1
/* Licensed to the Apache Software Foundation (ASF) under one or more
2
* contributor license agreements. See the NOTICE file distributed with
3
* this work for additional information regarding copyright ownership.
4
* The ASF licenses this file to You under the Apache License, Version 2.0
5
* (the "License"); you may not use this file except in compliance with
6
* the License. You may obtain a copy of the License at
8
* http://www.apache.org/licenses/LICENSE-2.0
10
* Unless required by applicable law or agreed to in writing, software
11
* distributed under the License is distributed on an "AS IS" BASIS,
12
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
* See the License for the specific language governing permissions and
14
* limitations under the License.
18
* http_request.c: functions to get and process requests
22
* Thoroughly revamped by rst for Apache. NB this file reads
23
* best from the bottom up.
27
#include "apr_strings.h"
28
#include "apr_file_io.h"
29
#include "apr_fnmatch.h"
31
#define APR_WANT_STRFUNC
35
#include "ap_config.h"
37
#include "http_config.h"
38
#include "http_request.h"
39
#include "http_core.h"
40
#include "http_protocol.h"
42
#include "http_main.h"
43
#include "util_filter.h"
44
#include "util_charset.h"
45
#include "scoreboard.h"
53
/*****************************************************************
55
* Mainline request processing...
58
/* XXX A cleaner and faster way to do this might be to pass the request_rec
59
* down the filter chain as a parameter. It would need to change for
60
* subrequest vs. main request filters; perhaps the subrequest filter could
63
static void update_r_in_filters(ap_filter_t *f,
75
AP_DECLARE(void) ap_die(int type, request_rec *r)
77
int error_index = ap_index_of_response(type);
78
char *custom_response = ap_response_code_string(r, error_index);
79
int recursive_error = 0;
80
request_rec *r_1st_err = r;
82
if (type == AP_FILTER_ERROR) {
87
ap_finalize_request_protocol(r);
92
* The following takes care of Apache redirects to custom response URLs
93
* Note that if we are already dealing with the response to some other
94
* error condition, we just report on the original error, and give up on
95
* any attempt to handle the other thing "intelligently"...
97
if (r->status != HTTP_OK) {
98
recursive_error = type;
100
while (r_1st_err->prev && (r_1st_err->prev->status != HTTP_OK))
101
r_1st_err = r_1st_err->prev; /* Get back to original error */
103
if (r_1st_err != r) {
104
/* The recursive error was caused by an ErrorDocument specifying
105
* an internal redirect to a bad URI. ap_internal_redirect has
106
* changed the filter chains to point to the ErrorDocument's
107
* request_rec. Back out those changes so we can safely use the
108
* original failing request_rec to send the canned error message.
110
* ap_send_error_response gets rid of existing resource filters
111
* on the output side, so we can skip those.
113
update_r_in_filters(r_1st_err->proto_output_filters, r, r_1st_err);
114
update_r_in_filters(r_1st_err->input_filters, r, r_1st_err);
117
custom_response = NULL; /* Do NOT retry the custom thing! */
123
* This test is done here so that none of the auth modules needs to know
124
* about proxy authentication. They treat it like normal auth, and then
125
* we tweak the status.
127
if (HTTP_UNAUTHORIZED == r->status && PROXYREQ_PROXY == r->proxyreq) {
128
r->status = HTTP_PROXY_AUTHENTICATION_REQUIRED;
131
/* If we don't want to keep the connection, make sure we mark that the
132
* connection is not eligible for keepalive. If we want to keep the
133
* connection, be sure that the request body (if any) has been read.
135
if (ap_status_drops_connection(r->status)) {
136
r->connection->keepalive = AP_CONN_CLOSE;
140
* Two types of custom redirects --- plain text, and URLs. Plain text has
141
* a leading '"', so the URL code, here, is triggered on its absence
144
if (custom_response && custom_response[0] != '"') {
146
if (ap_is_url(custom_response)) {
148
* The URL isn't local, so lets drop through the rest of this
149
* apache code, and continue with the usual REDIRECT handler.
150
* But note that the client will ultimately see the wrong
153
r->status = HTTP_MOVED_TEMPORARILY;
154
apr_table_setn(r->headers_out, "Location", custom_response);
156
else if (custom_response[0] == '/') {
157
const char *error_notes;
158
r->no_local_copy = 1; /* Do NOT send HTTP_NOT_MODIFIED for
159
* error documents! */
161
* This redirect needs to be a GET no matter what the original
164
apr_table_setn(r->subprocess_env, "REQUEST_METHOD", r->method);
167
* Provide a special method for modules to communicate
168
* more informative (than the plain canned) messages to us.
169
* Propagate them to ErrorDocuments via the ERROR_NOTES variable:
171
if ((error_notes = apr_table_get(r->notes,
172
"error-notes")) != NULL) {
173
apr_table_setn(r->subprocess_env, "ERROR_NOTES", error_notes);
175
r->method = apr_pstrdup(r->pool, "GET");
176
r->method_number = M_GET;
177
ap_internal_redirect(custom_response, r);
182
* Dumb user has given us a bad url to redirect to --- fake up
183
* dying with a recursive server error...
185
recursive_error = HTTP_INTERNAL_SERVER_ERROR;
186
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
187
"Invalid error redirection directive: %s",
191
ap_send_error_response(r_1st_err, recursive_error);
194
static void check_pipeline_flush(request_rec *r)
197
apr_bucket_brigade *bb;
198
conn_rec *c = r->connection;
199
/* ### if would be nice if we could PEEK without a brigade. that would
200
### allow us to defer creation of the brigade to when we actually
201
### need to send a FLUSH. */
202
bb = apr_brigade_create(r->pool, c->bucket_alloc);
204
/* Flush the filter contents if:
206
* 1) the connection will be closed
207
* 2) there isn't a request ready to be read
209
/* ### shouldn't this read from the connection input filters? */
210
/* ### is zero correct? that means "read one line" */
211
if (r->connection->keepalive != AP_CONN_CLOSE) {
212
if (ap_get_brigade(r->input_filters, bb, AP_MODE_EATCRLF,
213
APR_NONBLOCK_READ, 0) != APR_SUCCESS) {
214
c->data_in_input_filters = 0; /* we got APR_EOF or an error */
217
c->data_in_input_filters = 1;
218
return; /* don't flush */
222
e = apr_bucket_flush_create(c->bucket_alloc);
224
/* We just send directly to the connection based filters. At
225
* this point, we know that we have seen all of the data
226
* (request finalization sent an EOS bucket, which empties all
227
* of the request filters). We just want to flush the buckets
228
* if something hasn't been sent to the network yet.
230
APR_BRIGADE_INSERT_HEAD(bb, e);
231
ap_pass_brigade(r->connection->output_filters, bb);
234
void ap_process_request(request_rec *r)
238
/* Give quick handlers a shot at serving the request on the fast
239
* path, bypassing all of the other Apache hooks.
241
* This hook was added to enable serving files out of a URI keyed
242
* content cache ( e.g., Mike Abbott's Quick Shortcut Cache,
243
* described here: http://oss.sgi.com/projects/apache/mod_qsc.html )
245
* It may have other uses as well, such as routing requests directly to
246
* content handlers that have the ability to grok HTTP and do their
247
* own access checking, etc (e.g. servlet engines).
249
* Use this hook with extreme care and only if you know what you are
252
if (ap_extended_status)
253
ap_time_process_request(r->connection->sbh, START_PREQUEST);
254
access_status = ap_run_quick_handler(r, 0); /* Not a look-up request */
255
if (access_status == DECLINED) {
256
access_status = ap_process_request_internal(r);
257
if (access_status == OK) {
258
access_status = ap_invoke_handler(r);
262
if (access_status == DONE) {
263
/* e.g., something not in storage like TRACE */
267
if (access_status == OK) {
268
ap_finalize_request_protocol(r);
272
ap_die(access_status, r);
276
* We want to flush the last packet if this isn't a pipelining connection
277
* *before* we start into logging. Suppose that the logging causes a DNS
278
* lookup to occur, which may have a high latency. If we hold off on
279
* this packet, then it'll appear like the link is stalled when really
280
* it's the application that's stalled.
282
check_pipeline_flush(r);
283
ap_update_child_status(r->connection->sbh, SERVER_BUSY_LOG, r);
284
ap_run_log_transaction(r);
285
if (ap_extended_status)
286
ap_time_process_request(r->connection->sbh, STOP_PREQUEST);
289
static apr_table_t *rename_original_env(apr_pool_t *p, apr_table_t *t)
291
const apr_array_header_t *env_arr = apr_table_elts(t);
292
const apr_table_entry_t *elts = (const apr_table_entry_t *) env_arr->elts;
293
apr_table_t *new = apr_table_make(p, env_arr->nalloc);
296
for (i = 0; i < env_arr->nelts; ++i) {
299
apr_table_setn(new, apr_pstrcat(p, "REDIRECT_", elts[i].key, NULL),
306
static request_rec *internal_internal_redirect(const char *new_uri,
311
if (ap_is_recursion_limit_exceeded(r)) {
312
ap_die(HTTP_INTERNAL_SERVER_ERROR, r);
316
new = (request_rec *) apr_pcalloc(r->pool, sizeof(request_rec));
318
new->connection = r->connection;
319
new->server = r->server;
323
* A whole lot of this really ought to be shared with http_protocol.c...
324
* another missing cleanup. It's particularly inappropriate to be
325
* setting header_only, etc., here.
328
new->method = r->method;
329
new->method_number = r->method_number;
330
new->allowed_methods = ap_make_method_list(new->pool, 2);
331
ap_parse_uri(new, new_uri);
333
new->request_config = ap_create_request_config(r->pool);
335
new->per_dir_config = r->server->lookup_defaults;
340
/* Must have prev and next pointers set before calling create_request
343
ap_run_create_request(new);
345
/* Inherit the rest of the protocol info... */
347
new->the_request = r->the_request;
349
new->allowed = r->allowed;
351
new->status = r->status;
352
new->assbackwards = r->assbackwards;
353
new->header_only = r->header_only;
354
new->protocol = r->protocol;
355
new->proto_num = r->proto_num;
356
new->hostname = r->hostname;
357
new->request_time = r->request_time;
360
new->headers_in = r->headers_in;
361
new->headers_out = apr_table_make(r->pool, 12);
362
new->err_headers_out = r->err_headers_out;
363
new->subprocess_env = rename_original_env(r->pool, r->subprocess_env);
364
new->notes = apr_table_make(r->pool, 5);
365
new->allowed_methods = ap_make_method_list(new->pool, 2);
367
new->htaccess = r->htaccess;
368
new->no_cache = r->no_cache;
369
new->expecting_100 = r->expecting_100;
370
new->no_local_copy = r->no_local_copy;
371
new->read_length = r->read_length; /* We can only read it once */
372
new->vlist_validator = r->vlist_validator;
374
new->proto_output_filters = r->proto_output_filters;
375
new->proto_input_filters = r->proto_input_filters;
377
new->output_filters = new->proto_output_filters;
378
new->input_filters = new->proto_input_filters;
381
/* Add back the subrequest filter, which we lost when
382
* we set output_filters to include only the protocol
383
* output filters from the original request.
385
ap_add_output_filter_handle(ap_subreq_core_filter_handle,
386
NULL, new, new->connection);
389
update_r_in_filters(new->input_filters, r, new);
390
update_r_in_filters(new->output_filters, r, new);
392
apr_table_setn(new->subprocess_env, "REDIRECT_STATUS",
393
apr_itoa(r->pool, r->status));
396
* XXX: hmm. This is because mod_setenvif and mod_unique_id really need
397
* to do their thing on internal redirects as well. Perhaps this is a
400
if ((access_status = ap_run_post_read_request(new))) {
401
ap_die(access_status, new);
408
/* XXX: Is this function is so bogus and fragile that we deep-6 it? */
409
AP_DECLARE(void) ap_internal_fast_redirect(request_rec *rr, request_rec *r)
411
/* We need to tell POOL_DEBUG that we're guaranteeing that rr->pool
412
* will exist as long as r->pool. Otherwise we run into troubles because
413
* some values in this request will be allocated in r->pool, and others in
416
apr_pool_join(r->pool, rr->pool);
417
r->proxyreq = rr->proxyreq;
418
r->no_cache = (r->no_cache && rr->no_cache);
419
r->no_local_copy = (r->no_local_copy && rr->no_local_copy);
420
r->mtime = rr->mtime;
422
r->filename = rr->filename;
423
r->canonical_filename = rr->canonical_filename;
424
r->path_info = rr->path_info;
426
r->finfo = rr->finfo;
427
r->handler = rr->handler;
428
ap_set_content_type(r, rr->content_type);
429
r->content_encoding = rr->content_encoding;
430
r->content_languages = rr->content_languages;
431
r->per_dir_config = rr->per_dir_config;
432
/* copy output headers from subrequest, but leave negotiation headers */
433
r->notes = apr_table_overlay(r->pool, rr->notes, r->notes);
434
r->headers_out = apr_table_overlay(r->pool, rr->headers_out,
436
r->err_headers_out = apr_table_overlay(r->pool, rr->err_headers_out,
438
r->subprocess_env = apr_table_overlay(r->pool, rr->subprocess_env,
441
r->output_filters = rr->output_filters;
442
r->input_filters = rr->input_filters;
445
ap_add_output_filter_handle(ap_subreq_core_filter_handle,
446
NULL, r, r->connection);
448
else if (r->output_filters->frec == ap_subreq_core_filter_handle) {
449
ap_remove_output_filter(r->output_filters);
450
r->output_filters = r->output_filters->next;
453
/* If any filters pointed at the now-defunct rr, we must point them
454
* at our "new" instance of r. In particular, some of rr's structures
455
* will now be bogus (say rr->headers_out). If a filter tried to modify
456
* their f->r structure when it is pointing to rr, the real request_rec
457
* will not get updated. Fix that here.
459
update_r_in_filters(r->input_filters, rr, r);
460
update_r_in_filters(r->output_filters, rr, r);
463
AP_DECLARE(void) ap_internal_redirect(const char *new_uri, request_rec *r)
465
request_rec *new = internal_internal_redirect(new_uri, r);
468
/* ap_die was already called, if an error occured */
473
access_status = ap_run_quick_handler(new, 0); /* Not a look-up request */
474
if (access_status == DECLINED) {
475
access_status = ap_process_request_internal(new);
476
if (access_status == OK) {
477
access_status = ap_invoke_handler(new);
480
if (access_status == OK) {
481
ap_finalize_request_protocol(new);
484
ap_die(access_status, new);
488
/* This function is designed for things like actions or CGI scripts, when
489
* using AddHandler, and you want to preserve the content type across
490
* an internal redirect.
492
AP_DECLARE(void) ap_internal_redirect_handler(const char *new_uri, request_rec *r)
495
request_rec *new = internal_internal_redirect(new_uri, r);
497
/* ap_die was already called, if an error occured */
503
ap_set_content_type(new, r->content_type);
504
access_status = ap_process_request_internal(new);
505
if (access_status == OK) {
506
if ((access_status = ap_invoke_handler(new)) != 0) {
507
ap_die(access_status, new);
510
ap_finalize_request_protocol(new);
513
ap_die(access_status, new);
517
AP_DECLARE(void) ap_allow_methods(request_rec *r, int reset, ...)
523
* Get rid of any current settings if requested; not just the
524
* well-known methods but any extensions as well.
527
ap_clear_method_list(r->allowed_methods);
530
va_start(methods, reset);
531
while ((method = va_arg(methods, const char *)) != NULL) {
532
ap_method_list_add(r->allowed_methods, method);
537
AP_DECLARE(void) ap_allow_standard_methods(request_rec *r, int reset, ...)
544
* Get rid of any current settings if requested; not just the
545
* well-known methods but any extensions as well.
548
ap_clear_method_list(r->allowed_methods);
552
va_start(methods, reset);
553
while ((method = va_arg(methods, int)) != -1) {
554
mask |= (AP_METHOD_BIT << method);
558
r->allowed_methods->method_mask |= mask;