search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[core] option to stream request body to backend (fixes #376)
[lighttpd.git] / src / connections-glue.c
blob3f4b4738626debf37d72e39189896dc1ed1385e7
1 #include "first.h"
2
3 #include "base.h"
4 #include "connections.h"
5 #include "joblist.h"
6 #include "log.h"
7
8 #include <errno.h>
9
10 #ifdef USE_OPENSSL
11 # include <openssl/ssl.h>
12 # include <openssl/err.h>
13 #endif
14
15 const char *connection_get_state(connection_state_t state) {
16 switch (state) {
17 case CON_STATE_CONNECT: return "connect";
18 case CON_STATE_READ: return "read";
19 case CON_STATE_READ_POST: return "readpost";
20 case CON_STATE_WRITE: return "write";
21 case CON_STATE_CLOSE: return "close";
22 case CON_STATE_ERROR: return "error";
23 case CON_STATE_HANDLE_REQUEST: return "handle-req";
24 case CON_STATE_REQUEST_START: return "req-start";
25 case CON_STATE_REQUEST_END: return "req-end";
26 case CON_STATE_RESPONSE_START: return "resp-start";
27 case CON_STATE_RESPONSE_END: return "resp-end";
28 default: return "(unknown)";
29 }
30 }
31
32 const char *connection_get_short_state(connection_state_t state) {
33 switch (state) {
34 case CON_STATE_CONNECT: return ".";
35 case CON_STATE_READ: return "r";
36 case CON_STATE_READ_POST: return "R";
37 case CON_STATE_WRITE: return "W";
38 case CON_STATE_CLOSE: return "C";
39 case CON_STATE_ERROR: return "E";
40 case CON_STATE_HANDLE_REQUEST: return "h";
41 case CON_STATE_REQUEST_START: return "q";
42 case CON_STATE_REQUEST_END: return "Q";
43 case CON_STATE_RESPONSE_START: return "s";
44 case CON_STATE_RESPONSE_END: return "S";
45 default: return "x";
46 }
47 }
48
49 int connection_set_state(server *srv, connection *con, connection_state_t state) {
50 UNUSED(srv);
51
52 con->state = state;
53
54 return 0;
55 }
56
57 #if 0
58 static void dump_packet(const unsigned char *data, size_t len) {
59 size_t i, j;
60
61 if (len == 0) return;
62
63 for (i = 0; i < len; i++) {
64 if (i % 16 == 0) fprintf(stderr, " ");
65
66 fprintf(stderr, "%02x ", data[i]);
67
68 if ((i + 1) % 16 == 0) {
69 fprintf(stderr, " ");
70 for (j = 0; j <= i % 16; j++) {
71 unsigned char c;
72
73 if (i-15+j >= len) break;
74
75 c = data[i-15+j];
76
77 fprintf(stderr, "%c", c > 32 && c < 128 ? c : '.');
78 }
79
80 fprintf(stderr, "\n");
81 }
82 }
83
84 if (len % 16 != 0) {
85 for (j = i % 16; j < 16; j++) {
86 fprintf(stderr, " ");
87 }
88
89 fprintf(stderr, " ");
90 for (j = i & ~0xf; j < len; j++) {
91 unsigned char c;
92
93 c = data[j];
94 fprintf(stderr, "%c", c > 32 && c < 128 ? c : '.');
95 }
96 fprintf(stderr, "\n");
97 }
98 }
99 #endif
100
101 static int connection_handle_read_ssl(server *srv, connection *con) {
102 #ifdef USE_OPENSSL
103 int r, ssl_err, len, count = 0;
104 char *mem = NULL;
105 size_t mem_len = 0;
106
107 if (!con->srv_socket->is_ssl) return -1;
108
109 ERR_clear_error();
110 do {
111 chunkqueue_get_memory(con->read_queue, &mem, &mem_len, 0, SSL_pending(con->ssl));
112 #if 0
113 /* overwrite everything with 0 */
114 memset(mem, 0, mem_len);
115 #endif
116
117 len = SSL_read(con->ssl, mem, mem_len);
118 chunkqueue_use_memory(con->read_queue, len > 0 ? len : 0);
119
120 if (con->renegotiations > 1 && con->conf.ssl_disable_client_renegotiation) {
121 log_error_write(srv, __FILE__, __LINE__, "s", "SSL: renegotiation initiated by client, killing connection");
122 connection_set_state(srv, con, CON_STATE_ERROR);
123 return -1;
124 }
125
126 if (len > 0) {
127 con->bytes_read += len;
128 count += len;
129 }
130 } while (len == (ssize_t) mem_len && count < MAX_READ_LIMIT);
131
132
133 if (len < 0) {
134 int oerrno = errno;
135 switch ((r = SSL_get_error(con->ssl, len))) {
136 case SSL_ERROR_WANT_READ:
137 case SSL_ERROR_WANT_WRITE:
138 con->is_readable = 0;
139
140 /* the manual says we have to call SSL_read with the same arguments next time.
141 * we ignore this restriction; no one has complained about it in 1.5 yet, so it probably works anyway.
142 */
143
144 return 0;
145 case SSL_ERROR_SYSCALL:
146 /**
147 * man SSL_get_error()
148 *
149 * SSL_ERROR_SYSCALL
150 * Some I/O error occurred. The OpenSSL error queue may contain more
151 * information on the error. If the error queue is empty (i.e.
152 * ERR_get_error() returns 0), ret can be used to find out more about
153 * the error: If ret == 0, an EOF was observed that violates the
154 * protocol. If ret == -1, the underlying BIO reported an I/O error
155 * (for socket I/O on Unix systems, consult errno for details).
156 *
157 */
158 while((ssl_err = ERR_get_error())) {
159 /* get all errors from the error-queue */
160 log_error_write(srv, __FILE__, __LINE__, "sds", "SSL:",
161 r, ERR_error_string(ssl_err, NULL));
162 }
163
164 switch(oerrno) {
165 default:
166 log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL:",
167 len, r, oerrno,
168 strerror(oerrno));
169 break;
170 }
171
172 break;
173 case SSL_ERROR_ZERO_RETURN:
174 /* clean shutdown on the remote side */
175
176 if (r == 0) {
177 /* FIXME: later */
178 }
179
180 /* fall thourgh */
181 default:
182 while((ssl_err = ERR_get_error())) {
183 switch (ERR_GET_REASON(ssl_err)) {
184 case SSL_R_SSL_HANDSHAKE_FAILURE:
185 #ifdef SSL_R_TLSV1_ALERT_UNKNOWN_CA
186 case SSL_R_TLSV1_ALERT_UNKNOWN_CA:
187 #endif
188 #ifdef SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN
189 case SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN:
190 #endif
191 #ifdef SSL_R_SSLV3_ALERT_BAD_CERTIFICATE
192 case SSL_R_SSLV3_ALERT_BAD_CERTIFICATE:
193 #endif
194 if (!con->conf.log_ssl_noise) continue;
195 break;
196 default:
197 break;
198 }
199 /* get all errors from the error-queue */
200 log_error_write(srv, __FILE__, __LINE__, "sds", "SSL:",
201 r, ERR_error_string(ssl_err, NULL));
202 }
203 break;
204 }
205
206 connection_set_state(srv, con, CON_STATE_ERROR);
207
208 return -1;
209 } else if (len == 0) {
210 con->is_readable = 0;
211 /* the other end close the connection -> KEEP-ALIVE */
212
213 return -2;
214 } else {
215 joblist_append(srv, con);
216 }
217
218 return 0;
219 #else
220 UNUSED(srv);
221 UNUSED(con);
222 return -1;
223 #endif
224 }
225
226 /* 0: everything ok, -1: error, -2: con closed */
227 int connection_handle_read(server *srv, connection *con) {
228 int len;
229 char *mem = NULL;
230 size_t mem_len = 0;
231 int toread;
232
233 if (con->srv_socket->is_ssl) {
234 return connection_handle_read_ssl(srv, con);
235 }
236
237 /* default size for chunks is 4kb; only use bigger chunks if FIONREAD tells
238 * us more than 4kb is available
239 * if FIONREAD doesn't signal a big chunk we fill the previous buffer
240 * if it has >= 1kb free
241 */
242 #if defined(__WIN32)
243 chunkqueue_get_memory(con->read_queue, &mem, &mem_len, 0, 4096);
244
245 len = recv(con->fd, mem, mem_len, 0);
246 #else /* __WIN32 */
247 if (ioctl(con->fd, FIONREAD, &toread) || toread == 0 || toread <= 4*1024) {
248 toread = 4096;
249 }
250 else if (toread > MAX_READ_LIMIT) {
251 toread = MAX_READ_LIMIT;
252 }
253 chunkqueue_get_memory(con->read_queue, &mem, &mem_len, 0, toread);
254
255 len = read(con->fd, mem, mem_len);
256 #endif /* __WIN32 */
257
258 chunkqueue_use_memory(con->read_queue, len > 0 ? len : 0);
259
260 if (len < 0) {
261 con->is_readable = 0;
262
263 #if defined(__WIN32)
264 {
265 int lastError = WSAGetLastError();
266 switch (lastError) {
267 case EAGAIN:
268 return 0;
269 case EINTR:
270 /* we have been interrupted before we could read */
271 con->is_readable = 1;
272 return 0;
273 case ECONNRESET:
274 /* suppress logging for this error, expected for keep-alive */
275 break;
276 default:
277 log_error_write(srv, __FILE__, __LINE__, "sd", "connection closed - recv failed: ", lastError);
278 break;
279 }
280 }
281 #else /* __WIN32 */
282 switch (errno) {
283 case EAGAIN:
284 return 0;
285 case EINTR:
286 /* we have been interrupted before we could read */
287 con->is_readable = 1;
288 return 0;
289 case ECONNRESET:
290 /* suppress logging for this error, expected for keep-alive */
291 break;
292 default:
293 log_error_write(srv, __FILE__, __LINE__, "ssd", "connection closed - read failed: ", strerror(errno), errno);
294 break;
295 }
296 #endif /* __WIN32 */
297
298 connection_set_state(srv, con, CON_STATE_ERROR);
299
300 return -1;
301 } else if (len == 0) {
302 con->is_readable = 0;
303 /* the other end close the connection -> KEEP-ALIVE */
304
305 /* pipelining */
306
307 return -2;
308 } else if (len != (ssize_t) mem_len) {
309 /* we got less then expected, wait for the next fd-event */
310
311 con->is_readable = 0;
312 }
313
314 con->bytes_read += len;
315 #if 0
316 dump_packet(b->ptr, len);
317 #endif
318
319 return 0;
320 }
321
322 handler_t connection_handle_read_post_state(server *srv, connection *con) {
323 chunkqueue *cq = con->read_queue;
324 chunkqueue *dst_cq = con->request_content_queue;
325
326 int is_closed = 0;
327
328 if (con->is_readable) {
329 con->read_idle_ts = srv->cur_ts;
330
331 switch(connection_handle_read(srv, con)) {
332 case -1:
333 return HANDLER_ERROR;
334 case -2:
335 is_closed = 1;
336 break;
337 default:
338 break;
339 }
340 }
341
342 chunkqueue_remove_finished_chunks(cq);
343
344 if (con->request.content_length <= 64*1024) {
345 /* don't buffer request bodies <= 64k on disk */
346 chunkqueue_steal(dst_cq, cq, (off_t)con->request.content_length - dst_cq->bytes_in);
347 }
348 else if (0 != chunkqueue_steal_with_tempfiles(srv, dst_cq, cq, (off_t)con->request.content_length - dst_cq->bytes_in)) {
349 /* writing to temp file failed */
350 con->http_status = 500; /* Internal Server Error */
351 con->keep_alive = 0;
352 con->mode = DIRECT;
353 chunkqueue_reset(con->write_queue);
354
355 return HANDLER_FINISHED;
356 }
357
358 chunkqueue_remove_finished_chunks(cq);
359
360 if (dst_cq->bytes_in == (off_t)con->request.content_length) {
361 /* Content is ready */
362 con->conf.stream_request_body &= ~FDEVENT_STREAM_REQUEST_POLLIN;
363 if (con->state == CON_STATE_READ_POST) {
364 connection_set_state(srv, con, CON_STATE_HANDLE_REQUEST);
365 }
366 return HANDLER_GO_ON;
367 } else if (is_closed) {
368 #if 0
369 con->http_status = 400; /* Bad Request */
370 con->keep_alive = 0;
371 con->mode = DIRECT;
372 chunkqueue_reset(con->write_queue);
373
374 return HANDLER_FINISHED;
375 #endif
376 return HANDLER_ERROR;
377 } else {
378 con->conf.stream_request_body |= FDEVENT_STREAM_REQUEST_POLLIN;
379 return (con->conf.stream_request_body & FDEVENT_STREAM_REQUEST)
380 ? HANDLER_GO_ON
381 : HANDLER_WAIT_FOR_EVENT;
382 }
383 }
A fast webserver with minimal memory-footprint (lighttpd)