/*
* Send the authenticate error header(s). Note: IE has a bug and the Negotiate header
* must be first. To ensure that, the configure use --enable-auth=negotiate, anything
* else.
*/
static void
authenticateNegotiateFixErrorHeader(auth_user_request_t * auth_user_request, HttpReply * rep, http_hdr_type type, request_t * request)
{
negotiate_request_t *negotiate_request;
if (!negotiateConfig->authenticate)
return;
if (!request->flags.proxy_keepalive && request->flags.must_keepalive)
return;
/* New request, no user details */
if (auth_user_request == NULL) {
debug(29, 9) ("authenticateNegotiateFixErrorHeader: Sending type:%d header: 'Negotiate'\n", type);
httpHeaderPutStrf(&rep->header, type, "Negotiate");
if (!negotiateConfig->keep_alive) {
/* drop the connection */
httpHeaderDelByName(&rep->header, "keep-alive");
request->flags.proxy_keepalive = 0;
}
return;
}
negotiate_request = auth_user_request->scheme_data;
switch (negotiate_request->auth_state) {
case AUTHENTICATE_STATE_NONE:
case AUTHENTICATE_STATE_FAILED:
debug(29, 9) ("authenticateNegotiateFixErrorHeader: Sending type:%d header: 'Negotiate'\n", type);
httpHeaderPutStrf(&rep->header, type, "Negotiate");
/* drop the connection */
httpHeaderDelByName(&rep->header, "keep-alive");
request->flags.proxy_keepalive = 0;
break;
case AUTHENTICATE_STATE_NEGOTIATE:
/* we are 'waiting' for a response from the client */
/* pass the blob to the client */
debug(29, 9) ("authenticateNegotiateFixErrorHeader: Sending type:%d header: 'Negotiate %s'\n", type, negotiate_request->server_blob);
httpHeaderPutStrf(&rep->header, type, "Negotiate %s", negotiate_request->server_blob);
safe_free(negotiate_request->server_blob);
break;
case AUTHENTICATE_STATE_DONE:
/* Special case when authentication finished, but not allowed by ACL */
if (negotiate_request->server_blob) {
debug(29, 9) ("authenticateNegotiateFixErrorHeader: Sending type:%d header: 'Negotiate %s'\n", type, negotiate_request->server_blob);
httpHeaderPutStrf(&rep->header, type, "Negotiate %s", negotiate_request->server_blob);
safe_free(negotiate_request->server_blob);
} else {
debug(29, 9) ("authenticateNegotiateFixErrorHeader: Connection authenticated\n");
httpHeaderPutStrf(&rep->header, type, "Negotiate");
}
break;
default:
debug(29, 0) ("authenticateNegotiateFixErrorHeader: state %d.\n", negotiate_request->auth_state);
fatal("unexpected state in AuthenticateNegotiateFixErrorHeader.\n");
}
}
// send check header "X-CC-DOWN-CHECK" to lower FC
static int SendCheckHeader(clientHttpRequest *http)
{
// do not send X-CC-UP-CHECK to client as possible
httpHeaderDelByName(&http->reply->header, "X-CC-UP-CHECK");
struct mod_conf_param *cfg = cc_get_mod_param(http->conn->fd, mod);
if (NULL == cfg || !cfg->send) {
debug(107,3)("mod_check_response: no need to send X-CC-UP-CHECK header\n");
return -1;
}
const char *down_buf = httpHeaderGetValue(&http->request->header, "X-CC-DOWN-CHECK");
if (NULL == down_buf) {
if (cfg->send)
debug(107,2)("mod_check_response: do not send X-CC-UP-CHECK header, for not received X-CC-DOWN-CHECK header\n");
return -1;
}
char key[512];
memset(key, 0, 512);
unsigned char md5[SQUID_MD5_DIGEST_LENGTH];
memset(md5, 0, SQUID_MD5_DIGEST_LENGTH);
strncpy(key, down_buf, 511);
char *host = key + strlen(key);
url2host(host, http->uri);
GetMD5Digest(key, md5);
assert(cfg->send);
httpHeaderAddEntry(&http->reply->header, httpHeaderEntryCreate(HDR_OTHER, "X-CC-UP-CHECK", (char*)md5));
debug(107, 3)("mod_check_response: send X-CC-UP-CHECK=[%s] header to client\n", md5);
return 0;
}
/* use fresh entries to replace old ones */
void
httpHeaderUpdate(HttpHeader * old, const HttpHeader * fresh, const HttpHeaderMask * denied_mask)
{
const HttpHeaderEntry *e;
HttpHeaderPos pos = HttpHeaderInitPos;
assert(old && fresh);
assert(old != fresh);
debug(55, 7) ("updating hdr: %p <- %p\n", old, fresh);
while ((e = httpHeaderGetEntry(fresh, &pos))) {
/* deny bad guys (ok to check for HDR_OTHER) here */
if (denied_mask && CBIT_TEST(*denied_mask, e->id))
continue;
if (e->id != HDR_OTHER)
httpHeaderDelById(old, e->id);
else
httpHeaderDelByName(old, strBuf(e->name));
}
pos = HttpHeaderInitPos;
while ((e = httpHeaderGetEntry(fresh, &pos))) {
/* deny bad guys (ok to check for HDR_OTHER) here */
if (denied_mask && CBIT_TEST(*denied_mask, e->id))
continue;
httpHeaderAddClone(old, e);
}
/* And now, repack the array to "fill in the holes" */
httpHeaderRepack(old);
}
/*
* 在组装完squid reply的header之后,将其中的X-Squide-Error抽离
*/
static int func_http_repl_send_start(clientHttpRequest* http)
{
assert(http);
assert(http->reply);
httpHeaderDelByName(&http->reply->header, "FlexiCache-Error");
return 0;
}
/*
*This line is to modify the header
*/
static int mod_modify_s2o_header(HttpStateData* data, HttpHeader* hdr)
{
assert(data);
int fd = data->fd;
int i, len;
struct mod_conf_param *param = (struct mod_conf_param *)cc_get_mod_param(fd, mod);
assert(param);
debug(107, 3)("param->orig_name=%s, param->new_name=%s\n", strBuf(param->orig_name), strBuf(param->new_name));
HttpHeaderPos pos = HttpHeaderInitPos;
HttpHeaderEntry *myheader;
HttpHeaderEntry e;
while ((myheader = httpHeaderGetEntry(hdr, &pos)))
{
debug(107, 3)("myheader=%s, param->new_name=%s\n", strBuf(myheader->name), strBuf(param->new_name));
if (strCaseCmp(myheader->name, strBuf(param->orig_name)) == 0)
{
debug(107, 3)("%s is myheader->value,%s is param->orig_name\n",strBuf(myheader->value), strBuf(param->orig_name));
if(strLen(myheader->value) >= 4095)
{
debug(107, 3)("A too long header value!!\n");
return -1;
}
stringInit(&e.name, strBuf(param->new_name));
stringInit(&e.value, myheader->value.buf);
len=strlen(strBuf(e.name));
i=httpHeaderIdByNameDef(strBuf(e.name), len);
if(-1 == i)
e.id = HDR_OTHER;
else
e.id = i;
httpHeaderDelByName(hdr, strBuf(param->orig_name));
httpHeaderAddEntry(hdr, httpHeaderEntryClone(&e));
//httpHeaderDelAt(&request->header, pos);
//httpHeaderRefreshMask(&request->header);
//httpHeaderInsertEntry(&request->header, httpHeaderEntryClone(&e), pos);
stringClean(&e.name);
stringClean(&e.value);
break;
}
}
return 0;
}
/* use fresh entries to replace old ones */
void
httpHeaderUpdate(HttpHeader * old, const HttpHeader * fresh, const HttpHeaderMask * denied_mask)
{
const HttpHeaderEntry *e;
HttpHeaderPos pos = HttpHeaderInitPos;
assert(old && fresh);
assert(old != fresh);
debug(55, 7) ("updating hdr: %p <- %p\n", old, fresh);
while ((e = httpHeaderGetEntry(fresh, &pos))) {
/* deny bad guys (ok to check for HDR_OTHER) here */
if (denied_mask && CBIT_TEST(*denied_mask, e->id))
continue;
httpHeaderDelByName(old, strBuf(e->name));
httpHeaderAddEntry(old, httpHeaderEntryClone(e));
}
}
/*
*?????Ǵ????ġ?????һ??header?Ĵ??�??
*/
static int modifyHeader3(struct action_part* acp, HttpReply* reply)
{
assert(acp);
assert(reply);
int flag = 0;
int act = acp->action;
struct header_info* hdr = acp->hdr;
HttpHeaderEntry e;
//HttpHeaderEntry *mye;
int i;
HttpHeaderEntry *myheader;
HttpHeaderPos pos = HttpHeaderInitPos + HDR_ENUM_END;
e.name = stringDup(&hdr->header);
e.value = stringDup(&hdr->value);
i = httpHeaderIdByNameDef(strBuf(hdr->header), strLen(hdr->header));
e.id = i;
if(i == -1)
{
e.id = HDR_OTHER;
if(0 == act)
{
httpHeaderAddEntry(&reply->header, httpHeaderEntryClone(&e));
}
else if(2 == act)
{
while ((myheader = httpHeaderGetEntryPlus(&reply->header, &pos)))
{
if (myheader->id == HDR_OTHER && strCaseCmp(myheader->name, strBuf(hdr->header)) == 0)
{
debug(98, 3)("%s is myheader->value,%s is hdr->value\n",strBuf(myheader->value), strBuf(hdr->value));
stringReset(&myheader->value, strBuf(hdr->value));
}
}
}
else if(1 == act)
{
httpHeaderDelByName(&reply->header,strBuf(hdr->header));
}
else if(3 == act)
{
while ((myheader = httpHeaderGetEntryPlus(&reply->header, &pos)))
{
if (myheader->id == HDR_OTHER && strCaseCmp(myheader->name, strBuf(hdr->header)) == 0)
{
debug(98, 3)("%s is myheader->value,%s is hdr->value\n",strBuf(myheader->value), strBuf(hdr->value));
flag = 1;
stringReset(&myheader->value, strBuf(hdr->value));
}
}
if(!flag)
httpHeaderAddEntry(&reply->header, httpHeaderEntryClone(&e));
}
}
else
{
//mye = httpHeaderFindEntry2(&reply->header, i);
//debug(98, 3) ("%d is i\n", i);
if(0 == act)
{
httpHeaderAddEntry(&reply->header, httpHeaderEntryClone(&e));
}
else if(2 == act)
{
if(httpHeaderDelByName(&reply->header,strBuf(hdr->header)))
{
httpHeaderAddEntry(&reply->header, httpHeaderEntryClone(&e));
}
//mye = httpHeaderFindEntry2(&reply->header, i);
//debug(98, 3)("%s is newvalue\n",strBuf(mye->value));
}
else if(1 == act)
{
httpHeaderDelByName(&reply->header,strBuf(hdr->header));
}
else if(3 == act)
{
httpHeaderDelByName(&reply->header,strBuf(hdr->header));
httpHeaderAddEntry(&reply->header, httpHeaderEntryClone(&e));
}
}
stringClean(&e.name);
stringClean(&e.value);
return 0;
}
