Commit Graph

2207 Commits

Author SHA1 Message Date
Glenn Strauss 4a68780e1b [mod_scgi] tests/mod-scgi.t unit tests
(copied from tests/mod-fastcgi.t fcgi-responder tests)
2017-01-31 14:36:15 -05:00
Glenn Strauss d246656f5b [mod_ssi] send #exec cmd="..." output to temp file
prior code could leak pipe fd if ioctl() failed
prior code could leak pid (zombie) if waitpid() interrupted 4x
prior code could deadlock if child produced too much output and
  blocked in writing output while parent waited for child to exit

NOTE: mod_ssi #exec cmd="..." is still executed synchronously
      and *blocks* entire lighttpd server while executing.
2017-01-31 14:36:15 -05:00
Glenn Strauss acc37c1cbc [mod_openssl] use TLS SNI to set host-based certs
and then allow HTTP Host header to set con->uri.authority

remove con->tlsext_server_name
2017-01-31 14:36:15 -05:00
Glenn Strauss 37dac9a23c [core] support Expect: 100-continue with HTTP/1.1 (fixes #377, #1017, #1953, #2438)
support Expect: 100-continue with HTTP/1.1 requests

Ignore config option server.reject-expect-100-with-417;
server.reject-expect-100-with-417 will be removed in a future release.

  "Incorrect handling of the 100 (Continue) Status"
  "'Expect' header gives HTTP error 417"
  "Improve DAV support to be able to handle git as a client"
  "Change server.reject-expect-100-with-417 from flag to regular expression matching the URL"
2017-01-31 14:36:15 -05:00
Glenn Strauss 82feb70588 [core] move con throttling to connections-glue.c
move write throttling code from network.c:network_write_chunkqueue()
to connections-glue.c:connection_write_chunkqueue() and fix the code
to use TCP_CORK only on TCP sockets.
2017-01-31 14:36:15 -05:00
Glenn Strauss afce434e0b [mod_secdownload] new directives modify hash path (fixes #646, fixes #1904)
secdownload.path-segments = <number>
  include only given number of path segments in hash digest calculation

secdownload.hash-querystr = "enable" | "disable"
  include the query string in the hash digest calculation

  "secdownload.path_elements support"
  "mod_secdownload option to include url GET parameters in md5"
2017-01-31 14:36:15 -05:00
Glenn Strauss 4d92366ab2 [mod_setenv] directives to overwrite/remove hdrs (fixes #650, fixes #2295)
directives to set value, rather than append values to headers, env
These directives take precedence over the setenv.add-* counterparts

Set a blank value for request or response header to remove the header
(blank value in environment will be set as the value; not removed)

setenv.*-environment is now deferred to handle_request_env hook.
setenv.*-response-header is now processed in handle_response_start hook.

  "set-request-header or remove-request-header support for mod_setenv"
2017-01-31 14:36:15 -05:00
Glenn Strauss d171be31ae [core] do not emit req/response hdrs w/ blank val 2017-01-31 14:36:15 -05:00
Glenn Strauss 20946a8b92 [mod_openssl] allow ssl.verifyclient on url paths (fixes #2245)
re-patch mod_openssl config within the request so that per-request
settings can be applied, such as activating client cert verification
for specific URL paths.

(This can be used in conjunction with auth.backend = "extern"
 to require auth to occur)

  "SSL : authenticate only clients for a particular URL"
2017-01-31 14:36:14 -05:00
Glenn Strauss f54d628cd5 [mod_auth] enable optional authz if extern authn (fixes #2481)
Set auth.extern-authn = "enable" to check REMOTE_USER (if set) against
require rules, and proceed if allowed.  If REMOTE_USER is not present,
or the require rules do not match, then check configured auth scheme.

REMOTE_USER might be set by another module, e.g. mod_openssl client cert
verification and REMOTE_USER configured with ssl.verifyclient.username)

  "[mod_auth] allow SSL clientcert authenticated users to bypass AUTH"
2017-01-31 14:36:14 -05:00
Glenn Strauss 86d0396761 [build] only mod_openssl depends on -lssl
some other modules depend only on -lcrypto, when available,
for SHA1, HMAC, MD5, etc
2017-01-31 14:36:14 -05:00
Glenn Strauss f5356302a7 [mod_geoip] call from handle_request_env hook
(instead of handle_subrequest_start hook)

The handle_request_env hook is called on demand by dynamic handlers
and this change makes mod_geoip available for mod_magnet lua code.
2017-01-31 14:36:14 -05:00
Glenn Strauss d0f17f1e10 [core] move connection_read_cq() to connections.c 2017-01-31 14:36:14 -05:00
Glenn Strauss 8960633dc7 [mod_openssl] move openssl config into mod_openssl
move openssl data structures and config parsing into mod_openssl
2017-01-31 14:36:10 -05:00
Glenn Strauss bdbea2aea8 [mod_openssl] move openssl code into mod_openssl
large code move, but minimal changes made to code (besides whitespace),
so that code builds

next: need to isolate openssl data structures and config parsing
2017-01-14 01:06:16 -05:00
Glenn Strauss 4364a4e029 [core] move network_open_file_chunk() to chunk.c
move network_open_file_chunk() to chunk.c:chunkqueue_open_file_chunk()
for reuse from modules
2017-01-14 01:06:16 -05:00
Glenn Strauss cb9ebe9fa6 [mod_openssl] new module (preliminary layout) 2017-01-14 01:06:16 -05:00
Glenn Strauss cb7ed13621 [core] new plugin hooks to help isolate SSL
handle_request_env        (called on demand by handlers to populate env)
handle_connection_shut_wr (was handle_connection_close)
handle_connection_close   (now occurs at socket close())
2017-01-14 01:06:16 -05:00
Glenn Strauss 2bc94dee82 [core] con interface for read/write; isolate SSL 2017-01-14 01:06:16 -05:00
Glenn Strauss 93fc82c4ac [mod_mysql_vhost] remove dev debug code 2017-01-14 01:06:16 -05:00
Glenn Strauss 1adf1df285 remove redundant calls to end-of-request hooks
The (misnamed) connection_reset hook is always called after a request,
whether request completes or is aborted, and whether keep-alive or not,
so no needed to repeat the same function in the handle_connection_close
2017-01-14 01:06:16 -05:00
Glenn Strauss a801ef55a0 [TLS] mark code that uses -lcrypto but not -lssl
mark code that uses openssl -lcrypto with USE_OPENSSL_CRYPTO
to note that it does not depend on openssl -lssl (USE_OPENSSL)
2017-01-14 01:06:16 -05:00
Glenn Strauss b0d63e31e8 - next is 1.4.46 2017-01-14 01:06:00 -05:00
Glenn Strauss f9b391645f [mod_cgi] check cgi fd for num bytes ready to read
(fix code which incorrectly checked con->fd, which may have resulted
 in suboptimal buffer size for read)
2017-01-13 15:02:53 -05:00
Glenn Strauss 83b2b71527 [tests] give time for periodic jobs to detect exit
give time for periodic jobs to detect backend exit
2017-01-10 19:18:36 -05:00
Glenn Strauss 16f171588f [tests] FCGI_Finish() final request before exit 2017-01-10 18:16:35 -05:00
Glenn Strauss 32443ea1c7 [tests] update test skip count for !fcgi-responder 2017-01-10 17:04:11 -05:00
Glenn Strauss 4f00aafcde [doc] NEWS 2017-01-10 16:24:27 -05:00
Glenn Strauss b03c496298 [TLS] = "disable" for low mem (fixes #2778)
new directive = "enable"/"disable" to control
SSL_CTX_set_read_ahead().  Default "enable".  The "disable" setting
is intended for use on low memory systems with a slow CPU which is
unable to keep up with decryption of large request bodies.

  "larger memory usage for file uploads via SSL on embedded system"
2017-01-10 15:59:50 -05:00
Glenn Strauss be520a8058 [mod_scgi] detect child exit, restart proactively
(instead of detecting upon a subsequent HTTP request)

(for backends spawned by mod_scgi)
2017-01-10 07:55:18 -05:00
Glenn Strauss 64df38aad8 [mod_fastcgi] detect child exit, restart proactively
(instead of detecting upon a subsequent HTTP request)

(for backends spawned by mod_fastcgi)
2017-01-10 07:54:47 -05:00
Glenn Strauss 987a76ff58 [mod_webdav] fix crash when plugin_ctx cleaned up (fixes #2780)
fixes error trace
  (connections.c.273) missing cleanup in webdav

(thx nickrickard)

  "mod_webdav crash with keep-alive (1.4.44)"
2017-01-09 22:27:54 -05:00
Glenn Strauss f57d8c54b4 [mod_cgi] skip local-redir handling if to self (fixes #2779, #2108)
Loosen local redirect handling in mod_cgi to skip handling as local
redirect if the Location matches con->uri.path, since if the request
is intended to redirect back to the same CGI using the same request
method, path info, and query string, the CGI would logically just
return the final intended response.  Loosening this handling avoids a
problem with applications (potentially) accessible through multiple
gateways, where the application is not aware of this specific handling
of Location in the Common Gateway Interface (CGI/1.1), the application
sends abs-path in the Location response header instead of absoluteURI,
and the application expects the client to receive this Location response
header instead of the server to process as a CGI local redirect.

One example of such an application is LuCI,
which sends Set-Cookie with Location: /abs-path

(Note that this loose check for matching con->uri.path is not perfect
 and might not match if the CGI returned a path with a different case
 and the server is on a case-insensitive filesystem, or if the path
 returned by the CGI is rewritten elsewhere to a different con->uri.path
 before getting to mod_cgi.)

RFC3875 CGI 1.1 specification section 6.2.2 Local Redirect Response

  "CGI local-redir handling conflicts with LuCI redirect w/ Set-Cookie"
  "CGI local redirect not implemented correctly"
2017-01-09 22:27:53 -05:00
Glenn Strauss 656f9e454d - next is 1.4.45 2016-12-24 01:07:46 -05:00
Glenn Strauss 367bc5fd28 [doc] NEWS 2016-12-23 20:49:46 -05:00
Glenn Strauss 38d00abd8f [TLS] openssl 1.1.0 makes SSL_OP_NO_SSLv2 no-op
silence coverity warning

openssl 1.1.0 makes SSL_OP_NO_SSLv2 flag a no-op, leading to
logically dead code when used with openssl 1.1.0.  However, the code
is still valid with earlier openssl versions, and so must be preserved.
2016-12-23 07:36:30 -05:00
Stefan Bühler a09d80dfd1 fix SCons fullstatic build with glibc pthreads
[with some modifications by gstrauss]
2016-12-23 02:16:32 -05:00
Glenn Strauss c718064911 [mod_cgi] fall back to pipe() if pipe2() fails
This change should fix an issue with lighttpd on Debian kfreebsd-* arch
  (kfreebsd-amd64 and kfreebsd-i386)
.libs/mod_cgi.o: In function `cgi_create_env':
./src/mod_cgi.c:1103: warning: pipe2 is not implemented and will always fail

lighttpd is single-threaded so there is no race with pipe()
and then fcntl() F_SETFD FD_CLOEXEC on the pair of pipe fds.
Using pipe2() where available is still slightly more efficient
by eliding the syscalls to set FD_CLOEXEC.
2016-12-23 01:51:38 -05:00
Glenn Strauss 2ca402c64d [mod_proxy] proxy.replace-http-host enable/disable
mark directive as taking boolean value, not integer value
2016-12-22 12:44:51 -05:00
Glenn Strauss 15bc2313a4 [tests] mark tests/docroot/www/*.pl scripts a+x 2016-12-22 05:40:37 -05:00
Glenn Strauss 0f4cc0d697 [mod_evhost] fix an incorrect error trace 2016-12-19 02:50:46 -05:00
Glenn Strauss 22ca2778a8 [build] check for pipe2() at configure time
Lack of pipe2() on relic Unix as well as missing on Mac OSX is likely
one reason why threaded web servers such as nginx choose not to support
CGI except via an external service to the process.  Without pipe2(),
race conditions exist and it is not safe for a threaded server to use
pipe() and fork() when the server also does not want to potentially leak
open file descriptors to various unrelated CGI scripts.
2016-12-17 18:07:42 -05:00
Glenn Strauss 9619d643ff [build] compile fixes for AIX
x-ref:  (see comments section)
2016-12-17 17:54:53 -05:00
Glenn Strauss 17f6595e1a [mod_secdownload] warn if SHA used w/o SSL crypto
issue warning at startup, instead of fatal error, if SHA used in
secdownload.algorithm = "..." but mod_secdownload was built without
SSL crypto.  When lighttpd is built without openssl, this allows most
tests/* to be run and pass, except the ones in tests/mod-secdownload.t
which use "hmac-sha1" or "hmac-sha256".

(alternatively, could have made, used isolated tests/secdownload.conf)
2016-12-17 16:56:55 -05:00
Glenn Strauss 6598968796 [mod_proxy] proxy.balance = "sticky" option (fixes #2117)
attempt to route requests to same backends based on requestor (client)
IP address and target host and port of request.

(thx bra)

  "Source IP sticky load balancing patch"
2016-12-17 02:16:21 -05:00
Glenn Strauss 539deb7370 [autobuild] set NO_RDYNAMIC=yes for midipix
(thx Redfoxmoon)
2016-12-16 17:43:10 -05:00
Glenn Strauss 4d7f5737f1 [core] support Transfer-Encoding: chunked req body (fixes #2156)
support Transfer-Encoding: chunked request body in conjunction with = 0

dynamic handlers will still return 411 Length Required if = 1 or 2 (!= 0)
  since CGI-like env requires CONTENT_LENGTH be set
  (and mod_proxy currently sends HTTP/1.0 requests to backends,
   and Content-Length recommended for robust interaction with backend)

  "request: support Chunked Transfer Coding for HTTP PUT"
2016-12-16 16:58:04 -05:00
Glenn Strauss f792d84cf9 [core] fix segfault when parsing a bad config file
(thx goblin)

  "fix a segfault when parsing a bad config file"

github: closes #75
2016-12-16 08:38:53 -05:00
Glenn Strauss ede9b3fc4c [core] consolidate duplicated read-to-close code
more efficiently detect end-of-stream when closing connection

log fd prior to resetting fd to -1 when log_state_handling enabled
2016-12-13 18:47:08 -05:00
Glenn Strauss c367b1ca80 [mod_ssi] implement, ignore <!--#comment ... --> 2016-12-11 13:25:07 -05:00