This is the mod_ssl input filtering rewrite. Lots of stuff here. I also
changed some of the style issues within the filtering code to conform to
the rest of the server.
Various incarnations of this patch have been posted to dev@httpd without
feedback. Now that it passes all of the httpd-test cases (with the
exception of module/negotiation test which fails without mod_ssl anyway),
it is time to check it in.
Please review and test. We are under C-T-R rules, so I'm going to take
advantage of that and commit it now. I have tested this about as much
as I can and it seems to work from everything I can give to it.
Considering that mod_ssl was broken before this commit, this is an
improvement.
We can't pass in &r->remaining because we change that value on output to
be how many bytes we read. This trounces on the r->remaining value, so
we must use a local variable and subtract that from r->remaining after we
read.
Reviewed by: Aaron Bannert
The problem here is that we are getting some zero-length buckets at the head
of our brigade - which are in isolation okay. In this situation, they
must be removed by the call to APR_BRIGADE_NORMALIZE.
The way we partition the buckets means that we will never remove the
zero-length bucket from the head - causing an infinite loop. We read only
a single bucket now - previously partition with the blocking reads would
read multiple buckets - but it forced having a defined length which we
agreed was bogus.
Therefore, if we have a zero-length bucket at the head, we would then try
to partition and split at the zero-point of the brigade. That combination
doesn't actually remove the zero-length bucket - it is still there - causing
an infinite loop because we'll never go past the zero-length bucket.
This call was originally present in core_input_filter. I think it might
be better to fix partition/split/etc to eliminate a zero-length bucket
and skip it. But, I'm not 100% sure that needs to happen.
Negotiation once allowed any file, of any filename extension, to be
served. The original patch to mod_negotation eliminated all extensions
that did not reflect filename extensions associated with negotiation
variables, unless the user expressly specified the file name with those
filename extensions.
This patch [attributed to me] was vetoed at its inception, it was provided
as an alternative for those who had to have the current behavior.
There is now another alternative patch that would introduce the
MultiviewsMatch directive to mod_mime, for consideration and discussion.
Short of removing the headers filter, this is the best asis can do.
Note that all body replies were entirely broken (thanks for helping
me notice this, Greg :)
Allow mod_so to be enabled by default even if no shared libraries from the
core are requested.
If you want to disable shared library support, pass --disable-so to
configure (as always). This will enforce that your httpd can NOT use
shared libraries - which may be a good thing for you to do.
Justin added the APR_HAS_DSO check per discussion on-list between Aaron,
Ryan, Greg, and the rest of the peanut gallery. This should allow us
to not build mod_so when it isn't supported. However, the rest of the
configure scripts need to know that shared objects aren't supported and
complain accordingly. (sharedobjs = yes, error out?)
Speed it up. While this optimization wasn't obvious for the two-pass
location_walk, it is significant for all subreq/redirects reusing the
cached walk values.
Greg Ames [Tue, 9 Oct 2001 01:33:48 +0000 (01:33 +0000)]
prevent near infinite subrequest recursion with mod_negotiation enabled.
This can happen if there is a partial match between a bad URI and a
file with a variant extention.
ap_sub_req_lookup_dirent has apparently been generating bogus subrequest
URIs for ages, but they used to be ignored. Once we started calling
ap_process_request_internal for all subrequests, they started causing
problems. Make it explicit that rnew->uri is to be ignored for this type
of subrequest.
Ryan Bloom [Mon, 8 Oct 2001 23:28:57 +0000 (23:28 +0000)]
Clean up the string passed to the error log hook. This removes the date,
time, error level, etc strings. The only information in the string is
the actual error.
Submitted by: Jon Travis <jtravis@covalent.net>
Greg Stein [Mon, 8 Oct 2001 23:10:37 +0000 (23:10 +0000)]
Don't set r->status_line. Apache uses that in preference to any other status
line, thinking we've set a custom status. Of course, it says "200 OK" no
matter what error we happen to return(!).
Ian Holsman [Mon, 8 Oct 2001 21:49:17 +0000 (21:49 +0000)]
dechunking filter removed.
add HTTP_IN filter after the headers have been parsed.
so that the HTTP_IN can check them ;-)
Still not 100% if this works properly, but I don't get
the chunking numbers displayed on my browser,
so it's better than what was there.
PR:
Obtained from:
Submitted by:
Reviewed by:
Greg Stein [Mon, 8 Oct 2001 20:12:50 +0000 (20:12 +0000)]
HTTP_IN was attempting to process the PEEK mode. This threw off
check_pipeline_flush(), making it think another request was available (when
it wasn't). Apache would avoid flushing the prior request and block on
reading the next request. (of course, the client wasn't sending the next
one, cuz it was still waiting for the results of the first one)
Ian Holsman [Mon, 8 Oct 2001 19:25:35 +0000 (19:25 +0000)]
initial port of new Request-mode HTTP_IN filter to proxy.
Status: It serves a reverse-proxy page.. but SLOWLY.
VERY SLOWLY.
still looking at why, but now it serves pages instead of dumping core.
PR:
Obtained from:
Submitted by:
Reviewed by:
Revamped ap_directory_walk logic, without a path_info helper is now
activated. It may be bumpy for a few days, and we have more optimizations
to put in place, but it's time to get this in the developer's test code.
A major overhaul to the -replacement- ap_directory_walk logic. This still
doesn't activate that code, I will do so probably by Monday, after more
thorough testing.
Introduces the ap_directory_walk::cache so we can stop wasting tons of
effort in mod_autoindex and other subreq/redirect requests.
This isn't thoroughly tested, I've only stepped through a half dozen
common cases. If you want to play, define REPLACE_PATH_INFO_METHOD.
Allow the core input filter to handle AP_NONBLOCK_READ request for a
finite number of bytes (i.e. *readbytes > 0).
ap_brigade_partition does a blocking read. So, what we should do is
apr_bucket_read on the socket for non-blocking. If we get less than
what they asked for, that's okay and we should just return that amount.
If they were non-blocking, we should always be non-blocking.
Ryan, Greg, and others can figure out if ap_brigade_partition should
be tweaked to handle AP_NONBLOCK_READ natively. I'm of a mixed mind,
but this addresses the short term need.
Make sure we run the new conf files through sed.
Now, the question is whether it might make more sense to have them
as ssl-std.conf, ldap-std.conf, and proxy-std.conf.
(I'm also not sure if this is even shell portable or not.)
I'll leave that up to OtherBill since he added these files.
Cleanup the config (somewhat) so that win32 -could- actually run from
the httpd-std.conf - but there are still some discrepancies to take
back to the conference committee :)
LDAP was voted some time ago into it's own httpd-ldap repository, and
never built on Win32; No ldap config directives are present, so I've
pulled it from both .conf files.
It would be really nice if the proxy team would come in and clean out
the deprecated/unsupported directives here.
Ryan Bloom [Thu, 4 Oct 2001 20:00:53 +0000 (20:00 +0000)]
Remove the Port directive. In it's place, the Listen directive
is now a required directive, which tells Apache what port to
listen on. The ServerName directive has also been extended
to accept an optional port. If the port is specified to the
ServerName, the server will report that port whenever it
reports the port that it is listening on. This change was
made to ease configuration errors that stem from having a Port
directive, and a Listen directive. In that situation, the server
would only listen to the port specified by the Listen command,
which caused a lot of confusion to users.
Ryan Bloom [Wed, 3 Oct 2001 17:47:51 +0000 (17:47 +0000)]
Fix --enable-mods-shared processing. If most is specified,
then all modules that can be compiled as shared modules are. This
was done by adding a module config specifier, static, which denotes
that a module can not be compiled as a DSO.
Ryan Bloom [Wed, 3 Oct 2001 17:44:34 +0000 (17:44 +0000)]
Add a Listen directive to the default config file. This allows us to
later add another listen directive, in the default SSL config file,
without stopping the server from listening on port 80. The next step
is to combine the Port and ServerName directives, so that Port can go
away finally.
Ryan Bloom [Wed, 3 Oct 2001 17:31:13 +0000 (17:31 +0000)]
Remove an old comment. This config.m4 is numbered 9, which is the
highest possible number, so it is garaunteed to be in the last batch. Any
module config.m4 should just use a number < 9 to ensure that this continues
to work.
One more note on the last commit - the 'cannot serve an absolute path'
bug was identified by, and debugged with hints and examples provided by
Ryan Morgan <rmorgan@covalent.net> --- his example module demonstrating
the problem was invaluable :)
Correct file lookups when we are given a file within the same directory
as the parent request. Also pulls a bunch of notes and code that was
set aside, we don't need this with the other optimizations introduced.
Fix a mismatching issue, where index.html.foo.en had recognized .html and
.en components, and exceptions index and foo. This patch will ignore the
'missing' exception html from the request, and go on to test the exception
foo in the list.
This does -not- imply that a request for index.foo will succeed, in the
example above. The pattern match tests index.foo[.*] so we wouldn't find
index.html.foo.anything. The pattern matching proposed at one time by
Francis Daly would allow index.foo to succeed as well [although many to
many matching is dangerous, see comments in this patch.]
Lars Eilebrecht [Tue, 2 Oct 2001 21:54:28 +0000 (21:54 +0000)]
Update mime.types file.
Map video/vnd.mpegurl to mxu according to
ftp://ftp.isi.edu/in-notes/iana/assignments/media-types/video/vnd.mpegurl
and audio/x-mpegurl to m3u, because it is commonly used.
Submitted by: Heiko Recktenwald <uzs106@uni-bonn.de>
Reviewed by: Sander van Zoest, Lars Eilebrecht
Ian Holsman [Tue, 2 Oct 2001 04:09:53 +0000 (04:09 +0000)]
Added Doxygen Comments
With these 2 changes most of the Doxygen warnings go away.
(these patch just modifies comments/slight moves in typedefs, no other changes)
Ryan Bloom [Mon, 1 Oct 2001 19:37:20 +0000 (19:37 +0000)]
clean up the fdqueue a bit more, by implementing Greg's
suggestions to getting rid of redundant variables, as well as
converting the simple ap_queue_full/ap_queue_empty tests into macros.
This also reinstates the "not_full" condition, which turned out to
be useful afterall in cases where we wanted to prevent the listener
thread from accepting further connections until the worker queue has
room for more.
Cliff Woolley [Mon, 1 Oct 2001 19:19:45 +0000 (19:19 +0000)]
Switch from tmpnam() to apr_file_mktemp() so that gcc with a recent glibc
will shut the hell up about tmpnam() being unsafe. htpasswd.c needs a
similar treatment, but it won't be _quite_ as easy since htpasswd has not
been completely apr-ized yet.
projects / apache / log