]>
Commit | Line | Data |
---|---|---|
1 | ||
2 | /* | |
3 | * $Id: http.cc,v 1.546 2008/02/03 10:00:30 amosjeffries Exp $ | |
4 | * | |
5 | * DEBUG: section 11 Hypertext Transfer Protocol (HTTP) | |
6 | * AUTHOR: Harvest Derived | |
7 | * | |
8 | * SQUID Web Proxy Cache http://www.squid-cache.org/ | |
9 | * ---------------------------------------------------------- | |
10 | * | |
11 | * Squid is the result of efforts by numerous individuals from | |
12 | * the Internet community; see the CONTRIBUTORS file for full | |
13 | * details. Many organizations have provided support for Squid's | |
14 | * development; see the SPONSORS file for full details. Squid is | |
15 | * Copyrighted (C) 2001 by the Regents of the University of | |
16 | * California; see the COPYRIGHT file for full details. Squid | |
17 | * incorporates software developed and/or copyrighted by other | |
18 | * sources; see the CREDITS file for full details. | |
19 | * | |
20 | * This program is free software; you can redistribute it and/or modify | |
21 | * it under the terms of the GNU General Public License as published by | |
22 | * the Free Software Foundation; either version 2 of the License, or | |
23 | * (at your option) any later version. | |
24 | * | |
25 | * This program is distributed in the hope that it will be useful, | |
26 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
27 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
28 | * GNU General Public License for more details. | |
29 | * | |
30 | * You should have received a copy of the GNU General Public License | |
31 | * along with this program; if not, write to the Free Software | |
32 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. | |
33 | * | |
34 | */ | |
35 | ||
36 | /* | |
37 | * Anonymizing patch by lutz@as-node.jena.thur.de | |
38 | * have a look into http-anon.c to get more informations. | |
39 | */ | |
40 | ||
41 | #include "squid.h" | |
42 | #include "errorpage.h" | |
43 | #include "MemBuf.h" | |
44 | #include "http.h" | |
45 | #include "AuthUserRequest.h" | |
46 | #include "Store.h" | |
47 | #include "HttpReply.h" | |
48 | #include "HttpRequest.h" | |
49 | #include "MemObject.h" | |
50 | #include "HttpHdrContRange.h" | |
51 | #include "HttpHdrSc.h" | |
52 | #include "HttpHdrScTarget.h" | |
53 | #include "ACLChecklist.h" | |
54 | #include "fde.h" | |
55 | #if DELAY_POOLS | |
56 | #include "DelayPools.h" | |
57 | #endif | |
58 | #include "SquidTime.h" | |
59 | #include "TextException.h" | |
60 | ||
61 | #define SQUID_ENTER_THROWING_CODE() try { | |
62 | #define SQUID_EXIT_THROWING_CODE(status) \ | |
63 | status = true; \ | |
64 | } \ | |
65 | catch (const TextException &e) { \ | |
66 | debugs (11, 1, "Exception error:" << e.message); \ | |
67 | status = false; \ | |
68 | } | |
69 | ||
70 | CBDATA_CLASS_INIT(HttpStateData); | |
71 | ||
72 | static const char *const crlf = "\r\n"; | |
73 | ||
74 | static PF httpStateFree; | |
75 | static PF httpTimeout; | |
76 | static void httpMaybeRemovePublic(StoreEntry *, http_status); | |
77 | static void copyOneHeaderFromClientsideRequestToUpstreamRequest(const HttpHeaderEntry *e, String strConnection, HttpRequest * request, HttpRequest * orig_request, | |
78 | HttpHeader * hdr_out, int we_do_ranges, http_state_flags); | |
79 | ||
80 | HttpStateData::HttpStateData(FwdState *theFwdState) : ServerStateData(theFwdState), | |
81 | header_bytes_read(0), reply_bytes_read(0), httpChunkDecoder(NULL) | |
82 | { | |
83 | debugs(11,5,HERE << "HttpStateData " << this << " created"); | |
84 | ignoreCacheControl = false; | |
85 | surrogateNoStore = false; | |
86 | fd = fwd->server_fd; | |
87 | readBuf = new MemBuf; | |
88 | readBuf->init(4096, SQUID_TCP_SO_RCVBUF); | |
89 | orig_request = HTTPMSGLOCK(fwd->request); | |
90 | ||
91 | if (fwd->servers) | |
92 | _peer = fwd->servers->_peer; /* might be NULL */ | |
93 | ||
94 | if (_peer) { | |
95 | const char *url; | |
96 | ||
97 | if (_peer->options.originserver) | |
98 | url = orig_request->urlpath.buf(); | |
99 | else | |
100 | url = entry->url(); | |
101 | ||
102 | HttpRequest * proxy_req = new HttpRequest(orig_request->method, | |
103 | orig_request->protocol, url); | |
104 | ||
105 | proxy_req->SetHost(_peer->host); | |
106 | ||
107 | proxy_req->port = _peer->http_port; | |
108 | ||
109 | proxy_req->flags = orig_request->flags; | |
110 | ||
111 | proxy_req->lastmod = orig_request->lastmod; | |
112 | ||
113 | proxy_req->flags.proxying = 1; | |
114 | ||
115 | HTTPMSGUNLOCK(request); | |
116 | ||
117 | request = HTTPMSGLOCK(proxy_req); | |
118 | ||
119 | /* | |
120 | * This NEIGHBOR_PROXY_ONLY check probably shouldn't be here. | |
121 | * We might end up getting the object from somewhere else if, | |
122 | * for example, the request to this neighbor fails. | |
123 | */ | |
124 | if (_peer->options.proxy_only) | |
125 | entry->releaseRequest(); | |
126 | ||
127 | #if DELAY_POOLS | |
128 | ||
129 | entry->setNoDelay(_peer->options.no_delay); | |
130 | ||
131 | #endif | |
132 | } | |
133 | ||
134 | /* | |
135 | * register the handler to free HTTP state data when the FD closes | |
136 | */ | |
137 | comm_add_close_handler(fd, httpStateFree, this); | |
138 | } | |
139 | ||
140 | HttpStateData::~HttpStateData() | |
141 | { | |
142 | /* | |
143 | * don't forget that ~ServerStateData() gets called automatically | |
144 | */ | |
145 | ||
146 | if (!readBuf->isNull()) | |
147 | readBuf->clean(); | |
148 | ||
149 | delete readBuf; | |
150 | ||
151 | if(httpChunkDecoder) | |
152 | delete httpChunkDecoder; | |
153 | ||
154 | HTTPMSGUNLOCK(orig_request); | |
155 | ||
156 | debugs(11,5, HERE << "HttpStateData " << this << " destroyed; FD " << fd); | |
157 | } | |
158 | ||
159 | int | |
160 | HttpStateData::dataDescriptor() const | |
161 | { | |
162 | return fd; | |
163 | } | |
164 | ||
165 | static void | |
166 | httpStateFree(int fd, void *data) | |
167 | { | |
168 | HttpStateData *httpState = static_cast<HttpStateData *>(data); | |
169 | debugs(11, 5, "httpStateFree: FD " << fd << ", httpState=" << data); | |
170 | delete httpState; | |
171 | } | |
172 | ||
173 | int | |
174 | httpCachable(const HttpRequestMethod& method) | |
175 | { | |
176 | /* GET and HEAD are cachable. Others are not. */ | |
177 | ||
178 | // TODO: replase to HttpRequestMethod::isCachable() ? | |
179 | if (method != METHOD_GET && method != METHOD_HEAD) | |
180 | return 0; | |
181 | ||
182 | /* else cachable */ | |
183 | return 1; | |
184 | } | |
185 | ||
186 | static void | |
187 | httpTimeout(int fd, void *data) | |
188 | { | |
189 | HttpStateData *httpState = static_cast<HttpStateData *>(data); | |
190 | StoreEntry *entry = httpState->entry; | |
191 | debugs(11, 4, "httpTimeout: FD " << fd << ": '" << entry->url() << "'" ); | |
192 | ||
193 | if (entry->store_status == STORE_PENDING) { | |
194 | httpState->fwd->fail(errorCon(ERR_READ_TIMEOUT, HTTP_GATEWAY_TIMEOUT, httpState->fwd->request)); | |
195 | } | |
196 | ||
197 | comm_close(fd); | |
198 | } | |
199 | ||
200 | static void | |
201 | httpMaybeRemovePublic(StoreEntry * e, http_status status) | |
202 | { | |
203 | int remove = 0; | |
204 | int forbidden = 0; | |
205 | StoreEntry *pe; | |
206 | ||
207 | if (!EBIT_TEST(e->flags, KEY_PRIVATE)) | |
208 | return; | |
209 | ||
210 | switch (status) { | |
211 | ||
212 | case HTTP_OK: | |
213 | ||
214 | case HTTP_NON_AUTHORITATIVE_INFORMATION: | |
215 | ||
216 | case HTTP_MULTIPLE_CHOICES: | |
217 | ||
218 | case HTTP_MOVED_PERMANENTLY: | |
219 | ||
220 | case HTTP_MOVED_TEMPORARILY: | |
221 | ||
222 | case HTTP_GONE: | |
223 | ||
224 | case HTTP_NOT_FOUND: | |
225 | remove = 1; | |
226 | ||
227 | break; | |
228 | ||
229 | case HTTP_FORBIDDEN: | |
230 | ||
231 | case HTTP_METHOD_NOT_ALLOWED: | |
232 | forbidden = 1; | |
233 | ||
234 | break; | |
235 | ||
236 | #if WORK_IN_PROGRESS | |
237 | ||
238 | case HTTP_UNAUTHORIZED: | |
239 | forbidden = 1; | |
240 | ||
241 | break; | |
242 | ||
243 | #endif | |
244 | ||
245 | default: | |
246 | #if QUESTIONABLE | |
247 | /* | |
248 | * Any 2xx response should eject previously cached entities... | |
249 | */ | |
250 | ||
251 | if (status >= 200 && status < 300) | |
252 | remove = 1; | |
253 | ||
254 | #endif | |
255 | ||
256 | break; | |
257 | } | |
258 | ||
259 | if (!remove && !forbidden) | |
260 | return; | |
261 | ||
262 | assert(e->mem_obj); | |
263 | ||
264 | if (e->mem_obj->request) | |
265 | pe = storeGetPublicByRequest(e->mem_obj->request); | |
266 | else | |
267 | pe = storeGetPublic(e->mem_obj->url, e->mem_obj->method); | |
268 | ||
269 | if (pe != NULL) { | |
270 | assert(e != pe); | |
271 | pe->release(); | |
272 | } | |
273 | ||
274 | /** \par | |
275 | * Also remove any cached HEAD response in case the object has | |
276 | * changed. | |
277 | */ | |
278 | if (e->mem_obj->request) | |
279 | pe = storeGetPublicByRequestMethod(e->mem_obj->request, METHOD_HEAD); | |
280 | else | |
281 | pe = storeGetPublic(e->mem_obj->url, METHOD_HEAD); | |
282 | ||
283 | if (pe != NULL) { | |
284 | assert(e != pe); | |
285 | pe->release(); | |
286 | } | |
287 | ||
288 | if (forbidden) | |
289 | return; | |
290 | ||
291 | /// \todo AYJ: given the coment below + new behaviour of accepting METHOD_UNKNOWN, should we invert this test | |
292 | /// removing the object unless the method is nown to be safely kept? | |
293 | switch (e->mem_obj->method.id()) { | |
294 | ||
295 | case METHOD_PUT: | |
296 | ||
297 | case METHOD_DELETE: | |
298 | ||
299 | case METHOD_PROPPATCH: | |
300 | ||
301 | case METHOD_MKCOL: | |
302 | ||
303 | case METHOD_MOVE: | |
304 | ||
305 | case METHOD_BMOVE: | |
306 | ||
307 | case METHOD_BDELETE: | |
308 | /** \par | |
309 | * Remove any cached GET object if it is believed that the | |
310 | * object may have changed as a result of other methods | |
311 | */ | |
312 | ||
313 | if (e->mem_obj->request) | |
314 | pe = storeGetPublicByRequestMethod(e->mem_obj->request, METHOD_GET); | |
315 | else | |
316 | pe = storeGetPublic(e->mem_obj->url, METHOD_GET); | |
317 | ||
318 | if (pe != NULL) { | |
319 | assert(e != pe); | |
320 | pe->release(); | |
321 | } | |
322 | ||
323 | break; | |
324 | ||
325 | default: | |
326 | /* Keep GCC happy. The methods above are all mutating HTTP methods | |
327 | */ | |
328 | break; | |
329 | } | |
330 | } | |
331 | ||
332 | void | |
333 | HttpStateData::processSurrogateControl(HttpReply *reply) | |
334 | { | |
335 | #if USE_SQUID_ESI | |
336 | ||
337 | if (request->flags.accelerated && reply->surrogate_control) { | |
338 | HttpHdrScTarget *sctusable = | |
339 | httpHdrScGetMergedTarget(reply->surrogate_control, | |
340 | Config.Accel.surrogate_id); | |
341 | ||
342 | if (sctusable) { | |
343 | if (EBIT_TEST(sctusable->mask, SC_NO_STORE) || | |
344 | (Config.onoff.surrogate_is_remote | |
345 | && EBIT_TEST(sctusable->mask, SC_NO_STORE_REMOTE))) { | |
346 | surrogateNoStore = true; | |
347 | entry->makePrivate(); | |
348 | } | |
349 | ||
350 | /* The HttpHeader logic cannot tell if the header it's parsing is a reply to an | |
351 | * accelerated request or not... | |
352 | * Still, this is an abtraction breach. - RC | |
353 | */ | |
354 | if (sctusable->max_age != -1) { | |
355 | if (sctusable->max_age < sctusable->max_stale) | |
356 | reply->expires = reply->date + sctusable->max_age; | |
357 | else | |
358 | reply->expires = reply->date + sctusable->max_stale; | |
359 | ||
360 | /* And update the timestamps */ | |
361 | entry->timestampsSet(); | |
362 | } | |
363 | ||
364 | /* We ignore cache-control directives as per the Surrogate specification */ | |
365 | ignoreCacheControl = true; | |
366 | ||
367 | httpHdrScTargetDestroy(sctusable); | |
368 | } | |
369 | } | |
370 | ||
371 | #endif | |
372 | } | |
373 | ||
374 | int | |
375 | HttpStateData::cacheableReply() | |
376 | { | |
377 | HttpReply const *rep = finalReply(); | |
378 | HttpHeader const *hdr = &rep->header; | |
379 | const int cc_mask = (rep->cache_control) ? rep->cache_control->mask : 0; | |
380 | const char *v; | |
381 | #if HTTP_VIOLATIONS | |
382 | ||
383 | const refresh_t *R = NULL; | |
384 | ||
385 | /* This strange looking define first looks up the refresh pattern | |
386 | * and then checks if the specified flag is set. The main purpose | |
387 | * of this is to simplify the refresh pattern lookup and HTTP_VIOLATIONS | |
388 | * condition | |
389 | */ | |
390 | #define REFRESH_OVERRIDE(flag) \ | |
391 | ((R = (R ? R : refreshLimits(entry->mem_obj->url))) , \ | |
392 | (R && R->flags.flag)) | |
393 | #else | |
394 | #define REFRESH_OVERRIDE(flag) 0 | |
395 | #endif | |
396 | ||
397 | if (surrogateNoStore) | |
398 | return 0; | |
399 | ||
400 | if (!ignoreCacheControl) { | |
401 | if (EBIT_TEST(cc_mask, CC_PRIVATE)) { | |
402 | if (!REFRESH_OVERRIDE(ignore_private)) | |
403 | return 0; | |
404 | } | |
405 | ||
406 | if (EBIT_TEST(cc_mask, CC_NO_CACHE)) { | |
407 | if (!REFRESH_OVERRIDE(ignore_no_cache)) | |
408 | return 0; | |
409 | } | |
410 | ||
411 | if (EBIT_TEST(cc_mask, CC_NO_STORE)) { | |
412 | if (!REFRESH_OVERRIDE(ignore_no_store)) | |
413 | return 0; | |
414 | } | |
415 | } | |
416 | ||
417 | if (request->flags.auth) { | |
418 | /* | |
419 | * Responses to requests with authorization may be cached | |
420 | * only if a Cache-Control: public reply header is present. | |
421 | * RFC 2068, sec 14.9.4 | |
422 | */ | |
423 | ||
424 | if (!EBIT_TEST(cc_mask, CC_PUBLIC)) { | |
425 | if (!REFRESH_OVERRIDE(ignore_auth)) | |
426 | return 0; | |
427 | } | |
428 | } | |
429 | ||
430 | /* Pragma: no-cache in _replies_ is not documented in HTTP, | |
431 | * but servers like "Active Imaging Webcast/2.0" sure do use it */ | |
432 | if (hdr->has(HDR_PRAGMA)) { | |
433 | String s = hdr->getList(HDR_PRAGMA); | |
434 | const int no_cache = strListIsMember(&s, "no-cache", ','); | |
435 | s.clean(); | |
436 | ||
437 | if (no_cache) { | |
438 | if (!REFRESH_OVERRIDE(ignore_no_cache)) | |
439 | return 0; | |
440 | } | |
441 | } | |
442 | ||
443 | /* | |
444 | * The "multipart/x-mixed-replace" content type is used for | |
445 | * continuous push replies. These are generally dynamic and | |
446 | * probably should not be cachable | |
447 | */ | |
448 | if ((v = hdr->getStr(HDR_CONTENT_TYPE))) | |
449 | if (!strncasecmp(v, "multipart/x-mixed-replace", 25)) | |
450 | return 0; | |
451 | ||
452 | switch (rep->sline.status) { | |
453 | /* Responses that are cacheable */ | |
454 | ||
455 | case HTTP_OK: | |
456 | ||
457 | case HTTP_NON_AUTHORITATIVE_INFORMATION: | |
458 | ||
459 | case HTTP_MULTIPLE_CHOICES: | |
460 | ||
461 | case HTTP_MOVED_PERMANENTLY: | |
462 | ||
463 | case HTTP_GONE: | |
464 | /* | |
465 | * Don't cache objects that need to be refreshed on next request, | |
466 | * unless we know how to refresh it. | |
467 | */ | |
468 | ||
469 | if (!refreshIsCachable(entry)) { | |
470 | debugs(22, 3, "refreshIsCachable() returned non-cacheable.."); | |
471 | return 0; | |
472 | } | |
473 | ||
474 | /* don't cache objects from peers w/o LMT, Date, or Expires */ | |
475 | /* check that is it enough to check headers @?@ */ | |
476 | if (rep->date > -1) | |
477 | return 1; | |
478 | else if (rep->last_modified > -1) | |
479 | return 1; | |
480 | else if (!_peer) | |
481 | return 1; | |
482 | ||
483 | /* @?@ (here and 302): invalid expires header compiles to squid_curtime */ | |
484 | else if (rep->expires > -1) | |
485 | return 1; | |
486 | else | |
487 | return 0; | |
488 | ||
489 | /* NOTREACHED */ | |
490 | break; | |
491 | ||
492 | /* Responses that only are cacheable if the server says so */ | |
493 | ||
494 | case HTTP_MOVED_TEMPORARILY: | |
495 | case HTTP_TEMPORARY_REDIRECT: | |
496 | if (rep->expires > rep->date && rep->date > 0) | |
497 | return 1; | |
498 | else | |
499 | return 0; | |
500 | ||
501 | /* NOTREACHED */ | |
502 | break; | |
503 | ||
504 | /* Errors can be negatively cached */ | |
505 | ||
506 | case HTTP_NO_CONTENT: | |
507 | ||
508 | case HTTP_USE_PROXY: | |
509 | ||
510 | case HTTP_BAD_REQUEST: | |
511 | ||
512 | case HTTP_FORBIDDEN: | |
513 | ||
514 | case HTTP_NOT_FOUND: | |
515 | ||
516 | case HTTP_METHOD_NOT_ALLOWED: | |
517 | ||
518 | case HTTP_REQUEST_URI_TOO_LARGE: | |
519 | ||
520 | case HTTP_INTERNAL_SERVER_ERROR: | |
521 | ||
522 | case HTTP_NOT_IMPLEMENTED: | |
523 | ||
524 | case HTTP_BAD_GATEWAY: | |
525 | ||
526 | case HTTP_SERVICE_UNAVAILABLE: | |
527 | ||
528 | case HTTP_GATEWAY_TIMEOUT: | |
529 | return -1; | |
530 | ||
531 | /* NOTREACHED */ | |
532 | break; | |
533 | ||
534 | /* Some responses can never be cached */ | |
535 | ||
536 | case HTTP_PARTIAL_CONTENT: /* Not yet supported */ | |
537 | ||
538 | case HTTP_SEE_OTHER: | |
539 | ||
540 | case HTTP_NOT_MODIFIED: | |
541 | ||
542 | case HTTP_UNAUTHORIZED: | |
543 | ||
544 | case HTTP_PROXY_AUTHENTICATION_REQUIRED: | |
545 | ||
546 | case HTTP_INVALID_HEADER: /* Squid header parsing error */ | |
547 | ||
548 | case HTTP_HEADER_TOO_LARGE: | |
549 | ||
550 | case HTTP_PAYMENT_REQUIRED: | |
551 | case HTTP_NOT_ACCEPTABLE: | |
552 | case HTTP_REQUEST_TIMEOUT: | |
553 | case HTTP_CONFLICT: | |
554 | case HTTP_LENGTH_REQUIRED: | |
555 | case HTTP_PRECONDITION_FAILED: | |
556 | case HTTP_REQUEST_ENTITY_TOO_LARGE: | |
557 | case HTTP_UNSUPPORTED_MEDIA_TYPE: | |
558 | case HTTP_UNPROCESSABLE_ENTITY: | |
559 | case HTTP_LOCKED: | |
560 | case HTTP_FAILED_DEPENDENCY: | |
561 | case HTTP_INSUFFICIENT_STORAGE: | |
562 | case HTTP_REQUESTED_RANGE_NOT_SATISFIABLE: | |
563 | case HTTP_EXPECTATION_FAILED: | |
564 | ||
565 | return 0; | |
566 | ||
567 | default: /* Unknown status code */ | |
568 | debugs (11, 0, HERE << "HttpStateData::cacheableReply: unexpected http status code " << rep->sline.status); | |
569 | ||
570 | return 0; | |
571 | ||
572 | /* NOTREACHED */ | |
573 | break; | |
574 | } | |
575 | ||
576 | /* NOTREACHED */ | |
577 | } | |
578 | ||
579 | /* | |
580 | * For Vary, store the relevant request headers as | |
581 | * virtual headers in the reply | |
582 | * Returns false if the variance cannot be stored | |
583 | */ | |
584 | const char * | |
585 | httpMakeVaryMark(HttpRequest * request, HttpReply const * reply) | |
586 | { | |
587 | String vary, hdr; | |
588 | const char *pos = NULL; | |
589 | const char *item; | |
590 | const char *value; | |
591 | int ilen; | |
592 | static String vstr; | |
593 | ||
594 | vstr.clean(); | |
595 | vary = reply->header.getList(HDR_VARY); | |
596 | ||
597 | while (strListGetItem(&vary, ',', &item, &ilen, &pos)) { | |
598 | char *name = (char *)xmalloc(ilen + 1); | |
599 | xstrncpy(name, item, ilen + 1); | |
600 | Tolower(name); | |
601 | ||
602 | if (strcmp(name, "*") == 0) { | |
603 | /* Can not handle "Vary: *" withtout ETag support */ | |
604 | safe_free(name); | |
605 | vstr.clean(); | |
606 | break; | |
607 | } | |
608 | ||
609 | strListAdd(&vstr, name, ','); | |
610 | hdr = request->header.getByName(name); | |
611 | safe_free(name); | |
612 | value = hdr.buf(); | |
613 | ||
614 | if (value) { | |
615 | value = rfc1738_escape_part(value); | |
616 | vstr.append("=\"", 2); | |
617 | vstr.append(value); | |
618 | vstr.append("\"", 1); | |
619 | } | |
620 | ||
621 | hdr.clean(); | |
622 | } | |
623 | ||
624 | vary.clean(); | |
625 | #if X_ACCELERATOR_VARY | |
626 | ||
627 | pos = NULL; | |
628 | vary = reply->header.getList(HDR_X_ACCELERATOR_VARY); | |
629 | ||
630 | while (strListGetItem(&vary, ',', &item, &ilen, &pos)) { | |
631 | char *name = (char *)xmalloc(ilen + 1); | |
632 | xstrncpy(name, item, ilen + 1); | |
633 | Tolower(name); | |
634 | strListAdd(&vstr, name, ','); | |
635 | hdr = request->header.getByName(name); | |
636 | safe_free(name); | |
637 | value = hdr.buf(); | |
638 | ||
639 | if (value) { | |
640 | value = rfc1738_escape_part(value); | |
641 | vstr.append("=\"", 2); | |
642 | vstr.append(value); | |
643 | vstr.append("\"", 1); | |
644 | } | |
645 | ||
646 | hdr.clean(); | |
647 | } | |
648 | ||
649 | vary.clean(); | |
650 | #endif | |
651 | ||
652 | debugs(11, 3, "httpMakeVaryMark: " << vstr.buf()); | |
653 | return vstr.buf(); | |
654 | } | |
655 | ||
656 | void | |
657 | HttpStateData::keepaliveAccounting(HttpReply *reply) | |
658 | { | |
659 | if (flags.keepalive) | |
660 | if (_peer) | |
661 | _peer->stats.n_keepalives_sent++; | |
662 | ||
663 | if (reply->keep_alive) { | |
664 | if (_peer) | |
665 | _peer->stats.n_keepalives_recv++; | |
666 | ||
667 | if (Config.onoff.detect_broken_server_pconns && reply->bodySize(request->method) == -1) { | |
668 | debugs(11, 1, "keepaliveAccounting: Impossible keep-alive header from '" << entry->url() << "'" ); | |
669 | // debugs(11, 2, "GOT HTTP REPLY HDR:\n---------\n" << readBuf->content() << "\n----------" ); | |
670 | flags.keepalive_broken = 1; | |
671 | } | |
672 | } | |
673 | } | |
674 | ||
675 | void | |
676 | HttpStateData::checkDateSkew(HttpReply *reply) | |
677 | { | |
678 | if (reply->date > -1 && !_peer) { | |
679 | int skew = abs((int)(reply->date - squid_curtime)); | |
680 | ||
681 | if (skew > 86400) | |
682 | debugs(11, 3, "" << request->GetHost() << "'s clock is skewed by " << skew << " seconds!"); | |
683 | } | |
684 | } | |
685 | ||
686 | /* | |
687 | * This creates the error page itself.. its likely | |
688 | * that the forward ported reply header max size patch | |
689 | * generates non http conformant error pages - in which | |
690 | * case the errors where should be 'BAD_GATEWAY' etc | |
691 | */ | |
692 | void | |
693 | HttpStateData::processReplyHeader() | |
694 | { | |
695 | /* Creates a blank header. If this routine is made incremental, this will | |
696 | * not do | |
697 | */ | |
698 | Ctx ctx = ctx_enter(entry->mem_obj->url); | |
699 | debugs(11, 3, "processReplyHeader: key '" << entry->getMD5Text() << "'"); | |
700 | ||
701 | assert(!flags.headers_parsed); | |
702 | ||
703 | http_status error = HTTP_STATUS_NONE; | |
704 | ||
705 | HttpReply *newrep = new HttpReply; | |
706 | const bool parsed = newrep->parse(readBuf, eof, &error); | |
707 | ||
708 | if(!parsed && readBuf->contentSize() > 5 && strncmp(readBuf->content(), "HTTP/", 5) != 0){ | |
709 | MemBuf *mb; | |
710 | HttpReply *tmprep = new HttpReply; | |
711 | tmprep->sline.version = HttpVersion(1, 0); | |
712 | tmprep->sline.status = HTTP_OK; | |
713 | tmprep->header.putTime(HDR_DATE, squid_curtime); | |
714 | tmprep->header.putExt("X-Transformed-From", "HTTP/0.9"); | |
715 | mb = tmprep->pack(); | |
716 | newrep->parse(mb, eof, &error); | |
717 | delete tmprep; | |
718 | } | |
719 | else{ | |
720 | if (!parsed && error > 0) { // unrecoverable parsing error | |
721 | debugs(11, 3, "processReplyHeader: Non-HTTP-compliant header: '" << readBuf->content() << "'"); | |
722 | flags.headers_parsed = 1; | |
723 | newrep->sline.version = HttpVersion(1, 0); | |
724 | newrep->sline.status = error; | |
725 | HttpReply *vrep = setVirginReply(newrep); | |
726 | entry->replaceHttpReply(vrep); | |
727 | ctx_exit(ctx); | |
728 | return; | |
729 | } | |
730 | ||
731 | if (!parsed) { // need more data | |
732 | assert(!error); | |
733 | assert(!eof); | |
734 | delete newrep; | |
735 | ctx_exit(ctx); | |
736 | return; | |
737 | } | |
738 | ||
739 | debugs(11, 9, "GOT HTTP REPLY HDR:\n---------\n" << readBuf->content() << "\n----------"); | |
740 | ||
741 | header_bytes_read = headersEnd(readBuf->content(), readBuf->contentSize()); | |
742 | readBuf->consume(header_bytes_read); | |
743 | } | |
744 | ||
745 | flags.chunked = 0; | |
746 | if (newrep->header.hasListMember(HDR_TRANSFER_ENCODING, "chunked", ',')) { | |
747 | flags.chunked = 1; | |
748 | httpChunkDecoder = new ChunkedCodingParser; | |
749 | } | |
750 | ||
751 | HttpReply *vrep = setVirginReply(newrep); | |
752 | flags.headers_parsed = 1; | |
753 | ||
754 | keepaliveAccounting(vrep); | |
755 | ||
756 | checkDateSkew(vrep); | |
757 | ||
758 | processSurrogateControl (vrep); | |
759 | ||
760 | /* TODO: IF the reply is a 1.0 reply, AND it has a Connection: Header | |
761 | * Parse the header and remove all referenced headers | |
762 | */ | |
763 | ||
764 | ctx_exit(ctx); | |
765 | ||
766 | } | |
767 | ||
768 | // Called when we parsed (and possibly adapted) the headers but | |
769 | // had not starting storing (a.k.a., sending) the body yet. | |
770 | void | |
771 | HttpStateData::haveParsedReplyHeaders() | |
772 | { | |
773 | Ctx ctx = ctx_enter(entry->mem_obj->url); | |
774 | HttpReply *rep = finalReply(); | |
775 | ||
776 | if (rep->sline.status == HTTP_PARTIAL_CONTENT && | |
777 | rep->content_range) | |
778 | currentOffset = rep->content_range->spec.offset; | |
779 | ||
780 | entry->timestampsSet(); | |
781 | ||
782 | /* Check if object is cacheable or not based on reply code */ | |
783 | debugs(11, 3, "haveParsedReplyHeaders: HTTP CODE: " << rep->sline.status); | |
784 | ||
785 | if (neighbors_do_private_keys) | |
786 | httpMaybeRemovePublic(entry, rep->sline.status); | |
787 | ||
788 | if (rep->header.has(HDR_VARY) | |
789 | #if X_ACCELERATOR_VARY | |
790 | || rep->header.has(HDR_X_ACCELERATOR_VARY) | |
791 | #endif | |
792 | ) { | |
793 | const char *vary = httpMakeVaryMark(orig_request, rep); | |
794 | ||
795 | if (!vary) { | |
796 | entry->makePrivate(); | |
797 | goto no_cache; | |
798 | ||
799 | } | |
800 | ||
801 | entry->mem_obj->vary_headers = xstrdup(vary); | |
802 | } | |
803 | ||
804 | #if WIP_FWD_LOG | |
805 | fwdStatus(fwd, s); | |
806 | ||
807 | #endif | |
808 | /* | |
809 | * If its not a reply that we will re-forward, then | |
810 | * allow the client to get it. | |
811 | */ | |
812 | if (!fwd->reforwardableStatus(rep->sline.status)) | |
813 | EBIT_CLR(entry->flags, ENTRY_FWD_HDR_WAIT); | |
814 | ||
815 | switch (cacheableReply()) { | |
816 | ||
817 | case 1: | |
818 | entry->makePublic(); | |
819 | break; | |
820 | ||
821 | case 0: | |
822 | entry->makePrivate(); | |
823 | break; | |
824 | ||
825 | case -1: | |
826 | ||
827 | if (Config.negativeTtl > 0) | |
828 | entry->cacheNegatively(); | |
829 | else | |
830 | entry->makePrivate(); | |
831 | ||
832 | break; | |
833 | ||
834 | default: | |
835 | assert(0); | |
836 | ||
837 | break; | |
838 | } | |
839 | ||
840 | no_cache: | |
841 | ||
842 | if (!ignoreCacheControl && rep->cache_control) { | |
843 | if (EBIT_TEST(rep->cache_control->mask, CC_PROXY_REVALIDATE)) | |
844 | EBIT_SET(entry->flags, ENTRY_REVALIDATE); | |
845 | else if (EBIT_TEST(rep->cache_control->mask, CC_MUST_REVALIDATE)) | |
846 | EBIT_SET(entry->flags, ENTRY_REVALIDATE); | |
847 | } | |
848 | ||
849 | #if HEADERS_LOG | |
850 | headersLog(1, 0, request->method, rep); | |
851 | ||
852 | #endif | |
853 | ||
854 | ctx_exit(ctx); | |
855 | } | |
856 | ||
857 | HttpStateData::ConnectionStatus | |
858 | HttpStateData::statusIfComplete() const | |
859 | { | |
860 | const HttpReply *rep = virginReply(); | |
861 | /* If the reply wants to close the connection, it takes precedence */ | |
862 | ||
863 | if (httpHeaderHasConnDir(&rep->header, "close")) | |
864 | return COMPLETE_NONPERSISTENT_MSG; | |
865 | ||
866 | /* If we didn't send a keep-alive request header, then this | |
867 | * can not be a persistent connection. | |
868 | */ | |
869 | if (!flags.keepalive) | |
870 | return COMPLETE_NONPERSISTENT_MSG; | |
871 | ||
872 | /* | |
873 | * If we haven't sent the whole request then this can not be a persistent | |
874 | * connection. | |
875 | */ | |
876 | if (!flags.request_sent) { | |
877 | debugs(11, 1, "statusIfComplete: Request not yet fully sent \"" << RequestMethodStr(orig_request->method) << " " << entry->url() << "\"" ); | |
878 | return COMPLETE_NONPERSISTENT_MSG; | |
879 | } | |
880 | ||
881 | /* | |
882 | * What does the reply have to say about keep-alive? | |
883 | */ | |
884 | /* | |
885 | * XXX BUG? | |
886 | * If the origin server (HTTP/1.0) does not send a keep-alive | |
887 | * header, but keeps the connection open anyway, what happens? | |
888 | * We'll return here and http.c waits for an EOF before changing | |
889 | * store_status to STORE_OK. Combine this with ENTRY_FWD_HDR_WAIT | |
890 | * and an error status code, and we might have to wait until | |
891 | * the server times out the socket. | |
892 | */ | |
893 | if (!rep->keep_alive) | |
894 | return COMPLETE_NONPERSISTENT_MSG; | |
895 | ||
896 | return COMPLETE_PERSISTENT_MSG; | |
897 | } | |
898 | ||
899 | HttpStateData::ConnectionStatus | |
900 | HttpStateData::persistentConnStatus() const | |
901 | { | |
902 | debugs(11, 3, "persistentConnStatus: FD " << fd << " eof=" << eof); | |
903 | const HttpReply *vrep = virginReply(); | |
904 | debugs(11, 5, "persistentConnStatus: content_length=" << vrep->content_length); | |
905 | ||
906 | /* If we haven't seen the end of reply headers, we are not done */ | |
907 | debugs(11, 5, "persistentConnStatus: flags.headers_parsed=" << flags.headers_parsed); | |
908 | ||
909 | if (!flags.headers_parsed) | |
910 | return INCOMPLETE_MSG; | |
911 | ||
912 | /* In chunked responce we do not know the content length but we are absolutelly | |
913 | * sure about the end of response, so we are calling the statusIfComplete to | |
914 | * decide if we can be persistant | |
915 | */ | |
916 | if (eof && flags.chunked) | |
917 | return statusIfComplete(); | |
918 | ||
919 | if (eof) // already reached EOF | |
920 | return COMPLETE_NONPERSISTENT_MSG; | |
921 | ||
922 | const int64_t clen = vrep->bodySize(request->method); | |
923 | ||
924 | debugs(11, 5, "persistentConnStatus: clen=" << clen); | |
925 | ||
926 | /* If the body size is unknown we must wait for EOF */ | |
927 | if (clen < 0) | |
928 | return INCOMPLETE_MSG; | |
929 | ||
930 | /* If the body size is known, we must wait until we've gotten all of it. */ | |
931 | if (clen > 0) { | |
932 | // old technique: | |
933 | // if (entry->mem_obj->endOffset() < vrep->content_length + vrep->hdr_sz) | |
934 | const int64_t body_bytes_read = reply_bytes_read - header_bytes_read; | |
935 | debugs(11,5, "persistentConnStatus: body_bytes_read=" << | |
936 | body_bytes_read << " content_length=" << vrep->content_length); | |
937 | ||
938 | if (body_bytes_read < vrep->content_length) | |
939 | return INCOMPLETE_MSG; | |
940 | } | |
941 | ||
942 | /* If there is no message body or we got it all, we can be persistent */ | |
943 | return statusIfComplete(); | |
944 | } | |
945 | ||
946 | /* | |
947 | * This is the callback after some data has been read from the network | |
948 | */ | |
949 | void | |
950 | HttpStateData::ReadReplyWrapper(int fd, char *buf, size_t len, comm_err_t flag, int xerrno, void *data) | |
951 | { | |
952 | HttpStateData *httpState = static_cast<HttpStateData *>(data); | |
953 | assert (fd == httpState->fd); | |
954 | // assert(buf == readBuf->content()); | |
955 | PROF_start(HttpStateData_readReply); | |
956 | httpState->readReply (len, flag, xerrno); | |
957 | PROF_stop(HttpStateData_readReply); | |
958 | } | |
959 | ||
960 | /* XXX this function is too long! */ | |
961 | void | |
962 | HttpStateData::readReply (size_t len, comm_err_t flag, int xerrno) | |
963 | { | |
964 | int bin; | |
965 | int clen; | |
966 | flags.do_next_read = 0; | |
967 | ||
968 | debugs(11, 5, "httpReadReply: FD " << fd << ": len " << len << "."); | |
969 | ||
970 | // Bail out early on COMM_ERR_CLOSING - close handlers will tidy up for us | |
971 | if (flag == COMM_ERR_CLOSING) { | |
972 | debugs(11, 3, "http socket closing"); | |
973 | return; | |
974 | } | |
975 | ||
976 | if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) { | |
977 | maybeReadVirginBody(); | |
978 | return; | |
979 | } | |
980 | ||
981 | // handle I/O errors | |
982 | if (flag != COMM_OK || len < 0) { | |
983 | debugs(11, 2, "httpReadReply: FD " << fd << ": read failure: " << xstrerror() << "."); | |
984 | ||
985 | if (ignoreErrno(xerrno)) { | |
986 | flags.do_next_read = 1; | |
987 | } else { | |
988 | ErrorState *err; | |
989 | err = errorCon(ERR_READ_ERROR, HTTP_BAD_GATEWAY, fwd->request); | |
990 | err->xerrno = xerrno; | |
991 | fwd->fail(err); | |
992 | flags.do_next_read = 0; | |
993 | comm_close(fd); | |
994 | } | |
995 | ||
996 | return; | |
997 | } | |
998 | ||
999 | // update I/O stats | |
1000 | if (len > 0) { | |
1001 | readBuf->appended(len); | |
1002 | reply_bytes_read += len; | |
1003 | #if DELAY_POOLS | |
1004 | ||
1005 | DelayId delayId = entry->mem_obj->mostBytesAllowed(); | |
1006 | delayId.bytesIn(len); | |
1007 | #endif | |
1008 | ||
1009 | kb_incr(&statCounter.server.all.kbytes_in, len); | |
1010 | kb_incr(&statCounter.server.http.kbytes_in, len); | |
1011 | IOStats.Http.reads++; | |
1012 | ||
1013 | for (clen = len - 1, bin = 0; clen; bin++) | |
1014 | clen >>= 1; | |
1015 | ||
1016 | IOStats.Http.read_hist[bin]++; | |
1017 | } | |
1018 | ||
1019 | /* here the RFC says we should ignore whitespace between replies, but we can't as | |
1020 | * doing so breaks HTTP/0.9 replies beginning with witespace, and in addition | |
1021 | * the response splitting countermeasures is extremely likely to trigger on this, | |
1022 | * not allowing connection reuse in the first place. | |
1023 | */ | |
1024 | #if DONT_DO_THIS | |
1025 | if (!flags.headers_parsed && len > 0 && fd_table[fd].uses > 1) { | |
1026 | /* Skip whitespace between replies */ | |
1027 | ||
1028 | while (len > 0 && xisspace(*buf)) | |
1029 | xmemmove(buf, buf + 1, len--); | |
1030 | ||
1031 | if (len == 0) { | |
1032 | /* Continue to read... */ | |
1033 | /* Timeout NOT increased. This whitespace was from previous reply */ | |
1034 | flags.do_next_read = 1; | |
1035 | maybeReadVirginBody(); | |
1036 | return; | |
1037 | } | |
1038 | } | |
1039 | ||
1040 | #endif | |
1041 | ||
1042 | if (len == 0) { // reached EOF? | |
1043 | eof = 1; | |
1044 | flags.do_next_read = 0; | |
1045 | } | |
1046 | ||
1047 | if (!flags.headers_parsed) { // have not parsed headers yet? | |
1048 | PROF_start(HttpStateData_processReplyHeader); | |
1049 | processReplyHeader(); | |
1050 | PROF_stop(HttpStateData_processReplyHeader); | |
1051 | ||
1052 | if (!continueAfterParsingHeader()) // parsing error or need more data | |
1053 | return; // TODO: send errors to ICAP | |
1054 | ||
1055 | adaptOrFinalizeReply(); | |
1056 | } | |
1057 | ||
1058 | // kick more reads if needed and/or process the response body, if any | |
1059 | PROF_start(HttpStateData_processReplyBody); | |
1060 | processReplyBody(); // may call serverComplete() | |
1061 | PROF_stop(HttpStateData_processReplyBody); | |
1062 | } | |
1063 | ||
1064 | // Checks whether we can continue with processing the body or doing ICAP. | |
1065 | // Returns false if we cannot (e.g., due to lack of headers or errors). | |
1066 | bool | |
1067 | HttpStateData::continueAfterParsingHeader() | |
1068 | { | |
1069 | if (!flags.headers_parsed && !eof) { // need more and may get more | |
1070 | debugs(11, 9, HERE << "needs more at " << readBuf->contentSize()); | |
1071 | flags.do_next_read = 1; | |
1072 | maybeReadVirginBody(); // schedules all kinds of reads; TODO: rename | |
1073 | return false; // wait for more data | |
1074 | } | |
1075 | ||
1076 | /* we are done with parsing, now check for errors */ | |
1077 | ||
1078 | err_type error = ERR_NONE; | |
1079 | ||
1080 | if (flags.headers_parsed) { // parsed headers, possibly with errors | |
1081 | // check for header parsing errors | |
1082 | if (HttpReply *vrep = virginReply()) { | |
1083 | const http_status s = vrep->sline.status; | |
1084 | const HttpVersion &v = vrep->sline.version; | |
1085 | if (s == HTTP_INVALID_HEADER && v != HttpVersion(0,9)) { | |
1086 | error = ERR_INVALID_RESP; | |
1087 | } else | |
1088 | if (s == HTTP_HEADER_TOO_LARGE) { | |
1089 | fwd->dontRetry(true); | |
1090 | error = ERR_TOO_BIG; | |
1091 | } else { | |
1092 | return true; // done parsing, got reply, and no error | |
1093 | } | |
1094 | } else { | |
1095 | // parsed headers but got no reply | |
1096 | error = ERR_INVALID_RESP; | |
1097 | } | |
1098 | } else { | |
1099 | assert(eof); | |
1100 | error = readBuf->hasContent() ? | |
1101 | ERR_INVALID_RESP : ERR_ZERO_SIZE_OBJECT; | |
1102 | } | |
1103 | ||
1104 | assert(error != ERR_NONE); | |
1105 | entry->reset(); | |
1106 | fwd->fail(errorCon(error, HTTP_BAD_GATEWAY, fwd->request)); | |
1107 | flags.do_next_read = 0; | |
1108 | comm_close(fd); | |
1109 | return false; // quit on error | |
1110 | } | |
1111 | ||
1112 | /* | |
1113 | * Call this when there is data from the origin server | |
1114 | * which should be sent to either StoreEntry, or to ICAP... | |
1115 | */ | |
1116 | void | |
1117 | HttpStateData::writeReplyBody() | |
1118 | { | |
1119 | const char *data = readBuf->content(); | |
1120 | int len = readBuf->contentSize(); | |
1121 | addVirginReplyBody(data, len); | |
1122 | readBuf->consume(len); | |
1123 | } | |
1124 | ||
1125 | bool | |
1126 | HttpStateData::decodeAndWriteReplyBody() | |
1127 | { | |
1128 | const char *data = NULL; | |
1129 | int len; | |
1130 | bool status = false; | |
1131 | assert(flags.chunked); | |
1132 | assert(httpChunkDecoder); | |
1133 | SQUID_ENTER_THROWING_CODE(); | |
1134 | MemBuf decodedData; | |
1135 | decodedData.init(); | |
1136 | const bool done = httpChunkDecoder->parse(readBuf,&decodedData); | |
1137 | len = decodedData.contentSize(); | |
1138 | data=decodedData.content(); | |
1139 | addVirginReplyBody(data, len); | |
1140 | if (done) { | |
1141 | eof = 1; | |
1142 | flags.do_next_read = 0; | |
1143 | } | |
1144 | SQUID_EXIT_THROWING_CODE(status); | |
1145 | return status; | |
1146 | } | |
1147 | ||
1148 | /* | |
1149 | * processReplyBody has two purposes: | |
1150 | * 1 - take the reply body data, if any, and put it into either | |
1151 | * the StoreEntry, or give it over to ICAP. | |
1152 | * 2 - see if we made it to the end of the response (persistent | |
1153 | * connections and such) | |
1154 | */ | |
1155 | void | |
1156 | HttpStateData::processReplyBody() | |
1157 | { | |
1158 | ||
1159 | IPAddress client_addr; | |
1160 | ||
1161 | if (!flags.headers_parsed) { | |
1162 | flags.do_next_read = 1; | |
1163 | maybeReadVirginBody(); | |
1164 | return; | |
1165 | } | |
1166 | ||
1167 | #if ICAP_CLIENT | |
1168 | if (icapAccessCheckPending) | |
1169 | return; | |
1170 | ||
1171 | #endif | |
1172 | ||
1173 | /* | |
1174 | * At this point the reply headers have been parsed and consumed. | |
1175 | * That means header content has been removed from readBuf and | |
1176 | * it contains only body data. | |
1177 | */ | |
1178 | if(flags.chunked){ | |
1179 | if(!decodeAndWriteReplyBody()){ | |
1180 | flags.do_next_read = 0; | |
1181 | serverComplete(); | |
1182 | return; | |
1183 | } | |
1184 | } | |
1185 | else | |
1186 | writeReplyBody(); | |
1187 | ||
1188 | if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) { | |
1189 | /* | |
1190 | * the above writeReplyBody() call could ABORT this entry, | |
1191 | * in that case, the server FD should already be closed. | |
1192 | * there's nothing for us to do. | |
1193 | */ | |
1194 | (void) 0; | |
1195 | } else | |
1196 | switch (persistentConnStatus()) { | |
1197 | ||
1198 | case INCOMPLETE_MSG: | |
1199 | debugs(11, 5, "processReplyBody: INCOMPLETE_MSG"); | |
1200 | /* Wait for more data or EOF condition */ | |
1201 | ||
1202 | if (flags.keepalive_broken) { | |
1203 | commSetTimeout(fd, 10, NULL, NULL); | |
1204 | } else { | |
1205 | commSetTimeout(fd, Config.Timeout.read, NULL, NULL); | |
1206 | } | |
1207 | ||
1208 | flags.do_next_read = 1; | |
1209 | break; | |
1210 | ||
1211 | case COMPLETE_PERSISTENT_MSG: | |
1212 | debugs(11, 5, "processReplyBody: COMPLETE_PERSISTENT_MSG"); | |
1213 | /* yes we have to clear all these! */ | |
1214 | commSetTimeout(fd, -1, NULL, NULL); | |
1215 | flags.do_next_read = 0; | |
1216 | ||
1217 | comm_remove_close_handler(fd, httpStateFree, this); | |
1218 | fwd->unregister(fd); | |
1219 | #if LINUX_TPROXY | |
1220 | ||
1221 | if (orig_request->flags.tproxy) | |
1222 | client_addr = orig_request->client_addr; | |
1223 | ||
1224 | #endif | |
1225 | ||
1226 | if (_peer) { | |
1227 | if (_peer->options.originserver) | |
1228 | fwd->pconnPush(fd, _peer->name, orig_request->port, orig_request->GetHost(), client_addr); | |
1229 | else | |
1230 | fwd->pconnPush(fd, _peer->name, _peer->http_port, NULL, client_addr); | |
1231 | } else { | |
1232 | fwd->pconnPush(fd, request->GetHost(), request->port, NULL, client_addr); | |
1233 | } | |
1234 | ||
1235 | fd = -1; | |
1236 | ||
1237 | serverComplete(); | |
1238 | return; | |
1239 | ||
1240 | case COMPLETE_NONPERSISTENT_MSG: | |
1241 | debugs(11, 5, "processReplyBody: COMPLETE_NONPERSISTENT_MSG"); | |
1242 | serverComplete(); | |
1243 | return; | |
1244 | } | |
1245 | ||
1246 | maybeReadVirginBody(); | |
1247 | } | |
1248 | ||
1249 | void | |
1250 | HttpStateData::maybeReadVirginBody() | |
1251 | { | |
1252 | int read_sz = replyBodySpace(readBuf->spaceSize()); | |
1253 | ||
1254 | debugs(11,9, HERE << (flags.do_next_read ? "may" : "wont") << | |
1255 | " read up to " << read_sz << " bytes from FD " << fd); | |
1256 | ||
1257 | /* | |
1258 | * why <2? Because delayAwareRead() won't actually read if | |
1259 | * you ask it to read 1 byte. The delayed read request | |
1260 | * just gets re-queued until the client side drains, then | |
1261 | * the I/O thread hangs. Better to not register any read | |
1262 | * handler until we get a notification from someone that | |
1263 | * its okay to read again. | |
1264 | */ | |
1265 | if (read_sz < 2) { | |
1266 | if (flags.headers_parsed) | |
1267 | return; | |
1268 | else | |
1269 | read_sz = 1024; | |
1270 | } | |
1271 | ||
1272 | if (flags.do_next_read) { | |
1273 | flags.do_next_read = 0; | |
1274 | entry->delayAwareRead(fd, readBuf->space(read_sz), read_sz, ReadReplyWrapper, this); | |
1275 | } | |
1276 | } | |
1277 | ||
1278 | /* | |
1279 | * This will be called when request write is complete. | |
1280 | */ | |
1281 | void | |
1282 | HttpStateData::SendComplete(int fd, char *bufnotused, size_t size, comm_err_t errflag, int xerrno, void *data) | |
1283 | { | |
1284 | HttpStateData *httpState = static_cast<HttpStateData *>(data); | |
1285 | debugs(11, 5, "httpSendComplete: FD " << fd << ": size " << size << ": errflag " << errflag << "."); | |
1286 | #if URL_CHECKSUM_DEBUG | |
1287 | ||
1288 | entry->mem_obj->checkUrlChecksum(); | |
1289 | #endif | |
1290 | ||
1291 | if (size > 0) { | |
1292 | fd_bytes(fd, size, FD_WRITE); | |
1293 | kb_incr(&statCounter.server.all.kbytes_out, size); | |
1294 | kb_incr(&statCounter.server.http.kbytes_out, size); | |
1295 | } | |
1296 | ||
1297 | if (errflag == COMM_ERR_CLOSING) | |
1298 | return; | |
1299 | ||
1300 | if (errflag) { | |
1301 | ErrorState *err; | |
1302 | err = errorCon(ERR_WRITE_ERROR, HTTP_BAD_GATEWAY, httpState->fwd->request); | |
1303 | err->xerrno = xerrno; | |
1304 | httpState->fwd->fail(err); | |
1305 | comm_close(fd); | |
1306 | return; | |
1307 | } | |
1308 | ||
1309 | /* | |
1310 | * Set the read timeout here because it hasn't been set yet. | |
1311 | * We only set the read timeout after the request has been | |
1312 | * fully written to the server-side. If we start the timeout | |
1313 | * after connection establishment, then we are likely to hit | |
1314 | * the timeout for POST/PUT requests that have very large | |
1315 | * request bodies. | |
1316 | */ | |
1317 | commSetTimeout(fd, Config.Timeout.read, httpTimeout, httpState); | |
1318 | ||
1319 | httpState->flags.request_sent = 1; | |
1320 | } | |
1321 | ||
1322 | // Close the HTTP server connection. Used by serverComplete(). | |
1323 | void | |
1324 | HttpStateData::closeServer() | |
1325 | { | |
1326 | debugs(11,5, HERE << "closing HTTP server FD " << fd << " this " << this); | |
1327 | ||
1328 | if (fd >= 0) { | |
1329 | fwd->unregister(fd); | |
1330 | comm_remove_close_handler(fd, httpStateFree, this); | |
1331 | comm_close(fd); | |
1332 | fd = -1; | |
1333 | } | |
1334 | } | |
1335 | ||
1336 | bool | |
1337 | HttpStateData::doneWithServer() const | |
1338 | { | |
1339 | return fd < 0; | |
1340 | } | |
1341 | ||
1342 | /* | |
1343 | * build request headers and append them to a given MemBuf | |
1344 | * used by buildRequestPrefix() | |
1345 | * note: initialised the HttpHeader, the caller is responsible for Clean()-ing | |
1346 | */ | |
1347 | void | |
1348 | HttpStateData::httpBuildRequestHeader(HttpRequest * request, | |
1349 | HttpRequest * orig_request, | |
1350 | StoreEntry * entry, | |
1351 | HttpHeader * hdr_out, | |
1352 | http_state_flags flags) | |
1353 | { | |
1354 | /* building buffer for complex strings */ | |
1355 | #define BBUF_SZ (MAX_URL+32) | |
1356 | LOCAL_ARRAY(char, bbuf, BBUF_SZ); | |
1357 | const HttpHeader *hdr_in = &orig_request->header; | |
1358 | const HttpHeaderEntry *e; | |
1359 | String strFwd; | |
1360 | HttpHeaderPos pos = HttpHeaderInitPos; | |
1361 | assert (hdr_out->owner == hoRequest); | |
1362 | /* append our IMS header */ | |
1363 | ||
1364 | if (request->lastmod > -1) | |
1365 | hdr_out->putTime(HDR_IF_MODIFIED_SINCE, request->lastmod); | |
1366 | ||
1367 | bool we_do_ranges = decideIfWeDoRanges (orig_request); | |
1368 | ||
1369 | String strConnection (hdr_in->getList(HDR_CONNECTION)); | |
1370 | ||
1371 | while ((e = hdr_in->getEntry(&pos))) | |
1372 | copyOneHeaderFromClientsideRequestToUpstreamRequest(e, strConnection, request, orig_request, hdr_out, we_do_ranges, flags); | |
1373 | ||
1374 | /* Abstraction break: We should interpret multipart/byterange responses | |
1375 | * into offset-length data, and this works around our inability to do so. | |
1376 | */ | |
1377 | if (!we_do_ranges && orig_request->multipartRangeRequest()) { | |
1378 | /* don't cache the result */ | |
1379 | orig_request->flags.cachable = 0; | |
1380 | /* pretend it's not a range request */ | |
1381 | delete orig_request->range; | |
1382 | orig_request->range = NULL; | |
1383 | orig_request->flags.range = 0; | |
1384 | } | |
1385 | ||
1386 | /* append Via */ | |
1387 | if (Config.onoff.via) { | |
1388 | String strVia; | |
1389 | strVia = hdr_in->getList(HDR_VIA); | |
1390 | snprintf(bbuf, BBUF_SZ, "%d.%d %s", | |
1391 | orig_request->http_ver.major, | |
1392 | orig_request->http_ver.minor, ThisCache); | |
1393 | strListAdd(&strVia, bbuf, ','); | |
1394 | hdr_out->putStr(HDR_VIA, strVia.buf()); | |
1395 | strVia.clean(); | |
1396 | } | |
1397 | ||
1398 | #if USE_SQUID_ESI | |
1399 | { | |
1400 | /* Append Surrogate-Capabilities */ | |
1401 | String strSurrogate (hdr_in->getList(HDR_SURROGATE_CAPABILITY)); | |
1402 | snprintf(bbuf, BBUF_SZ, "%s=\"Surrogate/1.0 ESI/1.0\"", | |
1403 | Config.Accel.surrogate_id); | |
1404 | strListAdd(&strSurrogate, bbuf, ','); | |
1405 | hdr_out->putStr(HDR_SURROGATE_CAPABILITY, strSurrogate.buf()); | |
1406 | } | |
1407 | #endif | |
1408 | ||
1409 | /* append X-Forwarded-For */ | |
1410 | strFwd = hdr_in->getList(HDR_X_FORWARDED_FOR); | |
1411 | ||
1412 | if (opt_forwarded_for && !orig_request->client_addr.IsNoAddr()) { | |
1413 | orig_request->client_addr.NtoA(bbuf,MAX_IPSTRLEN); | |
1414 | strListAdd(&strFwd, bbuf, ','); | |
1415 | } | |
1416 | else | |
1417 | strListAdd(&strFwd, "unknown", ','); | |
1418 | ||
1419 | hdr_out->putStr(HDR_X_FORWARDED_FOR, strFwd.buf()); | |
1420 | ||
1421 | strFwd.clean(); | |
1422 | ||
1423 | /* append Host if not there already */ | |
1424 | if (!hdr_out->has(HDR_HOST)) { | |
1425 | if (orig_request->peer_domain) { | |
1426 | hdr_out->putStr(HDR_HOST, orig_request->peer_domain); | |
1427 | } else if (orig_request->port == urlDefaultPort(orig_request->protocol)) { | |
1428 | /* use port# only if not default */ | |
1429 | hdr_out->putStr(HDR_HOST, orig_request->GetHost()); | |
1430 | } else { | |
1431 | httpHeaderPutStrf(hdr_out, HDR_HOST, "%s:%d", | |
1432 | orig_request->GetHost(), | |
1433 | (int) orig_request->port); | |
1434 | } | |
1435 | } | |
1436 | ||
1437 | /* append Authorization if known in URL, not in header and going direct */ | |
1438 | if (!hdr_out->has(HDR_AUTHORIZATION)) { | |
1439 | if (!request->flags.proxying && *request->login) { | |
1440 | httpHeaderPutStrf(hdr_out, HDR_AUTHORIZATION, "Basic %s", | |
1441 | base64_encode(request->login)); | |
1442 | } | |
1443 | } | |
1444 | ||
1445 | /* append Proxy-Authorization if configured for peer, and proxying */ | |
1446 | if (request->flags.proxying && orig_request->peer_login && | |
1447 | !hdr_out->has(HDR_PROXY_AUTHORIZATION)) { | |
1448 | if (*orig_request->peer_login == '*') { | |
1449 | /* Special mode, to pass the username to the upstream cache */ | |
1450 | char loginbuf[256]; | |
1451 | const char *username = "-"; | |
1452 | ||
1453 | if (orig_request->extacl_user.size()) | |
1454 | username = orig_request->extacl_user.buf(); | |
1455 | else if (orig_request->auth_user_request) | |
1456 | username = orig_request->auth_user_request->username(); | |
1457 | ||
1458 | snprintf(loginbuf, sizeof(loginbuf), "%s%s", username, orig_request->peer_login + 1); | |
1459 | ||
1460 | httpHeaderPutStrf(hdr_out, HDR_PROXY_AUTHORIZATION, "Basic %s", | |
1461 | base64_encode(loginbuf)); | |
1462 | } else if (strcmp(orig_request->peer_login, "PASS") == 0) { | |
1463 | if (orig_request->extacl_user.size() && orig_request->extacl_passwd.size()) { | |
1464 | char loginbuf[256]; | |
1465 | snprintf(loginbuf, sizeof(loginbuf), "%s:%s", orig_request->extacl_user.buf(), orig_request->extacl_passwd.buf()); | |
1466 | httpHeaderPutStrf(hdr_out, HDR_PROXY_AUTHORIZATION, "Basic %s", | |
1467 | base64_encode(loginbuf)); | |
1468 | } | |
1469 | } else if (strcmp(orig_request->peer_login, "PROXYPASS") == 0) { | |
1470 | /* Nothing to do */ | |
1471 | } else { | |
1472 | httpHeaderPutStrf(hdr_out, HDR_PROXY_AUTHORIZATION, "Basic %s", | |
1473 | base64_encode(orig_request->peer_login)); | |
1474 | } | |
1475 | } | |
1476 | ||
1477 | /* append WWW-Authorization if configured for peer */ | |
1478 | if (flags.originpeer && orig_request->peer_login && | |
1479 | !hdr_out->has(HDR_AUTHORIZATION)) { | |
1480 | if (strcmp(orig_request->peer_login, "PASS") == 0) { | |
1481 | /* No credentials to forward.. (should have been done above if available) */ | |
1482 | } else if (strcmp(orig_request->peer_login, "PROXYPASS") == 0) { | |
1483 | /* Special mode, convert proxy authentication to WWW authentication | |
1484 | * (also applies to authentication provided by external acl) | |
1485 | */ | |
1486 | const char *auth = hdr_in->getStr(HDR_PROXY_AUTHORIZATION); | |
1487 | ||
1488 | if (auth && strncasecmp(auth, "basic ", 6) == 0) { | |
1489 | hdr_out->putStr(HDR_AUTHORIZATION, auth); | |
1490 | } else if (orig_request->extacl_user.size() && orig_request->extacl_passwd.size()) { | |
1491 | char loginbuf[256]; | |
1492 | snprintf(loginbuf, sizeof(loginbuf), "%s:%s", orig_request->extacl_user.buf(), orig_request->extacl_passwd.buf()); | |
1493 | httpHeaderPutStrf(hdr_out, HDR_AUTHORIZATION, "Basic %s", | |
1494 | base64_encode(loginbuf)); | |
1495 | } | |
1496 | } else if (*orig_request->peer_login == '*') { | |
1497 | /* Special mode, to pass the username to the upstream cache */ | |
1498 | char loginbuf[256]; | |
1499 | const char *username = "-"; | |
1500 | ||
1501 | if (orig_request->auth_user_request) | |
1502 | username = orig_request->auth_user_request->username(); | |
1503 | else if (orig_request->extacl_user.size()) | |
1504 | username = orig_request->extacl_user.buf(); | |
1505 | ||
1506 | snprintf(loginbuf, sizeof(loginbuf), "%s%s", username, orig_request->peer_login + 1); | |
1507 | ||
1508 | httpHeaderPutStrf(hdr_out, HDR_AUTHORIZATION, "Basic %s", | |
1509 | base64_encode(loginbuf)); | |
1510 | } else { | |
1511 | /* Fixed login string */ | |
1512 | httpHeaderPutStrf(hdr_out, HDR_AUTHORIZATION, "Basic %s", | |
1513 | base64_encode(orig_request->peer_login)); | |
1514 | } | |
1515 | } | |
1516 | ||
1517 | /* append Cache-Control, add max-age if not there already */ { | |
1518 | HttpHdrCc *cc = hdr_in->getCc(); | |
1519 | ||
1520 | if (!cc) | |
1521 | cc = httpHdrCcCreate(); | |
1522 | ||
1523 | if (!EBIT_TEST(cc->mask, CC_MAX_AGE)) { | |
1524 | const char *url = | |
1525 | entry ? entry->url() : urlCanonical(orig_request); | |
1526 | httpHdrCcSetMaxAge(cc, getMaxAge(url)); | |
1527 | ||
1528 | if (request->urlpath.size()) | |
1529 | assert(strstr(url, request->urlpath.buf())); | |
1530 | } | |
1531 | ||
1532 | /* Set no-cache if determined needed but not found */ | |
1533 | if (orig_request->flags.nocache && !hdr_in->has(HDR_PRAGMA)) | |
1534 | EBIT_SET(cc->mask, CC_NO_CACHE); | |
1535 | ||
1536 | /* Enforce sibling relations */ | |
1537 | if (flags.only_if_cached) | |
1538 | EBIT_SET(cc->mask, CC_ONLY_IF_CACHED); | |
1539 | ||
1540 | hdr_out->putCc(cc); | |
1541 | ||
1542 | httpHdrCcDestroy(cc); | |
1543 | } | |
1544 | ||
1545 | /* maybe append Connection: keep-alive */ | |
1546 | if (flags.keepalive) { | |
1547 | if (flags.proxying) { | |
1548 | hdr_out->putStr(HDR_PROXY_CONNECTION, "keep-alive"); | |
1549 | } else { | |
1550 | hdr_out->putStr(HDR_CONNECTION, "keep-alive"); | |
1551 | } | |
1552 | } | |
1553 | ||
1554 | /* append Front-End-Https */ | |
1555 | if (flags.front_end_https) { | |
1556 | if (flags.front_end_https == 1 || request->protocol == PROTO_HTTPS) | |
1557 | hdr_out->putStr(HDR_FRONT_END_HTTPS, "On"); | |
1558 | } | |
1559 | ||
1560 | /* Now mangle the headers. */ | |
1561 | if (Config2.onoff.mangle_request_headers) | |
1562 | httpHdrMangleList(hdr_out, request, ROR_REQUEST); | |
1563 | ||
1564 | strConnection.clean(); | |
1565 | } | |
1566 | ||
1567 | void | |
1568 | copyOneHeaderFromClientsideRequestToUpstreamRequest(const HttpHeaderEntry *e, String strConnection, HttpRequest * request, HttpRequest * orig_request, HttpHeader * hdr_out, int we_do_ranges, http_state_flags flags) | |
1569 | { | |
1570 | debugs(11, 5, "httpBuildRequestHeader: " << e->name.buf() << ": " << e->value.buf()); | |
1571 | ||
1572 | if (!httpRequestHdrAllowed(e, &strConnection)) { | |
1573 | debugs(11, 2, "'" << e->name.buf() << "' header denied by anonymize_headers configuration"); | |
1574 | return; | |
1575 | } | |
1576 | ||
1577 | switch (e->id) { | |
1578 | ||
1579 | case HDR_PROXY_AUTHORIZATION: | |
1580 | /* Only pass on proxy authentication to peers for which | |
1581 | * authentication forwarding is explicitly enabled | |
1582 | */ | |
1583 | ||
1584 | if (flags.proxying && orig_request->peer_login && | |
1585 | (strcmp(orig_request->peer_login, "PASS") == 0 || | |
1586 | strcmp(orig_request->peer_login, "PROXYPASS") == 0)) { | |
1587 | hdr_out->addEntry(e->clone()); | |
1588 | } | |
1589 | ||
1590 | break; | |
1591 | ||
1592 | case HDR_AUTHORIZATION: | |
1593 | /* Pass on WWW authentication */ | |
1594 | ||
1595 | if (!flags.originpeer) { | |
1596 | hdr_out->addEntry(e->clone()); | |
1597 | } else { | |
1598 | /* In accelerators, only forward authentication if enabled | |
1599 | * (see also below for proxy->server authentication) | |
1600 | */ | |
1601 | ||
1602 | if (orig_request->peer_login && | |
1603 | (strcmp(orig_request->peer_login, "PASS") == 0 || | |
1604 | strcmp(orig_request->peer_login, "PROXYPASS") == 0)) { | |
1605 | hdr_out->addEntry(e->clone()); | |
1606 | } | |
1607 | } | |
1608 | ||
1609 | break; | |
1610 | ||
1611 | case HDR_HOST: | |
1612 | /* | |
1613 | * Normally Squid rewrites the Host: header. | |
1614 | * However, there is one case when we don't: If the URL | |
1615 | * went through our redirector and the admin configured | |
1616 | * 'redir_rewrites_host' to be off. | |
1617 | */ | |
1618 | ||
1619 | if (request->flags.redirected && !Config.onoff.redir_rewrites_host) | |
1620 | hdr_out->addEntry(e->clone()); | |
1621 | else { | |
1622 | /* use port# only if not default */ | |
1623 | ||
1624 | if (orig_request->port == urlDefaultPort(orig_request->protocol)) { | |
1625 | hdr_out->putStr(HDR_HOST, orig_request->GetHost()); | |
1626 | } else { | |
1627 | httpHeaderPutStrf(hdr_out, HDR_HOST, "%s:%d", | |
1628 | orig_request->GetHost(), | |
1629 | (int) orig_request->port); | |
1630 | } | |
1631 | } | |
1632 | ||
1633 | break; | |
1634 | ||
1635 | case HDR_IF_MODIFIED_SINCE: | |
1636 | /* append unless we added our own; | |
1637 | * note: at most one client's ims header can pass through */ | |
1638 | ||
1639 | if (!hdr_out->has(HDR_IF_MODIFIED_SINCE)) | |
1640 | hdr_out->addEntry(e->clone()); | |
1641 | ||
1642 | break; | |
1643 | ||
1644 | case HDR_MAX_FORWARDS: | |
1645 | if (orig_request->method == METHOD_TRACE) { | |
1646 | const int hops = e->getInt(); | |
1647 | ||
1648 | if (hops > 0) | |
1649 | hdr_out->putInt(HDR_MAX_FORWARDS, hops - 1); | |
1650 | } | |
1651 | ||
1652 | break; | |
1653 | ||
1654 | case HDR_VIA: | |
1655 | /* If Via is disabled then forward any received header as-is */ | |
1656 | ||
1657 | if (!Config.onoff.via) | |
1658 | hdr_out->addEntry(e->clone()); | |
1659 | ||
1660 | break; | |
1661 | ||
1662 | case HDR_RANGE: | |
1663 | ||
1664 | case HDR_IF_RANGE: | |
1665 | ||
1666 | case HDR_REQUEST_RANGE: | |
1667 | if (!we_do_ranges) | |
1668 | hdr_out->addEntry(e->clone()); | |
1669 | ||
1670 | break; | |
1671 | ||
1672 | case HDR_PROXY_CONNECTION: | |
1673 | ||
1674 | case HDR_CONNECTION: | |
1675 | ||
1676 | case HDR_X_FORWARDED_FOR: | |
1677 | ||
1678 | case HDR_CACHE_CONTROL: | |
1679 | /* append these after the loop if needed */ | |
1680 | break; | |
1681 | ||
1682 | case HDR_FRONT_END_HTTPS: | |
1683 | if (!flags.front_end_https) | |
1684 | hdr_out->addEntry(e->clone()); | |
1685 | ||
1686 | break; | |
1687 | ||
1688 | default: | |
1689 | /* pass on all other header fields */ | |
1690 | hdr_out->addEntry(e->clone()); | |
1691 | } | |
1692 | } | |
1693 | ||
1694 | bool | |
1695 | HttpStateData::decideIfWeDoRanges (HttpRequest * orig_request) | |
1696 | { | |
1697 | bool result = true; | |
1698 | /* decide if we want to do Ranges ourselves | |
1699 | * and fetch the whole object now) | |
1700 | * We want to handle Ranges ourselves iff | |
1701 | * - we can actually parse client Range specs | |
1702 | * - the specs are expected to be simple enough (e.g. no out-of-order ranges) | |
1703 | * - reply will be cachable | |
1704 | * (If the reply will be uncachable we have to throw it away after | |
1705 | * serving this request, so it is better to forward ranges to | |
1706 | * the server and fetch only the requested content) | |
1707 | */ | |
1708 | ||
1709 | if (NULL == orig_request->range || !orig_request->flags.cachable | |
1710 | || orig_request->range->offsetLimitExceeded()) | |
1711 | result = false; | |
1712 | ||
1713 | debugs(11, 8, "decideIfWeDoRanges: range specs: " << | |
1714 | orig_request->range << ", cachable: " << | |
1715 | orig_request->flags.cachable << "; we_do_ranges: " << result); | |
1716 | ||
1717 | return result; | |
1718 | } | |
1719 | ||
1720 | /* build request prefix and append it to a given MemBuf; | |
1721 | * return the length of the prefix */ | |
1722 | mb_size_t | |
1723 | HttpStateData::buildRequestPrefix(HttpRequest * request, | |
1724 | HttpRequest * orig_request, | |
1725 | StoreEntry * entry, | |
1726 | MemBuf * mb, | |
1727 | http_state_flags flags) | |
1728 | { | |
1729 | const int offset = mb->size; | |
1730 | HttpVersion httpver(1, 0); | |
1731 | mb->Printf("%s %s HTTP/%d.%d\r\n", | |
1732 | RequestMethodStr(request->method), | |
1733 | request->urlpath.size() ? request->urlpath.buf() : "/", | |
1734 | httpver.major,httpver.minor); | |
1735 | /* build and pack headers */ | |
1736 | { | |
1737 | HttpHeader hdr(hoRequest); | |
1738 | Packer p; | |
1739 | httpBuildRequestHeader(request, orig_request, entry, &hdr, flags); | |
1740 | packerToMemInit(&p, mb); | |
1741 | hdr.packInto(&p); | |
1742 | hdr.clean(); | |
1743 | packerClean(&p); | |
1744 | } | |
1745 | /* append header terminator */ | |
1746 | mb->append(crlf, 2); | |
1747 | return mb->size - offset; | |
1748 | } | |
1749 | ||
1750 | /* This will be called when connect completes. Write request. */ | |
1751 | bool | |
1752 | HttpStateData::sendRequest() | |
1753 | { | |
1754 | MemBuf mb; | |
1755 | ||
1756 | debugs(11, 5, "httpSendRequest: FD " << fd << ", request " << request << ", this " << this << "."); | |
1757 | ||
1758 | commSetTimeout(fd, Config.Timeout.lifetime, httpTimeout, this); | |
1759 | flags.do_next_read = 1; | |
1760 | maybeReadVirginBody(); | |
1761 | ||
1762 | if (orig_request->body_pipe != NULL) { | |
1763 | if (!startRequestBodyFlow()) // register to receive body data | |
1764 | return false; | |
1765 | requestSender = HttpStateData::sentRequestBodyWrapper; | |
1766 | } else { | |
1767 | assert(!requestBodySource); | |
1768 | requestSender = HttpStateData::SendComplete; | |
1769 | } | |
1770 | ||
1771 | if (_peer != NULL) { | |
1772 | if (_peer->options.originserver) { | |
1773 | flags.proxying = 0; | |
1774 | flags.originpeer = 1; | |
1775 | } else { | |
1776 | flags.proxying = 1; | |
1777 | flags.originpeer = 0; | |
1778 | } | |
1779 | } else { | |
1780 | flags.proxying = 0; | |
1781 | flags.originpeer = 0; | |
1782 | } | |
1783 | ||
1784 | /* | |
1785 | * Is keep-alive okay for all request methods? | |
1786 | */ | |
1787 | if (!Config.onoff.server_pconns) | |
1788 | flags.keepalive = 0; | |
1789 | else if (_peer == NULL) | |
1790 | flags.keepalive = 1; | |
1791 | else if (_peer->stats.n_keepalives_sent < 10) | |
1792 | flags.keepalive = 1; | |
1793 | else if ((double) _peer->stats.n_keepalives_recv / | |
1794 | (double) _peer->stats.n_keepalives_sent > 0.50) | |
1795 | flags.keepalive = 1; | |
1796 | ||
1797 | if (_peer) { | |
1798 | if (neighborType(_peer, request) == PEER_SIBLING && | |
1799 | !_peer->options.allow_miss) | |
1800 | flags.only_if_cached = 1; | |
1801 | ||
1802 | flags.front_end_https = _peer->front_end_https; | |
1803 | } | |
1804 | ||
1805 | mb.init(); | |
1806 | buildRequestPrefix(request, orig_request, entry, &mb, flags); | |
1807 | debugs(11, 6, "httpSendRequest: FD " << fd << ":\n" << mb.buf); | |
1808 | comm_write_mbuf(fd, &mb, requestSender, this); | |
1809 | ||
1810 | return true; | |
1811 | } | |
1812 | ||
1813 | void | |
1814 | httpStart(FwdState *fwd) | |
1815 | { | |
1816 | debugs(11, 3, "httpStart: \"" << RequestMethodStr(fwd->request->method) << " " << fwd->entry->url() << "\"" ); | |
1817 | HttpStateData *httpState = new HttpStateData(fwd); | |
1818 | ||
1819 | if (!httpState->sendRequest()) { | |
1820 | debugs(11, 3, "httpStart: aborted"); | |
1821 | delete httpState; | |
1822 | return; | |
1823 | } | |
1824 | ||
1825 | statCounter.server.all.requests++; | |
1826 | statCounter.server.http.requests++; | |
1827 | ||
1828 | /* | |
1829 | * We used to set the read timeout here, but not any more. | |
1830 | * Now its set in httpSendComplete() after the full request, | |
1831 | * including request body, has been written to the server. | |
1832 | */ | |
1833 | } | |
1834 | ||
1835 | void | |
1836 | HttpStateData::doneSendingRequestBody() | |
1837 | { | |
1838 | ACLChecklist ch; | |
1839 | debugs(11,5, HERE << "doneSendingRequestBody: FD " << fd); | |
1840 | ch.request = HTTPMSGLOCK(request); | |
1841 | ||
1842 | if (Config.accessList.brokenPosts) | |
1843 | ch.accessList = cbdataReference(Config.accessList.brokenPosts); | |
1844 | ||
1845 | /* cbdataReferenceDone() happens in either fastCheck() or ~ACLCheckList */ | |
1846 | ||
1847 | if (!Config.accessList.brokenPosts) { | |
1848 | debugs(11, 5, "doneSendingRequestBody: No brokenPosts list"); | |
1849 | HttpStateData::SendComplete(fd, NULL, 0, COMM_OK, 0, this); | |
1850 | } else if (!ch.fastCheck()) { | |
1851 | debugs(11, 5, "doneSendingRequestBody: didn't match brokenPosts"); | |
1852 | HttpStateData::SendComplete(fd, NULL, 0, COMM_OK, 0, this); | |
1853 | } else { | |
1854 | debugs(11, 2, "doneSendingRequestBody: matched brokenPosts"); | |
1855 | comm_write(fd, "\r\n", 2, HttpStateData::SendComplete, this, NULL); | |
1856 | } | |
1857 | } | |
1858 | ||
1859 | // more origin request body data is available | |
1860 | void | |
1861 | HttpStateData::handleMoreRequestBodyAvailable() | |
1862 | { | |
1863 | if (eof || fd < 0) { | |
1864 | // XXX: we should check this condition in other callbacks then! | |
1865 | // TODO: Check whether this can actually happen: We should unsubscribe | |
1866 | // as a body consumer when the above condition(s) are detected. | |
1867 | debugs(11, 1, HERE << "Transaction aborted while reading HTTP body"); | |
1868 | return; | |
1869 | } | |
1870 | ||
1871 | assert(requestBodySource != NULL); | |
1872 | ||
1873 | if (requestBodySource->buf().hasContent()) { | |
1874 | // XXX: why does not this trigger a debug message on every request? | |
1875 | ||
1876 | if (flags.headers_parsed && !flags.abuse_detected) { | |
1877 | flags.abuse_detected = 1; | |
1878 | debugs(11, 1, "http handleMoreRequestBodyAvailable: Likely proxy abuse detected '" << orig_request->client_addr << "' -> '" << entry->url() << "'" ); | |
1879 | ||
1880 | if (virginReply()->sline.status == HTTP_INVALID_HEADER) { | |
1881 | comm_close(fd); | |
1882 | return; | |
1883 | } | |
1884 | } | |
1885 | } | |
1886 | ||
1887 | HttpStateData::handleMoreRequestBodyAvailable(); | |
1888 | } | |
1889 | ||
1890 | // premature end of the request body | |
1891 | void | |
1892 | HttpStateData::handleRequestBodyProducerAborted() | |
1893 | { | |
1894 | ServerStateData::handleRequestBodyProducerAborted(); | |
1895 | // XXX: SendComplete(COMM_ERR_CLOSING) does little. Is it enough? | |
1896 | SendComplete(fd, NULL, 0, COMM_ERR_CLOSING, 0, this); | |
1897 | } | |
1898 | ||
1899 | // called when we wrote request headers(!) or a part of the body | |
1900 | void | |
1901 | HttpStateData::sentRequestBody(int fd, size_t size, comm_err_t errflag) | |
1902 | { | |
1903 | if (size > 0) | |
1904 | kb_incr(&statCounter.server.http.kbytes_out, size); | |
1905 | ||
1906 | ServerStateData::sentRequestBody(fd, size, errflag); | |
1907 | } | |
1908 | ||
1909 | // Quickly abort the transaction | |
1910 | // TODO: destruction should be sufficient as the destructor should cleanup, | |
1911 | // including canceling close handlers | |
1912 | void | |
1913 | HttpStateData::abortTransaction(const char *reason) | |
1914 | { | |
1915 | debugs(11,5, HERE << "aborting transaction for " << reason << | |
1916 | "; FD " << fd << ", this " << this); | |
1917 | ||
1918 | if (fd >= 0) { | |
1919 | comm_close(fd); | |
1920 | return; | |
1921 | } | |
1922 | ||
1923 | fwd->handleUnregisteredServerEnd(); | |
1924 | delete this; | |
1925 | } | |
1926 | ||
1927 | void | |
1928 | httpBuildVersion(HttpVersion * version, unsigned int major, unsigned int minor) | |
1929 | { | |
1930 | version->major = major; | |
1931 | version->minor = minor; | |
1932 | } | |
1933 | ||
1934 | HttpRequest * | |
1935 | HttpStateData::originalRequest() | |
1936 | { | |
1937 | return orig_request; | |
1938 | } |