1/* Licensed to the Apache Software Foundation (ASF) under one or more 2 * contributor license agreements. See the NOTICE file distributed with 3 * this work for additional information regarding copyright ownership. 4 * The ASF licenses this file to You under the Apache License, Version 2.0 5 * (the "License"); you may not use this file except in compliance with 6 * the License. You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#include "apr.h" 18#include "apr_strings.h" 19 20#include "ap_config.h" 21#include "httpd.h" 22#include "http_connection.h" 23#include "http_request.h" 24#include "http_protocol.h" 25#include "ap_mpm.h" 26#include "http_config.h" 27#include "http_core.h" 28#include "http_vhost.h" 29#include "scoreboard.h" 30#include "http_log.h" 31#include "util_filter.h" 32 33APR_HOOK_STRUCT( 34 APR_HOOK_LINK(create_connection) 35 APR_HOOK_LINK(process_connection) 36 APR_HOOK_LINK(pre_connection) 37) 38AP_IMPLEMENT_HOOK_RUN_FIRST(conn_rec *,create_connection, 39 (apr_pool_t *p, server_rec *server, apr_socket_t *csd, long conn_id, void *sbh, apr_bucket_alloc_t *alloc), 40 (p, server, csd, conn_id, sbh, alloc), NULL) 41AP_IMPLEMENT_HOOK_RUN_FIRST(int,process_connection,(conn_rec *c),(c),DECLINED) 42AP_IMPLEMENT_HOOK_RUN_ALL(int,pre_connection,(conn_rec *c, void *csd),(c, csd),OK,DECLINED) 43/* 44 * More machine-dependent networking gooo... on some systems, 45 * you've got to be *really* sure that all the packets are acknowledged 46 * before closing the connection, since the client will not be able 47 * to see the last response if their TCP buffer is flushed by a RST 48 * packet from us, which is what the server's TCP stack will send 49 * if it receives any request data after closing the connection. 50 * 51 * In an ideal world, this function would be accomplished by simply 52 * setting the socket option SO_LINGER and handling it within the 53 * server's TCP stack while the process continues on to the next request. 54 * Unfortunately, it seems that most (if not all) operating systems 55 * block the server process on close() when SO_LINGER is used. 56 * For those that don't, see USE_SO_LINGER below. For the rest, 57 * we have created a home-brew lingering_close. 58 * 59 * Many operating systems tend to block, puke, or otherwise mishandle 60 * calls to shutdown only half of the connection. You should define 61 * NO_LINGCLOSE in ap_config.h if such is the case for your system. 62 */ 63#ifndef MAX_SECS_TO_LINGER 64#define MAX_SECS_TO_LINGER 30 65#endif 66 67AP_CORE_DECLARE(void) ap_flush_conn(conn_rec *c) 68{ 69 apr_bucket_brigade *bb; 70 apr_bucket *b; 71 72 bb = apr_brigade_create(c->pool, c->bucket_alloc); 73 74 /* FLUSH bucket */ 75 b = apr_bucket_flush_create(c->bucket_alloc); 76 APR_BRIGADE_INSERT_TAIL(bb, b); 77 78 /* End Of Connection bucket */ 79 b = ap_bucket_eoc_create(c->bucket_alloc); 80 APR_BRIGADE_INSERT_TAIL(bb, b); 81 82 ap_pass_brigade(c->output_filters, bb); 83} 84 85/* we now proceed to read from the client until we get EOF, or until 86 * MAX_SECS_TO_LINGER has passed. the reasons for doing this are 87 * documented in a draft: 88 * 89 * http://www.ics.uci.edu/pub/ietf/http/draft-ietf-http-connection-00.txt 90 * 91 * in a nutshell -- if we don't make this effort we risk causing 92 * TCP RST packets to be sent which can tear down a connection before 93 * all the response data has been sent to the client. 94 */ 95#define SECONDS_TO_LINGER 2 96 97AP_DECLARE(int) ap_start_lingering_close(conn_rec *c) 98{ 99 apr_socket_t *csd = ap_get_conn_socket(c); 100 101 if (!csd) { 102 return 1; 103 } 104 105 if (c->sbh) { 106 ap_update_child_status(c->sbh, SERVER_CLOSING, NULL); 107 } 108 109#ifdef NO_LINGCLOSE 110 ap_flush_conn(c); /* just close it */ 111 apr_socket_close(csd); 112 return 1; 113#endif 114 115 /* Close the connection, being careful to send out whatever is still 116 * in our buffers. If possible, try to avoid a hard close until the 117 * client has ACKed our FIN and/or has stopped sending us data. 118 */ 119 120 /* Send any leftover data to the client, but never try to again */ 121 ap_flush_conn(c); 122 123 if (c->aborted) { 124 apr_socket_close(csd); 125 return 1; 126 } 127 128 /* Shut down the socket for write, which will send a FIN 129 * to the peer. 130 */ 131 if (apr_socket_shutdown(csd, APR_SHUTDOWN_WRITE) != APR_SUCCESS 132 || c->aborted) { 133 apr_socket_close(csd); 134 return 1; 135 } 136 137 return 0; 138} 139 140AP_DECLARE(void) ap_lingering_close(conn_rec *c) 141{ 142 char dummybuf[512]; 143 apr_size_t nbytes; 144 apr_time_t timeup = 0; 145 apr_socket_t *csd = ap_get_conn_socket(c); 146 147 if (ap_start_lingering_close(c)) { 148 return; 149 } 150 151 /* Read available data from the client whilst it continues sending 152 * it, for a maximum time of MAX_SECS_TO_LINGER. If the client 153 * does not send any data within 2 seconds (a value pulled from 154 * Apache 1.3 which seems to work well), give up. 155 */ 156 apr_socket_timeout_set(csd, apr_time_from_sec(SECONDS_TO_LINGER)); 157 apr_socket_opt_set(csd, APR_INCOMPLETE_READ, 1); 158 159 /* The common path here is that the initial apr_socket_recv() call 160 * will return 0 bytes read; so that case must avoid the expensive 161 * apr_time_now() call and time arithmetic. */ 162 163 do { 164 nbytes = sizeof(dummybuf); 165 if (apr_socket_recv(csd, dummybuf, &nbytes) || nbytes == 0) 166 break; 167 168 if (timeup == 0) { 169 /* 170 * First time through; 171 * calculate now + 30 seconds (MAX_SECS_TO_LINGER). 172 * 173 * If some module requested a shortened waiting period, only wait for 174 * 2s (SECONDS_TO_LINGER). This is useful for mitigating certain 175 * DoS attacks. 176 */ 177 if (apr_table_get(c->notes, "short-lingering-close")) { 178 timeup = apr_time_now() + apr_time_from_sec(SECONDS_TO_LINGER); 179 } 180 else { 181 timeup = apr_time_now() + apr_time_from_sec(MAX_SECS_TO_LINGER); 182 } 183 continue; 184 } 185 } while (apr_time_now() < timeup); 186 187 apr_socket_close(csd); 188 return; 189} 190 191AP_CORE_DECLARE(void) ap_process_connection(conn_rec *c, void *csd) 192{ 193 int rc; 194 ap_update_vhost_given_ip(c); 195 196 rc = ap_run_pre_connection(c, csd); 197 if (rc != OK && rc != DONE) { 198 c->aborted = 1; 199 } 200 201 if (!c->aborted) { 202 ap_run_process_connection(c); 203 } 204} 205 206