Note: Under _WIN32, serious limitation in Windows APIs:
select() and WSAPoll() operate only on sockets (not pipes)
(directly affects mod_cgi; not currently handled)
remove redundant checks for tempfile chunk reuse
c->file.is_temp is only set if c->type == FILE_CHUNK is also true
The test for (0 == c->offset) is historical. Before the temporary files
were opened O_APPEND (or written to using pwrite()), the file offset may
have changed via lseek() if lighttpd had started reading the file to
send to the client. To avoid this, the (0 == c->offset) check was used
as a quick check to avoid continuing to write to a temporary file that
lighttpd had begun to read.
rename chunkqueue_get_append_tempfile()
-> chunkqueue_get_append_newtempfile()
pull some code from chunkqueue_append_mem_to_tempfile()
into smaller func for (new func) chunkqueue_get_append_tempfile(),
which might call into chunkqueue_get_append_newtempfile()
pull some code from chunkqueue_append_mem_to_tempfile()
into smaller func chunkqueue_append_tempfile_err()
to handle write errors with respect to removing empty chunk
and stepping to next configured tempdir
server.feature-flags += ("server.errorlog-high-precision" => "enable")
Note: if using syslog() for errorlog, modern syslog implementations are
configured separately (by an admin) for high precision timestamps;
server.feature-flags has no effect on syslog-generated timestamps
restructure some of log.c into smaller internal routines
keep a file-scoped global log_stderrh to write to STDERR_FILENO
so that an errh handle is always available for logging errors
fix missing space between timestamp and filename in errorlog output
(missing space in lighttpd 1.4.58 and lighttpd 1.4.59) (fixes #3105)
x-ref:
"missing ( in log lines from mod_auth"
https://redmine.lighttpd.net/issues/3105
separate internal control for backend max_per_read
When not streaming, large reads will be flushed to temp files on disk.
When streaming, use a smaller buffer to help reduce memory usage.
When not streaming, attempt to read and empty kernel socket bufs.
(e.g. MAX_READ_LIMIT 256k)
When writing to sockets (or pipes) attempt to fill kernel socket bufs.
(e.g. MAX_WRITE_LIMIT 256k)
file names tend to be much shorter than chunk_buf_sz
so using separate pool saves memory for large request and
response bodies where many temporary files are collected
HTTP/2 send GOAWAY soon after client timeout, before potentially
reading new stream requests, which will then have to be reset.
x-ref:
"Chrome gives random net::ERR_HTTP2_PROTOCOL_ERROR"
https://redmine.lighttpd.net/issues/3102
default backend "connect-timeout" to 8 seconds
Though this is is a behavior change where there previously was no
timeout, this is configurable by lighttpd.conf admin, and having a
default connection timeout of a fairly large value (8 seconds) puts
a (default) limit on resource usage waiting for socket connect().
x-ref:
"sockets disabled, out-of-fds with proxy module"
https://redmine.lighttpd.net/issues/3086
HTTP/2 send GOAWAY soon after keep-alive timeout, before potentially
reading new stream requests, which will then have to be reset.
x-ref:
"Chrome gives random net::ERR_HTTP2_PROTOCOL_ERROR"
https://redmine.lighttpd.net/issues/3102
reduce oversized memory allocations when reading from backends:
avoid extra power-2 allocation for 1 byte ('\0') when data
available to read is exactly power-2
(detect if client erroneously reuses stream id for a different request)
x-ref:
"Chrome gives random net::ERR_HTTP2_PROTOCOL_ERROR"
https://redmine.lighttpd.net/issues/3102
refuse excess streams only if would block DATA frames for active streams
(for excess streams received on initial connect, prior to receiving
SETTINGS ACK from client)
(thx flynn)
x-ref:
"Random TLS errors on established connections"
https://redmine.lighttpd.net/issues/3100
"Chrome 92, HTTP/2, fcgi, mutiple puts no response"
https://redmine.lighttpd.net/issues/3093
use shared temp buffer for preparing error log entries
(each error log entry is flushed to error log;
there is no persistent data buffering for error logs)
prefer per-request r->tmp_buf to per-module p->tmp_buf
to marginally increase buf reuse during each request.
(currently, r->tmp_buf == srv->tmp_buf)
(avoid some persistent memory allocations per-module,
as those are not currently cleared/released periodically)
(thx flynn)
clear buffer after backend dechunk if not sending chunked to client
x-ref:
"Memory fragmentation with HTTP/2 enabled"
https://redmine.lighttpd.net/issues/3084
remove redundant waitpid() on each backend
(performed each second during periodic maintenance)
Doing so is redundant with handle_waitpid hook since lighttpd 1.4.46
cgi.limits += ("tcp-fin-propagate" => "<signal>") (e.g. "SIGTERM")
send specified signal to CGI if TCP FIN is received from client
(default: do not send signal to CGI)
If chunkqueue size grows large enough in memory to use tempfiles,
write all MEM_CHUNK in chunkqueue to tempfiles to free up memory.
If earlier chunks in chunkqueue are MEM_CHUNK, then a prior attempt
to write was not able to proceed, or items are being added to
chunkqueue as they are decoded from TLS. In either case, choose to
free up memory sooner. This may result in some cases where lighttpd
soon reads data back from disk to send to the backend, but since some
(now all) of the data is in tempfiles, sendfile() will avoid reading
back into userspace, though sendfile() will not be used if lighttpd
needs to read data back into memory to encrypt data using TLS.
previously undocumented server.upload-temp-file-size in lighttpd 1.4.38
preceded introduction of lighttpd streaming options in lighttpd 1.4.40
(server.stream-request-body and server.stream-response-body)
init global config for server.bindhost and server.port after
initializing $SERVER["socket"] so that if bindhost and port matches
another $SERVER["socket"], the $SERVER["socket"] config is used,
as the $SERVER["socket"] config inherits from the global scope and
can the be overridden.
x-ref:
"Activate SSL with lighttpd on a Raspberry Pi"
https://stackoverflow.com/questions/68939760/activate-ssl-with-lighttpd-on-a-raspberry-pi
Preemptively cap the max number of arenas that might be created by glibc
Each thread attempts to use the previously-used arena.
lighttpd is single-threaded, so in general, only one arena is used.
x-ref:
"Memory fragmentation with HTTP/2 enabled"
https://redmine.lighttpd.net/issues/3084
Glenn Strauss