Amos Jeffries [Thu, 13 Nov 2014 12:09:11 +0000 (04:09 -0800)]
Fix delay pool DeferredRead in HttpStateData
The deferred read action may have been delayed so long the read(2) is no
longer possible. It needs to restart from watching the socket instead of
just from performing read(2). This re-adds part of the latency when
delaying traffic but we retain the bytesWanted() speed up so not a big
loss.
Amos Jeffries [Wed, 12 Nov 2014 11:48:07 +0000 (03:48 -0800)]
Use Http1::ResponseParser to process HTTP server responses
Integrate the Http1::ResponseParser with HttpStateData to parse server
response buffer content.
Fixes one performance regression copying the entire mesage header
block from SBuf to String.
Adds a few much smaller performance regressions, data-copying the
reason phrase and status line details.
Update the EOF \r\n hack:
* move the hack from read(2) handler to depend on parse results.
* make the append operation only be performed if the header actually is
missing the terminator sequence.
* extend to append two CRLF pairs so Squid can now process truncated
header blocks.
Amos Jeffries [Wed, 12 Nov 2014 11:35:18 +0000 (03:35 -0800)]
Fix Http1::ResponseParser
Fix detection of status code in status-line. The Tokenizer::prefix()
method with byte-limited scan needs to be passed a limit large enough to
include the terminator byte for the field.
Add missing logic to transform HTTP/0.9 response syntax to HTTP/1.1
mime header block.
Add additional debugging messages to trace parse operations.
Amos Jeffries [Tue, 11 Nov 2014 13:55:41 +0000 (05:55 -0800)]
Convert HttpStateData (aka. Http::Client) response buffer to use SBuf
This replaces the MemBuf used to receive server responses with an SBuf in
preparation for use by an Http1::ResponseParser.
As part of this convert the I/O read processing to Comm::Read / ReadNow
API with read(2) operation happening in the read handler instead of
buried in the comm code. A side effect of this is detaching the read
operation from StoreEntry::delayAwareRead().
Two temporary performance regressions are necessarily introduced with
these changes:
* The worst is a data copy from SBuf input buffer to a temporary MemBuf
so that the chunked body decoder can process the content. This will
only be able to be removed when teh chunked decoder is itself converted
to process an SBuf.
* Also, until the new Http1::ResponseParser is implemented we need to
copy the response header contents into a temporary MemBuf for the old
HttpReply::parse() method to process.
Amos Jeffries [Fri, 7 Nov 2014 08:41:47 +0000 (00:41 -0800)]
Parser-NG: HTTP Parser structural redesign
This update is to lay the groundwork for several planned future projects
implementing protocol specific parsers, seperating the currently
intertwinned client connection management and HTTP protocol parsing
logics, and for zero-copy processing of transactions using SBuf.
This patch renames the HttpParser class as RequestParser and moves it
into the Http::One:: namespace as child of an Http::Parser class with
generic API accessors for shared use by other HTTP message parsers.
The class API
- is updated to process both the request-line and HTTP mime headers,
returning an incomplete parse result until the entire headers parts of
the message have been received.
- now contains accessor methods for retrieving the method, URI,
protocol, mime headers block (as an SBuf) and some metrics about those.
- the old request_offsets structure and similar offset details are no
longer exposed.
- now emits 414 and 431 HTTP status codes as appropriate.
The parser is made partially incremental and some use of Tokenizer is
added for faster parsing. There is more that can be done to further
speed up parsing of slow or very large requests.
Much of the code from client_side.cc parseHttpRequest() and also the
header-field code from mime_headers.cc has been moved into the parser
class. The client_side.cc code now simply runs the main
Http1::RequestParser::parse() method then uses accessors to retrieve
and process the parse results.
A unit test for incremental parsing has been added to testHttpParser.
Also, the HttpRequestMethod class is moved into the Http:: namespace and
library to reduce dependencies on the parser class outside the library.
The gains made so far from incremental parse, reducing parser passes and
zero-copy SBuf are offset by several temporary performance regressions
added converting SBuf for legacy code use. These are marked for later
removal.
Amos Jeffries [Tue, 4 Nov 2014 08:47:03 +0000 (00:47 -0800)]
Bug 1961 part 2: redesign of URL handling.
Move the HttpRequest::login detail into class URL. Renaming to userInfo
as per the RFC 3986 defined name for this URI piece.
Convert the details to SBuf gaining several minor str*() removals in
the process and a simpler FTP login parser based on SBuf capabilities.
Also, updated the base64 encoder API used for converting between URI
userInfo and Basic authentication header token. Gaining better control
over the length of maximum token size and a small speedup from pre-known
input length.
Amos Jeffries [Sun, 2 Nov 2014 00:10:01 +0000 (17:10 -0700)]
Cleanup: Simplify CBDATA API and rename CBDATA_CLASS
There are no logic changes here.
* Rename CBDATA_CLASS2() to CBDATA_CLASS()
* Remove cbdata*Dbg() duplicate interface for CBDATA.
Inline it with the CBDATA_CLASS() API
* update public:/private: class section handling in CBDATA_CLASS() and
place all uses at the top of class definition as with MEMPROXY_CLASS()
and typedef coding style.
- this highlights TunnelStateData API as previously broken in regards
to private members. Leave it public: for now with TODO on fixing.
Amos Jeffries [Sat, 1 Nov 2014 05:04:05 +0000 (22:04 -0700)]
Docs: Add man(8) page for helper-mux tool
Convert the helper-mux.pl.README to inlineperl docs and generate a man(8)
page using pod2man when possible.
Also, shuffle the tool into a sub-directory of its own for easier build
management.
Also, add a automake conditional ENABLE_POD2MAN_DOC to allow optional
build of perl tools or helpers without depending on pod2man which is
only necessary for the documentation.
Amos Jeffries [Tue, 21 Oct 2014 11:10:13 +0000 (04:10 -0700)]
Enable flexible transport protocol in Server hierarchy
We are quickly approaching a time when a client connection can freely
migrate between protocols or versions of protocols. Already we have
ssl-bump which can switch a connection from HTTP to HTTPS. We are also
expecting switching HTTP<->HTTPS via Upgrade, and HTTP/1<->HTTP/2 via
"magic", Upgrade, or ALPN.
Based on ssl-bump experience with switchedToHttps() and the pain that
can be predicted when there are several permutations of such accessors
to test against make the Server class aware of what transfer protocol
is in use at whatever the 'top' layer of the protocol stack is.
* Add a transportVersion member to ConnStateData which holds the current
protocol to be used over the clientConnection socket. This variable can
be altered whenever necessary to cause an on-wire protocol change. New
connections default to the protocol signalled in the http(s)_port directive.
* ssl-bump transforms the transportVersion from whatever it was
previously (usually HTTP or HTTPS) to HTTPS, and back to HTTP is splice
action is performed.
* transparent and reverse-proxy URL reconstruction is updated to use the
new member instead of the http(s)_port protocol= setting. This removes
edge conditions where the URL reconstructor needs to figure out ssl-bump
existence.
Amos Jeffries [Mon, 20 Oct 2014 06:58:59 +0000 (23:58 -0700)]
Cleanup: Simplify MEMPROXY_CLASS_* macros
There are no logical changes in this patch.
* Make MEMPROXY_CLASS() macro inline its definitions.
* Remove MEMPROXY_CLASS_INLINE
* Remove last remaining mention of obsolete MEMPROXY_CLASS_INIT
* Adjust MEMPROXY_CLASS() to control its private/public definitions
appropriate to their needs.
* Shuffle all MEMPROXY_CLASS() macro uses to the top of the relevant
classes (in some cases renaming struct to class with public members
if necessary) such that the new terminal private: does not affect
existing class definitions.
Bug 4102: sslbump cert contains only a dot character in key usage extension
The patch for bug 3966 was slightly incorrect. As a result the Key Usage
field for SSL-bump mimic'ed certificates could end up containing only a
dot (.) character.
Amos Jeffries [Sun, 19 Oct 2014 22:06:38 +0000 (15:06 -0700)]
Enable long (--foo) command line parameters on squid binary
The squid binary is running out of single-character options that make
any sense phonetically or as abbreviations. This lays the groundwork for
future options to use words or even just more than a single character.
Since we cannot define an empty array for long options, add --help and
--version as initial expansions of -h and -v.
Amos Jeffries [Thu, 16 Oct 2014 18:01:46 +0000 (11:01 -0700)]
Bug 3803: ident leaks memory on failure
Begin the process of conversion for IdentStateData to an AsyncJob.
* convert the object from CBDATA struct to a class with
CBDATA_CLASS2() API.
* Bug 3803 is caused by a lack of proper cleanup and consistent exit
actions terminating the job. Take the core logic changes from the
tested bug patch and;
1) define a swanSong() method to cleanup the memory allocated
2) define a deleteThis() method to emulate AsyncJob::deleteThis()
* Locate all code paths leveraging conn->close() to trigger cleanup
via the connection close handler and convert to explicit deleteThis()
with excuse. Including a few which were not but need to in order to
terminate the job correctly as fixed in bug 3803 patch.
The actions performed are nearly identical to the original code. The
differences are that many code paths now omit an AsyncCall step going
via the Comm close handler, and that all paths terminating the IDENT
lookup now go through swanSong() cleanup.
Further cleanup converting to a full AsyncJob is not included, since
there is an explicit hash of running IdentStateData object pointers
being used in the old code.
Amos Jeffries [Wed, 15 Oct 2014 14:09:32 +0000 (07:09 -0700)]
Audit updates
* rename HttpRequestMethod(char*) to HttpRequestMethodXXX() in order to
assist removal since it is deprecated now
- plus code polishing and unit-test updates to work with this as a
method instead of constructor
* fix several potential out-of-bounds SBuf and MemBlob accesses
Amos Jeffries [Fri, 10 Oct 2014 16:06:38 +0000 (09:06 -0700)]
CBDATA: log memory leak situations when --enable-debug-cbdata
CBDATA objects are supposed to be explicitly locked and unlocked by all
users. The nominal 'owner' of the data is also supposed to mark it as
invalid when unlocking its reference.
If a CBDATA object reaches 0 locks and is still valid, it therefore
follows that either the locking or invalidate has not been properly
implemented.
Now that we are migrating to CbcPointer usage instead of explicit
lock/unlock macro calls we have started encountering these situations.
Any object reporting a 'leak' must be investigated;
a) perhapse RefCount is better?
b) using CbcPointer consistently and invalidating correctly.
Amos Jeffries [Wed, 8 Oct 2014 15:51:28 +0000 (08:51 -0700)]
Bug 4088: memory leak in external_acl_type helper with cache=0 or ttl=0
ExternalACLEntry / external_acl_entry objects have been abusing the
CBDATA API for reference counting and since 3.4 this has resulted in
hidden memory leaks as object accounting shows all locks released but
the memory is not freed by any 'owner'.
* convert to using RefCount<> API.
* move ExternalACLEntry pre-define to acl/forward.h
* add ExternalACLEntryPointer in acl/forward.h
* convert LookupDone() method to using explicit typed pointer
* convert from CBDATA_CLASS to MEMPROXY_CLASS memory management.
* convert almost all raw ExternalACLEntry* to Pointer
- remaining usage is in the cache hash pointers. Use an explicit 'cachd'
lock/unlock until this hash is updated to std:: structure types.
Browser vendors will get rid of SSL certificates that use SHA-1 to generate
the hash that is then signed by the CA. For example, Google Chrome will start
to show an "insecure" sign for certificates that are valid after 1.1.2016 and
will generate a warning page for certificates that are valid after 1.1.2017 [1],
[2],[4]. Microsoft will block certificates with SHA-1 after 1.1.2017 [3].
This patch:
1) Add a new configuration option to select the signing hash for
generated certificates: sslproxy_cert_sign_hash.
2) If sslproxy_cert_sign_hash is not set, then use the sha256 hash.
This patch add support for the "Validate server certificates without bumping"
use case described on the Peek and Splice wiki page:
http://wiki.squid-cache.org/Features/SslPeekAndSplice
This patch send to the certificate validation helper the certificates and
errors found in SslBump3 step, even if the splicing mode selected.
In the case the validation helper found errors in certificates an error
page returned to the http client.
The SSL error forwarding is controlled by ACLs along these lines:
sslproxy_cert_error allow sslBoringErrors
sslproxy_cert_error allow serversWithInvalidCerts
sslproxy_cert_error deny all
Amos Jeffries [Thu, 2 Oct 2014 12:07:26 +0000 (05:07 -0700)]
Portability: provide xstatvfs() shim for system call statvfs()
statfs() and struct statfs have been deprecated for years. Hoewver the
POSIX statvfs replacements are still not universally available.
Remove deprecated statfs() and struct statfs usage from Squid. Although
they may still be used by the xstatvfs() compatibility wrapper if they
are the only available API.
- Record SSL bump action at each bumping step in the Ssl::ServerBump.
The new Ssl::ServerBump::act member added for this purpose.
- Split Ssl::PeerConnector::checkForPeekAndSplice to two methods
(checkForPeekAndSplice and checkForPeekAndSpliceDone) add some
documentation, and polish the code.
- Polish httpsSslBumpStep2AccessCheckDone function (client_side.cc file)
The PID and thus parent process PID concept is not available in Windows
and MinGW at least lacks the API mechanism.
This may re-open an issue with kid processes notifying the coordinator
when they are shutting down. If so we need to find an alternative
mechanism to replace this use of kill(getppid(), SIGUSR1)
Cleanup: convert AuthUserIP from CBDATA to MEMPROXY class
This object was not needing to be passed as callback arguments
but was using CBDATA type to gain memory pooling.
Converting to the correct pooling mechanism removes some more
uses of cbdataFree() and ensures the object and its members
destructors are called properly.
Cleanup: use SBuf::npos instead of npos in SBuf::append()
Small experiment. It is possible on some systems that std::npos / ::npos
is defined with a different integer size and value.
This may be what is confusing Coverity scan and producing buffer overrun
alerts in the append() c-string with default parameter case.
If ConfigParser::QuotedOrToEol() happend to return NULL. Which may happen
if there is no token before end of current file the auth module config
parser would crash.
Do not crash when sending %ssl::cert_subject to external ACL w/o certificate.
An ACL check in ConnStateData::postHttpsAccept (e.g., when dealing with an
intercepted SSL connection) uses an HttpRequest object that is not yet linked
with the ConnStateData object. Do not blindly dereference the pointer to the
latter.
Fixes a squid crash when a foreign protocol client connected to an https_port
The Ssl::Bio::read will fail to recognize SSL protocol and will return "-1"
as readed SSL bytes. The Ssl::ClientBio::read must return error (-1)
in this case.
Send selected SSL version and cipher to the certificate validation helper.
This patch sends the selected cipher suite and the selected SSL/TLS version
to the certificate verification helper using the "proto_version=v" and
"cipher=c" key=value pairs.
On MinGW at least macro replacement appears to be case insensitive.
The lower-case freeaddrinfo/initaddrinfo system functions are defined
with macros, both in MinGW headers and Squid libcompat.
SourceLayout: rename auth module files to match guidelines
* Squid-3 coding guidelines require that files are named after the
class(es) contained within. Rename the files containing auth Config
classes to match.
* Remove the unused DefaultAuthenticateChildrenMax macros.
* simplify included headers in auth modules.
* alphabetize the order auth modules are detected.