG></A> server config, virtual host, directory, .htaccess<BR> +<A HREF="directive-dict.html#Override" REL="Help"> +<STRONG>Override:</STRONG></A> AuthConfig<BR> +<A HREF="directive-dict.html#Compatibility" REL="Help"> +<STRONG>Compatibility:</STRONG></A> UseCanonicalName is only available in Apache 1.3 and later<P> + +In many situations Apache has to construct a <i>self-referential</i> +URL. That is, a URL which refers back to the same server. +With <code>UseCanonicalName on</code> (and in all versions prior to +1.3) Apache will use the <a href="#servername">ServerName</a> and <a +href="#port">Port</a> directives to construct a canonical name for the +server. This name is used in all self-referential URLs, and for the +values of <code>SERVER_NAME</code> and <code>SERVER_PORT</code> in CGIs. + +<p>With <code>UseCanonicalName off</code> Apache will form +self-referential URLs using the hostname and port supplied +by the client if any are supplied (otherwise it will use the +canonical name). These values are the same that are used to +implement <a href="../vhosts/name-based.html">name based virtual +hosts</a>, and are available with the same clients. The CGI variables +<code>SERVER_NAME</code> and <code>SERVER_PORT</code> will be constructed +from the client supplied values as well. + +<p>An example where this may be useful is on an intranet server where +you have users connecting to the machine using short names such as +<code>www</code>. You'll notice that if the users type a shortname, +and a URL which is a directory, such as <code>http://www/splat</code>, +<i>without the trailing slash</i> then Apache will redirect them to +<code>http://www.domain.com/splat/</code>. If you have authentication +enabled, this will cause the user to have to reauthenticate twice (once +for <code>www</code> and once again for <code>www.domain.com</code>). +But if <code>UseCanonicalName</code> is set off, then Apache will redirect +to <code>http://www/splat/</code>. + +<p><b>Warning:</b> if CGIs make assumptions about the values of +<code>SERVER_NAME</code> they may be broken by this option. The client +is essentially free to give whatever value they want as a hostname. +But if the CGI is only using <code>SERVER_NAME</code> to construct +self-referential URLs then it should be just fine. + +<p><strong>See also:</strong> +<a href="#servername">ServerName</a>, +<a href="#port">Port</a> + +<p><hr> <H2><A name="user">User directive</A></H2> <!--%plaintext <?INDEX {\tt User} directive> --> 1.612 +7 -0 apache-1.3/src/CHANGES Index: CHANGES =================================================================== RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v retrieving revision 1.611 retrieving revision 1.612 diff -u -r1.611 -r1.612 --- CHANGES 1998/02/01 16:35:42 1.611 +++ CHANGES 1998/02/01 22:05:31 1.612 @@ -1,4 +1,11 @@ Changes with Apache 1.3b4 + + *) There are many cases where users do not want Apache to form + self-referential urls using the "canonical" ServerName and Port. + The new UseCanonicalName directive (default on), if set to off + will cause Apache to use the client-supplied hostname and port. + [Michael Douglass <[EMAIL PROTECTED]>, Dean Gaudet] + PR#315, 459, 485, 1433 *) Yet another rearrangement of the source tree.. now all the common header files are in the src/include directory. The -Imain -Iap 1.63 +1 -1 apache-1.3/src/include/http_config.h Index: http_config.h =================================================================== RCS file: /export/home/cvs/apache-1.3/src/include/http_config.h,v retrieving revision 1.62 retrieving revision 1.63 diff -u -r1.62 -r1.63 --- http_config.h 1998/01/26 19:50:11 1.62 +++ http_config.h 1998/02/01 22:05:33 1.63 @@ -253,7 +253,7 @@ * handle it back-compatibly, or at least signal an error). */ -#define MODULE_MAGIC_NUMBER 19980126 +#define MODULE_MAGIC_NUMBER 19980201 #define STANDARD_MODULE_STUFF MODULE_MAGIC_NUMBER, -1, __FILE__, NULL /* Generic accessors for other modules to get at their own module-specific 1.34 +9 -0 apache-1.3/src/include/http_core.h Index: http_core.h =================================================================== RCS file: /export/home/cvs/apache-1.3/src/include/http_core.h,v retrieving revision 1.33 retrieving revision 1.34 diff -u -r1.33 -r1.34 --- http_core.h 1998/01/26 18:24:32 1.33 +++ http_core.h 1998/02/01 22:05:34 1.34 @@ -97,6 +97,13 @@ */ API_EXPORT(const char *) get_remote_host(conn_rec *conn, void *dir_config, int type); API_EXPORT(const char *) get_remote_logname(request_rec *r); + +/* Used for constructing self-referencing URLs, and things like SERVER_PORT, + * and SERVER_NAME. + */ +API_EXPORT(char *) construct_url(pool *p, const char *uri, const request_rec *r); +API_EXPORT(const char *) get_server_name(const request_rec *r); +API_EXPORT(unsigned) get_server_port(const request_rec *r); /* Authentication stuff. This is one of the places where compatibility * with the old config files *really* hurts; they don't discriminate at @@ -175,6 +182,8 @@ int do_rfc1413 : 2; /* See if client is advertising a username? */ int content_md5 : 2; /* calculate Content-MD5? */ + + unsigned use_canonical_name : 2; /* bit 0 = on/off, bit 1 = unset/set */ /* since is_fnmatch(conf->d) was being called so frequently in * directory_walk() and its relatives, this field was created and 1.179 +0 -2 apache-1.3/src/include/httpd.h Index: httpd.h =================================================================== RCS file: /export/home/cvs/apache-1.3/src/include/httpd.h,v retrieving revision 1.178 retrieving revision 1.179 diff -u -r1.178 -r1.179 --- httpd.h 1998/01/30 03:36:57 1.178 +++ httpd.h 1998/02/01 22:05:34 1.179 @@ -803,8 +803,6 @@ API_EXPORT(char *) escape_html(pool *p, const char *s); API_EXPORT(char *) construct_server(pool *p, const char *hostname, unsigned port); -API_EXPORT(char *) construct_url(pool *p, const char *path, - const server_rec *s); API_EXPORT(char *) escape_shell_cmd(pool *p, const char *s); API_EXPORT(int) count_dirs(const char *path); 1.154 +70 -0 apache-1.3/src/main/http_core.c Index: http_core.c =================================================================== RCS file: /export/home/cvs/apache-1.3/src/main/http_core.c,v retrieving revision 1.153 retrieving revision 1.154 diff -u -r1.153 -r1.154 --- http_core.c 1998/01/30 19:30:34 1.153 +++ http_core.c 1998/02/01 22:05:36 1.154 @@ -118,6 +118,8 @@ conf->content_md5 = 2; + conf->use_canonical_name = 1 | 2; /* 2 = unset, default on */ + conf->hostname_lookups = HOSTNAME_LOOKUP_UNSET; conf->do_rfc1413 = DEFAULT_RFC1413 | 2; /* set bit 1 to indicate default */ conf->satisfy = SATISFY_NOSPEC; @@ -190,6 +192,9 @@ conf->hostname_lookups = new->hostname_lookups; if ((new->do_rfc1413 & 2) == 0) conf->do_rfc1413 = new->do_rfc1413; if ((new->content_md5 & 2) == 0) conf->content_md5 = new->content_md5; + if ((new->use_canonical_name & 2) == 0) { + conf->use_canonical_name = new->use_canonical_name; + } #ifdef RLIMIT_CPU if (new->limit_cpu) conf->limit_cpu = new->limit_cpu; @@ -563,6 +568,59 @@ return NULL; } +/* There are two options regarding what the "name" of a server is. The + * "canonical" name as defined by ServerName and Port, or the "client's + * name" as supplied by a possible Host: header or full URI. We never + * trust the port passed in the client's headers, we always use the + * port of the actual socket. + */ +API_EXPORT(const char *) get_server_name(const request_rec *r) +{ + core_dir_config *d = + (core_dir_config *)get_module_config(r->per_dir_config, &core_module); + + if (d->use_canonical_name & 1) { + return r->server->server_hostname; + } + return r->hostname ? r->hostname : r->server->server_hostname; +} + +API_EXPORT(unsigned) get_server_port(const request_rec *r) +{ + core_dir_config *d = + (core_dir_config *)get_module_config(r->per_dir_config, &core_module); + + if (d->use_canonical_name & 1) { + return r->server->port; + } + return r->hostname ? ntohs(r->connection->local_addr.sin_port) + : r->server->port; +} + +API_EXPORT(char *) construct_url(pool *p, const char *uri, const request_rec *r) +{ + unsigned port; + const char *host; + char portnum[22]; + core_dir_config *d = + (core_dir_config *)get_module_config(r->per_dir_config, &core_module); + + if (d->use_canonical_name & 1) { + port = r->server->port; + host = r->server->server_hostname; + } + else { + port = r->hostname ? ntohs(r->connection->local_addr.sin_port) + : r->server->port; + host = r->hostname ? r->hostname : r->server->server_hostname; + } + if (port == DEFAULT_PORT) { + return pstrcat(p, "http://", host, uri, NULL); + } + ap_snprintf(portnum, sizeof(portnum), "%u", port); + return pstrcat(p, "http://", host, ":", portnum, uri, NULL); +} + /***************************************************************** * * Commands... this module handles almost all of the NCSA httpd.conf @@ -1369,6 +1427,17 @@ return NULL; } +const char *set_use_canonical_name (cmd_parms *cmd, core_dir_config *d, int arg) +{ + const char *err = check_cmd_context(cmd, NOT_IN_LIMIT); + + if (err != NULL) + return err; + + d->use_canonical_name = arg != 0; + return NULL; +} + const char *set_daemons_to_start (cmd_parms *cmd, void *dummy, char *arg) { const char *err = check_cmd_context(cmd, GLOBAL_ONLY); if (err != NULL) return err; @@ -1763,6 +1832,7 @@ { "KeepAlive", set_keep_alive, NULL, RSRC_CONF, TAKE1, "Whether persistent connections should be On or Off" }, { "IdentityCheck", set_idcheck, NULL, RSRC_CONF|ACCESS_CONF, FLAG, "Enable identd (RFC 1413) user lookups - SLOW" }, { "ContentDigest", set_content_md5, NULL, RSRC_CONF|ACCESS_CONF|OR_AUTHCFG, FLAG, "whether or not to send a Content-MD5 header with each request" }, +{ "UseCanonicalName", set_use_canonical_name, NULL, RSRC_CONF|ACCESS_CONF|OR_AUTHCFG, FLAG, "whether or not to always use the canonical ServerName : Port when constructing URLs" }, { "StartServers", set_daemons_to_start, NULL, RSRC_CONF, TAKE1, "Number of child processes launched at server startup" }, { "MinSpareServers", set_min_free_servers, NULL, RSRC_CONF, TAKE1, "Minimum number of idle children, to handle request spikes" }, { "MaxSpareServers", set_max_free_servers, NULL, RSRC_CONF, TAKE1, "Maximum number of idle children" }, 1.92 +0 -7 apache-1.3/src/main/util.c Index: util.c =================================================================== RCS file: /export/home/cvs/apache-1.3/src/main/util.c,v retrieving revision 1.91 retrieving revision 1.92 diff -u -r1.91 -r1.92 --- util.c 1998/01/31 23:55:41 1.91 +++ util.c 1998/02/01 22:05:37 1.92 @@ -1084,13 +1084,6 @@ } } -API_EXPORT(char *) construct_url(pool *p, const char *uri, const server_rec *s) -{ - return pstrcat(p, "http://", - construct_server(p, s->server_hostname, s->port), - uri, NULL); -} - #define c2x(what,where) sprintf(where,"%%%02x",(unsigned char)what) /* 1.94 +2 -3 apache-1.3/src/main/util_script.c Index: util_script.c =================================================================== RCS file: /export/home/cvs/apache-1.3/src/main/util_script.c,v retrieving revision 1.93 retrieving revision 1.94 diff -u -r1.93 -r1.94 --- util_script.c 1998/01/26 19:50:14 1.93 +++ util_script.c 1998/02/01 22:05:38 1.94 @@ -221,8 +221,6 @@ table_setn(e, http2env(r->pool, hdrs[i].key), hdrs[i].val); } - ap_snprintf(port, sizeof(port), "%u", s->port); - if (!(env_path = getenv("PATH"))) env_path = DEFAULT_PATH; @@ -237,7 +235,8 @@ table_setn(e, "PATH", env_path); table_setn(e, "SERVER_SOFTWARE", SERVER_VERSION); - table_setn(e, "SERVER_NAME", s->server_hostname); + table_setn(e, "SERVER_NAME", get_server_name(r)); + ap_snprintf(port, sizeof(port), "%u", get_server_port(r)); table_setn(e, "SERVER_PORT", pstrdup(r->pool,port)); table_setn(e, "REMOTE_HOST", pstrdup(r->pool, get_remote_host(c, r->per_dir_config, REMOTE_NAME))); 1.46 +1 -1 apache-1.3/src/modules/standard/mod_dir.c Index: mod_dir.c =================================================================== RCS file: /export/home/cvs/apache-1.3/src/modules/standard/mod_dir.c,v retrieving revision 1.45 retrieving revision 1.46 diff -u -r1.45 -r1.46 --- mod_dir.c 1998/01/26 19:50:19 1.45 +++ mod_dir.c 1998/02/01 22:05:40 1.46 @@ -118,7 +118,7 @@ "/", NULL); table_setn(r->headers_out, "Location", - construct_url(r->pool, ifile, r->server)); + construct_url(r->pool, ifile, r)); return HTTP_MOVED_PERMANENTLY; } 1.41 +2 -2 apache-1.3/src/modules/standard/mod_imap.c Index: mod_imap.c =================================================================== RCS file: /export/home/cvs/apache-1.3/src/modules/standard/mod_imap.c,v retrieving revision 1.40 retrieving revision 1.41 diff -u -r1.40 -r1.41 --- mod_imap.c 1998/01/26 19:50:20 1.40 +++ mod_imap.c 1998/02/01 22:05:40 1.41 @@ -406,7 +406,7 @@ char *my_base; if (!strcasecmp(value, "map") || !strcasecmp(value, "menu")) { - return construct_url(r->pool, r->uri, r->server); + return construct_url(r->pool, r->uri, r); } if (!strcasecmp(value, "nocontent") || !strcasecmp(value, "error")) { @@ -447,7 +447,7 @@ return pstrdup(r->pool, value); /* no base: use what is given */ } /* no base, no value: pick a simple default */ - return construct_url(r->pool, "/", r->server); + return construct_url(r->pool, "/", r); } /* must be a relative URL to be combined with base */ 1.65 +4 -4 apache-1.3/src/modules/standard/mod_rewrite.c Index: mod_rewrite.c =================================================================== RCS file: /export/home/cvs/apache-1.3/src/modules/standard/mod_rewrite.c,v retrieving revision 1.64 retrieving revision 1.65 diff -u -r1.64 -r1.65 --- mod_rewrite.c 1998/01/28 11:33:30 1.64 +++ mod_rewrite.c 1998/02/01 22:05:41 1.65 @@ -2945,7 +2945,7 @@ static char *lookup_variable(request_rec *r, char *var) { - char *result; + const char *result; char resultbuf[LONG_STRING_LEN]; time_t tc; struct tm *tm; @@ -3035,10 +3035,10 @@ result = r->server->server_admin; } else if (strcasecmp(var, "SERVER_NAME") == 0) { - result = r->server->server_hostname; + result = get_server_name(r); } else if (strcasecmp(var, "SERVER_PORT") == 0) { - ap_snprintf(resultbuf, sizeof(resultbuf), "%u", r->server->port); + ap_snprintf(resultbuf, sizeof(resultbuf), "%u", get_server_port(r)); result = resultbuf; } else if (strcasecmp(var, "SERVER_PROTOCOL") == 0) { @@ -3128,7 +3128,7 @@ rewritelog(r, 5, "lookahead: path=%s var=%s -> val=%s", \ r->filename, var+5, result); \ /* return ourself to prevent re-pstrdup */ \ - return result; \ + return (char *)result; \ } /* look-ahead for parameter through URI-based sub-request */ 1.13 +1 -1 apache-1.3/src/modules/standard/mod_speling.c Index: mod_speling.c =================================================================== RCS file: /export/home/cvs/apache-1.3/src/modules/standard/mod_speling.c,v retrieving revision 1.12 retrieving revision 1.13 diff -u -r1.12 -r1.13 --- mod_speling.c 1998/01/26 19:50:24 1.12 +++ mod_speling.c 1998/02/01 22:05:42 1.13 @@ -339,7 +339,7 @@ r->path_info, NULL); table_setn(r->headers_out, "Location", - construct_url(r->pool, nuri, r->server)); + construct_url(r->pool, nuri, r)); aplog_error(APLOG_MARK, APLOG_NOERRNO | APLOG_INFO, r->server, ref ? "Fixed spelling: %s to %s from %s"