]> git.ipfire.org Git - thirdparty/squid.git/blob - src/client_side.cc
projects / thirdparty / squid.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
DW:
[thirdparty/squid.git] / src / client_side.cc
1
2 /*
3 * $Id: client_side.cc,v 1.474 2000/03/28 17:41:39 wessels Exp $
4 *
5 * DEBUG: section 33 Client-side Routines
6 * AUTHOR: Duane Wessels
7 *
8 * SQUID Internet Object Cache http://squid.nlanr.net/Squid/
9 * ----------------------------------------------------------
10 *
11 * Squid is the result of efforts by numerous individuals from the
12 * Internet community. Development is led by Duane Wessels of the
13 * National Laboratory for Applied Network Research and funded by the
14 * National Science Foundation. Squid is Copyrighted (C) 1998 by
15 * the Regents of the University of California. Please see the
16 * COPYRIGHT file for full details. Squid incorporates software
17 * developed and/or copyrighted by other sources. Please see the
18 * CREDITS file for full details.
19 *
20 * This program is free software; you can redistribute it and/or modify
21 * it under the terms of the GNU General Public License as published by
22 * the Free Software Foundation; either version 2 of the License, or
23 * (at your option) any later version.
24 *
25 * This program is distributed in the hope that it will be useful,
26 * but WITHOUT ANY WARRANTY; without even the implied warranty of
27 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
28 * GNU General Public License for more details.
29 *
30 * You should have received a copy of the GNU General Public License
31 * along with this program; if not, write to the Free Software
32 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
33 *
34 */
35
36 #include "squid.h"
37
38 #if IPF_TRANSPARENT
39 #if HAVE_SYS_IOCTL_H
40 #include <sys/ioctl.h>
41 #endif
42 #include <netinet/tcp.h>
43 #include <net/if.h>
44 #if HAVE_IP_COMPAT_H
45 #include <ip_compat.h>
46 #elif HAVE_NETINET_IP_COMPAT_H
47 #include <netinet/ip_compat.h>
48 #endif
49 #if HAVE_IP_FIL_H
50 #include <ip_fil.h>
51 #elif HAVE_NETINET_IP_FIL_H
52 #include <netinet/ip_fil.h>
53 #endif
54 #if HAVE_IP_NAT_H
55 #include <ip_nat.h>
56 #elif HAVE_NETINET_IP_NAT_H
57 #include <netinet/ip_nat.h>
58 #endif
59 #endif
60
61
62
63 #if LINGERING_CLOSE
64 #define comm_close comm_lingering_close
65 #endif
66
67 static const char *const crlf = "\r\n";
68
69 #define REQUEST_BUF_SIZE 4096
70 #define FAILURE_MODE_TIME 300
71
72 /* Local functions */
73
74 static CWCB clientWriteComplete;
75 static PF clientReadRequest;
76 static PF connStateFree;
77 static PF requestTimeout;
78 static int clientCheckTransferDone(clientHttpRequest *);
79 static int clientGotNotEnough(clientHttpRequest *);
80 static void checkFailureRatio(err_type, hier_code);
81 static void clientProcessMiss(clientHttpRequest *);
82 static void clientBuildReplyHeader(clientHttpRequest * http, HttpReply * rep);
83 static clientHttpRequest *parseHttpRequestAbort(ConnStateData * conn, const char *uri);
84 static clientHttpRequest *parseHttpRequest(ConnStateData *, method_t *, int *, char **, size_t *);
85 static RH clientRedirectDone;
86 static STCB clientHandleIMSReply;
87 static int clientGetsOldEntry(StoreEntry * new, StoreEntry * old, request_t * request);
88 static int checkAccelOnly(clientHttpRequest *);
89 #if USE_IDENT
90 static IDCB clientIdentDone;
91 #endif
92 static int clientOnlyIfCached(clientHttpRequest * http);
93 static STCB clientSendMoreData;
94 static STCB clientCacheHit;
95 static void clientSetKeepaliveFlag(clientHttpRequest *);
96 static void clientPackRangeHdr(const HttpReply * rep, const HttpHdrRangeSpec * spec, String boundary, MemBuf * mb);
97 static void clientPackTermBound(String boundary, MemBuf * mb);
98 static void clientInterpretRequestHeaders(clientHttpRequest *);
99 static void clientProcessRequest(clientHttpRequest *);
100 static void clientProcessExpired(void *data);
101 static void clientProcessOnlyIfCachedMiss(clientHttpRequest * http);
102 static int clientCachable(clientHttpRequest * http);
103 static int clientHierarchical(clientHttpRequest * http);
104 static int clientCheckContentLength(request_t * r);
105 static int httpAcceptDefer(void);
106 static log_type clientProcessRequest2(clientHttpRequest * http);
107 static int clientReplyBodyTooLarge(int clen);
108 static int clientRequestBodyTooLarge(int clen);
109
110 static int
111 checkAccelOnly(clientHttpRequest * http)
112 {
113 /* return TRUE if someone makes a proxy request to us and
114 * we are in httpd-accel only mode */
115 if (!Config2.Accel.on)
116 return 0;
117 if (Config.onoff.accel_with_proxy)
118 return 0;
119 if (http->request->protocol == PROTO_CACHEOBJ)
120 return 0;
121 if (http->flags.accel)
122 return 0;
123 return 1;
124 }
125
126 #if USE_IDENT
127 static void
128 clientIdentDone(const char *ident, void *data)
129 {
130 ConnStateData *conn = data;
131 if (ident)
132 xstrncpy(conn->ident, ident, sizeof(conn->ident));
133 else
134 xstrncpy(conn->ident, "-", sizeof(conn->ident));
135 }
136 #endif
137
138 void
139 clientAccessCheck(void *data)
140 {
141 clientHttpRequest *http = data;
142 ConnStateData *conn = http->conn;
143 if (checkAccelOnly(http)) {
144 clientAccessCheckDone(ACCESS_ALLOWED, http);
145 return;
146 }
147 http->acl_checklist = aclChecklistCreate(Config.accessList.http,
148 http->request,
149 conn->ident);
150 #if USE_IDENT
151 /*
152 * hack for ident ACL. It needs to get full addresses, and a
153 * place to store the ident result on persistent connections...
154 */
155 http->acl_checklist->conn = conn;
156 cbdataLock(http->acl_checklist->conn);
157 #endif
158 aclNBCheck(http->acl_checklist, clientAccessCheckDone, http);
159 }
160
161 /*
162 * returns true if client specified that the object must come from the cache
163 * witout contacting origin server
164 */
165 static int
166 clientOnlyIfCached(clientHttpRequest * http)
167 {
168 const request_t *r = http->request;
169 assert(r);
170 return r->cache_control &&
171 EBIT_TEST(r->cache_control->mask, CC_ONLY_IF_CACHED);
172 }
173
174 StoreEntry *
175 clientCreateStoreEntry(clientHttpRequest * h, method_t m, request_flags flags)
176 {
177 StoreEntry *e;
178 /*
179 * For erroneous requests, we might not have a h->request,
180 * so make a fake one.
181 */
182 if (h->request == NULL)
183 h->request = requestLink(requestCreate(m, PROTO_NONE, null_string));
184 e = storeCreateEntry(h->uri, h->log_uri, flags, m);
185 storeClientListAdd(e, h);
186 #if DELAY_POOLS
187 delaySetStoreClient(e, h, delayClient(h->request));
188 #endif
189 storeClientCopy(e, 0, 0, CLIENT_SOCK_SZ,
190 memAllocate(MEM_CLIENT_SOCK_BUF), clientSendMoreData, h);
191 return e;
192 }
193
194 void
195 clientAccessCheckDone(int answer, void *data)
196 {
197 clientHttpRequest *http = data;
198 int page_id = -1;
199 http_status status;
200 ErrorState *err = NULL;
201 debug(33, 2) ("The request %s %s is %s, because it matched '%s'\n",
202 RequestMethodStr[http->request->method], http->uri,
203 answer == ACCESS_ALLOWED ? "ALLOWED" : "DENIED",
204 AclMatchedName ? AclMatchedName : "NO ACL's");
205 http->acl_checklist = NULL;
206 if (answer == ACCESS_ALLOWED) {
207 safe_free(http->uri);
208 http->uri = xstrdup(urlCanonical(http->request));
209 assert(http->redirect_state == REDIRECT_NONE);
210 http->redirect_state = REDIRECT_PENDING;
211 redirectStart(http, clientRedirectDone, http);
212 } else {
213 debug(33, 5) ("Access Denied: %s\n", http->uri);
214 debug(33, 5) ("AclMatchedName = %s\n",
215 AclMatchedName ? AclMatchedName : "<null>");
216 /*
217 * NOTE: get page_id here, based on AclMatchedName because
218 * if USE_DELAY_POOLS is enabled, then AclMatchedName gets
219 * clobbered in the clientCreateStoreEntry() call
220 * just below. Pedro Ribeiro <pribeiro@isel.pt>
221 */
222 page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName);
223 http->log_type = LOG_TCP_DENIED;
224 http->entry = clientCreateStoreEntry(http, http->request->method,
225 null_request_flags);
226 if (answer == ACCESS_REQ_PROXY_AUTH || aclIsProxyAuth(AclMatchedName)) {
227 if (!http->flags.accel) {
228 /* Proxy authorisation needed */
229 status = HTTP_PROXY_AUTHENTICATION_REQUIRED;
230 } else {
231 /* WWW authorisation needed */
232 status = HTTP_UNAUTHORIZED;
233 }
234 if (page_id <= 0)
235 page_id = ERR_CACHE_ACCESS_DENIED;
236 } else {
237 status = HTTP_FORBIDDEN;
238 if (page_id <= 0)
239 page_id = ERR_ACCESS_DENIED;
240 }
241 err = errorCon(page_id, status);
242 err->request = requestLink(http->request);
243 err->src_addr = http->conn->peer.sin_addr;
244 errorAppendEntry(http->entry, err);
245 }
246 }
247
248 static void
249 clientRedirectDone(void *data, char *result)
250 {
251 clientHttpRequest *http = data;
252 request_t *new_request = NULL;
253 request_t *old_request = http->request;
254 debug(33, 5) ("clientRedirectDone: '%s' result=%s\n", http->uri,
255 result ? result : "NULL");
256 assert(http->redirect_state == REDIRECT_PENDING);
257 http->redirect_state = REDIRECT_DONE;
258 if (result) {
259 http_status status = atoi(result);
260 if (status == 301 || status == 302) {
261 char *t = result;
262 if ((t = strchr(result, ':')) != NULL) {
263 http->redirect.status = status;
264 http->redirect.location = xstrdup(t + 1);
265 } else {
266 debug(33, 1) ("clientRedirectDone: bad input: %s\n", result);
267 }
268 }
269 if (strcmp(result, http->uri))
270 new_request = urlParse(old_request->method, result);
271 }
272 if (new_request) {
273 safe_free(http->uri);
274 http->uri = xstrdup(urlCanonical(new_request));
275 new_request->http_ver = old_request->http_ver;
276 httpHeaderAppend(&new_request->header, &old_request->header);
277 new_request->client_addr = old_request->client_addr;
278 new_request->my_addr = old_request->my_addr;
279 new_request->my_port = old_request->my_port;
280 new_request->flags.redirected = 1;
281 if (old_request->body) {
282 new_request->body = xmalloc(old_request->body_sz);
283 xmemcpy(new_request->body, old_request->body, old_request->body_sz);
284 new_request->body_sz = old_request->body_sz;
285 }
286 new_request->content_length = old_request->content_length;
287 requestUnlink(old_request);
288 http->request = requestLink(new_request);
289 }
290 clientInterpretRequestHeaders(http);
291 #if HEADERS_LOG
292 headersLog(0, 1, request->method, request);
293 #endif
294 fd_note(http->conn->fd, http->uri);
295 clientProcessRequest(http);
296 }
297
298 static void
299 clientProcessExpired(void *data)
300 {
301 clientHttpRequest *http = data;
302 char *url = http->uri;
303 StoreEntry *entry = NULL;
304 debug(33, 3) ("clientProcessExpired: '%s'\n", http->uri);
305 assert(http->entry->lastmod >= 0);
306 /*
307 * check if we are allowed to contact other servers
308 * @?@: Instead of a 504 (Gateway Timeout) reply, we may want to return
309 * a stale entry *if* it matches client requirements
310 */
311 if (clientOnlyIfCached(http)) {
312 clientProcessOnlyIfCachedMiss(http);
313 return;
314 }
315 http->request->flags.refresh = 1;
316 http->old_entry = http->entry;
317 /*
318 * Assert that 'http' is already a client of old_entry. If
319 * it is not, then the beginning of the object data might get
320 * freed from memory before we need to access it.
321 */
322 assert(storeClientListSearch(http->old_entry->mem_obj, http));
323 entry = storeCreateEntry(url,
324 http->log_uri,
325 http->request->flags,
326 http->request->method);
327 /* NOTE, don't call storeLockObject(), storeCreateEntry() does it */
328 storeClientListAdd(entry, http);
329 #if DELAY_POOLS
330 /* delay_id is already set on original store client */
331 delaySetStoreClient(entry, http, delayClient(http->request));
332 #endif
333 http->request->lastmod = http->old_entry->lastmod;
334 debug(33, 5) ("clientProcessExpired: lastmod %d\n", (int) entry->lastmod);
335 http->entry = entry;
336 http->out.offset = 0;
337 fwdStart(http->conn->fd, http->entry, http->request);
338 /* Register with storage manager to receive updates when data comes in. */
339 if (EBIT_TEST(entry->flags, ENTRY_ABORTED))
340 debug(33, 0) ("clientProcessExpired: found ENTRY_ABORTED object\n");
341 storeClientCopy(entry,
342 http->out.offset,
343 http->out.offset,
344 CLIENT_SOCK_SZ,
345 memAllocate(MEM_CLIENT_SOCK_BUF),
346 clientHandleIMSReply,
347 http);
348 }
349
350 static int
351 clientGetsOldEntry(StoreEntry * new_entry, StoreEntry * old_entry, request_t * request)
352 {
353 const http_status status = new_entry->mem_obj->reply->sline.status;
354 if (0 == status) {
355 debug(33, 5) ("clientGetsOldEntry: YES, broken HTTP reply\n");
356 return 1;
357 }
358 /* If the reply is a failure then send the old object as a last
359 * resort */
360 if (status >= 500 && status < 600) {
361 debug(33, 3) ("clientGetsOldEntry: YES, failure reply=%d\n", status);
362 return 1;
363 }
364 /* If the reply is anything but "Not Modified" then
365 * we must forward it to the client */
366 if (HTTP_NOT_MODIFIED != status) {
367 debug(33, 5) ("clientGetsOldEntry: NO, reply=%d\n", status);
368 return 0;
369 }
370 /* If the client did not send IMS in the request, then it
371 * must get the old object, not this "Not Modified" reply */
372 if (!request->flags.ims) {
373 debug(33, 5) ("clientGetsOldEntry: YES, no client IMS\n");
374 return 1;
375 }
376 /* If the client IMS time is prior to the entry LASTMOD time we
377 * need to send the old object */
378 if (modifiedSince(old_entry, request)) {
379 debug(33, 5) ("clientGetsOldEntry: YES, modified since %d\n",
380 (int) request->ims);
381 return 1;
382 }
383 debug(33, 5) ("clientGetsOldEntry: NO, new one is fine\n");
384 return 0;
385 }
386
387
388 static void
389 clientHandleIMSReply(void *data, char *buf, ssize_t size)
390 {
391 clientHttpRequest *http = data;
392 StoreEntry *entry = http->entry;
393 MemObject *mem;
394 const char *url = storeUrl(entry);
395 int unlink_request = 0;
396 StoreEntry *oldentry;
397 int recopy = 1;
398 http_status status;
399 debug(33, 3) ("clientHandleIMSReply: %s, %d bytes\n", url, (int) size);
400 if (entry == NULL) {
401 memFree(buf, MEM_CLIENT_SOCK_BUF);
402 return;
403 }
404 if (size < 0 && !EBIT_TEST(entry->flags, ENTRY_ABORTED)) {
405 memFree(buf, MEM_CLIENT_SOCK_BUF);
406 return;
407 }
408 mem = entry->mem_obj;
409 status = mem->reply->sline.status;
410 if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) {
411 debug(33, 3) ("clientHandleIMSReply: ABORTED '%s'\n", url);
412 /* We have an existing entry, but failed to validate it */
413 /* Its okay to send the old one anyway */
414 http->log_type = LOG_TCP_REFRESH_FAIL_HIT;
415 storeUnregister(entry, http);
416 storeUnlockObject(entry);
417 entry = http->entry = http->old_entry;
418 } else if (STORE_PENDING == entry->store_status && 0 == status) {
419 debug(33, 3) ("clientHandleIMSReply: Incomplete headers for '%s'\n", url);
420 if (size >= CLIENT_SOCK_SZ) {
421 /* will not get any bigger than that */
422 debug(33, 3) ("clientHandleIMSReply: Reply is too large '%s', using old entry\n", url);
423 /* use old entry, this repeats the code abovez */
424 http->log_type = LOG_TCP_REFRESH_FAIL_HIT;
425 storeUnregister(entry, http);
426 storeUnlockObject(entry);
427 entry = http->entry = http->old_entry;
428 /* continue */
429 } else {
430 storeClientCopy(entry,
431 http->out.offset + size,
432 http->out.offset,
433 CLIENT_SOCK_SZ,
434 buf,
435 clientHandleIMSReply,
436 http);
437 return;
438 }
439 } else if (clientGetsOldEntry(entry, http->old_entry, http->request)) {
440 /* We initiated the IMS request, the client is not expecting
441 * 304, so put the good one back. First, make sure the old entry
442 * headers have been loaded from disk. */
443 oldentry = http->old_entry;
444 http->log_type = LOG_TCP_REFRESH_HIT;
445 if (oldentry->mem_obj->request == NULL) {
446 oldentry->mem_obj->request = requestLink(mem->request);
447 unlink_request = 1;
448 }
449 /* Don't memcpy() the whole reply structure here. For example,
450 * www.thegist.com (Netscape/1.13) returns a content-length for
451 * 304's which seems to be the length of the 304 HEADERS!!! and
452 * not the body they refer to. */
453 httpReplyUpdateOnNotModified(oldentry->mem_obj->reply, mem->reply);
454 storeTimestampsSet(oldentry);
455 storeUnregister(entry, http);
456 storeUnlockObject(entry);
457 entry = http->entry = oldentry;
458 entry->timestamp = squid_curtime;
459 if (unlink_request) {
460 requestUnlink(entry->mem_obj->request);
461 entry->mem_obj->request = NULL;
462 }
463 } else {
464 /* the client can handle this reply, whatever it is */
465 http->log_type = LOG_TCP_REFRESH_MISS;
466 if (HTTP_NOT_MODIFIED == mem->reply->sline.status) {
467 httpReplyUpdateOnNotModified(http->old_entry->mem_obj->reply,
468 mem->reply);
469 storeTimestampsSet(http->old_entry);
470 http->log_type = LOG_TCP_REFRESH_HIT;
471 }
472 storeUnregister(http->old_entry, http);
473 storeUnlockObject(http->old_entry);
474 recopy = 0;
475 }
476 http->old_entry = NULL; /* done with old_entry */
477 assert(!EBIT_TEST(entry->flags, ENTRY_ABORTED));
478 if (recopy) {
479 storeClientCopy(entry,
480 http->out.offset,
481 http->out.offset,
482 CLIENT_SOCK_SZ,
483 buf,
484 clientSendMoreData,
485 http);
486 } else {
487 clientSendMoreData(data, buf, size);
488 }
489 }
490
491 int
492 modifiedSince(StoreEntry * entry, request_t * request)
493 {
494 int object_length;
495 MemObject *mem = entry->mem_obj;
496 time_t mod_time = entry->lastmod;
497 debug(33, 3) ("modifiedSince: '%s'\n", storeUrl(entry));
498 if (mod_time < 0)
499 mod_time = entry->timestamp;
500 debug(33, 3) ("modifiedSince: mod_time = %d\n", (int) mod_time);
501 if (mod_time < 0)
502 return 1;
503 /* Find size of the object */
504 object_length = mem->reply->content_length;
505 if (object_length < 0)
506 object_length = contentLen(entry);
507 if (mod_time > request->ims) {
508 debug(33, 3) ("--> YES: entry newer than client\n");
509 return 1;
510 } else if (mod_time < request->ims) {
511 debug(33, 3) ("--> NO: entry older than client\n");
512 return 0;
513 } else if (request->imslen < 0) {
514 debug(33, 3) ("--> NO: same LMT, no client length\n");
515 return 0;
516 } else if (request->imslen == object_length) {
517 debug(33, 3) ("--> NO: same LMT, same length\n");
518 return 0;
519 } else {
520 debug(33, 3) ("--> YES: same LMT, different length\n");
521 return 1;
522 }
523 }
524
525 void
526 clientPurgeRequest(clientHttpRequest * http)
527 {
528 StoreEntry *entry;
529 ErrorState *err = NULL;
530 HttpReply *r;
531 debug(33, 1) ("Config2.onoff.enable_purge = %d\n", Config2.onoff.enable_purge);
532 if (!Config2.onoff.enable_purge) {
533 http->log_type = LOG_TCP_DENIED;
534 err = errorCon(ERR_ACCESS_DENIED, HTTP_FORBIDDEN);
535 err->request = requestLink(http->request);
536 err->src_addr = http->conn->peer.sin_addr;
537 http->entry = clientCreateStoreEntry(http, http->request->method, null_request_flags);
538 errorAppendEntry(http->entry, err);
539 return;
540 }
541 http->log_type = LOG_TCP_MISS;
542 if ((entry = storeGetPublic(http->uri, METHOD_GET)) == NULL) {
543 http->http_code = HTTP_NOT_FOUND;
544 } else {
545 storeRelease(entry);
546 http->http_code = HTTP_OK;
547 }
548 debug(33, 4) ("clientPurgeRequest: Not modified '%s'\n",
549 storeUrl(entry));
550 /*
551 * Make a new entry to hold the reply to be written
552 * to the client.
553 */
554 http->entry = clientCreateStoreEntry(http, http->request->method, null_request_flags);
555 httpReplyReset(r = http->entry->mem_obj->reply);
556 httpReplySetHeaders(r, 1.0, http->http_code, NULL, NULL, 0, 0, -1);
557 httpReplySwapOut(r, http->entry);
558 storeComplete(http->entry);
559 }
560
561 int
562 checkNegativeHit(StoreEntry * e)
563 {
564 if (!EBIT_TEST(e->flags, ENTRY_NEGCACHED))
565 return 0;
566 if (e->expires <= squid_curtime)
567 return 0;
568 if (e->store_status != STORE_OK)
569 return 0;
570 return 1;
571 }
572
573 void
574 clientUpdateCounters(clientHttpRequest * http)
575 {
576 int svc_time = tvSubMsec(http->start, current_time);
577 ping_data *i;
578 HierarchyLogEntry *H;
579 Counter.client_http.requests++;
580 if (isTcpHit(http->log_type))
581 Counter.client_http.hits++;
582 if (http->log_type == LOG_TCP_HIT)
583 Counter.client_http.disk_hits++;
584 else if (http->log_type == LOG_TCP_MEM_HIT)
585 Counter.client_http.mem_hits++;
586 if (http->request->err_type != ERR_NONE)
587 Counter.client_http.errors++;
588 statHistCount(&Counter.client_http.all_svc_time, svc_time);
589 /*
590 * The idea here is not to be complete, but to get service times
591 * for only well-defined types. For example, we don't include
592 * LOG_TCP_REFRESH_FAIL_HIT because its not really a cache hit
593 * (we *tried* to validate it, but failed).
594 */
595 switch (http->log_type) {
596 case LOG_TCP_REFRESH_HIT:
597 statHistCount(&Counter.client_http.nh_svc_time, svc_time);
598 break;
599 case LOG_TCP_IMS_HIT:
600 statHistCount(&Counter.client_http.nm_svc_time, svc_time);
601 break;
602 case LOG_TCP_HIT:
603 case LOG_TCP_MEM_HIT:
604 case LOG_TCP_OFFLINE_HIT:
605 statHistCount(&Counter.client_http.hit_svc_time, svc_time);
606 break;
607 case LOG_TCP_MISS:
608 case LOG_TCP_CLIENT_REFRESH_MISS:
609 statHistCount(&Counter.client_http.miss_svc_time, svc_time);
610 break;
611 default:
612 /* make compiler warnings go away */
613 break;
614 }
615 H = &http->request->hier;
616 switch (H->alg) {
617 case PEER_SA_DIGEST:
618 Counter.cd.times_used++;
619 break;
620 case PEER_SA_ICP:
621 Counter.icp.times_used++;
622 i = &H->ping;
623 if (0 != i->stop.tv_sec && 0 != i->start.tv_sec)
624 statHistCount(&Counter.icp.query_svc_time,
625 tvSubUsec(i->start, i->stop));
626 if (i->timeout)
627 Counter.icp.query_timeouts++;
628 break;
629 case PEER_SA_NETDB:
630 Counter.netdb.times_used++;
631 break;
632 default:
633 break;
634 }
635 }
636
637 static void
638 httpRequestFree(void *data)
639 {
640 clientHttpRequest *http = data;
641 clientHttpRequest **H;
642 ConnStateData *conn = http->conn;
643 StoreEntry *e;
644 request_t *request = http->request;
645 MemObject *mem = NULL;
646 debug(33, 3) ("httpRequestFree: %s\n", storeUrl(http->entry));
647 if (!clientCheckTransferDone(http)) {
648 if ((e = http->entry)) {
649 http->entry = NULL;
650 storeUnregister(e, http);
651 storeUnlockObject(e);
652 }
653 if (http->entry && http->entry->ping_status == PING_WAITING)
654 storeReleaseRequest(http->entry);
655 }
656 assert(http->log_type < LOG_TYPE_MAX);
657 if (http->entry)
658 mem = http->entry->mem_obj;
659 if (http->out.size || http->log_type) {
660 http->al.icp.opcode = ICP_INVALID;
661 http->al.url = http->log_uri;
662 debug(33, 9) ("httpRequestFree: al.url='%s'\n", http->al.url);
663 if (mem) {
664 http->al.http.code = mem->reply->sline.status;
665 http->al.http.content_type = strBuf(mem->reply->content_type);
666 }
667 http->al.cache.caddr = conn->log_addr;
668 http->al.cache.size = http->out.size;
669 http->al.cache.code = http->log_type;
670 http->al.cache.msec = tvSubMsec(http->start, current_time);
671 if (request) {
672 Packer p;
673 MemBuf mb;
674 memBufDefInit(&mb);
675 packerToMemInit(&p, &mb);
676 httpHeaderPackInto(&request->header, &p);
677 http->al.http.method = request->method;
678 http->al.http.version = request->http_ver;
679 http->al.headers.request = xstrdup(mb.buf);
680 http->al.hier = request->hier;
681 if (request->user_ident[0])
682 http->al.cache.ident = request->user_ident;
683 else
684 http->al.cache.ident = conn->ident;
685 packerClean(&p);
686 memBufClean(&mb);
687 }
688 accessLogLog(&http->al);
689 clientUpdateCounters(http);
690 clientdbUpdate(conn->peer.sin_addr, http->log_type, PROTO_HTTP, http->out.size);
691 }
692 if (http->acl_checklist)
693 aclChecklistFree(http->acl_checklist);
694 if (request)
695 checkFailureRatio(request->err_type, http->al.hier.code);
696 safe_free(http->uri);
697 safe_free(http->log_uri);
698 safe_free(http->al.headers.request);
699 safe_free(http->al.headers.reply);
700 safe_free(http->redirect.location);
701 stringClean(&http->range_iter.boundary);
702 if ((e = http->entry)) {
703 http->entry = NULL;
704 storeUnregister(e, http);
705 storeUnlockObject(e);
706 }
707 /* old_entry might still be set if we didn't yet get the reply
708 * code in clientHandleIMSReply() */
709 if ((e = http->old_entry)) {
710 http->old_entry = NULL;
711 storeUnregister(e, http);
712 storeUnlockObject(e);
713 }
714 requestUnlink(http->request);
715 assert(http != http->next);
716 assert(http->conn->chr != NULL);
717 H = &http->conn->chr;
718 while (*H) {
719 if (*H == http)
720 break;
721 H = &(*H)->next;
722 }
723 assert(*H != NULL);
724 *H = http->next;
725 http->next = NULL;
726 dlinkDelete(&http->active, &ClientActiveRequests);
727 cbdataFree(http);
728 }
729
730 /* This is a handler normally called by comm_close() */
731 static void
732 connStateFree(int fd, void *data)
733 {
734 ConnStateData *connState = data;
735 clientHttpRequest *http;
736 debug(33, 3) ("connStateFree: FD %d\n", fd);
737 assert(connState != NULL);
738 clientdbEstablished(connState->peer.sin_addr, -1); /* decrement */
739 while ((http = connState->chr) != NULL) {
740 assert(http->conn == connState);
741 assert(connState->chr != connState->chr->next);
742 httpRequestFree(http);
743 }
744 safe_free(connState->in.buf);
745 /* XXX account connState->in.buf */
746 pconnHistCount(0, connState->nrequests);
747 cbdataFree(connState);
748 #ifdef _SQUID_LINUX_
749 /* prevent those nasty RST packets */
750 {
751 char buf[SQUID_TCP_SO_RCVBUF];
752 while (read(fd, buf, SQUID_TCP_SO_RCVBUF) > 0);
753 }
754 #endif
755 }
756
757 static void
758 clientInterpretRequestHeaders(clientHttpRequest * http)
759 {
760 request_t *request = http->request;
761 const HttpHeader *req_hdr = &request->header;
762 int no_cache = 0;
763 #if USE_USERAGENT_LOG
764 const char *str;
765 #endif
766 request->imslen = -1;
767 request->ims = httpHeaderGetTime(req_hdr, HDR_IF_MODIFIED_SINCE);
768 if (request->ims > 0)
769 request->flags.ims = 1;
770 if (httpHeaderHas(req_hdr, HDR_PRAGMA)) {
771 String s = httpHeaderGetList(req_hdr, HDR_PRAGMA);
772 if (strListIsMember(&s, "no-cache", ','))
773 no_cache++;
774 stringClean(&s);
775 }
776 request->cache_control = httpHeaderGetCc(req_hdr);
777 if (request->cache_control)
778 if (EBIT_TEST(request->cache_control->mask, CC_NO_CACHE))
779 no_cache++;
780 if (no_cache) {
781 #if HTTP_VIOLATIONS
782 if (Config.onoff.reload_into_ims)
783 request->flags.nocache_hack = 1;
784 else if (refresh_nocache_hack)
785 request->flags.nocache_hack = 1;
786 else
787 #endif
788 request->flags.nocache = 1;
789 }
790 /* ignore range header in non-GETs */
791 if (request->method == METHOD_GET) {
792 request->range = httpHeaderGetRange(req_hdr);
793 if (request->range)
794 request->flags.range = 1;
795 }
796 if (httpHeaderHas(req_hdr, HDR_AUTHORIZATION))
797 request->flags.auth = 1;
798 if (request->login[0] != '\0')
799 request->flags.auth = 1;
800 if (httpHeaderHas(req_hdr, HDR_VIA)) {
801 String s = httpHeaderGetList(req_hdr, HDR_VIA);
802 /*
803 * ThisCache cannot be a member of Via header, "1.0 ThisCache" can.
804 * Note ThisCache2 has a space prepended to the hostname so we don't
805 * accidentally match super-domains.
806 */
807 if (strListIsSubstr(&s, ThisCache2, ',')) {
808 debugObj(33, 1, "WARNING: Forwarding loop detected for:\n",
809 request, (ObjPackMethod) & httpRequestPack);
810 request->flags.loopdetect = 1;
811 }
812 #if FORW_VIA_DB
813 fvdbCountVia(strBuf(s));
814 #endif
815 stringClean(&s);
816 }
817 #if USE_USERAGENT_LOG
818 if ((str = httpHeaderGetStr(req_hdr, HDR_USER_AGENT)))
819 logUserAgent(fqdnFromAddr(http->conn->peer.sin_addr), str);
820 #endif
821 #if FORW_VIA_DB
822 if (httpHeaderHas(req_hdr, HDR_X_FORWARDED_FOR)) {
823 String s = httpHeaderGetList(req_hdr, HDR_X_FORWARDED_FOR);
824 fvdbCountForw(strBuf(s));
825 stringClean(&s);
826 }
827 #endif
828 if (request->method == METHOD_TRACE) {
829 request->max_forwards = httpHeaderGetInt(req_hdr, HDR_MAX_FORWARDS);
830 }
831 if (clientCachable(http))
832 request->flags.cachable = 1;
833 if (clientHierarchical(http))
834 request->flags.hierarchical = 1;
835 debug(33, 5) ("clientInterpretRequestHeaders: REQ_NOCACHE = %s\n",
836 request->flags.nocache ? "SET" : "NOT SET");
837 debug(33, 5) ("clientInterpretRequestHeaders: REQ_CACHABLE = %s\n",
838 request->flags.cachable ? "SET" : "NOT SET");
839 debug(33, 5) ("clientInterpretRequestHeaders: REQ_HIERARCHICAL = %s\n",
840 request->flags.hierarchical ? "SET" : "NOT SET");
841 }
842
843 /*
844 * clientSetKeepaliveFlag() sets request->flags.proxy_keepalive.
845 * This is the client-side persistent connection flag. We need
846 * to set this relatively early in the request processing
847 * to handle hacks for broken servers and clients.
848 */
849 static void
850 clientSetKeepaliveFlag(clientHttpRequest * http)
851 {
852 request_t *request = http->request;
853 const HttpHeader *req_hdr = &request->header;
854 debug(33, 3) ("clientSetKeepaliveFlag: http_ver = %3.1f\n",
855 request->http_ver);
856 debug(33, 3) ("clientSetKeepaliveFlag: method = %s\n",
857 RequestMethodStr[request->method]);
858 if (!Config.onoff.client_pconns)
859 request->flags.proxy_keepalive = 0;
860 else if (httpMsgIsPersistent(request->http_ver, req_hdr))
861 request->flags.proxy_keepalive = 1;
862 }
863
864 static int
865 clientCheckContentLength(request_t * r)
866 {
867 int has_cont_len = (r->content_length >= 0);
868 switch (r->method) {
869 case METHOD_PUT:
870 case METHOD_POST:
871 /* PUT/POST requires a request entity */
872 return has_cont_len;
873 case METHOD_GET:
874 case METHOD_HEAD:
875 /* We do not want to see a request entity on GET/HEAD requests */
876 return !has_cont_len;
877 default:
878 /* For other types of requests we don't care */
879 return 1;
880 }
881 /* NOT REACHED */
882 }
883
884 static int
885 clientCachable(clientHttpRequest * http)
886 {
887 const char *url = http->uri;
888 request_t *req = http->request;
889 method_t method = req->method;
890 aclCheck_t ch;
891 memset(&ch, '\0', sizeof(ch));
892 /*
893 * Hopefully, nobody really wants 'no_cache' by client's IP
894 * address, but if they do, this should work if they use IP
895 * addresses in their ACLs, or if the client's address is in
896 * the FQDN cache.
897 *
898 * This may not work yet for 'dst' and 'dst_domain' ACLs.
899 */
900 ch.src_addr = http->conn->peer.sin_addr;
901 ch.my_addr = http->conn->me.sin_addr;
902 ch.my_port = ntohs(http->conn->me.sin_port);
903 ch.request = http->request;
904 /*
905 * aclCheckFast returns 1 for ALLOW and 0 for DENY. The default
906 * is ALLOW, so we require 'no_cache DENY foo' in squid.conf
907 * to indicate uncachable objects.
908 */
909 if (Config.accessList.noCache)
910 if (!aclCheckFast(Config.accessList.noCache, &ch))
911 return 0;
912 if (req->protocol == PROTO_HTTP)
913 return httpCachable(method);
914 /* FTP is always cachable */
915 if (req->protocol == PROTO_GOPHER)
916 return gopherCachable(url);
917 if (req->protocol == PROTO_WAIS)
918 return 0;
919 if (method == METHOD_CONNECT)
920 return 0;
921 if (method == METHOD_TRACE)
922 return 0;
923 if (req->protocol == PROTO_CACHEOBJ)
924 return 0;
925 return 1;
926 }
927
928 /* Return true if we can query our neighbors for this object */
929 static int
930 clientHierarchical(clientHttpRequest * http)
931 {
932 const char *url = http->uri;
933 request_t *request = http->request;
934 method_t method = request->method;
935 const wordlist *p = NULL;
936
937 /* IMS needs a private key, so we can use the hierarchy for IMS only
938 * if our neighbors support private keys */
939 if (request->flags.ims && !neighbors_do_private_keys)
940 return 0;
941 if (request->flags.auth)
942 return 0;
943 if (method == METHOD_TRACE)
944 return 1;
945 if (method != METHOD_GET)
946 return 0;
947 /* scan hierarchy_stoplist */
948 for (p = Config.hierarchy_stoplist; p; p = p->next)
949 if (strstr(url, p->key))
950 return 0;
951 if (request->flags.loopdetect)
952 return 0;
953 if (request->protocol == PROTO_HTTP)
954 return httpCachable(method);
955 if (request->protocol == PROTO_GOPHER)
956 return gopherCachable(url);
957 if (request->protocol == PROTO_WAIS)
958 return 0;
959 if (request->protocol == PROTO_CACHEOBJ)
960 return 0;
961 return 1;
962 }
963
964 int
965 isTcpHit(log_type code)
966 {
967 /* this should be a bitmap for better optimization */
968 if (code == LOG_TCP_HIT)
969 return 1;
970 if (code == LOG_TCP_IMS_HIT)
971 return 1;
972 if (code == LOG_TCP_REFRESH_FAIL_HIT)
973 return 1;
974 if (code == LOG_TCP_REFRESH_HIT)
975 return 1;
976 if (code == LOG_TCP_NEGATIVE_HIT)
977 return 1;
978 if (code == LOG_TCP_MEM_HIT)
979 return 1;
980 if (code == LOG_TCP_OFFLINE_HIT)
981 return 1;
982 return 0;
983 }
984
985 /*
986 * returns true if If-Range specs match reply, false otherwise
987 */
988 static int
989 clientIfRangeMatch(clientHttpRequest * http, HttpReply * rep)
990 {
991 const TimeOrTag spec = httpHeaderGetTimeOrTag(&http->request->header, HDR_IF_RANGE);
992 /* check for parsing falure */
993 if (!spec.valid)
994 return 0;
995 /* got an ETag? */
996 if (spec.tag.str) {
997 ETag rep_tag = httpHeaderGetETag(&rep->header, HDR_ETAG);
998 debug(33, 3) ("clientIfRangeMatch: ETags: %s and %s\n",
999 spec.tag.str, rep_tag.str ? rep_tag.str : "<none>");
1000 if (!rep_tag.str)
1001 return 0; /* entity has no etag to compare with! */
1002 if (spec.tag.weak || rep_tag.weak) {
1003 debug(33, 1) ("clientIfRangeMatch: Weak ETags are not allowed in If-Range: %s ? %s\n",
1004 spec.tag.str, rep_tag.str);
1005 return 0; /* must use strong validator for sub-range requests */
1006 }
1007 return etagIsEqual(&rep_tag, &spec.tag);
1008 }
1009 /* got modification time? */
1010 if (spec.time >= 0) {
1011 return http->entry->lastmod <= spec.time;
1012 }
1013 assert(0); /* should not happen */
1014 return 0;
1015 }
1016
1017 /* returns expected content length for multi-range replies
1018 * note: assumes that httpHdrRangeCanonize has already been called
1019 * warning: assumes that HTTP headers for individual ranges at the
1020 * time of the actuall assembly will be exactly the same as
1021 * the headers when clientMRangeCLen() is called */
1022 static int
1023 clientMRangeCLen(clientHttpRequest * http)
1024 {
1025 int clen = 0;
1026 HttpHdrRangePos pos = HttpHdrRangeInitPos;
1027 const HttpHdrRangeSpec *spec;
1028 MemBuf mb;
1029
1030 assert(http->entry->mem_obj);
1031
1032 memBufDefInit(&mb);
1033 while ((spec = httpHdrRangeGetSpec(http->request->range, &pos))) {
1034
1035 /* account for headers for this range */
1036 memBufReset(&mb);
1037 clientPackRangeHdr(http->entry->mem_obj->reply,
1038 spec, http->range_iter.boundary, &mb);
1039 clen += mb.size;
1040
1041 /* account for range content */
1042 clen += spec->length;
1043
1044 debug(33, 6) ("clientMRangeCLen: (clen += %d + %d) == %d\n",
1045 mb.size, spec->length, clen);
1046 }
1047 /* account for the terminating boundary */
1048 memBufReset(&mb);
1049 clientPackTermBound(http->range_iter.boundary, &mb);
1050 clen += mb.size;
1051
1052 memBufClean(&mb);
1053 return clen;
1054 }
1055
1056 /* adds appropriate Range headers if needed */
1057 static void
1058 clientBuildRangeHeader(clientHttpRequest * http, HttpReply * rep)
1059 {
1060 HttpHeader *hdr = rep ? &rep->header : 0;
1061 const char *range_err = NULL;
1062 assert(http->request->range);
1063 /* check if we still want to do ranges */
1064 if (!rep)
1065 range_err = "no [parse-able] reply";
1066 else if (rep->sline.status != HTTP_OK)
1067 range_err = "wrong status code";
1068 else if (httpHeaderHas(hdr, HDR_CONTENT_RANGE))
1069 range_err = "origin server does ranges";
1070 else if (rep->content_length < 0)
1071 range_err = "unknown length";
1072 else if (rep->content_length != http->entry->mem_obj->reply->content_length)
1073 range_err = "INCONSISTENT length"; /* a bug? */
1074 else if (httpHeaderHas(&http->request->header, HDR_IF_RANGE) && !clientIfRangeMatch(http, rep))
1075 range_err = "If-Range match failed";
1076 else if (!httpHdrRangeCanonize(http->request->range, rep->content_length))
1077 range_err = "canonization failed";
1078 else if (httpHdrRangeIsComplex(http->request->range))
1079 range_err = "too complex range header";
1080 /* get rid of our range specs on error */
1081 if (range_err) {
1082 debug(33, 3) ("clientBuildRangeHeader: will not do ranges: %s.\n", range_err);
1083 httpHdrRangeDestroy(http->request->range);
1084 http->request->range = NULL;
1085 } else {
1086 const int spec_count = http->request->range->specs.count;
1087 int actual_clen = -1;
1088
1089 debug(33, 3) ("clientBuildRangeHeader: range spec count: %d virgin clen: %d\n",
1090 spec_count, rep->content_length);
1091 assert(spec_count > 0);
1092 /* ETags should not be returned with Partial Content replies? */
1093 httpHeaderDelById(hdr, HDR_ETAG);
1094 /* append appropriate header(s) */
1095 if (spec_count == 1) {
1096 HttpHdrRangePos pos = HttpHdrRangeInitPos;
1097 const HttpHdrRangeSpec *spec = httpHdrRangeGetSpec(http->request->range, &pos);
1098 assert(spec);
1099 /* append Content-Range */
1100 httpHeaderAddContRange(hdr, *spec, rep->content_length);
1101 /* set new Content-Length to the actual number of bytes
1102 * transmitted in the message-body */
1103 actual_clen = spec->length;
1104 } else {
1105 /* multipart! */
1106 /* generate boundary string */
1107 http->range_iter.boundary = httpHdrRangeBoundaryStr(http);
1108 /* delete old Content-Type, add ours */
1109 httpHeaderDelById(hdr, HDR_CONTENT_TYPE);
1110 httpHeaderPutStrf(hdr, HDR_CONTENT_TYPE,
1111 "multipart/byteranges; boundary=\"%s\"",
1112 strBuf(http->range_iter.boundary));
1113 /* Content-Length is not required in multipart responses
1114 * but it is always nice to have one */
1115 actual_clen = clientMRangeCLen(http);
1116 }
1117
1118 /* replace Content-Length header */
1119 assert(actual_clen >= 0);
1120 httpHeaderDelById(hdr, HDR_CONTENT_LENGTH);
1121 httpHeaderPutInt(hdr, HDR_CONTENT_LENGTH, actual_clen);
1122 debug(33, 3) ("clientBuildRangeHeader: actual content length: %d\n", actual_clen);
1123 }
1124 }
1125
1126 /*
1127 * filters out unwanted entries from original reply header
1128 * adds extra entries if we have more info than origin server
1129 * adds Squid specific entries
1130 */
1131 static void
1132 clientBuildReplyHeader(clientHttpRequest * http, HttpReply * rep)
1133 {
1134 HttpHeader *hdr = &rep->header;
1135 int is_hit = isTcpHit(http->log_type);
1136 request_t *request = http->request;
1137 #if DONT_FILTER_THESE
1138 /* but you might want to if you run Squid as an HTTP accelerator */
1139 /* httpHeaderDelById(hdr, HDR_ACCEPT_RANGES); */
1140 httpHeaderDelById(hdr, HDR_ETAG);
1141 #endif
1142 httpHeaderDelById(hdr, HDR_PROXY_CONNECTION);
1143 /* here: Keep-Alive is a field-name, not a connection directive! */
1144 httpHeaderDelByName(hdr, "Keep-Alive");
1145 /* remove Set-Cookie if a hit */
1146 if (is_hit)
1147 httpHeaderDelById(hdr, HDR_SET_COOKIE);
1148 /* handle Connection header */
1149 if (httpHeaderHas(hdr, HDR_CONNECTION)) {
1150 /* anything that matches Connection list member will be deleted */
1151 String strConnection = httpHeaderGetList(hdr, HDR_CONNECTION);
1152 const HttpHeaderEntry *e;
1153 HttpHeaderPos pos = HttpHeaderInitPos;
1154 /*
1155 * think: on-average-best nesting of the two loops (hdrEntry
1156 * and strListItem) @?@
1157 */
1158 /*
1159 * maybe we should delete standard stuff ("keep-alive","close")
1160 * from strConnection first?
1161 */
1162 while ((e = httpHeaderGetEntry(hdr, &pos))) {
1163 if (strListIsMember(&strConnection, strBuf(e->name), ','))
1164 httpHeaderDelAt(hdr, pos);
1165 }
1166 httpHeaderDelById(hdr, HDR_CONNECTION);
1167 stringClean(&strConnection);
1168 }
1169 /* Handle Ranges */
1170 if (request->range)
1171 clientBuildRangeHeader(http, rep);
1172 /*
1173 * Add a estimated Age header on cache hits.
1174 */
1175 if (is_hit) {
1176 /*
1177 * Remove any existing Age header sent by upstream caches
1178 * (note that the existing header is passed along unmodified
1179 * on cache misses)
1180 */
1181 httpHeaderDelById(hdr, HDR_AGE);
1182 /*
1183 * This adds the calculated object age. Note that the details of the
1184 * age calculation is performed by adjusting the timestamp in
1185 * storeTimestampsSet(), not here.
1186 *
1187 * BROWSER WORKAROUND: IE sometimes hangs when receiving a 0 Age
1188 * header, so don't use it unless there is a age to report. Please
1189 * note that Age is only used to make a conservative estimation of
1190 * the objects age, so a Age: 0 header does not add any useful
1191 * information to the reply in any case.
1192 */
1193 if (http->entry->timestamp < squid_curtime)
1194 httpHeaderPutInt(hdr, HDR_AGE,
1195 squid_curtime - http->entry->timestamp);
1196 }
1197 /* Append X-Cache */
1198 httpHeaderPutStrf(hdr, HDR_X_CACHE, "%s from %s",
1199 is_hit ? "HIT" : "MISS", getMyHostname());
1200 #if USE_CACHE_DIGESTS
1201 /* Append X-Cache-Lookup: -- temporary hack, to be removed @?@ @?@ */
1202 httpHeaderPutStrf(hdr, HDR_X_CACHE_LOOKUP, "%s from %s:%d",
1203 http->lookup_type ? http->lookup_type : "NONE",
1204 getMyHostname(), ntohs(Config.Sockaddr.http->s.sin_port));
1205 #endif
1206 if (httpReplyBodySize(request->method, rep) < 0) {
1207 debug(33, 3) ("clientBuildReplyHeader: can't keep-alive, unknown body size\n");
1208 request->flags.proxy_keepalive = 0;
1209 }
1210 /* Signal keep-alive if needed */
1211 httpHeaderPutStr(hdr,
1212 http->flags.accel ? HDR_CONNECTION : HDR_PROXY_CONNECTION,
1213 request->flags.proxy_keepalive ? "keep-alive" : "close");
1214 #if ADD_X_REQUEST_URI
1215 /*
1216 * Knowing the URI of the request is useful when debugging persistent
1217 * connections in a client; we cannot guarantee the order of http headers,
1218 * but X-Request-URI is likely to be the very last header to ease use from a
1219 * debugger [hdr->entries.count-1].
1220 */
1221 httpHeaderPutStr(hdr, HDR_X_REQUEST_URI,
1222 http->entry->mem_obj->url ? http->entry->mem_obj->url : http->uri);
1223 #endif
1224 }
1225
1226 static HttpReply *
1227 clientBuildReply(clientHttpRequest * http, const char *buf, size_t size)
1228 {
1229 HttpReply *rep = httpReplyCreate();
1230 size_t k = headersEnd(buf, size);
1231 if (k && httpReplyParse(rep, buf, k)) {
1232 /* enforce 1.0 reply version */
1233 rep->sline.version = 1.0;
1234 /* do header conversions */
1235 clientBuildReplyHeader(http, rep);
1236 /* if we do ranges, change status to "Partial Content" */
1237 if (http->request->range)
1238 httpStatusLineSet(&rep->sline, rep->sline.version,
1239 HTTP_PARTIAL_CONTENT, NULL);
1240 } else {
1241 /* parsing failure, get rid of the invalid reply */
1242 httpReplyDestroy(rep);
1243 rep = NULL;
1244 /* if we were going to do ranges, backoff */
1245 if (http->request->range) {
1246 /* this will fail and destroy request->range */
1247 clientBuildRangeHeader(http, rep);
1248 }
1249 }
1250 return rep;
1251 }
1252
1253 /*
1254 * clientCacheHit should only be called until the HTTP reply headers
1255 * have been parsed. Normally this should be a single call, but
1256 * it might take more than one. As soon as we have the headers,
1257 * we hand off to clientSendMoreData, clientProcessExpired, or
1258 * clientProcessMiss.
1259 */
1260 static void
1261 clientCacheHit(void *data, char *buf, ssize_t size)
1262 {
1263 clientHttpRequest *http = data;
1264 StoreEntry *e = http->entry;
1265 MemObject *mem;
1266 request_t *r = http->request;
1267 debug(33, 3) ("clientCacheHit: %s, %d bytes\n", http->uri, (int) size);
1268 if (http->entry == NULL) {
1269 memFree(buf, MEM_CLIENT_SOCK_BUF);
1270 debug(33, 3) ("clientCacheHit: request aborted\n");
1271 return;
1272 } else if (size < 0) {
1273 /* swap in failure */
1274 memFree(buf, MEM_CLIENT_SOCK_BUF);
1275 debug(33, 3) ("clientCacheHit: swapin failure for %s\n", http->uri);
1276 http->log_type = LOG_TCP_SWAPFAIL_MISS;
1277 if ((e = http->entry)) {
1278 http->entry = NULL;
1279 storeUnregister(e, http);
1280 storeUnlockObject(e);
1281 }
1282 clientProcessMiss(http);
1283 return;
1284 }
1285 assert(size > 0);
1286 mem = e->mem_obj;
1287 assert(!EBIT_TEST(e->flags, ENTRY_ABORTED));
1288 if (mem->reply->sline.status == 0) {
1289 /*
1290 * we don't have full reply headers yet; either wait for more or
1291 * punt to clientProcessMiss.
1292 */
1293 if (e->mem_status == IN_MEMORY || e->store_status == STORE_OK) {
1294 memFree(buf, MEM_CLIENT_SOCK_BUF);
1295 clientProcessMiss(http);
1296 } else if (size == CLIENT_SOCK_SZ && http->out.offset == 0) {
1297 memFree(buf, MEM_CLIENT_SOCK_BUF);
1298 clientProcessMiss(http);
1299 } else {
1300 debug(33, 3) ("clientCacheHit: waiting for HTTP reply headers\n");
1301 storeClientCopy(e,
1302 http->out.offset + size,
1303 http->out.offset,
1304 CLIENT_SOCK_SZ,
1305 buf,
1306 clientCacheHit,
1307 http);
1308 }
1309 return;
1310 }
1311 /*
1312 * Got the headers, now grok them
1313 */
1314 assert(http->log_type == LOG_TCP_HIT);
1315 if (checkNegativeHit(e)) {
1316 http->log_type = LOG_TCP_NEGATIVE_HIT;
1317 clientSendMoreData(data, buf, size);
1318 } else if (r->method == METHOD_HEAD) {
1319 /*
1320 * RFC 2068 seems to indicate there is no "conditional HEAD"
1321 * request. We cannot validate a cached object for a HEAD
1322 * request, nor can we return 304.
1323 */
1324 if (e->mem_status == IN_MEMORY)
1325 http->log_type = LOG_TCP_MEM_HIT;
1326 clientSendMoreData(data, buf, size);
1327 } else if (refreshCheckHTTP(e, r) && !http->flags.internal) {
1328 debug(33, 5) ("clientCacheHit: in refreshCheck() block\n");
1329 /*
1330 * We hold a stale copy; it needs to be validated
1331 */
1332 /*
1333 * The 'need_validation' flag is used to prevent forwarding
1334 * loops between siblings. If our copy of the object is stale,
1335 * then we should probably only use parents for the validation
1336 * request. Otherwise two siblings could generate a loop if
1337 * both have a stale version of the object.
1338 */
1339 r->flags.need_validation = 1;
1340 if (e->lastmod < 0) {
1341 /*
1342 * Previous reply didn't have a Last-Modified header,
1343 * we cannot revalidate it.
1344 */
1345 http->log_type = LOG_TCP_MISS;
1346 clientProcessMiss(http);
1347 } else if (r->flags.nocache) {
1348 /*
1349 * This did not match a refresh pattern that overrides no-cache
1350 * we should honour the client no-cache header.
1351 */
1352 http->log_type = LOG_TCP_CLIENT_REFRESH_MISS;
1353 clientProcessMiss(http);
1354 } else if (r->protocol == PROTO_HTTP) {
1355 /*
1356 * Object needs to be revalidated
1357 * XXX This could apply to FTP as well, if Last-Modified is known.
1358 */
1359 http->log_type = LOG_TCP_REFRESH_MISS;
1360 clientProcessExpired(http);
1361 } else {
1362 /*
1363 * We don't know how to re-validate other protocols. Handle
1364 * them as if the object has expired.
1365 */
1366 http->log_type = LOG_TCP_MISS;
1367 clientProcessMiss(http);
1368 }
1369 memFree(buf, MEM_CLIENT_SOCK_BUF);
1370 } else if (r->flags.ims) {
1371 /*
1372 * Handle If-Modified-Since requests from the client
1373 */
1374 if (mem->reply->sline.status != HTTP_OK) {
1375 debug(33, 4) ("clientCacheHit: Reply code %d != 200\n",
1376 mem->reply->sline.status);
1377 memFree(buf, MEM_CLIENT_SOCK_BUF);
1378 http->log_type = LOG_TCP_MISS;
1379 clientProcessMiss(http);
1380 } else if (modifiedSince(e, http->request)) {
1381 http->log_type = LOG_TCP_IMS_HIT;
1382 clientSendMoreData(data, buf, size);
1383 } else {
1384 MemBuf mb = httpPacked304Reply(e->mem_obj->reply);
1385 http->log_type = LOG_TCP_IMS_HIT;
1386 memFree(buf, MEM_CLIENT_SOCK_BUF);
1387 storeUnregister(e, http);
1388 storeUnlockObject(e);
1389 e = clientCreateStoreEntry(http, http->request->method, null_request_flags);
1390 http->entry = e;
1391 httpReplyParse(e->mem_obj->reply, mb.buf, mb.size);
1392 storeAppend(e, mb.buf, mb.size);
1393 memBufClean(&mb);
1394 storeComplete(e);
1395 }
1396 } else {
1397 /*
1398 * plain ol' cache hit
1399 */
1400 if (e->mem_status == IN_MEMORY)
1401 http->log_type = LOG_TCP_MEM_HIT;
1402 else if (Config.onoff.offline)
1403 http->log_type = LOG_TCP_OFFLINE_HIT;
1404 clientSendMoreData(data, buf, size);
1405 }
1406 }
1407
1408 /* put terminating boundary for multiparts */
1409 static void
1410 clientPackTermBound(String boundary, MemBuf * mb)
1411 {
1412 memBufPrintf(mb, "\r\n--%s--\r\n", strBuf(boundary));
1413 debug(33, 6) ("clientPackTermBound: buf offset: %d\n", mb->size);
1414 }
1415
1416 /* appends a "part" HTTP header (as in a multi-part/range reply) to the buffer */
1417 static void
1418 clientPackRangeHdr(const HttpReply * rep, const HttpHdrRangeSpec * spec, String boundary, MemBuf * mb)
1419 {
1420 HttpHeader hdr;
1421 Packer p;
1422 assert(rep);
1423 assert(spec);
1424
1425 /* put boundary */
1426 debug(33, 5) ("clientPackRangeHdr: appending boundary: %s\n", strBuf(boundary));
1427 /* rfc2046 requires to _prepend_ boundary with <crlf>! */
1428 memBufPrintf(mb, "\r\n--%s\r\n", strBuf(boundary));
1429
1430 /* stuff the header with required entries and pack it */
1431 httpHeaderInit(&hdr, hoReply);
1432 if (httpHeaderHas(&rep->header, HDR_CONTENT_TYPE))
1433 httpHeaderPutStr(&hdr, HDR_CONTENT_TYPE, httpHeaderGetStr(&rep->header, HDR_CONTENT_TYPE));
1434 httpHeaderAddContRange(&hdr, *spec, rep->content_length);
1435 packerToMemInit(&p, mb);
1436 httpHeaderPackInto(&hdr, &p);
1437 packerClean(&p);
1438 httpHeaderClean(&hdr);
1439
1440 /* append <crlf> (we packed a header, not a reply) */
1441 memBufPrintf(mb, crlf);
1442 }
1443
1444 /*
1445 * extracts a "range" from *buf and appends them to mb, updating
1446 * all offsets and such.
1447 */
1448 static void
1449 clientPackRange(clientHttpRequest * http,
1450 HttpHdrRangeIter * i,
1451 const char **buf,
1452 ssize_t * size,
1453 MemBuf * mb)
1454 {
1455 const ssize_t copy_sz = i->debt_size <= *size ? i->debt_size : *size;
1456 off_t body_off = http->out.offset - i->prefix_size;
1457 assert(*size > 0);
1458 assert(i->spec);
1459 /*
1460 * intersection of "have" and "need" ranges must not be empty
1461 */
1462 assert(body_off < i->spec->offset + i->spec->length);
1463 assert(body_off + *size > i->spec->offset);
1464 /*
1465 * put boundary and headers at the beginning of a range in a
1466 * multi-range
1467 */
1468 if (http->request->range->specs.count > 1 && i->debt_size == i->spec->length) {
1469 assert(http->entry->mem_obj);
1470 clientPackRangeHdr(
1471 http->entry->mem_obj->reply, /* original reply */
1472 i->spec, /* current range */
1473 i->boundary, /* boundary, the same for all */
1474 mb
1475 );
1476 }
1477 /*
1478 * append content
1479 */
1480 debug(33, 3) ("clientPackRange: appending %d bytes\n", copy_sz);
1481 memBufAppend(mb, *buf, copy_sz);
1482 /*
1483 * update offsets
1484 */
1485 *size -= copy_sz;
1486 i->debt_size -= copy_sz;
1487 body_off += copy_sz;
1488 *buf += copy_sz;
1489 http->out.offset = body_off + i->prefix_size; /* sync */
1490 /*
1491 * paranoid check
1492 */
1493 assert(*size >= 0 && i->debt_size >= 0);
1494 }
1495
1496 /* returns true if there is still data available to pack more ranges
1497 * increments iterator "i"
1498 * used by clientPackMoreRanges */
1499 static int
1500 clientCanPackMoreRanges(const clientHttpRequest * http, HttpHdrRangeIter * i, ssize_t size)
1501 {
1502 /* first update "i" if needed */
1503 if (!i->debt_size) {
1504 if ((i->spec = httpHdrRangeGetSpec(http->request->range, &i->pos)))
1505 i->debt_size = i->spec->length;
1506 }
1507 assert(!i->debt_size == !i->spec); /* paranoid sync condition */
1508 /* continue condition: need_more_data && have_more_data */
1509 return i->spec && size > 0;
1510 }
1511
1512 /* extracts "ranges" from buf and appends them to mb, updating all offsets and such */
1513 /* returns true if we need more data */
1514 static int
1515 clientPackMoreRanges(clientHttpRequest * http, const char *buf, ssize_t size, MemBuf * mb)
1516 {
1517 HttpHdrRangeIter *i = &http->range_iter;
1518 /* offset in range specs does not count the prefix of an http msg */
1519 off_t body_off = http->out.offset - i->prefix_size;
1520 assert(size >= 0);
1521 /* check: reply was parsed and range iterator was initialized */
1522 assert(i->prefix_size > 0);
1523 /* filter out data according to range specs */
1524 while (clientCanPackMoreRanges(http, i, size)) {
1525 off_t start; /* offset of still missing data */
1526 assert(i->spec);
1527 start = i->spec->offset + i->spec->length - i->debt_size;
1528 debug(33, 3) ("clientPackMoreRanges: in: offset: %d size: %d\n",
1529 (int) body_off, size);
1530 debug(33, 3) ("clientPackMoreRanges: out: start: %d spec[%d]: [%d, %d), len: %d debt: %d\n",
1531 (int) start, (int) i->pos, i->spec->offset, (int) (i->spec->offset + i->spec->length), i->spec->length, i->debt_size);
1532 assert(body_off <= start); /* we did not miss it */
1533 /* skip up to start */
1534 if (body_off + size > start) {
1535 const size_t skip_size = start - body_off;
1536 body_off = start;
1537 size -= skip_size;
1538 buf += skip_size;
1539 } else {
1540 /* has not reached start yet */
1541 body_off += size;
1542 size = 0;
1543 buf = NULL;
1544 }
1545 /* put next chunk if any */
1546 if (size) {
1547 http->out.offset = body_off + i->prefix_size; /* sync */
1548 clientPackRange(http, i, &buf, &size, mb);
1549 body_off = http->out.offset - i->prefix_size; /* sync */
1550 }
1551 }
1552 assert(!i->debt_size == !i->spec); /* paranoid sync condition */
1553 debug(33, 3) ("clientPackMoreRanges: buf exhausted: in: offset: %d size: %d need_more: %d\n",
1554 (int) body_off, size, i->debt_size);
1555 if (i->debt_size) {
1556 debug(33, 3) ("clientPackMoreRanges: need more: spec[%d]: [%d, %d), len: %d\n",
1557 (int) i->pos, i->spec->offset, (int) (i->spec->offset + i->spec->length), i->spec->length);
1558 /* skip the data we do not need if possible */
1559 if (i->debt_size == i->spec->length) /* at the start of the cur. spec */
1560 body_off = i->spec->offset;
1561 else
1562 assert(body_off == i->spec->offset + i->spec->length - i->debt_size);
1563 } else if (http->request->range->specs.count > 1) {
1564 /* put terminating boundary for multiparts */
1565 clientPackTermBound(i->boundary, mb);
1566 }
1567 http->out.offset = body_off + i->prefix_size; /* sync */
1568 return i->debt_size > 0;
1569 }
1570
1571 static int
1572 clientReplyBodyTooLarge(int clen)
1573 {
1574 if (0 == Config.maxReplyBodySize)
1575 return 0; /* disabled */
1576 if (clen < 0)
1577 return 0; /* unknown */
1578 if (clen > Config.maxReplyBodySize)
1579 return 1; /* too large */
1580 return 0;
1581 }
1582
1583 static int
1584 clientRequestBodyTooLarge(int clen)
1585 {
1586 if (0 == Config.maxRequestBodySize)
1587 return 0; /* disabled */
1588 if (clen < 0)
1589 return 0; /* unknown, bug? */
1590 if (clen > Config.maxRequestBodySize)
1591 return 1; /* too large */
1592 return 0;
1593 }
1594
1595 /*
1596 * accepts chunk of a http message in buf, parses prefix, filters headers and
1597 * such, writes processed message to the client's socket
1598 */
1599 static void
1600 clientSendMoreData(void *data, char *buf, ssize_t size)
1601 {
1602 clientHttpRequest *http = data;
1603 StoreEntry *entry = http->entry;
1604 ConnStateData *conn = http->conn;
1605 int fd = conn->fd;
1606 HttpReply *rep = NULL;
1607 const char *body_buf = buf;
1608 ssize_t body_size = size;
1609 MemBuf mb;
1610 ssize_t check_size = 0;
1611 debug(33, 5) ("clientSendMoreData: %s, %d bytes\n", http->uri, (int) size);
1612 assert(size <= CLIENT_SOCK_SZ);
1613 assert(http->request != NULL);
1614 dlinkDelete(&http->active, &ClientActiveRequests);
1615 dlinkAdd(http, &http->active, &ClientActiveRequests);
1616 debug(33, 5) ("clientSendMoreData: FD %d '%s', out.offset=%d \n",
1617 fd, storeUrl(entry), (int) http->out.offset);
1618 if (conn->chr != http) {
1619 /* there is another object in progress, defer this one */
1620 debug(33, 1) ("clientSendMoreData: Deferring %s\n", storeUrl(entry));
1621 memFree(buf, MEM_CLIENT_SOCK_BUF);
1622 return;
1623 } else if (entry && EBIT_TEST(entry->flags, ENTRY_ABORTED)) {
1624 /* call clientWriteComplete so the client socket gets closed */
1625 clientWriteComplete(fd, NULL, 0, COMM_OK, http);
1626 memFree(buf, MEM_CLIENT_SOCK_BUF);
1627 return;
1628 } else if (size < 0) {
1629 /* call clientWriteComplete so the client socket gets closed */
1630 clientWriteComplete(fd, NULL, 0, COMM_OK, http);
1631 memFree(buf, MEM_CLIENT_SOCK_BUF);
1632 return;
1633 } else if (size == 0) {
1634 /* call clientWriteComplete so the client socket gets closed */
1635 clientWriteComplete(fd, NULL, 0, COMM_OK, http);
1636 memFree(buf, MEM_CLIENT_SOCK_BUF);
1637 return;
1638 }
1639 if (http->out.offset == 0) {
1640 if (Config.onoff.log_mime_hdrs) {
1641 size_t k;
1642 if ((k = headersEnd(buf, size))) {
1643 safe_free(http->al.headers.reply);
1644 http->al.headers.reply = xcalloc(k + 1, 1);
1645 xstrncpy(http->al.headers.reply, buf, k);
1646 }
1647 }
1648 rep = clientBuildReply(http, buf, size);
1649 if (rep && clientReplyBodyTooLarge(rep->content_length)) {
1650 ErrorState *err = errorCon(ERR_TOO_BIG, HTTP_FORBIDDEN);
1651 err->request = requestLink(http->request);
1652 storeUnregister(http->entry, http);
1653 storeUnlockObject(http->entry);
1654 http->entry = clientCreateStoreEntry(http, http->request->method,
1655 null_request_flags);
1656 errorAppendEntry(http->entry, err);
1657 httpReplyDestroy(rep);
1658 return;
1659 } else if (rep) {
1660 body_size = size - rep->hdr_sz;
1661 assert(body_size >= 0);
1662 body_buf = buf + rep->hdr_sz;
1663 http->range_iter.prefix_size = rep->hdr_sz;
1664 debug(33, 3) ("clientSendMoreData: Appending %d bytes after %d bytes of headers\n",
1665 body_size, rep->hdr_sz);
1666 } else if (size < CLIENT_SOCK_SZ && entry->store_status == STORE_PENDING) {
1667 /* wait for more to arrive */
1668 storeClientCopy(entry,
1669 http->out.offset + size,
1670 http->out.offset,
1671 CLIENT_SOCK_SZ,
1672 buf,
1673 clientSendMoreData,
1674 http);
1675 return;
1676 }
1677 /* reset range iterator */
1678 http->range_iter.pos = HttpHdrRangeInitPos;
1679 }
1680 if (http->request->method == METHOD_HEAD) {
1681 if (rep) {
1682 /* do not forward body for HEAD replies */
1683 body_size = 0;
1684 http->flags.done_copying = 1;
1685 } else {
1686 /*
1687 * If we are here, then store_status == STORE_OK and it
1688 * seems we have a HEAD repsponse which is missing the
1689 * empty end-of-headers line (home.mira.net, phttpd/0.99.72
1690 * does this). Because clientBuildReply() fails we just
1691 * call this reply a body, set the done_copying flag and
1692 * continue...
1693 */
1694 http->flags.done_copying = 1;
1695 }
1696 }
1697 /* write headers and/or body if any */
1698 assert(rep || (body_buf && body_size));
1699 /* init mb; put status line and headers if any */
1700 if (rep) {
1701 mb = httpReplyPack(rep);
1702 http->out.offset += rep->hdr_sz;
1703 check_size += rep->hdr_sz;
1704 #if HEADERS_LOG
1705 headersLog(0, 0, http->request->method, rep);
1706 #endif
1707 httpReplyDestroy(rep);
1708 rep = NULL;
1709 } else {
1710 memBufDefInit(&mb);
1711 }
1712 /* append body if any */
1713 if (http->request->range) {
1714 /* Only GET requests should have ranges */
1715 assert(http->request->method == METHOD_GET);
1716 /* clientPackMoreRanges() updates http->out.offset */
1717 /* force the end of the transfer if we are done */
1718 if (!clientPackMoreRanges(http, body_buf, body_size, &mb))
1719 http->flags.done_copying = 1;
1720 } else if (body_buf && body_size) {
1721 http->out.offset += body_size;
1722 check_size += body_size;
1723 memBufAppend(&mb, body_buf, body_size);
1724 }
1725 if (!http->request->range && http->request->method == METHOD_GET)
1726 assert(check_size == size);
1727 /* write */
1728 comm_write_mbuf(fd, mb, clientWriteComplete, http);
1729 /* if we don't do it, who will? */
1730 memFree(buf, MEM_CLIENT_SOCK_BUF);
1731 }
1732
1733 static void
1734 clientKeepaliveNextRequest(clientHttpRequest * http)
1735 {
1736 ConnStateData *conn = http->conn;
1737 StoreEntry *entry;
1738 debug(33, 3) ("clientKeepaliveNextRequest: FD %d\n", conn->fd);
1739 conn->defer.until = 0; /* Kick it to read a new request */
1740 httpRequestFree(http);
1741 if ((http = conn->chr) == NULL) {
1742 debug(33, 5) ("clientKeepaliveNextRequest: FD %d reading next req\n",
1743 conn->fd);
1744 fd_note(conn->fd, "Reading next request");
1745 /*
1746 * Set the timeout BEFORE calling clientReadRequest().
1747 */
1748 commSetTimeout(conn->fd, Config.Timeout.pconn, requestTimeout, conn);
1749 clientReadRequest(conn->fd, conn); /* Read next request */
1750 /*
1751 * Note, the FD may be closed at this point.
1752 */
1753 } else if ((entry = http->entry) == NULL) {
1754 /*
1755 * this request is in progress, maybe doing an ACL or a redirect,
1756 * execution will resume after the operation completes.
1757 */
1758 } else {
1759 debug(33, 1) ("clientKeepaliveNextRequest: FD %d Sending next\n",
1760 conn->fd);
1761 assert(entry);
1762 if (0 == storeClientCopyPending(entry, http)) {
1763 if (EBIT_TEST(entry->flags, ENTRY_ABORTED))
1764 debug(33, 0) ("clientKeepaliveNextRequest: ENTRY_ABORTED\n");
1765 storeClientCopy(entry,
1766 http->out.offset,
1767 http->out.offset,
1768 CLIENT_SOCK_SZ,
1769 memAllocate(MEM_CLIENT_SOCK_BUF),
1770 clientSendMoreData,
1771 http);
1772 }
1773 }
1774 }
1775
1776 static void
1777 clientWriteComplete(int fd, char *bufnotused, size_t size, int errflag, void *data)
1778 {
1779 clientHttpRequest *http = data;
1780 StoreEntry *entry = http->entry;
1781 int done;
1782 http->out.size += size;
1783 debug(33, 5) ("clientWriteComplete: FD %d, sz %d, err %d, off %d, len %d\n",
1784 fd, size, errflag, (int) http->out.offset, entry ? objectLen(entry) : 0);
1785 if (size > 0) {
1786 kb_incr(&Counter.client_http.kbytes_out, size);
1787 if (isTcpHit(http->log_type))
1788 kb_incr(&Counter.client_http.hit_kbytes_out, size);
1789 }
1790 if (errflag) {
1791 /*
1792 * just close the socket, httpRequestFree will abort if needed
1793 */
1794 comm_close(fd);
1795 } else if (NULL == entry) {
1796 comm_close(fd); /* yuk */
1797 } else if (EBIT_TEST(entry->flags, ENTRY_ABORTED)) {
1798 comm_close(fd);
1799 } else if ((done = clientCheckTransferDone(http)) != 0 || size == 0) {
1800 debug(33, 5) ("clientWriteComplete: FD %d transfer is DONE\n", fd);
1801 /* We're finished case */
1802 if (httpReplyBodySize(http->request->method, entry->mem_obj->reply) < 0) {
1803 debug(33, 5) ("clientWriteComplete: closing, content_length < 0\n");
1804 comm_close(fd);
1805 } else if (!done) {
1806 debug(33, 5) ("clientWriteComplete: closing, !done\n");
1807 comm_close(fd);
1808 } else if (clientGotNotEnough(http)) {
1809 debug(33, 5) ("clientWriteComplete: client didn't get all it expected\n");
1810 comm_close(fd);
1811 } else if (http->request->flags.proxy_keepalive) {
1812 debug(33, 5) ("clientWriteComplete: FD %d Keeping Alive\n", fd);
1813 clientKeepaliveNextRequest(http);
1814 } else {
1815 comm_close(fd);
1816 }
1817 } else if (clientReplyBodyTooLarge((int) http->out.offset)) {
1818 comm_close(fd);
1819 } else {
1820 /* More data will be coming from primary server; register with
1821 * storage manager. */
1822 if (EBIT_TEST(entry->flags, ENTRY_ABORTED))
1823 debug(33, 0) ("clientWriteComplete 2: ENTRY_ABORTED\n");
1824 storeClientCopy(entry,
1825 http->out.offset,
1826 http->out.offset,
1827 CLIENT_SOCK_SZ,
1828 memAllocate(MEM_CLIENT_SOCK_BUF),
1829 clientSendMoreData,
1830 http);
1831 }
1832 }
1833
1834 /*
1835 * client issued a request with an only-if-cached cache-control directive;
1836 * we did not find a cached object that can be returned without
1837 * contacting other servers;
1838 * respond with a 504 (Gateway Timeout) as suggested in [RFC 2068]
1839 */
1840 static void
1841 clientProcessOnlyIfCachedMiss(clientHttpRequest * http)
1842 {
1843 char *url = http->uri;
1844 request_t *r = http->request;
1845 ErrorState *err = NULL;
1846 debug(33, 4) ("clientProcessOnlyIfCachedMiss: '%s %s'\n",
1847 RequestMethodStr[r->method], url);
1848 http->al.http.code = HTTP_GATEWAY_TIMEOUT;
1849 err = errorCon(ERR_ONLY_IF_CACHED_MISS, HTTP_GATEWAY_TIMEOUT);
1850 err->request = requestLink(r);
1851 err->src_addr = http->conn->peer.sin_addr;
1852 if (http->entry) {
1853 storeUnregister(http->entry, http);
1854 storeUnlockObject(http->entry);
1855 }
1856 http->entry = clientCreateStoreEntry(http, r->method, null_request_flags);
1857 errorAppendEntry(http->entry, err);
1858 }
1859
1860 static log_type
1861 clientProcessRequest2(clientHttpRequest * http)
1862 {
1863 request_t *r = http->request;
1864 StoreEntry *e;
1865 e = http->entry = storeGetPublic(http->uri, r->method);
1866 if (r->method == METHOD_HEAD && e == NULL) {
1867 /* We can generate a HEAD reply from a cached GET object */
1868 e = http->entry = storeGetPublic(http->uri, METHOD_GET);
1869 }
1870 #if USE_CACHE_DIGESTS
1871 http->lookup_type = e ? "HIT" : "MISS";
1872 #endif
1873 if (NULL == e) {
1874 /* this object isn't in the cache */
1875 debug(33, 3) ("clientProcessRequest2: storeGet() MISS\n");
1876 return LOG_TCP_MISS;
1877 }
1878 if (Config.onoff.offline) {
1879 debug(33, 3) ("clientProcessRequest2: offline HIT\n");
1880 http->entry = e;
1881 return LOG_TCP_HIT;
1882 }
1883 if (!storeEntryValidToSend(e)) {
1884 debug(33, 3) ("clientProcessRequest2: !storeEntryValidToSend MISS\n");
1885 http->entry = NULL;
1886 return LOG_TCP_MISS;
1887 }
1888 if (EBIT_TEST(e->flags, ENTRY_SPECIAL)) {
1889 /* Special entries are always hits, no matter what the client says */
1890 debug(33, 3) ("clientProcessRequest2: ENTRY_SPECIAL HIT\n");
1891 http->entry = e;
1892 return LOG_TCP_HIT;
1893 }
1894 #if HTTP_VIOLATIONS
1895 if (r->flags.nocache_hack) {
1896 /* if nocache_hack is set, nocache should always be clear, right? */
1897 assert(!r->flags.nocache);
1898 ipcacheReleaseInvalid(r->host);
1899 /* continue! */
1900 }
1901 if (e->store_status == STORE_PENDING) {
1902 if (r->flags.nocache || r->flags.nocache_hack) {
1903 debug(33, 3) ("Clearing no-cache for STORE_PENDING request\n\t%s\n",
1904 storeUrl(e));
1905 r->flags.nocache = 0;
1906 r->flags.nocache_hack = 0;
1907 }
1908 }
1909 #endif
1910 if (r->flags.nocache) {
1911 debug(33, 3) ("clientProcessRequest2: no-cache REFRESH MISS\n");
1912 http->entry = NULL;
1913 ipcacheReleaseInvalid(r->host);
1914 return LOG_TCP_CLIENT_REFRESH_MISS;
1915 }
1916 if (r->range && httpHdrRangeWillBeComplex(r->range)) {
1917 /*
1918 * Some clients break if we return "200 OK" for a Range
1919 * request. We would have to return "200 OK" for a _complex_
1920 * Range request that is also a HIT. Thus, let's prevent HITs
1921 * on complex Range requests
1922 */
1923 debug(33, 3) ("clientProcessRequest2: complex range MISS\n");
1924 http->entry = NULL;
1925 return LOG_TCP_MISS;
1926 }
1927 debug(33, 3) ("clientProcessRequest2: default HIT\n");
1928 http->entry = e;
1929 return LOG_TCP_HIT;
1930 }
1931
1932 static void
1933 clientProcessRequest(clientHttpRequest * http)
1934 {
1935 char *url = http->uri;
1936 request_t *r = http->request;
1937 int fd = http->conn->fd;
1938 HttpReply *rep;
1939 debug(33, 4) ("clientProcessRequest: %s '%s'\n",
1940 RequestMethodStr[r->method],
1941 url);
1942 if (r->method == METHOD_CONNECT) {
1943 http->log_type = LOG_TCP_MISS;
1944 sslStart(fd, url, r, &http->out.size);
1945 return;
1946 } else if (r->method == METHOD_PURGE) {
1947 clientPurgeRequest(http);
1948 return;
1949 } else if (r->method == METHOD_TRACE) {
1950 if (r->max_forwards == 0) {
1951 http->entry = clientCreateStoreEntry(http, r->method, null_request_flags);
1952 storeReleaseRequest(http->entry);
1953 storeBuffer(http->entry);
1954 rep = httpReplyCreate();
1955 httpReplySetHeaders(rep, 1.0, HTTP_OK, NULL, "text/plain",
1956 httpRequestPrefixLen(r), 0, squid_curtime);
1957 httpReplySwapOut(rep, http->entry);
1958 httpReplyDestroy(rep);
1959 httpRequestSwapOut(r, http->entry);
1960 storeComplete(http->entry);
1961 return;
1962 }
1963 /* yes, continue */
1964 http->log_type = LOG_TCP_MISS;
1965 } else if (r->content_length > 0) {
1966 http->log_type = LOG_TCP_MISS;
1967 /* XXX oof, POST can be cached! */
1968 pumpInit(fd, r, http->uri);
1969 } else {
1970 http->log_type = clientProcessRequest2(http);
1971 }
1972 debug(33, 4) ("clientProcessRequest: %s for '%s'\n",
1973 log_tags[http->log_type],
1974 http->uri);
1975 http->out.offset = 0;
1976 if (NULL != http->entry) {
1977 storeLockObject(http->entry);
1978 storeCreateMemObject(http->entry, http->uri, http->log_uri);
1979 http->entry->mem_obj->method = r->method;
1980 storeClientListAdd(http->entry, http);
1981 #if DELAY_POOLS
1982 delaySetStoreClient(http->entry, http, delayClient(r));
1983 #endif
1984 storeClientCopy(http->entry,
1985 http->out.offset,
1986 http->out.offset,
1987 CLIENT_SOCK_SZ,
1988 memAllocate(MEM_CLIENT_SOCK_BUF),
1989 clientCacheHit,
1990 http);
1991 } else {
1992 /* MISS CASE, http->log_type is already set! */
1993 clientProcessMiss(http);
1994 }
1995 }
1996
1997 /*
1998 * Prepare to fetch the object as it's a cache miss of some kind.
1999 */
2000 static void
2001 clientProcessMiss(clientHttpRequest * http)
2002 {
2003 char *url = http->uri;
2004 request_t *r = http->request;
2005 ErrorState *err = NULL;
2006 debug(33, 4) ("clientProcessMiss: '%s %s'\n",
2007 RequestMethodStr[r->method], url);
2008 /*
2009 * We might have a left-over StoreEntry from a failed cache hit
2010 * or IMS request.
2011 */
2012 if (http->entry) {
2013 if (EBIT_TEST(http->entry->flags, ENTRY_SPECIAL))
2014 debug(33, 0) ("clientProcessMiss: miss on a special object (%s).\n", url);
2015 storeUnregister(http->entry, http);
2016 storeUnlockObject(http->entry);
2017 http->entry = NULL;
2018 }
2019 if (clientOnlyIfCached(http)) {
2020 clientProcessOnlyIfCachedMiss(http);
2021 return;
2022 }
2023 /*
2024 * Deny loops when running in accelerator/transproxy mode.
2025 */
2026 if (http->flags.accel && r->flags.loopdetect) {
2027 http->al.http.code = HTTP_FORBIDDEN;
2028 err = errorCon(ERR_ACCESS_DENIED, HTTP_FORBIDDEN);
2029 err->request = requestLink(r);
2030 err->src_addr = http->conn->peer.sin_addr;
2031 http->entry = clientCreateStoreEntry(http, r->method, null_request_flags);
2032 errorAppendEntry(http->entry, err);
2033 return;
2034 }
2035 assert(http->out.offset == 0);
2036 http->entry = clientCreateStoreEntry(http, r->method, r->flags);
2037 if (http->redirect.status) {
2038 HttpReply *rep = httpReplyCreate();
2039 #if LOG_TCP_REDIRECTS
2040 http->log_type = LOG_TCP_REDIRECT;
2041 #endif
2042 storeReleaseRequest(http->entry);
2043 httpRedirectReply(rep, http->redirect.status, http->redirect.location);
2044 httpReplySwapOut(rep, http->entry);
2045 httpReplyDestroy(rep);
2046 storeComplete(http->entry);
2047 return;
2048 }
2049 if (http->flags.internal)
2050 r->protocol = PROTO_INTERNAL;
2051 fwdStart(http->conn->fd, http->entry, r);
2052 }
2053
2054 static clientHttpRequest *
2055 parseHttpRequestAbort(ConnStateData * conn, const char *uri)
2056 {
2057 clientHttpRequest *http = xcalloc(1, sizeof(clientHttpRequest));
2058 cbdataAdd(http, cbdataXfree, 0);
2059 http->conn = conn;
2060 http->start = current_time;
2061 http->req_sz = conn->in.offset;
2062 http->uri = xstrdup(uri);
2063 http->log_uri = xstrndup(uri, MAX_URL);
2064 http->range_iter.boundary = StringNull;
2065 dlinkAdd(http, &http->active, &ClientActiveRequests);
2066 return http;
2067 }
2068
2069 /*
2070 * parseHttpRequest()
2071 *
2072 * Returns
2073 * NULL on error or incomplete request
2074 * a clientHttpRequest structure on success
2075 */
2076 static clientHttpRequest *
2077 parseHttpRequest(ConnStateData * conn, method_t * method_p, int *status,
2078 char **prefix_p, size_t * req_line_sz_p)
2079 {
2080 char *inbuf = NULL;
2081 char *mstr = NULL;
2082 char *url = NULL;
2083 char *req_hdr = NULL;
2084 float http_ver;
2085 char *token = NULL;
2086 char *t = NULL;
2087 char *end;
2088 int free_request = 0;
2089 size_t header_sz; /* size of headers, not including first line */
2090 size_t prefix_sz; /* size of whole request (req-line + headers) */
2091 size_t url_sz;
2092 size_t req_sz;
2093 method_t method;
2094 clientHttpRequest *http = NULL;
2095 #if IPF_TRANSPARENT
2096 struct natlookup natLookup;
2097 static int natfd = -1;
2098 #endif
2099
2100 if ((req_sz = headersEnd(conn->in.buf, conn->in.offset)) == 0) {
2101 debug(33, 5) ("Incomplete request, waiting for end of headers\n");
2102 *status = 0;
2103 *prefix_p = NULL;
2104 *method_p = METHOD_NONE;
2105 return NULL;
2106 }
2107 assert(req_sz <= conn->in.offset);
2108 /* Use memcpy, not strdup! */
2109 inbuf = xmalloc(req_sz + 1);
2110 xmemcpy(inbuf, conn->in.buf, req_sz);
2111 *(inbuf + req_sz) = '\0';
2112
2113 /* pre-set these values to make aborting simpler */
2114 *prefix_p = inbuf;
2115 *method_p = METHOD_NONE;
2116 *status = -1;
2117
2118 /* Barf on NULL characters in the headers */
2119 if (strlen(inbuf) != req_sz) {
2120 debug(33, 1) ("parseHttpRequest: Requestheader contains NULL characters\n");
2121 return parseHttpRequestAbort(conn, "error:invalid-request");
2122 }
2123 /* Look for request method */
2124 if ((mstr = strtok(inbuf, "\t ")) == NULL) {
2125 debug(33, 1) ("parseHttpRequest: Can't get request method\n");
2126 return parseHttpRequestAbort(conn, "error:invalid-request-method");
2127 }
2128 method = urlParseMethod(mstr);
2129 if (method == METHOD_NONE) {
2130 debug(33, 1) ("parseHttpRequest: Unsupported method '%s'\n", mstr);
2131 return parseHttpRequestAbort(conn, "error:unsupported-request-method");
2132 }
2133 debug(33, 5) ("parseHttpRequest: Method is '%s'\n", mstr);
2134 *method_p = method;
2135
2136 /* look for URL+HTTP/x.x */
2137 if ((url = strtok(NULL, "\n")) == NULL) {
2138 debug(33, 1) ("parseHttpRequest: Missing URL\n");
2139 return parseHttpRequestAbort(conn, "error:missing-url");
2140 }
2141 while (xisspace(*url))
2142 url++;
2143 t = url + strlen(url);
2144 assert(*t == '\0');
2145 token = NULL;
2146 while (t > url) {
2147 t--;
2148 if (xisspace(*t) && !strncmp(t + 1, "HTTP/", 5)) {
2149 token = t + 1;
2150 break;
2151 }
2152 }
2153 while (t > url && xisspace(*t))
2154 *(t--) = '\0';
2155 debug(33, 5) ("parseHttpRequest: URI is '%s'\n", url);
2156 if (token == NULL) {
2157 debug(33, 3) ("parseHttpRequest: Missing HTTP identifier\n");
2158 #if RELAXED_HTTP_PARSER
2159 http_ver = (float) 0.9; /* wild guess */
2160 #else
2161 return parseHttpRequestAbort(conn, "error:missing-http-ident");
2162 #endif
2163 } else {
2164 http_ver = (float) atof(token + 5);
2165 }
2166
2167 /*
2168 * Process headers after request line
2169 */
2170 req_hdr = strtok(NULL, null_string);
2171 header_sz = req_sz - (req_hdr - inbuf);
2172 if (0 == header_sz) {
2173 debug(33, 3) ("parseHttpRequest: header_sz == 0\n");
2174 *status = 0;
2175 return NULL;
2176 }
2177 assert(header_sz > 0);
2178 debug(33, 3) ("parseHttpRequest: req_hdr = {%s}\n", req_hdr);
2179 end = req_hdr + header_sz;
2180 debug(33, 3) ("parseHttpRequest: end = {%s}\n", end);
2181
2182 prefix_sz = end - inbuf;
2183 *req_line_sz_p = req_hdr - inbuf;
2184 debug(33, 3) ("parseHttpRequest: prefix_sz = %d, req_line_sz = %d\n",
2185 (int) prefix_sz, (int) *req_line_sz_p);
2186 assert(prefix_sz <= conn->in.offset);
2187
2188 /* Ok, all headers are received */
2189 http = xcalloc(1, sizeof(clientHttpRequest));
2190 cbdataAdd(http, cbdataXfree, 0);
2191 http->http_ver = http_ver;
2192 http->conn = conn;
2193 http->start = current_time;
2194 http->req_sz = prefix_sz;
2195 http->range_iter.boundary = StringNull;
2196 *prefix_p = xmalloc(prefix_sz + 1);
2197 xmemcpy(*prefix_p, conn->in.buf, prefix_sz);
2198 *(*prefix_p + prefix_sz) = '\0';
2199 dlinkAdd(http, &http->active, &ClientActiveRequests);
2200
2201 debug(33, 5) ("parseHttpRequest: Request Header is\n%s\n", (*prefix_p) + *req_line_sz_p);
2202 if ((t = strchr(url, '#'))) /* remove HTML anchors */
2203 *t = '\0';
2204
2205 /* handle internal objects */
2206 if (internalCheck(url)) {
2207 /* prepend our name & port */
2208 http->uri = xstrdup(internalLocalUri(NULL, url));
2209 http->flags.internal = 1;
2210 http->flags.accel = 1;
2211 }
2212 /* see if we running in Config2.Accel.on, if so got to convert it to URL */
2213 else if (Config2.Accel.on && *url == '/') {
2214 /* prepend the accel prefix */
2215 if (opt_accel_uses_host && (t = mime_get_header(req_hdr, "Host"))) {
2216 /* If a Host: header was specified, use it to build the URL
2217 * instead of the one in the Config file. */
2218 /*
2219 * XXX Use of the Host: header here opens a potential
2220 * security hole. There are no checks that the Host: value
2221 * corresponds to one of your servers. It might, for example,
2222 * refer to www.playboy.com. The 'dst' and/or 'dst_domain' ACL
2223 * types should be used to prevent httpd-accelerators
2224 * handling requests for non-local servers */
2225 strtok(t, " :/;@");
2226 url_sz = strlen(url) + 32 + Config.appendDomainLen +
2227 strlen(t);
2228 http->uri = xcalloc(url_sz, 1);
2229 snprintf(http->uri, url_sz, "http://%s:%d%s",
2230 t, (int) Config.Accel.port, url);
2231 } else if (vhost_mode) {
2232 /* Put the local socket IP address as the hostname */
2233 url_sz = strlen(url) + 32 + Config.appendDomainLen;
2234 http->uri = xcalloc(url_sz, 1);
2235 #if IPF_TRANSPARENT
2236 natLookup.nl_inport = http->conn->me.sin_port;
2237 natLookup.nl_outport = http->conn->peer.sin_port;
2238 natLookup.nl_inip = http->conn->me.sin_addr;
2239 natLookup.nl_outip = http->conn->peer.sin_addr;
2240 natLookup.nl_flags = IPN_TCP;
2241 if (natfd < 0)
2242 natfd = open(IPL_NAT, O_RDONLY, 0);
2243 if (natfd < 0) {
2244 debug(50, 1) ("parseHttpRequest: NAT open failed: %s\n",
2245 xstrerror());
2246 return parseHttpRequestAbort(conn, "error:nat-open-failed");
2247 }
2248 if (ioctl(natfd, SIOCGNATL, &natLookup) < 0) {
2249 if (errno != ESRCH) {
2250 debug(50, 1) ("parseHttpRequest: NAT lookup failed: ioctl(SIOCGNATL)\n");
2251 close(natfd);
2252 natfd = -1;
2253 return parseHttpRequestAbort(conn, "error:nat-lookup-failed");
2254 } else
2255 snprintf(http->uri, url_sz, "http://%s:%d%s",
2256 inet_ntoa(http->conn->me.sin_addr),
2257 (int) Config.Accel.port,
2258 url);
2259 } else
2260 snprintf(http->uri, url_sz, "http://%s:%d%s",
2261 inet_ntoa(natLookup.nl_realip),
2262 (int) Config.Accel.port,
2263 url);
2264 #else
2265 snprintf(http->uri, url_sz, "http://%s:%d%s",
2266 inet_ntoa(http->conn->me.sin_addr),
2267 (int) Config.Accel.port,
2268 url);
2269 #endif
2270 debug(33, 5) ("VHOST REWRITE: '%s'\n", http->uri);
2271 } else {
2272 url_sz = strlen(Config2.Accel.prefix) + strlen(url) +
2273 Config.appendDomainLen + 1;
2274 http->uri = xcalloc(url_sz, 1);
2275 snprintf(http->uri, url_sz, "%s%s", Config2.Accel.prefix, url);
2276 }
2277 http->flags.accel = 1;
2278 } else {
2279 /* URL may be rewritten later, so make extra room */
2280 url_sz = strlen(url) + Config.appendDomainLen + 5;
2281 http->uri = xcalloc(url_sz, 1);
2282 strcpy(http->uri, url);
2283 http->flags.accel = 0;
2284 }
2285 if (!stringHasCntl(http->uri))
2286 http->log_uri = xstrndup(http->uri, MAX_URL);
2287 else
2288 http->log_uri = xstrndup(rfc1738_escape_unescaped(http->uri), MAX_URL);
2289 debug(33, 5) ("parseHttpRequest: Complete request received\n");
2290 if (free_request)
2291 safe_free(url);
2292 xfree(inbuf);
2293 *status = 1;
2294 return http;
2295 }
2296
2297 static int
2298 clientReadDefer(int fdnotused, void *data)
2299 {
2300 ConnStateData *conn = data;
2301 return conn->defer.until > squid_curtime;
2302 }
2303
2304 static void
2305 clientReadRequest(int fd, void *data)
2306 {
2307 ConnStateData *conn = data;
2308 int parser_return_code = 0;
2309 int k;
2310 request_t *request = NULL;
2311 int size;
2312 method_t method;
2313 clientHttpRequest *http = NULL;
2314 clientHttpRequest **H = NULL;
2315 char *prefix = NULL;
2316 ErrorState *err = NULL;
2317 fde *F = &fd_table[fd];
2318 int len = conn->in.size - conn->in.offset - 1;
2319 debug(33, 4) ("clientReadRequest: FD %d: reading request...\n", fd);
2320 Counter.syscalls.sock.reads++;
2321 size = read(fd, conn->in.buf + conn->in.offset, len);
2322 if (size > 0) {
2323 fd_bytes(fd, size, FD_READ);
2324 kb_incr(&Counter.client_http.kbytes_in, size);
2325 }
2326 /*
2327 * Don't reset the timeout value here. The timeout value will be
2328 * set to Config.Timeout.request by httpAccept() and
2329 * clientWriteComplete(), and should apply to the request as a
2330 * whole, not individual read() calls. Plus, it breaks our
2331 * lame half-close detection
2332 */
2333 commSetSelect(fd, COMM_SELECT_READ, clientReadRequest, conn, 0);
2334 if (size == 0) {
2335 if (conn->chr == NULL) {
2336 /* no current or pending requests */
2337 comm_close(fd);
2338 return;
2339 } else if (!Config.onoff.half_closed_clients) {
2340 /* admin doesn't want to support half-closed client sockets */
2341 comm_close(fd);
2342 return;
2343 }
2344 /* It might be half-closed, we can't tell */
2345 debug(33, 5) ("clientReadRequest: FD %d closed?\n", fd);
2346 F->flags.socket_eof = 1;
2347 conn->defer.until = squid_curtime + 1;
2348 conn->defer.n++;
2349 fd_note(fd, "half-closed");
2350 return;
2351 } else if (size < 0) {
2352 if (!ignoreErrno(errno)) {
2353 debug(50, 2) ("clientReadRequest: FD %d: %s\n", fd, xstrerror());
2354 comm_close(fd);
2355 return;
2356 } else if (conn->in.offset == 0) {
2357 debug(50, 2) ("clientReadRequest: FD %d: no data to process (%s)\n", fd, xstrerror());
2358 return;
2359 }
2360 /* Continue to process previously read data */
2361 size = 0;
2362 }
2363 conn->in.offset += size;
2364 /* Skip leading (and trailing) whitespace */
2365 while (conn->in.offset > 0) {
2366 int nrequests;
2367 size_t req_line_sz;
2368 while (conn->in.offset > 0 && xisspace(conn->in.buf[0])) {
2369 xmemmove(conn->in.buf, conn->in.buf + 1, conn->in.offset - 1);
2370 conn->in.offset--;
2371 }
2372 conn->in.buf[conn->in.offset] = '\0'; /* Terminate the string */
2373 if (conn->in.offset == 0)
2374 break;
2375 /* Limit the number of concurrent requests to 2 */
2376 for (H = &conn->chr, nrequests = 0; *H; H = &(*H)->next, nrequests++);
2377 if (nrequests >= 2) {
2378 debug(33, 3) ("clientReadRequest: FD %d max concurrent requests reached\n", fd);
2379 debug(33, 5) ("clientReadRequest: FD %d defering new request until one is done\n", fd);
2380 conn->defer.until = squid_curtime + 100; /* Reset when a request is complete */
2381 break;
2382 }
2383 /* Process request */
2384 http = parseHttpRequest(conn,
2385 &method,
2386 &parser_return_code,
2387 &prefix,
2388 &req_line_sz);
2389 if (!http)
2390 safe_free(prefix);
2391 if (http) {
2392 assert(http->req_sz > 0);
2393 conn->in.offset -= http->req_sz;
2394 assert(conn->in.offset >= 0);
2395 debug(33, 5) ("conn->in.offset = %d\n", (int) conn->in.offset);
2396 /*
2397 * If we read past the end of this request, move the remaining
2398 * data to the beginning
2399 */
2400 if (conn->in.offset > 0)
2401 xmemmove(conn->in.buf, conn->in.buf + http->req_sz, conn->in.offset);
2402 /* add to the client request queue */
2403 for (H = &conn->chr; *H; H = &(*H)->next);
2404 *H = http;
2405 conn->nrequests++;
2406 commSetTimeout(fd, Config.Timeout.lifetime, NULL, NULL);
2407 if (parser_return_code < 0) {
2408 debug(33, 1) ("clientReadRequest: FD %d Invalid Request\n", fd);
2409 err = errorCon(ERR_INVALID_REQ, HTTP_BAD_REQUEST);
2410 err->request_hdrs = xstrdup(conn->in.buf);
2411 http->entry = clientCreateStoreEntry(http, method, null_request_flags);
2412 errorAppendEntry(http->entry, err);
2413 safe_free(prefix);
2414 break;
2415 }
2416 if ((request = urlParse(method, http->uri)) == NULL) {
2417 debug(33, 5) ("Invalid URL: %s\n", http->uri);
2418 err = errorCon(ERR_INVALID_URL, HTTP_BAD_REQUEST);
2419 err->src_addr = conn->peer.sin_addr;
2420 err->url = xstrdup(http->uri);
2421 http->al.http.code = err->http_status;
2422 http->entry = clientCreateStoreEntry(http, method, null_request_flags);
2423 errorAppendEntry(http->entry, err);
2424 safe_free(prefix);
2425 break;
2426 } else {
2427 /* compile headers */
2428 /* we should skip request line! */
2429 if (!httpRequestParseHeader(request, prefix + req_line_sz))
2430 debug(33, 1) ("Failed to parse request headers: %s\n%s\n",
2431 http->uri, prefix);
2432 /* continue anyway? */
2433 }
2434 request->flags.accelerated = http->flags.accel;
2435 if (!http->flags.internal) {
2436 if (internalCheck(strBuf(request->urlpath))) {
2437 if (internalHostnameIs(request->host) &&
2438 request->port == ntohs(Config.Sockaddr.http->s.sin_port)) {
2439 http->flags.internal = 1;
2440 } else if (internalStaticCheck(strBuf(request->urlpath))) {
2441 xstrncpy(request->host, internalHostname(), SQUIDHOSTNAMELEN);
2442 request->port = ntohs(Config.Sockaddr.http->s.sin_port);
2443 http->flags.internal = 1;
2444 }
2445 }
2446 }
2447 /*
2448 * cache the Content-length value in request_t.
2449 */
2450 request->content_length = httpHeaderGetInt(&request->header,
2451 HDR_CONTENT_LENGTH);
2452 request->flags.internal = http->flags.internal;
2453 safe_free(prefix);
2454 safe_free(http->log_uri);
2455 http->log_uri = xstrdup(urlCanonicalClean(request));
2456 request->client_addr = conn->peer.sin_addr;
2457 request->my_addr = conn->me.sin_addr;
2458 request->my_port = ntohs(conn->me.sin_port);
2459 request->http_ver = http->http_ver;
2460 if (!urlCheckRequest(request)) {
2461 err = errorCon(ERR_UNSUP_REQ, HTTP_NOT_IMPLEMENTED);
2462 err->src_addr = conn->peer.sin_addr;
2463 err->request = requestLink(request);
2464 request->flags.proxy_keepalive = 0;
2465 http->al.http.code = err->http_status;
2466 http->entry = clientCreateStoreEntry(http, request->method, null_request_flags);
2467 errorAppendEntry(http->entry, err);
2468 break;
2469 }
2470 if (0 == clientCheckContentLength(request)) {
2471 err = errorCon(ERR_INVALID_REQ, HTTP_LENGTH_REQUIRED);
2472 err->src_addr = conn->peer.sin_addr;
2473 err->request = requestLink(request);
2474 http->al.http.code = err->http_status;
2475 http->entry = clientCreateStoreEntry(http, request->method, null_request_flags);
2476 errorAppendEntry(http->entry, err);
2477 break;
2478 }
2479 http->request = requestLink(request);
2480 /*
2481 * We need to set the keepalive flag before doing some
2482 * hacks for POST/PUT requests below. Maybe we could
2483 * set keepalive flag even earlier.
2484 */
2485 clientSetKeepaliveFlag(http);
2486 /*
2487 * break here if the request has a content-length
2488 * because there is a reqeust body following and we
2489 * don't want to parse it as though it was new request.
2490 */
2491 if (request->content_length >= 0) {
2492 int copy_len = XMIN(conn->in.offset, request->content_length);
2493 if (copy_len > 0) {
2494 assert(conn->in.offset >= copy_len);
2495 request->body_sz = copy_len;
2496 request->body = xmalloc(request->body_sz);
2497 xmemcpy(request->body, conn->in.buf, request->body_sz);
2498 conn->in.offset -= copy_len;
2499 if (conn->in.offset)
2500 xmemmove(conn->in.buf, conn->in.buf + copy_len, conn->in.offset);
2501 }
2502 /*
2503 * if we didn't get the full body now, then more will
2504 * be arriving on the client socket. Lets cancel
2505 * the read handler until this request gets forwarded.
2506 */
2507 if (request->body_sz < request->content_length)
2508 commSetSelect(fd, COMM_SELECT_READ, NULL, NULL, 0);
2509 if (request->content_length < 0)
2510 (void) 0;
2511 else if (clientRequestBodyTooLarge(request->content_length)) {
2512 err = errorCon(ERR_TOO_BIG, HTTP_REQUEST_ENTITY_TOO_LARGE);
2513 err->request = requestLink(request);
2514 http->entry = clientCreateStoreEntry(http,
2515 METHOD_NONE, null_request_flags);
2516 errorAppendEntry(http->entry, err);
2517 break;
2518 }
2519 }
2520 clientAccessCheck(http);
2521 continue; /* while offset > 0 */
2522 } else if (parser_return_code == 0) {
2523 /*
2524 * Partial request received; reschedule until parseHttpRequest()
2525 * is happy with the input
2526 */
2527 k = conn->in.size - 1 - conn->in.offset;
2528 if (k == 0) {
2529 if (conn->in.offset >= Config.maxRequestHeaderSize) {
2530 /* The request is too large to handle */
2531 debug(33, 1) ("Request header is too large (%d bytes)\n",
2532 (int) conn->in.offset);
2533 debug(33, 1) ("Config 'request_header_max_size'= %d bytes.\n",
2534 Config.maxRequestHeaderSize);
2535 err = errorCon(ERR_TOO_BIG, HTTP_REQUEST_ENTITY_TOO_LARGE);
2536 http = parseHttpRequestAbort(conn, "error:request-too-large");
2537 /* add to the client request queue */
2538 for (H = &conn->chr; *H; H = &(*H)->next);
2539 *H = http;
2540 http->entry = clientCreateStoreEntry(http, METHOD_NONE, null_request_flags);
2541 errorAppendEntry(http->entry, err);
2542 return;
2543 }
2544 /* Grow the request memory area to accomodate for a large request */
2545 conn->in.size += REQUEST_BUF_SIZE;
2546 conn->in.buf = xrealloc(conn->in.buf, conn->in.size);
2547 /* XXX account conn->in.buf */
2548 debug(33, 3) ("Handling a large request, offset=%d inbufsize=%d\n",
2549 (int) conn->in.offset, conn->in.size);
2550 k = conn->in.size - 1 - conn->in.offset;
2551 }
2552 break;
2553 }
2554 }
2555 }
2556
2557 /* general lifetime handler for HTTP requests */
2558 static void
2559 requestTimeout(int fd, void *data)
2560 {
2561 ConnStateData *conn = data;
2562 ErrorState *err;
2563 debug(33, 3) ("requestTimeout: FD %d: lifetime is expired.\n", fd);
2564 if (fd_table[fd].rwstate) {
2565 /*
2566 * Some data has been sent to the client, just close the FD
2567 */
2568 comm_close(fd);
2569 } else if (conn->nrequests) {
2570 /*
2571 * assume its a persistent connection; just close it
2572 */
2573 comm_close(fd);
2574 } else {
2575 /*
2576 * Generate an error
2577 */
2578 err = errorCon(ERR_LIFETIME_EXP, HTTP_REQUEST_TIMEOUT);
2579 err->url = xstrdup("N/A");
2580 /*
2581 * Normally we shouldn't call errorSend() in client_side.c, but
2582 * it should be okay in this case. Presumably if we get here
2583 * this is the first request for the connection, and no data
2584 * has been written yet
2585 */
2586 assert(conn->chr == NULL);
2587 errorSend(fd, err);
2588 /*
2589 * if we don't close() here, we still need a timeout handler!
2590 */
2591 commSetTimeout(fd, 30, requestTimeout, conn);
2592 /*
2593 * Aha, but we don't want a read handler!
2594 */
2595 commSetSelect(fd, COMM_SELECT_READ, NULL, NULL, 0);
2596 }
2597 }
2598
2599 static int
2600 httpAcceptDefer(void)
2601 {
2602 static time_t last_warn = 0;
2603 if (fdNFree() >= RESERVED_FD)
2604 return 0;
2605 if (last_warn + 15 < squid_curtime) {
2606 debug(33, 0) ("WARNING! Your cache is running out of filedescriptors\n");
2607 last_warn = squid_curtime;
2608 }
2609 return 1;
2610 }
2611
2612 /* Handle a new connection on HTTP socket. */
2613 void
2614 httpAccept(int sock, void *data)
2615 {
2616 int *N = data;
2617 int fd = -1;
2618 ConnStateData *connState = NULL;
2619 struct sockaddr_in peer;
2620 struct sockaddr_in me;
2621 int max = INCOMING_HTTP_MAX;
2622 #if USE_IDENT
2623 static aclCheck_t identChecklist;
2624 #endif
2625 commSetSelect(sock, COMM_SELECT_READ, httpAccept, NULL, 0);
2626 while (max-- && !httpAcceptDefer()) {
2627 memset(&peer, '\0', sizeof(struct sockaddr_in));
2628 memset(&me, '\0', sizeof(struct sockaddr_in));
2629 if ((fd = comm_accept(sock, &peer, &me)) < 0) {
2630 if (!ignoreErrno(errno))
2631 debug(50, 1) ("httpAccept: FD %d: accept failure: %s\n",
2632 sock, xstrerror());
2633 break;
2634 }
2635 debug(33, 4) ("httpAccept: FD %d: accepted\n", fd);
2636 connState = memAllocate(MEM_CONNSTATEDATA);
2637 connState->peer = peer;
2638 connState->log_addr = peer.sin_addr;
2639 connState->log_addr.s_addr &= Config.Addrs.client_netmask.s_addr;
2640 connState->me = me;
2641 connState->fd = fd;
2642 connState->in.size = REQUEST_BUF_SIZE;
2643 connState->in.buf = xcalloc(connState->in.size, 1);
2644 cbdataAdd(connState, memFree, MEM_CONNSTATEDATA);
2645 /* XXX account connState->in.buf */
2646 comm_add_close_handler(fd, connStateFree, connState);
2647 if (Config.onoff.log_fqdn)
2648 fqdncache_gethostbyaddr(peer.sin_addr, FQDN_LOOKUP_IF_MISS);
2649 commSetTimeout(fd, Config.Timeout.request, requestTimeout, connState);
2650 #if USE_IDENT
2651 identChecklist.src_addr = peer.sin_addr;
2652 identChecklist.my_addr = me.sin_addr;
2653 identChecklist.my_port = ntohs(me.sin_port);
2654 if (aclCheckFast(Config.accessList.identLookup, &identChecklist))
2655 identStart(&me, &peer, clientIdentDone, connState);
2656 #endif
2657 commSetSelect(fd, COMM_SELECT_READ, clientReadRequest, connState, 0);
2658 commSetDefer(fd, clientReadDefer, connState);
2659 clientdbEstablished(peer.sin_addr, 1);
2660 (*N)++;
2661 }
2662 }
2663
2664 #define SENDING_BODY 0
2665 #define SENDING_HDRSONLY 1
2666 static int
2667 clientCheckTransferDone(clientHttpRequest * http)
2668 {
2669 int sending = SENDING_BODY;
2670 StoreEntry *entry = http->entry;
2671 MemObject *mem;
2672 http_reply *reply;
2673 int sendlen;
2674 if (entry == NULL)
2675 return 0;
2676 /*
2677 * For now, 'done_copying' is used for special cases like
2678 * Range and HEAD requests.
2679 */
2680 if (http->flags.done_copying)
2681 return 1;
2682 /*
2683 * Handle STORE_OK objects.
2684 * objectLen(entry) will be set proprely.
2685 */
2686 if (entry->store_status == STORE_OK) {
2687 if (http->out.offset >= objectLen(entry))
2688 return 1;
2689 else
2690 return 0;
2691 }
2692 /*
2693 * Now, handle STORE_PENDING objects
2694 */
2695 mem = entry->mem_obj;
2696 assert(mem != NULL);
2697 assert(http->request != NULL);
2698 reply = mem->reply;
2699 if (reply->hdr_sz == 0)
2700 return 0; /* haven't found end of headers yet */
2701 else if (reply->sline.status == HTTP_OK)
2702 sending = SENDING_BODY;
2703 else if (reply->sline.status == HTTP_NO_CONTENT)
2704 sending = SENDING_HDRSONLY;
2705 else if (reply->sline.status == HTTP_NOT_MODIFIED)
2706 sending = SENDING_HDRSONLY;
2707 else if (reply->sline.status < HTTP_OK)
2708 sending = SENDING_HDRSONLY;
2709 else if (http->request->method == METHOD_HEAD)
2710 sending = SENDING_HDRSONLY;
2711 else
2712 sending = SENDING_BODY;
2713 /*
2714 * Figure out how much data we are supposed to send.
2715 * If we are sending a body and we don't have a content-length,
2716 * then we must wait for the object to become STORE_OK.
2717 */
2718 if (sending == SENDING_HDRSONLY)
2719 sendlen = reply->hdr_sz;
2720 else if (reply->content_length < 0)
2721 return 0;
2722 else
2723 sendlen = reply->content_length + reply->hdr_sz;
2724 /*
2725 * Now that we have the expected length, did we send it all?
2726 */
2727 if (http->out.offset < sendlen)
2728 return 0;
2729 else
2730 return 1;
2731 }
2732
2733 static int
2734 clientGotNotEnough(clientHttpRequest * http)
2735 {
2736 int cl = httpReplyBodySize(http->request->method, http->entry->mem_obj->reply);
2737 int hs = http->entry->mem_obj->reply->hdr_sz;
2738 assert(cl >= 0);
2739 if (http->out.offset < cl + hs)
2740 return 1;
2741 return 0;
2742 }
2743
2744 /*
2745 * This function is designed to serve a fairly specific purpose.
2746 * Occasionally our vBNS-connected caches can talk to each other, but not
2747 * the rest of the world. Here we try to detect frequent failures which
2748 * make the cache unusable (e.g. DNS lookup and connect() failures). If
2749 * the failure:success ratio goes above 1.0 then we go into "hit only"
2750 * mode where we only return UDP_HIT or UDP_MISS_NOFETCH. Neighbors
2751 * will only fetch HITs from us if they are using the ICP protocol. We
2752 * stay in this mode for 5 minutes.
2753 *
2754 * Duane W., Sept 16, 1996
2755 */
2756
2757 static void
2758 checkFailureRatio(err_type etype, hier_code hcode)
2759 {
2760 static double magic_factor = 100.0;
2761 double n_good;
2762 double n_bad;
2763 if (hcode == HIER_NONE)
2764 return;
2765 n_good = magic_factor / (1.0 + request_failure_ratio);
2766 n_bad = magic_factor - n_good;
2767 switch (etype) {
2768 case ERR_DNS_FAIL:
2769 case ERR_CONNECT_FAIL:
2770 case ERR_READ_ERROR:
2771 n_bad++;
2772 break;
2773 default:
2774 n_good++;
2775 }
2776 request_failure_ratio = n_bad / n_good;
2777 if (hit_only_mode_until > squid_curtime)
2778 return;
2779 if (request_failure_ratio < 1.0)
2780 return;
2781 debug(33, 0) ("Failure Ratio at %4.2f\n", request_failure_ratio);
2782 debug(33, 0) ("Going into hit-only-mode for %d minutes...\n",
2783 FAILURE_MODE_TIME / 60);
2784 hit_only_mode_until = squid_curtime + FAILURE_MODE_TIME;
2785 request_failure_ratio = 0.8; /* reset to something less than 1.0 */
2786 }
2787
2788 void
2789 clientHttpConnectionsOpen(void)
2790 {
2791 sockaddr_in_list *s;
2792 int fd;
2793 for (s = Config.Sockaddr.http; s; s = s->next) {
2794 enter_suid();
2795 fd = comm_open(SOCK_STREAM,
2796 0,
2797 s->s.sin_addr,
2798 ntohs(s->s.sin_port),
2799 COMM_NONBLOCKING,
2800 "HTTP Socket");
2801 leave_suid();
2802 if (fd < 0)
2803 continue;
2804 comm_listen(fd);
2805 commSetSelect(fd, COMM_SELECT_READ, httpAccept, NULL, 0);
2806 /*commSetDefer(fd, httpAcceptDefer, NULL); */
2807 debug(1, 1) ("Accepting HTTP connections at %s, port %d, FD %d.\n",
2808 inet_ntoa(s->s.sin_addr),
2809 (int) ntohs(s->s.sin_port),
2810 fd);
2811 HttpSockets[NHttpSockets++] = fd;
2812 }
2813 if (NHttpSockets < 1)
2814 fatal("Cannot open HTTP Port");
2815 }
2816
2817 void
2818 clientHttpConnectionsClose(void)
2819 {
2820 int i;
2821 for (i = 0; i < NHttpSockets; i++) {
2822 if (HttpSockets[i] >= 0) {
2823 debug(1, 1) ("FD %d Closing HTTP connection\n", HttpSockets[i]);
2824 comm_close(HttpSockets[i]);
2825 HttpSockets[i] = -1;
2826 }
2827 }
2828 NHttpSockets = 0;
2829 }
Mirror of https://github.com/squid-cache/squid.git