*/
/*
- * http_protocol.c --- routines which directly communicate with the client.
+ * protocol.c --- routines which directly communicate with the client.
*
* Code originally by Rob McCool; much redone by Robert S. Thau
* and the Apache Software Foundation.
#endif
+APLOG_USE_MODULE(core);
+
APR_HOOK_STRUCT(
+ APR_HOOK_LINK(pre_read_request)
APR_HOOK_LINK(post_read_request)
APR_HOOK_LINK(log_transaction)
APR_HOOK_LINK(http_scheme)
APR_HOOK_LINK(default_port)
+ APR_HOOK_LINK(note_auth_failure)
)
AP_DECLARE_DATA ap_filter_rec_t *ap_old_write_func = NULL;
*read = bytes_handled;
/* PR#43039: We shouldn't accept NULL bytes within the line */
- if (strlen(*s) < bytes_handled - 1) {
+ if (strlen(*s) < bytes_handled) {
return APR_EINVAL;
}
}
} while ((len <= 0) && (++num_blank_lines < max_blank_lines));
+ if (APLOGrtrace5(r)) {
+ ap_log_rerror(APLOG_MARK, APLOG_TRACE5, 0, r,
+ "Request received from client: %s",
+ ap_escape_logitem(r->pool, r->the_request));
+ }
+
/* we've probably got something to do, ignore graceful restart requests */
r->request_time = apr_time_now();
}
}
+ /* Combine multiple message-header fields with the same
+ * field-name, following RFC 2616, 4.2.
+ */
apr_table_compress(r->headers_in, APR_OVERLAP_TABLES_MERGE);
}
tmp_bb = apr_brigade_create(r->pool, r->connection->bucket_alloc);
+ ap_run_pre_read_request(r, conn);
+
/* Get the request... */
if (!read_request_line(r, tmp_bb)) {
if (r->status == HTTP_REQUEST_URI_TOO_LARGE
}
else if (r->status == HTTP_REQUEST_TIME_OUT) {
ap_update_child_status(conn->sbh, SERVER_BUSY_LOG, r);
- ap_run_log_transaction(r);
+ if (!r->connection->keepalives) {
+ ap_run_log_transaction(r);
+ }
apr_brigade_destroy(tmp_bb);
goto traceout;
}
return r;
}
-/* if a request with a body creates a subrequest, clone the original request's
- * input headers minus any headers pertaining to the body which has already
- * been read. out-of-line helper function for ap_set_sub_req_protocol.
+/* if a request with a body creates a subrequest, remove original request's
+ * input headers which pertain to the body which has already been read.
+ * out-of-line helper function for ap_set_sub_req_protocol.
*/
-static void clone_headers_no_body(request_rec *rnew,
- const request_rec *r)
+static void strip_headers_request_body(request_rec *rnew)
{
- rnew->headers_in = apr_table_copy(rnew->pool, r->headers_in);
apr_table_unset(rnew->headers_in, "Content-Encoding");
apr_table_unset(rnew->headers_in, "Content-Language");
apr_table_unset(rnew->headers_in, "Content-Length");
rnew->status = HTTP_OK;
+ rnew->headers_in = apr_table_copy(rnew->pool, r->headers_in);
+
/* did the original request have a body? (e.g. POST w/SSI tags)
* if so, make sure the subrequest doesn't inherit body headers
*/
if (!r->kept_body && (apr_table_get(r->headers_in, "Content-Length")
|| apr_table_get(r->headers_in, "Transfer-Encoding"))) {
- clone_headers_no_body(rnew, r);
- } else {
- /* no body (common case). clone headers the cheap way */
- rnew->headers_in = r->headers_in;
+ strip_headers_request_body(rnew);
}
rnew->subprocess_env = apr_table_copy(rnew->pool, r->subprocess_env);
rnew->headers_out = apr_table_make(rnew->pool, 5);
{
const char *type = ap_auth_type(r);
if (type) {
- if (!strcasecmp(type, "Basic"))
- ap_note_basic_auth_failure(r);
- else if (!strcasecmp(type, "Digest"))
- ap_note_digest_auth_failure(r);
+ ap_run_note_auth_failure(r, type);
}
else {
ap_log_rerror(APLOG_MARK, APLOG_ERR,
AP_DECLARE(void) ap_note_basic_auth_failure(request_rec *r)
{
- const char *type = ap_auth_type(r);
-
- /* if there is no AuthType configure or it is something other than
- * Basic, let ap_note_auth_failure() deal with it
- */
- if (!type || strcasecmp(type, "Basic"))
- ap_note_auth_failure(r);
- else
- apr_table_setn(r->err_headers_out,
- (PROXYREQ_PROXY == r->proxyreq) ? "Proxy-Authenticate"
- : "WWW-Authenticate",
- apr_pstrcat(r->pool, "Basic realm=\"", ap_auth_name(r),
- "\"", NULL));
+ ap_note_auth_failure(r);
}
AP_DECLARE(void) ap_note_digest_auth_failure(request_rec *r)
{
- apr_table_setn(r->err_headers_out,
- (PROXYREQ_PROXY == r->proxyreq) ? "Proxy-Authenticate"
- : "WWW-Authenticate",
- apr_psprintf(r->pool, "Digest realm=\"%s\", nonce=\""
- "%" APR_UINT64_T_HEX_FMT "\"",
- ap_auth_name(r), (apr_uint64_t)r->request_time));
+ ap_note_auth_failure(r);
}
AP_DECLARE(int) ap_get_basic_auth_pw(request_rec *r, const char **pw)
}
if (!auth_line) {
- ap_note_basic_auth_failure(r);
+ ap_note_auth_failure(r);
return HTTP_UNAUTHORIZED;
}
/* Client tried to authenticate using wrong auth scheme */
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"client used wrong authentication scheme: %s", r->uri);
- ap_note_basic_auth_failure(r);
+ ap_note_auth_failure(r);
return HTTP_UNAUTHORIZED;
}
return;
}
if (!ap_is_HTTP_INFO(r->status)) {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, NULL,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
"Status is %d - not sending interim response", r->status);
return;
}
}
+AP_IMPLEMENT_HOOK_VOID(pre_read_request,
+ (request_rec *r, conn_rec *c),
+ (r, c))
AP_IMPLEMENT_HOOK_RUN_ALL(int,post_read_request,
(request_rec *r), (r), OK, DECLINED)
AP_IMPLEMENT_HOOK_RUN_ALL(int,log_transaction,
(const request_rec *r), (r), NULL)
AP_IMPLEMENT_HOOK_RUN_FIRST(unsigned short,default_port,
(const request_rec *r), (r), 0)
+AP_IMPLEMENT_HOOK_RUN_FIRST(int, note_auth_failure,
+ (request_rec *r, const char *auth_type),
+ (r, auth_type), DECLINED)