varnish-cache/bin/varnishd/cache/cache_vrt.c
0
/*-
1
 * Copyright (c) 2006 Verdens Gang AS
2
 * Copyright (c) 2006-2015 Varnish Software AS
3
 * All rights reserved.
4
 *
5
 * Author: Poul-Henning Kamp <phk@phk.freebsd.dk>
6
 *
7
 * SPDX-License-Identifier: BSD-2-Clause
8
 *
9
 * Redistribution and use in source and binary forms, with or without
10
 * modification, are permitted provided that the following conditions
11
 * are met:
12
 * 1. Redistributions of source code must retain the above copyright
13
 *    notice, this list of conditions and the following disclaimer.
14
 * 2. Redistributions in binary form must reproduce the above copyright
15
 *    notice, this list of conditions and the following disclaimer in the
16
 *    documentation and/or other materials provided with the distribution.
17
 *
18
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21
 * ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
22
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28
 * SUCH DAMAGE.
29
 *
30
 * Runtime support for compiled VCL programs
31
 */
32
33
#include "config.h"
34
35
#include <stdlib.h>
36
37
#include "cache_varnishd.h"
38
39
#include "cache_objhead.h"
40
#include "vav.h"
41
#include "vcl.h"
42
#include "vct.h"
43
#include "venc.h"
44
#include "vend.h"
45
#include "vrt_obj.h"
46
#include "vsa.h"
47
#include "vsha256.h"
48
#include "vtcp.h"
49
#include "vtim.h"
50
#include "vcc_interface.h"
51
52
#include "common/heritage.h"
53
#include "common/vsmw.h"
54
#include "proxy/cache_proxy.h"
55
56
// NOT using TOSTRANDS() to create a NULL pointer element despite n == 0
57
const struct strands *const vrt_null_strands = &(struct strands){
58
        .magic = STRANDS_MAGIC,
59
        .n = 0,
60
        .p = (const char *[1]){NULL}
61
};
62
const struct vrt_blob *const vrt_null_blob = &(struct vrt_blob){
63
        .magic = VRT_BLOB_MAGIC,
64
        .type = VRT_NULL_BLOB_TYPE,
65
        .len = 0,
66
        .blob = "\0"
67
};
68
69
/*--------------------------------------------------------------------*/
70
71
VCL_VOID
72 378
VRT_synth(VRT_CTX, VCL_INT code, VCL_STRING reason)
73
{
74
        const char *ret;
75
76 378
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
77 378
        assert(ctx->req != NULL || ctx->bo != NULL);
78
79 378
        ret = ctx->req == NULL ? "error" : "synth";
80 378
        if (code < 0) {
81 0
                VRT_fail(ctx, "return(%s()) status code (%jd) is negative",
82 0
                    ret, (intmax_t)code);
83 0
                return;
84
        }
85 378
        if (code > 65535) {
86 0
                VRT_fail(ctx, "return(%s()) status code (%jd) > 65535",
87 0
                    ret, (intmax_t)code);
88 0
                return;
89
        }
90 378
        if ((code % 1000) < 100) {
91 8
                VRT_fail(ctx,
92
                    "illegal return(%s()) status code (%jd) (..0##)",
93 4
                    ret, (intmax_t)code);
94 4
                return;
95
        }
96
97 374
        if (reason && !WS_Allocated(ctx->ws, reason, -1)) {
98 50
                reason = WS_Copy(ctx->ws, reason, -1);
99 50
                if (!reason) {
100 0
                        VRT_fail(ctx, "Workspace overflow");
101 0
                        return;
102
                }
103 50
        }
104
105 374
        if (ctx->req == NULL) {
106 17
                CHECK_OBJ_NOTNULL(ctx->bo, BUSYOBJ_MAGIC);
107 17
                ctx->bo->err_code = (uint16_t)code;
108 17
                ctx->bo->err_reason = reason ? reason
109 9
                    : http_Status2Reason(ctx->bo->err_code % 1000, NULL);
110 17
                return;
111
        }
112
113 357
        ctx->req->err_code = (uint16_t)code;
114 357
        ctx->req->err_reason = reason ? reason
115 256
            : http_Status2Reason(ctx->req->err_code % 1000, NULL);
116 378
}
117
118
/*--------------------------------------------------------------------*/
119
120
void
121 117
VPI_acl_log(VRT_CTX, const char *msg)
122
{
123
124 117
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
125 117
        AN(msg);
126 117
        if (ctx->vsl != NULL)
127 117
                VSLbs(ctx->vsl, SLT_VCL_acl, TOSTRAND(msg));
128
        else
129 0
                VSL(SLT_VCL_acl, NO_VXID, "%s", msg);
130 117
}
131
132
int
133 96492
VRT_acl_match(VRT_CTX, VCL_ACL acl, VCL_IP ip)
134
{
135
136 96492
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
137 96492
        if (acl == NULL || ip == NULL) {
138 6
                VRT_fail(ctx, "Cannot match a null %s",
139 3
                         acl == NULL ? "ACL" : "IP address");
140 3
                return (0);
141
        }
142 96489
        CHECK_OBJ(acl, VRT_ACL_MAGIC);
143 96489
        assert(VSA_Sane(ip));
144 96489
        return (acl->match(ctx, ip));
145 96492
}
146
147
static int
148 208
acl_tbl_cmp(int fam, const uint8_t *key, const uint8_t *b)
149
{
150
        int rv;
151
152 208
        rv = fam - (int)b[3];
153 208
        if (rv == 0 && b[1] > 0)
154 144
                rv = memcmp(key, b + 4, b[1]);
155 208
        if (rv == 0 && b[2])
156 118
                rv = (int)(key[b[1]] & b[2]) - (int)b[4 + b[1]];
157 208
        return (rv);
158
}
159
160
static const uint8_t *
161 96
bbsearch(int fam, const uint8_t *key, const uint8_t *base0,
162
    size_t nmemb, size_t size)
163
{
164 96
        const uint8_t *base = base0;
165
        size_t lim;
166
        int cmp;
167
        const uint8_t *p;
168
169 276
        for (lim = nmemb; lim != 0; lim >>= 1) {
170 208
                p = base + (lim >> 1) * size;
171 208
                cmp = acl_tbl_cmp(fam, key, p);
172 208
                if (cmp == 0)
173 28
                        return (p);
174 180
                if (cmp > 0) {
175
                        /* key > p: move right */
176 76
                        base = p + size;
177 76
                        lim--;
178 76
                } /* else move left */
179 180
        }
180 68
        return (NULL);
181 96
}
182
183
int
184 96
VPI_acl_table(VRT_CTX, VCL_IP p, unsigned n, unsigned m, const uint8_t *tbl,
185
    const char * const *str, const char *fin)
186
{
187
        int fam;
188
        const uint8_t *key;
189
        const uint8_t *ptr;
190
        size_t sz;
191
192 96
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
193 96
        AN(p);
194 96
        AN(n);
195 96
        assert(m == 20);
196 96
        AN(tbl);
197 96
        AN(fin);
198
199 96
        fam = VRT_VSA_GetPtr(ctx, p, &key);
200 96
        ptr = bbsearch(fam, key, tbl, n, m);
201
202 96
        if (ptr != NULL) {
203 28
                sz = ptr - tbl;
204 28
                AZ(sz % m);
205 28
                sz /= m;
206 28
                if (str != NULL)
207 14
                        VPI_acl_log(ctx, str[sz]);
208 28
                return (*ptr);
209
        }
210 68
        if (str != NULL)
211 34
                VPI_acl_log(ctx, fin);
212 68
        return (0);
213 96
}
214
215
/*--------------------------------------------------------------------*/
216
217
VCL_VOID
218 22
VRT_hit_for_pass(VRT_CTX, VCL_DURATION d)
219
{
220
        struct objcore *oc;
221
222 22
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
223 22
        if (ctx->bo == NULL) {
224 0
                VSLb(ctx->vsl, SLT_Error,
225
                    "Note: Ignoring DURATION argument to return(pass);");
226 0
                return;
227
        }
228 22
        CHECK_OBJ_NOTNULL(ctx->bo, BUSYOBJ_MAGIC);
229 22
        oc = ctx->bo->fetch_objcore;
230 22
        oc->ttl = d;
231 22
        oc->grace = 0.0;
232 22
        oc->keep = 0.0;
233 44
        VSLb(ctx->vsl, SLT_TTL, "HFP %.0f %.0f %.0f %.0f uncacheable",
234 22
            oc->ttl, oc->grace, oc->keep, oc->t_origin);
235 22
}
236
237
/*--------------------------------------------------------------------*/
238
239
VCL_HTTP
240 33212
VRT_selecthttp(VRT_CTX, enum gethdr_e where)
241
{
242
        VCL_HTTP hp;
243
244 33212
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
245 33212
        switch (where) {
246
        case HDR_REQ:
247 19941
                hp = ctx->http_req;
248 19941
                break;
249
        case HDR_REQ_TOP:
250 7
                hp = ctx->http_req_top;
251 7
                break;
252
        case HDR_BEREQ:
253 588
                hp = ctx->http_bereq;
254 588
                break;
255
        case HDR_BERESP:
256 9251
                hp = ctx->http_beresp;
257 9251
                break;
258
        case HDR_RESP:
259 3424
                hp = ctx->http_resp;
260 3424
                break;
261
        case HDR_OBJ_STALE:
262
        case HDR_OBJ:
263 1
                hp = NULL;
264 1
                break;
265
        default:
266 0
                WRONG("VRT_selecthttp 'where' invalid");
267 0
        }
268 33212
        return (hp);
269
}
270
271
/*--------------------------------------------------------------------*/
272
273
VCL_STRING
274 26164
VRT_GetHdr(VRT_CTX, VCL_HEADER hs)
275
{
276
        VCL_HTTP hp;
277
        const char *p;
278
279 26164
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
280 26164
        if (hs->where == HDR_OBJ) {
281 14
                CHECK_OBJ_NOTNULL(ctx->req, REQ_MAGIC);
282 14
                CHECK_OBJ_NOTNULL(ctx->req->objcore, OBJCORE_MAGIC);
283 28
                return (HTTP_GetHdrPack(ctx->req->wrk, ctx->req->objcore,
284 14
                    hs->what));
285
        }
286
287 26150
        if (hs->where == HDR_OBJ_STALE) {
288 1
                CHECK_OBJ_NOTNULL(ctx->bo, BUSYOBJ_MAGIC);
289 1
                CHECK_OBJ_NOTNULL(ctx->bo->stale_oc, OBJCORE_MAGIC);
290 2
                return (HTTP_GetHdrPack(ctx->bo->wrk, ctx->bo->stale_oc,
291 1
                    hs->what));
292
        }
293 26149
        hp = VRT_selecthttp(ctx, hs->where);
294 26149
        CHECK_OBJ_NOTNULL(hp, HTTP_MAGIC);
295 26149
        if (!http_GetHdr(hp, hs->what, &p))
296 12124
                return (NULL);
297 14025
        return (p);
298 26164
}
299
300
/*--------------------------------------------------------------------
301
 * Alloc Strands with space for n elements on workspace
302
 *
303
 * Error handling is deliberately left to the caller
304
 */
305
306
struct strands *
307 0
VRT_AllocStrandsWS(struct ws *ws, int n)
308
{
309
        struct strands *s;
310
        const char **p;
311
312 0
        s = WS_Alloc(ws, sizeof *s);
313 0
        p = WS_Alloc(ws, n * sizeof *p);
314
315 0
        if (s == NULL || p == NULL)
316 0
                return (NULL);
317
318 0
        s->magic = STRANDS_MAGIC;
319 0
        s->n = n;
320 0
        s->p = p;
321
322 0
        return (s);
323 0
}
324
325
/*--------------------------------------------------------------------
326
 * Compare two STRANDS
327
 */
328
329
int
330 186
VRT_CompareStrands(VCL_STRANDS a, VCL_STRANDS b)
331
{
332 186
        const char *pa = NULL, *pb = NULL;
333 186
        int na = 0, nb = 0;
334
335 186
        CHECK_OBJ_NOTNULL(a, STRANDS_MAGIC);
336 186
        CHECK_OBJ_NOTNULL(b, STRANDS_MAGIC);
337
338 1264
        while (1) {
339 1264
                if (pa != NULL && *pa == '\0')
340 111
                        pa = NULL;
341 1264
                if (pb != NULL && *pb == '\0')
342 149
                        pb = NULL;
343 1264
                if (pa == NULL && na < a->n)
344 253
                        pa = a->p[na++];
345 1011
                else if (pb == NULL && nb < b->n)
346 297
                        pb = b->p[nb++];
347 714
                else if (pa == NULL && pb == NULL)
348 63
                        return (0);
349 651
                else if (pa == NULL)
350 44
                        return (-1);
351 607
                else if (pb == NULL)
352 12
                        return (1);
353 595
                else if (*pa == '\0')
354 0
                        pa = NULL;
355 595
                else if (*pb == '\0')
356 0
                        pb = NULL;
357 595
                else if (*pa != *pb)
358 67
                        return (*pa - *pb);
359
                else {
360 528
                        pa++;
361 528
                        pb++;
362
                }
363
        }
364 186
}
365
366
/*--------------------------------------------------------------------
367
 * STRANDS to BOOL
368
 */
369
370
VCL_BOOL
371 14124
VRT_Strands2Bool(VCL_STRANDS s)
372
{
373
        int i;
374
375 14124
        CHECK_OBJ_NOTNULL(s, STRANDS_MAGIC);
376 22097
        for (i = 0; i < s->n; i++)
377 14124
                if (s->p[i] != NULL)
378 6151
                        return (1);
379 7973
        return (0);
380 14124
}
381
382
/*--------------------------------------------------------------------
383
 * Hash a STRANDS
384
 */
385
386
uint32_t
387 1726
VRT_HashStrands32(VCL_STRANDS s)
388
{
389
        struct VSHA256Context sha_ctx;
390
        unsigned char sha256[VSHA256_LEN];
391
        const char *p;
392
        int i;
393
394 1726
        CHECK_OBJ_NOTNULL(s, STRANDS_MAGIC);
395 1726
        VSHA256_Init(&sha_ctx);
396 5138
        for (i = 0; i < s->n; i++) {
397 3412
                p = s->p[i];
398 3412
                if (p != NULL && *p != '\0')
399 3408
                        VSHA256_Update(&sha_ctx, p, strlen(p));
400 3412
        }
401 1726
        VSHA256_Final(sha256, &sha_ctx);
402
403
        /* NB: for some reason vmod_director's shard director specifically
404
         * relied on little-endian decoding of the last 4 octets. In order
405
         * to maintain a stable hash function to share across consumers we
406
         * need to stick to that.
407
         */
408 1726
        return (vle32dec(sha256 + VSHA256_LEN - 4));
409
}
410
411
412
/*--------------------------------------------------------------------
413
 * Collapse STRANDS into the space provided, or return NULL
414
 */
415
416
char *
417 4894
VRT_Strands(char *d, size_t dl, VCL_STRANDS s)
418
{
419
        char *b;
420
        const char *e;
421
        unsigned x;
422
423 4894
        AN(d);
424 4894
        CHECK_OBJ_NOTNULL(s, STRANDS_MAGIC);
425 4894
        b = d;
426 4894
        e = b + dl;
427 9824
        for (int i = 0; i < s->n; i++)
428 9700
                if (s->p[i] != NULL && *s->p[i] != '\0') {
429 4770
                        x = strlen(s->p[i]);
430 4770
                        if (b + x >= e)
431 56
                                return (NULL);
432 4714
                        memcpy(b, s->p[i], x);
433 4714
                        b += x;
434 4714
                }
435 4838
        assert(b < e);
436 4838
        *b++ = '\0';
437 4838
        return (b);
438 4894
}
439
440
/*--------------------------------------------------------------------
441
 * Copy and merge STRANDS into a workspace.
442
 */
443
444
VCL_STRING
445 488
VRT_StrandsWS(struct ws *ws, const char *h, VCL_STRANDS s)
446
{
447 488
        const char *q = NULL;
448
        struct vsb vsb[1];
449
        int i;
450
451 488
        WS_Assert(ws);
452 488
        CHECK_OBJ_NOTNULL(s, STRANDS_MAGIC);
453
454 515
        for (i = 0; i < s->n; i++) {
455 506
                if (s->p[i] != NULL && *s->p[i] != '\0') {
456 479
                        q = s->p[i];
457 479
                        break;
458
                }
459 27
        }
460
461 488
        if (q == NULL) {
462 9
                if (h == NULL)
463 8
                        return ("");
464 1
                if (WS_Allocated(ws, h, -1))
465 0
                        return (h);
466 480
        } else if (h == NULL && WS_Allocated(ws, q, -1)) {
467 47
                for (i++; i < s->n; i++)
468 29
                        if (s->p[i] != NULL && *s->p[i] != '\0')
469 19
                                break;
470 37
                if (i == s->n)
471 18
                        return (q);
472 19
        }
473
474 462
        WS_VSB_new(vsb, ws);
475 462
        if (h != NULL)
476 283
                VSB_cat(vsb, h);
477 1055
        for (i = 0; i < s->n; i++) {
478 593
                if (s->p[i] != NULL && *s->p[i] != '\0')
479 558
                        VSB_cat(vsb, s->p[i]);
480 593
        }
481 462
        return (WS_VSB_finish(vsb, ws, NULL));
482 488
}
483
484
/*--------------------------------------------------------------------
485
 * Copy and merge STRANDS on the current workspace
486
 */
487
488
VCL_STRING
489 77
VRT_STRANDS_string(VRT_CTX, VCL_STRANDS s)
490
{
491
        const char *b;
492
493 77
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
494 77
        CHECK_OBJ_NOTNULL(ctx->ws, WS_MAGIC);
495 77
        b = VRT_StrandsWS(ctx->ws, NULL, s);
496 77
        if (b == NULL)
497 1
                VRT_fail(ctx, "Workspace overflow");
498 77
        return (b);
499
}
500
501
/*--------------------------------------------------------------------
502
 * upper/lower-case STRANDS (onto workspace)
503
 */
504
505
#include <stdio.h>
506
507
VCL_STRING
508 11
VRT_UpperLowerStrands(VRT_CTX, VCL_STRANDS s, int up)
509
{
510
        unsigned u;
511
        char *b, *e, *r;
512 11
        const char *p, *q = NULL;
513 11
        int i, copy = 0;
514
515 11
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
516 11
        CHECK_OBJ_NOTNULL(ctx->ws, WS_MAGIC);
517 11
        CHECK_OBJ_NOTNULL(s, STRANDS_MAGIC);
518 11
        u = WS_ReserveAll(ctx->ws);
519 11
        r = b = WS_Reservation(ctx->ws);
520 11
        e = b + u;
521 26
        for (i = 0; i < s->n; i++) {
522 15
                if (s->p[i] == NULL || s->p[i][0] == '\0')
523 0
                        continue;
524 15
                if (q != NULL)
525 4
                        copy = 1;
526 84
                for(p = q = s->p[i]; *p != '\0'; p++) {
527 95
                        if ((up && vct_islower(*p)) ||
528 61
                            (!up && vct_isupper(*p))) {
529 34
                                *b++ = *p ^ 0x20;
530 34
                                copy = 1;
531 69
                        } else if (b < e) {
532 35
                                *b++ = *p;
533 35
                        }
534 69
                        if (copy && b == e)
535 0
                                break;
536 69
                }
537 15
                if (copy && b == e) {
538 0
                        WS_Release(ctx->ws, 0);
539 0
                        VRT_fail(ctx, "Workspace overflow");
540 0
                        return (NULL);
541
                }
542 15
        }
543 11
        assert(b <= e);
544 11
        if (!copy) {
545 3
                WS_Release(ctx->ws, 0);
546 3
                return (q);
547
        }
548 8
        assert(b < e);
549 8
        *b++ = '\0';
550 8
        assert(b <= e);
551 8
        WS_ReleaseP(ctx->ws, b);
552 8
        return (r);
553 11
}
554
555
556
// rfc9110,l,1585,1589
557
//     field-content  = field-vchar
558
//                      [ 1*( SP / HTAB / field-vchar ) field-vchar ]
559
//     field-vchar    = VCHAR / obs-text
560
//     obs-text       = %x80-FF
561
//
562
// This implementation is less strict, see #4221
563
static inline VCL_BOOL
564 4839
validhdr(const char *p)
565
{
566 4839
        AN(p);
567 190006
        for(;*p != '\0'; p++)
568 185169
                if (! vct_ishdrval(*p))
569 2
                        return (0);
570 4837
        return (1);
571 4839
}
572
573
/*--------------------------------------------------------------------*/
574
VCL_BOOL
575 2
VRT_ValidHdr(VRT_CTX, VCL_STRANDS s)
576
{
577
        int i;
578
579 2
        (void) ctx;
580
581 2
        CHECK_OBJ_NOTNULL(s, STRANDS_MAGIC);
582 3
        for (i = 0; i < s->n; i++) {
583 2
                if (s->p[i] == NULL || s->p[i][0] == '\0')
584 0
                        continue;
585 2
                if (! validhdr(s->p[i]))
586 1
                        return (0);
587 1
        }
588
589 1
        return (1);
590 2
}
591
/*--------------------------------------------------------------------*/
592
593
VCL_VOID
594 2017
VRT_UnsetHdr(VRT_CTX, VCL_HEADER hs)
595
{
596
        VCL_HTTP hp;
597
598 2017
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
599 2017
        AN(hs);
600 2017
        AN(hs->what);
601 2017
        hp = VRT_selecthttp(ctx, hs->where);
602 2017
        CHECK_OBJ_NOTNULL(hp, HTTP_MAGIC);
603 2017
        http_Unset(hp, hs->what);
604 2017
}
605
606
VCL_VOID
607 5023
VRT_SetHdr(VRT_CTX, VCL_HEADER hs, const char *pfx, VCL_STRANDS s)
608
{
609
        VCL_HTTP hp;
610
        unsigned u, l, pl;
611
        char *p, *b;
612
613 5023
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
614 5023
        AN(hs);
615 5023
        AN(hs->what);
616 5023
        hp = VRT_selecthttp(ctx, hs->where);
617 5023
        CHECK_OBJ_NOTNULL(hp, HTTP_MAGIC);
618
619 5023
        u = WS_ReserveAll(hp->ws);
620 5023
        pl = (pfx == NULL) ? 0 : strlen(pfx);
621 5023
        l = hs->what->len + 1 + pl;
622 5023
        if (u <= l) {
623 127
                WS_Release(hp->ws, 0);
624 127
                WS_MarkOverflow(hp->ws);
625 127
                VSLbs(ctx->vsl, SLT_LostHeader, TOSTRAND(hs->what->str));
626 127
                return;
627
        }
628 4896
        b = WS_Reservation(hp->ws);
629 4896
        if (s != NULL) {
630 4888
                p = VRT_Strands(b + l, u - l, s);
631 4888
                if (p == NULL) {
632 56
                        WS_Release(hp->ws, 0);
633 56
                        WS_MarkOverflow(hp->ws);
634 112
                        VSLbs(ctx->vsl, SLT_LostHeader,
635 56
                            TOSTRAND(hs->what->str));
636 56
                        return;
637
                }
638 4832
        } else {
639 8
                b[l] = '\0';
640
        }
641 4840
        p = b;
642 4840
        memcpy(p, hs->what->str, hs->what->len);
643 4840
        p += hs->what->len;
644 4840
        *p++ = ' ';
645 4840
        if (pfx != NULL)
646 10
                memcpy(p, pfx, pl);
647 4840
        p += pl;
648 4840
        if (FEATURE(FEATURE_VALIDATE_HEADERS) && !validhdr(b)) {
649 1
                VRT_fail(ctx, "Bad header %s", b);
650 1
                WS_Release(hp->ws, 0);
651 1
                return;
652
        }
653 4839
        WS_ReleaseP(hp->ws, strchr(p, '\0') + 1);
654 4839
        http_Unset(hp, hs->what);
655 4839
        http_SetHeader(hp, b);
656 5023
}
657
658
/*--------------------------------------------------------------------*/
659
660
VCL_VOID
661 20667
VRT_handling(VRT_CTX, unsigned hand)
662
{
663
664 20667
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
665 20667
        assert(hand != VCL_RET_FAIL);
666 20667
        AN(ctx->vpi);
667 20667
        AZ(ctx->vpi->handling);
668 20667
        assert(hand > 0);
669 20667
        assert(hand < VCL_RET_MAX);
670 20667
        ctx->vpi->handling = hand;
671 20667
}
672
673
unsigned
674 15
VRT_handled(VRT_CTX)
675
{
676 15
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
677 15
        AN(ctx->vpi);
678 15
        return (ctx->vpi->handling);
679
}
680
681
/* the trace value is cached in the VPI for efficiency */
682
VCL_VOID
683 1
VRT_trace(VRT_CTX, VCL_BOOL a)
684
{
685 1
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
686 1
        AN(ctx->vpi);
687 1
        ctx->vpi->trace = a;
688 1
}
689
690
/*--------------------------------------------------------------------*/
691
692
VCL_VOID
693 203
VRT_fail(VRT_CTX, const char *fmt, ...)
694
{
695
        va_list ap;
696
697 203
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
698 203
        assert(ctx->vsl != NULL || ctx->msg != NULL);
699 203
        AN(ctx->vpi);
700 203
        if (ctx->vpi->handling == VCL_RET_FAIL)
701 3
                return;
702 200
        AZ(ctx->vpi->handling);
703 200
        AN(fmt);
704 200
        AZ(strchr(fmt, '\n'));
705 200
        va_start(ap, fmt);
706 200
        if (ctx->vsl != NULL) {
707 159
                VSLbv(ctx->vsl, SLT_VCL_Error, fmt, ap);
708 159
        } else {
709 41
                AN(ctx->msg);
710 41
                VSB_vprintf(ctx->msg, fmt, ap);
711 41
                VSB_putc(ctx->msg, '\n');
712
        }
713 200
        va_end(ap);
714 200
        ctx->vpi->handling = VCL_RET_FAIL;
715 203
}
716
717
/*--------------------------------------------------------------------
718
 * Feed data into the hash calculation
719
 */
720
721
VCL_VOID
722 7404
VRT_hashdata(VRT_CTX, VCL_STRANDS s)
723
{
724
        int i;
725
726 7404
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
727 7404
        CHECK_OBJ_NOTNULL(ctx->req, REQ_MAGIC);
728 7404
        AN(ctx->specific);
729 7404
        CHECK_OBJ_NOTNULL(s, STRANDS_MAGIC);
730 14811
        for (i = 0; i < s->n; i++)
731 7407
                HSH_AddString(ctx->req, ctx->specific, s->p[i]);
732
        /*
733
         * Add a 'field-separator' to make it more difficult to
734
         * manipulate the hash.
735
         */
736 7404
        HSH_AddString(ctx->req, ctx->specific, NULL);
737 7404
}
738
739
/*--------------------------------------------------------------------*/
740
741
VCL_TIME
742 161
VRT_r_now(VRT_CTX)
743
{
744 161
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
745 161
        return (ctx->now);
746
}
747
748
/*--------------------------------------------------------------------*/
749
750
VCL_STRING v_matchproto_()
751 248
VRT_IP_string(VRT_CTX, VCL_IP ip)
752
{
753
        char buf[VTCP_ADDRBUFSIZE];
754
755 248
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
756 248
        if (ip == NULL) {
757 0
                VRT_fail(ctx, "%s: Illegal IP", __func__);
758 0
                return (NULL);
759
        }
760 248
        VTCP_name(ip, buf, sizeof buf, NULL, 0);
761 248
        return (WS_Copy(ctx->ws, buf, -1));
762 248
}
763
764
int
765 2864
VRT_INT_is_valid(VCL_INT arg)
766
{
767 2864
        return (arg >= VRT_INTEGER_MIN && arg <= VRT_INTEGER_MAX);
768
}
769
770
771
VCL_STRING v_matchproto_()
772 2864
VRT_INT_string(VRT_CTX, VCL_INT num)
773
{
774
775 2864
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
776 2864
        if (!VRT_INT_is_valid(num))
777 2
                VRT_fail(ctx, "INT overflow converting to string (0x%jx)",
778 1
                    (intmax_t)num);
779 2864
        return (WS_Printf(ctx->ws, "%jd", (intmax_t)num));
780
}
781
782
int
783 236
VRT_REAL_is_valid(VCL_REAL arg)
784
{
785 236
        return (!isnan(arg) && arg >= VRT_DECIMAL_MIN && arg <= VRT_DECIMAL_MAX);
786
}
787
788
VCL_STRING v_matchproto_()
789 236
VRT_REAL_string(VRT_CTX, VCL_REAL num)
790
{
791
792 236
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
793 236
        if (!VRT_REAL_is_valid(num))
794 1
                VRT_fail(ctx, "REAL overflow converting to string (%e)", num);
795 236
        return (WS_Printf(ctx->ws, "%.3f", num));
796
}
797
798
VCL_STRING v_matchproto_()
799 79
VRT_TIME_string(VRT_CTX, VCL_TIME t)
800
{
801
        char *p;
802
803 79
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
804 79
        p = WS_Alloc(ctx->ws, VTIM_FORMAT_SIZE);
805 79
        if (p == NULL) {
806 0
                VRT_fail(ctx, "Workspace overflow");
807 0
                return (NULL);
808
        }
809 79
        VTIM_format(t, p);
810 79
        if (*p == '\0') {
811 1
                VRT_fail(ctx, "Unformattable VCL_TIME");
812 1
                return (NULL);
813
        }
814 78
        return (p);
815 79
}
816
817
VCL_STRING v_matchproto_()
818 4594
VRT_BACKEND_string(VCL_BACKEND d)
819
{
820 4594
        if (d == NULL)
821 0
                return (NULL);
822 4594
        CHECK_OBJ_NOTNULL(d, DIRECTOR_MAGIC);
823 4594
        return (d->vcl_name);
824 4594
}
825
826
VCL_STRING v_matchproto_()
827 556
VRT_BOOL_string(VCL_BOOL val)
828
{
829
830 556
        return (val ? "true" : "false");
831
}
832
833
VCL_STRING v_matchproto_()
834 16
VRT_BLOB_string(VRT_CTX, VCL_BLOB val)
835
{
836
        struct vsb vsb[1];
837
        const char *s;
838
839 16
        if (val == NULL)
840 0
                return (NULL);
841 16
        WS_VSB_new(vsb, ctx->ws);
842 16
        VSB_putc(vsb, ':');
843 16
        VENC_Encode_Base64(vsb, val->blob, val->len);
844 16
        VSB_putc(vsb, ':');
845 16
        s = WS_VSB_finish(vsb, ctx->ws, NULL);
846 16
        return (s);
847 16
}
848
849
/*--------------------------------------------------------------------*/
850
851
VCL_VOID
852 23
VRT_Rollback(VRT_CTX, VCL_HTTP hp)
853
{
854
855 23
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
856 23
        CHECK_OBJ_NOTNULL(hp, HTTP_MAGIC);
857 23
        if (ctx->method & VCL_MET_PIPE) {
858 0
                VRT_fail(ctx, "Cannot rollback in vcl_pipe {}");
859 0
                return;
860
        }
861 23
        if (hp == ctx->http_req) {
862 14
                CHECK_OBJ_NOTNULL(ctx->req, REQ_MAGIC);
863 14
                Req_Rollback(ctx);
864 14
                if (ctx->method & VCL_MET_DELIVER)
865 9
                        XXXAZ(Resp_Setup_Deliver(ctx->req));
866 14
                if (ctx->method & VCL_MET_SYNTH)
867 2
                        Resp_Setup_Synth(ctx->req);
868 23
        } else if (hp == ctx->http_bereq) {
869 9
                Bereq_Rollback(ctx);
870 9
        } else
871 0
                WRONG("VRT_Rollback 'hp' invalid");
872 23
}
873
874
/*--------------------------------------------------------------------*/
875
876
VCL_VOID
877 5
VRT_synth_strands(VRT_CTX, VCL_STRANDS s)
878
{
879
        struct vsb *vsb;
880
        int i;
881
882 5
        CAST_OBJ_NOTNULL(vsb, ctx->specific, VSB_MAGIC);
883 5
        CHECK_OBJ_NOTNULL(s, STRANDS_MAGIC);
884 10
        for (i = 0; i < s->n; i++) {
885 5
                if (s->p[i] != NULL)
886 4
                        VSB_cat(vsb, s->p[i]);
887
                else
888 1
                        VSB_cat(vsb, "(null)");
889 5
        }
890 5
}
891
892
VCL_VOID
893 0
VRT_synth_blob(VRT_CTX, VCL_BLOB b)
894
{
895
        struct vsb *vsb;
896 0
        CAST_OBJ_NOTNULL(vsb, ctx->specific, VSB_MAGIC);
897
898 0
        CHECK_OBJ_NOTNULL(b, VRT_BLOB_MAGIC);
899 0
        if (b->len > 0 && b->blob != NULL)
900 0
                VSB_bcat(vsb, b->blob, b->len);
901 0
}
902
903
VCL_VOID
904 0
VRT_synth_page(VRT_CTX, VCL_STRANDS s)
905
{
906 0
        VRT_synth_strands(ctx, s);
907 0
}
908
909
/*--------------------------------------------------------------------*/
910
911
static VCL_STRING
912 21
vrt_ban_error(VRT_CTX, VCL_STRING err)
913
{
914 21
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
915 21
        AN(ctx->vsl);
916 21
        AN(err);
917
918 21
        VSLb(ctx->vsl, SLT_VCL_Error, "ban(): %s", err);
919 21
        return (err);
920
}
921
922
VCL_STRING
923 39
VRT_ban_string(VRT_CTX, VCL_STRING str)
924
{
925
        char *a1, *a2, *a3;
926
        char **av;
927
        struct ban_proto *bp;
928 39
        const char *err = NULL, *berr = NULL;
929
        int i;
930
931 39
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
932
933 39
        if (str == NULL)
934 2
                return (vrt_ban_error(ctx, "Null argument"));
935
936 37
        bp = BAN_Build();
937 37
        if (bp == NULL)
938 0
                return (vrt_ban_error(ctx, "Out of Memory"));
939
940 37
        av = VAV_Parse(str, NULL, ARGV_NOESC);
941 37
        AN(av);
942 37
        if (av[0] != NULL) {
943 0
                err = av[0];
944 0
                VAV_Free(av);
945 0
                BAN_Abandon(bp);
946 0
                return (vrt_ban_error(ctx, err));
947
        }
948 42
        for (i = 0; ;) {
949 42
                a1 = av[++i];
950 42
                if (a1 == NULL) {
951 2
                        err = "No ban conditions found.";
952 2
                        break;
953
                }
954 40
                a2 = av[++i];
955 40
                if (a2 == NULL) {
956 2
                        err = "Expected comparison operator.";
957 2
                        break;
958
                }
959 38
                a3 = av[++i];
960 38
                if (a3 == NULL) {
961 2
                        err = "Expected second operand.";
962 2
                        break;
963
                }
964 36
                berr = BAN_AddTest(bp, a1, a2, a3);
965 36
                if (berr != NULL)
966 11
                        break;
967
968 25
                if (av[++i] == NULL) {
969 18
                        berr = BAN_Commit(bp);
970 18
                        if (berr == NULL)
971 18
                                bp = NULL;
972 18
                        break;
973
                }
974 7
                if (strcmp(av[i], "&&")) {
975 4
                        err = WS_Printf(ctx->ws, "Expected && between "
976 2
                            "conditions, found \"%s\"", av[i]);
977 2
                        if (err == NULL)
978 0
                                err = "Expected && between conditions "
979
                                    "(workspace overflow)";
980 2
                        break;
981
                }
982
        }
983 37
        if (berr != NULL) {
984 11
                AZ(err);
985 11
                err = WS_Copy(ctx->ws, berr, -1);
986 11
                if (err == NULL)
987 0
                        err = "Unknown error (workspace overflow)";
988 11
                berr = NULL;
989 11
        }
990 37
        AZ(berr);
991 37
        if (bp != NULL)
992 19
                BAN_Abandon(bp);
993 37
        VAV_Free(av);
994 37
        if (err == NULL)
995 18
                return (NULL);
996 19
        return (vrt_ban_error(ctx, err));
997 39
}
998
999
VCL_BYTES
1000 35
VRT_CacheReqBody(VRT_CTX, VCL_BYTES maxsize)
1001
{
1002 35
        const char * const err = "req.body can only be cached in vcl_recv{}";
1003
1004 35
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
1005 35
        if (ctx->method != VCL_MET_RECV) {
1006 0
                if (ctx->vsl != NULL) {
1007 0
                        VSLbs(ctx->vsl, SLT_VCL_Error, TOSTRAND(err));
1008 0
                } else {
1009 0
                        AN(ctx->msg);
1010 0
                        VSB_printf(ctx->msg, "%s\n", err);
1011
                };
1012 0
                return (-1);
1013
        }
1014 35
        CHECK_OBJ_NOTNULL(ctx->req, REQ_MAGIC);
1015 35
        return (VRB_Cache(ctx->req, maxsize));
1016 35
}
1017
1018
/*--------------------------------------------------------------------
1019
 * purges
1020
 */
1021
1022
VCL_INT
1023 14
VRT_purge(VRT_CTX, VCL_DURATION ttl, VCL_DURATION grace, VCL_DURATION keep)
1024
{
1025
1026 14
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
1027
1028 14
        if ((ctx->method & (VCL_MET_HIT|VCL_MET_MISS)) == 0) {
1029 0
                VRT_fail(ctx,
1030
                    "purge can only happen in vcl_hit{} or vcl_miss{}");
1031 0
                return (0);
1032
        }
1033
1034 14
        CHECK_OBJ_NOTNULL(ctx->req, REQ_MAGIC);
1035 14
        CHECK_OBJ_NOTNULL(ctx->req->wrk, WORKER_MAGIC);
1036 28
        return (HSH_Purge(ctx->req->wrk, ctx->req->objcore->objhead,
1037 14
            ctx->req->t_req, ttl, grace, keep));
1038 14
}
1039
1040
/*--------------------------------------------------------------------
1041
 */
1042
1043
struct vsmw_cluster * v_matchproto_()
1044 1230
VRT_VSM_Cluster_New(VRT_CTX, size_t sz)
1045
{
1046
        struct vsmw_cluster *vc;
1047
1048 1230
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
1049 1230
        assert(sz > 0);
1050 1230
        AN(vsc_lock);
1051 1230
        AN(vsc_unlock);
1052 1230
        AN(heritage.proc_vsmw);
1053 1230
        vsc_lock();
1054 1230
        vc = VSMW_NewCluster(heritage.proc_vsmw, sz, "VSC_cluster");
1055 1230
        vsc_unlock();
1056 1230
        return (vc);
1057
}
1058
1059
void v_matchproto_()
1060 78
VRT_VSM_Cluster_Destroy(VRT_CTX, struct vsmw_cluster **vsmcp)
1061
{
1062
1063 78
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
1064 78
        AN(vsmcp);
1065 78
        VSMW_DestroyCluster(heritage.proc_vsmw, vsmcp);
1066 78
}
1067
1068
/*--------------------------------------------------------------------
1069
 * Simple stuff
1070
 */
1071
1072
int
1073 11015
VRT_strcmp(const char *s1, const char *s2)
1074
{
1075 11015
        if (s1 == NULL || s2 == NULL)
1076 1194
                return (1);
1077 9821
        return (strcmp(s1, s2));
1078 11015
}
1079
1080
void
1081 0
VRT_memmove(void *dst, const void *src, unsigned len)
1082
{
1083
1084 0
        (void)memmove(dst, src, len);
1085 0
}
1086
1087
VCL_BOOL
1088 23
VRT_ipcmp(VRT_CTX, VCL_IP sua1, VCL_IP sua2)
1089
{
1090
1091 23
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
1092
1093 23
        if (sua1 == NULL || sua2 == NULL) {
1094 0
                VRT_fail(ctx, "%s: Illegal IP", __func__);
1095 0
                return (1);
1096
        }
1097 23
        return (VSA_Compare_IP(sua1, sua2));
1098 23
}
1099
1100
/*
1101
 * the pointer passed as src must have at least VCL_TASK lifetime
1102
 */
1103
VCL_BLOB
1104 247
VRT_blob(VRT_CTX, const char *err, const void *src, size_t len, unsigned type)
1105
{
1106
        struct vrt_blob *p;
1107
1108 247
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
1109 247
        CHECK_OBJ_NOTNULL(ctx->ws, WS_MAGIC);
1110
1111 247
        if (src == NULL || len == 0)
1112 2
                return (vrt_null_blob);
1113
1114 245
        p = (void *)WS_Alloc(ctx->ws, sizeof *p);
1115 245
        if (p == NULL) {
1116 6
                VRT_fail(ctx, "Workspace overflow (%s)", err);
1117 6
                return (NULL);
1118
        }
1119
1120 239
        INIT_OBJ(p, VRT_BLOB_MAGIC);
1121 239
        p->type = type;
1122 239
        p->len = len;
1123 239
        p->blob = src;
1124
1125 239
        return (p);
1126 247
}
1127
1128
int
1129 96585
VRT_VSA_GetPtr(VRT_CTX, const struct suckaddr *sua, const unsigned char ** dst)
1130
{
1131
1132 96585
        CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
1133 96585
        AN(dst);
1134
1135 96585
        if (sua == NULL) {
1136 0
                VRT_fail(ctx, "%s: Illegal IP", __func__);
1137 0
                *dst = NULL;
1138 0
                return (-1);
1139
        }
1140 96585
        return (VSA_GetPtr(sua, dst));
1141 96585
}
1142
1143
void
1144 2
VRT_Format_Proxy(struct vsb *vsb, VCL_INT version, VCL_IP sac, VCL_IP sas,
1145
    VCL_STRING auth)
1146
{
1147 2
        VPX_Format_Proxy(vsb, (int)version, sac, sas, auth);
1148 2
}
1149
1150
/*
1151
 * Clone a struct vrt_endpoint in a single malloc() allocation
1152
 */
1153
1154
//lint -e{662}  Possible of out-of-bounds pointer (___ beyond end of data)
1155
//lint -e{826}  Suspicious pointer-to-pointer conversion (area to o small
1156
struct vrt_endpoint *
1157 2682
VRT_Endpoint_Clone(const struct vrt_endpoint * const vep)
1158
{
1159
        size_t sz;
1160
        struct vrt_endpoint *nvep;
1161 2682
        struct vrt_blob *blob = NULL;
1162
        struct suckaddr *sa;
1163 2682
        size_t uds_len = 0;
1164
        char *p, *e;
1165
1166 2682
        CHECK_OBJ_NOTNULL(vep, VRT_ENDPOINT_MAGIC);
1167 2682
        sz = sizeof *nvep;
1168 2682
        if (vep->ipv4)
1169 2583
                sz += vsa_suckaddr_len;
1170 2682
        if (vep->ipv6)
1171 8
                sz += vsa_suckaddr_len;
1172 2682
        if (vep->uds_path != NULL) {
1173 93
                uds_len = strlen(vep->uds_path) + 1;
1174 93
                sz += uds_len;
1175 93
        }
1176 2682
        if (vep->preamble != NULL && vep->preamble->len) {
1177 18
                sz += sizeof(*blob);
1178 18
                sz += vep->preamble->len;
1179 18
        }
1180 2682
        p = calloc(1, sz);
1181 2682
        AN(p);
1182 2682
        e = p + sz;
1183 2682
        nvep = (void*)p;
1184 2682
        p += sizeof *nvep;
1185 2682
        INIT_OBJ(nvep, VRT_ENDPOINT_MAGIC);
1186 2682
        if (vep->ipv4) {
1187 2583
                sa = (void*)p;
1188 2583
                memcpy(sa, vep->ipv4, vsa_suckaddr_len);
1189 2583
                nvep->ipv4 = sa;
1190 2583
                p += vsa_suckaddr_len;
1191 2583
        }
1192 2682
        if (vep->ipv6) {
1193 8
                sa = (void*)p;
1194 8
                memcpy(sa, vep->ipv6, vsa_suckaddr_len);
1195 8
                nvep->ipv6 = sa;
1196 8
                p += vsa_suckaddr_len;
1197 8
        }
1198 2682
        if (vep->preamble != NULL && vep->preamble->len) {
1199
                /* Before uds because we need p to be aligned still */
1200 18
                blob = (void*)p;
1201 18
                INIT_OBJ(blob, VRT_BLOB_MAGIC);
1202 18
                p += sizeof(*blob);
1203 18
                nvep->preamble = blob;
1204 18
                memcpy(p, vep->preamble->blob, vep->preamble->len);
1205 18
                blob->type = 0x70ea5b1e;
1206 18
                blob->len = vep->preamble->len;
1207 18
                blob->blob = p;
1208 18
                p += vep->preamble->len;
1209 18
        }
1210 2682
        if (uds_len) {
1211 93
                memcpy(p, vep->uds_path, uds_len);
1212 93
                nvep->uds_path = p;
1213 93
                p += uds_len;
1214 93
        }
1215 2682
        assert(p == e);
1216 2682
        return (nvep);
1217
}