/* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* Originally written @ Covalent by Jim Jagielski
*/
/*
* mod_dumpio.c:
* Think of this as a filter sniffer for Apache 2.x. It logs
* all filter data right before and after it goes out on the
* wire (BUT right before SSL encoded or after SSL decoded).
* It can produce a *huge* amount of data.
*/
#include "httpd.h"
#include "http_connection.h"
#include "http_config.h"
#include "http_core.h"
#include "http_log.h"
#include "apr_strings.h"
module AP_MODULE_DECLARE_DATA dumpio_module ;
typedef struct dumpio_conf_t {
int enable_input;
int enable_output;
} dumpio_conf_t;
/* consider up to 80 additional characters, and factor the longest
* line length of all \xNN sequences; log_error cannot record more
* than MAX_STRING_LEN characters.
*/
#define dumpio_MAX_STRING_LEN (MAX_STRING_LEN / 4 - 80)
/*
* Workhorse function: simply log to the current error_log
* info about the data in the bucket as well as the data itself
*/
static void dumpit(ap_filter_t *f, apr_bucket *b, dumpio_conf_t *ptr)
{
conn_rec *c = f->c;
ap_log_cerror(APLOG_MARK, APLOG_TRACE7, 0, c,
"mod_dumpio: %s (%s-%s): %" APR_SIZE_T_FMT " bytes",
f->frec->name,
(APR_BUCKET_IS_METADATA(b)) ? "metadata" : "data",
b->type->name,
b->length) ;
if (!(APR_BUCKET_IS_METADATA(b)))
{
#if APR_CHARSET_EBCDIC
char xlatebuf[dumpio_MAX_STRING_LEN + 1];
#endif
const char *buf;
apr_size_t nbytes;
apr_status_t rv = apr_bucket_read(b, &buf, &nbytes, APR_BLOCK_READ);
if (rv == APR_SUCCESS)
{
while (nbytes)
{
apr_size_t logbytes = nbytes;
if (logbytes > dumpio_MAX_STRING_LEN)
logbytes = dumpio_MAX_STRING_LEN;
nbytes -= logbytes;
#if APR_CHARSET_EBCDIC
memcpy(xlatebuf, buf, logbytes);
ap_xlate_proto_from_ascii(xlatebuf, logbytes);
xlatebuf[logbytes] = '\0';
ap_log_cerror(APLOG_MARK, APLOG_TRACE7, 0, c,
"mod_dumpio: %s (%s-%s): %s", f->frec->name,
(APR_BUCKET_IS_METADATA(b)) ? "metadata" : "data",
b->type->name, xlatebuf);
#else
/* XXX: Seriously flawed; we do not pay attention to embedded
* \0's in the request body, these should be escaped; however,
* the logging function already performs a significant amount
* of escaping, and so any escaping would be double-escaped.
* The coding solution is to throw away the current logic
* within ap_log_error, and introduce new vformatter %-escapes
* for escaping text, and for binary text (fixed len strings).
*/
ap_log_cerror(APLOG_MARK, APLOG_TRACE7, 0, c,
"mod_dumpio: %s (%s-%s): %.*s", f->frec->name,
(APR_BUCKET_IS_METADATA(b)) ? "metadata" : "data",
b->type->name, (int)logbytes, buf);
#endif
buf += logbytes;
}
}
else {
ap_log_cerror(APLOG_MARK, APLOG_TRACE7, rv, c,
"mod_dumpio: %s (%s-%s): %s", f->frec->name,
(APR_BUCKET_IS_METADATA(b)) ? "metadata" : "data",
b->type->name, "error reading data");
}
}
}
#define whichmode( mode ) \
( (( mode ) == AP_MODE_READBYTES) ? "readbytes" : \
(( mode ) == AP_MODE_GETLINE) ? "getline" : \
(( mode ) == AP_MODE_EATCRLF) ? "eatcrlf" : \
(( mode ) == AP_MODE_SPECULATIVE) ? "speculative" : \
(( mode ) == AP_MODE_EXHAUSTIVE) ? "exhaustive" : \
(( mode ) == AP_MODE_INIT) ? "init" : "unknown" \
)
static int dumpio_input_filter (ap_filter_t *f, apr_bucket_brigade *bb,
ap_input_mode_t mode, apr_read_type_e block, apr_off_t readbytes)
{
apr_bucket *b;
apr_status_t ret;
conn_rec *c = f->c;
dumpio_conf_t *ptr = f->ctx;
ap_log_cerror(APLOG_MARK, APLOG_TRACE7, 0, c,
"mod_dumpio: %s [%s-%s] %" APR_OFF_T_FMT " readbytes",
f->frec->name,
whichmode(mode),
((block) == APR_BLOCK_READ) ? "blocking" : "nonblocking",
readbytes);
ret = ap_get_brigade(f->next, bb, mode, block, readbytes);
if (ret == APR_SUCCESS) {
for (b = APR_BRIGADE_FIRST(bb); b != APR_BRIGADE_SENTINEL(bb); b = APR_BUCKET_NEXT(b)) {
dumpit(f, b, ptr);
}
}
else {
ap_log_cerror(APLOG_MARK, APLOG_TRACE7, 0, c,
"mod_dumpio: %s - %d", f->frec->name, ret) ;
return ret;
}
return APR_SUCCESS ;
}
static int dumpio_output_filter (ap_filter_t *f, apr_bucket_brigade *bb)
{
apr_bucket *b;
conn_rec *c = f->c;
dumpio_conf_t *ptr = f->ctx;
ap_log_cerror(APLOG_MARK, APLOG_TRACE7, 0, c, "mod_dumpio: %s", f->frec->name);
for (b = APR_BRIGADE_FIRST(bb); b != APR_BRIGADE_SENTINEL(bb); b = APR_BUCKET_NEXT(b)) {
/*
* If we ever see an EOS, make sure to FLUSH.
*/
if (APR_BUCKET_IS_EOS(b)) {
apr_bucket *flush = apr_bucket_flush_create(f->c->bucket_alloc);
APR_BUCKET_INSERT_BEFORE(b, flush);
}
dumpit(f, b, ptr);
}
return ap_pass_brigade(f->next, bb) ;
}
static int dumpio_pre_conn(conn_rec *c, void *csd)
{
dumpio_conf_t *ptr;
if (!APLOGctrace7(c)) {
/* Nothing to do below TRACE7 */
return DECLINED;
}
ptr = (dumpio_conf_t *) ap_get_module_config(c->base_server->module_config,
&dumpio_module);
if (ptr->enable_input)
ap_add_input_filter("DUMPIO_IN", ptr, NULL, c);
if (ptr->enable_output)
ap_add_output_filter("DUMPIO_OUT", ptr, NULL, c);
return OK;
}
static void dumpio_register_hooks(apr_pool_t *p)
{
/*
* We know that SSL is CONNECTION + 5
*/
ap_register_output_filter("DUMPIO_OUT", dumpio_output_filter,
NULL, AP_FTYPE_CONNECTION + 3) ;
ap_register_input_filter("DUMPIO_IN", dumpio_input_filter,
NULL, AP_FTYPE_CONNECTION + 3) ;
ap_hook_pre_connection(dumpio_pre_conn, NULL, NULL, APR_HOOK_MIDDLE);
}
static void *dumpio_create_sconfig(apr_pool_t *p, server_rec *s)
{
dumpio_conf_t *ptr = apr_pcalloc(p, sizeof *ptr);
ptr->enable_input = 0;
ptr->enable_output = 0;
return ptr;
}
static const char *dumpio_enable_input(cmd_parms *cmd, void *dummy, int arg)
{
dumpio_conf_t *ptr = ap_get_module_config(cmd->server->module_config,
&dumpio_module);
ptr->enable_input = arg;
return NULL;
}
static const char *dumpio_enable_output(cmd_parms *cmd, void *dummy, int arg)
{
dumpio_conf_t *ptr = ap_get_module_config(cmd->server->module_config,
&dumpio_module);
ptr->enable_output = arg;
return NULL;
}
static const command_rec dumpio_cmds[] = {
AP_INIT_FLAG("DumpIOInput", dumpio_enable_input, NULL,
RSRC_CONF, "Enable I/O Dump on Input Data"),
AP_INIT_FLAG("DumpIOOutput", dumpio_enable_output, NULL,
RSRC_CONF, "Enable I/O Dump on Output Data"),
{ NULL }
};
AP_DECLARE_MODULE(dumpio) = {
STANDARD20_MODULE_STUFF,
NULL, /* create per-dir config structures */
NULL, /* merge per-dir config structures */
dumpio_create_sconfig, /* create per-server config structures */
NULL, /* merge per-server config structures */
dumpio_cmds, /* table of config file commands */
dumpio_register_hooks /* register hooks */
};