Commit 71af06d3 authored by William A. Rowe Jr's avatar William A. Rowe Jr
Browse files

Backports: r1185385 

Submitted by: sf
Downgrade some more log messages indicating client errors from level error to
info. Add log messages for various reasons to return HTTP_BAD_REQUEST.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x-merge-http-strict@1775705 13f79535-47bb-0310-9956-ffa450edef68
parent 7eff98c5

server/protocol.c

+34 −7
Original line number Diff line number Diff line
@@ -702,9 +702,21 @@ static int table_do_fn_check_lengths(void *r_, const char *key, 
                               "\n<pre>\n",

                               ap_escape_html(r->pool, key),

                               "</pre>\n", NULL));

    ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, "Request header exceeds "

                  "LimitRequestFieldSize after merging: %s", key);

    return 0;

}



/* get the length of the field name for logging, but no more than 80 bytes */

#define LOG_NAME_MAX_LEN 80

static int field_name_len(const char *field)

{

    const char *end = ap_strchr_c(field, ':');

    if (end == NULL || end - field > LOG_NAME_MAX_LEN)

        return LOG_NAME_MAX_LEN;

    return end - field;

}



AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb)

{

    char *last_field = NULL;
@@ -755,6 +767,9 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb 
                ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, 

                              "Request header exceeds LimitRequestFieldSize: "

                              "%.*s", field_name_len(field), field);

                ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,

                              "Request header exceeds LimitRequestFieldSize: "

                              "%.*s", field_name_len(field), field);

            }

            return;

        }
@@ -786,6 +801,10 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb 
                                  "Request header exceeds LimitRequestFieldSize "

                                  "after folding: %.*s",

                                  field_name_len(last_field), last_field);

                    ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,

                                  "Request header exceeds LimitRequestFieldSize "

                                  "after folding: %.*s",

                                  field_name_len(last_field), last_field);

                    return;

                }
@@ -811,6 +830,9 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb 
                    apr_table_setn(r->notes, "error-notes",

                                   "The number of request header fields "

                                   "exceeds this server's limit.");

                    ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,

                                  "Number of request headers exceeds "

                                  "LimitRequestFields");

                    return;

                }
@@ -829,6 +851,10 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb 
                                  "separator: %.*s", (int)LOG_NAME_MAX_LEN,

                                  last_field);



                    ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,

                                  "Request header field is missing ':' "

                                  "separator: %.*s", (int)LOG_NAME_MAX_LEN,

                                  last_field);

                    return;

                }
@@ -957,12 +983,13 @@ request_rec *ap_read_request(conn_rec *conn) 
        if (r->status == HTTP_REQUEST_URI_TOO_LARGE

            || r->status == HTTP_BAD_REQUEST) {

            if (r->status == HTTP_BAD_REQUEST) {

                ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,

                ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,

                              "request failed: invalid characters in URI");

            }

            else {

                ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,

                              "request failed: URI too long (longer than %d)", r->server->limit_req_line);

                ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,

                              "request failed: URI too long (longer than %d)",

                              r->server->limit_req_line);

            }

            ap_send_error_response(r, 0);

            ap_update_child_status(conn->sbh, SERVER_BUSY_LOG, r);
@@ -999,7 +1026,7 @@ request_rec *ap_read_request(conn_rec *conn) 


        ap_get_mime_headers_core(r, tmp_bb);

        if (r->status != HTTP_OK) {

            ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,

            ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,

                          "request failed: error reading the headers");

            ap_send_error_response(r, 0);

            ap_update_child_status(conn->sbh, SERVER_BUSY_LOG, r);
@@ -1046,7 +1073,7 @@ request_rec *ap_read_request(conn_rec *conn) 
             * headers! Have to dink things just to make sure the error message

             * comes through...

             */

            ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,

            ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,

                          "client sent invalid HTTP/0.9 request: HEAD %s",

                          r->uri);

            r->header_only = 0;
@@ -1088,7 +1115,7 @@ request_rec *ap_read_request(conn_rec *conn) 
         * a Host: header, and the server MUST respond with 400 if it doesn't.

         */

        r->status = HTTP_BAD_REQUEST;

        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,

        ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,

                      "client sent HTTP/1.1 request without hostname "

                      "(see RFC2616 section 14.23): %s", r->uri);

    }
@@ -1310,7 +1337,7 @@ AP_DECLARE(int) ap_get_basic_auth_pw(request_rec *r, const char **pw) 


    if (strcasecmp(ap_getword(r->pool, &auth_line, ' '), "Basic")) {

        /* Client tried to authenticate using wrong auth scheme */

        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,

        ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,

                      "client used wrong authentication scheme: %s", r->uri);

        ap_note_basic_auth_failure(r);

        return HTTP_UNAUTHORIZED;