1 /* Copyright 1999-2004 The Apache Software Foundation
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
17 * _ __ ___ ___ __| | _ __ _____ ___ __(_) |_ ___
18 * | '_ ` _ \ / _ \ / _` | | '__/ _ \ \ /\ / / '__| | __/ _ \
19 * | | | | | | (_) | (_| | | | | __/\ V V /| | | | || __/
20 * |_| |_| |_|\___/ \__,_|___|_| \___| \_/\_/ |_| |_|\__\___|
23 * URL Rewriting Module
25 * This module uses a rule-based rewriting engine (based on a
26 * regular-expression parser) to rewrite requested URLs on the fly.
28 * It supports an unlimited number of additional rule conditions (which can
29 * operate on a lot of variables, even on HTTP headers) for granular
30 * matching and even external database lookups (either via plain text
31 * tables, DBM hash files or even external processes) for advanced URL
34 * It operates on the full URLs (including the PATH_INFO part) both in
35 * per-server context (httpd.conf) and per-dir context (.htaccess) and even
36 * can generate QUERY_STRING parts on result. The rewriting result finally
37 * can lead to internal subprocessing, external request redirection or even
38 * to internal proxy throughput.
40 * This module was originally written in April 1996 and
41 * gifted exclusively to the The Apache Software Foundation in July 1997 by
49 #include "apr_strings.h"
53 #include "apr_signal.h"
54 #include "apr_global_mutex.h"
58 #include "apr_thread_mutex.h"
61 #define APR_WANT_MEMFUNC
62 #define APR_WANT_STRFUNC
63 #define APR_WANT_IOVEC
66 /* XXX: Do we really need these headers? */
70 #if APR_HAVE_SYS_TYPES_H
71 #include <sys/types.h>
83 #include "ap_config.h"
85 #include "http_config.h"
86 #include "http_request.h"
87 #include "http_core.h"
89 #include "http_protocol.h"
90 #include "http_vhost.h"
92 #include "mod_rewrite.h"
94 #if !defined(OS2) && !defined(WIN32) && !defined(BEOS) && !defined(NETWARE)
96 #define MOD_REWRITE_SET_MUTEX_PERMS /* XXX Apache should define something */
100 * in order to improve performance on running production systems, you
101 * may strip all rewritelog code entirely from mod_rewrite by using the
102 * -DREWRITELOG_DISABLED compiler option.
104 * DO NOT USE THIS OPTION FOR PUBLIC BINARY RELEASES. Otherwise YOU are
105 * responsible for answering all the mod_rewrite questions out there.
107 #ifndef REWRITELOG_DISABLED
109 #define rewritelog(x) do_rewritelog x
110 #define REWRITELOG_MODE ( APR_UREAD | APR_UWRITE | APR_GREAD | APR_WREAD )
111 #define REWRITELOG_FLAGS ( APR_WRITE | APR_APPEND | APR_CREATE )
113 #else /* !REWRITELOG_DISABLED */
115 #define rewritelog(x)
117 #endif /* REWRITELOG_DISABLED */
119 /* remembered mime-type for [T=...] */
120 #define REWRITE_FORCED_MIMETYPE_NOTEVAR "rewrite-forced-mimetype"
121 #define REWRITE_FORCED_HANDLER_NOTEVAR "rewrite-forced-handler"
123 #define ENVVAR_SCRIPT_URL "SCRIPT_URL"
124 #define REDIRECT_ENVVAR_SCRIPT_URL "REDIRECT_" ENVVAR_SCRIPT_URL
125 #define ENVVAR_SCRIPT_URI "SCRIPT_URI"
127 #define CONDFLAG_NONE 1<<0
128 #define CONDFLAG_NOCASE 1<<1
129 #define CONDFLAG_NOTMATCH 1<<2
130 #define CONDFLAG_ORNEXT 1<<3
132 #define RULEFLAG_NONE 1<<0
133 #define RULEFLAG_FORCEREDIRECT 1<<1
134 #define RULEFLAG_LASTRULE 1<<2
135 #define RULEFLAG_NEWROUND 1<<3
136 #define RULEFLAG_CHAIN 1<<4
137 #define RULEFLAG_IGNOREONSUBREQ 1<<5
138 #define RULEFLAG_NOTMATCH 1<<6
139 #define RULEFLAG_PROXY 1<<7
140 #define RULEFLAG_PASSTHROUGH 1<<8
141 #define RULEFLAG_QSAPPEND 1<<9
142 #define RULEFLAG_NOCASE 1<<10
143 #define RULEFLAG_NOESCAPE 1<<11
144 #define RULEFLAG_NOSUB 1<<12
145 #define RULEFLAG_STATUS 1<<13
147 /* return code of the rewrite rule
148 * the result may be escaped - or not
150 #define ACTION_NORMAL 1<<0
151 #define ACTION_NOESCAPE 1<<1
152 #define ACTION_STATUS 1<<2
155 #define MAPTYPE_TXT 1<<0
156 #define MAPTYPE_DBM 1<<1
157 #define MAPTYPE_PRG 1<<2
158 #define MAPTYPE_INT 1<<3
159 #define MAPTYPE_RND 1<<4
161 #define ENGINE_DISABLED 1<<0
162 #define ENGINE_ENABLED 1<<1
164 #define OPTION_NONE 1<<0
165 #define OPTION_INHERIT 1<<1
168 #define RAND_MAX 32767
171 /* max cookie size in rfc 2109 */
172 /* XXX: not used at all. We should do a check somewhere and/or cut the cookie */
173 #define MAX_COOKIE_LEN 4096
175 /* default maximum number of internal redirects */
176 #define REWRITE_REDIRECT_LIMIT 10
178 /* max line length (incl.\n) in text rewrite maps */
179 #ifndef REWRITE_MAX_TXT_MAP_LINE
180 #define REWRITE_MAX_TXT_MAP_LINE 1024
183 /* max response length (incl.\n) in prg rewrite maps */
184 #ifndef REWRITE_MAX_PRG_MAP_LINE
185 #define REWRITE_MAX_PRG_MAP_LINE 2048
188 /* for better readbility */
189 #define LEFT_CURLY '{'
190 #define RIGHT_CURLY '}'
193 * expansion result items on the stack to save some cycles
195 * (5 == about 2 variables like "foo%{var}bar%{var}baz")
197 #define SMALL_EXPANSION 5
200 * check that a subrequest won't cause infinite recursion
202 * either not in a subrequest, or in a subrequest
203 * and URIs aren't NULL and sub/main URIs differ
205 #define subreq_ok(r) (!r->main || \
206 (r->main->uri && r->uri && strcmp(r->main->uri, r->uri)))
210 * +-------------------------------------------------------+
212 * | Types and Structures
214 * +-------------------------------------------------------+
218 const char *datafile; /* filename for map data files */
219 const char *dbmtype; /* dbm type for dbm map data files */
220 const char *checkfile; /* filename to check for map existence */
221 int type; /* the type of the map */
222 apr_file_t *fpin; /* in file pointer for program maps */
223 apr_file_t *fpout; /* out file pointer for program maps */
224 apr_file_t *fperr; /* err file pointer for program maps */
225 char *(*func)(request_rec *, /* function pointer for internal maps */
227 char **argv; /* argv of the external rewrite map */
230 /* special pattern types for RewriteCond */
246 char *input; /* Input string of RewriteCond */
247 char *pattern; /* the RegExp pattern string */
248 regex_t *regexp; /* the precompiled regexp */
249 int flags; /* Flags which control the match */
250 pattern_type ptype; /* pattern type */
253 /* single linked list for env vars and cookies */
254 typedef struct data_item {
255 struct data_item *next;
260 apr_array_header_t *rewriteconds;/* the corresponding RewriteCond entries */
261 char *pattern; /* the RegExp pattern string */
262 regex_t *regexp; /* the RegExp pattern compilation */
263 char *output; /* the Substitution string */
264 int flags; /* Flags which control the substitution */
265 char *forced_mimetype; /* forced MIME type of substitution */
266 char *forced_handler; /* forced content handler of subst. */
267 int forced_responsecode; /* forced HTTP response status */
268 data_item *env; /* added environment variables */
269 data_item *cookie; /* added cookies */
270 int skip; /* number of next rules to skip */
274 int state; /* the RewriteEngine state */
275 int options; /* the RewriteOption state */
276 #ifndef REWRITELOG_DISABLED
277 const char *rewritelogfile; /* the RewriteLog filename */
278 apr_file_t *rewritelogfp; /* the RewriteLog open filepointer */
279 int rewriteloglevel; /* the RewriteLog level of verbosity */
281 apr_hash_t *rewritemaps; /* the RewriteMap entries */
282 apr_array_header_t *rewriteconds; /* the RewriteCond entries (temp.) */
283 apr_array_header_t *rewriterules; /* the RewriteRule entries */
284 server_rec *server; /* the corresponding server indicator */
285 int redirect_limit; /* max number of internal redirects */
286 } rewrite_server_conf;
289 int state; /* the RewriteEngine state */
290 int options; /* the RewriteOption state */
291 apr_array_header_t *rewriteconds; /* the RewriteCond entries (temp.) */
292 apr_array_header_t *rewriterules; /* the RewriteRule entries */
293 char *directory; /* the directory where it applies */
294 const char *baseurl; /* the base-URL where it applies */
295 int redirect_limit; /* max. number of internal redirects */
296 } rewrite_perdir_conf;
299 int redirects; /* current number of redirects */
300 int redirect_limit; /* maximum number of redirects */
301 } rewrite_request_conf;
303 /* the (per-child) cache structures.
305 typedef struct cache {
309 apr_thread_mutex_t *lock;
313 /* cached maps contain an mtime for the whole map and live in a subpool
314 * of the cachep->pool. That makes it easy to forget them if necessary.
322 /* the regex structure for the
323 * substitution of backreferences
325 typedef struct backrefinfo {
328 regmatch_t regmatch[AP_MAX_REG_MATCH];
331 /* single linked list used for
334 typedef struct result_list {
335 struct result_list *next;
340 /* context structure for variable lookup and expansion
345 const char *vary_this;
353 * +-------------------------------------------------------+
355 * | static module data
357 * +-------------------------------------------------------+
360 /* the global module structure */
361 module AP_MODULE_DECLARE_DATA rewrite_module;
363 /* rewritemap int: handler function registry */
364 static apr_hash_t *mapfunc_hash;
367 static cache *cachep;
369 /* whether proxy module is available or not */
370 static int proxy_available;
372 /* whether random seed can be reaped */
373 static int rewrite_rand_init_done = 0;
376 static const char *lockname;
377 static apr_global_mutex_t *rewrite_mapr_lock_acquire = NULL;
379 #ifndef REWRITELOG_DISABLED
380 static apr_global_mutex_t *rewrite_log_lock = NULL;
385 * +-------------------------------------------------------+
387 * | rewriting logfile support
389 * +-------------------------------------------------------+
392 #ifndef REWRITELOG_DISABLED
393 static char *current_logtime(request_rec *r)
399 apr_time_exp_lt(&t, apr_time_now());
401 apr_strftime(tstr, &len, sizeof(tstr), "[%d/%b/%Y:%H:%M:%S ", &t);
402 apr_snprintf(tstr+len, sizeof(tstr)-len, "%c%.2d%.2d]",
403 t.tm_gmtoff < 0 ? '-' : '+',
404 t.tm_gmtoff / (60*60), t.tm_gmtoff % (60*60));
406 return apr_pstrdup(r->pool, tstr);
409 static int open_rewritelog(server_rec *s, apr_pool_t *p)
411 rewrite_server_conf *conf;
414 conf = ap_get_module_config(s->module_config, &rewrite_module);
416 /* - no logfile configured
417 * - logfilename empty
418 * - virtual log shared w/ main server
420 if (!conf->rewritelogfile || !*conf->rewritelogfile || conf->rewritelogfp) {
424 if (*conf->rewritelogfile == '|') {
427 fname = ap_server_root_relative(p, conf->rewritelogfile+1);
429 ap_log_error(APLOG_MARK, APLOG_ERR, APR_EBADPATH, s,
430 "mod_rewrite: Invalid RewriteLog "
431 "path %s", conf->rewritelogfile+1);
435 if ((pl = ap_open_piped_log(p, fname)) == NULL) {
436 ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
437 "mod_rewrite: could not open reliable pipe "
438 "to RewriteLog filter %s", fname);
441 conf->rewritelogfp = ap_piped_log_write_fd(pl);
446 fname = ap_server_root_relative(p, conf->rewritelogfile);
448 ap_log_error(APLOG_MARK, APLOG_ERR, APR_EBADPATH, s,
449 "mod_rewrite: Invalid RewriteLog "
450 "path %s", conf->rewritelogfile);
454 if ((rc = apr_file_open(&conf->rewritelogfp, fname,
455 REWRITELOG_FLAGS, REWRITELOG_MODE, p))
457 ap_log_error(APLOG_MARK, APLOG_ERR, rc, s,
458 "mod_rewrite: could not open RewriteLog "
467 static void do_rewritelog(request_rec *r, int level, char *perdir,
468 const char *fmt, ...)
470 rewrite_server_conf *conf;
471 char *logline, *text;
472 const char *rhost, *rname;
479 conf = ap_get_module_config(r->server->module_config, &rewrite_module);
481 if (!conf->rewritelogfp || level > conf->rewriteloglevel) {
485 rhost = ap_get_remote_host(r->connection, r->per_dir_config,
486 REMOTE_NOLOOKUP, NULL);
487 rname = ap_get_remote_logname(r);
489 for (redir=0, req=r; req->prev; req = req->prev) {
494 text = apr_pvsprintf(r->pool, fmt, ap);
497 logline = apr_psprintf(r->pool, "%s %s %s %s [%s/sid#%pp][rid#%pp/%s%s%s] "
498 "(%d) %s%s%s%s" APR_EOL_STR,
499 rhost ? rhost : "UNKNOWN-HOST",
501 r->user ? (*r->user ? r->user : "\"\"") : "-",
503 ap_get_server_name(r),
506 r->main ? "subreq" : "initial",
507 redir ? "/redir#" : "",
508 redir ? apr_itoa(r->pool, redir) : "",
510 perdir ? "[perdir " : "",
511 perdir ? perdir : "",
515 rv = apr_global_mutex_lock(rewrite_log_lock);
516 if (rv != APR_SUCCESS) {
517 ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
518 "apr_global_mutex_lock(rewrite_log_lock) failed");
519 /* XXX: Maybe this should be fatal? */
522 nbytes = strlen(logline);
523 apr_file_write(conf->rewritelogfp, logline, &nbytes);
525 rv = apr_global_mutex_unlock(rewrite_log_lock);
526 if (rv != APR_SUCCESS) {
527 ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
528 "apr_global_mutex_unlock(rewrite_log_lock) failed");
529 /* XXX: Maybe this should be fatal? */
534 #endif /* !REWRITELOG_DISABLED */
538 * +-------------------------------------------------------+
540 * | URI and path functions
542 * +-------------------------------------------------------+
545 /* return number of chars of the scheme (incl. '://')
546 * if the URI is absolute (includes a scheme etc.)
549 * NOTE: If you add new schemes here, please have a
550 * look at escape_absolute_uri and splitout_queryargs.
551 * Not every scheme takes query strings and some schemes
552 * may be handled in a special way.
554 * XXX: we may consider a scheme registry, perhaps with
555 * appropriate escape callbacks to allow other modules
556 * to extend mod_rewrite at runtime.
558 static unsigned is_absolute_uri(char *uri)
561 if (*uri == '/' || strlen(uri) <= 5) {
568 if (!strncasecmp(uri, "tp://", 5)) { /* ftp:// */
575 if (!strncasecmp(uri, "opher://", 8)) { /* gopher:// */
582 if (!strncasecmp(uri, "ttp://", 6)) { /* http:// */
585 else if (!strncasecmp(uri, "ttps://", 7)) { /* https:// */
592 if (!strncasecmp(uri, "dap://", 6)) { /* ldap:// */
599 if (!strncasecmp(uri, "ailto:", 6)) { /* mailto: */
606 if (!strncasecmp(uri, "ews:", 4)) { /* news: */
609 else if (!strncasecmp(uri, "ntp://", 6)) { /* nntp:// */
619 * escape absolute uri, which may or may not be path oriented.
620 * So let's handle them differently.
622 static char *escape_absolute_uri(apr_pool_t *p, char *uri, unsigned scheme)
627 * NULL should indicate elsewhere, that something's wrong
629 if (!scheme || strlen(uri) < scheme) {
635 /* scheme with authority part? */
638 while (*cp && *cp != '/') {
642 /* nothing after the hostpart. ready! */
643 if (!*cp || !*++cp) {
644 return apr_pstrdup(p, uri);
647 /* remember the hostname stuff */
650 /* special thing for ldap.
651 * The parts are separated by question marks. From RFC 2255:
652 * ldapurl = scheme "://" [hostport] ["/"
653 * [dn ["?" [attributes] ["?" [scope]
654 * ["?" [filter] ["?" extensions]]]]]]
656 if (!strncasecmp(uri, "ldap", 4)) {
660 token[0] = cp = apr_pstrdup(p, cp);
661 while (*cp && c < 5) {
669 return apr_pstrcat(p, apr_pstrndup(p, uri, scheme),
670 ap_escape_uri(p, token[0]),
671 (c >= 1) ? "?" : NULL,
672 (c >= 1) ? ap_escape_uri(p, token[1]) : NULL,
673 (c >= 2) ? "?" : NULL,
674 (c >= 2) ? ap_escape_uri(p, token[2]) : NULL,
675 (c >= 3) ? "?" : NULL,
676 (c >= 3) ? ap_escape_uri(p, token[3]) : NULL,
677 (c >= 4) ? "?" : NULL,
678 (c >= 4) ? ap_escape_uri(p, token[4]) : NULL,
683 /* Nothing special here. Apply normal escaping. */
684 return apr_pstrcat(p, apr_pstrndup(p, uri, scheme),
685 ap_escape_uri(p, cp), NULL);
689 * split out a QUERY_STRING part from
690 * the current URI string
692 static void splitout_queryargs(request_rec *r, int qsappend)
696 /* don't touch, unless it's an http or mailto URL.
697 * See RFC 1738 and RFC 2368.
699 if ( is_absolute_uri(r->filename)
700 && strncasecmp(r->filename, "http", 4)
701 && strncasecmp(r->filename, "mailto", 6)) {
702 r->args = NULL; /* forget the query that's still flying around */
706 q = ap_strchr(r->filename, '?');
711 olduri = apr_pstrdup(r->pool, r->filename);
714 r->args = apr_pstrcat(r->pool, q, "&", r->args, NULL);
717 r->args = apr_pstrdup(r->pool, q);
720 len = strlen(r->args);
724 else if (r->args[len-1] == '&') {
725 r->args[len-1] = '\0';
728 rewritelog((r, 3, NULL, "split uri=%s -> uri=%s, args=%s", olduri,
729 r->filename, r->args ? r->args : "<none>"));
736 * strip 'http[s]://ourhost/' from URI
738 static void reduce_uri(request_rec *r)
743 cp = (char *)ap_http_method(r);
745 if ( strlen(r->filename) > l+3
746 && strncasecmp(r->filename, cp, l) == 0
747 && r->filename[l] == ':'
748 && r->filename[l+1] == '/'
749 && r->filename[l+2] == '/' ) {
752 char *portp, *host, *url, *scratch;
754 scratch = apr_pstrdup(r->pool, r->filename); /* our scratchpad */
756 /* cut the hostname and port out of the URI */
757 cp = host = scratch + l + 3; /* 3 == strlen("://") */
758 while (*cp && *cp != '/' && *cp != ':') {
762 if (*cp == ':') { /* additional port given */
765 while (*cp && *cp != '/') {
771 url = r->filename + (cp - scratch);
776 else if (*cp == '/') { /* default port */
779 port = ap_default_port(r);
780 url = r->filename + (cp - scratch);
783 port = ap_default_port(r);
787 /* now check whether we could reduce it to a local path... */
788 if (ap_matches_request_vhost(r, host, port)) {
789 rewritelog((r, 3, NULL, "reduce %s -> %s", r->filename, url));
790 r->filename = apr_pstrdup(r->pool, url);
798 * add 'http[s]://ourhost[:ourport]/' to URI
799 * if URI is still not fully qualified
801 static void fully_qualify_uri(request_rec *r)
803 if (!is_absolute_uri(r->filename)) {
804 const char *thisserver;
808 thisserver = ap_get_server_name(r);
809 port = ap_get_server_port(r);
810 thisport = ap_is_default_port(port, r)
812 : apr_psprintf(r->pool, ":%u", port);
814 r->filename = apr_psprintf(r->pool, "%s://%s%s%s%s",
815 ap_http_method(r), thisserver, thisport,
816 (*r->filename == '/') ? "" : "/",
824 * stat() only the first segment of a path
826 static int prefix_stat(const char *path, apr_pool_t *pool)
828 const char *curpath = path;
834 rv = apr_filepath_root(&root, &curpath, APR_FILEPATH_TRUENAME, pool);
836 if (rv != APR_SUCCESS) {
840 /* let's recognize slashes only, the mod_rewrite semantics are opaque
843 if ((slash = ap_strchr_c(curpath, '/')) != NULL) {
844 rv = apr_filepath_merge(&statpath, root,
845 apr_pstrndup(pool, curpath,
846 (apr_size_t)(slash - curpath)),
847 APR_FILEPATH_NOTABOVEROOT |
848 APR_FILEPATH_NOTRELATIVE, pool);
851 rv = apr_filepath_merge(&statpath, root, curpath,
852 APR_FILEPATH_NOTABOVEROOT |
853 APR_FILEPATH_NOTRELATIVE, pool);
856 if (rv == APR_SUCCESS) {
859 if (apr_stat(&sb, statpath, APR_FINFO_MIN, pool) == APR_SUCCESS) {
868 * substitute the prefix path 'match' in 'input' with 'subst' (RewriteBase)
870 static char *subst_prefix_path(request_rec *r, char *input, char *match,
873 apr_size_t len = strlen(match);
875 if (len && match[len - 1] == '/') {
879 if (!strncmp(input, match, len) && input[len++] == '/') {
880 apr_size_t slen, outlen;
883 rewritelog((r, 5, NULL, "strip matching prefix: %s -> %s", input,
886 slen = strlen(subst);
887 if (slen && subst[slen - 1] != '/') {
891 outlen = strlen(input) + slen - len;
892 output = apr_palloc(r->pool, outlen + 1); /* don't forget the \0 */
894 memcpy(output, subst, slen);
895 if (slen && !output[slen-1]) {
896 output[slen-1] = '/';
898 memcpy(output+slen, input+len, outlen - slen);
899 output[outlen] = '\0';
901 rewritelog((r, 4, NULL, "add subst prefix: %s -> %s", input+len,
907 /* prefix didn't match */
913 * +-------------------------------------------------------+
917 * +-------------------------------------------------------+
920 static void set_cache_value(const char *name, apr_time_t t, char *key,
927 apr_thread_mutex_lock(cachep->lock);
929 map = apr_hash_get(cachep->maps, name, APR_HASH_KEY_STRING);
934 if (apr_pool_create(&p, cachep->pool) != APR_SUCCESS) {
936 apr_thread_mutex_unlock(cachep->lock);
941 map = apr_palloc(cachep->pool, sizeof(cachedmap));
943 map->entries = apr_hash_make(map->pool);
946 apr_hash_set(cachep->maps, name, APR_HASH_KEY_STRING, map);
948 else if (map->mtime != t) {
949 apr_pool_clear(map->pool);
950 map->entries = apr_hash_make(map->pool);
954 /* Now we should have a valid map->entries hash, where we
955 * can store our value.
957 * We need to copy the key and the value into OUR pool,
958 * so that we don't leave it during the r->pool cleanup.
960 apr_hash_set(map->entries,
961 apr_pstrdup(map->pool, key), APR_HASH_KEY_STRING,
962 apr_pstrdup(map->pool, val));
965 apr_thread_mutex_unlock(cachep->lock);
972 static char *get_cache_value(const char *name, apr_time_t t, char *key,
980 apr_thread_mutex_lock(cachep->lock);
982 map = apr_hash_get(cachep->maps, name, APR_HASH_KEY_STRING);
985 /* if this map is outdated, forget it. */
986 if (map->mtime != t) {
987 apr_pool_clear(map->pool);
988 map->entries = apr_hash_make(map->pool);
992 val = apr_hash_get(map->entries, key, APR_HASH_KEY_STRING);
994 /* copy the cached value into the supplied pool,
995 * where it belongs (r->pool usually)
997 val = apr_pstrdup(p, val);
1003 apr_thread_mutex_unlock(cachep->lock);
1010 static int init_cache(apr_pool_t *p)
1012 cachep = apr_palloc(p, sizeof(cache));
1013 if (apr_pool_create(&cachep->pool, p) != APR_SUCCESS) {
1014 cachep = NULL; /* turns off cache */
1018 cachep->maps = apr_hash_make(cachep->pool);
1020 (void)apr_thread_mutex_create(&(cachep->lock), APR_THREAD_MUTEX_DEFAULT, p);
1028 * +-------------------------------------------------------+
1032 * +-------------------------------------------------------+
1036 * General Note: key is already a fresh string, created (expanded) just
1037 * for the purpose to be passed in here. So one can modify key itself.
1040 static char *rewrite_mapfunc_toupper(request_rec *r, char *key)
1044 for (p = key; *p; ++p) {
1045 *p = apr_toupper(*p);
1051 static char *rewrite_mapfunc_tolower(request_rec *r, char *key)
1055 for (p = key; *p; ++p) {
1056 *p = apr_tolower(*p);
1062 static char *rewrite_mapfunc_escape(request_rec *r, char *key)
1064 return ap_escape_uri(r->pool, key);
1067 static char *rewrite_mapfunc_unescape(request_rec *r, char *key)
1069 ap_unescape_url(key);
1074 static char *select_random_value_part(request_rec *r, char *value)
1079 /* count number of distinct values */
1080 while ((p = ap_strchr(p, '|')) != NULL) {
1086 /* initialize random generator
1088 * XXX: Probably this should be wrapped into a thread mutex,
1089 * shouldn't it? Is it worth the effort?
1091 if (!rewrite_rand_init_done) {
1092 srand((unsigned)(getpid()));
1093 rewrite_rand_init_done = 1;
1096 /* select a random subvalue */
1097 n = (int)(((double)(rand() % RAND_MAX) / RAND_MAX) * n + 1);
1099 /* extract it from the whole string */
1100 while (--n && (value = ap_strchr(value, '|')) != NULL) {
1104 if (value) { /* should not be NULL, but ... */
1105 p = ap_strchr(value, '|');
1115 /* child process code */
1116 static void rewrite_child_errfn(apr_pool_t *p, apr_status_t err,
1119 ap_log_error(APLOG_MARK, APLOG_ERR, err, NULL, "%s", desc);
1122 static apr_status_t rewritemap_program_child(apr_pool_t *p,
1123 const char *progname, char **argv,
1128 apr_procattr_t *procattr;
1129 apr_proc_t *procnew;
1131 if ( APR_SUCCESS == (rc=apr_procattr_create(&procattr, p))
1132 && APR_SUCCESS == (rc=apr_procattr_io_set(procattr, APR_FULL_BLOCK,
1133 APR_FULL_BLOCK, APR_NO_PIPE))
1134 && APR_SUCCESS == (rc=apr_procattr_dir_set(procattr,
1135 ap_make_dirstr_parent(p, argv[0])))
1136 && APR_SUCCESS == (rc=apr_procattr_cmdtype_set(procattr, APR_PROGRAM))
1137 && APR_SUCCESS == (rc=apr_procattr_child_errfn_set(procattr,
1138 rewrite_child_errfn))
1139 && APR_SUCCESS == (rc=apr_procattr_error_check_set(procattr, 1))) {
1141 procnew = apr_pcalloc(p, sizeof(*procnew));
1142 rc = apr_proc_create(procnew, argv[0], (const char **)argv, NULL,
1145 if (rc == APR_SUCCESS) {
1146 apr_pool_note_subprocess(p, procnew, APR_KILL_AFTER_TIMEOUT);
1149 (*fpin) = procnew->in;
1153 (*fpout) = procnew->out;
1161 static apr_status_t run_rewritemap_programs(server_rec *s, apr_pool_t *p)
1163 rewrite_server_conf *conf;
1164 apr_hash_index_t *hi;
1166 int lock_warning_issued = 0;
1168 conf = ap_get_module_config(s->module_config, &rewrite_module);
1170 /* If the engine isn't turned on,
1171 * don't even try to do anything.
1173 if (conf->state == ENGINE_DISABLED) {
1177 for (hi = apr_hash_first(p, conf->rewritemaps); hi; hi = apr_hash_next(hi)){
1178 apr_file_t *fpin = NULL;
1179 apr_file_t *fpout = NULL;
1180 rewritemap_entry *map;
1183 apr_hash_this(hi, NULL, NULL, &val);
1186 if (map->type != MAPTYPE_PRG) {
1189 if (!(map->argv[0]) || !*(map->argv[0]) || map->fpin || map->fpout) {
1193 if (!lock_warning_issued && (!lockname || !*lockname)) {
1194 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, s,
1195 "mod_rewrite: Running external rewrite maps "
1196 "without defining a RewriteLock is DANGEROUS!");
1197 ++lock_warning_issued;
1200 rc = rewritemap_program_child(p, map->argv[0], map->argv,
1202 if (rc != APR_SUCCESS || fpin == NULL || fpout == NULL) {
1203 ap_log_error(APLOG_MARK, APLOG_ERR, rc, s,
1204 "mod_rewrite: could not start RewriteMap "
1205 "program %s", map->checkfile);
1217 * +-------------------------------------------------------+
1219 * | Lookup functions
1221 * +-------------------------------------------------------+
1224 static char *lookup_map_txtfile(request_rec *r, const char *file, char *key)
1226 apr_file_t *fp = NULL;
1227 char line[REWRITE_MAX_TXT_MAP_LINE + 1]; /* +1 for \0 */
1228 char *value, *keylast;
1230 if (apr_file_open(&fp, file, APR_READ, APR_OS_DEFAULT,
1231 r->pool) != APR_SUCCESS) {
1235 keylast = key + strlen(key);
1237 while (apr_file_gets(line, sizeof(line), fp) == APR_SUCCESS) {
1240 /* ignore comments and lines starting with whitespaces */
1241 if (*line == '#' || apr_isspace(*line)) {
1247 while (c < keylast && *p == *c && !apr_isspace(*p)) {
1252 /* key doesn't match - ignore. */
1253 if (c != keylast || !apr_isspace(*p)) {
1257 /* jump to the value */
1258 while (*p && apr_isspace(*p)) {
1262 /* no value? ignore */
1267 /* extract the value and return. */
1269 while (*p && !apr_isspace(*p)) {
1272 value = apr_pstrmemdup(r->pool, c, p - c);
1280 static char *lookup_map_dbmfile(request_rec *r, const char *file,
1281 const char *dbmtype, char *key)
1283 apr_dbm_t *dbmfp = NULL;
1288 if (apr_dbm_open_ex(&dbmfp, dbmtype, file, APR_DBM_READONLY, APR_OS_DEFAULT,
1289 r->pool) != APR_SUCCESS) {
1294 dbmkey.dsize = strlen(key);
1296 if (apr_dbm_fetch(dbmfp, dbmkey, &dbmval) == APR_SUCCESS && dbmval.dptr) {
1297 value = apr_pstrmemdup(r->pool, dbmval.dptr, dbmval.dsize);
1303 apr_dbm_close(dbmfp);
1308 static char *lookup_map_program(request_rec *r, apr_file_t *fpin,
1309 apr_file_t *fpout, char *key)
1311 char buf[REWRITE_MAX_PRG_MAP_LINE];
1316 const char *eol = APR_EOL_STR;
1320 struct iovec iova[2];
1324 /* when `RewriteEngine off' was used in the per-server
1325 * context then the rewritemap-programs were not spawned.
1326 * In this case using such a map (usually in per-dir context)
1327 * is useless because it is not available.
1329 * newlines in the key leave bytes in the pipe and cause
1330 * bad things to happen (next map lookup will use the chars
1331 * after the \n instead of the new key etc etc - in other words,
1332 * the Rewritemap falls out of sync with the requests).
1334 if (fpin == NULL || fpout == NULL || ap_strchr(key, '\n')) {
1339 if (rewrite_mapr_lock_acquire) {
1340 rv = apr_global_mutex_lock(rewrite_mapr_lock_acquire);
1341 if (rv != APR_SUCCESS) {
1342 ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
1343 "apr_global_mutex_lock(rewrite_mapr_lock_acquire) "
1345 return NULL; /* Maybe this should be fatal? */
1349 /* write out the request key */
1351 nbytes = strlen(key);
1352 apr_file_write(fpin, key, &nbytes);
1354 apr_file_write(fpin, "\n", &nbytes);
1356 iova[0].iov_base = key;
1357 iova[0].iov_len = strlen(key);
1358 iova[1].iov_base = "\n";
1359 iova[1].iov_len = 1;
1362 apr_file_writev(fpin, iova, niov, &nbytes);
1365 /* read in the response value */
1368 apr_file_read(fpout, &c, &nbytes);
1369 while (nbytes == 1 && (i < REWRITE_MAX_PRG_MAP_LINE)) {
1370 if (c == eol[eolc]) {
1372 /* remove eol from the buffer */
1378 /* only partial (invalid) eol sequence -> reset the counter */
1383 /* catch binary mode, e.g. on Win32 */
1384 else if (c == '\n') {
1389 apr_file_read(fpout, &c, &nbytes);
1392 /* give the lock back */
1393 if (rewrite_mapr_lock_acquire) {
1394 rv = apr_global_mutex_unlock(rewrite_mapr_lock_acquire);
1395 if (rv != APR_SUCCESS) {
1396 ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
1397 "apr_global_mutex_unlock(rewrite_mapr_lock_acquire) "
1399 return NULL; /* Maybe this should be fatal? */
1403 /* buf is not zero terminated, so be careful! */
1404 if (i == 4 && strncasecmp(buf, "NULL", 4) == 0) {
1408 return apr_pstrmemdup(r->pool, buf, i);
1412 * generic map lookup
1414 static char *lookup_map(request_rec *r, char *name, char *key)
1416 rewrite_server_conf *conf;
1417 rewritemap_entry *s;
1422 /* get map configuration */
1423 conf = ap_get_module_config(r->server->module_config, &rewrite_module);
1424 s = apr_hash_get(conf->rewritemaps, name, APR_HASH_KEY_STRING);
1426 /* map doesn't exist */
1433 * Text file map (perhaps random)
1437 rv = apr_stat(&st, s->checkfile, APR_FINFO_MIN, r->pool);
1438 if (rv != APR_SUCCESS) {
1439 ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
1440 "mod_rewrite: can't access text RewriteMap file %s",
1442 rewritelog((r, 1, NULL,
1443 "can't open RewriteMap file, see error log"));
1447 value = get_cache_value(name, st.mtime, key, r->pool);
1449 rewritelog((r, 6, NULL,
1450 "cache lookup FAILED, forcing new map lookup"));
1452 value = lookup_map_txtfile(r, s->datafile, key);
1454 rewritelog((r, 5, NULL, "map lookup FAILED: map=%s[txt] key=%s",
1456 set_cache_value(name, st.mtime, key, "");
1460 rewritelog((r, 5, NULL,"map lookup OK: map=%s[txt] key=%s -> val=%s",
1462 set_cache_value(name, st.mtime, key, value);
1465 rewritelog((r,5,NULL,"cache lookup OK: map=%s[txt] key=%s -> val=%s",
1469 if (s->type == MAPTYPE_RND && *value) {
1470 value = select_random_value_part(r, value);
1471 rewritelog((r, 5, NULL, "randomly chosen the subvalue `%s'",value));
1474 return *value ? value : NULL;
1480 rv = apr_stat(&st, s->checkfile, APR_FINFO_MIN, r->pool);
1481 if (rv != APR_SUCCESS) {
1482 ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
1483 "mod_rewrite: can't access DBM RewriteMap file %s",
1485 rewritelog((r, 1, NULL,
1486 "can't open DBM RewriteMap file, see error log"));
1490 value = get_cache_value(name, st.mtime, key, r->pool);
1492 rewritelog((r, 6, NULL,
1493 "cache lookup FAILED, forcing new map lookup"));
1495 value = lookup_map_dbmfile(r, s->datafile, s->dbmtype, key);
1497 rewritelog((r, 5, NULL, "map lookup FAILED: map=%s[dbm] key=%s",
1499 set_cache_value(name, st.mtime, key, "");
1503 rewritelog((r, 5, NULL, "map lookup OK: map=%s[dbm] key=%s -> "
1504 "val=%s", name, key, value));
1506 set_cache_value(name, st.mtime, key, value);
1510 rewritelog((r, 5, NULL, "cache lookup OK: map=%s[dbm] key=%s -> val=%s",
1512 return *value ? value : NULL;
1518 value = lookup_map_program(r, s->fpin, s->fpout, key);
1520 rewritelog((r, 5,NULL,"map lookup FAILED: map=%s key=%s", name,
1525 rewritelog((r, 5, NULL, "map lookup OK: map=%s key=%s -> val=%s",
1533 value = s->func(r, key);
1535 rewritelog((r, 5,NULL,"map lookup FAILED: map=%s key=%s", name,
1540 rewritelog((r, 5, NULL, "map lookup OK: map=%s key=%s -> val=%s",
1549 * lookup a HTTP header and set VARY note
1551 static const char *lookup_header(const char *name, rewrite_ctx *ctx)
1553 const char *val = apr_table_get(ctx->r->headers_in, name);
1556 ctx->vary_this = ctx->vary_this
1557 ? apr_pstrcat(ctx->r->pool, ctx->vary_this, ", ",
1559 : apr_pstrdup(ctx->r->pool, name);
1566 * lookahead helper function
1567 * Determine the correct URI path in perdir context
1569 static APR_INLINE const char *la_u(rewrite_ctx *ctx)
1571 rewrite_perdir_conf *conf;
1573 if (*ctx->uri == '/') {
1577 conf = ap_get_module_config(ctx->r->per_dir_config, &rewrite_module);
1579 return apr_pstrcat(ctx->r->pool, conf->baseurl
1580 ? conf->baseurl : conf->directory,
1585 * generic variable lookup
1587 static char *lookup_variable(char *var, rewrite_ctx *ctx)
1590 request_rec *r = ctx->r;
1591 apr_size_t varlen = strlen(var);
1595 return apr_pstrdup(r->pool, "");
1600 /* fast tests for variable length variables (sic) first */
1601 if (var[3] == ':') {
1602 if (var[4] && !strncasecmp(var, "ENV", 3)) {
1604 result = apr_table_get(r->notes, var);
1607 result = apr_table_get(r->subprocess_env, var);
1610 result = getenv(var);
1614 else if (var[4] == ':') {
1619 if (!strncasecmp(var, "HTTP", 4)) {
1620 result = lookup_header(var+5, ctx);
1622 else if (!strncasecmp(var, "LA-U", 4)) {
1623 if (ctx->uri && subreq_ok(r)) {
1624 path = ctx->perdir ? la_u(ctx) : ctx->uri;
1625 rr = ap_sub_req_lookup_uri(path, r, NULL);
1627 result = apr_pstrdup(r->pool, lookup_variable(var+5, ctx));
1629 ap_destroy_sub_req(rr);
1631 rewritelog((r, 5, ctx->perdir, "lookahead: path=%s var=%s "
1632 "-> val=%s", path, var+5, result));
1634 return (char *)result;
1637 else if (!strncasecmp(var, "LA-F", 4)) {
1638 if (ctx->uri && subreq_ok(r)) {
1640 if (ctx->perdir && *path == '/') {
1641 /* sigh, the user wants a file based subrequest, but
1642 * we can't do one, since we don't know what the file
1643 * path is! In this case behave like LA-U.
1645 rr = ap_sub_req_lookup_uri(path, r, NULL);
1649 rewrite_perdir_conf *conf;
1651 conf = ap_get_module_config(r->per_dir_config,
1654 path = apr_pstrcat(r->pool, conf->directory, path,
1658 rr = ap_sub_req_lookup_file(path, r, NULL);
1662 result = apr_pstrdup(r->pool, lookup_variable(var+5, ctx));
1664 ap_destroy_sub_req(rr);
1666 rewritelog((r, 5, ctx->perdir, "lookahead: path=%s var=%s "
1667 "-> val=%s", path, var+5, result));
1669 return (char *)result;
1675 /* well, do it the hard way */
1680 /* can't do this above, because of the getenv call */
1681 for (p = var; *p; ++p) {
1682 *p = apr_toupper(*p);
1687 if (!strcmp(var, "TIME")) {
1688 apr_time_exp_lt(&tm, apr_time_now());
1689 result = apr_psprintf(r->pool, "%04d%02d%02d%02d%02d%02d",
1690 tm.tm_year+1900, tm.tm_mon+1, tm.tm_mday,
1691 tm.tm_hour, tm.tm_min, tm.tm_sec);
1692 rewritelog((r, 1, ctx->perdir, "RESULT='%s'", result));
1693 return (char *)result;
1700 if (!strcmp(var, "TIME_DAY")) {
1701 apr_time_exp_lt(&tm, apr_time_now());
1702 return apr_psprintf(r->pool, "%02d", tm.tm_mday);
1707 if (!strcmp(var, "TIME_SEC")) {
1708 apr_time_exp_lt(&tm, apr_time_now());
1709 return apr_psprintf(r->pool, "%02d", tm.tm_sec);
1714 if (!strcmp(var, "TIME_MIN")) {
1715 apr_time_exp_lt(&tm, apr_time_now());
1716 return apr_psprintf(r->pool, "%02d", tm.tm_min);
1721 if (!strcmp(var, "TIME_MON")) {
1722 apr_time_exp_lt(&tm, apr_time_now());
1723 return apr_psprintf(r->pool, "%02d", tm.tm_mon+1);
1732 if (var[8] == 'Y' && !strcmp(var, "TIME_WDAY")) {
1733 apr_time_exp_lt(&tm, apr_time_now());
1734 return apr_psprintf(r->pool, "%d", tm.tm_wday);
1736 else if (!strcmp(var, "TIME_YEAR")) {
1737 apr_time_exp_lt(&tm, apr_time_now());
1738 return apr_psprintf(r->pool, "%04d", tm.tm_year+1900);
1743 if (!strcmp(var, "IS_SUBREQ")) {
1744 result = (r->main ? "true" : "false");
1749 if (!strcmp(var, "PATH_INFO")) {
1750 result = r->path_info;
1755 if (!strcmp(var, "AUTH_TYPE")) {
1756 result = r->ap_auth_type;
1761 if (!strcmp(var, "HTTP_HOST")) {
1762 result = lookup_header("Host", ctx);
1767 if (!strcmp(var, "TIME_HOUR")) {
1768 apr_time_exp_lt(&tm, apr_time_now());
1769 return apr_psprintf(r->pool, "%02d", tm.tm_hour);
1778 if (!strcmp(var, "SERVER_NAME")) {
1779 result = ap_get_server_name(r);
1784 if (*var == 'R' && !strcmp(var, "REMOTE_ADDR")) {
1785 result = r->connection->remote_ip;
1787 else if (!strcmp(var, "SERVER_ADDR")) {
1788 result = r->connection->local_ip;
1793 if (*var == 'H' && !strcmp(var, "HTTP_ACCEPT")) {
1794 result = lookup_header("Accept", ctx);
1796 else if (!strcmp(var, "THE_REQUEST")) {
1797 result = r->the_request;
1802 if (!strcmp(var, "API_VERSION")) {
1803 return apr_psprintf(r->pool, "%d:%d",
1804 MODULE_MAGIC_NUMBER_MAJOR,
1805 MODULE_MAGIC_NUMBER_MINOR);
1810 if (!strcmp(var, "HTTP_COOKIE")) {
1811 result = lookup_header("Cookie", ctx);
1816 if (*var == 'S' && !strcmp(var, "SERVER_PORT")) {
1817 return apr_psprintf(r->pool, "%u", ap_get_server_port(r));
1819 else if (var[7] == 'H' && !strcmp(var, "REMOTE_HOST")) {
1820 result = ap_get_remote_host(r->connection,r->per_dir_config,
1823 else if (!strcmp(var, "REMOTE_PORT")) {
1824 return apr_itoa(r->pool, r->connection->remote_addr->port);
1829 if (*var == 'R' && !strcmp(var, "REMOTE_USER")) {
1832 else if (!strcmp(var, "SCRIPT_USER")) {
1833 result = "<unknown>";
1834 if (r->finfo.valid & APR_FINFO_USER) {
1835 apr_uid_name_get((char **)&result, r->finfo.user,
1842 if (!strcmp(var, "REQUEST_URI")) {
1852 if (!strcmp(var, "SCRIPT_GROUP")) {
1853 result = "<unknown>";
1854 if (r->finfo.valid & APR_FINFO_GROUP) {
1855 apr_gid_name_get((char **)&result, r->finfo.group,
1862 if (!strcmp(var, "REMOTE_IDENT")) {
1863 result = ap_get_remote_logname(r);
1868 if (!strcmp(var, "HTTP_REFERER")) {
1869 result = lookup_header("Referer", ctx);
1874 if (!strcmp(var, "QUERY_STRING")) {
1880 if (!strcmp(var, "SERVER_ADMIN")) {
1881 result = r->server->server_admin;
1888 if (!strcmp(var, "DOCUMENT_ROOT")) {
1889 result = ap_document_root(r);
1894 if (*var == 'H' && !strcmp(var, "HTTP_FORWARDED")) {
1895 result = lookup_header("Forwarded", ctx);
1897 else if (!strcmp(var, "REQUEST_METHOD")) {
1905 if (!strcmp(var, "HTTP_USER_AGENT")) {
1906 result = lookup_header("User-Agent", ctx);
1911 if (!strcmp(var, "SCRIPT_FILENAME")) {
1912 result = r->filename; /* same as request_filename (16) */
1917 if (!strcmp(var, "SERVER_PROTOCOL")) {
1918 result = r->protocol;
1923 if (!strcmp(var, "SERVER_SOFTWARE")) {
1924 result = ap_get_server_version();
1931 if (!strcmp(var, "REQUEST_FILENAME")) {
1932 result = r->filename; /* same as script_filename (15) */
1937 if (!strcmp(var, "HTTP_PROXY_CONNECTION")) {
1938 result = lookup_header("Proxy-Connection", ctx);
1944 return apr_pstrdup(r->pool, result ? result : "");
1949 * +-------------------------------------------------------+
1951 * | Expansion functions
1953 * +-------------------------------------------------------+
1957 * Bracketed expression handling
1958 * s points after the opening bracket
1960 static APR_INLINE char *find_closing_curly(char *s)
1964 for (depth = 1; *s; ++s) {
1965 if (*s == RIGHT_CURLY && --depth == 0) {
1968 else if (*s == LEFT_CURLY) {
1976 static APR_INLINE char *find_char_in_curlies(char *s, int c)
1980 for (depth = 1; *s; ++s) {
1981 if (*s == c && depth == 1) {
1984 else if (*s == RIGHT_CURLY && --depth == 0) {
1987 else if (*s == LEFT_CURLY) {
1995 /* perform all the expansions on the input string
1996 * putting the result into a new string
1998 * for security reasons this expansion must be performed in a
1999 * single pass, otherwise an attacker can arrange for the result
2000 * of an earlier expansion to include expansion specifiers that
2001 * are interpreted by a later expansion, producing results that
2002 * were not intended by the administrator.
2004 static char *do_expand(char *input, rewrite_ctx *ctx)
2006 result_list *result, *current;
2007 result_list sresult[SMALL_EXPANSION];
2009 apr_size_t span, inputlen, outlen;
2011 apr_pool_t *pool = ctx->r->pool;
2013 span = strcspn(input, "\\$%");
2014 inputlen = strlen(input);
2017 if (inputlen == span) {
2018 return apr_pstrdup(pool, input);
2021 /* well, actually something to do */
2022 result = current = &(sresult[spc++]);
2025 current->next = NULL;
2026 current->string = input;
2027 current->len = span;
2030 /* loop for specials */
2032 /* prepare next entry */
2034 current->next = (spc < SMALL_EXPANSION)
2036 : (result_list *)apr_palloc(pool,
2037 sizeof(result_list));
2038 current = current->next;
2039 current->next = NULL;
2043 /* escaped character */
2048 current->string = p;
2052 current->string = ++p;
2057 /* variable or map lookup */
2058 else if (p[1] == '{') {
2061 endp = find_closing_curly(p+2);
2064 current->string = p;
2069 /* variable lookup */
2070 else if (*p == '%') {
2071 p = lookup_variable(apr_pstrmemdup(pool, p+2, endp-p-2), ctx);
2074 current->len = span;
2075 current->string = p;
2081 else { /* *p == '$' */
2085 * To make rewrite maps useful, the lookup key and
2086 * default values must be expanded, so we make
2087 * recursive calls to do the work. For security
2088 * reasons we must never expand a string that includes
2089 * verbatim data from the network. The recursion here
2090 * isn't a problem because the result of expansion is
2091 * only passed to lookup_map() so it cannot be
2092 * re-expanded, only re-looked-up. Another way of
2093 * looking at it is that the recursion is entirely
2094 * driven by the syntax of the nested curly brackets.
2097 key = find_char_in_curlies(p+2, ':');
2100 current->string = p;
2107 map = apr_pstrmemdup(pool, p+2, endp-p-2);
2108 key = map + (key-p-2);
2110 dflt = find_char_in_curlies(key, '|');
2115 /* reuse of key variable as result */
2116 key = lookup_map(ctx->r, map, do_expand(key, ctx));
2118 if (!key && dflt && *dflt) {
2119 key = do_expand(dflt, ctx);
2124 current->len = span;
2125 current->string = key;
2135 else if (apr_isdigit(p[1])) {
2137 backrefinfo *bri = (*p == '$') ? &ctx->briRR : &ctx->briRC;
2139 /* see ap_pregsub() in server/util.c */
2140 if (bri->source && n < AP_MAX_REG_MATCH
2141 && bri->regmatch[n].rm_eo > bri->regmatch[n].rm_so) {
2142 span = bri->regmatch[n].rm_eo - bri->regmatch[n].rm_so;
2144 current->len = span;
2145 current->string = bri->source + bri->regmatch[n].rm_so;
2152 /* not for us, just copy it */
2155 current->string = p++;
2159 /* check the remainder */
2160 if (*p && (span = strcspn(p, "\\$%")) > 0) {
2162 current->next = (spc < SMALL_EXPANSION)
2164 : (result_list *)apr_palloc(pool,
2165 sizeof(result_list));
2166 current = current->next;
2167 current->next = NULL;
2170 current->len = span;
2171 current->string = p;
2176 } while (p < input+inputlen);
2178 /* assemble result */
2179 c = p = apr_palloc(pool, outlen + 1); /* don't forget the \0 */
2182 ap_assert(c+result->len <= p+outlen); /* XXX: can be removed after
2183 * extensive testing and
2186 memcpy(c, result->string, result->len);
2189 result = result->next;
2198 * perform all the expansions on the environment variables
2200 static void do_expand_env(data_item *env, rewrite_ctx *ctx)
2205 name = do_expand(env->data, ctx);
2206 if ((val = ap_strchr(name, ':')) != NULL) {
2209 apr_table_set(ctx->r->subprocess_env, name, val);
2210 rewritelog((ctx->r, 5, NULL, "setting env variable '%s' to '%s'",
2221 * perform all the expansions on the cookies
2223 * TODO: use cached time similar to how logging does it
2225 static void add_cookie(request_rec *r, char *s)
2236 var = apr_strtok(s, ":", &tok_cntx);
2237 val = apr_strtok(NULL, ":", &tok_cntx);
2238 domain = apr_strtok(NULL, ":", &tok_cntx);
2240 if (var && val && domain) {
2241 request_rec *rmain = r;
2245 while (rmain->main) {
2246 rmain = rmain->main;
2249 notename = apr_pstrcat(rmain->pool, var, "_rewrite", NULL);
2250 apr_pool_userdata_get(&data, notename, rmain->pool);
2252 char *exp_time = NULL;
2254 expires = apr_strtok(NULL, ":", &tok_cntx);
2255 path = expires ? apr_strtok(NULL, ":", &tok_cntx) : NULL;
2259 apr_time_exp_gmt(&tms, r->request_time
2260 + apr_time_from_sec((60 * atol(expires))));
2261 exp_time = apr_psprintf(r->pool, "%s, %.2d-%s-%.4d "
2262 "%.2d:%.2d:%.2d GMT",
2263 apr_day_snames[tms.tm_wday],
2265 apr_month_snames[tms.tm_mon],
2267 tms.tm_hour, tms.tm_min, tms.tm_sec);
2270 cookie = apr_pstrcat(rmain->pool,
2272 "; path=", path ? path : "/",
2273 "; domain=", domain,
2274 expires ? "; expires=" : NULL,
2275 expires ? exp_time : NULL,
2278 apr_table_addn(rmain->err_headers_out, "Set-Cookie", cookie);
2279 apr_pool_userdata_set("set", notename, NULL, rmain->pool);
2280 rewritelog((rmain, 5, NULL, "setting cookie '%s'", cookie));
2283 rewritelog((rmain, 5, NULL, "skipping already set cookie '%s'",
2291 static void do_expand_cookie(data_item *cookie, rewrite_ctx *ctx)
2294 add_cookie(ctx->r, do_expand(cookie->data, ctx));
2295 cookie = cookie->next;
2303 * Expand tilde-paths (/~user) through Unix /etc/passwd
2304 * database information (or other OS-specific database)
2306 static char *expand_tildepaths(request_rec *r, char *uri)
2308 if (uri && *uri == '/' && uri[1] == '~') {
2312 while (*p && *p != '/') {
2319 user = apr_pstrmemdup(r->pool, user, p-user);
2320 if (apr_uid_homepath_get(&homedir, user, r->pool) == APR_SUCCESS) {
2322 /* reuse of user variable */
2323 user = homedir + strlen(homedir) - 1;
2324 if (user >= homedir && *user == '/') {
2328 return apr_pstrcat(r->pool, homedir, p, NULL);
2339 #endif /* if APR_HAS_USER */
2343 * +-------------------------------------------------------+
2345 * | rewriting lockfile support
2347 * +-------------------------------------------------------+
2350 static apr_status_t rewritelock_create(server_rec *s, apr_pool_t *p)
2354 /* only operate if a lockfile is used */
2355 if (lockname == NULL || *(lockname) == '\0') {
2359 /* create the lockfile */
2360 rc = apr_global_mutex_create(&rewrite_mapr_lock_acquire, lockname,
2361 APR_LOCK_DEFAULT, p);
2362 if (rc != APR_SUCCESS) {
2363 ap_log_error(APLOG_MARK, APLOG_CRIT, rc, s,
2364 "mod_rewrite: Parent could not create RewriteLock "
2365 "file %s", lockname);
2369 #ifdef MOD_REWRITE_SET_MUTEX_PERMS
2370 rc = unixd_set_global_mutex_perms(rewrite_mapr_lock_acquire);
2371 if (rc != APR_SUCCESS) {
2372 ap_log_error(APLOG_MARK, APLOG_CRIT, rc, s,
2373 "mod_rewrite: Parent could not set permissions "
2374 "on RewriteLock; check User and Group directives");
2382 static apr_status_t rewritelock_remove(void *data)
2384 /* only operate if a lockfile is used */
2385 if (lockname == NULL || *(lockname) == '\0') {
2389 /* destroy the rewritelock */
2390 apr_global_mutex_destroy (rewrite_mapr_lock_acquire);
2391 rewrite_mapr_lock_acquire = NULL;
2398 * +-------------------------------------------------------+
2400 * | configuration directive handling
2402 * +-------------------------------------------------------+
2406 * own command line parser for RewriteRule and RewriteCond,
2407 * which doesn't have the '\\' problem.
2408 * (returns true on error)
2410 * XXX: what an inclined parser. Seems we have to leave it so
2411 * for backwards compat. *sigh*
2413 static int parseargline(char *str, char **a1, char **a2, char **a3)
2417 while (apr_isspace(*str)) {
2422 * determine first argument
2424 quote = (*str == '"' || *str == '\'') ? *str++ : '\0';
2427 for (; *str; ++str) {
2428 if ((apr_isspace(*str) && !quote) || (*str == quote)) {
2431 if (*str == '\\' && apr_isspace(str[1])) {
2442 while (apr_isspace(*str)) {
2447 * determine second argument
2449 quote = (*str == '"' || *str == '\'') ? *str++ : '\0';
2452 for (; *str; ++str) {
2453 if ((apr_isspace(*str) && !quote) || (*str == quote)) {
2456 if (*str == '\\' && apr_isspace(str[1])) {
2463 *a3 = NULL; /* 3rd argument is optional */
2468 while (apr_isspace(*str)) {
2473 *a3 = NULL; /* 3rd argument is still optional */
2478 * determine third argument
2480 quote = (*str == '"' || *str == '\'') ? *str++ : '\0';
2482 for (; *str; ++str) {
2483 if ((apr_isspace(*str) && !quote) || (*str == quote)) {
2486 if (*str == '\\' && apr_isspace(str[1])) {
2496 static void *config_server_create(apr_pool_t *p, server_rec *s)
2498 rewrite_server_conf *a;
2500 a = (rewrite_server_conf *)apr_pcalloc(p, sizeof(rewrite_server_conf));
2502 a->state = ENGINE_DISABLED;
2503 a->options = OPTION_NONE;
2504 #ifndef REWRITELOG_DISABLED
2505 a->rewritelogfile = NULL;
2506 a->rewritelogfp = NULL;
2507 a->rewriteloglevel = 0;
2509 a->rewritemaps = apr_hash_make(p);
2510 a->rewriteconds = apr_array_make(p, 2, sizeof(rewritecond_entry));
2511 a->rewriterules = apr_array_make(p, 2, sizeof(rewriterule_entry));
2513 a->redirect_limit = 0; /* unset (use default) */
2518 static void *config_server_merge(apr_pool_t *p, void *basev, void *overridesv)
2520 rewrite_server_conf *a, *base, *overrides;
2522 a = (rewrite_server_conf *)apr_pcalloc(p,
2523 sizeof(rewrite_server_conf));
2524 base = (rewrite_server_conf *)basev;
2525 overrides = (rewrite_server_conf *)overridesv;
2527 a->state = overrides->state;
2528 a->options = overrides->options;
2529 a->server = overrides->server;
2530 a->redirect_limit = overrides->redirect_limit
2531 ? overrides->redirect_limit
2532 : base->redirect_limit;
2534 if (a->options & OPTION_INHERIT) {
2536 * local directives override
2537 * and anything else is inherited
2539 #ifndef REWRITELOG_DISABLED
2540 a->rewriteloglevel = overrides->rewriteloglevel != 0
2541 ? overrides->rewriteloglevel
2542 : base->rewriteloglevel;
2543 a->rewritelogfile = overrides->rewritelogfile != NULL
2544 ? overrides->rewritelogfile
2545 : base->rewritelogfile;
2546 a->rewritelogfp = overrides->rewritelogfp != NULL
2547 ? overrides->rewritelogfp
2548 : base->rewritelogfp;
2550 a->rewritemaps = apr_hash_overlay(p, overrides->rewritemaps,
2552 a->rewriteconds = apr_array_append(p, overrides->rewriteconds,
2553 base->rewriteconds);
2554 a->rewriterules = apr_array_append(p, overrides->rewriterules,
2555 base->rewriterules);
2559 * local directives override
2560 * and anything else gets defaults
2562 #ifndef REWRITELOG_DISABLED
2563 a->rewriteloglevel = overrides->rewriteloglevel;
2564 a->rewritelogfile = overrides->rewritelogfile;
2565 a->rewritelogfp = overrides->rewritelogfp;
2567 a->rewritemaps = overrides->rewritemaps;
2568 a->rewriteconds = overrides->rewriteconds;
2569 a->rewriterules = overrides->rewriterules;
2575 static void *config_perdir_create(apr_pool_t *p, char *path)
2577 rewrite_perdir_conf *a;
2579 a = (rewrite_perdir_conf *)apr_pcalloc(p, sizeof(rewrite_perdir_conf));
2581 a->state = ENGINE_DISABLED;
2582 a->options = OPTION_NONE;
2584 a->rewriteconds = apr_array_make(p, 2, sizeof(rewritecond_entry));
2585 a->rewriterules = apr_array_make(p, 2, sizeof(rewriterule_entry));
2586 a->redirect_limit = 0; /* unset (use server config) */
2589 a->directory = NULL;
2592 /* make sure it has a trailing slash */
2593 if (path[strlen(path)-1] == '/') {
2594 a->directory = apr_pstrdup(p, path);
2597 a->directory = apr_pstrcat(p, path, "/", NULL);
2604 static void *config_perdir_merge(apr_pool_t *p, void *basev, void *overridesv)
2606 rewrite_perdir_conf *a, *base, *overrides;
2608 a = (rewrite_perdir_conf *)apr_pcalloc(p,
2609 sizeof(rewrite_perdir_conf));
2610 base = (rewrite_perdir_conf *)basev;
2611 overrides = (rewrite_perdir_conf *)overridesv;
2613 a->state = overrides->state;
2614 a->options = overrides->options;
2615 a->directory = overrides->directory;
2616 a->baseurl = overrides->baseurl;
2617 a->redirect_limit = overrides->redirect_limit
2618 ? overrides->redirect_limit
2619 : base->redirect_limit;
2621 if (a->options & OPTION_INHERIT) {
2622 a->rewriteconds = apr_array_append(p, overrides->rewriteconds,
2623 base->rewriteconds);
2624 a->rewriterules = apr_array_append(p, overrides->rewriterules,
2625 base->rewriterules);
2628 a->rewriteconds = overrides->rewriteconds;
2629 a->rewriterules = overrides->rewriterules;
2635 static const char *cmd_rewriteengine(cmd_parms *cmd,
2636 void *in_dconf, int flag)
2638 rewrite_perdir_conf *dconf = in_dconf;
2639 rewrite_server_conf *sconf;
2641 sconf = ap_get_module_config(cmd->server->module_config, &rewrite_module);
2643 if (cmd->path == NULL) { /* is server command */
2644 sconf->state = (flag ? ENGINE_ENABLED : ENGINE_DISABLED);
2646 else /* is per-directory command */ {
2647 dconf->state = (flag ? ENGINE_ENABLED : ENGINE_DISABLED);
2653 static const char *cmd_rewriteoptions(cmd_parms *cmd,
2654 void *in_dconf, const char *option)
2656 int options = 0, limit = 0;
2660 w = ap_getword_conf(cmd->pool, &option);
2662 if (!strcasecmp(w, "inherit")) {
2663 options |= OPTION_INHERIT;
2665 else if (!strncasecmp(w, "MaxRedirects=", 13)) {
2666 limit = atoi(&w[13]);
2668 return "RewriteOptions: MaxRedirects takes a number greater "
2672 else if (!strcasecmp(w, "MaxRedirects")) { /* be nice */
2673 return "RewriteOptions: MaxRedirects has the format MaxRedirects"
2677 return apr_pstrcat(cmd->pool, "RewriteOptions: unknown option '",
2682 /* put it into the appropriate config */
2683 if (cmd->path == NULL) { /* is server command */
2684 rewrite_server_conf *conf =
2685 ap_get_module_config(cmd->server->module_config,
2688 conf->options |= options;
2689 conf->redirect_limit = limit;
2691 else { /* is per-directory command */
2692 rewrite_perdir_conf *conf = in_dconf;
2694 conf->options |= options;
2695 conf->redirect_limit = limit;
2701 #ifndef REWRITELOG_DISABLED
2702 static const char *cmd_rewritelog(cmd_parms *cmd, void *dconf, const char *a1)
2704 rewrite_server_conf *sconf;
2706 sconf = ap_get_module_config(cmd->server->module_config, &rewrite_module);
2707 sconf->rewritelogfile = a1;
2712 static const char *cmd_rewriteloglevel(cmd_parms *cmd, void *dconf,
2715 rewrite_server_conf *sconf;
2717 sconf = ap_get_module_config(cmd->server->module_config, &rewrite_module);
2718 sconf->rewriteloglevel = atoi(a1);
2722 #endif /* rewritelog */
2724 static const char *cmd_rewritemap(cmd_parms *cmd, void *dconf, const char *a1,
2727 rewrite_server_conf *sconf;
2728 rewritemap_entry *newmap;
2732 sconf = ap_get_module_config(cmd->server->module_config, &rewrite_module);
2734 newmap = apr_palloc(cmd->pool, sizeof(rewritemap_entry));
2735 newmap->func = NULL;
2737 if (strncasecmp(a2, "txt:", 4) == 0) {
2738 if ((fname = ap_server_root_relative(cmd->pool, a2+4)) == NULL) {
2739 return apr_pstrcat(cmd->pool, "RewriteMap: bad path to txt map: ",
2743 newmap->type = MAPTYPE_TXT;
2744 newmap->datafile = fname;
2745 newmap->checkfile = fname;
2747 else if (strncasecmp(a2, "rnd:", 4) == 0) {
2748 if ((fname = ap_server_root_relative(cmd->pool, a2+4)) == NULL) {
2749 return apr_pstrcat(cmd->pool, "RewriteMap: bad path to rnd map: ",
2753 newmap->type = MAPTYPE_RND;
2754 newmap->datafile = fname;
2755 newmap->checkfile = fname;
2757 else if (strncasecmp(a2, "dbm", 3) == 0) {
2758 const char *ignored_fname;
2761 newmap->type = MAPTYPE_DBM;
2765 newmap->dbmtype = "default";
2768 else if (a2[3] == '=') {
2769 const char *colon = ap_strchr_c(a2 + 4, ':');
2772 newmap->dbmtype = apr_pstrndup(cmd->pool, a2 + 4,
2773 colon - (a2 + 3) - 1);
2779 return apr_pstrcat(cmd->pool, "RewriteMap: bad map:",
2783 if ((newmap->datafile = ap_server_root_relative(cmd->pool,
2785 return apr_pstrcat(cmd->pool, "RewriteMap: bad path to dbm map: ",
2789 rv = apr_dbm_get_usednames_ex(cmd->pool, newmap->dbmtype,
2790 newmap->datafile, &newmap->checkfile,
2792 if (rv != APR_SUCCESS) {
2793 return apr_pstrcat(cmd->pool, "RewriteMap: dbm type ",
2794 newmap->dbmtype, " is invalid", NULL);
2797 else if (strncasecmp(a2, "prg:", 4) == 0) {
2798 apr_tokenize_to_argv(a2 + 4, &newmap->argv, cmd->pool);
2800 fname = newmap->argv[0];
2801 if ((newmap->argv[0] = ap_server_root_relative(cmd->pool,
2803 return apr_pstrcat(cmd->pool, "RewriteMap: bad path to prg map: ",
2807 newmap->type = MAPTYPE_PRG;
2808 newmap->datafile = NULL;
2809 newmap->checkfile = newmap->argv[0];
2811 else if (strncasecmp(a2, "int:", 4) == 0) {
2812 newmap->type = MAPTYPE_INT;
2813 newmap->datafile = NULL;
2814 newmap->checkfile = NULL;
2815 newmap->func = (char *(*)(request_rec *,char *))
2816 apr_hash_get(mapfunc_hash, a2+4, strlen(a2+4));
2817 if ((sconf->state == ENGINE_ENABLED) && (newmap->func == NULL)) {
2818 return apr_pstrcat(cmd->pool, "RewriteMap: internal map not found:",
2823 if ((fname = ap_server_root_relative(cmd->pool, a2)) == NULL) {
2824 return apr_pstrcat(cmd->pool, "RewriteMap: bad path to txt map: ",
2828 newmap->type = MAPTYPE_TXT;
2829 newmap->datafile = fname;
2830 newmap->checkfile = fname;
2832 newmap->fpin = NULL;
2833 newmap->fpout = NULL;
2835 if (newmap->checkfile && (sconf->state == ENGINE_ENABLED)
2836 && (apr_stat(&st, newmap->checkfile, APR_FINFO_MIN,
2837 cmd->pool) != APR_SUCCESS)) {
2838 return apr_pstrcat(cmd->pool,
2839 "RewriteMap: file for map ", a1,
2840 " not found:", newmap->checkfile, NULL);
2843 apr_hash_set(sconf->rewritemaps, a1, APR_HASH_KEY_STRING, newmap);
2848 static const char *cmd_rewritelock(cmd_parms *cmd, void *dconf, const char *a1)
2852 if ((error = ap_check_cmd_context(cmd, GLOBAL_ONLY)) != NULL)
2855 /* fixup the path, especially for rewritelock_remove() */
2856 lockname = ap_server_root_relative(cmd->pool, a1);
2859 return apr_pstrcat(cmd->pool, "Invalid RewriteLock path ", a1);
2865 static const char *cmd_rewritebase(cmd_parms *cmd, void *in_dconf,
2868 rewrite_perdir_conf *dconf = in_dconf;
2870 if (cmd->path == NULL || dconf == NULL) {
2871 return "RewriteBase: only valid in per-directory config files";
2873 if (a1[0] == '\0') {
2874 return "RewriteBase: empty URL not allowed";
2877 return "RewriteBase: argument is not a valid URL";
2880 dconf->baseurl = a1;
2886 * generic lexer for RewriteRule and RewriteCond flags.
2887 * The parser will be passed in as a function pointer
2888 * and called if a flag was found
2890 static const char *cmd_parseflagfield(apr_pool_t *p, void *cfg, char *key,
2891 const char *(*parse)(apr_pool_t *,
2895 char *val, *nextp, *endp;
2898 endp = key + strlen(key) - 1;
2899 if (*key != '[' || *endp != ']') {
2900 return "RewriteCond: bad flag delimiters";
2903 *endp = ','; /* for simpler parsing */
2907 /* skip leading spaces */
2908 while (apr_isspace(*key)) {
2912 if (!*key || (nextp = ap_strchr(key, ',')) == NULL) { /* NULL should not
2918 /* strip trailing spaces */
2920 while (apr_isspace(*endp)) {
2925 /* split key and val */
2926 val = ap_strchr(key, '=');
2934 err = parse(p, cfg, key, val);
2945 static const char *cmd_rewritecond_setflag(apr_pool_t *p, void *_cfg,
2946 char *key, char *val)
2948 rewritecond_entry *cfg = _cfg;
2950 if ( strcasecmp(key, "nocase") == 0
2951 || strcasecmp(key, "NC") == 0 ) {
2952 cfg->flags |= CONDFLAG_NOCASE;
2954 else if ( strcasecmp(key, "ornext") == 0
2955 || strcasecmp(key, "OR") == 0 ) {
2956 cfg->flags |= CONDFLAG_ORNEXT;
2959 return apr_pstrcat(p, "RewriteCond: unknown flag '", key, "'", NULL);
2964 static const char *cmd_rewritecond(cmd_parms *cmd, void *in_dconf,
2967 rewrite_perdir_conf *dconf = in_dconf;
2968 char *str = apr_pstrdup(cmd->pool, in_str);
2969 rewrite_server_conf *sconf;
2970 rewritecond_entry *newcond;
2977 sconf = ap_get_module_config(cmd->server->module_config, &rewrite_module);
2979 /* make a new entry in the internal temporary rewrite rule list */
2980 if (cmd->path == NULL) { /* is server command */
2981 newcond = apr_array_push(sconf->rewriteconds);
2983 else { /* is per-directory command */
2984 newcond = apr_array_push(dconf->rewriteconds);
2987 /* parse the argument line ourself
2988 * a1 .. a3 are substrings of str, which is a fresh copy
2989 * of the argument line. So we can use a1 .. a3 without
2990 * copying them again.
2992 if (parseargline(str, &a1, &a2, &a3)) {
2993 return apr_pstrcat(cmd->pool, "RewriteCond: bad argument line '", str,
2997 /* arg1: the input string */
2998 newcond->input = a1;
3000 /* arg3: optional flags field
3001 * (this has to be parsed first, because we need to
3002 * know if the regex should be compiled with ICASE!)
3004 newcond->flags = CONDFLAG_NONE;
3006 if ((err = cmd_parseflagfield(cmd->pool, newcond, a3,
3007 cmd_rewritecond_setflag)) != NULL) {
3012 /* arg2: the pattern */
3014 newcond->flags |= CONDFLAG_NOTMATCH;
3018 /* determine the pattern type */
3021 if (!a2[2] && *a2 == '-') {
3023 case 'f': newcond->ptype = CONDPAT_FILE_EXISTS; break;
3024 case 's': newcond->ptype = CONDPAT_FILE_SIZE; break;
3025 case 'l': newcond->ptype = CONDPAT_FILE_LINK; break;
3026 case 'd': newcond->ptype = CONDPAT_FILE_DIR; break;
3027 case 'x': newcond->ptype = CONDPAT_FILE_XBIT; break;
3028 case 'U': newcond->ptype = CONDPAT_LU_URL; break;
3029 case 'F': newcond->ptype = CONDPAT_LU_FILE; break;
3034 case '>': newcond->ptype = CONDPAT_STR_GT; break;
3035 case '<': newcond->ptype = CONDPAT_STR_LT; break;
3036 case '=': newcond->ptype = CONDPAT_STR_EQ;
3037 /* "" represents an empty string */
3038 if (*++a2 == '"' && a2[1] == '"' && !a2[2]) {
3046 if (newcond->ptype && newcond->ptype != CONDPAT_STR_EQ &&
3047 (newcond->flags & CONDFLAG_NOCASE)) {
3048 ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server,
3049 "RewriteCond: NoCase option for non-regex pattern '%s' "
3050 "is not supported and will be ignored.", a2);
3051 newcond->flags &= ~CONDFLAG_NOCASE;
3054 newcond->pattern = a2;
3056 if (!newcond->ptype) {
3057 regexp = ap_pregcomp(cmd->pool, a2,
3058 REG_EXTENDED | ((newcond->flags & CONDFLAG_NOCASE)
3061 return apr_pstrcat(cmd->pool, "RewriteCond: cannot compile regular "
3062 "expression '", a2, "'", NULL);
3065 newcond->regexp = regexp;
3071 static const char *cmd_rewriterule_setflag(apr_pool_t *p, void *_cfg,
3072 char *key, char *val)
3074 rewriterule_entry *cfg = _cfg;
3080 if (!*key || !strcasecmp(key, "hain")) { /* chain */
3081 cfg->flags |= RULEFLAG_CHAIN;
3083 else if (((*key == 'O' || *key == 'o') && !key[1])
3084 || !strcasecmp(key, "ookie")) { /* cookie */
3085 data_item *cp = cfg->cookie;
3088 cp = cfg->cookie = apr_palloc(p, sizeof(*cp));
3094 cp->next = apr_palloc(p, sizeof(*cp));
3108 if (!*key || !strcasecmp(key, "nv")) { /* env */
3109 data_item *cp = cfg->env;
3112 cp = cfg->env = apr_palloc(p, sizeof(*cp));
3118 cp->next = apr_palloc(p, sizeof(*cp));
3132 if (!*key || !strcasecmp(key, "orbidden")) { /* forbidden */
3133 cfg->flags |= (RULEFLAG_STATUS | RULEFLAG_NOSUB);
3134 cfg->forced_responsecode = HTTP_FORBIDDEN;
3143 if (!*key || !strcasecmp(key, "one")) { /* gone */
3144 cfg->flags |= (RULEFLAG_STATUS | RULEFLAG_NOSUB);
3145 cfg->forced_responsecode = HTTP_GONE;
3154 if (!*key || !strcasecmp(key, "andler")) { /* handler */
3155 cfg->forced_handler = val;
3164 if (!*key || !strcasecmp(key, "ast")) { /* last */
3165 cfg->flags |= RULEFLAG_LASTRULE;
3174 if (((*key == 'E' || *key == 'e') && !key[1])
3175 || !strcasecmp(key, "oescape")) { /* noescape */
3176 cfg->flags |= RULEFLAG_NOESCAPE;
3178 else if (!*key || !strcasecmp(key, "ext")) { /* next */
3179 cfg->flags |= RULEFLAG_NEWROUND;
3181 else if (((*key == 'S' || *key == 's') && !key[1])
3182 || !strcasecmp(key, "osubreq")) { /* nosubreq */
3183 cfg->flags |= RULEFLAG_IGNOREONSUBREQ;
3185 else if (((*key == 'C' || *key == 'c') && !key[1])
3186 || !strcasecmp(key, "ocase")) { /* nocase */
3187 cfg->flags |= RULEFLAG_NOCASE;
3196 if (!*key || !strcasecmp(key, "roxy")) { /* proxy */
3197 cfg->flags |= RULEFLAG_PROXY;
3199 else if (((*key == 'T' || *key == 't') && !key[1])
3200 || !strcasecmp(key, "assthrough")) { /* passthrough */
3201 cfg->flags |= RULEFLAG_PASSTHROUGH;
3210 if ( !strcasecmp(key, "QSA")
3211 || !strcasecmp(key, "qsappend")) { /* qsappend */
3212 cfg->flags |= RULEFLAG_QSAPPEND;
3221 if (!*key || !strcasecmp(key, "edirect")) { /* redirect */
3224 cfg->flags |= RULEFLAG_FORCEREDIRECT;
3225 if (strlen(val) > 0) {
3226 if (strcasecmp(val, "permanent") == 0) {
3227 status = HTTP_MOVED_PERMANENTLY;
3229 else if (strcasecmp(val, "temp") == 0) {
3230 status = HTTP_MOVED_TEMPORARILY;
3232 else if (strcasecmp(val, "seeother") == 0) {
3233 status = HTTP_SEE_OTHER;
3235 else if (apr_isdigit(*val)) {
3237 if (status != HTTP_INTERNAL_SERVER_ERROR) {
3239 ap_index_of_response(HTTP_INTERNAL_SERVER_ERROR);
3241 if (ap_index_of_response(status) == idx) {
3242 return apr_psprintf(p, "RewriteRule: invalid HTTP "
3243 "response code '%s' for "
3248 if (!ap_is_HTTP_REDIRECT(status)) {
3249 cfg->flags |= (RULEFLAG_STATUS | RULEFLAG_NOSUB);
3252 cfg->forced_responsecode = status;
3262 if (!*key || !strcasecmp(key, "kip")) { /* skip */
3263 cfg->skip = atoi(val);
3272 if (!*key || !strcasecmp(key, "ype")) { /* type */
3273 cfg->forced_mimetype = val;
3286 return apr_pstrcat(p, "RewriteRule: unknown flag '", --key, "'", NULL);
3292 static const char *cmd_rewriterule(cmd_parms *cmd, void *in_dconf,
3295 rewrite_perdir_conf *dconf = in_dconf;
3296 char *str = apr_pstrdup(cmd->pool, in_str);
3297 rewrite_server_conf *sconf;
3298 rewriterule_entry *newrule;
3305 sconf = ap_get_module_config(cmd->server->module_config, &rewrite_module);
3307 /* make a new entry in the internal rewrite rule list */
3308 if (cmd->path == NULL) { /* is server command */
3309 newrule = apr_array_push(sconf->rewriterules);
3311 else { /* is per-directory command */
3312 newrule = apr_array_push(dconf->rewriterules);
3315 /* parse the argument line ourself */
3316 if (parseargline(str, &a1, &a2, &a3)) {
3317 return apr_pstrcat(cmd->pool, "RewriteRule: bad argument line '", str,
3321 /* arg3: optional flags field */
3322 newrule->forced_mimetype = NULL;
3323 newrule->forced_handler = NULL;
3324 newrule->forced_responsecode = HTTP_MOVED_TEMPORARILY;
3325 newrule->flags = RULEFLAG_NONE;
3326 newrule->env = NULL;
3327 newrule->cookie = NULL;
3330 if ((err = cmd_parseflagfield(cmd->pool, newrule, a3,
3331 cmd_rewriterule_setflag)) != NULL) {
3336 /* arg1: the pattern
3337 * try to compile the regexp to test if is ok
3340 newrule->flags |= RULEFLAG_NOTMATCH;
3344 regexp = ap_pregcomp(cmd->pool, a1, REG_EXTENDED |
3345 ((newrule->flags & RULEFLAG_NOCASE)
3348 return apr_pstrcat(cmd->pool,
3349 "RewriteRule: cannot compile regular expression '",
3353 newrule->pattern = a1;
3354 newrule->regexp = regexp;
3356 /* arg2: the output string */
3357 newrule->output = a2;
3358 if (*a2 == '-' && !a2[1]) {
3359 newrule->flags |= RULEFLAG_NOSUB;
3362 /* now, if the server or per-dir config holds an
3363 * array of RewriteCond entries, we take it for us
3364 * and clear the array
3366 if (cmd->path == NULL) { /* is server command */
3367 newrule->rewriteconds = sconf->rewriteconds;
3368 sconf->rewriteconds = apr_array_make(cmd->pool, 2,
3369 sizeof(rewritecond_entry));
3371 else { /* is per-directory command */
3372 newrule->rewriteconds = dconf->rewriteconds;
3373 dconf->rewriteconds = apr_array_make(cmd->pool, 2,
3374 sizeof(rewritecond_entry));
3382 * +-------------------------------------------------------+
3384 * | the rewriting engine
3386 * +-------------------------------------------------------+
3389 /* Lexicographic Compare */
3390 static APR_INLINE int compare_lexicography(char *a, char *b)
3392 apr_size_t i, lena, lenb;
3398 for (i = 0; i < lena; ++i) {
3400 return ((unsigned char)a[i] > (unsigned char)b[i]) ? 1 : -1;
3407 return ((lena > lenb) ? 1 : -1);
3411 * Apply a single rewriteCond
3413 static int apply_rewrite_cond(rewritecond_entry *p, rewrite_ctx *ctx)
3415 char *input = do_expand(p->input, ctx);
3417 request_rec *rsub, *r = ctx->r;
3418 regmatch_t regmatch[AP_MAX_REG_MATCH];
3422 case CONDPAT_FILE_EXISTS:
3423 if ( apr_stat(&sb, input, APR_FINFO_MIN, r->pool) == APR_SUCCESS
3424 && sb.filetype == APR_REG) {
3429 case CONDPAT_FILE_SIZE:
3430 if ( apr_stat(&sb, input, APR_FINFO_MIN, r->pool) == APR_SUCCESS
3431 && sb.filetype == APR_REG && sb.size > 0) {
3436 case CONDPAT_FILE_LINK:
3438 if ( apr_stat(&sb, input, APR_FINFO_MIN | APR_FINFO_LINK,
3439 r->pool) == APR_SUCCESS
3440 && sb.filetype == APR_LNK) {
3446 case CONDPAT_FILE_DIR:
3447 if ( apr_stat(&sb, input, APR_FINFO_MIN, r->pool) == APR_SUCCESS
3448 && sb.filetype == APR_DIR) {
3453 case CONDPAT_FILE_XBIT:
3454 if ( apr_stat(&sb, input, APR_FINFO_PROT, r->pool) == APR_SUCCESS
3455 && (sb.protection & (APR_UEXECUTE | APR_GEXECUTE | APR_WEXECUTE))) {
3460 case CONDPAT_LU_URL:
3461 if (*input && subreq_ok(r)) {
3462 rsub = ap_sub_req_lookup_uri(input, r, NULL);
3463 if (rsub->status < 400) {
3466 rewritelog((r, 5, NULL, "RewriteCond URI (-U) check: "
3467 "path=%s -> status=%d", input, rsub->status));
3468 ap_destroy_sub_req(rsub);
3472 case CONDPAT_LU_FILE:
3473 if (*input && subreq_ok(r)) {
3474 rsub = ap_sub_req_lookup_file(input, r, NULL);
3475 if (rsub->status < 300 &&
3476 /* double-check that file exists since default result is 200 */
3477 apr_stat(&sb, rsub->filename, APR_FINFO_MIN,
3478 r->pool) == APR_SUCCESS) {
3481 rewritelog((r, 5, NULL, "RewriteCond file (-F) check: path=%s "
3482 "-> file=%s status=%d", input, rsub->filename,
3484 ap_destroy_sub_req(rsub);
3488 case CONDPAT_STR_GT:
3489 rc = (compare_lexicography(input, p->pattern+1) == 1) ? 1 : 0;
3492 case CONDPAT_STR_LT:
3493 rc = (compare_lexicography(input, p->pattern+1) == -1) ? 1 : 0;
3496 case CONDPAT_STR_EQ:
3497 if (p->flags & CONDFLAG_NOCASE) {
3498 rc = !strcasecmp(input, p->pattern);
3501 rc = !strcmp(input, p->pattern);
3506 /* it is really a regexp pattern, so apply it */
3507 rc = !ap_regexec(p->regexp, input, AP_MAX_REG_MATCH, regmatch, 0);
3509 /* update briRC backref info */
3510 if (rc && !(p->flags & CONDFLAG_NOTMATCH)) {
3511 ctx->briRC.source = input;
3512 ctx->briRC.nsub = p->regexp->re_nsub;
3513 memcpy(ctx->briRC.regmatch, regmatch, sizeof(regmatch));
3518 if (p->flags & CONDFLAG_NOTMATCH) {
3522 rewritelog((r, 4, ctx->perdir, "RewriteCond: input='%s' pattern='%s%s%s'%s "
3523 "=> %s", input, (p->flags & CONDFLAG_NOTMATCH) ? "!" : "",
3524 (p->ptype == CONDPAT_STR_EQ) ? "=" : "", p->pattern,
3525 (p->flags & CONDFLAG_NOCASE) ? " [NC]" : "",
3526 rc ? "matched" : "not-matched"));
3531 /* check for forced type and handler */
3532 static APR_INLINE void force_type_handler(rewriterule_entry *p,
3537 if (p->forced_mimetype) {
3538 expanded = do_expand(p->forced_mimetype, ctx);
3541 ap_str_tolower(expanded);
3543 rewritelog((ctx->r, 2, ctx->perdir, "remember %s to have MIME-type "
3544 "'%s'", ctx->r->filename, expanded));
3546 apr_table_setn(ctx->r->notes, REWRITE_FORCED_MIMETYPE_NOTEVAR,
3551 if (p->forced_handler) {
3552 expanded = do_expand(p->forced_handler, ctx);
3555 ap_str_tolower(expanded);
3557 rewritelog((ctx->r, 2, ctx->perdir, "remember %s to have "
3558 "Content-handler '%s'", ctx->r->filename, expanded));
3560 apr_table_setn(ctx->r->notes, REWRITE_FORCED_HANDLER_NOTEVAR,
3567 * Apply a single RewriteRule
3569 static int apply_rewrite_rule(rewriterule_entry *p, rewrite_ctx *ctx)
3571 regmatch_t regmatch[AP_MAX_REG_MATCH];
3572 apr_array_header_t *rewriteconds;
3573 rewritecond_entry *conds;
3575 char *newuri = NULL;
3576 request_rec *r = ctx->r;
3578 ctx->uri = r->filename;
3581 apr_size_t dirlen = strlen(ctx->perdir);
3583 /* Since we want to match against the (so called) full URL, we have
3584 * to re-add the PATH_INFO postfix
3586 if (r->path_info && *r->path_info) {
3587 rewritelog((r, 3, ctx->perdir, "add path info postfix: %s -> %s%s",
3588 ctx->uri, ctx->uri, r->path_info));
3589 ctx->uri = apr_pstrcat(r->pool, ctx->uri, r->path_info, NULL);
3592 /* Additionally we strip the physical path from the url to match
3593 * it independent from the underlaying filesystem.
3595 if (strlen(ctx->uri) >= dirlen &&
3596 !strncmp(ctx->uri, ctx->perdir, dirlen)) {
3598 rewritelog((r, 3, ctx->perdir, "strip per-dir prefix: %s -> %s",
3599 ctx->uri, ctx->uri + dirlen));
3600 ctx->uri = ctx->uri + dirlen;
3604 /* Try to match the URI against the RewriteRule pattern
3605 * and exit immediately if it didn't apply.
3607 rewritelog((r, 3, ctx->perdir, "applying pattern '%s' to uri '%s'",
3608 p->pattern, ctx->uri));
3610 rc = !ap_regexec(p->regexp, ctx->uri, AP_MAX_REG_MATCH, regmatch, 0);
3611 if (! (( rc && !(p->flags & RULEFLAG_NOTMATCH)) ||
3612 (!rc && (p->flags & RULEFLAG_NOTMATCH)) ) ) {
3616 /* It matched, wow! Now it's time to prepare the context structure for
3617 * further processing
3619 ctx->vary_this = NULL;
3620 ctx->briRC.source = NULL;
3622 if (p->flags & RULEFLAG_NOTMATCH) {
3623 ctx->briRR.source = NULL;
3626 ctx->briRR.source = apr_pstrdup(r->pool, ctx->uri);
3627 ctx->briRR.nsub = p->regexp->re_nsub;
3628 memcpy(ctx->briRR.regmatch, regmatch, sizeof(regmatch));
3631 /* Ok, we already know the pattern has matched, but we now
3632 * additionally have to check for all existing preconditions
3633 * (RewriteCond) which have to be also true. We do this at
3634 * this very late stage to avoid unnessesary checks which
3635 * would slow down the rewriting engine.
3637 rewriteconds = p->rewriteconds;
3638 conds = (rewritecond_entry *)rewriteconds->elts;
3640 for (i = 0; i < rewriteconds->nelts; ++i) {
3641 rewritecond_entry *c = &conds[i];
3643 rc = apply_rewrite_cond(c, ctx);
3644 if (c->flags & CONDFLAG_ORNEXT) {
3646 /* One condition is false, but another can be still true. */
3647 ctx->vary_this = NULL;
3651 /* skip the rest of the chained OR conditions */
3652 while ( i < rewriteconds->nelts
3653 && c->flags & CONDFLAG_ORNEXT) {
3663 /* If some HTTP header was involved in the condition, remember it
3666 if (ctx->vary_this) {
3667 ctx->vary = ctx->vary
3668 ? apr_pstrcat(r->pool, ctx->vary, ", ", ctx->vary_this,
3671 ctx->vary_this = NULL;
3675 /* expand the result */
3676 if (!(p->flags & RULEFLAG_NOSUB)) {
3677 newuri = do_expand(p->output, ctx);
3678 rewritelog((r, 2, ctx->perdir, "rewrite '%s' -> '%s'", ctx->uri,
3682 /* expand [E=var:val] and [CO=<cookie>] */
3683 do_expand_env(p->env, ctx);
3684 do_expand_cookie(p->cookie, ctx);
3686 /* non-substitution rules ('RewriteRule <pat> -') end here. */
3687 if (p->flags & RULEFLAG_NOSUB) {
3688 force_type_handler(p, ctx);
3690 if (p->flags & RULEFLAG_STATUS) {
3691 rewritelog((r, 2, ctx->perdir, "forcing responsecode %d for %s",
3692 p->forced_responsecode, r->filename));
3694 r->status = p->forced_responsecode;
3700 /* Now adjust API's knowledge about r->filename and r->args */
3701 r->filename = newuri;
3702 splitout_queryargs(r, p->flags & RULEFLAG_QSAPPEND);
3704 /* Add the previously stripped per-directory location prefix, unless
3705 * (1) it's an absolute URL path and
3706 * (2) it's a full qualified URL
3708 if (ctx->perdir && *r->filename != '/' && !is_absolute_uri(r->filename)) {
3709 rewritelog((r, 3, ctx->perdir, "add per-dir prefix: %s -> %s%s",
3710 r->filename, ctx->perdir, r->filename));
3712 r->filename = apr_pstrcat(r->pool, ctx->perdir, r->filename, NULL);
3715 /* If this rule is forced for proxy throughput
3716 * (`RewriteRule ... ... [P]') then emulate mod_proxy's
3717 * URL-to-filename handler to be sure mod_proxy is triggered
3718 * for this URL later in the Apache API. But make sure it is
3719 * a fully-qualified URL. (If not it is qualified with
3722 if (p->flags & RULEFLAG_PROXY) {
3723 fully_qualify_uri(r);
3725 rewritelog((r, 2, ctx->perdir, "forcing proxy-throughput with %s",
3728 r->filename = apr_pstrcat(r->pool, "proxy:", r->filename, NULL);
3732 /* If this rule is explicitly forced for HTTP redirection
3733 * (`RewriteRule .. .. [R]') then force an external HTTP
3734 * redirect. But make sure it is a fully-qualified URL. (If
3735 * not it is qualified with ourself).
3737 if (p->flags & RULEFLAG_FORCEREDIRECT) {
3738 fully_qualify_uri(r);
3740 rewritelog((r, 2, ctx->perdir, "explicitly forcing redirect with %s",
3743 r->status = p->forced_responsecode;
3747 /* Special Rewriting Feature: Self-Reduction
3748 * We reduce the URL by stripping a possible
3749 * http[s]://<ourhost>[:<port>] prefix, i.e. a prefix which
3750 * corresponds to ourself. This is to simplify rewrite maps
3751 * and to avoid recursion, etc. When this prefix is not a
3752 * coincidence then the user has to use [R] explicitly (see
3757 /* If this rule is still implicitly forced for HTTP
3758 * redirection (`RewriteRule .. <scheme>://...') then
3759 * directly force an external HTTP redirect.
3761 if (is_absolute_uri(r->filename)) {
3762 rewritelog((r, 2, ctx->perdir, "implicitly forcing redirect (rc=%d) "
3763 "with %s", p->forced_responsecode, r->filename));
3765 r->status = p->forced_responsecode;
3769 /* Finally remember the forced mime-type */
3770 force_type_handler(p, ctx);
3772 /* Puuhhhhhhhh... WHAT COMPLICATED STUFF ;_)
3773 * But now we're done for this particular rule.
3779 * Apply a complete rule set,
3780 * i.e. a list of rewrite rules
3782 static int apply_rewrite_list(request_rec *r, apr_array_header_t *rewriterules,
3785 rewriterule_entry *entries;
3786 rewriterule_entry *p;
3793 ctx = apr_palloc(r->pool, sizeof(*ctx));
3794 ctx->perdir = perdir;
3798 * Iterate over all existing rules
3800 entries = (rewriterule_entry *)rewriterules->elts;
3803 for (i = 0; i < rewriterules->nelts; i++) {
3807 * Ignore this rule on subrequests if we are explicitly
3808 * asked to do so or this is a proxy-throughput or a
3809 * forced redirect rule.
3811 if (r->main != NULL &&
3812 (p->flags & RULEFLAG_IGNOREONSUBREQ ||
3813 p->flags & RULEFLAG_FORCEREDIRECT )) {
3818 * Apply the current rule.
3821 rc = apply_rewrite_rule(p, ctx);
3824 /* Regardless of what we do next, we've found a match. Check to see
3825 * if any of the request header fields were involved, and add them
3826 * to the Vary field of the response.
3829 apr_table_merge(r->headers_out, "Vary", ctx->vary);
3833 * The rule sets the response code (implies match-only)
3835 if (p->flags & RULEFLAG_STATUS) {
3836 return ACTION_STATUS;
3840 * Indicate a change if this was not a match-only rule.
3843 changed = ((p->flags & RULEFLAG_NOESCAPE)
3844 ? ACTION_NOESCAPE : ACTION_NORMAL);
3848 * Pass-Through Feature (`RewriteRule .. .. [PT]'):
3849 * Because the Apache 1.x API is very limited we
3850 * need this hack to pass the rewritten URL to other
3851 * modules like mod_alias, mod_userdir, etc.
3853 if (p->flags & RULEFLAG_PASSTHROUGH) {
3854 rewritelog((r, 2, perdir, "forcing '%s' to get passed through "
3855 "to next API URI-to-filename handler", r->filename));
3856 r->filename = apr_pstrcat(r->pool, "passthrough:",
3858 changed = ACTION_NORMAL;
3863 * Stop processing also on proxy pass-through and
3864 * last-rule and new-round flags.
3866 if (p->flags & (RULEFLAG_PROXY | RULEFLAG_LASTRULE)) {
3871 * On "new-round" flag we just start from the top of
3872 * the rewriting ruleset again.
3874 if (p->flags & RULEFLAG_NEWROUND) {
3879 * If we are forced to skip N next rules, do it now.
3883 while ( i < rewriterules->nelts
3893 * If current rule is chained with next rule(s),
3894 * skip all this next rule(s)
3896 while ( i < rewriterules->nelts
3897 && p->flags & RULEFLAG_CHAIN) {
3908 * +-------------------------------------------------------+
3910 * | Module Initialization Hooks
3912 * +-------------------------------------------------------+
3915 static int pre_config(apr_pool_t *pconf,
3919 APR_OPTIONAL_FN_TYPE(ap_register_rewrite_mapfunc) *map_pfn_register;
3921 /* register int: rewritemap handlers */
3922 mapfunc_hash = apr_hash_make(pconf);
3923 map_pfn_register = APR_RETRIEVE_OPTIONAL_FN(ap_register_rewrite_mapfunc);
3924 if (map_pfn_register) {
3925 map_pfn_register("tolower", rewrite_mapfunc_tolower);
3926 map_pfn_register("toupper", rewrite_mapfunc_toupper);
3927 map_pfn_register("escape", rewrite_mapfunc_escape);
3928 map_pfn_register("unescape", rewrite_mapfunc_unescape);
3933 static int post_config(apr_pool_t *p,
3941 const char *userdata_key = "rewrite_init_module";
3943 apr_pool_userdata_get(&data, userdata_key, s->process->pool);
3946 apr_pool_userdata_set((const void *)1, userdata_key,
3947 apr_pool_cleanup_null, s->process->pool);
3950 /* check if proxy module is available */
3951 proxy_available = (ap_find_linked_module("mod_proxy.c") != NULL);
3953 #ifndef REWRITELOG_DISABLED
3954 /* create the rewriting lockfiles in the parent */
3955 if ((rv = apr_global_mutex_create(&rewrite_log_lock, NULL,
3956 APR_LOCK_DEFAULT, p)) != APR_SUCCESS) {
3957 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
3958 "mod_rewrite: could not create rewrite_log_lock");
3959 return HTTP_INTERNAL_SERVER_ERROR;
3962 #ifdef MOD_REWRITE_SET_MUTEX_PERMS
3963 rv = unixd_set_global_mutex_perms(rewrite_log_lock);
3964 if (rv != APR_SUCCESS) {
3965 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
3966 "mod_rewrite: Could not set permissions on "
3967 "rewrite_log_lock; check User and Group directives");
3968 return HTTP_INTERNAL_SERVER_ERROR;
3971 #endif /* rewritelog */
3973 rv = rewritelock_create(s, p);
3974 if (rv != APR_SUCCESS) {
3975 return HTTP_INTERNAL_SERVER_ERROR;
3978 apr_pool_cleanup_register(p, (void *)s, rewritelock_remove,
3979 apr_pool_cleanup_null);
3981 /* step through the servers and
3982 * - open each rewriting logfile
3983 * - open the RewriteMap prg:xxx programs
3985 for (; s; s = s->next) {
3986 #ifndef REWRITELOG_DISABLED
3987 if (!open_rewritelog(s, p)) {
3988 return HTTP_INTERNAL_SERVER_ERROR;
3993 if (run_rewritemap_programs(s, p) != APR_SUCCESS) {
3994 return HTTP_INTERNAL_SERVER_ERROR;
4002 static void init_child(apr_pool_t *p, server_rec *s)
4004 apr_status_t rv = 0; /* get a rid of gcc warning (REWRITELOG_DISABLED) */
4006 if (lockname != NULL && *(lockname) != '\0') {
4007 rv = apr_global_mutex_child_init(&rewrite_mapr_lock_acquire,
4009 if (rv != APR_SUCCESS) {
4010 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
4011 "mod_rewrite: could not init rewrite_mapr_lock_acquire"
4016 #ifndef REWRITELOG_DISABLED
4017 rv = apr_global_mutex_child_init(&rewrite_log_lock, NULL, p);
4018 if (rv != APR_SUCCESS) {
4019 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
4020 "mod_rewrite: could not init rewrite log lock in child");
4024 /* create the lookup cache */
4025 if (!init_cache(p)) {
4026 ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s,
4027 "mod_rewrite: could not init map cache in child");
4033 * +-------------------------------------------------------+
4037 * +-------------------------------------------------------+
4041 * URI-to-filename hook
4042 * [deals with RewriteRules in server context]
4044 static int hook_uri2file(request_rec *r)
4046 rewrite_server_conf *conf;
4047 const char *saved_rulestatus;
4049 const char *thisserver;
4051 const char *thisurl;
4056 * retrieve the config structures
4058 conf = ap_get_module_config(r->server->module_config, &rewrite_module);
4061 * only do something under runtime if the engine is really enabled,
4062 * else return immediately!
4064 if (conf->state == ENGINE_DISABLED) {
4069 * check for the ugly API case of a virtual host section where no
4070 * mod_rewrite directives exists. In this situation we became no chance
4071 * by the API to setup our default per-server config so we have to
4072 * on-the-fly assume we have the default config. But because the default
4073 * config has a disabled rewriting engine we are lucky because can
4074 * just stop operating now.
4076 if (conf->server != r->server) {
4081 * add the SCRIPT_URL variable to the env. this is a bit complicated
4082 * due to the fact that apache uses subrequests and internal redirects
4085 if (r->main == NULL) {
4086 var = apr_table_get(r->subprocess_env, REDIRECT_ENVVAR_SCRIPT_URL);
4088 apr_table_setn(r->subprocess_env, ENVVAR_SCRIPT_URL, r->uri);
4091 apr_table_setn(r->subprocess_env, ENVVAR_SCRIPT_URL, var);
4095 var = apr_table_get(r->main->subprocess_env, ENVVAR_SCRIPT_URL);
4096 apr_table_setn(r->subprocess_env, ENVVAR_SCRIPT_URL, var);
4100 * create the SCRIPT_URI variable for the env
4103 /* add the canonical URI of this URL */
4104 thisserver = ap_get_server_name(r);
4105 port = ap_get_server_port(r);
4106 if (ap_is_default_port(port, r)) {
4110 thisport = apr_psprintf(r->pool, ":%u", port);
4112 thisurl = apr_table_get(r->subprocess_env, ENVVAR_SCRIPT_URL);
4114 /* set the variable */
4115 var = apr_pstrcat(r->pool, ap_http_method(r), "://", thisserver, thisport,
4117 apr_table_setn(r->subprocess_env, ENVVAR_SCRIPT_URI, var);
4119 if (!(saved_rulestatus = apr_table_get(r->notes,"mod_rewrite_rewritten"))) {
4120 /* if filename was not initially set,
4121 * we start with the requested URI
4123 if (r->filename == NULL) {
4124 r->filename = apr_pstrdup(r->pool, r->uri);
4125 rewritelog((r, 2, NULL, "init rewrite engine with requested uri %s",
4129 rewritelog((r, 2, NULL, "init rewrite engine with passed filename "
4130 "%s. Original uri = %s", r->filename, r->uri));
4134 * now apply the rules ...
4136 rulestatus = apply_rewrite_list(r, conf->rewriterules, NULL);
4137 apr_table_set(r->notes,"mod_rewrite_rewritten",
4138 apr_psprintf(r->pool,"%d",rulestatus));
4141 rewritelog((r, 2, NULL, "uri already rewritten. Status %s, Uri %s, "
4142 "r->filename %s", saved_rulestatus, r->uri, r->filename));
4144 rulestatus = atoi(saved_rulestatus);
4151 if (ACTION_STATUS == rulestatus) {
4154 r->status = HTTP_OK;
4158 flen = strlen(r->filename);
4159 if (flen > 6 && strncmp(r->filename, "proxy:", 6) == 0) {
4160 /* it should be go on as an internal proxy request */
4162 /* check if the proxy module is enabled, so
4163 * we can actually use it!
4165 if (!proxy_available) {
4166 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
4167 "attempt to make remote request from mod_rewrite "
4168 "without proxy enabled: %s", r->filename);
4169 return HTTP_FORBIDDEN;
4172 /* make sure the QUERY_STRING and
4173 * PATH_INFO parts get incorporated
4175 if (r->path_info != NULL) {
4176 r->filename = apr_pstrcat(r->pool, r->filename,
4177 r->path_info, NULL);
4179 if (r->args != NULL &&
4180 r->uri == r->unparsed_uri) {
4181 /* see proxy_http:proxy_http_canon() */
4182 r->filename = apr_pstrcat(r->pool, r->filename,
4183 "?", r->args, NULL);
4186 /* now make sure the request gets handled by the proxy handler */
4187 r->proxyreq = PROXYREQ_REVERSE;
4188 r->handler = "proxy-server";
4190 rewritelog((r, 1, NULL, "go-ahead with proxy request %s [OK]",
4194 else if ((skip = is_absolute_uri(r->filename)) > 0) {
4197 /* it was finally rewritten to a remote URL */
4199 if (rulestatus != ACTION_NOESCAPE) {
4200 rewritelog((r, 1, NULL, "escaping %s for redirect",
4202 r->filename = escape_absolute_uri(r->pool, r->filename, skip);
4205 /* append the QUERY_STRING part */
4207 r->filename = apr_pstrcat(r->pool, r->filename, "?",
4208 (rulestatus == ACTION_NOESCAPE)
4210 : ap_escape_uri(r->pool, r->args),
4214 /* determine HTTP redirect response code */
4215 if (ap_is_HTTP_REDIRECT(r->status)) {
4217 r->status = HTTP_OK; /* make Apache kernel happy */
4220 n = HTTP_MOVED_TEMPORARILY;
4223 /* now do the redirection */
4224 apr_table_setn(r->headers_out, "Location", r->filename);
4225 rewritelog((r, 1, NULL, "redirect to %s [REDIRECT/%d]", r->filename,
4230 else if (flen > 12 && strncmp(r->filename, "passthrough:", 12) == 0) {
4232 * Hack because of underpowered API: passing the current
4233 * rewritten filename through to other URL-to-filename handlers
4234 * just as it were the requested URL. This is to enable
4235 * post-processing by mod_alias, etc. which always act on
4236 * r->uri! The difference here is: We do not try to
4237 * add the document root
4239 r->uri = apr_pstrdup(r->pool, r->filename+12);
4243 /* it was finally rewritten to a local path */
4245 /* expand "/~user" prefix */
4247 r->filename = expand_tildepaths(r, r->filename);
4249 rewritelog((r, 2, NULL, "local path result: %s", r->filename));
4251 /* the filename must be either an absolute local path or an
4252 * absolute local URL.
4254 if ( *r->filename != '/'
4255 && !ap_os_is_path_absolute(r->pool, r->filename)) {
4256 return HTTP_BAD_REQUEST;
4259 /* if there is no valid prefix, we call
4260 * the translator from the core and
4261 * prefix the filename with document_root
4264 * We cannot leave out the prefix_stat because
4265 * - when we always prefix with document_root
4266 * then no absolute path can be created, e.g. via
4267 * emulating a ScriptAlias directive, etc.
4268 * - when we always NOT prefix with document_root
4269 * then the files under document_root have to
4270 * be references directly and document_root
4271 * gets never used and will be a dummy parameter -
4275 * Under real Unix systems this is no problem,
4276 * because we only do stat() on the first directory
4277 * and this gets cached by the kernel for along time!
4279 if (!prefix_stat(r->filename, r->pool)) {
4283 r->uri = r->filename;
4284 res = ap_core_translate(r);
4288 rewritelog((r, 1, NULL, "prefixing with document_root of %s"
4289 " FAILED", r->filename));
4294 rewritelog((r, 2, NULL, "prefixed with document_root to %s",
4298 rewritelog((r, 1, NULL, "go-ahead with %s [OK]", r->filename));
4303 rewritelog((r, 1, NULL, "pass through %s", r->filename));
4310 * [RewriteRules in directory context]
4312 static int hook_fixup(request_rec *r)
4314 rewrite_perdir_conf *dconf;
4323 dconf = (rewrite_perdir_conf *)ap_get_module_config(r->per_dir_config,
4326 /* if there is no per-dir config we return immediately */
4327 if (dconf == NULL) {
4331 /* if there are no real (i.e. no RewriteRule directives!)
4332 per-dir config of us, we return also immediately */
4333 if (dconf->directory == NULL) {
4338 * .htaccess file is called before really entering the directory, i.e.:
4339 * URL: http://localhost/foo and .htaccess is located in foo directory
4340 * Ignore such attempts, since they may lead to undefined behaviour.
4342 l = strlen(dconf->directory) - 1;
4343 if (r->filename && strlen(r->filename) == l &&
4344 (dconf->directory)[l] == '/' &&
4345 !strncmp(r->filename, dconf->directory, l)) {
4350 * only do something under runtime if the engine is really enabled,
4351 * for this directory, else return immediately!
4353 if (dconf->state == ENGINE_DISABLED) {
4358 * Do the Options check after engine check, so
4359 * the user is able to explicitely turn RewriteEngine Off.
4361 if (!(ap_allow_options(r) & (OPT_SYM_LINKS | OPT_SYM_OWNER))) {
4362 /* FollowSymLinks is mandatory! */
4363 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
4364 "Options FollowSymLinks or SymLinksIfOwnerMatch is off "
4365 "which implies that RewriteRule directive is forbidden: "
4367 return HTTP_FORBIDDEN;
4371 * remember the current filename before rewriting for later check
4372 * to prevent deadlooping because of internal redirects
4373 * on final URL/filename which can be equal to the inital one.
4375 ofilename = r->filename;
4378 * now apply the rules ...
4380 rulestatus = apply_rewrite_list(r, dconf->rewriterules, dconf->directory);
4384 if (ACTION_STATUS == rulestatus) {
4387 r->status = HTTP_OK;
4391 l = strlen(r->filename);
4392 if (l > 6 && strncmp(r->filename, "proxy:", 6) == 0) {
4393 /* it should go on as an internal proxy request */
4395 /* make sure the QUERY_STRING and
4396 * PATH_INFO parts get incorporated
4397 * (r->path_info was already appended by the
4398 * rewriting engine because of the per-dir context!)
4400 if (r->args != NULL) {
4401 r->filename = apr_pstrcat(r->pool, r->filename,
4402 "?", r->args, NULL);
4405 /* now make sure the request gets handled by the proxy handler */
4406 r->proxyreq = PROXYREQ_REVERSE;
4407 r->handler = "proxy-server";
4409 rewritelog((r, 1, dconf->directory, "go-ahead with proxy request "
4410 "%s [OK]", r->filename));
4413 else if ((skip = is_absolute_uri(r->filename)) > 0) {
4414 /* it was finally rewritten to a remote URL */
4416 /* because we are in a per-dir context
4417 * first try to replace the directory with its base-URL
4418 * if there is a base-URL available
4420 if (dconf->baseurl != NULL) {
4421 /* skip 'scheme://' */
4422 cp = r->filename + skip;
4424 if ((cp = ap_strchr(cp, '/')) != NULL && *(++cp)) {
4425 rewritelog((r, 2, dconf->directory,
4426 "trying to replace prefix %s with %s",
4427 dconf->directory, dconf->baseurl));
4429 /* I think, that hack needs an explanation:
4431 * mod_rewrite was written for unix systems, were
4432 * absolute file-system paths start with a slash.
4433 * URL-paths _also_ start with slashes, so they
4434 * can be easily compared with system paths.
4436 * the following assumes, that the actual url-path
4437 * may be prefixed by the current directory path and
4438 * tries to replace the system path with the RewriteBase
4440 * That assumption is true if we use a RewriteRule like
4442 * RewriteRule ^foo bar [R]
4444 * (see apply_rewrite_rule function)
4445 * However on systems that don't have a / as system
4446 * root this will never match, so we skip the / after the
4447 * hostname and compare/substitute only the stuff after it.
4449 * (note that cp was already increased to the right value)
4451 cp2 = subst_prefix_path(r, cp, (*dconf->directory == '/')
4452 ? dconf->directory + 1
4454 dconf->baseurl + 1);
4455 if (strcmp(cp2, cp) != 0) {
4457 r->filename = apr_pstrcat(r->pool, r->filename,
4463 /* now prepare the redirect... */
4464 if (rulestatus != ACTION_NOESCAPE) {
4465 rewritelog((r, 1, dconf->directory, "escaping %s for redirect",
4467 r->filename = escape_absolute_uri(r->pool, r->filename, skip);
4470 /* append the QUERY_STRING part */
4472 r->filename = apr_pstrcat(r->pool, r->filename, "?",
4473 (rulestatus == ACTION_NOESCAPE)
4475 : ap_escape_uri(r->pool, r->args),
4479 /* determine HTTP redirect response code */
4480 if (ap_is_HTTP_REDIRECT(r->status)) {
4482 r->status = HTTP_OK; /* make Apache kernel happy */
4485 n = HTTP_MOVED_TEMPORARILY;
4488 /* now do the redirection */
4489 apr_table_setn(r->headers_out, "Location", r->filename);
4490 rewritelog((r, 1, dconf->directory, "redirect to %s [REDIRECT/%d]",
4495 /* it was finally rewritten to a local path */
4497 /* if someone used the PASSTHROUGH flag in per-dir
4498 * context we just ignore it. It is only useful
4499 * in per-server context
4501 if (l > 12 && strncmp(r->filename, "passthrough:", 12) == 0) {
4502 r->filename = apr_pstrdup(r->pool, r->filename+12);
4505 /* the filename must be either an absolute local path or an
4506 * absolute local URL.
4508 if ( *r->filename != '/'
4509 && !ap_os_is_path_absolute(r->pool, r->filename)) {
4510 return HTTP_BAD_REQUEST;
4513 /* Check for deadlooping:
4514 * At this point we KNOW that at least one rewriting
4515 * rule was applied, but when the resulting URL is
4516 * the same as the initial URL, we are not allowed to
4517 * use the following internal redirection stuff because
4518 * this would lead to a deadloop.
4520 if (strcmp(r->filename, ofilename) == 0) {
4521 rewritelog((r, 1, dconf->directory, "initial URL equal rewritten"
4522 " URL: %s [IGNORING REWRITE]", r->filename));
4526 /* if there is a valid base-URL then substitute
4527 * the per-dir prefix with this base-URL if the
4528 * current filename still is inside this per-dir
4529 * context. If not then treat the result as a
4532 if (dconf->baseurl != NULL) {
4533 rewritelog((r, 2, dconf->directory, "trying to replace prefix "
4534 "%s with %s", dconf->directory, dconf->baseurl));
4536 r->filename = subst_prefix_path(r, r->filename,
4541 /* if no explicit base-URL exists we assume
4542 * that the directory prefix is also a valid URL
4543 * for this webserver and only try to remove the
4544 * document_root if it is prefix
4546 if ((ccp = ap_document_root(r)) != NULL) {
4547 /* strip trailing slash */
4549 if (ccp[l-1] == '/') {
4552 if (!strncmp(r->filename, ccp, l) &&
4553 r->filename[l] == '/') {
4554 rewritelog((r, 2,dconf->directory, "strip document_root"
4555 " prefix: %s -> %s", r->filename,
4558 r->filename = apr_pstrdup(r->pool, r->filename+l);
4563 /* now initiate the internal redirect */
4564 rewritelog((r, 1, dconf->directory, "internal redirect with %s "
4565 "[INTERNAL REDIRECT]", r->filename));
4566 r->filename = apr_pstrcat(r->pool, "redirect:", r->filename, NULL);
4567 r->handler = "redirect-handler";
4572 rewritelog((r, 1, dconf->directory, "pass through %s", r->filename));
4579 * [T=...,H=...] execution
4581 static int hook_mimetype(request_rec *r)
4586 t = apr_table_get(r->notes, REWRITE_FORCED_MIMETYPE_NOTEVAR);
4588 rewritelog((r, 1, NULL, "force filename %s to have MIME-type '%s'",
4591 ap_set_content_type(r, t);
4595 t = apr_table_get(r->notes, REWRITE_FORCED_HANDLER_NOTEVAR);
4597 rewritelog((r, 1, NULL, "force filename %s to have the "
4598 "Content-handler '%s'", r->filename, t));
4606 /* check whether redirect limit is reached */
4607 static int is_redirect_limit_exceeded(request_rec *r)
4609 request_rec *top = r;
4610 rewrite_request_conf *reqc;
4611 rewrite_perdir_conf *dconf;
4613 /* we store it in the top request */
4621 /* fetch our config */
4622 reqc = (rewrite_request_conf *) ap_get_module_config(top->request_config,
4625 /* no config there? create one. */
4627 rewrite_server_conf *sconf;
4629 reqc = apr_palloc(top->pool, sizeof(rewrite_request_conf));
4630 sconf = ap_get_module_config(r->server->module_config, &rewrite_module);
4632 reqc->redirects = 0;
4633 reqc->redirect_limit = sconf->redirect_limit
4634 ? sconf->redirect_limit
4635 : REWRITE_REDIRECT_LIMIT;
4637 /* associate it with this request */
4638 ap_set_module_config(top->request_config, &rewrite_module, reqc);
4641 /* allow to change the limit during redirects. */
4642 dconf = (rewrite_perdir_conf *)ap_get_module_config(r->per_dir_config,
4645 /* 0 == unset; take server conf ... */
4646 if (dconf->redirect_limit) {
4647 reqc->redirect_limit = dconf->redirect_limit;
4650 ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
4651 "mod_rewrite's internal redirect status: %d/%d.",
4652 reqc->redirects, reqc->redirect_limit);
4654 /* and now give the caller a hint */
4655 return (reqc->redirects++ >= reqc->redirect_limit);
4659 * "content" handler for internal redirects
4661 static int handler_redirect(request_rec *r)
4663 if (strcmp(r->handler, "redirect-handler")) {
4667 /* just make sure that we are really meant! */
4668 if (strncmp(r->filename, "redirect:", 9) != 0) {
4672 if (is_redirect_limit_exceeded(r)) {
4673 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
4674 "mod_rewrite: maximum number of internal redirects "
4675 "reached. Assuming configuration error. Use "
4676 "'RewriteOptions MaxRedirects' to increase the limit "
4678 return HTTP_INTERNAL_SERVER_ERROR;
4681 /* now do the internal redirect */
4682 ap_internal_redirect(apr_pstrcat(r->pool, r->filename+9,
4683 r->args ? "?" : NULL, r->args, NULL), r);
4685 /* and return gracefully */
4691 * +-------------------------------------------------------+
4693 * | Module paraphernalia
4695 * +-------------------------------------------------------+
4698 #ifdef REWRITELOG_DISABLED
4699 static const char *fake_rewritelog(cmd_parms *cmd, void *dummy, const char *a1)
4701 return "RewriteLog and RewriteLogLevel are not supported by this build "
4702 "of mod_rewrite because it was compiled using the "
4703 "-DREWRITELOG_DISABLED compiler option. You have to recompile "
4704 "mod_rewrite WITHOUT this option in order to use the rewrite log.";
4708 static const command_rec command_table[] = {
4709 AP_INIT_FLAG( "RewriteEngine", cmd_rewriteengine, NULL, OR_FILEINFO,
4710 "On or Off to enable or disable (default) the whole "
4711 "rewriting engine"),
4712 AP_INIT_ITERATE( "RewriteOptions", cmd_rewriteoptions, NULL, OR_FILEINFO,
4713 "List of option strings to set"),
4714 AP_INIT_TAKE1( "RewriteBase", cmd_rewritebase, NULL, OR_FILEINFO,
4715 "the base URL of the per-directory context"),
4716 AP_INIT_RAW_ARGS("RewriteCond", cmd_rewritecond, NULL, OR_FILEINFO,
4717 "an input string and a to be applied regexp-pattern"),
4718 AP_INIT_RAW_ARGS("RewriteRule", cmd_rewriterule, NULL, OR_FILEINFO,
4719 "an URL-applied regexp-pattern and a substitution URL"),
4720 AP_INIT_TAKE2( "RewriteMap", cmd_rewritemap, NULL, RSRC_CONF,
4721 "a mapname and a filename"),
4722 AP_INIT_TAKE1( "RewriteLock", cmd_rewritelock, NULL, RSRC_CONF,
4723 "the filename of a lockfile used for inter-process "
4725 #ifndef REWRITELOG_DISABLED
4726 AP_INIT_TAKE1( "RewriteLog", cmd_rewritelog, NULL, RSRC_CONF,
4727 "the filename of the rewriting logfile"),
4728 AP_INIT_TAKE1( "RewriteLogLevel", cmd_rewriteloglevel, NULL, RSRC_CONF,
4729 "the level of the rewriting logfile verbosity "
4730 "(0=none, 1=std, .., 9=max)"),
4732 AP_INIT_TAKE1( "RewriteLog", fake_rewritelog, NULL, RSRC_CONF,
4733 "[DISABLED] the filename of the rewriting logfile"),
4734 AP_INIT_TAKE1( "RewriteLogLevel", fake_rewritelog, NULL, RSRC_CONF,
4735 "[DISABLED] the level of the rewriting logfile verbosity"),
4740 static void ap_register_rewrite_mapfunc(char *name, rewrite_mapfunc_t *func)
4742 apr_hash_set(mapfunc_hash, name, strlen(name), (const void *)func);
4745 static void register_hooks(apr_pool_t *p)
4747 /* fixup after mod_proxy, so that the proxied url will not
4748 * escaped accidentally by mod_proxy's fixup.
4750 static const char * const aszPre[]={ "mod_proxy.c", NULL };
4752 APR_REGISTER_OPTIONAL_FN(ap_register_rewrite_mapfunc);
4754 ap_hook_handler(handler_redirect, NULL, NULL, APR_HOOK_MIDDLE);
4755 ap_hook_pre_config(pre_config, NULL, NULL, APR_HOOK_MIDDLE);
4756 ap_hook_post_config(post_config, NULL, NULL, APR_HOOK_MIDDLE);
4757 ap_hook_child_init(init_child, NULL, NULL, APR_HOOK_MIDDLE);
4759 ap_hook_fixups(hook_fixup, aszPre, NULL, APR_HOOK_FIRST);
4760 ap_hook_fixups(hook_mimetype, NULL, NULL, APR_HOOK_LAST);
4761 ap_hook_translate_name(hook_uri2file, NULL, NULL, APR_HOOK_FIRST);
4764 /* the main config structure */
4765 module AP_MODULE_DECLARE_DATA rewrite_module = {
4766 STANDARD20_MODULE_STUFF,
4767 config_perdir_create, /* create per-dir config structures */
4768 config_perdir_merge, /* merge per-dir config structures */
4769 config_server_create, /* create per-server config structures */
4770 config_server_merge, /* merge per-server config structures */
4771 command_table, /* table of config file commands */
4772 register_hooks /* register hooks */