hgomez 01/09/14 10:47:58
Modified: src/native/mod_jk/apache1.3 mod_jk.c
src/native/mod_jk/common jk_global.h jk_service.h
Log:
Add JkOptions Directive.
You could use now +ForwardUnparsedUri to send URI as unparsed
to follow spec or -ForwardUnparsedUri to send URI normaly
and be compatible with mod_rewrite
New options also, +ForwardKeySize to send via ajp13 the
SSL KEY SIZE which is required by Servlet 2.3 spec but
not with 2.2
Just need some code in jk_ajp13_worker.c
Revision Changes Path
1.16 +125 -20 jakarta-tomcat/src/native/mod_jk/apache1.3/mod_jk.c
Index: mod_jk.c
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/native/mod_jk/apache1.3/mod_jk.c,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- mod_jk.c 2001/09/10 15:07:12 1.15
+++ mod_jk.c 2001/09/14 17:47:58 1.16
@@ -124,9 +124,15 @@
char *https_indicator;
char *certs_indicator;
char *cipher_indicator;
- char *sesion_indicator;
+ char *session_indicator;
+ char *key_size_indicator;
/*
+ * Jk Options
+ */
+ int options;
+
+ /*
* Environment variables support
*/
int envvars_in_use;
@@ -433,11 +439,35 @@
s->query_string = r->args;
s->req_uri = r->uri;
+ if (conf->options & JK_OPT_FWDUNPARSED) {
+ /*
+ * The 2.2 servlet spec errata says the uri from
+ * HttpServletRequest.getRequestURI() should remain encoded.
+ * [http://java.sun.com/products/servlet/errata_042700.html]
+ *
+ * we follow spec in that case but can't use mod_rewrite
+ */
+ s->req_uri = r->unparsed_uri;
+ if (s->req_uri != NULL) {
+ char *query_str = strchr(s->req_uri, '?');
+ if (query_str != NULL) {
+ *query_str = 0;
+ }
+ }
+ }
+ else {
+ /*
+ * we don't follow spec but we can use mod_rewrite
+ */
+ s->req_uri = r->uri;
+ }
+
s->is_ssl = JK_FALSE;
s->ssl_cert = NULL;
s->ssl_cert_len = 0;
s->ssl_cipher = NULL;
s->ssl_session = NULL;
+ s->ssl_key_size = -1; /* required by Servlet 2.3 Api, added in jtc */
if(conf->ssl_enable || conf->envvars_in_use) {
ap_add_common_vars(r);
@@ -452,10 +482,16 @@
if(s->ssl_cert) {
s->ssl_cert_len = strlen(s->ssl_cert);
}
- s->ssl_cipher = (char *)ap_table_get(r->subprocess_env,
- conf->cipher_indicator);
- s->ssl_session = (char *)ap_table_get(r->subprocess_env,
- conf->sesion_indicator);
+
+ /* Servlet 2.3 API */
+ s->ssl_cipher = (char *)ap_table_get(r->subprocess_env,
conf->cipher_indicator);
+ s->ssl_session = (char *)ap_table_get(r->subprocess_env,
conf->session_indicator);
+
+ /* Servlet 2.3 API */
+ ssl_temp = (char *)ap_table_get(r->subprocess_env,
conf->key_size_indicator);
+ if (ssl_temp)
+ s->ssl_key_size = atoi(ssl_temp);
+
}
}
@@ -555,7 +591,6 @@
/* Set up our value */
conf->mountcopy = flag ? JK_TRUE : JK_FALSE;
-
return NULL;
}
@@ -634,7 +669,6 @@
/* Set up our value */
conf->ssl_enable = flag ? JK_TRUE : JK_FALSE;
-
return NULL;
}
@@ -645,9 +679,8 @@
server_rec *s = cmd->server;
jk_server_conf_t *conf =
(jk_server_conf_t *)ap_get_module_config(s->module_config, &jk_module);
-
- conf->https_indicator = indicator;
+ conf->https_indicator = ap_pstrdup(cmd->pool,indicator);
return NULL;
}
@@ -659,8 +692,7 @@
jk_server_conf_t *conf =
(jk_server_conf_t *)ap_get_module_config(s->module_config, &jk_module);
- conf->certs_indicator = indicator;
-
+ conf->certs_indicator = ap_pstrdup(cmd->pool,indicator);
return NULL;
}
@@ -671,12 +703,17 @@
server_rec *s = cmd->server;
jk_server_conf_t *conf =
(jk_server_conf_t *)ap_get_module_config(s->module_config, &jk_module);
-
- conf->cipher_indicator = indicator;
+ conf->cipher_indicator = ap_pstrdup(cmd->pool,indicator);
return NULL;
}
+/*
+ * JkSESSIONIndicator Directive Handling
+ *
+ * JkSESSIONIndicator SSL_SESSION_ID
+ */
+
static const char *jk_set_session_indicator(cmd_parms *cmd,
void *dummy,
char *indicator)
@@ -684,13 +721,23 @@
server_rec *s = cmd->server;
jk_server_conf_t *conf =
(jk_server_conf_t *)ap_get_module_config(s->module_config, &jk_module);
-
- conf->sesion_indicator = indicator;
+ conf->session_indicator = ap_pstrdup(cmd->pool,indicator);
return NULL;
}
+static const char *jk_set_key_size_indicator(cmd_parms *cmd,
+ void *dummy,
+ char *indicator)
+{
+ server_rec *s = cmd->server;
+ jk_server_conf_t *conf =
+ (jk_server_conf_t *)ap_get_module_config(s->module_config, &jk_module);
+ conf->key_size_indicator = ap_pstrdup(cmd->pool,indicator);
+ return NULL;
+}
+
static const char *jk_set_log_level(cmd_parms *cmd,
void *dummy,
char *log_level)
@@ -700,11 +747,50 @@
(jk_server_conf_t *)ap_get_module_config(s->module_config, &jk_module);
conf->log_level = jk_parse_log_level(log_level);
-
return NULL;
}
+const char *jk_set_options(cmd_parms *cmd,
+ void *dummy,
+ const char *line)
+{
+ int opt = 0;
+ char action;
+ char *w;
+
+ server_rec *s = cmd->server;
+ jk_server_conf_t *conf =
+ (jk_server_conf_t *)ap_get_module_config(s->module_config, &jk_module);
+
+ while (line[0] != 0) {
+ w = ap_getword_conf(cmd->pool, &line);
+ action = 0;
+
+ if (*w == '+' || *w == '-') {
+ action = *(w++);
+ }
+
+ if (!strcasecmp(w, "ForwardUnparsedUri"))
+ opt = JK_OPT_FWDUNPARSED;
+ else if (!strcasecmp(w, "ForwardKeySize"))
+ opt = JK_OPT_FWDKEYSIZE;
+ else
+ return ap_pstrcat(cmd->pool, "JkOptions: Illegal option '", w, "'",
NULL);
+
+ if (action == '-') {
+ conf->options &= ~opt;
+ }
+ else if (action == '+') {
+ conf->options |= opt;
+ }
+ else { /* for now +Opt == Opt */
+ conf->options |= opt;
+ }
+ }
+ return NULL;
+}
+
static const char *jk_add_env_var(cmd_parms *cmd,
void *dummy,
char *env_name,
@@ -782,10 +868,21 @@
"Name of the Apache environment that contains SSL client cipher"},
{"JkSESSIONIndicator", jk_set_session_indicator, NULL, RSRC_CONF, TAKE1,
"Name of the Apache environment that contains SSL session"},
+ {"JkKEYSIZEIndicator", jk_set_key_size_indicator, NULL, RSRC_CONF, TAKE1,
+ "Name of the Apache environment that contains SSL key size in use"},
{"JkExtractSSL", jk_set_enable_ssl, NULL, RSRC_CONF, FLAG,
"Turns on SSL processing and information gathering by mod_jk"},
-
+ /*
+ * Options to tune mod_jk configuration
+ * for now we understand :
+ * +ForwardUnparsed => Forward URI as unparsed, spec compliant but broke
mod_rewrite
+ * -ForwardUnparsed => Forward URI normally, less spec compliant but
mod_rewrite compatible
+ * +ForwardSSLKeySize => Forward SSL Key Size, to follow 2.3 specs but may
broke old TC 3.2
+ * -ForwardSSLKeySize => Don't Forward SSL Key Size, will make mod_jk works
with all TC release
+ */
+ {"JkOptions", jk_set_options, NULL, RSRC_CONF, RAW_ARGS,
+ "Set one of more options to configure the mod_jk module"},
{"JkEnvVar", jk_add_env_var, NULL, RSRC_CONF, TAKE2,
"Adds a name of environment variable that should be sent to Tomcat"},
{NULL}
@@ -889,6 +986,11 @@
c->mountcopy = JK_FALSE;
/*
+ * No options by default
+ */
+ c->options = 0;
+
+ /*
* By default we will try to gather SSL info.
* Disable this functionality through JkExtractSSL
*/
@@ -906,7 +1008,8 @@
* configuration directives to set them.
*
c->cipher_indicator = "HTTPS_CIPHER";
- c->sesion_indicator = NULL;
+ c->session_indicator = NULL;
+ c->key_size_indicator = NULL;
*/
/*
@@ -914,7 +1017,8 @@
* are using another module (say apache_ssl) comment them out.
*/
c->cipher_indicator = "SSL_CIPHER";
- c->sesion_indicator = "SSL_SESSION_ID";
+ c->session_indicator = "SSL_SESSION_ID";
+ c->key_size_indicator = "SSL_CIPHER_USEKEYSIZE";
if(!map_alloc(&(c->uri_to_context))) {
jk_error_exit(APLOG_MARK, APLOG_EMERG, s, p, "Memory error");
@@ -943,7 +1047,8 @@
overrides->https_indicator = base->https_indicator;
overrides->certs_indicator = base->certs_indicator;
overrides->cipher_indicator = base->cipher_indicator;
- overrides->sesion_indicator = base->sesion_indicator;
+ overrides->session_indicator = base->session_indicator;
+ overrides->key_size_indicator = base->key_size_indicator;
}
if(overrides->mountcopy) {
1.4 +9 -1 jakarta-tomcat/src/native/mod_jk/common/jk_global.h
Index: jk_global.h
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/native/mod_jk/common/jk_global.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- jk_global.h 2001/03/12 21:09:26 1.3
+++ jk_global.h 2001/09/14 17:47:58 1.4
@@ -57,7 +57,7 @@
* Description: Global definitions and include files that should exist *
* anywhere *
* Author: Gal Shachor <[EMAIL PROTECTED]> *
- * Version: $Revision: 1.3 $ *
+ * Version: $Revision: 1.4 $ *
***************************************************************************/
#ifndef JK_GLOBAL_H
@@ -143,6 +143,14 @@
#define FILE_SEPERATOR ('/')
#define PATH_ENV_VARIABLE ("LD_LIBRARY_PATH")
#endif
+
+
+/*
+ * JK options
+ */
+
+#define JK_OPT_FWDUNPARSED 0x0001
+#define JK_OPT_FWDKEYSIZE 0x0002
#ifdef __cplusplus
}
1.6 +8 -1 jakarta-tomcat/src/native/mod_jk/common/jk_service.h
Index: jk_service.h
===================================================================
RCS file: /home/cvs/jakarta-tomcat/src/native/mod_jk/common/jk_service.h,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- jk_service.h 2001/09/01 01:53:25 1.5
+++ jk_service.h 2001/09/14 17:47:58 1.6
@@ -59,7 +59,7 @@
* JVM connection point *
* Author: Gal Shachor <[EMAIL PROTECTED]> *
* Dan Milstein <[EMAIL PROTECTED]>
- * Version: $Revision: 1.5 $ *
+ * Version: $Revision: 1.6 $ *
***************************************************************************/
#ifndef JK_SERVICE_H
@@ -164,6 +164,13 @@
unsigned ssl_cert_len;
char *ssl_cipher;
char *ssl_session;
+
+ /*
+ * SSL extra information for Servlet 2.3 API
+ *
+ * ssl_key_size - ssl key size in use
+ */
+ int ssl_key_size;
/*
* Headers, names and values.
