/* Licensed to the Apache Software Foundation (ASF) under one or more

 * contributor license agreements.  See the NOTICE file distributed with

 * this work for additional information regarding copyright ownership.

 * The ASF licenses this file to You under the Apache License, Version 2.0

 * (the "License"); you may not use this file except in compliance with

 * the License.  You may obtain a copy of the License at

 *

 *     http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

/**

 * @file http_request.h

 * @brief Apache Request library

 *

 * @defgroup APACHE_CORE_REQ Apache Request Processing

 * @ingroup  APACHE_CORE

 * @{

 */

/*

 * request.c is the code which handles the main line of request

 * processing, once a request has been read in (finding the right per-

 * directory configuration, building it if necessary, and calling all

 * the module dispatch functions in the right order).

 *

 * The pieces here which are public to the modules, allow them to learn

 * how the server would handle some other file or URI, or perhaps even

 * direct the server to serve that other file instead of the one the

 * client requested directly.

 *

 * There are two ways to do that.  The first is the sub_request mechanism,

 * which handles looking up files and URIs as adjuncts to some other

 * request (e.g., directory entries for multiviews and directory listings);

 * the lookup functions stop short of actually running the request, but

 * (e.g., for includes), a module may call for the request to be run

 * by calling run_sub_req.  The space allocated to create sub_reqs can be

 * reclaimed by calling destroy_sub_req --- be sure to copy anything you care

 * about which was allocated in its apr_pool_t elsewhere before doing this.

 */

#ifndef APACHE_HTTP_REQUEST_H

#define APACHE_HTTP_REQUEST_H

#include "apr_optional.h"

#include "util_filter.h"

#ifdef __cplusplus

extern "C" {

#endif

#define AP_SUBREQ_NO_ARGS 0

#define AP_SUBREQ_MERGE_ARGS 1

/**

 * An internal handler used by the ap_process_request, all subrequest mechanisms

 * and the redirect mechanism.

 * @param r The request, subrequest or internal redirect to pre-process

 * @return The return code for the request

 */

AP_DECLARE(int) ap_process_request_internal(request_rec *r);

/**

 * Create a subrequest from the given URI.  This subrequest can be

 * inspected to find information about the requested URI

 * @param new_uri The URI to lookup

 * @param r The current request

 * @param next_filter The first filter the sub_request should use.  If this is

 *                    NULL, it defaults to the first filter for the main request

 * @return The new request record

 */

AP_DECLARE(request_rec *) ap_sub_req_lookup_uri(const char *new_uri,

                                                const request_rec *r,

                                                ap_filter_t *next_filter);

/**

 * Create a subrequest for the given file.  This subrequest can be

 * inspected to find information about the requested file

 * @param new_file The file to lookup

 * @param r The current request

 * @param next_filter The first filter the sub_request should use.  If this is

 *                    NULL, it defaults to the first filter for the main request

 * @return The new request record

 */

AP_DECLARE(request_rec *) ap_sub_req_lookup_file(const char *new_file,

                                              const request_rec *r,

                                              ap_filter_t *next_filter);

/**

 * Create a subrequest for the given apr_dir_read result.  This subrequest

 * can be inspected to find information about the requested file

 * @param finfo The apr_dir_read result to lookup

 * @param r The current request

 * @param subtype What type of subrequest to perform, one of;

 * 

 *      AP_SUBREQ_NO_ARGS     ignore r->args and r->path_info

 *      AP_SUBREQ_MERGE_ARGS  merge r->args and r->path_info

 * 

 * @param next_filter The first filter the sub_request should use.  If this is

 *                    NULL, it defaults to the first filter for the main request

 * @return The new request record

 * @note The apr_dir_read flags value APR_FINFO_MIN|APR_FINFO_NAME flag is the

 * minimum recommended query if the results will be passed to apr_dir_read.

 * The file info passed must include the name, and must have the same relative

 * directory as the current request.

 */

AP_DECLARE(request_rec *) ap_sub_req_lookup_dirent(const apr_finfo_t *finfo,

                                                   const request_rec *r,

                                                   int subtype,

                                                   ap_filter_t *next_filter);

/**

 * Create a subrequest for the given URI using a specific method.  This

 * subrequest can be inspected to find information about the requested URI

 * @param method The method to use in the new subrequest

 * @param new_uri The URI to lookup

 * @param r The current request

 * @param next_filter The first filter the sub_request should use.  If this is

 *                    NULL, it defaults to the first filter for the main request

 * @return The new request record

 */

AP_DECLARE(request_rec *) ap_sub_req_method_uri(const char *method,

                                                const char *new_uri,

                                                const request_rec *r,

                                                ap_filter_t *next_filter);

/**

 * An output filter to strip EOS buckets from sub-requests.  This always

 * has to be inserted at the end of a sub-requests filter stack.

 * @param f The current filter

 * @param bb The brigade to filter

 * @return status code

 */

AP_CORE_DECLARE_NONSTD(apr_status_t) ap_sub_req_output_filter(ap_filter_t *f,

                                                        apr_bucket_brigade *bb);

/**

 * Run the handler for the subrequest

 * @param r The subrequest to run

 * @return The return code for the subrequest

 */

AP_DECLARE(int) ap_run_sub_req(request_rec *r);

/**

 * Free the memory associated with a subrequest

 * @param r The subrequest to finish

 */

AP_DECLARE(void) ap_destroy_sub_req(request_rec *r);

/*

 * Then there's the case that you want some other request to be served

 * as the top-level request INSTEAD of what the client requested directly.

 * If so, call this from a handler, and then immediately return OK.

 */

/**

 * Redirect the current request to some other uri

 * @param new_uri The URI to replace the current request with

 * @param r The current request

 */

AP_DECLARE(void) ap_internal_redirect(const char *new_uri, request_rec *r);

/**

 * This function is designed for things like actions or CGI scripts, when

 * using AddHandler, and you want to preserve the content type across

 * an internal redirect.

 * @param new_uri The URI to replace the current request with.

 * @param r The current request

 */

AP_DECLARE(void) ap_internal_redirect_handler(const char *new_uri, request_rec *r);

/**

 * Redirect the current request to a sub_req, merging the pools

 * @param sub_req A subrequest created from this request

 * @param r The current request

 * @note the sub_req's pool will be merged into r's pool, be very careful

 * not to destroy this subrequest, it will be destroyed with the main request!

 */

AP_DECLARE(void) ap_internal_fast_redirect(request_rec *sub_req, request_rec *r);

/**

 * Can be used within any handler to determine if any authentication

 * is required for the current request

 * @param r The current request

 * @return 1 if authentication is required, 0 otherwise

 * @bug Behavior changed in 2.4.x refactoring, API no longer usable

 * @deprecated @see ap_some_authn_required()

 */

AP_DECLARE(int) ap_some_auth_required(request_rec *r);

/**

 * @defgroup APACHE_CORE_REQ_AUTH Access Control for Sub-Requests and

 *                                Internal Redirects

 * @ingroup  APACHE_CORE_REQ

 * @{

 */

#define AP_AUTH_INTERNAL_PER_URI  0  /**< Run access control hooks on all

                                          internal requests with URIs

                                          distinct from that of initial

                                          request */

#define AP_AUTH_INTERNAL_PER_CONF 1  /**< Run access control hooks only on

                                          internal requests with

                                          configurations distinct from

                                          that of initial request */

#define AP_AUTH_INTERNAL_MASK     0x000F  /**< mask to extract internal request

                                               processing mode */

/**

 * Clear flag which determines when access control hooks will be run for

 * internal requests.

 */

AP_DECLARE(void) ap_clear_auth_internal(void);

/**

 * Determine whether access control hooks will be run for all internal

 * requests with URIs distinct from that of the initial request, or only

 * those for which different configurations apply than those which applied

 * to the initial request.  To accommodate legacy external modules which

 * may expect access control hooks to be run for all internal requests

 * with distinct URIs, this is the default behaviour unless all access

 * control hooks and authentication and authorization providers are

 * registered with AP_AUTH_INTERNAL_PER_CONF.

 * @param ptemp Pool used for temporary allocations

 */

AP_DECLARE(void) ap_setup_auth_internal(apr_pool_t *ptemp);

/**

 * Register an authentication or authorization provider with the global

 * provider pool.

 * @param pool The pool to create any storage from

 * @param provider_group The group to store the provider in

 * @param provider_name The name for this provider

 * @param provider_version The version for this provider

 * @param provider Opaque structure for this provider

 * @param type Internal request processing mode, either

 *             AP_AUTH_INTERNAL_PER_URI or AP_AUTH_INTERNAL_PER_CONF

 * @return APR_SUCCESS if all went well

 */

AP_DECLARE(apr_status_t) ap_register_auth_provider(apr_pool_t *pool,

                                                   const char *provider_group,

                                                   const char *provider_name,

                                                   const char *provider_version,

                                                   const void *provider,

                                                   int type);

/** @} */

/* Optional functions coming from mod_authn_core and mod_authz_core

 * that list all registered authn/z providers.

 */

APR_DECLARE_OPTIONAL_FN(apr_array_header_t *, authn_ap_list_provider_names,

                        (apr_pool_t *ptemp));

APR_DECLARE_OPTIONAL_FN(apr_array_header_t *, authz_ap_list_provider_names,

                        (apr_pool_t *ptemp));

/**

 * Determine if the current request is the main request or a subrequest

 * @param r The current request

 * @return 1 if this is the main request, 0 otherwise

 */

AP_DECLARE(int) ap_is_initial_req(request_rec *r);

/**

 * Function to set the r->mtime field to the specified value if it's later

 * than what's already there.

 * @param r The current request

 * @param dependency_mtime Time to set the mtime to

 */

AP_DECLARE(void) ap_update_mtime(request_rec *r, apr_time_t dependency_mtime);

/**

 * Add one or more methods to the list permitted to access the resource.

 * Usually executed by the content handler before the response header is

 * sent, but sometimes invoked at an earlier phase if a module knows it

 * can set the list authoritatively.  Note that the methods are ADDED

 * to any already permitted unless the reset flag is non-zero.  The

 * list is used to generate the Allow response header field when it

 * is needed.

 * @param   r     The pointer to the request identifying the resource.

 * @param   reset Boolean flag indicating whether this list should

 *                completely replace any current settings.

 * @param   ...   A NULL-terminated list of strings, each identifying a

 *                method name to add.

 * @return  None.

 */

AP_DECLARE(void) ap_allow_methods(request_rec *r, int reset, ...)

                 AP_FN_ATTR_SENTINEL;

/**

 * Add one or more methods to the list permitted to access the resource.

 * Usually executed by the content handler before the response header is

 * sent, but sometimes invoked at an earlier phase if a module knows it

 * can set the list authoritatively.  Note that the methods are ADDED

 * to any already permitted unless the reset flag is non-zero.  The

 * list is used to generate the Allow response header field when it

 * is needed.

 * @param   r     The pointer to the request identifying the resource.

 * @param   reset Boolean flag indicating whether this list should

 *                completely replace any current settings.

 * @param   ...   A list of method identifiers, from the "M_" series

 *                defined in httpd.h, terminated with a value of -1

 *                (e.g., "M_GET, M_POST, M_OPTIONS, -1")

 * @return  None.

 */

AP_DECLARE(void) ap_allow_standard_methods(request_rec *r, int reset, ...);

#define MERGE_ALLOW 0

#define REPLACE_ALLOW 1

/**

 * Process a top-level request from a client, and synchronously write

 * the response to the client

 * @param r The current request

 */

AP_DECLARE(void) ap_process_request(request_rec *r);

/* For post-processing after a handler has finished with a request.

 * (Commonly used after it was suspended)

 */

AP_DECLARE(void) ap_process_request_after_handler(request_rec *r);

/**

 * Process a top-level request from a client, allowing some or all of

 * the response to remain buffered in the core output filter for later,

 * asynchronous write completion

 * @param r The current request

 */

void ap_process_async_request(request_rec *r);

/**

 * Kill the current request

 * @param type Why the request is dieing

 * @param r The current request

 */

AP_DECLARE(void) ap_die(int type, request_rec *r);

/**

 * Check whether a connection is still established and has data available,

 * optionnaly consuming blank lines ([CR]LF).

 * @param c The current connection

 * @param bb The brigade to filter

 * @param max_blank_lines Max number of blank lines to consume, or zero

 *                        to consider them as data (single read).

 * @return APR_SUCCESS: connection established with data available,

 *         APR_EAGAIN: connection established and empty,

 *         APR_NOTFOUND: too much blank lines,

 *         APR_E*: connection/general error.

 */

AP_DECLARE(apr_status_t) ap_check_pipeline(conn_rec *c, apr_bucket_brigade *bb,

                                           unsigned int max_blank_lines);

/* Hooks */

/**

 * Gives modules a chance to create their request_config entry when the

 * request is created.

 * @param r The current request

 * @ingroup hooks

 */

AP_DECLARE_HOOK(int,create_request,(request_rec *r))

/**

 * This hook allow modules an opportunity to translate the URI into an

 * actual filename.  If no modules do anything special, the server's default

 * rules will be followed.

 * @param r The current request

 * @return OK, DECLINED, or HTTP_...

 * @ingroup hooks

 */

AP_DECLARE_HOOK(int,translate_name,(request_rec *r))

/**

 * This hook allow modules to set the per_dir_config based on their own

 * context (such as "<Proxy>" sections) and responds to contextless requests

 * such as TRACE that need no security or filesystem mapping.

 * based on the filesystem.

 * @param r The current request

 * @return DONE (or HTTP_) if this contextless request was just fulfilled

 * (such as TRACE), OK if this is not a file, and DECLINED if this is a file.

 * The core map_to_storage (HOOK_RUN_REALLY_LAST) will directory_walk

 * and file_walk the r->filename.

 *

 * @ingroup hooks

 */

AP_DECLARE_HOOK(int,map_to_storage,(request_rec *r))

/**

 * This hook is used to analyze the request headers, authenticate the user,

 * and set the user information in the request record (r->user and

 * r->ap_auth_type). This hook is only run when Apache determines that

 * authentication/authorization is required for this resource (as determined

 * by the 'Require' directive). It runs after the access_checker hook, and

 * before the auth_checker hook. This hook should be registered with

 * ap_hook_check_authn().

 *

 * @param r The current request

 * @return OK, DECLINED, or HTTP_...

 * @ingroup hooks

 * @see ap_hook_check_authn

 */

AP_DECLARE_HOOK(int,check_user_id,(request_rec *r))

/**

 * Allows modules to perform module-specific fixing of header fields.  This

 * is invoked just before any content-handler

 * @param r The current request

 * @return OK, DECLINED, or HTTP_...

 * @ingroup hooks

 */

AP_DECLARE_HOOK(int,fixups,(request_rec *r))

/**

 * This routine is called to determine and/or set the various document type

 * information bits, like Content-type (via r->content_type), language, et

 * cetera.

 * @param r the current request

 * @return OK, DECLINED, or HTTP_...

 * @ingroup hooks

 */

AP_DECLARE_HOOK(int,type_checker,(request_rec *r))

/**

 * This hook is used to apply additional access control to this resource.

 * It runs *before* a user is authenticated, so this hook is really to

 * apply additional restrictions independent of a user. It also runs

 * independent of 'Require' directive usage. This hook should be registered

 * with ap_hook_check_access().

 *

 * @param r the current request

 * @return OK, DECLINED, or HTTP_...

 * @ingroup hooks

 * @see ap_hook_check_access

 */

AP_DECLARE_HOOK(int,access_checker,(request_rec *r))

/**

 * This hook is used to apply additional access control and/or bypass

 * authentication for this resource. It runs *before* a user is authenticated,

 * but after the auth_checker hook.

 * This hook should be registered with ap_hook_check_access_ex().

 *

 * @param r the current request

 * @return OK (allow acces), DECLINED (let later modules decide),

 *         or HTTP_... (deny access)

 * @ingroup hooks

 * @see ap_hook_check_access_ex

 */

AP_DECLARE_HOOK(int,access_checker_ex,(request_rec *r))

/**

 * This hook is used to check to see if the resource being requested

 * is available for the authenticated user (r->user and r->ap_auth_type).

 * It runs after the access_checker and check_user_id hooks. Note that

 * it will *only* be called if Apache determines that access control has

 * been applied to this resource (through a 'Require' directive). This

 * hook should be registered with ap_hook_check_authz().

 *

 * @param r the current request

 * @return OK, DECLINED, or HTTP_...

 * @ingroup hooks

 * @see ap_hook_check_authz

 */

AP_DECLARE_HOOK(int,auth_checker,(request_rec *r))

/**

 * Register a hook function that will apply additional access control to

 * the current request.

 * @param pf An access_checker hook function

 * @param aszPre A NULL-terminated array of strings that name modules whose

 *               hooks should precede this one

 * @param aszSucc A NULL-terminated array of strings that name modules whose

 *                hooks should succeed this one

 * @param nOrder An integer determining order before honouring aszPre and

 *               aszSucc (for example, HOOK_MIDDLE)

 * @param type Internal request processing mode, either

 *             AP_AUTH_INTERNAL_PER_URI or AP_AUTH_INTERNAL_PER_CONF

 */

AP_DECLARE(void) ap_hook_check_access(ap_HOOK_access_checker_t *pf,

                                      const char * const *aszPre,

                                      const char * const *aszSucc,

                                      int nOrder, int type);

/**

 * Register a hook function that will apply additional access control

 * and/or bypass authentication for the current request.

 * @param pf An access_checker_ex hook function

 * @param aszPre A NULL-terminated array of strings that name modules whose

 *               hooks should precede this one

 * @param aszSucc A NULL-terminated array of strings that name modules whose

 *                hooks should succeed this one

 * @param nOrder An integer determining order before honouring aszPre and

 *               aszSucc (for example, HOOK_MIDDLE)

 * @param type Internal request processing mode, either

 *             AP_AUTH_INTERNAL_PER_URI or AP_AUTH_INTERNAL_PER_CONF

 */

AP_DECLARE(void) ap_hook_check_access_ex(ap_HOOK_access_checker_ex_t *pf,

                                         const char * const *aszPre,

                                         const char * const *aszSucc,

                                         int nOrder, int type);

/**

 * Register a hook function that will analyze the request headers,

 * authenticate the user, and set the user information in the request record.

 * @param pf A check_user_id hook function

 * @param aszPre A NULL-terminated array of strings that name modules whose

 *               hooks should precede this one

 * @param aszSucc A NULL-terminated array of strings that name modules whose

 *                hooks should succeed this one

 * @param nOrder An integer determining order before honouring aszPre and

 *               aszSucc (for example, HOOK_MIDDLE)

 * @param type Internal request processing mode, either

 *             AP_AUTH_INTERNAL_PER_URI or AP_AUTH_INTERNAL_PER_CONF

 */

AP_DECLARE(void) ap_hook_check_authn(ap_HOOK_check_user_id_t *pf,

                                     const char * const *aszPre,

                                     const char * const *aszSucc,

                                     int nOrder, int type);

/**

 * Register a hook function that determine if the resource being requested

 * is available for the currently authenticated user.

 * @param pf An auth_checker hook function

 * @param aszPre A NULL-terminated array of strings that name modules whose

 *               hooks should precede this one

 * @param aszSucc A NULL-terminated array of strings that name modules whose

 *                hooks should succeed this one

 * @param nOrder An integer determining order before honouring aszPre and

 *               aszSucc (for example, HOOK_MIDDLE)

 * @param type Internal request processing mode, either

 *             AP_AUTH_INTERNAL_PER_URI or AP_AUTH_INTERNAL_PER_CONF

 */

AP_DECLARE(void) ap_hook_check_authz(ap_HOOK_auth_checker_t *pf,

                                     const char * const *aszPre,

                                     const char * const *aszSucc,

                                     int nOrder, int type);

/**

 * This hook allows modules to insert filters for the current request

 * @param r the current request

 * @ingroup hooks

 */

AP_DECLARE_HOOK(void,insert_filter,(request_rec *r))

/**

 * This hook allows modules to affect the request immediately after the

 * per-directory configuration for the request has been generated.

 * @param r The current request

 * @return OK (allow acces), DECLINED (let later modules decide),

 *         or HTTP_... (deny access)

 * @ingroup hooks

 */

AP_DECLARE_HOOK(int,post_perdir_config,(request_rec *r))

/**

 * This hook allows a module to force authn to be required when

 * processing a request.

 * This hook should be registered with ap_hook_force_authn().

 * @param r The current request

 * @return OK (force authn), DECLINED (let later modules decide)

 * @ingroup hooks

 */

AP_DECLARE_HOOK(int,force_authn,(request_rec *r))

/**

 * This hook allows modules to handle/emulate the apr_stat() calls

 * needed for directory walk.

 * @param finfo where to put the stat data

 * @param r The current request

 * @param wanted APR_FINFO_* flags to pass to apr_stat()

 * @return apr_status_t or AP_DECLINED (let later modules decide)

 * @ingroup hooks

 */

AP_DECLARE_HOOK(apr_status_t,dirwalk_stat,(apr_finfo_t *finfo, request_rec *r, apr_int32_t wanted))

AP_DECLARE(int) ap_location_walk(request_rec *r);

AP_DECLARE(int) ap_directory_walk(request_rec *r);

AP_DECLARE(int) ap_file_walk(request_rec *r);

AP_DECLARE(int) ap_if_walk(request_rec *r);

/** End Of REQUEST (EOR) bucket */

AP_DECLARE_DATA extern const apr_bucket_type_t ap_bucket_type_eor;

/**

 * Determine if a bucket is an End Of REQUEST (EOR) bucket

 * @param e The bucket to inspect

 * @return true or false

 */

#define AP_BUCKET_IS_EOR(e)         (e->type == &ap_bucket_type_eor)

/**

 * Make the bucket passed in an End Of REQUEST (EOR) bucket

 * @param b The bucket to make into an EOR bucket

 * @param r The request to destroy when this bucket is destroyed

 * @return The new bucket, or NULL if allocation failed

 */

AP_DECLARE(apr_bucket *) ap_bucket_eor_make(apr_bucket *b, request_rec *r);

/**

 * Create a bucket referring to an End Of REQUEST (EOR). This bucket

 * holds a pointer to the request_rec, so that the request can be

 * destroyed right after all of the output has been sent to the client.

 *

 * @param list The freelist from which this bucket should be allocated

 * @param r The request to destroy when this bucket is destroyed

 * @return The new bucket, or NULL if allocation failed

 */

AP_DECLARE(apr_bucket *) ap_bucket_eor_create(apr_bucket_alloc_t *list,

                                              request_rec *r);

/**

 * Can be used within any handler to determine if any authentication

 * is required for the current request.  Note that if used with an

 * access_checker hook, an access_checker_ex hook or an authz provider; the

 * caller should take steps to avoid a loop since this function is

 * implemented by calling these hooks.

 * @param r The current request

 * @return TRUE if authentication is required, FALSE otherwise

 */

AP_DECLARE(int) ap_some_authn_required(request_rec *r);

#ifdef __cplusplus

}

#endif

#endif  /* !APACHE_HTTP_REQUEST_H */

/** @} */