Don't claim "BIO dump follows" if it is not logged due to log level config.
make ssl_io_data_dump respect per-conn loglevel
add high trace level log messages for debugging buffering and write completion
* modules/ssl/ssl_engine_kernel.c (ssl_callback_SessionTicket): Fail
if RAND_bytes() fails; possible per API, although not in practice
with the OpenSSL implementation.
Fix typo in log message.
ap_add_common_vars(): use apr_pstrmemdup().
This avoids a transient replacement/restore of '?' by '\0' in r->filename.
Use 'ap_request_has_body()' instead of duplicating its implemenation.
The logic in 'ap_request_has_body()' is:
has_body = (!r->header_only
&& (r->kept_body
|| apr_table_get(r->headers_in, "Transfer-Encoding")
|| ( (cls = apr_table_get(r->headers_in, "Content-Length"))
&& (apr_strtoff(&cl, cls, &estr, 10) == APR_SUCCESS)
&& (!*estr)
&& (cl > 0) )
)
);
So the test is slighly different from the original code. (but this looks fine to me)
This also has the advantage to avoid a redundant call to 'apr_table_get()' and to improve readability.
While at it, move the test '!r->expecting_100' a few lines above because it is cheap.
PR62368: Print the unparsed URI in AH03454
... to include r->args and get otherwise get as close to possible to
what came in over the wire.
Submitted By: Hank Ibell <hwibell gmail.com>
Committed By: covener
All error handling paths of this function call 'apr_brigade_destroy()' , except this one.
So add it here too.
Probably spotted with the help of the Coccinelle software (Thx Julia for the patch and for Coccinelle)
See PR 53016
* modules/proxy/proxy_util.c (ap_proxy_share_worker): Skip creating subpool
for debugging unless debug-level logging is enabled. No functional change.
mod_watchdog: Correct some log messages and fix
compiler warning
"'rv' may be used uninitialized in this function".
Follow up to r1722154.
Submitted by: sf, jorton, jorton, ylavic, jailletc36, covener, jailletc36, jorton, rjung
Reviewed by: jailletc36, jim, jorton
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1838103 13f79535-47bb-0310-9956-
ffa450edef68
and <IfModule> to be quoted. This is primarily for the benefit of
<IfFile>. [Eric Covener]
+ *) mod_watchdog: Correct some log messages. [Rainer Jung]
+
*) mod_md: When the last domain name from an MD is moved to another one,
that now empty MD gets moved to the store archive. PR 62572.
[Stefan Eissing]
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- *) Easy patches: synch 2.4.x and trunk
- - mod_ssl: Tweak logging message
- - mod_ssl: make ssl_io_data_dump respect per-conn loglevel
- - mod_ssl: adjust log level
- - mod_ssl: handle RAND_bytes() failures (API changed in OpenSSL 0.9.5 and httpd needs >= 0.9.8a)
- - mod_ssl: fix typo
- - core: Simplify code
- - mod_ssl: simplify code
- - core: Print the unparsed URI in AH03454
- - mod_proxy_ajp: release some resources on an error handling pah
- - mod_proxy: Skip creating subpool for debugging unless debug-level logging is enabled
- - mod_watchdog: Correct some log messages and fix compiler warning
- trunk patch: http://svn.apache.org/r1418761
- http://svn.apache.org/r1418765
- http://svn.apache.org/r1510295
- http://svn.apache.org/r1757147
- http://svn.apache.org/r1805163
- http://svn.apache.org/r1818924
- http://svn.apache.org/r1827374
- http://svn.apache.org/r1831772
- http://svn.apache.org/r1832351
- http://svn.apache.org/r1832951
- http://svn.apache.org/r1815004
- 2.4.x patch: trunk patches work, minus CHANGES and next-number in the last commit (r1815004)
- svn merge -c 1418761,1418765,1510295,1757147,1805163,1818924,1827374,1831772,1832351,1832951,1815004 ^/httpd/httpd/trunk .
- +1: jailletc36, jim, jorton
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
w->name, s,
wd_server_conf->pool, 0);
if (rv != APR_SUCCESS) {
+ ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s, APLOGNO(10095)
+ "Watchdog: Failed to create singleton mutex.");
return rv;
}
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, rv, s, APLOGNO(02979)
+ "Watchdog: Created singleton mutex (%s).", w->name);
}
- ap_log_error(APLOG_MARK, APLOG_DEBUG, rv, s, APLOGNO(02979)
- "Watchdog: Created child worker thread (%s).", w->name);
wd_server_conf->child_workers++;
}
}
*/
if ((rv = wd_startup(w, wd_server_conf->pool)) != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_CRIT, rv, s, APLOGNO(01573)
- "Watchdog: Failed to create worker thread.");
+ "Watchdog: Failed to create child worker thread.");
/* No point to continue */
return;
}
ap_log_error(APLOG_MARK, APLOG_DEBUG, rv, s, APLOGNO(02981)
- "Watchdog: Created worker thread (%s).", wn[i].provider_name);
+ "Watchdog: Created child worker thread (%s).", wn[i].provider_name);
}
}
}
* Close it to clean things up.
*/
conn->close = 1;
+ apr_brigade_destroy(input_brigade);
return HTTP_BAD_REQUEST;
}
}
}
worker->s = shm;
worker->s->index = i;
- {
+
+ if (APLOGdebug(ap_server_conf)) {
apr_pool_t *pool;
apr_pool_create(&pool, ap_server_conf->process->pool);
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf, APLOGNO(02338)
*/
outctx->c->cs->sense = CONN_SENSE_WANT_READ;
outctx->rc = APR_EAGAIN;
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE6, 0, outctx->c,
+ "Want read during nonblocking write");
}
else if (ssl_err == SSL_ERROR_SYSCALL) {
ap_log_cerror(APLOG_MARK, APLOG_INFO, outctx->rc, c, APLOGNO(01993)
/* write is non blocking for the benefit of async mpm */
if (c->cs) {
BIO_set_nbio(filter_ctx->pbioWrite, 1);
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE6, 0, c,
+ "Enabling non-blocking writes");
}
ssl_io_input_add_filter(filter_ctx, c, r, ssl);
#define DUMP_WIDTH 16
-static void ssl_io_data_dump(server_rec *s,
- const char *b,
- long len)
+static void ssl_io_data_dump(conn_rec *c, server_rec *s,
+ const char *b, long len)
{
char buf[256];
char tmp[64];
rows = (len / DUMP_WIDTH);
if ((rows * DUMP_WIDTH) < len)
rows++;
- ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, s,
+ ap_log_cserror(APLOG_MARK, APLOG_TRACE7, 0, c, s,
"+-------------------------------------------------------------------------+");
for(i = 0 ; i< rows; i++) {
#if APR_CHARSET_EBCDIC
}
}
apr_cpystrn(buf+strlen(buf), " |", sizeof(buf)-strlen(buf));
- ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, s, "%s", buf);
+ ap_log_cserror(APLOG_MARK, APLOG_TRACE7, 0, c, s, "%s", buf);
}
if (trunc > 0)
- ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, s,
+ ap_log_cserror(APLOG_MARK, APLOG_TRACE7, 0, c, s,
"| %04ld - <SPACES/NULS>", len + trunc);
- ap_log_error(APLOG_MARK, APLOG_TRACE7, 0, s,
+ ap_log_cserror(APLOG_MARK, APLOG_TRACE7, 0, c, s,
"+-------------------------------------------------------------------------+");
return;
}
if ( cmd == (BIO_CB_WRITE|BIO_CB_RETURN)
|| cmd == (BIO_CB_READ |BIO_CB_RETURN) ) {
if (rc >= 0) {
+ const char *dump = "";
+ if (APLOG_CS_IS_LEVEL(c, s, APLOG_TRACE7)) {
+ if (argp != NULL)
+ dump = "(BIO dump follows)";
+ else
+ dump = "(Oops, no memory buffer?)";
+ }
ap_log_cserror(APLOG_MARK, APLOG_TRACE4, 0, c, s,
"%s: %s %ld/%d bytes %s BIO#%pp [mem: %pp] %s",
MODSSL_LIBRARY_NAME,
(cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "write" : "read"),
rc, argi, (cmd == (BIO_CB_WRITE|BIO_CB_RETURN) ? "to" : "from"),
- bio, argp,
- (argp != NULL ? "(BIO dump follows)" : "(Oops, no memory buffer?)"));
- if ((argp != NULL) && APLOG_CS_IS_LEVEL(c, s, APLOG_TRACE7))
- ssl_io_data_dump(s, argp, rc);
+ bio, argp, dump);
+ if (*dump != '\0' && argp != NULL)
+ ssl_io_data_dump(c, s, argp, rc);
}
else {
ap_log_cserror(APLOG_MARK, APLOG_TRACE4, 0, c, s,
* request body, and then to reinject that request body later.
*/
if (renegotiate && !renegotiate_quick
- && (apr_table_get(r->headers_in, "transfer-encoding")
- || (apr_table_get(r->headers_in, "content-length")
- && strcmp(apr_table_get(r->headers_in, "content-length"), "0")))
- && !r->expecting_100) {
+ && !r->expecting_100
+ && ap_request_has_body(r)) {
int rv;
apr_size_t rsize;
if (SSL_check_private_key(ssl) < 1) {
ap_log_cerror(APLOG_MARK, APLOG_WARNING, 0, c, APLOGNO(10088)
- "Challenbge certificate and private key %s "
+ "Challenge certificate and private key %s "
"do not match", servername);
return APR_EGENERAL;
}
}
memcpy(keyname, ticket_key->key_name, 16);
- RAND_bytes(iv, EVP_MAX_IV_LENGTH);
+ if (RAND_bytes(iv, EVP_MAX_IV_LENGTH) != 1) {
+ return -1;
+ }
EVP_EncryptInit_ex(cipher_ctx, EVP_aes_128_cbc(), NULL,
ticket_key->aes_key, iv);
HMAC_Init_ex(hctx, ticket_key->hmac_secret, 16, tlsext_tick_md(), NULL);
apr_size_t bytes_in_brigade, non_file_bytes_in_brigade;
int eor_buckets_in_brigade, morphing_bucket_in_brigade;
apr_status_t rv;
+ int loglevel = ap_get_conn_module_loglevel(c, APLOG_MODULE_INDEX);
/* Fail quickly if the connection has already been aborted. */
if (c->aborted) {
|| eor_buckets_in_brigade > MAX_REQUESTS_IN_PIPELINE) {
/* this segment of the brigade MUST be sent before returning. */
- if (APLOGctrace6(c)) {
+ if (loglevel >= APLOG_TRACE6) {
char *reason = APR_BUCKET_IS_FLUSH(bucket) ?
"FLUSH bucket" :
(non_file_bytes_in_brigade >= THRESHOLD_MAX_BUFFER) ?
morphing_bucket_in_brigade ? "morphing bucket" :
"MAX_REQUESTS_IN_PIPELINE";
ap_log_cerror(APLOG_MARK, APLOG_TRACE6, 0, c,
- "core_output_filter: flushing because of %s",
- reason);
+ "will flush because of %s", reason);
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE8, 0, c,
+ "seen in brigade%s: bytes: %" APR_SIZE_T_FMT
+ ", non-file bytes: %" APR_SIZE_T_FMT ", eor "
+ "buckets: %d, morphing buckets: %d",
+ flush_upto == NULL ? " so far"
+ : " since last flush point",
+ bytes_in_brigade,
+ non_file_bytes_in_brigade,
+ eor_buckets_in_brigade,
+ morphing_bucket_in_brigade);
}
/*
* Defer the actual blocking write to avoid doing many writes.
if (flush_upto != NULL) {
ctx->tmp_flush_bb = apr_brigade_split_ex(bb, flush_upto,
ctx->tmp_flush_bb);
+ if (loglevel >= APLOG_TRACE8) {
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE8, 0, c,
+ "flushing now");
+ }
rv = send_brigade_blocking(net->client_socket, bb,
&(ctx->bytes_written), c);
if (rv != APR_SUCCESS) {
c->aborted = 1;
return rv;
}
+ if (loglevel >= APLOG_TRACE8) {
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE8, 0, c,
+ "total bytes written: %" APR_SIZE_T_FMT,
+ ctx->bytes_written);
+ }
APR_BRIGADE_CONCAT(bb, ctx->tmp_flush_bb);
}
+ if (loglevel >= APLOG_TRACE8) {
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE8, 0, c,
+ "brigade contains: bytes: %" APR_SIZE_T_FMT
+ ", non-file bytes: %" APR_SIZE_T_FMT
+ ", eor buckets: %d, morphing buckets: %d",
+ bytes_in_brigade, non_file_bytes_in_brigade,
+ eor_buckets_in_brigade, morphing_bucket_in_brigade);
+ }
+
if (bytes_in_brigade >= THRESHOLD_MIN_WRITE) {
rv = send_brigade_nonblocking(net->client_socket, bb,
&(ctx->bytes_written), c);
c->aborted = 1;
return rv;
}
+ if (loglevel >= APLOG_TRACE8) {
+ ap_log_cerror(APLOG_MARK, APLOG_TRACE8, 0, c,
+ "tried nonblocking write, total bytes "
+ "written: %" APR_SIZE_T_FMT,
+ ctx->bytes_written);
+ }
}
setaside_remaining_output(f, ctx, bb, c);
else if (deferred_error == rrl_baduri)
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03454)
"HTTP Request Line; URI incorrectly encoded: '%.*s'",
- field_name_len(r->uri), r->uri);
+ field_name_len(r->unparsed_uri), r->unparsed_uri);
else if (deferred_error == rrl_badwhitespace)
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(03447)
"HTTP Request Line; Invalid whitespace");
apr_table_addn(e, "CONTEXT_DOCUMENT_ROOT", ap_context_document_root(r));
apr_table_addn(e, "SERVER_ADMIN", s->server_admin); /* Apache */
if (apr_table_get(r->notes, "proxy-noquery") && (q = ap_strchr(r->filename, '?'))) {
- *q = '\0';
- apr_table_addn(e, "SCRIPT_FILENAME", apr_pstrdup(r->pool, r->filename));
- *q = '?';
+ char *script_filename = apr_pstrmemdup(r->pool, r->filename, q - r->filename);
+ apr_table_addn(e, "SCRIPT_FILENAME", script_filename);
}
else {
apr_table_addn(e, "SCRIPT_FILENAME", r->filename); /* Apache */
projects / apache / commitdiff