]>
Commit | Line | Data |
---|---|---|
da2b3a17 | 1 | |
30a4f2a8 | 2 | /* |
3f7d66c7 | 3 | * $Id: http.cc,v 1.460 2005/09/28 19:52:52 wessels Exp $ |
30a4f2a8 | 4 | * |
5 | * DEBUG: section 11 Hypertext Transfer Protocol (HTTP) | |
6 | * AUTHOR: Harvest Derived | |
7 | * | |
2b6662ba | 8 | * SQUID Web Proxy Cache http://www.squid-cache.org/ |
e25c139f | 9 | * ---------------------------------------------------------- |
30a4f2a8 | 10 | * |
2b6662ba | 11 | * Squid is the result of efforts by numerous individuals from |
12 | * the Internet community; see the CONTRIBUTORS file for full | |
13 | * details. Many organizations have provided support for Squid's | |
14 | * development; see the SPONSORS file for full details. Squid is | |
15 | * Copyrighted (C) 2001 by the Regents of the University of | |
16 | * California; see the COPYRIGHT file for full details. Squid | |
17 | * incorporates software developed and/or copyrighted by other | |
18 | * sources; see the CREDITS file for full details. | |
30a4f2a8 | 19 | * |
20 | * This program is free software; you can redistribute it and/or modify | |
21 | * it under the terms of the GNU General Public License as published by | |
22 | * the Free Software Foundation; either version 2 of the License, or | |
23 | * (at your option) any later version. | |
24 | * | |
25 | * This program is distributed in the hope that it will be useful, | |
26 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
27 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
28 | * GNU General Public License for more details. | |
29 | * | |
30 | * You should have received a copy of the GNU General Public License | |
31 | * along with this program; if not, write to the Free Software | |
cbdec147 | 32 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. |
e25c139f | 33 | * |
30a4f2a8 | 34 | */ |
019dd986 | 35 | |
4a83b852 | 36 | /* |
37 | * Anonymizing patch by lutz@as-node.jena.thur.de | |
de3bdb4c | 38 | * have a look into http-anon.c to get more informations. |
4a83b852 | 39 | */ |
40 | ||
44a47c6e | 41 | #include "squid.h" |
0eb49b6d | 42 | #include "MemBuf.h" |
e6ccf245 | 43 | #include "http.h" |
f5691f9c | 44 | #include "AuthUserRequest.h" |
e6ccf245 | 45 | #include "Store.h" |
528b2c61 | 46 | #include "HttpReply.h" |
47 | #include "HttpRequest.h" | |
48 | #include "MemObject.h" | |
49 | #include "HttpHdrContRange.h" | |
4fb35c3c | 50 | #include "ACLChecklist.h" |
21b92762 | 51 | #include "fde.h" |
b67e2c8c | 52 | #if DELAY_POOLS |
53 | #include "DelayPools.h" | |
54 | #endif | |
e6ccf245 | 55 | |
56 | CBDATA_TYPE(HttpStateData); | |
57 | ||
090089c4 | 58 | |
6bf8443a | 59 | static const char *const crlf = "\r\n"; |
4db43fab | 60 | |
c3d63b2a | 61 | static CWCB httpSendRequestEntity; |
54220df8 | 62 | |
c4b7a5a9 | 63 | static IOCB httpReadReply; |
b6a2f15e | 64 | static void httpSendRequest(HttpStateData *); |
9e4ad609 | 65 | static PF httpStateFree; |
66 | static PF httpTimeout; | |
f5b8bbc4 | 67 | static void httpCacheNegatively(StoreEntry *); |
68 | static void httpMakePrivate(StoreEntry *); | |
69 | static void httpMakePublic(StoreEntry *); | |
f9cece6e | 70 | static void httpMaybeRemovePublic(StoreEntry *, http_status); |
190154cf | 71 | static void copyOneHeaderFromClientsideRequestToUpstreamRequest(const HttpHeaderEntry *e, String strConnection, HttpRequest * request, HttpRequest * orig_request, |
62e76326 | 72 | HttpHeader * hdr_out, int we_do_ranges, http_state_flags); |
190154cf | 73 | static int decideIfWeDoRanges (HttpRequest * orig_request); |
528b2c61 | 74 | |
b8d8561b | 75 | |
b177367b | 76 | static void |
59715b38 | 77 | httpStateFree(int fd, void *data) |
f5558c95 | 78 | { |
e6ccf245 | 79 | HttpStateData *httpState = static_cast<HttpStateData *>(data); |
62e76326 | 80 | |
0d4d4170 | 81 | if (httpState == NULL) |
62e76326 | 82 | return; |
83 | ||
21b92762 | 84 | if (httpState->body_buf) { |
9ea12fca | 85 | if (httpState->orig_request->body_connection.getRaw()) { |
86 | clientAbortBody(httpState->orig_request); | |
87 | } | |
21b92762 | 88 | |
89 | if (httpState->body_buf) { | |
90 | memFree(httpState->body_buf, MEM_8K_BUF); | |
91 | httpState->body_buf = NULL; | |
92 | } | |
93 | } | |
94 | ||
f88211e8 | 95 | storeUnlockObject(httpState->entry); |
62e76326 | 96 | |
2fe7eff9 | 97 | if (!httpState->reply_hdr.isNull()) { |
98 | httpState->reply_hdr.clean(); | |
0d4d4170 | 99 | } |
62e76326 | 100 | |
30a4f2a8 | 101 | requestUnlink(httpState->request); |
20cc1450 | 102 | requestUnlink(httpState->orig_request); |
7dd44885 | 103 | httpState->request = NULL; |
104 | httpState->orig_request = NULL; | |
105 | cbdataFree(httpState); | |
f5558c95 | 106 | } |
107 | ||
b8d8561b | 108 | int |
75e88d56 | 109 | httpCachable(method_t method) |
090089c4 | 110 | { |
090089c4 | 111 | /* GET and HEAD are cachable. Others are not. */ |
62e76326 | 112 | |
6eb42cae | 113 | if (method != METHOD_GET && method != METHOD_HEAD) |
62e76326 | 114 | return 0; |
115 | ||
090089c4 | 116 | /* else cachable */ |
117 | return 1; | |
118 | } | |
119 | ||
b8d8561b | 120 | static void |
5c5783a2 | 121 | httpTimeout(int fd, void *data) |
090089c4 | 122 | { |
e6ccf245 | 123 | HttpStateData *httpState = static_cast<HttpStateData *>(data); |
593c9a75 | 124 | StoreEntry *entry = httpState->entry; |
9fb13bb6 | 125 | debug(11, 4) ("httpTimeout: FD %d: '%s'\n", fd, storeUrl(entry)); |
62e76326 | 126 | |
12158bdc | 127 | if (entry->store_status == STORE_PENDING) { |
6cae5db1 | 128 | fwdFail(httpState->fwd, |
129 | errorCon(ERR_READ_TIMEOUT, HTTP_GATEWAY_TIMEOUT)); | |
9b312a19 | 130 | } |
62e76326 | 131 | |
0d4d4170 | 132 | comm_close(fd); |
090089c4 | 133 | } |
134 | ||
30a4f2a8 | 135 | /* This object can be cached for a long time */ |
b8d8561b | 136 | static void |
137 | httpMakePublic(StoreEntry * entry) | |
30a4f2a8 | 138 | { |
d46a87a8 | 139 | if (EBIT_TEST(entry->flags, ENTRY_CACHABLE)) |
62e76326 | 140 | storeSetPublicKey(entry); |
30a4f2a8 | 141 | } |
142 | ||
143 | /* This object should never be cached at all */ | |
b8d8561b | 144 | static void |
145 | httpMakePrivate(StoreEntry * entry) | |
30a4f2a8 | 146 | { |
30a4f2a8 | 147 | storeExpireNow(entry); |
30a4f2a8 | 148 | storeReleaseRequest(entry); /* delete object when not used */ |
f3e570e9 | 149 | /* storeReleaseRequest clears ENTRY_CACHABLE flag */ |
30a4f2a8 | 150 | } |
151 | ||
152 | /* This object may be negatively cached */ | |
b8d8561b | 153 | static void |
154 | httpCacheNegatively(StoreEntry * entry) | |
30a4f2a8 | 155 | { |
79b5cc5f | 156 | storeNegativeCache(entry); |
62e76326 | 157 | |
d46a87a8 | 158 | if (EBIT_TEST(entry->flags, ENTRY_CACHABLE)) |
62e76326 | 159 | storeSetPublicKey(entry); |
30a4f2a8 | 160 | } |
161 | ||
f9cece6e | 162 | static void |
163 | httpMaybeRemovePublic(StoreEntry * e, http_status status) | |
164 | { | |
62e76326 | 165 | |
166 | int remove | |
167 | = 0; | |
168 | ||
7e3ce7b9 | 169 | int forbidden = 0; |
62e76326 | 170 | |
f9cece6e | 171 | StoreEntry *pe; |
62e76326 | 172 | |
d46a87a8 | 173 | if (!EBIT_TEST(e->flags, KEY_PRIVATE)) |
62e76326 | 174 | return; |
175 | ||
f9cece6e | 176 | switch (status) { |
62e76326 | 177 | |
f9cece6e | 178 | case HTTP_OK: |
62e76326 | 179 | |
f9cece6e | 180 | case HTTP_NON_AUTHORITATIVE_INFORMATION: |
62e76326 | 181 | |
f9cece6e | 182 | case HTTP_MULTIPLE_CHOICES: |
62e76326 | 183 | |
f9cece6e | 184 | case HTTP_MOVED_PERMANENTLY: |
62e76326 | 185 | |
f9cece6e | 186 | case HTTP_MOVED_TEMPORARILY: |
62e76326 | 187 | |
f9cece6e | 188 | case HTTP_GONE: |
62e76326 | 189 | |
7e3ce7b9 | 190 | case HTTP_NOT_FOUND: |
62e76326 | 191 | |
192 | remove | |
193 | = 1; | |
194 | ||
195 | break; | |
196 | ||
7e3ce7b9 | 197 | case HTTP_FORBIDDEN: |
62e76326 | 198 | |
7e3ce7b9 | 199 | case HTTP_METHOD_NOT_ALLOWED: |
62e76326 | 200 | forbidden = 1; |
201 | ||
202 | break; | |
203 | ||
f9cece6e | 204 | #if WORK_IN_PROGRESS |
62e76326 | 205 | |
c8fd0193 | 206 | case HTTP_UNAUTHORIZED: |
62e76326 | 207 | forbidden = 1; |
208 | ||
209 | break; | |
210 | ||
f9cece6e | 211 | #endif |
62e76326 | 212 | |
f9cece6e | 213 | default: |
7e3ce7b9 | 214 | #if QUESTIONABLE |
62e76326 | 215 | /* |
216 | * Any 2xx response should eject previously cached entities... | |
217 | */ | |
abb929f0 | 218 | |
62e76326 | 219 | if (status >= 200 && status < 300) |
220 | remove | |
221 | = 1; | |
222 | ||
7e3ce7b9 | 223 | #endif |
62e76326 | 224 | |
225 | break; | |
f9cece6e | 226 | } |
62e76326 | 227 | |
228 | if (!remove | |
229 | && !forbidden) | |
230 | return; | |
231 | ||
f9cece6e | 232 | assert(e->mem_obj); |
62e76326 | 233 | |
f66a9ef4 | 234 | if (e->mem_obj->request) |
62e76326 | 235 | pe = storeGetPublicByRequest(e->mem_obj->request); |
f66a9ef4 | 236 | else |
62e76326 | 237 | pe = storeGetPublic(e->mem_obj->url, e->mem_obj->method); |
238 | ||
f66a9ef4 | 239 | if (pe != NULL) { |
62e76326 | 240 | assert(e != pe); |
241 | storeRelease(pe); | |
0856d155 | 242 | } |
62e76326 | 243 | |
7e3ce7b9 | 244 | /* |
245 | * Also remove any cached HEAD response in case the object has | |
246 | * changed. | |
247 | */ | |
f66a9ef4 | 248 | if (e->mem_obj->request) |
62e76326 | 249 | pe = storeGetPublicByRequestMethod(e->mem_obj->request, METHOD_HEAD); |
f66a9ef4 | 250 | else |
62e76326 | 251 | pe = storeGetPublic(e->mem_obj->url, METHOD_HEAD); |
252 | ||
f66a9ef4 | 253 | if (pe != NULL) { |
62e76326 | 254 | assert(e != pe); |
255 | storeRelease(pe); | |
7e3ce7b9 | 256 | } |
62e76326 | 257 | |
7e3ce7b9 | 258 | if (forbidden) |
62e76326 | 259 | return; |
260 | ||
7e3ce7b9 | 261 | switch (e->mem_obj->method) { |
62e76326 | 262 | |
7e3ce7b9 | 263 | case METHOD_PUT: |
62e76326 | 264 | |
7e3ce7b9 | 265 | case METHOD_DELETE: |
62e76326 | 266 | |
7e3ce7b9 | 267 | case METHOD_PROPPATCH: |
62e76326 | 268 | |
7e3ce7b9 | 269 | case METHOD_MKCOL: |
62e76326 | 270 | |
7e3ce7b9 | 271 | case METHOD_MOVE: |
62e76326 | 272 | |
42b51993 | 273 | case METHOD_BMOVE: |
62e76326 | 274 | |
42b51993 | 275 | case METHOD_BDELETE: |
62e76326 | 276 | /* |
277 | * Remove any cached GET object if it is beleived that the | |
278 | * object may have changed as a result of other methods | |
279 | */ | |
280 | ||
281 | if (e->mem_obj->request) | |
282 | pe = storeGetPublicByRequestMethod(e->mem_obj->request, METHOD_GET); | |
283 | else | |
284 | pe = storeGetPublic(e->mem_obj->url, METHOD_GET); | |
285 | ||
286 | if (pe != NULL) { | |
287 | assert(e != pe); | |
288 | storeRelease(pe); | |
289 | } | |
290 | ||
291 | break; | |
292 | ||
c8be6d7b | 293 | default: |
62e76326 | 294 | /* Keep GCC happy. The methods above are all mutating HTTP methods |
295 | */ | |
296 | break; | |
0856d155 | 297 | } |
f9cece6e | 298 | } |
299 | ||
43ae1d95 | 300 | void |
301 | HttpStateData::processSurrogateControl(HttpReply *reply) | |
302 | { | |
303 | #if ESI | |
304 | ||
305 | if (request->flags.accelerated && reply->surrogate_control) { | |
306 | HttpHdrScTarget *sctusable = | |
307 | httpHdrScGetMergedTarget(reply->surrogate_control, | |
308 | Config.Accel.surrogate_id); | |
309 | ||
310 | if (sctusable) { | |
311 | if (EBIT_TEST(sctusable->mask, SC_NO_STORE) || | |
312 | (Config.onoff.surrogate_is_remote | |
313 | && EBIT_TEST(sctusable->mask, SC_NO_STORE_REMOTE))) { | |
314 | surrogateNoStore = true; | |
315 | httpMakePrivate(entry); | |
316 | } | |
317 | ||
318 | /* The HttpHeader logic cannot tell if the header it's parsing is a reply to an | |
319 | * accelerated request or not... | |
320 | * Still, this is an abtraction breach. - RC | |
321 | */ | |
322 | if (sctusable->max_age != -1) { | |
323 | if (sctusable->max_age < sctusable->max_stale) | |
324 | reply->expires = reply->date + sctusable->max_age; | |
325 | else | |
326 | reply->expires = reply->date + sctusable->max_stale; | |
327 | ||
328 | /* And update the timestamps */ | |
329 | storeTimestampsSet(entry); | |
330 | } | |
331 | ||
332 | /* We ignore cache-control directives as per the Surrogate specification */ | |
333 | ignoreCacheControl = true; | |
334 | ||
335 | httpHdrScTargetDestroy(sctusable); | |
336 | } | |
337 | } | |
338 | ||
339 | #endif | |
340 | } | |
341 | ||
924f73bc | 342 | int |
343 | HttpStateData::cacheableReply() | |
c54e9052 | 344 | { |
924f73bc | 345 | HttpReply const *rep = entry->getReply(); |
528b2c61 | 346 | HttpHeader const *hdr = &rep->header; |
d8b249ef | 347 | const int cc_mask = (rep->cache_control) ? rep->cache_control->mask : 0; |
c68e9c6b | 348 | const char *v; |
38f9c547 | 349 | #if HTTP_VIOLATIONS |
62e76326 | 350 | |
38f9c547 | 351 | const refresh_t *R = NULL; |
352 | #endif | |
43ae1d95 | 353 | |
38f9c547 | 354 | if (surrogateNoStore) |
62e76326 | 355 | return 0; |
356 | ||
924f73bc | 357 | if (!ignoreCacheControl) { |
38f9c547 | 358 | if (EBIT_TEST(cc_mask, CC_PRIVATE)) { |
359 | #if HTTP_VIOLATIONS | |
43ae1d95 | 360 | |
38f9c547 | 361 | if (!R) |
362 | R = refreshLimits(entry->mem_obj->url); | |
43ae1d95 | 363 | |
38f9c547 | 364 | if (R && !R->flags.ignore_private) |
365 | #endif | |
366 | ||
367 | return 0; | |
368 | } | |
369 | ||
370 | if (EBIT_TEST(cc_mask, CC_NO_CACHE)) { | |
371 | #if HTTP_VIOLATIONS | |
372 | ||
373 | if (!R) | |
374 | R = refreshLimits(entry->mem_obj->url); | |
375 | ||
376 | if (R && !R->flags.ignore_no_cache) | |
377 | #endif | |
378 | ||
379 | return 0; | |
380 | } | |
381 | ||
382 | if (EBIT_TEST(cc_mask, CC_NO_STORE)) { | |
383 | #if HTTP_VIOLATIONS | |
384 | ||
385 | if (!R) | |
386 | R = refreshLimits(entry->mem_obj->url); | |
387 | ||
388 | if (R && !R->flags.ignore_no_store) | |
389 | #endif | |
390 | ||
391 | return 0; | |
392 | } | |
43ae1d95 | 393 | } |
394 | ||
924f73bc | 395 | if (request->flags.auth) { |
62e76326 | 396 | /* |
397 | * Responses to requests with authorization may be cached | |
398 | * only if a Cache-Control: public reply header is present. | |
399 | * RFC 2068, sec 14.9.4 | |
400 | */ | |
401 | ||
38f9c547 | 402 | if (!EBIT_TEST(cc_mask, CC_PUBLIC)) { |
403 | #if HTTP_VIOLATIONS | |
404 | ||
405 | if (!R) | |
406 | R = refreshLimits(entry->mem_obj->url); | |
407 | ||
408 | if (R && !R->flags.ignore_auth) | |
409 | #endif | |
410 | ||
411 | return 0; | |
412 | } | |
a6dfe2d9 | 413 | } |
62e76326 | 414 | |
c68e9c6b | 415 | /* Pragma: no-cache in _replies_ is not documented in HTTP, |
416 | * but servers like "Active Imaging Webcast/2.0" sure do use it */ | |
417 | if (httpHeaderHas(hdr, HDR_PRAGMA)) { | |
62e76326 | 418 | String s = httpHeaderGetList(hdr, HDR_PRAGMA); |
419 | const int no_cache = strListIsMember(&s, "no-cache", ','); | |
420 | s.clean(); | |
421 | ||
38f9c547 | 422 | if (no_cache) { |
423 | #if HTTP_VIOLATIONS | |
424 | ||
425 | if (!R) | |
426 | R = refreshLimits(entry->mem_obj->url); | |
427 | ||
428 | if (R && !R->flags.ignore_no_cache) | |
429 | #endif | |
430 | ||
431 | return 0; | |
432 | } | |
c68e9c6b | 433 | } |
62e76326 | 434 | |
c68e9c6b | 435 | /* |
436 | * The "multipart/x-mixed-replace" content type is used for | |
437 | * continuous push replies. These are generally dynamic and | |
438 | * probably should not be cachable | |
439 | */ | |
440 | if ((v = httpHeaderGetStr(hdr, HDR_CONTENT_TYPE))) | |
62e76326 | 441 | if (!strncasecmp(v, "multipart/x-mixed-replace", 25)) |
442 | return 0; | |
443 | ||
924f73bc | 444 | switch (entry->getReply()->sline.status) { |
62e76326 | 445 | /* Responses that are cacheable */ |
446 | ||
19a04dac | 447 | case HTTP_OK: |
62e76326 | 448 | |
19a04dac | 449 | case HTTP_NON_AUTHORITATIVE_INFORMATION: |
62e76326 | 450 | |
19a04dac | 451 | case HTTP_MULTIPLE_CHOICES: |
62e76326 | 452 | |
19a04dac | 453 | case HTTP_MOVED_PERMANENTLY: |
62e76326 | 454 | |
19a04dac | 455 | case HTTP_GONE: |
62e76326 | 456 | /* |
457 | * Don't cache objects that need to be refreshed on next request, | |
458 | * unless we know how to refresh it. | |
459 | */ | |
460 | ||
924f73bc | 461 | if (!refreshIsCachable(entry)) |
62e76326 | 462 | return 0; |
463 | ||
464 | /* don't cache objects from peers w/o LMT, Date, or Expires */ | |
465 | /* check that is it enough to check headers @?@ */ | |
466 | if (rep->date > -1) | |
467 | return 1; | |
468 | else if (rep->last_modified > -1) | |
469 | return 1; | |
924f73bc | 470 | else if (!_peer) |
62e76326 | 471 | return 1; |
472 | ||
473 | /* @?@ (here and 302): invalid expires header compiles to squid_curtime */ | |
474 | else if (rep->expires > -1) | |
475 | return 1; | |
476 | else | |
477 | return 0; | |
478 | ||
479 | /* NOTREACHED */ | |
480 | break; | |
481 | ||
482 | /* Responses that only are cacheable if the server says so */ | |
483 | ||
19a04dac | 484 | case HTTP_MOVED_TEMPORARILY: |
62e76326 | 485 | if (rep->expires > -1) |
486 | return 1; | |
487 | else | |
488 | return 0; | |
489 | ||
490 | /* NOTREACHED */ | |
491 | break; | |
492 | ||
493 | /* Errors can be negatively cached */ | |
494 | ||
19a04dac | 495 | case HTTP_NO_CONTENT: |
62e76326 | 496 | |
19a04dac | 497 | case HTTP_USE_PROXY: |
62e76326 | 498 | |
19a04dac | 499 | case HTTP_BAD_REQUEST: |
62e76326 | 500 | |
19a04dac | 501 | case HTTP_FORBIDDEN: |
62e76326 | 502 | |
19a04dac | 503 | case HTTP_NOT_FOUND: |
62e76326 | 504 | |
19a04dac | 505 | case HTTP_METHOD_NOT_ALLOWED: |
62e76326 | 506 | |
19a04dac | 507 | case HTTP_REQUEST_URI_TOO_LARGE: |
62e76326 | 508 | |
19a04dac | 509 | case HTTP_INTERNAL_SERVER_ERROR: |
62e76326 | 510 | |
19a04dac | 511 | case HTTP_NOT_IMPLEMENTED: |
62e76326 | 512 | |
19a04dac | 513 | case HTTP_BAD_GATEWAY: |
62e76326 | 514 | |
19a04dac | 515 | case HTTP_SERVICE_UNAVAILABLE: |
62e76326 | 516 | |
19a04dac | 517 | case HTTP_GATEWAY_TIMEOUT: |
62e76326 | 518 | return -1; |
519 | ||
520 | /* NOTREACHED */ | |
521 | break; | |
522 | ||
523 | /* Some responses can never be cached */ | |
524 | ||
0cdcddb9 | 525 | case HTTP_PARTIAL_CONTENT: /* Not yet supported */ |
62e76326 | 526 | |
19a04dac | 527 | case HTTP_SEE_OTHER: |
62e76326 | 528 | |
19a04dac | 529 | case HTTP_NOT_MODIFIED: |
62e76326 | 530 | |
19a04dac | 531 | case HTTP_UNAUTHORIZED: |
62e76326 | 532 | |
19a04dac | 533 | case HTTP_PROXY_AUTHENTICATION_REQUIRED: |
62e76326 | 534 | |
0cdcddb9 | 535 | case HTTP_INVALID_HEADER: /* Squid header parsing error */ |
4eb368f9 | 536 | |
537 | case HTTP_HEADER_TOO_LARGE: | |
62e76326 | 538 | return 0; |
539 | ||
c54e9052 | 540 | default: /* Unknown status code */ |
924f73bc | 541 | debug (11,0)("HttpStateData::cacheableReply: unknown http status code in reply\n"); |
62e76326 | 542 | |
543 | return 0; | |
544 | ||
545 | /* NOTREACHED */ | |
546 | break; | |
c54e9052 | 547 | } |
62e76326 | 548 | |
79d39a72 | 549 | /* NOTREACHED */ |
c54e9052 | 550 | } |
090089c4 | 551 | |
f66a9ef4 | 552 | /* |
553 | * For Vary, store the relevant request headers as | |
554 | * virtual headers in the reply | |
555 | * Returns false if the variance cannot be stored | |
556 | */ | |
557 | const char * | |
190154cf | 558 | httpMakeVaryMark(HttpRequest * request, HttpReply const * reply) |
f66a9ef4 | 559 | { |
f66a9ef4 | 560 | String vary, hdr; |
561 | const char *pos = NULL; | |
562 | const char *item; | |
563 | const char *value; | |
564 | int ilen; | |
528b2c61 | 565 | static String vstr; |
f66a9ef4 | 566 | |
528b2c61 | 567 | vstr.clean(); |
f66a9ef4 | 568 | vary = httpHeaderGetList(&reply->header, HDR_VARY); |
62e76326 | 569 | |
f66a9ef4 | 570 | while (strListGetItem(&vary, ',', &item, &ilen, &pos)) { |
62e76326 | 571 | char *name = (char *)xmalloc(ilen + 1); |
572 | xstrncpy(name, item, ilen + 1); | |
573 | Tolower(name); | |
9776e3cc | 574 | |
575 | if (strcmp(name, "*") == 0) { | |
576 | /* Can not handle "Vary: *" withtout ETag support */ | |
577 | safe_free(name); | |
578 | vstr.clean(); | |
579 | break; | |
580 | } | |
581 | ||
62e76326 | 582 | strListAdd(&vstr, name, ','); |
583 | hdr = httpHeaderGetByName(&request->header, name); | |
584 | safe_free(name); | |
585 | value = hdr.buf(); | |
586 | ||
587 | if (value) { | |
588 | value = rfc1738_escape_part(value); | |
589 | vstr.append("=\"", 2); | |
590 | vstr.append(value); | |
591 | vstr.append("\"", 1); | |
592 | } | |
593 | ||
594 | hdr.clean(); | |
f66a9ef4 | 595 | } |
62e76326 | 596 | |
528b2c61 | 597 | vary.clean(); |
f66a9ef4 | 598 | #if X_ACCELERATOR_VARY |
62e76326 | 599 | |
aa38be4a | 600 | pos = NULL; |
f66a9ef4 | 601 | vary = httpHeaderGetList(&reply->header, HDR_X_ACCELERATOR_VARY); |
62e76326 | 602 | |
f66a9ef4 | 603 | while (strListGetItem(&vary, ',', &item, &ilen, &pos)) { |
62e76326 | 604 | char *name = (char *)xmalloc(ilen + 1); |
605 | xstrncpy(name, item, ilen + 1); | |
606 | Tolower(name); | |
607 | strListAdd(&vstr, name, ','); | |
608 | hdr = httpHeaderGetByName(&request->header, name); | |
609 | safe_free(name); | |
610 | value = hdr.buf(); | |
611 | ||
612 | if (value) { | |
613 | value = rfc1738_escape_part(value); | |
614 | vstr.append("=\"", 2); | |
615 | vstr.append(value); | |
616 | vstr.append("\"", 1); | |
617 | } | |
618 | ||
619 | hdr.clean(); | |
f66a9ef4 | 620 | } |
62e76326 | 621 | |
528b2c61 | 622 | vary.clean(); |
f66a9ef4 | 623 | #endif |
62e76326 | 624 | |
528b2c61 | 625 | debug(11, 3) ("httpMakeVaryMark: %s\n", vstr.buf()); |
626 | return vstr.buf(); | |
f66a9ef4 | 627 | } |
628 | ||
4eb368f9 | 629 | void |
630 | HttpStateData::failReply(HttpReply *reply, http_status const & status) | |
631 | { | |
632 | reply->sline.version = HttpVersion(1, 0); | |
633 | reply->sline.status = status; | |
634 | storeEntryReplaceObject (entry, reply); | |
635 | ||
636 | if (eof == 1) { | |
637 | fwdComplete(fwd); | |
638 | comm_close(fd); | |
639 | } | |
640 | } | |
641 | ||
642 | /* rewrite this later using new interfaces @?@ | |
643 | * This creates the error page itself.. its likely | |
644 | * that the forward ported reply header max size patch | |
645 | * generates non http conformant error pages - in which | |
646 | * case the errors where should be 'BAD_GATEWAY' etc | |
647 | */ | |
b8d8561b | 648 | void |
e6ccf245 | 649 | HttpStateData::processReplyHeader(const char *buf, int size) |
f5558c95 | 650 | { |
9bc73deb | 651 | size_t hdr_len; |
bdec8360 | 652 | size_t hdr_size; |
528b2c61 | 653 | /* Creates a blank header. If this routine is made incremental, this will |
654 | * not do | |
655 | */ | |
656 | HttpReply *reply = httpReplyCreate(); | |
82384411 | 657 | Ctx ctx = ctx_enter(entry->mem_obj->url); |
3f7d66c7 | 658 | debug(11, 3) ("processReplyHeader: key '%s'\n", |
62e76326 | 659 | entry->getMD5Text()); |
660 | ||
2fe7eff9 | 661 | if (reply_hdr.isNull()) |
662 | reply_hdr.init(); | |
62e76326 | 663 | |
1a98175f | 664 | assert(!flags.headers_parsed); |
62e76326 | 665 | |
2fe7eff9 | 666 | reply_hdr.append(buf, size); |
62e76326 | 667 | |
4eb368f9 | 668 | hdr_len = reply_hdr.size; |
62e76326 | 669 | |
4eb368f9 | 670 | if (hdr_len > 4 && strncmp(reply_hdr.buf, "HTTP/", 5)) { |
3f7d66c7 | 671 | debugs(11, 3, "processReplyHeader: Non-HTTP-compliant header: '" << reply_hdr.buf << "'"); |
1a98175f | 672 | flags.headers_parsed = 1; |
2fe7eff9 | 673 | reply_hdr.clean(); |
4eb368f9 | 674 | failReply (reply, HTTP_INVALID_HEADER); |
82384411 | 675 | ctx_exit(ctx); |
4eb368f9 | 676 | return; |
677 | } | |
62e76326 | 678 | |
bdec8360 | 679 | hdr_size = headersEnd(reply_hdr.buf, hdr_len); |
62e76326 | 680 | |
4eb368f9 | 681 | if (hdr_size) |
682 | hdr_len = hdr_size; | |
62e76326 | 683 | |
4eb368f9 | 684 | if (hdr_len > Config.maxReplyHeaderSize) { |
3f7d66c7 | 685 | debugs(11, 1, "processReplyHeader: Too large reply header"); |
62e76326 | 686 | |
2fe7eff9 | 687 | if (!reply_hdr.isNull()) |
688 | reply_hdr.clean(); | |
62e76326 | 689 | |
4eb368f9 | 690 | failReply (reply, HTTP_HEADER_TOO_LARGE); |
62e76326 | 691 | |
1a98175f | 692 | flags.headers_parsed = 1; |
82384411 | 693 | |
694 | ctx_exit(ctx); | |
695 | ||
62e76326 | 696 | return; |
f5558c95 | 697 | } |
62e76326 | 698 | |
9bc73deb | 699 | /* headers can be incomplete only if object still arriving */ |
4eb368f9 | 700 | if (!hdr_size) { |
701 | if (eof) | |
702 | hdr_size = hdr_len; | |
82384411 | 703 | else { |
25d279b6 | 704 | httpReplyDestroy(reply); |
82384411 | 705 | ctx_exit(ctx); |
62e76326 | 706 | return; /* headers not complete */ |
82384411 | 707 | } |
9bc73deb | 708 | } |
62e76326 | 709 | |
4eb368f9 | 710 | /* Cut away any excess body data (only needed for debug?) */ |
2fe7eff9 | 711 | reply_hdr.append("\0", 1); |
4eb368f9 | 712 | |
713 | reply_hdr.buf[hdr_size] = '\0'; | |
714 | ||
1a98175f | 715 | flags.headers_parsed = 1; |
4eb368f9 | 716 | |
9bc73deb | 717 | debug(11, 9) ("GOT HTTP REPLY HDR:\n---------\n%s\n----------\n", |
4eb368f9 | 718 | reply_hdr.buf); |
719 | ||
9bc73deb | 720 | /* Parse headers into reply structure */ |
721 | /* what happens if we fail to parse here? */ | |
4eb368f9 | 722 | httpReplyParse(reply, reply_hdr.buf, hdr_size); |
47ac2ebe | 723 | |
724 | if (reply->sline.status >= HTTP_INVALID_HEADER) { | |
3f7d66c7 | 725 | debugs(11, 3, "processReplyHeader: Non-HTTP-compliant header: '" << reply_hdr.buf << "'"); |
4eb368f9 | 726 | failReply (reply, HTTP_INVALID_HEADER); |
82384411 | 727 | ctx_exit(ctx); |
47ac2ebe | 728 | return; |
729 | } | |
730 | ||
43ae1d95 | 731 | processSurrogateControl (reply); |
528b2c61 | 732 | /* TODO: we need our own reply * in the httpState, as we probably don't want to replace |
733 | * the storeEntry with interim headers | |
734 | */ | |
735 | ||
736 | /* TODO: IF the reply is a 1.0 reply, AND it has a Connection: Header | |
737 | * Parse the header and remove all referenced headers | |
738 | */ | |
739 | ||
740 | storeEntryReplaceObject(entry, reply); | |
741 | /* DO NOT USE reply now */ | |
742 | reply = NULL; | |
743 | ||
123516e5 | 744 | if (entry->getReply()->sline.status == HTTP_PARTIAL_CONTENT && |
745 | entry->getReply()->content_range) | |
62e76326 | 746 | currentOffset = entry->getReply()->content_range->spec.offset; |
747 | ||
9bc73deb | 748 | storeTimestampsSet(entry); |
62e76326 | 749 | |
9bc73deb | 750 | /* Check if object is cacheable or not based on reply code */ |
3f7d66c7 | 751 | debug(11, 3) ("processReplyHeader: HTTP CODE: %d\n", entry->getReply()->sline.status); |
62e76326 | 752 | |
9bc73deb | 753 | if (neighbors_do_private_keys) |
62e76326 | 754 | httpMaybeRemovePublic(entry, entry->getReply()->sline.status); |
e6ccf245 | 755 | |
4b44c907 | 756 | if (httpHeaderHas(&entry->getReply()->header, HDR_VARY) |
f66a9ef4 | 757 | #if X_ACCELERATOR_VARY |
4b44c907 | 758 | || httpHeaderHas(&entry->getReply()->header, HDR_X_ACCELERATOR_VARY) |
f66a9ef4 | 759 | #endif |
4b44c907 | 760 | ) { |
761 | const char *vary = httpMakeVaryMark(orig_request, entry->getReply()); | |
762 | ||
763 | if (!vary) { | |
764 | httpMakePrivate(entry); | |
765 | goto no_cache; | |
766 | ||
62e76326 | 767 | } |
768 | ||
4b44c907 | 769 | entry->mem_obj->vary_headers = xstrdup(vary); |
770 | } | |
771 | ||
772 | switch (cacheableReply()) { | |
773 | ||
774 | case 1: | |
775 | httpMakePublic(entry); | |
62e76326 | 776 | break; |
777 | ||
9bc73deb | 778 | case 0: |
62e76326 | 779 | httpMakePrivate(entry); |
780 | break; | |
781 | ||
9bc73deb | 782 | case -1: |
4b44c907 | 783 | |
784 | if (Config.negativeTtl > 0) | |
785 | httpCacheNegatively(entry); | |
786 | else | |
787 | httpMakePrivate(entry); | |
788 | ||
62e76326 | 789 | break; |
790 | ||
9bc73deb | 791 | default: |
62e76326 | 792 | assert(0); |
4b44c907 | 793 | |
62e76326 | 794 | break; |
9bc73deb | 795 | } |
62e76326 | 796 | |
4b44c907 | 797 | no_cache: |
798 | ||
43ae1d95 | 799 | if (!ignoreCacheControl && entry->getReply()->cache_control) { |
62e76326 | 800 | if (EBIT_TEST(entry->getReply()->cache_control->mask, CC_PROXY_REVALIDATE)) |
801 | EBIT_SET(entry->flags, ENTRY_REVALIDATE); | |
802 | else if (EBIT_TEST(entry->getReply()->cache_control->mask, CC_MUST_REVALIDATE)) | |
803 | EBIT_SET(entry->flags, ENTRY_REVALIDATE); | |
9bc73deb | 804 | } |
62e76326 | 805 | |
e6ccf245 | 806 | if (flags.keepalive) |
62e76326 | 807 | if (_peer) |
808 | _peer->stats.n_keepalives_sent++; | |
809 | ||
21b92762 | 810 | if (entry->getReply()->keep_alive) { |
62e76326 | 811 | if (_peer) |
812 | _peer->stats.n_keepalives_recv++; | |
813 | ||
21b92762 | 814 | if (Config.onoff.detect_broken_server_pconns && httpReplyBodySize(request->method, reply) == -1) { |
3f7d66c7 | 815 | debug(11, 1) ("processReplyHeader: Impossible keep-alive header from '%s'\n", storeUrl(entry)); |
21b92762 | 816 | debug(11, 2) ("GOT HTTP REPLY HDR:\n---------\n%s\n----------\n", reply_hdr.buf); |
817 | flags.keepalive_broken = 1; | |
818 | } | |
819 | } | |
820 | ||
528b2c61 | 821 | if (entry->getReply()->date > -1 && !_peer) { |
411c6ea3 | 822 | int skew = abs((int)(entry->getReply()->date - squid_curtime)); |
62e76326 | 823 | |
824 | if (skew > 86400) | |
825 | debug(11, 3) ("%s's clock is skewed by %d seconds!\n", | |
826 | request->host, skew); | |
f5558c95 | 827 | } |
62e76326 | 828 | |
9bc73deb | 829 | ctx_exit(ctx); |
c3609322 | 830 | #if HEADERS_LOG |
62e76326 | 831 | |
528b2c61 | 832 | headersLog(1, 0, request->method, entry->getReply()); |
c3609322 | 833 | #endif |
62e76326 | 834 | |
e6ccf245 | 835 | if (eof == 1) { |
62e76326 | 836 | fwdComplete(fwd); |
837 | comm_close(fd); | |
e6ccf245 | 838 | } |
f5558c95 | 839 | } |
840 | ||
528b2c61 | 841 | HttpStateData::ConnectionStatus |
842 | HttpStateData::statusIfComplete() const | |
603a02fd | 843 | { |
528b2c61 | 844 | HttpReply const *reply = entry->getReply(); |
845 | /* If the reply wants to close the connection, it takes precedence */ | |
62e76326 | 846 | |
528b2c61 | 847 | if (httpHeaderHasConnDir(&reply->header, "close")) |
62e76326 | 848 | return COMPLETE_NONPERSISTENT_MSG; |
849 | ||
528b2c61 | 850 | /* If we didn't send a keep-alive request header, then this |
978e455f | 851 | * can not be a persistent connection. |
852 | */ | |
528b2c61 | 853 | if (!flags.keepalive) |
62e76326 | 854 | return COMPLETE_NONPERSISTENT_MSG; |
855 | ||
72b63f06 | 856 | /* |
857 | * If we haven't sent the whole request then this can not be a persistent | |
858 | * connection. | |
859 | */ | |
860 | if (!flags.request_sent) { | |
2afdbf48 | 861 | debug(11, 1) ("statusIfComplete: Request not yet fully sent \"%s %s\"\n", |
72b63f06 | 862 | RequestMethodStr[orig_request->method], |
863 | storeUrl(entry)); | |
864 | return COMPLETE_NONPERSISTENT_MSG; | |
865 | } | |
866 | ||
9f5a2895 | 867 | /* |
868 | * What does the reply have to say about keep-alive? | |
869 | */ | |
b6a2f15e | 870 | /* |
871 | * XXX BUG? | |
872 | * If the origin server (HTTP/1.0) does not send a keep-alive | |
873 | * header, but keeps the connection open anyway, what happens? | |
874 | * We'll return here and http.c waits for an EOF before changing | |
875 | * store_status to STORE_OK. Combine this with ENTRY_FWD_HDR_WAIT | |
876 | * and an error status code, and we might have to wait until | |
877 | * the server times out the socket. | |
878 | */ | |
9f5a2895 | 879 | if (!reply->keep_alive) |
528b2c61 | 880 | return COMPLETE_NONPERSISTENT_MSG; |
62e76326 | 881 | |
528b2c61 | 882 | return COMPLETE_PERSISTENT_MSG; |
883 | } | |
884 | ||
885 | HttpStateData::ConnectionStatus | |
886 | HttpStateData::persistentConnStatus() const | |
887 | { | |
888 | HttpReply const *reply = entry->getReply(); | |
889 | int clen; | |
890 | debug(11, 3) ("httpPconnTransferDone: FD %d\n", fd); | |
891 | ConnectionStatus result = statusIfComplete(); | |
51fdcbd5 | 892 | debug(11, 5) ("httpPconnTransferDone: content_length=%d\n", |
62e76326 | 893 | reply->content_length); |
35282fbf | 894 | /* If we haven't seen the end of reply headers, we are not done */ |
62e76326 | 895 | |
1a98175f | 896 | if (!flags.headers_parsed) |
62e76326 | 897 | return INCOMPLETE_MSG; |
898 | ||
528b2c61 | 899 | clen = httpReplyBodySize(request->method, reply); |
62e76326 | 900 | |
35282fbf | 901 | /* If there is no message body, we can be persistent */ |
902 | if (0 == clen) | |
62e76326 | 903 | return result; |
904 | ||
35282fbf | 905 | /* If the body size is unknown we must wait for EOF */ |
906 | if (clen < 0) | |
62e76326 | 907 | return INCOMPLETE_MSG; |
908 | ||
35282fbf | 909 | /* If the body size is known, we must wait until we've gotten all of it. */ |
528b2c61 | 910 | if (entry->mem_obj->endOffset() < reply->content_length + reply->hdr_sz) |
62e76326 | 911 | return INCOMPLETE_MSG; |
912 | ||
35282fbf | 913 | /* We got it all */ |
528b2c61 | 914 | return result; |
603a02fd | 915 | } |
090089c4 | 916 | |
b8d8561b | 917 | static void |
c4b7a5a9 | 918 | httpReadReply(int fd, char *buf, size_t len, comm_err_t flag, int xerrno,void *data) |
919 | { | |
920 | HttpStateData *httpState = static_cast<HttpStateData *>(data); | |
7194987f | 921 | assert (fd == httpState->fd); |
1d5161bd | 922 | PROF_start(HttpStateData_readReply); |
c4b7a5a9 | 923 | httpState->readReply (fd, buf, len, flag, xerrno, data); |
1d5161bd | 924 | PROF_stop(HttpStateData_readReply); |
c4b7a5a9 | 925 | } |
926 | ||
2afdbf48 | 927 | /* This will be called when data is ready to be read from fd. Read until |
928 | * error or connection closed. */ | |
929 | /* XXX this function is too long! */ | |
c4b7a5a9 | 930 | void |
528b2c61 | 931 | HttpStateData::readReply (int fd, char *readBuf, size_t len, comm_err_t flag, int xerrno,void *data) |
090089c4 | 932 | { |
30a4f2a8 | 933 | int bin; |
090089c4 | 934 | int clen; |
f61f0107 | 935 | flags.do_next_read = 0; |
c4b7a5a9 | 936 | |
937 | ||
528b2c61 | 938 | assert(buf == readBuf); |
c4b7a5a9 | 939 | |
940 | /* Bail out early on COMM_ERR_CLOSING - close handlers will tidy up for us | |
62e76326 | 941 | */ |
942 | ||
c4b7a5a9 | 943 | if (flag == COMM_ERR_CLOSING) { |
d09176e1 | 944 | debug (11,3)("http socket closing\n"); |
c4b7a5a9 | 945 | return; |
946 | } | |
947 | ||
e92e4e44 | 948 | if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) { |
62e76326 | 949 | maybeReadData(); |
950 | return; | |
e92e4e44 | 951 | } |
c4b7a5a9 | 952 | |
1513873c | 953 | errno = 0; |
c4b7a5a9 | 954 | /* prepare the read size for the next read (if any) */ |
447e176b | 955 | #if DELAY_POOLS |
62e76326 | 956 | |
a46d2c0e | 957 | DelayId delayId = entry->mem_obj->mostBytesAllowed(); |
62e76326 | 958 | |
447e176b | 959 | #endif |
62e76326 | 960 | |
c4b7a5a9 | 961 | debug(11, 5) ("httpReadReply: FD %d: len %d.\n", fd, (int)len); |
62e76326 | 962 | |
c4b7a5a9 | 963 | if (flag == COMM_OK && len > 0) { |
447e176b | 964 | #if DELAY_POOLS |
62e76326 | 965 | delayId.bytesIn(len); |
447e176b | 966 | #endif |
62e76326 | 967 | |
968 | kb_incr(&statCounter.server.all.kbytes_in, len); | |
969 | kb_incr(&statCounter.server.http.kbytes_in, len); | |
62e76326 | 970 | IOStats.Http.reads++; |
971 | ||
972 | for (clen = len - 1, bin = 0; clen; bin++) | |
973 | clen >>= 1; | |
974 | ||
975 | IOStats.Http.read_hist[bin]++; | |
30a4f2a8 | 976 | } |
62e76326 | 977 | |
5fa061b8 | 978 | /* here the RFC says we should ignore whitespace between replies, but we can't as |
979 | * doing so breaks HTTP/0.9 replies beginning with witespace, and in addition | |
980 | * the response splitting countermeasures is extremely likely to trigger on this, | |
981 | * not allowing connection reuse in the first place. | |
982 | */ | |
983 | #if DONT_DO_THIS | |
1a98175f | 984 | if (!flags.headers_parsed && flag == COMM_OK && len > 0 && fd_table[fd].uses > 1) { |
5fa061b8 | 985 | /* Skip whitespace between replies */ |
62e76326 | 986 | |
5fa061b8 | 987 | while (len > 0 && isspace(*buf)) |
62e76326 | 988 | xmemmove(buf, buf + 1, len--); |
989 | ||
990 | if (len == 0) { | |
991 | /* Continue to read... */ | |
21b92762 | 992 | /* Timeout NOT increased. This whitespace was from previous reply */ |
f61f0107 | 993 | flags.do_next_read = 1; |
62e76326 | 994 | maybeReadData(); |
995 | return; | |
996 | } | |
5ede6c8f | 997 | } |
62e76326 | 998 | |
5fa061b8 | 999 | #endif |
1000 | ||
c4b7a5a9 | 1001 | if (flag != COMM_OK || len < 0) { |
62e76326 | 1002 | debug(50, 2) ("httpReadReply: FD %d: read failure: %s.\n", |
1003 | fd, xstrerror()); | |
1004 | ||
1005 | if (ignoreErrno(errno)) { | |
f61f0107 | 1006 | flags.do_next_read = 1; |
6cae5db1 | 1007 | } else { |
62e76326 | 1008 | ErrorState *err; |
4eb368f9 | 1009 | err = errorCon(ERR_READ_ERROR, HTTP_BAD_GATEWAY); |
62e76326 | 1010 | err->xerrno = errno; |
1011 | fwdFail(fwd, err); | |
f61f0107 | 1012 | flags.do_next_read = 0; |
62e76326 | 1013 | comm_close(fd); |
62e76326 | 1014 | } |
528b2c61 | 1015 | } else if (flag == COMM_OK && len == 0 && entry->isEmpty()) { |
6cae5db1 | 1016 | fwdFail(fwd, errorCon(ERR_ZERO_SIZE_OBJECT, HTTP_BAD_GATEWAY)); |
62e76326 | 1017 | eof = 1; |
f61f0107 | 1018 | flags.do_next_read = 0; |
62e76326 | 1019 | comm_close(fd); |
c4b7a5a9 | 1020 | } else if (flag == COMM_OK && len == 0) { |
62e76326 | 1021 | /* Connection closed; retrieval done. */ |
1022 | eof = 1; | |
1023 | ||
1a98175f | 1024 | if (!flags.headers_parsed) |
62e76326 | 1025 | /* |
3f7d66c7 | 1026 | * When we called processReplyHeader() before, we |
1a98175f | 1027 | * didn't find the end of headers, but now we are |
1028 | * definately at EOF, so we want to process the reply | |
1029 | * headers. | |
62e76326 | 1030 | */ |
62e76326 | 1031 | processReplyHeader(buf, len); |
b735b90c | 1032 | else if (entry->getReply()->sline.status == HTTP_INVALID_HEADER && HttpVersion(0,9) != entry->getReply()->sline.version) { |
6cae5db1 | 1033 | fwdFail(fwd, errorCon(ERR_INVALID_RESP, HTTP_BAD_GATEWAY)); |
f61f0107 | 1034 | flags.do_next_read = 0; |
47ac2ebe | 1035 | } else { |
4eb368f9 | 1036 | if (entry->mem_obj->getReply()->sline.status == HTTP_HEADER_TOO_LARGE) { |
4eb368f9 | 1037 | storeEntryReset(entry); |
6cae5db1 | 1038 | fwdFail(fwd, errorCon(ERR_TOO_BIG, HTTP_BAD_GATEWAY)); |
4eb368f9 | 1039 | fwd->flags.dont_retry = 1; |
1040 | } else { | |
1041 | fwdComplete(fwd); | |
1042 | } | |
1043 | ||
f61f0107 | 1044 | flags.do_next_read = 0; |
62e76326 | 1045 | comm_close(fd); |
1046 | } | |
090089c4 | 1047 | } else { |
1a98175f | 1048 | if (!flags.headers_parsed) { |
62e76326 | 1049 | processReplyHeader(buf, len); |
1050 | ||
1a98175f | 1051 | if (flags.headers_parsed) { |
62e76326 | 1052 | http_status s = entry->getReply()->sline.status; |
47ac2ebe | 1053 | HttpVersion httpver = entry->getReply()->sline.version; |
1054 | ||
b735b90c | 1055 | if (s == HTTP_INVALID_HEADER && httpver != HttpVersion(0,9)) { |
47ac2ebe | 1056 | storeEntryReset(entry); |
6cae5db1 | 1057 | fwdFail(fwd, errorCon(ERR_INVALID_RESP, HTTP_BAD_GATEWAY)); |
47ac2ebe | 1058 | comm_close(fd); |
1059 | return; | |
1060 | } | |
1061 | ||
225644d7 | 1062 | #if WIP_FWD_LOG |
62e76326 | 1063 | |
1064 | fwdStatus(fwd, s); | |
47ac2ebe | 1065 | |
225644d7 | 1066 | #endif |
62e76326 | 1067 | /* |
1068 | * If its not a reply that we will re-forward, then | |
1069 | * allow the client to get it. | |
1070 | */ | |
1071 | ||
1072 | if (!fwdReforwardableStatus(s)) | |
1073 | EBIT_CLR(entry->flags, ENTRY_FWD_HDR_WAIT); | |
1074 | } | |
1075 | } | |
1076 | ||
1d5161bd | 1077 | PROF_start(HttpStateData_processReplyData); |
62e76326 | 1078 | processReplyData(buf, len); |
1d5161bd | 1079 | PROF_stop(HttpStateData_processReplyData); |
e6ccf245 | 1080 | } |
1081 | } | |
1082 | ||
1083 | void | |
528b2c61 | 1084 | HttpStateData::processReplyData(const char *buf, size_t len) |
e6ccf245 | 1085 | { |
1a98175f | 1086 | if (!flags.headers_parsed) { |
f61f0107 | 1087 | flags.do_next_read = 1; |
62e76326 | 1088 | maybeReadData(); |
1089 | return; | |
528b2c61 | 1090 | } |
62e76326 | 1091 | |
528b2c61 | 1092 | StoreIOBuffer tempBuffer; |
62e76326 | 1093 | |
1094 | if (!flags.headers_pushed) { | |
1095 | /* The first block needs us to skip the headers */ | |
1096 | /* TODO: make this cleaner. WE should push the headers, NOT the parser */ | |
1097 | size_t end = headersEnd (buf, len); | |
1098 | /* IF len > end, we need to append data after the | |
1099 | * out of band update to the store | |
1100 | */ | |
1101 | ||
1102 | if (len > end) { | |
1103 | tempBuffer.data = (char *)buf+end; | |
1104 | tempBuffer.length = len - end; | |
1105 | tempBuffer.offset = currentOffset; | |
1106 | currentOffset += tempBuffer.length; | |
1107 | entry->write (tempBuffer); | |
1108 | } | |
1109 | ||
1110 | flags.headers_pushed = 1; | |
1111 | } else { | |
1112 | tempBuffer.data = (char *)buf; | |
1113 | tempBuffer.length = len; | |
1114 | tempBuffer.offset = currentOffset; | |
1115 | currentOffset += len; | |
1116 | entry->write(tempBuffer); | |
1117 | } | |
528b2c61 | 1118 | |
e6ccf245 | 1119 | if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) { |
62e76326 | 1120 | /* |
1a98175f | 1121 | * the above entry->write() call could ABORT this entry, |
62e76326 | 1122 | * in that case, the server FD should already be closed. |
1123 | * there's nothing for us to do. | |
1124 | */ | |
1125 | (void) 0; | |
1126 | } else | |
1127 | switch (persistentConnStatus()) { | |
1128 | ||
1129 | case INCOMPLETE_MSG: | |
21b92762 | 1130 | /* Wait for more data or EOF condition */ |
1131 | ||
1132 | if (flags.keepalive_broken) { | |
1133 | commSetTimeout(fd, 10, NULL, NULL); | |
1134 | } else { | |
1135 | commSetTimeout(fd, Config.Timeout.read, NULL, NULL); | |
1136 | } | |
1137 | ||
f61f0107 | 1138 | flags.do_next_read = 1; |
62e76326 | 1139 | break; |
1140 | ||
1141 | case COMPLETE_PERSISTENT_MSG: | |
1142 | /* yes we have to clear all these! */ | |
62e76326 | 1143 | commSetTimeout(fd, -1, NULL, NULL); |
f61f0107 | 1144 | flags.do_next_read = 0; |
62e76326 | 1145 | |
1146 | comm_remove_close_handler(fd, httpStateFree, this); | |
1147 | fwdUnregister(fd, fwd); | |
bd0723ad | 1148 | |
1149 | if (_peer) { | |
1150 | if (_peer->options.originserver) | |
1151 | pconnPush(fd, _peer->name, orig_request->port, orig_request->host); | |
1152 | else | |
1153 | pconnPush(fd, _peer->name, _peer->http_port, NULL); | |
1154 | } else { | |
1155 | pconnPush(fd, request->host, request->port, NULL); | |
1156 | } | |
1157 | ||
62e76326 | 1158 | fwdComplete(fwd); |
1159 | fd = -1; | |
1160 | httpStateFree(fd, this); | |
1161 | return; | |
1162 | ||
1163 | case COMPLETE_NONPERSISTENT_MSG: | |
1164 | /* close the connection ourselves */ | |
1165 | /* yes - same as for a complete persistent conn here */ | |
62e76326 | 1166 | commSetTimeout(fd, -1, NULL, NULL); |
1167 | commSetSelect(fd, COMM_SELECT_READ, NULL, NULL, 0); | |
62e76326 | 1168 | comm_remove_close_handler(fd, httpStateFree, this); |
1169 | fwdUnregister(fd, fwd); | |
1170 | fwdComplete(fwd); | |
1171 | /* TODO: check that fd is still open here */ | |
1172 | comm_close (fd); | |
1173 | fd = -1; | |
1174 | httpStateFree(fd, this); | |
1175 | return; | |
1176 | } | |
1177 | ||
c4b7a5a9 | 1178 | maybeReadData(); |
1179 | } | |
1180 | ||
1181 | void | |
1182 | HttpStateData::maybeReadData() | |
1183 | { | |
f61f0107 | 1184 | if (flags.do_next_read) { |
1185 | flags.do_next_read = 0; | |
a46d2c0e | 1186 | entry->delayAwareRead(fd, buf, SQUID_TCP_SO_RCVBUF, httpReadReply, this); |
528b2c61 | 1187 | } |
090089c4 | 1188 | } |
1189 | ||
1190 | /* This will be called when request write is complete. Schedule read of | |
1191 | * reply. */ | |
d576a6a6 | 1192 | void |
1193 | HttpStateData::SendComplete(int fd, char *bufnotused, size_t size, comm_err_t errflag, void *data) | |
090089c4 | 1194 | { |
e6ccf245 | 1195 | HttpStateData *httpState = static_cast<HttpStateData *>(data); |
a3d5953d | 1196 | debug(11, 5) ("httpSendComplete: FD %d: size %d: errflag %d.\n", |
62e76326 | 1197 | fd, (int) size, errflag); |
bc87dc25 | 1198 | #if URL_CHECKSUM_DEBUG |
62e76326 | 1199 | |
528b2c61 | 1200 | entry->mem_obj->checkUrlChecksum(); |
bc87dc25 | 1201 | #endif |
62e76326 | 1202 | |
ee1679df | 1203 | if (size > 0) { |
62e76326 | 1204 | fd_bytes(fd, size, FD_WRITE); |
1205 | kb_incr(&statCounter.server.all.kbytes_out, size); | |
1206 | kb_incr(&statCounter.server.http.kbytes_out, size); | |
ee1679df | 1207 | } |
62e76326 | 1208 | |
ea3a2a69 | 1209 | if (errflag == COMM_ERR_CLOSING) |
62e76326 | 1210 | return; |
1211 | ||
090089c4 | 1212 | if (errflag) { |
6cae5db1 | 1213 | ErrorState *err; |
4eb368f9 | 1214 | err = errorCon(ERR_WRITE_ERROR, HTTP_BAD_GATEWAY); |
62e76326 | 1215 | err->xerrno = errno; |
6cae5db1 | 1216 | fwdFail(httpState->fwd, err); |
62e76326 | 1217 | comm_close(fd); |
1218 | return; | |
090089c4 | 1219 | } else { |
62e76326 | 1220 | /* |
1221 | * Set the read timeout here because it hasn't been set yet. | |
1222 | * We only set the read timeout after the request has been | |
1223 | * fully written to the server-side. If we start the timeout | |
1224 | * after connection establishment, then we are likely to hit | |
1225 | * the timeout for POST/PUT requests that have very large | |
1226 | * request bodies. | |
1227 | */ | |
1228 | commSetTimeout(fd, Config.Timeout.read, httpTimeout, httpState); | |
090089c4 | 1229 | } |
72b63f06 | 1230 | |
1231 | httpState->flags.request_sent = 1; | |
090089c4 | 1232 | } |
1233 | ||
99edd1c3 | 1234 | /* |
1235 | * build request headers and append them to a given MemBuf | |
1236 | * used by httpBuildRequestPrefix() | |
818c6c9e | 1237 | * note: initialised the HttpHeader, the caller is responsible for Clean()-ing |
99edd1c3 | 1238 | */ |
e1e72f06 | 1239 | void |
190154cf | 1240 | httpBuildRequestHeader(HttpRequest * request, |
1241 | HttpRequest * orig_request, | |
62e76326 | 1242 | StoreEntry * entry, |
1243 | HttpHeader * hdr_out, | |
1244 | http_state_flags flags) | |
6bf8443a | 1245 | { |
99edd1c3 | 1246 | /* building buffer for complex strings */ |
5999b776 | 1247 | #define BBUF_SZ (MAX_URL+32) |
99edd1c3 | 1248 | LOCAL_ARRAY(char, bbuf, BBUF_SZ); |
99edd1c3 | 1249 | const HttpHeader *hdr_in = &orig_request->header; |
1250 | const HttpHeaderEntry *e; | |
6bccf575 | 1251 | String strFwd; |
99edd1c3 | 1252 | HttpHeaderPos pos = HttpHeaderInitPos; |
75faaa7a | 1253 | assert (hdr_out->owner == hoRequest); |
99edd1c3 | 1254 | /* append our IMS header */ |
62e76326 | 1255 | |
9bc73deb | 1256 | if (request->lastmod > -1 && request->method == METHOD_GET) |
62e76326 | 1257 | httpHeaderPutTime(hdr_out, HDR_IF_MODIFIED_SINCE, request->lastmod); |
99edd1c3 | 1258 | |
528b2c61 | 1259 | bool we_do_ranges = decideIfWeDoRanges (orig_request); |
1260 | ||
650c4b88 | 1261 | String strConnection (httpHeaderGetList(hdr_in, HDR_CONNECTION)); |
62e76326 | 1262 | |
528b2c61 | 1263 | while ((e = httpHeaderGetEntry(hdr_in, &pos))) |
62e76326 | 1264 | copyOneHeaderFromClientsideRequestToUpstreamRequest(e, strConnection, request, orig_request, hdr_out, we_do_ranges, flags); |
528b2c61 | 1265 | |
43ae1d95 | 1266 | /* Abstraction break: We should interpret multipart/byterange responses |
528b2c61 | 1267 | * into offset-length data, and this works around our inability to do so. |
1268 | */ | |
62e76326 | 1269 | if (!we_do_ranges && orig_request->multipartRangeRequest()) { |
1270 | /* don't cache the result */ | |
1271 | orig_request->flags.cachable = 0; | |
1272 | /* pretend it's not a range request */ | |
00d77d6b | 1273 | delete orig_request->range; |
62e76326 | 1274 | orig_request->range = NULL; |
1275 | orig_request->flags.range = 0; | |
1276 | } | |
528b2c61 | 1277 | |
99edd1c3 | 1278 | |
99edd1c3 | 1279 | /* append Via */ |
736cb6aa | 1280 | if (Config.onoff.via) { |
43ae1d95 | 1281 | String strVia; |
1282 | strVia = httpHeaderGetList(hdr_in, HDR_VIA); | |
62e76326 | 1283 | snprintf(bbuf, BBUF_SZ, "%d.%d %s", |
1284 | orig_request->http_ver.major, | |
1285 | orig_request->http_ver.minor, ThisCache); | |
1286 | strListAdd(&strVia, bbuf, ','); | |
1287 | httpHeaderPutStr(hdr_out, HDR_VIA, strVia.buf()); | |
1288 | strVia.clean(); | |
736cb6aa | 1289 | } |
62e76326 | 1290 | |
43ae1d95 | 1291 | #if ESI |
1292 | { | |
1293 | /* Append Surrogate-Capabilities */ | |
1294 | String strSurrogate (httpHeaderGetList(hdr_in, HDR_SURROGATE_CAPABILITY)); | |
ec43ae0e | 1295 | snprintf(bbuf, BBUF_SZ, "%s=\"Surrogate/1.0 ESI/1.0\"", |
43ae1d95 | 1296 | Config.Accel.surrogate_id); |
1297 | strListAdd(&strSurrogate, bbuf, ','); | |
1298 | httpHeaderPutStr(hdr_out, HDR_SURROGATE_CAPABILITY, strSurrogate.buf()); | |
1299 | } | |
1300 | #endif | |
1301 | ||
99edd1c3 | 1302 | /* append X-Forwarded-For */ |
6bccf575 | 1303 | strFwd = httpHeaderGetList(hdr_in, HDR_X_FORWARDED_FOR); |
62e76326 | 1304 | |
6056ae68 | 1305 | if (opt_forwarded_for && orig_request->client_addr.s_addr != no_addr.s_addr) |
62e76326 | 1306 | strListAdd(&strFwd, inet_ntoa(orig_request->client_addr), ','); |
6056ae68 | 1307 | else |
62e76326 | 1308 | strListAdd(&strFwd, "unknown", ','); |
1309 | ||
528b2c61 | 1310 | httpHeaderPutStr(hdr_out, HDR_X_FORWARDED_FOR, strFwd.buf()); |
62e76326 | 1311 | |
528b2c61 | 1312 | strFwd.clean(); |
6bccf575 | 1313 | |
99edd1c3 | 1314 | /* append Host if not there already */ |
1315 | if (!httpHeaderHas(hdr_out, HDR_HOST)) { | |
62e76326 | 1316 | if (orig_request->peer_domain) { |
1317 | httpHeaderPutStr(hdr_out, HDR_HOST, orig_request->peer_domain); | |
1318 | } else if (orig_request->port == urlDefaultPort(orig_request->protocol)) { | |
1319 | /* use port# only if not default */ | |
1320 | httpHeaderPutStr(hdr_out, HDR_HOST, orig_request->host); | |
1321 | } else { | |
1322 | httpHeaderPutStrf(hdr_out, HDR_HOST, "%s:%d", | |
1323 | orig_request->host, (int) orig_request->port); | |
1324 | } | |
6bf8443a | 1325 | } |
62e76326 | 1326 | |
c68e9c6b | 1327 | /* append Authorization if known in URL, not in header and going direct */ |
1328 | if (!httpHeaderHas(hdr_out, HDR_AUTHORIZATION)) { | |
62e76326 | 1329 | if (!request->flags.proxying && *request->login) { |
1330 | httpHeaderPutStrf(hdr_out, HDR_AUTHORIZATION, "Basic %s", | |
1331 | base64_encode(request->login)); | |
1332 | } | |
c68e9c6b | 1333 | } |
62e76326 | 1334 | |
c68e9c6b | 1335 | /* append Proxy-Authorization if configured for peer, and proxying */ |
c3b33cb7 | 1336 | if (request->flags.proxying && orig_request->peer_login && |
62e76326 | 1337 | !httpHeaderHas(hdr_out, HDR_PROXY_AUTHORIZATION)) { |
1338 | if (*orig_request->peer_login == '*') { | |
1339 | /* Special mode, to pass the username to the upstream cache */ | |
1340 | char loginbuf[256]; | |
1341 | const char *username = "-"; | |
1342 | ||
1343 | if (orig_request->auth_user_request) | |
1344 | username = orig_request->auth_user_request->username(); | |
abb929f0 | 1345 | else if (orig_request->extacl_user.size()) |
1346 | username = orig_request->extacl_user.buf(); | |
62e76326 | 1347 | |
1348 | snprintf(loginbuf, sizeof(loginbuf), "%s%s", username, orig_request->peer_login + 1); | |
1349 | ||
1350 | httpHeaderPutStrf(hdr_out, HDR_PROXY_AUTHORIZATION, "Basic %s", | |
1351 | base64_encode(loginbuf)); | |
1352 | } else if (strcmp(orig_request->peer_login, "PASS") == 0) { | |
abb929f0 | 1353 | if (orig_request->extacl_user.size() && orig_request->extacl_passwd.size()) { |
1354 | char loginbuf[256]; | |
1355 | snprintf(loginbuf, sizeof(loginbuf), "%s:%s", orig_request->extacl_user.buf(), orig_request->extacl_passwd.buf()); | |
1356 | httpHeaderPutStrf(hdr_out, HDR_PROXY_AUTHORIZATION, "Basic %s", | |
1357 | base64_encode(loginbuf)); | |
1358 | } | |
62e76326 | 1359 | } else if (strcmp(orig_request->peer_login, "PROXYPASS") == 0) { |
1360 | /* Nothing to do */ | |
1361 | } else { | |
1362 | httpHeaderPutStrf(hdr_out, HDR_PROXY_AUTHORIZATION, "Basic %s", | |
1363 | base64_encode(orig_request->peer_login)); | |
1364 | } | |
c68e9c6b | 1365 | } |
62e76326 | 1366 | |
be753325 | 1367 | /* append WWW-Authorization if configured for peer */ |
1368 | if (flags.originpeer && orig_request->peer_login && | |
62e76326 | 1369 | !httpHeaderHas(hdr_out, HDR_AUTHORIZATION)) { |
1370 | if (strcmp(orig_request->peer_login, "PASS") == 0) { | |
1371 | /* No credentials to forward.. (should have been done above if available) */ | |
1372 | } else if (strcmp(orig_request->peer_login, "PROXYPASS") == 0) { | |
1373 | /* Special mode, convert proxy authentication to WWW authentication | |
abb929f0 | 1374 | * (also applies to authentication provided by external acl) |
62e76326 | 1375 | */ |
1376 | const char *auth = httpHeaderGetStr(hdr_in, HDR_PROXY_AUTHORIZATION); | |
1377 | ||
1378 | if (auth && strncasecmp(auth, "basic ", 6) == 0) { | |
1379 | httpHeaderPutStr(hdr_out, HDR_AUTHORIZATION, auth); | |
abb929f0 | 1380 | } else if (orig_request->extacl_user.size() && orig_request->extacl_passwd.size()) { |
1381 | char loginbuf[256]; | |
1382 | snprintf(loginbuf, sizeof(loginbuf), "%s:%s", orig_request->extacl_user.buf(), orig_request->extacl_passwd.buf()); | |
1383 | httpHeaderPutStrf(hdr_out, HDR_AUTHORIZATION, "Basic %s", | |
1384 | base64_encode(loginbuf)); | |
62e76326 | 1385 | } |
1386 | } else if (*orig_request->peer_login == '*') { | |
1387 | /* Special mode, to pass the username to the upstream cache */ | |
1388 | char loginbuf[256]; | |
1389 | const char *username = "-"; | |
1390 | ||
1391 | if (orig_request->auth_user_request) | |
f5691f9c | 1392 | username = orig_request->auth_user_request->username(); |
abb929f0 | 1393 | else if (orig_request->extacl_user.size()) |
1394 | username = orig_request->extacl_user.buf(); | |
62e76326 | 1395 | |
1396 | snprintf(loginbuf, sizeof(loginbuf), "%s%s", username, orig_request->peer_login + 1); | |
1397 | ||
1398 | httpHeaderPutStrf(hdr_out, HDR_AUTHORIZATION, "Basic %s", | |
1399 | base64_encode(loginbuf)); | |
1400 | } else { | |
1401 | /* Fixed login string */ | |
1402 | httpHeaderPutStrf(hdr_out, HDR_AUTHORIZATION, "Basic %s", | |
1403 | base64_encode(orig_request->peer_login)); | |
1404 | } | |
be753325 | 1405 | } |
62e76326 | 1406 | |
abb929f0 | 1407 | /* append Cache-Control, add max-age if not there already */ { |
62e76326 | 1408 | HttpHdrCc *cc = httpHeaderGetCc(hdr_in); |
1409 | ||
1410 | if (!cc) | |
1411 | cc = httpHdrCcCreate(); | |
1412 | ||
1413 | if (!EBIT_TEST(cc->mask, CC_MAX_AGE)) { | |
43ae1d95 | 1414 | const char *url = |
1415 | entry ? storeUrl(entry) : urlCanonical(orig_request); | |
62e76326 | 1416 | httpHdrCcSetMaxAge(cc, getMaxAge(url)); |
1417 | ||
1418 | if (request->urlpath.size()) | |
1419 | assert(strstr(url, request->urlpath.buf())); | |
1420 | } | |
1421 | ||
ce2d6441 | 1422 | /* Set no-cache if determined needed but not found */ |
1423 | if (orig_request->flags.nocache && !httpHeaderHas(hdr_in, HDR_PRAGMA)) | |
1424 | EBIT_SET(cc->mask, CC_NO_CACHE); | |
1425 | ||
1426 | /* Enforce sibling relations */ | |
62e76326 | 1427 | if (flags.only_if_cached) |
1428 | EBIT_SET(cc->mask, CC_ONLY_IF_CACHED); | |
1429 | ||
1430 | httpHeaderPutCc(hdr_out, cc); | |
1431 | ||
1432 | httpHdrCcDestroy(cc); | |
6bf8443a | 1433 | } |
62e76326 | 1434 | |
99edd1c3 | 1435 | /* maybe append Connection: keep-alive */ |
b515fc11 | 1436 | if (flags.keepalive) { |
62e76326 | 1437 | if (flags.proxying) { |
1438 | httpHeaderPutStr(hdr_out, HDR_PROXY_CONNECTION, "keep-alive"); | |
1439 | } else { | |
1440 | httpHeaderPutStr(hdr_out, HDR_CONNECTION, "keep-alive"); | |
1441 | } | |
603a02fd | 1442 | } |
62e76326 | 1443 | |
a7ad6e4e | 1444 | /* append Front-End-Https */ |
1445 | if (flags.front_end_https) { | |
62e76326 | 1446 | if (flags.front_end_https == 1 || request->protocol == PROTO_HTTPS) |
1447 | httpHeaderPutStr(hdr_out, HDR_FRONT_END_HTTPS, "On"); | |
a7ad6e4e | 1448 | } |
1449 | ||
6bccf575 | 1450 | /* Now mangle the headers. */ |
8c01ada0 | 1451 | httpHdrMangleList(hdr_out, request, ROR_REQUEST); |
62e76326 | 1452 | |
528b2c61 | 1453 | strConnection.clean(); |
99edd1c3 | 1454 | } |
1455 | ||
528b2c61 | 1456 | |
1457 | void | |
190154cf | 1458 | copyOneHeaderFromClientsideRequestToUpstreamRequest(const HttpHeaderEntry *e, String strConnection, HttpRequest * request, HttpRequest * orig_request, HttpHeader * hdr_out, int we_do_ranges, http_state_flags flags) |
528b2c61 | 1459 | { |
1460 | debug(11, 5) ("httpBuildRequestHeader: %s: %s\n", | |
62e76326 | 1461 | e->name.buf(), e->value.buf()); |
1462 | ||
528b2c61 | 1463 | if (!httpRequestHdrAllowed(e, &strConnection)) { |
62e76326 | 1464 | debug(11, 2) ("'%s' header denied by anonymize_headers configuration\n",+ e->name.buf()); |
1465 | return; | |
528b2c61 | 1466 | } |
62e76326 | 1467 | |
528b2c61 | 1468 | switch (e->id) { |
62e76326 | 1469 | |
be753325 | 1470 | case HDR_PROXY_AUTHORIZATION: |
62e76326 | 1471 | /* Only pass on proxy authentication to peers for which |
1472 | * authentication forwarding is explicitly enabled | |
1473 | */ | |
1474 | ||
1475 | if (flags.proxying && orig_request->peer_login && | |
abb929f0 | 1476 | (strcmp(orig_request->peer_login, "PASS") == 0 || |
1477 | strcmp(orig_request->peer_login, "PROXYPASS") == 0)) { | |
62e76326 | 1478 | httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); |
1479 | } | |
1480 | ||
1481 | break; | |
1482 | ||
be753325 | 1483 | case HDR_AUTHORIZATION: |
62e76326 | 1484 | /* Pass on WWW authentication */ |
1485 | ||
1486 | if (!flags.originpeer) { | |
1487 | httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); | |
1488 | } else { | |
1489 | /* In accelerators, only forward authentication if enabled | |
1490 | * (see also below for proxy->server authentication) | |
1491 | */ | |
1492 | ||
abb929f0 | 1493 | if (orig_request->peer_login && |
1494 | (strcmp(orig_request->peer_login, "PASS") == 0 || | |
1495 | strcmp(orig_request->peer_login, "PROXYPASS") == 0)) { | |
62e76326 | 1496 | httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); |
1497 | } | |
1498 | } | |
1499 | ||
1500 | break; | |
1501 | ||
be753325 | 1502 | case HDR_HOST: |
62e76326 | 1503 | /* |
b883b594 | 1504 | * Normally Squid rewrites the Host: header. |
1505 | * However, there is one case when we don't: If the URL | |
62e76326 | 1506 | * went through our redirector and the admin configured |
1507 | * 'redir_rewrites_host' to be off. | |
1508 | */ | |
1509 | ||
b883b594 | 1510 | if (request->flags.redirected && !Config.onoff.redir_rewrites_host) |
1511 | httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); | |
1512 | else { | |
1513 | /* use port# only if not default */ | |
1514 | ||
1515 | if (orig_request->port == urlDefaultPort(orig_request->protocol)) { | |
1516 | httpHeaderPutStr(hdr_out, HDR_HOST, orig_request->host); | |
1517 | } else { | |
1518 | httpHeaderPutStrf(hdr_out, HDR_HOST, "%s:%d", | |
1519 | orig_request->host, (int) orig_request->port); | |
1520 | } | |
1521 | } | |
62e76326 | 1522 | |
1523 | break; | |
1524 | ||
be753325 | 1525 | case HDR_IF_MODIFIED_SINCE: |
62e76326 | 1526 | /* append unless we added our own; |
1527 | * note: at most one client's ims header can pass through */ | |
b883b594 | 1528 | |
62e76326 | 1529 | if (!httpHeaderHas(hdr_out, HDR_IF_MODIFIED_SINCE)) |
1530 | httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); | |
1531 | ||
1532 | break; | |
1533 | ||
be753325 | 1534 | case HDR_MAX_FORWARDS: |
62e76326 | 1535 | if (orig_request->method == METHOD_TRACE) { |
1536 | const int hops = httpHeaderEntryGetInt(e); | |
1537 | ||
1538 | if (hops > 0) | |
1539 | httpHeaderPutInt(hdr_out, HDR_MAX_FORWARDS, hops - 1); | |
1540 | } | |
1541 | ||
1542 | break; | |
1543 | ||
be753325 | 1544 | case HDR_VIA: |
62e76326 | 1545 | /* If Via is disabled then forward any received header as-is */ |
1546 | ||
1547 | if (!Config.onoff.via) | |
1548 | httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); | |
1549 | ||
1550 | break; | |
1551 | ||
be753325 | 1552 | case HDR_RANGE: |
62e76326 | 1553 | |
be753325 | 1554 | case HDR_IF_RANGE: |
62e76326 | 1555 | |
be753325 | 1556 | case HDR_REQUEST_RANGE: |
62e76326 | 1557 | if (!we_do_ranges) |
1558 | httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); | |
1559 | ||
1560 | break; | |
1561 | ||
be753325 | 1562 | case HDR_PROXY_CONNECTION: |
62e76326 | 1563 | |
be753325 | 1564 | case HDR_CONNECTION: |
62e76326 | 1565 | |
be753325 | 1566 | case HDR_X_FORWARDED_FOR: |
62e76326 | 1567 | |
be753325 | 1568 | case HDR_CACHE_CONTROL: |
62e76326 | 1569 | /* append these after the loop if needed */ |
1570 | break; | |
1571 | ||
be753325 | 1572 | case HDR_FRONT_END_HTTPS: |
62e76326 | 1573 | if (!flags.front_end_https) |
1574 | httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); | |
1575 | ||
1576 | break; | |
1577 | ||
be753325 | 1578 | default: |
62e76326 | 1579 | /* pass on all other header fields */ |
1580 | httpHeaderAddEntry(hdr_out, httpHeaderEntryClone(e)); | |
528b2c61 | 1581 | } |
1582 | } | |
1583 | ||
1584 | int | |
190154cf | 1585 | decideIfWeDoRanges (HttpRequest * orig_request) |
528b2c61 | 1586 | { |
62e76326 | 1587 | int result = 1; |
1588 | /* decide if we want to do Ranges ourselves | |
1589 | * and fetch the whole object now) | |
1590 | * We want to handle Ranges ourselves iff | |
1591 | * - we can actually parse client Range specs | |
1592 | * - the specs are expected to be simple enough (e.g. no out-of-order ranges) | |
1593 | * - reply will be cachable | |
1594 | * (If the reply will be uncachable we have to throw it away after | |
1595 | * serving this request, so it is better to forward ranges to | |
1596 | * the server and fetch only the requested content) | |
1597 | */ | |
1598 | ||
1599 | if (NULL == orig_request->range || !orig_request->flags.cachable | |
1600 | || orig_request->range->offsetLimitExceeded()) | |
1601 | result = 0; | |
1602 | ||
1603 | debug(11, 8) ("decideIfWeDoRanges: range specs: %p, cachable: %d; we_do_ranges: %d\n", | |
1604 | orig_request->range, orig_request->flags.cachable, result); | |
1605 | ||
1606 | return result; | |
528b2c61 | 1607 | } |
1608 | ||
1609 | ||
62e76326 | 1610 | /* build request prefix and append it to a given MemBuf; |
99edd1c3 | 1611 | * return the length of the prefix */ |
9bc73deb | 1612 | mb_size_t |
190154cf | 1613 | httpBuildRequestPrefix(HttpRequest * request, |
1614 | HttpRequest * orig_request, | |
62e76326 | 1615 | StoreEntry * entry, |
1616 | MemBuf * mb, | |
1617 | http_state_flags flags) | |
99edd1c3 | 1618 | { |
1619 | const int offset = mb->size; | |
450e0c10 | 1620 | HttpVersion httpver(1, 0); |
2fe7eff9 | 1621 | mb->Printf("%s %s HTTP/%d.%d\r\n", |
1622 | RequestMethodStr[request->method], | |
1623 | request->urlpath.size() ? request->urlpath.buf() : "/", | |
1624 | httpver.major,httpver.minor); | |
99edd1c3 | 1625 | /* build and pack headers */ |
1626 | { | |
75faaa7a | 1627 | HttpHeader hdr(hoRequest); |
62e76326 | 1628 | Packer p; |
1629 | httpBuildRequestHeader(request, orig_request, entry, &hdr, flags); | |
1630 | packerToMemInit(&p, mb); | |
1631 | httpHeaderPackInto(&hdr, &p); | |
1632 | httpHeaderClean(&hdr); | |
1633 | packerClean(&p); | |
9d9d144b | 1634 | } |
99edd1c3 | 1635 | /* append header terminator */ |
2fe7eff9 | 1636 | mb->append(crlf, 2); |
99edd1c3 | 1637 | return mb->size - offset; |
6bf8443a | 1638 | } |
62e76326 | 1639 | |
090089c4 | 1640 | /* This will be called when connect completes. Write request. */ |
b8d8561b | 1641 | static void |
b6a2f15e | 1642 | httpSendRequest(HttpStateData * httpState) |
090089c4 | 1643 | { |
99edd1c3 | 1644 | MemBuf mb; |
190154cf | 1645 | HttpRequest *req = httpState->request; |
620da955 | 1646 | StoreEntry *entry = httpState->entry; |
29b8d8d6 | 1647 | peer *p = httpState->_peer; |
901e234d | 1648 | CWCB *sendHeaderDone; |
21b92762 | 1649 | int fd = httpState->fd; |
090089c4 | 1650 | |
21b92762 | 1651 | debug(11, 5) ("httpSendRequest: FD %d: httpState %p.\n", fd, |
43ae1d95 | 1652 | httpState); |
090089c4 | 1653 | |
21b92762 | 1654 | /* Schedule read reply. */ |
1655 | commSetTimeout(fd, Config.Timeout.lifetime, httpTimeout, httpState); | |
1656 | entry->delayAwareRead(fd, httpState->buf, SQUID_TCP_SO_RCVBUF, httpReadReply, httpState); | |
1657 | ||
a2ac85d9 | 1658 | if (httpState->orig_request->body_connection.getRaw() != NULL) |
62e76326 | 1659 | sendHeaderDone = httpSendRequestEntity; |
7db8b16d | 1660 | else |
62e76326 | 1661 | sendHeaderDone = HttpStateData::SendComplete; |
54220df8 | 1662 | |
be753325 | 1663 | if (p != NULL) { |
62e76326 | 1664 | if (p->options.originserver) { |
1665 | httpState->flags.proxying = 0; | |
1666 | httpState->flags.originpeer = 1; | |
1667 | } else { | |
1668 | httpState->flags.proxying = 1; | |
1669 | httpState->flags.originpeer = 0; | |
1670 | } | |
be753325 | 1671 | } else { |
62e76326 | 1672 | httpState->flags.proxying = 0; |
1673 | httpState->flags.originpeer = 0; | |
be753325 | 1674 | } |
62e76326 | 1675 | |
efb9218c | 1676 | /* |
99edd1c3 | 1677 | * Is keep-alive okay for all request methods? |
efb9218c | 1678 | */ |
efd900cb | 1679 | if (!Config.onoff.server_pconns) |
62e76326 | 1680 | httpState->flags.keepalive = 0; |
efd900cb | 1681 | else if (p == NULL) |
62e76326 | 1682 | httpState->flags.keepalive = 1; |
efb9218c | 1683 | else if (p->stats.n_keepalives_sent < 10) |
62e76326 | 1684 | httpState->flags.keepalive = 1; |
43ae1d95 | 1685 | else if ((double) p->stats.n_keepalives_recv / |
1686 | (double) p->stats.n_keepalives_sent > 0.50) | |
62e76326 | 1687 | httpState->flags.keepalive = 1; |
1688 | ||
a7ad6e4e | 1689 | if (httpState->_peer) { |
62e76326 | 1690 | if (neighborType(httpState->_peer, httpState->request) == PEER_SIBLING && |
1691 | !httpState->_peer->options.allow_miss) | |
1692 | httpState->flags.only_if_cached = 1; | |
1693 | ||
1694 | httpState->flags.front_end_https = httpState->_peer->front_end_https; | |
a7ad6e4e | 1695 | } |
62e76326 | 1696 | |
2fe7eff9 | 1697 | mb.init(); |
99edd1c3 | 1698 | httpBuildRequestPrefix(req, |
62e76326 | 1699 | httpState->orig_request, |
1700 | entry, | |
1701 | &mb, | |
1702 | httpState->flags); | |
21b92762 | 1703 | debug(11, 6) ("httpSendRequest: FD %d:\n%s\n", fd, mb.buf); |
032785bf | 1704 | comm_old_write_mbuf(fd, &mb, sendHeaderDone, httpState); |
090089c4 | 1705 | } |
b6a2f15e | 1706 | |
910169e5 | 1707 | void |
db1cd23c | 1708 | httpStart(FwdState * fwd) |
603a02fd | 1709 | { |
db1cd23c | 1710 | int fd = fwd->server_fd; |
28c60158 | 1711 | HttpStateData *httpState; |
190154cf | 1712 | HttpRequest *proxy_req; |
1713 | HttpRequest *orig_req = fwd->request; | |
910169e5 | 1714 | debug(11, 3) ("httpStart: \"%s %s\"\n", |
62e76326 | 1715 | RequestMethodStr[orig_req->method], |
1716 | storeUrl(fwd->entry)); | |
e6ccf245 | 1717 | CBDATA_INIT_TYPE(HttpStateData); |
72711e31 | 1718 | httpState = cbdataAlloc(HttpStateData); |
43ae1d95 | 1719 | httpState->ignoreCacheControl = false; |
1720 | httpState->surrogateNoStore = false; | |
db1cd23c | 1721 | storeLockObject(fwd->entry); |
1722 | httpState->fwd = fwd; | |
1723 | httpState->entry = fwd->entry; | |
9e4ad609 | 1724 | httpState->fd = fd; |
62e76326 | 1725 | |
db1cd23c | 1726 | if (fwd->servers) |
62e76326 | 1727 | httpState->_peer = fwd->servers->_peer; /* might be NULL */ |
1728 | ||
29b8d8d6 | 1729 | if (httpState->_peer) { |
62e76326 | 1730 | const char *url; |
1731 | ||
1732 | if (httpState->_peer->options.originserver) | |
1733 | url = orig_req->urlpath.buf(); | |
1734 | else | |
1735 | url = storeUrl(httpState->entry); | |
1736 | ||
1737 | proxy_req = requestCreate(orig_req->method, | |
1738 | orig_req->protocol, url); | |
1739 | ||
1740 | xstrncpy(proxy_req->host, httpState->_peer->host, SQUIDHOSTNAMELEN); | |
1741 | ||
1742 | proxy_req->port = httpState->_peer->http_port; | |
1743 | ||
1744 | proxy_req->flags = orig_req->flags; | |
1745 | ||
1746 | proxy_req->lastmod = orig_req->lastmod; | |
1747 | ||
1748 | httpState->request = requestLink(proxy_req); | |
1749 | ||
1750 | httpState->orig_request = requestLink(orig_req); | |
1751 | ||
1752 | proxy_req->flags.proxying = 1; | |
1753 | ||
1754 | /* | |
1755 | * This NEIGHBOR_PROXY_ONLY check probably shouldn't be here. | |
1756 | * We might end up getting the object from somewhere else if, | |
1757 | * for example, the request to this neighbor fails. | |
1758 | */ | |
1759 | if (httpState->_peer->options.proxy_only) | |
1760 | storeReleaseRequest(httpState->entry); | |
1761 | ||
95e36d02 | 1762 | #if DELAY_POOLS |
62e76326 | 1763 | |
a46d2c0e | 1764 | httpState->entry->setNoDelay(httpState->_peer->options.no_delay); |
62e76326 | 1765 | |
95e36d02 | 1766 | #endif |
62e76326 | 1767 | |
603a02fd | 1768 | } else { |
62e76326 | 1769 | httpState->request = requestLink(orig_req); |
1770 | httpState->orig_request = requestLink(orig_req); | |
603a02fd | 1771 | } |
62e76326 | 1772 | |
910169e5 | 1773 | /* |
1774 | * register the handler to free HTTP state data when the FD closes | |
1775 | */ | |
1776 | comm_add_close_handler(fd, httpStateFree, httpState); | |
62e76326 | 1777 | |
83704487 | 1778 | statCounter.server.all.requests++; |
62e76326 | 1779 | |
83704487 | 1780 | statCounter.server.http.requests++; |
62e76326 | 1781 | |
b6a2f15e | 1782 | httpSendRequest(httpState); |
62e76326 | 1783 | |
b6a2f15e | 1784 | /* |
1785 | * We used to set the read timeout here, but not any more. | |
1786 | * Now its set in httpSendComplete() after the full request, | |
1787 | * including request body, has been written to the server. | |
1788 | */ | |
090089c4 | 1789 | } |
1790 | ||
54220df8 | 1791 | static void |
c3d63b2a | 1792 | httpSendRequestEntityDone(int fd, void *data) |
54220df8 | 1793 | { |
e6ccf245 | 1794 | HttpStateData *httpState = static_cast<HttpStateData *>(data); |
4fb35c3c | 1795 | ACLChecklist ch; |
43ae1d95 | 1796 | debug(11, 5) ("httpSendRequestEntityDone: FD %d\n", fd); |
8000a965 | 1797 | ch.request = requestLink(httpState->request); |
506768d9 | 1798 | |
1799 | if (Config.accessList.brokenPosts) | |
1800 | ch.accessList = cbdataReference(Config.accessList.brokenPosts); | |
62e76326 | 1801 | |
94439e4e | 1802 | if (!Config.accessList.brokenPosts) { |
62e76326 | 1803 | debug(11, 5) ("httpSendRequestEntityDone: No brokenPosts list\n"); |
1804 | HttpStateData::SendComplete(fd, NULL, 0, COMM_OK, data); | |
b448c119 | 1805 | } else if (!ch.fastCheck()) { |
62e76326 | 1806 | debug(11, 5) ("httpSendRequestEntityDone: didn't match brokenPosts\n"); |
1807 | HttpStateData::SendComplete(fd, NULL, 0, COMM_OK, data); | |
94439e4e | 1808 | } else { |
62e76326 | 1809 | debug(11, 2) ("httpSendRequestEntityDone: matched brokenPosts\n"); |
1810 | comm_old_write(fd, "\r\n", 2, HttpStateData::SendComplete, data, NULL); | |
54220df8 | 1811 | } |
b448c119 | 1812 | |
1813 | ch.accessList = NULL; | |
94439e4e | 1814 | } |
1815 | ||
1816 | static void | |
e6ccf245 | 1817 | httpRequestBodyHandler(char *buf, ssize_t size, void *data) |
94439e4e | 1818 | { |
1819 | HttpStateData *httpState = (HttpStateData *) data; | |
21b92762 | 1820 | httpState->body_buf = NULL; |
62e76326 | 1821 | |
94439e4e | 1822 | if (size > 0) { |
1a98175f | 1823 | if (httpState->flags.headers_parsed && !httpState->flags.abuse_detected) { |
21b92762 | 1824 | httpState->flags.abuse_detected = 1; |
1825 | debug(11, 1) ("httpSendRequestEntryDone: Likely proxy abuse detected '%s' -> '%s'\n", | |
1826 | inet_ntoa(httpState->orig_request->client_addr), | |
1827 | storeUrl(httpState->entry)); | |
1828 | ||
1829 | if (httpState->entry->getReply()->sline.status == HTTP_INVALID_HEADER) { | |
1830 | memFree8K(buf); | |
1831 | comm_close(httpState->fd); | |
1832 | return; | |
1833 | } | |
1834 | } | |
1835 | ||
62e76326 | 1836 | comm_old_write(httpState->fd, buf, size, httpSendRequestEntity, data, memFree8K); |
94439e4e | 1837 | } else if (size == 0) { |
62e76326 | 1838 | /* End of body */ |
1839 | memFree8K(buf); | |
1840 | httpSendRequestEntityDone(httpState->fd, data); | |
94439e4e | 1841 | } else { |
62e76326 | 1842 | /* Failed to get whole body, probably aborted */ |
1843 | memFree8K(buf); | |
1844 | HttpStateData::SendComplete(httpState->fd, NULL, 0, COMM_ERR_CLOSING, data); | |
b6a2f15e | 1845 | } |
376bb137 | 1846 | } |
1847 | ||
1848 | static void | |
3d7e9d7c | 1849 | httpSendRequestEntity(int fd, char *bufnotused, size_t size, comm_err_t errflag, void *data) |
376bb137 | 1850 | { |
e6ccf245 | 1851 | HttpStateData *httpState = static_cast<HttpStateData *>(data); |
376bb137 | 1852 | StoreEntry *entry = httpState->entry; |
c3d63b2a | 1853 | debug(11, 5) ("httpSendRequestEntity: FD %d: size %d: errflag %d.\n", |
62e76326 | 1854 | fd, (int) size, errflag); |
1855 | ||
376bb137 | 1856 | if (size > 0) { |
62e76326 | 1857 | fd_bytes(fd, size, FD_WRITE); |
1858 | kb_incr(&statCounter.server.all.kbytes_out, size); | |
1859 | kb_incr(&statCounter.server.http.kbytes_out, size); | |
376bb137 | 1860 | } |
62e76326 | 1861 | |
376bb137 | 1862 | if (errflag == COMM_ERR_CLOSING) |
62e76326 | 1863 | return; |
1864 | ||
376bb137 | 1865 | if (errflag) { |
6cae5db1 | 1866 | ErrorState *err; |
4eb368f9 | 1867 | err = errorCon(ERR_WRITE_ERROR, HTTP_BAD_GATEWAY); |
62e76326 | 1868 | err->xerrno = errno; |
6cae5db1 | 1869 | fwdFail(httpState->fwd, err); |
62e76326 | 1870 | comm_close(fd); |
1871 | return; | |
376bb137 | 1872 | } |
62e76326 | 1873 | |
94439e4e | 1874 | if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) { |
62e76326 | 1875 | comm_close(fd); |
1876 | return; | |
376bb137 | 1877 | } |
62e76326 | 1878 | |
21b92762 | 1879 | httpState->body_buf = (char *)memAllocate(MEM_8K_BUF); |
1880 | clientReadBody(httpState->orig_request, httpState->body_buf, 8192, httpRequestBodyHandler, httpState); | |
54220df8 | 1881 | } |
ccf44862 | 1882 | |
1883 | void | |
450e0c10 | 1884 | httpBuildVersion(HttpVersion * version, unsigned int major, unsigned int minor) |
110eb4e5 | 1885 | { |
1886 | version->major = major; | |
1887 | version->minor = minor; | |
ccf44862 | 1888 | } |