Ruediger Pluem [Sat, 1 Nov 2008 10:23:09 +0000 (10:23 +0000)]
* Use distinct char pointers for sending and receiving buffers to avoid
destroying the pointer to the sending buffer in the ajp message if
data is received from the backend before all data is sent to the
backend.
Paul Querna [Sat, 1 Nov 2008 07:13:29 +0000 (07:13 +0000)]
Convert events to have an associated pool.
* server/mpm/simple/simple_types.h
(simple_timer_t): Add Pool and a pointer to the associated simple core.
(simple_core_t): Remove dead timer ring, no recycling of timer events for now.
* server/mpm/simple/simple_event.h: Update register_timer signature with pool.
* server/mpm/simple/simple_event.c
(simple_register_timer): Allocate the event structure out of the pool,
and when this pool is destroyed, unregister the timer.
(simple_timer_run): New util function for running a timer and cleaning up
the pool callbacks.
* server/mpm/simple/simple_core.c
(simple_core_init): Remvoe dead timer ring
* server/mpm/simple/simple_run.c
(simple_main_setup_timers): Pass in pool to register call.
(simple_timer_invoke): Use new simple_timer_run function.
(simple_child_loop): Remove dead timer ring.
* server/mpm/simple/simple_io.c
(simple_io_process): Pass in pool when registering timers.
Paul Querna [Sat, 1 Nov 2008 06:14:12 +0000 (06:14 +0000)]
Reset the timers when in the child -- this prevents a fork bomb, as each child would spawn N more children of its own, as the scheduled timer would go off in the child and the parent.
Chris Darroch [Fri, 31 Oct 2008 20:18:07 +0000 (20:18 +0000)]
Add AuthType of None to support disabling authentication.
Prevent crash when provider alias created to provider which is not
yet registered.
Migrate remaining functionality of mod_authn_default to mod_authn_core.
Paul Querna [Thu, 30 Oct 2008 01:50:09 +0000 (01:50 +0000)]
reindent according to our coding style: <http://httpd.apache.org/dev/styleguide.html>
for i in `ls *.h *.c`; do indent -i4 -npsl -di0 -br -nce -d0 -cli0 -npcs -nfc1 -nut ${i}; done
Nick Kew [Wed, 29 Oct 2008 16:41:10 +0000 (16:41 +0000)]
Introduce modules/system, and mod_unixd.c
mod_unixd.c is only os/unix/unixd.c, turned into a module.
(or more accurately, an ugly hack). Work in progress, and the
old unixd will have to go once the module build stuff is in place.
This re-introduces some of the unixd stuff (set user, group and chroot)
to mpm_simple, and should work equally well with existing MPMs.
It also paves the way for alternative privilege management schemes,
which can be implemented in alternative modules: this´ll be
necessary to run mpm_simple on non-unix-family platforms, and
of interest for alternative Unix implementations. By relegating
everything to a child_init hook, we can mix-and-match, though
weĺl need to add a regime that prevents just going right ahead
with nothing and running as root.
Round tuits permitting, we should be able to simplify unixd.h too,
and look towards eliminating it.
Paul Querna [Wed, 29 Oct 2008 08:39:26 +0000 (08:39 +0000)]
* include/http_core.h
(core_dir_config): Fix warning: overflow in implicit constant conversion,
generated by core.c line 117, which sets content_md5 to '2', which is too big
for a signed value -- but it looks like this was really meant to be unsigned.
Paul Querna [Wed, 29 Oct 2008 08:10:21 +0000 (08:10 +0000)]
* modules/database/mod_dbd.c
(dbd_child_init): New function, wrapper around dbd_setup_init.
(dbd_hooks): Call dbd_child_init instead of casting dbd_setup_init.
Joe Orton [Tue, 28 Oct 2008 20:11:43 +0000 (20:11 +0000)]
* modules/mappers/mod_rewrite.c (do_rewritelog): Add prototype with
printf attribute flagged so that gcc -Wformat-security will pick
up PR 46110-type errors as a warning.
Paul Querna [Tue, 28 Oct 2008 16:06:25 +0000 (16:06 +0000)]
* simple_io.c line 111 and 145 cause a build falure with --enable-maintainer-mode .
* simple_children.c should include simple_children.h.
* simple_io_timeot_cb should be static.
Paul Querna [Mon, 27 Oct 2008 00:43:45 +0000 (00:43 +0000)]
* modules/cache/mod_socache_dbm.c
(socache_dbm_init) Use AP_NEED_SET_MUTEX_PERMS to determine when we need to
set the file permissions on the created DBM files, rather than listing
a hodgepodge of operating systems by hand.
Paul Querna [Mon, 27 Oct 2008 00:40:36 +0000 (00:40 +0000)]
* modules/cache/mod_socache_dbm.c: Fix compile by including unixd.h on operating
systems that need it, which is required for for the use of unixd_config
inside socache_dbm_init.
Jim Jagielski [Thu, 23 Oct 2008 12:01:53 +0000 (12:01 +0000)]
Fix the io buffersize code. Have the docs match the code
and allow more flexibility in settings. Also, document
the ProxyPass/worker options of io and rec buffersize.
Ruediger Pluem [Wed, 22 Oct 2008 09:34:21 +0000 (09:34 +0000)]
* Improve the way to detect whether buckets in the filter chain need to be
flushed by using the main requests bytes_count field instead of the
subrequest field.
* Do not reset conn->need_flush. This prevents SegFaults from not flushing
buckets in the filter chain.
Chris Darroch [Thu, 16 Oct 2008 21:09:27 +0000 (21:09 +0000)]
Prior to authn/z refactoring in r368027, if authorization Require
directives had no matching AuthType and associated authentication
directives, requests would generally fall through in the
check_user_id hook to mod_authn_default.c's authentication_no_user()
handler, which returned DECLINED if ap_auth_type() was not set.
The ap_process_request_internal() function in request.c would handle
this case by logging an "AuthType not set!" error and returning
HTTP_INTERNAL_SERVER_ERROR.
The refactoring removes this error handling in request.c, so
individual modules will need to test for a lack of authentication,
as necessary. Since some modules such as mod_authz_host.c support
Require directives that do not need any authentication, the
mod_authn_default.c handler no longer returns DECLINED if ap_auth_type()
is not set. (Also, mod_authn_default can be compiled out with
--disable-authn-default, so it can't be relied upon to exist.)
Since r->user may now be NULL, individual handlers must test for that
case when necessary. Otherwise, most Require directives in the
absence of AuthType directives cause handlers to crash while performing
strcmp() and friends on a NULL r->user value.
NOTE: I can't test mod_authnz_ldap.c myself, so I'm not sure if it
needs similar fixes. On the one hand, a NULL r->user in the authz
handlers always generates a log message. However, it appears that
authn_ldap_build_filter() will sometimes then be called, perform no
action, which may result in a possibly uninitialized filtbuf buffer
being passed to util_ldap_cache_getuserdn(). I don't know if that
could cause problems in the LDAP cache code. If someone familiar with
LDAP authz could take a look, that would be much appreciated.
Ruediger Pluem [Wed, 15 Oct 2008 19:43:51 +0000 (19:43 +0000)]
* Add the possibility to set the worker parameters connectiontimeout and ping
in milliseconds and the parameter acquire in seconds.
Add the new currently static function ap_timeout_parameter_parse that
should become a general utility function once its API is hammered out.
Ruediger Pluem [Wed, 15 Oct 2008 00:53:39 +0000 (00:53 +0000)]
* Revert r703998.
The call to apr_socket_timeout_set before apr_socket_connect already sets the
socket to non-blocking mode because the timeout of the socket is -1 after creation. A further
call to apr_socket_timeout_set (after the connect call does not do this, because the old
and the new timeout are >=0). The further code expects the socket to be in non-blocking
mode, otherwise we have regressions with ssl. This can be notified by running t/ssl/proxy
on 2.2.x which runs much much slower with the patch applied. This does not happen
on trunk because the socket is set back to non blocking by the core output filter
(async write completion).
Graham Leggett [Tue, 14 Oct 2008 22:39:32 +0000 (22:39 +0000)]
Export and install the mod_rewrite.h header to ensure the optional
rewrite_mapfunc_t and ap_register_rewrite_mapfunc functions are
available to third party modules.
Ruediger Pluem [Wed, 8 Oct 2008 13:32:07 +0000 (13:32 +0000)]
* Recheck again if idle workers are still available when we are signaled that
they are. This is needed since it can happen that we are signaled by a
worker thread that went idle but received a context switch before it could
tell us. If it does signal us later once it is on CPU again there might be
no idle worker left. See
https://issues.apache.org/bugzilla/show_bug.cgi?id=45605#c4
Reimplement ThreadStackSize to behave as on unix for any
Windows 2003/2008 (XP/Vista) servers. Virtual allocations
will only consume pages once referenced, while the page
alignment will vary by ThreadStackSize setting so that the
maximum number of threads and minimum stack VM profile will
be wasted.