Commit Graph

3048 Commits (61785d868fb66046a00ed52b4cc928062a7ec741)

Author SHA1 Message Date
Glenn Strauss 61785d868f [core] array keys are non-empty in key-value list 2020-02-24 11:15:32 -05:00
Glenn Strauss db5ff222e4 [core] short-circuit path to clear request.headers
short-circuit path to clear con->request.headers if entire size of
all request headers is <= BUFFER_MAX_REUSE_SIZE

clear (reset) data_string key and value upon reuse
2020-02-24 11:15:32 -05:00
Glenn Strauss 5d9bfc9a76 [core] remove unused members of struct server 2020-02-24 11:15:32 -05:00
Glenn Strauss 10d71279ae [core] uint32_t for struct buffer sizes 2020-02-24 11:15:32 -05:00
Glenn Strauss 62e97967ca [core] prefer uint32_t to size_t in base.h
even 2 billion is way larger than even extreme operating values
expected for the members in base.h

include some structs directly in struct server, rather than by ptr
2020-02-24 11:15:32 -05:00
Glenn Strauss ddb78f75ee [core] remove unused array_reset() 2020-02-24 11:15:32 -05:00
Glenn Strauss 785037dded [core] http_header.c internal inline funcs 2020-02-24 11:15:32 -05:00
Glenn Strauss 70b5d729ae [core] mark some data_* funcs cold
mark funcs cold if seldom used or used only at startup config processing

mark most data_config_* funcs cold


2020-02-24 11:15:32 -05:00
Glenn Strauss b2991c686d [core] perf: array.c performance enhancements
mark array_get_index() as hot, rewrite to be pure and return sorted pos

mark routines as pure, as appropriate

mark routines as cold if used only at startup for config processing

mark params const, as appropriate

array_get_buf_ptr() for modifiable value buffer after insert into array

uint32_t used and size members instead of size_t

remove a->unique_ndx member; simply add to end of array for value lists
remove du->is_index_key member; simply check buffer_is_empty(du->key)

array_insert_key_value() used to be a hint that lookup could be skipped,
but the state from array_get_index() is now saved and reused internally,
so the distinction is no longer needed.  Use array_set_key_value().
2020-02-24 11:15:32 -05:00
Glenn Strauss 2fd0faf1bf [mod_extforward] simplify code: use light_isxdigit 2020-02-24 11:15:32 -05:00
Glenn Strauss d58787189a [core] handle common case of alnum or - field-name
handle common case of alnum or - field-name before calling
2020-02-24 11:15:32 -05:00
Glenn Strauss 71a7b54947 [core] more 'const' in request.c prototypes 2020-02-24 11:15:32 -05:00
Glenn Strauss 36f3206a4c [core] pass ptr to http_request_parse() 2020-02-24 11:15:32 -05:00
Glenn Strauss 8223903e50 [core] inline connection_read_header()
inline connection_read_header() into connection_handle_read_state()

(The large stack usage prevents the compiler from inlining the routine,
 but if we enter connection_handle_read_state(), then we are going to
 be running connection_read_header(), so put them together)
2020-02-24 11:15:32 -05:00
Glenn Strauss 11f3dd896b [core] perf: connection_read_header_hoff() hot 2020-02-24 11:15:32 -05:00
Glenn Strauss ec2ff2c6ae [core] perf: connection_read_header_more()
additional header parsing optimization
collect request headers into single buffer for parsing
2020-02-24 11:15:32 -05:00
Glenn Strauss 46d7e9c2ed [core] no need to pass srv to connection_set_state 2020-02-24 11:15:32 -05:00
Glenn Strauss 63e32e8100 [core] perf: HTTP header parsing using \n offsets 2020-02-24 11:15:32 -05:00
Glenn Strauss fa4ab19275 [core] reduce use of struct parse_header_state 2020-02-24 11:15:32 -05:00
Glenn Strauss cdf653f8ce [core] pass con around request, not srv and con
In the cold cases where srv is needed, obtain from con->srv
2020-02-24 11:15:27 -05:00
Glenn Strauss fcd1f57511 [core] connection_chunkqueue_compact() 2020-02-24 11:14:45 -05:00
Glenn Strauss 2ad92d17a1 [core] chunkqueue_compact_mem() 2020-02-24 11:14:45 -05:00
Glenn Strauss d22e7a769d [core] cold buffer_string_prepare_append_resize() 2020-02-24 11:14:45 -05:00
Glenn Strauss c22ec74770 [core] do not pass srv to http header parsing func
srv is retrieved from con->srv in the few cases where needed
2020-02-24 11:14:45 -05:00
Glenn Strauss 80d12919d1 [core] replace connection_set_state w/ assignment
replace connection_set_state() with simple assignment

(only connections.c and connections-glue.c should change con state)
2020-02-24 11:14:45 -05:00
Glenn Strauss be6964f415 [core] use func rc to indicate done reading header 2020-02-24 11:14:45 -05:00
Glenn Strauss 1334436394 [core] store struct server * in struct connection 2020-02-24 11:14:45 -05:00
Glenn Strauss 41944e3be8 [core] add User-Agent to http_header_e enum
recognize as common header

(minor performance enhancement)
2020-02-24 11:14:45 -05:00
Glenn Strauss 9858051d03 [core] remove srv->split_vals 2020-02-24 11:14:45 -05:00
Glenn Strauss bcd5288557 [mod_evhost] use local array to split values 2020-02-24 11:14:45 -05:00
Glenn Strauss 1b08c736ba [mod_flv_streaming] parse query string w/o copying 2020-02-24 11:14:45 -05:00
Glenn Strauss e2b4c309f6 [core] http_header_str_contains_token() 2020-02-24 11:14:45 -05:00
Glenn Strauss 6f803af03c [core] perf: request processing 2020-02-24 11:14:43 -05:00
Glenn Strauss 2230b08ef4 - next is 1.4.56 2020-01-31 22:27:44 -05:00
Glenn Strauss b1048b2349 [doc] NEWS 2020-01-31 21:46:34 -05:00
Glenn Strauss f37c16aadd [core] fix one-byte OOB read (underflow)
In some circumstances, if the character on the heap prior to the
beginning of the request is '\r', then it would be overwritten with '\0'

With default compiler flags, this does not appear to occur in practice
and we therefore believe it to be a low-probability vulnerability.

(thx Antonio Morales)

This issue was discovered and reported by GSL team member @
<>  (Antonio Morales)
2020-01-31 16:54:59 -05:00
raw 2c409321df [build] Fix build when using nested CMake
(FetchContent, ExternalProject_Add)

github: closes #102
2020-01-30 21:47:59 -05:00
Niclas Rosenvik 8c9b5480f3 [core] Solaris has getloadavg in sys/loadavg.h
SunOS/Solaris/Illumos has getloadavg declared in sys/loadavg.h .

github: closes #101
2020-01-30 21:47:59 -05:00
Elan Ruusamäe 15cdc313b5 [config] update /var/run -> /run for systemd
This gets rid of the warning:
> May 19 10:56:32 buster systemd[1]: /lib/systemd/system/lighttpd.service:6:
> PIDFile= references path below legacy directory /var/run/,
> updating /var/run/ → /run/;
> please update the unit file accordingly.

- a2d1fb882c
- Filesystem Hierarchy Standard 3.0 (FHS 3.0)

github: closes #100
2020-01-30 21:47:36 -05:00
Glenn Strauss 12aa0f4c91 [core] save errno before logging if execve() fails
2020-01-26 00:41:06 -05:00
Glenn Strauss fb74bb7514 [core] do not accept() > server.max-connections 2020-01-26 00:41:05 -05:00
Glenn Strauss 8bddac9263 [mod_auth] close connection after bad password
mitigation slows down brute force password attacks

  "Possible feature: authentication brute force hardening"
2020-01-26 00:41:05 -05:00
Glenn Strauss fce489b806 [core] fall back to accept() if accept4() EPERM (fixes #2998)
On some architectures, accept4() might result in EPERM depending
on Linux kernel and/or glibc support for accept4()

(thx alex-che)

  "accept4 returns EPERM instead of ENOSYS on some platforms"
2020-01-26 00:41:05 -05:00
Glenn Strauss 9cdfb48466 [core] preserve %2b and %2B in query string (fixes #2999)
normalize %2b or %2B in query string to %2B (uppercase hex),
and not to '+'

(thx int-e)

  "url-normalize-required expands %2B in query strings"
2020-01-26 00:41:05 -05:00
Glenn Strauss aaccb1bc5e [multiple] address coverity warnings 2020-01-26 00:41:05 -05:00
Glenn Strauss f4a5a09d96 [core] Oracle Solaris does not have POLLRDHUP
(IllumOS added support 5+ years ago)

2020-01-26 00:41:05 -05:00
Glenn Strauss 330c39c694 [mod_accesslog] parse multiple cookies (fixes #2986)
(thx xoneca)

  "Cookie format specifier is broken"
2020-01-26 00:41:05 -05:00
Glenn Strauss fa8856757c [mod_openssl] reject invalid ALPN 2020-01-26 00:41:05 -05:00
Glenn Strauss 66624b375b [core] reject Transfer-Encoding + Content-Length (#2985)
reject requests with both Transfer-Encoding and Content-Length
as recommended in RFC 7230 Section 3.3.3.

strict header parsing is enabled by default in lighttpd.  However,
if explicitly disabled in lighttpd.conf, lighttpd will continue to
accept Transfer-Encoding and Content-Length in the same request,
and will ignore (and remove) Content-Length before passing to backend.
  UNSAFE: server.http-parseopts = ( "header-strict" => "disable" )
  This is NOT RECOMMENDED since doing so disables other protections
  provided by lighttpd strict http header parsing.

RFC7230 Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing
  3.3.3.  Message Body Length
  If a message is received with both a Transfer-Encoding and a
  Content-Length header field, the Transfer-Encoding overrides the
  Content-Length.  Such a message might indicate an attempt to
  perform request smuggling (Section 9.5) or response splitting
  (Section 9.4) and ought to be handled as an error.  A sender MUST
  remove the received Content-Length field prior to forwarding such
  a message downstream.

  stricter request header parsing
2020-01-26 00:41:04 -05:00
Glenn Strauss 61f85d14ee [core] reject WS following header field-name (fixes #2985)
reject whitespace following request header field-name and before colon
Such whitespace is forbidden in RFC 7230 Section 3.2.4.

strict header parsing is enabled by default in lighttpd.  However,
if explicitly disabled in lighttpd.conf, lighttpd will continue to
accept (and re-format) such field-names before passing to any backend.
  UNSAFE: server.http-parseopts = ( "header-strict" => "disable" )
  This is NOT RECOMMENDED since doing so disables other protections
  provided by lighttpd strict http header parsing.

(thx fedormixalich)

  stricter request header parsing
2020-01-26 00:40:20 -05:00