From: hno <>
Date: Tue, 2 Apr 2002 18:38:02 +0000 (+0000)
Subject: New deny_info capabilities to redirect to another server
X-Git-Tag: SQUID_3_0_PRE1~1134
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=76cdc28d68e85e0f707ff848fd2447d03fe8b668;p=thirdparty%2Fsquid.git

New deny_info capabilities to redirect to another server

  deny_info http://www.example.com/ acl1 acl2 ...
  deny_info TCP_RESET acl3 acl4 ...
---

diff --git a/src/cf.data.pre b/src/cf.data.pre
index b2fc4ee951..c39d7918a0 100644
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -1,6 +1,6 @@
 
 #
-# $Id: cf.data.pre,v 1.250 2002/02/25 03:11:04 adrian Exp $
+# $Id: cf.data.pre,v 1.251 2002/04/02 11:38:02 hno Exp $
 #
 #
 # SQUID Web Proxy Cache          http://www.squid-cache.org/
@@ -2526,6 +2526,7 @@ LOC: Config.denyInfoList
 DEFAULT: none
 DOC_START
 	Usage:   deny_info err_page_name acl
+	or       deny_info http://... acl
 	Example: deny_info ERR_CUSTOM_ACCESS_DENIED bad_guys
 
 	This can be used to return a ERR_ page for requests which
@@ -2535,6 +2536,13 @@ DOC_START
 
 	You may use ERR_ pages that come with Squid or create your own pages
 	and put them into the configured errors/ directory.
+
+	Alternatively you can specify an error URL. The browsers will then
+	get redirected (302) to the specified URL. %s in the redirection
+	URL will be replaced by the requested URL.
+
+	Alternatively you can tell Squid to reset the TCP connection
+	by specifying TCP_RESET.
 DOC_END
 
 NAME: memory_pools
diff --git a/src/enums.h b/src/enums.h
index 1bf29fafe5..640e952811 100644
--- a/src/enums.h
+++ b/src/enums.h
@@ -1,6 +1,6 @@
 
 /*
- * $Id: enums.h,v 1.205 2002/02/26 15:48:14 adrian Exp $
+ * $Id: enums.h,v 1.206 2002/04/02 11:38:03 hno Exp $
  *
  *
  * SQUID Web Proxy Cache          http://www.squid-cache.org/
@@ -92,6 +92,7 @@ typedef enum {
     ERR_FTP_UNAVAILABLE,
     ERR_ONLY_IF_CACHED_MISS,	/* failure to satisfy only-if-cached request */
     ERR_TOO_BIG,
+    TCP_RESET,
     ERR_MAX
 } err_type;
 
@@ -724,12 +725,12 @@ enum {
  * Store digest state enum
  */
 typedef enum {
-	DIGEST_READ_NONE,
-	DIGEST_READ_REPLY,
-	DIGEST_READ_HEADERS,
-	DIGEST_READ_CBLOCK,
-	DIGEST_READ_MASK,
-	DIGEST_READ_DONE
+    DIGEST_READ_NONE,
+    DIGEST_READ_REPLY,
+    DIGEST_READ_HEADERS,
+    DIGEST_READ_CBLOCK,
+    DIGEST_READ_MASK,
+    DIGEST_READ_DONE
 } digest_read_state_t;
 
 /* CygWin & Windows NT Port */
diff --git a/src/errorpage.cc b/src/errorpage.cc
index 757f43ab2c..69ca4266e1 100644
--- a/src/errorpage.cc
+++ b/src/errorpage.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: errorpage.cc,v 1.169 2002/04/01 06:02:15 wessels Exp $
+ * $Id: errorpage.cc,v 1.170 2002/04/02 11:38:03 hno Exp $
  *
  * DEBUG: section 4     Error Generation
  * AUTHOR: Duane Wessels
@@ -67,6 +67,10 @@ static const struct {
 	    "<hr noshade size=1>\n"
 	    "Generated %T by %h (%s)\n"
 	    "</BODY></HTML>\n"
+    },
+    {
+	TCP_RESET,
+	    "reset"
     }
 };
 
@@ -115,9 +119,11 @@ errorInitialize(void)
 	    /* dynamic */
 	    ErrorDynamicPageInfo *info = ErrorDynamicPages.items[i - ERR_MAX];
 	    assert(info && info->id == i && info->page_name);
-	    error_text[i] = errorLoadText(info->page_name);
+	    if (strchr(info->page_name, ':') == NULL) {
+		/* Not on redirected errors... */
+		error_text[i] = errorLoadText(info->page_name);
+	    }
 	}
-	assert(error_text[i]);
     }
 }
 
@@ -206,13 +212,32 @@ errorDynamicPageInfoDestroy(ErrorDynamicPageInfo * info)
     xfree(info);
 }
 
+static int
+errorPageId(const char *page_name)
+{
+    int i;
+    for (i = 0; i < ERR_MAX; i++) {
+	if (strcmp(err_type_str[i], page_name) == 0)
+	    return i;
+    }
+    for (i = 0; i < ErrorDynamicPages.count; i++) {
+	if (strcmp(((ErrorDynamicPageInfo *) ErrorDynamicPages.items[i - ERR_MAX])->page_name, page_name) == 0)
+	    return i + ERR_MAX;
+    }
+    return ERR_NONE;
+}
+
 int
 errorReservePageId(const char *page_name)
 {
-    ErrorDynamicPageInfo *info =
-    errorDynamicPageInfoCreate(ERR_MAX + ErrorDynamicPages.count, page_name);
-    stackPush(&ErrorDynamicPages, info);
-    return info->id;
+    ErrorDynamicPageInfo *info;
+    int id = errorPageId(page_name);
+    if (id == ERR_NONE) {
+	info = errorDynamicPageInfoCreate(ERR_MAX + ErrorDynamicPages.count, page_name);
+	stackPush(&ErrorDynamicPages, info);
+	id = info->id;
+    }
+    return id;
 }
 
 static const char *
@@ -274,9 +299,9 @@ errorAppendEntry(StoreEntry * entry, ErrorState * err)
 	errorStateFree(err);
 	return;
     }
-    if (0 == strncmp(error_text[err->page_id], "reset", 5)) {
+    if (err->page_id == TCP_RESET) {
 	if (err->request) {
-	    debug(0, 0) ("RSTing this reply\n");
+	    debug(4, 2) ("RSTing this reply\n");
 	    err->request->flags.reset_tcp = 1;
 	}
     }
@@ -408,7 +433,7 @@ errorStateFree(ErrorState * err)
  * t - local time                               x
  * T - UTC                                      x
  * U - URL without password                     x
- * u - URL without password, %2f added to path  x
+ * u - URL with password                        x
  * w - cachemgr email address                   x
  * z - dns server error message                 x
  */
@@ -540,6 +565,9 @@ errorConvert(char token, ErrorState * err)
     case 'U':
 	p = r ? urlCanonicalClean(r) : err->url ? err->url : "[no URL]";
 	break;
+    case 'u':
+	p = r ? urlCanonical(r) : err->url ? err->url : "[no URL]";
+	break;
     case 'w':
 	if (Config.adminEmail)
 	    memBufPrintf(&mb, "%s", Config.adminEmail);
@@ -573,23 +601,32 @@ HttpReply *
 errorBuildReply(ErrorState * err)
 {
     HttpReply *rep = httpReplyCreate();
-    MemBuf content = errorBuildContent(err);
+    const char *name = errorPageName(err->page_id);
     http_version_t version;
     /* no LMT for error pages; error pages expire immediately */
     httpBuildVersion(&version, 1, 0);
-    httpReplySetHeaders(rep, version, err->http_status, NULL, "text/html", content.size, 0, squid_curtime);
-    /*
-     * include some information for downstream caches. Implicit
-     * replaceable content. This isn't quite sufficient. xerrno is not
-     * necessarily meaningful to another system, so we really should
-     * expand it. Additionally, we should identify ourselves. Someone
-     * might want to know. Someone _will_ want to know OTOH, the first
-     * X-CACHE-MISS entry should tell us who.
-     */
-    httpHeaderPutStrf(&rep->header, HDR_X_SQUID_ERROR, "%s %d",
-	errorPageName(err->page_id), err->xerrno);
-    httpBodySet(&rep->body, &content);
-    /* do not memBufClean() the content, it was absorbed by httpBody */
+    if (strchr(name, ':')) {
+	/* Redirection */
+	char *quoted_url = rfc1738_escape_part(errorConvert('u', err));
+	httpReplySetHeaders(rep, version, HTTP_MOVED_TEMPORARILY, NULL, "text/html", 0, 0, squid_curtime);
+	httpHeaderPutStrf(&rep->header, HDR_LOCATION, name, quoted_url);
+	httpHeaderPutStrf(&rep->header, HDR_X_SQUID_ERROR, "%d %s\n", err->http_status, "Access Denied");
+    } else {
+	MemBuf content = errorBuildContent(err);
+	httpReplySetHeaders(rep, version, err->http_status, NULL, "text/html", content.size, 0, squid_curtime);
+	/*
+	 * include some information for downstream caches. Implicit
+	 * replaceable content. This isn't quite sufficient. xerrno is not
+	 * necessarily meaningful to another system, so we really should
+	 * expand it. Additionally, we should identify ourselves. Someone
+	 * might want to know. Someone _will_ want to know OTOH, the first
+	 * X-CACHE-MISS entry should tell us who.
+	 */
+	httpHeaderPutStrf(&rep->header, HDR_X_SQUID_ERROR, "%s %d",
+	    name, err->xerrno);
+	httpBodySet(&rep->body, &content);
+	/* do not memBufClean() the content, it was absorbed by httpBody */
+    }
     return rep;
 }