diff --git a/src/auth/ntlm/UserRequest.cc b/src/auth/ntlm/UserRequest.cc index 378061e4538..7cd914d47cc 100644 --- a/src/auth/ntlm/UserRequest.cc +++ b/src/auth/ntlm/UserRequest.cc @@ -186,20 +186,23 @@ Auth::Ntlm::UserRequest::authenticate(HttpRequest * aRequest, ConnStateData * co /* get header */ const char *proxy_auth = aRequest->header.getStr(type); + /* if proxy_auth is actually NULL, we'd better not manipulate it. */ + if (!proxy_auth) { + debugs(29, 4, "WARNING: NTLM Authentication missing authorization header"); + return; + } + /* locate second word */ const char *blob = proxy_auth; - /* if proxy_auth is actually NULL, we'd better not manipulate it. */ - if (blob) { - while (xisspace(*blob) && *blob) - ++blob; + while (xisspace(*blob) && *blob) + ++blob; - while (!xisspace(*blob) && *blob) - ++blob; + while (!xisspace(*blob) && *blob) + ++blob; - while (xisspace(*blob) && *blob) - ++blob; - } + while (xisspace(*blob) && *blob) + ++blob; switch (user()->credentials()) { diff --git a/src/http.cc b/src/http.cc index 13b3432bae6..5030b7bfe39 100644 --- a/src/http.cc +++ b/src/http.cc @@ -2615,38 +2615,6 @@ HttpStateData::doneSendingRequestBody() sendComplete(); } -// more origin request body data is available -void -HttpStateData::handleMoreRequestBodyAvailable() -{ - if (eof || !Comm::IsConnOpen(serverConnection)) { - // XXX: we should check this condition in other callbacks then! - // TODO: Check whether this can actually happen: We should unsubscribe - // as a body consumer when the above condition(s) are detected. - debugs(11, DBG_IMPORTANT, "Transaction aborted while reading HTTP body"); - return; - } - - assert(requestBodySource != nullptr); - - if (requestBodySource->buf().hasContent()) { - // XXX: why does not this trigger a debug message on every request? - - if (flags.headers_parsed && !flags.abuse_detected) { - flags.abuse_detected = true; - debugs(11, DBG_IMPORTANT, "http handleMoreRequestBodyAvailable: Likely proxy abuse detected '" << request->client_addr << "' -> '" << entry->url() << "'" ); - - if (virginReply()->sline.status() == Http::scInvalidHeader) { - closeServer(); - mustStop("HttpStateData::handleMoreRequestBodyAvailable"); - return; - } - } - } - - HttpStateData::handleMoreRequestBodyAvailable(); -} - // premature end of the request body void HttpStateData::handleRequestBodyProducerAborted() diff --git a/src/http.h b/src/http.h index cd5e26f9df3..989625ab180 100644 --- a/src/http.h +++ b/src/http.h @@ -120,8 +120,6 @@ class HttpStateData : public Client std::optional canBufferMoreReplyBytes() const; size_t maybeMakeSpaceAvailable(size_t maxReadSize); - // consuming request body - virtual void handleMoreRequestBodyAvailable(); void handleRequestBodyProducerAborted() override; void writeReplyBody(); diff --git a/src/http/StateFlags.h b/src/http/StateFlags.h index 52b86f5edac..8f4dd28ccc2 100644 --- a/src/http/StateFlags.h +++ b/src/http/StateFlags.h @@ -56,7 +56,6 @@ class StateFlags bool toOriginPeer() const { return toOrigin && peering && !tunneling; } bool keepalive_broken = false; - bool abuse_detected = false; bool request_sent = false; bool chunked = false; ///< reading a chunked response; TODO: rename bool chunked_request = false; ///< writing a chunked request