]> git.ipfire.org Git - thirdparty/squid.git/blob - src/adaptation/icap/ModXact.cc
projects / thirdparty / squid.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
SourceFormat Enforcement
[thirdparty/squid.git] / src / adaptation / icap / ModXact.cc
1 /*
2 * DEBUG: section 93 ICAP (RFC 3507) Client
3 */
4
5 #include "squid.h"
6 #include "AccessLogEntry.h"
7 #include "adaptation/Answer.h"
8 #include "adaptation/History.h"
9 #include "adaptation/icap/Client.h"
10 #include "adaptation/icap/Config.h"
11 #include "adaptation/icap/History.h"
12 #include "adaptation/icap/Launcher.h"
13 #include "adaptation/icap/ModXact.h"
14 #include "adaptation/icap/ServiceRep.h"
15 #include "adaptation/Initiator.h"
16 #include "auth/UserRequest.h"
17 #include "base/TextException.h"
18 #include "base64.h"
19 #include "ChunkedCodingParser.h"
20 #include "comm.h"
21 #include "comm/Connection.h"
22 #include "err_detail_type.h"
23 #include "HttpMsg.h"
24 #include "HttpReply.h"
25 #include "HttpRequest.h"
26 #include "protos.h"
27 #include "SquidTime.h"
28
29 // flow and terminology:
30 // HTTP| --> receive --> encode --> write --> |network
31 // end | <-- send <-- parse <-- read <-- |end
32
33 // TODO: replace gotEncapsulated() with something faster; we call it often
34
35 CBDATA_NAMESPACED_CLASS_INIT(Adaptation::Icap, ModXact);
36 CBDATA_NAMESPACED_CLASS_INIT(Adaptation::Icap, ModXactLauncher);
37
38 static const size_t TheBackupLimit = BodyPipe::MaxCapacity;
39
40 Adaptation::Icap::ModXact::State::State()
41 {
42 memset(this, 0, sizeof(*this));
43 }
44
45 Adaptation::Icap::ModXact::ModXact(HttpMsg *virginHeader,
46 HttpRequest *virginCause, Adaptation::Icap::ServiceRep::Pointer &aService):
47 AsyncJob("Adaptation::Icap::ModXact"),
48 Adaptation::Icap::Xaction("Adaptation::Icap::ModXact", aService),
49 virginConsumed(0),
50 bodyParser(NULL),
51 canStartBypass(false), // too early
52 protectGroupBypass(true),
53 replyHttpHeaderSize(-1),
54 replyHttpBodySize(-1),
55 adaptHistoryId(-1)
56 {
57 assert(virginHeader);
58
59 virgin.setHeader(virginHeader); // sets virgin.body_pipe if needed
60 virgin.setCause(virginCause); // may be NULL
61
62 // adapted header and body are initialized when we parse them
63
64 // writing and reading ends are handled by Adaptation::Icap::Xaction
65
66 // encoding
67 // nothing to do because we are using temporary buffers
68
69 // parsing; TODO: do not set until we parse, see ICAPOptXact
70 icapReply = new HttpReply;
71 icapReply->protoPrefix = "ICAP/"; // TODO: make an IcapReply class?
72
73 debugs(93,7, HERE << "initialized." << status());
74 }
75
76 // initiator wants us to start
77 void Adaptation::Icap::ModXact::start()
78 {
79 Adaptation::Icap::Xaction::start();
80
81 // reserve an adaptation history slot (attempts are known at this time)
82 Adaptation::History::Pointer ah = virginRequest().adaptLogHistory();
83 if (ah != NULL)
84 adaptHistoryId = ah->recordXactStart(service().cfg().key, icap_tr_start, attempts > 1);
85
86 estimateVirginBody(); // before virgin disappears!
87
88 canStartBypass = service().cfg().bypass;
89
90 // it is an ICAP violation to send request to a service w/o known OPTIONS
91 // and the service may is too busy for us: honor Max-Connections and such
92 if (service().up() && service().availableForNew())
93 startWriting();
94 else
95 waitForService();
96 }
97
98 void Adaptation::Icap::ModXact::waitForService()
99 {
100 const char *comment;
101 Must(!state.serviceWaiting);
102
103 if (!service().up()) {
104 AsyncCall::Pointer call = JobCallback(93,5,
105 ConnWaiterDialer, this, Adaptation::Icap::ModXact::noteServiceReady);
106
107 service().callWhenReady(call);
108 comment = "to be up";
109 } else {
110 //The service is unavailable because of max-connection or other reason
111
112 if (service().cfg().onOverload != srvWait) {
113 // The service is overloaded, but waiting to be available prohibited by
114 // user configuration (onOverload is set to "block" or "bypass")
115 if (service().cfg().onOverload == srvBlock)
116 disableBypass("not available", true);
117 else //if (service().cfg().onOverload == srvBypass)
118 canStartBypass = true;
119
120 disableRetries();
121 disableRepeats("ICAP service is not available");
122
123 debugs(93, 7, HERE << "will not wait for the service to be available" <<
124 status());
125
126 throw TexcHere("ICAP service is not available");
127 }
128
129 AsyncCall::Pointer call = JobCallback(93,5,
130 ConnWaiterDialer, this, Adaptation::Icap::ModXact::noteServiceAvailable);
131 service().callWhenAvailable(call, state.waitedForService);
132 comment = "to be available";
133 }
134
135 debugs(93, 7, HERE << "will wait for the service " << comment << status());
136 state.serviceWaiting = true; // after callWhenReady() which may throw
137 state.waitedForService = true;
138 }
139
140 void Adaptation::Icap::ModXact::noteServiceReady()
141 {
142 Must(state.serviceWaiting);
143 state.serviceWaiting = false;
144
145 if (!service().up()) {
146 disableRetries();
147 disableRepeats("ICAP service is unusable");
148 throw TexcHere("ICAP service is unusable");
149 }
150
151 if (service().availableForOld())
152 startWriting();
153 else
154 waitForService();
155 }
156
157 void Adaptation::Icap::ModXact::noteServiceAvailable()
158 {
159 Must(state.serviceWaiting);
160 state.serviceWaiting = false;
161
162 if (service().up() && service().availableForOld())
163 startWriting();
164 else
165 waitForService();
166 }
167
168 void Adaptation::Icap::ModXact::startWriting()
169 {
170 state.writing = State::writingConnect;
171
172 decideOnPreview(); // must be decided before we decideOnRetries
173 decideOnRetries();
174
175 openConnection();
176 }
177
178 // connection with the ICAP service established
179 void Adaptation::Icap::ModXact::handleCommConnected()
180 {
181 Must(state.writing == State::writingConnect);
182
183 startReading(); // wait for early errors from the ICAP server
184
185 MemBuf requestBuf;
186 requestBuf.init();
187
188 makeRequestHeaders(requestBuf);
189 debugs(93, 9, HERE << "will write" << status() << ":\n" <<
190 (requestBuf.terminate(), requestBuf.content()));
191
192 // write headers
193 state.writing = State::writingHeaders;
194 icap_tio_start = current_time;
195 scheduleWrite(requestBuf);
196 }
197
198 void Adaptation::Icap::ModXact::handleCommWrote(size_t sz)
199 {
200 debugs(93, 5, HERE << "Wrote " << sz << " bytes");
201
202 if (state.writing == State::writingHeaders)
203 handleCommWroteHeaders();
204 else
205 handleCommWroteBody();
206 }
207
208 void Adaptation::Icap::ModXact::handleCommWroteHeaders()
209 {
210 Must(state.writing == State::writingHeaders);
211
212 // determine next step
213 if (preview.enabled()) {
214 if (preview.done())
215 decideWritingAfterPreview("zero-size");
216 else
217 state.writing = State::writingPreview;
218 } else if (virginBody.expected()) {
219 state.writing = State::writingPrime;
220 } else {
221 stopWriting(true);
222 return;
223 }
224
225 writeMore();
226 }
227
228 void Adaptation::Icap::ModXact::writeMore()
229 {
230 debugs(93, 5, HERE << "checking whether to write more" << status());
231
232 if (writer != NULL) // already writing something
233 return;
234
235 switch (state.writing) {
236
237 case State::writingInit: // waiting for service OPTIONS
238 Must(state.serviceWaiting);
239
240 case State::writingConnect: // waiting for the connection to establish
241
242 case State::writingHeaders: // waiting for the headers to be written
243
244 case State::writingPaused: // waiting for the ICAP server response
245
246 case State::writingReallyDone: // nothing more to write
247 return;
248
249 case State::writingAlmostDone: // was waiting for the last write
250 stopWriting(false);
251 return;
252
253 case State::writingPreview:
254 writePreviewBody();
255 return;
256
257 case State::writingPrime:
258 writePrimeBody();
259 return;
260
261 default:
262 throw TexcHere("Adaptation::Icap::ModXact in bad writing state");
263 }
264 }
265
266 void Adaptation::Icap::ModXact::writePreviewBody()
267 {
268 debugs(93, 8, HERE << "will write Preview body from " <<
269 virgin.body_pipe << status());
270 Must(state.writing == State::writingPreview);
271 Must(virgin.body_pipe != NULL);
272
273 const size_t sizeMax = (size_t)virgin.body_pipe->buf().contentSize();
274 const size_t size = min(preview.debt(), sizeMax);
275 writeSomeBody("preview body", size);
276
277 // change state once preview is written
278
279 if (preview.done())
280 decideWritingAfterPreview("body");
281 }
282
283 /// determine state.writing after we wrote the entire preview
284 void Adaptation::Icap::ModXact::decideWritingAfterPreview(const char *kind)
285 {
286 if (preview.ieof()) // nothing more to write
287 stopWriting(true);
288 else if (state.parsing == State::psIcapHeader) // did not get a reply yet
289 state.writing = State::writingPaused; // wait for the ICAP server reply
290 else
291 stopWriting(true); // ICAP server reply implies no post-preview writing
292
293 debugs(93, 6, HERE << "decided on writing after " << kind << " preview" <<
294 status());
295 }
296
297 void Adaptation::Icap::ModXact::writePrimeBody()
298 {
299 Must(state.writing == State::writingPrime);
300 Must(virginBodyWriting.active());
301
302 const size_t size = (size_t)virgin.body_pipe->buf().contentSize();
303 writeSomeBody("prime virgin body", size);
304
305 if (virginBodyEndReached(virginBodyWriting)) {
306 debugs(93, 5, HERE << "wrote entire body");
307 stopWriting(true);
308 }
309 }
310
311 void Adaptation::Icap::ModXact::writeSomeBody(const char *label, size_t size)
312 {
313 Must(!writer && state.writing < state.writingAlmostDone);
314 Must(virgin.body_pipe != NULL);
315 debugs(93, 8, HERE << "will write up to " << size << " bytes of " <<
316 label);
317
318 MemBuf writeBuf; // TODO: suggest a min size based on size and lastChunk
319
320 writeBuf.init(); // note: we assume that last-chunk will fit
321
322 const size_t writableSize = virginContentSize(virginBodyWriting);
323 const size_t chunkSize = min(writableSize, size);
324
325 if (chunkSize) {
326 debugs(93, 7, HERE << "will write " << chunkSize <<
327 "-byte chunk of " << label);
328
329 openChunk(writeBuf, chunkSize, false);
330 writeBuf.append(virginContentData(virginBodyWriting), chunkSize);
331 closeChunk(writeBuf);
332
333 virginBodyWriting.progress(chunkSize);
334 virginConsume();
335 } else {
336 debugs(93, 7, HERE << "has no writable " << label << " content");
337 }
338
339 const bool wroteEof = virginBodyEndReached(virginBodyWriting);
340 bool lastChunk = wroteEof;
341 if (state.writing == State::writingPreview) {
342 preview.wrote(chunkSize, wroteEof); // even if wrote nothing
343 lastChunk = lastChunk || preview.done();
344 }
345
346 if (lastChunk) {
347 debugs(93, 8, HERE << "will write last-chunk of " << label);
348 addLastRequestChunk(writeBuf);
349 }
350
351 debugs(93, 7, HERE << "will write " << writeBuf.contentSize()
352 << " raw bytes of " << label);
353
354 if (writeBuf.hasContent()) {
355 scheduleWrite(writeBuf); // comm will free the chunk
356 } else {
357 writeBuf.clean();
358 }
359 }
360
361 void Adaptation::Icap::ModXact::addLastRequestChunk(MemBuf &buf)
362 {
363 const bool ieof = state.writing == State::writingPreview && preview.ieof();
364 openChunk(buf, 0, ieof);
365 closeChunk(buf);
366 }
367
368 void Adaptation::Icap::ModXact::openChunk(MemBuf &buf, size_t chunkSize, bool ieof)
369 {
370 buf.Printf((ieof ? "%x; ieof\r\n" : "%x\r\n"), (int) chunkSize);
371 }
372
373 void Adaptation::Icap::ModXact::closeChunk(MemBuf &buf)
374 {
375 buf.append(ICAP::crlf, 2); // chunk-terminating CRLF
376 }
377
378 const HttpRequest &Adaptation::Icap::ModXact::virginRequest() const
379 {
380 const HttpRequest *request = virgin.cause ?
381 virgin.cause : dynamic_cast<const HttpRequest*>(virgin.header);
382 Must(request);
383 return *request;
384 }
385
386 // did the activity reached the end of the virgin body?
387 bool Adaptation::Icap::ModXact::virginBodyEndReached(const Adaptation::Icap::VirginBodyAct &act) const
388 {
389 return
390 !act.active() || // did all (assuming it was originally planned)
391 !virgin.body_pipe->expectMoreAfter(act.offset()); // wont have more
392 }
393
394 // the size of buffered virgin body data available for the specified activity
395 // if this size is zero, we may be done or may be waiting for more data
396 size_t Adaptation::Icap::ModXact::virginContentSize(const Adaptation::Icap::VirginBodyAct &act) const
397 {
398 Must(act.active());
399 // asbolute start of unprocessed data
400 const uint64_t dataStart = act.offset();
401 // absolute end of buffered data
402 const uint64_t dataEnd = virginConsumed + virgin.body_pipe->buf().contentSize();
403 Must(virginConsumed <= dataStart && dataStart <= dataEnd);
404 return static_cast<size_t>(dataEnd - dataStart);
405 }
406
407 // pointer to buffered virgin body data available for the specified activity
408 const char *Adaptation::Icap::ModXact::virginContentData(const Adaptation::Icap::VirginBodyAct &act) const
409 {
410 Must(act.active());
411 const uint64_t dataStart = act.offset();
412 Must(virginConsumed <= dataStart);
413 return virgin.body_pipe->buf().content() + static_cast<size_t>(dataStart-virginConsumed);
414 }
415
416 void Adaptation::Icap::ModXact::virginConsume()
417 {
418 debugs(93, 9, HERE << "consumption guards: " << !virgin.body_pipe << isRetriable <<
419 isRepeatable << canStartBypass << protectGroupBypass);
420
421 if (!virgin.body_pipe)
422 return; // nothing to consume
423
424 if (isRetriable)
425 return; // do not consume if we may have to retry later
426
427 BodyPipe &bp = *virgin.body_pipe;
428 const bool wantToPostpone = isRepeatable || canStartBypass || protectGroupBypass;
429
430 // Why > 2? HttpState does not use the last bytes in the buffer
431 // because delayAwareRead() is arguably broken. See
432 // HttpStateData::maybeReadVirginBody for more details.
433 if (wantToPostpone && bp.buf().spaceSize() > 2) {
434 // Postponing may increase memory footprint and slow the HTTP side
435 // down. Not postponing may increase the number of ICAP errors
436 // if the ICAP service fails. We may also use "potential" space to
437 // postpone more aggressively. Should the trade-off be configurable?
438 debugs(93, 8, HERE << "postponing consumption from " << bp.status());
439 return;
440 }
441
442 const size_t have = static_cast<size_t>(bp.buf().contentSize());
443 const uint64_t end = virginConsumed + have;
444 uint64_t offset = end;
445
446 debugs(93, 9, HERE << "max virgin consumption offset=" << offset <<
447 " acts " << virginBodyWriting.active() << virginBodySending.active() <<
448 " consumed=" << virginConsumed <<
449 " from " << virgin.body_pipe->status());
450
451 if (virginBodyWriting.active())
452 offset = min(virginBodyWriting.offset(), offset);
453
454 if (virginBodySending.active())
455 offset = min(virginBodySending.offset(), offset);
456
457 Must(virginConsumed <= offset && offset <= end);
458
459 if (const size_t size = static_cast<size_t>(offset - virginConsumed)) {
460 debugs(93, 8, HERE << "consuming " << size << " out of " << have <<
461 " virgin body bytes");
462 bp.consume(size);
463 virginConsumed += size;
464 Must(!isRetriable); // or we should not be consuming
465 disableRepeats("consumed content");
466 disableBypass("consumed content", true);
467 }
468 }
469
470 void Adaptation::Icap::ModXact::handleCommWroteBody()
471 {
472 writeMore();
473 }
474
475 // Called when we do not expect to call comm_write anymore.
476 // We may have a pending write though.
477 // If stopping nicely, we will just wait for that pending write, if any.
478 void Adaptation::Icap::ModXact::stopWriting(bool nicely)
479 {
480 if (state.writing == State::writingReallyDone)
481 return;
482
483 if (writer != NULL) {
484 if (nicely) {
485 debugs(93, 7, HERE << "will wait for the last write" << status());
486 state.writing = State::writingAlmostDone; // may already be set
487 checkConsuming();
488 return;
489 }
490 debugs(93, 3, HERE << "will NOT wait for the last write" << status());
491
492 // Comm does not have an interface to clear the writer callback nicely,
493 // but without clearing the writer we cannot recycle the connection.
494 // We prevent connection reuse and hope that we can handle a callback
495 // call at any time, usually in the middle of the destruction sequence!
496 // Somebody should add comm_remove_write_handler() to comm API.
497 reuseConnection = false;
498 ignoreLastWrite = true;
499 }
500
501 debugs(93, 7, HERE << "will no longer write" << status());
502 if (virginBodyWriting.active()) {
503 virginBodyWriting.disable();
504 virginConsume();
505 }
506 state.writing = State::writingReallyDone;
507 checkConsuming();
508 }
509
510 void Adaptation::Icap::ModXact::stopBackup()
511 {
512 if (!virginBodySending.active())
513 return;
514
515 debugs(93, 7, HERE << "will no longer backup" << status());
516 virginBodySending.disable();
517 virginConsume();
518 }
519
520 bool Adaptation::Icap::ModXact::doneAll() const
521 {
522 return Adaptation::Icap::Xaction::doneAll() && !state.serviceWaiting &&
523 doneSending() &&
524 doneReading() && state.doneWriting();
525 }
526
527 void Adaptation::Icap::ModXact::startReading()
528 {
529 Must(haveConnection());
530 Must(!reader);
531 Must(!adapted.header);
532 Must(!adapted.body_pipe);
533
534 // we use the same buffer for headers and body and then consume headers
535 readMore();
536 }
537
538 void Adaptation::Icap::ModXact::readMore()
539 {
540 if (reader != NULL || doneReading()) {
541 debugs(93,3,HERE << "returning from readMore because reader or doneReading()");
542 return;
543 }
544
545 // do not fill readBuf if we have no space to store the result
546 if (adapted.body_pipe != NULL &&
547 !adapted.body_pipe->buf().hasPotentialSpace()) {
548 debugs(93,3,HERE << "not reading because ICAP reply pipe is full");
549 return;
550 }
551
552 if (readBuf.hasSpace())
553 scheduleRead();
554 else
555 debugs(93,3,HERE << "nothing to do because !readBuf.hasSpace()");
556 }
557
558 // comm module read a portion of the ICAP response for us
559 void Adaptation::Icap::ModXact::handleCommRead(size_t)
560 {
561 Must(!state.doneParsing());
562 icap_tio_finish = current_time;
563 parseMore();
564 readMore();
565 }
566
567 void Adaptation::Icap::ModXact::echoMore()
568 {
569 Must(state.sending == State::sendingVirgin);
570 Must(adapted.body_pipe != NULL);
571 Must(virginBodySending.active());
572
573 const size_t sizeMax = virginContentSize(virginBodySending);
574 debugs(93,5, HERE << "will echo up to " << sizeMax << " bytes from " <<
575 virgin.body_pipe->status());
576 debugs(93,5, HERE << "will echo up to " << sizeMax << " bytes to " <<
577 adapted.body_pipe->status());
578
579 if (sizeMax > 0) {
580 const size_t size = adapted.body_pipe->putMoreData(virginContentData(virginBodySending), sizeMax);
581 debugs(93,5, HERE << "echoed " << size << " out of " << sizeMax <<
582 " bytes");
583 virginBodySending.progress(size);
584 disableRepeats("echoed content");
585 disableBypass("echoed content", true);
586 virginConsume();
587 }
588
589 if (virginBodyEndReached(virginBodySending)) {
590 debugs(93, 5, HERE << "echoed all" << status());
591 stopSending(true);
592 } else {
593 debugs(93, 5, HERE << "has " <<
594 virgin.body_pipe->buf().contentSize() << " bytes " <<
595 "and expects more to echo" << status());
596 // TODO: timeout if virgin or adapted pipes are broken
597 }
598 }
599
600 bool Adaptation::Icap::ModXact::doneSending() const
601 {
602 return state.sending == State::sendingDone;
603 }
604
605 // stop (or do not start) sending adapted message body
606 void Adaptation::Icap::ModXact::stopSending(bool nicely)
607 {
608 debugs(93, 7, HERE << "Enter stop sending ");
609 if (doneSending())
610 return;
611 debugs(93, 7, HERE << "Proceed with stop sending ");
612
613 if (state.sending != State::sendingUndecided) {
614 debugs(93, 7, HERE << "will no longer send" << status());
615 if (adapted.body_pipe != NULL) {
616 virginBodySending.disable();
617 // we may leave debts if we were echoing and the virgin
618 // body_pipe got exhausted before we echoed all planned bytes
619 const bool leftDebts = adapted.body_pipe->needsMoreData();
620 stopProducingFor(adapted.body_pipe, nicely && !leftDebts);
621 }
622 } else {
623 debugs(93, 7, HERE << "will not start sending" << status());
624 Must(!adapted.body_pipe);
625 }
626
627 state.sending = State::sendingDone;
628 checkConsuming();
629 }
630
631 // should be called after certain state.writing or state.sending changes
632 void Adaptation::Icap::ModXact::checkConsuming()
633 {
634 // quit if we already stopped or are still using the pipe
635 if (!virgin.body_pipe || !state.doneConsumingVirgin())
636 return;
637
638 debugs(93, 7, HERE << "will stop consuming" << status());
639 stopConsumingFrom(virgin.body_pipe);
640 }
641
642 void Adaptation::Icap::ModXact::parseMore()
643 {
644 debugs(93, 5, HERE << "have " << readBuf.contentSize() << " bytes to parse" <<
645 status());
646 debugs(93, 5, HERE << "\n" << readBuf.content());
647
648 if (state.parsingHeaders())
649 parseHeaders();
650
651 if (state.parsing == State::psBody)
652 parseBody();
653 }
654
655 void Adaptation::Icap::ModXact::callException(const std::exception &e)
656 {
657 if (!canStartBypass || isRetriable) {
658 if (!isRetriable) {
659 if (const TextException *te = dynamic_cast<const TextException *>(&e))
660 detailError(ERR_DETAIL_EXCEPTION_START + te->id());
661 else
662 detailError(ERR_DETAIL_EXCEPTION_OTHER);
663 }
664 Adaptation::Icap::Xaction::callException(e);
665 return;
666 }
667
668 try {
669 debugs(93, 3, HERE << "bypassing " << inCall << " exception: " <<
670 e.what() << ' ' << status());
671 bypassFailure();
672 } catch (const TextException &bypassTe) {
673 detailError(ERR_DETAIL_EXCEPTION_START + bypassTe.id());
674 Adaptation::Icap::Xaction::callException(bypassTe);
675 } catch (const std::exception &bypassE) {
676 detailError(ERR_DETAIL_EXCEPTION_OTHER);
677 Adaptation::Icap::Xaction::callException(bypassE);
678 }
679 }
680
681 void Adaptation::Icap::ModXact::bypassFailure()
682 {
683 disableBypass("already started to bypass", false);
684
685 Must(!isRetriable); // or we should not be bypassing
686 // TODO: should the same be enforced for isRepeatable? Check icap_repeat??
687
688 prepEchoing();
689
690 startSending();
691
692 // end all activities associated with the ICAP server
693
694 stopParsing();
695
696 stopWriting(true); // or should we force it?
697 if (haveConnection()) {
698 reuseConnection = false; // be conservative
699 cancelRead(); // may not work; and we cannot stop connecting either
700 if (!doneWithIo())
701 debugs(93, 7, HERE << "Warning: bypass failed to stop I/O" << status());
702 }
703
704 service().noteFailure(); // we are bypassing, but this is still a failure
705 }
706
707 void Adaptation::Icap::ModXact::disableBypass(const char *reason, bool includingGroupBypass)
708 {
709 if (canStartBypass) {
710 debugs(93,7, HERE << "will never start bypass because " << reason);
711 canStartBypass = false;
712 }
713 if (protectGroupBypass && includingGroupBypass) {
714 debugs(93,7, HERE << "not protecting group bypass because " << reason);
715 protectGroupBypass = false;
716 }
717 }
718
719 // note that allocation for echoing is done in handle204NoContent()
720 void Adaptation::Icap::ModXact::maybeAllocateHttpMsg()
721 {
722 if (adapted.header) // already allocated
723 return;
724
725 if (gotEncapsulated("res-hdr")) {
726 adapted.setHeader(new HttpReply);
727 setOutcome(service().cfg().method == ICAP::methodReqmod ?
728 xoSatisfied : xoModified);
729 } else if (gotEncapsulated("req-hdr")) {
730 adapted.setHeader(new HttpRequest);
731 setOutcome(xoModified);
732 } else
733 throw TexcHere("Neither res-hdr nor req-hdr in maybeAllocateHttpMsg()");
734 }
735
736 void Adaptation::Icap::ModXact::parseHeaders()
737 {
738 Must(state.parsingHeaders());
739
740 if (state.parsing == State::psIcapHeader) {
741 debugs(93, 5, HERE << "parse ICAP headers");
742 parseIcapHead();
743 }
744
745 if (state.parsing == State::psHttpHeader) {
746 debugs(93, 5, HERE << "parse HTTP headers");
747 parseHttpHead();
748 }
749
750 if (state.parsingHeaders()) { // need more data
751 Must(mayReadMore());
752 return;
753 }
754
755 startSending();
756 }
757
758 // called after parsing all headers or when bypassing an exception
759 void Adaptation::Icap::ModXact::startSending()
760 {
761 disableRepeats("sent headers");
762 disableBypass("sent headers", true);
763 sendAnswer(Answer::Forward(adapted.header));
764
765 if (state.sending == State::sendingVirgin)
766 echoMore();
767 }
768
769 void Adaptation::Icap::ModXact::parseIcapHead()
770 {
771 Must(state.sending == State::sendingUndecided);
772
773 if (!parseHead(icapReply))
774 return;
775
776 if (httpHeaderHasConnDir(&icapReply->header, "close")) {
777 debugs(93, 5, HERE << "found connection close");
778 reuseConnection = false;
779 }
780
781 switch (icapReply->sline.status) {
782
783 case 100:
784 handle100Continue();
785 break;
786
787 case 200:
788 case 201: // Symantec Scan Engine 5.0 and later when modifying HTTP msg
789
790 if (!validate200Ok()) {
791 throw TexcHere("Invalid ICAP Response");
792 } else {
793 handle200Ok();
794 }
795
796 break;
797
798 case 204:
799 handle204NoContent();
800 break;
801
802 case 206:
803 handle206PartialContent();
804 break;
805
806 default:
807 debugs(93, 5, HERE << "ICAP status " << icapReply->sline.status);
808 handleUnknownScode();
809 break;
810 }
811
812 const HttpRequest *request = dynamic_cast<HttpRequest*>(adapted.header);
813 if (!request)
814 request = &virginRequest();
815
816 // update the cross-transactional database if needed (all status codes!)
817 if (const char *xxName = Adaptation::Config::masterx_shared_name) {
818 Adaptation::History::Pointer ah = request->adaptHistory(true);
819 if (ah != NULL) { // TODO: reorder checks to avoid creating history
820 const String val = icapReply->header.getByName(xxName);
821 if (val.size() > 0) // XXX: HttpHeader lacks empty value detection
822 ah->updateXxRecord(xxName, val);
823 }
824 }
825
826 // update the adaptation plan if needed (all status codes!)
827 if (service().cfg().routing) {
828 String services;
829 if (icapReply->header.getList(HDR_X_NEXT_SERVICES, &services)) {
830 Adaptation::History::Pointer ah = request->adaptHistory(true);
831 if (ah != NULL)
832 ah->updateNextServices(services);
833 }
834 } // TODO: else warn (occasionally!) if we got HDR_X_NEXT_SERVICES
835
836 // We need to store received ICAP headers for <icapLastHeader logformat option.
837 // If we already have stored headers from previous ICAP transaction related to this
838 // request, old headers will be replaced with the new one.
839
840 Adaptation::History::Pointer ah = request->adaptLogHistory();
841 if (ah != NULL)
842 ah->recordMeta(&icapReply->header);
843
844 // handle100Continue() manages state.writing on its own.
845 // Non-100 status means the server needs no postPreview data from us.
846 if (state.writing == State::writingPaused)
847 stopWriting(true);
848 }
849
850 bool Adaptation::Icap::ModXact::validate200Ok()
851 {
852 if (ICAP::methodRespmod == service().cfg().method) {
853 if (!gotEncapsulated("res-hdr"))
854 return false;
855
856 return true;
857 }
858
859 if (ICAP::methodReqmod == service().cfg().method) {
860 if (!gotEncapsulated("res-hdr") && !gotEncapsulated("req-hdr"))
861 return false;
862
863 return true;
864 }
865
866 return false;
867 }
868
869 void Adaptation::Icap::ModXact::handle100Continue()
870 {
871 Must(state.writing == State::writingPaused);
872 // server must not respond before the end of preview: we may send ieof
873 Must(preview.enabled() && preview.done() && !preview.ieof());
874
875 // 100 "Continue" cancels our Preview commitment,
876 // but not commitment to handle 204 or 206 outside Preview
877 if (!state.allowedPostview204 && !state.allowedPostview206)
878 stopBackup();
879
880 state.parsing = State::psIcapHeader; // eventually
881 icapReply->reset();
882
883 state.writing = State::writingPrime;
884
885 writeMore();
886 }
887
888 void Adaptation::Icap::ModXact::handle200Ok()
889 {
890 state.parsing = State::psHttpHeader;
891 state.sending = State::sendingAdapted;
892 stopBackup();
893 checkConsuming();
894 }
895
896 void Adaptation::Icap::ModXact::handle204NoContent()
897 {
898 stopParsing();
899 prepEchoing();
900 }
901
902 void Adaptation::Icap::ModXact::handle206PartialContent()
903 {
904 if (state.writing == State::writingPaused) {
905 Must(preview.enabled());
906 Must(state.allowedPreview206);
907 debugs(93, 7, HERE << "206 inside preview");
908 } else {
909 Must(state.writing > State::writingPaused);
910 Must(state.allowedPostview206);
911 debugs(93, 7, HERE << "206 outside preview");
912 }
913 state.parsing = State::psHttpHeader;
914 state.sending = State::sendingAdapted;
915 state.readyForUob = true;
916 checkConsuming();
917 }
918
919 // Called when we receive a 204 No Content response and
920 // when we are trying to bypass a service failure.
921 // We actually start sending (echoig or not) in startSending.
922 void Adaptation::Icap::ModXact::prepEchoing()
923 {
924 disableRepeats("preparing to echo content");
925 disableBypass("preparing to echo content", true);
926 setOutcome(xoEcho);
927
928 // We want to clone the HTTP message, but we do not want
929 // to copy some non-HTTP state parts that HttpMsg kids carry in them.
930 // Thus, we cannot use a smart pointer, copy constructor, or equivalent.
931 // Instead, we simply write the HTTP message and "clone" it by parsing.
932 // TODO: use HttpMsg::clone()!
933
934 HttpMsg *oldHead = virgin.header;
935 debugs(93, 7, HERE << "cloning virgin message " << oldHead);
936
937 MemBuf httpBuf;
938
939 // write the virgin message into a memory buffer
940 httpBuf.init();
941 packHead(httpBuf, oldHead);
942
943 // allocate the adapted message and copy metainfo
944 Must(!adapted.header);
945 {
946 HttpMsg::Pointer newHead;
947 if (dynamic_cast<const HttpRequest*>(oldHead)) {
948 HttpRequest::Pointer newR(new HttpRequest);
949 newHead = newR;
950 } else if (dynamic_cast<const HttpReply*>(oldHead)) {
951 newHead = new HttpReply;
952 }
953 Must(newHead != NULL);
954
955 newHead->inheritProperties(oldHead);
956
957 adapted.setHeader(newHead);
958 }
959
960 // parse the buffer back
961 http_status error = HTTP_STATUS_NONE;
962
963 Must(adapted.header->parse(&httpBuf, true, &error));
964
965 if (HttpRequest *r = dynamic_cast<HttpRequest*>(adapted.header))
966 urlCanonical(r); // parse does not set HttpRequest::canonical
967
968 Must(adapted.header->hdr_sz == httpBuf.contentSize()); // no leftovers
969
970 httpBuf.clean();
971
972 debugs(93, 7, HERE << "cloned virgin message " << oldHead << " to " <<
973 adapted.header);
974
975 // setup adapted body pipe if needed
976 if (oldHead->body_pipe != NULL) {
977 debugs(93, 7, HERE << "will echo virgin body from " <<
978 oldHead->body_pipe);
979 if (!virginBodySending.active())
980 virginBodySending.plan(); // will throw if not possible
981 state.sending = State::sendingVirgin;
982 checkConsuming();
983
984 // TODO: optimize: is it possible to just use the oldHead pipe and
985 // remove ICAP from the loop? This echoing is probably a common case!
986 makeAdaptedBodyPipe("echoed virgin response");
987 if (oldHead->body_pipe->bodySizeKnown())
988 adapted.body_pipe->setBodySize(oldHead->body_pipe->bodySize());
989 debugs(93, 7, HERE << "will echo virgin body to " <<
990 adapted.body_pipe);
991 } else {
992 debugs(93, 7, HERE << "no virgin body to echo");
993 stopSending(true);
994 }
995 }
996
997 /// Called when we received use-original-body chunk extension in 206 response.
998 /// We actually start sending (echoing or not) in startSending().
999 void Adaptation::Icap::ModXact::prepPartialBodyEchoing(uint64_t pos)
1000 {
1001 Must(virginBodySending.active());
1002 Must(virgin.header->body_pipe != NULL);
1003
1004 setOutcome(xoPartEcho);
1005
1006 debugs(93, 7, HERE << "will echo virgin body suffix from " <<
1007 virgin.header->body_pipe << " offset " << pos );
1008
1009 // check that use-original-body=N does not point beyond buffered data
1010 const uint64_t virginDataEnd = virginConsumed +
1011 virgin.body_pipe->buf().contentSize();
1012 Must(pos <= virginDataEnd);
1013 virginBodySending.progress(static_cast<size_t>(pos));
1014
1015 state.sending = State::sendingVirgin;
1016 checkConsuming();
1017
1018 if (virgin.header->body_pipe->bodySizeKnown())
1019 adapted.body_pipe->expectProductionEndAfter(virgin.header->body_pipe->bodySize() - pos);
1020
1021 debugs(93, 7, HERE << "will echo virgin body suffix to " <<
1022 adapted.body_pipe);
1023
1024 // Start echoing data
1025 echoMore();
1026 }
1027
1028 void Adaptation::Icap::ModXact::handleUnknownScode()
1029 {
1030 stopParsing();
1031 stopBackup();
1032 // TODO: mark connection as "bad"
1033
1034 // Terminate the transaction; we do not know how to handle this response.
1035 throw TexcHere("Unsupported ICAP status code");
1036 }
1037
1038 void Adaptation::Icap::ModXact::parseHttpHead()
1039 {
1040 if (gotEncapsulated("res-hdr") || gotEncapsulated("req-hdr")) {
1041 replyHttpHeaderSize = 0;
1042 maybeAllocateHttpMsg();
1043
1044 if (!parseHead(adapted.header))
1045 return; // need more header data
1046
1047 if (adapted.header)
1048 replyHttpHeaderSize = adapted.header->hdr_sz;
1049
1050 if (dynamic_cast<HttpRequest*>(adapted.header)) {
1051 const HttpRequest *oldR = dynamic_cast<const HttpRequest*>(virgin.header);
1052 Must(oldR);
1053 // TODO: the adapted request did not really originate from the
1054 // client; give proxy admin an option to prevent copying of
1055 // sensitive client information here. See the following thread:
1056 // http://www.squid-cache.org/mail-archive/squid-dev/200703/0040.html
1057 }
1058
1059 // Maybe adapted.header==NULL if HttpReply and have Http 0.9 ....
1060 if (adapted.header)
1061 adapted.header->inheritProperties(virgin.header);
1062 }
1063
1064 decideOnParsingBody();
1065 }
1066
1067 // parses both HTTP and ICAP headers
1068 bool Adaptation::Icap::ModXact::parseHead(HttpMsg *head)
1069 {
1070 Must(head);
1071 debugs(93, 5, HERE << "have " << readBuf.contentSize() << " head bytes to parse" <<
1072 "; state: " << state.parsing);
1073
1074 http_status error = HTTP_STATUS_NONE;
1075 const bool parsed = head->parse(&readBuf, commEof, &error);
1076 Must(parsed || !error); // success or need more data
1077
1078 if (!parsed) { // need more data
1079 debugs(93, 5, HERE << "parse failed, need more data, return false");
1080 head->reset();
1081 return false;
1082 }
1083
1084 if (HttpRequest *r = dynamic_cast<HttpRequest*>(head))
1085 urlCanonical(r); // parse does not set HttpRequest::canonical
1086
1087 debugs(93, 5, HERE << "parse success, consume " << head->hdr_sz << " bytes, return true");
1088 readBuf.consume(head->hdr_sz);
1089 return true;
1090 }
1091
1092 void Adaptation::Icap::ModXact::decideOnParsingBody()
1093 {
1094 if (gotEncapsulated("res-body") || gotEncapsulated("req-body")) {
1095 debugs(93, 5, HERE << "expecting a body");
1096 state.parsing = State::psBody;
1097 replyHttpBodySize = 0;
1098 bodyParser = new ChunkedCodingParser;
1099 makeAdaptedBodyPipe("adapted response from the ICAP server");
1100 Must(state.sending == State::sendingAdapted);
1101 } else {
1102 debugs(93, 5, HERE << "not expecting a body");
1103 stopParsing();
1104 stopSending(true);
1105 }
1106 }
1107
1108 void Adaptation::Icap::ModXact::parseBody()
1109 {
1110 Must(state.parsing == State::psBody);
1111 Must(bodyParser);
1112
1113 debugs(93, 5, HERE << "have " << readBuf.contentSize() << " body bytes to parse");
1114
1115 // the parser will throw on errors
1116 BodyPipeCheckout bpc(*adapted.body_pipe);
1117 const bool parsed = bodyParser->parse(&readBuf, &bpc.buf);
1118 bpc.checkIn();
1119
1120 debugs(93, 5, HERE << "have " << readBuf.contentSize() << " body bytes after " <<
1121 "parse; parsed all: " << parsed);
1122 replyHttpBodySize += adapted.body_pipe->buf().contentSize();
1123
1124 // TODO: expose BodyPipe::putSize() to make this check simpler and clearer
1125 // TODO: do we really need this if we disable when sending headers?
1126 if (adapted.body_pipe->buf().contentSize() > 0) { // parsed something sometime
1127 disableRepeats("sent adapted content");
1128 disableBypass("sent adapted content", true);
1129 }
1130
1131 if (parsed) {
1132 if (state.readyForUob && bodyParser->useOriginBody >= 0) {
1133 prepPartialBodyEchoing(
1134 static_cast<uint64_t>(bodyParser->useOriginBody));
1135 stopParsing();
1136 return;
1137 }
1138
1139 stopParsing();
1140 stopSending(true); // the parser succeeds only if all parsed data fits
1141 return;
1142 }
1143
1144 debugs(93,3,HERE << this << " needsMoreData = " << bodyParser->needsMoreData());
1145
1146 if (bodyParser->needsMoreData()) {
1147 debugs(93,3,HERE << this);
1148 Must(mayReadMore());
1149 readMore();
1150 }
1151
1152 if (bodyParser->needsMoreSpace()) {
1153 Must(!doneSending()); // can hope for more space
1154 Must(adapted.body_pipe->buf().contentSize() > 0); // paranoid
1155 // TODO: there should be a timeout in case the sink is broken
1156 // or cannot consume partial content (while we need more space)
1157 }
1158 }
1159
1160 void Adaptation::Icap::ModXact::stopParsing()
1161 {
1162 if (state.parsing == State::psDone)
1163 return;
1164
1165 debugs(93, 7, HERE << "will no longer parse" << status());
1166
1167 delete bodyParser;
1168
1169 bodyParser = NULL;
1170
1171 state.parsing = State::psDone;
1172 }
1173
1174 // HTTP side added virgin body data
1175 void Adaptation::Icap::ModXact::noteMoreBodyDataAvailable(BodyPipe::Pointer)
1176 {
1177 writeMore();
1178
1179 if (state.sending == State::sendingVirgin)
1180 echoMore();
1181 }
1182
1183 // HTTP side sent us all virgin info
1184 void Adaptation::Icap::ModXact::noteBodyProductionEnded(BodyPipe::Pointer)
1185 {
1186 Must(virgin.body_pipe->productionEnded());
1187
1188 // push writer and sender in case we were waiting for the last-chunk
1189 writeMore();
1190
1191 if (state.sending == State::sendingVirgin)
1192 echoMore();
1193 }
1194
1195 // body producer aborted, but the initiator may still want to know
1196 // the answer, even though the HTTP message has been truncated
1197 void Adaptation::Icap::ModXact::noteBodyProducerAborted(BodyPipe::Pointer)
1198 {
1199 Must(virgin.body_pipe->productionEnded());
1200
1201 // push writer and sender in case we were waiting for the last-chunk
1202 writeMore();
1203
1204 if (state.sending == State::sendingVirgin)
1205 echoMore();
1206 }
1207
1208 // adapted body consumer wants more adapted data and
1209 // possibly freed some buffer space
1210 void Adaptation::Icap::ModXact::noteMoreBodySpaceAvailable(BodyPipe::Pointer)
1211 {
1212 if (state.sending == State::sendingVirgin)
1213 echoMore();
1214 else if (state.sending == State::sendingAdapted)
1215 parseMore();
1216 else
1217 Must(state.sending == State::sendingUndecided);
1218 }
1219
1220 // adapted body consumer aborted
1221 void Adaptation::Icap::ModXact::noteBodyConsumerAborted(BodyPipe::Pointer)
1222 {
1223 detailError(ERR_DETAIL_ICAP_XACT_BODY_CONSUMER_ABORT);
1224 mustStop("adapted body consumer aborted");
1225 }
1226
1227 Adaptation::Icap::ModXact::~ModXact()
1228 {
1229 delete bodyParser;
1230 }
1231
1232 // internal cleanup
1233 void Adaptation::Icap::ModXact::swanSong()
1234 {
1235 debugs(93, 5, HERE << "swan sings" << status());
1236
1237 stopWriting(false);
1238 stopSending(false);
1239
1240 if (theInitiator.set()) // we have not sent the answer to the initiator
1241 detailError(ERR_DETAIL_ICAP_XACT_OTHER);
1242
1243 // update adaptation history if start was called and we reserved a slot
1244 Adaptation::History::Pointer ah = virginRequest().adaptLogHistory();
1245 if (ah != NULL && adaptHistoryId >= 0)
1246 ah->recordXactFinish(adaptHistoryId);
1247
1248 Adaptation::Icap::Xaction::swanSong();
1249 }
1250
1251 void prepareLogWithRequestDetails(HttpRequest *, AccessLogEntry::Pointer &);
1252
1253 void Adaptation::Icap::ModXact::finalizeLogInfo()
1254 {
1255 HttpRequest * request_ = NULL;
1256 HttpReply * reply_ = NULL;
1257 if (!(request_ = dynamic_cast<HttpRequest*>(adapted.header))) {
1258 request_ = (virgin.cause? virgin.cause: dynamic_cast<HttpRequest*>(virgin.header));
1259 reply_ = dynamic_cast<HttpReply*>(adapted.header);
1260 }
1261
1262 Adaptation::Icap::History::Pointer h = request_->icapHistory();
1263 Must(h != NULL); // ICAPXaction::maybeLog calls only if there is a log
1264 al.icp.opcode = ICP_INVALID;
1265 al.url = h->log_uri.termedBuf();
1266 const Adaptation::Icap::ServiceRep &s = service();
1267 al.icap.reqMethod = s.cfg().method;
1268
1269 al.cache.caddr = request_->client_addr;
1270
1271 al.request = HTTPMSGLOCK(request_);
1272 if (reply_)
1273 al.reply = HTTPMSGLOCK(reply_);
1274 else
1275 al.reply = NULL;
1276
1277 if (h->rfc931.size())
1278 al.cache.rfc931 = h->rfc931.termedBuf();
1279
1280 #if USE_SSL
1281 if (h->ssluser.size())
1282 al.cache.ssluser = h->ssluser.termedBuf();
1283 #endif
1284 al.cache.code = h->logType;
1285 al.cache.requestSize = h->req_sz;
1286
1287 // leave al.icap.bodyBytesRead negative if no body
1288 if (replyHttpHeaderSize >= 0 || replyHttpBodySize >= 0) {
1289 const int64_t zero = 0; // to make max() argument types the same
1290 al.icap.bodyBytesRead =
1291 max(zero, replyHttpHeaderSize) + max(zero, replyHttpBodySize);
1292 }
1293
1294 if (reply_) {
1295 al.http.code = reply_->sline.status;
1296 al.http.content_type = reply_->content_type.termedBuf();
1297 if (replyHttpBodySize >= 0) {
1298 al.cache.replySize = replyHttpBodySize + reply_->hdr_sz;
1299 al.cache.highOffset = replyHttpBodySize;
1300 }
1301 //don't set al.cache.objectSize because it hasn't exist yet
1302
1303 Packer p;
1304 MemBuf mb;
1305
1306 mb.init();
1307 packerToMemInit(&p, &mb);
1308
1309 reply_->header.packInto(&p);
1310 al.headers.reply = xstrdup(mb.buf);
1311
1312 packerClean(&p);
1313 mb.clean();
1314 }
1315 prepareLogWithRequestDetails(request_, alep);
1316 Xaction::finalizeLogInfo();
1317 }
1318
1319 void Adaptation::Icap::ModXact::makeRequestHeaders(MemBuf &buf)
1320 {
1321 char ntoabuf[MAX_IPSTRLEN];
1322 /*
1323 * XXX These should use HttpHdr interfaces instead of Printfs
1324 */
1325 const Adaptation::ServiceConfig &s = service().cfg();
1326 buf.Printf("%s " SQUIDSTRINGPH " ICAP/1.0\r\n", s.methodStr(), SQUIDSTRINGPRINT(s.uri));
1327 buf.Printf("Host: " SQUIDSTRINGPH ":%d\r\n", SQUIDSTRINGPRINT(s.host), s.port);
1328 buf.Printf("Date: %s\r\n", mkrfc1123(squid_curtime));
1329
1330 if (!TheConfig.reuse_connections)
1331 buf.Printf("Connection: close\r\n");
1332
1333 const HttpRequest *request = &virginRequest();
1334
1335 // we must forward "Proxy-Authenticate" and "Proxy-Authorization"
1336 // as ICAP headers.
1337 if (virgin.header->header.has(HDR_PROXY_AUTHENTICATE)) {
1338 String vh=virgin.header->header.getByName("Proxy-Authenticate");
1339 buf.Printf("Proxy-Authenticate: " SQUIDSTRINGPH "\r\n",SQUIDSTRINGPRINT(vh));
1340 }
1341
1342 if (virgin.header->header.has(HDR_PROXY_AUTHORIZATION)) {
1343 String vh=virgin.header->header.getByName("Proxy-Authorization");
1344 buf.Printf("Proxy-Authorization: " SQUIDSTRINGPH "\r\n", SQUIDSTRINGPRINT(vh));
1345 } else if (request->extacl_user.defined() && request->extacl_user.size() && request->extacl_passwd.defined() && request->extacl_passwd.size()) {
1346 char loginbuf[256];
1347 snprintf(loginbuf, sizeof(loginbuf), SQUIDSTRINGPH ":" SQUIDSTRINGPH,
1348 SQUIDSTRINGPRINT(request->extacl_user),
1349 SQUIDSTRINGPRINT(request->extacl_passwd));
1350 buf.Printf("Proxy-Authorization: Basic %s\r\n", old_base64_encode(loginbuf));
1351 }
1352
1353 // share the cross-transactional database records if needed
1354 if (Adaptation::Config::masterx_shared_name) {
1355 Adaptation::History::Pointer ah = request->adaptHistory(false);
1356 if (ah != NULL) {
1357 String name, value;
1358 if (ah->getXxRecord(name, value)) {
1359 buf.Printf(SQUIDSTRINGPH ": " SQUIDSTRINGPH "\r\n",
1360 SQUIDSTRINGPRINT(name), SQUIDSTRINGPRINT(value));
1361 }
1362 }
1363 }
1364
1365 buf.Printf("Encapsulated: ");
1366
1367 MemBuf httpBuf;
1368
1369 httpBuf.init();
1370
1371 // build HTTP request header, if any
1372 ICAP::Method m = s.method;
1373
1374 // to simplify, we could assume that request is always available
1375
1376 String urlPath;
1377 if (request) {
1378 urlPath = request->urlpath;
1379 if (ICAP::methodRespmod == m)
1380 encapsulateHead(buf, "req-hdr", httpBuf, request);
1381 else if (ICAP::methodReqmod == m)
1382 encapsulateHead(buf, "req-hdr", httpBuf, virgin.header);
1383 }
1384
1385 if (ICAP::methodRespmod == m)
1386 if (const HttpMsg *prime = virgin.header)
1387 encapsulateHead(buf, "res-hdr", httpBuf, prime);
1388
1389 if (!virginBody.expected())
1390 buf.Printf("null-body=%d", (int) httpBuf.contentSize());
1391 else if (ICAP::methodReqmod == m)
1392 buf.Printf("req-body=%d", (int) httpBuf.contentSize());
1393 else
1394 buf.Printf("res-body=%d", (int) httpBuf.contentSize());
1395
1396 buf.append(ICAP::crlf, 2); // terminate Encapsulated line
1397
1398 if (preview.enabled()) {
1399 buf.Printf("Preview: %d\r\n", (int)preview.ad());
1400 if (!virginBody.expected()) // there is no body to preview
1401 finishNullOrEmptyBodyPreview(httpBuf);
1402 }
1403
1404 makeAllowHeader(buf);
1405
1406 if (TheConfig.send_client_ip && request) {
1407 Ip::Address client_addr;
1408 #if FOLLOW_X_FORWARDED_FOR
1409 if (TheConfig.use_indirect_client) {
1410 client_addr = request->indirect_client_addr;
1411 } else
1412 #endif
1413 client_addr = request->client_addr;
1414 if (!client_addr.IsAnyAddr() && !client_addr.IsNoAddr())
1415 buf.Printf("X-Client-IP: %s\r\n", client_addr.NtoA(ntoabuf,MAX_IPSTRLEN));
1416 }
1417
1418 if (TheConfig.send_username && request)
1419 makeUsernameHeader(request, buf);
1420
1421 // Adaptation::Config::metaHeaders
1422 typedef Adaptation::Config::MetaHeaders::iterator ACAMLI;
1423 for (ACAMLI i = Adaptation::Config::metaHeaders.begin(); i != Adaptation::Config::metaHeaders.end(); ++i) {
1424 HttpRequest *r = virgin.cause ?
1425 virgin.cause : dynamic_cast<HttpRequest*>(virgin.header);
1426 Must(r);
1427
1428 HttpReply *reply = dynamic_cast<HttpReply*>(virgin.header);
1429
1430 if (const char *value = (*i)->match(r, reply))
1431 buf.Printf("%s: %s\r\n", (*i)->name.termedBuf(), value);
1432 }
1433
1434 // fprintf(stderr, "%s\n", buf.content());
1435
1436 buf.append(ICAP::crlf, 2); // terminate ICAP header
1437
1438 // fill icapRequest for logging
1439 Must(icapRequest->parseCharBuf(buf.content(), buf.contentSize()));
1440
1441 // start ICAP request body with encapsulated HTTP headers
1442 buf.append(httpBuf.content(), httpBuf.contentSize());
1443
1444 httpBuf.clean();
1445 }
1446
1447 // decides which Allow values to write and updates the request buffer
1448 void Adaptation::Icap::ModXact::makeAllowHeader(MemBuf &buf)
1449 {
1450 const bool allow204in = preview.enabled(); // TODO: add shouldAllow204in()
1451 const bool allow204out = state.allowedPostview204 = shouldAllow204();
1452 const bool allow206in = state.allowedPreview206 = shouldAllow206in();
1453 const bool allow206out = state.allowedPostview206 = shouldAllow206out();
1454
1455 debugs(93,9, HERE << "Allows: " << allow204in << allow204out <<
1456 allow206in << allow206out);
1457
1458 const bool allow204 = allow204in || allow204out;
1459 const bool allow206 = allow206in || allow206out;
1460
1461 if (!allow204 && !allow206)
1462 return; // nothing to do
1463
1464 if (virginBody.expected()) // if there is a virgin body, plan to send it
1465 virginBodySending.plan();
1466
1467 // writing Preview:... means we will honor 204 inside preview
1468 // writing Allow/204 means we will honor 204 outside preview
1469 // writing Allow:206 means we will honor 206 inside preview
1470 // writing Allow:204,206 means we will honor 206 outside preview
1471 const char *allowHeader = NULL;
1472 if (allow204out && allow206)
1473 allowHeader = "Allow: 204, 206\r\n";
1474 else if (allow204out)
1475 allowHeader = "Allow: 204\r\n";
1476 else if (allow206)
1477 allowHeader = "Allow: 206\r\n";
1478
1479 if (allowHeader) { // may be nil if only allow204in is true
1480 buf.append(allowHeader, strlen(allowHeader));
1481 debugs(93,5, HERE << "Will write " << allowHeader);
1482 }
1483 }
1484
1485 void Adaptation::Icap::ModXact::makeUsernameHeader(const HttpRequest *request, MemBuf &buf)
1486 {
1487 #if USE_AUTH
1488 if (request->auth_user_request != NULL) {
1489 char const *name = request->auth_user_request->username();
1490 if (name) {
1491 const char *value = TheConfig.client_username_encode ? old_base64_encode(name) : name;
1492 buf.Printf("%s: %s\r\n", TheConfig.client_username_header, value);
1493 }
1494 } else if (request->extacl_user.defined() && request->extacl_user.size()) {
1495 const char *value = TheConfig.client_username_encode ? old_base64_encode(request->extacl_user.termedBuf()) : request->extacl_user.termedBuf();
1496 buf.Printf("%s: %s\r\n", TheConfig.client_username_header, value);
1497 }
1498 #endif
1499 }
1500
1501 void Adaptation::Icap::ModXact::encapsulateHead(MemBuf &icapBuf, const char *section, MemBuf &httpBuf, const HttpMsg *head)
1502 {
1503 // update ICAP header
1504 icapBuf.Printf("%s=%d, ", section, (int) httpBuf.contentSize());
1505
1506 // begin cloning
1507 HttpMsg::Pointer headClone;
1508
1509 if (const HttpRequest* old_request = dynamic_cast<const HttpRequest*>(head)) {
1510 HttpRequest::Pointer new_request(new HttpRequest);
1511 Must(old_request->canonical);
1512 urlParse(old_request->method, old_request->canonical, new_request);
1513 new_request->http_ver = old_request->http_ver;
1514 headClone = new_request;
1515 } else if (const HttpReply *old_reply = dynamic_cast<const HttpReply*>(head)) {
1516 HttpReply::Pointer new_reply(new HttpReply);
1517 new_reply->sline = old_reply->sline;
1518 headClone = new_reply;
1519 }
1520 Must(headClone != NULL);
1521 headClone->inheritProperties(head);
1522
1523 HttpHeaderPos pos = HttpHeaderInitPos;
1524 HttpHeaderEntry* p_head_entry = NULL;
1525 while (NULL != (p_head_entry = head->header.getEntry(&pos)) )
1526 headClone->header.addEntry(p_head_entry->clone());
1527
1528 // end cloning
1529
1530 // remove all hop-by-hop headers from the clone
1531 headClone->header.delById(HDR_PROXY_AUTHENTICATE);
1532 headClone->header.removeHopByHopEntries();
1533
1534 // pack polished HTTP header
1535 packHead(httpBuf, headClone);
1536
1537 // headClone unlocks and, hence, deletes the message we packed
1538 }
1539
1540 void Adaptation::Icap::ModXact::packHead(MemBuf &httpBuf, const HttpMsg *head)
1541 {
1542 Packer p;
1543 packerToMemInit(&p, &httpBuf);
1544 head->packInto(&p, true);
1545 packerClean(&p);
1546 }
1547
1548 // decides whether to offer a preview and calculates its size
1549 void Adaptation::Icap::ModXact::decideOnPreview()
1550 {
1551 if (!TheConfig.preview_enable) {
1552 debugs(93, 5, HERE << "preview disabled by squid.conf");
1553 return;
1554 }
1555
1556 const String urlPath = virginRequest().urlpath;
1557 size_t wantedSize;
1558 if (!service().wantsPreview(urlPath, wantedSize)) {
1559 debugs(93, 5, HERE << "should not offer preview for " << urlPath);
1560 return;
1561 }
1562
1563 // we decided to do preview, now compute its size
1564
1565 // cannot preview more than we can backup
1566 size_t ad = min(wantedSize, TheBackupLimit);
1567
1568 if (!virginBody.expected())
1569 ad = 0;
1570 else if (virginBody.knownSize())
1571 ad = min(static_cast<uint64_t>(ad), virginBody.size()); // not more than we have
1572
1573 debugs(93, 5, HERE << "should offer " << ad << "-byte preview " <<
1574 "(service wanted " << wantedSize << ")");
1575
1576 preview.enable(ad);
1577 Must(preview.enabled());
1578 }
1579
1580 // decides whether to allow 204 responses
1581 bool Adaptation::Icap::ModXact::shouldAllow204()
1582 {
1583 if (!service().allows204())
1584 return false;
1585
1586 return canBackupEverything();
1587 }
1588
1589 // decides whether to allow 206 responses in some mode
1590 bool Adaptation::Icap::ModXact::shouldAllow206any()
1591 {
1592 return TheConfig.allow206_enable && service().allows206() &&
1593 virginBody.expected(); // no need for 206 without a body
1594 }
1595
1596 // decides whether to allow 206 responses in preview mode
1597 bool Adaptation::Icap::ModXact::shouldAllow206in()
1598 {
1599 return shouldAllow206any() && preview.enabled();
1600 }
1601
1602 // decides whether to allow 206 responses outside of preview
1603 bool Adaptation::Icap::ModXact::shouldAllow206out()
1604 {
1605 return shouldAllow206any() && canBackupEverything();
1606 }
1607
1608 // used by shouldAllow204 and decideOnRetries
1609 bool Adaptation::Icap::ModXact::canBackupEverything() const
1610 {
1611 if (!virginBody.expected())
1612 return true; // no body means no problems with backup
1613
1614 // if there is a body, check whether we can backup it all
1615
1616 if (!virginBody.knownSize())
1617 return false;
1618
1619 // or should we have a different backup limit?
1620 // note that '<' allows for 0-termination of the "full" backup buffer
1621 return virginBody.size() < TheBackupLimit;
1622 }
1623
1624 // Decide whether this transaction can be retried if pconn fails
1625 // Must be called after decideOnPreview and before openConnection()
1626 void Adaptation::Icap::ModXact::decideOnRetries()
1627 {
1628 if (!isRetriable)
1629 return; // no, already decided
1630
1631 if (preview.enabled())
1632 return; // yes, because preview provides enough guarantees
1633
1634 if (canBackupEverything())
1635 return; // yes, because we can back everything up
1636
1637 disableRetries(); // no, because we cannot back everything up
1638 }
1639
1640 // Normally, the body-writing code handles preview body. It can deal with
1641 // bodies of unexpected size, including those that turn out to be empty.
1642 // However, that code assumes that the body was expected and body control
1643 // structures were initialized. This is not the case when there is no body
1644 // or the body is known to be empty, because the virgin message will lack a
1645 // body_pipe. So we handle preview of null-body and zero-size bodies here.
1646 void Adaptation::Icap::ModXact::finishNullOrEmptyBodyPreview(MemBuf &buf)
1647 {
1648 Must(!virginBodyWriting.active()); // one reason we handle it here
1649 Must(!virgin.body_pipe); // another reason we handle it here
1650 Must(!preview.ad());
1651
1652 // do not add last-chunk because our Encapsulated header says null-body
1653 // addLastRequestChunk(buf);
1654 preview.wrote(0, true);
1655
1656 Must(preview.done());
1657 Must(preview.ieof());
1658 }
1659
1660 void Adaptation::Icap::ModXact::fillPendingStatus(MemBuf &buf) const
1661 {
1662 Adaptation::Icap::Xaction::fillPendingStatus(buf);
1663
1664 if (state.serviceWaiting)
1665 buf.append("U", 1);
1666
1667 if (virgin.body_pipe != NULL)
1668 buf.append("R", 1);
1669
1670 if (haveConnection() && !doneReading())
1671 buf.append("r", 1);
1672
1673 if (!state.doneWriting() && state.writing != State::writingInit)
1674 buf.Printf("w(%d)", state.writing);
1675
1676 if (preview.enabled()) {
1677 if (!preview.done())
1678 buf.Printf("P(%d)", (int) preview.debt());
1679 }
1680
1681 if (virginBodySending.active())
1682 buf.append("B", 1);
1683
1684 if (!state.doneParsing() && state.parsing != State::psIcapHeader)
1685 buf.Printf("p(%d)", state.parsing);
1686
1687 if (!doneSending() && state.sending != State::sendingUndecided)
1688 buf.Printf("S(%d)", state.sending);
1689
1690 if (state.readyForUob)
1691 buf.append("6", 1);
1692
1693 if (canStartBypass)
1694 buf.append("Y", 1);
1695
1696 if (protectGroupBypass)
1697 buf.append("G", 1);
1698 }
1699
1700 void Adaptation::Icap::ModXact::fillDoneStatus(MemBuf &buf) const
1701 {
1702 Adaptation::Icap::Xaction::fillDoneStatus(buf);
1703
1704 if (!virgin.body_pipe)
1705 buf.append("R", 1);
1706
1707 if (state.doneWriting())
1708 buf.append("w", 1);
1709
1710 if (preview.enabled()) {
1711 if (preview.done())
1712 buf.Printf("P%s", preview.ieof() ? "(ieof)" : "");
1713 }
1714
1715 if (doneReading())
1716 buf.append("r", 1);
1717
1718 if (state.doneParsing())
1719 buf.append("p", 1);
1720
1721 if (doneSending())
1722 buf.append("S", 1);
1723 }
1724
1725 bool Adaptation::Icap::ModXact::gotEncapsulated(const char *section) const
1726 {
1727 return icapReply->header.getByNameListMember("Encapsulated",
1728 section, ',').size() > 0;
1729 }
1730
1731 // calculate whether there is a virgin HTTP body and
1732 // whether its expected size is known
1733 // TODO: rename because we do not just estimate
1734 void Adaptation::Icap::ModXact::estimateVirginBody()
1735 {
1736 // note: lack of size info may disable previews and 204s
1737
1738 HttpMsg *msg = virgin.header;
1739 Must(msg);
1740
1741 HttpRequestMethod method;
1742
1743 if (virgin.cause)
1744 method = virgin.cause->method;
1745 else if (HttpRequest *req = dynamic_cast<HttpRequest*>(msg))
1746 method = req->method;
1747 else
1748 method = METHOD_NONE;
1749
1750 int64_t size;
1751 // expectingBody returns true for zero-sized bodies, but we will not
1752 // get a pipe for that body, so we treat the message as bodyless
1753 if (method != METHOD_NONE && msg->expectingBody(method, size) && size) {
1754 debugs(93, 6, HERE << "expects virgin body from " <<
1755 virgin.body_pipe << "; size: " << size);
1756
1757 virginBody.expect(size);
1758 virginBodyWriting.plan();
1759
1760 // sign up as a body consumer
1761 Must(msg->body_pipe != NULL);
1762 Must(msg->body_pipe == virgin.body_pipe);
1763 Must(virgin.body_pipe->setConsumerIfNotLate(this));
1764
1765 // make sure TheBackupLimit is in-sync with the buffer size
1766 Must(TheBackupLimit <= static_cast<size_t>(msg->body_pipe->buf().max_capacity));
1767 } else {
1768 debugs(93, 6, HERE << "does not expect virgin body");
1769 Must(msg->body_pipe == NULL);
1770 checkConsuming();
1771 }
1772 }
1773
1774 void Adaptation::Icap::ModXact::makeAdaptedBodyPipe(const char *what)
1775 {
1776 Must(!adapted.body_pipe);
1777 Must(!adapted.header->body_pipe);
1778 adapted.header->body_pipe = new BodyPipe(this);
1779 adapted.body_pipe = adapted.header->body_pipe;
1780 debugs(93, 7, HERE << "will supply " << what << " via " <<
1781 adapted.body_pipe << " pipe");
1782 }
1783
1784 // TODO: Move SizedEstimate and Preview elsewhere
1785
1786 Adaptation::Icap::SizedEstimate::SizedEstimate()
1787 : theData(dtUnexpected)
1788 {}
1789
1790 void Adaptation::Icap::SizedEstimate::expect(int64_t aSize)
1791 {
1792 theData = (aSize >= 0) ? aSize : (int64_t)dtUnknown;
1793 }
1794
1795 bool Adaptation::Icap::SizedEstimate::expected() const
1796 {
1797 return theData != dtUnexpected;
1798 }
1799
1800 bool Adaptation::Icap::SizedEstimate::knownSize() const
1801 {
1802 Must(expected());
1803 return theData != dtUnknown;
1804 }
1805
1806 uint64_t Adaptation::Icap::SizedEstimate::size() const
1807 {
1808 Must(knownSize());
1809 return static_cast<uint64_t>(theData);
1810 }
1811
1812 Adaptation::Icap::VirginBodyAct::VirginBodyAct(): theStart(0), theState(stUndecided)
1813 {}
1814
1815 void Adaptation::Icap::VirginBodyAct::plan()
1816 {
1817 Must(!disabled());
1818 Must(!theStart); // not started
1819 theState = stActive;
1820 }
1821
1822 void Adaptation::Icap::VirginBodyAct::disable()
1823 {
1824 theState = stDisabled;
1825 }
1826
1827 void Adaptation::Icap::VirginBodyAct::progress(size_t size)
1828 {
1829 Must(active());
1830 #if SIZEOF_SIZE_T > 4
1831 /* always true for smaller size_t's */
1832 Must(static_cast<int64_t>(size) >= 0);
1833 #endif
1834 theStart += static_cast<int64_t>(size);
1835 }
1836
1837 uint64_t Adaptation::Icap::VirginBodyAct::offset() const
1838 {
1839 Must(active());
1840 return static_cast<uint64_t>(theStart);
1841 }
1842
1843 Adaptation::Icap::Preview::Preview(): theWritten(0), theAd(0), theState(stDisabled)
1844 {}
1845
1846 void Adaptation::Icap::Preview::enable(size_t anAd)
1847 {
1848 // TODO: check for anAd not exceeding preview size limit
1849 Must(!enabled());
1850 theAd = anAd;
1851 theState = stWriting;
1852 }
1853
1854 bool Adaptation::Icap::Preview::enabled() const
1855 {
1856 return theState != stDisabled;
1857 }
1858
1859 size_t Adaptation::Icap::Preview::ad() const
1860 {
1861 Must(enabled());
1862 return theAd;
1863 }
1864
1865 bool Adaptation::Icap::Preview::done() const
1866 {
1867 Must(enabled());
1868 return theState >= stIeof;
1869 }
1870
1871 bool Adaptation::Icap::Preview::ieof() const
1872 {
1873 Must(enabled());
1874 return theState == stIeof;
1875 }
1876
1877 size_t Adaptation::Icap::Preview::debt() const
1878 {
1879 Must(enabled());
1880 return done() ? 0 : (theAd - theWritten);
1881 }
1882
1883 void Adaptation::Icap::Preview::wrote(size_t size, bool wroteEof)
1884 {
1885 Must(enabled());
1886
1887 theWritten += size;
1888
1889 Must(theWritten <= theAd);
1890
1891 if (wroteEof)
1892 theState = stIeof; // written size is irrelevant
1893 else if (theWritten >= theAd)
1894 theState = stDone;
1895 }
1896
1897 bool Adaptation::Icap::ModXact::fillVirginHttpHeader(MemBuf &mb) const
1898 {
1899 if (virgin.header == NULL)
1900 return false;
1901
1902 virgin.header->firstLineBuf(mb);
1903
1904 return true;
1905 }
1906
1907 void Adaptation::Icap::ModXact::detailError(int errDetail)
1908 {
1909 HttpRequest *request = dynamic_cast<HttpRequest*>(adapted.header);
1910 // if no adapted request, update virgin (and inherit its properties later)
1911 // TODO: make this and HttpRequest::detailError constant, like adaptHistory
1912 if (!request)
1913 request = const_cast<HttpRequest*>(&virginRequest());
1914
1915 if (request)
1916 request->detailError(ERR_ICAP_FAILURE, errDetail);
1917 }
1918
1919 void Adaptation::Icap::ModXact::clearError()
1920 {
1921 HttpRequest *request = dynamic_cast<HttpRequest*>(adapted.header);
1922 // if no adapted request, update virgin (and inherit its properties later)
1923 if (!request)
1924 request = const_cast<HttpRequest*>(&virginRequest());
1925
1926 if (request)
1927 request->clearError();
1928 }
1929
1930 /* Adaptation::Icap::ModXactLauncher */
1931
1932 Adaptation::Icap::ModXactLauncher::ModXactLauncher(HttpMsg *virginHeader, HttpRequest *virginCause, Adaptation::ServicePointer aService):
1933 AsyncJob("Adaptation::Icap::ModXactLauncher"),
1934 Adaptation::Icap::Launcher("Adaptation::Icap::ModXactLauncher", aService)
1935 {
1936 virgin.setHeader(virginHeader);
1937 virgin.setCause(virginCause);
1938 updateHistory(true);
1939 }
1940
1941 Adaptation::Icap::Xaction *Adaptation::Icap::ModXactLauncher::createXaction()
1942 {
1943 Adaptation::Icap::ServiceRep::Pointer s =
1944 dynamic_cast<Adaptation::Icap::ServiceRep*>(theService.getRaw());
1945 Must(s != NULL);
1946 return new Adaptation::Icap::ModXact(virgin.header, virgin.cause, s);
1947 }
1948
1949 void Adaptation::Icap::ModXactLauncher::swanSong()
1950 {
1951 debugs(93, 5, HERE << "swan sings");
1952 updateHistory(false);
1953 Adaptation::Icap::Launcher::swanSong();
1954 }
1955
1956 void Adaptation::Icap::ModXactLauncher::updateHistory(bool doStart)
1957 {
1958 HttpRequest *r = virgin.cause ?
1959 virgin.cause : dynamic_cast<HttpRequest*>(virgin.header);
1960
1961 // r should never be NULL but we play safe; TODO: add Should()
1962 if (r) {
1963 Adaptation::Icap::History::Pointer h = r->icapHistory();
1964 if (h != NULL) {
1965 if (doStart)
1966 h->start("ICAPModXactLauncher");
1967 else
1968 h->stop("ICAPModXactLauncher");
1969 }
1970 }
1971 }
Mirror of https://github.com/squid-cache/squid.git