1 /* Copyright 2001-2005 The Apache Software Foundation or its licensors, as
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file core_filters.c
19 * @brief Core input/output network filters.
23 #include "apr_strings.h"
25 #include "apr_fnmatch.h"
27 #include "apr_thread_proc.h" /* for RLIMIT stuff */
28 #include "apr_hooks.h"
29 #include "apr_support.h"
31 #define APR_WANT_IOVEC
32 #define APR_WANT_STRFUNC
33 #define APR_WANT_MEMFUNC
37 #include "ap_config.h"
39 #include "http_config.h"
40 #include "http_core.h"
41 #include "http_protocol.h" /* For index_of_response(). Grump. */
42 #include "http_request.h"
43 #include "http_vhost.h"
44 #include "http_main.h" /* For the default_handler below... */
47 #include "http_connection.h"
48 #include "apr_buckets.h"
49 #include "util_filter.h"
50 #include "util_ebcdic.h"
52 #include "mpm_common.h"
53 #include "scoreboard.h"
55 #include "mod_proxy.h"
56 #include "ap_listen.h"
58 #include "mod_so.h" /* for ap_find_loaded_module_symbol */
60 #define AP_MIN_SENDFILE_BYTES (256)
63 * Remove all zero length buckets from the brigade.
65 #define BRIGADE_NORMALIZE(b) \
67 apr_bucket *e = APR_BRIGADE_FIRST(b); \
69 if (e->length == 0 && !APR_BUCKET_IS_METADATA(e)) { \
71 d = APR_BUCKET_NEXT(e); \
72 apr_bucket_delete(e); \
76 e = APR_BUCKET_NEXT(e); \
78 } while (!APR_BRIGADE_EMPTY(b) && (e != APR_BRIGADE_SENTINEL(b))); \
83 * Split the contents of a brigade after bucket 'e' to an existing brigade
85 * XXXX: Should this function be added to APR-Util?
87 static void brigade_move(apr_bucket_brigade *b, apr_bucket_brigade *a,
92 if (e != APR_BRIGADE_SENTINEL(b)) {
93 f = APR_RING_LAST(&b->list);
94 APR_RING_UNSPLICE(e, f, link);
95 APR_RING_SPLICE_HEAD(&a->list, e, f, apr_bucket, link);
98 APR_BRIGADE_CHECK_CONSISTENCY(a);
99 APR_BRIGADE_CHECK_CONSISTENCY(b);
102 int ap_core_input_filter(ap_filter_t *f, apr_bucket_brigade *b,
103 ap_input_mode_t mode, apr_read_type_e block,
108 core_net_rec *net = f->ctx;
109 core_ctx_t *ctx = net->in_ctx;
113 if (mode == AP_MODE_INIT) {
115 * this mode is for filters that might need to 'initialize'
116 * a connection before reading request data from a client.
117 * NNTP over SSL for example needs to handshake before the
118 * server sends the welcome message.
119 * such filters would have changed the mode before this point
120 * is reached. however, protocol modules such as NNTP should
121 * not need to know anything about SSL. given the example, if
122 * SSL is not in the filter chain, AP_MODE_INIT is a noop.
129 ctx = apr_pcalloc(f->c->pool, sizeof(*ctx));
130 ctx->b = apr_brigade_create(f->c->pool, f->c->bucket_alloc);
131 ctx->tmpbb = apr_brigade_create(ctx->b->p, ctx->b->bucket_alloc);
132 /* seed the brigade with the client socket. */
133 e = apr_bucket_socket_create(net->client_socket, f->c->bucket_alloc);
134 APR_BRIGADE_INSERT_TAIL(ctx->b, e);
137 else if (APR_BRIGADE_EMPTY(ctx->b)) {
141 /* ### This is bad. */
142 BRIGADE_NORMALIZE(ctx->b);
144 /* check for empty brigade again *AFTER* BRIGADE_NORMALIZE()
145 * If we have lost our socket bucket (see above), we are EOF.
147 * Ideally, this should be returning SUCCESS with EOS bucket, but
148 * some higher-up APIs (spec. read_request_line via ap_rgetline)
149 * want an error code. */
150 if (APR_BRIGADE_EMPTY(ctx->b)) {
154 if (mode == AP_MODE_GETLINE) {
155 /* we are reading a single LF line, e.g. the HTTP headers */
156 rv = apr_brigade_split_line(b, ctx->b, block, HUGE_STRING_LEN);
157 /* We should treat EAGAIN here the same as we do for EOF (brigade is
158 * empty). We do this by returning whatever we have read. This may
159 * or may not be bogus, but is consistent (for now) with EOF logic.
161 if (APR_STATUS_IS_EAGAIN(rv)) {
167 /* ### AP_MODE_PEEK is a horrific name for this mode because we also
168 * eat any CRLFs that we see. That's not the obvious intention of
169 * this mode. Determine whether anyone actually uses this or not. */
170 if (mode == AP_MODE_EATCRLF) {
174 /* The purpose of this loop is to ignore any CRLF (or LF) at the end
175 * of a request. Many browsers send extra lines at the end of POST
176 * requests. We use the PEEK method to determine if there is more
177 * data on the socket, so that we know if we should delay sending the
178 * end of one request until we have served the second request in a
179 * pipelined situation. We don't want to actually delay sending a
180 * response if the server finds a CRLF (or LF), becuause that doesn't
181 * mean that there is another request, just a blank line.
184 if (APR_BRIGADE_EMPTY(ctx->b))
187 e = APR_BRIGADE_FIRST(ctx->b);
189 rv = apr_bucket_read(e, &str, &len, APR_NONBLOCK_READ);
191 if (rv != APR_SUCCESS)
195 while (c < str + len) {
196 if (*c == APR_ASCII_LF)
198 else if (*c == APR_ASCII_CR && *(c + 1) == APR_ASCII_LF)
204 /* If we reach here, we were a bucket just full of CRLFs, so
205 * just toss the bucket. */
206 /* FIXME: Is this the right thing to do in the core? */
207 apr_bucket_delete(e);
212 /* If mode is EXHAUSTIVE, we want to just read everything until the end
213 * of the brigade, which in this case means the end of the socket.
214 * To do this, we attach the brigade that has currently been setaside to
215 * the brigade that was passed down, and send that brigade back.
217 * NOTE: This is VERY dangerous to use, and should only be done with
218 * extreme caution. However, the Perchild MPM needs this feature
219 * if it is ever going to work correctly again. With this, the Perchild
220 * MPM can easily request the socket and all data that has been read,
221 * which means that it can pass it to the correct child process.
223 if (mode == AP_MODE_EXHAUSTIVE) {
226 /* Tack on any buckets that were set aside. */
227 APR_BRIGADE_CONCAT(b, ctx->b);
229 /* Since we've just added all potential buckets (which will most
230 * likely simply be the socket bucket) we know this is the end,
231 * so tack on an EOS too. */
232 /* We have read until the brigade was empty, so we know that we
234 e = apr_bucket_eos_create(f->c->bucket_alloc);
235 APR_BRIGADE_INSERT_TAIL(b, e);
239 /* read up to the amount they specified. */
240 if (mode == AP_MODE_READBYTES || mode == AP_MODE_SPECULATIVE) {
243 AP_DEBUG_ASSERT(readbytes > 0);
245 e = APR_BRIGADE_FIRST(ctx->b);
246 rv = apr_bucket_read(e, &str, &len, block);
248 if (APR_STATUS_IS_EAGAIN(rv)) {
251 else if (rv != APR_SUCCESS) {
254 else if (block == APR_BLOCK_READ && len == 0) {
255 /* We wanted to read some bytes in blocking mode. We read
256 * 0 bytes. Hence, we now assume we are EOS.
258 * When we are in normal mode, return an EOS bucket to the
260 * When we are in speculative mode, leave ctx->b empty, so
261 * that the next call returns an EOS bucket.
263 apr_bucket_delete(e);
265 if (mode == AP_MODE_READBYTES) {
266 e = apr_bucket_eos_create(f->c->bucket_alloc);
267 APR_BRIGADE_INSERT_TAIL(b, e);
272 /* We can only return at most what we read. */
273 if (len < readbytes) {
277 rv = apr_brigade_partition(ctx->b, readbytes, &e);
278 if (rv != APR_SUCCESS) {
282 /* Must do move before CONCAT */
283 brigade_move(ctx->b, ctx->tmpbb, e);
285 if (mode == AP_MODE_READBYTES) {
286 APR_BRIGADE_CONCAT(b, ctx->b);
288 else if (mode == AP_MODE_SPECULATIVE) {
289 apr_bucket *copy_bucket;
291 for (e = APR_BRIGADE_FIRST(ctx->b);
292 e != APR_BRIGADE_SENTINEL(ctx->b);
293 e = APR_BUCKET_NEXT(e))
295 rv = apr_bucket_copy(e, ©_bucket);
296 if (rv != APR_SUCCESS) {
299 APR_BRIGADE_INSERT_TAIL(b, copy_bucket);
303 /* Take what was originally there and place it back on ctx->b */
304 APR_BRIGADE_CONCAT(ctx->b, ctx->tmpbb);
309 static void setaside_remaining_output(ap_filter_t *f,
310 core_output_filter_ctx_t *ctx,
311 apr_bucket_brigade *bb,
312 int make_a_copy, conn_rec *c);
314 static apr_status_t send_brigade_nonblocking(apr_socket_t *s,
315 apr_bucket_brigade *bb,
316 apr_size_t *bytes_written,
319 static void remove_empty_buckets(apr_bucket_brigade *bb);
321 static apr_status_t send_brigade_blocking(apr_socket_t *s,
322 apr_bucket_brigade *bb,
323 apr_size_t *bytes_written,
326 static apr_status_t writev_nonblocking(apr_socket_t *s,
327 struct iovec *vec, apr_size_t nvec,
328 apr_bucket_brigade *bb,
329 apr_size_t *cumulative_bytes_written,
332 static apr_status_t sendfile_nonblocking(apr_socket_t *s,
333 apr_bucket_brigade *bb,
334 apr_size_t *cumulative_bytes_written,
337 #define THRESHOLD_MIN_WRITE 4096
338 #define THRESHOLD_MAX_BUFFER 65536
340 /* Optional function coming from mod_logio, used for logging of output
343 extern APR_OPTIONAL_FN_TYPE(ap_logio_add_bytes_out) *logio_add_bytes_out;
345 apr_status_t ap_core_output_filter(ap_filter_t *f, apr_bucket_brigade *new_bb)
348 core_net_rec *net = f->ctx;
349 core_output_filter_ctx_t *ctx = net->out_ctx;
350 apr_bucket_brigade *bb;
351 apr_bucket *bucket, *next;
352 apr_size_t bytes_in_brigade, non_file_bytes_in_brigade;
356 ctx = apr_pcalloc(c->pool, sizeof(*ctx));
357 net->out_ctx = (core_output_filter_ctx_t *)ctx;
358 rv = apr_socket_opt_set(net->client_socket, APR_SO_NONBLOCK, 1);
359 if (rv != APR_SUCCESS) {
364 if (new_bb != NULL) {
365 for (bucket = APR_BRIGADE_FIRST(new_bb); bucket != APR_BRIGADE_SENTINEL(new_bb); bucket = APR_BUCKET_NEXT(bucket)) {
366 if (bucket->length > 0) {
367 ctx->bytes_in += bucket->length;
372 if ((ctx->buffered_bb != NULL) &&
373 !APR_BRIGADE_EMPTY(ctx->buffered_bb)) {
374 bb = ctx->buffered_bb;
375 ctx->buffered_bb = NULL;
376 if (new_bb != NULL) {
377 APR_BRIGADE_CONCAT(bb, new_bb);
379 c->data_in_output_filters = 0;
381 else if (new_bb != NULL) {
388 /* Scan through the brigade and decide whether to attempt a write,
389 * based on the following rules:
391 * 1) The new_bb is null: Do a nonblocking write of as much as
392 * possible: do a nonblocking write of as much data as possible,
393 * then save the rest in ctx->buffered_bb. (If new_bb == NULL,
394 * it probably means that the MPM is doing asynchronous write
395 * completion and has just determined that this connection
398 * 2) The brigade contains a flush bucket: Do a blocking write
399 * of everything up that point.
401 * 3) The request is in CONN_STATE_HANLDER state, and the brigade
402 * contains at least THRESHOLD_MAX_BUFFER bytes in non-file
403 * buckets: Do blocking writes until the amount of data in the
404 * buffer is less than THRESHOLD_MAX_BUFFER. (The point of this
405 * rule is to provide flow control, in case a handler is
406 * streaming out lots of data faster than the data can be
407 * sent to the client.)
409 * 4) The brigade contains at least THRESHOLD_MIN_WRITE
410 * bytes: Do a nonblocking write of as much data as possible,
411 * then save the rest in ctx->buffered_bb.
414 if (new_bb == NULL) {
415 apr_status_t rv = send_brigade_nonblocking(net->client_socket, bb,
416 &(ctx->bytes_written), c);
417 if (APR_STATUS_IS_EAGAIN(rv)) {
420 setaside_remaining_output(f, ctx, bb, 0, c);
424 bytes_in_brigade = 0;
425 non_file_bytes_in_brigade = 0;
426 for (bucket = APR_BRIGADE_FIRST(bb); bucket != APR_BRIGADE_SENTINEL(bb);
428 next = APR_BUCKET_NEXT(bucket);
429 if (APR_BUCKET_IS_FLUSH(bucket)) {
430 apr_bucket_brigade *remainder = apr_brigade_split(bb, next);
431 apr_status_t rv = send_brigade_blocking(net->client_socket, bb,
432 &(ctx->bytes_written), c);
433 if (rv != APR_SUCCESS) {
437 next = APR_BRIGADE_FIRST(bb);
438 bytes_in_brigade = 0;
439 non_file_bytes_in_brigade = 0;
441 else if (!APR_BUCKET_IS_METADATA(bucket)) {
442 if (bucket->length < 0) {
445 /* XXX support nonblocking read here? */
447 apr_bucket_read(bucket, &data, &length, APR_BLOCK_READ);
448 if (rv != APR_SUCCESS) {
451 /* reading may have split the bucket, so recompute next: */
452 next = APR_BUCKET_NEXT(bucket);
454 bytes_in_brigade += bucket->length;
455 if (!APR_BUCKET_IS_FILE(bucket)) {
456 non_file_bytes_in_brigade += bucket->length;
461 if (non_file_bytes_in_brigade >= THRESHOLD_MAX_BUFFER) {
462 /* ### Writing the entire brigade may be excessive; we really just
463 * ### need to send enough data to be under THRESHOLD_MAX_BUFFER.
465 apr_status_t rv = send_brigade_blocking(net->client_socket, bb,
466 &(ctx->bytes_written), c);
467 if (rv != APR_SUCCESS) {
471 else if (bytes_in_brigade >= THRESHOLD_MIN_WRITE) {
472 apr_status_t rv = send_brigade_nonblocking(net->client_socket, bb,
473 &(ctx->bytes_written), c);
474 if ((rv != APR_SUCCESS) && (!APR_STATUS_IS_EAGAIN(rv))) {
479 setaside_remaining_output(f, ctx, bb, 1, c);
483 static void setaside_remaining_output(ap_filter_t *f,
484 core_output_filter_ctx_t *ctx,
485 apr_bucket_brigade *bb,
486 int make_a_copy, conn_rec *c)
491 remove_empty_buckets(bb);
492 if (!APR_BRIGADE_EMPTY(bb)) {
493 c->data_in_output_filters = 1;
495 /* XXX should this use a separate deferred write pool, like
496 * the original ap_core_output_filter?
498 ap_save_brigade(f, &(ctx->buffered_bb), &bb, c->pool);
499 apr_brigade_destroy(bb);
502 ctx->buffered_bb = bb;
506 apr_brigade_destroy(bb);
510 #ifndef APR_MAX_IOVEC_SIZE
511 #define MAX_IOVEC_TO_WRITE 16
513 #if APR_MAX_IOVEC_SIZE > 16
514 #define MAX_IOVEC_TO_WRITE 16
516 #define MAX_IOVEC_TO_WRITE APR_MAX_IOVEC_SIZE
520 static apr_status_t send_brigade_nonblocking(apr_socket_t *s,
521 apr_bucket_brigade *bb,
522 apr_size_t *bytes_written,
525 apr_bucket *bucket, *next;
527 struct iovec vec[MAX_IOVEC_TO_WRITE];
530 remove_empty_buckets(bb);
532 for (bucket = APR_BRIGADE_FIRST(bb);
533 bucket != APR_BRIGADE_SENTINEL(bb);
535 int did_sendfile = 0;
536 next = APR_BUCKET_NEXT(bucket);
538 if (APR_BUCKET_IS_FILE(bucket)) {
539 apr_bucket_file *file_bucket = (apr_bucket_file *)(bucket->data);
540 apr_file_t *fd = file_bucket->fd;
541 /* Use sendfile to send this file unless:
542 * - the platform doesn't support sendfile,
543 * - the file is too small for sendfile to be useful, or
544 * - sendfile is disabled in the httpd config via "EnableSendfile off"
547 if ((apr_file_flags_get(fd) & APR_SENDFILE_ENABLED) &&
548 (bucket->length >= AP_MIN_SENDFILE_BYTES)) {
551 (void)apr_socket_opt_set(s, APR_TCP_NOPUSH, 1);
552 rv = writev_nonblocking(s, vec, nvec, bb, bytes_written, c);
554 if (rv != APR_SUCCESS) {
555 (void)apr_socket_opt_set(s, APR_TCP_NOPUSH, 0);
559 rv = sendfile_nonblocking(s, bb, bytes_written, c);
561 (void)apr_socket_opt_set(s, APR_TCP_NOPUSH, 0);
563 if (rv != APR_SUCCESS) {
569 #endif /* APR_HAS_SENDFILE */
570 if (!did_sendfile && !APR_BUCKET_IS_METADATA(bucket)) {
573 rv = apr_bucket_read(bucket, &data, &length, APR_BLOCK_READ);
574 if (rv != APR_SUCCESS) {
577 /* reading may have split the bucket, so recompute next: */
578 next = APR_BUCKET_NEXT(bucket);
579 vec[nvec].iov_base = (char *)data;
580 vec[nvec].iov_len = length;
582 if (nvec == MAX_IOVEC_TO_WRITE) {
583 rv = writev_nonblocking(s, vec, nvec, bb, bytes_written, c);
585 if (rv != APR_SUCCESS) {
594 rv = writev_nonblocking(s, vec, nvec, bb, bytes_written, c);
595 if (rv != APR_SUCCESS) {
600 remove_empty_buckets(bb);
605 static void remove_empty_buckets(apr_bucket_brigade *bb)
608 while (((bucket = APR_BRIGADE_FIRST(bb)) != APR_BRIGADE_SENTINEL(bb)) &&
609 (APR_BUCKET_IS_METADATA(bucket) || (bucket->length == 0))) {
610 APR_BUCKET_REMOVE(bucket);
611 apr_bucket_destroy(bucket);
615 static apr_status_t send_brigade_blocking(apr_socket_t *s,
616 apr_bucket_brigade *bb,
617 apr_size_t *bytes_written,
623 while (!APR_BRIGADE_EMPTY(bb)) {
624 rv = send_brigade_nonblocking(s, bb, bytes_written, c);
625 if (rv != APR_SUCCESS) {
626 if (APR_STATUS_IS_EAGAIN(rv)) {
627 rv = apr_wait_for_io_or_timeout(NULL, s, 0);
628 if (rv != APR_SUCCESS) {
640 static apr_status_t writev_nonblocking(apr_socket_t *s,
641 struct iovec *vec, apr_size_t nvec,
642 apr_bucket_brigade *bb,
643 apr_size_t *cumulative_bytes_written,
646 apr_status_t rv = APR_SUCCESS, arv;
647 apr_size_t bytes_written = 0, bytes_to_write = 0;
648 apr_size_t i, offset;
649 apr_interval_time_t old_timeout;
651 arv = apr_socket_timeout_get(s, &old_timeout);
652 if (arv != APR_SUCCESS) {
655 arv = apr_socket_timeout_set(s, 0);
656 if (arv != APR_SUCCESS) {
660 for (i = 0; i < nvec; i++) {
661 bytes_to_write += vec[i].iov_len;
664 while (bytes_written < bytes_to_write) {
666 rv = apr_socket_sendv(s, vec + offset, nvec - offset, &n);
669 for (i = offset; i < nvec; ) {
670 apr_bucket *bucket = APR_BRIGADE_FIRST(bb);
671 if (APR_BUCKET_IS_METADATA(bucket)) {
672 APR_BUCKET_REMOVE(bucket);
673 apr_bucket_destroy(bucket);
675 else if (n >= vec[i].iov_len) {
676 APR_BUCKET_REMOVE(bucket);
677 apr_bucket_destroy(bucket);
679 n -= vec[i++].iov_len;
682 apr_bucket_split(bucket, n);
683 APR_BUCKET_REMOVE(bucket);
684 apr_bucket_destroy(bucket);
686 vec[i].iov_base += n;
691 if (rv != APR_SUCCESS) {
695 if ((logio_add_bytes_out != NULL) && (bytes_written > 0)) {
696 logio_add_bytes_out(c, bytes_written);
698 *cumulative_bytes_written += bytes_written;
700 arv = apr_socket_timeout_set(s, old_timeout);
701 if ((arv != APR_SUCCESS) && (rv == APR_SUCCESS)) {
709 static apr_status_t sendfile_nonblocking(apr_socket_t *s,
710 apr_bucket_brigade *bb,
711 apr_size_t *cumulative_bytes_written,
714 apr_status_t rv = APR_SUCCESS;
716 apr_bucket_file *file_bucket;
718 apr_size_t file_length;
719 apr_off_t file_offset;
720 apr_size_t bytes_written = 0;
722 bucket = APR_BRIGADE_FIRST(bb);
723 if (!APR_BUCKET_IS_FILE(bucket)) {
724 /* XXX log a "this should never happen" message */
727 file_bucket = (apr_bucket_file *)(bucket->data);
728 fd = file_bucket->fd;
729 file_length = bucket->length;
730 file_offset = bucket->start;
732 if (bytes_written < file_length) {
733 apr_size_t n = file_length - bytes_written;
735 apr_interval_time_t old_timeout;
737 arv = apr_socket_timeout_get(s, &old_timeout);
738 if (arv != APR_SUCCESS) {
741 arv = apr_socket_timeout_set(s, 0);
742 if (arv != APR_SUCCESS) {
745 rv = apr_socket_sendfile(s, fd, NULL, &file_offset, &n, 0);
746 if (rv == APR_SUCCESS) {
750 arv = apr_socket_timeout_set(s, old_timeout);
751 if ((arv != APR_SUCCESS) && (rv == APR_SUCCESS)) {
755 if ((logio_add_bytes_out != NULL) && (bytes_written > 0)) {
756 logio_add_bytes_out(c, bytes_written);
758 *cumulative_bytes_written += bytes_written;
759 if ((bytes_written < file_length) && (bytes_written > 0)) {
760 apr_bucket_split(bucket, bytes_written);
761 APR_BUCKET_REMOVE(bucket);
762 apr_bucket_destroy(bucket);
764 else if (bytes_written == file_length) {
765 APR_BUCKET_REMOVE(bucket);
766 apr_bucket_destroy(bucket);