connection_handle_write_state() call to subrequest handler might set
r->resp_body_finished, but we need to check if r->write_queue is empty
before changing state from CON_STATE_WRITE to CON_STATE_RESPONSE_END
(If r->write_queue was already empty when the subrequest handler marked
resp_body_finished, connection_state_machine_h2() could miss changing
the request state to CON_STATE_RESPONSE_END)
x-ref:
"HTTP/2 requests sometimes take very long (missing last chunk)"
https://redmine.lighttpd.net/issues/3111
"Slow request handling in Lighttpd 1.4.60"
https://redmine.lighttpd.net/boards/2/topics/10063
crypt() static output buffer is cleared upon next call to crypt(),
but clear output buffer anyway since next call to crypt() might be
much later. Only clear crypt() output if length >= 13, since if
there is an error in crypt(), 'man crypt' warns:
"Some implementations of crypt, upon error, return an invalid hash that
is stored in a read-only location or only initialized once, which means
that it is only safe to erase the buffer pointed to by the crypt return
value if an error did not occur."
use pwritev(), where available, with chunkqueue_steal_with_tempfiles()
The initial write to tempfiles (when response initially grows too
large in memory) can be multiple MEM_CHUNKs, so attempt to use
single pwritev() syscall
return 411 Length Required if mod_proxy configured to force HTTP/1.0
to backend and configured to stream request body, and client request
has a request body but did not provide Content-Length.
allow debug.log-state-handling to be enabled in config conditions,
even though the connection and request may already have begun
(and therefore not logging state changes which already occurred)
(also, minor additional structure cleanups made in the vicinity)
Existing behavior: strict header parsing, strict host parsing, and
basic url normalization are enabled by default in lighttpd, and
protect against h2 request tunnelling attempts using invalid chars
in headers.
Keeping strict parsing settings enabled is strongly recommended.
If any are explicitly disabled in lighttpd.conf, then this patch takes
steps to thwart h2 request tunnelling.
x-ref:
"HTTP/2: The Sequel is Always Worse"
https://portswigger.net/research/http2
Existing behavior: mod_proxy *does not* forward Upgrade header
unless explicitly enabled in lighttpd.conf (default: not enabled)
(proxy.header += ("upgrade" => "enable"))
mod_cgi previously used to forward Upgrade request header, but would
remove Upgrade response header if cgi.upgrade was not explicitly enabled
(cgi.upgrade = "enable")
This patch thwarts h2c smuggling when lighttpd.conf has also been
explicitly configured to pass "Upgrade" request header
x-ref:
"h2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2c)"
https://labs.bishopfox.com/tech-blog/h2c-smuggling-request-smuggling-via-http/2-cleartext-h2c
make ck_memeq_const_time() more generically reusable
remove implementation requirements that strings be '\0' terminated,
or at least have an initialized byte following each string (s[len])
x-ref:
https://redmine.lighttpd.net/issues/3112
"mod_auth cache password doesn't match"
reschedule HTTP/2 streams w/ pending data if con->write_queue is empty
reschedule to read deferred (and pending) HTTP/2 frames when
MAX_CONCURRENT_STREAMS are active and a stream completes.
x-ref:
"HTTP/2 requests sometimes take very long (missing last chunk)"
https://redmine.lighttpd.net/issues/3111
short-circuit if response body completely received with response headers
x-ref:
"HTTP/2 requests sometimes take very long (missing last chunk)"
https://redmine.lighttpd.net/issues/3111
(thx meeb5)
ignore PROPFIND "Depth" request header for files (non-collections)
RFC4918 10.2. Depth Header
"If a resource does not have internal members, then the Depth header MUST be ignored."
x-ref:
"Webdav + rclone backup"
https://redmine.lighttpd.net/boards/2/topics/10081
add comment for handling of streaming with no response body
add commented-out code to disable streaming to wait for backend protocol
to signal end of response (prevent http_response_write_prepare() from
short-circuiting and finishing responses without response body)
x-ref:
"FastCGI premature socket close with response streaming and 204 status"
https://redmine.lighttpd.net/boards/2/topics/10066
(thx manfred)
Basic auth passwd cache might fail to match when it should have
matched (false negative) when comparing an uninitialized byte.
That bug "fails closed" and does not use the cache when it could.
This patch allows for proper match in the cache when it should match.
x-ref:
https://redmine.lighttpd.net/issues/3112
"mod_auth cache password doesn't match"
fix HTTP/2 upload > 64k with server.max-request-size > 0
(regression present only in lighttpd 1.4.60)
(thx SM)
x-ref:
"File upload is broken after upgrade from 1.4.59 to 1.4.60"
https://redmine.lighttpd.net/issues/3108
preserve remote IP until request reset
(historical IP restore in request_done hook was obsoleted by
commit fea5bdc8 in which request plugin context was split from
connection plugin context, and by much older commits which
ensured that request_reset hook was always run)
x-ref:
"Remote address behind reverse proxy not logged"
https://redmine.lighttpd.net/boards/2/topics/10041
Earlier macOS need _DARWIN_C_SOURCE defined for errno_t from sys/types.h
Alternatively, define __STDC_WANT_LIB_EXT1__ >= 1 before include errno.h
x-ref:
"error: unknown type name 'errno_t' (macOS 10.13.6)"
https://redmine.lighttpd.net/issues/3107
(thx helmut)
do not read-ahead past '\0' while url-decoding
lighttpd 1.4.60 could previously have read one byte of potentially
uninitialized data. lighttpd detects the '\0' so there is no exposure
of data. This also can not cause a crash in lighttpd 1.4.60 due to how
lighttpd 1.4.60 allocates memory for buffers in sizes (power-2 + 1),
and typical system malloc alignment of 4- or 8- bytes.
define __attribute_nonnull__(params) with params to match
recent changes in glibc development (targetting glibc 2.35 in Feb 2022)
x-ref:
new __attribute_nonnull__(params) conflicts with third-party
https://sourceware.org/bugzilla/show_bug.cgi?id=28425
Glenn Strauss