1
/* Licensed to the Apache Software Foundation (ASF) under one or more
2
* contributor license agreements. See the NOTICE file distributed with
3
* this work for additional information regarding copyright ownership.
4
* The ASF licenses this file to You under the Apache License, Version 2.0
5
* (the "License"); you may not use this file except in compliance with
6
* the License. You may obtain a copy of the License at
8
* http://www.apache.org/licenses/LICENSE-2.0
10
* Unless required by applicable law or agreed to in writing, software
11
* distributed under the License is distributed on an "AS IS" BASIS,
12
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13
* See the License for the specific language governing permissions and
14
* limitations under the License.
17
#include "ajp_header.h"
20
static const char *response_trans_headers[] = {
34
static const char *long_res_header_for_sc(int sc)
36
const char *rc = NULL;
38
if(sc <= SC_RES_HEADERS_NUM && sc > 0) {
39
rc = response_trans_headers[sc - 1];
45
#define UNKNOWN_METHOD (-1)
47
static int sc_for_req_header(const char *header_name)
50
apr_size_t len = strlen(header_name);
51
const char *p = header_name;
54
/* ACCEPT-LANGUAGE is the longest headeer
55
* that is of interest.
57
if (len < 4 || len > 15)
58
return UNKNOWN_METHOD;
61
header[i++] = apr_toupper(*p++);
67
if (memcmp(p, "CCEPT", 5) == 0) {
70
else if (header[6] == '-') {
72
if (memcmp(p, "CHARSET", 7) == 0)
73
return SC_ACCEPT_CHARSET;
74
else if (memcmp(p, "ENCODING", 8) == 0)
75
return SC_ACCEPT_ENCODING;
76
else if (memcmp(p, "LANGUAGE", 8) == 0)
77
return SC_ACCEPT_LANGUAGE;
79
return UNKNOWN_METHOD;
82
return UNKNOWN_METHOD;
84
else if (memcmp(p, "UTHORIZATION", 12) == 0)
85
return SC_AUTHORIZATION;
87
return UNKNOWN_METHOD;
90
if(memcmp(p, "OOKIE2", 6) == 0)
92
else if (memcmp(p, "OOKIE", 5) == 0)
94
else if(memcmp(p, "ONNECTION", 9) == 0)
96
else if(memcmp(p, "ONTENT-TYPE", 11) == 0)
97
return SC_CONTENT_TYPE;
98
else if(memcmp(p, "ONTENT-LENGTH", 13) == 0)
99
return SC_CONTENT_LENGTH;
101
return UNKNOWN_METHOD;
104
if(memcmp(p, "OST", 3) == 0)
107
return UNKNOWN_METHOD;
110
if(memcmp(p, "RAGMA", 5) == 0)
113
return UNKNOWN_METHOD;
116
if(memcmp(p, "EFERER", 6) == 0)
119
return UNKNOWN_METHOD;
122
if(memcmp(p, "SER-AGENT", 9) == 0)
123
return SC_USER_AGENT;
125
return UNKNOWN_METHOD;
128
return UNKNOWN_METHOD;
134
/* Apache method number to SC methods transform table */
135
static const unsigned char sc_for_req_method_table[] = {
151
SC_M_VERSION_CONTROL,
160
SC_M_BASELINE_CONTROL,
165
static int sc_for_req_method_by_id(int method_id)
167
if (method_id < 0 || method_id > M_INVALID)
168
return UNKNOWN_METHOD;
170
return sc_for_req_method_table[method_id] ?
171
sc_for_req_method_table[method_id] : UNKNOWN_METHOD;
178
AJPV13_REQUEST/AJPV14_REQUEST=
179
request_prefix (1) (byte)
189
num_headers*(req_header_name header_value)
191
?context (byte)(string)
192
?servlet_path (byte)(string)
193
?remote_user (byte)(string)
194
?auth_type (byte)(string)
195
?query_string (byte)(string)
196
?jvm_route (byte)(string)
197
?ssl_cert (byte)(string)
198
?ssl_cipher (byte)(string)
199
?ssl_session (byte)(string)
200
?ssl_key_size (byte)(int) via JkOptions +ForwardKeySize
201
request_terminator (byte)
202
?body content_length*(var binary)
206
static apr_status_t ajp_marshal_into_msgb(ajp_msg_t *msg,
211
apr_uint32_t i, num_headers = 0;
214
const char *session_route, *envvar;
215
const apr_array_header_t *arr = apr_table_elts(r->subprocess_env);
216
const apr_table_entry_t *elts = (const apr_table_entry_t *)arr->elts;
218
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
219
"Into ajp_marshal_into_msgb");
221
if ((method = sc_for_req_method_by_id(r->method_number)) == UNKNOWN_METHOD) {
222
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
223
"ajp_marshal_into_msgb - No such method %s",
225
return AJP_EBAD_METHOD;
228
is_ssl = (apr_byte_t) ap_proxy_conn_is_https(r->connection);
230
if (r->headers_in && apr_table_elts(r->headers_in)) {
231
const apr_array_header_t *t = apr_table_elts(r->headers_in);
232
num_headers = t->nelts;
235
remote_host = (char *)ap_get_remote_host(r->connection, r->per_dir_config, REMOTE_HOST, NULL);
239
if (ajp_msg_append_uint8(msg, CMD_AJP13_FORWARD_REQUEST) ||
240
ajp_msg_append_uint8(msg, method) ||
241
ajp_msg_append_string(msg, r->protocol) ||
242
ajp_msg_append_string(msg, uri->path) ||
243
ajp_msg_append_string(msg, r->connection->remote_ip) ||
244
ajp_msg_append_string(msg, remote_host) ||
245
ajp_msg_append_string(msg, ap_get_server_name(r)) ||
246
ajp_msg_append_uint16(msg, (apr_uint16_t)r->connection->local_addr->port) ||
247
ajp_msg_append_uint8(msg, is_ssl) ||
248
ajp_msg_append_uint16(msg, (apr_uint16_t) num_headers)) {
250
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
251
"ajp_marshal_into_msgb: "
252
"Error appending the message begining");
256
for (i = 0 ; i < num_headers ; i++) {
258
const apr_array_header_t *t = apr_table_elts(r->headers_in);
259
const apr_table_entry_t *elts = (apr_table_entry_t *)t->elts;
261
if ((sc = sc_for_req_header(elts[i].key)) != UNKNOWN_METHOD) {
262
if (ajp_msg_append_uint16(msg, (apr_uint16_t)sc)) {
263
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
264
"ajp_marshal_into_msgb: "
265
"Error appending the header name");
266
return AJP_EOVERFLOW;
270
if (ajp_msg_append_string(msg, elts[i].key)) {
271
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
272
"ajp_marshal_into_msgb: "
273
"Error appending the header name");
274
return AJP_EOVERFLOW;
278
if (ajp_msg_append_string(msg, elts[i].val)) {
279
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
280
"ajp_marshal_into_msgb: "
281
"Error appending the header value");
282
return AJP_EOVERFLOW;
284
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
285
"ajp_marshal_into_msgb: Header[%d] [%s] = [%s]",
286
i, elts[i].key, elts[i].val);
289
/* XXXX need to figure out how to do this
291
if (ajp_msg_append_uint8(msg, SC_A_SECRET) ||
292
ajp_msg_append_string(msg, s->secret)) {
293
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
294
"Error ajp_marshal_into_msgb - "
295
"Error appending secret");
302
if (ajp_msg_append_uint8(msg, SC_A_REMOTE_USER) ||
303
ajp_msg_append_string(msg, r->user)) {
304
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
305
"ajp_marshal_into_msgb: "
306
"Error appending the remote user");
307
return AJP_EOVERFLOW;
310
if (r->ap_auth_type) {
311
if (ajp_msg_append_uint8(msg, SC_A_AUTH_TYPE) ||
312
ajp_msg_append_string(msg, r->ap_auth_type)) {
313
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
314
"ajp_marshal_into_msgb: "
315
"Error appending the auth type");
316
return AJP_EOVERFLOW;
319
/* XXXX ebcdic (args converted?) */
321
if (ajp_msg_append_uint8(msg, SC_A_QUERY_STRING) ||
322
ajp_msg_append_string(msg, uri->query)) {
323
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
324
"ajp_marshal_into_msgb: "
325
"Error appending the query string");
326
return AJP_EOVERFLOW;
329
if ((session_route = apr_table_get(r->notes, "session-route"))) {
330
if (ajp_msg_append_uint8(msg, SC_A_JVM_ROUTE) ||
331
ajp_msg_append_string(msg, session_route)) {
332
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
333
"ajp_marshal_into_msgb: "
334
"Error appending the jvm route");
335
return AJP_EOVERFLOW;
338
/* XXX: Is the subprocess_env a right place?
339
* <Location /examples>
340
* ProxyPass ajp://remote:8009/servlets-examples
341
* SetEnv SSL_SESSION_ID CUSTOM_SSL_SESSION_ID
345
* Only lookup SSL variables if we are currently running HTTPS.
346
* Furthermore ensure that only variables get set in the AJP message
347
* that are not NULL and not empty.
350
if ((envvar = ap_proxy_ssl_val(r->pool, r->server, r->connection, r,
351
AJP13_SSL_CLIENT_CERT_INDICATOR))
353
if (ajp_msg_append_uint8(msg, SC_A_SSL_CERT)
354
|| ajp_msg_append_string(msg, envvar)) {
355
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
356
"ajp_marshal_into_msgb: "
357
"Error appending the SSL certificates");
358
return AJP_EOVERFLOW;
362
if ((envvar = ap_proxy_ssl_val(r->pool, r->server, r->connection, r,
363
AJP13_SSL_CIPHER_INDICATOR))
365
if (ajp_msg_append_uint8(msg, SC_A_SSL_CIPHER)
366
|| ajp_msg_append_string(msg, envvar)) {
367
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
368
"ajp_marshal_into_msgb: "
369
"Error appending the SSL ciphers");
370
return AJP_EOVERFLOW;
374
if ((envvar = ap_proxy_ssl_val(r->pool, r->server, r->connection, r,
375
AJP13_SSL_SESSION_INDICATOR))
377
if (ajp_msg_append_uint8(msg, SC_A_SSL_SESSION)
378
|| ajp_msg_append_string(msg, envvar)) {
379
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
380
"ajp_marshal_into_msgb: "
381
"Error appending the SSL session");
382
return AJP_EOVERFLOW;
386
/* ssl_key_size is required by Servlet 2.3 API */
387
if ((envvar = ap_proxy_ssl_val(r->pool, r->server, r->connection, r,
388
AJP13_SSL_KEY_SIZE_INDICATOR))
391
if (ajp_msg_append_uint8(msg, SC_A_SSL_KEY_SIZE)
392
|| ajp_msg_append_uint16(msg, (unsigned short) atoi(envvar))) {
393
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
394
"Error ajp_marshal_into_msgb - "
395
"Error appending the SSL key size");
400
/* Use the environment vars prefixed with AJP_
401
* and pass it to the header striping that prefix.
403
for (i = 0; i < (apr_uint32_t)arr->nelts; i++) {
404
if (!strncmp(elts[i].key, "AJP_", 4)) {
405
if (ajp_msg_append_uint8(msg, SC_A_REQ_ATTRIBUTE) ||
406
ajp_msg_append_string(msg, elts[i].key + 4) ||
407
ajp_msg_append_string(msg, elts[i].val)) {
408
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
409
"ajp_marshal_into_msgb: "
410
"Error appending attribute %s=%s",
411
elts[i].key, elts[i].val);
412
return AJP_EOVERFLOW;
417
if (ajp_msg_append_uint8(msg, SC_A_ARE_DONE)) {
418
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
419
"ajp_marshal_into_msgb: "
420
"Error appending the message end");
421
return AJP_EOVERFLOW;
424
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
425
"ajp_marshal_into_msgb: Done");
430
AJPV13_RESPONSE/AJPV14_RESPONSE:=
435
num_headers*(res_header_name header_value)
437
terminator boolean <! -- recycle connection or not -->
440
sc_req_header_name | (string)
443
sc_res_header_name | (string)
450
body length*(var binary)
455
static apr_status_t ajp_unmarshal_response(ajp_msg_t *msg,
457
proxy_dir_conf *dconf)
462
apr_uint16_t num_headers;
465
rc = ajp_msg_get_uint16(msg, &status);
467
if (rc != APR_SUCCESS) {
468
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
469
"ajp_unmarshal_response: Null status");
474
rc = ajp_msg_get_string(msg, &ptr);
475
if (rc == APR_SUCCESS) {
476
r->status_line = apr_psprintf(r->pool, "%d %s", status, ptr);
477
#if defined(AS400) || defined(_OSD_POSIX)
478
ap_xlate_proto_from_ascii(r->status_line, strlen(r->status_line));
481
r->status_line = NULL;
484
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
485
"ajp_unmarshal_response: status = %d", status);
487
rc = ajp_msg_get_uint16(msg, &num_headers);
488
if (rc == APR_SUCCESS) {
489
r->headers_out = apr_table_make(r->pool, num_headers);
491
r->headers_out = NULL;
495
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
496
"ajp_unmarshal_response: Number of headers is = %d",
499
for(i = 0 ; i < (int) num_headers ; i++) {
501
const char *stringname;
503
rc = ajp_msg_peek_uint16(msg, &name);
504
if (rc != APR_SUCCESS) {
508
if ((name & 0XFF00) == 0XA000) {
509
ajp_msg_get_uint16(msg, &name);
510
stringname = long_res_header_for_sc(name);
511
if (stringname == NULL) {
512
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
513
"ajp_unmarshal_response: "
516
return AJP_EBAD_HEADER;
520
rc = ajp_msg_get_string(msg, &stringname);
521
if (rc != APR_SUCCESS) {
522
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
523
"ajp_unmarshal_response: "
527
#if defined(AS400) || defined(_OSD_POSIX)
528
ap_xlate_proto_from_ascii(stringname, strlen(stringname));
532
rc = ajp_msg_get_string(msg, &value);
533
if (rc != APR_SUCCESS) {
534
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
535
"ajp_unmarshal_response: "
536
"Null header value");
540
/* Set-Cookie need additional processing */
541
if (!strcasecmp(stringname, "Set-Cookie")) {
542
value = ap_proxy_cookie_reverse_map(r, dconf, value);
544
/* Location, Content-Location, URI and Destination need additional
546
else if (!strcasecmp(stringname, "Location")
547
|| !strcasecmp(stringname, "Content-Location")
548
|| !strcasecmp(stringname, "URI")
549
|| !strcasecmp(stringname, "Destination"))
551
value = ap_proxy_location_reverse_map(r, dconf, value);
554
#if defined(AS400) || defined(_OSD_POSIX)
555
ap_xlate_proto_from_ascii(value, strlen(value));
557
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
558
"ajp_unmarshal_response: Header[%d] [%s] = [%s]",
559
i, stringname, value);
561
apr_table_add(r->headers_out, stringname, value);
563
/* Content-type needs an additional handling */
564
if (memcmp(stringname, "Content-Type", 12) == 0) {
565
/* add corresponding filter */
566
ap_set_content_type(r, apr_pstrdup(r->pool, value));
567
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
568
"ajp_unmarshal_response: ap_set_content_type done");
576
* Build the ajp header message and send it
578
apr_status_t ajp_send_header(apr_socket_t *sock,
585
rc = ajp_msg_create(r->pool, &msg);
586
if (rc != APR_SUCCESS) {
587
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
588
"ajp_send_header: ajp_msg_create failed");
592
rc = ajp_marshal_into_msgb(msg, r, uri);
593
if (rc != APR_SUCCESS) {
594
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
595
"ajp_send_header: ajp_marshal_into_msgb failed");
599
rc = ajp_ilink_send(sock, msg);
600
if (rc != APR_SUCCESS) {
601
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
602
"ajp_send_header: ajp_ilink_send failed");
610
* Read the ajp message and return the type of the message.
612
apr_status_t ajp_read_header(apr_socket_t *sock,
620
rc = ajp_msg_reuse(*msg);
621
if (rc != APR_SUCCESS) {
622
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
623
"ajp_read_header: ajp_msg_reuse failed");
628
rc = ajp_msg_create(r->pool, msg);
629
if (rc != APR_SUCCESS) {
630
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
631
"ajp_read_header: ajp_msg_create failed");
636
rc = ajp_ilink_receive(sock, *msg);
637
if (rc != APR_SUCCESS) {
638
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
639
"ajp_read_header: ajp_ilink_receive failed");
642
rc = ajp_msg_peek_uint8(*msg, &result);
643
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
644
"ajp_read_header: ajp_ilink_received %02x", result);
648
/* parse the msg to read the type */
649
int ajp_parse_type(request_rec *r, ajp_msg_t *msg)
652
ajp_msg_peek_uint8(msg, &result);
653
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
654
"ajp_parse_type: got %02x", result);
658
/* parse the header */
659
apr_status_t ajp_parse_header(request_rec *r, proxy_dir_conf *conf,
665
rc = ajp_msg_get_uint8(msg, &result);
666
if (rc != APR_SUCCESS) {
667
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
668
"ajp_parse_headers: ajp_msg_get_byte failed");
671
if (result != CMD_AJP13_SEND_HEADERS) {
672
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
673
"ajp_parse_headers: wrong type %02x expecting 0x04", result);
674
return AJP_EBAD_HEADER;
676
return ajp_unmarshal_response(msg, r, conf);
679
/* parse the body and return data address and length */
680
apr_status_t ajp_parse_data(request_rec *r, ajp_msg_t *msg,
681
apr_uint16_t *len, char **ptr)
685
apr_uint16_t expected_len;
687
rc = ajp_msg_get_uint8(msg, &result);
688
if (rc != APR_SUCCESS) {
689
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
690
"ajp_parse_data: ajp_msg_get_byte failed");
693
if (result != CMD_AJP13_SEND_BODY_CHUNK) {
694
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
695
"ajp_parse_data: wrong type %02x expecting 0x03", result);
696
return AJP_EBAD_HEADER;
698
rc = ajp_msg_get_uint16(msg, len);
699
if (rc != APR_SUCCESS) {
703
* msg->len contains the complete length of the message including all
704
* headers. So the expected length for a CMD_AJP13_SEND_BODY_CHUNK is
705
* msg->len minus the sum of
706
* AJP_HEADER_LEN : The length of the header to every AJP message.
707
* AJP_HEADER_SZ_LEN : The header giving the size of the chunk.
708
* 1 : The CMD_AJP13_SEND_BODY_CHUNK indicator byte (0x03).
709
* 1 : The last byte of this message always seems to be
710
* 0x00 and is not part of the chunk.
712
expected_len = msg->len - (AJP_HEADER_LEN + AJP_HEADER_SZ_LEN + 1 + 1);
713
if (*len != expected_len) {
714
ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
715
"ajp_parse_data: Wrong chunk length. Length of chunk is %i,"
716
" expected length is %i.", *len, expected_len);
717
return AJP_EBAD_HEADER;
719
*ptr = (char *)&(msg->buf[msg->pos]);
724
* Allocate a msg to send data
726
apr_status_t ajp_alloc_data_msg(apr_pool_t *pool, char **ptr, apr_size_t *len,
731
if ((rc = ajp_msg_create(pool, msg)) != APR_SUCCESS)
734
*ptr = (char *)&((*msg)->buf[6]);
735
*len = AJP_MSG_BUFFER_SZ-6;
741
* Send the data message
743
apr_status_t ajp_send_data_msg(apr_socket_t *sock,
744
ajp_msg_t *msg, apr_size_t len)
747
msg->buf[4] = (apr_byte_t)((len >> 8) & 0xFF);
748
msg->buf[5] = (apr_byte_t)(len & 0xFF);
750
msg->len += len + 2; /* + 1 XXXX where is '\0' */
752
return ajp_ilink_send(sock, msg);