Send HTTP1.1 compliant 417 responses

Port of the 417 response handling and associated ignore_expect_100
from Squid 2.7.

diff --git a/doc/release-notes/release-3.1.sgml b/doc/release-notes/release-3.1.sgml
index 4466bc658ac8b93e992e9eba4a12d00944f1cc51..d2fb8ad7002bd8f2ac68ddbfdad2837ba7125713 100644 (file)
--- a/doc/release-notes/release-3.1.sgml
+++ b/doc/release-notes/release-3.1.sgml
@@ -767,6 +767,10 @@ logformat icap_squid %ts.%03tu %6icap::tr %>a %icap::to/%03icap::Hs %icap::<size
        count against this limit.
        </verb>
 
+       <tag>ignore_expect_100</tag>
+       <p>Ported from 2.7. Requires --enable-http-violations
+       Prevents 417 errors being sent to broken HTTP/1.1 non-compliant clients.
+
        <tag>include</tag>
        <p>New option to import entire secondary configuration files into squid.conf.
        <verb>
@@ -1589,9 +1593,6 @@ This section gives an account of those changes in three categories:
        <p><em>http11</em> not yet ported from 2.7
        <p><em>urlgroup=</em> not yet ported from 2.6
 
-       <tag>ignore_expect_100</tag>
-       <p>Not yet ported from 2.7
-
        <tag>ignore_ims_on_miss</tag>
        <p>Not yet ported from 2.7
 

diff --git a/doc/release-notes/release-3.2.sgml b/doc/release-notes/release-3.2.sgml
index 508639a0ea2ab3984fbb4e82a650407d4b74c7ea..7dbe2dc11b46a0beab5b0028b35363e114629096 100644 (file)
--- a/doc/release-notes/release-3.2.sgml
+++ b/doc/release-notes/release-3.2.sgml
@@ -460,9 +460,6 @@ This section gives an account of those changes in three categories:
        <p><em>http11</em> not yet ported from 2.7
        <p><em>urlgroup=</em> not yet ported from 2.6
 
-       <tag>ignore_expect_100</tag>
-       <p>Not yet ported from 2.7
-
        <tag>ignore_ims_on_miss</tag>
        <p>Not yet ported from 2.7
 

diff --git a/errors/templates/ERR_INVALID_REQ b/errors/templates/ERR_INVALID_REQ
index de1de83e41b50f14f04817d398a77ee96806c573..287876dd0136ef2f8b3175f76c09e1b9e2cd1030 100644 (file)
--- a/errors/templates/ERR_INVALID_REQ
+++ b/errors/templates/ERR_INVALID_REQ
@@ -31,6 +31,7 @@ body
 <li><p>Request is too large.</p></li>
 <li><p>Content-Length missing for POST or PUT requests.</p></li>
 <li><p>Illegal character in hostname; underscores are not allowed.</p></li>
+<li><p>HTTP/1.1 Expect: feature is being asked from an HTTP/1.0 software.</p></li>
 </ul>
 
 <p>Your cache administrator is <a href="mailto:%w%W">%w</a>.</p>

diff --git a/src/HttpHeader.cc b/src/HttpHeader.cc
index 3d14125fb878ca8ff3ffb54886adff63932bb1f0..fdfefb52fcc35e6f08e597ad4775aaf413647354 100644 (file)
--- a/src/HttpHeader.cc
+++ b/src/HttpHeader.cc
@@ -95,6 +95,7 @@ static const HttpHeaderFieldAttrs HeadersAttrs[] = {
     {"Date", HDR_DATE, ftDate_1123},
     {"ETag", HDR_ETAG, ftETag},
     {"Expires", HDR_EXPIRES, ftDate_1123},
+    {"Expect", HDR_EXPECT, ftStr},
     {"From", HDR_FROM, ftStr},
     {"Host", HDR_HOST, ftStr},
     {"If-Match", HDR_IF_MATCH, ftStr}, /* for now */
@@ -174,6 +175,7 @@ static http_hdr_type ListHeadersArr[] = {
     HDR_CONTENT_ENCODING,
     HDR_CONTENT_LANGUAGE,
     HDR_CONNECTION,
+    HDR_EXPECT,
     HDR_IF_MATCH, HDR_IF_NONE_MATCH,
     HDR_LINK, HDR_PRAGMA,
     HDR_PROXY_CONNECTION,
@@ -186,7 +188,7 @@ static http_hdr_type ListHeadersArr[] = {
     HDR_WWW_AUTHENTICATE,
     HDR_AUTHENTICATION_INFO,
     HDR_PROXY_AUTHENTICATION_INFO,
-    /* HDR_EXPECT, HDR_TE, HDR_TRAILER */
+    /* HDR_TE, HDR_TRAILER */
 #if X_ACCELERATOR_VARY
     HDR_X_ACCELERATOR_VARY,
 #endif

diff --git a/src/HttpHeader.h b/src/HttpHeader.h
index e04298895c519a41ab31c82373d1939098996d7a..c9e3e9696b4ce1d84c12cafc67ebc9622e27ac67 100644 (file)
--- a/src/HttpHeader.h
+++ b/src/HttpHeader.h
@@ -76,6 +76,7 @@ typedef enum {
     HDR_DATE,
     HDR_ETAG,
     HDR_EXPIRES,
+    HDR_EXPECT,
     HDR_FROM,
     HDR_HOST,
     HDR_IF_MATCH,

diff --git a/src/cf.data.pre b/src/cf.data.pre
index b399474cd204f92d95afe8a145c83413f5b93342..4b71076944d6c96332d3a33157f6063d9ceabf5a 100644 (file)
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -3973,6 +3973,21 @@ DOC_START
        or response to be rejected.
 DOC_END
 
+NAME: ignore_expect_100
+COMMENT: on|off
+IFDEF: HTTP_VIOLATIONS
+TYPE: onoff
+LOC: Config.onoff.ignore_expect_100
+DEFAULT: off
+DOC_START
+       This option makes Squid ignore any Expect: 100-continue header present
+       in the request. RFC 2616 requires that Squid being unable to satisfy
+       the response expectation MUST return a 417 error.
+
+       Note: Enabling this is a HTTP protocol violation, but some clients may
+       not handle it well..
+DOC_END
+
 COMMENT_START
  TIMEOUTS
  -----------------------------------------------------------------------------

diff --git a/src/client_side.cc b/src/client_side.cc
index 47d5b50600bbd9227bf77fbb8c08348d545f1596..ab9d4e3fb4317782c3d80c29592463673662a5e4 100644 (file)
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -2497,6 +2497,25 @@ clientProcessRequest(ConnStateData *conn, HttpParser *hp, ClientSocketContext *c
         goto finish;
     }
 
+    if (request->header.has(HDR_EXPECT)) {
+        int ignore = 0;
+        if (Config.onoff.ignore_expect_100) {
+            String expect = request->header.getList(HDR_EXPECT);
+            if (expect.caseCmp("100-continue") == 0)
+                ignore = 1;
+            expect.clean();
+        }
+        if (!ignore) {
+            clientStreamNode *node = context->getClientReplyContext();
+            clientReplyContext *repContext = dynamic_cast<clientReplyContext *>(node->data.getRaw());
+            assert (repContext);
+            repContext->setReplyToError(ERR_INVALID_REQ, HTTP_EXPECTATION_FAILED, request->method, http->uri, conn->peer, request, NULL, NULL);
+            assert(context->http->out.offset == 0);
+            context->pullData();
+            goto finish;
+        }
+    }
+
     http->request = HTTPMSGLOCK(request);
     clientSetKeepaliveFlag(http);
 

diff --git a/src/structs.h b/src/structs.h
index 3cd5c5fef4792f244e47ac75c5d0d4388eac0059..25c87fad81c2113b133503286240c65d0642822b 100644 (file)
--- a/src/structs.h
+++ b/src/structs.h
@@ -403,6 +403,7 @@ struct SquidConfig {
 #if HTTP_VIOLATIONS
 
         int reload_into_ims;
+        int ignore_expect_100;
 #endif
 
         int offline;