From: Amos Jeffries Date: Fri, 17 Apr 2009 09:55:48 +0000 (+1200) Subject: Bug 2536: %H in error page ERR_DNS_FAIL is not filled on HTTPS X-Git-Tag: SQUID_3_2_0_1~1060 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b3802bdcc45078b1f53cb8d5d63d78c70a6ff8c2;p=thirdparty%2Fsquid.git Bug 2536: %H in error page ERR_DNS_FAIL is not filled on HTTPS --- diff --git a/src/errorpage.cc b/src/errorpage.cc index 02d41d7462..f1cb105b44 100644 --- a/src/errorpage.cc +++ b/src/errorpage.cc @@ -469,7 +469,7 @@ errorSend(int fd, ErrorState * err) * to the client socket. * \note If there is a callback, the callback is responsible for - * closeing the FD, otherwise we do it ourseves. + * closing the FD, otherwise we do it ourselves. */ static void errorSendComplete(int fd, char *bufnotused, size_t size, comm_err_t errflag, int xerrno, void *data) @@ -546,7 +546,7 @@ ErrorState::Dump(MemBuf * mb) /* - IP stuff */ str.Printf("ClientIP: %s\r\n", src_addr.NtoA(ntoabuf,MAX_IPSTRLEN)); - if (request && request->hier.host) { + if (request && request->hier.host[0] != '\0') { str.Printf("ServerIP: %s\r\n", request->hier.host); } @@ -668,12 +668,11 @@ ErrorState::Convert(char token) case 'h': mb.Printf("%s", getMyHostname()); - break; case 'H': if (request) { - if (request->hier.host) + if (request->hier.host[0] != '\0') // if non-empty string. p = request->hier.host; else p = request->GetHost(); @@ -688,9 +687,9 @@ ErrorState::Convert(char token) break; case 'I': - if (request && request->hier.host) { + if (request && request->hier.host[0] != '\0') // if non-empty string mb.Printf("%s", request->hier.host); - } else + else p = "[unknown]"; break; @@ -795,7 +794,9 @@ ErrorState::Convert(char token) break; case 'U': - p = request ? urlCanonicalClean(request) : url ? url : "[no URL]"; + /* Using the fake-https version of canonical so error pages see https:// */ + /* even when the url-path cannot be shown as more than '*' */ + p = request ? urlCanonicalFakeHttps(request) : url ? url : "[no URL]"; break; case 'u': diff --git a/src/protos.h b/src/protos.h index eb906c5eef..90fa2ea355 100644 --- a/src/protos.h +++ b/src/protos.h @@ -605,6 +605,8 @@ SQUIDCEXTERN protocol_t urlParseProtocol(const char *, const char *e = NULL); SQUIDCEXTERN void urlInitialize(void); SQUIDCEXTERN HttpRequest *urlParse(const HttpRequestMethod&, char *, HttpRequest *request = NULL); SQUIDCEXTERN const char *urlCanonical(HttpRequest *); +SQUIDCEXTERN char *urlCanonicalClean(const HttpRequest *); +SQUIDCEXTERN const char *urlCanonicalFakeHttps(const HttpRequest * request); SQUIDCEXTERN bool urlIsRelative(const char *); SQUIDCEXTERN char *urlMakeAbsolute(const HttpRequest *, const char *); SQUIDCEXTERN char *urlRInternal(const char *host, u_short port, const char *dir, const char *name); @@ -612,7 +614,6 @@ SQUIDCEXTERN char *urlInternal(const char *dir, const char *name); SQUIDCEXTERN int matchDomainName(const char *host, const char *domain); SQUIDCEXTERN int urlCheckRequest(const HttpRequest *); SQUIDCEXTERN int urlDefaultPort(protocol_t p); -SQUIDCEXTERN char *urlCanonicalClean(const HttpRequest *); SQUIDCEXTERN char *urlHostname(const char *url); SQUIDCEXTERN void urlExtMethodConfigure(void); diff --git a/src/url.cc b/src/url.cc index 5bd687111d..2cad9e6fbb 100644 --- a/src/url.cc +++ b/src/url.cc @@ -470,7 +470,7 @@ urlCanonical(HttpRequest * request) return (request->canonical = xstrdup(urlbuf)); } -/** \todo AYJ: Performance: This is an *almost* duplicate of urlCanoncical. But elides the query-string. +/** \todo AYJ: Performance: This is an *almost* duplicate of urlCanonical. But elides the query-string. * After copying it on in the first place! Would be less code to merge the two with a flag parameter. * and never copy the query-string part in the first place */ @@ -536,6 +536,28 @@ urlCanonicalClean(const HttpRequest * request) return buf; } +/** + * Yet another alternative to urlCanonical. + * This one addes the https:// parts to METHOD_CONNECT URL + * for use in error page outputs. + * Luckily we can leverage the others instead of duplicating. + */ +const char * +urlCanonicalFakeHttps(const HttpRequest * request) +{ + LOCAL_ARRAY(char, buf, MAX_URL); + + // method CONNECT and port HTTPS + if(request->method == METHOD_CONNECT && request->port == 443) { + snprintf(buf, MAX_URL, "https://%s/*", request->GetHost()); + return buf; + } + + // else do the normal complete canonical thing. + return urlCanonicalClean(request); +} + + /* * Test if a URL is relative. *