csp->ip_addr_str, http->ocmd, status_code, rsp->content_length);
/* Write the answer to the client */
csp->ip_addr_str, http->ocmd, status_code, rsp->content_length);
/* Write the answer to the client */
/*********************************************************************
*
* Function : receive_and_send_encrypted_post_data
/*********************************************************************
*
* Function : receive_and_send_encrypted_post_data
long len = 0; /* for buffer sizes (and negative error codes) */
int buffer_and_filter_content = 0;
unsigned int write_delay;
long len = 0; /* for buffer sizes (and negative error codes) */
int buffer_and_filter_content = 0;
unsigned int write_delay;
/*
* Test if some data from client or destination server are pending
* on TLS/SSL. We must work with them preferably. TLS/SSL data can
/*
* Test if some data from client or destination server are pending
* on TLS/SSL. We must work with them preferably. TLS/SSL data can
send_crunch_response(csp, error_response(csp, "connection-timeout"));
}
mark_server_socket_tainted(csp);
send_crunch_response(csp, error_response(csp, "connection-timeout"));
}
mark_server_socket_tainted(csp);
log_error(LOG_LEVEL_ERROR, "select() failed!: %E");
#endif
mark_server_socket_tainted(csp);
log_error(LOG_LEVEL_ERROR, "select() failed!: %E");
#endif
mark_server_socket_tainted(csp);
assert(max_bytes_to_read <= csp->receive_buffer_size);
#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */
assert(max_bytes_to_read <= csp->receive_buffer_size);
#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */
{
log_error(LOG_LEVEL_ERROR, "write to: %s failed: %E", http->host);
mark_server_socket_tainted(csp);
{
log_error(LOG_LEVEL_ERROR, "write to: %s failed: %E", http->host);
mark_server_socket_tainted(csp);
log_error(LOG_LEVEL_CONNECT,
"The server still wants to talk, but the client hung up on us.");
mark_server_socket_tainted(csp);
log_error(LOG_LEVEL_CONNECT,
"The server still wants to talk, but the client hung up on us.");
mark_server_socket_tainted(csp);
log_error(LOG_LEVEL_ERROR, "read from: %s failed: %E", http->host);
if ((http->ssl && (csp->fwd == NULL))
log_error(LOG_LEVEL_ERROR, "read from: %s failed: %E", http->host);
if ((http->ssl && (csp->fwd == NULL))
log_error(LOG_LEVEL_ERROR, "Already forwarded the original headers. "
"Unable to tell the client about the problem.");
mark_server_socket_tainted(csp);
log_error(LOG_LEVEL_ERROR, "Already forwarded the original headers. "
"Unable to tell the client about the problem.");
mark_server_socket_tainted(csp);
{
if (write_socket_delayed(csp->cfd, hdr, strlen(hdr), write_delay)
|| write_socket_delayed(csp->cfd, ((p != NULL) ? p : csp->iob->cur),
{
if (write_socket_delayed(csp->cfd, hdr, strlen(hdr), write_delay)
|| write_socket_delayed(csp->cfd, ((p != NULL) ? p : csp->iob->cur),
rsp = cgi_error_memory();
send_crunch_response(csp, rsp);
mark_server_socket_tainted(csp);
rsp = cgi_error_memory();
send_crunch_response(csp, rsp);
mark_server_socket_tainted(csp);
{
if (write_socket_delayed(csp->cfd, hdr, hdrlen, write_delay)
|| ((flushed = flush_iob(csp->cfd, csp->iob, write_delay)) < 0)
{
if (write_socket_delayed(csp->cfd, hdr, hdrlen, write_delay)
|| ((flushed = flush_iob(csp->cfd, csp->iob, write_delay)) < 0)
{
if (write_socket_delayed(csp->cfd, csp->receive_buffer,
(size_t)len, write_delay))
{
log_error(LOG_LEVEL_ERROR, "write to client failed: %E");
mark_server_socket_tainted(csp);
{
if (write_socket_delayed(csp->cfd, csp->receive_buffer,
(size_t)len, write_delay))
{
log_error(LOG_LEVEL_ERROR, "write to client failed: %E");
mark_server_socket_tainted(csp);
rsp = cgi_error_memory();
send_crunch_response(csp, rsp);
mark_server_socket_tainted(csp);
rsp = cgi_error_memory();
send_crunch_response(csp, rsp);
mark_server_socket_tainted(csp);
"Applying the MS IIS5 hack didn't help.");
log_error(LOG_LEVEL_CLF,
"%s - - [%T] \"%s\" 502 0", csp->ip_addr_str, http->cmd);
"Applying the MS IIS5 hack didn't help.");
log_error(LOG_LEVEL_CLF,
"%s - - [%T] \"%s\" 502 0", csp->ip_addr_str, http->cmd);
{
write_socket_delayed(csp->cfd,
INVALID_SERVER_HEADERS_RESPONSE,
strlen(INVALID_SERVER_HEADERS_RESPONSE), write_delay);
}
mark_server_socket_tainted(csp);
{
write_socket_delayed(csp->cfd,
INVALID_SERVER_HEADERS_RESPONSE,
strlen(INVALID_SERVER_HEADERS_RESPONSE), write_delay);
}
mark_server_socket_tainted(csp);
csp->headers->first->str);
log_error(LOG_LEVEL_CLF,
"%s - - [%T] \"%s\" 502 0", csp->ip_addr_str, http->cmd);
csp->headers->first->str);
log_error(LOG_LEVEL_CLF,
"%s - - [%T] \"%s\" 502 0", csp->ip_addr_str, http->cmd);
{
write_socket_delayed(csp->cfd, INVALID_SERVER_HEADERS_RESPONSE,
strlen(INVALID_SERVER_HEADERS_RESPONSE), write_delay);
}
free_http_request(http);
mark_server_socket_tainted(csp);
{
write_socket_delayed(csp->cfd, INVALID_SERVER_HEADERS_RESPONSE,
strlen(INVALID_SERVER_HEADERS_RESPONSE), write_delay);
}
free_http_request(http);
mark_server_socket_tainted(csp);
{
if (write_socket_delayed(csp->cfd, hdr, strlen(hdr), write_delay)
|| ((len = flush_iob(csp->cfd, csp->iob, write_delay)) < 0))
{
if (write_socket_delayed(csp->cfd, hdr, strlen(hdr), write_delay)
|| ((len = flush_iob(csp->cfd, csp->iob, write_delay)) < 0))
"Applying the MS IIS5 hack didn't help.");
log_error(LOG_LEVEL_CLF,
"%s - - [%T] \"%s\" 502 0", csp->ip_addr_str, http->cmd);
"Applying the MS IIS5 hack didn't help.");
log_error(LOG_LEVEL_CLF,
"%s - - [%T] \"%s\" 502 0", csp->ip_addr_str, http->cmd);
{
write_socket_delayed(csp->cfd, INVALID_SERVER_HEADERS_RESPONSE,
strlen(INVALID_SERVER_HEADERS_RESPONSE), write_delay);
}
mark_server_socket_tainted(csp);
{
write_socket_delayed(csp->cfd, INVALID_SERVER_HEADERS_RESPONSE,
strlen(INVALID_SERVER_HEADERS_RESPONSE), write_delay);
}
mark_server_socket_tainted(csp);
struct http_request *http;
/* Skeleton for HTTP response, if we should intercept the request */
struct http_response *rsp;
struct http_request *http;
/* Skeleton for HTTP response, if we should intercept the request */
struct http_response *rsp;
csp->ip_addr_str, acceptable_connect_ports, csp->http->hostport);
csp->action->flags |= ACTION_BLOCK;
http->ssl = 0;
csp->ip_addr_str, acceptable_connect_ports, csp->http->hostport);
csp->action->flags |= ACTION_BLOCK;
http->ssl = 0;
/*
* Creating TLS/SSL connections with destination server or parent
* proxy. If forwarding is enabled, we must send client request to
/*
* Creating TLS/SSL connections with destination server or parent
* proxy. If forwarding is enabled, we must send client request to
#ifdef FEATURE_CONNECTION_KEEP_ALIVE
save_connection_destination(csp->server_connection.sfd,
#ifdef FEATURE_CONNECTION_KEEP_ALIVE
save_connection_destination(csp->server_connection.sfd,