]> git.ipfire.org Git - thirdparty/squid.git/blob - src/client_side.cc
projects / thirdparty / squid.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
2.1 branch merge
[thirdparty/squid.git] / src / client_side.cc
1
2 /*
3 * $Id: client_side.cc,v 1.422 1998/11/12 06:28:00 wessels Exp $
4 *
5 * DEBUG: section 33 Client-side Routines
6 * AUTHOR: Duane Wessels
7 *
8 * SQUID Internet Object Cache http://squid.nlanr.net/Squid/
9 * ----------------------------------------------------------
10 *
11 * Squid is the result of efforts by numerous individuals from the
12 * Internet community. Development is led by Duane Wessels of the
13 * National Laboratory for Applied Network Research and funded by the
14 * National Science Foundation. Squid is Copyrighted (C) 1998 by
15 * Duane Wessels and the University of California San Diego. Please
16 * see the COPYRIGHT file for full details. Squid incorporates
17 * software developed and/or copyrighted by other sources. Please see
18 * the CREDITS file for full details.
19 *
20 * This program is free software; you can redistribute it and/or modify
21 * it under the terms of the GNU General Public License as published by
22 * the Free Software Foundation; either version 2 of the License, or
23 * (at your option) any later version.
24 *
25 * This program is distributed in the hope that it will be useful,
26 * but WITHOUT ANY WARRANTY; without even the implied warranty of
27 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
28 * GNU General Public License for more details.
29 *
30 * You should have received a copy of the GNU General Public License
31 * along with this program; if not, write to the Free Software
32 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
33 *
34 */
35
36 #include "squid.h"
37
38 #if IPF_TRANSPARENT
39 #if HAVE_SYS_IOCTL_H
40 #include <sys/ioctl.h>
41 #endif
42 #include <netinet/tcp.h>
43 #include <net/if.h>
44 #include <ip_compat.h>
45 #include <ip_fil.h>
46 #include <ip_nat.h>
47 #endif
48
49
50
51 #if LINGERING_CLOSE
52 #define comm_close comm_lingering_close
53 #endif
54
55 static const char *const crlf = "\r\n";
56 static const char *const proxy_auth_challenge_fmt = "Basic realm=\"%s\"";
57
58 #define REQUEST_BUF_SIZE 4096
59 #define FAILURE_MODE_TIME 300
60
61 /* Local functions */
62
63 static CWCB clientWriteComplete;
64 static PF clientReadRequest;
65 static PF connStateFree;
66 static PF requestTimeout;
67 static int CheckQuickAbort2(const clientHttpRequest *);
68 static int clientCheckTransferDone(clientHttpRequest *);
69 static int clientGotNotEnough(clientHttpRequest *);
70 static void CheckQuickAbort(clientHttpRequest *);
71 static void checkFailureRatio(err_type, hier_code);
72 static void clientProcessMiss(clientHttpRequest *);
73 static void clientBuildReplyHeader(clientHttpRequest * http, HttpReply * rep);
74 static clientHttpRequest *parseHttpRequestAbort(ConnStateData * conn, const char *uri);
75 static clientHttpRequest *parseHttpRequest(ConnStateData *, method_t *, int *, char **, size_t *);
76 static RH clientRedirectDone;
77 static STCB clientHandleIMSReply;
78 static int clientGetsOldEntry(StoreEntry * new, StoreEntry * old, request_t * request);
79 static int checkAccelOnly(clientHttpRequest *);
80 static int clientOnlyIfCached(clientHttpRequest * http);
81 static STCB clientSendMoreData;
82 static STCB clientCacheHit;
83 static void clientSetKeepaliveFlag(clientHttpRequest *);
84 static void clientInterpretRequestHeaders(clientHttpRequest *);
85 static void clientProcessRequest(clientHttpRequest *);
86 static void clientProcessExpired(void *data);
87 static void clientProcessOnlyIfCachedMiss(clientHttpRequest * http);
88 static HttpReply *clientConstructProxyAuthReply(clientHttpRequest * http);
89 static int clientCachable(clientHttpRequest * http);
90 static int clientHierarchical(clientHttpRequest * http);
91 static int clientCheckContentLength(request_t * r);
92 static int httpAcceptDefer(void);
93 static log_type clientProcessRequest2(clientHttpRequest * http);
94
95 static int
96 checkAccelOnly(clientHttpRequest * http)
97 {
98 /* return TRUE if someone makes a proxy request to us and
99 * we are in httpd-accel only mode */
100 if (!Config2.Accel.on)
101 return 0;
102 if (Config.onoff.accel_with_proxy)
103 return 0;
104 if (http->request->protocol == PROTO_CACHEOBJ)
105 return 0;
106 if (http->flags.accel)
107 return 0;
108 return 1;
109 }
110
111 void
112 clientAccessCheck(void *data)
113 {
114 clientHttpRequest *http = data;
115 ConnStateData *conn = http->conn;
116 const char *browser;
117 if (Config.onoff.ident_lookup && conn->ident.state == IDENT_NONE) {
118 identStart(-1, conn, clientAccessCheck, http);
119 return;
120 }
121 if (checkAccelOnly(http)) {
122 clientAccessCheckDone(0, http);
123 return;
124 }
125 browser = httpHeaderGetStr(&http->request->header, HDR_USER_AGENT);
126 http->acl_checklist = aclChecklistCreate(Config.accessList.http,
127 http->request,
128 conn->peer.sin_addr,
129 browser,
130 conn->ident.ident);
131 aclNBCheck(http->acl_checklist, clientAccessCheckDone, http);
132 }
133
134 /*
135 * returns true if client specified that the object must come from the cache
136 * witout contacting origin server
137 */
138 static int
139 clientOnlyIfCached(clientHttpRequest * http)
140 {
141 const request_t *r = http->request;
142 assert(r);
143 return r->cache_control &&
144 EBIT_TEST(r->cache_control->mask, CC_ONLY_IF_CACHED);
145 }
146
147 static HttpReply *
148 clientConstructProxyAuthReply(clientHttpRequest * http)
149 {
150 ErrorState *err;
151 HttpReply *rep;
152 if (!http->flags.accel) {
153 /* Proxy authorisation needed */
154 err = errorCon(ERR_CACHE_ACCESS_DENIED,
155 HTTP_PROXY_AUTHENTICATION_REQUIRED);
156 } else {
157 /* WWW authorisation needed */
158 err = errorCon(ERR_CACHE_ACCESS_DENIED, HTTP_UNAUTHORIZED);
159 }
160 err->request = requestLink(http->request);
161 rep = errorBuildReply(err);
162 errorStateFree(err);
163 /* add Authenticate header */
164 if (!http->flags.accel) {
165 /* Proxy authorisation needed */
166 httpHeaderPutStrf(&rep->header, HDR_PROXY_AUTHENTICATE,
167 proxy_auth_challenge_fmt, Config.proxyAuthRealm);
168 } else {
169 /* WWW Authorisation needed */
170 httpHeaderPutStrf(&rep->header, HDR_WWW_AUTHENTICATE,
171 proxy_auth_challenge_fmt, Config.proxyAuthRealm);
172 }
173 return rep;
174 }
175
176 StoreEntry *
177 clientCreateStoreEntry(clientHttpRequest * h, method_t m, request_flags flags)
178 {
179 StoreEntry *e;
180 /*
181 * For erroneous requests, we might not have a h->request,
182 * so make a fake one.
183 */
184 if (h->request == NULL)
185 h->request = requestLink(requestCreate(m, PROTO_NONE, NULL));
186 e = storeCreateEntry(h->uri, h->log_uri, flags, m);
187 storeClientListAdd(e, h);
188 #if DELAY_POOLS
189 delaySetStoreClient(e, h, h->request->delay_id);
190 #endif
191 storeClientCopy(e, 0, 0, CLIENT_SOCK_SZ,
192 memAllocate(MEM_CLIENT_SOCK_BUF), clientSendMoreData, h);
193 return e;
194 }
195
196
197 void
198 clientAccessCheckDone(int answer, void *data)
199 {
200 clientHttpRequest *http = data;
201 int page_id = -1;
202 ErrorState *err = NULL;
203 debug(33, 5) ("clientAccessCheckDone: '%s' answer=%d\n", http->uri, answer);
204 http->acl_checklist = NULL;
205 if (answer == ACCESS_ALLOWED) {
206 safe_free(http->uri);
207 http->uri = xstrdup(urlCanonical(http->request));
208 assert(http->redirect_state == REDIRECT_NONE);
209 http->redirect_state = REDIRECT_PENDING;
210 redirectStart(http, clientRedirectDone, http);
211 } else if (answer == ACCESS_REQ_PROXY_AUTH) {
212 http->log_type = LOG_TCP_DENIED;
213 http->entry = clientCreateStoreEntry(http, http->request->method,
214 null_request_flags);
215 /* create appropriate response */
216 http->entry->mem_obj->reply = clientConstructProxyAuthReply(http);
217 httpReplySwapOut(http->entry->mem_obj->reply, http->entry);
218 storeComplete(http->entry);
219 } else {
220 debug(33, 5) ("Access Denied: %s\n", http->uri);
221 debug(33, 5) ("AclMatchedName = %s\n",
222 AclMatchedName ? AclMatchedName : "<null>");
223 http->log_type = LOG_TCP_DENIED;
224 http->entry = clientCreateStoreEntry(http, http->request->method,
225 null_request_flags);
226 page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName);
227 /* NOTE: don't use HTTP_UNAUTHORIZED because then the
228 * stupid browser wants us to authenticate */
229 err = errorCon(ERR_ACCESS_DENIED, HTTP_FORBIDDEN);
230 err->request = requestLink(http->request);
231 err->src_addr = http->conn->peer.sin_addr;
232 if (page_id > 0)
233 err->page_id = page_id;
234 errorAppendEntry(http->entry, err);
235 }
236 }
237
238 static void
239 clientRedirectDone(void *data, char *result)
240 {
241 clientHttpRequest *http = data;
242 request_t *new_request = NULL;
243 request_t *old_request = http->request;
244 debug(33, 5) ("clientRedirectDone: '%s' result=%s\n", http->uri,
245 result ? result : "NULL");
246 assert(http->redirect_state == REDIRECT_PENDING);
247 http->redirect_state = REDIRECT_DONE;
248 if (result) {
249 http_status status = atoi(result);
250 if (status == 301 || status == 302) {
251 char *t = result;
252 if ((t = strchr(result, ':')) != NULL) {
253 http->redirect.status = status;
254 http->redirect.location = xstrdup(t + 1);
255 } else {
256 debug(33, 1) ("clientRedirectDone: bad input: %s\n", result);
257 }
258 }
259 if (strcmp(result, http->uri))
260 new_request = urlParse(old_request->method, result);
261 }
262 if (new_request) {
263 safe_free(http->uri);
264 http->uri = xstrdup(urlCanonical(new_request));
265 new_request->http_ver = old_request->http_ver;
266 httpHeaderAppend(&new_request->header, &old_request->header);
267 new_request->client_addr = old_request->client_addr;
268 new_request->flags.redirected = 1;
269 if (old_request->body) {
270 new_request->body = xmalloc(old_request->body_sz);
271 xmemcpy(new_request->body, old_request->body, old_request->body_sz);
272 new_request->body_sz = old_request->body_sz;
273 }
274 requestUnlink(old_request);
275 http->request = requestLink(new_request);
276 }
277 clientInterpretRequestHeaders(http);
278 fd_note(http->conn->fd, http->uri);
279 clientProcessRequest(http);
280 }
281
282 static void
283 clientProcessExpired(void *data)
284 {
285 clientHttpRequest *http = data;
286 char *url = http->uri;
287 StoreEntry *entry = NULL;
288 debug(33, 3) ("clientProcessExpired: '%s'\n", http->uri);
289 assert(http->entry->lastmod >= 0);
290 /*
291 * check if we are allowed to contact other servers
292 * @?@: Instead of a 504 (Gateway Timeout) reply, we may want to return
293 * a stale entry *if* it matches client requirements
294 */
295 if (clientOnlyIfCached(http)) {
296 clientProcessOnlyIfCachedMiss(http);
297 return;
298 }
299 http->request->flags.refresh = 1;
300 http->old_entry = http->entry;
301 entry = storeCreateEntry(url,
302 http->log_uri,
303 http->request->flags,
304 http->request->method);
305 /* NOTE, don't call storeLockObject(), storeCreateEntry() does it */
306 storeClientListAdd(entry, http);
307 storeClientListAdd(http->old_entry, http);
308 #if DELAY_POOLS
309 delaySetStoreClient(entry, http, http->request->delay_id);
310 delaySetStoreClient(http->old_entry, http, http->request->delay_id);
311 #endif
312 entry->lastmod = http->old_entry->lastmod;
313 debug(33, 5) ("clientProcessExpired: lastmod %d\n", (int) entry->lastmod);
314 entry->refcount++; /* EXPIRED CASE */
315 http->entry = entry;
316 http->out.offset = 0;
317 fwdStart(http->conn->fd, http->entry, http->request,
318 http->conn->peer.sin_addr);
319 /* Register with storage manager to receive updates when data comes in. */
320 if (entry->store_status == STORE_ABORTED)
321 debug(33, 0) ("clientProcessExpired: entry->swap_status == STORE_ABORTED\n");
322 storeClientCopy(entry,
323 http->out.offset,
324 http->out.offset,
325 CLIENT_SOCK_SZ,
326 memAllocate(MEM_CLIENT_SOCK_BUF),
327 clientHandleIMSReply,
328 http);
329 }
330
331 static int
332 clientGetsOldEntry(StoreEntry * new_entry, StoreEntry * old_entry, request_t * request)
333 {
334 const http_status status = new_entry->mem_obj->reply->sline.status;
335 if (0 == status) {
336 debug(33, 5) ("clientGetsOldEntry: YES, broken HTTP reply\n");
337 return 1;
338 }
339 /* If the reply is anything but "Not Modified" then
340 * we must forward it to the client */
341 if (HTTP_NOT_MODIFIED != status) {
342 debug(33, 5) ("clientGetsOldEntry: NO, reply=%d\n", status);
343 return 0;
344 }
345 /* If the client did not send IMS in the request, then it
346 * must get the old object, not this "Not Modified" reply */
347 if (!request->flags.ims) {
348 debug(33, 5) ("clientGetsOldEntry: YES, no client IMS\n");
349 return 1;
350 }
351 /* If the client IMS time is prior to the entry LASTMOD time we
352 * need to send the old object */
353 if (modifiedSince(old_entry, request)) {
354 debug(33, 5) ("clientGetsOldEntry: YES, modified since %d\n",
355 (int) request->ims);
356 return 1;
357 }
358 debug(33, 5) ("clientGetsOldEntry: NO, new one is fine\n");
359 return 0;
360 }
361
362
363 static void
364 clientHandleIMSReply(void *data, char *buf, ssize_t size)
365 {
366 clientHttpRequest *http = data;
367 StoreEntry *entry = http->entry;
368 MemObject *mem = entry->mem_obj;
369 const char *url = storeUrl(entry);
370 int unlink_request = 0;
371 StoreEntry *oldentry;
372 int recopy = 1;
373 const http_status status = mem->reply->sline.status;
374 debug(33, 3) ("clientHandleIMSReply: %s, %d bytes\n", url, (int) size);
375 if (size < 0 && entry->store_status != STORE_ABORTED)
376 #if OLD_CODE
377 /*
378 * This storeAbort() call causes wrong behaviour in some situations.
379 * If there are multiple clients hanging on this entry, the second
380 * client will not want the entry to be aborted. This shows up in
381 * the stack trace below:
382 *
383 * #0 0xef5f452c in kill ()
384 * #1 0xef5ba620 in abort ()
385 * #2 0x7d680 in __eprintf (string=0x82a70 "%s:%u: failed assertion `%s'\n", expression=0x82a90 "client_side.c", line=1111, filename=0x83468 "size > 0")
386 * #3 0x2ad7c in clientCacheHit (data=0x31ae318, buf=0x17f1450 "", size=0) at client_side.c:1111
387 * #4 0x65cd4 in storeClientCopy2 (e=0x4c48c0, sc=0x2eedd70) at store_client.c:264
388 * #5 0x665b0 in InvokeHandlers (e=0x4c48c0) at store_client.c:510
389 * #6 0x63c90 in storeAbort (e=0x4c48c0, cbflag=1) at store.c:626
390 * #7 0x29190 in clientHandleIMSReply (data=0x31e9518, buf=0x2268810 "", size=-1) at client_side.c:343
391 * #8 0x66450 in storeUnregister (e=0x2910c, data=0x31e9518) at store_client.c:467
392 * #9 0x29a54 in httpRequestFree (data=0x31e9518) at client_side.c:579
393 * #10 0x29eb4 in connStateFree (fd=534528, data=0x314d0d0) at client_side.c:667
394 * #11 0x2f27c in commCallCloseHandlers (fd=42) at comm.c:501
395 * #12 0x2f410 in comm_close (fd=42) at comm.c:565
396 * #13 0x2d054 in clientReadRequest (fd=42, data=0x314d0d0) at client_side.c:2038
397 * #14 0x309c8 in comm_poll (msec=434) at comm_select.c:354
398 * #15 0x4da64 in main (argc=5, argv=0xeffffd4c) at main.c:587
399 */
400 storeAbort(entry, 1);
401 #endif
402 /*
403 * Lets just try to return here and see what kind of problems that
404 * causes
405 */
406 return;
407 if (entry->store_status == STORE_ABORTED) {
408 debug(33, 3) ("clientHandleIMSReply: ABORTED '%s'\n", url);
409 /* We have an existing entry, but failed to validate it */
410 /* Its okay to send the old one anyway */
411 http->log_type = LOG_TCP_REFRESH_FAIL_HIT;
412 storeUnregister(entry, http);
413 storeUnlockObject(entry);
414 entry = http->entry = http->old_entry;
415 entry->refcount++;
416 } else if (STORE_PENDING == entry->store_status && 0 == status) {
417 debug(33, 3) ("clientHandleIMSReply: Incomplete headers for '%s'\n", url);
418 if (size >= CLIENT_SOCK_SZ) {
419 /* will not get any bigger than that */
420 debug(33, 3) ("clientHandleIMSReply: Reply is too large '%s', using old entry\n", url);
421 /* use old entry, this repeats the code abovez */
422 http->log_type = LOG_TCP_REFRESH_FAIL_HIT;
423 storeUnregister(entry, http);
424 storeUnlockObject(entry);
425 entry = http->entry = http->old_entry;
426 entry->refcount++;
427 /* continue */
428 } else {
429 storeClientCopy(entry,
430 http->out.offset + size,
431 http->out.offset,
432 CLIENT_SOCK_SZ,
433 buf,
434 clientHandleIMSReply,
435 http);
436 return;
437 }
438 } else if (clientGetsOldEntry(entry, http->old_entry, http->request)) {
439 /* We initiated the IMS request, the client is not expecting
440 * 304, so put the good one back. First, make sure the old entry
441 * headers have been loaded from disk. */
442 oldentry = http->old_entry;
443 http->log_type = LOG_TCP_REFRESH_HIT;
444 if (oldentry->mem_obj->request == NULL) {
445 oldentry->mem_obj->request = requestLink(mem->request);
446 unlink_request = 1;
447 }
448 /* Don't memcpy() the whole reply structure here. For example,
449 * www.thegist.com (Netscape/1.13) returns a content-length for
450 * 304's which seems to be the length of the 304 HEADERS!!! and
451 * not the body they refer to. */
452 httpReplyUpdateOnNotModified(oldentry->mem_obj->reply, mem->reply);
453 storeTimestampsSet(oldentry);
454 storeUnregister(entry, http);
455 storeUnlockObject(entry);
456 entry = http->entry = oldentry;
457 entry->timestamp = squid_curtime;
458 if (unlink_request) {
459 requestUnlink(entry->mem_obj->request);
460 entry->mem_obj->request = NULL;
461 }
462 } else {
463 /* the client can handle this reply, whatever it is */
464 http->log_type = LOG_TCP_REFRESH_MISS;
465 if (HTTP_NOT_MODIFIED == mem->reply->sline.status) {
466 http->old_entry->timestamp = squid_curtime;
467 http->old_entry->refcount++;
468 http->log_type = LOG_TCP_REFRESH_HIT;
469 }
470 storeUnregister(http->old_entry, http);
471 storeUnlockObject(http->old_entry);
472 recopy = 0;
473 }
474 http->old_entry = NULL; /* done with old_entry */
475 assert(entry->store_status != STORE_ABORTED);
476 if (recopy) {
477 storeClientCopy(entry,
478 http->out.offset,
479 http->out.offset,
480 CLIENT_SOCK_SZ,
481 buf,
482 clientSendMoreData,
483 http);
484 } else {
485 clientSendMoreData(data, buf, size);
486 }
487 }
488
489 int
490 modifiedSince(StoreEntry * entry, request_t * request)
491 {
492 int object_length;
493 MemObject *mem = entry->mem_obj;
494 time_t mod_time = entry->lastmod;
495 debug(33, 3) ("modifiedSince: '%s'\n", storeUrl(entry));
496 if (mod_time < 0)
497 mod_time = entry->timestamp;
498 debug(33, 3) ("modifiedSince: mod_time = %d\n", (int) mod_time);
499 if (mod_time < 0)
500 return 1;
501 /* Find size of the object */
502 object_length = mem->reply->content_length;
503 if (object_length < 0)
504 object_length = contentLen(entry);
505 if (mod_time > request->ims) {
506 debug(33, 3) ("--> YES: entry newer than client\n");
507 return 1;
508 } else if (mod_time < request->ims) {
509 debug(33, 3) ("--> NO: entry older than client\n");
510 return 0;
511 } else if (request->imslen < 0) {
512 debug(33, 3) ("--> NO: same LMT, no client length\n");
513 return 0;
514 } else if (request->imslen == object_length) {
515 debug(33, 3) ("--> NO: same LMT, same length\n");
516 return 0;
517 } else {
518 debug(33, 3) ("--> YES: same LMT, different length\n");
519 return 1;
520 }
521 }
522
523 void
524 clientPurgeRequest(clientHttpRequest * http)
525 {
526 StoreEntry *entry;
527 ErrorState *err = NULL;
528 HttpReply *r;
529 debug(33, 3) ("Config.onoff.enable_purge = %d\n", Config.onoff.enable_purge);
530 if (!Config.onoff.enable_purge) {
531 http->log_type = LOG_TCP_DENIED;
532 err = errorCon(ERR_ACCESS_DENIED, HTTP_FORBIDDEN);
533 err->request = requestLink(http->request);
534 err->src_addr = http->conn->peer.sin_addr;
535 http->entry = clientCreateStoreEntry(http, http->request->method, null_request_flags);
536 errorAppendEntry(http->entry, err);
537 return;
538 }
539 http->log_type = LOG_TCP_MISS;
540 if ((entry = storeGetPublic(http->uri, METHOD_GET)) == NULL) {
541 http->http_code = HTTP_NOT_FOUND;
542 } else {
543 storeRelease(entry);
544 http->http_code = HTTP_OK;
545 }
546 debug(33, 4) ("clientPurgeRequest: Not modified '%s'\n",
547 storeUrl(entry));
548 /*
549 * Make a new entry to hold the reply to be written
550 * to the client.
551 */
552 http->entry = clientCreateStoreEntry(http, http->request->method, null_request_flags);
553 httpReplyReset(r = http->entry->mem_obj->reply);
554 httpReplySetHeaders(r, 1.0, http->http_code, NULL, NULL, 0, 0, -1);
555 httpReplySwapOut(r, http->entry);
556 storeComplete(http->entry);
557 }
558
559 int
560 checkNegativeHit(StoreEntry * e)
561 {
562 if (!EBIT_TEST(e->flags, ENTRY_NEGCACHED))
563 return 0;
564 if (e->expires <= squid_curtime)
565 return 0;
566 if (e->store_status != STORE_OK)
567 return 0;
568 return 1;
569 }
570
571 void
572 clientUpdateCounters(clientHttpRequest * http)
573 {
574 int svc_time = tvSubMsec(http->start, current_time);
575 ping_data *i;
576 HierarchyLogEntry *H;
577 Counter.client_http.requests++;
578 if (isTcpHit(http->log_type))
579 Counter.client_http.hits++;
580 if (http->request->err_type != ERR_NONE)
581 Counter.client_http.errors++;
582 statHistCount(&Counter.client_http.all_svc_time, svc_time);
583 /*
584 * The idea here is not to be complete, but to get service times
585 * for only well-defined types. For example, we don't include
586 * LOG_TCP_REFRESH_FAIL_HIT because its not really a cache hit
587 * (we *tried* to validate it, but failed).
588 */
589 switch (http->log_type) {
590 case LOG_TCP_REFRESH_HIT:
591 statHistCount(&Counter.client_http.nh_svc_time, svc_time);
592 break;
593 case LOG_TCP_IMS_HIT:
594 statHistCount(&Counter.client_http.nm_svc_time, svc_time);
595 break;
596 case LOG_TCP_HIT:
597 case LOG_TCP_MEM_HIT:
598 case LOG_TCP_OFFLINE_HIT:
599 statHistCount(&Counter.client_http.hit_svc_time, svc_time);
600 break;
601 case LOG_TCP_MISS:
602 case LOG_TCP_CLIENT_REFRESH_MISS:
603 statHistCount(&Counter.client_http.miss_svc_time, svc_time);
604 break;
605 default:
606 /* make compiler warnings go away */
607 break;
608 }
609 H = &http->request->hier;
610 switch (H->alg) {
611 case PEER_SA_DIGEST:
612 Counter.cd.times_used++;
613 break;
614 case PEER_SA_ICP:
615 Counter.icp.times_used++;
616 i = &H->ping;
617 if (0 != i->stop.tv_sec && 0 != i->start.tv_sec)
618 statHistCount(&Counter.icp.query_svc_time,
619 tvSubUsec(i->start, i->stop));
620 if (i->timeout)
621 Counter.icp.query_timeouts++;
622 break;
623 case PEER_SA_NETDB:
624 Counter.netdb.times_used++;
625 break;
626 default:
627 break;
628 }
629 }
630
631 static void
632 httpRequestFree(void *data)
633 {
634 clientHttpRequest *http = data;
635 clientHttpRequest **H;
636 ConnStateData *conn = http->conn;
637 StoreEntry *entry = http->entry;
638 request_t *request = http->request;
639 MemObject *mem = NULL;
640 debug(33, 3) ("httpRequestFree: %s\n", storeUrl(entry));
641 if (!clientCheckTransferDone(http)) {
642 if (entry)
643 storeUnregister(entry, http); /* unregister BEFORE abort */
644 CheckQuickAbort(http);
645 entry = http->entry; /* reset, IMS might have changed it */
646 if (entry && entry->ping_status == PING_WAITING)
647 storeReleaseRequest(entry);
648 }
649 assert(http->log_type < LOG_TYPE_MAX);
650 if (entry)
651 mem = entry->mem_obj;
652 if (http->out.size || http->log_type) {
653 http->al.icp.opcode = ICP_INVALID;
654 http->al.url = http->log_uri;
655 debug(33, 9) ("httpRequestFree: al.url='%s'\n", http->al.url);
656 if (mem) {
657 http->al.http.code = mem->reply->sline.status;
658 http->al.http.content_type = strBuf(mem->reply->content_type);
659 }
660 http->al.cache.caddr = conn->log_addr;
661 http->al.cache.size = http->out.size;
662 http->al.cache.code = http->log_type;
663 http->al.cache.msec = tvSubMsec(http->start, current_time);
664 if (request->user_ident[0])
665 http->al.cache.ident = request->user_ident;
666 else
667 http->al.cache.ident = conn->ident.ident;
668 if (request) {
669 Packer p;
670 MemBuf mb;
671 memBufDefInit(&mb);
672 packerToMemInit(&p, &mb);
673 httpHeaderPackInto(&request->header, &p);
674 http->al.http.method = request->method;
675 http->al.http.version = request->http_ver;
676 http->al.headers.request = xstrdup(mb.buf);
677 http->al.hier = request->hier;
678 packerClean(&p);
679 memBufClean(&mb);
680 }
681 accessLogLog(&http->al);
682 clientUpdateCounters(http);
683 clientdbUpdate(conn->peer.sin_addr, http->log_type, PROTO_HTTP, http->out.size);
684 }
685 if (http->acl_checklist)
686 aclChecklistFree(http->acl_checklist);
687 if (request)
688 checkFailureRatio(request->err_type, http->al.hier.code);
689 safe_free(http->uri);
690 safe_free(http->log_uri);
691 safe_free(http->al.headers.request);
692 safe_free(http->al.headers.reply);
693 safe_free(http->redirect.location);
694 stringClean(&http->range_iter.boundary);
695 if (entry) {
696 http->entry = NULL;
697 storeUnregister(entry, http);
698 storeUnlockObject(entry);
699 }
700 /* old_entry might still be set if we didn't yet get the reply
701 * code in clientHandleIMSReply() */
702 if (http->old_entry) {
703 storeUnregister(http->old_entry, http);
704 storeUnlockObject(http->old_entry);
705 http->old_entry = NULL;
706 }
707 requestUnlink(http->request);
708 assert(http != http->next);
709 assert(http->conn->chr != NULL);
710 H = &http->conn->chr;
711 while (*H) {
712 if (*H == http)
713 break;
714 H = &(*H)->next;
715 }
716 assert(*H != NULL);
717 *H = http->next;
718 http->next = NULL;
719 cbdataFree(http);
720 }
721
722 /* This is a handler normally called by comm_close() */
723 static void
724 connStateFree(int fd, void *data)
725 {
726 ConnStateData *connState = data;
727 clientHttpRequest *http;
728 debug(33, 3) ("connStateFree: FD %d\n", fd);
729 assert(connState != NULL);
730 while ((http = connState->chr) != NULL) {
731 assert(http->conn == connState);
732 assert(connState->chr != connState->chr->next);
733 httpRequestFree(http);
734 }
735 if (connState->ident.fd > -1)
736 comm_close(connState->ident.fd);
737 safe_free(connState->in.buf);
738 /* XXX account connState->in.buf */
739 pconnHistCount(0, connState->nrequests);
740 cbdataFree(connState);
741 #ifdef _SQUID_LINUX_
742 /* prevent those nasty RST packets */
743 {
744 char buf[SQUID_TCP_SO_RCVBUF];
745 while (read(fd, buf, SQUID_TCP_SO_RCVBUF) > 0);
746 }
747 #endif
748 }
749
750 static void
751 clientInterpretRequestHeaders(clientHttpRequest * http)
752 {
753 request_t *request = http->request;
754 const HttpHeader *req_hdr = &request->header;
755 #if USE_USERAGENT_LOG
756 const char *str;
757 #endif
758 request->imslen = -1;
759 request->ims = httpHeaderGetTime(req_hdr, HDR_IF_MODIFIED_SINCE);
760 if (request->ims > 0)
761 request->flags.ims = 1;
762 if (httpHeaderHas(req_hdr, HDR_PRAGMA)) {
763 String s = httpHeaderGetList(req_hdr, HDR_PRAGMA);
764 if (strListIsMember(&s, "no-cache", ',')) {
765 #if HTTP_VIOLATIONS
766 if (Config.onoff.reload_into_ims)
767 request->flags.nocache_hack = 1;
768 else if (refresh_nocache_hack)
769 request->flags.nocache_hack = 1;
770 else
771 #endif
772 request->flags.nocache = 1;
773 }
774 stringClean(&s);
775 }
776 /* ignore range header in non-GETs */
777 if (request->method == METHOD_GET) {
778 request->range = httpHeaderGetRange(req_hdr);
779 if (request->range)
780 request->flags.range = 1;
781 }
782 if (httpHeaderHas(req_hdr, HDR_AUTHORIZATION))
783 request->flags.auth = 1;
784 if (request->login[0] != '\0')
785 request->flags.auth = 1;
786 if (httpHeaderHas(req_hdr, HDR_VIA)) {
787 String s = httpHeaderGetList(req_hdr, HDR_VIA);
788 /* ThisCache cannot be a member of Via header, "1.0 ThisCache" can */
789 if (strListIsSubstr(&s, ThisCache, ',')) {
790 debugObj(33, 1, "WARNING: Forwarding loop detected for:\n",
791 request, (ObjPackMethod) & httpRequestPack);
792 request->flags.loopdetect = 1;
793 }
794 #if FORW_VIA_DB
795 fvdbCountVia(strBuf(s));
796 #endif
797 stringClean(&s);
798 }
799 #if USE_USERAGENT_LOG
800 if ((str = httpHeaderGetStr(req_hdr, HDR_USER_AGENT)))
801 logUserAgent(fqdnFromAddr(http->conn->peer.sin_addr), str);
802 #endif
803 #if FORW_VIA_DB
804 if (httpHeaderHas(req_hdr, HDR_X_FORWARDED_FOR)) {
805 String s = httpHeaderGetList(req_hdr, HDR_X_FORWARDED_FOR);
806 fvdbCountForw(strBuf(s));
807 stringClean(&s);
808 }
809 #endif
810 request->cache_control = httpHeaderGetCc(req_hdr);
811 if (request->method == METHOD_TRACE) {
812 request->max_forwards = httpHeaderGetInt(req_hdr, HDR_MAX_FORWARDS);
813 }
814 if (clientCachable(http))
815 request->flags.cachable = 1;
816 if (clientHierarchical(http))
817 request->flags.hierarchical = 1;
818 #if DELAY_POOLS
819 if (delayClient(http)) {
820 debug(33, 5) ("clientInterpretRequestHeaders: delay request class %d position %d\n",
821 request->delay_id >> 16,
822 request->delay_id & 0xFFFF);
823 }
824 #endif
825 debug(33, 5) ("clientInterpretRequestHeaders: REQ_NOCACHE = %s\n",
826 request->flags.nocache ? "SET" : "NOT SET");
827 debug(33, 5) ("clientInterpretRequestHeaders: REQ_CACHABLE = %s\n",
828 request->flags.cachable ? "SET" : "NOT SET");
829 debug(33, 5) ("clientInterpretRequestHeaders: REQ_HIERARCHICAL = %s\n",
830 request->flags.hierarchical ? "SET" : "NOT SET");
831 }
832
833 /*
834 * clientSetKeepaliveFlag() sets request->flags.proxy_keepalive.
835 * This is the client-side persistent connection flag. We need
836 * to set this relatively early in the request processing
837 * to handle hacks for broken servers and clients.
838 */
839 static void
840 clientSetKeepaliveFlag(clientHttpRequest * http)
841 {
842 request_t *request = http->request;
843 const HttpHeader *req_hdr = &request->header;
844 debug(33, 3) ("clientSetKeepaliveFlag: http_ver = %3.1f\n",
845 request->http_ver);
846 debug(33, 3) ("clientSetKeepaliveFlag: method = %s\n",
847 RequestMethodStr[request->method]);
848 if (httpMsgIsPersistent(request->http_ver, req_hdr))
849 request->flags.proxy_keepalive = 1;
850 if (request->method == METHOD_POST || request->method == METHOD_PUT)
851 if (!Config.onoff.persistent_client_posts)
852 request->flags.proxy_keepalive = 0;
853 }
854
855 static int
856 clientCheckContentLength(request_t * r)
857 {
858 /* We only require a content-length for "upload" methods */
859 if (!pumpMethod(r->method))
860 return 1;
861 if (httpHeaderGetInt(&r->header, HDR_CONTENT_LENGTH) < 0)
862 return 0;
863 return 1;
864 }
865
866 static int
867 clientCachable(clientHttpRequest * http)
868 {
869 const char *url = http->uri;
870 request_t *req = http->request;
871 method_t method = req->method;
872 aclCheck_t ch;
873 memset(&ch, '\0', sizeof(ch));
874 /*
875 * Hopefully, nobody really wants 'no_cache' by client's IP
876 * address, but if they do, this should work if they use IP
877 * addresses in their ACLs, or if the client's address is in
878 * the FQDN cache.
879 *
880 * This may not work yet for 'dst' and 'dst_domain' ACLs.
881 */
882 ch.src_addr = http->conn->peer.sin_addr;
883 ch.request = http->request;
884 /*
885 * aclCheckFast returns 1 for ALLOW and 0 for DENY. The default
886 * is ALLOW, so we require 'no_cache DENY foo' in squid.conf
887 * to indicate uncachable objects.
888 */
889 if (!aclCheckFast(Config.accessList.noCache, &ch))
890 return 0;
891 if (req->protocol == PROTO_HTTP)
892 return httpCachable(method);
893 /* FTP is always cachable */
894 if (req->protocol == PROTO_GOPHER)
895 return gopherCachable(url);
896 if (req->protocol == PROTO_WAIS)
897 return 0;
898 if (method == METHOD_CONNECT)
899 return 0;
900 if (method == METHOD_TRACE)
901 return 0;
902 if (req->protocol == PROTO_CACHEOBJ)
903 return 0;
904 return 1;
905 }
906
907 /* Return true if we can query our neighbors for this object */
908 static int
909 clientHierarchical(clientHttpRequest * http)
910 {
911 const char *url = http->uri;
912 request_t *request = http->request;
913 method_t method = request->method;
914 const wordlist *p = NULL;
915
916 /* IMS needs a private key, so we can use the hierarchy for IMS only
917 * if our neighbors support private keys */
918 if (request->flags.ims && !neighbors_do_private_keys)
919 return 0;
920 if (request->flags.auth)
921 return 0;
922 if (method == METHOD_TRACE)
923 return 1;
924 if (method != METHOD_GET)
925 return 0;
926 /* scan hierarchy_stoplist */
927 for (p = Config.hierarchy_stoplist; p; p = p->next)
928 if (strstr(url, p->key))
929 return 0;
930 if (request->flags.loopdetect)
931 return 0;
932 if (request->protocol == PROTO_HTTP)
933 return httpCachable(method);
934 if (request->protocol == PROTO_GOPHER)
935 return gopherCachable(url);
936 if (request->protocol == PROTO_WAIS)
937 return 0;
938 if (request->protocol == PROTO_CACHEOBJ)
939 return 0;
940 return 1;
941 }
942
943 int
944 isTcpHit(log_type code)
945 {
946 /* this should be a bitmap for better optimization */
947 if (code == LOG_TCP_HIT)
948 return 1;
949 if (code == LOG_TCP_IMS_HIT)
950 return 1;
951 if (code == LOG_TCP_REFRESH_FAIL_HIT)
952 return 1;
953 if (code == LOG_TCP_REFRESH_HIT)
954 return 1;
955 if (code == LOG_TCP_NEGATIVE_HIT)
956 return 1;
957 if (code == LOG_TCP_MEM_HIT)
958 return 1;
959 if (code == LOG_TCP_OFFLINE_HIT)
960 return 1;
961 return 0;
962 }
963
964 /*
965 * returns true if If-Range specs match reply, false otherwise
966 */
967 static int
968 clientIfRangeMatch(clientHttpRequest * http, HttpReply * rep)
969 {
970 const TimeOrTag spec = httpHeaderGetTimeOrTag(&http->request->header, HDR_IF_RANGE);
971 /* check for parsing falure */
972 if (!spec.valid)
973 return 0;
974 /* got an ETag? */
975 if (spec.tag.str) {
976 ETag rep_tag = httpHeaderGetETag(&rep->header, HDR_ETAG);
977 debug(33, 3) ("clientIfRangeMatch: ETags: %s and %s\n",
978 spec.tag.str, rep_tag.str ? rep_tag.str : "<none>");
979 if (!rep_tag.str)
980 return 0; /* entity has no etag to compare with! */
981 if (spec.tag.weak || rep_tag.weak) {
982 debug(33, 1) ("clientIfRangeMatch: Weak ETags are not allowed in If-Range: %s ? %s\n",
983 spec.tag.str, rep_tag.str);
984 return 0; /* must use strong validator for sub-range requests */
985 }
986 return etagIsEqual(&rep_tag, &spec.tag);
987 }
988 /* got modification time? */
989 if (spec.time >= 0) {
990 return http->entry->lastmod <= spec.time;
991 }
992 assert(0); /* should not happen */
993 return 0;
994 }
995
996 /* adds appropriate Range headers if needed */
997 static void
998 clientBuildRangeHeader(clientHttpRequest * http, HttpReply * rep)
999 {
1000 HttpHeader *hdr = rep ? &rep->header : 0;
1001 const char *range_err = NULL;
1002 assert(http->request->range);
1003 /* check if we still want to do ranges */
1004 if (!rep)
1005 range_err = "no [parse-able] reply";
1006 else if (rep->sline.status != HTTP_OK)
1007 range_err = "wrong status code";
1008 else if (httpHeaderHas(hdr, HDR_CONTENT_RANGE))
1009 range_err = "origin server does ranges";
1010 else if (rep->content_length < 0)
1011 range_err = "unknown length";
1012 else if (rep->content_length != http->entry->mem_obj->reply->content_length)
1013 range_err = "INCONSISTENT length"; /* a bug? */
1014 else if (httpHeaderHas(&http->request->header, HDR_IF_RANGE) && !clientIfRangeMatch(http, rep))
1015 range_err = "If-Range match failed";
1016 else if (!httpHdrRangeCanonize(http->request->range, rep->content_length))
1017 range_err = "canonization failed";
1018 else if (httpHdrRangeIsComplex(http->request->range))
1019 range_err = "too complex range header";
1020 /* get rid of our range specs on error */
1021 if (range_err) {
1022 debug(33, 2) ("clientBuildRangeHeader: will not do ranges: %s.\n", range_err);
1023 httpHdrRangeDestroy(http->request->range);
1024 http->request->range = NULL;
1025 } else {
1026 const int spec_count = http->request->range->specs.count;
1027 debug(33, 2) ("clientBuildRangeHeader: range spec count: %d clen: %d\n",
1028 spec_count, rep->content_length);
1029 assert(spec_count > 0);
1030 /* ETags should not be returned with Partial Content replies? */
1031 httpHeaderDelById(hdr, HDR_ETAG);
1032 /* append appropriate header(s) */
1033 if (spec_count == 1) {
1034 HttpHdrRangePos pos = HttpHdrRangeInitPos;
1035 const HttpHdrRangeSpec *spec = httpHdrRangeGetSpec(http->request->range, &pos);
1036 assert(spec);
1037 /* append Content-Range */
1038 httpHeaderAddContRange(hdr, *spec, rep->content_length);
1039 /* set new Content-Length to the actual number of OCTETs
1040 * transmitted in the message-body */
1041 httpHeaderDelById(hdr, HDR_CONTENT_LENGTH);
1042 httpHeaderPutInt(hdr, HDR_CONTENT_LENGTH, spec->length);
1043 debug(33, 2) ("clientBuildRangeHeader: actual content length: %d\n", spec->length);
1044 } else {
1045 /* multipart! */
1046 /* generate boundary string */
1047 http->range_iter.boundary = httpHdrRangeBoundaryStr(http);
1048 /* delete old Content-Type, add ours */
1049 httpHeaderDelById(hdr, HDR_CONTENT_TYPE);
1050 httpHeaderPutStrf(hdr, HDR_CONTENT_TYPE,
1051 "multipart/byteranges; boundary=\"%s\"",
1052 strBuf(http->range_iter.boundary));
1053 /* no need for Content-Length in multipart responses */
1054 /* but we must delete the original one if we cannot (yet)
1055 * calculate the actual length */
1056 httpHeaderDelById(hdr, HDR_CONTENT_LENGTH);
1057 }
1058 }
1059 }
1060
1061 /* filters out unwanted entries from original reply header
1062 * adds extra entries if we have more info than origin server
1063 * adds Squid specific entries */
1064 static void
1065 clientBuildReplyHeader(clientHttpRequest * http, HttpReply * rep)
1066 {
1067 HttpHeader *hdr = &rep->header;
1068 int is_hit = isTcpHit(http->log_type);
1069 request_t *request = http->request;
1070 #if DONT_FILTER_THESE
1071 /* but you might want to if you run Squid as an HTTP accelerator */
1072 /* httpHeaderDelById(hdr, HDR_ACCEPT_RANGES); */
1073 httpHeaderDelById(hdr, HDR_ETAG);
1074 #endif
1075 httpHeaderDelById(hdr, HDR_PROXY_CONNECTION);
1076 /* here: Keep-Alive is a field-name, not a connection directive! */
1077 httpHeaderDelByName(hdr, "Keep-Alive");
1078 /* remove Set-Cookie if a hit */
1079 if (is_hit)
1080 httpHeaderDelById(hdr, HDR_SET_COOKIE);
1081 /* handle Connection header */
1082 if (httpHeaderHas(hdr, HDR_CONNECTION)) {
1083 /* anything that matches Connection list member will be deleted */
1084 String strConnection = httpHeaderGetList(hdr, HDR_CONNECTION);
1085 const HttpHeaderEntry *e;
1086 HttpHeaderPos pos = HttpHeaderInitPos;
1087 /*
1088 * think: on-average-best nesting of the two loops (hdrEntry
1089 * and strListItem) @?@
1090 */
1091 /*
1092 * maybe we should delete standard stuff ("keep-alive","close")
1093 * from strConnection first?
1094 */
1095 while ((e = httpHeaderGetEntry(hdr, &pos))) {
1096 if (strListIsMember(&strConnection, strBuf(e->name), ','))
1097 httpHeaderDelAt(hdr, pos);
1098 }
1099 httpHeaderDelById(hdr, HDR_CONNECTION);
1100 stringClean(&strConnection);
1101 }
1102 /* Handle Ranges */
1103 if (request->range)
1104 clientBuildRangeHeader(http, rep);
1105 /*
1106 * Add Age header, not that our header must replace Age headers
1107 * from other caches if any
1108 */
1109 if (http->entry->timestamp > 0) {
1110 httpHeaderDelById(hdr, HDR_AGE);
1111 /*
1112 * we do not follow HTTP/1.1 precisely here becuase we rely
1113 * on Date header when computing entry->timestamp; we should
1114 * be using _request_ time if Date header is not available
1115 * or if it is out of sync
1116 */
1117 httpHeaderPutInt(hdr, HDR_AGE,
1118 http->entry->timestamp <= squid_curtime ?
1119 squid_curtime - http->entry->timestamp : 0);
1120 }
1121 /* Append X-Cache */
1122 httpHeaderPutStrf(hdr, HDR_X_CACHE, "%s from %s",
1123 is_hit ? "HIT" : "MISS", getMyHostname());
1124 #if USE_CACHE_DIGESTS
1125 /* Append X-Cache-Lookup: -- temporary hack, to be removed @?@ @?@ */
1126 httpHeaderPutStrf(hdr, HDR_X_CACHE_LOOKUP, "%s from %s:%d",
1127 http->lookup_type ? http->lookup_type : "NONE",
1128 getMyHostname(), Config.Port.http->i);
1129 #endif
1130 /*
1131 * Clear keepalive for NON-HEAD requests with invalid content length
1132 */
1133 if (request->method != METHOD_HEAD)
1134 if (http->entry->mem_obj->reply->content_length < 0)
1135 request->flags.proxy_keepalive = 0;
1136 /* Signal keep-alive if needed */
1137 httpHeaderPutStr(hdr,
1138 http->flags.accel ? HDR_CONNECTION : HDR_PROXY_CONNECTION,
1139 request->flags.proxy_keepalive ? "keep-alive" : "close");
1140 #if ADD_X_REQUEST_URI
1141 /*
1142 * Knowing the URI of the request is useful when debugging persistent
1143 * connections in a client; we cannot guarantee the order of http headers,
1144 * but X-Request-URI is likely to be the very last header to ease use from a
1145 * debugger [hdr->entries.count-1].
1146 */
1147 httpHeaderPutStr(hdr, HDR_X_REQUEST_URI,
1148 http->entry->mem_obj->url ? http->entry->mem_obj->url : http->uri);
1149 #endif
1150 }
1151
1152 static HttpReply *
1153 clientBuildReply(clientHttpRequest * http, const char *buf, size_t size)
1154 {
1155 HttpReply *rep = httpReplyCreate();
1156 if (httpReplyParse(rep, buf)) {
1157 /* enforce 1.0 reply version */
1158 rep->sline.version = 1.0;
1159 /* do header conversions */
1160 clientBuildReplyHeader(http, rep);
1161 /* if we do ranges, change status to "Partial Content" */
1162 if (http->request->range)
1163 httpStatusLineSet(&rep->sline, rep->sline.version, HTTP_PARTIAL_CONTENT, NULL);
1164 } else {
1165 /* parsing failure, get rid of the invalid reply */
1166 httpReplyDestroy(rep);
1167 rep = NULL;
1168 /* if we were going to do ranges, backoff */
1169 if (http->request->range)
1170 clientBuildRangeHeader(http, rep); /* will fail and destroy request->range */
1171 }
1172 return rep;
1173 }
1174
1175 /*
1176 * clientCacheHit should only be called until the HTTP reply headers
1177 * have been parsed. Normally this should be a single call, but
1178 * it might take more than one. As soon as we have the headers,
1179 * we hand off to clientSendMoreData, clientProcessExpired, or
1180 * clientProcessMiss.
1181 */
1182 static void
1183 clientCacheHit(void *data, char *buf, ssize_t size)
1184 {
1185 clientHttpRequest *http = data;
1186 StoreEntry *e = http->entry;
1187 MemObject *mem;
1188 request_t *r = http->request;
1189 debug(33, 3) ("clientCacheHit: %s, %d bytes\n", http->uri, (int) size);
1190 if (http->entry == NULL) {
1191 memFree(MEM_CLIENT_SOCK_BUF, buf);
1192 debug(33, 3) ("clientCacheHit: request aborted\n");
1193 return;
1194 } else if (size < 0) {
1195 /* swap in failure */
1196 memFree(MEM_CLIENT_SOCK_BUF, buf);
1197 debug(33, 3) ("clientCacheHit: swapin failure for %s\n", http->uri);
1198 http->log_type = LOG_TCP_SWAPFAIL_MISS;
1199 if ((e = http->entry)) {
1200 http->entry = NULL;
1201 storeUnregister(e, http);
1202 storeUnlockObject(e);
1203 }
1204 clientProcessMiss(http);
1205 return;
1206 }
1207 assert(size > 0);
1208 mem = e->mem_obj;
1209 assert(e->store_status != STORE_ABORTED);
1210 if (mem->reply->sline.status == 0) {
1211 /*
1212 * we don't have full reply headers yet; either wait for more or
1213 * punt to clientProcessMiss.
1214 */
1215 if (e->mem_status == IN_MEMORY || e->store_status == STORE_OK) {
1216 memFree(MEM_CLIENT_SOCK_BUF, buf);
1217 clientProcessMiss(http);
1218 } else if (size == CLIENT_SOCK_SZ && http->out.offset == 0) {
1219 memFree(MEM_CLIENT_SOCK_BUF, buf);
1220 clientProcessMiss(http);
1221 } else {
1222 debug(33, 3) ("clientCacheHit: waiting for HTTP reply headers\n");
1223 storeClientCopy(e,
1224 http->out.offset + size,
1225 http->out.offset,
1226 CLIENT_SOCK_SZ,
1227 buf,
1228 clientCacheHit,
1229 http);
1230 }
1231 return;
1232 }
1233 /*
1234 * Got the headers, now grok them
1235 */
1236 assert(http->log_type == LOG_TCP_HIT);
1237 if (checkNegativeHit(e)) {
1238 http->log_type = LOG_TCP_NEGATIVE_HIT;
1239 clientSendMoreData(data, buf, size);
1240 } else if (r->method == METHOD_HEAD) {
1241 /*
1242 * RFC 2068 seems to indicate there is no "conditional HEAD"
1243 * request. We cannot validate a cached object for a HEAD
1244 * request, nor can we return 304.
1245 */
1246 if (e->mem_status == IN_MEMORY)
1247 http->log_type = LOG_TCP_MEM_HIT;
1248 clientSendMoreData(data, buf, size);
1249 } else if (refreshCheckHTTP(e, r) && !http->flags.internal) {
1250 debug(33, 5) ("clientCacheHit: in refreshCheck() block\n");
1251 /*
1252 * We hold a stale copy; it needs to be validated
1253 */
1254 /*
1255 * The 'need_validation' flag is used to prevent forwarding
1256 * loops between siblings. If our copy of the object is stale,
1257 * then we should probably only use parents for the validation
1258 * request. Otherwise two siblings could generate a loop if
1259 * both have a stale version of the object.
1260 */
1261 r->flags.need_validation = 1;
1262 if (e->lastmod < 0) {
1263 /*
1264 * Previous reply didn't have a Last-Modified header,
1265 * we cannot revalidate it.
1266 */
1267 http->log_type = LOG_TCP_MISS;
1268 clientProcessMiss(http);
1269 } else if (r->flags.nocache) {
1270 /*
1271 * This did not match a refresh pattern that overrides no-cache
1272 * we should honour the client no-cache header.
1273 */
1274 http->log_type = LOG_TCP_CLIENT_REFRESH_MISS;
1275 clientProcessMiss(http);
1276 } else if (r->protocol == PROTO_HTTP) {
1277 /*
1278 * Object needs to be revalidated
1279 * XXX This could apply to FTP as well, if Last-Modified is known.
1280 */
1281 http->log_type = LOG_TCP_REFRESH_MISS;
1282 clientProcessExpired(http);
1283 } else {
1284 /*
1285 * We don't know how to re-validate other protocols. Handle
1286 * them as if the object has expired.
1287 */
1288 http->log_type = LOG_TCP_MISS;
1289 clientProcessMiss(http);
1290 }
1291 memFree(MEM_CLIENT_SOCK_BUF, buf);
1292 } else if (r->flags.ims) {
1293 /*
1294 * Handle If-Modified-Since requests from the client
1295 */
1296 if (mem->reply->sline.status != HTTP_OK) {
1297 debug(33, 4) ("clientCacheHit: Reply code %d != 200\n",
1298 mem->reply->sline.status);
1299 memFree(MEM_CLIENT_SOCK_BUF, buf);
1300 clientProcessMiss(http);
1301 } else if (modifiedSince(e, http->request)) {
1302 http->log_type = LOG_TCP_IMS_HIT;
1303 clientSendMoreData(data, buf, size);
1304 } else {
1305 MemBuf mb = httpPacked304Reply(e->mem_obj->reply);
1306 http->log_type = LOG_TCP_IMS_HIT;
1307 memFree(MEM_CLIENT_SOCK_BUF, buf);
1308 storeUnregister(e, http);
1309 storeUnlockObject(e);
1310 e = clientCreateStoreEntry(http, http->request->method, null_request_flags);
1311 http->entry = e;
1312 httpReplyParse(e->mem_obj->reply, mb.buf);
1313 storeAppend(e, mb.buf, mb.size);
1314 memBufClean(&mb);
1315 storeComplete(e);
1316 }
1317 } else {
1318 /*
1319 * plain ol' cache hit
1320 */
1321 if (e->mem_status == IN_MEMORY)
1322 http->log_type = LOG_TCP_MEM_HIT;
1323 else if (Config.onoff.offline)
1324 http->log_type = LOG_TCP_OFFLINE_HIT;
1325 clientSendMoreData(data, buf, size);
1326 }
1327 }
1328
1329
1330 /* extracts a "range" from *buf and appends them to mb, updating all offsets and such */
1331 static void
1332 clientPackRange(clientHttpRequest * http, HttpHdrRangeIter * i, const char **buf, ssize_t * size, MemBuf * mb)
1333 {
1334 const size_t copy_sz = i->debt_size <= *size ? i->debt_size : *size;
1335 off_t body_off = http->out.offset - i->prefix_size;
1336 assert(*size > 0);
1337 assert(i->spec);
1338 /* intersection of "have" and "need" ranges must not be empty */
1339 assert(body_off < i->spec->offset + i->spec->length);
1340 assert(body_off + *size > i->spec->offset);
1341 /* put boundary and headers at the beginning of range in a multi-range */
1342 if (http->request->range->specs.count > 1 && i->debt_size == i->spec->length) {
1343 HttpReply *rep = http->entry->mem_obj ? /* original reply */
1344 http->entry->mem_obj->reply : NULL;
1345 HttpHeader hdr;
1346 Packer p;
1347 assert(rep);
1348 /* put boundary */
1349 debug(33, 5) ("clientPackRange: appending boundary: %s\n", strBuf(i->boundary));
1350 /* rfc2046 requires to _prepend_ boundary with <crlf>! */
1351 memBufPrintf(mb, "\r\n--%s\r\n", strBuf(i->boundary));
1352 httpHeaderInit(&hdr, hoReply);
1353 if (httpHeaderHas(&rep->header, HDR_CONTENT_TYPE))
1354 httpHeaderPutStr(&hdr, HDR_CONTENT_TYPE, httpHeaderGetStr(&rep->header, HDR_CONTENT_TYPE));
1355 httpHeaderAddContRange(&hdr, *i->spec, rep->content_length);
1356 packerToMemInit(&p, mb);
1357 httpHeaderPackInto(&hdr, &p);
1358 packerClean(&p);
1359 httpHeaderClean(&hdr);
1360 /* append <crlf> (we packed a header, not a reply */
1361 memBufPrintf(mb, "\r\n");
1362 }
1363 /* append */
1364 debug(33, 3) ("clientPackRange: appending %d bytes\n", copy_sz);
1365 memBufAppend(mb, *buf, copy_sz);
1366 /* update offsets */
1367 *size -= copy_sz;
1368 i->debt_size -= copy_sz;
1369 body_off += copy_sz;
1370 *buf += copy_sz;
1371 http->out.offset = body_off + i->prefix_size; /* sync */
1372 /* paranoid check */
1373 assert(*size >= 0 && i->debt_size >= 0);
1374 }
1375
1376 /* returns true if there is still data available to pack more ranges
1377 * increments iterator "i"
1378 * used by clientPackMoreRanges */
1379 static int
1380 clientCanPackMoreRanges(const clientHttpRequest * http, HttpHdrRangeIter * i, ssize_t size)
1381 {
1382 /* first update "i" if needed */
1383 if (!i->debt_size) {
1384 if ((i->spec = httpHdrRangeGetSpec(http->request->range, &i->pos)))
1385 i->debt_size = i->spec->length;
1386 }
1387 assert(!i->debt_size == !i->spec); /* paranoid sync condition */
1388 /* continue condition: need_more_data && have_more_data */
1389 return i->spec && size > 0;
1390 }
1391
1392 /* extracts "ranges" from buf and appends them to mb, updating all offsets and such */
1393 /* returns true if we need more data */
1394 static int
1395 clientPackMoreRanges(clientHttpRequest * http, const char *buf, ssize_t size, MemBuf * mb)
1396 {
1397 HttpHdrRangeIter *i = &http->range_iter;
1398 /* offset in range specs does not count the prefix of an http msg */
1399 off_t body_off = http->out.offset - i->prefix_size;
1400 assert(size >= 0);
1401 /* check: reply was parsed and range iterator was initialized */
1402 assert(i->prefix_size > 0);
1403 /* filter out data according to range specs */
1404 /* note: order of loop conditions is significant! */
1405 while (clientCanPackMoreRanges(http, i, size)) {
1406 off_t start; /* offset of still missing data */
1407 assert(i->spec);
1408 start = i->spec->offset + i->spec->length - i->debt_size;
1409 debug(33, 2) ("clientPackMoreRanges: in: offset: %d size: %d\n",
1410 (int) body_off, size);
1411 debug(33, 2) ("clientPackMoreRanges: out: start: %d spec[%d]: [%d, %d), len: %d debt: %d\n",
1412 (int) start, (int) i->pos, i->spec->offset, (int) (i->spec->offset + i->spec->length), i->spec->length, i->debt_size);
1413 assert(body_off <= start); /* we did not miss it */
1414 /* skip up to start */
1415 if (body_off + size > start) {
1416 const size_t skip_size = start - body_off;
1417 body_off = start;
1418 size -= skip_size;
1419 buf += skip_size;
1420 } else {
1421 /* has not reached start yet */
1422 body_off += size;
1423 size = 0;
1424 buf = NULL;
1425 }
1426 /* put next chunk if any */
1427 if (size) {
1428 http->out.offset = body_off + i->prefix_size; /* sync */
1429 clientPackRange(http, i, &buf, &size, mb);
1430 body_off = http->out.offset - i->prefix_size; /* sync */
1431 }
1432 }
1433 assert(!i->debt_size == !i->spec); /* paranoid sync condition */
1434 debug(33, 2) ("clientPackMoreRanges: buf exhausted: in: offset: %d size: %d need_more: %d\n",
1435 (int) body_off, size, i->debt_size);
1436 if (i->debt_size) {
1437 debug(33, 2) ("clientPackMoreRanges: need more: spec[%d]: [%d, %d), len: %d\n",
1438 (int) i->pos, i->spec->offset, (int) (i->spec->offset + i->spec->length), i->spec->length);
1439 /* skip the data we do not need if possible */
1440 if (i->debt_size == i->spec->length) /* at the start of the cur. spec */
1441 body_off = i->spec->offset;
1442 else
1443 assert(body_off == i->spec->offset + i->spec->length - i->debt_size);
1444 } else if (http->request->range->specs.count > 1) {
1445 /* put terminating boundary for multiparts */
1446 memBufPrintf(mb, "\r\n--%s--\r\n", strBuf(i->boundary));
1447 }
1448 http->out.offset = body_off + i->prefix_size; /* sync */
1449 return i->debt_size > 0;
1450 }
1451
1452 /*
1453 * accepts chunk of a http message in buf, parses prefix, filters headers and
1454 * such, writes processed message to the client's socket
1455 */
1456 static void
1457 clientSendMoreData(void *data, char *buf, ssize_t size)
1458 {
1459 clientHttpRequest *http = data;
1460 StoreEntry *entry = http->entry;
1461 ConnStateData *conn = http->conn;
1462 int fd = conn->fd;
1463 HttpReply *rep = NULL;
1464 const char *body_buf = buf;
1465 ssize_t body_size = size;
1466 MemBuf mb;
1467 ssize_t check_size = 0;
1468 debug(33, 5) ("clientSendMoreData: %s, %d bytes\n", http->uri, (int) size);
1469 assert(size <= CLIENT_SOCK_SZ);
1470 assert(http->request != NULL);
1471 debug(33, 5) ("clientSendMoreData: FD %d '%s', out.offset=%d \n",
1472 fd, storeUrl(entry), (int) http->out.offset);
1473 if (conn->chr != http) {
1474 /* there is another object in progress, defer this one */
1475 debug(33, 1) ("clientSendMoreData: Deferring %s\n", storeUrl(entry));
1476 memFree(MEM_CLIENT_SOCK_BUF, buf);
1477 return;
1478 } else if (entry && entry->store_status == STORE_ABORTED) {
1479 /* call clientWriteComplete so the client socket gets closed */
1480 clientWriteComplete(fd, NULL, 0, COMM_OK, http);
1481 memFree(MEM_CLIENT_SOCK_BUF, buf);
1482 return;
1483 } else if (size < 0) {
1484 /* call clientWriteComplete so the client socket gets closed */
1485 clientWriteComplete(fd, NULL, 0, COMM_OK, http);
1486 memFree(MEM_CLIENT_SOCK_BUF, buf);
1487 return;
1488 } else if (size == 0) {
1489 /* call clientWriteComplete so the client socket gets closed */
1490 clientWriteComplete(fd, NULL, 0, COMM_OK, http);
1491 memFree(MEM_CLIENT_SOCK_BUF, buf);
1492 return;
1493 }
1494 if (http->out.offset == 0) {
1495 if (Config.onoff.log_mime_hdrs) {
1496 size_t k;
1497 if ((k = headersEnd(buf, size))) {
1498 safe_free(http->al.headers.reply);
1499 http->al.headers.reply = xcalloc(k + 1, 1);
1500 xstrncpy(http->al.headers.reply, buf, k);
1501 }
1502 }
1503 rep = clientBuildReply(http, buf, size);
1504 if (rep) {
1505 body_size = size - rep->hdr_sz;
1506 assert(body_size >= 0);
1507 body_buf = buf + rep->hdr_sz;
1508 http->range_iter.prefix_size = rep->hdr_sz;
1509 debug(33, 3) ("clientSendMoreData: Appending %d bytes after %d bytes of headers\n",
1510 body_size, rep->hdr_sz);
1511 } else if (size < CLIENT_SOCK_SZ && entry->store_status == STORE_PENDING) {
1512 /* wait for more to arrive */
1513 storeClientCopy(entry,
1514 http->out.offset + size,
1515 http->out.offset,
1516 CLIENT_SOCK_SZ,
1517 buf,
1518 clientSendMoreData,
1519 http);
1520 return;
1521 }
1522 /* reset range iterator */
1523 http->range_iter.pos = HttpHdrRangeInitPos;
1524 }
1525 if (http->request->method == METHOD_HEAD) {
1526 if (rep) {
1527 /* do not forward body for HEAD replies */
1528 body_size = 0;
1529 http->flags.done_copying = 1;
1530 } else {
1531 /*
1532 * If we are here, then store_status == STORE_OK and it
1533 * seems we have a HEAD repsponse which is missing the
1534 * empty end-of-headers line (home.mira.net, phttpd/0.99.72
1535 * does this). Because clientBuildReply() fails we just
1536 * call this reply a body, set the done_copying flag and
1537 * continue...
1538 */
1539 http->flags.done_copying = 1;
1540 }
1541 }
1542 /* write headers and/or body if any */
1543 assert(rep || (body_buf && body_size));
1544 /* init mb; put status line and headers if any */
1545 if (rep) {
1546 mb = httpReplyPack(rep);
1547 http->out.offset += rep->hdr_sz;
1548 check_size += rep->hdr_sz;
1549 httpReplyDestroy(rep);
1550 rep = NULL;
1551 } else {
1552 /* leave space for growth incase we do ranges */
1553 memBufInit(&mb, CLIENT_SOCK_SZ, 2 * CLIENT_SOCK_SZ);
1554 }
1555 /* append body if any */
1556 if (body_buf && body_size) {
1557 if (http->request->range) {
1558 /* Only GET requests should have ranges */
1559 assert(http->request->method == METHOD_GET);
1560 /* clientPackMoreRanges() updates http->out.offset */
1561 /* force the end of the transfer if we are done */
1562 if (!clientPackMoreRanges(http, body_buf, body_size, &mb))
1563 http->flags.done_copying = 1;
1564 } else {
1565 http->out.offset += body_size;
1566 check_size += body_size;
1567 memBufAppend(&mb, body_buf, body_size);
1568 }
1569 }
1570 if (!http->request->range && http->request->method == METHOD_GET)
1571 assert(check_size == size);
1572 /* write */
1573 comm_write_mbuf(fd, mb, clientWriteComplete, http);
1574 /* if we don't do it, who will? */
1575 memFree(MEM_CLIENT_SOCK_BUF, buf);
1576 }
1577
1578 static void
1579 clientKeepaliveNextRequest(clientHttpRequest * http)
1580 {
1581 ConnStateData *conn = http->conn;
1582 StoreEntry *entry;
1583 debug(33, 3) ("clientKeepaliveNextRequest: FD %d\n", conn->fd);
1584 conn->defer.until = 0; /* Kick it to read a new request */
1585 httpRequestFree(http);
1586 if ((http = conn->chr) == NULL) {
1587 debug(33, 5) ("clientKeepaliveNextRequest: FD %d reading next req\n",
1588 conn->fd);
1589 fd_note(conn->fd, "Reading next request");
1590 /*
1591 * Set the timeout BEFORE calling clientReadRequest().
1592 */
1593 commSetTimeout(conn->fd, 15, requestTimeout, conn);
1594 clientReadRequest(conn->fd, conn); /* Read next request */
1595 /*
1596 * Note, the FD may be closed at this point.
1597 */
1598 } else if ((entry = http->entry) == NULL) {
1599 /*
1600 * this request is in progress, maybe doing an ACL or a redirect,
1601 * execution will resume after the operation completes.
1602 */
1603 } else {
1604 debug(33, 1) ("clientKeepaliveNextRequest: FD %d Sending next\n",
1605 conn->fd);
1606 assert(entry);
1607 if (0 == storeClientCopyPending(entry, http)) {
1608 if (entry->store_status == STORE_ABORTED)
1609 debug(33, 0) ("clientKeepaliveNextRequest: entry->swap_status == STORE_ABORTED\n");
1610 storeClientCopy(entry,
1611 http->out.offset,
1612 http->out.offset,
1613 CLIENT_SOCK_SZ,
1614 memAllocate(MEM_CLIENT_SOCK_BUF),
1615 clientSendMoreData,
1616 http);
1617 }
1618 }
1619 }
1620
1621 static void
1622 clientWriteComplete(int fd, char *bufnotused, size_t size, int errflag, void *data)
1623 {
1624 clientHttpRequest *http = data;
1625 StoreEntry *entry = http->entry;
1626 int done;
1627 http->out.size += size;
1628 debug(33, 5) ("clientWriteComplete: FD %d, sz %d, err %d, off %d, len %d\n",
1629 fd, size, errflag, (int) http->out.offset, entry ? objectLen(entry) : 0);
1630 if (size > 0) {
1631 kb_incr(&Counter.client_http.kbytes_out, size);
1632 if (isTcpHit(http->log_type))
1633 kb_incr(&Counter.client_http.hit_kbytes_out, size);
1634 }
1635 if (errflag) {
1636 /*
1637 * just close the socket, httpRequestFree will abort if needed
1638 */
1639 comm_close(fd);
1640 } else if (NULL == entry) {
1641 comm_close(fd); /* yuk */
1642 } else if (entry->store_status == STORE_ABORTED) {
1643 comm_close(fd);
1644 } else if ((done = clientCheckTransferDone(http)) != 0 || size == 0) {
1645 debug(33, 5) ("clientWriteComplete: FD %d transfer is DONE\n", fd);
1646 /* We're finished case */
1647 if (http->entry->mem_obj->reply->content_length < 0) {
1648 debug(33, 5) ("clientWriteComplete: closing, content_length < 0\n");
1649 comm_close(fd);
1650 } else if (!done) {
1651 debug(33, 5) ("clientWriteComplete: closing, !done\n");
1652 comm_close(fd);
1653 } else if (clientGotNotEnough(http)) {
1654 debug(33, 5) ("clientWriteComplete: client didn't get all it expected\n");
1655 comm_close(fd);
1656 } else if (http->request->flags.proxy_keepalive) {
1657 debug(33, 5) ("clientWriteComplete: FD %d Keeping Alive\n", fd);
1658 clientKeepaliveNextRequest(http);
1659 } else {
1660 comm_close(fd);
1661 }
1662 } else {
1663 /* More data will be coming from primary server; register with
1664 * storage manager. */
1665 if (entry->store_status == STORE_ABORTED)
1666 debug(33, 0) ("clientWriteComplete 2: entry->swap_status == STORE_ABORTED\n");
1667 storeClientCopy(entry,
1668 http->out.offset,
1669 http->out.offset,
1670 CLIENT_SOCK_SZ,
1671 memAllocate(MEM_CLIENT_SOCK_BUF),
1672 clientSendMoreData,
1673 http);
1674 }
1675 }
1676
1677 /*
1678 * client issued a request with an only-if-cached cache-control directive;
1679 * we did not find a cached object that can be returned without
1680 * contacting other servers;
1681 * respond with a 504 (Gateway Timeout) as suggested in [RFC 2068]
1682 */
1683 static void
1684 clientProcessOnlyIfCachedMiss(clientHttpRequest * http)
1685 {
1686 char *url = http->uri;
1687 request_t *r = http->request;
1688 ErrorState *err = NULL;
1689 debug(33, 4) ("clientProcessOnlyIfCachedMiss: '%s %s'\n",
1690 RequestMethodStr[r->method], url);
1691 http->al.http.code = HTTP_GATEWAY_TIMEOUT;
1692 err = errorCon(ERR_ONLY_IF_CACHED_MISS, HTTP_GATEWAY_TIMEOUT);
1693 err->request = requestLink(r);
1694 err->src_addr = http->conn->peer.sin_addr;
1695 http->entry = clientCreateStoreEntry(http, r->method, null_request_flags);
1696 errorAppendEntry(http->entry, err);
1697 }
1698
1699 static log_type
1700 clientProcessRequest2(clientHttpRequest * http)
1701 {
1702 request_t *r = http->request;
1703 StoreEntry *e;
1704 e = http->entry = storeGetPublic(http->uri, r->method);
1705 if (r->method == METHOD_HEAD && e == NULL) {
1706 /* We can generate a HEAD reply from a cached GET object */
1707 e = http->entry = storeGetPublic(http->uri, METHOD_GET);
1708 }
1709 #if USE_CACHE_DIGESTS
1710 http->lookup_type = e ? "HIT" : "MISS";
1711 #endif
1712 if (NULL == e) {
1713 /* this object isn't in the cache */
1714 debug(33, 3) ("clientProcessRequest2: storeGet() MISS\n");
1715 return LOG_TCP_MISS;
1716 }
1717 if (Config.onoff.offline) {
1718 debug(33, 3) ("clientProcessRequest2: offline HIT\n");
1719 http->entry = e;
1720 return LOG_TCP_HIT;
1721 }
1722 if (!storeEntryValidToSend(e)) {
1723 debug(33, 3) ("clientProcessRequest2: !storeEntryValidToSend MISS\n");
1724 http->entry = NULL;
1725 return LOG_TCP_MISS;
1726 }
1727 if (EBIT_TEST(e->flags, ENTRY_SPECIAL)) {
1728 /* Special entries are always hits, no matter what the client says */
1729 debug(33, 3) ("clientProcessRequest2: ENTRY_SPECIAL HIT\n");
1730 http->entry = e;
1731 return LOG_TCP_HIT;
1732 }
1733 #if HTTP_VIOLATIONS
1734 if (r->flags.nocache_hack) {
1735 /* if nocache_hack is set, nocache should always be clear, right? */
1736 assert(!r->flags.nocache);
1737 ipcacheReleaseInvalid(r->host);
1738 /* continue! */
1739 }
1740 if (e->store_status == STORE_PENDING) {
1741 if (r->flags.nocache || r->flags.nocache_hack) {
1742 debug(33, 3) ("Clearing no-cache for STORE_PENDING request\n\t%s\n",
1743 storeUrl(e));
1744 r->flags.nocache = 0;
1745 r->flags.nocache_hack = 0;
1746 }
1747 }
1748 #endif
1749 if (r->flags.nocache) {
1750 debug(33, 3) ("clientProcessRequest2: no-cache REFRESH MISS\n");
1751 http->entry = NULL;
1752 ipcacheReleaseInvalid(r->host);
1753 return LOG_TCP_CLIENT_REFRESH_MISS;
1754 }
1755 if (r->range && httpHdrRangeWillBeComplex(r->range)) {
1756 /*
1757 * Some clients break if we return "200 OK" for a Range
1758 * request. We would have to return "200 OK" for a _complex_
1759 * Range request that is also a HIT. Thus, let's prevent HITs
1760 * on complex Range requests
1761 */
1762 debug(33, 3) ("clientProcessRequest2: complex range MISS\n");
1763 http->entry = NULL;
1764 return LOG_TCP_MISS;
1765 }
1766 debug(33, 3) ("clientProcessRequest2: default HIT\n");
1767 http->entry = e;
1768 return LOG_TCP_HIT;
1769 }
1770
1771 static void
1772 clientProcessRequest(clientHttpRequest * http)
1773 {
1774 char *url = http->uri;
1775 request_t *r = http->request;
1776 int fd = http->conn->fd;
1777 HttpReply *rep;
1778 debug(33, 4) ("clientProcessRequest: %s '%s'\n",
1779 RequestMethodStr[r->method],
1780 url);
1781 if (r->method == METHOD_CONNECT) {
1782 http->log_type = LOG_TCP_MISS;
1783 sslStart(fd, url, r, &http->out.size);
1784 return;
1785 } else if (r->method == METHOD_PURGE) {
1786 clientPurgeRequest(http);
1787 return;
1788 } else if (r->method == METHOD_TRACE) {
1789 if (r->max_forwards == 0) {
1790 http->entry = clientCreateStoreEntry(http, r->method, null_request_flags);
1791 storeReleaseRequest(http->entry);
1792 storeBuffer(http->entry);
1793 rep = httpReplyCreate();
1794 httpReplySetHeaders(rep, 1.0, HTTP_OK, NULL, "text/plain",
1795 httpRequestPrefixLen(r), 0, squid_curtime);
1796 httpReplySwapOut(rep, http->entry);
1797 httpReplyDestroy(rep);
1798 httpRequestSwapOut(r, http->entry);
1799 storeComplete(http->entry);
1800 return;
1801 }
1802 /* yes, continue */
1803 http->log_type = LOG_TCP_MISS;
1804 } else if (pumpMethod(r->method)) {
1805 http->log_type = LOG_TCP_MISS;
1806 /* XXX oof, POST can be cached! */
1807 pumpInit(fd, r, http->uri);
1808 } else {
1809 http->log_type = clientProcessRequest2(http);
1810 }
1811 debug(33, 4) ("clientProcessRequest: %s for '%s'\n",
1812 log_tags[http->log_type],
1813 http->uri);
1814 http->out.offset = 0;
1815 if (NULL != http->entry) {
1816 storeLockObject(http->entry);
1817 storeCreateMemObject(http->entry, http->uri, http->log_uri);
1818 storeClientListAdd(http->entry, http);
1819 #if DELAY_POOLS
1820 delaySetStoreClient(http->entry, http, http->request->delay_id);
1821 #endif
1822 http->entry->refcount++;
1823 storeClientCopy(http->entry,
1824 http->out.offset,
1825 http->out.offset,
1826 CLIENT_SOCK_SZ,
1827 memAllocate(MEM_CLIENT_SOCK_BUF),
1828 clientCacheHit,
1829 http);
1830 } else {
1831 /* MISS CASE */
1832 http->log_type = LOG_TCP_MISS;
1833 clientProcessMiss(http);
1834 }
1835 }
1836
1837 /*
1838 * Prepare to fetch the object as it's a cache miss of some kind.
1839 */
1840 static void
1841 clientProcessMiss(clientHttpRequest * http)
1842 {
1843 char *url = http->uri;
1844 request_t *r = http->request;
1845 ErrorState *err = NULL;
1846 debug(33, 4) ("clientProcessMiss: '%s %s'\n",
1847 RequestMethodStr[r->method], url);
1848 /*
1849 * We might have a left-over StoreEntry from a failed cache hit
1850 * or IMS request.
1851 */
1852 if (http->entry) {
1853 if (EBIT_TEST(http->entry->flags, ENTRY_SPECIAL))
1854 debug(33, 0) ("clientProcessMiss: miss on a special object (%s).\n", url);
1855 storeUnregister(http->entry, http);
1856 storeUnlockObject(http->entry);
1857 http->entry = NULL;
1858 }
1859 if (clientOnlyIfCached(http)) {
1860 clientProcessOnlyIfCachedMiss(http);
1861 return;
1862 }
1863 /*
1864 * Deny loops when running in accelerator/transproxy mode.
1865 */
1866 if (http->flags.accel && r->flags.loopdetect) {
1867 http->al.http.code = HTTP_FORBIDDEN;
1868 err = errorCon(ERR_ACCESS_DENIED, HTTP_FORBIDDEN);
1869 err->request = requestLink(r);
1870 err->src_addr = http->conn->peer.sin_addr;
1871 http->entry = clientCreateStoreEntry(http, r->method, null_request_flags);
1872 errorAppendEntry(http->entry, err);
1873 return;
1874 }
1875 assert(http->out.offset == 0);
1876 http->entry = clientCreateStoreEntry(http, r->method, r->flags);
1877 http->entry->refcount++;
1878 if (http->redirect.status) {
1879 HttpReply *rep = httpReplyCreate();
1880 storeReleaseRequest(http->entry);
1881 httpRedirectReply(rep, http->redirect.status, http->redirect.location);
1882 httpReplySwapOut(rep, http->entry);
1883 httpReplyDestroy(rep);
1884 storeComplete(http->entry);
1885 return;
1886 }
1887 if (http->flags.internal)
1888 r->protocol = PROTO_INTERNAL;
1889 fwdStart(http->conn->fd, http->entry, r, http->conn->peer.sin_addr);
1890 }
1891
1892 static clientHttpRequest *
1893 parseHttpRequestAbort(ConnStateData * conn, const char *uri)
1894 {
1895 clientHttpRequest *http = xcalloc(1, sizeof(clientHttpRequest));
1896 cbdataAdd(http, MEM_NONE);
1897 http->conn = conn;
1898 http->start = current_time;
1899 http->req_sz = conn->in.offset;
1900 http->uri = xstrdup(uri);
1901 http->log_uri = xstrndup(uri, MAX_URL);
1902 http->range_iter.boundary = StringNull;
1903 return http;
1904 }
1905
1906 /*
1907 * parseHttpRequest()
1908 *
1909 * Returns
1910 * NULL on error or incomplete request
1911 * a clientHttpRequest structure on success
1912 */
1913 static clientHttpRequest *
1914 parseHttpRequest(ConnStateData * conn, method_t * method_p, int *status,
1915 char **prefix_p, size_t * req_line_sz_p)
1916 {
1917 char *inbuf = NULL;
1918 char *mstr = NULL;
1919 char *url = NULL;
1920 char *req_hdr = NULL;
1921 float http_ver;
1922 char *token = NULL;
1923 char *t = NULL;
1924 char *end;
1925 int free_request = 0;
1926 size_t header_sz; /* size of headers, not including first line */
1927 size_t prefix_sz; /* size of whole request (req-line + headers) */
1928 size_t url_sz;
1929 size_t req_sz;
1930 method_t method;
1931 clientHttpRequest *http = NULL;
1932 #if IPF_TRANSPARENT
1933 struct natlookup natLookup;
1934 static int natfd = -1;
1935 #endif
1936
1937 if ((req_sz = headersEnd(conn->in.buf, conn->in.offset)) == 0) {
1938 debug(33, 5) ("Incomplete request, waiting for end of headers\n");
1939 *status = 0;
1940 *prefix_p = NULL;
1941 *method_p = METHOD_NONE;
1942 return NULL;
1943 }
1944 assert(req_sz <= conn->in.offset);
1945 /* Use memcpy, not strdup! */
1946 inbuf = xmalloc(req_sz + 1);
1947 xmemcpy(inbuf, conn->in.buf, req_sz);
1948 *(inbuf + req_sz) = '\0';
1949
1950 /* pre-set these values to make aborting simpler */
1951 *prefix_p = inbuf;
1952 *method_p = METHOD_NONE;
1953 *status = -1;
1954
1955 /* Barf on NULL characters in the headers */
1956 if (strlen(inbuf) != req_sz) {
1957 debug(33, 1) ("parseHttpRequest: Requestheader contains NULL characters\n");
1958 return parseHttpRequestAbort(conn, "error:invalid-request");
1959 }
1960 /* Look for request method */
1961 if ((mstr = strtok(inbuf, "\t ")) == NULL) {
1962 debug(33, 1) ("parseHttpRequest: Can't get request method\n");
1963 return parseHttpRequestAbort(conn, "error:invalid-request-method");
1964 }
1965 method = urlParseMethod(mstr);
1966 if (method == METHOD_NONE) {
1967 debug(33, 1) ("parseHttpRequest: Unsupported method '%s'\n", mstr);
1968 return parseHttpRequestAbort(conn, "error:unsupported-request-method");
1969 }
1970 debug(33, 5) ("parseHttpRequest: Method is '%s'\n", mstr);
1971 *method_p = method;
1972
1973 /* look for URL+HTTP/x.x */
1974 if ((url = strtok(NULL, "\n")) == NULL) {
1975 debug(33, 1) ("parseHttpRequest: Missing URL\n");
1976 return parseHttpRequestAbort(conn, "error:missing-url");
1977 }
1978 while (isspace(*url))
1979 url++;
1980 t = url + strlen(url);
1981 assert(*t == '\0');
1982 token = NULL;
1983 while (t > url) {
1984 t--;
1985 if (isspace(*t) && !strncmp(t + 1, "HTTP/", 5)) {
1986 token = t + 1;
1987 break;
1988 }
1989 }
1990 while (t > url && isspace(*t))
1991 *(t--) = '\0';
1992 debug(33, 5) ("parseHttpRequest: URI is '%s'\n", url);
1993 if (token == NULL) {
1994 debug(33, 3) ("parseHttpRequest: Missing HTTP identifier\n");
1995 #if RELAXED_HTTP_PARSER
1996 http_ver = (float) 0.9; /* wild guess */
1997 #else
1998 return parseHttpRequestAbort(conn, "error:missing-http-ident");
1999 #endif
2000 } else {
2001 http_ver = (float) atof(token + 5);
2002 }
2003
2004 /*
2005 * Process headers after request line
2006 */
2007 req_hdr = strtok(NULL, null_string);
2008 header_sz = req_sz - (req_hdr - inbuf);
2009 if (0 == header_sz) {
2010 debug(33, 3) ("parseHttpRequest: header_sz == 0\n");
2011 *status = 0;
2012 return NULL;
2013 }
2014 assert(header_sz > 0);
2015 debug(33, 3) ("parseHttpRequest: req_hdr = {%s}\n", req_hdr);
2016 end = req_hdr + header_sz;
2017 debug(33, 3) ("parseHttpRequest: end = {%s}\n", end);
2018
2019 prefix_sz = end - inbuf;
2020 *req_line_sz_p = req_hdr - inbuf;
2021 debug(33, 3) ("parseHttpRequest: prefix_sz = %d, req_line_sz = %d\n",
2022 (int) prefix_sz, (int) *req_line_sz_p);
2023 assert(prefix_sz <= conn->in.offset);
2024
2025 /* Ok, all headers are received */
2026 http = xcalloc(1, sizeof(clientHttpRequest));
2027 cbdataAdd(http, MEM_NONE);
2028 http->http_ver = http_ver;
2029 http->conn = conn;
2030 http->start = current_time;
2031 http->req_sz = prefix_sz;
2032 http->range_iter.boundary = StringNull;
2033 *prefix_p = xmalloc(prefix_sz + 1);
2034 xmemcpy(*prefix_p, conn->in.buf, prefix_sz);
2035 *(*prefix_p + prefix_sz) = '\0';
2036
2037 debug(33, 5) ("parseHttpRequest: Request Header is\n%s\n", (*prefix_p) + *req_line_sz_p);
2038 if ((t = strchr(url, '#'))) /* remove HTML anchors */
2039 *t = '\0';
2040
2041 /* handle internal objects */
2042 if (internalCheck(url)) {
2043 /* prepend our name & port */
2044 http->uri = xstrdup(internalLocalUri(NULL, url));
2045 http->flags.internal = 1;
2046 http->flags.accel = 1;
2047 }
2048 /* see if we running in Config2.Accel.on, if so got to convert it to URL */
2049 else if (Config2.Accel.on && *url == '/') {
2050 /* prepend the accel prefix */
2051 if (opt_accel_uses_host && (t = mime_get_header(req_hdr, "Host"))) {
2052 /* If a Host: header was specified, use it to build the URL
2053 * instead of the one in the Config file. */
2054 /*
2055 * XXX Use of the Host: header here opens a potential
2056 * security hole. There are no checks that the Host: value
2057 * corresponds to one of your servers. It might, for example,
2058 * refer to www.playboy.com. The 'dst' and/or 'dst_domain' ACL
2059 * types should be used to prevent httpd-accelerators
2060 * handling requests for non-local servers */
2061 strtok(t, " :/;@");
2062 url_sz = strlen(url) + 32 + Config.appendDomainLen +
2063 strlen(t);
2064 http->uri = xcalloc(url_sz, 1);
2065 snprintf(http->uri, url_sz, "http://%s:%d%s",
2066 t, (int) Config.Accel.port, url);
2067 } else if (vhost_mode) {
2068 /* Put the local socket IP address as the hostname */
2069 url_sz = strlen(url) + 32 + Config.appendDomainLen;
2070 http->uri = xcalloc(url_sz, 1);
2071 #if IPF_TRANSPARENT
2072 natLookup.nl_inport = http->conn->me.sin_port;
2073 natLookup.nl_outport = http->conn->peer.sin_port;
2074 natLookup.nl_inip = http->conn->me.sin_addr;
2075 natLookup.nl_outip = http->conn->peer.sin_addr;
2076 natLookup.nl_flags = IPN_TCP;
2077 if (natfd < 0)
2078 natfd = open(IPL_NAT, O_RDONLY, 0);
2079 if (natfd < 0) {
2080 debug(50, 1) ("parseHttpRequest: NAT open failed: %s\n",
2081 xstrerror());
2082 return parseHttpRequestAbort(conn, "error:nat-open-failed");
2083 }
2084 if (ioctl(natfd, SIOCGNATL, &natLookup) < 0) {
2085 if (errno != ESRCH) {
2086 debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL)\n");
2087 close(natfd);
2088 natfd = -1;
2089 return parseHttpRequestAbort(conn, "error:nat-lookup-failed");
2090 } else
2091 snprintf(http->uri, url_sz, "http://%s:%d%s",
2092 inet_ntoa(http->conn->me.sin_addr),
2093 (int) Config.Accel.port,
2094 url);
2095 } else
2096 snprintf(http->uri, url_sz, "http://%s:%d%s",
2097 inet_ntoa(natLookup.nl_realip),
2098 (int) Config.Accel.port,
2099 url);
2100 #else
2101 snprintf(http->uri, url_sz, "http://%s:%d%s",
2102 inet_ntoa(http->conn->me.sin_addr),
2103 (int) Config.Accel.port,
2104 url);
2105 #endif
2106 debug(33, 5) ("VHOST REWRITE: '%s'\n", http->uri);
2107 } else {
2108 url_sz = strlen(Config2.Accel.prefix) + strlen(url) +
2109 Config.appendDomainLen + 1;
2110 http->uri = xcalloc(url_sz, 1);
2111 snprintf(http->uri, url_sz, "%s%s", Config2.Accel.prefix, url);
2112 }
2113 http->flags.accel = 1;
2114 } else {
2115 /* URL may be rewritten later, so make extra room */
2116 url_sz = strlen(url) + Config.appendDomainLen + 5;
2117 http->uri = xcalloc(url_sz, 1);
2118 strcpy(http->uri, url);
2119 http->flags.accel = 0;
2120 }
2121 if (!stringHasWhitespace(http->uri))
2122 http->log_uri = xstrndup(http->uri, MAX_URL);
2123 else
2124 http->log_uri = xstrndup(rfc1738_escape(http->uri), MAX_URL);
2125 debug(33, 5) ("parseHttpRequest: Complete request received\n");
2126 if (free_request)
2127 safe_free(url);
2128 xfree(inbuf);
2129 *status = 1;
2130 return http;
2131 }
2132
2133 static int
2134 clientReadDefer(int fdnotused, void *data)
2135 {
2136 ConnStateData *conn = data;
2137 return conn->defer.until > squid_curtime;
2138 }
2139
2140 static void
2141 clientReadRequest(int fd, void *data)
2142 {
2143 ConnStateData *conn = data;
2144 int parser_return_code = 0;
2145 int k;
2146 request_t *request = NULL;
2147 int size;
2148 method_t method;
2149 clientHttpRequest *http = NULL;
2150 clientHttpRequest **H = NULL;
2151 char *prefix = NULL;
2152 ErrorState *err = NULL;
2153 fde *F = &fd_table[fd];
2154 int len = conn->in.size - conn->in.offset - 1;
2155 debug(33, 4) ("clientReadRequest: FD %d: reading request...\n", fd);
2156 Counter.syscalls.sock.reads++;
2157 size = read(fd, conn->in.buf + conn->in.offset, len);
2158 if (size > 0) {
2159 fd_bytes(fd, size, FD_READ);
2160 kb_incr(&Counter.client_http.kbytes_in, size);
2161 }
2162 /*
2163 * Don't reset the timeout value here. The timeout value will be
2164 * set to Config.Timeout.request by httpAccept() and
2165 * clientWriteComplete(), and should apply to the request as a
2166 * whole, not individual read() calls. Plus, it breaks our
2167 * lame half-close detection
2168 */
2169 commSetSelect(fd, COMM_SELECT_READ, clientReadRequest, conn, 0);
2170 if (size == 0) {
2171 if (conn->chr == NULL) {
2172 /* no current or pending requests */
2173 comm_close(fd);
2174 return;
2175 } else if (!Config.onoff.half_closed_clients) {
2176 /* admin doesn't want to support half-closed client sockets */
2177 comm_close(fd);
2178 return;
2179 }
2180 /* It might be half-closed, we can't tell */
2181 debug(33, 5) ("clientReadRequest: FD %d closed?\n", fd);
2182 F->flags.socket_eof = 1;
2183 conn->defer.until = squid_curtime + 1;
2184 conn->defer.n++;
2185 fd_note(fd, "half-closed");
2186 return;
2187 } else if (size < 0) {
2188 if (!ignoreErrno(errno)) {
2189 debug(50, 2) ("clientReadRequest: FD %d: %s\n", fd, xstrerror());
2190 comm_close(fd);
2191 return;
2192 } else if (conn->in.offset == 0) {
2193 debug(50, 2) ("clientReadRequest: FD %d: no data to process (%s)\n", fd, xstrerror());
2194 return;
2195 }
2196 /* Continue to process previously read data */
2197 size = 0;
2198 }
2199 conn->in.offset += size;
2200 /* Skip leading (and trailing) whitespace */
2201 while (conn->in.offset > 0) {
2202 int nrequests;
2203 size_t req_line_sz;
2204 while (conn->in.offset > 0 && isspace(conn->in.buf[0])) {
2205 xmemmove(conn->in.buf, conn->in.buf + 1, conn->in.offset - 1);
2206 conn->in.offset--;
2207 }
2208 conn->in.buf[conn->in.offset] = '\0'; /* Terminate the string */
2209 if (conn->in.offset == 0)
2210 break;
2211 /* Limit the number of concurrent requests to 2 */
2212 for (H = &conn->chr, nrequests = 0; *H; H = &(*H)->next, nrequests++);
2213 if (nrequests >= 2) {
2214 debug(33, 2) ("clientReadRequest: FD %d max concurrent requests reached\n", fd);
2215 debug(33, 5) ("clientReadRequest: FD %d defering new request until one is done\n", fd);
2216 conn->defer.until = squid_curtime + 100; /* Reset when a request is complete */
2217 break;
2218 }
2219 /* Process request */
2220 http = parseHttpRequest(conn,
2221 &method,
2222 &parser_return_code,
2223 &prefix,
2224 &req_line_sz);
2225 if (!http)
2226 safe_free(prefix);
2227 if (http) {
2228 assert(http->req_sz > 0);
2229 conn->in.offset -= http->req_sz;
2230 assert(conn->in.offset >= 0);
2231 debug(33, 5) ("conn->in.offset = %d\n", (int) conn->in.offset);
2232 /*
2233 * If we read past the end of this request, move the remaining
2234 * data to the beginning
2235 */
2236 if (conn->in.offset > 0)
2237 xmemmove(conn->in.buf, conn->in.buf + http->req_sz, conn->in.offset);
2238 /* add to the client request queue */
2239 for (H = &conn->chr; *H; H = &(*H)->next);
2240 *H = http;
2241 conn->nrequests++;
2242 commSetTimeout(fd, Config.Timeout.lifetime, NULL, NULL);
2243 if (parser_return_code < 0) {
2244 debug(33, 1) ("clientReadRequest: FD %d Invalid Request\n", fd);
2245 err = errorCon(ERR_INVALID_REQ, HTTP_BAD_REQUEST);
2246 err->request_hdrs = xstrdup(conn->in.buf);
2247 http->entry = clientCreateStoreEntry(http, method, null_request_flags);
2248 errorAppendEntry(http->entry, err);
2249 safe_free(prefix);
2250 break;
2251 }
2252 if ((request = urlParse(method, http->uri)) == NULL) {
2253 debug(33, 5) ("Invalid URL: %s\n", http->uri);
2254 err = errorCon(ERR_INVALID_URL, HTTP_BAD_REQUEST);
2255 err->src_addr = conn->peer.sin_addr;
2256 err->url = xstrdup(http->uri);
2257 http->al.http.code = err->http_status;
2258 http->entry = clientCreateStoreEntry(http, method, null_request_flags);
2259 errorAppendEntry(http->entry, err);
2260 safe_free(prefix);
2261 break;
2262 } else {
2263 /* compile headers */
2264 /* we should skip request line! */
2265 if (!httpRequestParseHeader(request, prefix + req_line_sz))
2266 debug(33, 1) ("Failed to parse request headers: %s\n%s\n",
2267 http->uri, prefix);
2268 /* continue anyway? */
2269 }
2270 request->flags.accelerated = http->flags.accel;
2271 if (!http->flags.internal) {
2272 if (internalCheck(strBuf(request->urlpath))) {
2273 if (0 == strcasecmp(request->host, internalHostname())) {
2274 if (request->port == Config.Port.http->i)
2275 http->flags.internal = 1;
2276 } else if (internalStaticCheck(strBuf(request->urlpath))) {
2277 xstrncpy(request->host, internalHostname(), SQUIDHOSTNAMELEN);
2278 request->port = Config.Port.http->i;
2279 http->flags.internal = 1;
2280 }
2281 }
2282 }
2283 request->flags.internal = http->flags.internal;
2284 safe_free(prefix);
2285 safe_free(http->log_uri);
2286 http->log_uri = xstrdup(urlCanonicalClean(request));
2287 request->client_addr = conn->peer.sin_addr;
2288 request->http_ver = http->http_ver;
2289 if (!urlCheckRequest(request)) {
2290 err = errorCon(ERR_UNSUP_REQ, HTTP_NOT_IMPLEMENTED);
2291 err->src_addr = conn->peer.sin_addr;
2292 err->request = requestLink(request);
2293 http->al.http.code = err->http_status;
2294 http->entry = clientCreateStoreEntry(http, request->method, null_request_flags);
2295 errorAppendEntry(http->entry, err);
2296 break;
2297 }
2298 if (0 == clientCheckContentLength(request)) {
2299 err = errorCon(ERR_INVALID_REQ, HTTP_LENGTH_REQUIRED);
2300 err->src_addr = conn->peer.sin_addr;
2301 err->request = requestLink(request);
2302 http->al.http.code = err->http_status;
2303 http->entry = clientCreateStoreEntry(http, request->method, null_request_flags);
2304 errorAppendEntry(http->entry, err);
2305 break;
2306 }
2307 http->request = requestLink(request);
2308 /*
2309 * We need to set the keepalive flag before doing some
2310 * hacks for POST/PUT requests below. Maybe we could
2311 * set keepalive flag even earlier.
2312 */
2313 clientSetKeepaliveFlag(http);
2314 /*
2315 * break here for NON-GET because most likely there is a
2316 * reqeust body following and we don't want to parse it
2317 * as though it was new request
2318 */
2319 if (request->method != METHOD_GET) {
2320 int cont_len = httpHeaderGetInt(&request->header, HDR_CONTENT_LENGTH);
2321 int copy_len = conn->in.offset;
2322 if (cont_len < copy_len && request->flags.proxy_keepalive)
2323 copy_len = cont_len;
2324 if (copy_len > 0) {
2325 assert(conn->in.offset >= copy_len);
2326 request->body_sz = copy_len;
2327 request->body = xmalloc(request->body_sz);
2328 xmemcpy(request->body, conn->in.buf, request->body_sz);
2329 conn->in.offset -= copy_len;
2330 if (conn->in.offset)
2331 xmemmove(conn->in.buf, conn->in.buf + copy_len, conn->in.offset);
2332 }
2333 /*
2334 * if we didn't get the full body now, then more will
2335 * be arriving on the client socket. Lets cancel
2336 * the read handler until this request gets forwarded.
2337 */
2338 if (request->body_sz < cont_len)
2339 commSetSelect(fd, COMM_SELECT_READ, NULL, NULL, 0);
2340 }
2341 clientAccessCheck(http);
2342 continue; /* while offset > 0 */
2343 } else if (parser_return_code == 0) {
2344 /*
2345 * Partial request received; reschedule until parseHttpRequest()
2346 * is happy with the input
2347 */
2348 k = conn->in.size - 1 - conn->in.offset;
2349 if (k == 0) {
2350 if (conn->in.offset >= Config.maxRequestSize) {
2351 /* The request is too large to handle */
2352 debug(33, 0) ("Request won't fit in buffer.\n");
2353 debug(33, 0) ("Config 'request_size'= %d bytes.\n",
2354 Config.maxRequestSize);
2355 debug(33, 0) ("This request = %d bytes.\n",
2356 (int) conn->in.offset);
2357 err = errorCon(ERR_INVALID_REQ, HTTP_REQUEST_ENTITY_TOO_LARGE);
2358 http->entry = clientCreateStoreEntry(http, request->method, null_request_flags);
2359 errorAppendEntry(http->entry, err);
2360 return;
2361 }
2362 /* Grow the request memory area to accomodate for a large request */
2363 conn->in.size += REQUEST_BUF_SIZE;
2364 conn->in.buf = xrealloc(conn->in.buf, conn->in.size);
2365 /* XXX account conn->in.buf */
2366 debug(33, 2) ("Handling a large request, offset=%d inbufsize=%d\n",
2367 (int) conn->in.offset, conn->in.size);
2368 k = conn->in.size - 1 - conn->in.offset;
2369 }
2370 break;
2371 }
2372 }
2373 }
2374
2375 /* general lifetime handler for HTTP requests */
2376 static void
2377 requestTimeout(int fd, void *data)
2378 {
2379 ConnStateData *conn = data;
2380 ErrorState *err;
2381 debug(33, 2) ("requestTimeout: FD %d: lifetime is expired.\n", fd);
2382 if (fd_table[fd].rwstate) {
2383 /*
2384 * Some data has been sent to the client, just close the FD
2385 */
2386 comm_close(fd);
2387 } else if (conn->nrequests) {
2388 /*
2389 * assume its a persistent connection; just close it
2390 */
2391 comm_close(fd);
2392 } else {
2393 /*
2394 * Generate an error
2395 */
2396 err = errorCon(ERR_LIFETIME_EXP, HTTP_REQUEST_TIMEOUT);
2397 err->url = xstrdup("N/A");
2398 /*
2399 * Normally we shouldn't call errorSend() in client_side.c, but
2400 * it should be okay in this case. Presumably if we get here
2401 * this is the first request for the connection, and no data
2402 * has been written yet
2403 */
2404 assert(conn->chr == NULL);
2405 errorSend(fd, err);
2406 /*
2407 * if we don't close() here, we still need a timeout handler!
2408 */
2409 commSetTimeout(fd, 30, requestTimeout, conn);
2410 }
2411 }
2412
2413 static int
2414 httpAcceptDefer(void)
2415 {
2416 static time_t last_warn = 0;
2417 if (fdNFree() >= RESERVED_FD)
2418 return 0;
2419 if (last_warn + 15 < squid_curtime) {
2420 debug(33, 0) ("WARNING! Your cache is running out of filedescriptors\n");
2421 last_warn = squid_curtime;
2422 }
2423 return 1;
2424 }
2425
2426 /* Handle a new connection on HTTP socket. */
2427 void
2428 httpAccept(int sock, void *data)
2429 {
2430 int *N = data;
2431 int fd = -1;
2432 ConnStateData *connState = NULL;
2433 struct sockaddr_in peer;
2434 struct sockaddr_in me;
2435 int max = INCOMING_HTTP_MAX;
2436 commSetSelect(sock, COMM_SELECT_READ, httpAccept, NULL, 0);
2437 while (max-- && !httpAcceptDefer()) {
2438 memset(&peer, '\0', sizeof(struct sockaddr_in));
2439 memset(&me, '\0', sizeof(struct sockaddr_in));
2440 if ((fd = comm_accept(sock, &peer, &me)) < 0) {
2441 if (!ignoreErrno(errno))
2442 debug(50, 1) ("httpAccept: FD %d: accept failure: %s\n",
2443 sock, xstrerror());
2444 break;
2445 }
2446 debug(33, 4) ("httpAccept: FD %d: accepted\n", fd);
2447 connState = xcalloc(1, sizeof(ConnStateData));
2448 connState->peer = peer;
2449 connState->log_addr = peer.sin_addr;
2450 connState->log_addr.s_addr &= Config.Addrs.client_netmask.s_addr;
2451 connState->me = me;
2452 connState->fd = fd;
2453 connState->ident.fd = -1;
2454 connState->in.size = REQUEST_BUF_SIZE;
2455 connState->in.buf = xcalloc(connState->in.size, 1);
2456 cbdataAdd(connState, MEM_NONE);
2457 /* XXX account connState->in.buf */
2458 comm_add_close_handler(fd, connStateFree, connState);
2459 if (Config.onoff.log_fqdn)
2460 fqdncache_gethostbyaddr(peer.sin_addr, FQDN_LOOKUP_IF_MISS);
2461 commSetTimeout(fd, Config.Timeout.request, requestTimeout, connState);
2462 commSetSelect(fd, COMM_SELECT_READ, clientReadRequest, connState, 0);
2463 commSetDefer(fd, clientReadDefer, connState);
2464 (*N)++;
2465 }
2466 }
2467
2468 /* return 1 if the request should be aborted */
2469 static int
2470 CheckQuickAbort2(const clientHttpRequest * http)
2471 {
2472 int curlen;
2473 int minlen;
2474 int expectlen;
2475
2476 if (!http->request->flags.cachable)
2477 return 1;
2478 if (EBIT_TEST(http->entry->flags, KEY_PRIVATE))
2479 return 1;
2480 if (http->entry->mem_obj == NULL)
2481 return 1;
2482 expectlen = http->entry->mem_obj->reply->content_length;
2483 curlen = (int) http->entry->mem_obj->inmem_hi;
2484 minlen = (int) Config.quickAbort.min << 10;
2485 if (minlen < 0)
2486 /* disabled */
2487 return 0;
2488 if (curlen > expectlen)
2489 /* bad content length */
2490 return 1;
2491 if ((expectlen - curlen) < minlen)
2492 /* only little more left */
2493 return 0;
2494 if ((expectlen - curlen) > (Config.quickAbort.max << 10))
2495 /* too much left to go */
2496 return 1;
2497 if (expectlen < 100)
2498 /* avoid FPE */
2499 return 0;
2500 if ((curlen / (expectlen / 100)) > Config.quickAbort.pct)
2501 /* past point of no return */
2502 return 0;
2503 return 1;
2504 }
2505
2506
2507 static void
2508 CheckQuickAbort(clientHttpRequest * http)
2509 {
2510 StoreEntry *entry = http->entry;
2511 /* Note, set entry here because http->entry might get changed (for IMS
2512 * requests) during the storeAbort() call */
2513 if (entry == NULL)
2514 return;
2515 if (storePendingNClients(entry) > 0)
2516 return;
2517 if (entry->store_status != STORE_PENDING)
2518 return;
2519 if (CheckQuickAbort2(http) == 0)
2520 return;
2521 debug(33, 3) ("CheckQuickAbort: ABORTING %s\n", storeUrl(entry));
2522 Counter.aborted_requests++;
2523 storeAbort(entry, 1);
2524 }
2525
2526 #define SENDING_BODY 0
2527 #define SENDING_HDRSONLY 1
2528 static int
2529 clientCheckTransferDone(clientHttpRequest * http)
2530 {
2531 int sending = SENDING_BODY;
2532 StoreEntry *entry = http->entry;
2533 MemObject *mem;
2534 http_reply *reply;
2535 int sendlen;
2536 if (entry == NULL)
2537 return 0;
2538 /*
2539 * For now, 'done_copying' is used for special cases like
2540 * Range and HEAD requests.
2541 */
2542 if (http->flags.done_copying)
2543 return 1;
2544 /*
2545 * Handle STORE_OK and STORE_ABORTED objects.
2546 * objectLen(entry) will be set proprely.
2547 */
2548 if (entry->store_status != STORE_PENDING) {
2549 if (http->out.offset >= objectLen(entry))
2550 return 1;
2551 else
2552 return 0;
2553 }
2554 /*
2555 * Now, handle STORE_PENDING objects
2556 */
2557 mem = entry->mem_obj;
2558 assert(mem != NULL);
2559 assert(http->request != NULL);
2560 reply = mem->reply;
2561 if (reply->hdr_sz == 0)
2562 return 0; /* haven't found end of headers yet */
2563 else if (reply->sline.status == HTTP_OK)
2564 sending = SENDING_BODY;
2565 else if (reply->sline.status == HTTP_NO_CONTENT)
2566 sending = SENDING_HDRSONLY;
2567 else if (reply->sline.status == HTTP_NOT_MODIFIED)
2568 sending = SENDING_HDRSONLY;
2569 else if (reply->sline.status < HTTP_OK)
2570 sending = SENDING_HDRSONLY;
2571 else if (http->request->method == METHOD_HEAD)
2572 sending = SENDING_HDRSONLY;
2573 else
2574 sending = SENDING_BODY;
2575 /*
2576 * Figure out how much data we are supposed to send.
2577 * If we are sending a body and we don't have a content-length,
2578 * then we must wait for the object to become STORE_OK or
2579 * STORE_ABORTED.
2580 */
2581 if (sending == SENDING_HDRSONLY)
2582 sendlen = reply->hdr_sz;
2583 else if (reply->content_length < 0)
2584 return 0;
2585 else
2586 sendlen = reply->content_length + reply->hdr_sz;
2587 /*
2588 * Now that we have the expected length, did we send it all?
2589 */
2590 if (http->out.offset < sendlen)
2591 return 0;
2592 else
2593 return 1;
2594 }
2595
2596 static int
2597 clientGotNotEnough(clientHttpRequest * http)
2598 {
2599 int cl = http->entry->mem_obj->reply->content_length;
2600 int hs = http->entry->mem_obj->reply->hdr_sz;
2601 assert(cl >= 0);
2602 if (http->out.offset < cl + hs)
2603 return 1;
2604 return 0;
2605 }
2606
2607 /*
2608 * This function is designed to serve a fairly specific purpose.
2609 * Occasionally our vBNS-connected caches can talk to each other, but not
2610 * the rest of the world. Here we try to detect frequent failures which
2611 * make the cache unusable (e.g. DNS lookup and connect() failures). If
2612 * the failure:success ratio goes above 1.0 then we go into "hit only"
2613 * mode where we only return UDP_HIT or UDP_MISS_NOFETCH. Neighbors
2614 * will only fetch HITs from us if they are using the ICP protocol. We
2615 * stay in this mode for 5 minutes.
2616 *
2617 * Duane W., Sept 16, 1996
2618 */
2619
2620 static void
2621 checkFailureRatio(err_type etype, hier_code hcode)
2622 {
2623 static double magic_factor = 100.0;
2624 double n_good;
2625 double n_bad;
2626 if (hcode == HIER_NONE)
2627 return;
2628 n_good = magic_factor / (1.0 + request_failure_ratio);
2629 n_bad = magic_factor - n_good;
2630 switch (etype) {
2631 case ERR_DNS_FAIL:
2632 case ERR_CONNECT_FAIL:
2633 case ERR_READ_ERROR:
2634 n_bad++;
2635 break;
2636 default:
2637 n_good++;
2638 }
2639 request_failure_ratio = n_bad / n_good;
2640 if (hit_only_mode_until > squid_curtime)
2641 return;
2642 if (request_failure_ratio < 1.0)
2643 return;
2644 debug(33, 0) ("Failure Ratio at %4.2f\n", request_failure_ratio);
2645 debug(33, 0) ("Going into hit-only-mode for %d minutes...\n",
2646 FAILURE_MODE_TIME / 60);
2647 hit_only_mode_until = squid_curtime + FAILURE_MODE_TIME;
2648 request_failure_ratio = 0.8; /* reset to something less than 1.0 */
2649 }
2650
2651 void
2652 clientHttpConnectionsOpen(void)
2653 {
2654 ushortlist *u;
2655 int fd;
2656 for (u = Config.Port.http; u; u = u->next) {
2657 enter_suid();
2658 fd = comm_open(SOCK_STREAM,
2659 0,
2660 Config.Addrs.tcp_incoming,
2661 u->i,
2662 COMM_NONBLOCKING,
2663 "HTTP Socket");
2664 leave_suid();
2665 if (fd < 0)
2666 continue;
2667 comm_listen(fd);
2668 commSetSelect(fd, COMM_SELECT_READ, httpAccept, NULL, 0);
2669 /*commSetDefer(fd, httpAcceptDefer, NULL); */
2670 debug(1, 1) ("Accepting HTTP connections on port %d, FD %d.\n",
2671 (int) u->i, fd);
2672 HttpSockets[NHttpSockets++] = fd;
2673 }
2674 if (NHttpSockets < 1)
2675 fatal("Cannot open HTTP Port");
2676 }
2677
2678 void
2679 clientHttpConnectionsClose(void)
2680 {
2681 int i;
2682 for (i = 0; i < NHttpSockets; i++) {
2683 if (HttpSockets[i] >= 0) {
2684 debug(1, 1) ("FD %d Closing HTTP connection\n", HttpSockets[i]);
2685 comm_close(HttpSockets[i]);
2686 HttpSockets[i] = -1;
2687 }
2688 }
2689 NHttpSockets = 0;
2690 }
Mirror of https://github.com/squid-cache/squid.git