Apache HTTPD
mod_request.c
Go to the documentation of this file.
1/* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17/*
18 * mod_request.c --- HTTP routines to set aside or process request bodies.
19 */
20
21#include "apr.h"
22#include "apr_strings.h"
23#include "apr_buckets.h"
24#include "apr_lib.h"
25
26#include "ap_config.h"
27#include "httpd.h"
28#include "http_config.h"
29#include "http_protocol.h"
30#include "http_log.h" /* For errors detected in basic auth common
31 * support code... */
32#include "http_request.h"
33
34#include "mod_request.h"
35
36/* Handles for core filters */
37static ap_filter_rec_t *keep_body_input_filter_handle;
38static ap_filter_rec_t *kept_body_input_filter_handle;
39
40static apr_status_t bail_out_on_error(apr_bucket_brigade *bb,
41 ap_filter_t *f,
42 int http_error)
43{
44 apr_bucket *e;
45
46 apr_brigade_cleanup(bb);
47 e = ap_bucket_error_create(http_error,
48 NULL, f->r->pool,
49 f->c->bucket_alloc);
50 APR_BRIGADE_INSERT_TAIL(bb, e);
51 e = apr_bucket_eos_create(f->c->bucket_alloc);
52 APR_BRIGADE_INSERT_TAIL(bb, e);
53 return ap_pass_brigade(f->r->output_filters, bb);
54}
55
60
65static apr_status_t keep_body_filter(ap_filter_t *f, apr_bucket_brigade *b,
66 ap_input_mode_t mode,
67 apr_read_type_e block,
68 apr_off_t readbytes)
69{
70 apr_bucket *e;
71 keep_body_ctx_t *ctx = f->ctx;
72 apr_status_t rv;
73 apr_bucket *bucket;
74 apr_off_t len = 0;
75
76 if (!ctx) {
77 const char *lenp;
78 request_dir_conf *dconf = ap_get_module_config(f->r->per_dir_config,
79 &request_module);
80
81 /* must we step out of the way? */
82 if (!dconf->keep_body || f->r->kept_body) {
83 ap_remove_input_filter(f);
84 return ap_get_brigade(f->next, b, mode, block, readbytes);
85 }
86
87 f->ctx = ctx = apr_pcalloc(f->r->pool, sizeof(*ctx));
88
89 /* fail fast if the content length exceeds keep body */
90 lenp = apr_table_get(f->r->headers_in, "Content-Length");
91 if (lenp) {
92
93 /* Protects against over/underflow, non-digit chars in the
94 * string, leading plus/minus signs, trailing characters and
95 * a negative number.
96 */
97 if (!ap_parse_strict_length(&ctx->remaining, lenp)) {
98 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, f->r, APLOGNO(01411)
99 "Invalid Content-Length '%s'", lenp);
100
101 ap_remove_input_filter(f);
102 return bail_out_on_error(b, f, HTTP_REQUEST_ENTITY_TOO_LARGE);
103 }
104
105 /* If we have a limit in effect and we know the C-L ahead of
106 * time, stop it here if it is invalid.
107 */
108 if (dconf->keep_body < ctx->remaining) {
109 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, f->r, APLOGNO(01412)
110 "Requested content-length of %" APR_OFF_T_FMT
111 " is larger than the configured limit"
112 " of %" APR_OFF_T_FMT, ctx->remaining, dconf->keep_body);
113 ap_remove_input_filter(f);
114 return bail_out_on_error(b, f, HTTP_REQUEST_ENTITY_TOO_LARGE);
115 }
116
117 }
118
119 f->r->kept_body = apr_brigade_create(f->r->pool, f->r->connection->bucket_alloc);
120 ctx->remaining = dconf->keep_body;
121 }
122
123 /* get the brigade from upstream, and read it in to get its length */
124 rv = ap_get_brigade(f->next, b, mode, block, readbytes);
125 if (rv == APR_SUCCESS) {
126 rv = apr_brigade_length(b, 1, &len);
127 }
128
129 /* does the length take us over the limit? */
130 if (APR_SUCCESS == rv && len > ctx->remaining) {
131 if (f->r->kept_body) {
132 apr_brigade_cleanup(f->r->kept_body);
133 f->r->kept_body = NULL;
134 }
135 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, f->r, APLOGNO(01413)
136 "Requested content-length of %" APR_OFF_T_FMT
137 " is larger than the configured limit"
138 " of %" APR_OFF_T_FMT, len, ctx->keep_body);
139 return bail_out_on_error(b, f, HTTP_REQUEST_ENTITY_TOO_LARGE);
140 }
141 ctx->remaining -= len;
142
143 /* pass any errors downstream */
144 if (rv != APR_SUCCESS) {
145 if (f->r->kept_body) {
146 apr_brigade_cleanup(f->r->kept_body);
147 f->r->kept_body = NULL;
148 }
149 return rv;
150 }
151
152 /* all is well, set aside the buckets */
153 for (bucket = APR_BRIGADE_FIRST(b);
154 bucket != APR_BRIGADE_SENTINEL(b);
155 bucket = APR_BUCKET_NEXT(bucket))
156 {
157 apr_bucket_copy(bucket, &e);
158 APR_BRIGADE_INSERT_TAIL(f->r->kept_body, e);
159 }
160
161 return APR_SUCCESS;
162}
163
164
169
177static int kept_body_filter_init(ap_filter_t *f)
178{
179 apr_off_t length = 0;
180 request_rec *r = f->r;
181 apr_bucket_brigade *kept_body = r->kept_body;
182
183 if (kept_body) {
184 apr_table_unset(r->headers_in, "Transfer-Encoding");
185 apr_brigade_length(kept_body, 1, &length);
186 apr_table_setn(r->headers_in, "Content-Length", apr_off_t_toa(r->pool, length));
187 }
188
189 return OK;
190}
191
198static apr_status_t kept_body_filter(ap_filter_t *f, apr_bucket_brigade *b,
199 ap_input_mode_t mode,
200 apr_read_type_e block,
201 apr_off_t readbytes)
202{
203 request_rec *r = f->r;
204 apr_bucket_brigade *kept_body = r->kept_body;
205 kept_body_ctx_t *ctx = f->ctx;
206 apr_bucket *ec, *e2;
207 apr_status_t rv;
208
209 /* just get out of the way of things we don't want. */
210 if (!kept_body || (mode != AP_MODE_READBYTES && mode != AP_MODE_GETLINE)) {
211 return ap_get_brigade(f->next, b, mode, block, readbytes);
212 }
213
214 /* set up the context if it does not already exist */
215 if (!ctx) {
216 f->ctx = ctx = apr_palloc(f->r->pool, sizeof(*ctx));
217 ctx->offset = 0;
218 apr_brigade_length(kept_body, 1, &ctx->remaining);
219 }
220
221 /* kept_body is finished, send next filter */
222 if (ctx->remaining <= 0) {
223 return ap_get_brigade(f->next, b, mode, block, readbytes);
224 }
225
226 /* send all of the kept_body, but no more */
227 if (readbytes > ctx->remaining) {
228 readbytes = ctx->remaining;
229 }
230
231 /* send part of the kept_body */
232 if ((rv = apr_brigade_partition(kept_body, ctx->offset, &ec)) != APR_SUCCESS) {
233 ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(01414)
234 "apr_brigade_partition() failed on kept_body at %" APR_OFF_T_FMT, ctx->offset);
235 return rv;
236 }
237 if ((rv = apr_brigade_partition(kept_body, ctx->offset + readbytes, &e2)) != APR_SUCCESS) {
238 ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(01415)
239 "apr_brigade_partition() failed on kept_body at %" APR_OFF_T_FMT, ctx->offset + readbytes);
240 return rv;
241 }
242
243 do {
244 apr_bucket *foo;
245 const char *str;
246 apr_size_t len;
247
248 if (apr_bucket_copy(ec, &foo) != APR_SUCCESS) {
249 /* As above; this should not fail since the bucket has
250 * a known length, but just to be sure, this takes
251 * care of uncopyable buckets that do somehow manage
252 * to slip through. */
253 /* XXX: check for failure? */
254 apr_bucket_read(ec, &str, &len, APR_BLOCK_READ);
255 apr_bucket_copy(ec, &foo);
256 }
257 APR_BRIGADE_INSERT_TAIL(b, foo);
258 ec = APR_BUCKET_NEXT(ec);
259 } while (ec != e2);
260
261 ctx->remaining -= readbytes;
262 ctx->offset += readbytes;
263
264 return APR_SUCCESS;
265}
266
270static int request_is_filter_present(request_rec * r, ap_filter_rec_t *fn)
271{
272 ap_filter_t * f = r->input_filters;
273 while (f) {
274 if (f->frec == fn) {
275 return 1;
276 }
277 f = f->next;
278 }
279 return 0;
280}
281
311
312/*
313 * Remove the kept_body and keep_body filters from this specific request.
314 */
315static void ap_request_remove_filter(request_rec *r)
316{
317 ap_filter_t *f = r->input_filters;
318
319 while (f) {
320 if (f->frec->filter_func.in_func == kept_body_filter ||
321 f->frec->filter_func.in_func == keep_body_filter) {
322 ap_remove_input_filter(f);
323 }
324 f = f->next;
325 }
326}
327
328static void *create_request_dir_config(apr_pool_t *p, char *dummy)
329{
330 request_dir_conf *new =
331 (request_dir_conf *) apr_pcalloc(p, sizeof(request_dir_conf));
332
333 new->keep_body_set = 0; /* unset */
334 new->keep_body = 0; /* don't by default */
335
336 return (void *) new;
337}
338
339static void *merge_request_dir_config(apr_pool_t *p, void *basev, void *addv)
340{
341 request_dir_conf *new = (request_dir_conf *) apr_pcalloc(p, sizeof(request_dir_conf));
342 request_dir_conf *add = (request_dir_conf *) addv;
343 request_dir_conf *base = (request_dir_conf *) basev;
344
345 new->keep_body = (add->keep_body_set == 0) ? base->keep_body : add->keep_body;
346 new->keep_body_set = add->keep_body_set || base->keep_body_set;
347
348 return new;
349}
350
351static const char *set_kept_body_size(cmd_parms *cmd, void *dconf,
352 const char *arg)
353{
354 request_dir_conf *conf = dconf;
355 char *end = NULL;
356
357 if (APR_SUCCESS != apr_strtoff(&(conf->keep_body), arg, &end, 10)
358 || conf->keep_body < 0 || *end) {
359 return "KeptBodySize must be a valid size in bytes, or zero.";
360 }
361 conf->keep_body_set = 1;
362
363 return NULL;
364}
365
366static const command_rec request_cmds[] = {
367 AP_INIT_TAKE1("KeptBodySize", set_kept_body_size, NULL, ACCESS_CONF,
368 "Maximum size of request bodies kept aside for use by filters"),
369 { NULL }
370};
371
384
385AP_DECLARE_MODULE(request) = {
386 STANDARD20_MODULE_STUFF,
387 create_request_dir_config, /* create per-directory config structure */
388 merge_request_dir_config, /* merge per-directory config structures */
389 NULL, /* create per-server config structure */
390 NULL, /* merge per-server config structures */
391 request_cmds, /* command apr_table_t */
392 register_hooks /* register hooks */
393};
ap_config.h
Symbol export macros and hook functions.
len
const char apr_size_t len
Definition ap_regex.h:187
apr_buckets.h
APR-UTIL Buckets/Bucket Brigades.
apr_lib.h
APR general purpose library routines.
apr_strings.h
APR Strings library.
AP_INIT_TAKE1
#define AP_INIT_TAKE1(directive, func, mconfig, where, help)
Definition http_config.h:176
ap_get_module_config
#define ap_get_module_config(v, m)
Definition http_config.h:550
AP_DECLARE_MODULE
#define AP_DECLARE_MODULE(foo)
Definition http_config.h:464
base
ap_conf_vector_t * base
Definition http_config.h:1125
r
request_rec * r
Definition http_config.h:1168
OK
#define OK
Definition httpd.h:456
ap_remove_input_filter
void ap_remove_input_filter(ap_filter_t *f)
Definition util_filter.c:468
ap_pass_brigade
apr_status_t ap_pass_brigade(ap_filter_t *filter, apr_bucket_brigade *bucket)
Definition util_filter.c:564
ap_add_input_filter_handle
ap_filter_t * ap_add_input_filter_handle(ap_filter_rec_t *f, void *ctx, request_rec *r, conn_rec *c)
Definition util_filter.c:417
ap_register_input_filter
apr_status_t ap_filter_rec_t * ap_register_input_filter(const char *name, ap_in_filter_func filter_func, ap_init_filter_func filter_init, ap_filter_type ftype)
Definition util_filter.c:246
ap_get_brigade
apr_status_t ap_get_brigade(ap_filter_t *filter, apr_bucket_brigade *bucket, ap_input_mode_t mode, apr_read_type_e block, apr_off_t readbytes)
Definition util_filter.c:546
AP_FTYPE_RESOURCE
@ AP_FTYPE_RESOURCE
Definition util_filter.h:161
APLOGNO
#define APLOGNO(n)
Definition http_log.h:117
ap_log_rerror
#define ap_log_rerror
Definition http_log.h:454
APLOG_ERR
#define APLOG_ERR
Definition http_log.h:67
APLOG_MARK
#define APLOG_MARK
Definition http_log.h:283
ap_bucket_error_create
apr_bucket * ap_bucket_error_create(int error, const char *buf, apr_pool_t *p, apr_bucket_alloc_t *list)
Definition error_bucket.c:55
ap_hook_insert_filter
void ap_hook_insert_filter(ap_HOOK_insert_filter_t *pf, const char *const *aszPre, const char *const *aszSucc, int nOrder)
Definition request.c:96
dummy
void * dummy
Definition http_vhost.h:62
arg
void const char * arg
Definition http_vhost.h:63
f
apr_file_t * f
Definition apr_buckets.h:927
APR_BRIGADE_INSERT_TAIL
#define APR_BRIGADE_INSERT_TAIL(b, e)
Definition apr_buckets.h:369
APR_BUCKET_NEXT
#define APR_BUCKET_NEXT(e)
Definition apr_buckets.h:422
apr_read_type_e
apr_read_type_e
Definition apr_buckets.h:57
e
apr_bucket * e
Definition apr_buckets.h:699
APR_BRIGADE_SENTINEL
#define APR_BRIGADE_SENTINEL(b)
Definition apr_buckets.h:331
ctx
apr_brigade_flush void * ctx
Definition apr_buckets.h:802
apr_bucket_copy
#define apr_bucket_copy(e, c)
Definition apr_buckets.h:1116
APR_BRIGADE_FIRST
#define APR_BRIGADE_FIRST(b)
Definition apr_buckets.h:345
apr_bucket_read
#define apr_bucket_read(e, str, len, block)
Definition apr_buckets.h:1089
length
int apr_off_t * length
Definition apr_buckets.h:742
APR_BLOCK_READ
@ APR_BLOCK_READ
Definition apr_buckets.h:58
mode
apr_dbd_transaction_t int mode
Definition apr_dbd.h:261
APR_HOOK_LAST
#define APR_HOOK_LAST
Definition apr_hooks.h:305
APR_REGISTER_OPTIONAL_FN
#define APR_REGISTER_OPTIONAL_FN(name)
Definition apr_optional.h:70
ACCESS_CONF
#define ACCESS_CONF
Definition http_config.h:240
HTTP_REQUEST_ENTITY_TOO_LARGE
#define HTTP_REQUEST_ENTITY_TOO_LARGE
Definition httpd.h:521
KEEP_BODY_FILTER
#define KEEP_BODY_FILTER
Definition mod_request.h:44
KEPT_BODY_FILTER
#define KEPT_BODY_FILTER
Definition mod_request.h:45
STANDARD20_MODULE_STUFF
#define STANDARD20_MODULE_STUFF
Definition http_config.h:486
ap_parse_strict_length
int ap_parse_strict_length(apr_off_t *len, const char *str)
Definition util.c:2683
size
apr_size_t size
Definition apr_allocator.h:115
APR_SUCCESS
#define APR_SUCCESS
Definition apr_errno.h:225
apr_status_t
int apr_status_t
Definition apr_errno.h:44
b
apr_pool_t * b
Definition apr_pools.h:529
apr_pcalloc
#define apr_pcalloc(p, size)
Definition apr_pools.h:465
end
const char char ** end
Definition apr_strings.h:336
cmd
apr_cmdtype_e cmd
Definition apr_thread_proc.h:495
http_config.h
Apache Configuration.
http_log.h
Apache Logging library.
http_protocol.h
HTTP protocol handling.
http_request.h
Apache Request library.
httpd.h
HTTP Daemon routines.
p
apr_pool_t * p
Definition md_event.c:32
keep_body_input_filter_handle
static ap_filter_rec_t * keep_body_input_filter_handle
Definition mod_request.c:37
bail_out_on_error
static apr_status_t bail_out_on_error(apr_bucket_brigade *bb, ap_filter_t *f, int http_error)
Definition mod_request.c:40
keep_body_filter
static apr_status_t keep_body_filter(ap_filter_t *f, apr_bucket_brigade *b, ap_input_mode_t mode, apr_read_type_e block, apr_off_t readbytes)
Definition mod_request.c:65
kept_body_ctx_t
struct kept_body_filter_ctx kept_body_ctx_t
request_is_filter_present
static int request_is_filter_present(request_rec *r, ap_filter_rec_t *fn)
Definition mod_request.c:270
kept_body_filter
static apr_status_t kept_body_filter(ap_filter_t *f, apr_bucket_brigade *b, ap_input_mode_t mode, apr_read_type_e block, apr_off_t readbytes)
Definition mod_request.c:198
create_request_dir_config
static void * create_request_dir_config(apr_pool_t *p, char *dummy)
Definition mod_request.c:328
set_kept_body_size
static const char * set_kept_body_size(cmd_parms *cmd, void *dconf, const char *arg)
Definition mod_request.c:351
register_hooks
static void register_hooks(apr_pool_t *p)
Definition mod_request.c:372
ap_request_insert_filter
static void ap_request_insert_filter(request_rec *r)
Definition mod_request.c:293
keep_body_ctx_t
struct keep_body_filter_ctx keep_body_ctx_t
merge_request_dir_config
static void * merge_request_dir_config(apr_pool_t *p, void *basev, void *addv)
Definition mod_request.c:339
kept_body_input_filter_handle
static ap_filter_rec_t * kept_body_input_filter_handle
Definition mod_request.c:38
ap_request_remove_filter
static void ap_request_remove_filter(request_rec *r)
Definition mod_request.c:315
request_cmds
static const command_rec request_cmds[]
Definition mod_request.c:366
kept_body_filter_init
static int kept_body_filter_init(ap_filter_t *f)
Definition mod_request.c:177
mod_request.h
mod_request private header file
NULL
return NULL
Definition mod_so.c:359
ap_filter_rec_t
This structure is used for recording information about the registered filters. It associates a name w...
Definition util_filter.h:215
ap_filter_t
The representation of a filter chain.
Definition util_filter.h:259
apr_bucket_brigade
Definition apr_buckets.h:258
apr_bucket
Definition apr_buckets.h:224
apr_file_t::pool
apr_pool_t * pool
Definition apr_arch_file_io.h:98
apr_pool_t
Definition apr_pools.c:562
cmd_parms_struct
Definition http_config.h:288
command_struct
Definition http_config.h:204
keep_body_filter_ctx
Definition mod_request.c:56
keep_body_filter_ctx::keep_body
apr_off_t keep_body
Definition mod_request.c:58
keep_body_filter_ctx::remaining
apr_off_t remaining
Definition mod_request.c:57
kept_body_filter_ctx
Definition mod_request.c:165
kept_body_filter_ctx::offset
apr_off_t offset
Definition mod_request.c:166
kept_body_filter_ctx::remaining
apr_off_t remaining
Definition mod_request.c:167
request_dir_conf
Definition mod_request.h:50
request_dir_conf::keep_body
apr_off_t keep_body
Definition mod_request.h:51
request_dir_conf::keep_body_set
int keep_body_set
Definition mod_request.h:52
request_rec
A structure that represents the current request.
Definition httpd.h:845
request_rec::pool
apr_pool_t * pool
Definition httpd.h:847
request_rec::connection
conn_rec * connection
Definition httpd.h:849
request_rec::kept_body
apr_bucket_brigade * kept_body
Definition httpd.h:953
request_rec::input_filters
struct ap_filter_t * input_filters
Definition httpd.h:1072
request_rec::headers_in
apr_table_t * headers_in
Definition httpd.h:976
request_rec::per_dir_config
struct ap_conf_vector_t * per_dir_config
Definition httpd.h:1047
str
#define str
Definition util_expr_scan.c:617
ap_input_mode_t
ap_input_mode_t
input filtering modes
Definition util_filter.h:41
AP_MODE_READBYTES
@ AP_MODE_READBYTES
Definition util_filter.h:43
AP_MODE_GETLINE
@ AP_MODE_GETLINE
Definition util_filter.h:48
Generated by doxygen 1.9.8