-const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.135 2012/12/07 12:45:20 fabiankeil Exp $";
+const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.136 2013/03/01 17:39:05 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/loadcfg.c,v $
#define hash_deny_access 1227333715U /* "deny-access" */
#define hash_enable_edit_actions 2517097536U /* "enable-edit-actions" */
#define hash_enable_compression 3943696946U /* "enable-compression" */
+#define hash_enable_proxy_authentication_forwarding 4040610791U /* enable-proxy-authentication-forwarding */
#define hash_enable_remote_toggle 2979744683U /* "enable-remote-toggle" */
#define hash_enable_remote_http_toggle 110543988U /* "enable-remote-http-toggle" */
#define hash_enforce_blocks 1862427469U /* "enforce-blocks" */
config->feature_flags &= ~RUNTIME_FEATURE_SPLIT_LARGE_FORMS;
config->feature_flags &= ~RUNTIME_FEATURE_ACCEPT_INTERCEPTED_REQUESTS;
config->feature_flags &= ~RUNTIME_FEATURE_EMPTY_DOC_RETURNS_OK;
+ config->feature_flags &= ~RUNTIME_FEATURE_FORWARD_PROXY_AUTHENTICATION_HEADERS;
#ifdef FEATURE_COMPRESSION
config->feature_flags &= ~RUNTIME_FEATURE_COMPRESSION;
/*
break;
#endif /* def FEATURE_COMPRESSION */
+/* *************************************************************************
+ * enable-proxy-authentication-forwarding 0|1
+ * *************************************************************************/
+ case hash_enable_proxy_authentication_forwarding:
+ if (parse_toggle_state(cmd, arg) == 1)
+ {
+ config->feature_flags |= RUNTIME_FEATURE_FORWARD_PROXY_AUTHENTICATION_HEADERS;
+ }
+ else
+ {
+ config->feature_flags &= ~RUNTIME_FEATURE_FORWARD_PROXY_AUTHENTICATION_HEADERS;
+ }
+ break;
/* *************************************************************************
* enable-remote-toggle 0|1
-const char parsers_rcs[] = "$Id: parsers.c,v 1.273 2013/01/04 12:19:47 fabiankeil Exp $";
+const char parsers_rcs[] = "$Id: parsers.c,v 1.274 2013/01/04 12:20:31 fabiankeil Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/parsers.c,v $
#ifdef FEATURE_CONNECTION_KEEP_ALIVE
static jb_err server_proxy_connection_adder(struct client_state *csp);
#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */
+static jb_err proxy_authentication(struct client_state *csp, char **header);
static jb_err create_forged_referrer(char **header, const char *hostport);
static jb_err create_fake_referrer(char **header, const char *fake_referrer);
{ "Request-Range:", 14, client_range },
{ "If-Range:", 9, client_range },
{ "X-Filter:", 9, client_x_filter },
+ { "Proxy-Authorization:", 20, proxy_authentication },
#if 0
{ "Transfer-Encoding:", 18, client_transfer_encoding },
#endif
{ "Transfer-Encoding:", 18, server_transfer_coding },
{ "content-disposition:", 20, server_content_disposition },
{ "Last-Modified:", 14, server_last_modified },
+ { "Proxy-Authenticate:", 19, proxy_authentication },
{ "*", 0, crunch_server_header },
{ "*", 0, filter_header },
{ NULL, 0, NULL }
}
+/*********************************************************************
+ *
+ * Function : proxy_authentication
+ *
+ * Description : Removes headers that are relevant for proxy
+ * authentication unless forwarding them has
+ * been explicitly requested.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ * 2 : header = On input, pointer to header to modify.
+ * On output, pointer to the modified header, or NULL
+ * to remove the header. This function frees the
+ * original string if necessary.
+ *
+ * Returns : JB_ERR_OK.
+ *
+ *********************************************************************/
+static jb_err proxy_authentication(struct client_state *csp, char **header)
+{
+ if ((csp->config->feature_flags &
+ RUNTIME_FEATURE_FORWARD_PROXY_AUTHENTICATION_HEADERS) == 0) {
+ log_error(LOG_LEVEL_HEADER,
+ "Forwarding proxy authentication headers is disabled. Crunching: %s", *header);
+ freez(*header);
+ }
+ return JB_ERR_OK;
+}
+
+
/*********************************************************************
*
* Function : client_keep_alive
#ifndef PROJECT_H_INCLUDED
#define PROJECT_H_INCLUDED
/** Version string. */
-#define PROJECT_H_VERSION "$Id: project.h,v 1.194 2012/12/07 12:43:55 fabiankeil Exp $"
+#define PROJECT_H_VERSION "$Id: project.h,v 1.195 2012/12/07 12:45:20 fabiankeil Exp $"
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/project.h,v $
/** configuration_spec::feature_flags: Pipelined requests are served instead of being discarded. */
#define RUNTIME_FEATURE_TOLERATE_PIPELINING 2048U
+/** configuration_spec::feature_flags: Proxy authentication headers are forwarded instead of removed. */
+#define RUNTIME_FEATURE_FORWARD_PROXY_AUTHENTICATION_HEADERS 4096U
+
/**
* Data loaded from the configuration file.
*