fix logic for If-None-Match: * test on non-existent entity
(regression in lighttpd 1.4.64)
If-None-Match: * should not fail on a non-existent entity,
as it may be used to make the request conditional on the
origin server having no current representation of the entity.
(see If-None-Match in RFC2616 and RFC7232)
(This logic had been changed in lighttpd 1.4.64 in
commit 8a535e7e06
when allowing bogus, non-'*' If-None-Match etags
for non-existent entities to not-match (and pass the check)
server.feature-flags += ("server.metrics-high-precision" => "enable")
(default: "disable")
enables high-resolution timestamps,
currently used for request start time
This is automatically enabled if mod_accesslog log record format uses
high-resolution format specifiers in the template, but this feature
needs to be enabled if that is not the case and a high-resolution
request start time is desired for use in lua scripts run by mod_magnet,
e.g. to measure time-to-first-byte
https://wiki.lighttpd.net/AbsoLUAtion#Time-to-First-Byte
read-only access to r->server_name for coverage
setting r.req_attr["uri.authority"] in lua sets both r->uri.authority
and points r->server_name to r->uri.authority, and there is not an
obvious (to me) need to be able to set r->server_name separately.
(r->server_name might be set in lighttpd.conf, or else is the same as
r->uri.authority, unless modified by mod_simple_vhost default_host)
encapsulate accounting calculations in
http_request_stats_bytes_in()
http_request_stats_bytes_out()
more accurate accounting for HTTP/1.1 bytes_in on keep-alive requests
(affects case where client pipelines HTTP/1.1 requests)
remove con->bytes_read and con->bytes_written
(no longer needed since request_st was split from connection struct
and request bytes_read_ckpt and bytes_written_ckpt are maintained
for HTTP/1.x bytes_in and bytes_out accounting. Also, further back,
chunkqueue internal accounting was simplified to maintain bytes_in
and bytes_out to always match chunkqueue length)
deprecate lighty.r.req_attr["response.*] which returned strings
These experimental interfaces were added in lighttpd 1.4.56
along with addition of config magnet.attract-response-start-to = "...",
so this only affects new users of experimental interfaces in a new hook
deprecated experimental interfaces will be removed in next lighttpd rel
replacements:
r.req_attr["response.http-status"] -> r.req_item.http_status -- (int)
r.req_attr["response.body-length"] -> r.resp_body.len -- (int)
r.req_attr["response.body"] -> r.resp_body.get -- (str)
lighty.r.req_item.keep_alive
Allow lua scripts to set to 0 or -1. Setting to -1 might be used when
rejecting authentication, and this value will cause lighttpd to delay
the 401 Unauthorized response if the server feature is enabled (default)
server.feature-flags += ("auth.delay-invalid-creds" => "enable")
(experimental; untested)
Note: abstract sockets do not require filesystem access and can not be
protected using filesystem permissions; abstract sockets are accessible
by any process in the same network namespace on the same machine.
Abstract sockets can be passed to lighttpd via systemd socket activation
mechanism, via xinetd, or any other process which creates an abstract
socket and passes it to lighttpd. Abstract sockets can also be
configured in lighttpd.conf using a backslash-escaped double-quoted
string, where CTL and chars with high bit set are backslash-escaped into
"\\xFF", with "\\x" followed by two-byte hex encoding (e.g. "FF") for
each escaped char, e.g. "\\x00abstract-socket"
unix domain socket pedantic checks when received via HAProxy PROXY
protocol (and should already be enabled only from trusted upstreams)
UNIX_PATH_MAX might be different sizes in some OS, and might not be
defined. It is 108 on Linux, but might be 104 on BSD, MacOS, so be
a bit more pendantic about checking structure sizes and assigning
the path to the sock_addr.
remove usused accounting
simplify to use (64-bit) off_t for counting, but preserve doubles for
pretty-printing numbers with decimal point and size suffix
cleanup user-provided request and response headers
- remove leading and trailing whitespace from value
- replace with ' ' line ends following ',' in value
- warn if header value contains '\r' or '\n'
check con->h2 instead of r->http_version
(additional safeguard for #3152)
x-ref:
"Random Segfaults with version 1.4.64 w/ mod_sockproxy and ALPN h2"
https://redmine.lighttpd.net/issues/3152
rewrite lighty.r as table of methods implemented as userdata
(enable lua r table to potentially be reusable with other requests,
instead of relying on global table to obtain (request_st *)r)
various optimizations to reduce instruction memory use
set script env in first upvalue (_ENV upvalue) for func once,
upon script init, since script-env table is preserved and reused
(and script-env is cleared between script invocations)
Glenn Strauss