]> git.ipfire.org Git - thirdparty/squid.git/blob - src/HttpHeader.cc
projects / thirdparty / squid.git / blob
? search:


56eb4b32e61dcf039829cada933ee8a5b59a172e
[thirdparty/squid.git] / src / HttpHeader.cc
1 /*
2 * DEBUG: section 55 HTTP Header
3 * AUTHOR: Alex Rousskov
4 *
5 * SQUID Web Proxy Cache http://www.squid-cache.org/
6 * ----------------------------------------------------------
7 *
8 * Squid is the result of efforts by numerous individuals from
9 * the Internet community; see the CONTRIBUTORS file for full
10 * details. Many organizations have provided support for Squid's
11 * development; see the SPONSORS file for full details. Squid is
12 * Copyrighted (C) 2001 by the Regents of the University of
13 * California; see the COPYRIGHT file for full details. Squid
14 * incorporates software developed and/or copyrighted by other
15 * sources; see the CREDITS file for full details.
16 *
17 * This program is free software; you can redistribute it and/or modify
18 * it under the terms of the GNU General Public License as published by
19 * the Free Software Foundation; either version 2 of the License, or
20 * (at your option) any later version.
21 *
22 * This program is distributed in the hope that it will be useful,
23 * but WITHOUT ANY WARRANTY; without even the implied warranty of
24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 * GNU General Public License for more details.
26 *
27 * You should have received a copy of the GNU General Public License
28 * along with this program; if not, write to the Free Software
29 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
30 */
31
32 #include "squid.h"
33 #include "base64.h"
34 #include "globals.h"
35 #include "HttpHdrCc.h"
36 #include "HttpHdrContRange.h"
37 #include "HttpHdrSc.h"
38 #include "HttpHeader.h"
39 #include "HttpHeaderFieldInfo.h"
40 #include "HttpHeaderStat.h"
41 #include "HttpHeaderTools.h"
42 #include "MemBuf.h"
43 #include "mgr/Registration.h"
44 #include "profiler/Profiler.h"
45 #include "rfc1123.h"
46 #include "SquidConfig.h"
47 #include "SquidString.h"
48 #include "StatHist.h"
49 #include "Store.h"
50 #include "StrList.h"
51 #include "TimeOrTag.h"
52
53 #include <algorithm>
54
55 /* XXX: the whole set of API managing the entries vector should be rethought
56 * after the parse4r-ng effort is complete.
57 */
58
59 /*
60 * On naming conventions:
61 *
62 * HTTP/1.1 defines message-header as
63 *
64 * message-header = field-name ":" [ field-value ] CRLF
65 * field-name = token
66 * field-value = *( field-content | LWS )
67 *
68 * HTTP/1.1 does not give a name name a group of all message-headers in a message.
69 * Squid 1.1 seems to refer to that group _plus_ start-line as "headers".
70 *
71 * HttpHeader is an object that represents all message-headers in a message.
72 * HttpHeader does not manage start-line.
73 *
74 * HttpHeader is implemented as a collection of header "entries".
75 * An entry is a (field_id, field_name, field_value) triplet.
76 */
77
78 /*
79 * local constants and vars
80 */
81
82 /*
83 * A table with major attributes for every known field.
84 * We calculate name lengths and reorganize this array on start up.
85 * After reorganization, field id can be used as an index to the table.
86 */
87 static const HttpHeaderFieldAttrs HeadersAttrs[] = {
88 {"Accept", HDR_ACCEPT, ftStr},
89
90 {"Accept-Charset", HDR_ACCEPT_CHARSET, ftStr},
91 {"Accept-Encoding", HDR_ACCEPT_ENCODING, ftStr},
92 {"Accept-Language", HDR_ACCEPT_LANGUAGE, ftStr},
93 {"Accept-Ranges", HDR_ACCEPT_RANGES, ftStr},
94 {"Age", HDR_AGE, ftInt},
95 {"Allow", HDR_ALLOW, ftStr},
96 {"Authorization", HDR_AUTHORIZATION, ftStr}, /* for now */
97 {"Cache-Control", HDR_CACHE_CONTROL, ftPCc},
98 {"Connection", HDR_CONNECTION, ftStr},
99 {"Content-Base", HDR_CONTENT_BASE, ftStr},
100 {"Content-Disposition", HDR_CONTENT_DISPOSITION, ftStr}, /* for now */
101 {"Content-Encoding", HDR_CONTENT_ENCODING, ftStr},
102 {"Content-Language", HDR_CONTENT_LANGUAGE, ftStr},
103 {"Content-Length", HDR_CONTENT_LENGTH, ftInt64},
104 {"Content-Location", HDR_CONTENT_LOCATION, ftStr},
105 {"Content-MD5", HDR_CONTENT_MD5, ftStr}, /* for now */
106 {"Content-Range", HDR_CONTENT_RANGE, ftPContRange},
107 {"Content-Type", HDR_CONTENT_TYPE, ftStr},
108 {"Cookie", HDR_COOKIE, ftStr},
109 {"Cookie2", HDR_COOKIE2, ftStr},
110 {"Date", HDR_DATE, ftDate_1123},
111 {"ETag", HDR_ETAG, ftETag},
112 {"Expect", HDR_EXPECT, ftStr},
113 {"Expires", HDR_EXPIRES, ftDate_1123},
114 {"From", HDR_FROM, ftStr},
115 {"Host", HDR_HOST, ftStr},
116 {"HTTP2-Settings", HDR_HTTP2_SETTINGS, ftStr}, /* for now */
117 {"If-Match", HDR_IF_MATCH, ftStr}, /* for now */
118 {"If-Modified-Since", HDR_IF_MODIFIED_SINCE, ftDate_1123},
119 {"If-None-Match", HDR_IF_NONE_MATCH, ftStr}, /* for now */
120 {"If-Range", HDR_IF_RANGE, ftDate_1123_or_ETag},
121 {"Keep-Alive", HDR_KEEP_ALIVE, ftStr},
122 {"Key", HDR_KEY, ftStr},
123 {"Last-Modified", HDR_LAST_MODIFIED, ftDate_1123},
124 {"Link", HDR_LINK, ftStr},
125 {"Location", HDR_LOCATION, ftStr},
126 {"Max-Forwards", HDR_MAX_FORWARDS, ftInt64},
127 {"Mime-Version", HDR_MIME_VERSION, ftStr}, /* for now */
128 {"Negotiate", HDR_NEGOTIATE, ftStr},
129 {"Origin", HDR_ORIGIN, ftStr},
130 {"Pragma", HDR_PRAGMA, ftStr},
131 {"Proxy-Authenticate", HDR_PROXY_AUTHENTICATE, ftStr},
132 {"Proxy-Authentication-Info", HDR_PROXY_AUTHENTICATION_INFO, ftStr},
133 {"Proxy-Authorization", HDR_PROXY_AUTHORIZATION, ftStr},
134 {"Proxy-Connection", HDR_PROXY_CONNECTION, ftStr},
135 {"Proxy-support", HDR_PROXY_SUPPORT, ftStr},
136 {"Public", HDR_PUBLIC, ftStr},
137 {"Range", HDR_RANGE, ftPRange},
138 {"Referer", HDR_REFERER, ftStr},
139 {"Request-Range", HDR_REQUEST_RANGE, ftPRange}, /* usually matches HDR_RANGE */
140 {"Retry-After", HDR_RETRY_AFTER, ftStr}, /* for now (ftDate_1123 or ftInt!) */
141 {"Server", HDR_SERVER, ftStr},
142 {"Set-Cookie", HDR_SET_COOKIE, ftStr},
143 {"Set-Cookie2", HDR_SET_COOKIE2, ftStr},
144 {"TE", HDR_TE, ftStr},
145 {"Title", HDR_TITLE, ftStr},
146 {"Trailer", HDR_TRAILER, ftStr},
147 {"Transfer-Encoding", HDR_TRANSFER_ENCODING, ftStr},
148 {"Translate", HDR_TRANSLATE, ftStr}, /* for now. may need to crop */
149 {"Unless-Modified-Since", HDR_UNLESS_MODIFIED_SINCE, ftStr}, /* for now ignore. may need to crop */
150 {"Upgrade", HDR_UPGRADE, ftStr}, /* for now */
151 {"User-Agent", HDR_USER_AGENT, ftStr},
152 {"Vary", HDR_VARY, ftStr}, /* for now */
153 {"Via", HDR_VIA, ftStr}, /* for now */
154 {"Warning", HDR_WARNING, ftStr}, /* for now */
155 {"WWW-Authenticate", HDR_WWW_AUTHENTICATE, ftStr},
156 {"Authentication-Info", HDR_AUTHENTICATION_INFO, ftStr},
157 {"X-Cache", HDR_X_CACHE, ftStr},
158 {"X-Cache-Lookup", HDR_X_CACHE_LOOKUP, ftStr},
159 {"X-Forwarded-For", HDR_X_FORWARDED_FOR, ftStr},
160 {"X-Request-URI", HDR_X_REQUEST_URI, ftStr},
161 {"X-Squid-Error", HDR_X_SQUID_ERROR, ftStr},
162 #if X_ACCELERATOR_VARY
163 {"X-Accelerator-Vary", HDR_X_ACCELERATOR_VARY, ftStr},
164 #endif
165 #if USE_ADAPTATION
166 {"X-Next-Services", HDR_X_NEXT_SERVICES, ftStr},
167 #endif
168 {"Surrogate-Capability", HDR_SURROGATE_CAPABILITY, ftStr},
169 {"Surrogate-Control", HDR_SURROGATE_CONTROL, ftPSc},
170 {"Front-End-Https", HDR_FRONT_END_HTTPS, ftStr},
171 {"Other:", HDR_OTHER, ftStr} /* ':' will not allow matches */
172 };
173
174 static HttpHeaderFieldInfo *Headers = NULL;
175
176 http_hdr_type &operator++ (http_hdr_type &aHeader)
177 {
178 int tmp = (int)aHeader;
179 aHeader = (http_hdr_type)(++tmp);
180 return aHeader;
181 }
182
183 /*
184 * headers with field values defined as #(values) in HTTP/1.1
185 * Headers that are currently not recognized, are commented out.
186 */
187 static HttpHeaderMask ListHeadersMask; /* set run-time using ListHeadersArr */
188 static http_hdr_type ListHeadersArr[] = {
189 HDR_ACCEPT,
190 HDR_ACCEPT_CHARSET, HDR_ACCEPT_ENCODING, HDR_ACCEPT_LANGUAGE,
191 HDR_ACCEPT_RANGES, HDR_ALLOW,
192 HDR_CACHE_CONTROL,
193 HDR_CONTENT_ENCODING,
194 HDR_CONTENT_LANGUAGE,
195 HDR_CONNECTION,
196 HDR_EXPECT,
197 HDR_IF_MATCH, HDR_IF_NONE_MATCH,
198 HDR_KEY,
199 HDR_LINK, HDR_PRAGMA,
200 HDR_PROXY_CONNECTION,
201 HDR_PROXY_SUPPORT,
202 HDR_TRANSFER_ENCODING,
203 HDR_UPGRADE,
204 HDR_VARY,
205 HDR_VIA,
206 HDR_WARNING,
207 HDR_WWW_AUTHENTICATE,
208 HDR_AUTHENTICATION_INFO,
209 HDR_PROXY_AUTHENTICATION_INFO,
210 /* HDR_TE, HDR_TRAILER */
211 #if X_ACCELERATOR_VARY
212 HDR_X_ACCELERATOR_VARY,
213 #endif
214 #if USE_ADAPTATION
215 HDR_X_NEXT_SERVICES,
216 #endif
217 HDR_SURROGATE_CAPABILITY,
218 HDR_SURROGATE_CONTROL,
219 HDR_X_FORWARDED_FOR
220 };
221
222 /* general-headers */
223 static http_hdr_type GeneralHeadersArr[] = {
224 HDR_CACHE_CONTROL, HDR_CONNECTION, HDR_DATE, HDR_PRAGMA,
225 HDR_TRANSFER_ENCODING,
226 HDR_UPGRADE,
227 /* HDR_TRAILER, */
228 HDR_VIA,
229 };
230
231 /* entity-headers */
232 static http_hdr_type EntityHeadersArr[] = {
233 HDR_ALLOW, HDR_CONTENT_BASE, HDR_CONTENT_ENCODING, HDR_CONTENT_LANGUAGE,
234 HDR_CONTENT_LENGTH, HDR_CONTENT_LOCATION, HDR_CONTENT_MD5,
235 HDR_CONTENT_RANGE, HDR_CONTENT_TYPE, HDR_ETAG, HDR_EXPIRES, HDR_LAST_MODIFIED, HDR_LINK,
236 HDR_OTHER
237 };
238
239 static HttpHeaderMask ReplyHeadersMask; /* set run-time using ReplyHeaders */
240 static http_hdr_type ReplyHeadersArr[] = {
241 HDR_ACCEPT, HDR_ACCEPT_CHARSET, HDR_ACCEPT_ENCODING, HDR_ACCEPT_LANGUAGE,
242 HDR_ACCEPT_RANGES, HDR_AGE,
243 HDR_KEY,
244 HDR_LOCATION, HDR_MAX_FORWARDS,
245 HDR_MIME_VERSION, HDR_PUBLIC, HDR_RETRY_AFTER, HDR_SERVER, HDR_SET_COOKIE, HDR_SET_COOKIE2,
246 HDR_ORIGIN,
247 HDR_VARY,
248 HDR_WARNING, HDR_PROXY_CONNECTION, HDR_X_CACHE,
249 HDR_X_CACHE_LOOKUP,
250 HDR_X_REQUEST_URI,
251 #if X_ACCELERATOR_VARY
252 HDR_X_ACCELERATOR_VARY,
253 #endif
254 #if USE_ADAPTATION
255 HDR_X_NEXT_SERVICES,
256 #endif
257 HDR_X_SQUID_ERROR,
258 HDR_SURROGATE_CONTROL
259 };
260
261 static HttpHeaderMask RequestHeadersMask; /* set run-time using RequestHeaders */
262 static http_hdr_type RequestHeadersArr[] = {
263 HDR_AUTHORIZATION, HDR_FROM, HDR_HOST,
264 HDR_HTTP2_SETTINGS,
265 HDR_IF_MATCH, HDR_IF_MODIFIED_SINCE, HDR_IF_NONE_MATCH,
266 HDR_IF_RANGE, HDR_MAX_FORWARDS,
267 HDR_ORIGIN,
268 HDR_PROXY_CONNECTION,
269 HDR_PROXY_AUTHORIZATION, HDR_RANGE, HDR_REFERER, HDR_REQUEST_RANGE,
270 HDR_USER_AGENT, HDR_X_FORWARDED_FOR, HDR_SURROGATE_CAPABILITY
271 };
272
273 static HttpHeaderMask HopByHopHeadersMask;
274 static http_hdr_type HopByHopHeadersArr[] = {
275 HDR_CONNECTION, HDR_HTTP2_SETTINGS, HDR_KEEP_ALIVE, /*HDR_PROXY_AUTHENTICATE,*/ HDR_PROXY_AUTHORIZATION,
276 HDR_TE, HDR_TRAILER, HDR_TRANSFER_ENCODING, HDR_UPGRADE, HDR_PROXY_CONNECTION
277 };
278
279 /* header accounting */
280 static HttpHeaderStat HttpHeaderStats[] = {
281 {"all"},
282 #if USE_HTCP
283 {"HTCP reply"},
284 #endif
285 {"request"},
286 {"reply"}
287 };
288 static int HttpHeaderStatCount = countof(HttpHeaderStats);
289
290 static int HeaderEntryParsedCount = 0;
291
292 /*
293 * forward declarations and local routines
294 */
295
296 class StoreEntry;
297 #define assert_eid(id) assert((id) >= 0 && (id) < HDR_ENUM_END)
298
299 static void httpHeaderNoteParsedEntry(http_hdr_type id, String const &value, int error);
300
301 static void httpHeaderStatInit(HttpHeaderStat * hs, const char *label);
302 static void httpHeaderStatDump(const HttpHeaderStat * hs, StoreEntry * e);
303
304 /** store report about current header usage and other stats */
305 static void httpHeaderStoreReport(StoreEntry * e);
306
307 /*
308 * Module initialization routines
309 */
310
311 static void
312 httpHeaderRegisterWithCacheManager(void)
313 {
314 Mgr::RegisterAction("http_headers",
315 "HTTP Header Statistics",
316 httpHeaderStoreReport, 0, 1);
317 }
318
319 void
320 httpHeaderInitModule(void)
321 {
322 int i;
323 /* check that we have enough space for masks */
324 assert(8 * sizeof(HttpHeaderMask) >= HDR_ENUM_END);
325 /* all headers must be described */
326 assert(countof(HeadersAttrs) == HDR_ENUM_END);
327
328 if (!Headers)
329 Headers = httpHeaderBuildFieldsInfo(HeadersAttrs, HDR_ENUM_END);
330
331 /* create masks */
332 httpHeaderMaskInit(&ListHeadersMask, 0);
333
334 httpHeaderCalcMask(&ListHeadersMask, ListHeadersArr, countof(ListHeadersArr));
335
336 httpHeaderMaskInit(&ReplyHeadersMask, 0);
337
338 httpHeaderCalcMask(&ReplyHeadersMask, ReplyHeadersArr, countof(ReplyHeadersArr));
339
340 httpHeaderCalcMask(&ReplyHeadersMask, GeneralHeadersArr, countof(GeneralHeadersArr));
341
342 httpHeaderCalcMask(&ReplyHeadersMask, EntityHeadersArr, countof(EntityHeadersArr));
343
344 httpHeaderMaskInit(&RequestHeadersMask, 0);
345
346 httpHeaderCalcMask(&RequestHeadersMask, RequestHeadersArr, countof(RequestHeadersArr));
347
348 httpHeaderCalcMask(&RequestHeadersMask, GeneralHeadersArr, countof(GeneralHeadersArr));
349
350 httpHeaderCalcMask(&RequestHeadersMask, EntityHeadersArr, countof(EntityHeadersArr));
351
352 httpHeaderMaskInit(&HopByHopHeadersMask, 0);
353
354 httpHeaderCalcMask(&HopByHopHeadersMask, HopByHopHeadersArr, countof(HopByHopHeadersArr));
355
356 /* init header stats */
357 assert(HttpHeaderStatCount == hoReply + 1);
358
359 for (i = 0; i < HttpHeaderStatCount; ++i)
360 httpHeaderStatInit(HttpHeaderStats + i, HttpHeaderStats[i].label);
361
362 HttpHeaderStats[hoRequest].owner_mask = &RequestHeadersMask;
363
364 HttpHeaderStats[hoReply].owner_mask = &ReplyHeadersMask;
365
366 #if USE_HTCP
367
368 HttpHeaderStats[hoHtcpReply].owner_mask = &ReplyHeadersMask;
369
370 #endif
371 /* init dependent modules */
372 httpHdrCcInitModule();
373
374 httpHdrScInitModule();
375
376 httpHeaderRegisterWithCacheManager();
377 }
378
379 void
380 httpHeaderCleanModule(void)
381 {
382 httpHeaderDestroyFieldsInfo(Headers, HDR_ENUM_END);
383 Headers = NULL;
384 httpHdrCcCleanModule();
385 httpHdrScCleanModule();
386 }
387
388 static void
389 httpHeaderStatInit(HttpHeaderStat * hs, const char *label)
390 {
391 assert(hs);
392 assert(label);
393 memset(hs, 0, sizeof(HttpHeaderStat));
394 hs->label = label;
395 hs->hdrUCountDistr.enumInit(32); /* not a real enum */
396 hs->fieldTypeDistr.enumInit(HDR_ENUM_END);
397 hs->ccTypeDistr.enumInit(CC_ENUM_END);
398 hs->scTypeDistr.enumInit(SC_ENUM_END);
399 }
400
401 /*
402 * HttpHeader Implementation
403 */
404
405 HttpHeader::HttpHeader() : owner (hoNone), len (0)
406 {
407 httpHeaderMaskInit(&mask, 0);
408 }
409
410 HttpHeader::HttpHeader(const http_hdr_owner_type anOwner): owner(anOwner), len(0)
411 {
412 assert(anOwner > hoNone && anOwner < hoEnd);
413 debugs(55, 7, "init-ing hdr: " << this << " owner: " << owner);
414 httpHeaderMaskInit(&mask, 0);
415 }
416
417 HttpHeader::HttpHeader(const HttpHeader &other): owner(other.owner), len(other.len)
418 {
419 httpHeaderMaskInit(&mask, 0);
420 update(&other, NULL); // will update the mask as well
421 }
422
423 HttpHeader::~HttpHeader()
424 {
425 clean();
426 }
427
428 HttpHeader &
429 HttpHeader::operator =(const HttpHeader &other)
430 {
431 if (this != &other) {
432 // we do not really care, but the caller probably does
433 assert(owner == other.owner);
434 clean();
435 update(&other, NULL); // will update the mask as well
436 len = other.len;
437 }
438 return *this;
439 }
440
441 void
442 HttpHeader::clean()
443 {
444
445 assert(owner > hoNone && owner < hoEnd);
446 debugs(55, 7, "cleaning hdr: " << this << " owner: " << owner);
447
448 PROF_start(HttpHeaderClean);
449
450 if (owner <= hoReply) {
451 /*
452 * An unfortunate bug. The entries array is initialized
453 * such that count is set to zero. httpHeaderClean() seems to
454 * be called both when 'hdr' is created, and destroyed. Thus,
455 * we accumulate a large number of zero counts for 'hdr' before
456 * it is ever used. Can't think of a good way to fix it, except
457 * adding a state variable that indicates whether or not 'hdr'
458 * has been used. As a hack, just never count zero-sized header
459 * arrays.
460 */
461 if (!entries.empty())
462 HttpHeaderStats[owner].hdrUCountDistr.count(entries.size());
463
464 ++ HttpHeaderStats[owner].destroyedCount;
465
466 HttpHeaderStats[owner].busyDestroyedCount += entries.size() > 0;
467 } // if (owner <= hoReply)
468
469 for (std::vector<HttpHeaderEntry *>::iterator i = entries.begin(); i != entries.end(); ++i) {
470 HttpHeaderEntry *e = *i;
471 if (e == NULL)
472 continue;
473 if (e->id < 0 || e->id >= HDR_ENUM_END) {
474 debugs(55, DBG_CRITICAL, "BUG: invalid entry (" << e->id << "). Ignored.");
475 } else {
476 if (owner <= hoReply)
477 HttpHeaderStats[owner].fieldTypeDistr.count(e->id);
478 delete e;
479 }
480 }
481
482 entries.clear();
483 httpHeaderMaskInit(&mask, 0);
484 len = 0;
485 PROF_stop(HttpHeaderClean);
486 }
487
488 /* append entries (also see httpHeaderUpdate) */
489 void
490 HttpHeader::append(const HttpHeader * src)
491 {
492 const HttpHeaderEntry *e;
493 HttpHeaderPos pos = HttpHeaderInitPos;
494 assert(src);
495 assert(src != this);
496 debugs(55, 7, "appending hdr: " << this << " += " << src);
497
498 while ((e = src->getEntry(&pos))) {
499 addEntry(e->clone());
500 }
501 }
502
503 /* use fresh entries to replace old ones */
504 void
505 httpHeaderUpdate(HttpHeader * old, const HttpHeader * fresh, const HttpHeaderMask * denied_mask)
506 {
507 assert (old);
508 old->update (fresh, denied_mask);
509 }
510
511 void
512 HttpHeader::update (HttpHeader const *fresh, HttpHeaderMask const *denied_mask)
513 {
514 const HttpHeaderEntry *e;
515 HttpHeaderPos pos = HttpHeaderInitPos;
516 assert(fresh);
517 assert(this != fresh);
518
519 while ((e = fresh->getEntry(&pos))) {
520 /* deny bad guys (ok to check for HDR_OTHER) here */
521
522 if (denied_mask && CBIT_TEST(*denied_mask, e->id))
523 continue;
524
525 if (e->id != HDR_OTHER)
526 delById(e->id);
527 else
528 delByName(e->name.termedBuf());
529 }
530
531 pos = HttpHeaderInitPos;
532 while ((e = fresh->getEntry(&pos))) {
533 /* deny bad guys (ok to check for HDR_OTHER) here */
534
535 if (denied_mask && CBIT_TEST(*denied_mask, e->id))
536 continue;
537
538 debugs(55, 7, "Updating header '" << HeadersAttrs[e->id].name << "' in cached entry");
539
540 addEntry(e->clone());
541 }
542 }
543
544 /* just handy in parsing: resets and returns false */
545 int
546 HttpHeader::reset()
547 {
548 clean();
549 return 0;
550 }
551
552 int
553 HttpHeader::parse(const char *header_start, const char *header_end)
554 {
555 const char *field_ptr = header_start;
556 HttpHeaderEntry *e, *e2;
557 int warnOnError = (Config.onoff.relaxed_header_parser <= 0 ? DBG_IMPORTANT : 2);
558
559 PROF_start(HttpHeaderParse);
560
561 assert(header_start && header_end);
562 debugs(55, 7, "parsing hdr: (" << this << ")" << std::endl << getStringPrefix(header_start, header_end));
563 ++ HttpHeaderStats[owner].parsedCount;
564
565 char *nulpos;
566 if ((nulpos = (char*)memchr(header_start, '\0', header_end - header_start))) {
567 debugs(55, DBG_IMPORTANT, "WARNING: HTTP header contains NULL characters {" <<
568 getStringPrefix(header_start, nulpos) << "}\nNULL\n{" << getStringPrefix(nulpos+1, header_end));
569 PROF_stop(HttpHeaderParse);
570 return reset();
571 }
572
573 /* common format headers are "<name>:[ws]<value>" lines delimited by <CRLF>.
574 * continuation lines start with a (single) space or tab */
575 while (field_ptr < header_end) {
576 const char *field_start = field_ptr;
577 const char *field_end;
578
579 do {
580 const char *this_line = field_ptr;
581 field_ptr = (const char *)memchr(field_ptr, '\n', header_end - field_ptr);
582
583 if (!field_ptr) {
584 // missing <LF>
585 PROF_stop(HttpHeaderParse);
586 return reset();
587 }
588
589 field_end = field_ptr;
590
591 ++field_ptr; /* Move to next line */
592
593 if (field_end > this_line && field_end[-1] == '\r') {
594 --field_end; /* Ignore CR LF */
595
596 if (owner == hoRequest && field_end > this_line) {
597 bool cr_only = true;
598 for (const char *p = this_line; p < field_end && cr_only; ++p) {
599 if (*p != '\r')
600 cr_only = false;
601 }
602 if (cr_only) {
603 debugs(55, DBG_IMPORTANT, "SECURITY WARNING: Rejecting HTTP request with a CR+ "
604 "header field to prevent request smuggling attacks: {" <<
605 getStringPrefix(header_start, header_end) << "}");
606 PROF_stop(HttpHeaderParse);
607 return reset();
608 }
609 }
610 }
611
612 /* Barf on stray CR characters */
613 if (memchr(this_line, '\r', field_end - this_line)) {
614 debugs(55, warnOnError, "WARNING: suspicious CR characters in HTTP header {" <<
615 getStringPrefix(field_start, field_end) << "}");
616
617 if (Config.onoff.relaxed_header_parser) {
618 char *p = (char *) this_line; /* XXX Warning! This destroys original header content and violates specifications somewhat */
619
620 while ((p = (char *)memchr(p, '\r', field_end - p)) != NULL) {
621 *p = ' ';
622 ++p;
623 }
624 } else {
625 PROF_stop(HttpHeaderParse);
626 return reset();
627 }
628 }
629
630 if (this_line + 1 == field_end && this_line > field_start) {
631 debugs(55, warnOnError, "WARNING: Blank continuation line in HTTP header {" <<
632 getStringPrefix(header_start, header_end) << "}");
633 PROF_stop(HttpHeaderParse);
634 return reset();
635 }
636 } while (field_ptr < header_end && (*field_ptr == ' ' || *field_ptr == '\t'));
637
638 if (field_start == field_end) {
639 if (field_ptr < header_end) {
640 debugs(55, warnOnError, "WARNING: unparseable HTTP header field near {" <<
641 getStringPrefix(field_start, header_end) << "}");
642 PROF_stop(HttpHeaderParse);
643 return reset();
644 }
645
646 break; /* terminating blank line */
647 }
648
649 if ((e = HttpHeaderEntry::parse(field_start, field_end)) == NULL) {
650 debugs(55, warnOnError, "WARNING: unparseable HTTP header field {" <<
651 getStringPrefix(field_start, field_end) << "}");
652 debugs(55, warnOnError, " in {" << getStringPrefix(header_start, header_end) << "}");
653
654 if (Config.onoff.relaxed_header_parser)
655 continue;
656
657 PROF_stop(HttpHeaderParse);
658 return reset();
659 }
660
661 if (e->id == HDR_CONTENT_LENGTH && (e2 = findEntry(e->id)) != NULL) {
662 if (e->value != e2->value) {
663 int64_t l1, l2;
664 debugs(55, warnOnError, "WARNING: found two conflicting content-length headers in {" <<
665 getStringPrefix(header_start, header_end) << "}");
666
667 if (!Config.onoff.relaxed_header_parser) {
668 delete e;
669 PROF_stop(HttpHeaderParse);
670 return reset();
671 }
672
673 if (!httpHeaderParseOffset(e->value.termedBuf(), &l1)) {
674 debugs(55, DBG_IMPORTANT, "WARNING: Unparseable content-length '" << e->value << "'");
675 delete e;
676 continue;
677 } else if (!httpHeaderParseOffset(e2->value.termedBuf(), &l2)) {
678 debugs(55, DBG_IMPORTANT, "WARNING: Unparseable content-length '" << e2->value << "'");
679 delById(e2->id);
680 } else if (l1 > l2) {
681 delById(e2->id);
682 } else {
683 delete e;
684 continue;
685 }
686 } else {
687 debugs(55, warnOnError, "NOTICE: found double content-length header");
688 delete e;
689
690 if (Config.onoff.relaxed_header_parser)
691 continue;
692
693 PROF_stop(HttpHeaderParse);
694 return reset();
695 }
696 }
697
698 if (e->id == HDR_OTHER && stringHasWhitespace(e->name.termedBuf())) {
699 debugs(55, warnOnError, "WARNING: found whitespace in HTTP header name {" <<
700 getStringPrefix(field_start, field_end) << "}");
701
702 if (!Config.onoff.relaxed_header_parser) {
703 delete e;
704 PROF_stop(HttpHeaderParse);
705 return reset();
706 }
707 }
708
709 addEntry(e);
710 }
711
712 if (chunked()) {
713 // RFC 2616 section 4.4: ignore Content-Length with Transfer-Encoding
714 delById(HDR_CONTENT_LENGTH);
715 }
716
717 PROF_stop(HttpHeaderParse);
718 return 1; /* even if no fields where found, it is a valid header */
719 }
720
721 /* packs all the entries using supplied packer */
722 void
723 HttpHeader::packInto(Packer * p, bool mask_sensitive_info) const
724 {
725 HttpHeaderPos pos = HttpHeaderInitPos;
726 const HttpHeaderEntry *e;
727 assert(p);
728 debugs(55, 7, "packing hdr: (" << this << ")");
729 /* pack all entries one by one */
730 while ((e = getEntry(&pos))) {
731 if (!mask_sensitive_info) {
732 e->packInto(p);
733 continue;
734 }
735 switch (e->id) {
736 case HDR_AUTHORIZATION:
737 case HDR_PROXY_AUTHORIZATION:
738 packerAppend(p, e->name.rawBuf(), e->name.size());
739 packerAppend(p, ": ** NOT DISPLAYED **\r\n", 23);
740 break;
741 default:
742 e->packInto(p);
743 break;
744 }
745 }
746 /* Pack in the "special" entries */
747
748 /* Cache-Control */
749 }
750
751 /* returns next valid entry */
752 HttpHeaderEntry *
753 HttpHeader::getEntry(HttpHeaderPos * pos) const
754 {
755 assert(pos);
756 assert(*pos >= HttpHeaderInitPos && *pos < static_cast<ssize_t>(entries.size()));
757
758 for (++(*pos); *pos < static_cast<ssize_t>(entries.size()); ++(*pos)) {
759 if (entries[*pos])
760 return static_cast<HttpHeaderEntry*>(entries[*pos]);
761 }
762
763 return NULL;
764 }
765
766 /*
767 * returns a pointer to a specified entry if any
768 * note that we return one entry so it does not make much sense to ask for
769 * "list" headers
770 */
771 HttpHeaderEntry *
772 HttpHeader::findEntry(http_hdr_type id) const
773 {
774 HttpHeaderPos pos = HttpHeaderInitPos;
775 HttpHeaderEntry *e;
776 assert_eid(id);
777 assert(!CBIT_TEST(ListHeadersMask, id));
778
779 /* check mask first */
780
781 if (!CBIT_TEST(mask, id))
782 return NULL;
783
784 /* looks like we must have it, do linear search */
785 while ((e = getEntry(&pos))) {
786 if (e->id == id)
787 return e;
788 }
789
790 /* hm.. we thought it was there, but it was not found */
791 assert(0);
792
793 return NULL; /* not reached */
794 }
795
796 /*
797 * same as httpHeaderFindEntry
798 */
799 HttpHeaderEntry *
800 HttpHeader::findLastEntry(http_hdr_type id) const
801 {
802 HttpHeaderPos pos = HttpHeaderInitPos;
803 HttpHeaderEntry *e;
804 HttpHeaderEntry *result = NULL;
805 assert_eid(id);
806 assert(!CBIT_TEST(ListHeadersMask, id));
807
808 /* check mask first */
809
810 if (!CBIT_TEST(mask, id))
811 return NULL;
812
813 /* looks like we must have it, do linear search */
814 while ((e = getEntry(&pos))) {
815 if (e->id == id)
816 result = e;
817 }
818
819 assert(result); /* must be there! */
820 return result;
821 }
822
823 /*
824 * deletes all fields with a given name if any, returns #fields deleted;
825 */
826 int
827 HttpHeader::delByName(const char *name)
828 {
829 int count = 0;
830 HttpHeaderPos pos = HttpHeaderInitPos;
831 HttpHeaderEntry *e;
832 httpHeaderMaskInit(&mask, 0); /* temporal inconsistency */
833 debugs(55, 9, "deleting '" << name << "' fields in hdr " << this);
834
835 while ((e = getEntry(&pos))) {
836 if (!e->name.caseCmp(name))
837 delAt(pos, count);
838 else
839 CBIT_SET(mask, e->id);
840 }
841
842 return count;
843 }
844
845 /* deletes all entries with a given id, returns the #entries deleted */
846 int
847 HttpHeader::delById(http_hdr_type id)
848 {
849 int count = 0;
850 HttpHeaderPos pos = HttpHeaderInitPos;
851 HttpHeaderEntry *e;
852 debugs(55, 8, this << " del-by-id " << id);
853 assert_eid(id);
854 assert(id != HDR_OTHER); /* does not make sense */
855
856 if (!CBIT_TEST(mask, id))
857 return 0;
858
859 while ((e = getEntry(&pos))) {
860 if (e->id == id)
861 delAt(pos, count);
862 }
863
864 CBIT_CLR(mask, id);
865 assert(count);
866 return count;
867 }
868
869 /*
870 * deletes an entry at pos and leaves a gap; leaving a gap makes it
871 * possible to iterate(search) and delete fields at the same time
872 * NOTE: Does not update the header mask. Caller must follow up with
873 * a call to refreshMask() if headers_deleted was incremented.
874 */
875 void
876 HttpHeader::delAt(HttpHeaderPos pos, int &headers_deleted)
877 {
878 HttpHeaderEntry *e;
879 assert(pos >= HttpHeaderInitPos && pos < static_cast<ssize_t>(entries.size()));
880 e = static_cast<HttpHeaderEntry*>(entries[pos]);
881 entries[pos] = NULL;
882 /* decrement header length, allow for ": " and crlf */
883 len -= e->name.size() + 2 + e->value.size() + 2;
884 assert(len >= 0);
885 delete e;
886 ++headers_deleted;
887 }
888
889 /*
890 * Compacts the header storage
891 */
892 void
893 HttpHeader::compact()
894 {
895 // TODO: optimize removal, or possibly make it so that's not needed.
896 std::vector<HttpHeaderEntry *>::iterator newend;
897 newend = std::remove(entries.begin(), entries.end(), static_cast<HttpHeaderEntry *>(NULL));
898 entries.resize(newend-entries.begin());
899 }
900
901 /*
902 * Refreshes the header mask. Required after delAt() calls.
903 */
904 void
905 HttpHeader::refreshMask()
906 {
907 httpHeaderMaskInit(&mask, 0);
908 debugs(55, 7, "refreshing the mask in hdr " << this);
909 HttpHeaderPos pos = HttpHeaderInitPos;
910 while (HttpHeaderEntry *e = getEntry(&pos)) {
911 CBIT_SET(mask, e->id);
912 }
913 }
914
915 /* appends an entry;
916 * does not call e->clone() so one should not reuse "*e"
917 */
918 void
919 HttpHeader::addEntry(HttpHeaderEntry * e)
920 {
921 assert(e);
922 assert_eid(e->id);
923 assert(e->name.size());
924
925 debugs(55, 7, this << " adding entry: " << e->id << " at " << entries.size());
926
927 if (CBIT_TEST(mask, e->id))
928 ++ Headers[e->id].stat.repCount;
929 else
930 CBIT_SET(mask, e->id);
931
932 entries.push_back(e);
933
934 /* increment header length, allow for ": " and crlf */
935 len += e->name.size() + 2 + e->value.size() + 2;
936 }
937
938 /* inserts an entry;
939 * does not call e->clone() so one should not reuse "*e"
940 */
941 void
942 HttpHeader::insertEntry(HttpHeaderEntry * e)
943 {
944 assert(e);
945 assert_eid(e->id);
946
947 debugs(55, 7, this << " adding entry: " << e->id << " at " << entries.size());
948
949 if (CBIT_TEST(mask, e->id))
950 ++ Headers[e->id].stat.repCount;
951 else
952 CBIT_SET(mask, e->id);
953
954 entries.insert(entries.begin(),e);
955
956 /* increment header length, allow for ": " and crlf */
957 len += e->name.size() + 2 + e->value.size() + 2;
958 }
959
960 bool
961 HttpHeader::getList(http_hdr_type id, String *s) const
962 {
963 HttpHeaderEntry *e;
964 HttpHeaderPos pos = HttpHeaderInitPos;
965 debugs(55, 9, this << " joining for id " << id);
966 /* only fields from ListHeaders array can be "listed" */
967 assert(CBIT_TEST(ListHeadersMask, id));
968
969 if (!CBIT_TEST(mask, id))
970 return false;
971
972 while ((e = getEntry(&pos))) {
973 if (e->id == id)
974 strListAdd(s, e->value.termedBuf(), ',');
975 }
976
977 /*
978 * note: we might get an empty (size==0) string if there was an "empty"
979 * header. This results in an empty length String, which may have a NULL
980 * buffer.
981 */
982 /* temporary warning: remove it? (Is it useful for diagnostics ?) */
983 if (!s->size())
984 debugs(55, 3, "empty list header: " << Headers[id].name << "(" << id << ")");
985 else
986 debugs(55, 6, this << ": joined for id " << id << ": " << s);
987
988 return true;
989 }
990
991 /* return a list of entries with the same id separated by ',' and ws */
992 String
993 HttpHeader::getList(http_hdr_type id) const
994 {
995 HttpHeaderEntry *e;
996 HttpHeaderPos pos = HttpHeaderInitPos;
997 debugs(55, 9, this << "joining for id " << id);
998 /* only fields from ListHeaders array can be "listed" */
999 assert(CBIT_TEST(ListHeadersMask, id));
1000
1001 if (!CBIT_TEST(mask, id))
1002 return String();
1003
1004 String s;
1005
1006 while ((e = getEntry(&pos))) {
1007 if (e->id == id)
1008 strListAdd(&s, e->value.termedBuf(), ',');
1009 }
1010
1011 /*
1012 * note: we might get an empty (size==0) string if there was an "empty"
1013 * header. This results in an empty length String, which may have a NULL
1014 * buffer.
1015 */
1016 /* temporary warning: remove it? (Is it useful for diagnostics ?) */
1017 if (!s.size())
1018 debugs(55, 3, "empty list header: " << Headers[id].name << "(" << id << ")");
1019 else
1020 debugs(55, 6, this << ": joined for id " << id << ": " << s);
1021
1022 return s;
1023 }
1024
1025 /* return a string or list of entries with the same id separated by ',' and ws */
1026 String
1027 HttpHeader::getStrOrList(http_hdr_type id) const
1028 {
1029 HttpHeaderEntry *e;
1030
1031 if (CBIT_TEST(ListHeadersMask, id))
1032 return getList(id);
1033
1034 if ((e = findEntry(id)))
1035 return e->value;
1036
1037 return String();
1038 }
1039
1040 /*
1041 * Returns the value of the specified header and/or an undefined String.
1042 */
1043 String
1044 HttpHeader::getByName(const char *name) const
1045 {
1046 String result;
1047 // ignore presence: return undefined string if an empty header is present
1048 (void)getByNameIfPresent(name, result);
1049 return result;
1050 }
1051
1052 bool
1053 HttpHeader::getByNameIfPresent(const char *name, String &result) const
1054 {
1055 http_hdr_type id;
1056 HttpHeaderPos pos = HttpHeaderInitPos;
1057 HttpHeaderEntry *e;
1058
1059 assert(name);
1060
1061 /* First try the quick path */
1062 id = httpHeaderIdByNameDef(name, strlen(name));
1063
1064 if (id != -1) {
1065 if (!has(id))
1066 return false;
1067 result = getStrOrList(id);
1068 return true;
1069 }
1070
1071 /* Sorry, an unknown header name. Do linear search */
1072 bool found = false;
1073 while ((e = getEntry(&pos))) {
1074 if (e->id == HDR_OTHER && e->name.caseCmp(name) == 0) {
1075 found = true;
1076 strListAdd(&result, e->value.termedBuf(), ',');
1077 }
1078 }
1079
1080 return found;
1081 }
1082
1083 /*
1084 * Returns a the value of the specified list member, if any.
1085 */
1086 String
1087 HttpHeader::getByNameListMember(const char *name, const char *member, const char separator) const
1088 {
1089 String header;
1090 const char *pos = NULL;
1091 const char *item;
1092 int ilen;
1093 int mlen = strlen(member);
1094
1095 assert(name);
1096
1097 header = getByName(name);
1098
1099 String result;
1100
1101 while (strListGetItem(&header, separator, &item, &ilen, &pos)) {
1102 if (strncmp(item, member, mlen) == 0 && item[mlen] == '=') {
1103 result.append(item + mlen + 1, ilen - mlen - 1);
1104 break;
1105 }
1106 }
1107
1108 return result;
1109 }
1110
1111 /*
1112 * returns a the value of the specified list member, if any.
1113 */
1114 String
1115 HttpHeader::getListMember(http_hdr_type id, const char *member, const char separator) const
1116 {
1117 String header;
1118 const char *pos = NULL;
1119 const char *item;
1120 int ilen;
1121 int mlen = strlen(member);
1122
1123 assert(id >= 0);
1124
1125 header = getStrOrList(id);
1126 String result;
1127
1128 while (strListGetItem(&header, separator, &item, &ilen, &pos)) {
1129 if (strncmp(item, member, mlen) == 0 && item[mlen] == '=') {
1130 result.append(item + mlen + 1, ilen - mlen - 1);
1131 break;
1132 }
1133 }
1134
1135 header.clean();
1136 return result;
1137 }
1138
1139 /* test if a field is present */
1140 int
1141 HttpHeader::has(http_hdr_type id) const
1142 {
1143 assert_eid(id);
1144 assert(id != HDR_OTHER);
1145 debugs(55, 9, this << " lookup for " << id);
1146 return CBIT_TEST(mask, id);
1147 }
1148
1149 void
1150 HttpHeader::putInt(http_hdr_type id, int number)
1151 {
1152 assert_eid(id);
1153 assert(Headers[id].type == ftInt); /* must be of an appropriate type */
1154 assert(number >= 0);
1155 addEntry(new HttpHeaderEntry(id, NULL, xitoa(number)));
1156 }
1157
1158 void
1159 HttpHeader::putInt64(http_hdr_type id, int64_t number)
1160 {
1161 assert_eid(id);
1162 assert(Headers[id].type == ftInt64); /* must be of an appropriate type */
1163 assert(number >= 0);
1164 addEntry(new HttpHeaderEntry(id, NULL, xint64toa(number)));
1165 }
1166
1167 void
1168 HttpHeader::putTime(http_hdr_type id, time_t htime)
1169 {
1170 assert_eid(id);
1171 assert(Headers[id].type == ftDate_1123); /* must be of an appropriate type */
1172 assert(htime >= 0);
1173 addEntry(new HttpHeaderEntry(id, NULL, mkrfc1123(htime)));
1174 }
1175
1176 void
1177 HttpHeader::insertTime(http_hdr_type id, time_t htime)
1178 {
1179 assert_eid(id);
1180 assert(Headers[id].type == ftDate_1123); /* must be of an appropriate type */
1181 assert(htime >= 0);
1182 insertEntry(new HttpHeaderEntry(id, NULL, mkrfc1123(htime)));
1183 }
1184
1185 void
1186 HttpHeader::putStr(http_hdr_type id, const char *str)
1187 {
1188 assert_eid(id);
1189 assert(Headers[id].type == ftStr); /* must be of an appropriate type */
1190 assert(str);
1191 addEntry(new HttpHeaderEntry(id, NULL, str));
1192 }
1193
1194 void
1195 HttpHeader::putAuth(const char *auth_scheme, const char *realm)
1196 {
1197 assert(auth_scheme && realm);
1198 httpHeaderPutStrf(this, HDR_WWW_AUTHENTICATE, "%s realm=\"%s\"", auth_scheme, realm);
1199 }
1200
1201 void
1202 HttpHeader::putCc(const HttpHdrCc * cc)
1203 {
1204 MemBuf mb;
1205 Packer p;
1206 assert(cc);
1207 /* remove old directives if any */
1208 delById(HDR_CACHE_CONTROL);
1209 /* pack into mb */
1210 mb.init();
1211 packerToMemInit(&p, &mb);
1212 cc->packInto(&p);
1213 /* put */
1214 addEntry(new HttpHeaderEntry(HDR_CACHE_CONTROL, NULL, mb.buf));
1215 /* cleanup */
1216 packerClean(&p);
1217 mb.clean();
1218 }
1219
1220 void
1221 HttpHeader::putContRange(const HttpHdrContRange * cr)
1222 {
1223 MemBuf mb;
1224 Packer p;
1225 assert(cr);
1226 /* remove old directives if any */
1227 delById(HDR_CONTENT_RANGE);
1228 /* pack into mb */
1229 mb.init();
1230 packerToMemInit(&p, &mb);
1231 httpHdrContRangePackInto(cr, &p);
1232 /* put */
1233 addEntry(new HttpHeaderEntry(HDR_CONTENT_RANGE, NULL, mb.buf));
1234 /* cleanup */
1235 packerClean(&p);
1236 mb.clean();
1237 }
1238
1239 void
1240 HttpHeader::putRange(const HttpHdrRange * range)
1241 {
1242 MemBuf mb;
1243 Packer p;
1244 assert(range);
1245 /* remove old directives if any */
1246 delById(HDR_RANGE);
1247 /* pack into mb */
1248 mb.init();
1249 packerToMemInit(&p, &mb);
1250 range->packInto(&p);
1251 /* put */
1252 addEntry(new HttpHeaderEntry(HDR_RANGE, NULL, mb.buf));
1253 /* cleanup */
1254 packerClean(&p);
1255 mb.clean();
1256 }
1257
1258 void
1259 HttpHeader::putSc(HttpHdrSc *sc)
1260 {
1261 MemBuf mb;
1262 Packer p;
1263 assert(sc);
1264 /* remove old directives if any */
1265 delById(HDR_SURROGATE_CONTROL);
1266 /* pack into mb */
1267 mb.init();
1268 packerToMemInit(&p, &mb);
1269 sc->packInto(&p);
1270 /* put */
1271 addEntry(new HttpHeaderEntry(HDR_SURROGATE_CONTROL, NULL, mb.buf));
1272 /* cleanup */
1273 packerClean(&p);
1274 mb.clean();
1275 }
1276
1277 void
1278 HttpHeader::putWarning(const int code, const char *const text)
1279 {
1280 char buf[512];
1281 snprintf(buf, sizeof(buf), "%i %s \"%s\"", code, visible_appname_string, text);
1282 putStr(HDR_WARNING, buf);
1283 }
1284
1285 /* add extension header (these fields are not parsed/analyzed/joined, etc.) */
1286 void
1287 HttpHeader::putExt(const char *name, const char *value)
1288 {
1289 assert(name && value);
1290 debugs(55, 8, this << " adds ext entry " << name << " : " << value);
1291 addEntry(new HttpHeaderEntry(HDR_OTHER, name, value));
1292 }
1293
1294 int
1295 HttpHeader::getInt(http_hdr_type id) const
1296 {
1297 assert_eid(id);
1298 assert(Headers[id].type == ftInt); /* must be of an appropriate type */
1299 HttpHeaderEntry *e;
1300
1301 if ((e = findEntry(id)))
1302 return e->getInt();
1303
1304 return -1;
1305 }
1306
1307 int64_t
1308 HttpHeader::getInt64(http_hdr_type id) const
1309 {
1310 assert_eid(id);
1311 assert(Headers[id].type == ftInt64); /* must be of an appropriate type */
1312 HttpHeaderEntry *e;
1313
1314 if ((e = findEntry(id)))
1315 return e->getInt64();
1316
1317 return -1;
1318 }
1319
1320 time_t
1321 HttpHeader::getTime(http_hdr_type id) const
1322 {
1323 HttpHeaderEntry *e;
1324 time_t value = -1;
1325 assert_eid(id);
1326 assert(Headers[id].type == ftDate_1123); /* must be of an appropriate type */
1327
1328 if ((e = findEntry(id))) {
1329 value = parse_rfc1123(e->value.termedBuf());
1330 httpHeaderNoteParsedEntry(e->id, e->value, value < 0);
1331 }
1332
1333 return value;
1334 }
1335
1336 /* sync with httpHeaderGetLastStr */
1337 const char *
1338 HttpHeader::getStr(http_hdr_type id) const
1339 {
1340 HttpHeaderEntry *e;
1341 assert_eid(id);
1342 assert(Headers[id].type == ftStr); /* must be of an appropriate type */
1343
1344 if ((e = findEntry(id))) {
1345 httpHeaderNoteParsedEntry(e->id, e->value, 0); /* no errors are possible */
1346 return e->value.termedBuf();
1347 }
1348
1349 return NULL;
1350 }
1351
1352 /* unusual */
1353 const char *
1354 HttpHeader::getLastStr(http_hdr_type id) const
1355 {
1356 HttpHeaderEntry *e;
1357 assert_eid(id);
1358 assert(Headers[id].type == ftStr); /* must be of an appropriate type */
1359
1360 if ((e = findLastEntry(id))) {
1361 httpHeaderNoteParsedEntry(e->id, e->value, 0); /* no errors are possible */
1362 return e->value.termedBuf();
1363 }
1364
1365 return NULL;
1366 }
1367
1368 HttpHdrCc *
1369 HttpHeader::getCc() const
1370 {
1371 if (!CBIT_TEST(mask, HDR_CACHE_CONTROL))
1372 return NULL;
1373 PROF_start(HttpHeader_getCc);
1374
1375 String s;
1376 getList(HDR_CACHE_CONTROL, &s);
1377
1378 HttpHdrCc *cc=new HttpHdrCc();
1379
1380 if (!cc->parse(s)) {
1381 delete cc;
1382 cc = NULL;
1383 }
1384
1385 ++ HttpHeaderStats[owner].ccParsedCount;
1386
1387 if (cc)
1388 httpHdrCcUpdateStats(cc, &HttpHeaderStats[owner].ccTypeDistr);
1389
1390 httpHeaderNoteParsedEntry(HDR_CACHE_CONTROL, s, !cc);
1391
1392 PROF_stop(HttpHeader_getCc);
1393
1394 return cc;
1395 }
1396
1397 HttpHdrRange *
1398 HttpHeader::getRange() const
1399 {
1400 HttpHdrRange *r = NULL;
1401 HttpHeaderEntry *e;
1402 /* some clients will send "Request-Range" _and_ *matching* "Range"
1403 * who knows, some clients might send Request-Range only;
1404 * this "if" should work correctly in both cases;
1405 * hopefully no clients send mismatched headers! */
1406
1407 if ((e = findEntry(HDR_RANGE)) ||
1408 (e = findEntry(HDR_REQUEST_RANGE))) {
1409 r = HttpHdrRange::ParseCreate(&e->value);
1410 httpHeaderNoteParsedEntry(e->id, e->value, !r);
1411 }
1412
1413 return r;
1414 }
1415
1416 HttpHdrSc *
1417 HttpHeader::getSc() const
1418 {
1419 if (!CBIT_TEST(mask, HDR_SURROGATE_CONTROL))
1420 return NULL;
1421
1422 String s;
1423
1424 (void) getList(HDR_SURROGATE_CONTROL, &s);
1425
1426 HttpHdrSc *sc = httpHdrScParseCreate(s);
1427
1428 ++ HttpHeaderStats[owner].ccParsedCount;
1429
1430 if (sc)
1431 sc->updateStats(&HttpHeaderStats[owner].scTypeDistr);
1432
1433 httpHeaderNoteParsedEntry(HDR_SURROGATE_CONTROL, s, !sc);
1434
1435 return sc;
1436 }
1437
1438 HttpHdrContRange *
1439 HttpHeader::getContRange() const
1440 {
1441 HttpHdrContRange *cr = NULL;
1442 HttpHeaderEntry *e;
1443
1444 if ((e = findEntry(HDR_CONTENT_RANGE))) {
1445 cr = httpHdrContRangeParseCreate(e->value.termedBuf());
1446 httpHeaderNoteParsedEntry(e->id, e->value, !cr);
1447 }
1448
1449 return cr;
1450 }
1451
1452 const char *
1453 HttpHeader::getAuth(http_hdr_type id, const char *auth_scheme) const
1454 {
1455 const char *field;
1456 int l;
1457 assert(auth_scheme);
1458 field = getStr(id);
1459
1460 if (!field) /* no authorization field */
1461 return NULL;
1462
1463 l = strlen(auth_scheme);
1464
1465 if (!l || strncasecmp(field, auth_scheme, l)) /* wrong scheme */
1466 return NULL;
1467
1468 field += l;
1469
1470 if (!xisspace(*field)) /* wrong scheme */
1471 return NULL;
1472
1473 /* skip white space */
1474 for (; field && xisspace(*field); ++field);
1475
1476 if (!*field) /* no authorization cookie */
1477 return NULL;
1478
1479 static char decodedAuthToken[8192];
1480 const int decodedLen = base64_decode(decodedAuthToken, sizeof(decodedAuthToken)-1, field);
1481 decodedAuthToken[decodedLen] = '\0';
1482 return decodedAuthToken;
1483 }
1484
1485 ETag
1486 HttpHeader::getETag(http_hdr_type id) const
1487 {
1488 ETag etag = {NULL, -1};
1489 HttpHeaderEntry *e;
1490 assert(Headers[id].type == ftETag); /* must be of an appropriate type */
1491
1492 if ((e = findEntry(id)))
1493 etagParseInit(&etag, e->value.termedBuf());
1494
1495 return etag;
1496 }
1497
1498 TimeOrTag
1499 HttpHeader::getTimeOrTag(http_hdr_type id) const
1500 {
1501 TimeOrTag tot;
1502 HttpHeaderEntry *e;
1503 assert(Headers[id].type == ftDate_1123_or_ETag); /* must be of an appropriate type */
1504 memset(&tot, 0, sizeof(tot));
1505
1506 if ((e = findEntry(id))) {
1507 const char *str = e->value.termedBuf();
1508 /* try as an ETag */
1509
1510 if (etagParseInit(&tot.tag, str)) {
1511 tot.valid = tot.tag.str != NULL;
1512 tot.time = -1;
1513 } else {
1514 /* or maybe it is time? */
1515 tot.time = parse_rfc1123(str);
1516 tot.valid = tot.time >= 0;
1517 tot.tag.str = NULL;
1518 }
1519 }
1520
1521 assert(tot.time < 0 || !tot.tag.str); /* paranoid */
1522 return tot;
1523 }
1524
1525 /*
1526 * HttpHeaderEntry
1527 */
1528
1529 HttpHeaderEntry::HttpHeaderEntry(http_hdr_type anId, const char *aName, const char *aValue)
1530 {
1531 assert_eid(anId);
1532 id = anId;
1533
1534 if (id != HDR_OTHER)
1535 name = Headers[id].name;
1536 else
1537 name = aName;
1538
1539 value = aValue;
1540
1541 ++ Headers[id].stat.aliveCount;
1542
1543 debugs(55, 9, "created HttpHeaderEntry " << this << ": '" << name << " : " << value );
1544 }
1545
1546 HttpHeaderEntry::~HttpHeaderEntry()
1547 {
1548 assert_eid(id);
1549 debugs(55, 9, "destroying entry " << this << ": '" << name << ": " << value << "'");
1550 /* clean name if needed */
1551
1552 if (id == HDR_OTHER)
1553 name.clean();
1554
1555 value.clean();
1556
1557 assert(Headers[id].stat.aliveCount);
1558
1559 -- Headers[id].stat.aliveCount;
1560
1561 id = HDR_BAD_HDR;
1562 }
1563
1564 /* parses and inits header entry, returns true/false */
1565 HttpHeaderEntry *
1566 HttpHeaderEntry::parse(const char *field_start, const char *field_end)
1567 {
1568 /* note: name_start == field_start */
1569 const char *name_end = (const char *)memchr(field_start, ':', field_end - field_start);
1570 int name_len = name_end ? name_end - field_start :0;
1571 const char *value_start = field_start + name_len + 1; /* skip ':' */
1572 /* note: value_end == field_end */
1573
1574 ++ HeaderEntryParsedCount;
1575
1576 /* do we have a valid field name within this field? */
1577
1578 if (!name_len || name_end > field_end)
1579 return NULL;
1580
1581 if (name_len > 65534) {
1582 /* String must be LESS THAN 64K and it adds a terminating NULL */
1583 debugs(55, DBG_IMPORTANT, "WARNING: ignoring header name of " << name_len << " bytes");
1584 return NULL;
1585 }
1586
1587 if (Config.onoff.relaxed_header_parser && xisspace(field_start[name_len - 1])) {
1588 debugs(55, Config.onoff.relaxed_header_parser <= 0 ? 1 : 2,
1589 "NOTICE: Whitespace after header name in '" << getStringPrefix(field_start, field_end) << "'");
1590
1591 while (name_len > 0 && xisspace(field_start[name_len - 1]))
1592 --name_len;
1593
1594 if (!name_len)
1595 return NULL;
1596 }
1597
1598 /* now we know we can parse it */
1599
1600 debugs(55, 9, "parsing HttpHeaderEntry: near '" << getStringPrefix(field_start, field_end) << "'");
1601
1602 /* is it a "known" field? */
1603 http_hdr_type id = httpHeaderIdByName(field_start, name_len, Headers, HDR_ENUM_END);
1604
1605 String name;
1606
1607 String value;
1608
1609 if (id < 0)
1610 id = HDR_OTHER;
1611
1612 assert_eid(id);
1613
1614 /* set field name */
1615 if (id == HDR_OTHER)
1616 name.limitInit(field_start, name_len);
1617 else
1618 name = Headers[id].name;
1619
1620 /* trim field value */
1621 while (value_start < field_end && xisspace(*value_start))
1622 ++value_start;
1623
1624 while (value_start < field_end && xisspace(field_end[-1]))
1625 --field_end;
1626
1627 if (field_end - value_start > 65534) {
1628 /* String must be LESS THAN 64K and it adds a terminating NULL */
1629 debugs(55, DBG_IMPORTANT, "WARNING: ignoring '" << name << "' header of " << (field_end - value_start) << " bytes");
1630
1631 if (id == HDR_OTHER)
1632 name.clean();
1633
1634 return NULL;
1635 }
1636
1637 /* set field value */
1638 value.limitInit(value_start, field_end - value_start);
1639
1640 ++ Headers[id].stat.seenCount;
1641
1642 debugs(55, 9, "parsed HttpHeaderEntry: '" << name << ": " << value << "'");
1643
1644 return new HttpHeaderEntry(id, name.termedBuf(), value.termedBuf());
1645 }
1646
1647 HttpHeaderEntry *
1648 HttpHeaderEntry::clone() const
1649 {
1650 return new HttpHeaderEntry(id, name.termedBuf(), value.termedBuf());
1651 }
1652
1653 void
1654 HttpHeaderEntry::packInto(Packer * p) const
1655 {
1656 assert(p);
1657 packerAppend(p, name.rawBuf(), name.size());
1658 packerAppend(p, ": ", 2);
1659 packerAppend(p, value.rawBuf(), value.size());
1660 packerAppend(p, "\r\n", 2);
1661 }
1662
1663 int
1664 HttpHeaderEntry::getInt() const
1665 {
1666 assert_eid (id);
1667 assert (Headers[id].type == ftInt);
1668 int val = -1;
1669 int ok = httpHeaderParseInt(value.termedBuf(), &val);
1670 httpHeaderNoteParsedEntry(id, value, !ok);
1671 /* XXX: Should we check ok - ie
1672 * return ok ? -1 : value;
1673 */
1674 return val;
1675 }
1676
1677 int64_t
1678 HttpHeaderEntry::getInt64() const
1679 {
1680 assert_eid (id);
1681 assert (Headers[id].type == ftInt64);
1682 int64_t val = -1;
1683 int ok = httpHeaderParseOffset(value.termedBuf(), &val);
1684 httpHeaderNoteParsedEntry(id, value, !ok);
1685 /* XXX: Should we check ok - ie
1686 * return ok ? -1 : value;
1687 */
1688 return val;
1689 }
1690
1691 static void
1692 httpHeaderNoteParsedEntry(http_hdr_type id, String const &context, int error)
1693 {
1694 ++ Headers[id].stat.parsCount;
1695
1696 if (error) {
1697 ++ Headers[id].stat.errCount;
1698 debugs(55, 2, "cannot parse hdr field: '" << Headers[id].name << ": " << context << "'");
1699 }
1700 }
1701
1702 /*
1703 * Reports
1704 */
1705
1706 /* tmp variable used to pass stat info to dumpers */
1707 extern const HttpHeaderStat *dump_stat; /* argh! */
1708 const HttpHeaderStat *dump_stat = NULL;
1709
1710 void
1711 httpHeaderFieldStatDumper(StoreEntry * sentry, int idx, double val, double size, int count)
1712 {
1713 const int id = (int) val;
1714 const int valid_id = id >= 0 && id < HDR_ENUM_END;
1715 const char *name = valid_id ? Headers[id].name.termedBuf() : "INVALID";
1716 int visible = count > 0;
1717 /* for entries with zero count, list only those that belong to current type of message */
1718
1719 if (!visible && valid_id && dump_stat->owner_mask)
1720 visible = CBIT_TEST(*dump_stat->owner_mask, id);
1721
1722 if (visible)
1723 storeAppendPrintf(sentry, "%2d\t %-20s\t %5d\t %6.2f\n",
1724 id, name, count, xdiv(count, dump_stat->busyDestroyedCount));
1725 }
1726
1727 static void
1728 httpHeaderFldsPerHdrDumper(StoreEntry * sentry, int idx, double val, double size, int count)
1729 {
1730 if (count)
1731 storeAppendPrintf(sentry, "%2d\t %5d\t %5d\t %6.2f\n",
1732 idx, (int) val, count,
1733 xpercent(count, dump_stat->destroyedCount));
1734 }
1735
1736 static void
1737 httpHeaderStatDump(const HttpHeaderStat * hs, StoreEntry * e)
1738 {
1739 assert(hs && e);
1740
1741 dump_stat = hs;
1742 storeAppendPrintf(e, "\nHeader Stats: %s\n", hs->label);
1743 storeAppendPrintf(e, "\nField type distribution\n");
1744 storeAppendPrintf(e, "%2s\t %-20s\t %5s\t %6s\n",
1745 "id", "name", "count", "#/header");
1746 hs->fieldTypeDistr.dump(e, httpHeaderFieldStatDumper);
1747 storeAppendPrintf(e, "\nCache-control directives distribution\n");
1748 storeAppendPrintf(e, "%2s\t %-20s\t %5s\t %6s\n",
1749 "id", "name", "count", "#/cc_field");
1750 hs->ccTypeDistr.dump(e, httpHdrCcStatDumper);
1751 storeAppendPrintf(e, "\nSurrogate-control directives distribution\n");
1752 storeAppendPrintf(e, "%2s\t %-20s\t %5s\t %6s\n",
1753 "id", "name", "count", "#/sc_field");
1754 hs->scTypeDistr.dump(e, httpHdrScStatDumper);
1755 storeAppendPrintf(e, "\nNumber of fields per header distribution\n");
1756 storeAppendPrintf(e, "%2s\t %-5s\t %5s\t %6s\n",
1757 "id", "#flds", "count", "%total");
1758 hs->hdrUCountDistr.dump(e, httpHeaderFldsPerHdrDumper);
1759 storeAppendPrintf(e, "\n");
1760 dump_stat = NULL;
1761 }
1762
1763 void
1764 httpHeaderStoreReport(StoreEntry * e)
1765 {
1766 int i;
1767 http_hdr_type ht;
1768 assert(e);
1769
1770 HttpHeaderStats[0].parsedCount =
1771 HttpHeaderStats[hoRequest].parsedCount + HttpHeaderStats[hoReply].parsedCount;
1772 HttpHeaderStats[0].ccParsedCount =
1773 HttpHeaderStats[hoRequest].ccParsedCount + HttpHeaderStats[hoReply].ccParsedCount;
1774 HttpHeaderStats[0].destroyedCount =
1775 HttpHeaderStats[hoRequest].destroyedCount + HttpHeaderStats[hoReply].destroyedCount;
1776 HttpHeaderStats[0].busyDestroyedCount =
1777 HttpHeaderStats[hoRequest].busyDestroyedCount + HttpHeaderStats[hoReply].busyDestroyedCount;
1778
1779 for (i = 1; i < HttpHeaderStatCount; ++i) {
1780 httpHeaderStatDump(HttpHeaderStats + i, e);
1781 }
1782
1783 /* field stats for all messages */
1784 storeAppendPrintf(e, "\nHttp Fields Stats (replies and requests)\n");
1785
1786 storeAppendPrintf(e, "%2s\t %-25s\t %5s\t %6s\t %6s\n",
1787 "id", "name", "#alive", "%err", "%repeat");
1788
1789 for (ht = (http_hdr_type)0; ht < HDR_ENUM_END; ++ht) {
1790 HttpHeaderFieldInfo *f = Headers + ht;
1791 storeAppendPrintf(e, "%2d\t %-25s\t %5d\t %6.3f\t %6.3f\n",
1792 f->id, f->name.termedBuf(), f->stat.aliveCount,
1793 xpercent(f->stat.errCount, f->stat.parsCount),
1794 xpercent(f->stat.repCount, f->stat.seenCount));
1795 }
1796
1797 storeAppendPrintf(e, "Headers Parsed: %d + %d = %d\n",
1798 HttpHeaderStats[hoRequest].parsedCount,
1799 HttpHeaderStats[hoReply].parsedCount,
1800 HttpHeaderStats[0].parsedCount);
1801 storeAppendPrintf(e, "Hdr Fields Parsed: %d\n", HeaderEntryParsedCount);
1802 }
1803
1804 http_hdr_type
1805 httpHeaderIdByName(const char *name, size_t name_len, const HttpHeaderFieldInfo * info, int end)
1806 {
1807 if (name_len > 0) {
1808 for (int i = 0; i < end; ++i) {
1809 if (name_len != info[i].name.size())
1810 continue;
1811
1812 if (!strncasecmp(name, info[i].name.rawBuf(), name_len))
1813 return info[i].id;
1814 }
1815 }
1816
1817 return HDR_BAD_HDR;
1818 }
1819
1820 http_hdr_type
1821 httpHeaderIdByNameDef(const char *name, int name_len)
1822 {
1823 if (!Headers)
1824 Headers = httpHeaderBuildFieldsInfo(HeadersAttrs, HDR_ENUM_END);
1825
1826 return httpHeaderIdByName(name, name_len, Headers, HDR_ENUM_END);
1827 }
1828
1829 const char *
1830 httpHeaderNameById(int id)
1831 {
1832 if (!Headers)
1833 Headers = httpHeaderBuildFieldsInfo(HeadersAttrs, HDR_ENUM_END);
1834
1835 assert(id >= 0 && id < HDR_ENUM_END);
1836
1837 return Headers[id].name.termedBuf();
1838 }
1839
1840 int
1841 HttpHeader::hasListMember(http_hdr_type id, const char *member, const char separator) const
1842 {
1843 int result = 0;
1844 const char *pos = NULL;
1845 const char *item;
1846 int ilen;
1847 int mlen = strlen(member);
1848
1849 assert(id >= 0);
1850
1851 String header (getStrOrList(id));
1852
1853 while (strListGetItem(&header, separator, &item, &ilen, &pos)) {
1854 if (strncasecmp(item, member, mlen) == 0
1855 && (item[mlen] == '=' || item[mlen] == separator || item[mlen] == ';' || item[mlen] == '\0')) {
1856 result = 1;
1857 break;
1858 }
1859 }
1860
1861 return result;
1862 }
1863
1864 int
1865 HttpHeader::hasByNameListMember(const char *name, const char *member, const char separator) const
1866 {
1867 int result = 0;
1868 const char *pos = NULL;
1869 const char *item;
1870 int ilen;
1871 int mlen = strlen(member);
1872
1873 assert(name);
1874
1875 String header (getByName(name));
1876
1877 while (strListGetItem(&header, separator, &item, &ilen, &pos)) {
1878 if (strncasecmp(item, member, mlen) == 0
1879 && (item[mlen] == '=' || item[mlen] == separator || item[mlen] == ';' || item[mlen] == '\0')) {
1880 result = 1;
1881 break;
1882 }
1883 }
1884
1885 return result;
1886 }
1887
1888 void
1889 HttpHeader::removeHopByHopEntries()
1890 {
1891 removeConnectionHeaderEntries();
1892
1893 const HttpHeaderEntry *e;
1894 HttpHeaderPos pos = HttpHeaderInitPos;
1895 int headers_deleted = 0;
1896 while ((e = getEntry(&pos))) {
1897 int id = e->id;
1898 if (CBIT_TEST(HopByHopHeadersMask, id)) {
1899 delAt(pos, headers_deleted);
1900 CBIT_CLR(mask, id);
1901 }
1902 }
1903 }
1904
1905 void
1906 HttpHeader::removeConnectionHeaderEntries()
1907 {
1908 if (has(HDR_CONNECTION)) {
1909 /* anything that matches Connection list member will be deleted */
1910 String strConnection;
1911
1912 (void) getList(HDR_CONNECTION, &strConnection);
1913 const HttpHeaderEntry *e;
1914 HttpHeaderPos pos = HttpHeaderInitPos;
1915 /*
1916 * think: on-average-best nesting of the two loops (hdrEntry
1917 * and strListItem) @?@
1918 */
1919 /*
1920 * maybe we should delete standard stuff ("keep-alive","close")
1921 * from strConnection first?
1922 */
1923
1924 int headers_deleted = 0;
1925 while ((e = getEntry(&pos))) {
1926 if (strListIsMember(&strConnection, e->name.termedBuf(), ','))
1927 delAt(pos, headers_deleted);
1928 }
1929 if (headers_deleted)
1930 refreshMask();
1931 }
1932 }
Mirror of https://github.com/squid-cache/squid.git