Commit Graph

4022 Commits

Author SHA1 Message Date
Glenn Strauss 4ccd86f981 [core] allocate initial request pool w/ srv->conns
allocate reusable h2 request pool when initial srv->conns pool allocated
2021-08-27 02:16:53 -04:00
Glenn Strauss 1cd73b08a6 [core] move backtrace and assert macros to ck.[ch] 2021-08-27 02:16:53 -04:00
Glenn Strauss 4e5b822b16 [mod_magnet] cache script objects at config time
always check at least mtime and size to trigger script reload
2021-08-27 02:16:53 -04:00
Glenn Strauss f490078d0f [multiple] buffer_copy_string_len_lc()
convenience wrapper combining
and making a single pass over string
2021-08-27 02:16:53 -04:00
Glenn Strauss 8c5acaae3c [core] lowercase r->http_host, r->uri.authority
always lowercase r->http_host, r->uri.authority for consistency
2021-08-27 02:16:53 -04:00
Glenn Strauss 84fa4b8d1b [core] buffer_realloc() using power-2 realloc 2021-08-27 02:16:53 -04:00
Glenn Strauss caff799ccb [build] look for port.h on Solaris, not sys/port.h 2021-08-27 02:16:53 -04:00
Glenn Strauss 0f90a9e320 [core] reduce memcmp in http_request_parse_header
extend http_header_parse_ctx to support enum http_header_h2_e
HTTP/2 pseudo-headers in hpctx->id before using memcmp()
2021-08-27 02:16:53 -04:00
Glenn Strauss 5beee8b2d4 [core] buffer_path_simplify() quick(er) path
scan to detect (potential) need for path simplification
(repeated '/' or "/.") before copying each char in string
2021-08-27 02:16:53 -04:00
Glenn Strauss 1f161bda1f [build] look for memcpy and define HAVE_MEMCPY
(HAVE_MEMCPY checked by ancient MD5 implementation in algo_md5.c)
2021-08-27 02:16:53 -04:00
Glenn Strauss 56e2881c36 [mod_auth] refactor mod_auth_check_basic()
refactor mod_auth_check_basic()
- use stack for base64-decoded username:password, and limit to 1k
2021-08-27 02:16:53 -04:00
Glenn Strauss 20c56cecc3 [mod_auth] refactor mod_auth_check_digest()
refactor mod_auth_check_digest()
- smaller functions
- collect parsed Authorization header into http_auth_digest_params_t
- use string references rather than copying and modifying Authorization
2021-08-27 02:16:53 -04:00
Glenn Strauss 60b773a6cb [mod_authn_dbi] copy strings before escaping
dbi_conn_escape_string_copy() requires '\0'-terminated string.
While that is currently the case for strings in http_auth_info_t,
that will soon change, so consumers must use ai->username with ai->ulen,
and ai->realm with ai->rlen
2021-08-27 02:16:53 -04:00
Glenn Strauss 870b0c1343 [mod_auth] mod_auth_algorithm_parse() w/ algo len
mod_auth_algorithm_parse() now takes an additional arg: algorithm strlen
2021-08-27 02:16:53 -04:00
Glenn Strauss c841ce3b0b [mod_auth] mod_auth_digest_get()
create func mod_auth_digest_get() with code pulled from
mod_auth_check_digest(), and have mod_auth_check_digest()
call mod_auth_digest_get()
2021-08-27 02:16:53 -04:00
Glenn Strauss c987bec18e [multiple] use <algo>_iov() digest funcs
reduce code duplication
make it easier to add new algos

- leverage r->tmp_buf instead of temporary allocating buffer_init()
- mod_authn_file_htpasswd_basic()
  - compare binary SHA1 (shorter) rather than base64 (longer)
  - split crypt() from mod_authn_file_htpasswd_basic() to separate func
  - apr_md5_encode() modifications for slightly better performance
2021-08-27 02:16:53 -04:00
Glenn Strauss 396a923066 [core] li_base64_dec()
(make public in base64.h, like li_base64_enc())
2021-08-27 02:16:53 -04:00
Glenn Strauss db4af125c0 [core] add iovec wrappers to sys-crypto-md.h 2021-08-27 02:16:53 -04:00
Glenn Strauss ffc7a0bfd8 [mod_auth] merge some repeated code; code reuse 2021-08-27 02:16:53 -04:00
Glenn Strauss d22e94ac88 [core] clear etag in stat_cache_get_entry_open()
clear etag in stat_cache_get_entry_open() after opening file
(in case a different caller used stat_get_get_entry() and then file
changed before being opened)
2021-08-27 02:16:53 -04:00
Glenn Strauss 2d898bf9a9 [mod_magnet] sync script load w/ stat_cache
read file and use luaL_loadbuffer()
eliminate TOC-TOU race w/ independent stat() in stat_cache_get_entry()

restructure script_cache_get_script() into smaller funcs
2021-08-27 02:16:53 -04:00
Glenn Strauss e86dba5468 [mod_magnet] inline name and etag buffers in cache
also mark cache init and cache free funcs as cold
2021-08-27 02:16:53 -04:00
Glenn Strauss d5366c0aee [core] request_config_reset()
move configfile.c:config_reset_config()
  to reqpool.c:request_config_reset()
2021-08-27 02:16:53 -04:00
Glenn Strauss d38d5b4b48 [core] gw_host_get() comment out devel debugging
gw_host_get() comment out devel debugging trace
use variables within smaller scopes
2021-08-27 02:16:53 -04:00
Glenn Strauss b33d779865 [core] calculate backend host gw_hash at startup
- calculate backend host gw_hash at startup
- modify hash calculation at runtime to combine xor bits
  for hash value used in balancing selection
2021-08-27 02:16:53 -04:00
Glenn Strauss af3df29ae8 [multiple] reduce redundant NULL buffer checks
This commit is a large set of code changes and results in removal of
hundreds, perhaps thousands, of CPU instructions, a portion of which
are on hot code paths.

Most (buffer *) used by lighttpd are not NULL, especially since buffers
were inlined into numerous larger structs such as request_st and chunk.

In the small number of instances where that is not the case, a NULL
check is often performed earlier in a function where that buffer is
later used with a buffer_* func.  In the handful of cases that remained,
a NULL check was added, e.g. with r->http_host and r->conf.server_tag.

- check for empty strings at config time and set value to NULL if blank
  string will be ignored at runtime; at runtime, simple pointer check
  for NULL can be used to check for a value that has been set and is not
  blank ("")
- use buffer_is_blank() instead of buffer_string_is_empty(),
  and use buffer_is_unset() instead of buffer_is_empty(),
  where buffer is known not to be NULL so that NULL check can be skipped
- use buffer_clen() instead of buffer_string_length() when buffer is
  known not to be NULL (to avoid NULL check at runtime)
- use buffer_truncate() instead of buffer_string_set_length() to
  truncate string, and use buffer_extend() to extend

Examples where buffer known not to be NULL:
  - cpv->v.b from config_plugin_values_init is not NULL if T_CONFIG_BOOL
    (though we might set it to NULL if buffer_is_blank(cpv->v.b))
  - address of buffer is arg (&foo)
    (compiler optimizer detects this in most, but not all, cases)
  - buffer is checked for NULL earlier in func
  - buffer is accessed in same scope without a NULL check (e.g. b->ptr)

internal behavior change:
  callers must not pass a NULL buffer to some funcs.
  - buffer_init_buffer() requires non-null args
  - buffer_copy_buffer() requires non-null args
  - buffer_append_string_buffer() requires non-null args
  - buffer_string_space() requires non-null arg
2021-08-27 02:16:53 -04:00
Glenn Strauss 937d83b6cf [core] inline fam_dir_entry buffer 'name' member 2021-08-27 02:16:53 -04:00
Glenn Strauss 28804e8c80 [core] comment out unused part of http_etag_remix
note: etag buffer etag->ptr might be NULL (etag->used = etag->sze = 0)
so buffer will need to be extended, not truncated, in that case.
buffer_string_set_length() is typically used to truncate strings.
2021-08-27 02:16:53 -04:00
Glenn Strauss 7cd984c51d [core] adjust buffer use for hdr name for lshpack 2021-08-27 02:16:53 -04:00
Glenn Strauss a8b5ad2b5c [core] tweaks writing response header (better asm) 2021-08-27 02:16:53 -04:00
Glenn Strauss db853f9c05 [core] sock_addr_from_buffer_hints_numeric unused
comment out sock_addr_from_buffer_hints_numeric(); currently unused
2021-08-27 02:16:53 -04:00
Glenn Strauss 66626315ba [TLS] reset stek_rotate_ts if clock moves backward
reset stek_rotate_ts if clock moves backwards > 28800 seconds

  "Lighttpd 1.4.58 SSL connections stop working if system time of lighttpd server is changed to future one (+12h or even days)"
2021-08-27 02:16:53 -04:00
Glenn Strauss f8bd028dc0 [core] http_header_hkey_get() perf (better asm) 2021-08-27 02:16:53 -04:00
Glenn Strauss fbefda3524 [build] MacOS linker compat 2021-08-27 02:16:53 -04:00
Glenn Strauss bb1d35dc17 [build] autoupdate; still autoconf 2.60 compatible 2021-08-27 02:16:53 -04:00
Glenn Strauss 0507c82204 [build] adjustments for autotools on Mac OS X
(mod_auth_api.c would be part of mod_auth.c
 and mod_vhostdb_api.c would be part of mod_vhostdb.c
 if not for MacOS)

MacOS modules can link against .dylib, but not against other modules
MacOS link with -module produces a .so, which lighttpd uses
MacOS link without -module procudes a .dylib,
  but name *must* have prefix "lib...",
  which lighttpd "mod_*" do not have.

Other lighttpd build configs (CMake, SCONS, meson) might not work
on MacOS.  Patches (which do not make a huge mess of things) welcome.
2021-08-27 02:16:53 -04:00
Glenn Strauss c8820d2ecc [core] code reuse with array_match_value_prefix()
use array_match_value_prefix() when checking xdocroot
2021-08-27 02:16:53 -04:00
Glenn Strauss 1553dc7be8 [core] reduce repeated work in http_cgi_headers()
save string lengths for reuse
remove trailing slash from strip_request_uri at config time
2021-08-27 02:16:53 -04:00
Glenn Strauss 27b8f1d0b9 [core] compare entire "/bin/sh" "-c" after execve
compare entire "/bin/sh" "-c" strings after execve if execve fails
2021-08-27 02:16:53 -04:00
Glenn Strauss 4a246a8754 [TLS] write_cq_ssl defer remove_finished_chunks
not expecting 0-length chunks, but handle within loops as cold path

mark some cold paths in read_cq_ssl and write_cq_ssl callback funcs
2021-08-27 02:16:53 -04:00
Glenn Strauss 8b96169b68 [core] buffer_commit() optim; better asm 2021-08-27 02:16:53 -04:00
Glenn Strauss 6e6e8baae4 [core] connection_handle_read_state mark hot case
expect common case to receive completed set of headers
(e.g. from a TLS record or a non-TLS packet containing small header)
2021-08-27 02:16:52 -04:00
Glenn Strauss 01fdccd85a [core] network_write prefer writev() over write()
When writev() is available, always use writev() instead of write()
(Silently ignores config option to use write() if writev() is available)
(Still uses sendfile() instead of writev() when config selects sendfile)
2021-08-27 02:16:52 -04:00
Glenn Strauss c5dd8905e1 [core] network_write optimizations
more shared code, better asm
2021-08-27 02:16:52 -04:00
Glenn Strauss 41916b58de [core] return entry from array_insert_data_at_pos
(for convenience and to save a couple asm instructions)
2021-08-27 02:16:52 -04:00
Glenn Strauss cc8e710710 [core] make insert_dup an optional array method
make insert_dup an optional array method in data_methods
(currently used only for merging strings of type data_string)
2021-08-27 02:16:52 -04:00
Glenn Strauss 29b9735338 [mod_secdownload] include algo_hmac.c in mod
algo_hmac.c used only with mod_secdownload,
so include algo_hmac.c in mod_secdownload instead of lighttpd executable
2021-08-27 02:16:52 -04:00
Glenn Strauss 07aa7eedcc [core] comment out ck_getenv_s() (unused)
ck_getenv_s() not currently used in lighttpd;
lighttpd process env is stable
2021-08-27 02:16:52 -04:00
Glenn Strauss 0fd8918777 [mod_vhostdb*] rename http_vhostdb->mod_vhostdb_api
rename http_vhostdb.[ch] -> mod_vhostdb_api.[ch]
2021-08-27 02:16:52 -04:00
Glenn Strauss 3538f8f2a4 [mod_auth*] rename http_auth.* -> mod_auth_api.*
rename http_auth.[ch] -> mod_auth_api.[ch]
2021-08-27 02:16:52 -04:00