upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-04-22 14:49:45 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 12
haproxy/src/http_fetch.c

2266 lines
71 KiB
C
Raw Normal View History

REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
/*
* HTTP samples fetching
*
* Copyright 2000-2018 Willy Tarreau <w@1wt.eu>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version
* 2 of the License, or (at your option) any later version.
*
*/
#include <sys/types.h>
#include <ctype.h>
#include <string.h>
#include <time.h>
CLEANUP: include: tree-wide alphabetical sort of include files This patch fixes all the leftovers from the include cleanup campaign. There were not that many (~400 entries in ~150 files) but it was definitely worth doing it as it revealed a few duplicates.
2020-06-09 03:07:15 -04:00
#include <haproxy/api.h>
REORG: include: move stream.h to haproxy/stream{,-t}.h This one was not easy because it was embarking many includes with it, which other files would automatically find. At least global.h, arg.h and tools.h were identified. 93 total locations were identified, 8 additional includes had to be added. In the rare files where it was possible to finalize the sorting of includes by adjusting only one or two extra lines, it was done. But all files would need to be rechecked and cleaned up now. It was the last set of files in types/ and proto/ and these directories must not be reused anymore.
2020-06-04 17:46:14 -04:00
#include <haproxy/arg.h>
REORG: include: move auth.h to haproxy/auth{,-t}.h The STATS_DEFAULT_REALM and STATS_DEFAULT_URI were moved to defaults.h. It was required to include types/pattern.h and types/sample.h since they are mentioned in function prototypes. It would be wise to merge this with uri_auth.h later.
2020-06-04 04:36:03 -04:00
#include <haproxy/auth.h>
REORG: include: move base64.h, errors.h and hash.h from common to to haproxy/ These ones do not depend on any other file. One used to include haproxy/api.h but that was solely for stddef.h.
2020-05-27 10:10:29 -04:00
#include <haproxy/base64.h>
REORG: include: move channel.h to haproxy/channel{,-t}.h The files were moved with no change. The callers were cleaned up a bit and a few of them had channel.h removed since not needed.
2020-06-04 15:07:02 -04:00
#include <haproxy/channel.h>
REORG: include: move common/chunk.h to haproxy/chunk.h No change was necessary, it was already properly split.
2020-06-02 04:22:45 -04:00
#include <haproxy/chunk.h>
REORG: include: move connection.h to haproxy/connection{,-t}.h The type file is becoming a mess, half of it is for the proxy protocol, another good part describes conn_streams and mux ops, it would deserve being split again. At least it was reordered so that elements are easier to find, with the PP-stuff left at the end. The MAX_SEND_FD macro was moved to compat.h as it's said to be the value for Linux.
2020-06-04 12:02:10 -04:00
#include <haproxy/connection.h>
REORG: include: split global.h into haproxy/global{,-t}.h global.h was one of the messiest files, it has accumulated tons of implicit dependencies and declares many globals that make almost all other file include it. It managed to silence a dependency loop between server.h and proxy.h by being well placed to pre-define the required structs, forcing struct proxy and struct server to be forward-declared in a significant number of files. It was split in to, one which is the global struct definition and the few macros and flags, and the rest containing the functions prototypes. The UNIX_MAX_PATH definition was moved to compat.h.
2020-06-04 11:05:57 -04:00
#include <haproxy/global.h>
REORG: include: move common/h1.h to haproxy/h1.h The file was moved as-is. There was a wrong dependency on dynbuf.h instead of buf.h which was addressed. There was no benefit to splitting this between types and functions.
2020-06-02 13:33:08 -04:00
#include <haproxy/h1.h>
REORG: include: move h1_htx.h to haproxy/h1_htx.h This one didn't have a type file. A few missing includes were added (htx, types).
2020-06-04 03:00:02 -04:00
#include <haproxy/h1_htx.h>
REORG: include: split common/http.h into haproxy/http{,-t}.h So the enums and structs were placed into http-t.h and the functions into http.h. This revealed that several files were dependeng on http.h but not including it, as it was silently inherited via other files.
2020-06-02 13:11:26 -04:00
#include <haproxy/http.h>
REORG: include: move http_ana.h to haproxy/http_ana{,-t}.h It was moved without any change, however many callers didn't need it at all. This was a consequence of the split of proto_http.c into several parts that resulted in many locations to still reference it.
2020-06-04 15:21:03 -04:00
#include <haproxy/http_ana.h>
REORG: include: move http_fetch.h to haproxy/http_fetch.h There's no type file for this trivial one. The unneeded dependency on htx.h was dropped.
2020-06-04 12:26:43 -04:00
#include <haproxy/http_fetch.h>
REORG: include: move http_htx.h to haproxy/http_htx{,-t}.h A few includes had to be added, namely list-t.h in the type file and types/proxy.h in the proto file. actions.h was including http-htx.h but didn't need it so it was dropped.
2020-06-04 03:08:41 -04:00
#include <haproxy/http_htx.h>
REORG: include: split common/htx.h into haproxy/htx{,-t}.h Most of the file was a large set of HTX elements manipulation functions and few types, so splitting them allowed to further reduce dependencies and shrink the build time. Doing so revealed that a few files (h2.c, mux_pt.c) needed haproxy/buf.h and were previously getting it through htx.h. They were fixed.
2020-06-03 02:44:35 -04:00
#include <haproxy/htx.h>
REORG: include: move obj_type.h to haproxy/obj_type{,-t}.h No change was necessary. It still includes lots of types/* files.
2020-06-04 05:29:21 -04:00
#include <haproxy/obj_type.h>
REORG: include: move common/memory.h to haproxy/pool.h Now the file is ready to be stored into its final destination. A few minor reorderings were performed to keep the file properly organized, making the various sections more visible (cache & lockless). In addition and to stay consistent, memory.c was renamed to pool.c.
2020-06-02 03:38:52 -04:00
#include <haproxy/pool.h>
REORG: include: move sample.h to haproxy/sample{,-t}.h This one is particularly tricky to move because everyone uses it and it depends on a lot of other types. For example it cannot include arg-t.h and must absolutely only rely on forward declarations to avoid dependency loops between vars -> sample_data -> arg. In order to address this one, it would be nice to split the sample_data part out of sample.h.
2020-06-04 09:33:47 -04:00
#include <haproxy/sample.h>
REORG: rename cs_utils.h to sc_strm.h This file contains all the stream-connector functions that are specific to application layers of type stream. So let's name it accordingly so that it's easier to figure what's located there. The alphabetical ordering of include files was preserved.
2022-05-27 03:25:10 -04:00
#include <haproxy/sc_strm.h>
REORG: include: move stream.h to haproxy/stream{,-t}.h This one was not easy because it was embarking many includes with it, which other files would automatically find. At least global.h, arg.h and tools.h were identified. 93 total locations were identified, 8 additional includes had to be added. In the rare files where it was possible to finalize the sorting of includes by adjusting only one or two extra lines, it was done. But all files would need to be rechecked and cleaned up now. It was the last set of files in types/ and proto/ and these directories must not be reused anymore.
2020-06-04 17:46:14 -04:00
#include <haproxy/stream.h>
REORG: tools: split common/standard.h into haproxy/tools{,-t}.h And also rename standard.c to tools.c. The original split between tools.h and standard.h dates from version 1.3-dev and was mostly an accident. This patch moves the files back to what they were expected to be, and takes care of not changing anything else. However this time tools.h was split between functions and types, because it contains a small number of commonly used macros and structures (e.g. name_desc) which in turn cause the massive list of includes of tools.h to conflict with the callers. They remain the ugliest files of the whole project and definitely need to be cleaned and split apart. A few types are defined there only for functions provided there, and some parts are even OS-specific and should move somewhere else, such as the symbol resolution code.
2020-06-03 12:09:46 -04:00
#include <haproxy/tools.h>
REORG: include: move version.h to haproxy/ Few files were affected. The release scripts was updated.
2020-05-27 09:59:00 -04:00
#include <haproxy/version.h>
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
/* this struct is used between calls to smp_fetch_hdr() or smp_fetch_cookie() */
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
static THREAD_LOCAL struct http_hdr_ctx static_http_hdr_ctx;
BUG/MAJOR: http/sample: use a static buffer for raw -> htx conversion Multiple calls to smp_fetch_fhdr use the header context to keep track of header parsing position; however, when using header sampling on a raw connection, the raw buffer is converted into an HTX structure each time, and this was done in the trash areas; so the block reference would be invalid on subsequent calls. This patch must be backported to 2.0 and 1.9.
2019-07-31 14:45:56 -04:00
/* this is used to convert raw connection buffers to htx */
static THREAD_LOCAL struct buffer static_raw_htx_chunk;
static THREAD_LOCAL char *static_raw_htx_buf;
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
#define SMP_REQ_CHN(smp) (smp->strm ? &smp->strm->req : NULL)
#define SMP_RES_CHN(smp) (smp->strm ? &smp->strm->res : NULL)
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
BUG/MAJOR: http/sample: use a static buffer for raw -> htx conversion Multiple calls to smp_fetch_fhdr use the header context to keep track of header parsing position; however, when using header sampling on a raw connection, the raw buffer is converted into an HTX structure each time, and this was done in the trash areas; so the block reference would be invalid on subsequent calls. This patch must be backported to 2.0 and 1.9.
2019-07-31 14:45:56 -04:00
/* This function returns the static htx chunk, where raw connections get
* converted to HTX as needed for samplxsing.
*/
struct buffer *get_raw_htx_chunk(void)
{
chunk_reset(&static_raw_htx_chunk);
return &static_raw_htx_chunk;
}
static int alloc_raw_htx_chunk_per_thread()
{
static_raw_htx_buf = malloc(global.tune.bufsize);
if (!static_raw_htx_buf)
return 0;
chunk_init(&static_raw_htx_chunk, static_raw_htx_buf, global.tune.bufsize);
return 1;
}
static void free_raw_htx_chunk_per_thread()
{
CLEANUP: tree-wide: replace free(x);x=NULL with ha_free(&x) This makes the code more readable and less prone to copy-paste errors. In addition, it allows to place some __builtin_constant_p() predicates to trigger a link-time error in case the compiler knows that the freed area is constant. It will also produce compile-time error if trying to free something that is not a regular pointer (e.g. a function). The DEBUG_MEM_STATS macro now also defines an instance for ha_free() so that all these calls can be checked. 178 occurrences were converted. The vast majority of them were handled by the following Coccinelle script, some slightly refined to better deal with "&*x" or with long lines: @ rule @ expression E; @@ - free(E); - E = NULL; + ha_free(&E); It was verified that the resulting code is the same, more or less a handful of cases where the compiler optimized slightly differently the temporary variable that holds the copy of the pointer. A non-negligible amount of {free(str);str=NULL;str_len=0;} are still present in the config part (mostly header names in proxies). These ones should also be cleaned for the same reasons, and probably be turned into ist strings.
2021-02-20 04:46:51 -05:00
ha_free(&static_raw_htx_buf);
BUG/MAJOR: http/sample: use a static buffer for raw -> htx conversion Multiple calls to smp_fetch_fhdr use the header context to keep track of header parsing position; however, when using header sampling on a raw connection, the raw buffer is converted into an HTX structure each time, and this was done in the trash areas; so the block reference would be invalid on subsequent calls. This patch must be backported to 2.0 and 1.9.
2019-07-31 14:45:56 -04:00
}
REGISTER_PER_THREAD_ALLOC(alloc_raw_htx_chunk_per_thread);
REGISTER_PER_THREAD_FREE(free_raw_htx_chunk_per_thread);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
/*
* Returns the data from Authorization header. Function may be called more
* than once so data is stored in txn->auth_data. When no header is found
* or auth method is unknown auth_method is set to HTTP_AUTH_WRONG to avoid
* searching again for something we are unable to find anyway. However, if
* the result if valid, the cache is not reused because we would risk to
* have the credentials overwritten by another stream in parallel.
CLEANUP: http: add a few comments on certain functions' assumptions about streams get_http_auth() expects a valid stream but this is not mentioned, though fortunately it's always called from places which already check this. smp_prefetch_htx() performs all the required checks and is the key to the stability of almost all sample fetch functions, so let's make this clearer.
2020-04-29 05:52:51 -04:00
* The caller is responsible for passing a sample with a valid stream/txn,
* and a valid htx.
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
*/
BUG/MINOR: http_fetch: Fix http_auth/http_auth_group when called from TCP rules These sample fetches rely on the static fnuction get_http_auth(). For HTX streams and TCP proxies, this last one gets its HTX message from the request's channel. When called from an HTTP rule, There is no problem. Bu when called from TCP rules for a TCP proxy, this buffer is a raw buffer not an HTX message. For instance, using the following TCP rule leads to a crash : tcp-request content accept if { http_auth(Users) } To fix the bug, we must rely on the HTX message returned by the function smp_prefetch_htx(). So now, the HTX message is passed as argument to the function get_http_auth(). This patch must be backported to 2.0 and 1.9.
2019-07-15 07:58:29 -04:00
static int get_http_auth(struct sample *smp, struct htx *htx)
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
{
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
struct stream *s = smp->strm;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
struct http_txn *txn = s->txn;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct http_hdr_ctx ctx = { .blk = NULL };
struct ist hdr;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
struct buffer auth_method;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
char *p;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
int len;
#ifdef DEBUG_AUTH
printf("Auth for stream %p: %d\n", s, txn->auth.method);
#endif
if (txn->auth.method == HTTP_AUTH_WRONG)
return 0;
txn->auth.method = HTTP_AUTH_WRONG;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (txn->flags & TX_USE_PX_CONN)
hdr = ist("Proxy-Authorization");
else
hdr = ist("Authorization");
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
ctx.blk = NULL;
if (!http_find_header(htx, hdr, &ctx, 0))
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
CLEANUP: http: silence a cppcheck warning in get_http_auth() In issue #777, cppcheck wrongly assumes a useless null pointer check in the expression below while it's obvious that in a 3G/1G split on 32-bit, len can become positive if p is NULL: p = memchr(ctx.value.ptr, ' ', ctx.value.len); len = p - ctx.value.ptr; if (!p || len <= 0) return 0; In addition, on 64 bits you never know given that len is a 32-bit signed int thus the sign of the result in case of a null p will always be the opposite of the 32th bit of ctx.value.ptr. Admittedly the test is ugly. Tim proposed this fix consisting in checking for p == ctx.value.ptr instead when checking for first character only, which Ilya confirmed is enough to shut cppcheck up. No backport is needed.
2020-09-02 01:08:47 -04:00
p = memchr(ctx.value.ptr, ' ', ctx.value.len);
if (!p || p == ctx.value.ptr) /* if no space was found or if the space is the first character */
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
return 0;
CLEANUP: http: silence a cppcheck warning in get_http_auth() In issue #777, cppcheck wrongly assumes a useless null pointer check in the expression below while it's obvious that in a 3G/1G split on 32-bit, len can become positive if p is NULL: p = memchr(ctx.value.ptr, ' ', ctx.value.len); len = p - ctx.value.ptr; if (!p || len <= 0) return 0; In addition, on 64 bits you never know given that len is a 32-bit signed int thus the sign of the result in case of a null p will always be the opposite of the 32th bit of ctx.value.ptr. Admittedly the test is ugly. Tim proposed this fix consisting in checking for p == ctx.value.ptr instead when checking for first character only, which Ilya confirmed is enough to shut cppcheck up. No backport is needed.
2020-09-02 01:08:47 -04:00
len = p - ctx.value.ptr;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (chunk_initlen(&auth_method, ctx.value.ptr, 0, len) != 1)
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
BUG/MINOR: http: Authorization value can have multiple spaces after the scheme As per RFC7235, there can be multiple spaces in the value of an Authorization header, between the scheme and the actual authentication parameters. This can be backported to all stable versions since basic auth has almost always been there.
2021-10-29 09:25:18 -04:00
/* According to RFC7235, there could be multiple spaces between the
* scheme and its value, we must skip all of them.
*/
while (p < istend(ctx.value) && *p == ' ')
++p;
chunk_initlen(&txn->auth.method_data, p, 0, istend(ctx.value) - p);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
if (!strncasecmp("Basic", auth_method.area, auth_method.data)) {
struct buffer *http_auth = get_trash_chunk();
len = base64dec(txn->auth.method_data.area,
txn->auth.method_data.data,
http_auth->area, global.tune.bufsize - 1);
if (len < 0)
return 0;
http_auth->area[len] = '\0';
p = strchr(http_auth->area, ':');
if (!p)
return 0;
txn->auth.user = http_auth->area;
*p = '\0';
txn->auth.pass = p+1;
txn->auth.method = HTTP_AUTH_BASIC;
return 1;
MINOR: http: Add http_auth_bearer sample fetch This fetch can be used to retrieve the data contained in an HTTP Authorization header when the Bearer scheme is used. This is used when transmitting JSON Web Tokens for instance.
2021-10-01 09:36:53 -04:00
} else if (!strncasecmp("Bearer", auth_method.area, auth_method.data)) {
txn->auth.method = HTTP_AUTH_BEARER;
return 1;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
return 0;
}
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
/* This function ensures that the prerequisites for an L7 fetch are ready,
* which means that a request or response is ready. If some data is missing,
* a parsing attempt is made. This is useful in TCP-based ACLs which are able
BUG/MINOR: http_fetch/htx: Allow permissive sample prefetch for the HTX As for smp_prefetch_http(), there is now a way to successfully perform a prefetch in HTX, even if the message forwarding already begun. It is used for the sample fetches "req.proto_http" and "method". This patch must be backported to 1.9.
2019-04-17 06:04:12 -04:00
* to extract data from L7. If <vol> is non-null during a prefetch, another
* test is made to ensure the required information is not gone.
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
*
* The function returns :
* NULL with SMP_F_MAY_CHANGE in the sample flags if some data is missing to
* decide whether or not an HTTP message is present ;
* NULL if the requested data cannot be fetched or if it is certain that
CLEANUP: http: add a few comments on certain functions' assumptions about streams get_http_auth() expects a valid stream but this is not mentioned, though fortunately it's always called from places which already check this. smp_prefetch_htx() performs all the required checks and is the key to the stability of almost all sample fetch functions, so let's make this clearer.
2020-04-29 05:52:51 -04:00
* we'll never have any HTTP message there; this includes null strm or chn.
BUG/MEDIUM: htx: smp_prefetch_htx() must always validate the direction It is possible to process a channel based on desynchronized info if a request fetch is called from a response and conversely. However, the code in smp_prefetch_htx() already makes sure the analysis has already started before trying to fetch from a buffer, so the problem effectively lies in response rules making use of request expressions only. Usually it's not a problem as extracted data are checked against the current HTTP state, except when it comes to the start line, which is usually accessed directly from sample fetch functions such as status, path, url, url32, query and so on. In this case, trying to access the request buffer from the response path will lead to unpredictable results. When building with DEBUG_STRICT, a process violating these rules will simply die after emitting: FATAL: bug condition "htx->first == -1" matched at src/http_htx.c:67 But when this is not enabled, it may or may not crash depending on what the pending request buffer data look like when trying to spot a start line there. This is typically what happens in issue #806. This patch adds a test in smp_prefetch_htx() so that it does not try to parse an HTX buffer in a channel belonging to the wrong direction. There's one special case on the "method" sample fetch since it can retrieve info even without a buffer, from the other direction, as long as the method is one of the well known ones. Three, we call smp_prefetch_htx() only if needed. This was reported in 2.0 and must be backported there (oldest stable version with HTX).
2020-08-12 08:04:52 -04:00
* NULL if the sample's direction does not match the channel's (i.e. the
* function was asked to work on the wrong channel)
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
* The HTX message if ready
*/
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *smp_prefetch_htx(struct sample *smp, struct channel *chn, struct check *check, int vol)
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
{
struct stream *s = smp->strm;
struct http_txn *txn = NULL;
struct htx *htx = NULL;
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct http_msg *msg;
MEDIUM: htx: Don't rely on h1_sl anymore except during H1 header parsing Instead, we now use the htx_sl coming from the HTX message. It avoids to have too H1 specific code in version-agnostic parts. Of course, the concept of the start-line is higly influenced by the H1, but the structure htx_sl can be adapted, if necessary. And many things depend on a start-line during HTTP analyzis. Using the structure htx_sl also avoid boring conversions between HTX version and H1 version.
2018-11-26 15:37:08 -05:00
struct htx_sl *sl;
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
BUG/MEDIUM: htx: smp_prefetch_htx() must always validate the direction It is possible to process a channel based on desynchronized info if a request fetch is called from a response and conversely. However, the code in smp_prefetch_htx() already makes sure the analysis has already started before trying to fetch from a buffer, so the problem effectively lies in response rules making use of request expressions only. Usually it's not a problem as extracted data are checked against the current HTTP state, except when it comes to the start line, which is usually accessed directly from sample fetch functions such as status, path, url, url32, query and so on. In this case, trying to access the request buffer from the response path will lead to unpredictable results. When building with DEBUG_STRICT, a process violating these rules will simply die after emitting: FATAL: bug condition "htx->first == -1" matched at src/http_htx.c:67 But when this is not enabled, it may or may not crash depending on what the pending request buffer data look like when trying to spot a start line there. This is typically what happens in issue #806. This patch adds a test in smp_prefetch_htx() so that it does not try to parse an HTX buffer in a channel belonging to the wrong direction. There's one special case on the "method" sample fetch since it can retrieve info even without a buffer, from the other direction, as long as the method is one of the well known ones. Three, we call smp_prefetch_htx() only if needed. This was reported in 2.0 and must be backported there (oldest stable version with HTX).
2020-08-12 08:04:52 -04:00
if (chn &&
(((smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_REQ && (chn->flags & CF_ISRESP)) ||
((smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES && !(chn->flags & CF_ISRESP))))
return 0;
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
/* Note: it is possible that <s> is NULL when called before stream
* initialization (eg: tcp-request connection), so this function is the
* one responsible for guarding against this case for all HTTP users.
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
*
* In the health check context, the stream and the channel must be NULL
* and <check> must be set. In this case, only the input buffer,
* corresponding to the response, is considered. It is the caller
* responsibility to provide <check>.
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
*/
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
BUG_ON(check && (s || chn));
if (!s || !chn) {
if (check) {
htx = htxbuf(&check->bi);
/* Analyse not yet started */
if (htx_is_empty(htx) || htx->first == -1)
return NULL;
sl = http_get_stline(htx);
if (vol && !sl) {
/* The start-line was already forwarded, it is too late to fetch anything */
return NULL;
}
goto end;
}
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
return NULL;
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
}
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
MINOR: http-ana: Simplify creation/destruction of HTTP transactions Now allocation and initialization of HTTP transactions are performed in a unique function. Historically, there were two functions because the same TXN was reset for K/A connections in the legacy HTTP mode. Now, in HTX, K/A connections are handled at the mux level. A new stream, and thus a new TXN, is created for each request. In addition, the function responsible to end the TXN is now also reponsible to release it. So, now, http_create_txn() and http_destroy_txn() must be used to create and destroy an HTTP transaction.
2021-03-08 13:12:58 -05:00
if (!s->txn && !http_create_txn(s))
return NULL;
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
txn = s->txn;
msg = (!(chn->flags & CF_ISRESP) ? &txn->req : &txn->rsp);
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
MINOR: http_fetch/htx: Use stream flags instead of px mode in smp_prefetch_htx In the function smp_prefetch_htx(), we must know if data in the channel's buffer are structured or not. Before the proxy mode was tested. Now we test if the stream is an HTX stream or not. If yes, we know the HTX is used to structure data in the channel's buffer.
2019-04-03 04:12:42 -04:00
if (IS_HTX_STRM(s)) {
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
htx = htxbuf(&chn->buf);
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
BUG/MINOR: http-fetch: Don't block HTTP sample fetch eval in HTTP_MSG_ERROR state It was inherited from the legacy HTTP mode, but the message parsing is handled by the underlying mux now. Thus, if a message is in HTTP_MSG_ERROR state, it is just an analysis error and not a parsing error. So there is no reason to block the HTTP sample fetch evaluation in this case. This patch could be backported in all stable versions (For the 2.0, only the htx part must be updated).
2023-01-13 04:58:20 -05:00
if (htx->flags & HTX_FL_PARSING_ERROR)
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
return NULL;
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
if (msg->msg_state < HTTP_MSG_BODY) {
/* Analyse not yet started */
MEDIUM: htx: Store the first block position instead of the start-line one We don't store the start-line position anymore in the HTX message. Instead we store the first block position to analyze. For now, it is almost the same. But once all changes will be made on this part, this position will have to be used by HTX analyzers, and only in the analysis context, to know where the analyse should start. When new blocks are added in an HTX message, if the first block position is not defined, it is set. When the block pointed by it is removed, it is set to the block following it. -1 remains the value to unset the position. the first block position is unset when the HTX message is empty. It may also be unset on a non-empty message, meaning every blocks were already analyzed. From HTX analyzers point of view, this position is always set during headers analysis. When they are waiting for a request or a response, if it is unset, it means the analysis should wait. But once the analysis is started, and as long as headers are not forwarded, it points to the message start-line. As mentionned, outside the HTX analysis, no code must rely on the first block position. So multiplexers and applets must always use the head position to start a loop on an HTX message.
2019-05-23 05:03:26 -04:00
if (htx_is_empty(htx) || htx->first == -1) {
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
/* Parsing is done by the mux, just wait */
smp->flags |= SMP_F_MAY_CHANGE;
return NULL;
}
}
MINOR: htx: Replace the function http_find_stline() by http_get_stline() Now, we only return the start-line. If not found, NULL is returned. No lookup is performed and the HTX message is no more updated. It is now the caller responsibility to update the position of the start-line to the right value. So when it is not found, i.e sl_pos is set to -1, it means the last start-line has been already processed and the next one has not been inserted yet. It is mandatory to rely on this kind of warranty to store 1xx informational responses and final reponse in the same HTX message.
2019-05-13 08:41:27 -04:00
sl = http_get_stline(htx);
BUG/MINOR: http_fetch/htx: Allow permissive sample prefetch for the HTX As for smp_prefetch_http(), there is now a way to successfully perform a prefetch in HTX, even if the message forwarding already begun. It is used for the sample fetches "req.proto_http" and "method". This patch must be backported to 1.9.
2019-04-17 06:04:12 -04:00
if (vol && !sl) {
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
/* The start-line was already forwarded, it is too late to fetch anything */
return NULL;
}
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
}
MINOR: http_fetch/htx: Use stream flags instead of px mode in smp_prefetch_htx In the function smp_prefetch_htx(), we must know if data in the channel's buffer are structured or not. Before the proxy mode was tested. Now we test if the stream is an HTX stream or not. If yes, we know the HTX is used to structure data in the channel's buffer.
2019-04-03 04:12:42 -04:00
else { /* RAW mode */
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct buffer *buf;
struct h1m h1m;
BUG/MINOR: http: Use the global value to limit the number of parsed headers Instead of using the macro MAX_HTTP_HDR to limit the number of headers parsed before throwing an error, we now use the custom global variable global.tune.max_http_hdr. This patch must be backported to 1.9.
2019-06-11 09:05:37 -04:00
struct http_hdr hdrs[global.tune.max_http_hdr];
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
union h1_sl h1sl;
unsigned int flags = HTX_FL_NONE;
int ret;
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
/* no HTTP fetch on the response in TCP mode */
if (chn->flags & CF_ISRESP)
return NULL;
MEDIUM: htx: Don't rely on h1_sl anymore except during H1 header parsing Instead, we now use the htx_sl coming from the HTX message. It avoids to have too H1 specific code in version-agnostic parts. Of course, the concept of the start-line is higly influenced by the H1, but the structure htx_sl can be adapted, if necessary. And many things depend on a start-line during HTTP analyzis. Using the structure htx_sl also avoid boring conversions between HTX version and H1 version.
2018-11-26 15:37:08 -05:00
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
/* Now we are working on the request only */
buf = &chn->buf;
if (b_head(buf) + b_data(buf) > b_wrap(buf))
b_slow_realign(buf, trash.area, 0);
h1m_init_req(&h1m);
ret = h1_headers_to_hdr_list(b_head(buf), b_stop(buf),
hdrs, sizeof(hdrs)/sizeof(hdrs[0]), &h1m, &h1sl);
if (ret <= 0) {
/* Invalid or too big*/
if (ret < 0 || channel_full(&s->req, global.tune.maxrewrite))
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
return NULL;
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
/* wait for a full request */
smp->flags |= SMP_F_MAY_CHANGE;
return NULL;
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
}
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
CLEANUP: assorted typo fixes in the code and comments This is 11th iteration of typo fixes
2020-07-05 07:36:08 -04:00
/* OK we just got a valid HTTP message. We have to convert it
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
* into an HTX message.
*/
if (unlikely(h1sl.rq.v.len == 0)) {
/* try to convert HTTP/0.9 requests to HTTP/1.0 */
if (h1sl.rq.meth != HTTP_METH_GET || !h1sl.rq.u.len)
return NULL;
h1sl.rq.v = ist("HTTP/1.0");
}
/* Set HTX start-line flags */
if (h1m.flags & H1_MF_VER_11)
flags |= HTX_SL_F_VER_11;
if (h1m.flags & H1_MF_XFER_ENC)
flags |= HTX_SL_F_XFER_ENC;
flags |= HTX_SL_F_XFER_LEN;
if (h1m.flags & H1_MF_CHNK)
flags |= HTX_SL_F_CHNK;
else if (h1m.flags & H1_MF_CLEN)
flags |= HTX_SL_F_CLEN;
BUG/MAJOR: http/sample: use a static buffer for raw -> htx conversion Multiple calls to smp_fetch_fhdr use the header context to keep track of header parsing position; however, when using header sampling on a raw connection, the raw buffer is converted into an HTX structure each time, and this was done in the trash areas; so the block reference would be invalid on subsequent calls. This patch must be backported to 2.0 and 1.9.
2019-07-31 14:45:56 -04:00
htx = htx_from_buf(get_raw_htx_chunk());
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
sl = htx_add_stline(htx, HTX_BLK_REQ_SL, flags, h1sl.rq.m, h1sl.rq.u, h1sl.rq.v);
if (!sl || !htx_add_all_headers(htx, hdrs))
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
return NULL;
BUG/MINOR: htx: make sure to always initialize the HTTP method when parsing a buffer smp_prefetch_htx() is used when trying to access the contents of an HTTP buffer from the TCP rulesets. The method was not properly set in this case, which will cause the sample fetch methods relying on the method to randomly fail in this case. Thanks to Tim Dsterhus for reporting this issue (#97). This fix must be backported to 1.9.
2019-05-13 02:32:31 -04:00
sl->info.req.meth = h1sl.rq.meth;
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
}
/* OK we just got a valid HTTP message. If not already done by
* HTTP analyzers, we have some minor preparation to perform so
* that further checks can rely on HTTP tests.
*/
if (sl && msg->msg_state < HTTP_MSG_BODY) {
if (!(chn->flags & CF_ISRESP)) {
txn->meth = sl->info.req.meth;
if (txn->meth == HTTP_METH_GET || txn->meth == HTTP_METH_HEAD)
s->flags |= SF_REDIRECTABLE;
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
}
BUG/MINOR: http-fetch: Only fill txn status during prefetch if not already set When an HTTP sample fetch is evaluated, a prefetch is performed to check the channel contains a valid HTTP message. If the HTTP analysis was not already started, some info are filled. It may be an issue when an error is returned before the response analysis and when http-after-response rules are used because the original HTTP txn status may be crushed. For instance, with the following configuration: listen l1 log global mode http bind :8000 log-format ST=%ST http-after-response set-status 400 #http-after-response set-var(res.foo) status A "ST=503" is reported in the log messages, independantly on the first http-after-response rule. The same must happen if the second rule is uncommented. However, for now, a "ST=400" is logged. To fix the bug, during the prefetch, the HTTP txn status is only set if it is undefined (-1). This way, we are sure the original one is never lost. This patch should be backported as far as 2.2.
2023-01-04 04:11:32 -05:00
else if (txn->status == -1)
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
txn->status = sl->info.res.status;
if (sl->flags & HTX_SL_F_VER_11)
msg->flags |= HTTP_MSGF_VER_11;
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
}
/* everything's OK */
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
end:
MINOR: http_fetch: Add smp_prefetch_htx It does the same than smp_prefetch_http but for HTX messages. It can be called from an HTTP proxy or a TCP proxy. For HTTP proxies, the parsing is handled by the mux, so it does nothing but wait. For TCP proxies, it tries to parse an HTTP message and to convert it in a temporary HTX message. Sample fetches will use this temporary variable to do their job.
2018-10-24 15:39:27 -04:00
return htx;
}
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
/* This function fetches the method of current HTTP request and stores
* it in the global pattern struct as a chunk. There are two possibilities :
* - if the method is known (not HTTP_METH_OTHER), its identifier is stored
* in <len> and <ptr> is NULL ;
* - if the method is unknown (HTTP_METH_OTHER), <ptr> points to the text and
* <len> to its length.
* This is intended to be used with pat_match_meth() only.
*/
static int smp_fetch_meth(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_REQ_CHN(smp);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
struct http_txn *txn;
BUILD: http_fetch: silence an uninitiialized warning with gcc-4/5/6 at -Os Gcc 4.x, 5.x and 6.x report this when compiling http_fetch.c: src/http_fetch.c: In function 'smp_fetch_meth': src/http_fetch.c:357:6: warning: 'htx' may be used uninitialized in this function [-Wmaybe-uninitialized] sl = http_get_stline(htx); That's quite weird since there's no such code path, but presetting the htx variable to NULL during declaration is enough to shut it up. This may be backported to any version that has dbbdb25f1 ("BUG/MINOR: http-fetch: Use integer value when possible in "method" sample fetch") as it's the one that triggered this warning (hence at least 2.0).
2022-10-04 03:18:34 -04:00
struct htx *htx = NULL;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
int meth;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
BUG/MEDIUM: http-fetch: Don't fetch the method if there is no stream The "method" sample fetch does not perform any check on the stream existence before using it. However, for errors triggered at the mux level, there is no stream. When the log message is formatted, this sample fetch must fail. It must also fail when it is called from a health-check. This patch must be backported as far as 2.4.
2022-07-06 11:53:02 -04:00
txn = (smp->strm ? smp->strm->txn : NULL);
BUG/MEDIUM: htx: smp_prefetch_htx() must always validate the direction It is possible to process a channel based on desynchronized info if a request fetch is called from a response and conversely. However, the code in smp_prefetch_htx() already makes sure the analysis has already started before trying to fetch from a buffer, so the problem effectively lies in response rules making use of request expressions only. Usually it's not a problem as extracted data are checked against the current HTTP state, except when it comes to the start line, which is usually accessed directly from sample fetch functions such as status, path, url, url32, query and so on. In this case, trying to access the request buffer from the response path will lead to unpredictable results. When building with DEBUG_STRICT, a process violating these rules will simply die after emitting: FATAL: bug condition "htx->first == -1" matched at src/http_htx.c:67 But when this is not enabled, it may or may not crash depending on what the pending request buffer data look like when trying to spot a start line there. This is typically what happens in issue #806. This patch adds a test in smp_prefetch_htx() so that it does not try to parse an HTX buffer in a channel belonging to the wrong direction. There's one special case on the "method" sample fetch since it can retrieve info even without a buffer, from the other direction, as long as the method is one of the well known ones. Three, we call smp_prefetch_htx() only if needed. This was reported in 2.0 and must be backported there (oldest stable version with HTX).
2020-08-12 08:04:52 -04:00
if (!txn)
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
return 0;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
BUILD: http: silence an uninitialized warning affecting gcc-5 When building with gcc-5, one can see this warning: src/http_fetch.c: In function 'smp_fetch_meth': src/http_fetch.c:356:6: warning: 'htx' may be used uninitialized in this function [-Wmaybe-uninitialized] sl = http_get_stline(htx); ^ It's wrong since the only way to reach this code is to have met the same condition a few lines before and initialized the htx variable. The reason in fact is that the same test happens on different variables of distinct types, so the compiler possibly doesn't know that the condition is the same. Newer gcc versions do not have this problem. Let's just move the assignment earlier and have the exact same test, as it's sufficient to shut this up. This may have to be backported to 2.6 since the code is the same there.
2022-07-10 07:13:52 -04:00
meth = txn->meth;
if (meth == HTTP_METH_OTHER) {
BUG/MINOR: http-fetch: Use integer value when possible in "method" sample fetch Because of the previous fix, if the HTTP parsing is performed when the "method" sample fetch is called, we always rely on the string representation of the request method. Indeed, if no parsing was performed when the "method" sample fetch is called, the transaction method is HTTP_METH_OTHER because it was just initialized. However, without this patch, in this case, we always retrieve the method by reading the request start-line. Now, when the method is HTTP_METH_OTHER, we systematically try to parse the request but the method is tested once again after the parsing to be able to use the integer representation when possible. This patch must be backported as far as 2.0.
2022-06-22 11:16:41 -04:00
htx = smp_prefetch_htx(smp, chn, NULL, 1);
if (!htx)
return 0;
BUG/MINOR: http-fetch: Update method after a prefetch in smp_fetch_meth() In smp_fetch_meth(), smp_prefetch_htx() function may be called to parse the HTX message and update the HTTP transaction accordingly. In this case, in smp_fetch_metch() and on success, we must update "meth" variable. Otherwise, the variable is still equal to HTTP_METH_OTHER and the string version is always used instead of the enum for known methods. This patch must be backported as far as 2.0.
2022-10-04 02:58:02 -04:00
meth = txn->meth;
BUG/MINOR: http-fetch: Use integer value when possible in "method" sample fetch Because of the previous fix, if the HTTP parsing is performed when the "method" sample fetch is called, we always rely on the string representation of the request method. Indeed, if no parsing was performed when the "method" sample fetch is called, the transaction method is HTTP_METH_OTHER because it was just initialized. However, without this patch, in this case, we always retrieve the method by reading the request start-line. Now, when the method is HTTP_METH_OTHER, we systematically try to parse the request but the method is tested once again after the parsing to be able to use the integer representation when possible. This patch must be backported as far as 2.0.
2022-06-22 11:16:41 -04:00
}
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->data.type = SMP_T_METH;
smp->data.u.meth.meth = meth;
if (meth == HTTP_METH_OTHER) {
struct htx_sl *sl;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
sl = http_get_stline(htx);
smp->flags |= SMP_F_CONST;
smp->data.u.meth.str.area = HTX_SL_REQ_MPTR(sl);
smp->data.u.meth.str.data = HTX_SL_REQ_MLEN(sl);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->flags |= SMP_F_VOL_1ST;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 1;
}
static int smp_fetch_rqver(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_REQ_CHN(smp);
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct htx_sl *sl;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
char *ptr;
int len;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
sl = http_get_stline(htx);
len = HTX_SL_REQ_VLEN(sl);
ptr = HTX_SL_REQ_VPTR(sl);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
while ((len-- > 0) && (*ptr++ != '/'));
if (len <= 0)
return 0;
smp->data.type = SMP_T_STR;
smp->data.u.str.area = ptr;
smp->data.u.str.data = len;
smp->flags = SMP_F_VOL_1ST | SMP_F_CONST;
return 1;
}
static int smp_fetch_stver(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_RES_CHN(smp);
MINOR: checks/sample: Remove unnecessary tests on the sample session A sample must always have a session defined. Otherwise, it is a bug. So it is unnecessary to test if it is defined when called from a health checks context. This patch fixes the issue #616.
2020-05-06 03:42:04 -04:00
struct check *check = objt_check(smp->sess->origin);
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, check, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct htx_sl *sl;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
char *ptr;
int len;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
sl = http_get_stline(htx);
len = HTX_SL_RES_VLEN(sl);
ptr = HTX_SL_RES_VPTR(sl);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
while ((len-- > 0) && (*ptr++ != '/'));
if (len <= 0)
return 0;
smp->data.type = SMP_T_STR;
smp->data.u.str.area = ptr;
smp->data.u.str.data = len;
smp->flags = SMP_F_VOL_1ST | SMP_F_CONST;
return 1;
}
/* 3. Check on Status Code. We manipulate integers here. */
static int smp_fetch_stcode(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_RES_CHN(smp);
MINOR: checks/sample: Remove unnecessary tests on the sample session A sample must always have a session defined. Otherwise, it is a bug. So it is unnecessary to test if it is defined when called from a health checks context. This patch fixes the issue #616.
2020-05-06 03:42:04 -04:00
struct check *check = objt_check(smp->sess->origin);
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, check, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct htx_sl *sl;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
char *ptr;
int len;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
sl = http_get_stline(htx);
len = HTX_SL_RES_CLEN(sl);
ptr = HTX_SL_RES_CPTR(sl);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
smp->data.type = SMP_T_SINT;
smp->data.u.sint = __strl2ui(ptr, len);
smp->flags = SMP_F_VOL_1ST;
return 1;
}
static int smp_fetch_uniqueid(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
MEDIUM: stream: Make the `unique_id` member of `struct stream` a `struct ist` The `unique_id` member of `struct stream` now is a `struct ist`.
2020-03-05 14:19:02 -05:00
struct ist unique_id;
MINOR: stream: Use stream_generate_unique_id This patch replaces the ad-hoc generation of stream's `unique_id` values by calls to `stream_generate_unique_id`.
2020-02-28 09:13:34 -05:00
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
if (LIST_ISEMPTY(&smp->sess->fe->format_unique_id))
return 0;
BUG/MEDIUM: http: the "unique-id" sample fetch could crash without a steeam Since commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string") it has become quite obvious that a few sample fetch functions and converters were still heavily dependent on the presence of a stream without testing for it. The unique-id sample fetch function, if called without a stream, will result in a crash. This fix adds a check for the stream's existence, and should be backported to all stable versions up to 1.7.
2020-04-29 05:50:38 -04:00
if (!smp->strm)
return 0;
MEDIUM: stream: Make the `unique_id` member of `struct stream` a `struct ist` The `unique_id` member of `struct stream` now is a `struct ist`.
2020-03-05 14:19:02 -05:00
unique_id = stream_generate_unique_id(smp->strm, &smp->sess->fe->format_unique_id);
if (!isttest(unique_id))
MINOR: stream: Use stream_generate_unique_id This patch replaces the ad-hoc generation of stream's `unique_id` values by calls to `stream_generate_unique_id`.
2020-02-28 09:13:34 -05:00
return 0;
MEDIUM: stream: Make the `unique_id` member of `struct stream` a `struct ist` The `unique_id` member of `struct stream` now is a `struct ist`.
2020-03-05 14:19:02 -05:00
smp->data.u.str.area = smp->strm->unique_id.ptr;
smp->data.u.str.data = smp->strm->unique_id.len;
MINOR: stream: Use stream_generate_unique_id This patch replaces the ad-hoc generation of stream's `unique_id` values by calls to `stream_generate_unique_id`.
2020-02-28 09:13:34 -05:00
smp->data.type = SMP_T_STR;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
smp->flags = SMP_F_CONST;
return 1;
}
/* Returns a string block containing all headers including the
CLEANUP: Fix typos in the http subsystem Fix typos in code comment of the http subsystem.
2018-11-15 16:57:22 -05:00
* empty line which separes headers from the body. This is useful
* for some headers analysis.
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
*/
static int smp_fetch_hdrs(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
MEDIUM: checks: Remove dedicated sample fetches and use response ones instead All sample fetches in the scope "check." have been removed. Response sample fetches must be used instead. It avoids keyword duplication. So, for instance, res.hdr() must be now used instead of check.hdr(). To do so, following sample fetches have been added on the response : * res.body, res.body_len and res.body_size * res.hdrs and res.hdrs_bin Sample feches dealing with the response's body are only useful in the health checks context. When called from a stream context, there is no warranty on the body presence. There is no option to wait the response's body.
2020-05-05 11:46:34 -04:00
/* possible keywords: req.hdrs, res.hdrs */
struct channel *chn = ((kw[2] == 'q') ? SMP_REQ_CHN(smp) : SMP_RES_CHN(smp));
MINOR: checks/sample: Remove unnecessary tests on the sample session A sample must always have a session defined. Otherwise, it is a bug. So it is unnecessary to test if it is defined when called from a health checks context. This patch fixes the issue #616.
2020-05-06 03:42:04 -04:00
struct check *check = ((kw[2] == 's') ? objt_check(smp->sess->origin) : NULL);
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, check, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct buffer *temp;
int32_t pos;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
temp = get_trash_chunk();
for (pos = htx_get_first(htx); pos != -1; pos = htx_get_next(htx, pos)) {
struct htx_blk *blk = htx_get_blk(htx, pos);
enum htx_blk_type type = htx_get_blk_type(blk);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (type == HTX_BLK_HDR) {
struct ist n = htx_get_blk_name(htx, blk);
struct ist v = htx_get_blk_value(htx, blk);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
CLEANUP: h1-htx: Move htx-to-h1 formatting functions from htx.c to h1_htx.c The functions "htx_*_to_h1()" have been renamed into "h1_format_htx_*()" and moved in the file h1_htx.c. It is the right place for such functions.
2019-10-08 10:38:42 -04:00
if (!h1_format_htx_hdr(n, v, temp))
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
return 0;
}
else if (type == HTX_BLK_EOH) {
if (!chunk_memcat(temp, "\r\n", 2))
return 0;
break;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
}
}
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->data.type = SMP_T_STR;
smp->data.u.str = *temp;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 1;
}
/* Returns the header request in a length/value encoded format.
* This is useful for exchanges with the SPOE.
*
* A "length value" is a multibyte code encoding numbers. It uses the
* SPOE format. The encoding is the following:
*
* Each couple "header name" / "header value" is composed
* like this:
* "length value" "header name bytes"
* "length value" "header value bytes"
* When the last header is reached, the header name and the header
* value are empty. Their length are 0
*/
static int smp_fetch_hdrs_bin(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
MEDIUM: checks: Remove dedicated sample fetches and use response ones instead All sample fetches in the scope "check." have been removed. Response sample fetches must be used instead. It avoids keyword duplication. So, for instance, res.hdr() must be now used instead of check.hdr(). To do so, following sample fetches have been added on the response : * res.body, res.body_len and res.body_size * res.hdrs and res.hdrs_bin Sample feches dealing with the response's body are only useful in the health checks context. When called from a stream context, there is no warranty on the body presence. There is no option to wait the response's body.
2020-05-05 11:46:34 -04:00
/* possible keywords: req.hdrs_bin, res.hdrs_bin */
struct channel *chn = ((kw[2] == 'q') ? SMP_REQ_CHN(smp) : SMP_RES_CHN(smp));
MINOR: checks/sample: Remove unnecessary tests on the sample session A sample must always have a session defined. Otherwise, it is a bug. So it is unnecessary to test if it is defined when called from a health checks context. This patch fixes the issue #616.
2020-05-06 03:42:04 -04:00
struct check *check = ((kw[2] == 's') ? objt_check(smp->sess->origin) : NULL);
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, check, 1);
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
struct buffer *temp;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
char *p, *end;
int32_t pos;
int ret;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
temp = get_trash_chunk();
p = temp->area;
end = temp->area + temp->size;
for (pos = htx_get_first(htx); pos != -1; pos = htx_get_next(htx, pos)) {
struct htx_blk *blk = htx_get_blk(htx, pos);
enum htx_blk_type type = htx_get_blk_type(blk);
struct ist n, v;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (type == HTX_BLK_HDR) {
n = htx_get_blk_name(htx,blk);
v = htx_get_blk_value(htx, blk);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
/* encode the header name. */
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
ret = encode_varint(n.len, &p, end);
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
if (ret == -1)
return 0;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (p + n.len > end)
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
return 0;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
memcpy(p, n.ptr, n.len);
p += n.len;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
/* encode the header value. */
ret = encode_varint(v.len, &p, end);
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
if (ret == -1)
return 0;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (p + v.len > end)
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
return 0;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
memcpy(p, v.ptr, v.len);
p += v.len;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
}
else if (type == HTX_BLK_EOH) {
/* encode the end of the header list with empty
* header name and header value.
*/
ret = encode_varint(0, &p, end);
if (ret == -1)
return 0;
ret = encode_varint(0, &p, end);
if (ret == -1)
return 0;
break;
}
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
}
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
/* Initialise sample data which will be filled. */
smp->data.type = SMP_T_BIN;
smp->data.u.str.area = temp->area;
smp->data.u.str.data = p - temp->area;
smp->data.u.str.size = temp->size;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 1;
}
/* returns the longest available part of the body. This requires that the body
* has been waited for using http-buffer-request.
*/
static int smp_fetch_body(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
MEDIUM: checks: Remove dedicated sample fetches and use response ones instead All sample fetches in the scope "check." have been removed. Response sample fetches must be used instead. It avoids keyword duplication. So, for instance, res.hdr() must be now used instead of check.hdr(). To do so, following sample fetches have been added on the response : * res.body, res.body_len and res.body_size * res.hdrs and res.hdrs_bin Sample feches dealing with the response's body are only useful in the health checks context. When called from a stream context, there is no warranty on the body presence. There is no option to wait the response's body.
2020-05-05 11:46:34 -04:00
/* possible keywords: req.body, res.body */
struct channel *chn = ((kw[2] == 'q') ? SMP_REQ_CHN(smp) : SMP_RES_CHN(smp));
MINOR: checks/sample: Remove unnecessary tests on the sample session A sample must always have a session defined. Otherwise, it is a bug. So it is unnecessary to test if it is defined when called from a health checks context. This patch fixes the issue #616.
2020-05-06 03:42:04 -04:00
struct check *check = ((kw[2] == 's') ? objt_check(smp->sess->origin) : NULL);
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, check, 1);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
struct buffer *temp;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
int32_t pos;
BUG/MINOR: http-fetch: Fix smp_fetch_body() when called from a health-check res.body may be called from a health-check. It is probably never used. But it is possibe. In such case, there is no channel. Thus we must not use it unconditionally to set the flag SMP_F_MAY_CHANGE on the smp. Now the condition test the channel first. In addtion, the flag is not set if the payload is fully received. This patch must be backported as far as 2.2.
2020-11-25 02:08:08 -05:00
int finished = 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
temp = get_trash_chunk();
for (pos = htx_get_first(htx); pos != -1; pos = htx_get_next(htx, pos)) {
struct htx_blk *blk = htx_get_blk(htx, pos);
enum htx_blk_type type = htx_get_blk_type(blk);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MAJOR: htx: Remove the EOM block type and use HTX_FL_EOM instead The EOM block may be removed. The HTX_FL_EOM flags is enough. Most of time, to know if the end of the message is reached, we just need to have an empty HTX message with HTX_FL_EOM flag set. It may also be detected when the last block of a message with HTX_FL_EOM flag is manipulated. Removing EOM blocks simplifies the HTX message filling. Indeed, there is no more edge problems when the message ends but there is no more space to write the EOM block. However, some part are more tricky. Especially the compression filter or the FCGI mux. The compression filter must finish the compression on the last DATA block. Before it was performed on the EOM block, an extra DATA block with the checksum was added. Now, we must detect the last DATA block to be sure to finish the compression. The FCGI mux on its part must be sure to reserve the space for the empty STDIN record on the last DATA block while this record was inserted on the EOM block. The H2 multiplexer is probably the part that benefits the most from this change. Indeed, it is now fairly easier to known when to set the ES flag. The HTX documentaion has been updated accordingly.
2020-12-02 13:12:22 -05:00
if (type == HTX_BLK_TLR || type == HTX_BLK_EOT) {
BUG/MINOR: http-fetch: Fix smp_fetch_body() when called from a health-check res.body may be called from a health-check. It is probably never used. But it is possibe. In such case, there is no channel. Thus we must not use it unconditionally to set the flag SMP_F_MAY_CHANGE on the smp. Now the condition test the channel first. In addtion, the flag is not set if the payload is fully received. This patch must be backported as far as 2.2.
2020-11-25 02:08:08 -05:00
finished = 1;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
break;
BUG/MINOR: http-fetch: Fix smp_fetch_body() when called from a health-check res.body may be called from a health-check. It is probably never used. But it is possibe. In such case, there is no channel. Thus we must not use it unconditionally to set the flag SMP_F_MAY_CHANGE on the smp. Now the condition test the channel first. In addtion, the flag is not set if the payload is fully received. This patch must be backported as far as 2.2.
2020-11-25 02:08:08 -05:00
}
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (type == HTX_BLK_DATA) {
CLEANUP: h1-htx: Move htx-to-h1 formatting functions from htx.c to h1_htx.c The functions "htx_*_to_h1()" have been renamed into "h1_format_htx_*()" and moved in the file h1_htx.c. It is the right place for such functions.
2019-10-08 10:38:42 -04:00
if (!h1_format_htx_data(htx_get_blk_value(htx, blk), temp, 0))
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
return 0;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
}
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->data.type = SMP_T_BIN;
smp->data.u.str = *temp;
smp->flags = SMP_F_VOL_TEST;
BUG/MINOR: http: make smp_fetch_body() report that the contents may change The req_body and res_body sample fetch functions forgot to set the SMP_F_MAY_CHANGE flag, making them unusable in tcp content rules. Now we set the flag as long as the channel is not full and nothing indicates the end was reached. This is marked as a bug because it's unusual for a sample fetch function to return a final verdict while data my change, but this results from a limitation that was affecting the legacy mode where it was not possible to know whether the end was reached without de-chunking the message. In HTX there is no more reason to limit this. This fix could be backported to 2.1, and to 2.0 if really needed, though it will only be doable for HTX, and legacy cannot be fixed.
2020-06-15 12:01:10 -04:00
BUG/MINOR: http-fetch: Fix smp_fetch_body() when called from a health-check res.body may be called from a health-check. It is probably never used. But it is possibe. In such case, there is no channel. Thus we must not use it unconditionally to set the flag SMP_F_MAY_CHANGE on the smp. Now the condition test the channel first. In addtion, the flag is not set if the payload is fully received. This patch must be backported as far as 2.2.
2020-11-25 02:08:08 -05:00
if (!finished && (check || (chn && !channel_full(chn, global.tune.maxrewrite) &&
MEDIUM: tree-wide: Move flags about shut from the channel to the SC The purpose of this patch is only a one-to-one replacement, as far as possible. CF_SHUTR(_NOW) and CF_SHUTW(_NOW) flags are now carried by the stream-connecter. CF_ prefix is replaced by SC_FL_ one. Of course, it is not so simple because at many places, we were testing if a channel was shut for reads and writes in same time. To do the same, shut for reads must be tested on one side on the SC and shut for writes on the other side on the opposite SC. A special care was taken with process_stream(). flags of SCs must be saved to be able to detect changes, just like for the channels.
2023-04-03 12:32:50 -04:00
!(chn_prod(chn)->flags & (SC_FL_EOI|SC_FL_SHUTR)))))
BUG/MINOR: http: make smp_fetch_body() report that the contents may change The req_body and res_body sample fetch functions forgot to set the SMP_F_MAY_CHANGE flag, making them unusable in tcp content rules. Now we set the flag as long as the channel is not full and nothing indicates the end was reached. This is marked as a bug because it's unusual for a sample fetch function to return a final verdict while data my change, but this results from a limitation that was affecting the legacy mode where it was not possible to know whether the end was reached without de-chunking the message. In HTX there is no more reason to limit this. This fix could be backported to 2.1, and to 2.0 if really needed, though it will only be doable for HTX, and legacy cannot be fixed.
2020-06-15 12:01:10 -04:00
smp->flags |= SMP_F_MAY_CHANGE;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 1;
}
/* returns the available length of the body. This requires that the body
* has been waited for using http-buffer-request.
*/
static int smp_fetch_body_len(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
MEDIUM: checks: Remove dedicated sample fetches and use response ones instead All sample fetches in the scope "check." have been removed. Response sample fetches must be used instead. It avoids keyword duplication. So, for instance, res.hdr() must be now used instead of check.hdr(). To do so, following sample fetches have been added on the response : * res.body, res.body_len and res.body_size * res.hdrs and res.hdrs_bin Sample feches dealing with the response's body are only useful in the health checks context. When called from a stream context, there is no warranty on the body presence. There is no option to wait the response's body.
2020-05-05 11:46:34 -04:00
/* possible keywords: req.body_len, res.body_len */
struct channel *chn = ((kw[2] == 'q') ? SMP_REQ_CHN(smp) : SMP_RES_CHN(smp));
MINOR: checks/sample: Remove unnecessary tests on the sample session A sample must always have a session defined. Otherwise, it is a bug. So it is unnecessary to test if it is defined when called from a health checks context. This patch fixes the issue #616.
2020-05-06 03:42:04 -04:00
struct check *check = ((kw[2] == 's') ? objt_check(smp->sess->origin) : NULL);
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, check, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
int32_t pos;
unsigned long long len = 0;
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
MINOR: http_fecth: Implement body_len and body_size sample fetches for the HTX HTX implementation for these 2 sample fetches was missing. This patch fills this gap.
2018-12-12 08:11:22 -05:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
for (pos = htx_get_first(htx); pos != -1; pos = htx_get_next(htx, pos)) {
struct htx_blk *blk = htx_get_blk(htx, pos);
enum htx_blk_type type = htx_get_blk_type(blk);
MINOR: http_fecth: Implement body_len and body_size sample fetches for the HTX HTX implementation for these 2 sample fetches was missing. This patch fills this gap.
2018-12-12 08:11:22 -05:00
MAJOR: htx: Remove the EOM block type and use HTX_FL_EOM instead The EOM block may be removed. The HTX_FL_EOM flags is enough. Most of time, to know if the end of the message is reached, we just need to have an empty HTX message with HTX_FL_EOM flag set. It may also be detected when the last block of a message with HTX_FL_EOM flag is manipulated. Removing EOM blocks simplifies the HTX message filling. Indeed, there is no more edge problems when the message ends but there is no more space to write the EOM block. However, some part are more tricky. Especially the compression filter or the FCGI mux. The compression filter must finish the compression on the last DATA block. Before it was performed on the EOM block, an extra DATA block with the checksum was added. Now, we must detect the last DATA block to be sure to finish the compression. The FCGI mux on its part must be sure to reserve the space for the empty STDIN record on the last DATA block while this record was inserted on the EOM block. The H2 multiplexer is probably the part that benefits the most from this change. Indeed, it is now fairly easier to known when to set the ES flag. The HTX documentaion has been updated accordingly.
2020-12-02 13:12:22 -05:00
if (type == HTX_BLK_TLR || type == HTX_BLK_EOT)
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
break;
if (type == HTX_BLK_DATA)
len += htx_get_blksz(blk);
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
}
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->data.type = SMP_T_SINT;
smp->data.u.sint = len;
smp->flags = SMP_F_VOL_TEST;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 1;
}
/* returns the advertised length of the body, or the advertised size of the
* chunks available in the buffer. This requires that the body has been waited
* for using http-buffer-request.
*/
static int smp_fetch_body_size(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
MEDIUM: checks: Remove dedicated sample fetches and use response ones instead All sample fetches in the scope "check." have been removed. Response sample fetches must be used instead. It avoids keyword duplication. So, for instance, res.hdr() must be now used instead of check.hdr(). To do so, following sample fetches have been added on the response : * res.body, res.body_len and res.body_size * res.hdrs and res.hdrs_bin Sample feches dealing with the response's body are only useful in the health checks context. When called from a stream context, there is no warranty on the body presence. There is no option to wait the response's body.
2020-05-05 11:46:34 -04:00
/* possible keywords: req.body_size, res.body_size */
struct channel *chn = ((kw[2] == 'q') ? SMP_REQ_CHN(smp) : SMP_RES_CHN(smp));
MINOR: checks/sample: Remove unnecessary tests on the sample session A sample must always have a session defined. Otherwise, it is a bug. So it is unnecessary to test if it is defined when called from a health checks context. This patch fixes the issue #616.
2020-05-06 03:42:04 -04:00
struct check *check = ((kw[2] == 's') ? objt_check(smp->sess->origin) : NULL);
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, check, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
int32_t pos;
unsigned long long len = 0;
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
MINOR: http_fecth: Implement body_len and body_size sample fetches for the HTX HTX implementation for these 2 sample fetches was missing. This patch fills this gap.
2018-12-12 08:11:22 -05:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
for (pos = htx_get_first(htx); pos != -1; pos = htx_get_next(htx, pos)) {
struct htx_blk *blk = htx_get_blk(htx, pos);
enum htx_blk_type type = htx_get_blk_type(blk);
MINOR: http_fecth: Implement body_len and body_size sample fetches for the HTX HTX implementation for these 2 sample fetches was missing. This patch fills this gap.
2018-12-12 08:11:22 -05:00
MAJOR: htx: Remove the EOM block type and use HTX_FL_EOM instead The EOM block may be removed. The HTX_FL_EOM flags is enough. Most of time, to know if the end of the message is reached, we just need to have an empty HTX message with HTX_FL_EOM flag set. It may also be detected when the last block of a message with HTX_FL_EOM flag is manipulated. Removing EOM blocks simplifies the HTX message filling. Indeed, there is no more edge problems when the message ends but there is no more space to write the EOM block. However, some part are more tricky. Especially the compression filter or the FCGI mux. The compression filter must finish the compression on the last DATA block. Before it was performed on the EOM block, an extra DATA block with the checksum was added. Now, we must detect the last DATA block to be sure to finish the compression. The FCGI mux on its part must be sure to reserve the space for the empty STDIN record on the last DATA block while this record was inserted on the EOM block. The H2 multiplexer is probably the part that benefits the most from this change. Indeed, it is now fairly easier to known when to set the ES flag. The HTX documentaion has been updated accordingly.
2020-12-02 13:12:22 -05:00
if (type == HTX_BLK_TLR || type == HTX_BLK_EOT)
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
break;
if (type == HTX_BLK_DATA)
len += htx_get_blksz(blk);
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
}
MINOR: htx: Add an HTX value for the extra field is payload length is unknown When the payload length cannot be determined, the htx extra field is set to the magical vlaue ULLONG_MAX. It is not obvious. This a dedicated HTX value is now used. Now, HTX_UNKOWN_PAYLOAD_LENGTH must be used in this case, instead of ULLONG_MAX.
2023-01-13 05:40:24 -05:00
if (htx->extra != HTX_UNKOWN_PAYLOAD_LENGTH)
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
len += htx->extra;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->data.type = SMP_T_SINT;
smp->data.u.sint = len;
smp->flags = SMP_F_VOL_TEST;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 1;
}
/* 4. Check on URL/URI. A pointer to the URI is stored. */
static int smp_fetch_url(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_REQ_CHN(smp);
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct htx_sl *sl;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
sl = http_get_stline(htx);
smp->data.type = SMP_T_STR;
smp->data.u.str.area = HTX_SL_REQ_UPTR(sl);
smp->data.u.str.data = HTX_SL_REQ_ULEN(sl);
smp->flags = SMP_F_VOL_1ST | SMP_F_CONST;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 1;
}
static int smp_fetch_url_ip(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_REQ_CHN(smp);
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct htx_sl *sl;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
struct sockaddr_storage addr;
BUG/MINOR: http_fetch: fix possible uninit sockaddr in fetch_url_ip/port Check the return value of url2sa in smp_fetch_url_ip/port. If negative, the address result is uninitialized and the sample fetch is aborted. Also, the sockaddr is prelimiary zero'ed before calling url2sa to ensure that it is not used by upper functions even if the sample returns 0. Without the check, the value returned by the url_ip/url_port fetches is unspecified. This can be triggered with the following curl : $ curl -iv --request-target "xxx://127.0.0.1:20080/" http://127.0.0.1:20080/ This should be backported to all stable branches. However, note that between the 1.8 and 2.0, the targetted functions have been extracted from proto_http.c to http_fetch.c. This should fix in part coverity report from the github issue #1244.
2021-05-10 05:23:34 -04:00
memset(&addr, 0, sizeof(addr));
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
sl = http_get_stline(htx);
BUG/MINOR: http_fetch: fix possible uninit sockaddr in fetch_url_ip/port Check the return value of url2sa in smp_fetch_url_ip/port. If negative, the address result is uninitialized and the sample fetch is aborted. Also, the sockaddr is prelimiary zero'ed before calling url2sa to ensure that it is not used by upper functions even if the sample returns 0. Without the check, the value returned by the url_ip/url_port fetches is unspecified. This can be triggered with the following curl : $ curl -iv --request-target "xxx://127.0.0.1:20080/" http://127.0.0.1:20080/ This should be backported to all stable branches. However, note that between the 1.8 and 2.0, the targetted functions have been extracted from proto_http.c to http_fetch.c. This should fix in part coverity report from the github issue #1244.
2021-05-10 05:23:34 -04:00
if (url2sa(HTX_SL_REQ_UPTR(sl), HTX_SL_REQ_ULEN(sl), &addr, NULL) < 0)
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
BUILD: http_fetch: address a few aliasing warnings with older compilers gcc-4.4 complains about aliasing in smp_fetch_url_port() and smp_fetch_url_ip() because the local addr variable is casted to sturct sockaddr_in before being checked. The family should be checked on the sockaddr_storage and we have a function to retrieve the port. The compiler still sees some warnings but these ones are OK now.
2021-05-09 04:32:54 -04:00
if (addr.ss_family != AF_INET)
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 0;
smp->data.type = SMP_T_IPV4;
smp->data.u.ipv4 = ((struct sockaddr_in *)&addr)->sin_addr;
smp->flags = 0;
return 1;
}
static int smp_fetch_url_port(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_REQ_CHN(smp);
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct htx_sl *sl;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
struct sockaddr_storage addr;
BUG/MINOR: http_fetch: fix possible uninit sockaddr in fetch_url_ip/port Check the return value of url2sa in smp_fetch_url_ip/port. If negative, the address result is uninitialized and the sample fetch is aborted. Also, the sockaddr is prelimiary zero'ed before calling url2sa to ensure that it is not used by upper functions even if the sample returns 0. Without the check, the value returned by the url_ip/url_port fetches is unspecified. This can be triggered with the following curl : $ curl -iv --request-target "xxx://127.0.0.1:20080/" http://127.0.0.1:20080/ This should be backported to all stable branches. However, note that between the 1.8 and 2.0, the targetted functions have been extracted from proto_http.c to http_fetch.c. This should fix in part coverity report from the github issue #1244.
2021-05-10 05:23:34 -04:00
memset(&addr, 0, sizeof(addr));
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
sl = http_get_stline(htx);
BUG/MINOR: http_fetch: fix possible uninit sockaddr in fetch_url_ip/port Check the return value of url2sa in smp_fetch_url_ip/port. If negative, the address result is uninitialized and the sample fetch is aborted. Also, the sockaddr is prelimiary zero'ed before calling url2sa to ensure that it is not used by upper functions even if the sample returns 0. Without the check, the value returned by the url_ip/url_port fetches is unspecified. This can be triggered with the following curl : $ curl -iv --request-target "xxx://127.0.0.1:20080/" http://127.0.0.1:20080/ This should be backported to all stable branches. However, note that between the 1.8 and 2.0, the targetted functions have been extracted from proto_http.c to http_fetch.c. This should fix in part coverity report from the github issue #1244.
2021-05-10 05:23:34 -04:00
if (url2sa(HTX_SL_REQ_UPTR(sl), HTX_SL_REQ_ULEN(sl), &addr, NULL) < 0)
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
BUILD: http_fetch: address a few aliasing warnings with older compilers gcc-4.4 complains about aliasing in smp_fetch_url_port() and smp_fetch_url_ip() because the local addr variable is casted to sturct sockaddr_in before being checked. The family should be checked on the sockaddr_storage and we have a function to retrieve the port. The compiler still sees some warnings but these ones are OK now.
2021-05-09 04:32:54 -04:00
if (addr.ss_family != AF_INET)
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 0;
smp->data.type = SMP_T_SINT;
BUILD: http_fetch: address a few aliasing warnings with older compilers gcc-4.4 complains about aliasing in smp_fetch_url_port() and smp_fetch_url_ip() because the local addr variable is casted to sturct sockaddr_in before being checked. The family should be checked on the sockaddr_storage and we have a function to retrieve the port. The compiler still sees some warnings but these ones are OK now.
2021-05-09 04:32:54 -04:00
smp->data.u.sint = get_host_port(&addr);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
smp->flags = 0;
return 1;
}
/* Fetch an HTTP header. A pointer to the beginning of the value is returned.
* Accepts an optional argument of type string containing the header field name,
* and an optional argument of type signed or unsigned integer to request an
* explicit occurrence of the header. Note that in the event of a missing name,
* headers are considered from the first one. It does not stop on commas and
* returns full lines instead (useful for User-Agent or Date for example).
*/
static int smp_fetch_fhdr(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
/* possible keywords: req.fhdr, res.fhdr */
struct channel *chn = ((kw[2] == 'q') ? SMP_REQ_CHN(smp) : SMP_RES_CHN(smp));
MINOR: checks/sample: Remove unnecessary tests on the sample session A sample must always have a session defined. Otherwise, it is a bug. So it is unnecessary to test if it is defined when called from a health checks context. This patch fixes the issue #616.
2020-05-06 03:42:04 -04:00
struct check *check = ((kw[2] == 's') ? objt_check(smp->sess->origin) : NULL);
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, check, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct http_hdr_ctx *ctx = smp->ctx.a[0];
struct ist name;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
int occ = 0;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!ctx) {
/* first call */
ctx = &static_http_hdr_ctx;
ctx->blk = NULL;
smp->ctx.a[0] = ctx;
}
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MINOR: http-fetch: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it. There is also plenty of checks on arguments types while it is already validated during the configuration parsing. But one thing at a time. This patch should fix the issue #1087.
2021-01-29 05:22:15 -05:00
if (args[0].type != ARGT_STR)
return 0;
CLEANUP: Use ist2(const void*, size_t) whenever possible Refactoring performed with the following Coccinelle patch: @@ struct ist i; expression p, l; @@ - i.ptr = p; - i.len = l; + i = ist2(p, l);
2021-02-28 10:11:36 -05:00
name = ist2(args[0].data.str.area, args[0].data.str.data);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MINOR: http-fetch: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it. There is also plenty of checks on arguments types while it is already validated during the configuration parsing. But one thing at a time. This patch should fix the issue #1087.
2021-01-29 05:22:15 -05:00
if (args[1].type == ARGT_SINT)
occ = args[1].data.sint;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (ctx && !(smp->flags & SMP_F_NOT_LAST))
/* search for header from the beginning */
ctx->blk = NULL;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!occ && !(smp->opt & SMP_OPT_ITERATE))
/* no explicit occurrence and single fetch => last header by default */
occ = -1;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!occ)
/* prepare to report multiple occurrences for ACL fetches */
smp->flags |= SMP_F_NOT_LAST;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->data.type = SMP_T_STR;
smp->flags |= SMP_F_VOL_HDR | SMP_F_CONST;
if (http_get_htx_fhdr(htx, name, occ, ctx, &smp->data.u.str.area, &smp->data.u.str.data))
return 1;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
smp->flags &= ~SMP_F_NOT_LAST;
return 0;
}
/* 6. Check on HTTP header count. The number of occurrences is returned.
* Accepts exactly 1 argument of type string. It does not stop on commas and
* returns full lines instead (useful for User-Agent or Date for example).
*/
static int smp_fetch_fhdr_cnt(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
/* possible keywords: req.fhdr_cnt, res.fhdr_cnt */
struct channel *chn = ((kw[2] == 'q') ? SMP_REQ_CHN(smp) : SMP_RES_CHN(smp));
MINOR: checks/sample: Remove unnecessary tests on the sample session A sample must always have a session defined. Otherwise, it is a bug. So it is unnecessary to test if it is defined when called from a health checks context. This patch fixes the issue #616.
2020-05-06 03:42:04 -04:00
struct check *check = ((kw[2] == 's') ? objt_check(smp->sess->origin) : NULL);
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, check, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct http_hdr_ctx ctx;
struct ist name;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
int cnt;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MINOR: http-fetch: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it. There is also plenty of checks on arguments types while it is already validated during the configuration parsing. But one thing at a time. This patch should fix the issue #1087.
2021-01-29 05:22:15 -05:00
if (args->type == ARGT_STR) {
CLEANUP: Use ist2(const void*, size_t) whenever possible Refactoring performed with the following Coccinelle patch: @@ struct ist i; expression p, l; @@ - i.ptr = p; - i.len = l; + i = ist2(p, l);
2021-02-28 10:11:36 -05:00
name = ist2(args->data.str.area, args->data.str.data);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
} else {
CLEANUP: Use IST_NULL whenever possible Refactoring performed with the following Coccinelle patch: @@ @@ - ist2(NULL, 0) + IST_NULL
2021-02-28 10:11:37 -05:00
name = IST_NULL;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
}
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
ctx.blk = NULL;
cnt = 0;
while (http_find_header(htx, name, &ctx, 1))
cnt++;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
smp->data.type = SMP_T_SINT;
smp->data.u.sint = cnt;
smp->flags = SMP_F_VOL_HDR;
return 1;
}
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
static int smp_fetch_hdr_names(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
/* possible keywords: req.hdr_names, res.hdr_names */
struct channel *chn = ((kw[2] == 'q') ? SMP_REQ_CHN(smp) : SMP_RES_CHN(smp));
MINOR: checks/sample: Remove unnecessary tests on the sample session A sample must always have a session defined. Otherwise, it is a bug. So it is unnecessary to test if it is defined when called from a health checks context. This patch fixes the issue #616.
2020-05-06 03:42:04 -04:00
struct check *check = ((kw[2] == 's') ? objt_check(smp->sess->origin) : NULL);
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, check, 1);
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
struct buffer *temp;
char del = ',';
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
int32_t pos;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MINOR: http-fetch: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it. There is also plenty of checks on arguments types while it is already validated during the configuration parsing. But one thing at a time. This patch should fix the issue #1087.
2021-01-29 05:22:15 -05:00
if (args->type == ARGT_STR)
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
del = *args[0].data.str.area;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
temp = get_trash_chunk();
for (pos = htx_get_first(htx); pos != -1; pos = htx_get_next(htx, pos)) {
struct htx_blk *blk = htx_get_blk(htx, pos);
enum htx_blk_type type = htx_get_blk_type(blk);
struct ist n;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (type == HTX_BLK_EOH)
break;
if (type != HTX_BLK_HDR)
continue;
n = htx_get_blk_name(htx, blk);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (temp->data)
temp->area[temp->data++] = del;
CLEANUP: Apply ist.cocci This is to make use of `chunk_istcat()`.
2021-11-08 03:05:04 -05:00
chunk_istcat(temp, n);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
smp->data.type = SMP_T_STR;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
smp->data.u.str = *temp;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
smp->flags = SMP_F_VOL_HDR;
return 1;
}
/* Fetch an HTTP header. A pointer to the beginning of the value is returned.
* Accepts an optional argument of type string containing the header field name,
* and an optional argument of type signed or unsigned integer to request an
* explicit occurrence of the header. Note that in the event of a missing name,
* headers are considered from the first one.
*/
static int smp_fetch_hdr(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
/* possible keywords: req.hdr / hdr, res.hdr / shdr */
struct channel *chn = ((kw[0] == 'h' || kw[2] == 'q') ? SMP_REQ_CHN(smp) : SMP_RES_CHN(smp));
MINOR: checks/sample: Remove unnecessary tests on the sample session A sample must always have a session defined. Otherwise, it is a bug. So it is unnecessary to test if it is defined when called from a health checks context. This patch fixes the issue #616.
2020-05-06 03:42:04 -04:00
struct check *check = ((kw[0] == 's' || kw[2] == 's') ? objt_check(smp->sess->origin) : NULL);
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, check, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct http_hdr_ctx *ctx = smp->ctx.a[0];
struct ist name;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
int occ = 0;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!ctx) {
/* first call */
ctx = &static_http_hdr_ctx;
ctx->blk = NULL;
smp->ctx.a[0] = ctx;
}
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MINOR: http-fetch: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it. There is also plenty of checks on arguments types while it is already validated during the configuration parsing. But one thing at a time. This patch should fix the issue #1087.
2021-01-29 05:22:15 -05:00
if (args[0].type != ARGT_STR)
return 0;
CLEANUP: Use ist2(const void*, size_t) whenever possible Refactoring performed with the following Coccinelle patch: @@ struct ist i; expression p, l; @@ - i.ptr = p; - i.len = l; + i = ist2(p, l);
2021-02-28 10:11:36 -05:00
name = ist2(args[0].data.str.area, args[0].data.str.data);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MINOR: http-fetch: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it. There is also plenty of checks on arguments types while it is already validated during the configuration parsing. But one thing at a time. This patch should fix the issue #1087.
2021-01-29 05:22:15 -05:00
if (args[1].type == ARGT_SINT)
occ = args[1].data.sint;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (ctx && !(smp->flags & SMP_F_NOT_LAST))
/* search for header from the beginning */
ctx->blk = NULL;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!occ && !(smp->opt & SMP_OPT_ITERATE))
/* no explicit occurrence and single fetch => last header by default */
occ = -1;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!occ)
/* prepare to report multiple occurrences for ACL fetches */
smp->flags |= SMP_F_NOT_LAST;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->data.type = SMP_T_STR;
smp->flags |= SMP_F_VOL_HDR | SMP_F_CONST;
if (http_get_htx_hdr(htx, name, occ, ctx, &smp->data.u.str.area, &smp->data.u.str.data))
return 1;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
smp->flags &= ~SMP_F_NOT_LAST;
return 0;
}
BUG/MINOR: http_fetch: Rely on the smp direction for "cookie()" and "hdr()" A regression was introduced in the commit 89dc49935 ("BUG/MAJOR: http_fetch: Get the channel depending on the keyword used") on the samples "cookie()" and "hdr()". Unlike other samples manipulating the HTTP headers, these ones depend on the sample direction. To fix the bug, these samples use now their own functions. Depending on the sample direction, they call smp_fetch_cookie() and smp_fetch_hdr() with the appropriate keyword. Thanks to Yves Lafon to report this issue. This patch must be backported wherever the commit 89dc49935 was backported. For now, 1.9 and 1.8.
2019-05-16 04:07:30 -04:00
/* Same than smp_fetch_hdr() but only relies on the sample direction to choose
* the right channel. So instead of duplicating the code, we just change the
* keyword and then fallback on smp_fetch_hdr().
*/
static int smp_fetch_chn_hdr(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
kw = ((smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_REQ ? "req.hdr" : "res.hdr");
return smp_fetch_hdr(args, smp, kw, private);
}
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
/* 6. Check on HTTP header count. The number of occurrences is returned.
* Accepts exactly 1 argument of type string.
*/
static int smp_fetch_hdr_cnt(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
/* possible keywords: req.hdr_cnt / hdr_cnt, res.hdr_cnt / shdr_cnt */
struct channel *chn = ((kw[0] == 'h' || kw[2] == 'q') ? SMP_REQ_CHN(smp) : SMP_RES_CHN(smp));
MINOR: checks/sample: Remove unnecessary tests on the sample session A sample must always have a session defined. Otherwise, it is a bug. So it is unnecessary to test if it is defined when called from a health checks context. This patch fixes the issue #616.
2020-05-06 03:42:04 -04:00
struct check *check = ((kw[0] == 's' || kw[2] == 's') ? objt_check(smp->sess->origin) : NULL);
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, check, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct http_hdr_ctx ctx;
struct ist name;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
int cnt;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MINOR: http-fetch: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it. There is also plenty of checks on arguments types while it is already validated during the configuration parsing. But one thing at a time. This patch should fix the issue #1087.
2021-01-29 05:22:15 -05:00
if (args->type == ARGT_STR) {
CLEANUP: Use ist2(const void*, size_t) whenever possible Refactoring performed with the following Coccinelle patch: @@ struct ist i; expression p, l; @@ - i.ptr = p; - i.len = l; + i = ist2(p, l);
2021-02-28 10:11:36 -05:00
name = ist2(args->data.str.area, args->data.str.data);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
} else {
CLEANUP: Use IST_NULL whenever possible Refactoring performed with the following Coccinelle patch: @@ @@ - ist2(NULL, 0) + IST_NULL
2021-02-28 10:11:37 -05:00
name = IST_NULL;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
}
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
ctx.blk = NULL;
cnt = 0;
while (http_find_header(htx, name, &ctx, 0))
cnt++;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
smp->data.type = SMP_T_SINT;
smp->data.u.sint = cnt;
smp->flags = SMP_F_VOL_HDR;
return 1;
}
/* Fetch an HTTP header's integer value. The integer value is returned. It
* takes a mandatory argument of type string and an optional one of type int
* to designate a specific occurrence. It returns an unsigned integer, which
* may or may not be appropriate for everything.
*/
static int smp_fetch_hdr_val(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
int ret = smp_fetch_hdr(args, smp, kw, private);
if (ret > 0) {
smp->data.type = SMP_T_SINT;
smp->data.u.sint = strl2ic(smp->data.u.str.area,
smp->data.u.str.data);
}
return ret;
}
/* Fetch an HTTP header's IP value. takes a mandatory argument of type string
* and an optional one of type int to designate a specific occurrence.
BUG/MINOR: http_fetch: make hdr_ip() reject trailing characters The hdr_ip() sample fetch function will try to extract IP addresses from a header field. These IP addresses are parsed using url2ipv4() and if it fails it will fall back to inet_pton(AF_INET6), otherwise will fail. There is a small problem there which is that if a field starts with an IP address and is immediately followed by some garbage, the IP address part is still returned. This is a problem with fields such as x-forwarded-for because it prevents detection of accidental corruption or bug along the chain. For example, the following string: x-forwarded-for: 1.2.3.4; 5.6.7.8 or this one: x-forwarded-for: 1.2.3.4O ( the last one being the letter 'O') would still return "1.2.3.4" despite the trailing characters. This is bad because it will silently cover broken code running on intermediary proxies and may even in some cases allow haproxy to pass improperly formatted headers after they were apparently validated, for example, if someone extracts the address from this field to place it into another one. This issue would only affect the IPv4 parser, because the IPv6 parser already uses inet_pton() which fails at the first invalid character and rejects trailing port numbers. In strict compliance with RFC7239, let's make sure that if there are any characters left in the string, the parsing fails and makes hdr_ip() return nothing. However, a special case has to be handled to support IPv4 addresses followed by a colon and a valid port number, because till now the parser used to implicitly accept them and it appears that this practice, though rare, does exist at least in Azure: https://docs.microsoft.com/en-us/azure/application-gateway/how-application-gateway-works This issue has always been there so the fix may be backported to all versions. It will need the following commit in order to work as expected: MINOR: tools: make url2ipv4 return the exact number of bytes parsed Many thanks to https://twitter.com/melardev and the BitMEX Security Team for their detailed report.
2021-03-25 09:12:29 -04:00
* It returns an IPv4 or IPv6 address. Addresses surrounded by invalid chars
* are rejected. However IPv4 addresses may be followed with a colon and a
* valid port number.
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
*/
static int smp_fetch_hdr_ip(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MEDIUM: fetch: Fix hdr_ip misparsing IPv4 addresses due to missing NUL The IPv4 code did not take into account that the header value might not contain the trailing NUL byte, possibly reading stray data after the header value, failing the parse and testing the IPv6 branch. That one adds the missing NUL, but fails to parse IPv4 addresses. Fix this issue by always adding the trailing NUL. The bug was reported on GitHub as issue #715. It's not entirely clear when this bug started appearing, possibly earlier versions of smp_fetch_hdr guaranteed the NUL termination. However the addition of the NUL in the IPv6 case was added together with IPv6 support, hinting that at that point in time the NUL was not guaranteed. The commit that added IPv6 support was 69fa99292e689e355080d83ab19db4698b7c502b which first appeared in HAProxy 1.5. This patch should be backported to 1.5+, taking into account the various buffer / chunk changes and the movement across different files.
2020-06-26 09:44:48 -04:00
struct buffer *temp = get_trash_chunk();
BUG/MINOR: http_fetch: make hdr_ip() reject trailing characters The hdr_ip() sample fetch function will try to extract IP addresses from a header field. These IP addresses are parsed using url2ipv4() and if it fails it will fall back to inet_pton(AF_INET6), otherwise will fail. There is a small problem there which is that if a field starts with an IP address and is immediately followed by some garbage, the IP address part is still returned. This is a problem with fields such as x-forwarded-for because it prevents detection of accidental corruption or bug along the chain. For example, the following string: x-forwarded-for: 1.2.3.4; 5.6.7.8 or this one: x-forwarded-for: 1.2.3.4O ( the last one being the letter 'O') would still return "1.2.3.4" despite the trailing characters. This is bad because it will silently cover broken code running on intermediary proxies and may even in some cases allow haproxy to pass improperly formatted headers after they were apparently validated, for example, if someone extracts the address from this field to place it into another one. This issue would only affect the IPv4 parser, because the IPv6 parser already uses inet_pton() which fails at the first invalid character and rejects trailing port numbers. In strict compliance with RFC7239, let's make sure that if there are any characters left in the string, the parsing fails and makes hdr_ip() return nothing. However, a special case has to be handled to support IPv4 addresses followed by a colon and a valid port number, because till now the parser used to implicitly accept them and it appears that this practice, though rare, does exist at least in Azure: https://docs.microsoft.com/en-us/azure/application-gateway/how-application-gateway-works This issue has always been there so the fix may be backported to all versions. It will need the following commit in order to work as expected: MINOR: tools: make url2ipv4 return the exact number of bytes parsed Many thanks to https://twitter.com/melardev and the BitMEX Security Team for their detailed report.
2021-03-25 09:12:29 -04:00
int ret, len;
int port;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
while ((ret = smp_fetch_hdr(args, smp, kw, private)) > 0) {
BUG/MEDIUM: fetch: Fix hdr_ip misparsing IPv4 addresses due to missing NUL The IPv4 code did not take into account that the header value might not contain the trailing NUL byte, possibly reading stray data after the header value, failing the parse and testing the IPv6 branch. That one adds the missing NUL, but fails to parse IPv4 addresses. Fix this issue by always adding the trailing NUL. The bug was reported on GitHub as issue #715. It's not entirely clear when this bug started appearing, possibly earlier versions of smp_fetch_hdr guaranteed the NUL termination. However the addition of the NUL in the IPv6 case was added together with IPv6 support, hinting that at that point in time the NUL was not guaranteed. The commit that added IPv6 support was 69fa99292e689e355080d83ab19db4698b7c502b which first appeared in HAProxy 1.5. This patch should be backported to 1.5+, taking into account the various buffer / chunk changes and the movement across different files.
2020-06-26 09:44:48 -04:00
if (smp->data.u.str.data < temp->size - 1) {
memcpy(temp->area, smp->data.u.str.area,
smp->data.u.str.data);
temp->area[smp->data.u.str.data] = '\0';
BUG/MINOR: http_fetch: make hdr_ip() reject trailing characters The hdr_ip() sample fetch function will try to extract IP addresses from a header field. These IP addresses are parsed using url2ipv4() and if it fails it will fall back to inet_pton(AF_INET6), otherwise will fail. There is a small problem there which is that if a field starts with an IP address and is immediately followed by some garbage, the IP address part is still returned. This is a problem with fields such as x-forwarded-for because it prevents detection of accidental corruption or bug along the chain. For example, the following string: x-forwarded-for: 1.2.3.4; 5.6.7.8 or this one: x-forwarded-for: 1.2.3.4O ( the last one being the letter 'O') would still return "1.2.3.4" despite the trailing characters. This is bad because it will silently cover broken code running on intermediary proxies and may even in some cases allow haproxy to pass improperly formatted headers after they were apparently validated, for example, if someone extracts the address from this field to place it into another one. This issue would only affect the IPv4 parser, because the IPv6 parser already uses inet_pton() which fails at the first invalid character and rejects trailing port numbers. In strict compliance with RFC7239, let's make sure that if there are any characters left in the string, the parsing fails and makes hdr_ip() return nothing. However, a special case has to be handled to support IPv4 addresses followed by a colon and a valid port number, because till now the parser used to implicitly accept them and it appears that this practice, though rare, does exist at least in Azure: https://docs.microsoft.com/en-us/azure/application-gateway/how-application-gateway-works This issue has always been there so the fix may be backported to all versions. It will need the following commit in order to work as expected: MINOR: tools: make url2ipv4 return the exact number of bytes parsed Many thanks to https://twitter.com/melardev and the BitMEX Security Team for their detailed report.
2021-03-25 09:12:29 -04:00
len = url2ipv4((char *) temp->area, &smp->data.u.ipv4);
BUG/MINOR: http_fetch: make hdr_ip() resistant to empty fields The fix in commit 7b0e00d94 ("BUG/MINOR: http_fetch: make hdr_ip() reject trailing characters") made hdr_ip() more sensitive to empty fields, for example if a trusted proxy incorrectly sends the header with an empty value, we could return 0.0.0.0 which is not correct. Let's make sure we only assign an IPv4 type here when a non-empty address was found. This should be backported to all branches where the fix above was backported.
2021-03-31 05:41:36 -04:00
if (len > 0 && len == smp->data.u.str.data) {
BUG/MINOR: http_fetch: make hdr_ip() reject trailing characters The hdr_ip() sample fetch function will try to extract IP addresses from a header field. These IP addresses are parsed using url2ipv4() and if it fails it will fall back to inet_pton(AF_INET6), otherwise will fail. There is a small problem there which is that if a field starts with an IP address and is immediately followed by some garbage, the IP address part is still returned. This is a problem with fields such as x-forwarded-for because it prevents detection of accidental corruption or bug along the chain. For example, the following string: x-forwarded-for: 1.2.3.4; 5.6.7.8 or this one: x-forwarded-for: 1.2.3.4O ( the last one being the letter 'O') would still return "1.2.3.4" despite the trailing characters. This is bad because it will silently cover broken code running on intermediary proxies and may even in some cases allow haproxy to pass improperly formatted headers after they were apparently validated, for example, if someone extracts the address from this field to place it into another one. This issue would only affect the IPv4 parser, because the IPv6 parser already uses inet_pton() which fails at the first invalid character and rejects trailing port numbers. In strict compliance with RFC7239, let's make sure that if there are any characters left in the string, the parsing fails and makes hdr_ip() return nothing. However, a special case has to be handled to support IPv4 addresses followed by a colon and a valid port number, because till now the parser used to implicitly accept them and it appears that this practice, though rare, does exist at least in Azure: https://docs.microsoft.com/en-us/azure/application-gateway/how-application-gateway-works This issue has always been there so the fix may be backported to all versions. It will need the following commit in order to work as expected: MINOR: tools: make url2ipv4 return the exact number of bytes parsed Many thanks to https://twitter.com/melardev and the BitMEX Security Team for their detailed report.
2021-03-25 09:12:29 -04:00
/* plain IPv4 address */
smp->data.type = SMP_T_IPV4;
break;
} else if (len > 0 && temp->area[len] == ':' &&
strl2irc(temp->area + len + 1, smp->data.u.str.data - len - 1, &port) == 0 &&
port >= 0 && port <= 65535) {
/* IPv4 address suffixed with ':' followed by a valid port number */
BUG/MEDIUM: fetch: Fix hdr_ip misparsing IPv4 addresses due to missing NUL The IPv4 code did not take into account that the header value might not contain the trailing NUL byte, possibly reading stray data after the header value, failing the parse and testing the IPv6 branch. That one adds the missing NUL, but fails to parse IPv4 addresses. Fix this issue by always adding the trailing NUL. The bug was reported on GitHub as issue #715. It's not entirely clear when this bug started appearing, possibly earlier versions of smp_fetch_hdr guaranteed the NUL termination. However the addition of the NUL in the IPv6 case was added together with IPv6 support, hinting that at that point in time the NUL was not guaranteed. The commit that added IPv6 support was 69fa99292e689e355080d83ab19db4698b7c502b which first appeared in HAProxy 1.5. This patch should be backported to 1.5+, taking into account the various buffer / chunk changes and the movement across different files.
2020-06-26 09:44:48 -04:00
smp->data.type = SMP_T_IPV4;
break;
BUG/MINOR: http-fetch: recognize IPv6 addresses in square brackets in req.hdr_ip() If an IPv6 address is enclosed in square brackets [], trim them before calling inet_pton(). This is to comply with RFC7239 6.1 and RFC3986 3.2.2.
2023-02-24 15:39:56 -05:00
} else if (temp->area[0] == '[' && temp->area[smp->data.u.str.data-1] == ']') {
/* IPv6 address enclosed in square brackets */
temp->area[smp->data.u.str.data-1] = '\0';
if (inet_pton(AF_INET6, temp->area+1, &smp->data.u.ipv6)) {
smp->data.type = SMP_T_IPV6;
break;
}
BUG/MEDIUM: fetch: Fix hdr_ip misparsing IPv4 addresses due to missing NUL The IPv4 code did not take into account that the header value might not contain the trailing NUL byte, possibly reading stray data after the header value, failing the parse and testing the IPv6 branch. That one adds the missing NUL, but fails to parse IPv4 addresses. Fix this issue by always adding the trailing NUL. The bug was reported on GitHub as issue #715. It's not entirely clear when this bug started appearing, possibly earlier versions of smp_fetch_hdr guaranteed the NUL termination. However the addition of the NUL in the IPv6 case was added together with IPv6 support, hinting that at that point in time the NUL was not guaranteed. The commit that added IPv6 support was 69fa99292e689e355080d83ab19db4698b7c502b which first appeared in HAProxy 1.5. This patch should be backported to 1.5+, taking into account the various buffer / chunk changes and the movement across different files.
2020-06-26 09:44:48 -04:00
} else if (inet_pton(AF_INET6, temp->area, &smp->data.u.ipv6)) {
BUG/MINOR: http-fetch: recognize IPv6 addresses in square brackets in req.hdr_ip() If an IPv6 address is enclosed in square brackets [], trim them before calling inet_pton(). This is to comply with RFC7239 6.1 and RFC3986 3.2.2.
2023-02-24 15:39:56 -05:00
/* plain IPv6 address */
BUG/MEDIUM: fetch: Fix hdr_ip misparsing IPv4 addresses due to missing NUL The IPv4 code did not take into account that the header value might not contain the trailing NUL byte, possibly reading stray data after the header value, failing the parse and testing the IPv6 branch. That one adds the missing NUL, but fails to parse IPv4 addresses. Fix this issue by always adding the trailing NUL. The bug was reported on GitHub as issue #715. It's not entirely clear when this bug started appearing, possibly earlier versions of smp_fetch_hdr guaranteed the NUL termination. However the addition of the NUL in the IPv6 case was added together with IPv6 support, hinting that at that point in time the NUL was not guaranteed. The commit that added IPv6 support was 69fa99292e689e355080d83ab19db4698b7c502b which first appeared in HAProxy 1.5. This patch should be backported to 1.5+, taking into account the various buffer / chunk changes and the movement across different files.
2020-06-26 09:44:48 -04:00
smp->data.type = SMP_T_IPV6;
break;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
}
/* if the header doesn't match an IP address, fetch next one */
if (!(smp->flags & SMP_F_NOT_LAST))
return 0;
}
return ret;
}
MINOR: http-fetch: Add pathq sample fetch The pathq sample fetch extract the relative URI of a request, i.e the path with the query-string, excluding the scheme and the authority, if any. It is pretty handy to always get a relative URI independently on the HTTP version. Indeed, while relative URIs are common in HTTP/1.1, in HTTP/2, most of time clients use absolute URIs. This patch may be backported to 2.2.
2020-09-02 11:25:18 -04:00
/* 8. Check on URI PATH. A pointer to the PATH is stored. The path starts at the
* first '/' after the possible hostname. It ends before the possible '?' except
* for 'pathq' keyword.
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
*/
static int smp_fetch_path(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_REQ_CHN(smp);
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct htx_sl *sl;
struct ist path;
MINOR: http: use http uri parser for path Replace http_get_path by the http_uri_parser API. The new functions is renamed http_parse_path. Replace duplicated code for scheme and authority parsing by invocations to http_parse_scheme/authority. If no scheme is found for an URI detected as an absolute-uri/authority, consider it to be an authority format : no path will be found. For an absolute-uri or absolute-path, use the remaining of the string as the path. A new http_uri_parser state is declared to mark the path parsing as done.
2021-07-06 05:40:12 -04:00
struct http_uri_parser parser;
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
sl = http_get_stline(htx);
MINOR: http: use http uri parser for path Replace http_get_path by the http_uri_parser API. The new functions is renamed http_parse_path. Replace duplicated code for scheme and authority parsing by invocations to http_parse_scheme/authority. If no scheme is found for an URI detected as an absolute-uri/authority, consider it to be an authority format : no path will be found. For an absolute-uri or absolute-path, use the remaining of the string as the path. A new http_uri_parser state is declared to mark the path parsing as done.
2021-07-06 05:40:12 -04:00
parser = http_uri_parser_init(htx_sl_req_uri(sl));
MINOR: http-fetch: Add pathq sample fetch The pathq sample fetch extract the relative URI of a request, i.e the path with the query-string, excluding the scheme and the authority, if any. It is pretty handy to always get a relative URI independently on the HTTP version. Indeed, while relative URIs are common in HTTP/1.1, in HTTP/2, most of time clients use absolute URIs. This patch may be backported to 2.2.
2020-09-02 11:25:18 -04:00
MINOR: http: add baseq sample fetch Symetrical to path/pathq, baseq returns the concatenation of the Host header and the path including the query string.
2021-02-11 05:01:28 -05:00
if (kw[4] == 'q' && (kw[0] == 'p' || kw[0] == 'b')) // pathq or baseq
MINOR: http: use http uri parser for path Replace http_get_path by the http_uri_parser API. The new functions is renamed http_parse_path. Replace duplicated code for scheme and authority parsing by invocations to http_parse_scheme/authority. If no scheme is found for an URI detected as an absolute-uri/authority, consider it to be an authority format : no path will be found. For an absolute-uri or absolute-path, use the remaining of the string as the path. A new http_uri_parser state is declared to mark the path parsing as done.
2021-07-06 05:40:12 -04:00
path = http_parse_path(&parser);
MINOR: http-fetch: Add pathq sample fetch The pathq sample fetch extract the relative URI of a request, i.e the path with the query-string, excluding the scheme and the authority, if any. It is pretty handy to always get a relative URI independently on the HTTP version. Indeed, while relative URIs are common in HTTP/1.1, in HTTP/2, most of time clients use absolute URIs. This patch may be backported to 2.2.
2020-09-02 11:25:18 -04:00
else
MINOR: http: use http uri parser for path Replace http_get_path by the http_uri_parser API. The new functions is renamed http_parse_path. Replace duplicated code for scheme and authority parsing by invocations to http_parse_scheme/authority. If no scheme is found for an URI detected as an absolute-uri/authority, consider it to be an authority format : no path will be found. For an absolute-uri or absolute-path, use the remaining of the string as the path. A new http_uri_parser state is declared to mark the path parsing as done.
2021-07-06 05:40:12 -04:00
path = iststop(http_parse_path(&parser), '?');
MINOR: http-fetch: Add pathq sample fetch The pathq sample fetch extract the relative URI of a request, i.e the path with the query-string, excluding the scheme and the authority, if any. It is pretty handy to always get a relative URI independently on the HTTP version. Indeed, while relative URIs are common in HTTP/1.1, in HTTP/2, most of time clients use absolute URIs. This patch may be backported to 2.2.
2020-09-02 11:25:18 -04:00
CLEANUP: Use `isttest()` and `istfree()` This adjusts a few locations to make use of `isttest()` and `istfree()`.
2020-03-05 11:56:33 -05:00
if (!isttest(path))
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
return 0;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
/* OK, we got the '/' ! */
smp->data.type = SMP_T_STR;
smp->data.u.str.area = path.ptr;
CLEANUP: sample: use iststop instead of a for loop In sample_fetch_path we can use iststop() instead of a for loop to find the '?' and return the correct length. This requires commit "MINOR: ist: add an iststop() function".
2020-02-21 04:49:12 -05:00
smp->data.u.str.data = path.len;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->flags = SMP_F_VOL_1ST | SMP_F_CONST;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 1;
}
/* This produces a concatenation of the first occurrence of the Host header
* followed by the path component if it begins with a slash ('/'). This means
* that '*' will not be added, resulting in exactly the first Host entry.
* If no Host header is found, then the path is returned as-is. The returned
* value is stored in the trash so it does not need to be marked constant.
* The returned sample is of type string.
*/
static int smp_fetch_base(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_REQ_CHN(smp);
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct htx_sl *sl;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
struct buffer *temp;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct http_hdr_ctx ctx;
struct ist path;
MINOR: http: use http uri parser for path Replace http_get_path by the http_uri_parser API. The new functions is renamed http_parse_path. Replace duplicated code for scheme and authority parsing by invocations to http_parse_scheme/authority. If no scheme is found for an URI detected as an absolute-uri/authority, consider it to be an authority format : no path will be found. For an absolute-uri or absolute-path, use the remaining of the string as the path. A new http_uri_parser state is declared to mark the path parsing as done.
2021-07-06 05:40:12 -04:00
struct http_uri_parser parser;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
ctx.blk = NULL;
if (!http_find_header(htx, ist("Host"), &ctx, 0) || !ctx.value.len)
return smp_fetch_path(args, smp, kw, private);
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
/* OK we have the header value in ctx.value */
temp = get_trash_chunk();
CLEANUP: Reapply ist.cocci with `--include-headers-for-types --recursive-includes` Previous uses of `ist.cocci` did not add `--include-headers-for-types` and `--recursive-includes` preventing Coccinelle seeing `struct ist` members of other structs. Reapply the patch with proper flags to further clean up the use of the ist API. The command used was: spatch -sp_file dev/coccinelle/ist.cocci -in_place --include-headers --include-headers-for-types --recursive-includes --dir src/
2022-03-15 08:11:06 -04:00
chunk_istcat(temp, ctx.value);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
/* now retrieve the path */
sl = http_get_stline(htx);
MINOR: http: use http uri parser for path Replace http_get_path by the http_uri_parser API. The new functions is renamed http_parse_path. Replace duplicated code for scheme and authority parsing by invocations to http_parse_scheme/authority. If no scheme is found for an URI detected as an absolute-uri/authority, consider it to be an authority format : no path will be found. For an absolute-uri or absolute-path, use the remaining of the string as the path. A new http_uri_parser state is declared to mark the path parsing as done.
2021-07-06 05:40:12 -04:00
parser = http_uri_parser_init(htx_sl_req_uri(sl));
path = http_parse_path(&parser);
CLEANUP: Use `isttest()` and `istfree()` This adjusts a few locations to make use of `isttest()` and `istfree()`.
2020-03-05 11:56:33 -05:00
if (isttest(path)) {
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
size_t len;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MINOR: http: add baseq sample fetch Symetrical to path/pathq, baseq returns the concatenation of the Host header and the path including the query string.
2021-02-11 05:01:28 -05:00
if (kw[4] == 'q' && kw[0] == 'b') { // baseq
len = path.len;
} else {
for (len = 0; len < path.len && *(path.ptr + len) != '?'; len++)
;
}
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (len && *(path.ptr) == '/')
chunk_memcat(temp, path.ptr, len);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->data.type = SMP_T_STR;
smp->data.u.str = *temp;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
smp->flags = SMP_F_VOL_1ST;
return 1;
}
/* This produces a 32-bit hash of the concatenation of the first occurrence of
* the Host header followed by the path component if it begins with a slash ('/').
* This means that '*' will not be added, resulting in exactly the first Host
* entry. If no Host header is found, then the path is used. The resulting value
* is hashed using the path hash followed by a full avalanche hash and provides a
* 32-bit integer value. This fetch is useful for tracking per-path activity on
* high-traffic sites without having to store whole paths.
*/
static int smp_fetch_base32(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_REQ_CHN(smp);
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct htx_sl *sl;
struct http_hdr_ctx ctx;
struct ist path;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
unsigned int hash = 0;
MINOR: http: use http uri parser for path Replace http_get_path by the http_uri_parser API. The new functions is renamed http_parse_path. Replace duplicated code for scheme and authority parsing by invocations to http_parse_scheme/authority. If no scheme is found for an URI detected as an absolute-uri/authority, consider it to be an authority format : no path will be found. For an absolute-uri or absolute-path, use the remaining of the string as the path. A new http_uri_parser state is declared to mark the path parsing as done.
2021-07-06 05:40:12 -04:00
struct http_uri_parser parser;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
BUG/MEDIUM: http_fetch: fix the "base" and "base32" fetch methods in HTX mode The resulting value produced in functions smp_fetch_base() and smp_fetch_base32() was wrong when in HTX mode. This patch also adds the semicolon at the end of the for-loop line, used in function smp_fetch_path(), since it's actually with no body. This must be backported to 1.9.
2019-02-12 13:50:31 -05:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
ctx.blk = NULL;
if (http_find_header(htx, ist("Host"), &ctx, 0)) {
/* OK we have the header value in ctx.value */
while (ctx.value.len--)
hash = *(ctx.value.ptr++) + (hash << 6) + (hash << 16) - hash;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
/* now retrieve the path */
sl = http_get_stline(htx);
MINOR: http: use http uri parser for path Replace http_get_path by the http_uri_parser API. The new functions is renamed http_parse_path. Replace duplicated code for scheme and authority parsing by invocations to http_parse_scheme/authority. If no scheme is found for an URI detected as an absolute-uri/authority, consider it to be an authority format : no path will be found. For an absolute-uri or absolute-path, use the remaining of the string as the path. A new http_uri_parser state is declared to mark the path parsing as done.
2021-07-06 05:40:12 -04:00
parser = http_uri_parser_init(htx_sl_req_uri(sl));
path = http_parse_path(&parser);
CLEANUP: Use `isttest()` and `istfree()` This adjusts a few locations to make use of `isttest()` and `istfree()`.
2020-03-05 11:56:33 -05:00
if (isttest(path)) {
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
size_t len;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
for (len = 0; len < path.len && *(path.ptr + len) != '?'; len++)
;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (len && *(path.ptr) == '/') {
while (len--)
hash = *(path.ptr++) + (hash << 6) + (hash << 16) - hash;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
}
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
hash = full_hash(hash);
smp->data.type = SMP_T_SINT;
smp->data.u.sint = hash;
smp->flags = SMP_F_VOL_1ST;
return 1;
}
/* This concatenates the source address with the 32-bit hash of the Host and
* path as returned by smp_fetch_base32(). The idea is to have per-source and
* per-path counters. The result is a binary block from 8 to 20 bytes depending
* on the source address length. The path hash is stored before the address so
* that in environments where IPv6 is insignificant, truncating the output to
* 8 bytes would still work.
*/
static int smp_fetch_base32_src(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
CLEANUP: stconn: rename cs{,_get}_{src,dst} to sc_* The following functions were renamed: cs_src() -> sc_src() cs_dst() -> sc_dst() cs_get_src() -> sc_get_src() cs_get_dst() -> sc_get_dst()
2022-05-27 02:57:21 -04:00
const struct sockaddr_storage *src = (smp->strm ? sc_src(smp->strm->scf) : NULL);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
struct buffer *temp;
MINOR: http-fetch: Rely on addresses at stream level in HTTP sample fetches Client source and destination addresses at stream level are now used to compute base32+src and url32+src hashes. For now, stream-interface addresses are never set. So, thanks to the fallback mechanism, no changes are expected with this patch. But its purpose is to rely on addresses at the stream level, when set, instead of those at the connection level.
2021-10-25 01:48:27 -04:00
if (!src)
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 0;
if (!smp_fetch_base32(args, smp, kw, private))
return 0;
temp = get_trash_chunk();
*(unsigned int *) temp->area = htonl(smp->data.u.sint);
temp->data += sizeof(unsigned int);
MINOR: http-fetch: Rely on addresses at stream level in HTTP sample fetches Client source and destination addresses at stream level are now used to compute base32+src and url32+src hashes. For now, stream-interface addresses are never set. So, thanks to the fallback mechanism, no changes are expected with this patch. But its purpose is to rely on addresses at the stream level, when set, instead of those at the connection level.
2021-10-25 01:48:27 -04:00
switch (src->ss_family) {
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
case AF_INET:
memcpy(temp->area + temp->data,
MINOR: http-fetch: Rely on addresses at stream level in HTTP sample fetches Client source and destination addresses at stream level are now used to compute base32+src and url32+src hashes. For now, stream-interface addresses are never set. So, thanks to the fallback mechanism, no changes are expected with this patch. But its purpose is to rely on addresses at the stream level, when set, instead of those at the connection level.
2021-10-25 01:48:27 -04:00
&((struct sockaddr_in *)src)->sin_addr,
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
4);
temp->data += 4;
break;
case AF_INET6:
memcpy(temp->area + temp->data,
MINOR: http-fetch: Rely on addresses at stream level in HTTP sample fetches Client source and destination addresses at stream level are now used to compute base32+src and url32+src hashes. For now, stream-interface addresses are never set. So, thanks to the fallback mechanism, no changes are expected with this patch. But its purpose is to rely on addresses at the stream level, when set, instead of those at the connection level.
2021-10-25 01:48:27 -04:00
&((struct sockaddr_in6 *)src)->sin6_addr,
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
16);
temp->data += 16;
break;
default:
return 0;
}
smp->data.u.str = *temp;
smp->data.type = SMP_T_BIN;
return 1;
}
/* Extracts the query string, which comes after the question mark '?'. If no
* question mark is found, nothing is returned. Otherwise it returns a sample
* of type string carrying the whole query string.
*/
static int smp_fetch_query(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_REQ_CHN(smp);
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct htx_sl *sl;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
char *ptr, *end;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
sl = http_get_stline(htx);
ptr = HTX_SL_REQ_UPTR(sl);
end = HTX_SL_REQ_UPTR(sl) + HTX_SL_REQ_ULEN(sl);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
/* look up the '?' */
do {
if (ptr == end)
return 0;
} while (*ptr++ != '?');
smp->data.type = SMP_T_STR;
smp->data.u.str.area = ptr;
smp->data.u.str.data = end - ptr;
smp->flags = SMP_F_VOL_1ST | SMP_F_CONST;
return 1;
}
static int smp_fetch_proto_http(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_REQ_CHN(smp);
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 0);
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
smp->data.type = SMP_T_BOOL;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
smp->data.u.sint = 1;
return 1;
}
/* return a valid test if the current request is the first one on the connection */
static int smp_fetch_http_first_req(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MEDIUM: http: the "http_first_req" sample fetch could crash without a steeam Since commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string") it has become quite obvious that a few sample fetch functions and converters were still heavily dependent on the presence of a stream without testing for it. The http_first_req sample fetch function, if called without a stream, will result in a crash. This fix adds a check for the stream's existence, and should be backported to all stable versions up to 1.6.
2020-04-29 05:52:13 -04:00
if (!smp->strm)
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
smp->data.type = SMP_T_BOOL;
smp->data.u.sint = !(smp->strm->txn->flags & TX_NOT_FIRST);
return 1;
}
MINOR: http_fetch: Add sample fetches to get auth method/user/pass Now, following sample fetches may be used to get information about authentication: * http_auth_type : returns the auth method as supplied in Authorization header * http_auth_user : returns the auth user as supplied in Authorization header * http_auth_pass : returns the auth pass as supplied in Authorization header Only Basic authentication is supported.
2019-08-02 05:51:37 -04:00
/* Fetch the authentication method if there is an Authorization header. It
* relies on get_http_auth()
*/
static int smp_fetch_http_auth_type(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
struct channel *chn = SMP_REQ_CHN(smp);
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
MINOR: http_fetch: Add sample fetches to get auth method/user/pass Now, following sample fetches may be used to get information about authentication: * http_auth_type : returns the auth method as supplied in Authorization header * http_auth_user : returns the auth user as supplied in Authorization header * http_auth_pass : returns the auth pass as supplied in Authorization header Only Basic authentication is supported.
2019-08-02 05:51:37 -04:00
struct http_txn *txn;
if (!htx)
return 0;
txn = smp->strm->txn;
if (!get_http_auth(smp, htx))
return 0;
switch (txn->auth.method) {
case HTTP_AUTH_BASIC:
smp->data.u.str.area = "Basic";
smp->data.u.str.data = 5;
break;
case HTTP_AUTH_DIGEST:
/* Unexpected because not supported */
smp->data.u.str.area = "Digest";
smp->data.u.str.data = 6;
break;
MINOR: http: Add http_auth_bearer sample fetch This fetch can be used to retrieve the data contained in an HTTP Authorization header when the Bearer scheme is used. This is used when transmitting JSON Web Tokens for instance.
2021-10-01 09:36:53 -04:00
case HTTP_AUTH_BEARER:
smp->data.u.str.area = "Bearer";
smp->data.u.str.data = 6;
break;
MINOR: http_fetch: Add sample fetches to get auth method/user/pass Now, following sample fetches may be used to get information about authentication: * http_auth_type : returns the auth method as supplied in Authorization header * http_auth_user : returns the auth user as supplied in Authorization header * http_auth_pass : returns the auth pass as supplied in Authorization header Only Basic authentication is supported.
2019-08-02 05:51:37 -04:00
default:
return 0;
}
smp->data.type = SMP_T_STR;
smp->flags = SMP_F_CONST;
return 1;
}
/* Fetch the user supplied if there is an Authorization header. It relies on
* get_http_auth()
*/
static int smp_fetch_http_auth_user(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
struct channel *chn = SMP_REQ_CHN(smp);
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
MINOR: http_fetch: Add sample fetches to get auth method/user/pass Now, following sample fetches may be used to get information about authentication: * http_auth_type : returns the auth method as supplied in Authorization header * http_auth_user : returns the auth user as supplied in Authorization header * http_auth_pass : returns the auth pass as supplied in Authorization header Only Basic authentication is supported.
2019-08-02 05:51:37 -04:00
struct http_txn *txn;
if (!htx)
return 0;
txn = smp->strm->txn;
MINOR: http: Add http_auth_bearer sample fetch This fetch can be used to retrieve the data contained in an HTTP Authorization header when the Bearer scheme is used. This is used when transmitting JSON Web Tokens for instance.
2021-10-01 09:36:53 -04:00
if (!get_http_auth(smp, htx) || txn->auth.method != HTTP_AUTH_BASIC)
MINOR: http_fetch: Add sample fetches to get auth method/user/pass Now, following sample fetches may be used to get information about authentication: * http_auth_type : returns the auth method as supplied in Authorization header * http_auth_user : returns the auth user as supplied in Authorization header * http_auth_pass : returns the auth pass as supplied in Authorization header Only Basic authentication is supported.
2019-08-02 05:51:37 -04:00
return 0;
smp->data.type = SMP_T_STR;
smp->data.u.str.area = txn->auth.user;
smp->data.u.str.data = strlen(txn->auth.user);
smp->flags = SMP_F_CONST;
return 1;
}
/* Fetch the password supplied if there is an Authorization header. It relies on
* get_http_auth()
*/
static int smp_fetch_http_auth_pass(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
struct channel *chn = SMP_REQ_CHN(smp);
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
MINOR: http_fetch: Add sample fetches to get auth method/user/pass Now, following sample fetches may be used to get information about authentication: * http_auth_type : returns the auth method as supplied in Authorization header * http_auth_user : returns the auth user as supplied in Authorization header * http_auth_pass : returns the auth pass as supplied in Authorization header Only Basic authentication is supported.
2019-08-02 05:51:37 -04:00
struct http_txn *txn;
if (!htx)
return 0;
txn = smp->strm->txn;
MINOR: http: Add http_auth_bearer sample fetch This fetch can be used to retrieve the data contained in an HTTP Authorization header when the Bearer scheme is used. This is used when transmitting JSON Web Tokens for instance.
2021-10-01 09:36:53 -04:00
if (!get_http_auth(smp, htx) || txn->auth.method != HTTP_AUTH_BASIC)
MINOR: http_fetch: Add sample fetches to get auth method/user/pass Now, following sample fetches may be used to get information about authentication: * http_auth_type : returns the auth method as supplied in Authorization header * http_auth_user : returns the auth user as supplied in Authorization header * http_auth_pass : returns the auth pass as supplied in Authorization header Only Basic authentication is supported.
2019-08-02 05:51:37 -04:00
return 0;
smp->data.type = SMP_T_STR;
smp->data.u.str.area = txn->auth.pass;
smp->data.u.str.data = strlen(txn->auth.pass);
smp->flags = SMP_F_CONST;
return 1;
}
MINOR: http: Add http_auth_bearer sample fetch This fetch can be used to retrieve the data contained in an HTTP Authorization header when the Bearer scheme is used. This is used when transmitting JSON Web Tokens for instance.
2021-10-01 09:36:53 -04:00
static int smp_fetch_http_auth_bearer(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
struct channel *chn = SMP_REQ_CHN(smp);
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
struct http_txn *txn;
struct buffer bearer_val = {};
if (!htx)
return 0;
if (args->type == ARGT_STR) {
struct http_hdr_ctx ctx;
struct ist hdr_name = ist2(args->data.str.area, args->data.str.data);
ctx.blk = NULL;
if (http_find_header(htx, hdr_name, &ctx, 0)) {
BUG/MINOR: http: http_auth_bearer fetch does not work on custom header name The http_auth_bearer sample fetch can take a header name as parameter, in which case it will try to extract a Bearer value out of the given header name instead of the default "Authorization" one. In this case, the extraction would not have worked because of a misuse of strncasecmp. This patch fixes this by replacing the standard string functions by ist ones. It also properly manages the multiple spaces that could be found between the scheme and its value. No backport needed, that's part of JWT which is only in 2.5. Co-authored-by: Tim Duesterhus <tim@bastelstu.be>
2021-10-29 09:25:19 -04:00
struct ist type = istsplit(&ctx.value, ' ');
/* There must be "at least" one space character between
* the scheme and the following value so ctx.value might
* still have leading spaces here (see RFC7235).
*/
ctx.value = istskip(ctx.value, ' ');
if (isteqi(type, ist("Bearer")) && istlen(ctx.value))
chunk_initlen(&bearer_val, istptr(ctx.value), 0, istlen(ctx.value));
MINOR: http: Add http_auth_bearer sample fetch This fetch can be used to retrieve the data contained in an HTTP Authorization header when the Bearer scheme is used. This is used when transmitting JSON Web Tokens for instance.
2021-10-01 09:36:53 -04:00
}
}
else {
txn = smp->strm->txn;
if (!get_http_auth(smp, htx) || txn->auth.method != HTTP_AUTH_BEARER)
return 0;
bearer_val = txn->auth.method_data;
}
smp->data.type = SMP_T_STR;
smp->data.u.str = bearer_val;
smp->flags = SMP_F_CONST;
return 1;
}
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
/* Accepts exactly 1 argument of type userlist */
static int smp_fetch_http_auth(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_REQ_CHN(smp);
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MINOR: http-fetch: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it. There is also plenty of checks on arguments types while it is already validated during the configuration parsing. But one thing at a time. This patch should fix the issue #1087.
2021-01-29 05:22:15 -05:00
if (args->type != ARGT_USR)
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 0;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
MINOR: http: Add http_auth_bearer sample fetch This fetch can be used to retrieve the data contained in an HTTP Authorization header when the Bearer scheme is used. This is used when transmitting JSON Web Tokens for instance.
2021-10-01 09:36:53 -04:00
if (!get_http_auth(smp, htx) || smp->strm->txn->auth.method != HTTP_AUTH_BASIC)
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
smp->data.type = SMP_T_BOOL;
smp->data.u.sint = check_user(args->data.usr, smp->strm->txn->auth.user,
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
smp->strm->txn->auth.pass);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 1;
}
/* Accepts exactly 1 argument of type userlist */
static int smp_fetch_http_auth_grp(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_REQ_CHN(smp);
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
MINOR: http-fetch: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it. There is also plenty of checks on arguments types while it is already validated during the configuration parsing. But one thing at a time. This patch should fix the issue #1087.
2021-01-29 05:22:15 -05:00
if (args->type != ARGT_USR)
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 0;
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
MINOR: http: Add http_auth_bearer sample fetch This fetch can be used to retrieve the data contained in an HTTP Authorization header when the Bearer scheme is used. This is used when transmitting JSON Web Tokens for instance.
2021-10-01 09:36:53 -04:00
if (!get_http_auth(smp, htx) || smp->strm->txn->auth.method != HTTP_AUTH_BASIC)
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
/* if the user does not belong to the userlist or has a wrong password,
* report that it unconditionally does not match. Otherwise we return
* a string containing the username.
*/
if (!check_user(args->data.usr, smp->strm->txn->auth.user,
smp->strm->txn->auth.pass))
return 0;
/* pat_match_auth() will need the user list */
smp->ctx.a[0] = args->data.usr;
smp->data.type = SMP_T_STR;
smp->flags = SMP_F_CONST;
smp->data.u.str.area = smp->strm->txn->auth.user;
smp->data.u.str.data = strlen(smp->strm->txn->auth.user);
return 1;
}
/* Fetch a captured HTTP request header. The index is the position of
* the "capture" option in the configuration file
*/
static int smp_fetch_capture_req_hdr(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream Since commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string") it has become quite obvious that a few sample fetch functions and converters were still heavily dependent on the presence of a stream without testing for it. The capture.req.hdr, capture.res.hdr, capture.req.method, capture.req.uri, capture.req.ver and capture.res.ver sample fetches used to assume the presence of a stream, which is not necessarily the case (especially after the commit above) and would crash haproxy if incorrectly used. Let's make sure they check for this stream. This fix adds a check for the stream's existence, and should be backported to all stable versions up to 1.6.
2020-04-29 05:44:54 -04:00
struct proxy *fe;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
int idx;
MINOR: http-fetch: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it. There is also plenty of checks on arguments types while it is already validated during the configuration parsing. But one thing at a time. This patch should fix the issue #1087.
2021-01-29 05:22:15 -05:00
if (args->type != ARGT_SINT)
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 0;
BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream Since commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string") it has become quite obvious that a few sample fetch functions and converters were still heavily dependent on the presence of a stream without testing for it. The capture.req.hdr, capture.res.hdr, capture.req.method, capture.req.uri, capture.req.ver and capture.res.ver sample fetches used to assume the presence of a stream, which is not necessarily the case (especially after the commit above) and would crash haproxy if incorrectly used. Let's make sure they check for this stream. This fix adds a check for the stream's existence, and should be backported to all stable versions up to 1.6.
2020-04-29 05:44:54 -04:00
if (!smp->strm)
return 0;
fe = strm_fe(smp->strm);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
idx = args->data.sint;
if (idx > (fe->nb_req_cap - 1) || smp->strm->req_cap == NULL || smp->strm->req_cap[idx] == NULL)
return 0;
smp->data.type = SMP_T_STR;
smp->flags |= SMP_F_CONST;
smp->data.u.str.area = smp->strm->req_cap[idx];
smp->data.u.str.data = strlen(smp->strm->req_cap[idx]);
return 1;
}
/* Fetch a captured HTTP response header. The index is the position of
* the "capture" option in the configuration file
*/
static int smp_fetch_capture_res_hdr(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream Since commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string") it has become quite obvious that a few sample fetch functions and converters were still heavily dependent on the presence of a stream without testing for it. The capture.req.hdr, capture.res.hdr, capture.req.method, capture.req.uri, capture.req.ver and capture.res.ver sample fetches used to assume the presence of a stream, which is not necessarily the case (especially after the commit above) and would crash haproxy if incorrectly used. Let's make sure they check for this stream. This fix adds a check for the stream's existence, and should be backported to all stable versions up to 1.6.
2020-04-29 05:44:54 -04:00
struct proxy *fe;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
int idx;
MINOR: http-fetch: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it. There is also plenty of checks on arguments types while it is already validated during the configuration parsing. But one thing at a time. This patch should fix the issue #1087.
2021-01-29 05:22:15 -05:00
if (args->type != ARGT_SINT)
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 0;
BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream Since commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string") it has become quite obvious that a few sample fetch functions and converters were still heavily dependent on the presence of a stream without testing for it. The capture.req.hdr, capture.res.hdr, capture.req.method, capture.req.uri, capture.req.ver and capture.res.ver sample fetches used to assume the presence of a stream, which is not necessarily the case (especially after the commit above) and would crash haproxy if incorrectly used. Let's make sure they check for this stream. This fix adds a check for the stream's existence, and should be backported to all stable versions up to 1.6.
2020-04-29 05:44:54 -04:00
if (!smp->strm)
return 0;
fe = strm_fe(smp->strm);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
idx = args->data.sint;
if (idx > (fe->nb_rsp_cap - 1) || smp->strm->res_cap == NULL || smp->strm->res_cap[idx] == NULL)
return 0;
smp->data.type = SMP_T_STR;
smp->flags |= SMP_F_CONST;
smp->data.u.str.area = smp->strm->res_cap[idx];
smp->data.u.str.data = strlen(smp->strm->res_cap[idx]);
return 1;
}
/* Extracts the METHOD in the HTTP request, the txn->uri should be filled before the call */
static int smp_fetch_capture_req_method(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
struct buffer *temp;
BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream Since commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string") it has become quite obvious that a few sample fetch functions and converters were still heavily dependent on the presence of a stream without testing for it. The capture.req.hdr, capture.res.hdr, capture.req.method, capture.req.uri, capture.req.ver and capture.res.ver sample fetches used to assume the presence of a stream, which is not necessarily the case (especially after the commit above) and would crash haproxy if incorrectly used. Let's make sure they check for this stream. This fix adds a check for the stream's existence, and should be backported to all stable versions up to 1.6.
2020-04-29 05:44:54 -04:00
struct http_txn *txn;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
char *ptr;
BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream Since commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string") it has become quite obvious that a few sample fetch functions and converters were still heavily dependent on the presence of a stream without testing for it. The capture.req.hdr, capture.res.hdr, capture.req.method, capture.req.uri, capture.req.ver and capture.res.ver sample fetches used to assume the presence of a stream, which is not necessarily the case (especially after the commit above) and would crash haproxy if incorrectly used. Let's make sure they check for this stream. This fix adds a check for the stream's existence, and should be backported to all stable versions up to 1.6.
2020-04-29 05:44:54 -04:00
if (!smp->strm)
return 0;
txn = smp->strm->txn;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
if (!txn || !txn->uri)
return 0;
ptr = txn->uri;
while (*ptr != ' ' && *ptr != '\0') /* find first space */
ptr++;
temp = get_trash_chunk();
temp->area = txn->uri;
temp->data = ptr - txn->uri;
smp->data.u.str = *temp;
smp->data.type = SMP_T_STR;
smp->flags = SMP_F_CONST;
return 1;
}
/* Extracts the path in the HTTP request, the txn->uri should be filled before the call */
static int smp_fetch_capture_req_uri(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream Since commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string") it has become quite obvious that a few sample fetch functions and converters were still heavily dependent on the presence of a stream without testing for it. The capture.req.hdr, capture.res.hdr, capture.req.method, capture.req.uri, capture.req.ver and capture.res.ver sample fetches used to assume the presence of a stream, which is not necessarily the case (especially after the commit above) and would crash haproxy if incorrectly used. Let's make sure they check for this stream. This fix adds a check for the stream's existence, and should be backported to all stable versions up to 1.6.
2020-04-29 05:44:54 -04:00
struct http_txn *txn;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
struct ist path;
const char *ptr;
MINOR: http: use http uri parser for path Replace http_get_path by the http_uri_parser API. The new functions is renamed http_parse_path. Replace duplicated code for scheme and authority parsing by invocations to http_parse_scheme/authority. If no scheme is found for an URI detected as an absolute-uri/authority, consider it to be an authority format : no path will be found. For an absolute-uri or absolute-path, use the remaining of the string as the path. A new http_uri_parser state is declared to mark the path parsing as done.
2021-07-06 05:40:12 -04:00
struct http_uri_parser parser;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream Since commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string") it has become quite obvious that a few sample fetch functions and converters were still heavily dependent on the presence of a stream without testing for it. The capture.req.hdr, capture.res.hdr, capture.req.method, capture.req.uri, capture.req.ver and capture.res.ver sample fetches used to assume the presence of a stream, which is not necessarily the case (especially after the commit above) and would crash haproxy if incorrectly used. Let's make sure they check for this stream. This fix adds a check for the stream's existence, and should be backported to all stable versions up to 1.6.
2020-04-29 05:44:54 -04:00
if (!smp->strm)
return 0;
txn = smp->strm->txn;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
if (!txn || !txn->uri)
return 0;
ptr = txn->uri;
while (*ptr != ' ' && *ptr != '\0') /* find first space */
ptr++;
if (!*ptr)
return 0;
BUG/MINOR: http_fetch: Remove the version part when capturing the request uri This patch fixes a bug introduced in the commit 6b952c810 ("REORG: http: move http_get_path() to http.c"). In the reorg, the code responsible to skip the version to only extract the path in the HTTP request was dropped. No backport is needed, this only affects 1.9.
2018-11-15 08:35:18 -05:00
/* skip the first space and find space after URI */
path = ist2(++ptr, 0);
while (*ptr != ' ' && *ptr != '\0')
ptr++;
path.len = ptr - path.ptr;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MINOR: http: use http uri parser for path Replace http_get_path by the http_uri_parser API. The new functions is renamed http_parse_path. Replace duplicated code for scheme and authority parsing by invocations to http_parse_scheme/authority. If no scheme is found for an URI detected as an absolute-uri/authority, consider it to be an authority format : no path will be found. For an absolute-uri or absolute-path, use the remaining of the string as the path. A new http_uri_parser state is declared to mark the path parsing as done.
2021-07-06 05:40:12 -04:00
parser = http_uri_parser_init(path);
path = http_parse_path(&parser);
CLEANUP: Use `isttest()` and `istfree()` This adjusts a few locations to make use of `isttest()` and `istfree()`.
2020-03-05 11:56:33 -05:00
if (!isttest(path))
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 0;
smp->data.u.str.area = path.ptr;
smp->data.u.str.data = path.len;
smp->data.type = SMP_T_STR;
smp->flags = SMP_F_CONST;
return 1;
}
/* Retrieves the HTTP version from the request (either 1.0 or 1.1) and emits it
* as a string (either "HTTP/1.0" or "HTTP/1.1").
*/
static int smp_fetch_capture_req_ver(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream Since commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string") it has become quite obvious that a few sample fetch functions and converters were still heavily dependent on the presence of a stream without testing for it. The capture.req.hdr, capture.res.hdr, capture.req.method, capture.req.uri, capture.req.ver and capture.res.ver sample fetches used to assume the presence of a stream, which is not necessarily the case (especially after the commit above) and would crash haproxy if incorrectly used. Let's make sure they check for this stream. This fix adds a check for the stream's existence, and should be backported to all stable versions up to 1.6.
2020-04-29 05:44:54 -04:00
struct http_txn *txn;
if (!smp->strm)
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream Since commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string") it has become quite obvious that a few sample fetch functions and converters were still heavily dependent on the presence of a stream without testing for it. The capture.req.hdr, capture.res.hdr, capture.req.method, capture.req.uri, capture.req.ver and capture.res.ver sample fetches used to assume the presence of a stream, which is not necessarily the case (especially after the commit above) and would crash haproxy if incorrectly used. Let's make sure they check for this stream. This fix adds a check for the stream's existence, and should be backported to all stable versions up to 1.6.
2020-04-29 05:44:54 -04:00
txn = smp->strm->txn;
BUG/MINOR: http-fetch: Fix test on message state to capture the version A bug was introduced when the legacy HTTP mode was removed. To capture the HTTP version of the request or the response, we rely on the message state to be sure the status line was received. However, the test is inverted. The version can be captured if message headers were received, not the opposite. This patch must be backported as far as 2.2.
2021-04-01 10:00:29 -04:00
if (!txn || txn->req.msg_state < HTTP_MSG_BODY)
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 0;
if (txn->req.flags & HTTP_MSGF_VER_11)
smp->data.u.str.area = "HTTP/1.1";
else
smp->data.u.str.area = "HTTP/1.0";
smp->data.u.str.data = 8;
smp->data.type = SMP_T_STR;
smp->flags = SMP_F_CONST;
return 1;
}
/* Retrieves the HTTP version from the response (either 1.0 or 1.1) and emits it
* as a string (either "HTTP/1.0" or "HTTP/1.1").
*/
static int smp_fetch_capture_res_ver(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream Since commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string") it has become quite obvious that a few sample fetch functions and converters were still heavily dependent on the presence of a stream without testing for it. The capture.req.hdr, capture.res.hdr, capture.req.method, capture.req.uri, capture.req.ver and capture.res.ver sample fetches used to assume the presence of a stream, which is not necessarily the case (especially after the commit above) and would crash haproxy if incorrectly used. Let's make sure they check for this stream. This fix adds a check for the stream's existence, and should be backported to all stable versions up to 1.6.
2020-04-29 05:44:54 -04:00
struct http_txn *txn;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
BUG/MEDIUM: capture: capture.{req,res}.* crash without a stream Since commit 5f940703b3 ("MINOR: log: Don't depends on a stream to process samples in log-format string") it has become quite obvious that a few sample fetch functions and converters were still heavily dependent on the presence of a stream without testing for it. The capture.req.hdr, capture.res.hdr, capture.req.method, capture.req.uri, capture.req.ver and capture.res.ver sample fetches used to assume the presence of a stream, which is not necessarily the case (especially after the commit above) and would crash haproxy if incorrectly used. Let's make sure they check for this stream. This fix adds a check for the stream's existence, and should be backported to all stable versions up to 1.6.
2020-04-29 05:44:54 -04:00
if (!smp->strm)
return 0;
txn = smp->strm->txn;
BUG/MINOR: http-fetch: Fix test on message state to capture the version A bug was introduced when the legacy HTTP mode was removed. To capture the HTTP version of the request or the response, we rely on the message state to be sure the status line was received. However, the test is inverted. The version can be captured if message headers were received, not the opposite. This patch must be backported as far as 2.2.
2021-04-01 10:00:29 -04:00
if (!txn || txn->rsp.msg_state < HTTP_MSG_BODY)
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 0;
if (txn->rsp.flags & HTTP_MSGF_VER_11)
smp->data.u.str.area = "HTTP/1.1";
else
smp->data.u.str.area = "HTTP/1.0";
smp->data.u.str.data = 8;
smp->data.type = SMP_T_STR;
smp->flags = SMP_F_CONST;
return 1;
}
/* Iterate over all cookies present in a message. The context is stored in
* smp->ctx.a[0] for the in-header position, smp->ctx.a[1] for the
* end-of-header-value, and smp->ctx.a[2] for the hdr_ctx. Depending on
* the direction, multiple cookies may be parsed on the same line or not.
BUG/MINOR: http-fetch: Extract cookie value even when no cookie name HTTP sample fetches dealing with the cookies (req/res.cook, req/res.cook_val and req/res.cook_cnt) must be prepared to be called without cookie name. For the first two, the first cookie value is returned, regardless its name. For the last one, all cookies are counted. To do so, http_extract_cookie_value() may now be called with no cookie name (cookie_name_l set to 0). In this case, the matching on the cookie name is ignored and the first value found is returned. Note this patch also fixes matching on cookie values in ACLs. This should be backported in all stable versions.
2020-11-13 04:38:06 -05:00
* If provided, the searched cookie name is in args, in args->data.str. If
* the input options indicate that no iterating is desired, then only last
* value is fetched if any. If no cookie name is provided, the first cookie
* value found is fetched. The returned sample is of type CSTR. Can be used
* to parse cookies in other files.
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
*/
static int smp_fetch_cookie(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
/* possible keywords: req.cookie / cookie / cook, res.cookie / scook / set-cookie */
struct channel *chn = ((kw[0] == 'c' || kw[2] == 'q') ? SMP_REQ_CHN(smp) : SMP_RES_CHN(smp));
MINOR: checks/sample: Remove unnecessary tests on the sample session A sample must always have a session defined. Otherwise, it is a bug. So it is unnecessary to test if it is defined when called from a health checks context. This patch fixes the issue #616.
2020-05-06 03:42:04 -04:00
struct check *check = ((kw[0] == 's' || kw[2] == 's') ? objt_check(smp->sess->origin) : NULL);
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, check, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct http_hdr_ctx *ctx = smp->ctx.a[2];
struct ist hdr;
BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches req.cook, req.cook_val, req.cook_cnt and and their response counterparts may be called without cookie name. In this case, empty parentheses may be used, or no parentheses at all. In both, the result must be the same. But only the first one works. The second one always returns a failure. This patch fixes this bug. Note that on old versions (< 2.2), both cases fail. This patch must be backported in all stable versions.
2020-11-13 07:41:04 -05:00
char *cook = NULL;
size_t cook_l = 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
int found = 0;
MINOR: http-fetch: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it. There is also plenty of checks on arguments types while it is already validated during the configuration parsing. But one thing at a time. This patch should fix the issue #1087.
2021-01-29 05:22:15 -05:00
if (args->type == ARGT_STR) {
BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches req.cook, req.cook_val, req.cook_cnt and and their response counterparts may be called without cookie name. In this case, empty parentheses may be used, or no parentheses at all. In both, the result must be the same. But only the first one works. The second one always returns a failure. This patch fixes this bug. Note that on old versions (< 2.2), both cases fail. This patch must be backported in all stable versions.
2020-11-13 07:41:04 -05:00
cook = args->data.str.area;
cook_l = args->data.str.data;
}
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!ctx) {
/* first call */
ctx = &static_http_hdr_ctx;
ctx->blk = NULL;
smp->ctx.a[2] = ctx;
}
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
hdr = (!(check || (chn && chn->flags & CF_ISRESP)) ? ist("Cookie") : ist("Set-Cookie"));
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
BUG/MINOR: http-fetch: Extract cookie value even when no cookie name HTTP sample fetches dealing with the cookies (req/res.cook, req/res.cook_val and req/res.cook_cnt) must be prepared to be called without cookie name. For the first two, the first cookie value is returned, regardless its name. For the last one, all cookies are counted. To do so, http_extract_cookie_value() may now be called with no cookie name (cookie_name_l set to 0). In this case, the matching on the cookie name is ignored and the first value found is returned. Note this patch also fixes matching on cookie values in ACLs. This should be backported in all stable versions.
2020-11-13 04:38:06 -05:00
/* OK so basically here, either we want only one value or we want to
* iterate over all of them and we fetch the next one. In this last case
* SMP_OPT_ITERATE option is set.
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
*/
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!(smp->flags & SMP_F_NOT_LAST)) {
/* search for the header from the beginning, we must first initialize
* the search parameters.
*/
smp->ctx.a[0] = NULL;
ctx->blk = NULL;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->flags |= SMP_F_VOL_HDR;
while (1) {
/* Note: smp->ctx.a[0] == NULL every time we need to fetch a new header */
if (!smp->ctx.a[0]) {
if (!http_find_header(htx, hdr, ctx, 0))
goto out;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches req.cook, req.cook_val, req.cook_cnt and and their response counterparts may be called without cookie name. In this case, empty parentheses may be used, or no parentheses at all. In both, the result must be the same. But only the first one works. The second one always returns a failure. This patch fixes this bug. Note that on old versions (< 2.2), both cases fail. This patch must be backported in all stable versions.
2020-11-13 07:41:04 -05:00
if (ctx->value.len < cook_l + 1)
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
continue;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->ctx.a[0] = ctx->value.ptr;
smp->ctx.a[1] = smp->ctx.a[0] + ctx->value.len;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->data.type = SMP_T_STR;
smp->flags |= SMP_F_CONST;
smp->ctx.a[0] = http_extract_cookie_value(smp->ctx.a[0], smp->ctx.a[1],
BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches req.cook, req.cook_val, req.cook_cnt and and their response counterparts may be called without cookie name. In this case, empty parentheses may be used, or no parentheses at all. In both, the result must be the same. But only the first one works. The second one always returns a failure. This patch fixes this bug. Note that on old versions (< 2.2), both cases fail. This patch must be backported in all stable versions.
2020-11-13 07:41:04 -05:00
cook, cook_l,
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
(smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_REQ,
&smp->data.u.str.area,
&smp->data.u.str.data);
if (smp->ctx.a[0]) {
found = 1;
BUG/MINOR: http-fetch: Extract cookie value even when no cookie name HTTP sample fetches dealing with the cookies (req/res.cook, req/res.cook_val and req/res.cook_cnt) must be prepared to be called without cookie name. For the first two, the first cookie value is returned, regardless its name. For the last one, all cookies are counted. To do so, http_extract_cookie_value() may now be called with no cookie name (cookie_name_l set to 0). In this case, the matching on the cookie name is ignored and the first value found is returned. Note this patch also fixes matching on cookie values in ACLs. This should be backported in all stable versions.
2020-11-13 04:38:06 -05:00
if (smp->opt & SMP_OPT_ITERATE) {
/* iterate on cookie value */
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->flags |= SMP_F_NOT_LAST;
return 1;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
}
BUG/MINOR: http-fetch: Extract cookie value even when no cookie name HTTP sample fetches dealing with the cookies (req/res.cook, req/res.cook_val and req/res.cook_cnt) must be prepared to be called without cookie name. For the first two, the first cookie value is returned, regardless its name. For the last one, all cookies are counted. To do so, http_extract_cookie_value() may now be called with no cookie name (cookie_name_l set to 0). In this case, the matching on the cookie name is ignored and the first value found is returned. Note this patch also fixes matching on cookie values in ACLs. This should be backported in all stable versions.
2020-11-13 04:38:06 -05:00
if (args->data.str.data == 0) {
/* No cookie name, first occurrence returned */
break;
}
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
/* if we're looking for last occurrence, let's loop */
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
/* all cookie headers and values were scanned. If we're looking for the
* last occurrence, we may return it now.
*/
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
out:
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
smp->flags &= ~SMP_F_NOT_LAST;
return found;
}
BUG/MINOR: http_fetch: Rely on the smp direction for "cookie()" and "hdr()" A regression was introduced in the commit 89dc49935 ("BUG/MAJOR: http_fetch: Get the channel depending on the keyword used") on the samples "cookie()" and "hdr()". Unlike other samples manipulating the HTTP headers, these ones depend on the sample direction. To fix the bug, these samples use now their own functions. Depending on the sample direction, they call smp_fetch_cookie() and smp_fetch_hdr() with the appropriate keyword. Thanks to Yves Lafon to report this issue. This patch must be backported wherever the commit 89dc49935 was backported. For now, 1.9 and 1.8.
2019-05-16 04:07:30 -04:00
/* Same than smp_fetch_cookie() but only relies on the sample direction to
* choose the right channel. So instead of duplicating the code, we just change
* the keyword and then fallback on smp_fetch_cookie().
*/
static int smp_fetch_chn_cookie(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
kw = ((smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_REQ ? "req.cook" : "res.cook");
return smp_fetch_cookie(args, smp, kw, private);
}
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
/* Iterate over all cookies present in a request to count how many occurrences
* match the name in args and args->data.str.len. If <multi> is non-null, then
* multiple cookies may be parsed on the same line. The returned sample is of
* type UINT. Accepts exactly 1 argument of type string.
*/
static int smp_fetch_cookie_cnt(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
/* possible keywords: req.cook_cnt / cook_cnt, res.cook_cnt / scook_cnt */
struct channel *chn = ((kw[0] == 'c' || kw[2] == 'q') ? SMP_REQ_CHN(smp) : SMP_RES_CHN(smp));
MINOR: checks/sample: Remove unnecessary tests on the sample session A sample must always have a session defined. Otherwise, it is a bug. So it is unnecessary to test if it is defined when called from a health checks context. This patch fixes the issue #616.
2020-05-06 03:42:04 -04:00
struct check *check = ((kw[0] == 's' || kw[2] == 's') ? objt_check(smp->sess->origin) : NULL);
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, check, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct http_hdr_ctx ctx;
struct ist hdr;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
char *val_beg, *val_end;
BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches req.cook, req.cook_val, req.cook_cnt and and their response counterparts may be called without cookie name. In this case, empty parentheses may be used, or no parentheses at all. In both, the result must be the same. But only the first one works. The second one always returns a failure. This patch fixes this bug. Note that on old versions (< 2.2), both cases fail. This patch must be backported in all stable versions.
2020-11-13 07:41:04 -05:00
char *cook = NULL;
size_t cook_l = 0;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
int cnt;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MINOR: http-fetch: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it. There is also plenty of checks on arguments types while it is already validated during the configuration parsing. But one thing at a time. This patch should fix the issue #1087.
2021-01-29 05:22:15 -05:00
if (args->type == ARGT_STR){
BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches req.cook, req.cook_val, req.cook_cnt and and their response counterparts may be called without cookie name. In this case, empty parentheses may be used, or no parentheses at all. In both, the result must be the same. But only the first one works. The second one always returns a failure. This patch fixes this bug. Note that on old versions (< 2.2), both cases fail. This patch must be backported in all stable versions.
2020-11-13 07:41:04 -05:00
cook = args->data.str.area;
cook_l = args->data.str.data;
}
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
hdr = (!(check || (chn && chn->flags & CF_ISRESP)) ? ist("Cookie") : ist("Set-Cookie"));
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
val_end = val_beg = NULL;
ctx.blk = NULL;
cnt = 0;
while (1) {
/* Note: val_beg == NULL every time we need to fetch a new header */
if (!val_beg) {
if (!http_find_header(htx, hdr, &ctx, 0))
break;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches req.cook, req.cook_val, req.cook_cnt and and their response counterparts may be called without cookie name. In this case, empty parentheses may be used, or no parentheses at all. In both, the result must be the same. But only the first one works. The second one always returns a failure. This patch fixes this bug. Note that on old versions (< 2.2), both cases fail. This patch must be backported in all stable versions.
2020-11-13 07:41:04 -05:00
if (ctx.value.len < cook_l + 1)
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
continue;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
val_beg = ctx.value.ptr;
val_end = val_beg + ctx.value.len;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->data.type = SMP_T_STR;
smp->flags |= SMP_F_CONST;
while ((val_beg = http_extract_cookie_value(val_beg, val_end,
BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches req.cook, req.cook_val, req.cook_cnt and and their response counterparts may be called without cookie name. In this case, empty parentheses may be used, or no parentheses at all. In both, the result must be the same. But only the first one works. The second one always returns a failure. This patch fixes this bug. Note that on old versions (< 2.2), both cases fail. This patch must be backported in all stable versions.
2020-11-13 07:41:04 -05:00
cook, cook_l,
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
(smp->opt & SMP_OPT_DIR) == SMP_OPT_DIR_REQ,
&smp->data.u.str.area,
&smp->data.u.str.data))) {
cnt++;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
}
smp->data.type = SMP_T_SINT;
smp->data.u.sint = cnt;
smp->flags |= SMP_F_VOL_HDR;
return 1;
}
/* Fetch an cookie's integer value. The integer value is returned. It
* takes a mandatory argument of type string. It relies on smp_fetch_cookie().
*/
static int smp_fetch_cookie_val(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
int ret = smp_fetch_cookie(args, smp, kw, private);
if (ret > 0) {
smp->data.type = SMP_T_SINT;
smp->data.u.sint = strl2ic(smp->data.u.str.area,
smp->data.u.str.data);
}
return ret;
}
/************************************************************************/
/* The code below is dedicated to sample fetches */
/************************************************************************/
/* This scans a URL-encoded query string. It takes an optionally wrapping
CLEANUP: assorted typo fixes in the code and comments This is 11th iteration of typo fixes
2020-07-05 07:36:08 -04:00
* string whose first contiguous chunk has its beginning in ctx->a[0] and end
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
* in ctx->a[1], and the optional second part in (ctx->a[2]..ctx->a[3]). The
* pointers are updated for next iteration before leaving.
*/
MINOR: http_fetch: add case insensitive support for smp_fetch_url_param This commit adds a new argument to smp_fetch_url_param that makes the parameter key comparison case-insensitive. Several levels of callers were modified to pass this info.
2023-03-28 09:06:05 -04:00
static int smp_fetch_param(char delim, const char *name, int name_len, const struct arg *args, struct sample *smp, const char *kw, void *private, char insensitive)
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
{
const char *vstart, *vend;
struct buffer *temp;
const char **chunks = (const char **)smp->ctx.a;
if (!http_find_next_url_param(chunks, name, name_len,
MINOR: http_fetch: add case insensitive support for smp_fetch_url_param This commit adds a new argument to smp_fetch_url_param that makes the parameter key comparison case-insensitive. Several levels of callers were modified to pass this info.
2023-03-28 09:06:05 -04:00
&vstart, &vend, delim, insensitive))
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 0;
/* Create sample. If the value is contiguous, return the pointer as CONST,
* if the value is wrapped, copy-it in a buffer.
*/
smp->data.type = SMP_T_STR;
if (chunks[2] &&
vstart >= chunks[0] && vstart <= chunks[1] &&
vend >= chunks[2] && vend <= chunks[3]) {
/* Wrapped case. */
temp = get_trash_chunk();
memcpy(temp->area, vstart, chunks[1] - vstart);
memcpy(temp->area + ( chunks[1] - vstart ), chunks[2],
vend - chunks[2]);
smp->data.u.str.area = temp->area;
smp->data.u.str.data = ( chunks[1] - vstart ) + ( vend - chunks[2] );
} else {
/* Contiguous case. */
smp->data.u.str.area = (char *)vstart;
smp->data.u.str.data = vend - vstart;
smp->flags = SMP_F_VOL_1ST | SMP_F_CONST;
}
/* Update context, check wrapping. */
chunks[0] = vend;
if (chunks[2] && vend >= chunks[2] && vend <= chunks[3]) {
chunks[1] = chunks[3];
chunks[2] = NULL;
}
if (chunks[0] < chunks[1])
smp->flags |= SMP_F_NOT_LAST;
return 1;
}
/* This function iterates over each parameter of the query string. It uses
* ctx->a[0] and ctx->a[1] to store the beginning and end of the current
* parameter. Since it uses smp_fetch_param(), ctx->a[2..3] are both NULL.
* An optional parameter name is passed in args[0], otherwise any parameter is
* considered. It supports an optional delimiter argument for the beginning of
* the string in args[1], which defaults to "?".
*/
static int smp_fetch_url_param(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_REQ_CHN(smp);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
char delim = '?';
const char *name;
int name_len;
MINOR: http_fetch: Add case-insensitive argument for url_param/urlp_val This commit adds a new optional argument to smp_fetch_url_param and smp_fetch_url_param_val that makes the parameter key comparison case-insensitive. Now users can retrieve URL parameters regardless of their case, allowing to match parameters in case insensitive application. Doc was updated.
2023-03-28 09:06:05 -04:00
char insensitive = 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MINOR: http-fetch: Don't check if argument list is set in sample fetches The list is always defined by definition. Thus there is no reason to test it. There is also plenty of checks on arguments types while it is already validated during the configuration parsing. But one thing at a time. This patch should fix the issue #1087.
2021-01-29 05:22:15 -05:00
if ((args[0].type && args[0].type != ARGT_STR) ||
MINOR: http_fetch: Add case-insensitive argument for url_param/urlp_val This commit adds a new optional argument to smp_fetch_url_param and smp_fetch_url_param_val that makes the parameter key comparison case-insensitive. Now users can retrieve URL parameters regardless of their case, allowing to match parameters in case insensitive application. Doc was updated.
2023-03-28 09:06:05 -04:00
(args[1].type && args[1].type != ARGT_STR) ||
(args[2].type && args[2].type != ARGT_STR))
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 0;
name = "";
name_len = 0;
if (args->type == ARGT_STR) {
name = args->data.str.area;
name_len = args->data.str.data;
}
MINOR: http_fetch: Add support for empty delim in url_param In prevision of adding a third parameter to the url_param sample-fetch function we need to make the second parameter optional. User can now pass a empty 2nd argument to keep the default delimiter.
2023-03-28 09:49:53 -04:00
if (args[1].type && *args[1].data.str.area)
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
delim = *args[1].data.str.area;
MINOR: http_fetch: Add case-insensitive argument for url_param/urlp_val This commit adds a new optional argument to smp_fetch_url_param and smp_fetch_url_param_val that makes the parameter key comparison case-insensitive. Now users can retrieve URL parameters regardless of their case, allowing to match parameters in case insensitive application. Doc was updated.
2023-03-28 09:06:05 -04:00
if (args[2].type && *args[2].data.str.area == 'i')
insensitive = 1;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
if (!smp->ctx.a[0]) { // first call, find the query string
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct htx_sl *sl;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
sl = http_get_stline(htx);
smp->ctx.a[0] = http_find_param_list(HTX_SL_REQ_UPTR(sl), HTX_SL_REQ_ULEN(sl), delim);
if (!smp->ctx.a[0])
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->ctx.a[1] = HTX_SL_REQ_UPTR(sl) + HTX_SL_REQ_ULEN(sl);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
/* Assume that the context is filled with NULL pointer
* before the first call.
* smp->ctx.a[2] = NULL;
* smp->ctx.a[3] = NULL;
*/
}
MINOR: http_fetch: Add case-insensitive argument for url_param/urlp_val This commit adds a new optional argument to smp_fetch_url_param and smp_fetch_url_param_val that makes the parameter key comparison case-insensitive. Now users can retrieve URL parameters regardless of their case, allowing to match parameters in case insensitive application. Doc was updated.
2023-03-28 09:06:05 -04:00
return smp_fetch_param(delim, name, name_len, args, smp, kw, private, insensitive);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
/* This function iterates over each parameter of the body. This requires
* that the body has been waited for using http-buffer-request. It uses
* ctx->a[0] and ctx->a[1] to store the beginning and end of the first
CLEANUP: assorted typo fixes in the code and comments This is 11th iteration of typo fixes
2020-07-05 07:36:08 -04:00
* contiguous part of the body, and optionally ctx->a[2..3] to reference the
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
* optional second part if the body wraps at the end of the buffer. An optional
* parameter name is passed in args[0], otherwise any parameter is considered.
*/
static int smp_fetch_body_param(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_REQ_CHN(smp);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
const char *name;
int name_len;
MINOR: http_fetch: Add case-insensitive argument for url_param/urlp_val This commit adds a new optional argument to smp_fetch_url_param and smp_fetch_url_param_val that makes the parameter key comparison case-insensitive. Now users can retrieve URL parameters regardless of their case, allowing to match parameters in case insensitive application. Doc was updated.
2023-03-28 09:06:05 -04:00
char insensitive = 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MINOR: http_fetch: Add case-insensitive argument for url_param/urlp_val This commit adds a new optional argument to smp_fetch_url_param and smp_fetch_url_param_val that makes the parameter key comparison case-insensitive. Now users can retrieve URL parameters regardless of their case, allowing to match parameters in case insensitive application. Doc was updated.
2023-03-28 09:06:05 -04:00
if ((args[0].type && args[0].type != ARGT_STR) ||
(args[1].type && args[1].type != ARGT_STR))
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 0;
name = "";
name_len = 0;
if (args[0].type == ARGT_STR) {
name = args[0].data.str.area;
name_len = args[0].data.str.data;
}
MINOR: http_fetch: Add case-insensitive argument for url_param/urlp_val This commit adds a new optional argument to smp_fetch_url_param and smp_fetch_url_param_val that makes the parameter key comparison case-insensitive. Now users can retrieve URL parameters regardless of their case, allowing to match parameters in case insensitive application. Doc was updated.
2023-03-28 09:06:05 -04:00
if (args[1].type && *args[1].data.str.area == 'i')
insensitive = 1;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
if (!smp->ctx.a[0]) { // first call, find the query string
MEDIUM: checks: Remove dedicated sample fetches and use response ones instead All sample fetches in the scope "check." have been removed. Response sample fetches must be used instead. It avoids keyword duplication. So, for instance, res.hdr() must be now used instead of check.hdr(). To do so, following sample fetches have been added on the response : * res.body, res.body_len and res.body_size * res.hdrs and res.hdrs_bin Sample feches dealing with the response's body are only useful in the health checks context. When called from a stream context, there is no warranty on the body presence. There is no option to wait the response's body.
2020-05-05 11:46:34 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct buffer *temp;
int32_t pos;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
temp = get_trash_chunk();
for (pos = htx_get_first(htx); pos != -1; pos = htx_get_next(htx, pos)) {
struct htx_blk *blk = htx_get_blk(htx, pos);
enum htx_blk_type type = htx_get_blk_type(blk);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MAJOR: htx: Remove the EOM block type and use HTX_FL_EOM instead The EOM block may be removed. The HTX_FL_EOM flags is enough. Most of time, to know if the end of the message is reached, we just need to have an empty HTX message with HTX_FL_EOM flag set. It may also be detected when the last block of a message with HTX_FL_EOM flag is manipulated. Removing EOM blocks simplifies the HTX message filling. Indeed, there is no more edge problems when the message ends but there is no more space to write the EOM block. However, some part are more tricky. Especially the compression filter or the FCGI mux. The compression filter must finish the compression on the last DATA block. Before it was performed on the EOM block, an extra DATA block with the checksum was added. Now, we must detect the last DATA block to be sure to finish the compression. The FCGI mux on its part must be sure to reserve the space for the empty STDIN record on the last DATA block while this record was inserted on the EOM block. The H2 multiplexer is probably the part that benefits the most from this change. Indeed, it is now fairly easier to known when to set the ES flag. The HTX documentaion has been updated accordingly.
2020-12-02 13:12:22 -05:00
if (type == HTX_BLK_TLR || type == HTX_BLK_EOT)
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
break;
if (type == HTX_BLK_DATA) {
CLEANUP: h1-htx: Move htx-to-h1 formatting functions from htx.c to h1_htx.c The functions "htx_*_to_h1()" have been renamed into "h1_format_htx_*()" and moved in the file h1_htx.c. It is the right place for such functions.
2019-10-08 10:38:42 -04:00
if (!h1_format_htx_data(htx_get_blk_value(htx, blk), temp, 0))
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
return 0;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
}
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
}
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
smp->ctx.a[0] = temp->area;
smp->ctx.a[1] = temp->area + temp->data;
/* Assume that the context is filled with NULL pointer
* before the first call.
* smp->ctx.a[2] = NULL;
* smp->ctx.a[3] = NULL;
*/
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MINOR: http_fetch: Add case-insensitive argument for url_param/urlp_val This commit adds a new optional argument to smp_fetch_url_param and smp_fetch_url_param_val that makes the parameter key comparison case-insensitive. Now users can retrieve URL parameters regardless of their case, allowing to match parameters in case insensitive application. Doc was updated.
2023-03-28 09:06:05 -04:00
return smp_fetch_param('&', name, name_len, args, smp, kw, private, insensitive);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
/* Return the signed integer value for the specified url parameter (see url_param
* above).
*/
static int smp_fetch_url_param_val(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
int ret = smp_fetch_url_param(args, smp, kw, private);
if (ret > 0) {
smp->data.type = SMP_T_SINT;
smp->data.u.sint = strl2ic(smp->data.u.str.area,
smp->data.u.str.data);
}
return ret;
}
/* This produces a 32-bit hash of the concatenation of the first occurrence of
* the Host header followed by the path component if it begins with a slash ('/').
* This means that '*' will not be added, resulting in exactly the first Host
* entry. If no Host header is found, then the path is used. The resulting value
* is hashed using the url hash followed by a full avalanche hash and provides a
* 32-bit integer value. This fetch is useful for tracking per-URL activity on
* high-traffic sites without having to store whole paths.
* this differs from the base32 functions in that it includes the url parameters
* as well as the path
*/
static int smp_fetch_url32(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
BUG/MAJOR: http_fetch: Get the channel depending on the keyword used All HTTP samples are buggy because the channel tested in the prefetch functions (HTX and legacy HTTP) is chosen depending on the sample direction and not the keyword really used. It means the request channel is used if the sample is called during the request analysis and the response channel is used if it is called during the response analysis, regardless the sample really called. For instance, if you use the sample "req.ver" in an http-response rule, the response channel will be prefeched because it is called during the response analysis, while the request channel should have been used instead. So some assumptions on the validity of the sample may be made on the wrong channel. It is the first bug. Then the same error is done in some samples themselves. So fetches are performed on the wrong channel. For instance, the header extraction (req.fhdr, res.fhdr, req.hdr, res.hdr...). If the sample "req.hdr" is used in an http-response rule, then the matching is done on the response headers and not the request ones. It is the second bug. Finally, the last one but not the least, in some samples, the right channel is used. But because the prefetch was done on the wrong one, this channel may be in a undefined state. For instance, using the sample "req.ver" in an http-response rule leads to a matching on a posibility released buffer. To fix all these bugs, the right channel is now chosen in sample fetches, before the prefetch. If the same function is used to fetch requests and responses elements, then the keyword is used to choose the right one. This channel is then used by the functions smp_prefetch_htx() and smp_prefetch_http(). Of course, it is also used by the samples themselves to extract information. This patch must be backported to all supported versions. For version 1.8 and priors, it must be totally refactored. First because there is no HTX into these versions. Then the buffers API has changed in HAProxy 1.9. The files http_fetch.{ch} doesn't exist on old versions.
2019-04-17 06:02:59 -04:00
struct channel *chn = SMP_REQ_CHN(smp);
MEDIUM: checks/http-fetch: Support htx prefetch from a check for HTTP samples Some HTTP sample fetches will be accessible from the context of a http-check health check. Thus, the prefetch function responsible to return the HTX message has been update to handle a check, in addition to a channel. Both cannot be used at the same time. So there is no ambiguity.
2020-04-29 09:51:55 -04:00
struct htx *htx = smp_prefetch_htx(smp, chn, NULL, 1);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
struct http_hdr_ctx ctx;
struct htx_sl *sl;
struct ist path;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
unsigned int hash = 0;
MINOR: http: use http uri parser for path Replace http_get_path by the http_uri_parser API. The new functions is renamed http_parse_path. Replace duplicated code for scheme and authority parsing by invocations to http_parse_scheme/authority. If no scheme is found for an URI detected as an absolute-uri/authority, consider it to be an authority format : no path will be found. For an absolute-uri or absolute-path, use the remaining of the string as the path. A new http_uri_parser state is declared to mark the path parsing as done.
2021-07-06 05:40:12 -04:00
struct http_uri_parser parser;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (!htx)
return 0;
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
ctx.blk = NULL;
if (http_find_header(htx, ist("Host"), &ctx, 1)) {
/* OK we have the header value in ctx.value */
while (ctx.value.len--)
hash = *(ctx.value.ptr++) + (hash << 6) + (hash << 16) - hash;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
/* now retrieve the path */
sl = http_get_stline(htx);
MINOR: http: use http uri parser for path Replace http_get_path by the http_uri_parser API. The new functions is renamed http_parse_path. Replace duplicated code for scheme and authority parsing by invocations to http_parse_scheme/authority. If no scheme is found for an URI detected as an absolute-uri/authority, consider it to be an authority format : no path will be found. For an absolute-uri or absolute-path, use the remaining of the string as the path. A new http_uri_parser state is declared to mark the path parsing as done.
2021-07-06 05:40:12 -04:00
parser = http_uri_parser_init(htx_sl_req_uri(sl));
path = http_parse_path(&parser);
MEDIUM: http_fetch: Remove code relying on HTTP legacy mode Since the legacy HTTP mode is disbabled, all HTTP sample fetches work on HTX streams. So it is safe to remove all code relying on HTTP legacy mode. Among other things, the function smp_prefetch_http() was removed with the associated macros CHECK_HTTP_MESSAGE_FIRST() and CHECK_HTTP_MESSAGE_FIRST_PERM().
2019-07-15 08:36:03 -04:00
if (path.len && *(path.ptr) == '/') {
while (path.len--)
hash = *(path.ptr++) + (hash << 6) + (hash << 16) - hash;
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
}
MEDIUM: http_fetch: Adapt all fetches to handle HTX messages For HTTP proxies, when the HTX internal representation is used, or for all TCP proxies, we use the HTX version of sample fetches.
2018-10-24 15:41:55 -04:00
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
hash = full_hash(hash);
smp->data.type = SMP_T_SINT;
smp->data.u.sint = hash;
smp->flags = SMP_F_VOL_1ST;
return 1;
}
/* This concatenates the source address with the 32-bit hash of the Host and
* URL as returned by smp_fetch_base32(). The idea is to have per-source and
* per-url counters. The result is a binary block from 8 to 20 bytes depending
* on the source address length. The URL hash is stored before the address so
* that in environments where IPv6 is insignificant, truncating the output to
* 8 bytes would still work.
*/
static int smp_fetch_url32_src(const struct arg *args, struct sample *smp, const char *kw, void *private)
{
CLEANUP: stconn: rename cs{,_get}_{src,dst} to sc_* The following functions were renamed: cs_src() -> sc_src() cs_dst() -> sc_dst() cs_get_src() -> sc_get_src() cs_get_dst() -> sc_get_dst()
2022-05-27 02:57:21 -04:00
const struct sockaddr_storage *src = (smp->strm ? sc_src(smp->strm->scf) : NULL);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
struct buffer *temp;
MINOR: http-fetch: Rely on addresses at stream level in HTTP sample fetches Client source and destination addresses at stream level are now used to compute base32+src and url32+src hashes. For now, stream-interface addresses are never set. So, thanks to the fallback mechanism, no changes are expected with this patch. But its purpose is to rely on addresses at the stream level, when set, instead of those at the connection level.
2021-10-25 01:48:27 -04:00
if (!src)
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
return 0;
if (!smp_fetch_url32(args, smp, kw, private))
return 0;
temp = get_trash_chunk();
*(unsigned int *) temp->area = htonl(smp->data.u.sint);
temp->data += sizeof(unsigned int);
MINOR: http-fetch: Rely on addresses at stream level in HTTP sample fetches Client source and destination addresses at stream level are now used to compute base32+src and url32+src hashes. For now, stream-interface addresses are never set. So, thanks to the fallback mechanism, no changes are expected with this patch. But its purpose is to rely on addresses at the stream level, when set, instead of those at the connection level.
2021-10-25 01:48:27 -04:00
switch (src->ss_family) {
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
case AF_INET:
memcpy(temp->area + temp->data,
MINOR: http-fetch: Rely on addresses at stream level in HTTP sample fetches Client source and destination addresses at stream level are now used to compute base32+src and url32+src hashes. For now, stream-interface addresses are never set. So, thanks to the fallback mechanism, no changes are expected with this patch. But its purpose is to rely on addresses at the stream level, when set, instead of those at the connection level.
2021-10-25 01:48:27 -04:00
&((struct sockaddr_in *)src)->sin_addr,
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
4);
temp->data += 4;
break;
case AF_INET6:
memcpy(temp->area + temp->data,
MINOR: http-fetch: Rely on addresses at stream level in HTTP sample fetches Client source and destination addresses at stream level are now used to compute base32+src and url32+src hashes. For now, stream-interface addresses are never set. So, thanks to the fallback mechanism, no changes are expected with this patch. But its purpose is to rely on addresses at the stream level, when set, instead of those at the connection level.
2021-10-25 01:48:27 -04:00
&((struct sockaddr_in6 *)src)->sin6_addr,
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
16);
temp->data += 16;
break;
default:
return 0;
}
smp->data.u.str = *temp;
smp->data.type = SMP_T_BIN;
return 1;
}
/************************************************************************/
/* Other utility functions */
/************************************************************************/
/* This function is used to validate the arguments passed to any "hdr" fetch
* keyword. These keywords support an optional positive or negative occurrence
* number. We must ensure that the number is greater than -MAX_HDR_HISTORY. It
* is assumed that the types are already the correct ones. Returns 0 on error,
* non-zero if OK. If <err> is not NULL, it will be filled with a pointer to an
* error message in case of error, that the caller is responsible for freeing.
* The initial location must either be freeable or NULL.
* Note: this function's pointer is checked from Lua.
*/
int val_hdr(struct arg *arg, char **err_msg)
{
if (arg && arg[1].type == ARGT_SINT && arg[1].data.sint < -MAX_HDR_HISTORY) {
memprintf(err_msg, "header occurrence must be >= %d", -MAX_HDR_HISTORY);
return 0;
}
return 1;
}
/************************************************************************/
/* All supported sample fetch keywords must be declared here. */
/************************************************************************/
/* Note: must not be declared <const> as its list will be overwritten */
static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
{ "base", smp_fetch_base, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
{ "base32", smp_fetch_base32, 0, NULL, SMP_T_SINT, SMP_USE_HRQHV },
{ "base32+src", smp_fetch_base32_src, 0, NULL, SMP_T_BIN, SMP_USE_HRQHV },
MINOR: http: add baseq sample fetch Symetrical to path/pathq, baseq returns the concatenation of the Host header and the path including the query string.
2021-02-11 05:01:28 -05:00
{ "baseq", smp_fetch_base, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
/* capture are allocated and are permanent in the stream */
{ "capture.req.hdr", smp_fetch_capture_req_hdr, ARG1(1,SINT), NULL, SMP_T_STR, SMP_USE_HRQHP },
/* retrieve these captures from the HTTP logs */
{ "capture.req.method", smp_fetch_capture_req_method, 0, NULL, SMP_T_STR, SMP_USE_HRQHP },
{ "capture.req.uri", smp_fetch_capture_req_uri, 0, NULL, SMP_T_STR, SMP_USE_HRQHP },
{ "capture.req.ver", smp_fetch_capture_req_ver, 0, NULL, SMP_T_STR, SMP_USE_HRQHP },
{ "capture.res.hdr", smp_fetch_capture_res_hdr, ARG1(1,SINT), NULL, SMP_T_STR, SMP_USE_HRSHP },
{ "capture.res.ver", smp_fetch_capture_res_ver, 0, NULL, SMP_T_STR, SMP_USE_HRQHP },
/* cookie is valid in both directions (eg: for "stick ...") but cook*
* are only here to match the ACL's name, are request-only and are used
* for ACL compatibility only.
*/
{ "cook", smp_fetch_cookie, ARG1(0,STR), NULL, SMP_T_STR, SMP_USE_HRQHV },
BUG/MINOR: http_fetch: Rely on the smp direction for "cookie()" and "hdr()" A regression was introduced in the commit 89dc49935 ("BUG/MAJOR: http_fetch: Get the channel depending on the keyword used") on the samples "cookie()" and "hdr()". Unlike other samples manipulating the HTTP headers, these ones depend on the sample direction. To fix the bug, these samples use now their own functions. Depending on the sample direction, they call smp_fetch_cookie() and smp_fetch_hdr() with the appropriate keyword. Thanks to Yves Lafon to report this issue. This patch must be backported wherever the commit 89dc49935 was backported. For now, 1.9 and 1.8.
2019-05-16 04:07:30 -04:00
{ "cookie", smp_fetch_chn_cookie, ARG1(0,STR), NULL, SMP_T_STR, SMP_USE_HRQHV|SMP_USE_HRSHV },
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
{ "cook_cnt", smp_fetch_cookie_cnt, ARG1(0,STR), NULL, SMP_T_SINT, SMP_USE_HRQHV },
{ "cook_val", smp_fetch_cookie_val, ARG1(0,STR), NULL, SMP_T_SINT, SMP_USE_HRQHV },
/* hdr is valid in both directions (eg: for "stick ...") but hdr_* are
* only here to match the ACL's name, are request-only and are used for
* ACL compatibility only.
*/
BUG/MINOR: http_fetch: Rely on the smp direction for "cookie()" and "hdr()" A regression was introduced in the commit 89dc49935 ("BUG/MAJOR: http_fetch: Get the channel depending on the keyword used") on the samples "cookie()" and "hdr()". Unlike other samples manipulating the HTTP headers, these ones depend on the sample direction. To fix the bug, these samples use now their own functions. Depending on the sample direction, they call smp_fetch_cookie() and smp_fetch_hdr() with the appropriate keyword. Thanks to Yves Lafon to report this issue. This patch must be backported wherever the commit 89dc49935 was backported. For now, 1.9 and 1.8.
2019-05-16 04:07:30 -04:00
{ "hdr", smp_fetch_chn_hdr, ARG2(0,STR,SINT), val_hdr, SMP_T_STR, SMP_USE_HRQHV|SMP_USE_HRSHV },
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
{ "hdr_cnt", smp_fetch_hdr_cnt, ARG1(0,STR), NULL, SMP_T_SINT, SMP_USE_HRQHV },
{ "hdr_ip", smp_fetch_hdr_ip, ARG2(0,STR,SINT), val_hdr, SMP_T_IPV4, SMP_USE_HRQHV },
{ "hdr_val", smp_fetch_hdr_val, ARG2(0,STR,SINT), val_hdr, SMP_T_SINT, SMP_USE_HRQHV },
MINOR: http_fetch: Add sample fetches to get auth method/user/pass Now, following sample fetches may be used to get information about authentication: * http_auth_type : returns the auth method as supplied in Authorization header * http_auth_user : returns the auth user as supplied in Authorization header * http_auth_pass : returns the auth pass as supplied in Authorization header Only Basic authentication is supported.
2019-08-02 05:51:37 -04:00
{ "http_auth_type", smp_fetch_http_auth_type, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
{ "http_auth_user", smp_fetch_http_auth_user, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
{ "http_auth_pass", smp_fetch_http_auth_pass, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
MINOR: http: Add http_auth_bearer sample fetch This fetch can be used to retrieve the data contained in an HTTP Authorization header when the Bearer scheme is used. This is used when transmitting JSON Web Tokens for instance.
2021-10-01 09:36:53 -04:00
{ "http_auth_bearer", smp_fetch_http_auth_bearer, ARG1(0,STR), NULL, SMP_T_STR, SMP_USE_HRQHV },
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
{ "http_auth", smp_fetch_http_auth, ARG1(1,USR), NULL, SMP_T_BOOL, SMP_USE_HRQHV },
{ "http_auth_group", smp_fetch_http_auth_grp, ARG1(1,USR), NULL, SMP_T_STR, SMP_USE_HRQHV },
{ "http_first_req", smp_fetch_http_first_req, 0, NULL, SMP_T_BOOL, SMP_USE_HRQHP },
{ "method", smp_fetch_meth, 0, NULL, SMP_T_METH, SMP_USE_HRQHP },
{ "path", smp_fetch_path, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
MINOR: http-fetch: Add pathq sample fetch The pathq sample fetch extract the relative URI of a request, i.e the path with the query-string, excluding the scheme and the authority, if any. It is pretty handy to always get a relative URI independently on the HTTP version. Indeed, while relative URIs are common in HTTP/1.1, in HTTP/2, most of time clients use absolute URIs. This patch may be backported to 2.2.
2020-09-02 11:25:18 -04:00
{ "pathq", smp_fetch_path, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
{ "query", smp_fetch_query, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
/* HTTP protocol on the request path */
{ "req.proto_http", smp_fetch_proto_http, 0, NULL, SMP_T_BOOL, SMP_USE_HRQHP },
{ "req_proto_http", smp_fetch_proto_http, 0, NULL, SMP_T_BOOL, SMP_USE_HRQHP },
/* HTTP version on the request path */
{ "req.ver", smp_fetch_rqver, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
{ "req_ver", smp_fetch_rqver, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
{ "req.body", smp_fetch_body, 0, NULL, SMP_T_BIN, SMP_USE_HRQHV },
{ "req.body_len", smp_fetch_body_len, 0, NULL, SMP_T_SINT, SMP_USE_HRQHV },
{ "req.body_size", smp_fetch_body_size, 0, NULL, SMP_T_SINT, SMP_USE_HRQHV },
MINOR: http_fetch: Add case-insensitive argument for url_param/urlp_val This commit adds a new optional argument to smp_fetch_url_param and smp_fetch_url_param_val that makes the parameter key comparison case-insensitive. Now users can retrieve URL parameters regardless of their case, allowing to match parameters in case insensitive application. Doc was updated.
2023-03-28 09:06:05 -04:00
{ "req.body_param", smp_fetch_body_param, ARG2(0,STR,STR), NULL, SMP_T_BIN, SMP_USE_HRQHV },
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
{ "req.hdrs", smp_fetch_hdrs, 0, NULL, SMP_T_BIN, SMP_USE_HRQHV },
{ "req.hdrs_bin", smp_fetch_hdrs_bin, 0, NULL, SMP_T_BIN, SMP_USE_HRQHV },
/* HTTP version on the response path */
{ "res.ver", smp_fetch_stver, 0, NULL, SMP_T_STR, SMP_USE_HRSHV },
{ "resp_ver", smp_fetch_stver, 0, NULL, SMP_T_STR, SMP_USE_HRSHV },
MEDIUM: checks: Remove dedicated sample fetches and use response ones instead All sample fetches in the scope "check." have been removed. Response sample fetches must be used instead. It avoids keyword duplication. So, for instance, res.hdr() must be now used instead of check.hdr(). To do so, following sample fetches have been added on the response : * res.body, res.body_len and res.body_size * res.hdrs and res.hdrs_bin Sample feches dealing with the response's body are only useful in the health checks context. When called from a stream context, there is no warranty on the body presence. There is no option to wait the response's body.
2020-05-05 11:46:34 -04:00
{ "res.body", smp_fetch_body, 0, NULL, SMP_T_BIN, SMP_USE_HRSHV },
{ "res.body_len", smp_fetch_body_len, 0, NULL, SMP_T_SINT, SMP_USE_HRSHV },
{ "res.body_size", smp_fetch_body_size, 0, NULL, SMP_T_SINT, SMP_USE_HRSHV },
{ "res.hdrs", smp_fetch_hdrs, 0, NULL, SMP_T_BIN, SMP_USE_HRSHV },
{ "res.hdrs_bin", smp_fetch_hdrs_bin, 0, NULL, SMP_T_BIN, SMP_USE_HRSHV },
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
/* explicit req.{cook,hdr} are used to force the fetch direction to be request-only */
{ "req.cook", smp_fetch_cookie, ARG1(0,STR), NULL, SMP_T_STR, SMP_USE_HRQHV },
{ "req.cook_cnt", smp_fetch_cookie_cnt, ARG1(0,STR), NULL, SMP_T_SINT, SMP_USE_HRQHV },
{ "req.cook_val", smp_fetch_cookie_val, ARG1(0,STR), NULL, SMP_T_SINT, SMP_USE_HRQHV },
{ "req.fhdr", smp_fetch_fhdr, ARG2(0,STR,SINT), val_hdr, SMP_T_STR, SMP_USE_HRQHV },
{ "req.fhdr_cnt", smp_fetch_fhdr_cnt, ARG1(0,STR), NULL, SMP_T_SINT, SMP_USE_HRQHV },
{ "req.hdr", smp_fetch_hdr, ARG2(0,STR,SINT), val_hdr, SMP_T_STR, SMP_USE_HRQHV },
{ "req.hdr_cnt", smp_fetch_hdr_cnt, ARG1(0,STR), NULL, SMP_T_SINT, SMP_USE_HRQHV },
{ "req.hdr_ip", smp_fetch_hdr_ip, ARG2(0,STR,SINT), val_hdr, SMP_T_IPV4, SMP_USE_HRQHV },
{ "req.hdr_names", smp_fetch_hdr_names, ARG1(0,STR), NULL, SMP_T_STR, SMP_USE_HRQHV },
{ "req.hdr_val", smp_fetch_hdr_val, ARG2(0,STR,SINT), val_hdr, SMP_T_SINT, SMP_USE_HRQHV },
/* explicit req.{cook,hdr} are used to force the fetch direction to be response-only */
{ "res.cook", smp_fetch_cookie, ARG1(0,STR), NULL, SMP_T_STR, SMP_USE_HRSHV },
{ "res.cook_cnt", smp_fetch_cookie_cnt, ARG1(0,STR), NULL, SMP_T_SINT, SMP_USE_HRSHV },
{ "res.cook_val", smp_fetch_cookie_val, ARG1(0,STR), NULL, SMP_T_SINT, SMP_USE_HRSHV },
{ "res.fhdr", smp_fetch_fhdr, ARG2(0,STR,SINT), val_hdr, SMP_T_STR, SMP_USE_HRSHV },
{ "res.fhdr_cnt", smp_fetch_fhdr_cnt, ARG1(0,STR), NULL, SMP_T_SINT, SMP_USE_HRSHV },
{ "res.hdr", smp_fetch_hdr, ARG2(0,STR,SINT), val_hdr, SMP_T_STR, SMP_USE_HRSHV },
{ "res.hdr_cnt", smp_fetch_hdr_cnt, ARG1(0,STR), NULL, SMP_T_SINT, SMP_USE_HRSHV },
{ "res.hdr_ip", smp_fetch_hdr_ip, ARG2(0,STR,SINT), val_hdr, SMP_T_IPV4, SMP_USE_HRSHV },
{ "res.hdr_names", smp_fetch_hdr_names, ARG1(0,STR), NULL, SMP_T_STR, SMP_USE_HRSHV },
{ "res.hdr_val", smp_fetch_hdr_val, ARG2(0,STR,SINT), val_hdr, SMP_T_SINT, SMP_USE_HRSHV },
/* scook is valid only on the response and is used for ACL compatibility */
{ "scook", smp_fetch_cookie, ARG1(0,STR), NULL, SMP_T_STR, SMP_USE_HRSHV },
{ "scook_cnt", smp_fetch_cookie_cnt, ARG1(0,STR), NULL, SMP_T_SINT, SMP_USE_HRSHV },
{ "scook_val", smp_fetch_cookie_val, ARG1(0,STR), NULL, SMP_T_SINT, SMP_USE_HRSHV },
/* shdr is valid only on the response and is used for ACL compatibility */
{ "shdr", smp_fetch_hdr, ARG2(0,STR,SINT), val_hdr, SMP_T_STR, SMP_USE_HRSHV },
{ "shdr_cnt", smp_fetch_hdr_cnt, ARG1(0,STR), NULL, SMP_T_SINT, SMP_USE_HRSHV },
{ "shdr_ip", smp_fetch_hdr_ip, ARG2(0,STR,SINT), val_hdr, SMP_T_IPV4, SMP_USE_HRSHV },
{ "shdr_val", smp_fetch_hdr_val, ARG2(0,STR,SINT), val_hdr, SMP_T_SINT, SMP_USE_HRSHV },
{ "status", smp_fetch_stcode, 0, NULL, SMP_T_SINT, SMP_USE_HRSHP },
{ "unique-id", smp_fetch_uniqueid, 0, NULL, SMP_T_STR, SMP_SRC_L4SRV },
{ "url", smp_fetch_url, 0, NULL, SMP_T_STR, SMP_USE_HRQHV },
{ "url32", smp_fetch_url32, 0, NULL, SMP_T_SINT, SMP_USE_HRQHV },
{ "url32+src", smp_fetch_url32_src, 0, NULL, SMP_T_BIN, SMP_USE_HRQHV },
{ "url_ip", smp_fetch_url_ip, 0, NULL, SMP_T_IPV4, SMP_USE_HRQHV },
{ "url_port", smp_fetch_url_port, 0, NULL, SMP_T_SINT, SMP_USE_HRQHV },
MINOR: http_fetch: Add case-insensitive argument for url_param/urlp_val This commit adds a new optional argument to smp_fetch_url_param and smp_fetch_url_param_val that makes the parameter key comparison case-insensitive. Now users can retrieve URL parameters regardless of their case, allowing to match parameters in case insensitive application. Doc was updated.
2023-03-28 09:06:05 -04:00
{ "url_param", smp_fetch_url_param, ARG3(0,STR,STR,STR), NULL, SMP_T_STR, SMP_USE_HRQHV },
{ "urlp" , smp_fetch_url_param, ARG3(0,STR,STR,STR), NULL, SMP_T_STR, SMP_USE_HRQHV },
{ "urlp_val", smp_fetch_url_param_val, ARG3(0,STR,STR,STR), NULL, SMP_T_SINT, SMP_USE_HRQHV },
MINOR: checks: Add support of HTTP response sample fetches HTPP sample fetches acting on the response can now be called from any sample expression or log-format string in a tcp-check based ruleset. To avoid any ambiguities, all these sample fetches are in the check scope, for instance check.hdr() or check.cook().
2020-04-30 05:30:00 -04:00
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
{ /* END */ },
}};
MEDIUM: init: convert all trivial registration calls to initcalls This switches explicit calls to various trivial registration methods for keywords, muxes or protocols from constructors to INITCALL1 at stage STG_REGISTER. All these calls have in common to consume a single pointer and return void. Doing this removes 26 constructors. The following calls were addressed : - acl_register_keywords - bind_register_keywords - cfg_register_keywords - cli_register_kw - flt_register_keywords - http_req_keywords_register - http_res_keywords_register - protocol_register - register_mux_proto - sample_register_convs - sample_register_fetches - srv_register_keywords - tcp_req_conn_keywords_register - tcp_req_cont_keywords_register - tcp_req_sess_keywords_register - tcp_res_cont_keywords_register - flt_register_keywords
2018-11-25 13:14:37 -05:00
INITCALL1(STG_REGISTER, sample_register_fetches, &sample_fetch_keywords);
REORG: http: move the code to different files The current proto_http.c file is huge and contains different processing domains making it very difficult to work on an alternative representation. This commit moves some parts to other files : - ACL registration code => http_acl.c This code only creates some ACL mappings and doesn't know anything about HTTP nor about the representation. This code could even have moved to acl.c but it was not worth polluting it again. - HTTP sample conversion => http_conv.c This code doesn't depend on the internal representation but definitely manipulates some HTTP elements, such as dates. It also has access to captures. - HTTP sample fetching => http_fetch.c This code does depend entirely on the internal representation but is totally independent on the analysers. Placing it into a different file will ease the transition to the new representation and the creation of a wrapper if required. An include file was created due to CHECK_HTTP_MESSAGE_FIRST() being used at various places. - HTTP action registration => http_act.c This code doesn't directly interact with the messages nor the transaction but it does so via some exported http functions like http_replace_req_line() or http_set_status() so it will be easier to change only this after the conversion. - a few very generic parts were found and moved to http.{c,h} as relevant. It is worth noting that the functions moved to these new files are not referenced anywhere outside of the files and are only called as registered callbacks, so these files do not even require associated include files.
2018-10-02 10:01:16 -04:00
/*
* Local variables:
* c-indent-level: 8
* c-basic-offset: 8
* End:
*/
Reference in a new issue Copy permalink