- HTTPS env var should be "on" when using mod_extforward and the X-Forwarded-Proto header is set. (#1499)

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2052 152afb58-edef-0310-8abb-c4023f1b3aa9

NEWS

@@ -17,6 +17,7 @@ NEWS
   * prevent crash in certain php-fcgi configurations (#841)
   * add IdleServers and Scoreboard directives in ?auto mode for mod_status (#1507)
   * open log immediately after daemonizing, fixes SIGPIPEs on startup  (#165)
+  * HTTPS env var should be "on" when using mod_extforward and the X-Forwarded-Proto header is set. (#1499)
 
 - 1.4.18 - 2007-09-09
 

src/base.h

@@ -515,6 +515,7 @@ typedef struct {
 #ifdef USE_OPENSSL
 	SSL_CTX *ssl_ctx;
 #endif
+       unsigned short is_proxy_ssl;
 } server_socket;
 
 typedef struct {

src/mod_extforward.c

@@ -379,8 +379,14 @@ URIHANDLER_FUNC(mod_extforward_uri_handler) {
 
 	if (real_remote_addr != NULL) { /* parsed */
 		sock_addr sock;
-
 		struct addrinfo *addrs_left;
+		server_socket *srv_sock = con->srv_socket;
+		data_string *forwarded_proto = (data_string *) array_get_element(con->request.headers,"X-Forwarded-Proto");
+
+		if (forwarded_proto && !strcmp(forwarded_proto->value->ptr, "https"))
+			srv_sock->is_proxy_ssl = 1;
+		else
+			srv_sock->is_proxy_ssl = 0;
 
 		if (con->conf.log_request_handling) {
  			log_error_write(srv, __FILE__, __LINE__, "ss",

src/mod_fastcgi.c

@@ -2057,12 +2057,9 @@ static int fcgi_create_env(server *srv, handler_ctx *hctx, size_t request_id) {
 	s = get_http_version_name(con->request.http_version);
 	FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("SERVER_PROTOCOL"), s, strlen(s)),con)
 
-#ifdef USE_OPENSSL
-	if (srv_sock->is_ssl) {
+    if (srv_sock->is_ssl || srv_sock->is_proxy_ssl) {
 		FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("HTTPS"), CONST_STR_LEN("on")),con)
 	}
-#endif
-
 
 	FCGI_ENV_ADD_CHECK(fcgi_env_add_request_headers(srv, con, p), con);