Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / fdecd03251ffb13d21275d0ebc60a08f849d7e07 / . / src / payload.c
blob: b8f1ca3ca5cb1c386927eab557fe9afe26277b55 [file] [log] [blame]
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]1/*
2 * General protocol-agnostic payload-based sample fetches and ACLs
3 *
4 * Copyright 2000-2013 Willy Tarreau <w@1wt.eu>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 */
12
13#include <stdlib.h>
14#include <string.h>
15
16#include <proto/acl.h>
17#include <proto/arg.h>
18#include <proto/channel.h>
Thierry FOURNIERed66c292013-11-28 11:05:19 +0100[diff] [blame]19#include <proto/pattern.h>
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]20#include <proto/payload.h>
21#include <proto/sample.h>
22
23
24/************************************************************************/
25/* All supported sample fetch functions must be declared here */
26/************************************************************************/
27
28/* wait for more data as long as possible, then return TRUE. This should be
29 * used with content inspection.
30 */
31static int
32smp_fetch_wait_end(struct proxy *px, struct session *s, void *l7, unsigned int opt,
Willy Tarreauef38c392013-07-22 16:29:32 +0200[diff] [blame]33 const struct arg *args, struct sample *smp, const char *kw)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]34{
35 if (!(opt & SMP_OPT_FINAL)) {
36 smp->flags |= SMP_F_MAY_CHANGE;
37 return 0;
38 }
39 smp->type = SMP_T_BOOL;
40 smp->data.uint = 1;
41 return 1;
42}
43
44/* return the number of bytes in the request buffer */
45static int
Willy Tarreau47e8eba2013-09-11 23:28:46 +0200[diff] [blame]46smp_fetch_len(struct proxy *px, struct session *s, void *l7, unsigned int opt,
Willy Tarreauef38c392013-07-22 16:29:32 +0200[diff] [blame]47 const struct arg *args, struct sample *smp, const char *kw)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]48{
Willy Tarreau47e8eba2013-09-11 23:28:46 +0200[diff] [blame]49 struct channel *chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req;
50
51 if (!s || !chn)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]52 return 0;
53
54 smp->type = SMP_T_UINT;
Willy Tarreau47e8eba2013-09-11 23:28:46 +0200[diff] [blame]55 smp->data.uint = chn->buf->i;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]56 smp->flags = SMP_F_VOLATILE | SMP_F_MAY_CHANGE;
57 return 1;
58}
59
60/* returns the type of SSL hello message (mainly used to detect an SSL hello) */
61static int
62smp_fetch_ssl_hello_type(struct proxy *px, struct session *s, void *l7, unsigned int opt,
Willy Tarreauef38c392013-07-22 16:29:32 +0200[diff] [blame]63 const struct arg *args, struct sample *smp, const char *kw)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]64{
65 int hs_len;
66 int hs_type, bleft;
67 struct channel *chn;
68 const unsigned char *data;
69
70 if (!s)
71 goto not_ssl_hello;
72
73 chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req;
74
Willy Tarreau1e89acb2014-11-26 13:24:24 +0100[diff] [blame]75 if (!chn)
76 goto not_ssl_hello;
77
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]78 bleft = chn->buf->i;
79 data = (const unsigned char *)chn->buf->p;
80
81 if (!bleft)
82 goto too_short;
83
84 if ((*data >= 0x14 && *data <= 0x17) || (*data == 0xFF)) {
85 /* SSLv3 header format */
86 if (bleft < 9)
87 goto too_short;
88
89 /* ssl version 3 */
90 if ((data[1] << 16) + data[2] < 0x00030000)
91 goto not_ssl_hello;
92
93 /* ssl message len must present handshake type and len */
94 if ((data[3] << 8) + data[4] < 4)
95 goto not_ssl_hello;
96
97 /* format introduced with SSLv3 */
98
99 hs_type = (int)data[5];
100 hs_len = ( data[6] << 16 ) + ( data[7] << 8 ) + data[8];
101
102 /* not a full handshake */
103 if (bleft < (9 + hs_len))
104 goto too_short;
105
106 }
107 else {
108 goto not_ssl_hello;
109 }
110
111 smp->type = SMP_T_UINT;
112 smp->data.uint = hs_type;
113 smp->flags = SMP_F_VOLATILE;
114
115 return 1;
116
117 too_short:
118 smp->flags = SMP_F_MAY_CHANGE;
119
120 not_ssl_hello:
121
122 return 0;
123}
124
125/* Return the version of the SSL protocol in the request. It supports both
126 * SSLv3 (TLSv1) header format for any message, and SSLv2 header format for
127 * the hello message. The SSLv3 format is described in RFC 2246 p49, and the
128 * SSLv2 format is described here, and completed p67 of RFC 2246 :
129 * http://wp.netscape.com/eng/security/SSL_2.html
130 *
131 * Note: this decoder only works with non-wrapping data.
132 */
133static int
134smp_fetch_req_ssl_ver(struct proxy *px, struct session *s, void *l7, unsigned int opt,
Willy Tarreauef38c392013-07-22 16:29:32 +0200[diff] [blame]135 const struct arg *args, struct sample *smp, const char *kw)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]136{
137 int version, bleft, msg_len;
138 const unsigned char *data;
139
140 if (!s || !s->req)
141 return 0;
142
143 msg_len = 0;
144 bleft = s->req->buf->i;
145 if (!bleft)
146 goto too_short;
147
148 data = (const unsigned char *)s->req->buf->p;
149 if ((*data >= 0x14 && *data <= 0x17) || (*data == 0xFF)) {
150 /* SSLv3 header format */
Lukas Tribus1af6a322015-11-05 13:59:30 +0100[diff] [blame]151 if (bleft < 11)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]152 goto too_short;
153
Lukas Tribus1af6a322015-11-05 13:59:30 +0100[diff] [blame]154 version = (data[1] << 16) + data[2]; /* record layer version: major, minor */
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]155 msg_len = (data[3] << 8) + data[4]; /* record length */
156
157 /* format introduced with SSLv3 */
158 if (version < 0x00030000)
159 goto not_ssl;
160
Lukas Tribus1af6a322015-11-05 13:59:30 +0100[diff] [blame]161 /* message length between 6 and 2^14 + 2048 */
162 if (msg_len < 6 || msg_len > ((1<<14) + 2048))
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]163 goto not_ssl;
164
165 bleft -= 5; data += 5;
Lukas Tribus1af6a322015-11-05 13:59:30 +0100[diff] [blame]166
167 /* return the client hello client version, not the record layer version */
168 version = (data[4] << 16) + data[5]; /* client hello version: major, minor */
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]169 } else {
170 /* SSLv2 header format, only supported for hello (msg type 1) */
171 int rlen, plen, cilen, silen, chlen;
172
173 if (*data & 0x80) {
174 if (bleft < 3)
175 goto too_short;
176 /* short header format : 15 bits for length */
177 rlen = ((data[0] & 0x7F) << 8) | data[1];
178 plen = 0;
179 bleft -= 2; data += 2;
180 } else {
181 if (bleft < 4)
182 goto too_short;
183 /* long header format : 14 bits for length + pad length */
184 rlen = ((data[0] & 0x3F) << 8) | data[1];
185 plen = data[2];
186 bleft -= 3; data += 2;
187 }
188
189 if (*data != 0x01)
190 goto not_ssl;
191 bleft--; data++;
192
193 if (bleft < 8)
194 goto too_short;
195 version = (data[0] << 16) + data[1]; /* version: major, minor */
196 cilen = (data[2] << 8) + data[3]; /* cipher len, multiple of 3 */
197 silen = (data[4] << 8) + data[5]; /* session_id_len: 0 or 16 */
198 chlen = (data[6] << 8) + data[7]; /* 16<=challenge length<=32 */
199
200 bleft -= 8; data += 8;
201 if (cilen % 3 != 0)
202 goto not_ssl;
203 if (silen && silen != 16)
204 goto not_ssl;
205 if (chlen < 16 || chlen > 32)
206 goto not_ssl;
207 if (rlen != 9 + cilen + silen + chlen)
208 goto not_ssl;
209
210 /* focus on the remaining data length */
211 msg_len = cilen + silen + chlen + plen;
212 }
213 /* We could recursively check that the buffer ends exactly on an SSL
214 * fragment boundary and that a possible next segment is still SSL,
215 * but that's a bit pointless. However, we could still check that
216 * all the part of the request which fits in a buffer is already
217 * there.
218 */
219 if (msg_len > buffer_max_len(s->req) + s->req->buf->data - s->req->buf->p)
220 msg_len = buffer_max_len(s->req) + s->req->buf->data - s->req->buf->p;
221
222 if (bleft < msg_len)
223 goto too_short;
224
225 /* OK that's enough. We have at least the whole message, and we have
226 * the protocol version.
227 */
228 smp->type = SMP_T_UINT;
229 smp->data.uint = version;
230 smp->flags = SMP_F_VOLATILE;
231 return 1;
232
233 too_short:
234 smp->flags = SMP_F_MAY_CHANGE;
235 not_ssl:
236 return 0;
237}
238
239/* Try to extract the Server Name Indication that may be presented in a TLS
240 * client hello handshake message. The format of the message is the following
241 * (cf RFC5246 + RFC6066) :
242 * TLS frame :
243 * - uint8 type = 0x16 (Handshake)
244 * - uint16 version >= 0x0301 (TLSv1)
245 * - uint16 length (frame length)
246 * - TLS handshake :
247 * - uint8 msg_type = 0x01 (ClientHello)
248 * - uint24 length (handshake message length)
249 * - ClientHello :
250 * - uint16 client_version >= 0x0301 (TLSv1)
251 * - uint8 Random[32] (4 first ones are timestamp)
252 * - SessionID :
253 * - uint8 session_id_len (0..32) (SessionID len in bytes)
254 * - uint8 session_id[session_id_len]
255 * - CipherSuite :
256 * - uint16 cipher_len >= 2 (Cipher length in bytes)
257 * - uint16 ciphers[cipher_len/2]
258 * - CompressionMethod :
259 * - uint8 compression_len >= 1 (# of supported methods)
260 * - uint8 compression_methods[compression_len]
261 * - optional client_extension_len (in bytes)
262 * - optional sequence of ClientHelloExtensions (as many bytes as above):
263 * - uint16 extension_type = 0 for server_name
264 * - uint16 extension_len
265 * - opaque extension_data[extension_len]
266 * - uint16 server_name_list_len (# of bytes here)
267 * - opaque server_names[server_name_list_len bytes]
268 * - uint8 name_type = 0 for host_name
269 * - uint16 name_len
270 * - opaque hostname[name_len bytes]
271 */
272static int
273smp_fetch_ssl_hello_sni(struct proxy *px, struct session *s, void *l7, unsigned int opt,
Willy Tarreauef38c392013-07-22 16:29:32 +0200[diff] [blame]274 const struct arg *args, struct sample *smp, const char *kw)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]275{
276 int hs_len, ext_len, bleft;
277 struct channel *chn;
278 unsigned char *data;
279
280 if (!s)
281 goto not_ssl_hello;
282
283 chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req;
284
Willy Tarreau1e89acb2014-11-26 13:24:24 +0100[diff] [blame]285 if (!chn)
286 goto not_ssl_hello;
287
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]288 bleft = chn->buf->i;
289 data = (unsigned char *)chn->buf->p;
290
291 /* Check for SSL/TLS Handshake */
292 if (!bleft)
293 goto too_short;
294 if (*data != 0x16)
295 goto not_ssl_hello;
296
Lukas Tribus57d22972014-04-10 21:36:22 +0200[diff] [blame]297 /* Check for SSLv3 or later (SSL version >= 3.0) in the record layer*/
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]298 if (bleft < 3)
299 goto too_short;
Lukas Tribus57d22972014-04-10 21:36:22 +0200[diff] [blame]300 if (data[1] < 0x03)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]301 goto not_ssl_hello;
302
303 if (bleft < 5)
304 goto too_short;
305 hs_len = (data[3] << 8) + data[4];
306 if (hs_len < 1 + 3 + 2 + 32 + 1 + 2 + 2 + 1 + 1 + 2 + 2)
307 goto not_ssl_hello; /* too short to have an extension */
308
309 data += 5; /* enter TLS handshake */
310 bleft -= 5;
311
312 /* Check for a complete client hello starting at <data> */
313 if (bleft < 1)
314 goto too_short;
315 if (data[0] != 0x01) /* msg_type = Client Hello */
316 goto not_ssl_hello;
317
318 /* Check the Hello's length */
319 if (bleft < 4)
320 goto too_short;
321 hs_len = (data[1] << 16) + (data[2] << 8) + data[3];
322 if (hs_len < 2 + 32 + 1 + 2 + 2 + 1 + 1 + 2 + 2)
323 goto not_ssl_hello; /* too short to have an extension */
324
325 /* We want the full handshake here */
326 if (bleft < hs_len)
327 goto too_short;
328
329 data += 4;
330 /* Start of the ClientHello message */
331 if (data[0] < 0x03 || data[1] < 0x01) /* TLSv1 minimum */
332 goto not_ssl_hello;
333
334 ext_len = data[34]; /* session_id_len */
335 if (ext_len > 32 || ext_len > (hs_len - 35)) /* check for correct session_id len */
336 goto not_ssl_hello;
337
338 /* Jump to cipher suite */
339 hs_len -= 35 + ext_len;
340 data += 35 + ext_len;
341
342 if (hs_len < 4 || /* minimum one cipher */
343 (ext_len = (data[0] << 8) + data[1]) < 2 || /* minimum 2 bytes for a cipher */
344 ext_len > hs_len)
345 goto not_ssl_hello;
346
347 /* Jump to the compression methods */
348 hs_len -= 2 + ext_len;
349 data += 2 + ext_len;
350
351 if (hs_len < 2 || /* minimum one compression method */
352 data[0] < 1 || data[0] > hs_len) /* minimum 1 bytes for a method */
353 goto not_ssl_hello;
354
355 /* Jump to the extensions */
356 hs_len -= 1 + data[0];
357 data += 1 + data[0];
358
359 if (hs_len < 2 || /* minimum one extension list length */
360 (ext_len = (data[0] << 8) + data[1]) > hs_len - 2) /* list too long */
361 goto not_ssl_hello;
362
363 hs_len = ext_len; /* limit ourselves to the extension length */
364 data += 2;
365
366 while (hs_len >= 4) {
367 int ext_type, name_type, srv_len, name_len;
368
369 ext_type = (data[0] << 8) + data[1];
370 ext_len = (data[2] << 8) + data[3];
371
372 if (ext_len > hs_len - 4) /* Extension too long */
373 goto not_ssl_hello;
374
375 if (ext_type == 0) { /* Server name */
376 if (ext_len < 2) /* need one list length */
377 goto not_ssl_hello;
378
379 srv_len = (data[4] << 8) + data[5];
380 if (srv_len < 4 || srv_len > hs_len - 6)
381 goto not_ssl_hello; /* at least 4 bytes per server name */
382
383 name_type = data[6];
384 name_len = (data[7] << 8) + data[8];
385
386 if (name_type == 0) { /* hostname */
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]387 smp->type = SMP_T_STR;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]388 smp->data.str.str = (char *)data + 9;
389 smp->data.str.len = name_len;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]390 smp->flags = SMP_F_VOLATILE | SMP_F_CONST;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]391 return 1;
392 }
393 }
394
395 hs_len -= 4 + ext_len;
396 data += 4 + ext_len;
397 }
398 /* server name not found */
399 goto not_ssl_hello;
400
401 too_short:
402 smp->flags = SMP_F_MAY_CHANGE;
403
404 not_ssl_hello:
405
406 return 0;
407}
408
Willy Tarreaucadd8c92013-07-22 18:09:52 +0200[diff] [blame]409/* Fetch the request RDP cookie identified in <cname>:<clen>, or any cookie if
Willy Tarreaub169eba2013-12-16 15:14:43 +0100[diff] [blame]410 * <clen> is empty (cname is then ignored). It returns the data into sample <smp>
411 * of type SMP_T_CSTR. Note: this decoder only works with non-wrapping data.
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]412 */
413int
Willy Tarreaucadd8c92013-07-22 18:09:52 +0200[diff] [blame]414fetch_rdp_cookie_name(struct session *s, struct sample *smp, const char *cname, int clen)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]415{
416 int bleft;
417 const unsigned char *data;
418
419 if (!s || !s->req)
420 return 0;
421
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]422 smp->flags = SMP_F_CONST;
423 smp->type = SMP_T_STR;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]424
425 bleft = s->req->buf->i;
426 if (bleft <= 11)
427 goto too_short;
428
429 data = (const unsigned char *)s->req->buf->p + 11;
430 bleft -= 11;
431
432 if (bleft <= 7)
433 goto too_short;
434
435 if (strncasecmp((const char *)data, "Cookie:", 7) != 0)
436 goto not_cookie;
437
438 data += 7;
439 bleft -= 7;
440
441 while (bleft > 0 && *data == ' ') {
442 data++;
443 bleft--;
444 }
445
Willy Tarreaucadd8c92013-07-22 18:09:52 +0200[diff] [blame]446 if (clen) {
447 if (bleft <= clen)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]448 goto too_short;
449
Willy Tarreaucadd8c92013-07-22 18:09:52 +0200[diff] [blame]450 if ((data[clen] != '=') ||
451 strncasecmp(cname, (const char *)data, clen) != 0)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]452 goto not_cookie;
453
Willy Tarreaucadd8c92013-07-22 18:09:52 +0200[diff] [blame]454 data += clen + 1;
455 bleft -= clen + 1;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]456 } else {
457 while (bleft > 0 && *data != '=') {
458 if (*data == '\r' || *data == '\n')
459 goto not_cookie;
460 data++;
461 bleft--;
462 }
463
464 if (bleft < 1)
465 goto too_short;
466
467 if (*data != '=')
468 goto not_cookie;
469
470 data++;
471 bleft--;
472 }
473
474 /* data points to cookie value */
475 smp->data.str.str = (char *)data;
476 smp->data.str.len = 0;
477
478 while (bleft > 0 && *data != '\r') {
479 data++;
480 bleft--;
481 }
482
483 if (bleft < 2)
484 goto too_short;
485
486 if (data[0] != '\r' || data[1] != '\n')
487 goto not_cookie;
488
489 smp->data.str.len = (char *)data - smp->data.str.str;
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]490 smp->flags = SMP_F_VOLATILE | SMP_F_CONST;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]491 return 1;
492
493 too_short:
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]494 smp->flags = SMP_F_MAY_CHANGE | SMP_F_CONST;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]495 not_cookie:
496 return 0;
497}
498
Willy Tarreaucadd8c92013-07-22 18:09:52 +0200[diff] [blame]499/* Fetch the request RDP cookie identified in the args, or any cookie if no arg
500 * is passed. It is usable both for ACL and for samples. Note: this decoder
501 * only works with non-wrapping data. Accepts either 0 or 1 argument. Argument
Willy Tarreaub169eba2013-12-16 15:14:43 +0100[diff] [blame]502 * is a string (cookie name), other types will lead to undefined behaviour. The
503 * returned sample has type SMP_T_CSTR.
Willy Tarreaucadd8c92013-07-22 18:09:52 +0200[diff] [blame]504 */
505int
506smp_fetch_rdp_cookie(struct proxy *px, struct session *s, void *l7, unsigned int opt,
507 const struct arg *args, struct sample *smp, const char *kw)
508{
509 return fetch_rdp_cookie_name(s, smp, args ? args->data.str.str : NULL, args ? args->data.str.len : 0);
510}
511
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]512/* returns either 1 or 0 depending on whether an RDP cookie is found or not */
513static int
514smp_fetch_rdp_cookie_cnt(struct proxy *px, struct session *s, void *l7, unsigned int opt,
Willy Tarreauef38c392013-07-22 16:29:32 +0200[diff] [blame]515 const struct arg *args, struct sample *smp, const char *kw)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]516{
517 int ret;
518
Willy Tarreauef38c392013-07-22 16:29:32 +0200[diff] [blame]519 ret = smp_fetch_rdp_cookie(px, s, l7, opt, args, smp, kw);
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]520
521 if (smp->flags & SMP_F_MAY_CHANGE)
522 return 0;
523
524 smp->flags = SMP_F_VOLATILE;
525 smp->type = SMP_T_UINT;
526 smp->data.uint = ret;
527 return 1;
528}
529
530/* extracts part of a payload with offset and length at a given position */
531static int
532smp_fetch_payload_lv(struct proxy *px, struct session *s, void *l7, unsigned int opt,
Willy Tarreauef38c392013-07-22 16:29:32 +0200[diff] [blame]533 const struct arg *arg_p, struct sample *smp, const char *kw)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]534{
535 unsigned int len_offset = arg_p[0].data.uint;
536 unsigned int len_size = arg_p[1].data.uint;
537 unsigned int buf_offset;
538 unsigned int buf_size = 0;
539 struct channel *chn;
540 int i;
541
542 /* Format is (len offset, len size, buf offset) or (len offset, len size) */
543 /* by default buf offset == len offset + len size */
544 /* buf offset could be absolute or relative to len offset + len size if prefixed by + or - */
545
546 if (!s)
547 return 0;
548
549 chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req;
550
551 if (!chn)
552 return 0;
553
554 if (len_offset + len_size > chn->buf->i)
555 goto too_short;
556
557 for (i = 0; i < len_size; i++) {
558 buf_size = (buf_size << 8) + ((unsigned char *)chn->buf->p)[i + len_offset];
559 }
560
561 /* buf offset may be implicit, absolute or relative */
562 buf_offset = len_offset + len_size;
563 if (arg_p[2].type == ARGT_UINT)
564 buf_offset = arg_p[2].data.uint;
565 else if (arg_p[2].type == ARGT_SINT)
566 buf_offset += arg_p[2].data.sint;
567
568 if (!buf_size || buf_size > chn->buf->size || buf_offset + buf_size > chn->buf->size) {
569 /* will never match */
570 smp->flags = 0;
571 return 0;
572 }
573
574 if (buf_offset + buf_size > chn->buf->i)
575 goto too_short;
576
577 /* init chunk as read only */
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]578 smp->type = SMP_T_BIN;
579 smp->flags = SMP_F_VOLATILE | SMP_F_CONST;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]580 chunk_initlen(&smp->data.str, chn->buf->p + buf_offset, 0, buf_size);
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]581 return 1;
582
583 too_short:
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]584 smp->flags = SMP_F_MAY_CHANGE | SMP_F_CONST;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]585 return 0;
586}
587
588/* extracts some payload at a fixed position and length */
589static int
590smp_fetch_payload(struct proxy *px, struct session *s, void *l7, unsigned int opt,
Willy Tarreauef38c392013-07-22 16:29:32 +0200[diff] [blame]591 const struct arg *arg_p, struct sample *smp, const char *kw)
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]592{
593 unsigned int buf_offset = arg_p[0].data.uint;
594 unsigned int buf_size = arg_p[1].data.uint;
595 struct channel *chn;
596
597 if (!s)
598 return 0;
599
600 chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req;
601
602 if (!chn)
603 return 0;
604
Willy Tarreau00f00842013-08-02 11:07:32 +0200[diff] [blame]605 if (buf_size > chn->buf->size || buf_offset + buf_size > chn->buf->size) {
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]606 /* will never match */
607 smp->flags = 0;
608 return 0;
609 }
610
611 if (buf_offset + buf_size > chn->buf->i)
612 goto too_short;
613
614 /* init chunk as read only */
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]615 smp->type = SMP_T_BIN;
616 smp->flags = SMP_F_VOLATILE | SMP_F_CONST;
Willy Tarreau00f00842013-08-02 11:07:32 +0200[diff] [blame]617 chunk_initlen(&smp->data.str, chn->buf->p + buf_offset, 0, buf_size ? buf_size : (chn->buf->i - buf_offset));
Willy Tarreau00f00842013-08-02 11:07:32 +0200[diff] [blame]618 if (!buf_size && !channel_full(chn) && !channel_input_closed(chn))
619 smp->flags |= SMP_F_MAY_CHANGE;
620
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]621 return 1;
622
623 too_short:
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]624 smp->flags = SMP_F_MAY_CHANGE | SMP_F_CONST;
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]625 return 0;
626}
627
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]628/* This function is used to validate the arguments passed to a "payload_lv" fetch
629 * keyword. This keyword allows two positive integers and an optional signed one,
630 * with the second one being strictly positive and the third one being greater than
631 * the opposite of the two others if negative. It is assumed that the types are
632 * already the correct ones. Returns 0 on error, non-zero if OK. If <err_msg> is
633 * not NULL, it will be filled with a pointer to an error message in case of
634 * error, that the caller is responsible for freeing. The initial location must
635 * either be freeable or NULL.
636 */
637static int val_payload_lv(struct arg *arg, char **err_msg)
638{
639 if (!arg[1].data.uint) {
640 memprintf(err_msg, "payload length must be > 0");
641 return 0;
642 }
643
644 if (arg[2].type == ARGT_SINT &&
645 (int)(arg[0].data.uint + arg[1].data.uint + arg[2].data.sint) < 0) {
646 memprintf(err_msg, "payload offset too negative");
647 return 0;
648 }
649 return 1;
650}
651
652/************************************************************************/
653/* All supported sample and ACL keywords must be declared here. */
654/************************************************************************/
655
656/* Note: must not be declared <const> as its list will be overwritten.
657 * Note: fetches that may return multiple types must be declared as the lowest
658 * common denominator, the type that can be casted into all other ones. For
659 * instance IPv4/IPv6 must be declared IPv4.
660 */
Willy Tarreaudc13c112013-06-21 23:16:39 +0200[diff] [blame]661static struct sample_fetch_kw_list smp_kws = {ILH, {
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]662 { "payload", smp_fetch_payload, ARG2(2,UINT,UINT), NULL, SMP_T_BIN, SMP_USE_L6REQ|SMP_USE_L6RES },
663 { "payload_lv", smp_fetch_payload_lv, ARG3(2,UINT,UINT,SINT), val_payload_lv, SMP_T_BIN, SMP_USE_L6REQ|SMP_USE_L6RES },
664 { "rdp_cookie", smp_fetch_rdp_cookie, ARG1(0,STR), NULL, SMP_T_STR, SMP_USE_L6REQ },
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]665 { "rdp_cookie_cnt", smp_fetch_rdp_cookie_cnt, ARG1(0,STR), NULL, SMP_T_UINT, SMP_USE_L6REQ },
666 { "rep_ssl_hello_type", smp_fetch_ssl_hello_type, 0, NULL, SMP_T_UINT, SMP_USE_L6RES },
Willy Tarreau47e8eba2013-09-11 23:28:46 +0200[diff] [blame]667 { "req_len", smp_fetch_len, 0, NULL, SMP_T_UINT, SMP_USE_L6REQ },
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]668 { "req_ssl_hello_type", smp_fetch_ssl_hello_type, 0, NULL, SMP_T_UINT, SMP_USE_L6REQ },
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]669 { "req_ssl_sni", smp_fetch_ssl_hello_sni, 0, NULL, SMP_T_STR, SMP_USE_L6REQ },
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]670 { "req_ssl_ver", smp_fetch_req_ssl_ver, 0, NULL, SMP_T_UINT, SMP_USE_L6REQ },
Willy Tarreaufa957342013-01-14 16:07:52 +0100[diff] [blame]671
Willy Tarreau47e8eba2013-09-11 23:28:46 +0200[diff] [blame]672 { "req.len", smp_fetch_len, 0, NULL, SMP_T_UINT, SMP_USE_L6REQ },
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]673 { "req.payload", smp_fetch_payload, ARG2(2,UINT,UINT), NULL, SMP_T_BIN, SMP_USE_L6REQ },
674 { "req.payload_lv", smp_fetch_payload_lv, ARG3(2,UINT,UINT,SINT), val_payload_lv, SMP_T_BIN, SMP_USE_L6REQ },
675 { "req.rdp_cookie", smp_fetch_rdp_cookie, ARG1(0,STR), NULL, SMP_T_STR, SMP_USE_L6REQ },
Willy Tarreaufa957342013-01-14 16:07:52 +0100[diff] [blame]676 { "req.rdp_cookie_cnt", smp_fetch_rdp_cookie_cnt, ARG1(0,STR), NULL, SMP_T_UINT, SMP_USE_L6REQ },
677 { "req.ssl_hello_type", smp_fetch_ssl_hello_type, 0, NULL, SMP_T_UINT, SMP_USE_L6REQ },
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]678 { "req.ssl_sni", smp_fetch_ssl_hello_sni, 0, NULL, SMP_T_STR, SMP_USE_L6REQ },
Willy Tarreaufa957342013-01-14 16:07:52 +0100[diff] [blame]679 { "req.ssl_ver", smp_fetch_req_ssl_ver, 0, NULL, SMP_T_UINT, SMP_USE_L6REQ },
Willy Tarreau47e8eba2013-09-11 23:28:46 +0200[diff] [blame]680 { "res.len", smp_fetch_len, 0, NULL, SMP_T_UINT, SMP_USE_L6RES },
Thierry FOURNIER7654c9f2013-12-17 00:20:33 +0100[diff] [blame]681 { "res.payload", smp_fetch_payload, ARG2(2,UINT,UINT), NULL, SMP_T_BIN, SMP_USE_L6RES },
682 { "res.payload_lv", smp_fetch_payload_lv, ARG3(2,UINT,UINT,SINT), val_payload_lv, SMP_T_BIN, SMP_USE_L6RES },
Willy Tarreaufa957342013-01-14 16:07:52 +0100[diff] [blame]683 { "res.ssl_hello_type", smp_fetch_ssl_hello_type, 0, NULL, SMP_T_UINT, SMP_USE_L6RES },
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]684 { "wait_end", smp_fetch_wait_end, 0, NULL, SMP_T_BOOL, SMP_USE_INTRN },
685 { /* END */ },
686}};
687
688
689/* Note: must not be declared <const> as its list will be overwritten.
690 * Please take care of keeping this list alphabetically sorted.
691 */
Willy Tarreaudc13c112013-06-21 23:16:39 +0200[diff] [blame]692static struct acl_kw_list acl_kws = {ILH, {
Thierry FOURNIERc5a4e982014-03-05 16:07:08 +0100[diff] [blame]693 { "payload", "req.payload", PAT_MATCH_BIN },
694 { "payload_lv", "req.payload_lv", PAT_MATCH_BIN },
695 { "req_rdp_cookie", "req.rdp_cookie", PAT_MATCH_STR },
696 { "req_rdp_cookie_cnt", "req.rdp_cookie_cnt", PAT_MATCH_INT },
697 { "req_ssl_sni", "req.ssl_sni", PAT_MATCH_STR },
698 { "req_ssl_ver", "req.ssl_ver", PAT_MATCH_INT, pat_parse_dotted_ver },
699 { "req.ssl_ver", "req.ssl_ver", PAT_MATCH_INT, pat_parse_dotted_ver },
Willy Tarreaud4c33c82013-01-07 21:59:07 +0100[diff] [blame]700 { /* END */ },
701}};
702
703
704__attribute__((constructor))
705static void __payload_init(void)
706{
707 sample_register_fetches(&smp_kws);
708 acl_register_keywords(&acl_kws);
709}
710
711/*
712 * Local variables:
713 * c-indent-level: 8
714 * c-basic-offset: 8
715 * End:
716 */