+
+
+/*********************************************************************
+ *
+ * Function : verify_request_length
+ *
+ * Description : Checks if we already got the whole client requests
+ * and sets CSP_FLAG_CLIENT_REQUEST_COMPLETELY_READ if
+ * we do.
+ *
+ * Data that doesn't belong to the current request is
+ * either thrown away to let the client retry on a clean
+ * socket, or stashed to be dealt with after the current
+ * request is served.
+ *
+ * Parameters :
+ * 1 : csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns : void
+ *
+ *********************************************************************/
+static void verify_request_length(struct client_state *csp)
+{
+ unsigned long long buffered_request_bytes =
+ (unsigned long long)(csp->client_iob->eod - csp->client_iob->cur);
+
+ if ((csp->expected_client_content_length != 0)
+ && (buffered_request_bytes != 0))
+ {
+ if (csp->expected_client_content_length >= buffered_request_bytes)
+ {
+ csp->expected_client_content_length -= buffered_request_bytes;
+ log_error(LOG_LEVEL_CONNECT, "Reduced expected bytes to %llu "
+ "to account for the %llu ones we already got.",
+ csp->expected_client_content_length, buffered_request_bytes);
+ }
+ else
+ {
+ assert(csp->client_iob->eod > csp->client_iob->cur + csp->expected_client_content_length);
+ csp->client_iob->eod = csp->client_iob->cur + csp->expected_client_content_length;
+ log_error(LOG_LEVEL_CONNECT, "Reducing expected bytes to 0. "
+ "Marking the server socket tainted after throwing %llu bytes away.",
+ buffered_request_bytes - csp->expected_client_content_length);
+ csp->expected_client_content_length = 0;
+ csp->flags |= CSP_FLAG_SERVER_SOCKET_TAINTED;
+ }
+
+ if (csp->expected_client_content_length == 0)
+ {
+ csp->flags |= CSP_FLAG_CLIENT_REQUEST_COMPLETELY_READ;
+ }
+ }
+
+ if (!(csp->flags & CSP_FLAG_CLIENT_REQUEST_COMPLETELY_READ)
+ && ((csp->client_iob->cur < csp->client_iob->eod)
+ || (csp->expected_client_content_length != 0)))
+ {
+ if (strcmpic(csp->http->gpc, "GET")
+ && strcmpic(csp->http->gpc, "HEAD")
+ && strcmpic(csp->http->gpc, "TRACE")
+ && strcmpic(csp->http->gpc, "OPTIONS")
+ && strcmpic(csp->http->gpc, "DELETE"))
+ {
+ /* XXX: this is an incomplete hack */
+ csp->flags &= ~CSP_FLAG_CLIENT_REQUEST_COMPLETELY_READ;
+ csp->flags |= CSP_FLAG_SERVER_SOCKET_TAINTED;
+ log_error(LOG_LEVEL_CONNECT,
+ "There might be a request body. The connection will not be kept alive.");
+ }
+ else
+ {
+ csp->flags |= CSP_FLAG_CLIENT_REQUEST_COMPLETELY_READ;
+
+ if ((csp->config->feature_flags & RUNTIME_FEATURE_TOLERATE_PIPELINING) == 0)
+ {
+ csp->flags |= CSP_FLAG_SERVER_SOCKET_TAINTED;
+ log_error(LOG_LEVEL_CONNECT,
+ "Possible pipeline attempt detected. The connection will not "
+ "be kept alive and we will only serve the first request.");
+ /* Nuke the pipelined requests from orbit, just to be sure. */
+ clear_iob(csp->client_iob);
+ }
+ else
+ {
+ /*
+ * Keep the pipelined data around for now, we'll deal with
+ * it once we're done serving the current request.
+ */
+ csp->flags |= CSP_FLAG_PIPELINED_REQUEST_WAITING;
+ assert(csp->client_iob->eod >= csp->client_iob->cur);
+ log_error(LOG_LEVEL_CONNECT, "Complete client request followed by "
+ "%d bytes of pipelined data received.",
+ (int)(csp->client_iob->eod - csp->client_iob->cur));
+ }
+ }
+ }
+ else
+ {
+ csp->flags |= CSP_FLAG_CLIENT_REQUEST_COMPLETELY_READ;
+ log_error(LOG_LEVEL_CONNECT, "Complete client request received.");
+ }
+}