]>
Commit | Line | Data |
---|---|---|
3c66d057 | 1 | |
dd11e0b7 | 2 | /* |
049d61bb | 3 | * $Id: client_side.cc,v 1.560 2001/12/01 18:03:10 hno Exp $ |
dd11e0b7 | 4 | * |
5 | * DEBUG: section 33 Client-side Routines | |
6 | * AUTHOR: Duane Wessels | |
7 | * | |
2b6662ba | 8 | * SQUID Web Proxy Cache http://www.squid-cache.org/ |
e25c139f | 9 | * ---------------------------------------------------------- |
dd11e0b7 | 10 | * |
2b6662ba | 11 | * Squid is the result of efforts by numerous individuals from |
12 | * the Internet community; see the CONTRIBUTORS file for full | |
13 | * details. Many organizations have provided support for Squid's | |
14 | * development; see the SPONSORS file for full details. Squid is | |
15 | * Copyrighted (C) 2001 by the Regents of the University of | |
16 | * California; see the COPYRIGHT file for full details. Squid | |
17 | * incorporates software developed and/or copyrighted by other | |
18 | * sources; see the CREDITS file for full details. | |
dd11e0b7 | 19 | * |
20 | * This program is free software; you can redistribute it and/or modify | |
21 | * it under the terms of the GNU General Public License as published by | |
22 | * the Free Software Foundation; either version 2 of the License, or | |
23 | * (at your option) any later version. | |
24 | * | |
25 | * This program is distributed in the hope that it will be useful, | |
26 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
27 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
28 | * GNU General Public License for more details. | |
29 | * | |
30 | * You should have received a copy of the GNU General Public License | |
31 | * along with this program; if not, write to the Free Software | |
cbdec147 | 32 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. |
e25c139f | 33 | * |
dd11e0b7 | 34 | */ |
f88bb09c | 35 | |
36 | #include "squid.h" | |
37 | ||
5cafc1d6 | 38 | #if IPF_TRANSPARENT |
39 | #if HAVE_SYS_IOCTL_H | |
40 | #include <sys/ioctl.h> | |
41 | #endif | |
42 | #include <netinet/tcp.h> | |
43 | #include <net/if.h> | |
42b51993 | 44 | #if HAVE_IP_FIL_COMPAT_H |
45 | #include <ip_fil_compat.h> | |
46 | #elif HAVE_NETINET_IP_FIL_COMPAT_H | |
47 | #include <netinet/ip_fil_compat.h> | |
48 | #elif HAVE_IP_COMPAT_H | |
5cafc1d6 | 49 | #include <ip_compat.h> |
9bc73deb | 50 | #elif HAVE_NETINET_IP_COMPAT_H |
51 | #include <netinet/ip_compat.h> | |
52 | #endif | |
53 | #if HAVE_IP_FIL_H | |
5cafc1d6 | 54 | #include <ip_fil.h> |
9bc73deb | 55 | #elif HAVE_NETINET_IP_FIL_H |
56 | #include <netinet/ip_fil.h> | |
57 | #endif | |
58 | #if HAVE_IP_NAT_H | |
5cafc1d6 | 59 | #include <ip_nat.h> |
9bc73deb | 60 | #elif HAVE_NETINET_IP_NAT_H |
61 | #include <netinet/ip_nat.h> | |
62 | #endif | |
5cafc1d6 | 63 | #endif |
64 | ||
d852fbad | 65 | #if LINUX_NETFILTER |
66 | #include <linux/netfilter_ipv4.h> | |
67 | #endif | |
5cafc1d6 | 68 | |
69 | ||
5492ad1d | 70 | #if LINGERING_CLOSE |
71 | #define comm_close comm_lingering_close | |
72 | #endif | |
73 | ||
7a2f978b | 74 | static const char *const crlf = "\r\n"; |
75 | ||
7a2f978b | 76 | #define FAILURE_MODE_TIME 300 |
77 | ||
78 | /* Local functions */ | |
79 | ||
fc5d6f7f | 80 | static CWCB clientWriteComplete; |
f4f278b5 | 81 | static CWCB clientWriteBodyComplete; |
7a2f978b | 82 | static PF clientReadRequest; |
83 | static PF connStateFree; | |
84 | static PF requestTimeout; | |
b5c39993 | 85 | static PF clientLifetimeTimeout; |
1b02b5be | 86 | static int clientCheckTransferDone(clientHttpRequest *); |
80980266 | 87 | static int clientGotNotEnough(clientHttpRequest *); |
88aad2e5 | 88 | static void checkFailureRatio(err_type, hier_code); |
fb63215a | 89 | static void clientProcessMiss(clientHttpRequest *); |
eeb423fb | 90 | static void clientBuildReplyHeader(clientHttpRequest * http, HttpReply * rep); |
99edd1c3 | 91 | static clientHttpRequest *parseHttpRequestAbort(ConnStateData * conn, const char *uri); |
7a2f978b | 92 | static clientHttpRequest *parseHttpRequest(ConnStateData *, method_t *, int *, char **, size_t *); |
582b6456 | 93 | static RH clientRedirectDone; |
4d55827a | 94 | static void clientCheckNoCache(clientHttpRequest *); |
95 | static void clientCheckNoCacheDone(int answer, void *data); | |
1b02b5be | 96 | static STCB clientHandleIMSReply; |
f5b8bbc4 | 97 | static int clientGetsOldEntry(StoreEntry * new, StoreEntry * old, request_t * request); |
98 | static int checkAccelOnly(clientHttpRequest *); | |
3898f57f | 99 | #if USE_IDENT |
05832ae1 | 100 | static IDCB clientIdentDone; |
3898f57f | 101 | #endif |
7c1d4010 | 102 | static int clientOnlyIfCached(clientHttpRequest * http); |
7a2f978b | 103 | static STCB clientSendMoreData; |
104 | static STCB clientCacheHit; | |
c68e9c6b | 105 | static void clientSetKeepaliveFlag(clientHttpRequest *); |
f6308664 | 106 | static void clientPackRangeHdr(const HttpReply * rep, const HttpHdrRangeSpec * spec, String boundary, MemBuf * mb); |
107 | static void clientPackTermBound(String boundary, MemBuf * mb); | |
99edd1c3 | 108 | static void clientInterpretRequestHeaders(clientHttpRequest *); |
fb63215a | 109 | static void clientProcessRequest(clientHttpRequest *); |
110 | static void clientProcessExpired(void *data); | |
038eb4ed | 111 | static void clientProcessOnlyIfCachedMiss(clientHttpRequest * http); |
50ddd7a4 | 112 | static int clientCachable(clientHttpRequest * http); |
113 | static int clientHierarchical(clientHttpRequest * http); | |
efb9218c | 114 | static int clientCheckContentLength(request_t * r); |
d20b1cd0 | 115 | static DEFER httpAcceptDefer; |
49d3fcb0 | 116 | static log_type clientProcessRequest2(clientHttpRequest * http); |
32754419 | 117 | static int clientReplyBodyTooLarge(HttpReply *, ssize_t clen); |
efd900cb | 118 | static int clientRequestBodyTooLarge(int clen); |
94439e4e | 119 | static void clientProcessBody(ConnStateData * conn); |
ea6f43cd | 120 | |
38d7734b | 121 | static int |
382d851a | 122 | checkAccelOnly(clientHttpRequest * http) |
38d7734b | 123 | { |
124 | /* return TRUE if someone makes a proxy request to us and | |
125 | * we are in httpd-accel only mode */ | |
f1dc9b30 | 126 | if (!Config2.Accel.on) |
38d7734b | 127 | return 0; |
17a0a4ee | 128 | if (Config.onoff.accel_with_proxy) |
38d7734b | 129 | return 0; |
382d851a | 130 | if (http->request->protocol == PROTO_CACHEOBJ) |
38d7734b | 131 | return 0; |
77ed547a | 132 | if (http->flags.accel) |
38d7734b | 133 | return 0; |
c01a01ea | 134 | if (http->request->method == METHOD_PURGE) |
135 | return 0; | |
38d7734b | 136 | return 1; |
137 | } | |
138 | ||
3898f57f | 139 | #if USE_IDENT |
9bc73deb | 140 | static void |
05832ae1 | 141 | clientIdentDone(const char *ident, void *data) |
142 | { | |
143 | ConnStateData *conn = data; | |
94439e4e | 144 | xstrncpy(conn->rfc931, ident ? ident : dash_str, USER_IDENT_SZ); |
05832ae1 | 145 | } |
94439e4e | 146 | |
3898f57f | 147 | #endif |
05832ae1 | 148 | |
4d55827a | 149 | static aclCheck_t * |
a4b8110e | 150 | clientAclChecklistCreate(const acl_access * acl, const clientHttpRequest * http) |
f88bb09c | 151 | { |
4d55827a | 152 | aclCheck_t *ch; |
382d851a | 153 | ConnStateData *conn = http->conn; |
364a0f3d | 154 | ch = aclChecklistCreate(acl, |
382d851a | 155 | http->request, |
94439e4e | 156 | conn->rfc931); |
157 | ||
3898f57f | 158 | /* |
159 | * hack for ident ACL. It needs to get full addresses, and a | |
05832ae1 | 160 | * place to store the ident result on persistent connections... |
161 | */ | |
94439e4e | 162 | /* connection oriented auth also needs these two lines for it's operation. */ |
4d55827a | 163 | ch->conn = conn; |
164 | cbdataLock(ch->conn); | |
94439e4e | 165 | |
4d55827a | 166 | return ch; |
167 | } | |
168 | ||
169 | void | |
170 | clientAccessCheck(void *data) | |
171 | { | |
172 | clientHttpRequest *http = data; | |
173 | if (checkAccelOnly(http)) { | |
307fb3c4 | 174 | /* deny proxy requests in accel_only mode */ |
bdb313a1 | 175 | debug(33, 1) ("clientAccessCheck: proxy request denied in accel_only mode\n"); |
307fb3c4 | 176 | clientAccessCheckDone(ACCESS_DENIED, http); |
4d55827a | 177 | return; |
178 | } | |
179 | http->acl_checklist = clientAclChecklistCreate(Config.accessList.http, http); | |
382d851a | 180 | aclNBCheck(http->acl_checklist, clientAccessCheckDone, http); |
f88bb09c | 181 | } |
182 | ||
7c1d4010 | 183 | /* |
184 | * returns true if client specified that the object must come from the cache | |
96e0684d | 185 | * without contacting origin server |
7c1d4010 | 186 | */ |
187 | static int | |
188 | clientOnlyIfCached(clientHttpRequest * http) | |
189 | { | |
190 | const request_t *r = http->request; | |
191 | assert(r); | |
ea285003 | 192 | return r->cache_control && |
8e092300 | 193 | EBIT_TEST(r->cache_control->mask, CC_ONLY_IF_CACHED); |
7c1d4010 | 194 | } |
195 | ||
23d92c64 | 196 | StoreEntry * |
92695e5e | 197 | clientCreateStoreEntry(clientHttpRequest * h, method_t m, request_flags flags) |
79e0dc20 | 198 | { |
199 | StoreEntry *e; | |
40defb17 | 200 | /* |
201 | * For erroneous requests, we might not have a h->request, | |
202 | * so make a fake one. | |
203 | */ | |
99edd1c3 | 204 | if (h->request == NULL) |
eb824054 | 205 | h->request = requestLink(requestCreate(m, PROTO_NONE, null_string)); |
23d92c64 | 206 | e = storeCreateEntry(h->uri, h->log_uri, flags, m); |
06d2839d | 207 | h->sc = storeClientListAdd(e, h); |
447e176b | 208 | #if DELAY_POOLS |
b2585f7e | 209 | delaySetStoreClient(h->sc, delayClient(h->request)); |
447e176b | 210 | #endif |
06d2839d | 211 | storeClientCopy(h->sc, e, 0, 0, CLIENT_SOCK_SZ, |
c68e9c6b | 212 | memAllocate(MEM_CLIENT_SOCK_BUF), clientSendMoreData, h); |
79e0dc20 | 213 | return e; |
214 | } | |
215 | ||
b8d8561b | 216 | void |
75e88d56 | 217 | clientAccessCheckDone(int answer, void *data) |
f88bb09c | 218 | { |
382d851a | 219 | clientHttpRequest *http = data; |
1810dde6 | 220 | err_type page_id; |
1cfdbcf0 | 221 | http_status status; |
9b312a19 | 222 | ErrorState *err = NULL; |
066ed5c1 | 223 | char *proxy_auth_msg = NULL; |
badd8ff0 | 224 | debug(33, 2) ("The request %s %s is %s, because it matched '%s'\n", |
225 | RequestMethodStr[http->request->method], http->uri, | |
9bc73deb | 226 | answer == ACCESS_ALLOWED ? "ALLOWED" : "DENIED", |
60df005c | 227 | AclMatchedName ? AclMatchedName : "NO ACL's"); |
94439e4e | 228 | proxy_auth_msg = authenticateAuthUserRequestMessage(http->conn->auth_user_request ? http->conn->auth_user_request : http->request->auth_user_request); |
382d851a | 229 | http->acl_checklist = NULL; |
fc5d6f7f | 230 | if (answer == ACCESS_ALLOWED) { |
9b5d1d21 | 231 | safe_free(http->uri); |
232 | http->uri = xstrdup(urlCanonical(http->request)); | |
ce66013b | 233 | assert(http->redirect_state == REDIRECT_NONE); |
382d851a | 234 | http->redirect_state = REDIRECT_PENDING; |
235 | redirectStart(http, clientRedirectDone, http); | |
f88bb09c | 236 | } else { |
23d92c64 | 237 | debug(33, 5) ("Access Denied: %s\n", http->uri); |
901e234d | 238 | debug(33, 5) ("AclMatchedName = %s\n", |
6f47fbc7 | 239 | AclMatchedName ? AclMatchedName : "<null>"); |
066ed5c1 | 240 | debug(33, 5) ("Proxy Auth Message = %s\n", |
241 | proxy_auth_msg ? proxy_auth_msg : "<null>"); | |
b6a2f15e | 242 | /* |
243 | * NOTE: get page_id here, based on AclMatchedName because | |
244 | * if USE_DELAY_POOLS is enabled, then AclMatchedName gets | |
245 | * clobbered in the clientCreateStoreEntry() call | |
246 | * just below. Pedro Ribeiro <pribeiro@isel.pt> | |
247 | */ | |
248 | page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName); | |
79a15e0a | 249 | http->log_type = LOG_TCP_DENIED; |
c68e9c6b | 250 | http->entry = clientCreateStoreEntry(http, http->request->method, |
251 | null_request_flags); | |
1cfdbcf0 | 252 | if (answer == ACCESS_REQ_PROXY_AUTH || aclIsProxyAuth(AclMatchedName)) { |
253 | if (!http->flags.accel) { | |
254 | /* Proxy authorisation needed */ | |
255 | status = HTTP_PROXY_AUTHENTICATION_REQUIRED; | |
256 | } else { | |
257 | /* WWW authorisation needed */ | |
258 | status = HTTP_UNAUTHORIZED; | |
259 | } | |
1810dde6 | 260 | if (page_id == ERR_NONE) |
1cfdbcf0 | 261 | page_id = ERR_CACHE_ACCESS_DENIED; |
262 | } else { | |
263 | status = HTTP_FORBIDDEN; | |
1810dde6 | 264 | if (page_id == ERR_NONE) |
1cfdbcf0 | 265 | page_id = ERR_ACCESS_DENIED; |
266 | } | |
267 | err = errorCon(page_id, status); | |
02922e76 | 268 | err->request = requestLink(http->request); |
269 | err->src_addr = http->conn->peer.sin_addr; | |
94439e4e | 270 | if (http->conn->auth_user_request) |
271 | err->auth_user_request = http->conn->auth_user_request; | |
272 | else if (http->request->auth_user_request) | |
273 | err->auth_user_request = http->request->auth_user_request; | |
274 | /* lock for the error state */ | |
275 | if (err->auth_user_request) | |
276 | authenticateAuthUserRequestLock(err->auth_user_request); | |
066ed5c1 | 277 | err->callback_data = NULL; |
02922e76 | 278 | errorAppendEntry(http->entry, err); |
f88bb09c | 279 | } |
280 | } | |
281 | ||
b8d8561b | 282 | static void |
283 | clientRedirectDone(void *data, char *result) | |
f88bb09c | 284 | { |
382d851a | 285 | clientHttpRequest *http = data; |
c0cdaf99 | 286 | request_t *new_request = NULL; |
382d851a | 287 | request_t *old_request = http->request; |
23d92c64 | 288 | debug(33, 5) ("clientRedirectDone: '%s' result=%s\n", http->uri, |
f88bb09c | 289 | result ? result : "NULL"); |
ce66013b | 290 | assert(http->redirect_state == REDIRECT_PENDING); |
382d851a | 291 | http->redirect_state = REDIRECT_DONE; |
6d38ef86 | 292 | if (result) { |
6fd26c18 | 293 | http_status status = (http_status) atoi(result); |
1810dde6 | 294 | if (status == HTTP_MOVED_PERMANENTLY || status == HTTP_MOVED_TEMPORARILY) { |
6d38ef86 | 295 | char *t = result; |
296 | if ((t = strchr(result, ':')) != NULL) { | |
297 | http->redirect.status = status; | |
21f2031d | 298 | http->redirect.location = xstrdup(t + 1); |
6d38ef86 | 299 | } else { |
21f2031d | 300 | debug(33, 1) ("clientRedirectDone: bad input: %s\n", result); |
6d38ef86 | 301 | } |
302 | } | |
303 | if (strcmp(result, http->uri)) | |
304 | new_request = urlParse(old_request->method, result); | |
305 | } | |
c0cdaf99 | 306 | if (new_request) { |
23d92c64 | 307 | safe_free(http->uri); |
9b5d1d21 | 308 | http->uri = xstrdup(urlCanonical(new_request)); |
20cc1450 | 309 | new_request->http_ver = old_request->http_ver; |
2246b732 | 310 | httpHeaderAppend(&new_request->header, &old_request->header); |
77ed547a | 311 | new_request->client_addr = old_request->client_addr; |
3c11d1f5 | 312 | new_request->my_addr = old_request->my_addr; |
7e3ce7b9 | 313 | new_request->my_port = old_request->my_port; |
92695e5e | 314 | new_request->flags.redirected = 1; |
62085327 | 315 | if (old_request->auth_user_request) { |
316 | new_request->auth_user_request = old_request->auth_user_request; | |
317 | authenticateAuthUserRequestLock(new_request->auth_user_request); | |
318 | } | |
94439e4e | 319 | if (old_request->body_connection) { |
320 | new_request->body_connection = old_request->body_connection; | |
321 | old_request->body_connection = NULL; | |
6cf028ab | 322 | } |
7e3ce7b9 | 323 | new_request->content_length = old_request->content_length; |
2045a403 | 324 | new_request->flags.proxy_keepalive = old_request->flags.proxy_keepalive; |
20cc1450 | 325 | requestUnlink(old_request); |
382d851a | 326 | http->request = requestLink(new_request); |
f88bb09c | 327 | } |
99edd1c3 | 328 | clientInterpretRequestHeaders(http); |
0421724f | 329 | #if HEADERS_LOG |
330 | headersLog(0, 1, request->method, request); | |
331 | #endif | |
23d92c64 | 332 | fd_note(http->conn->fd, http->uri); |
4d55827a | 333 | clientCheckNoCache(http); |
334 | } | |
335 | ||
336 | static void | |
337 | clientCheckNoCache(clientHttpRequest * http) | |
338 | { | |
339 | if (Config.accessList.noCache && http->request->flags.cachable) { | |
340 | http->acl_checklist = clientAclChecklistCreate(Config.accessList.noCache, http); | |
341 | aclNBCheck(http->acl_checklist, clientCheckNoCacheDone, http); | |
342 | } else { | |
343 | clientCheckNoCacheDone(http->request->flags.cachable, http); | |
344 | } | |
345 | } | |
346 | ||
347 | void | |
348 | clientCheckNoCacheDone(int answer, void *data) | |
349 | { | |
350 | clientHttpRequest *http = data; | |
351 | http->request->flags.cachable = answer; | |
352 | http->acl_checklist = NULL; | |
fb63215a | 353 | clientProcessRequest(http); |
e81957b7 | 354 | } |
355 | ||
fb63215a | 356 | static void |
357 | clientProcessExpired(void *data) | |
620da955 | 358 | { |
382d851a | 359 | clientHttpRequest *http = data; |
23d92c64 | 360 | char *url = http->uri; |
620da955 | 361 | StoreEntry *entry = NULL; |
23d92c64 | 362 | debug(33, 3) ("clientProcessExpired: '%s'\n", http->uri); |
b9d34cc1 | 363 | assert(http->entry->lastmod >= 0); |
7c1d4010 | 364 | /* |
365 | * check if we are allowed to contact other servers | |
366 | * @?@: Instead of a 504 (Gateway Timeout) reply, we may want to return | |
6106c6fc | 367 | * a stale entry *if* it matches client requirements |
7c1d4010 | 368 | */ |
369 | if (clientOnlyIfCached(http)) { | |
370 | clientProcessOnlyIfCachedMiss(http); | |
371 | return; | |
372 | } | |
92695e5e | 373 | http->request->flags.refresh = 1; |
382d851a | 374 | http->old_entry = http->entry; |
57ec8214 | 375 | http->old_sc = http->sc; |
b6a2f15e | 376 | /* |
377 | * Assert that 'http' is already a client of old_entry. If | |
378 | * it is not, then the beginning of the object data might get | |
379 | * freed from memory before we need to access it. | |
380 | */ | |
57ec8214 | 381 | assert(http->sc->callback_data == http); |
620da955 | 382 | entry = storeCreateEntry(url, |
23d92c64 | 383 | http->log_uri, |
382d851a | 384 | http->request->flags, |
385 | http->request->method); | |
620da955 | 386 | /* NOTE, don't call storeLockObject(), storeCreateEntry() does it */ |
06d2839d | 387 | http->sc = storeClientListAdd(entry, http); |
447e176b | 388 | #if DELAY_POOLS |
59715b38 | 389 | /* delay_id is already set on original store client */ |
b2585f7e | 390 | delaySetStoreClient(http->sc, delayClient(http->request)); |
447e176b | 391 | #endif |
9bc73deb | 392 | http->request->lastmod = http->old_entry->lastmod; |
32754419 | 393 | debug(33, 5) ("clientProcessExpired: lastmod %ld\n", (long int) entry->lastmod); |
382d851a | 394 | http->entry = entry; |
395 | http->out.offset = 0; | |
7e3ce7b9 | 396 | fwdStart(http->conn->fd, http->entry, http->request); |
f990cccc | 397 | /* Register with storage manager to receive updates when data comes in. */ |
b7fe0ab0 | 398 | if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) |
399 | debug(33, 0) ("clientProcessExpired: found ENTRY_ABORTED object\n"); | |
06d2839d | 400 | storeClientCopy(http->sc, entry, |
fe96bbe6 | 401 | http->out.offset, |
d89d1fb6 | 402 | http->out.offset, |
cc27d775 | 403 | CLIENT_SOCK_SZ, |
404 | memAllocate(MEM_CLIENT_SOCK_BUF), | |
1b02b5be | 405 | clientHandleIMSReply, |
d89d1fb6 | 406 | http); |
620da955 | 407 | } |
408 | ||
91f4d519 | 409 | static int |
410 | clientGetsOldEntry(StoreEntry * new_entry, StoreEntry * old_entry, request_t * request) | |
411 | { | |
71a8a965 | 412 | const http_status status = new_entry->mem_obj->reply->sline.status; |
413 | if (0 == status) { | |
414 | debug(33, 5) ("clientGetsOldEntry: YES, broken HTTP reply\n"); | |
415 | return 1; | |
416 | } | |
a05cea5b | 417 | /* If the reply is a failure then send the old object as a last |
418 | * resort */ | |
419 | if (status >= 500 && status < 600) { | |
badd8ff0 | 420 | debug(33, 3) ("clientGetsOldEntry: YES, failure reply=%d\n", status); |
a05cea5b | 421 | return 1; |
422 | } | |
91f4d519 | 423 | /* If the reply is anything but "Not Modified" then |
424 | * we must forward it to the client */ | |
71a8a965 | 425 | if (HTTP_NOT_MODIFIED != status) { |
cb69b4c7 | 426 | debug(33, 5) ("clientGetsOldEntry: NO, reply=%d\n", status); |
91f4d519 | 427 | return 0; |
428 | } | |
429 | /* If the client did not send IMS in the request, then it | |
430 | * must get the old object, not this "Not Modified" reply */ | |
92695e5e | 431 | if (!request->flags.ims) { |
a3d5953d | 432 | debug(33, 5) ("clientGetsOldEntry: YES, no client IMS\n"); |
91f4d519 | 433 | return 1; |
434 | } | |
435 | /* If the client IMS time is prior to the entry LASTMOD time we | |
436 | * need to send the old object */ | |
437 | if (modifiedSince(old_entry, request)) { | |
32754419 | 438 | debug(33, 5) ("clientGetsOldEntry: YES, modified since %ld\n", |
439 | (long int) request->ims); | |
91f4d519 | 440 | return 1; |
441 | } | |
a3d5953d | 442 | debug(33, 5) ("clientGetsOldEntry: NO, new one is fine\n"); |
91f4d519 | 443 | return 0; |
444 | } | |
445 | ||
446 | ||
52d4522b | 447 | static void |
1b02b5be | 448 | clientHandleIMSReply(void *data, char *buf, ssize_t size) |
620da955 | 449 | { |
382d851a | 450 | clientHttpRequest *http = data; |
382d851a | 451 | StoreEntry *entry = http->entry; |
b6a2f15e | 452 | MemObject *mem; |
9fb13bb6 | 453 | const char *url = storeUrl(entry); |
e92d33a5 | 454 | int unlink_request = 0; |
76cff1d4 | 455 | StoreEntry *oldentry; |
49d3fcb0 | 456 | int recopy = 1; |
b6a2f15e | 457 | http_status status; |
32754419 | 458 | debug(33, 3) ("clientHandleIMSReply: %s, %ld bytes\n", url, (long int) size); |
b6a2f15e | 459 | if (entry == NULL) { |
460 | memFree(buf, MEM_CLIENT_SOCK_BUF); | |
461 | return; | |
462 | } | |
b8890359 | 463 | if (size < 0 && !EBIT_TEST(entry->flags, ENTRY_ABORTED)) { |
464 | memFree(buf, MEM_CLIENT_SOCK_BUF); | |
77b32a34 | 465 | return; |
b8890359 | 466 | } |
b6a2f15e | 467 | mem = entry->mem_obj; |
468 | status = mem->reply->sline.status; | |
b7fe0ab0 | 469 | if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) { |
1b02b5be | 470 | debug(33, 3) ("clientHandleIMSReply: ABORTED '%s'\n", url); |
c54e9052 | 471 | /* We have an existing entry, but failed to validate it */ |
accc6d47 | 472 | /* Its okay to send the old one anyway */ |
473 | http->log_type = LOG_TCP_REFRESH_FAIL_HIT; | |
06d2839d | 474 | storeUnregister(http->sc, entry, http); |
accc6d47 | 475 | storeUnlockObject(entry); |
476 | entry = http->entry = http->old_entry; | |
57ec8214 | 477 | http->sc = http->old_sc; |
71a8a965 | 478 | } else if (STORE_PENDING == entry->store_status && 0 == status) { |
1b02b5be | 479 | debug(33, 3) ("clientHandleIMSReply: Incomplete headers for '%s'\n", url); |
cc27d775 | 480 | if (size >= CLIENT_SOCK_SZ) { |
4455552a | 481 | /* will not get any bigger than that */ |
482 | debug(33, 3) ("clientHandleIMSReply: Reply is too large '%s', using old entry\n", url); | |
878570db | 483 | /* use old entry, this repeats the code abovez */ |
4455552a | 484 | http->log_type = LOG_TCP_REFRESH_FAIL_HIT; |
06d2839d | 485 | storeUnregister(http->sc, entry, http); |
743eebfa | 486 | storeUnlockObject(entry); |
4455552a | 487 | entry = http->entry = http->old_entry; |
57ec8214 | 488 | http->sc = http->old_sc; |
878570db | 489 | /* continue */ |
4455552a | 490 | } else { |
06d2839d | 491 | storeClientCopy(http->sc, entry, |
4455552a | 492 | http->out.offset + size, |
493 | http->out.offset, | |
cc27d775 | 494 | CLIENT_SOCK_SZ, |
49d3fcb0 | 495 | buf, |
4455552a | 496 | clientHandleIMSReply, |
497 | http); | |
878570db | 498 | return; |
4455552a | 499 | } |
382d851a | 500 | } else if (clientGetsOldEntry(entry, http->old_entry, http->request)) { |
620da955 | 501 | /* We initiated the IMS request, the client is not expecting |
76cff1d4 | 502 | * 304, so put the good one back. First, make sure the old entry |
503 | * headers have been loaded from disk. */ | |
382d851a | 504 | oldentry = http->old_entry; |
382d851a | 505 | http->log_type = LOG_TCP_REFRESH_HIT; |
d89d1fb6 | 506 | if (oldentry->mem_obj->request == NULL) { |
507 | oldentry->mem_obj->request = requestLink(mem->request); | |
508 | unlink_request = 1; | |
e92d33a5 | 509 | } |
64763c37 | 510 | /* Don't memcpy() the whole reply structure here. For example, |
511 | * www.thegist.com (Netscape/1.13) returns a content-length for | |
512 | * 304's which seems to be the length of the 304 HEADERS!!! and | |
513 | * not the body they refer to. */ | |
71a8a965 | 514 | httpReplyUpdateOnNotModified(oldentry->mem_obj->reply, mem->reply); |
d89d1fb6 | 515 | storeTimestampsSet(oldentry); |
06d2839d | 516 | storeUnregister(http->sc, entry, http); |
57ec8214 | 517 | http->sc = http->old_sc; |
6d54aea8 | 518 | storeUnlockObject(entry); |
382d851a | 519 | entry = http->entry = oldentry; |
41fad779 | 520 | entry->timestamp = squid_curtime; |
657266fe | 521 | if (unlink_request) { |
e92d33a5 | 522 | requestUnlink(entry->mem_obj->request); |
657266fe | 523 | entry->mem_obj->request = NULL; |
524 | } | |
620da955 | 525 | } else { |
526 | /* the client can handle this reply, whatever it is */ | |
382d851a | 527 | http->log_type = LOG_TCP_REFRESH_MISS; |
71a8a965 | 528 | if (HTTP_NOT_MODIFIED == mem->reply->sline.status) { |
cb4eb1ae | 529 | httpReplyUpdateOnNotModified(http->old_entry->mem_obj->reply, |
530 | mem->reply); | |
531 | storeTimestampsSet(http->old_entry); | |
382d851a | 532 | http->log_type = LOG_TCP_REFRESH_HIT; |
d1a43e28 | 533 | } |
57ec8214 | 534 | storeUnregister(http->old_sc, http->old_entry, http); |
382d851a | 535 | storeUnlockObject(http->old_entry); |
49d3fcb0 | 536 | recopy = 0; |
620da955 | 537 | } |
382d851a | 538 | http->old_entry = NULL; /* done with old_entry */ |
57ec8214 | 539 | http->old_sc = NULL; |
b7fe0ab0 | 540 | assert(!EBIT_TEST(entry->flags, ENTRY_ABORTED)); |
49d3fcb0 | 541 | if (recopy) { |
06d2839d | 542 | storeClientCopy(http->sc, entry, |
49d3fcb0 | 543 | http->out.offset, |
544 | http->out.offset, | |
cc27d775 | 545 | CLIENT_SOCK_SZ, |
49d3fcb0 | 546 | buf, |
547 | clientSendMoreData, | |
548 | http); | |
549 | } else { | |
550 | clientSendMoreData(data, buf, size); | |
6cf028ab | 551 | } |
620da955 | 552 | } |
91f4d519 | 553 | |
554 | int | |
304d07cb | 555 | modifiedSince(StoreEntry * entry, request_t * request) |
91f4d519 | 556 | { |
557 | int object_length; | |
558 | MemObject *mem = entry->mem_obj; | |
1c3e77cd | 559 | time_t mod_time = entry->lastmod; |
9fb13bb6 | 560 | debug(33, 3) ("modifiedSince: '%s'\n", storeUrl(entry)); |
1c3e77cd | 561 | if (mod_time < 0) |
562 | mod_time = entry->timestamp; | |
32754419 | 563 | debug(33, 3) ("modifiedSince: mod_time = %ld\n", (long int) mod_time); |
1c3e77cd | 564 | if (mod_time < 0) |
91f4d519 | 565 | return 1; |
566 | /* Find size of the object */ | |
038eb4ed | 567 | object_length = mem->reply->content_length; |
cb69b4c7 | 568 | if (object_length < 0) |
07304bf9 | 569 | object_length = contentLen(entry); |
1c3e77cd | 570 | if (mod_time > request->ims) { |
a3d5953d | 571 | debug(33, 3) ("--> YES: entry newer than client\n"); |
91f4d519 | 572 | return 1; |
1c3e77cd | 573 | } else if (mod_time < request->ims) { |
a3d5953d | 574 | debug(33, 3) ("--> NO: entry older than client\n"); |
91f4d519 | 575 | return 0; |
576 | } else if (request->imslen < 0) { | |
a3d5953d | 577 | debug(33, 3) ("--> NO: same LMT, no client length\n"); |
91f4d519 | 578 | return 0; |
579 | } else if (request->imslen == object_length) { | |
a3d5953d | 580 | debug(33, 3) ("--> NO: same LMT, same length\n"); |
91f4d519 | 581 | return 0; |
582 | } else { | |
a3d5953d | 583 | debug(33, 3) ("--> YES: same LMT, different length\n"); |
91f4d519 | 584 | return 1; |
585 | } | |
586 | } | |
b3b64e58 | 587 | |
a90eae18 | 588 | void |
382d851a | 589 | clientPurgeRequest(clientHttpRequest * http) |
a90eae18 | 590 | { |
a90eae18 | 591 | StoreEntry *entry; |
9b312a19 | 592 | ErrorState *err = NULL; |
8d6da567 | 593 | HttpReply *r; |
f66a9ef4 | 594 | http_status status = HTTP_NOT_FOUND; |
ccf44862 | 595 | http_version_t version; |
d20b1cd0 | 596 | debug(33, 3) ("Config2.onoff.enable_purge = %d\n", Config2.onoff.enable_purge); |
53cb32a9 | 597 | if (!Config2.onoff.enable_purge) { |
79a15e0a | 598 | http->log_type = LOG_TCP_DENIED; |
fe40a877 | 599 | err = errorCon(ERR_ACCESS_DENIED, HTTP_FORBIDDEN); |
9b312a19 | 600 | err->request = requestLink(http->request); |
601 | err->src_addr = http->conn->peer.sin_addr; | |
92695e5e | 602 | http->entry = clientCreateStoreEntry(http, http->request->method, null_request_flags); |
79e0dc20 | 603 | errorAppendEntry(http->entry, err); |
a90eae18 | 604 | return; |
605 | } | |
f66a9ef4 | 606 | /* Release both IP cache */ |
afc1e43f | 607 | ipcacheInvalidate(http->request->host); |
f66a9ef4 | 608 | |
609 | if (!http->flags.purging) { | |
610 | /* Try to find a base entry */ | |
611 | http->flags.purging = 1; | |
612 | entry = storeGetPublicByRequestMethod(http->request, METHOD_GET); | |
613 | if (!entry) | |
614 | entry = storeGetPublicByRequestMethod(http->request, METHOD_HEAD); | |
615 | if (entry) { | |
616 | /* Swap in the metadata */ | |
617 | http->entry = entry; | |
618 | storeLockObject(http->entry); | |
619 | storeCreateMemObject(http->entry, http->uri, http->log_uri); | |
620 | http->entry->mem_obj->method = http->request->method; | |
621 | http->sc = storeClientListAdd(http->entry, http); | |
622 | http->log_type = LOG_TCP_HIT; | |
623 | storeClientCopy(http->sc, http->entry, | |
624 | http->out.offset, | |
625 | http->out.offset, | |
626 | CLIENT_SOCK_SZ, | |
627 | memAllocate(MEM_CLIENT_SOCK_BUF), | |
628 | clientCacheHit, | |
629 | http); | |
630 | return; | |
631 | } | |
632 | } | |
633 | http->log_type = LOG_TCP_MISS; | |
634 | /* Release the cached URI */ | |
635 | entry = storeGetPublicByRequestMethod(http->request, METHOD_GET); | |
636 | if (entry) { | |
637 | debug(33, 4) ("clientPurgeRequest: GET '%s'\n", | |
638 | storeUrl(entry)); | |
639 | storeRelease(entry); | |
640 | status = HTTP_OK; | |
641 | } | |
642 | entry = storeGetPublicByRequestMethod(http->request, METHOD_HEAD); | |
643 | if (entry) { | |
644 | debug(33, 4) ("clientPurgeRequest: HEAD '%s'\n", | |
645 | storeUrl(entry)); | |
a90eae18 | 646 | storeRelease(entry); |
2addf420 | 647 | status = HTTP_OK; |
a90eae18 | 648 | } |
f66a9ef4 | 649 | /* And for Vary, release the base URI if none of the headers was included in the request */ |
650 | if (http->request->vary_headers && !strstr(http->request->vary_headers, "=")) { | |
651 | entry = storeGetPublic(urlCanonical(http->request), METHOD_GET); | |
652 | if (entry) { | |
653 | debug(33, 4) ("clientPurgeRequest: Vary GET '%s'\n", | |
654 | storeUrl(entry)); | |
655 | storeRelease(entry); | |
656 | status = HTTP_OK; | |
657 | } | |
658 | entry = storeGetPublic(urlCanonical(http->request), METHOD_HEAD); | |
659 | if (entry) { | |
660 | debug(33, 4) ("clientPurgeRequest: Vary HEAD '%s'\n", | |
661 | storeUrl(entry)); | |
662 | storeRelease(entry); | |
663 | status = HTTP_OK; | |
664 | } | |
665 | } | |
afa9f1cd | 666 | /* |
667 | * Make a new entry to hold the reply to be written | |
668 | * to the client. | |
669 | */ | |
92695e5e | 670 | http->entry = clientCreateStoreEntry(http, http->request->method, null_request_flags); |
8d6da567 | 671 | httpReplyReset(r = http->entry->mem_obj->reply); |
bffee5af | 672 | httpBuildVersion(&version, 1, 0); |
ccf44862 | 673 | httpReplySetHeaders(r, version, status, NULL, NULL, 0, 0, -1); |
8d6da567 | 674 | httpReplySwapOut(r, http->entry); |
afa9f1cd | 675 | storeComplete(http->entry); |
a90eae18 | 676 | } |
e33ba616 | 677 | |
678 | int | |
ea3a2a69 | 679 | checkNegativeHit(StoreEntry * e) |
e33ba616 | 680 | { |
d46a87a8 | 681 | if (!EBIT_TEST(e->flags, ENTRY_NEGCACHED)) |
ea3a2a69 | 682 | return 0; |
683 | if (e->expires <= squid_curtime) | |
684 | return 0; | |
685 | if (e->store_status != STORE_OK) | |
686 | return 0; | |
687 | return 1; | |
e33ba616 | 688 | } |
7a2f978b | 689 | |
2d72d4fd | 690 | static void |
0e473d70 | 691 | clientUpdateCounters(clientHttpRequest * http) |
a7c05555 | 692 | { |
ee1679df | 693 | int svc_time = tvSubMsec(http->start, current_time); |
b4e7f82d | 694 | ping_data *i; |
39edba21 | 695 | HierarchyLogEntry *H; |
83704487 | 696 | statCounter.client_http.requests++; |
d8b83480 | 697 | if (isTcpHit(http->log_type)) |
83704487 | 698 | statCounter.client_http.hits++; |
4f4d1d6e | 699 | if (http->log_type == LOG_TCP_HIT) |
83704487 | 700 | statCounter.client_http.disk_hits++; |
4f4d1d6e | 701 | else if (http->log_type == LOG_TCP_MEM_HIT) |
83704487 | 702 | statCounter.client_http.mem_hits++; |
0e473d70 | 703 | if (http->request->err_type != ERR_NONE) |
83704487 | 704 | statCounter.client_http.errors++; |
705 | statHistCount(&statCounter.client_http.all_svc_time, svc_time); | |
ee1679df | 706 | /* |
707 | * The idea here is not to be complete, but to get service times | |
708 | * for only well-defined types. For example, we don't include | |
709 | * LOG_TCP_REFRESH_FAIL_HIT because its not really a cache hit | |
710 | * (we *tried* to validate it, but failed). | |
711 | */ | |
712 | switch (http->log_type) { | |
7c9c84ad | 713 | case LOG_TCP_REFRESH_HIT: |
83704487 | 714 | statHistCount(&statCounter.client_http.nh_svc_time, svc_time); |
7c9c84ad | 715 | break; |
ee1679df | 716 | case LOG_TCP_IMS_HIT: |
83704487 | 717 | statHistCount(&statCounter.client_http.nm_svc_time, svc_time); |
ee1679df | 718 | break; |
719 | case LOG_TCP_HIT: | |
720 | case LOG_TCP_MEM_HIT: | |
b540e168 | 721 | case LOG_TCP_OFFLINE_HIT: |
83704487 | 722 | statHistCount(&statCounter.client_http.hit_svc_time, svc_time); |
ee1679df | 723 | break; |
724 | case LOG_TCP_MISS: | |
725 | case LOG_TCP_CLIENT_REFRESH_MISS: | |
83704487 | 726 | statHistCount(&statCounter.client_http.miss_svc_time, svc_time); |
ee1679df | 727 | break; |
728 | default: | |
729 | /* make compiler warnings go away */ | |
730 | break; | |
731 | } | |
39edba21 | 732 | H = &http->request->hier; |
69c95dd3 | 733 | switch (H->alg) { |
734 | case PEER_SA_DIGEST: | |
83704487 | 735 | statCounter.cd.times_used++; |
69c95dd3 | 736 | break; |
737 | case PEER_SA_ICP: | |
83704487 | 738 | statCounter.icp.times_used++; |
b4e7f82d | 739 | i = &H->ping; |
69c95dd3 | 740 | if (0 != i->stop.tv_sec && 0 != i->start.tv_sec) |
83704487 | 741 | statHistCount(&statCounter.icp.query_svc_time, |
69c95dd3 | 742 | tvSubUsec(i->start, i->stop)); |
743 | if (i->timeout) | |
83704487 | 744 | statCounter.icp.query_timeouts++; |
69c95dd3 | 745 | break; |
746 | case PEER_SA_NETDB: | |
83704487 | 747 | statCounter.netdb.times_used++; |
69c95dd3 | 748 | break; |
749 | default: | |
750 | break; | |
17b6e784 | 751 | } |
a7c05555 | 752 | } |
753 | ||
7a2f978b | 754 | static void |
755 | httpRequestFree(void *data) | |
756 | { | |
757 | clientHttpRequest *http = data; | |
758 | clientHttpRequest **H; | |
759 | ConnStateData *conn = http->conn; | |
b6a2f15e | 760 | StoreEntry *e; |
7a2f978b | 761 | request_t *request = http->request; |
762 | MemObject *mem = NULL; | |
b6a2f15e | 763 | debug(33, 3) ("httpRequestFree: %s\n", storeUrl(http->entry)); |
1b02b5be | 764 | if (!clientCheckTransferDone(http)) { |
94439e4e | 765 | if (request && request->body_connection) |
766 | clientAbortBody(request); /* abort body transter */ | |
28ee8ce5 | 767 | /* HN: This looks a bit odd.. why should client_side care about |
768 | * the ICP selection status? | |
bbf5ef83 | 769 | */ |
b6a2f15e | 770 | if (http->entry && http->entry->ping_status == PING_WAITING) |
771 | storeReleaseRequest(http->entry); | |
7a2f978b | 772 | } |
773 | assert(http->log_type < LOG_TYPE_MAX); | |
b6a2f15e | 774 | if (http->entry) |
775 | mem = http->entry->mem_obj; | |
7a2f978b | 776 | if (http->out.size || http->log_type) { |
728da2ee | 777 | http->al.icp.opcode = ICP_INVALID; |
ef65d6ca | 778 | http->al.url = http->log_uri; |
779 | debug(33, 9) ("httpRequestFree: al.url='%s'\n", http->al.url); | |
7a2f978b | 780 | if (mem) { |
cb69b4c7 | 781 | http->al.http.code = mem->reply->sline.status; |
038eb4ed | 782 | http->al.http.content_type = strBuf(mem->reply->content_type); |
7a2f978b | 783 | } |
784 | http->al.cache.caddr = conn->log_addr; | |
785 | http->al.cache.size = http->out.size; | |
786 | http->al.cache.code = http->log_type; | |
787 | http->al.cache.msec = tvSubMsec(http->start, current_time); | |
7a2f978b | 788 | if (request) { |
2246b732 | 789 | Packer p; |
790 | MemBuf mb; | |
791 | memBufDefInit(&mb); | |
792 | packerToMemInit(&p, &mb); | |
793 | httpHeaderPackInto(&request->header, &p); | |
7a2f978b | 794 | http->al.http.method = request->method; |
c68e9c6b | 795 | http->al.http.version = request->http_ver; |
2246b732 | 796 | http->al.headers.request = xstrdup(mb.buf); |
7a2f978b | 797 | http->al.hier = request->hier; |
94439e4e | 798 | if (request->auth_user_request) { |
799 | http->al.cache.authuser = xstrdup(authenticateUserRequestUsername(request->auth_user_request)); | |
800 | authenticateAuthUserRequestUnlock(request->auth_user_request); | |
801 | request->auth_user_request = NULL; | |
802 | } | |
803 | if (conn->rfc931[0]) | |
804 | http->al.cache.rfc931 = conn->rfc931; | |
2246b732 | 805 | packerClean(&p); |
806 | memBufClean(&mb); | |
7a2f978b | 807 | } |
808 | accessLogLog(&http->al); | |
a7c05555 | 809 | clientUpdateCounters(http); |
6f47fbc7 | 810 | clientdbUpdate(conn->peer.sin_addr, http->log_type, PROTO_HTTP, http->out.size); |
7a2f978b | 811 | } |
7a2f978b | 812 | if (http->acl_checklist) |
813 | aclChecklistFree(http->acl_checklist); | |
88aad2e5 | 814 | if (request) |
c24fca87 | 815 | checkFailureRatio(request->err_type, http->al.hier.code); |
23d92c64 | 816 | safe_free(http->uri); |
817 | safe_free(http->log_uri); | |
2246b732 | 818 | safe_free(http->al.headers.request); |
7a2f978b | 819 | safe_free(http->al.headers.reply); |
6d38ef86 | 820 | safe_free(http->redirect.location); |
d192d11f | 821 | stringClean(&http->range_iter.boundary); |
b6a2f15e | 822 | if ((e = http->entry)) { |
7a2f978b | 823 | http->entry = NULL; |
06d2839d | 824 | storeUnregister(http->sc, e, http); |
e1dcf02d | 825 | http->sc = NULL; |
b6a2f15e | 826 | storeUnlockObject(e); |
7a2f978b | 827 | } |
828 | /* old_entry might still be set if we didn't yet get the reply | |
1b02b5be | 829 | * code in clientHandleIMSReply() */ |
b6a2f15e | 830 | if ((e = http->old_entry)) { |
7a2f978b | 831 | http->old_entry = NULL; |
13f14b78 | 832 | storeUnregister(http->old_sc, e, http); |
e1dcf02d | 833 | http->old_sc = NULL; |
b6a2f15e | 834 | storeUnlockObject(e); |
7a2f978b | 835 | } |
836 | requestUnlink(http->request); | |
837 | assert(http != http->next); | |
838 | assert(http->conn->chr != NULL); | |
94439e4e | 839 | /* Unlink us from the clients request list */ |
7a2f978b | 840 | H = &http->conn->chr; |
841 | while (*H) { | |
842 | if (*H == http) | |
843 | break; | |
844 | H = &(*H)->next; | |
845 | } | |
846 | assert(*H != NULL); | |
847 | *H = http->next; | |
848 | http->next = NULL; | |
0f1bc304 | 849 | dlinkDelete(&http->active, &ClientActiveRequests); |
7a2f978b | 850 | cbdataFree(http); |
851 | } | |
852 | ||
853 | /* This is a handler normally called by comm_close() */ | |
854 | static void | |
855 | connStateFree(int fd, void *data) | |
856 | { | |
857 | ConnStateData *connState = data; | |
858 | clientHttpRequest *http; | |
93f9abd0 | 859 | debug(33, 3) ("connStateFree: FD %d\n", fd); |
7a2f978b | 860 | assert(connState != NULL); |
9bc73deb | 861 | clientdbEstablished(connState->peer.sin_addr, -1); /* decrement */ |
79d39a72 | 862 | while ((http = connState->chr) != NULL) { |
7a2f978b | 863 | assert(http->conn == connState); |
864 | assert(connState->chr != connState->chr->next); | |
865 | httpRequestFree(http); | |
866 | } | |
5d146f7d | 867 | if (connState->auth_user_request) |
868 | authenticateAuthUserRequestUnlock(connState->auth_user_request); | |
869 | connState->auth_user_request = NULL; | |
870 | authenticateOnCloseConnection(connState); | |
58cd5bbd | 871 | if (connState->in.size == CLIENT_REQ_BUF_SZ) |
872 | memFree(connState->in.buf, MEM_CLIENT_REQ_BUF); | |
873 | else | |
874 | safe_free(connState->in.buf); | |
59c4d35b | 875 | /* XXX account connState->in.buf */ |
7a2f978b | 876 | pconnHistCount(0, connState->nrequests); |
877 | cbdataFree(connState); | |
403028a9 | 878 | #ifdef _SQUID_LINUX_ |
879 | /* prevent those nasty RST packets */ | |
880 | { | |
881 | char buf[SQUID_TCP_SO_RCVBUF]; | |
1f7c9178 | 882 | while (FD_READ_METHOD(fd, buf, SQUID_TCP_SO_RCVBUF) > 0); |
403028a9 | 883 | } |
884 | #endif | |
7a2f978b | 885 | } |
886 | ||
887 | static void | |
99edd1c3 | 888 | clientInterpretRequestHeaders(clientHttpRequest * http) |
7a2f978b | 889 | { |
890 | request_t *request = http->request; | |
99edd1c3 | 891 | const HttpHeader *req_hdr = &request->header; |
16f019f5 | 892 | int no_cache = 0; |
99edd1c3 | 893 | const char *str; |
99edd1c3 | 894 | request->imslen = -1; |
895 | request->ims = httpHeaderGetTime(req_hdr, HDR_IF_MODIFIED_SINCE); | |
896 | if (request->ims > 0) | |
92695e5e | 897 | request->flags.ims = 1; |
99edd1c3 | 898 | if (httpHeaderHas(req_hdr, HDR_PRAGMA)) { |
899 | String s = httpHeaderGetList(req_hdr, HDR_PRAGMA); | |
16f019f5 | 900 | if (strListIsMember(&s, "no-cache", ',')) |
901 | no_cache++; | |
902 | stringClean(&s); | |
903 | } | |
9bc73deb | 904 | request->cache_control = httpHeaderGetCc(req_hdr); |
16f019f5 | 905 | if (request->cache_control) |
906 | if (EBIT_TEST(request->cache_control->mask, CC_NO_CACHE)) | |
907 | no_cache++; | |
7613d09c | 908 | /* Work around for supporting the Reload button in IE browsers |
909 | * when Squid is used as an accelerator or transparent proxy, | |
910 | * by turning accelerated IMS request to no-cache requests. | |
911 | * Now knows about IE 5.5 fix (is actually only fixed in SP1, | |
912 | * but we can't tell whether we are talking to SP1 or not so | |
913 | * all 5.5 versions are treated 'normally'). | |
f0debecb | 914 | */ |
7613d09c | 915 | if (Config.onoff.ie_refresh) { |
f0debecb | 916 | if (http->flags.accel && request->flags.ims) { |
917 | if ((str = httpHeaderGetStr(req_hdr, HDR_USER_AGENT))) { | |
918 | if (strstr(str, "MSIE 5.01") != NULL) | |
919 | no_cache++; | |
920 | else if (strstr(str, "MSIE 5.0") != NULL) | |
921 | no_cache++; | |
922 | else if (strstr(str, "MSIE 4.") != NULL) | |
923 | no_cache++; | |
924 | else if (strstr(str, "MSIE 3.") != NULL) | |
925 | no_cache++; | |
926 | } | |
927 | } | |
7613d09c | 928 | } |
16f019f5 | 929 | if (no_cache) { |
9f60cfdf | 930 | #if HTTP_VIOLATIONS |
16f019f5 | 931 | if (Config.onoff.reload_into_ims) |
932 | request->flags.nocache_hack = 1; | |
933 | else if (refresh_nocache_hack) | |
934 | request->flags.nocache_hack = 1; | |
935 | else | |
9f60cfdf | 936 | #endif |
16f019f5 | 937 | request->flags.nocache = 1; |
7a2f978b | 938 | } |
4b315324 | 939 | /* ignore range header in non-GETs */ |
940 | if (request->method == METHOD_GET) { | |
941 | request->range = httpHeaderGetRange(req_hdr); | |
942 | if (request->range) | |
92695e5e | 943 | request->flags.range = 1; |
4b315324 | 944 | } |
99edd1c3 | 945 | if (httpHeaderHas(req_hdr, HDR_AUTHORIZATION)) |
92695e5e | 946 | request->flags.auth = 1; |
7a2f978b | 947 | if (request->login[0] != '\0') |
92695e5e | 948 | request->flags.auth = 1; |
99edd1c3 | 949 | if (httpHeaderHas(req_hdr, HDR_VIA)) { |
950 | String s = httpHeaderGetList(req_hdr, HDR_VIA); | |
38a6c74e | 951 | /* |
952 | * ThisCache cannot be a member of Via header, "1.0 ThisCache" can. | |
953 | * Note ThisCache2 has a space prepended to the hostname so we don't | |
954 | * accidentally match super-domains. | |
955 | */ | |
956 | if (strListIsSubstr(&s, ThisCache2, ',')) { | |
c68e9c6b | 957 | debugObj(33, 1, "WARNING: Forwarding loop detected for:\n", |
958 | request, (ObjPackMethod) & httpRequestPack); | |
92695e5e | 959 | request->flags.loopdetect = 1; |
7a2f978b | 960 | } |
d21f1c54 | 961 | #if FORW_VIA_DB |
ea285003 | 962 | fvdbCountVia(strBuf(s)); |
d21f1c54 | 963 | #endif |
99edd1c3 | 964 | stringClean(&s); |
d21f1c54 | 965 | } |
7a2f978b | 966 | #if USE_USERAGENT_LOG |
99edd1c3 | 967 | if ((str = httpHeaderGetStr(req_hdr, HDR_USER_AGENT))) |
968 | logUserAgent(fqdnFromAddr(http->conn->peer.sin_addr), str); | |
d21f1c54 | 969 | #endif |
fd2c5549 | 970 | #if USE_REFERER_LOG |
971 | if ((str = httpHeaderGetStr(req_hdr, HDR_REFERER))) | |
972 | logReferer(fqdnFromAddr(http->conn->peer.sin_addr), str, | |
973 | http->log_uri); | |
974 | #endif | |
d21f1c54 | 975 | #if FORW_VIA_DB |
99edd1c3 | 976 | if (httpHeaderHas(req_hdr, HDR_X_FORWARDED_FOR)) { |
977 | String s = httpHeaderGetList(req_hdr, HDR_X_FORWARDED_FOR); | |
978 | fvdbCountForw(strBuf(s)); | |
979 | stringClean(&s); | |
980 | } | |
7a2f978b | 981 | #endif |
7a2f978b | 982 | if (request->method == METHOD_TRACE) { |
99edd1c3 | 983 | request->max_forwards = httpHeaderGetInt(req_hdr, HDR_MAX_FORWARDS); |
7a2f978b | 984 | } |
50ddd7a4 | 985 | if (clientCachable(http)) |
92695e5e | 986 | request->flags.cachable = 1; |
50ddd7a4 | 987 | if (clientHierarchical(http)) |
92695e5e | 988 | request->flags.hierarchical = 1; |
99edd1c3 | 989 | debug(33, 5) ("clientInterpretRequestHeaders: REQ_NOCACHE = %s\n", |
92695e5e | 990 | request->flags.nocache ? "SET" : "NOT SET"); |
99edd1c3 | 991 | debug(33, 5) ("clientInterpretRequestHeaders: REQ_CACHABLE = %s\n", |
92695e5e | 992 | request->flags.cachable ? "SET" : "NOT SET"); |
99edd1c3 | 993 | debug(33, 5) ("clientInterpretRequestHeaders: REQ_HIERARCHICAL = %s\n", |
92695e5e | 994 | request->flags.hierarchical ? "SET" : "NOT SET"); |
7a2f978b | 995 | } |
996 | ||
c68e9c6b | 997 | /* |
998 | * clientSetKeepaliveFlag() sets request->flags.proxy_keepalive. | |
999 | * This is the client-side persistent connection flag. We need | |
1000 | * to set this relatively early in the request processing | |
1001 | * to handle hacks for broken servers and clients. | |
1002 | */ | |
1003 | static void | |
1004 | clientSetKeepaliveFlag(clientHttpRequest * http) | |
1005 | { | |
1006 | request_t *request = http->request; | |
1007 | const HttpHeader *req_hdr = &request->header; | |
ccf44862 | 1008 | debug(33, 3) ("clientSetKeepaliveFlag: http_ver = %d.%d\n", |
1009 | request->http_ver.major, request->http_ver.minor); | |
c68e9c6b | 1010 | debug(33, 3) ("clientSetKeepaliveFlag: method = %s\n", |
1011 | RequestMethodStr[request->method]); | |
efd900cb | 1012 | if (!Config.onoff.client_pconns) |
1013 | request->flags.proxy_keepalive = 0; | |
1014 | else if (httpMsgIsPersistent(request->http_ver, req_hdr)) | |
c68e9c6b | 1015 | request->flags.proxy_keepalive = 1; |
c68e9c6b | 1016 | } |
1017 | ||
31be8b80 | 1018 | static int |
efb9218c | 1019 | clientCheckContentLength(request_t * r) |
31be8b80 | 1020 | { |
ffc128c4 | 1021 | switch (r->method) { |
1022 | case METHOD_PUT: | |
1023 | case METHOD_POST: | |
1024 | /* PUT/POST requires a request entity */ | |
2a6b906c | 1025 | return (r->content_length >= 0); |
ffc128c4 | 1026 | case METHOD_GET: |
1027 | case METHOD_HEAD: | |
1028 | /* We do not want to see a request entity on GET/HEAD requests */ | |
2a6b906c | 1029 | return (r->content_length <= 0); |
ffc128c4 | 1030 | default: |
1031 | /* For other types of requests we don't care */ | |
0cdcddb9 | 1032 | return 1; |
ffc128c4 | 1033 | } |
1034 | /* NOT REACHED */ | |
31be8b80 | 1035 | } |
1036 | ||
7a2f978b | 1037 | static int |
50ddd7a4 | 1038 | clientCachable(clientHttpRequest * http) |
7a2f978b | 1039 | { |
23d92c64 | 1040 | const char *url = http->uri; |
7a2f978b | 1041 | request_t *req = http->request; |
1042 | method_t method = req->method; | |
7a2f978b | 1043 | if (req->protocol == PROTO_HTTP) |
1044 | return httpCachable(method); | |
1045 | /* FTP is always cachable */ | |
7a2f978b | 1046 | if (req->protocol == PROTO_WAIS) |
1047 | return 0; | |
1048 | if (method == METHOD_CONNECT) | |
1049 | return 0; | |
1050 | if (method == METHOD_TRACE) | |
1051 | return 0; | |
94439e4e | 1052 | if (method == METHOD_PUT) |
1053 | return 0; | |
1054 | if (method == METHOD_POST) | |
1055 | return 0; /* XXX POST may be cached sometimes.. ignored for now */ | |
1056 | if (req->protocol == PROTO_GOPHER) | |
1057 | return gopherCachable(url); | |
7a2f978b | 1058 | if (req->protocol == PROTO_CACHEOBJ) |
1059 | return 0; | |
1060 | return 1; | |
1061 | } | |
1062 | ||
1063 | /* Return true if we can query our neighbors for this object */ | |
1064 | static int | |
50ddd7a4 | 1065 | clientHierarchical(clientHttpRequest * http) |
7a2f978b | 1066 | { |
23d92c64 | 1067 | const char *url = http->uri; |
7a2f978b | 1068 | request_t *request = http->request; |
1069 | method_t method = request->method; | |
1070 | const wordlist *p = NULL; | |
1071 | ||
1072 | /* IMS needs a private key, so we can use the hierarchy for IMS only | |
1073 | * if our neighbors support private keys */ | |
92695e5e | 1074 | if (request->flags.ims && !neighbors_do_private_keys) |
7a2f978b | 1075 | return 0; |
92695e5e | 1076 | if (request->flags.auth) |
7a2f978b | 1077 | return 0; |
1078 | if (method == METHOD_TRACE) | |
1079 | return 1; | |
1080 | if (method != METHOD_GET) | |
1081 | return 0; | |
1082 | /* scan hierarchy_stoplist */ | |
1083 | for (p = Config.hierarchy_stoplist; p; p = p->next) | |
1084 | if (strstr(url, p->key)) | |
1085 | return 0; | |
92695e5e | 1086 | if (request->flags.loopdetect) |
7a2f978b | 1087 | return 0; |
1088 | if (request->protocol == PROTO_HTTP) | |
1089 | return httpCachable(method); | |
1090 | if (request->protocol == PROTO_GOPHER) | |
1091 | return gopherCachable(url); | |
1092 | if (request->protocol == PROTO_WAIS) | |
1093 | return 0; | |
1094 | if (request->protocol == PROTO_CACHEOBJ) | |
1095 | return 0; | |
1096 | return 1; | |
1097 | } | |
1098 | ||
cf50a0af | 1099 | int |
7a2f978b | 1100 | isTcpHit(log_type code) |
1101 | { | |
1102 | /* this should be a bitmap for better optimization */ | |
1103 | if (code == LOG_TCP_HIT) | |
1104 | return 1; | |
1105 | if (code == LOG_TCP_IMS_HIT) | |
1106 | return 1; | |
1107 | if (code == LOG_TCP_REFRESH_FAIL_HIT) | |
1108 | return 1; | |
1109 | if (code == LOG_TCP_REFRESH_HIT) | |
1110 | return 1; | |
1111 | if (code == LOG_TCP_NEGATIVE_HIT) | |
1112 | return 1; | |
1113 | if (code == LOG_TCP_MEM_HIT) | |
1114 | return 1; | |
b540e168 | 1115 | if (code == LOG_TCP_OFFLINE_HIT) |
1116 | return 1; | |
7a2f978b | 1117 | return 0; |
1118 | } | |
1119 | ||
1c3e77cd | 1120 | /* |
1121 | * returns true if If-Range specs match reply, false otherwise | |
1122 | */ | |
a9771e51 | 1123 | static int |
1124 | clientIfRangeMatch(clientHttpRequest * http, HttpReply * rep) | |
1125 | { | |
1126 | const TimeOrTag spec = httpHeaderGetTimeOrTag(&http->request->header, HDR_IF_RANGE); | |
1127 | /* check for parsing falure */ | |
1128 | if (!spec.valid) | |
1129 | return 0; | |
1130 | /* got an ETag? */ | |
1131 | if (spec.tag.str) { | |
1132 | ETag rep_tag = httpHeaderGetETag(&rep->header, HDR_ETAG); | |
ebb6e9a0 | 1133 | debug(33, 3) ("clientIfRangeMatch: ETags: %s and %s\n", |
a9771e51 | 1134 | spec.tag.str, rep_tag.str ? rep_tag.str : "<none>"); |
1135 | if (!rep_tag.str) | |
ebb6e9a0 | 1136 | return 0; /* entity has no etag to compare with! */ |
a9771e51 | 1137 | if (spec.tag.weak || rep_tag.weak) { |
9834a631 | 1138 | debug(33, 1) ("clientIfRangeMatch: Weak ETags are not allowed in If-Range: %s ? %s\n", |
a9771e51 | 1139 | spec.tag.str, rep_tag.str); |
ebb6e9a0 | 1140 | return 0; /* must use strong validator for sub-range requests */ |
a9771e51 | 1141 | } |
1142 | return etagIsEqual(&rep_tag, &spec.tag); | |
1143 | } | |
1144 | /* got modification time? */ | |
1145 | if (spec.time >= 0) { | |
1146 | return http->entry->lastmod <= spec.time; | |
1147 | } | |
ebb6e9a0 | 1148 | assert(0); /* should not happen */ |
a9771e51 | 1149 | return 0; |
1150 | } | |
1151 | ||
71540aeb | 1152 | /* returns expected content length for multi-range replies |
1153 | * note: assumes that httpHdrRangeCanonize has already been called | |
1154 | * warning: assumes that HTTP headers for individual ranges at the | |
1155 | * time of the actuall assembly will be exactly the same as | |
1156 | * the headers when clientMRangeCLen() is called */ | |
1157 | static int | |
f6308664 | 1158 | clientMRangeCLen(clientHttpRequest * http) |
1159 | { | |
71540aeb | 1160 | int clen = 0; |
1161 | HttpHdrRangePos pos = HttpHdrRangeInitPos; | |
1162 | const HttpHdrRangeSpec *spec; | |
1163 | MemBuf mb; | |
1164 | ||
1165 | assert(http->entry->mem_obj); | |
1166 | ||
1167 | memBufDefInit(&mb); | |
1168 | while ((spec = httpHdrRangeGetSpec(http->request->range, &pos))) { | |
1169 | ||
1170 | /* account for headers for this range */ | |
1171 | memBufReset(&mb); | |
1172 | clientPackRangeHdr(http->entry->mem_obj->reply, | |
1173 | spec, http->range_iter.boundary, &mb); | |
1174 | clen += mb.size; | |
1175 | ||
1176 | /* account for range content */ | |
1177 | clen += spec->length; | |
1178 | ||
32754419 | 1179 | debug(33, 6) ("clientMRangeCLen: (clen += %ld + %ld) == %d\n", |
1180 | (long int) mb.size, (long int) spec->length, clen); | |
71540aeb | 1181 | } |
1182 | /* account for the terminating boundary */ | |
1183 | memBufReset(&mb); | |
1184 | clientPackTermBound(http->range_iter.boundary, &mb); | |
1185 | clen += mb.size; | |
1186 | ||
1187 | memBufClean(&mb); | |
1188 | return clen; | |
1189 | } | |
1190 | ||
e17d81d3 | 1191 | /* adds appropriate Range headers if needed */ |
1192 | static void | |
1193 | clientBuildRangeHeader(clientHttpRequest * http, HttpReply * rep) | |
1194 | { | |
5e2dba16 | 1195 | HttpHeader *hdr = rep ? &rep->header : 0; |
e17d81d3 | 1196 | const char *range_err = NULL; |
288c06ce | 1197 | request_t *request = http->request; |
623bfa4c | 1198 | int is_hit = isTcpHit(http->log_type); |
288c06ce | 1199 | assert(request->range); |
e17d81d3 | 1200 | /* check if we still want to do ranges */ |
9834a631 | 1201 | if (!rep) |
1202 | range_err = "no [parse-able] reply"; | |
1203 | else if (rep->sline.status != HTTP_OK) | |
e17d81d3 | 1204 | range_err = "wrong status code"; |
ebb6e9a0 | 1205 | else if (httpHeaderHas(hdr, HDR_CONTENT_RANGE)) |
e17d81d3 | 1206 | range_err = "origin server does ranges"; |
ebb6e9a0 | 1207 | else if (rep->content_length < 0) |
e17d81d3 | 1208 | range_err = "unknown length"; |
ebb6e9a0 | 1209 | else if (rep->content_length != http->entry->mem_obj->reply->content_length) |
1210 | range_err = "INCONSISTENT length"; /* a bug? */ | |
1211 | else if (httpHeaderHas(&http->request->header, HDR_IF_RANGE) && !clientIfRangeMatch(http, rep)) | |
a9771e51 | 1212 | range_err = "If-Range match failed"; |
ebb6e9a0 | 1213 | else if (!httpHdrRangeCanonize(http->request->range, rep->content_length)) |
e17d81d3 | 1214 | range_err = "canonization failed"; |
ebb6e9a0 | 1215 | else if (httpHdrRangeIsComplex(http->request->range)) |
e17d81d3 | 1216 | range_err = "too complex range header"; |
a4b8110e | 1217 | else if (!request->flags.cachable) /* from we_do_ranges in http.c */ |
288c06ce | 1218 | range_err = "non-cachable request"; |
623bfa4c | 1219 | else if (!is_hit && httpHdrRangeOffsetLimit(http->request->range)) |
1220 | range_err = "range outside range_offset_limit"; | |
e17d81d3 | 1221 | /* get rid of our range specs on error */ |
1222 | if (range_err) { | |
badd8ff0 | 1223 | debug(33, 3) ("clientBuildRangeHeader: will not do ranges: %s.\n", range_err); |
e17d81d3 | 1224 | httpHdrRangeDestroy(http->request->range); |
1225 | http->request->range = NULL; | |
1226 | } else { | |
1227 | const int spec_count = http->request->range->specs.count; | |
71540aeb | 1228 | int actual_clen = -1; |
1229 | ||
badd8ff0 | 1230 | debug(33, 3) ("clientBuildRangeHeader: range spec count: %d virgin clen: %d\n", |
e17d81d3 | 1231 | spec_count, rep->content_length); |
1232 | assert(spec_count > 0); | |
a9771e51 | 1233 | /* ETags should not be returned with Partial Content replies? */ |
1234 | httpHeaderDelById(hdr, HDR_ETAG); | |
ebb6e9a0 | 1235 | /* append appropriate header(s) */ |
e17d81d3 | 1236 | if (spec_count == 1) { |
1237 | HttpHdrRangePos pos = HttpHdrRangeInitPos; | |
889b534a | 1238 | const HttpHdrRangeSpec *spec = httpHdrRangeGetSpec(http->request->range, &pos); |
1239 | assert(spec); | |
e17d81d3 | 1240 | /* append Content-Range */ |
889b534a | 1241 | httpHeaderAddContRange(hdr, *spec, rep->content_length); |
71540aeb | 1242 | /* set new Content-Length to the actual number of bytes |
e17d81d3 | 1243 | * transmitted in the message-body */ |
71540aeb | 1244 | actual_clen = spec->length; |
e17d81d3 | 1245 | } else { |
1246 | /* multipart! */ | |
1247 | /* generate boundary string */ | |
1248 | http->range_iter.boundary = httpHdrRangeBoundaryStr(http); | |
1249 | /* delete old Content-Type, add ours */ | |
1250 | httpHeaderDelById(hdr, HDR_CONTENT_TYPE); | |
1251 | httpHeaderPutStrf(hdr, HDR_CONTENT_TYPE, | |
1252 | "multipart/byteranges; boundary=\"%s\"", | |
1253 | strBuf(http->range_iter.boundary)); | |
71540aeb | 1254 | /* Content-Length is not required in multipart responses |
1255 | * but it is always nice to have one */ | |
1256 | actual_clen = clientMRangeCLen(http); | |
e17d81d3 | 1257 | } |
71540aeb | 1258 | |
1259 | /* replace Content-Length header */ | |
1260 | assert(actual_clen >= 0); | |
1261 | httpHeaderDelById(hdr, HDR_CONTENT_LENGTH); | |
1262 | httpHeaderPutInt(hdr, HDR_CONTENT_LENGTH, actual_clen); | |
badd8ff0 | 1263 | debug(33, 3) ("clientBuildRangeHeader: actual content length: %d\n", actual_clen); |
e17d81d3 | 1264 | } |
1265 | } | |
1266 | ||
35282fbf | 1267 | /* |
1268 | * filters out unwanted entries from original reply header | |
d192d11f | 1269 | * adds extra entries if we have more info than origin server |
35282fbf | 1270 | * adds Squid specific entries |
1271 | */ | |
2246b732 | 1272 | static void |
eeb423fb | 1273 | clientBuildReplyHeader(clientHttpRequest * http, HttpReply * rep) |
2246b732 | 1274 | { |
1275 | HttpHeader *hdr = &rep->header; | |
1276 | int is_hit = isTcpHit(http->log_type); | |
7673173d | 1277 | request_t *request = http->request; |
2246b732 | 1278 | #if DONT_FILTER_THESE |
1279 | /* but you might want to if you run Squid as an HTTP accelerator */ | |
d192d11f | 1280 | /* httpHeaderDelById(hdr, HDR_ACCEPT_RANGES); */ |
2246b732 | 1281 | httpHeaderDelById(hdr, HDR_ETAG); |
1282 | #endif | |
1283 | httpHeaderDelById(hdr, HDR_PROXY_CONNECTION); | |
1284 | /* here: Keep-Alive is a field-name, not a connection directive! */ | |
1285 | httpHeaderDelByName(hdr, "Keep-Alive"); | |
1286 | /* remove Set-Cookie if a hit */ | |
1287 | if (is_hit) | |
1288 | httpHeaderDelById(hdr, HDR_SET_COOKIE); | |
1289 | /* handle Connection header */ | |
1290 | if (httpHeaderHas(hdr, HDR_CONNECTION)) { | |
1291 | /* anything that matches Connection list member will be deleted */ | |
1292 | String strConnection = httpHeaderGetList(hdr, HDR_CONNECTION); | |
1293 | const HttpHeaderEntry *e; | |
1294 | HttpHeaderPos pos = HttpHeaderInitPos; | |
7673173d | 1295 | /* |
1296 | * think: on-average-best nesting of the two loops (hdrEntry | |
1297 | * and strListItem) @?@ | |
1298 | */ | |
1299 | /* | |
1300 | * maybe we should delete standard stuff ("keep-alive","close") | |
1301 | * from strConnection first? | |
1302 | */ | |
2246b732 | 1303 | while ((e = httpHeaderGetEntry(hdr, &pos))) { |
1304 | if (strListIsMember(&strConnection, strBuf(e->name), ',')) | |
1305 | httpHeaderDelAt(hdr, pos); | |
1306 | } | |
1307 | httpHeaderDelById(hdr, HDR_CONNECTION); | |
1308 | stringClean(&strConnection); | |
1309 | } | |
d192d11f | 1310 | /* Handle Ranges */ |
7673173d | 1311 | if (request->range) |
e17d81d3 | 1312 | clientBuildRangeHeader(http, rep); |
7673173d | 1313 | /* |
efd900cb | 1314 | * Add a estimated Age header on cache hits. |
7673173d | 1315 | */ |
efd900cb | 1316 | if (is_hit) { |
1317 | /* | |
1318 | * Remove any existing Age header sent by upstream caches | |
1319 | * (note that the existing header is passed along unmodified | |
1320 | * on cache misses) | |
1321 | */ | |
cc66f616 | 1322 | httpHeaderDelById(hdr, HDR_AGE); |
7673173d | 1323 | /* |
efd900cb | 1324 | * This adds the calculated object age. Note that the details of the |
1325 | * age calculation is performed by adjusting the timestamp in | |
1326 | * storeTimestampsSet(), not here. | |
1327 | * | |
1328 | * BROWSER WORKAROUND: IE sometimes hangs when receiving a 0 Age | |
1329 | * header, so don't use it unless there is a age to report. Please | |
1330 | * note that Age is only used to make a conservative estimation of | |
1331 | * the objects age, so a Age: 0 header does not add any useful | |
1332 | * information to the reply in any case. | |
7673173d | 1333 | */ |
6fd26c18 | 1334 | if (NULL == http->entry) |
1335 | (void) 0; | |
1336 | else if (http->entry->timestamp < 0) | |
1337 | (void) 0; | |
15eab38b | 1338 | else if (http->entry->timestamp < squid_curtime) |
6fd26c18 | 1339 | httpHeaderPutInt(hdr, HDR_AGE, |
1340 | squid_curtime - http->entry->timestamp); | |
cc66f616 | 1341 | } |
94439e4e | 1342 | /* Handle authentication headers */ |
1343 | if (request->auth_user_request) | |
721b0310 | 1344 | authenticateFixHeader(rep, request->auth_user_request, request, http->flags.accel, 0); |
2246b732 | 1345 | /* Append X-Cache */ |
1346 | httpHeaderPutStrf(hdr, HDR_X_CACHE, "%s from %s", | |
1347 | is_hit ? "HIT" : "MISS", getMyHostname()); | |
1348 | #if USE_CACHE_DIGESTS | |
1349 | /* Append X-Cache-Lookup: -- temporary hack, to be removed @?@ @?@ */ | |
1350 | httpHeaderPutStrf(hdr, HDR_X_CACHE_LOOKUP, "%s from %s:%d", | |
1351 | http->lookup_type ? http->lookup_type : "NONE", | |
7e3ce7b9 | 1352 | getMyHostname(), ntohs(Config.Sockaddr.http->s.sin_port)); |
2246b732 | 1353 | #endif |
9bc73deb | 1354 | if (httpReplyBodySize(request->method, rep) < 0) { |
2d5a59cd | 1355 | debug(33, 3) ("clientBuildReplyHeader: can't keep-alive, unknown body size\n"); |
35282fbf | 1356 | request->flags.proxy_keepalive = 0; |
1357 | } | |
2246b732 | 1358 | /* Signal keep-alive if needed */ |
7673173d | 1359 | httpHeaderPutStr(hdr, |
1360 | http->flags.accel ? HDR_CONNECTION : HDR_PROXY_CONNECTION, | |
92695e5e | 1361 | request->flags.proxy_keepalive ? "keep-alive" : "close"); |
2246b732 | 1362 | #if ADD_X_REQUEST_URI |
1363 | /* | |
1364 | * Knowing the URI of the request is useful when debugging persistent | |
1365 | * connections in a client; we cannot guarantee the order of http headers, | |
1366 | * but X-Request-URI is likely to be the very last header to ease use from a | |
1367 | * debugger [hdr->entries.count-1]. | |
1368 | */ | |
eeb423fb | 1369 | httpHeaderPutStr(hdr, HDR_X_REQUEST_URI, |
2246b732 | 1370 | http->entry->mem_obj->url ? http->entry->mem_obj->url : http->uri); |
1371 | #endif | |
6bccf575 | 1372 | httpHdrMangleList(hdr, request); |
2246b732 | 1373 | } |
1374 | ||
eeb423fb | 1375 | static HttpReply * |
2246b732 | 1376 | clientBuildReply(clientHttpRequest * http, const char *buf, size_t size) |
1377 | { | |
1378 | HttpReply *rep = httpReplyCreate(); | |
9bc73deb | 1379 | size_t k = headersEnd(buf, size); |
1380 | if (k && httpReplyParse(rep, buf, k)) { | |
2246b732 | 1381 | /* enforce 1.0 reply version */ |
bffee5af | 1382 | httpBuildVersion(&rep->sline.version, 1, 0); |
2246b732 | 1383 | /* do header conversions */ |
1384 | clientBuildReplyHeader(http, rep); | |
d192d11f | 1385 | /* if we do ranges, change status to "Partial Content" */ |
1386 | if (http->request->range) | |
9bc73deb | 1387 | httpStatusLineSet(&rep->sline, rep->sline.version, |
1388 | HTTP_PARTIAL_CONTENT, NULL); | |
2246b732 | 1389 | } else { |
1390 | /* parsing failure, get rid of the invalid reply */ | |
1391 | httpReplyDestroy(rep); | |
1392 | rep = NULL; | |
9834a631 | 1393 | /* if we were going to do ranges, backoff */ |
9bc73deb | 1394 | if (http->request->range) { |
1395 | /* this will fail and destroy request->range */ | |
1396 | clientBuildRangeHeader(http, rep); | |
1397 | } | |
2246b732 | 1398 | } |
1399 | return rep; | |
1400 | } | |
7a2f978b | 1401 | |
85071fe3 | 1402 | /* |
1403 | * clientCacheHit should only be called until the HTTP reply headers | |
1404 | * have been parsed. Normally this should be a single call, but | |
1405 | * it might take more than one. As soon as we have the headers, | |
1406 | * we hand off to clientSendMoreData, clientProcessExpired, or | |
1407 | * clientProcessMiss. | |
1408 | */ | |
4c323c5f | 1409 | static void |
7a2f978b | 1410 | clientCacheHit(void *data, char *buf, ssize_t size) |
1411 | { | |
1412 | clientHttpRequest *http = data; | |
49d3fcb0 | 1413 | StoreEntry *e = http->entry; |
1414 | MemObject *mem; | |
1415 | request_t *r = http->request; | |
93f9abd0 | 1416 | debug(33, 3) ("clientCacheHit: %s, %d bytes\n", http->uri, (int) size); |
49d3fcb0 | 1417 | if (http->entry == NULL) { |
db1cd23c | 1418 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
93f9abd0 | 1419 | debug(33, 3) ("clientCacheHit: request aborted\n"); |
49d3fcb0 | 1420 | return; |
1421 | } else if (size < 0) { | |
7a2f978b | 1422 | /* swap in failure */ |
db1cd23c | 1423 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
93f9abd0 | 1424 | debug(33, 3) ("clientCacheHit: swapin failure for %s\n", http->uri); |
7a2f978b | 1425 | http->log_type = LOG_TCP_SWAPFAIL_MISS; |
fdfc0d63 | 1426 | if ((e = http->entry)) { |
1427 | http->entry = NULL; | |
06d2839d | 1428 | storeUnregister(http->sc, e, http); |
e1dcf02d | 1429 | http->sc = NULL; |
fdfc0d63 | 1430 | storeUnlockObject(e); |
1431 | } | |
fb63215a | 1432 | clientProcessMiss(http); |
49d3fcb0 | 1433 | return; |
1434 | } | |
1435 | assert(size > 0); | |
1436 | mem = e->mem_obj; | |
b7fe0ab0 | 1437 | assert(!EBIT_TEST(e->flags, ENTRY_ABORTED)); |
49d3fcb0 | 1438 | if (mem->reply->sline.status == 0) { |
1439 | /* | |
1440 | * we don't have full reply headers yet; either wait for more or | |
1441 | * punt to clientProcessMiss. | |
1442 | */ | |
25944e56 | 1443 | if (e->mem_status == IN_MEMORY || e->store_status == STORE_OK) { |
db1cd23c | 1444 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
49d3fcb0 | 1445 | clientProcessMiss(http); |
cc27d775 | 1446 | } else if (size == CLIENT_SOCK_SZ && http->out.offset == 0) { |
db1cd23c | 1447 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
49d3fcb0 | 1448 | clientProcessMiss(http); |
1449 | } else { | |
1450 | debug(33, 3) ("clientCacheHit: waiting for HTTP reply headers\n"); | |
06d2839d | 1451 | storeClientCopy(http->sc, e, |
49d3fcb0 | 1452 | http->out.offset + size, |
1453 | http->out.offset, | |
cc27d775 | 1454 | CLIENT_SOCK_SZ, |
49d3fcb0 | 1455 | buf, |
1456 | clientCacheHit, | |
1457 | http); | |
1458 | } | |
1459 | return; | |
1460 | } | |
1461 | /* | |
1462 | * Got the headers, now grok them | |
1463 | */ | |
1464 | assert(http->log_type == LOG_TCP_HIT); | |
f66a9ef4 | 1465 | switch (varyEvaluateMatch(e, r)) { |
1466 | case VARY_NONE: | |
1467 | /* No variance detected. Continue as normal */ | |
1468 | break; | |
1469 | case VARY_MATCH: | |
1470 | /* This is the correct entity for this request. Continue */ | |
1471 | debug(33, 2) ("clientProcessHit: Vary MATCH!\n"); | |
1472 | break; | |
1473 | case VARY_OTHER: | |
1474 | /* This is not the correct entity for this request. We need | |
1475 | * to requery the cache. | |
1476 | */ | |
1477 | memFree(buf, MEM_CLIENT_SOCK_BUF); | |
1478 | http->entry = NULL; | |
1479 | storeUnregister(http->sc, e, http); | |
1480 | http->sc = NULL; | |
1481 | storeUnlockObject(e); | |
1482 | /* Note: varyEvalyateMatch updates the request with vary information | |
1483 | * so we only get here once. (it also takes care of cancelling loops) | |
1484 | */ | |
1485 | debug(33, 2) ("clientProcessHit: Vary detected!\n"); | |
1486 | clientProcessRequest(http); | |
1487 | return; | |
1488 | case VARY_CANCEL: | |
1489 | /* varyEvaluateMatch found a object loop. Process as miss */ | |
1490 | debug(33, 1) ("clientProcessHit: Vary object loop!\n"); | |
1491 | memFree(buf, MEM_CLIENT_SOCK_BUF); | |
1492 | clientProcessMiss(http); | |
1493 | return; | |
1494 | } | |
1495 | if (r->method == METHOD_PURGE) { | |
1496 | memFree(buf, MEM_CLIENT_SOCK_BUF); | |
1497 | http->entry = NULL; | |
1498 | storeUnregister(http->sc, e, http); | |
1499 | http->sc = NULL; | |
1500 | storeUnlockObject(e); | |
1501 | clientPurgeRequest(http); | |
1502 | return; | |
1503 | } | |
49d3fcb0 | 1504 | if (checkNegativeHit(e)) { |
1505 | http->log_type = LOG_TCP_NEGATIVE_HIT; | |
1506 | clientSendMoreData(data, buf, size); | |
d657ffad | 1507 | } else if (r->method == METHOD_HEAD) { |
1508 | /* | |
1509 | * RFC 2068 seems to indicate there is no "conditional HEAD" | |
1510 | * request. We cannot validate a cached object for a HEAD | |
1511 | * request, nor can we return 304. | |
1512 | */ | |
1513 | if (e->mem_status == IN_MEMORY) | |
1514 | http->log_type = LOG_TCP_MEM_HIT; | |
1515 | clientSendMoreData(data, buf, size); | |
829a9357 | 1516 | } else if (refreshCheckHTTP(e, r) && !http->flags.internal) { |
5dd13cf3 | 1517 | debug(33, 5) ("clientCacheHit: in refreshCheck() block\n"); |
49d3fcb0 | 1518 | /* |
1519 | * We hold a stale copy; it needs to be validated | |
1520 | */ | |
9689d97c | 1521 | /* |
1522 | * The 'need_validation' flag is used to prevent forwarding | |
1523 | * loops between siblings. If our copy of the object is stale, | |
1524 | * then we should probably only use parents for the validation | |
1525 | * request. Otherwise two siblings could generate a loop if | |
1526 | * both have a stale version of the object. | |
1527 | */ | |
1528 | r->flags.need_validation = 1; | |
0cdcddb9 | 1529 | if (e->lastmod < 0) { |
1530 | /* | |
1c3e77cd | 1531 | * Previous reply didn't have a Last-Modified header, |
1532 | * we cannot revalidate it. | |
1533 | */ | |
1534 | http->log_type = LOG_TCP_MISS; | |
1535 | clientProcessMiss(http); | |
92695e5e | 1536 | } else if (r->flags.nocache) { |
cbe3a719 | 1537 | /* |
1538 | * This did not match a refresh pattern that overrides no-cache | |
1539 | * we should honour the client no-cache header. | |
1540 | */ | |
1541 | http->log_type = LOG_TCP_CLIENT_REFRESH_MISS; | |
1542 | clientProcessMiss(http); | |
1c3e77cd | 1543 | } else if (r->protocol == PROTO_HTTP) { |
cbe3a719 | 1544 | /* |
1545 | * Object needs to be revalidated | |
1546 | * XXX This could apply to FTP as well, if Last-Modified is known. | |
1547 | */ | |
49d3fcb0 | 1548 | http->log_type = LOG_TCP_REFRESH_MISS; |
1549 | clientProcessExpired(http); | |
1550 | } else { | |
cbe3a719 | 1551 | /* |
1552 | * We don't know how to re-validate other protocols. Handle | |
1553 | * them as if the object has expired. | |
1554 | */ | |
49d3fcb0 | 1555 | http->log_type = LOG_TCP_MISS; |
1556 | clientProcessMiss(http); | |
1557 | } | |
db1cd23c | 1558 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
92695e5e | 1559 | } else if (r->flags.ims) { |
49d3fcb0 | 1560 | /* |
1561 | * Handle If-Modified-Since requests from the client | |
1562 | */ | |
1563 | if (mem->reply->sline.status != HTTP_OK) { | |
1564 | debug(33, 4) ("clientCacheHit: Reply code %d != 200\n", | |
1565 | mem->reply->sline.status); | |
db1cd23c | 1566 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
1ecaa0a0 | 1567 | http->log_type = LOG_TCP_MISS; |
49d3fcb0 | 1568 | clientProcessMiss(http); |
1569 | } else if (modifiedSince(e, http->request)) { | |
815ef411 | 1570 | http->log_type = LOG_TCP_IMS_HIT; |
49d3fcb0 | 1571 | clientSendMoreData(data, buf, size); |
1572 | } else { | |
d20b1cd0 | 1573 | time_t timestamp = e->timestamp; |
49d3fcb0 | 1574 | MemBuf mb = httpPacked304Reply(e->mem_obj->reply); |
1575 | http->log_type = LOG_TCP_IMS_HIT; | |
db1cd23c | 1576 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
06d2839d | 1577 | storeUnregister(http->sc, e, http); |
e1dcf02d | 1578 | http->sc = NULL; |
49d3fcb0 | 1579 | storeUnlockObject(e); |
92695e5e | 1580 | e = clientCreateStoreEntry(http, http->request->method, null_request_flags); |
d20b1cd0 | 1581 | /* |
1582 | * Copy timestamp from the original entry so the 304 | |
1583 | * reply has a meaningful Age: header. | |
1584 | */ | |
1585 | e->timestamp = timestamp; | |
49d3fcb0 | 1586 | http->entry = e; |
9bc73deb | 1587 | httpReplyParse(e->mem_obj->reply, mb.buf, mb.size); |
49d3fcb0 | 1588 | storeAppend(e, mb.buf, mb.size); |
1589 | memBufClean(&mb); | |
1590 | storeComplete(e); | |
1591 | } | |
1592 | } else { | |
1593 | /* | |
1594 | * plain ol' cache hit | |
1595 | */ | |
1596 | if (e->mem_status == IN_MEMORY) | |
1597 | http->log_type = LOG_TCP_MEM_HIT; | |
b540e168 | 1598 | else if (Config.onoff.offline) |
1599 | http->log_type = LOG_TCP_OFFLINE_HIT; | |
49d3fcb0 | 1600 | clientSendMoreData(data, buf, size); |
7a2f978b | 1601 | } |
1602 | } | |
1603 | ||
71540aeb | 1604 | /* put terminating boundary for multiparts */ |
1605 | static void | |
f6308664 | 1606 | clientPackTermBound(String boundary, MemBuf * mb) |
71540aeb | 1607 | { |
1608 | memBufPrintf(mb, "\r\n--%s--\r\n", strBuf(boundary)); | |
32754419 | 1609 | debug(33, 6) ("clientPackTermBound: buf offset: %ld\n", (long int) mb->size); |
71540aeb | 1610 | } |
d192d11f | 1611 | |
aa42ceac | 1612 | /* appends a "part" HTTP header (as in a multi-part/range reply) to the buffer */ |
1613 | static void | |
f6308664 | 1614 | clientPackRangeHdr(const HttpReply * rep, const HttpHdrRangeSpec * spec, String boundary, MemBuf * mb) |
aa42ceac | 1615 | { |
1616 | HttpHeader hdr; | |
1617 | Packer p; | |
1618 | assert(rep); | |
1619 | assert(spec); | |
1620 | ||
1621 | /* put boundary */ | |
1622 | debug(33, 5) ("clientPackRangeHdr: appending boundary: %s\n", strBuf(boundary)); | |
aa42ceac | 1623 | /* rfc2046 requires to _prepend_ boundary with <crlf>! */ |
1624 | memBufPrintf(mb, "\r\n--%s\r\n", strBuf(boundary)); | |
1625 | ||
1626 | /* stuff the header with required entries and pack it */ | |
1627 | httpHeaderInit(&hdr, hoReply); | |
1628 | if (httpHeaderHas(&rep->header, HDR_CONTENT_TYPE)) | |
f6308664 | 1629 | httpHeaderPutStr(&hdr, HDR_CONTENT_TYPE, httpHeaderGetStr(&rep->header, HDR_CONTENT_TYPE)); |
aa42ceac | 1630 | httpHeaderAddContRange(&hdr, *spec, rep->content_length); |
1631 | packerToMemInit(&p, mb); | |
1632 | httpHeaderPackInto(&hdr, &p); | |
1633 | packerClean(&p); | |
1634 | httpHeaderClean(&hdr); | |
1635 | ||
71540aeb | 1636 | /* append <crlf> (we packed a header, not a reply) */ |
aa42ceac | 1637 | memBufPrintf(mb, crlf); |
1638 | } | |
1639 | ||
9bc73deb | 1640 | /* |
1641 | * extracts a "range" from *buf and appends them to mb, updating | |
1642 | * all offsets and such. | |
1643 | */ | |
d192d11f | 1644 | static void |
9bc73deb | 1645 | clientPackRange(clientHttpRequest * http, |
1646 | HttpHdrRangeIter * i, | |
1647 | const char **buf, | |
1648 | ssize_t * size, | |
1649 | MemBuf * mb) | |
d192d11f | 1650 | { |
9bc73deb | 1651 | const ssize_t copy_sz = i->debt_size <= *size ? i->debt_size : *size; |
d192d11f | 1652 | off_t body_off = http->out.offset - i->prefix_size; |
1653 | assert(*size > 0); | |
889b534a | 1654 | assert(i->spec); |
9bc73deb | 1655 | /* |
1656 | * intersection of "have" and "need" ranges must not be empty | |
1657 | */ | |
889b534a | 1658 | assert(body_off < i->spec->offset + i->spec->length); |
1659 | assert(body_off + *size > i->spec->offset); | |
9bc73deb | 1660 | /* |
1661 | * put boundary and headers at the beginning of a range in a | |
1662 | * multi-range | |
1663 | */ | |
889b534a | 1664 | if (http->request->range->specs.count > 1 && i->debt_size == i->spec->length) { |
aa42ceac | 1665 | assert(http->entry->mem_obj); |
1666 | clientPackRangeHdr( | |
f6308664 | 1667 | http->entry->mem_obj->reply, /* original reply */ |
1668 | i->spec, /* current range */ | |
1669 | i->boundary, /* boundary, the same for all */ | |
aa42ceac | 1670 | mb |
f6308664 | 1671 | ); |
d192d11f | 1672 | } |
9bc73deb | 1673 | /* |
1674 | * append content | |
1675 | */ | |
32754419 | 1676 | debug(33, 3) ("clientPackRange: appending %ld bytes\n", (long int) copy_sz); |
d192d11f | 1677 | memBufAppend(mb, *buf, copy_sz); |
9bc73deb | 1678 | /* |
1679 | * update offsets | |
1680 | */ | |
d192d11f | 1681 | *size -= copy_sz; |
1682 | i->debt_size -= copy_sz; | |
1683 | body_off += copy_sz; | |
1684 | *buf += copy_sz; | |
ebb6e9a0 | 1685 | http->out.offset = body_off + i->prefix_size; /* sync */ |
9bc73deb | 1686 | /* |
1687 | * paranoid check | |
1688 | */ | |
d192d11f | 1689 | assert(*size >= 0 && i->debt_size >= 0); |
1690 | } | |
1691 | ||
889b534a | 1692 | /* returns true if there is still data available to pack more ranges |
1693 | * increments iterator "i" | |
1694 | * used by clientPackMoreRanges */ | |
1695 | static int | |
ebb6e9a0 | 1696 | clientCanPackMoreRanges(const clientHttpRequest * http, HttpHdrRangeIter * i, ssize_t size) |
889b534a | 1697 | { |
1698 | /* first update "i" if needed */ | |
1699 | if (!i->debt_size) { | |
1700 | if ((i->spec = httpHdrRangeGetSpec(http->request->range, &i->pos))) | |
1701 | i->debt_size = i->spec->length; | |
1702 | } | |
ebb6e9a0 | 1703 | assert(!i->debt_size == !i->spec); /* paranoid sync condition */ |
889b534a | 1704 | /* continue condition: need_more_data && have_more_data */ |
1705 | return i->spec && size > 0; | |
1706 | } | |
d192d11f | 1707 | |
1708 | /* extracts "ranges" from buf and appends them to mb, updating all offsets and such */ | |
1709 | /* returns true if we need more data */ | |
1710 | static int | |
ebb6e9a0 | 1711 | clientPackMoreRanges(clientHttpRequest * http, const char *buf, ssize_t size, MemBuf * mb) |
d192d11f | 1712 | { |
1713 | HttpHdrRangeIter *i = &http->range_iter; | |
d192d11f | 1714 | /* offset in range specs does not count the prefix of an http msg */ |
1715 | off_t body_off = http->out.offset - i->prefix_size; | |
1716 | assert(size >= 0); | |
9834a631 | 1717 | /* check: reply was parsed and range iterator was initialized */ |
1718 | assert(i->prefix_size > 0); | |
d192d11f | 1719 | /* filter out data according to range specs */ |
889b534a | 1720 | while (clientCanPackMoreRanges(http, i, size)) { |
ebb6e9a0 | 1721 | off_t start; /* offset of still missing data */ |
889b534a | 1722 | assert(i->spec); |
1723 | start = i->spec->offset + i->spec->length - i->debt_size; | |
32754419 | 1724 | debug(33, 3) ("clientPackMoreRanges: in: offset: %ld size: %ld\n", |
1725 | (long int) body_off, (long int) size); | |
1726 | debug(33, 3) ("clientPackMoreRanges: out: start: %ld spec[%ld]: [%ld, %ld), len: %ld debt: %ld\n", | |
1727 | (long int) start, (long int) i->pos, (long int) i->spec->offset, (long int) (i->spec->offset + i->spec->length), (long int) i->spec->length, (long int) i->debt_size); | |
ebb6e9a0 | 1728 | assert(body_off <= start); /* we did not miss it */ |
d192d11f | 1729 | /* skip up to start */ |
1730 | if (body_off + size > start) { | |
1731 | const size_t skip_size = start - body_off; | |
1732 | body_off = start; | |
1733 | size -= skip_size; | |
1734 | buf += skip_size; | |
1735 | } else { | |
1736 | /* has not reached start yet */ | |
1737 | body_off += size; | |
1738 | size = 0; | |
1739 | buf = NULL; | |
1740 | } | |
1741 | /* put next chunk if any */ | |
1742 | if (size) { | |
ebb6e9a0 | 1743 | http->out.offset = body_off + i->prefix_size; /* sync */ |
d192d11f | 1744 | clientPackRange(http, i, &buf, &size, mb); |
ebb6e9a0 | 1745 | body_off = http->out.offset - i->prefix_size; /* sync */ |
d192d11f | 1746 | } |
1747 | } | |
ebb6e9a0 | 1748 | assert(!i->debt_size == !i->spec); /* paranoid sync condition */ |
32754419 | 1749 | debug(33, 3) ("clientPackMoreRanges: buf exhausted: in: offset: %ld size: %ld need_more: %ld\n", |
1750 | (long int) body_off, (long int) size, (long int) i->debt_size); | |
889b534a | 1751 | if (i->debt_size) { |
32754419 | 1752 | debug(33, 3) ("clientPackMoreRanges: need more: spec[%ld]: [%ld, %ld), len: %ld\n", |
1753 | (long int) i->pos, (long int) i->spec->offset, (long int) (i->spec->offset + i->spec->length), (long int) i->spec->length); | |
889b534a | 1754 | /* skip the data we do not need if possible */ |
ebb6e9a0 | 1755 | if (i->debt_size == i->spec->length) /* at the start of the cur. spec */ |
889b534a | 1756 | body_off = i->spec->offset; |
d192d11f | 1757 | else |
889b534a | 1758 | assert(body_off == i->spec->offset + i->spec->length - i->debt_size); |
ebb6e9a0 | 1759 | } else if (http->request->range->specs.count > 1) { |
d192d11f | 1760 | /* put terminating boundary for multiparts */ |
71540aeb | 1761 | clientPackTermBound(i->boundary, mb); |
d192d11f | 1762 | } |
ebb6e9a0 | 1763 | http->out.offset = body_off + i->prefix_size; /* sync */ |
889b534a | 1764 | return i->debt_size > 0; |
d192d11f | 1765 | } |
1766 | ||
0483b991 | 1767 | static int |
32754419 | 1768 | clientReplyBodyTooLarge(HttpReply * rep, ssize_t clen) |
0483b991 | 1769 | { |
a560ee93 | 1770 | if (0 == rep->maxBodySize) |
0483b991 | 1771 | return 0; /* disabled */ |
1772 | if (clen < 0) | |
1773 | return 0; /* unknown */ | |
a560ee93 | 1774 | if (clen > rep->maxBodySize) |
0483b991 | 1775 | return 1; /* too large */ |
1776 | return 0; | |
1777 | } | |
1778 | ||
efd900cb | 1779 | static int |
1780 | clientRequestBodyTooLarge(int clen) | |
1781 | { | |
1782 | if (0 == Config.maxRequestBodySize) | |
1783 | return 0; /* disabled */ | |
1784 | if (clen < 0) | |
1785 | return 0; /* unknown, bug? */ | |
1786 | if (clen > Config.maxRequestBodySize) | |
1787 | return 1; /* too large */ | |
1788 | return 0; | |
1789 | } | |
1790 | ||
ab874fd0 | 1791 | |
1792 | /* Responses with no body will not have a content-type header, | |
1793 | * which breaks the rep_mime_type acl, which | |
1794 | * coincidentally, is the most common acl for reply access lists. | |
1795 | * A better long term fix for this is to allow acl matchs on the various | |
1796 | * status codes, and then supply a default ruleset that puts these | |
1797 | * codes before any user defines access entries. That way the user | |
1798 | * can choose to block these responses where appropriate, but won't get | |
1799 | * mysterious breakages. | |
1800 | */ | |
1801 | static int | |
3d15e2d7 | 1802 | clientAlwaysAllowResponse(http_status sline) |
1803 | { | |
ab874fd0 | 1804 | switch (sline) { |
3d15e2d7 | 1805 | case HTTP_CONTINUE: |
1806 | case HTTP_SWITCHING_PROTOCOLS: | |
1807 | case HTTP_PROCESSING: | |
1808 | case HTTP_NO_CONTENT: | |
1809 | case HTTP_NOT_MODIFIED: | |
1810 | return 1; | |
1811 | /* unreached */ | |
1812 | break; | |
1813 | default: | |
1814 | return 0; | |
ab874fd0 | 1815 | } |
1816 | } | |
1817 | ||
1818 | ||
2246b732 | 1819 | /* |
1820 | * accepts chunk of a http message in buf, parses prefix, filters headers and | |
1821 | * such, writes processed message to the client's socket | |
1822 | */ | |
4c323c5f | 1823 | static void |
7a2f978b | 1824 | clientSendMoreData(void *data, char *buf, ssize_t size) |
1825 | { | |
1826 | clientHttpRequest *http = data; | |
1827 | StoreEntry *entry = http->entry; | |
1828 | ConnStateData *conn = http->conn; | |
1829 | int fd = conn->fd; | |
2246b732 | 1830 | HttpReply *rep = NULL; |
2246b732 | 1831 | const char *body_buf = buf; |
1832 | ssize_t body_size = size; | |
9f086470 | 1833 | MemBuf mb; |
bcd3b08a | 1834 | ssize_t check_size = 0; |
93f9abd0 | 1835 | debug(33, 5) ("clientSendMoreData: %s, %d bytes\n", http->uri, (int) size); |
cc27d775 | 1836 | assert(size <= CLIENT_SOCK_SZ); |
40defb17 | 1837 | assert(http->request != NULL); |
0f1bc304 | 1838 | dlinkDelete(&http->active, &ClientActiveRequests); |
1839 | dlinkAdd(http, &http->active, &ClientActiveRequests); | |
32754419 | 1840 | debug(33, 5) ("clientSendMoreData: FD %d '%s', out.offset=%ld \n", |
1841 | fd, storeUrl(entry), (long int) http->out.offset); | |
7a2f978b | 1842 | if (conn->chr != http) { |
1843 | /* there is another object in progress, defer this one */ | |
aebbcd07 | 1844 | debug(33, 1) ("clientSendMoreData: Deferring %s\n", storeUrl(entry)); |
db1cd23c | 1845 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
7a2f978b | 1846 | return; |
b7fe0ab0 | 1847 | } else if (entry && EBIT_TEST(entry->flags, ENTRY_ABORTED)) { |
d6e928c9 | 1848 | /* call clientWriteComplete so the client socket gets closed */ |
1849 | clientWriteComplete(fd, NULL, 0, COMM_OK, http); | |
db1cd23c | 1850 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
7a2f978b | 1851 | return; |
1852 | } else if (size < 0) { | |
d6e928c9 | 1853 | /* call clientWriteComplete so the client socket gets closed */ |
1854 | clientWriteComplete(fd, NULL, 0, COMM_OK, http); | |
db1cd23c | 1855 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
7a2f978b | 1856 | return; |
1857 | } else if (size == 0) { | |
d6e928c9 | 1858 | /* call clientWriteComplete so the client socket gets closed */ |
1859 | clientWriteComplete(fd, NULL, 0, COMM_OK, http); | |
db1cd23c | 1860 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
7a2f978b | 1861 | return; |
1862 | } | |
40defb17 | 1863 | if (http->out.offset == 0) { |
7a2f978b | 1864 | if (Config.onoff.log_mime_hdrs) { |
2334c194 | 1865 | size_t k; |
1866 | if ((k = headersEnd(buf, size))) { | |
7a2f978b | 1867 | safe_free(http->al.headers.reply); |
1afe05c5 | 1868 | http->al.headers.reply = xcalloc(k + 1, 1); |
2334c194 | 1869 | xstrncpy(http->al.headers.reply, buf, k); |
7a2f978b | 1870 | } |
1871 | } | |
2246b732 | 1872 | rep = clientBuildReply(http, buf, size); |
a560ee93 | 1873 | if (rep) { |
c4ab8329 | 1874 | aclCheck_t *ch; |
1875 | int rv; | |
a560ee93 | 1876 | httpReplyBodyBuildSize(http->request, rep, &Config.ReplyBodySize); |
1877 | if (clientReplyBodyTooLarge(rep, rep->content_length)) { | |
6fbf8998 | 1878 | ErrorState *err = errorCon(ERR_TOO_BIG, HTTP_FORBIDDEN); |
1879 | err->request = requestLink(http->request); | |
1880 | storeUnregister(http->sc, http->entry, http); | |
1881 | http->sc = NULL; | |
1882 | storeUnlockObject(http->entry); | |
1883 | http->entry = clientCreateStoreEntry(http, http->request->method, | |
a560ee93 | 1884 | null_request_flags); |
6fbf8998 | 1885 | errorAppendEntry(http->entry, err); |
1886 | httpReplyDestroy(rep); | |
1887 | return; | |
a560ee93 | 1888 | } |
3d15e2d7 | 1889 | body_size = size - rep->hdr_sz; |
2246b732 | 1890 | assert(body_size >= 0); |
1f7e91a1 | 1891 | body_buf = buf + rep->hdr_sz; |
d192d11f | 1892 | http->range_iter.prefix_size = rep->hdr_sz; |
2246b732 | 1893 | debug(33, 3) ("clientSendMoreData: Appending %d bytes after %d bytes of headers\n", |
32754419 | 1894 | (int) body_size, rep->hdr_sz); |
c4ab8329 | 1895 | ch = aclChecklistCreate(Config.accessList.reply, http->request, NULL); |
1896 | ch->reply = rep; | |
1897 | rv = aclCheckFast(Config.accessList.reply, ch); | |
1898 | debug(33, 2) ("The reply for %s %s is %s, because it matched '%s'\n", | |
1899 | RequestMethodStr[http->request->method], http->uri, | |
1900 | rv ? "ALLOWED" : "DENIED", | |
1901 | AclMatchedName ? AclMatchedName : "NO ACL's"); | |
3d15e2d7 | 1902 | if (!rv && rep->sline.status != HTTP_FORBIDDEN |
ab874fd0 | 1903 | && !clientAlwaysAllowResponse(rep->sline.status)) { |
1904 | /* the if above is slightly broken, but there is no way | |
1905 | * to tell if this is a squid generated error page, or one from | |
c4ab8329 | 1906 | * upstream at this point. */ |
1907 | ErrorState *err; | |
1908 | err = errorCon(ERR_ACCESS_DENIED, HTTP_FORBIDDEN); | |
1909 | err->request = requestLink(http->request); | |
1910 | storeUnregister(http->sc, http->entry, http); | |
1911 | http->sc = NULL; | |
1912 | storeUnlockObject(http->entry); | |
1913 | http->entry = clientCreateStoreEntry(http, http->request->method, | |
1914 | null_request_flags); | |
1915 | errorAppendEntry(http->entry, err); | |
1916 | httpReplyDestroy(rep); | |
1917 | return; | |
1918 | } | |
1919 | aclChecklistFree(ch); | |
cc27d775 | 1920 | } else if (size < CLIENT_SOCK_SZ && entry->store_status == STORE_PENDING) { |
9f086470 | 1921 | /* wait for more to arrive */ |
06d2839d | 1922 | storeClientCopy(http->sc, entry, |
9f086470 | 1923 | http->out.offset + size, |
1924 | http->out.offset, | |
cc27d775 | 1925 | CLIENT_SOCK_SZ, |
9f086470 | 1926 | buf, |
1927 | clientSendMoreData, | |
1928 | http); | |
1929 | return; | |
7a2f978b | 1930 | } |
d192d11f | 1931 | /* reset range iterator */ |
1932 | http->range_iter.pos = HttpHdrRangeInitPos; | |
f4f278b5 | 1933 | } else if (!http->request->range) { |
1934 | /* Avoid copying to MemBuf for non-range requests */ | |
1935 | /* Note, if we're here, then 'rep' is known to be NULL */ | |
1936 | http->out.offset += body_size; | |
1937 | comm_write(fd, buf, size, clientWriteBodyComplete, http, NULL); | |
1938 | /* NULL because clientWriteBodyComplete frees it */ | |
1939 | return; | |
7a2f978b | 1940 | } |
7a2f978b | 1941 | if (http->request->method == METHOD_HEAD) { |
9f086470 | 1942 | if (rep) { |
1943 | /* do not forward body for HEAD replies */ | |
1944 | body_size = 0; | |
9f086470 | 1945 | http->flags.done_copying = 1; |
1946 | } else { | |
782b5f40 | 1947 | /* |
1948 | * If we are here, then store_status == STORE_OK and it | |
1949 | * seems we have a HEAD repsponse which is missing the | |
1950 | * empty end-of-headers line (home.mira.net, phttpd/0.99.72 | |
1951 | * does this). Because clientBuildReply() fails we just | |
1952 | * call this reply a body, set the done_copying flag and | |
1953 | * continue... | |
1954 | */ | |
1955 | http->flags.done_copying = 1; | |
7a2f978b | 1956 | } |
1957 | } | |
d192d11f | 1958 | /* write headers and/or body if any */ |
1f7e91a1 | 1959 | assert(rep || (body_buf && body_size)); |
9f086470 | 1960 | /* init mb; put status line and headers if any */ |
1961 | if (rep) { | |
1962 | mb = httpReplyPack(rep); | |
bcd3b08a | 1963 | http->out.offset += rep->hdr_sz; |
1964 | check_size += rep->hdr_sz; | |
c3609322 | 1965 | #if HEADERS_LOG |
1966 | headersLog(0, 0, http->request->method, rep); | |
1967 | #endif | |
5e060348 | 1968 | httpReplyDestroy(rep); |
9f086470 | 1969 | rep = NULL; |
1970 | } else { | |
b8890359 | 1971 | memBufDefInit(&mb); |
9f086470 | 1972 | } |
1973 | /* append body if any */ | |
e42d5181 | 1974 | if (http->request->range) { |
1975 | /* Only GET requests should have ranges */ | |
1976 | assert(http->request->method == METHOD_GET); | |
1977 | /* clientPackMoreRanges() updates http->out.offset */ | |
1978 | /* force the end of the transfer if we are done */ | |
1979 | if (!clientPackMoreRanges(http, body_buf, body_size, &mb)) | |
1980 | http->flags.done_copying = 1; | |
1981 | } else if (body_buf && body_size) { | |
1982 | http->out.offset += body_size; | |
1983 | check_size += body_size; | |
1984 | memBufAppend(&mb, body_buf, body_size); | |
2246b732 | 1985 | } |
bbe3cbdc | 1986 | if (!http->request->range && http->request->method == METHOD_GET) |
bcd3b08a | 1987 | assert(check_size == size); |
9f086470 | 1988 | /* write */ |
1989 | comm_write_mbuf(fd, mb, clientWriteComplete, http); | |
2246b732 | 1990 | /* if we don't do it, who will? */ |
db1cd23c | 1991 | memFree(buf, MEM_CLIENT_SOCK_BUF); |
7a2f978b | 1992 | } |
1993 | ||
f4f278b5 | 1994 | /* |
1995 | * clientWriteBodyComplete is called for MEM_CLIENT_SOCK_BUF's | |
1996 | * written directly to the client socket, versus copying to a MemBuf | |
1997 | * and going through comm_write_mbuf. Most non-range responses after | |
1998 | * the headers probably go through here. | |
1999 | */ | |
2000 | static void | |
2001 | clientWriteBodyComplete(int fd, char *buf, size_t size, int errflag, void *data) | |
2002 | { | |
2003 | /* | |
2004 | * NOTE: clientWriteComplete doesn't currently use its "buf" | |
2005 | * (second) argument, so we pass in NULL. | |
2006 | */ | |
2007 | clientWriteComplete(fd, NULL, size, errflag, data); | |
2008 | memFree(buf, MEM_CLIENT_SOCK_BUF); | |
2009 | } | |
2010 | ||
21f2031d | 2011 | static void |
1a92a1e2 | 2012 | clientKeepaliveNextRequest(clientHttpRequest * http) |
2013 | { | |
2014 | ConnStateData *conn = http->conn; | |
2015 | StoreEntry *entry; | |
ebb6e9a0 | 2016 | debug(33, 3) ("clientKeepaliveNextRequest: FD %d\n", conn->fd); |
1a92a1e2 | 2017 | conn->defer.until = 0; /* Kick it to read a new request */ |
2018 | httpRequestFree(http); | |
21f2031d | 2019 | if ((http = conn->chr) == NULL) { |
2020 | debug(33, 5) ("clientKeepaliveNextRequest: FD %d reading next req\n", | |
2021 | conn->fd); | |
94439e4e | 2022 | fd_note(conn->fd, "Waiting for next request"); |
21f2031d | 2023 | /* |
2024 | * Set the timeout BEFORE calling clientReadRequest(). | |
2025 | */ | |
049d61bb | 2026 | commSetTimeout(conn->fd, Config.Timeout.persistent_request, requestTimeout, conn); |
7f6ffd15 | 2027 | /* |
2028 | * CYGWIN has a problem and is blocking on read() requests when there | |
2029 | * is no data present. | |
2030 | * This hack may hit performance a little, but it's better than | |
2031 | * blocking!. | |
2032 | */ | |
b05490a8 | 2033 | #ifdef _SQUID_CYGWIN_ |
7f6ffd15 | 2034 | commSetSelect(conn->fd, COMM_SELECT_READ, clientReadRequest, conn, 0); |
b05490a8 | 2035 | #else |
21f2031d | 2036 | clientReadRequest(conn->fd, conn); /* Read next request */ |
b05490a8 | 2037 | #endif |
21f2031d | 2038 | /* |
2039 | * Note, the FD may be closed at this point. | |
2040 | */ | |
2041 | } else if ((entry = http->entry) == NULL) { | |
2042 | /* | |
2043 | * this request is in progress, maybe doing an ACL or a redirect, | |
2044 | * execution will resume after the operation completes. | |
2045 | */ | |
2046 | } else { | |
1a92a1e2 | 2047 | debug(33, 1) ("clientKeepaliveNextRequest: FD %d Sending next\n", |
2048 | conn->fd); | |
7ddc902f | 2049 | assert(entry); |
06d2839d | 2050 | if (0 == storeClientCopyPending(http->sc, entry, http)) { |
b7fe0ab0 | 2051 | if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) |
2052 | debug(33, 0) ("clientKeepaliveNextRequest: ENTRY_ABORTED\n"); | |
06d2839d | 2053 | storeClientCopy(http->sc, entry, |
1a92a1e2 | 2054 | http->out.offset, |
2055 | http->out.offset, | |
cc27d775 | 2056 | CLIENT_SOCK_SZ, |
2057 | memAllocate(MEM_CLIENT_SOCK_BUF), | |
1a92a1e2 | 2058 | clientSendMoreData, |
2059 | http); | |
2060 | } | |
1a92a1e2 | 2061 | } |
2062 | } | |
2063 | ||
fc5d6f7f | 2064 | static void |
79a15e0a | 2065 | clientWriteComplete(int fd, char *bufnotused, size_t size, int errflag, void *data) |
7a2f978b | 2066 | { |
2067 | clientHttpRequest *http = data; | |
7a2f978b | 2068 | StoreEntry *entry = http->entry; |
b34ed725 | 2069 | int done; |
7a2f978b | 2070 | http->out.size += size; |
32754419 | 2071 | debug(33, 5) ("clientWriteComplete: FD %d, sz %ld, err %d, off %ld, len %d\n", |
2072 | fd, (long int) size, errflag, (long int) http->out.offset, entry ? objectLen(entry) : 0); | |
d8b83480 | 2073 | if (size > 0) { |
83704487 | 2074 | kb_incr(&statCounter.client_http.kbytes_out, size); |
ea285003 | 2075 | if (isTcpHit(http->log_type)) |
83704487 | 2076 | kb_incr(&statCounter.client_http.hit_kbytes_out, size); |
d8b83480 | 2077 | } |
7a2f978b | 2078 | if (errflag) { |
e55650e3 | 2079 | /* |
2080 | * just close the socket, httpRequestFree will abort if needed | |
2081 | */ | |
7a2f978b | 2082 | comm_close(fd); |
fdfc0d63 | 2083 | } else if (NULL == entry) { |
2084 | comm_close(fd); /* yuk */ | |
b7fe0ab0 | 2085 | } else if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) { |
7a2f978b | 2086 | comm_close(fd); |
a200bbd2 | 2087 | } else if ((done = clientCheckTransferDone(http)) != 0 || size == 0) { |
93f9abd0 | 2088 | debug(33, 5) ("clientWriteComplete: FD %d transfer is DONE\n", fd); |
7a2f978b | 2089 | /* We're finished case */ |
efd900cb | 2090 | if (httpReplyBodySize(http->request->method, entry->mem_obj->reply) < 0) { |
ebb6e9a0 | 2091 | debug(33, 5) ("clientWriteComplete: closing, content_length < 0\n"); |
c07aed63 | 2092 | comm_close(fd); |
2093 | } else if (!done) { | |
ebb6e9a0 | 2094 | debug(33, 5) ("clientWriteComplete: closing, !done\n"); |
c07aed63 | 2095 | comm_close(fd); |
80980266 | 2096 | } else if (clientGotNotEnough(http)) { |
2097 | debug(33, 5) ("clientWriteComplete: client didn't get all it expected\n"); | |
7a2f978b | 2098 | comm_close(fd); |
92695e5e | 2099 | } else if (http->request->flags.proxy_keepalive) { |
93f9abd0 | 2100 | debug(33, 5) ("clientWriteComplete: FD %d Keeping Alive\n", fd); |
1a92a1e2 | 2101 | clientKeepaliveNextRequest(http); |
7a2f978b | 2102 | } else { |
2103 | comm_close(fd); | |
2104 | } | |
32754419 | 2105 | } else if (clientReplyBodyTooLarge(entry->mem_obj->reply, http->out.offset)) { |
0483b991 | 2106 | comm_close(fd); |
7a2f978b | 2107 | } else { |
2108 | /* More data will be coming from primary server; register with | |
2109 | * storage manager. */ | |
b7fe0ab0 | 2110 | if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) |
2111 | debug(33, 0) ("clientWriteComplete 2: ENTRY_ABORTED\n"); | |
06d2839d | 2112 | storeClientCopy(http->sc, entry, |
7a2f978b | 2113 | http->out.offset, |
2114 | http->out.offset, | |
cc27d775 | 2115 | CLIENT_SOCK_SZ, |
2116 | memAllocate(MEM_CLIENT_SOCK_BUF), | |
7a2f978b | 2117 | clientSendMoreData, |
2118 | http); | |
2119 | } | |
2120 | } | |
2121 | ||
038eb4ed | 2122 | /* |
99edd1c3 | 2123 | * client issued a request with an only-if-cached cache-control directive; |
038eb4ed | 2124 | * we did not find a cached object that can be returned without |
99edd1c3 | 2125 | * contacting other servers; |
038eb4ed | 2126 | * respond with a 504 (Gateway Timeout) as suggested in [RFC 2068] |
2127 | */ | |
2128 | static void | |
2129 | clientProcessOnlyIfCachedMiss(clientHttpRequest * http) | |
2130 | { | |
2131 | char *url = http->uri; | |
2132 | request_t *r = http->request; | |
2133 | ErrorState *err = NULL; | |
2134 | debug(33, 4) ("clientProcessOnlyIfCachedMiss: '%s %s'\n", | |
2135 | RequestMethodStr[r->method], url); | |
038eb4ed | 2136 | http->al.http.code = HTTP_GATEWAY_TIMEOUT; |
2137 | err = errorCon(ERR_ONLY_IF_CACHED_MISS, HTTP_GATEWAY_TIMEOUT); | |
2138 | err->request = requestLink(r); | |
2139 | err->src_addr = http->conn->peer.sin_addr; | |
d173c77d | 2140 | if (http->entry) { |
06d2839d | 2141 | storeUnregister(http->sc, http->entry, http); |
e1dcf02d | 2142 | http->sc = NULL; |
d173c77d | 2143 | storeUnlockObject(http->entry); |
2144 | } | |
92695e5e | 2145 | http->entry = clientCreateStoreEntry(http, r->method, null_request_flags); |
038eb4ed | 2146 | errorAppendEntry(http->entry, err); |
2147 | } | |
2148 | ||
cd7a423d | 2149 | /* |
7b1e21ff | 2150 | * Return true if we should force a cache miss on this range request. |
2151 | * entry must be non-NULL. | |
cd7a423d | 2152 | */ |
2153 | static int | |
7b1e21ff | 2154 | clientCheckRangeForceMiss(StoreEntry * entry, HttpHdrRange * range) |
cd7a423d | 2155 | { |
cd7a423d | 2156 | /* |
7b1e21ff | 2157 | * If the range_offset_limit is NOT in effect, there |
2158 | * is no reason to force a miss. | |
cd7a423d | 2159 | */ |
7b1e21ff | 2160 | if (0 == httpHdrRangeOffsetLimit(range)) |
cd7a423d | 2161 | return 0; |
2162 | /* | |
7b1e21ff | 2163 | * Here, we know it's possibly a hit. If we already have the |
cd7a423d | 2164 | * whole object cached, we won't force a miss. |
2165 | */ | |
2166 | if (STORE_OK == entry->store_status) | |
2167 | return 0; /* we have the whole object */ | |
2168 | /* | |
2169 | * Now we have a hit on a PENDING object. We need to see | |
2170 | * if the part we want is already cached. If so, we don't | |
2171 | * force a miss. | |
2172 | */ | |
2173 | assert(NULL != entry->mem_obj); | |
7b1e21ff | 2174 | if (httpHdrRangeFirstOffset(range) <= entry->mem_obj->inmem_hi) |
cd7a423d | 2175 | return 0; |
2176 | /* | |
2177 | * Even though we have a PENDING copy of the object, we | |
2178 | * don't want to wait to reach the first range offset, | |
2179 | * so we force a miss for a new range request to the | |
2180 | * origin. | |
2181 | */ | |
2182 | return 1; | |
2183 | } | |
2184 | ||
50ddd7a4 | 2185 | static log_type |
2186 | clientProcessRequest2(clientHttpRequest * http) | |
2187 | { | |
1b95ce49 | 2188 | request_t *r = http->request; |
50ddd7a4 | 2189 | StoreEntry *e; |
d08a99eb | 2190 | if (r->flags.cachable) |
2191 | e = http->entry = storeGetPublicByRequest(r); | |
2192 | else | |
2193 | e = http->entry = NULL; | |
afc1e43f | 2194 | /* Release negatively cached IP-cache entries on reload */ |
2195 | if (r->flags.nocache) | |
ecc3091b | 2196 | ipcacheInvalidate(r->host); |
afc1e43f | 2197 | #if HTTP_VIOLATIONS |
2198 | else if (r->flags.nocache_hack) | |
ecc3091b | 2199 | ipcacheInvalidate(r->host); |
afc1e43f | 2200 | #endif |
6cfa8966 | 2201 | #if USE_CACHE_DIGESTS |
57b1ff70 | 2202 | http->lookup_type = e ? "HIT" : "MISS"; |
1ca847dd | 2203 | #endif |
49d3fcb0 | 2204 | if (NULL == e) { |
50ddd7a4 | 2205 | /* this object isn't in the cache */ |
ac18f51a | 2206 | debug(33, 3) ("clientProcessRequest2: storeGet() MISS\n"); |
50ddd7a4 | 2207 | return LOG_TCP_MISS; |
d87ebd78 | 2208 | } |
2209 | if (Config.onoff.offline) { | |
ac18f51a | 2210 | debug(33, 3) ("clientProcessRequest2: offline HIT\n"); |
b540e168 | 2211 | http->entry = e; |
2212 | return LOG_TCP_HIT; | |
d87ebd78 | 2213 | } |
40fd4e8d | 2214 | if (http->redirect.status) { |
2215 | /* force this to be a miss */ | |
2216 | http->entry = NULL; | |
2217 | return LOG_TCP_MISS; | |
2218 | } | |
d87ebd78 | 2219 | if (!storeEntryValidToSend(e)) { |
ac18f51a | 2220 | debug(33, 3) ("clientProcessRequest2: !storeEntryValidToSend MISS\n"); |
50ddd7a4 | 2221 | http->entry = NULL; |
2222 | return LOG_TCP_MISS; | |
41587298 | 2223 | } |
2224 | if (EBIT_TEST(e->flags, ENTRY_SPECIAL)) { | |
abe471ef | 2225 | /* Special entries are always hits, no matter what the client says */ |
ac18f51a | 2226 | debug(33, 3) ("clientProcessRequest2: ENTRY_SPECIAL HIT\n"); |
abe471ef | 2227 | http->entry = e; |
2228 | return LOG_TCP_HIT; | |
41587298 | 2229 | } |
9f60cfdf | 2230 | #if HTTP_VIOLATIONS |
92b74dd5 | 2231 | if (e->store_status == STORE_PENDING) { |
2232 | if (r->flags.nocache || r->flags.nocache_hack) { | |
2233 | debug(33, 3) ("Clearing no-cache for STORE_PENDING request\n\t%s\n", | |
2234 | storeUrl(e)); | |
2235 | r->flags.nocache = 0; | |
2236 | r->flags.nocache_hack = 0; | |
2237 | } | |
1b95ce49 | 2238 | } |
9f60cfdf | 2239 | #endif |
41587298 | 2240 | if (r->flags.nocache) { |
ac18f51a | 2241 | debug(33, 3) ("clientProcessRequest2: no-cache REFRESH MISS\n"); |
50ddd7a4 | 2242 | http->entry = NULL; |
ee1679df | 2243 | return LOG_TCP_CLIENT_REFRESH_MISS; |
7ddc902f | 2244 | } |
60b8e0e5 | 2245 | if (NULL == r->range) { |
2246 | (void) 0; | |
2247 | } else if (httpHdrRangeWillBeComplex(r->range)) { | |
7ddc902f | 2248 | /* |
2249 | * Some clients break if we return "200 OK" for a Range | |
2250 | * request. We would have to return "200 OK" for a _complex_ | |
2251 | * Range request that is also a HIT. Thus, let's prevent HITs | |
2252 | * on complex Range requests | |
2253 | */ | |
ac18f51a | 2254 | debug(33, 3) ("clientProcessRequest2: complex range MISS\n"); |
5d679edb | 2255 | http->entry = NULL; |
cd7a423d | 2256 | return LOG_TCP_MISS; |
7b1e21ff | 2257 | } else if (clientCheckRangeForceMiss(e, r->range)) { |
2a4506f1 | 2258 | debug(33, 3) ("clientProcessRequest2: forcing miss due to range_offset_limit\n"); |
cd7a423d | 2259 | http->entry = NULL; |
5d679edb | 2260 | return LOG_TCP_MISS; |
50ddd7a4 | 2261 | } |
ac18f51a | 2262 | debug(33, 3) ("clientProcessRequest2: default HIT\n"); |
41587298 | 2263 | http->entry = e; |
2264 | return LOG_TCP_HIT; | |
50ddd7a4 | 2265 | } |
2266 | ||
4c323c5f | 2267 | static void |
fb63215a | 2268 | clientProcessRequest(clientHttpRequest * http) |
7a2f978b | 2269 | { |
23d92c64 | 2270 | char *url = http->uri; |
50ddd7a4 | 2271 | request_t *r = http->request; |
fb63215a | 2272 | int fd = http->conn->fd; |
1bea1d83 | 2273 | HttpReply *rep; |
ccf44862 | 2274 | http_version_t version; |
93f9abd0 | 2275 | debug(33, 4) ("clientProcessRequest: %s '%s'\n", |
50ddd7a4 | 2276 | RequestMethodStr[r->method], |
7a2f978b | 2277 | url); |
fb63215a | 2278 | if (r->method == METHOD_CONNECT) { |
7a2f978b | 2279 | http->log_type = LOG_TCP_MISS; |
974ba0ee | 2280 | sslStart(fd, url, r, &http->out.size, &http->al.http.code); |
ea0efb98 | 2281 | return; |
fb63215a | 2282 | } else if (r->method == METHOD_PURGE) { |
ea0efb98 | 2283 | clientPurgeRequest(http); |
2284 | return; | |
fb63215a | 2285 | } else if (r->method == METHOD_TRACE) { |
50ddd7a4 | 2286 | if (r->max_forwards == 0) { |
92695e5e | 2287 | http->entry = clientCreateStoreEntry(http, r->method, null_request_flags); |
b17b22eb | 2288 | storeReleaseRequest(http->entry); |
2289 | storeBuffer(http->entry); | |
1bea1d83 | 2290 | rep = httpReplyCreate(); |
bffee5af | 2291 | httpBuildVersion(&version, 1, 0); |
ccf44862 | 2292 | httpReplySetHeaders(rep, version, HTTP_OK, NULL, "text/plain", |
2246b732 | 2293 | httpRequestPrefixLen(r), 0, squid_curtime); |
1bea1d83 | 2294 | httpReplySwapOut(rep, http->entry); |
2295 | httpReplyDestroy(rep); | |
2246b732 | 2296 | httpRequestSwapOut(r, http->entry); |
b17b22eb | 2297 | storeComplete(http->entry); |
7a2f978b | 2298 | return; |
2299 | } | |
2300 | /* yes, continue */ | |
6addbd81 | 2301 | http->log_type = LOG_TCP_MISS; |
31be8b80 | 2302 | } else { |
efb9218c | 2303 | http->log_type = clientProcessRequest2(http); |
7a2f978b | 2304 | } |
93f9abd0 | 2305 | debug(33, 4) ("clientProcessRequest: %s for '%s'\n", |
7a2f978b | 2306 | log_tags[http->log_type], |
23d92c64 | 2307 | http->uri); |
7a2f978b | 2308 | http->out.offset = 0; |
49d3fcb0 | 2309 | if (NULL != http->entry) { |
2310 | storeLockObject(http->entry); | |
2311 | storeCreateMemObject(http->entry, http->uri, http->log_uri); | |
2391a162 | 2312 | http->entry->mem_obj->method = r->method; |
06d2839d | 2313 | http->sc = storeClientListAdd(http->entry, http); |
447e176b | 2314 | #if DELAY_POOLS |
b2585f7e | 2315 | delaySetStoreClient(http->sc, delayClient(r)); |
2b906e48 | 2316 | #endif |
06d2839d | 2317 | storeClientCopy(http->sc, http->entry, |
7a2f978b | 2318 | http->out.offset, |
2319 | http->out.offset, | |
cc27d775 | 2320 | CLIENT_SOCK_SZ, |
2321 | memAllocate(MEM_CLIENT_SOCK_BUF), | |
7a2f978b | 2322 | clientCacheHit, |
2323 | http); | |
49d3fcb0 | 2324 | } else { |
05f18bd0 | 2325 | /* MISS CASE, http->log_type is already set! */ |
fb63215a | 2326 | clientProcessMiss(http); |
7a2f978b | 2327 | } |
2328 | } | |
2329 | ||
2330 | /* | |
2331 | * Prepare to fetch the object as it's a cache miss of some kind. | |
2332 | */ | |
2333 | static void | |
fb63215a | 2334 | clientProcessMiss(clientHttpRequest * http) |
7a2f978b | 2335 | { |
23d92c64 | 2336 | char *url = http->uri; |
f44af445 | 2337 | request_t *r = http->request; |
7a2f978b | 2338 | ErrorState *err = NULL; |
93f9abd0 | 2339 | debug(33, 4) ("clientProcessMiss: '%s %s'\n", |
f44af445 | 2340 | RequestMethodStr[r->method], url); |
79e0dc20 | 2341 | /* |
2342 | * We might have a left-over StoreEntry from a failed cache hit | |
2343 | * or IMS request. | |
2344 | */ | |
2345 | if (http->entry) { | |
d20b1cd0 | 2346 | if (EBIT_TEST(http->entry->flags, ENTRY_SPECIAL)) { |
12784378 | 2347 | debug(33, 0) ("clientProcessMiss: miss on a special object (%s).\n", url); |
d20b1cd0 | 2348 | debug(33, 0) ("\tlog_type = %s\n", log_tags[http->log_type]); |
2349 | storeEntryDump(http->entry, 1); | |
2350 | } | |
06d2839d | 2351 | storeUnregister(http->sc, http->entry, http); |
e1dcf02d | 2352 | http->sc = NULL; |
79e0dc20 | 2353 | storeUnlockObject(http->entry); |
2354 | http->entry = NULL; | |
2355 | } | |
f66a9ef4 | 2356 | if (r->method == METHOD_PURGE) { |
2357 | clientPurgeRequest(http); | |
2358 | return; | |
2359 | } | |
7c1d4010 | 2360 | if (clientOnlyIfCached(http)) { |
2361 | clientProcessOnlyIfCachedMiss(http); | |
2362 | return; | |
2363 | } | |
9330543e | 2364 | /* |
2365 | * Deny loops when running in accelerator/transproxy mode. | |
2366 | */ | |
92695e5e | 2367 | if (http->flags.accel && r->flags.loopdetect) { |
9330543e | 2368 | http->al.http.code = HTTP_FORBIDDEN; |
2369 | err = errorCon(ERR_ACCESS_DENIED, HTTP_FORBIDDEN); | |
2370 | err->request = requestLink(r); | |
2371 | err->src_addr = http->conn->peer.sin_addr; | |
92695e5e | 2372 | http->entry = clientCreateStoreEntry(http, r->method, null_request_flags); |
9330543e | 2373 | errorAppendEntry(http->entry, err); |
2374 | return; | |
2375 | } | |
79e0dc20 | 2376 | assert(http->out.offset == 0); |
f44af445 | 2377 | http->entry = clientCreateStoreEntry(http, r->method, r->flags); |
6d38ef86 | 2378 | if (http->redirect.status) { |
2379 | HttpReply *rep = httpReplyCreate(); | |
efd900cb | 2380 | #if LOG_TCP_REDIRECTS |
2381 | http->log_type = LOG_TCP_REDIRECT; | |
2382 | #endif | |
6d38ef86 | 2383 | storeReleaseRequest(http->entry); |
2384 | httpRedirectReply(rep, http->redirect.status, http->redirect.location); | |
2385 | httpReplySwapOut(rep, http->entry); | |
2386 | httpReplyDestroy(rep); | |
2387 | storeComplete(http->entry); | |
2388 | return; | |
2389 | } | |
1da5651f | 2390 | if (http->flags.internal) |
2391 | r->protocol = PROTO_INTERNAL; | |
7e3ce7b9 | 2392 | fwdStart(http->conn->fd, http->entry, r); |
7a2f978b | 2393 | } |
2394 | ||
99edd1c3 | 2395 | static clientHttpRequest * |
2396 | parseHttpRequestAbort(ConnStateData * conn, const char *uri) | |
2397 | { | |
28c60158 | 2398 | clientHttpRequest *http; |
72711e31 | 2399 | http = cbdataAlloc(clientHttpRequest); |
99edd1c3 | 2400 | http->conn = conn; |
2401 | http->start = current_time; | |
2402 | http->req_sz = conn->in.offset; | |
2403 | http->uri = xstrdup(uri); | |
c68e9c6b | 2404 | http->log_uri = xstrndup(uri, MAX_URL); |
d192d11f | 2405 | http->range_iter.boundary = StringNull; |
0f1bc304 | 2406 | dlinkAdd(http, &http->active, &ClientActiveRequests); |
99edd1c3 | 2407 | return http; |
2408 | } | |
2409 | ||
7a2f978b | 2410 | /* |
2411 | * parseHttpRequest() | |
2412 | * | |
2413 | * Returns | |
2414 | * NULL on error or incomplete request | |
2415 | * a clientHttpRequest structure on success | |
2416 | */ | |
2417 | static clientHttpRequest * | |
2418 | parseHttpRequest(ConnStateData * conn, method_t * method_p, int *status, | |
ea285003 | 2419 | char **prefix_p, size_t * req_line_sz_p) |
7a2f978b | 2420 | { |
2421 | char *inbuf = NULL; | |
2422 | char *mstr = NULL; | |
2423 | char *url = NULL; | |
2424 | char *req_hdr = NULL; | |
ccf44862 | 2425 | http_version_t http_ver; |
7a2f978b | 2426 | char *token = NULL; |
2427 | char *t = NULL; | |
2334c194 | 2428 | char *end; |
7a2f978b | 2429 | size_t header_sz; /* size of headers, not including first line */ |
ea285003 | 2430 | size_t prefix_sz; /* size of whole request (req-line + headers) */ |
7a2f978b | 2431 | size_t url_sz; |
c68e9c6b | 2432 | size_t req_sz; |
7a2f978b | 2433 | method_t method; |
2434 | clientHttpRequest *http = NULL; | |
5cafc1d6 | 2435 | #if IPF_TRANSPARENT |
2436 | struct natlookup natLookup; | |
2437 | static int natfd = -1; | |
6efce75c | 2438 | static int siocgnatl_cmd = SIOCGNATL & 0xff; |
2439 | int x; | |
5cafc1d6 | 2440 | #endif |
d852fbad | 2441 | #if LINUX_NETFILTER |
2442 | size_t sock_sz = sizeof(conn->me); | |
2443 | #endif | |
7a2f978b | 2444 | |
6792f0d3 | 2445 | /* pre-set these values to make aborting simpler */ |
2446 | *prefix_p = NULL; | |
2447 | *method_p = METHOD_NONE; | |
2448 | *status = -1; | |
2449 | ||
c68e9c6b | 2450 | if ((req_sz = headersEnd(conn->in.buf, conn->in.offset)) == 0) { |
2451 | debug(33, 5) ("Incomplete request, waiting for end of headers\n"); | |
7a2f978b | 2452 | *status = 0; |
2453 | return NULL; | |
2454 | } | |
c68e9c6b | 2455 | assert(req_sz <= conn->in.offset); |
2456 | /* Use memcpy, not strdup! */ | |
2457 | inbuf = xmalloc(req_sz + 1); | |
2458 | xmemcpy(inbuf, conn->in.buf, req_sz); | |
2459 | *(inbuf + req_sz) = '\0'; | |
7a2f978b | 2460 | |
c68e9c6b | 2461 | /* Barf on NULL characters in the headers */ |
2462 | if (strlen(inbuf) != req_sz) { | |
2463 | debug(33, 1) ("parseHttpRequest: Requestheader contains NULL characters\n"); | |
c797472e | 2464 | xfree(inbuf); |
c68e9c6b | 2465 | return parseHttpRequestAbort(conn, "error:invalid-request"); |
2466 | } | |
7a2f978b | 2467 | /* Look for request method */ |
2468 | if ((mstr = strtok(inbuf, "\t ")) == NULL) { | |
93f9abd0 | 2469 | debug(33, 1) ("parseHttpRequest: Can't get request method\n"); |
c797472e | 2470 | xfree(inbuf); |
99edd1c3 | 2471 | return parseHttpRequestAbort(conn, "error:invalid-request-method"); |
7a2f978b | 2472 | } |
2473 | method = urlParseMethod(mstr); | |
2474 | if (method == METHOD_NONE) { | |
93f9abd0 | 2475 | debug(33, 1) ("parseHttpRequest: Unsupported method '%s'\n", mstr); |
c797472e | 2476 | xfree(inbuf); |
99edd1c3 | 2477 | return parseHttpRequestAbort(conn, "error:unsupported-request-method"); |
7a2f978b | 2478 | } |
93f9abd0 | 2479 | debug(33, 5) ("parseHttpRequest: Method is '%s'\n", mstr); |
3775d53c | 2480 | *method_p = method; |
7a2f978b | 2481 | |
d548ee64 | 2482 | /* look for URL+HTTP/x.x */ |
c68e9c6b | 2483 | if ((url = strtok(NULL, "\n")) == NULL) { |
93f9abd0 | 2484 | debug(33, 1) ("parseHttpRequest: Missing URL\n"); |
c797472e | 2485 | xfree(inbuf); |
99edd1c3 | 2486 | return parseHttpRequestAbort(conn, "error:missing-url"); |
7a2f978b | 2487 | } |
b6a2f15e | 2488 | while (xisspace(*url)) |
c68e9c6b | 2489 | url++; |
d548ee64 | 2490 | t = url + strlen(url); |
2491 | assert(*t == '\0'); | |
2492 | token = NULL; | |
2493 | while (t > url) { | |
2494 | t--; | |
b6a2f15e | 2495 | if (xisspace(*t) && !strncmp(t + 1, "HTTP/", 5)) { |
d548ee64 | 2496 | token = t + 1; |
2497 | break; | |
2498 | } | |
2499 | } | |
b6a2f15e | 2500 | while (t > url && xisspace(*t)) |
d548ee64 | 2501 | *(t--) = '\0'; |
2502 | debug(33, 5) ("parseHttpRequest: URI is '%s'\n", url); | |
2503 | if (token == NULL) { | |
93f9abd0 | 2504 | debug(33, 3) ("parseHttpRequest: Missing HTTP identifier\n"); |
46052490 | 2505 | #if RELAXED_HTTP_PARSER |
bffee5af | 2506 | httpBuildVersion(&http_ver, 0, 9); /* wild guess */ |
46052490 | 2507 | #else |
c797472e | 2508 | xfree(inbuf); |
99edd1c3 | 2509 | return parseHttpRequestAbort(conn, "error:missing-http-ident"); |
7518fce5 | 2510 | #endif |
99edd1c3 | 2511 | } else { |
bffee5af | 2512 | if (sscanf(token + 5, "%d.%d", &http_ver.major, &http_ver.minor) != 2) { |
2513 | debug(33, 3) ("parseHttpRequest: Invalid HTTP identifier.\n"); | |
c797472e | 2514 | xfree(inbuf); |
bffee5af | 2515 | return parseHttpRequestAbort(conn, "error: invalid HTTP-ident"); |
2516 | } | |
2517 | debug(33, 6) ("parseHttpRequest: Client HTTP version %d.%d.\n", http_ver.major, http_ver.minor); | |
99edd1c3 | 2518 | } |
7a2f978b | 2519 | |
c68e9c6b | 2520 | /* |
2521 | * Process headers after request line | |
2522 | */ | |
2523 | req_hdr = strtok(NULL, null_string); | |
2524 | header_sz = req_sz - (req_hdr - inbuf); | |
2334c194 | 2525 | if (0 == header_sz) { |
1a92a1e2 | 2526 | debug(33, 3) ("parseHttpRequest: header_sz == 0\n"); |
7a2f978b | 2527 | *status = 0; |
c797472e | 2528 | xfree(inbuf); |
7a2f978b | 2529 | return NULL; |
2530 | } | |
754b9ce9 | 2531 | assert(header_sz > 0); |
2532 | debug(33, 3) ("parseHttpRequest: req_hdr = {%s}\n", req_hdr); | |
2334c194 | 2533 | end = req_hdr + header_sz; |
04990e2d | 2534 | debug(33, 3) ("parseHttpRequest: end = {%s}\n", end); |
99edd1c3 | 2535 | |
99edd1c3 | 2536 | prefix_sz = end - inbuf; |
2537 | *req_line_sz_p = req_hdr - inbuf; | |
ea285003 | 2538 | debug(33, 3) ("parseHttpRequest: prefix_sz = %d, req_line_sz = %d\n", |
99edd1c3 | 2539 | (int) prefix_sz, (int) *req_line_sz_p); |
2540 | assert(prefix_sz <= conn->in.offset); | |
7a2f978b | 2541 | |
2542 | /* Ok, all headers are received */ | |
72711e31 | 2543 | http = cbdataAlloc(clientHttpRequest); |
7a2f978b | 2544 | http->http_ver = http_ver; |
2545 | http->conn = conn; | |
2546 | http->start = current_time; | |
99edd1c3 | 2547 | http->req_sz = prefix_sz; |
d192d11f | 2548 | http->range_iter.boundary = StringNull; |
99edd1c3 | 2549 | *prefix_p = xmalloc(prefix_sz + 1); |
2550 | xmemcpy(*prefix_p, conn->in.buf, prefix_sz); | |
2551 | *(*prefix_p + prefix_sz) = '\0'; | |
0f1bc304 | 2552 | dlinkAdd(http, &http->active, &ClientActiveRequests); |
7a2f978b | 2553 | |
ea285003 | 2554 | debug(33, 5) ("parseHttpRequest: Request Header is\n%s\n", (*prefix_p) + *req_line_sz_p); |
ba9ebd0a | 2555 | #if THIS_VIOLATES_HTTP_SPECS_ON_URL_TRANSFORMATION |
7a2f978b | 2556 | if ((t = strchr(url, '#'))) /* remove HTML anchors */ |
2557 | *t = '\0'; | |
ba9ebd0a | 2558 | #endif |
7a2f978b | 2559 | |
4162ee3b | 2560 | /* handle internal objects */ |
1da5651f | 2561 | if (internalCheck(url)) { |
4162ee3b | 2562 | /* prepend our name & port */ |
1da5651f | 2563 | http->uri = xstrdup(internalLocalUri(NULL, url)); |
77ed547a | 2564 | http->flags.internal = 1; |
c68e9c6b | 2565 | http->flags.accel = 1; |
4162ee3b | 2566 | } |
7a2f978b | 2567 | /* see if we running in Config2.Accel.on, if so got to convert it to URL */ |
4162ee3b | 2568 | else if (Config2.Accel.on && *url == '/') { |
7a2f978b | 2569 | /* prepend the accel prefix */ |
dbfed404 | 2570 | if (opt_accel_uses_host && (t = mime_get_header(req_hdr, "Host"))) { |
40457767 | 2571 | int vport; |
42b51993 | 2572 | char *q; |
a2c963ae | 2573 | const char *protocol_name = "http"; |
40457767 | 2574 | if (vport_mode) |
2575 | vport = (int) ntohs(http->conn->me.sin_port); | |
2576 | else | |
2577 | vport = (int) Config.Accel.port; | |
7a2f978b | 2578 | /* If a Host: header was specified, use it to build the URL |
2579 | * instead of the one in the Config file. */ | |
2580 | /* | |
2581 | * XXX Use of the Host: header here opens a potential | |
2582 | * security hole. There are no checks that the Host: value | |
2583 | * corresponds to one of your servers. It might, for example, | |
2584 | * refer to www.playboy.com. The 'dst' and/or 'dst_domain' ACL | |
2585 | * types should be used to prevent httpd-accelerators | |
2586 | * handling requests for non-local servers */ | |
42b51993 | 2587 | strtok(t, " /;@"); |
2588 | if ((q = strchr(t, ':'))) { | |
2589 | *q++ = '\0'; | |
40457767 | 2590 | if (vport_mode) |
2591 | vport = atoi(q); | |
42b51993 | 2592 | } |
12fc602c | 2593 | url_sz = strlen(url) + 32 + Config.appendDomainLen + |
2594 | strlen(t); | |
23d92c64 | 2595 | http->uri = xcalloc(url_sz, 1); |
1f7c9178 | 2596 | |
2597 | #if SSL_FORWARDING_NOT_YET_DONE | |
2598 | if (Config.Sockaddr.https->s.sin_port == http->conn->me.sin_port) { | |
2599 | protocol_name = "https"; | |
2600 | vport = ntohs(http->conn->me.sin_port); | |
2601 | } | |
2602 | #endif | |
2603 | snprintf(http->uri, url_sz, "%s://%s:%d%s", | |
2604 | protocol_name, t, vport, url); | |
dbfed404 | 2605 | } else if (vhost_mode) { |
42b51993 | 2606 | int vport; |
dbfed404 | 2607 | /* Put the local socket IP address as the hostname */ |
2608 | url_sz = strlen(url) + 32 + Config.appendDomainLen; | |
2609 | http->uri = xcalloc(url_sz, 1); | |
42b51993 | 2610 | if (vport_mode) |
2611 | vport = (int) ntohs(http->conn->me.sin_port); | |
2612 | else | |
2613 | vport = (int) Config.Accel.port; | |
5cafc1d6 | 2614 | #if IPF_TRANSPARENT |
135171fe | 2615 | natLookup.nl_inport = http->conn->me.sin_port; |
2616 | natLookup.nl_outport = http->conn->peer.sin_port; | |
2617 | natLookup.nl_inip = http->conn->me.sin_addr; | |
2618 | natLookup.nl_outip = http->conn->peer.sin_addr; | |
2619 | natLookup.nl_flags = IPN_TCP; | |
68108ec5 | 2620 | if (natfd < 0) { |
2621 | int save_errno; | |
2622 | enter_suid(); | |
135171fe | 2623 | natfd = open(IPL_NAT, O_RDONLY, 0); |
68108ec5 | 2624 | save_errno = errno; |
2625 | leave_suid(); | |
2626 | errno = save_errno; | |
2627 | } | |
135171fe | 2628 | if (natfd < 0) { |
2629 | debug(50, 1) ("parseHttpRequest: NAT open failed: %s\n", | |
2630 | xstrerror()); | |
c797472e | 2631 | dlinkDelete(&http->active, &ClientActiveRequests); |
2632 | xfree(http->uri); | |
2633 | cbdataFree(http); | |
2634 | xfree(inbuf); | |
ac18f51a | 2635 | return parseHttpRequestAbort(conn, "error:nat-open-failed"); |
5cafc1d6 | 2636 | } |
6efce75c | 2637 | /* |
2638 | * IP-Filter changed the type for SIOCGNATL between | |
2639 | * 3.3 and 3.4. It also changed the cmd value for | |
2640 | * SIOCGNATL, so at least we can detect it. We could | |
2641 | * put something in configure and use ifdefs here, but | |
2642 | * this seems simpler. | |
2643 | */ | |
2644 | if (63 == siocgnatl_cmd) { | |
2645 | struct natlookup *nlp = &natLookup; | |
2646 | x = ioctl(natfd, SIOCGNATL, &nlp); | |
2647 | } else { | |
2648 | x = ioctl(natfd, SIOCGNATL, &natLookup); | |
2649 | } | |
2650 | if (x < 0) { | |
ac18f51a | 2651 | if (errno != ESRCH) { |
2652 | debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL)\n"); | |
2653 | close(natfd); | |
2654 | natfd = -1; | |
c797472e | 2655 | dlinkDelete(&http->active, &ClientActiveRequests); |
2656 | xfree(http->uri); | |
2657 | cbdataFree(http); | |
2658 | xfree(inbuf); | |
ac18f51a | 2659 | return parseHttpRequestAbort(conn, "error:nat-lookup-failed"); |
2660 | } else | |
2661 | snprintf(http->uri, url_sz, "http://%s:%d%s", | |
2662 | inet_ntoa(http->conn->me.sin_addr), | |
42b51993 | 2663 | vport, url); |
52ee8bdd | 2664 | } else { |
2665 | if (vport_mode) | |
2666 | vport = natLookup.nl_realport; | |
2667 | snprintf(http->uri, url_sz, "http://%s:%d%s", | |
2668 | inet_ntoa(natLookup.nl_realip), | |
2669 | vport, url); | |
2670 | } | |
5cafc1d6 | 2671 | #else |
d852fbad | 2672 | #if LINUX_NETFILTER |
f0debecb | 2673 | /* If the call fails the address structure will be unchanged */ |
2674 | getsockopt(conn->fd, SOL_IP, SO_ORIGINAL_DST, &conn->me, &sock_sz); | |
2675 | debug(33, 5) ("parseHttpRequest: addr = %s", inet_ntoa(conn->me.sin_addr)); | |
40457767 | 2676 | if (vport_mode) |
2677 | vport = (int) ntohs(http->conn->me.sin_port); | |
d852fbad | 2678 | #endif |
dbfed404 | 2679 | snprintf(http->uri, url_sz, "http://%s:%d%s", |
2680 | inet_ntoa(http->conn->me.sin_addr), | |
42b51993 | 2681 | vport, url); |
5cafc1d6 | 2682 | #endif |
93f9abd0 | 2683 | debug(33, 5) ("VHOST REWRITE: '%s'\n", http->uri); |
7a2f978b | 2684 | } else { |
2685 | url_sz = strlen(Config2.Accel.prefix) + strlen(url) + | |
2686 | Config.appendDomainLen + 1; | |
23d92c64 | 2687 | http->uri = xcalloc(url_sz, 1); |
2688 | snprintf(http->uri, url_sz, "%s%s", Config2.Accel.prefix, url); | |
7a2f978b | 2689 | } |
77ed547a | 2690 | http->flags.accel = 1; |
7a2f978b | 2691 | } else { |
2692 | /* URL may be rewritten later, so make extra room */ | |
2693 | url_sz = strlen(url) + Config.appendDomainLen + 5; | |
23d92c64 | 2694 | http->uri = xcalloc(url_sz, 1); |
2695 | strcpy(http->uri, url); | |
77ed547a | 2696 | http->flags.accel = 0; |
7a2f978b | 2697 | } |
7e3ce7b9 | 2698 | if (!stringHasCntl(http->uri)) |
c68e9c6b | 2699 | http->log_uri = xstrndup(http->uri, MAX_URL); |
d548ee64 | 2700 | else |
9bc73deb | 2701 | http->log_uri = xstrndup(rfc1738_escape_unescaped(http->uri), MAX_URL); |
93f9abd0 | 2702 | debug(33, 5) ("parseHttpRequest: Complete request received\n"); |
7a2f978b | 2703 | xfree(inbuf); |
7a2f978b | 2704 | *status = 1; |
2705 | return http; | |
2706 | } | |
2707 | ||
2708 | static int | |
79d39a72 | 2709 | clientReadDefer(int fdnotused, void *data) |
7a2f978b | 2710 | { |
2711 | ConnStateData *conn = data; | |
94439e4e | 2712 | if (conn->body.size_left) |
ec7c5e3e | 2713 | return conn->in.offset >= conn->in.size - 1; |
94439e4e | 2714 | else |
2715 | return conn->defer.until > squid_curtime; | |
7a2f978b | 2716 | } |
2717 | ||
2718 | static void | |
2719 | clientReadRequest(int fd, void *data) | |
2720 | { | |
2721 | ConnStateData *conn = data; | |
2722 | int parser_return_code = 0; | |
7a2f978b | 2723 | request_t *request = NULL; |
7a2f978b | 2724 | int size; |
58cd5bbd | 2725 | void *p; |
7a2f978b | 2726 | method_t method; |
2727 | clientHttpRequest *http = NULL; | |
2728 | clientHttpRequest **H = NULL; | |
08e70b8f | 2729 | char *prefix = NULL; |
7a2f978b | 2730 | ErrorState *err = NULL; |
2731 | fde *F = &fd_table[fd]; | |
44db45e8 | 2732 | int len = conn->in.size - conn->in.offset - 1; |
93f9abd0 | 2733 | debug(33, 4) ("clientReadRequest: FD %d: reading request...\n", fd); |
ec7c5e3e | 2734 | commSetSelect(fd, COMM_SELECT_READ, clientReadRequest, conn, 0); |
28ee8ce5 | 2735 | if (len == 0) { |
2736 | /* Grow the request memory area to accomodate for a large request */ | |
2737 | conn->in.size += CLIENT_REQ_BUF_SZ; | |
2738 | if (conn->in.size == 2 * CLIENT_REQ_BUF_SZ) { | |
2739 | p = conn->in.buf; /* get rid of fixed size Pooled buffer */ | |
2740 | conn->in.buf = xcalloc(2, CLIENT_REQ_BUF_SZ); | |
2741 | xmemcpy(conn->in.buf, p, CLIENT_REQ_BUF_SZ); | |
2742 | memFree(p, MEM_CLIENT_REQ_BUF); | |
2743 | } else | |
2744 | conn->in.buf = xrealloc(conn->in.buf, conn->in.size); | |
2745 | /* XXX account conn->in.buf */ | |
2746 | debug(33, 2) ("growing request buffer: offset=%ld size=%ld\n", | |
6fbf8998 | 2747 | (long) conn->in.offset, (long) conn->in.size); |
28ee8ce5 | 2748 | len = conn->in.size - conn->in.offset - 1; |
2749 | } | |
83704487 | 2750 | statCounter.syscalls.sock.reads++; |
1f7c9178 | 2751 | size = FD_READ_METHOD(fd, conn->in.buf + conn->in.offset, len); |
d8b83480 | 2752 | if (size > 0) { |
ea285003 | 2753 | fd_bytes(fd, size, FD_READ); |
83704487 | 2754 | kb_incr(&statCounter.client_http.kbytes_in, size); |
d8b83480 | 2755 | } |
44db45e8 | 2756 | /* |
2757 | * Don't reset the timeout value here. The timeout value will be | |
2758 | * set to Config.Timeout.request by httpAccept() and | |
2759 | * clientWriteComplete(), and should apply to the request as a | |
2760 | * whole, not individual read() calls. Plus, it breaks our | |
2761 | * lame half-close detection | |
2762 | */ | |
94439e4e | 2763 | if (size > 0) { |
2764 | conn->in.offset += size; | |
2765 | conn->in.buf[conn->in.offset] = '\0'; /* Terminate the string */ | |
28ee8ce5 | 2766 | } else if (size == 0) { |
94439e4e | 2767 | if (conn->chr == NULL && conn->in.offset == 0) { |
7a2f978b | 2768 | /* no current or pending requests */ |
94439e4e | 2769 | debug(33, 4) ("clientReadRequest: FD %d closed\n", fd); |
7a2f978b | 2770 | comm_close(fd); |
2771 | return; | |
ea285003 | 2772 | } else if (!Config.onoff.half_closed_clients) { |
2773 | /* admin doesn't want to support half-closed client sockets */ | |
94439e4e | 2774 | debug(33, 3) ("clientReadRequest: FD %d aborted (half_closed_clients disabled)\n", fd); |
ea285003 | 2775 | comm_close(fd); |
2776 | return; | |
7a2f978b | 2777 | } |
2778 | /* It might be half-closed, we can't tell */ | |
93f9abd0 | 2779 | debug(33, 5) ("clientReadRequest: FD %d closed?\n", fd); |
58a6c186 | 2780 | F->flags.socket_eof = 1; |
7a2f978b | 2781 | conn->defer.until = squid_curtime + 1; |
2782 | conn->defer.n++; | |
44db45e8 | 2783 | fd_note(fd, "half-closed"); |
94439e4e | 2784 | /* There is one more close check at the end, to detect aborted |
2785 | * (partial) requests. At this point we can't tell if the request | |
2786 | * is partial. | |
2787 | */ | |
2788 | /* Continue to process previously read data */ | |
7a2f978b | 2789 | } else if (size < 0) { |
6d3caf23 | 2790 | if (!ignoreErrno(errno)) { |
7a2f978b | 2791 | debug(50, 2) ("clientReadRequest: FD %d: %s\n", fd, xstrerror()); |
2792 | comm_close(fd); | |
ebf4efff | 2793 | return; |
47130615 | 2794 | } else if (conn->in.offset == 0) { |
7c1d4010 | 2795 | debug(50, 2) ("clientReadRequest: FD %d: no data to process (%s)\n", fd, xstrerror()); |
7a2f978b | 2796 | } |
ebf4efff | 2797 | /* Continue to process previously read data */ |
7a2f978b | 2798 | } |
94439e4e | 2799 | /* Process request body if any */ |
2800 | if (conn->in.offset > 0 && conn->body.callback != NULL) | |
2801 | clientProcessBody(conn); | |
2802 | /* Process next request */ | |
2803 | while (conn->in.offset > 0 && conn->body.size_left == 0) { | |
ebf4efff | 2804 | int nrequests; |
cff0c749 | 2805 | size_t req_line_sz; |
94439e4e | 2806 | /* Skip leading (and trailing) whitespace */ |
b6a2f15e | 2807 | while (conn->in.offset > 0 && xisspace(conn->in.buf[0])) { |
9a6f98a5 | 2808 | xmemmove(conn->in.buf, conn->in.buf + 1, conn->in.offset - 1); |
2809 | conn->in.offset--; | |
2810 | } | |
2811 | conn->in.buf[conn->in.offset] = '\0'; /* Terminate the string */ | |
2812 | if (conn->in.offset == 0) | |
2813 | break; | |
ebf4efff | 2814 | /* Limit the number of concurrent requests to 2 */ |
2815 | for (H = &conn->chr, nrequests = 0; *H; H = &(*H)->next, nrequests++); | |
3d15e2d7 | 2816 | if (nrequests >= (Config.onoff.pipeline_prefetch ? 2 : 1)) { |
badd8ff0 | 2817 | debug(33, 3) ("clientReadRequest: FD %d max concurrent requests reached\n", fd); |
93f9abd0 | 2818 | debug(33, 5) ("clientReadRequest: FD %d defering new request until one is done\n", fd); |
47130615 | 2819 | conn->defer.until = squid_curtime + 100; /* Reset when a request is complete */ |
ebf4efff | 2820 | break; |
2821 | } | |
94439e4e | 2822 | conn->in.buf[conn->in.offset] = '\0'; /* Terminate the string */ |
2823 | if (nrequests == 0) | |
2824 | fd_note(conn->fd, "Reading next request"); | |
ebf4efff | 2825 | /* Process request */ |
7a2f978b | 2826 | http = parseHttpRequest(conn, |
2827 | &method, | |
2828 | &parser_return_code, | |
99edd1c3 | 2829 | &prefix, |
2830 | &req_line_sz); | |
13f11a4a | 2831 | if (!http) |
2832 | safe_free(prefix); | |
7a2f978b | 2833 | if (http) { |
2834 | assert(http->req_sz > 0); | |
2835 | conn->in.offset -= http->req_sz; | |
2836 | assert(conn->in.offset >= 0); | |
ebb6e9a0 | 2837 | debug(33, 5) ("conn->in.offset = %d\n", (int) conn->in.offset); |
6fa92aa2 | 2838 | /* |
2839 | * If we read past the end of this request, move the remaining | |
2840 | * data to the beginning | |
2841 | */ | |
2842 | if (conn->in.offset > 0) | |
dbfed404 | 2843 | xmemmove(conn->in.buf, conn->in.buf + http->req_sz, conn->in.offset); |
ebf4efff | 2844 | /* add to the client request queue */ |
7a2f978b | 2845 | for (H = &conn->chr; *H; H = &(*H)->next); |
2846 | *H = http; | |
2847 | conn->nrequests++; | |
7ec87701 | 2848 | /* |
2849 | * I wanted to lock 'http' here since its callback data for | |
2850 | * clientLifetimeTimeout(), but there's no logical place to | |
2851 | * cbdataUnlock if the timeout never happens. Maybe its safe | |
2852 | * enough to assume that if the FD is open, and the timeout | |
2853 | * triggers, that 'http' is valid. | |
2854 | */ | |
b5c39993 | 2855 | commSetTimeout(fd, Config.Timeout.lifetime, clientLifetimeTimeout, http); |
3775d53c | 2856 | if (parser_return_code < 0) { |
93f9abd0 | 2857 | debug(33, 1) ("clientReadRequest: FD %d Invalid Request\n", fd); |
3775d53c | 2858 | err = errorCon(ERR_INVALID_REQ, HTTP_BAD_REQUEST); |
2859 | err->request_hdrs = xstrdup(conn->in.buf); | |
92695e5e | 2860 | http->entry = clientCreateStoreEntry(http, method, null_request_flags); |
3775d53c | 2861 | errorAppendEntry(http->entry, err); |
13f11a4a | 2862 | safe_free(prefix); |
3775d53c | 2863 | break; |
2864 | } | |
23d92c64 | 2865 | if ((request = urlParse(method, http->uri)) == NULL) { |
93f9abd0 | 2866 | debug(33, 5) ("Invalid URL: %s\n", http->uri); |
7a2f978b | 2867 | err = errorCon(ERR_INVALID_URL, HTTP_BAD_REQUEST); |
2868 | err->src_addr = conn->peer.sin_addr; | |
23d92c64 | 2869 | err->url = xstrdup(http->uri); |
7a2f978b | 2870 | http->al.http.code = err->http_status; |
92695e5e | 2871 | http->entry = clientCreateStoreEntry(http, method, null_request_flags); |
79e0dc20 | 2872 | errorAppendEntry(http->entry, err); |
99edd1c3 | 2873 | safe_free(prefix); |
7a2f978b | 2874 | break; |
99edd1c3 | 2875 | } else { |
2876 | /* compile headers */ | |
2877 | /* we should skip request line! */ | |
ea285003 | 2878 | if (!httpRequestParseHeader(request, prefix + req_line_sz)) |
99edd1c3 | 2879 | debug(33, 1) ("Failed to parse request headers: %s\n%s\n", |
2880 | http->uri, prefix); | |
2881 | /* continue anyway? */ | |
7a2f978b | 2882 | } |
c68e9c6b | 2883 | request->flags.accelerated = http->flags.accel; |
ba26bca4 | 2884 | if (!http->flags.internal) { |
2885 | if (internalCheck(strBuf(request->urlpath))) { | |
1f38f50a | 2886 | if (internalHostnameIs(request->host) && |
7e3ce7b9 | 2887 | request->port == ntohs(Config.Sockaddr.http->s.sin_port)) { |
b6a2f15e | 2888 | http->flags.internal = 1; |
ba26bca4 | 2889 | } else if (internalStaticCheck(strBuf(request->urlpath))) { |
c68e9c6b | 2890 | xstrncpy(request->host, internalHostname(), SQUIDHOSTNAMELEN); |
7e3ce7b9 | 2891 | request->port = ntohs(Config.Sockaddr.http->s.sin_port); |
5999b776 | 2892 | http->flags.internal = 1; |
ba26bca4 | 2893 | } |
2894 | } | |
2895 | } | |
1f38f50a | 2896 | /* |
2897 | * cache the Content-length value in request_t. | |
2898 | */ | |
2899 | request->content_length = httpHeaderGetInt(&request->header, | |
2900 | HDR_CONTENT_LENGTH); | |
c68e9c6b | 2901 | request->flags.internal = http->flags.internal; |
13f11a4a | 2902 | safe_free(prefix); |
23d92c64 | 2903 | safe_free(http->log_uri); |
2904 | http->log_uri = xstrdup(urlCanonicalClean(request)); | |
7a2f978b | 2905 | request->client_addr = conn->peer.sin_addr; |
3c11d1f5 | 2906 | request->my_addr = conn->me.sin_addr; |
7e3ce7b9 | 2907 | request->my_port = ntohs(conn->me.sin_port); |
7a2f978b | 2908 | request->http_ver = http->http_ver; |
7a2f978b | 2909 | if (!urlCheckRequest(request)) { |
2910 | err = errorCon(ERR_UNSUP_REQ, HTTP_NOT_IMPLEMENTED); | |
2911 | err->src_addr = conn->peer.sin_addr; | |
7a2f978b | 2912 | err->request = requestLink(request); |
df4ba4bf | 2913 | request->flags.proxy_keepalive = 0; |
7a2f978b | 2914 | http->al.http.code = err->http_status; |
92695e5e | 2915 | http->entry = clientCreateStoreEntry(http, request->method, null_request_flags); |
79e0dc20 | 2916 | errorAppendEntry(http->entry, err); |
3775d53c | 2917 | break; |
7a2f978b | 2918 | } |
94439e4e | 2919 | if (!clientCheckContentLength(request)) { |
db93e79c | 2920 | err = errorCon(ERR_INVALID_REQ, HTTP_LENGTH_REQUIRED); |
31be8b80 | 2921 | err->src_addr = conn->peer.sin_addr; |
2922 | err->request = requestLink(request); | |
2923 | http->al.http.code = err->http_status; | |
92695e5e | 2924 | http->entry = clientCreateStoreEntry(http, request->method, null_request_flags); |
31be8b80 | 2925 | errorAppendEntry(http->entry, err); |
2926 | break; | |
2927 | } | |
7a2f978b | 2928 | http->request = requestLink(request); |
c68e9c6b | 2929 | clientSetKeepaliveFlag(http); |
94439e4e | 2930 | /* Do we expect a request-body? */ |
2931 | if (request->content_length > 0) { | |
2932 | conn->body.size_left = request->content_length; | |
2933 | request->body_connection = conn; | |
2934 | /* Is it too large? */ | |
2935 | if (clientRequestBodyTooLarge(request->content_length)) { | |
321e06a6 | 2936 | err = errorCon(ERR_TOO_BIG, HTTP_REQUEST_ENTITY_TOO_LARGE); |
0483b991 | 2937 | err->request = requestLink(request); |
2938 | http->entry = clientCreateStoreEntry(http, | |
2939 | METHOD_NONE, null_request_flags); | |
2940 | errorAppendEntry(http->entry, err); | |
2941 | break; | |
2942 | } | |
7a2f978b | 2943 | } |
2aecf121 | 2944 | clientAccessCheck(http); |
94439e4e | 2945 | continue; /* while offset > 0 && body.size_left == 0 */ |
7a2f978b | 2946 | } else if (parser_return_code == 0) { |
2947 | /* | |
2948 | * Partial request received; reschedule until parseHttpRequest() | |
2949 | * is happy with the input | |
2950 | */ | |
28ee8ce5 | 2951 | if (conn->in.offset >= Config.maxRequestHeaderSize) { |
2952 | /* The request is too large to handle */ | |
2953 | debug(33, 1) ("Request header is too large (%d bytes)\n", | |
2954 | (int) conn->in.offset); | |
32754419 | 2955 | debug(33, 1) ("Config 'request_header_max_size'= %ld bytes.\n", |
2956 | (long int) Config.maxRequestHeaderSize); | |
28ee8ce5 | 2957 | err = errorCon(ERR_TOO_BIG, HTTP_REQUEST_ENTITY_TOO_LARGE); |
2958 | http = parseHttpRequestAbort(conn, "error:request-too-large"); | |
2959 | /* add to the client request queue */ | |
2960 | for (H = &conn->chr; *H; H = &(*H)->next); | |
2961 | *H = http; | |
2962 | http->entry = clientCreateStoreEntry(http, METHOD_NONE, null_request_flags); | |
2963 | errorAppendEntry(http->entry, err); | |
2964 | return; | |
7a2f978b | 2965 | } |
7a2f978b | 2966 | break; |
7a2f978b | 2967 | } |
94439e4e | 2968 | } /* while offset > 0 && conn->body.size_left == 0 */ |
2969 | /* Check if a half-closed connection was aborted in the middle */ | |
2970 | if (F->flags.socket_eof) { | |
2971 | if (conn->in.offset != conn->body.size_left) { /* != 0 when no request body */ | |
2972 | /* Partial request received. Abort client connection! */ | |
28ee8ce5 | 2973 | debug(33, 3) ("clientReadRequest: FD %d aborted, partial request\n", fd); |
94439e4e | 2974 | comm_close(fd); |
2975 | return; | |
2976 | } | |
2977 | } | |
2978 | } | |
2979 | ||
2980 | /* file_read like function, for reading body content */ | |
2981 | void | |
2982 | clientReadBody(request_t * request, char *buf, size_t size, CBCB * callback, void *cbdata) | |
2983 | { | |
2984 | ConnStateData *conn = request->body_connection; | |
2985 | if (!conn) { | |
2986 | debug(33, 5) ("clientReadBody: no body to read, request=%p\n", request); | |
2987 | callback(buf, 0, cbdata); /* Signal end of body */ | |
2988 | return; | |
7a2f978b | 2989 | } |
84f2d773 | 2990 | debug(33, 2) ("clientReadBody: start fd=%d body_size=%lu in.offset=%ld cb=%p req=%p\n", conn->fd, (unsigned long int) conn->body.size_left, (long int) conn->in.offset, callback, request); |
94439e4e | 2991 | conn->body.callback = callback; |
2992 | conn->body.cbdata = cbdata; | |
2993 | conn->body.buf = buf; | |
2994 | conn->body.bufsize = size; | |
2995 | conn->body.request = requestLink(request); | |
28ee8ce5 | 2996 | clientProcessBody(conn); |
94439e4e | 2997 | } |
2998 | ||
2999 | /* Called by clientReadRequest to process body content */ | |
3000 | static void | |
3001 | clientProcessBody(ConnStateData * conn) | |
3002 | { | |
3003 | int size; | |
3004 | char *buf = conn->body.buf; | |
3005 | void *cbdata = conn->body.cbdata; | |
3006 | CBCB *callback = conn->body.callback; | |
3007 | request_t *request = conn->body.request; | |
3008 | /* Note: request is null while eating "aborted" transfers */ | |
84f2d773 | 3009 | debug(33, 2) ("clientProcessBody: start fd=%d body_size=%lu in.offset=%ld cb=%p req=%p\n", conn->fd, (unsigned long int) conn->body.size_left, (long int) conn->in.offset, callback, request); |
28ee8ce5 | 3010 | if (conn->in.offset) { |
3011 | /* Some sanity checks... */ | |
3012 | assert(conn->body.size_left > 0); | |
3013 | assert(conn->in.offset > 0); | |
3014 | assert(callback != NULL); | |
3015 | assert(buf != NULL); | |
3016 | /* How much do we have to process? */ | |
3017 | size = conn->in.offset; | |
3018 | if (size > conn->body.size_left) /* only process the body part */ | |
3019 | size = conn->body.size_left; | |
3020 | if (size > conn->body.bufsize) /* don't copy more than requested */ | |
3021 | size = conn->body.bufsize; | |
3022 | xmemcpy(buf, conn->in.buf, size); | |
3023 | conn->body.size_left -= size; | |
3024 | /* Move any remaining data */ | |
3025 | conn->in.offset -= size; | |
3026 | if (conn->in.offset > 0) | |
3027 | xmemmove(conn->in.buf, conn->in.buf + size, conn->in.offset); | |
3028 | /* Remove request link if this is the last part of the body, as | |
3029 | * clientReadRequest automatically continues to process next request */ | |
3030 | if (conn->body.size_left <= 0 && request != NULL) | |
3031 | request->body_connection = NULL; | |
3032 | /* Remove clientReadBody arguments (the call is completed) */ | |
3033 | conn->body.request = NULL; | |
3034 | conn->body.callback = NULL; | |
3035 | conn->body.buf = NULL; | |
3036 | conn->body.bufsize = 0; | |
3037 | /* Remember that we have touched the body, not restartable */ | |
3038 | if (request != NULL) | |
3039 | request->flags.body_sent = 1; | |
3040 | /* Invoke callback function */ | |
3041 | callback(buf, size, cbdata); | |
3042 | if (request != NULL) | |
3043 | requestUnlink(request); /* Linked in clientReadBody */ | |
84f2d773 | 3044 | debug(33, 2) ("clientProcessBody: end fd=%d size=%d body_size=%lu in.offset=%ld cb=%p req=%p\n", conn->fd, size, (unsigned long int) conn->body.size_left, (long int) conn->in.offset, callback, request); |
28ee8ce5 | 3045 | } |
94439e4e | 3046 | } |
3047 | ||
3048 | /* A dummy handler that throws away a request-body */ | |
3049 | static char bodyAbortBuf[SQUID_TCP_SO_RCVBUF]; | |
2d72d4fd | 3050 | static void |
94439e4e | 3051 | clientReadBodyAbortHandler(char *buf, size_t size, void *data) |
3052 | { | |
3053 | ConnStateData *conn = (ConnStateData *) data; | |
84f2d773 | 3054 | debug(33, 2) ("clientReadBodyAbortHandler: fd=%d body_size=%lu in.offset=%ld\n", conn->fd, (unsigned long int) conn->body.size_left, (long int) conn->in.offset); |
94439e4e | 3055 | if (size != 0 && conn->body.size_left != 0) { |
3056 | debug(33, 3) ("clientReadBodyAbortHandler: fd=%d shedule next read\n", conn->fd); | |
3057 | conn->body.callback = clientReadBodyAbortHandler; | |
3058 | conn->body.buf = bodyAbortBuf; | |
3059 | conn->body.bufsize = sizeof(bodyAbortBuf); | |
3060 | conn->body.cbdata = data; | |
3061 | } | |
3062 | } | |
3063 | ||
3064 | /* Abort a body request */ | |
3065 | int | |
3066 | clientAbortBody(request_t * request) | |
3067 | { | |
3068 | ConnStateData *conn = request->body_connection; | |
3069 | char *buf; | |
3070 | CBCB *callback; | |
3071 | void *cbdata; | |
3072 | request->body_connection = NULL; | |
3073 | if (!conn || conn->body.size_left <= 0) | |
3074 | return 0; /* No body to abort */ | |
3075 | if (conn->body.callback != NULL) { | |
3076 | buf = conn->body.buf; | |
3077 | callback = conn->body.callback; | |
3078 | cbdata = conn->body.cbdata; | |
3079 | assert(request == conn->body.request); | |
3080 | conn->body.buf = NULL; | |
3081 | conn->body.callback = NULL; | |
3082 | conn->body.cbdata = NULL; | |
3083 | conn->body.request = NULL; | |
3084 | callback(buf, -1, cbdata); /* Signal abort to clientReadBody caller */ | |
3085 | requestUnlink(request); | |
3086 | } | |
3087 | clientReadBodyAbortHandler(NULL, -1, conn); /* Install abort handler */ | |
3088 | /* clientProcessBody() */ | |
3089 | return 1; /* Aborted */ | |
7a2f978b | 3090 | } |
3091 | ||
3092 | /* general lifetime handler for HTTP requests */ | |
3093 | static void | |
3094 | requestTimeout(int fd, void *data) | |
3095 | { | |
ad63ceea | 3096 | #if THIS_CONFUSES_PERSISTENT_CONNECTION_AWARE_BROWSERS_AND_USERS |
7a2f978b | 3097 | ConnStateData *conn = data; |
3098 | ErrorState *err; | |
badd8ff0 | 3099 | debug(33, 3) ("requestTimeout: FD %d: lifetime is expired.\n", fd); |
7a2f978b | 3100 | if (fd_table[fd].rwstate) { |
79e0dc20 | 3101 | /* |
3102 | * Some data has been sent to the client, just close the FD | |
3103 | */ | |
7a2f978b | 3104 | comm_close(fd); |
3105 | } else if (conn->nrequests) { | |
79e0dc20 | 3106 | /* |
3107 | * assume its a persistent connection; just close it | |
3108 | */ | |
7a2f978b | 3109 | comm_close(fd); |
3110 | } else { | |
79e0dc20 | 3111 | /* |
3112 | * Generate an error | |
3113 | */ | |
7a2f978b | 3114 | err = errorCon(ERR_LIFETIME_EXP, HTTP_REQUEST_TIMEOUT); |
7a2f978b | 3115 | err->url = xstrdup("N/A"); |
79e0dc20 | 3116 | /* |
3117 | * Normally we shouldn't call errorSend() in client_side.c, but | |
3118 | * it should be okay in this case. Presumably if we get here | |
3119 | * this is the first request for the connection, and no data | |
3120 | * has been written yet | |
3121 | */ | |
3122 | assert(conn->chr == NULL); | |
7a2f978b | 3123 | errorSend(fd, err); |
79e0dc20 | 3124 | /* |
3125 | * if we don't close() here, we still need a timeout handler! | |
3126 | */ | |
7a2f978b | 3127 | commSetTimeout(fd, 30, requestTimeout, conn); |
7e3ce7b9 | 3128 | /* |
3129 | * Aha, but we don't want a read handler! | |
3130 | */ | |
3131 | commSetSelect(fd, COMM_SELECT_READ, NULL, NULL, 0); | |
7a2f978b | 3132 | } |
af57a2e3 | 3133 | #else |
3134 | /* | |
3135 | * Just close the connection to not confuse browsers | |
3136 | * using persistent connections. Some browsers opens | |
3137 | * an connection and then does not use it until much | |
3138 | * later (presumeably because the request triggering | |
3139 | * the open has already been completed on another | |
3140 | * connection) | |
3141 | */ | |
ad63ceea | 3142 | debug(33, 3) ("requestTimeout: FD %d: lifetime is expired.\n", fd); |
af57a2e3 | 3143 | comm_close(fd); |
3144 | #endif | |
7a2f978b | 3145 | } |
3146 | ||
b5c39993 | 3147 | static void |
3148 | clientLifetimeTimeout(int fd, void *data) | |
3149 | { | |
3150 | clientHttpRequest *http = data; | |
7ec87701 | 3151 | ConnStateData *conn = http->conn; |
b5c39993 | 3152 | debug(33, 1) ("WARNING: Closing client %s connection due to lifetime timeout\n", |
3153 | inet_ntoa(conn->peer.sin_addr)); | |
3154 | debug(33, 1) ("\t%s\n", http->uri); | |
3155 | comm_close(fd); | |
3156 | } | |
3157 | ||
ba4f8e5a | 3158 | static int |
d20b1cd0 | 3159 | httpAcceptDefer(int fdunused, void *dataunused) |
7a2f978b | 3160 | { |
3d6629c6 | 3161 | static time_t last_warn = 0; |
3162 | if (fdNFree() >= RESERVED_FD) | |
3163 | return 0; | |
3164 | if (last_warn + 15 < squid_curtime) { | |
3165 | debug(33, 0) ("WARNING! Your cache is running out of filedescriptors\n"); | |
3166 | last_warn = squid_curtime; | |
3167 | } | |
3168 | return 1; | |
7a2f978b | 3169 | } |
3170 | ||
bf8e5903 | 3171 | /* Handle a new connection on HTTP socket. */ |
7a2f978b | 3172 | void |
ba4f8e5a | 3173 | httpAccept(int sock, void *data) |
7a2f978b | 3174 | { |
d193a436 | 3175 | int *N = &incoming_sockets_accepted; |
7a2f978b | 3176 | int fd = -1; |
3177 | ConnStateData *connState = NULL; | |
3178 | struct sockaddr_in peer; | |
3179 | struct sockaddr_in me; | |
309ad3b6 | 3180 | int max = INCOMING_HTTP_MAX; |
3898f57f | 3181 | #if USE_IDENT |
a40699cd | 3182 | static aclCheck_t identChecklist; |
3898f57f | 3183 | #endif |
c411b98a | 3184 | commSetSelect(sock, COMM_SELECT_READ, httpAccept, NULL, 0); |
d20b1cd0 | 3185 | while (max-- && !httpAcceptDefer(sock, NULL)) { |
e2525655 | 3186 | memset(&peer, '\0', sizeof(struct sockaddr_in)); |
3187 | memset(&me, '\0', sizeof(struct sockaddr_in)); | |
e2525655 | 3188 | if ((fd = comm_accept(sock, &peer, &me)) < 0) { |
3189 | if (!ignoreErrno(errno)) | |
eeb423fb | 3190 | debug(50, 1) ("httpAccept: FD %d: accept failure: %s\n", |
e2525655 | 3191 | sock, xstrerror()); |
3192 | break; | |
3193 | } | |
3194 | debug(33, 4) ("httpAccept: FD %d: accepted\n", fd); | |
72711e31 | 3195 | connState = cbdataAlloc(ConnStateData); |
e2525655 | 3196 | connState->peer = peer; |
3197 | connState->log_addr = peer.sin_addr; | |
3198 | connState->log_addr.s_addr &= Config.Addrs.client_netmask.s_addr; | |
3199 | connState->me = me; | |
3200 | connState->fd = fd; | |
58cd5bbd | 3201 | connState->in.size = CLIENT_REQ_BUF_SZ; |
3202 | connState->in.buf = memAllocate(MEM_CLIENT_REQ_BUF); | |
e2525655 | 3203 | /* XXX account connState->in.buf */ |
3204 | comm_add_close_handler(fd, connStateFree, connState); | |
3205 | if (Config.onoff.log_fqdn) | |
3206 | fqdncache_gethostbyaddr(peer.sin_addr, FQDN_LOOKUP_IF_MISS); | |
3207 | commSetTimeout(fd, Config.Timeout.request, requestTimeout, connState); | |
3898f57f | 3208 | #if USE_IDENT |
a40699cd | 3209 | identChecklist.src_addr = peer.sin_addr; |
b6a2f15e | 3210 | identChecklist.my_addr = me.sin_addr; |
7e3ce7b9 | 3211 | identChecklist.my_port = ntohs(me.sin_port); |
a40699cd | 3212 | if (aclCheckFast(Config.accessList.identLookup, &identChecklist)) |
05832ae1 | 3213 | identStart(&me, &peer, clientIdentDone, connState); |
3898f57f | 3214 | #endif |
e2525655 | 3215 | commSetSelect(fd, COMM_SELECT_READ, clientReadRequest, connState, 0); |
3216 | commSetDefer(fd, clientReadDefer, connState); | |
9bc73deb | 3217 | clientdbEstablished(peer.sin_addr, 1); |
41292f79 | 3218 | assert(N); |
ba4f8e5a | 3219 | (*N)++; |
7a2f978b | 3220 | } |
7a2f978b | 3221 | } |
3222 | ||
1f7c9178 | 3223 | #if USE_SSL |
3224 | ||
3225 | /* negotiate an SSL connection */ | |
3226 | static void | |
3227 | clientNegotiateSSL(int fd, void *data) | |
3228 | { | |
3229 | ConnStateData *conn = data; | |
3230 | X509 *client_cert; | |
3231 | int ret; | |
3232 | ||
3233 | if ((ret = SSL_accept(fd_table[fd].ssl)) <= 0) { | |
3234 | if (BIO_sock_should_retry(ret)) { | |
3235 | commSetSelect(fd, COMM_SELECT_READ, clientNegotiateSSL, conn, 0); | |
3236 | return; | |
3237 | } | |
3238 | ret = ERR_get_error(); | |
a4a80ff0 | 3239 | if (ret) { |
3240 | debug(81, 1) ("clientNegotiateSSL: Error negotiating SSL connection on FD %d: %s\n", | |
3241 | fd, ERR_error_string(ret, NULL)); | |
3242 | } | |
1f7c9178 | 3243 | comm_close(fd); |
3244 | return; | |
3245 | } | |
3246 | debug(81, 5) ("clientNegotiateSSL: FD %d negotiated cipher %s\n", fd, | |
3247 | SSL_get_cipher(fd_table[fd].ssl)); | |
3248 | ||
3249 | client_cert = SSL_get_peer_certificate(fd_table[fd].ssl); | |
3250 | if (client_cert != NULL) { | |
3251 | debug(81, 5) ("clientNegotiateSSL: FD %d client certificate: subject: %s\n", fd, | |
3252 | X509_NAME_oneline(X509_get_subject_name(client_cert), 0, 0)); | |
3253 | ||
3254 | debug(81, 5) ("clientNegotiateSSL: FD %d client certificate: issuer: %s\n", fd, | |
3255 | X509_NAME_oneline(X509_get_issuer_name(client_cert), 0, 0)); | |
3256 | ||
3257 | X509_free(client_cert); | |
3258 | } else { | |
3259 | debug(81, 5) ("clientNegotiateSSL: FD %d has no certificate.\n", fd); | |
3260 | } | |
3261 | ||
3262 | commSetSelect(fd, COMM_SELECT_READ, clientReadRequest, conn, 0); | |
3263 | } | |
3264 | ||
d193a436 | 3265 | struct _https_port_data { |
3266 | SSL_CTX *sslContext; | |
3267 | }; | |
3268 | typedef struct _https_port_data https_port_data; | |
3269 | CBDATA_TYPE(https_port_data); | |
3270 | ||
1f7c9178 | 3271 | /* handle a new HTTPS connection */ |
3272 | static void | |
3273 | httpsAccept(int sock, void *data) | |
3274 | { | |
d193a436 | 3275 | int *N = &incoming_sockets_accepted; |
3276 | https_port_data *https_port = data; | |
3277 | SSL_CTX *sslContext = https_port->sslContext; | |
1f7c9178 | 3278 | int fd = -1; |
3279 | ConnStateData *connState = NULL; | |
3280 | struct sockaddr_in peer; | |
3281 | struct sockaddr_in me; | |
3282 | int max = INCOMING_HTTP_MAX; | |
3283 | SSL *ssl; | |
3284 | int ssl_error; | |
3285 | #if USE_IDENT | |
3286 | static aclCheck_t identChecklist; | |
3287 | #endif | |
d193a436 | 3288 | commSetSelect(sock, COMM_SELECT_READ, httpsAccept, https_port, 0); |
1f7c9178 | 3289 | while (max-- && !httpAcceptDefer(sock, NULL)) { |
3290 | memset(&peer, '\0', sizeof(struct sockaddr_in)); | |
3291 | memset(&me, '\0', sizeof(struct sockaddr_in)); | |
3292 | if ((fd = comm_accept(sock, &peer, &me)) < 0) { | |
3293 | if (!ignoreErrno(errno)) | |
3294 | debug(50, 1) ("httpsAccept: FD %d: accept failure: %s\n", | |
3295 | sock, xstrerror()); | |
3296 | break; | |
3297 | } | |
3298 | if ((ssl = SSL_new(sslContext)) == NULL) { | |
3299 | ssl_error = ERR_get_error(); | |
3300 | debug(81, 1) ("httpsAccept: Error allocating handle: %s\n", | |
3301 | ERR_error_string(ssl_error, NULL)); | |
3302 | break; | |
3303 | } | |
3304 | SSL_set_fd(ssl, fd); | |
3305 | fd_table[fd].ssl = ssl; | |
3306 | fd_table[fd].read_method = &ssl_read_method; | |
3307 | fd_table[fd].write_method = &ssl_write_method; | |
3308 | debug(50, 5) ("httpsAccept: FD %d accepted, starting SSL negotiation.\n", fd); | |
3309 | ||
3310 | connState = cbdataAlloc(ConnStateData); | |
3311 | connState->peer = peer; | |
3312 | connState->log_addr = peer.sin_addr; | |
3313 | connState->log_addr.s_addr &= Config.Addrs.client_netmask.s_addr; | |
3314 | connState->me = me; | |
3315 | connState->fd = fd; | |
3316 | connState->in.size = CLIENT_REQ_BUF_SZ; | |
3317 | connState->in.buf = memAllocate(MEM_CLIENT_REQ_BUF); | |
3318 | /* XXX account connState->in.buf */ | |
3319 | comm_add_close_handler(fd, connStateFree, connState); | |
3320 | if (Config.onoff.log_fqdn) | |
3321 | fqdncache_gethostbyaddr(peer.sin_addr, FQDN_LOOKUP_IF_MISS); | |
3322 | commSetTimeout(fd, Config.Timeout.request, requestTimeout, connState); | |
3323 | #if USE_IDENT | |
3324 | identChecklist.src_addr = peer.sin_addr; | |
3325 | identChecklist.my_addr = me.sin_addr; | |
3326 | identChecklist.my_port = ntohs(me.sin_port); | |
3327 | if (aclCheckFast(Config.accessList.identLookup, &identChecklist)) | |
3328 | identStart(&me, &peer, clientIdentDone, connState); | |
3329 | #endif | |
3330 | commSetSelect(fd, COMM_SELECT_READ, clientNegotiateSSL, connState, 0); | |
3331 | commSetDefer(fd, clientReadDefer, connState); | |
3332 | clientdbEstablished(peer.sin_addr, 1); | |
3333 | (*N)++; | |
3334 | } | |
3335 | } | |
3336 | ||
3337 | #endif /* USE_SSL */ | |
3338 | ||
978e455f | 3339 | #define SENDING_BODY 0 |
3340 | #define SENDING_HDRSONLY 1 | |
7a2f978b | 3341 | static int |
1b02b5be | 3342 | clientCheckTransferDone(clientHttpRequest * http) |
7a2f978b | 3343 | { |
978e455f | 3344 | int sending = SENDING_BODY; |
7a2f978b | 3345 | StoreEntry *entry = http->entry; |
978e455f | 3346 | MemObject *mem; |
3347 | http_reply *reply; | |
3348 | int sendlen; | |
7a2f978b | 3349 | if (entry == NULL) |
3350 | return 0; | |
9f086470 | 3351 | /* |
3352 | * For now, 'done_copying' is used for special cases like | |
3353 | * Range and HEAD requests. | |
3354 | */ | |
3355 | if (http->flags.done_copying) | |
3356 | return 1; | |
978e455f | 3357 | /* |
b7fe0ab0 | 3358 | * Handle STORE_OK objects. |
07304bf9 | 3359 | * objectLen(entry) will be set proprely. |
978e455f | 3360 | */ |
b7fe0ab0 | 3361 | if (entry->store_status == STORE_OK) { |
07304bf9 | 3362 | if (http->out.offset >= objectLen(entry)) |
7a2f978b | 3363 | return 1; |
513f05a6 | 3364 | else |
3365 | return 0; | |
3366 | } | |
978e455f | 3367 | /* |
3368 | * Now, handle STORE_PENDING objects | |
3369 | */ | |
3370 | mem = entry->mem_obj; | |
3371 | assert(mem != NULL); | |
3372 | assert(http->request != NULL); | |
3373 | reply = mem->reply; | |
3374 | if (reply->hdr_sz == 0) | |
b34ed725 | 3375 | return 0; /* haven't found end of headers yet */ |
cb69b4c7 | 3376 | else if (reply->sline.status == HTTP_OK) |
b34ed725 | 3377 | sending = SENDING_BODY; |
cb69b4c7 | 3378 | else if (reply->sline.status == HTTP_NO_CONTENT) |
b34ed725 | 3379 | sending = SENDING_HDRSONLY; |
cb69b4c7 | 3380 | else if (reply->sline.status == HTTP_NOT_MODIFIED) |
b34ed725 | 3381 | sending = SENDING_HDRSONLY; |
cb69b4c7 | 3382 | else if (reply->sline.status < HTTP_OK) |
a3c60429 | 3383 | sending = SENDING_HDRSONLY; |
978e455f | 3384 | else if (http->request->method == METHOD_HEAD) |
b34ed725 | 3385 | sending = SENDING_HDRSONLY; |
978e455f | 3386 | else |
3387 | sending = SENDING_BODY; | |
3388 | /* | |
3389 | * Figure out how much data we are supposed to send. | |
3390 | * If we are sending a body and we don't have a content-length, | |
b7fe0ab0 | 3391 | * then we must wait for the object to become STORE_OK. |
978e455f | 3392 | */ |
3393 | if (sending == SENDING_HDRSONLY) | |
3394 | sendlen = reply->hdr_sz; | |
038eb4ed | 3395 | else if (reply->content_length < 0) |
978e455f | 3396 | return 0; |
3397 | else | |
038eb4ed | 3398 | sendlen = reply->content_length + reply->hdr_sz; |
978e455f | 3399 | /* |
3400 | * Now that we have the expected length, did we send it all? | |
3401 | */ | |
3402 | if (http->out.offset < sendlen) | |
3403 | return 0; | |
3404 | else | |
b34ed725 | 3405 | return 1; |
7a2f978b | 3406 | } |
3407 | ||
80980266 | 3408 | static int |
3409 | clientGotNotEnough(clientHttpRequest * http) | |
3410 | { | |
efd900cb | 3411 | int cl = httpReplyBodySize(http->request->method, http->entry->mem_obj->reply); |
80980266 | 3412 | int hs = http->entry->mem_obj->reply->hdr_sz; |
3413 | assert(cl >= 0); | |
3414 | if (http->out.offset < cl + hs) | |
3415 | return 1; | |
3416 | return 0; | |
3417 | } | |
3418 | ||
7a2f978b | 3419 | /* |
3420 | * This function is designed to serve a fairly specific purpose. | |
3421 | * Occasionally our vBNS-connected caches can talk to each other, but not | |
3422 | * the rest of the world. Here we try to detect frequent failures which | |
3423 | * make the cache unusable (e.g. DNS lookup and connect() failures). If | |
3424 | * the failure:success ratio goes above 1.0 then we go into "hit only" | |
3425 | * mode where we only return UDP_HIT or UDP_MISS_NOFETCH. Neighbors | |
3426 | * will only fetch HITs from us if they are using the ICP protocol. We | |
3427 | * stay in this mode for 5 minutes. | |
3428 | * | |
3429 | * Duane W., Sept 16, 1996 | |
3430 | */ | |
3431 | ||
3432 | static void | |
88aad2e5 | 3433 | checkFailureRatio(err_type etype, hier_code hcode) |
7a2f978b | 3434 | { |
88aad2e5 | 3435 | static double magic_factor = 100.0; |
7a2f978b | 3436 | double n_good; |
3437 | double n_bad; | |
3438 | if (hcode == HIER_NONE) | |
3439 | return; | |
88aad2e5 | 3440 | n_good = magic_factor / (1.0 + request_failure_ratio); |
7a2f978b | 3441 | n_bad = magic_factor - n_good; |
88aad2e5 | 3442 | switch (etype) { |
7a2f978b | 3443 | case ERR_DNS_FAIL: |
3444 | case ERR_CONNECT_FAIL: | |
3445 | case ERR_READ_ERROR: | |
3446 | n_bad++; | |
3447 | break; | |
3448 | default: | |
3449 | n_good++; | |
3450 | } | |
88aad2e5 | 3451 | request_failure_ratio = n_bad / n_good; |
7a2f978b | 3452 | if (hit_only_mode_until > squid_curtime) |
3453 | return; | |
88aad2e5 | 3454 | if (request_failure_ratio < 1.0) |
7a2f978b | 3455 | return; |
93f9abd0 | 3456 | debug(33, 0) ("Failure Ratio at %4.2f\n", request_failure_ratio); |
3457 | debug(33, 0) ("Going into hit-only-mode for %d minutes...\n", | |
7a2f978b | 3458 | FAILURE_MODE_TIME / 60); |
3459 | hit_only_mode_until = squid_curtime + FAILURE_MODE_TIME; | |
88aad2e5 | 3460 | request_failure_ratio = 0.8; /* reset to something less than 1.0 */ |
7a2f978b | 3461 | } |
15df8349 | 3462 | |
d193a436 | 3463 | static void |
15df8349 | 3464 | clientHttpConnectionsOpen(void) |
3465 | { | |
7e3ce7b9 | 3466 | sockaddr_in_list *s; |
15df8349 | 3467 | int fd; |
7e3ce7b9 | 3468 | for (s = Config.Sockaddr.http; s; s = s->next) { |
42b51993 | 3469 | if (MAXHTTPPORTS == NHttpSockets) { |
3470 | debug(1, 1) ("WARNING: You have too many 'http_port' lines.\n"); | |
3471 | debug(1, 1) (" The limit is %d\n", MAXHTTPPORTS); | |
3472 | continue; | |
3473 | } | |
8daca701 | 3474 | enter_suid(); |
3475 | fd = comm_open(SOCK_STREAM, | |
3476 | 0, | |
7e3ce7b9 | 3477 | s->s.sin_addr, |
3478 | ntohs(s->s.sin_port), | |
8daca701 | 3479 | COMM_NONBLOCKING, |
3480 | "HTTP Socket"); | |
3481 | leave_suid(); | |
3482 | if (fd < 0) | |
3483 | continue; | |
3484 | comm_listen(fd); | |
3485 | commSetSelect(fd, COMM_SELECT_READ, httpAccept, NULL, 0); | |
d20b1cd0 | 3486 | /* |
3487 | * We need to set a defer handler here so that we don't | |
3488 | * peg the CPU with select() when we hit the FD limit. | |
3489 | */ | |
3490 | commSetDefer(fd, httpAcceptDefer, NULL); | |
7e3ce7b9 | 3491 | debug(1, 1) ("Accepting HTTP connections at %s, port %d, FD %d.\n", |
3492 | inet_ntoa(s->s.sin_addr), | |
3493 | (int) ntohs(s->s.sin_port), | |
3494 | fd); | |
8daca701 | 3495 | HttpSockets[NHttpSockets++] = fd; |
15df8349 | 3496 | } |
d193a436 | 3497 | } |
3498 | ||
3499 | #if USE_SSL | |
3500 | static void | |
3501 | clientHttpsConnectionsOpen(void) | |
3502 | { | |
3503 | https_port_list *s; | |
3504 | https_port_data *https_port; | |
3505 | int fd; | |
1f7c9178 | 3506 | for (s = Config.Sockaddr.https; s; s = s->next) { |
3507 | enter_suid(); | |
3508 | fd = comm_open(SOCK_STREAM, | |
3509 | 0, | |
3510 | s->s.sin_addr, | |
3511 | ntohs(s->s.sin_port), | |
3512 | COMM_NONBLOCKING, | |
3513 | "HTTPS Socket"); | |
3514 | leave_suid(); | |
3515 | if (fd < 0) | |
3516 | continue; | |
d193a436 | 3517 | CBDATA_INIT_TYPE(https_port_data); |
3518 | https_port = cbdataAlloc(https_port_data); | |
79d4ccdf | 3519 | https_port->sslContext = sslCreateContext(s->cert, s->key, s->version, s->cipher, s->options); |
1f7c9178 | 3520 | comm_listen(fd); |
d193a436 | 3521 | commSetSelect(fd, COMM_SELECT_READ, httpsAccept, https_port, 0); |
3522 | commSetDefer(fd, httpAcceptDefer, NULL); | |
1f7c9178 | 3523 | debug(1, 1) ("Accepting HTTPS connections at %s, port %d, FD %d.\n", |
3524 | inet_ntoa(s->s.sin_addr), | |
3525 | (int) ntohs(s->s.sin_port), | |
3526 | fd); | |
3527 | HttpSockets[NHttpSockets++] = fd; | |
3528 | } | |
d193a436 | 3529 | } |
3530 | ||
3531 | #endif | |
3532 | ||
3533 | void | |
3534 | clientOpenListenSockets(void) | |
3535 | { | |
3536 | clientHttpConnectionsOpen(); | |
3537 | #if USE_SSL | |
3538 | clientHttpsConnectionsOpen(); | |
1f7c9178 | 3539 | #endif |
15df8349 | 3540 | if (NHttpSockets < 1) |
8daca701 | 3541 | fatal("Cannot open HTTP Port"); |
15df8349 | 3542 | } |
c0fbae16 | 3543 | void |
3544 | clientHttpConnectionsClose(void) | |
3545 | { | |
3546 | int i; | |
3547 | for (i = 0; i < NHttpSockets; i++) { | |
3548 | if (HttpSockets[i] >= 0) { | |
3549 | debug(1, 1) ("FD %d Closing HTTP connection\n", HttpSockets[i]); | |
3550 | comm_close(HttpSockets[i]); | |
3551 | HttpSockets[i] = -1; | |
3552 | } | |
3553 | } | |
3554 | NHttpSockets = 0; | |
3555 | } | |
f66a9ef4 | 3556 | |
3557 | int | |
3558 | varyEvaluateMatch(StoreEntry * entry, request_t * request) | |
3559 | { | |
3560 | const char *vary = request->vary_headers; | |
3561 | int has_vary = httpHeaderHas(&entry->mem_obj->reply->header, HDR_VARY); | |
3562 | #if X_ACCELERATOR_VARY | |
3563 | has_vary |= httpHeaderHas(&entry->mem_obj->reply->header, HDR_X_ACCELERATOR_VARY); | |
3564 | #endif | |
3565 | if (!has_vary || !entry->mem_obj->vary_headers) { | |
3566 | if (vary) { | |
3567 | /* Oops... something odd is going on here.. */ | |
3568 | debug(33, 1) ("varyEvaluateMatch: Oops. Not a Vary object on second attempt, '%s' '%s'\n", | |
3569 | entry->mem_obj->url, vary); | |
3570 | safe_free(request->vary_headers); | |
3571 | return VARY_CANCEL; | |
3572 | } | |
3573 | if (!has_vary) { | |
3574 | /* This is not a varying object */ | |
3575 | return VARY_NONE; | |
3576 | } | |
3577 | /* virtual "vary" object found. Calculate the vary key and | |
3578 | * continue the search | |
3579 | */ | |
3580 | vary = request->vary_headers = xstrdup(httpMakeVaryMark(request, entry->mem_obj->reply)); | |
3581 | if (vary) | |
3582 | return VARY_OTHER; | |
3583 | else { | |
3584 | /* Ouch.. we cannot handle this kind of variance */ | |
3585 | /* XXX This cannot really happen, but just to be complete */ | |
3586 | return VARY_CANCEL; | |
3587 | } | |
3588 | } else { | |
3589 | if (!vary) | |
3590 | vary = request->vary_headers = xstrdup(httpMakeVaryMark(request, entry->mem_obj->reply)); | |
3591 | if (!vary) { | |
3592 | /* Ouch.. we cannot handle this kind of variance */ | |
3593 | /* XXX This cannot really happen, but just to be complete */ | |
3594 | return VARY_CANCEL; | |
3595 | } else if (strcmp(vary, entry->mem_obj->vary_headers) == 0) { | |
3596 | return VARY_MATCH; | |
3597 | } else { | |
3598 | /* Oops.. we have already been here and still haven't | |
3599 | * found the requested variant. Bail out | |
3600 | */ | |
3601 | debug(33, 1) ("varyEvaluateMatch: Oops. Not a Vary match on second attempt, '%s' '%s'\n", | |
3602 | entry->mem_obj->url, vary); | |
3603 | return VARY_CANCEL; | |
3604 | } | |
3605 | } | |
3606 | } |