1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 /* AJP routines for Apache proxy */
19 #include "mod_proxy.h"
22 module AP_MODULE_DECLARE_DATA proxy_ajp_module;
25 * Canonicalise http-like URLs.
26 * scheme is the scheme for the URL
27 * url is the URL starting with the first '/'
28 * def_port is the default port for this scheme.
30 static int proxy_ajp_canon(request_rec *r, char *url)
32 char *host, *path, *search, sport[7];
34 apr_port_t port = AJP13_DEF_PORT;
36 /* ap_port_of_scheme() */
37 if (strncasecmp(url, "ajp:", 4) == 0) {
44 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
45 "proxy: AJP: canonicalising URL %s", url);
49 * We break the URL into host, port, path, search
51 err = ap_proxy_canon_netloc(r->pool, &url, NULL, NULL, &host, &port);
53 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
54 "error parsing URL %s: %s",
56 return HTTP_BAD_REQUEST;
60 * now parse path/search args, according to rfc1738
62 * N.B. if this isn't a true proxy request, then the URL _path_
63 * has already been decoded. True proxy requests have
64 * r->uri == r->unparsed_uri, and no others have that property.
66 if (r->uri == r->unparsed_uri) {
67 search = strchr(url, '?');
75 path = ap_proxy_canonenc(r->pool, url, strlen(url), enc_path, 0,
78 return HTTP_BAD_REQUEST;
80 apr_snprintf(sport, sizeof(sport), ":%d", port);
82 if (ap_strchr_c(host, ':')) {
83 /* if literal IPv6 address */
84 host = apr_pstrcat(r->pool, "[", host, "]", NULL);
86 r->filename = apr_pstrcat(r->pool, "proxy:ajp://", host, sport,
87 "/", path, (search) ? "?" : "",
88 (search) ? search : "", NULL);
93 * XXX: AJP Auto Flushing
95 * When processing CMD_AJP13_SEND_BODY_CHUNK AJP messages we will do a poll
96 * with FLUSH_WAIT miliseconds timeout to determine if more data is currently
97 * available at the backend. If there is no more data available, we flush
98 * the data to the client by adding a flush bucket to the brigade we pass
99 * up the filter chain.
100 * This is only a bandaid to fix the AJP/1.3 protocol shortcoming of not
101 * sending (actually not having defined) a flush message, when the data
102 * should be flushed to the client. As soon as this protocol shortcoming is
103 * fixed this code should be removed.
105 * For further discussion see PR37100.
106 * http://issues.apache.org/bugzilla/show_bug.cgi?id=37100
110 * process the request and write the response.
112 static int ap_proxy_ajp_request(apr_pool_t *p, request_rec *r,
113 proxy_conn_rec *conn,
115 proxy_dir_conf *conf,
117 char *url, char *server_portstr)
122 apr_bucket_brigade *input_brigade;
123 apr_bucket_brigade *output_brigade;
134 apr_int32_t conn_poll_fd;
135 apr_pollfd_t *conn_poll;
136 proxy_server_conf *psf =
137 ap_get_module_config(r->server->module_config, &proxy_module);
138 apr_size_t maxsize = AJP_MSG_BUFFER_SZ;
140 if (psf->io_buffer_size_set)
141 maxsize = psf->io_buffer_size;
142 if (maxsize > AJP_MAX_BUFFER_SZ)
143 maxsize = AJP_MAX_BUFFER_SZ;
144 else if (maxsize < AJP_MSG_BUFFER_SZ)
145 maxsize = AJP_MSG_BUFFER_SZ;
146 maxsize = APR_ALIGN(maxsize, 1024);
149 * Send the AJP request to the remote server
152 /* send request headers */
153 status = ajp_send_header(conn->sock, r, maxsize, uri);
154 if (status != APR_SUCCESS) {
156 ap_log_error(APLOG_MARK, APLOG_ERR, status, r->server,
157 "proxy: AJP: request failed to %pI (%s)",
158 conn->worker->cp->addr,
159 conn->worker->hostname);
160 if (status == AJP_EOVERFLOW)
161 return HTTP_BAD_REQUEST;
163 return HTTP_SERVICE_UNAVAILABLE;
166 /* allocate an AJP message to store the data of the buckets */
168 status = ajp_alloc_data_msg(r->pool, &buff, &bufsiz, &msg);
169 if (status != APR_SUCCESS) {
170 /* We had a failure: Close connection to backend */
172 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
173 "proxy: ajp_alloc_data_msg failed");
174 return HTTP_INTERNAL_SERVER_ERROR;
177 /* read the first bloc of data */
178 input_brigade = apr_brigade_create(p, r->connection->bucket_alloc);
179 tenc = apr_table_get(r->headers_in, "Transfer-Encoding");
180 if (tenc && (strcasecmp(tenc, "chunked") == 0)) {
181 /* The AJP protocol does not want body data yet */
182 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
183 "proxy: request is chunked");
185 status = ap_get_brigade(r->input_filters, input_brigade,
186 AP_MODE_READBYTES, APR_BLOCK_READ,
187 maxsize - AJP_HEADER_SZ);
189 if (status != APR_SUCCESS) {
190 /* We had a failure: Close connection to backend */
192 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
193 "proxy: ap_get_brigade failed");
194 apr_brigade_destroy(input_brigade);
195 return HTTP_INTERNAL_SERVER_ERROR;
199 if (APR_BUCKET_IS_EOS(APR_BRIGADE_LAST(input_brigade))) {
200 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
201 "proxy: APR_BUCKET_IS_EOS");
204 /* Try to send something */
205 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
206 "proxy: data to read (max %" APR_SIZE_T_FMT
207 " at %" APR_SIZE_T_FMT ")", bufsiz, msg->pos);
209 status = apr_brigade_flatten(input_brigade, buff, &bufsiz);
210 if (status != APR_SUCCESS) {
211 /* We had a failure: Close connection to backend */
213 apr_brigade_destroy(input_brigade);
214 ap_log_error(APLOG_MARK, APLOG_ERR, status, r->server,
215 "proxy: apr_brigade_flatten");
216 return HTTP_INTERNAL_SERVER_ERROR;
218 apr_brigade_cleanup(input_brigade);
220 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
221 "proxy: got %" APR_SIZE_T_FMT " bytes of data", bufsiz);
223 status = ajp_send_data_msg(conn->sock, msg, bufsiz);
224 if (status != APR_SUCCESS) {
225 /* We had a failure: Close connection to backend */
227 apr_brigade_destroy(input_brigade);
228 ap_log_error(APLOG_MARK, APLOG_ERR, status, r->server,
229 "proxy: send failed to %pI (%s)",
230 conn->worker->cp->addr,
231 conn->worker->hostname);
232 return HTTP_SERVICE_UNAVAILABLE;
234 conn->worker->s->transferred += bufsiz;
238 /* read the response */
240 status = ajp_read_header(conn->sock, r, maxsize,
241 (ajp_msg_t **)&(conn->data));
242 if (status != APR_SUCCESS) {
243 /* We had a failure: Close connection to backend */
245 apr_brigade_destroy(input_brigade);
246 ap_log_error(APLOG_MARK, APLOG_ERR, status, r->server,
247 "proxy: read response failed from %pI (%s)",
248 conn->worker->cp->addr,
249 conn->worker->hostname);
250 return HTTP_SERVICE_UNAVAILABLE;
252 /* parse the reponse */
253 result = ajp_parse_type(r, conn->data);
254 output_brigade = apr_brigade_create(p, r->connection->bucket_alloc);
257 * Prepare apr_pollfd_t struct for possible later check if there is currently
258 * data available from the backend (do not flush response to client)
259 * or not (flush response to client)
261 conn_poll = apr_pcalloc(p, sizeof(apr_pollfd_t));
262 conn_poll->reqevents = APR_POLLIN;
263 conn_poll->desc_type = APR_POLL_SOCKET;
264 conn_poll->desc.s = conn->sock;
269 case CMD_AJP13_GET_BODY_CHUNK:
271 if (APR_BUCKET_IS_EOS(APR_BRIGADE_LAST(input_brigade))) {
272 /* This is the end */
275 ap_log_error(APLOG_MARK, APLOG_DEBUG, status, r->server,
276 "proxy: APR_BUCKET_IS_EOS");
278 status = ap_get_brigade(r->input_filters, input_brigade,
281 maxsize - AJP_HEADER_SZ);
282 if (status != APR_SUCCESS) {
283 ap_log_error(APLOG_MARK, APLOG_DEBUG, status,
285 "ap_get_brigade failed");
289 status = apr_brigade_flatten(input_brigade, buff,
291 apr_brigade_cleanup(input_brigade);
292 if (status != APR_SUCCESS) {
293 ap_log_error(APLOG_MARK, APLOG_DEBUG, status,
295 "apr_brigade_flatten failed");
301 /* will go in ajp_send_data_msg */
302 status = ajp_send_data_msg(conn->sock, msg, bufsiz);
303 if (status != APR_SUCCESS) {
304 ap_log_error(APLOG_MARK, APLOG_DEBUG, status, r->server,
305 "ajp_send_data_msg failed");
308 conn->worker->s->transferred += bufsiz;
311 * something is wrong TC asks for more body but we are
312 * already at the end of the body data
314 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
315 "ap_proxy_ajp_request error read after end");
319 case CMD_AJP13_SEND_HEADERS:
320 /* AJP13_SEND_HEADERS: process them */
321 status = ajp_parse_header(r, conf, conn->data);
322 if (status != APR_SUCCESS) {
326 case CMD_AJP13_SEND_BODY_CHUNK:
327 /* AJP13_SEND_BODY_CHUNK: piece of data */
328 status = ajp_parse_data(r, conn->data, &size, &buff);
329 if (status == APR_SUCCESS) {
331 /* AJP13_SEND_BODY_CHUNK with zero length
332 * is explicit flush message
334 e = apr_bucket_flush_create(r->connection->bucket_alloc);
335 APR_BRIGADE_INSERT_TAIL(output_brigade, e);
338 e = apr_bucket_transient_create(buff, size,
339 r->connection->bucket_alloc);
340 APR_BRIGADE_INSERT_TAIL(output_brigade, e);
342 if ((conn->worker->flush_packets == flush_on) ||
343 ((conn->worker->flush_packets == flush_auto) &&
344 (apr_poll(conn_poll, 1, &conn_poll_fd,
345 conn->worker->flush_wait)
347 e = apr_bucket_flush_create(r->connection->bucket_alloc);
348 APR_BRIGADE_INSERT_TAIL(output_brigade, e);
350 apr_brigade_length(output_brigade, 0, &bb_len);
352 conn->worker->s->read += bb_len;
354 if (ap_pass_brigade(r->output_filters,
355 output_brigade) != APR_SUCCESS) {
356 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
357 "proxy: error processing body");
361 apr_brigade_cleanup(output_brigade);
367 case CMD_AJP13_END_RESPONSE:
368 e = apr_bucket_eos_create(r->connection->bucket_alloc);
369 APR_BRIGADE_INSERT_TAIL(output_brigade, e);
370 if (ap_pass_brigade(r->output_filters,
371 output_brigade) != APR_SUCCESS) {
372 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
373 "proxy: error processing body");
376 /* XXX: what about flush here? See mod_jk */
385 * If connection has been aborted by client: Stop working.
386 * Nevertheless, we regard our operation so far as a success:
387 * So do not set isok to 0 and set result to CMD_AJP13_END_RESPONSE
388 * But: Close this connection to the backend.
390 if (r->connection->aborted) {
392 result = CMD_AJP13_END_RESPONSE;
399 if (result == CMD_AJP13_END_RESPONSE)
402 /* read the response */
403 status = ajp_read_header(conn->sock, r, maxsize,
404 (ajp_msg_t **)&(conn->data));
405 if (status != APR_SUCCESS) {
407 ap_log_error(APLOG_MARK, APLOG_DEBUG, status, r->server,
408 "ajp_read_header failed");
411 result = ajp_parse_type(r, conn->data);
413 apr_brigade_destroy(input_brigade);
416 * Clear output_brigade to remove possible buckets that remained there
419 apr_brigade_cleanup(output_brigade);
421 if (status != APR_SUCCESS) {
422 /* We had a failure: Close connection to backend */
424 ap_log_error(APLOG_MARK, APLOG_ERR, status, r->server,
425 "proxy: send body failed to %pI (%s)",
426 conn->worker->cp->addr,
427 conn->worker->hostname);
429 * If we already send data, signal a broken backend connection
430 * upwards in the chain.
433 ap_proxy_backend_broke(r, output_brigade);
434 /* Return DONE to avoid error messages being added to the stream */
437 rv = HTTP_SERVICE_UNAVAILABLE;
441 * Ensure that we sent an EOS bucket thru the filter chain, if we already
442 * have sent some data. Maybe ap_proxy_backend_broke was called and added
443 * one to the brigade already (no longer making it empty). So we should
444 * not do this in this case.
446 if (data_sent && !r->eos_sent && APR_BRIGADE_EMPTY(output_brigade)) {
447 e = apr_bucket_eos_create(r->connection->bucket_alloc);
448 APR_BRIGADE_INSERT_TAIL(output_brigade, e);
451 /* If we have added something to the brigade above, sent it */
452 if (!APR_BRIGADE_EMPTY(output_brigade))
453 ap_pass_brigade(r->output_filters, output_brigade);
455 apr_brigade_destroy(output_brigade);
460 /* Nice we have answer to send to the client */
461 if (result == CMD_AJP13_END_RESPONSE && isok) {
462 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
463 "proxy: got response from %pI (%s)",
464 conn->worker->cp->addr,
465 conn->worker->hostname);
469 ap_log_error(APLOG_MARK, APLOG_ERR, status, r->server,
470 "proxy: got bad response (%d) from %pI (%s)",
472 conn->worker->cp->addr,
473 conn->worker->hostname);
475 /* We had a failure: Close connection to backend */
477 return HTTP_SERVICE_UNAVAILABLE;
481 * This handles ajp:// URLs
483 static int proxy_ajp_handler(request_rec *r, proxy_worker *worker,
484 proxy_server_conf *conf,
485 char *url, const char *proxyname,
486 apr_port_t proxyport)
489 char server_portstr[32];
490 conn_rec *origin = NULL;
491 proxy_conn_rec *backend = NULL;
492 const char *scheme = "AJP";
493 proxy_dir_conf *dconf = ap_get_module_config(r->per_dir_config,
497 * Note: Memory pool allocation.
498 * A downstream keepalive connection is always connected to the existence
499 * (or not) of an upstream keepalive connection. If this is not done then
500 * load balancing against multiple backend servers breaks (one backend
501 * server ends up taking 100% of the load), and the risk is run of
502 * downstream keepalive connections being kept open unnecessarily. This
503 * keeps webservers busy and ties up resources.
505 * As a result, we allocate all sockets out of the upstream connection
506 * pool, and when we want to reuse a socket, we check first whether the
507 * connection ID of the current upstream connection is the same as that
508 * of the connection when the socket was opened.
510 apr_pool_t *p = r->connection->pool;
511 apr_uri_t *uri = apr_palloc(r->connection->pool, sizeof(*uri));
514 if (strncasecmp(url, "ajp:", 4) != 0) {
515 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
516 "proxy: AJP: declining URL %s", url);
519 ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
520 "proxy: AJP: serving URL %s", url);
522 /* create space for state information */
524 status = ap_proxy_acquire_connection(scheme, &backend, worker,
529 ap_proxy_release_connection(scheme, backend, r->server);
538 /* Step One: Determine Who To Connect To */
539 status = ap_proxy_determine_connection(p, r, conf, worker, backend,
540 uri, &url, proxyname, proxyport,
542 sizeof(server_portstr));
547 /* Step Two: Make the Connection */
548 if (ap_proxy_connect_backend(scheme, backend, worker, r->server)) {
549 ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
550 "proxy: AJP: failed to make connection to backend: %s",
552 status = HTTP_SERVICE_UNAVAILABLE;
556 /* Handle CPING/CPONG */
557 if (worker->ping_timeout_set) {
558 status = ajp_handle_cping_cpong(backend->sock, r,
559 worker->ping_timeout);
560 if (status != APR_SUCCESS) {
562 ap_log_error(APLOG_MARK, APLOG_ERR, status, r->server,
563 "proxy: AJP: cping/cpong failed to %pI (%s)",
566 status = HTTP_SERVICE_UNAVAILABLE;
570 /* Step Three: Process the Request */
571 status = ap_proxy_ajp_request(p, r, backend, origin, dconf, uri, url,
575 /* Do not close the socket */
576 ap_proxy_release_connection(scheme, backend, r->server);
580 static void ap_proxy_http_register_hook(apr_pool_t *p)
582 proxy_hook_scheme_handler(proxy_ajp_handler, NULL, NULL, APR_HOOK_FIRST);
583 proxy_hook_canon_handler(proxy_ajp_canon, NULL, NULL, APR_HOOK_FIRST);
586 module AP_MODULE_DECLARE_DATA proxy_ajp_module = {
587 STANDARD20_MODULE_STUFF,
588 NULL, /* create per-directory config structure */
589 NULL, /* merge per-directory config structures */
590 NULL, /* create per-server config structure */
591 NULL, /* merge per-server config structures */
592 NULL, /* command apr_table_t */
593 ap_proxy_http_register_hook /* register hooks */