X-Git-Url: http://www.privoxy.org/gitweb/?a=blobdiff_plain;f=jcc.c;h=028970f4ceadb0b9c30a7b1445b509db6100cee9;hb=dbacf3024ca2575c1ae361dc2d578abfbe5aad54;hp=9364300c132c53f31eaecb01391af45e1171c220;hpb=ccca702c7aee2651fd7944e0d7ccbcb06f8558ec;p=privoxy.git diff --git a/jcc.c b/jcc.c index 9364300c..028970f4 100644 --- a/jcc.c +++ b/jcc.c @@ -1,4 +1,4 @@ -const char jcc_rcs[] = "$Id: jcc.c,v 1.191 2008/10/11 18:00:14 fabiankeil Exp $"; +const char jcc_rcs[] = "$Id: jcc.c,v 1.195 2008/10/13 16:04:37 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/jcc.c,v $ @@ -33,6 +33,21 @@ const char jcc_rcs[] = "$Id: jcc.c,v 1.191 2008/10/11 18:00:14 fabiankeil Exp $" * * Revisions : * $Log: jcc.c,v $ + * Revision 1.195 2008/10/13 16:04:37 fabiankeil + * Make sure we don't try to reuse tainted server sockets. + * + * Revision 1.194 2008/10/12 18:35:18 fabiankeil + * The last commit was a bit too ambitious, apparently the content + * length adjustment is only necessary if we aren't buffering. + * + * Revision 1.193 2008/10/12 15:57:35 fabiankeil + * Fix content length calculation if we read headers + * and the start of the body at once. Now that we have + * FEATURE_CONNECTION_KEEP_ALIVE, it actually matters. + * + * Revision 1.192 2008/10/11 18:19:14 fabiankeil + * Even more chat() cosmetics. + * * Revision 1.191 2008/10/11 18:00:14 fabiankeil * Reformat some comments in chat(). * @@ -2545,7 +2560,7 @@ static void chat(struct client_state *csp) if (n < 0) { log_error(LOG_LEVEL_ERROR, "select() failed!: %E"); - return; + break; } /* @@ -2564,7 +2579,7 @@ static void chat(struct client_state *csp) if (write_socket(csp->sfd, buf, (size_t)len)) { log_error(LOG_LEVEL_ERROR, "write to: %s failed: %E", http->host); - return; + break; } continue; } @@ -2605,7 +2620,7 @@ static void chat(struct client_state *csp) */ log_error(LOG_LEVEL_ERROR, "Already forwarded the original headers. " "Unable to tell the client about the problem."); - return; + break; } rsp = error_response(csp, "connect-failed", errno); @@ -2624,10 +2639,9 @@ static void chat(struct client_state *csp) { /* XXX: this is a temporary hack */ log_error(LOG_LEVEL_CONNECT, - "Looks like we reached the end of the last chunk: " - "%d %d %d %d %d. We better stop reading.", - buf[len-5], buf[len-4], buf[len-3], buf[len-2], buf[len-1]); - csp->expected_content_length = byte_count + len; + "Looks like we reached the end of the last chunk. " + "We better stop reading."); + csp->expected_content_length = byte_count + (size_t)len; csp->flags |= CSP_FLAG_CONTENT_LENGTH_SET; } } @@ -2701,7 +2715,7 @@ static void chat(struct client_state *csp) log_error(LOG_LEVEL_ERROR, "write modified content to client failed: %E"); freez(hdr); freez(p); - return; + break; } freez(hdr); @@ -2758,8 +2772,7 @@ static void chat(struct client_state *csp) log_error(LOG_LEVEL_ERROR, "Out of memory while trying to flush."); rsp = cgi_error_memory(); send_crunch_response(csp, rsp); - - return; + break; } hdrlen = strlen(hdr); @@ -2770,7 +2783,7 @@ static void chat(struct client_state *csp) log_error(LOG_LEVEL_CONNECT, "Flush header and buffers to client failed: %E"); freez(hdr); - return; + break; } /* @@ -2789,7 +2802,7 @@ static void chat(struct client_state *csp) if (write_socket(csp->cfd, buf, (size_t)len)) { log_error(LOG_LEVEL_ERROR, "write to client failed: %E"); - return; + break; } } byte_count += (size_t)len; @@ -2797,6 +2810,7 @@ static void chat(struct client_state *csp) } else { + const char *header_start; /* * We're still looking for the end of the server's header. * Buffer up the data we just read. If that fails, there's @@ -2807,10 +2821,11 @@ static void chat(struct client_state *csp) log_error(LOG_LEVEL_ERROR, "Out of memory while looking for end of server headers."); rsp = cgi_error_memory(); send_crunch_response(csp, rsp); - - return; + break; } + header_start = csp->iob->cur; + /* Convert iob into something sed() can digest */ if (JB_ERR_PARSE == get_server_headers(csp)) { @@ -2842,7 +2857,7 @@ static void chat(struct client_state *csp) log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s\" 502 0", csp->ip_addr_str, http->cmd); write_socket(csp->cfd, NO_SERVER_DATA_RESPONSE, strlen(NO_SERVER_DATA_RESPONSE)); free_http_request(http); - return; + break; } assert(csp->headers->first->str); @@ -2866,7 +2881,7 @@ static void chat(struct client_state *csp) write_socket(csp->cfd, INVALID_SERVER_HEADERS_RESPONSE, strlen(INVALID_SERVER_HEADERS_RESPONSE)); free_http_request(http); - return; + break; } /* @@ -2893,7 +2908,7 @@ static void chat(struct client_state *csp) * and are done here after cleaning up. */ freez(hdr); - return; + break; } /* Buffer and pcrs filter this if appropriate. */ @@ -2922,11 +2937,21 @@ static void chat(struct client_state *csp) * to the client... it probably can't hear us anyway. */ freez(hdr); - return; + break; } byte_count += (size_t)len; } + else + { + /* + * XXX: the header lenght should probably + * be calculated by get_server_headers(). + */ + int header_length = csp->iob->cur - header_start; + assert(csp->iob->cur > header_start); + byte_count += (size_t)len - header_length; + } /* we're finished with the server's header */ @@ -2947,8 +2972,17 @@ static void chat(struct client_state *csp) } continue; } - - return; /* huh? we should never get here */ + /* + * If we reach this point, the server socket is tainted + * (most likely because we didn't read everything the + * server sent us) and reusing it would lead to garbage. + */ + if ((csp->flags & CSP_FLAG_SERVER_CONNECTION_KEEP_ALIVE)) + { + log_error(LOG_LEVEL_CONNECT, "Unsetting keep-alive flag."); + csp->flags &= ~CSP_FLAG_SERVER_CONNECTION_KEEP_ALIVE; + } + return; } if (csp->content_length == 0)