/src/httpd/modules/http/http_request.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* Licensed to the Apache Software Foundation (ASF) under one or more |
2 | | * contributor license agreements. See the NOTICE file distributed with |
3 | | * this work for additional information regarding copyright ownership. |
4 | | * The ASF licenses this file to You under the Apache License, Version 2.0 |
5 | | * (the "License"); you may not use this file except in compliance with |
6 | | * the License. You may obtain a copy of the License at |
7 | | * |
8 | | * http://www.apache.org/licenses/LICENSE-2.0 |
9 | | * |
10 | | * Unless required by applicable law or agreed to in writing, software |
11 | | * distributed under the License is distributed on an "AS IS" BASIS, |
12 | | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
13 | | * See the License for the specific language governing permissions and |
14 | | * limitations under the License. |
15 | | */ |
16 | | |
17 | | /* |
18 | | * http_request.c: functions to get and process requests |
19 | | * |
20 | | * Rob McCool 3/21/93 |
21 | | * |
22 | | * Thoroughly revamped by rst for Apache. NB this file reads |
23 | | * best from the bottom up. |
24 | | * |
25 | | */ |
26 | | |
27 | | #include "apr_strings.h" |
28 | | #include "apr_file_io.h" |
29 | | #include "apr_fnmatch.h" |
30 | | |
31 | | #define APR_WANT_STRFUNC |
32 | | #include "apr_want.h" |
33 | | |
34 | | #include "ap_config.h" |
35 | | #include "httpd.h" |
36 | | #include "http_config.h" |
37 | | #include "http_request.h" |
38 | | #include "http_core.h" |
39 | | #include "http_protocol.h" |
40 | | #include "http_log.h" |
41 | | #include "http_main.h" |
42 | | #include "mpm_common.h" |
43 | | #include "util_filter.h" |
44 | | #include "util_charset.h" |
45 | | #include "scoreboard.h" |
46 | | |
47 | | #include "mod_core.h" |
48 | | |
49 | | #if APR_HAVE_STDARG_H |
50 | | #include <stdarg.h> |
51 | | #endif |
52 | | |
53 | | APLOG_USE_MODULE(http); |
54 | | |
55 | | /***************************************************************** |
56 | | * |
57 | | * Mainline request processing... |
58 | | */ |
59 | | |
60 | | /* XXX A cleaner and faster way to do this might be to pass the request_rec |
61 | | * down the filter chain as a parameter. It would need to change for |
62 | | * subrequest vs. main request filters; perhaps the subrequest filter could |
63 | | * make the switch. |
64 | | */ |
65 | | static void update_r_in_filters(ap_filter_t *f, |
66 | | request_rec *from, |
67 | | request_rec *to) |
68 | 0 | { |
69 | 0 | while (f) { |
70 | 0 | if (f->r == from) { |
71 | 0 | f->r = to; |
72 | 0 | } |
73 | 0 | f = f->next; |
74 | 0 | } |
75 | 0 | } |
76 | | |
77 | | static void ap_die_r(int type, request_rec *r, int recursive_error) |
78 | 0 | { |
79 | 0 | char *custom_response; |
80 | 0 | request_rec *r_1st_err = r; |
81 | |
|
82 | 0 | if (type == OK || type == DONE) { |
83 | 0 | ap_finalize_request_protocol(r); |
84 | 0 | return; |
85 | 0 | } |
86 | | |
87 | 0 | if (!ap_is_HTTP_VALID_RESPONSE(type)) { |
88 | 0 | ap_filter_t *next; |
89 | | |
90 | | /* |
91 | | * Check if we still have the ap_http_header_filter in place. If |
92 | | * this is the case we should not ignore the error here because |
93 | | * it means that we have not sent any response at all and never |
94 | | * will. This is bad. Sent an internal server error instead. |
95 | | */ |
96 | 0 | next = r->output_filters; |
97 | 0 | while (next && (next->frec != ap_http_header_filter_handle)) { |
98 | 0 | next = next->next; |
99 | 0 | } |
100 | | |
101 | | /* |
102 | | * If next != NULL then we left the while above because of |
103 | | * next->frec == ap_http_header_filter |
104 | | */ |
105 | 0 | if (next) { |
106 | 0 | if (type != AP_FILTER_ERROR) { |
107 | 0 | ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01579) |
108 | 0 | "Invalid response status %i", type); |
109 | 0 | } |
110 | 0 | else { |
111 | 0 | ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02831) |
112 | 0 | "Response from AP_FILTER_ERROR"); |
113 | 0 | } |
114 | 0 | type = HTTP_INTERNAL_SERVER_ERROR; |
115 | 0 | } |
116 | 0 | else { |
117 | 0 | return; |
118 | 0 | } |
119 | 0 | } |
120 | | |
121 | | /* |
122 | | * The following takes care of Apache redirects to custom response URLs |
123 | | * Note that if we are already dealing with the response to some other |
124 | | * error condition, we just report on the original error, and give up on |
125 | | * any attempt to handle the other thing "intelligently"... |
126 | | */ |
127 | 0 | if (recursive_error != HTTP_OK) { |
128 | 0 | while (r_1st_err->prev && (r_1st_err->prev->status != HTTP_OK)) |
129 | 0 | r_1st_err = r_1st_err->prev; /* Get back to original error */ |
130 | |
|
131 | 0 | if (r_1st_err != r) { |
132 | | /* The recursive error was caused by an ErrorDocument specifying |
133 | | * an internal redirect to a bad URI. ap_internal_redirect has |
134 | | * changed the filter chains to point to the ErrorDocument's |
135 | | * request_rec. Back out those changes so we can safely use the |
136 | | * original failing request_rec to send the canned error message. |
137 | | * |
138 | | * ap_send_error_response gets rid of existing resource filters |
139 | | * on the output side, so we can skip those. |
140 | | */ |
141 | 0 | update_r_in_filters(r_1st_err->proto_output_filters, r, r_1st_err); |
142 | 0 | update_r_in_filters(r_1st_err->input_filters, r, r_1st_err); |
143 | 0 | } |
144 | |
|
145 | 0 | custom_response = NULL; /* Do NOT retry the custom thing! */ |
146 | 0 | } |
147 | 0 | else { |
148 | 0 | int error_index = ap_index_of_response(type); |
149 | 0 | custom_response = ap_response_code_string(r, error_index); |
150 | 0 | recursive_error = 0; |
151 | 0 | } |
152 | |
|
153 | 0 | r->status = type; |
154 | | |
155 | | /* |
156 | | * This test is done here so that none of the auth modules needs to know |
157 | | * about proxy authentication. They treat it like normal auth, and then |
158 | | * we tweak the status. |
159 | | */ |
160 | 0 | if (HTTP_UNAUTHORIZED == r->status && PROXYREQ_PROXY == r->proxyreq) { |
161 | 0 | r->status = HTTP_PROXY_AUTHENTICATION_REQUIRED; |
162 | 0 | } |
163 | | |
164 | | /* If we don't want to keep the connection, make sure we mark that the |
165 | | * connection is not eligible for keepalive. If we want to keep the |
166 | | * connection, be sure that the request body (if any) has been read. |
167 | | */ |
168 | 0 | if (ap_status_drops_connection(r->status)) { |
169 | 0 | r->connection->keepalive = AP_CONN_CLOSE; |
170 | 0 | } |
171 | | |
172 | | /* |
173 | | * Two types of custom redirects --- plain text, and URLs. Plain text has |
174 | | * a leading '"', so the URL code, here, is triggered on its absence |
175 | | */ |
176 | |
|
177 | 0 | if (custom_response && custom_response[0] != '"') { |
178 | |
|
179 | 0 | if (ap_is_url(custom_response)) { |
180 | | /* |
181 | | * The URL isn't local, so lets drop through the rest of this |
182 | | * apache code, and continue with the usual REDIRECT handler. |
183 | | * But note that the client will ultimately see the wrong |
184 | | * status... |
185 | | */ |
186 | 0 | r->status = HTTP_MOVED_TEMPORARILY; |
187 | 0 | apr_table_setn(r->headers_out, "Location", custom_response); |
188 | 0 | } |
189 | 0 | else if (custom_response[0] == '/') { |
190 | 0 | const char *error_notes, *original_method; |
191 | 0 | int original_method_number; |
192 | 0 | r->no_local_copy = 1; /* Do NOT send HTTP_NOT_MODIFIED for |
193 | | * error documents! */ |
194 | | /* |
195 | | * This redirect needs to be a GET no matter what the original |
196 | | * method was. |
197 | | */ |
198 | 0 | apr_table_setn(r->subprocess_env, "REQUEST_METHOD", r->method); |
199 | | |
200 | | /* |
201 | | * Provide a special method for modules to communicate |
202 | | * more informative (than the plain canned) messages to us. |
203 | | * Propagate them to ErrorDocuments via the ERROR_NOTES variable: |
204 | | */ |
205 | 0 | if ((error_notes = apr_table_get(r->notes, |
206 | 0 | "error-notes")) != NULL) { |
207 | 0 | apr_table_setn(r->subprocess_env, "ERROR_NOTES", error_notes); |
208 | 0 | } |
209 | 0 | original_method = r->method; |
210 | 0 | original_method_number = r->method_number; |
211 | 0 | r->method = "GET"; |
212 | 0 | r->method_number = M_GET; |
213 | 0 | ap_internal_redirect(custom_response, r); |
214 | | /* preserve ability to see %<m in the access log */ |
215 | 0 | r->method = original_method; |
216 | 0 | r->method_number = original_method_number; |
217 | 0 | return; |
218 | 0 | } |
219 | 0 | else { |
220 | | /* |
221 | | * Dumb user has given us a bad url to redirect to --- fake up |
222 | | * dying with a recursive server error... |
223 | | */ |
224 | 0 | recursive_error = HTTP_INTERNAL_SERVER_ERROR; |
225 | 0 | ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01580) |
226 | 0 | "Invalid error redirection directive: %s", |
227 | 0 | custom_response); |
228 | 0 | } |
229 | 0 | } |
230 | 0 | ap_send_error_response(r_1st_err, recursive_error); |
231 | 0 | } |
232 | | |
233 | | AP_DECLARE(void) ap_die(int type, request_rec *r) |
234 | 0 | { |
235 | 0 | ap_die_r(type, r, r->status); |
236 | 0 | } |
237 | | |
238 | | AP_DECLARE(apr_status_t) ap_check_pipeline(conn_rec *c, apr_bucket_brigade *bb, |
239 | | unsigned int max_blank_lines) |
240 | 0 | { |
241 | 0 | apr_status_t rv = APR_EOF; |
242 | 0 | ap_input_mode_t mode = AP_MODE_SPECULATIVE; |
243 | 0 | unsigned int num_blank_lines = 0; |
244 | 0 | apr_size_t cr = 0; |
245 | 0 | char buf[2]; |
246 | |
|
247 | 0 | while (c->keepalive != AP_CONN_CLOSE && !c->aborted) { |
248 | 0 | apr_size_t len = cr + 1; |
249 | |
|
250 | 0 | apr_brigade_cleanup(bb); |
251 | 0 | rv = ap_get_brigade(c->input_filters, bb, mode, |
252 | 0 | APR_NONBLOCK_READ, len); |
253 | 0 | if (rv != APR_SUCCESS || APR_BRIGADE_EMPTY(bb)) { |
254 | 0 | if (mode == AP_MODE_READBYTES) { |
255 | | /* Unexpected error, stop with this connection */ |
256 | 0 | ap_log_cerror(APLOG_MARK, APLOG_ERR, rv, c, APLOGNO(02967) |
257 | 0 | "Can't consume pipelined empty lines"); |
258 | 0 | c->keepalive = AP_CONN_CLOSE; |
259 | 0 | rv = APR_EGENERAL; |
260 | 0 | } |
261 | 0 | else if (rv != APR_SUCCESS && !APR_STATUS_IS_EAGAIN(rv)) { |
262 | | /* Pipe is dead */ |
263 | 0 | c->keepalive = AP_CONN_CLOSE; |
264 | 0 | } |
265 | 0 | else { |
266 | | /* Pipe is up and empty */ |
267 | 0 | rv = APR_EAGAIN; |
268 | 0 | } |
269 | 0 | break; |
270 | 0 | } |
271 | 0 | if (!max_blank_lines) { |
272 | 0 | apr_off_t n = 0; |
273 | | /* Single read asked, (non-meta-)data available? */ |
274 | 0 | rv = apr_brigade_length(bb, 0, &n); |
275 | 0 | if (rv == APR_SUCCESS && n <= 0) { |
276 | 0 | rv = APR_EAGAIN; |
277 | 0 | } |
278 | 0 | break; |
279 | 0 | } |
280 | | |
281 | | /* Lookup and consume blank lines */ |
282 | 0 | rv = apr_brigade_flatten(bb, buf, &len); |
283 | 0 | if (rv != APR_SUCCESS || len != cr + 1) { |
284 | 0 | int log_level; |
285 | 0 | if (mode == AP_MODE_READBYTES) { |
286 | | /* Unexpected error, stop with this connection */ |
287 | 0 | c->keepalive = AP_CONN_CLOSE; |
288 | 0 | log_level = APLOG_ERR; |
289 | 0 | rv = APR_EGENERAL; |
290 | 0 | } |
291 | 0 | else { |
292 | | /* Let outside (non-speculative/blocking) read determine |
293 | | * where this possible failure comes from (metadata, |
294 | | * morphed EOF socket, ...). Debug only here. |
295 | | */ |
296 | 0 | log_level = APLOG_DEBUG; |
297 | 0 | rv = APR_SUCCESS; |
298 | 0 | } |
299 | 0 | ap_log_cerror(APLOG_MARK, log_level, rv, c, APLOGNO(02968) |
300 | 0 | "Can't check pipelined data"); |
301 | 0 | break; |
302 | 0 | } |
303 | | |
304 | 0 | if (mode == AP_MODE_READBYTES) { |
305 | | /* [CR]LF consumed, try next */ |
306 | 0 | mode = AP_MODE_SPECULATIVE; |
307 | 0 | cr = 0; |
308 | 0 | } |
309 | 0 | else if (cr) { |
310 | 0 | AP_DEBUG_ASSERT(len == 2 && buf[0] == APR_ASCII_CR); |
311 | 0 | if (buf[1] == APR_ASCII_LF) { |
312 | | /* consume this CRLF */ |
313 | 0 | mode = AP_MODE_READBYTES; |
314 | 0 | num_blank_lines++; |
315 | 0 | } |
316 | 0 | else { |
317 | | /* CR(?!LF) is data */ |
318 | 0 | break; |
319 | 0 | } |
320 | 0 | } |
321 | 0 | else { |
322 | 0 | if (buf[0] == APR_ASCII_LF) { |
323 | | /* consume this LF */ |
324 | 0 | mode = AP_MODE_READBYTES; |
325 | 0 | num_blank_lines++; |
326 | 0 | } |
327 | 0 | else if (buf[0] == APR_ASCII_CR) { |
328 | 0 | cr = 1; |
329 | 0 | } |
330 | 0 | else { |
331 | | /* Not [CR]LF, some data */ |
332 | 0 | break; |
333 | 0 | } |
334 | 0 | } |
335 | 0 | if (num_blank_lines > max_blank_lines) { |
336 | | /* Enough blank lines with this connection, |
337 | | * stop and don't recycle it. |
338 | | */ |
339 | 0 | c->keepalive = AP_CONN_CLOSE; |
340 | 0 | rv = APR_NOTFOUND; |
341 | 0 | break; |
342 | 0 | } |
343 | 0 | } |
344 | |
|
345 | 0 | return rv; |
346 | 0 | } |
347 | | |
348 | | AP_DECLARE(void) ap_process_request_after_handler(request_rec *r) |
349 | 0 | { |
350 | 0 | apr_bucket_brigade *bb; |
351 | 0 | apr_bucket *b; |
352 | 0 | conn_rec *c = r->connection; |
353 | |
|
354 | 0 | bb = ap_acquire_brigade(c); |
355 | | |
356 | | /* Send an EOR bucket through the output filter chain. When |
357 | | * this bucket is destroyed, the request will be logged and |
358 | | * its pool will be freed |
359 | | */ |
360 | 0 | b = ap_bucket_eor_create(c->bucket_alloc, r); |
361 | 0 | APR_BRIGADE_INSERT_HEAD(bb, b); |
362 | | |
363 | | /* Find the last request, taking into account internal |
364 | | * redirects. We want to send the EOR bucket at the end of |
365 | | * all the buckets so it does not jump the queue. |
366 | | */ |
367 | 0 | while (r->next) { |
368 | 0 | r = r->next; |
369 | 0 | } |
370 | | |
371 | | /* All the request filters should have bailed out on EOS, and in any |
372 | | * case they shouldn't have to handle this EOR which will destroy the |
373 | | * request underneath them. So go straight to the connection filters. |
374 | | */ |
375 | 0 | ap_pass_brigade(c->output_filters, bb); |
376 | | |
377 | | /* The EOR bucket has either been handled by an output filter (eg. |
378 | | * deleted or moved to a buffered_bb => no more in bb), or an error |
379 | | * occurred before that (eg. c->aborted => still in bb) and we ought |
380 | | * to destroy it now. So cleanup any remaining bucket along with |
381 | | * the orphan request (if any). |
382 | | */ |
383 | 0 | apr_brigade_cleanup(bb); |
384 | | |
385 | | /* From here onward, it is no longer safe to reference r |
386 | | * or r->pool, because r->pool may have been destroyed |
387 | | * already by the EOR bucket's cleanup function. |
388 | | */ |
389 | | |
390 | | /* Check pipeline consuming blank lines, they must not be interpreted as |
391 | | * the next pipelined request, otherwise we would block on the next read |
392 | | * without flushing data, and hence possibly delay pending response(s) |
393 | | * until the next/real request comes in or the keepalive timeout expires. |
394 | | */ |
395 | 0 | (void)ap_check_pipeline(c, bb, DEFAULT_LIMIT_BLANK_LINES); |
396 | |
|
397 | 0 | ap_release_brigade(c, bb); |
398 | |
|
399 | 0 | if (c->cs) { |
400 | 0 | if (c->aborted) { |
401 | 0 | c->cs->state = CONN_STATE_LINGER; |
402 | 0 | } |
403 | 0 | else { |
404 | | /* If we have still data in the output filters here it means that |
405 | | * the last (recent) nonblocking write was EAGAIN, so tell the MPM |
406 | | * to not try another useless/stressful one but to go straight to |
407 | | * POLLOUT. |
408 | | */ |
409 | 0 | c->cs->state = CONN_STATE_WRITE_COMPLETION; |
410 | 0 | } |
411 | 0 | } |
412 | 0 | AP_PROCESS_REQUEST_RETURN((uintptr_t)r, r->uri, r->status); |
413 | 0 | if (ap_extended_status) { |
414 | 0 | ap_time_process_request(c->sbh, STOP_PREQUEST); |
415 | 0 | } |
416 | 0 | } |
417 | | |
418 | | void ap_process_async_request(request_rec *r) |
419 | 0 | { |
420 | 0 | conn_rec *c = r->connection; |
421 | 0 | int access_status; |
422 | | |
423 | | /* Give quick handlers a shot at serving the request on the fast |
424 | | * path, bypassing all of the other Apache hooks. |
425 | | * |
426 | | * This hook was added to enable serving files out of a URI keyed |
427 | | * content cache ( e.g., Mike Abbott's Quick Shortcut Cache, |
428 | | * described here: http://oss.sgi.com/projects/apache/mod_qsc.html ) |
429 | | * |
430 | | * It may have other uses as well, such as routing requests directly to |
431 | | * content handlers that have the ability to grok HTTP and do their |
432 | | * own access checking, etc (e.g. servlet engines). |
433 | | * |
434 | | * Use this hook with extreme care and only if you know what you are |
435 | | * doing. |
436 | | */ |
437 | 0 | AP_PROCESS_REQUEST_ENTRY((uintptr_t)r, r->uri); |
438 | 0 | if (ap_extended_status) { |
439 | 0 | ap_time_process_request(r->connection->sbh, START_PREQUEST); |
440 | 0 | } |
441 | |
|
442 | 0 | if (APLOGrtrace4(r)) { |
443 | 0 | int i; |
444 | 0 | const apr_array_header_t *t_h = apr_table_elts(r->headers_in); |
445 | 0 | const apr_table_entry_t *t_elt = (apr_table_entry_t *)t_h->elts; |
446 | 0 | ap_log_rerror(APLOG_MARK, APLOG_TRACE4, 0, r, |
447 | 0 | "Headers received from client:"); |
448 | 0 | for (i = 0; i < t_h->nelts; i++, t_elt++) { |
449 | 0 | ap_log_rerror(APLOG_MARK, APLOG_TRACE4, 0, r, " %s: %s", |
450 | 0 | ap_escape_logitem(r->pool, t_elt->key), |
451 | 0 | ap_escape_logitem(r->pool, t_elt->val)); |
452 | 0 | } |
453 | 0 | } |
454 | |
|
455 | 0 | #if APR_HAS_THREADS |
456 | 0 | apr_thread_mutex_create(&r->invoke_mtx, APR_THREAD_MUTEX_DEFAULT, r->pool); |
457 | 0 | apr_thread_mutex_lock(r->invoke_mtx); |
458 | 0 | #endif |
459 | 0 | access_status = ap_run_quick_handler(r, 0); /* Not a look-up request */ |
460 | 0 | if (access_status == DECLINED) { |
461 | 0 | access_status = ap_process_request_internal(r); |
462 | 0 | if (access_status == OK) { |
463 | 0 | access_status = ap_invoke_handler(r); |
464 | 0 | } |
465 | 0 | } |
466 | |
|
467 | 0 | if (access_status == SUSPENDED) { |
468 | | /* TODO: Should move these steps into a generic function, so modules |
469 | | * working on a suspended request can also call _ENTRY again. |
470 | | */ |
471 | 0 | AP_PROCESS_REQUEST_RETURN((uintptr_t)r, r->uri, access_status); |
472 | 0 | if (ap_extended_status) { |
473 | 0 | ap_time_process_request(c->sbh, STOP_PREQUEST); |
474 | 0 | } |
475 | 0 | if (c->cs) |
476 | 0 | c->cs->state = CONN_STATE_SUSPENDED; |
477 | 0 | #if APR_HAS_THREADS |
478 | 0 | apr_thread_mutex_unlock(r->invoke_mtx); |
479 | 0 | #endif |
480 | 0 | return; |
481 | 0 | } |
482 | 0 | #if APR_HAS_THREADS |
483 | 0 | apr_thread_mutex_unlock(r->invoke_mtx); |
484 | 0 | #endif |
485 | |
|
486 | 0 | ap_die_r(access_status, r, HTTP_OK); |
487 | |
|
488 | 0 | ap_process_request_after_handler(r); |
489 | 0 | } |
490 | | |
491 | | AP_DECLARE(void) ap_process_request(request_rec *r) |
492 | 0 | { |
493 | 0 | apr_bucket_brigade *bb; |
494 | 0 | apr_bucket *b; |
495 | 0 | conn_rec *c = r->connection; |
496 | 0 | apr_status_t rv; |
497 | |
|
498 | 0 | ap_process_async_request(r); |
499 | |
|
500 | 0 | if (ap_run_input_pending(c) != OK) { |
501 | 0 | bb = ap_acquire_brigade(c); |
502 | 0 | b = apr_bucket_flush_create(c->bucket_alloc); |
503 | 0 | APR_BRIGADE_INSERT_HEAD(bb, b); |
504 | 0 | rv = ap_pass_brigade(c->output_filters, bb); |
505 | 0 | if (APR_STATUS_IS_TIMEUP(rv)) { |
506 | | /* |
507 | | * Notice a timeout as an error message. This might be |
508 | | * valuable for detecting clients with broken network |
509 | | * connections or possible DoS attacks. |
510 | | */ |
511 | 0 | ap_log_cerror(APLOG_MARK, APLOG_INFO, rv, c, APLOGNO(01581) |
512 | 0 | "flushing data to the client"); |
513 | 0 | } |
514 | 0 | ap_release_brigade(c, bb); |
515 | 0 | } |
516 | 0 | if (ap_extended_status) { |
517 | 0 | ap_time_process_request(c->sbh, STOP_PREQUEST); |
518 | 0 | } |
519 | 0 | } |
520 | | |
521 | | static apr_table_t *rename_original_env(apr_pool_t *p, apr_table_t *t) |
522 | 0 | { |
523 | 0 | const apr_array_header_t *env_arr = apr_table_elts(t); |
524 | 0 | const apr_table_entry_t *elts = (const apr_table_entry_t *) env_arr->elts; |
525 | 0 | apr_table_t *new = apr_table_make(p, env_arr->nalloc); |
526 | 0 | int i; |
527 | |
|
528 | 0 | for (i = 0; i < env_arr->nelts; ++i) { |
529 | 0 | if (!elts[i].key) |
530 | 0 | continue; |
531 | 0 | apr_table_setn(new, apr_pstrcat(p, "REDIRECT_", elts[i].key, NULL), |
532 | 0 | elts[i].val); |
533 | 0 | } |
534 | |
|
535 | 0 | return new; |
536 | 0 | } |
537 | | |
538 | | static request_rec *internal_internal_redirect(const char *new_uri, |
539 | 0 | request_rec *r) { |
540 | 0 | int access_status; |
541 | 0 | request_rec *new; |
542 | 0 | const char *vary_header; |
543 | |
|
544 | 0 | if (ap_is_recursion_limit_exceeded(r)) { |
545 | 0 | ap_die(HTTP_INTERNAL_SERVER_ERROR, r); |
546 | 0 | return NULL; |
547 | 0 | } |
548 | | |
549 | 0 | new = (request_rec *) apr_pcalloc(r->pool, sizeof(request_rec)); |
550 | |
|
551 | 0 | new->connection = r->connection; |
552 | 0 | new->server = r->server; |
553 | 0 | new->pool = r->pool; |
554 | | |
555 | | /* |
556 | | * A whole lot of this really ought to be shared with http_protocol.c... |
557 | | * another missing cleanup. It's particularly inappropriate to be |
558 | | * setting header_only, etc., here. |
559 | | */ |
560 | |
|
561 | 0 | new->method = r->method; |
562 | 0 | new->method_number = r->method_number; |
563 | 0 | new->allowed_methods = ap_make_method_list(new->pool, 2); |
564 | 0 | ap_parse_uri(new, new_uri); |
565 | 0 | new->parsed_uri.port_str = r->parsed_uri.port_str; |
566 | 0 | new->parsed_uri.port = r->parsed_uri.port; |
567 | |
|
568 | 0 | new->request_config = ap_create_request_config(r->pool); |
569 | |
|
570 | 0 | new->per_dir_config = r->server->lookup_defaults; |
571 | |
|
572 | 0 | new->prev = r; |
573 | 0 | r->next = new; |
574 | |
|
575 | 0 | new->useragent_addr = r->useragent_addr; |
576 | 0 | new->useragent_ip = r->useragent_ip; |
577 | | |
578 | | /* Must have prev and next pointers set before calling create_request |
579 | | * hook. |
580 | | */ |
581 | 0 | ap_run_create_request(new); |
582 | | |
583 | | /* Inherit the rest of the protocol info... */ |
584 | |
|
585 | 0 | new->the_request = r->the_request; |
586 | |
|
587 | 0 | new->allowed = r->allowed; |
588 | |
|
589 | 0 | new->status = r->status; |
590 | 0 | new->assbackwards = r->assbackwards; |
591 | 0 | new->header_only = r->header_only; |
592 | 0 | new->protocol = r->protocol; |
593 | 0 | new->proto_num = r->proto_num; |
594 | 0 | new->hostname = r->hostname; |
595 | 0 | new->request_time = r->request_time; |
596 | 0 | new->main = r->main; |
597 | |
|
598 | 0 | new->headers_in = r->headers_in; |
599 | 0 | new->trailers_in = r->trailers_in; |
600 | 0 | new->headers_out = apr_table_make(r->pool, 12); |
601 | 0 | if (ap_is_HTTP_REDIRECT(new->status)) { |
602 | 0 | const char *location = apr_table_get(r->headers_out, "Location"); |
603 | 0 | if (location) |
604 | 0 | apr_table_setn(new->headers_out, "Location", location); |
605 | 0 | } |
606 | | |
607 | | /* A module (like mod_rewrite) can force an internal redirect |
608 | | * to carry over the Vary header (if present). |
609 | | */ |
610 | 0 | if (apr_table_get(r->notes, "redirect-keeps-vary")) { |
611 | 0 | if((vary_header = apr_table_get(r->headers_out, "Vary"))) { |
612 | 0 | apr_table_setn(new->headers_out, "Vary", vary_header); |
613 | 0 | } |
614 | 0 | } |
615 | |
|
616 | 0 | new->err_headers_out = r->err_headers_out; |
617 | 0 | new->trailers_out = apr_table_make(r->pool, 5); |
618 | 0 | new->subprocess_env = rename_original_env(r->pool, r->subprocess_env); |
619 | 0 | new->notes = apr_table_make(r->pool, 5); |
620 | |
|
621 | 0 | new->htaccess = r->htaccess; |
622 | 0 | new->no_cache = r->no_cache; |
623 | 0 | new->expecting_100 = r->expecting_100; |
624 | 0 | new->no_local_copy = r->no_local_copy; |
625 | 0 | new->read_length = r->read_length; /* We can only read it once */ |
626 | 0 | new->vlist_validator = r->vlist_validator; |
627 | |
|
628 | 0 | new->proto_output_filters = r->proto_output_filters; |
629 | 0 | new->proto_input_filters = r->proto_input_filters; |
630 | |
|
631 | 0 | new->input_filters = new->proto_input_filters; |
632 | |
|
633 | 0 | if (new->main) { |
634 | 0 | ap_filter_t *f, *nextf; |
635 | | |
636 | | /* If this is a subrequest, the filter chain may contain a |
637 | | * mixture of filters specific to the old request (r), and |
638 | | * some inherited from r->main. Here, inherit that filter |
639 | | * chain, and remove all those which are specific to the old |
640 | | * request; ensuring the subreq filter is left in place. */ |
641 | 0 | new->output_filters = r->output_filters; |
642 | |
|
643 | 0 | f = new->output_filters; |
644 | 0 | do { |
645 | 0 | nextf = f->next; |
646 | |
|
647 | 0 | if (f->r == r && f->frec != ap_subreq_core_filter_handle) { |
648 | 0 | ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(01582) |
649 | 0 | "dropping filter '%s' in internal redirect from %s to %s", |
650 | 0 | f->frec->name, r->unparsed_uri, new_uri); |
651 | | |
652 | | /* To remove the filter, first set f->r to the *new* |
653 | | * request_rec, so that ->output_filters on 'new' is |
654 | | * changed (if necessary) when removing the filter. */ |
655 | 0 | f->r = new; |
656 | 0 | ap_remove_output_filter(f); |
657 | 0 | } |
658 | |
|
659 | 0 | f = nextf; |
660 | | |
661 | | /* Stop at the protocol filters. If a protocol filter has |
662 | | * been newly installed for this resource, better leave it |
663 | | * in place, though it's probably a misconfiguration or |
664 | | * filter bug to get into this state. */ |
665 | 0 | } while (f && f != new->proto_output_filters); |
666 | 0 | } |
667 | 0 | else { |
668 | | /* If this is not a subrequest, clear out all |
669 | | * resource-specific filters. */ |
670 | 0 | new->output_filters = new->proto_output_filters; |
671 | 0 | } |
672 | |
|
673 | 0 | update_r_in_filters(new->input_filters, r, new); |
674 | 0 | update_r_in_filters(new->output_filters, r, new); |
675 | |
|
676 | 0 | apr_table_setn(new->subprocess_env, "REDIRECT_STATUS", |
677 | 0 | apr_itoa(r->pool, r->status)); |
678 | | |
679 | | /* Begin by presuming any module can make its own path_info assumptions, |
680 | | * until some module interjects and changes the value. |
681 | | */ |
682 | 0 | new->used_path_info = AP_REQ_DEFAULT_PATH_INFO; |
683 | |
|
684 | 0 | #if APR_HAS_THREADS |
685 | 0 | new->invoke_mtx = r->invoke_mtx; |
686 | 0 | #endif |
687 | | |
688 | | /* |
689 | | * XXX: hmm. This is because mod_setenvif and mod_unique_id really need |
690 | | * to do their thing on internal redirects as well. Perhaps this is a |
691 | | * misnamed function. |
692 | | */ |
693 | 0 | if ((access_status = ap_post_read_request(new))) { |
694 | 0 | ap_die(access_status, new); |
695 | 0 | return NULL; |
696 | 0 | } |
697 | | |
698 | 0 | return new; |
699 | 0 | } |
700 | | |
701 | | /* XXX: Is this function is so bogus and fragile that we deep-6 it? */ |
702 | | AP_DECLARE(void) ap_internal_fast_redirect(request_rec *rr, request_rec *r) |
703 | 0 | { |
704 | | /* We need to tell POOL_DEBUG that we're guaranteeing that rr->pool |
705 | | * will exist as long as r->pool. Otherwise we run into troubles because |
706 | | * some values in this request will be allocated in r->pool, and others in |
707 | | * rr->pool. |
708 | | */ |
709 | 0 | apr_pool_join(r->pool, rr->pool); |
710 | 0 | r->proxyreq = rr->proxyreq; |
711 | 0 | r->no_cache = (r->no_cache && rr->no_cache); |
712 | 0 | r->no_local_copy = (r->no_local_copy && rr->no_local_copy); |
713 | 0 | r->mtime = rr->mtime; |
714 | 0 | r->uri = rr->uri; |
715 | 0 | r->filename = rr->filename; |
716 | 0 | r->canonical_filename = rr->canonical_filename; |
717 | 0 | r->path_info = rr->path_info; |
718 | 0 | r->args = rr->args; |
719 | 0 | r->finfo = rr->finfo; |
720 | 0 | r->handler = rr->handler; |
721 | 0 | ap_set_content_type(r, rr->content_type); |
722 | 0 | r->content_encoding = rr->content_encoding; |
723 | 0 | r->content_languages = rr->content_languages; |
724 | 0 | r->per_dir_config = rr->per_dir_config; |
725 | | /* copy output headers from subrequest, but leave negotiation headers */ |
726 | 0 | r->notes = apr_table_overlay(r->pool, rr->notes, r->notes); |
727 | 0 | r->headers_out = apr_table_overlay(r->pool, rr->headers_out, |
728 | 0 | r->headers_out); |
729 | 0 | r->err_headers_out = apr_table_overlay(r->pool, rr->err_headers_out, |
730 | 0 | r->err_headers_out); |
731 | 0 | r->trailers_out = apr_table_overlay(r->pool, rr->trailers_out, |
732 | 0 | r->trailers_out); |
733 | 0 | r->subprocess_env = apr_table_overlay(r->pool, rr->subprocess_env, |
734 | 0 | r->subprocess_env); |
735 | |
|
736 | 0 | r->output_filters = rr->output_filters; |
737 | 0 | r->input_filters = rr->input_filters; |
738 | | |
739 | | /* If any filters pointed at the now-defunct rr, we must point them |
740 | | * at our "new" instance of r. In particular, some of rr's structures |
741 | | * will now be bogus (say rr->headers_out). If a filter tried to modify |
742 | | * their f->r structure when it is pointing to rr, the real request_rec |
743 | | * will not get updated. Fix that here. |
744 | | */ |
745 | 0 | update_r_in_filters(r->input_filters, rr, r); |
746 | 0 | update_r_in_filters(r->output_filters, rr, r); |
747 | |
|
748 | 0 | if (r->main) { |
749 | 0 | ap_filter_t *next = r->output_filters; |
750 | 0 | while (next && (next != r->proto_output_filters)) { |
751 | 0 | if (next->frec == ap_subreq_core_filter_handle) { |
752 | 0 | break; |
753 | 0 | } |
754 | 0 | next = next->next; |
755 | 0 | } |
756 | 0 | if (!next || next == r->proto_output_filters) { |
757 | 0 | ap_add_output_filter_handle(ap_subreq_core_filter_handle, |
758 | 0 | NULL, r, r->connection); |
759 | 0 | } |
760 | 0 | } |
761 | 0 | else { |
762 | | /* |
763 | | * We need to check if we now have the SUBREQ_CORE filter in our filter |
764 | | * chain. If this is the case we need to remove it since we are NO |
765 | | * subrequest. But we need to keep in mind that the SUBREQ_CORE filter |
766 | | * does not necessarily need to be the first filter in our chain. So we |
767 | | * need to go through the chain. But we only need to walk up the chain |
768 | | * until the proto_output_filters as the SUBREQ_CORE filter is below the |
769 | | * protocol filters. |
770 | | */ |
771 | 0 | ap_filter_t *next; |
772 | |
|
773 | 0 | next = r->output_filters; |
774 | 0 | while (next && (next->frec != ap_subreq_core_filter_handle) |
775 | 0 | && (next != r->proto_output_filters)) { |
776 | 0 | next = next->next; |
777 | 0 | } |
778 | 0 | if (next && (next->frec == ap_subreq_core_filter_handle)) { |
779 | 0 | ap_remove_output_filter(next); |
780 | 0 | } |
781 | 0 | } |
782 | 0 | } |
783 | | |
784 | | AP_DECLARE(void) ap_internal_redirect(const char *new_uri, request_rec *r) |
785 | 0 | { |
786 | 0 | int access_status; |
787 | 0 | request_rec *new = internal_internal_redirect(new_uri, r); |
788 | |
|
789 | 0 | AP_INTERNAL_REDIRECT(r->uri, new_uri); |
790 | | |
791 | | /* ap_die was already called, if an error occurred */ |
792 | 0 | if (!new) { |
793 | 0 | return; |
794 | 0 | } |
795 | | |
796 | 0 | access_status = ap_run_quick_handler(new, 0); /* Not a look-up request */ |
797 | 0 | if (access_status == DECLINED) { |
798 | 0 | access_status = ap_process_request_internal(new); |
799 | 0 | if (access_status == OK) { |
800 | 0 | access_status = ap_invoke_handler(new); |
801 | 0 | } |
802 | 0 | } |
803 | 0 | ap_die(access_status, new); |
804 | 0 | } |
805 | | |
806 | | /* This function is designed for things like actions or CGI scripts, when |
807 | | * using AddHandler, and you want to preserve the content type across |
808 | | * an internal redirect. |
809 | | */ |
810 | | AP_DECLARE(void) ap_internal_redirect_handler(const char *new_uri, request_rec *r) |
811 | 0 | { |
812 | 0 | int access_status; |
813 | 0 | request_rec *new = internal_internal_redirect(new_uri, r); |
814 | | |
815 | | /* ap_die was already called, if an error occurred */ |
816 | 0 | if (!new) { |
817 | 0 | return; |
818 | 0 | } |
819 | | |
820 | 0 | if (r->handler) |
821 | 0 | ap_set_content_type(new, r->content_type); |
822 | 0 | access_status = ap_process_request_internal(new); |
823 | 0 | if (access_status == OK) { |
824 | 0 | access_status = ap_invoke_handler(new); |
825 | 0 | } |
826 | 0 | ap_die(access_status, new); |
827 | 0 | } |
828 | | |
829 | | AP_DECLARE(void) ap_allow_methods(request_rec *r, int reset, ...) |
830 | 0 | { |
831 | 0 | const char *method; |
832 | 0 | va_list methods; |
833 | | |
834 | | /* |
835 | | * Get rid of any current settings if requested; not just the |
836 | | * well-known methods but any extensions as well. |
837 | | */ |
838 | 0 | if (reset) { |
839 | 0 | ap_clear_method_list(r->allowed_methods); |
840 | 0 | } |
841 | |
|
842 | 0 | va_start(methods, reset); |
843 | 0 | while ((method = va_arg(methods, const char *)) != NULL) { |
844 | 0 | ap_method_list_add(r->allowed_methods, method); |
845 | 0 | } |
846 | 0 | va_end(methods); |
847 | 0 | } |
848 | | |
849 | | AP_DECLARE(void) ap_allow_standard_methods(request_rec *r, int reset, ...) |
850 | 0 | { |
851 | 0 | int method; |
852 | 0 | va_list methods; |
853 | 0 | ap_method_mask_t mask; |
854 | | |
855 | | /* |
856 | | * Get rid of any current settings if requested; not just the |
857 | | * well-known methods but any extensions as well. |
858 | | */ |
859 | 0 | if (reset) { |
860 | 0 | ap_clear_method_list(r->allowed_methods); |
861 | 0 | } |
862 | |
|
863 | 0 | mask = 0; |
864 | 0 | va_start(methods, reset); |
865 | 0 | while ((method = va_arg(methods, int)) != -1) { |
866 | 0 | mask |= (AP_METHOD_BIT << method); |
867 | 0 | } |
868 | 0 | va_end(methods); |
869 | |
|
870 | 0 | r->allowed_methods->method_mask |= mask; |
871 | 0 | } |