| 653 | } |
| 654 | |
| 655 | static int read_request_line(request_rec *r, apr_bucket_brigade *bb) |
| 656 | { |
| 657 | apr_size_t len; |
| 658 | int num_blank_lines = DEFAULT_LIMIT_BLANK_LINES; |
| 659 | core_server_config *conf = ap_get_core_module_config(r->server->module_config); |
| 660 | int strict = (conf->http_conformance != AP_HTTP_CONFORMANCE_UNSAFE); |
| 661 | |
| 662 | /* Read past empty lines until we get a real request line, |
| 663 | * a read error, the connection closes (EOF), or we timeout. |
| 664 | * |
| 665 | * We skip empty lines because browsers have to tack a CRLF on to the end |
| 666 | * of POSTs to support old CERN webservers. But note that we may not |
| 667 | * have flushed any previous response completely to the client yet. |
| 668 | * We delay the flush as long as possible so that we can improve |
| 669 | * performance for clients that are pipelining requests. If a request |
| 670 | * is pipelined then we won't block during the (implicit) read() below. |
| 671 | * If the requests aren't pipelined, then the client is still waiting |
| 672 | * for the final buffer flush from us, and we will block in the implicit |
| 673 | * read(). B_SAFEREAD ensures that the BUFF layer flushes if it will |
| 674 | * have to block during a read. |
| 675 | */ |
| 676 | |
| 677 | do { |
| 678 | apr_status_t rv; |
| 679 | |
| 680 | /* ensure ap_rgetline allocates memory each time thru the loop |
| 681 | * if there are empty lines |
| 682 | */ |
| 683 | r->the_request = NULL; |
| 684 | rv = ap_rgetline(&(r->the_request), (apr_size_t)(r->server->limit_req_line + 2), |
| 685 | &len, r, strict ? AP_GETLINE_CRLF : 0, bb); |
| 686 | |
| 687 | if (rv != APR_SUCCESS) { |
| 688 | r->request_time = apr_time_now(); |
| 689 | |
| 690 | /* ap_rgetline returns APR_ENOSPC if it fills up the |
| 691 | * buffer before finding the end-of-line. This is only going to |
| 692 | * happen if it exceeds the configured limit for a request-line. |
| 693 | */ |
| 694 | if (APR_STATUS_IS_ENOSPC(rv)) { |
| 695 | r->status = HTTP_REQUEST_URI_TOO_LARGE; |
| 696 | } |
| 697 | else if (APR_STATUS_IS_TIMEUP(rv)) { |
| 698 | r->status = HTTP_REQUEST_TIME_OUT; |
| 699 | } |
| 700 | else if (APR_STATUS_IS_EINVAL(rv)) { |
| 701 | r->status = HTTP_BAD_REQUEST; |
| 702 | } |
| 703 | r->proto_num = HTTP_VERSION(1,0); |
| 704 | r->protocol = apr_pstrdup(r->pool, "HTTP/1.0"); |
| 705 | return 0; |
| 706 | } |
| 707 | } while ((len <= 0) && (--num_blank_lines >= 0)); |
| 708 | |
| 709 | /* Set r->request_time before any logging, mod_unique_id needs it. */ |
| 710 | r->request_time = apr_time_now(); |
| 711 | |
| 712 | if (APLOGrtrace5(r)) { |
no test coverage detected