]>
Commit | Line | Data |
---|---|---|
cc1350fa ER |
1 | Index: src/base.h |
2 | =================================================================== | |
8b19d016 ER |
3 | --- src/base.h (.../tags/lighttpd-1.4.15) (revision 1880) |
4 | +++ src/base.h (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
5 | @@ -269,6 +269,9 @@ |
6 | unsigned short use_ipv6; | |
7 | unsigned short is_ssl; | |
8 | unsigned short allow_http11; | |
9 | + unsigned short etag_use_inode; | |
10 | + unsigned short etag_use_mtime; | |
11 | + unsigned short etag_use_size; | |
12 | unsigned short force_lowercase_filenames; /* if the FS is case-insensitive, force all files to lower-case */ | |
13 | unsigned short max_request_size; | |
14 | ||
15 | Index: src/connections.c | |
16 | =================================================================== | |
8b19d016 ER |
17 | --- src/connections.c (.../tags/lighttpd-1.4.15) (revision 1880) |
18 | +++ src/connections.c (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
19 | @@ -1252,6 +1252,16 @@ |
20 | socklen_t cnt_len; | |
21 | /* accept it and register the fd */ | |
22 | ||
23 | + /** | |
24 | + * check if we can still open a new connections | |
25 | + * | |
26 | + * see #1216 | |
27 | + */ | |
28 | + | |
29 | + if (srv->conns->used >= srv->max_conns) { | |
30 | + return NULL; | |
31 | + } | |
32 | + | |
33 | cnt_len = sizeof(cnt_addr); | |
34 | ||
35 | if (-1 == (cnt = accept(srv_socket->fd, (struct sockaddr *) &cnt_addr, &cnt_len))) { | |
36 | @@ -1265,6 +1275,9 @@ | |
37 | case ECONNABORTED: /* this is a FreeBSD thingy */ | |
38 | /* we were stopped _after_ we had a connection */ | |
39 | break; | |
40 | + case EMFILE: | |
41 | + /* out of fds */ | |
42 | + break; | |
43 | default: | |
44 | log_error_write(srv, __FILE__, __LINE__, "ssd", "accept failed:", strerror(errno), errno); | |
45 | } | |
46 | @@ -1432,6 +1445,7 @@ | |
47 | } else if (con->in_error_handler) { | |
48 | /* error-handler is back and has generated content */ | |
49 | /* if Status: was set, take it otherwise use 200 */ | |
50 | + con->http_status = con->error_handler_saved_status; | |
51 | } | |
52 | ||
53 | if (con->http_status == 0) con->http_status = 200; | |
54 | Index: src/mod_staticfile.c | |
55 | =================================================================== | |
8b19d016 ER |
56 | --- src/mod_staticfile.c (.../tags/lighttpd-1.4.15) (revision 1880) |
57 | +++ src/mod_staticfile.c (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
58 | @@ -25,6 +25,7 @@ |
59 | ||
60 | typedef struct { | |
61 | array *exclude_ext; | |
62 | + unsigned short etags_used; | |
63 | } plugin_config; | |
64 | ||
65 | typedef struct { | |
66 | @@ -82,6 +83,7 @@ | |
67 | ||
68 | config_values_t cv[] = { | |
69 | { "static-file.exclude-extensions", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 0 */ | |
70 | + { "static-file.etags", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 1 */ | |
71 | { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET } | |
72 | }; | |
73 | ||
74 | @@ -94,8 +96,10 @@ | |
75 | ||
76 | s = calloc(1, sizeof(plugin_config)); | |
77 | s->exclude_ext = array_init(); | |
78 | + s->etags_used = 1; | |
79 | ||
80 | cv[0].destination = s->exclude_ext; | |
81 | + cv[1].destination = &(s->etags_used); | |
82 | ||
83 | p->config_storage[i] = s; | |
84 | ||
85 | @@ -114,6 +118,7 @@ | |
86 | plugin_config *s = p->config_storage[0]; | |
87 | ||
88 | PATCH(exclude_ext); | |
89 | + PATCH(etags_used); | |
90 | ||
91 | /* skip the first, the global context */ | |
92 | for (i = 1; i < srv->config_context->used; i++) { | |
93 | @@ -129,7 +134,9 @@ | |
94 | ||
95 | if (buffer_is_equal_string(du->key, CONST_STR_LEN("static-file.exclude-extensions"))) { | |
96 | PATCH(exclude_ext); | |
97 | - } | |
98 | + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("static-file.etags"))) { | |
99 | + PATCH(etags_used); | |
100 | + } | |
101 | } | |
102 | } | |
103 | ||
104 | @@ -446,11 +453,17 @@ | |
105 | response_header_overwrite(srv, con, CONST_STR_LEN("Accept-Ranges"), CONST_STR_LEN("bytes")); | |
106 | ||
107 | if (allow_caching) { | |
108 | - if (NULL == array_get_element(con->response.headers, "ETag")) { | |
109 | - /* generate e-tag */ | |
110 | - etag_mutate(con->physical.etag, sce->etag); | |
111 | + etag_flags_t flags; | |
112 | ||
113 | - response_header_overwrite(srv, con, CONST_STR_LEN("ETag"), CONST_BUF_LEN(con->physical.etag)); | |
114 | + flags = (con->conf.etag_use_mtime ? ETAG_USE_MTIME : 0) | (con->conf.etag_use_inode ? ETAG_USE_INODE : 0) | (con->conf.etag_use_size ? ETAG_USE_SIZE : 0); | |
115 | + | |
116 | + if (p->conf.etags_used && flags != 0 && !buffer_is_empty(sce->etag)) { | |
117 | + if (NULL == array_get_element(con->response.headers, "ETag")) { | |
118 | + /* generate e-tag */ | |
119 | + etag_mutate(con->physical.etag, sce->etag); | |
120 | + | |
121 | + response_header_overwrite(srv, con, CONST_STR_LEN("ETag"), CONST_BUF_LEN(con->physical.etag)); | |
122 | + } | |
123 | } | |
124 | ||
125 | /* prepare header */ | |
126 | Index: src/configfile.c | |
127 | =================================================================== | |
8b19d016 ER |
128 | --- src/configfile.c (.../tags/lighttpd-1.4.15) (revision 1880) |
129 | +++ src/configfile.c (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
130 | @@ -89,7 +89,9 @@ |
131 | { "server.core-files", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 45 */ | |
132 | { "ssl.cipher-list", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 46 */ | |
133 | { "ssl.use-sslv2", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 47 */ | |
134 | - | |
135 | + { "etag.use-inode", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 48 */ | |
136 | + { "etag.use-mtime", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 49 */ | |
137 | + { "etag.use-size", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 50 */ | |
138 | { "server.host", "use server.bind instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET }, | |
139 | { "server.docroot", "use server.document-root instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET }, | |
140 | { "server.virtual-root", "load mod_simple_vhost and use simple-vhost.server-root instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET }, | |
141 | @@ -162,6 +164,9 @@ | |
142 | #endif | |
143 | s->kbytes_per_second = 0; | |
144 | s->allow_http11 = 1; | |
145 | + s->etag_use_inode = 1; | |
146 | + s->etag_use_mtime = 1; | |
147 | + s->etag_use_size = 1; | |
148 | s->range_requests = 1; | |
149 | s->force_lowercase_filenames = 0; | |
150 | s->global_kbytes_per_second = 0; | |
151 | @@ -206,6 +211,9 @@ | |
152 | ||
153 | cv[46].destination = s->ssl_cipher_list; | |
154 | cv[47].destination = &(s->ssl_use_sslv2); | |
155 | + cv[48].destination = &(s->etag_use_inode); | |
156 | + cv[49].destination = &(s->etag_use_mtime); | |
157 | + cv[50].destination = &(s->etag_use_size); | |
158 | ||
159 | srv->config_storage[i] = s; | |
160 | ||
161 | @@ -280,8 +288,10 @@ | |
162 | PATCH(ssl_ca_file); | |
163 | PATCH(ssl_cipher_list); | |
164 | PATCH(ssl_use_sslv2); | |
165 | - | |
166 | - | |
167 | + PATCH(etag_use_inode); | |
168 | + PATCH(etag_use_mtime); | |
169 | + PATCH(etag_use_size); | |
170 | + | |
171 | return 0; | |
172 | } | |
173 | ||
174 | @@ -323,6 +333,12 @@ | |
175 | PATCH(max_read_idle); | |
176 | } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("mimetype.use-xattr"))) { | |
177 | PATCH(use_xattr); | |
178 | + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("etag.use-inode"))) { | |
179 | + PATCH(etag_use_inode); | |
180 | + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("etag.use-mtime"))) { | |
181 | + PATCH(etag_use_mtime); | |
182 | + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("etag.use-size"))) { | |
183 | + PATCH(etag_use_size); | |
184 | } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.pemfile"))) { | |
185 | PATCH(ssl_pemfile); | |
186 | } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.ca-file"))) { | |
187 | Index: src/etag.c | |
188 | =================================================================== | |
8b19d016 ER |
189 | --- src/etag.c (.../tags/lighttpd-1.4.15) (revision 1880) |
190 | +++ src/etag.c (.../branches/lighttpd-1.4.x) (revision 1880) | |
191 | @@ -8,13 +8,25 @@ | |
cc1350fa ER |
192 | return 0; |
193 | } | |
194 | ||
195 | -int etag_create(buffer *etag, struct stat *st) { | |
196 | - buffer_copy_off_t(etag, st->st_ino); | |
197 | - buffer_append_string_len(etag, CONST_STR_LEN("-")); | |
198 | - buffer_append_off_t(etag, st->st_size); | |
199 | - buffer_append_string_len(etag, CONST_STR_LEN("-")); | |
200 | - buffer_append_long(etag, st->st_mtime); | |
201 | +int etag_create(buffer *etag, struct stat *st,etag_flags_t flags) { | |
202 | + if (0 == flags) return 0; | |
8b19d016 ER |
203 | |
204 | + buffer_reset(etag); | |
205 | + | |
cc1350fa | 206 | + if (flags & ETAG_USE_INODE) { |
8b19d016 | 207 | + buffer_append_off_t(etag, st->st_ino); |
cc1350fa ER |
208 | + buffer_append_string_len(etag, CONST_STR_LEN("-")); |
209 | + } | |
210 | + | |
211 | + if (flags & ETAG_USE_SIZE) { | |
212 | + buffer_append_off_t(etag, st->st_size); | |
213 | + buffer_append_string_len(etag, CONST_STR_LEN("-")); | |
214 | + } | |
215 | + | |
216 | + if (flags & ETAG_USE_MTIME) { | |
217 | + buffer_append_long(etag, st->st_mtime); | |
218 | + } | |
8b19d016 | 219 | + |
cc1350fa ER |
220 | return 0; |
221 | } | |
8b19d016 | 222 | |
cc1350fa ER |
223 | Index: src/mod_scgi.c |
224 | =================================================================== | |
8b19d016 ER |
225 | --- src/mod_scgi.c (.../tags/lighttpd-1.4.15) (revision 1880) |
226 | +++ src/mod_scgi.c (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
227 | @@ -803,7 +803,7 @@ |
228 | buffer_append_string_buffer(b, host->bin_path); | |
229 | ||
230 | /* exec the cgi */ | |
231 | - execle("/bin/sh", "sh", "-c", b->ptr, NULL, env.ptr); | |
232 | + execle("/bin/sh", "sh", "-c", b->ptr, (char *)NULL, env.ptr); | |
233 | ||
234 | log_error_write(srv, __FILE__, __LINE__, "sbs", | |
235 | "execl failed for:", host->bin_path, strerror(errno)); | |
236 | Index: src/etag.h | |
237 | =================================================================== | |
8b19d016 ER |
238 | --- src/etag.h (.../tags/lighttpd-1.4.15) (revision 1880) |
239 | +++ src/etag.h (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
240 | @@ -7,8 +7,10 @@ |
241 | ||
242 | #include "buffer.h" | |
243 | ||
244 | +typedef enum { ETAG_USE_INODE = 1, ETAG_USE_MTIME = 2, ETAG_USE_SIZE = 4 } etag_flags_t; | |
245 | + | |
246 | int etag_is_equal(buffer *etag, const char *matches); | |
247 | -int etag_create(buffer *etag, struct stat *st); | |
248 | +int etag_create(buffer *etag, struct stat *st, etag_flags_t flags); | |
249 | int etag_mutate(buffer *mut, buffer *etag); | |
250 | ||
251 | ||
252 | Index: src/request.c | |
253 | =================================================================== | |
8b19d016 ER |
254 | --- src/request.c (.../tags/lighttpd-1.4.15) (revision 1880) |
255 | +++ src/request.c (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
256 | @@ -284,8 +284,6 @@ |
257 | ||
258 | int done = 0; | |
259 | ||
260 | - data_string *ds = NULL; | |
261 | - | |
262 | /* | |
263 | * Request: "^(GET|POST|HEAD) ([^ ]+(\\?[^ ]+|)) (HTTP/1\\.[01])$" | |
264 | * Option : "^([-a-zA-Z]+): (.+)$" | |
265 | @@ -715,12 +713,24 @@ | |
266 | switch(*cur) { | |
267 | case '\r': | |
268 | if (con->parse_request->ptr[i+1] == '\n') { | |
269 | + data_string *ds = NULL; | |
270 | + | |
271 | /* End of Headerline */ | |
272 | con->parse_request->ptr[i] = '\0'; | |
273 | con->parse_request->ptr[i+1] = '\0'; | |
274 | ||
275 | if (in_folding) { | |
276 | - if (!ds) { | |
277 | + buffer *key_b; | |
278 | + /** | |
279 | + * we use a evil hack to handle the line-folding | |
280 | + * | |
281 | + * As array_insert_unique() deletes 'ds' in the case of a duplicate | |
282 | + * ds points somewhere and we get a evil crash. As a solution we keep the old | |
283 | + * "key" and get the current value from the hash and append us | |
284 | + * | |
285 | + * */ | |
286 | + | |
287 | + if (!key || !key_len) { | |
288 | /* 400 */ | |
289 | ||
290 | if (srv->srvconf.log_request_header_on_error) { | |
291 | @@ -737,7 +747,15 @@ | |
292 | con->response.keep_alive = 0; | |
293 | return 0; | |
294 | } | |
295 | - buffer_append_string(ds->value, value); | |
296 | + | |
297 | + key_b = buffer_init(); | |
298 | + buffer_copy_string_len(key_b, key, key_len); | |
299 | + | |
300 | + if (NULL != (ds = (data_string *)array_get_element(con->request.headers, key_b->ptr))) { | |
301 | + buffer_append_string(ds->value, value); | |
302 | + } | |
303 | + | |
304 | + buffer_free(key_b); | |
305 | } else { | |
306 | int s_len; | |
307 | key = con->parse_request->ptr + first; | |
308 | @@ -969,7 +987,12 @@ | |
309 | first = i+1; | |
310 | is_key = 1; | |
311 | value = 0; | |
312 | - key_len = 0; | |
313 | +#if 0 | |
314 | + /** | |
315 | + * for Bug 1230 keep the key_len a live | |
316 | + */ | |
317 | + key_len = 0; | |
318 | +#endif | |
319 | in_folding = 0; | |
320 | } else { | |
321 | if (srv->srvconf.log_request_header_on_error) { | |
322 | Index: src/stat_cache.c | |
323 | =================================================================== | |
8b19d016 ER |
324 | --- src/stat_cache.c (.../tags/lighttpd-1.4.15) (revision 1880) |
325 | +++ src/stat_cache.c (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
326 | @@ -608,14 +608,16 @@ |
327 | break; | |
328 | } | |
329 | } | |
330 | - etag_create(sce->etag, &(sce->st)); | |
331 | + etag_create(sce->etag, &(sce->st), | |
332 | + (con->conf.etag_use_mtime ? ETAG_USE_MTIME : 0) | (con->conf.etag_use_inode ? ETAG_USE_INODE : 0) | (con->conf.etag_use_size ? ETAG_USE_SIZE : 0)); | |
333 | #ifdef HAVE_XATTR | |
334 | - if (buffer_is_empty(sce->content_type)) { | |
335 | + if (con->conf.use_xattr && buffer_is_empty(sce->content_type)) { | |
336 | stat_cache_attr_get(sce->content_type, name->ptr); | |
337 | } | |
338 | #endif | |
339 | } else if (S_ISDIR(st.st_mode)) { | |
340 | - etag_create(sce->etag, &(sce->st)); | |
341 | + etag_create(sce->etag, &(sce->st), | |
342 | + (con->conf.etag_use_mtime ? ETAG_USE_MTIME : 0) | (con->conf.etag_use_inode ? ETAG_USE_INODE : 0) | (con->conf.etag_use_size ? ETAG_USE_SIZE : 0)); | |
343 | } | |
344 | ||
345 | #ifdef HAVE_FAM_H | |
346 | Index: src/http_auth.c | |
347 | =================================================================== | |
8b19d016 ER |
348 | --- src/http_auth.c (.../tags/lighttpd-1.4.15) (revision 1880) |
349 | +++ src/http_auth.c (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
350 | @@ -830,8 +830,14 @@ |
351 | ||
352 | username = buffer_init(); | |
353 | ||
354 | - base64_decode(username, realm_str); | |
355 | + if (!base64_decode(username, realm_str)) { | |
356 | + buffer_free(username); | |
357 | ||
358 | + log_error_write(srv, __FILE__, __LINE__, "sb", "decodeing base64-string failed", username); | |
359 | + | |
360 | + return 0; | |
361 | + } | |
362 | + | |
363 | /* r2 == user:password */ | |
364 | if (NULL == (pw = strchr(username->ptr, ':'))) { | |
365 | buffer_free(username); | |
366 | @@ -967,7 +973,7 @@ | |
367 | for (c = b->ptr; *c; c++) { | |
368 | /* skip whitespaces */ | |
369 | while (*c == ' ' || *c == '\t') c++; | |
370 | - if (!c) break; | |
371 | + if (!*c) break; | |
372 | ||
373 | for (i = 0; dkv[i].key; i++) { | |
374 | if ((0 == strncmp(c, dkv[i].key, dkv[i].key_len))) { | |
375 | @@ -1016,9 +1022,24 @@ | |
376 | ||
377 | log_error_write(srv, __FILE__, __LINE__, "s", | |
378 | "digest: missing field"); | |
379 | + | |
380 | + buffer_free(b); | |
381 | return -1; | |
382 | } | |
383 | ||
384 | + /** | |
385 | + * protect the md5-sess against missing cnonce and nonce | |
386 | + */ | |
387 | + if (algorithm && | |
388 | + 0 == strcasecmp(algorithm, "md5-sess") && | |
389 | + (!nonce || !cnonce)) { | |
390 | + log_error_write(srv, __FILE__, __LINE__, "s", | |
391 | + "digest: (md5-sess: missing field"); | |
392 | + | |
393 | + buffer_free(b); | |
394 | + return -1; | |
395 | + } | |
396 | + | |
397 | m = get_http_method_name(con->request.http_method); | |
398 | ||
399 | /* password-string == HA1 */ | |
400 | Index: src/mod_status.c | |
401 | =================================================================== | |
8b19d016 ER |
402 | --- src/mod_status.c (.../tags/lighttpd-1.4.15) (revision 1880) |
403 | +++ src/mod_status.c (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
404 | @@ -220,6 +220,7 @@ |
405 | BUFFER_APPEND_STRING_CONST(b, | |
406 | " <style type=\"text/css\">\n" | |
407 | " table.status { border: black solid thin; }\n" | |
408 | + " td { white-space: nowrap; }\n" | |
409 | " td.int { background-color: #f0f0f0; text-align: right }\n" | |
410 | " td.string { background-color: #f0f0f0; text-align: left }\n" | |
411 | " th.status { background-color: black; color: white; font-weight: bold; }\n" | |
412 | @@ -520,6 +521,16 @@ | |
413 | buffer_append_string_encoded(b, CONST_BUF_LEN(c->uri.path), ENCODING_HTML); | |
414 | } | |
415 | ||
416 | + if (!buffer_is_empty(c->uri.query)) { | |
417 | + BUFFER_APPEND_STRING_CONST(b, "?"); | |
418 | + buffer_append_string_encoded(b, CONST_BUF_LEN(c->uri.query), ENCODING_HTML); | |
419 | + } | |
420 | + | |
421 | + if (!buffer_is_empty(c->request.orig_uri)) { | |
422 | + BUFFER_APPEND_STRING_CONST(b, " ("); | |
423 | + buffer_append_string_encoded(b, CONST_BUF_LEN(c->request.orig_uri), ENCODING_HTML); | |
424 | + BUFFER_APPEND_STRING_CONST(b, ")"); | |
425 | + } | |
426 | BUFFER_APPEND_STRING_CONST(b, "</td><td class=\"string\">"); | |
427 | ||
428 | buffer_append_string_buffer(b, c->physical.path); | |
429 | Index: src/mod_ssi.c | |
430 | =================================================================== | |
8b19d016 ER |
431 | --- src/mod_ssi.c (.../tags/lighttpd-1.4.15) (revision 1880) |
432 | +++ src/mod_ssi.c (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
433 | @@ -702,7 +702,7 @@ |
434 | /* close stdin */ | |
435 | close(STDIN_FILENO); | |
436 | ||
437 | - execl("/bin/sh", "sh", "-c", cmd, NULL); | |
438 | + execl("/bin/sh", "sh", "-c", cmd, (char *)NULL); | |
439 | ||
440 | log_error_write(srv, __FILE__, __LINE__, "sss", "spawing exec failed:", strerror(errno), cmd); | |
441 | ||
442 | Index: src/spawn-fcgi.c | |
443 | =================================================================== | |
8b19d016 ER |
444 | --- src/spawn-fcgi.c (.../tags/lighttpd-1.4.15) (revision 1880) |
445 | +++ src/spawn-fcgi.c (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
446 | @@ -169,7 +169,7 @@ |
447 | strcat(b, appPath); | |
448 | ||
449 | /* exec the cgi */ | |
450 | - execl("/bin/sh", "sh", "-c", b, NULL); | |
451 | + execl("/bin/sh", "sh", "-c", b, (char *)NULL); | |
452 | ||
453 | exit(errno); | |
454 | ||
455 | Index: src/mod_fastcgi.c | |
456 | =================================================================== | |
8b19d016 ER |
457 | --- src/mod_fastcgi.c (.../tags/lighttpd-1.4.15) (revision 1880) |
458 | +++ src/mod_fastcgi.c (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
459 | @@ -69,7 +69,7 @@ |
460 | buffer *unixsocket; /* config.socket + "-" + id */ | |
461 | unsigned port; /* config.port + pno */ | |
462 | ||
463 | - buffer *connection_name; /* either tcp:<host>:<port> or unix:<socket> for debuggin purposes */ | |
464 | + buffer *connection_name; /* either tcp:<host>:<port> or unix:<socket> for debugging purposes */ | |
465 | ||
466 | pid_t pid; /* PID of the spawned process (0 if not spawned locally) */ | |
467 | ||
468 | @@ -80,7 +80,7 @@ | |
469 | size_t requests; /* see max_requests */ | |
470 | struct fcgi_proc *prev, *next; /* see first */ | |
471 | ||
472 | - time_t disabled_until; /* this proc is disabled until, use something else until than */ | |
473 | + time_t disabled_until; /* this proc is disabled until, use something else until then */ | |
474 | ||
475 | int is_local; | |
476 | ||
477 | @@ -88,7 +88,7 @@ | |
478 | PROC_STATE_UNSET, /* init-phase */ | |
479 | PROC_STATE_RUNNING, /* alive */ | |
480 | PROC_STATE_OVERLOADED, /* listen-queue is full, | |
481 | - don't send something to this proc for the next 2 seconds */ | |
482 | + don't send anything to this proc for the next 2 seconds */ | |
483 | PROC_STATE_DIED_WAIT_FOR_PID, /* */ | |
484 | PROC_STATE_DIED, /* marked as dead, should be restarted */ | |
485 | PROC_STATE_KILLED /* was killed as we don't have the load anymore */ | |
486 | @@ -145,7 +145,7 @@ | |
487 | unsigned short disable_time; | |
488 | ||
489 | /* | |
490 | - * same fastcgi processes get a little bit larger | |
491 | + * some fastcgi processes get a little bit larger | |
492 | * than wanted. max_requests_per_proc kills a | |
493 | * process after a number of handled requests. | |
494 | * | |
495 | @@ -184,7 +184,7 @@ | |
496 | * bin-path is the path to the binary | |
497 | * | |
498 | * check min_procs and max_procs for the number | |
499 | - * of process to start-up | |
500 | + * of process to start up | |
501 | */ | |
502 | buffer *bin_path; | |
503 | ||
504 | @@ -217,7 +217,7 @@ | |
505 | unsigned short mode; | |
506 | ||
507 | /* | |
508 | - * check_local tell you if the phys file is stat()ed | |
509 | + * check_local tells you if the phys file is stat()ed | |
510 | * or not. FastCGI doesn't care if the service is | |
511 | * remote. If the web-server side doesn't contain | |
512 | * the fastcgi-files we should not stat() for them | |
513 | @@ -228,7 +228,7 @@ | |
514 | /* | |
515 | * append PATH_INFO to SCRIPT_FILENAME | |
516 | * | |
517 | - * php needs this if cgi.fix_pathinfo is provied | |
518 | + * php needs this if cgi.fix_pathinfo is provided | |
519 | * | |
520 | */ | |
521 | ||
522 | @@ -247,7 +247,7 @@ | |
523 | num_procs. | |
524 | ||
525 | only if a process is killed max_id waits for the process itself | |
526 | - to die and decrements its afterwards */ | |
527 | + to die and decrements it afterwards */ | |
528 | ||
529 | buffer *strip_request_uri; | |
530 | ||
531 | @@ -826,7 +826,7 @@ | |
532 | } else { | |
533 | struct hostent *he; | |
534 | ||
535 | - /* set a usefull default */ | |
536 | + /* set a useful default */ | |
537 | fcgi_addr_in.sin_addr.s_addr = htonl(INADDR_ANY); | |
538 | ||
539 | ||
540 | @@ -869,7 +869,7 @@ | |
541 | } | |
542 | ||
543 | if (-1 == connect(fcgi_fd, fcgi_addr, servlen)) { | |
544 | - /* server is not up, spawn in */ | |
545 | + /* server is not up, spawn it */ | |
546 | pid_t child; | |
547 | int val; | |
548 | ||
549 | @@ -1029,10 +1029,11 @@ | |
550 | "child exited with status", | |
551 | WEXITSTATUS(status), host->bin_path); | |
552 | log_error_write(srv, __FILE__, __LINE__, "s", | |
553 | - "if you try do run PHP as FastCGI backend make sure you use the FastCGI enabled version.\n" | |
554 | + "If you're trying to run PHP as a FastCGI backend, make sure you're using the FastCGI-enabled version.\n" | |
555 | "You can find out if it is the right one by executing 'php -v' and it should display '(cgi-fcgi)' " | |
556 | - "in the output, NOT (cgi) NOR (cli)\n" | |
557 | - "For more information check http://www.lighttpd.net/documentation/fastcgi.html#preparing-php-as-a-fastcgi-program"); | |
558 | + "in the output, NOT '(cgi)' NOR '(cli)'.\n" | |
559 | + "For more information, check http://trac.lighttpd.net/trac/wiki/Docs%3AModFastCGI#preparing-php-as-a-fastcgi-program" | |
560 | + "If this is PHP on Gentoo, add 'fastcgi' to the USE flags."); | |
561 | } else if (WIFSIGNALED(status)) { | |
562 | log_error_write(srv, __FILE__, __LINE__, "sd", | |
563 | "terminated by signal:", | |
564 | @@ -1040,9 +1041,9 @@ | |
565 | ||
566 | if (WTERMSIG(status) == 11) { | |
567 | log_error_write(srv, __FILE__, __LINE__, "s", | |
568 | - "to be exact: it seg-fault, crashed, died, ... you get the idea." ); | |
569 | + "to be exact: it segfaulted, crashed, died, ... you get the idea." ); | |
570 | log_error_write(srv, __FILE__, __LINE__, "s", | |
571 | - "If this is PHP try to remove the byte-code caches for now and try again."); | |
572 | + "If this is PHP, try removing the bytecode caches for now and try again."); | |
573 | } | |
574 | } else { | |
575 | log_error_write(srv, __FILE__, __LINE__, "sd", | |
576 | @@ -1066,7 +1067,7 @@ | |
577 | ||
578 | if (p->conf.debug) { | |
579 | log_error_write(srv, __FILE__, __LINE__, "sb", | |
580 | - "(debug) socket is already used, won't spawn:", | |
581 | + "(debug) socket is already used; won't spawn:", | |
582 | proc->connection_name); | |
583 | } | |
584 | } | |
585 | @@ -1508,7 +1509,7 @@ | |
586 | * | |
587 | * next step is resetting this attemp and setup a connection again | |
588 | * | |
589 | - * if we have more then 5 reconnects for the same request, die | |
590 | + * if we have more than 5 reconnects for the same request, die | |
591 | * | |
592 | * 2. | |
593 | * | |
594 | @@ -1626,7 +1627,7 @@ | |
595 | CONNECTION_UNSET, | |
596 | CONNECTION_OK, | |
597 | CONNECTION_DELAYED, /* retry after event, take same host */ | |
598 | - CONNECTION_OVERLOADED, /* disable for 1 seconds, take another backend */ | |
599 | + CONNECTION_OVERLOADED, /* disable for 1 second, take another backend */ | |
600 | CONNECTION_DEAD /* disable for 60 seconds, take another backend */ | |
601 | } connection_result_t; | |
602 | ||
603 | @@ -1669,7 +1670,7 @@ | |
604 | fcgi_addr_in.sin_family = AF_INET; | |
605 | if (0 == inet_aton(host->host->ptr, &(fcgi_addr_in.sin_addr))) { | |
606 | log_error_write(srv, __FILE__, __LINE__, "sbs", | |
607 | - "converting IP-adress failed for", host->host, | |
608 | + "converting IP address failed for", host->host, | |
609 | "\nBe sure to specify an IP address here"); | |
610 | ||
611 | return -1; | |
612 | @@ -1694,16 +1695,16 @@ | |
613 | errno == EINTR) { | |
614 | if (hctx->conf.debug > 2) { | |
615 | log_error_write(srv, __FILE__, __LINE__, "sb", | |
616 | - "connect delayed, will continue later:", proc->connection_name); | |
617 | + "connect delayed; will continue later:", proc->connection_name); | |
618 | } | |
619 | ||
620 | return CONNECTION_DELAYED; | |
621 | } else if (errno == EAGAIN) { | |
622 | if (hctx->conf.debug) { | |
623 | log_error_write(srv, __FILE__, __LINE__, "sbsd", | |
624 | - "This means that the you have more incoming requests than your fastcgi-backend can handle in parallel. " | |
625 | - "Perhaps it helps to spawn more fastcgi backend or php-children, if not decrease server.max-connections." | |
626 | - "The load for this fastcgi backend", proc->connection_name, "is", proc->load); | |
627 | + "This means that you have more incoming requests than your FastCGI backend can handle in parallel." | |
628 | + "It might help to spawn more FastCGI backends or PHP children; if not, decrease server.max-connections." | |
629 | + "The load for this FastCGI backend", proc->connection_name, "is", proc->load); | |
630 | } | |
631 | ||
632 | return CONNECTION_OVERLOADED; | |
633 | @@ -1881,8 +1882,6 @@ | |
634 | fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REMOTE_ADDR"), s, strlen(s)); | |
635 | ||
636 | if (!buffer_is_empty(con->authed_user)) { | |
637 | - fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REMOTE_USER"), CONST_BUF_LEN(con->authed_user)); | |
638 | - | |
639 | /* AUTH_TYPE fix by Troy Kruthoff (tkruthoff@gmail.com) | |
640 | * section 4.1.1 of RFC 3875 (cgi spec) requires the server to set a AUTH_TYPE env | |
641 | * declaring the type of authentication used. (see http://tools.ietf.org/html/rfc3875#page-11) | |
642 | @@ -1896,6 +1895,8 @@ | |
643 | char *http_authorization = NULL; | |
644 | data_string *ds; | |
645 | ||
646 | + fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REMOTE_USER"), CONST_BUF_LEN(con->authed_user)); | |
647 | + | |
648 | if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Authorization"))) { | |
649 | http_authorization = ds->value->ptr; | |
650 | } | |
651 | @@ -2055,8 +2056,8 @@ | |
652 | off_t written = 0; | |
653 | off_t weHave = 0; | |
654 | ||
655 | - /* we announce toWrite octects | |
656 | - * now take all the request_content chunk that we need to fill this request | |
657 | + /* we announce toWrite octets | |
658 | + * now take all the request_content chunks that we need to fill this request | |
659 | * */ | |
660 | ||
661 | b = chunkqueue_get_append_buffer(hctx->wb); | |
662 | @@ -2356,7 +2357,7 @@ | |
663 | } | |
664 | ||
665 | if (packet->b->used < packet->len + 1) { | |
666 | - /* we didn't got the full packet */ | |
667 | + /* we didn't get the full packet */ | |
668 | ||
669 | buffer_free(packet->b); | |
670 | return -1; | |
8b19d016 ER |
671 | @@ -2439,7 +2440,6 @@ |
672 | b->used = r + 1; /* one extra for the fake \0 */ | |
673 | b->ptr[b->used - 1] = '\0'; | |
674 | } else { | |
675 | - if (errno == EAGAIN) return 0; | |
676 | log_error_write(srv, __FILE__, __LINE__, "ssdsb", | |
677 | "unexpected end-of-file (perhaps the fastcgi process died):", | |
678 | "pid:", proc->pid, | |
679 | @@ -2558,7 +2558,7 @@ | |
cc1350fa ER |
680 | if (host->mode != FCGI_AUTHORIZER || |
681 | !(con->http_status == 0 || | |
682 | con->http_status == 200)) { | |
683 | - /* send chunk-end if nesseary */ | |
684 | + /* send chunk-end if necessary */ | |
685 | http_chunk_append_mem(srv, con, NULL, 0); | |
686 | joblist_append(srv, con); | |
687 | } | |
8b19d016 | 688 | @@ -2653,7 +2653,7 @@ |
cc1350fa ER |
689 | if (proc->state != PROC_STATE_DIED) break; |
690 | ||
691 | case PROC_STATE_DIED: | |
692 | - /* local proc get restarted by us, | |
693 | + /* local procs get restarted by us, | |
694 | * remote ones hopefully by the admin */ | |
695 | ||
696 | if (proc->is_local) { | |
8b19d016 | 697 | @@ -2774,7 +2774,7 @@ |
cc1350fa ER |
698 | proc && proc->state != PROC_STATE_RUNNING; |
699 | proc = proc->next); | |
700 | ||
701 | - /* all childs are dead */ | |
702 | + /* all children are dead */ | |
703 | if (proc == NULL) { | |
704 | hctx->fde_ndx = -1; | |
705 | ||
8b19d016 | 706 | @@ -2834,7 +2834,7 @@ |
cc1350fa ER |
707 | * -> EAGAIN */ |
708 | ||
709 | log_error_write(srv, __FILE__, __LINE__, "ssdsd", | |
710 | - "backend is overloaded, we disable it for a 2 seconds and send the request to another backend instead:", | |
711 | + "backend is overloaded; we'll disable it for 2 seconds and send the request to another backend instead:", | |
712 | "reconnects:", hctx->reconnects, | |
713 | "load:", host->load); | |
714 | ||
8b19d016 | 715 | @@ -2864,7 +2864,7 @@ |
cc1350fa ER |
716 | } |
717 | ||
718 | log_error_write(srv, __FILE__, __LINE__, "ssdsd", | |
719 | - "backend died, we disable it for a 5 seconds and send the request to another backend instead:", | |
720 | + "backend died; we'll disable it for 5 seconds and send the request to another backend instead:", | |
721 | "reconnects:", hctx->reconnects, | |
722 | "load:", host->load); | |
723 | ||
8b19d016 | 724 | @@ -2950,7 +2950,7 @@ |
cc1350fa ER |
725 | if (hctx->wb->bytes_out == 0 && |
726 | hctx->reconnects < 5) { | |
727 | usleep(10000); /* take away the load of the webserver | |
728 | - * to let the php a chance to restart | |
729 | + * to give the php a chance to restart | |
730 | */ | |
731 | ||
732 | fcgi_reconnect(srv, hctx); | |
8b19d016 | 733 | @@ -3152,9 +3152,9 @@ |
cc1350fa ER |
734 | (con->http_status == 200 || |
735 | con->http_status == 0)) { | |
736 | /* | |
737 | - * If we are here in AUTHORIZER mode then a request for autorizer | |
738 | - * was proceeded already, and status 200 has been returned. We need | |
739 | - * now to handle autorized request. | |
740 | + * If we are here in AUTHORIZER mode then a request for authorizer | |
741 | + * was processed already, and status 200 has been returned. We need | |
742 | + * now to handle authorized request. | |
743 | */ | |
744 | ||
745 | buffer_copy_string_buffer(con->physical.doc_root, host->docroot); | |
8b19d016 | 746 | @@ -3220,7 +3220,7 @@ |
cc1350fa ER |
747 | } |
748 | ||
749 | if (con->file_started == 0) { | |
750 | - /* nothing has been send out yet, try to use another child */ | |
751 | + /* nothing has been sent out yet, try to use another child */ | |
752 | ||
753 | if (hctx->wb->bytes_out == 0 && | |
754 | hctx->reconnects < 5) { | |
8b19d016 | 755 | @@ -3270,8 +3270,8 @@ |
cc1350fa ER |
756 | hctx->state == FCGI_STATE_WRITE) { |
757 | /* we are allowed to send something out | |
758 | * | |
759 | - * 1. in a unfinished connect() call | |
760 | - * 2. in a unfinished write() call (long POST request) | |
761 | + * 1. in an unfinished connect() call | |
762 | + * 2. in an unfinished write() call (long POST request) | |
763 | */ | |
764 | return mod_fastcgi_handle_subrequest(srv, con, p); | |
765 | } else { | |
8b19d016 | 766 | @@ -3286,8 +3286,8 @@ |
cc1350fa ER |
767 | if (hctx->state == FCGI_STATE_CONNECT_DELAYED) { |
768 | /* getoptsock will catch this one (right ?) | |
769 | * | |
770 | - * if we are in connect we might get a EINPROGRESS | |
771 | - * in the first call and a FDEVENT_HUP in the | |
772 | + * if we are in connect we might get an EINPROGRESS | |
773 | + * in the first call and an FDEVENT_HUP in the | |
774 | * second round | |
775 | * | |
776 | * FIXME: as it is a bit ugly. | |
8b19d016 | 777 | @@ -3485,7 +3485,7 @@ |
cc1350fa ER |
778 | return HANDLER_FINISHED; |
779 | } | |
780 | ||
781 | - /* a note about no handler is not sent yey */ | |
782 | + /* a note about no handler is not sent yet */ | |
783 | extension->note_is_sent = 0; | |
784 | ||
785 | /* | |
8b19d016 | 786 | @@ -3520,7 +3520,7 @@ |
cc1350fa ER |
787 | } |
788 | ||
789 | /* the prefix is the SCRIPT_NAME, | |
790 | - * everthing from start to the next slash | |
791 | + * everything from start to the next slash | |
792 | * this is important for check-local = "disable" | |
793 | * | |
794 | * if prefix = /admin.fcgi | |
8b19d016 | 795 | @@ -3630,13 +3630,13 @@ |
cc1350fa ER |
796 | |
797 | /* perhaps we should kill a connect attempt after 10-15 seconds | |
798 | * | |
799 | - * currently we wait for the TCP timeout which is on Linux 180 seconds | |
800 | + * currently we wait for the TCP timeout which is 180 seconds on Linux | |
801 | * | |
802 | * | |
803 | * | |
804 | */ | |
805 | ||
806 | - /* check all childs if they are still up */ | |
807 | + /* check all children if they are still up */ | |
808 | ||
809 | for (i = 0; i < srv->config_context->used; i++) { | |
810 | plugin_config *conf; | |
8b19d016 | 811 | @@ -3718,11 +3718,11 @@ |
cc1350fa ER |
812 | |
813 | if (srv->cur_ts - proc->last_used > host->idle_timeout) { | |
814 | /* a proc is idling for a long time now, | |
815 | - * terminated it */ | |
816 | + * terminate it */ | |
817 | ||
818 | if (p->conf.debug) { | |
819 | log_error_write(srv, __FILE__, __LINE__, "ssbsd", | |
820 | - "idle-timeout reached, terminating child:", | |
821 | + "idle-timeout reached; terminating child:", | |
822 | "socket:", proc->connection_name, | |
823 | "pid", proc->pid); | |
824 | } | |
825 | Index: src/mod_access.c | |
826 | =================================================================== | |
8b19d016 ER |
827 | --- src/mod_access.c (.../tags/lighttpd-1.4.15) (revision 1880) |
828 | +++ src/mod_access.c (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
829 | @@ -111,6 +111,15 @@ |
830 | } | |
831 | #undef PATCH | |
832 | ||
833 | +/** | |
834 | + * URI handler | |
835 | + * | |
836 | + * we will get called twice: | |
837 | + * - after the clean up of the URL and | |
838 | + * - after the pathinfo checks are done | |
839 | + * | |
840 | + * this handles the issue of trailing slashes | |
841 | + */ | |
842 | URIHANDLER_FUNC(mod_access_uri_handler) { | |
843 | plugin_data *p = p_d; | |
844 | int s_len; | |
845 | @@ -122,28 +131,41 @@ | |
846 | ||
847 | s_len = con->uri.path->used - 1; | |
848 | ||
849 | + if (con->conf.log_request_handling) { | |
850 | + log_error_write(srv, __FILE__, __LINE__, "s", | |
851 | + "-- mod_access_uri_handler called"); | |
852 | + } | |
853 | + | |
854 | for (k = 0; k < p->conf.access_deny->used; k++) { | |
855 | data_string *ds = (data_string *)p->conf.access_deny->data[k]; | |
856 | int ct_len = ds->value->used - 1; | |
857 | + int denied = 0; | |
858 | ||
859 | + | |
860 | if (ct_len > s_len) continue; | |
861 | - | |
862 | if (ds->value->used == 0) continue; | |
863 | ||
864 | /* if we have a case-insensitive FS we have to lower-case the URI here too */ | |
865 | ||
866 | if (con->conf.force_lowercase_filenames) { | |
867 | if (0 == strncasecmp(con->uri.path->ptr + s_len - ct_len, ds->value->ptr, ct_len)) { | |
868 | - con->http_status = 403; | |
869 | - | |
870 | - return HANDLER_FINISHED; | |
871 | + denied = 1; | |
872 | } | |
873 | } else { | |
874 | if (0 == strncmp(con->uri.path->ptr + s_len - ct_len, ds->value->ptr, ct_len)) { | |
875 | - con->http_status = 403; | |
876 | + denied = 1; | |
877 | + } | |
878 | + } | |
879 | ||
880 | - return HANDLER_FINISHED; | |
881 | + if (denied) { | |
882 | + con->http_status = 403; | |
883 | + | |
884 | + if (con->conf.log_request_handling) { | |
885 | + log_error_write(srv, __FILE__, __LINE__, "sb", | |
886 | + "url denied as we match:", ds->value); | |
887 | } | |
888 | + | |
889 | + return HANDLER_FINISHED; | |
890 | } | |
891 | } | |
892 | ||
893 | @@ -158,7 +180,8 @@ | |
894 | ||
895 | p->init = mod_access_init; | |
896 | p->set_defaults = mod_access_set_defaults; | |
897 | - p->handle_uri_clean = mod_access_uri_handler; | |
898 | + p->handle_uri_clean = mod_access_uri_handler; | |
899 | + p->handle_subrequest_start = mod_access_uri_handler; | |
900 | p->cleanup = mod_access_free; | |
901 | ||
902 | p->data = NULL; | |
903 | Index: src/mod_accesslog.c | |
904 | =================================================================== | |
8b19d016 ER |
905 | --- src/mod_accesslog.c (.../tags/lighttpd-1.4.15) (revision 1880) |
906 | +++ src/mod_accesslog.c (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
907 | @@ -507,7 +507,7 @@ |
908 | * | |
909 | */ | |
910 | ||
911 | - execl("/bin/sh", "sh", "-c", s->access_logfile->ptr + 1, NULL); | |
912 | + execl("/bin/sh", "sh", "-c", s->access_logfile->ptr + 1, (char *)NULL); | |
913 | ||
914 | log_error_write(srv, __FILE__, __LINE__, "sss", | |
915 | "spawning log-process failed: ", strerror(errno), | |
916 | Index: src/server.c | |
917 | =================================================================== | |
8b19d016 ER |
918 | --- src/server.c (.../tags/lighttpd-1.4.15) (revision 1880) |
919 | +++ src/server.c (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
920 | @@ -775,6 +775,22 @@ |
921 | return -1; | |
922 | } | |
923 | ||
924 | + /** | |
925 | + * we are not root can can't increase the fd-limit, but we can reduce it | |
926 | + */ | |
927 | + if (srv->srvconf.max_fds && srv->srvconf.max_fds < rlim.rlim_cur) { | |
928 | + /* set rlimits */ | |
929 | + | |
930 | + rlim.rlim_cur = srv->srvconf.max_fds; | |
931 | + | |
932 | + if (0 != setrlimit(RLIMIT_NOFILE, &rlim)) { | |
933 | + log_error_write(srv, __FILE__, __LINE__, | |
934 | + "ss", "couldn't set 'max filedescriptors'", | |
935 | + strerror(errno)); | |
936 | + return -1; | |
937 | + } | |
938 | + } | |
939 | + | |
940 | if (srv->event_handler == FDEVENT_HANDLER_SELECT) { | |
941 | srv->max_fds = rlim.rlim_cur < FD_SETSIZE - 200 ? rlim.rlim_cur : FD_SETSIZE - 200; | |
942 | } else { | |
943 | Index: src/proc_open.c | |
944 | =================================================================== | |
8b19d016 ER |
945 | --- src/proc_open.c (.../tags/lighttpd-1.4.15) (revision 1880) |
946 | +++ src/proc_open.c (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
947 | @@ -255,7 +255,7 @@ |
948 | */ | |
949 | proc_close_parents(proc); | |
950 | ||
951 | - execl(shell, shell, "-c", command, NULL); | |
952 | + execl(shell, shell, "-c", command, (char *)NULL); | |
953 | _exit(127); | |
954 | ||
955 | } else if (child < 0) { | |
956 | Index: tests/mod-auth.t | |
957 | =================================================================== | |
8b19d016 ER |
958 | --- tests/mod-auth.t (.../tags/lighttpd-1.4.15) (revision 1880) |
959 | +++ tests/mod-auth.t (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
960 | @@ -8,7 +8,7 @@ |
961 | ||
962 | use strict; | |
963 | use IO::Socket; | |
964 | -use Test::More tests => 10; | |
965 | +use Test::More tests => 13; | |
966 | use LightyTest; | |
967 | ||
968 | my $tf = LightyTest->new(); | |
969 | @@ -93,7 +93,44 @@ | |
970 | $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 400 } ]; | |
971 | ok($tf->handle_http($t) == 0, 'Digest-Auth: missing nc (noncecount instead), no crash'); | |
972 | ||
973 | +$t->{REQUEST} = ( <<EOF | |
974 | +GET /server-status HTTP/1.0 | |
975 | +Authorization: Basic = | |
976 | +EOF | |
977 | + ); | |
978 | +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ]; | |
979 | +ok($tf->handle_http($t) == 0, 'Basic-Auth: Invalid Base64'); | |
980 | ||
981 | ||
982 | +$t->{REQUEST} = ( <<EOF | |
983 | +GET /server-status HTTP/1.0 | |
984 | +User-Agent: Wget/1.9.1 | |
985 | +Authorization: Digest username="jan", realm="jan", | |
986 | + nonce="b1d12348b4620437c43dd61c50ae4639", algorithm="md5-sess", | |
987 | + uri="/MJ-BONG.xm.mpc", qop=auth, noncecount=00000001", | |
988 | + cnonce="036FCA5B86F7E7C4965C7F9B8FE714B7", | |
989 | + nc="asd", | |
990 | + response="29B32C2953C763C6D033C8A49983B87E" | |
991 | +EOF | |
992 | + ); | |
993 | +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ]; | |
994 | +ok($tf->handle_http($t) == 0, 'Digest-Auth: md5-sess + missing cnonce'); | |
995 | + | |
996 | +$t->{REQUEST} = ( <<EOF | |
997 | +GET /server-status HTTP/1.0 | |
998 | +User-Agent: Wget/1.9.1 | |
999 | +Authorization: Digest username="jan", realm="jan", | |
1000 | + nonce="b1d12348b4620437c43dd61c50ae4639", algorithm="md5-sess", | |
1001 | + uri="/MJ-BONG.xm.mpc", qop=auth, noncecount=00000001", | |
1002 | + cnonce="036FCA5B86F7E7C4965C7F9B8FE714B7", | |
1003 | + nc="asd", | |
1004 | + response="29B32C2953C763C6D033C8A49983B87E" | |
1005 | +EOF | |
1006 | + ); | |
1007 | +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ]; | |
1008 | +ok($tf->handle_http($t) == 0, 'Digest-Auth: trailing WS'); | |
1009 | + | |
1010 | + | |
1011 | + | |
1012 | ok($tf->stop_proc == 0, "Stopping lighttpd"); | |
1013 | ||
1014 | Index: tests/mod-access.t | |
1015 | =================================================================== | |
8b19d016 ER |
1016 | --- tests/mod-access.t (.../tags/lighttpd-1.4.15) (revision 1880) |
1017 | +++ tests/mod-access.t (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
1018 | @@ -8,7 +8,7 @@ |
1019 | ||
1020 | use strict; | |
1021 | use IO::Socket; | |
1022 | -use Test::More tests => 3; | |
1023 | +use Test::More tests => 4; | |
1024 | use LightyTest; | |
1025 | ||
1026 | my $tf = LightyTest->new(); | |
1027 | @@ -23,5 +23,12 @@ | |
1028 | $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ]; | |
1029 | ok($tf->handle_http($t) == 0, 'forbid access to ...~'); | |
1030 | ||
1031 | +$t->{REQUEST} = ( <<EOF | |
1032 | +GET /index.html~/ HTTP/1.0 | |
1033 | +EOF | |
1034 | + ); | |
1035 | +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ]; | |
1036 | +ok($tf->handle_http($t) == 0, '#1230 - forbid access to ...~ - trailing slash'); | |
1037 | + | |
1038 | ok($tf->stop_proc == 0, "Stopping lighttpd"); | |
1039 | ||
1040 | Index: tests/core-request.t | |
1041 | =================================================================== | |
8b19d016 ER |
1042 | --- tests/core-request.t (.../tags/lighttpd-1.4.15) (revision 1880) |
1043 | +++ tests/core-request.t (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
1044 | @@ -8,7 +8,7 @@ |
1045 | ||
1046 | use strict; | |
1047 | use IO::Socket; | |
1048 | -use Test::More tests => 33; | |
1049 | +use Test::More tests => 36; | |
1050 | use LightyTest; | |
1051 | ||
1052 | my $tf = LightyTest->new(); | |
1053 | @@ -273,6 +273,38 @@ | |
1054 | $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; | |
1055 | ok($tf->handle_http($t) == 0, 'uppercase filenames'); | |
1056 | ||
1057 | +$t->{REQUEST} = ( <<EOF | |
1058 | +GET / HTTP/1.0 | |
1059 | +Location: foo | |
1060 | +Location: foobar | |
1061 | + baz | |
1062 | +EOF | |
1063 | + ); | |
1064 | +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; | |
1065 | +ok($tf->handle_http($t) == 0, '#1232 - duplicate headers with line-wrapping'); | |
1066 | ||
1067 | +$t->{REQUEST} = ( <<EOF | |
1068 | +GET / HTTP/1.0 | |
1069 | +Location: | |
1070 | +Location: foobar | |
1071 | + baz | |
1072 | +EOF | |
1073 | + ); | |
1074 | +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; | |
1075 | +ok($tf->handle_http($t) == 0, '#1232 - duplicate headers with line-wrapping - test 2'); | |
1076 | + | |
1077 | +$t->{REQUEST} = ( <<EOF | |
1078 | +GET / HTTP/1.0 | |
1079 | +A: | |
1080 | +Location: foobar | |
1081 | + baz | |
1082 | +EOF | |
1083 | + ); | |
1084 | +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; | |
1085 | +ok($tf->handle_http($t) == 0, '#1232 - duplicate headers with line-wrapping - test 3'); | |
1086 | + | |
1087 | + | |
1088 | + | |
1089 | + | |
1090 | ok($tf->stop_proc == 0, "Stopping lighttpd"); | |
1091 | ||
1092 | Index: tests/prepare.sh | |
1093 | =================================================================== | |
8b19d016 ER |
1094 | --- tests/prepare.sh (.../tags/lighttpd-1.4.15) (revision 1880) |
1095 | +++ tests/prepare.sh (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
1096 | @@ -25,6 +25,7 @@ |
1097 | # copy everything into the right places | |
1098 | cp $srcdir/docroot/www/*.html \ | |
1099 | $srcdir/docroot/www/*.php \ | |
1100 | + $srcdir/docroot/www/*.html~ \ | |
1101 | $srcdir/docroot/www/*.pl \ | |
1102 | $srcdir/docroot/www/*.fcgi \ | |
1103 | $srcdir/docroot/www/*.shtml \ | |
1104 | Index: tests/docroot/www/index.html~ | |
1105 | =================================================================== | |
1106 | Index: tests/docroot/www/Makefile.am | |
1107 | =================================================================== | |
8b19d016 ER |
1108 | --- tests/docroot/www/Makefile.am (.../tags/lighttpd-1.4.15) (revision 1880) |
1109 | +++ tests/docroot/www/Makefile.am (.../branches/lighttpd-1.4.x) (revision 1880) | |
cc1350fa ER |
1110 | @@ -1,5 +1,5 @@ |
1111 | EXTRA_DIST=cgi.php cgi.pl dummydir index.html index.txt phpinfo.php \ | |
1112 | redirect.php cgi-pathinfo.pl get-env.php get-server-env.php \ | |
1113 | nph-status.pl prefix.fcgi get-header.pl ssi.shtml get-post-len.pl \ | |
1114 | - exec-date.shtml | |
1115 | + exec-date.shtml index.html~ | |
1116 | SUBDIRS=go indexfile expire | |
1117 | Index: NEWS | |
1118 | =================================================================== | |
8b19d016 ER |
1119 | --- NEWS (.../tags/lighttpd-1.4.15) (revision 1880) |
1120 | +++ NEWS (.../branches/lighttpd-1.4.x) (revision 1880) | |
1121 | @@ -3,9 +3,28 @@ | |
cc1350fa ER |
1122 | NEWS |
1123 | ==== | |
1124 | ||
1125 | +- 1.4.16 - | |
1126 | + | |
1127 | + * added static-file.etags, etag.use-inode, etag.use-mtime, etag.use-size | |
1128 | + to customize the generation of ETags for static files. (#1209) | |
1129 | + (patch by <Yusufg@gmail.com>) | |
1130 | + * fixed typecast of NULL on execl() (#1235) | |
1131 | + (patch by F. Denis) | |
1132 | + * fixed circumventing url.access-deny by trailing slash (#1230) | |
1133 | + * fixed crash on duplicate headers with trailing WS (#1232) | |
1134 | + * fixed accepting more connections then requested (#1216) | |
1135 | + * fixed mem-leak in mod_auth (reported by Stefan Esser) | |
1136 | + * fixed crash with md5-sess and cnonce not set in mod_auth (reported by Stefan Esser) | |
1137 | + * fixed missing check for base64 encoded string in mod_auth and Basic auth | |
1138 | + (reported by Stefan Esser) | |
1139 | + * fixed possible crash in Auth-Digest header parser on trailing WS in | |
1140 | + mod_auth (reported by Stefan Esser) | |
8b19d016 ER |
1141 | + * fixed check on stale errno values, which broke handling of broken fastcgi |
1142 | + applications. (#1245) | |
cc1350fa ER |
1143 | + |
1144 | - 1.4.15 - 2007-04-13 | |
1145 | ||
1146 | - * fixed broken Set-Cookie headers | |
1147 | + * fixed broken Set-Cookie headers | |
1148 | ||
1149 | - 1.4.14 - 2007-04-13 | |
1150 | ||
8b19d016 | 1151 | @@ -29,7 +48,7 @@ |
cc1350fa ER |
1152 | * fix cpu hog in certain requests [1473] CVE-2007-1869 |
1153 | * fix for handling hostnames with trailing dot [1406] | |
1154 | * fixed header-injection via server.tag (#1106) | |
1155 | - * disabled caching of files without a content-type to solve the | |
1156 | + * disabled caching of files without a content-type to solve the | |
1157 | aggressive caching of FF | |
1158 | * remove trailing white-spaces from HTTP-requests before parsing (#1098) | |
1159 | * fixed accesslog.use-syslog in a conditional and the caching of the | |
8b19d016 | 1160 | @@ -42,7 +61,7 @@ |
cc1350fa ER |
1161 | * fixed crash on url.redirect and url.rewrite if %0 is used in a global context |
1162 | (#800) | |
1163 | * fixed possible crash in debug-message in mod_extforward | |
1164 | - * fixed compilation of mod_extforward on glibc < 2.3.4 | |
1165 | + * fixed compilation of mod_extforward on glibc < 2.3.4 | |
1166 | * fixed include of empty in the configfiles (#1076) | |
1167 | * send SIGUSR1 to fastcgi children before SIGTERM. libfcgi wants SIGUSR1. (#737) | |
1168 | * fixed missing AUTH_TYPE entry in the fastcgi environment. (#889) | |
8b19d016 | 1169 | @@ -54,16 +73,16 @@ |
cc1350fa ER |
1170 | * added initgroups in spawn-fcgi (#871) |
1171 | * added apr1 support htpasswd in mod-auth (#870) | |
1172 | * added lighty.stat() to mod_magnet | |
1173 | - * fixed segfault in splitted CRLF CRLF sequences | |
1174 | + * fixed segfault in splitted CRLF CRLF sequences | |
1175 | (introduced in 1.4.12) (#876) | |
1176 | * fixed compilation of LOCK support in mod-webdav | |
1177 | * fixed fragments in request-URLs (#869) | |
1178 | * fixed pkg-config check for lua5.1 on debian | |
1179 | - * fixed Content-Length = 0 on HEAD requests without | |
1180 | + * fixed Content-Length = 0 on HEAD requests without | |
1181 | a known Content-Length (#119) | |
1182 | * fixed mkdir() forcing 0700 (#884) | |
1183 | * fixed writev() on FreeBSD 4.x and older (#875) | |
1184 | - * removed warning about a 404-error-handler | |
1185 | + * removed warning about a 404-error-handler | |
1186 | returned 404 | |
1187 | * backported and fixed the buildsystem changes for | |
1188 | webdav locks |