1530
1512
http_msg_invalid:
1531
1513
/* invalid message */
1532
1514
msg->msg_state = HTTP_MSG_ERROR;
1537
* manages the client FSM and its socket. BTW, it also tries to handle the
1538
* cookie. It returns 1 if a state has changed (and a resync may be needed),
1519
/* This function performs all the processing enabled for the current request.
1520
* It returns 1 if the processing can continue on next analysers, or zero if it
1521
* needs more data, encounters an error, or wants to immediately abort the
1522
* request. It relies on buffers flags, and updates s->req->analysers. Its
1523
* behaviour is rather simple:
1524
* - all enabled analysers are called in turn from the lower to the higher
1526
* - the analyser must check for errors and timeouts, and react as expected.
1527
* It does not have to close anything upon error, the caller will.
1528
* - if the analyser does not have enough data, it must return 0without calling
1529
* other ones. It should also probably do a buffer_write_dis() to ensure
1530
* that unprocessed data will not be forwarded. But that probably depends on
1532
* - if an analyser has enough data, it just has to pass on to the next
1533
* analyser without using buffer_write_dis() (enabled by default).
1534
* - if an analyser thinks it has no added value anymore staying here, it must
1535
* reset its bit from the analysers flags in order not to be called anymore.
1537
* In the future, analysers should be able to indicate that they want to be
1538
* called after XXX bytes have been received (or transfered), and the min of
1539
* all's wishes will be used to ring back (unless a special condition occurs).
1541
int process_cli(struct session *t)
1541
int http_process_request(struct session *s, struct buffer *req)
1543
int s = t->srv_state;
1544
int c = t->cli_state;
1545
struct buffer *req = t->req;
1546
struct buffer *rep = t->rep;
1548
DPRINTF(stderr,"process_cli: c=%s s=%s set(r,w)=%d,%d exp(r,w)=%d.%d,%d.%d\n",
1549
cli_stnames[c], srv_stnames[s],
1550
EV_FD_ISSET(t->cli_fd, DIR_RD), EV_FD_ISSET(t->cli_fd, DIR_WR),
1551
req->rex.tv_sec, req->rex.tv_usec,
1552
rep->wex.tv_sec, rep->wex.tv_usec);
1554
if (c == CL_STHEADERS) {
1556
* Now parse the partial (or complete) lines.
1557
* We will check the request syntax, and also join multi-line
1558
* headers. An index of all the lines will be elaborated while
1561
* For the parsing, we use a 28 states FSM.
1563
* Here is the information we currently have :
1564
* req->data + req->som = beginning of request
1565
* req->data + req->eoh = end of processed headers / start of current one
1566
* req->data + req->eol = end of current header or line (LF or CRLF)
1567
* req->lr = first non-visited byte
1568
* req->r = end of data
1572
struct http_txn *txn = &t->txn;
1573
struct http_msg *msg = &txn->req;
1574
struct proxy *cur_proxy;
1576
if (likely(req->lr < req->r))
1577
http_msg_analyzer(req, msg, &txn->hdr_idx);
1579
/* 1: we might have to print this header in debug mode */
1580
if (unlikely((global.mode & MODE_DEBUG) &&
1581
(!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)) &&
1582
(msg->msg_state == HTTP_MSG_BODY || msg->msg_state == HTTP_MSG_ERROR))) {
1585
sol = req->data + msg->som;
1586
eol = sol + msg->sl.rq.l;
1587
debug_hdr("clireq", t, sol, eol);
1589
sol += hdr_idx_first_pos(&txn->hdr_idx);
1590
cur_idx = hdr_idx_first_idx(&txn->hdr_idx);
1593
eol = sol + txn->hdr_idx.v[cur_idx].len;
1594
debug_hdr("clihdr", t, sol, eol);
1595
sol = eol + txn->hdr_idx.v[cur_idx].cr + 1;
1596
cur_idx = txn->hdr_idx.v[cur_idx].next;
1602
* Now we quickly check if we have found a full valid request.
1603
* If not so, we check the FD and buffer states before leaving.
1604
* A full request is indicated by the fact that we have seen
1605
* the double LF/CRLF, so the state is HTTP_MSG_BODY. Invalid
1606
* requests are checked first.
1610
if (unlikely(msg->msg_state != HTTP_MSG_BODY)) {
1612
* First, let's catch bad requests.
1614
if (unlikely(msg->msg_state == HTTP_MSG_ERROR))
1615
goto return_bad_req;
1617
/* 1: Since we are in header mode, if there's no space
1618
* left for headers, we won't be able to free more
1619
* later, so the session will never terminate. We
1620
* must terminate it now.
1622
if (unlikely(req->l >= req->rlim - req->data)) {
1623
/* FIXME: check if URI is set and return Status
1624
* 414 Request URI too long instead.
1626
goto return_bad_req;
1629
/* 2: have we encountered a read error or a close ? */
1630
else if (unlikely(req->flags & (BF_READ_ERROR | BF_READ_NULL))) {
1631
/* read error, or last read : give up. */
1633
fd_delete(t->cli_fd);
1634
t->cli_state = CL_STCLOSE;
1635
t->fe->failed_req++;
1636
if (!(t->flags & SN_ERR_MASK))
1637
t->flags |= SN_ERR_CLICL;
1638
if (!(t->flags & SN_FINST_MASK))
1639
t->flags |= SN_FINST_R;
1643
/* 3: has the read timeout expired ? */
1644
else if (unlikely(tv_isle(&req->rex, &now) ||
1645
tv_isle(&txn->exp, &now))) {
1646
/* read timeout : give up with an error message. */
1648
client_retnclose(t, error_message(t, HTTP_ERR_408));
1649
t->fe->failed_req++;
1650
if (!(t->flags & SN_ERR_MASK))
1651
t->flags |= SN_ERR_CLITO;
1652
if (!(t->flags & SN_FINST_MASK))
1653
t->flags |= SN_FINST_R;
1657
/* 4: do we need to re-enable the read socket ? */
1658
else if (unlikely(EV_FD_COND_S(t->cli_fd, DIR_RD))) {
1659
/* fd in DIR_RD was disabled, perhaps because of a previous buffer
1660
* full. We cannot loop here since stream_sock_read will disable it only if
1661
* req->l == rlim-data
1663
if (!tv_add_ifset(&req->rex, &now, &t->fe->timeout.client))
1664
tv_eternity(&req->rex);
1666
return t->cli_state != CL_STHEADERS;
1670
/****************************************************************
1671
* More interesting part now : we know that we have a complete *
1672
* request which at least looks like HTTP. We have an indicator *
1673
* of each header's length, so we can parse them quickly. *
1674
****************************************************************/
1676
/* ensure we keep this pointer to the beginning of the message */
1544
* We will parse the partial (or complete) lines.
1545
* We will check the request syntax, and also join multi-line
1546
* headers. An index of all the lines will be elaborated while
1549
* For the parsing, we use a 28 states FSM.
1551
* Here is the information we currently have :
1552
* req->data + msg->som = beginning of request
1553
* req->data + req->eoh = end of processed headers / start of current one
1554
* req->data + req->eol = end of current header or line (LF or CRLF)
1555
* req->lr = first non-visited byte
1556
* req->r = end of data
1560
struct http_txn *txn = &s->txn;
1561
struct http_msg *msg = &txn->req;
1562
struct proxy *cur_proxy;
1564
DPRINTF(stderr,"[%u] %s: session=%p b=%p, exp(r,w)=%u,%u bf=%08x bl=%d analysers=%02x\n",
1565
now_ms, __FUNCTION__,
1573
if (likely(req->lr < req->r))
1574
http_msg_analyzer(req, msg, &txn->hdr_idx);
1576
/* 1: we might have to print this header in debug mode */
1577
if (unlikely((global.mode & MODE_DEBUG) &&
1578
(!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)) &&
1579
(msg->msg_state == HTTP_MSG_BODY || msg->msg_state == HTTP_MSG_ERROR))) {
1582
sol = req->data + msg->som;
1583
eol = sol + msg->sl.rq.l;
1584
debug_hdr("clireq", s, sol, eol);
1586
sol += hdr_idx_first_pos(&txn->hdr_idx);
1587
cur_idx = hdr_idx_first_idx(&txn->hdr_idx);
1590
eol = sol + txn->hdr_idx.v[cur_idx].len;
1591
debug_hdr("clihdr", s, sol, eol);
1592
sol = eol + txn->hdr_idx.v[cur_idx].cr + 1;
1593
cur_idx = txn->hdr_idx.v[cur_idx].next;
1599
* Now we quickly check if we have found a full valid request.
1600
* If not so, we check the FD and buffer states before leaving.
1601
* A full request is indicated by the fact that we have seen
1602
* the double LF/CRLF, so the state is HTTP_MSG_BODY. Invalid
1603
* requests are checked first.
1607
if (unlikely(msg->msg_state != HTTP_MSG_BODY)) {
1609
* First, let's catch bad requests.
1611
if (unlikely(msg->msg_state == HTTP_MSG_ERROR))
1612
goto return_bad_req;
1614
/* 1: Since we are in header mode, if there's no space
1615
* left for headers, we won't be able to free more
1616
* later, so the session will never terminate. We
1617
* must terminate it now.
1619
if (unlikely(req->flags & BF_FULL)) {
1620
/* FIXME: check if URI is set and return Status
1621
* 414 Request URI too long instead.
1623
goto return_bad_req;
1626
/* 2: have we encountered a read error ? */
1627
else if (req->flags & BF_READ_ERROR) {
1628
/* we cannot return any message on error */
1629
if (msg->err_pos >= 0)
1630
http_capture_bad_message(&s->fe->invalid_req, s, req, msg, s->fe);
1631
msg->msg_state = HTTP_MSG_ERROR;
1633
s->fe->failed_req++;
1634
if (!(s->flags & SN_ERR_MASK))
1635
s->flags |= SN_ERR_CLICL;
1636
if (!(s->flags & SN_FINST_MASK))
1637
s->flags |= SN_FINST_R;
1641
/* 3: has the read timeout expired ? */
1642
else if (req->flags & BF_READ_TIMEOUT || tick_is_expired(req->analyse_exp, now_ms)) {
1643
/* read timeout : give up with an error message. */
1644
if (msg->err_pos >= 0)
1645
http_capture_bad_message(&s->fe->invalid_req, s, req, msg, s->fe);
1647
stream_int_retnclose(req->prod, error_message(s, HTTP_ERR_408));
1648
msg->msg_state = HTTP_MSG_ERROR;
1650
s->fe->failed_req++;
1651
if (!(s->flags & SN_ERR_MASK))
1652
s->flags |= SN_ERR_CLITO;
1653
if (!(s->flags & SN_FINST_MASK))
1654
s->flags |= SN_FINST_R;
1658
/* 4: have we encountered a close ? */
1659
else if (req->flags & BF_SHUTR) {
1660
if (msg->err_pos >= 0)
1661
http_capture_bad_message(&s->fe->invalid_req, s, req, msg, s->fe);
1663
stream_int_retnclose(req->prod, error_message(s, HTTP_ERR_400));
1664
msg->msg_state = HTTP_MSG_ERROR;
1666
s->fe->failed_req++;
1668
if (!(s->flags & SN_ERR_MASK))
1669
s->flags |= SN_ERR_CLICL;
1670
if (!(s->flags & SN_FINST_MASK))
1671
s->flags |= SN_FINST_R;
1675
buffer_write_dis(req);
1676
req->flags |= BF_READ_DONTWAIT; /* try to get back here ASAP */
1678
/* just set the request timeout once at the beginning of the request */
1679
if (!tick_isset(req->analyse_exp))
1680
req->analyse_exp = tick_add_ifset(now_ms, s->fe->timeout.httpreq);
1682
/* we're not ready yet */
1687
/****************************************************************
1688
* More interesting part now : we know that we have a complete *
1689
* request which at least looks like HTTP. We have an indicator *
1690
* of each header's length, so we can parse them quickly. *
1691
****************************************************************/
1693
if (msg->err_pos >= 0)
1694
http_capture_bad_message(&s->fe->invalid_req, s, req, msg, s->fe);
1696
req->analysers &= ~AN_REQ_HTTP_HDR;
1697
req->analyse_exp = TICK_ETERNITY;
1699
/* ensure we keep this pointer to the beginning of the message */
1700
msg->sol = req->data + msg->som;
1703
* 1: identify the method
1705
txn->meth = find_http_meth(&req->data[msg->som], msg->sl.rq.m_l);
1707
/* we can make use of server redirect on GET and HEAD */
1708
if (txn->meth == HTTP_METH_GET || txn->meth == HTTP_METH_HEAD)
1709
s->flags |= SN_REDIRECTABLE;
1712
* 2: check if the URI matches the monitor_uri.
1713
* We have to do this for every request which gets in, because
1714
* the monitor-uri is defined by the frontend.
1716
if (unlikely((s->fe->monitor_uri_len != 0) &&
1717
(s->fe->monitor_uri_len == msg->sl.rq.u_l) &&
1718
!memcmp(&req->data[msg->sl.rq.u],
1720
s->fe->monitor_uri_len))) {
1722
* We have found the monitor URI
1724
struct acl_cond *cond;
1727
s->flags |= SN_MONITOR;
1729
/* Check if we want to fail this monitor request or not */
1730
list_for_each_entry(cond, &cur_proxy->mon_fail_cond, list) {
1731
int ret = acl_exec_cond(cond, cur_proxy, s, txn, ACL_DIR_REQ);
1733
ret = acl_pass(ret);
1734
if (cond->pol == ACL_COND_UNLESS)
1738
/* we fail this request, let's return 503 service unavail */
1740
stream_int_retnclose(req->prod, error_message(s, HTTP_ERR_503));
1741
goto return_prx_cond;
1745
/* nothing to fail, let's reply normaly */
1747
stream_int_retnclose(req->prod, &http_200_chunk);
1748
goto return_prx_cond;
1752
* 3: Maybe we have to copy the original REQURI for the logs ?
1753
* Note: we cannot log anymore if the request has been
1754
* classified as invalid.
1756
if (unlikely(s->logs.logwait & LW_REQ)) {
1757
/* we have a complete HTTP request that we must log */
1758
if ((txn->uri = pool_alloc2(pool2_requri)) != NULL) {
1759
int urilen = msg->sl.rq.l;
1761
if (urilen >= REQURI_LEN)
1762
urilen = REQURI_LEN - 1;
1763
memcpy(txn->uri, &req->data[msg->som], urilen);
1764
txn->uri[urilen] = 0;
1766
if (!(s->logs.logwait &= ~LW_REQ))
1769
Alert("HTTP logging : out of memory.\n");
1773
/* 4. We may have to convert HTTP/0.9 requests to HTTP/1.0 */
1774
if (unlikely(msg->sl.rq.v_l == 0)) {
1677
1777
msg->sol = req->data + msg->som;
1680
* 1: identify the method
1682
txn->meth = find_http_meth(&req->data[msg->som], msg->sl.rq.m_l);
1685
* 2: check if the URI matches the monitor_uri.
1686
* We have to do this for every request which gets in, because
1687
* the monitor-uri is defined by the frontend.
1689
if (unlikely((t->fe->monitor_uri_len != 0) &&
1690
(t->fe->monitor_uri_len == msg->sl.rq.u_l) &&
1691
!memcmp(&req->data[msg->sl.rq.u],
1693
t->fe->monitor_uri_len))) {
1695
* We have found the monitor URI
1697
struct acl_cond *cond;
1700
t->flags |= SN_MONITOR;
1702
/* Check if we want to fail this monitor request or not */
1703
list_for_each_entry(cond, &cur_proxy->mon_fail_cond, list) {
1704
int ret = acl_exec_cond(cond, cur_proxy, t, txn, ACL_DIR_REQ);
1705
if (cond->pol == ACL_COND_UNLESS)
1709
/* we fail this request, let's return 503 service unavail */
1711
client_retnclose(t, error_message(t, HTTP_ERR_503));
1712
goto return_prx_cond;
1716
/* nothing to fail, let's reply normaly */
1718
client_retnclose(t, &http_200_chunk);
1719
goto return_prx_cond;
1723
* 3: Maybe we have to copy the original REQURI for the logs ?
1724
* Note: we cannot log anymore if the request has been
1725
* classified as invalid.
1727
if (unlikely(t->logs.logwait & LW_REQ)) {
1728
/* we have a complete HTTP request that we must log */
1729
if ((txn->uri = pool_alloc2(pool2_requri)) != NULL) {
1730
int urilen = msg->sl.rq.l;
1732
if (urilen >= REQURI_LEN)
1733
urilen = REQURI_LEN - 1;
1734
memcpy(txn->uri, &req->data[msg->som], urilen);
1735
txn->uri[urilen] = 0;
1737
if (!(t->logs.logwait &= ~LW_REQ))
1740
Alert("HTTP logging : out of memory.\n");
1745
/* 4. We may have to convert HTTP/0.9 requests to HTTP/1.0 */
1746
if (unlikely(msg->sl.rq.v_l == 0)) {
1749
msg->sol = req->data + msg->som;
1750
cur_end = msg->sol + msg->sl.rq.l;
1753
if (msg->sl.rq.u_l == 0) {
1754
/* if no URI was set, add "/" */
1755
delta = buffer_replace2(req, cur_end, cur_end, " /", 2);
1759
/* add HTTP version */
1760
delta = buffer_replace2(req, cur_end, cur_end, " HTTP/1.0\r\n", 11);
1778
cur_end = msg->sol + msg->sl.rq.l;
1781
if (msg->sl.rq.u_l == 0) {
1782
/* if no URI was set, add "/" */
1783
delta = buffer_replace2(req, cur_end, cur_end, " /", 2);
1761
1785
msg->eoh += delta;
1763
cur_end = (char *)http_parse_reqline(msg, req->data,
1765
msg->sol, cur_end + 1,
1767
if (unlikely(!cur_end))
1768
goto return_bad_req;
1770
/* we have a full HTTP/1.0 request now and we know that
1771
* we have either a CR or an LF at <ptr>.
1773
hdr_idx_set_start(&txn->hdr_idx, msg->sl.rq.l, *cur_end == '\r');
1777
/* 5: we may need to capture headers */
1778
if (unlikely((t->logs.logwait & LW_REQHDR) && t->fe->req_cap))
1779
capture_headers(req->data + msg->som, &txn->hdr_idx,
1780
txn->req.cap, t->fe->req_cap);
1783
* 6: we will have to evaluate the filters.
1784
* As opposed to version 1.2, now they will be evaluated in the
1785
* filters order and not in the header order. This means that
1786
* each filter has to be validated among all headers.
1788
* We can now check whether we want to switch to another
1789
* backend, in which case we will re-check the backend's
1790
* filters and various options. In order to support 3-level
1791
* switching, here's how we should proceed :
1794
* if (switch) then switch ->be to the new backend.
1795
* b) run be if (be != fe).
1796
* There cannot be any switch from there, so ->be cannot be
1799
* => filters always apply to ->be, then ->be may change.
1801
* The response path will be able to apply either ->be, or
1802
* ->be then ->fe filters in order to match the reverse of
1803
* the forward sequence.
1787
/* add HTTP version */
1788
delta = buffer_replace2(req, cur_end, cur_end, " HTTP/1.0\r\n", 11);
1791
cur_end = (char *)http_parse_reqline(msg, req->data,
1793
msg->sol, cur_end + 1,
1795
if (unlikely(!cur_end))
1796
goto return_bad_req;
1798
/* we have a full HTTP/1.0 request now and we know that
1799
* we have either a CR or an LF at <ptr>.
1807
struct acl_cond *cond;
1808
struct proxy *rule_set = t->be;
1811
/* first check whether we have some ACLs set to block this request */
1812
list_for_each_entry(cond, &cur_proxy->block_cond, list) {
1813
int ret = acl_exec_cond(cond, cur_proxy, t, txn, ACL_DIR_REQ);
1814
if (cond->pol == ACL_COND_UNLESS)
1819
/* let's log the request time */
1820
t->logs.tv_request = now;
1821
client_retnclose(t, error_message(t, HTTP_ERR_403));
1822
goto return_prx_cond;
1801
hdr_idx_set_start(&txn->hdr_idx, msg->sl.rq.l, *cur_end == '\r');
1805
/* 5: we may need to capture headers */
1806
if (unlikely((s->logs.logwait & LW_REQHDR) && s->fe->req_cap))
1807
capture_headers(req->data + msg->som, &txn->hdr_idx,
1808
txn->req.cap, s->fe->req_cap);
1811
* 6: we will have to evaluate the filters.
1812
* As opposed to version 1.2, now they will be evaluated in the
1813
* filters order and not in the header order. This means that
1814
* each filter has to be validated among all headers.
1816
* We can now check whether we want to switch to another
1817
* backend, in which case we will re-check the backend's
1818
* filters and various options. In order to support 3-level
1819
* switching, here's how we should proceed :
1822
* if (switch) then switch ->be to the new backend.
1823
* b) run be if (be != fe).
1824
* There cannot be any switch from there, so ->be cannot be
1827
* => filters always apply to ->be, then ->be may change.
1829
* The response path will be able to apply either ->be, or
1830
* ->be then ->fe filters in order to match the reverse of
1831
* the forward sequence.
1835
struct acl_cond *cond;
1836
struct redirect_rule *rule;
1837
struct proxy *rule_set = s->be;
1840
/* first check whether we have some ACLs set to redirect this request */
1841
list_for_each_entry(rule, &cur_proxy->redirect_rules, list) {
1842
int ret = acl_exec_cond(rule->cond, cur_proxy, s, txn, ACL_DIR_REQ);
1844
ret = acl_pass(ret);
1845
if (rule->cond->pol == ACL_COND_UNLESS)
1849
struct chunk rdr = { trash, 0 };
1850
const char *msg_fmt;
1852
/* build redirect message */
1853
switch(rule->code) {
1855
rdr.len = strlen(HTTP_303);
1859
rdr.len = strlen(HTTP_301);
1864
rdr.len = strlen(HTTP_302);
1826
/* try headers filters */
1827
if (rule_set->req_exp != NULL) {
1828
if (apply_filters_to_request(t, req, rule_set->req_exp) < 0)
1869
if (unlikely(rdr.len > sizeof(trash)))
1829
1870
goto return_bad_req;
1832
if (!(t->flags & SN_BE_ASSIGNED) && (t->be != cur_proxy)) {
1833
/* to ensure correct connection accounting on
1834
* the backend, we count the connection for the
1835
* one managing the queue.
1838
if (t->be->beconn > t->be->beconn_max)
1839
t->be->beconn_max = t->be->beconn;
1840
t->be->cum_beconn++;
1841
t->flags |= SN_BE_ASSIGNED;
1844
/* has the request been denied ? */
1845
if (txn->flags & TX_CLDENY) {
1846
/* no need to go further */
1871
memcpy(rdr.str, msg_fmt, rdr.len);
1873
switch(rule->type) {
1874
case REDIRECT_TYPE_PREFIX: {
1878
path = http_get_path(txn);
1879
/* build message using path */
1881
pathlen = txn->req.sl.rq.u_l + (txn->req.sol+txn->req.sl.rq.u) - path;
1882
if (rule->flags & REDIRECT_FLAG_DROP_QS) {
1884
while (qs < pathlen) {
1885
if (path[qs] == '?') {
1897
if (rdr.len + rule->rdr_len + pathlen > sizeof(trash) - 4)
1898
goto return_bad_req;
1900
/* add prefix. Note that if prefix == "/", we don't want to
1901
* add anything, otherwise it makes it hard for the user to
1902
* configure a self-redirection.
1904
if (rule->rdr_len != 1 || *rule->rdr_str != '/') {
1905
memcpy(rdr.str + rdr.len, rule->rdr_str, rule->rdr_len);
1906
rdr.len += rule->rdr_len;
1910
memcpy(rdr.str + rdr.len, path, pathlen);
1914
case REDIRECT_TYPE_LOCATION:
1916
if (rdr.len + rule->rdr_len > sizeof(trash) - 4)
1917
goto return_bad_req;
1920
memcpy(rdr.str + rdr.len, rule->rdr_str, rule->rdr_len);
1921
rdr.len += rule->rdr_len;
1925
if (rule->cookie_len) {
1926
memcpy(rdr.str + rdr.len, "\r\nSet-Cookie: ", 14);
1928
memcpy(rdr.str + rdr.len, rule->cookie_str, rule->cookie_len);
1929
rdr.len += rule->cookie_len;
1930
memcpy(rdr.str + rdr.len, "\r\n", 2);
1934
/* add end of headers */
1935
memcpy(rdr.str + rdr.len, "\r\n\r\n", 4);
1938
txn->status = rule->code;
1939
/* let's log the request time */
1940
s->logs.tv_request = now;
1941
stream_int_retnclose(req->prod, &rdr);
1942
goto return_prx_cond;
1946
/* first check whether we have some ACLs set to block this request */
1947
list_for_each_entry(cond, &cur_proxy->block_cond, list) {
1948
int ret = acl_exec_cond(cond, cur_proxy, s, txn, ACL_DIR_REQ);
1950
ret = acl_pass(ret);
1951
if (cond->pol == ACL_COND_UNLESS)
1847
1955
txn->status = 403;
1848
1956
/* let's log the request time */
1849
t->logs.tv_request = now;
1850
client_retnclose(t, error_message(t, HTTP_ERR_403));
1957
s->logs.tv_request = now;
1958
stream_int_retnclose(req->prod, error_message(s, HTTP_ERR_403));
1851
1959
goto return_prx_cond;
1854
/* We might have to check for "Connection:" */
1855
if (((t->fe->options | t->be->options) & (PR_O_HTTP_CLOSE|PR_O_FORCE_CLO)) &&
1856
!(t->flags & SN_CONN_CLOSED)) {
1857
char *cur_ptr, *cur_end, *cur_next;
1858
int cur_idx, old_idx, delta, val;
1859
struct hdr_idx_elem *cur_hdr;
1861
cur_next = req->data + txn->req.som + hdr_idx_first_pos(&txn->hdr_idx);
1864
while ((cur_idx = txn->hdr_idx.v[old_idx].next)) {
1865
cur_hdr = &txn->hdr_idx.v[cur_idx];
1867
cur_end = cur_ptr + cur_hdr->len;
1868
cur_next = cur_end + cur_hdr->cr + 1;
1870
val = http_header_match2(cur_ptr, cur_end, "Connection", 10);
1872
/* 3 possibilities :
1873
* - we have already set Connection: close,
1874
* so we remove this line.
1875
* - we have not yet set Connection: close,
1876
* but this line indicates close. We leave
1877
* it untouched and set the flag.
1878
* - we have not yet set Connection: close,
1879
* and this line indicates non-close. We
1882
if (t->flags & SN_CONN_CLOSED) {
1883
delta = buffer_replace2(req, cur_ptr, cur_next, NULL, 0);
1884
txn->req.eoh += delta;
1886
txn->hdr_idx.v[old_idx].next = cur_hdr->next;
1887
txn->hdr_idx.used--;
1890
if (strncasecmp(cur_ptr + val, "close", 5) != 0) {
1891
delta = buffer_replace2(req, cur_ptr + val, cur_end,
1894
cur_hdr->len += delta;
1895
txn->req.eoh += delta;
1897
t->flags |= SN_CONN_CLOSED;
1903
/* add request headers from the rule sets in the same order */
1904
for (cur_idx = 0; cur_idx < rule_set->nb_reqadd; cur_idx++) {
1905
if (unlikely(http_header_add_tail(req,
1908
rule_set->req_add[cur_idx])) < 0)
1909
goto return_bad_req;
1912
/* check if stats URI was requested, and if an auth is needed */
1913
if (rule_set->uri_auth != NULL &&
1914
(txn->meth == HTTP_METH_GET || txn->meth == HTTP_METH_HEAD)) {
1915
/* we have to check the URI and auth for this request */
1916
if (stats_check_uri_auth(t, rule_set))
1920
/* now check whether we have some switching rules for this request */
1921
if (!(t->flags & SN_BE_ASSIGNED)) {
1922
struct switching_rule *rule;
1924
list_for_each_entry(rule, &cur_proxy->switching_rules, list) {
1927
ret = acl_exec_cond(rule->cond, cur_proxy, t, txn, ACL_DIR_REQ);
1928
if (rule->cond->pol == ACL_COND_UNLESS)
1932
t->be = rule->be.backend;
1934
if (t->be->beconn > t->be->beconn_max)
1935
t->be->beconn_max = t->be->beconn;
1936
t->be->cum_beconn++;
1938
/* assign new parameters to the session from the new backend */
1939
t->rep->rto = t->req->wto = t->be->timeout.server;
1940
t->req->cto = t->be->timeout.connect;
1941
t->conn_retries = t->be->conn_retries;
1942
t->flags |= SN_BE_ASSIGNED;
1948
if (!(t->flags & SN_BE_ASSIGNED) && cur_proxy->defbe.be) {
1949
/* No backend was set, but there was a default
1950
* backend set in the frontend, so we use it and
1953
t->be = cur_proxy->defbe.be;
1955
if (t->be->beconn > t->be->beconn_max)
1956
t->be->beconn_max = t->be->beconn;
1957
t->be->cum_beconn++;
1959
/* assign new parameters to the session from the new backend */
1960
t->rep->rto = t->req->wto = t->be->timeout.server;
1961
t->req->cto = t->be->timeout.connect;
1962
t->conn_retries = t->be->conn_retries;
1963
t->flags |= SN_BE_ASSIGNED;
1965
} while (t->be != cur_proxy); /* we loop only if t->be has changed */
1968
if (!(t->flags & SN_BE_ASSIGNED)) {
1969
/* To ensure correct connection accounting on
1963
/* try headers filters */
1964
if (rule_set->req_exp != NULL) {
1965
if (apply_filters_to_request(s, req, rule_set->req_exp) < 0)
1966
goto return_bad_req;
1969
if (!(s->flags & SN_BE_ASSIGNED) && (s->be != cur_proxy)) {
1970
/* to ensure correct connection accounting on
1970
1971
* the backend, we count the connection for the
1971
1972
* one managing the queue.
1974
if (t->be->beconn > t->be->beconn_max)
1975
t->be->beconn_max = t->be->beconn;
1976
t->be->cum_beconn++;
1977
t->flags |= SN_BE_ASSIGNED;
1981
* Right now, we know that we have processed the entire headers
1982
* and that unwanted requests have been filtered out. We can do
1983
* whatever we want with the remaining request. Also, now we
1984
* may have separate values for ->fe, ->be.
1988
* If HTTP PROXY is set we simply get remote server address
1989
* parsing incoming request.
1991
if ((t->be->options & PR_O_HTTP_PROXY) && !(t->flags & SN_ADDR_SET)) {
1992
url2sa(req->data + msg->sl.rq.u, msg->sl.rq.u_l, &t->srv_addr);
1996
* 7: the appsession cookie was looked up very early in 1.2,
1997
* so let's do the same now.
2000
/* It needs to look into the URI */
2001
if (t->be->appsession_name) {
2002
get_srv_from_appsession(t, &req->data[msg->som], msg->sl.rq.l);
2007
* 8: Now we can work with the cookies.
2008
* Note that doing so might move headers in the request, but
2009
* the fields will stay coherent and the URI will not move.
2010
* This should only be performed in the backend.
2012
if ((t->be->cookie_name || t->be->appsession_name || t->fe->capture_name)
2013
&& !(txn->flags & (TX_CLDENY|TX_CLTARPIT)))
2014
manage_client_side_cookies(t, req);
2018
* 9: add X-Forwarded-For if either the frontend or the backend
2021
if ((t->fe->options | t->be->options) & PR_O_FWDFOR) {
2022
if (t->cli_addr.ss_family == AF_INET) {
2023
/* Add an X-Forwarded-For header unless the source IP is
2024
* in the 'except' network range.
2026
if ((!t->fe->except_mask.s_addr ||
2027
(((struct sockaddr_in *)&t->cli_addr)->sin_addr.s_addr & t->fe->except_mask.s_addr)
2028
!= t->fe->except_net.s_addr) &&
2029
(!t->be->except_mask.s_addr ||
2030
(((struct sockaddr_in *)&t->cli_addr)->sin_addr.s_addr & t->be->except_mask.s_addr)
2031
!= t->be->except_net.s_addr)) {
2034
pn = (unsigned char *)&((struct sockaddr_in *)&t->cli_addr)->sin_addr;
2036
len = sprintf(trash, "X-Forwarded-For: %d.%d.%d.%d",
2037
pn[0], pn[1], pn[2], pn[3]);
2039
if (unlikely(http_header_add_tail2(req, &txn->req,
2040
&txn->hdr_idx, trash, len)) < 0)
2041
goto return_bad_req;
2044
else if (t->cli_addr.ss_family == AF_INET6) {
2045
/* FIXME: for the sake of completeness, we should also support
2046
* 'except' here, although it is mostly useless in this case.
2049
char pn[INET6_ADDRSTRLEN];
2051
(const void *)&((struct sockaddr_in6 *)(&t->cli_addr))->sin6_addr,
2053
len = sprintf(trash, "X-Forwarded-For: %s", pn);
2054
if (unlikely(http_header_add_tail2(req, &txn->req,
2055
&txn->hdr_idx, trash, len)) < 0)
2056
goto return_bad_req;
2061
* 10: add "Connection: close" if needed and not yet set.
2062
* Note that we do not need to add it in case of HTTP/1.0.
2064
if (!(t->flags & SN_CONN_CLOSED) &&
2065
((t->fe->options | t->be->options) & (PR_O_HTTP_CLOSE|PR_O_FORCE_CLO))) {
2066
if ((unlikely(msg->sl.rq.v_l != 8) ||
2067
unlikely(req->data[msg->som + msg->sl.rq.v + 7] != '0')) &&
2068
unlikely(http_header_add_tail2(req, &txn->req, &txn->hdr_idx,
2069
"Connection: close", 17)) < 0)
2070
goto return_bad_req;
2071
t->flags |= SN_CONN_CLOSED;
2073
/* Before we switch to data, was assignment set in manage_client_side_cookie?
2074
* If not assigned, perhaps we are balancing on url_param, but this is a
2075
* POST; and the parameters are in the body, maybe scan there to find our server.
2076
* (unless headers overflowed the buffer?)
2078
if (!(t->flags & (SN_ASSIGNED|SN_DIRECT)) &&
2079
t->txn.meth == HTTP_METH_POST && t->be->url_param_name != NULL &&
2080
t->be->url_param_post_limit != 0 && req->l < BUFSIZE &&
2081
memchr(msg->sol + msg->sl.rq.u, '?', msg->sl.rq.u_l) == NULL) {
2082
/* are there enough bytes here? total == l || r || rlim ?
2083
* len is unsigned, but eoh is int,
2084
* how many bytes of body have we received?
2085
* eoh is the first empty line of the header
2087
/* already established CRLF or LF at eoh, move to start of message, find message length in buffer */
2088
unsigned long len = req->l - (msg->sol[msg->eoh] == '\r' ? msg->eoh + 2 : msg->eoh + 1);
2090
/* If we have HTTP/1.1 and Expect: 100-continue, then abort.
2091
* We can't assume responsibility for the server's decision,
2092
* on this URI and header set. See rfc2616: 14.20, 8.2.3,
2093
* We also can't change our mind later, about which server to choose, so round robin.
2095
if ((likely(msg->sl.rq.v_l == 8) && req->data[msg->som + msg->sl.rq.v + 7] == '1')) {
2098
/* Expect is allowed in 1.1, look for it */
2099
http_find_header2("Expect", 6, msg->sol, &txn->hdr_idx, &ctx);
2101
unlikely(ctx.vlen == 12 && strncasecmp(ctx.line+ctx.val,"100-continue",12)==0))
2102
/* We can't reliablly stall and wait for data, because of
2103
* .NET clients that don't conform to rfc2616; so, no need for
2104
* the next block to check length expectations.
2105
* We could send 100 status back to the client, but then we need to
2106
* re-write headers, and send the message. And this isn't the right
2107
* place for that action.
2108
* TODO: support Expect elsewhere and delete this block.
1975
if (s->be->beconn > s->be->beconn_max)
1976
s->be->beconn_max = s->be->beconn;
1977
proxy_inc_be_ctr(s->be);
1978
s->flags |= SN_BE_ASSIGNED;
1981
/* has the request been denied ? */
1982
if (txn->flags & TX_CLDENY) {
1983
/* no need to go further */
1985
/* let's log the request time */
1986
s->logs.tv_request = now;
1987
stream_int_retnclose(req->prod, error_message(s, HTTP_ERR_403));
1988
goto return_prx_cond;
1991
/* We might have to check for "Connection:" */
1992
if (((s->fe->options | s->be->options) & (PR_O_HTTP_CLOSE|PR_O_FORCE_CLO)) &&
1993
!(s->flags & SN_CONN_CLOSED)) {
1994
char *cur_ptr, *cur_end, *cur_next;
1995
int cur_idx, old_idx, delta, val;
1996
struct hdr_idx_elem *cur_hdr;
1998
cur_next = req->data + txn->req.som + hdr_idx_first_pos(&txn->hdr_idx);
2001
while ((cur_idx = txn->hdr_idx.v[old_idx].next)) {
2002
cur_hdr = &txn->hdr_idx.v[cur_idx];
2004
cur_end = cur_ptr + cur_hdr->len;
2005
cur_next = cur_end + cur_hdr->cr + 1;
2007
val = http_header_match2(cur_ptr, cur_end, "Connection", 10);
2009
/* 3 possibilities :
2010
* - we have already set Connection: close,
2011
* so we remove this line.
2012
* - we have not yet set Connection: close,
2013
* but this line indicates close. We leave
2014
* it untouched and set the flag.
2015
* - we have not yet set Connection: close,
2016
* and this line indicates non-close. We
2110
goto end_check_maybe_wait_for_body;
2112
if ( likely(len > t->be->url_param_post_limit) ) {
2113
/* nothing to do, we got enough */
2115
/* limit implies we are supposed to need this many bytes
2116
* to find the parameter. Let's see how many bytes we can wait for.
2118
long long hint = len;
2121
http_find_header2("Transfer-Encoding", 17, msg->sol, &txn->hdr_idx, &ctx);
2122
if (unlikely(ctx.idx && strncasecmp(ctx.line+ctx.val,"chunked",7)==0)) {
2123
t->srv_state = SV_STANALYZE;
2126
http_find_header2("Content-Length", 14, msg->sol, &txn->hdr_idx, &ctx);
2127
/* now if we have a length, we'll take the hint */
2129
/* We have Content-Length */
2130
if ( strl2llrc(ctx.line+ctx.val,ctx.vlen, &hint) )
2131
hint = 0; /* parse failure, untrusted client */
2134
msg->hdr_content_len = hint;
2136
hint = 0; /* bad client, sent negative length */
2019
if (s->flags & SN_CONN_CLOSED) {
2020
delta = buffer_replace2(req, cur_ptr, cur_next, NULL, 0);
2021
txn->req.eoh += delta;
2023
txn->hdr_idx.v[old_idx].next = cur_hdr->next;
2024
txn->hdr_idx.used--;
2027
if (strncasecmp(cur_ptr + val, "close", 5) != 0) {
2028
delta = buffer_replace2(req, cur_ptr + val, cur_end,
2031
cur_hdr->len += delta;
2032
txn->req.eoh += delta;
2139
/* but limited to what we care about, maybe we don't expect any entity data (hint == 0) */
2140
if ( t->be->url_param_post_limit < hint )
2141
hint = t->be->url_param_post_limit;
2142
/* now do we really need to buffer more data? */
2144
t->srv_state = SV_STANALYZE;
2145
/* else... There are no body bytes to wait for */
2149
end_check_maybe_wait_for_body:
2151
/*************************************************************
2152
* OK, that's finished for the headers. We have done what we *
2153
* could. Let's switch to the DATA state. *
2154
************************************************************/
2156
t->cli_state = CL_STDATA;
2157
req->rlim = req->data + BUFSIZE; /* no more rewrite needed */
2159
t->logs.tv_request = now;
2161
if (!tv_isset(&t->fe->timeout.client) ||
2162
(t->srv_state < SV_STDATA && tv_isset(&t->be->timeout.server))) {
2163
/* If the client has no timeout, or if the server is not ready yet,
2164
* and we know for sure that it can expire, then it's cleaner to
2165
* disable the timeout on the client side so that too low values
2166
* cannot make the sessions abort too early.
2168
* FIXME-20050705: the server needs a way to re-enable this time-out
2169
* when it switches its state, otherwise a client can stay connected
2170
* indefinitely. This now seems to be OK.
2172
tv_eternity(&req->rex);
2175
/* When a connection is tarpitted, we use the tarpit timeout,
2176
* which may be the same as the connect timeout if unspecified.
2177
* If unset, then set it to zero because we really want it to
2178
* eventually expire.
2180
if (txn->flags & TX_CLTARPIT) {
2182
/* flush the request so that we can drop the connection early
2183
* if the client closes first.
2185
if (!tv_add_ifset(&req->cex, &now, &t->be->timeout.tarpit))
2189
/* OK let's go on with the BODY now */
2192
return_bad_req: /* let's centralize all bad requests */
2193
txn->req.msg_state = HTTP_MSG_ERROR;
2195
client_retnclose(t, error_message(t, HTTP_ERR_400));
2196
t->fe->failed_req++;
2198
if (!(t->flags & SN_ERR_MASK))
2199
t->flags |= SN_ERR_PRXCOND;
2200
if (!(t->flags & SN_FINST_MASK))
2201
t->flags |= SN_FINST_R;
2034
s->flags |= SN_CONN_CLOSED;
2040
/* add request headers from the rule sets in the same order */
2041
for (cur_idx = 0; cur_idx < rule_set->nb_reqadd; cur_idx++) {
2042
if (unlikely(http_header_add_tail(req,
2045
rule_set->req_add[cur_idx])) < 0)
2046
goto return_bad_req;
2049
/* check if stats URI was requested, and if an auth is needed */
2050
if (rule_set->uri_auth != NULL &&
2051
(txn->meth == HTTP_METH_GET || txn->meth == HTTP_METH_HEAD)) {
2052
/* we have to check the URI and auth for this request.
2053
* FIXME!!! that one is rather dangerous, we want to
2054
* make it follow standard rules (eg: clear req->analysers).
2056
if (stats_check_uri_auth(s, rule_set)) {
2062
/* now check whether we have some switching rules for this request */
2063
if (!(s->flags & SN_BE_ASSIGNED)) {
2064
struct switching_rule *rule;
2066
list_for_each_entry(rule, &cur_proxy->switching_rules, list) {
2069
ret = acl_exec_cond(rule->cond, cur_proxy, s, txn, ACL_DIR_REQ);
2071
ret = acl_pass(ret);
2072
if (rule->cond->pol == ACL_COND_UNLESS)
2076
s->be = rule->be.backend;
2078
if (s->be->beconn > s->be->beconn_max)
2079
s->be->beconn_max = s->be->beconn;
2080
proxy_inc_be_ctr(s->be);
2082
/* assign new parameters to the session from the new backend */
2083
s->rep->rto = s->req->wto = s->be->timeout.server;
2084
s->req->cto = s->be->timeout.connect;
2085
s->conn_retries = s->be->conn_retries;
2086
if (s->be->options2 & PR_O2_RSPBUG_OK)
2087
s->txn.rsp.err_pos = -1; /* let buggy responses pass */
2088
s->flags |= SN_BE_ASSIGNED;
2094
if (!(s->flags & SN_BE_ASSIGNED) && cur_proxy->defbe.be) {
2095
/* No backend was set, but there was a default
2096
* backend set in the frontend, so we use it and
2099
s->be = cur_proxy->defbe.be;
2101
if (s->be->beconn > s->be->beconn_max)
2102
s->be->beconn_max = s->be->beconn;
2103
proxy_inc_be_ctr(s->be);
2105
/* assign new parameters to the session from the new backend */
2106
s->rep->rto = s->req->wto = s->be->timeout.server;
2107
s->req->cto = s->be->timeout.connect;
2108
s->conn_retries = s->be->conn_retries;
2109
if (s->be->options2 & PR_O2_RSPBUG_OK)
2110
s->txn.rsp.err_pos = -1; /* let buggy responses pass */
2111
s->flags |= SN_BE_ASSIGNED;
2113
} while (s->be != cur_proxy); /* we loop only if s->be has changed */
2115
if (!(s->flags & SN_BE_ASSIGNED)) {
2116
/* To ensure correct connection accounting on
2117
* the backend, we count the connection for the
2118
* one managing the queue.
2121
if (s->be->beconn > s->be->beconn_max)
2122
s->be->beconn_max = s->be->beconn;
2123
proxy_inc_be_ctr(s->be);
2124
s->flags |= SN_BE_ASSIGNED;
2128
* Right now, we know that we have processed the entire headers
2129
* and that unwanted requests have been filtered out. We can do
2130
* whatever we want with the remaining request. Also, now we
2131
* may have separate values for ->fe, ->be.
2135
* If HTTP PROXY is set we simply get remote server address
2136
* parsing incoming request.
2138
if ((s->be->options & PR_O_HTTP_PROXY) && !(s->flags & SN_ADDR_SET)) {
2139
url2sa(req->data + msg->sl.rq.u, msg->sl.rq.u_l, &s->srv_addr);
2143
* 7: the appsession cookie was looked up very early in 1.2,
2144
* so let's do the same now.
2147
/* It needs to look into the URI */
2148
if (s->be->appsession_name) {
2149
get_srv_from_appsession(s, &req->data[msg->som], msg->sl.rq.l);
2153
* 8: Now we can work with the cookies.
2154
* Note that doing so might move headers in the request, but
2155
* the fields will stay coherent and the URI will not move.
2156
* This should only be performed in the backend.
2158
if ((s->be->cookie_name || s->be->appsession_name || s->fe->capture_name)
2159
&& !(txn->flags & (TX_CLDENY|TX_CLTARPIT)))
2160
manage_client_side_cookies(s, req);
2163
* 9: add X-Forwarded-For if either the frontend or the backend
2166
if ((s->fe->options | s->be->options) & PR_O_FWDFOR) {
2167
if (s->cli_addr.ss_family == AF_INET) {
2168
/* Add an X-Forwarded-For header unless the source IP is
2169
* in the 'except' network range.
2171
if ((!s->fe->except_mask.s_addr ||
2172
(((struct sockaddr_in *)&s->cli_addr)->sin_addr.s_addr & s->fe->except_mask.s_addr)
2173
!= s->fe->except_net.s_addr) &&
2174
(!s->be->except_mask.s_addr ||
2175
(((struct sockaddr_in *)&s->cli_addr)->sin_addr.s_addr & s->be->except_mask.s_addr)
2176
!= s->be->except_net.s_addr)) {
2179
pn = (unsigned char *)&((struct sockaddr_in *)&s->cli_addr)->sin_addr;
2181
/* Note: we rely on the backend to get the header name to be used for
2182
* x-forwarded-for, because the header is really meant for the backends.
2183
* However, if the backend did not specify any option, we have to rely
2184
* on the frontend's header name.
2186
if (s->be->fwdfor_hdr_len) {
2187
len = s->be->fwdfor_hdr_len;
2188
memcpy(trash, s->be->fwdfor_hdr_name, len);
2190
len = s->fe->fwdfor_hdr_len;
2191
memcpy(trash, s->fe->fwdfor_hdr_name, len);
2193
len += sprintf(trash + len, ": %d.%d.%d.%d", pn[0], pn[1], pn[2], pn[3]);
2195
if (unlikely(http_header_add_tail2(req, &txn->req,
2196
&txn->hdr_idx, trash, len)) < 0)
2197
goto return_bad_req;
2200
else if (s->cli_addr.ss_family == AF_INET6) {
2201
/* FIXME: for the sake of completeness, we should also support
2202
* 'except' here, although it is mostly useless in this case.
2205
char pn[INET6_ADDRSTRLEN];
2207
(const void *)&((struct sockaddr_in6 *)(&s->cli_addr))->sin6_addr,
2210
/* Note: we rely on the backend to get the header name to be used for
2211
* x-forwarded-for, because the header is really meant for the backends.
2212
* However, if the backend did not specify any option, we have to rely
2213
* on the frontend's header name.
2215
if (s->be->fwdfor_hdr_len) {
2216
len = s->be->fwdfor_hdr_len;
2217
memcpy(trash, s->be->fwdfor_hdr_name, len);
2219
len = s->fe->fwdfor_hdr_len;
2220
memcpy(trash, s->fe->fwdfor_hdr_name, len);
2222
len += sprintf(trash + len, ": %s", pn);
2224
if (unlikely(http_header_add_tail2(req, &txn->req,
2225
&txn->hdr_idx, trash, len)) < 0)
2226
goto return_bad_req;
2231
* 10: add X-Original-To if either the frontend or the backend
2234
if ((s->fe->options | s->be->options) & PR_O_ORGTO) {
2236
/* FIXME: don't know if IPv6 can handle that case too. */
2237
if (s->cli_addr.ss_family == AF_INET) {
2238
/* Add an X-Original-To header unless the destination IP is
2239
* in the 'except' network range.
2241
if (!(s->flags & SN_FRT_ADDR_SET))
2244
if ((!s->fe->except_mask_to.s_addr ||
2245
(((struct sockaddr_in *)&s->frt_addr)->sin_addr.s_addr & s->fe->except_mask_to.s_addr)
2246
!= s->fe->except_to.s_addr) &&
2247
(!s->be->except_mask_to.s_addr ||
2248
(((struct sockaddr_in *)&s->frt_addr)->sin_addr.s_addr & s->be->except_mask_to.s_addr)
2249
!= s->be->except_to.s_addr)) {
2252
pn = (unsigned char *)&((struct sockaddr_in *)&s->frt_addr)->sin_addr;
2254
/* Note: we rely on the backend to get the header name to be used for
2255
* x-original-to, because the header is really meant for the backends.
2256
* However, if the backend did not specify any option, we have to rely
2257
* on the frontend's header name.
2259
if (s->be->orgto_hdr_len) {
2260
len = s->be->orgto_hdr_len;
2261
memcpy(trash, s->be->orgto_hdr_name, len);
2263
len = s->fe->orgto_hdr_len;
2264
memcpy(trash, s->fe->orgto_hdr_name, len);
2266
len += sprintf(trash + len, ": %d.%d.%d.%d", pn[0], pn[1], pn[2], pn[3]);
2268
if (unlikely(http_header_add_tail2(req, &txn->req,
2269
&txn->hdr_idx, trash, len)) < 0)
2270
goto return_bad_req;
2276
* 11: add "Connection: close" if needed and not yet set.
2277
* Note that we do not need to add it in case of HTTP/1.0.
2279
if (!(s->flags & SN_CONN_CLOSED) &&
2280
((s->fe->options | s->be->options) & (PR_O_HTTP_CLOSE|PR_O_FORCE_CLO))) {
2281
if ((unlikely(msg->sl.rq.v_l != 8) ||
2282
unlikely(req->data[msg->som + msg->sl.rq.v + 7] != '0')) &&
2283
unlikely(http_header_add_tail2(req, &txn->req, &txn->hdr_idx,
2284
"Connection: close", 17)) < 0)
2285
goto return_bad_req;
2286
s->flags |= SN_CONN_CLOSED;
2288
/* Before we switch to data, was assignment set in manage_client_side_cookie?
2289
* If not assigned, perhaps we are balancing on url_param, but this is a
2290
* POST; and the parameters are in the body, maybe scan there to find our server.
2291
* (unless headers overflowed the buffer?)
2293
if (!(s->flags & (SN_ASSIGNED|SN_DIRECT)) &&
2294
s->txn.meth == HTTP_METH_POST && s->be->url_param_name != NULL &&
2295
s->be->url_param_post_limit != 0 && !(req->flags & BF_FULL) &&
2296
memchr(msg->sol + msg->sl.rq.u, '?', msg->sl.rq.u_l) == NULL) {
2297
/* are there enough bytes here? total == l || r || rlim ?
2298
* len is unsigned, but eoh is int,
2299
* how many bytes of body have we received?
2300
* eoh is the first empty line of the header
2302
/* already established CRLF or LF at eoh, move to start of message, find message length in buffer */
2303
unsigned long len = req->l - (msg->sol[msg->eoh] == '\r' ? msg->eoh + 2 : msg->eoh + 1);
2305
/* If we have HTTP/1.1 and Expect: 100-continue, then abort.
2306
* We can't assume responsibility for the server's decision,
2307
* on this URI and header set. See rfc2616: 14.20, 8.2.3,
2308
* We also can't change our mind later, about which server to choose, so round robin.
2310
if ((likely(msg->sl.rq.v_l == 8) && req->data[msg->som + msg->sl.rq.v + 7] == '1')) {
2313
/* Expect is allowed in 1.1, look for it */
2314
http_find_header2("Expect", 6, msg->sol, &txn->hdr_idx, &ctx);
2316
unlikely(ctx.vlen == 12 && strncasecmp(ctx.line+ctx.val, "100-continue", 12) == 0))
2317
/* We can't reliablly stall and wait for data, because of
2318
* .NET clients that don't conform to rfc2616; so, no need for
2319
* the next block to check length expectations.
2320
* We could send 100 status back to the client, but then we need to
2321
* re-write headers, and send the message. And this isn't the right
2322
* place for that action.
2323
* TODO: support Expect elsewhere and delete this block.
2325
goto end_check_maybe_wait_for_body;
2328
if (likely(len > s->be->url_param_post_limit)) {
2329
/* nothing to do, we got enough */
2331
/* limit implies we are supposed to need this many bytes
2332
* to find the parameter. Let's see how many bytes we can wait for.
2334
long long hint = len;
2337
http_find_header2("Transfer-Encoding", 17, msg->sol, &txn->hdr_idx, &ctx);
2338
if (ctx.idx && ctx.vlen >= 7 && strncasecmp(ctx.line+ctx.val, "chunked", 7) == 0) {
2339
buffer_write_dis(req);
2340
req->analysers |= AN_REQ_HTTP_BODY;
2344
http_find_header2("Content-Length", 14, msg->sol, &txn->hdr_idx, &ctx);
2345
/* now if we have a length, we'll take the hint */
2347
/* We have Content-Length */
2348
if (strl2llrc(ctx.line+ctx.val,ctx.vlen, &hint))
2349
hint = 0; /* parse failure, untrusted client */
2352
msg->hdr_content_len = hint;
2354
hint = 0; /* bad client, sent negative length */
2357
/* but limited to what we care about, maybe we don't expect any entity data (hint == 0) */
2358
if (s->be->url_param_post_limit < hint)
2359
hint = s->be->url_param_post_limit;
2360
/* now do we really need to buffer more data? */
2362
buffer_write_dis(req);
2363
req->analysers |= AN_REQ_HTTP_BODY;
2365
/* else... There are no body bytes to wait for */
2369
end_check_maybe_wait_for_body:
2371
/*************************************************************
2372
* OK, that's finished for the headers. We have done what we *
2373
* could. Let's switch to the DATA state. *
2374
************************************************************/
2376
buffer_set_rlim(req, BUFSIZE); /* no more rewrite needed */
2377
s->logs.tv_request = now;
2379
/* When a connection is tarpitted, we use the tarpit timeout,
2380
* which may be the same as the connect timeout if unspecified.
2381
* If unset, then set it to zero because we really want it to
2382
* eventually expire. We build the tarpit as an analyser.
2384
if (txn->flags & TX_CLTARPIT) {
2385
buffer_erase(s->req);
2386
/* wipe the request out so that we can drop the connection early
2387
* if the client closes first.
2389
buffer_write_dis(req);
2390
req->analysers |= AN_REQ_HTTP_TARPIT;
2391
req->analyse_exp = tick_add_ifset(now_ms, s->be->timeout.tarpit);
2392
if (!req->analyse_exp)
2393
req->analyse_exp = tick_add(now_ms, 0);
2396
/* OK let's go on with the BODY now */
2399
return_bad_req: /* let's centralize all bad requests */
2400
if (unlikely(msg->msg_state == HTTP_MSG_ERROR) || msg->err_pos >= 0) {
2401
/* we detected a parsing error. We want to archive this request
2402
* in the dedicated proxy area for later troubleshooting.
2404
http_capture_bad_message(&s->fe->invalid_req, s, req, msg, s->fe);
2407
txn->req.msg_state = HTTP_MSG_ERROR;
2410
stream_int_retnclose(req->prod, error_message(s, HTTP_ERR_400));
2411
s->fe->failed_req++;
2414
if (!(s->flags & SN_ERR_MASK))
2415
s->flags |= SN_ERR_PRXCOND;
2416
if (!(s->flags & SN_FINST_MASK))
2417
s->flags |= SN_FINST_R;
2421
/* This function is an analyser which processes the HTTP tarpit. It always
2422
* returns zero, at the beginning because it prevents any other processing
2423
* from occurring, and at the end because it terminates the request.
2425
int http_process_tarpit(struct session *s, struct buffer *req)
2427
struct http_txn *txn = &s->txn;
2429
/* This connection is being tarpitted. The CLIENT side has
2430
* already set the connect expiration date to the right
2431
* timeout. We just have to check that the client is still
2432
* there and that the timeout has not expired.
2434
if ((req->flags & (BF_SHUTR|BF_READ_ERROR)) == 0 &&
2435
!tick_is_expired(req->analyse_exp, now_ms))
2438
/* We will set the queue timer to the time spent, just for
2439
* logging purposes. We fake a 500 server error, so that the
2440
* attacker will not suspect his connection has been tarpitted.
2441
* It will not cause trouble to the logs because we can exclude
2442
* the tarpitted connections by filtering on the 'PT' status flags.
2444
s->logs.t_queue = tv_ms_elapsed(&s->logs.tv_accept, &now);
2447
if (req->flags != BF_READ_ERROR)
2448
stream_int_retnclose(req->prod, error_message(s, HTTP_ERR_500));
2451
req->analyse_exp = TICK_ETERNITY;
2453
s->fe->failed_req++;
2454
if (!(s->flags & SN_ERR_MASK))
2455
s->flags |= SN_ERR_PRXCOND;
2456
if (!(s->flags & SN_FINST_MASK))
2457
s->flags |= SN_FINST_T;
2461
/* This function is an analyser which processes the HTTP request body. It looks
2462
* for parameters to be used for the load balancing algorithm (url_param). It
2463
* must only be called after the standard HTTP request processing has occurred,
2464
* because it expects the request to be parsed. It returns zero if it needs to
2465
* read more data, or 1 once it has completed its analysis.
2467
int http_process_request_body(struct session *s, struct buffer *req)
2469
struct http_msg *msg = &s->txn.req;
2470
unsigned long body = msg->sol[msg->eoh] == '\r' ? msg->eoh + 2 : msg->eoh + 1;
2471
long long limit = s->be->url_param_post_limit;
2474
/* We have to parse the HTTP request body to find any required data.
2475
* "balance url_param check_post" should have been the only way to get
2476
* into this. We were brought here after HTTP header analysis, so all
2477
* related structures are ready.
2482
/* now if we have a length, we'll take the hint */
2483
http_find_header2("Transfer-Encoding", 17, msg->sol, &s->txn.hdr_idx, &ctx);
2484
if (ctx.idx && ctx.vlen >= 7 && strncasecmp(ctx.line+ctx.val, "chunked", 7) == 0) {
2485
unsigned int chunk = 0;
2486
while (body < req->l && !HTTP_IS_CRLF(msg->sol[body])) {
2487
char c = msg->sol[body];
2489
unsigned int hex = toupper(c) - '0';
2491
hex -= 'A' - '9' - 1;
2492
chunk = (chunk << 4) | hex;
2497
if (body + 2 >= req->l) /* we want CRLF too */
2498
goto http_body_end; /* end of buffer? data missing! */
2500
if (memcmp(msg->sol+body, "\r\n", 2) != 0)
2501
goto http_body_end; /* chunked encoding len ends with CRLF, and we don't have it yet */
2503
body += 2; // skip CRLF
2505
/* if we support more then one chunk here, we have to do it again when assigning server
2506
* 1. how much entity data do we have? new var
2507
* 2. should save entity_start, entity_cursor, elen & rlen in req; so we don't repeat scanning here
2508
* 3. test if elen > limit, or set new limit to elen if 0 (end of entity found)
2512
limit = chunk; /* only reading one chunk */
2514
if (msg->hdr_content_len < limit)
2515
limit = msg->hdr_content_len;
2519
/* we leave once we know we have nothing left to do. This means that we have
2520
* enough bytes, or that we know we'll not get any more (buffer full, read
2523
if (req->l - body >= limit || /* enough bytes! */
2524
req->flags & (BF_FULL | BF_READ_ERROR | BF_SHUTR | BF_READ_TIMEOUT) ||
2525
tick_is_expired(req->analyse_exp, now_ms)) {
2526
/* The situation will not evolve, so let's give up on the analysis. */
2527
s->logs.tv_request = now; /* update the request timer to reflect full request */
2528
req->analysers &= ~AN_REQ_HTTP_BODY;
2529
req->analyse_exp = TICK_ETERNITY;
2205
else if (c == CL_STDATA) {
2207
/* FIXME: this error handling is partly buggy because we always report
2208
* a 'DATA' phase while we don't know if the server was in IDLE, CONN
2209
* or HEADER phase. BTW, it's not logical to expire the client while
2210
* we're waiting for the server to connect.
2533
/* Not enough data. We'll re-use the http-request
2534
* timeout here. Ideally, we should set the timeout
2535
* relative to the accept() date. We just set the
2536
* request timeout once at the beginning of the
2212
/* read or write error */
2213
if (rep->flags & BF_WRITE_ERROR || req->flags & BF_READ_ERROR) {
2216
fd_delete(t->cli_fd);
2217
t->cli_state = CL_STCLOSE;
2218
if (!(t->flags & SN_ERR_MASK))
2219
t->flags |= SN_ERR_CLICL;
2220
if (!(t->flags & SN_FINST_MASK)) {
2222
t->flags |= SN_FINST_Q;
2223
else if (s == SV_STCONN)
2224
t->flags |= SN_FINST_C;
2226
t->flags |= SN_FINST_D;
2230
/* last read, or end of server write */
2231
else if (req->flags & BF_READ_NULL || s == SV_STSHUTW || s == SV_STCLOSE) {
2232
EV_FD_CLR(t->cli_fd, DIR_RD);
2234
t->cli_state = CL_STSHUTR;
2237
/* last server read and buffer empty */
2238
else if ((s == SV_STSHUTR || s == SV_STCLOSE) && (rep->l == 0)) {
2239
EV_FD_CLR(t->cli_fd, DIR_WR);
2241
shutdown(t->cli_fd, SHUT_WR);
2242
/* We must ensure that the read part is still alive when switching
2244
EV_FD_SET(t->cli_fd, DIR_RD);
2245
tv_add_ifset(&req->rex, &now, &t->fe->timeout.client);
2246
t->cli_state = CL_STSHUTW;
2247
//fprintf(stderr,"%p:%s(%d), c=%d, s=%d\n", t, __FUNCTION__, __LINE__, t->cli_state, t->cli_state);
2251
else if (tv_isle(&req->rex, &now)) {
2252
EV_FD_CLR(t->cli_fd, DIR_RD);
2254
t->cli_state = CL_STSHUTR;
2255
if (!(t->flags & SN_ERR_MASK))
2256
t->flags |= SN_ERR_CLITO;
2257
if (!(t->flags & SN_FINST_MASK)) {
2259
t->flags |= SN_FINST_Q;
2260
else if (s == SV_STCONN)
2261
t->flags |= SN_FINST_C;
2263
t->flags |= SN_FINST_D;
2268
else if (tv_isle(&rep->wex, &now)) {
2269
EV_FD_CLR(t->cli_fd, DIR_WR);
2271
shutdown(t->cli_fd, SHUT_WR);
2272
/* We must ensure that the read part is still alive when switching
2274
EV_FD_SET(t->cli_fd, DIR_RD);
2275
tv_add_ifset(&req->rex, &now, &t->fe->timeout.client);
2277
t->cli_state = CL_STSHUTW;
2278
if (!(t->flags & SN_ERR_MASK))
2279
t->flags |= SN_ERR_CLITO;
2280
if (!(t->flags & SN_FINST_MASK)) {
2282
t->flags |= SN_FINST_Q;
2283
else if (s == SV_STCONN)
2284
t->flags |= SN_FINST_C;
2286
t->flags |= SN_FINST_D;
2291
if (req->l >= req->rlim - req->data) {
2292
/* no room to read more data */
2293
if (EV_FD_COND_C(t->cli_fd, DIR_RD)) {
2294
/* stop reading until we get some space */
2295
tv_eternity(&req->rex);
2298
/* there's still some space in the buffer */
2299
if (EV_FD_COND_S(t->cli_fd, DIR_RD)) {
2300
if (!tv_isset(&t->fe->timeout.client) ||
2301
(t->srv_state < SV_STDATA && tv_isset(&t->be->timeout.server)))
2302
/* If the client has no timeout, or if the server not ready yet, and we
2303
* know for sure that it can expire, then it's cleaner to disable the
2304
* timeout on the client side so that too low values cannot make the
2305
* sessions abort too early.
2307
tv_eternity(&req->rex);
2309
tv_add(&req->rex, &now, &t->fe->timeout.client);
2313
if ((rep->l == 0) ||
2314
((s < SV_STDATA) /* FIXME: this may be optimized && (rep->w == rep->h)*/)) {
2315
if (EV_FD_COND_C(t->cli_fd, DIR_WR)) {
2317
tv_eternity(&rep->wex);
2320
/* buffer not empty */
2321
if (EV_FD_COND_S(t->cli_fd, DIR_WR)) {
2322
/* restart writing */
2323
if (tv_add_ifset(&rep->wex, &now, &t->fe->timeout.client)) {
2324
/* FIXME: to prevent the client from expiring read timeouts during writes,
2326
req->rex = rep->wex;
2329
tv_eternity(&rep->wex);
2332
return 0; /* other cases change nothing */
2334
else if (c == CL_STSHUTR) {
2335
if (rep->flags & BF_WRITE_ERROR) {
2337
fd_delete(t->cli_fd);
2338
t->cli_state = CL_STCLOSE;
2339
if (!(t->flags & SN_ERR_MASK))
2340
t->flags |= SN_ERR_CLICL;
2341
if (!(t->flags & SN_FINST_MASK)) {
2343
t->flags |= SN_FINST_Q;
2344
else if (s == SV_STCONN)
2345
t->flags |= SN_FINST_C;
2347
t->flags |= SN_FINST_D;
2351
else if ((s == SV_STSHUTR || s == SV_STCLOSE) && (rep->l == 0)
2352
&& !(t->flags & SN_SELF_GEN)) {
2354
fd_delete(t->cli_fd);
2355
t->cli_state = CL_STCLOSE;
2358
else if (tv_isle(&rep->wex, &now)) {
2360
fd_delete(t->cli_fd);
2361
t->cli_state = CL_STCLOSE;
2362
if (!(t->flags & SN_ERR_MASK))
2363
t->flags |= SN_ERR_CLITO;
2364
if (!(t->flags & SN_FINST_MASK)) {
2366
t->flags |= SN_FINST_Q;
2367
else if (s == SV_STCONN)
2368
t->flags |= SN_FINST_C;
2370
t->flags |= SN_FINST_D;
2375
if (t->flags & SN_SELF_GEN) {
2379
fd_delete(t->cli_fd);
2380
t->cli_state = CL_STCLOSE;
2386
|| ((s == SV_STHEADERS) /* FIXME: this may be optimized && (rep->w == rep->h)*/)) {
2387
if (EV_FD_COND_C(t->cli_fd, DIR_WR)) {
2389
tv_eternity(&rep->wex);
2392
/* buffer not empty */
2393
if (EV_FD_COND_S(t->cli_fd, DIR_WR)) {
2394
/* restart writing */
2395
if (!tv_add_ifset(&rep->wex, &now, &t->fe->timeout.client))
2396
tv_eternity(&rep->wex);
2401
else if (c == CL_STSHUTW) {
2402
if (req->flags & BF_READ_ERROR) {
2404
fd_delete(t->cli_fd);
2405
t->cli_state = CL_STCLOSE;
2406
if (!(t->flags & SN_ERR_MASK))
2407
t->flags |= SN_ERR_CLICL;
2408
if (!(t->flags & SN_FINST_MASK)) {
2410
t->flags |= SN_FINST_Q;
2411
else if (s == SV_STCONN)
2412
t->flags |= SN_FINST_C;
2414
t->flags |= SN_FINST_D;
2418
else if (req->flags & BF_READ_NULL || s == SV_STSHUTW || s == SV_STCLOSE) {
2420
fd_delete(t->cli_fd);
2421
t->cli_state = CL_STCLOSE;
2424
else if (tv_isle(&req->rex, &now)) {
2426
fd_delete(t->cli_fd);
2427
t->cli_state = CL_STCLOSE;
2428
if (!(t->flags & SN_ERR_MASK))
2429
t->flags |= SN_ERR_CLITO;
2430
if (!(t->flags & SN_FINST_MASK)) {
2432
t->flags |= SN_FINST_Q;
2433
else if (s == SV_STCONN)
2434
t->flags |= SN_FINST_C;
2436
t->flags |= SN_FINST_D;
2440
else if (req->l >= req->rlim - req->data) {
2441
/* no room to read more data */
2443
/* FIXME-20050705: is it possible for a client to maintain a session
2444
* after the timeout by sending more data after it receives a close ?
2447
if (EV_FD_COND_C(t->cli_fd, DIR_RD)) {
2448
/* stop reading until we get some space */
2449
tv_eternity(&req->rex);
2450
//fprintf(stderr,"%p:%s(%d), c=%d, s=%d\n", t, __FUNCTION__, __LINE__, t->cli_state, t->cli_state);
2453
/* there's still some space in the buffer */
2454
if (EV_FD_COND_S(t->cli_fd, DIR_RD)) {
2455
if (!tv_add_ifset(&req->rex, &now, &t->fe->timeout.client))
2456
tv_eternity(&req->rex);
2457
//fprintf(stderr,"%p:%s(%d), c=%d, s=%d\n", t, __FUNCTION__, __LINE__, t->cli_state, t->cli_state);
2462
else { /* CL_STCLOSE: nothing to do */
2463
if ((global.mode & MODE_DEBUG) && (!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE))) {
2465
len = sprintf(trash, "%08x:%s.clicls[%04x:%04x]\n", t->uniq_id, t->be->id, (unsigned short)t->cli_fd, (unsigned short)t->srv_fd);
2466
write(1, trash, len);
2539
buffer_write_dis(req);
2540
if (!tick_isset(req->analyse_exp))
2541
req->analyse_exp = tick_add_ifset(now_ms, s->fe->timeout.httpreq);
2475
* manages the server FSM and its socket. It returns 1 if a state has changed
2476
* (and a resync may be needed), 0 else.
2546
/* This function performs all the processing enabled for the current response.
2547
* It normally returns zero, but may return 1 if it absolutely needs to be
2548
* called again after other functions. It relies on buffers flags, and updates
2549
* t->rep->analysers. It might make sense to explode it into several other
2550
* functions. It works like process_request (see indications above).
2478
int process_srv(struct session *t)
2552
int process_response(struct session *t)
2480
int s = t->srv_state;
2481
int c = t->cli_state;
2482
2554
struct http_txn *txn = &t->txn;
2483
2555
struct buffer *req = t->req;
2484
2556
struct buffer *rep = t->rep;
2488
fprintf(stderr,"process_srv: c=%s, s=%s\n", cli_stnames[c], srv_stnames[s]);
2492
fprintf(stderr,"%s:%d fe->clito=%d.%d, fe->conto=%d.%d, fe->srvto=%d.%d\n",
2493
__FUNCTION__, __LINE__,
2494
t->fe->timeout.client.tv_sec, t->fe->timeout.client.tv_usec,
2495
t->fe->timeout.connect.tv_sec, t->fe->timeout.connect.tv_usec,
2496
t->fe->timeout.server.tv_sec, t->fe->timeout.server.tv_usec);
2497
fprintf(stderr,"%s:%d be->clito=%d.%d, be->conto=%d.%d, be->srvto=%d.%d\n",
2498
__FUNCTION__, __LINE__,
2499
t->be->timeout.client.tv_sec, t->be->timeout.client.tv_usec,
2500
t->be->timeout.connect.tv_sec, t->be->timeout.connect.tv_usec,
2501
t->be->timeout.server.tv_sec, t->be->timeout.server.tv_usec);
2503
fprintf(stderr,"%s:%d req->cto=%d.%d, req->rto=%d.%d, req->wto=%d.%d\n",
2504
__FUNCTION__, __LINE__,
2505
req->cto.tv_sec, req->cto.tv_usec,
2506
req->rto.tv_sec, req->rto.tv_usec,
2507
req->wto.tv_sec, req->wto.tv_usec);
2509
fprintf(stderr,"%s:%d rep->cto=%d.%d, rep->rto=%d.%d, rep->wto=%d.%d\n",
2510
__FUNCTION__, __LINE__,
2511
rep->cto.tv_sec, rep->cto.tv_usec,
2512
rep->rto.tv_sec, rep->rto.tv_usec,
2513
rep->wto.tv_sec, rep->wto.tv_usec);
2516
//fprintf(stderr,"process_srv: c=%d, s=%d, cr=%d, cw=%d, sr=%d, sw=%d\n", c, s,
2517
//EV_FD_ISSET(t->cli_fd, DIR_RD), EV_FD_ISSET(t->cli_fd, DIR_WR),
2518
//EV_FD_ISSET(t->srv_fd, DIR_RD), EV_FD_ISSET(t->srv_fd, DIR_WR)
2520
if (s == SV_STIDLE) {
2521
/* NOTE: The client processor may switch to SV_STANALYZE, which switches back SV_STIDLE.
2522
* This is logcially after CL_STHEADERS completed, CL_STDATA has started, but
2523
* we need to defer server selection until more data arrives, if possible.
2524
* This is rare, and only if balancing on parameter hash with values in the entity of a POST
2526
if (c == CL_STHEADERS )
2527
return 0; /* stay in idle, waiting for data to reach the client side */
2528
else if (c == CL_STCLOSE || c == CL_STSHUTW ||
2530
(t->req->l == 0 || t->be->options & PR_O_ABRT_CLOSE))) { /* give up */
2531
tv_eternity(&req->cex);
2533
t->logs.t_queue = tv_ms_elapsed(&t->logs.tv_accept, &now);
2534
/* note that this must not return any error because it would be able to
2535
* overwrite the client_retnclose() output.
2537
if (txn->flags & TX_CLTARPIT)
2538
srv_close_with_err(t, SN_ERR_CLICL, SN_FINST_T, 0, NULL);
2540
srv_close_with_err(t, SN_ERR_CLICL, t->pend_pos ? SN_FINST_Q : SN_FINST_C, 0, NULL);
2545
if (txn->flags & TX_CLTARPIT) {
2546
/* This connection is being tarpitted. The CLIENT side has
2547
* already set the connect expiration date to the right
2548
* timeout. We just have to check that it has not expired.
2550
if (!tv_isle(&req->cex, &now))
2553
/* We will set the queue timer to the time spent, just for
2554
* logging purposes. We fake a 500 server error, so that the
2555
* attacker will not suspect his connection has been tarpitted.
2556
* It will not cause trouble to the logs because we can exclude
2557
* the tarpitted connections by filtering on the 'PT' status flags.
2559
tv_eternity(&req->cex);
2560
t->logs.t_queue = tv_ms_elapsed(&t->logs.tv_accept, &now);
2561
srv_close_with_err(t, SN_ERR_PRXCOND, SN_FINST_T,
2562
500, error_message(t, HTTP_ERR_500));
2566
/* Right now, we will need to create a connection to the server.
2567
* We might already have tried, and got a connection pending, in
2568
* which case we will not do anything till it's pending. It's up
2569
* to any other session to release it and wake us up again.
2572
if (!tv_isle(&req->cex, &now)) {
2575
/* we've been waiting too long here */
2576
tv_eternity(&req->cex);
2577
t->logs.t_queue = tv_ms_elapsed(&t->logs.tv_accept, &now);
2578
srv_close_with_err(t, SN_ERR_SRVTO, SN_FINST_Q,
2579
503, error_message(t, HTTP_ERR_503));
2581
t->srv->failed_conns++;
2582
t->be->failed_conns++;
2588
/* first, get a connection */
2589
if (txn->meth == HTTP_METH_GET || txn->meth == HTTP_METH_HEAD)
2590
t->flags |= SN_REDIRECTABLE;
2592
if (srv_redispatch_connect(t))
2593
return t->srv_state != SV_STIDLE;
2595
if ((t->flags & SN_REDIRECTABLE) && t->srv && t->srv->rdr_len) {
2596
/* Server supporting redirection and it is possible.
2597
* Invalid requests are reported as such. It concerns all
2604
/* 1: create the response header */
2605
rdr.len = strlen(HTTP_302);
2607
memcpy(rdr.str, HTTP_302, rdr.len);
2609
/* 2: add the server's prefix */
2610
if (rdr.len + t->srv->rdr_len > sizeof(trash))
2613
memcpy(rdr.str + rdr.len, t->srv->rdr_pfx, t->srv->rdr_len);
2614
rdr.len += t->srv->rdr_len;
2616
/* 3: add the request URI */
2617
path = http_get_path(txn);
2620
len = txn->req.sl.rq.u_l + (txn->req.sol+txn->req.sl.rq.u) - path;
2621
if (rdr.len + len > sizeof(trash) - 4) /* 4 for CRLF-CRLF */
2624
memcpy(rdr.str + rdr.len, path, len);
2626
memcpy(rdr.str + rdr.len, "\r\n\r\n", 4);
2629
srv_close_with_err(t, SN_ERR_PRXCOND, SN_FINST_C, 302, &rdr);
2630
/* FIXME: we should increase a counter of redirects per server and per backend. */
2636
t->fe->failed_req++;
2637
srv_close_with_err(t, SN_ERR_PRXCOND, SN_FINST_C,
2638
400, error_message(t, HTTP_ERR_400));
2642
/* try to (re-)connect to the server, and fail if we expire the
2643
* number of retries.
2645
if (srv_retryable_connect(t)) {
2646
t->logs.t_queue = tv_ms_elapsed(&t->logs.tv_accept, &now);
2647
return t->srv_state != SV_STIDLE;
2652
else if (s == SV_STCONN) { /* connection in progress */
2653
if (c == CL_STCLOSE || c == CL_STSHUTW ||
2655
((t->req->l == 0 && !(req->flags & BF_WRITE_STATUS)) ||
2656
t->be->options & PR_O_ABRT_CLOSE))) { /* give up */
2657
tv_eternity(&req->cex);
2658
if (!(t->flags & SN_CONN_TAR)) {
2659
/* if we are in turn-around, we have already closed the FD */
2660
fd_delete(t->srv_fd);
2663
sess_change_server(t, NULL);
2667
/* note that this must not return any error because it would be able to
2668
* overwrite the client_retnclose() output.
2670
srv_close_with_err(t, SN_ERR_CLICL, SN_FINST_C, 0, NULL);
2673
if (!(req->flags & BF_WRITE_STATUS) && !tv_isle(&req->cex, &now)) {
2674
//fprintf(stderr,"1: c=%d, s=%d, now=%d.%06d, exp=%d.%06d\n", c, s, now.tv_sec, now.tv_usec, req->cex.tv_sec, req->cex.tv_usec);
2675
return 0; /* nothing changed */
2677
else if (!(req->flags & BF_WRITE_STATUS) || (req->flags & BF_WRITE_ERROR)) {
2678
/* timeout, asynchronous connect error or first write error */
2679
//fprintf(stderr,"2: c=%d, s=%d\n", c, s);
2681
if (t->flags & SN_CONN_TAR) {
2682
/* We are doing a turn-around waiting for a new connection attempt. */
2683
if (!tv_isle(&req->cex, &now))
2685
t->flags &= ~SN_CONN_TAR;
2688
fd_delete(t->srv_fd);
2692
if (!(req->flags & BF_WRITE_STATUS))
2693
conn_err = SN_ERR_SRVTO; // it was a connect timeout.
2695
conn_err = SN_ERR_SRVCL; // it was an asynchronous connect error.
2697
/* ensure that we have enough retries left */
2698
if (srv_count_retry_down(t, conn_err))
2701
if (req->flags & BF_WRITE_ERROR) {
2702
/* we encountered an immediate connection error, and we
2703
* will have to retry connecting to the same server, most
2704
* likely leading to the same result. To avoid this, we
2705
* fake a connection timeout to retry after a turn-around
2706
* time of 1 second. We will wait in the previous if block.
2708
t->flags |= SN_CONN_TAR;
2709
tv_ms_add(&req->cex, &now, 1000);
2714
if (t->srv && t->conn_retries == 0 && t->be->options & PR_O_REDISP) {
2715
/* We're on our last chance, and the REDISP option was specified.
2716
* We will ignore cookie and force to balance or use the dispatcher.
2718
/* let's try to offer this slot to anybody */
2719
if (may_dequeue_tasks(t->srv, t->be))
2720
process_srv_queue(t->srv);
2722
/* it's left to the dispatcher to choose a server */
2723
t->flags &= ~(SN_DIRECT | SN_ASSIGNED | SN_ADDR_SET);
2724
t->prev_srv = t->srv;
2726
/* first, get a connection */
2727
if (srv_redispatch_connect(t))
2728
return t->srv_state != SV_STCONN;
2736
/* Now we will try to either reconnect to the same server or
2737
* connect to another server. If the connection gets queued
2738
* because all servers are saturated, then we will go back to
2739
* the SV_STIDLE state.
2741
if (srv_retryable_connect(t)) {
2742
t->logs.t_queue = tv_ms_elapsed(&t->logs.tv_accept, &now);
2743
return t->srv_state != SV_STCONN;
2746
/* we need to redispatch the connection to another server */
2747
if (srv_redispatch_connect(t))
2748
return t->srv_state != SV_STCONN;
2751
else { /* no error or write 0 */
2752
t->logs.t_connect = tv_ms_elapsed(&t->logs.tv_accept, &now);
2754
//fprintf(stderr,"3: c=%d, s=%d\n", c, s);
2755
if (req->l == 0) /* nothing to write */ {
2756
EV_FD_CLR(t->srv_fd, DIR_WR);
2757
tv_eternity(&req->wex);
2758
} else /* need the right to write */ {
2759
EV_FD_SET(t->srv_fd, DIR_WR);
2760
if (tv_add_ifset(&req->wex, &now, &t->be->timeout.server)) {
2761
/* FIXME: to prevent the server from expiring read timeouts during writes,
2763
rep->rex = req->wex;
2766
tv_eternity(&req->wex);
2769
if (t->be->mode == PR_MODE_TCP) { /* let's allow immediate data connection in this case */
2770
EV_FD_SET(t->srv_fd, DIR_RD);
2771
if (!tv_add_ifset(&rep->rex, &now, &t->be->timeout.server))
2772
tv_eternity(&rep->rex);
2774
t->srv_state = SV_STDATA;
2775
rep->rlim = rep->data + BUFSIZE; /* no rewrite needed */
2777
/* if the user wants to log as soon as possible, without counting
2778
bytes from the server, then this is the right moment. */
2779
if (t->fe->to_log && !(t->logs.logwait & LW_BYTES)) {
2780
t->logs.t_close = t->logs.t_connect; /* to get a valid end date */
2783
#ifdef CONFIG_HAP_TCPSPLICE
2784
if ((t->fe->options & t->be->options) & PR_O_TCPSPLICE) {
2785
/* TCP splicing supported by both FE and BE */
2786
tcp_splice_splicefd(t->cli_fd, t->srv_fd, 0);
2791
t->srv_state = SV_STHEADERS;
2792
rep->rlim = rep->data + BUFSIZE - MAXREWRITE; /* rewrite needed */
2793
t->txn.rsp.msg_state = HTTP_MSG_RPBEFORE;
2794
/* reset hdr_idx which was already initialized by the request.
2795
* right now, the http parser does it.
2796
* hdr_idx_init(&t->txn.hdr_idx);
2799
tv_eternity(&req->cex);
2803
else if (s == SV_STHEADERS) { /* receiving server headers */
2558
DPRINTF(stderr,"[%u] %s: session=%p b=%p, exp(r,w)=%u,%u bf=%08x bl=%d analysers=%02x\n",
2559
now_ms, __FUNCTION__,
2567
if (rep->analysers & AN_RTR_HTTP_HDR) { /* receiving server headers */
2805
2569
* Now parse the partial (or complete) lines.
2806
2570
* We will check the response syntax, and also join multi-line