Commit Graph

62 Commits

Author SHA1 Message Date
Glenn Strauss a0029b21a1 [core] remove r->uri.path_raw; generate as needed
(r->uri.path_raw previously duplicated from r->target, minus query-part)
2020-07-08 19:54:29 -04:00
Glenn Strauss 7c7f8c467c [multiple] split con, request (very large change)
NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access)

NB: request read and write chunkqueues currently point to connection
    chunkqueues; per-request and per-connection chunkqueues are
    not distinct from one another
      con->read_queue  == r->read_queue
      con->write_queue == r->write_queue

NB: in the future, a separate connection config may be needed for
    connection-level module hooks.  Similarly, might need to have
    per-request chunkqueues separate from per-connection chunkqueues.
    Should probably also have a request_reset() which is distinct from
2020-07-08 19:54:29 -04:00
Glenn Strauss cc2134c88b [multiple] copy small struct instead of memcpy()
when patching config
2020-07-08 19:54:29 -04:00
Glenn Strauss 31d9495330 [core] store subrequest_handler instead of mode
store pointer to module in handler_module instead of con->mode id
2020-07-08 19:54:29 -04:00
Glenn Strauss 8131e4396d [core] move addtl request-specific struct members 2020-07-08 19:54:29 -04:00
Glenn Strauss 1474be7859 [core] move addtl request-specific struct members 2020-07-08 19:54:29 -04:00
Glenn Strauss ca97505a72 [multiple] store srv->tmp_buf in tb var
rather than using srv->tmp_buf directly in code modifying temp buf (tb)
2020-07-08 19:54:28 -04:00
Glenn Strauss 03b4c993d2 [multiple] generic config array type checking 2020-07-08 19:54:28 -04:00
Glenn Strauss 50bdb55de8 [multiple] connection hooks no longer get (srv *)
(explicit (server *) not passed; available in con->srv)
2020-07-08 19:54:28 -04:00
Glenn Strauss 010c28949c [multiple] prefer (connection *) to (srv *)
convert all log_error_write() to log_error() and pass (log_error_st *)

use con->errh in preference to srv->errh (even though currently same)

avoid passing (server *) when previously used only for logging (errh)
2020-07-08 19:54:28 -04:00
Glenn Strauss c193da3404 [core] split cond cache from cond matches 2020-07-08 18:08:52 -04:00
Glenn Strauss b73949e03f [multiple] plugin.c handles common FREE_FUNC code
(simpler for modules; less boilerplate to cut-n-paste)
2020-07-08 18:08:51 -04:00
Glenn Strauss cdf27138fd [mod_redirect] use config_plugin_values_init() 2020-07-08 18:08:51 -04:00
Glenn Strauss e2de4e581e [core] const char *name in struct plugin
put void *data (always used) as first member of struct plugin

add int nconfig member to PLUGIN_DATA

calloc() inits p->data to NULL
2020-05-23 17:59:29 -04:00
Glenn Strauss 2c43ae73dd [mod_redirect,mod_rewrite] store context_ndx
store config context_ndx instead of data_config *dc
2020-05-23 17:59:29 -04:00
Glenn Strauss 36f64b26a1 [core] simpler config_check_cond()
optimize for common case where condition has been evaluated for
the request and a cached result exists

(also: begin isolating data_config)
2020-05-23 17:59:29 -04:00
Glenn Strauss c2238256e2 [core] inline array as part of data_array value
(instead of value being (array *))
2020-02-24 11:15:32 -05:00
Glenn Strauss 601c572c39 [core] inline buffer as part of data_string value
(instead of value being (buffer *))
2020-02-24 11:15:32 -05:00
Glenn Strauss 47a758f959 [core] inline buffer key for *_patch_connection()
handle buffer key as part of DATA_UNSET in *_patch_connection()
(instead of key being (buffer *))
2020-02-24 11:15:32 -05:00
Glenn Strauss ad9b7e009b [core] inline buffer as part of DATA_UNSET key
(instead of key being (buffer *))
2020-02-24 11:15:32 -05:00
Glenn Strauss 83535bbef3 [core] differentiate array_get_* for ro and rw
array_get_element_klen() is now intended for read-only access
array_get_data_unset() is used by config processing for r/w access
array_get_buf_ptr() is used for r/w access to ds->value (string buffer)
2020-02-24 11:15:32 -05:00
Mohammed Sadiq 6a988bb0d0 [multiple] cleaner calloc use in SETDEFAULTS_FUNC
github: closes #99

  "cleaner calloc use in SETDEFAULTS_FUNC"
2019-04-20 02:09:04 -04:00
Glenn Strauss f0df89a996 [mod_redirect,mod_rewrite] use server_name
use server_name for authority if Host not provided
(Host is not required in HTTP/1.0)
2018-11-18 22:38:47 -05:00
Glenn Strauss 3dd3cde902 [core] abstraction layer for HTTP header manip
convert existing calls to manip request/response headers
convert existing calls to manip environment array (often header-related)
2018-09-23 18:01:58 -04:00
Glenn Strauss 255269d799 [mod_redirect,mod_rewrite] encoding options (fixes #443, fixes #911)
Provide means to encode redirect and rewrite backreference substitutions
  In addition to $1 and %1, the following modifiers are now supported,
  followed by the number for the backreference, e.g. ${esc:1}

  ${noesc:...}  no escaping
  ${esc:...}    escape all non-alphanumeric - . _ ~ incl double-escape %
  ${escape:...} escape all non-alphanumeric - . _ ~ incl double-escape %
  ${escnde:...} escape all non-alphanumeric - . _ ~  but no double-esc %


Provide means to substitute URI parts without needing a regex match
  (and can be preceded by encoding modifier,
     e.g. ${tolower:url.authority})


  ${qsa}        appends query string, if not empty

  "[PATCH] mod_redirect: Add support for url-encoding backreferences, map %%n->%n, $$n->$n"
  "Need for URL encoding in mod_redirect and possibly mod_rewrite"
2018-08-12 14:43:22 -04:00
Glenn Strauss 37900d24b3 [mod_redirect,mod_rewrite] pass request URI info 2018-08-12 14:43:22 -04:00
Glenn Strauss 1c68589c67 [mod_redirect,mod_rewrite] short-circuit earlier
short-circuit earlier if there are no rules to be matched
2018-08-12 14:43:22 -04:00
Glenn Strauss 3eb7902e10 [core] server.http-parseopts URL normalization opt (fixes #1720)
server.http-parseopts = ( ... ) URL normalization options

Note: *not applied* to CONNECT method

Note: In a future release, URL normalization likely enabled by default
  (normalize URL, reject control chars, remove . and .. path segments)
  To prepare for this change, lighttpd.conf configurations should
  explicitly select desired behavior by enabling or disabling:
    server.http-parseopts = ( "url-normalize" => "enable", ... )
    server.http-parseopts = ( "url-normalize" => "disable" )

  "lighttpd ... compares URIs to patterns in the (1) url.redirect and (2) url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data."
  "Rewrite/redirect rules and URL encoding"
2018-08-12 14:43:22 -04:00
Glenn Strauss c56b21084e [core] http_kv.[ch] method, status, version str
move method, status, version strings from keyvalue.[ch] to http_kv.[ch]
2018-08-05 03:44:15 -04:00
Glenn Strauss cf9474aa2c [mod_redirect, mod_rewrite] code reuse (sharing) 2018-08-05 03:44:15 -04:00
Glenn Strauss 04d76e7afd [core] some header cleanup
provide standard types in first.h instead of base.h
provide lighttpd types in base_decls.h instead of settings.h
reduce headers exposed by headers for core data structures
  do not expose <pcre.h> or <stdlib.h> in headers
move stat_cache_entry to stat_cache.h
reduce use of "server.h" and "base.h" in headers
2018-04-08 22:22:23 -04:00
Glenn Strauss cb371557e5 [core] merge redirect/rewrite pattern substitution
merge redirect/rewrite pattern substitution function (share code)
2018-01-10 01:39:05 -05:00
Glenn Strauss bd77abe0f8 [config] more specific checks for array lists
More specific checks on contents of array lists.  Each module using
lists now does better checking on the types of values in the list
(strings, integers, arrays/lists)

This helps prevent misconfiguration of things like cgi.assign,
fastcgi.server, and scgi.server, where source code might be
served as static files if parenthesis are misplaced.

2017-03-08 11:42:59 -05:00
Glenn Strauss 186e7073fb [mod_redirect,mod-rewrite] short-circuit if blank replacement (fixes #2085)
  "null redirects for mod_redirect"
2016-04-14 16:01:45 -04:00
Glenn Strauss 8abd06a7ff consistent inclusion of config.h at top of files (fixes #2073)
From: Glenn Strauss <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2016-03-19 15:14:35 +00:00
Stefan Bühler c512345fa2 [config] check config option scope; warn if server option is given in conditional
From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-11-07 12:51:11 +00:00
Stefan Bühler 33cebeb0f7 fix segfaults in many plugins if they failed configuration
From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-05-14 09:38:33 +00:00
Stefan Bühler ad3e93ea96 Use buffer API to read and modify "used" member
- a lot of code tried to handle manually adding terminating zeroes and
  keeping track of the correct "used" count.
  Replaced all "external" usages with simple wrapper functions:
  * buffer_string_is_empty (used <= 1), buffer_is_empty (used == 0);
    prefer buffer_string_is_empty
  * buffer_string_set_length
  * buffer_string_length
  * CONST_BUF_LEN() macro
- removed "static" buffer hacks (buffers pointing to constant/stack
  memory instead of malloc()ed data)
- buffer_append_strftime(): refactor buffer+strftime uses
- li_tohex(): no need for a buffer for binary-to-hex conversion:
  the output data length is easy to predict
- remove "-Winline" from extra warnings: the "inline" keyword just
  supresses the warning about unused but defined (static) functions;
  don't care whether it actually gets inlined or not.

From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-02-08 19:10:44 +00:00
Stefan Bühler 6afad87d2e fix buffer, chunk and http_chunk API
* remove unused structs and functions
    (buffer_array, read_buffer)
  * change return type from int to void for many functions,
    as the return value (indicating error/success) was never checked,
    and the function would only fail on programming errors and not on
    invalid input; changed functions to use force_assert instead of
    returning an error.
  * all "len" parameters now are the real size of the memory to be read.
    the length of strings is given always without the terminating 0.
  * the "buffer" struct still counts the terminating 0 in ->used,
    provide buffer_string_length() to get the length of a string in a
    unset config "strings" have used == 0, which is used in some places
    to distinguish unset values from "" (empty string) values.
  * most buffer usages should now use it as string container.
  * optimise some buffer copying by "moving" data to other buffers
  * use (u)intmax_t for generic int-to-string functions
  * remove unused enum values: UNUSED_CHUNK, ENCODING_UNSET
  * converted BUFFER_APPEND_SLASH to inline function (no macro feature
  * refactor: create chunkqueue_steal: moving (partial) chunks into another
  * http_chunk: added separate function to terminate chunked body instead of
    magic handling in http_chunk_append_mem().
    http_chunk_append_* now handle empty chunks, and never terminate the
    chunked body.

From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-02-08 12:37:10 +00:00
Stefan Bühler 4a6838103d [mod_dirlisting,mod_redirect,mod_rewrite] abort config parsing if pcre-compile fails or isn't available
From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2014-10-16 17:52:12 +00:00
Stefan Bühler 6f208cfde1 fix/silence bugs reported by ccc-analyzer (clang)
These should all be non critical:
 * memory leaks on startup in error cases (which lead to
   immediate shutdowns anyway)
 * http_auth/ldap: passing uninitialized "ret" to ldap_err2string
 * sizeof(T) not matching the target pointer in malloc/calloc calls;
   those cases were either:
   * T being the wrong pointer type - shouldn't matter as long as all
     pointers have same size
   * T being larger than the type needed
 * mod_accesslog: direct use after free in cleanup (server shutdown);
   could crash before "clean" shutdown
 * some false positives (mod_compress, mod_expire)
 * assert(srv->config_context->used > 0); - this is always the case,
   as there is always a global config block

From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2013-11-13 11:43:26 +00:00
Stefan Bühler 661efa3f37 fix some bugs found with canalyze (fixes #2484, thx Zhenbo Xu)
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2013-05-15 10:31:07 +00:00
Stefan Bühler 172eeebfaa [mod_redirect] Support url.redirect-code option (fixes #2247)
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-05-30 16:58:34 +00:00
Stefan Bühler 38f2d1ddd7 cleanup fdevent code, removed linux-rtsig handler, replaced some fprintf calls
* use log functions
 * convert flags
 * fix handler callback prototype

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2010-08-06 21:57:15 +00:00
Stefan Bühler f2cd823b40 Fix segfault with broken rewrite/redirect patterns (fixes #2140, found by crypt)
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2010-01-30 21:23:29 +00:00
Stefan Bühler 22e8b456a9 Fix header inclusion order, always include "config.h" before any system header
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2009-10-11 14:31:42 +00:00
Stefan Bühler 4df22f2a32 Fix issues found with clang analyzer
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2009-07-21 20:35:27 +00:00
Stefan Bühler 63f785a2f8 Added some extra warning options in cmake and fix the resulting warnings (unused/static functions)
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2009-03-07 21:05:37 +00:00
Stefan Bühler 36f74e5d23 Revert url decoding+simplifying before matching of mod_rewrite/mod_redirect
- Lot of regressions (we forgot to reencode the result)
  - Generic problem: after decode and rewrite "a?b?c": which '?' was the path?query seperator?
  - Possible solution: only decode printable characters (without '?'), and encode the result; do not encode the '%' of a not decoded character.
  - Still a problem with path simplifying, it seems many people use urls like this: http://server1/http%3a//server2/xxx
    and rewrite the path into the querystring.
  - Probably only usable with an extra config option

  => Do NOT use rewrite/redirect to protect specific urls.

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2008-12-07 15:22:42 +00:00
Stefan Bühler 345462a45f Use decoded url for matching in mod_redirect (#1720)
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2008-09-22 10:16:55 +00:00