Index: configure.in =================================================================== Index: src/configfile-glue.c =================================================================== --- src/configfile-glue.c (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/configfile-glue.c (.../branches/lighttpd-1.4.x) (revision 2060) @@ -341,6 +341,10 @@ } break; } + case COMP_HTTP_SCHEME: + l = con->uri.scheme; + break; + case COMP_HTTP_URL: l = con->uri.path; break; Index: src/base.h =================================================================== --- src/base.h (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/base.h (.../branches/lighttpd-1.4.x) (revision 2060) @@ -515,6 +515,7 @@ #ifdef USE_OPENSSL SSL_CTX *ssl_ctx; #endif + unsigned short is_proxy_ssl; } server_socket; typedef struct { Index: src/array.h =================================================================== --- src/array.h (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/array.h (.../branches/lighttpd-1.4.x) (revision 2060) @@ -90,6 +90,7 @@ COMP_HTTP_COOKIE, COMP_HTTP_REMOTEIP, COMP_HTTP_QUERYSTRING, + COMP_HTTP_SCHEME, COMP_LAST_ELEMENT } comp_key_t; Index: src/mod_staticfile.c =================================================================== --- src/mod_staticfile.c (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/mod_staticfile.c (.../branches/lighttpd-1.4.x) (revision 2060) @@ -483,8 +483,24 @@ /* if the value is the same as our ETag, we do a Range-request, * otherwise a full 200 */ - if (!buffer_is_equal(ds->value, con->physical.etag)) { + if (ds->value->ptr[0] == '"') { + /** + * client wants a ETag + */ + if (!con->physical.etag) { + do_range_request = 0; + } else if (!buffer_is_equal(ds->value, con->physical.etag)) { + do_range_request = 0; + } + } else if (!mtime) { + /** + * we don't have a Last-Modified and can match the If-Range: + * + * sending all + */ do_range_request = 0; + } else if (!buffer_is_equal(ds->value, mtime)) { + do_range_request = 0; } } Index: src/mod_scgi.c =================================================================== --- src/mod_scgi.c (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/mod_scgi.c (.../branches/lighttpd-1.4.x) (revision 2060) @@ -2694,8 +2694,9 @@ if (s_len < ct_len) continue; /* check extension in the form "/scgi_pattern" */ - if (*(extension->key->ptr) == '/' && strncmp(fn->ptr, extension->key->ptr, ct_len) == 0) { - break; + if (*(extension->key->ptr) == '/') { + if (strncmp(fn->ptr, extension->key->ptr, ct_len) == 0) + break; } else if (0 == strncmp(fn->ptr + s_len - ct_len, extension->key->ptr, ct_len)) { /* check extension in the form ".fcg" */ break; Index: src/response.c =================================================================== --- src/response.c (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/response.c (.../branches/lighttpd-1.4.x) (revision 2060) @@ -59,7 +59,8 @@ ds = (data_string *)con->response.headers->data[i]; if (ds->value->used && ds->key->used && - 0 != strncmp(ds->key->ptr, "X-LIGHTTPD-", sizeof("X-LIGHTTPD-") - 1)) { + 0 != strncmp(ds->key->ptr, "X-LIGHTTPD-", sizeof("X-LIGHTTPD-") - 1) && + 0 != strncmp(ds->key->ptr, "X-Sendfile", sizeof("X-Sendfile") - 1)) { if (buffer_is_equal_string(ds->key, CONST_STR_LEN("Date"))) have_date = 1; if (buffer_is_equal_string(ds->key, CONST_STR_LEN("Server"))) have_server = 1; @@ -180,6 +181,7 @@ buffer_copy_string_buffer(con->uri.authority, con->request.http_host); buffer_to_lower(con->uri.authority); + config_patch_connection(srv, con, COMP_HTTP_SCHEME); /* Scheme: */ config_patch_connection(srv, con, COMP_HTTP_HOST); /* Host: */ config_patch_connection(srv, con, COMP_HTTP_REMOTEIP); /* Client-IP */ config_patch_connection(srv, con, COMP_HTTP_REFERER); /* Referer: */ Index: src/mod_userdir.c =================================================================== --- src/mod_userdir.c (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/mod_userdir.c (.../branches/lighttpd-1.4.x) (revision 2060) @@ -21,6 +21,7 @@ array *include_user; buffer *path; buffer *basepath; + unsigned short letterhomes; } plugin_config; typedef struct { @@ -87,6 +88,7 @@ { "userdir.exclude-user", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 1 */ { "userdir.include-user", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 2 */ { "userdir.basepath", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 3 */ + { "userdir.letterhomes", NULL, T_CONFIG_BOOLEAN,T_CONFIG_SCOPE_CONNECTION }, /* 4 */ { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET } }; @@ -102,11 +104,13 @@ s->include_user = array_init(); s->path = buffer_init(); s->basepath = buffer_init(); + s->letterhomes = 0; cv[0].destination = s->path; cv[1].destination = s->exclude_user; cv[2].destination = s->include_user; cv[3].destination = s->basepath; + cv[4].destination = &(s->letterhomes); p->config_storage[i] = s; @@ -128,6 +132,7 @@ PATCH(exclude_user); PATCH(include_user); PATCH(basepath); + PATCH(letterhomes); /* skip the first, the global context */ for (i = 1; i < srv->config_context->used; i++) { @@ -149,6 +154,8 @@ PATCH(include_user); } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("userdir.basepath"))) { PATCH(basepath); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("userdir.letterhomes"))) { + PATCH(letterhomes); } } } @@ -253,6 +260,10 @@ buffer_copy_string_buffer(p->temp_path, p->conf.basepath); BUFFER_APPEND_SLASH(p->temp_path); + if (p->conf.letterhomes) { + buffer_append_string_len(p->temp_path, p->username->ptr, 1); + BUFFER_APPEND_SLASH(p->temp_path); + } buffer_append_string_buffer(p->temp_path, p->username); } BUFFER_APPEND_SLASH(p->temp_path); Index: src/mod_proxy.c =================================================================== --- src/mod_proxy.c (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/mod_proxy.c (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1093,15 +1093,17 @@ if (s_len < ct_len) continue; /* check extension in the form "/proxy_pattern" */ - if (*(extension->key->ptr) == '/' && strncmp(fn->ptr, extension->key->ptr, ct_len) == 0) { - if (s_len > ct_len + 1) { - char *pi_offset; + if (*(extension->key->ptr) == '/') { + if (strncmp(fn->ptr, extension->key->ptr, ct_len) == 0) { + if (s_len > ct_len + 1) { + char *pi_offset; - if (0 != (pi_offset = strchr(fn->ptr + ct_len + 1, '/'))) { - path_info_offset = pi_offset - fn->ptr; + if (0 != (pi_offset = strchr(fn->ptr + ct_len + 1, '/'))) { + path_info_offset = pi_offset - fn->ptr; + } } + break; } - break; } else if (0 == strncmp(fn->ptr + s_len - ct_len, extension->key->ptr, ct_len)) { /* check extension in the form ".fcg" */ break; Index: src/mod_extforward.c =================================================================== --- src/mod_extforward.c (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/mod_extforward.c (.../branches/lighttpd-1.4.x) (revision 2060) @@ -379,9 +379,15 @@ if (real_remote_addr != NULL) { /* parsed */ sock_addr sock; - struct addrinfo *addrs_left; + server_socket *srv_sock = con->srv_socket; + data_string *forwarded_proto = (data_string *) array_get_element(con->request.headers,"X-Forwarded-Proto"); + if (forwarded_proto && !strcmp(forwarded_proto->value->ptr, "https")) + srv_sock->is_proxy_ssl = 1; + else + srv_sock->is_proxy_ssl = 0; + if (con->conf.log_request_handling) { log_error_write(srv, __FILE__, __LINE__, "ss", "using address:", real_remote_addr); Index: src/Makefile.am =================================================================== --- src/Makefile.am (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/Makefile.am (.../branches/lighttpd-1.4.x) (revision 2060) @@ -281,4 +281,4 @@ #ajp_SOURCES = ajp.c noinst_HEADERS = $(hdr) -EXTRA_DIST = mod_skeleton.c configparser.y mod_ssi_exprparser.y lempar.c +EXTRA_DIST = mod_skeleton.c configparser.y mod_ssi_exprparser.y lempar.c SConscript Index: src/configparser.y =================================================================== --- src/configparser.y (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/configparser.y (.../branches/lighttpd-1.4.x) (revision 2060) @@ -422,6 +422,7 @@ { COMP_HTTP_COOKIE, CONST_STR_LEN("HTTP[\"cookie\"]" ) }, { COMP_HTTP_REMOTEIP, CONST_STR_LEN("HTTP[\"remoteip\"]" ) }, { COMP_HTTP_QUERYSTRING, CONST_STR_LEN("HTTP[\"querystring\"]") }, + { COMP_HTTP_SCHEME, CONST_STR_LEN("HTTP[\"scheme\"]" ) }, { COMP_UNSET, NULL, 0 }, }; size_t i; Index: src/mod_status.c =================================================================== --- src/mod_status.c (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/mod_status.c (.../branches/lighttpd-1.4.x) (revision 2060) @@ -560,6 +560,8 @@ double avg; time_t ts; char buf[32]; + unsigned int k; + unsigned int l; b = chunkqueue_get_append_buffer(con->write_queue); @@ -588,6 +590,22 @@ buffer_append_long(b, srv->conns->used); BUFFER_APPEND_STRING_CONST(b, "\n"); + BUFFER_APPEND_STRING_CONST(b, "IdleServers: "); + buffer_append_long(b, srv->conns->size - srv->conns->used); + BUFFER_APPEND_STRING_CONST(b, "\n"); + + /* output scoreboard */ + BUFFER_APPEND_STRING_CONST(b, "Scoreboard: "); + for (k = 0; k < srv->conns->used; k++) { + connection *c = srv->conns->ptr[k]; + const char *state = connection_get_short_state(c->state); + buffer_append_string_len(b, state, 1); + } + for (l = 0; l < srv->conns->size - srv->conns->used; l++) { + BUFFER_APPEND_STRING_CONST(b, "_"); + } + BUFFER_APPEND_STRING_CONST(b, "\n"); + /* set text/plain output */ response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/plain")); Index: src/mod_ssi.c =================================================================== --- src/mod_ssi.c (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/mod_ssi.c (.../branches/lighttpd-1.4.x) (revision 2060) @@ -36,6 +36,11 @@ #include #endif +#include "etag.h" + +/* The newest modified time of included files for include statement */ +static volatile time_t include_file_last_mtime = 0; + /* init the plugin data */ INIT_FUNC(mod_ssi_init) { plugin_data *p; @@ -575,6 +580,11 @@ break; case SSI_INCLUDE: chunkqueue_append_file(con->write_queue, p->stat_fn, 0, st.st_size); + + /* Keep the newest mtime of included files */ + if (st.st_mtime > include_file_last_mtime) + include_file_last_mtime = st.st_mtime; + break; } } else { @@ -912,6 +922,9 @@ build_ssi_cgi_vars(srv, con, p); p->if_is_false = 0; + /* Reset the modified time of included files */ + include_file_last_mtime = 0; + if (-1 == stream_open(&s, con->physical.path)) { log_error_write(srv, __FILE__, __LINE__, "sb", "stream-open: ", con->physical.path); @@ -1010,6 +1023,30 @@ response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/html")); + { + /* Generate "ETag" & "Last-Modified" headers */ + + stat_cache_entry *sce = NULL; + time_t lm_time = 0; + buffer *mtime = NULL; + + stat_cache_get_entry(srv, con, con->physical.path, &sce); + + etag_mutate(con->physical.etag, sce->etag); + response_header_overwrite(srv, con, CONST_STR_LEN("ETag"), CONST_BUF_LEN(con->physical.etag)); + + if (sce->st.st_mtime > include_file_last_mtime) + lm_time = sce->st.st_mtime; + else + lm_time = include_file_last_mtime; + + mtime = strftime_cache_get(srv, lm_time); + response_header_overwrite(srv, con, CONST_STR_LEN("Last-Modified"), CONST_BUF_LEN(mtime)); + } + + /* Reset the modified time of included files */ + include_file_last_mtime = 0; + /* reset physical.path */ buffer_reset(con->physical.path); Index: src/spawn-fcgi.c =================================================================== --- src/spawn-fcgi.c (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/spawn-fcgi.c (.../branches/lighttpd-1.4.x) (revision 2060) @@ -37,7 +37,7 @@ #endif #ifdef HAVE_SYS_UN_H -int fcgi_spawn_connection(char *appPath, char *addr, unsigned short port, const char *unixsocket, int child_count, int pid_fd, int nofork) { +int fcgi_spawn_connection(char *appPath, char **appArgv, char *addr, unsigned short port, const char *unixsocket, int child_count, int pid_fd, int nofork) { int fcgi_fd; int socket_type, status; struct timeval tv = { 0, 100 * 1000 }; @@ -137,11 +137,10 @@ switch (child) { case 0: { char cgi_childs[64]; - char *b; int i = 0; - /* is save as we limit to 256 childs */ + /* is safe as we limit to 256 childs */ sprintf(cgi_childs, "PHP_FCGI_CHILDREN=%d", child_count); if(fcgi_fd != FCGI_LISTENSOCK_FILENO) { @@ -160,13 +159,18 @@ putenv(cgi_childs); /* fork and replace shell */ - b = malloc(strlen("exec ") + strlen(appPath) + 1); - strcpy(b, "exec "); - strcat(b, appPath); + if (appArgv) { + execv(appArgv[0], appArgv); - /* exec the cgi */ - execl("/bin/sh", "sh", "-c", b, (char *)NULL); + } else { + char *b = malloc(strlen("exec ") + strlen(appPath) + 1); + strcpy(b, "exec "); + strcat(b, appPath); + /* exec the cgi */ + execl("/bin/sh", "sh", "-c", b, (char *)NULL); + } + exit(errno); break; @@ -239,9 +243,12 @@ } void show_help () { - char *b = "spawn-fcgi" "-" PACKAGE_VERSION \ -" - spawns fastcgi processes\n" \ -"usage:\n" \ + char *b = \ +"Usage: spawn-fcgi [options] -- [fcgi app arguments]\n" \ +"\n" \ +"spawn-fcgi v" PACKAGE_VERSION " - spawns fastcgi processes\n" \ +"\n" \ +"Options:\n" \ " -f filename of the fcgi-application\n" \ " -a bind to ip address\n" \ " -p bind to tcp-port\n" \ @@ -264,6 +271,7 @@ char *fcgi_app = NULL, *changeroot = NULL, *username = NULL, *groupname = NULL, *unixsocket = NULL, *pid_file = NULL, *addr = NULL; + char **fcgi_app_argv = { NULL }; unsigned short port = 0; int child_count = 5; int i_am_root, o; @@ -274,7 +282,7 @@ i_am_root = (getuid() == 0); - while(-1 != (o = getopt(argc, argv, "c:f:g:hna:p:u:vC:s:P:"))) { + while(-1 != (o = getopt(argc, argv, "c:f:g:hna:p:u:vC:s:P:"))) { switch(o) { case 'f': fcgi_app = optarg; break; case 'a': addr = optarg;/* ip addr */ break; @@ -294,7 +302,11 @@ } } - if (fcgi_app == NULL || (port == 0 && unixsocket == NULL)) { + if (optind < argc) { + fcgi_app_argv = &argv[optind]; + } + + if ((fcgi_app == NULL && fcgi_app_argv == NULL) || (port == 0 && unixsocket == NULL)) { show_help(); return -1; } @@ -404,6 +416,18 @@ } } + /* + * Change group before chroot, when we have access + * to /etc/group + */ + if (groupname) { + setgid(grp->gr_gid); + setgroups(0, NULL); + if (username) { + initgroups(username, grp->gr_gid); + } + } + if (changeroot) { if (-1 == chroot(changeroot)) { fprintf(stderr, "%s.%d: %s %s\n", @@ -420,18 +444,12 @@ } /* drop root privs */ - if (groupname) { - setgid(grp->gr_gid); - } if (username) { - if (groupname) { - initgroups(username, grp->gr_gid); - } setuid(pwd->pw_uid); } } - return fcgi_spawn_connection(fcgi_app, addr, port, unixsocket, child_count, pid_fd, nofork); + return fcgi_spawn_connection(fcgi_app, fcgi_app_argv, addr, port, unixsocket, child_count, pid_fd, nofork); } #else int main() { Index: src/mod_auth.c =================================================================== --- src/mod_auth.c (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/mod_auth.c (.../branches/lighttpd-1.4.x) (revision 2060) @@ -238,13 +238,13 @@ int auth_type_len = auth_realm - http_authorization; if ((auth_type_len == 5) && - (0 == strncmp(http_authorization, "Basic", auth_type_len))) { + (0 == strncasecmp(http_authorization, "Basic", auth_type_len))) { if (0 == strcmp(method->value->ptr, "basic")) { auth_satisfied = http_auth_basic_check(srv, con, p, req, con->uri.path, auth_realm+1); } } else if ((auth_type_len == 6) && - (0 == strncmp(http_authorization, "Digest", auth_type_len))) { + (0 == strncasecmp(http_authorization, "Digest", auth_type_len))) { if (0 == strcmp(method->value->ptr, "digest")) { if (-1 == (auth_satisfied = http_auth_digest_check(srv, con, p, req, con->uri.path, auth_realm+1))) { con->http_status = 400; Index: src/mod_fastcgi.c =================================================================== --- src/mod_fastcgi.c (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/mod_fastcgi.c (.../branches/lighttpd-1.4.x) (revision 2060) @@ -162,8 +162,8 @@ * if host is one of the local IP adresses the * whole connection is local * - * if tcp/ip should be used host AND port have - * to be specified + * if port is not 0, and host is not specified, + * "localhost" (INADDR_LOOPBACK) is assumed. * */ buffer *host; @@ -823,12 +823,12 @@ fcgi_addr_in.sin_family = AF_INET; if (buffer_is_empty(host->host)) { - fcgi_addr_in.sin_addr.s_addr = htonl(INADDR_ANY); + fcgi_addr_in.sin_addr.s_addr = htonl(INADDR_LOOPBACK); } else { struct hostent *he; /* set a useful default */ - fcgi_addr_in.sin_addr.s_addr = htonl(INADDR_ANY); + fcgi_addr_in.sin_addr.s_addr = htonl(INADDR_LOOPBACK); if (NULL == (he = gethostbyname(host->host->ptr))) { @@ -858,7 +858,11 @@ fcgi_addr = (struct sockaddr *) &fcgi_addr_in; buffer_copy_string(proc->connection_name, "tcp:"); - buffer_append_string_buffer(proc->connection_name, host->host); + if (!buffer_is_empty(host->host)) { + buffer_append_string_buffer(proc->connection_name, host->host); + } else { + buffer_append_string(proc->connection_name, "localhost"); + } buffer_append_string(proc->connection_name, ":"); buffer_append_long(proc->connection_name, proc->port); } @@ -1687,12 +1691,16 @@ #endif } else { fcgi_addr_in.sin_family = AF_INET; - if (0 == inet_aton(host->host->ptr, &(fcgi_addr_in.sin_addr))) { - log_error_write(srv, __FILE__, __LINE__, "sbs", - "converting IP address failed for", host->host, - "\nBe sure to specify an IP address here"); - - return -1; + if (!buffer_is_empty(host->host)) { + if (0 == inet_aton(host->host->ptr, &(fcgi_addr_in.sin_addr))) { + log_error_write(srv, __FILE__, __LINE__, "sbs", + "converting IP address failed for", host->host, + "\nBe sure to specify an IP address here"); + + return -1; + } + } else { + fcgi_addr_in.sin_addr.s_addr = htonl(INADDR_LOOPBACK); } fcgi_addr_in.sin_port = htons(proc->port); servlen = sizeof(fcgi_addr_in); @@ -1702,7 +1710,11 @@ if (buffer_is_empty(proc->connection_name)) { /* on remote spawing we have to set the connection-name now */ buffer_copy_string(proc->connection_name, "tcp:"); - buffer_append_string_buffer(proc->connection_name, host->host); + if (!buffer_is_empty(host->host)) { + buffer_append_string_buffer(proc->connection_name, host->host); + } else { + buffer_append_string(proc->connection_name, "localhost"); + } buffer_append_string(proc->connection_name, ":"); buffer_append_long(proc->connection_name, proc->port); } @@ -2045,13 +2057,10 @@ s = get_http_version_name(con->request.http_version); FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("SERVER_PROTOCOL"), s, strlen(s)),con) -#ifdef USE_OPENSSL - if (srv_sock->is_ssl) { + if (srv_sock->is_ssl || srv_sock->is_proxy_ssl) { FCGI_ENV_ADD_CHECK(fcgi_env_add(p->fcgi_env, CONST_STR_LEN("HTTPS"), CONST_STR_LEN("on")),con) } -#endif - FCGI_ENV_ADD_CHECK(fcgi_env_add_request_headers(srv, con, p), con); fcgi_header(&(header), FCGI_PARAMS, request_id, p->fcgi_env->used, 0); @@ -2530,15 +2539,28 @@ } if (host->allow_xsendfile && - NULL != (ds = (data_string *) array_get_element(con->response.headers, "X-LIGHTTPD-send-file"))) { + (NULL != (ds = (data_string *) array_get_element(con->response.headers, "X-LIGHTTPD-send-file")) + || NULL != (ds = (data_string *) array_get_element(con->response.headers, "X-Sendfile")))) { stat_cache_entry *sce; if (HANDLER_ERROR != stat_cache_get_entry(srv, con, ds->value, &sce)) { + data_string *dcls = data_string_init(); /* found */ - http_chunk_append_file(srv, con, ds->value, 0, sce->st.st_size); hctx->send_content_body = 0; /* ignore the content */ joblist_append(srv, con); + + buffer_copy_string_len(dcls->key, "Content-Length", sizeof("Content-Length")-1); + buffer_copy_long(dcls->value, sce->st.st_size); + dcls = (data_string*) array_replace(con->response.headers, (data_unset *)dcls); + if (dcls) dcls->free((data_unset*)dcls); + + con->parsed_response |= HTTP_CONTENT_LENGTH; + con->response.content_length = sce->st.st_size; + } else { + log_error_write(srv, __FILE__, __LINE__, "sb", + "send-file error: couldn't get stat_cache entry for:", + ds->value); } } @@ -2719,9 +2741,14 @@ int ret; - /* sanity check */ + /* sanity check: + * - host != NULL + * - either: + * - tcp socket (do not check host->host->uses, as it may be not set which means INADDR_LOOPBACK) + * - unix socket + */ if (!host || - ((!host->host->used || !host->port) && !host->unixsocket->used)) { + (!host->port && !host->unixsocket->used)) { log_error_write(srv, __FILE__, __LINE__, "sxddd", "write-req: error", host, @@ -3456,8 +3483,9 @@ if (s_len < ct_len) continue; /* check extension in the form "/fcgi_pattern" */ - if (*(extension->key->ptr) == '/' && strncmp(fn->ptr, extension->key->ptr, ct_len) == 0) { - break; + if (*(extension->key->ptr) == '/') { + if (strncmp(fn->ptr, extension->key->ptr, ct_len) == 0) + break; } else if (0 == strncmp(fn->ptr + s_len - ct_len, extension->key->ptr, ct_len)) { /* check extension in the form ".fcg" */ break; @@ -3473,7 +3501,7 @@ for (k = 0; k < extension->used; k++) { host = extension->hosts[k]; - /* we should have at least one proc that can do somthing */ + /* we should have at least one proc that can do something */ if (host->active_procs == 0) { host = NULL; Index: src/server.c =================================================================== --- src/server.c (.../tags/lighttpd-1.4.18) (revision 2060) +++ src/server.c (.../branches/lighttpd-1.4.x) (revision 2060) @@ -759,6 +759,19 @@ return -1; } +#ifdef HAVE_PWD_H + /* + * Change group before chroot, when we have access + * to /etc/group + * */ + if (srv->srvconf.groupname->used) { + setgid(grp->gr_gid); + setgroups(0, NULL); + if (srv->srvconf.username->used) { + initgroups(srv->srvconf.username->ptr, grp->gr_gid); + } + } +#endif #ifdef HAVE_CHROOT if (srv->srvconf.changeroot->used) { tzset(); @@ -775,15 +788,7 @@ #endif #ifdef HAVE_PWD_H /* drop root privs */ - if (srv->srvconf.groupname->used) { - setgid(grp->gr_gid); - setgroups(0, NULL); - } - if (srv->srvconf.username->used) { - if (srv->srvconf.groupname->used) { - initgroups(srv->srvconf.username->ptr, grp->gr_gid); - } setuid(pwd->pw_uid); } #endif @@ -891,6 +896,17 @@ pid_fd = -1; } + // Close stderr ASAP in the child process to make sure that nothing + // is being written to that fd which may not be valid anymore. + if (-1 == log_error_open(srv)) { + log_error_write(srv, __FILE__, __LINE__, "s", "Opening errorlog failed. Going down."); + + plugins_free(srv); + network_close(srv); + server_free(srv); + return -1; + } + if (HANDLER_GO_ON != plugins_call_set_defaults(srv)) { log_error_write(srv, __FILE__, __LINE__, "s", "Configuration of plugins failed. Going down."); @@ -941,15 +957,7 @@ return -1; } - if (-1 == log_error_open(srv)) { - log_error_write(srv, __FILE__, __LINE__, "s", - "opening errorlog failed, dying"); - plugins_free(srv); - network_close(srv); - server_free(srv); - return -1; - } #ifdef HAVE_SIGACTION Index: tests/mod-access.t =================================================================== --- tests/mod-access.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/mod-access.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,9 +1,9 @@ #!/usr/bin/env perl BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/mod-auth.t =================================================================== --- tests/mod-auth.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/mod-auth.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,14 +1,14 @@ #!/usr/bin/env perl BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; use IO::Socket; -use Test::More tests => 13; +use Test::More tests => 14; use LightyTest; my $tf = LightyTest->new(); @@ -48,6 +48,16 @@ $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token - htpasswd (des)'); +$t->{REQUEST} = ( <{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; +ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token - htpasswd (des) (lowercase)'); + + SKIP: { skip "no md5 for crypt under cygwin", 1 if $^O eq 'cygwin'; $t->{REQUEST} = ( < "text/html" ) + +cgi.assign = (".pl" => "/usr/bin/perl" ) + +extforward.forwarder = ( + "127.0.0.1" => "trust", +) Index: tests/symlink.t =================================================================== Index: tests/request.t =================================================================== --- tests/request.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/request.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,9 +1,9 @@ #!/usr/bin/env perl BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/mod-userdir.t =================================================================== --- tests/mod-userdir.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/mod-userdir.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,9 +1,9 @@ #!/usr/bin/env perl BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/core-keepalive.t =================================================================== --- tests/core-keepalive.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/core-keepalive.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,10 +1,9 @@ #!/usr/bin/env perl - BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/mod-proxy.t =================================================================== Index: tests/env-variables.t =================================================================== Index: tests/core-var-include.t =================================================================== --- tests/core-var-include.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/core-var-include.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,9 +1,9 @@ #!/usr/bin/env perl BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/mod-extforward.t =================================================================== --- tests/mod-extforward.t (.../tags/lighttpd-1.4.18) (revision 0) +++ tests/mod-extforward.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -0,0 +1,41 @@ +#!/usr/bin/env perl +BEGIN { + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; +} + +use strict; +use IO::Socket; +use Test::More tests => 2; +use LightyTest; + +my $tf = LightyTest->new(); +my $t; + +$tf->{CONFIGFILE} = 'mod-extforward.conf'; + +ok($tf->start_proc == 0, "Starting lighttpd") or die(); + +## check if If-Modified-Since, If-None-Match works + +$t->{REQUEST} = ( <{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'HTTP-Content' => '127.0.10.1' } ]; +ok($tf->handle_http($t) == 0, 'expect 127.0.10.1'); + +$t->{REQUEST} = ( <{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'HTTP-Content' => '127.0.20.1' } ]; +ok($tf->handle_http($t) == 0, 'expect 127.0.20.1'); + +ok($tf->stop_proc == 0, "Stopping lighttpd"); Property changes on: tests/mod-extforward.t ___________________________________________________________________ Name: svn:executable + * Index: tests/core-request.t =================================================================== --- tests/core-request.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/core-request.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,9 +1,9 @@ #!/usr/bin/env perl BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/mod-redirect.t =================================================================== --- tests/mod-redirect.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/mod-redirect.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,9 +1,9 @@ #!/usr/bin/env perl BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/mod-cgi.t =================================================================== --- tests/mod-cgi.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/mod-cgi.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,9 +1,9 @@ #!/usr/bin/env perl BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/mod-setenv.t =================================================================== --- tests/mod-setenv.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/mod-setenv.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,10 +1,9 @@ #!/usr/bin/env perl - BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/cachable.t =================================================================== --- tests/cachable.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/cachable.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,9 +1,9 @@ #!/usr/bin/env perl BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/lowercase.t =================================================================== --- tests/lowercase.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/lowercase.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,9 +1,9 @@ #!/usr/bin/env perl BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/core.t =================================================================== --- tests/core.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/core.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,10 +1,9 @@ #!/usr/bin/env perl - BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/mod-fastcgi.t =================================================================== --- tests/mod-fastcgi.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/mod-fastcgi.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,9 +1,9 @@ #!/usr/bin/env perl BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/mod-rewrite.t =================================================================== --- tests/mod-rewrite.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/mod-rewrite.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,9 +1,9 @@ #!/usr/bin/env perl BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/docroot/www/ip.pl =================================================================== --- tests/docroot/www/ip.pl (.../tags/lighttpd-1.4.18) (revision 0) +++ tests/docroot/www/ip.pl (.../branches/lighttpd-1.4.x) (revision 2060) @@ -0,0 +1,5 @@ +#!/usr/bin/perl +print "Content-Type: text/html\r\n\r\n"; +print $ENV{'REMOTE_ADDR'}; + +0; Property changes on: tests/docroot/www/ip.pl ___________________________________________________________________ Name: svn:executable + * Index: tests/Makefile.am =================================================================== --- tests/Makefile.am (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/Makefile.am (.../branches/lighttpd-1.4.x) (revision 2060) @@ -31,14 +31,20 @@ core-response.t \ core-keepalive.t \ core.t \ + mod-proxy.t \ + proxy.conf \ + mod-secdownload.t \ mod-access.t \ mod-auth.t \ mod-cgi.t \ mod-compress.t \ mod-fastcgi.t \ mod-redirect.t \ + mod-rewrite.t \ mod-userdir.t \ - mod-rewrite.t \ + env-variables.t \ + env-variables.conf \ + symlink.t \ request.t \ mod-ssi.t \ LightyTest.pm \ @@ -49,12 +55,12 @@ core-404-handler.t \ 404-handler.conf - TESTS_ENVIRONMENT=$(srcdir)/wrapper.sh $(srcdir) $(top_builddir) EXTRA_DIST=wrapper.sh lighttpd.conf \ lighttpd.user \ lighttpd.htpasswd \ + SConscript \ $(CONFS) \ $(TESTS) Index: tests/core-404-handler.t =================================================================== --- tests/core-404-handler.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/core-404-handler.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -10,10 +10,10 @@ # returning no status -> 200 # BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/mod-compress.t =================================================================== --- tests/mod-compress.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/mod-compress.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,9 +1,9 @@ #!/usr/bin/env perl BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/mod-ssi.t =================================================================== --- tests/mod-ssi.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/mod-ssi.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,9 +1,9 @@ #!/usr/bin/env perl BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: tests/core-condition.t =================================================================== --- tests/core-condition.t (.../tags/lighttpd-1.4.18) (revision 2060) +++ tests/core-condition.t (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,9 +1,9 @@ #!/usr/bin/env perl BEGIN { - # add current source dir to the include-path - # we need this for make distcheck - (my $srcdir = $0) =~ s#/[^/]+$#/#; - unshift @INC, $srcdir; + # add current source dir to the include-path + # we need this for make distcheck + (my $srcdir = $0) =~ s,/[^/]+$,/,; + unshift @INC, $srcdir; } use strict; Index: doc/configuration.txt =================================================================== --- doc/configuration.txt (.../tags/lighttpd-1.4.18) (revision 2060) +++ doc/configuration.txt (.../branches/lighttpd-1.4.x) (revision 2060) @@ -85,6 +85,8 @@ $HTTP["cookie"] match on cookie +$HTTP["scheme"] + match on scheme $HTTP["host"] match on host $HTTP["useragent"] Index: doc/lighttpd.conf =================================================================== --- doc/lighttpd.conf (.../tags/lighttpd-1.4.18) (revision 2060) +++ doc/lighttpd.conf (.../branches/lighttpd-1.4.x) (revision 2060) @@ -72,6 +72,7 @@ ".ogg" => "application/ogg", ".wav" => "audio/x-wav", ".gif" => "image/gif", + ".jar" => "application/x-java-archive", ".jpg" => "image/jpeg", ".jpeg" => "image/jpeg", ".png" => "image/png", Index: SConstruct =================================================================== Index: Makefile.am =================================================================== --- Makefile.am (.../tags/lighttpd-1.4.18) (revision 2060) +++ Makefile.am (.../branches/lighttpd-1.4.x) (revision 2060) @@ -1,3 +1,3 @@ SUBDIRS=src doc tests cygwin openwrt -EXTRA_DIST=lighttpd.spec +EXTRA_DIST=lighttpd.spec autogen.sh SConstruct Index: NEWS =================================================================== --- NEWS (.../tags/lighttpd-1.4.18) (revision 2060) +++ NEWS (.../branches/lighttpd-1.4.x) (revision 2060) @@ -3,6 +3,24 @@ NEWS ==== +- 1.4.19 - + + * added support for If-Range: (#1346) + * added support for matching $HTTP["scheme"] in configs + * fixed initgroups() called after chroot (#1384) + * fixed case-sensitive check for Auth-Method (#1456) + * execute fcgi app without /bin/sh if used as argument to spawn-fcgi (#1428) + * fixed a bug that made /-prefixed extensions being handled also when + matching the end of the uri in fcgi,scgi and proxy modules (#1489) + * print error if X-LIGHTTPD-send-file cannot be done; reset header + Content-Length for send-file. Patches by Stefan Buhler + * prevent crash in certain php-fcgi configurations (#841) + * add IdleServers and Scoreboard directives in ?auto mode for mod_status (#1507) + * open log immediately after daemonizing, fixes SIGPIPEs on startup (#165) + * HTTPS env var should be "on" when using mod_extforward and the X-Forwarded-Proto header is set. (#1499) + * generate ETag and Last-Modified headers for mod_ssi based on newest modified include (#1491) + * support letterhomes in mod_userdir (#1473) + - 1.4.18 - 2007-09-09 * fixed compile error on IRIX 6.5.x on prctl() (#1333) Index: lighttpd.spec.in =================================================================== --- lighttpd.spec.in (.../tags/lighttpd-1.4.18) (revision 2060) +++ lighttpd.spec.in (.../branches/lighttpd-1.4.x) (revision 2060) @@ -6,21 +6,19 @@ Packager: Jan Kneschke License: BSD Group: Networking/Daemons -URL: http://jan.kneschke.de/projects/lighttpd/ +URL: http://www.lighttpd.net/ Requires: pcre >= 3.1 zlib -BuildPrereq: libtool zlib-devel +BuildRequires: libtool zlib-devel BuildRoot: %{_tmppath}/%{name}-root - %description lighttpd is intented to be a frontend for ad-servers which have to deliver small files concurrently to many connections. -Available rpmbuild rebuild options : ---with : ssl mysql lua memcache +Available rpmbuild rebuild options: +--with: ssl mysql lua memcache %prep - %setup -q %build @@ -33,14 +31,13 @@ make %install - %makeinstall mkdir -p %{buildroot}%{_sysconfdir}/{init.d,sysconfig} -if test -f /etc/redhat-release -o -f /etc/fedora-release; then - install -m 755 doc/rc.lighttpd.redhat %{buildroot}%{_sysconfdir}/init.d/lighttpd +if [ -f /etc/redhat-release -o -f /etc/fedora-release ]; then + install -m 755 doc/rc.lighttpd.redhat %{buildroot}%{_sysconfdir}/init.d/lighttpd else - install -m 755 doc/rc.lighttpd %{buildroot}%{_sysconfdir}/init.d/lighttpd + install -m 755 doc/rc.lighttpd %{buildroot}%{_sysconfdir}/init.d/lighttpd fi install -m 644 doc/sysconfig.lighttpd %{buildroot}%{_sysconfdir}/sysconfig/lighttpd @@ -49,16 +46,16 @@ %post ## read http://www.fedora.us/docs/spec.html next time :) -if test "$1" = "1"; then - # real install, not upgrade - /sbin/chkconfig --add lighttpd +if [ "$1" = "1" ]; then + # real install, not upgrade + /sbin/chkconfig --add lighttpd fi %preun -if test "$1" = "0"; then - # real uninstall, not upgrade - %{_sysconfdir}/init.d/lighttpd stop - /sbin/chkconfig --del lighttpd +if [ "$1" = "0"]; then + # real uninstall, not upgrade + %{_sysconfdir}/init.d/lighttpd stop + /sbin/chkconfig --del lighttpd fi %files