diff options
Diffstat (limited to 'modules/http/http_request.c')
| -rw-r--r-- | modules/http/http_request.c | 574 |
1 files changed, 0 insertions, 574 deletions
diff --git a/modules/http/http_request.c b/modules/http/http_request.c deleted file mode 100644 index 56064c451b..0000000000 --- a/modules/http/http_request.c +++ /dev/null @@ -1,574 +0,0 @@ -/* ==================================================================== - * The Apache Software License, Version 1.1 - * - * Copyright (c) 2000-2001 The Apache Software Foundation. All rights - * reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. The end-user documentation included with the redistribution, - * if any, must include the following acknowledgment: - * "This product includes software developed by the - * Apache Software Foundation (http://www.apache.org/)." - * Alternately, this acknowledgment may appear in the software itself, - * if and wherever such third-party acknowledgments normally appear. - * - * 4. The names "Apache" and "Apache Software Foundation" must - * not be used to endorse or promote products derived from this - * software without prior written permission. For written - * permission, please contact apache@apache.org. - * - * 5. Products derived from this software may not be called "Apache", - * nor may "Apache" appear in their name, without prior written - * permission of the Apache Software Foundation. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF - * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND - * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, - * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT - * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * ==================================================================== - * - * This software consists of voluntary contributions made by many - * individuals on behalf of the Apache Software Foundation. For more - * information on the Apache Software Foundation, please see - * <http://www.apache.org/>. - * - * Portions of this software are based upon public domain software - * originally written at the National Center for Supercomputing Applications, - * University of Illinois, Urbana-Champaign. - */ - -/* - * http_request.c: functions to get and process requests - * - * Rob McCool 3/21/93 - * - * Thoroughly revamped by rst for Apache. NB this file reads - * best from the bottom up. - * - */ - -#include "apr_strings.h" -#include "apr_file_io.h" -#include "apr_fnmatch.h" - -#define APR_WANT_STRFUNC -#include "apr_want.h" - -#define CORE_PRIVATE -#include "ap_config.h" -#include "httpd.h" -#include "http_config.h" -#include "http_request.h" -#include "http_core.h" -#include "http_protocol.h" -#include "http_log.h" -#include "http_main.h" -#include "util_filter.h" -#include "util_charset.h" - -#include "mod_core.h" - -#if APR_HAVE_STDARG_H -#include <stdarg.h> -#endif - -/***************************************************************** - * - * Mainline request processing... - */ - -AP_DECLARE(void) ap_die(int type, request_rec *r) -{ - int error_index = ap_index_of_response(type); - char *custom_response = ap_response_code_string(r, error_index); - int recursive_error = 0; - - if (type == AP_FILTER_ERROR) { - return; - } - - if (type == DONE) { - ap_finalize_request_protocol(r); - return; - } - - /* - * The following takes care of Apache redirects to custom response URLs - * Note that if we are already dealing with the response to some other - * error condition, we just report on the original error, and give up on - * any attempt to handle the other thing "intelligently"... - */ - - if (r->status != HTTP_OK) { - recursive_error = type; - - while (r->prev && (r->prev->status != HTTP_OK)) - r = r->prev; /* Get back to original error */ - - type = r->status; - custom_response = NULL; /* Do NOT retry the custom thing! */ - } - - r->status = type; - - /* - * This test is done here so that none of the auth modules needs to know - * about proxy authentication. They treat it like normal auth, and then - * we tweak the status. - */ - if (HTTP_UNAUTHORIZED == r->status && PROXYREQ_PROXY == r->proxyreq) { - r->status = HTTP_PROXY_AUTHENTICATION_REQUIRED; - } - - /* - * If we want to keep the connection, be sure that the request body - * (if any) has been read. - */ - if ((r->status != HTTP_NOT_MODIFIED) && (r->status != HTTP_NO_CONTENT) - && !ap_status_drops_connection(r->status) - && r->connection && (r->connection->keepalive != -1)) { - - (void) ap_discard_request_body(r); - } - - /* - * Two types of custom redirects --- plain text, and URLs. Plain text has - * a leading '"', so the URL code, here, is triggered on its absence - */ - - if (custom_response && custom_response[0] != '"') { - - if (ap_is_url(custom_response)) { - /* - * The URL isn't local, so lets drop through the rest of this - * apache code, and continue with the usual REDIRECT handler. - * But note that the client will ultimately see the wrong - * status... - */ - r->status = HTTP_MOVED_TEMPORARILY; - apr_table_setn(r->headers_out, "Location", custom_response); - } - else if (custom_response[0] == '/') { - const char *error_notes; - r->no_local_copy = 1; /* Do NOT send HTTP_NOT_MODIFIED for - * error documents! */ - /* - * This redirect needs to be a GET no matter what the original - * method was. - */ - apr_table_setn(r->subprocess_env, "REQUEST_METHOD", r->method); - - /* - * Provide a special method for modules to communicate - * more informative (than the plain canned) messages to us. - * Propagate them to ErrorDocuments via the ERROR_NOTES variable: - */ - if ((error_notes = apr_table_get(r->notes, "error-notes")) != NULL) { - apr_table_setn(r->subprocess_env, "ERROR_NOTES", error_notes); - } - r->method = apr_pstrdup(r->pool, "GET"); - r->method_number = M_GET; - ap_internal_redirect(custom_response, r); - return; - } - else { - /* - * Dumb user has given us a bad url to redirect to --- fake up - * dying with a recursive server error... - */ - recursive_error = HTTP_INTERNAL_SERVER_ERROR; - ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r, - "Invalid error redirection directive: %s", - custom_response); - } - } - ap_send_error_response(r, recursive_error); -} - -static void decl_die(int status, char *phase, request_rec *r) -{ - if (status == DECLINED) { - ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_CRIT, 0, r, - "configuration error: couldn't %s: %s", phase, r->uri); - ap_die(HTTP_INTERNAL_SERVER_ERROR, r); - } - else - ap_die(status, r); -} - -static void process_request_internal(request_rec *r) -{ - int access_status; - - /* Ignore embedded %2F's in path for proxy requests */ - if (!r->proxyreq && r->parsed_uri.path) { - access_status = ap_unescape_url(r->parsed_uri.path); - if (access_status) { - ap_die(access_status, r); - return; - } - } - - ap_getparents(r->uri); /* OK --- shrinking transformations... */ - - if ((access_status = location_walk(r))) { - ap_die(access_status, r); - return; - } - - if ((access_status = ap_run_translate_name(r))) { - decl_die(access_status, "translate", r); - return; - } - - if (!r->proxyreq) { - /* - * We don't want TRACE to run through the normal handler set, we - * handle it specially. - */ - if (r->method_number == M_TRACE) { - if ((access_status = ap_send_http_trace(r))) - ap_die(access_status, r); - else - ap_finalize_request_protocol(r); - return; - } - } - - if (r->proto_num > HTTP_VERSION(1,0) && apr_table_get(r->subprocess_env, "downgrade-1.0")) { - r->proto_num = HTTP_VERSION(1,0); - } - - /* - * NB: directory_walk() clears the per_dir_config, so we don't inherit - * from location_walk() above - */ - - if ((access_status = directory_walk(r))) { - ap_die(access_status, r); - return; - } - - if ((access_status = file_walk(r))) { - ap_die(access_status, r); - return; - } - - if ((access_status = location_walk(r))) { - ap_die(access_status, r); - return; - } - - if ((access_status = ap_run_header_parser(r))) { - ap_die(access_status, r); - return; - } - - switch (ap_satisfies(r)) { - case SATISFY_ALL: - case SATISFY_NOSPEC: - if ((access_status = ap_run_access_checker(r)) != 0) { - decl_die(access_status, "check access", r); - return; - } - if (ap_some_auth_required(r)) { - if (((access_status = ap_run_check_user_id(r)) != 0) || !ap_auth_type(r)) { - decl_die(access_status, ap_auth_type(r) - ? "check user. No user file?" - : "perform authentication. AuthType not set!", r); - return; - } - if (((access_status = ap_run_auth_checker(r)) != 0) || !ap_auth_type(r)) { - decl_die(access_status, ap_auth_type(r) - ? "check access. No groups file?" - : "perform authentication. AuthType not set!", r); - return; - } - } - break; - case SATISFY_ANY: - if (((access_status = ap_run_access_checker(r)) != 0) || !ap_auth_type(r)) { - if (!ap_some_auth_required(r)) { - decl_die(access_status, ap_auth_type(r) - ? "check access" - : "perform authentication. AuthType not set!", r); - return; - } - if (((access_status = ap_run_check_user_id(r)) != 0) || !ap_auth_type(r)) { - decl_die(access_status, ap_auth_type(r) - ? "check user. No user file?" - : "perform authentication. AuthType not set!", r); - return; - } - if (((access_status = ap_run_auth_checker(r)) != 0) || !ap_auth_type(r)) { - decl_die(access_status, ap_auth_type(r) - ? "check access. No groups file?" - : "perform authentication. AuthType not set!", r); - return; - } - } - break; - } - - if (! (r->proxyreq - && r->parsed_uri.scheme != NULL - && strcmp(r->parsed_uri.scheme, "http") == 0) ) { - if ((access_status = ap_run_type_checker(r)) != 0) { - decl_die(access_status, "find types", r); - return; - } - } - - if ((access_status = ap_run_fixups(r)) != 0) { - ap_die(access_status, r); - return; - } - - /* The new insert_filter stage makes sense here IMHO. We are sure that - * we are going to run the request now, so we may as well insert filters - * if any are available. Since the goal of this phase is to allow all - * modules to insert a filter if they want to, this filter returns - * void. I just can't see any way that this filter can reasonably - * fail, either your modules inserts something or it doesn't. rbb - */ - ap_run_insert_filter(r); - - if ((access_status = ap_invoke_handler(r)) != 0) { - ap_die(access_status, r); - return; - } - - /* Take care of little things that need to happen when we're done */ - ap_finalize_request_protocol(r); -} - -static void check_pipeline_flush(request_rec *r) -{ - /* ### if would be nice if we could PEEK without a brigade. that would - ### allow us to defer creation of the brigade to when we actually - ### need to send a FLUSH. */ - apr_bucket_brigade *bb = apr_brigade_create(r->pool); - apr_size_t zero = 0; - - /* Flush the filter contents if: - * - * 1) the connection will be closed - * 2) there isn't a request ready to be read - */ - /* ### shouldn't this read from the connection input filters? */ - if (!r->connection->keepalive || - ap_get_brigade(r->input_filters, bb, AP_MODE_PEEK, &zero) != APR_SUCCESS) { - apr_bucket *e = apr_bucket_flush_create(); - - /* We just send directly to the connection based filters. At - * this point, we know that we have seen all of the data - * (request finalization sent an EOS bucket, which empties all - * of the request filters). We just want to flush the buckets - * if something hasn't been sent to the network yet. - */ - APR_BRIGADE_INSERT_HEAD(bb, e); - ap_pass_brigade(r->connection->output_filters, bb); - } -} - -void ap_process_request(request_rec *r) -{ - int access_status; - - /* Give quick handlers a shot at serving the request on the fast - * path, bypassing all of the other Apache hooks. - * - * This hook was added to enable serving files out of a URI keyed - * content cache ( e.g., Mike Abbott's Quick Shortcut Cache, - * described here: http://oss.sgi.com/projects/apache/mod_qsc.html ) - * - * It may have other uses as well, such as routing requests directly to - * content handlers that have the ability to grok HTTP and do their - * own access checking, etc (e.g. servlet engines). - * - * Use this hook with extreme care and only if you know what you are - * doing. - * - * Consider moving this hook to after the first location_walk in order - * to enable the quick handler to make decisions based on config - * directives in Location blocks. - */ - access_status = ap_run_quick_handler(r); - if (access_status == OK) { - ap_finalize_request_protocol(r); - } - else if (access_status == DECLINED) { - process_request_internal(r); - } - else { - ap_die(access_status, r); - } - - /* - * We want to flush the last packet if this isn't a pipelining connection - * *before* we start into logging. Suppose that the logging causes a DNS - * lookup to occur, which may have a high latency. If we hold off on - * this packet, then it'll appear like the link is stalled when really - * it's the application that's stalled. - */ - check_pipeline_flush(r); - ap_run_log_transaction(r); -} - -static apr_table_t *rename_original_env(apr_pool_t *p, apr_table_t *t) -{ - apr_array_header_t *env_arr = apr_table_elts(t); - apr_table_entry_t *elts = (apr_table_entry_t *) env_arr->elts; - apr_table_t *new = apr_table_make(p, env_arr->nalloc); - int i; - - for (i = 0; i < env_arr->nelts; ++i) { - if (!elts[i].key) - continue; - apr_table_setn(new, apr_pstrcat(p, "REDIRECT_", elts[i].key, NULL), - elts[i].val); - } - - return new; -} - -static request_rec *internal_internal_redirect(const char *new_uri, - request_rec *r) { - int access_status; - request_rec *new = (request_rec *) apr_pcalloc(r->pool, - sizeof(request_rec)); - - new->connection = r->connection; - new->server = r->server; - new->pool = r->pool; - - /* - * A whole lot of this really ought to be shared with http_protocol.c... - * another missing cleanup. It's particularly inappropriate to be - * setting header_only, etc., here. - */ - - new->method = r->method; - new->method_number = r->method_number; - new->allowed_methods = ap_make_method_list(new->pool, 2); - ap_parse_uri(new, new_uri); - - new->request_config = ap_create_request_config(r->pool); - - new->per_dir_config = r->server->lookup_defaults; - - new->prev = r; - r->next = new; - - /* Must have prev and next pointers set before calling create_request - * hook. - */ - ap_run_create_request(new); - - /* Inherit the rest of the protocol info... */ - - new->the_request = r->the_request; - - new->allowed = r->allowed; - - new->status = r->status; - new->assbackwards = r->assbackwards; - new->header_only = r->header_only; - new->protocol = r->protocol; - new->proto_num = r->proto_num; - new->hostname = r->hostname; - new->request_time = r->request_time; - new->main = r->main; - - new->headers_in = r->headers_in; - new->headers_out = apr_table_make(r->pool, 12); - new->err_headers_out = r->err_headers_out; - new->subprocess_env = rename_original_env(r->pool, r->subprocess_env); - new->notes = apr_table_make(r->pool, 5); - new->allowed_methods = ap_make_method_list(new->pool, 2); - - new->htaccess = r->htaccess; - new->no_cache = r->no_cache; - new->expecting_100 = r->expecting_100; - new->no_local_copy = r->no_local_copy; - new->read_length = r->read_length; /* We can only read it once */ - new->vlist_validator = r->vlist_validator; - - new->output_filters = r->connection->output_filters; - new->input_filters = r->connection->input_filters; - - ap_add_output_filter("BYTERANGE", NULL, new, new->connection); - ap_add_output_filter("CONTENT_LENGTH", NULL, new, new->connection); - ap_add_output_filter("HTTP_HEADER", NULL, new, new->connection); - - apr_table_setn(new->subprocess_env, "REDIRECT_STATUS", - apr_psprintf(r->pool, "%d", r->status)); - - /* - * XXX: hmm. This is because mod_setenvif and mod_unique_id really need - * to do their thing on internal redirects as well. Perhaps this is a - * misnamed function. - */ - if ((access_status = ap_run_post_read_request(new))) { - ap_die(access_status, new); - return NULL; - } - - return new; -} - -AP_DECLARE(void) ap_internal_redirect(const char *new_uri, request_rec *r) -{ - request_rec *new = internal_internal_redirect(new_uri, r); - process_request_internal(new); -} - -/* This function is designed for things like actions or CGI scripts, when - * using AddHandler, and you want to preserve the content type across - * an internal redirect. - */ -AP_DECLARE(void) ap_internal_redirect_handler(const char *new_uri, request_rec *r) -{ - request_rec *new = internal_internal_redirect(new_uri, r); - if (r->handler) - new->content_type = r->content_type; - process_request_internal(new); -} - -AP_DECLARE(void) ap_allow_methods(request_rec *r, int reset, ...) -{ - const char *method; - va_list methods; - - /* - * Get rid of any current settings if requested; not just the - * well-known methods but any extensions as well. - */ - if (reset) { - ap_clear_method_list(r->allowed_methods); - } - - va_start(methods, reset); - while ((method = va_arg(methods, const char *)) != NULL) { - ap_method_list_add(r->allowed_methods, method); - } -} |