Brian Pane [Sun, 2 Dec 2001 23:15:54 +0000 (23:15 +0000)]
[No code changes here, just adding the cvs comment that I messed up in
the previous commit]
Added a version of ap_getline() that allocs a buffer from
the request's pool, rather than copying into a caller-supplied
buffer. (This lets us eliminate one copy operation on the
request headers.)
Brian Pane [Sun, 2 Dec 2001 23:13:32 +0000 (23:13 +0000)]
Added a version of ap_getline() that allocs a buffer from
the request's pool, rather than copying into a caller-supplied
buffer. (This lets us eliminate one copy operation on the
request headers.)
Brian Pane [Sun, 2 Dec 2001 19:16:01 +0000 (19:16 +0000)]
Added code to ap_ssi_get_tag_and_value() to avoid converting
SSI tags to lowercase when they're already lowercase (in my
experience, this special case happens often enough to be
worth optimizing)
Brian Pane [Sun, 2 Dec 2001 18:44:06 +0000 (18:44 +0000)]
Added faster logic for decodehtml to handle the special case
where the string being decoded doesn't have any ampersands
in it (e.g., because it's the value for an 'include virtual=...')
Brian Pane [Sun, 2 Dec 2001 10:33:01 +0000 (10:33 +0000)]
Exclude the terminating null byte from the length of
strings passed to apr_hash_get/apr_hash_set (this matches
the convention used throughout the rest of the httpd,
and it saves a small amount of processing)
Jeff Trawick [Sat, 1 Dec 2001 17:42:18 +0000 (17:42 +0000)]
Get shared builds of libapr and libaprutil, as well as Apache DSOs,
working on AIX.
Submitted by: a cast of many, reverse engineering libtool to
figure out how to work around its oddities/limitations/
bugs on AIX
(Jeff Trawick coded these changes but it took a lot of
help)
Brian Pane [Sat, 1 Dec 2001 05:38:23 +0000 (05:38 +0000)]
Fix the handling of SSI directives in which the ">" of the
terminating "-->" is the last byte in a file (previously,
the output of the directive was lost in this case).
Doug MacEachern [Sat, 1 Dec 2001 02:11:04 +0000 (02:11 +0000)]
remove churn_output() function and calls to it.
when SSL needs to flush (e.g. during SSL_accept()) it will call BIO_flush()
which will trigger a call to bio_bucket_ctrl() -> BIO_bucket_flush().
so we only need to flush the output ourselves if we receive an EOS or
FLUSH bucket.
BIO_bucket_flush() and churn_output() had been turning up near the top
of the profile with gprof. churn_output() of course has now vanished
and BIO_bucket_flush() has dropped, being called far less than before.
Jeff Trawick [Sat, 1 Dec 2001 02:09:00 +0000 (02:09 +0000)]
use our standard declaration macro for the AP_DEBUG flavors of
ap_strchr(), ap_strchr_c(), et al so that for an AP_DEBUG build
of Apache those functions will be listed in httpd.exp... otherwise,
AIX DSO modules also compiled with AP_DEBUG won't be able to resolve
those symbols since httpd isn't exporting them
Jeff Trawick [Sat, 1 Dec 2001 01:22:01 +0000 (01:22 +0000)]
fix a potential thread safety issue in mod_mime_magic
(but to be honest I have no idea whether or not this path is
ever used... it seems quite bizarre)
Aaron Bannert [Thu, 29 Nov 2001 23:34:09 +0000 (23:34 +0000)]
Add back in the "suEXEC mechanism enabled (wrapper: /path/to/suexec)"
message that we had back in apache-1.3 and is still scattered throughout
our docs.
Unfortunately, when mod_suexec is a DSO we're going to get this thing
twice in our logs. I believe as a side effect of the load-unload-load
cycles of our DSOs we're losing the static data segment, which is where
the "didn't we already report this" flag lives.
Ian Holsman [Thu, 29 Nov 2001 21:09:31 +0000 (21:09 +0000)]
r->headers_in is shared by original requests and components (make no sense
copy them for components), but each component has its own r->pool.
So once the first component set "Max-Forwards", it is in headers_in
but the value could get lost with the first component's r->pool.
Hence I sometimes see "Max-Forwards" has value like letter "l".
Change it to use apr_table_set() fixed the problem.
Revert my last patch to detect a 'leftover' arg. Apparently there is
no way to distinguish between an extra arg, and a -x foo arg, or else
our getopt is broken at the moment.
I can't dig further into getopt right now, so this will wait for another
day or another hacker to resolve.
We never tested for invalid 'additional' arguments that were ignored.
Was there any point to allowing additional, unused args after the
various supported switches?
This prevents the Apache server from starting with an httpd somefooness
invocation.
Doug MacEachern [Thu, 29 Nov 2001 07:07:36 +0000 (07:07 +0000)]
the client cert X509_NAME_oneline() is only used if SSLFakeBasicAuth
is happening. so avoid calling that unless needed and just stash a
pointer to the client cert for the boolean checks that the client
provided a cert.
PR:
Obtained from:
Submitted by:
Reviewed by:
Doug MacEachern [Thu, 29 Nov 2001 06:52:18 +0000 (06:52 +0000)]
avoid a call to X509_NAME_oneline() and ASN1_INTEGER_get() in
ssl_callback_SSLVerify_CRL() unless SSLLogLevel >= info, otherwise the
expense is unused.
PR:
Obtained from:
Submitted by:
Reviewed by:
Doug MacEachern [Thu, 29 Nov 2001 06:34:53 +0000 (06:34 +0000)]
get rid of ssl_log_applies() function. it does more than we need and
what should be done with a macro. it was only used once anyhow.
PR:
Obtained from:
Submitted by:
Reviewed by:
Doug MacEachern [Thu, 29 Nov 2001 06:27:41 +0000 (06:27 +0000)]
ssl_callback_SSLVerify() was calling (the expensive) X509_NAME_oneline()
function and free() of the return value twice each, for logging
regardless of SSLLogLevel. changed to happen only if SSLLogLevel >= trace
PR:
Obtained from:
Submitted by:
Reviewed by:
Doug MacEachern [Thu, 29 Nov 2001 06:15:01 +0000 (06:15 +0000)]
fix for last change that removed ssl_util_getmodconfig():
go back to using s->process->pool userdata, but just to store the
global module config during startup so we only create _one_ SSLModConfigRec.
(didn't realize this function was called in both ssl_init_Module and
ssl_config_server_create)
PR:
Obtained from:
Submitted by:
Reviewed by:
Doug MacEachern [Thu, 29 Nov 2001 05:45:48 +0000 (05:45 +0000)]
ssl_util_getmodconfig() and ssl_util_getmodconfig_ssl() show up high
in the gprof profile. there's no need for the "global" SSLModConfigRec
to live in the s->process->pool userdata table. we now just point the
SSLSrvConfigRec in each server_rec.module_config to the SSLModConfigRec
so we can access it directly which is much faster.
PR:
Obtained from:
Submitted by:
Reviewed by:
Doug MacEachern [Thu, 29 Nov 2001 05:17:38 +0000 (05:17 +0000)]
SSL_rand() does a mutex lock/unlock with threaded MPMs, so collapse
two calls that seed pid and time into one.
PR:
Obtained from:
Submitted by:
Reviewed by:
Greg Ames [Wed, 28 Nov 2001 19:41:07 +0000 (19:41 +0000)]
get binbuild.sh working enough to create a binary which serves the It Works!
page
* change seds for apachectl and httpd*.conf to do the right thing
* use /usr/local/apache2 for the default install directory
* use a shell variable for the above, in case it needs to change again
* use httpd-std.conf in place of httpd.conf.default
* get rid of the httpd -R option in apachectl (not valid in 2.0)
* don't overlay httpd.conf if it already exists (1.3 does this - wtf?!?!)
not done in this commit:
* install manual/ and error/ correctly
* switch to --enable-mods-shared=most now that it works (thanks, aaron!)
* investigate weird behavior when .tar.gz already exists in parent dir
* investigate setting a Group directive that actually works in httpd*.conf
Downgrade the input filtering from a showstopper. No one seems interested
in discussing OtherBill and my points at this time, so it can't be a bug
in anyone's rear end. As stated, the code works for the most part.
And, if we did do another round of filter changes, I'm inclined to see it
happen in 2.1.
Doug MacEachern [Wed, 28 Nov 2001 05:50:55 +0000 (05:50 +0000)]
calculate VHostID length at startup rather than request time.
change ap_md5() call in ssl_hook_pre_connection() to ap_md5_binary()
that uses the precalculated sc->nVHostID_length to avoid a strlen() call.
Doug MacEachern [Wed, 28 Nov 2001 05:44:50 +0000 (05:44 +0000)]
avoid calling ssl_util_vhostid() (and apr_sprintf underneath) at
request time by calling it at startup time and saving the value in the
SSLSrvConfigRec.
PR:
Obtained from:
Submitted by:
Reviewed by:
Doug MacEachern [Wed, 28 Nov 2001 05:05:04 +0000 (05:05 +0000)]
replace strlen(cpVHostMD5) with MD5_DIGESTSIZE*2 in ssl_hook_pre_connection()
since we know the string returned by ap_md5() will always be that length
PR:
Obtained from:
Submitted by:
Reviewed by:
Doug MacEachern [Wed, 28 Nov 2001 05:00:34 +0000 (05:00 +0000)]
use apr_pstrndup() instead of apr_pstrdup() to avoid a strlen call in
ap_md5_binary, since we know the length of the string is always
MD5_DIGESTSIZE * 2
PR:
Obtained from:
Submitted by:
Reviewed by:
Doug MacEachern [Wed, 28 Nov 2001 03:15:41 +0000 (03:15 +0000)]
moving chunk of logic that deals with writing ssl data from
ssl_io_filter_Output() to a new ssl_filter_write() function.
this will make it easier to optimize how we deal with file buckets
than cannot be mmaped.
PR:
Obtained from:
Submitted by:
Reviewed by:
Doug MacEachern [Tue, 27 Nov 2001 23:37:20 +0000 (23:37 +0000)]
implement a custom BIO which allows us to hook SSL_write directly into
an apr_bucket_brigade and use transient buckets with the SSL
malloc-ed buffer, rather than copying into a mem BIO.
also allows us to pass the brigade as data is being written
rather than buffering up the entire response in the mem BIO.
Ian Holsman [Tue, 27 Nov 2001 22:07:09 +0000 (22:07 +0000)]
Change the magic #
as we have changed the conn_rec structure
and have change the open_log and post_config hook function
PR:
Obtained from:
Submitted by:
Reviewed by:
Brian Pane [Tue, 27 Nov 2001 08:39:02 +0000 (08:39 +0000)]
Another performance-related change to core_output_filter(): if we
get a long stream of small buckets, so that multiple concatenation
steps are required in a single pass through the brigade, re-use the
buckets from the previous temp brigade when creating the next one.
This allows us to avoid making yet another copy of the previously
concatenated data.
Brian Pane [Tue, 27 Nov 2001 06:35:29 +0000 (06:35 +0000)]
Optimization for core_output_filter: if the iovec is full,
don't try to concatenate buffers if we already have at least
8KB of data ready to send. Instead, just split the brigade
and send what's currently in the iovec.
Changes by Mladen Turk <mturk@mappingsoft.com>, with dialog touchup by
myself [I can't stand misordered dialog interfaces ;], to allow the user
to connect and disconnect remote PCs into the ApacheMonitor.
Needs other mild changes, e.g. machine\service rather than machine@service
[since @ could be part of a service/machine name, slash and backslash may
never be.] And still, the sync behavior leaves something to be desired.
Note one bug - the browse for computer actually won't browse computers,
but that can be fixed in another patch.
Jeff Trawick [Mon, 26 Nov 2001 14:38:03 +0000 (14:38 +0000)]
very minor tweaks:
. convert a comment to English
. zap an unnecessary '.' from a log message
. rearrange the setting of some variables controlling pipes and cmd-type
in the cgi process so that the differences in their values for ssi vs. cgi
can be more readily seen
Brian Pane [Mon, 26 Nov 2001 08:49:29 +0000 (08:49 +0000)]
Another fix for the core_output_filter() code that concatenates
small buckets: It's possible for the temporary brigade to
contain more than one bucket. If this happens, we need to
recover the buckets after the first from the temporary brigade
before destroying it.
Brian Pane [Mon, 26 Nov 2001 03:51:40 +0000 (03:51 +0000)]
Fix for the code in core_output_filter() that concatenates small buckets
into one big bucket...it was putting a pointer to a deleted bucket in
the iovec, so the output was corrupted.
Brian Pane [Sat, 24 Nov 2001 10:52:27 +0000 (10:52 +0000)]
short-circuit out of xbithack_handler immediately if xbithack
isn't enabled, and use strcmp instead of ap_strcmp_match for
comparing against a non-wildcard pattern
Ryan Bloom [Sat, 24 Nov 2001 00:17:01 +0000 (00:17 +0000)]
Fix the cmd command for mod_include. When we are processing
a cmd command, we do not want to use the r->filename to set
the command name. The command comes from the SSI tag. To do this,
I added a variable to the function that builds the command line
in mod_cgi. This allows the include_cmd function to specify
the command line itself.