summaryrefslogtreecommitdiff
path: root/server
Commit message (Collapse)AuthorAgeFilesLines
* avoid SO_REUSEPORT w/o ListenCoresBucketsRatio Eric Covener2017-01-091-1/+1
| | | | | | | | | Can lead to unintended/confusing sharing between multiple servers started by the same ID. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1777923 13f79535-47bb-0310-9956-ffa450edef68
* Fix some tiny style issues (missing space)Christophe Jaillet2017-01-061-2/+2
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1777594 13f79535-47bb-0310-9956-ffa450edef68
* 'repl' is already allocated in the request pool by 'construct_host_header()' ↵Christophe Jaillet2017-01-061-1/+1
| | | | | | | | the line just before. So this is safe to use the 'apr_table_setn' variant in order to save a few bytes of memory. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1777593 13f79535-47bb-0310-9956-ffa450edef68
* old IBM EBCDIC fix that never got shared.Eric Covener2017-01-041-2/+16
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1777354 13f79535-47bb-0310-9956-ffa450edef68
* PR59938: add %{REMOTE_PORT} to the expression parserEric Covener2016-12-291-0/+3
| | | | | | | | Submitted By: Hank Ibell <hwibell gmail.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1776459 13f79535-47bb-0310-9956-ffa450edef68
* remove initial isascii check entirelyEric Covener2016-12-221-6/+0
| | | | | | | | | We are already checking an even narrower set of characters just below. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1775664 13f79535-47bb-0310-9956-ffa450edef68
* fix crash in util_fcgi.cEric Covener2016-12-211-4/+7
| | | | | | | | | | | | | | *) mod_proxy_fcgi, mod_fcgid: Fix crashes in ap_fcgi_encoded_env_len() when modules add empty environment variables to the request. PR60275. [<alex2grad AT gmail.com>] Submitted By: <alex2grad AT gmail.com>] Committed By: covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1775487 13f79535-47bb-0310-9956-ffa450edef68
* Fix strict Host: header checking on EBCDICEric Covener2016-12-201-1/+4
| | | | | | | | | on zOS, isascii() really means 7 bit ascii, but our strings are in ebcdic for 99.95% of the lifetime of the server. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1775199 13f79535-47bb-0310-9956-ffa450edef68
* assign a lognoEric Covener2016-12-201-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1775196 13f79535-47bb-0310-9956-ffa450edef68
* event: close a race condition where we might re-enable listeners while theyYann Ylavic2016-12-151-0/+3
| | | | | | | | are already or about to be closed. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1774541 13f79535-47bb-0310-9956-ffa450edef68
* event: follow up to r1762718.Yann Ylavic2016-12-151-4/+8
| | | | | | | | | | On graceful shutdown/restart, kill kept-alive connections before poll()ing again, avoiding to wait for their "normal" timers (before being woken up) when they remain the last handled connections. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1774538 13f79535-47bb-0310-9956-ffa450edef68
* Revert r1774525, will commit a better way to handle this.Yann Ylavic2016-12-151-1/+0
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1774535 13f79535-47bb-0310-9956-ffa450edef68
* kill the keepalive conns as early as possible during gracefulJim Jagielski2016-12-151-0/+1
| | | | | | | process exit. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1774525 13f79535-47bb-0310-9956-ffa450edef68
* With the changes of api from pcre 8.x to 10.x, do not presume that the internalWilliam A. Rowe Jr2016-12-121-4/+8
| | | | | | | | | ovector will be created to accept greater than nmatch elements for processing. Allocate enough elts in all circumstances for pcre2api. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1773882 13f79535-47bb-0310-9956-ffa450edef68
* Replace PCRE with PCRE2 where it is available.William A. Rowe Jr2016-12-091-45/+119
| | | | | | | | | | | | | | | | This patch removes the needless assignment of re_erroffset in the conf pool by the worker threads; such mistakes break the shared copy-on-write pages of memory that should have remained common between all httpd worker processes. Two de-optimizations are inherent in this patch, the former ovector-on-stack opportunity is lost unless implemented as a new general context. Safer that we either create a new general context using pool allocation, or recycle a per pool or per thread match_data buffer of some arbitrary 10 elts or so. Submitted by: wrowe, Petr Pisar <ppisar@redhat.com> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1773454 13f79535-47bb-0310-9956-ffa450edef68
* Partial port of proposed r1773158 for httpd-2.x only; this change causes allWilliam A. Rowe Jr2016-12-071-5/+2
| | | | | | | | | | | | | | | | | illegible protocol args to be rejected, irrespective of the strict toggle as we expect this to occur with a garbage raw SP embedded in the request URI. Simplifies the code using the protocol 0.9 sentinal to set up an http/1.0 error response. String duplication of r1773158 is uninteresting, httpd-2.x has a const protocol member. Submitted by: rpluem, wrowe git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1773159 13f79535-47bb-0310-9956-ffa450edef68
* Optimize away one more strchrWilliam A. Rowe Jr2016-11-221-2/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1770869 13f79535-47bb-0310-9956-ffa450edef68
* List discussion resulted in rejecting all but SP characters in the requestWilliam A. Rowe Jr2016-11-221-9/+7
| | | | | | | | | | line, but in the strict mode prioritize excessive space testing over bad space testing (which is captured later) and make both more efficient (at this test ll[0] is already whitespace or \0 char). Also correct a comment. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1770867 13f79535-47bb-0310-9956-ffa450edef68
* mpm_event: add clarifying commentStefan Fritsch2016-11-211-0/+1
| | | | | | | from jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1770768 13f79535-47bb-0310-9956-ffa450edef68
* Use all available scoreboard slotsStefan Fritsch2016-11-211-81/+113
| | | | | | | | | | | | | | | | | | | Allow to use all slots up to ServerLimit. This makes 'scoreboard full' errors much less likely. And if ther is a situation where the scoreboard is full, don't make any more processes finish gracefully due to reduced load until some old processes have terminated. Otherwise, the situation would get worse once the load increases again. ap_daemon_limit is renamed to the more descriptive active_server_limit, to make sure that all its uses are taken care of. PR 53555 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1770752 13f79535-47bb-0310-9956-ffa450edef68
* ap_reclaim_child_processes(): Implement terminate immediatelyStefan Fritsch2016-11-211-11/+21
| | | | | | | | | | The behavior for terminate == 1 was documented but not implemented. Do that now. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1770750 13f79535-47bb-0310-9956-ffa450edef68
* Actually cause the Host header to be overridden, as noted by rpluem,William A. Rowe Jr2016-11-161-6/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | and simplify now that there isn't a log-only mode. I believe this logic to be busted. Given this request; GET http://distant-host.com/ HTTP/1.1 Host: proxy-host we would now fail to evaluate the proxy-host virtual host rules. This seems like a breaking change to our config. mod_proxy already follows this rule of RFC7230 section 5.4; When a proxy receives a request with an absolute-form of request-target, the proxy MUST ignore the received Host header field (if any) and instead replace it with the host information of the request-target. A proxy that forwards such a request MUST generate a new Host field-value based on the received request-target rather than forward the received Host field-value. Section 5.5 of RFC7230 has this to say; Once the effective request URI has been constructed, an origin server needs to decide whether or not to provide service for that URI via the connection in which the request was received. For example, the request might have been misdirected, deliberately or accidentally, such that the information within a received request-target or Host header field differs from the host or port upon which the connection has been made. If the connection is from a trusted gateway, that inconsistency might be expected; otherwise, it might indicate an attempt to bypass security filters, trick the server into delivering non-public content, or poison a cache. See Section 9 for security considerations regarding message routing. Section 5.3.1 states; To allow for transition to the absolute-form for all requests in some future version of HTTP, a server MUST accept the absolute-form in requests, even though HTTP/1.1 clients will only send them in requests to proxies. It seems to me we should simply trust the Host: header and dump this whole mess. If we want to reject requests in absolute form after the proxy modules have had a chance to accept them, that wouldn't be a bad solution. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1769965 13f79535-47bb-0310-9956-ffa450edef68
* add an <IfFile> config section like <IfDefine>Eric Covener2016-11-151-0/+45
| | | | | | | | | | | | | | It allows a non httpd config file to be used as a marker directly in httpd.conf without hiding logic in a script in front of apachectl to do test -f and pass extra -D's. This is something we've had in IBM's httpd distro for a little bit and hadn't remembered to share. I've seen some questions/config files come up in a few places lately that would benefit from this as an option. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1769718 13f79535-47bb-0310-9956-ffa450edef68
* Remove unnecessary apr_table_do() function castsJacob Champion2016-11-101-3/+3
| | | | | | | | | | | | | | | | Function casts can cause hard-to-debug corruption issues if a declaration is accidentally changed to be incompatible. Luckily, most of the function casts for apr_table_do() calls are unnecessary. Remove them, and adjust the signatures for helpers that weren't taking void* as the first argument. The remaining helper that requires a cast is http_filter.c's form_header_field(), which is probably where many of these casts were copy-pasted from. I have left it as-is: it has other direct callers besides apr_table_do(), and it's already documented with warnings not to change the function signature. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1769192 13f79535-47bb-0310-9956-ffa450edef68
* mpm_unix: Apache fails to start if previously crashed then restarted withYann Ylavic2016-10-211-1/+4
| | | | | | | | | | the same PID (e.g. in container). PR 60261. Proposed by: Val <valentin.bremond gmail.com> Reviewed by: ylavic git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1766160 13f79535-47bb-0310-9956-ffa450edef68
* When redrawing the parser, ap_get_http_token looked to be useful, but there'sWilliam A. Rowe Jr2016-10-181-19/+0
| | | | | | | | | | | | | | | | no application for this yet in httpd, so hold off adding this function when we backport the enhancements. ap_scan_http_token was entirely sufficient. If the community wants this new function, we can add it when backporting work is complete. This patch, and the earlier patches Friday actually demanded an mmn major bump due to struct member changes. In any final backport, new members must be added to the end of the struct to retain an mmn minor designation. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1765451 13f79535-47bb-0310-9956-ffa450edef68
* Dropped the never-released ap_has_cntrls() as it had very limited William A. Rowe Jr2016-10-144-65/+30
| | | | | | | | | | | | | | | | | | | | | | and inefficient application at that, added ap_scan_vchar_obstext() to accomplish a similar purpose. Dropped HttpProtocolOptions StrictURL option, this will be better handled in the future with a specific directive and perhaps multiple levels of scrutiny, use ap_scan_vchar_obstext() to simply ensure there are no control characters or whitespace within the URI. Changed the scanning of the response header table by check_headers() to follow the same rulesets as reading request headers. Disallow any CTL character within a response header value, and any CTL or whitespace in response header field name, even in strict mode. Apply HttpProtocolOptions Strict to chunk header parsing, invalid whitespace is invalid, line termination must follow CRLF convention. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1764961 13f79535-47bb-0310-9956-ffa450edef68
* event: follow up to r1762718 and r1762742: put de condition where it belongs.Yann Ylavic2016-09-291-13/+12
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1762743 13f79535-47bb-0310-9956-ffa450edef68
* event: follow up to r1762718.Yann Ylavic2016-09-291-15/+26
| | | | | | | | | We still need to kill kept-alive connections in normal/expiry processing if the workers are busy or dying. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1762742 13f79535-47bb-0310-9956-ffa450edef68
* event: avoid unnecessary listener/polling wake ups (context switches) by usingYann Ylavic2016-09-281-98/+192
| | | | | | | | | apr_pollset_wakeup(), when implemented, to signal the listener according to the next timers or timeout queues expiry (updated at insert and maintenance time). git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1762718 13f79535-47bb-0310-9956-ffa450edef68
* event: compute now() in event_get_timer_event, when necessary.Yann Ylavic2016-09-281-3/+5
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1762707 13f79535-47bb-0310-9956-ffa450edef68
* event: follow up to r1762701: update log tag.Yann Ylavic2016-09-281-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1762702 13f79535-47bb-0310-9956-ffa450edef68
* event: add/remove from/to the pollset outside of the critical sections.Yann Ylavic2016-09-281-16/+32
| | | | | | | | | | | | We don't need external locking since it's created with APR_POLLSET_THREADSAFE, hence reduce those sections to the lowest cycles possible. A spinlock may be interesting instead of the mutex now, we won't block and the TO_QUEUE_*() and process_timeout_queue() operations are fast... git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1762701 13f79535-47bb-0310-9956-ffa450edef68
* event: use atomics for *timeout_queue->total since it's updated concurrently,Yann Ylavic2016-09-271-55/+64
| | | | | | | and move TO_QUEUE_*() macros to functions. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1762580 13f79535-47bb-0310-9956-ffa450edef68
* event: follow up to r1593860.Yann Ylavic2016-09-271-1/+3
| | | | | | | Set timestamp before enqueing the timer on resume. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1762570 13f79535-47bb-0310-9956-ffa450edef68
* Review of IE 11, Firefox 48 and Chrome 53 all indicate that ';' URI charactersWilliam A. Rowe Jr2016-09-121-1/+1
| | | | | | | | | are transmitted unencoded, per RFC3986 section 3.3 grammer. Correct httpd's behavior to not encode ';' in proxied URI's or Location: response headers. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1760444 13f79535-47bb-0310-9956-ffa450edef68
* ClarifyWilliam A. Rowe Jr2016-08-301-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758313 13f79535-47bb-0310-9956-ffa450edef68
* mpm_winnt: clear OVERLAPPED structs before reuseJacob Champion2016-08-291-0/+7
| | | | | | | | | | | | | | | MSDN documentation states that Any unused members of [an OVERLAPPED] structure should always be initialized to zero before the structure is used in a function call. Otherwise, the function may fail and return ERROR_INVALID_PARAMETER. Prior to this patch, the internal state left over from previous overlapped I/O was passed into the next call. It's unclear what effect this might have, if any. (I have not personally witnessed an ERROR_INVALID_PARAMETER myself.) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758310 13f79535-47bb-0310-9956-ffa450edef68
* mpm_winnt: remove duplication of ap_process_connectionJacob Champion2016-08-291-14/+1
| | | | | | | | Further follow-up to the previous commit: now that we no longer patch a network bucket into the brigade, we can revert to calling ap_process_connection() directly instead of duplicating its logic. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758309 13f79535-47bb-0310-9956-ffa450edef68
* mpm_winnt: remove the AcceptEx data network bucketJacob Champion2016-08-293-39/+0
| | | | | | | | | | Follow-up to the prior commit: without an incoming data buffer, the custom network bucket code is now orphaned and we can remove it entirely. This has the added benefit that we are no longer using the internal OVERLAPPED.Pointer field, which is discouraged by the MSDN docs. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758308 13f79535-47bb-0310-9956-ffa450edef68
* mpm_winnt: remove 'data' AcceptFilter in favor of 'connect'Jacob Champion2016-08-292-45/+18
| | | | | | | | | | | | | | | | | | | | | | | | | The 'data' AcceptFilter optimization instructs Windows to wait until data is received on a connection before completing the AcceptEx operation. Unfortunately, it seems this isn't performed atomically -- AcceptEx "partially" accepts the incoming connection during the wait for data, leaving all other incoming connections in the accept queue. This opens the server to a denial of service. Since the fix for this requires a substantial rearchitecture (likely involving multiple outstanding calls to AcceptEx), disable the 'data' filter for now and replace it with 'connect', which uses the AcceptEx interface but does not wait for data. Users running prior releases of httpd on Windows should explicitly move to a 'connect' AcceptFilter in their configurations if they are currently using the default 'data' filter. Many thanks to mludha, Arthur Ramsey, Paul Spangler, and many others for their assistance in tracking down and diagnosing this issue. PR: 59970 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758307 13f79535-47bb-0310-9956-ffa450edef68
* Calm some overly agressive crlf handlingWilliam A. Rowe Jr2016-08-291-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758305 13f79535-47bb-0310-9956-ffa450edef68
* New optional flag to enforce <CR><LF> line delimiters in ap_[r]getline,William A. Rowe Jr2016-08-291-5/+14
| | | | | | | | | | | | | | created by overloading 'int fold' (1 or 0) as 'int flags', with the same value 1 for AP_GETLINE_FOLD (which httpd doesn't use), and a new value 2 for AP_GETLINE_CRLF Enforce CRLF when HttpProtocolOptions Strict is in force. Correctly introduces a new t/TEST fail. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758304 13f79535-47bb-0310-9956-ffa450edef68
* Correct the parser construction for several optimizations,William A. Rowe Jr2016-08-291-54/+40
| | | | | | | | | | | | | | | | | | | based on the fact that bad whitespace shall not be permitted or corrected in any operating mode, while preserving the ability to extract bad method/uri/proto for later reporting and diagnostics. This change causes badwhitespace in the request line or any request field line to always fail, and not honor the setting of the HttpProtocolOptions Unsafe option. Mult SP characters or trailing SP characters in the request line are still permitted in Unsafe mode. Adjusted several error message emits to match these changes. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758263 13f79535-47bb-0310-9956-ffa450edef68
* Folding StrictWhitespace into the Strict ruleset of RFC7230, per dev@ poll.William A. Rowe Jr2016-08-292-23/+8
| | | | | | | | | | | This choice is unanimous, although StrictURI (a different RFC) still hasn't found absolute concensus. An ap_mmn bump will follow (major, this removes a struct elt) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1758226 13f79535-47bb-0310-9956-ffa450edef68
* Revert to the correct APLOGNO ID for this caseWilliam A. Rowe Jr2016-08-261-1/+1
| | | | git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1757924 13f79535-47bb-0310-9956-ffa450edef68
* Correct URL failure reporting.William A. Rowe Jr2016-08-261-22/+4
| | | | | | | | | | Drop the second reporting of HEAD over HTTP/0.9 requests, we short-circuit this early now in read_request_line() when presented anything other than the sole "GET" method permitted by spec. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1757921 13f79535-47bb-0310-9956-ffa450edef68
* First survey results, all intrinsicly bad input will be logged at the debugWilliam A. Rowe Jr2016-08-261-26/+26
| | | | | | | | | | | | level, no louder. This patch intentionally dodges the Limit* constrained tests since administrators may shoot themselves in the foot, or be confronted with impossibly long cookie values, etc. Adjust the documentation to match. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1757920 13f79535-47bb-0310-9956-ffa450edef68
* After a long discussion in dev@ I reviewed my previous commit to only warnLuca Toscano2016-08-261-17/+37
| | | | | | | | | | | | | | | | | | | the admins about Last-Modified header violations rather than trying to interpret datestrings (like the ones not in GMT). I also added explicit comments to summarize the current assumptions, so it will be easier for somebody in the future to modify the code. The following use cases are covered: 1) (F)CGI backend sends a Last-Modified header not in GMT and considered in the future by httpd (like now() in the EU/Paris timezone) 2) (F)CGI backend sends a Last-Modified header not in GMT and not considered in the future by httpd (like now() + 2 hours in the PST timezone) 3) (F)CGI backend sends a Last-Modified header in GMT but with a datetime in the future Suggestions and opinion are really welcome. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1757818 13f79535-47bb-0310-9956-ffa450edef68
* Also catch invalid spaces between the URI <> Protocol in StrictWhitespace mode.William A. Rowe Jr2016-08-251-0/+6
| | | | | | | | (matching the test for the Method <> URI) git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1757593 13f79535-47bb-0310-9956-ffa450edef68
View Lorry Controller Status