X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=jcc.c;h=36ac4f06eb734e3a6e183c73272c4536616ef4e5;hp=79c0eaa8134dc82309ded04aaba2a89e32ce5d57;hb=b15aee14f3dc660a966acb7c3f542586a768a1a0;hpb=23584c9dc63b567b79cc671965cc329e2e54c505 diff --git a/jcc.c b/jcc.c index 79c0eaa8..36ac4f06 100644 --- a/jcc.c +++ b/jcc.c @@ -1835,7 +1835,8 @@ static jb_err receive_client_request(struct client_state *csp) if (!data_is_available(csp->cfd, csp->config->socket_timeout)) { log_error(LOG_LEVEL_ERROR, - "Stopped grabbing the client headers."); + "Client headers did not arrive in time. Timeout: %d", + csp->config->socket_timeout); destroy_list(headers); return JB_ERR_PARSE; } @@ -2080,12 +2081,13 @@ static int read_http_request_body(struct client_state *csp) if (to_read != 0) { - log_error(LOG_LEVEL_CONNECT, "Not enough request body has been read: expected %llu more bytes", - csp->expected_client_content_length); + log_error(LOG_LEVEL_CONNECT, + "Not enough request body has been read: expected %lu more bytes", + to_read); return 1; } - log_error(LOG_LEVEL_CONNECT, "The last %llu bytes of the request body have been read", - csp->expected_client_content_length); + log_error(LOG_LEVEL_CONNECT, + "The last %d bytes of the request body have been read", len); return 0; } @@ -2158,7 +2160,7 @@ static int can_filter_request_body(const struct client_state *csp) { log_error(LOG_LEVEL_INFO, "Not filtering request body from %s: buffer limit %lu will be exceeded " - "(content length %lluu)", csp->ip_addr_str, csp->config->buffer_limit, + "(content length %llu)", csp->ip_addr_str, csp->config->buffer_limit, csp->expected_client_content_length); return FALSE; } @@ -2205,6 +2207,7 @@ static int send_http_request(struct client_state *csp) update_client_headers(csp, to_send_len)) { log_error(LOG_LEVEL_HEADER, "Error updating client headers"); + freez(to_send); return 1; } csp->expected_client_content_length = 0; @@ -2229,6 +2232,10 @@ static int send_http_request(struct client_state *csp) { log_error(LOG_LEVEL_CONNECT, "Failed sending request headers to: %s: %E", csp->http->hostport); + if (filter_client_body) + { + freez(to_send); + } return 1; } @@ -2520,9 +2527,10 @@ static int send_https_request(struct client_state *csp) /********************************************************************* * - * Function : receive_encrypted_request + * Function : receive_encrypted_request_headers * - * Description : Receives an encrypted request. + * Description : Receives the encrypted request headers when + * https-inspecting. * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) @@ -2531,7 +2539,7 @@ static int send_https_request(struct client_state *csp) * JB_ERR_PARSE or JB_ERR_MEMORY otherwise * *********************************************************************/ -static jb_err receive_encrypted_request(struct client_state *csp) +static jb_err receive_encrypted_request_headers(struct client_state *csp) { char buf[BUFFER_SIZE]; int len; @@ -2539,7 +2547,7 @@ static jb_err receive_encrypted_request(struct client_state *csp) do { - log_error(LOG_LEVEL_HEADER, "Reading encrypted headers"); + log_error(LOG_LEVEL_HEADER, "Waiting for encrypted client headers"); if (!is_ssl_pending(&(csp->ssl_client_attr)) && !data_is_available(csp->cfd, csp->config->socket_timeout)) { @@ -2675,9 +2683,10 @@ static jb_err change_encrypted_request_destination(struct client_state *csp) /********************************************************************* * - * Function : process_encrypted_request + * Function : process_encrypted_request_headers * - * Description : Receives and parses an encrypted request. + * Description : Receives and parses the encrypted headers send + * by the client when https-inspecting. * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) @@ -2686,7 +2695,7 @@ static jb_err change_encrypted_request_destination(struct client_state *csp) * JB_ERR_PARSE or JB_ERR_MEMORY otherwise * *********************************************************************/ -static jb_err process_encrypted_request(struct client_state *csp) +static jb_err process_encrypted_request_headers(struct client_state *csp) { char *p; char *request_line; @@ -2703,7 +2712,7 @@ static jb_err process_encrypted_request(struct client_state *csp) csp->flags |= CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE; } #endif - err = receive_encrypted_request(csp); + err = receive_encrypted_request_headers(csp); if (err != JB_ERR_OK) { if (csp->client_iob->cur == NULL || @@ -2798,6 +2807,8 @@ static jb_err process_encrypted_request(struct client_state *csp) "Failed to get the encrypted request destination"); ssl_send_data_delayed(&(csp->ssl_client_attr), (const unsigned char *)CHEADER, strlen(CHEADER), get_write_delay(csp)); + destroy_list(headers); + return JB_ERR_PARSE; } @@ -2870,8 +2881,7 @@ static jb_err process_encrypted_request(struct client_state *csp) return JB_ERR_PARSE; } - log_error(LOG_LEVEL_HEADER, "Encrypted request processed"); - log_applied_actions(csp->action); + log_error(LOG_LEVEL_HEADER, "Encrypted request headers processed"); log_error(LOG_LEVEL_REQUEST, "https://%s%s", csp->http->hostport, csp->http->path); @@ -2937,7 +2947,7 @@ static void continue_https_chat(struct client_state *csp) { const struct forward_spec *fwd; - if (JB_ERR_OK != process_encrypted_request(csp)) + if (JB_ERR_OK != process_encrypted_request_headers(csp)) { csp->flags &= ~CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE; return; @@ -2977,6 +2987,8 @@ static void continue_https_chat(struct client_state *csp) return; } + log_applied_actions(csp->action); + log_error(LOG_LEVEL_CONNECT, "Reusing server socket %d connected to %s. Requests already sent: %u.", csp->server_connection.sfd, csp->server_connection.host, @@ -3009,7 +3021,8 @@ static void continue_https_chat(struct client_state *csp) * Function : handle_established_connection * * Description : Shuffle data between client and server once the - * connection has been established. + * connection has been established and the request + * has been sent. * * Parameters : * 1 : csp = Current client state (buffers, headers, etc...) @@ -3096,6 +3109,16 @@ static void handle_established_connection(struct client_state *csp) */ goto server_wants_to_talk; } + if (watch_client_socket && client_use_ssl(csp) && + is_ssl_pending(&(csp->ssl_client_attr))) + { + /* + * The TLS libray may also consume all of the remaining data + * from the client when we're shuffling the data from an + * unbuffered request body to the server. + */ + goto client_wants_to_talk; + } #endif #ifndef HAVE_POLL FD_ZERO(&rfds); @@ -3237,7 +3260,13 @@ static void handle_established_connection(struct client_state *csp) if (FD_ISSET(csp->cfd, &rfds)) #endif /* def HAVE_POLL*/ { - int max_bytes_to_read = (int)csp->receive_buffer_size; + int max_bytes_to_read; + +#ifdef FEATURE_HTTPS_INSPECTION + client_wants_to_talk: +#endif + + max_bytes_to_read = (int)csp->receive_buffer_size; #ifdef FEATURE_CONNECTION_KEEP_ALIVE if ((csp->flags & CSP_FLAG_CLIENT_REQUEST_COMPLETELY_READ)) @@ -4316,7 +4345,7 @@ static void chat(struct client_state *csp) "Failed to open a secure connection with the client"); return; } - if (JB_ERR_OK != process_encrypted_request(csp)) + if (JB_ERR_OK != process_encrypted_request_headers(csp)) { close_client_ssl_connection(csp); return; @@ -4336,13 +4365,14 @@ static void chat(struct client_state *csp) } #endif + log_applied_actions(csp->action); + /* decide how to route the HTTP request */ fwd = forward_url(csp, http); freez(csp->headers->first->str); build_request_line(csp, fwd, &csp->headers->first->str); - log_applied_actions(csp->action); if (fwd->forward_host) { log_error(LOG_LEVEL_CONNECT, "via [%s]:%d to: %s", @@ -5819,15 +5849,18 @@ static jb_socket bind_port_helper(const char *haddr, int hport, int backlog) "can't bind to %s:%d: There may be another Privoxy " "or some other proxy running on port %d", bind_address, hport, hport); + exit(-1); case -2: log_error(LOG_LEVEL_FATAL, "can't bind to %s:%d: The hostname is not resolvable", bind_address, hport); + exit(-1); default: log_error(LOG_LEVEL_FATAL, "can't bind to %s:%d: %E", bind_address, hport); + exit(-1); } /* shouldn't get here */ @@ -6097,7 +6130,7 @@ static void listen_loop(void) if ((0 != config->max_client_connections) && (active_threads >= config->max_client_connections)) { - log_error(LOG_LEVEL_CONNECT, + log_error(LOG_LEVEL_ERROR, "Rejecting connection from %s. Maximum number of connections reached.", csp->ip_addr_str); write_socket_delayed(csp->cfd, TOO_MANY_CONNECTIONS_RESPONSE, @@ -6133,7 +6166,7 @@ static void listen_loop(void) } #endif -#if defined(_WIN32) && !defined(_CYGWIN) && !defined(SELECTED_ONE_OPTION) +#if defined(_WIN32) && !defined(SELECTED_ONE_OPTION) #define SELECTED_ONE_OPTION child_id = _beginthread( (void (*)(void *))serve, @@ -6267,6 +6300,8 @@ static void listen_loop(void) log_error(LOG_LEVEL_INFO, "Graceful termination requested."); + close_ports_helper(bfds); + unload_current_config_file(); unload_current_actions_file(); unload_current_re_filterfile();