2 * Copyright (C) 1996-2014 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 /* DEBUG: section 93 ICAP (RFC 3507) Client */
12 #include "AccessLogEntry.h"
13 #include "adaptation/Answer.h"
14 #include "adaptation/History.h"
15 #include "adaptation/icap/Client.h"
16 #include "adaptation/icap/Config.h"
17 #include "adaptation/icap/History.h"
18 #include "adaptation/icap/Launcher.h"
19 #include "adaptation/icap/ModXact.h"
20 #include "adaptation/icap/ServiceRep.h"
21 #include "adaptation/Initiator.h"
22 #include "auth/UserRequest.h"
23 #include "base/TextException.h"
25 #include "ChunkedCodingParser.h"
27 #include "comm/Connection.h"
28 #include "err_detail_type.h"
29 #include "HttpHeaderTools.h"
31 #include "HttpReply.h"
32 #include "HttpRequest.h"
33 #include "SquidTime.h"
36 // flow and terminology:
37 // HTTP| --> receive --> encode --> write --> |network
38 // end | <-- send <-- parse <-- read <-- |end
40 // TODO: replace gotEncapsulated() with something faster; we call it often
42 CBDATA_NAMESPACED_CLASS_INIT(Adaptation::Icap
, ModXact
);
43 CBDATA_NAMESPACED_CLASS_INIT(Adaptation::Icap
, ModXactLauncher
);
45 static const size_t TheBackupLimit
= BodyPipe::MaxCapacity
;
47 Adaptation::Icap::ModXact::State::State()
49 memset(this, 0, sizeof(*this));
52 Adaptation::Icap::ModXact::ModXact(HttpMsg
*virginHeader
,
53 HttpRequest
*virginCause
, AccessLogEntry::Pointer
&alp
, Adaptation::Icap::ServiceRep::Pointer
&aService
):
54 AsyncJob("Adaptation::Icap::ModXact"),
55 Adaptation::Icap::Xaction("Adaptation::Icap::ModXact", aService
),
58 canStartBypass(false), // too early
59 protectGroupBypass(true),
60 replyHttpHeaderSize(-1),
61 replyHttpBodySize(-1),
67 virgin
.setHeader(virginHeader
); // sets virgin.body_pipe if needed
68 virgin
.setCause(virginCause
); // may be NULL
70 // adapted header and body are initialized when we parse them
72 // writing and reading ends are handled by Adaptation::Icap::Xaction
75 // nothing to do because we are using temporary buffers
77 // parsing; TODO: do not set until we parse, see ICAPOptXact
78 icapReply
= new HttpReply
;
79 icapReply
->protoPrefix
= "ICAP/"; // TODO: make an IcapReply class?
81 debugs(93,7, HERE
<< "initialized." << status());
84 // initiator wants us to start
85 void Adaptation::Icap::ModXact::start()
87 Adaptation::Icap::Xaction::start();
89 // reserve an adaptation history slot (attempts are known at this time)
90 Adaptation::History::Pointer ah
= virginRequest().adaptLogHistory();
92 adaptHistoryId
= ah
->recordXactStart(service().cfg().key
, icap_tr_start
, attempts
> 1);
94 estimateVirginBody(); // before virgin disappears!
96 canStartBypass
= service().cfg().bypass
;
98 // it is an ICAP violation to send request to a service w/o known OPTIONS
99 // and the service may is too busy for us: honor Max-Connections and such
100 if (service().up() && service().availableForNew())
106 void Adaptation::Icap::ModXact::waitForService()
109 Must(!state
.serviceWaiting
);
111 if (!service().up()) {
112 AsyncCall::Pointer call
= JobCallback(93,5,
113 ConnWaiterDialer
, this, Adaptation::Icap::ModXact::noteServiceReady
);
115 service().callWhenReady(call
);
116 comment
= "to be up";
118 //The service is unavailable because of max-connection or other reason
120 if (service().cfg().onOverload
!= srvWait
) {
121 // The service is overloaded, but waiting to be available prohibited by
122 // user configuration (onOverload is set to "block" or "bypass")
123 if (service().cfg().onOverload
== srvBlock
)
124 disableBypass("not available", true);
125 else //if (service().cfg().onOverload == srvBypass)
126 canStartBypass
= true;
129 disableRepeats("ICAP service is not available");
131 debugs(93, 7, HERE
<< "will not wait for the service to be available" <<
134 throw TexcHere("ICAP service is not available");
137 AsyncCall::Pointer call
= JobCallback(93,5,
138 ConnWaiterDialer
, this, Adaptation::Icap::ModXact::noteServiceAvailable
);
139 service().callWhenAvailable(call
, state
.waitedForService
);
140 comment
= "to be available";
143 debugs(93, 7, HERE
<< "will wait for the service " << comment
<< status());
144 state
.serviceWaiting
= true; // after callWhenReady() which may throw
145 state
.waitedForService
= true;
148 void Adaptation::Icap::ModXact::noteServiceReady()
150 Must(state
.serviceWaiting
);
151 state
.serviceWaiting
= false;
153 if (!service().up()) {
155 disableRepeats("ICAP service is unusable");
156 throw TexcHere("ICAP service is unusable");
159 if (service().availableForOld())
165 void Adaptation::Icap::ModXact::noteServiceAvailable()
167 Must(state
.serviceWaiting
);
168 state
.serviceWaiting
= false;
170 if (service().up() && service().availableForOld())
176 void Adaptation::Icap::ModXact::startWriting()
178 state
.writing
= State::writingConnect
;
180 decideOnPreview(); // must be decided before we decideOnRetries
186 // connection with the ICAP service established
187 void Adaptation::Icap::ModXact::handleCommConnected()
189 Must(state
.writing
== State::writingConnect
);
191 startReading(); // wait for early errors from the ICAP server
196 makeRequestHeaders(requestBuf
);
197 debugs(93, 9, HERE
<< "will write" << status() << ":\n" <<
198 (requestBuf
.terminate(), requestBuf
.content()));
201 state
.writing
= State::writingHeaders
;
202 icap_tio_start
= current_time
;
203 scheduleWrite(requestBuf
);
206 void Adaptation::Icap::ModXact::handleCommWrote(size_t sz
)
208 debugs(93, 5, HERE
<< "Wrote " << sz
<< " bytes");
210 if (state
.writing
== State::writingHeaders
)
211 handleCommWroteHeaders();
213 handleCommWroteBody();
216 void Adaptation::Icap::ModXact::handleCommWroteHeaders()
218 Must(state
.writing
== State::writingHeaders
);
220 // determine next step
221 if (preview
.enabled()) {
223 decideWritingAfterPreview("zero-size");
225 state
.writing
= State::writingPreview
;
226 } else if (virginBody
.expected()) {
227 state
.writing
= State::writingPrime
;
236 void Adaptation::Icap::ModXact::writeMore()
238 debugs(93, 5, HERE
<< "checking whether to write more" << status());
240 if (writer
!= NULL
) // already writing something
243 switch (state
.writing
) {
245 case State::writingInit
: // waiting for service OPTIONS
246 Must(state
.serviceWaiting
);
248 case State::writingConnect
: // waiting for the connection to establish
250 case State::writingHeaders
: // waiting for the headers to be written
252 case State::writingPaused
: // waiting for the ICAP server response
254 case State::writingReallyDone
: // nothing more to write
257 case State::writingAlmostDone
: // was waiting for the last write
261 case State::writingPreview
:
265 case State::writingPrime
:
270 throw TexcHere("Adaptation::Icap::ModXact in bad writing state");
274 void Adaptation::Icap::ModXact::writePreviewBody()
276 debugs(93, 8, HERE
<< "will write Preview body from " <<
277 virgin
.body_pipe
<< status());
278 Must(state
.writing
== State::writingPreview
);
279 Must(virgin
.body_pipe
!= NULL
);
281 const size_t sizeMax
= (size_t)virgin
.body_pipe
->buf().contentSize();
282 const size_t size
= min(preview
.debt(), sizeMax
);
283 writeSomeBody("preview body", size
);
285 // change state once preview is written
288 decideWritingAfterPreview("body");
291 /// determine state.writing after we wrote the entire preview
292 void Adaptation::Icap::ModXact::decideWritingAfterPreview(const char *kind
)
294 if (preview
.ieof()) // nothing more to write
296 else if (state
.parsing
== State::psIcapHeader
) // did not get a reply yet
297 state
.writing
= State::writingPaused
; // wait for the ICAP server reply
299 stopWriting(true); // ICAP server reply implies no post-preview writing
301 debugs(93, 6, HERE
<< "decided on writing after " << kind
<< " preview" <<
305 void Adaptation::Icap::ModXact::writePrimeBody()
307 Must(state
.writing
== State::writingPrime
);
308 Must(virginBodyWriting
.active());
310 const size_t size
= (size_t)virgin
.body_pipe
->buf().contentSize();
311 writeSomeBody("prime virgin body", size
);
313 if (virginBodyEndReached(virginBodyWriting
)) {
314 debugs(93, 5, HERE
<< "wrote entire body");
319 void Adaptation::Icap::ModXact::writeSomeBody(const char *label
, size_t size
)
321 Must(!writer
&& state
.writing
< state
.writingAlmostDone
);
322 Must(virgin
.body_pipe
!= NULL
);
323 debugs(93, 8, HERE
<< "will write up to " << size
<< " bytes of " <<
326 MemBuf writeBuf
; // TODO: suggest a min size based on size and lastChunk
328 writeBuf
.init(); // note: we assume that last-chunk will fit
330 const size_t writableSize
= virginContentSize(virginBodyWriting
);
331 const size_t chunkSize
= min(writableSize
, size
);
334 debugs(93, 7, HERE
<< "will write " << chunkSize
<<
335 "-byte chunk of " << label
);
337 openChunk(writeBuf
, chunkSize
, false);
338 writeBuf
.append(virginContentData(virginBodyWriting
), chunkSize
);
339 closeChunk(writeBuf
);
341 virginBodyWriting
.progress(chunkSize
);
344 debugs(93, 7, HERE
<< "has no writable " << label
<< " content");
347 const bool wroteEof
= virginBodyEndReached(virginBodyWriting
);
348 bool lastChunk
= wroteEof
;
349 if (state
.writing
== State::writingPreview
) {
350 preview
.wrote(chunkSize
, wroteEof
); // even if wrote nothing
351 lastChunk
= lastChunk
|| preview
.done();
355 debugs(93, 8, HERE
<< "will write last-chunk of " << label
);
356 addLastRequestChunk(writeBuf
);
359 debugs(93, 7, HERE
<< "will write " << writeBuf
.contentSize()
360 << " raw bytes of " << label
);
362 if (writeBuf
.hasContent()) {
363 scheduleWrite(writeBuf
); // comm will free the chunk
369 void Adaptation::Icap::ModXact::addLastRequestChunk(MemBuf
&buf
)
371 const bool ieof
= state
.writing
== State::writingPreview
&& preview
.ieof();
372 openChunk(buf
, 0, ieof
);
376 void Adaptation::Icap::ModXact::openChunk(MemBuf
&buf
, size_t chunkSize
, bool ieof
)
378 buf
.Printf((ieof
? "%x; ieof\r\n" : "%x\r\n"), (int) chunkSize
);
381 void Adaptation::Icap::ModXact::closeChunk(MemBuf
&buf
)
383 buf
.append(ICAP::crlf
, 2); // chunk-terminating CRLF
386 const HttpRequest
&Adaptation::Icap::ModXact::virginRequest() const
388 const HttpRequest
*request
= virgin
.cause
?
389 virgin
.cause
: dynamic_cast<const HttpRequest
*>(virgin
.header
);
394 // did the activity reached the end of the virgin body?
395 bool Adaptation::Icap::ModXact::virginBodyEndReached(const Adaptation::Icap::VirginBodyAct
&act
) const
398 !act
.active() || // did all (assuming it was originally planned)
399 !virgin
.body_pipe
->expectMoreAfter(act
.offset()); // wont have more
402 // the size of buffered virgin body data available for the specified activity
403 // if this size is zero, we may be done or may be waiting for more data
404 size_t Adaptation::Icap::ModXact::virginContentSize(const Adaptation::Icap::VirginBodyAct
&act
) const
407 // asbolute start of unprocessed data
408 const uint64_t dataStart
= act
.offset();
409 // absolute end of buffered data
410 const uint64_t dataEnd
= virginConsumed
+ virgin
.body_pipe
->buf().contentSize();
411 Must(virginConsumed
<= dataStart
&& dataStart
<= dataEnd
);
412 return static_cast<size_t>(dataEnd
- dataStart
);
415 // pointer to buffered virgin body data available for the specified activity
416 const char *Adaptation::Icap::ModXact::virginContentData(const Adaptation::Icap::VirginBodyAct
&act
) const
419 const uint64_t dataStart
= act
.offset();
420 Must(virginConsumed
<= dataStart
);
421 return virgin
.body_pipe
->buf().content() + static_cast<size_t>(dataStart
-virginConsumed
);
424 void Adaptation::Icap::ModXact::virginConsume()
426 debugs(93, 9, HERE
<< "consumption guards: " << !virgin
.body_pipe
<< isRetriable
<<
427 isRepeatable
<< canStartBypass
<< protectGroupBypass
);
429 if (!virgin
.body_pipe
)
430 return; // nothing to consume
433 return; // do not consume if we may have to retry later
435 BodyPipe
&bp
= *virgin
.body_pipe
;
436 const bool wantToPostpone
= isRepeatable
|| canStartBypass
|| protectGroupBypass
;
438 // Why > 2? HttpState does not use the last bytes in the buffer
439 // because delayAwareRead() is arguably broken. See
440 // HttpStateData::maybeReadVirginBody for more details.
441 if (wantToPostpone
&& bp
.buf().spaceSize() > 2) {
442 // Postponing may increase memory footprint and slow the HTTP side
443 // down. Not postponing may increase the number of ICAP errors
444 // if the ICAP service fails. We may also use "potential" space to
445 // postpone more aggressively. Should the trade-off be configurable?
446 debugs(93, 8, HERE
<< "postponing consumption from " << bp
.status());
450 const size_t have
= static_cast<size_t>(bp
.buf().contentSize());
451 const uint64_t end
= virginConsumed
+ have
;
452 uint64_t offset
= end
;
454 debugs(93, 9, HERE
<< "max virgin consumption offset=" << offset
<<
455 " acts " << virginBodyWriting
.active() << virginBodySending
.active() <<
456 " consumed=" << virginConsumed
<<
457 " from " << virgin
.body_pipe
->status());
459 if (virginBodyWriting
.active())
460 offset
= min(virginBodyWriting
.offset(), offset
);
462 if (virginBodySending
.active())
463 offset
= min(virginBodySending
.offset(), offset
);
465 Must(virginConsumed
<= offset
&& offset
<= end
);
467 if (const size_t size
= static_cast<size_t>(offset
- virginConsumed
)) {
468 debugs(93, 8, HERE
<< "consuming " << size
<< " out of " << have
<<
469 " virgin body bytes");
471 virginConsumed
+= size
;
472 Must(!isRetriable
); // or we should not be consuming
473 disableRepeats("consumed content");
474 disableBypass("consumed content", true);
478 void Adaptation::Icap::ModXact::handleCommWroteBody()
483 // Called when we do not expect to call comm_write anymore.
484 // We may have a pending write though.
485 // If stopping nicely, we will just wait for that pending write, if any.
486 void Adaptation::Icap::ModXact::stopWriting(bool nicely
)
488 if (state
.writing
== State::writingReallyDone
)
491 if (writer
!= NULL
) {
493 debugs(93, 7, HERE
<< "will wait for the last write" << status());
494 state
.writing
= State::writingAlmostDone
; // may already be set
498 debugs(93, 3, HERE
<< "will NOT wait for the last write" << status());
500 // Comm does not have an interface to clear the writer callback nicely,
501 // but without clearing the writer we cannot recycle the connection.
502 // We prevent connection reuse and hope that we can handle a callback
503 // call at any time, usually in the middle of the destruction sequence!
504 // Somebody should add comm_remove_write_handler() to comm API.
505 reuseConnection
= false;
506 ignoreLastWrite
= true;
509 debugs(93, 7, HERE
<< "will no longer write" << status());
510 if (virginBodyWriting
.active()) {
511 virginBodyWriting
.disable();
514 state
.writing
= State::writingReallyDone
;
518 void Adaptation::Icap::ModXact::stopBackup()
520 if (!virginBodySending
.active())
523 debugs(93, 7, HERE
<< "will no longer backup" << status());
524 virginBodySending
.disable();
528 bool Adaptation::Icap::ModXact::doneAll() const
530 return Adaptation::Icap::Xaction::doneAll() && !state
.serviceWaiting
&&
532 doneReading() && state
.doneWriting();
535 void Adaptation::Icap::ModXact::startReading()
537 Must(haveConnection());
539 Must(!adapted
.header
);
540 Must(!adapted
.body_pipe
);
542 // we use the same buffer for headers and body and then consume headers
546 void Adaptation::Icap::ModXact::readMore()
548 if (reader
!= NULL
|| doneReading()) {
549 debugs(93,3,HERE
<< "returning from readMore because reader or doneReading()");
553 // do not fill readBuf if we have no space to store the result
554 if (adapted
.body_pipe
!= NULL
&&
555 !adapted
.body_pipe
->buf().hasPotentialSpace()) {
556 debugs(93,3,HERE
<< "not reading because ICAP reply pipe is full");
560 if (readBuf
.hasSpace())
563 debugs(93,3,HERE
<< "nothing to do because !readBuf.hasSpace()");
566 // comm module read a portion of the ICAP response for us
567 void Adaptation::Icap::ModXact::handleCommRead(size_t)
569 Must(!state
.doneParsing());
570 icap_tio_finish
= current_time
;
575 void Adaptation::Icap::ModXact::echoMore()
577 Must(state
.sending
== State::sendingVirgin
);
578 Must(adapted
.body_pipe
!= NULL
);
579 Must(virginBodySending
.active());
581 const size_t sizeMax
= virginContentSize(virginBodySending
);
582 debugs(93,5, HERE
<< "will echo up to " << sizeMax
<< " bytes from " <<
583 virgin
.body_pipe
->status());
584 debugs(93,5, HERE
<< "will echo up to " << sizeMax
<< " bytes to " <<
585 adapted
.body_pipe
->status());
588 const size_t size
= adapted
.body_pipe
->putMoreData(virginContentData(virginBodySending
), sizeMax
);
589 debugs(93,5, HERE
<< "echoed " << size
<< " out of " << sizeMax
<<
591 virginBodySending
.progress(size
);
592 disableRepeats("echoed content");
593 disableBypass("echoed content", true);
597 if (virginBodyEndReached(virginBodySending
)) {
598 debugs(93, 5, HERE
<< "echoed all" << status());
601 debugs(93, 5, HERE
<< "has " <<
602 virgin
.body_pipe
->buf().contentSize() << " bytes " <<
603 "and expects more to echo" << status());
604 // TODO: timeout if virgin or adapted pipes are broken
608 bool Adaptation::Icap::ModXact::doneSending() const
610 return state
.sending
== State::sendingDone
;
613 // stop (or do not start) sending adapted message body
614 void Adaptation::Icap::ModXact::stopSending(bool nicely
)
616 debugs(93, 7, HERE
<< "Enter stop sending ");
619 debugs(93, 7, HERE
<< "Proceed with stop sending ");
621 if (state
.sending
!= State::sendingUndecided
) {
622 debugs(93, 7, HERE
<< "will no longer send" << status());
623 if (adapted
.body_pipe
!= NULL
) {
624 virginBodySending
.disable();
625 // we may leave debts if we were echoing and the virgin
626 // body_pipe got exhausted before we echoed all planned bytes
627 const bool leftDebts
= adapted
.body_pipe
->needsMoreData();
628 stopProducingFor(adapted
.body_pipe
, nicely
&& !leftDebts
);
631 debugs(93, 7, HERE
<< "will not start sending" << status());
632 Must(!adapted
.body_pipe
);
635 state
.sending
= State::sendingDone
;
639 // should be called after certain state.writing or state.sending changes
640 void Adaptation::Icap::ModXact::checkConsuming()
642 // quit if we already stopped or are still using the pipe
643 if (!virgin
.body_pipe
|| !state
.doneConsumingVirgin())
646 debugs(93, 7, HERE
<< "will stop consuming" << status());
647 stopConsumingFrom(virgin
.body_pipe
);
650 void Adaptation::Icap::ModXact::parseMore()
652 debugs(93, 5, HERE
<< "have " << readBuf
.contentSize() << " bytes to parse" <<
654 debugs(93, 5, HERE
<< "\n" << readBuf
.content());
656 if (state
.parsingHeaders())
659 if (state
.parsing
== State::psBody
)
663 void Adaptation::Icap::ModXact::callException(const std::exception
&e
)
665 if (!canStartBypass
|| isRetriable
) {
667 if (const TextException
*te
= dynamic_cast<const TextException
*>(&e
))
668 detailError(ERR_DETAIL_EXCEPTION_START
+ te
->id());
670 detailError(ERR_DETAIL_EXCEPTION_OTHER
);
672 Adaptation::Icap::Xaction::callException(e
);
677 debugs(93, 3, HERE
<< "bypassing " << inCall
<< " exception: " <<
678 e
.what() << ' ' << status());
680 } catch (const TextException
&bypassTe
) {
681 detailError(ERR_DETAIL_EXCEPTION_START
+ bypassTe
.id());
682 Adaptation::Icap::Xaction::callException(bypassTe
);
683 } catch (const std::exception
&bypassE
) {
684 detailError(ERR_DETAIL_EXCEPTION_OTHER
);
685 Adaptation::Icap::Xaction::callException(bypassE
);
689 void Adaptation::Icap::ModXact::bypassFailure()
691 disableBypass("already started to bypass", false);
693 Must(!isRetriable
); // or we should not be bypassing
694 // TODO: should the same be enforced for isRepeatable? Check icap_repeat??
700 // end all activities associated with the ICAP server
704 stopWriting(true); // or should we force it?
705 if (haveConnection()) {
706 reuseConnection
= false; // be conservative
707 cancelRead(); // may not work; and we cannot stop connecting either
709 debugs(93, 7, HERE
<< "Warning: bypass failed to stop I/O" << status());
712 service().noteFailure(); // we are bypassing, but this is still a failure
715 void Adaptation::Icap::ModXact::disableBypass(const char *reason
, bool includingGroupBypass
)
717 if (canStartBypass
) {
718 debugs(93,7, HERE
<< "will never start bypass because " << reason
);
719 canStartBypass
= false;
721 if (protectGroupBypass
&& includingGroupBypass
) {
722 debugs(93,7, HERE
<< "not protecting group bypass because " << reason
);
723 protectGroupBypass
= false;
727 // note that allocation for echoing is done in handle204NoContent()
728 void Adaptation::Icap::ModXact::maybeAllocateHttpMsg()
730 if (adapted
.header
) // already allocated
733 if (gotEncapsulated("res-hdr")) {
734 adapted
.setHeader(new HttpReply
);
735 setOutcome(service().cfg().method
== ICAP::methodReqmod
?
736 xoSatisfied
: xoModified
);
737 } else if (gotEncapsulated("req-hdr")) {
738 adapted
.setHeader(new HttpRequest
);
739 setOutcome(xoModified
);
741 throw TexcHere("Neither res-hdr nor req-hdr in maybeAllocateHttpMsg()");
744 void Adaptation::Icap::ModXact::parseHeaders()
746 Must(state
.parsingHeaders());
748 if (state
.parsing
== State::psIcapHeader
) {
749 debugs(93, 5, HERE
<< "parse ICAP headers");
753 if (state
.parsing
== State::psHttpHeader
) {
754 debugs(93, 5, HERE
<< "parse HTTP headers");
758 if (state
.parsingHeaders()) { // need more data
766 // called after parsing all headers or when bypassing an exception
767 void Adaptation::Icap::ModXact::startSending()
769 disableRepeats("sent headers");
770 disableBypass("sent headers", true);
771 sendAnswer(Answer::Forward(adapted
.header
));
773 if (state
.sending
== State::sendingVirgin
)
777 void Adaptation::Icap::ModXact::parseIcapHead()
779 Must(state
.sending
== State::sendingUndecided
);
781 if (!parseHead(icapReply
.getRaw()))
784 if (httpHeaderHasConnDir(&icapReply
->header
, "close")) {
785 debugs(93, 5, HERE
<< "found connection close");
786 reuseConnection
= false;
789 switch (icapReply
->sline
.status()) {
791 case Http::scContinue
:
796 case Http::scCreated
: // Symantec Scan Engine 5.0 and later when modifying HTTP msg
798 if (!validate200Ok()) {
799 throw TexcHere("Invalid ICAP Response");
806 case Http::scNoContent
:
807 handle204NoContent();
810 case Http::scPartialContent
:
811 handle206PartialContent();
815 debugs(93, 5, "ICAP status " << icapReply
->sline
.status());
816 handleUnknownScode();
820 const HttpRequest
*request
= dynamic_cast<HttpRequest
*>(adapted
.header
);
822 request
= &virginRequest();
824 // update the cross-transactional database if needed (all status codes!)
825 if (const char *xxName
= Adaptation::Config::masterx_shared_name
) {
826 Adaptation::History::Pointer ah
= request
->adaptHistory(true);
827 if (ah
!= NULL
) { // TODO: reorder checks to avoid creating history
828 const String val
= icapReply
->header
.getByName(xxName
);
829 if (val
.size() > 0) // XXX: HttpHeader lacks empty value detection
830 ah
->updateXxRecord(xxName
, val
);
834 // update the adaptation plan if needed (all status codes!)
835 if (service().cfg().routing
) {
837 if (icapReply
->header
.getList(HDR_X_NEXT_SERVICES
, &services
)) {
838 Adaptation::History::Pointer ah
= request
->adaptHistory(true);
840 ah
->updateNextServices(services
);
842 } // TODO: else warn (occasionally!) if we got HDR_X_NEXT_SERVICES
844 // We need to store received ICAP headers for <icapLastHeader logformat option.
845 // If we already have stored headers from previous ICAP transaction related to this
846 // request, old headers will be replaced with the new one.
848 Adaptation::History::Pointer ah
= request
->adaptLogHistory();
850 ah
->recordMeta(&icapReply
->header
);
852 // handle100Continue() manages state.writing on its own.
853 // Non-100 status means the server needs no postPreview data from us.
854 if (state
.writing
== State::writingPaused
)
858 bool Adaptation::Icap::ModXact::validate200Ok()
860 if (ICAP::methodRespmod
== service().cfg().method
) {
861 if (!gotEncapsulated("res-hdr"))
867 if (ICAP::methodReqmod
== service().cfg().method
) {
868 if (!gotEncapsulated("res-hdr") && !gotEncapsulated("req-hdr"))
877 void Adaptation::Icap::ModXact::handle100Continue()
879 Must(state
.writing
== State::writingPaused
);
880 // server must not respond before the end of preview: we may send ieof
881 Must(preview
.enabled() && preview
.done() && !preview
.ieof());
883 // 100 "Continue" cancels our Preview commitment,
884 // but not commitment to handle 204 or 206 outside Preview
885 if (!state
.allowedPostview204
&& !state
.allowedPostview206
)
888 state
.parsing
= State::psIcapHeader
; // eventually
891 state
.writing
= State::writingPrime
;
896 void Adaptation::Icap::ModXact::handle200Ok()
898 state
.parsing
= State::psHttpHeader
;
899 state
.sending
= State::sendingAdapted
;
904 void Adaptation::Icap::ModXact::handle204NoContent()
910 void Adaptation::Icap::ModXact::handle206PartialContent()
912 if (state
.writing
== State::writingPaused
) {
913 Must(preview
.enabled());
914 Must(state
.allowedPreview206
);
915 debugs(93, 7, HERE
<< "206 inside preview");
917 Must(state
.writing
> State::writingPaused
);
918 Must(state
.allowedPostview206
);
919 debugs(93, 7, HERE
<< "206 outside preview");
921 state
.parsing
= State::psHttpHeader
;
922 state
.sending
= State::sendingAdapted
;
923 state
.readyForUob
= true;
927 // Called when we receive a 204 No Content response and
928 // when we are trying to bypass a service failure.
929 // We actually start sending (echoig or not) in startSending.
930 void Adaptation::Icap::ModXact::prepEchoing()
932 disableRepeats("preparing to echo content");
933 disableBypass("preparing to echo content", true);
936 // We want to clone the HTTP message, but we do not want
937 // to copy some non-HTTP state parts that HttpMsg kids carry in them.
938 // Thus, we cannot use a smart pointer, copy constructor, or equivalent.
939 // Instead, we simply write the HTTP message and "clone" it by parsing.
940 // TODO: use HttpMsg::clone()!
942 HttpMsg
*oldHead
= virgin
.header
;
943 debugs(93, 7, HERE
<< "cloning virgin message " << oldHead
);
947 // write the virgin message into a memory buffer
949 packHead(httpBuf
, oldHead
);
951 // allocate the adapted message and copy metainfo
952 Must(!adapted
.header
);
954 HttpMsg::Pointer newHead
;
955 if (dynamic_cast<const HttpRequest
*>(oldHead
)) {
956 newHead
= new HttpRequest
;
957 } else if (dynamic_cast<const HttpReply
*>(oldHead
)) {
958 newHead
= new HttpReply
;
960 Must(newHead
!= NULL
);
962 newHead
->inheritProperties(oldHead
);
964 adapted
.setHeader(newHead
.getRaw());
967 // parse the buffer back
968 Http::StatusCode error
= Http::scNone
;
970 Must(adapted
.header
->parse(&httpBuf
, true, &error
));
972 if (HttpRequest
*r
= dynamic_cast<HttpRequest
*>(adapted
.header
))
973 urlCanonical(r
); // parse does not set HttpRequest::canonical
975 Must(adapted
.header
->hdr_sz
== httpBuf
.contentSize()); // no leftovers
979 debugs(93, 7, HERE
<< "cloned virgin message " << oldHead
<< " to " <<
982 // setup adapted body pipe if needed
983 if (oldHead
->body_pipe
!= NULL
) {
984 debugs(93, 7, HERE
<< "will echo virgin body from " <<
986 if (!virginBodySending
.active())
987 virginBodySending
.plan(); // will throw if not possible
988 state
.sending
= State::sendingVirgin
;
991 // TODO: optimize: is it possible to just use the oldHead pipe and
992 // remove ICAP from the loop? This echoing is probably a common case!
993 makeAdaptedBodyPipe("echoed virgin response");
994 if (oldHead
->body_pipe
->bodySizeKnown())
995 adapted
.body_pipe
->setBodySize(oldHead
->body_pipe
->bodySize());
996 debugs(93, 7, HERE
<< "will echo virgin body to " <<
999 debugs(93, 7, HERE
<< "no virgin body to echo");
1004 /// Called when we received use-original-body chunk extension in 206 response.
1005 /// We actually start sending (echoing or not) in startSending().
1006 void Adaptation::Icap::ModXact::prepPartialBodyEchoing(uint64_t pos
)
1008 Must(virginBodySending
.active());
1009 Must(virgin
.header
->body_pipe
!= NULL
);
1011 setOutcome(xoPartEcho
);
1013 debugs(93, 7, HERE
<< "will echo virgin body suffix from " <<
1014 virgin
.header
->body_pipe
<< " offset " << pos
);
1016 // check that use-original-body=N does not point beyond buffered data
1017 const uint64_t virginDataEnd
= virginConsumed
+
1018 virgin
.body_pipe
->buf().contentSize();
1019 Must(pos
<= virginDataEnd
);
1020 virginBodySending
.progress(static_cast<size_t>(pos
));
1022 state
.sending
= State::sendingVirgin
;
1025 if (virgin
.header
->body_pipe
->bodySizeKnown())
1026 adapted
.body_pipe
->expectProductionEndAfter(virgin
.header
->body_pipe
->bodySize() - pos
);
1028 debugs(93, 7, HERE
<< "will echo virgin body suffix to " <<
1031 // Start echoing data
1035 void Adaptation::Icap::ModXact::handleUnknownScode()
1039 // TODO: mark connection as "bad"
1041 // Terminate the transaction; we do not know how to handle this response.
1042 throw TexcHere("Unsupported ICAP status code");
1045 void Adaptation::Icap::ModXact::parseHttpHead()
1047 if (gotEncapsulated("res-hdr") || gotEncapsulated("req-hdr")) {
1048 replyHttpHeaderSize
= 0;
1049 maybeAllocateHttpMsg();
1051 if (!parseHead(adapted
.header
))
1052 return; // need more header data
1055 replyHttpHeaderSize
= adapted
.header
->hdr_sz
;
1057 if (dynamic_cast<HttpRequest
*>(adapted
.header
)) {
1058 const HttpRequest
*oldR
= dynamic_cast<const HttpRequest
*>(virgin
.header
);
1060 // TODO: the adapted request did not really originate from the
1061 // client; give proxy admin an option to prevent copying of
1062 // sensitive client information here. See the following thread:
1063 // http://www.squid-cache.org/mail-archive/squid-dev/200703/0040.html
1066 // Maybe adapted.header==NULL if HttpReply and have Http 0.9 ....
1068 adapted
.header
->inheritProperties(virgin
.header
);
1071 decideOnParsingBody();
1074 // parses both HTTP and ICAP headers
1075 bool Adaptation::Icap::ModXact::parseHead(HttpMsg
*head
)
1078 debugs(93, 5, HERE
<< "have " << readBuf
.contentSize() << " head bytes to parse" <<
1079 "; state: " << state
.parsing
);
1081 Http::StatusCode error
= Http::scNone
;
1082 const bool parsed
= head
->parse(&readBuf
, commEof
, &error
);
1083 Must(parsed
|| !error
); // success or need more data
1085 if (!parsed
) { // need more data
1086 debugs(93, 5, HERE
<< "parse failed, need more data, return false");
1091 if (HttpRequest
*r
= dynamic_cast<HttpRequest
*>(head
))
1092 urlCanonical(r
); // parse does not set HttpRequest::canonical
1094 debugs(93, 5, HERE
<< "parse success, consume " << head
->hdr_sz
<< " bytes, return true");
1095 readBuf
.consume(head
->hdr_sz
);
1099 void Adaptation::Icap::ModXact::decideOnParsingBody()
1101 if (gotEncapsulated("res-body") || gotEncapsulated("req-body")) {
1102 debugs(93, 5, HERE
<< "expecting a body");
1103 state
.parsing
= State::psBody
;
1104 replyHttpBodySize
= 0;
1105 bodyParser
= new ChunkedCodingParser
;
1106 makeAdaptedBodyPipe("adapted response from the ICAP server");
1107 Must(state
.sending
== State::sendingAdapted
);
1109 debugs(93, 5, HERE
<< "not expecting a body");
1115 void Adaptation::Icap::ModXact::parseBody()
1117 Must(state
.parsing
== State::psBody
);
1120 debugs(93, 5, HERE
<< "have " << readBuf
.contentSize() << " body bytes to parse");
1122 // the parser will throw on errors
1123 BodyPipeCheckout
bpc(*adapted
.body_pipe
);
1124 const bool parsed
= bodyParser
->parse(&readBuf
, &bpc
.buf
);
1127 debugs(93, 5, HERE
<< "have " << readBuf
.contentSize() << " body bytes after " <<
1128 "parse; parsed all: " << parsed
);
1129 replyHttpBodySize
+= adapted
.body_pipe
->buf().contentSize();
1131 // TODO: expose BodyPipe::putSize() to make this check simpler and clearer
1132 // TODO: do we really need this if we disable when sending headers?
1133 if (adapted
.body_pipe
->buf().contentSize() > 0) { // parsed something sometime
1134 disableRepeats("sent adapted content");
1135 disableBypass("sent adapted content", true);
1139 if (state
.readyForUob
&& bodyParser
->useOriginBody
>= 0) {
1140 prepPartialBodyEchoing(
1141 static_cast<uint64_t>(bodyParser
->useOriginBody
));
1147 stopSending(true); // the parser succeeds only if all parsed data fits
1151 debugs(93,3,HERE
<< this << " needsMoreData = " << bodyParser
->needsMoreData());
1153 if (bodyParser
->needsMoreData()) {
1154 debugs(93,3,HERE
<< this);
1155 Must(mayReadMore());
1159 if (bodyParser
->needsMoreSpace()) {
1160 Must(!doneSending()); // can hope for more space
1161 Must(adapted
.body_pipe
->buf().contentSize() > 0); // paranoid
1162 // TODO: there should be a timeout in case the sink is broken
1163 // or cannot consume partial content (while we need more space)
1167 void Adaptation::Icap::ModXact::stopParsing()
1169 if (state
.parsing
== State::psDone
)
1172 debugs(93, 7, HERE
<< "will no longer parse" << status());
1178 state
.parsing
= State::psDone
;
1181 // HTTP side added virgin body data
1182 void Adaptation::Icap::ModXact::noteMoreBodyDataAvailable(BodyPipe::Pointer
)
1186 if (state
.sending
== State::sendingVirgin
)
1190 // HTTP side sent us all virgin info
1191 void Adaptation::Icap::ModXact::noteBodyProductionEnded(BodyPipe::Pointer
)
1193 Must(virgin
.body_pipe
->productionEnded());
1195 // push writer and sender in case we were waiting for the last-chunk
1198 if (state
.sending
== State::sendingVirgin
)
1202 // body producer aborted, but the initiator may still want to know
1203 // the answer, even though the HTTP message has been truncated
1204 void Adaptation::Icap::ModXact::noteBodyProducerAborted(BodyPipe::Pointer
)
1206 Must(virgin
.body_pipe
->productionEnded());
1208 // push writer and sender in case we were waiting for the last-chunk
1211 if (state
.sending
== State::sendingVirgin
)
1215 // adapted body consumer wants more adapted data and
1216 // possibly freed some buffer space
1217 void Adaptation::Icap::ModXact::noteMoreBodySpaceAvailable(BodyPipe::Pointer
)
1219 if (state
.sending
== State::sendingVirgin
)
1221 else if (state
.sending
== State::sendingAdapted
)
1224 Must(state
.sending
== State::sendingUndecided
);
1227 // adapted body consumer aborted
1228 void Adaptation::Icap::ModXact::noteBodyConsumerAborted(BodyPipe::Pointer
)
1230 detailError(ERR_DETAIL_ICAP_XACT_BODY_CONSUMER_ABORT
);
1231 mustStop("adapted body consumer aborted");
1234 Adaptation::Icap::ModXact::~ModXact()
1240 void Adaptation::Icap::ModXact::swanSong()
1242 debugs(93, 5, HERE
<< "swan sings" << status());
1247 if (theInitiator
.set()) // we have not sent the answer to the initiator
1248 detailError(ERR_DETAIL_ICAP_XACT_OTHER
);
1250 // update adaptation history if start was called and we reserved a slot
1251 Adaptation::History::Pointer ah
= virginRequest().adaptLogHistory();
1252 if (ah
!= NULL
&& adaptHistoryId
>= 0)
1253 ah
->recordXactFinish(adaptHistoryId
);
1255 Adaptation::Icap::Xaction::swanSong();
1258 void prepareLogWithRequestDetails(HttpRequest
*, AccessLogEntry::Pointer
&);
1260 void Adaptation::Icap::ModXact::finalizeLogInfo()
1262 HttpRequest
* request_
= NULL
;
1263 HttpRequest
* adapted_request_
= NULL
;
1264 HttpReply
* reply_
= NULL
;
1265 request_
= (virgin
.cause
? virgin
.cause
: dynamic_cast<HttpRequest
*>(virgin
.header
));
1266 if (!(adapted_request_
= dynamic_cast<HttpRequest
*>(adapted
.header
))) {
1267 adapted_request_
= request_
;
1268 reply_
= dynamic_cast<HttpReply
*>(adapted
.header
);
1271 Adaptation::Icap::History::Pointer h
= (request_
? request_
->icapHistory() : NULL
);
1272 Must(h
!= NULL
); // ICAPXaction::maybeLog calls only if there is a log
1273 al
.icp
.opcode
= ICP_INVALID
;
1274 al
.url
= h
->log_uri
.termedBuf();
1275 const Adaptation::Icap::ServiceRep
&s
= service();
1276 al
.icap
.reqMethod
= s
.cfg().method
;
1278 al
.cache
.caddr
= request_
->client_addr
;
1280 al
.request
= request_
;
1281 HTTPMSGLOCK(al
.request
);
1282 al
.adapted_request
= adapted_request_
;
1283 HTTPMSGLOCK(al
.adapted_request
);
1287 HTTPMSGLOCK(al
.reply
);
1291 if (h
->rfc931
.size())
1292 al
.cache
.rfc931
= h
->rfc931
.termedBuf();
1295 if (h
->ssluser
.size())
1296 al
.cache
.ssluser
= h
->ssluser
.termedBuf();
1298 al
.cache
.code
= h
->logType
;
1299 // XXX: should use icap-specific counters instead ?
1300 al
.http
.clientRequestSz
.payloadData
= h
->req_sz
;
1302 // leave al.icap.bodyBytesRead negative if no body
1303 if (replyHttpHeaderSize
>= 0 || replyHttpBodySize
>= 0) {
1304 const int64_t zero
= 0; // to make max() argument types the same
1305 al
.icap
.bodyBytesRead
=
1306 max(zero
, replyHttpHeaderSize
) + max(zero
, replyHttpBodySize
);
1310 al
.http
.code
= reply_
->sline
.status();
1311 al
.http
.content_type
= reply_
->content_type
.termedBuf();
1312 if (replyHttpBodySize
>= 0) {
1313 // XXX: should use icap-specific counters instead ?
1314 al
.http
.clientReplySz
.payloadData
= replyHttpBodySize
;
1315 al
.http
.clientReplySz
.header
= reply_
->hdr_sz
;
1316 al
.cache
.highOffset
= replyHttpBodySize
;
1318 //don't set al.cache.objectSize because it hasn't exist yet
1324 packerToMemInit(&p
, &mb
);
1326 reply_
->header
.packInto(&p
);
1327 al
.headers
.reply
= xstrdup(mb
.buf
);
1332 prepareLogWithRequestDetails(adapted_request_
, alep
);
1333 Xaction::finalizeLogInfo();
1336 void Adaptation::Icap::ModXact::makeRequestHeaders(MemBuf
&buf
)
1338 char ntoabuf
[MAX_IPSTRLEN
];
1340 * XXX These should use HttpHdr interfaces instead of Printfs
1342 const Adaptation::ServiceConfig
&s
= service().cfg();
1343 buf
.Printf("%s " SQUIDSTRINGPH
" ICAP/1.0\r\n", s
.methodStr(), SQUIDSTRINGPRINT(s
.uri
));
1344 buf
.Printf("Host: " SQUIDSTRINGPH
":%d\r\n", SQUIDSTRINGPRINT(s
.host
), s
.port
);
1345 buf
.Printf("Date: %s\r\n", mkrfc1123(squid_curtime
));
1347 if (!TheConfig
.reuse_connections
)
1348 buf
.Printf("Connection: close\r\n");
1350 const HttpRequest
*request
= &virginRequest();
1352 // we must forward "Proxy-Authenticate" and "Proxy-Authorization"
1354 if (virgin
.header
->header
.has(HDR_PROXY_AUTHENTICATE
)) {
1355 String vh
=virgin
.header
->header
.getByName("Proxy-Authenticate");
1356 buf
.Printf("Proxy-Authenticate: " SQUIDSTRINGPH
"\r\n",SQUIDSTRINGPRINT(vh
));
1359 if (virgin
.header
->header
.has(HDR_PROXY_AUTHORIZATION
)) {
1360 String vh
=virgin
.header
->header
.getByName("Proxy-Authorization");
1361 buf
.Printf("Proxy-Authorization: " SQUIDSTRINGPH
"\r\n", SQUIDSTRINGPRINT(vh
));
1362 } else if (request
->extacl_user
.size() > 0 && request
->extacl_passwd
.size() > 0) {
1363 struct base64_encode_ctx ctx
;
1364 base64_encode_init(&ctx
);
1365 uint8_t base64buf
[base64_encode_len(MAX_LOGIN_SZ
)];
1366 size_t resultLen
= base64_encode_update(&ctx
, base64buf
, request
->extacl_user
.size(), reinterpret_cast<const uint8_t*>(request
->extacl_user
.rawBuf()));
1367 resultLen
+= base64_encode_update(&ctx
, base64buf
+resultLen
, 1, reinterpret_cast<const uint8_t*>(":"));
1368 resultLen
+= base64_encode_update(&ctx
, base64buf
+resultLen
, request
->extacl_passwd
.size(), reinterpret_cast<const uint8_t*>(request
->extacl_passwd
.rawBuf()));
1369 resultLen
+= base64_encode_final(&ctx
, base64buf
+resultLen
);
1370 buf
.Printf("Proxy-Authorization: Basic %.*s\r\n", (int)resultLen
, base64buf
);
1373 // share the cross-transactional database records if needed
1374 if (Adaptation::Config::masterx_shared_name
) {
1375 Adaptation::History::Pointer ah
= request
->adaptHistory(false);
1378 if (ah
->getXxRecord(name
, value
)) {
1379 buf
.Printf(SQUIDSTRINGPH
": " SQUIDSTRINGPH
"\r\n",
1380 SQUIDSTRINGPRINT(name
), SQUIDSTRINGPRINT(value
));
1385 buf
.Printf("Encapsulated: ");
1391 // build HTTP request header, if any
1392 ICAP::Method m
= s
.method
;
1394 // to simplify, we could assume that request is always available
1398 urlPath
= request
->urlpath
;
1399 if (ICAP::methodRespmod
== m
)
1400 encapsulateHead(buf
, "req-hdr", httpBuf
, request
);
1401 else if (ICAP::methodReqmod
== m
)
1402 encapsulateHead(buf
, "req-hdr", httpBuf
, virgin
.header
);
1405 if (ICAP::methodRespmod
== m
)
1406 if (const HttpMsg
*prime
= virgin
.header
)
1407 encapsulateHead(buf
, "res-hdr", httpBuf
, prime
);
1409 if (!virginBody
.expected())
1410 buf
.Printf("null-body=%d", (int) httpBuf
.contentSize());
1411 else if (ICAP::methodReqmod
== m
)
1412 buf
.Printf("req-body=%d", (int) httpBuf
.contentSize());
1414 buf
.Printf("res-body=%d", (int) httpBuf
.contentSize());
1416 buf
.append(ICAP::crlf
, 2); // terminate Encapsulated line
1418 if (preview
.enabled()) {
1419 buf
.Printf("Preview: %d\r\n", (int)preview
.ad());
1420 if (!virginBody
.expected()) // there is no body to preview
1421 finishNullOrEmptyBodyPreview(httpBuf
);
1424 makeAllowHeader(buf
);
1426 if (TheConfig
.send_client_ip
&& request
) {
1427 Ip::Address client_addr
;
1428 #if FOLLOW_X_FORWARDED_FOR
1429 if (TheConfig
.use_indirect_client
) {
1430 client_addr
= request
->indirect_client_addr
;
1433 client_addr
= request
->client_addr
;
1434 if (!client_addr
.isAnyAddr() && !client_addr
.isNoAddr())
1435 buf
.Printf("X-Client-IP: %s\r\n", client_addr
.toStr(ntoabuf
,MAX_IPSTRLEN
));
1438 if (TheConfig
.send_username
&& request
)
1439 makeUsernameHeader(request
, buf
);
1441 // Adaptation::Config::metaHeaders
1442 typedef Notes::iterator ACAMLI
;
1443 for (ACAMLI i
= Adaptation::Config::metaHeaders
.begin(); i
!= Adaptation::Config::metaHeaders
.end(); ++i
) {
1444 HttpRequest
*r
= virgin
.cause
?
1445 virgin
.cause
: dynamic_cast<HttpRequest
*>(virgin
.header
);
1448 HttpReply
*reply
= dynamic_cast<HttpReply
*>(virgin
.header
);
1450 if (const char *value
= (*i
)->match(r
, reply
, alMaster
)) {
1451 buf
.Printf("%s: %s\r\n", (*i
)->key
.termedBuf(), value
);
1452 Adaptation::History::Pointer ah
= request
->adaptHistory(false);
1454 if (ah
->metaHeaders
== NULL
)
1455 ah
->metaHeaders
= new NotePairs
;
1456 if (!ah
->metaHeaders
->hasPair((*i
)->key
.termedBuf(), value
))
1457 ah
->metaHeaders
->add((*i
)->key
.termedBuf(), value
);
1462 // fprintf(stderr, "%s\n", buf.content());
1464 buf
.append(ICAP::crlf
, 2); // terminate ICAP header
1466 // fill icapRequest for logging
1467 Must(icapRequest
->parseCharBuf(buf
.content(), buf
.contentSize()));
1469 // start ICAP request body with encapsulated HTTP headers
1470 buf
.append(httpBuf
.content(), httpBuf
.contentSize());
1475 // decides which Allow values to write and updates the request buffer
1476 void Adaptation::Icap::ModXact::makeAllowHeader(MemBuf
&buf
)
1478 const bool allow204in
= preview
.enabled(); // TODO: add shouldAllow204in()
1479 const bool allow204out
= state
.allowedPostview204
= shouldAllow204();
1480 const bool allow206in
= state
.allowedPreview206
= shouldAllow206in();
1481 const bool allow206out
= state
.allowedPostview206
= shouldAllow206out();
1483 debugs(93,9, HERE
<< "Allows: " << allow204in
<< allow204out
<<
1484 allow206in
<< allow206out
);
1486 const bool allow204
= allow204in
|| allow204out
;
1487 const bool allow206
= allow206in
|| allow206out
;
1489 if (!allow204
&& !allow206
)
1490 return; // nothing to do
1492 if (virginBody
.expected()) // if there is a virgin body, plan to send it
1493 virginBodySending
.plan();
1495 // writing Preview:... means we will honor 204 inside preview
1496 // writing Allow/204 means we will honor 204 outside preview
1497 // writing Allow:206 means we will honor 206 inside preview
1498 // writing Allow:204,206 means we will honor 206 outside preview
1499 const char *allowHeader
= NULL
;
1500 if (allow204out
&& allow206
)
1501 allowHeader
= "Allow: 204, 206\r\n";
1502 else if (allow204out
)
1503 allowHeader
= "Allow: 204\r\n";
1505 allowHeader
= "Allow: 206\r\n";
1507 if (allowHeader
) { // may be nil if only allow204in is true
1508 buf
.append(allowHeader
, strlen(allowHeader
));
1509 debugs(93,5, HERE
<< "Will write " << allowHeader
);
1513 void Adaptation::Icap::ModXact::makeUsernameHeader(const HttpRequest
*request
, MemBuf
&buf
)
1516 struct base64_encode_ctx ctx
;
1517 base64_encode_init(&ctx
);
1519 const char *value
= NULL
;
1520 if (request
->auth_user_request
!= NULL
) {
1521 value
= request
->auth_user_request
->username();
1522 } else if (request
->extacl_user
.size() > 0) {
1523 value
= request
->extacl_user
.termedBuf();
1527 if (TheConfig
.client_username_encode
) {
1528 uint8_t base64buf
[base64_encode_len(MAX_LOGIN_SZ
)];
1529 size_t resultLen
= base64_encode_update(&ctx
, base64buf
, strlen(value
), reinterpret_cast<const uint8_t*>(value
));
1530 resultLen
+= base64_encode_final(&ctx
, base64buf
+resultLen
);
1531 buf
.Printf("%s: %.*s\r\n", TheConfig
.client_username_header
, (int)resultLen
, base64buf
);
1533 buf
.Printf("%s: %s\r\n", TheConfig
.client_username_header
, value
);
1538 void Adaptation::Icap::ModXact::encapsulateHead(MemBuf
&icapBuf
, const char *section
, MemBuf
&httpBuf
, const HttpMsg
*head
)
1540 // update ICAP header
1541 icapBuf
.Printf("%s=%d, ", section
, (int) httpBuf
.contentSize());
1544 HttpMsg::Pointer headClone
;
1546 if (const HttpRequest
* old_request
= dynamic_cast<const HttpRequest
*>(head
)) {
1547 HttpRequest::Pointer
new_request(new HttpRequest
);
1548 Must(old_request
->canonical
);
1549 urlParse(old_request
->method
, old_request
->canonical
, new_request
.getRaw());
1550 new_request
->http_ver
= old_request
->http_ver
;
1551 headClone
= new_request
.getRaw();
1552 } else if (const HttpReply
*old_reply
= dynamic_cast<const HttpReply
*>(head
)) {
1553 HttpReply::Pointer
new_reply(new HttpReply
);
1554 new_reply
->sline
= old_reply
->sline
;
1555 headClone
= new_reply
.getRaw();
1557 Must(headClone
!= NULL
);
1558 headClone
->inheritProperties(head
);
1560 HttpHeaderPos pos
= HttpHeaderInitPos
;
1561 HttpHeaderEntry
* p_head_entry
= NULL
;
1562 while (NULL
!= (p_head_entry
= head
->header
.getEntry(&pos
)) )
1563 headClone
->header
.addEntry(p_head_entry
->clone());
1567 // remove all hop-by-hop headers from the clone
1568 headClone
->header
.delById(HDR_PROXY_AUTHENTICATE
);
1569 headClone
->header
.removeHopByHopEntries();
1571 // pack polished HTTP header
1572 packHead(httpBuf
, headClone
.getRaw());
1574 // headClone unlocks and, hence, deletes the message we packed
1577 void Adaptation::Icap::ModXact::packHead(MemBuf
&httpBuf
, const HttpMsg
*head
)
1580 packerToMemInit(&p
, &httpBuf
);
1581 head
->packInto(&p
, true);
1585 // decides whether to offer a preview and calculates its size
1586 void Adaptation::Icap::ModXact::decideOnPreview()
1588 if (!TheConfig
.preview_enable
) {
1589 debugs(93, 5, HERE
<< "preview disabled by squid.conf");
1593 const String urlPath
= virginRequest().urlpath
;
1595 if (!service().wantsPreview(urlPath
, wantedSize
)) {
1596 debugs(93, 5, HERE
<< "should not offer preview for " << urlPath
);
1600 // we decided to do preview, now compute its size
1602 // cannot preview more than we can backup
1603 size_t ad
= min(wantedSize
, TheBackupLimit
);
1605 if (!virginBody
.expected())
1607 else if (virginBody
.knownSize())
1608 ad
= min(static_cast<uint64_t>(ad
), virginBody
.size()); // not more than we have
1610 debugs(93, 5, HERE
<< "should offer " << ad
<< "-byte preview " <<
1611 "(service wanted " << wantedSize
<< ")");
1614 Must(preview
.enabled());
1617 // decides whether to allow 204 responses
1618 bool Adaptation::Icap::ModXact::shouldAllow204()
1620 if (!service().allows204())
1623 return canBackupEverything();
1626 // decides whether to allow 206 responses in some mode
1627 bool Adaptation::Icap::ModXact::shouldAllow206any()
1629 return TheConfig
.allow206_enable
&& service().allows206() &&
1630 virginBody
.expected(); // no need for 206 without a body
1633 // decides whether to allow 206 responses in preview mode
1634 bool Adaptation::Icap::ModXact::shouldAllow206in()
1636 return shouldAllow206any() && preview
.enabled();
1639 // decides whether to allow 206 responses outside of preview
1640 bool Adaptation::Icap::ModXact::shouldAllow206out()
1642 return shouldAllow206any() && canBackupEverything();
1645 // used by shouldAllow204 and decideOnRetries
1646 bool Adaptation::Icap::ModXact::canBackupEverything() const
1648 if (!virginBody
.expected())
1649 return true; // no body means no problems with backup
1651 // if there is a body, check whether we can backup it all
1653 if (!virginBody
.knownSize())
1656 // or should we have a different backup limit?
1657 // note that '<' allows for 0-termination of the "full" backup buffer
1658 return virginBody
.size() < TheBackupLimit
;
1661 // Decide whether this transaction can be retried if pconn fails
1662 // Must be called after decideOnPreview and before openConnection()
1663 void Adaptation::Icap::ModXact::decideOnRetries()
1666 return; // no, already decided
1668 if (preview
.enabled())
1669 return; // yes, because preview provides enough guarantees
1671 if (canBackupEverything())
1672 return; // yes, because we can back everything up
1674 disableRetries(); // no, because we cannot back everything up
1677 // Normally, the body-writing code handles preview body. It can deal with
1678 // bodies of unexpected size, including those that turn out to be empty.
1679 // However, that code assumes that the body was expected and body control
1680 // structures were initialized. This is not the case when there is no body
1681 // or the body is known to be empty, because the virgin message will lack a
1682 // body_pipe. So we handle preview of null-body and zero-size bodies here.
1683 void Adaptation::Icap::ModXact::finishNullOrEmptyBodyPreview(MemBuf
&buf
)
1685 Must(!virginBodyWriting
.active()); // one reason we handle it here
1686 Must(!virgin
.body_pipe
); // another reason we handle it here
1687 Must(!preview
.ad());
1689 // do not add last-chunk because our Encapsulated header says null-body
1690 // addLastRequestChunk(buf);
1691 preview
.wrote(0, true);
1693 Must(preview
.done());
1694 Must(preview
.ieof());
1697 void Adaptation::Icap::ModXact::fillPendingStatus(MemBuf
&buf
) const
1699 Adaptation::Icap::Xaction::fillPendingStatus(buf
);
1701 if (state
.serviceWaiting
)
1704 if (virgin
.body_pipe
!= NULL
)
1707 if (haveConnection() && !doneReading())
1710 if (!state
.doneWriting() && state
.writing
!= State::writingInit
)
1711 buf
.Printf("w(%d)", state
.writing
);
1713 if (preview
.enabled()) {
1714 if (!preview
.done())
1715 buf
.Printf("P(%d)", (int) preview
.debt());
1718 if (virginBodySending
.active())
1721 if (!state
.doneParsing() && state
.parsing
!= State::psIcapHeader
)
1722 buf
.Printf("p(%d)", state
.parsing
);
1724 if (!doneSending() && state
.sending
!= State::sendingUndecided
)
1725 buf
.Printf("S(%d)", state
.sending
);
1727 if (state
.readyForUob
)
1733 if (protectGroupBypass
)
1737 void Adaptation::Icap::ModXact::fillDoneStatus(MemBuf
&buf
) const
1739 Adaptation::Icap::Xaction::fillDoneStatus(buf
);
1741 if (!virgin
.body_pipe
)
1744 if (state
.doneWriting())
1747 if (preview
.enabled()) {
1749 buf
.Printf("P%s", preview
.ieof() ? "(ieof)" : "");
1755 if (state
.doneParsing())
1762 bool Adaptation::Icap::ModXact::gotEncapsulated(const char *section
) const
1764 return icapReply
->header
.getByNameListMember("Encapsulated",
1765 section
, ',').size() > 0;
1768 // calculate whether there is a virgin HTTP body and
1769 // whether its expected size is known
1770 // TODO: rename because we do not just estimate
1771 void Adaptation::Icap::ModXact::estimateVirginBody()
1773 // note: lack of size info may disable previews and 204s
1775 HttpMsg
*msg
= virgin
.header
;
1778 HttpRequestMethod method
;
1781 method
= virgin
.cause
->method
;
1782 else if (HttpRequest
*req
= dynamic_cast<HttpRequest
*>(msg
))
1783 method
= req
->method
;
1785 method
= Http::METHOD_NONE
;
1788 // expectingBody returns true for zero-sized bodies, but we will not
1789 // get a pipe for that body, so we treat the message as bodyless
1790 if (method
!= Http::METHOD_NONE
&& msg
->expectingBody(method
, size
) && size
) {
1791 debugs(93, 6, HERE
<< "expects virgin body from " <<
1792 virgin
.body_pipe
<< "; size: " << size
);
1794 virginBody
.expect(size
);
1795 virginBodyWriting
.plan();
1797 // sign up as a body consumer
1798 Must(msg
->body_pipe
!= NULL
);
1799 Must(msg
->body_pipe
== virgin
.body_pipe
);
1800 Must(virgin
.body_pipe
->setConsumerIfNotLate(this));
1802 // make sure TheBackupLimit is in-sync with the buffer size
1803 Must(TheBackupLimit
<= static_cast<size_t>(msg
->body_pipe
->buf().max_capacity
));
1805 debugs(93, 6, HERE
<< "does not expect virgin body");
1806 Must(msg
->body_pipe
== NULL
);
1811 void Adaptation::Icap::ModXact::makeAdaptedBodyPipe(const char *what
)
1813 Must(!adapted
.body_pipe
);
1814 Must(!adapted
.header
->body_pipe
);
1815 adapted
.header
->body_pipe
= new BodyPipe(this);
1816 adapted
.body_pipe
= adapted
.header
->body_pipe
;
1817 debugs(93, 7, HERE
<< "will supply " << what
<< " via " <<
1818 adapted
.body_pipe
<< " pipe");
1821 // TODO: Move SizedEstimate and Preview elsewhere
1823 Adaptation::Icap::SizedEstimate::SizedEstimate()
1824 : theData(dtUnexpected
)
1827 void Adaptation::Icap::SizedEstimate::expect(int64_t aSize
)
1829 theData
= (aSize
>= 0) ? aSize
: (int64_t)dtUnknown
;
1832 bool Adaptation::Icap::SizedEstimate::expected() const
1834 return theData
!= dtUnexpected
;
1837 bool Adaptation::Icap::SizedEstimate::knownSize() const
1840 return theData
!= dtUnknown
;
1843 uint64_t Adaptation::Icap::SizedEstimate::size() const
1846 return static_cast<uint64_t>(theData
);
1849 Adaptation::Icap::VirginBodyAct::VirginBodyAct(): theStart(0), theState(stUndecided
)
1852 void Adaptation::Icap::VirginBodyAct::plan()
1855 Must(!theStart
); // not started
1856 theState
= stActive
;
1859 void Adaptation::Icap::VirginBodyAct::disable()
1861 theState
= stDisabled
;
1864 void Adaptation::Icap::VirginBodyAct::progress(size_t size
)
1867 #if SIZEOF_SIZE_T > 4
1868 /* always true for smaller size_t's */
1869 Must(static_cast<int64_t>(size
) >= 0);
1871 theStart
+= static_cast<int64_t>(size
);
1874 uint64_t Adaptation::Icap::VirginBodyAct::offset() const
1877 return static_cast<uint64_t>(theStart
);
1880 Adaptation::Icap::Preview::Preview(): theWritten(0), theAd(0), theState(stDisabled
)
1883 void Adaptation::Icap::Preview::enable(size_t anAd
)
1885 // TODO: check for anAd not exceeding preview size limit
1888 theState
= stWriting
;
1891 bool Adaptation::Icap::Preview::enabled() const
1893 return theState
!= stDisabled
;
1896 size_t Adaptation::Icap::Preview::ad() const
1902 bool Adaptation::Icap::Preview::done() const
1905 return theState
>= stIeof
;
1908 bool Adaptation::Icap::Preview::ieof() const
1911 return theState
== stIeof
;
1914 size_t Adaptation::Icap::Preview::debt() const
1917 return done() ? 0 : (theAd
- theWritten
);
1920 void Adaptation::Icap::Preview::wrote(size_t size
, bool wroteEof
)
1926 Must(theWritten
<= theAd
);
1929 theState
= stIeof
; // written size is irrelevant
1930 else if (theWritten
>= theAd
)
1934 bool Adaptation::Icap::ModXact::fillVirginHttpHeader(MemBuf
&mb
) const
1936 if (virgin
.header
== NULL
)
1939 virgin
.header
->firstLineBuf(mb
);
1944 void Adaptation::Icap::ModXact::detailError(int errDetail
)
1946 HttpRequest
*request
= dynamic_cast<HttpRequest
*>(adapted
.header
);
1947 // if no adapted request, update virgin (and inherit its properties later)
1948 // TODO: make this and HttpRequest::detailError constant, like adaptHistory
1950 request
= const_cast<HttpRequest
*>(&virginRequest());
1953 request
->detailError(ERR_ICAP_FAILURE
, errDetail
);
1956 void Adaptation::Icap::ModXact::clearError()
1958 HttpRequest
*request
= dynamic_cast<HttpRequest
*>(adapted
.header
);
1959 // if no adapted request, update virgin (and inherit its properties later)
1961 request
= const_cast<HttpRequest
*>(&virginRequest());
1964 request
->clearError();
1967 /* Adaptation::Icap::ModXactLauncher */
1969 Adaptation::Icap::ModXactLauncher::ModXactLauncher(HttpMsg
*virginHeader
, HttpRequest
*virginCause
, AccessLogEntry::Pointer
&alp
, Adaptation::ServicePointer aService
):
1970 AsyncJob("Adaptation::Icap::ModXactLauncher"),
1971 Adaptation::Icap::Launcher("Adaptation::Icap::ModXactLauncher", aService
),
1974 virgin
.setHeader(virginHeader
);
1975 virgin
.setCause(virginCause
);
1976 updateHistory(true);
1979 Adaptation::Icap::Xaction
*Adaptation::Icap::ModXactLauncher::createXaction()
1981 Adaptation::Icap::ServiceRep::Pointer s
=
1982 dynamic_cast<Adaptation::Icap::ServiceRep
*>(theService
.getRaw());
1984 return new Adaptation::Icap::ModXact(virgin
.header
, virgin
.cause
, al
, s
);
1987 void Adaptation::Icap::ModXactLauncher::swanSong()
1989 debugs(93, 5, HERE
<< "swan sings");
1990 updateHistory(false);
1991 Adaptation::Icap::Launcher::swanSong();
1994 void Adaptation::Icap::ModXactLauncher::updateHistory(bool doStart
)
1996 HttpRequest
*r
= virgin
.cause
?
1997 virgin
.cause
: dynamic_cast<HttpRequest
*>(virgin
.header
);
1999 // r should never be NULL but we play safe; TODO: add Should()
2001 Adaptation::Icap::History::Pointer h
= r
->icapHistory();
2004 h
->start("ICAPModXactLauncher");
2006 h
->stop("ICAPModXactLauncher");