inline C code and post data
cal at fbsdata.com
Thu Jan 7 16:34:51 CET 2010
I think I managed to get this working, without needing a modification on the
varnish source. Here's a snippet of the important parts of how I
implemented this. (I left out all of my error checking for readability)
void get_req_body(struct sess *sp)
/* create a new shared memory file to store the request body in.
* Make sure this is deleted after we're done or this will eat up memory!
int memfd = shm_open(pidstr, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR);
// read the body from the client HTTP connection,
int rsize = read(sp->htc->fd, body, content_length);
// write the body into shm
int wsize = write(memfd, body, content_length);
// seek the file descriptor back to the beginning of the file
lseek(memfd, 0, SEEK_SET);
/* set Varnish's HTTP file descriptor to this new shm file.
* This fools varnish into reading the request body
* later on when passing it to the backend
* Not sure WHY this works though... If it needs to write
* to the client during vcl_deliver, wouldn't it just
* write the contents to this shm file? It must be a
* different file descriptor for writing?
sp->htc->fd = memfd;
This method was sort of my last ditch effort, and I was surprised that it
worked. I couldn't find exactly where the deliver code writes to the
socket, but the only explanation is that there is a separate socket for
writing to the client. Is that correct?
Also, I'm not an expert on how licenses work -- if I want to distribute
this, do I need to license it the same as varnish if I include your headers?
On Fri, Jan 1, 2010 at 2:02 PM, Cal Heldenbrand <cal at fbsdata.com> wrote:
> How difficult do you think it would be to provide this to the VRT level?
> I'd be happy to do the coding if you point me in the right direction of
> where the post data is handled in the source.
> I think it would be a useful tool for the rest of the community as well.
> (I remember some mailing list post on doing security matching, similar to
> Apache's mod_security)
> Thanks, and happy hangover day!
> On Fri, Jan 1, 2010 at 5:18 AM, Poul-Henning Kamp <phk at phk.freebsd.dk>wrote:
>> In message <6d0f643a0912311432v1e594e5cl601f1a5b19b59956 at mail.gmail.com>,
>> Cal H
>> eldenbrand writes:
>> >I just started experimenting with the coolness of using inline C in VCL,
>> >I've run into a bit of a hurdle -- I can't find any VRT functions that
>> >me to dig into the request body where the post data is at.
>> The post data is not available at any point near VCL, it is transferred
>> to the backend as part of the backend fetch.
>> PS: Happy NewYear
>> Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
>> phk at FreeBSD.ORG | TCP/IP since RFC 956
>> FreeBSD committer | BSD since 4.3-tahoe
>> Never attribute to malice what can adequately be explained by
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the varnish-dev