From b51aec660e218675ba3312ad19da33f8f88fac49 Mon Sep 17 00:00:00 2001 From: hno <> Date: Sun, 11 May 2003 19:53:03 +0000 Subject: [PATCH] Bug 432: http_reply_body_max_size fails with ident acls --- src/HttpReply.cc | 43 +------------------------------------- src/HttpReply.h | 3 +-- src/client_side_reply.cc | 38 +++++++++++++++++++++++++++++---- src/client_side_reply.h | 4 +++- src/client_side_request.cc | 25 +++++++++++++++++++++- src/client_side_request.h | 7 ++++++- src/structs.h | 4 +--- 7 files changed, 70 insertions(+), 54 deletions(-) diff --git a/src/HttpReply.cc b/src/HttpReply.cc index b15f368083..6f5a691b35 100644 --- a/src/HttpReply.cc +++ b/src/HttpReply.cc @@ -1,6 +1,6 @@ /* - * $Id: HttpReply.cc,v 1.59 2003/03/15 04:17:38 robertc Exp $ + * $Id: HttpReply.cc,v 1.60 2003/05/11 13:53:03 hno Exp $ * * DEBUG: section 58 HTTP Reply (Response) * AUTHOR: Alex Rousskov @@ -94,7 +94,6 @@ httpReplyInit(HttpReply * rep) { assert(rep); rep->hdr_sz = 0; - rep->maxBodySize = 0; rep->pstate = psReadyToParseStartLine; httpBodyInit(&rep->body); httpHeaderInit(&rep->header, hoReply); @@ -600,34 +599,6 @@ httpReplyBodySize(method_t method, HttpReply const * reply) return reply->content_length; } -/* - * Calculates the maximum size allowed for an HTTP response - */ -void -httpReplyBodyBuildSize(request_t * request, HttpReply * reply, dlink_list * bodylist) -{ - body_size *bs; - ACLChecklist *checklist; - bs = (body_size *) bodylist->head; - - while (bs) { - checklist = aclChecklistCreate(bs->access_list, request, NULL); - checklist->reply = reply; - - if (1 != aclCheckFast(bs->access_list, checklist)) { - /* deny - skip this entry */ - bs = (body_size *) bs->node.next; - } else { - /* Allow - use this entry */ - reply->maxBodySize = bs->maxsize; - bs = NULL; - debug(58, 3) ("httpReplyBodyBuildSize: Setting maxBodySize to %ld\n", (long int) reply->maxBodySize); - } - - delete checklist; - } -} - MemPool *HttpReply::Pool(NULL); void * HttpReply::operator new (size_t byteCount) @@ -646,15 +617,3 @@ HttpReply::operator delete (void *address) { memPoolFree (Pool, address); } - -bool -HttpReply::isBodyTooLarge(ssize_t clen) const -{ - if (0 == maxBodySize) - return 0; /* disabled */ - - if (clen < 0) - return 0; /* unknown */ - - return (unsigned int)clen > maxBodySize; -} diff --git a/src/HttpReply.h b/src/HttpReply.h index 6aaac79f12..e43671484e 100644 --- a/src/HttpReply.h +++ b/src/HttpReply.h @@ -1,6 +1,6 @@ /* - * $Id: HttpReply.h,v 1.2 2003/02/21 22:50:05 robertc Exp $ + * $Id: HttpReply.h,v 1.3 2003/05/11 13:53:03 hno Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -73,7 +73,6 @@ extern time_t httpReplyExpires(const HttpReply * rep); extern int httpReplyHasCc(const HttpReply * rep, http_hdr_cc_type type); extern void httpRedirectReply(HttpReply *, http_status, const char *); extern int httpReplyBodySize(method_t, HttpReply const *); -extern void httpReplyBodyBuildSize(request_t *, HttpReply *, dlink_list *); extern int httpReplyValidatorsMatch (HttpReply const *, HttpReply const *); #endif /* SQUID_HTTPREPLY_H */ diff --git a/src/client_side_reply.cc b/src/client_side_reply.cc index e44c5c3ff6..8bd31f9c56 100644 --- a/src/client_side_reply.cc +++ b/src/client_side_reply.cc @@ -1,6 +1,6 @@ /* - * $Id: client_side_reply.cc,v 1.49 2003/04/20 05:28:58 robertc Exp $ + * $Id: client_side_reply.cc,v 1.50 2003/05/11 13:53:03 hno Exp $ * * DEBUG: section 88 Client-side Reply Routines * AUTHOR: Robert Collins (Originally Duane Wessels in client_side.c) @@ -1216,7 +1216,8 @@ clientReplyContext::replyStatus() return STREAM_UNPLANNED_COMPLETE; } - if (http->entry->getReply()->isBodyTooLarge(http->out.offset)) { + if (http->isReplyBodyTooLarge(http->out.offset - 4096)) { + /* 4096 is a margin for the HTTP headers included in out.offset */ debug(88, 5) ("clientReplyStatus: client reply body is too large\n"); return STREAM_FAILED; } @@ -1463,6 +1464,7 @@ clientReplyContext::buildReply(const char *buf, size_t size) /* this will fail and destroy request->range */ // clientBuildRangeHeader(http, holdingReply); } + } /* enforce 1.0 reply version */ @@ -1805,14 +1807,42 @@ clientReplyContext::holdReply(HttpReply *aReply) holdingReply = aReply; } +/* + * Calculates the maximum size allowed for an HTTP response + */ +void +clientReplyContext::buildMaxBodySize(HttpReply * reply) +{ + body_size *bs; + ACLChecklist *checklist; + bs = (body_size *) Config.ReplyBodySize.head; + + while (bs) { + checklist = clientAclChecklistCreate(bs->access_list, http); + checklist->reply = reply; + + if (1 != aclCheckFast(bs->access_list, checklist)) { + /* deny - skip this entry */ + bs = (body_size *) bs->node.next; + } else { + /* Allow - use this entry */ + http->maxReplyBodySize(bs->maxsize); + bs = NULL; + debug(58, 3) ("httpReplyBodyBuildSize: Setting maxBodySize to %ld\n", (long int) http->maxReplyBodySize()); + } + + delete checklist; + } +} + void clientReplyContext::processReplyAccess () { HttpReply *rep = holdingReply; holdReply(NULL); - httpReplyBodyBuildSize(http->request, rep, &Config.ReplyBodySize); + buildMaxBodySize(rep); - if (rep->isBodyTooLarge(rep->content_length)) { + if (http->isReplyBodyTooLarge(rep->content_length)) { ErrorState *err = clientBuildError(ERR_TOO_BIG, HTTP_FORBIDDEN, NULL, http->conn ? &http->conn->peer.sin_addr : &no_addr, diff --git a/src/client_side_reply.h b/src/client_side_reply.h index cc610e0061..bc551fca48 100644 --- a/src/client_side_reply.h +++ b/src/client_side_reply.h @@ -1,6 +1,6 @@ /* - * $Id: client_side_reply.h,v 1.2 2003/04/06 08:23:10 robertc Exp $ + * $Id: client_side_reply.h,v 1.3 2003/05/11 13:53:03 hno Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -148,6 +148,8 @@ private: void handleIMSGiveClientUpdatedOldEntry(); void handleIMSGiveClientNewEntry(); void sendClientOldEntry(); + void clientReplyContext::buildMaxBodySize(HttpReply * reply); + StoreEntry *old_entry; store_client *old_sc; /* ... for entry to be validated */ diff --git a/src/client_side_request.cc b/src/client_side_request.cc index ee4888c128..ea1cd3c586 100644 --- a/src/client_side_request.cc +++ b/src/client_side_request.cc @@ -1,6 +1,6 @@ /* - * $Id: client_side_request.cc,v 1.20 2003/03/15 04:17:39 robertc Exp $ + * $Id: client_side_request.cc,v 1.21 2003/05/11 13:53:03 hno Exp $ * * DEBUG: section 85 Client-side Request Routines * AUTHOR: Robert Collins (Originally Duane Wessels in client_side.c) @@ -877,3 +877,26 @@ ClientHttpRequest::gotEnough() const return true; } +void +ClientHttpRequest::maxReplyBodySize(ssize_t clen) +{ + maxReplyBodySize_ = clen; +} + +ssize_t +ClientHttpRequest::maxReplyBodySize() const +{ + return maxReplyBodySize_; +} + +bool +ClientHttpRequest::isReplyBodyTooLarge(ssize_t clen) const +{ + if (0 == maxReplyBodySize()) + return 0; /* disabled */ + + if (clen < 0) + return 0; /* unknown */ + + return clen > maxReplyBodySize(); +} diff --git a/src/client_side_request.h b/src/client_side_request.h index 62b0cbf922..6621aef671 100644 --- a/src/client_side_request.h +++ b/src/client_side_request.h @@ -1,6 +1,6 @@ /* - * $Id: client_side_request.h,v 1.9 2003/03/15 04:17:39 robertc Exp $ + * $Id: client_side_request.h,v 1.10 2003/05/11 13:53:03 hno Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -123,7 +123,12 @@ unsigned int purging: dlink_list client_stream; int mRangeCLen(); + ssize_t maxReplyBodySize() const; + void maxReplyBodySize(ssize_t size); + bool isReplyBodyTooLarge(ssize_t len) const; + private: + ssize_t maxReplyBodySize_; CBDATA_CLASS(ClientHttpRequest); }; diff --git a/src/structs.h b/src/structs.h index 23d7b6b516..fe3b92679e 100644 --- a/src/structs.h +++ b/src/structs.h @@ -1,6 +1,6 @@ /* - * $Id: structs.h,v 1.461 2003/04/17 15:25:44 hno Exp $ + * $Id: structs.h,v 1.462 2003/05/11 13:53:03 hno Exp $ * * * SQUID Web Proxy Cache http://www.squid-cache.org/ @@ -948,7 +948,6 @@ class HttpReply public: void *operator new (size_t); void operator delete (void *); - bool isBodyTooLarge(ssize_t clen) const; /* unsupported, writable, may disappear/change in the future */ int hdr_sz; /* sums _stored_ status-line, headers, and */ @@ -970,7 +969,6 @@ public: HttpStatusLine sline; HttpHeader header; HttpBody body; /* for small constant memory-resident text bodies only */ - size_t maxBodySize; private: static MemPool *Pool; -- 2.39.5