[Varnish] #868: varnishncsa generates wrong log formats when Authorization header is sent empty
Varnish
varnish-bugs at varnish-cache.org
Thu Mar 10 18:32:47 CET 2011
#868: varnishncsa generates wrong log formats when Authorization header is sent
empty
-------------------------+--------------------------------------------------
Reporter: jdzst | Type: defect
Status: new | Priority: low
Milestone: | Component: varnishncsa
Version: trunk | Severity: normal
Keywords: varnishncsa |
-------------------------+--------------------------------------------------
varnishncsa generates wrong log formats when "Authorization" header is
sent, but with empty value:
* Authorization: Basic
instead:
* Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
The generated log lacks third field (user) when Authorization is empty.
This line causes problems in Awstats and Webalizer programs that process
NCSA format logs.
The following request:
{{{
Accept: */*
Accept-Language: es,en;q=0.5
UA-CPU: x86
Accept-Encoding: gzip, deflate
If-Modified-Since: Thu, 10 Mar 2011 15:43:02 GMT
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR
2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Proxy-Connection: Keep-Alive
Host: localhost:7000
Pragma: no-cache
Authorization: Basic
}}}
Generates:
1) varnishncsa generates following incorrect log, without user field:
{{{
10.0.0.1 - [10/Mar/2011:17:55:48 +0100] "GET / HTTP/1.1" 301 198 "-"
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727;
.NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
}}}
2) apache generates following valid log:
{{{
10.0.0.1 - - [10/Mar/2011:17:58:16 +0100] "GET / HTTP/1.1" 301 198 "-"
"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727;
.NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
}}}
The lack of one "-" makes Awstats to stop processing and start complaining
about this line.
The problem is at [http://www.varnish-
cache.org/trac/browser/bin/varnishncsa/varnishncsa.c varnishncsa.c] at
lines 618-637. A previous check of string length must be done:
{{{
if (lp->df_u != NULL) {
char *rubuf;
size_t rulen;
base64_init();
rulen = ((strlen(lp->df_u) + 3) * 4) / 3;
rubuf = malloc(rulen);
assert(rubuf != NULL);
base64_decode(rubuf, rulen, lp->df_u);
q = strchr(rubuf, ':');
if (q != NULL)
*q = '\0';
/* START - FIX */
if(strlen(rubuf)>0)
{
fprintf(fo, "%s", rubuf);
}
else
{
fprintf(fo, "-");
}
/* END - FIX */
free(rubuf);
} else {
fprintf(fo, "-");
}
}}}
--
Ticket URL: <http://www.varnish-cache.org/trac/ticket/868>
Varnish <http://varnish-cache.org/>
The Varnish HTTP Accelerator
More information about the varnish-bugs
mailing list