]> git.ipfire.org Git - thirdparty/squid.git/blob - src/client_side_reply.cc
projects / thirdparty / squid.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
merge from trunk r13423
[thirdparty/squid.git] / src / client_side_reply.cc
1 /*
2 * DEBUG: section 88 Client-side Reply Routines
3 * AUTHOR: Robert Collins (Originally Duane Wessels in client_side.c)
4 *
5 * SQUID Web Proxy Cache http://www.squid-cache.org/
6 * ----------------------------------------------------------
7 *
8 * Squid is the result of efforts by numerous individuals from
9 * the Internet community; see the CONTRIBUTORS file for full
10 * details. Many organizations have provided support for Squid's
11 * development; see the SPONSORS file for full details. Squid is
12 * Copyrighted (C) 2001 by the Regents of the University of
13 * California; see the COPYRIGHT file for full details. Squid
14 * incorporates software developed and/or copyrighted by other
15 * sources; see the CREDITS file for full details.
16 *
17 * This program is free software; you can redistribute it and/or modify
18 * it under the terms of the GNU General Public License as published by
19 * the Free Software Foundation; either version 2 of the License, or
20 * (at your option) any later version.
21 *
22 * This program is distributed in the hope that it will be useful,
23 * but WITHOUT ANY WARRANTY; without even the implied warranty of
24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 * GNU General Public License for more details.
26 *
27 * You should have received a copy of the GNU General Public License
28 * along with this program; if not, write to the Free Software
29 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
30 *
31 */
32 #include "squid.h"
33 #include "acl/FilledChecklist.h"
34 #include "acl/Gadgets.h"
35 #include "anyp/PortCfg.h"
36 #include "client_side_reply.h"
37 #include "errorpage.h"
38 #include "ETag.h"
39 #include "fd.h"
40 #include "fde.h"
41 #include "format/Token.h"
42 #include "FwdState.h"
43 #include "globals.h"
44 #include "globals.h"
45 #include "HttpHeaderTools.h"
46 #include "HttpReply.h"
47 #include "HttpRequest.h"
48 #include "ip/QosConfig.h"
49 #include "ipcache.h"
50 #include "log/access_log.h"
51 #include "MemObject.h"
52 #include "mime_header.h"
53 #include "neighbors.h"
54 #include "refresh.h"
55 #include "RequestFlags.h"
56 #include "SquidConfig.h"
57 #include "SquidTime.h"
58 #include "Store.h"
59 #include "StrList.h"
60 #include "tools.h"
61 #include "URL.h"
62 #if USE_AUTH
63 #include "auth/UserRequest.h"
64 #endif
65 #if USE_DELAY_POOLS
66 #include "DelayPools.h"
67 #endif
68 #if USE_SQUID_ESI
69 #include "esi/Esi.h"
70 #endif
71
72 #include <memory>
73
74 CBDATA_CLASS_INIT(clientReplyContext);
75
76 /* Local functions */
77 extern "C" CSS clientReplyStatus;
78 ErrorState *clientBuildError(err_type, Http::StatusCode, char const *, Ip::Address &, HttpRequest *);
79
80 /* privates */
81
82 clientReplyContext::~clientReplyContext()
83 {
84 deleting = true;
85 /* This may trigger a callback back into SendMoreData as the cbdata
86 * is still valid
87 */
88 removeClientStoreReference(&sc, http);
89 /* old_entry might still be set if we didn't yet get the reply
90 * code in HandleIMSReply() */
91 removeStoreReference(&old_sc, &old_entry);
92 safe_free(tempBuffer.data);
93 cbdataReferenceDone(http);
94 HTTPMSGUNLOCK(reply);
95 }
96
97 clientReplyContext::clientReplyContext(ClientHttpRequest *clientContext) : http (cbdataReference(clientContext)), old_entry (NULL), old_sc(NULL), deleting(false)
98 {}
99
100 /** Create an error in the store awaiting the client side to read it.
101 *
102 * This may be better placed in the clientStream logic, but it has not been
103 * relocated there yet
104 */
105 void
106 clientReplyContext::setReplyToError(
107 err_type err, Http::StatusCode status, const HttpRequestMethod& method, char const *uri,
108 Ip::Address &addr, HttpRequest * failedrequest, const char *unparsedrequest,
109 #if USE_AUTH
110 Auth::UserRequest::Pointer auth_user_request
111 #else
112 void*
113 #endif
114 )
115 {
116 ErrorState *errstate = clientBuildError(err, status, uri, addr, failedrequest);
117
118 if (unparsedrequest)
119 errstate->request_hdrs = xstrdup(unparsedrequest);
120
121 #if USE_AUTH
122 errstate->auth_user_request = auth_user_request;
123 #endif
124 setReplyToError(method, errstate);
125 }
126
127 void clientReplyContext::setReplyToError(const HttpRequestMethod& method, ErrorState *errstate)
128 {
129 if (errstate->httpStatus == Http::scNotImplemented && http->request)
130 /* prevent confusion over whether we default to persistent or not */
131 http->request->flags.proxyKeepalive = false;
132
133 http->al->http.code = errstate->httpStatus;
134
135 if (http->request)
136 http->request->ignoreRange("responding with a Squid-generated error");
137
138 createStoreEntry(method, RequestFlags());
139 assert(errstate->callback_data == NULL);
140 errorAppendEntry(http->storeEntry(), errstate);
141 /* Now the caller reads to get this */
142 }
143
144 // Assumes that the entry contains an error response without Content-Range.
145 // To use with regular entries, make HTTP Range header removal conditional.
146 void clientReplyContext::setReplyToStoreEntry(StoreEntry *entry, const char *reason)
147 {
148 entry->lock("clientReplyContext::setReplyToStoreEntry"); // removeClientStoreReference() unlocks
149 sc = storeClientListAdd(entry, this);
150 #if USE_DELAY_POOLS
151 sc->setDelayId(DelayId::DelayClient(http));
152 #endif
153 reqofs = 0;
154 reqsize = 0;
155 if (http->request)
156 http->request->ignoreRange(reason);
157 flags.storelogiccomplete = 1;
158 http->storeEntry(entry);
159 }
160
161 void
162 clientReplyContext::removeStoreReference(store_client ** scp,
163 StoreEntry ** ep)
164 {
165 StoreEntry *e;
166 store_client *sc_tmp = *scp;
167
168 if ((e = *ep) != NULL) {
169 *ep = NULL;
170 storeUnregister(sc_tmp, e, this);
171 *scp = NULL;
172 e->unlock("clientReplyContext::removeStoreReference");
173 }
174 }
175
176 void
177 clientReplyContext::removeClientStoreReference(store_client **scp, ClientHttpRequest *aHttpRequest)
178 {
179 StoreEntry *reference = aHttpRequest->storeEntry();
180 removeStoreReference(scp, &reference);
181 aHttpRequest->storeEntry(reference);
182 }
183
184 void
185 clientReplyContext::saveState()
186 {
187 assert(old_sc == NULL);
188 debugs(88, 3, "clientReplyContext::saveState: saving store context");
189 old_entry = http->storeEntry();
190 old_sc = sc;
191 old_reqsize = reqsize;
192 tempBuffer.offset = reqofs;
193 /* Prevent accessing the now saved entries */
194 http->storeEntry(NULL);
195 sc = NULL;
196 reqsize = 0;
197 reqofs = 0;
198 }
199
200 void
201 clientReplyContext::restoreState()
202 {
203 assert(old_sc != NULL);
204 debugs(88, 3, "clientReplyContext::restoreState: Restoring store context");
205 removeClientStoreReference(&sc, http);
206 http->storeEntry(old_entry);
207 sc = old_sc;
208 reqsize = old_reqsize;
209 reqofs = tempBuffer.offset;
210 /* Prevent accessed the old saved entries */
211 old_entry = NULL;
212 old_sc = NULL;
213 old_reqsize = 0;
214 tempBuffer.offset = 0;
215 }
216
217 void
218 clientReplyContext::startError(ErrorState * err)
219 {
220 createStoreEntry(http->request->method, RequestFlags());
221 triggerInitialStoreRead();
222 errorAppendEntry(http->storeEntry(), err);
223 }
224
225 clientStreamNode *
226 clientReplyContext::getNextNode() const
227 {
228 return (clientStreamNode *)ourNode->node.next->data;
229 }
230
231 /* This function is wrong - the client parameters don't include the
232 * header offset
233 */
234 void
235 clientReplyContext::triggerInitialStoreRead()
236 {
237 /* when confident, 0 becomes reqofs, and then this factors into
238 * startSendProcess
239 */
240 assert(reqofs == 0);
241 StoreIOBuffer localTempBuffer (next()->readBuffer.length, 0, next()->readBuffer.data);
242 storeClientCopy(sc, http->storeEntry(), localTempBuffer, SendMoreData, this);
243 }
244
245 /* there is an expired entry in the store.
246 * setup a temporary buffer area and perform an IMS to the origin
247 */
248 void
249 clientReplyContext::processExpired()
250 {
251 const char *url = storeId();
252 StoreEntry *entry = NULL;
253 debugs(88, 3, "clientReplyContext::processExpired: '" << http->uri << "'");
254 assert(http->storeEntry()->lastmod >= 0);
255 /*
256 * check if we are allowed to contact other servers
257 * @?@: Instead of a 504 (Gateway Timeout) reply, we may want to return
258 * a stale entry *if* it matches client requirements
259 */
260
261 if (http->onlyIfCached()) {
262 processOnlyIfCachedMiss();
263 return;
264 }
265
266 http->request->flags.refresh = true;
267 #if STORE_CLIENT_LIST_DEBUG
268 /* Prevent a race with the store client memory free routines
269 */
270 assert(storeClientIsThisAClient(sc, this));
271 #endif
272 /* Prepare to make a new temporary request */
273 saveState();
274 entry = storeCreateEntry(url,
275 http->log_uri, http->request->flags, http->request->method);
276 /* NOTE, don't call StoreEntry->lock(), storeCreateEntry() does it */
277 sc = storeClientListAdd(entry, this);
278 #if USE_DELAY_POOLS
279 /* delay_id is already set on original store client */
280 sc->setDelayId(DelayId::DelayClient(http));
281 #endif
282
283 http->request->lastmod = old_entry->lastmod;
284
285 if (!http->request->header.has(HDR_IF_NONE_MATCH)) {
286 ETag etag = {NULL, -1}; // TODO: make that a default ETag constructor
287 if (old_entry->hasEtag(etag) && !etag.weak)
288 http->request->etag = etag.str;
289 }
290
291 debugs(88, 5, "clientReplyContext::processExpired : lastmod " << entry->lastmod );
292 http->storeEntry(entry);
293 assert(http->out.offset == 0);
294 assert(http->request->clientConnectionManager == http->getConn());
295
296 /*
297 * A refcounted pointer so that FwdState stays around as long as
298 * this clientReplyContext does
299 */
300 Comm::ConnectionPointer conn = http->getConn() != NULL ? http->getConn()->clientConnection : NULL;
301 FwdState::Start(conn, http->storeEntry(), http->request, http->al);
302
303 /* Register with storage manager to receive updates when data comes in. */
304
305 if (EBIT_TEST(entry->flags, ENTRY_ABORTED))
306 debugs(88, DBG_CRITICAL, "clientReplyContext::processExpired: Found ENTRY_ABORTED object");
307
308 {
309 /* start counting the length from 0 */
310 StoreIOBuffer localTempBuffer(HTTP_REQBUF_SZ, 0, tempbuf);
311 storeClientCopy(sc, entry, localTempBuffer, HandleIMSReply, this);
312 }
313 }
314
315 void
316 clientReplyContext::sendClientUpstreamResponse()
317 {
318 StoreIOBuffer tempresult;
319 removeStoreReference(&old_sc, &old_entry);
320 /* here the data to send is the data we just received */
321 tempBuffer.offset = 0;
322 old_reqsize = 0;
323 /* sendMoreData tracks the offset as well.
324 * Force it back to zero */
325 reqofs = 0;
326 assert(!EBIT_TEST(http->storeEntry()->flags, ENTRY_ABORTED));
327 /* TODO: provide sendMoreData with the ready parsed reply */
328 tempresult.length = reqsize;
329 tempresult.data = tempbuf;
330 sendMoreData(tempresult);
331 }
332
333 void
334 clientReplyContext::HandleIMSReply(void *data, StoreIOBuffer result)
335 {
336 clientReplyContext *context = (clientReplyContext *)data;
337 context->handleIMSReply(result);
338 }
339
340 void
341 clientReplyContext::sendClientOldEntry()
342 {
343 /* Get the old request back */
344 restoreState();
345 /* here the data to send is in the next nodes buffers already */
346 assert(!EBIT_TEST(http->storeEntry()->flags, ENTRY_ABORTED));
347 /* sendMoreData tracks the offset as well.
348 * Force it back to zero */
349 reqofs = 0;
350 StoreIOBuffer tempresult (reqsize, reqofs, next()->readBuffer.data);
351 sendMoreData(tempresult);
352 }
353
354 /* This is the workhorse of the HandleIMSReply callback.
355 *
356 * It is called when we've got data back from the origin following our
357 * IMS request to revalidate a stale entry.
358 */
359 void
360 clientReplyContext::handleIMSReply(StoreIOBuffer result)
361 {
362 if (deleting)
363 return;
364
365 debugs(88, 3, "handleIMSReply: " << http->storeEntry()->url() << ", " << (long unsigned) result.length << " bytes" );
366
367 if (http->storeEntry() == NULL)
368 return;
369
370 if (result.flags.error && !EBIT_TEST(http->storeEntry()->flags, ENTRY_ABORTED))
371 return;
372
373 /* update size of the request */
374 reqsize = result.length + reqofs;
375
376 const Http::StatusCode status = http->storeEntry()->getReply()->sline.status();
377
378 // request to origin was aborted
379 if (EBIT_TEST(http->storeEntry()->flags, ENTRY_ABORTED)) {
380 debugs(88, 3, "handleIMSReply: request to origin aborted '" << http->storeEntry()->url() << "', sending old entry to client" );
381 http->logType = LOG_TCP_REFRESH_FAIL_OLD;
382 sendClientOldEntry();
383 }
384
385 HttpReply *old_rep = (HttpReply *) old_entry->getReply();
386
387 // origin replied 304
388 if (status == Http::scNotModified) {
389 http->logType = LOG_TCP_REFRESH_UNMODIFIED;
390 http->request->flags.staleIfHit = false; // old_entry is no longer stale
391
392 // update headers on existing entry
393 old_rep->updateOnNotModified(http->storeEntry()->getReply());
394 old_entry->timestampsSet();
395
396 // if client sent IMS
397
398 if (http->request->flags.ims && !old_entry->modifiedSince(http->request)) {
399 // forward the 304 from origin
400 debugs(88, 3, "handleIMSReply: origin replied 304, revalidating existing entry and forwarding 304 to client");
401 sendClientUpstreamResponse();
402 } else {
403 // send existing entry, it's still valid
404 debugs(88, 3, "handleIMSReply: origin replied 304, revalidating existing entry and sending " <<
405 old_rep->sline.status() << " to client");
406 sendClientOldEntry();
407 }
408 }
409
410 // origin replied with a non-error code
411 else if (status > Http::scNone && status < Http::scInternalServerError) {
412 // forward response from origin
413 http->logType = LOG_TCP_REFRESH_MODIFIED;
414 debugs(88, 3, "handleIMSReply: origin replied " << status << ", replacing existing entry and forwarding to client");
415 sendClientUpstreamResponse();
416 }
417
418 // origin replied with an error
419 else if (http->request->flags.failOnValidationError) {
420 http->logType = LOG_TCP_REFRESH_FAIL_ERR;
421 debugs(88, 3, "handleIMSReply: origin replied with error " << status <<
422 ", forwarding to client due to fail_on_validation_err");
423 sendClientUpstreamResponse();
424 } else {
425 // ignore and let client have old entry
426 http->logType = LOG_TCP_REFRESH_FAIL_OLD;
427 debugs(88, 3, "handleIMSReply: origin replied with error " <<
428 status << ", sending old entry (" << old_rep->sline.status() << ") to client");
429 sendClientOldEntry();
430 }
431 }
432
433 SQUIDCEXTERN CSR clientGetMoreData;
434 SQUIDCEXTERN CSD clientReplyDetach;
435
436 /**
437 * clientReplyContext::cacheHit Should only be called until the HTTP reply headers
438 * have been parsed. Normally this should be a single call, but
439 * it might take more than one. As soon as we have the headers,
440 * we hand off to clientSendMoreData, processExpired, or
441 * processMiss.
442 */
443 void
444 clientReplyContext::CacheHit(void *data, StoreIOBuffer result)
445 {
446 clientReplyContext *context = (clientReplyContext *)data;
447 context->cacheHit(result);
448 }
449
450 /**
451 * Process a possible cache HIT.
452 */
453 void
454 clientReplyContext::cacheHit(StoreIOBuffer result)
455 {
456 /** Ignore if the HIT object is being deleted. */
457 if (deleting) {
458 debugs(88, 3, "HIT object being deleted. Ignore the HIT.");
459 return;
460 }
461
462 StoreEntry *e = http->storeEntry();
463
464 HttpRequest *r = http->request;
465
466 debugs(88, 3, "clientCacheHit: " << http->uri << ", " << result.length << " bytes");
467
468 if (http->storeEntry() == NULL) {
469 debugs(88, 3, "clientCacheHit: request aborted");
470 return;
471 } else if (result.flags.error) {
472 /* swap in failure */
473 debugs(88, 3, "clientCacheHit: swapin failure for " << http->uri);
474 http->logType = LOG_TCP_SWAPFAIL_MISS;
475 removeClientStoreReference(&sc, http);
476 processMiss();
477 return;
478 }
479
480 if (result.length == 0) {
481 debugs(88, 5, "store IO buffer has no content. MISS");
482 /* the store couldn't get enough data from the file for us to id the
483 * object
484 */
485 /* treat as a miss */
486 http->logType = LOG_TCP_MISS;
487 processMiss();
488 return;
489 }
490
491 assert(!EBIT_TEST(e->flags, ENTRY_ABORTED));
492 /* update size of the request */
493 reqsize = result.length + reqofs;
494
495 /*
496 * Got the headers, now grok them
497 */
498 assert(http->logType == LOG_TCP_HIT);
499
500 if (strcmp(e->mem_obj->storeId(), http->request->storeId()) != 0) {
501 debugs(33, DBG_IMPORTANT, "clientProcessHit: URL mismatch, '" << e->mem_obj->storeId() << "' != '" << http->request->storeId() << "'");
502 http->logType = LOG_TCP_MISS; // we lack a more precise LOG_*_MISS code
503 processMiss();
504 return;
505 }
506
507 switch (varyEvaluateMatch(e, r)) {
508
509 case VARY_NONE:
510 /* No variance detected. Continue as normal */
511 break;
512
513 case VARY_MATCH:
514 /* This is the correct entity for this request. Continue */
515 debugs(88, 2, "clientProcessHit: Vary MATCH!");
516 break;
517
518 case VARY_OTHER:
519 /* This is not the correct entity for this request. We need
520 * to requery the cache.
521 */
522 removeClientStoreReference(&sc, http);
523 e = NULL;
524 /* Note: varyEvalyateMatch updates the request with vary information
525 * so we only get here once. (it also takes care of cancelling loops)
526 */
527 debugs(88, 2, "clientProcessHit: Vary detected!");
528 clientGetMoreData(ourNode, http);
529 return;
530
531 case VARY_CANCEL:
532 /* varyEvaluateMatch found a object loop. Process as miss */
533 debugs(88, DBG_IMPORTANT, "clientProcessHit: Vary object loop!");
534 http->logType = LOG_TCP_MISS; // we lack a more precise LOG_*_MISS code
535 processMiss();
536 return;
537 }
538
539 if (r->method == Http::METHOD_PURGE) {
540 debugs(88, 5, "PURGE gets a HIT");
541 removeClientStoreReference(&sc, http);
542 e = NULL;
543 purgeRequest();
544 return;
545 }
546
547 if (e->checkNegativeHit() && !r->flags.noCacheHack()) {
548 debugs(88, 5, "negative-HIT");
549 http->logType = LOG_TCP_NEGATIVE_HIT;
550 sendMoreData(result);
551 } else if (blockedHit()) {
552 debugs(88, 5, "send_hit forces a MISS");
553 http->logType = LOG_TCP_MISS;
554 processMiss();
555 return;
556 } else if (!http->flags.internal && refreshCheckHTTP(e, r)) {
557 debugs(88, 5, "clientCacheHit: in refreshCheck() block");
558 /*
559 * We hold a stale copy; it needs to be validated
560 */
561 /*
562 * The 'needValidation' flag is used to prevent forwarding
563 * loops between siblings. If our copy of the object is stale,
564 * then we should probably only use parents for the validation
565 * request. Otherwise two siblings could generate a loop if
566 * both have a stale version of the object.
567 */
568 r->flags.needValidation = true;
569
570 if (e->lastmod < 0) {
571 debugs(88, 3, "validate HIT object? NO. Missing Last-Modified header. Do MISS.");
572 /*
573 * Previous reply didn't have a Last-Modified header,
574 * we cannot revalidate it.
575 */
576 http->logType = LOG_TCP_MISS;
577 processMiss();
578 } else if (r->flags.noCache) {
579 debugs(88, 3, "validate HIT object? NO. Client sent CC:no-cache. Do CLIENT_REFRESH_MISS");
580 /*
581 * This did not match a refresh pattern that overrides no-cache
582 * we should honour the client no-cache header.
583 */
584 http->logType = LOG_TCP_CLIENT_REFRESH_MISS;
585 processMiss();
586 } else if (r->url.getScheme() == AnyP::PROTO_HTTP) {
587 debugs(88, 3, "validate HIT object? YES.");
588 /*
589 * Object needs to be revalidated
590 * XXX This could apply to FTP as well, if Last-Modified is known.
591 */
592 processExpired();
593 } else {
594 debugs(88, 3, "validate HIT object? NO. Client protocol non-HTTP. Do MISS.");
595 /*
596 * We don't know how to re-validate other protocols. Handle
597 * them as if the object has expired.
598 */
599 http->logType = LOG_TCP_MISS;
600 processMiss();
601 }
602 } else if (r->conditional()) {
603 debugs(88, 5, "conditional HIT");
604 processConditional(result);
605 } else {
606 /*
607 * plain ol' cache hit
608 */
609 debugs(88, 5, "plain old HIT");
610
611 #if USE_DELAY_POOLS
612 if (e->store_status != STORE_OK)
613 http->logType = LOG_TCP_MISS;
614 else
615 #endif
616 if (e->mem_status == IN_MEMORY)
617 http->logType = LOG_TCP_MEM_HIT;
618 else if (Config.onoff.offline)
619 http->logType = LOG_TCP_OFFLINE_HIT;
620
621 sendMoreData(result);
622 }
623 }
624
625 /**
626 * Prepare to fetch the object as it's a cache miss of some kind.
627 */
628 void
629 clientReplyContext::processMiss()
630 {
631 char *url = http->uri;
632 HttpRequest *r = http->request;
633 ErrorState *err = NULL;
634 debugs(88, 4, r->method << ' ' << url);
635
636 /**
637 * We might have a left-over StoreEntry from a failed cache hit
638 * or IMS request.
639 */
640 if (http->storeEntry()) {
641 if (EBIT_TEST(http->storeEntry()->flags, ENTRY_SPECIAL)) {
642 debugs(88, DBG_CRITICAL, "clientProcessMiss: miss on a special object (" << url << ").");
643 debugs(88, DBG_CRITICAL, "\tlog_type = " << LogTags_str[http->logType]);
644 http->storeEntry()->dump(1);
645 }
646
647 removeClientStoreReference(&sc, http);
648 }
649
650 /** Check if its a PURGE request to be actioned. */
651 if (r->method == Http::METHOD_PURGE) {
652 purgeRequest();
653 return;
654 }
655
656 /** Check if its an 'OTHER' request. Purge all cached entries if so and continue. */
657 if (r->method == Http::METHOD_OTHER) {
658 purgeAllCached();
659 }
660
661 /** Check if 'only-if-cached' flag is set. Action if so. */
662 if (http->onlyIfCached()) {
663 processOnlyIfCachedMiss();
664 return;
665 }
666
667 /// Deny loops
668 if (r->flags.loopDetected) {
669 http->al->http.code = Http::scForbidden;
670 err = clientBuildError(ERR_ACCESS_DENIED, Http::scForbidden, NULL, http->getConn()->clientConnection->remote, http->request);
671 createStoreEntry(r->method, RequestFlags());
672 errorAppendEntry(http->storeEntry(), err);
673 triggerInitialStoreRead();
674 return;
675 } else {
676 assert(http->out.offset == 0);
677 createStoreEntry(r->method, r->flags);
678 triggerInitialStoreRead();
679
680 if (http->redirect.status) {
681 HttpReply *rep = new HttpReply;
682 http->logType = LOG_TCP_REDIRECT;
683 http->storeEntry()->releaseRequest();
684 rep->redirect(http->redirect.status, http->redirect.location);
685 http->storeEntry()->replaceHttpReply(rep);
686 http->storeEntry()->complete();
687 return;
688 }
689
690 assert(r->clientConnectionManager == http->getConn());
691
692 /** Start forwarding to get the new object from network */
693 Comm::ConnectionPointer conn = http->getConn() != NULL ? http->getConn()->clientConnection : NULL;
694 FwdState::Start(conn, http->storeEntry(), r, http->al);
695 }
696 }
697
698 /**
699 * client issued a request with an only-if-cached cache-control directive;
700 * we did not find a cached object that can be returned without
701 * contacting other servers;
702 * respond with a 504 (Gateway Timeout) as suggested in [RFC 2068]
703 */
704 void
705 clientReplyContext::processOnlyIfCachedMiss()
706 {
707 debugs(88, 4, http->request->method << ' ' << http->uri);
708 http->al->http.code = Http::scGatewayTimeout;
709 ErrorState *err = clientBuildError(ERR_ONLY_IF_CACHED_MISS, Http::scGatewayTimeout, NULL,
710 http->getConn()->clientConnection->remote, http->request);
711 removeClientStoreReference(&sc, http);
712 startError(err);
713 }
714
715 /// process conditional request from client
716 void
717 clientReplyContext::processConditional(StoreIOBuffer &result)
718 {
719 StoreEntry *const e = http->storeEntry();
720
721 if (e->getReply()->sline.status() != Http::scOkay) {
722 debugs(88, 4, "clientReplyContext::processConditional: Reply code " <<
723 e->getReply()->sline.status() << " != 200");
724 http->logType = LOG_TCP_MISS;
725 processMiss();
726 return;
727 }
728
729 HttpRequest &r = *http->request;
730
731 if (r.header.has(HDR_IF_MATCH) && !e->hasIfMatchEtag(r)) {
732 // RFC 2616: reply with 412 Precondition Failed if If-Match did not match
733 sendPreconditionFailedError();
734 return;
735 }
736
737 bool matchedIfNoneMatch = false;
738 if (r.header.has(HDR_IF_NONE_MATCH)) {
739 if (!e->hasIfNoneMatchEtag(r)) {
740 // RFC 2616: ignore IMS if If-None-Match did not match
741 r.flags.ims = false;
742 r.ims = -1;
743 r.imslen = 0;
744 r.header.delById(HDR_IF_MODIFIED_SINCE);
745 http->logType = LOG_TCP_MISS;
746 sendMoreData(result);
747 return;
748 }
749
750 if (!r.flags.ims) {
751 // RFC 2616: if If-None-Match matched and there is no IMS,
752 // reply with 304 Not Modified or 412 Precondition Failed
753 sendNotModifiedOrPreconditionFailedError();
754 return;
755 }
756
757 // otherwise check IMS below to decide if we reply with 304 or 412
758 matchedIfNoneMatch = true;
759 }
760
761 if (r.flags.ims) {
762 // handle If-Modified-Since requests from the client
763 if (e->modifiedSince(&r)) {
764 http->logType = LOG_TCP_IMS_HIT;
765 sendMoreData(result);
766 return;
767 }
768
769 if (matchedIfNoneMatch) {
770 // If-None-Match matched, reply with 304 Not Modified or
771 // 412 Precondition Failed
772 sendNotModifiedOrPreconditionFailedError();
773 return;
774 }
775
776 // otherwise reply with 304 Not Modified
777 sendNotModified();
778 }
779 }
780
781 /// whether squid.conf send_hit prevents us from serving this hit
782 bool
783 clientReplyContext::blockedHit() const
784 {
785 if (!Config.accessList.sendHit)
786 return false; // hits are not blocked by default
787
788 if (http->flags.internal)
789 return false; // internal content "hits" cannot be blocked
790
791 if (const HttpReply *rep = http->storeEntry()->getReply()) {
792 std::auto_ptr<ACLFilledChecklist> chl(clientAclChecklistCreate(Config.accessList.sendHit, http));
793 chl->reply = const_cast<HttpReply*>(rep); // ACLChecklist API bug
794 HTTPMSGLOCK(chl->reply);
795 return chl->fastCheck() != ACCESS_ALLOWED; // when in doubt, block
796 }
797
798 // This does not happen, I hope, because we are called from CacheHit, which
799 // is called via a storeClientCopy() callback, and store should initialize
800 // the reply before calling that callback.
801 debugs(88, 3, "Missing reply!");
802 return false;
803 }
804
805 void
806 clientReplyContext::purgeRequestFindObjectToPurge()
807 {
808 /* Try to find a base entry */
809 http->flags.purging = true;
810 lookingforstore = 1;
811
812 // TODO: can we use purgeAllCached() here instead of doing the
813 // getPublicByRequestMethod() dance?
814 StoreEntry::getPublicByRequestMethod(this, http->request, Http::METHOD_GET);
815 }
816
817 // Purges all entries with a given url
818 // TODO: move to SideAgent parent, when we have one
819 /*
820 * We probably cannot purge Vary-affected responses because their MD5
821 * keys depend on vary headers.
822 */
823 void
824 purgeEntriesByUrl(HttpRequest * req, const char *url)
825 {
826 #if USE_HTCP
827 bool get_or_head_sent = false;
828 #endif
829
830 for (HttpRequestMethod m(Http::METHOD_NONE); m != Http::METHOD_ENUM_END; ++m) {
831 if (m.respMaybeCacheable()) {
832 if (StoreEntry *entry = storeGetPublic(url, m)) {
833 debugs(88, 5, "purging " << *entry << ' ' << m << ' ' << url);
834 #if USE_HTCP
835 neighborsHtcpClear(entry, url, req, m, HTCP_CLR_INVALIDATION);
836 if (m == Http::METHOD_GET || m == Http::METHOD_HEAD) {
837 get_or_head_sent = true;
838 }
839 #endif
840 entry->release();
841 }
842 }
843 }
844
845 #if USE_HTCP
846 if (!get_or_head_sent) {
847 neighborsHtcpClear(NULL, url, req, HttpRequestMethod(Http::METHOD_GET), HTCP_CLR_INVALIDATION);
848 }
849 #endif
850 }
851
852 void
853 clientReplyContext::purgeAllCached()
854 {
855 const char *url = urlCanonical(http->request);
856 purgeEntriesByUrl(http->request, url);
857 }
858
859 void
860 clientReplyContext::created(StoreEntry *newEntry)
861 {
862 if (lookingforstore == 1)
863 purgeFoundGet(newEntry);
864 else if (lookingforstore == 2)
865 purgeFoundHead(newEntry);
866 else if (lookingforstore == 3)
867 purgeDoPurgeGet(newEntry);
868 else if (lookingforstore == 4)
869 purgeDoPurgeHead(newEntry);
870 else if (lookingforstore == 5)
871 identifyFoundObject(newEntry);
872 }
873
874 void
875 clientReplyContext::purgeFoundGet(StoreEntry *newEntry)
876 {
877 if (newEntry->isNull()) {
878 lookingforstore = 2;
879 StoreEntry::getPublicByRequestMethod(this, http->request, Http::METHOD_HEAD);
880 } else
881 purgeFoundObject (newEntry);
882 }
883
884 void
885 clientReplyContext::purgeFoundHead(StoreEntry *newEntry)
886 {
887 if (newEntry->isNull())
888 purgeDoMissPurge();
889 else
890 purgeFoundObject (newEntry);
891 }
892
893 void
894 clientReplyContext::purgeFoundObject(StoreEntry *entry)
895 {
896 assert (entry && !entry->isNull());
897
898 if (EBIT_TEST(entry->flags, ENTRY_SPECIAL)) {
899 http->logType = LOG_TCP_DENIED;
900 ErrorState *err = clientBuildError(ERR_ACCESS_DENIED, Http::scForbidden, NULL,
901 http->getConn()->clientConnection->remote, http->request);
902 startError(err);
903 return; // XXX: leaking unused entry if some store does not keep it
904 }
905
906 StoreIOBuffer localTempBuffer;
907 /* Swap in the metadata */
908 http->storeEntry(entry);
909
910 http->storeEntry()->lock("clientReplyContext::purgeFoundObject");
911 http->storeEntry()->createMemObject(storeId(), http->log_uri,
912 http->request->method);
913
914 sc = storeClientListAdd(http->storeEntry(), this);
915
916 http->logType = LOG_TCP_HIT;
917
918 reqofs = 0;
919
920 localTempBuffer.offset = http->out.offset;
921
922 localTempBuffer.length = next()->readBuffer.length;
923
924 localTempBuffer.data = next()->readBuffer.data;
925
926 storeClientCopy(sc, http->storeEntry(),
927 localTempBuffer, CacheHit, this);
928 }
929
930 void
931 clientReplyContext::purgeRequest()
932 {
933 debugs(88, 3, "Config2.onoff.enable_purge = " <<
934 Config2.onoff.enable_purge);
935
936 if (!Config2.onoff.enable_purge) {
937 http->logType = LOG_TCP_DENIED;
938 ErrorState *err = clientBuildError(ERR_ACCESS_DENIED, Http::scForbidden, NULL, http->getConn()->clientConnection->remote, http->request);
939 startError(err);
940 return;
941 }
942
943 /* Release both IP cache */
944 ipcacheInvalidate(http->request->GetHost());
945
946 if (!http->flags.purging)
947 purgeRequestFindObjectToPurge();
948 else
949 purgeDoMissPurge();
950 }
951
952 void
953 clientReplyContext::purgeDoMissPurge()
954 {
955 http->logType = LOG_TCP_MISS;
956 lookingforstore = 3;
957 StoreEntry::getPublicByRequestMethod(this,http->request, Http::METHOD_GET);
958 }
959
960 void
961 clientReplyContext::purgeDoPurgeGet(StoreEntry *newEntry)
962 {
963 assert (newEntry);
964 /* Move to new() when that is created */
965 purgeStatus = Http::scNotFound;
966
967 if (!newEntry->isNull()) {
968 /* Release the cached URI */
969 debugs(88, 4, "clientPurgeRequest: GET '" << newEntry->url() << "'" );
970 #if USE_HTCP
971 neighborsHtcpClear(newEntry, NULL, http->request, HttpRequestMethod(Http::METHOD_GET), HTCP_CLR_PURGE);
972 #endif
973 newEntry->release();
974 purgeStatus = Http::scOkay;
975 }
976
977 lookingforstore = 4;
978 StoreEntry::getPublicByRequestMethod(this, http->request, Http::METHOD_HEAD);
979 }
980
981 void
982 clientReplyContext::purgeDoPurgeHead(StoreEntry *newEntry)
983 {
984 if (newEntry && !newEntry->isNull()) {
985 debugs(88, 4, "clientPurgeRequest: HEAD '" << newEntry->url() << "'" );
986 #if USE_HTCP
987 neighborsHtcpClear(newEntry, NULL, http->request, HttpRequestMethod(Http::METHOD_HEAD), HTCP_CLR_PURGE);
988 #endif
989 newEntry->release();
990 purgeStatus = Http::scOkay;
991 }
992
993 /* And for Vary, release the base URI if none of the headers was included in the request */
994
995 if (http->request->vary_headers
996 && !strstr(http->request->vary_headers, "=")) {
997 StoreEntry *entry = storeGetPublic(urlCanonical(http->request), Http::METHOD_GET);
998
999 if (entry) {
1000 debugs(88, 4, "clientPurgeRequest: Vary GET '" << entry->url() << "'" );
1001 #if USE_HTCP
1002 neighborsHtcpClear(entry, NULL, http->request, HttpRequestMethod(Http::METHOD_GET), HTCP_CLR_PURGE);
1003 #endif
1004 entry->release();
1005 purgeStatus = Http::scOkay;
1006 }
1007
1008 entry = storeGetPublic(urlCanonical(http->request), Http::METHOD_HEAD);
1009
1010 if (entry) {
1011 debugs(88, 4, "clientPurgeRequest: Vary HEAD '" << entry->url() << "'" );
1012 #if USE_HTCP
1013 neighborsHtcpClear(entry, NULL, http->request, HttpRequestMethod(Http::METHOD_HEAD), HTCP_CLR_PURGE);
1014 #endif
1015 entry->release();
1016 purgeStatus = Http::scOkay;
1017 }
1018 }
1019
1020 /*
1021 * Make a new entry to hold the reply to be written
1022 * to the client.
1023 */
1024 /* FIXME: This doesn't need to go through the store. Simply
1025 * push down the client chain
1026 */
1027 createStoreEntry(http->request->method, RequestFlags());
1028
1029 triggerInitialStoreRead();
1030
1031 HttpReply *rep = new HttpReply;
1032 rep->setHeaders(purgeStatus, NULL, NULL, 0, 0, -1);
1033 http->storeEntry()->replaceHttpReply(rep);
1034 http->storeEntry()->complete();
1035 }
1036
1037 void
1038 clientReplyContext::traceReply(clientStreamNode * node)
1039 {
1040 clientStreamNode *nextNode = (clientStreamNode *)node->node.next->data;
1041 StoreIOBuffer localTempBuffer;
1042 createStoreEntry(http->request->method, RequestFlags());
1043 localTempBuffer.offset = nextNode->readBuffer.offset + headers_sz;
1044 localTempBuffer.length = nextNode->readBuffer.length;
1045 localTempBuffer.data = nextNode->readBuffer.data;
1046 storeClientCopy(sc, http->storeEntry(),
1047 localTempBuffer, SendMoreData, this);
1048 http->storeEntry()->releaseRequest();
1049 http->storeEntry()->buffer();
1050 HttpReply *rep = new HttpReply;
1051 rep->setHeaders(Http::scOkay, NULL, "text/plain", http->request->prefixLen(), 0, squid_curtime);
1052 http->storeEntry()->replaceHttpReply(rep);
1053 http->request->swapOut(http->storeEntry());
1054 http->storeEntry()->complete();
1055 }
1056
1057 #define SENDING_BODY 0
1058 #define SENDING_HDRSONLY 1
1059 int
1060 clientReplyContext::checkTransferDone()
1061 {
1062 StoreEntry *entry = http->storeEntry();
1063
1064 if (entry == NULL)
1065 return 0;
1066
1067 /*
1068 * For now, 'done_copying' is used for special cases like
1069 * Range and HEAD requests.
1070 */
1071 if (http->flags.done_copying)
1072 return 1;
1073
1074 if (http->request->flags.chunkedReply && !flags.complete) {
1075 // last-chunk was not sent
1076 return 0;
1077 }
1078
1079 /*
1080 * Handle STORE_OK objects.
1081 * objectLen(entry) will be set proprely.
1082 * RC: Does objectLen(entry) include the Headers?
1083 * RC: Yes.
1084 */
1085 if (entry->store_status == STORE_OK) {
1086 return storeOKTransferDone();
1087 } else {
1088 return storeNotOKTransferDone();
1089 }
1090 }
1091
1092 int
1093 clientReplyContext::storeOKTransferDone() const
1094 {
1095 assert(http->storeEntry()->objectLen() >= 0);
1096 assert(http->storeEntry()->objectLen() >= headers_sz);
1097 if (http->out.offset >= http->storeEntry()->objectLen() - headers_sz) {
1098 debugs(88,3,HERE << "storeOKTransferDone " <<
1099 " out.offset=" << http->out.offset <<
1100 " objectLen()=" << http->storeEntry()->objectLen() <<
1101 " headers_sz=" << headers_sz);
1102 return 1;
1103 }
1104
1105 return 0;
1106 }
1107
1108 int
1109 clientReplyContext::storeNotOKTransferDone() const
1110 {
1111 /*
1112 * Now, handle STORE_PENDING objects
1113 */
1114 MemObject *mem = http->storeEntry()->mem_obj;
1115 assert(mem != NULL);
1116 assert(http->request != NULL);
1117 /* mem->reply was wrong because it uses the UPSTREAM header length!!! */
1118 HttpReply const *curReply = mem->getReply();
1119
1120 if (headers_sz == 0)
1121 /* haven't found end of headers yet */
1122 return 0;
1123
1124 /*
1125 * Figure out how much data we are supposed to send.
1126 * If we are sending a body and we don't have a content-length,
1127 * then we must wait for the object to become STORE_OK.
1128 */
1129 if (curReply->content_length < 0)
1130 return 0;
1131
1132 int64_t expectedLength = curReply->content_length + http->out.headers_sz;
1133
1134 if (http->out.size < expectedLength)
1135 return 0;
1136 else {
1137 debugs(88,3,HERE << "storeNotOKTransferDone " <<
1138 " out.size=" << http->out.size <<
1139 " expectedLength=" << expectedLength);
1140 return 1;
1141 }
1142 }
1143
1144 /* A write has completed, what is the next status based on the
1145 * canonical request data?
1146 * 1 something is wrong
1147 * 0 nothing is wrong.
1148 *
1149 */
1150 int
1151 clientHttpRequestStatus(int fd, ClientHttpRequest const *http)
1152 {
1153 #if SIZEOF_INT64_T == 4
1154 if (http->out.size > 0x7FFF0000) {
1155 debugs(88, DBG_IMPORTANT, "WARNING: closing FD " << fd << " to prevent out.size counter overflow");
1156 debugs(88, DBG_IMPORTANT, "\tclient " << http->getConn()->peer);
1157 debugs(88, DBG_IMPORTANT, "\treceived " << http->out.size << " bytes");
1158 debugs(88, DBG_IMPORTANT, "\tURI " << http->log_uri);
1159 return 1;
1160 }
1161
1162 if (http->out.offset > 0x7FFF0000) {
1163 debugs(88, DBG_IMPORTANT, "WARNING: closing FD " << fd < " to prevent out.offset counter overflow");
1164 debugs(88, DBG_IMPORTANT, "\tclient " << http->getConn()->peer);
1165 debugs(88, DBG_IMPORTANT, "\treceived " << http->out.size << " bytes, offset " << http->out.offset);
1166 debugs(88, DBG_IMPORTANT, "\tURI " << http->log_uri);
1167 return 1;
1168 }
1169
1170 #endif
1171 return 0;
1172 }
1173
1174 /* Preconditions:
1175 * *http is a valid structure.
1176 * fd is either -1, or an open fd.
1177 *
1178 * TODO: enumify this
1179 *
1180 * This function is used by any http request sink, to determine the status
1181 * of the object.
1182 */
1183 clientStream_status_t
1184 clientReplyStatus(clientStreamNode * aNode, ClientHttpRequest * http)
1185 {
1186 clientReplyContext *context = dynamic_cast<clientReplyContext *>(aNode->data.getRaw());
1187 assert (context);
1188 assert (context->http == http);
1189 return context->replyStatus();
1190 }
1191
1192 clientStream_status_t
1193 clientReplyContext::replyStatus()
1194 {
1195 int done;
1196 /* Here because lower nodes don't need it */
1197
1198 if (http->storeEntry() == NULL) {
1199 debugs(88, 5, "clientReplyStatus: no storeEntry");
1200 return STREAM_FAILED; /* yuck, but what can we do? */
1201 }
1202
1203 if (EBIT_TEST(http->storeEntry()->flags, ENTRY_ABORTED)) {
1204 /* TODO: Could upstream read errors (result.flags.error) be
1205 * lost, and result in undersize requests being considered
1206 * complete. Should we tcp reset such connections ?
1207 */
1208 debugs(88, 5, "clientReplyStatus: aborted storeEntry");
1209 return STREAM_FAILED;
1210 }
1211
1212 if ((done = checkTransferDone()) != 0 || flags.complete) {
1213 debugs(88, 5, "clientReplyStatus: transfer is DONE: " << done << flags.complete);
1214 /* Ok we're finished, but how? */
1215
1216 const int64_t expectedBodySize =
1217 http->storeEntry()->getReply()->bodySize(http->request->method);
1218 if (!http->request->flags.proxyKeepalive && expectedBodySize < 0) {
1219 debugs(88, 5, "clientReplyStatus: closing, content_length < 0");
1220 return STREAM_FAILED;
1221 }
1222
1223 if (!done) {
1224 debugs(88, 5, "clientReplyStatus: closing, !done, but read 0 bytes");
1225 return STREAM_FAILED;
1226 }
1227
1228 if (expectedBodySize >= 0 && !http->gotEnough()) {
1229 debugs(88, 5, "clientReplyStatus: client didn't get all it expected");
1230 return STREAM_UNPLANNED_COMPLETE;
1231 }
1232
1233 debugs(88, 5, "clientReplyStatus: stream complete; keepalive=" <<
1234 http->request->flags.proxyKeepalive);
1235 return STREAM_COMPLETE;
1236 }
1237
1238 // XXX: Should this be checked earlier? We could return above w/o checking.
1239 if (reply->receivedBodyTooLarge(*http->request, http->out.offset - 4096)) {
1240 /* 4096 is a margin for the HTTP headers included in out.offset */
1241 debugs(88, 5, "clientReplyStatus: client reply body is too large");
1242 return STREAM_FAILED;
1243 }
1244
1245 return STREAM_NONE;
1246 }
1247
1248 /* Responses with no body will not have a content-type header,
1249 * which breaks the rep_mime_type acl, which
1250 * coincidentally, is the most common acl for reply access lists.
1251 * A better long term fix for this is to allow acl matchs on the various
1252 * status codes, and then supply a default ruleset that puts these
1253 * codes before any user defines access entries. That way the user
1254 * can choose to block these responses where appropriate, but won't get
1255 * mysterious breakages.
1256 */
1257 bool
1258 clientReplyContext::alwaysAllowResponse(Http::StatusCode sline) const
1259 {
1260 bool result;
1261
1262 switch (sline) {
1263
1264 case Http::scContinue:
1265
1266 case Http::scSwitchingProtocols:
1267
1268 case Http::scProcessing:
1269
1270 case Http::scNoContent:
1271
1272 case Http::scNotModified:
1273 result = true;
1274 break;
1275
1276 default:
1277 result = false;
1278 }
1279
1280 return result;
1281 }
1282
1283 /**
1284 * Generate the reply headers sent to client.
1285 *
1286 * Filters out unwanted entries and hop-by-hop from original reply header
1287 * then adds extra entries if we have more info than origin server
1288 * then adds Squid specific entries
1289 */
1290 void
1291 clientReplyContext::buildReplyHeader()
1292 {
1293 HttpHeader *hdr = &reply->header;
1294 int is_hit = logTypeIsATcpHit(http->logType);
1295 HttpRequest *request = http->request;
1296 #if DONT_FILTER_THESE
1297 /* but you might want to if you run Squid as an HTTP accelerator */
1298 /* hdr->delById(HDR_ACCEPT_RANGES); */
1299 hdr->delById(HDR_ETAG);
1300 #endif
1301
1302 if (is_hit)
1303 hdr->delById(HDR_SET_COOKIE);
1304 // TODO: RFC 2965 : Must honour Cache-Control: no-cache="set-cookie2" and remove header.
1305
1306 // if there is not configured a peer proxy with login=PASS or login=PASSTHRU option enabled
1307 // remove the Proxy-Authenticate header
1308 if ( !request->peer_login || (strcmp(request->peer_login,"PASS") != 0 && strcmp(request->peer_login,"PASSTHRU") != 0))
1309 reply->header.delById(HDR_PROXY_AUTHENTICATE);
1310
1311 reply->header.removeHopByHopEntries();
1312
1313 // if (request->range)
1314 // clientBuildRangeHeader(http, reply);
1315
1316 /*
1317 * Add a estimated Age header on cache hits.
1318 */
1319 if (is_hit) {
1320 /*
1321 * Remove any existing Age header sent by upstream caches
1322 * (note that the existing header is passed along unmodified
1323 * on cache misses)
1324 */
1325 hdr->delById(HDR_AGE);
1326 /*
1327 * This adds the calculated object age. Note that the details of the
1328 * age calculation is performed by adjusting the timestamp in
1329 * StoreEntry::timestampsSet(), not here.
1330 */
1331 if (EBIT_TEST(http->storeEntry()->flags, ENTRY_SPECIAL)) {
1332 hdr->delById(HDR_DATE);
1333 hdr->insertTime(HDR_DATE, squid_curtime);
1334 } else if (http->getConn() && http->getConn()->port->actAsOrigin) {
1335 // Swap the Date: header to current time if we are simulating an origin
1336 HttpHeaderEntry *h = hdr->findEntry(HDR_DATE);
1337 if (h)
1338 hdr->putExt("X-Origin-Date", h->value.termedBuf());
1339 hdr->delById(HDR_DATE);
1340 hdr->insertTime(HDR_DATE, squid_curtime);
1341 h = hdr->findEntry(HDR_EXPIRES);
1342 if (h && http->storeEntry()->expires >= 0) {
1343 hdr->putExt("X-Origin-Expires", h->value.termedBuf());
1344 hdr->delById(HDR_EXPIRES);
1345 hdr->insertTime(HDR_EXPIRES, squid_curtime + http->storeEntry()->expires - http->storeEntry()->timestamp);
1346 }
1347 if (http->storeEntry()->timestamp <= squid_curtime) {
1348 // put X-Cache-Age: instead of Age:
1349 char age[64];
1350 snprintf(age, sizeof(age), "%ld", (long int) squid_curtime - http->storeEntry()->timestamp);
1351 hdr->putExt("X-Cache-Age", age);
1352 }
1353 } else if (http->storeEntry()->timestamp <= squid_curtime) {
1354 hdr->putInt(HDR_AGE,
1355 squid_curtime - http->storeEntry()->timestamp);
1356 /* Signal old objects. NB: rfc 2616 is not clear,
1357 * by implication, on whether we should do this to all
1358 * responses, or only cache hits.
1359 * 14.46 states it ONLY applys for heuristically caclulated
1360 * freshness values, 13.2.4 doesn't specify the same limitation.
1361 * We interpret RFC 2616 under the combination.
1362 */
1363 /* TODO: if maxage or s-maxage is present, don't do this */
1364
1365 if (squid_curtime - http->storeEntry()->timestamp >= 86400) {
1366 char tbuf[512];
1367 snprintf (tbuf, sizeof(tbuf), "%s %s %s",
1368 "113", ThisCache,
1369 "This cache hit is still fresh and more than 1 day old");
1370 hdr->putStr(HDR_WARNING, tbuf);
1371 }
1372 }
1373 }
1374
1375 /* RFC 2616: Section 14.18
1376 *
1377 * Add a Date: header if missing.
1378 * We have access to a clock therefore are required to amend any shortcoming in servers.
1379 *
1380 * NP: done after Age: to prevent ENTRY_SPECIAL double-handling this header.
1381 */
1382 if ( !hdr->has(HDR_DATE) ) {
1383 if (!http->storeEntry())
1384 hdr->insertTime(HDR_DATE, squid_curtime);
1385 else if (http->storeEntry()->timestamp > 0)
1386 hdr->insertTime(HDR_DATE, http->storeEntry()->timestamp);
1387 else {
1388 debugs(88,DBG_IMPORTANT,"BUG 3279: HTTP reply without Date:");
1389 /* dump something useful about the problem */
1390 http->storeEntry()->dump(DBG_IMPORTANT);
1391 }
1392 }
1393
1394 // add Warnings required by RFC 2616 if serving a stale hit
1395 if (http->request->flags.staleIfHit && logTypeIsATcpHit(http->logType)) {
1396 hdr->putWarning(110, "Response is stale");
1397 if (http->request->flags.needValidation)
1398 hdr->putWarning(111, "Revalidation failed");
1399 }
1400
1401 /* Filter unproxyable authentication types */
1402 if (http->logType != LOG_TCP_DENIED &&
1403 hdr->has(HDR_WWW_AUTHENTICATE)) {
1404 HttpHeaderPos pos = HttpHeaderInitPos;
1405 HttpHeaderEntry *e;
1406
1407 int connection_auth_blocked = 0;
1408 while ((e = hdr->getEntry(&pos))) {
1409 if (e->id == HDR_WWW_AUTHENTICATE) {
1410 const char *value = e->value.rawBuf();
1411
1412 if ((strncasecmp(value, "NTLM", 4) == 0 &&
1413 (value[4] == '\0' || value[4] == ' '))
1414 ||
1415 (strncasecmp(value, "Negotiate", 9) == 0 &&
1416 (value[9] == '\0' || value[9] == ' '))
1417 ||
1418 (strncasecmp(value, "Kerberos", 8) == 0 &&
1419 (value[8] == '\0' || value[8] == ' '))) {
1420 if (request->flags.connectionAuthDisabled) {
1421 hdr->delAt(pos, connection_auth_blocked);
1422 continue;
1423 }
1424 request->flags.mustKeepalive = true;
1425 if (!request->flags.accelerated && !request->flags.intercepted) {
1426 httpHeaderPutStrf(hdr, HDR_PROXY_SUPPORT, "Session-Based-Authentication");
1427 /*
1428 We send "[Proxy-]Connection: Proxy-Support" header to mark
1429 Proxy-Support as a hop-by-hop header for intermediaries that do not
1430 understand the semantics of this header. The RFC should have included
1431 this recommendation.
1432 */
1433 httpHeaderPutStrf(hdr, HDR_CONNECTION, "Proxy-support");
1434 }
1435 break;
1436 }
1437 }
1438 }
1439
1440 if (connection_auth_blocked)
1441 hdr->refreshMask();
1442 }
1443
1444 #if USE_AUTH
1445 /* Handle authentication headers */
1446 if (http->logType == LOG_TCP_DENIED &&
1447 ( reply->sline.status() == Http::scProxyAuthenticationRequired ||
1448 reply->sline.status() == Http::scUnauthorized)
1449 ) {
1450 /* Add authentication header */
1451 /*! \todo alter errorstate to be accel on|off aware. The 0 on the next line
1452 * depends on authenticate behaviour: all schemes to date send no extra
1453 * data on 407/401 responses, and do not check the accel state on 401/407
1454 * responses
1455 */
1456 authenticateFixHeader(reply, request->auth_user_request, request, 0, 1);
1457 } else if (request->auth_user_request != NULL)
1458 authenticateFixHeader(reply, request->auth_user_request, request, http->flags.accel, 0);
1459 #endif
1460
1461 /* Append X-Cache */
1462 httpHeaderPutStrf(hdr, HDR_X_CACHE, "%s from %s",
1463 is_hit ? "HIT" : "MISS", getMyHostname());
1464
1465 #if USE_CACHE_DIGESTS
1466 /* Append X-Cache-Lookup: -- temporary hack, to be removed @?@ @?@ */
1467 httpHeaderPutStrf(hdr, HDR_X_CACHE_LOOKUP, "%s from %s:%d",
1468 lookup_type ? lookup_type : "NONE",
1469 getMyHostname(), getMyPort());
1470
1471 #endif
1472
1473 const bool maySendChunkedReply = !request->multipartRangeRequest() &&
1474 reply->sline.protocol == AnyP::PROTO_HTTP && // response is HTTP
1475 (request->http_ver >= Http::ProtocolVersion(1, 1));
1476
1477 /* Check whether we should send keep-alive */
1478 if (!Config.onoff.error_pconns && reply->sline.status() >= 400 && !request->flags.mustKeepalive) {
1479 debugs(33, 3, "clientBuildReplyHeader: Error, don't keep-alive");
1480 request->flags.proxyKeepalive = false;
1481 } else if (!Config.onoff.client_pconns && !request->flags.mustKeepalive) {
1482 debugs(33, 2, "clientBuildReplyHeader: Connection Keep-Alive not requested by admin or client");
1483 request->flags.proxyKeepalive = false;
1484 } else if (request->flags.proxyKeepalive && shutting_down) {
1485 debugs(88, 3, "clientBuildReplyHeader: Shutting down, don't keep-alive.");
1486 request->flags.proxyKeepalive = false;
1487 } else if (request->flags.connectionAuth && !reply->keep_alive) {
1488 debugs(33, 2, "clientBuildReplyHeader: Connection oriented auth but server side non-persistent");
1489 request->flags.proxyKeepalive = false;
1490 } else if (reply->bodySize(request->method) < 0 && !maySendChunkedReply) {
1491 debugs(88, 3, "clientBuildReplyHeader: can't keep-alive, unknown body size" );
1492 request->flags.proxyKeepalive = false;
1493 } else if (fdUsageHigh()&& !request->flags.mustKeepalive) {
1494 debugs(88, 3, "clientBuildReplyHeader: Not many unused FDs, can't keep-alive");
1495 request->flags.proxyKeepalive = false;
1496 } else if (request->flags.sslBumped && !reply->persistent()) {
1497 // We do not really have to close, but we pretend we are a tunnel.
1498 debugs(88, 3, "clientBuildReplyHeader: bumped reply forces close");
1499 request->flags.proxyKeepalive = false;
1500 } else if (request->pinnedConnection() && !reply->persistent()) {
1501 // The peer wants to close the pinned connection
1502 debugs(88, 3, "pinned reply forces close");
1503 request->flags.proxyKeepalive = false;
1504 }
1505
1506 // Decide if we send chunked reply
1507 if (maySendChunkedReply &&
1508 request->flags.proxyKeepalive &&
1509 reply->bodySize(request->method) < 0) {
1510 debugs(88, 3, "clientBuildReplyHeader: chunked reply");
1511 request->flags.chunkedReply = true;
1512 hdr->putStr(HDR_TRANSFER_ENCODING, "chunked");
1513 }
1514
1515 /* Append VIA */
1516 if (Config.onoff.via) {
1517 LOCAL_ARRAY(char, bbuf, MAX_URL + 32);
1518 String strVia;
1519 hdr->getList(HDR_VIA, &strVia);
1520 snprintf(bbuf, MAX_URL + 32, "%d.%d %s",
1521 reply->sline.version.major,
1522 reply->sline.version.minor,
1523 ThisCache);
1524 strListAdd(&strVia, bbuf, ',');
1525 hdr->delById(HDR_VIA);
1526 hdr->putStr(HDR_VIA, strVia.termedBuf());
1527 }
1528 /* Signal keep-alive or close explicitly */
1529 hdr->putStr(HDR_CONNECTION, request->flags.proxyKeepalive ? "keep-alive" : "close");
1530
1531 #if ADD_X_REQUEST_URI
1532 /*
1533 * Knowing the URI of the request is useful when debugging persistent
1534 * connections in a client; we cannot guarantee the order of http headers,
1535 * but X-Request-URI is likely to be the very last header to ease use from a
1536 * debugger [hdr->entries.count-1].
1537 */
1538 hdr->putStr(HDR_X_REQUEST_URI,
1539 http->memOjbect()->url ? http->memObject()->url : http->uri);
1540
1541 #endif
1542
1543 /* Surrogate-Control requires Surrogate-Capability from upstream to pass on */
1544 if ( hdr->has(HDR_SURROGATE_CONTROL) ) {
1545 if (!request->header.has(HDR_SURROGATE_CAPABILITY)) {
1546 hdr->delById(HDR_SURROGATE_CONTROL);
1547 }
1548 /* TODO: else case: drop any controls intended specifically for our surrogate ID */
1549 }
1550
1551 httpHdrMangleList(hdr, request, ROR_REPLY);
1552 }
1553
1554 void
1555 clientReplyContext::cloneReply()
1556 {
1557 assert(reply == NULL);
1558
1559 reply = http->storeEntry()->getReply()->clone();
1560 HTTPMSGLOCK(reply);
1561
1562 if (reply->sline.protocol == AnyP::PROTO_HTTP) {
1563 /* RFC 2616 requires us to advertise our 1.1 version (but only on real HTTP traffic) */
1564 reply->sline.version = Http::ProtocolVersion(1,1);
1565 }
1566
1567 /* do header conversions */
1568 buildReplyHeader();
1569 }
1570
1571 /// Safely disposes of an entry pointing to a cache hit that we do not want.
1572 /// We cannot just ignore the entry because it may be locking or otherwise
1573 /// holding an associated cache resource of some sort.
1574 void
1575 clientReplyContext::forgetHit()
1576 {
1577 StoreEntry *e = http->storeEntry();
1578 assert(e); // or we are not dealing with a hit
1579 // We probably have not locked the entry earlier, unfortunately. We lock it
1580 // now so that we can unlock two lines later (and trigger cleanup).
1581 // Ideally, ClientHttpRequest::storeEntry() should lock/unlock, but it is
1582 // used so inconsistently that simply adding locking there leads to bugs.
1583 e->lock("clientReplyContext::forgetHit");
1584 http->storeEntry(NULL);
1585 e->unlock("clientReplyContext::forgetHit"); // may delete e
1586 }
1587
1588 void
1589 clientReplyContext::identifyStoreObject()
1590 {
1591 HttpRequest *r = http->request;
1592
1593 if (r->flags.cachable || r->flags.internal) {
1594 lookingforstore = 5;
1595 StoreEntry::getPublicByRequest (this, r);
1596 } else {
1597 identifyFoundObject (NullStoreEntry::getInstance());
1598 }
1599 }
1600
1601 /**
1602 * Check state of the current StoreEntry object.
1603 * to see if we can determine the final status of the request.
1604 */
1605 void
1606 clientReplyContext::identifyFoundObject(StoreEntry *newEntry)
1607 {
1608 StoreEntry *e = newEntry;
1609 HttpRequest *r = http->request;
1610
1611 /** \li If the entry received isNull() then we ignore it. */
1612 if (e->isNull()) {
1613 http->storeEntry(NULL);
1614 } else {
1615 http->storeEntry(e);
1616 }
1617
1618 e = http->storeEntry();
1619
1620 /* Release IP-cache entries on reload */
1621 /** \li If the request has no-cache flag set or some no_cache HACK in operation we
1622 * 'invalidate' the cached IP entries for this request ???
1623 */
1624 if (r->flags.noCache || r->flags.noCacheHack())
1625 ipcacheInvalidateNegative(r->GetHost());
1626
1627 #if USE_CACHE_DIGESTS
1628 lookup_type = http->storeEntry() ? "HIT" : "MISS";
1629 #endif
1630
1631 if (NULL == http->storeEntry()) {
1632 /** \li If no StoreEntry object is current assume this object isn't in the cache set MISS*/
1633 debugs(85, 3, "StoreEntry is NULL - MISS");
1634 http->logType = LOG_TCP_MISS;
1635 doGetMoreData();
1636 return;
1637 }
1638
1639 if (Config.onoff.offline) {
1640 /** \li If we are running in offline mode set to HIT */
1641 debugs(85, 3, "offline HIT " << *e);
1642 http->logType = LOG_TCP_HIT;
1643 doGetMoreData();
1644 return;
1645 }
1646
1647 if (http->redirect.status) {
1648 /** \li If redirection status is True force this to be a MISS */
1649 debugs(85, 3, "REDIRECT status forced StoreEntry to NULL (no body on 3XX responses) " << *e);
1650 forgetHit();
1651 http->logType = LOG_TCP_REDIRECT;
1652 doGetMoreData();
1653 return;
1654 }
1655
1656 if (!e->validToSend()) {
1657 debugs(85, 3, "!storeEntryValidToSend MISS " << *e);
1658 forgetHit();
1659 http->logType = LOG_TCP_MISS;
1660 doGetMoreData();
1661 return;
1662 }
1663
1664 if (EBIT_TEST(e->flags, ENTRY_SPECIAL)) {
1665 /* \li Special entries are always hits, no matter what the client says */
1666 debugs(85, 3, "ENTRY_SPECIAL HIT " << *e);
1667 http->logType = LOG_TCP_HIT;
1668 doGetMoreData();
1669 return;
1670 }
1671
1672 if (r->flags.noCache) {
1673 debugs(85, 3, "no-cache REFRESH MISS " << *e);
1674 forgetHit();
1675 http->logType = LOG_TCP_CLIENT_REFRESH_MISS;
1676 doGetMoreData();
1677 return;
1678 }
1679
1680 debugs(85, 3, "default HIT " << *e);
1681 http->logType = LOG_TCP_HIT;
1682 doGetMoreData();
1683 }
1684
1685 /**
1686 * Request more data from the store for the client Stream
1687 * This is *the* entry point to this module.
1688 *
1689 * Preconditions:
1690 * - This is the head of the list.
1691 * - There is at least one more node.
1692 * - Data context is not null
1693 */
1694 void
1695 clientGetMoreData(clientStreamNode * aNode, ClientHttpRequest * http)
1696 {
1697 /* Test preconditions */
1698 assert(aNode != NULL);
1699 assert(cbdataReferenceValid(aNode));
1700 assert(aNode->node.prev == NULL);
1701 assert(aNode->node.next != NULL);
1702 clientReplyContext *context = dynamic_cast<clientReplyContext *>(aNode->data.getRaw());
1703 assert (context);
1704 assert(context->http == http);
1705
1706 clientStreamNode *next = ( clientStreamNode *)aNode->node.next->data;
1707
1708 if (!context->ourNode)
1709 context->ourNode = aNode;
1710
1711 /* no cbdatareference, this is only used once, and safely */
1712 if (context->flags.storelogiccomplete) {
1713 StoreIOBuffer tempBuffer;
1714 tempBuffer.offset = next->readBuffer.offset + context->headers_sz;
1715 tempBuffer.length = next->readBuffer.length;
1716 tempBuffer.data = next->readBuffer.data;
1717
1718 storeClientCopy(context->sc, http->storeEntry(),
1719 tempBuffer, clientReplyContext::SendMoreData, context);
1720 return;
1721 }
1722
1723 if (context->http->request->method == Http::METHOD_PURGE) {
1724 context->purgeRequest();
1725 return;
1726 }
1727
1728 // OPTIONS with Max-Forwards:0 handled in clientProcessRequest()
1729
1730 if (context->http->request->method == Http::METHOD_TRACE) {
1731 if (context->http->request->header.getInt64(HDR_MAX_FORWARDS) == 0) {
1732 context->traceReply(aNode);
1733 return;
1734 }
1735
1736 /* continue forwarding, not finished yet. */
1737 http->logType = LOG_TCP_MISS;
1738
1739 context->doGetMoreData();
1740 } else
1741 context->identifyStoreObject();
1742 }
1743
1744 void
1745 clientReplyContext::doGetMoreData()
1746 {
1747 /* We still have to do store logic processing - vary, cache hit etc */
1748 if (http->storeEntry() != NULL) {
1749 /* someone found the object in the cache for us */
1750 StoreIOBuffer localTempBuffer;
1751
1752 http->storeEntry()->lock("clientReplyContext::doGetMoreData");
1753
1754 MemObject *mem_obj = http->storeEntry()->makeMemObject();
1755 if (!mem_obj->hasUris()) {
1756 /*
1757 * This if-block exists because we don't want to clobber
1758 * a preexiting mem_obj->method value if the mem_obj
1759 * already exists. For example, when a HEAD request
1760 * is a cache hit for a GET response, we want to keep
1761 * the method as GET.
1762 */
1763 mem_obj->setUris(storeId(), http->log_uri, http->request->method);
1764 /**
1765 * Here we can see if the object was
1766 * created using URL or alternative StoreID from helper.
1767 */
1768 debugs(88, 3, "storeId: " << http->storeEntry()->mem_obj->storeId());
1769 }
1770
1771 sc = storeClientListAdd(http->storeEntry(), this);
1772 #if USE_DELAY_POOLS
1773 sc->setDelayId(DelayId::DelayClient(http));
1774 #endif
1775
1776 assert(http->logType == LOG_TCP_HIT);
1777 reqofs = 0;
1778 /* guarantee nothing has been sent yet! */
1779 assert(http->out.size == 0);
1780 assert(http->out.offset == 0);
1781
1782 if (Ip::Qos::TheConfig.isHitTosActive()) {
1783 Ip::Qos::doTosLocalHit(http->getConn()->clientConnection);
1784 }
1785
1786 if (Ip::Qos::TheConfig.isHitNfmarkActive()) {
1787 Ip::Qos::doNfmarkLocalHit(http->getConn()->clientConnection);
1788 }
1789
1790 localTempBuffer.offset = reqofs;
1791 localTempBuffer.length = getNextNode()->readBuffer.length;
1792 localTempBuffer.data = getNextNode()->readBuffer.data;
1793 storeClientCopy(sc, http->storeEntry(), localTempBuffer, CacheHit, this);
1794 } else {
1795 /* MISS CASE, http->logType is already set! */
1796 processMiss();
1797 }
1798 }
1799
1800 /** The next node has removed itself from the stream. */
1801 void
1802 clientReplyDetach(clientStreamNode * node, ClientHttpRequest * http)
1803 {
1804 /** detach from the stream */
1805 clientStreamDetach(node, http);
1806 }
1807
1808 /**
1809 * Accepts chunk of a http message in buf, parses prefix, filters headers and
1810 * such, writes processed message to the message recipient
1811 */
1812 void
1813 clientReplyContext::SendMoreData(void *data, StoreIOBuffer result)
1814 {
1815 clientReplyContext *context = static_cast<clientReplyContext *>(data);
1816 context->sendMoreData (result);
1817 }
1818
1819 void
1820 clientReplyContext::makeThisHead()
1821 {
1822 /* At least, I think thats what this does */
1823 dlinkDelete(&http->active, &ClientActiveRequests);
1824 dlinkAdd(http, &http->active, &ClientActiveRequests);
1825 }
1826
1827 bool
1828 clientReplyContext::errorInStream(StoreIOBuffer const &result, size_t const &sizeToProcess)const
1829 {
1830 return /* aborted request */
1831 (http->storeEntry() && EBIT_TEST(http->storeEntry()->flags, ENTRY_ABORTED)) ||
1832 /* Upstream read error */ (result.flags.error) ||
1833 /* Upstream EOF */ (sizeToProcess == 0);
1834 }
1835
1836 void
1837 clientReplyContext::sendStreamError(StoreIOBuffer const &result)
1838 {
1839 /** call clientWriteComplete so the client socket gets closed
1840 *
1841 * We call into the stream, because we don't know that there is a
1842 * client socket!
1843 */
1844 debugs(88, 5, "clientReplyContext::sendStreamError: A stream error has occured, marking as complete and sending no data.");
1845 StoreIOBuffer localTempBuffer;
1846 flags.complete = 1;
1847 http->request->flags.streamError = true;
1848 localTempBuffer.flags.error = result.flags.error;
1849 clientStreamCallback((clientStreamNode*)http->client_stream.head->data, http, NULL,
1850 localTempBuffer);
1851 }
1852
1853 void
1854 clientReplyContext::pushStreamData(StoreIOBuffer const &result, char *source)
1855 {
1856 StoreIOBuffer localTempBuffer;
1857
1858 if (result.length == 0) {
1859 debugs(88, 5, "clientReplyContext::pushStreamData: marking request as complete due to 0 length store result");
1860 flags.complete = 1;
1861 }
1862
1863 assert(result.offset - headers_sz == next()->readBuffer.offset);
1864 localTempBuffer.offset = result.offset - headers_sz;
1865 localTempBuffer.length = result.length;
1866
1867 if (localTempBuffer.length)
1868 localTempBuffer.data = source;
1869
1870 clientStreamCallback((clientStreamNode*)http->client_stream.head->data, http, NULL,
1871 localTempBuffer);
1872 }
1873
1874 clientStreamNode *
1875 clientReplyContext::next() const
1876 {
1877 assert ( (clientStreamNode*)http->client_stream.head->next->data == getNextNode());
1878 return getNextNode();
1879 }
1880
1881 void
1882 clientReplyContext::sendBodyTooLargeError()
1883 {
1884 Ip::Address tmp_noaddr;
1885 tmp_noaddr.setNoAddr(); // TODO: make a global const
1886 http->logType = LOG_TCP_DENIED_REPLY;
1887 ErrorState *err = clientBuildError(ERR_TOO_BIG, Http::scForbidden, NULL,
1888 http->getConn() != NULL ? http->getConn()->clientConnection->remote : tmp_noaddr,
1889 http->request);
1890 removeClientStoreReference(&(sc), http);
1891 HTTPMSGUNLOCK(reply);
1892 startError(err);
1893
1894 }
1895
1896 /// send 412 (Precondition Failed) to client
1897 void
1898 clientReplyContext::sendPreconditionFailedError()
1899 {
1900 http->logType = LOG_TCP_HIT;
1901 ErrorState *const err =
1902 clientBuildError(ERR_PRECONDITION_FAILED, Http::scPreconditionFailed,
1903 NULL, http->getConn()->clientConnection->remote, http->request);
1904 removeClientStoreReference(&sc, http);
1905 HTTPMSGUNLOCK(reply);
1906 startError(err);
1907 }
1908
1909 /// send 304 (Not Modified) to client
1910 void
1911 clientReplyContext::sendNotModified()
1912 {
1913 StoreEntry *e = http->storeEntry();
1914 const time_t timestamp = e->timestamp;
1915 HttpReply *const temprep = e->getReply()->make304();
1916 http->logType = LOG_TCP_IMS_HIT;
1917 removeClientStoreReference(&sc, http);
1918 createStoreEntry(http->request->method, RequestFlags());
1919 e = http->storeEntry();
1920 // Copy timestamp from the original entry so the 304
1921 // reply has a meaningful Age: header.
1922 e->timestampsSet();
1923 e->timestamp = timestamp;
1924 e->replaceHttpReply(temprep);
1925 e->complete();
1926 /*
1927 * TODO: why put this in the store and then serialise it and
1928 * then parse it again. Simply mark the request complete in
1929 * our context and write the reply struct to the client side.
1930 */
1931 triggerInitialStoreRead();
1932 }
1933
1934 /// send 304 (Not Modified) or 412 (Precondition Failed) to client
1935 /// depending on request method
1936 void
1937 clientReplyContext::sendNotModifiedOrPreconditionFailedError()
1938 {
1939 if (http->request->method == Http::METHOD_GET ||
1940 http->request->method == Http::METHOD_HEAD)
1941 sendNotModified();
1942 else
1943 sendPreconditionFailedError();
1944 }
1945
1946 void
1947 clientReplyContext::processReplyAccess ()
1948 {
1949 /* NP: this should probably soft-fail to a zero-sized-reply error ?? */
1950 assert(reply);
1951
1952 /** Don't block our own responses or HTTP status messages */
1953 if (http->logType == LOG_TCP_DENIED ||
1954 http->logType == LOG_TCP_DENIED_REPLY ||
1955 alwaysAllowResponse(reply->sline.status())) {
1956 headers_sz = reply->hdr_sz;
1957 processReplyAccessResult(ACCESS_ALLOWED);
1958 return;
1959 }
1960
1961 /** Check for reply to big error */
1962 if (reply->expectedBodyTooLarge(*http->request)) {
1963 sendBodyTooLargeError();
1964 return;
1965 }
1966
1967 headers_sz = reply->hdr_sz;
1968
1969 /** check for absent access controls (permit by default) */
1970 if (!Config.accessList.reply) {
1971 processReplyAccessResult(ACCESS_ALLOWED);
1972 return;
1973 }
1974
1975 /** Process http_reply_access lists */
1976 ACLFilledChecklist *replyChecklist =
1977 clientAclChecklistCreate(Config.accessList.reply, http);
1978 replyChecklist->reply = reply;
1979 HTTPMSGLOCK(replyChecklist->reply);
1980 replyChecklist->nonBlockingCheck(ProcessReplyAccessResult, this);
1981 }
1982
1983 void
1984 clientReplyContext::ProcessReplyAccessResult(allow_t rv, void *voidMe)
1985 {
1986 clientReplyContext *me = static_cast<clientReplyContext *>(voidMe);
1987 me->processReplyAccessResult(rv);
1988 }
1989
1990 void
1991 clientReplyContext::processReplyAccessResult(const allow_t &accessAllowed)
1992 {
1993 debugs(88, 2, "The reply for " << http->request->method
1994 << ' ' << http->uri << " is " << accessAllowed << ", because it matched "
1995 << (AclMatchedName ? AclMatchedName : "NO ACL's"));
1996
1997 if (accessAllowed != ACCESS_ALLOWED) {
1998 ErrorState *err;
1999 err_type page_id;
2000 page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName, 1);
2001
2002 http->logType = LOG_TCP_DENIED_REPLY;
2003
2004 if (page_id == ERR_NONE)
2005 page_id = ERR_ACCESS_DENIED;
2006
2007 Ip::Address tmp_noaddr;
2008 tmp_noaddr.setNoAddr();
2009 err = clientBuildError(page_id, Http::scForbidden, NULL,
2010 http->getConn() != NULL ? http->getConn()->clientConnection->remote : tmp_noaddr,
2011 http->request);
2012
2013 removeClientStoreReference(&sc, http);
2014
2015 HTTPMSGUNLOCK(reply);
2016
2017 startError(err);
2018
2019 return;
2020 }
2021
2022 /* Ok, the reply is allowed, */
2023 http->loggingEntry(http->storeEntry());
2024
2025 ssize_t body_size = reqofs - reply->hdr_sz;
2026 if (body_size < 0) {
2027 reqofs = reply->hdr_sz;
2028 body_size = 0;
2029 }
2030
2031 debugs(88, 3, "clientReplyContext::sendMoreData: Appending " <<
2032 (int) body_size << " bytes after " << reply->hdr_sz <<
2033 " bytes of headers");
2034
2035 #if USE_SQUID_ESI
2036
2037 if (http->flags.accel && reply->sline.status() != Http::scForbidden &&
2038 !alwaysAllowResponse(reply->sline.status()) &&
2039 esiEnableProcessing(reply)) {
2040 debugs(88, 2, "Enabling ESI processing for " << http->uri);
2041 clientStreamInsertHead(&http->client_stream, esiStreamRead,
2042 esiProcessStream, esiStreamDetach, esiStreamStatus, NULL);
2043 }
2044
2045 #endif
2046
2047 if (http->request->method == Http::METHOD_HEAD) {
2048 /* do not forward body for HEAD replies */
2049 body_size = 0;
2050 http->flags.done_copying = true;
2051 flags.complete = 1;
2052 }
2053
2054 assert (!flags.headersSent);
2055 flags.headersSent = true;
2056
2057 StoreIOBuffer localTempBuffer;
2058 char *buf = next()->readBuffer.data;
2059 char *body_buf = buf + reply->hdr_sz;
2060
2061 //Server side may disable ranges under some circumstances.
2062
2063 if ((!http->request->range))
2064 next()->readBuffer.offset = 0;
2065
2066 body_buf -= next()->readBuffer.offset;
2067
2068 if (next()->readBuffer.offset != 0) {
2069 if (next()->readBuffer.offset > body_size) {
2070 /* Can't use any of the body we received. send nothing */
2071 localTempBuffer.length = 0;
2072 localTempBuffer.data = NULL;
2073 } else {
2074 localTempBuffer.length = body_size - next()->readBuffer.offset;
2075 localTempBuffer.data = body_buf + next()->readBuffer.offset;
2076 }
2077 } else {
2078 localTempBuffer.length = body_size;
2079 localTempBuffer.data = body_buf;
2080 }
2081
2082 /* TODO??: move the data in the buffer back by the request header size */
2083 clientStreamCallback((clientStreamNode *)http->client_stream.head->data,
2084 http, reply, localTempBuffer);
2085
2086 return;
2087 }
2088
2089 void
2090 clientReplyContext::sendMoreData (StoreIOBuffer result)
2091 {
2092 if (deleting)
2093 return;
2094
2095 StoreEntry *entry = http->storeEntry();
2096
2097 ConnStateData * conn = http->getConn();
2098
2099 // too late, our conn is closing
2100 // TODO: should we also quit?
2101 if (conn == NULL) {
2102 debugs(33,3, "not sending more data to a closed connection" );
2103 return;
2104 }
2105 if (!conn->isOpen()) {
2106 debugs(33,3, "not sending more data to closing connection " << conn->clientConnection);
2107 return;
2108 }
2109 if (conn->pinning.zeroReply) {
2110 debugs(33,3, "not sending more data after a pinned zero reply " << conn->clientConnection);
2111 return;
2112 }
2113
2114 char *buf = next()->readBuffer.data;
2115
2116 if (buf != result.data) {
2117 /* we've got to copy some data */
2118 assert(result.length <= next()->readBuffer.length);
2119 memcpy(buf, result.data, result.length);
2120 }
2121
2122 if (reqofs==0 && !logTypeIsATcpHit(http->logType) && Comm::IsConnOpen(conn->clientConnection)) {
2123 if (Ip::Qos::TheConfig.isHitTosActive()) {
2124 Ip::Qos::doTosLocalMiss(conn->clientConnection, http->request->hier.code);
2125 }
2126 if (Ip::Qos::TheConfig.isHitNfmarkActive()) {
2127 Ip::Qos::doNfmarkLocalMiss(conn->clientConnection, http->request->hier.code);
2128 }
2129 }
2130
2131 /* We've got the final data to start pushing... */
2132 flags.storelogiccomplete = 1;
2133
2134 reqofs += result.length;
2135
2136 assert(reqofs <= HTTP_REQBUF_SZ || flags.headersSent);
2137
2138 assert(http->request != NULL);
2139
2140 /* ESI TODO: remove this assert once everything is stable */
2141 assert(http->client_stream.head->data
2142 && cbdataReferenceValid(http->client_stream.head->data));
2143
2144 makeThisHead();
2145
2146 debugs(88, 5, "clientReplyContext::sendMoreData: " << http->uri << ", " <<
2147 reqofs << " bytes (" << result.length <<
2148 " new bytes)");
2149 debugs(88, 5, "clientReplyContext::sendMoreData:"
2150 << conn->clientConnection <<
2151 " '" << entry->url() << "'" <<
2152 " out.offset=" << http->out.offset);
2153
2154 /* update size of the request */
2155 reqsize = reqofs;
2156
2157 if (errorInStream(result, reqofs)) {
2158 sendStreamError(result);
2159 return;
2160 }
2161
2162 if (flags.headersSent) {
2163 pushStreamData (result, buf);
2164 return;
2165 }
2166
2167 cloneReply();
2168
2169 /* handle headers */
2170
2171 if (Config.onoff.log_mime_hdrs) {
2172 size_t k;
2173
2174 if ((k = headersEnd(buf, reqofs))) {
2175 safe_free(http->al->headers.reply);
2176 http->al->headers.reply = (char *)xcalloc(k + 1, 1);
2177 xstrncpy(http->al->headers.reply, buf, k);
2178 }
2179 }
2180
2181 holdingBuffer = result;
2182 processReplyAccess();
2183 return;
2184 }
2185
2186 /* Using this breaks the client layering just a little!
2187 */
2188 void
2189 clientReplyContext::createStoreEntry(const HttpRequestMethod& m, RequestFlags reqFlags)
2190 {
2191 assert(http != NULL);
2192 /*
2193 * For erroneous requests, we might not have a h->request,
2194 * so make a fake one.
2195 */
2196
2197 if (http->request == NULL) {
2198 http->request = new HttpRequest(m, AnyP::PROTO_NONE, null_string);
2199 HTTPMSGLOCK(http->request);
2200 }
2201
2202 StoreEntry *e = storeCreateEntry(storeId(), http->log_uri, reqFlags, m);
2203
2204 // Make entry collapsable ASAP, to increase collapsing chances for others,
2205 // TODO: every must-revalidate and similar request MUST reach the origin,
2206 // but do we have to prohibit others from collapsing on that request?
2207 if (Config.onoff.collapsed_forwarding && reqFlags.cachable &&
2208 !reqFlags.needValidation &&
2209 (m == Http::METHOD_GET || m == Http::METHOD_HEAD)) {
2210 // make the entry available for future requests now
2211 Store::Root().allowCollapsing(e, reqFlags, m);
2212 }
2213
2214 sc = storeClientListAdd(e, this);
2215
2216 #if USE_DELAY_POOLS
2217 sc->setDelayId(DelayId::DelayClient(http));
2218 #endif
2219
2220 reqofs = 0;
2221
2222 reqsize = 0;
2223
2224 /* I don't think this is actually needed! -- adrian */
2225 /* http->reqbuf = http->norm_reqbuf; */
2226 // assert(http->reqbuf == http->norm_reqbuf);
2227 /* The next line is illegal because we don't know if the client stream
2228 * buffers have been set up
2229 */
2230 // storeClientCopy(http->sc, e, 0, HTTP_REQBUF_SZ, http->reqbuf,
2231 // SendMoreData, this);
2232 /* So, we mark the store logic as complete */
2233 flags.storelogiccomplete = 1;
2234
2235 /* and get the caller to request a read, from whereever they are */
2236 /* NOTE: after ANY data flows down the pipe, even one step,
2237 * this function CAN NOT be used to manage errors
2238 */
2239 http->storeEntry(e);
2240 }
2241
2242 ErrorState *
2243 clientBuildError(err_type page_id, Http::StatusCode status, char const *url,
2244 Ip::Address &src_addr, HttpRequest * request)
2245 {
2246 ErrorState *err = new ErrorState(page_id, status, request);
2247 err->src_addr = src_addr;
2248
2249 if (url)
2250 err->url = xstrdup(url);
2251
2252 return err;
2253 }
Mirror of https://github.com/squid-cache/squid.git