Poul-Henning, I think I managed to get this working, without needing a modification on the varnish source. Here's a snippet of the important parts of how I implemented this. (I left out all of my error checking for readability)
void get_req_body(struct sess *sp) { /* create a new shared memory file to store the request body in. * Make sure this is deleted after we're done or this will eat up memory! */ int memfd = shm_open(pidstr, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR); // read the body from the client HTTP connection, int rsize = read(sp->htc->fd, body, content_length); // write the body into shm int wsize = write(memfd, body, content_length); // seek the file descriptor back to the beginning of the file lseek(memfd, 0, SEEK_SET); /* set Varnish's HTTP file descriptor to this new shm file. * This fools varnish into reading the request body * later on when passing it to the backend * * Not sure WHY this works though... If it needs to write * to the client during vcl_deliver, wouldn't it just * write the contents to this shm file? It must be a * different file descriptor for writing? */ sp->htc->fd = memfd; } This method was sort of my last ditch effort, and I was surprised that it worked. I couldn't find exactly where the deliver code writes to the socket, but the only explanation is that there is a separate socket for writing to the client. Is that correct? Also, I'm not an expert on how licenses work -- if I want to distribute this, do I need to license it the same as varnish if I include your headers? Thanks! --Cal On Fri, Jan 1, 2010 at 2:02 PM, Cal Heldenbrand <c...@fbsdata.com> wrote: > How difficult do you think it would be to provide this to the VRT level? > I'd be happy to do the coding if you point me in the right direction of > where the post data is handled in the source. > > I think it would be a useful tool for the rest of the community as well. > (I remember some mailing list post on doing security matching, similar to > Apache's mod_security) > > Thanks, and happy hangover day! > > --Cal > > > > On Fri, Jan 1, 2010 at 5:18 AM, Poul-Henning Kamp <p...@phk.freebsd.dk>wrote: > >> In message <6d0f643a0912311432v1e594e5cl601f1a5b19b59...@mail.gmail.com>, >> Cal H >> eldenbrand writes: >> >> >I just started experimenting with the coolness of using inline C in VCL, >> and >> >I've run into a bit of a hurdle -- I can't find any VRT functions that >> allow >> >me to dig into the request body where the post data is at. >> >> The post data is not available at any point near VCL, it is transferred >> to the backend as part of the backend fetch. >> >> Poul-Henning >> >> PS: Happy NewYear >> >> -- >> Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 >> p...@freebsd.org | TCP/IP since RFC 956 >> FreeBSD committer | BSD since 4.3-tahoe >> Never attribute to malice what can adequately be explained by >> incompetence. >> > > > >
_______________________________________________ varnish-dev mailing list varnish-dev@projects.linpro.no http://projects.linpro.no/mailman/listinfo/varnish-dev