]>
Commit | Line | Data |
---|---|---|
edce4d98 | 1 | /* |
1f7b830e | 2 | * Copyright (C) 1996-2025 The Squid Software Foundation and contributors |
edce4d98 | 3 | * |
bbc27441 AJ |
4 | * Squid software is distributed under GPLv2+ license and includes |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
edce4d98 | 7 | */ |
bbc27441 AJ |
8 | |
9 | /* DEBUG: section 88 Client-side Reply Routines */ | |
10 | ||
f7f3304a | 11 | #include "squid.h" |
b7ac5457 AJ |
12 | #include "acl/FilledChecklist.h" |
13 | #include "acl/Gadgets.h" | |
65d448bc | 14 | #include "anyp/PortCfg.h" |
0655fa4d | 15 | #include "client_side_reply.h" |
0e4873fa | 16 | #include "clientStream.h" |
b7ac5457 | 17 | #include "errorpage.h" |
46017fdd | 18 | #include "ETag.h" |
c4ad1349 | 19 | #include "fd.h" |
7172612f | 20 | #include "fde.h" |
31971e6a | 21 | #include "format/Token.h" |
eb13c21e | 22 | #include "FwdState.h" |
582c2af2 | 23 | #include "globals.h" |
d3dddfb5 | 24 | #include "http/Stream.h" |
a5bac1d2 | 25 | #include "HttpHeaderTools.h" |
b7ac5457 AJ |
26 | #include "HttpReply.h" |
27 | #include "HttpRequest.h" | |
28 | #include "ip/QosConfig.h" | |
714e68b7 | 29 | #include "ipcache.h" |
1c7ae5ff | 30 | #include "log/access_log.h" |
b7ac5457 | 31 | #include "MemObject.h" |
b6149797 | 32 | #include "mime_header.h" |
f0ba2534 | 33 | #include "neighbors.h" |
c6f15d40 | 34 | #include "refresh.h" |
f206b652 | 35 | #include "RequestFlags.h" |
4d5904f7 | 36 | #include "SquidConfig.h" |
122a6e3c | 37 | #include "SquidMath.h" |
b7ac5457 | 38 | #include "Store.h" |
28204b3b | 39 | #include "StrList.h" |
4e540555 | 40 | #include "tools.h" |
582c2af2 FC |
41 | #if USE_AUTH |
42 | #include "auth/UserRequest.h" | |
43 | #endif | |
44 | #if USE_DELAY_POOLS | |
45 | #include "DelayPools.h" | |
46 | #endif | |
e6ccf245 | 47 | |
3e4f6092 FC |
48 | #include <memory> |
49 | ||
0655fa4d | 50 | CBDATA_CLASS_INIT(clientReplyContext); |
edce4d98 | 51 | |
edce4d98 | 52 | /* Local functions */ |
ca919500 | 53 | CSS clientReplyStatus; |
7976fed3 | 54 | ErrorState *clientBuildError(err_type, Http::StatusCode, char const *, const ConnStateData *, HttpRequest *, const AccessLogEntry::Pointer &); |
edce4d98 | 55 | |
edce4d98 | 56 | /* privates */ |
edce4d98 | 57 | |
0655fa4d | 58 | clientReplyContext::~clientReplyContext() |
edce4d98 | 59 | { |
50c09fc4 | 60 | deleting = true; |
61 | /* This may trigger a callback back into SendMoreData as the cbdata | |
62 | * is still valid | |
63 | */ | |
86a2f789 | 64 | removeClientStoreReference(&sc, http); |
edce4d98 | 65 | /* old_entry might still be set if we didn't yet get the reply |
0655fa4d | 66 | * code in HandleIMSReply() */ |
67 | removeStoreReference(&old_sc, &old_entry); | |
0655fa4d | 68 | cbdataReferenceDone(http); |
2b7d324b | 69 | HTTPMSGUNLOCK(reply); |
edce4d98 | 70 | } |
71 | ||
cc8c4af2 AJ |
72 | clientReplyContext::clientReplyContext(ClientHttpRequest *clientContext) : |
73 | purgeStatus(Http::scNone), | |
cc8c4af2 | 74 | http(cbdataReference(clientContext)), |
aee3523a | 75 | sc(nullptr), |
aee3523a AR |
76 | ourNode(nullptr), |
77 | reply(nullptr), | |
78 | old_entry(nullptr), | |
79 | old_sc(nullptr), | |
e7e0f8a4 | 80 | old_lastmod(-1), |
1a210de4 EB |
81 | deleting(false), |
82 | collapsedRevalidation(crNone) | |
cc8c4af2 AJ |
83 | { |
84 | *tempbuf = 0; | |
85 | } | |
edce4d98 | 86 | |
a5c8d64d AJ |
87 | /** Create an error in the store awaiting the client side to read it. |
88 | * | |
89 | * This may be better placed in the clientStream logic, but it has not been | |
0655fa4d | 90 | * relocated there yet |
91 | */ | |
edce4d98 | 92 | void |
0655fa4d | 93 | clientReplyContext::setReplyToError( |
eb026889 | 94 | err_type err, Http::StatusCode status, char const *uri, |
7976fed3 | 95 | const ConnStateData *conn, HttpRequest *failedrequest, const char *unparsedrequest, |
2f1431ea | 96 | #if USE_AUTH |
c7baff40 | 97 | Auth::UserRequest::Pointer auth_user_request |
2f1431ea | 98 | #else |
9d2b8284 | 99 | void* |
2f1431ea | 100 | #endif |
74174c03 | 101 | ) |
edce4d98 | 102 | { |
7976fed3 | 103 | auto errstate = clientBuildError(err, status, uri, conn, failedrequest, http->al); |
62e76326 | 104 | |
edce4d98 | 105 | if (unparsedrequest) |
62e76326 | 106 | errstate->request_hdrs = xstrdup(unparsedrequest); |
edce4d98 | 107 | |
8eb0a7ee CT |
108 | #if USE_AUTH |
109 | errstate->auth_user_request = auth_user_request; | |
110 | #endif | |
eb026889 | 111 | setReplyToError(failedrequest ? failedrequest->method : HttpRequestMethod(Http::METHOD_NONE), errstate); |
8eb0a7ee CT |
112 | } |
113 | ||
114 | void clientReplyContext::setReplyToError(const HttpRequestMethod& method, ErrorState *errstate) | |
115 | { | |
955394ce | 116 | if (errstate->httpStatus == Http::scNotImplemented && http->request) |
62e76326 | 117 | /* prevent confusion over whether we default to persistent or not */ |
e857372a | 118 | http->request->flags.proxyKeepalive = false; |
62e76326 | 119 | |
41ebd397 | 120 | http->al->http.code = errstate->httpStatus; |
edce4d98 | 121 | |
f0baf149 AR |
122 | if (http->request) |
123 | http->request->ignoreRange("responding with a Squid-generated error"); | |
124 | ||
f206b652 | 125 | createStoreEntry(method, RequestFlags()); |
aee3523a | 126 | assert(errstate->callback_data == nullptr); |
86a2f789 | 127 | errorAppendEntry(http->storeEntry(), errstate); |
edce4d98 | 128 | /* Now the caller reads to get this */ |
129 | } | |
130 | ||
eacfca83 AR |
131 | void |
132 | clientReplyContext::setReplyToReply(HttpReply *futureReply) | |
133 | { | |
134 | Must(futureReply); | |
135 | http->al->http.code = futureReply->sline.status(); | |
136 | ||
137 | HttpRequestMethod method; | |
138 | if (http->request) { // nil on responses to unparsable requests | |
139 | http->request->ignoreRange("responding with a Squid-generated reply"); | |
140 | method = http->request->method; | |
141 | } | |
142 | ||
143 | createStoreEntry(method, RequestFlags()); | |
144 | ||
145 | http->storeEntry()->storeErrorResponse(futureReply); | |
146 | /* Now the caller reads to get futureReply */ | |
147 | } | |
148 | ||
f0baf149 AR |
149 | // Assumes that the entry contains an error response without Content-Range. |
150 | // To use with regular entries, make HTTP Range header removal conditional. | |
151 | void clientReplyContext::setReplyToStoreEntry(StoreEntry *entry, const char *reason) | |
061bbdec | 152 | { |
1bfe9ade | 153 | entry->lock("clientReplyContext::setReplyToStoreEntry"); // removeClientStoreReference() unlocks |
061bbdec CT |
154 | sc = storeClientListAdd(entry, this); |
155 | #if USE_DELAY_POOLS | |
156 | sc->setDelayId(DelayId::DelayClient(http)); | |
157 | #endif | |
f0baf149 AR |
158 | if (http->request) |
159 | http->request->ignoreRange(reason); | |
061bbdec CT |
160 | flags.storelogiccomplete = 1; |
161 | http->storeEntry(entry); | |
162 | } | |
163 | ||
edce4d98 | 164 | void |
0655fa4d | 165 | clientReplyContext::removeStoreReference(store_client ** scp, |
166 | StoreEntry ** ep) | |
edce4d98 | 167 | { |
168 | StoreEntry *e; | |
e4ae841b | 169 | store_client *sc_tmp = *scp; |
62e76326 | 170 | |
aee3523a AR |
171 | if ((e = *ep) != nullptr) { |
172 | *ep = nullptr; | |
e4ae841b | 173 | storeUnregister(sc_tmp, e, this); |
aee3523a | 174 | *scp = nullptr; |
1bfe9ade | 175 | e->unlock("clientReplyContext::removeStoreReference"); |
edce4d98 | 176 | } |
177 | } | |
178 | ||
86a2f789 | 179 | void |
8bcf08e0 | 180 | clientReplyContext::removeClientStoreReference(store_client **scp, ClientHttpRequest *aHttpRequest) |
86a2f789 | 181 | { |
8bcf08e0 | 182 | StoreEntry *reference = aHttpRequest->storeEntry(); |
86a2f789 | 183 | removeStoreReference(scp, &reference); |
8bcf08e0 | 184 | aHttpRequest->storeEntry(reference); |
86a2f789 | 185 | } |
186 | ||
edce4d98 | 187 | void |
0655fa4d | 188 | clientReplyContext::saveState() |
edce4d98 | 189 | { |
aee3523a | 190 | assert(old_sc == nullptr); |
bf8fe701 | 191 | debugs(88, 3, "clientReplyContext::saveState: saving store context"); |
86a2f789 | 192 | old_entry = http->storeEntry(); |
e6ccf245 | 193 | old_sc = sc; |
e7e0f8a4 EB |
194 | old_lastmod = http->request->lastmod; |
195 | old_etag = http->request->etag; | |
edce4d98 | 196 | /* Prevent accessing the now saved entries */ |
aee3523a AR |
197 | http->storeEntry(nullptr); |
198 | sc = nullptr; | |
edce4d98 | 199 | } |
200 | ||
201 | void | |
0655fa4d | 202 | clientReplyContext::restoreState() |
edce4d98 | 203 | { |
aee3523a | 204 | assert(old_sc != nullptr); |
bf8fe701 | 205 | debugs(88, 3, "clientReplyContext::restoreState: Restoring store context"); |
86a2f789 | 206 | removeClientStoreReference(&sc, http); |
207 | http->storeEntry(old_entry); | |
e6ccf245 | 208 | sc = old_sc; |
e7e0f8a4 EB |
209 | http->request->lastmod = old_lastmod; |
210 | http->request->etag = old_etag; | |
edce4d98 | 211 | /* Prevent accessed the old saved entries */ |
aee3523a AR |
212 | old_entry = nullptr; |
213 | old_sc = nullptr; | |
e7e0f8a4 EB |
214 | old_lastmod = -1; |
215 | old_etag.clean(); | |
c8be6d7b | 216 | } |
217 | ||
218 | void | |
0655fa4d | 219 | clientReplyContext::startError(ErrorState * err) |
c8be6d7b | 220 | { |
f206b652 | 221 | createStoreEntry(http->request->method, RequestFlags()); |
0655fa4d | 222 | triggerInitialStoreRead(); |
86a2f789 | 223 | errorAppendEntry(http->storeEntry(), err); |
edce4d98 | 224 | } |
225 | ||
e6ccf245 | 226 | clientStreamNode * |
528b2c61 | 227 | clientReplyContext::getNextNode() const |
e6ccf245 | 228 | { |
62e76326 | 229 | return (clientStreamNode *)ourNode->node.next->data; |
e6ccf245 | 230 | } |
231 | ||
122a6e3c AR |
232 | /// Request HTTP response headers from Store, to be sent to the given recipient. |
233 | /// That recipient also gets zero, some, or all HTTP response body bytes (into | |
234 | /// next()->readBuffer). | |
c8be6d7b | 235 | void |
122a6e3c | 236 | clientReplyContext::triggerInitialStoreRead(STCB recipient) |
c8be6d7b | 237 | { |
122a6e3c AR |
238 | Assure(recipient != HandleIMSReply); |
239 | lastStreamBufferedBytes = StoreIOBuffer(); // storeClientCopy(next()->readBuffer) invalidates | |
8bcf08e0 | 240 | StoreIOBuffer localTempBuffer (next()->readBuffer.length, 0, next()->readBuffer.data); |
122a6e3c AR |
241 | ::storeClientCopy(sc, http->storeEntry(), localTempBuffer, recipient, this); |
242 | } | |
243 | ||
244 | /// Request HTTP response body bytes from Store into next()->readBuffer. This | |
245 | /// method requests body bytes at readerBuffer.offset and, hence, it should only | |
246 | /// be called after we triggerInitialStoreRead() and get the requested HTTP | |
247 | /// response headers (using zero offset). | |
248 | void | |
249 | clientReplyContext::requestMoreBodyFromStore() | |
250 | { | |
251 | lastStreamBufferedBytes = StoreIOBuffer(); // storeClientCopy(next()->readBuffer) invalidates | |
252 | ::storeClientCopy(sc, http->storeEntry(), next()->readBuffer, SendMoreData, this); | |
c8be6d7b | 253 | } |
edce4d98 | 254 | |
255 | /* there is an expired entry in the store. | |
256 | * setup a temporary buffer area and perform an IMS to the origin | |
257 | */ | |
0655fa4d | 258 | void |
259 | clientReplyContext::processExpired() | |
edce4d98 | 260 | { |
a8a0b1c2 | 261 | const char *url = storeId(); |
bf8fe701 | 262 | debugs(88, 3, "clientReplyContext::processExpired: '" << http->uri << "'"); |
438b41ba EB |
263 | const time_t lastmod = http->storeEntry()->lastModified(); |
264 | assert(lastmod >= 0); | |
edce4d98 | 265 | /* |
266 | * check if we are allowed to contact other servers | |
26ac0430 | 267 | * @?@: Instead of a 504 (Gateway Timeout) reply, we may want to return |
edce4d98 | 268 | * a stale entry *if* it matches client requirements |
269 | */ | |
62e76326 | 270 | |
0655fa4d | 271 | if (http->onlyIfCached()) { |
272 | processOnlyIfCachedMiss(); | |
62e76326 | 273 | return; |
edce4d98 | 274 | } |
62e76326 | 275 | |
12f5a662 | 276 | http->updateLoggingTags(LOG_TCP_REFRESH); |
e857372a | 277 | http->request->flags.refresh = true; |
edce4d98 | 278 | #if STORE_CLIENT_LIST_DEBUG |
c8be6d7b | 279 | /* Prevent a race with the store client memory free routines |
edce4d98 | 280 | */ |
0655fa4d | 281 | assert(storeClientIsThisAClient(sc, this)); |
edce4d98 | 282 | #endif |
283 | /* Prepare to make a new temporary request */ | |
0655fa4d | 284 | saveState(); |
1a210de4 | 285 | |
d2a6dcba | 286 | // TODO: Consider also allowing regular (non-collapsed) revalidation hits. |
1a210de4 | 287 | // TODO: support collapsed revalidation for Vary-controlled entries |
819be284 | 288 | bool collapsingAllowed = Config.onoff.collapsed_forwarding && |
daed75a9 | 289 | !Store::Controller::SmpAware() && |
819be284 | 290 | http->request->vary_headers.isEmpty(); |
1a210de4 EB |
291 | |
292 | StoreEntry *entry = nullptr; | |
293 | if (collapsingAllowed) { | |
819be284 | 294 | if (const auto e = storeGetPublicByRequest(http->request, ksRevalidation)) { |
d2a6dcba | 295 | if (e->hittingRequiresCollapsing() && startCollapsingOn(*e, true)) { |
819be284 EB |
296 | entry = e; |
297 | entry->lock("clientReplyContext::processExpired#alreadyRevalidating"); | |
298 | } else { | |
d868b138 | 299 | e->abandon(__func__); |
819be284 EB |
300 | // assume mayInitiateCollapsing() would fail too |
301 | collapsingAllowed = false; | |
302 | } | |
303 | } | |
1a210de4 EB |
304 | } |
305 | ||
306 | if (entry) { | |
76d61119 | 307 | entry->ensureMemObject(url, http->log_uri, http->request->method); |
1a210de4 EB |
308 | debugs(88, 5, "collapsed on existing revalidation entry: " << *entry); |
309 | collapsedRevalidation = crSlave; | |
310 | } else { | |
311 | entry = storeCreateEntry(url, | |
312 | http->log_uri, http->request->flags, http->request->method); | |
313 | /* NOTE, don't call StoreEntry->lock(), storeCreateEntry() does it */ | |
314 | ||
819be284 EB |
315 | if (collapsingAllowed && mayInitiateCollapsing() && |
316 | Store::Root().allowCollapsing(entry, http->request->flags, http->request->method)) { | |
1a210de4 | 317 | debugs(88, 5, "allow other revalidation requests to collapse on " << *entry); |
1a210de4 EB |
318 | collapsedRevalidation = crInitiator; |
319 | } else { | |
320 | collapsedRevalidation = crNone; | |
321 | } | |
322 | } | |
323 | ||
0655fa4d | 324 | sc = storeClientListAdd(entry, this); |
9a0a18de | 325 | #if USE_DELAY_POOLS |
edce4d98 | 326 | /* delay_id is already set on original store client */ |
0655fa4d | 327 | sc->setDelayId(DelayId::DelayClient(http)); |
edce4d98 | 328 | #endif |
62e76326 | 329 | |
438b41ba | 330 | http->request->lastmod = lastmod; |
46017fdd | 331 | |
789217a2 | 332 | if (!http->request->header.has(Http::HdrType::IF_NONE_MATCH)) { |
aee3523a | 333 | ETag etag = {nullptr, -1}; // TODO: make that a default ETag constructor |
46017fdd CT |
334 | if (old_entry->hasEtag(etag) && !etag.weak) |
335 | http->request->etag = etag.str; | |
336 | } | |
337 | ||
438b41ba | 338 | debugs(88, 5, "lastmod " << entry->lastModified()); |
86a2f789 | 339 | http->storeEntry(entry); |
c8be6d7b | 340 | assert(http->out.offset == 0); |
9174ba3d | 341 | assert(http->request->clientConnectionManager == http->getConn()); |
655daa06 | 342 | |
1a210de4 EB |
343 | if (collapsedRevalidation != crSlave) { |
344 | /* | |
345 | * A refcounted pointer so that FwdState stays around as long as | |
346 | * this clientReplyContext does | |
347 | */ | |
aee3523a | 348 | Comm::ConnectionPointer conn = http->getConn() != nullptr ? http->getConn()->clientConnection : nullptr; |
1a210de4 EB |
349 | FwdState::Start(conn, http->storeEntry(), http->request, http->al); |
350 | } | |
edce4d98 | 351 | /* Register with storage manager to receive updates when data comes in. */ |
62e76326 | 352 | |
edce4d98 | 353 | if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) |
fa84c01d | 354 | debugs(88, DBG_CRITICAL, "clientReplyContext::processExpired: Found ENTRY_ABORTED object"); |
62e76326 | 355 | |
c8be6d7b | 356 | { |
62e76326 | 357 | /* start counting the length from 0 */ |
8bcf08e0 | 358 | StoreIOBuffer localTempBuffer(HTTP_REQBUF_SZ, 0, tempbuf); |
122a6e3c AR |
359 | // keep lastStreamBufferedBytes: tempbuf is not a Client Stream buffer |
360 | ::storeClientCopy(sc, entry, localTempBuffer, HandleIMSReply, this); | |
edce4d98 | 361 | } |
362 | } | |
363 | ||
528b2c61 | 364 | void |
122a6e3c | 365 | clientReplyContext::sendClientUpstreamResponse(const StoreIOBuffer &upstreamResponse) |
528b2c61 | 366 | { |
0655fa4d | 367 | removeStoreReference(&old_sc, &old_entry); |
6c8cbe63 D |
368 | |
369 | if (collapsedRevalidation) | |
370 | http->storeEntry()->clearPublicKeyScope(); | |
371 | ||
2324cda2 | 372 | /* here the data to send is the data we just received */ |
86a2f789 | 373 | assert(!EBIT_TEST(http->storeEntry()->flags, ENTRY_ABORTED)); |
122a6e3c | 374 | sendMoreData(upstreamResponse); |
528b2c61 | 375 | } |
376 | ||
edce4d98 | 377 | void |
0655fa4d | 378 | clientReplyContext::HandleIMSReply(void *data, StoreIOBuffer result) |
edce4d98 | 379 | { |
e6ccf245 | 380 | clientReplyContext *context = (clientReplyContext *)data; |
0655fa4d | 381 | context->handleIMSReply(result); |
382 | } | |
62e76326 | 383 | |
0655fa4d | 384 | void |
385 | clientReplyContext::sendClientOldEntry() | |
386 | { | |
387 | /* Get the old request back */ | |
388 | restoreState(); | |
84f5cdd6 AR |
389 | |
390 | if (EBIT_TEST(http->storeEntry()->flags, ENTRY_ABORTED)) { | |
391 | debugs(88, 3, "stale entry aborted while we revalidated: " << *http->storeEntry()); | |
392 | http->updateLoggingTags(LOG_TCP_MISS); | |
393 | processMiss(); | |
394 | return; | |
395 | } | |
396 | ||
0655fa4d | 397 | /* here the data to send is in the next nodes buffers already */ |
122a6e3c AR |
398 | Assure(matchesStreamBodyBuffer(lastStreamBufferedBytes)); |
399 | Assure(!lastStreamBufferedBytes.offset); | |
400 | sendMoreData(lastStreamBufferedBytes); | |
0655fa4d | 401 | } |
62e76326 | 402 | |
1d7ab0f4 | 403 | /* This is the workhorse of the HandleIMSReply callback. |
404 | * | |
405 | * It is called when we've got data back from the origin following our | |
406 | * IMS request to revalidate a stale entry. | |
407 | */ | |
0655fa4d | 408 | void |
122a6e3c | 409 | clientReplyContext::handleIMSReply(const StoreIOBuffer result) |
0655fa4d | 410 | { |
1d7ab0f4 | 411 | if (deleting) |
412 | return; | |
62e76326 | 413 | |
aee3523a | 414 | if (http->storeEntry() == nullptr) |
1d7ab0f4 | 415 | return; |
07947ad8 | 416 | |
122a6e3c AR |
417 | debugs(88, 3, http->storeEntry()->url() << " got " << result); |
418 | ||
1d7ab0f4 | 419 | if (result.flags.error && !EBIT_TEST(http->storeEntry()->flags, ENTRY_ABORTED)) |
420 | return; | |
62e76326 | 421 | |
39fe14b2 EB |
422 | if (collapsedRevalidation == crSlave && !http->storeEntry()->mayStartHitting()) { |
423 | debugs(88, 3, "CF slave hit private non-shareable " << *http->storeEntry() << ". MISS"); | |
096c9df3 EB |
424 | // restore context to meet processMiss() expectations |
425 | restoreState(); | |
12f5a662 | 426 | http->updateLoggingTags(LOG_TCP_MISS); |
096c9df3 EB |
427 | processMiss(); |
428 | return; | |
429 | } | |
430 | ||
1d7ab0f4 | 431 | // request to origin was aborted |
432 | if (EBIT_TEST(http->storeEntry()->flags, ENTRY_ABORTED)) { | |
eace013e | 433 | debugs(88, 3, "request to origin aborted '" << http->storeEntry()->url() << "', sending old entry to client"); |
12f5a662 | 434 | http->updateLoggingTags(LOG_TCP_REFRESH_FAIL_OLD); |
1d7ab0f4 | 435 | sendClientOldEntry(); |
760e650f | 436 | return; |
0655fa4d | 437 | } |
62e76326 | 438 | |
66d51f4f AR |
439 | const auto oldStatus = old_entry->mem().freshestReply().sline.status(); |
440 | const auto &new_rep = http->storeEntry()->mem().freshestReply(); | |
441 | const auto status = new_rep.sline.status(); | |
62e76326 | 442 | |
6c8cbe63 D |
443 | // XXX: Disregard stale incomplete (i.e. still being written) borrowed (i.e. |
444 | // not caused by our request) IMS responses. That new_rep may be very old! | |
445 | ||
b297bcd0 | 446 | // origin replied 304 |
955394ce | 447 | if (status == Http::scNotModified) { |
66d51f4f AR |
448 | // TODO: The update may not be instantaneous. Should we wait for its |
449 | // completion to avoid spawning too much client-disassociated work? | |
55e1c6e8 EB |
450 | if (!Store::Root().updateOnNotModified(old_entry, *http->storeEntry())) { |
451 | old_entry->release(true); | |
452 | restoreState(); | |
453 | http->updateLoggingTags(LOG_TCP_MISS); | |
454 | processMiss(); | |
455 | return; | |
456 | } | |
457 | ||
458 | http->updateLoggingTags(LOG_TCP_REFRESH_UNMODIFIED); | |
459 | http->request->flags.staleIfHit = false; // old_entry is no longer stale | |
62e76326 | 460 | |
26ac0430 | 461 | // if client sent IMS |
438b41ba | 462 | if (http->request->flags.ims && !old_entry->modifiedSince(http->request->ims, http->request->imslen)) { |
26ac0430 | 463 | // forward the 304 from origin |
760e650f | 464 | debugs(88, 3, "origin replied 304, revalidated existing entry and forwarding 304 to client"); |
122a6e3c | 465 | sendClientUpstreamResponse(result); |
760e650f | 466 | return; |
26ac0430 | 467 | } |
760e650f AJ |
468 | |
469 | // send existing entry, it's still valid | |
470 | debugs(88, 3, "origin replied 304, revalidated existing entry and sending " << oldStatus << " to client"); | |
471 | sendClientOldEntry(); | |
472 | return; | |
b297bcd0 | 473 | } |
62e76326 | 474 | |
b297bcd0 | 475 | // origin replied with a non-error code |
760e650f | 476 | if (status > Http::scNone && status < Http::scInternalServerError) { |
0ac163be AJ |
477 | // RFC 9111 section 4: |
478 | // "When more than one suitable response is stored, | |
479 | // a cache MUST use the most recent one | |
480 | // (as determined by the Date header field)." | |
66d51f4f | 481 | if (new_rep.olderThan(&old_entry->mem().freshestReply())) { |
12f5a662 | 482 | http->al->cache.code.err.ignored = true; |
760e650f | 483 | debugs(88, 3, "origin replied " << status << " but with an older date header, sending old entry (" << oldStatus << ") to client"); |
eace013e | 484 | sendClientOldEntry(); |
760e650f | 485 | return; |
eace013e | 486 | } |
760e650f | 487 | |
12f5a662 | 488 | http->updateLoggingTags(LOG_TCP_REFRESH_MODIFIED); |
760e650f | 489 | debugs(88, 3, "origin replied " << status << ", forwarding to client"); |
122a6e3c | 490 | sendClientUpstreamResponse(result); |
760e650f | 491 | return; |
b297bcd0 | 492 | } |
62e76326 | 493 | |
b297bcd0 | 494 | // origin replied with an error |
760e650f | 495 | if (http->request->flags.failOnValidationError) { |
12f5a662 | 496 | http->updateLoggingTags(LOG_TCP_REFRESH_FAIL_ERR); |
760e650f | 497 | debugs(88, 3, "origin replied with error " << status << ", forwarding to client due to fail_on_validation_err"); |
122a6e3c | 498 | sendClientUpstreamResponse(result); |
760e650f | 499 | return; |
1d7ab0f4 | 500 | } |
760e650f AJ |
501 | |
502 | // ignore and let client have old entry | |
12f5a662 | 503 | http->updateLoggingTags(LOG_TCP_REFRESH_FAIL_OLD); |
760e650f AJ |
504 | debugs(88, 3, "origin replied with error " << status << ", sending old entry (" << oldStatus << ") to client"); |
505 | sendClientOldEntry(); | |
edce4d98 | 506 | } |
507 | ||
ca919500 FC |
508 | CSR clientGetMoreData; |
509 | CSD clientReplyDetach; | |
edce4d98 | 510 | |
122a6e3c | 511 | /// \copydoc clientReplyContext::cacheHit() |
edce4d98 | 512 | void |
0655fa4d | 513 | clientReplyContext::CacheHit(void *data, StoreIOBuffer result) |
edce4d98 | 514 | { |
e6ccf245 | 515 | clientReplyContext *context = (clientReplyContext *)data; |
7d5f62a4 | 516 | context->cacheHit(result); |
0655fa4d | 517 | } |
518 | ||
122a6e3c AR |
519 | /// Processes HTTP response headers received from Store on a suspected cache hit |
520 | /// path. May be called several times (e.g., a Vary marker object hit followed | |
521 | /// by the corresponding variant hit). | |
0655fa4d | 522 | void |
122a6e3c | 523 | clientReplyContext::cacheHit(const StoreIOBuffer result) |
0655fa4d | 524 | { |
7d5f62a4 | 525 | /** Ignore if the HIT object is being deleted. */ |
1b7514d9 AJ |
526 | if (deleting) { |
527 | debugs(88, 3, "HIT object being deleted. Ignore the HIT."); | |
045a76ab | 528 | return; |
1b7514d9 | 529 | } |
045a76ab | 530 | |
86a2f789 | 531 | StoreEntry *e = http->storeEntry(); |
045a76ab | 532 | |
190154cf | 533 | HttpRequest *r = http->request; |
045a76ab | 534 | |
122a6e3c | 535 | debugs(88, 3, http->uri << " got " << result); |
62e76326 | 536 | |
aee3523a | 537 | if (http->storeEntry() == nullptr) { |
bf8fe701 | 538 | debugs(88, 3, "clientCacheHit: request aborted"); |
62e76326 | 539 | return; |
c8be6d7b | 540 | } else if (result.flags.error) { |
62e76326 | 541 | /* swap in failure */ |
bf8fe701 | 542 | debugs(88, 3, "clientCacheHit: swapin failure for " << http->uri); |
12f5a662 | 543 | http->updateLoggingTags(LOG_TCP_SWAPFAIL_MISS); |
86a2f789 | 544 | removeClientStoreReference(&sc, http); |
0655fa4d | 545 | processMiss(); |
62e76326 | 546 | return; |
edce4d98 | 547 | } |
62e76326 | 548 | |
2f8abb64 | 549 | // The previously identified hit suddenly became unshareable! |
096c9df3 EB |
550 | // This is common for collapsed forwarding slaves but might also |
551 | // happen to regular hits because we are called asynchronously. | |
39fe14b2 | 552 | if (!e->mayStartHitting()) { |
2f8abb64 | 553 | debugs(88, 3, "unshareable " << *e << ". MISS"); |
12f5a662 | 554 | http->updateLoggingTags(LOG_TCP_MISS); |
096c9df3 EB |
555 | processMiss(); |
556 | return; | |
557 | } | |
558 | ||
84f5cdd6 AR |
559 | if (EBIT_TEST(e->flags, ENTRY_ABORTED)) { |
560 | debugs(88, 3, "refusing aborted " << *e); | |
561 | http->updateLoggingTags(LOG_TCP_MISS); | |
562 | processMiss(); | |
563 | return; | |
564 | } | |
62e76326 | 565 | |
edce4d98 | 566 | /* |
567 | * Got the headers, now grok them | |
568 | */ | |
12f5a662 | 569 | assert(http->loggingTags().oldType == LOG_TCP_HIT); |
62e76326 | 570 | |
851feda6 | 571 | if (http->request->storeId().cmp(e->mem_obj->storeId()) != 0) { |
c877c0bc | 572 | debugs(33, DBG_IMPORTANT, "clientProcessHit: URL mismatch, '" << e->mem_obj->storeId() << "' != '" << http->request->storeId() << "'"); |
12f5a662 | 573 | http->updateLoggingTags(LOG_TCP_MISS); // we lack a more precise LOG_*_MISS code |
cdd4e1c1 | 574 | processMiss(); |
575 | return; | |
576 | } | |
577 | ||
122a6e3c AR |
578 | noteStreamBufferredBytes(result); |
579 | ||
edce4d98 | 580 | switch (varyEvaluateMatch(e, r)) { |
62e76326 | 581 | |
edce4d98 | 582 | case VARY_NONE: |
62e76326 | 583 | /* No variance detected. Continue as normal */ |
584 | break; | |
585 | ||
edce4d98 | 586 | case VARY_MATCH: |
62e76326 | 587 | /* This is the correct entity for this request. Continue */ |
bf8fe701 | 588 | debugs(88, 2, "clientProcessHit: Vary MATCH!"); |
62e76326 | 589 | break; |
590 | ||
edce4d98 | 591 | case VARY_OTHER: |
62e76326 | 592 | /* This is not the correct entity for this request. We need |
593 | * to requery the cache. | |
594 | */ | |
86a2f789 | 595 | removeClientStoreReference(&sc, http); |
aee3523a | 596 | e = nullptr; |
62e76326 | 597 | /* Note: varyEvalyateMatch updates the request with vary information |
598 | * so we only get here once. (it also takes care of cancelling loops) | |
599 | */ | |
26ac0430 | 600 | debugs(88, 2, "clientProcessHit: Vary detected!"); |
0655fa4d | 601 | clientGetMoreData(ourNode, http); |
62e76326 | 602 | return; |
603 | ||
edce4d98 | 604 | case VARY_CANCEL: |
62e76326 | 605 | /* varyEvaluateMatch found a object loop. Process as miss */ |
e0236918 | 606 | debugs(88, DBG_IMPORTANT, "clientProcessHit: Vary object loop!"); |
12f5a662 | 607 | http->updateLoggingTags(LOG_TCP_MISS); // we lack a more precise LOG_*_MISS code |
0655fa4d | 608 | processMiss(); |
62e76326 | 609 | return; |
edce4d98 | 610 | } |
62e76326 | 611 | |
c2a7cefd | 612 | if (r->method == Http::METHOD_PURGE) { |
1b7514d9 | 613 | debugs(88, 5, "PURGE gets a HIT"); |
86a2f789 | 614 | removeClientStoreReference(&sc, http); |
aee3523a | 615 | e = nullptr; |
0655fa4d | 616 | purgeRequest(); |
62e76326 | 617 | return; |
edce4d98 | 618 | } |
62e76326 | 619 | |
1b7514d9 AJ |
620 | if (e->checkNegativeHit() && !r->flags.noCacheHack()) { |
621 | debugs(88, 5, "negative-HIT"); | |
12f5a662 | 622 | http->updateLoggingTags(LOG_TCP_NEGATIVE_HIT); |
0655fa4d | 623 | sendMoreData(result); |
ec4011ac | 624 | return; |
70706149 AR |
625 | } else if (blockedHit()) { |
626 | debugs(88, 5, "send_hit forces a MISS"); | |
12f5a662 | 627 | http->updateLoggingTags(LOG_TCP_MISS); |
70706149 AR |
628 | processMiss(); |
629 | return; | |
ee989932 | 630 | } else if (!r->flags.internal && !didCollapse && refreshCheckHTTP(e, r)) { |
bf8fe701 | 631 | debugs(88, 5, "clientCacheHit: in refreshCheck() block"); |
62e76326 | 632 | /* |
633 | * We hold a stale copy; it needs to be validated | |
634 | */ | |
635 | /* | |
450fe1cb | 636 | * The 'needValidation' flag is used to prevent forwarding |
62e76326 | 637 | * loops between siblings. If our copy of the object is stale, |
638 | * then we should probably only use parents for the validation | |
639 | * request. Otherwise two siblings could generate a loop if | |
640 | * both have a stale version of the object. | |
641 | */ | |
e857372a | 642 | r->flags.needValidation = true; |
62e76326 | 643 | |
438b41ba EB |
644 | if (e->lastModified() < 0) { |
645 | debugs(88, 3, "validate HIT object? NO. Can't calculate entry modification time. Do MISS."); | |
62e76326 | 646 | /* |
438b41ba EB |
647 | * We cannot revalidate entries without knowing their |
648 | * modification time. | |
649 | * XXX: BUG 1890 objects without Date do not get one added. | |
62e76326 | 650 | */ |
12f5a662 | 651 | http->updateLoggingTags(LOG_TCP_MISS); |
0655fa4d | 652 | processMiss(); |
450fe1cb | 653 | } else if (r->flags.noCache) { |
86310427 | 654 | debugs(88, 3, "validate HIT object? NO. Client sent CC:no-cache. Do CLIENT_REFRESH_MISS"); |
62e76326 | 655 | /* |
656 | * This did not match a refresh pattern that overrides no-cache | |
657 | * we should honour the client no-cache header. | |
658 | */ | |
12f5a662 | 659 | http->updateLoggingTags(LOG_TCP_CLIENT_REFRESH_MISS); |
0655fa4d | 660 | processMiss(); |
ec4568e3 | 661 | } else if (r->url.getScheme() == AnyP::PROTO_HTTP || r->url.getScheme() == AnyP::PROTO_HTTPS) { |
86310427 | 662 | debugs(88, 3, "validate HIT object? YES."); |
62e76326 | 663 | /* |
664 | * Object needs to be revalidated | |
665 | * XXX This could apply to FTP as well, if Last-Modified is known. | |
666 | */ | |
0655fa4d | 667 | processExpired(); |
62e76326 | 668 | } else { |
86310427 | 669 | debugs(88, 3, "validate HIT object? NO. Client protocol non-HTTP. Do MISS."); |
62e76326 | 670 | /* |
671 | * We don't know how to re-validate other protocols. Handle | |
672 | * them as if the object has expired. | |
673 | */ | |
12f5a662 | 674 | http->updateLoggingTags(LOG_TCP_MISS); |
0655fa4d | 675 | processMiss(); |
62e76326 | 676 | } |
ec4011ac | 677 | return; |
1b7514d9 AJ |
678 | } else if (r->conditional()) { |
679 | debugs(88, 5, "conditional HIT"); | |
8b082ed9 | 680 | if (processConditional()) |
acd68301 GD |
681 | return; |
682 | } | |
683 | ||
684 | /* | |
685 | * plain ol' cache hit | |
686 | */ | |
687 | debugs(88, 5, "plain old HIT"); | |
62e76326 | 688 | |
9a0a18de | 689 | #if USE_DELAY_POOLS |
acd68301 | 690 | if (e->store_status != STORE_OK) |
12f5a662 | 691 | http->updateLoggingTags(LOG_TCP_MISS); |
acd68301 | 692 | else |
5bf4d170 | 693 | #endif |
acd68301 | 694 | if (e->mem_status == IN_MEMORY) |
12f5a662 | 695 | http->updateLoggingTags(LOG_TCP_MEM_HIT); |
acd68301 | 696 | else if (Config.onoff.offline) |
12f5a662 | 697 | http->updateLoggingTags(LOG_TCP_OFFLINE_HIT); |
62e76326 | 698 | |
acd68301 | 699 | sendMoreData(result); |
edce4d98 | 700 | } |
701 | ||
7d5f62a4 | 702 | /** |
edce4d98 | 703 | * Prepare to fetch the object as it's a cache miss of some kind. |
704 | */ | |
705 | void | |
0655fa4d | 706 | clientReplyContext::processMiss() |
edce4d98 | 707 | { |
edce4d98 | 708 | char *url = http->uri; |
190154cf | 709 | HttpRequest *r = http->request; |
aee3523a | 710 | ErrorState *err = nullptr; |
7f06a3d8 | 711 | debugs(88, 4, r->method << ' ' << url); |
7d5f62a4 AJ |
712 | |
713 | /** | |
edce4d98 | 714 | * We might have a left-over StoreEntry from a failed cache hit |
715 | * or IMS request. | |
716 | */ | |
86a2f789 | 717 | if (http->storeEntry()) { |
718 | if (EBIT_TEST(http->storeEntry()->flags, ENTRY_SPECIAL)) { | |
fa84c01d | 719 | debugs(88, DBG_CRITICAL, "clientProcessMiss: miss on a special object (" << url << ")."); |
12f5a662 | 720 | debugs(88, DBG_CRITICAL, "\tlog_type = " << http->loggingTags().c_str()); |
3900307b | 721 | http->storeEntry()->dump(1); |
62e76326 | 722 | } |
723 | ||
86a2f789 | 724 | removeClientStoreReference(&sc, http); |
edce4d98 | 725 | } |
62e76326 | 726 | |
7d5f62a4 | 727 | /** Check if its a PURGE request to be actioned. */ |
c2a7cefd | 728 | if (r->method == Http::METHOD_PURGE) { |
0655fa4d | 729 | purgeRequest(); |
62e76326 | 730 | return; |
edce4d98 | 731 | } |
914b89a2 | 732 | |
7d5f62a4 | 733 | /** Check if its an 'OTHER' request. Purge all cached entries if so and continue. */ |
c2a7cefd | 734 | if (r->method == Http::METHOD_OTHER) { |
26ac0430 | 735 | purgeAllCached(); |
60745f24 | 736 | } |
62e76326 | 737 | |
7d5f62a4 | 738 | /** Check if 'only-if-cached' flag is set. Action if so. */ |
0655fa4d | 739 | if (http->onlyIfCached()) { |
740 | processOnlyIfCachedMiss(); | |
62e76326 | 741 | return; |
edce4d98 | 742 | } |
62e76326 | 743 | |
42829656 | 744 | /// Deny loops |
450fe1cb | 745 | if (r->flags.loopDetected) { |
955394ce | 746 | http->al->http.code = Http::scForbidden; |
7976fed3 | 747 | err = clientBuildError(ERR_ACCESS_DENIED, Http::scForbidden, nullptr, http->getConn(), http->request, http->al); |
f206b652 | 748 | createStoreEntry(r->method, RequestFlags()); |
86a2f789 | 749 | errorAppendEntry(http->storeEntry(), err); |
0655fa4d | 750 | triggerInitialStoreRead(); |
62e76326 | 751 | return; |
edce4d98 | 752 | } else { |
26ac0430 | 753 | assert(http->out.offset == 0); |
0655fa4d | 754 | createStoreEntry(r->method, r->flags); |
755 | triggerInitialStoreRead(); | |
62e76326 | 756 | |
757 | if (http->redirect.status) { | |
66d51f4f | 758 | const HttpReplyPointer rep(new HttpReply); |
12f5a662 | 759 | http->updateLoggingTags(LOG_TCP_REDIRECT); |
d88e3c49 | 760 | http->storeEntry()->releaseRequest(); |
06a5ae20 | 761 | rep->redirect(http->redirect.status, http->redirect.location); |
db237875 | 762 | http->storeEntry()->replaceHttpReply(rep); |
86a2f789 | 763 | http->storeEntry()->complete(); |
62e76326 | 764 | return; |
765 | } | |
766 | ||
9174ba3d | 767 | assert(r->clientConnectionManager == http->getConn()); |
655daa06 | 768 | |
7976fed3 | 769 | Comm::ConnectionPointer conn = http->getConn() != nullptr ? http->getConn()->clientConnection : nullptr; |
7d5f62a4 | 770 | /** Start forwarding to get the new object from network */ |
4bf68cfa | 771 | FwdState::Start(conn, http->storeEntry(), r, http->al); |
edce4d98 | 772 | } |
773 | } | |
774 | ||
7d5f62a4 | 775 | /** |
edce4d98 | 776 | * client issued a request with an only-if-cached cache-control directive; |
777 | * we did not find a cached object that can be returned without | |
778 | * contacting other servers; | |
779 | * respond with a 504 (Gateway Timeout) as suggested in [RFC 2068] | |
780 | */ | |
0655fa4d | 781 | void |
782 | clientReplyContext::processOnlyIfCachedMiss() | |
edce4d98 | 783 | { |
7f06a3d8 | 784 | debugs(88, 4, http->request->method << ' ' << http->uri); |
f11c8e2f | 785 | http->al->http.code = Http::scGatewayTimeout; |
aee3523a | 786 | ErrorState *err = clientBuildError(ERR_ONLY_IF_CACHED_MISS, Http::scGatewayTimeout, nullptr, |
7976fed3 | 787 | http->getConn(), http->request, http->al); |
86a2f789 | 788 | removeClientStoreReference(&sc, http); |
0655fa4d | 789 | startError(err); |
edce4d98 | 790 | } |
791 | ||
79c8035e | 792 | /// process conditional request from client |
acd68301 | 793 | bool |
8b082ed9 | 794 | clientReplyContext::processConditional() |
79c8035e | 795 | { |
a2bd457d | 796 | StoreEntry *const e = http->storeEntry(); |
79c8035e | 797 | |
66d51f4f AR |
798 | const auto replyStatusCode = e->mem().baseReply().sline.status(); |
799 | if (replyStatusCode != Http::scOkay) { | |
800 | debugs(88, 4, "miss because " << replyStatusCode << " != 200"); | |
12f5a662 | 801 | http->updateLoggingTags(LOG_TCP_MISS); |
79c8035e | 802 | processMiss(); |
acd68301 | 803 | return true; |
79c8035e AR |
804 | } |
805 | ||
806 | HttpRequest &r = *http->request; | |
807 | ||
789217a2 | 808 | if (r.header.has(Http::HdrType::IF_MATCH) && !e->hasIfMatchEtag(r)) { |
79c8035e AR |
809 | // RFC 2616: reply with 412 Precondition Failed if If-Match did not match |
810 | sendPreconditionFailedError(); | |
acd68301 | 811 | return true; |
79c8035e AR |
812 | } |
813 | ||
789217a2 | 814 | if (r.header.has(Http::HdrType::IF_NONE_MATCH)) { |
787ea68c GD |
815 | // RFC 7232: If-None-Match recipient MUST ignore IMS |
816 | r.flags.ims = false; | |
817 | r.ims = -1; | |
818 | r.imslen = 0; | |
819 | r.header.delById(Http::HdrType::IF_MODIFIED_SINCE); | |
79c8035e | 820 | |
787ea68c | 821 | if (e->hasIfNoneMatchEtag(r)) { |
a2bd457d | 822 | sendNotModifiedOrPreconditionFailedError(); |
acd68301 | 823 | return true; |
79c8035e AR |
824 | } |
825 | ||
787ea68c GD |
826 | // None-Match is true (no ETag matched); treat as an unconditional hit |
827 | return false; | |
79c8035e AR |
828 | } |
829 | ||
45e5102d | 830 | if (r.flags.ims) { |
79c8035e | 831 | // handle If-Modified-Since requests from the client |
438b41ba | 832 | if (e->modifiedSince(r.ims, r.imslen)) { |
2e2ef19a SM |
833 | // Modified-Since is true; treat as an unconditional hit |
834 | return false; | |
79c8035e | 835 | |
acd68301 GD |
836 | } else { |
837 | // otherwise reply with 304 Not Modified | |
838 | sendNotModified(); | |
839 | } | |
840 | return true; | |
79c8035e | 841 | } |
acd68301 GD |
842 | |
843 | return false; | |
79c8035e AR |
844 | } |
845 | ||
70706149 AR |
846 | /// whether squid.conf send_hit prevents us from serving this hit |
847 | bool | |
848 | clientReplyContext::blockedHit() const | |
849 | { | |
850 | if (!Config.accessList.sendHit) | |
851 | return false; // hits are not blocked by default | |
852 | ||
101694e4 | 853 | if (http->request->flags.internal) |
70706149 AR |
854 | return false; // internal content "hits" cannot be blocked |
855 | ||
66d51f4f | 856 | { |
ebe87c09 EB |
857 | ACLFilledChecklist chl(Config.accessList.sendHit, nullptr); |
858 | clientAclChecklistFill(chl, http); | |
859 | chl.updateReply(&http->storeEntry()->mem().freshestReply()); | |
860 | return !chl.fastCheck().allowed(); // when in doubt, block | |
70706149 | 861 | } |
70706149 AR |
862 | } |
863 | ||
c1520b67 AJ |
864 | // Purges all entries with a given url |
865 | // TODO: move to SideAgent parent, when we have one | |
60745f24 | 866 | /* |
867 | * We probably cannot purge Vary-affected responses because their MD5 | |
868 | * keys depend on vary headers. | |
869 | */ | |
c1520b67 | 870 | void |
90bd689c | 871 | purgeEntriesByUrl(HttpRequest * req, const char *url) |
c1520b67 | 872 | { |
c2a7cefd AJ |
873 | for (HttpRequestMethod m(Http::METHOD_NONE); m != Http::METHOD_ENUM_END; ++m) { |
874 | if (m.respMaybeCacheable()) { | |
4310f8b0 EB |
875 | const cache_key *key = storeKeyPublic(url, m); |
876 | debugs(88, 5, m << ' ' << url << ' ' << storeKeyText(key)); | |
90bd689c | 877 | #if USE_HTCP |
1ac1d4d3 | 878 | neighborsHtcpClear(nullptr, req, m, HTCP_CLR_INVALIDATION); |
8b082ed9 FC |
879 | #else |
880 | (void)req; | |
90bd689c | 881 | #endif |
4310f8b0 | 882 | Store::Root().evictIfFound(key); |
c1520b67 AJ |
883 | } |
884 | } | |
885 | } | |
886 | ||
26ac0430 | 887 | void |
60745f24 | 888 | clientReplyContext::purgeAllCached() |
889 | { | |
851feda6 AJ |
890 | // XXX: performance regression, c_str() reallocates |
891 | SBuf url(http->request->effectiveRequestUri()); | |
892 | purgeEntriesByUrl(http->request, url.c_str()); | |
35ececa5 | 893 | } |
60745f24 | 894 | |
d2a6dcba | 895 | LogTags * |
7976fed3 | 896 | clientReplyContext::loggingTags() const |
d2a6dcba EB |
897 | { |
898 | // XXX: clientReplyContext code assumes that http cbdata is always valid. | |
899 | // TODO: Either add cbdataReferenceValid(http) checks in all the relevant | |
900 | // places, like this one, or remove cbdata protection of the http member. | |
12f5a662 | 901 | return &http->al->cache.code; |
d2a6dcba EB |
902 | } |
903 | ||
e6ccf245 | 904 | void |
905 | clientReplyContext::purgeRequest() | |
edce4d98 | 906 | { |
bf8fe701 | 907 | debugs(88, 3, "Config2.onoff.enable_purge = " << |
908 | Config2.onoff.enable_purge); | |
62e76326 | 909 | |
edce4d98 | 910 | if (!Config2.onoff.enable_purge) { |
12f5a662 | 911 | http->updateLoggingTags(LOG_TCP_DENIED); |
aee3523a | 912 | ErrorState *err = clientBuildError(ERR_ACCESS_DENIED, Http::scForbidden, nullptr, |
7976fed3 | 913 | http->getConn(), http->request, http->al); |
0655fa4d | 914 | startError(err); |
62e76326 | 915 | return; |
edce4d98 | 916 | } |
62e76326 | 917 | |
edce4d98 | 918 | /* Release both IP cache */ |
5c51bffb | 919 | ipcacheInvalidate(http->request->url.host()); |
edce4d98 | 920 | |
7976fed3 EB |
921 | // TODO: can we use purgeAllCached() here instead? |
922 | purgeDoPurge(); | |
e6ccf245 | 923 | } |
924 | ||
925 | void | |
7976fed3 EB |
926 | clientReplyContext::purgeDoPurge() |
927 | { | |
928 | auto firstFound = false; | |
929 | if (const auto entry = storeGetPublicByRequestMethod(http->request, Http::METHOD_GET)) { | |
930 | // special entries are only METHOD_GET entries without variance | |
931 | if (EBIT_TEST(entry->flags, ENTRY_SPECIAL)) { | |
12f5a662 | 932 | http->updateLoggingTags(LOG_TCP_DENIED); |
7976fed3 EB |
933 | const auto err = clientBuildError(ERR_ACCESS_DENIED, Http::scForbidden, nullptr, |
934 | http->getConn(), http->request, http->al); | |
935 | startError(err); | |
d868b138 | 936 | entry->abandon(__func__); |
7976fed3 EB |
937 | return; |
938 | } | |
939 | firstFound = true; | |
940 | if (!purgeEntry(*entry, Http::METHOD_GET)) | |
941 | return; | |
edce4d98 | 942 | } |
62e76326 | 943 | |
7976fed3 | 944 | detailStoreLookup(storeLookupString(firstFound)); |
e6ccf245 | 945 | |
7976fed3 EB |
946 | if (const auto entry = storeGetPublicByRequestMethod(http->request, Http::METHOD_HEAD)) { |
947 | if (!purgeEntry(*entry, Http::METHOD_HEAD)) | |
948 | return; | |
edce4d98 | 949 | } |
62e76326 | 950 | |
edce4d98 | 951 | /* And for Vary, release the base URI if none of the headers was included in the request */ |
90ab8f20 AJ |
952 | if (!http->request->vary_headers.isEmpty() |
953 | && http->request->vary_headers.find('=') != SBuf::npos) { | |
851feda6 AJ |
954 | // XXX: performance regression, c_str() reallocates |
955 | SBuf tmp(http->request->effectiveRequestUri()); | |
62e76326 | 956 | |
7976fed3 EB |
957 | if (const auto entry = storeGetPublic(tmp.c_str(), Http::METHOD_GET)) { |
958 | if (!purgeEntry(*entry, Http::METHOD_GET, "Vary ")) | |
959 | return; | |
62e76326 | 960 | } |
961 | ||
7976fed3 EB |
962 | if (const auto entry = storeGetPublic(tmp.c_str(), Http::METHOD_HEAD)) { |
963 | if (!purgeEntry(*entry, Http::METHOD_HEAD, "Vary ")) | |
964 | return; | |
62e76326 | 965 | } |
edce4d98 | 966 | } |
62e76326 | 967 | |
7f98aad5 CT |
968 | if (purgeStatus == Http::scNone) |
969 | purgeStatus = Http::scNotFound; | |
970 | ||
edce4d98 | 971 | /* |
972 | * Make a new entry to hold the reply to be written | |
973 | * to the client. | |
974 | */ | |
9837567d | 975 | /* TODO: This doesn't need to go through the store. Simply |
528b2c61 | 976 | * push down the client chain |
977 | */ | |
f206b652 | 978 | createStoreEntry(http->request->method, RequestFlags()); |
62e76326 | 979 | |
0655fa4d | 980 | triggerInitialStoreRead(); |
62e76326 | 981 | |
66d51f4f | 982 | const HttpReplyPointer rep(new HttpReply); |
aee3523a | 983 | rep->setHeaders(purgeStatus, nullptr, nullptr, 0, 0, -1); |
7dc5f514 | 984 | http->storeEntry()->replaceHttpReply(rep); |
86a2f789 | 985 | http->storeEntry()->complete(); |
edce4d98 | 986 | } |
987 | ||
7976fed3 EB |
988 | bool |
989 | clientReplyContext::purgeEntry(StoreEntry &entry, const Http::MethodType methodType, const char *descriptionPrefix) | |
990 | { | |
991 | debugs(88, 4, descriptionPrefix << Http::MethodStr(methodType) << " '" << entry.url() << "'" ); | |
992 | #if USE_HTCP | |
993 | neighborsHtcpClear(&entry, http->request, HttpRequestMethod(methodType), HTCP_CLR_PURGE); | |
994 | #endif | |
995 | entry.release(true); | |
996 | purgeStatus = Http::scOkay; | |
997 | return true; | |
998 | } | |
999 | ||
edce4d98 | 1000 | void |
122a6e3c | 1001 | clientReplyContext::traceReply() |
edce4d98 | 1002 | { |
f206b652 | 1003 | createStoreEntry(http->request->method, RequestFlags()); |
122a6e3c | 1004 | triggerInitialStoreRead(); |
d88e3c49 | 1005 | http->storeEntry()->releaseRequest(); |
3900307b | 1006 | http->storeEntry()->buffer(); |
66d51f4f | 1007 | const HttpReplyPointer rep(new HttpReply); |
aee3523a | 1008 | rep->setHeaders(Http::scOkay, nullptr, "text/plain", http->request->prefixLen(), 0, squid_curtime); |
db237875 | 1009 | http->storeEntry()->replaceHttpReply(rep); |
5cafad19 | 1010 | http->request->swapOut(http->storeEntry()); |
86a2f789 | 1011 | http->storeEntry()->complete(); |
edce4d98 | 1012 | } |
1013 | ||
1014 | #define SENDING_BODY 0 | |
1015 | #define SENDING_HDRSONLY 1 | |
1016 | int | |
0655fa4d | 1017 | clientReplyContext::checkTransferDone() |
edce4d98 | 1018 | { |
86a2f789 | 1019 | StoreEntry *entry = http->storeEntry(); |
62e76326 | 1020 | |
aee3523a | 1021 | if (entry == nullptr) |
62e76326 | 1022 | return 0; |
1023 | ||
1024 | /* | |
edce4d98 | 1025 | * For now, 'done_copying' is used for special cases like |
1026 | * Range and HEAD requests. | |
1027 | */ | |
0655fa4d | 1028 | if (http->flags.done_copying) |
62e76326 | 1029 | return 1; |
1030 | ||
450fe1cb | 1031 | if (http->request->flags.chunkedReply && !flags.complete) { |
4ad60609 AR |
1032 | // last-chunk was not sent |
1033 | return 0; | |
1034 | } | |
1035 | ||
edce4d98 | 1036 | /* |
1037 | * Handle STORE_OK objects. | |
1038 | * objectLen(entry) will be set proprely. | |
26ac0430 | 1039 | * RC: Does objectLen(entry) include the Headers? |
0e3be1ea | 1040 | * RC: Yes. |
edce4d98 | 1041 | */ |
1042 | if (entry->store_status == STORE_OK) { | |
0655fa4d | 1043 | return storeOKTransferDone(); |
e39b9382 | 1044 | } else { |
0655fa4d | 1045 | return storeNotOKTransferDone(); |
edce4d98 | 1046 | } |
e39b9382 | 1047 | } |
1048 | ||
1049 | int | |
1050 | clientReplyContext::storeOKTransferDone() const | |
1051 | { | |
aa1a691e | 1052 | assert(http->storeEntry()->objectLen() >= 0); |
122a6e3c | 1053 | const auto headers_sz = http->storeEntry()->mem().baseReply().hdr_sz; |
aa1a691e | 1054 | assert(http->storeEntry()->objectLen() >= headers_sz); |
122a6e3c AR |
1055 | const auto done = http->out.offset >= http->storeEntry()->objectLen() - headers_sz; |
1056 | const auto debugLevel = done ? 3 : 5; | |
1057 | debugs(88, debugLevel, done << | |
1058 | " out.offset=" << http->out.offset << | |
1059 | " objectLen()=" << http->storeEntry()->objectLen() << | |
1060 | " headers_sz=" << headers_sz); | |
1061 | return done ? 1 : 0; | |
e39b9382 | 1062 | } |
1063 | ||
1064 | int | |
1065 | clientReplyContext::storeNotOKTransferDone() const | |
1066 | { | |
edce4d98 | 1067 | /* |
1068 | * Now, handle STORE_PENDING objects | |
1069 | */ | |
86a2f789 | 1070 | MemObject *mem = http->storeEntry()->mem_obj; |
aee3523a AR |
1071 | assert(mem != nullptr); |
1072 | assert(http->request != nullptr); | |
62e76326 | 1073 | |
39b5a589 | 1074 | if (!http->storeEntry()->hasParsedReplyHeader()) |
62e76326 | 1075 | /* haven't found end of headers yet */ |
1076 | return 0; | |
e39b9382 | 1077 | |
66d51f4f AR |
1078 | // TODO: Use MemObject::expectedReplySize(method) after resolving XXX below. |
1079 | const auto expectedBodySize = mem->baseReply().content_length; | |
1080 | ||
1081 | // XXX: The code below talks about sending data, and checks stats about | |
1082 | // bytes written to the client connection, but this method must determine | |
1083 | // whether we are done _receiving_ data from Store. This code should work OK | |
1084 | // when expectedBodySize is unknown or matches written data, but it may | |
1085 | // malfunction when we are writing ranges while receiving a full response. | |
a0c227a9 | 1086 | |
edce4d98 | 1087 | /* |
1088 | * Figure out how much data we are supposed to send. | |
1089 | * If we are sending a body and we don't have a content-length, | |
1090 | * then we must wait for the object to become STORE_OK. | |
1091 | */ | |
66d51f4f | 1092 | if (expectedBodySize < 0) |
62e76326 | 1093 | return 0; |
e39b9382 | 1094 | |
122a6e3c AR |
1095 | const auto done = http->out.offset >= expectedBodySize; |
1096 | const auto debugLevel = done ? 3 : 5; | |
1097 | debugs(88, debugLevel, done << | |
1098 | " out.offset=" << http->out.offset << | |
1099 | " expectedBodySize=" << expectedBodySize); | |
1100 | return done ? 1 : 0; | |
edce4d98 | 1101 | } |
1102 | ||
62e76326 | 1103 | /* Preconditions: |
edce4d98 | 1104 | * *http is a valid structure. |
1105 | * fd is either -1, or an open fd. | |
1106 | * | |
1107 | * TODO: enumify this | |
1108 | * | |
1109 | * This function is used by any http request sink, to determine the status | |
1110 | * of the object. | |
1111 | */ | |
1112 | clientStream_status_t | |
59a1efb2 | 1113 | clientReplyStatus(clientStreamNode * aNode, ClientHttpRequest * http) |
edce4d98 | 1114 | { |
0655fa4d | 1115 | clientReplyContext *context = dynamic_cast<clientReplyContext *>(aNode->data.getRaw()); |
1116 | assert (context); | |
1117 | assert (context->http == http); | |
1118 | return context->replyStatus(); | |
1119 | } | |
1120 | ||
1121 | clientStream_status_t | |
1122 | clientReplyContext::replyStatus() | |
1123 | { | |
edce4d98 | 1124 | int done; |
1125 | /* Here because lower nodes don't need it */ | |
62e76326 | 1126 | |
aee3523a | 1127 | if (http->storeEntry() == nullptr) { |
3daaed1a | 1128 | debugs(88, 5, "clientReplyStatus: no storeEntry"); |
f53969cc | 1129 | return STREAM_FAILED; /* yuck, but what can we do? */ |
3daaed1a | 1130 | } |
62e76326 | 1131 | |
3daaed1a | 1132 | if (EBIT_TEST(http->storeEntry()->flags, ENTRY_ABORTED)) { |
62e76326 | 1133 | /* TODO: Could upstream read errors (result.flags.error) be |
1134 | * lost, and result in undersize requests being considered | |
1135 | * complete. Should we tcp reset such connections ? | |
1136 | */ | |
3daaed1a | 1137 | debugs(88, 5, "clientReplyStatus: aborted storeEntry"); |
62e76326 | 1138 | return STREAM_FAILED; |
3daaed1a | 1139 | } |
62e76326 | 1140 | |
0655fa4d | 1141 | if ((done = checkTransferDone()) != 0 || flags.complete) { |
1bfe9ade | 1142 | debugs(88, 5, "clientReplyStatus: transfer is DONE: " << done << flags.complete); |
62e76326 | 1143 | /* Ok we're finished, but how? */ |
1144 | ||
7224ca5a AR |
1145 | if (EBIT_TEST(http->storeEntry()->flags, ENTRY_BAD_LENGTH)) { |
1146 | debugs(88, 5, "clientReplyStatus: truncated response body"); | |
1147 | return STREAM_UNPLANNED_COMPLETE; | |
1148 | } | |
1149 | ||
62e76326 | 1150 | if (!done) { |
bf8fe701 | 1151 | debugs(88, 5, "clientReplyStatus: closing, !done, but read 0 bytes"); |
62e76326 | 1152 | return STREAM_FAILED; |
1153 | } | |
1154 | ||
66d51f4f | 1155 | // TODO: See also (and unify with) storeNotOKTransferDone() checks. |
14231db9 | 1156 | const int64_t expectedBodySize = |
66d51f4f | 1157 | http->storeEntry()->mem().baseReply().bodySize(http->request->method); |
4ad60609 | 1158 | if (expectedBodySize >= 0 && !http->gotEnough()) { |
bf8fe701 | 1159 | debugs(88, 5, "clientReplyStatus: client didn't get all it expected"); |
62e76326 | 1160 | return STREAM_UNPLANNED_COMPLETE; |
1161 | } | |
1162 | ||
ca6d5de2 AR |
1163 | debugs(88, 5, "clientReplyStatus: stream complete; keepalive=" << |
1164 | http->request->flags.proxyKeepalive); | |
1165 | return STREAM_COMPLETE; | |
edce4d98 | 1166 | } |
62e76326 | 1167 | |
16611143 | 1168 | // XXX: Should this be checked earlier? We could return above w/o checking. |
6b5df6d8 | 1169 | if (reply->receivedBodyTooLarge(*http->request, http->out.offset)) { |
bf8fe701 | 1170 | debugs(88, 5, "clientReplyStatus: client reply body is too large"); |
62e76326 | 1171 | return STREAM_FAILED; |
0e3be1ea | 1172 | } |
62e76326 | 1173 | |
edce4d98 | 1174 | return STREAM_NONE; |
1175 | } | |
1176 | ||
62e76326 | 1177 | /* Responses with no body will not have a content-type header, |
edce4d98 | 1178 | * which breaks the rep_mime_type acl, which |
1179 | * coincidentally, is the most common acl for reply access lists. | |
2f8abb64 | 1180 | * A better long term fix for this is to allow acl matches on the various |
26ac0430 AJ |
1181 | * status codes, and then supply a default ruleset that puts these |
1182 | * codes before any user defines access entries. That way the user | |
edce4d98 | 1183 | * can choose to block these responses where appropriate, but won't get |
1184 | * mysterious breakages. | |
1185 | */ | |
0655fa4d | 1186 | bool |
955394ce | 1187 | clientReplyContext::alwaysAllowResponse(Http::StatusCode sline) const |
edce4d98 | 1188 | { |
4ef4b952 | 1189 | bool result; |
1190 | ||
edce4d98 | 1191 | switch (sline) { |
62e76326 | 1192 | |
955394ce | 1193 | case Http::scContinue: |
62e76326 | 1194 | |
955394ce | 1195 | case Http::scSwitchingProtocols: |
62e76326 | 1196 | |
955394ce | 1197 | case Http::scProcessing: |
62e76326 | 1198 | |
955394ce | 1199 | case Http::scNoContent: |
62e76326 | 1200 | |
955394ce | 1201 | case Http::scNotModified: |
4ef4b952 | 1202 | result = true; |
62e76326 | 1203 | break; |
1204 | ||
edce4d98 | 1205 | default: |
4ef4b952 | 1206 | result = false; |
edce4d98 | 1207 | } |
4ef4b952 | 1208 | |
1209 | return result; | |
edce4d98 | 1210 | } |
1211 | ||
a5c8d64d AJ |
1212 | /** |
1213 | * Generate the reply headers sent to client. | |
1214 | * | |
1215 | * Filters out unwanted entries and hop-by-hop from original reply header | |
1216 | * then adds extra entries if we have more info than origin server | |
1217 | * then adds Squid specific entries | |
edce4d98 | 1218 | */ |
0655fa4d | 1219 | void |
1220 | clientReplyContext::buildReplyHeader() | |
edce4d98 | 1221 | { |
7dc5f514 | 1222 | HttpHeader *hdr = &reply->header; |
12f5a662 | 1223 | const bool is_hit = http->loggingTags().isTcpHit(); |
190154cf | 1224 | HttpRequest *request = http->request; |
62e76326 | 1225 | |
096c9df3 | 1226 | if (is_hit || collapsedRevalidation == crSlave) |
789217a2 | 1227 | hdr->delById(Http::HdrType::SET_COOKIE); |
f89d4012 | 1228 | // TODO: RFC 2965 : Must honour Cache-Control: no-cache="set-cookie2" and remove header. |
62e76326 | 1229 | |
23c6d7e7 | 1230 | // if there is not configured a peer proxy with login=PASS or login=PASSTHRU option enabled |
dcf3665b | 1231 | // remove the Proxy-Authenticate header |
940307b9 | 1232 | if ( !request->peer_login || (strcmp(request->peer_login,"PASS") != 0 && strcmp(request->peer_login,"PASSTHRU") != 0)) { |
1233 | #if USE_ADAPTATION | |
1234 | // but allow adaptation services to authenticate clients | |
1235 | // via request satisfaction | |
1236 | if (!http->requestSatisfactionMode()) | |
1237 | #endif | |
1238 | reply->header.delById(Http::HdrType::PROXY_AUTHENTICATE); | |
1239 | } | |
dcf3665b | 1240 | |
2cdeea82 | 1241 | reply->header.removeHopByHopEntries(); |
4f1c93a7 EB |
1242 | // paranoid: ContentLengthInterpreter has cleaned non-generated replies |
1243 | reply->removeIrrelevantContentLength(); | |
62e76326 | 1244 | |
1245 | // if (request->range) | |
7dc5f514 | 1246 | // clientBuildRangeHeader(http, reply); |
a5c8d64d | 1247 | |
edce4d98 | 1248 | /* |
1249 | * Add a estimated Age header on cache hits. | |
1250 | */ | |
1251 | if (is_hit) { | |
62e76326 | 1252 | /* |
1253 | * Remove any existing Age header sent by upstream caches | |
1254 | * (note that the existing header is passed along unmodified | |
1255 | * on cache misses) | |
1256 | */ | |
789217a2 | 1257 | hdr->delById(Http::HdrType::AGE); |
62e76326 | 1258 | /* |
1259 | * This adds the calculated object age. Note that the details of the | |
1260 | * age calculation is performed by adjusting the timestamp in | |
3900307b | 1261 | * StoreEntry::timestampsSet(), not here. |
62e76326 | 1262 | */ |
bbe58ab5 | 1263 | if (EBIT_TEST(http->storeEntry()->flags, ENTRY_SPECIAL)) { |
789217a2 | 1264 | hdr->delById(Http::HdrType::DATE); |
81ab22b6 | 1265 | hdr->putTime(Http::HdrType::DATE, squid_curtime); |
cda7024f | 1266 | } else if (http->getConn() && http->getConn()->port->actAsOrigin) { |
90fa5816 | 1267 | // Swap the Date: header to current time if we are simulating an origin |
789217a2 | 1268 | HttpHeaderEntry *h = hdr->findEntry(Http::HdrType::DATE); |
fd49b08b A |
1269 | if (h) |
1270 | hdr->putExt("X-Origin-Date", h->value.termedBuf()); | |
789217a2 | 1271 | hdr->delById(Http::HdrType::DATE); |
81ab22b6 | 1272 | hdr->putTime(Http::HdrType::DATE, squid_curtime); |
789217a2 | 1273 | h = hdr->findEntry(Http::HdrType::EXPIRES); |
fd49b08b A |
1274 | if (h && http->storeEntry()->expires >= 0) { |
1275 | hdr->putExt("X-Origin-Expires", h->value.termedBuf()); | |
789217a2 | 1276 | hdr->delById(Http::HdrType::EXPIRES); |
81ab22b6 | 1277 | hdr->putTime(Http::HdrType::EXPIRES, squid_curtime + http->storeEntry()->expires - http->storeEntry()->timestamp); |
fd49b08b | 1278 | } |
90fa5816 AJ |
1279 | if (http->storeEntry()->timestamp <= squid_curtime) { |
1280 | // put X-Cache-Age: instead of Age: | |
fd49b08b | 1281 | char age[64]; |
fe3f0034 | 1282 | snprintf(age, sizeof(age), "%" PRId64, static_cast<int64_t>(squid_curtime - http->storeEntry()->timestamp)); |
fd49b08b A |
1283 | hdr->putExt("X-Cache-Age", age); |
1284 | } | |
a81e7089 | 1285 | } else if (http->storeEntry()->timestamp <= squid_curtime) { |
789217a2 | 1286 | hdr->putInt(Http::HdrType::AGE, |
a9925b40 | 1287 | squid_curtime - http->storeEntry()->timestamp); |
62e76326 | 1288 | } |
a5c8d64d | 1289 | } |
528b2c61 | 1290 | |
a5c8d64d AJ |
1291 | /* RFC 2616: Section 14.18 |
1292 | * | |
1293 | * Add a Date: header if missing. | |
1294 | * We have access to a clock therefore are required to amend any shortcoming in servers. | |
1295 | * | |
1296 | * NP: done after Age: to prevent ENTRY_SPECIAL double-handling this header. | |
1297 | */ | |
789217a2 | 1298 | if ( !hdr->has(Http::HdrType::DATE) ) { |
f0dedeb5 | 1299 | if (!http->storeEntry()) |
81ab22b6 | 1300 | hdr->putTime(Http::HdrType::DATE, squid_curtime); |
f0dedeb5 | 1301 | else if (http->storeEntry()->timestamp > 0) |
81ab22b6 | 1302 | hdr->putTime(Http::HdrType::DATE, http->storeEntry()->timestamp); |
f0dedeb5 | 1303 | else { |
d816f28d | 1304 | debugs(88, DBG_IMPORTANT, "ERROR: Squid BUG #3279: HTTP reply without Date:"); |
e78ae89a AJ |
1305 | /* dump something useful about the problem */ |
1306 | http->storeEntry()->dump(DBG_IMPORTANT); | |
f0dedeb5 | 1307 | } |
edce4d98 | 1308 | } |
62e76326 | 1309 | |
0bd9aa82 | 1310 | /* Filter unproxyable authentication types */ |
12f5a662 | 1311 | if (http->loggingTags().oldType != LOG_TCP_DENIED && |
789217a2 | 1312 | hdr->has(Http::HdrType::WWW_AUTHENTICATE)) { |
62e76326 | 1313 | HttpHeaderPos pos = HttpHeaderInitPos; |
1314 | HttpHeaderEntry *e; | |
1315 | ||
26ac0430 | 1316 | int connection_auth_blocked = 0; |
a9925b40 | 1317 | while ((e = hdr->getEntry(&pos))) { |
789217a2 | 1318 | if (e->id == Http::HdrType::WWW_AUTHENTICATE) { |
5b4117d8 | 1319 | const char *value = e->value.rawBuf(); |
62e76326 | 1320 | |
1321 | if ((strncasecmp(value, "NTLM", 4) == 0 && | |
1322 | (value[4] == '\0' || value[4] == ' ')) | |
1323 | || | |
1324 | (strncasecmp(value, "Negotiate", 9) == 0 && | |
d67acb4e | 1325 | (value[9] == '\0' || value[9] == ' ')) |
26ac0430 AJ |
1326 | || |
1327 | (strncasecmp(value, "Kerberos", 8) == 0 && | |
1328 | (value[8] == '\0' || value[8] == ' '))) { | |
450fe1cb | 1329 | if (request->flags.connectionAuthDisabled) { |
26ac0430 | 1330 | hdr->delAt(pos, connection_auth_blocked); |
d67acb4e AJ |
1331 | continue; |
1332 | } | |
e857372a | 1333 | request->flags.mustKeepalive = true; |
45e5102d | 1334 | if (!request->flags.accelerated && !request->flags.intercepted) { |
789217a2 | 1335 | httpHeaderPutStrf(hdr, Http::HdrType::PROXY_SUPPORT, "Session-Based-Authentication"); |
26ac0430 | 1336 | /* |
f7a2e5a5 | 1337 | We send "Connection: Proxy-Support" header to mark |
26ac0430 AJ |
1338 | Proxy-Support as a hop-by-hop header for intermediaries that do not |
1339 | understand the semantics of this header. The RFC should have included | |
1340 | this recommendation. | |
1341 | */ | |
789217a2 | 1342 | httpHeaderPutStrf(hdr, Http::HdrType::CONNECTION, "Proxy-support"); |
d67acb4e AJ |
1343 | } |
1344 | break; | |
26ac0430 | 1345 | } |
62e76326 | 1346 | } |
1347 | } | |
d67acb4e AJ |
1348 | |
1349 | if (connection_auth_blocked) | |
ba9fb01d | 1350 | hdr->refreshMask(); |
0bd9aa82 | 1351 | } |
62e76326 | 1352 | |
2f1431ea | 1353 | #if USE_AUTH |
edce4d98 | 1354 | /* Handle authentication headers */ |
12f5a662 | 1355 | if (http->loggingTags().oldType == LOG_TCP_DENIED && |
9b769c67 AJ |
1356 | ( reply->sline.status() == Http::scProxyAuthenticationRequired || |
1357 | reply->sline.status() == Http::scUnauthorized) | |
26ac0430 AJ |
1358 | ) { |
1359 | /* Add authentication header */ | |
9837567d | 1360 | /* TODO: alter errorstate to be accel on|off aware. The 0 on the next line |
26ac0430 AJ |
1361 | * depends on authenticate behaviour: all schemes to date send no extra |
1362 | * data on 407/401 responses, and do not check the accel state on 401/407 | |
1363 | * responses | |
1364 | */ | |
923a8d89 | 1365 | Auth::UserRequest::AddReplyAuthHeader(reply, request->auth_user_request, request, 0, 1); |
aee3523a | 1366 | } else if (request->auth_user_request != nullptr) |
923a8d89 | 1367 | Auth::UserRequest::AddReplyAuthHeader(reply, request->auth_user_request, request, http->flags.accel, 0); |
2f1431ea | 1368 | #endif |
62e76326 | 1369 | |
5fdc5490 | 1370 | SBuf cacheStatus(uniqueHostname()); |
12f5a662 | 1371 | if (const auto hitOrFwd = http->loggingTags().cacheStatusSource()) |
5fdc5490 AJ |
1372 | cacheStatus.append(hitOrFwd); |
1373 | if (firstStoreLookup_) { | |
1374 | cacheStatus.append(";detail="); | |
1375 | cacheStatus.append(firstStoreLookup_); | |
1376 | } | |
1377 | // TODO: Remove c_str() after converting HttpHeaderEntry::value to SBuf | |
1378 | hdr->putStr(Http::HdrType::CACHE_STATUS, cacheStatus.c_str()); | |
62e76326 | 1379 | |
45e5102d | 1380 | const bool maySendChunkedReply = !request->multipartRangeRequest() && |
8774ca07 | 1381 | reply->sline.version.protocol == AnyP::PROTO_HTTP && // response is HTTP |
2592bc70 | 1382 | (request->http_ver >= Http::ProtocolVersion(1,1)); |
4ad60609 | 1383 | |
f529bb20 | 1384 | /* Check whether we should send keep-alive */ |
9b769c67 | 1385 | if (!Config.onoff.error_pconns && reply->sline.status() >= 400 && !request->flags.mustKeepalive) { |
bf8fe701 | 1386 | debugs(33, 3, "clientBuildReplyHeader: Error, don't keep-alive"); |
e857372a | 1387 | request->flags.proxyKeepalive = false; |
450fe1cb | 1388 | } else if (!Config.onoff.client_pconns && !request->flags.mustKeepalive) { |
17b57873 | 1389 | debugs(33, 2, "clientBuildReplyHeader: Connection Keep-Alive not requested by admin or client"); |
e857372a | 1390 | request->flags.proxyKeepalive = false; |
450fe1cb | 1391 | } else if (request->flags.proxyKeepalive && shutting_down) { |
f529bb20 | 1392 | debugs(88, 3, "clientBuildReplyHeader: Shutting down, don't keep-alive."); |
e857372a | 1393 | request->flags.proxyKeepalive = false; |
450fe1cb | 1394 | } else if (request->flags.connectionAuth && !reply->keep_alive) { |
26ac0430 | 1395 | debugs(33, 2, "clientBuildReplyHeader: Connection oriented auth but server side non-persistent"); |
e857372a | 1396 | request->flags.proxyKeepalive = false; |
4ad60609 | 1397 | } else if (reply->bodySize(request->method) < 0 && !maySendChunkedReply) { |
17b57873 | 1398 | debugs(88, 3, "clientBuildReplyHeader: can't keep-alive, unknown body size" ); |
e857372a | 1399 | request->flags.proxyKeepalive = false; |
450fe1cb | 1400 | } else if (fdUsageHigh()&& !request->flags.mustKeepalive) { |
17b57873 | 1401 | debugs(88, 3, "clientBuildReplyHeader: Not many unused FDs, can't keep-alive"); |
e857372a | 1402 | request->flags.proxyKeepalive = false; |
450fe1cb | 1403 | } else if (request->flags.sslBumped && !reply->persistent()) { |
49f1c7f7 AR |
1404 | // We do not really have to close, but we pretend we are a tunnel. |
1405 | debugs(88, 3, "clientBuildReplyHeader: bumped reply forces close"); | |
e857372a | 1406 | request->flags.proxyKeepalive = false; |
693cb033 CT |
1407 | } else if (request->pinnedConnection() && !reply->persistent()) { |
1408 | // The peer wants to close the pinned connection | |
1409 | debugs(88, 3, "pinned reply forces close"); | |
e857372a | 1410 | request->flags.proxyKeepalive = false; |
c5c06f02 CT |
1411 | } else if (http->getConn()) { |
1412 | ConnStateData * conn = http->getConn(); | |
cda7024f | 1413 | if (!Comm::IsConnOpen(conn->port->listenConn)) { |
c5c06f02 CT |
1414 | // The listening port closed because of a reconfigure |
1415 | debugs(88, 3, "listening port closed"); | |
1416 | request->flags.proxyKeepalive = false; | |
c5c06f02 | 1417 | } |
17b57873 | 1418 | } |
d67acb4e | 1419 | |
4ad60609 | 1420 | // Decide if we send chunked reply |
95172eea | 1421 | if (maySendChunkedReply && reply->bodySize(request->method) < 0) { |
4ad60609 | 1422 | debugs(88, 3, "clientBuildReplyHeader: chunked reply"); |
e857372a | 1423 | request->flags.chunkedReply = true; |
789217a2 | 1424 | hdr->putStr(Http::HdrType::TRANSFER_ENCODING, "chunked"); |
4ad60609 | 1425 | } |
f529bb20 | 1426 | |
90be6ff5 EB |
1427 | hdr->addVia(reply->sline.version); |
1428 | ||
95e78500 | 1429 | /* Signal keep-alive or close explicitly */ |
789217a2 | 1430 | hdr->putStr(Http::HdrType::CONNECTION, request->flags.proxyKeepalive ? "keep-alive" : "close"); |
62e76326 | 1431 | |
45cca89d | 1432 | /* Surrogate-Control requires Surrogate-Capability from upstream to pass on */ |
789217a2 FC |
1433 | if ( hdr->has(Http::HdrType::SURROGATE_CONTROL) ) { |
1434 | if (!request->header.has(Http::HdrType::SURROGATE_CAPABILITY)) { | |
1435 | hdr->delById(Http::HdrType::SURROGATE_CONTROL); | |
45cca89d AJ |
1436 | } |
1437 | /* TODO: else case: drop any controls intended specifically for our surrogate ID */ | |
1438 | } | |
1439 | ||
cde8f31b | 1440 | httpHdrMangleList(hdr, request, http->al, ROR_REPLY); |
edce4d98 | 1441 | } |
1442 | ||
0655fa4d | 1443 | void |
b297bcd0 | 1444 | clientReplyContext::cloneReply() |
edce4d98 | 1445 | { |
aee3523a | 1446 | assert(reply == nullptr); |
0655fa4d | 1447 | |
66d51f4f | 1448 | reply = http->storeEntry()->mem().freshestReply().clone(); |
b248c2a3 | 1449 | HTTPMSGLOCK(reply); |
7dc5f514 | 1450 | |
49f57088 EB |
1451 | http->al->reply = reply; |
1452 | ||
8774ca07 | 1453 | if (reply->sline.version.protocol == AnyP::PROTO_HTTP) { |
2592bc70 AJ |
1454 | /* RFC 2616 requires us to advertise our version (but only on real HTTP traffic) */ |
1455 | reply->sline.version = Http::ProtocolVersion(); | |
e77d7ef0 | 1456 | } |
0655fa4d | 1457 | |
1458 | /* do header conversions */ | |
1459 | buildReplyHeader(); | |
edce4d98 | 1460 | } |
1461 | ||
7681a3b9 AR |
1462 | /// Safely disposes of an entry pointing to a cache hit that we do not want. |
1463 | /// We cannot just ignore the entry because it may be locking or otherwise | |
1464 | /// holding an associated cache resource of some sort. | |
1465 | void | |
1466 | clientReplyContext::forgetHit() | |
1467 | { | |
1468 | StoreEntry *e = http->storeEntry(); | |
1469 | assert(e); // or we are not dealing with a hit | |
1470 | // We probably have not locked the entry earlier, unfortunately. We lock it | |
1471 | // now so that we can unlock two lines later (and trigger cleanup). | |
1472 | // Ideally, ClientHttpRequest::storeEntry() should lock/unlock, but it is | |
1473 | // used so inconsistently that simply adding locking there leads to bugs. | |
1bfe9ade | 1474 | e->lock("clientReplyContext::forgetHit"); |
aee3523a | 1475 | http->storeEntry(nullptr); |
1bfe9ade | 1476 | e->unlock("clientReplyContext::forgetHit"); // may delete e |
7681a3b9 AR |
1477 | } |
1478 | ||
e6ccf245 | 1479 | void |
1480 | clientReplyContext::identifyStoreObject() | |
edce4d98 | 1481 | { |
190154cf | 1482 | HttpRequest *r = http->request; |
62e76326 | 1483 | |
f8acd68f GD |
1484 | // client sent CC:no-cache or some other condition has been |
1485 | // encountered which prevents delivering a public/cached object. | |
92a5adb7 AR |
1486 | // XXX: The above text does not match the condition below. It might describe |
1487 | // the opposite condition, but the condition itself should be adjusted | |
1488 | // (e.g., to honor flags.noCache in cache manager requests). | |
f8acd68f | 1489 | if (!r->flags.noCache || r->flags.internal) { |
7976fed3 EB |
1490 | const auto e = storeGetPublicByRequest(r); |
1491 | identifyFoundObject(e, storeLookupString(bool(e))); | |
559da936 | 1492 | } else { |
5fdc5490 | 1493 | // "external" no-cache requests skip Store lookups |
7976fed3 | 1494 | identifyFoundObject(nullptr, "no-cache"); |
559da936 | 1495 | } |
e6ccf245 | 1496 | } |
1497 | ||
7d5f62a4 AJ |
1498 | /** |
1499 | * Check state of the current StoreEntry object. | |
1500 | * to see if we can determine the final status of the request. | |
1501 | */ | |
e6ccf245 | 1502 | void |
7976fed3 | 1503 | clientReplyContext::identifyFoundObject(StoreEntry *newEntry, const char *detail) |
e6ccf245 | 1504 | { |
7976fed3 EB |
1505 | detailStoreLookup(detail); |
1506 | ||
190154cf | 1507 | HttpRequest *r = http->request; |
69565793 EB |
1508 | http->storeEntry(newEntry); |
1509 | const auto e = http->storeEntry(); | |
a12a049a | 1510 | |
7d5f62a4 | 1511 | /* Release IP-cache entries on reload */ |
d85b8894 | 1512 | /** \li If the request has no-cache flag set or some no_cache HACK in operation we |
7d5f62a4 AJ |
1513 | * 'invalidate' the cached IP entries for this request ??? |
1514 | */ | |
17852883 | 1515 | if (r->flags.noCache || r->flags.noCacheHack()) |
5c51bffb | 1516 | ipcacheInvalidateNegative(r->url.host()); |
45e5102d | 1517 | |
69565793 | 1518 | if (!e) { |
d85b8894 | 1519 | /** \li If no StoreEntry object is current assume this object isn't in the cache set MISS*/ |
e4d13993 | 1520 | debugs(85, 3, "StoreEntry is NULL - MISS"); |
12f5a662 | 1521 | http->updateLoggingTags(LOG_TCP_MISS); |
62e76326 | 1522 | doGetMoreData(); |
1523 | return; | |
edce4d98 | 1524 | } |
62e76326 | 1525 | |
edce4d98 | 1526 | if (Config.onoff.offline) { |
d85b8894 | 1527 | /** \li If we are running in offline mode set to HIT */ |
e4d13993 | 1528 | debugs(85, 3, "offline HIT " << *e); |
12f5a662 | 1529 | http->updateLoggingTags(LOG_TCP_HIT); |
62e76326 | 1530 | doGetMoreData(); |
1531 | return; | |
edce4d98 | 1532 | } |
62e76326 | 1533 | |
edce4d98 | 1534 | if (http->redirect.status) { |
d85b8894 | 1535 | /** \li If redirection status is True force this to be a MISS */ |
539283df | 1536 | debugs(85, 3, "REDIRECT status forced StoreEntry to NULL (no body on 3XX responses) " << *e); |
7681a3b9 | 1537 | forgetHit(); |
12f5a662 | 1538 | http->updateLoggingTags(LOG_TCP_REDIRECT); |
62e76326 | 1539 | doGetMoreData(); |
1540 | return; | |
edce4d98 | 1541 | } |
62e76326 | 1542 | |
3900307b | 1543 | if (!e->validToSend()) { |
e4d13993 | 1544 | debugs(85, 3, "!storeEntryValidToSend MISS " << *e); |
7681a3b9 | 1545 | forgetHit(); |
12f5a662 | 1546 | http->updateLoggingTags(LOG_TCP_MISS); |
62e76326 | 1547 | doGetMoreData(); |
1548 | return; | |
edce4d98 | 1549 | } |
62e76326 | 1550 | |
edce4d98 | 1551 | if (EBIT_TEST(e->flags, ENTRY_SPECIAL)) { |
d85b8894 | 1552 | /* \li Special entries are always hits, no matter what the client says */ |
e4d13993 | 1553 | debugs(85, 3, "ENTRY_SPECIAL HIT " << *e); |
12f5a662 | 1554 | http->updateLoggingTags(LOG_TCP_HIT); |
62e76326 | 1555 | doGetMoreData(); |
1556 | return; | |
edce4d98 | 1557 | } |
62e76326 | 1558 | |
450fe1cb | 1559 | if (r->flags.noCache) { |
e4d13993 | 1560 | debugs(85, 3, "no-cache REFRESH MISS " << *e); |
7681a3b9 | 1561 | forgetHit(); |
12f5a662 | 1562 | http->updateLoggingTags(LOG_TCP_CLIENT_REFRESH_MISS); |
62e76326 | 1563 | doGetMoreData(); |
1564 | return; | |
edce4d98 | 1565 | } |
62e76326 | 1566 | |
d2a6dcba | 1567 | if (e->hittingRequiresCollapsing() && !startCollapsingOn(*e, false)) { |
819be284 EB |
1568 | debugs(85, 3, "prohibited CF MISS " << *e); |
1569 | forgetHit(); | |
12f5a662 | 1570 | http->updateLoggingTags(LOG_TCP_MISS); |
819be284 EB |
1571 | doGetMoreData(); |
1572 | return; | |
1573 | } | |
1574 | ||
e4d13993 | 1575 | debugs(85, 3, "default HIT " << *e); |
12f5a662 | 1576 | http->updateLoggingTags(LOG_TCP_HIT); |
e6ccf245 | 1577 | doGetMoreData(); |
edce4d98 | 1578 | } |
1579 | ||
5fdc5490 AJ |
1580 | /// remembers the very first Store lookup classification, ignoring the rest |
1581 | void | |
1582 | clientReplyContext::detailStoreLookup(const char *detail) | |
1583 | { | |
1584 | if (!firstStoreLookup_) { | |
1585 | debugs(85, 7, detail); | |
1586 | firstStoreLookup_ = detail; | |
1587 | } else { | |
1588 | debugs(85, 7, "ignores " << detail << " after " << firstStoreLookup_); | |
1589 | } | |
1590 | } | |
1591 | ||
d85b8894 AJ |
1592 | /** |
1593 | * Request more data from the store for the client Stream | |
edce4d98 | 1594 | * This is *the* entry point to this module. |
1595 | * | |
1596 | * Preconditions: | |
d85b8894 AJ |
1597 | * - This is the head of the list. |
1598 | * - There is at least one more node. | |
1599 | * - Data context is not null | |
edce4d98 | 1600 | */ |
1601 | void | |
59a1efb2 | 1602 | clientGetMoreData(clientStreamNode * aNode, ClientHttpRequest * http) |
edce4d98 | 1603 | { |
edce4d98 | 1604 | /* Test preconditions */ |
aee3523a | 1605 | assert(aNode != nullptr); |
e6ccf245 | 1606 | assert(cbdataReferenceValid(aNode)); |
aee3523a AR |
1607 | assert(aNode->node.prev == nullptr); |
1608 | assert(aNode->node.next != nullptr); | |
0655fa4d | 1609 | clientReplyContext *context = dynamic_cast<clientReplyContext *>(aNode->data.getRaw()); |
1610 | assert (context); | |
edce4d98 | 1611 | assert(context->http == http); |
1612 | ||
edce4d98 | 1613 | if (!context->ourNode) |
62e76326 | 1614 | context->ourNode = aNode; |
1615 | ||
e6ccf245 | 1616 | /* no cbdatareference, this is only used once, and safely */ |
edce4d98 | 1617 | if (context->flags.storelogiccomplete) { |
122a6e3c | 1618 | context->requestMoreBodyFromStore(); |
62e76326 | 1619 | return; |
edce4d98 | 1620 | } |
62e76326 | 1621 | |
c2a7cefd | 1622 | if (context->http->request->method == Http::METHOD_PURGE) { |
62e76326 | 1623 | context->purgeRequest(); |
1624 | return; | |
edce4d98 | 1625 | } |
62e76326 | 1626 | |
e18b8316 | 1627 | // OPTIONS with Max-Forwards:0 handled in clientProcessRequest() |
fc90edc3 | 1628 | |
c2a7cefd | 1629 | if (context->http->request->method == Http::METHOD_TRACE) { |
789217a2 | 1630 | if (context->http->request->header.getInt64(Http::HdrType::MAX_FORWARDS) == 0) { |
122a6e3c | 1631 | context->traceReply(); |
62e76326 | 1632 | return; |
1633 | } | |
1634 | ||
1635 | /* continue forwarding, not finished yet. */ | |
12f5a662 | 1636 | http->updateLoggingTags(LOG_TCP_MISS); |
62e76326 | 1637 | |
1638 | context->doGetMoreData(); | |
edce4d98 | 1639 | } else |
62e76326 | 1640 | context->identifyStoreObject(); |
e6ccf245 | 1641 | } |
1642 | ||
1643 | void | |
1644 | clientReplyContext::doGetMoreData() | |
1645 | { | |
edce4d98 | 1646 | /* We still have to do store logic processing - vary, cache hit etc */ |
aee3523a | 1647 | if (http->storeEntry() != nullptr) { |
62e76326 | 1648 | /* someone found the object in the cache for us */ |
8bcf08e0 | 1649 | StoreIOBuffer localTempBuffer; |
34266cde | 1650 | |
1bfe9ade | 1651 | http->storeEntry()->lock("clientReplyContext::doGetMoreData"); |
62e76326 | 1652 | |
76d61119 | 1653 | http->storeEntry()->ensureMemObject(storeId(), http->log_uri, http->request->method); |
62e76326 | 1654 | |
86a2f789 | 1655 | sc = storeClientListAdd(http->storeEntry(), this); |
9a0a18de | 1656 | #if USE_DELAY_POOLS |
62e76326 | 1657 | sc->setDelayId(DelayId::DelayClient(http)); |
edce4d98 | 1658 | #endif |
62e76326 | 1659 | |
12f5a662 | 1660 | assert(http->loggingTags().oldType == LOG_TCP_HIT); |
62e76326 | 1661 | /* guarantee nothing has been sent yet! */ |
1662 | assert(http->out.size == 0); | |
1663 | assert(http->out.offset == 0); | |
425de4c8 | 1664 | |
6b4edefb CT |
1665 | if (ConnStateData *conn = http->getConn()) { |
1666 | if (Ip::Qos::TheConfig.isHitTosActive()) { | |
1667 | Ip::Qos::doTosLocalHit(conn->clientConnection); | |
1668 | } | |
425de4c8 | 1669 | |
6b4edefb CT |
1670 | if (Ip::Qos::TheConfig.isHitNfmarkActive()) { |
1671 | Ip::Qos::doNfmarkLocalHit(conn->clientConnection); | |
1672 | } | |
b86ab75b | 1673 | } |
425de4c8 | 1674 | |
122a6e3c | 1675 | triggerInitialStoreRead(CacheHit); |
edce4d98 | 1676 | } else { |
12f5a662 | 1677 | /* MISS CASE, http->loggingTags() are already set! */ |
0655fa4d | 1678 | processMiss(); |
edce4d98 | 1679 | } |
1680 | } | |
1681 | ||
d85b8894 | 1682 | /** The next node has removed itself from the stream. */ |
edce4d98 | 1683 | void |
59a1efb2 | 1684 | clientReplyDetach(clientStreamNode * node, ClientHttpRequest * http) |
edce4d98 | 1685 | { |
d85b8894 | 1686 | /** detach from the stream */ |
edce4d98 | 1687 | clientStreamDetach(node, http); |
1688 | } | |
1689 | ||
d85b8894 AJ |
1690 | /** |
1691 | * Accepts chunk of a http message in buf, parses prefix, filters headers and | |
edce4d98 | 1692 | * such, writes processed message to the message recipient |
1693 | */ | |
1694 | void | |
0655fa4d | 1695 | clientReplyContext::SendMoreData(void *data, StoreIOBuffer result) |
edce4d98 | 1696 | { |
e6ccf245 | 1697 | clientReplyContext *context = static_cast<clientReplyContext *>(data); |
528b2c61 | 1698 | context->sendMoreData (result); |
1699 | } | |
1700 | ||
1701 | void | |
1702 | clientReplyContext::makeThisHead() | |
1703 | { | |
2f8abb64 | 1704 | /* At least, I think that's what this does */ |
528b2c61 | 1705 | dlinkDelete(&http->active, &ClientActiveRequests); |
1706 | dlinkAdd(http, &http->active, &ClientActiveRequests); | |
1707 | } | |
1708 | ||
1709 | bool | |
122a6e3c | 1710 | clientReplyContext::errorInStream(const StoreIOBuffer &result) const |
528b2c61 | 1711 | { |
1712 | return /* aborted request */ | |
86a2f789 | 1713 | (http->storeEntry() && EBIT_TEST(http->storeEntry()->flags, ENTRY_ABORTED)) || |
122a6e3c | 1714 | /* Upstream read error */ (result.flags.error); |
528b2c61 | 1715 | } |
1716 | ||
1717 | void | |
1718 | clientReplyContext::sendStreamError(StoreIOBuffer const &result) | |
1719 | { | |
d85b8894 | 1720 | /** call clientWriteComplete so the client socket gets closed |
af6a12ee | 1721 | * |
d85b8894 | 1722 | * We call into the stream, because we don't know that there is a |
528b2c61 | 1723 | * client socket! |
1724 | */ | |
61beade2 | 1725 | debugs(88, 5, "A stream error has occurred, marking as complete and sending no data."); |
8bcf08e0 | 1726 | StoreIOBuffer localTempBuffer; |
528b2c61 | 1727 | flags.complete = 1; |
e857372a | 1728 | http->request->flags.streamError = true; |
8bcf08e0 | 1729 | localTempBuffer.flags.error = result.flags.error; |
aee3523a | 1730 | clientStreamCallback((clientStreamNode*)http->client_stream.head->data, http, nullptr, |
8bcf08e0 | 1731 | localTempBuffer); |
528b2c61 | 1732 | } |
1733 | ||
1734 | void | |
122a6e3c | 1735 | clientReplyContext::pushStreamData(const StoreIOBuffer &result) |
528b2c61 | 1736 | { |
528b2c61 | 1737 | if (result.length == 0) { |
bf8fe701 | 1738 | debugs(88, 5, "clientReplyContext::pushStreamData: marking request as complete due to 0 length store result"); |
62e76326 | 1739 | flags.complete = 1; |
528b2c61 | 1740 | } |
62e76326 | 1741 | |
122a6e3c | 1742 | assert(!result.length || result.offset == next()->readBuffer.offset); |
aee3523a | 1743 | clientStreamCallback((clientStreamNode*)http->client_stream.head->data, http, nullptr, |
122a6e3c | 1744 | result); |
528b2c61 | 1745 | } |
1746 | ||
1747 | clientStreamNode * | |
1748 | clientReplyContext::next() const | |
1749 | { | |
1750 | assert ( (clientStreamNode*)http->client_stream.head->next->data == getNextNode()); | |
1751 | return getNextNode(); | |
1752 | } | |
1753 | ||
b51aec66 | 1754 | void |
16611143 | 1755 | clientReplyContext::sendBodyTooLargeError() |
b51aec66 | 1756 | { |
12f5a662 | 1757 | http->updateLoggingTags(LOG_TCP_DENIED_REPLY); |
aee3523a | 1758 | ErrorState *err = clientBuildError(ERR_TOO_BIG, Http::scForbidden, nullptr, |
7976fed3 | 1759 | http->getConn(), http->request, http->al); |
16611143 | 1760 | removeClientStoreReference(&(sc), http); |
1761 | HTTPMSGUNLOCK(reply); | |
1762 | startError(err); | |
26ac0430 | 1763 | |
b51aec66 | 1764 | } |
1765 | ||
79c8035e AR |
1766 | /// send 412 (Precondition Failed) to client |
1767 | void | |
1768 | clientReplyContext::sendPreconditionFailedError() | |
1769 | { | |
12f5a662 | 1770 | http->updateLoggingTags(LOG_TCP_HIT); |
79c8035e | 1771 | ErrorState *const err = |
955394ce | 1772 | clientBuildError(ERR_PRECONDITION_FAILED, Http::scPreconditionFailed, |
7976fed3 | 1773 | nullptr, http->getConn(), http->request, http->al); |
79c8035e AR |
1774 | removeClientStoreReference(&sc, http); |
1775 | HTTPMSGUNLOCK(reply); | |
1776 | startError(err); | |
1777 | } | |
1778 | ||
a2bd457d AJ |
1779 | /// send 304 (Not Modified) to client |
1780 | void | |
1781 | clientReplyContext::sendNotModified() | |
1782 | { | |
1783 | StoreEntry *e = http->storeEntry(); | |
1784 | const time_t timestamp = e->timestamp; | |
66d51f4f | 1785 | const auto temprep = e->mem().freshestReply().make304(); |
787ea68c GD |
1786 | // log as TCP_INM_HIT if code 304 generated for |
1787 | // If-None-Match request | |
1788 | if (!http->request->flags.ims) | |
12f5a662 | 1789 | http->updateLoggingTags(LOG_TCP_INM_HIT); |
787ea68c | 1790 | else |
12f5a662 | 1791 | http->updateLoggingTags(LOG_TCP_IMS_HIT); |
a2bd457d | 1792 | removeClientStoreReference(&sc, http); |
f206b652 | 1793 | createStoreEntry(http->request->method, RequestFlags()); |
a2bd457d AJ |
1794 | e = http->storeEntry(); |
1795 | // Copy timestamp from the original entry so the 304 | |
1796 | // reply has a meaningful Age: header. | |
90fa5816 | 1797 | e->timestampsSet(); |
a2bd457d AJ |
1798 | e->timestamp = timestamp; |
1799 | e->replaceHttpReply(temprep); | |
1800 | e->complete(); | |
1801 | /* | |
1802 | * TODO: why put this in the store and then serialise it and | |
1803 | * then parse it again. Simply mark the request complete in | |
1804 | * our context and write the reply struct to the client side. | |
1805 | */ | |
1806 | triggerInitialStoreRead(); | |
1807 | } | |
1808 | ||
1809 | /// send 304 (Not Modified) or 412 (Precondition Failed) to client | |
1810 | /// depending on request method | |
1811 | void | |
1812 | clientReplyContext::sendNotModifiedOrPreconditionFailedError() | |
1813 | { | |
c2a7cefd AJ |
1814 | if (http->request->method == Http::METHOD_GET || |
1815 | http->request->method == Http::METHOD_HEAD) | |
a2bd457d AJ |
1816 | sendNotModified(); |
1817 | else | |
1818 | sendPreconditionFailedError(); | |
1819 | } | |
1820 | ||
4993f571 | 1821 | void |
1822 | clientReplyContext::processReplyAccess () | |
1823 | { | |
b50e327b | 1824 | /* NP: this should probably soft-fail to a zero-sized-reply error ?? */ |
7dc5f514 | 1825 | assert(reply); |
b50e327b AJ |
1826 | |
1827 | /** Don't block our own responses or HTTP status messages */ | |
12f5a662 EB |
1828 | if (http->loggingTags().oldType == LOG_TCP_DENIED || |
1829 | http->loggingTags().oldType == LOG_TCP_DENIED_REPLY || | |
9b769c67 | 1830 | alwaysAllowResponse(reply->sline.status())) { |
2efeb0b7 | 1831 | processReplyAccessResult(ACCESS_ALLOWED); |
26ac0430 | 1832 | return; |
230a8cc6 | 1833 | } |
26ac0430 | 1834 | |
b50e327b | 1835 | /** Check for reply to big error */ |
16611143 | 1836 | if (reply->expectedBodyTooLarge(*http->request)) { |
1837 | sendBodyTooLargeError(); | |
62e76326 | 1838 | return; |
1839 | } | |
1840 | ||
b50e327b | 1841 | /** check for absent access controls (permit by default) */ |
230a8cc6 | 1842 | if (!Config.accessList.reply) { |
2efeb0b7 | 1843 | processReplyAccessResult(ACCESS_ALLOWED); |
26ac0430 | 1844 | return; |
230a8cc6 | 1845 | } |
1846 | ||
b50e327b | 1847 | /** Process http_reply_access lists */ |
c56edb4a | 1848 | auto replyChecklist = |
127dce76 | 1849 | clientAclChecklistCreate(Config.accessList.reply, http); |
b1c2ea7a | 1850 | replyChecklist->updateReply(reply); |
c56edb4a | 1851 | ACLFilledChecklist::NonBlockingCheck(std::move(replyChecklist), ProcessReplyAccessResult, this); |
4993f571 | 1852 | } |
1853 | ||
1854 | void | |
329c128c | 1855 | clientReplyContext::ProcessReplyAccessResult(Acl::Answer rv, void *voidMe) |
4993f571 | 1856 | { |
1857 | clientReplyContext *me = static_cast<clientReplyContext *>(voidMe); | |
0655fa4d | 1858 | me->processReplyAccessResult(rv); |
4993f571 | 1859 | } |
1860 | ||
1861 | void | |
329c128c | 1862 | clientReplyContext::processReplyAccessResult(const Acl::Answer &accessAllowed) |
4993f571 | 1863 | { |
7f06a3d8 AJ |
1864 | debugs(88, 2, "The reply for " << http->request->method |
1865 | << ' ' << http->uri << " is " << accessAllowed << ", because it matched " | |
25aa6c9a | 1866 | << accessAllowed.lastCheckDescription()); |
62e76326 | 1867 | |
06bf5384 | 1868 | if (!accessAllowed.allowed()) { |
62e76326 | 1869 | ErrorState *err; |
25aa6c9a | 1870 | auto page_id = FindDenyInfoPage(accessAllowed, true); |
0185bd6f | 1871 | |
12f5a662 | 1872 | http->updateLoggingTags(LOG_TCP_DENIED_REPLY); |
c466369c | 1873 | |
0185bd6f | 1874 | if (page_id == ERR_NONE) |
1875 | page_id = ERR_ACCESS_DENIED; | |
1876 | ||
aee3523a | 1877 | err = clientBuildError(page_id, Http::scForbidden, nullptr, |
7976fed3 | 1878 | http->getConn(), http->request, http->al); |
0185bd6f | 1879 | |
86a2f789 | 1880 | removeClientStoreReference(&sc, http); |
0185bd6f | 1881 | |
7dc5f514 | 1882 | HTTPMSGUNLOCK(reply); |
0185bd6f | 1883 | |
3c2c1d31 | 1884 | startError(err); |
1885 | ||
62e76326 | 1886 | return; |
1887 | } | |
1888 | ||
0976f8db | 1889 | /* Ok, the reply is allowed, */ |
1890 | http->loggingEntry(http->storeEntry()); | |
1891 | ||
122a6e3c AR |
1892 | Assure(matchesStreamBodyBuffer(lastStreamBufferedBytes)); |
1893 | Assure(!lastStreamBufferedBytes.offset); | |
1894 | auto body_size = lastStreamBufferedBytes.length; // may be zero | |
0976f8db | 1895 | |
bf8fe701 | 1896 | debugs(88, 3, "clientReplyContext::sendMoreData: Appending " << |
1897 | (int) body_size << " bytes after " << reply->hdr_sz << | |
1898 | " bytes of headers"); | |
0976f8db | 1899 | |
c2a7cefd | 1900 | if (http->request->method == Http::METHOD_HEAD) { |
62e76326 | 1901 | /* do not forward body for HEAD replies */ |
1902 | body_size = 0; | |
be4d35dc | 1903 | http->flags.done_copying = true; |
62e76326 | 1904 | flags.complete = 1; |
1905 | } | |
1906 | ||
1907 | assert (!flags.headersSent); | |
1908 | flags.headersSent = true; | |
1909 | ||
122a6e3c AR |
1910 | // next()->readBuffer.offset may be positive for Range requests, but our |
1911 | // localTempBuffer initialization code assumes that next()->readBuffer.data | |
1912 | // points to the response body at offset 0 because the first | |
1913 | // storeClientCopy() request always has offset 0 (i.e. our first Store | |
1914 | // request ignores next()->readBuffer.offset). | |
1915 | // | |
1916 | // XXX: We cannot fully check that assumption: readBuffer.offset field is | |
1917 | // often out of sync with the buffer content, and if some buggy code updates | |
1918 | // the buffer while we were waiting for the processReplyAccessResult() | |
1919 | // callback, we may not notice. | |
1920 | ||
8bcf08e0 | 1921 | StoreIOBuffer localTempBuffer; |
122a6e3c | 1922 | const auto body_buf = next()->readBuffer.data; |
62e76326 | 1923 | |
49ea0125 | 1924 | //Server side may disable ranges under some circumstances. |
1925 | ||
1926 | if ((!http->request->range)) | |
1927 | next()->readBuffer.offset = 0; | |
1928 | ||
122a6e3c AR |
1929 | if (next()->readBuffer.offset > 0) { |
1930 | if (Less(body_size, next()->readBuffer.offset)) { | |
2324cda2 | 1931 | /* Can't use any of the body we received. send nothing */ |
8bcf08e0 | 1932 | localTempBuffer.length = 0; |
aee3523a | 1933 | localTempBuffer.data = nullptr; |
62e76326 | 1934 | } else { |
8bcf08e0 FC |
1935 | localTempBuffer.length = body_size - next()->readBuffer.offset; |
1936 | localTempBuffer.data = body_buf + next()->readBuffer.offset; | |
62e76326 | 1937 | } |
1938 | } else { | |
8bcf08e0 FC |
1939 | localTempBuffer.length = body_size; |
1940 | localTempBuffer.data = body_buf; | |
62e76326 | 1941 | } |
1942 | ||
62e76326 | 1943 | clientStreamCallback((clientStreamNode *)http->client_stream.head->data, |
8bcf08e0 | 1944 | http, reply, localTempBuffer); |
62e76326 | 1945 | |
1946 | return; | |
4993f571 | 1947 | } |
1948 | ||
528b2c61 | 1949 | void |
1950 | clientReplyContext::sendMoreData (StoreIOBuffer result) | |
1951 | { | |
50c09fc4 | 1952 | if (deleting) |
1953 | return; | |
1954 | ||
122a6e3c AR |
1955 | debugs(88, 5, http->uri << " got " << result); |
1956 | ||
86a2f789 | 1957 | StoreEntry *entry = http->storeEntry(); |
50c09fc4 | 1958 | |
cda7024f CT |
1959 | if (ConnStateData * conn = http->getConn()) { |
1960 | if (!conn->isOpen()) { | |
1961 | debugs(33,3, "not sending more data to closing connection " << conn->clientConnection); | |
1962 | return; | |
1963 | } | |
1964 | if (conn->pinning.zeroReply) { | |
1965 | debugs(33,3, "not sending more data after a pinned zero reply " << conn->clientConnection); | |
1966 | return; | |
1967 | } | |
50c09fc4 | 1968 | |
122a6e3c AR |
1969 | if (!flags.headersSent && !http->loggingTags().isTcpHit()) { |
1970 | // We get here twice if processReplyAccessResult() calls startError(). | |
1971 | // TODO: Revise when we check/change QoS markings to reduce syscalls. | |
cda7024f CT |
1972 | if (Ip::Qos::TheConfig.isHitTosActive()) { |
1973 | Ip::Qos::doTosLocalMiss(conn->clientConnection, http->request->hier.code); | |
1974 | } | |
1975 | if (Ip::Qos::TheConfig.isHitNfmarkActive()) { | |
1976 | Ip::Qos::doNfmarkLocalMiss(conn->clientConnection, http->request->hier.code); | |
1977 | } | |
1978 | } | |
1979 | ||
4b5ea8a6 | 1980 | debugs(88, 5, conn->clientConnection << |
cda7024f CT |
1981 | " '" << entry->url() << "'" << |
1982 | " out.offset=" << http->out.offset); | |
9af2f95b | 1983 | } |
50c09fc4 | 1984 | |
ab9c533b HN |
1985 | /* We've got the final data to start pushing... */ |
1986 | flags.storelogiccomplete = 1; | |
1987 | ||
aee3523a | 1988 | assert(http->request != nullptr); |
62e76326 | 1989 | |
edce4d98 | 1990 | /* ESI TODO: remove this assert once everything is stable */ |
1991 | assert(http->client_stream.head->data | |
62e76326 | 1992 | && cbdataReferenceValid(http->client_stream.head->data)); |
528b2c61 | 1993 | |
1994 | makeThisHead(); | |
62e76326 | 1995 | |
122a6e3c | 1996 | if (errorInStream(result)) { |
62e76326 | 1997 | sendStreamError(result); |
1998 | return; | |
edce4d98 | 1999 | } |
528b2c61 | 2000 | |
122a6e3c AR |
2001 | if (!matchesStreamBodyBuffer(result)) { |
2002 | // Subsequent processing expects response body bytes to be at the start | |
2003 | // of our Client Stream buffer. When given something else (e.g., bytes | |
2004 | // in our tempbuf), we copy and adjust to meet those expectations. | |
2005 | const auto &ourClientStreamsBuffer = next()->readBuffer; | |
2006 | assert(result.length <= ourClientStreamsBuffer.length); | |
2007 | memcpy(ourClientStreamsBuffer.data, result.data, result.length); | |
2008 | result.data = ourClientStreamsBuffer.data; | |
2009 | } | |
2010 | ||
2011 | noteStreamBufferredBytes(result); | |
2012 | ||
528b2c61 | 2013 | if (flags.headersSent) { |
122a6e3c | 2014 | pushStreamData(result); |
62e76326 | 2015 | return; |
edce4d98 | 2016 | } |
62e76326 | 2017 | |
b297bcd0 | 2018 | cloneReply(); |
21b92762 | 2019 | |
c4a9875e VL |
2020 | #if USE_DELAY_POOLS |
2021 | if (sc) | |
2022 | sc->setDelayId(DelayId::DelayClient(http,reply)); | |
2023 | #endif | |
2024 | ||
b297bcd0 HN |
2025 | processReplyAccess(); |
2026 | return; | |
edce4d98 | 2027 | } |
2028 | ||
122a6e3c AR |
2029 | /// Whether the given body area describes the start of our Client Stream buffer. |
2030 | /// An empty area does. | |
2031 | bool | |
2032 | clientReplyContext::matchesStreamBodyBuffer(const StoreIOBuffer &their) const | |
2033 | { | |
2034 | // the answer is undefined for errors; they are not really "body buffers" | |
2035 | Assure(!their.flags.error); | |
2036 | ||
2037 | if (!their.length) | |
2038 | return true; // an empty body area always matches our body area | |
2039 | ||
2040 | if (their.data != next()->readBuffer.data) { | |
2041 | debugs(88, 7, "no: " << their << " vs. " << next()->readBuffer); | |
2042 | return false; | |
2043 | } | |
2044 | ||
2045 | return true; | |
2046 | } | |
2047 | ||
2048 | void | |
2049 | clientReplyContext::noteStreamBufferredBytes(const StoreIOBuffer &result) | |
2050 | { | |
2051 | Assure(matchesStreamBodyBuffer(result)); | |
2052 | lastStreamBufferedBytes = result; // may be unchanged and/or zero-length | |
2053 | } | |
2054 | ||
819be284 EB |
2055 | void |
2056 | clientReplyContext::fillChecklist(ACLFilledChecklist &checklist) const | |
2057 | { | |
2058 | clientAclChecklistFill(checklist, http); | |
2059 | } | |
2060 | ||
edce4d98 | 2061 | /* Using this breaks the client layering just a little! |
2062 | */ | |
0655fa4d | 2063 | void |
f206b652 | 2064 | clientReplyContext::createStoreEntry(const HttpRequestMethod& m, RequestFlags reqFlags) |
edce4d98 | 2065 | { |
aee3523a | 2066 | assert(http != nullptr); |
edce4d98 | 2067 | /* |
2068 | * For erroneous requests, we might not have a h->request, | |
2069 | * so make a fake one. | |
2070 | */ | |
62e76326 | 2071 | |
aee3523a | 2072 | if (http->request == nullptr) { |
ad05b958 EB |
2073 | const auto connManager = http->getConn(); |
2074 | const auto mx = MasterXaction::MakePortful(connManager ? connManager->port : nullptr); | |
bec110e4 EB |
2075 | // XXX: These fake URI parameters shadow the real (or error:...) URI. |
2076 | // TODO: Either always set the request earlier and assert here OR use | |
2077 | // http->uri (converted to Anyp::Uri) to create this catch-all request. | |
2078 | const_cast<HttpRequest *&>(http->request) = new HttpRequest(m, AnyP::PROTO_NONE, "http", null_string, mx); | |
b248c2a3 AJ |
2079 | HTTPMSGLOCK(http->request); |
2080 | } | |
62e76326 | 2081 | |
a8a0b1c2 | 2082 | StoreEntry *e = storeCreateEntry(storeId(), http->log_uri, reqFlags, m); |
62e76326 | 2083 | |
2f8abb64 | 2084 | // Make entry collapsible ASAP, to increase collapsing chances for others, |
e4d13993 AR |
2085 | // TODO: every must-revalidate and similar request MUST reach the origin, |
2086 | // but do we have to prohibit others from collapsing on that request? | |
819be284 | 2087 | if (reqFlags.cachable && |
9d4e9cfb | 2088 | !reqFlags.needValidation && |
819be284 EB |
2089 | (m == Http::METHOD_GET || m == Http::METHOD_HEAD) && |
2090 | mayInitiateCollapsing()) { | |
9a9954ba | 2091 | // make the entry available for future requests now |
4310f8b0 | 2092 | (void)Store::Root().allowCollapsing(e, reqFlags, m); |
9a9954ba AR |
2093 | } |
2094 | ||
0655fa4d | 2095 | sc = storeClientListAdd(e, this); |
62e76326 | 2096 | |
9a0a18de | 2097 | #if USE_DELAY_POOLS |
0655fa4d | 2098 | sc->setDelayId(DelayId::DelayClient(http)); |
edce4d98 | 2099 | #endif |
62e76326 | 2100 | |
edce4d98 | 2101 | /* The next line is illegal because we don't know if the client stream |
26ac0430 | 2102 | * buffers have been set up |
edce4d98 | 2103 | */ |
0655fa4d | 2104 | // storeClientCopy(http->sc, e, 0, HTTP_REQBUF_SZ, http->reqbuf, |
2105 | // SendMoreData, this); | |
edce4d98 | 2106 | /* So, we mark the store logic as complete */ |
8bcf08e0 | 2107 | flags.storelogiccomplete = 1; |
62e76326 | 2108 | |
2f8abb64 | 2109 | /* and get the caller to request a read, from wherever they are */ |
62e76326 | 2110 | /* NOTE: after ANY data flows down the pipe, even one step, |
26ac0430 | 2111 | * this function CAN NOT be used to manage errors |
edce4d98 | 2112 | */ |
86a2f789 | 2113 | http->storeEntry(e); |
edce4d98 | 2114 | } |
2115 | ||
2116 | ErrorState * | |
955394ce | 2117 | clientBuildError(err_type page_id, Http::StatusCode status, char const *url, |
7976fed3 | 2118 | const ConnStateData *conn, HttpRequest *request, const AccessLogEntry::Pointer &al) |
edce4d98 | 2119 | { |
7e6eabbc | 2120 | const auto err = new ErrorState(page_id, status, request, al); |
7976fed3 | 2121 | err->src_addr = conn && conn->clientConnection ? conn->clientConnection->remote : Ip::Address::NoAddr(); |
62e76326 | 2122 | |
edce4d98 | 2123 | if (url) |
62e76326 | 2124 | err->url = xstrdup(url); |
2125 | ||
edce4d98 | 2126 | return err; |
2127 | } | |
f53969cc | 2128 |