Commit Graph

2848 Commits

Author SHA1 Message Date
Glenn Strauss 85325d9c19 [mod_cgi] fix bug to properly exec interpreter
fix bug to properly exec interpreter when cgi handler is set

(thx stbuehler)
2017-08-12 03:11:20 -04:00
Glenn Strauss 8228273473 [mod_accesslog] flush access logs every 4 seconds 2017-08-10 06:46:49 -04:00
Glenn Strauss ca7a97f211 [core] workaround for AIX mmap define
AIX might #define mmap mmap64 and this conflicts with .mmap member
of struct chunk in chunk.h

  ".mmap in chunk.c on AIX 5.2"
2017-08-08 22:51:32 -04:00
Glenn Strauss b6bd4d3d94 [mod_extforward] PROXY proto and SSL_CLIENT_VERIFY
Use config directive extforward.hap-PROXY-ssl-client-verify = "enable"
to enable setting SSL_CLIENT_VERIFY, REMOTE_USER, and AUTH_TYPE using
information provided by HAProxy PROXY protocol.
2017-08-06 23:32:33 -04:00
Glenn Strauss 7ec74fe7b1 [core] warn if backend server config contains '_'
(detect a common config typo)
2017-08-06 23:32:25 -04:00
Glenn Strauss 19d2190a4f [core] set socket perms after bind, before listen
(it is still recommended to create sockets in protected directories)

  "Feature request: add server config for setting permissions on Unix domain socket"
2017-08-03 00:37:43 -04:00
Glenn Strauss 3c8afd194c [core] base_decls.h to quiet compiler warnings
quiet compiler warning for -Wtypedef-redefinition
(redefinition of typedef is a C11 feature)
2017-07-30 23:45:01 -04:00
Glenn Strauss 2e0f87c8a5 [core] add missing #include
(quiet compiler warning)
2017-07-30 23:28:07 -04:00
Glenn Strauss 6def094c23 [core] fix invalid sizeof() identified by coverity
and quiet other coverity warnings
2017-07-30 23:28:07 -04:00
Glenn Strauss c5865d4f0b [mod_cgi] add missing #include 2017-07-30 22:28:13 -04:00
Glenn Strauss cdfddce707 [mod_extforward] typo in comment 2017-07-30 12:24:01 -04:00
Glenn Strauss d4a37a3bbb [core] remove fdevent fcntl_set hook
(could have been removed in 2010 with commit 38f2d1dd
 which removed fdevent_linux_rtsig.c)
2017-07-29 00:36:48 -04:00
Glenn Strauss c23f8fdd6f [core] set one-shot mode fd O_NONBLOCK, FD_CLOEXEC
(thx citaylor)

2017-07-29 00:36:35 -04:00
Glenn Strauss 07e57e24c2 [mod_dirlisting] treat README and HEADER as paths (fixes #2818)
Treat README and HEADER as filepaths.  If absolute path, take as-is.
If relative path, then take relative to directory physical path.

This extends and
feature to take a filename, which was introduced in lighttpd 1.4.43

  "Custom HEADER and README filepaths in mod_dirlisting are treated as relative paths instead of absolute paths when file name starts with '/'"
2017-07-28 00:11:28 -04:00
Glenn Strauss 6e668bfe5f [core] forward SIGHUP only to lighttpd workers
(do not propagate SIGHUP to entire lighttpd process group,
 which might include other processes such as CGI, rrdtool,
 piped loggers, ...)
2017-07-27 23:09:12 -04:00
Glenn Strauss 477534084a [mod_wstunnel] websocket tunnel to other protocol

decodes websockets and passes body back and forth from backend
(body could be known protocol such as JSON, or any custom protocol)

originally based off
2017-07-25 02:29:23 -04:00
Glenn Strauss 889db409dc [core] add public domain SHA1() if no crypto
add public domain SHA1() if not linking with crypto lib

obtained from
 * Originally written by Steve Reid <>
 * Modified by Aaron D. Gifford <>
 * The original unmodified version is available at:
2017-07-25 02:07:49 -04:00
Glenn Strauss fad841d69b [core] do not remove pid-file in test mode
do not remove pid-file in test mode (whether test passes or fails)

(thx m4t)
2017-07-25 01:49:18 -04:00
Glenn Strauss 42ab331dc9 [core] consistent behavior w/ and w/o SA_SIGINFO
and consistent open of
2017-07-23 19:02:31 -04:00
Glenn Strauss 7bda136e5f [mod_webdav] PROPFIND getetag attr must match GET
PROPFIND getetag attr must match Etag response header from GET request

For consistency, make similar change in mod_ssi.

(thx ethoms)

  "mod_webdav: Etag in response differs between PROPFIND and GET"
2017-07-23 19:02:31 -04:00
Glenn Strauss adeec956c3 [core] restart piped loggers if they exit (fixes #1393)
  "access log pipe writer should restart child process if it exits"
2017-07-23 19:02:31 -04:00
Glenn Strauss 167cdc846c [core] reap lighttpd worker pids precisely
do not start another lighttpd worker if some other child process exits
(e.g. piped logger or dynamic backend fastcgi, scgi, proxy)
2017-07-23 19:02:31 -04:00
Glenn Strauss ad7d6a6b15 [core] fdevent_cycle_logger()
fdevent_cycle_logger() re-opens log files before closing existing fd
2017-07-23 19:02:31 -04:00
Glenn Strauss d742e43834 [doc] update README
remove RCSid tags
authors are listed in AUTHORS file
amend list of supported platforms (still incomplete)

...more changes are needed to update contents to current feature set
2017-07-23 19:02:31 -04:00
Glenn Strauss b50aa2df51 quell compiler warnings for -Wimplicit-fallthrough 2017-07-23 19:02:31 -04:00
Glenn Strauss d66cbe9577 [core] adaptive spawning for socket backend procs (fixes #1162)

enable adaptive spawning for socket backend processes

new feature will allow "min-procs" => "0" and will spawn a backend
upon receipt of a request, if no backends are currently running.
This may be useful on resource-limited systems where there is a
seldom-used resource-intensive backend, such as home router
configuration web pages.  The first request may be slower as the
backend is starting up, but then subsequent requests within
"idle-timeout" will hit the (temporarily) persistent backend for
faster responses.

  "Adaptive spawning with min-procs=>0"
2017-07-23 19:02:30 -04:00
Glenn Strauss 1836309209 [core] resolve DNS at startup for socket backends
resolve DNS at startup and use the first IP address returned by resolver

Note: use of IP addresses is recommended instead of using DNS names.
If DNS names are used, but DNS is slow or unavailable, then lighttpd
will either appear to hang at startup or will fail to start up.
2017-07-23 19:02:30 -04:00
Glenn Strauss 0beb8b89d8 [core] store sockaddr for socket backend procs
store struct sockaddr for socket backend procs at startup
2017-07-23 19:02:30 -04:00
Glenn Strauss b6d0818762 [core] spread load on socket backend procs
connection attempts in progress count towards proc load so that bursts
of new connections do not all queue for current least busy proc

(makes a difference only for local backends with more than one proc)
2017-07-23 19:02:29 -04:00
Glenn Strauss 45b970e69b [core] shared code for socket backends
common codebase for socket backends, based off mod_fastcgi with
some features added for mod_proxy

(mostly intended to reduce code duplication and enhance code isolation)

mod_fastcgi and mod_scgi can now use fastcgi.balance and scgi.balance
  for similar behavior as proxy.balance, but the balancing is per-host
  and not per-proc.  proxy.balance is also per-host and not per-proc.

mod_proxy and mod_scgi can now use and, similar to

mod_fastcgi behavior change (affects only mod_status):
- statistics tags have been renamed from "fastcgi.*" to "gw.*"
  "fastcgi.backend.*"       -> "gw.backend.*"
  "" -> ""
  ("fastcgi.requests" remains "fastcgi.requests")
  ("proxy.requests" is new)
  ("scgi.requests" is new)

mod_scgi behavior change (likely minor):
- removed scgi_proclist_sort_down() and scgi_proclist_sort_up().
  procs now chosen based on load as measured by num socket connnections

modules using gw_backend.[ch] are currently still independent modules.
If it had been written as a single module with fastcgi, scgi, proxy
implementations, then there would have been a chance of breaking some
existing user configurations where module ordering made a difference
for which module handled a given request, though for most people, this
would have made no difference.

Details about mod_fastcgi code transformations:
unsigned int debug -> int debug
fastcgi_env member removed from plugin_config
renamed "fcgi" and "fastcgi" to "gw", and "FCGI" to "GW"
reorganize routines for high-level and lower-level interfaces
some lower-level internal interfaces changed to use host,proc,debug
  args rather than knowing about higher-level (app) hctx and plugin_data
tabs->spaces and reformatting
2017-07-23 19:02:00 -04:00
Glenn Strauss 81b8fffd31 [mod_fastcgi,mod_scgi] use temp buffer for cgi_env 2017-07-15 22:42:15 -04:00
Glenn Strauss 6e1c02f386 [mod_fastcgi,mod_scgi] parse bin_path at startup 2017-07-15 22:42:15 -04:00
Glenn Strauss 35c4bf5857 [mod_fastcgi,mod_scgi] struct member consistency 2017-07-15 22:42:15 -04:00
Glenn Strauss 3ae7fb1bdd [mod_scgi] remove unused parse_response member 2017-07-15 22:42:15 -04:00
Glenn Strauss c0a9020935 [mod_fastcgi,mod_scgi] consistent connect() error
more consistent connect() error handling

NOTE: behavior change in mod_scgi:
  "disable-time" default is now 1 second (was 60 seconds)
  The new behavior matches the default in mod_fastcgi
  (and is a much saner default disable time).
2017-07-15 22:42:15 -04:00
Glenn Strauss d836c72751 [mod_fastcgi] move delayed connect() into switch()
move delayed connect() handling into switch()
2017-07-15 22:42:15 -04:00
Glenn Strauss d26837d509 [mod_fastcgi] set request_id in fcgi_create_env()
set hctx->request_id in fcgi_create_env()
2017-07-15 22:42:15 -04:00
Glenn Strauss 9cfa9dc3d4 [mod_fastcgi] consolidate connect() error handling 2017-07-15 22:42:15 -04:00
Glenn Strauss b65bdb5540 [mod_fastcgi] slightly simplify counters 2017-07-15 22:42:15 -04:00
Glenn Strauss c7492b6e0a [mod_proxy] store address family at config time 2017-07-15 22:42:15 -04:00
Glenn Strauss 9b9f445a7b [mod_proxy] move data_fastcgi into mod_proxy.c
(data_fastcgi is used only by mod_proxy at this point)
2017-07-15 22:42:15 -04:00
Glenn Strauss f3437fb2f2 [core] add const to reduce .data segment size 2017-07-15 22:42:15 -04:00
Glenn Strauss 91d14acfc3 [core] fdevent_connect_status() shared code 2017-07-15 22:42:15 -04:00
Glenn Strauss 143c6f34f5 [core] continue collecting use of netdb.h
continue collecting use of netdb.h into inet_ntop_cache.[ch]
2017-07-15 22:42:15 -04:00
Glenn Strauss 1002574692 [core] continue collecting use of netdb.h
continue collecting use of netdb.h into inet_ntop_cache.[ch]
2017-07-15 22:42:15 -04:00
Glenn Strauss 6a8de931ec [core] continue collecting use of netdb.h
continue collecting use of netdb.h into inet_ntop_cache.[ch]
2017-07-15 22:42:15 -04:00
Glenn Strauss 5248b46c95 [core] sock_addr_from_str_hints reusable name res
[core] sock_addr_from_str_hints() reusable name resolution func
2017-07-15 22:42:15 -04:00
Glenn Strauss 9e75b81982 [core] reduce exposure of unistd.h, other includes
reduce exposure of unistd.h, and some other include cleanup
2017-07-15 22:42:15 -04:00
Glenn Strauss 6691eb377e [core] add missing include of stdlib.h 2017-07-15 22:42:15 -04:00
Glenn Strauss cafb091cd4 [core] remove unused includes of stat_cache.h 2017-07-15 22:42:15 -04:00