array_get_element_klen() is now intended for read-only access
array_get_data_unset() is used by config processing for r/w access
array_get_buf_ptr() is used for r/w access to ds->value (string buffer)
quickly clear buffer instead of buffer_string_set_length(b, 0) or
buffer_reset(b). Avoids free() of large buffers about to be reused,
or buffers that are module-scoped, persistent, and reused.
(buffer_reset() should still be used with buffers in connection *con
when the data in the buffers is supplied by external, untrusted source)
provide standard types in first.h instead of base.h
provide lighttpd types in base_decls.h instead of settings.h
reduce headers exposed by headers for core data structures
do not expose <pcre.h> or <stdlib.h> in headers
move stat_cache_entry to stat_cache.h
reduce use of "server.h" and "base.h" in headers
Allowing explicit IPs to be rejected might be useful in situations
where an internal network is to be allowed by CIDR mask, but there are
a small number of untrusted hosts on the network, e.g. hosts behind a
NAT to which some external ports are forwarded.
CIDR masks must be marked "trust", or else are ignored with a warning.
x-ref:
"RFE: mod_extforward CIDR support"
https://redmine.lighttpd.net/issues/2860
discard from socket using recv MSG_TRUNC on Linux TCP SOCK_STREAM socket
Currently, lighttpd supports only TCP SOCK_STREAM. If UDP SOCK_DGRAM
were to be supported in the future, then socket type will need to be
stored so that MSG_TRUNC is used appropriately for the desired effect.
To find out socket type on arbitrary socket fd:
getsockopt(..., SOL_SOCKET, SO_TYPE, ...)
but better to store it with each listening socket.
Use config directive extforward.hap-PROXY-ssl-client-verify = "enable"
to enable setting SSL_CLIENT_VERIFY, REMOTE_USER, and AUTH_TYPE using
information provided by HAProxy PROXY protocol.
It does seem possible for PROXY protocol subelements to be misaligned
and a message has been sent to HAProxy author of the PROXY protocol.
On most modern processors and operating systems, misaligned access has a
cost, but not the outrageous cost that it historical had on processors
and older operating systems such as on SPARC processors running Solaris
prior to Solaris 11.
define MSG_DONTWAIT and MSG_NOSIGNAL to be no-ops on platforms
without support. (fd should already be configured O_NONBLOCK
and SIGPIPE signal is configured to be ignored)
(thx avij and wardw)
enable with, e.g.:
extforward.headers = ( "Forwarded" )
or
extforward.headers = ( "Forwarded", "X-Forwarded-For" )
or
extforward.headers = ( "Forwarded", "X-Forwarded-For", "Forwarded-For" )
The default remains:
extforward.headers = ( "X-Forwarded-For", "Forwarded-For" )
Support for "Forwarded" is not enabled by default since intermediate
proxies might not be aware of Forwarded, and might therefore pass
spoofed Forwarded header received from client.
extforward.params = ( # overwrite "Host" with Forwarded value
#"host" => 1
# set REMOTE_USER with Forwarded value
#"remote_user" => 1
)
Note: be cautious configuring trusted proxies if enabling these options
since Forwarded header may be spoofed and passed along indescriminantly
by proxies which do not handle Forwarded.
To remove "Forwarded" from incoming requests, do not enable these
options and instead use mod_setenv to clear the request header:
setenv.set-request-header = ( "Forwarded" => "" )
Other proxy-related headers which admin might evaluate to keep or clear:
setenv.set-request-header = ( "X-Forwarded-For" => "",
"X-Forwarded-By" => "",
"X-Forwarded-Server" => "",
"X-Origin-IP" => "",
"Via" => "",
#...
)
x-ref:
"Forwarded HTTP Extension"
https://tools.ietf.org/html/rfc7239
"Forward authenticated user to proxied requests"
https://redmine.lighttpd.net/issues/2703
More specific checks on contents of array lists. Each module using
lists now does better checking on the types of values in the list
(strings, integers, arrays/lists)
This helps prevent misconfiguration of things like cgi.assign,
fastcgi.server, and scgi.server, where source code might be
served as static files if parenthesis are misplaced.
x-ref:
https://redmine.lighttpd.net/boards/2/topics/6571
bug #1499 was mostly fixed in 05858f6c
This patch additionally resets the cond_cache since scheme might change
x-ref:
"HTTPS env var should be "on" when using mod_extforward and the X-Forwarded-Proto header is set."
https://redmine.lighttpd.net/issues/1499
- a lot of code tried to handle manually adding terminating zeroes and
keeping track of the correct "used" count.
Replaced all "external" usages with simple wrapper functions:
* buffer_string_is_empty (used <= 1), buffer_is_empty (used == 0);
prefer buffer_string_is_empty
* buffer_string_set_length
* buffer_string_length
* CONST_BUF_LEN() macro
- removed "static" buffer hacks (buffers pointing to constant/stack
memory instead of malloc()ed data)
- buffer_append_strftime(): refactor buffer+strftime uses
- li_tohex(): no need for a buffer for binary-to-hex conversion:
the output data length is easy to predict
- remove "-Winline" from extra warnings: the "inline" keyword just
supresses the warning about unused but defined (static) functions;
don't care whether it actually gets inlined or not.
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2979 152afb58-edef-0310-8abb-c4023f1b3aa9
These should all be non critical:
* memory leaks on startup in error cases (which lead to
immediate shutdowns anyway)
* http_auth/ldap: passing uninitialized "ret" to ldap_err2string
* sizeof(T) not matching the target pointer in malloc/calloc calls;
those cases were either:
* T being the wrong pointer type - shouldn't matter as long as all
pointers have same size
* T being larger than the type needed
* mod_accesslog: direct use after free in cleanup (server shutdown);
could crash before "clean" shutdown
* some false positives (mod_compress, mod_expire)
* assert(srv->config_context->used > 0); - this is always the case,
as there is always a global config block
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2920 152afb58-edef-0310-8abb-c4023f1b3aa9
con->conf.is_ssl got removed and replaced by:
* con->conf.ssl_enabled for the config var "ssl.engine" - it is only
used to determine which server-sockets should use ssl. (usually not
needed as it is mandatory and enough to set ssl.pemfile anyway)
* con->srv_socket->is_ssl to detect the actual ssl status of the
bound socket, which is the same as the ssl status of the connection
* con->uri.scheme for the actual $HTTP["scheme"] value, also used for
the CGI "HTTPS=ON" variable. This defaults to "https" if the
connection uses ssl, but can be changed for example by mod_extforward
if X-Forwarded-Proto: is set to either "http" or "https" (other values
are ignored right now)
Also removed the broken srv_socket->is_proxy_ssl as it was a connection
value in a server_socket struct...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2887 152afb58-edef-0310-8abb-c4023f1b3aa9
Mohammed Sadiq
