Commit Graph

1927 Commits (b14e1f16f03a7f0360339d3c7aafb574d8d0778e)

Author SHA1 Message Date
Glenn Strauss 9b14e017c8 [mod_webdav] improve PROPFIND,PROPPATCH; map COPY/MOVE Destination
map COPY/MOVE Destination to aliases

Merge branch 'bug-1787-webdav-alias-destination' into master

github: closes #61
2016-05-02 23:49:49 -04:00
Glenn Strauss 80bb42266e [mod_webdav] improve PROPFIND,PROPPATCH (#1818, #1953)
fix "allprop" propfind request to report all 'live' properties
add "supportedlock" 'live' property, if ./configure --with-webdav-locks
report collections (directory) paths with trailing slash ('/') on path
redirect operations on collections without trailing slash ('/') to URI
  with trailing slash ('/')

fix PROPPATCH to work properly and eliminate PROPPATCH memory leak
fix property update after MOVE
move CREATE TABLE statements *before* any prepare statements to avoid
  invalidating the prepare statements when the tables are first created
  **thx Uranus Zhou for the explanation:

  "Improve DAV support to be able to handle git as a client"
  "add RFC-compliant LOCK support to mod_webdav"  (still not compliant)

Note: this has not been tested whether or not mod_webdav works with git
The (highly) recommended method to support git via HTTP is to use
git-http-backend via CGI.  gitolite and gitosis provide other good
alternative ways to access git.

This patch does result in more WebDAV 'Litmus' tests passing, even
though mod_webdav still pretends to implement "If" conditional locking,
granting locks to all requestors and not strictly enforcing locks.
2016-05-02 23:48:31 -04:00
Glenn Strauss e0115208ec [mod_webdav] map COPY/MOVE Destination to aliases (fixes #1787)
attempt to remap COPY/MOVE Destination to aliased physical paths
by finding common URI prefix between request URI and Destination
and finding how that part of the request URI was mapped to a
physical path.

This will work if the aliased physical path is above the webdav root.
It is not a good idea to remap physical paths within a webdav root.

Note: webdav paths and webdav properties are managed by mod_webdav,
      so do not modify paths externally or else undefined behavior
      or corruption may occur

  "Bug in mod_webdav when using aliases and MOVE command"
2016-05-02 23:48:31 -04:00
Glenn Strauss 3dc67b3004 [mod_status] add JSON output option (fixed #2432)
  "Adding JSON Output support to mod_status (patch)"
2016-05-02 23:45:18 -04:00
Glenn Strauss 4059dcd60e [mod_fastcgi,mod_scgi] IPv6 support (fixes #2372)
(similar to mod_proxy issue

  "mod_*cgi and ipv6 address"
  "mod_proxy + ipv6"

github: closes #60
2016-05-02 15:34:56 -04:00
Glenn Strauss 89379011df lighttpd run modes for idle timeout, one-shot
lighttpd -i <secs> shutdown after idle time limit (fixes #2696)
lighttpd -1 handles single request on stdin socket (fixes #1584)

Merge branch 'feature-2696-idle-shutdown' into master

github: closes #43
2016-05-02 15:29:58 -04:00
Glenn Strauss 1812f5541a [core] lighttpd -1 handles single request on stdin socket (fixes #1584)
(e.g. when called from xinetd)

Note: lighttpd is designed as a high performance, long-running server,
not a one-shot executable.  This one-shot mode of operation has not been
tuned for performance.  lighttpd server start-up and initialization aims
for correctness, not speed.  If using this one-shot mode as part of fork
and exec from xinetd, then performance is already not of high concern.

  "support for xinetd"
2016-05-02 15:29:33 -04:00
Glenn Strauss 6c35e38fe1 [network] separate addr trans from socket creation
separate addr translation from socket creation in network_server_init()
2016-05-02 15:29:33 -04:00
Glenn Strauss 06b87dee34 [core] cmd line opt to shutdown after idle time limit (fixes #2696)
-i <secs>  graceful shutdown after <secs> of inactivity

Option might be used with applications such as git instaweb.
While git instaweb does have command line options of its own
to [start,stop,restart], some may find it convenient to configure
git instaweb to start lighttpd with a default idle time limit,
after which lighttpd will gracefully shut itself down without
any further action from the user.

  "[PATCH] support -i <secs> idle timeout option"
  original request and patch submitted by mackyle.  thx.
2016-05-02 15:29:17 -04:00
Glenn Strauss a0a7b9fbf5 [mod_ssi, mod_cml] set DOCUMENT_ROOT to basedir (fixes #2383)
fixes inconsistency w/ mod_fastcgi, mod_scgi, mod_cgi change in adc97e5b

  "mod_alias: use alias directory as doc-root too"
  "mod_userdir doesn't set environment variable DOCUMENT_ROOT"
2016-05-02 14:31:36 -04:00
Glenn Strauss 0f7c068010 [doc] NEWS 2016-04-28 13:39:57 -04:00
Glenn Strauss 7841bab0ec [doc] add mimetype.use-xattr to
  "Migrate to definition of xattr mimetype"
2016-04-28 13:29:31 -04:00
Glenn Strauss 4edb65cfa1 [core] preserve PATH_INFO case on case-insensitive fs (fixes #406)
attempt to preserve PATH_INFO case even when the
URI is mapped onto a case-insensitive file system.

NTFS (Windows) is case-insensitive (even though it is case-preserving)
HFS+ (Mac OS X) can be formatted to be case-insensitive

  "... PATH_INFO ... improperly converted to lowercase"
2016-04-28 13:23:29 -04:00
Glenn Strauss 0fb91b026e minor: add missing #include <errno.h>
(needed by connections-glue.c when not building with openssl)
2016-04-28 13:20:34 -04:00
Glenn Strauss c46f0ce027 [core] fallback to write if sendfile not supported (fixes #471, #987)
  "sendfile backends do not fall back to write/writev if they are not supported by the kernel"

github: closes #58
2016-04-28 13:14:39 -04:00
Glenn Strauss b47c393e26 [mod_auth] skip blank lines and comment lines (fixes #2327)
  "Ignore comments and empty lines in ht{digest,passwd} files"
2016-04-28 13:13:43 -04:00
Glenn Strauss 8e3c6bf754 fallback to lseek()/read() if mmap() fails (#fixes 2666)
fallback to lseek()/read() if mmap() fails (#fixes 2666)
e.g. when mmap() is used on lighttpd-controlled temporary files
used POST request body (mod_cgi) and PUT file upload (mod_webdav)

replace use of stream_open() on potentially untrusted files
(protect against SIGBUS if a file is modified while map is read)
Note: stream.[ch] may be removed in a future release
For now, stream.[ch] will read entire file into memory if mmap fails
and so it should only be used on trusted files, e.g. config files.

http_auth basic and digest files are typically small and so buffered
stdio fopen(), fgets(), fclose() will likely be approximately as fast
as mmap.

mod_dirlisting header and readme files are typically small and so
open(), read(), close() will typically be approximately as fast as mmap

mod_ssi will likely be much faster, now buffering SSI page construction
rather than a potentially huge number of file open() calls, one for each
tiny chunk of text between SSI directives.

mod_webdav COPY and MOVE may be slower due to removal of mmap, but are
now more resilient to partial writes.

  "handle filesystems without mmap() support"
  "WebDAV upload-> mmap failed: operation not permitted"
  "Lighttpd 1.4.20 Crash (SIGBUS in mod_compress)"
  "Crash SIGBUS"

github: closes #57
2016-04-28 13:13:36 -04:00
Glenn Strauss c9b56735b8 [mod_compress] use mmap and trap SIGBUS (#2666, fixes #1879)
use mmap and trap SIGBUS in mod_compress
(if lighttpd build with --enable-mmap)

mod_compress has not used mmap since Feb 2012 (see #2391)

  "Lighttpd 1.4.20 Crash (SIGBUS in mod_compress)"
  "Crash SIGBUS"
  "handle filesystems without mmap() support"

github: closes #56
2016-04-28 13:11:15 -04:00
Glenn Strauss 3b6fd58fd9 [mod_webdav] lseek,read if fs can not mmap (#2666, fixes #962)
For uploaded files or other request body, fall back to
lseek(),read() if filesystem does not support mmap()

(mmap(), if supported, is utilized regardless of --enable-mmap
 since request body is either in memory or stored in temporary
 files controlled by lighttpd)

  "WebDAV upload-> mmap failed: operation not permitted"
  "handle filesystems without mmap() support"

github: closes #55
2016-04-28 13:10:35 -04:00
Glenn Strauss c380d22729 [mod_cgi,mod_fastcgi,mod_scgi] X-Sendfile features
[core] http_response_send_file() shared code (#2017)
[mod_fastcgi] use http_response_xsendfile()
  (fixes #799, fixes #851, fixes #2017, fixes #2076)
[mod_scgi] X-Sendfile feature (fixes #2253)
[mod_cgi] X-Sendfile feature (fixes #2313)

Merge branch 'feature-2017-http_response_send_file' into master

github: closes #59
2016-04-28 12:58:58 -04:00
Glenn Strauss 1f23ba9adf [mod_cgi] X-Sendfile feature (fixes #2313)
handle X-Sendfile with http_response_xsendfile() if
  cgi.x-sendfile = "enable"

  "X-sendfile support for mod_cgi"
2016-04-27 23:10:24 -04:00
Glenn Strauss 0a907c643b [mod_scgi] X-Sendfile feature (fixes #2253)
handle X-Sendfile with http_response_xsendfile() if host configured
  ( "x-sendfile" = "enable" )

  "scgi x-sendfile"
2016-04-27 23:10:24 -04:00
Glenn Strauss b9940f9856 [mod_fastcgi] use http_response_xsendfile() (fixes #799, fixes #851, fixes #2017, fixes #2076)
handle X-Sendfile and X-LIGHTTPD-send-file w/ http_response_xsendfile()
  if host is configured ( "x-sendfile" = "enable" )

Note: X-Sendfile path is url-decoded for consistency, like X-Sendfile2
      (response headers should be url-encoded to avoid tripping over
       chars allowed in filesystem but which might change response
       header parsing semantics)

Note: deprecated: "allow-x-send-file";         use "x-sendfile"
Note: deprecated: X-LIGHTTPD-send-file header; use X-Sendfile header
Note: deprecated: X-Sendfile2 header;          use X-Sendfile header
For now, X-Sendfile2 is still handled internally by mod_fastcgi.

Since http_response_send_file() supports HTTP Range requests,
X-Sendfile2 is effectively obsolete.  However, any code, e.g. PHP,
currently using X-Sendfile2 is probably manually generating 206 Partial
Content status and Range response headers.  A future version of lighttpd
might *remove* X-Sendfile2.  Existing code should be converted to use
X-Sendfile, which is easily done by removing all the special logic
around using X-Sendfile2, since the 206 Partial Content status and Range
response headers are handled in http_response_send_file().

  "mod_fastcgi + X-Sendfile -> mod_staticfile"
  "Feature Request: New option "x-send-file-docroot""
  "X-Sendfile handoff to mod-static-file in 1.4.x"
  "X-sendfile should be able to set content-type"
2016-04-27 23:10:24 -04:00
Glenn Strauss 4a51d2ab8c [core] http_response_send_file() shared code (#2017)
move code from mod_staticfile.c to http-header-glue.c to allow reuse
(includes ETag, Last-Modified headers, Range requests for static files)

operate on path arg instead of con->physical.path
skip Range requests if con->http_status already set >= 300
remove redundant calls to stat_cache_get_entry() handling Range requests

  "X-Sendfile handoff to mod-static-file in 1.4.x"
2016-04-25 15:41:46 -04:00
Glenn Strauss 8f255d35df [doc] NEWS 2016-04-25 01:53:19 -04:00
Glenn Strauss bed63b7962 [core] support IPv6 in $HTTP["remote-ip"] CIDR cond match (fixes #2706)
  "Matching IPv6 addresses with $HTTP["remoteip"]"

github: closes #52
2016-04-25 01:52:12 -04:00
Glenn Strauss a3d4aa9f23 server.error-handler new directive for error pages
Merge branch 'feature-2702-server.error-handler' into master
2016-04-25 01:51:11 -04:00
Glenn Strauss 27cbae9ccd [doc] add server.error-handler
add server.error-handler in doc/config/lighttpd.conf
2016-04-25 01:02:08 -04:00
Glenn Strauss b473220d69 set REDIRECT_URI in mod_rewrite, mod_magnet
set REDIRECT_URI in mod_rewrite, mod_magnet if request URI is modified
to differ from the original request URI.
2016-04-25 01:02:08 -04:00
Glenn Strauss dbdab5dbc9 [core] server.error-handler new directive for error pages (fixes #2702)
server.error-handler preserves HTTP status error code when error page
is static, and allows dynamic handlers to change HTTP status code
when error page is provided by dynamic handler.  server.error-handler
intercepts all HTTP status codes >= 400 except when the content is
generated by a dynamic handler (cgi, ssi, fastcgi, scgi, proxy, lua).
The request method is unconditionally changed to GET for the request
to service the error handler, and the original request method is
later restored (for logging purposes).  request body from the
original request, if present, is discarded.

server.error-handler is somewhat similar to server.error-handler-404,
but server.error-handler-404 is now deprecated, intercepts only 404
and 403 HTTP status codes, and returns 200 OK for static error pages,
a source of confusion for some admins.  On the other hand, the new
server.error-handler, when set, will intercept all HTTP status error
codes >= 400.  server.error-handler takes precedence over
server.error-handler-404 when both are set.

NOTE: a major difference between server.error-handler and the
now-deprecated server.error-handler-404 is that the values of the
non-standard CGI environment variables REQUEST_URI and REDIRECT_URI
have been swapped.  Since REDIRECT_STATUS is the original HTTP
status code, REDIRECT_URI is now the original request, and REQUEST_URI
is the current request (e.g. the URI/URL to the error handler).
The prior behavior -- which reversed REQUEST_URI and REDIRECT_URI values
from those described above -- is preserved for server.error-handler-404.

Additionally, REDIRECT_STATUS is now available to mod_magnet, which
continues to have access to request.uri and request.orig_uri.

See further discussion at

github: closes #36
2016-04-25 01:01:08 -04:00
Glenn Strauss 87b172e70e remove unused con->error_handler member
Also remove con->in_error_handler member since non-zero
con->error_handler_saved_status can be used as flag to
indicate the same thing
2016-04-25 01:01:08 -04:00
Glenn Strauss 5492063f35 [core] set REDIRECT_STATUS to error_handler_saved_status (fixes #1828)
set REDIRECT_STATUS to con->error_handler_saved_status in dynamic
handlers for PHP compiled with --force-redirect.  Set to "200"
if (0 == con->error_handler_saved_status)
(mod_cgi, mod_fastcgi, mod_scgi, mod_ssi)

FYI: setting REDIRECT_STATUS in con->environment allows access and
manipulation by mod_magnet.

  "REDIRECT_STATUS == 200 on 404 redirect"

github: closes #35
2016-04-25 01:00:06 -04:00
Glenn Strauss d7638b9b10 fix some warnings reported by static analysis tool
iterate over environ via array-index notation with char **ptr on stack
(instead of repeatedly re-accessing global 'environ')

check getsockname() return values including addrlen

[mod_dirlisting] pass buf size into http_list_directory_sizefmt()

github: resolves #48
2016-04-24 20:28:03 -04:00
Glenn Strauss 49c74fff65 [core] compile with upcoming openssl 1.1.0 release (fixes #2727)
(thx falemagn)

  "Won't compile with OpenSSL 1.1.0"
2016-04-24 20:28:03 -04:00
Glenn Strauss 4db255ca39 make (compile and link) cleanly under cygwin 2016-04-24 20:24:28 -04:00
Glenn Strauss 3888a1419e [doc] add ref to RFC 7232 for conditional requests 2016-04-24 20:24:28 -04:00
Glenn Strauss d0dc881d73 [doc] enhance error msg for backend server config
enhance error message for backend server config file parse
(fastcgi.server, scgi.server, proxy.server)

2016-04-24 20:24:28 -04:00
Glenn Strauss 8de5f41577 [doc] add mimetype.use-xattr to conf.d/mime.conf
  "Migrate to definition of xattr mimetype"
2016-04-24 20:24:28 -04:00
Glenn Strauss eb0cbb00ff improve dynamic handler control flow logic
Merge branch 'feature-dynamic-handler-control-flow'
2016-04-24 20:08:03 -04:00
Glenn Strauss 7c0f8a775d [mod_cgi] asynchronous send of request body to CGI
Like other dynamic handler in prior commit,
mod_cgi can read response before sending req body

mod_cgi no longer blocks sending request body to CGI
2016-04-18 06:19:04 -04:00
Glenn Strauss 2f21aaa973 handlers can read response before sending req body (fixes #131, #2566)
dynamic handlers mod_fastcgi, mod_scgi, and mod_proxy can now read
response from backend prior to finishing sending request body.

If the backend closes the connections (or shuts down socket write
end so that lighttpd read() 0 to indicate EOF), then lighttpd will
abort attempting to send request body to backend.

  "mod_fastcgi should handle "quick" responses"
2016-04-18 06:19:04 -04:00
Glenn Strauss 7f942ce09a remove handle_joblist hook
remove handle_joblist hook and remove the hooks defined in
mod_fastcgi and mod_scgi.  The calls made to fdevent management
are redundant.  If the calls were actually needed, then
mod_proxy would have needed a handle_joblist handler, too.
2016-04-18 06:19:03 -04:00
Glenn Strauss 4b0c822ed0 always poll for client POLLHUP/POLLERR events (fixes #399)
to detect client disconnect.  Do so even when waiting on backend,
and not polling for POLLRD or POLLWR on client connection.

This reduces unnecessary load on backends when backends are slow
to respond and client has given up waiting.

  FastCGI performance on high load
2016-04-18 06:19:03 -04:00
Glenn Strauss 8f27ff8cd4 defer reading request body until handle subrequest
read request body in dynamic handlers supporting request body
(mod_cgi, mod_fastcgi, mod_proxy, mod_scgi, mod_webdav)

(In the future, each dynamic handler might choose whether or not to
 buffer request body or to stream request body to backend as request
 body is received.)

modify mod_webdav to mark request in handle_physical hook, and move
the main logic to handle_subrequest hook, where the main logic is
for other dynamic handlers.
2016-04-18 06:19:03 -04:00
Glenn Strauss 635ab6f802 mv funcs from connections.c to connections-glue.c

no code changes besides making connection_handle_read() public
(by removing 'static' and adding to connections.h)
2016-04-18 06:19:03 -04:00
Glenn Strauss c263bc6a11 defer reading request body until handle subrequest (fixes #2541)
read request body right before calling subrequest handler,
allowing request to be handled prior to reading request body,
e.g. to send 401 Unauthorized response when authentication is required

(In the future, this might move into each dynamic handler which supports
 request body (mod_cgi, mod_fastcgi, mod_proxy, mod_scgi, mod_webdav) so
 that each dynamic handler can choose whether or not to buffer request
 body or to stream request body to backend as request body is received.)

keep-alive is disabled if request body has not been completely read
prior to sending response

  "HTTP 401 Unauthorized only sent back after full POST request is read"
2016-04-18 06:19:03 -04:00
Glenn Strauss bbbbfb3de0 untangle overly complex control flow logic
for dynamic handlers mod_cgi, mod_fastcgi, mod_scgi, mod_proxy
(mod_cgi control flow logic simplification began in a prior commit)

- connection state machine calls the subrequest handler
- subrequest handler sets up the connection to the backend
  and registers fdevent handler to handle backend events
- fdevent handler handles backend events and then schedules
  a call to connection state machine
- when retrying an alternate backend, backend state is reset
  and then response state is reset so that the connection state
  machine will call back into the subrequest handler to retry

Dynamic handlers no longer directly modify connection state
(calls to connection_set_state() from dynamic handlers were removed)

Dynamic handlers no longer reset con->physical.path, and they
preserve con->mode when retrying alternate backends.  This is done
to skip repeated processing in response.c:http_response_prepare()

While this patch increases consistency in control flow handling,
there is more work to be done that can further improve upon this.

  "handle-req time too long"
2016-04-18 06:19:03 -04:00
Glenn Strauss 77bd45121c [core] retry tempdirs on partial write, ENOSPC (fixes #2588)
Previous code would fail on partial write, EINTR, and ENOSPC.
Upon any of the above errors, this patch tries next tempdir in list,
if list of tempdirs provided by config option server.upload-dirs

  "Problem when uploading large files"

Closes #54
2016-04-18 04:30:55 -04:00
Glenn Strauss 71ed1912c7 [config] server.listen-backlog option (fixes #1825, #2116)
See doc/config/lighttpd.conf for explanation of listen() backlog queue

Additionally, mod_fastcgi and mod_scgi backend servers can now also be
configured with separate listen-backlog settings per server

  "add server.listen-backlog option instead of hard-coded value (128 * 8) for listen()"
  "Don't disable backend when overloaded"

Closes #50
2016-04-18 04:29:28 -04:00
Glenn Strauss a65c57a548 [core] open fd when appending file to cq (fixes #2655)
http_chunk_append_file() opens fd when appending file to chunkqueue.
Defers calculation of content length until response is finished.

This reduces race conditions pertaining to stat() and then (later)
open(), when the result of the stat() was used for Content-Length
or to generate chunked headers.

Note: this does not change how lighttpd handles files that are modified
in-place by another process after having been opened by lighttpd --
don't do that.  This *does* improve handling of files that are
frequently modified via a temporary file and then atomically renamed
into place.

mod_fastcgi has been modified to use http_chunk_append_file_range() with
X-Sendfile2 and will open the target file multiple times if there are
multiple ranges.

Note: (future todo) not implemented for chunk.[ch] interfaces used by
range requests in mod_staticfile or by mod_ssi.  Those uses could lead
to too many open fds.  For mod_staticfile, limits should be put in place
for max number of ranges accepted by mod_staticfile.  For mod_ssi,
limits would need to be placed on the maximum number of includes, and
the primary SSI file split across lots of SSI directives should either
copy the pieces or perhaps chunk.h could be extended to allow for an
open fd to be shared across multiple chunks.  Doing either of these
would improve the performance of SSI since they would replace many file
opens on the pieces of the SSI file around the SSI directives.

  "Serving a file that is getting updated can cause an empty response or incorrect content-length error"

Closes #49
2016-04-18 04:27:08 -04:00