Commit Graph

2146 Commits (7ef58b5a815e38cf79384e12febcd86f478f9885)
 

Author SHA1 Message Date
Glenn Strauss 5492063f35 [core] set REDIRECT_STATUS to error_handler_saved_status (fixes #1828)
set REDIRECT_STATUS to con->error_handler_saved_status in dynamic
handlers for PHP compiled with --force-redirect.  Set to "200"
if (0 == con->error_handler_saved_status)
(mod_cgi, mod_fastcgi, mod_scgi, mod_ssi)

FYI: setting REDIRECT_STATUS in con->environment allows access and
manipulation by mod_magnet.

x-ref:
  "REDIRECT_STATUS == 200 on 404 redirect"
  https://redmine.lighttpd.net/issues/1828

github: closes #35
7 years ago
Glenn Strauss d7638b9b10 fix some warnings reported by static analysis tool
iterate over environ via array-index notation with char **ptr on stack
(instead of repeatedly re-accessing global 'environ')

check getsockname() return values including addrlen

[mod_dirlisting] pass buf size into http_list_directory_sizefmt()

github: resolves #48
7 years ago
Glenn Strauss 49c74fff65 [core] compile with upcoming openssl 1.1.0 release (fixes #2727)
(thx falemagn)

x-ref:
  "Won't compile with OpenSSL 1.1.0"
  https://redmine.lighttpd.net/issues/2727
7 years ago
Glenn Strauss 4db255ca39 make (compile and link) cleanly under cygwin 7 years ago
Glenn Strauss 3888a1419e [doc] add ref to RFC 7232 for conditional requests 7 years ago
Glenn Strauss d0dc881d73 [doc] enhance error msg for backend server config
enhance error message for backend server config file parse
(fastcgi.server, scgi.server, proxy.server)

x-ref:
  https://redmine.lighttpd.net/boards/2/topics/6571
7 years ago
Glenn Strauss 8de5f41577 [doc] add mimetype.use-xattr to conf.d/mime.conf
x-ref:
  "Migrate to freedesktop.org definition of xattr mimetype"
  https://redmine.lighttpd.net/issues/2631
7 years ago
Glenn Strauss eb0cbb00ff improve dynamic handler control flow logic
Merge branch 'feature-dynamic-handler-control-flow'
7 years ago
Glenn Strauss 7c0f8a775d [mod_cgi] asynchronous send of request body to CGI
Like other dynamic handler in prior commit,
mod_cgi can read response before sending req body

mod_cgi no longer blocks sending request body to CGI
7 years ago
Glenn Strauss 2f21aaa973 handlers can read response before sending req body (fixes #131, #2566)
dynamic handlers mod_fastcgi, mod_scgi, and mod_proxy can now read
response from backend prior to finishing sending request body.

If the backend closes the connections (or shuts down socket write
end so that lighttpd read() 0 to indicate EOF), then lighttpd will
abort attempting to send request body to backend.

x-ref:
  "mod_fastcgi should handle "quick" responses"
  https://redmine.lighttpd.net/issues/2566
  "FastCGI FCGI_STDOUT before FCGI_STDIN bug"
  https://redmine.lighttpd.net/issues/131
7 years ago
Glenn Strauss 7f942ce09a remove handle_joblist hook
remove handle_joblist hook and remove the hooks defined in
mod_fastcgi and mod_scgi.  The calls made to fdevent management
are redundant.  If the calls were actually needed, then
mod_proxy would have needed a handle_joblist handler, too.
7 years ago
Glenn Strauss 4b0c822ed0 always poll for client POLLHUP/POLLERR events (fixes #399)
to detect client disconnect.  Do so even when waiting on backend,
and not polling for POLLRD or POLLWR on client connection.

This reduces unnecessary load on backends when backends are slow
to respond and client has given up waiting.

x-ref:
  "https://redmine.lighttpd.net/issues/399"
  FastCGI performance on high load
7 years ago
Glenn Strauss 8f27ff8cd4 defer reading request body until handle subrequest
read request body in dynamic handlers supporting request body
(mod_cgi, mod_fastcgi, mod_proxy, mod_scgi, mod_webdav)

(In the future, each dynamic handler might choose whether or not to
 buffer request body or to stream request body to backend as request
 body is received.)

modify mod_webdav to mark request in handle_physical hook, and move
the main logic to handle_subrequest hook, where the main logic is
for other dynamic handlers.
7 years ago
Glenn Strauss 635ab6f802 mv funcs from connections.c to connections-glue.c
connection_handle_read()
connection_handle_read_ssl()
connection_handle_read_post_state()

no code changes besides making connection_handle_read() public
(by removing 'static' and adding to connections.h)
7 years ago
Glenn Strauss c263bc6a11 defer reading request body until handle subrequest (fixes #2541)
read request body right before calling subrequest handler,
allowing request to be handled prior to reading request body,
e.g. to send 401 Unauthorized response when authentication is required

(In the future, this might move into each dynamic handler which supports
 request body (mod_cgi, mod_fastcgi, mod_proxy, mod_scgi, mod_webdav) so
 that each dynamic handler can choose whether or not to buffer request
 body or to stream request body to backend as request body is received.)

keep-alive is disabled if request body has not been completely read
prior to sending response

x-ref:
  "HTTP 401 Unauthorized only sent back after full POST request is read"
  https://redmine.lighttpd.net/issues/2541
7 years ago
Glenn Strauss bbbbfb3de0 untangle overly complex control flow logic
for dynamic handlers mod_cgi, mod_fastcgi, mod_scgi, mod_proxy
(mod_cgi control flow logic simplification began in a prior commit)

- connection state machine calls the subrequest handler
- subrequest handler sets up the connection to the backend
  and registers fdevent handler to handle backend events
- fdevent handler handles backend events and then schedules
  a call to connection state machine
- when retrying an alternate backend, backend state is reset
  and then response state is reset so that the connection state
  machine will call back into the subrequest handler to retry

Dynamic handlers no longer directly modify connection state
(calls to connection_set_state() from dynamic handlers were removed)

Dynamic handlers no longer reset con->physical.path, and they
preserve con->mode when retrying alternate backends.  This is done
to skip repeated processing in response.c:http_response_prepare()

While this patch increases consistency in control flow handling,
there is more work to be done that can further improve upon this.

x-ref:
  "handle-req time too long"
  https://redmine.lighttpd.net/issues/1149
7 years ago
Glenn Strauss 77bd45121c [core] retry tempdirs on partial write, ENOSPC (fixes #2588)
Previous code would fail on partial write, EINTR, and ENOSPC.
Upon any of the above errors, this patch tries next tempdir in list,
if list of tempdirs provided by config option server.upload-dirs

x-ref:
  "Problem when uploading large files"
  https://redmine.lighttpd.net/issues/2588

github:
Closes #54
7 years ago
Glenn Strauss 71ed1912c7 [config] server.listen-backlog option (fixes #1825, #2116)
See doc/config/lighttpd.conf for explanation of listen() backlog queue

Additionally, mod_fastcgi and mod_scgi backend servers can now also be
configured with separate listen-backlog settings per server

x-ref:
  "add server.listen-backlog option instead of hard-coded value (128 * 8) for listen()"
  https://redmine.lighttpd.net/issues/2116
  "Don't disable backend when overloaded"
  https://redmine.lighttpd.net/issues/1825

github:
Closes #50
7 years ago
Glenn Strauss a65c57a548 [core] open fd when appending file to cq (fixes #2655)
http_chunk_append_file() opens fd when appending file to chunkqueue.
Defers calculation of content length until response is finished.

This reduces race conditions pertaining to stat() and then (later)
open(), when the result of the stat() was used for Content-Length
or to generate chunked headers.

Note: this does not change how lighttpd handles files that are modified
in-place by another process after having been opened by lighttpd --
don't do that.  This *does* improve handling of files that are
frequently modified via a temporary file and then atomically renamed
into place.

mod_fastcgi has been modified to use http_chunk_append_file_range() with
X-Sendfile2 and will open the target file multiple times if there are
multiple ranges.

Note: (future todo) not implemented for chunk.[ch] interfaces used by
range requests in mod_staticfile or by mod_ssi.  Those uses could lead
to too many open fds.  For mod_staticfile, limits should be put in place
for max number of ranges accepted by mod_staticfile.  For mod_ssi,
limits would need to be placed on the maximum number of includes, and
the primary SSI file split across lots of SSI directives should either
copy the pieces or perhaps chunk.h could be extended to allow for an
open fd to be shared across multiple chunks.  Doing either of these
would improve the performance of SSI since they would replace many file
opens on the pieces of the SSI file around the SSI directives.

x-ref:
  "Serving a file that is getting updated can cause an empty response or incorrect content-length error"
  https://redmine.lighttpd.net/issues/2655

github:
Closes #49
7 years ago
Glenn Strauss e0bafab2db [mod_indexfile] save physical path to env (fixes #448, #892)
save physical path to environment (PATH_TRANSLATED_DIRINDEX)
when index generator is full path (not relative path)

fix uri.path when index generator is full path (not relative path)
7 years ago
Glenn Strauss 186e7073fb [mod_redirect,mod-rewrite] short-circuit if blank replacement (fixes #2085)
x-ref:
  "null redirects for mod_redirect"
  https://redmine.lighttpd.net/issues/2085
7 years ago
Glenn Strauss fa3a36ffd4 [mod_ssi] config ssi.exec (fixes #2051)
(thx benbrown)

x-ref:
  "mod_ssi Add configuration item to disable SSI exec."
  https://redmine.lighttpd.net/issues/2051
7 years ago
fbrosson 6982b1930e [mod_ssi] config ssi.conditional-requests
Summary:
A new SSI directive, "ssi.conditional-requests", allows to inform
lighttpd which SSI pages should be considered as cacheable and which
should not. In particular, the "ETag" & "Last-Modified" headers will
only be sent for those SSI pages for which the directive is enabled.

Long description:
"ETag" and "Last-Modified" headers were being sent for all SSI pages,
regardless of whether they were cacheable or not. And yet, there was
no cache validation at all for any SSI page.
This commit fixes these two minor issues by adding a new directive,
"ssi.conditional-requests", which allows to specify which SSI pages
are cacheable and which are not, and by adding cache validation to
those SSI pages which are cacheable. And since sending ETags for
non-cacheable documents is not appropriate, they are no longuer
computed nor sent for those SSI pages which are not cacheable.
Regarding the "Last-Modified" header for non-cacheable documents,
the standards allow to either send the current date and time for
that header or to simply skip it. The approach chosen is to not send
it for non-cacheable SSI pages. "ETag" and "Last-Modified" headers
are therefore only sent for an SSI page if ssi.conditional-requests
is enabled for that page.

The ssi.conditional-requests directive can be enabled or disabled
globally and/or in any context. It is disabled by default.

An index.shtml which only includes deterministic SSI commands such as:
<!--#echo var="LAST_MODIFIED"-->
is a trivial example of a dynamic SSI page that is cacheable.
7 years ago
Glenn Strauss bb95317774 [core] setrlimit max-fds <= rlim_max for non-root (fixes #2723)
x-ref:
  "setrlimit can increase RLIMIT_NOFILE up to rlim_max for non-root"
  https://redmine.lighttpd.net/issues/2723
7 years ago
Glenn Strauss 51e0f2087b [core] define __STDC_WANT_LIB_EXT1__ (fixes #2722)
x-ref:
  "define __STDC_WANT_LIB_EXT1__ for memset_s()"
  https://redmine.lighttpd.net/issues/2722
7 years ago
Glenn Strauss c4edd35655 skip spawning backends for preflight tests (#2642)
Also, update man page for lighttpd -tt

x-ref:
  "add option for "fail on warning""
  https://redmine.lighttpd.net/issues/2642
7 years ago
Glenn Strauss c63427c999 [mod_dirlisting] class for dir <tr> (fixes #2304)
x-ref:
  "special class for directories tr's in directory listing"
  https://redmine.lighttpd.net/issues/2304
7 years ago
Glenn Strauss dc9f95c75d [mod_status] table w/ count of con states (fixes #2427)
(replaces "legend")
7 years ago
Glenn Strauss c68f83aed4 [mod_status] page refresh option (fixes #2170)
e.g. http://server-address/server-status?refresh=10

x-ref:
  "server-status page should have an automatic reload"
  https://redmine.lighttpd.net/issues/2170
7 years ago
Glenn Strauss 760baed402 [mod_expire] reset caching response headers for error docs (fixes #1919)
remove Cache-Control and Expires headers before handling error docs
(caching headers may have been set by mod_expire before http status
 was determined to be an error)

x-ref:
  "mod_expires sends headers on 404 responses"
  https://redmine.lighttpd.net/issues/1919
7 years ago
Glenn Strauss f4cb07f723 [mod_webdav] readdir POSIX compat (fixes #1826)
do not expect '.' to be part of dir listing

x-ref:
  "mod_webdav readdir POSIX compatibility issue"
  https://redmine.lighttpd.net/issues/1826
7 years ago
Glenn Strauss e5e5548b88 [mod_extforward] reset cond_cache for scheme (fixes #1499)
bug #1499 was mostly fixed in 05858f6c
This patch additionally resets the cond_cache since scheme might change

x-ref:
  "HTTPS env var should be "on" when using mod_extforward and the X-Forwarded-Proto header is set."
  https://redmine.lighttpd.net/issues/1499
7 years ago
Glenn Strauss 659ce5e78e [mod_magnet] rename var for clarity (fixes #1483)
"length" argument is more accurately described as 0-index end of range

x-ref:
  "magnet offset > length bug"
  https://redmine.lighttpd.net/issues/1483
7 years ago
Glenn Strauss 4b412797b8 [mod_auth] send charset="UTF-8" in WWW-Authenticate (fixes #1468)
https://tools.ietf.org/html/rfc7616 and
https://tools.ietf.org/html/rfc7617 (September 2015)
update Digest and Basic auth to allow server to recommend charset
which should be used by client.

http://stackoverflow.com/questions/702629/utf-8-characters-mangled-in-http-basic-auth-username

x-ref:
  "LDAP UTF-8 encoding"
  https://redmine.lighttpd.net/issues/1468
7 years ago
Glenn Strauss f1681ca29b [mod_cgi] always set QUERY_STRING (fixes #1339)
(thx alexo)

x-ref:
  "lighttpd doesn't set empty QUERY_STRING in cgi environment"
  https://redmine.lighttpd.net/issues/1339
7 years ago
Glenn Strauss 97556d992b [mod_fastcgi,mod_scgi] check for spawning on same unix socket (fixes #319)
error if unix socket path is duplicated

(does not check across modules, but will detect duplicated unix socket
 paths within fastcgi directives, and separately, duplicated unix socket
 paths within scgi directives)
7 years ago
Glenn Strauss de08a135ea [core] clean up srv before exiting for lighttpd -[vVh]
From: Glenn Strauss <gstrauss@gluelogic.com>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3138 152afb58-edef-0310-8abb-c4023f1b3aa9
7 years ago
Glenn Strauss 36ab0587c0 [stream] fstat() after open() to obtain file size
Common case is on non-empty files, and doing fstat() after open()
eliminates ToC-ToU between stat() and then open().  While file size
of the target file might still change, the fstat() is on the opened
file, and can not be on different file (which was possible with stat())

From: Glenn Strauss <gstrauss@gluelogic.com>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3137 152afb58-edef-0310-8abb-c4023f1b3aa9
7 years ago
Glenn Strauss 47f3dbebe4 use li_[iu]tostrn() instead of li_[iu]tostr()
From: Glenn Strauss <gstrauss@gluelogic.com>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3136 152afb58-edef-0310-8abb-c4023f1b3aa9
7 years ago
Glenn Strauss e5006d88eb pass buf size to li_tohex()
also change passing of fixed-sized arrays: need to pass pointer to array
as otherwise size does not get enforced

From: Glenn Strauss <gstrauss@gluelogic.com>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3135 152afb58-edef-0310-8abb-c4023f1b3aa9
7 years ago
Glenn Strauss dac02e257c [mod_status] use snprintf() instead of sprintf()
From: Glenn Strauss <gstrauss@gluelogic.com>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3134 152afb58-edef-0310-8abb-c4023f1b3aa9
7 years ago
Glenn Strauss ab829cee5e [mod_webdav] allow Depth: Infinity lock on file (fixes #2296)
(still not supporting Depth: Infinity on directories)

patch by mstorsjo submitted as part of feature request #1953

From: Glenn Strauss <gstrauss@gluelogic.com>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3133 152afb58-edef-0310-8abb-c4023f1b3aa9
7 years ago
Stefan Bühler dd33a350bb [configparser] fix small leak on config failure
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3132 152afb58-edef-0310-8abb-c4023f1b3aa9
7 years ago
Glenn Strauss d17d48e01e [stat] mimetype.xattr-name global config option (fixes #2631)
For backwards compatibility with existing lighttpd configs, default is
  mimetype.xattr-name = "Content-Type"

Those who wish to use the freedesktop.org definition of xattr mimetype
can set the following in the global lighttpd config:
  mimetype.xattr-name = "user.mime_type"

From: Glenn Strauss <gstrauss@gluelogic.com>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3131 152afb58-edef-0310-8abb-c4023f1b3aa9
7 years ago
Glenn Strauss 292309f88b [core] lighttpd -tt performs preflight startup checks (fixes #411)
lighttpd -t loads config file and performs syntax check
lighttpd -tt (new) performs preflight startup checks,
  including loading and initializing modules, but skipping any
  potentially destructive actions which might affect an already
  running server (separate instance).  These currently include:
  - skipping pidfile modification
  - skipping bind() to network sockets
  - skipping open of error and access logs

From: Glenn Strauss <gstrauss@gluelogic.com>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3130 152afb58-edef-0310-8abb-c4023f1b3aa9
7 years ago
Jan Kneschke 9ae7813685 [core] fixed the loading for default modules if they are specified explicitly
backported 1836 from trunk

From: Jan Kneschke <jan@kneschke.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3129 152afb58-edef-0310-8abb-c4023f1b3aa9
7 years ago
Glenn Strauss 06d3c75440 [core] respond 411 Length Required if request has Transfer-Encoding: chunked (fixes #631)
lighttpd does not currently support request body transfer-codings

From: Glenn Strauss <gstrauss@gluelogic.com>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3128 152afb58-edef-0310-8abb-c4023f1b3aa9
7 years ago
Glenn Strauss f11089ed2b [core] wait for grandchild to be ready when daemonizing (fixes #2712, thx pasdVn)
From: Glenn Strauss <gstrauss@gluelogic.com>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3127 152afb58-edef-0310-8abb-c4023f1b3aa9
7 years ago
Glenn Strauss 0aa2ea74e3 [mod_proxy] accept LF delimited headers, not just CRLF (fixes #2594)
From: Glenn Strauss <gstrauss@gluelogic.com>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3126 152afb58-edef-0310-8abb-c4023f1b3aa9
7 years ago
Glenn Strauss b4a4afdaf7 [config] warn if server.upload-dirs has non-existent dirs (fixes #2508)
Warn at startup if any dirs in server.upload-dirs do not exist.
Take server.chroot into account, if set.

From: Glenn Strauss <gstrauss@gluelogic.com>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3125 152afb58-edef-0310-8abb-c4023f1b3aa9
7 years ago