-/* ====================================================================
- * The Apache Software License, Version 1.1
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
*
- * Copyright (c) 2000-2002 The Apache Software Foundation. All rights
- * reserved.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. The end-user documentation included with the redistribution,
- * if any, must include the following acknowledgment:
- * "This product includes software developed by the
- * Apache Software Foundation (http://www.apache.org/)."
- * Alternately, this acknowledgment may appear in the software itself,
- * if and wherever such third-party acknowledgments normally appear.
- *
- * 4. The names "Apache" and "Apache Software Foundation" must
- * not be used to endorse or promote products derived from this
- * software without prior written permission. For written
- * permission, please contact apache@apache.org.
- *
- * 5. Products derived from this software may not be called "Apache",
- * nor may "Apache" appear in their name, without prior written
- * permission of the Apache Software Foundation.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
- * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- * Portions of this software are based upon public domain software
- * originally written at the National Center for Supercomputing Applications,
- * University of Illinois, Urbana-Champaign.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
*/
#include "apr.h"
#include "http_vhost.h"
#include "http_main.h" /* For the default_handler below... */
#include "http_log.h"
-#include "rfc1413.h"
#include "util_md5.h"
#include "http_connection.h"
#include "apr_buckets.h"
#include "util_filter.h"
#include "util_ebcdic.h"
+#include "util_mutex.h"
#include "mpm.h"
#include "mpm_common.h"
#include "scoreboard.h"
#include "mod_proxy.h"
#include "ap_listen.h"
+#include "mod_so.h" /* for ap_find_loaded_module_symbol */
+
+/* LimitRequestBody handling */
+#define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1)
+#define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 0)
+
/* LimitXMLRequestBody handling */
#define AP_LIMIT_UNSET ((long) -1)
#define AP_DEFAULT_LIMIT_XML_BODY ((size_t)1000000)
#define AP_MIN_SENDFILE_BYTES (256)
+/* maximum include nesting level */
+#ifndef AP_MAX_INCLUDE_DEPTH
+#define AP_MAX_INCLUDE_DEPTH (128)
+#endif
+
APR_HOOK_STRUCT(
APR_HOOK_LINK(get_mgmt_items)
)
AP_DECLARE_DATA ap_filter_rec_t *ap_subreq_core_filter_handle;
AP_DECLARE_DATA ap_filter_rec_t *ap_core_output_filter_handle;
AP_DECLARE_DATA ap_filter_rec_t *ap_content_length_filter_handle;
-AP_DECLARE_DATA ap_filter_rec_t *ap_net_time_filter_handle;
AP_DECLARE_DATA ap_filter_rec_t *ap_core_input_filter_handle;
+/* magic pointer for ErrorDocument xxx "default" */
+static char errordocument_default;
+
static void *create_core_dir_config(apr_pool_t *a, char *dir)
{
core_dir_config *conf;
conf->opts = dir ? OPT_UNSET : OPT_UNSET|OPT_ALL;
conf->opts_add = conf->opts_remove = OPT_NONE;
conf->override = dir ? OR_UNSET : OR_UNSET|OR_ALL;
+ conf->override_opts = OPT_UNSET | OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER
+ | OPT_MULTI;
conf->content_md5 = 2;
conf->accept_path_info = 3;
conf->use_canonical_name = USE_CANONICAL_NAME_UNSET;
+ conf->use_canonical_phys_port = USE_CANONICAL_PHYS_PORT_UNSET;
conf->hostname_lookups = HOSTNAME_LOOKUP_UNSET;
- conf->do_rfc1413 = DEFAULT_RFC1413 | 2; /* set bit 1 to indicate default */
- conf->satisfy = SATISFY_NOSPEC;
#ifdef RLIMIT_CPU
conf->limit_cpu = NULL;
conf->limit_nproc = NULL;
#endif
- conf->limit_req_body = 0;
+ conf->limit_req_body = AP_LIMIT_REQ_BODY_UNSET;
conf->limit_xml_body = AP_LIMIT_UNSET;
conf->sec_file = apr_array_make(a, 2, sizeof(ap_conf_vector_t *));
conf->enable_mmap = ENABLE_MMAP_UNSET;
conf->enable_sendfile = ENABLE_SENDFILE_UNSET;
+ conf->allow_encoded_slashes = 0;
return (void *)conf;
}
/* Create this conf by duplicating the base, replacing elements
* (or creating copies for merging) where new-> values exist.
*/
- conf = (core_dir_config *)apr_palloc(a, sizeof(core_dir_config));
- memcpy(conf, base, sizeof(core_dir_config));
+ conf = (core_dir_config *)apr_pmemdup(a, base, sizeof(core_dir_config));
conf->d = new->d;
conf->d_is_fnmatch = new->d_is_fnmatch;
conf->override = new->override;
}
- if (new->ap_default_type) {
- conf->ap_default_type = new->ap_default_type;
- }
-
- if (new->ap_auth_type) {
- conf->ap_auth_type = new->ap_auth_type;
- }
-
- if (new->ap_auth_name) {
- conf->ap_auth_name = new->ap_auth_name;
+ if (!(new->override_opts & OPT_UNSET)) {
+ conf->override_opts = new->override_opts;
}
- if (new->ap_requires) {
- conf->ap_requires = new->ap_requires;
+ if (new->ap_default_type) {
+ conf->ap_default_type = new->ap_default_type;
}
if (conf->response_code_strings == NULL) {
else if (new->response_code_strings != NULL) {
/* If we merge, the merge-result must have it's own array
*/
- conf->response_code_strings = apr_palloc(a,
+ conf->response_code_strings = apr_pmemdup(a,
+ base->response_code_strings,
sizeof(*conf->response_code_strings) * RESPONSE_CODES);
- memcpy(conf->response_code_strings, base->response_code_strings,
- sizeof(*conf->response_code_strings) * RESPONSE_CODES);
for (i = 0; i < RESPONSE_CODES; ++i) {
if (new->response_code_strings[i] != NULL) {
conf->hostname_lookups = new->hostname_lookups;
}
- if ((new->do_rfc1413 & 2) == 0) {
- conf->do_rfc1413 = new->do_rfc1413;
- }
-
if ((new->content_md5 & 2) == 0) {
conf->content_md5 = new->content_md5;
}
conf->use_canonical_name = new->use_canonical_name;
}
+ if (new->use_canonical_phys_port != USE_CANONICAL_PHYS_PORT_UNSET) {
+ conf->use_canonical_phys_port = new->use_canonical_phys_port;
+ }
+
#ifdef RLIMIT_CPU
if (new->limit_cpu) {
conf->limit_cpu = new->limit_cpu;
}
#endif
- if (new->limit_req_body) {
+ if (new->limit_req_body != AP_LIMIT_REQ_BODY_UNSET) {
conf->limit_req_body = new->limit_req_body;
}
/* Otherwise we simply use the base->sec_file array
*/
- if (new->satisfy != SATISFY_NOSPEC) {
- conf->satisfy = new->satisfy;
- }
-
if (new->server_signature != srv_sig_unset) {
conf->server_signature = new->server_signature;
}
conf->etag_add =
(conf->etag_add & (~ new->etag_remove)) | new->etag_add;
conf->etag_remove =
- (conf->opts_remove & (~ new->etag_add)) | new->etag_remove;
+ (conf->etag_remove & (~ new->etag_add)) | new->etag_remove;
conf->etag_bits =
(conf->etag_bits & (~ conf->etag_remove)) | conf->etag_add;
}
conf->enable_sendfile = new->enable_sendfile;
}
+ conf->allow_encoded_slashes = new->allow_encoded_slashes;
+
return (void*)conf;
}
conf->sec_dir = apr_array_make(a, 40, sizeof(ap_conf_vector_t *));
conf->sec_url = apr_array_make(a, 40, sizeof(ap_conf_vector_t *));
+ /* recursion stopper */
+ conf->redirect_limit = 0; /* 0 == unset */
+ conf->subreq_limit = 0;
+
+ conf->protocol = NULL;
+ conf->accf_map = apr_table_make(a, 5);
+
+#ifdef APR_TCP_DEFER_ACCEPT
+ apr_table_set(conf->accf_map, "http", "data");
+ apr_table_set(conf->accf_map, "https", "data");
+#endif
+
+#if APR_HAS_SO_ACCEPTFILTER
+#ifndef ACCEPT_FILTER_NAME
+#define ACCEPT_FILTER_NAME "httpready"
+#ifdef __FreeBSD_version
+#if __FreeBSD_version < 411000 /* httpready broken before 4.1.1 */
+#undef ACCEPT_FILTER_NAME
+#define ACCEPT_FILTER_NAME "dataready"
+#endif
+#endif
+#endif
+ apr_table_set(conf->accf_map, "http", ACCEPT_FILTER_NAME);
+ apr_table_set(conf->accf_map, "https", "dataready");
+#endif
+
+ conf->trace_enable = AP_TRACE_UNSET;
+
return (void *)conf;
}
core_server_config *virt = (core_server_config *)virtv;
core_server_config *conf;
- conf = (core_server_config *)apr_palloc(p, sizeof(core_server_config));
- memcpy(conf, virt, sizeof(core_server_config));
+ conf = (core_server_config *)apr_pmemdup(p, virt, sizeof(core_server_config));
if (!conf->access_name) {
conf->access_name = base->access_name;
conf->ap_document_root = base->ap_document_root;
}
+ if (!conf->protocol) {
+ conf->protocol = base->protocol;
+ }
+
conf->sec_dir = apr_array_append(p, base->sec_dir, virt->sec_dir);
conf->sec_url = apr_array_append(p, base->sec_url, virt->sec_url);
+ conf->redirect_limit = virt->redirect_limit
+ ? virt->redirect_limit
+ : base->redirect_limit;
+
+ conf->subreq_limit = virt->subreq_limit
+ ? virt->subreq_limit
+ : base->subreq_limit;
+
+ conf->trace_enable = (virt->trace_enable != AP_TRACE_UNSET)
+ ? virt->trace_enable
+ : base->trace_enable;
+
return conf;
}
return conf->override;
}
+/*
+ * Optional function coming from mod_authn_core, used for
+ * retrieving the type of autorization
+ */
+static APR_OPTIONAL_FN_TYPE(authn_ap_auth_type) *authn_ap_auth_type;
+
AP_DECLARE(const char *) ap_auth_type(request_rec *r)
{
- core_dir_config *conf;
-
- conf = (core_dir_config *)ap_get_module_config(r->per_dir_config,
- &core_module);
-
- return conf->ap_auth_type;
+ if (authn_ap_auth_type) {
+ return authn_ap_auth_type(r);
+ }
+ return NULL;
}
+/*
+ * Optional function coming from mod_authn_core, used for
+ * retrieving the authorization realm
+ */
+static APR_OPTIONAL_FN_TYPE(authn_ap_auth_name) *authn_ap_auth_name;
+
AP_DECLARE(const char *) ap_auth_name(request_rec *r)
{
- core_dir_config *conf;
+ if (authn_ap_auth_name) {
+ return authn_ap_auth_name(r);
+ }
+ return NULL;
+}
- conf = (core_dir_config *)ap_get_module_config(r->per_dir_config,
- &core_module);
+/*
+ * Optional function coming from mod_access_compat, used to determine how
+ access control interacts with authentication/authorization
+ */
+static APR_OPTIONAL_FN_TYPE(access_compat_ap_satisfies) *access_compat_ap_satisfies;
- return conf->ap_auth_name;
+AP_DECLARE(int) ap_satisfies(request_rec *r)
+{
+ if (access_compat_ap_satisfies) {
+ return access_compat_ap_satisfies(r);
+ }
+ return SATISFY_NOSPEC;
}
AP_DECLARE(const char *) ap_default_type(request_rec *r)
return conf->ap_document_root;
}
-AP_DECLARE(const apr_array_header_t *) ap_requires(request_rec *r)
-{
- core_dir_config *conf;
-
- conf = (core_dir_config *)ap_get_module_config(r->per_dir_config,
- &core_module);
-
- return conf->ap_requires;
-}
-
-AP_DECLARE(int) ap_satisfies(request_rec *r)
-{
- core_dir_config *conf;
-
- conf = (core_dir_config *)ap_get_module_config(r->per_dir_config,
- &core_module);
-
- return conf->satisfy;
-}
-
/* Should probably just get rid of this... the only code that cares is
* part of the core anyway (and in fact, it isn't publicised to other
* modules).
char *ap_response_code_string(request_rec *r, int error_index)
{
- core_dir_config *conf;
+ core_dir_config *dirconf;
+ core_request_config *reqconf;
- conf = (core_dir_config *)ap_get_module_config(r->per_dir_config,
- &core_module);
+ /* check for string registered via ap_custom_response() first */
+ reqconf = (core_request_config *)ap_get_module_config(r->request_config,
+ &core_module);
+ if (reqconf->response_code_strings != NULL &&
+ reqconf->response_code_strings[error_index] != NULL) {
+ return reqconf->response_code_strings[error_index];
+ }
- if (conf->response_code_strings == NULL) {
+ /* check for string specified via ErrorDocument */
+ dirconf = (core_dir_config *)ap_get_module_config(r->per_dir_config,
+ &core_module);
+
+ if (dirconf->response_code_strings == NULL) {
+ return NULL;
+ }
+
+ if (dirconf->response_code_strings[error_index] == &errordocument_default) {
return NULL;
}
- return conf->response_code_strings[error_index];
+ return dirconf->response_code_strings[error_index];
}
int type, int *str_is_ip)
{
int hostname_lookups;
+ int ignored_str_is_ip;
- if (str_is_ip) { /* if caller wants to know */
- *str_is_ip = 0;
+ if (!str_is_ip) { /* caller doesn't want to know */
+ str_is_ip = &ignored_str_is_ip;
}
+ *str_is_ip = 0;
/* If we haven't checked the host name, and we want to */
if (dir_config) {
return NULL;
}
else {
- if (str_is_ip) { /* if caller wants to know */
- *str_is_ip = 1;
- }
-
+ *str_is_ip = 1;
return conn->remote_ip;
}
}
}
+/*
+ * Optional function coming from mod_ident, used for looking up ident user
+ */
+static APR_OPTIONAL_FN_TYPE(ap_ident_lookup) *ident_lookup;
+
AP_DECLARE(const char *) ap_get_remote_logname(request_rec *r)
{
- core_dir_config *dir_conf;
-
if (r->connection->remote_logname != NULL) {
return r->connection->remote_logname;
}
- /* If we haven't checked the identity, and we want to */
- dir_conf = (core_dir_config *)ap_get_module_config(r->per_dir_config,
- &core_module);
-
- if (dir_conf->do_rfc1413 & 1) {
- return ap_rfc1413(r->connection, r->server);
- }
- else {
- return NULL;
+ if (ident_lookup) {
+ return ident_lookup(r);
}
+
+ return NULL;
}
/* There are two options regarding what the "name" of a server is. The
* "canonical" name as defined by ServerName and Port, or the "client's
- * name" as supplied by a possible Host: header or full URI. We never
- * trust the port passed in the client's headers, we always use the
- * port of the actual socket.
+ * name" as supplied by a possible Host: header or full URI.
*
* The DNS option to UseCanonicalName causes this routine to do a
* reverse lookup on the local IP address of the connection and use
{
conn_rec *conn = r->connection;
core_dir_config *d;
+ const char *retval;
d = (core_dir_config *)ap_get_module_config(r->per_dir_config,
&core_module);
- if (d->use_canonical_name == USE_CANONICAL_NAME_OFF) {
- return r->hostname ? r->hostname : r->server->server_hostname;
- }
-
- if (d->use_canonical_name == USE_CANONICAL_NAME_DNS) {
- if (conn->local_host == NULL) {
- if (apr_getnameinfo(&conn->local_host,
+ switch (d->use_canonical_name) {
+ case USE_CANONICAL_NAME_ON:
+ retval = r->server->server_hostname;
+ break;
+ case USE_CANONICAL_NAME_DNS:
+ if (conn->local_host == NULL) {
+ if (apr_getnameinfo(&conn->local_host,
conn->local_addr, 0) != APR_SUCCESS)
- conn->local_host = apr_pstrdup(conn->pool,
+ conn->local_host = apr_pstrdup(conn->pool,
r->server->server_hostname);
- else {
- ap_str_tolower(conn->local_host);
+ else {
+ ap_str_tolower(conn->local_host);
+ }
}
- }
-
- return conn->local_host;
+ retval = conn->local_host;
+ break;
+ case USE_CANONICAL_NAME_OFF:
+ case USE_CANONICAL_NAME_UNSET:
+ retval = r->hostname ? r->hostname : r->server->server_hostname;
+ break;
+ default:
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+ "ap_get_server_name: Invalid UCN Option somehow");
+ retval = "localhost";
+ break;
}
+ return retval;
+}
+
+/*
+ * Get the current server name from the request for the purposes
+ * of using in a URL. If the server name is an IPv6 literal
+ * address, it will be returned in URL format (e.g., "[fe80::1]").
+ */
+static const char *get_server_name_for_url(request_rec *r)
+{
+ const char *plain_server_name = ap_get_server_name(r);
- /* default */
- return r->server->server_hostname;
+#if APR_HAVE_IPV6
+ if (ap_strchr_c(plain_server_name, ':')) { /* IPv6 literal? */
+ return apr_psprintf(r->pool, "[%s]", plain_server_name);
+ }
+#endif
+ return plain_server_name;
}
AP_DECLARE(apr_port_t) ap_get_server_port(const request_rec *r)
core_dir_config *d =
(core_dir_config *)ap_get_module_config(r->per_dir_config, &core_module);
- if (d->use_canonical_name == USE_CANONICAL_NAME_OFF
- || d->use_canonical_name == USE_CANONICAL_NAME_DNS) {
-
- /* With UseCanonicalName off Apache will form self-referential
- * URLs using the hostname and port supplied by the client if
- * any are supplied (otherwise it will use the canonical name).
- */
- port = r->parsed_uri.port ? r->parsed_uri.port :
- r->server->port ? r->server->port :
- ap_default_port(r);
- }
- else { /* d->use_canonical_name == USE_CANONICAL_NAME_ON */
-
- /* With UseCanonicalName on (and in all versions prior to 1.3)
- * Apache will use the hostname and port specified in the
- * ServerName directive to construct a canonical name for the
- * server. (If no port was specified in the ServerName
- * directive, Apache uses the port supplied by the client if
- * any is supplied, and finally the default port for the protocol
- * used.
- */
- port = r->server->port ? r->server->port :
- r->connection->local_addr->port ? r->connection->local_addr->port :
- ap_default_port(r);
+ switch (d->use_canonical_name) {
+ case USE_CANONICAL_NAME_OFF:
+ case USE_CANONICAL_NAME_DNS:
+ case USE_CANONICAL_NAME_UNSET:
+ if (d->use_canonical_phys_port == USE_CANONICAL_PHYS_PORT_ON)
+ port = r->parsed_uri.port_str ? r->parsed_uri.port :
+ r->connection->local_addr->port ? r->connection->local_addr->port :
+ r->server->port ? r->server->port :
+ ap_default_port(r);
+ else /* USE_CANONICAL_PHYS_PORT_OFF or USE_CANONICAL_PHYS_PORT_UNSET */
+ port = r->parsed_uri.port_str ? r->parsed_uri.port :
+ r->server->port ? r->server->port :
+ ap_default_port(r);
+ break;
+ case USE_CANONICAL_NAME_ON:
+ /* With UseCanonicalName on (and in all versions prior to 1.3)
+ * Apache will use the hostname and port specified in the
+ * ServerName directive to construct a canonical name for the
+ * server. (If no port was specified in the ServerName
+ * directive, Apache uses the port supplied by the client if
+ * any is supplied, and finally the default port for the protocol
+ * used.
+ */
+ if (d->use_canonical_phys_port == USE_CANONICAL_PHYS_PORT_ON)
+ port = r->server->port ? r->server->port :
+ r->connection->local_addr->port ? r->connection->local_addr->port :
+ ap_default_port(r);
+ else /* USE_CANONICAL_PHYS_PORT_OFF or USE_CANONICAL_PHYS_PORT_UNSET */
+ port = r->server->port ? r->server->port :
+ ap_default_port(r);
+ break;
+ default:
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+ "ap_get_server_port: Invalid UCN Option somehow");
+ port = ap_default_port(r);
+ break;
}
- /* default */
return port;
}
request_rec *r)
{
unsigned port = ap_get_server_port(r);
- const char *host = ap_get_server_name(r);
+ const char *host = get_server_name_for_url(r);
if (ap_is_default_port(port, r)) {
- return apr_pstrcat(p, ap_http_method(r), "://", host, uri, NULL);
+ return apr_pstrcat(p, ap_http_scheme(r), "://", host, uri, NULL);
}
- return apr_psprintf(p, "%s://%s:%u%s", ap_http_method(r), host, port, uri);
+ return apr_psprintf(p, "%s://%s:%u%s", ap_http_scheme(r), host, port, uri);
}
AP_DECLARE(apr_off_t) ap_get_limit_req_body(const request_rec *r)
core_dir_config *d =
(core_dir_config *)ap_get_module_config(r->per_dir_config, &core_module);
+ if (d->limit_req_body == AP_LIMIT_REQ_BODY_UNSET) {
+ return AP_DEFAULT_LIMIT_REQ_BODY;
+ }
+
return d->limit_req_body;
}
return NULL;
}
}
-
+
if (((forbidden & NOT_IN_DIRECTORY)
&& ((found = find_parent(cmd->directive, "<Directory"))
|| (found = find_parent(cmd->directive, "<DirectoryMatch"))))
return NULL;
}
+
+static const char *set_define(cmd_parms *cmd, void *dummy,
+ const char *optarg)
+{
+ char **newv;
+
+ const char *err = ap_check_cmd_context(cmd,
+ GLOBAL_ONLY);
+ if (err != NULL) {
+ return err;
+ }
+
+ newv = (char **)apr_array_push(ap_server_config_defines);
+ *newv = apr_pstrdup(cmd->pool, optarg);
+
+ return NULL;
+}
+
#ifdef GPROF
static const char *set_gprof_dir(cmd_parms *cmd, void *dummy, const char *arg)
{
return err;
}
+ /* Make it absolute, relative to ServerRoot */
+ arg = ap_server_root_relative(cmd->pool, arg);
+ if (arg == NULL) {
+ return "DocumentRoot must be a directory";
+ }
+
/* TODO: ap_configtestonly && ap_docrootcheck && */
- /* XXX Shouldn't this be relative to ServerRoot ??? */
if (apr_filepath_merge((char**)&conf->ap_document_root, NULL, arg,
APR_FILEPATH_TRUENAME, cmd->pool) != APR_SUCCESS
|| !ap_is_directory(cmd->pool, arg)) {
AP_DECLARE(void) ap_custom_response(request_rec *r, int status,
const char *string)
{
- core_dir_config *conf =
- ap_get_module_config(r->per_dir_config, &core_module);
+ core_request_config *conf =
+ ap_get_module_config(r->request_config, &core_module);
int idx;
- if(conf->response_code_strings == NULL) {
+ if (conf->response_code_strings == NULL) {
conf->response_code_strings =
apr_pcalloc(r->pool,
sizeof(*conf->response_code_strings) * RESPONSE_CODES);
RESPONSE_CODES);
}
- /* hack. Prefix a " if it is a msg; as that is what
- * http_protocol.c relies on to distinguish between
- * a msg and a (local) path.
- */
- conf->response_code_strings[index_number] = (what == MSG) ?
- apr_pstrcat(cmd->pool, "\"",msg,NULL) :
- apr_pstrdup(cmd->pool, msg);
+ if (strcmp(msg, "default") == 0) {
+ /* special case: ErrorDocument 404 default restores the
+ * canned server error response
+ */
+ conf->response_code_strings[index_number] = &errordocument_default;
+ }
+ else {
+ /* hack. Prefix a " if it is a msg; as that is what
+ * http_protocol.c relies on to distinguish between
+ * a msg and a (local) path.
+ */
+ conf->response_code_strings[index_number] = (what == MSG) ?
+ apr_pstrcat(cmd->pool, "\"",msg,NULL) :
+ apr_pstrdup(cmd->pool, msg);
+ }
+ }
+
+ return NULL;
+}
+
+static const char *set_allow_opts(cmd_parms *cmd, allow_options_t *opts,
+ const char *l)
+{
+ allow_options_t opt;
+ int first = 1;
+
+ char *w, *p = (char *) l;
+ char *tok_state;
+
+ while ((w = apr_strtok(p, ",", &tok_state)) != NULL) {
+
+ if (first) {
+ p = NULL;
+ *opts = OPT_NONE;
+ first = 0;
+ }
+
+ if (!strcasecmp(w, "Indexes")) {
+ opt = OPT_INDEXES;
+ }
+ else if (!strcasecmp(w, "Includes")) {
+ opt = OPT_INCLUDES;
+ }
+ else if (!strcasecmp(w, "IncludesNOEXEC")) {
+ opt = (OPT_INCLUDES | OPT_INCNOEXEC);
+ }
+ else if (!strcasecmp(w, "FollowSymLinks")) {
+ opt = OPT_SYM_LINKS;
+ }
+ else if (!strcasecmp(w, "SymLinksIfOwnerMatch")) {
+ opt = OPT_SYM_OWNER;
+ }
+ else if (!strcasecmp(w, "ExecCGI")) {
+ opt = OPT_EXECCGI;
+ }
+ else if (!strcasecmp(w, "MultiViews")) {
+ opt = OPT_MULTI;
+ }
+ else if (!strcasecmp(w, "RunScripts")) { /* AI backcompat. Yuck */
+ opt = OPT_MULTI|OPT_EXECCGI;
+ }
+ else if (!strcasecmp(w, "None")) {
+ opt = OPT_NONE;
+ }
+ else if (!strcasecmp(w, "All")) {
+ opt = OPT_ALL;
+ }
+ else {
+ return apr_pstrcat(cmd->pool, "Illegal option ", w, NULL);
+ }
+
+ *opts |= opt;
}
+ (*opts) &= (~OPT_UNSET);
+
return NULL;
}
{
core_dir_config *d = d_;
char *w;
+ char *k, *v;
const char *err = ap_check_cmd_context(cmd, NOT_IN_LIMIT);
if (err != NULL) {
return err;
}
+ /* Throw a warning if we're in <Location> or <Files> */
+ if (ap_check_cmd_context(cmd, NOT_IN_LOCATION | NOT_IN_FILES)) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server,
+ "Useless use of AllowOverride in line %d of %s.",
+ cmd->directive->line_num, cmd->directive->filename);
+ }
+
d->override = OR_NONE;
while (l[0]) {
w = ap_getword_conf(cmd->pool, &l);
+
+ k = w;
+ v = strchr(k, '=');
+ if (v) {
+ *v++ = '\0';
+ }
+
if (!strcasecmp(w, "Limit")) {
d->override |= OR_LIMIT;
}
- else if (!strcasecmp(w, "Options")) {
+ else if (!strcasecmp(k, "Options")) {
d->override |= OR_OPTIONS;
+ if (v)
+ set_allow_opts(cmd, &(d->override_opts), v);
+ else
+ d->override_opts = OPT_ALL;
}
else if (!strcasecmp(w, "FileInfo")) {
d->override |= OR_FILEINFO;
else if (!strcasecmp(w, "SymLinksIfOwnerMatch")) {
opt = OPT_SYM_OWNER;
}
- else if (!strcasecmp(w, "execCGI")) {
+ else if (!strcasecmp(w, "ExecCGI")) {
opt = OPT_EXECCGI;
}
else if (!strcasecmp(w, "MultiViews")) {
return apr_pstrcat(cmd->pool, "Illegal option ", w, NULL);
}
- /* we ensure the invariant (d->opts_add & d->opts_remove) == 0 */
- if (action == '-') {
+ if (!(cmd->override_opts & opt) && opt != OPT_NONE) {
+ return apr_pstrcat(cmd->pool, "Option ", w, " not allowed here", NULL);
+ }
+ else if (action == '-') {
+ /* we ensure the invariant (d->opts_add & d->opts_remove) == 0 */
d->opts_remove |= opt;
d->opts_add &= ~opt;
d->opts &= ~opt;
return NULL;
}
-static const char *satisfy(cmd_parms *cmd, void *c_, const char *arg)
-{
- core_dir_config *c = c_;
-
- if (!strcasecmp(arg, "all")) {
- c->satisfy = SATISFY_ALL;
- }
- else if (!strcasecmp(arg, "any")) {
- c->satisfy = SATISFY_ANY;
- }
- else {
- return "Satisfy either 'any' or 'all'.";
- }
- return NULL;
+/*
+ * Report a missing-'>' syntax error.
+ */
+static char *unclosed_directive(cmd_parms *cmd)
+{
+ return apr_pstrcat(cmd->pool, cmd->cmd->name,
+ "> directive missing closing '>'", NULL);
}
-static const char *require(cmd_parms *cmd, void *c_, const char *arg)
+/*
+ * Report a missing args in '<Foo >' syntax error.
+ */
+static char *missing_container_arg(cmd_parms *cmd)
{
- require_line *r;
- core_dir_config *c = c_;
-
- if (!c->ap_requires) {
- c->ap_requires = apr_array_make(cmd->pool, 2, sizeof(require_line));
- }
-
- r = (require_line *)apr_array_push(c->ap_requires);
- r->requirement = apr_pstrdup(cmd->pool, arg);
- r->method_mask = cmd->limited;
-
- return NULL;
+ return apr_pstrcat(cmd->pool, cmd->cmd->name,
+ "> directive requires additional arguments", NULL);
}
AP_CORE_DECLARE_NONSTD(const char *) ap_limit_section(cmd_parms *cmd,
void *dummy,
const char *arg)
{
- const char *limited_methods = ap_getword(cmd->pool, &arg, '>');
+ const char *endp = ap_strrchr_c(arg, '>');
+ const char *limited_methods;
void *tog = cmd->cmd->cmd_data;
apr_int64_t limited = 0;
const char *errmsg;
return err;
}
+ if (endp == NULL) {
+ return unclosed_directive(cmd);
+ }
+
+ limited_methods = apr_pstrndup(cmd->pool, arg, endp - arg);
+
+ if (!limited_methods[0]) {
+ return missing_container_arg(cmd);
+ }
+
while (limited_methods[0]) {
char *method = ap_getword_conf(cmd->pool, &limited_methods);
int methnum;
methnum = ap_method_number_of(method);
if (methnum == M_TRACE && !tog) {
- return "TRACE cannot be controlled by <Limit>";
+ return "TRACE cannot be controlled by <Limit>, see TraceEnable";
}
else if (methnum == M_INVALID) {
/* method has not been registered yet, but resorce restriction
*/
#ifdef WIN32
-#define USE_ICASE REG_ICASE
+#define USE_ICASE AP_REG_ICASE
#else
#define USE_ICASE 0
#endif
-/*
- * Report a missing-'>' syntax error.
- */
-static char *unclosed_directive(cmd_parms *cmd)
-{
- return apr_pstrcat(cmd->pool, cmd->cmd->name,
- "> directive missing closing '>'", NULL);
-}
-
static const char *dirsection(cmd_parms *cmd, void *mconfig, const char *arg)
{
const char *errmsg;
char *old_path = cmd->path;
core_dir_config *conf;
ap_conf_vector_t *new_dir_conf = ap_create_per_dir_config(cmd->pool);
- regex_t *r = NULL;
+ ap_regex_t *r = NULL;
const command_rec *thiscmd = cmd->cmd;
const char *err = ap_check_cmd_context(cmd,
arg = apr_pstrndup(cmd->pool, arg, endp - arg);
+ if (!arg[0]) {
+ return missing_container_arg(cmd);
+ }
+
if (!arg) {
if (thiscmd->cmd_data)
return "<DirectoryMatch > block must specify a path";
cmd->path = ap_getword_conf(cmd->pool, &arg);
if (!cmd->path)
return "<Directory ~ > block must specify a path";
- r = ap_pregcomp(cmd->pool, cmd->path, REG_EXTENDED|USE_ICASE);
+ r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED|USE_ICASE);
+ if (!r) {
+ return "Regex could not be compiled";
+ }
}
else if (thiscmd->cmd_data) { /* <DirectoryMatch> */
- r = ap_pregcomp(cmd->pool, cmd->path, REG_EXTENDED|USE_ICASE);
+ r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED|USE_ICASE);
+ if (!r) {
+ return "Regex could not be compiled";
+ }
}
else if (!strcmp(cmd->path, "/") == 0)
{
/*
* Ensure that the pathname is canonical, and append the trailing /
*/
- if (apr_filepath_merge(&newpath, NULL, cmd->path,
- APR_FILEPATH_TRUENAME, cmd->pool) != APR_SUCCESS) {
+ apr_status_t rv = apr_filepath_merge(&newpath, NULL, cmd->path,
+ APR_FILEPATH_TRUENAME, cmd->pool);
+ if (rv != APR_SUCCESS && rv != APR_EPATHWILD) {
return apr_pstrcat(cmd->pool, "<Directory \"", cmd->path,
"\"> path is invalid.", NULL);
}
int old_overrides = cmd->override;
char *old_path = cmd->path;
core_dir_config *conf;
- regex_t *r = NULL;
+ ap_regex_t *r = NULL;
const command_rec *thiscmd = cmd->cmd;
ap_conf_vector_t *new_url_conf = ap_create_per_dir_config(cmd->pool);
const char *err = ap_check_cmd_context(cmd,
arg = apr_pstrndup(cmd->pool, arg, endp - arg);
+ if (!arg[0]) {
+ return missing_container_arg(cmd);
+ }
+
cmd->path = ap_getword_conf(cmd->pool, &arg);
cmd->override = OR_ALL|ACCESS_CONF;
if (thiscmd->cmd_data) { /* <LocationMatch> */
- r = ap_pregcomp(cmd->pool, cmd->path, REG_EXTENDED);
+ r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED);
+ if (!r) {
+ return "Regex could not be compiled";
+ }
}
else if (!strcmp(cmd->path, "~")) {
cmd->path = ap_getword_conf(cmd->pool, &arg);
- r = ap_pregcomp(cmd->pool, cmd->path, REG_EXTENDED);
+ r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED);
+ if (!r) {
+ return "Regex could not be compiled";
+ }
}
/* initialize our config and fetch it */
int old_overrides = cmd->override;
char *old_path = cmd->path;
core_dir_config *conf;
- regex_t *r = NULL;
+ ap_regex_t *r = NULL;
const command_rec *thiscmd = cmd->cmd;
core_dir_config *c = mconfig;
ap_conf_vector_t *new_file_conf = ap_create_per_dir_config(cmd->pool);
arg = apr_pstrndup(cmd->pool, arg, endp - arg);
- cmd->path = ap_getword_conf(cmd->pool, &arg);
+ if (!arg[0]) {
+ return missing_container_arg(cmd);
+ }
+
+ cmd->path = ap_getword_conf(cmd->pool, &arg);
/* Only if not an .htaccess file */
if (!old_path) {
cmd->override = OR_ALL|ACCESS_CONF;
}
if (thiscmd->cmd_data) { /* <FilesMatch> */
- r = ap_pregcomp(cmd->pool, cmd->path, REG_EXTENDED|USE_ICASE);
+ r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED|USE_ICASE);
+ if (!r) {
+ return "Regex could not be compiled";
+ }
}
else if (!strcmp(cmd->path, "~")) {
cmd->path = ap_getword_conf(cmd->pool, &arg);
- r = ap_pregcomp(cmd->pool, cmd->path, REG_EXTENDED|USE_ICASE);
+ r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED|USE_ICASE);
+ if (!r) {
+ return "Regex could not be compiled";
+ }
}
else {
char *newpath;
return NULL;
}
+static const char *ifsection(cmd_parms *cmd, void *mconfig, const char *arg)
+{
+ const char *errmsg;
+ const char *endp = ap_strrchr_c(arg, '>');
+ int old_overrides = cmd->override;
+ char *old_path = cmd->path;
+ core_dir_config *conf;
+ const command_rec *thiscmd = cmd->cmd;
+ core_dir_config *c = mconfig;
+ ap_conf_vector_t *new_file_conf = ap_create_per_dir_config(cmd->pool);
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_LIMIT|NOT_IN_LOCATION);
+ const char *condition;
+ int expr_err = 0;
+
+ if (err != NULL) {
+ return err;
+ }
+
+ if (endp == NULL) {
+ return unclosed_directive(cmd);
+ }
+
+ arg = apr_pstrndup(cmd->pool, arg, endp - arg);
+
+ if (!arg[0]) {
+ return missing_container_arg(cmd);
+ }
+
+ //cmd->path = "*";
+ condition = ap_getword_conf(cmd->pool, &arg);
+ /* Only if not an .htaccess file */
+ if (!old_path) {
+ cmd->override = OR_ALL|ACCESS_CONF;
+ }
+
+ /* initialize our config and fetch it */
+ conf = ap_set_config_vectors(cmd->server, new_file_conf, cmd->path,
+ &core_module, cmd->pool);
+
+ conf->condition = ap_expr_parse(cmd->pool, condition, &expr_err);
+ if (expr_err) {
+ return "Cannot parse condition clause";
+ }
+
+ errmsg = ap_walk_config(cmd->directive->first_child, cmd, new_file_conf);
+ if (errmsg != NULL)
+ return errmsg;
+
+ conf->d = cmd->path;
+ conf->d_is_fnmatch = 0;
+ conf->r = NULL;
+
+ ap_add_file_conf(c, new_file_conf);
+
+ if (*arg != '\0') {
+ return apr_pstrcat(cmd->pool, "Multiple ", thiscmd->name,
+ "> arguments not supported.", NULL);
+ }
+
+ cmd->path = old_path;
+ cmd->override = old_overrides;
+
+ return NULL;
+}
static const char *start_ifmod(cmd_parms *cmd, void *mconfig, const char *arg)
{
arg++;
}
+ if (!arg[0]) {
+ return missing_container_arg(cmd);
+ }
+
found = ap_find_linked_module(arg);
+ /* search prelinked stuff */
+ if (!found) {
+ ap_module_symbol_t *current = ap_prelinked_module_symbols;
+
+ for (; current->name; ++current) {
+ if (!strcmp(current->name, arg)) {
+ found = current->modp;
+ break;
+ }
+ }
+ }
+
+ /* search dynamic stuff */
+ if (!found) {
+ APR_OPTIONAL_FN_TYPE(ap_find_loaded_module_symbol) *check_symbol =
+ APR_RETRIEVE_OPTIONAL_FN(ap_find_loaded_module_symbol);
+
+ if (check_symbol) {
+ found = check_symbol(cmd->server, arg);
+ }
+ }
+
if ((!not && found) || (not && !found)) {
ap_directive_t *parent = NULL;
ap_directive_t *current = NULL;
arg++;
}
+ if (!arg[0]) {
+ return missing_container_arg(cmd);
+ }
+
defined = ap_exists_config_define(arg);
if ((!not && defined) || (not && !defined)) {
ap_directive_t *parent = NULL;
arg = apr_pstrndup(cmd->pool, arg, endp - arg);
+ if (!arg[0]) {
+ return missing_container_arg(cmd);
+ }
+
/* FIXME: There's another feature waiting to happen here -- since you
can now put multiple addresses/names on a single <VirtualHost>
you might want to use it to group common definitions and then
return NULL;
}
+static const char *set_accf_map(cmd_parms *cmd, void *dummy,
+ const char *iproto, const char* iaccf)
+{
+ const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
+ core_server_config *conf = ap_get_module_config(cmd->server->module_config,
+ &core_module);
+ char* proto;
+ char* accf;
+ if (err != NULL) {
+ return err;
+ }
+
+ proto = apr_pstrdup(cmd->pool, iproto);
+ ap_str_tolower(proto);
+ accf = apr_pstrdup(cmd->pool, iaccf);
+ ap_str_tolower(accf);
+ apr_table_set(conf->accf_map, proto, accf);
+
+ return NULL;
+}
+
+AP_DECLARE(const char*) ap_get_server_protocol(server_rec* s)
+{
+ core_server_config *conf = ap_get_module_config(s->module_config,
+ &core_module);
+ return conf->protocol;
+}
+
+AP_DECLARE(void) ap_set_server_protocol(server_rec* s, const char* proto)
+{
+ core_server_config *conf = ap_get_module_config(s->module_config,
+ &core_module);
+ conf->protocol = proto;
+}
+
+static const char *set_protocol(cmd_parms *cmd, void *dummy,
+ const char *arg)
+{
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_LOC_FILE|NOT_IN_LIMIT);
+ core_server_config *conf = ap_get_module_config(cmd->server->module_config,
+ &core_module);
+ char* proto;
+
+ if (err != NULL) {
+ return err;
+ }
+
+ proto = apr_pstrdup(cmd->pool, arg);
+ ap_str_tolower(proto);
+ conf->protocol = proto;
+
+ return NULL;
+}
+
static const char *set_server_string_slot(cmd_parms *cmd, void *dummy,
const char *arg)
{
return NULL;
}
+/*
+ * The ServerName directive takes one argument with format
+ * [scheme://]fully-qualified-domain-name[:port], for instance
+ * ServerName www.example.com
+ * ServerName www.example.com:80
+ * ServerName https://www.example.com:443
+ */
+
static const char *server_hostname_port(cmd_parms *cmd, void *dummy, const char *arg)
{
const char *err = ap_check_cmd_context(cmd, NOT_IN_DIR_LOC_FILE|NOT_IN_LIMIT);
- const char *portstr;
+ const char *portstr, *part;
+ char *scheme;
int port;
if (err != NULL) {
return err;
}
- portstr = ap_strchr_c(arg, ':');
+ part = ap_strstr_c(arg, "://");
+
+ if (part) {
+ scheme = apr_pstrndup(cmd->pool, arg, part - arg);
+ ap_str_tolower(scheme);
+ cmd->server->server_scheme = (const char *)scheme;
+ part += 3;
+ } else {
+ part = arg;
+ }
+
+ portstr = ap_strchr_c(part, ':');
if (portstr) {
- cmd->server->server_hostname = apr_pstrndup(cmd->pool, arg,
- portstr - arg);
+ cmd->server->server_hostname = apr_pstrndup(cmd->pool, part,
+ portstr - part);
portstr++;
port = atoi(portstr);
if (port <= 0 || port >= 65536) { /* 65536 == 1<<16 */
}
}
else {
- cmd->server->server_hostname = apr_pstrdup(cmd->pool, arg);
+ cmd->server->server_hostname = apr_pstrdup(cmd->pool, part);
port = 0;
}
return NULL;
}
-static const char *set_idcheck(cmd_parms *cmd, void *d_, int arg)
+static const char *set_allow2f(cmd_parms *cmd, void *d_, int arg)
{
core_dir_config *d = d_;
const char *err = ap_check_cmd_context(cmd, NOT_IN_LIMIT);
return err;
}
- d->do_rfc1413 = arg != 0;
+ d->allow_encoded_slashes = arg != 0;
return NULL;
}
}
cmd->server->path = arg;
- cmd->server->pathlen = strlen(arg);
+ cmd->server->pathlen = (int)strlen(arg);
return NULL;
}
return NULL;
}
+static const char *set_use_canonical_phys_port(cmd_parms *cmd, void *d_,
+ const char *arg)
+{
+ core_dir_config *d = d_;
+ const char *err = ap_check_cmd_context(cmd, NOT_IN_LIMIT);
+
+ if (err != NULL) {
+ return err;
+ }
+
+ if (strcasecmp(arg, "on") == 0) {
+ d->use_canonical_phys_port = USE_CANONICAL_PHYS_PORT_ON;
+ }
+ else if (strcasecmp(arg, "off") == 0) {
+ d->use_canonical_phys_port = USE_CANONICAL_PHYS_PORT_OFF;
+ }
+ else {
+ return "parameter must be 'on' or 'off'";
+ }
+
+ return NULL;
+}
+
static const char *include_config (cmd_parms *cmd, void *dummy,
const char *name)
{
ap_directive_t *conftree = NULL;
- const char* conffile = ap_server_root_relative(cmd->pool, name);
-
+ const char* conffile, *error;
+ unsigned *recursion;
+ void *data;
+
+ apr_pool_userdata_get(&data, "ap_include_sentinel", cmd->pool);
+ if (data) {
+ recursion = data;
+ }
+ else {
+ data = recursion = apr_palloc(cmd->pool, sizeof(*recursion));
+ *recursion = 0;
+ apr_pool_userdata_setn(data, "ap_include_sentinel", NULL, cmd->pool);
+ }
+
+ if (++*recursion > AP_MAX_INCLUDE_DEPTH) {
+ *recursion = 0;
+ return apr_psprintf(cmd->pool, "Exceeded maximum include depth of %u. "
+ "You have probably a recursion somewhere.",
+ AP_MAX_INCLUDE_DEPTH);
+ }
+
+ conffile = ap_server_root_relative(cmd->pool, name);
if (!conffile) {
- return apr_pstrcat(cmd->pool, "Invalid Include path ",
+ *recursion = 0;
+ return apr_pstrcat(cmd->pool, "Invalid Include path ",
name, NULL);
}
- ap_process_resource_config(cmd->server, conffile,
- &conftree, cmd->pool, cmd->temp_pool);
+ error = ap_process_resource_config(cmd->server, conffile,
+ &conftree, cmd->pool, cmd->temp_pool);
+ if (error) {
+ *recursion = 0;
+ return error;
+ }
+
*(ap_directive_t **)dummy = conftree;
+
+ /* recursion level done */
+ if (*recursion) {
+ --*recursion;
+ }
+
return NULL;
}
apr_snprintf(sport, sizeof sport, "%u", (unsigned) ap_get_server_port(r));
if (conf->server_signature == srv_sig_withmail) {
- return apr_pstrcat(r->pool, prefix, "<address>",
- ap_get_server_version(),
- " Server at <a href=\"mailto:",
- r->server->server_admin, "\">",
+ return apr_pstrcat(r->pool, prefix, "<address>",
+ ap_get_server_banner(),
+ " Server at <a href=\"",
+ ap_is_url(r->server->server_admin) ? "" : "mailto:",
+ ap_escape_html(r->pool, r->server->server_admin),
+ "\">",
ap_escape_html(r->pool, ap_get_server_name(r)),
"</a> Port ", sport,
"</address>\n", NULL);
}
- return apr_pstrcat(r->pool, prefix, "<address>", ap_get_server_version(),
+ return apr_pstrcat(r->pool, prefix, "<address>", ap_get_server_banner(),
" Server at ",
ap_escape_html(r->pool, ap_get_server_name(r)),
" Port ", sport,
"</address>\n", NULL);
}
-/*
- * Load an authorisation realm into our location configuration, applying the
- * usual rules that apply to realms.
- */
-static const char *set_authname(cmd_parms *cmd, void *mconfig,
- const char *word1)
-{
- core_dir_config *aconfig = (core_dir_config *)mconfig;
-
- aconfig->ap_auth_name = ap_escape_quotes(cmd->pool, word1);
- return NULL;
-}
-
-#ifdef _OSD_POSIX /* BS2000 Logon Passwd file */
-static const char *set_bs2000_account(cmd_parms *cmd, void *dummy, char *name)
-{
- const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);
- if (err != NULL) {
- return err;
- }
-
- return os_set_account(cmd->pool, name);
-}
-#endif /*_OSD_POSIX*/
-
/*
* Handle a request to include the server's OS platform in the Server
* response header field (the ServerTokens directive). Unfortunately
* string.
*/
-static char *server_version = NULL;
-static int version_locked = 0;
+static char *server_banner = NULL;
+static int banner_locked = 0;
+static char *server_description = NULL;
enum server_token_type {
SrvTk_MAJOR, /* eg: Apache/2 */
};
static enum server_token_type ap_server_tokens = SrvTk_FULL;
-static apr_status_t reset_version(void *dummy)
+static apr_status_t reset_banner(void *dummy)
{
- version_locked = 0;
+ banner_locked = 0;
ap_server_tokens = SrvTk_FULL;
- server_version = NULL;
+ server_banner = NULL;
+ server_description = NULL;
return APR_SUCCESS;
}
-AP_DECLARE(const char *) ap_get_server_version(void)
+AP_DECLARE(void) ap_get_server_revision(ap_version_t *version)
+{
+ version->major = AP_SERVER_MAJORVERSION_NUMBER;
+ version->minor = AP_SERVER_MINORVERSION_NUMBER;
+ version->patch = AP_SERVER_PATCHLEVEL_NUMBER;
+ version->add_string = AP_SERVER_ADD_STRING;
+}
+
+AP_DECLARE(const char *) ap_get_server_description(void)
+{
+ return server_description ? server_description :
+ AP_SERVER_BASEVERSION " (" PLATFORM ")";
+}
+
+AP_DECLARE(const char *) ap_get_server_banner(void)
{
- return (server_version ? server_version : AP_SERVER_BASEVERSION);
+ return server_banner ? server_banner : AP_SERVER_BASEVERSION;
}
AP_DECLARE(void) ap_add_version_component(apr_pool_t *pconf, const char *component)
{
- if (! version_locked) {
+ if (! banner_locked) {
/*
* If the version string is null, register our cleanup to reset the
* pointer on pool destruction. We also know that, if NULL,
* we are adding the original SERVER_BASEVERSION string.
*/
- if (server_version == NULL) {
- apr_pool_cleanup_register(pconf, NULL, reset_version,
+ if (server_banner == NULL) {
+ apr_pool_cleanup_register(pconf, NULL, reset_banner,
apr_pool_cleanup_null);
- server_version = apr_pstrdup(pconf, component);
+ server_banner = apr_pstrdup(pconf, component);
}
else {
/*
* Tack the given component identifier to the end of
* the existing string.
*/
- server_version = apr_pstrcat(pconf, server_version, " ",
- component, NULL);
+ server_banner = apr_pstrcat(pconf, server_banner, " ",
+ component, NULL);
}
}
+ server_description = apr_pstrcat(pconf, server_description, " ",
+ component, NULL);
}
/*
- * This routine adds the real server base identity to the version string,
+ * This routine adds the real server base identity to the banner string,
* and then locks out changes until the next reconfig.
*/
-static void ap_set_version(apr_pool_t *pconf)
+static void set_banner(apr_pool_t *pconf)
{
if (ap_server_tokens == SrvTk_PRODUCT_ONLY) {
ap_add_version_component(pconf, AP_SERVER_BASEPRODUCT);
}
/*
- * Lock the server_version string if we're not displaying
+ * Lock the server_banner string if we're not displaying
* the full set of tokens
*/
if (ap_server_tokens != SrvTk_FULL) {
- version_locked++;
+ banner_locked++;
}
+ server_description = AP_SERVER_BASEVERSION " (" PLATFORM ")";
}
static const char *set_serv_tokens(cmd_parms *cmd, void *dummy,
"\" must be a non-negative integer", NULL);
}
- if (lim > DEFAULT_LIMIT_REQUEST_LINE) {
- return apr_psprintf(cmd->temp_pool, "LimitRequestLine \"%s\" "
- "must not exceed the precompiled maximum of %d",
- arg, DEFAULT_LIMIT_REQUEST_LINE);
- }
-
cmd->server->limit_req_line = lim;
return NULL;
}
lim = atoi(arg);
if (lim < 0) {
return apr_pstrcat(cmd->temp_pool, "LimitRequestFieldsize \"", arg,
- "\" must be a non-negative integer (0 = no limit)",
+ "\" must be a non-negative integer",
NULL);
}
- if (lim > DEFAULT_LIMIT_REQUEST_FIELDSIZE) {
- return apr_psprintf(cmd->temp_pool, "LimitRequestFieldsize \"%s\" "
- "must not exceed the precompiled maximum of %d",
- arg, DEFAULT_LIMIT_REQUEST_FIELDSIZE);
- }
-
cmd->server->limit_req_fieldsize = lim;
return NULL;
}
return err;
}
- /* WTF: If strtoul is not portable, then write a replacement.
- * Instead we have an idiotic define in httpd.h that prevents
- * it from being used even when it is available. Sheesh.
- */
- conf->limit_req_body = (apr_off_t)strtol(arg, &errp, 10);
- if (*errp != '\0') {
+ if (APR_SUCCESS != apr_strtoff(&conf->limit_req_body, arg, &errp, 10)) {
+ return "LimitRequestBody argument is not parsable.";
+ }
+ if (*errp || conf->limit_req_body < 0) {
return "LimitRequestBody requires a non-negative integer.";
}
}
#endif
+static const char *set_recursion_limit(cmd_parms *cmd, void *dummy,
+ const char *arg1, const char *arg2)
+{
+ core_server_config *conf = ap_get_module_config(cmd->server->module_config,
+ &core_module);
+ int limit = atoi(arg1);
+
+ if (limit <= 0) {
+ return "The recursion limit must be greater than zero.";
+ }
+ if (limit < 4) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server,
+ "Limiting internal redirects to very low numbers may "
+ "cause normal requests to fail.");
+ }
+
+ conf->redirect_limit = limit;
+
+ if (arg2) {
+ limit = atoi(arg2);
+
+ if (limit <= 0) {
+ return "The recursion limit must be greater than zero.";
+ }
+ if (limit < 4) {
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server,
+ "Limiting the subrequest depth to a very low level may"
+ " cause normal requests to fail.");
+ }
+ }
+
+ conf->subreq_limit = limit;
+
+ return NULL;
+}
+
+static void log_backtrace(const request_rec *r)
+{
+ const request_rec *top = r;
+
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "r->uri = %s", r->uri ? r->uri : "(unexpectedly NULL)");
+
+ while (top && (top->prev || top->main)) {
+ if (top->prev) {
+ top = top->prev;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "redirected from r->uri = %s",
+ top->uri ? top->uri : "(unexpectedly NULL)");
+ }
+
+ if (!top->prev && top->main) {
+ top = top->main;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "subrequested from r->uri = %s",
+ top->uri ? top->uri : "(unexpectedly NULL)");
+ }
+ }
+}
+
+/*
+ * check whether redirect limit is reached
+ */
+AP_DECLARE(int) ap_is_recursion_limit_exceeded(const request_rec *r)
+{
+ core_server_config *conf = ap_get_module_config(r->server->module_config,
+ &core_module);
+ const request_rec *top = r;
+ int redirects = 0, subreqs = 0;
+ int rlimit = conf->redirect_limit
+ ? conf->redirect_limit
+ : AP_DEFAULT_MAX_INTERNAL_REDIRECTS;
+ int slimit = conf->subreq_limit
+ ? conf->subreq_limit
+ : AP_DEFAULT_MAX_SUBREQ_DEPTH;
+
+
+ while (top->prev || top->main) {
+ if (top->prev) {
+ if (++redirects >= rlimit) {
+ /* uuh, too much. */
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+ "Request exceeded the limit of %d internal "
+ "redirects due to probable configuration error. "
+ "Use 'LimitInternalRecursion' to increase the "
+ "limit if necessary. Use 'LogLevel debug' to get "
+ "a backtrace.", rlimit);
+
+ /* post backtrace */
+ log_backtrace(r);
+
+ /* return failure */
+ return 1;
+ }
+
+ top = top->prev;
+ }
+
+ if (!top->prev && top->main) {
+ if (++subreqs >= slimit) {
+ /* uuh, too much. */
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
+ "Request exceeded the limit of %d subrequest "
+ "nesting levels due to probable configuration "
+ "error. Use 'LimitInternalRecursion' to increase "
+ "the limit if necessary. Use 'LogLevel debug' to "
+ "get a backtrace.", slimit);
+
+ /* post backtrace */
+ log_backtrace(r);
+
+ /* return failure */
+ return 1;
+ }
+
+ top = top->main;
+ }
+ }
+
+ /* recursion state: ok */
+ return 0;
+}
+
static const char *add_ct_output_filters(cmd_parms *cmd, void *conf_,
const char *arg, const char *arg2)
{
else {
old = (ap_filter_rec_t*) apr_hash_get(conf->ct_output_filters, arg2,
APR_HASH_KEY_STRING);
+ /* find last entry */
+ if (old) {
+ while (old->next) {
+ old = old->next;
+ }
+ }
}
while (*arg &&
/* We found something, so let's append it. */
if (old) {
- new->next = old;
+ old->next = new;
+ }
+ else {
+ apr_hash_set(conf->ct_output_filters, arg2,
+ APR_HASH_KEY_STRING, new);
}
old = new;
}
if (!new) {
return "invalid filter name";
}
-
- apr_hash_set(conf->ct_output_filters, arg2, APR_HASH_KEY_STRING, new);
return NULL;
}
-/*
- * Insert filters requested by the AddOutputFilterByType
- * configuration directive. We cannot add filters based
- * on content-type until after the handler has started
+/*
+ * Insert filters requested by the AddOutputFilterByType
+ * configuration directive. We cannot add filters based
+ * on content-type until after the handler has started
* to run. Only then do we reliably know the content-type.
*/
void ap_add_output_filters_by_type(request_rec *r)
{
core_dir_config *conf;
- const char *ctype, *ctypes;
+ const char *ctype;
conf = (core_dir_config *)ap_get_module_config(r->per_dir_config,
&core_module);
- /* We can't do anything with proxy requests, no content-types or if
- * we don't have a filter configured.
+ /* We can't do anything with no content-type or if we don't have a
+ * filter configured.
*/
- if (r->proxyreq != PROXYREQ_NONE || !r->content_type ||
- !conf->ct_output_filters) {
+ if (!r->content_type || !conf->ct_output_filters) {
return;
}
- ctypes = r->content_type;
-
- /* We must be able to handle decorated content-types. */
- while (*ctypes && (ctype = ap_getword(r->pool, &ctypes, ';'))) {
+ /* remove c-t decoration */
+ ctype = ap_field_noparam(r->pool, r->content_type);
+ if (ctype) {
ap_filter_rec_t *ct_filter;
ct_filter = apr_hash_get(conf->ct_output_filters, ctype,
APR_HASH_KEY_STRING);
return;
}
-static apr_status_t writev_it_all(apr_socket_t *s,
- struct iovec *vec, int nvec,
- apr_size_t len, apr_size_t *nbytes)
+static const char *set_trace_enable(cmd_parms *cmd, void *dummy,
+ const char *arg1)
{
- apr_size_t bytes_written = 0;
- apr_status_t rv;
- apr_size_t n = len;
- int i = 0;
-
- *nbytes = 0;
-
- /* XXX handle checking for non-blocking socket */
- while (bytes_written != len) {
- rv = apr_sendv(s, vec + i, nvec - i, &n);
- bytes_written += n;
- if (rv != APR_SUCCESS)
- return rv;
-
- *nbytes += n;
+ core_server_config *conf = ap_get_module_config(cmd->server->module_config,
+ &core_module);
- /* If the write did not complete, adjust the iovecs and issue
- * apr_sendv again
- */
- if (bytes_written < len) {
- /* Skip over the vectors that have already been written */
- apr_size_t cnt = vec[i].iov_len;
- while (n >= cnt && i + 1 < nvec) {
- i++;
- cnt += vec[i].iov_len;
- }
-
- if (n < cnt) {
- /* Handle partial write of vec i */
- vec[i].iov_base = (char *) vec[i].iov_base +
- (vec[i].iov_len - (cnt - n));
- vec[i].iov_len = cnt -n;
- }
- }
-
- n = len - bytes_written;
+ if (strcasecmp(arg1, "on") == 0) {
+ conf->trace_enable = AP_TRACE_ENABLE;
}
-
- return APR_SUCCESS;
-}
-
-/* sendfile_it_all()
- * send the entire file using sendfile()
- * handle partial writes
- * return only when all bytes have been sent or an error is encountered.
- */
-
-#if APR_HAS_SENDFILE
-static apr_status_t sendfile_it_all(core_net_rec *c,
- apr_file_t *fd,
- apr_hdtr_t *hdtr,
- apr_off_t file_offset,
- apr_size_t file_bytes_left,
- apr_size_t total_bytes_left,
- apr_size_t *bytes_sent,
- apr_int32_t flags)
-{
- apr_status_t rv;
-#ifdef AP_DEBUG
- apr_interval_time_t timeout = 0;
-#endif
-
- AP_DEBUG_ASSERT((apr_socket_timeout_get(c->client_socket, &timeout)
- == APR_SUCCESS)
- && timeout > 0); /* socket must be in timeout mode */
-
- /* Reset the bytes_sent field */
- *bytes_sent = 0;
-
- do {
- apr_size_t tmplen = file_bytes_left;
-
- rv = apr_sendfile(c->client_socket, fd, hdtr, &file_offset, &tmplen,
- flags);
- *bytes_sent += tmplen;
- total_bytes_left -= tmplen;
- if (!total_bytes_left || rv != APR_SUCCESS) {
- return rv; /* normal case & error exit */
- }
-
- AP_DEBUG_ASSERT(total_bytes_left > 0 && tmplen > 0);
-
- /* partial write, oooh noooo...
- * Skip over any header data which was written
- */
- while (tmplen && hdtr->numheaders) {
- if (tmplen >= hdtr->headers[0].iov_len) {
- tmplen -= hdtr->headers[0].iov_len;
- --hdtr->numheaders;
- ++hdtr->headers;
- }
- else {
- char *iov_base = (char *)hdtr->headers[0].iov_base;
-
- hdtr->headers[0].iov_len -= tmplen;
- iov_base += tmplen;
- hdtr->headers[0].iov_base = iov_base;
- tmplen = 0;
- }
- }
-
- /* Skip over any file data which was written */
-
- if (tmplen <= file_bytes_left) {
- file_offset += tmplen;
- file_bytes_left -= tmplen;
- continue;
- }
-
- tmplen -= file_bytes_left;
- file_bytes_left = 0;
- file_offset = 0;
-
- /* Skip over any trailer data which was written */
-
- while (tmplen && hdtr->numtrailers) {
- if (tmplen >= hdtr->trailers[0].iov_len) {
- tmplen -= hdtr->trailers[0].iov_len;
- --hdtr->numtrailers;
- ++hdtr->trailers;
- }
- else {
- char *iov_base = (char *)hdtr->trailers[0].iov_base;
-
- hdtr->trailers[0].iov_len -= tmplen;
- iov_base += tmplen;
- hdtr->trailers[0].iov_base = iov_base;
- tmplen = 0;
- }
- }
- } while (1);
-}
-#endif
-
-/*
- * emulate_sendfile()
- * Sends the contents of file fd along with header/trailer bytes, if any,
- * to the network. emulate_sendfile will return only when all the bytes have been
- * sent (i.e., it handles partial writes) or on a network error condition.
- */
-static apr_status_t emulate_sendfile(core_net_rec *c, apr_file_t *fd,
- apr_hdtr_t *hdtr, apr_off_t offset,
- apr_size_t length, apr_size_t *nbytes)
-{
- apr_status_t rv = APR_SUCCESS;
- apr_int32_t togo; /* Remaining number of bytes in the file to send */
- apr_size_t sendlen = 0;
- apr_size_t bytes_sent;
- apr_int32_t i;
- apr_off_t o; /* Track the file offset for partial writes */
- char buffer[8192];
-
- *nbytes = 0;
-
- /* Send the headers
- * writev_it_all handles partial writes.
- * XXX: optimization... if headers are less than MIN_WRITE_SIZE, copy
- * them into buffer
- */
- if (hdtr && hdtr->numheaders > 0 ) {
- for (i = 0; i < hdtr->numheaders; i++) {
- sendlen += hdtr->headers[i].iov_len;
- }
-
- rv = writev_it_all(c->client_socket, hdtr->headers, hdtr->numheaders,
- sendlen, &bytes_sent);
- if (rv == APR_SUCCESS)
- *nbytes += bytes_sent; /* track total bytes sent */
- }
-
- /* Seek the file to 'offset' */
- if (offset != 0 && rv == APR_SUCCESS) {
- rv = apr_file_seek(fd, APR_SET, &offset);
- }
-
- /* Send the file, making sure to handle partial writes */
- togo = length;
- while (rv == APR_SUCCESS && togo) {
- sendlen = togo > sizeof(buffer) ? sizeof(buffer) : togo;
- o = 0;
- rv = apr_file_read(fd, buffer, &sendlen);
- while (rv == APR_SUCCESS && sendlen) {
- bytes_sent = sendlen;
- rv = apr_send(c->client_socket, &buffer[o], &bytes_sent);
- if (rv == APR_SUCCESS) {
- sendlen -= bytes_sent; /* sendlen != bytes_sent ==> partial write */
- o += bytes_sent; /* o is where we are in the buffer */
- *nbytes += bytes_sent;
- togo -= bytes_sent; /* track how much of the file we've sent */
- }
- }
+ else if (strcasecmp(arg1, "off") == 0) {
+ conf->trace_enable = AP_TRACE_DISABLE;
}
-
- /* Send the trailers
- * XXX: optimization... if it will fit, send this on the last send in the
- * loop above
- */
- sendlen = 0;
- if ( rv == APR_SUCCESS && hdtr && hdtr->numtrailers > 0 ) {
- for (i = 0; i < hdtr->numtrailers; i++) {
- sendlen += hdtr->trailers[i].iov_len;
- }
- rv = writev_it_all(c->client_socket, hdtr->trailers, hdtr->numtrailers,
- sendlen, &bytes_sent);
- if (rv == APR_SUCCESS)
- *nbytes += bytes_sent;
+ else if (strcasecmp(arg1, "extended") == 0) {
+ conf->trace_enable = AP_TRACE_EXTENDED;
+ }
+ else {
+ return "TraceEnable must be one of 'on', 'off', or 'extended'";
}
- return rv;
+ return NULL;
}
/* Note --- ErrorDocument will now work from .htaccess files.
"specified URL paths"),
AP_INIT_RAW_ARGS("<FilesMatch", filesection, (void*)1, OR_ALL,
"Container for directives affecting files matching specified patterns"),
-AP_INIT_TAKE1("AuthType", ap_set_string_slot,
- (void*)APR_OFFSETOF(core_dir_config, ap_auth_type), OR_AUTHCFG,
- "An HTTP authorization type (e.g., \"Basic\")"),
-AP_INIT_TAKE1("AuthName", set_authname, NULL, OR_AUTHCFG,
- "The authentication realm (e.g. \"Members Only\")"),
-AP_INIT_RAW_ARGS("Require", require, NULL, OR_AUTHCFG,
- "Selects which authenticated users or groups may access a protected space"),
-AP_INIT_TAKE1("Satisfy", satisfy, NULL, OR_AUTHCFG,
- "access policy if both allow and require used ('all' or 'any')"),
#ifdef GPROF
AP_INIT_TAKE1("GprofDir", set_gprof_dir, NULL, RSRC_CONF,
"Directory to plop gmon.out files"),
"The name of the default charset to add to any Content-Type without one or 'Off' to disable"),
AP_INIT_TAKE1("AcceptPathInfo", set_accept_path_info, NULL, OR_FILEINFO,
"Set to on or off for PATH_INFO to be accepted by handlers, or default for the per-handler preference"),
+AP_INIT_TAKE1("Define", set_define, NULL, RSRC_CONF,
+ "Define the existance of a variable. Same as passing -D to the command line."),
+AP_INIT_RAW_ARGS("<If", ifsection, NULL, OR_ALL,
+ "Container for directives to be conditionally applied"),
/* Old resource config file commands */
/* Old server config file commands */
+AP_INIT_TAKE1("Protocol", set_protocol, NULL, RSRC_CONF,
+ "Set the Protocol for httpd to use."),
+AP_INIT_TAKE2("AcceptFilter", set_accf_map, NULL, RSRC_CONF,
+ "Set the Accept Filter to use for a protocol"),
AP_INIT_TAKE1("Port", ap_set_deprecated, NULL, RSRC_CONF,
"Port was replaced with Listen in Apache 2.0"),
AP_INIT_TAKE1("HostnameLookups", set_hostname_lookups, NULL,
"The pathname the server can be reached at"),
AP_INIT_TAKE1("Timeout", set_timeout, NULL, RSRC_CONF,
"Timeout duration (sec)"),
-AP_INIT_FLAG("IdentityCheck", set_idcheck, NULL, RSRC_CONF|ACCESS_CONF,
- "Enable identd (RFC 1413) user lookups - SLOW"),
AP_INIT_FLAG("ContentDigest", set_content_md5, NULL, OR_OPTIONS,
"whether or not to send a Content-MD5 header with each request"),
AP_INIT_TAKE1("UseCanonicalName", set_use_canonical_name, NULL,
RSRC_CONF|ACCESS_CONF,
"How to work out the ServerName : Port when constructing URLs"),
+AP_INIT_TAKE1("UseCanonicalPhysicalPort", set_use_canonical_phys_port, NULL,
+ RSRC_CONF|ACCESS_CONF,
+ "Whether to use the physical Port when constructing URLs"),
/* TODO: RlimitFoo should all be part of mod_cgi, not in the core */
/* TODO: ListenBacklog in MPM */
AP_INIT_TAKE1("Include", include_config, NULL,
"Level of verbosity in error logging"),
AP_INIT_TAKE1("NameVirtualHost", ap_set_name_virtual_host, NULL, RSRC_CONF,
"A numeric IP address:port, or the name of a host"),
-#ifdef _OSD_POSIX
-AP_INIT_TAKE1("BS2000Account", set_bs2000_account, NULL, RSRC_CONF,
- "Name of server User's bs2000 logon account name"),
-#endif
AP_INIT_TAKE1("ServerTokens", set_serv_tokens, NULL, RSRC_CONF,
"Determine tokens displayed in the Server: header - Min(imal), OS or Full"),
AP_INIT_TAKE1("LimitRequestLine", set_limit_req_line, NULL, RSRC_CONF,
OR_ALL, "soft/hard limits for max number of processes per uid"),
#endif
+/* internal recursion stopper */
+AP_INIT_TAKE12("LimitInternalRecursion", set_recursion_limit, NULL, RSRC_CONF,
+ "maximum recursion depth of internal redirects and subrequests"),
+
AP_INIT_TAKE1("ForceType", ap_set_string_slot_lower,
(void *)APR_OFFSETOF(core_dir_config, mime_type), OR_FILEINFO,
"a mime type that overrides other configured type"),
AP_INIT_ITERATE2("AddOutputFilterByType", add_ct_output_filters,
(void *)APR_OFFSETOF(core_dir_config, ct_output_filters), OR_FILEINFO,
"output filter name followed by one or more content-types"),
+AP_INIT_FLAG("AllowEncodedSlashes", set_allow2f, NULL, RSRC_CONF,
+ "Allow URLs containing '/' encoded as '%2F'"),
/*
* These are default configuration directives that mpms can/should
#endif
#ifdef AP_MPM_WANT_SET_LOCKFILE
AP_INIT_TAKE1("LockFile", ap_mpm_set_lockfile, NULL, RSRC_CONF,
- "The lockfile used when Apache needs to lock the accept() call"),
+ "The lockfile used when Apache needs to lock the accept() call (deprecated)"),
#endif
#ifdef AP_MPM_WANT_SET_MAX_REQUESTS
AP_INIT_TAKE1("MaxRequestsPerChild", ap_mpm_set_max_requests, NULL, RSRC_CONF,
#endif
#ifdef AP_MPM_WANT_SET_ACCEPT_LOCK_MECH
AP_INIT_TAKE1("AcceptMutex", ap_mpm_set_accept_lock_mech, NULL, RSRC_CONF,
- ap_valid_accept_mutex_string),
+ AP_AVAILABLE_MUTEXES_STRING),
#endif
#ifdef AP_MPM_WANT_SET_MAX_MEM_FREE
AP_INIT_TAKE1("MaxMemFree", ap_mpm_set_max_mem_free, NULL, RSRC_CONF,
"Maximum number of 1k blocks a particular childs allocator may hold."),
#endif
+#ifdef AP_MPM_WANT_SET_STACKSIZE
+AP_INIT_TAKE1("ThreadStackSize", ap_mpm_set_thread_stacksize, NULL, RSRC_CONF,
+ "Size in bytes of stack used by threads handling client connections"),
+#endif
+#if AP_ENABLE_EXCEPTION_HOOK
+AP_INIT_TAKE1("EnableExceptionHook", ap_mpm_set_exception_hook, NULL, RSRC_CONF,
+ "Controls whether exception hook may be called after a crash"),
+#endif
+AP_INIT_TAKE1("TraceEnable", set_trace_enable, NULL, RSRC_CONF,
+ "'on' (default), 'off' or 'extended' to trace request body content"),
{ NULL }
};
{
void *sconf = r->server->module_config;
core_server_config *conf = ap_get_module_config(sconf, &core_module);
+ apr_status_t rv;
/* XXX this seems too specific, this should probably become
* some general-case test
&& !strncmp(r->uri, r->server->path, r->server->pathlen)
&& (r->server->path[r->server->pathlen - 1] == '/'
|| r->uri[r->server->pathlen] == '/'
- || r->uri[r->server->pathlen] == '\0'))
+ || r->uri[r->server->pathlen] == '\0'))
{
- /* skip all leading /'s (e.g. http://localhost///foo)
+ /* skip all leading /'s (e.g. http://localhost///foo)
* so we are looking at only the relative path.
*/
char *path = r->uri + r->server->pathlen;
while (*path == '/') {
++path;
}
- if (apr_filepath_merge(&r->filename, conf->ap_document_root, path,
- APR_FILEPATH_TRUENAME
- | APR_FILEPATH_SECUREROOT, r->pool)
+ if ((rv = apr_filepath_merge(&r->filename, conf->ap_document_root, path,
+ APR_FILEPATH_TRUENAME
+ | APR_FILEPATH_SECUREROOT, r->pool))
!= APR_SUCCESS) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+ "Cannot map %s to file", r->the_request);
return HTTP_FORBIDDEN;
}
r->canonical_filename = r->filename;
* /'s in a row. This happens under windows when the document
* root ends with a /
*/
- /* skip all leading /'s (e.g. http://localhost///foo)
+ /* skip all leading /'s (e.g. http://localhost///foo)
* so we are looking at only the relative path.
*/
char *path = r->uri;
while (*path == '/') {
++path;
}
- if (apr_filepath_merge(&r->filename, conf->ap_document_root, path,
- APR_FILEPATH_TRUENAME
- | APR_FILEPATH_SECUREROOT, r->pool)
+ if ((rv = apr_filepath_merge(&r->filename, conf->ap_document_root, path,
+ APR_FILEPATH_TRUENAME
+ | APR_FILEPATH_SECUREROOT, r->pool))
!= APR_SUCCESS) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+ "Cannot map %s to file", r->the_request);
return HTTP_FORBIDDEN;
}
r->canonical_filename = r->filename;
return OK;
}
-
-
static int default_handler(request_rec *r)
{
conn_rec *c = r->connection;
if ((status = apr_file_open(&fd, r->filename, APR_READ | APR_BINARY
#if APR_HAS_SENDFILE
- | ((d->enable_sendfile == ENABLE_SENDFILE_OFF)
+ | ((d->enable_sendfile == ENABLE_SENDFILE_OFF)
? 0 : APR_SENDFILE_ENABLED)
#endif
, 0, r->pool)) != APR_SUCCESS) {
ap_set_etag(r);
apr_table_setn(r->headers_out, "Accept-Ranges", "bytes");
ap_set_content_length(r, r->finfo.size);
+
+ bb = apr_brigade_create(r->pool, c->bucket_alloc);
+
if ((errstatus = ap_meets_conditions(r)) != OK) {
apr_file_close(fd);
- return errstatus;
+ r->status = errstatus;
}
+ else {
+ if (bld_content_md5) {
+ apr_table_setn(r->headers_out, "Content-MD5",
+ ap_md5digest(r->pool, fd));
+ }
- if (bld_content_md5) {
- apr_table_setn(r->headers_out, "Content-MD5",
- ap_md5digest(r->pool, fd));
- }
+ e = apr_brigade_insert_file(bb, fd, 0, r->finfo.size, r->pool);
- bb = apr_brigade_create(r->pool, c->bucket_alloc);
-#if APR_HAS_SENDFILE && APR_HAS_LARGE_FILES
- if ((d->enable_sendfile != ENABLE_SENDFILE_OFF) &&
- (r->finfo.size > AP_MAX_SENDFILE)) {
- /* APR_HAS_LARGE_FILES issue; must split into mutiple buckets,
- * no greater than MAX(apr_size_t), and more granular than that
- * in case the brigade code/filters attempt to read it directly.
- */
- apr_off_t fsize = r->finfo.size;
- e = apr_bucket_file_create(fd, 0, AP_MAX_SENDFILE, r->pool,
- c->bucket_alloc);
- while (fsize > AP_MAX_SENDFILE) {
- apr_bucket *ce;
- apr_bucket_copy(e, &ce);
- APR_BRIGADE_INSERT_TAIL(bb, ce);
- e->start += AP_MAX_SENDFILE;
- fsize -= AP_MAX_SENDFILE;
+#if APR_HAS_MMAP
+ if (d->enable_mmap == ENABLE_MMAP_OFF) {
+ (void)apr_bucket_file_enable_mmap(e, 0);
}
- e->length = (apr_size_t)fsize; /* Resize just the last bucket */
- }
- else
#endif
- e = apr_bucket_file_create(fd, 0, (apr_size_t)r->finfo.size,
- r->pool, c->bucket_alloc);
-
-#if APR_HAS_MMAP
- if (d->enable_mmap == ENABLE_MMAP_OFF) {
- (void)apr_bucket_file_enable_mmap(e, 0);
}
-#endif
- APR_BRIGADE_INSERT_TAIL(bb, e);
+
e = apr_bucket_eos_create(c->bucket_alloc);
APR_BRIGADE_INSERT_TAIL(bb, e);
- return ap_pass_brigade(r->output_filters, bb);
+ status = ap_pass_brigade(r->output_filters, bb);
+ if (status == APR_SUCCESS
+ || r->status != HTTP_OK
+ || c->aborted) {
+ return OK;
+ }
+ else {
+ /* no way to know what type of error occurred */
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, status, r,
+ "default_handler: ap_pass_brigade returned %i",
+ status);
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
}
else { /* unusual method (not GET or POST) */
if (r->method_number == M_INVALID) {
}
}
-typedef struct net_time_filter_ctx {
- apr_socket_t *csd;
- int first_line;
-} net_time_filter_ctx_t;
-static int net_time_filter(ap_filter_t *f, apr_bucket_brigade *b,
- ap_input_mode_t mode, apr_read_type_e block,
- apr_off_t readbytes)
-{
- net_time_filter_ctx_t *ctx = f->ctx;
- int keptalive = f->c->keepalive == AP_CONN_KEEPALIVE;
-
- if (!ctx) {
- f->ctx = ctx = apr_palloc(f->r->pool, sizeof(*ctx));
- ctx->first_line = 1;
- ctx->csd = ap_get_module_config(f->c->conn_config, &core_module);
- }
-
- if (mode != AP_MODE_INIT && mode != AP_MODE_EATCRLF) {
- if (ctx->first_line) {
- apr_socket_timeout_set(ctx->csd,
- keptalive
- ? f->c->base_server->keep_alive_timeout
- : f->c->base_server->timeout);
- ctx->first_line = 0;
- }
- else {
- if (keptalive) {
- apr_socket_timeout_set(ctx->csd, f->c->base_server->timeout);
- }
- }
- }
- return ap_get_brigade(f->next, b, mode, block, readbytes);
-}
-
-/**
- * Remove all zero length buckets from the brigade.
- */
-#define BRIGADE_NORMALIZE(b) \
-do { \
- apr_bucket *e = APR_BRIGADE_FIRST(b); \
- do { \
- if (e->length == 0 && !APR_BUCKET_IS_METADATA(e)) { \
- apr_bucket *d; \
- d = APR_BUCKET_NEXT(e); \
- apr_bucket_delete(e); \
- e = d; \
- } \
- e = APR_BUCKET_NEXT(e); \
- } while (!APR_BRIGADE_EMPTY(b) && (e != APR_BRIGADE_SENTINEL(b))); \
-} while (0)
-
-static int core_input_filter(ap_filter_t *f, apr_bucket_brigade *b,
- ap_input_mode_t mode, apr_read_type_e block,
- apr_off_t readbytes)
-{
- apr_bucket *e;
- apr_status_t rv;
- core_net_rec *net = f->ctx;
- core_ctx_t *ctx = net->in_ctx;
- const char *str;
- apr_size_t len;
-
- if (mode == AP_MODE_INIT) {
- /*
- * this mode is for filters that might need to 'initialize'
- * a connection before reading request data from a client.
- * NNTP over SSL for example needs to handshake before the
- * server sends the welcome message.
- * such filters would have changed the mode before this point
- * is reached. however, protocol modules such as NNTP should
- * not need to know anything about SSL. given the example, if
- * SSL is not in the filter chain, AP_MODE_INIT is a noop.
- */
- return APR_SUCCESS;
- }
-
- if (!ctx)
- {
- ctx = apr_pcalloc(f->c->pool, sizeof(*ctx));
- ctx->b = apr_brigade_create(f->c->pool, f->c->bucket_alloc);
-
- /* seed the brigade with the client socket. */
- e = apr_bucket_socket_create(net->client_socket, f->c->bucket_alloc);
- APR_BRIGADE_INSERT_TAIL(ctx->b, e);
- net->in_ctx = ctx;
- }
- else if (APR_BRIGADE_EMPTY(ctx->b)) {
- return APR_EOF;
- }
-
- /* ### This is bad. */
- BRIGADE_NORMALIZE(ctx->b);
-
- /* check for empty brigade again *AFTER* BRIGADE_NORMALIZE()
- * If we have lost our socket bucket (see above), we are EOF.
- *
- * Ideally, this should be returning SUCCESS with EOS bucket, but
- * some higher-up APIs (spec. read_request_line via ap_rgetline)
- * want an error code. */
- if (APR_BRIGADE_EMPTY(ctx->b)) {
- return APR_EOF;
- }
-
- if (mode == AP_MODE_GETLINE) {
- /* we are reading a single LF line, e.g. the HTTP headers */
- rv = apr_brigade_split_line(b, ctx->b, block, HUGE_STRING_LEN);
- /* We should treat EAGAIN here the same as we do for EOF (brigade is
- * empty). We do this by returning whatever we have read. This may
- * or may not be bogus, but is consistent (for now) with EOF logic.
- */
- if (APR_STATUS_IS_EAGAIN(rv)) {
- rv = APR_SUCCESS;
- }
- return rv;
- }
-
- /* ### AP_MODE_PEEK is a horrific name for this mode because we also
- * eat any CRLFs that we see. That's not the obvious intention of
- * this mode. Determine whether anyone actually uses this or not. */
- if (mode == AP_MODE_EATCRLF) {
- apr_bucket *e;
- const char *c;
-
- /* The purpose of this loop is to ignore any CRLF (or LF) at the end
- * of a request. Many browsers send extra lines at the end of POST
- * requests. We use the PEEK method to determine if there is more
- * data on the socket, so that we know if we should delay sending the
- * end of one request until we have served the second request in a
- * pipelined situation. We don't want to actually delay sending a
- * response if the server finds a CRLF (or LF), becuause that doesn't
- * mean that there is another request, just a blank line.
- */
- while (1) {
- if (APR_BRIGADE_EMPTY(ctx->b))
- return APR_EOF;
-
- e = APR_BRIGADE_FIRST(ctx->b);
-
- rv = apr_bucket_read(e, &str, &len, APR_NONBLOCK_READ);
-
- if (rv != APR_SUCCESS)
- return rv;
-
- c = str;
- while (c < str + len) {
- if (*c == APR_ASCII_LF)
- c++;
- else if (*c == APR_ASCII_CR && *(c + 1) == APR_ASCII_LF)
- c += 2;
- else
- return APR_SUCCESS;
- }
-
- /* If we reach here, we were a bucket just full of CRLFs, so
- * just toss the bucket. */
- /* FIXME: Is this the right thing to do in the core? */
- apr_bucket_delete(e);
- }
- return APR_SUCCESS;
- }
-
- /* If mode is EXHAUSTIVE, we want to just read everything until the end
- * of the brigade, which in this case means the end of the socket.
- * To do this, we attach the brigade that has currently been setaside to
- * the brigade that was passed down, and send that brigade back.
- *
- * NOTE: This is VERY dangerous to use, and should only be done with
- * extreme caution. However, the Perchild MPM needs this feature
- * if it is ever going to work correctly again. With this, the Perchild
- * MPM can easily request the socket and all data that has been read,
- * which means that it can pass it to the correct child process.
- */
- if (mode == AP_MODE_EXHAUSTIVE) {
- apr_bucket *e;
-
- /* Tack on any buckets that were set aside. */
- APR_BRIGADE_CONCAT(b, ctx->b);
-
- /* Since we've just added all potential buckets (which will most
- * likely simply be the socket bucket) we know this is the end,
- * so tack on an EOS too. */
- /* We have read until the brigade was empty, so we know that we
- * must be EOS. */
- e = apr_bucket_eos_create(f->c->bucket_alloc);
- APR_BRIGADE_INSERT_TAIL(b, e);
- return APR_SUCCESS;
- }
-
- /* read up to the amount they specified. */
- if (mode == AP_MODE_READBYTES || mode == AP_MODE_SPECULATIVE) {
- apr_bucket *e;
- apr_bucket_brigade *newbb;
-
- AP_DEBUG_ASSERT(readbytes > 0);
-
- e = APR_BRIGADE_FIRST(ctx->b);
- rv = apr_bucket_read(e, &str, &len, block);
-
- if (APR_STATUS_IS_EAGAIN(rv)) {
- return APR_SUCCESS;
- }
- else if (rv != APR_SUCCESS) {
- return rv;
- }
- else if (block == APR_BLOCK_READ && len == 0) {
- /* We wanted to read some bytes in blocking mode. We read
- * 0 bytes. Hence, we now assume we are EOS.
- *
- * When we are in normal mode, return an EOS bucket to the
- * caller.
- * When we are in speculative mode, leave ctx->b empty, so
- * that the next call returns an EOS bucket.
- */
- apr_bucket_delete(e);
-
- if (mode == AP_MODE_READBYTES) {
- e = apr_bucket_eos_create(f->c->bucket_alloc);
- APR_BRIGADE_INSERT_TAIL(b, e);
- }
- return APR_SUCCESS;
- }
-
- /* We can only return at most what we read. */
- if (len < readbytes) {
- readbytes = len;
- }
-
- rv = apr_brigade_partition(ctx->b, readbytes, &e);
- if (rv != APR_SUCCESS) {
- return rv;
- }
-
- /* Must do split before CONCAT */
- newbb = apr_brigade_split(ctx->b, e);
-
- if (mode == AP_MODE_READBYTES) {
- APR_BRIGADE_CONCAT(b, ctx->b);
- }
- else if (mode == AP_MODE_SPECULATIVE) {
- apr_bucket *copy_bucket;
- APR_BRIGADE_FOREACH(e, ctx->b) {
- rv = apr_bucket_copy(e, ©_bucket);
- if (rv != APR_SUCCESS) {
- return rv;
- }
- APR_BRIGADE_INSERT_TAIL(b, copy_bucket);
- }
- }
-
- /* Take what was originally there and place it back on ctx->b */
- APR_BRIGADE_CONCAT(ctx->b, newbb);
- }
- return APR_SUCCESS;
-}
-
-/* Default filter. This filter should almost always be used. Its only job
- * is to send the headers if they haven't already been sent, and then send
- * the actual data.
- */
-#define MAX_IOVEC_TO_WRITE 16
-
/* Optional function coming from mod_logio, used for logging of output
* traffic
*/
-static APR_OPTIONAL_FN_TYPE(ap_logio_add_bytes_out) *logio_add_bytes_out;
-
-static apr_status_t core_output_filter(ap_filter_t *f, apr_bucket_brigade *b)
-{
- apr_status_t rv;
- apr_bucket_brigade *more; /* definition moved to foil a gdb bug */
- conn_rec *c = f->c;
- core_net_rec *net = f->ctx;
- core_output_filter_ctx_t *ctx = net->out_ctx;
- apr_read_type_e eblock = APR_NONBLOCK_READ;
- apr_pool_t *input_pool = b->p;
-
- if (ctx == NULL) {
- ctx = apr_pcalloc(c->pool, sizeof(*ctx));
- net->out_ctx = ctx;
- }
-
- /* If we have a saved brigade, concatenate the new brigade to it */
- if (ctx->b) {
- APR_BRIGADE_CONCAT(ctx->b, b);
- b = ctx->b;
- ctx->b = NULL;
- }
-
- /* Perform multiple passes over the brigade, sending batches of output
- to the connection. */
- while (b && !APR_BRIGADE_EMPTY(b)) {
- apr_size_t nbytes = 0;
- apr_bucket *last_e = NULL; /* initialized for debugging */
- apr_bucket *e;
-
- /* one group of iovecs per pass over the brigade */
- apr_size_t nvec = 0;
- apr_size_t nvec_trailers = 0;
- struct iovec vec[MAX_IOVEC_TO_WRITE];
- struct iovec vec_trailers[MAX_IOVEC_TO_WRITE];
-
- /* one file per pass over the brigade */
- apr_file_t *fd = NULL;
- apr_size_t flen = 0;
- apr_off_t foffset = 0;
-
- /* keep track of buckets that we've concatenated
- * to avoid small writes
- */
- apr_bucket *last_merged_bucket = NULL;
-
- /* tail of brigade if we need another pass */
- more = NULL;
-
- /* Iterate over the brigade: collect iovecs and/or a file */
- APR_BRIGADE_FOREACH(e, b) {
- /* keep track of the last bucket processed */
- last_e = e;
- if (APR_BUCKET_IS_EOS(e)) {
- break;
- }
- if (APR_BUCKET_IS_FLUSH(e)) {
- more = apr_brigade_split(b, APR_BUCKET_NEXT(e));
- break;
- }
-
- /* It doesn't make any sense to use sendfile for a file bucket
- * that represents 10 bytes.
- */
- else if (APR_BUCKET_IS_FILE(e)
- && (e->length >= AP_MIN_SENDFILE_BYTES)) {
- apr_bucket_file *a = e->data;
-
- /* We can't handle more than one file bucket at a time
- * so we split here and send the file we have already
- * found.
- */
- if (fd) {
- more = apr_brigade_split(b, e);
- break;
- }
-
- fd = a->fd;
- flen = e->length;
- foffset = e->start;
- }
- else {
- const char *str;
- apr_size_t n;
-
- rv = apr_bucket_read(e, &str, &n, eblock);
- if (APR_STATUS_IS_EAGAIN(rv)) {
- /* send what we have so far since we shouldn't expect more
- * output for a while... next time we read, block
- */
- more = apr_brigade_split(b, e);
- eblock = APR_BLOCK_READ;
- break;
- }
- eblock = APR_NONBLOCK_READ;
- if (n) {
- if (!fd) {
- if (nvec == MAX_IOVEC_TO_WRITE) {
- /* woah! too many. buffer them up, for use later. */
- apr_bucket *temp, *next;
- apr_bucket_brigade *temp_brig;
-
- if (nbytes >= AP_MIN_BYTES_TO_WRITE) {
- /* We have enough data in the iovec
- * to justify doing a writev
- */
- more = apr_brigade_split(b, e);
- break;
- }
-
- /* Create a temporary brigade as a means
- * of concatenating a bunch of buckets together
- */
- if (last_merged_bucket) {
- /* If we've concatenated together small
- * buckets already in a previous pass,
- * the initial buckets in this brigade
- * are heap buckets that may have extra
- * space left in them (because they
- * were created by apr_brigade_write()).
- * We can take advantage of this by
- * building the new temp brigade out of
- * these buckets, so that the content
- * in them doesn't have to be copied again.
- */
- apr_bucket_brigade *bb;
- bb = apr_brigade_split(b,
- APR_BUCKET_NEXT(last_merged_bucket));
- temp_brig = b;
- b = bb;
- }
- else {
- temp_brig = apr_brigade_create(f->c->pool,
- f->c->bucket_alloc);
- }
-
- temp = APR_BRIGADE_FIRST(b);
- while (temp != e) {
- apr_bucket *d;
- rv = apr_bucket_read(temp, &str, &n, APR_BLOCK_READ);
- apr_brigade_write(temp_brig, NULL, NULL, str, n);
- d = temp;
- temp = APR_BUCKET_NEXT(temp);
- apr_bucket_delete(d);
- }
-
- nvec = 0;
- nbytes = 0;
- temp = APR_BRIGADE_FIRST(temp_brig);
- APR_BUCKET_REMOVE(temp);
- APR_BRIGADE_INSERT_HEAD(b, temp);
- apr_bucket_read(temp, &str, &n, APR_BLOCK_READ);
- vec[nvec].iov_base = (char*) str;
- vec[nvec].iov_len = n;
- nvec++;
-
- /* Just in case the temporary brigade has
- * multiple buckets, recover the rest of
- * them and put them in the brigade that
- * we're sending.
- */
- for (next = APR_BRIGADE_FIRST(temp_brig);
- next != APR_BRIGADE_SENTINEL(temp_brig);
- next = APR_BRIGADE_FIRST(temp_brig)) {
- APR_BUCKET_REMOVE(next);
- APR_BUCKET_INSERT_AFTER(temp, next);
- temp = next;
- apr_bucket_read(next, &str, &n,
- APR_BLOCK_READ);
- vec[nvec].iov_base = (char*) str;
- vec[nvec].iov_len = n;
- nvec++;
- }
-
- apr_brigade_destroy(temp_brig);
-
- last_merged_bucket = temp;
- e = temp;
- last_e = e;
- }
- else {
- vec[nvec].iov_base = (char*) str;
- vec[nvec].iov_len = n;
- nvec++;
- }
- }
- else {
- /* The bucket is a trailer to a file bucket */
-
- if (nvec_trailers == MAX_IOVEC_TO_WRITE) {
- /* woah! too many. stop now. */
- more = apr_brigade_split(b, e);
- break;
- }
-
- vec_trailers[nvec_trailers].iov_base = (char*) str;
- vec_trailers[nvec_trailers].iov_len = n;
- nvec_trailers++;
- }
-
- nbytes += n;
- }
- }
- }
-
-
- /* Completed iterating over the brigades, now determine if we want
- * to buffer the brigade or send the brigade out on the network.
- *
- * Save if we haven't accumulated enough bytes to send, and:
- *
- * 1) we didn't see a file, we don't have more passes over the
- * brigade to perform, AND we didn't stop at a FLUSH bucket.
- * (IOW, we will save plain old bytes such as HTTP headers)
- * or
- * 2) we hit the EOS and have a keep-alive connection
- * (IOW, this response is a bit more complex, but we save it
- * with the hope of concatenating with another response)
- */
- if (nbytes + flen < AP_MIN_BYTES_TO_WRITE
- && ((!fd && !more && !APR_BUCKET_IS_FLUSH(last_e))
- || (APR_BUCKET_IS_EOS(last_e)
- && c->keepalive == AP_CONN_KEEPALIVE))) {
-
- /* NEVER save an EOS in here. If we are saving a brigade with
- * an EOS bucket, then we are doing keepalive connections, and
- * we want to process to second request fully.
- */
- if (APR_BUCKET_IS_EOS(last_e)) {
- apr_bucket *bucket;
- int file_bucket_saved = 0;
- apr_bucket_delete(last_e);
- for (bucket = APR_BRIGADE_FIRST(b);
- bucket != APR_BRIGADE_SENTINEL(b);
- bucket = APR_BUCKET_NEXT(bucket)) {
-
- /* Do a read on each bucket to pull in the
- * data from pipe and socket buckets, so
- * that we don't leave their file descriptors
- * open indefinitely. Do the same for file
- * buckets, with one exception: allow the
- * first file bucket in the brigade to remain
- * a file bucket, so that we don't end up
- * doing an mmap+memcpy every time a client
- * requests a <8KB file over a keepalive
- * connection.
- */
- if (APR_BUCKET_IS_FILE(bucket) && !file_bucket_saved) {
- file_bucket_saved = 1;
- }
- else {
- const char *buf;
- apr_size_t len = 0;
- rv = apr_bucket_read(bucket, &buf, &len,
- APR_BLOCK_READ);
- if (rv != APR_SUCCESS) {
- ap_log_error(APLOG_MARK, APLOG_ERR, rv,
- c->base_server, "core_output_filter:"
- " Error reading from bucket.");
- return HTTP_INTERNAL_SERVER_ERROR;
- }
- }
- }
- }
- if (!ctx->deferred_write_pool) {
- apr_pool_create(&ctx->deferred_write_pool, c->pool);
- }
- ap_save_brigade(f, &ctx->b, &b, ctx->deferred_write_pool);
-
- return APR_SUCCESS;
- }
-
- if (fd) {
- apr_hdtr_t hdtr;
- apr_size_t bytes_sent;
-
-#if APR_HAS_SENDFILE
- apr_int32_t flags = 0;
-#endif
-
- memset(&hdtr, '\0', sizeof(hdtr));
- if (nvec) {
- hdtr.numheaders = nvec;
- hdtr.headers = vec;
- }
-
- if (nvec_trailers) {
- hdtr.numtrailers = nvec_trailers;
- hdtr.trailers = vec_trailers;
- }
-
-#if APR_HAS_SENDFILE
- if (apr_file_flags_get(fd) & APR_SENDFILE_ENABLED) {
-
- if (c->keepalive == AP_CONN_CLOSE && APR_BUCKET_IS_EOS(last_e)) {
- /* Prepare the socket to be reused */
- flags |= APR_SENDFILE_DISCONNECT_SOCKET;
- }
-
- rv = sendfile_it_all(net, /* the network information */
- fd, /* the file to send */
- &hdtr, /* header and trailer iovecs */
- foffset, /* offset in the file to begin
- sending from */
- flen, /* length of file */
- nbytes + flen, /* total length including
- headers */
- &bytes_sent, /* how many bytes were
- sent */
- flags); /* apr_sendfile flags */
-
- if (logio_add_bytes_out && bytes_sent > 0)
- logio_add_bytes_out(c, bytes_sent);
- }
- else
-#endif
- {
- rv = emulate_sendfile(net, fd, &hdtr, foffset, flen,
- &bytes_sent);
-
- if (logio_add_bytes_out && bytes_sent > 0)
- logio_add_bytes_out(c, bytes_sent);
- }
-
- fd = NULL;
- }
- else {
- apr_size_t bytes_sent;
-
- rv = writev_it_all(net->client_socket,
- vec, nvec,
- nbytes, &bytes_sent);
-
- if (logio_add_bytes_out && bytes_sent > 0)
- logio_add_bytes_out(c, bytes_sent);
- }
-
- apr_brigade_destroy(b);
-
- /* drive cleanups for resources which were set aside
- * this may occur before or after termination of the request which
- * created the resource
- */
- if (ctx->deferred_write_pool) {
- if (more && more->p == ctx->deferred_write_pool) {
- /* "more" belongs to the deferred_write_pool,
- * which is about to be cleared.
- */
- if (APR_BRIGADE_EMPTY(more)) {
- more = NULL;
- }
- else {
- /* uh oh... change more's lifetime
- * to the input brigade's lifetime
- */
- apr_bucket_brigade *tmp_more = more;
- more = NULL;
- ap_save_brigade(f, &more, &tmp_more, input_pool);
- }
- }
- apr_pool_clear(ctx->deferred_write_pool);
- }
-
- if (rv != APR_SUCCESS) {
- ap_log_error(APLOG_MARK, APLOG_INFO, rv, c->base_server,
- "core_output_filter: writing data to the network");
-
- if (more)
- apr_brigade_destroy(more);
-
- /* No need to check for SUCCESS, we did that above. */
- if (!APR_STATUS_IS_EAGAIN(rv)) {
- c->aborted = 1;
- }
-
- /* The client has aborted, but the request was successful. We
- * will report success, and leave it to the access and error
- * logs to note that the connection was aborted.
- */
- return APR_SUCCESS;
- }
-
- b = more;
- more = NULL;
- } /* end while () */
-
- return APR_SUCCESS;
-}
+APR_OPTIONAL_FN_TYPE(ap_logio_add_bytes_out) *logio_add_bytes_out;
+APR_OPTIONAL_FN_TYPE(authz_some_auth_required) *authz_ap_some_auth_required;
static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s)
{
logio_add_bytes_out = APR_RETRIEVE_OPTIONAL_FN(ap_logio_add_bytes_out);
+ ident_lookup = APR_RETRIEVE_OPTIONAL_FN(ap_ident_lookup);
+ authz_ap_some_auth_required = APR_RETRIEVE_OPTIONAL_FN(authz_some_auth_required);
+ authn_ap_auth_type = APR_RETRIEVE_OPTIONAL_FN(authn_ap_auth_type);
+ authn_ap_auth_name = APR_RETRIEVE_OPTIONAL_FN(authn_ap_auth_name);
+ access_compat_ap_satisfies = APR_RETRIEVE_OPTIONAL_FN(access_compat_ap_satisfies);
- ap_set_version(pconf);
+ set_banner(pconf);
ap_setup_make_content_type(pconf);
+ ap_setup_auth_internal(ptemp);
return OK;
}
}
else {
req_cfg->bb = apr_brigade_create(r->pool, r->connection->bucket_alloc);
- if (!r->prev) {
- ap_add_input_filter_handle(ap_net_time_filter_handle,
- NULL, r, r->connection);
- }
}
ap_set_module_config(r->request_config, &core_module, req_cfg);
- /* Begin by presuming any module can make its own path_info assumptions,
- * until some module interjects and changes the value.
- */
- r->used_path_info = AP_REQ_DEFAULT_PATH_INFO;
-
return OK;
}
c->id = id;
c->bucket_alloc = alloc;
+ c->cs = (conn_state_t *)apr_pcalloc(ptrans, sizeof(conn_state_t));
+ APR_RING_INIT(&(c->cs->timeout_list), conn_state_t, timeout_list);
+ c->cs->expiration_time = 0;
+ c->cs->state = CONN_STATE_CHECK_REQUEST_LINE_READABLE;
+ c->cs->c = c;
+ c->cs->p = ptrans;
+ c->cs->bucket_alloc = alloc;
+ c->clogging_input_filters = 0;
+
return c;
}
static int core_pre_connection(conn_rec *c, void *csd)
{
core_net_rec *net = apr_palloc(c->pool, sizeof(*net));
+ apr_status_t rv;
#ifdef AP_MPM_DISABLE_NAGLE_ACCEPTED_SOCK
- /* BillS says perhaps this should be moved to the MPMs. Some OSes
- * allow listening socket attributes to be inherited by the
- * accept sockets which means this call only needs to be made
- * once on the listener
+ /* The Nagle algorithm says that we should delay sending partial
+ * packets in hopes of getting more data. We don't want to do
+ * this; we are not telnet. There are bad interactions between
+ * persistent connections and Nagle's algorithm that have very severe
+ * performance penalties. (Failing to disable Nagle is not much of a
+ * problem with simple HTTP.)
*/
- ap_sock_disable_nagle(csd);
+ rv = apr_socket_opt_set(csd, APR_TCP_NODELAY, 1);
+ if (rv != APR_SUCCESS && rv != APR_ENOTIMPL) {
+ /* expected cause is that the client disconnected already,
+ * hence the debug level
+ */
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, rv, c,
+ "apr_socket_opt_set(APR_TCP_NODELAY)");
+ }
#endif
+
+ /* The core filter requires the timeout mode to be set, which
+ * incidentally sets the socket to be nonblocking. If this
+ * is not initialized correctly, Linux - for example - will
+ * be initially blocking, while Solaris will be non blocking
+ * and any initial read will fail.
+ */
+ rv = apr_socket_timeout_set(csd, c->base_server->timeout);
+ if (rv != APR_SUCCESS) {
+ /* expected cause is that the client disconnected already */
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, rv, c,
+ "apr_socket_timeout_set");
+ }
+
net->c = c;
net->in_ctx = NULL;
net->out_ctx = NULL;
ap_hook_translate_name(ap_core_translate,NULL,NULL,APR_HOOK_REALLY_LAST);
ap_hook_map_to_storage(core_map_to_storage,NULL,NULL,APR_HOOK_REALLY_LAST);
ap_hook_open_logs(ap_open_logs,NULL,NULL,APR_HOOK_REALLY_FIRST);
+ ap_hook_child_init(ap_logs_child_init,NULL,NULL,APR_HOOK_MIDDLE);
ap_hook_handler(default_handler,NULL,NULL,APR_HOOK_REALLY_LAST);
/* FIXME: I suspect we can eliminate the need for these do_nothings - Ben */
ap_hook_type_checker(do_nothing,NULL,NULL,APR_HOOK_REALLY_LAST);
ap_hook_fixups(core_override_type,NULL,NULL,APR_HOOK_REALLY_FIRST);
- ap_hook_access_checker(do_nothing,NULL,NULL,APR_HOOK_REALLY_LAST);
ap_hook_create_request(core_create_req, NULL, NULL, APR_HOOK_MIDDLE);
APR_OPTIONAL_HOOK(proxy, create_req, core_create_proxy_req, NULL, NULL,
APR_HOOK_MIDDLE);
ap_hook_insert_filter(core_insert_filter, NULL, NULL, APR_HOOK_MIDDLE);
ap_core_input_filter_handle =
- ap_register_input_filter("CORE_IN", core_input_filter,
+ ap_register_input_filter("CORE_IN", ap_core_input_filter,
NULL, AP_FTYPE_NETWORK);
- ap_net_time_filter_handle =
- ap_register_input_filter("NET_TIME", net_time_filter,
- NULL, AP_FTYPE_PROTOCOL);
ap_content_length_filter_handle =
ap_register_output_filter("CONTENT_LENGTH", ap_content_length_filter,
NULL, AP_FTYPE_PROTOCOL);
ap_core_output_filter_handle =
- ap_register_output_filter("CORE", core_output_filter,
+ ap_register_output_filter("CORE", ap_core_output_filter,
NULL, AP_FTYPE_NETWORK);
ap_subreq_core_filter_handle =
ap_register_output_filter("SUBREQ_CORE", ap_sub_req_output_filter,
projects / apache / blobdiff