Poul-Henning,
I think I managed to get this working, without needing a modification on the
varnish source. Here's a snippet of the important parts of how I
implemented this. (I left out all of my error checking for readability)
void get_req_body(struct sess *sp)
{
/* create a new shared memory file to store the request body in.
* Make sure this is deleted after we're done or this will eat up memory!
*/
int memfd = shm_open(pidstr, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR);
// read the body from the client HTTP connection,
int rsize = read(sp->htc->fd, body, content_length);
// write the body into shm
int wsize = write(memfd, body, content_length);
// seek the file descriptor back to the beginning of the file
lseek(memfd, 0, SEEK_SET);
/* set Varnish's HTTP file descriptor to this new shm file.
* This fools varnish into reading the request body
* later on when passing it to the backend
*
* Not sure WHY this works though... If it needs to write
* to the client during vcl_deliver, wouldn't it just
* write the contents to this shm file? It must be a
* different file descriptor for writing?
*/
sp->htc->fd = memfd;
}
This method was sort of my last ditch effort, and I was surprised that it
worked. I couldn't find exactly where the deliver code writes to the
socket, but the only explanation is that there is a separate socket for
writing to the client. Is that correct?
Also, I'm not an expert on how licenses work -- if I want to distribute
this, do I need to license it the same as varnish if I include your headers?
Thanks!
--Cal
On Fri, Jan 1, 2010 at 2:02 PM, Cal Heldenbrand <c...@fbsdata.com> wrote:
> How difficult do you think it would be to provide this to the VRT level?
> I'd be happy to do the coding if you point me in the right direction of
> where the post data is handled in the source.
>
> I think it would be a useful tool for the rest of the community as well.
> (I remember some mailing list post on doing security matching, similar to
> Apache's mod_security)
>
> Thanks, and happy hangover day!
>
> --Cal
>
>
>
> On Fri, Jan 1, 2010 at 5:18 AM, Poul-Henning Kamp <p...@phk.freebsd.dk>wrote:
>
>> In message <6d0f643a0912311432v1e594e5cl601f1a5b19b59...@mail.gmail.com>,
>> Cal H
>> eldenbrand writes:
>>
>> >I just started experimenting with the coolness of using inline C in VCL,
>> and
>> >I've run into a bit of a hurdle -- I can't find any VRT functions that
>> allow
>> >me to dig into the request body where the post data is at.
>>
>> The post data is not available at any point near VCL, it is transferred
>> to the backend as part of the backend fetch.
>>
>> Poul-Henning
>>
>> PS: Happy NewYear
>>
>> --
>> Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
>> p...@freebsd.org | TCP/IP since RFC 956
>> FreeBSD committer | BSD since 4.3-tahoe
>> Never attribute to malice what can adequately be explained by
>> incompetence.
>>
>
>
>
>
_______________________________________________
varnish-dev mailing list
varnish-dev@projects.linpro.no
http://projects.linpro.no/mailman/listinfo/varnish-dev
