Commit Graph

201 Commits

Author SHA1 Message Date
Glenn Strauss b700a8ca09 [multiple] etag.[ch] -> http_etag.[ch]; better imp
more efficient implementation of HTTP ETag generation and comparison

modify dekhash() to take hash value to allow for incremental hashing
2020-12-25 14:41:16 -05:00
Glenn Strauss 1212f60991 buffer_append_path_len() to join paths
use buffer_append_path_len() to join path segments
2020-12-24 16:13:20 -05:00
Glenn Strauss 29f50bdeb0 [multiple] fdevent_waitpid() wrapper 2020-12-24 16:13:17 -05:00
Glenn Strauss bbd958382e [core] reorder srv->config_context to match ndx (fixes #3047)
(thx altblue)

reorder dc->context_ndx to match srv->config_context->data[] index.
srv->config_context->data[] may have been re-ordered in configparser.y.
Since the dc->context_ndx (id) is reused by config_insert*() and by
plugins to index into srv->config_context->data[], reorder into the
order encountered during config file parsing for least surprise to
end-users writing config files.

  "mismatched nested config conditions in lighttpd 1.4.56"
2020-12-16 02:00:17 -05:00
Glenn Strauss 4933a2259b [core] warn if mod_authn_file needed in conf
warn if mod_authn_file is not listed in lighttpd.conf, but is needed
2020-12-13 06:01:51 -05:00
Glenn Strauss a27e55b2dd [core] add missing mod_wolfssl to ssl compat list
add missing mod_wolfssl to ssl compat module list

  "[lighttpd] -mod-wolfssl fails (requires dependency on -mod-openssl?)"
2020-12-05 11:19:03 -05:00
Glenn Strauss ba995e9ec9 [core] handle U+00A0 in config parser
treat U+00A0 (c2 a0) "NO-BREAK SPACE" as whitespace between tokens

2020-11-30 11:19:55 -05:00
Glenn Strauss 730c932e3c [multiple] more forgiving config str to boolean (fixes #3036)
more consistent use of shared code config_plugin_value_tobool()

(thx tow-conf)

  "The on/off keywords in boolean configuration options is inconsistent, which might be misleading and error-prone."
2020-11-16 01:39:14 -05:00
Glenn Strauss 78ec2b5b68 [core] filter out duplicate modules
filter out modules duplicated in server.modules list
2020-11-11 20:57:41 -05:00
Glenn Strauss 78b13b610c [core] move misplaced error trace to match option
(thx grohne)
2020-10-29 05:34:43 -04:00
Glenn Strauss 76bd8bba9a [mod_ssi] init status var before waitpid() 2020-10-11 12:19:27 -04:00
Glenn Strauss 8e2cf55250 [core] redirect to dir using relative-path
Location response header is permitted to use relative-path in
RFC 7231 Section 7.1.2. Location

Prefer relative path in redirection for the benefit of reverse proxies
and CDNs.  Doing so also avoids potentially disclosing internal schemes
and server names which client might not be able to directly reach.

To restore prior behavior of sending a fully-qualified absolute URI:
server.feature-flags += ("absolute-dir-redirect" => "enable")

2020-10-11 11:43:06 -04:00
Glenn Strauss 8d7e9439b5 [core] connection transition to HTTP/2; incomplete

(basic framework with some stub functions; incomplete)
(subsequently incrementally updated using git rebase)

HTTP/2 via TLS ALPN extension  (TLS)
HTTP/2 via Upgrade: h2c        (cleartext)
HTTP/2 via Prior Knowledge     (cleartext)

server.feature-flags += ("server.h2proto" => "enable")
to enable HTTP/2
server.feature-flags += ("server.h2c" => "enable")
to enable upgrade to HTTP/2 over cleartext http
2020-10-11 11:43:06 -04:00
Glenn Strauss 1041a56dd9 [core] server.feature-flags to enable h2
server.feature-flags = ("server.h2proto" => "enable") to enable h2
2020-08-13 15:05:25 -04:00
Glenn Strauss 5f7bf472c7 [core] server.feature-flags extensible config
server.feature-flags = ("server.xxxx" => "enable")
2020-08-02 07:46:27 -04:00
Glenn Strauss 8dd33a72dd [mod_deflate] mod_deflate subsumes mod_compress
translate config server.modules "mod_compress" to "mod_deflate"
accept compress.* directives, but issue DEPRECATED warning trace

mod_deflate differences from mod_compress:
- mod_compress compress.filetype was exact match; deflate.mimetypes is
  prefix match (behavior change might compress longer mimetype matches,
  which are likely of similar type and compressability)
- mod_compress always sent entire (compressed) file for Range request
  mod_deflate will stream compress range result (not stored in cache)
- mod_compress would short-circuit request with 403 Forbidden error
  if request file did not exist (stat() failed) (This behavior was
  unfriendly to other handlers)
- mod_compress compress.cache-dir layout differs from deflate.cache-dir
  layout; file cache should be cleared (or renamed) when migrating from
  mod_compress to mod_deflate
- mod_deflate does not issue Vary: Accept-Encoding if request does not
  contain Accept-Encoding.  The identity response can be cache by
  proxies and served to clients.  Historically, some proxies disabled
  caching if any Vary: response was seen.  If the Vary header is
  desirable, mod_deflate code which checks for Accept-Encoding and
  compression type can be moved down a few lines to be below the
  setting of the Vary response header.
2020-08-02 06:46:22 -04:00
Glenn Strauss 28f1867c11 quiet clang analyzer scan-build warnings
(expansion of buffer_string_lenth() inline function and CONST_BUF_LEN()
 macro, which always check for NULL, appears to cause the analyzer to
 believe that a pointer might be NULL in cases where it otherwise can
 not be NULL)

2020-07-08 22:51:32 -04:00
Glenn Strauss 98a224a4a2 [mod_openssl] prefer some WolfSSL native APIs
Prefer some WolfSSL native APIs when building with WolfSSL.

However, some functionality in WolfSSL is available only through the
WolfSSL compatibility layer for OpenSSL, so the effort to create a
native mod_wolfssl halted here.
2020-07-08 22:51:32 -04:00
Glenn Strauss e00deb5578 [mod_nss] NSS option for TLS (fixes #1218)


mod_nss supports most ssl.* config options supported by mod_openssl

  "alternate ssl backend"
2020-07-08 22:51:32 -04:00
Glenn Strauss bf4054f8ec [mod_gnutls] GnuTLS option for TLS (fixes #109)

mod_gnutls supports most ssl.* config options supported by mod_openssl

  "GnuTLS support for the mod_ssl"
2020-07-08 22:51:31 -04:00
Glenn Strauss cb753ec5b5 [mod_mbedtls] mbedTLS option for TLS

mod_mbedtls supports most ssl.* config options supported by mod_openssl

thx Ward Willats for the initial discussion and attempt in the comments
2020-07-08 22:51:31 -04:00
Glenn Strauss 89082a12ca [config] blank server.tag if whitespace-only 2020-07-08 19:54:29 -04:00
Glenn Strauss 7c7f8c467c [multiple] split con, request (very large change)
NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access)

NB: request read and write chunkqueues currently point to connection
    chunkqueues; per-request and per-connection chunkqueues are
    not distinct from one another
      con->read_queue  == r->read_queue
      con->write_queue == r->write_queue

NB: in the future, a separate connection config may be needed for
    connection-level module hooks.  Similarly, might need to have
    per-request chunkqueues separate from per-connection chunkqueues.
    Should probably also have a request_reset() which is distinct from
2020-07-08 19:54:29 -04:00
Glenn Strauss 8131e4396d [core] move addtl request-specific struct members 2020-07-08 19:54:29 -04:00
Glenn Strauss 550faf988c [core] rename specific_config to request_config 2020-07-08 19:54:29 -04:00
Glenn Strauss 33430ce2b0 [core] copy some srv->srvconf into con->conf
(for memory locality and to reduce pointer chasing)
2020-07-08 19:54:29 -04:00
Glenn Strauss 66bdd96d36 [core] isolate stat_cache subsystem
stat_cache.c no longer directly uses struct server *srv
2020-07-08 19:54:29 -04:00
Glenn Strauss 8588772caa [core] isolate fdevent subsystem
fdevent.c no longer directly uses struct server *srv
srv->srvconf.max_fds (if set) is used to set rlimits
set max_conns in server.c after fdevent_init(), which sets srv->max_fds
  using srv->srvconf.max_fds (if set) as input hint
2020-07-08 19:54:29 -04:00
Glenn Strauss fda01e3305 [core] support multiple error logs
e.g. different server.errorlog for different virtual hosts

Also, support different server.breakagelog to have separate script
error logs, applicable to mod_cgi and mod_ssi exec.
2020-07-08 19:54:29 -04:00
Glenn Strauss ca97505a72 [multiple] store srv->tmp_buf in tb var
rather than using srv->tmp_buf directly in code modifying temp buf (tb)
2020-07-08 19:54:28 -04:00
Glenn Strauss 03b4c993d2 [multiple] generic config array type checking 2020-07-08 19:54:28 -04:00
Glenn Strauss 68d8d4c532 [multiple] stat_cache singleton 2020-07-08 19:54:28 -04:00
Glenn Strauss 50bdb55de8 [multiple] connection hooks no longer get (srv *)
(explicit (server *) not passed; available in con->srv)
2020-07-08 19:54:28 -04:00
Glenn Strauss 010c28949c [multiple] prefer (connection *) to (srv *)
convert all log_error_write() to log_error() and pass (log_error_st *)

use con->errh in preference to srv->errh (even though currently same)

avoid passing (server *) when previously used only for logging (errh)
2020-07-08 19:54:28 -04:00
Glenn Strauss 24680a9142 [core] array_init() arg for initial size 2020-07-08 18:08:52 -04:00
Glenn Strauss 65ef0a3d69 [core] collect more config logic into configfile.c 2020-07-08 18:08:51 -04:00
Glenn Strauss ed62e354ff [core] use config_plugin_values_init() 2020-07-08 18:08:51 -04:00
Glenn Strauss 4b9ee09857 [core] use (const char *) in config file parsing 2020-05-23 17:59:29 -04:00
Glenn Strauss 20450fd652 [core] mv config_setup_connection to connections.c
rename config_setup_connection() to connection_reset_config()
2020-05-23 17:59:29 -04:00
Glenn Strauss 36f64b26a1 [core] simpler config_check_cond()
optimize for common case where condition has been evaluated for
the request and a cached result exists

(also: begin isolating data_config)
2020-05-23 17:59:29 -04:00
Glenn Strauss 5aadcba456 [core] buffer string in data_config
(instead of (buffer *))
2020-02-24 11:15:32 -05:00
Glenn Strauss 601c572c39 [core] inline buffer as part of data_string value
(instead of value being (buffer *))
2020-02-24 11:15:32 -05:00
Glenn Strauss 47a758f959 [core] inline buffer key for *_patch_connection()
handle buffer key as part of DATA_UNSET in *_patch_connection()
(instead of key being (buffer *))
2020-02-24 11:15:32 -05:00
Glenn Strauss ad9b7e009b [core] inline buffer as part of DATA_UNSET key
(instead of key being (buffer *))
2020-02-24 11:15:32 -05:00
Glenn Strauss a7a721ab43 [core] treat con->conditional_is_valid as bitfield 2020-02-24 11:15:32 -05:00
Glenn Strauss 78a6440492 [core] perf: initialize con->conf using memcpy()
initialize specific_config (con->conf) from top-level specific_config
using memcpy()
2020-02-24 11:15:32 -05:00
Glenn Strauss 0ce30f8c22 [core] (const buffer *) for con->server_name
use con->server_name_buf when modules set server_name (e.g from db)
2020-02-24 11:15:32 -05:00
Glenn Strauss 83535bbef3 [core] differentiate array_get_* for ro and rw
array_get_element_klen() is now intended for read-only access
array_get_data_unset() is used by config processing for r/w access
array_get_buf_ptr() is used for r/w access to ds->value (string buffer)
2020-02-24 11:15:32 -05:00
Glenn Strauss 06a395a93e [core] issue config error for invalid ':' (fixes #2980)
  "Embedded vim command line in conf file with no comment (#) hangs server"
2019-09-07 11:59:56 -04:00
Glenn Strauss 73bfee6308 [stat_cache] separate func for symlink policy chk
Note: historical ToC-ToU race condition still exists in implementation
server.follow-symlink = "disable" is not recommended (default: "enable")
2019-04-29 18:11:15 -04:00