Beispiel #1
0
/*
 * Send the authenticate error header(s). Note: IE has a bug and the Negotiate header
 * must be first. To ensure that, the configure use --enable-auth=negotiate, anything
 * else.
 */
static void
authenticateNegotiateFixErrorHeader(auth_user_request_t * auth_user_request, HttpReply * rep, http_hdr_type type, request_t * request)
{
    negotiate_request_t *negotiate_request;
    if (!negotiateConfig->authenticate)
	return;
    if (!request->flags.proxy_keepalive && request->flags.must_keepalive)
	return;
    /* New request, no user details */
    if (auth_user_request == NULL) {
	debug(29, 9) ("authenticateNegotiateFixErrorHeader: Sending type:%d header: 'Negotiate'\n", type);
	httpHeaderPutStrf(&rep->header, type, "Negotiate");
	if (!negotiateConfig->keep_alive) {
	    /* drop the connection */
	    httpHeaderDelByName(&rep->header, "keep-alive");
	    request->flags.proxy_keepalive = 0;
	}
	return;
    }
    negotiate_request = auth_user_request->scheme_data;
    switch (negotiate_request->auth_state) {
    case AUTHENTICATE_STATE_NONE:
    case AUTHENTICATE_STATE_FAILED:
	debug(29, 9) ("authenticateNegotiateFixErrorHeader: Sending type:%d header: 'Negotiate'\n", type);
	httpHeaderPutStrf(&rep->header, type, "Negotiate");
	/* drop the connection */
	httpHeaderDelByName(&rep->header, "keep-alive");
	request->flags.proxy_keepalive = 0;
	break;
    case AUTHENTICATE_STATE_NEGOTIATE:
	/* we are 'waiting' for a response from the client */
	/* pass the blob to the client */
	debug(29, 9) ("authenticateNegotiateFixErrorHeader: Sending type:%d header: 'Negotiate %s'\n", type, negotiate_request->server_blob);
	httpHeaderPutStrf(&rep->header, type, "Negotiate %s", negotiate_request->server_blob);
	safe_free(negotiate_request->server_blob);
	break;
    case AUTHENTICATE_STATE_DONE:
	/* Special case when authentication finished, but not allowed by ACL */
	if (negotiate_request->server_blob) {
	    debug(29, 9) ("authenticateNegotiateFixErrorHeader: Sending type:%d header: 'Negotiate %s'\n", type, negotiate_request->server_blob);
	    httpHeaderPutStrf(&rep->header, type, "Negotiate %s", negotiate_request->server_blob);
	    safe_free(negotiate_request->server_blob);
	} else {
	    debug(29, 9) ("authenticateNegotiateFixErrorHeader: Connection authenticated\n");
	    httpHeaderPutStrf(&rep->header, type, "Negotiate");
	}
	break;
    default:
	debug(29, 0) ("authenticateNegotiateFixErrorHeader: state %d.\n", negotiate_request->auth_state);
	fatal("unexpected state in AuthenticateNegotiateFixErrorHeader.\n");
    }
}
Beispiel #2
0
// send check header  "X-CC-DOWN-CHECK" to lower FC
static int SendCheckHeader(clientHttpRequest *http)
{
	// do not send X-CC-UP-CHECK to client as possible
	httpHeaderDelByName(&http->reply->header, "X-CC-UP-CHECK");

	struct mod_conf_param *cfg = cc_get_mod_param(http->conn->fd, mod);
	if (NULL == cfg || !cfg->send) {
		debug(107,3)("mod_check_response: no need to send X-CC-UP-CHECK header\n");
		return -1;
	}

	const char *down_buf = httpHeaderGetValue(&http->request->header, "X-CC-DOWN-CHECK");
	if (NULL == down_buf) {
		if (cfg->send)
			debug(107,2)("mod_check_response: do not send X-CC-UP-CHECK header, for not received X-CC-DOWN-CHECK header\n");
		return -1;
	}

	char key[512];  
	memset(key, 0, 512);
	unsigned char md5[SQUID_MD5_DIGEST_LENGTH];
	memset(md5, 0, SQUID_MD5_DIGEST_LENGTH);

	strncpy(key, down_buf, 511);
	char *host = key + strlen(key);
	url2host(host, http->uri);
	GetMD5Digest(key, md5);

	assert(cfg->send);
	httpHeaderAddEntry(&http->reply->header, httpHeaderEntryCreate(HDR_OTHER, "X-CC-UP-CHECK", (char*)md5));
	debug(107, 3)("mod_check_response: send X-CC-UP-CHECK=[%s] header to client\n", md5);
	return 0;
}
Beispiel #3
0
/* use fresh entries to replace old ones */
void
httpHeaderUpdate(HttpHeader * old, const HttpHeader * fresh, const HttpHeaderMask * denied_mask)
{
    const HttpHeaderEntry *e;
    HttpHeaderPos pos = HttpHeaderInitPos;

    assert(old && fresh);
    assert(old != fresh);
    debug(55, 7) ("updating hdr: %p <- %p\n", old, fresh);

    while ((e = httpHeaderGetEntry(fresh, &pos))) {
	/* deny bad guys (ok to check for HDR_OTHER) here */
	if (denied_mask && CBIT_TEST(*denied_mask, e->id))
	    continue;
	if (e->id != HDR_OTHER)
	    httpHeaderDelById(old, e->id);
	else
	    httpHeaderDelByName(old, strBuf(e->name));
    }
    pos = HttpHeaderInitPos;
    while ((e = httpHeaderGetEntry(fresh, &pos))) {
	/* deny bad guys (ok to check for HDR_OTHER) here */
	if (denied_mask && CBIT_TEST(*denied_mask, e->id))
	    continue;
	httpHeaderAddClone(old, e);
    }

    /* And now, repack the array to "fill in the holes" */
    httpHeaderRepack(old);
}
Beispiel #4
0
/*
 * 在组装完squid reply的header之后,将其中的X-Squide-Error抽离
 */
static int func_http_repl_send_start(clientHttpRequest* http)
{
	assert(http);
	assert(http->reply);

	httpHeaderDelByName(&http->reply->header, "FlexiCache-Error");

	return 0;
}
/*
 *This line is to modify the header
 */
static int mod_modify_s2o_header(HttpStateData* data, HttpHeader* hdr)
{
	assert(data);
	int fd = data->fd;
	int i, len;

	struct mod_conf_param *param = (struct mod_conf_param *)cc_get_mod_param(fd, mod);
	assert(param);

	debug(107, 3)("param->orig_name=%s, param->new_name=%s\n", strBuf(param->orig_name), strBuf(param->new_name));
	HttpHeaderPos pos = HttpHeaderInitPos;
	HttpHeaderEntry *myheader;
	HttpHeaderEntry e;

	while ((myheader = httpHeaderGetEntry(hdr, &pos)))
	{
		debug(107, 3)("myheader=%s, param->new_name=%s\n", strBuf(myheader->name), strBuf(param->new_name));
		if (strCaseCmp(myheader->name, strBuf(param->orig_name)) == 0)
		{
			debug(107, 3)("%s is myheader->value,%s is param->orig_name\n",strBuf(myheader->value), strBuf(param->orig_name));

			if(strLen(myheader->value) >= 4095)
			{
				debug(107, 3)("A too long header value!!\n");
				return -1;
			}

			stringInit(&e.name, strBuf(param->new_name));
			stringInit(&e.value, myheader->value.buf);
			len=strlen(strBuf(e.name));
			i=httpHeaderIdByNameDef(strBuf(e.name), len);
			if(-1 == i)
				e.id = HDR_OTHER;
			else    
				e.id = i;
			httpHeaderDelByName(hdr, strBuf(param->orig_name));
			httpHeaderAddEntry(hdr, httpHeaderEntryClone(&e));
			//httpHeaderDelAt(&request->header, pos);
			//httpHeaderRefreshMask(&request->header);
			//httpHeaderInsertEntry(&request->header, httpHeaderEntryClone(&e), pos);
			stringClean(&e.name);
			stringClean(&e.value);			
			break;
		}
	}
	return 0;

}
/* use fresh entries to replace old ones */
void
httpHeaderUpdate(HttpHeader * old, const HttpHeader * fresh, const HttpHeaderMask * denied_mask)
{
    const HttpHeaderEntry *e;
    HttpHeaderPos pos = HttpHeaderInitPos;
    assert(old && fresh);
    assert(old != fresh);
    debug(55, 7) ("updating hdr: %p <- %p\n", old, fresh);

    while ((e = httpHeaderGetEntry(fresh, &pos))) {
	/* deny bad guys (ok to check for HDR_OTHER) here */
	if (denied_mask && CBIT_TEST(*denied_mask, e->id))
	    continue;
	httpHeaderDelByName(old, strBuf(e->name));
	httpHeaderAddEntry(old, httpHeaderEntryClone(e));
    }
}
Beispiel #7
0
/*
 *?????Ǵ????޸ġ?????һ??header?Ĵ??�??
 */
static int modifyHeader3(struct action_part* acp, HttpReply* reply)
{
	assert(acp);
	assert(reply);

	int flag = 0;
	int act = acp->action;
	struct header_info* hdr = acp->hdr;
	HttpHeaderEntry e;
	//HttpHeaderEntry *mye;
	int i;
	HttpHeaderEntry *myheader;
	HttpHeaderPos pos = HttpHeaderInitPos + HDR_ENUM_END;
	e.name = stringDup(&hdr->header);
	e.value = stringDup(&hdr->value);
	i = httpHeaderIdByNameDef(strBuf(hdr->header), strLen(hdr->header));
	e.id = i;
	if(i == -1)
	{
		e.id = HDR_OTHER;
		if(0 == act)
		{
			httpHeaderAddEntry(&reply->header, httpHeaderEntryClone(&e));
		}
		else if(2 == act)
		{
			while ((myheader = httpHeaderGetEntryPlus(&reply->header, &pos))) 
			{
				if (myheader->id == HDR_OTHER && strCaseCmp(myheader->name, strBuf(hdr->header)) == 0)
				{
					debug(98, 3)("%s is myheader->value,%s is hdr->value\n",strBuf(myheader->value), strBuf(hdr->value));
					stringReset(&myheader->value, strBuf(hdr->value));

				}
			}
		}
		else if(1 == act)
		{
			httpHeaderDelByName(&reply->header,strBuf(hdr->header));
		}
		else if(3 == act)
		{
			while ((myheader = httpHeaderGetEntryPlus(&reply->header, &pos))) 
			{
				if (myheader->id == HDR_OTHER && strCaseCmp(myheader->name, strBuf(hdr->header)) == 0)
				{
					debug(98, 3)("%s is myheader->value,%s is hdr->value\n",strBuf(myheader->value), strBuf(hdr->value));
					flag = 1;
					stringReset(&myheader->value, strBuf(hdr->value));

				}
			}
			
			if(!flag)
				httpHeaderAddEntry(&reply->header, httpHeaderEntryClone(&e));
		}
	}
	else
	{
		//mye = httpHeaderFindEntry2(&reply->header, i);
		//debug(98, 3) ("%d is i\n", i);

		if(0 == act)
		{
			httpHeaderAddEntry(&reply->header, httpHeaderEntryClone(&e));
		}
		else if(2 == act)
		{
			if(httpHeaderDelByName(&reply->header,strBuf(hdr->header)))
			{
				httpHeaderAddEntry(&reply->header, httpHeaderEntryClone(&e));
			}
			//mye = httpHeaderFindEntry2(&reply->header, i);
			//debug(98, 3)("%s is newvalue\n",strBuf(mye->value));
		}
		else if(1 == act)
		{
			httpHeaderDelByName(&reply->header,strBuf(hdr->header));
		}
		else if(3 == act)
		{
			httpHeaderDelByName(&reply->header,strBuf(hdr->header));
			httpHeaderAddEntry(&reply->header, httpHeaderEntryClone(&e));
		}
	}
	stringClean(&e.name);
	stringClean(&e.value);

	return 0;
}