read request body in dynamic handlers supporting request body
(mod_cgi, mod_fastcgi, mod_proxy, mod_scgi, mod_webdav)
(In the future, each dynamic handler might choose whether or not to
buffer request body or to stream request body to backend as request
body is received.)
modify mod_webdav to mark request in handle_physical hook, and move
the main logic to handle_subrequest hook, where the main logic is
for other dynamic handlers.
read request body right before calling subrequest handler,
allowing request to be handled prior to reading request body,
e.g. to send 401 Unauthorized response when authentication is required
(In the future, this might move into each dynamic handler which supports
request body (mod_cgi, mod_fastcgi, mod_proxy, mod_scgi, mod_webdav) so
that each dynamic handler can choose whether or not to buffer request
body or to stream request body to backend as request body is received.)
keep-alive is disabled if request body has not been completely read
prior to sending response
x-ref:
"HTTP 401 Unauthorized only sent back after full POST request is read"
https://redmine.lighttpd.net/issues/2541
instead of looping over all config blocks for each conditional var that
gets enabled, enable them all and run over them once.
Right now it seems we actually set all variables at once in normal
config handling (SNI only sets a subset); future modifications
might introduce new variables which are activated at a later stage
(physical path related for example).
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3083 152afb58-edef-0310-8abb-c4023f1b3aa9
- a lot of code tried to handle manually adding terminating zeroes and
keeping track of the correct "used" count.
Replaced all "external" usages with simple wrapper functions:
* buffer_string_is_empty (used <= 1), buffer_is_empty (used == 0);
prefer buffer_string_is_empty
* buffer_string_set_length
* buffer_string_length
* CONST_BUF_LEN() macro
- removed "static" buffer hacks (buffers pointing to constant/stack
memory instead of malloc()ed data)
- buffer_append_strftime(): refactor buffer+strftime uses
- li_tohex(): no need for a buffer for binary-to-hex conversion:
the output data length is easy to predict
- remove "-Winline" from extra warnings: the "inline" keyword just
supresses the warning about unused but defined (static) functions;
don't care whether it actually gets inlined or not.
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2979 152afb58-edef-0310-8abb-c4023f1b3aa9
* removed almost all usages of buffer as "memory" (without terminating
zero)
* refactored cgi variable name encoding
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2977 152afb58-edef-0310-8abb-c4023f1b3aa9
Although those were "easy" to use, they violated the abstraction:
content of the chunkqueue should only be modified via the API.
Replace with chunkqueue_get_memory() and chunkqueue_use_memory() for
functions that read data from network (reusing large buffers),
chunkqueue_steal_with_tempfiles() to store request bodies on disk
temporarily.
Modules that were generating content and need a buffer maintain the
buffer manually (have to be careful to free the buffer on errors, as
it isn't part of the chunkqueue yet).
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2976 152afb58-edef-0310-8abb-c4023f1b3aa9
* remove unused structs and functions
(buffer_array, read_buffer)
* change return type from int to void for many functions,
as the return value (indicating error/success) was never checked,
and the function would only fail on programming errors and not on
invalid input; changed functions to use force_assert instead of
returning an error.
* all "len" parameters now are the real size of the memory to be read.
the length of strings is given always without the terminating 0.
* the "buffer" struct still counts the terminating 0 in ->used,
provide buffer_string_length() to get the length of a string in a
buffer.
unset config "strings" have used == 0, which is used in some places
to distinguish unset values from "" (empty string) values.
* most buffer usages should now use it as string container.
* optimise some buffer copying by "moving" data to other buffers
* use (u)intmax_t for generic int-to-string functions
* remove unused enum values: UNUSED_CHUNK, ENCODING_UNSET
* converted BUFFER_APPEND_SLASH to inline function (no macro feature
needed)
* refactor: create chunkqueue_steal: moving (partial) chunks into another
queue
* http_chunk: added separate function to terminate chunked body instead of
magic handling in http_chunk_append_mem().
http_chunk_append_* now handle empty chunks, and never terminate the
chunked body.
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2975 152afb58-edef-0310-8abb-c4023f1b3aa9
con->conf.is_ssl got removed and replaced by:
* con->conf.ssl_enabled for the config var "ssl.engine" - it is only
used to determine which server-sockets should use ssl. (usually not
needed as it is mandatory and enough to set ssl.pemfile anyway)
* con->srv_socket->is_ssl to detect the actual ssl status of the
bound socket, which is the same as the ssl status of the connection
* con->uri.scheme for the actual $HTTP["scheme"] value, also used for
the CGI "HTTPS=ON" variable. This defaults to "https" if the
connection uses ssl, but can be changed for example by mod_extforward
if X-Forwarded-Proto: is set to either "http" or "https" (other values
are ignored right now)
Also removed the broken srv_socket->is_proxy_ssl as it was a connection
value in a server_socket struct...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2887 152afb58-edef-0310-8abb-c4023f1b3aa9
* should fix alias handling for "/foo" => "/var/www/";
http://example.com/foo should result in a redirect to
http://example.com/foo/
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2720 152afb58-edef-0310-8abb-c4023f1b3aa9
- Lot of regressions (we forgot to reencode the result)
- Generic problem: after decode and rewrite "a?b?c": which '?' was the path?query seperator?
- Possible solution: only decode printable characters (without '?'), and encode the result; do not encode the '%' of a not decoded character.
- Still a problem with path simplifying, it seems many people use urls like this: http://server1/http%3a//server2/xxx
and rewrite the path into the querystring.
- Probably only usable with an extra config option
=> Do NOT use rewrite/redirect to protect specific urls.
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2362 152afb58-edef-0310-8abb-c4023f1b3aa9
i hope it helps with merging stuff back to 1.5
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1371 152afb58-edef-0310-8abb-c4023f1b3aa9
Glenn Strauss
Stefan Bühler
Xuefer
Elan Ruusamäe
Jan Kneschke