Commit Graph

2935 Commits

Author SHA1 Message Date
Glenn Strauss a46f519eb2 [multiple] use NSS crypto if no other crypto avail
use NSS crypto if no other crypto avail, but NSS crypto is available

"NSS crypto support" is not included in tests/
due to NSS libraries (freebl3) lacking public export for HMAC funcs
2020-10-19 21:40:14 -04:00
Glenn Strauss bdb5fb26a8 [wolfssl] wolfSSL_CTX_set_mode differs from others
wolfSSL_CTX_set_mode() differs from openssl SSL_CTX_set_mode().
wolfSSL_CTX_set_mode() takes a single flag at a time and has
sparse flag support (small number of recognized flags)
2020-10-19 21:40:14 -04:00
Glenn Strauss cf8cefceb6 [core] sys-crypto-md.h consistent interfaces
return values for sys-crypto-md.h interfaces

While some library implementations do not fail and have no return value,
others might fail on memory allocation or on failure to communicate with
an external or dedicated engine or device, e.g. which might store a
private key.

future: lighttpd callers of sys-crypto-md.h do not currently expect
        or check for errors from these digest functions, but should
        consider doing so.
2020-10-19 21:40:14 -04:00
Glenn Strauss 7553ef7f44 [multiple] openssl 3.0.0 digest interface migrate
provide implementations for conventional digest interfaces
but use the newer openssl digest interfaces under the hood

It is baffling that the openssl library -- with *thousands* of public
interfaces -- does not provide these, and suggests that openssl
developers do not frequently write apps which utilize these interfaces.
2020-10-19 21:40:14 -04:00
Glenn Strauss e6a87a894d [mod_openssl] merge ssl_tlsext_ticket_key_cb impls 2020-10-19 21:40:14 -04:00
Glenn Strauss cc6a76be12 [mod_openssl] construct OSSL_PARAM on stack 2020-10-19 21:40:14 -04:00
Glenn Strauss ebafd914e7 [mod_openssl] migrate ticket cb to openssl 3.0.0
migrate ticket cb to openssl 3.0.0 interface
2020-10-19 21:40:14 -04:00
Glenn Strauss e1bcdb5e9f [multiple] ignore openssl 3.0.0 deprecation warns
quiet openssl 3.0.0 deprecation warnings for
low-level digest algorithm interfaces

future: migrate to openssl interfaces:
  EVP_DigestInit_ex(3), EVP_DigestUpdate(3), and EVP_DigestFinal_ex(3)

2020-10-19 21:40:14 -04:00
Glenn Strauss a3ccc46be1 [mod_cgi] use splice() to send input to CGI
use splice(), if available (Linux), to send input from temp files to CGI
2020-10-19 21:40:14 -04:00
Glenn Strauss e18da93e44 [core] reuse chunkqueue_compact_mem*() 2020-10-19 21:40:14 -04:00
Glenn Strauss 9c25581d6f [core] alloc optim reading file, sending chunked
avoid potential double-copy due to not enough space for final '\0'
in http_chunk_append_read_fd_range() if read size is exactly multiple
of 8k and sending chunked response
2020-10-19 21:40:14 -04:00
Glenn Strauss 6d76f7ce49 [core] fix chunkqueue_compact_mem w/ partial chunk
(bug on master branch; never released)
2020-10-19 21:40:14 -04:00
Glenn Strauss 8abbf621d1 [mod_fastcgi] decode chunked is cold code path
decode chunked from FastCGI backend is cold code path
2020-10-19 21:40:14 -04:00
Glenn Strauss 96abd9cfb8 [core] coalesce nearby ranges in Range requests
Range requests must be HTTP/1.1 or later (not HTTP/1.0)
2020-10-19 21:40:14 -04:00
Glenn Strauss 66d1ec485c [core,mod_deflate] leverage cache of open fd
leverage simple cache of open file in stat_cache
(use stat_cache_get_entry_open())

future: reference count fd instead of dup()
  (requires extending chunkqueue interfaces)
2020-10-19 21:40:14 -04:00
Glenn Strauss d8e5e21eb7 [core] stat_cache_get_entry_open()
simple interface to cache open file by extending struct stat_cache_entry

future: should probably create fd cache separate from stat_cache,
        perhaps along w/ http-specific fields like etag and content_type
2020-10-19 21:40:14 -04:00
Glenn Strauss e99126074c [core] pass open fd to http_response_parse_range 2020-10-13 22:31:10 -04:00
Glenn Strauss 6219b861ce [core] http_response_parse_range() const file sz 2020-10-13 22:31:10 -04:00
Glenn Strauss cd2ff4202d [core] remove unused r->content_length
(was parsed Content-Length sent by backend)
(might add back in future along with stricter validation of field value)
2020-10-13 22:31:10 -04:00
Glenn Strauss 55e9f082a9 [core] limit num ranges in Range requests
parse Range header prior to constructing ranged response
2020-10-13 22:31:10 -04:00
Glenn Strauss 2dc3d5faac [mod_gnutls] quiet CLOSE_NOTIFY after conn reset
do not log error after connection reset
2020-10-13 22:31:10 -04:00
Glenn Strauss 496cd8ff44 [mod_mbedtls] quiet CLOSE_NOTIFY after conn reset
do not log error after connection reset
2020-10-13 22:31:10 -04:00
Glenn Strauss f846a392d5 [multiple] use stat_cache_path_isdir() 2020-10-13 22:31:10 -04:00
Glenn Strauss 7d368cd7a5 [core] stat_cache_path_isdir() 2020-10-13 22:31:07 -04:00
Glenn Strauss 14eb97f1b3 [core] dup FILE_CHUNK fd when splitting FILE_CHUNK 2020-10-11 12:19:27 -04:00
Glenn Strauss 2b4166fb74 [core] fdevent_dup_cloexec() 2020-10-11 12:19:27 -04:00
Glenn Strauss ad22eebd23 [mod_ssi] use stat_cache_open_rdonly_fstat() 2020-10-11 12:19:27 -04:00
Glenn Strauss b7370a6d46 [core] save errno around close() if fstat() fails
(should not happen, since file was just opened)
2020-10-11 12:19:27 -04:00
Glenn Strauss e2c832122b [mod_deflate] fix potential NULL deref in err case
(bug on master branch; never released)
2020-10-11 12:19:27 -04:00
Glenn Strauss 4d6d1e790a [multiple] use light_btst() for hdr existence chk 2020-10-11 12:19:27 -04:00
Glenn Strauss bd8edb51d0 [core] allow symlinks under /dev for rand devices
(fix code to match comment)
2020-10-11 12:19:27 -04:00
Glenn Strauss 874707cd66 [TLS] use fdevent_load_file_bytes() for STEK file
remove direct dependency on <unistd.h> from lighttpd TLS modules
2020-10-11 12:19:27 -04:00
Glenn Strauss 771ebd39a9 [core] fdevent_load_file_bytes()
wrapper to load defined number of bytes from file at given offset
2020-10-11 12:19:27 -04:00
Glenn Strauss ee1f7af24d [core] be more precise checking streaming flags 2020-10-11 12:19:27 -04:00
Glenn Strauss f7fc8d8d75 [core] connection_joblist global
con->srv->joblist is expensive to traverse when cache is cold
and called from connection_handle_fdevent(); var made a global
2020-10-11 12:19:27 -04:00
Glenn Strauss 01f90c58ef [core] walk queue in connection_write_chunkqueue()
walk chunkqueue up to first FILE_CHUNK (if present)
This may incur memory load misses for pointer chasing, but effectively
preloads part of the chunkqueue, something which used to be a side
effect of a previous (less efficient) version of chunkqueue_length()
which walked the entire chunkqueue (on each and every call).  The loads
here make a measurable difference in performance in underlying call to
2020-10-11 12:19:27 -04:00
Glenn Strauss f1136f7897 [core] short-circuit connection_write_throttle()
short-circuit connection_write_throttle() when throttling not enabled
2020-10-11 12:19:27 -04:00
Glenn Strauss 7c1e81299f [core] handle unexpected EOF reading FILE_CHUNK
(replace existing check which suffered from ToC-ToU race condition)
enhances logic from 2015 commit 593599f1 and avoids repeated fstat()
checks when sending large files

For mmap(), lighttpd catches SIGBUS if file is (externally) truncated
and lighttpd attempts to access bytes in a read-only mapping more than
a memory page boundary following the end of the file.

For sendfile(), lighttpd returns an error if sendfile() reports no error
and that no bytes have been sent after lighttpd attempts to send a
non-zero number of bytes.
2020-10-11 12:19:27 -04:00
Glenn Strauss a8398e4596 [core] defer handling FDEVENT_HUP and FDEVENT_ERR
defer handling FDEVENT_HUP and FDEVENT_ERR to after processing
(connection *) in order to have a chance to read data in kernel
socket buffers
2020-10-11 12:19:27 -04:00
Glenn Strauss 52d9b0da88 [core] server_run_con_queue()
func to run queued (connection *) jobs
2020-10-11 12:19:27 -04:00
Glenn Strauss a3001b968f [core] propagate state after writing
(perf) avoid reload miss after partial write of chunkqueue data
2020-10-11 12:19:27 -04:00
Glenn Strauss 81029b8b51 [multiple] inline chunkqueue where always alloc'd
inline struct chunkqueue where always allocated in other structs

(memory locality)
2020-10-11 12:19:27 -04:00
Glenn Strauss 8b382a81c7 [multiple] use sock_addr_get_family in more places 2020-10-11 12:19:27 -04:00
Glenn Strauss 86e5f09062 [core] perf adjustments to avoid load miss 2020-10-11 12:19:27 -04:00
Glenn Strauss ed297e7e67 [core] lighttpd -1 supports pipes (e.g. netcat)
lighttpd -1 (one-shot mode) now supports pipes (e.g. with netcat)

  "Is there anyway to run lighttpd in the command line?"
2020-10-11 12:19:27 -04:00
Glenn Strauss 94c4c63773 [core] graceful shutdown timeout option
server.feature-flags += ("server.graceful-shutdown-timeout" => 10)

After receiving SIGINT or SIGUSR1, lighttpd will gracefully shutdown,
waiting for existing connections to complete.  In the case of SIGUSR1,
this wait occurs before restarting lighttpd.  The default timeout is
none (unlimited).

When "server.graceful-shutdown-timeout" option is set, it defines the
number of seconds that lighttpd will wait for existing connections to
complete before shutting down the connection.

Sites which expect large uploads or downloads, or those with very slow
clients, might want to set a much longer timeout, e.g 60 seconds

For more immediate graceful restarts, while still allowing existing
connections time to complete, sites should additionally consider
whether or not
  server.feature-flags += ("server.graceful-restart-bg" => "enable")
is appropriate and compatible with their lighttpd.conf settings
2020-10-11 12:19:27 -04:00
Glenn Strauss 76bd8bba9a [mod_ssi] init status var before waitpid() 2020-10-11 12:19:27 -04:00
Glenn Strauss 352d5d776d [core] graceful and immediate restart option
graceful and (nearly) immediate lighttpd restart option

For *some* configurations, it *may* be safe to background the current
lighttpd server (or workers) to continue processing active requests
and, in parallel, to start up a new lighttpd server with a new
configuration.  For other configurations, doing so might not be safe!

Therefore, this option must be explicitly configured to enable:
  server.feature-flags += ("server.graceful-restart-bg" => "enable")
  server.systemd-socket-activation = "enable"

Along with enabling server.feature-flags "server.graceful-restart-bg",
enabling server.systemd-socket-activation allows transfer of open
listening sockets to the new lighttpd server instance, and occurs
without closing the listening sockets and without destroying the
kernel listen backlog queue on the socket.

Safe configurations may include lighttpd.conf which connect to
standalone backend daemons, e.g. proxying to other servers,
including PHP-FPM backends.

Unsafe configurations include lighttpd.conf which use "bin-path" option
in *.server configs, instructing lighttpd to execute the backends.
Using the graceful-and-immediate-restart option is likely *unsafe* if
the backend daemon expects only one instance of itself to run at a time.

Current implementation of graceful and immediate restart option keeps
the backgrounded lighttpd in the same process group, so that subsequent
SIGINT or SIGTERM will shut down both the new and the backgrounded
servers.  (An alternative option (commented out in the code) is to
background and detach from the new lighttpd process.)  Regardless,
existing subprocesses, such as CGI, remain in original process group.
As a result, the new lighttpd server may receive SIGCHLD for unknown
processes inherited from the old server, which the new lighttpd server
will reap and discard.  The original lighttpd server, now a child, will
be unable to detect exit or reap and report status on those pre-existing

Graceful restart is triggered in lighttpd by sending lighttpd SIGUSR1.
If lighttpd is configured with workers, then SIGINT (not SIGUSR1) is
sent to the process group, including other processes started by
lighttpd, e.g. CGI.  To work well with graceful restart, CGI scripts and
other processes should trap SIGINT (and SIGUSR1 for good measure).
Long-running scripts may want to checkpoint and close, e.g. a CGI script
implementing a long-running websocket connection.
2020-10-11 12:19:27 -04:00
Glenn Strauss f779d354a2 [core] config_plugin_value_tobool() accept "0","1" 2020-10-11 12:19:27 -04:00
Glenn Strauss 1a64c9e2f7 [core] reuse r->start_hp.tv_sec for r->start_ts
(remove duplicated field from (request_st *))
2020-10-11 12:19:27 -04:00
Glenn Strauss 660d719a2a [multiple] code reuse chunkqueue_peek_data()
code reuse of chunkqueue_peek_data() and chunkqueue_read_data()
2020-10-11 12:19:27 -04:00
Glenn Strauss 29e66e70e2 [mod_magnet] magnet.attract-response-start-to

add option to run lua scripts in lighttpd response start hook

allows for response header manipulation

new params provide read-only access:

allows for content manipulation if the response body is complete

The HTTP response status can be accessed in lua via
lighty.env["response.http-status"] and should be checked, as
appropriate, prior to body manipulation.  The value is non-zero
in response start hook (magnet.attract-response-start-to), but is
likely to be 0 in scripts run from other lighttpd hooks earlier in
request processing,
e.g. magnet.attract-raw-url-to or magnet.attract-physical-path-to

Caller should check lighty.env["response.body-length"]
is a smaller and sane amount to read into memory and copy
a second time into lua data structures.  The value is lua nil
if the response body is not yet complete (or if it is >= 2GB-1)

Loading the response body (and all mod_magnet lua scripts) are
executed serially (blocking) in lighttpd, so its use is highly
discouraged on large files.  The body can be accessed in lua via
lighty.env["response.body"] if the response body is complete.
(recommended config option: = 0 (default)
 if mod_magnet scripts must process the response body)

Modifying HTTP response status and response body has not changed
and is achieved by setting lua script return value and modifying
the lighty.content lua table.

(note: mod_magnet, mod_setenv, mod_deflate, mod_expire have their
 response start hooks run in the order listed in server.modules)
2020-10-11 12:19:27 -04:00
Glenn Strauss 16a70b9253 [multiple] TLS modules use chunkqueue_peek_data() 2020-10-11 12:19:27 -04:00
Glenn Strauss 6c68e14940 [core] chunkqueue_{peek,read}_data(), squash
chunkqueue_peek_data(), chunkqueue_read_data(), chunkqueue_read_squash()
shared code for chunkqueue manipulation
2020-10-11 12:19:27 -04:00
Glenn Strauss 362be7b3bb [core] relay 1xx from backend over HTTP/1.1
relay 1xx from backend over HTTP/1.1, e.g. 103 Early Hints
(if client is connected using HTTP/1.1)

enabled by default unless disabled in lighttpd.conf with:
  server.feature-flags += ( "server.h1-discard-backend-1xx" = "enable" )

Warning: backends which send 103 Early Hints should check User-Agent
before doing so since naive clients might not handle unexpected 1xx.
Some clients may take the 1xx response as the final response, expecting
only one response.  Some clients might not properly handle 100 Continue
if the client did not send Expect: 100-continue with the request. Security Considerations

  An HTTP Status Code for Indicating Hints (103 Early Hints)
2020-10-11 12:19:27 -04:00
Glenn Strauss 869c778aa7 [core] relay 1xx from backend over HTTP/2
relay 1xx from backend over HTTP/2, e.g. 103 Early Hints
(if client is connected using HTTP/2)

enabled by default unless disabled in lighttpd.conf with:
  server.feature-flags += ( "server.h2-discard-backend-1xx" = "enable" )

Warning: backends which send 103 Early Hints should check User-Agent
before doing so since naive clients might not handle unexpected 1xx.
Some clients may take the 1xx response as the final response, expecting
only one response.  Some clients might not properly handle 100 Continue
if the client did not send Expect: 100-continue with the request. Security Considerations

  An HTTP Status Code for Indicating Hints (103 Early Hints)
2020-10-11 12:19:26 -04:00
Glenn Strauss 10d9d14633 [core] reload c after chunkqueue_compact_mem()
reload c = cq->first after calling chunkqueue_compact_mem()
2020-10-11 12:19:26 -04:00
Glenn Strauss edbfe36563 [core] support multiple 1xx responses from backend
support multiple 1xx intermediate responses from backends

Currently, all 1xx responses from backends are discarded.
In the future, these 1xx responses may be forwarded to the client
(when lighttpd also configured = 1 or = 2)
2020-10-11 12:19:26 -04:00
Glenn Strauss 7a3098398c [core] connection_check_expect_100()
isolate code to check for Expect: 100-continue
(separate out from code to read request body)
2020-10-11 12:19:26 -04:00
Glenn Strauss a330746f06 [TLS] error if inherit empty TLS cfg from globals
error if $SERVER["socket"] inherits empty TLS config from global scope
and ssl.engine = "enable" in the $SERVER["socket"]
2020-10-11 12:19:26 -04:00
Glenn Strauss 5ba175269a [core] skip ls-hpack decode work unused by lighttpd
define LSHPACK_DEC_CALC_HASH 0 to skip work whose results are not used
by lighttpd
2020-10-11 12:19:26 -04:00
Glenn Strauss 3fbb5773e9 [core] http_header_e <=> lshpack_static_hdr_idx
map enum http_header_e to enum lshpack_static_hdr_idx
map enum lshpack_static_hdr_idx to enum http_header_e
2020-10-11 12:19:26 -04:00
Glenn Strauss 367f30a645 [multiple] extend enum http_header_e list 2020-10-11 12:19:26 -04:00
Glenn Strauss 2e0676fd6d [core] extend (data_string *) to store header id
(optional addition to (data_string *), used by http_header.[ch])

extend (data_string *) instead of creating another data_* TYPE_*
  (new data type would probably have (data_string *) as base class)
  (might revisit choice in the future)

HTTP_HEADER_UNSPECIFIED has been removed.  It was used in select
locations as an optimization to avoid looking up enum header_header_e
before checking the array, but the ordering in the array now relies
on having the id.  Having the id allows for a quick check if a common
header is present or not in the htags bitmask, before checking the
array, and allows for integer comparison in the log(n) search of the
array, instead of strncasecmp().

With HTTP_HEADER_UNSPECIFIED removed, add optimization to set bit
in htags for HTTP_HEADER_OTHER when an "other" header is added,
but do not clear the bit, as there might be addtl "other" headers
2020-10-11 12:19:26 -04:00
Glenn Strauss 68ec5ad642 [core] array.[ch] using uint32_t instead of size_t 2020-10-11 12:19:26 -04:00
Glenn Strauss 92e5a021d2 [core] http_header_hkey_get_lc() for HTTP/2
header field-names are required to be lowercase for HTTP/2
so specialize http_header_hkey_get() as http_header_hkey_get_lc()
for simpler comparison

lowercase field-names in http_headers[], as it does not matter for
buffer_eq_icase_ssn(), which is used with http_headers[] for HTTP/1.x
2020-10-11 12:19:26 -04:00
Glenn Strauss babf0d0e4c [core] separate http_header_e from _htags bitmask
separate http_header_e index from r->{rqst,resp}_htags bitmask
(allows http_header_e remain 32-bit and to be used in array indexes
 while also allowing r->{rqst,resp}_htags to grow to 64-bits wide
 in the future, without requiring invasive changes)
2020-10-11 12:19:26 -04:00
Glenn Strauss 9c8981a7d1 [core] tst,set,clr macros for r->{rqst,resp}_htags 2020-10-11 12:19:26 -04:00
Glenn Strauss c58b95f297 [core] light_isupper(), light_islower()
more efficient char checks
(replace one comparision and one branch with one subtraction)
2020-10-11 12:19:26 -04:00
Glenn Strauss 327de98b38 [core] adjust response header prep for common case 2020-10-11 12:19:26 -04:00
Glenn Strauss c88d373507 [core] Content-Length in http_response_send_file() 2020-10-11 12:19:26 -04:00
Glenn Strauss c3a85c9bf5 [mod_wolfssl] standalone module
standalone module forked from mod_openssl
2020-10-11 12:19:26 -04:00
Glenn Strauss 1d9709b8ab [core] update HTTP status codes list from IANA 2020-10-11 12:19:26 -04:00
Glenn Strauss 38620b10bc [core] cold h2_log_response_header*() funcs 2020-10-11 12:19:26 -04:00
Glenn Strauss 97e314fc9e [multiple] inline chunkqueue_length() 2020-10-11 12:19:26 -04:00
Glenn Strauss 3a766d3d02 [mod_webdav] preserve bytes_out when chunks merged 2020-10-11 12:19:26 -04:00
Glenn Strauss 9f8a896891 [mod_ssi] update chunk after shell output redirect
chunkqueue_update_file() to update size of file chunk after
redirecting shell output to file fd
2020-10-11 12:19:26 -04:00
Glenn Strauss dbd458a0e6 [core] set r->state in h2.c
allow h2.c layer to modify r->state in addition to r->h2state

Do not retire/release r on error if trailers (as opposed to headers)
(stream r was just allocated in the same scope for headers,
 so ok to release)
2020-10-11 12:19:26 -04:00
Glenn Strauss 4474e6117f [core] log stream id with debug.log-state-handling
log stream id with debug.log-state-handling in

(id will be 0 for HTTP/2 connection, but not for streams on connection)
(id will be 0 for HTTP/1.x requests)
2020-10-11 12:19:26 -04:00
Glenn Strauss 05ff9c570e [core] combine Cookie request headers with ';'
(thx avij)

clients should send a single Cookie header with multiple cookie values
separated with ';'.

However, HTTP/2 loosens this requirement for Cookie.
  Section Compressing the Cookie Header Field
and some HTTP/2 clients (Chrome, Firefox) send multiple
'cookie:' headers in a HEADERS frame.
2020-10-11 12:19:26 -04:00
Glenn Strauss c946b198a3 [core] code size: disable XXH64(), XXH3()
only XXH32() is used by ls-hpack, so disable XXH64() and XXH3()
to reduce code size.  (This maybe be changed in the future if
XXH64() or XXH3() are utilitized for their performance)
2020-10-11 12:19:26 -04:00
Glenn Strauss f52a10545a [mod_openssl] clarify trace w/ deprecated options 2020-10-11 12:19:26 -04:00
Glenn Strauss f2e4e83a85 [mod_dirlisting] fix config parsing crash
(bug on master branch; never released)

(thx avij)

update doc that dir-listing.hide-dotfiles = "enable" by default
since lighttpd 1.4.40
2020-10-11 12:19:26 -04:00
Glenn Strauss 32d4569512 [core] xxhash no inline hints; let compiler choose 2020-10-11 12:19:26 -04:00
Glenn Strauss a25aeaa2f6 [build] remove ls-hpack/deps
xxHash is provided separately by lighttpd src/algo_xxhash.[ch]
2020-10-11 12:19:26 -04:00
Glenn Strauss 5ec59999dd [build] modify build, includes for xxHash v0.8.0 2020-10-11 12:19:26 -04:00
Glenn Strauss 85c1a1743e [core] import xxHash v0.8.0
import xxhash.[ch] as algo_xxhash.[ch]
tag: v0.8.0 94e5f23e736f2bb67ebdf90727353e65344f9fc0
2020-10-11 12:19:26 -04:00
Glenn Strauss 156e1da2ae [core] rename splaytree.[ch] to algo_splaytree.[ch] 2020-10-11 12:19:26 -04:00
Glenn Strauss 3ffb195532 [core] move djbhash(), dekhash() to algo_md.h 2020-10-11 12:19:26 -04:00
Glenn Strauss 6c8160e5a4 [core] rename md5.[ch] to algo_md5.[ch] 2020-10-11 12:19:26 -04:00
Glenn Strauss 044c8e80e5 [core] use djbhash in gw_backend to choose host
djbhash() is faster and more cache-friendly than is crc32c()
2020-10-11 12:19:26 -04:00
Glenn Strauss a3af9833c6 [core] fix crash on master if blank line request
(bug on master branch; never released)

(thx avij)

fix crash on master if blank line precedes HTTP/1.1 keep-alive request

header parsing code previously made assumptions that request was
HTTP/1.0 or HTTP/1.1, where a request-line was required, and which
would error out elsewhere if request-line was missing.  The parsing
code also previously looked for "\r\n\r\n" to end headers.

The header offset parsing code was modified and invalidated the above
assumptions, now looking only for blank line "\r\n", but the calling
code had not properly been updated.  (until this patch)
2020-10-11 12:19:26 -04:00
Glenn Strauss 5a694281da [core] ls-hpack optimizations
  lighttpd does not require HTTP/1.1 output compat from HPACK decoder
  ("field-name: value\r\n")

define NDEBUG (in ls-hpack/lshpack.c)
  lighttpd spends upwards of 20% total lighttpd CPU time in HPACK
  encode/decode in h2load test on static file over cleartext (not TLS)
  Defining NDEBUG eliminates some asserts() and results in a small
  but measurable reduction in CPU usage
2020-10-11 12:19:26 -04:00
Glenn Strauss 4656d91889 [core] document algorithm used in lighttpd etag
Donald E. Knuth
The Art Of Computer Programming Volume 3
Chapter 6.4, Topic: Sorting and Search
2020-10-11 12:19:26 -04:00
Glenn Strauss 5547530a01 [core] do not require '\0' term for k,v hdr parse
no longer require '\0' terminated z-string for key,value header parsing
2020-10-11 12:19:26 -04:00
Glenn Strauss 5fd8a26a75 [core] defer optimization to read small files
defer optimization to read small files into memory until after
response_start hooks have a chance to run, e.g. until after
mod_deflate chooses whether or not to serve file from compressed
cache, if deflate.cache-dir is configured
2020-10-11 12:19:24 -04:00
Glenn Strauss 3baef447b3 [core] fix crash on master after graceful restart
(bug on master branch; never released)

(thx nate)
2020-10-11 11:43:06 -04:00
Glenn Strauss d8b88be056 [core] move connections_get_state to connections.c
connections_get_state() is used only in connections.c for debugging
2020-10-11 11:43:06 -04:00
Glenn Strauss 0f9ec8b755 [mod_status] dedicated funcs for r->state labels
fork connection_get_state() for use by mod_status, which
might in the future choose to display different labels.
move and rename connection_get_short_state() into mod_status,
as the func is used only by mod_status

(connection_get_state() is currently used elsewhere only for debugging
 in connections.c)
2020-10-11 11:43:06 -04:00
Glenn Strauss 878073d1c9 [core] keep pool of (request_st *) for HTTP/2 2020-10-11 11:43:06 -04:00