[thirdparty/squid.git] / src / HttpReply.cc


/*
 * $Id: HttpReply.cc,v 1.100 2008/02/08 18:27:59 rousskov Exp $
 *
 * DEBUG: section 58    HTTP Reply (Response)
 * AUTHOR: Alex Rousskov
 *
 * SQUID Web Proxy Cache          http://www.squid-cache.org/
 * ----------------------------------------------------------
 *
 *  Squid is the result of efforts by numerous individuals from
 *  the Internet community; see the CONTRIBUTORS file for full
 *  details.   Many organizations have provided support for Squid's
 *  development; see the SPONSORS file for full details.  Squid is
 *  Copyrighted (C) 2001 by the Regents of the University of
 *  California; see the COPYRIGHT file for full details.  Squid
 *  incorporates software developed and/or copyrighted by other
 *  sources; see the CREDITS file for full details.
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *  
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *  
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
 *
 */

#include "squid.h"
#include "SquidTime.h"
#include "Store.h"
#include "HttpReply.h"
#include "HttpHdrContRange.h"
#include "HttpHdrSc.h"
#include "ACLChecklist.h"
#include "HttpRequest.h"
#include "MemBuf.h"

/* local constants */

/* If we receive a 304 from the origin during a cache revalidation, we must
 * update the headers of the existing entry. Specifically, we need to update all
 * end-to-end headers and not any hop-by-hop headers (rfc2616 13.5.3).
 *
 * This is not the whole story though: since it is possible for a faulty/malicious
 * origin server to set headers it should not in a 304, we must explicitly ignore
 * these too. Specifically all entity-headers except those permitted in a 304
 * (rfc2616 10.3.5) must be ignored.
 * 
 * The list of headers we don't update is made up of:
 *     all hop-by-hop headers
 *     all entity-headers except Expires and Content-Location
 */
static HttpHeaderMask Denied304HeadersMask;
static http_hdr_type Denied304HeadersArr[] =
    {
        // hop-by-hop headers
        HDR_CONNECTION, HDR_KEEP_ALIVE, HDR_PROXY_AUTHENTICATE, HDR_PROXY_AUTHORIZATION,
        HDR_TE, HDR_TRAILERS, HDR_TRANSFER_ENCODING, HDR_UPGRADE,
        // entity headers
        HDR_ALLOW, HDR_CONTENT_ENCODING, HDR_CONTENT_LANGUAGE, HDR_CONTENT_LENGTH,
        HDR_CONTENT_MD5, HDR_CONTENT_RANGE, HDR_CONTENT_TYPE, HDR_LAST_MODIFIED
    };

/* module initialization */
void
httpReplyInitModule(void)
{
    assert(HTTP_STATUS_NONE == 0); // HttpReply::parse() interface assumes that
    httpHeaderMaskInit(&Denied304HeadersMask, 0);
    httpHeaderCalcMask(&Denied304HeadersMask, Denied304HeadersArr, countof(Denied304HeadersArr));
}

HttpReply::HttpReply() : HttpMsg(hoReply), date (0), last_modified (0), 
	expires (0), surrogate_control (NULL), content_range (NULL), keep_alive (0), 
	protoPrefix("HTTP/"), bodySizeMax(-2)
{
    init();
}

HttpReply::~HttpReply()
{
    if (do_clean)
        clean();
}

void
HttpReply::init()
{
    httpBodyInit(&body);
    hdrCacheInit();
    httpStatusLineInit(&sline);
    pstate = psReadyToParseStartLine;
    do_clean = true;
}

void HttpReply::reset()
{

    // reset should not reset the protocol; could have made protoPrefix a
    // virtual function instead, but it is not clear whether virtual methods
    // are allowed with MEMPROXY_CLASS() and whether some cbdata void*
    // conversions are not going to kill virtual tables
    const String pfx = protoPrefix;
    clean();
    init();
    protoPrefix = pfx;
}

void
HttpReply::clean()
{
    // we used to assert that the pipe is NULL, but now the message only 
    // points to a pipe that is owned and initiated by another object.
    body_pipe = NULL;

    httpBodyClean(&body);
    hdrCacheClean();
    header.clean();
    httpStatusLineClean(&sline);
    bodySizeMax = -2; // hack: make calculatedBodySizeMax() false
}

void
HttpReply::packHeadersInto(Packer * p) const
{
    httpStatusLinePackInto(&sline, p);
    header.packInto(p);
    packerAppend(p, "\r\n", 2);
}

void
HttpReply::packInto(Packer * p)
{
    packHeadersInto(p);
    httpBodyPackInto(&body, p);
}

/* create memBuf, create mem-based packer, pack, destroy packer, return MemBuf */
MemBuf *
HttpReply::pack()
{
    MemBuf *mb = new MemBuf;
    Packer p;

    mb->init();
    packerToMemInit(&p, mb);
    packInto(&p);
    packerClean(&p);
    return mb;
}

MemBuf *
httpPackedReply(HttpVersion ver, http_status status, const char *ctype,
                int64_t clen, time_t lmt, time_t expires)
{
    HttpReply *rep = new HttpReply;
    rep->setHeaders(ver, status, ctype, NULL, clen, lmt, expires);
    MemBuf *mb = rep->pack();
    delete rep;
    return mb;
}

HttpReply *
HttpReply::make304 () const
{
    static const http_hdr_type ImsEntries[] = {HDR_DATE, HDR_CONTENT_TYPE, HDR_EXPIRES, HDR_LAST_MODIFIED, /* eof */ HDR_OTHER};

    HttpReply *rv = new HttpReply;
    int t;
    HttpHeaderEntry *e;

    /* rv->content_length; */
    rv->date = date;
    rv->last_modified = last_modified;
    rv->expires = expires;
    rv->content_type = content_type;
    /* rv->cache_control */
    /* rv->content_range */
    /* rv->keep_alive */
    HttpVersion ver(1,0);
    httpStatusLineSet(&rv->sline, ver,
                      HTTP_NOT_MODIFIED, "");

    for (t = 0; ImsEntries[t] != HDR_OTHER; ++t)
        if ((e = header.findEntry(ImsEntries[t])))
            rv->header.addEntry(e->clone());

    /* rv->body */
    return rv;
}

MemBuf *
HttpReply::packed304Reply()
{
    /* Not as efficient as skipping the header duplication,
     * but easier to maintain
     */
    HttpReply *temp = make304 ();
    MemBuf *rv = temp->pack();
    delete temp;
    return rv;
}

void
HttpReply::setHeaders(HttpVersion ver, http_status status, const char *reason,
                      const char *ctype, int64_t clen, time_t lmt, time_t expires)
{
    HttpHeader *hdr;
    httpStatusLineSet(&sline, ver, status, reason);
    hdr = &header;
    hdr->putStr(HDR_SERVER, visible_appname_string);
    hdr->putStr(HDR_MIME_VERSION, "1.0");
    hdr->putTime(HDR_DATE, squid_curtime);

    if (ctype) {
        hdr->putStr(HDR_CONTENT_TYPE, ctype);
        content_type = ctype;
    } else
        content_type = String();

    if (clen >= 0)
        hdr->putInt64(HDR_CONTENT_LENGTH, clen);

    if (expires >= 0)
        hdr->putTime(HDR_EXPIRES, expires);

    if (lmt > 0)		/* this used to be lmt != 0 @?@ */
        hdr->putTime(HDR_LAST_MODIFIED, lmt);

    date = squid_curtime;

    content_length = clen;

    expires = expires;

    last_modified = lmt;
}

void
HttpReply::redirect(http_status status, const char *loc)
{
    HttpHeader *hdr;
    HttpVersion ver(1,0);
    httpStatusLineSet(&sline, ver, status, httpStatusString(status));
    hdr = &header;
    hdr->putStr(HDR_SERVER, APP_FULLNAME);
    hdr->putTime(HDR_DATE, squid_curtime);
    hdr->putInt64(HDR_CONTENT_LENGTH, 0);
    hdr->putStr(HDR_LOCATION, loc);
    date = squid_curtime;
    content_length = 0;
}

/* compare the validators of two replies.
 * 1 = they match
 * 0 = they do not match
 */
int
HttpReply::validatorsMatch(HttpReply const * otherRep) const
{
    String one,two;
    assert (otherRep);
    /* Numbers first - easiest to check */
    /* Content-Length */
    /* TODO: remove -1 bypass */

    if (content_length != otherRep->content_length
            && content_length > -1 &&
            otherRep->content_length > -1)
        return 0;

    /* ETag */
    one = header.getStrOrList(HDR_ETAG);

    two = otherRep->header.getStrOrList(HDR_ETAG);

    if (!one.buf() || !two.buf() || strcasecmp (one.buf(), two.buf())) {
        one.clean();
        two.clean();
        return 0;
    }

    if (last_modified != otherRep->last_modified)
        return 0;

    /* MD5 */
    one = header.getStrOrList(HDR_CONTENT_MD5);

    two = otherRep->header.getStrOrList(HDR_CONTENT_MD5);

    if (!one.buf() || !two.buf() || strcasecmp (one.buf(), two.buf())) {
        one.clean();
        two.clean();
        return 0;
    }

    return 1;
}

void
HttpReply::updateOnNotModified(HttpReply const * freshRep)
{
    assert(freshRep);

    /* clean cache */
    hdrCacheClean();
    /* update raw headers */
    header.update(&freshRep->header,
                  (const HttpHeaderMask *) &Denied304HeadersMask);

    header.compact();
    /* init cache */
    hdrCacheInit();
}

/* internal routines */

time_t
HttpReply::hdrExpirationTime()
{
    /* The s-maxage and max-age directive takes priority over Expires */

    if (cache_control) {
        if (date >= 0) {
            if (cache_control->s_maxage >= 0)
                return date + cache_control->s_maxage;

            if (cache_control->max_age >= 0)
                return date + cache_control->max_age;
        } else {
            /*
             * Conservatively handle the case when we have a max-age
             * header, but no Date for reference?
             */

            if (cache_control->s_maxage >= 0)
                return squid_curtime;

            if (cache_control->max_age >= 0)
                return squid_curtime;
        }
    }

    if (Config.onoff.vary_ignore_expire &&
            header.has(HDR_VARY)) {
        const time_t d = header.getTime(HDR_DATE);
        const time_t e = header.getTime(HDR_EXPIRES);

        if (d == e)
            return -1;
    }

    if (header.has(HDR_EXPIRES)) {
        const time_t e = header.getTime(HDR_EXPIRES);
        /*
         * HTTP/1.0 says that robust implementations should consider
         * bad or malformed Expires header as equivalent to "expires
         * immediately."
         */
        return e < 0 ? squid_curtime : e;
    }

    return -1;
}

/* sync this routine when you update HttpReply struct */
void
HttpReply::hdrCacheInit()
{
    HttpMsg::hdrCacheInit();

    content_length = header.getInt64(HDR_CONTENT_LENGTH);
    date = header.getTime(HDR_DATE);
    last_modified = header.getTime(HDR_LAST_MODIFIED);
    surrogate_control = header.getSc();
    content_range = header.getContRange();
    keep_alive = httpMsgIsPersistent(sline.version, &header);
    const char *str = header.getStr(HDR_CONTENT_TYPE);

    if (str)
        content_type.limitInit(str, strcspn(str, ";\t "));
    else
        content_type = String();

    /* be sure to set expires after date and cache-control */
    expires = hdrExpirationTime();
}

/* sync this routine when you update HttpReply struct */
void
HttpReply::hdrCacheClean()
{
    content_type.clean();

    if (cache_control) {
        httpHdrCcDestroy(cache_control);
        cache_control = NULL;
    }

    if (surrogate_control) {
        httpHdrScDestroy(surrogate_control);
        surrogate_control = NULL;
    }

    if (content_range) {
        httpHdrContRangeDestroy(content_range);
        content_range = NULL;
    }
}

/*
 * Returns the body size of a HTTP response
 */
int64_t
HttpReply::bodySize(const HttpRequestMethod& method) const
{
    if (sline.version.major < 1)
        return -1;
    else if (method.id() == METHOD_HEAD)
        return 0;
    else if (sline.status == HTTP_OK)
        (void) 0;		/* common case, continue */
    else if (sline.status == HTTP_NO_CONTENT)
        return 0;
    else if (sline.status == HTTP_NOT_MODIFIED)
        return 0;
    else if (sline.status < HTTP_OK)
        return 0;

    return content_length;
}

bool HttpReply::sanityCheckStartLine(MemBuf *buf, http_status *error)
{
    if (buf->contentSize() >= protoPrefix.size() && protoPrefix.cmp(buf->content(), protoPrefix.size()) != 0) {
        debugs(58, 3, "HttpReply::sanityCheckStartLine: missing protocol prefix (" << protoPrefix.buf() << ") in '" << buf->content() << "'");
        *error = HTTP_INVALID_HEADER;
        return false;
    }

    return true;
}

void HttpReply::packFirstLineInto(Packer *p, bool unused) const
{
    httpStatusLinePackInto(&sline, p);
}

bool HttpReply::parseFirstLine(const char *blk_start, const char *blk_end)
{
    return httpStatusLineParse(&sline, protoPrefix, blk_start, blk_end);
}

/* handy: resets and returns -1 */
int
HttpReply::httpMsgParseError()
{
    int result(HttpMsg::httpMsgParseError());
    /* indicate an error in the status line */
    sline.status = HTTP_INVALID_HEADER;
    return result;
}

/*
 * Indicate whether or not we would usually expect an entity-body
 * along with this response
 */
bool
HttpReply::expectingBody(const HttpRequestMethod& req_method, int64_t& theSize) const
{
    bool expectBody = true;

    if (req_method == METHOD_HEAD)
        expectBody = false;
    else if (sline.status == HTTP_NO_CONTENT)
        expectBody = false;
    else if (sline.status == HTTP_NOT_MODIFIED)
        expectBody = false;
    else if (sline.status < HTTP_OK)
        expectBody = false;
    else
        expectBody = true;

    if (expectBody) {
        if (header.hasListMember(HDR_TRANSFER_ENCODING, "chunked", ','))
            theSize = -1;
        else if (content_length >= 0)
            theSize = content_length;
        else
            theSize = -1;
    }

    return expectBody;
}

bool
HttpReply::receivedBodyTooLarge(HttpRequest& request, int64_t receivedSize)
{
    calcMaxBodySize(request);
    debugs(58, 3, HERE << receivedSize << " >? " << bodySizeMax);
    return bodySizeMax >= 0 && receivedSize > bodySizeMax;
}

bool
HttpReply::expectedBodyTooLarge(HttpRequest& request)
{
    calcMaxBodySize(request);
    debugs(58, 7, HERE << "bodySizeMax=" << bodySizeMax);

    if (bodySizeMax < 0) // no body size limit
        return false;

    int64_t expectedSize = -1;
    if (!expectingBody(request.method, expectedSize))
        return false;
    
    debugs(58, 6, HERE << expectedSize << " >? " << bodySizeMax);

    if (expectedSize < 0) // expecting body of an unknown length
        return false;

    return expectedSize > bodySizeMax;
}

void
HttpReply::calcMaxBodySize(HttpRequest& request)
{
    // hack: -2 is used as "we have not calculated max body size yet" state
    if (bodySizeMax != -2) // already tried
        return;
    bodySizeMax = -1;

    ACLChecklist ch;
    ch.src_addr = request.client_addr;
    ch.my_addr = request.my_addr;
    ch.reply = HTTPMSGLOCK(this); // XXX: this lock makes method non-const
    ch.request = HTTPMSGLOCK(&request);
    for (acl_size_t *l = Config.ReplyBodySize; l; l = l -> next) {
        if (ch.matchAclListFast(l->aclList)) {
            debugs(58, 4, HERE << "bodySizeMax=" << bodySizeMax);
            bodySizeMax = l->size; // may be -1
            break;
        }
    }
}

// XXX: check that this is sufficient for eCAP cloning
HttpReply *
HttpReply::clone() const
{
    HttpReply *rep = new HttpReply();
    rep->header.append(&header);
    rep->hdrCacheInit();
    rep->hdr_sz = hdr_sz;
    rep->http_ver = http_ver;
    rep->pstate = pstate;
    rep->body_pipe = body_pipe;

    rep->protocol = protocol;
    rep->sline = sline;
    return rep;
}
Commit	Line	Data
2ac76861	1
cb69b4c7	2	/*
0667cbfb	3	* $Id: HttpReply.cc,v 1.100 2008/02/08 18:27:59 rousskov Exp $
cb69b4c7	4	*
123abbe1	5	* DEBUG: section 58 HTTP Reply (Response)
cb69b4c7	6	* AUTHOR: Alex Rousskov
cb69b4c7	7	*
2b6662ba	8	* SQUID Web Proxy Cache http://www.squid-cache.org/
e25c139f	9	* ----------------------------------------------------------
cb69b4c7	10	*
2b6662ba	11	* Squid is the result of efforts by numerous individuals from
	12	* the Internet community; see the CONTRIBUTORS file for full
	13	* details. Many organizations have provided support for Squid's
	14	* development; see the SPONSORS file for full details. Squid is
	15	* Copyrighted (C) 2001 by the Regents of the University of
	16	* California; see the COPYRIGHT file for full details. Squid
	17	* incorporates software developed and/or copyrighted by other
	18	* sources; see the CREDITS file for full details.
cb69b4c7	19	*
	20	* This program is free software; you can redistribute it and/or modify
	21	* it under the terms of the GNU General Public License as published by
	22	* the Free Software Foundation; either version 2 of the License, or
	23	* (at your option) any later version.
	24	*
	25	* This program is distributed in the hope that it will be useful,
	26	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	27	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	28	* GNU General Public License for more details.
	29	*
	30	* You should have received a copy of the GNU General Public License
	31	* along with this program; if not, write to the Free Software
cbdec147	32	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
e25c139f	33	*
cb69b4c7	34	*/
cb69b4c7	35
cb69b4c7	36	#include "squid.h"
985c86bc	37	#include "SquidTime.h"
528b2c61	38	#include "Store.h"
8596962e	39	#include "HttpReply.h"
528b2c61	40	#include "HttpHdrContRange.h"
25b6a907	41	#include "HttpHdrSc.h"
4fb35c3c	42	#include "ACLChecklist.h"
0667cbfb	43	#include "HttpRequest.h"
0eb49b6d	44	#include "MemBuf.h"
cb69b4c7	45
	46	/* local constants */
	47
1d7ab0f4	48	/* If we receive a 304 from the origin during a cache revalidation, we must
	49	* update the headers of the existing entry. Specifically, we need to update all
	50	* end-to-end headers and not any hop-by-hop headers (rfc2616 13.5.3).
	51	*
	52	* This is not the whole story though: since it is possible for a faulty/malicious
	53	* origin server to set headers it should not in a 304, we must explicitly ignore
	54	* these too. Specifically all entity-headers except those permitted in a 304
	55	* (rfc2616 10.3.5) must be ignored.
	56	*
	57	* The list of headers we don't update is made up of:
	58	* all hop-by-hop headers
	59	* all entity-headers except Expires and Content-Location
	60	*/
2246b732	61	static HttpHeaderMask Denied304HeadersMask;
2246b732	62	static http_hdr_type Denied304HeadersArr[] =
62e76326	63	{
1d7ab0f4	64	// hop-by-hop headers
	65	HDR_CONNECTION, HDR_KEEP_ALIVE, HDR_PROXY_AUTHENTICATE, HDR_PROXY_AUTHORIZATION,
	66	HDR_TE, HDR_TRAILERS, HDR_TRANSFER_ENCODING, HDR_UPGRADE,
	67	// entity headers
62e76326	68	HDR_ALLOW, HDR_CONTENT_ENCODING, HDR_CONTENT_LANGUAGE, HDR_CONTENT_LENGTH,
1d7ab0f4	69	HDR_CONTENT_MD5, HDR_CONTENT_RANGE, HDR_CONTENT_TYPE, HDR_LAST_MODIFIED
62e76326	70	};
2246b732	71
2246b732	72	/* module initialization */
2246b732	73	void
9bc73deb	74	httpReplyInitModule(void)
2246b732	75	{
8596962e	76	assert(HTTP_STATUS_NONE == 0); // HttpReply::parse() interface assumes that
97474590	77	httpHeaderMaskInit(&Denied304HeadersMask, 0);
8abf232c	78	httpHeaderCalcMask(&Denied304HeadersMask, Denied304HeadersArr, countof(Denied304HeadersArr));
2246b732	79	}
2246b732	80
0667cbfb	81	HttpReply::HttpReply() : HttpMsg(hoReply), date (0), last_modified (0),
	82	expires (0), surrogate_control (NULL), content_range (NULL), keep_alive (0),
	83	protoPrefix("HTTP/"), bodySizeMax(-2)
cb69b4c7	84	{
06a5ae20	85	init();
cb69b4c7	86	}
cb69b4c7	87
06a5ae20	88	HttpReply::~HttpReply()
cb69b4c7	89	{
06a5ae20	90	if (do_clean)
06a5ae20	91	clean();
cb69b4c7	92	}
	93
	94	void
06a5ae20	95	HttpReply::init()
cb69b4c7	96	{
06a5ae20	97	httpBodyInit(&body);
	98	hdrCacheInit();
	99	httpStatusLineInit(&sline);
c99de607	100	pstate = psReadyToParseStartLine;
06a5ae20	101	do_clean = true;
cb69b4c7	102	}
cb69b4c7	103
06a5ae20	104	void HttpReply::reset()
cb69b4c7	105	{
06a5ae20	106
8596962e	107	// reset should not reset the protocol; could have made protoPrefix a
	108	// virtual function instead, but it is not clear whether virtual methods
	109	// are allowed with MEMPROXY_CLASS() and whether some cbdata void*
	110	// conversions are not going to kill virtual tables
30abd221	111	const String pfx = protoPrefix;
06a5ae20	112	clean();
	113	init();
	114	protoPrefix = pfx;
	115	}
	116
	117	void
	118	HttpReply::clean()
	119	{
5f8252d2	120	// we used to assert that the pipe is NULL, but now the message only
	121	// points to a pipe that is owned and initiated by another object.
	122	body_pipe = NULL;
	123
06a5ae20	124	httpBodyClean(&body);
06a5ae20	125	hdrCacheClean();
519e0948	126	header.clean();
06a5ae20	127	httpStatusLineClean(&sline);
0667cbfb	128	bodySizeMax = -2; // hack: make calculatedBodySizeMax() false
cb69b4c7	129	}
cb69b4c7	130
cb69b4c7	131	void
06a5ae20	132	HttpReply::packHeadersInto(Packer * p) const
cb69b4c7	133	{
06a5ae20	134	httpStatusLinePackInto(&sline, p);
a9925b40	135	header.packInto(p);
cb69b4c7	136	packerAppend(p, "\r\n", 2);
528b2c61	137	}
	138
	139	void
06a5ae20	140	HttpReply::packInto(Packer * p)
528b2c61	141	{
06a5ae20	142	packHeadersInto(p);
06a5ae20	143	httpBodyPackInto(&body, p);
cb69b4c7	144	}
cb69b4c7	145
06a5ae20	146	/* create memBuf, create mem-based packer, pack, destroy packer, return MemBuf */
032785bf	147	MemBuf *
06a5ae20	148	HttpReply::pack()
cb69b4c7	149	{
032785bf	150	MemBuf *mb = new MemBuf;
cb69b4c7	151	Packer p;
cb69b4c7	152
2fe7eff9	153	mb->init();
032785bf	154	packerToMemInit(&p, mb);
06a5ae20	155	packInto(&p);
cb69b4c7	156	packerClean(&p);
	157	return mb;
	158	}
	159
032785bf	160	MemBuf *
450e0c10	161	httpPackedReply(HttpVersion ver, http_status status, const char *ctype,
47f6e231	162	int64_t clen, time_t lmt, time_t expires)
cb69b4c7	163	{
06a5ae20	164	HttpReply *rep = new HttpReply;
	165	rep->setHeaders(ver, status, ctype, NULL, clen, lmt, expires);
	166	MemBuf *mb = rep->pack();
	167	delete rep;
cb69b4c7	168	return mb;
	169	}
	170
528b2c61	171	HttpReply *
06a5ae20	172	HttpReply::make304 () const
cb69b4c7	173	{
62e76326	174	static const http_hdr_type ImsEntries[] = {HDR_DATE, HDR_CONTENT_TYPE, HDR_EXPIRES, HDR_LAST_MODIFIED, /* eof */ HDR_OTHER};
62e76326	175
06a5ae20	176	HttpReply *rv = new HttpReply;
728da2ee	177	int t;
de336bbe	178	HttpHeaderEntry *e;
cb69b4c7	179
528b2c61	180	/* rv->content_length; */
06a5ae20	181	rv->date = date;
	182	rv->last_modified = last_modified;
	183	rv->expires = expires;
	184	rv->content_type = content_type;
528b2c61	185	/* rv->cache_control */
	186	/* rv->content_range */
	187	/* rv->keep_alive */
450e0c10	188	HttpVersion ver(1,0);
528b2c61	189	httpStatusLineSet(&rv->sline, ver,
62e76326	190	HTTP_NOT_MODIFIED, "");
62e76326	191
de336bbe	192	for (t = 0; ImsEntries[t] != HDR_OTHER; ++t)
a9925b40	193	if ((e = header.findEntry(ImsEntries[t])))
eede25e7	194	rv->header.addEntry(e->clone());
62e76326	195
528b2c61	196	/* rv->body */
	197	return rv;
	198	}
	199
032785bf	200	MemBuf *
06a5ae20	201	HttpReply::packed304Reply()
528b2c61	202	{
	203	/* Not as efficient as skipping the header duplication,
	204	* but easier to maintain
	205	*/
06a5ae20	206	HttpReply *temp = make304 ();
	207	MemBuf *rv = temp->pack();
	208	delete temp;
528b2c61	209	return rv;
cb69b4c7	210	}
	211
	212	void
06a5ae20	213	HttpReply::setHeaders(HttpVersion ver, http_status status, const char *reason,
47f6e231	214	const char *ctype, int64_t clen, time_t lmt, time_t expires)
cb69b4c7	215	{
cb69b4c7	216	HttpHeader *hdr;
06a5ae20	217	httpStatusLineSet(&sline, ver, status, reason);
06a5ae20	218	hdr = &header;
a9925b40	219	hdr->putStr(HDR_SERVER, visible_appname_string);
	220	hdr->putStr(HDR_MIME_VERSION, "1.0");
	221	hdr->putTime(HDR_DATE, squid_curtime);
62e76326	222
d8b249ef	223	if (ctype) {
a9925b40	224	hdr->putStr(HDR_CONTENT_TYPE, ctype);
06a5ae20	225	content_type = ctype;
d8b249ef	226	} else
30abd221	227	content_type = String();
62e76326	228
de336bbe	229	if (clen >= 0)
47f6e231	230	hdr->putInt64(HDR_CONTENT_LENGTH, clen);
62e76326	231
cb69b4c7	232	if (expires >= 0)
a9925b40	233	hdr->putTime(HDR_EXPIRES, expires);
62e76326	234
2ac76861	235	if (lmt > 0) /* this used to be lmt != 0 @?@ */
a9925b40	236	hdr->putTime(HDR_LAST_MODIFIED, lmt);
62e76326	237
06a5ae20	238	date = squid_curtime;
62e76326	239
06a5ae20	240	content_length = clen;
62e76326	241
06a5ae20	242	expires = expires;
62e76326	243
06a5ae20	244	last_modified = lmt;
cb69b4c7	245	}
cb69b4c7	246
6d38ef86	247	void
06a5ae20	248	HttpReply::redirect(http_status status, const char *loc)
6d38ef86	249	{
6d38ef86	250	HttpHeader *hdr;
450e0c10	251	HttpVersion ver(1,0);
06a5ae20	252	httpStatusLineSet(&sline, ver, status, httpStatusString(status));
06a5ae20	253	hdr = &header;
7dbca7a4	254	hdr->putStr(HDR_SERVER, APP_FULLNAME);
a9925b40	255	hdr->putTime(HDR_DATE, squid_curtime);
47f6e231	256	hdr->putInt64(HDR_CONTENT_LENGTH, 0);
a9925b40	257	hdr->putStr(HDR_LOCATION, loc);
06a5ae20	258	date = squid_curtime;
06a5ae20	259	content_length = 0;
6d38ef86	260	}
6d38ef86	261
528b2c61	262	/* compare the validators of two replies.
	263	* 1 = they match
	264	* 0 = they do not match
	265	*/
	266	int
06a5ae20	267	HttpReply::validatorsMatch(HttpReply const * otherRep) const
62e76326	268	{
30abd221	269	String one,two;
06a5ae20	270	assert (otherRep);
528b2c61	271	/* Numbers first - easiest to check */
	272	/* Content-Length */
	273	/* TODO: remove -1 bypass */
62e76326	274
06a5ae20	275	if (content_length != otherRep->content_length
06a5ae20	276	&& content_length > -1 &&
62e76326	277	otherRep->content_length > -1)
	278	return 0;
	279
528b2c61	280	/* ETag */
a9925b40	281	one = header.getStrOrList(HDR_ETAG);
62e76326	282
a9925b40	283	two = otherRep->header.getStrOrList(HDR_ETAG);
62e76326	284
30abd221	285	if (!one.buf() \|\| !two.buf() \|\| strcasecmp (one.buf(), two.buf())) {
	286	one.clean();
	287	two.clean();
62e76326	288	return 0;
528b2c61	289	}
62e76326	290
06a5ae20	291	if (last_modified != otherRep->last_modified)
62e76326	292	return 0;
62e76326	293
528b2c61	294	/* MD5 */
a9925b40	295	one = header.getStrOrList(HDR_CONTENT_MD5);
62e76326	296
a9925b40	297	two = otherRep->header.getStrOrList(HDR_CONTENT_MD5);
62e76326	298
30abd221	299	if (!one.buf() \|\| !two.buf() \|\| strcasecmp (one.buf(), two.buf())) {
	300	one.clean();
	301	two.clean();
62e76326	302	return 0;
528b2c61	303	}
62e76326	304
528b2c61	305	return 1;
	306	}
	307
cb69b4c7	308	void
06a5ae20	309	HttpReply::updateOnNotModified(HttpReply const * freshRep)
cb69b4c7	310	{
07947ad8	311	assert(freshRep);
1d7ab0f4	312
d8b249ef	313	/* clean cache */
06a5ae20	314	hdrCacheClean();
d8b249ef	315	/* update raw headers */
a9925b40	316	header.update(&freshRep->header,
a9925b40	317	(const HttpHeaderMask *) &Denied304HeadersMask);
1d7ab0f4	318
394499bd	319	header.compact();
d8b249ef	320	/* init cache */
07947ad8	321	hdrCacheInit();
cb69b4c7	322	}
cb69b4c7	323
d8b249ef	324	/* internal routines */
cb69b4c7	325
06a5ae20	326	time_t
06a5ae20	327	HttpReply::hdrExpirationTime()
d20b1cd0	328	{
d20b1cd0	329	/* The s-maxage and max-age directive takes priority over Expires */
62e76326	330
06a5ae20	331	if (cache_control) {
	332	if (date >= 0) {
	333	if (cache_control->s_maxage >= 0)
	334	return date + cache_control->s_maxage;
62e76326	335
06a5ae20	336	if (cache_control->max_age >= 0)
06a5ae20	337	return date + cache_control->max_age;
62e76326	338	} else {
	339	/*
	340	* Conservatively handle the case when we have a max-age
	341	* header, but no Date for reference?
	342	*/
	343
06a5ae20	344	if (cache_control->s_maxage >= 0)
62e76326	345	return squid_curtime;
62e76326	346
06a5ae20	347	if (cache_control->max_age >= 0)
62e76326	348	return squid_curtime;
62e76326	349	}
d20b1cd0	350	}
62e76326	351
f66a9ef4	352	if (Config.onoff.vary_ignore_expire &&
a9925b40	353	header.has(HDR_VARY)) {
	354	const time_t d = header.getTime(HDR_DATE);
	355	const time_t e = header.getTime(HDR_EXPIRES);
62e76326	356
	357	if (d == e)
	358	return -1;
f66a9ef4	359	}
62e76326	360
a9925b40	361	if (header.has(HDR_EXPIRES)) {
a9925b40	362	const time_t e = header.getTime(HDR_EXPIRES);
62e76326	363	/*
	364	* HTTP/1.0 says that robust implementations should consider
	365	* bad or malformed Expires header as equivalent to "expires
	366	* immediately."
	367	*/
	368	return e < 0 ? squid_curtime : e;
d20b1cd0	369	}
62e76326	370
d20b1cd0	371	return -1;
	372	}
	373
d8b249ef	374	/* sync this routine when you update HttpReply struct */
8596962e	375	void
07947ad8	376	HttpReply::hdrCacheInit()
cb69b4c7	377	{
07947ad8	378	HttpMsg::hdrCacheInit();
07947ad8	379
47f6e231	380	content_length = header.getInt64(HDR_CONTENT_LENGTH);
a9925b40	381	date = header.getTime(HDR_DATE);
	382	last_modified = header.getTime(HDR_LAST_MODIFIED);
	383	surrogate_control = header.getSc();
	384	content_range = header.getContRange();
07947ad8	385	keep_alive = httpMsgIsPersistent(sline.version, &header);
a9925b40	386	const char *str = header.getStr(HDR_CONTENT_TYPE);
62e76326	387
d8b249ef	388	if (str)
07947ad8	389	content_type.limitInit(str, strcspn(str, ";\t "));
d8b249ef	390	else
30abd221	391	content_type = String();
62e76326	392
d20b1cd0	393	/* be sure to set expires after date and cache-control */
06a5ae20	394	expires = hdrExpirationTime();
cb69b4c7	395	}
cb69b4c7	396
d8b249ef	397	/* sync this routine when you update HttpReply struct */
06a5ae20	398	void
06a5ae20	399	HttpReply::hdrCacheClean()
2ac76861	400	{
30abd221	401	content_type.clean();
62e76326	402
06a5ae20	403	if (cache_control) {
	404	httpHdrCcDestroy(cache_control);
	405	cache_control = NULL;
07947ad8	406	}
62e76326	407
06a5ae20	408	if (surrogate_control) {
	409	httpHdrScDestroy(surrogate_control);
	410	surrogate_control = NULL;
07947ad8	411	}
43ae1d95	412
06a5ae20	413	if (content_range) {
	414	httpHdrContRangeDestroy(content_range);
	415	content_range = NULL;
07947ad8	416	}
63259c34	417	}
cb69b4c7	418
35282fbf	419	/*
	420	* Returns the body size of a HTTP response
	421	*/
47f6e231	422	int64_t
60745f24	423	HttpReply::bodySize(const HttpRequestMethod& method) const
35282fbf	424	{
06a5ae20	425	if (sline.version.major < 1)
1bda350e	426	return -1;
914b89a2	427	else if (method.id() == METHOD_HEAD)
62e76326	428	return 0;
06a5ae20	429	else if (sline.status == HTTP_OK)
62e76326	430	(void) 0; /* common case, continue */
06a5ae20	431	else if (sline.status == HTTP_NO_CONTENT)
62e76326	432	return 0;
06a5ae20	433	else if (sline.status == HTTP_NOT_MODIFIED)
62e76326	434	return 0;
06a5ae20	435	else if (sline.status < HTTP_OK)
62e76326	436	return 0;
62e76326	437
06a5ae20	438	return content_length;
35282fbf	439	}
8596962e	440
	441	bool HttpReply::sanityCheckStartLine(MemBuf buf, http_status error)
	442	{
30abd221	443	if (buf->contentSize() >= protoPrefix.size() && protoPrefix.cmp(buf->content(), protoPrefix.size()) != 0) {
30abd221	444	debugs(58, 3, "HttpReply::sanityCheckStartLine: missing protocol prefix (" << protoPrefix.buf() << ") in '" << buf->content() << "'");
8596962e	445	*error = HTTP_INVALID_HEADER;
	446	return false;
	447	}
	448
	449	return true;
	450	}
	451
	452	void HttpReply::packFirstLineInto(Packer *p, bool unused) const
	453	{
	454	httpStatusLinePackInto(&sline, p);
	455	}
429f7150	456
	457	bool HttpReply::parseFirstLine(const char blk_start, const char blk_end)
	458	{
	459	return httpStatusLineParse(&sline, protoPrefix, blk_start, blk_end);
	460	}
5c09dcb8	461
fb525683	462	/* handy: resets and returns -1 */
	463	int
	464	HttpReply::httpMsgParseError()
	465	{
	466	int result(HttpMsg::httpMsgParseError());
	467	/* indicate an error in the status line */
	468	sline.status = HTTP_INVALID_HEADER;
	469	return result;
	470	}
	471
5c09dcb8	472	/*
	473	* Indicate whether or not we would usually expect an entity-body
	474	* along with this response
	475	*/
	476	bool
60745f24	477	HttpReply::expectingBody(const HttpRequestMethod& req_method, int64_t& theSize) const
5c09dcb8	478	{
	479	bool expectBody = true;
	480
	481	if (req_method == METHOD_HEAD)
	482	expectBody = false;
	483	else if (sline.status == HTTP_NO_CONTENT)
	484	expectBody = false;
	485	else if (sline.status == HTTP_NOT_MODIFIED)
	486	expectBody = false;
	487	else if (sline.status < HTTP_OK)
	488	expectBody = false;
	489	else
	490	expectBody = true;
	491
	492	if (expectBody) {
a9925b40	493	if (header.hasListMember(HDR_TRANSFER_ENCODING, "chunked", ','))
5c09dcb8	494	theSize = -1;
	495	else if (content_length >= 0)
	496	theSize = content_length;
	497	else
	498	theSize = -1;
	499	}
	500
	501	return expectBody;
	502	}
0667cbfb	503
	504	bool
	505	HttpReply::receivedBodyTooLarge(HttpRequest& request, int64_t receivedSize)
	506	{
	507	calcMaxBodySize(request);
	508	debugs(58, 3, HERE << receivedSize << " >? " << bodySizeMax);
	509	return bodySizeMax >= 0 && receivedSize > bodySizeMax;
	510	}
	511
	512	bool
	513	HttpReply::expectedBodyTooLarge(HttpRequest& request)
	514	{
	515	calcMaxBodySize(request);
	516	debugs(58, 7, HERE << "bodySizeMax=" << bodySizeMax);
	517
	518	if (bodySizeMax < 0) // no body size limit
	519	return false;
	520
	521	int64_t expectedSize = -1;
	522	if (!expectingBody(request.method, expectedSize))
	523	return false;
	524
	525	debugs(58, 6, HERE << expectedSize << " >? " << bodySizeMax);
	526
	527	if (expectedSize < 0) // expecting body of an unknown length
	528	return false;
	529
	530	return expectedSize > bodySizeMax;
	531	}
	532
	533	void
	534	HttpReply::calcMaxBodySize(HttpRequest& request)
	535	{
	536	// hack: -2 is used as "we have not calculated max body size yet" state
	537	if (bodySizeMax != -2) // already tried
	538	return;
	539	bodySizeMax = -1;
	540
	541	ACLChecklist ch;
	542	ch.src_addr = request.client_addr;
	543	ch.my_addr = request.my_addr;
	544	ch.reply = HTTPMSGLOCK(this); // XXX: this lock makes method non-const
	545	ch.request = HTTPMSGLOCK(&request);
	546	for (acl_size_t *l = Config.ReplyBodySize; l; l = l -> next) {
	547	if (ch.matchAclListFast(l->aclList)) {
	548	debugs(58, 4, HERE << "bodySizeMax=" << bodySizeMax);
	549	bodySizeMax = l->size; // may be -1
	550	break;
	551	}
	552	}
	553	}
da33c835	554
9d7884ec	555	// XXX: check that this is sufficient for eCAP cloning
da33c835 HN	556	HttpReply *
	557	HttpReply::clone() const
	558	{
	559	HttpReply *rep = new HttpReply();
	560	rep->header.append(&header);
	561	rep->hdrCacheInit();
	562	rep->hdr_sz = hdr_sz;
f230832f HN	563	rep->http_ver = http_ver;
f230832f HN	564	rep->pstate = pstate;
f8d990f0 AR	565	rep->body_pipe = body_pipe;
f8d990f0 AR	566
f230832f HN	567	rep->protocol = protocol;
f230832f HN	568	rep->sline = sline;
da33c835 HN	569	return rep;
da33c835 HN	570	}