[Varnish] #868: varnishncsa generates wrong log formats when Authorization header is sent empty

Varnish varnish-bugs at varnish-cache.org
Thu Mar 10 18:32:47 CET 2011 

#868: varnishncsa generates wrong log formats when Authorization header is sent
empty
-------------------------+--------------------------------------------------
 Reporter:  jdzst        |        Type:  defect     
   Status:  new          |    Priority:  low        
Milestone:               |   Component:  varnishncsa
  Version:  trunk        |    Severity:  normal     
 Keywords:  varnishncsa  |  
-------------------------+--------------------------------------------------
 varnishncsa generates wrong log formats when "Authorization" header is
 sent, but with empty value:
   *  Authorization: Basic
 instead:
   *  Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==

 The generated log lacks third field (user) when Authorization is empty.
 This line causes problems in Awstats and Webalizer programs that process
 NCSA format logs.

 The following request:

 {{{
 Accept: */*
 Accept-Language: es,en;q=0.5
 UA-CPU: x86
 Accept-Encoding: gzip, deflate
 If-Modified-Since: Thu, 10 Mar 2011 15:43:02 GMT
 User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR
 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
 Proxy-Connection: Keep-Alive
 Host: localhost:7000
 Pragma: no-cache
 Authorization: Basic
 }}}

 Generates:

 1) varnishncsa generates following incorrect log, without user field:
 {{{
 10.0.0.1 -  [10/Mar/2011:17:55:48 +0100] "GET / HTTP/1.1" 301 198 "-"
 "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727;
 .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
 }}}
 2) apache generates following valid log:
 {{{
 10.0.0.1 - - [10/Mar/2011:17:58:16 +0100] "GET / HTTP/1.1" 301 198 "-"
 "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727;
 .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
 }}}

 The lack of one "-" makes Awstats to stop processing and start complaining
 about this line.

 The problem is at [http://www.varnish-
 cache.org/trac/browser/bin/varnishncsa/varnishncsa.c varnishncsa.c] at
 lines 618-637. A previous check of string length must be done:

 {{{
 if (lp->df_u != NULL) {
         char *rubuf;
         size_t rulen;

         base64_init();
         rulen = ((strlen(lp->df_u) + 3) * 4) / 3;
         rubuf = malloc(rulen);
         assert(rubuf != NULL);
         base64_decode(rubuf, rulen, lp->df_u);
         q = strchr(rubuf, ':');
         if (q != NULL)
                 *q = '\0';
 /* START - FIX */
         if(strlen(rubuf)>0)
         {
                 fprintf(fo, "%s", rubuf);
         }
         else
         {
                 fprintf(fo, "-");
         }
 /* END - FIX */
         free(rubuf);
 } else {
         fprintf(fo, "-");
 }
 }}}

-- 
Ticket URL: <http://www.varnish-cache.org/trac/ticket/868>
Varnish <http://varnish-cache.org/>
The Varnish HTTP Accelerator

More information about the varnish-bugs mailing list