client_side_request.cc
Go to the documentation of this file.
80ErrorState *clientBuildError(err_type, Http::StatusCode, char const *url, const ConnStateData *, HttpRequest *, const AccessLogEntry::Pointer &);
460 debugs(28, DBG_CRITICAL, "ERROR: Processing X-Forwarded-For. Stopping at IP address: " << request->indirect_client_addr );
500 debugs(85, 3, "SECURITY ALERT: Host header forgery detected on " << http->getConn()->clientConnection <<
511 // XXX: when we have sorted out the best way to relay requests properly to peers this hierarchical limit can go.
594 debugs(85, 3, "validate host=" << host << ", port=" << port << ", portStr=" << (portStr?portStr:"NULL"));
612 debugs(85, 3, "FAIL on validate URL domain length " << http->request->url.host() << " matches Host: " << host);
616 debugs(85, 3, "FAIL on validate URL domain " << http->request->url.host() << " matches Host: " << host);
623 debugs(85, 3, "FAIL on validate URL port " << *http->request->url.port() << " matches Host: port " << portStr);
625 } else if (!portStr && http->request->method != Http::METHOD_CONNECT && http->request->url.port() != http->request->url.getScheme().defaultPort()) {
628 debugs(85, 3, "FAIL on validate URL port " << http->request->url.port().value_or(0) << " matches Host: default port " << http->request->url.getScheme().defaultPort().value_or(0));
653 http->request->x_forwarded_for_iterator = http->request->header.getList(Http::HdrType::X_FORWARDED_FOR);
736 page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName, answer != ACCESS_AUTH_REQUIRED);
886 if (!request->flags.hostVerified && (request->flags.intercepted || request->flags.interceptTproxy))
952 if (req_hdr->has(Http::HdrType::AUTHORIZATION) || req_hdr->has(Http::HdrType::PROXY_AUTHORIZATION)) {
1000 // RFC 2616: treat Pragma:no-cache as if it was Cache-Control:no-cache when Cache-Control is missing
1169 debugs(85, DBG_IMPORTANT, "ERROR: URL rewrite helper returned invalid result code. Wrong helper? " << reply);
1211 debugs(85, DBG_CRITICAL, "ERROR: URL-rewrite produces invalid " << status << " redirect Location: " << urlNote);
1223 debugs(61, 2, "URL-rewriter diverts URL from " << old_request->effectiveRequestUri() << " to " << new_request->effectiveRequestUri());
1280 debugs(85, DBG_IMPORTANT, "ERROR: storeID helper returned invalid result code. Wrong helper? " << reply);
1442 const Comm::ConnectionPointer clientConn = http->getConn() ? http->getConn()->clientConnection : nullptr;
1508SslBumpEstablish(const Comm::ConnectionPointer &, char *, size_t, Comm::Flag errflag, int, void *data)
1890 const auto canonicalUri = urlCanonicalCleanWithoutRequest(errorUri, HttpRequestMethod(), AnyP::UriScheme());
2093 storeEntry()->completeSuccessfully("received, consumed, and, hence, stored the entire REQMOD reply");
2119ClientHttpRequest::handleAdaptationFailure(const ErrorDetail::Pointer &errDetail, bool bypassable)
2156 debugs(85, DBG_IMPORTANT, "ClientHttpRequest exception without connection. Ignoring " << ex.what());
RefCount< AsyncCallT< Dialer > > asyncCall(int aDebugSection, int aDebugLevel, const char *aName, const Dialer &aDialer)
Definition: AsyncCall.h:155
CommCbFunPtrCallT< Dialer > * commCbCall(int debugSection, int debugLevel, const char *callName, const Dialer &dialer)
Definition: CommCalls.h:312
ErrorDetail::Pointer MakeNamedErrorDetail(const char *name)
Definition: Detail.cc:54
ACLFilledChecklist * Filled(ACLChecklist *checklist)
convenience and safety wrapper for dynamic_cast<ACLFilledChecklist*>
Definition: FilledChecklist.h:121
Ip::NfMarkConfig aclFindNfMarkConfig(acl_nfmark *head, ACLChecklist *ch)
Checks for a netfilter mark value to apply depending on the ACL.
Definition: FwdState.cc:1465
tos_t aclMapTOS(acl_tos *head, ACLChecklist *ch)
Checks for a TOS value to apply depending on the ACL.
Definition: FwdState.cc:1453
void UpdateRequestNotes(ConnStateData *csd, HttpRequest &request, NotePairs const &helperNotes)
Definition: HttpRequest.cc:760
int strListIsSubstr(const String *list, const char *s, char del)
Definition: StrList.cc:63
SBuf StringToSBuf(const String &s)
create a new SBuf from a String by copying contents
Definition: StringConvert.h:17
int matchDomainName(const char *h, const char *d, MatchDomainNameFlags flags)
Definition: Uri.cc:816
char * urlCanonicalCleanWithoutRequest(const SBuf &url, const HttpRequestMethod &method, const AnyP::UriScheme &scheme)
Definition: Uri.cc:700
void fvdbCountVia(const SBuf &)
void fvdbCountForwarded(const SBuf &)
count occurrences of the given X-Forwarded-For header value
void error(char *format,...)
void nonBlockingCheck(ACLCB *callback, void *callback_data)
Definition: Checklist.cc:237
Definition: FilledChecklist.h:33
AccessLogEntry::Pointer al
info for the future access.log, and external ACL
Definition: FilledChecklist.h:102
void syncAle(HttpRequest *adaptedRequest, const char *logUri) const override
assigns uninitialized adapted_request and url ALE components
Definition: FilledChecklist.cc:124
Definition: AccessLogEntry.h:41
class AccessLogEntry::CacheDetails cache
Comm::ConnectionPointer tcpClient
TCP/IP level details about the client connection.
Definition: AccessLogEntry.h:83
void setVirginUrlForMissingRequest(const SBuf &vu)
Remember Client URI (or equivalent) when there is no HttpRequest.
Definition: AccessLogEntry.h:264
ProxyProtocol::HeaderPointer proxyProtocolHeader
see ConnStateData::proxyProtocolHeader_
Definition: AccessLogEntry.h:210
class AccessLogEntry::SslDetails ssl
void updateError(const Error &)
sets (or updates the already stored) transaction error as needed
Definition: AccessLogEntry.cc:212
Definition: Acl.h:128
bool conflicted() const
whether Squid is uncertain about the allowed() or denied() answer
Definition: Acl.h:165
static bool Start(Method method, VectPoint vp, HttpRequest *req, HttpReply *, const AccessLogEntryPointer &, Adaptation::Initiator *)
Definition: AccessCheck.cc:30
summarizes adaptation service answer for the noteAdaptationAnswer() API
Definition: Answer.h:23
CbcPointer< Initiate > initiateAdaptation(Initiate *x)
< starts freshly created initiate and returns a safe pointer to it
Definition: Initiator.cc:23
void clearAdaptation(CbcPointer< Initiate > &x)
clears the pointer (does not call announceInitiatorAbort)
Definition: Initiator.cc:32
void announceInitiatorAbort(CbcPointer< Initiate > &x)
inform the transaction about abnormal termination and clear the pointer
Definition: Initiator.cc:38
bool initiated(const CbcPointer< AsyncJob > &job) const
Must(initiated(initiate)) instead of Must(initiate.set()), for clarity.
Definition: Initiator.h:52
iterates services in ServiceGroup, starting adaptation launchers
Definition: Iterator.h:32
Definition: UriScheme.h:32
Definition: AsyncJob.h:32
char const * denyMessage(char const *const default_message=nullptr) const
Definition: UserRequest.cc:127
void stopConsumingFrom(RefCount< BodyPipe > &)
Definition: BodyPipe.cc:118
Definition: BodyPipe.h:62
bool setConsumerIfNotLate(const Consumer::Pointer &aConsumer)
Definition: BodyPipe.cc:228
Definition: client_side_request.h:38
int64_t prepPartialResponseGeneration()
Definition: client_side_request.cc:1898
ClientHttpRequest(ConnStateData *)
Definition: client_side_request.cc:122
void noteAdaptationAclCheckDone(Adaptation::ServiceGroupPointer) override
Definition: client_side_request.cc:784
void noteMoreBodyDataAvailable(BodyPipe::Pointer) override
Definition: client_side_request.cc:2026
struct ClientHttpRequest::Out out
bool request_satisfaction_mode
Definition: client_side_request.h:244
void clearRequest()
resets the current request and log_uri to nil
Definition: client_side_request.cc:1648
void resumeBodyStorage()
called by StoreEntry when it has more buffer space available
Definition: client_side_request.cc:2017
bool receivedWholeAdaptedReply
noteBodyProductionEnded() was called
Definition: client_side_request.h:242
void noteBodyProductionEnded(BodyPipe::Pointer) override
Definition: client_side_request.cc:2068
void calloutsError(const err_type, const ErrorDetail::Pointer &)
Build an error reply. For use with the callouts.
Definition: client_side_request.cc:2165
void absorbLogUri(char *)
assigns log_uri with aUri without copying the entire C-string
Definition: client_side_request.cc:1874
void endRequestSatisfaction()
Definition: client_side_request.cc:2082
void initRequest(HttpRequest *)
Definition: client_side_request.cc:1611
void setLogUriToRequestUri()
sets log_uri when we know the current request
Definition: client_side_request.cc:1850
void updateError(const Error &)
if necessary, stores new error information (if any)
Definition: client_side_request.cc:1570
CbcPointer< Adaptation::Initiate > virginHeadSource
Definition: client_side_request.h:238
~ClientHttpRequest() override
Definition: client_side_request.cc:229
void updateLoggingTags(const LogTags_ot code)
update the code in the transaction processing tags
Definition: client_side_request.h:86
void setLogUriToRawUri(const char *, const HttpRequestMethod &)
Definition: client_side_request.cc:1858
size_t req_sz
raw request size on input, not current request size
Definition: client_side_request.h:154
BodyPipe::Pointer adaptedBodySource
Definition: client_side_request.h:239
Ssl::BumpMode sslBumpNeed_
whether (and how) the request needs to be bumped
Definition: client_side_request.h:200
void noteAdaptationAnswer(const Adaptation::Answer &) override
Definition: client_side_request.cc:1937
void handleAdaptedHeader(Http::Message *)
Definition: client_side_request.cc:1961
struct ClientHttpRequest::Flags flags
int64_t request_satisfaction_offset
Definition: client_side_request.h:245
void resetRequest(HttpRequest *)
Definition: client_side_request.cc:1628
void callException(const std::exception &) override
called when the job throws during an async call
Definition: client_side_request.cc:2147
void assignRequest(HttpRequest *)
Definition: client_side_request.cc:1638
void handleAdaptationBlock(const Adaptation::Answer &)
Definition: client_side_request.cc:2006
void noteBodyProducerAborted(BodyPipe::Pointer) override
Definition: client_side_request.cc:2100
void sslBumpEstablish(Comm::Flag)
Definition: client_side_request.cc:1518
bool sslBumpNeeded() const
returns true if and only if the request needs to be bumped
Definition: client_side_request.h:192
ClientRequestContext * calloutContext
Definition: client_side_request.h:171
Ssl::BumpMode sslBumpNeed() const
returns raw sslBump mode value
Definition: client_side_request.h:190
const LogTags & loggingTags() const
the processing tags associated with this request transaction.
Definition: client_side_request.h:89
void handleAdaptationFailure(const ErrorDetail::Pointer &, bool bypassable=false)
Definition: client_side_request.cc:2119
StoreEntry * loggingEntry() const
Definition: client_side_request.h:68
void startAdaptation(const Adaptation::ServiceGroupPointer &)
Initiate an asynchronous adaptation transaction which will call us back.
Definition: client_side_request.cc:1923
struct ClientHttpRequest::Redirect redirect
Definition: ClientRequestContext.h:27
void clientAccessCheck2()
Definition: client_side_request.cc:677
bool interpreted_req_hdrs
Definition: ClientRequestContext.h:76
bool sslBumpAccessCheck()
Definition: client_side_request.cc:1346
void clientAccessCheckDone(const Acl::Answer &)
Definition: client_side_request.cc:700
void clientStoreIdDone(const Helper::Reply &)
Definition: client_side_request.cc:1261
void clientRedirectDone(const Helper::Reply &)
Definition: client_side_request.cc:1142
bool host_header_verify_done
Definition: ClientRequestContext.h:67
void sslBumpAccessCheckDone(const Acl::Answer &answer)
The callback function for ssl-bump access check list.
Definition: client_side_request.cc:1431
void clientRedirectStart()
Definition: client_side_request.cc:831
bool adapted_http_access_done
Definition: ClientRequestContext.h:69
void clientAccessCheck()
Definition: client_side_request.cc:641
ClientRequestContext(ClientHttpRequest *)
Definition: client_side_request.cc:114
bool readNextRequest
whether Squid should read after error handling
Definition: ClientRequestContext.h:82
~ClientRequestContext() override
Definition: client_side_request.cc:100
ACLChecklist * acl_checklist
need ptr back so we can unregister if needed
Definition: ClientRequestContext.h:63
bool toClientMarkingDone
Definition: ClientRequestContext.h:77
void checkNoCache()
applies "cache allow/deny" rules, asynchronously if needed
Definition: client_side_request.cc:1312
bool adaptation_acl_check_done
Definition: ClientRequestContext.h:71
ErrorState * error
saved error page for centralized/delayed processing
Definition: ClientRequestContext.h:81
void hostHeaderVerifyFailed(const char *A, const char *B)
Definition: client_side_request.cc:495
void clientStoreIdStart()
Definition: client_side_request.cc:868
void hostHeaderIpVerify(const ipcache_addrs *, const Dns::LookupDetails &)
Definition: client_side_request.cc:476
void checkNoCacheDone(const Acl::Answer &)
Definition: client_side_request.cc:1335
static void Reset()
forgets the current context, setting it to nil/unknown
Definition: CodeContext.cc:77
Definition: CommCalls.h:114
Definition: CommCalls.h:231
Definition: client_side.h:84
const ProxyProtocol::HeaderPointer & proxyProtocolHeader() const
Definition: client_side.h:361
Comm::ConnectionPointer serverConnection
Definition: client_side.h:144
void switchToHttps(ClientHttpRequest *, Ssl::BumpMode bumpServerMode)
Definition: client_side.cc:2840
void setAuth(const Auth::UserRequest::Pointer &aur, const char *cause)
Definition: client_side.cc:518
const Auth::UserRequest::Pointer & getAuth() const
Definition: client_side.h:124
Error bareError
a problem that occurred without a request (e.g., while parsing headers)
Definition: client_side.h:382
void expectNoForwarding()
cleans up virgin request [body] forwarding state
Definition: client_side.cc:3647
struct ConnStateData::@37 flags
AnyP::Port port
destination port of the request that caused serverConnection
Definition: client_side.h:146
void setServerBump(Ssl::ServerBump *srvBump)
Definition: client_side.h:287
struct ConnStateData::@38 pinning
Definition: ipcache.h:51
bool have(const Ip::Address &ip, size_t *position=nullptr) const
Definition: ipcache.cc:982
Definition: errorpage.h:89
void detailError(const ErrorDetail::Pointer &dCode)
set error type-specific detail code
Definition: errorpage.h:111
Auth::UserRequest::Pointer auth_user_request
Definition: errorpage.h:175
void update(const Error &)
if necessary, stores the given error information (if any)
Definition: Error.cc:16
Definition: Reply.h:30
Definition: HttpHeader.h:51
Definition: HttpHeader.h:75
HttpHeaderEntry * getEntry(HttpHeaderPos *pos) const
Definition: HttpHeader.cc:584
int hasListMember(Http::HdrType id, const char *member, const char separator) const
Definition: HttpHeader.cc:1663
Definition: HttpReply.h:25
static HttpReplyPointer MakeConnectionEstablished()
construct and return an HTTP/200 (Connection Established) response
Definition: HttpReply.cc:121
Definition: RequestMethod.h:27
bool respMaybeCacheable() const
Definition: RequestMethod.cc:208
Definition: HttpRequest.h:49
void recordLookup(const Dns::LookupDetails &detail)
Definition: HttpRequest.cc:580
CbcPointer< ConnStateData > clientConnectionManager
Definition: HttpRequest.h:232
static HttpRequest * FromUrlXXX(const char *url, const MasterXaction::Pointer &, const HttpRequestMethod &method=Http::METHOD_GET)
Definition: HttpRequest.cc:528
void detailError(const err_type c, const ErrorDetail::Pointer &d)
sets error detail if no earlier detail was available
Definition: HttpRequest.h:101
void ignoreRange(const char *reason)
forgets about the cached Range header (for a reason)
Definition: HttpRequest.cc:621
Auth::UserRequest::Pointer auth_user_request
Definition: HttpRequest.h:127
Adaptation::Icap::History::Pointer icapHistory() const
Returns possibly nil history, creating it if icap logging is enabled.
Definition: HttpRequest.cc:389
const SBuf & effectiveRequestUri() const
RFC 7230 section 5.5 - Effective Request URI.
Definition: HttpRequest.cc:744
Definition: Address.h:41
void consume(mb_size_t sz)
removes sz bytes and "packs" by moving content left
Definition: MemBuf.cc:168
Definition: AsyncJobCalls.h:91
Definition: Range.h:19
bool forceTunnel
whether to forward via TunnelStateData (instead of FwdState)
Definition: RequestFlags.h:120
bool done_follow_x_forwarded_for
Definition: RequestFlags.h:108
void resetWithoutLocking(T *t)
Reset raw pointer - unlock any previous one and save new one without locking.
Definition: LockingPointer.h:111
struct SquidConfig::@94 Port
struct SquidConfig::@107 accessList
struct SquidConfig::@106 onoff
struct SquidConfig::@99 Program
struct SquidConfig::@100 Accel
struct SquidConfig::UrlHelperTimeout onUrlRewriteTimeout
Definition: ServerBump.h:34
Definition: Store.h:42
void completeSuccessfully(const char *whyWeAreSureWeStoredTheWholeReply)
Definition: store.cc:1003
size_t bytesWanted(Range< size_t > const aRange, bool ignoreDelayPool=false) const
Definition: store.cc:212
void completeTruncated(const char *whyWeConsiderTheReplyTruncated)
Definition: store.cc:1010
void replaceHttpReply(const HttpReplyPointer &, const bool andStartWriting=true)
Definition: store.cc:1691
void deferProducer(const AsyncCall::Pointer &producer)
call back producer when more buffer space is available
Definition: store.cc:352
Definition: StoreIOBuffer.h:16
Definition: SquidString.h:26
void veto()
makes decision() false regardless of past or future support() calls
Definition: SupportOrVeto.h:29
Definition: client_side_reply.h:23
Definition: clientStream.h:76
void CSD(clientStreamNode *, ClientHttpRequest *)
client stream detach
Definition: clientStreamForward.h:33
void CSR(clientStreamNode *, ClientHttpRequest *)
client stream read
Definition: clientStreamForward.h:30
void CSCB(clientStreamNode *, ClientHttpRequest *, HttpReply *, StoreIOBuffer)
client stream read callback
Definition: clientStreamForward.h:27
clientStream_status_t CSS(clientStreamNode *, ClientHttpRequest *)
Definition: clientStreamForward.h:35
ACLFilledChecklist * clientAclChecklistCreate(const acl_access *acl, ClientHttpRequest *http)
Definition: client_side.cc:3525
static void clientInterpretRequestHeaders(ClientHttpRequest *http)
Definition: client_side_request.cc:983
static void clientRedirectAccessCheckDone(Acl::Answer answer, void *data)
Definition: client_side_request.cc:816
static void clientFollowXForwardedForCheck(Acl::Answer answer, void *data)
Definition: client_side_request.cc:392
#define FAILURE_MODE_TIME
static void checkNoCacheDoneWrapper(Acl::Answer, void *)
Definition: client_side_request.cc:1324
static void sslBumpAccessCheckDoneWrapper(Acl::Answer, void *)
Definition: client_side_request.cc:1421
ErrorState * clientBuildError(err_type, Http::StatusCode, char const *url, const ConnStateData *, HttpRequest *, const AccessLogEntry::Pointer &)
Definition: client_side_reply.cc:2134
static void hostHeaderIpVerifyWrapper(const ipcache_addrs *ia, const Dns::LookupDetails &dns, void *data)
Definition: client_side_request.cc:469
static void clientCheckPinning(ClientHttpRequest *http)
Definition: client_side_request.cc:920
static int clientHierarchical(ClientHttpRequest *http)
Definition: client_side_request.cc:880
static void clientStoreIdAccessCheckDone(Acl::Answer answer, void *data)
Definition: client_side_request.cc:847
int clientBeginRequest(const HttpRequestMethod &method, char const *url, CSCB *streamcallback, CSD *streamdetach, ClientStreamData streamdata, HttpHeader const *header, char *tailbuf, size_t taillen, const MasterXaction::Pointer &mx)
Definition: client_side_request.cc:276
static void checkFailureRatio(err_type, hier_code)
Definition: client_side_request.cc:173
static HLPCB clientRedirectDoneWrapper
Definition: client_side_request.cc:92
static void clientAccessCheckDoneWrapper(Acl::Answer, void *)
Definition: client_side_request.cc:689
static void SslBumpEstablish(const Comm::ConnectionPointer &, char *, size_t, Comm::Flag errflag, int, void *data)
Definition: client_side_request.cc:1508
int refresh_nocache_hack
char ThisCache2[RFC2181_MAXHOSTNAMELEN<< 1]
int neighbors_do_private_keys
double request_failure_ratio
time_t hit_only_mode_until
err_type aclGetDenyInfoPage(AclDenyInfoList **head, const char *name, int redirect_allowed)
Definition: Gadgets.cc:39
void clientStreamRead(clientStreamNode *thisObject, ClientHttpRequest *http, StoreIOBuffer readBuffer)
Definition: clientStream.cc:170
void clientStreamInit(dlink_list *list, CSR *func, CSD *rdetach, CSS *readstatus, ClientStreamData readdata, CSCB *callback, CSD *cdetach, ClientStreamData callbackdata, StoreIOBuffer tailBuffer)
Definition: clientStream.cc:112
void errorAppendEntry(StoreEntry *entry, ErrorState *err)
Definition: errorpage.cc:718
void ipcache_nbgethostbyname(const char *name, IPH *handler, void *handlerData)
Definition: ipcache.cc:608
void Write(const Comm::ConnectionPointer &conn, const char *buf, int size, AsyncCall::Pointer &callback, FREE *free_func)
Definition: Write.cc:33
AnyP::ProtocolVersion ProtocolVersion(unsigned int aMajor, unsigned int aMinor)
HTTP version label information.
Definition: ProtocolVersion.h:19
bool setNfConnmark(Comm::ConnectionPointer &conn, const ConnectionDirection connDir, const NfMarkConfig &cm)
Definition: QosConfig.cc:181
int setSockTos(const Comm::ConnectionPointer &conn, tos_t tos)
Definition: QosConfig.cc:570
int setSockNfmark(const Comm::ConnectionPointer &conn, nfmark_t mark)
Definition: QosConfig.cc:602
void storeIdStart(ClientHttpRequest *http, HLPCB *handler, void *data)
Definition: redirect.cc:311
void redirectStart(ClientHttpRequest *http, HLPCB *handler, void *data)
Definition: redirect.cc:285
StoreEntry * storeCreateEntry(const char *url, const char *logUrl, const RequestFlags &flags, const HttpRequestMethod &method)
Definition: store.cc:745
Definition: parse.c:104
struct timeval current_time
the current UNIX time in timeval {seconds, microseconds} format
Definition: gadgets.cc:17
void debugObj(int section, int level, const char *label, void *obj, ObjPackMethod pm)
Definition: tools.cc:938