--- /dev/null
+honour AddHeader specified multiple times
+
+http://www.apsis.ch/pound/pound_list/index_html?query=addheader
+http://www.apsis.ch/pound/pound_list/archive/2011/2011-11/1321393308000#1321393308000
+
+AddHeader directive honored
+
+Francisco Ruiz <francisco.ruiz(at)juntaextremadura.es> 2011-11-15 22:41:48 [ SNIP ]
+ Hi,
+
+I send a patch to the list so that it can be considered and merged to
+the main code if accepted.
+
+We need to add several headers to the request but it seems that
+AddHeader just honors the last occurrence of the directive. Even more,
+several AddHeader directives doesn't rise an error or warning. All of
+them are processed and the string created with previus strdup() call
+seems not to be freed.
+
+The patch sent:
+ * modify config.c to concatenate all the headers in the LISTENER
+struct member add_head with the needed "\r\n".
+ * modify the comment to LISTENER struct member add_head to reflect
+that AddHeader works also with HTTP an not only HTTPS, in pound.h
+ * modify man page pound.8 to reflect the changes.
+
+I hope it can be of any help for others.
+
+On the other hand, I would like to know about the patch that someone
+send to the list to get sticky sessions by injecting cookies in the
+replies to client, as other commercial products do. Are there any plans
+to merge it?
+
+Thanks for pound and to all the community arround it.
+
+--
+Francisco Ruiz
+francisco.ruiz(at)juntaextremadura.es
+
+Ahorrar papel protege el medio ambiente
+--- config.c.orig 2010-02-02 12:49:02.000000000 +0100
++++ config.c 2011-11-14 21:52:49.000000000 +0100
+@@ -625,6 +625,7 @@
+ parse_HTTP(void)
+ {
+ char lin[MAXBUF];
++ char *ah;
+ LISTENER *res;
+ SERVICE *svc;
+ MATCHER *m;
+@@ -719,8 +720,18 @@
+ conf_err("HeadRemove bad pattern - aborted");
+ } else if(!regexec(&AddHeader, lin, 4, matches, 0)) {
+ lin[matches[1].rm_eo] = '\0';
+- if((res->add_head = strdup(lin + matches[1].rm_so)) == NULL)
+- conf_err("AddHeader config: out of memory - aborted");
++ if (res->add_head == NULL) {
++ if ((ah = malloc (strlen(lin + matches[1].rm_so) + 1)) == NULL)
++ conf_err("AddHeader config: out of memory - aborted");
++ sprintf(ah, "%s", lin + matches[1].rm_so);
++ }
++ else {
++ if ((ah = malloc (strlen(res->add_head) + strlen(lin + matches[1].rm_so) + 1)) == NULL)
++ conf_err("AddHeader config: out of memory - aborted");
++ sprintf(ah, "%s\r\n%s", res->add_head, lin + matches[1].rm_so);
++ }
++ free(res->add_head);
++ res->add_head = ah;
+ } else if(!regexec(&RewriteLocation, lin, 4, matches, 0)) {
+ res->rewr_loc = atoi(lin + matches[1].rm_so);
+ } else if(!regexec(&RewriteDestination, lin, 4, matches, 0)) {
+@@ -772,6 +783,7 @@
+ parse_HTTPS(void)
+ {
+ char lin[MAXBUF];
++ char *ah;
+ LISTENER *res;
+ SERVICE *svc;
+ MATCHER *m;
+@@ -902,8 +914,18 @@
+ }
+ } else if(!regexec(&AddHeader, lin, 4, matches, 0)) {
+ lin[matches[1].rm_eo] = '\0';
+- if((res->add_head = strdup(lin + matches[1].rm_so)) == NULL)
+- conf_err("AddHeader config: out of memory - aborted");
++ if (res->add_head == NULL) {
++ if ((ah = malloc (strlen(lin + matches[1].rm_so) + 1)) == NULL)
++ conf_err("AddHeader config: out of memory - aborted");
++ sprintf(ah, "%s", lin + matches[1].rm_so);
++ }
++ else {
++ if ((ah = malloc (strlen(res->add_head) + strlen(lin + matches[1].rm_so) + 1)) == NULL)
++ conf_err("AddHeader config: out of memory - aborted");
++ sprintf(ah, "%s\r\n%s", res->add_head, lin + matches[1].rm_so);
++ }
++ free(res->add_head);
++ res->add_head = ah;
+ } else if(!regexec(&Ciphers, lin, 4, matches, 0)) {
+ lin[matches[1].rm_eo] = '\0';
+ SSL_CTX_set_cipher_list(res->ctx, lin + matches[1].rm_so);
+--- pound.h.orig 2010-02-02 12:49:02.000000000 +0100
++++ pound.h 2011-11-15 21:40:40.000000000 +0100
+@@ -354,7 +354,7 @@
+ SSL_CTX *ctx; /* CTX for SSL connections */
+ int clnt_check; /* client verification mode */
+ int noHTTPS11; /* HTTP 1.1 mode for SSL */
+- char *add_head; /* extra SSL header */
++ char *add_head; /* extra headers */
+ regex_t verb; /* pattern to match the request verb against */
+ int to; /* client time-out */
+ int has_pat; /* was a URL pattern defined? */
+--- pound.8.orig 2010-02-02 12:49:02.000000000 +0100
++++ pound.8 2011-11-15 21:48:02.000000000 +0100
+@@ -405,7 +405,7 @@
+ .TP
+ \fBAddHeader\fR "header: to add"
+ Add the defined header to the request passed to the back-end server. The header
+-is added verbatim.
++is added verbatim. Multiple headers can be added, one per AddHeader directive.
+ .TP
+ \fBRewriteLocation\fR 0|1|2
+ If 1 force