* check_user_id --- get and validate user id from the HTTP request
* auth_checker --- see if the user (from check_user_id) is OK *here*.
* If all of *these* decline, the request is rejected
- * (as a SERVER_ERROR, since the module which was
- * supposed to handle this was configured wrong).
+ * (as a HTTP_INTERNAL_SERVER_ERROR, since the module
+ * which was suppsoed to handle this was configured
+ * wrong).
* type_checker --- Determine MIME type of the requested entity;
* sets content_type, _encoding and _language fields.
*/
API_EXPORT(unsigned long) ap_get_limit_req_body(const request_rec *r);
API_EXPORT(void) ap_custom_response(request_rec *r, int status, char *string);
API_EXPORT(int) ap_exists_config_define(const char *name);
-API_EXPORT_NONSTD(int) ap_core_translate(request_rec *r);
+API_EXPORT(int) ap_core_translate(request_rec *r);
/* Authentication stuff. This is one of the places where compatibility
* with the old config files *really* hurts; they don't discriminate at
/* Set last modified header line from the lastmod date of the associated file.
* Also, set content length.
*
- * May return an error status, typically USE_LOCAL_COPY (that when the
+ * May return an error status, typically HTTP_NOT_MODIFIED (that when the
* permit_cache argument is set to one).
*/
*
* get_basic_auth_pw returns 0 (OK) if it set the 'pw' argument (and assured
* a correct value in r->connection->user); otherwise it returns an error
- * code, either SERVER_ERROR if things are really confused, AUTH_REQUIRED
- * if no authentication at all seemed to be in use, or DECLINED if there
- * was authentication but it wasn't Basic (in which case, the caller should
- * presumably decline as well).
+ * code, either HTTP_INTERNAL_SERVER_ERROR if things are really confused,
+ * HTTP_UNAUTHORIZED if no authentication at all seemed to be in use, or
+ * DECLINED if there was authentication but it wasn't Basic (in which case,
+ * the caller should presumably decline as well).
*
* note_basic_auth_failure arranges for the right stuff to be scribbled on
* the HTTP return so that the client knows how to authenticate itself the
#define HTTP_INSUFFICIENT_STORAGE 507
#define HTTP_NOT_EXTENDED 510
-#define DOCUMENT_FOLLOWS HTTP_OK
-#define PARTIAL_CONTENT HTTP_PARTIAL_CONTENT
-#define MULTIPLE_CHOICES HTTP_MULTIPLE_CHOICES
-#define MOVED HTTP_MOVED_PERMANENTLY
-#define REDIRECT HTTP_MOVED_TEMPORARILY
-#define USE_LOCAL_COPY HTTP_NOT_MODIFIED
-#define BAD_REQUEST HTTP_BAD_REQUEST
-#define AUTH_REQUIRED HTTP_UNAUTHORIZED
-#define FORBIDDEN HTTP_FORBIDDEN
-#define NOT_FOUND HTTP_NOT_FOUND
-#define METHOD_NOT_ALLOWED HTTP_METHOD_NOT_ALLOWED
-#define NOT_ACCEPTABLE HTTP_NOT_ACCEPTABLE
-#define LENGTH_REQUIRED HTTP_LENGTH_REQUIRED
-#define PRECONDITION_FAILED HTTP_PRECONDITION_FAILED
-#define SERVER_ERROR HTTP_INTERNAL_SERVER_ERROR
-#define NOT_IMPLEMENTED HTTP_NOT_IMPLEMENTED
-#define BAD_GATEWAY HTTP_BAD_GATEWAY
-#define VARIANT_ALSO_VARIES HTTP_VARIANT_ALSO_VARIES
-
#define ap_is_HTTP_INFO(x) (((x) >= 100)&&((x) < 200))
#define ap_is_HTTP_SUCCESS(x) (((x) >= 200)&&((x) < 300))
#define ap_is_HTTP_REDIRECT(x) (((x) >= 300)&&((x) < 400))
handler like this the handler should set r->allowed to the list
of methods that it is willing to handle. This bitvector is used
to construct the "Allow:" header required for OPTIONS requests,
- and METHOD_NOT_ALLOWED and NOT_IMPLEMENTED status codes.
+ and HTTP_METHOD_NOT_ALLOWED and HTTP_NOT_IMPLEMENTED status codes.
Since the default_handler deals with OPTIONS, all modules can
usually decline to deal with OPTIONS. TRACE is always allowed,
Since the default_handler will always handle a GET, a
module which does *not* implement GET should probably return
- METHOD_NOT_ALLOWED. Unfortunately this means that a Script GET
+ HTTP_METHOD_NOT_ALLOWED. Unfortunately this means that a Script GET
handler can't be installed by mod_actions.
*/
int allowed; /* Allowed methods - for 405, OPTIONS, etc */
int ret = OK;
if (a->order[method] == ALLOW_THEN_DENY) {
- ret = FORBIDDEN;
+ ret = HTTP_FORBIDDEN;
if (find_allowdeny(r, a->allows, method))
ret = OK;
if (find_allowdeny(r, a->denys, method))
- ret = FORBIDDEN;
+ ret = HTTP_FORBIDDEN;
}
else if (a->order[method] == DENY_THEN_ALLOW) {
if (find_allowdeny(r, a->denys, method))
- ret = FORBIDDEN;
+ ret = HTTP_FORBIDDEN;
if (find_allowdeny(r, a->allows, method))
ret = OK;
}
&& !find_allowdeny(r, a->denys, method))
ret = OK;
else
- ret = FORBIDDEN;
+ ret = HTTP_FORBIDDEN;
}
- if (ret == FORBIDDEN
+ if (ret == HTTP_FORBIDDEN
&& (ap_satisfies(r) != SATISFY_ANY || !ap_some_auth_required(r))) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"client denied by server configuration: %s",
}
/* These functions return 0 if client is OK, and proper error status
- * if not... either AUTH_REQUIRED, if we made a check, and it failed, or
- * SERVER_ERROR, if things are so totally confused that we couldn't
- * figure out how to tell if the client is authorized or not.
+ * if not... either HTTP_UNAUTHORIZED, if we made a check, and it failed, or
+ * HTTP_INTERNAL_SERVER_ERROR, if things are so totally confused that we
+ * couldn't figure out how to tell if the client is authorized or not.
*
* If they return DECLINED, and all other modules also decline, that's
* treated by the server core as a configuration error, logged and
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"user %s not found: %s", r->user, r->uri);
ap_note_basic_auth_failure(r);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
invalid_pw = ap_validate_password(sent_pw, real_pw);
if (invalid_pw != APR_SUCCESS) {
"Password Mismatch",
r->user, r->uri);
ap_note_basic_auth_failure(r);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
return OK;
}
r->uri, user);
ap_note_basic_auth_failure(r);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
static void register_hooks(void)
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, APR_SUCCESS, r,
"Anonymous: Authoritative, Passwd <%s> not accepted",
sent_pw ? sent_pw : "\'none\'");
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
/* Drop out the bottom to return DECLINED */
}
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"DB user %s not found: %s", r->user, r->filename);
ap_note_basic_auth_failure(r);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
/* Password is up to first : if exists */
colon_pw = strchr(real_pw, ':');
"Password Mismatch",
r->user, r->uri);
ap_note_basic_auth_failure(r);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
return OK;
}
"user %s not in DB group file %s: %s",
user, sec->auth_dbgrpfile, r->filename);
ap_note_basic_auth_failure(r);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
orig_groups = groups;
while (t[0]) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"user %s not in right group: %s", user, r->filename);
ap_note_basic_auth_failure(r);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
}
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"DBM user %s not found: %s", r->user, r->filename);
ap_note_basic_auth_failure(r);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
/* Password is up to first : if exists */
colon_pw = strchr(real_pw, ':');
"Password Mismatch",
r->user, r->uri);
ap_note_basic_auth_failure(r);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
return OK;
}
"user %s not in DBM group file %s: %s",
user, sec->auth_dbmgrpfile, r->filename);
ap_note_basic_auth_failure(r);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
orig_groups = groups;
while (t[0]) {
"user %s not in right group: %s",
user, r->filename);
ap_note_basic_auth_failure(r);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
}
"Digest: invalid nonce %s received - length is not %d",
resp->nonce, NONCE_LEN);
note_digest_auth_failure(r, conf, resp, 1);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
tmp = resp->nonce[NONCE_TIME_LEN];
"Digest: invalid nonce %s received - hash is not %s",
resp->nonce, hash);
note_digest_auth_failure(r, conf, resp, 1);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
dt = r->request_time - nonce_time.time;
"Digest: invalid nonce %s received - user attempted "
"time travel", resp->nonce);
note_digest_auth_failure(r, conf, resp, 1);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
if (conf->nonce_lifetime > 0) {
r->user, ((double)dt)/AP_USEC_PER_SEC,
((double)(conf->nonce_lifetime))/AP_USEC_PER_SEC);
note_digest_auth_failure(r, conf, resp, 1);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
}
else if (conf->nonce_lifetime == 0 && resp->client) {
"Digest: user %s: one-time-nonce mismatch - sending "
"new nonce", r->user);
note_digest_auth_failure(r, conf, resp, 1);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
}
/* else (lifetime < 0) => never expires */
}
/* These functions return 0 if client is OK, and proper error status
- * if not... either AUTH_REQUIRED, if we made a check, and it failed, or
- * SERVER_ERROR, if things are so totally confused that we couldn't
- * figure out how to tell if the client is authorized or not.
+ * if not... either HTTP_UNAUTHORIZED, if we made a check, and it failed, or
+ * HTTP_INTERNAL_SERVER_ERROR, if things are so totally confused that we
+ * couldn't figure out how to tell if the client is authorized or not.
*
* If they return DECLINED, and all other modules also decline, that's
* treated by the server core as a configuration error, logged and
if (!ap_auth_name(r)) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"Digest: need AuthName: %s", r->uri);
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
r->uri);
/* else (resp->auth_hdr_sts == NO_HEADER) */
note_digest_auth_failure(r, conf, resp, 0);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
r->user = (char *) resp->username;
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"Digest: invalid uri <%s> in Authorization header",
resp->uri);
- return BAD_REQUEST;
+ return HTTP_BAD_REQUEST;
}
if (d_uri.hostname)
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"Digest: uri mismatch - <%s> does not match "
"request-uri <%s>", resp->uri, r_uri.hostinfo);
- return BAD_REQUEST;
+ return HTTP_BAD_REQUEST;
}
}
else if (
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"Digest: uri mismatch - <%s> does not match "
"request-uri <%s>", resp->uri, resp->raw_request_uri);
- return BAD_REQUEST;
+ return HTTP_BAD_REQUEST;
}
}
"Digest: received invalid opaque - got `%s'",
resp->opaque);
note_digest_auth_failure(r, conf, resp, 0);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
if (strcmp(resp->realm, conf->realm)) {
"Digest: realm mismatch - got `%s' but expected `%s'",
resp->realm, conf->realm);
note_digest_auth_failure(r, conf, resp, 0);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
if (resp->algorithm != NULL
"Digest: unknown algorithm `%s' received: %s",
resp->algorithm, r->uri);
note_digest_auth_failure(r, conf, resp, 0);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
if (!conf->pwfile)
"Digest: user `%s' in realm `%s' not found: %s",
r->user, conf->realm, r->uri);
note_digest_auth_failure(r, conf, resp, 0);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
"Digest: user %s: password mismatch: %s", r->user,
r->uri);
note_digest_auth_failure(r, conf, resp, 0);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
}
else {
"Digest: invalid qop `%s' received: %s",
resp->message_qop, r->uri);
note_digest_auth_failure(r, conf, resp, 0);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
exp_digest = new_digest(r, resp, conf);
if (!exp_digest) {
/* we failed to allocate a client struct */
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
if (strcmp(resp->digest, exp_digest)) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"Digest: user %s: password mismatch: %s", r->user,
r->uri);
note_digest_auth_failure(r, conf, resp, 0);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
}
if (check_nc(r, resp, conf) != OK) {
note_digest_auth_failure(r, conf, resp, 0);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
/* Note: this check is done last so that a "stale=true" can be
(digest_header_rec *) ap_get_module_config(r->request_config,
&auth_digest_module),
0);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
/* Use similar restrictions as CGIs */
if (!(ap_allow_options(r) & OPT_EXECCGI))
- return FORBIDDEN;
+ return HTTP_FORBIDDEN;
if (r->finfo.protection == 0)
- return NOT_FOUND;
+ return HTTP_NOT_FOUND;
if (r->finfo.filetype == APR_DIR)
- return FORBIDDEN;
+ return HTTP_FORBIDDEN;
/* Load the module */
rv = GetLastError();
ap_log_rerror(APLOG_MARK, APLOG_ALERT, rv, r,
"Could not load DLL: %s", r->filename);
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
if (!(isapi_version =
"Could not load DLL %s symbol GetExtensionVersion()",
r->filename);
FreeLibrary(isapi_handle);
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
if (!(isapi_entry =
"Could not load DLL %s symbol HttpExtensionProc()",
r->filename);
FreeLibrary(isapi_handle);
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
/* TerminateExtension() is an optional interface */
/* Run GetExtensionVersion() */
if (!(*isapi_version)(pVer)) {
- ap_log_rerror(APLOG_MARK, APLOG_ALERT, SERVER_ERROR, r,
+ /* ### euh... we're passing the wrong type of error code here */
+ ap_log_rerror(APLOG_MARK, APLOG_ALERT, HTTP_INTERNAL_SERVER_ERROR, r,
"ISAPI %s GetExtensionVersion() call failed", r->filename);
FreeLibrary(isapi_handle);
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
/* Set up variables */
if ((read = ap_get_client_block(r, ecb->lpbData, to_read)) < 0) {
if (isapi_term) (*isapi_term)(HSE_TERM_MUST_UNLOAD);
FreeLibrary(isapi_handle);
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
/* Although its not to spec, IIS seems to null-terminate
return OK;
case HSE_STATUS_PENDING: /* We don't support this */
- rv = APR_ENOTIMPL;
- ap_log_rerror(APLOG_MARK, APLOG_WARNING, SERVER_ERROR, r,
- "ISAPI asynchronous I/O not supported: %s", r->filename);
+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, APR_ENOTIMPL, r,
+ "ISAPI asynchronous I/O not supported: %s", r->filename);
+ /* fallthrough */
case HSE_STATUS_ERROR:
default:
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
}
* is done.
*/
ap_table_set (r->headers_out, "Location", lpvBuffer);
- cid->status = cid->r->status = cid->ecb->dwHttpStatusCode = REDIRECT;
+ cid->status = cid->r->status = cid->ecb->dwHttpStatusCode =
+ HTTP_MOVED_TEMPORARILY;
return TRUE;
case HSE_REQ_SEND_URL:
if (!(value = strchr(data, ':'))) {
SetLastError(TODO_ERROR);
- ap_log_rerror(APLOG_MARK, APLOG_ERR, SERVER_ERROR, r,
- "ISA sent invalid headers", r->filename);
+ /* ### euh... we're passing the wrong type of error
+ ### code here */
+ ap_log_rerror(APLOG_MARK, APLOG_ERR,
+ HTTP_INTERNAL_SERVER_ERROR, r,
+ "ISA sent invalid headers", r->filename);
return FALSE;
}
/* We don't support all this async I/O, Microsoft-specific stuff */
case HSE_REQ_IO_COMPLETION:
case HSE_REQ_TRANSMIT_FILE:
- ap_log_rerror(APLOG_MARK, APLOG_WARNING, SERVER_ERROR, r,
- "ISAPI asynchronous I/O not supported: %s", r->filename);
+ /* ### euh... we're passing the wrong type of error code here */
+ ap_log_rerror(APLOG_MARK, APLOG_WARNING,
+ HTTP_INTERNAL_SERVER_ERROR, r,
+ "ISAPI asynchronous I/O not supported: %s",
+ r->filename);
default:
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
if ((r->uri[0] != '/') && strcmp(r->uri, "*")) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"Invalid URI in request %s", r->the_request);
- return BAD_REQUEST;
+ return HTTP_BAD_REQUEST;
}
if (r->server->path
if (r->finfo.protection == 0) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"File does not exist: %s", r->filename);
- return NOT_FOUND;
+ return HTTP_NOT_FOUND;
}
if ((status = ap_open(&f, r->filename, APR_READ,
APR_OS_DEFAULT, r->pool)) != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r,
"file permissions deny server access: %s", r->filename);
- return FORBIDDEN;
+ return HTTP_FORBIDDEN;
}
ap_scan_script_header_err(r, f, NULL);
nph = !(strncmp(argv0, "nph-", 4));
if (!(ap_allow_options(r) & OPT_EXECCGI) && !is_scriptaliased(r))
- return log_scripterror(r, conf, FORBIDDEN, APLOG_NOERRNO,
+ return log_scripterror(r, conf, HTTP_FORBIDDEN, APLOG_NOERRNO,
"Options ExecCGI is off in this directory");
if (nph && is_included)
- return log_scripterror(r, conf, FORBIDDEN, APLOG_NOERRNO,
+ return log_scripterror(r, conf, HTTP_FORBIDDEN, APLOG_NOERRNO,
"attempt to include NPH CGI script");
#if defined(OS2) || defined(WIN32)
newfile = ap_pstrcat(r->pool, r->filename, ".EXE", NULL);
if ((ap_stat(&finfo, newfile, r->pool) != APR_SUCCESS) ||
(finfo.filetype != APR_REG)) {
- return log_scripterror(r, conf, NOT_FOUND, 0,
+ return log_scripterror(r, conf, HTTP_NOT_FOUND, 0,
"script not found or unable to stat");
} else {
r->filename = newfile;
}
#else
if (r->finfo.protection == 0)
- return log_scripterror(r, conf, NOT_FOUND, APLOG_NOERRNO,
+ return log_scripterror(r, conf, HTTP_NOT_FOUND, APLOG_NOERRNO,
"script not found or unable to stat");
#endif
if (r->finfo.filetype == APR_DIR)
- return log_scripterror(r, conf, FORBIDDEN, APLOG_NOERRNO,
+ return log_scripterror(r, conf, HTTP_FORBIDDEN, APLOG_NOERRNO,
"attempt to invoke directory as script");
/*
if (!ap_suexec_enabled) {
if (!ap_can_exec(&r->finfo))
- return log_scripterror(r, conf, FORBIDDEN, APLOG_NOERRNO,
+ return log_scripterror(r, conf, HTTP_FORBIDDEN, APLOG_NOERRNO,
"file permissions deny server execution");
}
/* XX Note that if a script wants to produce its own Redirect
* body, it now has to explicitly *say* "Status: 302"
*/
- return REDIRECT;
+ return HTTP_MOVED_TEMPORARILY;
}
ap_send_http_header(r);
argv0 = r->filename;
if (!(ap_allow_options(r) & OPT_EXECCGI) && !is_scriptaliased(r))
- return log_scripterror(r, conf, FORBIDDEN, APLOG_NOERRNO,
+ return log_scripterror(r, conf, HTTP_FORBIDDEN, APLOG_NOERRNO,
"Options ExecCGI is off in this directory");
if (nph && is_included)
- return log_scripterror(r, conf, FORBIDDEN, APLOG_NOERRNO,
+ return log_scripterror(r, conf, HTTP_FORBIDDEN, APLOG_NOERRNO,
"attempt to include NPH CGI script");
#if defined(OS2) || defined(WIN32)
newfile = ap_pstrcat(r->pool, r->filename, ".EXE", NULL);
if ((stat(newfile, &statbuf) != 0) || (!S_ISREG(statbuf.st_mode))) {
- return log_scripterror(r, conf, NOT_FOUND, 0,
+ return log_scripterror(r, conf, HTTP_NOT_FOUND, 0,
"script not found or unable to stat");
} else {
r->filename = newfile;
}
#else
if (r->finfo.protection == 0)
- return log_scripterror(r, conf, NOT_FOUND, APLOG_NOERRNO,
+ return log_scripterror(r, conf, HTTP_NOT_FOUND, APLOG_NOERRNO,
"script not found or unable to stat");
#endif
if (r->finfo.filetype == APR_DIR)
- return log_scripterror(r, conf, FORBIDDEN, APLOG_NOERRNO,
+ return log_scripterror(r, conf, HTTP_FORBIDDEN, APLOG_NOERRNO,
"attempt to invoke directory as script");
/*
if (!ap_suexec_enabled) {
if (!ap_can_exec(&r->finfo))
- return log_scripterror(r, conf, FORBIDDEN, APLOG_NOERRNO,
+ return log_scripterror(r, conf, HTTP_FORBIDDEN, APLOG_NOERRNO,
"file permissions deny server execution");
}
*/
env = ap_create_environment(r->pool, r->subprocess_env);
if ((sd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
- return log_scripterror(r, conf, NOT_FOUND, 0,
+ return log_scripterror(r, conf, HTTP_NOT_FOUND, 0,
"unable to create socket to cgi daemon");
}
memset(&unix_addr, 0, sizeof(unix_addr));
strcpy(unix_addr.sun_path, conf->sockname);
if (connect(sd, (struct sockaddr *)&unix_addr, sizeof(unix_addr)) < 0) {
- return log_scripterror(r, conf, NOT_FOUND, 0,
+ return log_scripterror(r, conf, HTTP_NOT_FOUND, 0,
"unable to connect to cgi daemon");
}
/* XX Note that if a script wants to produce its own Redirect
* body, it now has to explicitly *say* "Status: 302"
*/
- return REDIRECT;
+ return HTTP_MOVED_TEMPORARILY;
}
ap_send_http_header(r);
* Core handlers for various phases of server operation...
*/
-API_EXPORT_NONSTD(int) ap_core_translate(request_rec *r)
+API_EXPORT(int) ap_core_translate(request_rec *r)
{
void *sconf = r->server->module_config;
core_server_config *conf = ap_get_module_config(sconf, &core_module);
if ((r->uri[0] != '/') && strcmp(r->uri, "*")) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"Invalid URI in request %s", r->the_request);
- return BAD_REQUEST;
+ return HTTP_BAD_REQUEST;
}
if (r->server->path
if (r->method_number == M_INVALID) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"Invalid method in request %s", r->the_request);
- return NOT_IMPLEMENTED;
+ return HTTP_NOT_IMPLEMENTED;
}
if (r->method_number == M_OPTIONS) {
return ap_send_http_options(r);
}
if (r->method_number == M_PUT) {
- return METHOD_NOT_ALLOWED;
+ return HTTP_METHOD_NOT_ALLOWED;
}
if (r->finfo.protection == 0 || (r->path_info && *r->path_info)) {
ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, r,
return HTTP_NOT_FOUND;
}
if (r->method_number != M_GET) {
- return METHOD_NOT_ALLOWED;
+ return HTTP_METHOD_NOT_ALLOWED;
}
if ((status = ap_open(&fd, r->filename, APR_READ | APR_BINARY, 0, r->pool)) != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r,
"file permissions deny server access: %s", r->filename);
- return FORBIDDEN;
+ return HTTP_FORBIDDEN;
}
ap_update_mtime(r, r->finfo.mtime);
ap_set_last_modified(r);
* - return type
*/
static const char *make_content_type(request_rec *r, const char *type) {
- char *needcset[] = {
+ static const char *needcset[] = {
"text/plain",
"text/html",
NULL };
- char **pcset;
+ const char **pcset;
core_dir_config *conf = (core_dir_config *)ap_get_module_config(
r->per_dir_config, &core_module);
- if (!type) type = ap_default_type(r);
- if (conf->add_default_charset != ADD_DEFAULT_CHARSET_ON) return type;
+
+ if (!type)
+ type = ap_default_type(r);
+ if (conf->add_default_charset != ADD_DEFAULT_CHARSET_ON)
+ return type;
if (ap_strcasestr(type, "charset=") != NULL) {
/* already has parameter, do nothing */
ap_psprintf(r->pool, "%ld", tlength));
}
- r->status = PARTIAL_CONTENT;
+ r->status = HTTP_PARTIAL_CONTENT;
r->range = range + 6;
return 1;
rnew->the_request = r->the_request; /* Keep original request-line */
rnew->assbackwards = 1; /* Don't send headers from this. */
- rnew->no_local_copy = 1; /* Don't try to send USE_LOCAL_COPY for a
+ rnew->no_local_copy = 1; /* Don't try to send HTTP_NOT_MODIFIED for a
* fragment. */
rnew->method = "GET";
rnew->method_number = M_GET;
if (!ap_auth_name(r)) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR,
0, r, "need AuthName: %s", r->uri);
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
if (!auth_line) {
ap_note_basic_auth_failure(r);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
if (strcasecmp(ap_getword(r->pool, &auth_line, ' '), "Basic")) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"client used wrong authentication scheme: %s", r->uri);
ap_note_basic_auth_failure(r);
- return AUTH_REQUIRED;
+ return HTTP_UNAUTHORIZED;
}
/* APACHE_XLATE Issue's here ?!? Compare with 32/9 instead
r->clength = 0;
r->content_type = "text/html; charset=iso-8859-1";
- if ((status == METHOD_NOT_ALLOWED) || (status == NOT_IMPLEMENTED))
+ if ((status == HTTP_METHOD_NOT_ALLOWED)
+ || (status == HTTP_NOT_IMPLEMENTED)) {
ap_table_setn(r->headers_out, "Allow", make_allow(r));
+ }
ap_send_http_header(r);
"configure your client to use that proxy.<P>\n", NULL);
break;
case HTTP_PROXY_AUTHENTICATION_REQUIRED:
- case AUTH_REQUIRED:
+ case HTTP_UNAUTHORIZED:
ap_rputs("This server could not verify that you\n"
"are authorized to access the document\n"
"requested. Either you supplied the wrong\n"
"browser doesn't understand how to supply\n"
"the credentials required.<P>\n", r);
break;
- case BAD_REQUEST:
+ case HTTP_BAD_REQUEST:
ap_rputs("Your browser sent a request that "
"this server could not understand.<P>\n", r);
if ((error_notes = ap_table_get(r->notes, "error-notes")) != NULL) {
ap_escape_html(r->pool, r->uri),
"\non this server.<P>\n", NULL);
break;
- case NOT_FOUND:
+ case HTTP_NOT_FOUND:
ap_rvputs(r, "The requested URL ",
ap_escape_html(r->pool, r->uri),
" was not found on this server.<P>\n", NULL);
break;
- case METHOD_NOT_ALLOWED:
+ case HTTP_METHOD_NOT_ALLOWED:
ap_rvputs(r, "The requested method ", r->method,
" is not allowed "
"for the URL ", ap_escape_html(r->pool, r->uri),
".<P>\n", NULL);
break;
- case NOT_ACCEPTABLE:
+ case HTTP_NOT_ACCEPTABLE:
ap_rvputs(r,
"An appropriate representation of the "
"requested resource ",
ap_escape_html(r->pool, r->uri),
" could not be found on this server.<P>\n", NULL);
/* fall through */
- case MULTIPLE_CHOICES:
+ case HTTP_MULTIPLE_CHOICES:
{
const char *list;
if ((list = ap_table_get(r->notes, "variant-list")))
ap_rputs(list, r);
}
break;
- case LENGTH_REQUIRED:
+ case HTTP_LENGTH_REQUIRED:
ap_rvputs(r, "A request of the requested method ", r->method,
" requires a valid Content-length.<P>\n", NULL);
if ((error_notes = ap_table_get(r->notes, "error-notes")) != NULL) {
ap_rvputs(r, error_notes, "<P>\n", NULL);
}
break;
- case PRECONDITION_FAILED:
+ case HTTP_PRECONDITION_FAILED:
ap_rvputs(r, "The precondition on the request for the URL ",
ap_escape_html(r->pool, r->uri),
" evaluated to false.<P>\n", NULL);
ap_rvputs(r, error_notes, "<P>\n", NULL);
}
break;
- case BAD_GATEWAY:
+ case HTTP_BAD_GATEWAY:
ap_rputs("The proxy server received an invalid" CRLF
"response from an upstream server.<P>" CRLF, r);
if ((error_notes = ap_table_get(r->notes, "error-notes")) != NULL) {
ap_rvputs(r, error_notes, "<P>\n", NULL);
}
break;
- case VARIANT_ALSO_VARIES:
+ case HTTP_VARIANT_ALSO_VARIES:
ap_rvputs(r, "A variant for the requested resource\n<PRE>\n",
ap_escape_html(r->pool, r->uri),
"\n</PRE>\nis itself a negotiable resource. "
* about proxy authentication. They treat it like normal auth, and then
* we tweak the status.
*/
- if (r->status == AUTH_REQUIRED && r->proxyreq) {
+ if (r->status == HTTP_UNAUTHORIZED && r->proxyreq) {
r->status = HTTP_PROXY_AUTHENTICATION_REQUIRED;
}
* But note that the client will ultimately see the wrong
* status...
*/
- r->status = REDIRECT;
+ r->status = HTTP_MOVED_TEMPORARILY;
ap_table_setn(r->headers_out, "Location", custom_response);
}
else if (custom_response[0] == '/') {
const char *error_notes;
- r->no_local_copy = 1; /* Do NOT send USE_LOCAL_COPY for
+ r->no_local_copy = 1; /* Do NOT send HTTP_NOT_MODIFIED for
* error documents! */
/*
* This redirect needs to be a GET no matter what the original
* Dumb user has given us a bad url to redirect to --- fake up
* dying with a recursive server error...
*/
- recursive_error = SERVER_ERROR;
+ recursive_error = HTTP_INTERNAL_SERVER_ERROR;
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"Invalid error redirection directive: %s",
custom_response);
if (status == DECLINED) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_CRIT, 0, r,
"configuration error: couldn't %s: %s", phase, r->uri);
- ap_die(SERVER_ERROR, r);
+ ap_die(HTTP_INTERNAL_SERVER_ERROR, r);
}
else
ap_die(status, r);
if (r->finfo.protection == 0) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"File does not exist: %s", r->filename);
- return NOT_FOUND;
+ return HTTP_NOT_FOUND;
}
}
static int imap_reply(request_rec *r, char *redirect)
{
if (!strcasecmp(redirect, "error")) {
- return SERVER_ERROR; /* they actually requested an error! */
+ /* they actually requested an error! */
+ return HTTP_INTERNAL_SERVER_ERROR;
}
if (!strcasecmp(redirect, "nocontent")) {
- return HTTP_NO_CONTENT; /* tell the client to keep the page it has */
+ /* tell the client to keep the page it has */
+ return HTTP_NO_CONTENT;
}
if (redirect && *redirect) {
+ /* must be a URL, so redirect to it */
ap_table_setn(r->headers_out, "Location", redirect);
- return REDIRECT; /* must be a URL, so redirect to it */
+ return HTTP_MOVED_TEMPORARILY;
}
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
static void menu_header(request_rec *r, char *menu)
status = ap_pcfg_openfile(&imap, r->pool, r->filename);
if (status != APR_SUCCESS) {
- return NOT_FOUND;
+ return HTTP_NOT_FOUND;
}
base = imap_url(r, NULL, imap_base); /* set base according
const char *body;
if (body1 == NULL) {
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
strip_paren_comments(body1);
/* Called if we got a "Choice" response from the variant selection algorithm.
* It checks the result of the chosen variant to see if it
- * is itself negotiated (if so, return error VARIANT_ALSO_VARIES).
+ * is itself negotiated (if so, return error HTTP_VARIANT_ALSO_VARIES).
* Otherwise, add the appropriate headers to the current response.
*/
* lead to cases in which a change in the set of variants or the
* negotiation algorithm of the nontransparent resource is never
* propagated up to a HTTP/1.1 cache which interprets Vary. To be
- * completely on the safe side we should return VARIANT_ALSO_VARIES
+ * completely on the safe side we should return HTTP_VARIANT_ALSO_VARIES
* for this type of recursive negotiation too.
*/
if (neg->is_transparent &&
ap_table_get(sub_req->err_headers_out, "TCN")) {
- return VARIANT_ALSO_VARIES;
+ return HTTP_VARIANT_ALSO_VARIES;
}
/* This catches the error that a transparent type map recursively
* variant list validators.
*/
if (sub_req->handler && strcmp(sub_req->handler, "type-map") == 0) {
- return VARIANT_ALSO_VARIES;
+ return HTTP_VARIANT_ALSO_VARIES;
}
/* This adds an appropriate Variant-Vary header if the subrequest
*/
if (alg_result == alg_list) {
- /* send a list response or NOT_ACCEPTABLE error response */
+ /* send a list response or HTTP_NOT_ACCEPTABLE error response */
neg->send_alternates = 1; /* always include Alternates header */
set_neg_headers(r, neg, alg_result);
* responses (they certainly won't if they conform to the
* HTTP/1.0 specification).
*/
- return MULTIPLE_CHOICES;
+ return HTTP_MULTIPLE_CHOICES;
}
if (!*bestp) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"no acceptable variant: %s", r->filename);
- return NOT_ACCEPTABLE;
+ return HTTP_NOT_ACCEPTABLE;
}
}
/* BLECH --- don't multi-resolve non-ordinary files */
if (sub_req->finfo.filetype != APR_REG) {
- res = NOT_FOUND;
+ res = HTTP_NOT_FOUND;
goto return_from_multi;
}
** all hooks are run, independend of result
**
** o at the last stage, the core module always
-** - says "BAD_REQUEST" if r->filename does not begin with "/"
+** - says "HTTP_BAD_REQUEST" if r->filename does not begin with "/"
** - prefix URL with document_root or replaced server_root
** with document_root and sets r->filename
** - always return a "OK" independed if the file really exists
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"attempt to make remote request from mod_rewrite "
"without proxy enabled: %s", r->filename);
- return FORBIDDEN;
+ return HTTP_FORBIDDEN;
}
/* make sure the QUERY_STRING and
r->status = HTTP_OK; /* make Apache kernel happy */
}
else {
- n = REDIRECT;
+ n = HTTP_MOVED_TEMPORARILY;
}
/* now do the redirection */
else if (strlen(r->filename) > 10 &&
strncmp(r->filename, "forbidden:", 10) == 0) {
/* This URLs is forced to be forbidden for the requester */
- return FORBIDDEN;
+ return HTTP_FORBIDDEN;
}
else if (strlen(r->filename) > 5 &&
strncmp(r->filename, "gone:", 5) == 0) {
/* the filename has to start with a slash! */
if (r->filename[0] != '/') {
- return BAD_REQUEST;
+ return HTTP_BAD_REQUEST;
}
/* if there is no valid prefix, we have
"Options FollowSymLinks or SymLinksIfOwnerMatch is off "
"which implies that RewriteRule directive is forbidden: "
"%s", r->filename);
- return FORBIDDEN;
+ return HTTP_FORBIDDEN;
}
else {
/* FollowSymLinks is given, but the user can
r->status = HTTP_OK; /* make Apache kernel happy */
}
else {
- n = REDIRECT;
+ n = HTTP_MOVED_TEMPORARILY;
}
/* now do the redirection */
else if (strlen(r->filename) > 10 &&
strncmp(r->filename, "forbidden:", 10) == 0) {
/* This URL is forced to be forbidden for the requester */
- return FORBIDDEN;
+ return HTTP_FORBIDDEN;
}
else if (strlen(r->filename) > 5 &&
strncmp(r->filename, "gone:", 5) == 0) {
/* the filename has to start with a slash! */
if (r->filename[0] != '/') {
- return BAD_REQUEST;
+ return HTTP_BAD_REQUEST;
}
/* Check for deadlooping:
{
redirect = ap_pstrcat(r->pool, x, w, userdir, dname, NULL);
ap_table_setn(r->headers_out, "Location", redirect);
- return REDIRECT;
+ return HTTP_MOVED_TEMPORARILY;
}
else
filename = ap_pstrcat(r->pool, x, w, userdir, NULL);
else if (ap_strchr_c(userdir, ':')) {
redirect = ap_pstrcat(r->pool, userdir, "/", w, dname, NULL);
ap_table_setn(r->headers_out, "Location", redirect);
- return REDIRECT;
+ return HTTP_MOVED_TEMPORARILY;
}
else {
#ifdef WIN32
if (!(l = strchr(w, ':'))) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"malformed header in meta file: %s", r->filename);
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
*l++ = '\0';
}
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"meta file permissions deny server access: %s", metafilename);
- return FORBIDDEN;
+ return HTTP_FORBIDDEN;
};
/* read the headers in */
if (conf == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"internal error: %s", r->filename);
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
};
if (conf->active != ACTIVE_ON)
*/
ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
"internal error: bad expires code: %s", r->filename);
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
};
expires = base + additional;
/* Use similar restrictions as CGIs */
if (!(ap_allow_options(r) & OPT_EXECCGI))
- return FORBIDDEN;
+ return HTTP_FORBIDDEN;
if (r->finfo.protection == 0)
- return NOT_FOUND;
+ return HTTP_NOT_FOUND;
if (r->finfo.filetype == APR_DIR)
- return FORBIDDEN;
+ return HTTP_FORBIDDEN;
/* Load the module */
rv = GetLastError();
ap_log_rerror(APLOG_MARK, APLOG_ALERT, rv, r,
"Could not load DLL: %s", r->filename);
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
if (!(isapi_version =
"Could not load DLL %s symbol GetExtensionVersion()",
r->filename);
FreeLibrary(isapi_handle);
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
if (!(isapi_entry =
"Could not load DLL %s symbol HttpExtensionProc()",
r->filename);
FreeLibrary(isapi_handle);
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
/* TerminateExtension() is an optional interface */
/* Run GetExtensionVersion() */
if (!(*isapi_version)(pVer)) {
- ap_log_rerror(APLOG_MARK, APLOG_ALERT, SERVER_ERROR, r,
+ /* ### euh... we're passing the wrong type of error code here */
+ ap_log_rerror(APLOG_MARK, APLOG_ALERT, HTTP_INTERNAL_SERVER_ERROR, r,
"ISAPI %s GetExtensionVersion() call failed", r->filename);
FreeLibrary(isapi_handle);
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
/* Set up variables */
if ((read = ap_get_client_block(r, ecb->lpbData, to_read)) < 0) {
if (isapi_term) (*isapi_term)(HSE_TERM_MUST_UNLOAD);
FreeLibrary(isapi_handle);
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
/* Although its not to spec, IIS seems to null-terminate
return OK;
case HSE_STATUS_PENDING: /* We don't support this */
- rv = APR_ENOTIMPL;
- ap_log_rerror(APLOG_MARK, APLOG_WARNING, SERVER_ERROR, r,
- "ISAPI asynchronous I/O not supported: %s", r->filename);
+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, APR_ENOTIMPL, r,
+ "ISAPI asynchronous I/O not supported: %s", r->filename);
+ /* fallthrough */
case HSE_STATUS_ERROR:
default:
- return SERVER_ERROR;
+ return HTTP_INTERNAL_SERVER_ERROR;
}
}
* is done.
*/
ap_table_set (r->headers_out, "Location", lpvBuffer);
- cid->status = cid->r->status = cid->ecb->dwHttpStatusCode = REDIRECT;
+ cid->status = cid->r->status = cid->ecb->dwHttpStatusCode =
+ HTTP_MOVED_TEMPORARILY;
return TRUE;
case HSE_REQ_SEND_URL:
if (!(value = strchr(data, ':'))) {
SetLastError(TODO_ERROR);
- ap_log_rerror(APLOG_MARK, APLOG_ERR, SERVER_ERROR, r,
- "ISA sent invalid headers", r->filename);
+ /* ### euh... we're passing the wrong type of error
+ ### code here */
+ ap_log_rerror(APLOG_MARK, APLOG_ERR,
+ HTTP_INTERNAL_SERVER_ERROR, r,
+ "ISA sent invalid headers", r->filename);
return FALSE;
}
/* We don't support all this async I/O, Microsoft-specific stuff */
case HSE_REQ_IO_COMPLETION:
case HSE_REQ_TRANSMIT_FILE:
- ap_log_rerror(APLOG_MARK, APLOG_WARNING, SERVER_ERROR, r,
- "ISAPI asynchronous I/O not supported: %s", r->filename);
+ /* ### euh... we're passing the wrong type of error code here */
+ ap_log_rerror(APLOG_MARK, APLOG_WARNING,
+ HTTP_INTERNAL_SERVER_ERROR, r,
+ "ISAPI asynchronous I/O not supported: %s",
+ r->filename);
default:
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
* Unescapes a URL.
* Returns 0 on success, non-zero on error
* Failure is due to
- * bad % escape returns BAD_REQUEST
+ * bad % escape returns HTTP_BAD_REQUEST
*
* decoding %00 -> \0
* decoding %2f -> / (a special character)
- * returns NOT_FOUND
+ * returns HTTP_NOT_FOUND
*/
API_EXPORT(int) ap_unescape_url(char *url)
{
}
*x = '\0';
if (badesc)
- return BAD_REQUEST;
+ return HTTP_BAD_REQUEST;
else if (badpath)
- return NOT_FOUND;
+ return HTTP_NOT_FOUND;
else
return OK;
}
projects / apache / commitdiff