-/* ====================================================================
- * The Apache Software License, Version 1.1
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
*
- * Copyright (c) 2000-2001 The Apache Software Foundation. All rights
- * reserved.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. The end-user documentation included with the redistribution,
- * if any, must include the following acknowledgment:
- * "This product includes software developed by the
- * Apache Software Foundation (http://www.apache.org/)."
- * Alternately, this acknowledgment may appear in the software itself,
- * if and wherever such third-party acknowledgments normally appear.
- *
- * 4. The names "Apache" and "Apache Software Foundation" must
- * not be used to endorse or promote products derived from this
- * software without prior written permission. For written
- * permission, please contact apache@apache.org.
- *
- * 5. Products derived from this software may not be called "Apache",
- * nor may "Apache" appear in their name, without prior written
- * permission of the Apache Software Foundation.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
- * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- * Portions of this software are based upon public domain software
- * originally written at the National Center for Supercomputing Applications,
- * University of Illinois, Urbana-Champaign.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
*/
#include "apr.h"
#include "apr_strings.h"
-#define CORE_PRIVATE
#include "ap_config.h"
#include "httpd.h"
#include "http_connection.h"
#include "http_request.h"
#include "http_protocol.h"
#include "ap_mpm.h"
-#include "mpm_default.h"
#include "http_config.h"
#include "http_core.h"
#include "http_vhost.h"
#include "util_filter.h"
APR_HOOK_STRUCT(
- APR_HOOK_LINK(pre_connection)
- APR_HOOK_LINK(process_connection)
+ APR_HOOK_LINK(create_connection)
+ APR_HOOK_LINK(process_connection)
+ APR_HOOK_LINK(pre_connection)
)
-
-AP_IMPLEMENT_HOOK_RUN_ALL(int,pre_connection,(conn_rec *c),(c),OK,DECLINED)
+AP_IMPLEMENT_HOOK_RUN_FIRST(conn_rec *,create_connection,
+ (apr_pool_t *p, server_rec *server, apr_socket_t *csd, long conn_id, void *sbh, apr_bucket_alloc_t *alloc),
+ (p, server, csd, conn_id, sbh, alloc), NULL)
AP_IMPLEMENT_HOOK_RUN_FIRST(int,process_connection,(conn_rec *c),(c),DECLINED)
-
+AP_IMPLEMENT_HOOK_RUN_ALL(int,pre_connection,(conn_rec *c, void *csd),(c, csd),OK,DECLINED)
/*
* More machine-dependent networking gooo... on some systems,
* you've got to be *really* sure that all the packets are acknowledged
#define MAX_SECS_TO_LINGER 30
#endif
-#ifdef USE_SO_LINGER
-#define NO_LINGCLOSE /* The two lingering options are exclusive */
-
-static void sock_enable_linger(int s)
-{
- struct linger li;
-
- li.l_onoff = 1;
- li.l_linger = MAX_SECS_TO_LINGER;
-
- if (setsockopt(s, SOL_SOCKET, SO_LINGER,
- (char *) &li, sizeof(struct linger)) < 0) {
- ap_log_error(APLOG_MARK, APLOG_WARNING, errno, server_conf,
- "setsockopt: (SO_LINGER)");
- /* not a fatal error */
- }
-}
-
-#else
-#define sock_enable_linger(s) /* NOOP */
-#endif /* USE_SO_LINGER */
-
AP_CORE_DECLARE(void) ap_flush_conn(conn_rec *c)
{
apr_bucket_brigade *bb;
apr_bucket *b;
- bb = apr_brigade_create(c->pool);
- b = apr_bucket_flush_create();
+ bb = apr_brigade_create(c->pool, c->bucket_alloc);
+
+ /* FLUSH bucket */
+ b = apr_bucket_flush_create(c->bucket_alloc);
+ APR_BRIGADE_INSERT_TAIL(bb, b);
+
+ /* End Of Connection bucket */
+ b = ap_bucket_eoc_create(c->bucket_alloc);
APR_BRIGADE_INSERT_TAIL(bb, b);
+
ap_pass_brigade(c->output_filters, bb);
}
AP_DECLARE(void) ap_lingering_close(conn_rec *c)
{
char dummybuf[512];
- apr_size_t nbytes = sizeof(dummybuf);
- apr_status_t rc;
- apr_int32_t timeout;
- apr_int32_t total_linger_time = 0;
- apr_socket_t *csd = c->client_socket;
+ apr_size_t nbytes;
+ apr_time_t timeup = 0;
+ apr_socket_t *csd = ap_get_module_config(c->conn_config, &core_module);
if (!csd) {
return;
ap_update_child_status(c->sbh, SERVER_CLOSING, NULL);
#ifdef NO_LINGCLOSE
- ap_flush_conn(c); /* just close it */
+ ap_flush_conn(c); /* just close it */
apr_socket_close(csd);
return;
#endif
/* Shut down the socket for write, which will send a FIN
* to the peer.
*/
- if (apr_shutdown(csd, APR_SHUTDOWN_WRITE) != APR_SUCCESS ||
- c->aborted) {
+ if (apr_socket_shutdown(csd, APR_SHUTDOWN_WRITE) != APR_SUCCESS
+ || c->aborted) {
apr_socket_close(csd);
return;
}
- /* Read all data from the peer until we reach "end-of-file" (FIN
- * from peer) or we've exceeded our overall timeout. If the client does
- * not send us bytes within 2 seconds (a value pulled from Apache 1.3
- * which seems to work well), close the connection.
+ /* Read available data from the client whilst it continues sending
+ * it, for a maximum time of MAX_SECS_TO_LINGER. If the client
+ * does not send any data within 2 seconds (a value pulled from
+ * Apache 1.3 which seems to work well), give up.
*/
- timeout = SECONDS_TO_LINGER * APR_USEC_PER_SEC;
- apr_setsocketopt(csd, APR_SO_TIMEOUT, timeout);
- apr_setsocketopt(csd, APR_INCOMPLETE_READ, 1);
- for (;;) {
- nbytes = sizeof(dummybuf);
- rc = apr_recv(csd, dummybuf, &nbytes);
- if (rc != APR_SUCCESS || nbytes == 0) break;
+ apr_socket_timeout_set(csd, apr_time_from_sec(SECONDS_TO_LINGER));
+ apr_socket_opt_set(csd, APR_INCOMPLETE_READ, 1);
- total_linger_time += SECONDS_TO_LINGER;
- if (total_linger_time >= MAX_SECS_TO_LINGER) {
+ /* The common path here is that the initial apr_socket_recv() call
+ * will return 0 bytes read; so that case must avoid the expensive
+ * apr_time_now() call and time arithmetic. */
+
+ do {
+ nbytes = sizeof(dummybuf);
+ if (apr_socket_recv(csd, dummybuf, &nbytes) || nbytes == 0)
break;
+
+ if (timeup == 0) {
+ /*
+ * First time through;
+ * calculate now + 30 seconds (MAX_SECS_TO_LINGER).
+ *
+ * If some module requested a shortened waiting period, only wait for
+ * 2s (SECONDS_TO_LINGER). This is useful for mitigating certain
+ * DoS attacks.
+ */
+ if (apr_table_get(c->notes, "short-lingering-close")) {
+ timeup = apr_time_now() + apr_time_from_sec(SECONDS_TO_LINGER);
+ }
+ else {
+ timeup = apr_time_now() + apr_time_from_sec(MAX_SECS_TO_LINGER);
+ }
+ continue;
}
- }
+ } while (apr_time_now() < timeup);
apr_socket_close(csd);
return;
}
-AP_CORE_DECLARE(void) ap_process_connection(conn_rec *c)
+AP_CORE_DECLARE(void) ap_process_connection(conn_rec *c, void *csd)
{
+ int rc;
ap_update_vhost_given_ip(c);
- ap_run_pre_connection(c);
+ rc = ap_run_pre_connection(c, csd);
+ if (rc != OK && rc != DONE) {
+ c->aborted = 1;
+ }
if (!c->aborted) {
ap_run_process_connection(c);
}
}
-AP_CORE_DECLARE(conn_rec *)ap_new_connection(apr_pool_t *ptrans, server_rec *server,
- apr_socket_t *csd, long id, void *sbh)
-{
- apr_status_t rv;
- conn_rec *c = (conn_rec *) apr_pcalloc(ptrans, sizeof(conn_rec));
-
- c->sbh = sbh;
- (void) ap_update_child_status(c->sbh, SERVER_BUSY_READ, (request_rec *) NULL);
-#ifdef AP_MPM_DISABLE_NAGLE_ACCEPTED_SOCK
- /* BillS says perhaps this should be moved to the MPMs. Some OSes
- * allow listening socket attributes to be inherited by the
- * accept sockets which means this call only needs to be made
- * once on the listener
- */
- ap_sock_disable_nagle(csd);
-#endif
-
- /* Got a connection structure, so initialize what fields we can
- * (the rest are zeroed out by pcalloc).
- */
- c->conn_config=ap_create_conn_config(ptrans);
- c->notes = apr_table_make(ptrans, 5);
-
- c->pool = ptrans;
- if ((rv = apr_socket_addr_get(&c->local_addr, APR_LOCAL, csd))
- != APR_SUCCESS) {
- ap_log_error(APLOG_MARK, APLOG_INFO, rv, server,
- "apr_socket_addr_get(APR_LOCAL)");
- apr_socket_close(csd);
- return NULL;
- }
- apr_sockaddr_ip_get(&c->local_ip, c->local_addr);
- if ((rv = apr_socket_addr_get(&c->remote_addr, APR_REMOTE, csd))
- != APR_SUCCESS) {
- ap_log_error(APLOG_MARK, APLOG_INFO, rv, server,
- "apr_socket_addr_get(APR_REMOTE)");
- apr_socket_close(csd);
- return NULL;
- }
- apr_sockaddr_ip_get(&c->remote_ip, c->remote_addr);
- c->base_server = server;
- c->client_socket = csd;
-
- c->id = id;
-
- return c;
-}