lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity
lighttpd1.4/src/http_date.c

295 lines
9.4 KiB
C
Raw Normal View History

[core] http_date.[ch] encapsulate HTTP-date parse http_date.[ch] encapsulate HTTP-date parse/compare (import from one of my development branches from 2015)
2020-11-21 14:51:40 +00:00
/*
* http_date - HTTP date manipulation
*
* Copyright(c) 2015 Glenn Strauss gstrauss()gluelogic.com All rights reserved
* License: BSD 3-clause (same as lighttpd)
*/
#include "http_date.h"
#include "sys-time.h"
[core] specialized strptime() for HTTP date fmts
2020-11-21 15:42:10 +00:00
#include <string.h> /* strlen() */
#include "buffer.h" /* light_isdigit() */
#include "log.h" /* log_epoch_secs */
[core] http_date.[ch] encapsulate HTTP-date parse http_date.[ch] encapsulate HTTP-date parse/compare (import from one of my development branches from 2015)
2020-11-21 14:51:40 +00:00
/**
* https://tools.ietf.org/html/rfc7231
* [RFC7231] 7.1.1.1 Date/Time Formats
* Prior to 1995, there were three different formats commonly used by
* servers to communicate timestamps. For compatibility with old
* implementations, all three are defined here. The preferred format is
* a fixed-length and single-zone subset of the date and time
* specification used by the Internet Message Format [RFC5322].
* HTTP-date = IMF-fixdate / obs-date
* An example of the preferred format is
* Sun, 06 Nov 1994 08:49:37 GMT ; IMF-fixdate
*
*
* (intended for use with strftime() and strptime())
* "%a, %d %b %Y %T GMT"
*/
[core] specialized strptime() for HTTP date fmts
2020-11-21 15:42:10 +00:00
static const char datestrs[] =
/*0 10 20 30 40 50 60 70 80 90*/
"\0\x0A\x14\x1E\x28\x32\x3c\x46\x50\x5A"
"SunMonTueWedThuFriSat"
"JanFebMarAprMayJunJulAugSepOctNovDec";
__attribute_cold__
static const char *
http_date_parse_RFC_850 (const char *s, struct tm * const tm)
{
/* RFC 7231 7.1.1.1.
* Recipients of a timestamp value in rfc850-date format, which uses a
* two-digit year, MUST interpret a timestamp that appears to be more
* than 50 years in the future as representing the most recent year in
* the past that had the same last two digits.
*/
[multiple] Y2038 32-bit signed time_t mitigations Most OS platforms have already provided solutions to Y2038 32-bit signed time_t 5 - 10 years ago (or more!) Notable exceptions are Linux i686 and FreeBSD i386. Since 32-bit systems tend to be embedded systems, and since many distros take years to pick up new software, this commit aims to provide Y2038 mitigations for lighttpd running on 32-bit systems with Y2038-unsafe 32-bit signed time_t * Y2038: lighttpd 1.4.60 and later report Y2038 safety $ lighttpd -V + Y2038 support # Y2038-SAFE $ lighttpd -V - Y2038 support (unsafe 32-bit signed time_t) # Y2038-UNSAFE * Y2038: general platform info * Y2038-SAFE: lighttpd 64-bit builds on platforms using 64-bit time_t - all major 64-bit platforms (known to this author) use 64-bit time_t * Y2038-SAFE: lighttpd 32-bit builds on platforms using 64-bit time_t - Linux x32 ABI (different from i686) - FreeBSD all 32-bit and 64-bit architectures *except* 32-bit i386 - NetBSD 6.0 (released Oct 2012) all 32-bit and 64-bit architectures - OpenBSD 5.5 (released May 2014) all 32-bit and 64-bit architectures - Microsoft Windows XP and Visual Studio 2005 (? unsure ?) Another reference suggests Visual Studio 2015 defaults to 64-bit time_t - MacOS 10.15 Catalina (released 2019) drops support for 32-bit apps * Y2038-SAFE: lighttpd 32-bit builds on platforms using 32-bit unsigned time_t - e.g. OpenVMS (unknown if lighttpd builds on this platform) * Y2038-UNSAFE: lighttpd 32-bit builds on platforms using 32-bit signed time_t - Linux 32-bit (including i686) - glibc 32-bit library support not yet available for 64-bit time_t - https://sourceware.org/glibc/wiki/Y2038ProofnessDesign - Linux kernel 5.6 on 32-bit platforms does support 64-bit time_t https://itsubuntu.com/linux-kernel-5-6-to-fix-the-year-2038-issue-unix-y2k/ - https://www.gnu.org/software/libc/manual/html_node/64_002dbit-time-symbol-handling.html "Note: at this point, 64-bit time support in dual-time configurations is work-in-progress, so for these configurations, the public API only makes the 32-bit time support available. In a later change, the public API will allow user code to choose the time size for a given compilation unit." - compiling with -D_TIME_BITS=64 currently has no effect - glibc recent (Jul 2021) mailing list discussion - https://public-inbox.org/bug-gnulib/878s2ozq70.fsf@oldenburg.str.redhat.com/T/ - FreeBSD i386 - DragonFlyBSD 32-bit * Y2038 mitigations attempted on Y2038-UNSAFE platforms (32-bit signed time_t) * lighttpd prefers system monotonic clock instead of realtime clock in places where realtime clock is not required * lighttpd treats negative time_t values as after 19 Jan 2038 03:14:07 GMT * (lighttpd presumes that lighttpd will not encounter dates before 1970 during normal operation.) * lighttpd casts struct stat st.st_mtime (and st.st_*time) through uint64_t to convert negative timestamps for comparisions with 64-bit timestamps (treating negative timestamp values as after 19 Jan 2038 03:14:07 GMT) * lighttpd provides unix_time64_t (int64_t) and * lighttpd provides struct unix_timespec64 (unix_timespec64_t) (struct timespec equivalent using unix_time64_t tv_sec member) * lighttpd provides gmtime64_r() and localtime64_r() wrappers for platforms 32-bit platforms using 32-bit time_t and lighttpd temporarily shifts the year in order to use gmtime_r() and localtime_r() (or gmtime() and localtime()) from standard libraries, before readjusting year and passing struct tm to formatting functions such as strftime() * lighttpd provides TIME64_CAST() macro to cast signed 32-bit time_t to unsigned 32-bit and then to unix_time64_t * Note: while lighttpd tries handle times past 19 Jan 2038 03:14:07 GMT on 32-bit platforms using 32-bit signed time_t, underlying libraries and underlying filesystems might not behave properly after 32-bit signed time_t overflows (19 Jan 2038 03:14:08 GMT). If a given 32-bit OS does not work properly using negative time_t values, then lighttpd likely will not work properly on that system. * Other references and blogs - https://en.wikipedia.org/wiki/Year_2038_problem - https://en.wikipedia.org/wiki/Time_formatting_and_storage_bugs - http://www.lieberbiber.de/2017/03/14/a-look-at-the-year-20362038-problems-and-time-proofness-in-various-systems/
2021-07-12 18:46:49 +00:00
static unix_time64_t tm_year_last_check;
[core] specialized strptime() for HTTP date fmts
2020-11-21 15:42:10 +00:00
static int tm_year_cur;
static int tm_year_base;
/* (log_epoch_secs is a global variable, maintained elsewhere) */
/* (optimization: check for year change no more than once per min) */
if (log_epoch_secs >= tm_year_last_check + 60) {
struct tm tm_cur;
[multiple] Y2038 32-bit signed time_t mitigations Most OS platforms have already provided solutions to Y2038 32-bit signed time_t 5 - 10 years ago (or more!) Notable exceptions are Linux i686 and FreeBSD i386. Since 32-bit systems tend to be embedded systems, and since many distros take years to pick up new software, this commit aims to provide Y2038 mitigations for lighttpd running on 32-bit systems with Y2038-unsafe 32-bit signed time_t * Y2038: lighttpd 1.4.60 and later report Y2038 safety $ lighttpd -V + Y2038 support # Y2038-SAFE $ lighttpd -V - Y2038 support (unsafe 32-bit signed time_t) # Y2038-UNSAFE * Y2038: general platform info * Y2038-SAFE: lighttpd 64-bit builds on platforms using 64-bit time_t - all major 64-bit platforms (known to this author) use 64-bit time_t * Y2038-SAFE: lighttpd 32-bit builds on platforms using 64-bit time_t - Linux x32 ABI (different from i686) - FreeBSD all 32-bit and 64-bit architectures *except* 32-bit i386 - NetBSD 6.0 (released Oct 2012) all 32-bit and 64-bit architectures - OpenBSD 5.5 (released May 2014) all 32-bit and 64-bit architectures - Microsoft Windows XP and Visual Studio 2005 (? unsure ?) Another reference suggests Visual Studio 2015 defaults to 64-bit time_t - MacOS 10.15 Catalina (released 2019) drops support for 32-bit apps * Y2038-SAFE: lighttpd 32-bit builds on platforms using 32-bit unsigned time_t - e.g. OpenVMS (unknown if lighttpd builds on this platform) * Y2038-UNSAFE: lighttpd 32-bit builds on platforms using 32-bit signed time_t - Linux 32-bit (including i686) - glibc 32-bit library support not yet available for 64-bit time_t - https://sourceware.org/glibc/wiki/Y2038ProofnessDesign - Linux kernel 5.6 on 32-bit platforms does support 64-bit time_t https://itsubuntu.com/linux-kernel-5-6-to-fix-the-year-2038-issue-unix-y2k/ - https://www.gnu.org/software/libc/manual/html_node/64_002dbit-time-symbol-handling.html "Note: at this point, 64-bit time support in dual-time configurations is work-in-progress, so for these configurations, the public API only makes the 32-bit time support available. In a later change, the public API will allow user code to choose the time size for a given compilation unit." - compiling with -D_TIME_BITS=64 currently has no effect - glibc recent (Jul 2021) mailing list discussion - https://public-inbox.org/bug-gnulib/878s2ozq70.fsf@oldenburg.str.redhat.com/T/ - FreeBSD i386 - DragonFlyBSD 32-bit * Y2038 mitigations attempted on Y2038-UNSAFE platforms (32-bit signed time_t) * lighttpd prefers system monotonic clock instead of realtime clock in places where realtime clock is not required * lighttpd treats negative time_t values as after 19 Jan 2038 03:14:07 GMT * (lighttpd presumes that lighttpd will not encounter dates before 1970 during normal operation.) * lighttpd casts struct stat st.st_mtime (and st.st_*time) through uint64_t to convert negative timestamps for comparisions with 64-bit timestamps (treating negative timestamp values as after 19 Jan 2038 03:14:07 GMT) * lighttpd provides unix_time64_t (int64_t) and * lighttpd provides struct unix_timespec64 (unix_timespec64_t) (struct timespec equivalent using unix_time64_t tv_sec member) * lighttpd provides gmtime64_r() and localtime64_r() wrappers for platforms 32-bit platforms using 32-bit time_t and lighttpd temporarily shifts the year in order to use gmtime_r() and localtime_r() (or gmtime() and localtime()) from standard libraries, before readjusting year and passing struct tm to formatting functions such as strftime() * lighttpd provides TIME64_CAST() macro to cast signed 32-bit time_t to unsigned 32-bit and then to unix_time64_t * Note: while lighttpd tries handle times past 19 Jan 2038 03:14:07 GMT on 32-bit platforms using 32-bit signed time_t, underlying libraries and underlying filesystems might not behave properly after 32-bit signed time_t overflows (19 Jan 2038 03:14:08 GMT). If a given 32-bit OS does not work properly using negative time_t values, then lighttpd likely will not work properly on that system. * Other references and blogs - https://en.wikipedia.org/wiki/Year_2038_problem - https://en.wikipedia.org/wiki/Time_formatting_and_storage_bugs - http://www.lieberbiber.de/2017/03/14/a-look-at-the-year-20362038-problems-and-time-proofness-in-various-systems/
2021-07-12 18:46:49 +00:00
if (NULL != gmtime64_r(&log_epoch_secs, &tm_cur)) {
[core] specialized strptime() for HTTP date fmts
2020-11-21 15:42:10 +00:00
tm_year_last_check = log_epoch_secs;
if (tm_cur.tm_year != tm_year_cur) {
tm_year_cur = tm_cur.tm_year;
tm_year_base = tm_year_cur - (tm_year_cur % 100);
}
}
}
/* Note: does not validate numerical ranges of
* tm_mday, tm_hour, tm_min, tm_sec */
/* Note: does not validate tm_wday beyond first three chars */
tm->tm_isdst = 0;
tm->tm_yday = 0;
tm->tm_wday = 0;
tm->tm_mon = 0;
const char * const tens = datestrs;
const char *p = tens + 10;
do {
if (s[0] == p[0] && s[1] == p[1] && s[2] == p[2]) break;
p += 3;
} while (++tm->tm_wday < 7);
if (7 == tm->tm_wday) return NULL;
s += 3;
while (*s != ',' && *s != '\0') ++s;
if (s[0] != ',' || s[1] != ' '
|| !light_isdigit(s[2]) || !light_isdigit(s[3]))
return NULL;
tm->tm_mday = tens[(s[2]-'0')] + (s[3]-'0');
if ( s[4] != '-') return NULL;
p = tens + 10 + sizeof("SunMonTueWedThuFriSat")-1;
do {
if (s[5] == p[0] && s[6] == p[1] && s[7] == p[2]) break;
p += 3;
} while (++tm->tm_mon < 12);
if (12 == tm->tm_mon) return NULL;
[core] http_date.[ch] encapsulate HTTP-date parse http_date.[ch] encapsulate HTTP-date parse/compare (import from one of my development branches from 2015)
2020-11-21 14:51:40 +00:00
[core] specialized strptime() for HTTP date fmts
2020-11-21 15:42:10 +00:00
if (s[8] != '-' || !light_isdigit(s[9]) || !light_isdigit(s[10]))
return NULL;
tm->tm_year = tens[(s[9]-'0')] + (s[10]-'0') + tm_year_base;
if (tm->tm_year > tm_year_cur + 50) tm->tm_year -= 100;
[core] http_date.[ch] encapsulate HTTP-date parse http_date.[ch] encapsulate HTTP-date parse/compare (import from one of my development branches from 2015)
2020-11-21 14:51:40 +00:00
[core] specialized strptime() for HTTP date fmts
2020-11-21 15:42:10 +00:00
if (s[11] != ' ' || !light_isdigit(s[12]) || !light_isdigit(s[13]))
return NULL;
tm->tm_hour = tens[(s[12]-'0')] + (s[13]-'0');
if (s[14] != ':' || !light_isdigit(s[15]) || !light_isdigit(s[16]))
return NULL;
tm->tm_min = tens[(s[15]-'0')] + (s[16]-'0');
if (s[17] != ':' || !light_isdigit(s[18]) || !light_isdigit(s[19]))
return NULL;
tm->tm_sec = tens[(s[18]-'0')] + (s[19]-'0');
if (s[20] != ' ' || s[21] != 'G' || s[22] != 'M' || s[23] != 'T')
return NULL;
return s+24; /*(24 chars from ',' following the variable len wday)*/
}
__attribute_cold__
static const char *
http_date_parse_asctime (const char * const s, struct tm * const tm)
{
/* Note: does not validate numerical ranges of
* tm_mday, tm_hour, tm_min, tm_sec */
tm->tm_isdst = 0;
tm->tm_yday = 0;
tm->tm_wday = 0;
tm->tm_mon = 0;
const char * const tens = datestrs;
const char *p = tens + 10;
do {
if (s[0] == p[0] && s[1] == p[1] && s[2] == p[2]) break;
p += 3;
} while (++tm->tm_wday < 7);
if (7 == tm->tm_wday) return NULL;
if (s[3] != ' ') return NULL;
p = tens + 10 + sizeof("SunMonTueWedThuFriSat")-1;
do {
if (s[4] == p[0] && s[5] == p[1] && s[6] == p[2]) break;
p += 3;
} while (++tm->tm_mon < 12);
if (12 == tm->tm_mon) return NULL;
if (s[7] != ' ' || (s[8] != ' ' && !light_isdigit(s[8]))
|| !light_isdigit(s[9]))
return NULL;
tm->tm_mday = (s[8] == ' ' ? 0 : tens[(s[8]-'0')]) + (s[9]-'0');
if (s[10] != ' ' || !light_isdigit(s[11]) || !light_isdigit(s[12]))
return NULL;
tm->tm_hour = tens[(s[11]-'0')] + (s[12]-'0');
if (s[13] != ':' || !light_isdigit(s[14]) || !light_isdigit(s[15]))
return NULL;
tm->tm_min = tens[(s[14]-'0')] + (s[15]-'0');
if (s[16] != ':' || !light_isdigit(s[17]) || !light_isdigit(s[18]))
return NULL;
tm->tm_sec = tens[(s[17]-'0')] + (s[18]-'0');
if (s[19] != ' ' || !light_isdigit(s[20]) || !light_isdigit(s[21])
|| !light_isdigit(s[22]) || !light_isdigit(s[23])) return NULL;
tm->tm_year =(tens[(s[20]-'0')] + (s[21]-'0'))*100
+ tens[(s[22]-'0')] + (s[23]-'0') - 1900;
return s+24;
}
static const char *
http_date_parse_IMF_fixdate (const char * const s, struct tm * const tm)
{
/* Note: does not validate numerical ranges of
* tm_mday, tm_hour, tm_min, tm_sec */
tm->tm_isdst = 0;
tm->tm_yday = 0;
tm->tm_wday = 0;
tm->tm_mon = 0;
const char * const tens = datestrs;
const char *p = tens + 10;
do {
if (s[0] == p[0] && s[1] == p[1] && s[2] == p[2]) break;
p += 3;
} while (++tm->tm_wday < 7);
if (7 == tm->tm_wday) return NULL;
if (s[3] != ',' || s[4] != ' '
|| !light_isdigit(s[5]) || !light_isdigit(s[6]))
return NULL;
tm->tm_mday = tens[(s[5]-'0')] + (s[6]-'0');
if ( s[7] != ' ') return NULL;
p = tens + 10 + sizeof("SunMonTueWedThuFriSat")-1;
do {
if (s[8] == p[0] && s[9] == p[1] && s[10] == p[2]) break;
p += 3;
} while (++tm->tm_mon < 12);
if (12 == tm->tm_mon) return NULL;
if (s[11] != ' ' || !light_isdigit(s[12]) || !light_isdigit(s[13])
|| !light_isdigit(s[14]) || !light_isdigit(s[15])) return NULL;
tm->tm_year =(tens[(s[12]-'0')] + (s[13]-'0'))*100
+ tens[(s[14]-'0')] + (s[15]-'0') - 1900;
if (s[16] != ' ' || !light_isdigit(s[17]) || !light_isdigit(s[18]))
return NULL;
tm->tm_hour = tens[(s[17]-'0')] + (s[18]-'0');
if (s[19] != ':' || !light_isdigit(s[20]) || !light_isdigit(s[21]))
return NULL;
tm->tm_min = tens[(s[20]-'0')] + (s[21]-'0');
if (s[22] != ':' || !light_isdigit(s[23]) || !light_isdigit(s[24]))
return NULL;
tm->tm_sec = tens[(s[23]-'0')] + (s[24]-'0');
if (s[25] != ' ' || s[26] != 'G' || s[27] != 'M' || s[28] != 'T')
return NULL;
return s+29;
}
static const char *
[multiple] employ http_date.h, sys-time.h - replace use of strptime() w/ implementation specialized for HTTP dates - use thread-safe gmtime_r(), localtime_r() (replace localtime, gmtime)
2020-11-22 07:41:11 +00:00
http_date_str_to_tm (const char * const s, const uint32_t len,
struct tm * const tm)
[core] http_date.[ch] encapsulate HTTP-date parse http_date.[ch] encapsulate HTTP-date parse/compare (import from one of my development branches from 2015)
2020-11-21 14:51:40 +00:00
{
[multiple] employ http_date.h, sys-time.h - replace use of strptime() w/ implementation specialized for HTTP dates - use thread-safe gmtime_r(), localtime_r() (replace localtime, gmtime)
2020-11-22 07:41:11 +00:00
[core] http_date.[ch] encapsulate HTTP-date parse http_date.[ch] encapsulate HTTP-date parse/compare (import from one of my development branches from 2015)
2020-11-21 14:51:40 +00:00
/* attempt strptime() using multiple date formats
[core] specialized strptime() for HTTP date fmts
2020-11-21 15:42:10 +00:00
* support RFC 822,1123,7231; RFC 850; and ANSI C asctime() date strings,
[core] http_date.[ch] encapsulate HTTP-date parse http_date.[ch] encapsulate HTTP-date parse/compare (import from one of my development branches from 2015)
2020-11-21 14:51:40 +00:00
* as required by [RFC7231] https://tools.ietf.org/html/rfc7231#section-7.1
* [RFC7231] 7.1.1.1 Date/Time Formats
* HTTP-date = IMF-fixdate / obs-date
* [...]
* A recipient that parses a timestamp value in an HTTP header field
* MUST accept all three HTTP-date formats.
*/
[core] specialized strptime() for HTTP date fmts
2020-11-21 15:42:10 +00:00
/* employ specialized strptime()
* - HTTP expected date formats are known, so not needed as input param
* - HTTP expected date string content is in C locale and is case-sensitive
* - returns (const char *) instead of strptime() (char *) return type
[multiple] employ http_date.h, sys-time.h - replace use of strptime() w/ implementation specialized for HTTP dates - use thread-safe gmtime_r(), localtime_r() (replace localtime, gmtime)
2020-11-22 07:41:11 +00:00
* - returns NULL if error (if date string could not be parsed)
* Note: internal implementation requires '\0'-terminated string, or at
* least one valid char after partial match of RFC 850 or asctime formats */
[core] specialized strptime() for HTTP date fmts
2020-11-21 15:42:10 +00:00
if (len == 29)
return http_date_parse_IMF_fixdate(s, tm);
else if (len > 29)
return http_date_parse_RFC_850(s, tm);
else /* len < 29 */
return http_date_parse_asctime(s, tm);
[core] http_date.[ch] encapsulate HTTP-date parse http_date.[ch] encapsulate HTTP-date parse/compare (import from one of my development branches from 2015)
2020-11-21 14:51:40 +00:00
}
[multiple] employ http_date.h, sys-time.h - replace use of strptime() w/ implementation specialized for HTTP dates - use thread-safe gmtime_r(), localtime_r() (replace localtime, gmtime)
2020-11-22 07:41:11 +00:00
uint32_t
[multiple] Y2038 32-bit signed time_t mitigations Most OS platforms have already provided solutions to Y2038 32-bit signed time_t 5 - 10 years ago (or more!) Notable exceptions are Linux i686 and FreeBSD i386. Since 32-bit systems tend to be embedded systems, and since many distros take years to pick up new software, this commit aims to provide Y2038 mitigations for lighttpd running on 32-bit systems with Y2038-unsafe 32-bit signed time_t * Y2038: lighttpd 1.4.60 and later report Y2038 safety $ lighttpd -V + Y2038 support # Y2038-SAFE $ lighttpd -V - Y2038 support (unsafe 32-bit signed time_t) # Y2038-UNSAFE * Y2038: general platform info * Y2038-SAFE: lighttpd 64-bit builds on platforms using 64-bit time_t - all major 64-bit platforms (known to this author) use 64-bit time_t * Y2038-SAFE: lighttpd 32-bit builds on platforms using 64-bit time_t - Linux x32 ABI (different from i686) - FreeBSD all 32-bit and 64-bit architectures *except* 32-bit i386 - NetBSD 6.0 (released Oct 2012) all 32-bit and 64-bit architectures - OpenBSD 5.5 (released May 2014) all 32-bit and 64-bit architectures - Microsoft Windows XP and Visual Studio 2005 (? unsure ?) Another reference suggests Visual Studio 2015 defaults to 64-bit time_t - MacOS 10.15 Catalina (released 2019) drops support for 32-bit apps * Y2038-SAFE: lighttpd 32-bit builds on platforms using 32-bit unsigned time_t - e.g. OpenVMS (unknown if lighttpd builds on this platform) * Y2038-UNSAFE: lighttpd 32-bit builds on platforms using 32-bit signed time_t - Linux 32-bit (including i686) - glibc 32-bit library support not yet available for 64-bit time_t - https://sourceware.org/glibc/wiki/Y2038ProofnessDesign - Linux kernel 5.6 on 32-bit platforms does support 64-bit time_t https://itsubuntu.com/linux-kernel-5-6-to-fix-the-year-2038-issue-unix-y2k/ - https://www.gnu.org/software/libc/manual/html_node/64_002dbit-time-symbol-handling.html "Note: at this point, 64-bit time support in dual-time configurations is work-in-progress, so for these configurations, the public API only makes the 32-bit time support available. In a later change, the public API will allow user code to choose the time size for a given compilation unit." - compiling with -D_TIME_BITS=64 currently has no effect - glibc recent (Jul 2021) mailing list discussion - https://public-inbox.org/bug-gnulib/878s2ozq70.fsf@oldenburg.str.redhat.com/T/ - FreeBSD i386 - DragonFlyBSD 32-bit * Y2038 mitigations attempted on Y2038-UNSAFE platforms (32-bit signed time_t) * lighttpd prefers system monotonic clock instead of realtime clock in places where realtime clock is not required * lighttpd treats negative time_t values as after 19 Jan 2038 03:14:07 GMT * (lighttpd presumes that lighttpd will not encounter dates before 1970 during normal operation.) * lighttpd casts struct stat st.st_mtime (and st.st_*time) through uint64_t to convert negative timestamps for comparisions with 64-bit timestamps (treating negative timestamp values as after 19 Jan 2038 03:14:07 GMT) * lighttpd provides unix_time64_t (int64_t) and * lighttpd provides struct unix_timespec64 (unix_timespec64_t) (struct timespec equivalent using unix_time64_t tv_sec member) * lighttpd provides gmtime64_r() and localtime64_r() wrappers for platforms 32-bit platforms using 32-bit time_t and lighttpd temporarily shifts the year in order to use gmtime_r() and localtime_r() (or gmtime() and localtime()) from standard libraries, before readjusting year and passing struct tm to formatting functions such as strftime() * lighttpd provides TIME64_CAST() macro to cast signed 32-bit time_t to unsigned 32-bit and then to unix_time64_t * Note: while lighttpd tries handle times past 19 Jan 2038 03:14:07 GMT on 32-bit platforms using 32-bit signed time_t, underlying libraries and underlying filesystems might not behave properly after 32-bit signed time_t overflows (19 Jan 2038 03:14:08 GMT). If a given 32-bit OS does not work properly using negative time_t values, then lighttpd likely will not work properly on that system. * Other references and blogs - https://en.wikipedia.org/wiki/Year_2038_problem - https://en.wikipedia.org/wiki/Time_formatting_and_storage_bugs - http://www.lieberbiber.de/2017/03/14/a-look-at-the-year-20362038-problems-and-time-proofness-in-various-systems/
2021-07-12 18:46:49 +00:00
http_date_time_to_str (char * const s, const size_t sz, const unix_time64_t t)
[core] http_date.[ch] encapsulate HTTP-date parse http_date.[ch] encapsulate HTTP-date parse/compare (import from one of my development branches from 2015)
2020-11-21 14:51:40 +00:00
{
/*('max' is expected to be >= 30 (IMF-fixdate is 29 chars + '\0'))*/
struct tm tm;
[multiple] employ http_date.h, sys-time.h - replace use of strptime() w/ implementation specialized for HTTP dates - use thread-safe gmtime_r(), localtime_r() (replace localtime, gmtime)
2020-11-22 07:41:11 +00:00
const char fmt[] = "%a, %d %b %Y %T GMT"; /*IMF-fixdate fmt*/
[multiple] Y2038 32-bit signed time_t mitigations Most OS platforms have already provided solutions to Y2038 32-bit signed time_t 5 - 10 years ago (or more!) Notable exceptions are Linux i686 and FreeBSD i386. Since 32-bit systems tend to be embedded systems, and since many distros take years to pick up new software, this commit aims to provide Y2038 mitigations for lighttpd running on 32-bit systems with Y2038-unsafe 32-bit signed time_t * Y2038: lighttpd 1.4.60 and later report Y2038 safety $ lighttpd -V + Y2038 support # Y2038-SAFE $ lighttpd -V - Y2038 support (unsafe 32-bit signed time_t) # Y2038-UNSAFE * Y2038: general platform info * Y2038-SAFE: lighttpd 64-bit builds on platforms using 64-bit time_t - all major 64-bit platforms (known to this author) use 64-bit time_t * Y2038-SAFE: lighttpd 32-bit builds on platforms using 64-bit time_t - Linux x32 ABI (different from i686) - FreeBSD all 32-bit and 64-bit architectures *except* 32-bit i386 - NetBSD 6.0 (released Oct 2012) all 32-bit and 64-bit architectures - OpenBSD 5.5 (released May 2014) all 32-bit and 64-bit architectures - Microsoft Windows XP and Visual Studio 2005 (? unsure ?) Another reference suggests Visual Studio 2015 defaults to 64-bit time_t - MacOS 10.15 Catalina (released 2019) drops support for 32-bit apps * Y2038-SAFE: lighttpd 32-bit builds on platforms using 32-bit unsigned time_t - e.g. OpenVMS (unknown if lighttpd builds on this platform) * Y2038-UNSAFE: lighttpd 32-bit builds on platforms using 32-bit signed time_t - Linux 32-bit (including i686) - glibc 32-bit library support not yet available for 64-bit time_t - https://sourceware.org/glibc/wiki/Y2038ProofnessDesign - Linux kernel 5.6 on 32-bit platforms does support 64-bit time_t https://itsubuntu.com/linux-kernel-5-6-to-fix-the-year-2038-issue-unix-y2k/ - https://www.gnu.org/software/libc/manual/html_node/64_002dbit-time-symbol-handling.html "Note: at this point, 64-bit time support in dual-time configurations is work-in-progress, so for these configurations, the public API only makes the 32-bit time support available. In a later change, the public API will allow user code to choose the time size for a given compilation unit." - compiling with -D_TIME_BITS=64 currently has no effect - glibc recent (Jul 2021) mailing list discussion - https://public-inbox.org/bug-gnulib/878s2ozq70.fsf@oldenburg.str.redhat.com/T/ - FreeBSD i386 - DragonFlyBSD 32-bit * Y2038 mitigations attempted on Y2038-UNSAFE platforms (32-bit signed time_t) * lighttpd prefers system monotonic clock instead of realtime clock in places where realtime clock is not required * lighttpd treats negative time_t values as after 19 Jan 2038 03:14:07 GMT * (lighttpd presumes that lighttpd will not encounter dates before 1970 during normal operation.) * lighttpd casts struct stat st.st_mtime (and st.st_*time) through uint64_t to convert negative timestamps for comparisions with 64-bit timestamps (treating negative timestamp values as after 19 Jan 2038 03:14:07 GMT) * lighttpd provides unix_time64_t (int64_t) and * lighttpd provides struct unix_timespec64 (unix_timespec64_t) (struct timespec equivalent using unix_time64_t tv_sec member) * lighttpd provides gmtime64_r() and localtime64_r() wrappers for platforms 32-bit platforms using 32-bit time_t and lighttpd temporarily shifts the year in order to use gmtime_r() and localtime_r() (or gmtime() and localtime()) from standard libraries, before readjusting year and passing struct tm to formatting functions such as strftime() * lighttpd provides TIME64_CAST() macro to cast signed 32-bit time_t to unsigned 32-bit and then to unix_time64_t * Note: while lighttpd tries handle times past 19 Jan 2038 03:14:07 GMT on 32-bit platforms using 32-bit signed time_t, underlying libraries and underlying filesystems might not behave properly after 32-bit signed time_t overflows (19 Jan 2038 03:14:08 GMT). If a given 32-bit OS does not work properly using negative time_t values, then lighttpd likely will not work properly on that system. * Other references and blogs - https://en.wikipedia.org/wiki/Year_2038_problem - https://en.wikipedia.org/wiki/Time_formatting_and_storage_bugs - http://www.lieberbiber.de/2017/03/14/a-look-at-the-year-20362038-problems-and-time-proofness-in-various-systems/
2021-07-12 18:46:49 +00:00
return (__builtin_expect( (NULL != gmtime64_r(&t, &tm)), 1))
[multiple] employ http_date.h, sys-time.h - replace use of strptime() w/ implementation specialized for HTTP dates - use thread-safe gmtime_r(), localtime_r() (replace localtime, gmtime)
2020-11-22 07:41:11 +00:00
? (uint32_t)strftime(s, sz, fmt, &tm)
[core] http_date.[ch] encapsulate HTTP-date parse http_date.[ch] encapsulate HTTP-date parse/compare (import from one of my development branches from 2015)
2020-11-21 14:51:40 +00:00
: 0;
}
int
[multiple] employ http_date.h, sys-time.h - replace use of strptime() w/ implementation specialized for HTTP dates - use thread-safe gmtime_r(), localtime_r() (replace localtime, gmtime)
2020-11-22 07:41:11 +00:00
http_date_if_modified_since (const char * const ifmod, const uint32_t ifmodlen,
[multiple] Y2038 32-bit signed time_t mitigations Most OS platforms have already provided solutions to Y2038 32-bit signed time_t 5 - 10 years ago (or more!) Notable exceptions are Linux i686 and FreeBSD i386. Since 32-bit systems tend to be embedded systems, and since many distros take years to pick up new software, this commit aims to provide Y2038 mitigations for lighttpd running on 32-bit systems with Y2038-unsafe 32-bit signed time_t * Y2038: lighttpd 1.4.60 and later report Y2038 safety $ lighttpd -V + Y2038 support # Y2038-SAFE $ lighttpd -V - Y2038 support (unsafe 32-bit signed time_t) # Y2038-UNSAFE * Y2038: general platform info * Y2038-SAFE: lighttpd 64-bit builds on platforms using 64-bit time_t - all major 64-bit platforms (known to this author) use 64-bit time_t * Y2038-SAFE: lighttpd 32-bit builds on platforms using 64-bit time_t - Linux x32 ABI (different from i686) - FreeBSD all 32-bit and 64-bit architectures *except* 32-bit i386 - NetBSD 6.0 (released Oct 2012) all 32-bit and 64-bit architectures - OpenBSD 5.5 (released May 2014) all 32-bit and 64-bit architectures - Microsoft Windows XP and Visual Studio 2005 (? unsure ?) Another reference suggests Visual Studio 2015 defaults to 64-bit time_t - MacOS 10.15 Catalina (released 2019) drops support for 32-bit apps * Y2038-SAFE: lighttpd 32-bit builds on platforms using 32-bit unsigned time_t - e.g. OpenVMS (unknown if lighttpd builds on this platform) * Y2038-UNSAFE: lighttpd 32-bit builds on platforms using 32-bit signed time_t - Linux 32-bit (including i686) - glibc 32-bit library support not yet available for 64-bit time_t - https://sourceware.org/glibc/wiki/Y2038ProofnessDesign - Linux kernel 5.6 on 32-bit platforms does support 64-bit time_t https://itsubuntu.com/linux-kernel-5-6-to-fix-the-year-2038-issue-unix-y2k/ - https://www.gnu.org/software/libc/manual/html_node/64_002dbit-time-symbol-handling.html "Note: at this point, 64-bit time support in dual-time configurations is work-in-progress, so for these configurations, the public API only makes the 32-bit time support available. In a later change, the public API will allow user code to choose the time size for a given compilation unit." - compiling with -D_TIME_BITS=64 currently has no effect - glibc recent (Jul 2021) mailing list discussion - https://public-inbox.org/bug-gnulib/878s2ozq70.fsf@oldenburg.str.redhat.com/T/ - FreeBSD i386 - DragonFlyBSD 32-bit * Y2038 mitigations attempted on Y2038-UNSAFE platforms (32-bit signed time_t) * lighttpd prefers system monotonic clock instead of realtime clock in places where realtime clock is not required * lighttpd treats negative time_t values as after 19 Jan 2038 03:14:07 GMT * (lighttpd presumes that lighttpd will not encounter dates before 1970 during normal operation.) * lighttpd casts struct stat st.st_mtime (and st.st_*time) through uint64_t to convert negative timestamps for comparisions with 64-bit timestamps (treating negative timestamp values as after 19 Jan 2038 03:14:07 GMT) * lighttpd provides unix_time64_t (int64_t) and * lighttpd provides struct unix_timespec64 (unix_timespec64_t) (struct timespec equivalent using unix_time64_t tv_sec member) * lighttpd provides gmtime64_r() and localtime64_r() wrappers for platforms 32-bit platforms using 32-bit time_t and lighttpd temporarily shifts the year in order to use gmtime_r() and localtime_r() (or gmtime() and localtime()) from standard libraries, before readjusting year and passing struct tm to formatting functions such as strftime() * lighttpd provides TIME64_CAST() macro to cast signed 32-bit time_t to unsigned 32-bit and then to unix_time64_t * Note: while lighttpd tries handle times past 19 Jan 2038 03:14:07 GMT on 32-bit platforms using 32-bit signed time_t, underlying libraries and underlying filesystems might not behave properly after 32-bit signed time_t overflows (19 Jan 2038 03:14:08 GMT). If a given 32-bit OS does not work properly using negative time_t values, then lighttpd likely will not work properly on that system. * Other references and blogs - https://en.wikipedia.org/wiki/Year_2038_problem - https://en.wikipedia.org/wiki/Time_formatting_and_storage_bugs - http://www.lieberbiber.de/2017/03/14/a-look-at-the-year-20362038-problems-and-time-proofness-in-various-systems/
2021-07-12 18:46:49 +00:00
const unix_time64_t lmtime)
[core] http_date.[ch] encapsulate HTTP-date parse http_date.[ch] encapsulate HTTP-date parse/compare (import from one of my development branches from 2015)
2020-11-21 14:51:40 +00:00
{
struct tm ifmodtm;
[multiple] employ http_date.h, sys-time.h - replace use of strptime() w/ implementation specialized for HTTP dates - use thread-safe gmtime_r(), localtime_r() (replace localtime, gmtime)
2020-11-22 07:41:11 +00:00
if (NULL == http_date_str_to_tm(ifmod, ifmodlen, &ifmodtm))
[core] http_date.[ch] encapsulate HTTP-date parse http_date.[ch] encapsulate HTTP-date parse/compare (import from one of my development branches from 2015)
2020-11-21 14:51:40 +00:00
return 1; /* date parse error */
[core] move timegm() impl inline in sys-time.h (for systems without timegm())
2021-04-26 16:50:20 +00:00
const time_t ifmtime = timegm(&ifmodtm);
[multiple] Y2038 32-bit signed time_t mitigations Most OS platforms have already provided solutions to Y2038 32-bit signed time_t 5 - 10 years ago (or more!) Notable exceptions are Linux i686 and FreeBSD i386. Since 32-bit systems tend to be embedded systems, and since many distros take years to pick up new software, this commit aims to provide Y2038 mitigations for lighttpd running on 32-bit systems with Y2038-unsafe 32-bit signed time_t * Y2038: lighttpd 1.4.60 and later report Y2038 safety $ lighttpd -V + Y2038 support # Y2038-SAFE $ lighttpd -V - Y2038 support (unsafe 32-bit signed time_t) # Y2038-UNSAFE * Y2038: general platform info * Y2038-SAFE: lighttpd 64-bit builds on platforms using 64-bit time_t - all major 64-bit platforms (known to this author) use 64-bit time_t * Y2038-SAFE: lighttpd 32-bit builds on platforms using 64-bit time_t - Linux x32 ABI (different from i686) - FreeBSD all 32-bit and 64-bit architectures *except* 32-bit i386 - NetBSD 6.0 (released Oct 2012) all 32-bit and 64-bit architectures - OpenBSD 5.5 (released May 2014) all 32-bit and 64-bit architectures - Microsoft Windows XP and Visual Studio 2005 (? unsure ?) Another reference suggests Visual Studio 2015 defaults to 64-bit time_t - MacOS 10.15 Catalina (released 2019) drops support for 32-bit apps * Y2038-SAFE: lighttpd 32-bit builds on platforms using 32-bit unsigned time_t - e.g. OpenVMS (unknown if lighttpd builds on this platform) * Y2038-UNSAFE: lighttpd 32-bit builds on platforms using 32-bit signed time_t - Linux 32-bit (including i686) - glibc 32-bit library support not yet available for 64-bit time_t - https://sourceware.org/glibc/wiki/Y2038ProofnessDesign - Linux kernel 5.6 on 32-bit platforms does support 64-bit time_t https://itsubuntu.com/linux-kernel-5-6-to-fix-the-year-2038-issue-unix-y2k/ - https://www.gnu.org/software/libc/manual/html_node/64_002dbit-time-symbol-handling.html "Note: at this point, 64-bit time support in dual-time configurations is work-in-progress, so for these configurations, the public API only makes the 32-bit time support available. In a later change, the public API will allow user code to choose the time size for a given compilation unit." - compiling with -D_TIME_BITS=64 currently has no effect - glibc recent (Jul 2021) mailing list discussion - https://public-inbox.org/bug-gnulib/878s2ozq70.fsf@oldenburg.str.redhat.com/T/ - FreeBSD i386 - DragonFlyBSD 32-bit * Y2038 mitigations attempted on Y2038-UNSAFE platforms (32-bit signed time_t) * lighttpd prefers system monotonic clock instead of realtime clock in places where realtime clock is not required * lighttpd treats negative time_t values as after 19 Jan 2038 03:14:07 GMT * (lighttpd presumes that lighttpd will not encounter dates before 1970 during normal operation.) * lighttpd casts struct stat st.st_mtime (and st.st_*time) through uint64_t to convert negative timestamps for comparisions with 64-bit timestamps (treating negative timestamp values as after 19 Jan 2038 03:14:07 GMT) * lighttpd provides unix_time64_t (int64_t) and * lighttpd provides struct unix_timespec64 (unix_timespec64_t) (struct timespec equivalent using unix_time64_t tv_sec member) * lighttpd provides gmtime64_r() and localtime64_r() wrappers for platforms 32-bit platforms using 32-bit time_t and lighttpd temporarily shifts the year in order to use gmtime_r() and localtime_r() (or gmtime() and localtime()) from standard libraries, before readjusting year and passing struct tm to formatting functions such as strftime() * lighttpd provides TIME64_CAST() macro to cast signed 32-bit time_t to unsigned 32-bit and then to unix_time64_t * Note: while lighttpd tries handle times past 19 Jan 2038 03:14:07 GMT on 32-bit platforms using 32-bit signed time_t, underlying libraries and underlying filesystems might not behave properly after 32-bit signed time_t overflows (19 Jan 2038 03:14:08 GMT). If a given 32-bit OS does not work properly using negative time_t values, then lighttpd likely will not work properly on that system. * Other references and blogs - https://en.wikipedia.org/wiki/Year_2038_problem - https://en.wikipedia.org/wiki/Time_formatting_and_storage_bugs - http://www.lieberbiber.de/2017/03/14/a-look-at-the-year-20362038-problems-and-time-proofness-in-various-systems/
2021-07-12 18:46:49 +00:00
#if HAS_TIME_BITS64
[core] http_date.[ch] encapsulate HTTP-date parse http_date.[ch] encapsulate HTTP-date parse/compare (import from one of my development branches from 2015)
2020-11-21 14:51:40 +00:00
return (lmtime > ifmtime);
[multiple] Y2038 32-bit signed time_t mitigations Most OS platforms have already provided solutions to Y2038 32-bit signed time_t 5 - 10 years ago (or more!) Notable exceptions are Linux i686 and FreeBSD i386. Since 32-bit systems tend to be embedded systems, and since many distros take years to pick up new software, this commit aims to provide Y2038 mitigations for lighttpd running on 32-bit systems with Y2038-unsafe 32-bit signed time_t * Y2038: lighttpd 1.4.60 and later report Y2038 safety $ lighttpd -V + Y2038 support # Y2038-SAFE $ lighttpd -V - Y2038 support (unsafe 32-bit signed time_t) # Y2038-UNSAFE * Y2038: general platform info * Y2038-SAFE: lighttpd 64-bit builds on platforms using 64-bit time_t - all major 64-bit platforms (known to this author) use 64-bit time_t * Y2038-SAFE: lighttpd 32-bit builds on platforms using 64-bit time_t - Linux x32 ABI (different from i686) - FreeBSD all 32-bit and 64-bit architectures *except* 32-bit i386 - NetBSD 6.0 (released Oct 2012) all 32-bit and 64-bit architectures - OpenBSD 5.5 (released May 2014) all 32-bit and 64-bit architectures - Microsoft Windows XP and Visual Studio 2005 (? unsure ?) Another reference suggests Visual Studio 2015 defaults to 64-bit time_t - MacOS 10.15 Catalina (released 2019) drops support for 32-bit apps * Y2038-SAFE: lighttpd 32-bit builds on platforms using 32-bit unsigned time_t - e.g. OpenVMS (unknown if lighttpd builds on this platform) * Y2038-UNSAFE: lighttpd 32-bit builds on platforms using 32-bit signed time_t - Linux 32-bit (including i686) - glibc 32-bit library support not yet available for 64-bit time_t - https://sourceware.org/glibc/wiki/Y2038ProofnessDesign - Linux kernel 5.6 on 32-bit platforms does support 64-bit time_t https://itsubuntu.com/linux-kernel-5-6-to-fix-the-year-2038-issue-unix-y2k/ - https://www.gnu.org/software/libc/manual/html_node/64_002dbit-time-symbol-handling.html "Note: at this point, 64-bit time support in dual-time configurations is work-in-progress, so for these configurations, the public API only makes the 32-bit time support available. In a later change, the public API will allow user code to choose the time size for a given compilation unit." - compiling with -D_TIME_BITS=64 currently has no effect - glibc recent (Jul 2021) mailing list discussion - https://public-inbox.org/bug-gnulib/878s2ozq70.fsf@oldenburg.str.redhat.com/T/ - FreeBSD i386 - DragonFlyBSD 32-bit * Y2038 mitigations attempted on Y2038-UNSAFE platforms (32-bit signed time_t) * lighttpd prefers system monotonic clock instead of realtime clock in places where realtime clock is not required * lighttpd treats negative time_t values as after 19 Jan 2038 03:14:07 GMT * (lighttpd presumes that lighttpd will not encounter dates before 1970 during normal operation.) * lighttpd casts struct stat st.st_mtime (and st.st_*time) through uint64_t to convert negative timestamps for comparisions with 64-bit timestamps (treating negative timestamp values as after 19 Jan 2038 03:14:07 GMT) * lighttpd provides unix_time64_t (int64_t) and * lighttpd provides struct unix_timespec64 (unix_timespec64_t) (struct timespec equivalent using unix_time64_t tv_sec member) * lighttpd provides gmtime64_r() and localtime64_r() wrappers for platforms 32-bit platforms using 32-bit time_t and lighttpd temporarily shifts the year in order to use gmtime_r() and localtime_r() (or gmtime() and localtime()) from standard libraries, before readjusting year and passing struct tm to formatting functions such as strftime() * lighttpd provides TIME64_CAST() macro to cast signed 32-bit time_t to unsigned 32-bit and then to unix_time64_t * Note: while lighttpd tries handle times past 19 Jan 2038 03:14:07 GMT on 32-bit platforms using 32-bit signed time_t, underlying libraries and underlying filesystems might not behave properly after 32-bit signed time_t overflows (19 Jan 2038 03:14:08 GMT). If a given 32-bit OS does not work properly using negative time_t values, then lighttpd likely will not work properly on that system. * Other references and blogs - https://en.wikipedia.org/wiki/Year_2038_problem - https://en.wikipedia.org/wiki/Time_formatting_and_storage_bugs - http://www.lieberbiber.de/2017/03/14/a-look-at-the-year-20362038-problems-and-time-proofness-in-various-systems/
2021-07-12 18:46:49 +00:00
#else
return (TIME64_CAST(lmtime) > TIME64_CAST(ifmtime) || ifmtime==(time_t)-1);
#endif
[core] http_date.[ch] encapsulate HTTP-date parse http_date.[ch] encapsulate HTTP-date parse/compare (import from one of my development branches from 2015)
2020-11-21 14:51:40 +00:00
/* returns 0 if not modified since,
* returns 1 if modified since or date parse error */
}