summaryrefslogtreecommitdiffstats
path: root/rubbos/app/httpd-2.0.64/modules/mappers/mod_rewrite.c
diff options
context:
space:
mode:
Diffstat (limited to 'rubbos/app/httpd-2.0.64/modules/mappers/mod_rewrite.c')
-rw-r--r--rubbos/app/httpd-2.0.64/modules/mappers/mod_rewrite.c4670
1 files changed, 4670 insertions, 0 deletions
diff --git a/rubbos/app/httpd-2.0.64/modules/mappers/mod_rewrite.c b/rubbos/app/httpd-2.0.64/modules/mappers/mod_rewrite.c
new file mode 100644
index 00000000..dcbac539
--- /dev/null
+++ b/rubbos/app/httpd-2.0.64/modules/mappers/mod_rewrite.c
@@ -0,0 +1,4670 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/* _ _ _
+** _ __ ___ ___ __| | _ __ _____ ___ __(_) |_ ___
+** | '_ ` _ \ / _ \ / _` | | '__/ _ \ \ /\ / / '__| | __/ _ \
+** | | | | | | (_) | (_| | | | | __/\ V V /| | | | || __/
+** |_| |_| |_|\___/ \__,_|___|_| \___| \_/\_/ |_| |_|\__\___|
+** |_____|
+**
+** URL Rewriting Module
+**
+** This module uses a rule-based rewriting engine (based on a
+** regular-expression parser) to rewrite requested URLs on the fly.
+**
+** It supports an unlimited number of additional rule conditions (which can
+** operate on a lot of variables, even on HTTP headers) for granular
+** matching and even external database lookups (either via plain text
+** tables, DBM hash files or even external processes) for advanced URL
+** substitution.
+**
+** It operates on the full URLs (including the PATH_INFO part) both in
+** per-server context (httpd.conf) and per-dir context (.htaccess) and even
+** can generate QUERY_STRING parts on result. The rewriting result finally
+** can lead to internal subprocessing, external request redirection or even
+** to internal proxy throughput.
+**
+** This module was originally written in April 1996 and
+** gifted exclusively to the The Apache Software Foundation in July 1997 by
+**
+** Ralf S. Engelschall
+** rse engelschall.com
+** www.engelschall.com
+*/
+
+#include "apr.h"
+#include "apr_strings.h"
+#include "apr_hash.h"
+#include "apr_user.h"
+#include "apr_lib.h"
+#include "apr_signal.h"
+#include "apr_global_mutex.h"
+
+#define APR_WANT_STRFUNC
+#define APR_WANT_IOVEC
+#include "apr_want.h"
+
+#if APR_HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#if APR_HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+
+#include "ap_config.h"
+#include "httpd.h"
+#include "http_config.h"
+#include "http_request.h"
+#include "http_core.h"
+#include "http_log.h"
+#include "http_protocol.h"
+#include "mod_rewrite.h"
+
+/* mod_ssl.h is not safe for inclusion in 2.0, so duplicate the
+ * optional function declarations. */
+APR_DECLARE_OPTIONAL_FN(char *, ssl_var_lookup,
+ (apr_pool_t *, server_rec *,
+ conn_rec *, request_rec *,
+ char *));
+APR_DECLARE_OPTIONAL_FN(int, ssl_is_https, (conn_rec *));
+
+#if !defined(OS2) && !defined(WIN32) && !defined(BEOS) && !defined(NETWARE)
+#include "unixd.h"
+#define MOD_REWRITE_SET_MUTEX_PERMS /* XXX Apache should define something */
+#endif
+
+/*
+** +-------------------------------------------------------+
+** | |
+** | static module configuration
+** | |
+** +-------------------------------------------------------+
+*/
+
+
+/*
+** Our interface to the Apache server kernel:
+**
+** o Runtime logic of a request is as following:
+** while(request or subrequest)
+** foreach(stage #0...#9)
+** foreach(module) (**)
+** try to run hook
+**
+** o the order of modules at (**) is the inverted order as
+** given in the "Configuration" file, i.e. the last module
+** specified is the first one called for each hook!
+** The core module is always the last!
+**
+** o there are two different types of result checking and
+** continue processing:
+** for hook #0,#1,#4,#5,#6,#8:
+** hook run loop stops on first modules which gives
+** back a result != DECLINED, i.e. it usually returns OK
+** which says "OK, module has handled this _stage_" and for #1
+** this have not to mean "Ok, the filename is now valid".
+** for hook #2,#3,#7,#9:
+** all hooks are run, independend of result
+**
+** o at the last stage, the core module always
+** - says "HTTP_BAD_REQUEST" if r->filename does not begin with "/"
+** - prefix URL with document_root or replaced server_root
+** with document_root and sets r->filename
+** - always return a "OK" independed if the file really exists
+** or not!
+*/
+
+ /* the module (predeclaration) */
+module AP_MODULE_DECLARE_DATA rewrite_module;
+
+ /* rewritemap int: handler function registry */
+static apr_hash_t *mapfunc_hash;
+
+ /* the cache */
+static cache *cachep;
+
+ /* whether proxy module is available or not */
+static int proxy_available;
+
+static const char *lockname;
+static apr_global_mutex_t *rewrite_mapr_lock_acquire = NULL;
+static apr_global_mutex_t *rewrite_log_lock = NULL;
+
+/* Optional functions imported from mod_ssl when loaded: */
+static APR_OPTIONAL_FN_TYPE(ssl_var_lookup) *rewrite_ssl_lookup = NULL;
+static APR_OPTIONAL_FN_TYPE(ssl_is_https) *rewrite_is_https = NULL;
+
+/*
+** +-------------------------------------------------------+
+** | |
+** | configuration directive handling
+** | |
+** +-------------------------------------------------------+
+*/
+
+/*
+**
+** per-server configuration structure handling
+**
+*/
+
+static void *config_server_create(apr_pool_t *p, server_rec *s)
+{
+ rewrite_server_conf *a;
+
+ a = (rewrite_server_conf *)apr_pcalloc(p, sizeof(rewrite_server_conf));
+
+ a->state = ENGINE_DISABLED;
+ a->options = OPTION_NONE;
+ a->rewritelogfile = NULL;
+ a->rewritelogfp = NULL;
+ a->rewriteloglevel = 0;
+ a->rewritemaps = apr_array_make(p, 2, sizeof(rewritemap_entry));
+ a->rewriteconds = apr_array_make(p, 2, sizeof(rewritecond_entry));
+ a->rewriterules = apr_array_make(p, 2, sizeof(rewriterule_entry));
+ a->server = s;
+ a->redirect_limit = 0; /* unset (use default) */
+
+ return (void *)a;
+}
+
+static void *config_server_merge(apr_pool_t *p, void *basev, void *overridesv)
+{
+ rewrite_server_conf *a, *base, *overrides;
+
+ a = (rewrite_server_conf *)apr_pcalloc(p,
+ sizeof(rewrite_server_conf));
+ base = (rewrite_server_conf *)basev;
+ overrides = (rewrite_server_conf *)overridesv;
+
+ a->state = overrides->state;
+ a->options = overrides->options;
+ a->server = overrides->server;
+ a->redirect_limit = overrides->redirect_limit
+ ? overrides->redirect_limit
+ : base->redirect_limit;
+
+ if (a->options & OPTION_INHERIT) {
+ /*
+ * local directives override
+ * and anything else is inherited
+ */
+ a->rewriteloglevel = overrides->rewriteloglevel != 0
+ ? overrides->rewriteloglevel
+ : base->rewriteloglevel;
+ a->rewritelogfile = overrides->rewritelogfile != NULL
+ ? overrides->rewritelogfile
+ : base->rewritelogfile;
+ a->rewritelogfp = overrides->rewritelogfp != NULL
+ ? overrides->rewritelogfp
+ : base->rewritelogfp;
+ a->rewritemaps = apr_array_append(p, overrides->rewritemaps,
+ base->rewritemaps);
+ a->rewriteconds = apr_array_append(p, overrides->rewriteconds,
+ base->rewriteconds);
+ a->rewriterules = apr_array_append(p, overrides->rewriterules,
+ base->rewriterules);
+ }
+ else {
+ /*
+ * local directives override
+ * and anything else gets defaults
+ */
+ a->rewriteloglevel = overrides->rewriteloglevel;
+ a->rewritelogfile = overrides->rewritelogfile;
+ a->rewritelogfp = overrides->rewritelogfp;
+ a->rewritemaps = overrides->rewritemaps;
+ a->rewriteconds = overrides->rewriteconds;
+ a->rewriterules = overrides->rewriterules;
+ }
+
+ return (void *)a;
+}
+
+
+/*
+**
+** per-directory configuration structure handling
+**
+*/
+
+static void *config_perdir_create(apr_pool_t *p, char *path)
+{
+ rewrite_perdir_conf *a;
+
+ a = (rewrite_perdir_conf *)apr_pcalloc(p, sizeof(rewrite_perdir_conf));
+
+ a->state = ENGINE_DISABLED;
+ a->options = OPTION_NONE;
+ a->baseurl = NULL;
+ a->rewriteconds = apr_array_make(p, 2, sizeof(rewritecond_entry));
+ a->rewriterules = apr_array_make(p, 2, sizeof(rewriterule_entry));
+ a->redirect_limit = 0; /* unset (use server config) */
+
+ if (path == NULL) {
+ a->directory = NULL;
+ }
+ else {
+ /* make sure it has a trailing slash */
+ if (path[strlen(path)-1] == '/') {
+ a->directory = apr_pstrdup(p, path);
+ }
+ else {
+ a->directory = apr_pstrcat(p, path, "/", NULL);
+ }
+ }
+
+ return (void *)a;
+}
+
+static void *config_perdir_merge(apr_pool_t *p, void *basev, void *overridesv)
+{
+ rewrite_perdir_conf *a, *base, *overrides;
+
+ a = (rewrite_perdir_conf *)apr_pcalloc(p,
+ sizeof(rewrite_perdir_conf));
+ base = (rewrite_perdir_conf *)basev;
+ overrides = (rewrite_perdir_conf *)overridesv;
+
+ a->state = overrides->state;
+ a->options = overrides->options;
+ a->directory = overrides->directory;
+ a->baseurl = overrides->baseurl;
+ a->redirect_limit = overrides->redirect_limit
+ ? overrides->redirect_limit
+ : base->redirect_limit;
+
+ if (a->options & OPTION_INHERIT) {
+ a->rewriteconds = apr_array_append(p, overrides->rewriteconds,
+ base->rewriteconds);
+ a->rewriterules = apr_array_append(p, overrides->rewriterules,
+ base->rewriterules);
+ }
+ else {
+ a->rewriteconds = overrides->rewriteconds;
+ a->rewriterules = overrides->rewriterules;
+ }
+
+ return (void *)a;
+}
+
+
+/*
+**
+** the configuration commands
+**
+*/
+
+static const char *cmd_rewriteengine(cmd_parms *cmd,
+ void *in_dconf, int flag)
+{
+ rewrite_perdir_conf *dconf = in_dconf;
+ rewrite_server_conf *sconf;
+
+ sconf = ap_get_module_config(cmd->server->module_config, &rewrite_module);
+
+ if (cmd->path == NULL) { /* is server command */
+ sconf->state = (flag ? ENGINE_ENABLED : ENGINE_DISABLED);
+ }
+ else /* is per-directory command */ {
+ dconf->state = (flag ? ENGINE_ENABLED : ENGINE_DISABLED);
+ }
+
+ return NULL;
+}
+
+static const char *cmd_rewriteoptions(cmd_parms *cmd,
+ void *in_dconf, const char *option)
+{
+ int options = 0, limit = 0;
+ char *w;
+
+ while (*option) {
+ w = ap_getword_conf(cmd->pool, &option);
+
+ if (!strcasecmp(w, "inherit")) {
+ options |= OPTION_INHERIT;
+ }
+ else if (!strncasecmp(w, "MaxRedirects=", 13)) {
+ limit = atoi(&w[13]);
+ if (limit <= 0) {
+ return "RewriteOptions: MaxRedirects takes a number greater "
+ "than zero.";
+ }
+ }
+ else if (!strcasecmp(w, "MaxRedirects")) { /* be nice */
+ return "RewriteOptions: MaxRedirects has the format MaxRedirects"
+ "=n.";
+ }
+ else {
+ return apr_pstrcat(cmd->pool, "RewriteOptions: unknown option '",
+ w, "'", NULL);
+ }
+ }
+
+ /* put it into the appropriate config */
+ if (cmd->path == NULL) { /* is server command */
+ rewrite_server_conf *conf =
+ ap_get_module_config(cmd->server->module_config,
+ &rewrite_module);
+
+ conf->options |= options;
+ conf->redirect_limit = limit;
+ }
+ else { /* is per-directory command */
+ rewrite_perdir_conf *conf = in_dconf;
+
+ conf->options |= options;
+ conf->redirect_limit = limit;
+ }
+
+ return NULL;
+}
+
+static const char *cmd_rewritelog(cmd_parms *cmd, void *dconf, const char *a1)
+{
+ rewrite_server_conf *sconf;
+
+ sconf = ap_get_module_config(cmd->server->module_config, &rewrite_module);
+
+ sconf->rewritelogfile = a1;
+
+ return NULL;
+}
+
+static const char *cmd_rewriteloglevel(cmd_parms *cmd, void *dconf,
+ const char *a1)
+{
+ rewrite_server_conf *sconf;
+
+ sconf = ap_get_module_config(cmd->server->module_config, &rewrite_module);
+
+ sconf->rewriteloglevel = atoi(a1);
+
+ return NULL;
+}
+
+static const char *cmd_rewritemap(cmd_parms *cmd, void *dconf, const char *a1,
+ const char *a2)
+{
+ rewrite_server_conf *sconf;
+ rewritemap_entry *newmap;
+ apr_finfo_t st;
+
+ sconf = ap_get_module_config(cmd->server->module_config, &rewrite_module);
+
+ newmap = apr_array_push(sconf->rewritemaps);
+
+ newmap->name = a1;
+ newmap->func = NULL;
+ if (strncmp(a2, "txt:", 4) == 0) {
+ newmap->type = MAPTYPE_TXT;
+ newmap->datafile = a2+4;
+ newmap->checkfile = a2+4;
+ newmap->cachename = apr_psprintf(cmd->pool, "%pp:%s",
+ (void *)cmd->server, a1);
+ }
+ else if (strncmp(a2, "rnd:", 4) == 0) {
+ newmap->type = MAPTYPE_RND;
+ newmap->datafile = a2+4;
+ newmap->checkfile = a2+4;
+ newmap->cachename = apr_psprintf(cmd->pool, "%pp:%s",
+ (void *)cmd->server, a1);
+ }
+ else if (strncmp(a2, "dbm", 3) == 0) {
+ const char *ignored_fname;
+ int bad = 0;
+ apr_status_t rv;
+
+ newmap->type = MAPTYPE_DBM;
+ newmap->cachename = apr_psprintf(cmd->pool, "%pp:%s",
+ (void *)cmd->server, a1);
+
+ if (a2[3] == ':') {
+ newmap->dbmtype = "default";
+ newmap->datafile = a2+4;
+ }
+ else if (a2[3] == '=') {
+ const char *colon = ap_strchr_c(a2 + 4, ':');
+
+ if (colon) {
+ newmap->dbmtype = apr_pstrndup(cmd->pool, a2 + 4,
+ colon - (a2 + 3) - 1);
+ newmap->datafile = colon + 1;
+ }
+ else {
+ ++bad;
+ }
+ }
+ else {
+ ++bad;
+ }
+
+ if (bad) {
+ return apr_pstrcat(cmd->pool, "RewriteMap: bad map:",
+ a2, NULL);
+ }
+
+ rv = apr_dbm_get_usednames_ex(cmd->pool, newmap->dbmtype,
+ newmap->datafile, &newmap->checkfile,
+ &ignored_fname);
+ if (rv != APR_SUCCESS) {
+ return apr_pstrcat(cmd->pool, "RewriteMap: dbm type ",
+ newmap->dbmtype, " is invalid", NULL);
+ }
+ }
+ else if (strncmp(a2, "prg:", 4) == 0) {
+ newmap->type = MAPTYPE_PRG;
+ apr_tokenize_to_argv(a2 + 4, &newmap->argv, cmd->pool);
+ newmap->datafile = NULL;
+ newmap->checkfile = newmap->argv[0];
+ newmap->cachename = NULL;
+
+ }
+ else if (strncmp(a2, "int:", 4) == 0) {
+ newmap->type = MAPTYPE_INT;
+ newmap->datafile = NULL;
+ newmap->checkfile = NULL;
+ newmap->cachename = NULL;
+ newmap->func = (char *(*)(request_rec *,char *))
+ apr_hash_get(mapfunc_hash, a2+4, strlen(a2+4));
+ if ((sconf->state == ENGINE_ENABLED) && (newmap->func == NULL)) {
+ return apr_pstrcat(cmd->pool, "RewriteMap: internal map not found:",
+ a2+4, NULL);
+ }
+ }
+ else {
+ newmap->type = MAPTYPE_TXT;
+ newmap->datafile = a2;
+ newmap->checkfile = a2;
+ newmap->cachename = apr_psprintf(cmd->pool, "%pp:%s",
+ (void *)cmd->server, a1);
+ }
+ newmap->fpin = NULL;
+ newmap->fpout = NULL;
+
+ if (newmap->checkfile && (sconf->state == ENGINE_ENABLED)
+ && (apr_stat(&st, newmap->checkfile, APR_FINFO_MIN,
+ cmd->pool) != APR_SUCCESS)) {
+ return apr_pstrcat(cmd->pool,
+ "RewriteMap: file for map ", newmap->name,
+ " not found:", newmap->checkfile, NULL);
+ }
+
+ return NULL;
+}
+
+static const char *cmd_rewritelock(cmd_parms *cmd, void *dconf, const char *a1)
+{
+ const char *error;
+
+ if ((error = ap_check_cmd_context(cmd, GLOBAL_ONLY)) != NULL)
+ return error;
+
+ /* fixup the path, especially for rewritelock_remove() */
+ lockname = ap_server_root_relative(cmd->pool, a1);
+
+ if (!lockname) {
+ return apr_pstrcat(cmd->pool, "Invalid RewriteLock path ", a1);
+ }
+
+ return NULL;
+}
+
+static const char *cmd_rewritebase(cmd_parms *cmd, void *in_dconf,
+ const char *a1)
+{
+ rewrite_perdir_conf *dconf = in_dconf;
+
+ if (cmd->path == NULL || dconf == NULL) {
+ return "RewriteBase: only valid in per-directory config files";
+ }
+ if (a1[0] == '\0') {
+ return "RewriteBase: empty URL not allowed";
+ }
+ if (a1[0] != '/') {
+ return "RewriteBase: argument is not a valid URL";
+ }
+
+ dconf->baseurl = a1;
+
+ return NULL;
+}
+
+static const char *cmd_rewritecond(cmd_parms *cmd, void *in_dconf,
+ const char *in_str)
+{
+ rewrite_perdir_conf *dconf = in_dconf;
+ char *str = apr_pstrdup(cmd->pool, in_str);
+ rewrite_server_conf *sconf;
+ rewritecond_entry *newcond;
+ regex_t *regexp;
+ char *a1;
+ char *a2;
+ char *a3;
+ char *cp;
+ const char *err;
+ int rc;
+
+ sconf = ap_get_module_config(cmd->server->module_config, &rewrite_module);
+
+ /* make a new entry in the internal temporary rewrite rule list */
+ if (cmd->path == NULL) { /* is server command */
+ newcond = apr_array_push(sconf->rewriteconds);
+ }
+ else { /* is per-directory command */
+ newcond = apr_array_push(dconf->rewriteconds);
+ }
+
+ /* parse the argument line ourself */
+ if (parseargline(str, &a1, &a2, &a3)) {
+ return apr_pstrcat(cmd->pool, "RewriteCond: bad argument line '", str,
+ "'", NULL);
+ }
+
+ /* arg1: the input string */
+ newcond->input = apr_pstrdup(cmd->pool, a1);
+
+ /* arg3: optional flags field
+ (this have to be first parsed, because we need to
+ know if the regex should be compiled with ICASE!) */
+ newcond->flags = CONDFLAG_NONE;
+ if (a3 != NULL) {
+ if ((err = cmd_rewritecond_parseflagfield(cmd->pool, newcond,
+ a3)) != NULL) {
+ return err;
+ }
+ }
+
+ /* arg2: the pattern
+ try to compile the regexp to test if is ok */
+ cp = a2;
+ if (cp[0] == '!') {
+ newcond->flags |= CONDFLAG_NOTMATCH;
+ cp++;
+ }
+
+ /* now be careful: Under the POSIX regex library
+ we can compile the pattern for case insensitive matching,
+ under the old V8 library we have to do it self via a hack */
+ if (newcond->flags & CONDFLAG_NOCASE) {
+ rc = ((regexp = ap_pregcomp(cmd->pool, cp, REG_EXTENDED|REG_ICASE))
+ == NULL);
+ }
+ else {
+ rc = ((regexp = ap_pregcomp(cmd->pool, cp, REG_EXTENDED)) == NULL);
+ }
+ if (rc) {
+ return apr_pstrcat(cmd->pool,
+ "RewriteCond: cannot compile regular expression '",
+ a2, "'", NULL);
+ }
+
+ newcond->pattern = apr_pstrdup(cmd->pool, cp);
+ newcond->regexp = regexp;
+
+ return NULL;
+}
+
+static const char *cmd_rewritecond_parseflagfield(apr_pool_t *p,
+ rewritecond_entry *cfg,
+ char *str)
+{
+ char *cp;
+ char *cp1;
+ char *cp2;
+ char *cp3;
+ char *key;
+ char *val;
+ const char *err;
+
+ if (str[0] != '[' || str[strlen(str)-1] != ']') {
+ return "RewriteCond: bad flag delimiters";
+ }
+
+ cp = str+1;
+ str[strlen(str)-1] = ','; /* for simpler parsing */
+ for ( ; *cp != '\0'; ) {
+ /* skip whitespaces */
+ for ( ; (*cp == ' ' || *cp == '\t') && *cp != '\0'; cp++)
+ ;
+ if (*cp == '\0') {
+ break;
+ }
+ cp1 = cp;
+ if ((cp2 = strchr(cp, ',')) != NULL) {
+ cp = cp2+1;
+ for ( ; (*(cp2-1) == ' ' || *(cp2-1) == '\t'); cp2--)
+ ;
+ *cp2 = '\0';
+ if ((cp3 = strchr(cp1, '=')) != NULL) {
+ *cp3 = '\0';
+ key = cp1;
+ val = cp3+1;
+ }
+ else {
+ key = cp1;
+ val = "";
+ }
+ if ((err = cmd_rewritecond_setflag(p, cfg, key, val)) != NULL) {
+ return err;
+ }
+ }
+ else {
+ break;
+ }
+ }
+
+ return NULL;
+}
+
+static const char *cmd_rewritecond_setflag(apr_pool_t *p,
+ rewritecond_entry *cfg,
+ char *key, char *val)
+{
+ if ( strcasecmp(key, "nocase") == 0
+ || strcasecmp(key, "NC") == 0 ) {
+ cfg->flags |= CONDFLAG_NOCASE;
+ }
+ else if ( strcasecmp(key, "ornext") == 0
+ || strcasecmp(key, "OR") == 0 ) {
+ cfg->flags |= CONDFLAG_ORNEXT;
+ }
+ else {
+ return apr_pstrcat(p, "RewriteCond: unknown flag '", key, "'", NULL);
+ }
+ return NULL;
+}
+
+static const char *cmd_rewriterule(cmd_parms *cmd, void *in_dconf,
+ const char *in_str)
+{
+ rewrite_perdir_conf *dconf = in_dconf;
+ char *str = apr_pstrdup(cmd->pool, in_str);
+ rewrite_server_conf *sconf;
+ rewriterule_entry *newrule;
+ regex_t *regexp;
+ char *a1;
+ char *a2;
+ char *a3;
+ char *cp;
+ const char *err;
+ int mode;
+
+ sconf = ap_get_module_config(cmd->server->module_config, &rewrite_module);
+
+ /* make a new entry in the internal rewrite rule list */
+ if (cmd->path == NULL) { /* is server command */
+ newrule = apr_array_push(sconf->rewriterules);
+ }
+ else { /* is per-directory command */
+ newrule = apr_array_push(dconf->rewriterules);
+ }
+
+ /* parse the argument line ourself */
+ if (parseargline(str, &a1, &a2, &a3)) {
+ return apr_pstrcat(cmd->pool, "RewriteRule: bad argument line '", str,
+ "'", NULL);
+ }
+
+ /* arg3: optional flags field */
+ newrule->forced_mimetype = NULL;
+ newrule->forced_responsecode = HTTP_MOVED_TEMPORARILY;
+ newrule->flags = RULEFLAG_NONE;
+ newrule->env[0] = NULL;
+ newrule->cookie[0] = NULL;
+ newrule->skip = 0;
+ if (a3 != NULL) {
+ if ((err = cmd_rewriterule_parseflagfield(cmd->pool, newrule,
+ a3)) != NULL) {
+ return err;
+ }
+ }
+
+ /* arg1: the pattern
+ * try to compile the regexp to test if is ok
+ */
+ cp = a1;
+ if (cp[0] == '!') {
+ newrule->flags |= RULEFLAG_NOTMATCH;
+ cp++;
+ }
+ mode = REG_EXTENDED;
+ if (newrule->flags & RULEFLAG_NOCASE) {
+ mode |= REG_ICASE;
+ }
+ if ((regexp = ap_pregcomp(cmd->pool, cp, mode)) == NULL) {
+ return apr_pstrcat(cmd->pool,
+ "RewriteRule: cannot compile regular expression '",
+ a1, "'", NULL);
+ }
+ newrule->pattern = apr_pstrdup(cmd->pool, cp);
+ newrule->regexp = regexp;
+
+ /* arg2: the output string
+ * replace the $<N> by \<n> which is needed by the currently
+ * used Regular Expression library
+ *
+ * TODO: Is this still required for PCRE? If not, does it *work* with PCRE?
+ */
+ newrule->output = apr_pstrdup(cmd->pool, a2);
+
+ /* now, if the server or per-dir config holds an
+ * array of RewriteCond entries, we take it for us
+ * and clear the array
+ */
+ if (cmd->path == NULL) { /* is server command */
+ newrule->rewriteconds = sconf->rewriteconds;
+ sconf->rewriteconds = apr_array_make(cmd->pool, 2,
+ sizeof(rewritecond_entry));
+ }
+ else { /* is per-directory command */
+ newrule->rewriteconds = dconf->rewriteconds;
+ dconf->rewriteconds = apr_array_make(cmd->pool, 2,
+ sizeof(rewritecond_entry));
+ }
+
+ return NULL;
+}
+
+static const char *cmd_rewriterule_parseflagfield(apr_pool_t *p,
+ rewriterule_entry *cfg,
+ char *str)
+{
+ char *cp;
+ char *cp1;
+ char *cp2;
+ char *cp3;
+ char *key;
+ char *val;
+ const char *err;
+
+ if (str[0] != '[' || str[strlen(str)-1] != ']') {
+ return "RewriteRule: bad flag delimiters";
+ }
+
+ cp = str+1;
+ str[strlen(str)-1] = ','; /* for simpler parsing */
+ for ( ; *cp != '\0'; ) {
+ /* skip whitespaces */
+ for ( ; (*cp == ' ' || *cp == '\t') && *cp != '\0'; cp++)
+ ;
+ if (*cp == '\0') {
+ break;
+ }
+ cp1 = cp;
+ if ((cp2 = strchr(cp, ',')) != NULL) {
+ cp = cp2+1;
+ for ( ; (*(cp2-1) == ' ' || *(cp2-1) == '\t'); cp2--)
+ ;
+ *cp2 = '\0';
+ if ((cp3 = strchr(cp1, '=')) != NULL) {
+ *cp3 = '\0';
+ key = cp1;
+ val = cp3+1;
+ }
+ else {
+ key = cp1;
+ val = "";
+ }
+ if ((err = cmd_rewriterule_setflag(p, cfg, key, val)) != NULL) {
+ return err;
+ }
+ }
+ else {
+ break;
+ }
+ }
+
+ return NULL;
+}
+
+static const char *cmd_rewriterule_setflag(apr_pool_t *p,
+ rewriterule_entry *cfg,
+ char *key, char *val)
+{
+ int status = 0;
+ int i;
+
+ if ( strcasecmp(key, "redirect") == 0
+ || strcasecmp(key, "R") == 0 ) {
+ cfg->flags |= RULEFLAG_FORCEREDIRECT;
+ if (strlen(val) > 0) {
+ if (strcasecmp(val, "permanent") == 0) {
+ status = HTTP_MOVED_PERMANENTLY;
+ }
+ else if (strcasecmp(val, "temp") == 0) {
+ status = HTTP_MOVED_TEMPORARILY;
+ }
+ else if (strcasecmp(val, "seeother") == 0) {
+ status = HTTP_SEE_OTHER;
+ }
+ else if (apr_isdigit(*val)) {
+ status = atoi(val);
+ }
+ if (!ap_is_HTTP_REDIRECT(status)) {
+ return "RewriteRule: invalid HTTP response code "
+ "for flag 'R'";
+ }
+ cfg->forced_responsecode = status;
+ }
+ }
+ else if ( strcasecmp(key, "noescape") == 0
+ || strcasecmp(key, "NE") == 0 ) {
+ cfg->flags |= RULEFLAG_NOESCAPE;
+ }
+ else if ( strcasecmp(key, "last") == 0
+ || strcasecmp(key, "L") == 0 ) {
+ cfg->flags |= RULEFLAG_LASTRULE;
+ }
+ else if ( strcasecmp(key, "next") == 0
+ || strcasecmp(key, "N") == 0 ) {
+ cfg->flags |= RULEFLAG_NEWROUND;
+ }
+ else if ( strcasecmp(key, "chain") == 0
+ || strcasecmp(key, "C") == 0 ) {
+ cfg->flags |= RULEFLAG_CHAIN;
+ }
+ else if ( strcasecmp(key, "type") == 0
+ || strcasecmp(key, "T") == 0 ) {
+ cfg->forced_mimetype = apr_pstrdup(p, val);
+ ap_str_tolower(cfg->forced_mimetype);
+ }
+ else if ( strcasecmp(key, "env") == 0
+ || strcasecmp(key, "E") == 0 ) {
+ for (i = 0; (cfg->env[i] != NULL) && (i < MAX_ENV_FLAGS); i++)
+ ;
+ if (i < MAX_ENV_FLAGS) {
+ cfg->env[i] = apr_pstrdup(p, val);
+ cfg->env[i+1] = NULL;
+ }
+ else {
+ return "RewriteRule: too many environment flags 'E'";
+ }
+ }
+ else if ( strcasecmp(key, "cookie") == 0 || strcasecmp(key, "CO") == 0) {
+ for (i = 0; (cfg->cookie[i] != NULL) && (i < MAX_COOKIE_FLAGS); i++)
+ ;
+ if (i < MAX_COOKIE_FLAGS) {
+ cfg->cookie[i] = apr_pstrdup(p, val);
+ cfg->cookie[i+1] = NULL;
+ }
+ else {
+ return "RewriteRule: too many cookie flags 'CO'";
+ }
+ }
+ else if ( strcasecmp(key, "nosubreq") == 0
+ || strcasecmp(key, "NS") == 0 ) {
+ cfg->flags |= RULEFLAG_IGNOREONSUBREQ;
+ }
+ else if ( strcasecmp(key, "proxy") == 0
+ || strcasecmp(key, "P") == 0 ) {
+ cfg->flags |= RULEFLAG_PROXY;
+ }
+ else if ( strcasecmp(key, "passthrough") == 0
+ || strcasecmp(key, "PT") == 0 ) {
+ cfg->flags |= RULEFLAG_PASSTHROUGH;
+ }
+ else if ( strcasecmp(key, "skip") == 0
+ || strcasecmp(key, "S") == 0 ) {
+ cfg->skip = atoi(val);
+ }
+ else if ( strcasecmp(key, "forbidden") == 0
+ || strcasecmp(key, "F") == 0 ) {
+ cfg->flags |= RULEFLAG_FORBIDDEN;
+ }
+ else if ( strcasecmp(key, "gone") == 0
+ || strcasecmp(key, "G") == 0 ) {
+ cfg->flags |= RULEFLAG_GONE;
+ }
+ else if ( strcasecmp(key, "qsappend") == 0
+ || strcasecmp(key, "QSA") == 0 ) {
+ cfg->flags |= RULEFLAG_QSAPPEND;
+ }
+ else if ( strcasecmp(key, "nocase") == 0
+ || strcasecmp(key, "NC") == 0 ) {
+ cfg->flags |= RULEFLAG_NOCASE;
+ }
+ else {
+ return apr_pstrcat(p, "RewriteRule: unknown flag '", key, "'", NULL);
+ }
+ return NULL;
+}
+
+
+/*
+**
+** Global Module Initialization
+**
+*/
+
+static int pre_config(apr_pool_t *pconf,
+ apr_pool_t *plog,
+ apr_pool_t *ptemp)
+{
+ APR_OPTIONAL_FN_TYPE(ap_register_rewrite_mapfunc) *map_pfn_register;
+
+ /* register int: rewritemap handlers */
+ mapfunc_hash = apr_hash_make(pconf);
+ map_pfn_register = APR_RETRIEVE_OPTIONAL_FN(ap_register_rewrite_mapfunc);
+ if (map_pfn_register) {
+ map_pfn_register("tolower", rewrite_mapfunc_tolower);
+ map_pfn_register("toupper", rewrite_mapfunc_toupper);
+ map_pfn_register("escape", rewrite_mapfunc_escape);
+ map_pfn_register("unescape", rewrite_mapfunc_unescape);
+ }
+ return OK;
+}
+
+static int post_config(apr_pool_t *p,
+ apr_pool_t *plog,
+ apr_pool_t *ptemp,
+ server_rec *s)
+{
+ apr_status_t rv;
+ void *data;
+ int first_time = 0;
+ const char *userdata_key = "rewrite_init_module";
+
+ apr_pool_userdata_get(&data, userdata_key, s->process->pool);
+ if (!data) {
+ first_time = 1;
+ apr_pool_userdata_set((const void *)1, userdata_key,
+ apr_pool_cleanup_null, s->process->pool);
+ }
+
+ /* check if proxy module is available */
+ proxy_available = (ap_find_linked_module("mod_proxy.c") != NULL);
+
+ /* create the rewriting lockfiles in the parent */
+ if ((rv = apr_global_mutex_create(&rewrite_log_lock, NULL,
+ APR_LOCK_DEFAULT, p)) != APR_SUCCESS) {
+ ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
+ "mod_rewrite: could not create rewrite_log_lock");
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+#ifdef MOD_REWRITE_SET_MUTEX_PERMS
+ rv = unixd_set_global_mutex_perms(rewrite_log_lock);
+ if (rv != APR_SUCCESS) {
+ ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
+ "mod_rewrite: Could not set permissions on "
+ "rewrite_log_lock; check User and Group directives");
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
+#endif
+
+ rv = rewritelock_create(s, p);
+ if (rv != APR_SUCCESS) {
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ apr_pool_cleanup_register(p, (void *)s, rewritelock_remove,
+ apr_pool_cleanup_null);
+
+ /* step through the servers and
+ * - open each rewriting logfile
+ * - open the RewriteMap prg:xxx programs
+ */
+ for (; s; s = s->next) {
+ if (!open_rewritelog(s, p)) {
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ if (!first_time) {
+ if (run_rewritemap_programs(s, p) != APR_SUCCESS) {
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
+ }
+ }
+
+ rewrite_ssl_lookup = APR_RETRIEVE_OPTIONAL_FN(ssl_var_lookup);
+ rewrite_is_https = APR_RETRIEVE_OPTIONAL_FN(ssl_is_https);
+
+ return OK;
+}
+
+
+/*
+**
+** Per-Child Module Initialization
+** [called after a child process is spawned]
+**
+*/
+
+static void init_child(apr_pool_t *p, server_rec *s)
+{
+ apr_status_t rv;
+
+ if (lockname != NULL && *(lockname) != '\0') {
+ rv = apr_global_mutex_child_init(&rewrite_mapr_lock_acquire,
+ lockname, p);
+ if (rv != APR_SUCCESS) {
+ ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
+ "mod_rewrite: could not init rewrite_mapr_lock_acquire"
+ " in child");
+ }
+ }
+
+ rv = apr_global_mutex_child_init(&rewrite_log_lock, NULL, p);
+ if (rv != APR_SUCCESS) {
+ ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
+ "mod_rewrite: could not init rewrite log lock in child");
+ }
+
+ /* create the lookup cache */
+ cachep = init_cache(p);
+}
+
+
+/*
+** +-------------------------------------------------------+
+** | |
+** | runtime hooks
+** | |
+** +-------------------------------------------------------+
+*/
+
+/*
+**
+** URI-to-filename hook
+**
+** [used for the rewriting engine triggered by
+** the per-server 'RewriteRule' directives]
+**
+*/
+
+static int hook_uri2file(request_rec *r)
+{
+ rewrite_server_conf *conf;
+ const char *saved_rulestatus;
+ const char *var;
+ const char *thisserver;
+ char *thisport;
+ const char *thisurl;
+ char buf[512];
+ char docroot[512];
+ const char *ccp;
+ unsigned int port;
+ int rulestatus;
+ int n;
+ int l;
+
+ /*
+ * retrieve the config structures
+ */
+ conf = ap_get_module_config(r->server->module_config, &rewrite_module);
+
+ /*
+ * only do something under runtime if the engine is really enabled,
+ * else return immediately!
+ */
+ if (conf->state == ENGINE_DISABLED) {
+ return DECLINED;
+ }
+
+ /*
+ * check for the ugly API case of a virtual host section where no
+ * mod_rewrite directives exists. In this situation we became no chance
+ * by the API to setup our default per-server config so we have to
+ * on-the-fly assume we have the default config. But because the default
+ * config has a disabled rewriting engine we are lucky because can
+ * just stop operating now.
+ */
+ if (conf->server != r->server) {
+ return DECLINED;
+ }
+
+ /*
+ * add the SCRIPT_URL variable to the env. this is a bit complicated
+ * due to the fact that apache uses subrequests and internal redirects
+ */
+
+ if (r->main == NULL) {
+ var = apr_pstrcat(r->pool, "REDIRECT_", ENVVAR_SCRIPT_URL, NULL);
+ var = apr_table_get(r->subprocess_env, var);
+ if (var == NULL) {
+ apr_table_setn(r->subprocess_env, ENVVAR_SCRIPT_URL, r->uri);
+ }
+ else {
+ apr_table_setn(r->subprocess_env, ENVVAR_SCRIPT_URL, var);
+ }
+ }
+ else {
+ var = apr_table_get(r->main->subprocess_env, ENVVAR_SCRIPT_URL);
+ apr_table_setn(r->subprocess_env, ENVVAR_SCRIPT_URL, var);
+ }
+
+ /*
+ * create the SCRIPT_URI variable for the env
+ */
+
+ /* add the canonical URI of this URL */
+ thisserver = ap_get_server_name(r);
+ port = ap_get_server_port(r);
+ if (ap_is_default_port(port, r)) {
+ thisport = "";
+ }
+ else {
+ apr_snprintf(buf, sizeof(buf), ":%u", port);
+ thisport = buf;
+ }
+ thisurl = apr_table_get(r->subprocess_env, ENVVAR_SCRIPT_URL);
+
+ /* set the variable */
+ var = apr_pstrcat(r->pool, ap_http_method(r), "://", thisserver, thisport,
+ thisurl, NULL);
+ apr_table_setn(r->subprocess_env, ENVVAR_SCRIPT_URI, var);
+
+ if (!(saved_rulestatus = apr_table_get(r->notes,"mod_rewrite_rewritten"))) {
+ /* if filename was not initially set,
+ * we start with the requested URI
+ */
+ if (r->filename == NULL) {
+ r->filename = apr_pstrdup(r->pool, r->uri);
+ rewritelog(r, 2, "init rewrite engine with requested uri %s",
+ r->filename);
+ }
+ else {
+ rewritelog(r, 2, "init rewrite engine with passed filename %s."
+ " Original uri = %s", r->filename, r->uri);
+ }
+
+ /*
+ * now apply the rules ...
+ */
+ rulestatus = apply_rewrite_list(r, conf->rewriterules, NULL);
+ apr_table_set(r->notes,"mod_rewrite_rewritten",
+ apr_psprintf(r->pool,"%d",rulestatus));
+ }
+ else {
+ rewritelog(r, 2,
+ "uri already rewritten. Status %s, Uri %s, r->filename %s",
+ saved_rulestatus, r->uri, r->filename);
+ rulestatus = atoi(saved_rulestatus);
+ }
+
+ if (rulestatus) {
+ unsigned skip;
+
+ if (strlen(r->filename) > 6 &&
+ strncmp(r->filename, "proxy:", 6) == 0) {
+ /* it should be go on as an internal proxy request */
+
+ /* check if the proxy module is enabled, so
+ * we can actually use it!
+ */
+ if (!proxy_available) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+ "attempt to make remote request from mod_rewrite "
+ "without proxy enabled: %s", r->filename);
+ return HTTP_FORBIDDEN;
+ }
+
+ /* make sure the QUERY_STRING and
+ * PATH_INFO parts get incorporated
+ */
+ if (r->path_info != NULL) {
+ r->filename = apr_pstrcat(r->pool, r->filename,
+ r->path_info, NULL);
+ }
+ if (r->args != NULL &&
+ r->uri == r->unparsed_uri) {
+ /* see proxy_http:proxy_http_canon() */
+ r->filename = apr_pstrcat(r->pool, r->filename,
+ "?", r->args, NULL);
+ }
+
+ /* now make sure the request gets handled by the proxy handler */
+ if (PROXYREQ_NONE == r->proxyreq) {
+ r->proxyreq = PROXYREQ_REVERSE;
+ }
+ r->handler = "proxy-server";
+
+ rewritelog(r, 1, "go-ahead with proxy request %s [OK]",
+ r->filename);
+ return OK;
+ }
+ else if ((skip = is_absolute_uri(r->filename)) > 0) {
+ /* it was finally rewritten to a remote URL */
+
+ if (rulestatus != ACTION_NOESCAPE) {
+ rewritelog(r, 1, "escaping %s for redirect", r->filename);
+ r->filename = escape_absolute_uri(r->pool, r->filename, skip);
+ }
+
+ /* append the QUERY_STRING part */
+ if (r->args) {
+ r->filename = apr_pstrcat(r->pool, r->filename, "?",
+ (rulestatus == ACTION_NOESCAPE)
+ ? r->args
+ : ap_escape_uri(r->pool, r->args),
+ NULL);
+ }
+
+ /* determine HTTP redirect response code */
+ if (ap_is_HTTP_REDIRECT(r->status)) {
+ n = r->status;
+ r->status = HTTP_OK; /* make Apache kernel happy */
+ }
+ else {
+ n = HTTP_MOVED_TEMPORARILY;
+ }
+
+ /* now do the redirection */
+ apr_table_setn(r->headers_out, "Location", r->filename);
+ rewritelog(r, 1, "redirect to %s [REDIRECT/%d]", r->filename, n);
+ return n;
+ }
+ else if (strlen(r->filename) > 10 &&
+ strncmp(r->filename, "forbidden:", 10) == 0) {
+ /* This URLs is forced to be forbidden for the requester */
+ return HTTP_FORBIDDEN;
+ }
+ else if (strlen(r->filename) > 5 &&
+ strncmp(r->filename, "gone:", 5) == 0) {
+ /* This URLs is forced to be gone */
+ return HTTP_GONE;
+ }
+ else if (strlen(r->filename) > 12 &&
+ strncmp(r->filename, "passthrough:", 12) == 0) {
+ /*
+ * Hack because of underpowered API: passing the current
+ * rewritten filename through to other URL-to-filename handlers
+ * just as it were the requested URL. This is to enable
+ * post-processing by mod_alias, etc. which always act on
+ * r->uri! The difference here is: We do not try to
+ * add the document root
+ */
+ r->uri = apr_pstrdup(r->pool, r->filename+12);
+ return DECLINED;
+ }
+ else {
+ /* it was finally rewritten to a local path */
+
+ /* expand "/~user" prefix */
+#if APR_HAS_USER
+ r->filename = expand_tildepaths(r, r->filename);
+#endif
+ rewritelog(r, 2, "local path result: %s", r->filename);
+
+ /* the filename must be either an absolute local path or an
+ * absolute local URL.
+ */
+ if ( *r->filename != '/'
+ && !ap_os_is_path_absolute(r->pool, r->filename)) {
+ return HTTP_BAD_REQUEST;
+ }
+
+ /* if there is no valid prefix, we have
+ * to emulate the translator from the core and
+ * prefix the filename with document_root
+ *
+ * NOTICE:
+ * We cannot leave out the prefix_stat because
+ * - when we always prefix with document_root
+ * then no absolute path can be created, e.g. via
+ * emulating a ScriptAlias directive, etc.
+ * - when we always NOT prefix with document_root
+ * then the files under document_root have to
+ * be references directly and document_root
+ * gets never used and will be a dummy parameter -
+ * this is also bad
+ *
+ * BUT:
+ * Under real Unix systems this is no problem,
+ * because we only do stat() on the first directory
+ * and this gets cached by the kernel for along time!
+ */
+ n = prefix_stat(r->filename, r->pool);
+ if (n == 0) {
+ if ((ccp = ap_document_root(r)) != NULL) {
+ l = apr_cpystrn(docroot, ccp, sizeof(docroot)) - docroot;
+
+ /* always NOT have a trailing slash */
+ if (docroot[l-1] == '/') {
+ docroot[l-1] = '\0';
+ }
+ if (r->server->path
+ && !strncmp(r->filename, r->server->path,
+ r->server->pathlen)) {
+ r->filename = apr_pstrcat(r->pool, docroot,
+ (r->filename +
+ r->server->pathlen), NULL);
+ }
+ else {
+ r->filename = apr_pstrcat(r->pool, docroot,
+ r->filename, NULL);
+ }
+ rewritelog(r, 2, "prefixed with document_root to %s",
+ r->filename);
+ }
+ }
+
+ rewritelog(r, 1, "go-ahead with %s [OK]", r->filename);
+ return OK;
+ }
+ }
+ else {
+ rewritelog(r, 1, "pass through %s", r->filename);
+ return DECLINED;
+ }
+}
+
+
+/*
+**
+** MIME-type hook
+**
+** [used to support the forced-MIME-type feature]
+**
+*/
+
+static int hook_mimetype(request_rec *r)
+{
+ const char *t;
+
+ /* now check if we have to force a MIME-type */
+ t = apr_table_get(r->notes, REWRITE_FORCED_MIMETYPE_NOTEVAR);
+ if (t == NULL) {
+ return DECLINED;
+ }
+ else {
+ rewritelog(r, 1, "force filename %s to have MIME-type '%s'",
+ r->filename, t);
+ ap_set_content_type(r, t);
+ return OK;
+ }
+}
+
+
+/*
+**
+** Fixup hook
+**
+** [used for the rewriting engine triggered by
+** the per-directory 'RewriteRule' directives]
+**
+*/
+
+static int hook_fixup(request_rec *r)
+{
+ rewrite_perdir_conf *dconf;
+ char *cp;
+ char *cp2;
+ const char *ccp;
+ char *prefix;
+ apr_size_t l;
+ int rulestatus;
+ int n;
+ char *ofilename;
+ int is_proxyreq;
+
+ dconf = (rewrite_perdir_conf *)ap_get_module_config(r->per_dir_config,
+ &rewrite_module);
+
+ /* if there is no per-dir config we return immediately */
+ if (dconf == NULL) {
+ return DECLINED;
+ }
+
+ /* we shouldn't do anything in subrequests */
+ if (r->main != NULL) {
+ return DECLINED;
+ }
+
+ /* if there are no real (i.e. no RewriteRule directives!)
+ per-dir config of us, we return also immediately */
+ if (dconf->directory == NULL) {
+ return DECLINED;
+ }
+
+ /*
+ * Proxy request?
+ */
+ is_proxyreq = ( r->proxyreq && r->filename
+ && !strncmp(r->filename, "proxy:", 6));
+
+ /*
+ * .htaccess file is called before really entering the directory, i.e.:
+ * URL: http://localhost/foo and .htaccess is located in foo directory
+ * Ignore such attempts, since they may lead to undefined behaviour.
+ */
+ if (is_proxyreq) {
+ l = strlen(dconf->directory) - 1;
+ if (r->filename && strlen(r->filename) == l &&
+ (dconf->directory)[l] == '/' &&
+ !strncmp(r->filename, dconf->directory, l)) {
+ return DECLINED;
+ }
+ }
+
+ /*
+ * only do something under runtime if the engine is really enabled,
+ * for this directory, else return immediately!
+ */
+ if (dconf->state == ENGINE_DISABLED) {
+ return DECLINED;
+ }
+
+ /*
+ * Do the Options check after engine check, so
+ * the user is able to explicitely turn RewriteEngine Off.
+ */
+ if (!(ap_allow_options(r) & (OPT_SYM_LINKS | OPT_SYM_OWNER))) {
+ /* FollowSymLinks is mandatory! */
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+ "Options FollowSymLinks or SymLinksIfOwnerMatch is off "
+ "which implies that RewriteRule directive is forbidden: "
+ "%s", r->filename);
+ return HTTP_FORBIDDEN;
+ }
+
+ /*
+ * remember the current filename before rewriting for later check
+ * to prevent deadlooping because of internal redirects
+ * on final URL/filename which can be equal to the inital one.
+ * also, we'll restore original r->filename if we decline this
+ * request
+ */
+ ofilename = r->filename;
+
+ if (r->filename == NULL) {
+ r->filename = apr_pstrdup(r->pool, r->uri);
+ rewritelog(r, 2, "init rewrite engine with requested uri %s",
+ r->filename);
+ }
+
+ /*
+ * now apply the rules ...
+ */
+ rulestatus = apply_rewrite_list(r, dconf->rewriterules, dconf->directory);
+ if (rulestatus) {
+ unsigned skip;
+
+ if (strlen(r->filename) > 6 &&
+ strncmp(r->filename, "proxy:", 6) == 0) {
+ /* it should go on as an internal proxy request */
+
+ /* make sure the QUERY_STRING and
+ * PATH_INFO parts get incorporated
+ * (r->path_info was already appended by the
+ * rewriting engine because of the per-dir context!)
+ */
+ if (r->args != NULL) {
+ r->filename = apr_pstrcat(r->pool, r->filename,
+ "?", r->args, NULL);
+ }
+
+ /* now make sure the request gets handled by the proxy handler */
+ if (PROXYREQ_NONE == r->proxyreq) {
+ r->proxyreq = PROXYREQ_REVERSE;
+ }
+ r->handler = "proxy-server";
+
+ rewritelog(r, 1, "[per-dir %s] go-ahead with proxy request "
+ "%s [OK]", dconf->directory, r->filename);
+ return OK;
+ }
+ else if ((skip = is_absolute_uri(r->filename)) > 0) {
+ /* it was finally rewritten to a remote URL */
+
+ /* because we are in a per-dir context
+ * first try to replace the directory with its base-URL
+ * if there is a base-URL available
+ */
+ if (dconf->baseurl != NULL) {
+ /* skip 'scheme://' */
+ cp = r->filename + skip;
+
+ if ((cp = ap_strchr(cp, '/')) != NULL && *(++cp)) {
+ rewritelog(r, 2,
+ "[per-dir %s] trying to replace "
+ "prefix %s with %s",
+ dconf->directory, dconf->directory,
+ dconf->baseurl);
+
+ /* I think, that hack needs an explanation:
+ * well, here is it:
+ * mod_rewrite was written for unix systems, were
+ * absolute file-system paths start with a slash.
+ * URL-paths _also_ start with slashes, so they
+ * can be easily compared with system paths.
+ *
+ * the following assumes, that the actual url-path
+ * may be prefixed by the current directory path and
+ * tries to replace the system path with the RewriteBase
+ * URL.
+ * That assumption is true if we use a RewriteRule like
+ *
+ * RewriteRule ^foo bar [R]
+ *
+ * (see apply_rewrite_rule function)
+ * However on systems that don't have a / as system
+ * root this will never match, so we skip the / after the
+ * hostname and compare/substitute only the stuff after it.
+ *
+ * (note that cp was already increased to the right value)
+ */
+ cp2 = subst_prefix_path(r, cp, (*dconf->directory == '/')
+ ? dconf->directory + 1
+ : dconf->directory,
+ dconf->baseurl + 1);
+ if (strcmp(cp2, cp) != 0) {
+ *cp = '\0';
+ r->filename = apr_pstrcat(r->pool, r->filename,
+ cp2, NULL);
+ }
+ }
+ }
+
+ /* now prepare the redirect... */
+ if (rulestatus != ACTION_NOESCAPE) {
+ rewritelog(r, 1, "[per-dir %s] escaping %s for redirect",
+ dconf->directory, r->filename);
+ r->filename = escape_absolute_uri(r->pool, r->filename, skip);
+ }
+
+ /* append the QUERY_STRING part */
+ if (r->args) {
+ r->filename = apr_pstrcat(r->pool, r->filename, "?",
+ (rulestatus == ACTION_NOESCAPE)
+ ? r->args
+ : ap_escape_uri(r->pool, r->args),
+ NULL);
+ }
+
+ /* determine HTTP redirect response code */
+ if (ap_is_HTTP_REDIRECT(r->status)) {
+ n = r->status;
+ r->status = HTTP_OK; /* make Apache kernel happy */
+ }
+ else {
+ n = HTTP_MOVED_TEMPORARILY;
+ }
+
+ /* now do the redirection */
+ apr_table_setn(r->headers_out, "Location", r->filename);
+ rewritelog(r, 1, "[per-dir %s] redirect to %s [REDIRECT/%d]",
+ dconf->directory, r->filename, n);
+ return n;
+ }
+ else if (strlen(r->filename) > 10 &&
+ strncmp(r->filename, "forbidden:", 10) == 0) {
+ /* This URL is forced to be forbidden for the requester */
+ return HTTP_FORBIDDEN;
+ }
+ else if (strlen(r->filename) > 5 &&
+ strncmp(r->filename, "gone:", 5) == 0) {
+ /* This URL is forced to be gone */
+ return HTTP_GONE;
+ }
+ else {
+ /* it was finally rewritten to a local path */
+
+ /* if someone used the PASSTHROUGH flag in per-dir
+ * context we just ignore it. It is only useful
+ * in per-server context
+ */
+ if (strlen(r->filename) > 12 &&
+ strncmp(r->filename, "passthrough:", 12) == 0) {
+ r->filename = apr_pstrdup(r->pool, r->filename+12);
+ }
+
+ /* the filename must be either an absolute local path or an
+ * absolute local URL.
+ */
+ if ( *r->filename != '/'
+ && !ap_os_is_path_absolute(r->pool, r->filename)) {
+ return HTTP_BAD_REQUEST;
+ }
+
+ /* Check for deadlooping:
+ * At this point we KNOW that at least one rewriting
+ * rule was applied, but when the resulting URL is
+ * the same as the initial URL, we are not allowed to
+ * use the following internal redirection stuff because
+ * this would lead to a deadloop.
+ */
+ if (ofilename != NULL && strcmp(r->filename, ofilename) == 0) {
+ rewritelog(r, 1, "[per-dir %s] initial URL equal rewritten "
+ "URL: %s [IGNORING REWRITE]",
+ dconf->directory, r->filename);
+ return OK;
+ }
+
+ /* if there is a valid base-URL then substitute
+ * the per-dir prefix with this base-URL if the
+ * current filename still is inside this per-dir
+ * context. If not then treat the result as a
+ * plain URL
+ */
+ if (dconf->baseurl != NULL) {
+ rewritelog(r, 2,
+ "[per-dir %s] trying to replace prefix %s with %s",
+ dconf->directory, dconf->directory, dconf->baseurl);
+ r->filename = subst_prefix_path(r, r->filename,
+ dconf->directory,
+ dconf->baseurl);
+ }
+ else {
+ /* if no explicit base-URL exists we assume
+ * that the directory prefix is also a valid URL
+ * for this webserver and only try to remove the
+ * document_root if it is prefix
+ */
+ if ((ccp = ap_document_root(r)) != NULL) {
+ prefix = apr_pstrdup(r->pool, ccp);
+ /* always NOT have a trailing slash */
+ l = strlen(prefix);
+ if (prefix[l-1] == '/') {
+ prefix[l-1] = '\0';
+ l--;
+ }
+ if (strncmp(r->filename, prefix, l) == 0) {
+ rewritelog(r, 2,
+ "[per-dir %s] strip document_root "
+ "prefix: %s -> %s",
+ dconf->directory, r->filename,
+ r->filename+l);
+ r->filename = apr_pstrdup(r->pool, r->filename+l);
+ }
+ }
+ }
+
+ /* now initiate the internal redirect */
+ rewritelog(r, 1, "[per-dir %s] internal redirect with %s "
+ "[INTERNAL REDIRECT]", dconf->directory, r->filename);
+ r->filename = apr_pstrcat(r->pool, "redirect:", r->filename, NULL);
+ r->handler = "redirect-handler";
+ return OK;
+ }
+ }
+ else {
+ rewritelog(r, 1, "[per-dir %s] pass through %s",
+ dconf->directory, r->filename);
+ r->filename = ofilename;
+ return DECLINED;
+ }
+}
+
+
+/*
+**
+** Content-Handlers
+**
+** [used for redirect support]
+**
+*/
+
+static int handler_redirect(request_rec *r)
+{
+ if (strcmp(r->handler, "redirect-handler")) {
+ return DECLINED;
+ }
+
+ /* just make sure that we are really meant! */
+ if (strncmp(r->filename, "redirect:", 9) != 0) {
+ return DECLINED;
+ }
+
+ if (is_redirect_limit_exceeded(r)) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+ "mod_rewrite: maximum number of internal redirects "
+ "reached. Assuming configuration error. Use "
+ "'RewriteOptions MaxRedirects' to increase the limit "
+ "if neccessary.");
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ /* now do the internal redirect */
+ ap_internal_redirect(apr_pstrcat(r->pool, r->filename+9,
+ r->args ? "?" : NULL, r->args, NULL), r);
+
+ /* and return gracefully */
+ return OK;
+}
+
+/*
+ * check whether redirect limit is reached
+ */
+static int is_redirect_limit_exceeded(request_rec *r)
+{
+ request_rec *top = r;
+ rewrite_request_conf *reqc;
+ rewrite_perdir_conf *dconf;
+
+ /* we store it in the top request */
+ while (top->main) {
+ top = top->main;
+ }
+ while (top->prev) {
+ top = top->prev;
+ }
+
+ /* fetch our config */
+ reqc = (rewrite_request_conf *) ap_get_module_config(top->request_config,
+ &rewrite_module);
+
+ /* no config there? create one. */
+ if (!reqc) {
+ rewrite_server_conf *sconf;
+
+ reqc = apr_palloc(top->pool, sizeof(rewrite_request_conf));
+ sconf = ap_get_module_config(r->server->module_config, &rewrite_module);
+
+ reqc->redirects = 0;
+ reqc->redirect_limit = sconf->redirect_limit
+ ? sconf->redirect_limit
+ : REWRITE_REDIRECT_LIMIT;
+
+ /* associate it with this request */
+ ap_set_module_config(top->request_config, &rewrite_module, reqc);
+ }
+
+ /* allow to change the limit during redirects. */
+ dconf = (rewrite_perdir_conf *)ap_get_module_config(r->per_dir_config,
+ &rewrite_module);
+
+ /* 0 == unset; take server conf ... */
+ if (dconf->redirect_limit) {
+ reqc->redirect_limit = dconf->redirect_limit;
+ }
+
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "mod_rewrite's internal redirect status: %d/%d.",
+ reqc->redirects, reqc->redirect_limit);
+
+ /* and now give the caller a hint */
+ return (reqc->redirects++ >= reqc->redirect_limit);
+}
+
+
+/*
+** +-------------------------------------------------------+
+** | |
+** | the rewriting engine
+** | |
+** +-------------------------------------------------------+
+*/
+
+/*
+ * Apply a complete rule set,
+ * i.e. a list of rewrite rules
+ */
+static int apply_rewrite_list(request_rec *r, apr_array_header_t *rewriterules,
+ char *perdir)
+{
+ rewriterule_entry *entries;
+ rewriterule_entry *p;
+ int i;
+ int changed;
+ int rc;
+ int s;
+
+ /*
+ * Iterate over all existing rules
+ */
+ entries = (rewriterule_entry *)rewriterules->elts;
+ changed = 0;
+ loop:
+ for (i = 0; i < rewriterules->nelts; i++) {
+ p = &entries[i];
+
+ /*
+ * Ignore this rule on subrequests if we are explicitly
+ * asked to do so or this is a proxy-throughput or a
+ * forced redirect rule.
+ */
+ if (r->main != NULL &&
+ (p->flags & RULEFLAG_IGNOREONSUBREQ ||
+ p->flags & RULEFLAG_PROXY ||
+ p->flags & RULEFLAG_FORCEREDIRECT )) {
+ continue;
+ }
+
+ /*
+ * Apply the current rule.
+ */
+ rc = apply_rewrite_rule(r, p, perdir);
+ if (rc) {
+ /*
+ * Indicate a change if this was not a match-only rule.
+ */
+ if (rc != 2) {
+ changed = ((p->flags & RULEFLAG_NOESCAPE)
+ ? ACTION_NOESCAPE : ACTION_NORMAL);
+ }
+
+ /*
+ * Pass-Through Feature (`RewriteRule .. .. [PT]'):
+ * Because the Apache 1.x API is very limited we
+ * need this hack to pass the rewritten URL to other
+ * modules like mod_alias, mod_userdir, etc.
+ */
+ if (p->flags & RULEFLAG_PASSTHROUGH) {
+ rewritelog(r, 2, "forcing '%s' to get passed through "
+ "to next API URI-to-filename handler", r->filename);
+ r->filename = apr_pstrcat(r->pool, "passthrough:",
+ r->filename, NULL);
+ changed = ACTION_NORMAL;
+ break;
+ }
+
+ /*
+ * Rule has the "forbidden" flag set which means that
+ * we stop processing and indicate this to the caller.
+ */
+ if (p->flags & RULEFLAG_FORBIDDEN) {
+ rewritelog(r, 2, "forcing '%s' to be forbidden", r->filename);
+ r->filename = apr_pstrcat(r->pool, "forbidden:",
+ r->filename, NULL);
+ changed = ACTION_NORMAL;
+ break;
+ }
+
+ /*
+ * Rule has the "gone" flag set which means that
+ * we stop processing and indicate this to the caller.
+ */
+ if (p->flags & RULEFLAG_GONE) {
+ rewritelog(r, 2, "forcing '%s' to be gone", r->filename);
+ r->filename = apr_pstrcat(r->pool, "gone:", r->filename, NULL);
+ changed = ACTION_NORMAL;
+ break;
+ }
+
+ /*
+ * Stop processing also on proxy pass-through and
+ * last-rule and new-round flags.
+ */
+ if (p->flags & RULEFLAG_PROXY) {
+ break;
+ }
+ if (p->flags & RULEFLAG_LASTRULE) {
+ break;
+ }
+
+ /*
+ * On "new-round" flag we just start from the top of
+ * the rewriting ruleset again.
+ */
+ if (p->flags & RULEFLAG_NEWROUND) {
+ goto loop;
+ }
+
+ /*
+ * If we are forced to skip N next rules, do it now.
+ */
+ if (p->skip > 0) {
+ s = p->skip;
+ while ( i < rewriterules->nelts
+ && s > 0) {
+ i++;
+ p = &entries[i];
+ s--;
+ }
+ }
+ }
+ else {
+ /*
+ * If current rule is chained with next rule(s),
+ * skip all this next rule(s)
+ */
+ while ( i < rewriterules->nelts
+ && p->flags & RULEFLAG_CHAIN) {
+ i++;
+ p = &entries[i];
+ }
+ }
+ }
+ return changed;
+}
+
+/*
+ * Apply a single(!) rewrite rule
+ */
+static int apply_rewrite_rule(request_rec *r, rewriterule_entry *p,
+ char *perdir)
+{
+ char *uri;
+ char *output;
+ const char *vary;
+ char newuri[MAX_STRING_LEN];
+ regex_t *regexp;
+ regmatch_t regmatch[AP_MAX_REG_MATCH];
+ backrefinfo *briRR = NULL;
+ backrefinfo *briRC = NULL;
+ int failed;
+ apr_array_header_t *rewriteconds;
+ rewritecond_entry *conds;
+ rewritecond_entry *c;
+ int i;
+ int rc;
+ int is_proxyreq = 0;
+
+ /*
+ * Initialisation
+ */
+ uri = r->filename;
+ regexp = p->regexp;
+ output = p->output;
+
+ /*
+ * Add (perhaps splitted away) PATH_INFO postfix to URL to
+ * make sure we really match against the complete URL.
+ */
+ if (perdir != NULL && r->path_info != NULL && r->path_info[0] != '\0') {
+ rewritelog(r, 3, "[per-dir %s] add path info postfix: %s -> %s%s",
+ perdir, uri, uri, r->path_info);
+ uri = apr_pstrcat(r->pool, uri, r->path_info, NULL);
+ }
+
+ /*
+ * On per-directory context (.htaccess) strip the location
+ * prefix from the URL to make sure patterns apply only to
+ * the local part. Additionally indicate this special
+ * threatment in the logfile.
+ */
+ if (perdir) {
+ /*
+ * Proxy request?
+ */
+ is_proxyreq = ( r->proxyreq && r->filename
+ && !strncmp(r->filename, "proxy:", 6));
+
+ if ( !is_proxyreq && strlen(uri) >= strlen(perdir)
+ && strncmp(uri, perdir, strlen(perdir)) == 0) {
+ rewritelog(r, 3, "[per-dir %s] strip per-dir prefix: %s -> %s",
+ perdir, uri, uri+strlen(perdir));
+ uri = uri+strlen(perdir);
+ }
+ }
+
+ /*
+ * Try to match the URI against the RewriteRule pattern
+ * and exit immeddiately if it didn't apply.
+ */
+ if (perdir == NULL) {
+ rewritelog(r, 3, "applying pattern '%s' to uri '%s'",
+ p->pattern, uri);
+ }
+ else {
+ rewritelog(r, 3, "[per-dir %s] applying pattern '%s' to uri '%s'",
+ perdir, p->pattern, uri);
+ }
+ rc = (ap_regexec(regexp, uri, AP_MAX_REG_MATCH, regmatch, 0) == 0);
+ if (! (( rc && !(p->flags & RULEFLAG_NOTMATCH)) ||
+ (!rc && (p->flags & RULEFLAG_NOTMATCH)) ) ) {
+ return 0;
+ }
+
+ /*
+ * Else create the RewriteRule `regsubinfo' structure which
+ * holds the substitution information.
+ */
+ briRR = (backrefinfo *)apr_palloc(r->pool, sizeof(backrefinfo));
+ if (!rc && (p->flags & RULEFLAG_NOTMATCH)) {
+ /* empty info on negative patterns */
+ briRR->source = "";
+ briRR->nsub = 0;
+ }
+ else {
+ briRR->source = apr_pstrdup(r->pool, uri);
+ briRR->nsub = regexp->re_nsub;
+ memcpy((void *)(briRR->regmatch), (void *)(regmatch),
+ sizeof(regmatch));
+ }
+
+ /*
+ * Initiallally create the RewriteCond backrefinfo with
+ * empty backrefinfo, i.e. not subst parts
+ * (this one is adjusted inside apply_rewrite_cond() later!!)
+ */
+ briRC = (backrefinfo *)apr_pcalloc(r->pool, sizeof(backrefinfo));
+ briRC->source = "";
+ briRC->nsub = 0;
+
+ /*
+ * Ok, we already know the pattern has matched, but we now
+ * additionally have to check for all existing preconditions
+ * (RewriteCond) which have to be also true. We do this at
+ * this very late stage to avoid unnessesary checks which
+ * would slow down the rewriting engine!!
+ */
+ rewriteconds = p->rewriteconds;
+ conds = (rewritecond_entry *)rewriteconds->elts;
+ failed = 0;
+ for (i = 0; i < rewriteconds->nelts; i++) {
+ c = &conds[i];
+ rc = apply_rewrite_cond(r, c, perdir, briRR, briRC);
+ if (c->flags & CONDFLAG_ORNEXT) {
+ /*
+ * The "OR" case
+ */
+ if (rc == 0) {
+ /* One condition is false, but another can be
+ * still true, so we have to continue...
+ */
+ apr_table_unset(r->notes, VARY_KEY_THIS);
+ continue;
+ }
+ else {
+ /* One true condition is enough in "or" case, so
+ * skip the other conditions which are "ornext"
+ * chained
+ */
+ while ( i < rewriteconds->nelts
+ && c->flags & CONDFLAG_ORNEXT) {
+ i++;
+ c = &conds[i];
+ }
+ continue;
+ }
+ }
+ else {
+ /*
+ * The "AND" case, i.e. no "or" flag,
+ * so a single failure means total failure.
+ */
+ if (rc == 0) {
+ failed = 1;
+ break;
+ }
+ }
+ vary = apr_table_get(r->notes, VARY_KEY_THIS);
+ if (vary != NULL) {
+ apr_table_merge(r->notes, VARY_KEY, vary);
+ apr_table_unset(r->notes, VARY_KEY_THIS);
+ }
+ }
+ /* if any condition fails the complete rule fails */
+ if (failed) {
+ apr_table_unset(r->notes, VARY_KEY);
+ apr_table_unset(r->notes, VARY_KEY_THIS);
+ return 0;
+ }
+
+ /*
+ * Regardless of what we do next, we've found a match. Check to see
+ * if any of the request header fields were involved, and add them
+ * to the Vary field of the response.
+ */
+ if ((vary = apr_table_get(r->notes, VARY_KEY)) != NULL) {
+ apr_table_merge(r->headers_out, "Vary", vary);
+ apr_table_unset(r->notes, VARY_KEY);
+ }
+
+ /*
+ * If this is a pure matching rule (`RewriteRule <pat> -')
+ * we stop processing and return immediately. The only thing
+ * we have not to forget are the environment variables and
+ * cookies:
+ * (`RewriteRule <pat> - [E=...,CO=...]')
+ */
+ if (strcmp(output, "-") == 0) {
+ do_expand_env(r, p->env, briRR, briRC);
+ do_expand_cookie(r, p->cookie, briRR, briRC);
+ if (p->forced_mimetype != NULL) {
+ if (perdir == NULL) {
+ /* In the per-server context we can force the MIME-type
+ * the correct way by notifying our MIME-type hook handler
+ * to do the job when the MIME-type API stage is reached.
+ */
+ rewritelog(r, 2, "remember %s to have MIME-type '%s'",
+ r->filename, p->forced_mimetype);
+ apr_table_setn(r->notes, REWRITE_FORCED_MIMETYPE_NOTEVAR,
+ p->forced_mimetype);
+ }
+ else {
+ /* In per-directory context we operate in the Fixup API hook
+ * which is after the MIME-type hook, so our MIME-type handler
+ * has no chance to set r->content_type. And because we are
+ * in the situation where no substitution takes place no
+ * sub-request will happen (which could solve the
+ * restriction). As a workaround we do it ourself now
+ * immediately although this is not strictly API-conforming.
+ * But it's the only chance we have...
+ */
+ rewritelog(r, 1, "[per-dir %s] force %s to have MIME-type "
+ "'%s'", perdir, r->filename, p->forced_mimetype);
+ ap_set_content_type(r, p->forced_mimetype);
+ }
+ }
+ return 2;
+ }
+
+ /*
+ * Ok, now we finally know all patterns have matched and
+ * that there is something to replace, so we create the
+ * substitution URL string in `newuri'.
+ */
+ do_expand(r, output, newuri, sizeof(newuri), briRR, briRC);
+ if (perdir == NULL) {
+ rewritelog(r, 2, "rewrite %s -> %s", uri, newuri);
+ }
+ else {
+ rewritelog(r, 2, "[per-dir %s] rewrite %s -> %s", perdir, uri, newuri);
+ }
+
+ /*
+ * Additionally do expansion for the environment variable
+ * strings (`RewriteRule .. .. [E=<string>]').
+ */
+ do_expand_env(r, p->env, briRR, briRC);
+
+ /*
+ * Also set cookies for any cookie strings
+ * (`RewriteRule .. .. [CO=<string>]').
+ */
+ do_expand_cookie(r, p->cookie, briRR, briRC);
+
+ /*
+ * Now replace API's knowledge of the current URI:
+ * Replace r->filename with the new URI string and split out
+ * an on-the-fly generated QUERY_STRING part into r->args
+ */
+ r->filename = apr_pstrdup(r->pool, newuri);
+ splitout_queryargs(r, p->flags & RULEFLAG_QSAPPEND);
+
+ /*
+ * Add the previously stripped per-directory location
+ * prefix if the new URI is not a new one for this
+ * location, i.e. if it's not an absolute URL (!) path nor
+ * a fully qualified URL scheme.
+ */
+ if ( perdir && !is_proxyreq && *r->filename != '/'
+ && !is_absolute_uri(r->filename)) {
+ rewritelog(r, 3, "[per-dir %s] add per-dir prefix: %s -> %s%s",
+ perdir, r->filename, perdir, r->filename);
+ r->filename = apr_pstrcat(r->pool, perdir, r->filename, NULL);
+ }
+
+ /*
+ * If this rule is forced for proxy throughput
+ * (`RewriteRule ... ... [P]') then emulate mod_proxy's
+ * URL-to-filename handler to be sure mod_proxy is triggered
+ * for this URL later in the Apache API. But make sure it is
+ * a fully-qualified URL. (If not it is qualified with
+ * ourself).
+ */
+ if (p->flags & RULEFLAG_PROXY) {
+ fully_qualify_uri(r);
+ if (perdir == NULL) {
+ rewritelog(r, 2, "forcing proxy-throughput with %s", r->filename);
+ }
+ else {
+ rewritelog(r, 2, "[per-dir %s] forcing proxy-throughput with %s",
+ perdir, r->filename);
+ }
+ r->filename = apr_pstrcat(r->pool, "proxy:", r->filename, NULL);
+ return 1;
+ }
+
+ /*
+ * If this rule is explicitly forced for HTTP redirection
+ * (`RewriteRule .. .. [R]') then force an external HTTP
+ * redirect. But make sure it is a fully-qualified URL. (If
+ * not it is qualified with ourself).
+ */
+ if (p->flags & RULEFLAG_FORCEREDIRECT) {
+ fully_qualify_uri(r);
+ if (perdir == NULL) {
+ rewritelog(r, 2,
+ "explicitly forcing redirect with %s", r->filename);
+ }
+ else {
+ rewritelog(r, 2,
+ "[per-dir %s] explicitly forcing redirect with %s",
+ perdir, r->filename);
+ }
+ r->status = p->forced_responsecode;
+ return 1;
+ }
+
+ /*
+ * Special Rewriting Feature: Self-Reduction
+ * We reduce the URL by stripping a possible
+ * http[s]://<ourhost>[:<port>] prefix, i.e. a prefix which
+ * corresponds to ourself. This is to simplify rewrite maps
+ * and to avoid recursion, etc. When this prefix is not a
+ * coincidence then the user has to use [R] explicitly (see
+ * above).
+ */
+ reduce_uri(r);
+
+ /*
+ * If this rule is still implicitly forced for HTTP
+ * redirection (`RewriteRule .. <scheme>://...') then
+ * directly force an external HTTP redirect.
+ */
+ if (is_absolute_uri(r->filename)) {
+ if (perdir == NULL) {
+ rewritelog(r, 2,
+ "implicitly forcing redirect (rc=%d) with %s",
+ p->forced_responsecode, r->filename);
+ }
+ else {
+ rewritelog(r, 2, "[per-dir %s] implicitly forcing redirect "
+ "(rc=%d) with %s", perdir, p->forced_responsecode,
+ r->filename);
+ }
+ r->status = p->forced_responsecode;
+ return 1;
+ }
+
+ /*
+ * Finally we had to remember if a MIME-type should be
+ * forced for this URL (`RewriteRule .. .. [T=<type>]')
+ * Later in the API processing phase this is forced by our
+ * MIME API-hook function. This time it's no problem even for
+ * the per-directory context (where the MIME-type hook was
+ * already processed) because a sub-request happens ;-)
+ */
+ if (p->forced_mimetype != NULL) {
+ apr_table_setn(r->notes, REWRITE_FORCED_MIMETYPE_NOTEVAR,
+ p->forced_mimetype);
+ if (perdir == NULL) {
+ rewritelog(r, 2, "remember %s to have MIME-type '%s'",
+ r->filename, p->forced_mimetype);
+ }
+ else {
+ rewritelog(r, 2,
+ "[per-dir %s] remember %s to have MIME-type '%s'",
+ perdir, r->filename, p->forced_mimetype);
+ }
+ }
+
+ /*
+ * Puuhhhhhhhh... WHAT COMPLICATED STUFF ;_)
+ * But now we're done for this particular rule.
+ */
+ return 1;
+}
+
+static int apply_rewrite_cond(request_rec *r, rewritecond_entry *p,
+ char *perdir, backrefinfo *briRR,
+ backrefinfo *briRC)
+{
+ char input[MAX_STRING_LEN];
+ apr_finfo_t sb;
+ request_rec *rsub;
+ regmatch_t regmatch[AP_MAX_REG_MATCH];
+ int rc;
+
+ /*
+ * Construct the string we match against
+ */
+
+ do_expand(r, p->input, input, sizeof(input), briRR, briRC);
+
+ /*
+ * Apply the patterns
+ */
+
+ rc = 0;
+ if (strcmp(p->pattern, "-f") == 0) {
+ if (apr_stat(&sb, input, APR_FINFO_MIN, r->pool) == APR_SUCCESS) {
+ if (sb.filetype == APR_REG) {
+ rc = 1;
+ }
+ }
+ }
+ else if (strcmp(p->pattern, "-s") == 0) {
+ if (apr_stat(&sb, input, APR_FINFO_MIN, r->pool) == APR_SUCCESS) {
+ if ((sb.filetype == APR_REG) && sb.size > 0) {
+ rc = 1;
+ }
+ }
+ }
+ else if (strcmp(p->pattern, "-l") == 0) {
+#if !defined(OS2)
+ if (apr_lstat(&sb, input, APR_FINFO_MIN, r->pool) == APR_SUCCESS) {
+ if (sb.filetype == APR_LNK) {
+ rc = 1;
+ }
+ }
+#endif
+ }
+ else if (strcmp(p->pattern, "-d") == 0) {
+ if (apr_stat(&sb, input, APR_FINFO_MIN, r->pool) == APR_SUCCESS) {
+ if (sb.filetype == APR_DIR) {
+ rc = 1;
+ }
+ }
+ }
+ else if (strcmp(p->pattern, "-U") == 0) {
+ /* avoid infinite subrequest recursion */
+ if (strlen(input) > 0 && subreq_ok(r)) {
+
+ /* run a URI-based subrequest */
+ rsub = ap_sub_req_lookup_uri(input, r, NULL);
+
+ /* URI exists for any result up to 3xx, redirects allowed */
+ if (rsub->status < 400)
+ rc = 1;
+
+ /* log it */
+ rewritelog(r, 5, "RewriteCond URI (-U) check: "
+ "path=%s -> status=%d", input, rsub->status);
+
+ /* cleanup by destroying the subrequest */
+ ap_destroy_sub_req(rsub);
+ }
+ }
+ else if (strcmp(p->pattern, "-F") == 0) {
+ /* avoid infinite subrequest recursion */
+ if (strlen(input) > 0 && subreq_ok(r)) {
+
+ /* process a file-based subrequest:
+ * this differs from -U in that no path translation is done.
+ */
+ rsub = ap_sub_req_lookup_file(input, r, NULL);
+
+ /* file exists for any result up to 2xx, no redirects */
+ if (rsub->status < 300 &&
+ /* double-check that file exists since default result is 200 */
+ apr_stat(&sb, rsub->filename, APR_FINFO_MIN,
+ r->pool) == APR_SUCCESS) {
+ rc = 1;
+ }
+
+ /* log it */
+ rewritelog(r, 5, "RewriteCond file (-F) check: path=%s "
+ "-> file=%s status=%d", input, rsub->filename,
+ rsub->status);
+
+ /* cleanup by destroying the subrequest */
+ ap_destroy_sub_req(rsub);
+ }
+ }
+ else if (strlen(p->pattern) > 1 && *(p->pattern) == '>') {
+ rc = (compare_lexicography(input, p->pattern+1) == 1 ? 1 : 0);
+ }
+ else if (strlen(p->pattern) > 1 && *(p->pattern) == '<') {
+ rc = (compare_lexicography(input, p->pattern+1) == -1 ? 1 : 0);
+ }
+ else if (strlen(p->pattern) > 1 && *(p->pattern) == '=') {
+ if (strcmp(p->pattern+1, "\"\"") == 0) {
+ rc = (*input == '\0');
+ }
+ else {
+ rc = (strcmp(input, p->pattern+1) == 0 ? 1 : 0);
+ }
+ }
+ else {
+ /* it is really a regexp pattern, so apply it */
+ rc = (ap_regexec(p->regexp, input, AP_MAX_REG_MATCH, regmatch,0) == 0);
+
+ /* if it isn't a negated pattern and really matched
+ we update the passed-through regex subst info structure */
+ if (rc && !(p->flags & CONDFLAG_NOTMATCH)) {
+ briRC->source = apr_pstrdup(r->pool, input);
+ briRC->nsub = p->regexp->re_nsub;
+ memcpy((void *)(briRC->regmatch), (void *)(regmatch),
+ sizeof(regmatch));
+ }
+ }
+
+ /* if this is a non-matching regexp, just negate the result */
+ if (p->flags & CONDFLAG_NOTMATCH) {
+ rc = !rc;
+ }
+
+ rewritelog(r, 4, "RewriteCond: input='%s' pattern='%s%s' => %s",
+ input, (p->flags & CONDFLAG_NOTMATCH ? "!" : ""),
+ p->pattern, rc ? "matched" : "not-matched");
+
+ /* end just return the result */
+ return rc;
+}
+
+
+/*
+** +-------------------------------------------------------+
+** | |
+** | URL transformation functions
+** | |
+** +-------------------------------------------------------+
+*/
+
+
+/*
+**
+** perform all the expansions on the input string
+** leaving the result in the supplied buffer
+**
+*/
+
+static void do_expand(request_rec *r, char *input, char *buffer, int nbuf,
+ backrefinfo *briRR, backrefinfo *briRC)
+{
+ char *inp, *outp;
+ apr_size_t span, space;
+
+ /*
+ * for security reasons this expansion must be performed in a
+ * single pass, otherwise an attacker can arrange for the result
+ * of an earlier expansion to include expansion specifiers that
+ * are interpreted by a later expansion, producing results that
+ * were not intended by the administrator.
+ */
+
+ inp = input;
+ outp = buffer;
+ space = nbuf - 1; /* room for '\0' */
+
+ for (;;) {
+ span = strcspn(inp, "\\$%");
+ if (span > space) {
+ span = space;
+ }
+ memcpy(outp, inp, span);
+ inp += span;
+ outp += span;
+ space -= span;
+ if (space == 0 || *inp == '\0') {
+ break;
+ }
+ /* now we have a '\', '$', or '%' */
+ if (inp[0] == '\\') {
+ if (inp[1] != '\0') {
+ inp++;
+ goto skip;
+ }
+ }
+ else if (inp[1] == '{') {
+ char *endp;
+ endp = find_closing_bracket(inp+2, '{', '}');
+ if (endp == NULL) {
+ goto skip;
+ }
+ /*
+ * These lookups may be recursive in a very convoluted
+ * fashion -- see the LA-U and LA-F variable expansion
+ * prefixes -- so we copy lookup keys to a separate buffer
+ * rather than adding zero bytes in order to use them in
+ * place.
+ */
+ if (inp[0] == '$') {
+ /* ${...} map lookup expansion */
+ /*
+ * To make rewrite maps useful the lookup key and
+ * default values must be expanded, so we make
+ * recursive calls to do the work. For security
+ * reasons we must never expand a string that includes
+ * verbatim data from the network. The recursion here
+ * isn't a problem because the result of expansion is
+ * only passed to lookup_map() so it cannot be
+ * re-expanded, only re-looked-up. Another way of
+ * looking at it is that the recursion is entirely
+ * driven by the syntax of the nested curly brackets.
+ */
+ char *map, *key, *dflt, *result;
+ char xkey[MAX_STRING_LEN];
+ char xdflt[MAX_STRING_LEN];
+ key = find_char_in_brackets(inp+2, ':', '{', '}');
+ if (key == NULL) {
+ goto skip;
+ }
+ map = apr_pstrndup(r->pool, inp+2, key-inp-2);
+ dflt = find_char_in_brackets(key+1, '|', '{', '}');
+ if (dflt == NULL) {
+ key = apr_pstrndup(r->pool, key+1, endp-key-1);
+ dflt = "";
+ }
+ else {
+ key = apr_pstrndup(r->pool, key+1, dflt-key-1);
+ dflt = apr_pstrndup(r->pool, dflt+1, endp-dflt-1);
+ }
+ do_expand(r, key, xkey, sizeof(xkey), briRR, briRC);
+ result = lookup_map(r, map, xkey);
+ if (result) {
+ span = apr_cpystrn(outp, result, space) - outp;
+ }
+ else {
+ do_expand(r, dflt, xdflt, sizeof(xdflt), briRR, briRC);
+ span = apr_cpystrn(outp, xdflt, space) - outp;
+ }
+ }
+ else if (inp[0] == '%') {
+ /* %{...} variable lookup expansion */
+ char *var;
+ var = apr_pstrndup(r->pool, inp+2, endp-inp-2);
+ span = apr_cpystrn(outp, lookup_variable(r, var), space) - outp;
+ }
+ else {
+ span = 0;
+ }
+ inp = endp+1;
+ outp += span;
+ space -= span;
+ continue;
+ }
+ else if (apr_isdigit(inp[1])) {
+ int n = inp[1] - '0';
+ backrefinfo *bri = NULL;
+ if (inp[0] == '$') {
+ /* $N RewriteRule regexp backref expansion */
+ bri = briRR;
+ }
+ else if (inp[0] == '%') {
+ /* %N RewriteCond regexp backref expansion */
+ bri = briRC;
+ }
+ /* see ap_pregsub() in src/main/util.c */
+ if (bri && n < AP_MAX_REG_MATCH
+ && bri->regmatch[n].rm_eo > bri->regmatch[n].rm_so) {
+ span = bri->regmatch[n].rm_eo - bri->regmatch[n].rm_so;
+ if (span > space) {
+ span = space;
+ }
+ memcpy(outp, bri->source + bri->regmatch[n].rm_so, span);
+ outp += span;
+ space -= span;
+ }
+ inp += 2;
+ continue;
+ }
+ skip:
+ *outp++ = *inp++;
+ space--;
+ }
+ *outp++ = '\0';
+}
+
+
+/*
+**
+** perform all the expansions on the environment variables
+**
+*/
+
+static void do_expand_env(request_rec *r, char *env[],
+ backrefinfo *briRR, backrefinfo *briRC)
+{
+ int i;
+ char buf[MAX_STRING_LEN];
+
+ for (i = 0; env[i] != NULL; i++) {
+ do_expand(r, env[i], buf, sizeof(buf), briRR, briRC);
+ add_env_variable(r, buf);
+ }
+}
+
+static void do_expand_cookie( request_rec *r, char *cookie[],
+ backrefinfo *briRR, backrefinfo *briRC)
+{
+ int i;
+ char buf[MAX_STRING_LEN];
+
+ for (i = 0; cookie[i] != NULL; i++) {
+ do_expand(r, cookie[i], buf, sizeof(buf), briRR, briRC);
+ add_cookie(r, buf);
+ }
+}
+
+
+/*
+**
+** split out a QUERY_STRING part from
+** the current URI string
+**
+*/
+
+static void splitout_queryargs(request_rec *r, int qsappend)
+{
+ char *q;
+ char *olduri;
+
+ /* don't touch, unless it's an http or mailto URL.
+ * See RFC 1738 and RFC 2368.
+ */
+ if ( is_absolute_uri(r->filename)
+ && strncasecmp(r->filename, "http", 4)
+ && strncasecmp(r->filename, "mailto", 6)) {
+ r->args = NULL; /* forget the query that's still flying around */
+ return;
+ }
+
+ q = strchr(r->filename, '?');
+ if (q != NULL) {
+ olduri = apr_pstrdup(r->pool, r->filename);
+ *q++ = '\0';
+ if (qsappend) {
+ r->args = apr_pstrcat(r->pool, q, "&", r->args, NULL);
+ }
+ else {
+ r->args = apr_pstrdup(r->pool, q);
+ }
+ if (strlen(r->args) == 0) {
+ r->args = NULL;
+ rewritelog(r, 3, "split uri=%s -> uri=%s, args=<none>", olduri,
+ r->filename);
+ }
+ else {
+ if (r->args[strlen(r->args)-1] == '&') {
+ r->args[strlen(r->args)-1] = '\0';
+ }
+ rewritelog(r, 3, "split uri=%s -> uri=%s, args=%s", olduri,
+ r->filename, r->args);
+ }
+ }
+
+ return;
+}
+
+
+/*
+**
+** strip 'http[s]://ourhost/' from URI
+**
+*/
+
+static void reduce_uri(request_rec *r)
+{
+ char *cp;
+ unsigned short port;
+ char *portp;
+ char *hostp;
+ char *url;
+ char c;
+ char host[LONG_STRING_LEN];
+ char buf[MAX_STRING_LEN];
+ char *olduri;
+ apr_size_t l;
+
+ cp = (char *)ap_http_method(r);
+ l = strlen(cp);
+ if ( strlen(r->filename) > l+3
+ && strncasecmp(r->filename, cp, l) == 0
+ && r->filename[l] == ':'
+ && r->filename[l+1] == '/'
+ && r->filename[l+2] == '/' ) {
+ /* there was really a rewrite to a remote path */
+
+ olduri = apr_pstrdup(r->pool, r->filename); /* save for logging */
+
+ /* cut the hostname and port out of the URI */
+ apr_cpystrn(buf, r->filename+(l+3), sizeof(buf));
+ hostp = buf;
+ for (cp = hostp; *cp != '\0' && *cp != '/' && *cp != ':'; cp++)
+ ;
+ if (*cp == ':') {
+ /* set host */
+ *cp++ = '\0';
+ apr_cpystrn(host, hostp, sizeof(host));
+ /* set port */
+ portp = cp;
+ for (; *cp != '\0' && *cp != '/'; cp++)
+ ;
+ c = *cp;
+ *cp = '\0';
+ port = atoi(portp);
+ *cp = c;
+ /* set remaining url */
+ url = cp;
+ }
+ else if (*cp == '/') {
+ /* set host */
+ *cp = '\0';
+ apr_cpystrn(host, hostp, sizeof(host));
+ *cp = '/';
+ /* set port */
+ port = ap_default_port(r);
+ /* set remaining url */
+ url = cp;
+ }
+ else {
+ /* set host */
+ apr_cpystrn(host, hostp, sizeof(host));
+ /* set port */
+ port = ap_default_port(r);
+ /* set remaining url */
+ url = "/";
+ }
+
+ /* now check whether we could reduce it to a local path... */
+ if (ap_matches_request_vhost(r, host, port)) {
+ /* this is our host, so only the URL remains */
+ r->filename = apr_pstrdup(r->pool, url);
+ rewritelog(r, 3, "reduce %s -> %s", olduri, r->filename);
+ }
+ }
+ return;
+}
+
+
+/*
+**
+** add 'http[s]://ourhost[:ourport]/' to URI
+** if URI is still not fully qualified
+**
+*/
+
+static void fully_qualify_uri(request_rec *r)
+{
+ char buf[32];
+ const char *thisserver;
+ char *thisport;
+ int port;
+
+ if (!is_absolute_uri(r->filename)) {
+
+ thisserver = ap_get_server_name(r);
+ port = ap_get_server_port(r);
+ if (ap_is_default_port(port,r)) {
+ thisport = "";
+ }
+ else {
+ apr_snprintf(buf, sizeof(buf), ":%u", port);
+ thisport = buf;
+ }
+
+ if (r->filename[0] == '/') {
+ r->filename = apr_psprintf(r->pool, "%s://%s%s%s",
+ ap_http_method(r), thisserver,
+ thisport, r->filename);
+ }
+ else {
+ r->filename = apr_psprintf(r->pool, "%s://%s%s/%s",
+ ap_http_method(r), thisserver,
+ thisport, r->filename);
+ }
+ }
+ return;
+}
+
+
+/* return number of chars of the scheme (incl. '://')
+ * if the URI is absolute (includes a scheme etc.)
+ * otherwise 0.
+ *
+ * NOTE: If you add new schemes here, please have a
+ * look at escape_absolute_uri and splitout_queryargs.
+ * Not every scheme takes query strings and some schemes
+ * may be handled in a special way.
+ *
+ * XXX: we should consider a scheme registry, perhaps with
+ * appropriate escape callbacks to allow other modules
+ * to extend mod_rewrite at runtime.
+ */
+static unsigned is_absolute_uri(char *uri)
+{
+ /* fast exit */
+ if (*uri == '/' || strlen(uri) <= 5) {
+ return 0;
+ }
+
+ switch (*uri++) {
+ case 'f':
+ case 'F':
+ if (!strncasecmp(uri, "tp://", 5)) { /* ftp:// */
+ return 6;
+ }
+ break;
+
+ case 'g':
+ case 'G':
+ if (!strncasecmp(uri, "opher://", 8)) { /* gopher:// */
+ return 9;
+ }
+ break;
+
+ case 'h':
+ case 'H':
+ if (!strncasecmp(uri, "ttp://", 6)) { /* http:// */
+ return 7;
+ }
+ else if (!strncasecmp(uri, "ttps://", 7)) { /* https:// */
+ return 8;
+ }
+ break;
+
+ case 'l':
+ case 'L':
+ if (!strncasecmp(uri, "dap://", 6)) { /* ldap:// */
+ return 7;
+ }
+ break;
+
+ case 'm':
+ case 'M':
+ if (!strncasecmp(uri, "ailto:", 6)) { /* mailto: */
+ return 7;
+ }
+ break;
+
+ case 'n':
+ case 'N':
+ if (!strncasecmp(uri, "ews:", 4)) { /* news: */
+ return 5;
+ }
+ else if (!strncasecmp(uri, "ntp://", 6)) { /* nntp:// */
+ return 7;
+ }
+ break;
+ }
+
+ return 0;
+}
+
+
+/* escape absolute uri, which may or may not be path oriented.
+ * So let's handle them differently.
+ */
+static char *escape_absolute_uri(apr_pool_t *p, char *uri, unsigned scheme)
+{
+ char *cp;
+
+ /* be safe.
+ * NULL should indicate elsewhere, that something's wrong
+ */
+ if (!scheme || strlen(uri) < scheme) {
+ return NULL;
+ }
+
+ cp = uri + scheme;
+
+ /* scheme with authority part? */
+ if (cp[-1] == '/') {
+ /* skip host part */
+ while (*cp && *cp != '/') {
+ ++cp;
+ }
+
+ /* nothing after the hostpart. ready! */
+ if (!*cp || !*++cp) {
+ return apr_pstrdup(p, uri);
+ }
+
+ /* remember the hostname stuff */
+ scheme = cp - uri;
+
+ /* special thing for ldap.
+ * The parts are separated by question marks. From RFC 2255:
+ * ldapurl = scheme "://" [hostport] ["/"
+ * [dn ["?" [attributes] ["?" [scope]
+ * ["?" [filter] ["?" extensions]]]]]]
+ */
+ if (!strncasecmp(uri, "ldap", 4)) {
+ char *token[5];
+ int c = 0;
+
+ token[0] = cp = apr_pstrdup(p, cp);
+ while (*cp && c < 4) {
+ if (*cp == '?') {
+ token[++c] = cp + 1;
+ *cp = '\0';
+ }
+ ++cp;
+ }
+
+ return apr_pstrcat(p, apr_pstrndup(p, uri, scheme),
+ ap_escape_uri(p, token[0]),
+ (c >= 1) ? "?" : NULL,
+ (c >= 1) ? ap_escape_uri(p, token[1]) : NULL,
+ (c >= 2) ? "?" : NULL,
+ (c >= 2) ? ap_escape_uri(p, token[2]) : NULL,
+ (c >= 3) ? "?" : NULL,
+ (c >= 3) ? ap_escape_uri(p, token[3]) : NULL,
+ (c >= 4) ? "?" : NULL,
+ (c >= 4) ? ap_escape_uri(p, token[4]) : NULL,
+ NULL);
+ }
+ }
+
+ /* Nothing special here. Apply normal escaping. */
+ return apr_pstrcat(p, apr_pstrndup(p, uri, scheme),
+ ap_escape_uri(p, cp), NULL);
+}
+
+
+/*
+**
+** Expand tilde-paths (/~user) through Unix /etc/passwd
+** database information (or other OS-specific database)
+**
+*/
+#if APR_HAS_USER
+static char *expand_tildepaths(request_rec *r, char *uri)
+{
+ char user[LONG_STRING_LEN];
+ char *newuri;
+ int i, j;
+ char *homedir;
+
+ newuri = uri;
+ if (uri != NULL && strlen(uri) > 2 && uri[0] == '/' && uri[1] == '~') {
+ /* cut out the username */
+ for (j = 0, i = 2; j < sizeof(user)-1
+ && uri[i] != '\0'
+ && uri[i] != '/' ; ) {
+ user[j++] = uri[i++];
+ }
+ user[j] = '\0';
+
+ /* lookup username in systems passwd file */
+ if (apr_get_home_directory(&homedir, user, r->pool) == APR_SUCCESS) {
+ /* ok, user was found, so expand the ~user string */
+ if (uri[i] != '\0') {
+ /* ~user/anything... has to be expanded */
+ if (homedir[strlen(homedir)-1] == '/') {
+ homedir[strlen(homedir)-1] = '\0';
+ }
+ newuri = apr_pstrcat(r->pool, homedir, uri+i, NULL);
+ }
+ else {
+ /* only ~user has to be expanded */
+ newuri = homedir;
+ }
+ }
+ }
+ return newuri;
+}
+#endif /* if APR_HAS_USER */
+
+
+
+/*
+** +-------------------------------------------------------+
+** | |
+** | DBM hashfile support
+** | |
+** +-------------------------------------------------------+
+*/
+
+
+static char *lookup_map(request_rec *r, char *name, char *key)
+{
+ rewrite_server_conf *conf;
+ apr_array_header_t *rewritemaps;
+ rewritemap_entry *entries;
+ rewritemap_entry *s;
+ char *value;
+ apr_finfo_t st;
+ apr_status_t rv;
+ int i;
+
+ /* get map configuration */
+ conf = ap_get_module_config(r->server->module_config, &rewrite_module);
+ rewritemaps = conf->rewritemaps;
+
+ entries = (rewritemap_entry *)rewritemaps->elts;
+ for (i = 0; i < rewritemaps->nelts; i++) {
+ s = &entries[i];
+ if (strcmp(s->name, name) == 0) {
+ if (s->type == MAPTYPE_TXT) {
+ if ((rv = apr_stat(&st, s->checkfile,
+ APR_FINFO_MIN, r->pool)) != APR_SUCCESS) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+ "mod_rewrite: can't access text RewriteMap "
+ "file %s", s->checkfile);
+ rewritelog(r, 1, "can't open RewriteMap file, "
+ "see error log");
+ return NULL;
+ }
+ value = get_cache_string(cachep, s->cachename, CACHEMODE_TS,
+ st.mtime, key);
+ if (value == NULL) {
+ rewritelog(r, 6, "cache lookup FAILED, forcing new "
+ "map lookup");
+ if ((value =
+ lookup_map_txtfile(r, s->datafile, key)) != NULL) {
+ rewritelog(r, 5, "map lookup OK: map=%s key=%s[txt] "
+ "-> val=%s", s->name, key, value);
+ set_cache_string(cachep, s->cachename, CACHEMODE_TS,
+ st.mtime, key, value);
+ return value;
+ }
+ else {
+ rewritelog(r, 5, "map lookup FAILED: map=%s[txt] "
+ "key=%s", s->name, key);
+ set_cache_string(cachep, s->cachename, CACHEMODE_TS,
+ st.mtime, key, "");
+ return NULL;
+ }
+ }
+ else {
+ rewritelog(r, 5, "cache lookup OK: map=%s[txt] key=%s "
+ "-> val=%s", s->name, key, value);
+ return value[0] != '\0' ? value : NULL;
+ }
+ }
+ else if (s->type == MAPTYPE_DBM) {
+ if ((rv = apr_stat(&st, s->checkfile,
+ APR_FINFO_MIN, r->pool)) != APR_SUCCESS) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+ "mod_rewrite: can't access DBM RewriteMap "
+ "file %s", s->checkfile);
+ rewritelog(r, 1, "can't open DBM RewriteMap file, "
+ "see error log");
+ return NULL;
+ }
+ value = get_cache_string(cachep, s->cachename, CACHEMODE_TS,
+ st.mtime, key);
+ if (value == NULL) {
+ rewritelog(r, 6,
+ "cache lookup FAILED, forcing new map lookup");
+ if ((value =
+ lookup_map_dbmfile(r, s->datafile, s->dbmtype, key)) != NULL) {
+ rewritelog(r, 5, "map lookup OK: map=%s[dbm] key=%s "
+ "-> val=%s", s->name, key, value);
+ set_cache_string(cachep, s->cachename, CACHEMODE_TS,
+ st.mtime, key, value);
+ return value;
+ }
+ else {
+ rewritelog(r, 5, "map lookup FAILED: map=%s[dbm] "
+ "key=%s", s->name, key);
+ set_cache_string(cachep, s->cachename, CACHEMODE_TS,
+ st.mtime, key, "");
+ return NULL;
+ }
+ }
+ else {
+ rewritelog(r, 5, "cache lookup OK: map=%s[dbm] key=%s "
+ "-> val=%s", s->name, key, value);
+ return value[0] != '\0' ? value : NULL;
+ }
+ }
+ else if (s->type == MAPTYPE_PRG) {
+ if ((value =
+ lookup_map_program(r, s->fpin, s->fpout, key)) != NULL) {
+ rewritelog(r, 5, "map lookup OK: map=%s key=%s -> val=%s",
+ s->name, key, value);
+ return value;
+ }
+ else {
+ rewritelog(r, 5, "map lookup FAILED: map=%s key=%s",
+ s->name, key);
+ }
+ }
+ else if (s->type == MAPTYPE_INT) {
+ if ((value = s->func(r, key)) != NULL) {
+ rewritelog(r, 5, "map lookup OK: map=%s key=%s -> val=%s",
+ s->name, key, value);
+ return value;
+ }
+ else {
+ rewritelog(r, 5, "map lookup FAILED: map=%s key=%s",
+ s->name, key);
+ }
+ }
+ else if (s->type == MAPTYPE_RND) {
+ if ((rv = apr_stat(&st, s->checkfile,
+ APR_FINFO_MIN, r->pool)) != APR_SUCCESS) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+ "mod_rewrite: can't access text RewriteMap "
+ "file %s", s->checkfile);
+ rewritelog(r, 1, "can't open RewriteMap file, "
+ "see error log");
+ return NULL;
+ }
+ value = get_cache_string(cachep, s->cachename, CACHEMODE_TS,
+ st.mtime, key);
+ if (value == NULL) {
+ rewritelog(r, 6, "cache lookup FAILED, forcing new "
+ "map lookup");
+ if ((value =
+ lookup_map_txtfile(r, s->datafile, key)) != NULL) {
+ rewritelog(r, 5, "map lookup OK: map=%s key=%s[txt] "
+ "-> val=%s", s->name, key, value);
+ set_cache_string(cachep, s->cachename, CACHEMODE_TS,
+ st.mtime, key, value);
+ }
+ else {
+ rewritelog(r, 5, "map lookup FAILED: map=%s[txt] "
+ "key=%s", s->name, key);
+ set_cache_string(cachep, s->cachename, CACHEMODE_TS,
+ st.mtime, key, "");
+ return NULL;
+ }
+ }
+ else {
+ rewritelog(r, 5, "cache lookup OK: map=%s[txt] key=%s "
+ "-> val=%s", s->name, key, value);
+ }
+ if (value[0] != '\0') {
+ value = select_random_value_part(r, value);
+ rewritelog(r, 5, "randomly choosen the subvalue `%s'",
+ value);
+ }
+ else {
+ value = NULL;
+ }
+ return value;
+ }
+ }
+ }
+ return NULL;
+}
+
+static char *lookup_map_txtfile(request_rec *r, const char *file, char *key)
+{
+ apr_file_t *fp = NULL;
+ apr_status_t rc;
+ char line[1024];
+ char *value = NULL;
+ char *cpT;
+ apr_size_t skip;
+ char *curkey;
+ char *curval;
+
+ rc = apr_file_open(&fp, file, APR_READ|APR_BUFFERED, APR_OS_DEFAULT, r->pool);
+ if (rc != APR_SUCCESS) {
+ return NULL;
+ }
+
+ while (apr_file_gets(line, sizeof(line), fp) == APR_SUCCESS) {
+ if (line[0] == '#') {
+ continue; /* ignore comments */
+ }
+ cpT = line;
+ curkey = cpT;
+ skip = strcspn(cpT," \t\r\n");
+ if (skip == 0) {
+ continue; /* ignore lines that start with a space, tab, CR, or LF */
+ }
+ cpT += skip;
+ *cpT = '\0';
+ if (strcmp(curkey, key) != 0) {
+ continue; /* key does not match... */
+ }
+
+ /* found a matching key; now extract and return the value */
+ ++cpT;
+ skip = strspn(cpT, " \t\r\n");
+ cpT += skip;
+ curval = cpT;
+ skip = strcspn(cpT, " \t\r\n");
+ if (skip == 0) {
+ continue; /* no value... */
+ }
+ cpT += skip;
+ *cpT = '\0';
+ value = apr_pstrdup(r->pool, curval);
+ break;
+ }
+ apr_file_close(fp);
+ return value;
+}
+
+static char *lookup_map_dbmfile(request_rec *r, const char *file,
+ const char *dbmtype, char *key)
+{
+ apr_dbm_t *dbmfp = NULL;
+ apr_datum_t dbmkey;
+ apr_datum_t dbmval;
+ char *value;
+
+ if (apr_dbm_open_ex(&dbmfp, dbmtype, file, APR_DBM_READONLY, APR_OS_DEFAULT,
+ r->pool) != APR_SUCCESS) {
+ return NULL;
+ }
+
+ dbmkey.dptr = key;
+ dbmkey.dsize = strlen(key);
+
+ if (apr_dbm_fetch(dbmfp, dbmkey, &dbmval) == APR_SUCCESS && dbmval.dptr) {
+ value = apr_pstrmemdup(r->pool, dbmval.dptr, dbmval.dsize);
+ }
+ else {
+ value = NULL;
+ }
+
+ apr_dbm_close(dbmfp);
+
+ return value;
+}
+
+static char *lookup_map_program(request_rec *r, apr_file_t *fpin,
+ apr_file_t *fpout, char *key)
+{
+ char buf[LONG_STRING_LEN];
+ char c;
+ int i;
+ apr_size_t nbytes;
+ apr_status_t rv;
+
+#ifndef NO_WRITEV
+ struct iovec iova[2];
+ apr_size_t niov;
+#endif
+
+ /* when `RewriteEngine off' was used in the per-server
+ * context then the rewritemap-programs were not spawned.
+ * In this case using such a map (usually in per-dir context)
+ * is useless because it is not available.
+ *
+ * newlines in the key leave bytes in the pipe and cause
+ * bad things to happen (next map lookup will use the chars
+ * after the \n instead of the new key etc etc - in other words,
+ * the Rewritemap falls out of sync with the requests).
+ */
+ if (fpin == NULL || fpout == NULL || ap_strchr(key, '\n')) {
+ return NULL;
+ }
+
+ /* take the lock */
+
+ if (rewrite_mapr_lock_acquire) {
+ rv = apr_global_mutex_lock(rewrite_mapr_lock_acquire);
+ if (rv != APR_SUCCESS) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+ "apr_global_mutex_lock(rewrite_mapr_lock_acquire) "
+ "failed");
+ return NULL; /* Maybe this should be fatal? */
+ }
+ }
+
+ /* write out the request key */
+#ifdef NO_WRITEV
+ nbytes = strlen(key);
+ apr_file_write(fpin, key, &nbytes);
+ nbytes = 1;
+ apr_file_write(fpin, "\n", &nbytes);
+#else
+ iova[0].iov_base = key;
+ iova[0].iov_len = strlen(key);
+ iova[1].iov_base = "\n";
+ iova[1].iov_len = 1;
+
+ niov = 2;
+ apr_file_writev(fpin, iova, niov, &nbytes);
+#endif
+
+ /* read in the response value */
+ i = 0;
+ nbytes = 1;
+ apr_file_read(fpout, &c, &nbytes);
+ while (nbytes == 1 && (i < LONG_STRING_LEN-1)) {
+ if (c == '\n') {
+ break;
+ }
+ buf[i++] = c;
+
+ apr_file_read(fpout, &c, &nbytes);
+ }
+ buf[i] = '\0';
+
+ /* give the lock back */
+ if (rewrite_mapr_lock_acquire) {
+ rv = apr_global_mutex_unlock(rewrite_mapr_lock_acquire);
+ if (rv != APR_SUCCESS) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+ "apr_global_mutex_unlock(rewrite_mapr_lock_acquire) "
+ "failed");
+ return NULL; /* Maybe this should be fatal? */
+ }
+ }
+
+ if (strcasecmp(buf, "NULL") == 0) {
+ return NULL;
+ }
+ else {
+ return apr_pstrdup(r->pool, buf);
+ }
+}
+
+static void ap_register_rewrite_mapfunc(char *name, rewrite_mapfunc_t *func)
+{
+ apr_hash_set(mapfunc_hash, name, strlen(name), (const void *)func);
+}
+
+static char *rewrite_mapfunc_toupper(request_rec *r, char *key)
+{
+ char *value, *cp;
+
+ for (cp = value = apr_pstrdup(r->pool, key); cp != NULL && *cp != '\0';
+ cp++) {
+ *cp = apr_toupper(*cp);
+ }
+ return value;
+}
+
+static char *rewrite_mapfunc_tolower(request_rec *r, char *key)
+{
+ char *value, *cp;
+
+ for (cp = value = apr_pstrdup(r->pool, key); cp != NULL && *cp != '\0';
+ cp++) {
+ *cp = apr_tolower(*cp);
+ }
+ return value;
+}
+
+static char *rewrite_mapfunc_escape(request_rec *r, char *key)
+{
+ char *value;
+
+ value = ap_escape_uri(r->pool, key);
+ return value;
+}
+
+static char *rewrite_mapfunc_unescape(request_rec *r, char *key)
+{
+ char *value;
+
+ value = apr_pstrdup(r->pool, key);
+ ap_unescape_url(value);
+ return value;
+}
+
+static int rewrite_rand_init_done = 0;
+
+static void rewrite_rand_init(void)
+{
+ if (!rewrite_rand_init_done) {
+ srand((unsigned)(getpid()));
+ rewrite_rand_init_done = 1;
+ }
+ return;
+}
+
+static int rewrite_rand(int l, int h)
+{
+ rewrite_rand_init();
+
+ /* Get [0,1) and then scale to the appropriate range. Note that using
+ * a floating point value ensures that we use all bits of the rand()
+ * result. Doing an integer modulus would only use the lower-order bits
+ * which may not be as uniformly random.
+ */
+ return (int)(((double)(rand() % RAND_MAX) / RAND_MAX) * (h - l + 1) + l);
+}
+
+static char *select_random_value_part(request_rec *r, char *value)
+{
+ char *buf;
+ int n, i, k;
+
+ /* count number of distinct values */
+ for (n = 1, i = 0; value[i] != '\0'; i++) {
+ if (value[i] == '|') {
+ n++;
+ }
+ }
+
+ /* when only one value we have no option to choose */
+ if (n == 1) {
+ return value;
+ }
+
+ /* else randomly select one */
+ k = rewrite_rand(1, n);
+
+ /* and grep it out */
+ for (n = 1, i = 0; value[i] != '\0'; i++) {
+ if (n == k) {
+ break;
+ }
+ if (value[i] == '|') {
+ n++;
+ }
+ }
+ buf = apr_pstrdup(r->pool, &value[i]);
+ for (i = 0; buf[i] != '\0' && buf[i] != '|'; i++)
+ ;
+ buf[i] = '\0';
+ return buf;
+}
+
+
+/*
+** +-------------------------------------------------------+
+** | |
+** | rewriting logfile support
+** | |
+** +-------------------------------------------------------+
+*/
+
+
+static int open_rewritelog(server_rec *s, apr_pool_t *p)
+{
+ rewrite_server_conf *conf;
+ const char *fname;
+ apr_status_t rc;
+ piped_log *pl;
+ int rewritelog_flags = ( APR_WRITE | APR_APPEND | APR_CREATE );
+ apr_fileperms_t rewritelog_mode = ( APR_UREAD | APR_UWRITE |
+ APR_GREAD | APR_WREAD );
+
+ conf = ap_get_module_config(s->module_config, &rewrite_module);
+
+ /* - no logfile configured
+ * - logfilename empty
+ * - virtual log shared w/ main server
+ */
+ if (!conf->rewritelogfile || !*conf->rewritelogfile || conf->rewritelogfp) {
+ return 1;
+ }
+
+ if (*conf->rewritelogfile == '|') {
+ if ((pl = ap_open_piped_log(p, conf->rewritelogfile+1)) == NULL) {
+ ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+ "mod_rewrite: could not open reliable pipe "
+ "to RewriteLog filter %s", conf->rewritelogfile+1);
+ return 0;
+ }
+ conf->rewritelogfp = ap_piped_log_write_fd(pl);
+ }
+ else if (*conf->rewritelogfile != '\0') {
+ fname = ap_server_root_relative(p, conf->rewritelogfile);
+ if (!fname) {
+ ap_log_error(APLOG_MARK, APLOG_ERR, APR_EBADPATH, s,
+ "mod_rewrite: Invalid RewriteLog "
+ "path %s", conf->rewritelogfile);
+ return 0;
+ }
+ if ((rc = apr_file_open(&conf->rewritelogfp, fname,
+ rewritelog_flags, rewritelog_mode, p))
+ != APR_SUCCESS) {
+ ap_log_error(APLOG_MARK, APLOG_ERR, rc, s,
+ "mod_rewrite: could not open RewriteLog "
+ "file %s", fname);
+ return 0;
+ }
+ }
+
+ return 1;
+}
+
+static void rewritelog(request_rec *r, int level, const char *text, ...)
+{
+ rewrite_server_conf *conf;
+ conn_rec *conn;
+ char *str1;
+ char str2[512];
+ char str3[1024];
+ const char *type;
+ char redir[20]; /* enough for "/redir#%d" if int is 32 bit */
+ va_list ap;
+ int i;
+ apr_size_t nbytes;
+ request_rec *req;
+ char *ruser;
+ const char *rhost;
+ apr_status_t rv;
+
+ va_start(ap, text);
+ conf = ap_get_module_config(r->server->module_config, &rewrite_module);
+ conn = r->connection;
+
+ if (conf->rewritelogfp == NULL) {
+ return;
+ }
+ if (conf->rewritelogfile == NULL) {
+ return;
+ }
+ if (*(conf->rewritelogfile) == '\0') {
+ return;
+ }
+
+ if (level > conf->rewriteloglevel) {
+ return;
+ }
+
+ if (r->user == NULL) {
+ ruser = "-";
+ }
+ else if (strlen(r->user) != 0) {
+ ruser = r->user;
+ }
+ else {
+ ruser = "\"\"";
+ }
+
+ rhost = ap_get_remote_host(conn, r->per_dir_config,
+ REMOTE_NOLOOKUP, NULL);
+ if (rhost == NULL) {
+ rhost = "UNKNOWN-HOST";
+ }
+
+ str1 = apr_pstrcat(r->pool, rhost, " ",
+ (conn->remote_logname != NULL ?
+ conn->remote_logname : "-"), " ",
+ ruser, NULL);
+ apr_vsnprintf(str2, sizeof(str2), text, ap);
+
+ if (r->main == NULL) {
+ type = "initial";
+ }
+ else {
+ type = "subreq";
+ }
+
+ for (i = 0, req = r; req->prev != NULL; req = req->prev) {
+ i++;
+ }
+ if (i == 0) {
+ redir[0] = '\0';
+ }
+ else {
+ apr_snprintf(redir, sizeof(redir), "/redir#%d", i);
+ }
+
+ apr_snprintf(str3, sizeof(str3),
+ "%s %s [%s/sid#%lx][rid#%lx/%s%s] (%d) %s" APR_EOL_STR, str1,
+ current_logtime(r), ap_get_server_name(r),
+ (unsigned long)(r->server), (unsigned long)r,
+ type, redir, level, str2);
+
+ rv = apr_global_mutex_lock(rewrite_log_lock);
+ if (rv != APR_SUCCESS) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+ "apr_global_mutex_lock(rewrite_log_lock) failed");
+ /* XXX: Maybe this should be fatal? */
+ }
+ nbytes = strlen(str3);
+ apr_file_write(conf->rewritelogfp, str3, &nbytes);
+ rv = apr_global_mutex_unlock(rewrite_log_lock);
+ if (rv != APR_SUCCESS) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+ "apr_global_mutex_unlock(rewrite_log_lock) failed");
+ /* XXX: Maybe this should be fatal? */
+ }
+
+ va_end(ap);
+ return;
+}
+
+static char *current_logtime(request_rec *r)
+{
+ apr_time_exp_t t;
+ char tstr[80];
+ apr_size_t len;
+
+ apr_time_exp_lt(&t, apr_time_now());
+
+ apr_strftime(tstr, &len, 80, "[%d/%b/%Y:%H:%M:%S ", &t);
+ apr_snprintf(tstr + strlen(tstr), 80-strlen(tstr), "%c%.2d%.2d]",
+ t.tm_gmtoff < 0 ? '-' : '+',
+ t.tm_gmtoff / (60*60), t.tm_gmtoff % (60*60));
+ return apr_pstrdup(r->pool, tstr);
+}
+
+
+
+
+/*
+** +-------------------------------------------------------+
+** | |
+** | rewriting lockfile support
+** | |
+** +-------------------------------------------------------+
+*/
+
+#define REWRITELOCK_MODE ( APR_UREAD | APR_UWRITE | APR_GREAD | APR_WREAD )
+
+static apr_status_t rewritelock_create(server_rec *s, apr_pool_t *p)
+{
+ apr_status_t rc;
+
+ /* only operate if a lockfile is used */
+ if (lockname == NULL || *(lockname) == '\0') {
+ return APR_SUCCESS;
+ }
+
+ /* create the lockfile */
+ rc = apr_global_mutex_create(&rewrite_mapr_lock_acquire, lockname,
+ APR_LOCK_DEFAULT, p);
+ if (rc != APR_SUCCESS) {
+ ap_log_error(APLOG_MARK, APLOG_CRIT, rc, s,
+ "mod_rewrite: Parent could not create RewriteLock "
+ "file %s", lockname);
+ return rc;
+ }
+
+#ifdef MOD_REWRITE_SET_MUTEX_PERMS
+ rc = unixd_set_global_mutex_perms(rewrite_mapr_lock_acquire);
+ if (rc != APR_SUCCESS) {
+ ap_log_error(APLOG_MARK, APLOG_CRIT, rc, s,
+ "mod_rewrite: Parent could not set permissions "
+ "on RewriteLock; check User and Group directives");
+ return rc;
+ }
+#endif
+
+ return APR_SUCCESS;
+}
+
+static apr_status_t rewritelock_remove(void *data)
+{
+ /* only operate if a lockfile is used */
+ if (lockname == NULL || *(lockname) == '\0') {
+ return APR_SUCCESS;
+ }
+
+ /* destroy the rewritelock */
+ apr_global_mutex_destroy (rewrite_mapr_lock_acquire);
+ rewrite_mapr_lock_acquire = NULL;
+ lockname = NULL;
+ return(0);
+}
+
+
+/*
+** +-------------------------------------------------------+
+** | |
+** | program map support
+** | |
+** +-------------------------------------------------------+
+*/
+
+static apr_status_t run_rewritemap_programs(server_rec *s, apr_pool_t *p)
+{
+ rewrite_server_conf *conf;
+ apr_array_header_t *rewritemaps;
+ rewritemap_entry *entries;
+ int i;
+ apr_status_t rc;
+
+ conf = ap_get_module_config(s->module_config, &rewrite_module);
+
+ /* If the engine isn't turned on,
+ * don't even try to do anything.
+ */
+ if (conf->state == ENGINE_DISABLED) {
+ return APR_SUCCESS;
+ }
+
+ rewritemaps = conf->rewritemaps;
+ entries = (rewritemap_entry *)rewritemaps->elts;
+ for (i = 0; i < rewritemaps->nelts; i++) {
+ apr_file_t *fpin = NULL;
+ apr_file_t *fpout = NULL;
+ rewritemap_entry *map = &entries[i];
+
+ if (map->type != MAPTYPE_PRG) {
+ continue;
+ }
+ if (map->argv[0] == NULL
+ || *(map->argv[0]) == '\0'
+ || map->fpin != NULL
+ || map->fpout != NULL ) {
+ continue;
+ }
+ rc = rewritemap_program_child(p, map->argv[0], map->argv,
+ &fpout, &fpin);
+ if (rc != APR_SUCCESS || fpin == NULL || fpout == NULL) {
+ ap_log_error(APLOG_MARK, APLOG_ERR, rc, s,
+ "mod_rewrite: could not startup RewriteMap "
+ "program %s", map->datafile);
+ return rc;
+ }
+ map->fpin = fpin;
+ map->fpout = fpout;
+ }
+ return APR_SUCCESS;
+}
+
+/* child process code */
+static apr_status_t rewritemap_program_child(apr_pool_t *p,
+ const char *progname, char **argv,
+ apr_file_t **fpout,
+ apr_file_t **fpin)
+{
+ apr_status_t rc;
+ apr_procattr_t *procattr;
+ apr_proc_t *procnew;
+
+ if (((rc = apr_procattr_create(&procattr, p)) != APR_SUCCESS) ||
+ ((rc = apr_procattr_io_set(procattr, APR_FULL_BLOCK, APR_FULL_BLOCK,
+ APR_NO_PIPE)) != APR_SUCCESS) ||
+ ((rc = apr_procattr_dir_set(procattr,
+ ap_make_dirstr_parent(p, argv[0])))
+ != APR_SUCCESS) ||
+ ((rc = apr_procattr_cmdtype_set(procattr, APR_PROGRAM))
+ != APR_SUCCESS)) {
+ /* Something bad happened, give up and go away. */
+ }
+ else {
+ procnew = apr_pcalloc(p, sizeof(*procnew));
+ rc = apr_proc_create(procnew, argv[0], (const char **)argv, NULL,
+ procattr, p);
+
+ if (rc == APR_SUCCESS) {
+ apr_pool_note_subprocess(p, procnew, APR_KILL_AFTER_TIMEOUT);
+
+ if (fpin) {
+ (*fpin) = procnew->in;
+ }
+
+ if (fpout) {
+ (*fpout) = procnew->out;
+ }
+ }
+ }
+
+ return (rc);
+}
+
+
+
+
+/*
+** +-------------------------------------------------------+
+** | |
+** | environment variable support
+** | |
+** +-------------------------------------------------------+
+*/
+
+
+static char *lookup_variable(request_rec *r, char *var)
+{
+ const char *result;
+ char resultbuf[LONG_STRING_LEN];
+ apr_time_exp_t tm;
+ request_rec *rsub;
+
+ result = NULL;
+
+ /* HTTP headers */
+ if (strcasecmp(var, "HTTP_USER_AGENT") == 0) {
+ result = lookup_header(r, "User-Agent");
+ }
+ else if (strcasecmp(var, "HTTP_REFERER") == 0) {
+ result = lookup_header(r, "Referer");
+ }
+ else if (strcasecmp(var, "HTTP_COOKIE") == 0) {
+ result = lookup_header(r, "Cookie");
+ }
+ else if (strcasecmp(var, "HTTP_FORWARDED") == 0) {
+ result = lookup_header(r, "Forwarded");
+ }
+ else if (strcasecmp(var, "HTTP_HOST") == 0) {
+ result = lookup_header(r, "Host");
+ }
+ else if (strcasecmp(var, "HTTP_PROXY_CONNECTION") == 0) {
+ result = lookup_header(r, "Proxy-Connection");
+ }
+ else if (strcasecmp(var, "HTTP_ACCEPT") == 0) {
+ result = lookup_header(r, "Accept");
+ }
+ /* all other headers from which we are still not know about */
+ else if (strlen(var) > 5 && strncasecmp(var, "HTTP:", 5) == 0) {
+ result = lookup_header(r, var+5);
+ }
+
+ /* connection stuff */
+ else if (strcasecmp(var, "REMOTE_ADDR") == 0) {
+ result = r->connection->remote_ip;
+ }
+ else if (strcasecmp(var, "REMOTE_PORT") == 0) {
+ return apr_itoa(r->pool, r->connection->remote_addr->port);
+ }
+ else if (strcasecmp(var, "REMOTE_HOST") == 0) {
+ result = (char *)ap_get_remote_host(r->connection,
+ r->per_dir_config, REMOTE_NAME, NULL);
+ }
+ else if (strcasecmp(var, "REMOTE_USER") == 0) {
+ result = r->user;
+ }
+ else if (strcasecmp(var, "REMOTE_IDENT") == 0) {
+ result = (char *)ap_get_remote_logname(r);
+ }
+
+ /* request stuff */
+ else if (strcasecmp(var, "THE_REQUEST") == 0) { /* non-standard */
+ result = r->the_request;
+ }
+ else if (strcasecmp(var, "REQUEST_METHOD") == 0) {
+ result = r->method;
+ }
+ else if (strcasecmp(var, "REQUEST_URI") == 0) { /* non-standard */
+ result = r->uri;
+ }
+ else if (strcasecmp(var, "SCRIPT_FILENAME") == 0 ||
+ strcasecmp(var, "REQUEST_FILENAME") == 0 ) {
+ result = r->filename;
+ }
+ else if (strcasecmp(var, "PATH_INFO") == 0) {
+ result = r->path_info;
+ }
+ else if (strcasecmp(var, "QUERY_STRING") == 0) {
+ result = r->args;
+ }
+ else if (strcasecmp(var, "AUTH_TYPE") == 0) {
+ result = r->ap_auth_type;
+ }
+ else if (strcasecmp(var, "IS_SUBREQ") == 0) { /* non-standard */
+ result = (r->main != NULL ? "true" : "false");
+ }
+
+ /* internal server stuff */
+ else if (strcasecmp(var, "DOCUMENT_ROOT") == 0) {
+ result = ap_document_root(r);
+ }
+ else if (strcasecmp(var, "SERVER_ADMIN") == 0) {
+ result = r->server->server_admin;
+ }
+ else if (strcasecmp(var, "SERVER_NAME") == 0) {
+ result = ap_get_server_name(r);
+ }
+ else if (strcasecmp(var, "SERVER_ADDR") == 0) { /* non-standard */
+ result = r->connection->local_ip;
+ }
+ else if (strcasecmp(var, "SERVER_PORT") == 0) {
+ apr_snprintf(resultbuf, sizeof(resultbuf), "%u", ap_get_server_port(r));
+ result = resultbuf;
+ }
+ else if (strcasecmp(var, "SERVER_PROTOCOL") == 0) {
+ result = r->protocol;
+ }
+ else if (strcasecmp(var, "SERVER_SOFTWARE") == 0) {
+ result = ap_get_server_version();
+ }
+ else if (strcasecmp(var, "API_VERSION") == 0) { /* non-standard */
+ apr_snprintf(resultbuf, sizeof(resultbuf), "%d:%d",
+ MODULE_MAGIC_NUMBER_MAJOR, MODULE_MAGIC_NUMBER_MINOR);
+ result = resultbuf;
+ }
+
+/* XXX: wow this has gotta be slow if you actually use it for a lot, recalculates exploded time for each variable */
+ /* underlaying Unix system stuff */
+ else if (strcasecmp(var, "TIME_YEAR") == 0) {
+ apr_time_exp_lt(&tm, apr_time_now());
+ apr_snprintf(resultbuf, sizeof(resultbuf), "%04d", tm.tm_year + 1900);
+ result = resultbuf;
+ }
+#define MKTIMESTR(format, tmfield) \
+ apr_time_exp_lt(&tm, apr_time_now()); \
+ apr_snprintf(resultbuf, sizeof(resultbuf), format, tm.tmfield); \
+ result = resultbuf;
+ else if (strcasecmp(var, "TIME_MON") == 0) {
+ MKTIMESTR("%02d", tm_mon+1)
+ }
+ else if (strcasecmp(var, "TIME_DAY") == 0) {
+ MKTIMESTR("%02d", tm_mday)
+ }
+ else if (strcasecmp(var, "TIME_HOUR") == 0) {
+ MKTIMESTR("%02d", tm_hour)
+ }
+ else if (strcasecmp(var, "TIME_MIN") == 0) {
+ MKTIMESTR("%02d", tm_min)
+ }
+ else if (strcasecmp(var, "TIME_SEC") == 0) {
+ MKTIMESTR("%02d", tm_sec)
+ }
+ else if (strcasecmp(var, "TIME_WDAY") == 0) {
+ MKTIMESTR("%d", tm_wday)
+ }
+ else if (strcasecmp(var, "TIME") == 0) {
+ apr_time_exp_lt(&tm, apr_time_now());
+ apr_snprintf(resultbuf, sizeof(resultbuf),
+ "%04d%02d%02d%02d%02d%02d", tm.tm_year + 1900,
+ tm.tm_mon+1, tm.tm_mday,
+ tm.tm_hour, tm.tm_min, tm.tm_sec);
+ result = resultbuf;
+ rewritelog(r, 1, "RESULT='%s'", result);
+ }
+
+ /* all other env-variables from the parent Apache process */
+ else if (strlen(var) > 4 && strncasecmp(var, "ENV:", 4) == 0) {
+ /* first try the internal Apache notes structure */
+ result = apr_table_get(r->notes, var+4);
+ /* second try the internal Apache env structure */
+ if (result == NULL) {
+ result = apr_table_get(r->subprocess_env, var+4);
+ }
+ /* third try the external OS env */
+ if (result == NULL) {
+ result = getenv(var+4);
+ }
+ }
+ else if (strlen(var) > 4 && !strncasecmp(var, "SSL:", 4)
+ && rewrite_ssl_lookup) {
+ result = rewrite_ssl_lookup(r->pool, r->server, r->connection, r,
+ var + 4);
+ }
+
+#define LOOKAHEAD(subrecfunc) \
+ if ( \
+ /* filename is safe to use */ \
+ r->filename != NULL \
+ /* - and we're either not in a subrequest */ \
+ && ( r->main == NULL \
+ /* - or in a subrequest where paths are non-NULL... */ \
+ || ( r->main->uri != NULL && r->uri != NULL \
+ /* ...and sub and main paths differ */ \
+ && strcmp(r->main->uri, r->uri) != 0))) { \
+ /* process a file-based subrequest */ \
+ rsub = subrecfunc(r->filename, r, NULL); \
+ /* now recursively lookup the variable in the sub_req */ \
+ result = lookup_variable(rsub, var+5); \
+ /* copy it up to our scope before we destroy sub_req's apr_pool_t */ \
+ result = apr_pstrdup(r->pool, result); \
+ /* cleanup by destroying the subrequest */ \
+ ap_destroy_sub_req(rsub); \
+ /* log it */ \
+ rewritelog(r, 5, "lookahead: path=%s var=%s -> val=%s", \
+ r->filename, var+5, result); \
+ /* return ourself to prevent re-pstrdup */ \
+ return (char *)result; \
+ }
+
+ /* look-ahead for parameter through URI-based sub-request */
+ else if (strlen(var) > 5 && strncasecmp(var, "LA-U:", 5) == 0) {
+ LOOKAHEAD(ap_sub_req_lookup_uri)
+ }
+ /* look-ahead for parameter through file-based sub-request */
+ else if (strlen(var) > 5 && strncasecmp(var, "LA-F:", 5) == 0) {
+ LOOKAHEAD(ap_sub_req_lookup_file)
+ }
+
+ /* file stuff */
+ else if (strcasecmp(var, "SCRIPT_USER") == 0) {
+ result = "<unknown>";
+ if (r->finfo.valid & APR_FINFO_USER) {
+ apr_get_username((char **)&result, r->finfo.user, r->pool);
+ }
+ }
+ else if (strcasecmp(var, "SCRIPT_GROUP") == 0) {
+ result = "<unknown>";
+ if (r->finfo.valid & APR_FINFO_GROUP) {
+ apr_group_name_get((char **)&result, r->finfo.group, r->pool);
+ }
+ } else if (strcasecmp(var, "HTTPS") == 0) {
+ int flag = rewrite_is_https && rewrite_is_https(r->connection);
+ result = flag ? "on" : "off";
+ }
+
+ if (result == NULL) {
+ return apr_pstrdup(r->pool, "");
+ }
+ else {
+ return apr_pstrdup(r->pool, result);
+ }
+}
+
+static char *lookup_header(request_rec *r, const char *name)
+{
+ const apr_array_header_t *hdrs_arr;
+ const apr_table_entry_t *hdrs;
+ int i;
+
+ hdrs_arr = apr_table_elts(r->headers_in);
+ hdrs = (const apr_table_entry_t *)hdrs_arr->elts;
+ for (i = 0; i < hdrs_arr->nelts; ++i) {
+ if (hdrs[i].key == NULL) {
+ continue;
+ }
+ if (strcasecmp(hdrs[i].key, name) == 0) {
+ apr_table_merge(r->notes, VARY_KEY_THIS, name);
+ return hdrs[i].val;
+ }
+ }
+ return NULL;
+}
+
+
+
+
+/*
+** +-------------------------------------------------------+
+** | |
+** | caching support
+** | |
+** +-------------------------------------------------------+
+*/
+
+
+static cache *init_cache(apr_pool_t *p)
+{
+ cache *c;
+
+ c = (cache *)apr_palloc(p, sizeof(cache));
+ if (apr_pool_create(&c->pool, p) != APR_SUCCESS) {
+ return NULL;
+ }
+ c->lists = apr_array_make(c->pool, 2, sizeof(cachelist));
+#if APR_HAS_THREADS
+ (void)apr_thread_mutex_create(&(c->lock), APR_THREAD_MUTEX_DEFAULT, p);
+#endif
+ return c;
+}
+
+static void set_cache_string(cache *c, const char *res, int mode, apr_time_t t,
+ char *key, char *value)
+{
+ cacheentry ce;
+
+ ce.time = t;
+ ce.key = key;
+ ce.value = value;
+ store_cache_string(c, res, &ce);
+ return;
+}
+
+static char *get_cache_string(cache *c, const char *res, int mode,
+ apr_time_t t, char *key)
+{
+ cacheentry *ce;
+
+ ce = retrieve_cache_string(c, res, key);
+ if (ce == NULL) {
+ return NULL;
+ }
+ if (mode & CACHEMODE_TS) {
+ if (t != ce->time) {
+ return NULL;
+ }
+ }
+ else if (mode & CACHEMODE_TTL) {
+ if (t > ce->time) {
+ return NULL;
+ }
+ }
+ return ce->value;
+}
+
+static int cache_tlb_hash(char *key)
+{
+ unsigned long n;
+ char *p;
+
+ n = 0;
+ for (p = key; *p != '\0'; p++) {
+ n = ((n << 5) + n) ^ (unsigned long)(*p++);
+ }
+
+ return n % CACHE_TLB_ROWS;
+}
+
+static cacheentry *cache_tlb_lookup(cachetlbentry *tlb, cacheentry *elt,
+ char *key)
+{
+ int ix = cache_tlb_hash(key);
+ int i;
+ int j;
+
+ for (i=0; i < CACHE_TLB_COLS; ++i) {
+ j = tlb[ix].t[i];
+ if (j < 0)
+ return NULL;
+ if (strcmp(elt[j].key, key) == 0)
+ return &elt[j];
+ }
+ return NULL;
+}
+
+static void cache_tlb_replace(cachetlbentry *tlb, cacheentry *elt,
+ cacheentry *e)
+{
+ int ix = cache_tlb_hash(e->key);
+ int i;
+
+ tlb = &tlb[ix];
+
+ for (i=1; i < CACHE_TLB_COLS; ++i)
+ tlb->t[i] = tlb->t[i-1];
+
+ tlb->t[0] = e - elt;
+}
+
+static void store_cache_string(cache *c, const char *res, cacheentry *ce)
+{
+ int i;
+ int j;
+ cachelist *l;
+ cacheentry *e;
+ cachetlbentry *t;
+ int found_list;
+
+#if APR_HAS_THREADS
+ apr_thread_mutex_lock(c->lock);
+#endif
+
+ found_list = 0;
+ /* first try to edit an existing entry */
+ for (i = 0; i < c->lists->nelts; i++) {
+ l = &(((cachelist *)c->lists->elts)[i]);
+ if (strcmp(l->resource, res) == 0) {
+ found_list = 1;
+
+ e = cache_tlb_lookup((cachetlbentry *)l->tlb->elts,
+ (cacheentry *)l->entries->elts, ce->key);
+ if (e != NULL) {
+ e->time = ce->time;
+ e->value = apr_pstrdup(c->pool, ce->value);
+#if APR_HAS_THREADS
+ apr_thread_mutex_unlock(c->lock);
+#endif
+ return;
+ }
+
+ for (j = 0; j < l->entries->nelts; j++) {
+ e = &(((cacheentry *)l->entries->elts)[j]);
+ if (strcmp(e->key, ce->key) == 0) {
+ e->time = ce->time;
+ e->value = apr_pstrdup(c->pool, ce->value);
+ cache_tlb_replace((cachetlbentry *)l->tlb->elts,
+ (cacheentry *)l->entries->elts, e);
+#if APR_HAS_THREADS
+ apr_thread_mutex_unlock(c->lock);
+#endif
+ return;
+ }
+ }
+ }
+ }
+
+ /* create a needed new list */
+ if (!found_list) {
+ l = apr_array_push(c->lists);
+ l->resource = apr_pstrdup(c->pool, res);
+ l->entries = apr_array_make(c->pool, 2, sizeof(cacheentry));
+ l->tlb = apr_array_make(c->pool, CACHE_TLB_ROWS,
+ sizeof(cachetlbentry));
+ for (i=0; i<CACHE_TLB_ROWS; ++i) {
+ t = &((cachetlbentry *)l->tlb->elts)[i];
+ for (j=0; j<CACHE_TLB_COLS; ++j)
+ t->t[j] = -1;
+ }
+ }
+
+ /* create the new entry */
+ for (i = 0; i < c->lists->nelts; i++) {
+ l = &(((cachelist *)c->lists->elts)[i]);
+ if (strcmp(l->resource, res) == 0) {
+ e = apr_array_push(l->entries);
+ e->time = ce->time;
+ e->key = apr_pstrdup(c->pool, ce->key);
+ e->value = apr_pstrdup(c->pool, ce->value);
+ cache_tlb_replace((cachetlbentry *)l->tlb->elts,
+ (cacheentry *)l->entries->elts, e);
+#if APR_HAS_THREADS
+ apr_thread_mutex_unlock(c->lock);
+#endif
+ return;
+ }
+ }
+
+ /* not reached, but when it is no problem... */
+#if APR_HAS_THREADS
+ apr_thread_mutex_unlock(c->lock);
+#endif
+ return;
+}
+
+static cacheentry *retrieve_cache_string(cache *c, const char *res, char *key)
+{
+ int i;
+ int j;
+ cachelist *l;
+ cacheentry *e;
+
+#if APR_HAS_THREADS
+ apr_thread_mutex_lock(c->lock);
+#endif
+
+ for (i = 0; i < c->lists->nelts; i++) {
+ l = &(((cachelist *)c->lists->elts)[i]);
+ if (strcmp(l->resource, res) == 0) {
+
+ e = cache_tlb_lookup((cachetlbentry *)l->tlb->elts,
+ (cacheentry *)l->entries->elts, key);
+ if (e != NULL) {
+#if APR_HAS_THREADS
+ apr_thread_mutex_unlock(c->lock);
+#endif
+ return e;
+ }
+
+ for (j = 0; j < l->entries->nelts; j++) {
+ e = &(((cacheentry *)l->entries->elts)[j]);
+ if (strcmp(e->key, key) == 0) {
+#if APR_HAS_THREADS
+ apr_thread_mutex_unlock(c->lock);
+#endif
+ return e;
+ }
+ }
+ }
+ }
+#if APR_HAS_THREADS
+ apr_thread_mutex_unlock(c->lock);
+#endif
+ return NULL;
+}
+
+
+
+
+/*
+** +-------------------------------------------------------+
+** | |
+** | misc functions
+** | |
+** +-------------------------------------------------------+
+*/
+
+/*
+ * substitute the prefix path 'match' in 'input' with 'subst'
+ * (think of RewriteBase which substitutes the physical path with
+ * the virtual path)
+ */
+
+static char *subst_prefix_path(request_rec *r, char *input, char *match,
+ const char *subst)
+{
+ apr_size_t len = strlen(match);
+
+ if (len && match[len - 1] == '/') {
+ --len;
+ }
+
+ if (!strncmp(input, match, len) && input[len++] == '/') {
+ apr_size_t slen, outlen;
+ char *output;
+
+ rewritelog(r, 5, "strip matching prefix: %s -> %s", input, input+len);
+
+ slen = strlen(subst);
+ if (slen && subst[slen - 1] != '/') {
+ ++slen;
+ }
+
+ outlen = strlen(input) + slen - len;
+ output = apr_palloc(r->pool, outlen + 1); /* don't forget the \0 */
+
+ memcpy(output, subst, slen);
+ if (slen && !output[slen-1]) {
+ output[slen-1] = '/';
+ }
+ memcpy(output+slen, input+len, outlen - slen);
+ output[outlen] = '\0';
+
+ rewritelog(r, 4, "add subst prefix: %s -> %s", input+len, output);
+
+ return output;
+ }
+
+ /* prefix didn't match */
+ return input;
+}
+
+
+/*
+**
+** own command line parser which don't have the '\\' problem
+**
+*/
+
+static int parseargline(char *str, char **a1, char **a2, char **a3)
+{
+ char *cp;
+ int isquoted;
+
+#define SKIP_WHITESPACE(cp) \
+ for ( ; *cp == ' ' || *cp == '\t'; ) { \
+ cp++; \
+ };
+
+#define CHECK_QUOTATION(cp,isquoted) \
+ isquoted = 0; \
+ if (*cp == '"') { \
+ isquoted = 1; \
+ cp++; \
+ }
+
+#define DETERMINE_NEXTSTRING(cp,isquoted) \
+ for ( ; *cp != '\0'; cp++) { \
+ if ( (isquoted && (*cp == ' ' || *cp == '\t')) \
+ || (*cp == '\\' && (*(cp+1) == ' ' || *(cp+1) == '\t'))) { \
+ cp++; \
+ continue; \
+ } \
+ if ( (!isquoted && (*cp == ' ' || *cp == '\t')) \
+ || (isquoted && *cp == '"') ) { \
+ break; \
+ } \
+ }
+
+ cp = str;
+ SKIP_WHITESPACE(cp);
+
+ /* determine first argument */
+ CHECK_QUOTATION(cp, isquoted);
+ *a1 = cp;
+ DETERMINE_NEXTSTRING(cp, isquoted);
+ if (*cp == '\0') {
+ return 1;
+ }
+ *cp++ = '\0';
+
+ SKIP_WHITESPACE(cp);
+
+ /* determine second argument */
+ CHECK_QUOTATION(cp, isquoted);
+ *a2 = cp;
+ DETERMINE_NEXTSTRING(cp, isquoted);
+ if (*cp == '\0') {
+ *cp++ = '\0';
+ *a3 = NULL;
+ return 0;
+ }
+ *cp++ = '\0';
+
+ SKIP_WHITESPACE(cp);
+
+ /* again check if there are only two arguments */
+ if (*cp == '\0') {
+ *cp++ = '\0';
+ *a3 = NULL;
+ return 0;
+ }
+
+ /* determine second argument */
+ CHECK_QUOTATION(cp, isquoted);
+ *a3 = cp;
+ DETERMINE_NEXTSTRING(cp, isquoted);
+ *cp++ = '\0';
+
+ return 0;
+}
+
+
+static void add_env_variable(request_rec *r, char *s)
+{
+ char var[MAX_STRING_LEN];
+ char val[MAX_STRING_LEN];
+ char *cp;
+ int n;
+
+ if ((cp = strchr(s, ':')) != NULL) {
+ n = ((cp-s) > MAX_STRING_LEN-1 ? MAX_STRING_LEN-1 : (cp-s));
+ memcpy(var, s, n);
+ var[n] = '\0';
+ apr_cpystrn(val, cp+1, sizeof(val));
+ apr_table_set(r->subprocess_env, var, val);
+ rewritelog(r, 5, "setting env variable '%s' to '%s'", var, val);
+ }
+}
+
+static void add_cookie(request_rec *r, char *s)
+{
+ char *var;
+ char *val;
+ char *domain;
+ char *expires;
+ char *path;
+
+ char *tok_cntx;
+ char *cookie;
+
+ if (s) {
+ var = apr_strtok(s, ":", &tok_cntx);
+ val = apr_strtok(NULL, ":", &tok_cntx);
+ domain = apr_strtok(NULL, ":", &tok_cntx);
+ /** the line below won't hit the token ever **/
+ expires = apr_strtok(NULL, ":", &tok_cntx);
+ if (expires) {
+ path = apr_strtok(NULL,":", &tok_cntx);
+ }
+ else {
+ path = NULL;
+ }
+
+ if (var && val && domain) {
+ /* FIX: use cached time similar to how logging does it */
+ request_rec *rmain = r;
+ char *notename;
+ void *data;
+ while (rmain->main) {
+ rmain = rmain->main;
+ }
+
+ notename = apr_pstrcat(rmain->pool, var, "_rewrite", NULL);
+ apr_pool_userdata_get(&data, notename, rmain->pool);
+ if (data == NULL) {
+ cookie = apr_pstrcat(rmain->pool,
+ var, "=", val,
+ "; path=", (path)? path : "/",
+ "; domain=", domain,
+ (expires)? "; expires=" : NULL,
+ (expires)?
+ ap_ht_time(r->pool,
+ r->request_time +
+ apr_time_from_sec((60 *
+ atol(expires))),
+ "%a, %d-%b-%Y %T GMT", 1)
+ : NULL,
+ NULL);
+ /*
+ * XXX: should we add it to err_headers_out as well ?
+ * if we do we need to be careful that only ONE gets sent out
+ */
+ apr_table_add(rmain->err_headers_out, "Set-Cookie", cookie);
+ apr_pool_userdata_set("set", notename, NULL, rmain->pool);
+ rewritelog(rmain, 5, "setting cookie '%s'", cookie);
+ }
+ else {
+ rewritelog(rmain, 5, "skipping already set cookie '%s'", var);
+ }
+ }
+ }
+}
+
+
+/*
+**
+** check that a subrequest won't cause infinite recursion
+**
+*/
+
+static int subreq_ok(request_rec *r)
+{
+ /*
+ * either not in a subrequest, or in a subrequest
+ * and URIs aren't NULL and sub/main URIs differ
+ */
+ return (r->main == NULL
+ || (r->main->uri != NULL
+ && r->uri != NULL
+ && strcmp(r->main->uri, r->uri) != 0));
+}
+
+
+/*
+**
+** stat() for only the prefix of a path
+**
+*/
+
+static int prefix_stat(const char *path, apr_pool_t *pool)
+{
+ const char *curpath = path;
+ const char *root;
+ const char *slash;
+ char *statpath;
+ apr_status_t rv;
+
+ rv = apr_filepath_root(&root, &curpath, APR_FILEPATH_TRUENAME, pool);
+
+ if (rv != APR_SUCCESS) {
+ return 0;
+ }
+
+ /* let's recognize slashes only, the mod_rewrite semantics are opaque
+ * enough.
+ */
+ if ((slash = ap_strchr_c(curpath, '/')) != NULL) {
+ rv = apr_filepath_merge(&statpath, root,
+ apr_pstrndup(pool, curpath,
+ (apr_size_t)(slash - curpath)),
+ APR_FILEPATH_NOTABOVEROOT |
+ APR_FILEPATH_NOTRELATIVE, pool);
+ }
+ else {
+ rv = apr_filepath_merge(&statpath, root, curpath,
+ APR_FILEPATH_NOTABOVEROOT |
+ APR_FILEPATH_NOTRELATIVE, pool);
+ }
+
+ if (rv == APR_SUCCESS) {
+ apr_finfo_t sb;
+
+ if (apr_stat(&sb, statpath, APR_FINFO_MIN, pool) == APR_SUCCESS) {
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
+
+/*
+**
+** Lexicographic Compare
+**
+*/
+
+static int compare_lexicography(char *cpNum1, char *cpNum2)
+{
+ int i;
+ int n1, n2;
+
+ n1 = strlen(cpNum1);
+ n2 = strlen(cpNum2);
+ if (n1 > n2) {
+ return 1;
+ }
+ if (n1 < n2) {
+ return -1;
+ }
+ for (i = 0; i < n1; i++) {
+ if (cpNum1[i] > cpNum2[i]) {
+ return 1;
+ }
+ if (cpNum1[i] < cpNum2[i]) {
+ return -1;
+ }
+ }
+ return 0;
+}
+
+/*
+**
+** Bracketed expression handling
+** s points after the opening bracket
+**
+*/
+
+static char *find_closing_bracket(char *s, int left, int right)
+{
+ int depth;
+
+ for (depth = 1; *s; ++s) {
+ if (*s == right && --depth == 0) {
+ return s;
+ }
+ else if (*s == left) {
+ ++depth;
+ }
+ }
+ return NULL;
+}
+
+static char *find_char_in_brackets(char *s, int c, int left, int right)
+{
+ int depth;
+
+ for (depth = 1; *s; ++s) {
+ if (*s == c && depth == 1) {
+ return s;
+ }
+ else if (*s == right && --depth == 0) {
+ return NULL;
+ }
+ else if (*s == left) {
+ ++depth;
+ }
+ }
+ return NULL;
+}
+
+/*
+**
+** Module paraphernalia
+**
+*/
+
+ /* the apr_table_t of commands we provide */
+static const command_rec command_table[] = {
+ AP_INIT_FLAG( "RewriteEngine", cmd_rewriteengine, NULL, OR_FILEINFO,
+ "On or Off to enable or disable (default) the whole "
+ "rewriting engine"),
+ AP_INIT_ITERATE( "RewriteOptions", cmd_rewriteoptions, NULL, OR_FILEINFO,
+ "List of option strings to set"),
+ AP_INIT_TAKE1( "RewriteBase", cmd_rewritebase, NULL, OR_FILEINFO,
+ "the base URL of the per-directory context"),
+ AP_INIT_RAW_ARGS("RewriteCond", cmd_rewritecond, NULL, OR_FILEINFO,
+ "an input string and a to be applied regexp-pattern"),
+ AP_INIT_RAW_ARGS("RewriteRule", cmd_rewriterule, NULL, OR_FILEINFO,
+ "an URL-applied regexp-pattern and a substitution URL"),
+ AP_INIT_TAKE2( "RewriteMap", cmd_rewritemap, NULL, RSRC_CONF,
+ "a mapname and a filename"),
+ AP_INIT_TAKE1( "RewriteLock", cmd_rewritelock, NULL, RSRC_CONF,
+ "the filename of a lockfile used for inter-process "
+ "synchronization"),
+ AP_INIT_TAKE1( "RewriteLog", cmd_rewritelog, NULL, RSRC_CONF,
+ "the filename of the rewriting logfile"),
+ AP_INIT_TAKE1( "RewriteLogLevel", cmd_rewriteloglevel, NULL, RSRC_CONF,
+ "the level of the rewriting logfile verbosity "
+ "(0=none, 1=std, .., 9=max)"),
+ { NULL }
+};
+
+static void register_hooks(apr_pool_t *p)
+{
+ /* fixup after mod_proxy, so that the proxied url will not
+ * escaped accidentally by mod_proxy's fixup.
+ */
+ static const char * const aszPre[]={ "mod_proxy.c", NULL };
+
+ /* check type before mod_mime, so that [T=foo/bar] will not be
+ * overridden by AddType definitions.
+ */
+ static const char * const ct_aszSucc[]={ "mod_mime.c", NULL };
+
+ APR_REGISTER_OPTIONAL_FN(ap_register_rewrite_mapfunc);
+
+ ap_hook_handler(handler_redirect, NULL, NULL, APR_HOOK_MIDDLE);
+ ap_hook_pre_config(pre_config, NULL, NULL, APR_HOOK_MIDDLE);
+ ap_hook_post_config(post_config, NULL, NULL, APR_HOOK_MIDDLE);
+ ap_hook_child_init(init_child, NULL, NULL, APR_HOOK_MIDDLE);
+
+ ap_hook_fixups(hook_fixup, aszPre, NULL, APR_HOOK_FIRST);
+ ap_hook_translate_name(hook_uri2file, NULL, NULL, APR_HOOK_FIRST);
+ ap_hook_type_checker(hook_mimetype, NULL, ct_aszSucc, APR_HOOK_MIDDLE);
+}
+
+ /* the main config structure */
+module AP_MODULE_DECLARE_DATA rewrite_module = {
+ STANDARD20_MODULE_STUFF,
+ config_perdir_create, /* create per-dir config structures */
+ config_perdir_merge, /* merge per-dir config structures */
+ config_server_create, /* create per-server config structures */
+ config_server_merge, /* merge per-server config structures */
+ command_table, /* table of config file commands */
+ register_hooks /* register hooks */
+};
+
+/*EOF*/