Commit Graph

65 Commits

Author SHA1 Message Date
Glenn Strauss 21f0dabef4 [multiple] replace buffer_is_equal_caseless_string
buffer_is_equal_caseless_string() -> buffer_eq_icase_slen()
2021-01-07 09:08:53 -05:00
Glenn Strauss 367f30a645 [multiple] extend enum http_header_e list 2020-10-11 12:19:26 -04:00
Glenn Strauss babf0d0e4c [core] separate http_header_e from _htags bitmask
separate http_header_e index from r->{rqst,resp}_htags bitmask
(allows http_header_e remain 32-bit and to be used in array indexes
 while also allowing r->{rqst,resp}_htags to grow to 64-bits wide
 in the future, without requiring invasive changes)
2020-10-11 12:19:26 -04:00
Glenn Strauss 9c8981a7d1 [core] tst,set,clr macros for r->{rqst,resp}_htags 2020-10-11 12:19:26 -04:00
Glenn Strauss c58b95f297 [core] light_isupper(), light_islower()
more efficient char checks
(replace one comparision and one branch with one subtraction)
2020-10-11 12:19:26 -04:00
Glenn Strauss b600b75f20 [core] inline buffer_reset()
buffer_reset() is used on pre-allocated buffers, so remove NULL check
2020-08-10 20:05:02 -04:00
Glenn Strauss e1bb579361 [core] disperse settings.h to appropriate headers 2020-08-10 20:04:57 -04:00
Glenn Strauss 9914bb297b [core] C99 restrict on some base funcs
buffer.[ch], chunk.[ch], request.[ch], sock_addr.[ch]
2020-07-08 19:54:29 -04:00
Glenn Strauss 7c7f8c467c [multiple] split con, request (very large change)
NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access)

NB: request read and write chunkqueues currently point to connection
    chunkqueues; per-request and per-connection chunkqueues are
    not distinct from one another
      con->read_queue  == r->read_queue
      con->write_queue == r->write_queue

NB: in the future, a separate connection config may be needed for
    connection-level module hooks.  Similarly, might need to have
    per-request chunkqueues separate from per-connection chunkqueues.
    Should probably also have a request_reset() which is distinct from
2020-07-08 19:54:29 -04:00
Glenn Strauss f24e6d696a [multiple] plugin_stats array
use global rather than passing around (server *) just for that

li_itostrn() and li_utostrn() return string length
(rather than requiring subsequent strlen() to find length)
2020-07-08 19:54:28 -04:00
Glenn Strauss be04c1239f [core] macros CONST_LEN_STR and CONST_STR_LEN 2020-05-23 17:59:29 -04:00
Glenn Strauss 5c0c4936b4 [core] __attribute_returns_nonnull__ 2020-02-24 11:15:32 -05:00
Glenn Strauss 10d71279ae [core] uint32_t for struct buffer sizes 2020-02-24 11:15:32 -05:00
Glenn Strauss 72d4fe7451 [core] mark some more funcs w/ __attribute_pure__ 2019-06-06 02:48:43 -04:00
Glenn Strauss ac8444f2e6 [core] specialized buffer_eq_*() for short strings
specialized buffer_eq_*() funcs for use with short strings,
e.g. case-insensitive comparison for equality
2019-06-06 02:48:43 -04:00
Glenn Strauss 4183e723ce [core] log_error, log_perror using printf-like fmt 2019-04-20 02:10:28 -04:00
Glenn Strauss 77c01f9817 [core] buffer_append_path_len()
concatenate paths, placing single '/' between strings

reverts broken commit:b9402283

(thx avij)
2018-11-28 02:12:41 -05:00
Glenn Strauss 80638252dc [multiple] validate UTF-8 in url-decoded paths
validate UTF-8 in url-decoded paths obtained elsewhere than from request

(burl_normalize(), if enabled with server.http-parseopts, checks url for
 overlong encodings of ASCII chars in the HTTP request-line)
2018-11-25 19:52:08 -05:00
Glenn Strauss cf93e91c56 [core] perf: inline buffer_copy_buffer() 2018-11-25 19:52:08 -05:00
Glenn Strauss ac41c17694 [core] perf: small improvement buffer_string_space 2018-11-23 00:47:08 -05:00
Glenn Strauss f69bd9cdb8 [core] perf: simple, quick buffer_clear()
quickly clear buffer instead of buffer_string_set_length(b, 0) or
buffer_reset(b).  Avoids free() of large buffers about to be reused,
or buffers that are module-scoped, persistent, and reused.

(buffer_reset() should still be used with buffers in connection *con
 when the data in the buffers is supplied by external, untrusted source)
2018-11-23 00:37:38 -05:00
Glenn Strauss aba45f68d8 [core] perf: simpler buffer_string_space() (tests) 2018-11-18 04:57:05 -05:00
Glenn Strauss d1bf435573 [core] perf: simpler buffer_string_space() (fixed) 2018-11-18 02:47:22 -05:00
Glenn Strauss 31d16af78b [core] perf: simpler buffer_string_space() 2018-11-12 21:56:05 -05:00
Glenn Strauss 5fe9339942 [core] perf: inline buffer_append_string_buffer() 2018-11-12 21:56:05 -05:00
Glenn Strauss b192231392 [core] log_failed_assert() __attribute__((cold)) 2018-09-23 18:01:58 -04:00
Glenn Strauss 6ebd289788 [core] inline some buffer.[ch] routines 2018-08-12 14:43:22 -04:00
Glenn Strauss 83cdf28610 [core] check for continuation in server.tag
check server.tag for newlines (not expected) and ensure proper
header continuation.

remove buffer_append_string_encoded() ENCODING_HTTP_HEADER
(continuations in response headers handled in response_header_*() funcs)
2018-08-05 03:44:15 -04:00
Glenn Strauss 3d880810d1 [core] buffer_append_uint_hex_lc() uses lc hex 2018-08-05 03:44:15 -04:00
Glenn Strauss d3cf141d14 [core] li_tohex_lc() explicitly uses lc hex chars
remove buffer_copy_string_hex()
2018-08-05 03:44:15 -04:00
Glenn Strauss 936db51f05 [core] buffer_append_string_encoded_hex_lc()
special-purpose routine is more efficient than what was previously in
buffer_append_string_encoded() with ENCODING_HEX
2018-08-05 03:44:15 -04:00
Glenn Strauss 04d76e7afd [core] some header cleanup
provide standard types in first.h instead of base.h
provide lighttpd types in base_decls.h instead of settings.h
reduce headers exposed by headers for core data structures
  do not expose <pcre.h> or <stdlib.h> in headers
move stat_cache_entry to stat_cache.h
reduce use of "server.h" and "base.h" in headers
2018-04-08 22:22:23 -04:00
Glenn Strauss 05c34ce464 [core] buffer_substr_replace() 2017-04-24 02:38:30 -04:00
Glenn Strauss ac143ead29 [core] inline simple buffer is empty checks 2017-04-24 02:37:10 -04:00
Glenn Strauss a53f662a30 [core] remove some unused header includes
remove exposure of stdio.h in buffer.h for print_backtrace(), now static
2017-03-28 02:17:33 -04:00
Glenn Strauss a22c126323 [core] remove now-unused buffer_search_string_len
(just use strstr(), if desired)
2017-03-19 23:48:50 -04:00
Glenn Strauss 47f3dbebe4 use li_[iu]tostrn() instead of li_[iu]tostr()
From: Glenn Strauss <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2016-04-01 17:38:26 +00:00
Glenn Strauss e5006d88eb pass buf size to li_tohex()
also change passing of fixed-sized arrays: need to pass pointer to array
as otherwise size does not get enforced

From: Glenn Strauss <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2016-04-01 16:54:46 +00:00
Glenn Strauss 8abd06a7ff consistent inclusion of config.h at top of files (fixes #2073)
From: Glenn Strauss <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2016-03-19 15:14:35 +00:00
Loganaden Velvindron d7be04beb5 [mod_auth] implement and use safe_memclear, using memset_s or explicit_bzero if available
From: Loganaden Velvindron <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-09-26 10:11:24 +00:00
Stefan Bühler 427120b41a escape all strings for logging (fixes #2646 log file injection, reported by Jaanus Kääp)
From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-05-28 15:47:14 +00:00
Stefan Bühler 66ad587f2f [buffer] constify some parameters
From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-02-08 19:10:49 +00:00
Stefan Bühler 91a9a6b391 rename buffer_append_long_hex to buffer_append_uint_hex
* takes uintmax_t now
* use in http_chunk_append_len

From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-02-08 19:10:46 +00:00
Stefan Bühler ad3e93ea96 Use buffer API to read and modify "used" member
- a lot of code tried to handle manually adding terminating zeroes and
  keeping track of the correct "used" count.
  Replaced all "external" usages with simple wrapper functions:
  * buffer_string_is_empty (used <= 1), buffer_is_empty (used == 0);
    prefer buffer_string_is_empty
  * buffer_string_set_length
  * buffer_string_length
  * CONST_BUF_LEN() macro
- removed "static" buffer hacks (buffers pointing to constant/stack
  memory instead of malloc()ed data)
- buffer_append_strftime(): refactor buffer+strftime uses
- li_tohex(): no need for a buffer for binary-to-hex conversion:
  the output data length is easy to predict
- remove "-Winline" from extra warnings: the "inline" keyword just
  supresses the warning about unused but defined (static) functions;
  don't care whether it actually gets inlined or not.

From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-02-08 19:10:44 +00:00
Stefan Bühler 4365bdbebe Remove buffer_prepare_copy() and buffer_prepare_append()
* removed almost all usages of buffer as "memory" (without terminating
* refactored cgi variable name encoding

From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-02-08 19:10:39 +00:00
Stefan Bühler 1be163b44a Remove chunkqueue_get_{append,prepend}* API
Although those were "easy" to use, they violated the abstraction:
  content of the chunkqueue should only be modified via the API.
  Replace with chunkqueue_get_memory() and chunkqueue_use_memory() for
  functions that read data from network (reusing large buffers),
  chunkqueue_steal_with_tempfiles() to store request bodies on disk
  Modules that were generating content and need a buffer maintain the
  buffer manually (have to be careful to free the buffer on errors, as
  it isn't part of the chunkqueue yet).

From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-02-08 19:10:36 +00:00
Stefan Bühler 6afad87d2e fix buffer, chunk and http_chunk API
* remove unused structs and functions
    (buffer_array, read_buffer)
  * change return type from int to void for many functions,
    as the return value (indicating error/success) was never checked,
    and the function would only fail on programming errors and not on
    invalid input; changed functions to use force_assert instead of
    returning an error.
  * all "len" parameters now are the real size of the memory to be read.
    the length of strings is given always without the terminating 0.
  * the "buffer" struct still counts the terminating 0 in ->used,
    provide buffer_string_length() to get the length of a string in a
    unset config "strings" have used == 0, which is used in some places
    to distinguish unset values from "" (empty string) values.
  * most buffer usages should now use it as string container.
  * optimise some buffer copying by "moving" data to other buffers
  * use (u)intmax_t for generic int-to-string functions
  * remove unused enum values: UNUSED_CHUNK, ENCODING_UNSET
  * converted BUFFER_APPEND_SLASH to inline function (no macro feature
  * refactor: create chunkqueue_steal: moving (partial) chunks into another
  * http_chunk: added separate function to terminate chunked body instead of
    magic handling in http_chunk_append_mem().
    http_chunk_append_* now handle empty chunks, and never terminate the
    chunked body.

From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-02-08 12:37:10 +00:00
Stefan Bühler 3521be8b85 print backtrace in assert logging with libunwind
From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-02-07 13:32:56 +00:00
Stefan Bühler 07dd0bd0a5 add force_assert() to enforce assertions as simple assert()s are disabled by -DNDEBUG (fixes #2546)
From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2014-02-16 13:08:20 +00:00
Stefan Bühler 05858f6cf2 [ssl] Fix $HTTP["scheme"] conditional, could be "http" for ssl connections if the ssl $SERVER["socket"] conditional was nested (fixes #2501)
con->conf.is_ssl got removed and replaced by:
 * con->conf.ssl_enabled for the config var "ssl.engine" - it is only
   used to determine which server-sockets should use ssl. (usually not
   needed as it is mandatory and enough to set ssl.pemfile anyway)
 * con->srv_socket->is_ssl to detect the actual ssl status of the
   bound socket, which is the same as the ssl status of the connection
 * con->uri.scheme for the actual $HTTP["scheme"] value, also used for
   the CGI "HTTPS=ON" variable. This defaults to "https" if the
   connection uses ssl, but can be changed for example by mod_extforward
   if X-Forwarded-Proto: is set to either "http" or "https" (other values
   are ignored right now)

Also removed the broken srv_socket->is_proxy_ssl as it was a connection
value in a server_socket struct...

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2013-07-31 20:23:21 +00:00