Commit Graph

46 Commits

Author SHA1 Message Date
Glenn Strauss 1fc8a3e1f2 [core] sys-crypto-md.h w/ inline message digest fn
sys-crypto-md.h w/ inline message digest functions; shared code
2020-07-08 22:51:31 -04:00
Glenn Strauss c687e01c98 [core] r->uri.path always set, though might be ""
(might be "" if <backend>.server sets "fix-root-scriptname" => "enable")
2020-07-08 19:54:29 -04:00
Glenn Strauss 7c7f8c467c [multiple] split con, request (very large change)
NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access)

NB: request read and write chunkqueues currently point to connection
    chunkqueues; per-request and per-connection chunkqueues are
    not distinct from one another
      con->read_queue  == r->read_queue
      con->write_queue == r->write_queue

NB: in the future, a separate connection config may be needed for
    connection-level module hooks.  Similarly, might need to have
    per-request chunkqueues separate from per-connection chunkqueues.
    Should probably also have a request_reset() which is distinct from
2020-07-08 19:54:29 -04:00
Glenn Strauss cc2134c88b [multiple] copy small struct instead of memcpy()
when patching config
2020-07-08 19:54:29 -04:00
Glenn Strauss c8cd7cf49b [multiple] extern log_epoch_secs
replace srv->cur_ts
2020-07-08 19:54:28 -04:00
Glenn Strauss f24e6d696a [multiple] plugin_stats array
use global rather than passing around (server *) just for that

li_itostrn() and li_utostrn() return string length
(rather than requiring subsequent strlen() to find length)
2020-07-08 19:54:28 -04:00
Glenn Strauss 50bdb55de8 [multiple] connection hooks no longer get (srv *)
(explicit (server *) not passed; available in con->srv)
2020-07-08 19:54:28 -04:00
Glenn Strauss b73949e03f [multiple] plugin.c handles common FREE_FUNC code
(simpler for modules; less boilerplate to cut-n-paste)
2020-07-08 18:08:51 -04:00
Glenn Strauss 5fd8e1940e [mod_usertrack] use config_plugin_values_init() 2020-05-23 17:59:29 -04:00
Glenn Strauss e2de4e581e [core] const char *name in struct plugin
put void *data (always used) as first member of struct plugin

add int nconfig member to PLUGIN_DATA

calloc() inits p->data to NULL
2020-05-23 17:59:29 -04:00
Glenn Strauss 36f64b26a1 [core] simpler config_check_cond()
optimize for common case where condition has been evaluated for
the request and a cached result exists

(also: begin isolating data_config)
2020-05-23 17:59:29 -04:00
Glenn Strauss 6eb34ef5ab [core] add const to callers of http_header_*_get()
(The few places where value is modified in-place were not made const)
2020-02-24 11:15:32 -05:00
Glenn Strauss 47a758f959 [core] inline buffer key for *_patch_connection()
handle buffer key as part of DATA_UNSET in *_patch_connection()
(instead of key being (buffer *))
2020-02-24 11:15:32 -05:00
Mohammed Sadiq 6a988bb0d0 [multiple] cleaner calloc use in SETDEFAULTS_FUNC
github: closes #99

  "cleaner calloc use in SETDEFAULTS_FUNC"
2019-04-20 02:09:04 -04:00
Glenn Strauss 3dd3cde902 [core] abstraction layer for HTTP header manip
convert existing calls to manip request/response headers
convert existing calls to manip environment array (often header-related)
2018-09-23 18:01:58 -04:00
Glenn Strauss a90526374f [core] abstraction to insert/modify response hdrs
consistent use of abstraction to insert/modify response headers
2018-09-16 05:18:05 -04:00
Glenn Strauss 936db51f05 [core] buffer_append_string_encoded_hex_lc()
special-purpose routine is more efficient than what was previously in
buffer_append_string_encoded() with ENCODING_HEX
2018-08-05 03:44:15 -04:00
Glenn Strauss 6e171bd4b9 [core] adjust li_rand_pseudo* interfaces 2017-09-20 22:48:35 -04:00
Glenn Strauss a53f662a30 [core] remove some unused header includes
remove exposure of stdio.h in buffer.h for print_backtrace(), now static
2017-03-28 02:17:33 -04:00
Glenn Strauss 8ddb727d5c [mod_usertrack] usertrack.cookie-attrs config opt (fixes #2795)
usertrack.cookie-attrs allows user to add arbitrary attributes to the
  cookie set by mod_usertrack, including attributes Secure and HttpOnly
  as well as Path

usertrack.cookie-attrs is appended as-is to cookie string
  and therefore must be properly URL-encoded

usertrack.cookie-attrs, if set, replaces *all* other cookie attributes,
  including "; Path=/; Version=1" as well as the Domain= and Max-Age=
  attributes if usertrack.cookie-domain and usetrack.cookie-max-age set,
  so those should be part of usertrack.cookie-attrs if desired

  usertrack.cookie-name  = "TRACKID"    # (default)
  usertrack.cookie-attrs = "; Path=/; Version=1;; Max-Age=86400; Secure; HttpOnly"

  "mod_usertrack should have an option to set the 'Secure' and 'HttpOnly' flags on the cookie"
2017-02-27 12:16:32 -05:00
Glenn Strauss 544ccee5e1 [core] remove srv->entropy[]
unlikely to provide any real additional benefit as long as
PRNG has been appropriately initialized with random data
2016-12-09 01:40:46 -05:00
Glenn Strauss c64c2173ce [core] rename li_rand() to li_rand_pseudo_bytes()
to be more explicit that the result is pseudo-random data
and not cryptographically random.
2016-12-05 14:22:25 -05:00
Glenn Strauss 7f4e156e5f [core] rand.[ch] to use better RNGs when available
prefer RAND_pseudo_bytes() (openssl), arc4random() or jrand48(),
if available, over rand()

These are not necessarily cryptographically secure, but should be better
than rand()
2016-10-15 23:28:09 -04:00
Glenn Strauss e9c9f42564 remove long-deprecated, non-functional config opts 2016-07-16 16:11:51 -04:00
Glenn Strauss 47f3dbebe4 use li_[iu]tostrn() instead of li_[iu]tostr()
From: Glenn Strauss <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2016-04-01 17:38:26 +00:00
Glenn Strauss 8abd06a7ff consistent inclusion of config.h at top of files (fixes #2073)
From: Glenn Strauss <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2016-03-19 15:14:35 +00:00
Stefan Bühler c512345fa2 [config] check config option scope; warn if server option is given in conditional
From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-11-07 12:51:11 +00:00
Stefan Bühler 33cebeb0f7 fix segfaults in many plugins if they failed configuration
From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-05-14 09:38:33 +00:00
Stefan Bühler ad3e93ea96 Use buffer API to read and modify "used" member
- a lot of code tried to handle manually adding terminating zeroes and
  keeping track of the correct "used" count.
  Replaced all "external" usages with simple wrapper functions:
  * buffer_string_is_empty (used <= 1), buffer_is_empty (used == 0);
    prefer buffer_string_is_empty
  * buffer_string_set_length
  * buffer_string_length
  * CONST_BUF_LEN() macro
- removed "static" buffer hacks (buffers pointing to constant/stack
  memory instead of malloc()ed data)
- buffer_append_strftime(): refactor buffer+strftime uses
- li_tohex(): no need for a buffer for binary-to-hex conversion:
  the output data length is easy to predict
- remove "-Winline" from extra warnings: the "inline" keyword just
  supresses the warning about unused but defined (static) functions;
  don't care whether it actually gets inlined or not.

From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-02-08 19:10:44 +00:00
Stefan Bühler 6afad87d2e fix buffer, chunk and http_chunk API
* remove unused structs and functions
    (buffer_array, read_buffer)
  * change return type from int to void for many functions,
    as the return value (indicating error/success) was never checked,
    and the function would only fail on programming errors and not on
    invalid input; changed functions to use force_assert instead of
    returning an error.
  * all "len" parameters now are the real size of the memory to be read.
    the length of strings is given always without the terminating 0.
  * the "buffer" struct still counts the terminating 0 in ->used,
    provide buffer_string_length() to get the length of a string in a
    unset config "strings" have used == 0, which is used in some places
    to distinguish unset values from "" (empty string) values.
  * most buffer usages should now use it as string container.
  * optimise some buffer copying by "moving" data to other buffers
  * use (u)intmax_t for generic int-to-string functions
  * remove unused enum values: UNUSED_CHUNK, ENCODING_UNSET
  * converted BUFFER_APPEND_SLASH to inline function (no macro feature
  * refactor: create chunkqueue_steal: moving (partial) chunks into another
  * http_chunk: added separate function to terminate chunked body instead of
    magic handling in http_chunk_append_mem().
    http_chunk_append_* now handle empty chunks, and never terminate the
    chunked body.

From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2015-02-08 12:37:10 +00:00
Stefan Bühler 6f208cfde1 fix/silence bugs reported by ccc-analyzer (clang)
These should all be non critical:
 * memory leaks on startup in error cases (which lead to
   immediate shutdowns anyway)
 * http_auth/ldap: passing uninitialized "ret" to ldap_err2string
 * sizeof(T) not matching the target pointer in malloc/calloc calls;
   those cases were either:
   * T being the wrong pointer type - shouldn't matter as long as all
     pointers have same size
   * T being larger than the type needed
 * mod_accesslog: direct use after free in cleanup (server shutdown);
   could crash before "clean" shutdown
 * some false positives (mod_compress, mod_expire)
 * assert(srv->config_context->used > 0); - this is always the case,
   as there is always a global config block

From: Stefan Bühler <>

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2013-11-13 11:43:26 +00:00
Stefan Bühler 90dd8af32b Always use our 'own' md5 implementation, fixes linking issues on MacOS (fixes #2331)
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2011-07-30 09:16:03 +00:00
Stefan Bühler c66d21bc2b [md5] fix md5 includes if openssl is not available (#2269)
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2011-04-24 16:14:54 +00:00
Stefan Bühler 07ed8a269b mod_usertrack: Use T_CONFIG_INT for max-age, solves range problem (#1455)
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2009-10-12 09:35:01 +00:00
Stefan Bühler 22e8b456a9 Fix header inclusion order, always include "config.h" before any system header
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2009-10-11 14:31:42 +00:00
Stefan Bühler 7ad4792357 Add support for "real" entropy from /dev/[u]random (fixes #1977)
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2009-06-11 09:53:34 +00:00
Stefan Bühler 63f785a2f8 Added some extra warning options in cmake and fix the resulting warnings (unused/static functions)
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2009-03-07 21:05:37 +00:00
Stefan Bühler 52861d77df Replace buffer_{append,copy}_string with the _len variant where possible (#1732, thx crypt)

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2008-07-30 19:38:32 +00:00
Jan Kneschke 51826fc05c renamed ltostr() to LI_ltostr() to fix compile on HP/UX (fixes #465)
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2007-08-18 12:25:52 +00:00
Marcus Rückert 8cd1471cb3 - white space cleanup part 2 this time 1.4 ;)
i hope it helps with merging stuff back to 1.5

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2006-10-04 13:26:23 +00:00
Jan Kneschke a6d91904fc removed quotes around values
- that was against the RFC 2109
- it broke IE
- if fixes #486

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2006-01-31 13:06:21 +00:00
Jan Kneschke 62d8d1ef53 fixed md5 on 64bit platforms
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2005-11-17 14:39:07 +00:00
Jan Kneschke 976f32182e simplified buffer-encoding functions into one function
- all of them do some kind of string-to-hex conversion
  (html, rel-uri, hex)
- add a rel-uri encoding next to the old rel-uri-part one
- fixes #266

git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2005-11-07 13:15:51 +00:00
Jan Kneschke bac9212c8f fixed possible uninit variables of the config-parser fails (merged [183])
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2005-08-16 13:07:46 +00:00
Jan Kneschke 917bdbc1aa added usertrack.cooke-max-age, usertrack.cooke-domain (merged [176], [295])
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2005-08-08 10:19:02 +00:00
Jan Kneschke bcdc6a3bbc moved everything below trunk/ and added branches/ and tags/
git-svn-id: svn:// 152afb58-edef-0310-8abb-c4023f1b3aa9
2005-02-20 14:27:00 +00:00