New deny_info capabilities to redirect to another server

  deny_info http://www.example.com/ acl1 acl2 ...
  deny_info TCP_RESET acl3 acl4 ...

diff --git a/src/cf.data.pre b/src/cf.data.pre
index b2fc4ee9517b79ca12b3118b659cad852d84a0ba..c39d7918a03da37acbd6cad8f2a626f2b14e2769 100644 (file)
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -1,6 +1,6 @@
 
 #
-# $Id: cf.data.pre,v 1.250 2002/02/25 03:11:04 adrian Exp $
+# $Id: cf.data.pre,v 1.251 2002/04/02 11:38:02 hno Exp $
 #
 #
 # SQUID Web Proxy Cache          http://www.squid-cache.org/
@@ -2526,6 +2526,7 @@ LOC: Config.denyInfoList
 DEFAULT: none
 DOC_START
        Usage:   deny_info err_page_name acl
+       or       deny_info http://... acl
        Example: deny_info ERR_CUSTOM_ACCESS_DENIED bad_guys
 
        This can be used to return a ERR_ page for requests which
@@ -2535,6 +2536,13 @@ DOC_START
 
        You may use ERR_ pages that come with Squid or create your own pages
        and put them into the configured errors/ directory.
+
+       Alternatively you can specify an error URL. The browsers will then
+       get redirected (302) to the specified URL. %s in the redirection
+       URL will be replaced by the requested URL.
+
+       Alternatively you can tell Squid to reset the TCP connection
+       by specifying TCP_RESET.
 DOC_END
 
 NAME: memory_pools

diff --git a/src/enums.h b/src/enums.h
index 1bf29fafe51d732ca2e7ca8612a3c97e023719dc..640e9528110f1519f518ab6cd02497c07e53f5b8 100644 (file)
--- a/src/enums.h
+++ b/src/enums.h
@@ -1,6 +1,6 @@
 
 /*
- * $Id: enums.h,v 1.205 2002/02/26 15:48:14 adrian Exp $
+ * $Id: enums.h,v 1.206 2002/04/02 11:38:03 hno Exp $
  *
  *
  * SQUID Web Proxy Cache          http://www.squid-cache.org/
@@ -92,6 +92,7 @@ typedef enum {
     ERR_FTP_UNAVAILABLE,
     ERR_ONLY_IF_CACHED_MISS,   /* failure to satisfy only-if-cached request */
     ERR_TOO_BIG,
+    TCP_RESET,
     ERR_MAX
 } err_type;
 
@@ -724,12 +725,12 @@ enum {
  * Store digest state enum
  */
 typedef enum {
-       DIGEST_READ_NONE,
-       DIGEST_READ_REPLY,
-       DIGEST_READ_HEADERS,
-       DIGEST_READ_CBLOCK,
-       DIGEST_READ_MASK,
-       DIGEST_READ_DONE
+    DIGEST_READ_NONE,
+    DIGEST_READ_REPLY,
+    DIGEST_READ_HEADERS,
+    DIGEST_READ_CBLOCK,
+    DIGEST_READ_MASK,
+    DIGEST_READ_DONE
 } digest_read_state_t;
 
 /* CygWin & Windows NT Port */

diff --git a/src/errorpage.cc b/src/errorpage.cc
index 757f43ab2ccb92879c967878611aa98349af3203..69ca4266e10e4a2e5d3ab263037ebd6d5ae37236 100644 (file)
--- a/src/errorpage.cc
+++ b/src/errorpage.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: errorpage.cc,v 1.169 2002/04/01 06:02:15 wessels Exp $
+ * $Id: errorpage.cc,v 1.170 2002/04/02 11:38:03 hno Exp $
  *
  * DEBUG: section 4     Error Generation
  * AUTHOR: Duane Wessels
@@ -67,6 +67,10 @@ static const struct {
            "<hr noshade size=1>\n"
            "Generated %T by %h (%s)\n"
            "</BODY></HTML>\n"
+    },
+    {
+       TCP_RESET,
+           "reset"
     }
 };
 
@@ -115,9 +119,11 @@ errorInitialize(void)
            /* dynamic */
            ErrorDynamicPageInfo *info = ErrorDynamicPages.items[i - ERR_MAX];
            assert(info && info->id == i && info->page_name);
-           error_text[i] = errorLoadText(info->page_name);
+           if (strchr(info->page_name, ':') == NULL) {
+               /* Not on redirected errors... */
+               error_text[i] = errorLoadText(info->page_name);
+           }
        }
-       assert(error_text[i]);
     }
 }
 
@@ -206,13 +212,32 @@ errorDynamicPageInfoDestroy(ErrorDynamicPageInfo * info)
     xfree(info);
 }
 
+static int
+errorPageId(const char *page_name)
+{
+    int i;
+    for (i = 0; i < ERR_MAX; i++) {
+       if (strcmp(err_type_str[i], page_name) == 0)
+           return i;
+    }
+    for (i = 0; i < ErrorDynamicPages.count; i++) {
+       if (strcmp(((ErrorDynamicPageInfo *) ErrorDynamicPages.items[i - ERR_MAX])->page_name, page_name) == 0)
+           return i + ERR_MAX;
+    }
+    return ERR_NONE;
+}
+
 int
 errorReservePageId(const char *page_name)
 {
-    ErrorDynamicPageInfo *info =
-    errorDynamicPageInfoCreate(ERR_MAX + ErrorDynamicPages.count, page_name);
-    stackPush(&ErrorDynamicPages, info);
-    return info->id;
+    ErrorDynamicPageInfo *info;
+    int id = errorPageId(page_name);
+    if (id == ERR_NONE) {
+       info = errorDynamicPageInfoCreate(ERR_MAX + ErrorDynamicPages.count, page_name);
+       stackPush(&ErrorDynamicPages, info);
+       id = info->id;
+    }
+    return id;
 }
 
 static const char *
@@ -274,9 +299,9 @@ errorAppendEntry(StoreEntry * entry, ErrorState * err)
        errorStateFree(err);
        return;
     }
-    if (0 == strncmp(error_text[err->page_id], "reset", 5)) {
+    if (err->page_id == TCP_RESET) {
        if (err->request) {
-           debug(0, 0) ("RSTing this reply\n");
+           debug(4, 2) ("RSTing this reply\n");
            err->request->flags.reset_tcp = 1;
        }
     }
@@ -408,7 +433,7 @@ errorStateFree(ErrorState * err)
  * t - local time                               x
  * T - UTC                                      x
  * U - URL without password                     x
- * u - URL without password, %2f added to path  x
+ * u - URL with password                        x
  * w - cachemgr email address                   x
  * z - dns server error message                 x
  */
@@ -540,6 +565,9 @@ errorConvert(char token, ErrorState * err)
     case 'U':
        p = r ? urlCanonicalClean(r) : err->url ? err->url : "[no URL]";
        break;
+    case 'u':
+       p = r ? urlCanonical(r) : err->url ? err->url : "[no URL]";
+       break;
     case 'w':
        if (Config.adminEmail)
            memBufPrintf(&mb, "%s", Config.adminEmail);
@@ -573,23 +601,32 @@ HttpReply *
 errorBuildReply(ErrorState * err)
 {
     HttpReply *rep = httpReplyCreate();
-    MemBuf content = errorBuildContent(err);
+    const char *name = errorPageName(err->page_id);
     http_version_t version;
     /* no LMT for error pages; error pages expire immediately */
     httpBuildVersion(&version, 1, 0);
-    httpReplySetHeaders(rep, version, err->http_status, NULL, "text/html", content.size, 0, squid_curtime);
-    /*
-     * include some information for downstream caches. Implicit
-     * replaceable content. This isn't quite sufficient. xerrno is not
-     * necessarily meaningful to another system, so we really should
-     * expand it. Additionally, we should identify ourselves. Someone
-     * might want to know. Someone _will_ want to know OTOH, the first
-     * X-CACHE-MISS entry should tell us who.
-     */
-    httpHeaderPutStrf(&rep->header, HDR_X_SQUID_ERROR, "%s %d",
-       errorPageName(err->page_id), err->xerrno);
-    httpBodySet(&rep->body, &content);
-    /* do not memBufClean() the content, it was absorbed by httpBody */
+    if (strchr(name, ':')) {
+       /* Redirection */
+       char *quoted_url = rfc1738_escape_part(errorConvert('u', err));
+       httpReplySetHeaders(rep, version, HTTP_MOVED_TEMPORARILY, NULL, "text/html", 0, 0, squid_curtime);
+       httpHeaderPutStrf(&rep->header, HDR_LOCATION, name, quoted_url);
+       httpHeaderPutStrf(&rep->header, HDR_X_SQUID_ERROR, "%d %s\n", err->http_status, "Access Denied");
+    } else {
+       MemBuf content = errorBuildContent(err);
+       httpReplySetHeaders(rep, version, err->http_status, NULL, "text/html", content.size, 0, squid_curtime);
+       /*
+        * include some information for downstream caches. Implicit
+        * replaceable content. This isn't quite sufficient. xerrno is not
+        * necessarily meaningful to another system, so we really should
+        * expand it. Additionally, we should identify ourselves. Someone
+        * might want to know. Someone _will_ want to know OTOH, the first
+        * X-CACHE-MISS entry should tell us who.
+        */
+       httpHeaderPutStrf(&rep->header, HDR_X_SQUID_ERROR, "%s %d",
+           name, err->xerrno);
+       httpBodySet(&rep->body, &content);
+       /* do not memBufClean() the content, it was absorbed by httpBody */
+    }
     return rep;
 }