Chris Darroch [Mon, 14 Aug 2006 22:55:45 +0000 (22:55 +0000)]
Introduce a check_config phase between pre_config and open_logs,
to allow modules to review interdependent configuration directive
values and adjust them while messages can still be logged to the
console.
The open_logs phase is already used somewhat for this purpose by
certain MPMs (winnt, prefork, worker, and event) but only by forcing
their functions ahead of the core ap_open_logs() function, and
since this phase runs after the ap_signal_server function during startup,
it can not be used to generate messages on the console when restarting.
Add the check_config phase to mod_info and mod_example.
Handle relevant MPM directives during this phase and format messages
for both the console and the error log, as appropriate. Bounds and sanity
checks on the values of the MPM directives are handled in sequence in
this phase instead of in the various directive handling functions, since
those functions (e.g., set_max_clients()) may not be called at all if their
directives do not appear in the configuration files, and even if they
are called, there is no guarantee that this will occur in any particular
order.
Remove from the worker and event MPMs the code in the pre_config phase
that alters the configuration node tree by re-ordering ThreadsPerChild
ahead of MaxClients. This code is effective but insufficient; for
example, if ServerLimit follows MaxClients, the test against server_limit
in set_max_clients() is invalid. (In practice, this only results in
incorrect or absent warnings on the console, because server_limit is
set to its configured value when the main loop re-runs the configuration
process.)
Prevent ap_threads_per_child from exceeding thread_limit in the
winnt, worker, and event MPMs. This situation could occur if
ThreadsPerChild was not specified in the configuration files and
ThreadLimit was set to a value smaller than DEFAULT_THREADS_PER_CHILD,
because set_threads_per_child() would never be called and therefore
its bounds check against thread_limit would not be performed.
Remove from the winnt, prefork, worker, and event MPMs the
changed_limit_at_restart flag. Set the first_server_limit and
first_thread_limit values during the first execution of the check_config
function, and use them to detect changes to ServerLimit and ThreadLimit
across restarts and issue appropriately formatted warnings. Remove the
comments about the error log being a "bit bucket"; this was true when
the code was originally committed in r92530 but that was due to a bug
fixed in r92769.
Be consistent about setting all MPM configuration directive values in the
pre_config phase.
Rephrase and reformat the console and log file messages relating to
MPM configuration directives to be consistent across all MPMs. Use
briefer messages when logging to the error log than to the console.
Update miscellaneous stale comments and messages (e.g., reference to
daemons_min_free in worker and event MPMs, "prefork open_logs" in
winnt MPM, and StartServers in netware MPM).
The winnt, netware, beos, and mpmt_os2 MPMs should be tested by developers
with access to those platforms, especially the winnt MPM, which has
unique logic with respect to distinguishing between parent and child
processes during the configuration phases.
Update the English documentation for the worker MPM's ThreadsPerChild
directive, which no longer needs to precede other MPM directives in the
configuration files if it has a non-default value. The German (.de) and
Japanese (.ja) translations should be updated by developers fluent in
those languages.
Mladen Turk [Wed, 2 Aug 2006 15:31:24 +0000 (15:31 +0000)]
Fix return values from wait_for_many_objects.
The return value is index to the signaled thread in
the creted_threads array.
We can not use WAIT_TIMEOUT as return value
because its value is defined as 258, thus limiting
the MaxThreads to that value that leads to the
assertion errors.
Mladen Turk [Wed, 2 Aug 2006 14:36:24 +0000 (14:36 +0000)]
Fix the assertion if the WaitForMutipleObjects
returns WAIT_ABANDONED_NN instead presumed
WAIT_OBJECT_NN. This will correctly close the thread
handle without using invalid thread handle array index.
Spotted when large balancer timeout was set
and all the threads were busy waiting for the
connection:
[Wed Aug 02 14:29:58 2006] [crit] [Wed Aug 02 14:29:58 2006] file \\build-2.2.2\\server\\mpm\\winnt\\child.c, line 1120, assertion "(rv >= 0) && (rv < threads_created)" failed
Mladen Turk [Wed, 2 Aug 2006 07:59:47 +0000 (07:59 +0000)]
Allow optional name=value options within <Proxy
section line. Additional arguments are allowed
only for 'standard' url's, meaning that the wildchar
urls will return error like before.
This allow to specify the worker/balancer parameters
on the definition line, without the need for extra
ProxySet options.
Mladen Turk [Wed, 2 Aug 2006 06:54:01 +0000 (06:54 +0000)]
Enable ProxySet inside <Proxy> section to
create balancer or worker if they were not
already created.
This allows to have ProxySet directive before
BalancerMember directives inside Proxy section.
Jim Jagielski [Mon, 31 Jul 2006 17:01:40 +0000 (17:01 +0000)]
Add in a very simple balancer "set" concept, which allows
for members to be assigned to a particular cluster set
such that members in lower-numbered sets are checked/used
before those in higher ones.
Also bundled in this are some HTML cleanups for the balancer
manager UI. Sorry for the mixins :)
Compiles/builds clean: passes test framework as well
as more normal usage tests ;)
* Rework inflate out filter and give it a similar workflow as the deflate out
filter. This fixes the following bugs in the inflate out filter:
- Incorrect handling of flush buckets.
- Excessive memory usage for large compressed content (because we now
already sent parts down the chain and do not process the whole brigade
first before sending something down the chain).
- Handle the case correctly where the validation bytes at the end of
the compressed data stream are distributed across different buckets /
brigades.
- Fix a memory leak due to not cleaning up the internal structures of
libz in some error cases.
* We can ignore Z_BUF_ERROR in flush_libz_buffer because:
When we call libz_func we can assume that
- avail_in is zero (due to the surrounding code that calls
flush_libz_buffer)
- avail_out is non zero due to the fact that we just emptied
the output buffer and stored it into a brigade
So the only reason for Z_BUF_ERROR is that the internal libz
buffers are now empty and thus we called libz_func one time
too often. This does not hurt. It simply says that we are done.
* Add parameter crc to flush_libz_buffer in order to call the libz's crc32
function on the output buffer if needed. This is actually needed by the
later rework of the inflate out filter.
Mark J. Cox [Thu, 27 Jul 2006 17:03:34 +0000 (17:03 +0000)]
SECURITY: CVE-2006-3747 (cve.mitre.org)
mod_rewrite: Fix an off-by-one security problem in the ldap scheme
handling. For some RewriteRules this could lead to a pointer being
written out of bounds. Reported by Mark Dowd of McAfee.
* Remove all filters that are before the cache_out filter. This ensures
that we kick off the filter stack with our cache_out filter being the
first in the chain. This make sense because we want to restore things
in the same manner as we saved them.
There may be filters before our cache_out filter, because
1. We call ap_set_content_type during cache_select. This causes
Content-Type specific filters to be added.
2. We call the insert_filter hook. This causes filters e.g. like
the ones set with SetOutputFilter to be added.
Roy T. Fielding [Wed, 26 Jul 2006 00:40:53 +0000 (00:40 +0000)]
Fix warning on Darwin 8.7.0 (OS X 10.4.7) due to the prototype for
sendfile_nonblocking being declared outside ifdefs even though the
function is defined and used only when APR_HAS_SENDFILE
* Although the lstat call should rarely ever fail, because we stat'ed the
same file several lines above, check the return value to be save that
nothing bad happens in the case it does fail.
Backout r410758 because DavLockDB needs to point to an httpd-writable
directory and @exp_runtimedir@ doesn't qualify. Also document a
missing module requirement.
Nick Kew [Sun, 23 Jul 2006 20:22:57 +0000 (20:22 +0000)]
Remove dependence on server config from ap_dbd_prepare, as that may
be called in per-directory config functions where there is no
server context causing segfault.
Discussion at
http://mail-archives.apache.org/mod_mbox/httpd-dev/200607.mbox/<831327593.20060720023332%40engec.ru>
and subsequent thread.
Mladen Turk [Sun, 23 Jul 2006 08:36:06 +0000 (08:36 +0000)]
Fix the typo (probably). The %~na is something windows
help for batch files does not recognize.
Anyhow, renaming to the %~nf there is no more
%~na.default file generated inside conf/extra on install.
* Remove the word SECURITY to address Joe's and Bill's concern that this would
imply that FollowSymLinks and SymLinksIfOwnerMatch are security features.
* In preparation of the changes of the inflate out filter:
- rename flush_zlib_buffer to flush_libz_buffer (this name seems
better)
- add a parameter to tell flush_libz_buffer whether it should
deflate or inflate as this function should be also used for the
inflate out filter.
* Check for symbolic links of the target file in the optimized case that we
had already done this specific directory walk for this request. This can
happen when we have an internal redirect, like the ones caused by mod_dir
(/ -> index.html). See also
Paul Querna [Tue, 18 Jul 2006 00:11:46 +0000 (00:11 +0000)]
Revert r422298, because it introduces GNU Make specific extensions to the Makefile, and should be replaced by doing the work inside configure, instead of the Makefile.in.
* Fix potential memory leaks in deflate_out_filter if bailing out due to an
error (either in the lower filter chain or during a libz operation). We need
to call deflateEnd as it is very likely that this filter is never called
again to ensures that libz's internal structures get cleaned properly.
* Fix wrong FLUSH bucket handling in deflate_out_filter: Actually the internal
structures of libz never got flushed as ctx->stream.avail_in is always zero
here. As the EOS and the FLUSH bucket case use the same code for flushing
libz's internal buffers move this code to the new function flush_zlib_buffer.
Paul Querna [Sat, 15 Jul 2006 22:05:02 +0000 (22:05 +0000)]
Makefile.in: Don't try to compile checkgid and fcgistarter on win32 when using the autotools build system.
/support: Update svn:ignore for generated exe files
Paul Querna [Sat, 15 Jul 2006 09:03:52 +0000 (09:03 +0000)]
Bring in basic support for building the winnt MPM under mingw32, using the autoconf build system. Currently this will get you to the point of linking errors on gen_test_char.
configure.in: Default to winnt MPM on mingw32 hosts.
configure.in: Add AP_DECLARE_EXPORT for mingw32 hsots.
os/config.m4: Use win32 dir under mingw32.
os/win32/Makefile.in: Add in a new makefile to generate libos on win32.
server/mpm/config.m4: Add winnt MPM to the help string.
server/mpm/config.m4: winnt MPM is a threaded MPM.
server/mpm/winnt/child.c: SO_UPDATE_ACCEPT_CONTEXT is defined under a different header in mingw32.
server/mpm/winnt/{Makefile.in,config.m4}: Base build for winnt MPM.
os/win32,server/mpm/winnt: Update svn:ignore for .deps/.libs
Jim Jagielski [Wed, 12 Jul 2006 15:01:15 +0000 (15:01 +0000)]
It never fails. I sit on a patch for awhile and
it's not until almost right after I commit it that
I think "hey, there's a better way to do that."
Anyway, I was never happy about the code
duplication of the primary/standby checks...
This fixes that.