diff options
Diffstat (limited to 'www/mod_limitipconn')
| -rw-r--r-- | www/mod_limitipconn/Makefile | 20 | ||||
| -rw-r--r-- | www/mod_limitipconn/distinfo | 3 | ||||
| -rw-r--r-- | www/mod_limitipconn/files/fixcounting.patch | 184 |
3 files changed, 193 insertions, 14 deletions
diff --git a/www/mod_limitipconn/Makefile b/www/mod_limitipconn/Makefile index 0a1fef98b0b1..09bc5d6e6115 100644 --- a/www/mod_limitipconn/Makefile +++ b/www/mod_limitipconn/Makefile @@ -10,26 +10,24 @@ PORTVERSION= 0.04 PORTREVISION= 1 CATEGORIES= www MASTER_SITES= http://dominia.org/djao/limit/ -DISTFILES= ${DISTNAME}${EXTRACT_SUFX} -.if defined(WITH_CONNECTION_COUNT_FIX) -LMODOVERWRITE= contrib/sbarta/mod_limitipconn.c -DISTFILES+= ${LMODOVERWRITE} -EXTRACT_ONLY= ${DISTNAME}${EXTRACT_SUFX} -.endif MAINTAINER= ychsiao@ychsiao.org COMMENT= Limit the number of simultaneous connections from a single client IP address PLIST_FILES= libexec/apache/mod_limitipconn.so USE_APACHE= yes -USE_REINPLACE= yes +APACHEMODDIR= libexec/apache +PLIST_SUB+= APACHEMODDIR="${APACHEMODDIR}" + +OPTIONS= FIXCOUNT "Patch dangling browser connections counting" Off + +.include <bsd.port.pre.mk> -.if defined(WITH_CONNECTION_COUNT_FIX) -pre-patch: - ${CP} ${DISTDIR}/${LMODOVERWRITE} ${WRKSRC} +.if defined(WITH_FIXCOUNT) +EXTRA_PATCHES+= ${PATCHDIR}/fixcounting.patch .endif post-patch: ${REINPLACE_CMD} -e 's,^APXS = .*,APXS = ${APXS},' ${WRKSRC}/Makefile -.include <bsd.port.mk> +.include <bsd.port.post.mk> diff --git a/www/mod_limitipconn/distinfo b/www/mod_limitipconn/distinfo index 06c3746664a3..3e43334caaff 100644 --- a/www/mod_limitipconn/distinfo +++ b/www/mod_limitipconn/distinfo @@ -1,6 +1,3 @@ MD5 (mod_limitipconn-0.04.tar.gz) = 009dac6ccae20806916ec7aa61a42a1f SHA256 (mod_limitipconn-0.04.tar.gz) = ad131bbd5af50bb37450d3bafddffeb81b4a2e8456c2bddb3ba300beca530a94 SIZE (mod_limitipconn-0.04.tar.gz) = 6267 -MD5 (contrib/sbarta/mod_limitipconn.c) = c05bf21b0e32a168448ea4dac8a53f5c -SHA256 (contrib/sbarta/mod_limitipconn.c) = a076313794897149f67e2159372987d379bdaa67da0c1c37025952afb4b52543 -SIZE (contrib/sbarta/mod_limitipconn.c) = 9753 diff --git a/www/mod_limitipconn/files/fixcounting.patch b/www/mod_limitipconn/files/fixcounting.patch new file mode 100644 index 000000000000..09f36c09f256 --- /dev/null +++ b/www/mod_limitipconn/files/fixcounting.patch @@ -0,0 +1,184 @@ +--- mod_limitipconn.c Fri Apr 12 13:54:49 2002 ++++ ../../files/mod_limitipconn.c Thu Jun 5 17:39:10 2003 +@@ -34,7 +34,7 @@ + #include "scoreboard.h" + + #define MODULE_NAME "mod_limitipconn" +-#define MODULE_VERSION "0.04" ++#define MODULE_VERSION "0.05" + + module MODULE_VAR_EXPORT limitipconn_module; + +@@ -59,62 +59,34 @@ + return (void *) cfg; + } + +-static int limitipconn_handler(request_rec *r) ++static int is_limitable(limitipconn_dir_config *cfg, request_rec *r, char *uri) + { +- /* get configuration information */ +- limitipconn_dir_config *cfg = (limitipconn_dir_config *) +- ap_get_module_config(r->per_dir_config, &limitipconn_module); ++ /* Content-type of the current request */ ++ const char *content_type; + + /* convert Apache arrays to normal C arrays */ + char **nolim = (char **) cfg->no_limit->elts; + char **exlim = (char **) cfg->excl_limit->elts; + +- const char *address; +- + /* loop index variable */ + int i; + +- /* running count of number of connections from this address */ +- int ip_count = 0; +- +- /* Content-type of the current request */ +- const char *content_type; +- +- /* scoreboard data structure */ +- short_score score_record; +- +- /* We decline to handle subrequests: otherwise, in the next step we +- * could get into an infinite loop. */ +- if (!ap_is_initial_req(r)) { +- return DECLINED; +- } +- + /* Look up the Content-type of this request. We need a subrequest + * here since this module might be called before the URI has been + * translated into a MIME type. */ +- content_type = ap_sub_req_lookup_uri(r->uri, r)->content_type; ++ content_type = ap_sub_req_lookup_uri(uri, r)->content_type; + + /* If there's no Content-type, use the default. */ + if (!content_type) { + content_type = ap_default_type(r); + } + +-#ifdef RECORD_FORWARD +- if ((address = ap_table_get(r->headers_in, "X-Forwarded-For")) == NULL) +-#endif +- address = r->connection->remote_ip; +- +- /* A limit value of 0 by convention means no limit. */ +- if (cfg->limit == 0) { +- return OK; +- } +- + /* Cycle through the exempt list; if our content_type is exempt, +- * return OK */ ++ * return 0 */ + for (i = 0; i < cfg->no_limit->nelts; i++) { + if ((ap_strcasecmp_match(content_type, nolim[i]) == 0) + || (strncmp(nolim[i], content_type, strlen(nolim[i])) == 0)) { +- return OK; ++ return 0; + } + } + +@@ -129,9 +101,49 @@ + } + } + if (excused) { +- return OK; ++ return 0; + } + } ++ return 1; ++} ++ ++static int limitipconn_handler(request_rec *r) ++{ ++ /* get configuration information */ ++ limitipconn_dir_config *cfg = (limitipconn_dir_config *) ++ ap_get_module_config(r->per_dir_config, &limitipconn_module); ++ ++ const char *address; ++ ++ /* loop index variable */ ++ int i; ++ ++ /* running count of number of connections from this address */ ++ int ip_count = 0; ++ ++ /* scoreboard data structure */ ++ short_score score_record; ++ ++ /* We decline to handle subrequests: otherwise, in the next step we ++ * could get into an infinite loop. */ ++ if (!ap_is_initial_req(r)) { ++ return DECLINED; ++ } ++ ++#ifdef RECORD_FORWARD ++ if ((address = ap_table_get(r->headers_in, "X-Forwarded-For")) == NULL) ++#endif ++ address = r->connection->remote_ip; ++ ++ /* A limit value of 0 by convention means no limit. */ ++ if (cfg->limit == 0) { ++ return OK; ++ } ++ ++ /* If the content-type isn't limitable, return OK */ ++ if (!is_limitable(cfg, r, r->uri)) { ++ return OK; ++ } + + /* Count up the number of connections we are handling right now from + * this IP address */ +@@ -153,7 +165,51 @@ + || (strcmp(address, score_record.fwdclient) == 0) + #endif + ) { +- ip_count++; ++ /* Try to determine the URI from what's stored of the request in the ++ scoreboard. Hopefully we'll get enough of it to be able to determine ++ the content-type. */ ++ ++ /* A copy of the HTTP request from the scoreboard */ ++ char request[64]; ++ ++ /* The request's URI */ ++ char *uri; ++ ++ /* A temporary pointer used to find the end of the URI */ ++ char *c; ++ ++ /* One if we were unable to find a full URI in the request, zero otherwise */ ++ int full_request = 0; ++ ++ /* Get a copy of the request line from the scoreboard */ ++ strncpy(request, score_record.request, 64); ++ request[63] = 0; ++ ++ /* Separate out the method */ ++ for (uri = request; *uri; uri++) { ++ if (*uri == ' ') { ++ uri++; ++ break; ++ } ++ } ++ ++ /* Find the space which separates the URI from the HTTP version */ ++ for (c = uri; *c; c++) { ++ if (*c == ' ') { ++ *c = 0; ++ full_request = 1; ++ break; ++ } ++ } ++ ++ /* If we don't see the full request string, then be stringy ++ and assume that the request is limitable. This was the ++ behavior before the module was modified to try to be ++ smarter. */ ++ ++ if (*uri && !full_request || is_limitable(cfg, r, uri)) { ++ ip_count++; ++ } + } + break; + case |