-Index: lighttpd.spec.in
-===================================================================
---- lighttpd.spec.in (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ lighttpd.spec.in (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -1,83 +0,0 @@
--Summary: A fast webserver with minimal memory-footprint (lighttpd)
--Name: lighttpd
--Version: @VERSION@
--Release: 1
--Source: http://jan.kneschke.de/projects/lighttpd/download/lighttpd-%version.tar.gz
--Packager: Jan Kneschke <jan@kneschke.de>
--License: BSD
--Group: Networking/Daemons
--URL: http://www.lighttpd.net/
--Requires: pcre >= 3.1 zlib
--BuildRequires: libtool zlib-devel
--BuildRoot: %{_tmppath}/%{name}-root
--
--%description
--lighttpd is intented to be a frontend for ad-servers which have to deliver
--small files concurrently to many connections.
--
--Available rpmbuild rebuild options:
----with: ssl mysql lua memcache
--
--%prep
--%setup -q
--
--%build
--rm -rf %{buildroot}
--%configure \
-- %{?_with_mysql: --with-mysql} \
-- %{?_with_lua: --with-lua} \
-- %{?_with_memcache: --with-memcache} \
-- %{?_with_ssl: --with-openssl}
--make
--
--%install
--%makeinstall
--
--mkdir -p %{buildroot}%{_sysconfdir}/{init.d,sysconfig}
--if [ -f /etc/redhat-release -o -f /etc/fedora-release ]; then
-- install -m 755 doc/rc.lighttpd.redhat %{buildroot}%{_sysconfdir}/init.d/lighttpd
--else
-- install -m 755 doc/rc.lighttpd %{buildroot}%{_sysconfdir}/init.d/lighttpd
--fi
--install -m 644 doc/sysconfig.lighttpd %{buildroot}%{_sysconfdir}/sysconfig/lighttpd
--
--%clean
--rm -rf %{buildroot}
--
--%post
--## read http://www.fedora.us/docs/spec.html next time :)
--if [ "$1" = "1" ]; then
-- # real install, not upgrade
-- /sbin/chkconfig --add lighttpd
--fi
--
--%preun
--if [ "$1" = "0"]; then
-- # real uninstall, not upgrade
-- %{_sysconfdir}/init.d/lighttpd stop
-- /sbin/chkconfig --del lighttpd
--fi
--
--%files
--%defattr(-,root,root)
--%doc doc/lighttpd.conf doc/lighttpd.user README INSTALL ChangeLog COPYING AUTHORS
--%doc doc/*.txt
--%config(noreplace) %attr(0755,root,root) %{_sysconfdir}/init.d/lighttpd
--%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/sysconfig/lighttpd
--%{_mandir}/*
--%{_libdir}/*
--%{_sbindir}/*
--%{_bindir}/*
--
--%changelog
--* Thu Sep 30 2004 12:41 <jan@kneschke.de> 1.3.1
--- upgraded to 1.3.1
--
--* Tue Jun 29 2004 17:26 <jan@kneschke.de> 1.2.3
--- rpmlint'ed the package
--- added URL
--- added (noreplace) to start-script
--- change group to Networking/Daemon (like apache)
--
--* Sun Feb 23 2003 15:04 <jan@kneschke.de>
--- initial version
-Index: configure.in
-===================================================================
-Index: src/mod_ssi_exprparser.h
-===================================================================
---- src/mod_ssi_exprparser.h (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/mod_ssi_exprparser.h (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -1,12 +0,0 @@
--#define TK_AND 1
--#define TK_OR 2
--#define TK_EQ 3
--#define TK_NE 4
--#define TK_GT 5
--#define TK_GE 6
--#define TK_LT 7
--#define TK_LE 8
--#define TK_NOT 9
--#define TK_LPARAN 10
--#define TK_RPARAN 11
--#define TK_VALUE 12
+Index: ChangeLog
+===================================================================
+Index: .cvsignore
+===================================================================
+Index: src/.cvsignore
+===================================================================
Index: src/configfile-glue.c
===================================================================
---- src/configfile-glue.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/configfile-glue.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -529,7 +529,7 @@
- int config_append_cond_match_buffer(connection *con, data_config *dc, buffer *buf, int n)
- {
- cond_cache_t *cache = &con->cond_cache[dc->context_ndx];
-- if (n > cache->patterncount) {
-+ if (n >= cache->patterncount) {
- return 0;
- }
+--- src/configfile-glue.c (.../tags/lighttpd-1.4.23)
++++ src/configfile-glue.c (.../branches/lighttpd-1.4.x)
+@@ -103,7 +103,6 @@
+ if (e != ds->value->ptr && !*e && l >=0 && l <= 65535) {
+ *((unsigned short *)(cv[i].destination)) = l;
+ break;
+-
+ }
+ }
+@@ -112,10 +111,40 @@
+ return -1;
+ }
+ default:
+- log_error_write(srv, __FILE__, __LINE__, "ssds", "unexpected type for key:", cv[i].key, du->type, "expected a integer, range 0 ... 65535");
++ log_error_write(srv, __FILE__, __LINE__, "ssds", "unexpected type for key:", cv[i].key, du->type, "expected a short integer, range 0 ... 65535");
+ return -1;
+ }
+ break;
++ case T_CONFIG_INT:
++ switch(du->type) {
++ case TYPE_INTEGER: {
++ data_integer *di = (data_integer *)du;
++
++ *((unsigned int *)(cv[i].destination)) = di->value;
++ break;
++ }
++ case TYPE_STRING: {
++ data_string *ds = (data_string *)du;
++
++ if (ds->value->ptr && *ds->value->ptr) {
++ char *e;
++ long l = strtol(ds->value->ptr, &e, 10);
++ if (e != ds->value->ptr && !*e && l >= 0) {
++ *((unsigned int *)(cv[i].destination)) = l;
++ break;
++ }
++ }
++
++
++ log_error_write(srv, __FILE__, __LINE__, "ssb", "got a string but expected an integer:", cv[i].key, ds->value);
++
++ return -1;
++ }
++ default:
++ log_error_write(srv, __FILE__, __LINE__, "ssds", "unexpected type for key:", cv[i].key, du->type, "expected an integer, range 0 ... 4294967295");
++ return -1;
++ }
++ break;
+ case T_CONFIG_BOOLEAN:
+ if (du->type == TYPE_STRING) {
+ data_string *ds = (data_string *)du;
Index: src/mod_cgi.c
===================================================================
---- src/mod_cgi.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/mod_cgi.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -987,6 +987,8 @@
+--- src/mod_cgi.c (.../tags/lighttpd-1.4.23)
++++ src/mod_cgi.c (.../branches/lighttpd-1.4.x)
+@@ -56,6 +56,7 @@
+
+ typedef struct {
+ array *cgi;
++ unsigned short execute_x_only;
+ } plugin_config;
+
+ typedef struct {
+@@ -151,6 +152,7 @@
+
+ config_values_t cv[] = {
+ { "cgi.assign", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
++ { "cgi.execute-x-only", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
+ { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET}
+ };
+
+@@ -165,8 +167,10 @@
+ assert(s);
+
+ s->cgi = array_init();
++ s->execute_x_only = 0;
+
+ cv[0].destination = s->cgi;
++ cv[1].destination = &(s->execute_x_only);
+
+ p->config_storage[i] = s;
+
+@@ -580,12 +584,9 @@
+ #if 0
+ log_error_write(srv, __FILE__, __LINE__, "sd", "(debug) cgi exited fine, pid:", pid);
+ #endif
+- pid = 0;
+-
+ return HANDLER_GO_ON;
+ } else {
+ log_error_write(srv, __FILE__, __LINE__, "sd", "cgi died, pid:", pid);
+- pid = 0;
+ return HANDLER_GO_ON;
+ }
+ }
+@@ -1005,7 +1006,7 @@
+ args[i++] = cgi_handler->ptr;
+ }
+ args[i++] = con->physical.path->ptr;
+- args[i++] = NULL;
++ args[i ] = NULL;
+
+ /* search for the last / */
+ if (NULL != (c = strrchr(con->physical.path->ptr, '/'))) {
+@@ -1018,8 +1019,6 @@
*c = '/';
}
-+ openDevNull(STDERR_FILENO);
-+
+- openDevNull(STDERR_FILENO);
+-
/* we don't need the client socket */
for (i = 3; i < 256; i++) {
if (i != srv->errorlog_fd) close(i);
-@@ -995,7 +997,7 @@
- /* exec the cgi */
- execve(args[0], args, env.ptr);
-
-- log_error_write(srv, __FILE__, __LINE__, "sss", "CGI failed:", strerror(errno), args[0]);
-+ /* log_error_write(srv, __FILE__, __LINE__, "sss", "CGI failed:", strerror(errno), args[0]); */
-
- /* */
- SEGFAULT();
-@@ -1058,8 +1060,9 @@
- switch(errno) {
- case ENOSPC:
- con->http_status = 507;
--
- break;
-+ case EINTR:
-+ continue;
- default:
- con->http_status = 403;
- break;
-@@ -1071,8 +1074,9 @@
- switch(errno) {
- case ENOSPC:
- con->http_status = 507;
--
- break;
-+ case EINTR:
-+ continue;
- default:
- con->http_status = 403;
- break;
-@@ -1087,6 +1091,8 @@
- c->offset += r;
- cq->bytes_out += r;
- } else {
-+ log_error_write(srv, __FILE__, __LINE__, "ss", "write() failed due to: ", strerror(errno));
-+ con->http_status = 500;
- break;
- }
- chunkqueue_remove_finished_chunks(cq);
-Index: src/mod_rewrite.c
-===================================================================
---- src/mod_rewrite.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/mod_rewrite.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -385,8 +385,7 @@
+@@ -1198,6 +1197,8 @@
- start = 0; end = pattern_len;
- for (k = 0; k < pattern_len; k++) {
-- if ((pattern[k] == '$' || pattern[k] == '%') &&
-- isdigit((unsigned char)pattern[k + 1])) {
-+ if (pattern[k] == '$' || pattern[k] == '%') {
- /* got one */
+ if (buffer_is_equal_string(du->key, CONST_STR_LEN("cgi.assign"))) {
+ PATCH(cgi);
++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("cgi.execute-x-only"))) {
++ PATCH(execute_x_only);
+ }
+ }
+ }
+@@ -1220,6 +1221,7 @@
- size_t num = pattern[k + 1] - '0';
-@@ -395,7 +394,10 @@
-
- buffer_append_string_len(con->request.uri, pattern + start, end - start);
-
-- if (pattern[k] == '$') {
-+ if (!isdigit((unsigned char)pattern[k + 1])) {
-+ /* enable escape: "%%" => "%", "%a" => "%a", "$$" => "$" */
-+ buffer_append_string_len(con->request.uri, pattern+k, pattern[k] == pattern[k+1] ? 1 : 2);
-+ } else if (pattern[k] == '$') {
- /* n is always > 0 */
- if (num < (size_t)n) {
- buffer_append_string(con->request.uri, list[num]);
-Index: src/lempar.c
-===================================================================
---- src/lempar.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/lempar.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -210,7 +210,7 @@
- */
- const char *ParseTokenName(int tokenType){
- #ifndef NDEBUG
-- if( tokenType>0 && tokenType<(sizeof(yyTokenName)/sizeof(yyTokenName[0])) ){
-+ if( tokenType>0 && (size_t)tokenType<(sizeof(yyTokenName)/sizeof(yyTokenName[0])) ){
- return yyTokenName[tokenType];
- }else{
- return "Unknown";
-@@ -335,7 +335,7 @@
- return YY_NO_ACTION;
- }
- i += iLookAhead;
-- if( i<0 || i>=YY_SZ_ACTTAB || yy_lookahead[i]!=iLookAhead ){
-+ if( i<0 || (size_t)i>=YY_SZ_ACTTAB || yy_lookahead[i]!=iLookAhead ){
- #ifdef YYFALLBACK
- int iFallback; /* Fallback token */
- if( iLookAhead<sizeof(yyFallback)/sizeof(yyFallback[0])
-@@ -378,7 +378,7 @@
- return YY_NO_ACTION;
- }
- i += iLookAhead;
-- if( i<0 || i>=YY_SZ_ACTTAB || yy_lookahead[i]!=iLookAhead ){
-+ if( i<0 || (size_t)i>=YY_SZ_ACTTAB || yy_lookahead[i]!=iLookAhead ){
- return yy_default[stateno];
- }else{
- return yy_action[i];
-@@ -456,7 +456,7 @@
- yymsp = &yypParser->yystack[yypParser->yyidx];
- #ifndef NDEBUG
- if( yyTraceFILE && yyruleno>=0
-- && yyruleno<sizeof(yyRuleName)/sizeof(yyRuleName[0]) ){
-+ && (size_t)yyruleno<sizeof(yyRuleName)/sizeof(yyRuleName[0]) ){
- fprintf(yyTraceFILE, "%sReduce [%s].\n", yyTracePrompt,
- yyRuleName[yyruleno]);
- }
-@@ -511,6 +511,8 @@
- int yymajor, /* The major type of the error token */
- YYMINORTYPE yyminor /* The minor type of the error token */
- ){
-+ UNUSED(yymajor);
-+ UNUSED(yyminor);
- ParseARG_FETCH;
- #define TOKEN (yyminor.yy0)
- %%
-Index: src/connections.c
-===================================================================
---- src/connections.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/connections.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -199,6 +199,7 @@
+ if (HANDLER_ERROR == stat_cache_get_entry(srv, con, con->physical.path, &sce)) return HANDLER_GO_ON;
+ if (!S_ISREG(sce->st.st_mode)) return HANDLER_GO_ON;
++ if (p->conf.execute_x_only == 1 && (sce->st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH)) == 0) return HANDLER_GO_ON;
- /* don't resize the buffer if we were in SSL_ERROR_WANT_* */
+ s_len = fn->used - 1;
-+ ERR_clear_error();
- do {
- if (!con->ssl_error_want_reuse_buffer) {
- b = buffer_init();
-@@ -299,6 +300,8 @@
+Index: src/network_write.c
+===================================================================
+--- src/network_write.c (.../tags/lighttpd-1.4.23)
++++ src/network_write.c (.../branches/lighttpd-1.4.x)
+@@ -46,15 +46,27 @@
+ toSend = c->mem->used - 1 - c->offset;
+ #ifdef __WIN32
+ if ((r = send(fd, offset, toSend, 0)) < 0) {
+- log_error_write(srv, __FILE__, __LINE__, "ssd", "write failed: ", strerror(errno), fd);
++ /* no error handling for windows... */
++ log_error_write(srv, __FILE__, __LINE__, "ssd", "send failed: ", strerror(errno), fd);
- return 0;
+ return -1;
+ }
#else
-+ UNUSED(srv);
-+ UNUSED(con);
- return -1;
+ if ((r = write(fd, offset, toSend)) < 0) {
+- log_error_write(srv, __FILE__, __LINE__, "ssd", "write failed: ", strerror(errno), fd);
++ switch (errno) {
++ case EAGAIN:
++ case EINTR:
++ r = 0;
++ break;
++ case EPIPE:
++ case ECONNRESET:
++ return -2;
++ default:
++ log_error_write(srv, __FILE__, __LINE__, "ssd",
++ "write failed:", strerror(errno), fd);
+
+- return -1;
++ return -1;
++ }
+ }
#endif
- }
-@@ -427,21 +430,22 @@
- }
- switch(con->http_status) {
-- case 400: /* class: header + custom body */
-- case 401:
-- case 403:
-- case 404:
-- case 408:
-- case 409:
-- case 411:
-- case 416:
-- case 423:
-- case 500:
-- case 501:
-- case 503:
-- case 505:
-+ case 204: /* class: header only */
-+ case 205:
-+ case 304:
-+ /* disable chunked encoding again as we have no body */
-+ con->response.transfer_encoding &= ~HTTP_TRANSFER_ENCODING_CHUNKED;
-+ con->parsed_response &= ~HTTP_CONTENT_LENGTH;
-+ chunkqueue_reset(con->write_queue);
-+
-+ con->file_finished = 1;
-+ break;
-+ default: /* class: header + body */
- if (con->mode != DIRECT) break;
+@@ -98,7 +110,7 @@
+ return -1;
+ }
-+ /* only custom body for 4xx and 5xx */
-+ if (con->http_status < 400 || con->http_status >= 600) break;
+-#if defined USE_MMAP
++#ifdef USE_MMAP
+ if (MAP_FAILED == (p = mmap(0, sce->st.st_size, PROT_READ, MAP_SHARED, ifd, 0))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "mmap failed: ", strerror(errno));
+
+@@ -109,13 +121,26 @@
+ close(ifd);
+
+ if ((r = write(fd, p + offset, toSend)) <= 0) {
+- log_error_write(srv, __FILE__, __LINE__, "ss", "write failed: ", strerror(errno));
+- munmap(p, sce->st.st_size);
+- return -1;
++ switch (errno) {
++ case EAGAIN:
++ case EINTR:
++ r = 0;
++ break;
++ case EPIPE:
++ case ECONNRESET:
++ munmap(p, sce->st.st_size);
++ return -2;
++ default:
++ log_error_write(srv, __FILE__, __LINE__, "ssd",
++ "write failed:", strerror(errno), fd);
++ munmap(p, sce->st.st_size);
+
- con->file_finished = 0;
++ return -1;
++ }
+ }
+
+ munmap(p, sce->st.st_size);
+-#else
++#else /* USE_MMAP */
+ buffer_prepare_copy(srv->tmp_buf, toSend);
- buffer_reset(con->physical.path);
-@@ -451,7 +455,8 @@
- stat_cache_entry *sce = NULL;
+ lseek(ifd, offset, SEEK_SET);
+@@ -127,12 +152,33 @@
+ }
+ close(ifd);
- buffer_copy_string_buffer(con->physical.path, con->conf.errorfile_prefix);
-- buffer_append_string(con->physical.path, get_http_status_body_name(con->http_status));
-+ buffer_append_long(con->physical.path, con->http_status);
-+ buffer_append_string_len(con->physical.path, CONST_STR_LEN(".html"));
+- if (-1 == (r = send(fd, srv->tmp_buf->ptr, toSend, 0))) {
+- log_error_write(srv, __FILE__, __LINE__, "ss", "write: ", strerror(errno));
++#ifdef __WIN32
++ if ((r = send(fd, srv->tmp_buf->ptr, toSend, 0)) < 0) {
++ /* no error handling for windows... */
++ log_error_write(srv, __FILE__, __LINE__, "ssd", "send failed: ", strerror(errno), fd);
- if (HANDLER_ERROR != stat_cache_get_entry(srv, con, con->physical.path, &sce)) {
- con->file_finished = 1;
-@@ -497,30 +502,7 @@
+ return -1;
+ }
+-#endif
++#else /* __WIN32 */
++ if ((r = write(fd, srv->tmp_buf->ptr, toSend)) < 0) {
++ switch (errno) {
++ case EAGAIN:
++ case EINTR:
++ r = 0;
++ break;
++ case EPIPE:
++ case ECONNRESET:
++ return -2;
++ default:
++ log_error_write(srv, __FILE__, __LINE__, "ssd",
++ "write failed:", strerror(errno), fd);
++
++ return -1;
++ }
++ }
++#endif /* __WIN32 */
++#endif /* USE_MMAP */
++
+ c->offset += r;
+ cq->bytes_out += r;
- response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/html"));
- }
-- /* fall through */
-- case 207:
-- case 200: /* class: header + body */
-- case 201:
-- case 300:
-- case 301:
-- case 302:
-- case 303:
-- case 307:
- break;
--
-- case 206: /* write_queue is already prepared */
-- break;
-- case 204:
-- case 205: /* class: header only */
-- case 304:
-- default:
-- /* disable chunked encoding again as we have no body */
-- con->response.transfer_encoding &= ~HTTP_TRANSFER_ENCODING_CHUNKED;
-- con->parsed_response &= ~HTTP_CONTENT_LENGTH;
-- chunkqueue_reset(con->write_queue);
--
-- con->file_finished = 1;
-- break;
- }
+Index: src/mod_secure_download.c
+===================================================================
+--- src/mod_secure_download.c (.../tags/lighttpd-1.4.23)
++++ src/mod_secure_download.c (.../branches/lighttpd-1.4.x)
+@@ -37,7 +37,7 @@
+ buffer *secret;
+ buffer *uri_prefix;
- if (con->file_finished) {
-@@ -544,7 +526,7 @@
- data_string *ds;
- /* no Content-Body, no Content-Length */
- if (NULL != (ds = (data_string*) array_get_element(con->response.headers, "Content-Length"))) {
-- buffer_reset(ds->value); // Headers with empty values are ignored for output
-+ buffer_reset(ds->value); /* Headers with empty values are ignored for output */
- }
- } else if (qlen > 0 || con->request.http_method != HTTP_METHOD_HEAD) {
- /* qlen = 0 is important for Redirects (301, ...) as they MAY have
-@@ -846,7 +828,7 @@
+- unsigned short timeout;
++ unsigned int timeout;
+ } plugin_config;
+
+ typedef struct {
+@@ -99,7 +99,7 @@
+ { "secdownload.secret", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
+ { "secdownload.document-root", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
+ { "secdownload.uri-prefix", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
+- { "secdownload.timeout", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 3 */
++ { "secdownload.timeout", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_CONNECTION }, /* 3 */
+ { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
+ };
+
+@@ -245,8 +245,8 @@
}
- /* The cond_cache gets reset in response.c */
--// config_cond_cache_reset(srv, con);
-+ /* config_cond_cache_reset(srv, con); */
+ /* timed-out */
+- if ( (srv->cur_ts > ts && srv->cur_ts - ts > p->conf.timeout) ||
+- (srv->cur_ts < ts && ts - srv->cur_ts > p->conf.timeout) ) {
++ if ( (srv->cur_ts > ts && (unsigned int) (srv->cur_ts - ts) > p->conf.timeout) ||
++ (srv->cur_ts < ts && (unsigned int) (ts - srv->cur_ts) > p->conf.timeout) ) {
+ /* "Gone" as the url will never be valid again instead of "408 - Timeout" where the request may be repeated */
+ con->http_status = 410;
- #ifdef USE_OPENSSL
- if (con->ssl_error_want_reuse_buffer) {
-@@ -1668,21 +1650,51 @@
+Index: src/base.h
+===================================================================
+--- src/base.h (.../tags/lighttpd-1.4.23)
++++ src/base.h (.../branches/lighttpd-1.4.x)
+@@ -84,6 +84,7 @@
+ typedef enum { T_CONFIG_UNSET,
+ T_CONFIG_STRING,
+ T_CONFIG_SHORT,
++ T_CONFIG_INT,
+ T_CONFIG_BOOLEAN,
+ T_CONFIG_ARRAY,
+ T_CONFIG_LOCAL,
+@@ -281,7 +282,7 @@
+ unsigned short etag_use_mtime;
+ unsigned short etag_use_size;
+ unsigned short force_lowercase_filenames; /* if the FS is case-insensitive, force all files to lower-case */
+- unsigned short max_request_size;
++ unsigned int max_request_size;
+
+ unsigned short kbytes_per_second; /* connection kb/s limit */
+
+@@ -472,6 +473,7 @@
+
+ buffer *errorlog_file;
+ unsigned short errorlog_use_syslog;
++ buffer *breakagelog_file;
+
+ unsigned short dont_daemonize;
+ buffer *changeroot;
+@@ -490,7 +492,7 @@
+ unsigned short max_worker;
+ unsigned short max_fds;
+ unsigned short max_conns;
+- unsigned short max_request_size;
++ unsigned int max_request_size;
+
+ unsigned short log_request_header_on_error;
+ unsigned short log_state_handling;
+@@ -538,7 +540,7 @@
+
+ /* the errorlog */
+ int errorlog_fd;
+- enum { ERRORLOG_STDERR, ERRORLOG_FILE, ERRORLOG_SYSLOG, ERRORLOG_PIPE } errorlog_mode;
++ enum { ERRORLOG_FILE, ERRORLOG_FD, ERRORLOG_SYSLOG, ERRORLOG_PIPE } errorlog_mode;
+ buffer *errorlog_buf;
+
+ fdevents *ev, *ev_ins;
+Index: src/mod_rewrite.c
+===================================================================
+--- src/mod_rewrite.c (.../tags/lighttpd-1.4.23)
++++ src/mod_rewrite.c (.../branches/lighttpd-1.4.x)
+@@ -176,7 +176,7 @@
+ data_unset *du;
+
+ if (NULL != (du = array_get_element(ca, option))) {
+- data_array *da = (data_array *)du;
++ data_array *da;
+ size_t j;
+
+ if (du->type != TYPE_ARRAY) {
+@@ -373,7 +373,7 @@
}
- #ifdef USE_OPENSSL
- if (srv_sock->is_ssl) {
-- int ret;
-+ int ret, ssl_r;
-+ unsigned long err;
-+ ERR_clear_error();
- switch ((ret = SSL_shutdown(con->ssl))) {
- case 1:
- /* ok */
- break;
- case 0:
-- SSL_shutdown(con->ssl);
-- break;
-+ ERR_clear_error();
-+ if (-1 != (ret = SSL_shutdown(con->ssl))) break;
+ } else {
+ const char **list;
+- size_t start, end;
++ size_t start;
+ size_t k;
+
+ /* it matched */
+@@ -383,17 +383,15 @@
+
+ buffer_reset(con->request.uri);
+
+- start = 0; end = pattern_len;
++ start = 0;
+ for (k = 0; k < pattern_len; k++) {
+ if (pattern[k] == '$' || pattern[k] == '%') {
+ /* got one */
+
+ size_t num = pattern[k + 1] - '0';
+
+- end = k;
++ buffer_append_string_len(con->request.uri, pattern + start, k - start);
+
+- buffer_append_string_len(con->request.uri, pattern + start, end - start);
+-
+ if (!isdigit((unsigned char)pattern[k + 1])) {
+ /* enable escape: "%%" => "%", "%a" => "%a", "$$" => "$" */
+ buffer_append_string_len(con->request.uri, pattern+k, pattern[k] == pattern[k+1] ? 1 : 2);
+Index: src/connections.c
+===================================================================
+--- src/connections.c (.../tags/lighttpd-1.4.23)
++++ src/connections.c (.../branches/lighttpd-1.4.x)
+@@ -782,13 +782,13 @@
+ CLEAN(request.pathinfo);
+ CLEAN(request.request);
+
+- CLEAN(request.orig_uri);
++ /* CLEAN(request.orig_uri); */
+
+ CLEAN(uri.scheme);
+- CLEAN(uri.authority);
+- CLEAN(uri.path);
++ /* CLEAN(uri.authority); */
++ /* CLEAN(uri.path); */
+ CLEAN(uri.path_raw);
+- CLEAN(uri.query);
++ /* CLEAN(uri.query); */
+
+ CLEAN(physical.doc_root);
+ CLEAN(physical.path);
+@@ -1401,6 +1401,11 @@
+ "state for fd", con->fd, connection_get_state(con->state));
+ }
+
++ buffer_reset(con->uri.authority);
++ buffer_reset(con->uri.path);
++ buffer_reset(con->uri.query);
++ buffer_reset(con->request.orig_uri);
+
-+ /* fall through */
+ if (http_request_parse(srv, con)) {
+ /* we have to read some data from the POST request */
+
+@@ -1725,7 +1730,7 @@
+ case HANDLER_FINISHED:
+ break;
default:
-- log_error_write(srv, __FILE__, __LINE__, "sds", "SSL:",
-- SSL_get_error(con->ssl, ret),
-- ERR_error_string(ERR_get_error(), NULL));
-- return -1;
-+
-+ switch ((ssl_r = SSL_get_error(con->ssl, ret))) {
-+ case SSL_ERROR_WANT_WRITE:
-+ case SSL_ERROR_WANT_READ:
-+ break;
-+ case SSL_ERROR_SYSCALL:
-+ /* perhaps we have error waiting in our error-queue */
-+ if (0 != (err = ERR_get_error())) {
-+ do {
-+ log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
-+ ssl_r, ret,
-+ ERR_error_string(err, NULL));
-+ } while((err = ERR_get_error()));
-+ } else {
-+ log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL (error):",
-+ ssl_r, ret, errno,
-+ strerror(errno));
-+ }
-+
-+ break;
-+ default:
-+ while((err = ERR_get_error())) {
-+ log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
-+ ssl_r, ret,
-+ ERR_error_string(err, NULL));
-+ }
-+
-+ break;
-+ }
+- log_error_write(srv, __FILE__, __LINE__, "");
++ log_error_write(srv, __FILE__, __LINE__, "sd", "unhandling return value", r);
+ break;
}
- }
-+ ERR_clear_error();
- #endif
-
- switch(con->mode) {
-Index: src/configfile.c
+ break;
+Index: src/network.c
===================================================================
---- src/configfile.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/configfile.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -7,6 +7,7 @@
- #include <string.h>
- #include <stdio.h>
- #include <ctype.h>
-+#include <limits.h>
- #include <assert.h>
+--- src/network.c (.../tags/lighttpd-1.4.23)
++++ src/network.c (.../branches/lighttpd-1.4.x)
+@@ -90,6 +90,7 @@
- #include "server.h"
-@@ -305,9 +306,6 @@
- data_config *dc = (data_config *)srv->config_context->data[i];
- specific_config *s = srv->config_storage[i];
+ srv_socket = calloc(1, sizeof(*srv_socket));
+ srv_socket->fd = -1;
++ srv_socket->fde_ndx = -1;
-- /* not our stage */
-- if (comp != dc->comp) continue;
--
- /* condition didn't match */
- if (!config_check_cond(srv, con, dc)) continue;
+ srv_socket->srv_token = buffer_init();
+ buffer_copy_string_buffer(srv_socket->srv_token, host_token);
+@@ -103,7 +104,7 @@
+ if (NULL == (sp = strrchr(b->ptr, ':'))) {
+ log_error_write(srv, __FILE__, __LINE__, "sb", "value of $SERVER[\"socket\"] has to be \"ip:port\".", b);
-@@ -410,8 +408,8 @@
+- return -1;
++ goto error_free_socket;
+ }
- #if 0
- static int tokenizer_open(server *srv, tokenizer_t *t, buffer *basedir, const char *fn) {
-- if (buffer_is_empty(basedir) &&
-- (fn[0] == '/' || fn[0] == '\\') &&
-+ if (buffer_is_empty(basedir) ||
-+ (fn[0] == '/' || fn[0] == '\\') ||
- (fn[0] == '.' && (fn[1] == '/' || fn[1] == '\\'))) {
- t->file = buffer_init_string(fn);
- } else {
-@@ -884,8 +882,8 @@
- int ret;
- buffer *filename;
-
-- if (buffer_is_empty(context->basedir) &&
-- (fn[0] == '/' || fn[0] == '\\') &&
-+ if (buffer_is_empty(context->basedir) ||
-+ (fn[0] == '/' || fn[0] == '\\') ||
- (fn[0] == '.' && (fn[1] == '/' || fn[1] == '\\'))) {
- filename = buffer_init_string(fn);
- } else {
-@@ -912,15 +910,39 @@
- return ret;
- }
+ host = b->ptr;
+@@ -126,7 +127,7 @@
+ } else if (port == 0 || port > 65535) {
+ log_error_write(srv, __FILE__, __LINE__, "sd", "port out of range:", port);
-+static char* getCWD() {
-+ char *s, *s1;
-+ size_t len;
-+#ifdef PATH_MAX
-+ len = PATH_MAX;
-+#else
-+ len = 4096;
-+#endif
-+
-+ s = malloc(len);
-+ if (!s) return NULL;
-+ while (NULL == getcwd(s, len)) {
-+ if (errno != ERANGE || SSIZE_MAX - len < len) return NULL;
-+ len *= 2;
-+ s1 = realloc(s, len);
-+ if (!s1) {
-+ free(s);
-+ return NULL;
-+ }
-+ s = s1;
-+ }
-+ return s;
-+}
-+
- int config_parse_cmd(server *srv, config_t *context, const char *cmd) {
- proc_handler_t proc;
- tokenizer_t t;
- int ret;
- buffer *source;
- buffer *out;
-- char oldpwd[PATH_MAX];
-+ char *oldpwd;
+- return -1;
++ goto error_free_socket;
+ }
-- if (NULL == getcwd(oldpwd, sizeof(oldpwd))) {
-+ if (NULL == (oldpwd = getCWD())) {
+ if (*host == '\0') host = NULL;
+@@ -138,12 +139,12 @@
+
+ if (-1 == (srv_socket->fd = socket(srv_socket->addr.plain.sa_family, SOCK_STREAM, 0))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "socket failed:", strerror(errno));
+- return -1;
++ goto error_free_socket;
+ }
+ #else
log_error_write(srv, __FILE__, __LINE__, "s",
- "cannot get cwd", strerror(errno));
- return -1;
-@@ -945,6 +967,7 @@
- buffer_free(source);
- buffer_free(out);
- chdir(oldpwd);
-+ free(oldpwd);
- return ret;
- }
+ "ERROR: Unix Domain sockets are not supported.");
+- return -1;
++ goto error_free_socket;
+ #endif
+ }
-Index: src/lemon.c
-===================================================================
---- src/lemon.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/lemon.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -12,6 +12,19 @@
- #include <ctype.h>
- #include <stdlib.h>
+@@ -153,7 +154,7 @@
-+#ifdef HAVE_CONFIG_H
-+#include "config.h"
-+#endif
-+
-+#ifdef HAVE_STDINT_H
-+# include <stdint.h>
-+#endif
-+#ifdef HAVE_INTTYPES_H
-+# include <inttypes.h>
+ if (-1 == (srv_socket->fd = socket(srv_socket->addr.plain.sa_family, SOCK_STREAM, IPPROTO_TCP))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "socket failed:", strerror(errno));
+- return -1;
++ goto error_free_socket;
+ }
+ srv_socket->use_ipv6 = 1;
+ }
+@@ -163,17 +164,22 @@
+ srv_socket->addr.plain.sa_family = AF_INET;
+ if (-1 == (srv_socket->fd = socket(srv_socket->addr.plain.sa_family, SOCK_STREAM, IPPROTO_TCP))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "socket failed:", strerror(errno));
+- return -1;
++ goto error_free_socket;
+ }
+ }
+
++#ifdef FD_CLOEXEC
++ /* set FD_CLOEXEC now, fdevent_fcntl_set is called later; needed for pipe-logger forks */
++ fcntl(srv_socket->fd, F_SETFD, FD_CLOEXEC);
+#endif
+
-+#define UNUSED(x) ( (void)(x) )
-+
- extern void qsort();
- extern double strtod();
- extern long strtol();
-@@ -983,6 +996,7 @@
- {
- struct symbol *spx, *spy;
- int errcnt = 0;
-+ UNUSED(errsym);
- assert( apx->sp==apy->sp ); /* Otherwise there would be no conflict */
- if( apx->type==SHIFT && apy->type==REDUCE ){
- spx = apx->sp;
-@@ -1347,6 +1361,7 @@
- struct lemon lem;
- char *def_tmpl_name = "lempar.c";
-
-+ UNUSED(argc);
- OptInit(argv,options,stderr);
- if( version ){
- printf("Lemon version 1.0\n");
-@@ -1651,7 +1666,7 @@
- }else if( op[j].type==OPT_FLAG ){
- *((int*)op[j].arg) = v;
- }else if( op[j].type==OPT_FFLAG ){
-- (*(void(*)())(op[j].arg))(v);
-+ (*(void(*)())(intptr_t)(op[j].arg))(v);
- }else{
- if( err ){
- fprintf(err,"%smissing argument on switch.\n",emsg);
-@@ -1733,19 +1748,19 @@
- *(double*)(op[j].arg) = dv;
- break;
- case OPT_FDBL:
-- (*(void(*)())(op[j].arg))(dv);
-+ (*(void(*)())(intptr_t)(op[j].arg))(dv);
- break;
- case OPT_INT:
- *(int*)(op[j].arg) = lv;
- break;
- case OPT_FINT:
-- (*(void(*)())(op[j].arg))((int)lv);
-+ (*(void(*)())(intptr_t)(op[j].arg))((int)lv);
- break;
- case OPT_STR:
- *(char**)(op[j].arg) = sv;
- break;
- case OPT_FSTR:
-- (*(void(*)())(op[j].arg))(sv);
-+ (*(void(*)())(intptr_t)(op[j].arg))(sv);
- break;
- }
- }
-@@ -2286,10 +2301,10 @@
- ** token is passed to the function "parseonetoken" which builds all
- ** the appropriate data structures in the global state vector "gp".
- */
-+struct pstate ps;
- void Parse(gp)
- struct lemon *gp;
- {
-- struct pstate ps;
- FILE *fp;
- char *filebuf;
- size_t filesize;
-Index: src/mod_scgi.c
-===================================================================
---- src/mod_scgi.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/mod_scgi.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -202,6 +202,15 @@
- *
- */
+ /* */
+ srv->cur_fds = srv_socket->fd;
-+ /*
-+ * workaround for program when prefix="/"
-+ *
-+ * rule to build PATH_INFO is hardcoded for when check_local is disabled
-+ * enable this option to use the workaround
-+ *
-+ */
-+
-+ unsigned short fix_root_path_name;
- ssize_t load; /* replace by host->load */
+ val = 1;
+ if (setsockopt(srv_socket->fd, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val)) < 0) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "socketsockopt failed:", strerror(errno));
+- return -1;
++ goto error_free_socket;
+ }
- size_t max_id; /* corresponds most of the time to
-@@ -233,6 +242,7 @@
- typedef struct {
- buffer *key; /* like .php */
+ switch(srv_socket->addr.plain.sa_family) {
+@@ -198,7 +204,7 @@
+ "sssss", "getaddrinfo failed: ",
+ gai_strerror(r), "'", host, "'");
+
+- return -1;
++ goto error_free_socket;
+ }
-+ int note_is_sent;
- scgi_extension_host **hosts;
+ memcpy(&(srv_socket->addr), res->ai_addr, res->ai_addrlen);
+@@ -220,17 +226,17 @@
+ log_error_write(srv, __FILE__, __LINE__,
+ "sds", "gethostbyname failed: ",
+ h_errno, host);
+- return -1;
++ goto error_free_socket;
+ }
- size_t used;
-@@ -968,6 +978,7 @@
+ if (he->h_addrtype != AF_INET) {
+ log_error_write(srv, __FILE__, __LINE__, "sd", "addr-type != AF_INET: ", he->h_addrtype);
+- return -1;
++ goto error_free_socket;
+ }
- { "bin-environment", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 11 */
- { "bin-copy-environment", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 12 */
-+ { "fix-root-scriptname", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 13 */
+ if (he->h_length != sizeof(struct in_addr)) {
+ log_error_write(srv, __FILE__, __LINE__, "sd", "addr-length != sizeof(in_addr): ", he->h_length);
+- return -1;
++ goto error_free_socket;
+ }
+ memcpy(&(srv_socket->addr.ipv4.sin_addr.s_addr), he->h_addr_list[0], he->h_length);
+@@ -260,7 +266,7 @@
+ host);
- { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
-@@ -990,6 +1001,7 @@
- df->max_load_per_proc = 1;
- df->idle_timeout = 60;
- df->disable_time = 60;
-+ df->fix_root_path_name = 0;
- fcv[0].destination = df->host;
- fcv[1].destination = df->docroot;
-@@ -1006,6 +1018,7 @@
+- return -1;
++ goto error_free_socket;
+ }
- fcv[11].destination = df->bin_env;
- fcv[12].destination = df->bin_env_copy;
-+ fcv[13].destination = &(df->fix_root_path_name);
+ /* connect failed */
+@@ -275,14 +281,12 @@
+ "testing socket failed:",
+ host, strerror(errno));
+- return -1;
++ goto error_free_socket;
+ }
- if (0 != config_insert_values_internal(srv, da_host->value, fcv)) {
-@@ -2668,10 +2681,10 @@
- plugin_data *p = p_d;
- size_t s_len;
- int used = -1;
-- int ndx;
- size_t k;
- buffer *fn;
- scgi_extension *extension = NULL;
-+ scgi_extension_host *host = NULL;
-
- /* Possibly, we processed already this request */
- if (con->file_started == 1) return HANDLER_GO_ON;
-@@ -2712,95 +2725,59 @@
+ break;
+ default:
+- addr_len = 0;
+-
+- return -1;
++ goto error_free_socket;
}
- /* get best server */
-- for (k = 0, ndx = -1; k < extension->used; k++) {
-- scgi_extension_host *host = extension->hosts[k];
-+ for (k = 0; k < extension->used; k++) {
-+ scgi_extension_host *h = extension->hosts[k];
-
-- /* we should have at least one proc that can do somthing */
-- if (host->active_procs == 0) continue;
-+ /* we should have at least one proc that can do something */
-+ if (h->active_procs == 0) {
-+ continue;
-+ }
+ if (0 != bind(srv_socket->fd, (struct sockaddr *) &(srv_socket->addr), addr_len)) {
+@@ -298,12 +302,12 @@
+ host, port, strerror(errno));
+ break;
+ }
+- return -1;
++ goto error_free_socket;
+ }
-- if (used == -1 || host->load < used) {
-- used = host->load;
-+ if (used == -1 || h->load < used) {
-+ used = h->load;
+ if (-1 == listen(srv_socket->fd, 128 * 8)) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "listen failed: ", strerror(errno));
+- return -1;
++ goto error_free_socket;
+ }
-- ndx = k;
-+ host = h;
+ if (s->is_ssl) {
+@@ -316,14 +320,14 @@
+ if (0 == RAND_status()) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
+ "not enough entropy in the pool");
+- return -1;
++ goto error_free_socket;
+ }
}
- }
-- /* found a server */
-- if (ndx != -1) {
-- scgi_extension_host *host = extension->hosts[ndx];
-+ if (!host) {
-+ /* sorry, we don't have a server alive for this ext */
-+ buffer_reset(con->physical.path);
-+ con->http_status = 500;
-
-- /*
-- * if check-local is disabled, use the uri.path handler
-- *
-- */
-+ /* only send the 'no handler' once */
-+ if (!extension->note_is_sent) {
-+ extension->note_is_sent = 1;
-
-- /* init handler-context */
-- if (uri_path_handler) {
-- if (host->check_local == 0) {
-- handler_ctx *hctx;
-- char *pathinfo;
-+ log_error_write(srv, __FILE__, __LINE__, "sbsbs",
-+ "all handlers for ", con->uri.path,
-+ "on", extension->key,
-+ "are down.");
-+ }
+ if (NULL == (s->ssl_ctx = SSL_CTX_new(SSLv23_server_method()))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
+ ERR_error_string(ERR_get_error(), NULL));
+- return -1;
++ goto error_free_socket;
+ }
-- hctx = handler_ctx_init();
-+ return HANDLER_FINISHED;
-+ }
+ if (!s->ssl_use_sslv2) {
+@@ -331,7 +335,7 @@
+ if (SSL_OP_NO_SSLv2 != SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2)) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
+ ERR_error_string(ERR_get_error(), NULL));
+- return -1;
++ goto error_free_socket;
+ }
+ }
-- hctx->remote_conn = con;
-- hctx->plugin_data = p;
-- hctx->host = host;
-- hctx->proc = NULL;
-+ /* a note about no handler is not sent yet */
-+ extension->note_is_sent = 0;
-
-- hctx->conf.exts = p->conf.exts;
-- hctx->conf.debug = p->conf.debug;
-+ /*
-+ * if check-local is disabled, use the uri.path handler
-+ *
-+ */
-
-- con->plugin_ctx[p->id] = hctx;
-+ /* init handler-context */
-+ if (uri_path_handler) {
-+ if (host->check_local == 0) {
-+ handler_ctx *hctx;
-+ char *pathinfo;
-
-- host->load++;
--
-- con->mode = p->id;
--
-- if (con->conf.log_request_handling) {
-- log_error_write(srv, __FILE__, __LINE__, "s", "handling it in mod_scgi");
-- }
--
-- /* the prefix is the SCRIPT_NAME,
-- * everthing from start to the next slash
-- * this is important for check-local = "disable"
-- *
-- * if prefix = /admin.fcgi
-- *
-- * /admin.fcgi/foo/bar
-- *
-- * SCRIPT_NAME = /admin.fcgi
-- * PATH_INFO = /foo/bar
-- *
-- * if prefix = /fcgi-bin/
-- *
-- * /fcgi-bin/foo/bar
-- *
-- * SCRIPT_NAME = /fcgi-bin/foo
-- * PATH_INFO = /bar
-- *
-- */
--
-- /* the rewrite is only done for /prefix/? matches */
-- if (extension->key->ptr[0] == '/' &&
-- con->uri.path->used > extension->key->used &&
-- NULL != (pathinfo = strchr(con->uri.path->ptr + extension->key->used - 1, '/'))) {
-- /* rewrite uri.path and pathinfo */
--
-- buffer_copy_string(con->request.pathinfo, pathinfo);
--
-- con->uri.path->used -= con->request.pathinfo->used - 1;
-- con->uri.path->ptr[con->uri.path->used - 1] = '\0';
-- }
-- }
-- return HANDLER_GO_ON;
-- } else {
-- handler_ctx *hctx;
- hctx = handler_ctx_init();
-
- hctx->remote_conn = con;
- hctx->plugin_data = p;
- hctx->host = host;
-- hctx->proc = NULL;
-+ hctx->proc = NULL;
-
- hctx->conf.exts = p->conf.exts;
- hctx->conf.debug = p->conf.debug;
-@@ -2812,22 +2789,69 @@
- con->mode = p->id;
-
- if (con->conf.log_request_handling) {
-- log_error_write(srv, __FILE__, __LINE__, "s", "handling it in mod_fastcgi");
-+ log_error_write(srv, __FILE__, __LINE__, "s",
-+ "handling it in mod_fastcgi");
+@@ -340,33 +344,33 @@
+ if (SSL_CTX_set_cipher_list(s->ssl_ctx, s->ssl_cipher_list->ptr) != 1) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
+ ERR_error_string(ERR_get_error(), NULL));
+- return -1;
++ goto error_free_socket;
}
+ }
-- return HANDLER_GO_ON;
-+ /* the prefix is the SCRIPT_NAME,
-+ * everything from start to the next slash
-+ * this is important for check-local = "disable"
-+ *
-+ * if prefix = /admin.fcgi
-+ *
-+ * /admin.fcgi/foo/bar
-+ *
-+ * SCRIPT_NAME = /admin.fcgi
-+ * PATH_INFO = /foo/bar
-+ *
-+ * if prefix = /fcgi-bin/
-+ *
-+ * /fcgi-bin/foo/bar
-+ *
-+ * SCRIPT_NAME = /fcgi-bin/foo
-+ * PATH_INFO = /bar
-+ *
-+ */
-+
-+ /* the rewrite is only done for /prefix/? matches */
-+ if (extension->key->ptr[0] == '/' &&
-+ con->uri.path->used > extension->key->used &&
-+ NULL != (pathinfo = strchr(con->uri.path->ptr + extension->key->used - 1, '/'))) {
-+ /* rewrite uri.path and pathinfo */
-+
-+ buffer_copy_string(con->request.pathinfo, pathinfo);
-+
-+ con->uri.path->used -= con->request.pathinfo->used - 1;
-+ con->uri.path->ptr[con->uri.path->used - 1] = '\0';
-+ } else if (host->fix_root_path_name && extension->key->ptr[0] == '/' && extension->key->ptr[1] == '\0') {
-+ buffer_copy_string(con->request.pathinfo, con->uri.path->ptr);
-+ con->uri.path->used = 1;
-+ con->uri.path->ptr[con->uri.path->used - 1] = '\0';
-+ }
+ if (buffer_is_empty(s->ssl_pemfile)) {
+ log_error_write(srv, __FILE__, __LINE__, "s", "ssl.pemfile has to be set");
+- return -1;
++ goto error_free_socket;
}
- } else {
-- /* no handler found */
-- buffer_reset(con->physical.path);
-- con->http_status = 500;
-+ handler_ctx *hctx;
-+ hctx = handler_ctx_init();
-
-- log_error_write(srv, __FILE__, __LINE__, "sb",
-- "no fcgi-handler found for:",
-- fn);
-+ hctx->remote_conn = con;
-+ hctx->plugin_data = p;
-+ hctx->host = host;
-+ hctx->proc = NULL;
-
-- return HANDLER_FINISHED;
-+ hctx->conf.exts = p->conf.exts;
-+ hctx->conf.debug = p->conf.debug;
-+
-+ con->plugin_ctx[p->id] = hctx;
-+
-+ host->load++;
-+
-+ con->mode = p->id;
+
+ if (!buffer_is_empty(s->ssl_ca_file)) {
+ if (1 != SSL_CTX_load_verify_locations(s->ssl_ctx, s->ssl_ca_file->ptr, NULL)) {
+ log_error_write(srv, __FILE__, __LINE__, "ssb", "SSL:",
+ ERR_error_string(ERR_get_error(), NULL), s->ssl_ca_file);
+- return -1;
++ goto error_free_socket;
+ }
+ }
+
+ if (SSL_CTX_use_certificate_file(s->ssl_ctx, s->ssl_pemfile->ptr, SSL_FILETYPE_PEM) < 0) {
+ log_error_write(srv, __FILE__, __LINE__, "ssb", "SSL:",
+ ERR_error_string(ERR_get_error(), NULL), s->ssl_pemfile);
+- return -1;
++ goto error_free_socket;
+ }
+
+ if (SSL_CTX_use_PrivateKey_file (s->ssl_ctx, s->ssl_pemfile->ptr, SSL_FILETYPE_PEM) < 0) {
+ log_error_write(srv, __FILE__, __LINE__, "ssb", "SSL:",
+ ERR_error_string(ERR_get_error(), NULL), s->ssl_pemfile);
+- return -1;
++ goto error_free_socket;
+ }
+
+ if (SSL_CTX_check_private_key(s->ssl_ctx) != 1) {
+@@ -374,7 +378,7 @@
+ "Private key does not match the certificate public key, reason:",
+ ERR_error_string(ERR_get_error(), NULL),
+ s->ssl_pemfile);
+- return -1;
++ goto error_free_socket;
+ }
+ SSL_CTX_set_default_read_ahead(s->ssl_ctx, 1);
+ SSL_CTX_set_mode(s->ssl_ctx, SSL_CTX_get_mode(s->ssl_ctx) | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
+@@ -390,7 +394,7 @@
+ log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
+ "ssl requested but openssl support is not compiled in");
+
+- return -1;
++ goto error_free_socket;
+ #endif
+ #ifdef TCP_DEFER_ACCEPT
+ } else if (s->defer_accept) {
+@@ -414,7 +418,6 @@
+ }
+
+ srv_socket->is_ssl = s->is_ssl;
+- srv_socket->fde_ndx = -1;
+
+ if (srv->srv_sockets.size == 0) {
+ srv->srv_sockets.size = 4;
+@@ -430,6 +433,21 @@
+ buffer_free(b);
+
+ return 0;
+
-+ if (con->conf.log_request_handling) {
-+ log_error_write(srv, __FILE__, __LINE__, "s", "handling it in mod_fastcgi");
++error_free_socket:
++ if (srv_socket->fd != -1) {
++ /* check if server fd are already registered */
++ if (srv_socket->fde_ndx != -1) {
++ fdevent_event_del(srv->ev, &(srv_socket->fde_ndx), srv_socket->fd);
++ fdevent_unregister(srv->ev, srv_socket->fd);
+ }
- }
+
- return HANDLER_GO_ON;
++ close(srv_socket->fd);
++ }
++ buffer_free(srv_socket->srv_token);
++ free(srv_socket);
++
++ return -1;
}
-Index: src/lighttpd-angel.c
-===================================================================
---- src/lighttpd-angel.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/lighttpd-angel.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -28,9 +28,12 @@
- static volatile sig_atomic_t graceful_restart = 0;
- static volatile pid_t pid = -1;
+ int network_close(server *srv) {
+@@ -567,12 +585,8 @@
+ /* not our stage */
+ if (COMP_SERVER_SOCKET != dc->comp) continue;
-+#define UNUSED(x) ( (void)(x) )
-+
- static void sigaction_handler(int sig, siginfo_t *si, void *context) {
- int exitcode;
-
-+ UNUSED(context);
- switch (sig) {
- case SIGINT:
- case SIGTERM:
-@@ -60,6 +63,8 @@
- int is_shutdown = 0;
- struct sigaction act;
-
-+ UNUSED(argc);
+- if (dc->cond != CONFIG_COND_EQ) {
+- log_error_write(srv, __FILE__, __LINE__, "s", "only == is allowed for $SERVER[\"socket\"].");
++ if (dc->cond != CONFIG_COND_EQ) continue;
+
+- return -1;
+- }
+-
+ /* check if we already know this socket,
+ * if yes, don't init it */
+ for (j = 0; j < srv->srv_sockets.used; j++) {
+Index: src/configfile.c
+===================================================================
+--- src/configfile.c (.../tags/lighttpd-1.4.23)
++++ src/configfile.c (.../branches/lighttpd-1.4.x)
+@@ -42,12 +42,12 @@
+
+ { "server.event-handler", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 10 */
+ { "server.pid-file", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 11 */
+- { "server.max-request-size", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 12 */
++ { "server.max-request-size", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_CONNECTION }, /* 12 */
+ { "server.max-worker", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_SERVER }, /* 13 */
+ { "server.document-root", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 14 */
+- { "server.force-lowercase-filenames", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 15 */
++ { "server.force-lowercase-filenames", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER },/* 15 */
+ { "debug.log-condition-handling", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 16 */
+- { "server.max-keep-alive-requests", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 17 */
++ { "server.max-keep-alive-requests", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION },/* 17 */
+ { "server.name", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 18 */
+ { "server.max-keep-alive-idle", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 19 */
+
+@@ -91,12 +91,13 @@
+ { "server.core-files", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 46 */
+ { "ssl.cipher-list", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 47 */
+ { "ssl.use-sslv2", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 48 */
+- { "etag.use-inode", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 49 */
+- { "etag.use-mtime", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 50 */
+- { "etag.use-size", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 51 */
++ { "etag.use-inode", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 49 */
++ { "etag.use-mtime", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 50 */
++ { "etag.use-size", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 51 */
+ { "server.reject-expect-100-with-417", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 52 */
+ { "debug.log-timeouts", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 53 */
+- { "server.defer-accept", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 54 */
++ { "server.defer-accept", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 54 */
++ { "server.breakagelog", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 55 */
+ { "server.host", "use server.bind instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
+ { "server.docroot", "use server.document-root instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
+ { "server.virtual-root", "load mod_simple_vhost and use simple-vhost.server-root instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
+@@ -139,6 +140,8 @@
+ cv[43].destination = &(srv->srvconf.max_conns);
+ cv[12].destination = &(srv->srvconf.max_request_size);
+ cv[52].destination = &(srv->srvconf.reject_expect_100_with_417);
++ cv[55].destination = srv->srvconf.breakagelog_file;
+
- /**
- * we are running as root BEWARE
- */
-Index: src/mod_rrdtool.c
+ srv->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+
+ assert(srv->config_storage);
+@@ -290,6 +293,7 @@
+ PATCH(log_condition_handling);
+ PATCH(log_file_not_found);
+ PATCH(log_ssl_noise);
++ PATCH(log_timeouts);
+
+ PATCH(range_requests);
+ PATCH(force_lowercase_filenames);
+@@ -1135,15 +1139,15 @@
+ * - select works everywhere
+ * - linux-* are experimental
+ */
++#ifdef USE_LINUX_EPOLL
++ { FDEVENT_HANDLER_LINUX_SYSEPOLL, "linux-sysepoll" },
++#endif
+ #ifdef USE_POLL
+ { FDEVENT_HANDLER_POLL, "poll" },
+ #endif
+ #ifdef USE_SELECT
+ { FDEVENT_HANDLER_SELECT, "select" },
+ #endif
+-#ifdef USE_LINUX_EPOLL
+- { FDEVENT_HANDLER_LINUX_SYSEPOLL, "linux-sysepoll" },
+-#endif
+ #ifdef USE_LINUX_SIGIO
+ { FDEVENT_HANDLER_LINUX_RTSIG, "linux-rtsig" },
+ #endif
+Index: src/mod_evhost.c
===================================================================
---- src/mod_rrdtool.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/mod_rrdtool.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -148,6 +148,8 @@
- args[i++] = dash;
- args[i++] = NULL;
+--- src/mod_evhost.c (.../tags/lighttpd-1.4.23)
++++ src/mod_evhost.c (.../branches/lighttpd-1.4.x)
+@@ -213,7 +213,7 @@
+ if (colon != ptr) {
+ ds = data_string_init();
+ buffer_copy_string_len(ds->key,CONST_STR_LEN("%"));
+- buffer_append_long(ds->key, i++);
++ buffer_append_long(ds->key, i /* ++ */);
+ buffer_copy_string_len(ds->value,ptr,colon-ptr);
+
+ array_insert_unique(host,(data_unset *)ds);
+@@ -294,10 +294,10 @@
+ char *colon = strchr(con->uri.authority->ptr, ':');
+
+ if(colon == NULL) {
+- buffer_append_string_buffer(p->tmp_buf, con->uri.authority); // adds fqdn
++ buffer_append_string_buffer(p->tmp_buf, con->uri.authority); /* adds fqdn */
+ } else {
+ /* strip the port out of the authority-part of the URI scheme */
+- buffer_append_string_len(p->tmp_buf, con->uri.authority->ptr, colon - con->uri.authority->ptr); // adds fqdn
++ buffer_append_string_len(p->tmp_buf, con->uri.authority->ptr, colon - con->uri.authority->ptr); /* adds fqdn */
+ }
+ } else if (NULL != (ds = (data_string *)array_get_element(parsed_host,p->conf.path_pieces[i]->ptr))) {
+ if (ds->value->used) {
+Index: src/splaytree.c
+===================================================================
+--- src/splaytree.c (.../tags/lighttpd-1.4.23)
++++ src/splaytree.c (.../branches/lighttpd-1.4.x)
+@@ -61,12 +61,11 @@
+ * size fields are maintained */
+ splay_tree * splaytree_splay (splay_tree *t, int i) {
+ splay_tree N, *l, *r, *y;
+- int comp, root_size, l_size, r_size;
++ int comp, l_size, r_size;
+
+ if (t == NULL) return t;
+ N.left = N.right = NULL;
+ l = r = &N;
+- root_size = node_size(t);
+ l_size = r_size = 0;
+
+ for (;;) {
+Index: src/lemon.c
+===================================================================
+--- src/lemon.c (.../tags/lighttpd-1.4.23)
++++ src/lemon.c (.../branches/lighttpd-1.4.x)
+@@ -39,6 +39,12 @@
+ # endif
+ #endif
-+ openDevNull(STDERR_FILENO);
-+
- /* we don't need the client socket */
- for (i = 3; i < 256; i++) {
- close(i);
-@@ -156,7 +158,7 @@
- /* exec the cgi */
- execv(args[0], args);
-
-- log_error_write(srv, __FILE__, __LINE__, "sss", "spawing rrdtool failed: ", strerror(errno), args[0]);
-+ /* log_error_write(srv, __FILE__, __LINE__, "sss", "spawing rrdtool failed: ", strerror(errno), args[0]); */
-
- /* */
- SEGFAULT();
-Index: src/response.c
-===================================================================
---- src/response.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/response.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -101,7 +101,7 @@
- if (!have_server) {
- if (buffer_is_empty(con->conf.server_tag)) {
- BUFFER_APPEND_STRING_CONST(b, "\r\nServer: " PACKAGE_NAME "/" PACKAGE_VERSION);
-- } else {
-+ } else if (con->conf.server_tag->used > 1) {
- BUFFER_APPEND_STRING_CONST(b, "\r\nServer: ");
- buffer_append_string_encoded(b, CONST_BUF_LEN(con->conf.server_tag), ENCODING_HTTP_HEADER);
- }
-@@ -152,7 +152,7 @@
- * */
++#if __GNUC__ > 2
++#define NORETURN __attribute__ ((__noreturn__))
++#else
++#define NORETURN
++#endif
++
+ /* #define PRIVATE static */
+ #define PRIVATE static
+
+@@ -51,7 +57,7 @@
+ char *msort();
+ extern void *malloc();
+
+-extern void memory_error();
++extern void memory_error() NORETURN;
- config_cond_cache_reset(srv, con);
-- config_setup_connection(srv, con); // Perhaps this could be removed at other places.
-+ config_setup_connection(srv, con); /* Perhaps this could be removed at other places. */
+ /******** From the file "action.h" *************************************/
+ struct action *Action_new();
+@@ -59,7 +65,7 @@
+ void Action_add();
- if (con->conf.log_condition_handling) {
- log_error_write(srv, __FILE__, __LINE__, "s", "run condition");
-Index: src/plugin.c
+ /********* From the file "assert.h" ************************************/
+-void myassert();
++void myassert() NORETURN;
+ #ifndef NDEBUG
+ # define assert(X) if(!(X))myassert(__FILE__,__LINE__)
+ #else
+@@ -1333,7 +1339,7 @@
+ /* Report an out-of-memory condition and abort. This function
+ ** is used mostly by the "MemoryCheck" macro in struct.h
+ */
+-void memory_error(){
++void memory_error() {
+ fprintf(stderr,"Out of memory. Aborting...\n");
+ exit(1);
+ }
+@@ -1608,7 +1614,6 @@
+ FILE *err;
+ {
+ int spcnt, i;
+- spcnt = 0;
+ if( argv[0] ) fprintf(err,"%s",argv[0]);
+ spcnt = strlen(argv[0]) + 1;
+ for(i=1; i<n && argv[i]; i++){
+@@ -2336,6 +2341,7 @@
+ if( filebuf==0 ){
+ ErrorMsg(ps.filename,0,"Can't allocate %d of memory to hold this file.",
+ filesize+1);
++ fclose(fp);
+ gp->errorcnt++;
+ return;
+ }
+@@ -2343,6 +2349,7 @@
+ ErrorMsg(ps.filename,0,"Can't read in all %d bytes of this file.",
+ filesize);
+ free(filebuf);
++ fclose(fp);
+ gp->errorcnt++;
+ return;
+ }
+@@ -2913,7 +2920,7 @@
+ }else if( sp->destructor ){
+ cp = sp->destructor;
+ fprintf(out,"#line %d \"%s\"\n{",sp->destructorln,lemp->filename);
+- }else if( lemp->vardest ){
++ }else{
+ cp = lemp->vardest;
+ if( cp==0 ) return;
+ fprintf(out,"#line %d \"%s\"\n{",lemp->vardestln,lemp->filename);
+@@ -3042,7 +3049,7 @@
+ int *plineno; /* Pointer to the line number */
+ int mhflag; /* True if generating makeheaders output */
+ {
+- int lineno = *plineno; /* The line number of the output */
++ int lineno; /* The line number of the output */
+ char **types; /* A hash table of datatypes */
+ int arraysize; /* Size of the "types" array */
+ int maxdtlength; /* Maximum length of any ".datatype" field. */
+Index: src/mod_scgi.c
===================================================================
---- src/plugin.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/plugin.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -197,7 +197,7 @@
+--- src/mod_scgi.c (.../tags/lighttpd-1.4.23)
++++ src/mod_scgi.c (.../branches/lighttpd-1.4.x)
+@@ -331,8 +331,21 @@
- #else
- #if 1
-- init = (int (*)(plugin *))dlsym(p->lib, srv->tmp_buf->ptr);
-+ init = (int (*)(plugin *))(intptr_t)dlsym(p->lib, srv->tmp_buf->ptr);
- #else
- *(void **)(&init) = dlsym(p->lib, srv->tmp_buf->ptr);
- #endif
-Index: src/SConscript
-===================================================================
---- src/SConscript (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/SConscript (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -43,6 +43,7 @@
- 'mod_cgi' : { 'src' : [ 'mod_cgi.c' ] },
- 'mod_fastcgi' : { 'src' : [ 'mod_fastcgi.c' ] },
- 'mod_scgi' : { 'src' : [ 'mod_scgi.c' ] },
-+ 'mod_extforward' : { 'src' : [ 'mod_extforward.c' ] },
- 'mod_staticfile' : { 'src' : [ 'mod_staticfile.c' ] },
- 'mod_dirlisting' : { 'src' : [ 'mod_dirlisting.c' ], 'lib' : [ env['LIBPCRE'] ] },
- 'mod_indexfile' : { 'src' : [ 'mod_indexfile.c' ] },
-Index: src/mod_extforward.c
-===================================================================
---- src/mod_extforward.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/mod_extforward.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -281,8 +281,9 @@
- static const char *last_not_in_array(array *a, plugin_data *p)
- {
- array *forwarder = p->conf.forwarder;
-+ int i;
+ int scgi_proclist_sort_down(server *srv, scgi_extension_host *host, scgi_proc *proc);
-- for (int i = a->used - 1; i >= 0; i--) {
-+ for (i = a->used - 1; i >= 0; i--) {
- data_string *ds = (data_string *)a->data[i];
- const char *ip = ds->value->ptr;
++static void reset_signals(void) {
++#ifdef SIGTTOU
++ signal(SIGTTOU, SIG_DFL);
++#endif
++#ifdef SIGTTIN
++ signal(SIGTTIN, SIG_DFL);
++#endif
++#ifdef SIGTSTP
++ signal(SIGTSTP, SIG_DFL);
++#endif
++ signal(SIGHUP, SIG_DFL);
++ signal(SIGPIPE, SIG_DFL);
++ signal(SIGUSR1, SIG_DFL);
++}
-Index: src/Makefile.am
-===================================================================
---- src/Makefile.am (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/Makefile.am (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -16,20 +16,17 @@
- configparser.c configparser.h:
- mod_ssi_exprparser.c mod_ssi_exprparser.h:
- else
--$(srcdir)/configparser.y: lemon
--$(srcdir)/mod_ssi_exprparser.y: lemon
-
--configparser.c configparser.h: $(srcdir)/configparser.y
-+configparser.c configparser.h: lemon $(srcdir)/configparser.y $(srcdir)/lempar.c
- rm -f configparser.h
- $(LEMON) -q $(srcdir)/configparser.y $(srcdir)/lempar.c
-
--mod_ssi_exprparser.c mod_ssi_exprparser.h: $(srcdir)/mod_ssi_exprparser.y
-+mod_ssi_exprparser.c mod_ssi_exprparser.h: lemon $(srcdir)/mod_ssi_exprparser.y $(srcdir)/lempar.c
- rm -f mod_ssi_exprparser.h
- $(LEMON) -q $(srcdir)/mod_ssi_exprparser.y $(srcdir)/lempar.c
- endif
-
--$(srcdir)/configfile.c: configparser.h
--$(srcdir)/mod_ssi_expr.c: mod_ssi_exprparser.h
-+configfile.o: configparser.h
-+mod_ssi_expr.o: mod_ssi_exprparser.h
-
- common_src=buffer.c log.c \
- keyvalue.c chunk.c \
-Index: src/network_openssl.c
-===================================================================
---- src/network_openssl.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/network_openssl.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -85,6 +85,7 @@
- *
- */
+ static handler_ctx * handler_ctx_init() {
+ handler_ctx * hctx;
-+ ERR_clear_error();
- if ((r = SSL_write(ssl, offset, toSend)) <= 0) {
- unsigned long err;
+@@ -772,10 +785,8 @@
+ env.used = 0;
-@@ -187,6 +188,7 @@
+ if (scgi_fd != 0) {
+- close(0);
+ dup2(scgi_fd, 0);
+ close(scgi_fd);
+- scgi_fd = 0;
+ }
- close(ifd);
+ /* we don't need the client socket */
+@@ -783,8 +794,6 @@
+ close(fd);
+ }
-+ ERR_clear_error();
- if ((r = SSL_write(ssl, s, toSend)) <= 0) {
- unsigned long err;
+- openDevNull(STDERR_FILENO);
+-
+ /* build clean environment */
+ if (host->bin_env_copy->used) {
+ for (i = 0; i < host->bin_env_copy->used; i++) {
+@@ -828,6 +837,8 @@
+ buffer_copy_string_len(b, CONST_STR_LEN("exec "));
+ buffer_append_string_buffer(b, host->bin_path);
+
++ reset_signals();
++
+ /* exec the cgi */
+ execle("/bin/sh", "sh", "-c", b->ptr, (char *)NULL, env.ptr);
-Index: src/mod_redirect.c
-===================================================================
---- src/mod_redirect.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/mod_redirect.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -215,8 +215,7 @@
+@@ -2163,8 +2174,11 @@
+ int ret;
- start = 0; end = pattern_len;
- for (k = 0; k < pattern_len; k++) {
-- if ((pattern[k] == '$' || pattern[k] == '%') &&
-- isdigit((unsigned char)pattern[k + 1])) {
-+ if (pattern[k] == '$' || pattern[k] == '%') {
- /* got one */
+ /* sanity check */
+- if (!host ||
+- ((!host->host->used || !host->port) && !host->unixsocket->used)) {
++ if (!host) {
++ log_error_write(srv, __FILE__, __LINE__, "s", "fatal error: host = NULL");
++ return HANDLER_ERROR;
++ }
++ if (((!host->host->used || !host->port) && !host->unixsocket->used)) {
+ log_error_write(srv, __FILE__, __LINE__, "sxddd",
+ "write-req: error",
+ host,
+@@ -2299,8 +2313,8 @@
+
+ chunkqueue_remove_finished_chunks(hctx->wb);
+
+- if (-1 == ret) {
+- if (errno == ENOTCONN) {
++ if (ret < 0) {
++ if (errno == ENOTCONN || ret == -2) {
+ /* the connection got dropped after accept()
+ *
+ * this is most of the time a PHP which dies
+@@ -2325,24 +2339,17 @@
+ */
+
+ log_error_write(srv, __FILE__, __LINE__, "ssosd",
+- "[REPORT ME] connection was dropped after accept(). reconnect() denied:",
++ "connection was dropped after accept(). reconnect() denied:",
+ "write-offset:", hctx->wb->bytes_out,
+ "reconnect attempts:", hctx->reconnects);
+
+ return HANDLER_ERROR;
+- }
+-
+- if ((errno != EAGAIN) &&
+- (errno != EINTR)) {
+-
++ } else {
++ /* -1 == ret => error on our side */
+ log_error_write(srv, __FILE__, __LINE__, "ssd",
+- "write failed:", strerror(errno), errno);
++ "write failed:", strerror(errno), errno);
- size_t num = pattern[k + 1] - '0';
-@@ -225,7 +224,10 @@
-
- buffer_append_string_len(p->location, pattern + start, end - start);
-
-- if (pattern[k] == '$') {
-+ if (!isdigit((unsigned char)pattern[k + 1])) {
-+ /* enable escape: "%%" => "%", "%a" => "%a", "$$" => "$" */
-+ buffer_append_string_len(p->location, pattern+k, pattern[k] == pattern[k+1] ? 1 : 2);
-+ } else if (pattern[k] == '$') {
- /* n is always > 0 */
- if (num < (size_t)n) {
- buffer_append_string(p->location, list[num]);
-Index: src/mod_webdav.c
-===================================================================
---- src/mod_webdav.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/mod_webdav.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -570,6 +570,8 @@
- /* */
+ return HANDLER_ERROR;
+- } else {
+- fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_OUT);
+-
+- return HANDLER_WAIT_FOR_EVENT;
}
}
-+#else
-+ UNUSED(p);
- #endif
- }
-@@ -730,6 +732,8 @@
- }
- }
- }
-+#else
-+ UNUSED(p);
- #endif
- return status;
+@@ -2469,12 +2476,10 @@
}
-@@ -1154,6 +1158,7 @@
- int has_lock = 1;
- #ifdef USE_LOCKS
-+ UNUSED(srv);
- data_string *ds;
+ static handler_t scgi_connection_close(server *srv, handler_ctx *hctx) {
+- plugin_data *p;
+ connection *con;
- /**
-@@ -1192,6 +1197,11 @@
- has_lock = 0;
- }
- }
-+#else
-+ UNUSED(srv);
-+ UNUSED(con);
-+ UNUSED(p);
-+ UNUSED(uri);
- #endif
+ if (NULL == hctx) return HANDLER_GO_ON;
- return has_lock;
-Index: src/md5.c
-===================================================================
---- src/md5.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/md5.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -52,9 +52,9 @@
- #define S43 15
- #define S44 21
-
--static void MD5Transform (UINT4 [4], unsigned char [64]);
-+static void MD5Transform (UINT4 [4], const unsigned char [64]);
- static void Encode (unsigned char *, UINT4 *, unsigned int);
--static void Decode (UINT4 *, unsigned char *, unsigned int);
-+static void Decode (UINT4 *, const unsigned char *, unsigned int);
-
- #ifdef HAVE_MEMCPY
- #define MD5_memcpy(output, input, len) memcpy((output), (input), (len))
-@@ -126,12 +126,13 @@
- operation, processing another message block, and updating the
- context.
- */
--void MD5_Update (context, input, inputLen)
-+void MD5_Update (context, _input, inputLen)
- MD5_CTX *context; /* context */
--unsigned char *input; /* input block */
-+const void *_input; /* input block */
- unsigned int inputLen; /* length of input block */
- {
- unsigned int i, ndx, partLen;
-+ const unsigned char *input = (const unsigned char*) _input;
+- p = hctx->plugin_data;
+ con = hctx->remote_conn;
- /* Compute number of bytes mod 64 */
- ndx = (unsigned int)((context->count[0] >> 3) & 0x3F);
-@@ -200,7 +201,7 @@
- */
- static void MD5Transform (state, block)
- UINT4 state[4];
--unsigned char block[64];
-+const unsigned char block[64];
- {
- UINT4 a = state[0], b = state[1], c = state[2], d = state[3], x[16];
+ log_error_write(srv, __FILE__, __LINE__, "ssdsd",
+@@ -2724,27 +2729,29 @@
+ /* check if extension matches */
+ for (k = 0; k < p->conf.exts->used; k++) {
+ size_t ct_len;
++ scgi_extension *ext = p->conf.exts->exts[k];
-@@ -313,7 +314,7 @@
- */
- static void Decode (output, input, len)
- UINT4 *output;
--unsigned char *input;
-+const unsigned char *input;
- unsigned int len;
- {
- unsigned int i, j;
-Index: src/mod_compress.c
-===================================================================
---- src/mod_compress.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/mod_compress.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -102,7 +102,7 @@
- return HANDLER_GO_ON;
- }
+- extension = p->conf.exts->exts[k];
++ if (ext->key->used == 0) continue;
--// 0 on success, -1 for error
-+/* 0 on success, -1 for error */
- int mkdir_recursive(char *dir) {
- char *p = dir;
+- if (extension->key->used == 0) continue;
++ ct_len = ext->key->used - 1;
-@@ -118,13 +118,13 @@
+- ct_len = extension->key->used - 1;
+-
+ if (s_len < ct_len) continue;
+
+ /* check extension in the form "/scgi_pattern" */
+- if (*(extension->key->ptr) == '/') {
+- if (strncmp(fn->ptr, extension->key->ptr, ct_len) == 0)
++ if (*(ext->key->ptr) == '/') {
++ if (strncmp(fn->ptr, ext->key->ptr, ct_len) == 0) {
++ extension = ext;
+ break;
+- } else if (0 == strncmp(fn->ptr + s_len - ct_len, extension->key->ptr, ct_len)) {
++ }
++ } else if (0 == strncmp(fn->ptr + s_len - ct_len, ext->key->ptr, ct_len)) {
+ /* check extension in the form ".fcg" */
++ extension = ext;
+ break;
}
+ }
- *p++ = '/';
-- if (!*p) return 0; // Ignore trailing slash
-+ if (!*p) return 0; /* Ignore trailing slash */
+ /* extension doesn't match */
+- if (k == p->conf.exts->used) {
++ if (NULL == extension) {
+ return HANDLER_GO_ON;
}
- return (mkdir(dir, 0700) != 0) && (errno != EEXIST) ? -1 : 0;
- }
+Index: src/mod_mysql_vhost.c
+===================================================================
+--- src/mod_mysql_vhost.c (.../tags/lighttpd-1.4.23)
++++ src/mod_mysql_vhost.c (.../branches/lighttpd-1.4.x)
+@@ -259,8 +259,14 @@
--// 0 on success, -1 for error
-+/* 0 on success, -1 for error */
- int mkdir_for_file(char *filename) {
- char *p = filename;
+ #define FOO(x) (s->x->used ? s->x->ptr : NULL)
-@@ -140,7 +140,7 @@
- }
++#if MYSQL_VERSION_ID >= 40100
++ /* CLIENT_MULTI_STATEMENTS first appeared in 4.1 */
+ if (!mysql_real_connect(s->mysql, FOO(hostname), FOO(myuser), FOO(mypass),
++ FOO(mydb), s->port, FOO(mysock), CLIENT_MULTI_STATEMENTS)) {
++#else
++ if (!mysql_real_connect(s->mysql, FOO(hostname), FOO(myuser), FOO(mypass),
+ FOO(mydb), s->port, FOO(mysock), 0)) {
++#endif
+ log_error_write(srv, __FILE__, __LINE__, "s", mysql_error(s->mysql));
+
+ return HANDLER_ERROR;
+@@ -369,6 +375,9 @@
+ if (!row || cols < 1) {
+ /* no such virtual host */
+ mysql_free_result(result);
++#if MYSQL_VERSION_ID >= 40100
++ while (mysql_next_result(p->conf.mysql) == 0);
++#endif
+ return HANDLER_GO_ON;
+ }
- *p++ = '/';
-- if (!*p) return -1; // Unexpected trailing slash in filename
-+ if (!*p) return -1; /* Unexpected trailing slash in filename */
+@@ -402,6 +411,9 @@
+ c->fcgi_offset = c->fcgi_arg->used = 0;
}
+ mysql_free_result(result);
++#if MYSQL_VERSION_ID >= 40100
++ while (mysql_next_result(p->conf.mysql) == 0);
++#endif
- return 0;
-@@ -178,9 +178,9 @@
- }
+ /* fix virtual server and docroot */
+ GO_ON: buffer_copy_string_buffer(con->server_name, c->server_name);
+@@ -416,6 +428,9 @@
+ return HANDLER_GO_ON;
+
+ ERR500: if (result) mysql_free_result(result);
++#if MYSQL_VERSION_ID >= 40100
++ while (mysql_next_result(p->conf.mysql) == 0);
++#endif
+ con->http_status = 500; /* Internal Error */
+ con->mode = DIRECT;
+ return HANDLER_FINISHED;
+@@ -424,15 +439,15 @@
+ /* this function is called at dlopen() time and inits the callbacks */
+ int mod_mysql_vhost_plugin_init(plugin *p);
+ int mod_mysql_vhost_plugin_init(plugin *p) {
+- p->version = LIGHTTPD_VERSION_ID;
+- p->name = buffer_init_string("mysql_vhost");
++ p->version = LIGHTTPD_VERSION_ID;
++ p->name = buffer_init_string("mysql_vhost");
+
+- p->init = mod_mysql_vhost_init;
+- p->cleanup = mod_mysql_vhost_cleanup;
+- p->handle_request_done = mod_mysql_vhost_handle_connection_close;
++ p->init = mod_mysql_vhost_init;
++ p->cleanup = mod_mysql_vhost_cleanup;
++ p->connection_reset = mod_mysql_vhost_handle_connection_close;
+
+- p->set_defaults = mod_mysql_vhost_set_defaults;
+- p->handle_docroot = mod_mysql_vhost_handle_docroot;
++ p->set_defaults = mod_mysql_vhost_set_defaults;
++ p->handle_docroot = mod_mysql_vhost_handle_docroot;
- if (!buffer_is_empty(s->compress_cache_dir)) {
-+ struct stat st;
- mkdir_recursive(s->compress_cache_dir->ptr);
+ return 0;
+ }
+@@ -441,7 +456,7 @@
+ int mod_mysql_vhost_plugin_init(plugin *p);
+ int mod_mysql_vhost_plugin_init(plugin *p) {
+ p->version = LIGHTTPD_VERSION_ID;
+- p->name = buffer_init_string("mysql_vhost");
++ p->name = buffer_init_string("mysql_vhost");
-- struct stat st;
- if (0 != stat(s->compress_cache_dir->ptr, &st)) {
- log_error_write(srv, __FILE__, __LINE__, "sbs", "can't stat compress.cache-dir",
- s->compress_cache_dir, strerror(errno));
-Index: src/md5.h
+ return 0;
+ }
+Index: src/request.c
===================================================================
---- src/md5.h (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/md5.h (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -42,6 +42,6 @@
- } MD5_CTX;
+--- src/request.c (.../tags/lighttpd-1.4.23)
++++ src/request.c (.../branches/lighttpd-1.4.x)
+@@ -111,7 +111,7 @@
+
+ /* check the first character at right of the dot */
+ if (is_ip == 0) {
+- if (!light_isalpha(host->ptr[i+1])) {
++ if (!light_isalnum(host->ptr[i+1])) {
+ return -1;
+ }
+ } else if (!light_isdigit(host->ptr[i+1])) {
+@@ -133,7 +133,7 @@
+ }
+ } else if (i == 0) {
+ /* the first character of the hostname */
+- if (!light_isalpha(c)) {
++ if (!light_isalnum(c)) {
+ return -1;
+ }
+ label_len++;
+@@ -540,8 +540,8 @@
+ con->response.keep_alive = 0;
+ con->keep_alive = 0;
+
+- log_error_write(srv, __FILE__, __LINE__, "s", "no uri specified -> 400");
+ if (srv->srvconf.log_request_header_on_error) {
++ log_error_write(srv, __FILE__, __LINE__, "s", "no uri specified -> 400");
+ log_error_write(srv, __FILE__, __LINE__, "Sb",
+ "request-header:\n",
+ con->request.request);
+Index: src/network_backends.h
+===================================================================
+--- src/network_backends.h (.../tags/lighttpd-1.4.23)
++++ src/network_backends.h (.../branches/lighttpd-1.4.x)
+@@ -45,6 +45,11 @@
+
+ #include "base.h"
- void MD5_Init (MD5_CTX *);
--void MD5_Update (MD5_CTX *, unsigned char *, unsigned int);
-+void MD5_Update (MD5_CTX *, const void *, unsigned int);
- void MD5_Final (unsigned char [16], MD5_CTX *);
++/* return values:
++ * >= 0 : chunks completed
++ * -1 : error (on our side)
++ * -2 : remote close
++ */
-Index: src/spawn-fcgi.c
+ int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq);
+ int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq);
+Index: src/mod_rrdtool.c
===================================================================
---- src/spawn-fcgi.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/spawn-fcgi.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -37,9 +37,9 @@
- #endif
+--- src/mod_rrdtool.c (.../tags/lighttpd-1.4.23)
++++ src/mod_rrdtool.c (.../branches/lighttpd-1.4.x)
+@@ -139,10 +139,8 @@
- #ifdef HAVE_SYS_UN_H
--int fcgi_spawn_connection(char *appPath, char **appArgv, char *addr, unsigned short port, const char *unixsocket, int child_count, int pid_fd, int nofork) {
-+int fcgi_spawn_connection(char *appPath, char **appArgv, char *addr, unsigned short port, const char *unixsocket, int fork_count, int child_count, int pid_fd, int nofork) {
- int fcgi_fd;
-- int socket_type, status;
-+ int socket_type, status, rc = 0;
- struct timeval tv = { 0, 100 * 1000 };
+ args[i++] = p->conf.path_rrdtool_bin->ptr;
+ args[i++] = dash;
+- args[i++] = NULL;
++ args[i ] = NULL;
- struct sockaddr_un fcgi_addr_un;
-@@ -48,9 +48,6 @@
+- openDevNull(STDERR_FILENO);
+-
+ /* we don't need the client socket */
+ for (i = 3; i < 256; i++) {
+ close(i);
+@@ -268,7 +266,7 @@
+ "RRA:MIN:0.5:24:775 "
+ "RRA:MIN:0.5:288:797\n"));
- socklen_t servlen;
+- if (-1 == (r = safe_write(p->write_fd, p->cmd->ptr, p->cmd->used - 1))) {
++ if (-1 == (safe_write(p->write_fd, p->cmd->ptr, p->cmd->used - 1))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss",
+ "rrdtool-write: failed", strerror(errno));
-- pid_t child;
-- int val;
--
- if (child_count < 2) {
- child_count = 5;
+Index: src/stat_cache.c
+===================================================================
+--- src/stat_cache.c (.../tags/lighttpd-1.4.23)
++++ src/stat_cache.c (.../branches/lighttpd-1.4.x)
+@@ -503,12 +503,10 @@
}
-@@ -74,25 +71,6 @@
- #endif
- socket_type = AF_UNIX;
- fcgi_addr = (struct sockaddr *) &fcgi_addr_un;
--
-- /* check if some backend is listening on the socket
-- * as if we delete the socket-file and rebind there will be no "socket already in use" error
-- */
-- if (-1 == (fcgi_fd = socket(socket_type, SOCK_STREAM, 0))) {
-- fprintf(stderr, "%s.%d\n",
-- __FILE__, __LINE__);
-- return -1;
-- }
--
-- if (-1 != connect(fcgi_fd, fcgi_addr, servlen)) {
-- fprintf(stderr, "%s.%d: socket is already used, can't spawn\n",
-- __FILE__, __LINE__);
-- return -1;
+
+ if (NULL == sce) {
+- int osize = 0;
++#ifdef DEBUG_STAT_CACHE
++ int osize = splaytree_size(sc->files);
++#endif
+
+- if (sc->files) {
+- osize = sc->files->size;
- }
-
-- /* cleanup previous socket if it exists */
-- unlink(unixsocket);
-- close(fcgi_fd);
- } else {
- fcgi_addr_in.sin_family = AF_INET;
- if (addr != NULL) {
-@@ -107,133 +85,176 @@
- fcgi_addr = (struct sockaddr *) &fcgi_addr_in;
- }
+ sce = stat_cache_entry_init();
+ buffer_copy_string_buffer(sce->name, name);
-- /* open socket */
- if (-1 == (fcgi_fd = socket(socket_type, SOCK_STREAM, 0))) {
- fprintf(stderr, "%s.%d\n",
- __FILE__, __LINE__);
- return -1;
- }
+Index: src/response.h
+===================================================================
+--- src/response.h (.../tags/lighttpd-1.4.23)
++++ src/response.h (.../branches/lighttpd-1.4.x)
+@@ -10,6 +10,7 @@
-- val = 1;
-- if (setsockopt(fcgi_fd, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val)) < 0) {
-- fprintf(stderr, "%s.%d\n",
-- __FILE__, __LINE__);
-- return -1;
-- }
-+ if (-1 == connect(fcgi_fd, fcgi_addr, servlen)) {
-+ /* server is not up, spawn in */
-+ pid_t child;
-+ int val;
-
-- /* create socket */
-- if (-1 == bind(fcgi_fd, fcgi_addr, servlen)) {
-- fprintf(stderr, "%s.%d: bind failed: %s\n",
-- __FILE__, __LINE__,
-- strerror(errno));
-- return -1;
-- }
-+ if (unixsocket) unlink(unixsocket);
+ int response_header_insert(server *srv, connection *con, const char *key, size_t keylen, const char *value, size_t vallen);
+ int response_header_overwrite(server *srv, connection *con, const char *key, size_t keylen, const char *value, size_t vallen);
++int response_header_append(server *srv, connection *con, const char *key, size_t keylen, const char *value, size_t vallen);
-- if (-1 == listen(fcgi_fd, 1024)) {
-- fprintf(stderr, "%s.%d: fd = -1\n",
-- __FILE__, __LINE__);
-- return -1;
-- }
-+ close(fcgi_fd);
+ handler_t http_response_prepare(server *srv, connection *con);
+ int http_response_redirect_to_directory(server *srv, connection *con);
+Index: src/mod_proxy.c
+===================================================================
+--- src/mod_proxy.c (.../tags/lighttpd-1.4.23)
++++ src/mod_proxy.c (.../branches/lighttpd-1.4.x)
+@@ -756,12 +756,15 @@
+
+ switch(hctx->state) {
+ case PROXY_STATE_INIT:
++#if defined(HAVE_IPV6) && defined(HAVE_INET_PTON)
+ if (strstr(host->host->ptr,":")) {
+ if (-1 == (hctx->fd = socket(AF_INET6, SOCK_STREAM, 0))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "socket failed: ", strerror(errno));
+ return HANDLER_ERROR;
+ }
+- } else {
++ } else
++#endif
++ {
+ if (-1 == (hctx->fd = socket(AF_INET, SOCK_STREAM, 0))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "socket failed: ", strerror(errno));
+ return HANDLER_ERROR;
+@@ -842,17 +845,14 @@
-- if (!nofork) {
-- child = fork();
-- } else {
-- child = 0;
-- }
-+ /* reopen socket */
-+ if (-1 == (fcgi_fd = socket(socket_type, SOCK_STREAM, 0))) {
-+ fprintf(stderr, "%s.%d\n",
-+ __FILE__, __LINE__);
-+ return -1;
-+ }
+ chunkqueue_remove_finished_chunks(hctx->wb);
-- switch (child) {
-- case 0: {
-- char cgi_childs[64];
-+ val = 1;
-+ if (setsockopt(fcgi_fd, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val)) < 0) {
-+ fprintf(stderr, "%s.%d\n",
-+ __FILE__, __LINE__);
-+ return -1;
-+ }
+- if (-1 == ret) {
+- if (errno != EAGAIN &&
+- errno != EINTR) {
+- log_error_write(srv, __FILE__, __LINE__, "ssd", "write failed:", strerror(errno), errno);
++ if (-1 == ret) { /* error on our side */
++ log_error_write(srv, __FILE__, __LINE__, "ssd", "write failed:", strerror(errno), errno);
-- int i = 0;
--
-- /* is safe as we limit to 256 childs */
-- sprintf(cgi_childs, "PHP_FCGI_CHILDREN=%d", child_count);
--
-- if(fcgi_fd != FCGI_LISTENSOCK_FILENO) {
-- close(FCGI_LISTENSOCK_FILENO);
-- dup2(fcgi_fd, FCGI_LISTENSOCK_FILENO);
-- close(fcgi_fd);
-+ /* create socket */
-+ if (-1 == bind(fcgi_fd, fcgi_addr, servlen)) {
-+ fprintf(stderr, "%s.%d: bind failed: %s\n",
-+ __FILE__, __LINE__,
-+ strerror(errno));
-+ return -1;
- }
+- return HANDLER_ERROR;
+- } else {
+- fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_OUT);
++ return HANDLER_WAIT_FOR_EVENT;
++ } else if (-2 == ret) { /* remote close */
++ log_error_write(srv, __FILE__, __LINE__, "ssd", "write failed, remote connection close:", strerror(errno), errno);
-- /* we don't need the client socket */
-- for (i = 3; i < 256; i++) {
-- close(i);
-+ if (-1 == listen(fcgi_fd, 1024)) {
-+ fprintf(stderr, "%s.%d: fd = -1\n",
-+ __FILE__, __LINE__);
-+ return -1;
+- return HANDLER_WAIT_FOR_EVENT;
+- }
++ return HANDLER_WAIT_FOR_EVENT;
}
-- /* create environment */
-+ while (fork_count-- > 0) {
+ if (hctx->wb->bytes_out == hctx->wb->bytes_in) {
+@@ -1107,19 +1107,20 @@
-- putenv(cgi_childs);
-+ if (!nofork) {
-+ child = fork();
-+ } else {
-+ child = 0;
-+ }
-
-- /* fork and replace shell */
-- if (appArgv) {
-- execv(appArgv[0], appArgv);
-+ switch (child) {
-+ case 0: {
-+ char cgi_childs[64];
-+ int max_fd = 0;
-
-- } else {
-- char *b = malloc(strlen("exec ") + strlen(appPath) + 1);
-- strcpy(b, "exec ");
-- strcat(b, appPath);
-+ int i = 0;
+ /* check if extension matches */
+ for (k = 0; k < p->conf.extensions->used; k++) {
++ data_array *ext = NULL;
+ size_t ct_len;
-- /* exec the cgi */
-- execl("/bin/sh", "sh", "-c", b, (char *)NULL);
-- }
-+ /* loose control terminal */
-+ setsid();
+- extension = (data_array *)p->conf.extensions->data[k];
++ ext = (data_array *)p->conf.extensions->data[k];
-- exit(errno);
-+ /* is safe as we limit to 256 childs */
-+ sprintf(cgi_childs, "PHP_FCGI_CHILDREN=%d", child_count);
+- if (extension->key->used == 0) continue;
++ if (ext->key->used == 0) continue;
-- break;
-- }
-- case -1:
-- /* error */
-- break;
-- default:
-- /* father */
-+ if(fcgi_fd != FCGI_LISTENSOCK_FILENO) {
-+ close(FCGI_LISTENSOCK_FILENO);
-+ dup2(fcgi_fd, FCGI_LISTENSOCK_FILENO);
-+ close(fcgi_fd);
-+ }
+- ct_len = extension->key->used - 1;
++ ct_len = ext->key->used - 1;
-- /* wait */
-- select(0, NULL, NULL, NULL, &tv);
-+ max_fd = open("/dev/null", O_RDWR);
-+ close(STDERR_FILENO);
-+ dup2(max_fd, STDERR_FILENO);
-+ close(max_fd);
-
-- switch (waitpid(child, &status, WNOHANG)) {
-- case 0:
-- fprintf(stderr, "%s.%d: child spawned successfully: PID: %d\n",
-- __FILE__, __LINE__,
-- child);
-+ max_fd = open("/dev/null", O_RDWR);
-+ close(STDOUT_FILENO);
-+ dup2(max_fd, STDOUT_FILENO);
-+ close(max_fd);
-
-- /* write pid file */
-- if (pid_fd != -1) {
-- /* assume a 32bit pid_t */
-- char pidbuf[12];
-+ /* we don't need the client socket */
-+ for (i = 3; i < max_fd; i++) {
-+ if (i != FCGI_LISTENSOCK_FILENO) close(i);
-+ }
+ if (s_len < ct_len) continue;
-- snprintf(pidbuf, sizeof(pidbuf) - 1, "%d", child);
-+ /* create environment */
+ /* check extension in the form "/proxy_pattern" */
+- if (*(extension->key->ptr) == '/') {
+- if (strncmp(fn->ptr, extension->key->ptr, ct_len) == 0) {
++ if (*(ext->key->ptr) == '/') {
++ if (strncmp(fn->ptr, ext->key->ptr, ct_len) == 0) {
+ if (s_len > ct_len + 1) {
+ char *pi_offset;
-- write(pid_fd, pidbuf, strlen(pidbuf));
-- close(pid_fd);
-- pid_fd = -1;
-+ putenv(cgi_childs);
-+
-+ /* fork and replace shell */
-+ if (appArgv) {
-+ execv(appArgv[0], appArgv);
-+
-+ } else {
-+ char *b = malloc(strlen("exec ") + strlen(appPath) + 1);
-+ strcpy(b, "exec ");
-+ strcat(b, appPath);
-+
-+ /* exec the cgi */
-+ execl("/bin/sh", "sh", "-c", b, (char *)NULL);
-+ }
-+
-+ exit(errno);
-+
-+ break;
- }
-+ case -1:
-+ /* error */
-+ break;
-+ default:
-+ /* father */
-
-- break;
-- case -1:
-- break;
-- default:
-- if (WIFEXITED(status)) {
-- fprintf(stderr, "%s.%d: child exited with: %d, %s\n",
-- __FILE__, __LINE__,
-- WEXITSTATUS(status), strerror(WEXITSTATUS(status)));
-- } else if (WIFSIGNALED(status)) {
-- fprintf(stderr, "%s.%d: child signaled: %d\n",
-- __FILE__, __LINE__,
-- WTERMSIG(status));
-- } else {
-- fprintf(stderr, "%s.%d: child died somehow: %d\n",
-- __FILE__, __LINE__,
-- status);
-+ /* wait */
-+ select(0, NULL, NULL, NULL, &tv);
-+
-+ switch (waitpid(child, &status, WNOHANG)) {
-+ case 0:
-+ fprintf(stdout, "%s.%d: child spawned successfully: PID: %d\n",
-+ __FILE__, __LINE__,
-+ child);
-+
-+ /* write pid file */
-+ if (pid_fd != -1) {
-+ /* assume a 32bit pid_t */
-+ char pidbuf[12];
-+
-+ snprintf(pidbuf, sizeof(pidbuf) - 1, "%d", child);
-+
-+ write(pid_fd, pidbuf, strlen(pidbuf));
-+ /* avoid eol for the last one */
-+ if (fork_count != 0) {
-+ write(pid_fd, "\n", 1);
-+ }
-+ }
-+
-+ break;
-+ case -1:
-+ break;
-+ default:
-+ if (WIFEXITED(status)) {
-+ fprintf(stderr, "%s.%d: child exited with: %d\n",
-+ __FILE__, __LINE__, WEXITSTATUS(status));
-+ rc = WEXITSTATUS(status);
-+ } else if (WIFSIGNALED(status)) {
-+ fprintf(stderr, "%s.%d: child signaled: %d\n",
-+ __FILE__, __LINE__,
-+ WTERMSIG(status));
-+ rc = 1;
-+ } else {
-+ fprintf(stderr, "%s.%d: child died somehow: %d\n",
-+ __FILE__, __LINE__,
-+ status);
-+ rc = status;
-+ }
-+ }
-+
-+ break;
+@@ -1127,15 +1128,17 @@
+ path_info_offset = pi_offset - fn->ptr;
+ }
+ }
++ extension = ext;
+ break;
}
+- } else if (0 == strncmp(fn->ptr + s_len - ct_len, extension->key->ptr, ct_len)) {
++ } else if (0 == strncmp(fn->ptr + s_len - ct_len, ext->key->ptr, ct_len)) {
+ /* check extension in the form ".fcg" */
++ extension = ext;
+ break;
}
--
-- break;
-+ close(pid_fd);
-+ pid_fd = -1;
-+ } else {
-+ fprintf(stderr, "%s.%d: socket is already used, can't spawn\n",
-+ __FILE__, __LINE__);
-+ return -1;
}
- close(fcgi_fd);
-
-- return 0;
-+ return rc;
- }
+- if (k == p->conf.extensions->used) {
++ if (NULL == extension) {
+ return HANDLER_GO_ON;
+ }
+Index: src/Makefile.am
+===================================================================
+--- src/Makefile.am (.../tags/lighttpd-1.4.23)
++++ src/Makefile.am (.../branches/lighttpd-1.4.x)
+@@ -13,14 +13,14 @@
+ versionstamp:
+ @test -f versionstamp.h || touch versionstamp.h; \
+ REVISION=""; \
+- if test -x "`which svnversion`"; then \
+- REVISION="$$(LANG=C svnversion "$(top_srcdir)" 2>/dev/null || echo exported)"; \
++ if test -d "$(top_srcdir)/.svn" -a -x "`which svnversion`"; then \
++ REVISION="$$(LANG= LC_ALL=C svnversion "$(top_srcdir)" 2>/dev/null || echo exported)"; \
+ if test "$$REVISION" = "exported"; then \
+ REVISION=""; \
+ fi; \
+ fi; \
+ if test -z "$$REVISION" -a -x "`which git`"; then \
+- REVISION="$$(cd "$(top_srcdir)"; LANG=C git describe --always 2>/dev/null || echo)"; \
++ REVISION="$$(cd "$(top_srcdir)"; LANG= LC_ALL=C git describe --always 2>/dev/null || echo)"; \
+ fi; \
+ if test -n "$$REVISION"; then \
+ echo "#define REPO_VERSION \"-devel-$$REVISION\"" > versionstamp.h.tmp; \
+Index: src/mod_expire.c
+===================================================================
+--- src/mod_expire.c (.../tags/lighttpd-1.4.23)
++++ src/mod_expire.c (.../branches/lighttpd-1.4.x)
+@@ -342,7 +342,7 @@
+ buffer_copy_string_len(p->expire_tstmp, CONST_STR_LEN("max-age="));
+ buffer_append_long(p->expire_tstmp, expires - srv->cur_ts); /* as expires >= srv->cur_ts the difference is >= 0 */
-@@ -256,6 +277,7 @@
- " -p <port> bind to tcp-port\n" \
- " -s <path> bind to unix-domain socket\n" \
- " -C <childs> (PHP only) numbers of childs to spawn (default 5)\n" \
-+" -F <childs> numbers of childs to fork (default 1)\n" \
- " -P <path> name of PID-file for spawed process\n" \
- " -n no fork (for daemontools)\n" \
- " -v show version\n" \
-@@ -276,20 +298,21 @@
- char **fcgi_app_argv = { NULL };
- unsigned short port = 0;
- int child_count = 5;
-+ int fork_count = 1;
- int i_am_root, o;
- int pid_fd = -1;
- int nofork = 0;
- struct sockaddr_un un;
-- const size_t sun_path_len = sizeof(un.sun_path);
-
- i_am_root = (getuid() == 0);
-
-- while(-1 != (o = getopt(argc, argv, "c:f:g:hna:p:u:vC:s:P:"))) {
-+ while (-1 != (o = getopt(argc, argv, "c:f:g:hna:p:u:vC:F:s:P:"))) {
- switch(o) {
- case 'f': fcgi_app = optarg; break;
- case 'a': addr = optarg;/* ip addr */ break;
- case 'p': port = strtol(optarg, NULL, 10);/* port */ break;
- case 'C': child_count = strtol(optarg, NULL, 10);/* */ break;
-+ case 'F': fork_count = strtol(optarg, NULL, 10);/* */ break;
- case 's': unixsocket = optarg; /* unix-domain socket */ break;
- case 'c': if (i_am_root) { changeroot = optarg; }/* chroot() */ break;
- case 'u': if (i_am_root) { username = optarg; } /* set user */ break;
-@@ -321,7 +344,7 @@
- return -1;
- }
+- response_header_overwrite(srv, con, CONST_STR_LEN("Cache-Control"), CONST_BUF_LEN(p->expire_tstmp));
++ response_header_append(srv, con, CONST_STR_LEN("Cache-Control"), CONST_BUF_LEN(p->expire_tstmp));
-- if (unixsocket && strlen(unixsocket) > sun_path_len - 1) {
-+ if (unixsocket && strlen(unixsocket) > sizeof(un.sun_path) - 1) {
- fprintf(stderr, "%s.%d: %s\n",
- __FILE__, __LINE__,
- "path of the unix socket is too long\n");
-@@ -416,18 +439,15 @@
- "I will not set gid to 0\n");
- return -1;
+ return HANDLER_GO_ON;
+ }
+Index: src/http_auth.c
+===================================================================
+--- src/http_auth.c (.../tags/lighttpd-1.4.23)
++++ src/http_auth.c (.../branches/lighttpd-1.4.x)
+@@ -918,15 +918,15 @@
+ char a1[256];
+ char a2[256];
+
+- char *username;
+- char *realm;
+- char *nonce;
+- char *uri;
+- char *algorithm;
+- char *qop;
+- char *cnonce;
+- char *nc;
+- char *respons;
++ char *username = NULL;
++ char *realm = NULL;
++ char *nonce = NULL;
++ char *uri = NULL;
++ char *algorithm = NULL;
++ char *qop = NULL;
++ char *cnonce = NULL;
++ char *nc = NULL;
++ char *respons = NULL;
+
+ char *e, *c;
+ const char *m = NULL;
+@@ -967,15 +967,9 @@
+ dkv[6].ptr = &cnonce;
+ dkv[7].ptr = &nc;
+ dkv[8].ptr = &respons;
+- dkv[9].ptr = NULL;
+
+ UNUSED(req);
+
+- for (i = 0; dkv[i].key; i++) {
+- *(dkv[i].ptr) = NULL;
+- }
+-
+-
+ if (p->conf.auth_backend != AUTH_BACKEND_HTDIGEST &&
+ p->conf.auth_backend != AUTH_BACKEND_PLAIN) {
+ log_error_write(srv, __FILE__, __LINE__, "s",
+Index: src/mod_redirect.c
+===================================================================
+--- src/mod_redirect.c (.../tags/lighttpd-1.4.23)
++++ src/mod_redirect.c (.../branches/lighttpd-1.4.x)
+@@ -203,7 +203,7 @@
}
-- }
+ } else {
+ const char **list;
+- size_t start, end;
++ size_t start;
+ size_t k;
-- /*
-- * Change group before chroot, when we have access
-- * to /etc/group
-- */
-- if (groupname) {
-+ /* do the change before we do the chroot() */
- setgid(grp->gr_gid);
-- setgroups(0, NULL);
-+ setgroups(0, NULL);
-+
- if (username) {
- initgroups(username, grp->gr_gid);
- }
-+
- }
+ /* it matched */
+@@ -213,17 +213,15 @@
- if (changeroot) {
-@@ -451,7 +471,7 @@
- }
- }
+ buffer_reset(p->location);
-- return fcgi_spawn_connection(fcgi_app, fcgi_app_argv, addr, port, unixsocket, child_count, pid_fd, nofork);
-+ return fcgi_spawn_connection(fcgi_app, fcgi_app_argv, addr, port, unixsocket, fork_count, child_count, pid_fd, nofork);
- }
- #else
- int main() {
-Index: src/mod_auth.c
-===================================================================
---- src/mod_auth.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/mod_auth.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -519,85 +519,86 @@
+- start = 0; end = pattern_len;
++ start = 0;
+ for (k = 0; k < pattern_len; k++) {
+ if (pattern[k] == '$' || pattern[k] == '%') {
+ /* got one */
- handler_t auth_ldap_init(server *srv, mod_auth_plugin_config *s) {
- #ifdef USE_LDAP
-- int ret;
-+ int ret;
- #if 0
-- if (s->auth_ldap_basedn->used == 0) {
-- log_error_write(srv, __FILE__, __LINE__, "s", "ldap: auth.backend.ldap.base-dn has to be set");
-+ if (s->auth_ldap_basedn->used == 0) {
-+ log_error_write(srv, __FILE__, __LINE__, "s", "ldap: auth.backend.ldap.base-dn has to be set");
+ size_t num = pattern[k + 1] - '0';
-- return HANDLER_ERROR;
-- }
-+ return HANDLER_ERROR;
-+ }
- #endif
+- end = k;
++ buffer_append_string_len(p->location, pattern + start, k - start);
-- if (s->auth_ldap_filter->used) {
-- char *dollar;
-+ if (s->auth_ldap_filter->used) {
-+ char *dollar;
+- buffer_append_string_len(p->location, pattern + start, end - start);
+-
+ if (!isdigit((unsigned char)pattern[k + 1])) {
+ /* enable escape: "%%" => "%", "%a" => "%a", "$$" => "$" */
+ buffer_append_string_len(p->location, pattern+k, pattern[k] == pattern[k+1] ? 1 : 2);
+Index: src/mod_webdav.c
+===================================================================
+--- src/mod_webdav.c (.../tags/lighttpd-1.4.23)
++++ src/mod_webdav.c (.../branches/lighttpd-1.4.x)
+@@ -1096,6 +1096,7 @@
+ }
+ #endif
-- /* parse filter */
-+ /* parse filter */
++#ifdef USE_LOCKS
+ static int webdav_lockdiscovery(server *srv, connection *con,
+ buffer *locktoken, const char *lockscope, const char *locktype, int depth) {
-- if (NULL == (dollar = strchr(s->auth_ldap_filter->ptr, '$'))) {
-- log_error_write(srv, __FILE__, __LINE__, "s", "ldap: auth.backend.ldap.filter is missing a replace-operator '$'");
-+ if (NULL == (dollar = strchr(s->auth_ldap_filter->ptr, '$'))) {
-+ log_error_write(srv, __FILE__, __LINE__, "s", "ldap: auth.backend.ldap.filter is missing a replace-operator '$'");
+@@ -1150,6 +1151,8 @@
-- return HANDLER_ERROR;
-- }
-+ return HANDLER_ERROR;
+ return 0;
+ }
++#endif
++
+ /**
+ * check if resource is having the right locks to access to resource
+ *
+Index: src/configparser.y
+===================================================================
+--- src/configparser.y (.../tags/lighttpd-1.4.23)
++++ src/configparser.y (.../branches/lighttpd-1.4.x)
+@@ -72,7 +72,7 @@
+ op1->free(op1);
+ return (data_unset *)ds;
+ } else {
+- fprintf(stderr, "data type mismatch, cannot be merge\n");
++ fprintf(stderr, "data type mismatch, cannot merge\n");
+ return NULL;
+ }
+ }
+@@ -193,7 +193,6 @@
+ du = configparser_merge_data(du, B);
+ if (NULL == du) {
+ ctx->ok = 0;
+- du->free(du);
+ }
+ else {
+ buffer_copy_string_buffer(du->key, A);
+@@ -470,7 +469,7 @@
+ case CONFIG_COND_MATCH: {
+ #ifdef HAVE_PCRE_H
+ const char *errptr;
+- int erroff;
++ int erroff, captures;
+
+ if (NULL == (dc->regex =
+ pcre_compile(rvalue->ptr, 0, &errptr, &erroff, NULL))) {
+@@ -487,6 +486,14 @@
+ fprintf(stderr, "studying regex failed: %s -> %s\n",
+ rvalue->ptr, errptr);
+ ctx->ok = 0;
++ } else if (0 != (pcre_fullinfo(dc->regex, dc->regex_study, PCRE_INFO_CAPTURECOUNT, &captures))) {
++ fprintf(stderr, "getting capture count for regex failed: %s\n",
++ rvalue->ptr);
++ ctx->ok = 0;
++ } else if (captures > 9) {
++ fprintf(stderr, "Too many captures in regex, use (?:...) instead of (...): %s\n",
++ rvalue->ptr);
++ ctx->ok = 0;
+ } else {
+ dc->string = buffer_init_buffer(rvalue);
+ }
+Index: src/mod_status.c
+===================================================================
+--- src/mod_status.c (.../tags/lighttpd-1.4.23)
++++ src/mod_status.c (.../branches/lighttpd-1.4.x)
+@@ -438,7 +438,7 @@
+
+ buffer_append_string_len(b, CONST_STR_LEN(
+ "<hr />\n<pre><b>legend</b>\n"
+- ". = connect, C = close, E = hard error\n"
++ ". = connect, C = close, E = hard error, k = keep-alive\n"
+ "r = read, R = read-POST, W = write, h = handle-request\n"
+ "q = request-start, Q = request-end\n"
+ "s = response-start, S = response-end\n"));
+@@ -449,8 +449,14 @@
+
+ for (j = 0; j < srv->conns->used; j++) {
+ connection *c = srv->conns->ptr[j];
+- const char *state = connection_get_short_state(c->state);
++ const char *state;
+
++ if (CON_STATE_READ == c->state && c->request.orig_uri->used > 0) {
++ state = "k";
++ } else {
++ state = connection_get_short_state(c->state);
+ }
++
+ buffer_append_string_len(b, state, 1);
-- buffer_copy_string_len(s->ldap_filter_pre, s->auth_ldap_filter->ptr, dollar - s->auth_ldap_filter->ptr);
-- buffer_copy_string(s->ldap_filter_post, dollar+1);
-- }
-+ buffer_copy_string_len(s->ldap_filter_pre, s->auth_ldap_filter->ptr, dollar - s->auth_ldap_filter->ptr);
-+ buffer_copy_string(s->ldap_filter_post, dollar+1);
-+ }
+ if (((j + 1) % 50) == 0) {
+@@ -497,7 +503,11 @@
-- if (s->auth_ldap_hostname->used) {
-- if (NULL == (s->ldap = ldap_init(s->auth_ldap_hostname->ptr, LDAP_PORT))) {
-- log_error_write(srv, __FILE__, __LINE__, "ss", "ldap ...", strerror(errno));
-+ if (s->auth_ldap_hostname->used) {
-+ if (NULL == (s->ldap = ldap_init(s->auth_ldap_hostname->ptr, LDAP_PORT))) {
-+ log_error_write(srv, __FILE__, __LINE__, "ss", "ldap ...", strerror(errno));
+ buffer_append_string_len(b, CONST_STR_LEN("</td><td class=\"string\">"));
-- return HANDLER_ERROR;
-- }
-+ return HANDLER_ERROR;
+- buffer_append_string(b, connection_get_state(c->state));
++ if (CON_STATE_READ == c->state && c->request.orig_uri->used > 0) {
++ buffer_append_string_len(b, CONST_STR_LEN("keep-alive"));
++ } else {
++ buffer_append_string(b, connection_get_state(c->state));
+ }
-- ret = LDAP_VERSION3;
-- if (LDAP_OPT_SUCCESS != (ret = ldap_set_option(s->ldap, LDAP_OPT_PROTOCOL_VERSION, &ret))) {
-- log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret));
-+ ret = LDAP_VERSION3;
-+ if (LDAP_OPT_SUCCESS != (ret = ldap_set_option(s->ldap, LDAP_OPT_PROTOCOL_VERSION, &ret))) {
-+ log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret));
+ buffer_append_string_len(b, CONST_STR_LEN("</td><td class=\"int\">"));
-+ return HANDLER_ERROR;
-+ }
+@@ -611,10 +621,10 @@
+ }
+
+ static handler_t mod_status_handle_server_statistics(server *srv, connection *con, void *p_d) {
+- plugin_data *p = p_d;
+- buffer *b = p->module_list;
++ buffer *b;
+ size_t i;
+ array *st = srv->status;
++ UNUSED(p_d);
+
+ if (0 == st->used) {
+ /* we have nothing to send */
+Index: src/mod_ssi.c
+===================================================================
+--- src/mod_ssi.c (.../tags/lighttpd-1.4.23)
++++ src/mod_ssi.c (.../branches/lighttpd-1.4.x)
+@@ -362,7 +362,8 @@
+ switch(ssicmd) {
+ case SSI_ECHO: {
+ /* echo */
+- int var = 0, enc = 0;
++ int var = 0;
++ /* int enc = 0; */
+ const char *var_val = NULL;
+ stat_cache_entry *sce = NULL;
+
+@@ -381,6 +382,7 @@
+ { NULL, SSI_ECHO_UNSET }
+ };
+
++/*
+ struct {
+ const char *var;
+ enum { SSI_ENC_UNSET, SSI_ENC_URL, SSI_ENC_NONE, SSI_ENC_ENTITY } type;
+@@ -391,6 +393,7 @@
+
+ { NULL, SSI_ENC_UNSET }
+ };
++*/
+
+ for (i = 2; i < n; i += 2) {
+ if (0 == strcmp(l[i], "var")) {
+@@ -405,6 +408,7 @@
+ }
+ }
+ } else if (0 == strcmp(l[i], "encoding")) {
++/*
+ int j;
+
+ for (j = 0; encvars[j].var; j++) {
+@@ -413,6 +417,7 @@
+ break;
+ }
+ }
++*/
+ } else {
+ log_error_write(srv, __FILE__, __LINE__, "sss",
+ "ssi: unknow attribute for ",
+Index: src/mod_auth.c
+===================================================================
+--- src/mod_auth.c (.../tags/lighttpd-1.4.23)
++++ src/mod_auth.c (.../branches/lighttpd-1.4.x)
+@@ -468,7 +468,7 @@
+
+ if (method == NULL) {
+ log_error_write(srv, __FILE__, __LINE__, "ss",
+- "the require field is missing in:",
++ "the method field is missing in:",
+ "auth.require = ( \"...\" => ( ..., \"method\" => \"...\" ) )");
+ return HANDLER_ERROR;
+ } else {
+@@ -483,7 +483,7 @@
+
+ if (realm == NULL) {
+ log_error_write(srv, __FILE__, __LINE__, "ss",
+- "the require field is missing in:",
++ "the realm field is missing in:",
+ "auth.require = ( \"...\" => ( ..., \"realm\" => \"...\" ) )");
+ return HANDLER_ERROR;
+ }
+Index: src/mod_cml_lua.c
+===================================================================
+--- src/mod_cml_lua.c (.../tags/lighttpd-1.4.23)
++++ src/mod_cml_lua.c (.../branches/lighttpd-1.4.x)
+@@ -2,6 +2,7 @@
+ #include <stdio.h>
+ #include <errno.h>
+ #include <time.h>
++#include <string.h>
+
+ #include "mod_cml.h"
+ #include "mod_cml_funcs.h"
+Index: src/http-header-glue.c
+===================================================================
+--- src/http-header-glue.c (.../tags/lighttpd-1.4.23)
++++ src/http-header-glue.c (.../branches/lighttpd-1.4.x)
+@@ -104,6 +104,21 @@
+ return response_header_insert(srv, con, key, keylen, value, vallen);
+ }
+
++int response_header_append(server *srv, connection *con, const char *key, size_t keylen, const char *value, size_t vallen) {
++ data_string *ds;
+
-+ if (s->auth_ldap_starttls) {
-+ /* if no CA file is given, it is ok, as we will use encryption
-+ * if the server requires a CAfile it will tell us */
-+ if (!buffer_is_empty(s->auth_ldap_cafile)) {
-+ if (LDAP_OPT_SUCCESS != (ret = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE,
-+ s->auth_ldap_cafile->ptr))) {
-+ log_error_write(srv, __FILE__, __LINE__, "ss",
-+ "Loading CA certificate failed:", ldap_err2string(ret));
++ UNUSED(srv);
+
- return HANDLER_ERROR;
- }
-+ }
++ /* if there already is a key by this name append the value */
++ if (NULL != (ds = (data_string *)array_get_element(con->response.headers, key))) {
++ buffer_append_string_len(ds->value, CONST_STR_LEN(", "));
++ buffer_append_string_len(ds->value, value, vallen);
++ return 0;
++ }
++
++ return response_header_insert(srv, con, key, keylen, value, vallen);
++}
++
+ int http_response_redirect_to_directory(server *srv, connection *con) {
+ buffer *o;
+
+@@ -259,7 +274,7 @@
+ }
+
+ if (0 == strncmp(con->request.http_if_modified_since, mtime->ptr, used_len)) {
+- con->http_status = 304;
++ if ('\0' == mtime->ptr[used_len]) con->http_status = 304;
+ return HANDLER_FINISHED;
+ } else {
+ char buf[sizeof("Sat, 23 Jul 2005 21:20:01 GMT")];
+@@ -281,15 +296,16 @@
+ strncpy(buf, con->request.http_if_modified_since, used_len);
+ buf[used_len] = '\0';
+
+- tm.tm_isdst = 0;
+ if (NULL == strptime(buf, "%a, %d %b %Y %H:%M:%S GMT", &tm)) {
+ con->http_status = 412;
+ con->mode = DIRECT;
+ return HANDLER_FINISHED;
+ }
++ tm.tm_isdst = 0;
+ t_header = mktime(&tm);
+
+ strptime(mtime->ptr, "%a, %d %b %Y %H:%M:%S GMT", &tm);
++ tm.tm_isdst = 0;
+ t_file = mktime(&tm);
+
+ if (t_file > t_header) return HANDLER_GO_ON;
+@@ -318,7 +334,7 @@
+ }
+
+ if (0 == strncmp(con->request.http_if_modified_since, mtime->ptr, used_len)) {
+- con->http_status = 304;
++ if ('\0' == mtime->ptr[used_len]) con->http_status = 304;
+ return HANDLER_FINISHED;
+ } else {
+ char buf[sizeof("Sat, 23 Jul 2005 21:20:01 GMT")];
+@@ -331,18 +347,17 @@
+ strncpy(buf, con->request.http_if_modified_since, used_len);
+ buf[used_len] = '\0';
+
+- tm.tm_isdst = 0;
+ if (NULL == strptime(buf, "%a, %d %b %Y %H:%M:%S GMT", &tm)) {
+ /**
+ * parsing failed, let's get out of here
+ */
+- log_error_write(srv, __FILE__, __LINE__, "ss",
+- "strptime() failed on", buf);
+ return HANDLER_GO_ON;
+ }
++ tm.tm_isdst = 0;
+ t_header = mktime(&tm);
+
+ strptime(mtime->ptr, "%a, %d %b %Y %H:%M:%S GMT", &tm);
++ tm.tm_isdst = 0;
+ t_file = mktime(&tm);
-- if (s->auth_ldap_starttls) {
-- /* if no CA file is given, it is ok, as we will use encryption
-- * if the server requires a CAfile it will tell us */
-- if (!buffer_is_empty(s->auth_ldap_cafile)) {
-- if (LDAP_OPT_SUCCESS != (ret = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE,
-- s->auth_ldap_cafile->ptr))) {
-- log_error_write(srv, __FILE__, __LINE__, "ss",
-- "Loading CA certificate failed:", ldap_err2string(ret));
-+ if (LDAP_OPT_SUCCESS != (ret = ldap_start_tls_s(s->ldap, NULL, NULL))) {
-+ log_error_write(srv, __FILE__, __LINE__, "ss", "ldap startTLS failed:", ldap_err2string(ret));
-
-- return HANDLER_ERROR;
-- }
-- }
-+ return HANDLER_ERROR;
-+ }
-+ }
+ if (t_file > t_header) return HANDLER_GO_ON;
+Index: src/mod_setenv.c
+===================================================================
+--- src/mod_setenv.c (.../tags/lighttpd-1.4.23)
++++ src/mod_setenv.c (.../branches/lighttpd-1.4.x)
+@@ -215,7 +215,7 @@
+ return HANDLER_GO_ON;
+ }
-- if (LDAP_OPT_SUCCESS != (ret = ldap_start_tls_s(s->ldap, NULL, NULL))) {
-- log_error_write(srv, __FILE__, __LINE__, "ss", "ldap startTLS failed:", ldap_err2string(ret));
+-REQUESTDONE_FUNC(mod_setenv_reset) {
++CONNECTION_FUNC(mod_setenv_reset) {
+ plugin_data *p = p_d;
-- return HANDLER_ERROR;
-- }
-- }
-+ /* 1. */
-+ if (s->auth_ldap_binddn->used) {
-+ if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(s->ldap, s->auth_ldap_binddn->ptr, s->auth_ldap_bindpw->ptr))) {
-+ log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret));
+ UNUSED(srv);
+@@ -240,7 +240,7 @@
+ p->set_defaults = mod_setenv_set_defaults;
+ p->cleanup = mod_setenv_free;
-+ return HANDLER_ERROR;
-+ }
-+ } else {
-+ if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(s->ldap, NULL, NULL))) {
-+ log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret));
+- p->handle_request_done = mod_setenv_reset;
++ p->connection_reset = mod_setenv_reset;
-- /* 1. */
-- if (s->auth_ldap_binddn->used) {
-- if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(s->ldap, s->auth_ldap_binddn->ptr, s->auth_ldap_bindpw->ptr))) {
-- log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret));
--
-- return HANDLER_ERROR;
-- }
-- } else {
-- if (LDAP_SUCCESS != (ret = ldap_simple_bind_s(s->ldap, NULL, NULL))) {
-- log_error_write(srv, __FILE__, __LINE__, "ss", "ldap:", ldap_err2string(ret));
--
-- return HANDLER_ERROR;
-- }
-- }
-+ return HANDLER_ERROR;
- }
-+ }
-+ }
-+ return HANDLER_GO_ON;
- #else
-- log_error_write(srv, __FILE__, __LINE__, "s", "no ldap support available");
-- return HANDLER_ERROR;
-+ UNUSED(s);
-+ log_error_write(srv, __FILE__, __LINE__, "s", "no ldap support available");
-+ return HANDLER_ERROR;
- #endif
-- return HANDLER_GO_ON;
- }
+ p->data = NULL;
- int mod_auth_plugin_init(plugin *p) {
Index: src/mod_fastcgi.c
===================================================================
---- src/mod_fastcgi.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/mod_fastcgi.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -236,6 +236,16 @@
- unsigned short break_scriptfilename_for_php;
+--- src/mod_fastcgi.c (.../tags/lighttpd-1.4.23)
++++ src/mod_fastcgi.c (.../branches/lighttpd-1.4.x)
+@@ -122,24 +122,11 @@
+ *
+ */
+- unsigned short min_procs;
+ unsigned short max_procs;
+ size_t num_procs; /* how many procs are started */
+ size_t active_procs; /* how many of them are really running */
+
+- unsigned short max_load_per_proc;
+-
/*
-+ * workaround for program when prefix="/"
-+ *
-+ * rule to build PATH_INFO is hardcoded for when check_local is disabled
-+ * enable this option to use the workaround
-+ *
-+ */
-+
-+ unsigned short fix_root_path_name;
-+
-+ /*
- * If the backend includes X-LIGHTTPD-send-file in the response
- * we use the value as filename and ignore the content.
+- * kick the process from the list if it was not
+- * used for idle_timeout until min_procs is
+- * reached. this helps to get the processlist
+- * small again we had a small peak load.
+- *
+- */
+-
+- unsigned short idle_timeout;
+-
+- /*
+ * time after a disabled remote connection is tried to be re-enabled
*
-@@ -937,6 +947,8 @@
+ *
+@@ -384,6 +371,21 @@
+ /* ok, we need a prototype */
+ static handler_t fcgi_handle_fdevent(void *s, void *ctx, int revents);
+
++static void reset_signals(void) {
++#ifdef SIGTTOU
++ signal(SIGTTOU, SIG_DFL);
++#endif
++#ifdef SIGTTIN
++ signal(SIGTTIN, SIG_DFL);
++#endif
++#ifdef SIGTSTP
++ signal(SIGTSTP, SIG_DFL);
++#endif
++ signal(SIGHUP, SIG_DFL);
++ signal(SIGPIPE, SIG_DFL);
++ signal(SIGUSR1, SIG_DFL);
++}
++
+ static void fastcgi_status_copy_procname(buffer *b, fcgi_extension_host *host, fcgi_proc *proc) {
+ buffer_copy_string_len(b, CONST_STR_LEN("fastcgi.backend."));
+ buffer_append_string_buffer(b, host->id);
+@@ -993,8 +995,6 @@
close(fcgi_fd);
}
-+ openDevNull(STDERR_FILENO);
-+
+- openDevNull(STDERR_FILENO);
+-
/* we don't need the client socket */
for (i = 3; i < 256; i++) {
close(i);
-@@ -1000,8 +1012,8 @@
- /* exec the cgi */
- execve(arg.ptr[0], arg.ptr, env.ptr);
-
-- log_error_write(srv, __FILE__, __LINE__, "sbs",
-- "execve failed for:", host->bin_path, strerror(errno));
-+ /* log_error_write(srv, __FILE__, __LINE__, "sbs",
-+ "execve failed for:", host->bin_path, strerror(errno)); */
+@@ -1054,6 +1054,7 @@
+ *c = '/';
+ }
- exit(errno);
++ reset_signals();
-@@ -1193,6 +1205,7 @@
- { "allow-x-send-file", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 15 */
- { "strip-request-uri", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 16 */
- { "kill-signal", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 17 */
-+ { "fix-root-scriptname", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 18 */
+ /* exec the cgi */
+ execve(arg.ptr[0], arg.ptr, env.ptr);
+@@ -1235,20 +1236,17 @@
+
+ { "check-local", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 5 */
+ { "port", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 6 */
+- { "min-procs-not-working", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 7 this is broken for now */
+- { "max-procs", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 8 */
+- { "max-load-per-proc", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 9 */
+- { "idle-timeout", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 10 */
+- { "disable-time", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 11 */
++ { "max-procs", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 7 */
++ { "disable-time", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 8 */
+
+- { "bin-environment", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 12 */
+- { "bin-copy-environment", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 13 */
++ { "bin-environment", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 9 */
++ { "bin-copy-environment", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 10 */
+
+- { "broken-scriptfilename", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 14 */
+- { "allow-x-send-file", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 15 */
+- { "strip-request-uri", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 16 */
+- { "kill-signal", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 17 */
+- { "fix-root-scriptname", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 18 */
++ { "broken-scriptfilename", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 11 */
++ { "allow-x-send-file", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 12 */
++ { "strip-request-uri", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 13 */
++ { "kill-signal", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 14 */
++ { "fix-root-scriptname", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 15 */
{ NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
};
-@@ -1220,6 +1233,7 @@
+@@ -1267,12 +1265,9 @@
+ buffer_copy_string_buffer(host->id, da_host->key);
+
+ host->check_local = 1;
+- host->min_procs = 4;
+ host->max_procs = 4;
+- host->max_load_per_proc = 1;
+- host->idle_timeout = 60;
+ host->mode = FCGI_RESPONDER;
+- host->disable_time = 60;
++ host->disable_time = 1;
host->break_scriptfilename_for_php = 0;
host->allow_xsendfile = 0; /* handle X-LIGHTTPD-send-file */
host->kill_signal = SIGTERM;
-+ host->fix_root_path_name = 0;
-
- fcv[0].destination = host->host;
- fcv[1].destination = host->docroot;
-@@ -1241,6 +1255,7 @@
- fcv[15].destination = &(host->allow_xsendfile);
- fcv[16].destination = host->strip_request_uri;
- fcv[17].destination = &(host->kill_signal);
-+ fcv[18].destination = &(host->fix_root_path_name);
+@@ -1286,19 +1281,16 @@
+
+ fcv[5].destination = &(host->check_local);
+ fcv[6].destination = &(host->port);
+- fcv[7].destination = &(host->min_procs);
+- fcv[8].destination = &(host->max_procs);
+- fcv[9].destination = &(host->max_load_per_proc);
+- fcv[10].destination = &(host->idle_timeout);
+- fcv[11].destination = &(host->disable_time);
++ fcv[7].destination = &(host->max_procs);
++ fcv[8].destination = &(host->disable_time);
+
+- fcv[12].destination = host->bin_env;
+- fcv[13].destination = host->bin_env_copy;
+- fcv[14].destination = &(host->break_scriptfilename_for_php);
+- fcv[15].destination = &(host->allow_xsendfile);
+- fcv[16].destination = host->strip_request_uri;
+- fcv[17].destination = &(host->kill_signal);
+- fcv[18].destination = &(host->fix_root_path_name);
++ fcv[9].destination = host->bin_env;
++ fcv[10].destination = host->bin_env_copy;
++ fcv[11].destination = &(host->break_scriptfilename_for_php);
++ fcv[12].destination = &(host->allow_xsendfile);
++ fcv[13].destination = host->strip_request_uri;
++ fcv[14].destination = &(host->kill_signal);
++ fcv[15].destination = &(host->fix_root_path_name);
if (0 != config_insert_values_internal(srv, da_host->value, fcv)) {
return HANDLER_ERROR;
-@@ -2544,7 +2559,10 @@
- stat_cache_entry *sce;
-
- if (HANDLER_ERROR != stat_cache_get_entry(srv, con, ds->value, &sce)) {
-- data_string *dcls = data_string_init();
-+ data_string *dcls;
-+ if (NULL == (dcls = (data_string *)array_get_unused_element(con->response.headers, TYPE_STRING))) {
-+ dcls = data_response_init();
-+ }
- /* found */
- http_chunk_append_file(srv, con, ds->value, 0, sce->st.st_size);
- hctx->send_content_body = 0; /* ignore the content */
-@@ -3074,7 +3092,7 @@
-
- /* check if the next server has no load. */
- ndx = hctx->ext->last_used_ndx + 1;
-- if(ndx >= hctx->ext->used || ndx < 0) ndx = 0;
-+ if(ndx >= (int) hctx->ext->used || ndx < 0) ndx = 0;
- host = hctx->ext->hosts[ndx];
- if (host->load > 0) {
- /* get backend with the least load. */
-@@ -3480,13 +3498,12 @@
-
- ct_len = extension->key->used - 1;
-
-- if (s_len < ct_len) continue;
+@@ -1355,23 +1347,16 @@
+ /* a local socket + self spawning */
+ size_t pno;
+
+- /* HACK: just to make sure the adaptive spawing is disabled */
+- host->min_procs = host->max_procs;
-
-- /* check extension in the form "/fcgi_pattern" */
-- if (*(extension->key->ptr) == '/') {
-- if (strncmp(fn->ptr, extension->key->ptr, ct_len) == 0)
-+ /* check _url_ in the form "/fcgi_pattern" */
-+ if (extension->key->ptr[0] == '/') {
-+ if ((ct_len <= con->uri.path->used -1) &&
-+ (strncmp(con->uri.path->ptr, extension->key->ptr, ct_len) == 0))
- break;
-- } else if (0 == strncmp(fn->ptr + s_len - ct_len, extension->key->ptr, ct_len)) {
-+ } else if ((ct_len <= s_len) && (0 == strncmp(fn->ptr + s_len - ct_len, extension->key->ptr, ct_len))) {
- /* check extension in the form ".fcg" */
- break;
+- if (host->min_procs > host->max_procs) host->max_procs = host->min_procs;
+- if (host->max_load_per_proc < 1) host->max_load_per_proc = 0;
+-
+ if (s->debug) {
+- log_error_write(srv, __FILE__, __LINE__, "ssbsdsbsdsd",
++ log_error_write(srv, __FILE__, __LINE__, "ssbsdsbsd",
+ "--- fastcgi spawning local",
+ "\n\tproc:", host->bin_path,
+ "\n\tport:", host->port,
+ "\n\tsocket", host->unixsocket,
+- "\n\tmin-procs:", host->min_procs,
+ "\n\tmax-procs:", host->max_procs);
+ }
+
+- for (pno = 0; pno < host->min_procs; pno++) {
++ for (pno = 0; pno < host->max_procs; pno++) {
+ fcgi_proc *proc;
+
+ proc = fastcgi_process_init();
+@@ -1391,7 +1376,7 @@
+ "--- fastcgi spawning",
+ "\n\tport:", host->port,
+ "\n\tsocket", host->unixsocket,
+- "\n\tcurrent:", pno, "/", host->min_procs);
++ "\n\tcurrent:", pno, "/", host->max_procs);
+ }
+
+ if (fcgi_spawn_connection(srv, p, host, proc)) {
+@@ -1426,7 +1411,6 @@
+
+ host->first = proc;
+
+- host->min_procs = 1;
+ host->max_procs = 1;
+ }
+
+@@ -2739,7 +2723,7 @@
+ log_error_write(srv, __FILE__, __LINE__, "ssbsdsd",
+ "--- fastcgi spawning",
+ "\n\tsocket", proc->connection_name,
+- "\n\tcurrent:", 1, "/", host->min_procs);
++ "\n\tcurrent:", 1, "/", host->max_procs);
+ }
+
+ if (fcgi_spawn_connection(srv, p, host, proc)) {
+@@ -2778,8 +2762,11 @@
+ * - tcp socket (do not check host->host->uses, as it may be not set which means INADDR_LOOPBACK)
+ * - unix socket
+ */
+- if (!host ||
+- (!host->port && !host->unixsocket->used)) {
++ if (!host) {
++ log_error_write(srv, __FILE__, __LINE__, "s", "fatal error: host = NULL");
++ return HANDLER_ERROR;
++ }
++ if ((!host->port && !host->unixsocket->used)) {
+ log_error_write(srv, __FILE__, __LINE__, "sxddd",
+ "write-req: error",
+ host,
+@@ -2787,7 +2774,7 @@
+ host->port,
+ host->unixsocket->used);
+
+- hctx->proc->disabled_until = srv->cur_ts + 10;
++ hctx->proc->disabled_until = srv->cur_ts + hctx->host->disable_time;
+ hctx->proc->state = PROC_STATE_DIED;
+
+ return HANDLER_ERROR;
+@@ -2803,7 +2790,7 @@
+ log_error_write(srv, __FILE__, __LINE__, "ss",
+ "getsockopt failed:", strerror(errno));
+
+- hctx->proc->disabled_until = srv->cur_ts + 10;
++ hctx->proc->disabled_until = srv->cur_ts + hctx->host->disable_time;
+ hctx->proc->state = PROC_STATE_DIED;
+
+ return HANDLER_ERROR;
+@@ -2817,7 +2804,7 @@
+ "socket:", hctx->proc->connection_name);
}
-@@ -3499,16 +3516,15 @@
- /* check if we have at least one server for this extension up and running */
- for (k = 0; k < extension->used; k++) {
-- host = extension->hosts[k];
-+ fcgi_extension_host *h = extension->hosts[k];
+- hctx->proc->disabled_until = srv->cur_ts + 5;
++ hctx->proc->disabled_until = srv->cur_ts + hctx->host->disable_time;
- /* we should have at least one proc that can do something */
-- if (host->active_procs == 0) {
-- host = NULL;
--
-+ if (h->active_procs == 0) {
- continue;
- }
+ if (hctx->proc->is_local) {
+ hctx->proc->state = PROC_STATE_DIED_WAIT_FOR_PID;
+@@ -2910,13 +2897,13 @@
+ /* cool down the backend, it is overloaded
+ * -> EAGAIN */
- /* we found one host that is alive */
-+ host = h;
- break;
- }
+- log_error_write(srv, __FILE__, __LINE__, "ssdsd",
+- "backend is overloaded; we'll disable it for 2 seconds and send the request to another backend instead:",
++ log_error_write(srv, __FILE__, __LINE__, "sdssdsd",
++ "backend is overloaded; we'll disable it for", hctx->host->disable_time, "seconds and send the request to another backend instead:",
+ "reconnects:", hctx->reconnects,
+ "load:", host->load);
-@@ -3582,6 +3598,13 @@
- * SCRIPT_NAME = /fcgi-bin/foo
- * PATH_INFO = /bar
- *
-+ * if prefix = /, and fix-root-path-name is enable
-+ *
-+ * /fcgi-bin/foo/bar
-+ *
-+ * SCRIPT_NAME = /fcgi-bin/foo
-+ * PATH_INFO = /bar
-+ *
- */
- /* the rewrite is only done for /prefix/? matches */
-@@ -3594,6 +3617,10 @@
+- hctx->proc->disabled_until = srv->cur_ts + 2;
++ hctx->proc->disabled_until = srv->cur_ts + hctx->host->disable_time;
+ hctx->proc->state = PROC_STATE_OVERLOADED;
- con->uri.path->used -= con->request.pathinfo->used - 1;
- con->uri.path->ptr[con->uri.path->used - 1] = '\0';
-+ } else if (host->fix_root_path_name && extension->key->ptr[0] == '/' && extension->key->ptr[1] == '\0') {
-+ buffer_copy_string(con->request.pathinfo, con->uri.path->ptr);
-+ con->uri.path->used = 1;
-+ con->uri.path->ptr[con->uri.path->used - 1] = '\0';
+ fastcgi_status_copy_procname(p->statuskey, hctx->host, hctx->proc);
+@@ -2930,18 +2917,18 @@
+ * - ECONNREFUSED for tcp-ip sockets
+ * - ENOENT for unix-domain-sockets
+ *
+- * for check if the host is back in 5 seconds
++ * for check if the host is back in hctx->host->disable_time seconds
+ * */
+
+- hctx->proc->disabled_until = srv->cur_ts + 5;
++ hctx->proc->disabled_until = srv->cur_ts + hctx->host->disable_time;
+ if (hctx->proc->is_local) {
+ hctx->proc->state = PROC_STATE_DIED_WAIT_FOR_PID;
+ } else {
+ hctx->proc->state = PROC_STATE_DIED;
}
- }
- } else {
-Index: src/mod_accesslog.c
-===================================================================
---- src/mod_accesslog.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/mod_accesslog.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -473,7 +473,7 @@
- continue;
- }
-- if (buffer_is_empty(s->access_logfile)) continue;
-+ if (s->access_logfile->used < 2) continue;
+- log_error_write(srv, __FILE__, __LINE__, "ssdsd",
+- "backend died; we'll disable it for 5 seconds and send the request to another backend instead:",
++ log_error_write(srv, __FILE__, __LINE__, "sdssdsd",
++ "backend died; we'll disable it for", hctx->host->disable_time, "seconds and send the request to another backend instead:",
+ "reconnects:", hctx->reconnects,
+ "load:", host->load);
- if (s->access_logfile->ptr[0] == '|') {
- #ifdef HAVE_FORK
-@@ -498,6 +498,8 @@
- /* not needed */
- close(to_log_fds[1]);
+@@ -3032,11 +3019,6 @@
+ "reconnect attempts:", hctx->reconnects);
-+ openDevNull(STDERR_FILENO);
-+
- /* we don't need the client socket */
- for (i = 3; i < 256; i++) {
- close(i);
-@@ -570,7 +572,7 @@
- }
+ return HANDLER_ERROR;
+- case EAGAIN:
+- case EINTR:
+- fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_OUT);
+-
+- return HANDLER_WAIT_FOR_EVENT;
+ default:
+ log_error_write(srv, __FILE__, __LINE__, "ssd",
+ "write failed:", strerror(errno), errno);
+@@ -3266,7 +3248,7 @@
+ log_error_write(srv, __FILE__, __LINE__, "ssbsdsd",
+ "--- fastcgi spawning",
+ "\n\tsocket", proc->connection_name,
+- "\n\tcurrent:", 1, "/", host->min_procs);
++ "\n\tcurrent:", 1, "/", host->max_procs);
+ }
+
+ if (fcgi_spawn_connection(srv, p, host, proc)) {
+@@ -3288,18 +3270,18 @@
+ hctx->reconnects < 5) {
+ fcgi_reconnect(srv, hctx);
+
+- log_error_write(srv, __FILE__, __LINE__, "ssbsbs",
++ log_error_write(srv, __FILE__, __LINE__, "ssbsBSBs",
+ "response not received, request not sent",
+ "on socket:", proc->connection_name,
+- "for", con->uri.path, ", reconnecting");
++ "for", con->uri.path, "?", con->uri.query, ", reconnecting");
+
+ return HANDLER_WAIT_FOR_FD;
+ }
- if (s->use_syslog == 0 &&
-- !buffer_is_empty(s->access_logfile) &&
-+ s->access_logfile->used > 1 &&
- s->access_logfile->ptr[0] != '|') {
+- log_error_write(srv, __FILE__, __LINE__, "sosbsbs",
++ log_error_write(srv, __FILE__, __LINE__, "sosbsBSBs",
+ "response not received, request sent:", hctx->wb->bytes_out,
+ "on socket:", proc->connection_name,
+- "for", con->uri.path, ", closing connection");
++ "for", con->uri.path, "?", con->uri.query, ", closing connection");
- close(s->log_access_fd);
-@@ -647,6 +649,9 @@
+ fcgi_connection_close(srv, hctx);
- mod_accesslog_patch_connection(srv, con, p);
+@@ -3311,10 +3293,10 @@
+ /* response might have been already started, kill the connection */
+ fcgi_connection_close(srv, hctx);
-+ /* No output device, nothing to do */
-+ if (!p->conf.use_syslog && p->conf.log_access_fd == -1) return HANDLER_GO_ON;
-+
- b = p->conf.access_logbuffer;
- if (b->used == 0) {
- buffer_copy_string(b, "");
-@@ -806,7 +811,14 @@
- buffer_append_string(b, "%");
- break;
- case FORMAT_SERVER_PORT:
-- buffer_append_long(b, srv->srvconf.port);
-+ {
-+ char *colon = strchr(((server_socket*)(con->srv_socket))->srv_token->ptr, ':');
-+ if (colon) {
-+ buffer_append_string(b, colon+1);
-+ } else {
-+ buffer_append_long(b, srv->srvconf.port);
-+ }
+- log_error_write(srv, __FILE__, __LINE__, "ssbsbs",
++ log_error_write(srv, __FILE__, __LINE__, "ssbsBSBs",
+ "response already sent out, but backend returned error",
+ "on socket:", proc->connection_name,
+- "for", con->uri.path, ", terminating connection");
++ "for", con->uri.path, "?", con->uri.query, ", terminating connection");
+
+ connection_set_state(srv, con, CON_STATE_ERROR);
+ }
+@@ -3364,9 +3346,9 @@
+ * even if the FCGI_FIN packet is not received yet
+ */
+ } else {
+- log_error_write(srv, __FILE__, __LINE__, "sbsbsd",
++ log_error_write(srv, __FILE__, __LINE__, "sBSbsbsd",
+ "error: unexpected close of fastcgi connection for",
+- con->uri.path,
++ con->uri.path, "?", con->uri.query,
+ "(no fastcgi process on socket:", proc->connection_name, "?)",
+ hctx->state);
+
+@@ -3489,25 +3471,27 @@
+ /* check if extension matches */
+ for (k = 0; k < p->conf.exts->used; k++) {
+ size_t ct_len; /* length of the config entry */
++ fcgi_extension *ext = p->conf.exts->exts[k];
+
+- extension = p->conf.exts->exts[k];
++ if (ext->key->used == 0) continue;
+
+- if (extension->key->used == 0) continue;
++ ct_len = ext->key->used - 1;
+
+- ct_len = extension->key->used - 1;
+-
+ /* check _url_ in the form "/fcgi_pattern" */
+- if (extension->key->ptr[0] == '/') {
++ if (ext->key->ptr[0] == '/') {
+ if ((ct_len <= con->uri.path->used -1) &&
+- (strncmp(con->uri.path->ptr, extension->key->ptr, ct_len) == 0))
++ (strncmp(con->uri.path->ptr, ext->key->ptr, ct_len) == 0)) {
++ extension = ext;
+ break;
+- } else if ((ct_len <= s_len) && (0 == strncmp(fn->ptr + s_len - ct_len, extension->key->ptr, ct_len))) {
+ }
++ } else if ((ct_len <= s_len) && (0 == strncmp(fn->ptr + s_len - ct_len, ext->key->ptr, ct_len))) {
+ /* check extension in the form ".fcg" */
++ extension = ext;
break;
- case FORMAT_QUERY_STRING:
- buffer_append_string_buffer(b, con->uri.query);
-Index: src/server.c
-===================================================================
---- src/server.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/server.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -573,20 +573,9 @@
+ }
+ }
+ /* extension doesn't match */
+- if (k == p->conf.exts->used) {
++ if (NULL == extension) {
+ return HANDLER_GO_ON;
+ }
}
+@@ -3535,8 +3519,8 @@
+ if (!extension->note_is_sent) {
+ extension->note_is_sent = 1;
+
+- log_error_write(srv, __FILE__, __LINE__, "sbsbs",
+- "all handlers for ", con->uri.path,
++ log_error_write(srv, __FILE__, __LINE__, "sBSbsbs",
++ "all handlers for", con->uri.path, "?", con->uri.query,
+ "on", extension->key,
+ "are down.");
+ }
+@@ -3727,107 +3711,12 @@
+ for (n = 0; n < ex->used; n++) {
- /* close stdin and stdout, as they are not needed */
-- /* move stdin to /dev/null */
-- if (-1 != (fd = open("/dev/null", O_RDONLY))) {
-- close(STDIN_FILENO);
-- dup2(fd, STDIN_FILENO);
-- close(fd);
-- }
-+ openDevNull(STDIN_FILENO);
-+ openDevNull(STDOUT_FILENO);
-
-- /* move stdout to /dev/null */
-- if (-1 != (fd = open("/dev/null", O_WRONLY))) {
-- close(STDOUT_FILENO);
-- dup2(fd, STDOUT_FILENO);
-- close(fd);
-- }
+ fcgi_proc *proc;
+- unsigned long sum_load = 0;
+ fcgi_extension_host *host;
+
+ host = ex->hosts[n];
+
+ fcgi_restart_dead_procs(srv, p, host);
+
+- for (proc = host->first; proc; proc = proc->next) {
+- sum_load += proc->load;
+- }
-
- if (0 != config_set_defaults(srv)) {
- log_error_write(srv, __FILE__, __LINE__, "s",
- "setting default values failed");
-@@ -893,8 +882,8 @@
- pid_fd = -1;
- }
+- if (host->num_procs &&
+- host->num_procs < host->max_procs &&
+- (sum_load / host->num_procs) > host->max_load_per_proc) {
+- /* overload, spawn new child */
+- if (p->conf.debug) {
+- log_error_write(srv, __FILE__, __LINE__, "s",
+- "overload detected, spawning a new child");
+- }
+-
+- for (proc = host->unused_procs; proc && proc->pid != 0; proc = proc->next);
+-
+- if (proc) {
+- if (proc == host->unused_procs) host->unused_procs = proc->next;
+-
+- if (proc->next) proc->next->prev = NULL;
+-
+- host->max_id++;
+- } else {
+- proc = fastcgi_process_init();
+- proc->id = host->max_id++;
+- }
+-
+- host->num_procs++;
+-
+- if (buffer_is_empty(host->unixsocket)) {
+- proc->port = host->port + proc->id;
+- } else {
+- buffer_copy_string_buffer(proc->unixsocket, host->unixsocket);
+- buffer_append_string_len(proc->unixsocket, CONST_STR_LEN("-"));
+- buffer_append_long(proc->unixsocket, proc->id);
+- }
+-
+- if (fcgi_spawn_connection(srv, p, host, proc)) {
+- log_error_write(srv, __FILE__, __LINE__, "s",
+- "ERROR: spawning fcgi failed.");
+- return HANDLER_ERROR;
+- }
+-
+- proc->prev = NULL;
+- proc->next = host->first;
+- if (host->first) {
+- host->first->prev = proc;
+- }
+- host->first = proc;
+- }
+-
+- for (proc = host->first; proc; proc = proc->next) {
+- if (proc->load != 0) break;
+- if (host->num_procs <= host->min_procs) break;
+- if (proc->pid == 0) continue;
+-
+- if (srv->cur_ts - proc->last_used > host->idle_timeout) {
+- /* a proc is idling for a long time now,
+- * terminate it */
+-
+- if (p->conf.debug) {
+- log_error_write(srv, __FILE__, __LINE__, "ssbsd",
+- "idle-timeout reached; terminating child:",
+- "socket:", proc->connection_name,
+- "pid", proc->pid);
+- }
+-
+-
+- if (proc->next) proc->next->prev = proc->prev;
+- if (proc->prev) proc->prev->next = proc->next;
+-
+- if (proc->prev == NULL) host->first = proc->next;
+-
+- proc->prev = NULL;
+- proc->next = host->unused_procs;
+-
+- if (host->unused_procs) host->unused_procs->prev = proc;
+- host->unused_procs = proc;
+-
+- kill(proc->pid, SIGTERM);
+-
+- proc->state = PROC_STATE_KILLED;
+-
+- log_error_write(srv, __FILE__, __LINE__, "ssbsd",
+- "killed:",
+- "socket:", proc->connection_name,
+- "pid", proc->pid);
+-
+- host->num_procs--;
+-
+- /* proc is now in unused, let the next second handle the next process */
+- break;
+- }
+- }
+-
+ for (proc = host->unused_procs; proc; proc = proc->next) {
+ int status;
+
+Index: src/fdevent_poll.c
+===================================================================
+--- src/fdevent_poll.c (.../tags/lighttpd-1.4.23)
++++ src/fdevent_poll.c (.../branches/lighttpd-1.4.x)
+@@ -132,7 +132,7 @@
+ if (poll_r & POLLNVAL) r |= FDEVENT_NVAL;
+ if (poll_r & POLLPRI) r |= FDEVENT_PRI;
+
+- return ev->pollfds[ndx].revents;
++ return r;
+ }
+
+ static int fdevent_poll_event_get_fd(fdevents *ev, size_t ndx) {
+Index: src/fdevent_select.c
+===================================================================
+--- src/fdevent_select.c (.../tags/lighttpd-1.4.23)
++++ src/fdevent_select.c (.../branches/lighttpd-1.4.x)
+@@ -38,7 +38,7 @@
+ UNUSED(fde_ndx);
+
+ /* we should be protected by max-fds, but you never know */
+- assert(fd < FD_SETSIZE);
++ assert(fd < ((int)FD_SETSIZE));
+
+ if (events & FDEVENT_IN) {
+ FD_SET(fd, &(ev->select_set_read));
+Index: src/CMakeLists.txt
+===================================================================
+Index: src/server.c
+===================================================================
+--- src/server.c (.../tags/lighttpd-1.4.23)
++++ src/server.c (.../branches/lighttpd-1.4.x)
+@@ -187,6 +187,7 @@
+ CLEAN(cond_check_buf);
+
+ CLEAN(srvconf.errorlog_file);
++ CLEAN(srvconf.breakagelog_file);
+ CLEAN(srvconf.groupname);
+ CLEAN(srvconf.username);
+ CLEAN(srvconf.changeroot);
+@@ -242,8 +243,8 @@
+ srv->srvconf.reject_expect_100_with_417 = 1;
+
+ /* use syslog */
+- srv->errorlog_fd = -1;
+- srv->errorlog_mode = ERRORLOG_STDERR;
++ srv->errorlog_fd = STDERR_FILENO;
++ srv->errorlog_mode = ERRORLOG_FD;
+
+ srv->split_vals = array_init();
+
+@@ -271,6 +272,7 @@
+ CLEAN(cond_check_buf);
+
+ CLEAN(srvconf.errorlog_file);
++ CLEAN(srvconf.breakagelog_file);
+ CLEAN(srvconf.groupname);
+ CLEAN(srvconf.username);
+ CLEAN(srvconf.changeroot);
+@@ -717,7 +719,7 @@
+ }
-- // Close stderr ASAP in the child process to make sure that nothing
-- // is being written to that fd which may not be valid anymore.
-+ /* Close stderr ASAP in the child process to make sure that nothing
-+ * is being written to that fd which may not be valid anymore. */
- if (-1 == log_error_open(srv)) {
- log_error_write(srv, __FILE__, __LINE__, "s", "Opening errorlog failed. Going down.");
+ if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
+- srv->max_fds = rlim.rlim_cur < FD_SETSIZE - 200 ? rlim.rlim_cur : FD_SETSIZE - 200;
++ srv->max_fds = rlim.rlim_cur < ((int)FD_SETSIZE) - 200 ? rlim.rlim_cur : FD_SETSIZE - 200;
+ } else {
+ srv->max_fds = rlim.rlim_cur;
+ }
+@@ -730,7 +732,7 @@
+ #endif
+ if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
+ /* don't raise the limit above FD_SET_SIZE */
+- if (srv->max_fds > FD_SETSIZE - 200) {
++ if (srv->max_fds > ((int)FD_SETSIZE) - 200) {
+ log_error_write(srv, __FILE__, __LINE__, "sd",
+ "can't raise max filedescriptors above", FD_SETSIZE - 200,
+ "if event-handler is 'select'. Use 'poll' or something else or reduce server.max-fds.");
+@@ -780,7 +782,7 @@
+ * Change group before chroot, when we have access
+ * to /etc/group
+ * */
+- if (srv->srvconf.groupname->used) {
++ if (NULL != grp) {
+ setgid(grp->gr_gid);
+ setgroups(0, NULL);
+ if (srv->srvconf.username->used) {
+@@ -804,7 +806,7 @@
+ #endif
+ #ifdef HAVE_PWD_H
+ /* drop root privs */
+- if (srv->srvconf.username->used) {
++ if (NULL != pwd) {
+ setuid(pwd->pw_uid);
+ }
+ #endif
+@@ -843,7 +845,7 @@
+ }
+ if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
+- srv->max_fds = rlim.rlim_cur < FD_SETSIZE - 200 ? rlim.rlim_cur : FD_SETSIZE - 200;
++ srv->max_fds = rlim.rlim_cur < ((int)FD_SETSIZE) - 200 ? rlim.rlim_cur : FD_SETSIZE - 200;
+ } else {
+ srv->max_fds = rlim.rlim_cur;
+ }
+@@ -857,7 +859,7 @@
+ #endif
+ if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
+ /* don't raise the limit above FD_SET_SIZE */
+- if (srv->max_fds > FD_SETSIZE - 200) {
++ if (srv->max_fds > ((int)FD_SETSIZE) - 200) {
+ log_error_write(srv, __FILE__, __LINE__, "sd",
+ "can't raise max filedescriptors above", FD_SETSIZE - 200,
+ "if event-handler is 'select'. Use 'poll' or something else or reduce server.max-fds.");
Index: src/mod_dirlisting.c
===================================================================
---- src/mod_dirlisting.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/mod_dirlisting.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -841,11 +841,11 @@
-
- /* Insert possible charset to Content-Type */
- if (buffer_is_empty(p->conf.encoding)) {
-- response_header_insert(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/html"));
-+ response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/html"));
- } else {
- buffer_copy_string(p->content_charset, "text/html; charset=");
- buffer_append_string_buffer(p->content_charset, p->conf.encoding);
-- response_header_insert(srv, con, CONST_STR_LEN("Content-Type"), CONST_BUF_LEN(p->content_charset));
-+ response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_BUF_LEN(p->content_charset));
- }
+--- src/mod_dirlisting.c (.../tags/lighttpd-1.4.23)
++++ src/mod_dirlisting.c (.../branches/lighttpd-1.4.x)
+@@ -198,7 +198,7 @@
+ data_unset *du;
- con->file_finished = 1;
+ if (NULL != (du = array_get_element(ca, option))) {
+- data_array *da = (data_array *)du;
++ data_array *da;
+ size_t j;
+
+ if (du->type != TYPE_ARRAY) {
Index: src/mod_magnet.c
===================================================================
---- src/mod_magnet.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/mod_magnet.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -414,10 +414,16 @@
- case MAGNET_ENV_URI_AUTHORITY: dest = con->uri.authority; break;
- case MAGNET_ENV_URI_QUERY: dest = con->uri.query; break;
-
-- case MAGNET_ENV_REQUEST_METHOD: break;
-+ case MAGNET_ENV_REQUEST_METHOD:
-+ buffer_copy_string(srv->tmp_buf, get_http_method_name(con->request.http_method));
-+ dest = srv->tmp_buf;
-+ break;
- case MAGNET_ENV_REQUEST_URI: dest = con->request.uri; break;
- case MAGNET_ENV_REQUEST_ORIG_URI: dest = con->request.orig_uri; break;
-- case MAGNET_ENV_REQUEST_PROTOCOL: break;
-+ case MAGNET_ENV_REQUEST_PROTOCOL:
-+ buffer_copy_string(srv->tmp_buf, get_http_version_name(con->request.http_version));
-+ dest = srv->tmp_buf;
-+ break;
-
- case MAGNET_ENV_UNSET: break;
- }
-@@ -761,11 +767,13 @@
+--- src/mod_magnet.c (.../tags/lighttpd-1.4.23)
++++ src/mod_magnet.c (.../branches/lighttpd-1.4.x)
+@@ -283,17 +283,11 @@
+ }
+
+ static int magnet_reqhdr_get(lua_State *L) {
+- server *srv;
+ connection *con;
+ data_string *ds;
- if (lua_return_value > 99) {
- con->http_status = lua_return_value;
-- con->file_finished = 1;
+ const char *key = luaL_checkstring(L, 2);
- /* try { ...*/
- if (0 == setjmp(exceptionjmp)) {
- magnet_attach_content(srv, con, p, L);
-+ if (!chunkqueue_is_empty(con->write_queue)) {
-+ con->mode = p->id;
-+ }
- } else {
- /* } catch () { */
- con->http_status = 500;
+- lua_pushstring(L, "lighty.srv");
+- lua_gettable(L, LUA_REGISTRYINDEX);
+- srv = lua_touserdata(L, -1);
+- lua_pop(L, 1);
+-
+ lua_pushstring(L, "lighty.con");
+ lua_gettable(L, LUA_REGISTRYINDEX);
+ con = lua_touserdata(L, -1);
Index: src/log.c
===================================================================
---- src/log.c (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/log.c (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -31,6 +31,29 @@
- # define O_LARGEFILE 0
- #endif
+--- src/log.c (.../tags/lighttpd-1.4.23)
++++ src/log.c (.../branches/lighttpd-1.4.x)
+@@ -62,7 +62,6 @@
+ /* create write pipe and spawn process */
-+/* Close fd and _try_ to get a /dev/null for it instead.
-+ * close() alone may trigger some bugs when a
-+ * process opens another file and gets fd = STDOUT_FILENO or STDERR_FILENO
-+ * and later tries to just print on stdout/stderr
-+ *
-+ * Returns 0 on success and -1 on failure (fd gets closed in all cases)
-+ */
-+int openDevNull(int fd) {
-+ int tmpfd;
-+ close(fd);
-+#if defined(__WIN32)
-+ /* Cygwin should work with /dev/null */
-+ tmpfd = open("nul", O_RDWR);
-+#else
-+ tmpfd = open("/dev/null", O_RDWR);
-+#endif
-+ if (tmpfd != -1 && tmpfd != fd) {
-+ dup2(tmpfd, fd);
-+ close(tmpfd);
-+ }
-+ return (tmpfd != -1) ? 0 : -1;
-+}
-+
- /**
- * open the errorlog
- *
-@@ -44,7 +67,6 @@
+ int to_log_fds[2];
+- pid_t pid;
+
+ if (pipe(to_log_fds)) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "pipe failed: ", strerror(errno));
+@@ -70,7 +69,7 @@
+ }
+
+ /* fork, execve */
+- switch (pid = fork()) {
++ switch (fork()) {
+ case 0:
+ /* child */
+ close(STDIN_FILENO);
+@@ -150,14 +149,14 @@
*/
int log_error_open(server *srv) {
-- int fd;
- int close_stderr = 1;
-
+- int close_stderr = 1;
+-
#ifdef HAVE_SYSLOG_H
-@@ -78,15 +100,16 @@
- /* don't close stderr for debugging purposes if run in valgrind */
- if (RUNNING_ON_VALGRIND) close_stderr = 0;
+ /* perhaps someone wants to use syslog() */
+ openlog("lighttpd", LOG_CONS | LOG_PID, LOG_DAEMON);
#endif
-- if (srv->errorlog_mode == ERRORLOG_STDERR) close_stderr = 0;
+- srv->errorlog_mode = ERRORLOG_STDERR;
-+ if (srv->errorlog_mode == ERRORLOG_STDERR && srv->srvconf.dont_daemonize) {
-+ /* We can only log to stderr in dont-daemonize mode;
-+ * if we do daemonize and no errorlog file is specified, we log into /dev/null
-+ */
-+ close_stderr = 0;
-+ }
++ srv->errorlog_mode = ERRORLOG_FD;
++ srv->errorlog_fd = STDERR_FILENO;
+
- /* move stderr to /dev/null */
-- if (close_stderr &&
-- -1 != (fd = open("/dev/null", O_WRONLY))) {
-- close(STDERR_FILENO);
-- dup2(fd, STDERR_FILENO);
-- close(fd);
-- }
-+ if (close_stderr) openDevNull(STDERR_FILENO);
+ if (srv->srvconf.errorlog_use_syslog) {
+ srv->errorlog_mode = ERRORLOG_SYSLOG;
+ } else if (!buffer_is_empty(srv->srvconf.errorlog_file)) {
+@@ -171,20 +170,36 @@
+
+ log_error_write(srv, __FILE__, __LINE__, "s", "server started");
+
+-#ifdef HAVE_VALGRIND_VALGRIND_H
+- /* don't close stderr for debugging purposes if run in valgrind */
+- if (RUNNING_ON_VALGRIND) close_stderr = 0;
+-#endif
+-
+- if (srv->errorlog_mode == ERRORLOG_STDERR && srv->srvconf.dont_daemonize) {
++ if (srv->errorlog_mode == ERRORLOG_FD && !srv->srvconf.dont_daemonize) {
+ /* We can only log to stderr in dont-daemonize mode;
+ * if we do daemonize and no errorlog file is specified, we log into /dev/null
+ */
+- close_stderr = 0;
++ srv->errorlog_fd = -1;
+ }
+
+- /* move stderr to /dev/null */
+- if (close_stderr) openDevNull(STDERR_FILENO);
++ if (!buffer_is_empty(srv->srvconf.breakagelog_file)) {
++ int breakage_fd;
++ const char *logfile = srv->srvconf.breakagelog_file->ptr;
++
++ if (srv->errorlog_mode == ERRORLOG_FD) {
++ srv->errorlog_fd = dup(STDERR_FILENO);
++#ifdef FD_CLOEXEC
++ fcntl(srv->errorlog_fd, F_SETFD, FD_CLOEXEC);
++#endif
++ }
++
++ if (-1 == (breakage_fd = open_logfile_or_pipe(srv, logfile))) {
++ return -1;
++ }
++
++ if (STDERR_FILENO != breakage_fd) {
++ dup2(breakage_fd, STDERR_FILENO);
++ close(breakage_fd);
++ }
++ } else if (!srv->srvconf.dont_daemonize) {
++ /* move stderr to /dev/null */
++ openDevNull(STDERR_FILENO);
++ }
return 0;
}
-Index: src/log.h
+@@ -235,15 +250,19 @@
+ switch(srv->errorlog_mode) {
+ case ERRORLOG_PIPE:
+ case ERRORLOG_FILE:
+- close(srv->errorlog_fd);
++ case ERRORLOG_FD:
++ if (-1 != srv->errorlog_fd) {
++ /* don't close STDERR */
++ if (STDERR_FILENO != srv->errorlog_fd)
++ close(srv->errorlog_fd);
++ srv->errorlog_fd = -1;
++ }
+ break;
+ case ERRORLOG_SYSLOG:
+ #ifdef HAVE_SYSLOG_H
+ closelog();
+ #endif
+ break;
+- case ERRORLOG_STDERR:
+- break;
+ }
+
+ return 0;
+@@ -255,7 +274,8 @@
+ switch(srv->errorlog_mode) {
+ case ERRORLOG_PIPE:
+ case ERRORLOG_FILE:
+- case ERRORLOG_STDERR:
++ case ERRORLOG_FD:
++ if (-1 == srv->errorlog_fd) return 0;
+ /* cache the generated timestamp */
+ if (srv->cur_ts != srv->last_generated_debug_ts) {
+ buffer_prepare_copy(srv->ts_debug_str, 255);
+@@ -349,13 +369,10 @@
+ switch(srv->errorlog_mode) {
+ case ERRORLOG_PIPE:
+ case ERRORLOG_FILE:
++ case ERRORLOG_FD:
+ buffer_append_string_len(srv->errorlog_buf, CONST_STR_LEN("\n"));
+ write(srv->errorlog_fd, srv->errorlog_buf->ptr, srv->errorlog_buf->used - 1);
+ break;
+- case ERRORLOG_STDERR:
+- buffer_append_string_len(srv->errorlog_buf, CONST_STR_LEN("\n"));
+- write(STDERR_FILENO, srv->errorlog_buf->ptr, srv->errorlog_buf->used - 1);
+- break;
+ case ERRORLOG_SYSLOG:
+ syslog(LOG_ERR, "%s", srv->errorlog_buf->ptr);
+ break;
+Index: src/proc_open.c
===================================================================
---- src/log.h (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ src/log.h (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -3,6 +3,11 @@
+--- src/proc_open.c (.../tags/lighttpd-1.4.23)
++++ src/proc_open.c (.../branches/lighttpd-1.4.x)
+@@ -309,6 +309,14 @@
- #include "server.h"
+ if (err) {
+ proc_read_fd_to_buffer(proc.err.fd, err);
++ } else {
++ buffer *tmp = buffer_init();
++ proc_read_fd_to_buffer(proc.err.fd, tmp);
++ if (tmp->used > 0 && write(2, (void*)tmp->ptr, tmp->used) < 0) {
++ perror("error writing pipe");
++ return -1;
++ }
++ buffer_free(tmp);
+ }
+ pipe_close(&proc.err);
-+/* Close fd and _try_ to get a /dev/null for it instead.
-+ * Returns 0 on success and -1 on failure (fd gets closed in all cases)
-+ */
-+int openDevNull(int fd);
-+
- #define WP() log_error_write(srv, __FILE__, __LINE__, "");
-
- int log_error_open(server *srv);
-
-Property changes on: tests/symlink.t
-___________________________________________________________________
-Name: svn:executable
- + *
-
-Index: tests/request.t
-===================================================================
---- tests/request.t (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ tests/request.t (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -101,7 +101,7 @@
- Expect: 100-continue
- EOF
- );
--$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.1', 'HTTP-Status' => 417, '-HTTP-Content' => ''} ];
-+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.1', 'HTTP-Status' => 417 } ];
- ok($tf->handle_http($t) == 0, 'Continue, Expect');
-
- ## ranges
-
-Property changes on: tests/env-variables.t
-___________________________________________________________________
-Name: svn:executable
- + *
-
-Index: tests/mod-fastcgi.t
-===================================================================
---- tests/mod-fastcgi.t (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ tests/mod-fastcgi.t (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -65,7 +65,7 @@
- EOF
- );
- $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'HTTP-Content' => '/get-server-env.php' } ];
-- ok($tf->handle_http($t) == 0, '$_SERVER["PHP_SELF"]');
-+ ok($tf->handle_http($t) == 0, '$_SERVER["SCRIPT_NAME"]');
-
- $t->{REQUEST} = ( <<EOF
- GET /get-server-env.php/foo?env=PATH_INFO HTTP/1.0
-Index: tests/docroot/www/get-env.php
-===================================================================
---- tests/docroot/www/get-env.php (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ tests/docroot/www/get-env.php (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -1,3 +1,4 @@
- <?php
-- print $_ENV[$_GET["env"]];
-+ $env = $_GET["env"];
-+ print isset($_ENV[$env]) ? $_ENV[$env] : '';
- ?>
-
-Property changes on: tests/core-404-handler.t
-___________________________________________________________________
-Name: svn:executable
- + *
-
-Index: doc/userdir.txt
-===================================================================
---- doc/userdir.txt (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ doc/userdir.txt (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -46,10 +46,10 @@
- Options
- =======
-
--userdir.path
-+userdir.path (required option)
- usually it should be set to "public_html" to take ~/public_html/ as the document root
-
-- Default: empty (document root is the home directory)
-+ Default: unset (mod_userdir disabled; set it to "" if you want the home directory to be the document root as it was the default before 1.4.19)
- Example: ::
-
- userdir.path = "public_html"
-Index: SConstruct
+Index: tests/.cvsignore
+===================================================================
+Index: tests/bug-12.conf
+===================================================================
+--- tests/bug-12.conf (.../tags/lighttpd-1.4.23)
++++ tests/bug-12.conf (.../branches/lighttpd-1.4.x)
+@@ -8,6 +8,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/fastcgi-10.conf
+===================================================================
+--- tests/fastcgi-10.conf (.../tags/lighttpd-1.4.23)
++++ tests/fastcgi-10.conf (.../branches/lighttpd-1.4.x)
+@@ -6,6 +6,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/bug-06.conf
+===================================================================
+--- tests/bug-06.conf (.../tags/lighttpd-1.4.23)
++++ tests/bug-06.conf (.../branches/lighttpd-1.4.x)
+@@ -8,6 +8,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/mod-extforward.conf
+===================================================================
+Index: tests/var-include.conf
+===================================================================
+--- tests/var-include.conf (.../tags/lighttpd-1.4.23)
++++ tests/var-include.conf (.../branches/lighttpd-1.4.x)
+@@ -10,6 +10,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/404-handler.conf
+===================================================================
+--- tests/404-handler.conf (.../tags/lighttpd-1.4.23)
++++ tests/404-handler.conf (.../branches/lighttpd-1.4.x)
+@@ -10,6 +10,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/lowercase.conf
+===================================================================
+--- tests/lowercase.conf (.../tags/lighttpd-1.4.23)
++++ tests/lowercase.conf (.../branches/lighttpd-1.4.x)
+@@ -6,6 +6,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+
+ server.force-lowercase-filenames = "enable"
+
+Index: tests/condition.conf
+===================================================================
+--- tests/condition.conf (.../tags/lighttpd-1.4.23)
++++ tests/condition.conf (.../branches/lighttpd-1.4.x)
+@@ -10,6 +10,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/fastcgi-13.conf
+===================================================================
+--- tests/fastcgi-13.conf (.../tags/lighttpd-1.4.23)
++++ tests/fastcgi-13.conf (.../branches/lighttpd-1.4.x)
+@@ -10,6 +10,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/mod-compress.conf
+===================================================================
+--- tests/mod-compress.conf (.../tags/lighttpd-1.4.23)
++++ tests/mod-compress.conf (.../branches/lighttpd-1.4.x)
+@@ -11,6 +11,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+
+ server.modules = (
+Index: tests/lighttpd.conf
+===================================================================
+--- tests/lighttpd.conf (.../tags/lighttpd-1.4.23)
++++ tests/lighttpd.conf (.../branches/lighttpd-1.4.x)
+@@ -13,6 +13,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/fastcgi-responder.conf
===================================================================
---- SConstruct (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ SConstruct (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -5,7 +5,7 @@
- from stat import *
+--- tests/fastcgi-responder.conf (.../tags/lighttpd-1.4.23)
++++ tests/fastcgi-responder.conf (.../branches/lighttpd-1.4.x)
+@@ -15,6 +15,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/fastcgi-auth.conf
+===================================================================
+--- tests/fastcgi-auth.conf (.../tags/lighttpd-1.4.23)
++++ tests/fastcgi-auth.conf (.../branches/lighttpd-1.4.x)
+@@ -12,6 +12,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/proxy.conf
+===================================================================
+--- tests/proxy.conf (.../tags/lighttpd-1.4.23)
++++ tests/proxy.conf (.../branches/lighttpd-1.4.x)
+@@ -6,6 +6,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Proxy"
+
+Index: tests/LightyTest.pm
+===================================================================
+--- tests/LightyTest.pm (.../tags/lighttpd-1.4.23)
++++ tests/LightyTest.pm (.../branches/lighttpd-1.4.x)
+@@ -87,14 +87,21 @@
+ my $self = shift;
+ my $port = shift;
+ my $child = shift;
++ my $timeout = 5*10; # 5 secs, select waits 0.1 s
+
+ while (0 == $self->listening_on($port)) {
+ select(undef, undef, undef, 0.1);
++ $timeout--;
+
+ # the process is gone, we failed
+ if (0 != waitpid($child, WNOHANG)) {
+ return -1;
+ }
++ if (0 >= $timeout) {
++ diag("Timeout while trying to connect; killing child");
++ kill('TERM', $child);
++ return -1;
++ }
+ }
+
+ return 0;
+Index: configure.ac
+===================================================================
+Index: doc/.cvsignore
+===================================================================
+Index: doc/fastcgi.txt
+===================================================================
+--- doc/fastcgi.txt (.../tags/lighttpd-1.4.23)
++++ doc/fastcgi.txt (.../branches/lighttpd-1.4.x)
+@@ -95,23 +95,22 @@
+ (
+ ( "host" => <string> ,
+ "port" => <integer> ,
+- "socket" => <string>, # either socket
+- # or host+port
+- "bin-path" => <string>, # OPTIONAL
+- "bin-environment" => <array>, # OPTIONAL
+- "bin-copy-environment" => <array>, # OPTIONAL
++ "socket" => <string>, # either socket
++ # or host+port
++ "bin-path" => <string>, # OPTIONAL
++ "bin-environment" => <array>, # OPTIONAL
++ "bin-copy-environment" => <array>, # OPTIONAL
+ "mode" => <string>, # OPTIONAL
+ "docroot" => <string> , # OPTIONAL if "mode"
+- # is not "authorizer"
++ # is not "authorizer"
+ "check-local" => <string>, # OPTIONAL
+- "min-procs" => <integer>, # OPTIONAL
+- "max-procs" => <integer>, # OPTIONAL
+- "max-load-per-proc" => <integer>, # OPTIONAL
+- "idle-timeout" => <integer>, # OPTIONAL
+- "broken-scriptfilename" => <boolean>, # OPTIONAL
++ "max-procs" => <integer>, # OPTIONAL
++ "broken-scriptfilename" => <boolean>, # OPTIONAL
+ "disable-time" => <integer>, # optional
+- "allow-x-send-file" => <boolean> # optional
+- ),
++ "allow-x-send-file" => <boolean>, # optional
++ "kill-signal" => <integer>, # OPTIONAL
++ "fix-root-scriptname" => <boolean>,
++ # OPTIONAL
+ ( "host" => ...
+ )
+ )
+@@ -127,42 +126,38 @@
+ :"socket": path to the unix-domain socket
+ :"mode": is the FastCGI protocol mode.
+ Default is "responder", also "authorizer"
+- mode is implemented.
++ mode is implemented.
+ :"docroot": is optional and is the docroot on the remote
+ host for default "responder" mode. For
+- "authorizer" mode it is MANDATORY and it points
+- to docroot for authorized requests. For security
+- reasons it is recommended to keep this docroot
++ "authorizer" mode it is MANDATORY and it points
++ to docroot for authorized requests. For security
++ reasons it is recommended to keep this docroot
+ outside of server.document-root tree.
+ :"check-local": is optional and may be "enable" (default) or
+ "disable". If enabled the server first check
+- for a file in local server.document-root tree
+- and return 404 (Not Found) if no such file.
++ for a file in local server.document-root tree
++ and return 404 (Not Found) if no such file.
+ If disabled, the server forward request to
+- FastCGI interface without this check.
++ FastCGI interface without this check.
+ :"broken-scriptfilename": breaks SCRIPT_FILENAME in a wat that
+ PHP can extract PATH_INFO from it (default: disabled)
+ :"disable-time": time to wait before a disabled backend is checked
+ again
+ :"allow-x-send-file": controls if X-LIGHTTPD-send-file headers
+ are allowed
++ :"fix-root-scriptname": fix broken path-info split for "/" extension ("prefix")
+
+ If bin-path is set:
+
+- :"min-procs": sets the minium processes to start
+ :"max-procs": the upper limit of the processess to start
+- :"max-load-per-proc": maximum number of waiting processes on
+- average per process before a new process is
+- spawned
+- :"idle-timeout": number of seconds before a unused process
+- gets terminated
+ :"bin-environment": put an entry into the environment of
+ the started process
+ :"bin-copy-environement": clean up the environment and copy
+ only the specified entries into the fresh
+ environment of the spawn process
++ :"kill-signal": signal to terminate the FastCGI process with,
++ defauls to SIGTERM
- package = 'lighttpd'
--version = '1.4.19'
-+version = '1.4.20'
+-
+ Examples
+ --------
+
+@@ -171,11 +166,11 @@
+ fastcgi.server = ( ".php" =>
+ (( "host" => "127.0.0.1",
+ "port" => 1026,
+- "bin-path" => "/usr/local/bin/php"
++ "bin-path" => "/usr/local/bin/php"
+ )),
+ ".php4" =>
+ (( "host" => "127.0.0.1",
+- "port" => 1026
++ "port" => 1026
+ ))
+ )
+
+@@ -183,10 +178,10 @@
+
+ fastcgi.server = ( "/remote_scripts/" =>
+ (( "host" => "192.168.0.3",
+- "port" => 9000,
++ "port" => 9000,
+ "check-local" => "disable",
+ "docroot" => "/" # remote server may use
+- # it's own docroot
++ # it's own docroot
+ ))
+ )
+
+@@ -206,7 +201,7 @@
+
+ fastcgi.server = ( "/remote_scripts/" =>
+ (( "host" => "10.0.0.2",
+- "port" => 9000,
++ "port" => 9000,
+ "docroot" => "/path_to_private_docs",
+ "mode" => "authorizer"
+ ))
+@@ -318,10 +313,10 @@
+ $ PHP_FCGI_CHILDREN=384 ./lighttpd -f ./lighttpd.conf
+
+ fastcgi.server = ( ".php" =>
+- (( "socket" => "/tmp/php.socket",
++ (( "socket" => "/tmp/php.socket",
+ "bin-path" => "/usr/local/bin/php",
+ "min-procs" => 1,
+- "max-procs" => 1,
++ "max-procs" => 1,
+ "max-load-per-proc" => 4,
+ "idle-timeout" => 20
+ ))
+@@ -408,7 +403,7 @@
+ "PHP_FCGI_CHILDREN" => "16",
+ "PHP_FCGI_MAX_REQUESTS" => "10000" ),
+ "bin-copy-environment" => (
+- "PATH", "SHELL", "USER" )
++ "PATH", "SHELL", "USER" )
+ ))
+ )
- def checkCHeaders(autoconf, hdrs):
- p = re.compile('[^A-Z0-9]')
+Index: SConstruct
+===================================================================
Index: Makefile.am
===================================================================
---- Makefile.am (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ Makefile.am (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -1,3 +1,3 @@
- SUBDIRS=src doc tests cygwin openwrt
+--- Makefile.am (.../tags/lighttpd-1.4.23)
++++ Makefile.am (.../branches/lighttpd-1.4.x)
+@@ -2,4 +2,6 @@
+
+ EXTRA_DIST=autogen.sh SConstruct
+
++ACLOCAL_AMFLAGS = -I m4
++
+ distcleancheck_listfiles = find -type f -exec sh -c 'test -f $(srcdir)/{} || echo {}' ';'
+Index: autogen.sh
+===================================================================
+--- autogen.sh (.../tags/lighttpd-1.4.23)
++++ autogen.sh (.../branches/lighttpd-1.4.x)
+@@ -1,27 +1,92 @@
+ #!/bin/sh
+ # Run this to generate all the initial makefiles, etc.
+
+-LIBTOOLIZE=${LIBTOOLIZE:-libtoolize}
+ LIBTOOLIZE_FLAGS="--copy --force"
+-ACLOCAL=${ACLOCAL:-aclocal}
+-AUTOHEADER=${AUTOHEADER:-autoheader}
+-AUTOMAKE=${AUTOMAKE:-automake}
+-AUTOMAKE_FLAGS="--add-missing --copy"
+-AUTOCONF=${AUTOCONF:-autoconf}
++AUTOMAKE_FLAGS="--add-missing --copy --foreign"
+
+ ARGV0=$0
++ARGS="$@"
+
+-set -e
+
+-
+ run() {
+- echo "$ARGV0: running \`$@'"
+- $@
++ echo "$ARGV0: running \`$@' $ARGS"
++ $@ $ARGS
+ }
--EXTRA_DIST=lighttpd.spec autogen.sh SConstruct
-+EXTRA_DIST=autogen.sh SConstruct
++## jump out if one of the programs returns 'false'
++set -e
++
++## on macosx glibtoolize, others have libtool
++if test x$LIBTOOLIZE = x; then
++ if test \! "x`which glibtoolize 2> /dev/null | grep -v '^no'`" = x; then
++ LIBTOOLIZE=glibtoolize
++ elif test \! "x`which libtoolize-1.5 2> /dev/null | grep -v '^no'`" = x; then
++ LIBTOOLIZE=libtoolize-1.5
++ elif test \! "x`which libtoolize 2> /dev/null | grep -v '^no'`" = x; then
++ LIBTOOLIZE=libtoolize
++ else
++ echo "libtoolize 1.5.x wasn't found, exiting"; exit 0
++ fi
++fi
++
++## suse has aclocal and aclocal-1.9
++if test x$ACLOCAL = x; then
++ if test \! "x`which aclocal-1.9 2> /dev/null | grep -v '^no'`" = x; then
++ ACLOCAL=aclocal-1.9
++ elif test \! "x`which aclocal19 2> /dev/null | grep -v '^no'`" = x; then
++ ACLOCAL=aclocal19
++ elif test \! "x`which aclocal 2> /dev/null | grep -v '^no'`" = x; then
++ ACLOCAL=aclocal
++ else
++ echo "automake 1.9.x (aclocal) wasn't found, exiting"; exit 0
++ fi
++fi
++
++if test x$AUTOMAKE = x; then
++ if test \! "x`which automake-1.9 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOMAKE=automake-1.9
++ elif test \! "x`which automake19 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOMAKE=automake19
++ elif test \! "x`which automake 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOMAKE=automake
++ else
++ echo "automake 1.9.x wasn't found, exiting"; exit 0
++ fi
++fi
++
++
++## macosx has autoconf-2.59 and autoconf-2.60
++if test x$AUTOCONF = x; then
++ if test \! "x`which autoconf-2.59 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOCONF=autoconf-2.59
++ elif test \! "x`which autoconf259 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOCONF=autoconf259
++ elif test \! "x`which autoconf 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOCONF=autoconf
++ else
++ echo "autoconf 2.59+ wasn't found, exiting"; exit 0
++ fi
++fi
++
++if test x$AUTOHEADER = x; then
++ if test \! "x`which autoheader-2.59 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOHEADER=autoheader-2.59
++ elif test \! "x`which autoheader259 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOHEADER=autoheader259
++ elif test \! "x`which autoheader 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOHEADER=autoheader
++ else
++ echo "autoconf 2.59+ (autoheader) wasn't found, exiting"; exit 0
++ fi
++fi
++
++mkdir -p m4
+ run $LIBTOOLIZE $LIBTOOLIZE_FLAGS
+-run $ACLOCAL $ACLOCAL_FLAGS
++run $ACLOCAL $ACLOCAL_FLAGS -I m4
+ run $AUTOHEADER
+ run $AUTOMAKE $AUTOMAKE_FLAGS
+ run $AUTOCONF
+-echo "Now type './configure ...' and 'make' to compile."
++
++if test "$ARGS" = "" ; then
++ echo "Now type './configure ...' and 'make' to compile."
++fi
Index: NEWS
===================================================================
---- NEWS (.../tags/lighttpd-1.4.19) (revision 2199)
-+++ NEWS (.../branches/lighttpd-1.4.x) (revision 2199)
-@@ -3,8 +3,33 @@
+--- NEWS (.../tags/lighttpd-1.4.23)
++++ NEWS (.../branches/lighttpd-1.4.x)
+@@ -3,7 +3,42 @@
NEWS
====
--- 1.4.19 -
-+- 1.4.20 -
-
-+ * Fix mod_compress to compile with old gcc version (#1592)
-+ * Fix mod_extforward to compile with old gcc version (#1591)
-+ * Update documentation for #1587
-+ * Fix #285 again: read error after SSL_shutdown (thx marton.illes@balabit.com) and clear the error queue before some other calls (CVE-2008-1531)
-+ * Fix mod_magnet: enable "request.method" and "request.protocol" in lighty.env (#1308)
-+ * Fix segfault for appending matched parts if there was no regex matching (just give empty strings) (#1601)
-+ * Use data_response_init in mod_fastcgi x-sendfile handling for response.headers, fix a small "memleak" (#1628)
-+ * Don't send empty Server headers (#1620)
-+ * Fix conditional interpretation of core options
-+ * Enable escaping of % and $ in redirect/rewrite; only two cases changed their behaviour: "%%" => "%", "$$" => "$"
-+ * Fix accesslog port (should be port from the connection, not the "server.port") (#1618)
-+ * Fix mod_fastcgi prefix matching: match the prefix always against url, not the absolute filepath (regardless of check-local)
-+ * Overwrite Content-Type header in mod_dirlisting instead of inserting (#1614), patch by Henrik Holst
-+ * Handle EINTR in mod_cgi during write() (#1640)
-+ * Allow all http status codes by default; disable body only for 204,205 and 304; generate error pages for 4xx and 5xx (#1639)
-+ * Fix mod_magnet to set con->mode = p->id if it generates content, so returning 4xx/5xx doesn't append an error page
-+ * Remove lighttpd.spec* from source, fixing all problems with it ;-)
-+ * Do not rely on PATH_MAX (POSIX does not require it) (#580)
-+ * Disable logging to access.log if filename is an empty string
-+ * Implement a clean way to open /dev/null and use it to close stdin/out/err in the needed places (#624)
-+ * merge spawn-fcgi changes from trunk (from @2191)
-+ * let spawn-fcgi propagate exit code from spawned fcgi application
+-- 1.4.23 -
++- 1.4.24 -
++ * Add T_CONFIG_INT for bigger integers from the config (needed for #1966)
++ * Use unsigned int (and T_CONFIG_INT) for max_request_size
++ * Use unsigned int for secdownload.timeout (fixes #1966)
++ * Keep url/host values from connection to display information while keep-alive in mod_status (fixes #1202)
++ * Add server.breakagelog, a "special" stderr (fixes #1863)
++ * Fix config evaluation for debug.log-timeouts option (#1529)
++ * Add "cgi.execute-x-only" to mod_cgi, requires +x for cgi scripts (fixes #2013)
++ * Fix FD_SETSIZE comparision warnings
++ * Add "lua-5.1" to searched pkg-config names for lua
++ * Fix unused function webdav_lockdiscovery in mod_webdav
++ * cmake: Fix crypt lib check
++ * cmake: Add -export-dynamic to link flags, fixes build on FreeBSD
++ * Set FD_CLOEXEC for bound sockets before pipe-logger forks (fixes #2026)
++ * Reset ignored signals to SIG_DFL before exec() in fastcgi/scgi (fixes #2029)
++ * Show "no uri specified -> 400" error only when "debug.log-request-header-on-error" is enabled (fixes #2030)
++ * Fix hanging connection in mod_scgi (fixes #2024)
++ * Allow digits in hostnames in more places (fixes #1148)
++ * Use connection_reset instead of handle_request_done for cleanup callbacks
++ * Change mod_expire to append Cache-Control instead of overwriting it (fixes #1997)
++ * Allow all comparisons for $SERVER["socket"] - only bind for "=="
++ * Remove strptime failed message (fixes #2031)
++ * Fix issues found with clang analyzer
++ * Try to fix server.tag issue with localized svnversion
++ * Fix handling network-write return values (#2024)
++ * Use disable-time in fastcgi for all disables after errors, default is 1sec (fixes #2040)
++ * Remove adaptive spawning code from fastcgi (was disabled for a long time)
++ * Allow mod_mysql_vhost to use stored procedures (fixes #2011, thx Ben Brown)
++ * Fix ipv6 in mod_proxy (fixes #2043)
++ * Print errors from include_shell to stderr
++ * Set tm.tm_isdst = 0 before mktime() (fixes #2047)
++ * Use linux-epoll by default if available (fixes #2021, thx Olaf van der Spek)
++ * Print an error if you use too many captures in a regex pattern (fixes #2059)
++ * Combine Cache-Control header value in mod_expire to existing HTTP header if header already added by other modules (fixes #2068)
+
-+- 1.4.19 - 2008-03-10
-+
- * added support for If-Range: <date> (#1346)
- * added support for matching $HTTP["scheme"] in configs
- * fixed initgroups() called after chroot (#1384)
-Index: .cvsignore
++- 1.4.23 - 2009-06-19
+ * Added some extra warning options in cmake and fix the resulting warnings (unused/static functions)
+ * New lighttpd man page (moved it to section 8) (fixes #1875)
+ * Create rrd file for empty rrdfile in mod_rrdtool (#1788)
+Index: CMakeLists.txt
===================================================================
-
-Property changes on: .
-___________________________________________________________________
-Name: svk:merge
- - 152afb58-edef-0310-8abb-c4023f1b3aa9:/branches/lighttpd-1.3.x:499
-152afb58-edef-0310-8abb-c4023f1b3aa9:/branches/lighttpd-1.4.11-ssl-fixes:1346
-152afb58-edef-0310-8abb-c4023f1b3aa9:/branches/lighttpd-merge-1.4.x:1041
-152afb58-edef-0310-8abb-c4023f1b3aa9:/tags/lighttpd-1.4.11:1042
-152afb58-edef-0310-8abb-c4023f1b3aa9:/tags/release-1.3.13:105
-152afb58-edef-0310-8abb-c4023f1b3aa9:/trunk:104
-a98e19e4-a712-0410-8832-6551a15ffc53:/local/branches/lighttpd-1.4.x:1557
-ebd0e9cf-3e47-4385-9dd4-f0e25e97baa2:/local/lighttpd/branches/lighttpd-1.4.x:2164
- + 152afb58-edef-0310-8abb-c4023f1b3aa9:/branches/lighttpd-1.3.x:499
-152afb58-edef-0310-8abb-c4023f1b3aa9:/branches/lighttpd-1.4.11-ssl-fixes:1346
-152afb58-edef-0310-8abb-c4023f1b3aa9:/branches/lighttpd-merge-1.4.x:1041
-152afb58-edef-0310-8abb-c4023f1b3aa9:/tags/lighttpd-1.4.11:1042
-152afb58-edef-0310-8abb-c4023f1b3aa9:/tags/release-1.3.13:105
-152afb58-edef-0310-8abb-c4023f1b3aa9:/trunk:104
-a98e19e4-a712-0410-8832-6551a15ffc53:/local/branches/lighttpd-1.4.x:1557
-ebd0e9cf-3e47-4385-9dd4-f0e25e97baa2:/local/lighttpd/branches/lighttpd-1.4.x:2250
-