Commit Graph

2614 Commits

Author SHA1 Message Date
Glenn Strauss 7c8cc6f7c5 [core] option to propagate TCP FIN to backend host
(experimental support for mod_sockproxy)

"tcp-fin-propagate" = "enable" for each host in *.server backend defs
2018-08-12 14:43:22 -04:00
Glenn Strauss bbf01a3a6c [core] reset var if FAMMonitorDirectory() fails
do not read fam_dir->version if FAMMonitorDirectory() fails
2018-08-12 14:43:22 -04:00
Glenn Strauss d161f53de0 [core] security: use-after-free invalid Range req
(thx Marcus Wengelin)
2018-08-12 14:43:22 -04:00
Glenn Strauss 1de1746925 [mod_rewrite] require rewrite result to begin '/' 2018-08-12 14:43:22 -04:00
Glenn Strauss f832b71180 [mod_redirect,mod_rewrite] base64url encoding opt
Provide means to encode redirect and rewrite backreference substitutions

  %{encb64u:...} encode to base64url characters (no-padding)
  %{decb64u:...} decode from base64url characters
2018-08-12 14:43:22 -04:00
Glenn Strauss 5868b8ca12 [core] add missing includes to quiet compiler warn
add missing system includes to quiet compiler warnings on Mac OS X
2018-08-12 14:43:22 -04:00
Glenn Strauss ba5026aa7a [mod_redirect,mod_rewrite] support up to 19 match
support up to 19 regex saved matches ($1 - $9 and ${1} - ${19})
for use in replacement substitutions.

lighttpd config conditionals are still limited to 9 matches (%1 - %9)
2018-08-12 14:43:22 -04:00
Glenn Strauss 769289b954 [core] POLLRDHUP handling for transparent proxying 2018-08-12 14:43:22 -04:00
Glenn Strauss 77d31d8584 [mod_wstunnel] quiet 32-bit compiler warnings 2018-08-12 14:43:22 -04:00
Glenn Strauss 2105dae0f9 [mod_alias] security: potential path traversal with specific configs
Security: potential path traversal of a single directory above the alias
target with a specific mod_alias config where the alias which is matched
does not end in '/', but alias target filesystem path does end in '/'.

e.g. server.docroot = "/srv/www/host/HOSTNAME/docroot"
     alias.url = ( "/img" => "/srv/www/hosts/HOSTNAME/images/" )

If a malicious URL "/img../" were passed, the request would be
for directory "/srv/www/hosts/HOSTNAME/images/../" which would resolve
to "/srv/www/hosts/HOSTNAME/".  If mod_dirlisting were enabled, which
is not the default, this would result in listing the contents of the
directory above the alias.  An attacker might also try to directly
access files anywhere under that path, which is one level above the
intended aliased path.

credit: Orange Tsai(@orange_8361) from DEVCORE
2018-08-12 14:43:22 -04:00
Glenn Strauss eb429c9c19 [mod_fastcgi] fix memleak with FastCGI auth,resp (fixes #2894)
fix memleak in mod_fastcgi when FastCGI is used for both authentication
and response on the same request

(thx rschmid)

  "Memory leak if two fcgi calls with one request (authentication and response)"
2018-08-12 14:43:22 -04:00
Glenn Strauss f4f13745c8 [mod_redirect,mod_rewrite] fix segfault w/ invalid syntax (fixes #2892)
(thx nti)

  "Segmentation fault with invalid lighttpd.conf syntax"
2018-08-12 14:43:22 -04:00
Glenn Strauss 255269d799 [mod_redirect,mod_rewrite] encoding options (fixes #443, fixes #911)
Provide means to encode redirect and rewrite backreference substitutions
  In addition to $1 and %1, the following modifiers are now supported,
  followed by the number for the backreference, e.g. ${esc:1}

  ${noesc:...}  no escaping
  ${esc:...}    escape all non-alphanumeric - . _ ~ incl double-escape %
  ${escape:...} escape all non-alphanumeric - . _ ~ incl double-escape %
  ${escnde:...} escape all non-alphanumeric - . _ ~  but no double-esc %


Provide means to substitute URI parts without needing a regex match
  (and can be preceded by encoding modifier,
     e.g. ${tolower:url.authority})


  ${qsa}        appends query string, if not empty

  "[PATCH] mod_redirect: Add support for url-encoding backreferences, map %%n->%n, $$n->$n"
  "Need for URL encoding in mod_redirect and possibly mod_rewrite"
2018-08-12 14:43:22 -04:00
Glenn Strauss 37900d24b3 [mod_redirect,mod_rewrite] pass request URI info 2018-08-12 14:43:22 -04:00
Glenn Strauss 1f6befbd66 [mod_cgi] handle CGI partial response header write
handle CGI partial write of first response header

e.g. gSoap stdsoap2.c might inefficiently write "Status" to response
pipe and lighttpd might read that prior to the backend writing the
subsequent ": " which marks "Status:" as a response header.

2018-08-12 14:43:22 -04:00
Glenn Strauss 2e385a1a53 [core] fix buffer_to_upper()
fix buffer_to_upper() and case-insensitive filesystem detection
2018-08-12 14:43:22 -04:00
Glenn Strauss 1c68589c67 [mod_redirect,mod_rewrite] short-circuit earlier
short-circuit earlier if there are no rules to be matched
2018-08-12 14:43:22 -04:00
Glenn Strauss bad1cfe059 [core] debug server.log-request-header-on-error
enable server.log-request-header-on-error when either
server.log-request-handling or server.log-request-header
are enabled in the global scope.

server.log-request-header-on-error is a global directive since it must
be set prior to parsing of request, and errors parsing request might
otherwise occur before lighttpd config conditions are parsed and set
(i.e. based on the parsed request headers)

  "Log error if Host name is illegal (e.g. contains an underscore)"
2018-08-12 14:43:22 -04:00
Glenn Strauss a8aa39c699 [core] remove some duplicative code in log.c 2018-08-12 14:43:22 -04:00
Glenn Strauss 6ebd289788 [core] inline some buffer.[ch] routines 2018-08-12 14:43:22 -04:00
Glenn Strauss 3eb7902e10 [core] server.http-parseopts URL normalization opt (fixes #1720)
server.http-parseopts = ( ... ) URL normalization options

Note: *not applied* to CONNECT method

Note: In a future release, URL normalization likely enabled by default
  (normalize URL, reject control chars, remove . and .. path segments)
  To prepare for this change, lighttpd.conf configurations should
  explicitly select desired behavior by enabling or disabling:
    server.http-parseopts = ( "url-normalize" => "enable", ... )
    server.http-parseopts = ( "url-normalize" => "disable" )

  "lighttpd ... compares URIs to patterns in the (1) url.redirect and (2) url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data."
  "Rewrite/redirect rules and URL encoding"
2018-08-12 14:43:22 -04:00
Glenn Strauss 6ccccaaa38 [tests] move src/test_*.c to src/t/ 2018-08-05 03:44:15 -04:00
Glenn Strauss a46bc4f5de [core] remove proc_open.[ch], reduce stdio.h use 2018-08-05 03:44:15 -04:00
Glenn Strauss fb5a33ffe9 [core] remove unused get_http_status_body_name() 2018-08-05 03:44:15 -04:00
Glenn Strauss c56b21084e [core] http_kv.[ch] method, status, version str
move method, status, version strings from keyvalue.[ch] to http_kv.[ch]
2018-08-05 03:44:15 -04:00
Glenn Strauss 1b62dc325c [tests] test_request unit tests
unit tests for request processing
collect existing request processing tests from Perl tests/*.t
(test_request.c runs *much* more quickly than Perl tests/*.t)
2018-08-05 03:44:15 -04:00
Glenn Strauss e8c1efd5df [core] data_config_pcre_compile,exec()
collect PCRE usage related to config processing
2018-08-05 03:44:15 -04:00
Glenn Strauss cf9474aa2c [mod_redirect, mod_rewrite] code reuse (sharing) 2018-08-05 03:44:15 -04:00
Glenn Strauss 22f3f43621 [core] CONNECT must be handled before fs hooks
do not permit CONNECT requests to hit filesystem hooks
since the CONNECT URI bypasses path normalization
2018-08-05 03:44:15 -04:00
Glenn Strauss 83cdf28610 [core] check for continuation in server.tag
check server.tag for newlines (not expected) and ensure proper
header continuation.

remove buffer_append_string_encoded() ENCODING_HTTP_HEADER
(continuations in response headers handled in response_header_*() funcs)
2018-08-05 03:44:15 -04:00
Glenn Strauss 132c1b6019 [tests] remove test_buffer output, except on error 2018-08-05 03:44:15 -04:00
Glenn Strauss 1cef8dfc05 [tests] reduce test_base64 brute force tests
It is not necessary to test every single value of 3 chars for confidence
in the tests.  256^256^256 is a bit overkill (and much more time
consuming than other tests)
2018-08-05 03:44:15 -04:00
Glenn Strauss 1593190651 [core] buffer_append_string_encoded() uc hex
Use uc hex chars in buffer_append_string_encoded(), preferred in RFC3986

Preserve behavior using lc hex chars in buffer_append_string_c_escaped()
2018-08-05 03:44:15 -04:00
Glenn Strauss 3d880810d1 [core] buffer_append_uint_hex_lc() uses lc hex 2018-08-05 03:44:15 -04:00
Glenn Strauss d3cf141d14 [core] li_tohex_lc() explicitly uses lc hex chars
remove buffer_copy_string_hex()
2018-08-05 03:44:15 -04:00
Glenn Strauss 5e60b8faea [mod_secdownload] compare bin MAC instead of hex 2018-08-05 03:44:15 -04:00
Glenn Strauss 9eda625d67 [core] more efficient hex2int() 2018-08-05 03:44:15 -04:00
Glenn Strauss 936db51f05 [core] buffer_append_string_encoded_hex_lc()
special-purpose routine is more efficient than what was previously in
buffer_append_string_encoded() with ENCODING_HEX
2018-08-05 03:44:15 -04:00
Glenn Strauss 78024584bb [core] check if SOCK_NONBLOCK is ignored (fixes #2883)
  "fdevent_init should check if SOCK_NONBLOCK works"
2018-08-05 03:44:15 -04:00
Glenn Strauss 3efaff973f [mod_fastcgi,mod_scgi] fastcgi.balance,scgi.balance (fixes #2882)
  "fastcgi.balance not working"
2018-08-05 03:44:15 -04:00
Glenn Strauss b70186131a [mod_magnet] reduce buffer copies
reduce buffer copies, but leave where (buffer *) arg required
2018-04-08 22:22:23 -04:00
Glenn Strauss 4753064318 [mod_magnet] code reuse 2018-04-08 22:22:23 -04:00
Glenn Strauss 6fb023d664 [mod_wstunnel] better Sec-WebSocket-Protocol parse
Improve handling of Sec-WebSocket-Protocol: binary, base64 for RFC6455.
When client sends Sec-WebSocket-Protocol in request header, client
may expect Sec-WebSocket-Protocol response.  mod_wstunnel is basic
tunnel endpoint and supports "binary" and "text" modes for RFC6455,
conventionally requested by client browsers as "binary" or "base64"
2018-04-08 22:22:23 -04:00
Glenn Strauss 04d76e7afd [core] some header cleanup
provide standard types in first.h instead of base.h
provide lighttpd types in base_decls.h instead of settings.h
reduce headers exposed by headers for core data structures
  do not expose <pcre.h> or <stdlib.h> in headers
move stat_cache_entry to stat_cache.h
reduce use of "server.h" and "base.h" in headers
2018-04-08 22:22:23 -04:00
Glenn Strauss fefc82153a [build] remove m4 AC_PATH_PROG for PKG_CONFIG
2018-03-25 01:06:58 -04:00
Glenn Strauss d400f8aac5 [core] fdevent_accept_listenfd() nonblock cloexec
fdevent_accept_listenfd() now always returns fd O_NONBLOCK O_CLOEXEC
for consistency, rather than setting elsewhere in connection_accepted()

Handle older Linux 2.6 kernels which might have accept4() in glibc,
but return ENOSYS, as accept4() was not added until Linux kernel 2.6.28.
2018-03-25 00:59:48 -04:00
Glenn Strauss 26fb8d3ee6 [mod_proxy] fix segfault in Set-Cookie reverse map (fixes #2879)
fix segfault in reverse url-path mapping of Set-Cookie sent from backend
when proxy.header = ( "map-urlpath" => ( ... ) ) is used and there are
multiple Set-Cookie response headers with path= attributes which need to
be reverse mapped.

(thx ganto)

  "Segfault with proxy-header map-urlpath"
2018-03-22 00:25:06 -04:00
Glenn Strauss 210b57708e [core] fix rare race condition from backends (fixes #2878)
fix rare race condition from backends with

(thx abelbeck)

  "fastcgi and stream-response-body=2 hangs on last chunk"
2018-03-18 19:01:32 -04:00
Glenn Strauss 957916a90e [core] minor code cleanup in gw_recv_response() 2018-03-17 23:16:48 -04:00
Glenn Strauss 86f64a0288 [mod_magnet] fix regression in lighty.stat (fixes #2877)
fix regression in mod_magnet lighty.stat introduced in lighttpd 1.4.49
in commit commit:b1df38ab

  "lighty.stat failure"
2018-03-17 11:57:50 -04:00