]>
Commit | Line | Data |
---|---|---|
3c66d057 | 1 | |
dd11e0b7 | 2 | /* |
79d4ccdf | 3 | * $Id: client_side.cc,v 1.549 2001/10/19 22:34:48 hno Exp $ |
dd11e0b7 | 4 | * |
5 | * DEBUG: section 33 Client-side Routines | |
6 | * AUTHOR: Duane Wessels | |
7 | * | |
2b6662ba | 8 | * SQUID Web Proxy Cache http://www.squid-cache.org/ |
e25c139f | 9 | * ---------------------------------------------------------- |
dd11e0b7 | 10 | * |
2b6662ba | 11 | * Squid is the result of efforts by numerous individuals from |
12 | * the Internet community; see the CONTRIBUTORS file for full | |
13 | * details. Many organizations have provided support for Squid's | |
14 | * development; see the SPONSORS file for full details. Squid is | |
15 | * Copyrighted (C) 2001 by the Regents of the University of | |
16 | * California; see the COPYRIGHT file for full details. Squid | |
17 | * incorporates software developed and/or copyrighted by other | |
18 | * sources; see the CREDITS file for full details. | |
dd11e0b7 | 19 | * |
20 | * This program is free software; you can redistribute it and/or modify | |
21 | * it under the terms of the GNU General Public License as published by | |
22 | * the Free Software Foundation; either version 2 of the License, or | |
23 | * (at your option) any later version. | |
24 | * | |
25 | * This program is distributed in the hope that it will be useful, | |
26 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
27 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
28 | * GNU General Public License for more details. | |
29 | * | |
30 | * You should have received a copy of the GNU General Public License | |
31 | * along with this program; if not, write to the Free Software | |
cbdec147 | 32 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. |
e25c139f | 33 | * |
dd11e0b7 | 34 | */ |
f88bb09c | 35 | |
36 | #include "squid.h" | |
37 | ||
5cafc1d6 | 38 | #if IPF_TRANSPARENT |
39 | #if HAVE_SYS_IOCTL_H | |
40 | #include <sys/ioctl.h> | |
41 | #endif | |
42 | #include <netinet/tcp.h> | |
43 | #include <net/if.h> | |
42b51993 | 44 | #if HAVE_IP_FIL_COMPAT_H |
45 | #include <ip_fil_compat.h> | |
46 | #elif HAVE_NETINET_IP_FIL_COMPAT_H | |
47 | #include <netinet/ip_fil_compat.h> | |
48 | #elif HAVE_IP_COMPAT_H | |
5cafc1d6 | 49 | #include <ip_compat.h> |
9bc73deb | 50 | #elif HAVE_NETINET_IP_COMPAT_H |
51 | #include <netinet/ip_compat.h> | |
52 | #endif | |
53 | #if HAVE_IP_FIL_H | |
5cafc1d6 | 54 | #include <ip_fil.h> |
9bc73deb | 55 | #elif HAVE_NETINET_IP_FIL_H |
56 | #include <netinet/ip_fil.h> | |
57 | #endif | |
58 | #if HAVE_IP_NAT_H | |
5cafc1d6 | 59 | #include <ip_nat.h> |
9bc73deb | 60 | #elif HAVE_NETINET_IP_NAT_H |
61 | #include <netinet/ip_nat.h> | |
62 | #endif | |
5cafc1d6 | 63 | #endif |
64 | ||
d852fbad | 65 | #if LINUX_NETFILTER |
66 | #include <linux/netfilter_ipv4.h> | |
67 | #endif | |
5cafc1d6 | 68 | |
69 | ||
5492ad1d | 70 | #if LINGERING_CLOSE |
71 | #define comm_close comm_lingering_close | |
72 | #endif | |
73 | ||
7a2f978b | 74 | static const char *const crlf = "\r\n"; |
75 | ||
7a2f978b | 76 | #define FAILURE_MODE_TIME 300 |
77 | ||
78 | /* Local functions */ | |
79 | ||
fc5d6f7f | 80 | static CWCB clientWriteComplete; |
f4f278b5 | 81 | static CWCB clientWriteBodyComplete; |
7a2f978b | 82 | static PF clientReadRequest; |
83 | static PF connStateFree; | |
84 | static PF requestTimeout; | |
b5c39993 | 85 | static PF clientLifetimeTimeout; |
1b02b5be | 86 | static int clientCheckTransferDone(clientHttpRequest *); |
80980266 | 87 | static int clientGotNotEnough(clientHttpRequest *); |
88aad2e5 | 88 | static void checkFailureRatio(err_type, hier_code); |
fb63215a | 89 | static void clientProcessMiss(clientHttpRequest *); |
eeb423fb | 90 | static void clientBuildReplyHeader(clientHttpRequest * http, HttpReply * rep); |
99edd1c3 | 91 | static clientHttpRequest *parseHttpRequestAbort(ConnStateData * conn, const char *uri); |
7a2f978b | 92 | static clientHttpRequest *parseHttpRequest(ConnStateData *, method_t *, int *, char **, size_t *); |
582b6456 | 93 | static RH clientRedirectDone; |
4d55827a | 94 | static void clientCheckNoCache(clientHttpRequest *); |
95 | static void clientCheckNoCacheDone(int answer, void *data); | |
1b02b5be | 96 | static STCB clientHandleIMSReply; |
f5b8bbc4 | 97 | static int clientGetsOldEntry(StoreEntry * new, StoreEntry * old, request_t * request); |
98 | static int checkAccelOnly(clientHttpRequest *); | |
3898f57f | 99 | #if USE_IDENT |
05832ae1 | 100 | static IDCB clientIdentDone; |
3898f57f | 101 | #endif |
7c1d4010 | 102 | static int clientOnlyIfCached(clientHttpRequest * http); |
7a2f978b | 103 | static STCB clientSendMoreData; |
104 | static STCB clientCacheHit; | |
c68e9c6b | 105 | static void clientSetKeepaliveFlag(clientHttpRequest *); |
f6308664 | 106 | static void clientPackRangeHdr(const HttpReply * rep, const HttpHdrRangeSpec * spec, String boundary, MemBuf * mb); |
107 | static void clientPackTermBound(String boundary, MemBuf * mb); | |
99edd1c3 | 108 | static void clientInterpretRequestHeaders(clientHttpRequest *); |
fb63215a | 109 | static void clientProcessRequest(clientHttpRequest *); |
110 | static void clientProcessExpired(void *data); | |
038eb4ed | 111 | static void clientProcessOnlyIfCachedMiss(clientHttpRequest * http); |
50ddd7a4 | 112 | static int clientCachable(clientHttpRequest * http); |
113 | static int clientHierarchical(clientHttpRequest * http); | |
efb9218c | 114 | static int clientCheckContentLength(request_t * r); |
d20b1cd0 | 115 | static DEFER httpAcceptDefer; |
49d3fcb0 | 116 | static log_type clientProcessRequest2(clientHttpRequest * http); |
a560ee93 | 117 | static int clientReplyBodyTooLarge(HttpReply *, int clen); |
efd900cb | 118 | static int clientRequestBodyTooLarge(int clen); |
94439e4e | 119 | static void clientProcessBody(ConnStateData * conn); |
ea6f43cd | 120 | |
38d7734b | 121 | static int |
382d851a | 122 | checkAccelOnly(clientHttpRequest * http) |
38d7734b | 123 | { |
124 | /* return TRUE if someone makes a proxy request to us and | |
125 | * we are in httpd-accel only mode */ | |
f1dc9b30 | 126 | if (!Config2.Accel.on) |
38d7734b | 127 | return 0; |
17a0a4ee | 128 | if (Config.onoff.accel_with_proxy) |
38d7734b | 129 | return 0; |
382d851a | 130 | if (http->request->protocol == PROTO_CACHEOBJ) |
38d7734b | 131 | return 0; |
77ed547a | 132 | if (http->flags.accel) |
38d7734b | 133 | return 0; |
134 | return 1; | |
135 | } | |
136 | ||
3898f57f | 137 | #if USE_IDENT |
9bc73deb | 138 | static void |
05832ae1 | 139 | clientIdentDone(const char *ident, void *data) |
140 | { | |
141 | ConnStateData *conn = data; | |
94439e4e | 142 | xstrncpy(conn->rfc931, ident ? ident : dash_str, USER_IDENT_SZ); |
05832ae1 | 143 | } |
94439e4e | 144 | |
3898f57f | 145 | #endif |
05832ae1 | 146 | |
4d55827a | 147 | static aclCheck_t * |
a4b8110e | 148 | clientAclChecklistCreate(const acl_access * acl, const clientHttpRequest * http) |
f88bb09c | 149 | { |
4d55827a | 150 | aclCheck_t *ch; |
382d851a | 151 | ConnStateData *conn = http->conn; |
364a0f3d | 152 | ch = aclChecklistCreate(acl, |
382d851a | 153 | http->request, |
94439e4e | 154 | conn->rfc931); |
155 | ||
3898f57f | 156 | /* |
157 | * hack for ident ACL. It needs to get full addresses, and a | |
05832ae1 | 158 | * place to store the ident result on persistent connections... |
159 | */ | |
94439e4e | 160 | /* connection oriented auth also needs these two lines for it's operation. */ |
4d55827a | 161 | ch->conn = conn; |
162 | cbdataLock(ch->conn); | |
94439e4e | 163 | |
4d55827a | 164 | return ch; |
165 | } | |
166 | ||
167 | void | |
168 | clientAccessCheck(void *data) | |
169 | { | |
170 | clientHttpRequest *http = data; | |
171 | if (checkAccelOnly(http)) { | |
307fb3c4 | 172 | /* deny proxy requests in accel_only mode */ |
bdb313a1 | 173 | debug(33, 1) ("clientAccessCheck: proxy request denied in accel_only mode\n"); |
307fb3c4 | 174 | clientAccessCheckDone(ACCESS_DENIED, http); |
4d55827a | 175 | return; |
176 | } | |
177 | http->acl_checklist = clientAclChecklistCreate(Config.accessList.http, http); | |
382d851a | 178 | aclNBCheck(http->acl_checklist, clientAccessCheckDone, http); |
f88bb09c | 179 | } |
180 | ||
7c1d4010 | 181 | /* |
182 | * returns true if client specified that the object must come from the cache | |
96e0684d | 183 | * without contacting origin server |
7c1d4010 | 184 | */ |
185 | static int | |
186 | clientOnlyIfCached(clientHttpRequest * http) | |
187 | { | |
188 | const request_t *r = http->request; | |
189 | assert(r); | |
ea285003 | 190 | return r->cache_control && |
8e092300 | 191 | EBIT_TEST(r->cache_control->mask, CC_ONLY_IF_CACHED); |
7c1d4010 | 192 | } |
193 | ||
23d92c64 | 194 | StoreEntry * |
92695e5e | 195 | clientCreateStoreEntry(clientHttpRequest * h, method_t m, request_flags flags) |
79e0dc20 | 196 | { |
197 | StoreEntry *e; | |
40defb17 | 198 | /* |
199 | * For erroneous requests, we might not have a h->request, | |
200 | * so make a fake one. | |
201 | */ | |
99edd1c3 | 202 | if (h->request == NULL) |
eb824054 | 203 | h->request = requestLink(requestCreate(m, PROTO_NONE, null_string)); |
23d92c64 | 204 | e = storeCreateEntry(h->uri, h->log_uri, flags, m); |
06d2839d | 205 | h->sc = storeClientListAdd(e, h); |
447e176b | 206 | #if DELAY_POOLS |
b2585f7e | 207 | delaySetStoreClient(h->sc, delayClient(h->request)); |
447e176b | 208 | #endif |
06d2839d | 209 | storeClientCopy(h->sc, e, 0, 0, CLIENT_SOCK_SZ, |
c68e9c6b | 210 | memAllocate(MEM_CLIENT_SOCK_BUF), clientSendMoreData, h); |
79e0dc20 | 211 | return e; |
212 | } | |
213 | ||
b8d8561b | 214 | void |
75e88d56 | 215 | clientAccessCheckDone(int answer, void *data) |
f88bb09c | 216 | { |
382d851a | 217 | clientHttpRequest *http = data; |
1810dde6 | 218 | err_type page_id; |
1cfdbcf0 | 219 | http_status status; |
9b312a19 | 220 | ErrorState *err = NULL; |
066ed5c1 | 221 | char *proxy_auth_msg = NULL; |
badd8ff0 | 222 | debug(33, 2) ("The request %s %s is %s, because it matched '%s'\n", |
223 | RequestMethodStr[http->request->method], http->uri, | |
9bc73deb | 224 | answer == ACCESS_ALLOWED ? "ALLOWED" : "DENIED", |
60df005c | 225 | AclMatchedName ? AclMatchedName : "NO ACL's"); |
94439e4e | 226 | proxy_auth_msg = authenticateAuthUserRequestMessage(http->conn->auth_user_request ? http->conn->auth_user_request : http->request->auth_user_request); |
382d851a | 227 | http->acl_checklist = NULL; |
fc5d6f7f | 228 | if (answer == ACCESS_ALLOWED) { |
9b5d1d21 | 229 | safe_free(http->uri); |
230 | http->uri = xstrdup(urlCanonical(http->request)); | |
ce66013b | 231 | assert(http->redirect_state == REDIRECT_NONE); |
382d851a | 232 | http->redirect_state = REDIRECT_PENDING; |
233 | redirectStart(http, clientRedirectDone, http); | |
f88bb09c | 234 | } else { |
23d92c64 | 235 | debug(33, 5) ("Access Denied: %s\n", http->uri); |
901e234d | 236 | debug(33, 5) ("AclMatchedName = %s\n", |
6f47fbc7 | 237 | AclMatchedName ? AclMatchedName : "<null>"); |
066ed5c1 | 238 | debug(33, 5) ("Proxy Auth Message = %s\n", |
239 | proxy_auth_msg ? proxy_auth_msg : "<null>"); | |
b6a2f15e | 240 | /* |
241 | * NOTE: get page_id here, based on AclMatchedName because | |
242 | * if USE_DELAY_POOLS is enabled, then AclMatchedName gets | |
243 | * clobbered in the clientCreateStoreEntry() call | |
244 | * just below. Pedro Ribeiro <pribeiro@isel.pt> | |
245 | */ | |
246 | page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName); | |
79a15e0a | 247 | http->log_type = LOG_TCP_DENIED; |
c68e9c6b | 248 | http->entry = clientCreateStoreEntry(http, http->request->method, |
249 | null_request_flags); | |
1cfdbcf0 | 250 | if (answer == ACCESS_REQ_PROXY_AUTH || aclIsProxyAuth(AclMatchedName)) { |
251 | if (!http->flags.accel) { | |
252 | /* Proxy authorisation needed */ | |
253 | status = HTTP_PROXY_AUTHENTICATION_REQUIRED; | |
254 | } else { | |
255 | /* WWW authorisation needed */ | |
256 | status = HTTP_UNAUTHORIZED; | |
257 | } | |
1810dde6 | 258 | if (page_id == ERR_NONE) |
1cfdbcf0 | 259 | page_id = ERR_CACHE_ACCESS_DENIED; |
260 | } else { | |
261 | status = HTTP_FORBIDDEN; | |
1810dde6 | 262 | if (page_id == ERR_NONE) |
1cfdbcf0 | 263 | page_id = ERR_ACCESS_DENIED; |
264 | } | |
265 | err = errorCon(page_id, status); | |
02922e76 | 266 | err->request = requestLink(http->request); |
267 | err->src_addr = http->conn->peer.sin_addr; | |
94439e4e | 268 | if (http->conn->auth_user_request) |
269 | err->auth_user_request = http->conn->auth_user_request; | |
270 | else if (http->request->auth_user_request) | |
271 | err->auth_user_request = http->request->auth_user_request; | |
272 | /* lock for the error state */ | |
273 | if (err->auth_user_request) | |
274 | authenticateAuthUserRequestLock(err->auth_user_request); | |
066ed5c1 | 275 | err->callback_data = NULL; |
02922e76 | 276 | errorAppendEntry(http->entry, err); |
f88bb09c | 277 | } |
278 | } | |
279 | ||
b8d8561b | 280 | static void |
281 | clientRedirectDone(void *data, char *result) | |
f88bb09c | 282 | { |
382d851a | 283 | clientHttpRequest *http = data; |
c0cdaf99 | 284 | request_t *new_request = NULL; |
382d851a | 285 | request_t *old_request = http->request; |
23d92c64 | 286 | debug(33, 5) ("clientRedirectDone: '%s' result=%s\n", http->uri, |
f88bb09c | 287 | result ? result : "NULL"); |
ce66013b | 288 | assert(http->redirect_state == REDIRECT_PENDING); |
382d851a | 289 | http->redirect_state = REDIRECT_DONE; |
6d38ef86 | 290 | if (result) { |
6fd26c18 | 291 | http_status status = (http_status) atoi(result); |
1810dde6 | 292 | if (status == HTTP_MOVED_PERMANENTLY || status == HTTP_MOVED_TEMPORARILY) { |
6d38ef86 | 293 | char *t = result; |
294 | if ((t = strchr(result, ':')) != NULL) { | |
295 | http->redirect.status = status; | |
21f2031d | 296 | http->redirect.location = xstrdup(t + 1); |
6d38ef86 | 297 | } else { |
21f2031d | 298 | debug(33, 1) ("clientRedirectDone: bad input: %s\n", result); |
6d38ef86 | 299 | } |
300 | } | |
301 | if (strcmp(result, http->uri)) | |
302 | new_request = urlParse(old_request->method, result); | |
303 | } | |
c0cdaf99 | 304 | if (new_request) { |
23d92c64 | 305 | safe_free(http->uri); |
9b5d1d21 | 306 | http->uri = xstrdup(urlCanonical(new_request)); |
20cc1450 | 307 | new_request->http_ver = old_request->http_ver; |
2246b732 | 308 | httpHeaderAppend(&new_request->header, &old_request->header); |
77ed547a | 309 | new_request->client_addr = old_request->client_addr; |
3c11d1f5 | 310 | new_request->my_addr = old_request->my_addr; |
7e3ce7b9 | 311 | new_request->my_port = old_request->my_port; |
92695e5e | 312 | new_request->flags.redirected = 1; |
62085327 | 313 | if (old_request->auth_user_request) { |
314 | new_request->auth_user_request = old_request->auth_user_request; | |
315 | authenticateAuthUserRequestLock(new_request->auth_user_request); | |
316 | } | |
94439e4e | 317 | if (old_request->body_connection) { |
318 | new_request->body_connection = old_request->body_connection; | |
319 | old_request->body_connection = NULL; | |
6cf028ab | 320 | } |
7e3ce7b9 | 321 | new_request->content_length = old_request->content_length; |
2045a403 | 322 | new_request->flags.proxy_keepalive = old_request->flags.proxy_keepalive; |
20cc1450 | 323 | requestUnlink(old_request); |
382d851a | 324 | http->request = requestLink(new_request); |
f88bb09c | 325 | } |
99edd1c3 | 326 | clientInterpretRequestHeaders(http); |
0421724f | 327 | #if HEADERS_LOG |
328 | headersLog(0, 1, request->method, request); | |
329 | #endif | |
23d92c64 | 330 | fd_note(http->conn->fd, http->uri); |
4d55827a | 331 | clientCheckNoCache(http); |
332 | } | |
333 | ||
334 | static void | |
335 | clientCheckNoCache(clientHttpRequest * http) | |
336 | { | |
337 | if (Config.accessList.noCache && http->request->flags.cachable) { | |
338 | http->acl_checklist = clientAclChecklistCreate(Config.accessList.noCache, http); | |
339 | aclNBCheck(http->acl_checklist, clientCheckNoCacheDone, http); | |
340 | } else { | |
341 | clientCheckNoCacheDone(http->request->flags.cachable, http); | |
342 | } | |
343 | } | |
344 | ||
345 | void | |
346 | clientCheckNoCacheDone(int answer, void *data) | |
347 | { | |
348 | clientHttpRequest *http = data; | |
349 | http->request->flags.cachable = answer; | |
350 | http->acl_checklist = NULL; | |
fb63215a | 351 | clientProcessRequest(http); |
e81957b7 | 352 | } |
353 | ||
fb63215a | 354 | static void |
355 | clientProcessExpired(void *data) | |
620da955 | 356 | { |
382d851a | 357 | clientHttpRequest *http = data; |
23d92c64 | 358 | char *url = http->uri; |
620da955 | 359 | StoreEntry *entry = NULL; |
23d92c64 | 360 | debug(33, 3) ("clientProcessExpired: '%s'\n", http->uri); |
b9d34cc1 | 361 | assert(http->entry->lastmod >= 0); |
7c1d4010 | 362 | /* |
363 | * check if we are allowed to contact other servers | |
364 | * @?@: Instead of a 504 (Gateway Timeout) reply, we may want to return | |
6106c6fc | 365 | * a stale entry *if* it matches client requirements |
7c1d4010 | 366 | */ |
367 | if (clientOnlyIfCached(http)) { | |
368 | clientProcessOnlyIfCachedMiss(http); | |
369 | return; | |
370 | } | |
92695e5e | 371 | http->request->flags.refresh = 1; |
382d851a | 372 | http->old_entry = http->entry; |
57ec8214 | 373 | http->old_sc = http->sc; |
b6a2f15e | 374 | /* |
375 | * Assert that 'http' is already a client of old_entry. If | |
376 | * it is not, then the beginning of the object data might get | |
377 | * freed from memory before we need to access it. | |
378 | */ | |
57ec8214 | 379 | assert(http->sc->callback_data == http); |
620da955 | 380 | entry = storeCreateEntry(url, |
23d92c64 | 381 | http->log_uri, |
382d851a | 382 | http->request->flags, |
383 | http->request->method); | |
620da955 | 384 | /* NOTE, don't call storeLockObject(), storeCreateEntry() does it */ |
06d2839d | 385 | http->sc = storeClientListAdd(entry, http); |
447e176b | 386 | #if DELAY_POOLS |
59715b38 | 387 | /* delay_id is already set on original store client */ |
b2585f7e | 388 | delaySetStoreClient(http->sc, delayClient(http->request)); |
447e176b | 389 | #endif |
9bc73deb | 390 | http->request->lastmod = http->old_entry->lastmod; |
1c3e77cd | 391 | debug(33, 5) ("clientProcessExpired: lastmod %d\n", (int) entry->lastmod); |
382d851a | 392 | http->entry = entry; |
393 | http->out.offset = 0; | |
7e3ce7b9 | 394 | fwdStart(http->conn->fd, http->entry, http->request); |
f990cccc | 395 | /* Register with storage manager to receive updates when data comes in. */ |
b7fe0ab0 | 396 | if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) |
397 | debug(33, 0) ("clientProcessExpired: found ENTRY_ABORTED object\n"); | |
06d2839d | 398 | storeClientCopy(http->sc, entry, |
fe96bbe6 | 399 | http->out.offset, |
d89d1fb6 | 400 | http->out.offset, |
cc27d775 | 401 | CLIENT_SOCK_SZ, |
402 | memAllocate(MEM_CLIENT_SOCK_BUF), | |
1b02b5be | 403 | clientHandleIMSReply, |
d89d1fb6 | 404 | http); |
620da955 | 405 | } |
406 | ||
91f4d519 | 407 | static int |
408 | clientGetsOldEntry(StoreEntry * new_entry, StoreEntry * old_entry, request_t * request) | |
409 | { | |
71a8a965 | 410 | const http_status status = new_entry->mem_obj->reply->sline.status; |
411 | if (0 == status) { | |
412 | debug(33, 5) ("clientGetsOldEntry: YES, broken HTTP reply\n"); | |
413 | return 1; | |
414 | } | |
a05cea5b | 415 | /* If the reply is a failure then send the old object as a last |
416 | * resort */ | |
417 | if (status >= 500 && status < 600) { | |
badd8ff0 | 418 | debug(33, 3) ("clientGetsOldEntry: YES, failure reply=%d\n", status); |
a05cea5b | 419 | return 1; |
420 | } | |
91f4d519 | 421 | /* If the reply is anything but "Not Modified" then |
422 | * we must forward it to the client */ | |
71a8a965 | 423 | if (HTTP_NOT_MODIFIED != status) { |
cb69b4c7 | 424 | debug(33, 5) ("clientGetsOldEntry: NO, reply=%d\n", status); |
91f4d519 | 425 | return 0; |
426 | } | |
427 | /* If the client did not send IMS in the request, then it | |
428 | * must get the old object, not this "Not Modified" reply */ | |
92695e5e | 429 | if (!request->flags.ims) { |
a3d5953d | 430 | debug(33, 5) ("clientGetsOldEntry: YES, no client IMS\n"); |
91f4d519 | 431 | return 1; |
432 | } | |
433 | /* If the client IMS time is prior to the entry LASTMOD time we | |
434 | * need to send the old object */ | |
435 | if (modifiedSince(old_entry, request)) { | |
5f6ac48b | 436 | debug(33, 5) ("clientGetsOldEntry: YES, modified since %d\n", |
1afe05c5 | 437 | (int) request->ims); |
91f4d519 | 438 | return 1; |
439 | } | |
a3d5953d | 440 | debug(33, 5) ("clientGetsOldEntry: NO, new one is fine\n"); |
91f4d519 | 441 | return 0; |
442 | } | |
443 | ||
444 | ||
52d4522b | 445 | static void |
1b02b5be | 446 | clientHandleIMSReply(void *data, char *buf, ssize_t size) |
620da955 | 447 | { |
382d851a | 448 | clientHttpRequest *http = data; |
382d851a | 449 | StoreEntry *entry = http->entry; |
b6a2f15e | 450 | MemObject *mem; |
9fb13bb6 | 451 | const char *url = storeUrl(entry); |
e92d33a5 | 452 | int unlink_request = 0; |
76cff1d4 | 453 | StoreEntry *oldentry; |
49d3fcb0 | 454 | int recopy = 1; |
b6a2f15e | 455 | http_status status; |
93f9abd0 | 456 | debug(33, 3) ("clientHandleIMSReply: %s, %d bytes\n", url, (int) size); |
b6a2f15e | 457 | if (entry == NULL) { |
458 | memFree(buf, MEM_CLIENT_SOCK_BUF); | |
459 | return; | |
460 | } | |
b8890359 | 461 | if (size < 0 && !EBIT_TEST(entry->flags, ENTRY_ABORTED)) { |
462 | memFree(buf, MEM_CLIENT_SOCK_BUF); | |
77b32a34 | 463 | return; |
b8890359 | 464 | } |
b6a2f15e | 465 | mem = entry->mem_obj; |
466 | status = mem->reply->sline.status; | |
b7fe0ab0 | 467 | if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) { |
1b02b5be | 468 | debug(33, 3) ("clientHandleIMSReply: ABORTED '%s'\n", url); |
c54e9052 | 469 | /* We have an existing entry, but failed to validate it */ |
accc6d47 | 470 | /* Its okay to send the old one anyway */ |
471 | http->log_type = LOG_TCP_REFRESH_FAIL_HIT; | |
06d2839d | 472 | storeUnregister(http->sc, entry, http); |
accc6d47 | 473 | storeUnlockObject(entry); |
474 | entry = http->entry = http->old_entry; | |
57ec8214 | 475 | http->sc = http->old_sc; |
71a8a965 | 476 | } else if (STORE_PENDING == entry->store_status && 0 == status) { |
1b02b5be | 477 | debug(33, 3) ("clientHandleIMSReply: Incomplete headers for '%s'\n", url); |
cc27d775 | 478 | if (size >= CLIENT_SOCK_SZ) { |
4455552a | 479 | /* will not get any bigger than that */ |
480 | debug(33, 3) ("clientHandleIMSReply: Reply is too large '%s', using old entry\n", url); | |
878570db | 481 | /* use old entry, this repeats the code abovez */ |
4455552a | 482 | http->log_type = LOG_TCP_REFRESH_FAIL_HIT; |
06d2839d | 483 | storeUnregister(http->sc, entry, http); |
743eebfa | 484 | storeUnlockObject(entry); |
4455552a | 485 | entry = http->entry = http->old_entry; |
57ec8214 | 486 | http->sc = http->old_sc; |
878570db | 487 | /* continue */ |
4455552a | 488 | } else { |
06d2839d | 489 | storeClientCopy(http->sc, entry, |
4455552a | 490 | http->out.offset + size, |
491 | http->out.offset, | |
cc27d775 | 492 | CLIENT_SOCK_SZ, |
49d3fcb0 | 493 | buf, |
4455552a | 494 | clientHandleIMSReply, |
495 | http); | |
878570db | 496 | return; |
4455552a | 497 | } |
382d851a | 498 | } else if (clientGetsOldEntry(entry, http->old_entry, http->request)) { |
620da955 | 499 | /* We initiated the IMS request, the client is not expecting |
76cff1d4 | 500 | * 304, so put the good one back. First, make sure the old entry |
501 | * headers have been loaded from disk. */ | |
382d851a | 502 | oldentry = http->old_entry; |
382d851a | 503 | http->log_type = LOG_TCP_REFRESH_HIT; |
d89d1fb6 | 504 | if (oldentry->mem_obj->request == NULL) { |
505 | oldentry->mem_obj->request = requestLink(mem->request); | |
506 | unlink_request = 1; | |
e92d33a5 | 507 | } |
64763c37 | 508 | /* Don't memcpy() the whole reply structure here. For example, |
509 | * www.thegist.com (Netscape/1.13) returns a content-length for | |
510 | * 304's which seems to be the length of the 304 HEADERS!!! and | |
511 | * not the body they refer to. */ | |
71a8a965 | 512 | httpReplyUpdateOnNotModified(oldentry->mem_obj->reply, mem->reply); |
d89d1fb6 | 513 | storeTimestampsSet(oldentry); |
06d2839d | 514 | storeUnregister(http->sc, entry, http); |
57ec8214 | 515 | http->sc = http->old_sc; |
6d54aea8 | 516 | storeUnlockObject(entry); |
382d851a | 517 | entry = http->entry = oldentry; |
41fad779 | 518 | entry->timestamp = squid_curtime; |
657266fe | 519 | if (unlink_request) { |
e92d33a5 | 520 | requestUnlink(entry->mem_obj->request); |
657266fe | 521 | entry->mem_obj->request = NULL; |
522 | } | |
620da955 | 523 | } else { |
524 | /* the client can handle this reply, whatever it is */ | |
382d851a | 525 | http->log_type = LOG_TCP_REFRESH_MISS; |
71a8a965 | 526 | if (HTTP_NOT_MODIFIED == mem->reply->sline.status) { |
cb4eb1ae | 527 | httpReplyUpdateOnNotModified(http->old_entry->mem_obj->reply, |
528 | mem->reply); | |
529 | storeTimestampsSet(http->old_entry); | |
382d851a | 530 | http->log_type = LOG_TCP_REFRESH_HIT; |
d1a43e28 | 531 | } |
57ec8214 | 532 | storeUnregister(http->old_sc, http->old_entry, http); |
382d851a | 533 | storeUnlockObject(http->old_entry); |
49d3fcb0 | 534 | recopy = 0; |
620da955 | 535 | } |
382d851a | 536 | http->old_entry = NULL; /* done with old_entry */ |
57ec8214 | 537 | http->old_sc = NULL; |
b7fe0ab0 | 538 | assert(!EBIT_TEST(entry->flags, ENTRY_ABORTED)); |
49d3fcb0 | 539 | if (recopy) { |
06d2839d | 540 | storeClientCopy(http->sc, entry, |
49d3fcb0 | 541 | http->out.offset, |
542 | http->out.offset, | |
cc27d775 | 543 | CLIENT_SOCK_SZ, |
49d3fcb0 | 544 | buf, |
545 | clientSendMoreData, | |
546 | http); | |
547 | } else { | |
548 | clientSendMoreData(data, buf, size); | |
6cf028ab | 549 | } |
620da955 | 550 | } |
91f4d519 | 551 | |
552 | int | |
304d07cb | 553 | modifiedSince(StoreEntry * entry, request_t * request) |
91f4d519 | 554 | { |
555 | int object_length; | |
556 | MemObject *mem = entry->mem_obj; | |
1c3e77cd | 557 | time_t mod_time = entry->lastmod; |
9fb13bb6 | 558 | debug(33, 3) ("modifiedSince: '%s'\n", storeUrl(entry)); |
1c3e77cd | 559 | if (mod_time < 0) |
560 | mod_time = entry->timestamp; | |
0cdcddb9 | 561 | debug(33, 3) ("modifiedSince: mod_time = %d\n", (int) mod_time); |
1c3e77cd | 562 | if (mod_time < 0) |
91f4d519 | 563 | return 1; |
564 | /* Find size of the object */ | |
038eb4ed | 565 | object_length = mem->reply->content_length; |
cb69b4c7 | 566 | if (object_length < 0) |
07304bf9 | 567 | object_length = contentLen(entry); |
1c3e77cd | 568 | if (mod_time > request->ims) { |
a3d5953d | 569 | debug(33, 3) ("--> YES: entry newer than client\n"); |
91f4d519 | 570 | return 1; |
1c3e77cd | 571 | } else if (mod_time < request->ims) { |
a3d5953d | 572 | debug(33, 3) ("--> NO: entry older than client\n"); |
91f4d519 | 573 | return 0; |
574 | } else if (request->imslen < 0) { | |
a3d5953d | 575 | debug(33, 3) ("--> NO: same LMT, no client length\n"); |
91f4d519 | 576 | return 0; |
577 | } else if (request->imslen == object_length) { | |
a3d5953d | 578 | debug(33, 3) ("--> NO: same LMT, same length\n"); |
91f4d519 | 579 | return 0; |
580 | } else { | |
a3d5953d | 581 | debug(33, 3) ("--> YES: same LMT, different length\n"); |
91f4d519 | 582 | return 1; |
583 | } | |
584 | } | |
b3b64e58 | 585 | |
a90eae18 | 586 | void |
382d851a | 587 | clientPurgeRequest(clientHttpRequest * http) |
a90eae18 | 588 | { |
a90eae18 | 589 | StoreEntry *entry; |
9b312a19 | 590 | ErrorState *err = NULL; |
8d6da567 | 591 | HttpReply *r; |
f66a9ef4 | 592 | http_status status = HTTP_NOT_FOUND; |
ccf44862 | 593 | http_version_t version; |
d20b1cd0 | 594 | debug(33, 3) ("Config2.onoff.enable_purge = %d\n", Config2.onoff.enable_purge); |
53cb32a9 | 595 | if (!Config2.onoff.enable_purge) { |
79a15e0a | 596 | http->log_type = LOG_TCP_DENIED; |
fe40a877 | 597 | err = errorCon(ERR_ACCESS_DENIED, HTTP_FORBIDDEN); |
9b312a19 | 598 | err->request = requestLink(http->request); |
599 | err->src_addr = http->conn->peer.sin_addr; | |
92695e5e | 600 | http->entry = clientCreateStoreEntry(http, http->request->method, null_request_flags); |
79e0dc20 | 601 | errorAppendEntry(http->entry, err); |
a90eae18 | 602 | return; |
603 | } | |
f66a9ef4 | 604 | /* Release both IP cache */ |
afc1e43f | 605 | ipcacheInvalidate(http->request->host); |
f66a9ef4 | 606 | |
607 | if (!http->flags.purging) { | |
608 | /* Try to find a base entry */ | |
609 | http->flags.purging = 1; | |
610 | entry = storeGetPublicByRequestMethod(http->request, METHOD_GET); | |
611 | if (!entry) | |
612 | entry = storeGetPublicByRequestMethod(http->request, METHOD_HEAD); | |
613 | if (entry) { | |
614 | /* Swap in the metadata */ | |
615 | http->entry = entry; | |
616 | storeLockObject(http->entry); | |
617 | storeCreateMemObject(http->entry, http->uri, http->log_uri); | |
618 | http->entry->mem_obj->method = http->request->method; | |
619 | http->sc = storeClientListAdd(http->entry, http); | |
620 | http->log_type = LOG_TCP_HIT; | |
621 | storeClientCopy(http->sc, http->entry, | |
622 | http->out.offset, | |
623 | http->out.offset, | |
624 | CLIENT_SOCK_SZ, | |
625 | memAllocate(MEM_CLIENT_SOCK_BUF), | |
626 | clientCacheHit, | |
627 | http); | |
628 | return; | |
629 | } | |
630 | } | |
631 | http->log_type = LOG_TCP_MISS; | |
632 | /* Release the cached URI */ | |
633 | entry = storeGetPublicByRequestMethod(http->request, METHOD_GET); | |
634 | if (entry) { | |
635 | debug(33, 4) ("clientPurgeRequest: GET '%s'\n", | |
636 | storeUrl(entry)); | |
637 | storeRelease(entry); | |
638 | status = HTTP_OK; | |
639 | } | |
640 | entry = storeGetPublicByRequestMethod(http->request, METHOD_HEAD); | |
641 | if (entry) { | |
642 | debug(33, 4) ("clientPurgeRequest: HEAD '%s'\n", | |
643 | storeUrl(entry)); | |
a90eae18 | 644 | storeRelease(entry); |
2addf420 | 645 | status = HTTP_OK; |
a90eae18 | 646 | } |
f66a9ef4 | 647 | /* And for Vary, release the base URI if none of the headers was included in the request */ |
648 | if (http->request->vary_headers && !strstr(http->request->vary_headers, "=")) { | |
649 | entry = storeGetPublic(urlCanonical(http->request), METHOD_GET); | |
650 | if (entry) { | |
651 | debug(33, 4) ("clientPurgeRequest: Vary GET '%s'\n", | |
652 | storeUrl(entry)); | |
653 | storeRelease(entry); | |
654 | status = HTTP_OK; | |
655 | } | |
656 | entry = storeGetPublic(urlCanonical(http->request), METHOD_HEAD); | |
657 | if (entry) { | |
658 | debug(33, 4) ("clientPurgeRequest: Vary HEAD '%s'\n", | |
659 | storeUrl(entry)); | |
660 | storeRelease(entry); | |
661 | status = HTTP_OK; | |
662 | } | |
663 | } | |
afa9f1cd | 664 | /* |
665 | * Make a new entry to hold the reply to be written | |
666 | * to the client. | |
667 | */ | |
92695e5e | 668 | http->entry = clientCreateStoreEntry(http, http->request->method, null_request_flags); |
8d6da567 | 669 | httpReplyReset(r = http->entry->mem_obj->reply); |
bffee5af | 670 | httpBuildVersion(&version, 1, 0); |
ccf44862 | 671 | httpReplySetHeaders(r, version, status, NULL, NULL, 0, 0, -1); |
8d6da567 | 672 | httpReplySwapOut(r, http->entry); |
afa9f1cd | 673 | storeComplete(http->entry); |
a90eae18 | 674 | } |
e33ba616 | 675 | |
676 | int | |
ea3a2a69 | 677 | checkNegativeHit(StoreEntry * e) |
e33ba616 | 678 | { |
d46a87a8 | 679 | if (!EBIT_TEST(e->flags, ENTRY_NEGCACHED)) |
ea3a2a69 | 680 | return 0; |
681 | if (e->expires <= squid_curtime) | |
682 | return 0; | |
683 | if (e->store_status != STORE_OK) | |
684 | return 0; | |
685 | return 1; | |
e33ba616 | 686 | } |
7a2f978b | 687 | |
2d72d4fd | 688 | static void |
0e473d70 | 689 | clientUpdateCounters(clientHttpRequest * http) |
a7c05555 | 690 | { |
ee1679df | 691 | int svc_time = tvSubMsec(http->start, current_time); |
b4e7f82d | 692 | ping_data *i; |
39edba21 | 693 | HierarchyLogEntry *H; |
83704487 | 694 | statCounter.client_http.requests++; |
d8b83480 | 695 | if (isTcpHit(http->log_type)) |
83704487 | 696 | statCounter.client_http.hits++; |
4f4d1d6e | 697 | if (http->log_type == LOG_TCP_HIT) |
83704487 | 698 | statCounter.client_http.disk_hits++; |
4f4d1d6e | 699 | else if (http->log_type == LOG_TCP_MEM_HIT) |
83704487 | 700 | statCounter.client_http.mem_hits++; |
0e473d70 | 701 | if (http->request->err_type != ERR_NONE) |
83704487 | 702 | statCounter.client_http.errors++; |
703 | statHistCount(&statCounter.client_http.all_svc_time, svc_time); | |
ee1679df | 704 | /* |
705 | * The idea here is not to be complete, but to get service times | |
706 | * for only well-defined types. For example, we don't include | |
707 | * LOG_TCP_REFRESH_FAIL_HIT because its not really a cache hit | |
708 | * (we *tried* to validate it, but failed). | |
709 | */ | |
710 | switch (http->log_type) { | |
7c9c84ad | 711 | case LOG_TCP_REFRESH_HIT: |
83704487 | 712 | statHistCount(&statCounter.client_http.nh_svc_time, svc_time); |
7c9c84ad | 713 | break; |
ee1679df | 714 | case LOG_TCP_IMS_HIT: |
83704487 | 715 | statHistCount(&statCounter.client_http.nm_svc_time, svc_time); |
ee1679df | 716 | break; |
717 | case LOG_TCP_HIT: | |
718 | case LOG_TCP_MEM_HIT: | |
b540e168 | 719 | case LOG_TCP_OFFLINE_HIT: |
83704487 | 720 | statHistCount(&statCounter.client_http.hit_svc_time, svc_time); |
ee1679df | 721 | break; |
722 | case LOG_TCP_MISS: | |
723 | case LOG_TCP_CLIENT_REFRESH_MISS: | |
83704487 | 724 | statHistCount(&statCounter.client_http.miss_svc_time, svc_time); |
ee1679df | 725 | break; |
726 | default: | |
727 | /* make compiler warnings go away */ | |
728 | break; | |
729 | } | |
39edba21 | 730 | H = &http->request->hier; |
69c95dd3 | 731 | switch (H->alg) { |
732 | case PEER_SA_DIGEST: | |
83704487 | 733 | statCounter.cd.times_used++; |
69c95dd3 | 734 | break; |
735 | case PEER_SA_ICP: | |
83704487 | 736 | statCounter.icp.times_used++; |
b4e7f82d | 737 | i = &H->ping; |
69c95dd3 | 738 | if (0 != i->stop.tv_sec && 0 != i->start.tv_sec) |
83704487 | 739 | statHistCount(&statCounter.icp.query_svc_time, |
69c95dd3 | 740 | tvSubUsec(i->start, i->stop)); |
741 | if (i->timeout) | |
83704487 | 742 | statCounter.icp.query_timeouts++; |
69c95dd3 | 743 | break; |
744 | case PEER_SA_NETDB: | |
83704487 | 745 | statCounter.netdb.times_used++; |
69c95dd3 | 746 | break; |
747 | default: | |
748 | break; | |
17b6e784 | 749 | } |
a7c05555 | 750 | } |
751 | ||
7a2f978b | 752 | static void |
753 | httpRequestFree(void *data) | |
754 | { | |
755 | clientHttpRequest *http = data; | |
756 | clientHttpRequest **H; | |
757 | ConnStateData *conn = http->conn; | |
b6a2f15e | 758 | StoreEntry *e; |
7a2f978b | 759 | request_t *request = http->request; |
760 | MemObject *mem = NULL; | |
b6a2f15e | 761 | debug(33, 3) ("httpRequestFree: %s\n", storeUrl(http->entry)); |
1b02b5be | 762 | if (!clientCheckTransferDone(http)) { |
94439e4e | 763 | if (request && request->body_connection) |
764 | clientAbortBody(request); /* abort body transter */ | |
28ee8ce5 | 765 | /* HN: This looks a bit odd.. why should client_side care about |
766 | * the ICP selection status? | |
bbf5ef83 | 767 | */ |
b6a2f15e | 768 | if (http->entry && http->entry->ping_status == PING_WAITING) |
769 | storeReleaseRequest(http->entry); | |
7a2f978b | 770 | } |
771 | assert(http->log_type < LOG_TYPE_MAX); | |
b6a2f15e | 772 | if (http->entry) |
773 | mem = http->entry->mem_obj; | |
7a2f978b | 774 | if (http->out.size || http->log_type) { |
728da2ee | 775 | http->al.icp.opcode = ICP_INVALID; |
ef65d6ca | 776 | http->al.url = http->log_uri; |
777 | debug(33, 9) ("httpRequestFree: al.url='%s'\n", http->al.url); | |
7a2f978b | 778 | if (mem) { |
cb69b4c7 | 779 | http->al.http.code = mem->reply->sline.status; |
038eb4ed | 780 | http->al.http.content_type = strBuf(mem->reply->content_type); |
7a2f978b | 781 | } |
782 | http->al.cache.caddr = conn->log_addr; | |
783 | http->al.cache.size = http->out.size; | |
784 | http->al.cache.code = http->log_type; | |
785 | http->al.cache.msec = tvSubMsec(http->start, current_time); | |
7a2f978b | 786 | if (request) { |
2246b732 | 787 | Packer p; |
788 | MemBuf mb; | |
789 | memBufDefInit(&mb); | |
790 | packerToMemInit(&p, &mb); | |
791 | httpHeaderPackInto(&request->header, &p); | |
7a2f978b | 792 | http->al.http.method = request->method; |
c68e9c6b | 793 | http->al.http.version = request->http_ver; |
2246b732 | 794 | http->al.headers.request = xstrdup(mb.buf); |
7a2f978b | 795 | http->al.hier = request->hier; |
94439e4e | 796 | if (request->auth_user_request) { |
797 | http->al.cache.authuser = xstrdup(authenticateUserRequestUsername(request->auth_user_request)); | |
798 | authenticateAuthUserRequestUnlock(request->auth_user_request); | |
799 | request->auth_user_request = NULL; | |
800 | } | |
801 | if (conn->rfc931[0]) | |
802 | http->al.cache.rfc931 = conn->rfc931; | |
2246b732 | 803 | packerClean(&p); |
804 | memBufClean(&mb); | |
7a2f978b | 805 | } |
806 | accessLogLog(&http->al); | |
a7c05555 | 807 | clientUpdateCounters(http); |
6f47fbc7 | 808 | clientdbUpdate(conn->peer.sin_addr, http->log_type, PROTO_HTTP, http->out.size); |
7a2f978b | 809 | } |
7a2f978b | 810 | if (http->acl_checklist) |
811 | aclChecklistFree(http->acl_checklist); | |
88aad2e5 | 812 | if (request) |
c24fca87 | 813 | checkFailureRatio(request->err_type, http->al.hier.code); |
23d92c64 | 814 | safe_free(http->uri); |
815 | safe_free(http->log_uri); | |
2246b732 | 816 | safe_free(http->al.headers.request); |
7a2f978b | 817 | safe_free(http->al.headers.reply); |
6d38ef86 | 818 | safe_free(http->redirect.location); |
d192d11f | 819 | stringClean(&http->range_iter.boundary); |
b6a2f15e | 820 | if ((e = http->entry)) { |
7a2f978b | 821 | http->entry = NULL; |
06d2839d | 822 | storeUnregister(http->sc, e, http); |
e1dcf02d | 823 | http->sc = NULL; |
b6a2f15e | 824 | storeUnlockObject(e); |
7a2f978b | 825 | } |
826 | /* old_entry might still be set if we didn't yet get the reply | |
1b02b5be | 827 | * code in clientHandleIMSReply() */ |
b6a2f15e | 828 | if ((e = http->old_entry)) { |
7a2f978b | 829 | http->old_entry = NULL; |
13f14b78 | 830 | storeUnregister(http->old_sc, e, http); |
e1dcf02d | 831 | http->old_sc = NULL; |
b6a2f15e | 832 | storeUnlockObject(e); |
7a2f978b | 833 | } |
834 | requestUnlink(http->request); | |
835 | assert(http != http->next); | |
836 | assert(http->conn->chr != NULL); | |
94439e4e | 837 | /* Unlink us from the clients request list */ |
7a2f978b | 838 | H = &http->conn->chr; |
839 | while (*H) { | |
840 | if (*H == http) | |
841 | break; | |
842 | H = &(*H)->next; | |
843 | } | |
844 | assert(*H != NULL); | |
845 | *H = http->next; | |
846 | http->next = NULL; | |
0f1bc304 | 847 | dlinkDelete(&http->active, &ClientActiveRequests); |
7a2f978b | 848 | cbdataFree(http); |
849 | } | |
850 | ||
851 | /* This is a handler normally called by comm_close() */ | |
852 | static void | |
853 | connStateFree(int fd, void *data) | |
854 | { | |
855 | ConnStateData *connState = data; | |
856 | clientHttpRequest *http; | |
93f9abd0 | 857 | debug(33, 3) ("connStateFree: FD %d\n", fd); |
7a2f978b | 858 | assert(connState != NULL); |
9bc73deb | 859 | clientdbEstablished(connState->peer.sin_addr, -1); /* decrement */ |
79d39a72 | 860 | while ((http = connState->chr) != NULL) { |
7a2f978b | 861 | assert(http->conn == connState); |
862 | assert(connState->chr != connState->chr->next); | |
863 | httpRequestFree(http); | |
864 | } | |
5d146f7d | 865 | if (connState->auth_user_request) |
866 | authenticateAuthUserRequestUnlock(connState->auth_user_request); | |
867 | connState->auth_user_request = NULL; | |
868 | authenticateOnCloseConnection(connState); | |
58cd5bbd | 869 | if (connState->in.size == CLIENT_REQ_BUF_SZ) |
870 | memFree(connState->in.buf, MEM_CLIENT_REQ_BUF); | |
871 | else | |
872 | safe_free(connState->in.buf); | |
59c4d35b | 873 | /* XXX account connState->in.buf */ |
7a2f978b | 874 | pconnHistCount(0, connState->nrequests); |
875 | cbdataFree(connState); | |
403028a9 | 876 | #ifdef _SQUID_LINUX_ |
877 | /* prevent those nasty RST packets */ | |
878 | { | |
879 | char buf[SQUID_TCP_SO_RCVBUF]; | |
1f7c9178 | 880 | while (FD_READ_METHOD(fd, buf, SQUID_TCP_SO_RCVBUF) > 0); |
403028a9 | 881 | } |
882 | #endif | |
7a2f978b | 883 | } |
884 | ||
885 | static void | |
99edd1c3 | 886 | clientInterpretRequestHeaders(clientHttpRequest * http) |
7a2f978b | 887 | { |
888 | request_t *request = http->request; | |
99edd1c3 | 889 | const HttpHeader *req_hdr = &request->header; |
16f019f5 | 890 | int no_cache = 0; |
99edd1c3 | 891 | const char *str; |
99edd1c3 | 892 | request->imslen = -1; |
893 | request->ims = httpHeaderGetTime(req_hdr, HDR_IF_MODIFIED_SINCE); | |
894 | if (request->ims > 0) | |
92695e5e | 895 | request->flags.ims = 1; |
99edd1c3 | 896 | if (httpHeaderHas(req_hdr, HDR_PRAGMA)) { |
897 | String s = httpHeaderGetList(req_hdr, HDR_PRAGMA); | |
16f019f5 | 898 | if (strListIsMember(&s, "no-cache", ',')) |
899 | no_cache++; | |
900 | stringClean(&s); | |
901 | } | |
9bc73deb | 902 | request->cache_control = httpHeaderGetCc(req_hdr); |
16f019f5 | 903 | if (request->cache_control) |
904 | if (EBIT_TEST(request->cache_control->mask, CC_NO_CACHE)) | |
905 | no_cache++; | |
7613d09c | 906 | /* Work around for supporting the Reload button in IE browsers |
907 | * when Squid is used as an accelerator or transparent proxy, | |
908 | * by turning accelerated IMS request to no-cache requests. | |
909 | * Now knows about IE 5.5 fix (is actually only fixed in SP1, | |
910 | * but we can't tell whether we are talking to SP1 or not so | |
911 | * all 5.5 versions are treated 'normally'). | |
f0debecb | 912 | */ |
7613d09c | 913 | if (Config.onoff.ie_refresh) { |
f0debecb | 914 | if (http->flags.accel && request->flags.ims) { |
915 | if ((str = httpHeaderGetStr(req_hdr, HDR_USER_AGENT))) { | |
916 | if (strstr(str, "MSIE 5.01") != NULL) | |
917 | no_cache++; | |
918 | else if (strstr(str, "MSIE 5.0") != NULL) | |
919 | no_cache++; | |
920 | else if (strstr(str, "MSIE 4.") != NULL) | |
921 | no_cache++; | |
922 | else if (strstr(str, "MSIE 3.") != NULL) | |
923 | no_cache++; | |
924 | } | |
925 | } | |
7613d09c | 926 | } |
16f019f5 | 927 | if (no_cache) { |
9f60cfdf | 928 | #if HTTP_VIOLATIONS |
16f019f5 | 929 | if (Config.onoff.reload_into_ims) |
930 | request->flags.nocache_hack = 1; | |
931 | else if (refresh_nocache_hack) | |
932 | request->flags.nocache_hack = 1; | |
933 | else | |
9f60cfdf | 934 | #endif |
16f019f5 | 935 | request->flags.nocache = 1; |
7a2f978b | 936 | } |
4b315324 | 937 | /* ignore range header in non-GETs */ |
938 | if (request->method == METHOD_GET) { | |
939 | request->range = httpHeaderGetRange(req_hdr); | |
940 | if (request->range) | |
92695e5e | 941 | request->flags.range = 1; |
4b315324 | 942 | } |
99edd1c3 | 943 | if (httpHeaderHas(req_hdr, HDR_AUTHORIZATION)) |
92695e5e | 944 | request->flags.auth = 1; |
7a2f978b | 945 | if (request->login[0] != '\0') |
92695e5e | 946 | request->flags.auth = 1; |
99edd1c3 | 947 | if (httpHeaderHas(req_hdr, HDR_VIA)) { |
948 | String s = httpHeaderGetList(req_hdr, HDR_VIA); | |
38a6c74e | 949 | /* |
950 | * ThisCache cannot be a member of Via header, "1.0 ThisCache" can. | |
951 | * Note ThisCache2 has a space prepended to the hostname so we don't | |
952 | * accidentally match super-domains. | |
953 | */ | |
954 | if (strListIsSubstr(&s, ThisCache2, ',')) { | |
c68e9c6b | 955 | debugObj(33, 1, "WARNING: Forwarding loop detected for:\n", |
956 | request, (ObjPackMethod) & httpRequestPack); | |
92695e5e | 957 | request->flags.loopdetect = 1; |
7a2f978b | 958 | } |
d21f1c54 | 959 | #if FORW_VIA_DB |
ea285003 | 960 | fvdbCountVia(strBuf(s)); |
d21f1c54 | 961 | #endif |
99edd1c3 | 962 | stringClean(&s); |
d21f1c54 | 963 | } |
7a2f978b | 964 | #if USE_USERAGENT_LOG |
99edd1c3 | 965 | if ((str = httpHeaderGetStr(req_hdr, HDR_USER_AGENT))) |
966 | logUserAgent(fqdnFromAddr(http->conn->peer.sin_addr), str); | |
d21f1c54 | 967 | #endif |
fd2c5549 | 968 | #if USE_REFERER_LOG |
969 | if ((str = httpHeaderGetStr(req_hdr, HDR_REFERER))) | |
970 | logReferer(fqdnFromAddr(http->conn->peer.sin_addr), str, | |
971 | http->log_uri); | |
972 | #endif | |
d21f1c54 | 973 | #if FORW_VIA_DB |
99edd1c3 | 974 | if (httpHeaderHas(req_hdr, HDR_X_FORWARDED_FOR)) { |
975 | String s = httpHeaderGetList(req_hdr, HDR_X_FORWARDED_FOR); | |
976 | fvdbCountForw(strBuf(s)); | |
977 | stringClean(&s); | |
978 | } | |
7a2f978b | 979 | #endif |
7a2f978b | 980 | if (request->method == METHOD_TRACE) { |
99edd1c3 | 981 | request->max_forwards = httpHeaderGetInt(req_hdr, HDR_MAX_FORWARDS); |
7a2f978b | 982 | } |
50ddd7a4 | 983 | if (clientCachable(http)) |
92695e5e | 984 | request->flags.cachable = 1; |
50ddd7a4 | 985 | if (clientHierarchical(http)) |
92695e5e | 986 | request->flags.hierarchical = 1; |
99edd1c3 | 987 | debug(33, 5) ("clientInterpretRequestHeaders: REQ_NOCACHE = %s\n", |
92695e5e | 988 | request->flags.nocache ? "SET" : "NOT SET"); |
99edd1c3 | 989 | debug(33, 5) ("clientInterpretRequestHeaders: REQ_CACHABLE = %s\n", |
92695e5e | 990 | request->flags.cachable ? "SET" : "NOT SET"); |
99edd1c3 | 991 | debug(33, 5) ("clientInterpretRequestHeaders: REQ_HIERARCHICAL = %s\n", |
92695e5e | 992 | request->flags.hierarchical ? "SET" : "NOT SET"); |
7a2f978b | 993 | } |
994 | ||
c68e9c6b | 995 | /* |
996 | * clientSetKeepaliveFlag() sets request->flags.proxy_keepalive. | |
997 | * This is the client-side persistent connection flag. We need | |
998 | * to set this relatively early in the request processing | |
999 | * to handle hacks for broken servers and clients. | |
1000 | */ | |
1001 | static void | |
1002 | clientSetKeepaliveFlag(clientHttpRequest * http) | |
1003 | { | |
1004 | request_t *request = http->request; | |
1005 | const HttpHeader *req_hdr = &request->header; | |
ccf44862 | 1006 | debug(33, 3) ("clientSetKeepaliveFlag: http_ver = %d.%d\n", |
1007 | request->http_ver.major, request->http_ver.minor); | |
c68e9c6b | 1008 | debug(33, 3) ("clientSetKeepaliveFlag: method = %s\n", |
1009 | RequestMethodStr[request->method]); | |
efd900cb | 1010 | if (!Config.onoff.client_pconns) |
1011 | request->flags.proxy_keepalive = 0; | |
1012 | else if (httpMsgIsPersistent(request->http_ver, req_hdr)) | |
c68e9c6b | 1013 | request->flags.proxy_keepalive = 1; |
c68e9c6b | 1014 | } |
1015 | ||
31be8b80 | 1016 | static int |
efb9218c | 1017 | clientCheckContentLength(request_t * r) |
31be8b80 | 1018 | { |
ffc128c4 | 1019 | switch (r->method) { |
1020 | case METHOD_PUT: | |
1021 | case METHOD_POST: | |
1022 | /* PUT/POST requires a request entity */ | |
2a6b906c | 1023 | return (r->content_length >= 0); |
ffc128c4 | 1024 | case METHOD_GET: |
1025 | case METHOD_HEAD: | |
1026 | /* We do not want to see a request entity on GET/HEAD requests */ | |
2a6b906c | 1027 | return (r->content_length <= 0); |
ffc128c4 | 1028 | default: |
1029 | /* For other types of requests we don't care */ | |
0cdcddb9 | 1030 | return 1; |
ffc128c4 | 1031 | } |
1032 | /* NOT REACHED */ | |
31be8b80 | 1033 | } |
1034 | ||
7a2f978b | 1035 | static int |
50ddd7a4 | 1036 | clientCachable(clientHttpRequest * http) |
7a2f978b | 1037 | { |
23d92c64 | 1038 | const char *url = http->uri; |
7a2f978b | 1039 | request_t *req = http->request; |
1040 | method_t method = req->method; | |
7a2f978b | 1041 | if (req->protocol == PROTO_HTTP) |
1042 | return httpCachable(method); | |
1043 | /* FTP is always cachable */ | |
7a2f978b | 1044 | if (req->protocol == PROTO_WAIS) |
1045 | return 0; | |
1046 | if (method == METHOD_CONNECT) | |
1047 | return 0; | |
1048 | if (method == METHOD_TRACE) | |
1049 | return 0; | |
94439e4e | 1050 | if (method == METHOD_PUT) |
1051 | return 0; | |
1052 | if (method == METHOD_POST) | |
1053 | return 0; /* XXX POST may be cached sometimes.. ignored for now */ | |
1054 | if (req->protocol == PROTO_GOPHER) | |
1055 | return gopherCachable(url); | |
7a2f978b | 1056 | if (req->protocol == PROTO_CACHEOBJ) |
1057 | return 0; | |
1058 | return 1; | |
1059 | } | |
1060 | ||
1061 | /* Return true if we can query our neighbors for this object */ | |
1062 | static int | |
50ddd7a4 | 1063 | clientHierarchical(clientHttpRequest * http) |
7a2f978b | 1064 | { |
23d92c64 | 1065 | const char *url = http->uri; |
7a2f978b | 1066 | request_t *request = http->request; |
1067 | method_t method = request->method; | |
1068 | const wordlist *p = NULL; | |
1069 | ||
1070 | /* IMS needs a private key, so we can use the hierarchy for IMS only | |
1071 | * if our neighbors support private keys */ | |
92695e5e | 1072 | if (request->flags.ims && !neighbors_do_private_keys) |
7a2f978b | 1073 | return 0; |
92695e5e | 1074 | if (request->flags.auth) |
7a2f978b | 1075 | return 0; |
1076 | if (method == METHOD_TRACE) | |
1077 | return 1; | |
1078 | if (method != METHOD_GET) | |
1079 | return 0; | |
1080 | /* scan hierarchy_stoplist */ | |
1081 | for (p = Config.hierarchy_stoplist; p; p = p->next) | |
1082 | if (strstr(url, p->key)) | |
1083 | return 0; | |
92695e5e | 1084 | if (request->flags.loopdetect) |
7a2f978b | 1085 | return 0; |
1086 | if (request->protocol == PROTO_HTTP) | |
1087 | return httpCachable(method); | |
1088 | if (request->protocol == PROTO_GOPHER) | |
1089 | return gopherCachable(url); | |
1090 | if (request->protocol == PROTO_WAIS) | |
1091 | return 0; | |
1092 | if (request->protocol == PROTO_CACHEOBJ) | |
1093 | return 0; | |
1094 | return 1; | |
1095 | } | |
1096 | ||
cf50a0af | 1097 | int |
7a2f978b | 1098 | isTcpHit(log_type code) |
1099 | { | |
1100 | /* this should be a bitmap for better optimization */ | |
1101 | if (code == LOG_TCP_HIT) | |
1102 | return 1; | |
1103 | if (code == LOG_TCP_IMS_HIT) | |
1104 | return 1; | |
1105 | if (code == LOG_TCP_REFRESH_FAIL_HIT) | |
1106 | return 1; | |
1107 | if (code == LOG_TCP_REFRESH_HIT) | |
1108 | return 1; | |
1109 | if (code == LOG_TCP_NEGATIVE_HIT) | |
1110 | return 1; | |
1111 | if (code == LOG_TCP_MEM_HIT) | |
1112 | return 1; | |
b540e168 | 1113 | if (code == LOG_TCP_OFFLINE_HIT) |
1114 | return 1; | |
7a2f978b | 1115 | return 0; |
1116 | } | |
1117 | ||
1c3e77cd | 1118 | /* |
1119 | * returns true if If-Range specs match reply, false otherwise | |
1120 | */ | |
a9771e51 | 1121 | static int |
1122 | clientIfRangeMatch(clientHttpRequest * http, HttpReply * rep) | |
1123 | { | |
1124 | const TimeOrTag spec = httpHeaderGetTimeOrTag(&http->request->header, HDR_IF_RANGE); | |
1125 | /* check for parsing falure */ | |
1126 | if (!spec.valid) | |
1127 | return 0; | |
1128 | /* got an ETag? */ | |
1129 | if (spec.tag.str) { | |
1130 | ETag rep_tag = httpHeaderGetETag(&rep->header, HDR_ETAG); | |
ebb6e9a0 | 1131 | debug(33, 3) ("clientIfRangeMatch: ETags: %s and %s\n", |
a9771e51 | 1132 | spec.tag.str, rep_tag.str ? rep_tag.str : "<none>"); |
1133 | if (!rep_tag.str) | |
ebb6e9a0 | 1134 | return 0; /* entity has no etag to compare with! */ |
a9771e51 | 1135 | if (spec.tag.weak || rep_tag.weak) { |
9834a631 | 1136 | debug(33, 1) ("clientIfRangeMatch: Weak ETags are not allowed in If-Range: %s ? %s\n", |
a9771e51 | 1137 | spec.tag.str, rep_tag.str); |
ebb6e9a0 | 1138 | return 0; /* must use strong validator for sub-range requests */ |
a9771e51 | 1139 | } |
1140 | return etagIsEqual(&rep_tag, &spec.tag); | |
1141 | } | |
1142 | /* got modification time? */ | |
1143 | if (spec.time >= 0) { | |
1144 | return http->entry->lastmod <= spec.time; | |
1145 | } | |
ebb6e9a0 | 1146 | assert(0); /* should not happen */ |
a9771e51 | 1147 | return 0; |
1148 | } | |
1149 | ||
71540aeb | 1150 | /* returns expected content length for multi-range replies |
1151 | * note: assumes that httpHdrRangeCanonize has already been called | |
1152 | * warning: assumes that HTTP headers for individual ranges at the | |
1153 | * time of the actuall assembly will be exactly the same as | |
1154 | * the headers when clientMRangeCLen() is called */ | |
1155 | static int | |
f6308664 | 1156 | clientMRangeCLen(clientHttpRequest * http) |
1157 | { | |
71540aeb | 1158 | int clen = 0; |
1159 | HttpHdrRangePos pos = HttpHdrRangeInitPos; | |
1160 | const HttpHdrRangeSpec *spec; | |
1161 | MemBuf mb; | |
1162 | ||
1163 | assert(http->entry->mem_obj); | |
1164 | ||
1165 | memBufDefInit(&mb); | |
1166 | while ((spec = httpHdrRangeGetSpec(http->request->range, &pos))) { | |
1167 | ||
1168 | /* account for headers for this range */ | |
1169 | memBufReset(&mb); | |
1170 | clientPackRangeHdr(http->entry->mem_obj->reply, | |
1171 | spec, http->range_iter.boundary, &mb); | |
1172 | clen += mb.size; | |
1173 | ||
1174 | /* account for range content */ | |
1175 | clen += spec->length; | |
1176 | ||
1177 | debug(33, 6) ("clientMRangeCLen: (clen += %d + %d) == %d\n", | |
1178 | mb.size, spec->length, clen); | |
1179 | } | |
1180 | /* account for the terminating boundary */ | |
1181 | memBufReset(&mb); | |
1182 | clientPackTermBound(http->range_iter.boundary, &mb); | |
1183 | clen += mb.size; | |
1184 | ||
1185 | memBufClean(&mb); | |
1186 | return clen; | |
1187 | } | |
1188 | ||
e17d81d3 | 1189 | /* adds appropriate Range headers if needed */ |
1190 | static void | |
1191 | clientBuildRangeHeader(clientHttpRequest * http, HttpReply * rep) | |
1192 | { | |
5e2dba16 | 1193 | HttpHeader *hdr = rep ? &rep->header : 0; |
e17d81d3 | 1194 | const char *range_err = NULL; |
288c06ce | 1195 | request_t *request = http->request; |
623bfa4c | 1196 | int is_hit = isTcpHit(http->log_type); |
288c06ce | 1197 | assert(request->range); |
e17d81d3 | 1198 | /* check if we still want to do ranges */ |
9834a631 | 1199 | if (!rep) |
1200 | range_err = "no [parse-able] reply"; | |
1201 | else if (rep->sline.status != HTTP_OK) | |
e17d81d3 | 1202 | range_err = "wrong status code"; |
ebb6e9a0 | 1203 | else if (httpHeaderHas(hdr, HDR_CONTENT_RANGE)) |
e17d81d3 | 1204 | range_err = "origin server does ranges"; |
ebb6e9a0 | 1205 | else if (rep->content_length < 0) |
e17d81d3 | 1206 | range_err = "unknown length"; |
ebb6e9a0 | 1207 | else if (rep->content_length != http->entry->mem_obj->reply->content_length) |
1208 | range_err = "INCONSISTENT length"; /* a bug? */ | |
1209 | else if (httpHeaderHas(&http->request->header, HDR_IF_RANGE) && !clientIfRangeMatch(http, rep)) | |
a9771e51 | 1210 | range_err = "If-Range match failed"; |
ebb6e9a0 | 1211 | else if (!httpHdrRangeCanonize(http->request->range, rep->content_length)) |
e17d81d3 | 1212 | range_err = "canonization failed"; |
ebb6e9a0 | 1213 | else if (httpHdrRangeIsComplex(http->request->range)) |
e17d81d3 | 1214 | range_err = "too complex range header"; |
a4b8110e | 1215 | else if (!request->flags.cachable) /* from we_do_ranges in http.c */ |
288c06ce | 1216 | range_err = "non-cachable request"; |
623bfa4c | 1217 | else if (!is_hit && httpHdrRangeOffsetLimit(http->request->range)) |
1218 | range_err = "range outside range_offset_limit"; | |
e17d81d3 | 1219 | /* get rid of our range specs on error */ |
1220 | if (range_err) { | |
badd8ff0 | 1221 | debug(33, 3) ("clientBuildRangeHeader: will not do ranges: %s.\n", range_err); |
e17d81d3 | 1222 | httpHdrRangeDestroy(http->request->range); |
1223 | http->request->range = NULL; | |
1224 | } else { | |
1225 | const int spec_count = http->request->range->specs.count; | |
71540aeb | 1226 | int actual_clen = -1; |
1227 | ||
badd8ff0 | 1228 | debug(33, 3) ("clientBuildRangeHeader: range spec count: %d virgin clen: %d\n", |
e17d81d3 | 1229 | spec_count, rep->content_length); |
1230 | assert(spec_count > 0); | |
a9771e51 | 1231 | /* ETags should not be returned with Partial Content replies? */ |
1232 | httpHeaderDelById(hdr, HDR_ETAG); | |
ebb6e9a0 | 1233 | /* append appropriate header(s) */ |
e17d81d3 | 1234 | if (spec_count == 1) { |
1235 | HttpHdrRangePos pos = HttpHdrRangeInitPos; | |
889b534a | 1236 | const HttpHdrRangeSpec *spec = httpHdrRangeGetSpec(http->request->range, &pos); |
1237 | assert(spec); | |
e17d81d3 | 1238 | /* append Content-Range */ |
889b534a | 1239 | httpHeaderAddContRange(hdr, *spec, rep->content_length); |
71540aeb | 1240 | /* set new Content-Length to the actual number of bytes |
e17d81d3 | 1241 | * transmitted in the message-body */ |
71540aeb | 1242 | actual_clen = spec->length; |
e17d81d3 | 1243 | } else { |
1244 | /* multipart! */ | |
1245 | /* generate boundary string */ | |
1246 | http->range_iter.boundary = httpHdrRangeBoundaryStr(http); | |
1247 | /* delete old Content-Type, add ours */ | |
1248 | httpHeaderDelById(hdr, HDR_CONTENT_TYPE); | |
1249 | httpHeaderPutStrf(hdr, HDR_CONTENT_TYPE, | |
1250 | "multipart/byteranges; boundary=\"%s\"", | |
1251 | strBuf(http->range_iter.boundary)); | |
71540aeb | 1252 | /* Content-Length is not required in multipart responses |
1253 | * but it is always nice to have one */ | |
1254 | actual_clen = clientMRangeCLen(http); | |
e17d81d3 | 1255 | } |
71540aeb | 1256 | |
1257 | /* replace Content-Length header */ | |
1258 | assert(actual_clen >= 0); | |
1259 | httpHeaderDelById(hdr, HDR_CONTENT_LENGTH); | |
1260 | httpHeaderPutInt(hdr, HDR_CONTENT_LENGTH, actual_clen); | |
badd8ff0 | 1261 | debug(33, 3) ("clientBuildRangeHeader: actual content length: %d\n", actual_clen); |
e17d81d3 | 1262 | } |
1263 | } | |
1264 | ||
35282fbf | 1265 | /* |
1266 | * filters out unwanted entries from original reply header | |
d192d11f | 1267 | * adds extra entries if we have more info than origin server |
35282fbf | 1268 | * adds Squid specific entries |
1269 | */ | |
2246b732 | 1270 | static void |
eeb423fb | 1271 | clientBuildReplyHeader(clientHttpRequest * http, HttpReply * rep) |
2246b732 | 1272 | { |
1273 | HttpHeader *hdr = &rep->header; | |
1274 | int is_hit = isTcpHit(http->log_type); | |
7673173d | 1275 | request_t *request = http->request; |
2246b732 | 1276 | #if DONT_FILTER_THESE |
1277 | /* but you might want to if you run Squid as an HTTP accelerator */ | |
d192d11f | 1278 | /* httpHeaderDelById(hdr, HDR_ACCEPT_RANGES); */ |
2246b732 | 1279 | httpHeaderDelById(hdr, HDR_ETAG); |
1280 | #endif | |
1281 | httpHeaderDelById(hdr, HDR_PROXY_CONNECTION); | |
1282 | /* here: Keep-Alive is a field-name, not a connection directive! */ | |
1283 | httpHeaderDelByName(hdr, "Keep-Alive"); | |
1284 | /* remove Set-Cookie if a hit */ | |
1285 | if (is_hit) | |
1286 | httpHeaderDelById(hdr, HDR_SET_COOKIE); | |
1287 | /* handle Connection header */ | |
1288 | if (httpHeaderHas(hdr, HDR_CONNECTION)) { | |
1289 | /* anything that matches Connection list member will be deleted */ | |
1290 | String strConnection = httpHeaderGetList(hdr, HDR_CONNECTION); | |
1291 | const HttpHeaderEntry *e; | |
1292 | HttpHeaderPos pos = HttpHeaderInitPos; | |
7673173d | 1293 | /* |
1294 | * think: on-average-best nesting of the two loops (hdrEntry | |
1295 | * and strListItem) @?@ | |
1296 | */ | |
1297 | /* | |
1298 | * maybe we should delete standard stuff ("keep-alive","close") | |
1299 | * from strConnection first? | |
1300 | */ | |
2246b732 | 1301 | while ((e = httpHeaderGetEntry(hdr, &pos))) { |
1302 | if (strListIsMember(&strConnection, strBuf(e->name), ',')) | |
1303 | httpHeaderDelAt(hdr, pos); | |
1304 | } | |
1305 | httpHeaderDelById(hdr, HDR_CONNECTION); | |
1306 | stringClean(&strConnection); | |
1307 | } | |
d192d11f | 1308 | /* Handle Ranges */ |
7673173d | 1309 | if (request->range) |
e17d81d3 | 1310 | clientBuildRangeHeader(http, rep); |
7673173d | 1311 | /* |
efd900cb | 1312 | * Add a estimated Age header on cache hits. |
7673173d | 1313 | */ |
efd900cb | 1314 | if (is_hit) { |
1315 | /* | |
1316 | * Remove any existing Age header sent by upstream caches | |
1317 | * (note that the existing header is passed along unmodified | |
1318 | * on cache misses) | |
1319 | */ | |
cc66f616 | 1320 | httpHeaderDelById(hdr, HDR_AGE); |
7673173d | 1321 | /* |
efd900cb | 1322 | * This adds the calculated object age. Note that the details of the |
1323 | * age calculation is performed by adjusting the timestamp in | |
1324 | * storeTimestampsSet(), not here. | |
1325 | * | |
1326 | * BROWSER WORKAROUND: IE sometimes hangs when receiving a 0 Age | |
1327 | * header, so don't use it unless there is a age to report. Please | |
1328 | * note that Age is only used to make a conservative estimation of | |
1329 | * the objects age, so a Age: 0 header does not add any useful | |
1330 | * information to the reply in any case. | |
7673173d | 1331 | */ |
6fd26c18 | 1332 | if (NULL == http->entry) |
1333 | (void) 0; | |
1334 | else if (http->entry->timestamp < 0) | |
1335 | (void) 0; | |
15eab38b | 1336 | else if (http->entry->timestamp < squid_curtime) |
6fd26c18 | 1337 | httpHeaderPutInt(hdr, HDR_AGE, |
1338 | squid_curtime - http->entry->timestamp); | |
cc66f616 | 1339 | } |
94439e4e | 1340 | /* Handle authentication headers */ |
1341 | if (request->auth_user_request) | |
721b0310 | 1342 | authenticateFixHeader(rep, request->auth_user_request, request, http->flags.accel, 0); |
2246b732 | 1343 | /* Append X-Cache */ |
1344 | httpHeaderPutStrf(hdr, HDR_X_CACHE, "%s from %s", | |
1345 | is_hit ? "HIT" : "MISS", getMyHostname()); | |
1346 | #if USE_CACHE_DIGESTS | |
1347 | /* Append X-Cache-Lookup: -- temporary hack, to be removed @?@ @?@ */ | |
1348 | httpHeaderPutStrf(hdr, HDR_X_CACHE_LOOKUP, "%s from %s:%d", | |
1349 | http->lookup_type ? http->lookup_type : "NONE", | |
7e3ce7b9 | 1350 | getMyHostname(), ntohs(Config.Sockaddr.http->s.sin_port)); |
2246b732 | 1351 | #endif |
9bc73deb | 1352 | if (httpReplyBodySize(request->method, rep) < 0) { |
2d5a59cd | 1353 | debug(33, 3) ("clientBuildReplyHeader: can't keep-alive, unknown body size\n"); |
35282fbf | 1354 | request->flags.proxy_keepalive = 0; |
1355 | } | |
2246b732 | 1356 | /* Signal keep-alive if needed */ |
7673173d | 1357 | httpHeaderPutStr(hdr, |
1358 | http->flags.accel ? HDR_CONNECTION : HDR_PROXY_CONNECTION, | |
92695e5e | 1359 | request->flags.proxy_keepalive ? "keep-alive" : "close"); |
2246b732 | 1360 | #if ADD_X_REQUEST_URI |
1361 | /* | |
1362 | * Knowing the URI of the request is useful when debugging persistent | |
1363 | * connections in a client; we cannot guarantee the order of http headers, | |
1364 | * but X-Request-URI is likely to be the very last header to ease use from a | |
1365 | * debugger [hdr->entries.count-1]. | |
1366 | */ | |
eeb423fb | 1367 | httpHeaderPutStr(hdr, HDR_X_REQUEST_URI, |
2246b732 | 1368 | http->entry->mem_obj->url ? http->entry->mem_obj->url : http->uri); |
1369 | #endif | |
6bccf575 | 1370 | httpHdrMangleList(hdr, request); |
2246b732 | 1371 | } |
1372 | ||
eeb423fb | 1373 | static HttpReply * |
2246b732 | 1374 | clientBuildReply(clientHttpRequest * http, const char *buf, size_t size) |
1375 | { | |
1376 | HttpReply *rep = httpReplyCreate(); | |
9bc73deb | 1377 | size_t k = headersEnd(buf, size); |
1378 | if (k && httpReplyParse(rep, buf, k)) { | |
2246b732 | 1379 | /* enforce 1.0 reply version */ |
bffee5af | 1380 | httpBuildVersion(&rep->sline.version, 1, 0); |
2246b732 | 1381 | /* do header conversions */ |
1382 | clientBuildReplyHeader(http, rep); | |
d192d11f | 1383 | /* if we do ranges, change status to "Partial Content" */ |
1384 | if (http->request->range) | |
9bc73deb | 1385 | httpStatusLineSet(&rep->sline, rep->sline.version, |
1386 | HTTP_PARTIAL_CONTENT, NULL); | |
2246b732 | 1387 | } else { |
1388 | /* parsing failure, get rid of the invalid reply */ | |
1389 | httpReplyDestroy(rep); | |
1390 | rep = NULL; | |
9834a631 | 1391 | /* if we were going to do ranges, backoff */ |
9bc73deb | 1392 | if (http->request->range) { |
1393 | /* this will fail and destroy request->range */ | |
1394 | clientBuildRangeHeader(http, rep); | |
1395 | } | |
2246b732 | 1396 | } |
1397 | return rep; | |
1398 | } | |
7a2f978b | 1399 | |
85071fe3 | 1400 | /* |
1401 | * clientCacheHit should only be called until the HTTP reply headers | |
1402 | * have been parsed. Normally this should be a single call, but | |
1403 | * it might take more than one. As soon as we have the headers, | |
1404 | * we hand off to clientSendMoreData, clientProcessExpired, or | |
1405 | * clientProcessMiss. | |
1406 | */ | |
4c323c5f | 1407 | static void |
7a2f978b | 1408 | clientCacheHit(void *data, char *buf, ssize_t size) |
1409 | { | |
1410 | clientHttpRequest *http = data; | |
49d3fcb0 | 1411 | StoreEntry *e = http->entry; |
1412 | MemObject *mem; | |
1413 | request_t *r = http->request; | |
93f9abd0 | 1414 | debug(33, 3) ("clientCacheHit: %s, %d bytes\n", http->uri, (int) size); |
49d3fcb0 | 1415 | if (http->entry == NULL) { |
db1cd23c | 1416 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
93f9abd0 | 1417 | debug(33, 3) ("clientCacheHit: request aborted\n"); |
49d3fcb0 | 1418 | return; |
1419 | } else if (size < 0) { | |
7a2f978b | 1420 | /* swap in failure */ |
db1cd23c | 1421 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
93f9abd0 | 1422 | debug(33, 3) ("clientCacheHit: swapin failure for %s\n", http->uri); |
7a2f978b | 1423 | http->log_type = LOG_TCP_SWAPFAIL_MISS; |
fdfc0d63 | 1424 | if ((e = http->entry)) { |
1425 | http->entry = NULL; | |
06d2839d | 1426 | storeUnregister(http->sc, e, http); |
e1dcf02d | 1427 | http->sc = NULL; |
fdfc0d63 | 1428 | storeUnlockObject(e); |
1429 | } | |
fb63215a | 1430 | clientProcessMiss(http); |
49d3fcb0 | 1431 | return; |
1432 | } | |
1433 | assert(size > 0); | |
1434 | mem = e->mem_obj; | |
b7fe0ab0 | 1435 | assert(!EBIT_TEST(e->flags, ENTRY_ABORTED)); |
49d3fcb0 | 1436 | if (mem->reply->sline.status == 0) { |
1437 | /* | |
1438 | * we don't have full reply headers yet; either wait for more or | |
1439 | * punt to clientProcessMiss. | |
1440 | */ | |
25944e56 | 1441 | if (e->mem_status == IN_MEMORY || e->store_status == STORE_OK) { |
db1cd23c | 1442 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
49d3fcb0 | 1443 | clientProcessMiss(http); |
cc27d775 | 1444 | } else if (size == CLIENT_SOCK_SZ && http->out.offset == 0) { |
db1cd23c | 1445 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
49d3fcb0 | 1446 | clientProcessMiss(http); |
1447 | } else { | |
1448 | debug(33, 3) ("clientCacheHit: waiting for HTTP reply headers\n"); | |
06d2839d | 1449 | storeClientCopy(http->sc, e, |
49d3fcb0 | 1450 | http->out.offset + size, |
1451 | http->out.offset, | |
cc27d775 | 1452 | CLIENT_SOCK_SZ, |
49d3fcb0 | 1453 | buf, |
1454 | clientCacheHit, | |
1455 | http); | |
1456 | } | |
1457 | return; | |
1458 | } | |
1459 | /* | |
1460 | * Got the headers, now grok them | |
1461 | */ | |
1462 | assert(http->log_type == LOG_TCP_HIT); | |
f66a9ef4 | 1463 | switch (varyEvaluateMatch(e, r)) { |
1464 | case VARY_NONE: | |
1465 | /* No variance detected. Continue as normal */ | |
1466 | break; | |
1467 | case VARY_MATCH: | |
1468 | /* This is the correct entity for this request. Continue */ | |
1469 | debug(33, 2) ("clientProcessHit: Vary MATCH!\n"); | |
1470 | break; | |
1471 | case VARY_OTHER: | |
1472 | /* This is not the correct entity for this request. We need | |
1473 | * to requery the cache. | |
1474 | */ | |
1475 | memFree(buf, MEM_CLIENT_SOCK_BUF); | |
1476 | http->entry = NULL; | |
1477 | storeUnregister(http->sc, e, http); | |
1478 | http->sc = NULL; | |
1479 | storeUnlockObject(e); | |
1480 | /* Note: varyEvalyateMatch updates the request with vary information | |
1481 | * so we only get here once. (it also takes care of cancelling loops) | |
1482 | */ | |
1483 | debug(33, 2) ("clientProcessHit: Vary detected!\n"); | |
1484 | clientProcessRequest(http); | |
1485 | return; | |
1486 | case VARY_CANCEL: | |
1487 | /* varyEvaluateMatch found a object loop. Process as miss */ | |
1488 | debug(33, 1) ("clientProcessHit: Vary object loop!\n"); | |
1489 | memFree(buf, MEM_CLIENT_SOCK_BUF); | |
1490 | clientProcessMiss(http); | |
1491 | return; | |
1492 | } | |
1493 | if (r->method == METHOD_PURGE) { | |
1494 | memFree(buf, MEM_CLIENT_SOCK_BUF); | |
1495 | http->entry = NULL; | |
1496 | storeUnregister(http->sc, e, http); | |
1497 | http->sc = NULL; | |
1498 | storeUnlockObject(e); | |
1499 | clientPurgeRequest(http); | |
1500 | return; | |
1501 | } | |
49d3fcb0 | 1502 | if (checkNegativeHit(e)) { |
1503 | http->log_type = LOG_TCP_NEGATIVE_HIT; | |
1504 | clientSendMoreData(data, buf, size); | |
d657ffad | 1505 | } else if (r->method == METHOD_HEAD) { |
1506 | /* | |
1507 | * RFC 2068 seems to indicate there is no "conditional HEAD" | |
1508 | * request. We cannot validate a cached object for a HEAD | |
1509 | * request, nor can we return 304. | |
1510 | */ | |
1511 | if (e->mem_status == IN_MEMORY) | |
1512 | http->log_type = LOG_TCP_MEM_HIT; | |
1513 | clientSendMoreData(data, buf, size); | |
829a9357 | 1514 | } else if (refreshCheckHTTP(e, r) && !http->flags.internal) { |
5dd13cf3 | 1515 | debug(33, 5) ("clientCacheHit: in refreshCheck() block\n"); |
49d3fcb0 | 1516 | /* |
1517 | * We hold a stale copy; it needs to be validated | |
1518 | */ | |
9689d97c | 1519 | /* |
1520 | * The 'need_validation' flag is used to prevent forwarding | |
1521 | * loops between siblings. If our copy of the object is stale, | |
1522 | * then we should probably only use parents for the validation | |
1523 | * request. Otherwise two siblings could generate a loop if | |
1524 | * both have a stale version of the object. | |
1525 | */ | |
1526 | r->flags.need_validation = 1; | |
0cdcddb9 | 1527 | if (e->lastmod < 0) { |
1528 | /* | |
1c3e77cd | 1529 | * Previous reply didn't have a Last-Modified header, |
1530 | * we cannot revalidate it. | |
1531 | */ | |
1532 | http->log_type = LOG_TCP_MISS; | |
1533 | clientProcessMiss(http); | |
92695e5e | 1534 | } else if (r->flags.nocache) { |
cbe3a719 | 1535 | /* |
1536 | * This did not match a refresh pattern that overrides no-cache | |
1537 | * we should honour the client no-cache header. | |
1538 | */ | |
1539 | http->log_type = LOG_TCP_CLIENT_REFRESH_MISS; | |
1540 | clientProcessMiss(http); | |
1c3e77cd | 1541 | } else if (r->protocol == PROTO_HTTP) { |
cbe3a719 | 1542 | /* |
1543 | * Object needs to be revalidated | |
1544 | * XXX This could apply to FTP as well, if Last-Modified is known. | |
1545 | */ | |
49d3fcb0 | 1546 | http->log_type = LOG_TCP_REFRESH_MISS; |
1547 | clientProcessExpired(http); | |
1548 | } else { | |
cbe3a719 | 1549 | /* |
1550 | * We don't know how to re-validate other protocols. Handle | |
1551 | * them as if the object has expired. | |
1552 | */ | |
49d3fcb0 | 1553 | http->log_type = LOG_TCP_MISS; |
1554 | clientProcessMiss(http); | |
1555 | } | |
db1cd23c | 1556 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
92695e5e | 1557 | } else if (r->flags.ims) { |
49d3fcb0 | 1558 | /* |
1559 | * Handle If-Modified-Since requests from the client | |
1560 | */ | |
1561 | if (mem->reply->sline.status != HTTP_OK) { | |
1562 | debug(33, 4) ("clientCacheHit: Reply code %d != 200\n", | |
1563 | mem->reply->sline.status); | |
db1cd23c | 1564 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
1ecaa0a0 | 1565 | http->log_type = LOG_TCP_MISS; |
49d3fcb0 | 1566 | clientProcessMiss(http); |
1567 | } else if (modifiedSince(e, http->request)) { | |
815ef411 | 1568 | http->log_type = LOG_TCP_IMS_HIT; |
49d3fcb0 | 1569 | clientSendMoreData(data, buf, size); |
1570 | } else { | |
d20b1cd0 | 1571 | time_t timestamp = e->timestamp; |
49d3fcb0 | 1572 | MemBuf mb = httpPacked304Reply(e->mem_obj->reply); |
1573 | http->log_type = LOG_TCP_IMS_HIT; | |
db1cd23c | 1574 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
06d2839d | 1575 | storeUnregister(http->sc, e, http); |
e1dcf02d | 1576 | http->sc = NULL; |
49d3fcb0 | 1577 | storeUnlockObject(e); |
92695e5e | 1578 | e = clientCreateStoreEntry(http, http->request->method, null_request_flags); |
d20b1cd0 | 1579 | /* |
1580 | * Copy timestamp from the original entry so the 304 | |
1581 | * reply has a meaningful Age: header. | |
1582 | */ | |
1583 | e->timestamp = timestamp; | |
49d3fcb0 | 1584 | http->entry = e; |
9bc73deb | 1585 | httpReplyParse(e->mem_obj->reply, mb.buf, mb.size); |
49d3fcb0 | 1586 | storeAppend(e, mb.buf, mb.size); |
1587 | memBufClean(&mb); | |
1588 | storeComplete(e); | |
1589 | } | |
1590 | } else { | |
1591 | /* | |
1592 | * plain ol' cache hit | |
1593 | */ | |
1594 | if (e->mem_status == IN_MEMORY) | |
1595 | http->log_type = LOG_TCP_MEM_HIT; | |
b540e168 | 1596 | else if (Config.onoff.offline) |
1597 | http->log_type = LOG_TCP_OFFLINE_HIT; | |
49d3fcb0 | 1598 | clientSendMoreData(data, buf, size); |
7a2f978b | 1599 | } |
1600 | } | |
1601 | ||
71540aeb | 1602 | /* put terminating boundary for multiparts */ |
1603 | static void | |
f6308664 | 1604 | clientPackTermBound(String boundary, MemBuf * mb) |
71540aeb | 1605 | { |
1606 | memBufPrintf(mb, "\r\n--%s--\r\n", strBuf(boundary)); | |
1607 | debug(33, 6) ("clientPackTermBound: buf offset: %d\n", mb->size); | |
1608 | } | |
d192d11f | 1609 | |
aa42ceac | 1610 | /* appends a "part" HTTP header (as in a multi-part/range reply) to the buffer */ |
1611 | static void | |
f6308664 | 1612 | clientPackRangeHdr(const HttpReply * rep, const HttpHdrRangeSpec * spec, String boundary, MemBuf * mb) |
aa42ceac | 1613 | { |
1614 | HttpHeader hdr; | |
1615 | Packer p; | |
1616 | assert(rep); | |
1617 | assert(spec); | |
1618 | ||
1619 | /* put boundary */ | |
1620 | debug(33, 5) ("clientPackRangeHdr: appending boundary: %s\n", strBuf(boundary)); | |
aa42ceac | 1621 | /* rfc2046 requires to _prepend_ boundary with <crlf>! */ |
1622 | memBufPrintf(mb, "\r\n--%s\r\n", strBuf(boundary)); | |
1623 | ||
1624 | /* stuff the header with required entries and pack it */ | |
1625 | httpHeaderInit(&hdr, hoReply); | |
1626 | if (httpHeaderHas(&rep->header, HDR_CONTENT_TYPE)) | |
f6308664 | 1627 | httpHeaderPutStr(&hdr, HDR_CONTENT_TYPE, httpHeaderGetStr(&rep->header, HDR_CONTENT_TYPE)); |
aa42ceac | 1628 | httpHeaderAddContRange(&hdr, *spec, rep->content_length); |
1629 | packerToMemInit(&p, mb); | |
1630 | httpHeaderPackInto(&hdr, &p); | |
1631 | packerClean(&p); | |
1632 | httpHeaderClean(&hdr); | |
1633 | ||
71540aeb | 1634 | /* append <crlf> (we packed a header, not a reply) */ |
aa42ceac | 1635 | memBufPrintf(mb, crlf); |
1636 | } | |
1637 | ||
9bc73deb | 1638 | /* |
1639 | * extracts a "range" from *buf and appends them to mb, updating | |
1640 | * all offsets and such. | |
1641 | */ | |
d192d11f | 1642 | static void |
9bc73deb | 1643 | clientPackRange(clientHttpRequest * http, |
1644 | HttpHdrRangeIter * i, | |
1645 | const char **buf, | |
1646 | ssize_t * size, | |
1647 | MemBuf * mb) | |
d192d11f | 1648 | { |
9bc73deb | 1649 | const ssize_t copy_sz = i->debt_size <= *size ? i->debt_size : *size; |
d192d11f | 1650 | off_t body_off = http->out.offset - i->prefix_size; |
1651 | assert(*size > 0); | |
889b534a | 1652 | assert(i->spec); |
9bc73deb | 1653 | /* |
1654 | * intersection of "have" and "need" ranges must not be empty | |
1655 | */ | |
889b534a | 1656 | assert(body_off < i->spec->offset + i->spec->length); |
1657 | assert(body_off + *size > i->spec->offset); | |
9bc73deb | 1658 | /* |
1659 | * put boundary and headers at the beginning of a range in a | |
1660 | * multi-range | |
1661 | */ | |
889b534a | 1662 | if (http->request->range->specs.count > 1 && i->debt_size == i->spec->length) { |
aa42ceac | 1663 | assert(http->entry->mem_obj); |
1664 | clientPackRangeHdr( | |
f6308664 | 1665 | http->entry->mem_obj->reply, /* original reply */ |
1666 | i->spec, /* current range */ | |
1667 | i->boundary, /* boundary, the same for all */ | |
aa42ceac | 1668 | mb |
f6308664 | 1669 | ); |
d192d11f | 1670 | } |
9bc73deb | 1671 | /* |
1672 | * append content | |
1673 | */ | |
cdedf7db | 1674 | debug(33, 3) ("clientPackRange: appending %d bytes\n", copy_sz); |
d192d11f | 1675 | memBufAppend(mb, *buf, copy_sz); |
9bc73deb | 1676 | /* |
1677 | * update offsets | |
1678 | */ | |
d192d11f | 1679 | *size -= copy_sz; |
1680 | i->debt_size -= copy_sz; | |
1681 | body_off += copy_sz; | |
1682 | *buf += copy_sz; | |
ebb6e9a0 | 1683 | http->out.offset = body_off + i->prefix_size; /* sync */ |
9bc73deb | 1684 | /* |
1685 | * paranoid check | |
1686 | */ | |
d192d11f | 1687 | assert(*size >= 0 && i->debt_size >= 0); |
1688 | } | |
1689 | ||
889b534a | 1690 | /* returns true if there is still data available to pack more ranges |
1691 | * increments iterator "i" | |
1692 | * used by clientPackMoreRanges */ | |
1693 | static int | |
ebb6e9a0 | 1694 | clientCanPackMoreRanges(const clientHttpRequest * http, HttpHdrRangeIter * i, ssize_t size) |
889b534a | 1695 | { |
1696 | /* first update "i" if needed */ | |
1697 | if (!i->debt_size) { | |
1698 | if ((i->spec = httpHdrRangeGetSpec(http->request->range, &i->pos))) | |
1699 | i->debt_size = i->spec->length; | |
1700 | } | |
ebb6e9a0 | 1701 | assert(!i->debt_size == !i->spec); /* paranoid sync condition */ |
889b534a | 1702 | /* continue condition: need_more_data && have_more_data */ |
1703 | return i->spec && size > 0; | |
1704 | } | |
d192d11f | 1705 | |
1706 | /* extracts "ranges" from buf and appends them to mb, updating all offsets and such */ | |
1707 | /* returns true if we need more data */ | |
1708 | static int | |
ebb6e9a0 | 1709 | clientPackMoreRanges(clientHttpRequest * http, const char *buf, ssize_t size, MemBuf * mb) |
d192d11f | 1710 | { |
1711 | HttpHdrRangeIter *i = &http->range_iter; | |
d192d11f | 1712 | /* offset in range specs does not count the prefix of an http msg */ |
1713 | off_t body_off = http->out.offset - i->prefix_size; | |
1714 | assert(size >= 0); | |
9834a631 | 1715 | /* check: reply was parsed and range iterator was initialized */ |
1716 | assert(i->prefix_size > 0); | |
d192d11f | 1717 | /* filter out data according to range specs */ |
889b534a | 1718 | while (clientCanPackMoreRanges(http, i, size)) { |
ebb6e9a0 | 1719 | off_t start; /* offset of still missing data */ |
889b534a | 1720 | assert(i->spec); |
1721 | start = i->spec->offset + i->spec->length - i->debt_size; | |
badd8ff0 | 1722 | debug(33, 3) ("clientPackMoreRanges: in: offset: %d size: %d\n", |
ebb6e9a0 | 1723 | (int) body_off, size); |
badd8ff0 | 1724 | debug(33, 3) ("clientPackMoreRanges: out: start: %d spec[%d]: [%d, %d), len: %d debt: %d\n", |
ebb6e9a0 | 1725 | (int) start, (int) i->pos, i->spec->offset, (int) (i->spec->offset + i->spec->length), i->spec->length, i->debt_size); |
1726 | assert(body_off <= start); /* we did not miss it */ | |
d192d11f | 1727 | /* skip up to start */ |
1728 | if (body_off + size > start) { | |
1729 | const size_t skip_size = start - body_off; | |
1730 | body_off = start; | |
1731 | size -= skip_size; | |
1732 | buf += skip_size; | |
1733 | } else { | |
1734 | /* has not reached start yet */ | |
1735 | body_off += size; | |
1736 | size = 0; | |
1737 | buf = NULL; | |
1738 | } | |
1739 | /* put next chunk if any */ | |
1740 | if (size) { | |
ebb6e9a0 | 1741 | http->out.offset = body_off + i->prefix_size; /* sync */ |
d192d11f | 1742 | clientPackRange(http, i, &buf, &size, mb); |
ebb6e9a0 | 1743 | body_off = http->out.offset - i->prefix_size; /* sync */ |
d192d11f | 1744 | } |
1745 | } | |
ebb6e9a0 | 1746 | assert(!i->debt_size == !i->spec); /* paranoid sync condition */ |
badd8ff0 | 1747 | debug(33, 3) ("clientPackMoreRanges: buf exhausted: in: offset: %d size: %d need_more: %d\n", |
ebb6e9a0 | 1748 | (int) body_off, size, i->debt_size); |
889b534a | 1749 | if (i->debt_size) { |
badd8ff0 | 1750 | debug(33, 3) ("clientPackMoreRanges: need more: spec[%d]: [%d, %d), len: %d\n", |
ebb6e9a0 | 1751 | (int) i->pos, i->spec->offset, (int) (i->spec->offset + i->spec->length), i->spec->length); |
889b534a | 1752 | /* skip the data we do not need if possible */ |
ebb6e9a0 | 1753 | if (i->debt_size == i->spec->length) /* at the start of the cur. spec */ |
889b534a | 1754 | body_off = i->spec->offset; |
d192d11f | 1755 | else |
889b534a | 1756 | assert(body_off == i->spec->offset + i->spec->length - i->debt_size); |
ebb6e9a0 | 1757 | } else if (http->request->range->specs.count > 1) { |
d192d11f | 1758 | /* put terminating boundary for multiparts */ |
71540aeb | 1759 | clientPackTermBound(i->boundary, mb); |
d192d11f | 1760 | } |
ebb6e9a0 | 1761 | http->out.offset = body_off + i->prefix_size; /* sync */ |
889b534a | 1762 | return i->debt_size > 0; |
d192d11f | 1763 | } |
1764 | ||
0483b991 | 1765 | static int |
6fbf8998 | 1766 | clientReplyBodyTooLarge(HttpReply * rep, int clen) |
0483b991 | 1767 | { |
a560ee93 | 1768 | if (0 == rep->maxBodySize) |
0483b991 | 1769 | return 0; /* disabled */ |
1770 | if (clen < 0) | |
1771 | return 0; /* unknown */ | |
a560ee93 | 1772 | if (clen > rep->maxBodySize) |
0483b991 | 1773 | return 1; /* too large */ |
1774 | return 0; | |
1775 | } | |
1776 | ||
efd900cb | 1777 | static int |
1778 | clientRequestBodyTooLarge(int clen) | |
1779 | { | |
1780 | if (0 == Config.maxRequestBodySize) | |
1781 | return 0; /* disabled */ | |
1782 | if (clen < 0) | |
1783 | return 0; /* unknown, bug? */ | |
1784 | if (clen > Config.maxRequestBodySize) | |
1785 | return 1; /* too large */ | |
1786 | return 0; | |
1787 | } | |
1788 | ||
ab874fd0 | 1789 | |
1790 | /* Responses with no body will not have a content-type header, | |
1791 | * which breaks the rep_mime_type acl, which | |
1792 | * coincidentally, is the most common acl for reply access lists. | |
1793 | * A better long term fix for this is to allow acl matchs on the various | |
1794 | * status codes, and then supply a default ruleset that puts these | |
1795 | * codes before any user defines access entries. That way the user | |
1796 | * can choose to block these responses where appropriate, but won't get | |
1797 | * mysterious breakages. | |
1798 | */ | |
1799 | static int | |
3d15e2d7 | 1800 | clientAlwaysAllowResponse(http_status sline) |
1801 | { | |
ab874fd0 | 1802 | switch (sline) { |
3d15e2d7 | 1803 | case HTTP_CONTINUE: |
1804 | case HTTP_SWITCHING_PROTOCOLS: | |
1805 | case HTTP_PROCESSING: | |
1806 | case HTTP_NO_CONTENT: | |
1807 | case HTTP_NOT_MODIFIED: | |
1808 | return 1; | |
1809 | /* unreached */ | |
1810 | break; | |
1811 | default: | |
1812 | return 0; | |
ab874fd0 | 1813 | } |
1814 | } | |
1815 | ||
1816 | ||
2246b732 | 1817 | /* |
1818 | * accepts chunk of a http message in buf, parses prefix, filters headers and | |
1819 | * such, writes processed message to the client's socket | |
1820 | */ | |
4c323c5f | 1821 | static void |
7a2f978b | 1822 | clientSendMoreData(void *data, char *buf, ssize_t size) |
1823 | { | |
1824 | clientHttpRequest *http = data; | |
1825 | StoreEntry *entry = http->entry; | |
1826 | ConnStateData *conn = http->conn; | |
1827 | int fd = conn->fd; | |
2246b732 | 1828 | HttpReply *rep = NULL; |
2246b732 | 1829 | const char *body_buf = buf; |
1830 | ssize_t body_size = size; | |
9f086470 | 1831 | MemBuf mb; |
bcd3b08a | 1832 | ssize_t check_size = 0; |
93f9abd0 | 1833 | debug(33, 5) ("clientSendMoreData: %s, %d bytes\n", http->uri, (int) size); |
cc27d775 | 1834 | assert(size <= CLIENT_SOCK_SZ); |
40defb17 | 1835 | assert(http->request != NULL); |
0f1bc304 | 1836 | dlinkDelete(&http->active, &ClientActiveRequests); |
1837 | dlinkAdd(http, &http->active, &ClientActiveRequests); | |
93f9abd0 | 1838 | debug(33, 5) ("clientSendMoreData: FD %d '%s', out.offset=%d \n", |
5f6ac48b | 1839 | fd, storeUrl(entry), (int) http->out.offset); |
7a2f978b | 1840 | if (conn->chr != http) { |
1841 | /* there is another object in progress, defer this one */ | |
aebbcd07 | 1842 | debug(33, 1) ("clientSendMoreData: Deferring %s\n", storeUrl(entry)); |
db1cd23c | 1843 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
7a2f978b | 1844 | return; |
b7fe0ab0 | 1845 | } else if (entry && EBIT_TEST(entry->flags, ENTRY_ABORTED)) { |
d6e928c9 | 1846 | /* call clientWriteComplete so the client socket gets closed */ |
1847 | clientWriteComplete(fd, NULL, 0, COMM_OK, http); | |
db1cd23c | 1848 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
7a2f978b | 1849 | return; |
1850 | } else if (size < 0) { | |
d6e928c9 | 1851 | /* call clientWriteComplete so the client socket gets closed */ |
1852 | clientWriteComplete(fd, NULL, 0, COMM_OK, http); | |
db1cd23c | 1853 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
7a2f978b | 1854 | return; |
1855 | } else if (size == 0) { | |
d6e928c9 | 1856 | /* call clientWriteComplete so the client socket gets closed */ |
1857 | clientWriteComplete(fd, NULL, 0, COMM_OK, http); | |
db1cd23c | 1858 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
7a2f978b | 1859 | return; |
1860 | } | |
40defb17 | 1861 | if (http->out.offset == 0) { |
7a2f978b | 1862 | if (Config.onoff.log_mime_hdrs) { |
2334c194 | 1863 | size_t k; |
1864 | if ((k = headersEnd(buf, size))) { | |
7a2f978b | 1865 | safe_free(http->al.headers.reply); |
1afe05c5 | 1866 | http->al.headers.reply = xcalloc(k + 1, 1); |
2334c194 | 1867 | xstrncpy(http->al.headers.reply, buf, k); |
7a2f978b | 1868 | } |
1869 | } | |
2246b732 | 1870 | rep = clientBuildReply(http, buf, size); |
a560ee93 | 1871 | if (rep) { |
c4ab8329 | 1872 | aclCheck_t *ch; |
1873 | int rv; | |
a560ee93 | 1874 | httpReplyBodyBuildSize(http->request, rep, &Config.ReplyBodySize); |
1875 | if (clientReplyBodyTooLarge(rep, rep->content_length)) { | |
6fbf8998 | 1876 | ErrorState *err = errorCon(ERR_TOO_BIG, HTTP_FORBIDDEN); |
1877 | err->request = requestLink(http->request); | |
1878 | storeUnregister(http->sc, http->entry, http); | |
1879 | http->sc = NULL; | |
1880 | storeUnlockObject(http->entry); | |
1881 | http->entry = clientCreateStoreEntry(http, http->request->method, | |
a560ee93 | 1882 | null_request_flags); |
6fbf8998 | 1883 | errorAppendEntry(http->entry, err); |
1884 | httpReplyDestroy(rep); | |
1885 | return; | |
a560ee93 | 1886 | } |
3d15e2d7 | 1887 | body_size = size - rep->hdr_sz; |
2246b732 | 1888 | assert(body_size >= 0); |
1f7e91a1 | 1889 | body_buf = buf + rep->hdr_sz; |
d192d11f | 1890 | http->range_iter.prefix_size = rep->hdr_sz; |
2246b732 | 1891 | debug(33, 3) ("clientSendMoreData: Appending %d bytes after %d bytes of headers\n", |
1892 | body_size, rep->hdr_sz); | |
c4ab8329 | 1893 | ch = aclChecklistCreate(Config.accessList.reply, http->request, NULL); |
1894 | ch->reply = rep; | |
1895 | rv = aclCheckFast(Config.accessList.reply, ch); | |
1896 | debug(33, 2) ("The reply for %s %s is %s, because it matched '%s'\n", | |
1897 | RequestMethodStr[http->request->method], http->uri, | |
1898 | rv ? "ALLOWED" : "DENIED", | |
1899 | AclMatchedName ? AclMatchedName : "NO ACL's"); | |
3d15e2d7 | 1900 | if (!rv && rep->sline.status != HTTP_FORBIDDEN |
ab874fd0 | 1901 | && !clientAlwaysAllowResponse(rep->sline.status)) { |
1902 | /* the if above is slightly broken, but there is no way | |
1903 | * to tell if this is a squid generated error page, or one from | |
c4ab8329 | 1904 | * upstream at this point. */ |
1905 | ErrorState *err; | |
1906 | err = errorCon(ERR_ACCESS_DENIED, HTTP_FORBIDDEN); | |
1907 | err->request = requestLink(http->request); | |
1908 | storeUnregister(http->sc, http->entry, http); | |
1909 | http->sc = NULL; | |
1910 | storeUnlockObject(http->entry); | |
1911 | http->entry = clientCreateStoreEntry(http, http->request->method, | |
1912 | null_request_flags); | |
1913 | errorAppendEntry(http->entry, err); | |
1914 | httpReplyDestroy(rep); | |
1915 | return; | |
1916 | } | |
1917 | aclChecklistFree(ch); | |
cc27d775 | 1918 | } else if (size < CLIENT_SOCK_SZ && entry->store_status == STORE_PENDING) { |
9f086470 | 1919 | /* wait for more to arrive */ |
06d2839d | 1920 | storeClientCopy(http->sc, entry, |
9f086470 | 1921 | http->out.offset + size, |
1922 | http->out.offset, | |
cc27d775 | 1923 | CLIENT_SOCK_SZ, |
9f086470 | 1924 | buf, |
1925 | clientSendMoreData, | |
1926 | http); | |
1927 | return; | |
7a2f978b | 1928 | } |
d192d11f | 1929 | /* reset range iterator */ |
1930 | http->range_iter.pos = HttpHdrRangeInitPos; | |
f4f278b5 | 1931 | } else if (!http->request->range) { |
1932 | /* Avoid copying to MemBuf for non-range requests */ | |
1933 | /* Note, if we're here, then 'rep' is known to be NULL */ | |
1934 | http->out.offset += body_size; | |
1935 | comm_write(fd, buf, size, clientWriteBodyComplete, http, NULL); | |
1936 | /* NULL because clientWriteBodyComplete frees it */ | |
1937 | return; | |
7a2f978b | 1938 | } |
7a2f978b | 1939 | if (http->request->method == METHOD_HEAD) { |
9f086470 | 1940 | if (rep) { |
1941 | /* do not forward body for HEAD replies */ | |
1942 | body_size = 0; | |
9f086470 | 1943 | http->flags.done_copying = 1; |
1944 | } else { | |
782b5f40 | 1945 | /* |
1946 | * If we are here, then store_status == STORE_OK and it | |
1947 | * seems we have a HEAD repsponse which is missing the | |
1948 | * empty end-of-headers line (home.mira.net, phttpd/0.99.72 | |
1949 | * does this). Because clientBuildReply() fails we just | |
1950 | * call this reply a body, set the done_copying flag and | |
1951 | * continue... | |
1952 | */ | |
1953 | http->flags.done_copying = 1; | |
7a2f978b | 1954 | } |
1955 | } | |
d192d11f | 1956 | /* write headers and/or body if any */ |
1f7e91a1 | 1957 | assert(rep || (body_buf && body_size)); |
9f086470 | 1958 | /* init mb; put status line and headers if any */ |
1959 | if (rep) { | |
1960 | mb = httpReplyPack(rep); | |
bcd3b08a | 1961 | http->out.offset += rep->hdr_sz; |
1962 | check_size += rep->hdr_sz; | |
c3609322 | 1963 | #if HEADERS_LOG |
1964 | headersLog(0, 0, http->request->method, rep); | |
1965 | #endif | |
5e060348 | 1966 | httpReplyDestroy(rep); |
9f086470 | 1967 | rep = NULL; |
1968 | } else { | |
b8890359 | 1969 | memBufDefInit(&mb); |
9f086470 | 1970 | } |
1971 | /* append body if any */ | |
e42d5181 | 1972 | if (http->request->range) { |
1973 | /* Only GET requests should have ranges */ | |
1974 | assert(http->request->method == METHOD_GET); | |
1975 | /* clientPackMoreRanges() updates http->out.offset */ | |
1976 | /* force the end of the transfer if we are done */ | |
1977 | if (!clientPackMoreRanges(http, body_buf, body_size, &mb)) | |
1978 | http->flags.done_copying = 1; | |
1979 | } else if (body_buf && body_size) { | |
1980 | http->out.offset += body_size; | |
1981 | check_size += body_size; | |
1982 | memBufAppend(&mb, body_buf, body_size); | |
2246b732 | 1983 | } |
bbe3cbdc | 1984 | if (!http->request->range && http->request->method == METHOD_GET) |
bcd3b08a | 1985 | assert(check_size == size); |
9f086470 | 1986 | /* write */ |
1987 | comm_write_mbuf(fd, mb, clientWriteComplete, http); | |
2246b732 | 1988 | /* if we don't do it, who will? */ |
db1cd23c | 1989 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
7a2f978b | 1990 | } |
1991 | ||
f4f278b5 | 1992 | /* |
1993 | * clientWriteBodyComplete is called for MEM_CLIENT_SOCK_BUF's | |
1994 | * written directly to the client socket, versus copying to a MemBuf | |
1995 | * and going through comm_write_mbuf. Most non-range responses after | |
1996 | * the headers probably go through here. | |
1997 | */ | |
1998 | static void | |
1999 | clientWriteBodyComplete(int fd, char *buf, size_t size, int errflag, void *data) | |
2000 | { | |
2001 | /* | |
2002 | * NOTE: clientWriteComplete doesn't currently use its "buf" | |
2003 | * (second) argument, so we pass in NULL. | |
2004 | */ | |
2005 | clientWriteComplete(fd, NULL, size, errflag, data); | |
2006 | memFree(buf, MEM_CLIENT_SOCK_BUF); | |
2007 | } | |
2008 | ||
21f2031d | 2009 | static void |
1a92a1e2 | 2010 | clientKeepaliveNextRequest(clientHttpRequest * http) |
2011 | { | |
2012 | ConnStateData *conn = http->conn; | |
2013 | StoreEntry *entry; | |
ebb6e9a0 | 2014 | debug(33, 3) ("clientKeepaliveNextRequest: FD %d\n", conn->fd); |
1a92a1e2 | 2015 | conn->defer.until = 0; /* Kick it to read a new request */ |
2016 | httpRequestFree(http); | |
21f2031d | 2017 | if ((http = conn->chr) == NULL) { |
2018 | debug(33, 5) ("clientKeepaliveNextRequest: FD %d reading next req\n", | |
2019 | conn->fd); | |
94439e4e | 2020 | fd_note(conn->fd, "Waiting for next request"); |
21f2031d | 2021 | /* |
2022 | * Set the timeout BEFORE calling clientReadRequest(). | |
2023 | */ | |
8851b98c | 2024 | commSetTimeout(conn->fd, Config.Timeout.pconn, requestTimeout, conn); |
7f6ffd15 | 2025 | /* |
2026 | * CYGWIN has a problem and is blocking on read() requests when there | |
2027 | * is no data present. | |
2028 | * This hack may hit performance a little, but it's better than | |
2029 | * blocking!. | |
2030 | */ | |
b05490a8 | 2031 | #ifdef _SQUID_CYGWIN_ |
7f6ffd15 | 2032 | commSetSelect(conn->fd, COMM_SELECT_READ, clientReadRequest, conn, 0); |
b05490a8 | 2033 | #else |
21f2031d | 2034 | clientReadRequest(conn->fd, conn); /* Read next request */ |
b05490a8 | 2035 | #endif |
21f2031d | 2036 | /* |
2037 | * Note, the FD may be closed at this point. | |
2038 | */ | |
2039 | } else if ((entry = http->entry) == NULL) { | |
2040 | /* | |
2041 | * this request is in progress, maybe doing an ACL or a redirect, | |
2042 | * execution will resume after the operation completes. | |
2043 | */ | |
2044 | } else { | |
1a92a1e2 | 2045 | debug(33, 1) ("clientKeepaliveNextRequest: FD %d Sending next\n", |
2046 | conn->fd); | |
7ddc902f | 2047 | assert(entry); |
06d2839d | 2048 | if (0 == storeClientCopyPending(http->sc, entry, http)) { |
b7fe0ab0 | 2049 | if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) |
2050 | debug(33, 0) ("clientKeepaliveNextRequest: ENTRY_ABORTED\n"); | |
06d2839d | 2051 | storeClientCopy(http->sc, entry, |
1a92a1e2 | 2052 | http->out.offset, |
2053 | http->out.offset, | |
cc27d775 | 2054 | CLIENT_SOCK_SZ, |
2055 | memAllocate(MEM_CLIENT_SOCK_BUF), | |
1a92a1e2 | 2056 | clientSendMoreData, |
2057 | http); | |
2058 | } | |
1a92a1e2 | 2059 | } |
2060 | } | |
2061 | ||
fc5d6f7f | 2062 | static void |
79a15e0a | 2063 | clientWriteComplete(int fd, char *bufnotused, size_t size, int errflag, void *data) |
7a2f978b | 2064 | { |
2065 | clientHttpRequest *http = data; | |
7a2f978b | 2066 | StoreEntry *entry = http->entry; |
b34ed725 | 2067 | int done; |
7a2f978b | 2068 | http->out.size += size; |
93f9abd0 | 2069 | debug(33, 5) ("clientWriteComplete: FD %d, sz %d, err %d, off %d, len %d\n", |
007b8be4 | 2070 | fd, size, errflag, (int) http->out.offset, entry ? objectLen(entry) : 0); |
d8b83480 | 2071 | if (size > 0) { |
83704487 | 2072 | kb_incr(&statCounter.client_http.kbytes_out, size); |
ea285003 | 2073 | if (isTcpHit(http->log_type)) |
83704487 | 2074 | kb_incr(&statCounter.client_http.hit_kbytes_out, size); |
d8b83480 | 2075 | } |
7a2f978b | 2076 | if (errflag) { |
e55650e3 | 2077 | /* |
2078 | * just close the socket, httpRequestFree will abort if needed | |
2079 | */ | |
7a2f978b | 2080 | comm_close(fd); |
fdfc0d63 | 2081 | } else if (NULL == entry) { |
2082 | comm_close(fd); /* yuk */ | |
b7fe0ab0 | 2083 | } else if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) { |
7a2f978b | 2084 | comm_close(fd); |
a200bbd2 | 2085 | } else if ((done = clientCheckTransferDone(http)) != 0 || size == 0) { |
93f9abd0 | 2086 | debug(33, 5) ("clientWriteComplete: FD %d transfer is DONE\n", fd); |
7a2f978b | 2087 | /* We're finished case */ |
efd900cb | 2088 | if (httpReplyBodySize(http->request->method, entry->mem_obj->reply) < 0) { |
ebb6e9a0 | 2089 | debug(33, 5) ("clientWriteComplete: closing, content_length < 0\n"); |
c07aed63 | 2090 | comm_close(fd); |
2091 | } else if (!done) { | |
ebb6e9a0 | 2092 | debug(33, 5) ("clientWriteComplete: closing, !done\n"); |
c07aed63 | 2093 | comm_close(fd); |
80980266 | 2094 | } else if (clientGotNotEnough(http)) { |
2095 | debug(33, 5) ("clientWriteComplete: client didn't get all it expected\n"); | |
7a2f978b | 2096 | comm_close(fd); |
92695e5e | 2097 | } else if (http->request->flags.proxy_keepalive) { |
93f9abd0 | 2098 | debug(33, 5) ("clientWriteComplete: FD %d Keeping Alive\n", fd); |
1a92a1e2 | 2099 | clientKeepaliveNextRequest(http); |
7a2f978b | 2100 | } else { |
2101 | comm_close(fd); | |
2102 | } | |
a560ee93 | 2103 | } else if (clientReplyBodyTooLarge(entry->mem_obj->reply, (int) http->out.offset)) { |
0483b991 | 2104 | comm_close(fd); |
7a2f978b | 2105 | } else { |
2106 | /* More data will be coming from primary server; register with | |
2107 | * storage manager. */ | |
b7fe0ab0 | 2108 | if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) |
2109 | debug(33, 0) ("clientWriteComplete 2: ENTRY_ABORTED\n"); | |
06d2839d | 2110 | storeClientCopy(http->sc, entry, |
7a2f978b | 2111 | http->out.offset, |
2112 | http->out.offset, | |
cc27d775 | 2113 | CLIENT_SOCK_SZ, |
2114 | memAllocate(MEM_CLIENT_SOCK_BUF), | |
7a2f978b | 2115 | clientSendMoreData, |
2116 | http); | |
2117 | } | |
2118 | } | |
2119 | ||
038eb4ed | 2120 | /* |
99edd1c3 | 2121 | * client issued a request with an only-if-cached cache-control directive; |
038eb4ed | 2122 | * we did not find a cached object that can be returned without |
99edd1c3 | 2123 | * contacting other servers; |
038eb4ed | 2124 | * respond with a 504 (Gateway Timeout) as suggested in [RFC 2068] |
2125 | */ | |
2126 | static void | |
2127 | clientProcessOnlyIfCachedMiss(clientHttpRequest * http) | |
2128 | { | |
2129 | char *url = http->uri; | |
2130 | request_t *r = http->request; | |
2131 | ErrorState *err = NULL; | |
2132 | debug(33, 4) ("clientProcessOnlyIfCachedMiss: '%s %s'\n", | |
2133 | RequestMethodStr[r->method], url); | |
038eb4ed | 2134 | http->al.http.code = HTTP_GATEWAY_TIMEOUT; |
2135 | err = errorCon(ERR_ONLY_IF_CACHED_MISS, HTTP_GATEWAY_TIMEOUT); | |
2136 | err->request = requestLink(r); | |
2137 | err->src_addr = http->conn->peer.sin_addr; | |
d173c77d | 2138 | if (http->entry) { |
06d2839d | 2139 | storeUnregister(http->sc, http->entry, http); |
e1dcf02d | 2140 | http->sc = NULL; |
d173c77d | 2141 | storeUnlockObject(http->entry); |
2142 | } | |
92695e5e | 2143 | http->entry = clientCreateStoreEntry(http, r->method, null_request_flags); |
038eb4ed | 2144 | errorAppendEntry(http->entry, err); |
2145 | } | |
2146 | ||
cd7a423d | 2147 | /* |
7b1e21ff | 2148 | * Return true if we should force a cache miss on this range request. |
2149 | * entry must be non-NULL. | |
cd7a423d | 2150 | */ |
2151 | static int | |
7b1e21ff | 2152 | clientCheckRangeForceMiss(StoreEntry * entry, HttpHdrRange * range) |
cd7a423d | 2153 | { |
cd7a423d | 2154 | /* |
7b1e21ff | 2155 | * If the range_offset_limit is NOT in effect, there |
2156 | * is no reason to force a miss. | |
cd7a423d | 2157 | */ |
7b1e21ff | 2158 | if (0 == httpHdrRangeOffsetLimit(range)) |
cd7a423d | 2159 | return 0; |
2160 | /* | |
7b1e21ff | 2161 | * Here, we know it's possibly a hit. If we already have the |
cd7a423d | 2162 | * whole object cached, we won't force a miss. |
2163 | */ | |
2164 | if (STORE_OK == entry->store_status) | |
2165 | return 0; /* we have the whole object */ | |
2166 | /* | |
2167 | * Now we have a hit on a PENDING object. We need to see | |
2168 | * if the part we want is already cached. If so, we don't | |
2169 | * force a miss. | |
2170 | */ | |
2171 | assert(NULL != entry->mem_obj); | |
7b1e21ff | 2172 | if (httpHdrRangeFirstOffset(range) <= entry->mem_obj->inmem_hi) |
cd7a423d | 2173 | return 0; |
2174 | /* | |
2175 | * Even though we have a PENDING copy of the object, we | |
2176 | * don't want to wait to reach the first range offset, | |
2177 | * so we force a miss for a new range request to the | |
2178 | * origin. | |
2179 | */ | |
2180 | return 1; | |
2181 | } | |
2182 | ||
50ddd7a4 | 2183 | static log_type |
2184 | clientProcessRequest2(clientHttpRequest * http) | |
2185 | { | |
1b95ce49 | 2186 | request_t *r = http->request; |
50ddd7a4 | 2187 | StoreEntry *e; |
f66a9ef4 | 2188 | e = http->entry = storeGetPublicByRequest(r); |
afc1e43f | 2189 | /* Release negatively cached IP-cache entries on reload */ |
2190 | if (r->flags.nocache) | |
ecc3091b | 2191 | ipcacheInvalidate(r->host); |
afc1e43f | 2192 | #if HTTP_VIOLATIONS |
2193 | else if (r->flags.nocache_hack) | |
ecc3091b | 2194 | ipcacheInvalidate(r->host); |
afc1e43f | 2195 | #endif |
6cfa8966 | 2196 | #if USE_CACHE_DIGESTS |
57b1ff70 | 2197 | http->lookup_type = e ? "HIT" : "MISS"; |
1ca847dd | 2198 | #endif |
49d3fcb0 | 2199 | if (NULL == e) { |
50ddd7a4 | 2200 | /* this object isn't in the cache */ |
ac18f51a | 2201 | debug(33, 3) ("clientProcessRequest2: storeGet() MISS\n"); |
50ddd7a4 | 2202 | return LOG_TCP_MISS; |
d87ebd78 | 2203 | } |
2204 | if (Config.onoff.offline) { | |
ac18f51a | 2205 | debug(33, 3) ("clientProcessRequest2: offline HIT\n"); |
b540e168 | 2206 | http->entry = e; |
2207 | return LOG_TCP_HIT; | |
d87ebd78 | 2208 | } |
40fd4e8d | 2209 | if (http->redirect.status) { |
2210 | /* force this to be a miss */ | |
2211 | http->entry = NULL; | |
2212 | return LOG_TCP_MISS; | |
2213 | } | |
d87ebd78 | 2214 | if (!storeEntryValidToSend(e)) { |
ac18f51a | 2215 | debug(33, 3) ("clientProcessRequest2: !storeEntryValidToSend MISS\n"); |
50ddd7a4 | 2216 | http->entry = NULL; |
2217 | return LOG_TCP_MISS; | |
41587298 | 2218 | } |
2219 | if (EBIT_TEST(e->flags, ENTRY_SPECIAL)) { | |
abe471ef | 2220 | /* Special entries are always hits, no matter what the client says */ |
ac18f51a | 2221 | debug(33, 3) ("clientProcessRequest2: ENTRY_SPECIAL HIT\n"); |
abe471ef | 2222 | http->entry = e; |
2223 | return LOG_TCP_HIT; | |
41587298 | 2224 | } |
9f60cfdf | 2225 | #if HTTP_VIOLATIONS |
92b74dd5 | 2226 | if (e->store_status == STORE_PENDING) { |
2227 | if (r->flags.nocache || r->flags.nocache_hack) { | |
2228 | debug(33, 3) ("Clearing no-cache for STORE_PENDING request\n\t%s\n", | |
2229 | storeUrl(e)); | |
2230 | r->flags.nocache = 0; | |
2231 | r->flags.nocache_hack = 0; | |
2232 | } | |
1b95ce49 | 2233 | } |
9f60cfdf | 2234 | #endif |
41587298 | 2235 | if (r->flags.nocache) { |
ac18f51a | 2236 | debug(33, 3) ("clientProcessRequest2: no-cache REFRESH MISS\n"); |
50ddd7a4 | 2237 | http->entry = NULL; |
ecc3091b | 2238 | ipcacheInvalidate(r->host); |
ee1679df | 2239 | return LOG_TCP_CLIENT_REFRESH_MISS; |
7ddc902f | 2240 | } |
60b8e0e5 | 2241 | if (NULL == r->range) { |
2242 | (void) 0; | |
2243 | } else if (httpHdrRangeWillBeComplex(r->range)) { | |
7ddc902f | 2244 | /* |
2245 | * Some clients break if we return "200 OK" for a Range | |
2246 | * request. We would have to return "200 OK" for a _complex_ | |
2247 | * Range request that is also a HIT. Thus, let's prevent HITs | |
2248 | * on complex Range requests | |
2249 | */ | |
ac18f51a | 2250 | debug(33, 3) ("clientProcessRequest2: complex range MISS\n"); |
5d679edb | 2251 | http->entry = NULL; |
cd7a423d | 2252 | return LOG_TCP_MISS; |
7b1e21ff | 2253 | } else if (clientCheckRangeForceMiss(e, r->range)) { |
2a4506f1 | 2254 | debug(33, 3) ("clientProcessRequest2: forcing miss due to range_offset_limit\n"); |
cd7a423d | 2255 | http->entry = NULL; |
5d679edb | 2256 | return LOG_TCP_MISS; |
50ddd7a4 | 2257 | } |
ac18f51a | 2258 | debug(33, 3) ("clientProcessRequest2: default HIT\n"); |
41587298 | 2259 | http->entry = e; |
2260 | return LOG_TCP_HIT; | |
50ddd7a4 | 2261 | } |
2262 | ||
4c323c5f | 2263 | static void |
fb63215a | 2264 | clientProcessRequest(clientHttpRequest * http) |
7a2f978b | 2265 | { |
23d92c64 | 2266 | char *url = http->uri; |
50ddd7a4 | 2267 | request_t *r = http->request; |
fb63215a | 2268 | int fd = http->conn->fd; |
1bea1d83 | 2269 | HttpReply *rep; |
ccf44862 | 2270 | http_version_t version; |
93f9abd0 | 2271 | debug(33, 4) ("clientProcessRequest: %s '%s'\n", |
50ddd7a4 | 2272 | RequestMethodStr[r->method], |
7a2f978b | 2273 | url); |
fb63215a | 2274 | if (r->method == METHOD_CONNECT) { |
7a2f978b | 2275 | http->log_type = LOG_TCP_MISS; |
974ba0ee | 2276 | sslStart(fd, url, r, &http->out.size, &http->al.http.code); |
ea0efb98 | 2277 | return; |
fb63215a | 2278 | } else if (r->method == METHOD_PURGE) { |
ea0efb98 | 2279 | clientPurgeRequest(http); |
2280 | return; | |
fb63215a | 2281 | } else if (r->method == METHOD_TRACE) { |
50ddd7a4 | 2282 | if (r->max_forwards == 0) { |
92695e5e | 2283 | http->entry = clientCreateStoreEntry(http, r->method, null_request_flags); |
b17b22eb | 2284 | storeReleaseRequest(http->entry); |
2285 | storeBuffer(http->entry); | |
1bea1d83 | 2286 | rep = httpReplyCreate(); |
bffee5af | 2287 | httpBuildVersion(&version, 1, 0); |
ccf44862 | 2288 | httpReplySetHeaders(rep, version, HTTP_OK, NULL, "text/plain", |
2246b732 | 2289 | httpRequestPrefixLen(r), 0, squid_curtime); |
1bea1d83 | 2290 | httpReplySwapOut(rep, http->entry); |
2291 | httpReplyDestroy(rep); | |
2246b732 | 2292 | httpRequestSwapOut(r, http->entry); |
b17b22eb | 2293 | storeComplete(http->entry); |
7a2f978b | 2294 | return; |
2295 | } | |
2296 | /* yes, continue */ | |
6addbd81 | 2297 | http->log_type = LOG_TCP_MISS; |
31be8b80 | 2298 | } else { |
efb9218c | 2299 | http->log_type = clientProcessRequest2(http); |
7a2f978b | 2300 | } |
93f9abd0 | 2301 | debug(33, 4) ("clientProcessRequest: %s for '%s'\n", |
7a2f978b | 2302 | log_tags[http->log_type], |
23d92c64 | 2303 | http->uri); |
7a2f978b | 2304 | http->out.offset = 0; |
49d3fcb0 | 2305 | if (NULL != http->entry) { |
2306 | storeLockObject(http->entry); | |
2307 | storeCreateMemObject(http->entry, http->uri, http->log_uri); | |
2391a162 | 2308 | http->entry->mem_obj->method = r->method; |
06d2839d | 2309 | http->sc = storeClientListAdd(http->entry, http); |
447e176b | 2310 | #if DELAY_POOLS |
b2585f7e | 2311 | delaySetStoreClient(http->sc, delayClient(r)); |
2b906e48 | 2312 | #endif |
06d2839d | 2313 | storeClientCopy(http->sc, http->entry, |
7a2f978b | 2314 | http->out.offset, |
2315 | http->out.offset, | |
cc27d775 | 2316 | CLIENT_SOCK_SZ, |
2317 | memAllocate(MEM_CLIENT_SOCK_BUF), | |
7a2f978b | 2318 | clientCacheHit, |
2319 | http); | |
49d3fcb0 | 2320 | } else { |
05f18bd0 | 2321 | /* MISS CASE, http->log_type is already set! */ |
fb63215a | 2322 | clientProcessMiss(http); |
7a2f978b | 2323 | } |
2324 | } | |
2325 | ||
2326 | /* | |
2327 | * Prepare to fetch the object as it's a cache miss of some kind. | |
2328 | */ | |
2329 | static void | |
fb63215a | 2330 | clientProcessMiss(clientHttpRequest * http) |
7a2f978b | 2331 | { |
23d92c64 | 2332 | char *url = http->uri; |
f44af445 | 2333 | request_t *r = http->request; |
7a2f978b | 2334 | ErrorState *err = NULL; |
93f9abd0 | 2335 | debug(33, 4) ("clientProcessMiss: '%s %s'\n", |
f44af445 | 2336 | RequestMethodStr[r->method], url); |
79e0dc20 | 2337 | /* |
2338 | * We might have a left-over StoreEntry from a failed cache hit | |
2339 | * or IMS request. | |
2340 | */ | |
2341 | if (http->entry) { | |
d20b1cd0 | 2342 | if (EBIT_TEST(http->entry->flags, ENTRY_SPECIAL)) { |
12784378 | 2343 | debug(33, 0) ("clientProcessMiss: miss on a special object (%s).\n", url); |
d20b1cd0 | 2344 | debug(33, 0) ("\tlog_type = %s\n", log_tags[http->log_type]); |
2345 | storeEntryDump(http->entry, 1); | |
2346 | } | |
06d2839d | 2347 | storeUnregister(http->sc, http->entry, http); |
e1dcf02d | 2348 | http->sc = NULL; |
79e0dc20 | 2349 | storeUnlockObject(http->entry); |
2350 | http->entry = NULL; | |
2351 | } | |
f66a9ef4 | 2352 | if (r->method == METHOD_PURGE) { |
2353 | clientPurgeRequest(http); | |
2354 | return; | |
2355 | } | |
7c1d4010 | 2356 | if (clientOnlyIfCached(http)) { |
2357 | clientProcessOnlyIfCachedMiss(http); | |
2358 | return; | |
2359 | } | |
9330543e | 2360 | /* |
2361 | * Deny loops when running in accelerator/transproxy mode. | |
2362 | */ | |
92695e5e | 2363 | if (http->flags.accel && r->flags.loopdetect) { |
9330543e | 2364 | http->al.http.code = HTTP_FORBIDDEN; |
2365 | err = errorCon(ERR_ACCESS_DENIED, HTTP_FORBIDDEN); | |
2366 | err->request = requestLink(r); | |
2367 | err->src_addr = http->conn->peer.sin_addr; | |
92695e5e | 2368 | http->entry = clientCreateStoreEntry(http, r->method, null_request_flags); |
9330543e | 2369 | errorAppendEntry(http->entry, err); |
2370 | return; | |
2371 | } | |
79e0dc20 | 2372 | assert(http->out.offset == 0); |
f44af445 | 2373 | http->entry = clientCreateStoreEntry(http, r->method, r->flags); |
6d38ef86 | 2374 | if (http->redirect.status) { |
2375 | HttpReply *rep = httpReplyCreate(); | |
efd900cb | 2376 | #if LOG_TCP_REDIRECTS |
2377 | http->log_type = LOG_TCP_REDIRECT; | |
2378 | #endif | |
6d38ef86 | 2379 | storeReleaseRequest(http->entry); |
2380 | httpRedirectReply(rep, http->redirect.status, http->redirect.location); | |
2381 | httpReplySwapOut(rep, http->entry); | |
2382 | httpReplyDestroy(rep); | |
2383 | storeComplete(http->entry); | |
2384 | return; | |
2385 | } | |
1da5651f | 2386 | if (http->flags.internal) |
2387 | r->protocol = PROTO_INTERNAL; | |
7e3ce7b9 | 2388 | fwdStart(http->conn->fd, http->entry, r); |
7a2f978b | 2389 | } |
2390 | ||
99edd1c3 | 2391 | static clientHttpRequest * |
2392 | parseHttpRequestAbort(ConnStateData * conn, const char *uri) | |
2393 | { | |
28c60158 | 2394 | clientHttpRequest *http; |
72711e31 | 2395 | http = cbdataAlloc(clientHttpRequest); |
99edd1c3 | 2396 | http->conn = conn; |
2397 | http->start = current_time; | |
2398 | http->req_sz = conn->in.offset; | |
2399 | http->uri = xstrdup(uri); | |
c68e9c6b | 2400 | http->log_uri = xstrndup(uri, MAX_URL); |
d192d11f | 2401 | http->range_iter.boundary = StringNull; |
0f1bc304 | 2402 | dlinkAdd(http, &http->active, &ClientActiveRequests); |
99edd1c3 | 2403 | return http; |
2404 | } | |
2405 | ||
7a2f978b | 2406 | /* |
2407 | * parseHttpRequest() | |
2408 | * | |
2409 | * Returns | |
2410 | * NULL on error or incomplete request | |
2411 | * a clientHttpRequest structure on success | |
2412 | */ | |
2413 | static clientHttpRequest * | |
2414 | parseHttpRequest(ConnStateData * conn, method_t * method_p, int *status, | |
ea285003 | 2415 | char **prefix_p, size_t * req_line_sz_p) |
7a2f978b | 2416 | { |
2417 | char *inbuf = NULL; | |
2418 | char *mstr = NULL; | |
2419 | char *url = NULL; | |
2420 | char *req_hdr = NULL; | |
ccf44862 | 2421 | http_version_t http_ver; |
7a2f978b | 2422 | char *token = NULL; |
2423 | char *t = NULL; | |
2334c194 | 2424 | char *end; |
7a2f978b | 2425 | size_t header_sz; /* size of headers, not including first line */ |
ea285003 | 2426 | size_t prefix_sz; /* size of whole request (req-line + headers) */ |
7a2f978b | 2427 | size_t url_sz; |
c68e9c6b | 2428 | size_t req_sz; |
7a2f978b | 2429 | method_t method; |
2430 | clientHttpRequest *http = NULL; | |
5cafc1d6 | 2431 | #if IPF_TRANSPARENT |
2432 | struct natlookup natLookup; | |
2433 | static int natfd = -1; | |
6efce75c | 2434 | static int siocgnatl_cmd = SIOCGNATL & 0xff; |
2435 | int x; | |
5cafc1d6 | 2436 | #endif |
d852fbad | 2437 | #if LINUX_NETFILTER |
2438 | size_t sock_sz = sizeof(conn->me); | |
2439 | #endif | |
7a2f978b | 2440 | |
c68e9c6b | 2441 | if ((req_sz = headersEnd(conn->in.buf, conn->in.offset)) == 0) { |
2442 | debug(33, 5) ("Incomplete request, waiting for end of headers\n"); | |
7a2f978b | 2443 | *status = 0; |
08e70b8f | 2444 | *prefix_p = NULL; |
2445 | *method_p = METHOD_NONE; | |
7a2f978b | 2446 | return NULL; |
2447 | } | |
c68e9c6b | 2448 | assert(req_sz <= conn->in.offset); |
2449 | /* Use memcpy, not strdup! */ | |
2450 | inbuf = xmalloc(req_sz + 1); | |
2451 | xmemcpy(inbuf, conn->in.buf, req_sz); | |
2452 | *(inbuf + req_sz) = '\0'; | |
7a2f978b | 2453 | |
99edd1c3 | 2454 | /* pre-set these values to make aborting simpler */ |
2455 | *prefix_p = inbuf; | |
2456 | *method_p = METHOD_NONE; | |
2457 | *status = -1; | |
2458 | ||
c68e9c6b | 2459 | /* Barf on NULL characters in the headers */ |
2460 | if (strlen(inbuf) != req_sz) { | |
2461 | debug(33, 1) ("parseHttpRequest: Requestheader contains NULL characters\n"); | |
2462 | return parseHttpRequestAbort(conn, "error:invalid-request"); | |
2463 | } | |
7a2f978b | 2464 | /* Look for request method */ |
2465 | if ((mstr = strtok(inbuf, "\t ")) == NULL) { | |
93f9abd0 | 2466 | debug(33, 1) ("parseHttpRequest: Can't get request method\n"); |
99edd1c3 | 2467 | return parseHttpRequestAbort(conn, "error:invalid-request-method"); |
7a2f978b | 2468 | } |
2469 | method = urlParseMethod(mstr); | |
2470 | if (method == METHOD_NONE) { | |
93f9abd0 | 2471 | debug(33, 1) ("parseHttpRequest: Unsupported method '%s'\n", mstr); |
99edd1c3 | 2472 | return parseHttpRequestAbort(conn, "error:unsupported-request-method"); |
7a2f978b | 2473 | } |
93f9abd0 | 2474 | debug(33, 5) ("parseHttpRequest: Method is '%s'\n", mstr); |
3775d53c | 2475 | *method_p = method; |
7a2f978b | 2476 | |
d548ee64 | 2477 | /* look for URL+HTTP/x.x */ |
c68e9c6b | 2478 | if ((url = strtok(NULL, "\n")) == NULL) { |
93f9abd0 | 2479 | debug(33, 1) ("parseHttpRequest: Missing URL\n"); |
99edd1c3 | 2480 | return parseHttpRequestAbort(conn, "error:missing-url"); |
7a2f978b | 2481 | } |
b6a2f15e | 2482 | while (xisspace(*url)) |
c68e9c6b | 2483 | url++; |
d548ee64 | 2484 | t = url + strlen(url); |
2485 | assert(*t == '\0'); | |
2486 | token = NULL; | |
2487 | while (t > url) { | |
2488 | t--; | |
b6a2f15e | 2489 | if (xisspace(*t) && !strncmp(t + 1, "HTTP/", 5)) { |
d548ee64 | 2490 | token = t + 1; |
2491 | break; | |
2492 | } | |
2493 | } | |
b6a2f15e | 2494 | while (t > url && xisspace(*t)) |
d548ee64 | 2495 | *(t--) = '\0'; |
2496 | debug(33, 5) ("parseHttpRequest: URI is '%s'\n", url); | |
2497 | if (token == NULL) { | |
93f9abd0 | 2498 | debug(33, 3) ("parseHttpRequest: Missing HTTP identifier\n"); |
46052490 | 2499 | #if RELAXED_HTTP_PARSER |
bffee5af | 2500 | httpBuildVersion(&http_ver, 0, 9); /* wild guess */ |
46052490 | 2501 | #else |
99edd1c3 | 2502 | return parseHttpRequestAbort(conn, "error:missing-http-ident"); |
7518fce5 | 2503 | #endif |
99edd1c3 | 2504 | } else { |
bffee5af | 2505 | if (sscanf(token + 5, "%d.%d", &http_ver.major, &http_ver.minor) != 2) { |
2506 | debug(33, 3) ("parseHttpRequest: Invalid HTTP identifier.\n"); | |
2507 | return parseHttpRequestAbort(conn, "error: invalid HTTP-ident"); | |
2508 | } | |
2509 | debug(33, 6) ("parseHttpRequest: Client HTTP version %d.%d.\n", http_ver.major, http_ver.minor); | |
99edd1c3 | 2510 | } |
7a2f978b | 2511 | |
c68e9c6b | 2512 | /* |
2513 | * Process headers after request line | |
2514 | */ | |
2515 | req_hdr = strtok(NULL, null_string); | |
2516 | header_sz = req_sz - (req_hdr - inbuf); | |
2334c194 | 2517 | if (0 == header_sz) { |
1a92a1e2 | 2518 | debug(33, 3) ("parseHttpRequest: header_sz == 0\n"); |
7a2f978b | 2519 | *status = 0; |
2520 | return NULL; | |
2521 | } | |
754b9ce9 | 2522 | assert(header_sz > 0); |
2523 | debug(33, 3) ("parseHttpRequest: req_hdr = {%s}\n", req_hdr); | |
2334c194 | 2524 | end = req_hdr + header_sz; |
04990e2d | 2525 | debug(33, 3) ("parseHttpRequest: end = {%s}\n", end); |
99edd1c3 | 2526 | |
99edd1c3 | 2527 | prefix_sz = end - inbuf; |
2528 | *req_line_sz_p = req_hdr - inbuf; | |
ea285003 | 2529 | debug(33, 3) ("parseHttpRequest: prefix_sz = %d, req_line_sz = %d\n", |
99edd1c3 | 2530 | (int) prefix_sz, (int) *req_line_sz_p); |
2531 | assert(prefix_sz <= conn->in.offset); | |
7a2f978b | 2532 | |
2533 | /* Ok, all headers are received */ | |
72711e31 | 2534 | http = cbdataAlloc(clientHttpRequest); |
7a2f978b | 2535 | http->http_ver = http_ver; |
2536 | http->conn = conn; | |
2537 | http->start = current_time; | |
99edd1c3 | 2538 | http->req_sz = prefix_sz; |
d192d11f | 2539 | http->range_iter.boundary = StringNull; |
99edd1c3 | 2540 | *prefix_p = xmalloc(prefix_sz + 1); |
2541 | xmemcpy(*prefix_p, conn->in.buf, prefix_sz); | |
2542 | *(*prefix_p + prefix_sz) = '\0'; | |
0f1bc304 | 2543 | dlinkAdd(http, &http->active, &ClientActiveRequests); |
7a2f978b | 2544 | |
ea285003 | 2545 | debug(33, 5) ("parseHttpRequest: Request Header is\n%s\n", (*prefix_p) + *req_line_sz_p); |
7a2f978b | 2546 | if ((t = strchr(url, '#'))) /* remove HTML anchors */ |
2547 | *t = '\0'; | |
2548 | ||
4162ee3b | 2549 | /* handle internal objects */ |
1da5651f | 2550 | if (internalCheck(url)) { |
4162ee3b | 2551 | /* prepend our name & port */ |
1da5651f | 2552 | http->uri = xstrdup(internalLocalUri(NULL, url)); |
77ed547a | 2553 | http->flags.internal = 1; |
c68e9c6b | 2554 | http->flags.accel = 1; |
4162ee3b | 2555 | } |
7a2f978b | 2556 | /* see if we running in Config2.Accel.on, if so got to convert it to URL */ |
4162ee3b | 2557 | else if (Config2.Accel.on && *url == '/') { |
7a2f978b | 2558 | /* prepend the accel prefix */ |
dbfed404 | 2559 | if (opt_accel_uses_host && (t = mime_get_header(req_hdr, "Host"))) { |
40457767 | 2560 | int vport; |
42b51993 | 2561 | char *q; |
a2c963ae | 2562 | const char *protocol_name = "http"; |
40457767 | 2563 | if (vport_mode) |
2564 | vport = (int) ntohs(http->conn->me.sin_port); | |
2565 | else | |
2566 | vport = (int) Config.Accel.port; | |
7a2f978b | 2567 | /* If a Host: header was specified, use it to build the URL |
2568 | * instead of the one in the Config file. */ | |
2569 | /* | |
2570 | * XXX Use of the Host: header here opens a potential | |
2571 | * security hole. There are no checks that the Host: value | |
2572 | * corresponds to one of your servers. It might, for example, | |
2573 | * refer to www.playboy.com. The 'dst' and/or 'dst_domain' ACL | |
2574 | * types should be used to prevent httpd-accelerators | |
2575 | * handling requests for non-local servers */ | |
42b51993 | 2576 | strtok(t, " /;@"); |
2577 | if ((q = strchr(t, ':'))) { | |
2578 | *q++ = '\0'; | |
40457767 | 2579 | if (vport_mode) |
2580 | vport = atoi(q); | |
42b51993 | 2581 | } |
12fc602c | 2582 | url_sz = strlen(url) + 32 + Config.appendDomainLen + |
2583 | strlen(t); | |
23d92c64 | 2584 | http->uri = xcalloc(url_sz, 1); |
1f7c9178 | 2585 | |
2586 | #if SSL_FORWARDING_NOT_YET_DONE | |
2587 | if (Config.Sockaddr.https->s.sin_port == http->conn->me.sin_port) { | |
2588 | protocol_name = "https"; | |
2589 | vport = ntohs(http->conn->me.sin_port); | |
2590 | } | |
2591 | #endif | |
2592 | snprintf(http->uri, url_sz, "%s://%s:%d%s", | |
2593 | protocol_name, t, vport, url); | |
dbfed404 | 2594 | } else if (vhost_mode) { |
42b51993 | 2595 | int vport; |
dbfed404 | 2596 | /* Put the local socket IP address as the hostname */ |
2597 | url_sz = strlen(url) + 32 + Config.appendDomainLen; | |
2598 | http->uri = xcalloc(url_sz, 1); | |
42b51993 | 2599 | if (vport_mode) |
2600 | vport = (int) ntohs(http->conn->me.sin_port); | |
2601 | else | |
2602 | vport = (int) Config.Accel.port; | |
5cafc1d6 | 2603 | #if IPF_TRANSPARENT |
135171fe | 2604 | natLookup.nl_inport = http->conn->me.sin_port; |
2605 | natLookup.nl_outport = http->conn->peer.sin_port; | |
2606 | natLookup.nl_inip = http->conn->me.sin_addr; | |
2607 | natLookup.nl_outip = http->conn->peer.sin_addr; | |
2608 | natLookup.nl_flags = IPN_TCP; | |
2609 | if (natfd < 0) | |
2610 | natfd = open(IPL_NAT, O_RDONLY, 0); | |
2611 | if (natfd < 0) { | |
2612 | debug(50, 1) ("parseHttpRequest: NAT open failed: %s\n", | |
2613 | xstrerror()); | |
ac18f51a | 2614 | return parseHttpRequestAbort(conn, "error:nat-open-failed"); |
5cafc1d6 | 2615 | } |
6efce75c | 2616 | /* |
2617 | * IP-Filter changed the type for SIOCGNATL between | |
2618 | * 3.3 and 3.4. It also changed the cmd value for | |
2619 | * SIOCGNATL, so at least we can detect it. We could | |
2620 | * put something in configure and use ifdefs here, but | |
2621 | * this seems simpler. | |
2622 | */ | |
2623 | if (63 == siocgnatl_cmd) { | |
2624 | struct natlookup *nlp = &natLookup; | |
2625 | x = ioctl(natfd, SIOCGNATL, &nlp); | |
2626 | } else { | |
2627 | x = ioctl(natfd, SIOCGNATL, &natLookup); | |
2628 | } | |
2629 | if (x < 0) { | |
ac18f51a | 2630 | if (errno != ESRCH) { |
2631 | debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL)\n"); | |
2632 | close(natfd); | |
2633 | natfd = -1; | |
2634 | return parseHttpRequestAbort(conn, "error:nat-lookup-failed"); | |
2635 | } else | |
2636 | snprintf(http->uri, url_sz, "http://%s:%d%s", | |
2637 | inet_ntoa(http->conn->me.sin_addr), | |
42b51993 | 2638 | vport, url); |
52ee8bdd | 2639 | } else { |
2640 | if (vport_mode) | |
2641 | vport = natLookup.nl_realport; | |
2642 | snprintf(http->uri, url_sz, "http://%s:%d%s", | |
2643 | inet_ntoa(natLookup.nl_realip), | |
2644 | vport, url); | |
2645 | } | |
5cafc1d6 | 2646 | #else |
d852fbad | 2647 | #if LINUX_NETFILTER |
f0debecb | 2648 | /* If the call fails the address structure will be unchanged */ |
2649 | getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz); | |
2650 | debug(33, 5) ("parseHttpRequest: addr = %s", inet_ntoa(conn->me.sin_addr)); | |
40457767 | 2651 | if (vport_mode) |
2652 | vport = (int) ntohs(http->conn->me.sin_port); | |
d852fbad | 2653 | #endif |
dbfed404 | 2654 | snprintf(http->uri, url_sz, "http://%s:%d%s", |
2655 | inet_ntoa(http->conn->me.sin_addr), | |
42b51993 | 2656 | vport, url); |
5cafc1d6 | 2657 | #endif |
93f9abd0 | 2658 | debug(33, 5) ("VHOST REWRITE: '%s'\n", http->uri); |
7a2f978b | 2659 | } else { |
2660 | url_sz = strlen(Config2.Accel.prefix) + strlen(url) + | |
2661 | Config.appendDomainLen + 1; | |
23d92c64 | 2662 | http->uri = xcalloc(url_sz, 1); |
2663 | snprintf(http->uri, url_sz, "%s%s", Config2.Accel.prefix, url); | |
7a2f978b | 2664 | } |
77ed547a | 2665 | http->flags.accel = 1; |
7a2f978b | 2666 | } else { |
2667 | /* URL may be rewritten later, so make extra room */ | |
2668 | url_sz = strlen(url) + Config.appendDomainLen + 5; | |
23d92c64 | 2669 | http->uri = xcalloc(url_sz, 1); |
2670 | strcpy(http->uri, url); | |
77ed547a | 2671 | http->flags.accel = 0; |
7a2f978b | 2672 | } |
7e3ce7b9 | 2673 | if (!stringHasCntl(http->uri)) |
c68e9c6b | 2674 | http->log_uri = xstrndup(http->uri, MAX_URL); |
d548ee64 | 2675 | else |
9bc73deb | 2676 | http->log_uri = xstrndup(rfc1738_escape_unescaped(http->uri), MAX_URL); |
93f9abd0 | 2677 | debug(33, 5) ("parseHttpRequest: Complete request received\n"); |
7a2f978b | 2678 | xfree(inbuf); |
7a2f978b | 2679 | *status = 1; |
2680 | return http; | |
2681 | } | |
2682 | ||
2683 | static int | |
79d39a72 | 2684 | clientReadDefer(int fdnotused, void *data) |
7a2f978b | 2685 | { |
2686 | ConnStateData *conn = data; | |
94439e4e | 2687 | if (conn->body.size_left) |
ec7c5e3e | 2688 | return conn->in.offset >= conn->in.size - 1; |
94439e4e | 2689 | else |
2690 | return conn->defer.until > squid_curtime; | |
7a2f978b | 2691 | } |
2692 | ||
2693 | static void | |
2694 | clientReadRequest(int fd, void *data) | |
2695 | { | |
2696 | ConnStateData *conn = data; | |
2697 | int parser_return_code = 0; | |
7a2f978b | 2698 | request_t *request = NULL; |
7a2f978b | 2699 | int size; |
58cd5bbd | 2700 | void *p; |
7a2f978b | 2701 | method_t method; |
2702 | clientHttpRequest *http = NULL; | |
2703 | clientHttpRequest **H = NULL; | |
08e70b8f | 2704 | char *prefix = NULL; |
7a2f978b | 2705 | ErrorState *err = NULL; |
2706 | fde *F = &fd_table[fd]; | |
44db45e8 | 2707 | int len = conn->in.size - conn->in.offset - 1; |
93f9abd0 | 2708 | debug(33, 4) ("clientReadRequest: FD %d: reading request...\n", fd); |
ec7c5e3e | 2709 | commSetSelect(fd, COMM_SELECT_READ, clientReadRequest, conn, 0); |
28ee8ce5 | 2710 | if (len == 0) { |
2711 | /* Grow the request memory area to accomodate for a large request */ | |
2712 | conn->in.size += CLIENT_REQ_BUF_SZ; | |
2713 | if (conn->in.size == 2 * CLIENT_REQ_BUF_SZ) { | |
2714 | p = conn->in.buf; /* get rid of fixed size Pooled buffer */ | |
2715 | conn->in.buf = xcalloc(2, CLIENT_REQ_BUF_SZ); | |
2716 | xmemcpy(conn->in.buf, p, CLIENT_REQ_BUF_SZ); | |
2717 | memFree(p, MEM_CLIENT_REQ_BUF); | |
2718 | } else | |
2719 | conn->in.buf = xrealloc(conn->in.buf, conn->in.size); | |
2720 | /* XXX account conn->in.buf */ | |
2721 | debug(33, 2) ("growing request buffer: offset=%ld size=%ld\n", | |
6fbf8998 | 2722 | (long) conn->in.offset, (long) conn->in.size); |
28ee8ce5 | 2723 | len = conn->in.size - conn->in.offset - 1; |
2724 | } | |
83704487 | 2725 | statCounter.syscalls.sock.reads++; |
1f7c9178 | 2726 | size = FD_READ_METHOD(fd, conn->in.buf + conn->in.offset, len); |
d8b83480 | 2727 | if (size > 0) { |
ea285003 | 2728 | fd_bytes(fd, size, FD_READ); |
83704487 | 2729 | kb_incr(&statCounter.client_http.kbytes_in, size); |
d8b83480 | 2730 | } |
44db45e8 | 2731 | /* |
2732 | * Don't reset the timeout value here. The timeout value will be | |
2733 | * set to Config.Timeout.request by httpAccept() and | |
2734 | * clientWriteComplete(), and should apply to the request as a | |
2735 | * whole, not individual read() calls. Plus, it breaks our | |
2736 | * lame half-close detection | |
2737 | */ | |
94439e4e | 2738 | if (size > 0) { |
2739 | conn->in.offset += size; | |
2740 | conn->in.buf[conn->in.offset] = '\0'; /* Terminate the string */ | |
28ee8ce5 | 2741 | } else if (size == 0) { |
94439e4e | 2742 | if (conn->chr == NULL && conn->in.offset == 0) { |
7a2f978b | 2743 | /* no current or pending requests */ |
94439e4e | 2744 | debug(33, 4) ("clientReadRequest: FD %d closed\n", fd); |
7a2f978b | 2745 | comm_close(fd); |
2746 | return; | |
ea285003 | 2747 | } else if (!Config.onoff.half_closed_clients) { |
2748 | /* admin doesn't want to support half-closed client sockets */ | |
94439e4e | 2749 | debug(33, 3) ("clientReadRequest: FD %d aborted (half_closed_clients disabled)\n", fd); |
ea285003 | 2750 | comm_close(fd); |
2751 | return; | |
7a2f978b | 2752 | } |
2753 | /* It might be half-closed, we can't tell */ | |
93f9abd0 | 2754 | debug(33, 5) ("clientReadRequest: FD %d closed?\n", fd); |
58a6c186 | 2755 | F->flags.socket_eof = 1; |
7a2f978b | 2756 | conn->defer.until = squid_curtime + 1; |
2757 | conn->defer.n++; | |
44db45e8 | 2758 | fd_note(fd, "half-closed"); |
94439e4e | 2759 | /* There is one more close check at the end, to detect aborted |
2760 | * (partial) requests. At this point we can't tell if the request | |
2761 | * is partial. | |
2762 | */ | |
2763 | /* Continue to process previously read data */ | |
7a2f978b | 2764 | } else if (size < 0) { |
6d3caf23 | 2765 | if (!ignoreErrno(errno)) { |
7a2f978b | 2766 | debug(50, 2) ("clientReadRequest: FD %d: %s\n", fd, xstrerror()); |
2767 | comm_close(fd); | |
ebf4efff | 2768 | return; |
47130615 | 2769 | } else if (conn->in.offset == 0) { |
7c1d4010 | 2770 | debug(50, 2) ("clientReadRequest: FD %d: no data to process (%s)\n", fd, xstrerror()); |
7a2f978b | 2771 | } |
ebf4efff | 2772 | /* Continue to process previously read data */ |
7a2f978b | 2773 | } |
94439e4e | 2774 | /* Process request body if any */ |
2775 | if (conn->in.offset > 0 && conn->body.callback != NULL) | |
2776 | clientProcessBody(conn); | |
2777 | /* Process next request */ | |
2778 | while (conn->in.offset > 0 && conn->body.size_left == 0) { | |
ebf4efff | 2779 | int nrequests; |
cff0c749 | 2780 | size_t req_line_sz; |
94439e4e | 2781 | /* Skip leading (and trailing) whitespace */ |
b6a2f15e | 2782 | while (conn->in.offset > 0 && xisspace(conn->in.buf[0])) { |
9a6f98a5 | 2783 | xmemmove(conn->in.buf, conn->in.buf + 1, conn->in.offset - 1); |
2784 | conn->in.offset--; | |
2785 | } | |
2786 | conn->in.buf[conn->in.offset] = '\0'; /* Terminate the string */ | |
2787 | if (conn->in.offset == 0) | |
2788 | break; | |
ebf4efff | 2789 | /* Limit the number of concurrent requests to 2 */ |
2790 | for (H = &conn->chr, nrequests = 0; *H; H = &(*H)->next, nrequests++); | |
3d15e2d7 | 2791 | if (nrequests >= (Config.onoff.pipeline_prefetch ? 2 : 1)) { |
badd8ff0 | 2792 | debug(33, 3) ("clientReadRequest: FD %d max concurrent requests reached\n", fd); |
93f9abd0 | 2793 | debug(33, 5) ("clientReadRequest: FD %d defering new request until one is done\n", fd); |
47130615 | 2794 | conn->defer.until = squid_curtime + 100; /* Reset when a request is complete */ |
ebf4efff | 2795 | break; |
2796 | } | |
94439e4e | 2797 | conn->in.buf[conn->in.offset] = '\0'; /* Terminate the string */ |
2798 | if (nrequests == 0) | |
2799 | fd_note(conn->fd, "Reading next request"); | |
ebf4efff | 2800 | /* Process request */ |
7a2f978b | 2801 | http = parseHttpRequest(conn, |
2802 | &method, | |
2803 | &parser_return_code, | |
99edd1c3 | 2804 | &prefix, |
2805 | &req_line_sz); | |
13f11a4a | 2806 | if (!http) |
2807 | safe_free(prefix); | |
7a2f978b | 2808 | if (http) { |
2809 | assert(http->req_sz > 0); | |
2810 | conn->in.offset -= http->req_sz; | |
2811 | assert(conn->in.offset >= 0); | |
ebb6e9a0 | 2812 | debug(33, 5) ("conn->in.offset = %d\n", (int) conn->in.offset); |
6fa92aa2 | 2813 | /* |
2814 | * If we read past the end of this request, move the remaining | |
2815 | * data to the beginning | |
2816 | */ | |
2817 | if (conn->in.offset > 0) | |
dbfed404 | 2818 | xmemmove(conn->in.buf, conn->in.buf + http->req_sz, conn->in.offset); |
ebf4efff | 2819 | /* add to the client request queue */ |
7a2f978b | 2820 | for (H = &conn->chr; *H; H = &(*H)->next); |
2821 | *H = http; | |
2822 | conn->nrequests++; | |
7ec87701 | 2823 | /* |
2824 | * I wanted to lock 'http' here since its callback data for | |
2825 | * clientLifetimeTimeout(), but there's no logical place to | |
2826 | * cbdataUnlock if the timeout never happens. Maybe its safe | |
2827 | * enough to assume that if the FD is open, and the timeout | |
2828 | * triggers, that 'http' is valid. | |
2829 | */ | |
b5c39993 | 2830 | commSetTimeout(fd, Config.Timeout.lifetime, clientLifetimeTimeout, http); |
3775d53c | 2831 | if (parser_return_code < 0) { |
93f9abd0 | 2832 | debug(33, 1) ("clientReadRequest: FD %d Invalid Request\n", fd); |
3775d53c | 2833 | err = errorCon(ERR_INVALID_REQ, HTTP_BAD_REQUEST); |
2834 | err->request_hdrs = xstrdup(conn->in.buf); | |
92695e5e | 2835 | http->entry = clientCreateStoreEntry(http, method, null_request_flags); |
3775d53c | 2836 | errorAppendEntry(http->entry, err); |
13f11a4a | 2837 | safe_free(prefix); |
3775d53c | 2838 | break; |
2839 | } | |
23d92c64 | 2840 | if ((request = urlParse(method, http->uri)) == NULL) { |
93f9abd0 | 2841 | debug(33, 5) ("Invalid URL: %s\n", http->uri); |
7a2f978b | 2842 | err = errorCon(ERR_INVALID_URL, HTTP_BAD_REQUEST); |
2843 | err->src_addr = conn->peer.sin_addr; | |
23d92c64 | 2844 | err->url = xstrdup(http->uri); |
7a2f978b | 2845 | http->al.http.code = err->http_status; |
92695e5e | 2846 | http->entry = clientCreateStoreEntry(http, method, null_request_flags); |
79e0dc20 | 2847 | errorAppendEntry(http->entry, err); |
99edd1c3 | 2848 | safe_free(prefix); |
7a2f978b | 2849 | break; |
99edd1c3 | 2850 | } else { |
2851 | /* compile headers */ | |
2852 | /* we should skip request line! */ | |
ea285003 | 2853 | if (!httpRequestParseHeader(request, prefix + req_line_sz)) |
99edd1c3 | 2854 | debug(33, 1) ("Failed to parse request headers: %s\n%s\n", |
2855 | http->uri, prefix); | |
2856 | /* continue anyway? */ | |
7a2f978b | 2857 | } |
c68e9c6b | 2858 | request->flags.accelerated = http->flags.accel; |
ba26bca4 | 2859 | if (!http->flags.internal) { |
2860 | if (internalCheck(strBuf(request->urlpath))) { | |
1f38f50a | 2861 | if (internalHostnameIs(request->host) && |
7e3ce7b9 | 2862 | request->port == ntohs(Config.Sockaddr.http->s.sin_port)) { |
b6a2f15e | 2863 | http->flags.internal = 1; |
ba26bca4 | 2864 | } else if (internalStaticCheck(strBuf(request->urlpath))) { |
c68e9c6b | 2865 | xstrncpy(request->host, internalHostname(), SQUIDHOSTNAMELEN); |
7e3ce7b9 | 2866 | request->port = ntohs(Config.Sockaddr.http->s.sin_port); |
5999b776 | 2867 | http->flags.internal = 1; |
ba26bca4 | 2868 | } |
2869 | } | |
2870 | } | |
1f38f50a | 2871 | /* |
2872 | * cache the Content-length value in request_t. | |
2873 | */ | |
2874 | request->content_length = httpHeaderGetInt(&request->header, | |
2875 | HDR_CONTENT_LENGTH); | |
c68e9c6b | 2876 | request->flags.internal = http->flags.internal; |
13f11a4a | 2877 | safe_free(prefix); |
23d92c64 | 2878 | safe_free(http->log_uri); |
2879 | http->log_uri = xstrdup(urlCanonicalClean(request)); | |
7a2f978b | 2880 | request->client_addr = conn->peer.sin_addr; |
3c11d1f5 | 2881 | request->my_addr = conn->me.sin_addr; |
7e3ce7b9 | 2882 | request->my_port = ntohs(conn->me.sin_port); |
7a2f978b | 2883 | request->http_ver = http->http_ver; |
7a2f978b | 2884 | if (!urlCheckRequest(request)) { |
2885 | err = errorCon(ERR_UNSUP_REQ, HTTP_NOT_IMPLEMENTED); | |
2886 | err->src_addr = conn->peer.sin_addr; | |
7a2f978b | 2887 | err->request = requestLink(request); |
df4ba4bf | 2888 | request->flags.proxy_keepalive = 0; |
7a2f978b | 2889 | http->al.http.code = err->http_status; |
92695e5e | 2890 | http->entry = clientCreateStoreEntry(http, request->method, null_request_flags); |
79e0dc20 | 2891 | errorAppendEntry(http->entry, err); |
3775d53c | 2892 | break; |
7a2f978b | 2893 | } |
94439e4e | 2894 | if (!clientCheckContentLength(request)) { |
db93e79c | 2895 | err = errorCon(ERR_INVALID_REQ, HTTP_LENGTH_REQUIRED); |
31be8b80 | 2896 | err->src_addr = conn->peer.sin_addr; |
2897 | err->request = requestLink(request); | |
2898 | http->al.http.code = err->http_status; | |
92695e5e | 2899 | http->entry = clientCreateStoreEntry(http, request->method, null_request_flags); |
31be8b80 | 2900 | errorAppendEntry(http->entry, err); |
2901 | break; | |
2902 | } | |
7a2f978b | 2903 | http->request = requestLink(request); |
c68e9c6b | 2904 | clientSetKeepaliveFlag(http); |
94439e4e | 2905 | /* Do we expect a request-body? */ |
2906 | if (request->content_length > 0) { | |
2907 | conn->body.size_left = request->content_length; | |
2908 | request->body_connection = conn; | |
2909 | /* Is it too large? */ | |
2910 | if (clientRequestBodyTooLarge(request->content_length)) { | |
321e06a6 | 2911 | err = errorCon(ERR_TOO_BIG, HTTP_REQUEST_ENTITY_TOO_LARGE); |
0483b991 | 2912 | err->request = requestLink(request); |
2913 | http->entry = clientCreateStoreEntry(http, | |
2914 | METHOD_NONE, null_request_flags); | |
2915 | errorAppendEntry(http->entry, err); | |
2916 | break; | |
2917 | } | |
7a2f978b | 2918 | } |
2aecf121 | 2919 | clientAccessCheck(http); |
94439e4e | 2920 | continue; /* while offset > 0 && body.size_left == 0 */ |
7a2f978b | 2921 | } else if (parser_return_code == 0) { |
2922 | /* | |
2923 | * Partial request received; reschedule until parseHttpRequest() | |
2924 | * is happy with the input | |
2925 | */ | |
28ee8ce5 | 2926 | if (conn->in.offset >= Config.maxRequestHeaderSize) { |
2927 | /* The request is too large to handle */ | |
2928 | debug(33, 1) ("Request header is too large (%d bytes)\n", | |
2929 | (int) conn->in.offset); | |
2930 | debug(33, 1) ("Config 'request_header_max_size'= %d bytes.\n", | |
2931 | Config.maxRequestHeaderSize); | |
2932 | err = errorCon(ERR_TOO_BIG, HTTP_REQUEST_ENTITY_TOO_LARGE); | |
2933 | http = parseHttpRequestAbort(conn, "error:request-too-large"); | |
2934 | /* add to the client request queue */ | |
2935 | for (H = &conn->chr; *H; H = &(*H)->next); | |
2936 | *H = http; | |
2937 | http->entry = clientCreateStoreEntry(http, METHOD_NONE, null_request_flags); | |
2938 | errorAppendEntry(http->entry, err); | |
2939 | return; | |
7a2f978b | 2940 | } |
7a2f978b | 2941 | break; |
7a2f978b | 2942 | } |
94439e4e | 2943 | } /* while offset > 0 && conn->body.size_left == 0 */ |
2944 | /* Check if a half-closed connection was aborted in the middle */ | |
2945 | if (F->flags.socket_eof) { | |
2946 | if (conn->in.offset != conn->body.size_left) { /* != 0 when no request body */ | |
2947 | /* Partial request received. Abort client connection! */ | |
28ee8ce5 | 2948 | debug(33, 3) ("clientReadRequest: FD %d aborted, partial request\n", fd); |
94439e4e | 2949 | comm_close(fd); |
2950 | return; | |
2951 | } | |
2952 | } | |
2953 | } | |
2954 | ||
2955 | /* file_read like function, for reading body content */ | |
2956 | void | |
2957 | clientReadBody(request_t * request, char *buf, size_t size, CBCB * callback, void *cbdata) | |
2958 | { | |
2959 | ConnStateData *conn = request->body_connection; | |
2960 | if (!conn) { | |
2961 | debug(33, 5) ("clientReadBody: no body to read, request=%p\n", request); | |
2962 | callback(buf, 0, cbdata); /* Signal end of body */ | |
2963 | return; | |
7a2f978b | 2964 | } |
94439e4e | 2965 | debug(33, 2) ("clientReadBody: start fd=%d body_size=%d in.offset=%d cb=%p req=%p\n", conn->fd, conn->body.size_left, conn->in.offset, callback, request); |
2966 | conn->body.callback = callback; | |
2967 | conn->body.cbdata = cbdata; | |
2968 | conn->body.buf = buf; | |
2969 | conn->body.bufsize = size; | |
2970 | conn->body.request = requestLink(request); | |
28ee8ce5 | 2971 | clientProcessBody(conn); |
94439e4e | 2972 | } |
2973 | ||
2974 | /* Called by clientReadRequest to process body content */ | |
2975 | static void | |
2976 | clientProcessBody(ConnStateData * conn) | |
2977 | { | |
2978 | int size; | |
2979 | char *buf = conn->body.buf; | |
2980 | void *cbdata = conn->body.cbdata; | |
2981 | CBCB *callback = conn->body.callback; | |
2982 | request_t *request = conn->body.request; | |
2983 | /* Note: request is null while eating "aborted" transfers */ | |
2984 | debug(33, 2) ("clientProcessBody: start fd=%d body_size=%d in.offset=%d cb=%p req=%p\n", conn->fd, conn->body.size_left, conn->in.offset, callback, request); | |
28ee8ce5 | 2985 | if (conn->in.offset) { |
2986 | /* Some sanity checks... */ | |
2987 | assert(conn->body.size_left > 0); | |
2988 | assert(conn->in.offset > 0); | |
2989 | assert(callback != NULL); | |
2990 | assert(buf != NULL); | |
2991 | /* How much do we have to process? */ | |
2992 | size = conn->in.offset; | |
2993 | if (size > conn->body.size_left) /* only process the body part */ | |
2994 | size = conn->body.size_left; | |
2995 | if (size > conn->body.bufsize) /* don't copy more than requested */ | |
2996 | size = conn->body.bufsize; | |
2997 | xmemcpy(buf, conn->in.buf, size); | |
2998 | conn->body.size_left -= size; | |
2999 | /* Move any remaining data */ | |
3000 | conn->in.offset -= size; | |
3001 | if (conn->in.offset > 0) | |
3002 | xmemmove(conn->in.buf, conn->in.buf + size, conn->in.offset); | |
3003 | /* Remove request link if this is the last part of the body, as | |
3004 | * clientReadRequest automatically continues to process next request */ | |
3005 | if (conn->body.size_left <= 0 && request != NULL) | |
3006 | request->body_connection = NULL; | |
3007 | /* Remove clientReadBody arguments (the call is completed) */ | |
3008 | conn->body.request = NULL; | |
3009 | conn->body.callback = NULL; | |
3010 | conn->body.buf = NULL; | |
3011 | conn->body.bufsize = 0; | |
3012 | /* Remember that we have touched the body, not restartable */ | |
3013 | if (request != NULL) | |
3014 | request->flags.body_sent = 1; | |
3015 | /* Invoke callback function */ | |
3016 | callback(buf, size, cbdata); | |
3017 | if (request != NULL) | |
3018 | requestUnlink(request); /* Linked in clientReadBody */ | |
3019 | debug(33, 2) ("clientProcessBody: end fd=%d size=%d body_size=%d in.offset=%d cb=%p req=%p\n", conn->fd, size, conn->body.size_left, conn->in.offset, callback, request); | |
3020 | } | |
94439e4e | 3021 | } |
3022 | ||
3023 | /* A dummy handler that throws away a request-body */ | |
3024 | static char bodyAbortBuf[SQUID_TCP_SO_RCVBUF]; | |
2d72d4fd | 3025 | static void |
94439e4e | 3026 | clientReadBodyAbortHandler(char *buf, size_t size, void *data) |
3027 | { | |
3028 | ConnStateData *conn = (ConnStateData *) data; | |
3029 | debug(33, 2) ("clientReadBodyAbortHandler: fd=%d body_size=%d in.offset=%d\n", conn->fd, conn->body.size_left, conn->in.offset); | |
3030 | if (size != 0 && conn->body.size_left != 0) { | |
3031 | debug(33, 3) ("clientReadBodyAbortHandler: fd=%d shedule next read\n", conn->fd); | |
3032 | conn->body.callback = clientReadBodyAbortHandler; | |
3033 | conn->body.buf = bodyAbortBuf; | |
3034 | conn->body.bufsize = sizeof(bodyAbortBuf); | |
3035 | conn->body.cbdata = data; | |
3036 | } | |
3037 | } | |
3038 | ||
3039 | /* Abort a body request */ | |
3040 | int | |
3041 | clientAbortBody(request_t * request) | |
3042 | { | |
3043 | ConnStateData *conn = request->body_connection; | |
3044 | char *buf; | |
3045 | CBCB *callback; | |
3046 | void *cbdata; | |
3047 | request->body_connection = NULL; | |
3048 | if (!conn || conn->body.size_left <= 0) | |
3049 | return 0; /* No body to abort */ | |
3050 | if (conn->body.callback != NULL) { | |
3051 | buf = conn->body.buf; | |
3052 | callback = conn->body.callback; | |
3053 | cbdata = conn->body.cbdata; | |
3054 | assert(request == conn->body.request); | |
3055 | conn->body.buf = NULL; | |
3056 | conn->body.callback = NULL; | |
3057 | conn->body.cbdata = NULL; | |
3058 | conn->body.request = NULL; | |
3059 | callback(buf, -1, cbdata); /* Signal abort to clientReadBody caller */ | |
3060 | requestUnlink(request); | |
3061 | } | |
3062 | clientReadBodyAbortHandler(NULL, -1, conn); /* Install abort handler */ | |
3063 | /* clientProcessBody() */ | |
3064 | return 1; /* Aborted */ | |
7a2f978b | 3065 | } |
3066 | ||
3067 | /* general lifetime handler for HTTP requests */ | |
3068 | static void | |
3069 | requestTimeout(int fd, void *data) | |
3070 | { | |
ad63ceea | 3071 | #if THIS_CONFUSES_PERSISTENT_CONNECTION_AWARE_BROWSERS_AND_USERS |
7a2f978b | 3072 | ConnStateData *conn = data; |
3073 | ErrorState *err; | |
badd8ff0 | 3074 | debug(33, 3) ("requestTimeout: FD %d: lifetime is expired.\n", fd); |
7a2f978b | 3075 | if (fd_table[fd].rwstate) { |
79e0dc20 | 3076 | /* |
3077 | * Some data has been sent to the client, just close the FD | |
3078 | */ | |
7a2f978b | 3079 | comm_close(fd); |
3080 | } else if (conn->nrequests) { | |
79e0dc20 | 3081 | /* |
3082 | * assume its a persistent connection; just close it | |
3083 | */ | |
7a2f978b | 3084 | comm_close(fd); |
3085 | } else { | |
79e0dc20 | 3086 | /* |
3087 | * Generate an error | |
3088 | */ | |
7a2f978b | 3089 | err = errorCon(ERR_LIFETIME_EXP, HTTP_REQUEST_TIMEOUT); |
7a2f978b | 3090 | err->url = xstrdup("N/A"); |
79e0dc20 | 3091 | /* |
3092 | * Normally we shouldn't call errorSend() in client_side.c, but | |
3093 | * it should be okay in this case. Presumably if we get here | |
3094 | * this is the first request for the connection, and no data | |
3095 | * has been written yet | |
3096 | */ | |
3097 | assert(conn->chr == NULL); | |
7a2f978b | 3098 | errorSend(fd, err); |
79e0dc20 | 3099 | /* |
3100 | * if we don't close() here, we still need a timeout handler! | |
3101 | */ | |
7a2f978b | 3102 | commSetTimeout(fd, 30, requestTimeout, conn); |
7e3ce7b9 | 3103 | /* |
3104 | * Aha, but we don't want a read handler! | |
3105 | */ | |
3106 | commSetSelect(fd, COMM_SELECT_READ, NULL, NULL, 0); | |
7a2f978b | 3107 | } |
af57a2e3 | 3108 | #else |
3109 | /* | |
3110 | * Just close the connection to not confuse browsers | |
3111 | * using persistent connections. Some browsers opens | |
3112 | * an connection and then does not use it until much | |
3113 | * later (presumeably because the request triggering | |
3114 | * the open has already been completed on another | |
3115 | * connection) | |
3116 | */ | |
ad63ceea | 3117 | debug(33, 3) ("requestTimeout: FD %d: lifetime is expired.\n", fd); |
af57a2e3 | 3118 | comm_close(fd); |
3119 | #endif | |
7a2f978b | 3120 | } |
3121 | ||
b5c39993 | 3122 | static void |
3123 | clientLifetimeTimeout(int fd, void *data) | |
3124 | { | |
3125 | clientHttpRequest *http = data; | |
7ec87701 | 3126 | ConnStateData *conn = http->conn; |
b5c39993 | 3127 | debug(33, 1) ("WARNING: Closing client %s connection due to lifetime timeout\n", |
3128 | inet_ntoa(conn->peer.sin_addr)); | |
3129 | debug(33, 1) ("\t%s\n", http->uri); | |
3130 | comm_close(fd); | |
3131 | } | |
3132 | ||
ba4f8e5a | 3133 | static int |
d20b1cd0 | 3134 | httpAcceptDefer(int fdunused, void *dataunused) |
7a2f978b | 3135 | { |
3d6629c6 | 3136 | static time_t last_warn = 0; |
3137 | if (fdNFree() >= RESERVED_FD) | |
3138 | return 0; | |
3139 | if (last_warn + 15 < squid_curtime) { | |
3140 | debug(33, 0) ("WARNING! Your cache is running out of filedescriptors\n"); | |
3141 | last_warn = squid_curtime; | |
3142 | } | |
3143 | return 1; | |
7a2f978b | 3144 | } |
3145 | ||
bf8e5903 | 3146 | /* Handle a new connection on HTTP socket. */ |
7a2f978b | 3147 | void |
ba4f8e5a | 3148 | httpAccept(int sock, void *data) |
7a2f978b | 3149 | { |
d193a436 | 3150 | int *N = &incoming_sockets_accepted; |
7a2f978b | 3151 | int fd = -1; |
3152 | ConnStateData *connState = NULL; | |
3153 | struct sockaddr_in peer; | |
3154 | struct sockaddr_in me; | |
309ad3b6 | 3155 | int max = INCOMING_HTTP_MAX; |
3898f57f | 3156 | #if USE_IDENT |
a40699cd | 3157 | static aclCheck_t identChecklist; |
3898f57f | 3158 | #endif |
c411b98a | 3159 | commSetSelect(sock, COMM_SELECT_READ, httpAccept, NULL, 0); |
d20b1cd0 | 3160 | while (max-- && !httpAcceptDefer(sock, NULL)) { |
e2525655 | 3161 | memset(&peer, '\0', sizeof(struct sockaddr_in)); |
3162 | memset(&me, '\0', sizeof(struct sockaddr_in)); | |
e2525655 | 3163 | if ((fd = comm_accept(sock, &peer, &me)) < 0) { |
3164 | if (!ignoreErrno(errno)) | |
eeb423fb | 3165 | debug(50, 1) ("httpAccept: FD %d: accept failure: %s\n", |
e2525655 | 3166 | sock, xstrerror()); |
3167 | break; | |
3168 | } | |
3169 | debug(33, 4) ("httpAccept: FD %d: accepted\n", fd); | |
72711e31 | 3170 | connState = cbdataAlloc(ConnStateData); |
e2525655 | 3171 | connState->peer = peer; |
3172 | connState->log_addr = peer.sin_addr; | |
3173 | connState->log_addr.s_addr &= Config.Addrs.client_netmask.s_addr; | |
3174 | connState->me = me; | |
3175 | connState->fd = fd; | |
58cd5bbd | 3176 | connState->in.size = CLIENT_REQ_BUF_SZ; |
3177 | connState->in.buf = memAllocate(MEM_CLIENT_REQ_BUF); | |
e2525655 | 3178 | /* XXX account connState->in.buf */ |
3179 | comm_add_close_handler(fd, connStateFree, connState); | |
3180 | if (Config.onoff.log_fqdn) | |
3181 | fqdncache_gethostbyaddr(peer.sin_addr, FQDN_LOOKUP_IF_MISS); | |
3182 | commSetTimeout(fd, Config.Timeout.request, requestTimeout, connState); | |
3898f57f | 3183 | #if USE_IDENT |
a40699cd | 3184 | identChecklist.src_addr = peer.sin_addr; |
b6a2f15e | 3185 | identChecklist.my_addr = me.sin_addr; |
7e3ce7b9 | 3186 | identChecklist.my_port = ntohs(me.sin_port); |
a40699cd | 3187 | if (aclCheckFast(Config.accessList.identLookup, &identChecklist)) |
05832ae1 | 3188 | identStart(&me, &peer, clientIdentDone, connState); |
3898f57f | 3189 | #endif |
e2525655 | 3190 | commSetSelect(fd, COMM_SELECT_READ, clientReadRequest, connState, 0); |
3191 | commSetDefer(fd, clientReadDefer, connState); | |
9bc73deb | 3192 | clientdbEstablished(peer.sin_addr, 1); |
41292f79 | 3193 | assert(N); |
ba4f8e5a | 3194 | (*N)++; |
7a2f978b | 3195 | } |
7a2f978b | 3196 | } |
3197 | ||
1f7c9178 | 3198 | #if USE_SSL |
3199 | ||
3200 | /* negotiate an SSL connection */ | |
3201 | static void | |
3202 | clientNegotiateSSL(int fd, void *data) | |
3203 | { | |
3204 | ConnStateData *conn = data; | |
3205 | X509 *client_cert; | |
3206 | int ret; | |
3207 | ||
3208 | if ((ret = SSL_accept(fd_table[fd].ssl)) <= 0) { | |
3209 | if (BIO_sock_should_retry(ret)) { | |
3210 | commSetSelect(fd, COMM_SELECT_READ, clientNegotiateSSL, conn, 0); | |
3211 | return; | |
3212 | } | |
3213 | ret = ERR_get_error(); | |
a4a80ff0 | 3214 | if (ret) { |
3215 | debug(81, 1) ("clientNegotiateSSL: Error negotiating SSL connection on FD %d: %s\n", | |
3216 | fd, ERR_error_string(ret, NULL)); | |
3217 | } | |
1f7c9178 | 3218 | comm_close(fd); |
3219 | return; | |
3220 | } | |
3221 | debug(81, 5) ("clientNegotiateSSL: FD %d negotiated cipher %s\n", fd, | |
3222 | SSL_get_cipher(fd_table[fd].ssl)); | |
3223 | ||
3224 | client_cert = SSL_get_peer_certificate(fd_table[fd].ssl); | |
3225 | if (client_cert != NULL) { | |
3226 | debug(81, 5) ("clientNegotiateSSL: FD %d client certificate: subject: %s\n", fd, | |
3227 | X509_NAME_oneline(X509_get_subject_name(client_cert), 0, 0)); | |
3228 | ||
3229 | debug(81, 5) ("clientNegotiateSSL: FD %d client certificate: issuer: %s\n", fd, | |
3230 | X509_NAME_oneline(X509_get_issuer_name(client_cert), 0, 0)); | |
3231 | ||
3232 | X509_free(client_cert); | |
3233 | } else { | |
3234 | debug(81, 5) ("clientNegotiateSSL: FD %d has no certificate.\n", fd); | |
3235 | } | |
3236 | ||
3237 | commSetSelect(fd, COMM_SELECT_READ, clientReadRequest, conn, 0); | |
3238 | } | |
3239 | ||
d193a436 | 3240 | struct _https_port_data { |
3241 | SSL_CTX *sslContext; | |
3242 | }; | |
3243 | typedef struct _https_port_data https_port_data; | |
3244 | CBDATA_TYPE(https_port_data); | |
3245 | ||
1f7c9178 | 3246 | /* handle a new HTTPS connection */ |
3247 | static void | |
3248 | httpsAccept(int sock, void *data) | |
3249 | { | |
d193a436 | 3250 | int *N = &incoming_sockets_accepted; |
3251 | https_port_data *https_port = data; | |
3252 | SSL_CTX *sslContext = https_port->sslContext; | |
1f7c9178 | 3253 | int fd = -1; |
3254 | ConnStateData *connState = NULL; | |
3255 | struct sockaddr_in peer; | |
3256 | struct sockaddr_in me; | |
3257 | int max = INCOMING_HTTP_MAX; | |
3258 | SSL *ssl; | |
3259 | int ssl_error; | |
3260 | #if USE_IDENT | |
3261 | static aclCheck_t identChecklist; | |
3262 | #endif | |
d193a436 | 3263 | commSetSelect(sock, COMM_SELECT_READ, httpsAccept, https_port, 0); |
1f7c9178 | 3264 | while (max-- && !httpAcceptDefer(sock, NULL)) { |
3265 | memset(&peer, '\0', sizeof(struct sockaddr_in)); | |
3266 | memset(&me, '\0', sizeof(struct sockaddr_in)); | |
3267 | if ((fd = comm_accept(sock, &peer, &me)) < 0) { | |
3268 | if (!ignoreErrno(errno)) | |
3269 | debug(50, 1) ("httpsAccept: FD %d: accept failure: %s\n", | |
3270 | sock, xstrerror()); | |
3271 | break; | |
3272 | } | |
3273 | if ((ssl = SSL_new(sslContext)) == NULL) { | |
3274 | ssl_error = ERR_get_error(); | |
3275 | debug(81, 1) ("httpsAccept: Error allocating handle: %s\n", | |
3276 | ERR_error_string(ssl_error, NULL)); | |
3277 | break; | |
3278 | } | |
3279 | SSL_set_fd(ssl, fd); | |
3280 | fd_table[fd].ssl = ssl; | |
3281 | fd_table[fd].read_method = &ssl_read_method; | |
3282 | fd_table[fd].write_method = &ssl_write_method; | |
3283 | debug(50, 5) ("httpsAccept: FD %d accepted, starting SSL negotiation.\n", fd); | |
3284 | ||
3285 | connState = cbdataAlloc(ConnStateData); | |
3286 | connState->peer = peer; | |
3287 | connState->log_addr = peer.sin_addr; | |
3288 | connState->log_addr.s_addr &= Config.Addrs.client_netmask.s_addr; | |
3289 | connState->me = me; | |
3290 | connState->fd = fd; | |
3291 | connState->in.size = CLIENT_REQ_BUF_SZ; | |
3292 | connState->in.buf = memAllocate(MEM_CLIENT_REQ_BUF); | |
3293 | /* XXX account connState->in.buf */ | |
3294 | comm_add_close_handler(fd, connStateFree, connState); | |
3295 | if (Config.onoff.log_fqdn) | |
3296 | fqdncache_gethostbyaddr(peer.sin_addr, FQDN_LOOKUP_IF_MISS); | |
3297 | commSetTimeout(fd, Config.Timeout.request, requestTimeout, connState); | |
3298 | #if USE_IDENT | |
3299 | identChecklist.src_addr = peer.sin_addr; | |
3300 | identChecklist.my_addr = me.sin_addr; | |
3301 | identChecklist.my_port = ntohs(me.sin_port); | |
3302 | if (aclCheckFast(Config.accessList.identLookup, &identChecklist)) | |
3303 | identStart(&me, &peer, clientIdentDone, connState); | |
3304 | #endif | |
3305 | commSetSelect(fd, COMM_SELECT_READ, clientNegotiateSSL, connState, 0); | |
3306 | commSetDefer(fd, clientReadDefer, connState); | |
3307 | clientdbEstablished(peer.sin_addr, 1); | |
3308 | (*N)++; | |
3309 | } | |
3310 | } | |
3311 | ||
3312 | #endif /* USE_SSL */ | |
3313 | ||
978e455f | 3314 | #define SENDING_BODY 0 |
3315 | #define SENDING_HDRSONLY 1 | |
7a2f978b | 3316 | static int |
1b02b5be | 3317 | clientCheckTransferDone(clientHttpRequest * http) |
7a2f978b | 3318 | { |
978e455f | 3319 | int sending = SENDING_BODY; |
7a2f978b | 3320 | StoreEntry *entry = http->entry; |
978e455f | 3321 | MemObject *mem; |
3322 | http_reply *reply; | |
3323 | int sendlen; | |
7a2f978b | 3324 | if (entry == NULL) |
3325 | return 0; | |
9f086470 | 3326 | /* |
3327 | * For now, 'done_copying' is used for special cases like | |
3328 | * Range and HEAD requests. | |
3329 | */ | |
3330 | if (http->flags.done_copying) | |
3331 | return 1; | |
978e455f | 3332 | /* |
b7fe0ab0 | 3333 | * Handle STORE_OK objects. |
07304bf9 | 3334 | * objectLen(entry) will be set proprely. |
978e455f | 3335 | */ |
b7fe0ab0 | 3336 | if (entry->store_status == STORE_OK) { |
07304bf9 | 3337 | if (http->out.offset >= objectLen(entry)) |
7a2f978b | 3338 | return 1; |
513f05a6 | 3339 | else |
3340 | return 0; | |
3341 | } | |
978e455f | 3342 | /* |
3343 | * Now, handle STORE_PENDING objects | |
3344 | */ | |
3345 | mem = entry->mem_obj; | |
3346 | assert(mem != NULL); | |
3347 | assert(http->request != NULL); | |
3348 | reply = mem->reply; | |
3349 | if (reply->hdr_sz == 0) | |
b34ed725 | 3350 | return 0; /* haven't found end of headers yet */ |
cb69b4c7 | 3351 | else if (reply->sline.status == HTTP_OK) |
b34ed725 | 3352 | sending = SENDING_BODY; |
cb69b4c7 | 3353 | else if (reply->sline.status == HTTP_NO_CONTENT) |
b34ed725 | 3354 | sending = SENDING_HDRSONLY; |
cb69b4c7 | 3355 | else if (reply->sline.status == HTTP_NOT_MODIFIED) |
b34ed725 | 3356 | sending = SENDING_HDRSONLY; |
cb69b4c7 | 3357 | else if (reply->sline.status < HTTP_OK) |
a3c60429 | 3358 | sending = SENDING_HDRSONLY; |
978e455f | 3359 | else if (http->request->method == METHOD_HEAD) |
b34ed725 | 3360 | sending = SENDING_HDRSONLY; |
978e455f | 3361 | else |
3362 | sending = SENDING_BODY; | |
3363 | /* | |
3364 | * Figure out how much data we are supposed to send. | |
3365 | * If we are sending a body and we don't have a content-length, | |
b7fe0ab0 | 3366 | * then we must wait for the object to become STORE_OK. |
978e455f | 3367 | */ |
3368 | if (sending == SENDING_HDRSONLY) | |
3369 | sendlen = reply->hdr_sz; | |
038eb4ed | 3370 | else if (reply->content_length < 0) |
978e455f | 3371 | return 0; |
3372 | else | |
038eb4ed | 3373 | sendlen = reply->content_length + reply->hdr_sz; |
978e455f | 3374 | /* |
3375 | * Now that we have the expected length, did we send it all? | |
3376 | */ | |
3377 | if (http->out.offset < sendlen) | |
3378 | return 0; | |
3379 | else | |
b34ed725 | 3380 | return 1; |
7a2f978b | 3381 | } |
3382 | ||
80980266 | 3383 | static int |
3384 | clientGotNotEnough(clientHttpRequest * http) | |
3385 | { | |
efd900cb | 3386 | int cl = httpReplyBodySize(http->request->method, http->entry->mem_obj->reply); |
80980266 | 3387 | int hs = http->entry->mem_obj->reply->hdr_sz; |
3388 | assert(cl >= 0); | |
3389 | if (http->out.offset < cl + hs) | |
3390 | return 1; | |
3391 | return 0; | |
3392 | } | |
3393 | ||
7a2f978b | 3394 | /* |
3395 | * This function is designed to serve a fairly specific purpose. | |
3396 | * Occasionally our vBNS-connected caches can talk to each other, but not | |
3397 | * the rest of the world. Here we try to detect frequent failures which | |
3398 | * make the cache unusable (e.g. DNS lookup and connect() failures). If | |
3399 | * the failure:success ratio goes above 1.0 then we go into "hit only" | |
3400 | * mode where we only return UDP_HIT or UDP_MISS_NOFETCH. Neighbors | |
3401 | * will only fetch HITs from us if they are using the ICP protocol. We | |
3402 | * stay in this mode for 5 minutes. | |
3403 | * | |
3404 | * Duane W., Sept 16, 1996 | |
3405 | */ | |
3406 | ||
3407 | static void | |
88aad2e5 | 3408 | checkFailureRatio(err_type etype, hier_code hcode) |
7a2f978b | 3409 | { |
88aad2e5 | 3410 | static double magic_factor = 100.0; |
7a2f978b | 3411 | double n_good; |
3412 | double n_bad; | |
3413 | if (hcode == HIER_NONE) | |
3414 | return; | |
88aad2e5 | 3415 | n_good = magic_factor / (1.0 + request_failure_ratio); |
7a2f978b | 3416 | n_bad = magic_factor - n_good; |
88aad2e5 | 3417 | switch (etype) { |
7a2f978b | 3418 | case ERR_DNS_FAIL: |
3419 | case ERR_CONNECT_FAIL: | |
3420 | case ERR_READ_ERROR: | |
3421 | n_bad++; | |
3422 | break; | |
3423 | default: | |
3424 | n_good++; | |
3425 | } | |
88aad2e5 | 3426 | request_failure_ratio = n_bad / n_good; |
7a2f978b | 3427 | if (hit_only_mode_until > squid_curtime) |
3428 | return; | |
88aad2e5 | 3429 | if (request_failure_ratio < 1.0) |
7a2f978b | 3430 | return; |
93f9abd0 | 3431 | debug(33, 0) ("Failure Ratio at %4.2f\n", request_failure_ratio); |
3432 | debug(33, 0) ("Going into hit-only-mode for %d minutes...\n", | |
7a2f978b | 3433 | FAILURE_MODE_TIME / 60); |
3434 | hit_only_mode_until = squid_curtime + FAILURE_MODE_TIME; | |
88aad2e5 | 3435 | request_failure_ratio = 0.8; /* reset to something less than 1.0 */ |
7a2f978b | 3436 | } |
15df8349 | 3437 | |
d193a436 | 3438 | static void |
15df8349 | 3439 | clientHttpConnectionsOpen(void) |
3440 | { | |
7e3ce7b9 | 3441 | sockaddr_in_list *s; |
15df8349 | 3442 | int fd; |
7e3ce7b9 | 3443 | for (s = Config.Sockaddr.http; s; s = s->next) { |
42b51993 | 3444 | if (MAXHTTPPORTS == NHttpSockets) { |
3445 | debug(1, 1) ("WARNING: You have too many 'http_port' lines.\n"); | |
3446 | debug(1, 1) (" The limit is %d\n", MAXHTTPPORTS); | |
3447 | continue; | |
3448 | } | |
8daca701 | 3449 | enter_suid(); |
3450 | fd = comm_open(SOCK_STREAM, | |
3451 | 0, | |
7e3ce7b9 | 3452 | s->s.sin_addr, |
3453 | ntohs(s->s.sin_port), | |
8daca701 | 3454 | COMM_NONBLOCKING, |
3455 | "HTTP Socket"); | |
3456 | leave_suid(); | |
3457 | if (fd < 0) | |
3458 | continue; | |
3459 | comm_listen(fd); | |
3460 | commSetSelect(fd, COMM_SELECT_READ, httpAccept, NULL, 0); | |
d20b1cd0 | 3461 | /* |
3462 | * We need to set a defer handler here so that we don't | |
3463 | * peg the CPU with select() when we hit the FD limit. | |
3464 | */ | |
3465 | commSetDefer(fd, httpAcceptDefer, NULL); | |
7e3ce7b9 | 3466 | debug(1, 1) ("Accepting HTTP connections at %s, port %d, FD %d.\n", |
3467 | inet_ntoa(s->s.sin_addr), | |
3468 | (int) ntohs(s->s.sin_port), | |
3469 | fd); | |
8daca701 | 3470 | HttpSockets[NHttpSockets++] = fd; |
15df8349 | 3471 | } |
d193a436 | 3472 | } |
3473 | ||
3474 | #if USE_SSL | |
3475 | static void | |
3476 | clientHttpsConnectionsOpen(void) | |
3477 | { | |
3478 | https_port_list *s; | |
3479 | https_port_data *https_port; | |
3480 | int fd; | |
1f7c9178 | 3481 | for (s = Config.Sockaddr.https; s; s = s->next) { |
3482 | enter_suid(); | |
3483 | fd = comm_open(SOCK_STREAM, | |
3484 | 0, | |
3485 | s->s.sin_addr, | |
3486 | ntohs(s->s.sin_port), | |
3487 | COMM_NONBLOCKING, | |
3488 | "HTTPS Socket"); | |
3489 | leave_suid(); | |
3490 | if (fd < 0) | |
3491 | continue; | |
d193a436 | 3492 | CBDATA_INIT_TYPE(https_port_data); |
3493 | https_port = cbdataAlloc(https_port_data); | |
79d4ccdf | 3494 | https_port->sslContext = sslCreateContext(s->cert, s->key, s->version, s->cipher, s->options); |
1f7c9178 | 3495 | comm_listen(fd); |
d193a436 | 3496 | commSetSelect(fd, COMM_SELECT_READ, httpsAccept, https_port, 0); |
3497 | commSetDefer(fd, httpAcceptDefer, NULL); | |
1f7c9178 | 3498 | debug(1, 1) ("Accepting HTTPS connections at %s, port %d, FD %d.\n", |
3499 | inet_ntoa(s->s.sin_addr), | |
3500 | (int) ntohs(s->s.sin_port), | |
3501 | fd); | |
3502 | HttpSockets[NHttpSockets++] = fd; | |
3503 | } | |
d193a436 | 3504 | } |
3505 | ||
3506 | #endif | |
3507 | ||
3508 | void | |
3509 | clientOpenListenSockets(void) | |
3510 | { | |
3511 | clientHttpConnectionsOpen(); | |
3512 | #if USE_SSL | |
3513 | clientHttpsConnectionsOpen(); | |
1f7c9178 | 3514 | #endif |
15df8349 | 3515 | if (NHttpSockets < 1) |
8daca701 | 3516 | fatal("Cannot open HTTP Port"); |
15df8349 | 3517 | } |
c0fbae16 | 3518 | void |
3519 | clientHttpConnectionsClose(void) | |
3520 | { | |
3521 | int i; | |
3522 | for (i = 0; i < NHttpSockets; i++) { | |
3523 | if (HttpSockets[i] >= 0) { | |
3524 | debug(1, 1) ("FD %d Closing HTTP connection\n", HttpSockets[i]); | |
3525 | comm_close(HttpSockets[i]); | |
3526 | HttpSockets[i] = -1; | |
3527 | } | |
3528 | } | |
3529 | NHttpSockets = 0; | |
3530 | } | |
f66a9ef4 | 3531 | |
3532 | int | |
3533 | varyEvaluateMatch(StoreEntry * entry, request_t * request) | |
3534 | { | |
3535 | const char *vary = request->vary_headers; | |
3536 | int has_vary = httpHeaderHas(&entry->mem_obj->reply->header, HDR_VARY); | |
3537 | #if X_ACCELERATOR_VARY | |
3538 | has_vary |= httpHeaderHas(&entry->mem_obj->reply->header, HDR_X_ACCELERATOR_VARY); | |
3539 | #endif | |
3540 | if (!has_vary || !entry->mem_obj->vary_headers) { | |
3541 | if (vary) { | |
3542 | /* Oops... something odd is going on here.. */ | |
3543 | debug(33, 1) ("varyEvaluateMatch: Oops. Not a Vary object on second attempt, '%s' '%s'\n", | |
3544 | entry->mem_obj->url, vary); | |
3545 | safe_free(request->vary_headers); | |
3546 | return VARY_CANCEL; | |
3547 | } | |
3548 | if (!has_vary) { | |
3549 | /* This is not a varying object */ | |
3550 | return VARY_NONE; | |
3551 | } | |
3552 | /* virtual "vary" object found. Calculate the vary key and | |
3553 | * continue the search | |
3554 | */ | |
3555 | vary = request->vary_headers = xstrdup(httpMakeVaryMark(request, entry->mem_obj->reply)); | |
3556 | if (vary) | |
3557 | return VARY_OTHER; | |
3558 | else { | |
3559 | /* Ouch.. we cannot handle this kind of variance */ | |
3560 | /* XXX This cannot really happen, but just to be complete */ | |
3561 | return VARY_CANCEL; | |
3562 | } | |
3563 | } else { | |
3564 | if (!vary) | |
3565 | vary = request->vary_headers = xstrdup(httpMakeVaryMark(request, entry->mem_obj->reply)); | |
3566 | if (!vary) { | |
3567 | /* Ouch.. we cannot handle this kind of variance */ | |
3568 | /* XXX This cannot really happen, but just to be complete */ | |
3569 | return VARY_CANCEL; | |
3570 | } else if (strcmp(vary, entry->mem_obj->vary_headers) == 0) { | |
3571 | return VARY_MATCH; | |
3572 | } else { | |
3573 | /* Oops.. we have already been here and still haven't | |
3574 | * found the requested variant. Bail out | |
3575 | */ | |
3576 | debug(33, 1) ("varyEvaluateMatch: Oops. Not a Vary match on second attempt, '%s' '%s'\n", | |
3577 | entry->mem_obj->url, vary); | |
3578 | return VARY_CANCEL; | |
3579 | } | |
3580 | } | |
3581 | } |