1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * http_request.c: functions to get and process requests
22 * Thoroughly revamped by rst for Apache. NB this file reads
23 * best from the bottom up.
27 #include "apr_strings.h"
28 #include "apr_file_io.h"
29 #include "apr_fnmatch.h"
31 #define APR_WANT_STRFUNC
34 #include "ap_config.h"
36 #include "http_config.h"
37 #include "http_request.h"
38 #include "http_core.h"
39 #include "http_protocol.h"
41 #include "http_main.h"
42 #include "util_filter.h"
43 #include "util_charset.h"
44 #include "scoreboard.h"
52 APLOG_USE_MODULE(http);
54 /*****************************************************************
56 * Mainline request processing...
59 /* XXX A cleaner and faster way to do this might be to pass the request_rec
60 * down the filter chain as a parameter. It would need to change for
61 * subrequest vs. main request filters; perhaps the subrequest filter could
64 static void update_r_in_filters(ap_filter_t *f,
76 AP_DECLARE(void) ap_die(int type, request_rec *r)
78 int error_index = ap_index_of_response(type);
79 char *custom_response = ap_response_code_string(r, error_index);
80 int recursive_error = 0;
81 request_rec *r_1st_err = r;
83 if (type == AP_FILTER_ERROR) {
87 * Check if we still have the ap_http_header_filter in place. If
88 * this is the case we should not ignore AP_FILTER_ERROR here because
89 * it means that we have not sent any response at all and never
90 * will. This is bad. Sent an internal server error instead.
92 next = r->output_filters;
93 while (next && (next->frec != ap_http_header_filter_handle)) {
98 * If next != NULL then we left the while above because of
99 * next->frec == ap_http_header_filter
102 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
103 "Custom error page caused AP_FILTER_ERROR");
104 type = HTTP_INTERNAL_SERVER_ERROR;
112 ap_finalize_request_protocol(r);
117 * The following takes care of Apache redirects to custom response URLs
118 * Note that if we are already dealing with the response to some other
119 * error condition, we just report on the original error, and give up on
120 * any attempt to handle the other thing "intelligently"...
122 if (r->status != HTTP_OK) {
123 recursive_error = type;
125 while (r_1st_err->prev && (r_1st_err->prev->status != HTTP_OK))
126 r_1st_err = r_1st_err->prev; /* Get back to original error */
128 if (r_1st_err != r) {
129 /* The recursive error was caused by an ErrorDocument specifying
130 * an internal redirect to a bad URI. ap_internal_redirect has
131 * changed the filter chains to point to the ErrorDocument's
132 * request_rec. Back out those changes so we can safely use the
133 * original failing request_rec to send the canned error message.
135 * ap_send_error_response gets rid of existing resource filters
136 * on the output side, so we can skip those.
138 update_r_in_filters(r_1st_err->proto_output_filters, r, r_1st_err);
139 update_r_in_filters(r_1st_err->input_filters, r, r_1st_err);
142 custom_response = NULL; /* Do NOT retry the custom thing! */
148 * This test is done here so that none of the auth modules needs to know
149 * about proxy authentication. They treat it like normal auth, and then
150 * we tweak the status.
152 if (HTTP_UNAUTHORIZED == r->status && PROXYREQ_PROXY == r->proxyreq) {
153 r->status = HTTP_PROXY_AUTHENTICATION_REQUIRED;
156 /* If we don't want to keep the connection, make sure we mark that the
157 * connection is not eligible for keepalive. If we want to keep the
158 * connection, be sure that the request body (if any) has been read.
160 if (ap_status_drops_connection(r->status)) {
161 r->connection->keepalive = AP_CONN_CLOSE;
165 * Two types of custom redirects --- plain text, and URLs. Plain text has
166 * a leading '"', so the URL code, here, is triggered on its absence
169 if (custom_response && custom_response[0] != '"') {
171 if (ap_is_url(custom_response)) {
173 * The URL isn't local, so lets drop through the rest of this
174 * apache code, and continue with the usual REDIRECT handler.
175 * But note that the client will ultimately see the wrong
178 r->status = HTTP_MOVED_TEMPORARILY;
179 apr_table_setn(r->headers_out, "Location", custom_response);
181 else if (custom_response[0] == '/') {
182 const char *error_notes;
183 r->no_local_copy = 1; /* Do NOT send HTTP_NOT_MODIFIED for
184 * error documents! */
186 * This redirect needs to be a GET no matter what the original
189 apr_table_setn(r->subprocess_env, "REQUEST_METHOD", r->method);
192 * Provide a special method for modules to communicate
193 * more informative (than the plain canned) messages to us.
194 * Propagate them to ErrorDocuments via the ERROR_NOTES variable:
196 if ((error_notes = apr_table_get(r->notes,
197 "error-notes")) != NULL) {
198 apr_table_setn(r->subprocess_env, "ERROR_NOTES", error_notes);
200 r->method = apr_pstrdup(r->pool, "GET");
201 r->method_number = M_GET;
202 ap_internal_redirect(custom_response, r);
207 * Dumb user has given us a bad url to redirect to --- fake up
208 * dying with a recursive server error...
210 recursive_error = HTTP_INTERNAL_SERVER_ERROR;
211 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
212 "Invalid error redirection directive: %s",
216 ap_send_error_response(r_1st_err, recursive_error);
219 static void check_pipeline(conn_rec *c)
221 if (c->keepalive != AP_CONN_CLOSE) {
223 apr_bucket_brigade *bb = apr_brigade_create(c->pool, c->bucket_alloc);
225 rv = ap_get_brigade(c->input_filters, bb, AP_MODE_SPECULATIVE,
226 APR_NONBLOCK_READ, 1);
227 if (rv != APR_SUCCESS || APR_BRIGADE_EMPTY(bb)) {
229 * Error or empty brigade: There is no data present in the input
232 c->data_in_input_filters = 0;
235 c->data_in_input_filters = 1;
237 apr_brigade_destroy(bb);
242 AP_DECLARE(void) ap_process_request_after_handler(request_rec *r)
244 apr_bucket_brigade *bb;
246 conn_rec *c = r->connection;
248 /* Send an EOR bucket through the output filter chain. When
249 * this bucket is destroyed, the request will be logged and
250 * its pool will be freed
252 bb = apr_brigade_create(r->connection->pool, r->connection->bucket_alloc);
253 b = ap_bucket_eor_create(r->connection->bucket_alloc, r);
254 APR_BRIGADE_INSERT_HEAD(bb, b);
256 ap_pass_brigade(r->connection->output_filters, bb);
258 /* From here onward, it is no longer safe to reference r
259 * or r->pool, because r->pool may have been destroyed
260 * already by the EOR bucket's cleanup function.
264 c->cs->state = CONN_STATE_WRITE_COMPLETION;
266 AP_PROCESS_REQUEST_RETURN((uintptr_t)r, r->uri, r->status);
267 if (ap_extended_status) {
268 ap_time_process_request(c->sbh, STOP_PREQUEST);
272 void ap_process_async_request(request_rec *r)
274 conn_rec *c = r->connection;
277 /* Give quick handlers a shot at serving the request on the fast
278 * path, bypassing all of the other Apache hooks.
280 * This hook was added to enable serving files out of a URI keyed
281 * content cache ( e.g., Mike Abbott's Quick Shortcut Cache,
282 * described here: http://oss.sgi.com/projects/apache/mod_qsc.html )
284 * It may have other uses as well, such as routing requests directly to
285 * content handlers that have the ability to grok HTTP and do their
286 * own access checking, etc (e.g. servlet engines).
288 * Use this hook with extreme care and only if you know what you are
291 AP_PROCESS_REQUEST_ENTRY((uintptr_t)r, r->uri);
292 if (ap_extended_status) {
293 ap_time_process_request(r->connection->sbh, START_PREQUEST);
296 if (APLOGrtrace4(r)) {
298 const apr_array_header_t *t_h = apr_table_elts(r->headers_in);
299 const apr_table_entry_t *t_elt = (apr_table_entry_t *)t_h->elts;
300 ap_log_rerror(APLOG_MARK, APLOG_TRACE4, 0, r,
301 "Headers received from client:");
302 for (i = 0; i < t_h->nelts; i++, t_elt++) {
303 ap_log_rerror(APLOG_MARK, APLOG_TRACE4, 0, r, " %s: %s",
304 ap_escape_logitem(r->pool, t_elt->key),
305 ap_escape_logitem(r->pool, t_elt->val));
310 apr_thread_mutex_create(&r->invoke_mtx, APR_THREAD_MUTEX_DEFAULT, r->pool);
311 apr_thread_mutex_lock(r->invoke_mtx);
313 access_status = ap_run_quick_handler(r, 0); /* Not a look-up request */
314 if (access_status == DECLINED) {
315 access_status = ap_process_request_internal(r);
316 if (access_status == OK) {
317 access_status = ap_invoke_handler(r);
321 if (access_status == SUSPENDED) {
322 /* TODO: Should move these steps into a generic function, so modules
323 * working on a suspended request can also call _ENTRY again.
325 AP_PROCESS_REQUEST_RETURN((uintptr_t)r, r->uri, access_status);
326 if (ap_extended_status) {
327 ap_time_process_request(c->sbh, STOP_PREQUEST);
330 c->cs->state = CONN_STATE_SUSPENDED;
332 apr_thread_mutex_unlock(r->invoke_mtx);
337 apr_thread_mutex_unlock(r->invoke_mtx);
340 if (access_status == DONE) {
341 /* e.g., something not in storage like TRACE */
345 if (access_status == OK) {
346 ap_finalize_request_protocol(r);
350 ap_die(access_status, r);
353 ap_process_request_after_handler(r);
356 void ap_process_request(request_rec *r)
358 apr_bucket_brigade *bb;
360 conn_rec *c = r->connection;
363 ap_process_async_request(r);
365 if (!c->data_in_input_filters) {
366 bb = apr_brigade_create(c->pool, c->bucket_alloc);
367 b = apr_bucket_flush_create(c->bucket_alloc);
368 APR_BRIGADE_INSERT_HEAD(bb, b);
369 rv = ap_pass_brigade(c->output_filters, bb);
370 if (APR_STATUS_IS_TIMEUP(rv)) {
372 * Notice a timeout as an error message. This might be
373 * valuable for detecting clients with broken network
374 * connections or possible DoS attacks.
376 * It is still safe to use r / r->pool here as the eor bucket
377 * could not have been destroyed in the event of a timeout.
379 ap_log_rerror(APLOG_MARK, APLOG_INFO, rv, r,
380 "Timeout while writing data for URI %s to the"
381 " client", r->unparsed_uri);
384 if (ap_extended_status) {
385 ap_time_process_request(c->sbh, STOP_PREQUEST);
389 static apr_table_t *rename_original_env(apr_pool_t *p, apr_table_t *t)
391 const apr_array_header_t *env_arr = apr_table_elts(t);
392 const apr_table_entry_t *elts = (const apr_table_entry_t *) env_arr->elts;
393 apr_table_t *new = apr_table_make(p, env_arr->nalloc);
396 for (i = 0; i < env_arr->nelts; ++i) {
399 apr_table_setn(new, apr_pstrcat(p, "REDIRECT_", elts[i].key, NULL),
406 static request_rec *internal_internal_redirect(const char *new_uri,
411 if (ap_is_recursion_limit_exceeded(r)) {
412 ap_die(HTTP_INTERNAL_SERVER_ERROR, r);
416 new = (request_rec *) apr_pcalloc(r->pool, sizeof(request_rec));
418 new->connection = r->connection;
419 new->server = r->server;
423 * A whole lot of this really ought to be shared with http_protocol.c...
424 * another missing cleanup. It's particularly inappropriate to be
425 * setting header_only, etc., here.
428 new->method = r->method;
429 new->method_number = r->method_number;
430 new->allowed_methods = ap_make_method_list(new->pool, 2);
431 ap_parse_uri(new, new_uri);
432 new->parsed_uri.port_str = r->parsed_uri.port_str;
433 new->parsed_uri.port = r->parsed_uri.port;
435 new->request_config = ap_create_request_config(r->pool);
437 new->per_dir_config = r->server->lookup_defaults;
442 new->client_addr = r->client_addr;
443 new->client_ip = r->client_ip;
445 /* Must have prev and next pointers set before calling create_request
448 ap_run_create_request(new);
450 /* Inherit the rest of the protocol info... */
452 new->the_request = r->the_request;
454 new->allowed = r->allowed;
456 new->status = r->status;
457 new->assbackwards = r->assbackwards;
458 new->header_only = r->header_only;
459 new->protocol = r->protocol;
460 new->proto_num = r->proto_num;
461 new->hostname = r->hostname;
462 new->request_time = r->request_time;
465 new->headers_in = r->headers_in;
466 new->headers_out = apr_table_make(r->pool, 12);
467 if (ap_is_HTTP_REDIRECT(new->status)) {
468 const char *location = apr_table_get(r->headers_out, "Location");
470 apr_table_setn(new->headers_out, "Location", location);
472 new->err_headers_out = r->err_headers_out;
473 new->subprocess_env = rename_original_env(r->pool, r->subprocess_env);
474 new->notes = apr_table_make(r->pool, 5);
476 new->htaccess = r->htaccess;
477 new->no_cache = r->no_cache;
478 new->expecting_100 = r->expecting_100;
479 new->no_local_copy = r->no_local_copy;
480 new->read_length = r->read_length; /* We can only read it once */
481 new->vlist_validator = r->vlist_validator;
483 new->proto_output_filters = r->proto_output_filters;
484 new->proto_input_filters = r->proto_input_filters;
486 new->input_filters = new->proto_input_filters;
489 ap_filter_t *f, *nextf;
491 /* If this is a subrequest, the filter chain may contain a
492 * mixture of filters specific to the old request (r), and
493 * some inherited from r->main. Here, inherit that filter
494 * chain, and remove all those which are specific to the old
495 * request; ensuring the subreq filter is left in place. */
496 new->output_filters = r->output_filters;
498 f = new->output_filters;
502 if (f->r == r && f->frec != ap_subreq_core_filter_handle) {
503 ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
504 "dropping filter '%s' in internal redirect from %s to %s",
505 f->frec->name, r->unparsed_uri, new_uri);
507 /* To remove the filter, first set f->r to the *new*
508 * request_rec, so that ->output_filters on 'new' is
509 * changed (if necessary) when removing the filter. */
511 ap_remove_output_filter(f);
516 /* Stop at the protocol filters. If a protocol filter has
517 * been newly installed for this resource, better leave it
518 * in place, though it's probably a misconfiguration or
519 * filter bug to get into this state. */
520 } while (f && f != new->proto_output_filters);
523 /* If this is not a subrequest, clear out all
524 * resource-specific filters. */
525 new->output_filters = new->proto_output_filters;
528 update_r_in_filters(new->input_filters, r, new);
529 update_r_in_filters(new->output_filters, r, new);
531 apr_table_setn(new->subprocess_env, "REDIRECT_STATUS",
532 apr_itoa(r->pool, r->status));
534 /* Begin by presuming any module can make its own path_info assumptions,
535 * until some module interjects and changes the value.
537 new->used_path_info = AP_REQ_DEFAULT_PATH_INFO;
540 * XXX: hmm. This is because mod_setenvif and mod_unique_id really need
541 * to do their thing on internal redirects as well. Perhaps this is a
544 if ((access_status = ap_run_post_read_request(new))) {
545 ap_die(access_status, new);
552 /* XXX: Is this function is so bogus and fragile that we deep-6 it? */
553 AP_DECLARE(void) ap_internal_fast_redirect(request_rec *rr, request_rec *r)
555 /* We need to tell POOL_DEBUG that we're guaranteeing that rr->pool
556 * will exist as long as r->pool. Otherwise we run into troubles because
557 * some values in this request will be allocated in r->pool, and others in
560 apr_pool_join(r->pool, rr->pool);
561 r->proxyreq = rr->proxyreq;
562 r->no_cache = (r->no_cache && rr->no_cache);
563 r->no_local_copy = (r->no_local_copy && rr->no_local_copy);
564 r->mtime = rr->mtime;
566 r->filename = rr->filename;
567 r->canonical_filename = rr->canonical_filename;
568 r->path_info = rr->path_info;
570 r->finfo = rr->finfo;
571 r->handler = rr->handler;
572 ap_set_content_type(r, rr->content_type);
573 r->content_encoding = rr->content_encoding;
574 r->content_languages = rr->content_languages;
575 r->per_dir_config = rr->per_dir_config;
576 /* copy output headers from subrequest, but leave negotiation headers */
577 r->notes = apr_table_overlay(r->pool, rr->notes, r->notes);
578 r->headers_out = apr_table_overlay(r->pool, rr->headers_out,
580 r->err_headers_out = apr_table_overlay(r->pool, rr->err_headers_out,
582 r->subprocess_env = apr_table_overlay(r->pool, rr->subprocess_env,
585 r->output_filters = rr->output_filters;
586 r->input_filters = rr->input_filters;
588 /* If any filters pointed at the now-defunct rr, we must point them
589 * at our "new" instance of r. In particular, some of rr's structures
590 * will now be bogus (say rr->headers_out). If a filter tried to modify
591 * their f->r structure when it is pointing to rr, the real request_rec
592 * will not get updated. Fix that here.
594 update_r_in_filters(r->input_filters, rr, r);
595 update_r_in_filters(r->output_filters, rr, r);
598 ap_add_output_filter_handle(ap_subreq_core_filter_handle,
599 NULL, r, r->connection);
603 * We need to check if we now have the SUBREQ_CORE filter in our filter
604 * chain. If this is the case we need to remove it since we are NO
605 * subrequest. But we need to keep in mind that the SUBREQ_CORE filter
606 * does not necessarily need to be the first filter in our chain. So we
607 * need to go through the chain. But we only need to walk up the chain
608 * until the proto_output_filters as the SUBREQ_CORE filter is below the
613 next = r->output_filters;
614 while (next && (next->frec != ap_subreq_core_filter_handle)
615 && (next != r->proto_output_filters)) {
618 if (next && (next->frec == ap_subreq_core_filter_handle)) {
619 ap_remove_output_filter(next);
624 AP_DECLARE(void) ap_internal_redirect(const char *new_uri, request_rec *r)
626 request_rec *new = internal_internal_redirect(new_uri, r);
629 AP_INTERNAL_REDIRECT(r->uri, new_uri);
631 /* ap_die was already called, if an error occured */
636 access_status = ap_run_quick_handler(new, 0); /* Not a look-up request */
637 if (access_status == DECLINED) {
638 access_status = ap_process_request_internal(new);
639 if (access_status == OK) {
640 access_status = ap_invoke_handler(new);
643 if (access_status == OK) {
644 ap_finalize_request_protocol(new);
647 ap_die(access_status, new);
651 /* This function is designed for things like actions or CGI scripts, when
652 * using AddHandler, and you want to preserve the content type across
653 * an internal redirect.
655 AP_DECLARE(void) ap_internal_redirect_handler(const char *new_uri, request_rec *r)
658 request_rec *new = internal_internal_redirect(new_uri, r);
660 /* ap_die was already called, if an error occured */
666 ap_set_content_type(new, r->content_type);
667 access_status = ap_process_request_internal(new);
668 if (access_status == OK) {
669 if ((access_status = ap_invoke_handler(new)) != 0) {
670 ap_die(access_status, new);
673 ap_finalize_request_protocol(new);
676 ap_die(access_status, new);
680 AP_DECLARE(void) ap_allow_methods(request_rec *r, int reset, ...)
686 * Get rid of any current settings if requested; not just the
687 * well-known methods but any extensions as well.
690 ap_clear_method_list(r->allowed_methods);
693 va_start(methods, reset);
694 while ((method = va_arg(methods, const char *)) != NULL) {
695 ap_method_list_add(r->allowed_methods, method);
700 AP_DECLARE(void) ap_allow_standard_methods(request_rec *r, int reset, ...)
707 * Get rid of any current settings if requested; not just the
708 * well-known methods but any extensions as well.
711 ap_clear_method_list(r->allowed_methods);
715 va_start(methods, reset);
716 while ((method = va_arg(methods, int)) != -1) {
717 mask |= (AP_METHOD_BIT << method);
721 r->allowed_methods->method_mask |= mask;