Commit Graph

3143 Commits

Author SHA1 Message Date
Glenn Strauss 9bb01a49df [core] check if splay_tree NULL before invalidate 2019-05-08 00:54:52 -04:00
Glenn Strauss 003fd0f8c3 [core] store log_state_handling flag on stack 2019-05-07 20:14:50 -04:00
Glenn Strauss b0ae5fcbcd [core] support weak etags with If-None-Match
support weak etags with If-None-Match

(but require strong etags for Range requests)
2019-05-06 01:13:58 -04:00
Glenn Strauss 1a325a196c [mod_openssl] use SSL_CTX_set_client_hello_cb()
use SSL_CTX_set_client_hello_cb() when available

(obsoletes SSL_CTX_set_tlsext_servername_callback()
 and SSL_CTX_set_tlsext_servername_arg())
2019-05-06 01:13:58 -04:00
Glenn Strauss 52c489837f [build] detect FreeBSD elftc_copyfile() 2019-05-05 23:05:02 -04:00
Glenn Strauss ec94594504 [scons] help scons on FreeBSD find sys/event.h 2019-05-05 23:05:02 -04:00
Glenn Strauss 3abbb8dc4b [cmake] help cmake on FreeBSD find sys/event.h
sys/event.h does not compile standalone, so check_include_files() fails

Add compiler flags -include sys/types.h so that the compile check passes

This allows cmake builds on FreeBSD to detect and use kqueue.
2019-05-05 03:02:01 -04:00
Glenn Strauss d836d20317 [stat_cache] fix compilation error for cmake 2019-05-04 18:16:01 -04:00
Glenn Strauss 1cf68f79eb [core] behavior change: stricter URL normalization
behavior change: stricter URL normalization

Prior behavior can be obtained by configuring lighttpd.conf with:
      server.http-parseopts = (“url-normalize” => “disable” )
although this is not recommended.

This behavior change was pre-announced with the releases of
  lighttpd 1.4.52 (2018.11.28)
  lighttpd 1.4.53 (2019.01.27)

The recommended settings are:
      server.http-parseopts = (
        "header-strict"            => "enable",
        "host-strict"              => "enable",
        "host-normalize"           => "enable",
        "url-normalize"            => "enable",
        "url-normalize-unreserved" => "enable",
        "url-normalize-required"   => "enable",
        "url-ctrls-reject"         => "enable",
        "url-path-2f-decode"       => "enable",
        "url-path-backslash-trans" => "enable",
        "url-path-dotseg-remove"   => "enable",
        "url-query-20-plus"        => "enable"

The lighttpd defaults with this commit are slightly less strict:
      server.http-parseopts = (
        "header-strict"            => "enable",
        "host-strict"              => "enable",
        "host-normalize"           => "enable",
        "url-normalize"            => "enable",
        "url-normalize-unreserved" => "enable",
       #"url-normalize-required"   => "enable",
        "url-ctrls-reject"         => "enable",
        "url-path-2f-decode"       => "enable",
       #"url-path-backslash-trans" => "enable",
        "url-path-dotseg-remove"   => "enable",
       #"url-query-20-plus"        => "enable"
2019-05-04 17:48:04 -04:00
Glenn Strauss 49e9f0acdc [doc] highlight relevance of module load order (fixes #2946)
  "modules.conf order unhelpful (setenv vs. redirect)"
2019-05-04 17:10:35 -04:00
Glenn Strauss 77c2883da9 [mod_webdav] quiet coverity warnings 2019-05-04 16:36:10 -04:00
Glenn Strauss 84db583e3e [stat_cache] FAM: whitespace-only change
whitespace-only changes in stat_cache_handle_fdevent_in()
2019-05-04 16:36:10 -04:00
Glenn Strauss 60a4b5f118 [stat_cache] FAM: separate routine for FDEVENT_IN 2019-05-04 16:36:10 -04:00
Glenn Strauss 8cc189f4c6 [stat_cache] FAM: improve monitoring, cache 16 sec
improve FAM monitoring to use reference counting in internal cache

revalidate entries upon use after 16 sec to recover from missed events

(see comments in commit for more details about limitations)
2019-05-04 16:36:10 -04:00
Glenn Strauss f56800e86a [stat_cache] no longer stat() and open() for stat
do not open file in stat_cache_get_entry()
no longer stat() followed by open() and close() just for stat()

callers should open() file to validate readability (and then reuse fd)
2019-05-04 13:48:22 -04:00
Glenn Strauss 44156bbe81 [multiple] open target file earlier in some cases
open target file earlier in some cases to validate readability
2019-05-04 13:48:22 -04:00
Glenn Strauss 470a692211 [core] http_chunk_append_file_fd() 2019-05-04 13:48:22 -04:00
Glenn Strauss 8f0adfe043 [core] emit trace using path before clearing path 2019-05-04 13:48:22 -04:00
Glenn Strauss 61e8d799f0 [scons] adjustment for static build under CentOS
  "Trying to compile under CentOS 6.10"
2019-05-04 13:48:22 -04:00
Glenn Strauss 338c73fd28 [core] use high precision stat timestamp in etag
use high precision stat timestamp (on systems where available) in etag
2019-05-04 13:48:22 -04:00
Glenn Strauss 311f258ab3 [mod_webdav] update stat_cache after file mod
update stat_cache entries after file modifications (PUT)
invalidate stat_cache entries after file movement (COPY MOVE DELETE)
2019-05-04 13:48:22 -04:00
Glenn Strauss 57470365a2 [stat_cache] interfaces to invalidate entries 2019-05-04 13:48:22 -04:00
Glenn Strauss f89f9191f4 [stat_cache] FAM: funcs to invalidate entries 2019-05-04 13:48:22 -04:00
Glenn Strauss c7eaa502ec [stat_cache] FAM: ignore event with no valid match 2019-05-04 13:48:22 -04:00
Glenn Strauss 18faa0910c [stat_cache] FAM: check hash collision before add
skip monitoring new entry if there is a hash collision in stat_cache
data structure associated with FAM
2019-05-04 13:48:22 -04:00
Glenn Strauss 8772e85cea [stat_cache] FAM: ignore follow-symlink config
no distinction needs to be made whether or not server.follow-symlink set
2019-05-04 13:48:22 -04:00
Glenn Strauss 1971da13db [stat_cache] FAM: improve handling modified file 2019-05-04 13:48:22 -04:00
Glenn Strauss 38ce790657 [stat_cache] FAM: use entry hash index as userdata
Upon receipt of FAM event, validate that entry exists in splaytree
instead of blindly accessing memory through the pointer returned in
userdata by FAM
2019-05-04 13:48:22 -04:00
Glenn Strauss a3d171526a [stat_cache] FAM: check FAMNextEvent() return code 2019-05-04 13:48:22 -04:00
Glenn Strauss cc49703372 [stat_cache] FAM: reduce string copying 2019-05-04 13:48:22 -04:00
Glenn Strauss a50b72c356 [stat_cache] remove splaytree ins/del debug code
remove debug code around for splaytree_insert() and splaytree_delete()
in stat_cache.c
2019-05-04 13:48:22 -04:00
Glenn Strauss 47d006ae47 [stat_cache] pass age param for stat cache cleanup 2019-05-04 13:48:22 -04:00
Glenn Strauss baa5f04335 [stat_cache] store entries without trailing slash
(no more duplication of dir entries with and without trailing slash)
2019-05-04 13:48:22 -04:00
Glenn Strauss 020a83c265 [stat_cache] separate symlink pol from data struct
separate symlink polily from internal data structures
no more dup entires in splaytree for allowing/disallowing symlinks

hash name to provided len
2019-05-04 13:48:11 -04:00
Glenn Strauss 73bfee6308 [stat_cache] separate func for symlink policy chk
Note: historical ToC-ToU race condition still exists in implementation
server.follow-symlink = "disable" is not recommended (default: "enable")
2019-04-29 18:11:15 -04:00
Glenn Strauss 5ac92dca08 [mod_webdav] check If-None-Match (#1818)
  "add RFC-compliant LOCK support to mod_webdav"
2019-04-23 10:36:55 -04:00
Glenn Strauss aacdd3da02 [mod_webdav] special-case If: (<DAV:no-lock>)
(recognize <DAV:no-lock>, but supporting logic is limited)
2019-04-23 10:36:55 -04:00
Glenn Strauss ab005809e1 [mod_webdav] disable elftc_copyfile() on FreeBSD
disable elftc_copyfile() on FreeBSD
until libelftc added to SCons static build
2019-04-22 02:36:53 -04:00
Glenn Strauss 278c42abc5 [mod_webdav] platform portability fixes 2019-04-22 02:18:56 -04:00
Glenn Strauss d4b726bf24 [mod_webdav] provide ETag in more responses
When file is already open, fstat() and provide ETag,
e.g. in PUT requests and new LOCK requests (not LOCK refresh)
2019-04-22 01:09:28 -04:00
Glenn Strauss d334ee5c2f [mod_webdav] deprecated unsafe partial PUT compat
RFC 7231 forbids partial PUT.  However, historical versions of
lighttpd mod_webdav did provide this (mis-)feature.  Therefore,
provide *deprecated* unsafe partial PUT support for compatibility
with historical lighttpd mod_webdav (prior to mod_webdav rewrite),
but require new config option to enable this compatible behavior:

webdav.opts = ( "deprecated-unsafe-partial-put" => "enable" )

The partial PUT support implemented by historical lighttpd mod_webdav
makes no effort to account for shrinkage or growth of range replaced.
The request body is splat into the *existing* file at the offset
provided which is quite unsafe and can cause corruption in data sent
to concurrent download requests.

Use of this (mis-)feature is discouraged, and support may be removed
in the future, without any further notice.
2019-04-22 01:09:28 -04:00
Glenn Strauss eee29b65e5 [mod_webdav] check If-Match, If-Unmodified-Since (#1818)
  "add RFC-compliant LOCK support to mod_webdav"
2019-04-22 01:09:23 -04:00
Glenn Strauss 3111e24b71 [mod_webdav] clean up resources after do{}while(0) 2019-04-22 01:08:58 -04:00
yangfl 4af0f97f14 [mod_webdav] fix misbehavior on blank nodes in PROPPATCH
github: #97

2019-04-22 01:08:58 -04:00
yangfl 6962fc2a5a [mod_webdav] fix uuid detection macro
github: #97

2019-04-22 01:08:58 -04:00
Glenn Strauss 993cb545d8 [mod_webdav] surround Lock-Token with "<...>"
(thx yangfl)

github: #97

2019-04-22 01:08:58 -04:00
Glenn Strauss 95aa2c178d [core] 200 for OPTIONS /non-existent/path HTTP/1.1 (fixes #2939)
200 for OPTIONS /non-existent/path HTTP/1.1 when a module,
such as mod_webdav, has set Allow response header

  "OPTIONS should return 2xx status for non-existent resources if Allow is set"
2019-04-22 01:08:58 -04:00
Glenn Strauss 50aae03c31 [mod_webdav] major rewrite (fixes #1818)
(occurred 3 years ago on experimental branch, and now ported forward)

robustness and performance improvements, including atomic updates on
individual files (e.g. for PUT, COPY, MOVE)

exclusive locks are fully supported
shared locks are partly supported

  "add RFC-compliant LOCK support to mod_webdav"
2019-04-22 01:08:54 -04:00
Glenn Strauss a15f40a569 [core] replace open() with fdevent_open_cloexec()
fdevent_open_cloexec() opens files O_BINARY for consistency,
and with O_NONBLOCK, so that the server will not block if the
target file to open is a fifo.
2019-04-20 02:10:28 -04:00
Glenn Strauss f1e9bcb08a [core] new worker_init hook to follow parent fork 2019-04-20 02:10:28 -04:00