6 #include "connections.h"
9 #include "configfile.h"
13 #include "http_chunk.h"
14 #include "stat_cache.h"
19 #include "inet_ntop_cache.h"
32 # include <openssl/ssl.h>
33 # include <openssl/err.h>
36 #ifdef HAVE_SYS_FILIO_H
37 # include <sys/filio.h>
40 #include "sys-socket.h"
46 static connection
*connections_get_new_connection(server
*srv
) {
47 connections
*conns
= srv
->conns
;
50 if (conns
->size
== 0) {
53 conns
->ptr
= malloc(sizeof(*conns
->ptr
) * conns
->size
);
54 force_assert(NULL
!= conns
->ptr
);
55 for (i
= 0; i
< conns
->size
; i
++) {
56 conns
->ptr
[i
] = connection_init(srv
);
58 } else if (conns
->size
== conns
->used
) {
60 conns
->ptr
= realloc(conns
->ptr
, sizeof(*conns
->ptr
) * conns
->size
);
61 force_assert(NULL
!= conns
->ptr
);
63 for (i
= conns
->used
; i
< conns
->size
; i
++) {
64 conns
->ptr
[i
] = connection_init(srv
);
68 connection_reset(srv
, conns
->ptr
[conns
->used
]);
70 fprintf(stderr
, "%s.%d: add: ", __FILE__
, __LINE__
);
71 for (i
= 0; i
< conns
->used
+ 1; i
++) {
72 fprintf(stderr
, "%d ", conns
->ptr
[i
]->fd
);
74 fprintf(stderr
, "\n");
77 conns
->ptr
[conns
->used
]->ndx
= conns
->used
;
78 return conns
->ptr
[conns
->used
++];
81 static int connection_del(server
*srv
, connection
*con
) {
83 connections
*conns
= srv
->conns
;
86 if (con
== NULL
) return -1;
88 if (-1 == con
->ndx
) return -1;
90 buffer_reset(con
->uri
.authority
);
91 buffer_reset(con
->uri
.path
);
92 buffer_reset(con
->uri
.query
);
93 buffer_reset(con
->request
.orig_uri
);
97 /* not last element */
99 if (i
!= conns
->used
- 1) {
100 temp
= conns
->ptr
[i
];
101 conns
->ptr
[i
] = conns
->ptr
[conns
->used
- 1];
102 conns
->ptr
[conns
->used
- 1] = temp
;
104 conns
->ptr
[i
]->ndx
= i
;
105 conns
->ptr
[conns
->used
- 1]->ndx
= -1;
112 fprintf(stderr
, "%s.%d: del: (%d)", __FILE__
, __LINE__
, conns
->used
);
113 for (i
= 0; i
< conns
->used
; i
++) {
114 fprintf(stderr
, "%d ", conns
->ptr
[i
]->fd
);
116 fprintf(stderr
, "\n");
121 static int connection_close(server
*srv
, connection
*con
) {
123 server_socket
*srv_sock
= con
->srv_socket
;
124 if (srv_sock
->is_ssl
) {
125 if (con
->ssl
) SSL_free(con
->ssl
);
130 fdevent_event_del(srv
->ev
, &(con
->fde_ndx
), con
->fd
);
131 fdevent_unregister(srv
->ev
, con
->fd
);
133 if (closesocket(con
->fd
)) {
134 log_error_write(srv
, __FILE__
, __LINE__
, "sds",
135 "(warning) close:", con
->fd
, strerror(errno
));
138 if (close(con
->fd
)) {
139 log_error_write(srv
, __FILE__
, __LINE__
, "sds",
140 "(warning) close:", con
->fd
, strerror(errno
));
148 connection_del(srv
, con
);
149 connection_set_state(srv
, con
, CON_STATE_CONNECT
);
154 static void connection_handle_close_state(server
*srv
, connection
*con
) {
155 /* we have to do the linger_on_close stuff regardless
156 * of con->keep_alive; even non-keepalive sockets may
157 * still have unread data, and closing before reading
158 * it will make the client not see all our output.
163 len
= read(con
->fd
, buf
, sizeof(buf
));
164 if (len
== 0 || (len
< 0 && errno
!= EAGAIN
&& errno
!= EINTR
) ) {
165 con
->close_timeout_ts
= srv
->cur_ts
- (HTTP_LINGER_TIMEOUT
+1);
168 if (srv
->cur_ts
- con
->close_timeout_ts
> HTTP_LINGER_TIMEOUT
) {
169 connection_close(srv
, con
);
171 if (srv
->srvconf
.log_state_handling
) {
172 log_error_write(srv
, __FILE__
, __LINE__
, "sd",
173 "connection closed for fd", con
->fd
);
178 static void connection_handle_shutdown(server
*srv
, connection
*con
) {
182 server_socket
*srv_sock
= con
->srv_socket
;
183 if (srv_sock
->is_ssl
&& SSL_is_init_finished(con
->ssl
)) {
187 switch ((ret
= SSL_shutdown(con
->ssl
))) {
194 * FIXME: wait for fdevent and call SSL_shutdown again
198 if (-1 != (ret
= SSL_shutdown(con
->ssl
))) break;
203 switch ((ssl_r
= SSL_get_error(con
->ssl
, ret
))) {
204 case SSL_ERROR_ZERO_RETURN
:
206 case SSL_ERROR_WANT_WRITE
:
207 /*con->is_writable = -1;*//*(no effect; shutdown() called below)*/
208 case SSL_ERROR_WANT_READ
:
210 case SSL_ERROR_SYSCALL
:
211 /* perhaps we have error waiting in our error-queue */
212 if (0 != (err
= ERR_get_error())) {
214 log_error_write(srv
, __FILE__
, __LINE__
, "sdds", "SSL:",
216 ERR_error_string(err
, NULL
));
217 } while((err
= ERR_get_error()));
218 } else if (errno
!= 0) { /* ssl bug (see lighttpd ticket #2213): sometimes errno == 0 */
224 log_error_write(srv
, __FILE__
, __LINE__
, "sddds", "SSL (error):",
233 while((err
= ERR_get_error())) {
234 log_error_write(srv
, __FILE__
, __LINE__
, "sdds", "SSL:",
236 ERR_error_string(err
, NULL
));
246 switch(r
= plugins_call_handle_connection_close(srv
, con
)) {
248 case HANDLER_FINISHED
:
251 log_error_write(srv
, __FILE__
, __LINE__
, "sd", "unhandling return value", r
);
256 connection_reset(srv
, con
);
258 /* close the connection */
259 if ((0 == shutdown(con
->fd
, SHUT_WR
))) {
260 con
->close_timeout_ts
= srv
->cur_ts
;
261 connection_set_state(srv
, con
, CON_STATE_CLOSE
);
263 if (srv
->srvconf
.log_state_handling
) {
264 log_error_write(srv
, __FILE__
, __LINE__
, "sd",
265 "shutdown for fd", con
->fd
);
268 connection_close(srv
, con
);
272 static void connection_handle_response_end_state(server
*srv
, connection
*con
) {
273 /* log the request */
274 /* (even if error, connection dropped, still write to access log if http_status) */
275 if (con
->http_status
) {
276 plugins_call_handle_request_done(srv
, con
);
279 if (con
->state
!= CON_STATE_ERROR
) srv
->con_written
++;
281 if ((con
->request
.content_length
282 && (off_t
)con
->request
.content_length
> con
->request_content_queue
->bytes_in
)
283 || con
->state
== CON_STATE_ERROR
) {
284 /* request body is present and has not been read completely */
288 if (con
->keep_alive
) {
289 connection_reset(srv
, con
);
291 con
->request_start
= srv
->cur_ts
;
292 con
->read_idle_ts
= srv
->cur_ts
;
294 connection_set_state(srv
, con
, CON_STATE_REQUEST_START
);
296 connection_handle_shutdown(srv
, con
);
300 static void connection_handle_errdoc_init(server
*srv
, connection
*con
) {
301 /* modules that produce headers required with error response should
302 * typically also produce an error document. Make an exception for
303 * mod_auth WWW-Authenticate response header. */
304 buffer
*www_auth
= NULL
;
305 if (401 == con
->http_status
) {
306 data_string
*ds
= (data_string
*)array_get_element(con
->response
.headers
, "WWW-Authenticate");
308 www_auth
= buffer_init_buffer(ds
->value
);
312 con
->response
.transfer_encoding
= 0;
313 buffer_reset(con
->physical
.path
);
314 array_reset(con
->response
.headers
);
315 chunkqueue_reset(con
->write_queue
);
317 if (NULL
!= www_auth
) {
318 response_header_insert(srv
, con
, CONST_STR_LEN("WWW-Authenticate"), CONST_BUF_LEN(www_auth
));
319 buffer_free(www_auth
);
323 static int connection_handle_write_prepare(server
*srv
, connection
*con
) {
324 if (con
->mode
== DIRECT
) {
326 switch(con
->request
.http_method
) {
327 case HTTP_METHOD_GET
:
328 case HTTP_METHOD_POST
:
329 case HTTP_METHOD_HEAD
:
331 case HTTP_METHOD_OPTIONS
:
333 * 400 is coming from the request-parser BEFORE uri.path is set
334 * 403 is from the response handler when noone else catched it
337 if ((!con
->http_status
|| con
->http_status
== 200) && !buffer_string_is_empty(con
->uri
.path
) &&
338 con
->uri
.path
->ptr
[0] != '*') {
339 response_header_insert(srv
, con
, CONST_STR_LEN("Allow"), CONST_STR_LEN("OPTIONS, GET, HEAD, POST"));
341 con
->response
.transfer_encoding
&= ~HTTP_TRANSFER_ENCODING_CHUNKED
;
342 con
->parsed_response
&= ~HTTP_CONTENT_LENGTH
;
344 con
->http_status
= 200;
345 con
->file_finished
= 1;
347 chunkqueue_reset(con
->write_queue
);
351 if (0 == con
->http_status
) {
352 con
->http_status
= 501;
358 if (con
->http_status
== 0) {
359 con
->http_status
= 403;
362 switch(con
->http_status
) {
363 case 204: /* class: header only */
366 /* disable chunked encoding again as we have no body */
367 con
->response
.transfer_encoding
&= ~HTTP_TRANSFER_ENCODING_CHUNKED
;
368 con
->parsed_response
&= ~HTTP_CONTENT_LENGTH
;
369 chunkqueue_reset(con
->write_queue
);
371 con
->file_finished
= 1;
373 default: /* class: header + body */
374 if (con
->mode
!= DIRECT
) break;
376 /* only custom body for 4xx and 5xx */
377 if (con
->http_status
< 400 || con
->http_status
>= 600) break;
379 con
->file_finished
= 0;
381 connection_handle_errdoc_init(srv
, con
);
383 /* try to send static errorfile */
384 if (!buffer_string_is_empty(con
->conf
.errorfile_prefix
)) {
385 stat_cache_entry
*sce
= NULL
;
387 buffer_copy_buffer(con
->physical
.path
, con
->conf
.errorfile_prefix
);
388 buffer_append_int(con
->physical
.path
, con
->http_status
);
389 buffer_append_string_len(con
->physical
.path
, CONST_STR_LEN(".html"));
391 if (0 == http_chunk_append_file(srv
, con
, con
->physical
.path
)) {
392 con
->file_finished
= 1;
393 if (HANDLER_ERROR
!= stat_cache_get_entry(srv
, con
, con
->physical
.path
, &sce
)) {
394 response_header_overwrite(srv
, con
, CONST_STR_LEN("Content-Type"), CONST_BUF_LEN(sce
->content_type
));
399 if (!con
->file_finished
) {
402 buffer_reset(con
->physical
.path
);
404 con
->file_finished
= 1;
407 /* build default error-page */
408 buffer_copy_string_len(b
, CONST_STR_LEN(
409 "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?>\n"
410 "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n"
411 " \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n"
412 "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">\n"
415 buffer_append_int(b
, con
->http_status
);
416 buffer_append_string_len(b
, CONST_STR_LEN(" - "));
417 buffer_append_string(b
, get_http_status_name(con
->http_status
));
419 buffer_append_string_len(b
, CONST_STR_LEN(
424 buffer_append_int(b
, con
->http_status
);
425 buffer_append_string_len(b
, CONST_STR_LEN(" - "));
426 buffer_append_string(b
, get_http_status_name(con
->http_status
));
428 buffer_append_string_len(b
, CONST_STR_LEN("</h1>\n"
433 (void)http_chunk_append_buffer(srv
, con
, b
);
436 response_header_overwrite(srv
, con
, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/html"));
441 /* Allow filter plugins to change response headers before they are written. */
442 switch(plugins_call_handle_response_start(srv
, con
)) {
444 case HANDLER_FINISHED
:
447 log_error_write(srv
, __FILE__
, __LINE__
, "s", "response_start plugin failed");
451 if (con
->file_finished
) {
452 /* we have all the content and chunked encoding is not used, set a content-length */
454 if ((!(con
->parsed_response
& HTTP_CONTENT_LENGTH
)) &&
455 (con
->response
.transfer_encoding
& HTTP_TRANSFER_ENCODING_CHUNKED
) == 0) {
456 off_t qlen
= chunkqueue_length(con
->write_queue
);
459 * The Content-Length header only can be sent if we have content:
460 * - HEAD doesn't have a content-body (but have a content-length)
461 * - 1xx, 204 and 304 don't have a content-body (RFC 2616 Section 4.3)
463 * Otherwise generate a Content-Length header as chunked encoding is not
466 if ((con
->http_status
>= 100 && con
->http_status
< 200) ||
467 con
->http_status
== 204 ||
468 con
->http_status
== 304) {
470 /* no Content-Body, no Content-Length */
471 if (NULL
!= (ds
= (data_string
*) array_get_element(con
->response
.headers
, "Content-Length"))) {
472 buffer_reset(ds
->value
); /* Headers with empty values are ignored for output */
474 } else if (qlen
> 0 || con
->request
.http_method
!= HTTP_METHOD_HEAD
) {
475 /* qlen = 0 is important for Redirects (301, ...) as they MAY have
476 * a content. Browsers are waiting for a Content otherwise
478 buffer_copy_int(srv
->tmp_buf
, qlen
);
480 response_header_overwrite(srv
, con
, CONST_STR_LEN("Content-Length"), CONST_BUF_LEN(srv
->tmp_buf
));
485 * the file isn't finished yet, but we have all headers
487 * to get keep-alive we either need:
488 * - Content-Length: ... (HTTP/1.0 and HTTP/1.0) or
489 * - Transfer-Encoding: chunked (HTTP/1.1)
492 if (((con
->parsed_response
& HTTP_CONTENT_LENGTH
) == 0) &&
493 ((con
->response
.transfer_encoding
& HTTP_TRANSFER_ENCODING_CHUNKED
) == 0)) {
494 if (con
->request
.http_version
== HTTP_VERSION_1_1
) {
495 off_t qlen
= chunkqueue_length(con
->write_queue
);
496 con
->response
.transfer_encoding
= HTTP_TRANSFER_ENCODING_CHUNKED
;
498 /* create initial Transfer-Encoding: chunked segment */
499 buffer
*b
= srv
->tmp_chunk_len
;
500 buffer_string_set_length(b
, 0);
501 buffer_append_uint_hex(b
, (uintmax_t)qlen
);
502 buffer_append_string_len(b
, CONST_STR_LEN("\r\n"));
503 chunkqueue_prepend_buffer(con
->write_queue
, b
);
504 chunkqueue_append_mem(con
->write_queue
, CONST_STR_LEN("\r\n"));
512 * if the backend sent a Connection: close, follow the wish
514 * NOTE: if the backend sent Connection: Keep-Alive, but no Content-Length, we
515 * will close the connection. That's fine. We can always decide the close
518 * FIXME: to be nice we should remove the Connection: ...
520 if (con
->parsed_response
& HTTP_CONNECTION
) {
521 /* a subrequest disable keep-alive although the client wanted it */
522 if (con
->keep_alive
&& !con
->response
.keep_alive
) {
528 if (con
->request
.http_method
== HTTP_METHOD_HEAD
) {
530 * a HEAD request has the same as a GET
531 * without the content
533 con
->file_finished
= 1;
535 chunkqueue_reset(con
->write_queue
);
536 con
->response
.transfer_encoding
&= ~HTTP_TRANSFER_ENCODING_CHUNKED
;
539 http_response_write_header(srv
, con
);
544 static int connection_handle_write(server
*srv
, connection
*con
) {
545 switch(network_write_chunkqueue(srv
, con
, con
->write_queue
, MAX_WRITE_LIMIT
)) {
547 con
->write_request_ts
= srv
->cur_ts
;
548 if (con
->file_finished
) {
549 connection_set_state(srv
, con
, CON_STATE_RESPONSE_END
);
552 case -1: /* error on our side */
553 log_error_write(srv
, __FILE__
, __LINE__
, "sd",
554 "connection closed: write failed on fd", con
->fd
);
555 connection_set_state(srv
, con
, CON_STATE_ERROR
);
557 case -2: /* remote close */
558 connection_set_state(srv
, con
, CON_STATE_ERROR
);
561 con
->write_request_ts
= srv
->cur_ts
;
562 con
->is_writable
= 0;
564 /* not finished yet -> WRITE */
573 connection
*connection_init(server
*srv
) {
578 con
= calloc(1, sizeof(*con
));
579 force_assert(NULL
!= con
);
584 con
->bytes_written
= 0;
586 con
->bytes_header
= 0;
587 con
->loops_per_request
= 0;
590 con->x = buffer_init();
593 CLEAN(request
.request_line
);
594 CLEAN(request
.request
);
595 CLEAN(request
.pathinfo
);
597 CLEAN(request
.orig_uri
);
600 CLEAN(uri
.authority
);
605 CLEAN(physical
.doc_root
);
606 CLEAN(physical
.path
);
607 CLEAN(physical
.basedir
);
608 CLEAN(physical
.rel_path
);
609 CLEAN(physical
.etag
);
610 CLEAN(parse_request
);
614 #if defined USE_OPENSSL && ! defined OPENSSL_NO_TLSEXT
615 CLEAN(tlsext_server_name
);
619 con
->write_queue
= chunkqueue_init();
620 con
->read_queue
= chunkqueue_init();
621 con
->request_content_queue
= chunkqueue_init();
623 con
->request
.headers
= array_init();
624 con
->response
.headers
= array_init();
625 con
->environment
= array_init();
627 /* init plugin specific connection structures */
629 con
->plugin_ctx
= calloc(1, (srv
->plugins
.used
+ 1) * sizeof(void *));
630 force_assert(NULL
!= con
->plugin_ctx
);
632 con
->cond_cache
= calloc(srv
->config_context
->used
, sizeof(cond_cache_t
));
633 force_assert(NULL
!= con
->cond_cache
);
634 config_setup_connection(srv
, con
);
639 void connections_free(server
*srv
) {
640 connections
*conns
= srv
->conns
;
643 for (i
= 0; i
< conns
->size
; i
++) {
644 connection
*con
= conns
->ptr
[i
];
646 connection_reset(srv
, con
);
648 chunkqueue_free(con
->write_queue
);
649 chunkqueue_free(con
->read_queue
);
650 chunkqueue_free(con
->request_content_queue
);
651 array_free(con
->request
.headers
);
652 array_free(con
->response
.headers
);
653 array_free(con
->environment
);
659 CLEAN(request
.request_line
);
660 CLEAN(request
.request
);
661 CLEAN(request
.pathinfo
);
663 CLEAN(request
.orig_uri
);
666 CLEAN(uri
.authority
);
671 CLEAN(physical
.doc_root
);
672 CLEAN(physical
.path
);
673 CLEAN(physical
.basedir
);
674 CLEAN(physical
.etag
);
675 CLEAN(physical
.rel_path
);
676 CLEAN(parse_request
);
680 #if defined USE_OPENSSL && ! defined OPENSSL_NO_TLSEXT
681 CLEAN(tlsext_server_name
);
684 free(con
->plugin_ctx
);
685 free(con
->cond_cache
);
694 int connection_reset(server
*srv
, connection
*con
) {
697 plugins_call_connection_reset(srv
, con
);
699 con
->is_readable
= 1;
700 con
->is_writable
= 1;
701 con
->http_status
= 0;
702 con
->file_finished
= 0;
703 con
->file_started
= 0;
704 con
->got_response
= 0;
706 con
->parsed_response
= 0;
708 con
->bytes_written
= 0;
709 con
->bytes_written_cur_second
= 0;
711 con
->bytes_header
= 0;
712 con
->loops_per_request
= 0;
714 con
->request
.http_method
= HTTP_METHOD_UNSET
;
715 con
->request
.http_version
= HTTP_VERSION_UNSET
;
717 con
->request
.http_if_modified_since
= NULL
;
718 con
->request
.http_if_none_match
= NULL
;
720 con
->response
.keep_alive
= 0;
721 con
->response
.content_length
= -1;
722 con
->response
.transfer_encoding
= 0;
727 if (con->x) buffer_reset(con->x);
730 CLEAN(request
.request_line
);
731 CLEAN(request
.pathinfo
);
732 CLEAN(request
.request
);
734 /* CLEAN(request.orig_uri); */
737 /* CLEAN(uri.authority); */
738 /* CLEAN(uri.path); */
740 /* CLEAN(uri.query); */
742 CLEAN(physical
.doc_root
);
743 CLEAN(physical
.path
);
744 CLEAN(physical
.basedir
);
745 CLEAN(physical
.rel_path
);
746 CLEAN(physical
.etag
);
748 CLEAN(parse_request
);
751 #if defined USE_OPENSSL && ! defined OPENSSL_NO_TLSEXT
752 CLEAN(tlsext_server_name
);
757 if (con->x) con->x->used = 0;
762 con->request.x = NULL;
766 CLEAN(http_content_type
);
768 con
->request
.content_length
= 0;
770 array_reset(con
->request
.headers
);
771 array_reset(con
->response
.headers
);
772 array_reset(con
->environment
);
774 chunkqueue_reset(con
->write_queue
);
775 chunkqueue_reset(con
->request_content_queue
);
777 /* the plugins should cleanup themself */
778 for (i
= 0; i
< srv
->plugins
.used
; i
++) {
779 plugin
*p
= ((plugin
**)(srv
->plugins
.ptr
))[i
];
780 plugin_data
*pd
= p
->data
;
784 if (con
->plugin_ctx
[pd
->id
] != NULL
) {
785 log_error_write(srv
, __FILE__
, __LINE__
, "sb", "missing cleanup in", p
->name
);
788 con
->plugin_ctx
[pd
->id
] = NULL
;
791 /* The cond_cache gets reset in response.c */
792 /* config_cond_cache_reset(srv, con); */
795 con
->error_handler_saved_status
= 0;
796 /*con->error_handler_saved_method = HTTP_METHOD_UNSET;*/
797 /*(error_handler_saved_method value is not valid unless error_handler_saved_status is set)*/
799 config_setup_connection(srv
, con
);
805 * handle all header and content read
807 * we get called by the state-engine and by the fdevent-handler
809 static int connection_handle_read_state(server
*srv
, connection
*con
) {
810 chunk
*c
, *last_chunk
;
812 chunkqueue
*cq
= con
->read_queue
;
813 int is_closed
= 0; /* the connection got closed, if we don't have a complete header, -> error */
814 /* when in CON_STATE_READ: about to receive first byte for a request: */
815 int is_request_start
= chunkqueue_is_empty(cq
);
817 if (con
->is_readable
) {
818 con
->read_idle_ts
= srv
->cur_ts
;
820 switch(connection_handle_read(srv
, con
)) {
831 chunkqueue_remove_finished_chunks(cq
);
833 /* we might have got several packets at once
836 /* update request_start timestamp when first byte of
837 * next request is received on a keep-alive connection */
838 if (con
->request_count
> 1 && is_request_start
) {
839 con
->request_start
= srv
->cur_ts
;
840 if (con
->conf
.high_precision_timestamps
)
841 log_clock_gettime_realtime(&con
->request_start_hp
);
844 /* if there is a \r\n\r\n in the chunkqueue
846 * scan the chunk-queue twice
847 * 1. to find the \r\n\r\n
848 * 2. to copy the header-packet
855 for (c
= cq
->first
; c
; c
= c
->next
) {
857 size_t len
= buffer_string_length(c
->mem
) - c
->offset
;
858 const char *b
= c
->mem
->ptr
+ c
->offset
;
860 for (i
= 0; i
< len
; ++i
) {
864 /* chec if \n\r\n follows */
867 const char header_end
[] = "\r\n\r\n";
868 int header_end_match_pos
= 1;
870 for ( ; cc
; cc
= cc
->next
, j
= 0 ) {
871 size_t bblen
= buffer_string_length(cc
->mem
) - cc
->offset
;
872 const char *bb
= cc
->mem
->ptr
+ cc
->offset
;
874 for ( ; j
< bblen
; j
++) {
877 if (ch
== header_end
[header_end_match_pos
]) {
878 header_end_match_pos
++;
879 if (4 == header_end_match_pos
) {
882 goto found_header_end
;
897 buffer_reset(con
->request
.request
);
899 for (c
= cq
->first
; c
; c
= c
->next
) {
900 size_t len
= buffer_string_length(c
->mem
) - c
->offset
;
902 if (c
== last_chunk
) {
906 buffer_append_string_len(con
->request
.request
, c
->mem
->ptr
+ c
->offset
, len
);
908 cq
->bytes_out
+= len
;
910 if (c
== last_chunk
) break;
913 connection_set_state(srv
, con
, CON_STATE_REQUEST_END
);
914 } else if (is_closed
) {
915 /* the connection got closed and we didn't got enough data to leave CON_STATE_READ;
916 * the only way is to leave here */
917 connection_set_state(srv
, con
, CON_STATE_ERROR
);
920 if ((last_chunk
? buffer_string_length(con
->request
.request
) : (size_t)chunkqueue_length(cq
))
921 > srv
->srvconf
.max_request_field_size
) {
922 log_error_write(srv
, __FILE__
, __LINE__
, "s", "oversized request-header -> sending Status 431");
923 con
->http_status
= 431; /* Request Header Fields Too Large */
925 connection_set_state(srv
, con
, CON_STATE_HANDLE_REQUEST
);
928 chunkqueue_remove_finished_chunks(cq
);
933 static handler_t
connection_handle_fdevent(server
*srv
, void *context
, int revents
) {
934 connection
*con
= context
;
936 joblist_append(srv
, con
);
938 if (con
->srv_socket
->is_ssl
) {
939 /* ssl may read and write for both reads and writes */
940 if (revents
& (FDEVENT_IN
| FDEVENT_OUT
)) {
941 con
->is_readable
= 1;
942 con
->is_writable
= 1;
945 if (revents
& FDEVENT_IN
) {
946 con
->is_readable
= 1;
948 if (revents
& FDEVENT_OUT
) {
949 con
->is_writable
= 1;
950 /* we don't need the event twice */
955 if (con
->state
== CON_STATE_READ
) {
956 connection_handle_read_state(srv
, con
);
959 if (con
->state
== CON_STATE_WRITE
&&
960 !chunkqueue_is_empty(con
->write_queue
) &&
963 if (-1 == connection_handle_write(srv
, con
)) {
964 connection_set_state(srv
, con
, CON_STATE_ERROR
);
966 log_error_write(srv
, __FILE__
, __LINE__
, "ds",
968 "handle write failed.");
972 if (con
->state
== CON_STATE_CLOSE
) {
973 /* flush the read buffers */
977 len
= read(con
->fd
, buf
, sizeof(buf
));
978 if (len
== 0 || (len
< 0 && errno
!= EAGAIN
&& errno
!= EINTR
) ) {
979 con
->close_timeout_ts
= srv
->cur_ts
- (HTTP_LINGER_TIMEOUT
+1);
984 /* attempt (above) to read data in kernel socket buffers
985 * prior to handling FDEVENT_HUP and FDEVENT_ERR */
987 if ((revents
& ~(FDEVENT_IN
| FDEVENT_OUT
)) && con
->state
!= CON_STATE_ERROR
) {
988 if (con
->state
== CON_STATE_CLOSE
) {
989 con
->close_timeout_ts
= srv
->cur_ts
- (HTTP_LINGER_TIMEOUT
+1);
990 } else if (revents
& FDEVENT_HUP
) {
991 if (fdevent_is_tcp_half_closed(con
->fd
)) {
994 connection_set_state(srv
, con
, CON_STATE_ERROR
);
996 } else if (revents
& FDEVENT_ERR
) { /* error, connection reset */
997 connection_set_state(srv
, con
, CON_STATE_ERROR
);
999 log_error_write(srv
, __FILE__
, __LINE__
, "sd",
1000 "connection closed: poll() -> ???", revents
);
1004 return HANDLER_FINISHED
;
1008 connection
*connection_accept(server
*srv
, server_socket
*srv_socket
) {
1009 /* accept everything */
1011 /* search an empty place */
1015 /* accept it and register the fd */
1018 * check if we can still open a new connections
1023 if (srv
->conns
->used
>= srv
->max_conns
) {
1027 cnt_len
= sizeof(cnt_addr
);
1029 #if defined(SOCK_CLOEXEC) && defined(SOCK_NONBLOCK)
1030 cnt
= accept4(srv_socket
->fd
, (struct sockaddr
*) &cnt_addr
, &cnt_len
, SOCK_CLOEXEC
| SOCK_NONBLOCK
);
1032 cnt
= accept(srv_socket
->fd
, (struct sockaddr
*) &cnt_addr
, &cnt_len
);
1037 #if EWOULDBLOCK != EAGAIN
1041 /* we were stopped _before_ we had a connection */
1042 case ECONNABORTED
: /* this is a FreeBSD thingy */
1043 /* we were stopped _after_ we had a connection */
1049 log_error_write(srv
, __FILE__
, __LINE__
, "ssd", "accept failed:", strerror(errno
), errno
);
1053 if (cnt_addr
.plain
.sa_family
!= AF_UNIX
) {
1054 network_accept_tcp_nagle_disable(cnt
);
1056 return connection_accepted(srv
, srv_socket
, &cnt_addr
, cnt
);
1060 connection
*connection_accepted(server
*srv
, server_socket
*srv_socket
, sock_addr
*cnt_addr
, int cnt
) {
1065 /* ok, we have the connection, register it */
1067 log_error_write(srv
, __FILE__
, __LINE__
, "sd",
1072 con
= connections_get_new_connection(srv
);
1076 fdevent_register(srv
->ev
, con
->fd
, connection_handle_fdevent
, con
);
1078 connection_set_state(srv
, con
, CON_STATE_REQUEST_START
);
1080 con
->connection_start
= srv
->cur_ts
;
1081 con
->dst_addr
= *cnt_addr
;
1082 buffer_copy_string(con
->dst_addr_buf
, inet_ntop_cache_get_ip(srv
, &(con
->dst_addr
)));
1083 con
->srv_socket
= srv_socket
;
1085 if (-1 == fdevent_fcntl_set_nb_cloexec_sock(srv
->ev
, con
->fd
)) {
1086 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "fcntl failed: ", strerror(errno
));
1087 connection_close(srv
, con
);
1091 /* connect FD to SSL */
1092 if (srv_socket
->is_ssl
) {
1093 if (NULL
== (con
->ssl
= SSL_new(srv_socket
->ssl_ctx
))) {
1094 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "SSL:",
1095 ERR_error_string(ERR_get_error(), NULL
));
1097 connection_close(srv
, con
);
1101 con
->renegotiations
= 0;
1102 SSL_set_app_data(con
->ssl
, con
);
1103 SSL_set_accept_state(con
->ssl
);
1105 if (1 != (SSL_set_fd(con
->ssl
, cnt
))) {
1106 log_error_write(srv
, __FILE__
, __LINE__
, "ss", "SSL:",
1107 ERR_error_string(ERR_get_error(), NULL
));
1108 connection_close(srv
, con
);
1117 int connection_state_machine(server
*srv
, connection
*con
) {
1120 if (srv
->srvconf
.log_state_handling
) {
1121 log_error_write(srv
, __FILE__
, __LINE__
, "sds",
1124 connection_get_state(con
->state
));
1128 size_t ostate
= con
->state
;
1130 if (srv
->srvconf
.log_state_handling
) {
1131 log_error_write(srv
, __FILE__
, __LINE__
, "sds",
1132 "state for fd", con
->fd
, connection_get_state(con
->state
));
1135 switch (con
->state
) {
1136 case CON_STATE_REQUEST_START
: /* transient */
1137 con
->request_start
= srv
->cur_ts
;
1138 con
->read_idle_ts
= srv
->cur_ts
;
1139 if (con
->conf
.high_precision_timestamps
)
1140 log_clock_gettime_realtime(&con
->request_start_hp
);
1142 con
->request_count
++;
1143 con
->loops_per_request
= 0;
1145 connection_set_state(srv
, con
, CON_STATE_READ
);
1148 case CON_STATE_REQUEST_END
: /* transient */
1149 buffer_reset(con
->uri
.authority
);
1150 buffer_reset(con
->uri
.path
);
1151 buffer_reset(con
->uri
.query
);
1152 buffer_reset(con
->request
.orig_uri
);
1154 if (http_request_parse(srv
, con
)) {
1155 /* we have to read some data from the POST request */
1157 connection_set_state(srv
, con
, CON_STATE_READ_POST
);
1162 connection_set_state(srv
, con
, CON_STATE_HANDLE_REQUEST
);
1165 case CON_STATE_READ_POST
:
1166 case CON_STATE_HANDLE_REQUEST
:
1168 * the request is parsed
1170 * decided what to do with the request
1176 switch (r
= http_response_prepare(srv
, con
)) {
1177 case HANDLER_WAIT_FOR_EVENT
:
1178 if (!con
->file_finished
&& (!con
->file_started
|| 0 == con
->conf
.stream_response_body
)) {
1179 break; /* come back here */
1181 /* response headers received from backend; fall through to start response */
1182 case HANDLER_FINISHED
:
1183 if (con
->error_handler_saved_status
> 0) {
1184 con
->request
.http_method
= con
->error_handler_saved_method
;
1186 if (con
->mode
== DIRECT
) {
1187 if (con
->error_handler_saved_status
) {
1188 if (con
->error_handler_saved_status
> 0) {
1189 con
->http_status
= con
->error_handler_saved_status
;
1190 } else if (con
->http_status
== 404 || con
->http_status
== 403) {
1191 /* error-handler-404 is a 404 */
1192 con
->http_status
= -con
->error_handler_saved_status
;
1194 /* error-handler-404 is back and has generated content */
1195 /* if Status: was set, take it otherwise use 200 */
1197 } else if (con
->http_status
>= 400) {
1198 buffer
*error_handler
= NULL
;
1199 if (!buffer_string_is_empty(con
->conf
.error_handler
)) {
1200 error_handler
= con
->conf
.error_handler
;
1201 } else if ((con
->http_status
== 404 || con
->http_status
== 403)
1202 && !buffer_string_is_empty(con
->conf
.error_handler_404
)) {
1203 error_handler
= con
->conf
.error_handler_404
;
1206 if (error_handler
) {
1207 /* call error-handler */
1209 /* set REDIRECT_STATUS to save current HTTP status code
1210 * for access by dynamic handlers
1211 * https://redmine.lighttpd.net/issues/1828 */
1213 if (NULL
== (ds
= (data_string
*)array_get_unused_element(con
->environment
, TYPE_STRING
))) {
1214 ds
= data_string_init();
1216 buffer_copy_string_len(ds
->key
, CONST_STR_LEN("REDIRECT_STATUS"));
1217 buffer_append_int(ds
->value
, con
->http_status
);
1218 array_insert_unique(con
->environment
, (data_unset
*)ds
);
1220 if (error_handler
== con
->conf
.error_handler
) {
1221 plugins_call_connection_reset(srv
, con
);
1223 if (con
->request
.content_length
) {
1224 if ((off_t
)con
->request
.content_length
!= chunkqueue_length(con
->request_content_queue
)) {
1225 con
->keep_alive
= 0;
1227 con
->request
.content_length
= 0;
1228 chunkqueue_reset(con
->request_content_queue
);
1231 con
->is_writable
= 1;
1232 con
->file_finished
= 0;
1233 con
->file_started
= 0;
1234 con
->got_response
= 0;
1235 con
->parsed_response
= 0;
1236 con
->response
.keep_alive
= 0;
1237 con
->response
.content_length
= -1;
1238 con
->response
.transfer_encoding
= 0;
1240 con
->error_handler_saved_status
= con
->http_status
;
1241 con
->error_handler_saved_method
= con
->request
.http_method
;
1243 con
->request
.http_method
= HTTP_METHOD_GET
;
1244 } else { /*(preserve behavior for server.error-handler-404)*/
1245 con
->error_handler_saved_status
= -con
->http_status
; /*(negative to flag old behavior)*/
1248 buffer_copy_buffer(con
->request
.uri
, error_handler
);
1249 connection_handle_errdoc_init(srv
, con
);
1250 con
->http_status
= 0; /*(after connection_handle_errdoc_init())*/
1257 if (con
->http_status
== 0) con
->http_status
= 200;
1259 /* we have something to send, go on */
1260 connection_set_state(srv
, con
, CON_STATE_RESPONSE_START
);
1262 case HANDLER_WAIT_FOR_FD
:
1265 fdwaitqueue_append(srv
, con
);
1268 case HANDLER_COMEBACK
:
1272 /* something went wrong */
1273 connection_set_state(srv
, con
, CON_STATE_ERROR
);
1276 log_error_write(srv
, __FILE__
, __LINE__
, "sdd", "unknown ret-value: ", con
->fd
, r
);
1280 if (con
->state
== CON_STATE_HANDLE_REQUEST
&& ostate
== CON_STATE_READ_POST
) {
1281 ostate
= CON_STATE_HANDLE_REQUEST
;
1284 case CON_STATE_RESPONSE_START
:
1286 * the decision is done
1287 * - create the HTTP-Response-Header
1291 if (-1 == connection_handle_write_prepare(srv
, con
)) {
1292 connection_set_state(srv
, con
, CON_STATE_ERROR
);
1297 connection_set_state(srv
, con
, CON_STATE_WRITE
);
1299 case CON_STATE_RESPONSE_END
: /* transient */
1300 case CON_STATE_ERROR
: /* transient */
1301 connection_handle_response_end_state(srv
, con
);
1303 case CON_STATE_CONNECT
:
1304 chunkqueue_reset(con
->read_queue
);
1306 con
->request_count
= 0;
1309 case CON_STATE_CLOSE
:
1310 connection_handle_close_state(srv
, con
);
1312 case CON_STATE_READ
:
1313 connection_handle_read_state(srv
, con
);
1315 case CON_STATE_WRITE
:
1317 /* only try to write if we have something in the queue */
1318 if (!chunkqueue_is_empty(con
->write_queue
)) {
1319 if (con
->is_writable
) {
1320 if (-1 == connection_handle_write(srv
, con
)) {
1321 log_error_write(srv
, __FILE__
, __LINE__
, "ds",
1323 "handle write failed.");
1324 connection_set_state(srv
, con
, CON_STATE_ERROR
);
1327 if (con
->state
!= CON_STATE_WRITE
) break;
1329 } else if (con
->file_finished
) {
1330 connection_set_state(srv
, con
, CON_STATE_RESPONSE_END
);
1334 if (con
->mode
!= DIRECT
&& !con
->file_finished
) {
1335 switch(r
= plugins_call_handle_subrequest(srv
, con
)) {
1336 case HANDLER_WAIT_FOR_EVENT
:
1337 case HANDLER_FINISHED
:
1340 case HANDLER_WAIT_FOR_FD
:
1342 fdwaitqueue_append(srv
, con
);
1344 case HANDLER_COMEBACK
:
1346 log_error_write(srv
, __FILE__
, __LINE__
, "sdd", "unexpected subrequest handler ret-value: ", con
->fd
, r
);
1349 connection_set_state(srv
, con
, CON_STATE_ERROR
);
1353 } while (con
->state
== CON_STATE_WRITE
&& (!chunkqueue_is_empty(con
->write_queue
) ? con
->is_writable
: con
->file_finished
));
1357 log_error_write(srv
, __FILE__
, __LINE__
, "sdd",
1358 "unknown state:", con
->fd
, con
->state
);
1365 } else if (ostate
== con
->state
) {
1370 if (srv
->srvconf
.log_state_handling
) {
1371 log_error_write(srv
, __FILE__
, __LINE__
, "sds",
1374 connection_get_state(con
->state
));
1378 switch(con
->state
) {
1379 case CON_STATE_READ
:
1380 case CON_STATE_CLOSE
:
1383 case CON_STATE_WRITE
:
1384 /* request write-fdevent only if we really need it
1385 * - if we have data to write
1386 * - if the socket is not writable yet
1388 if (!chunkqueue_is_empty(con
->write_queue
) &&
1389 (con
->is_writable
== 0) &&
1390 (con
->traffic_limit_reached
== 0)) {
1394 case CON_STATE_READ_POST
:
1395 if (con
->conf
.stream_request_body
& FDEVENT_STREAM_REQUEST_POLLIN
) {
1402 if (-1 != con
->fd
) {
1403 const int events
= fdevent_event_get_interest(srv
->ev
, con
->fd
);
1404 if (con
->is_readable
< 0) {
1405 con
->is_readable
= 0;
1408 if (con
->is_writable
< 0) {
1409 con
->is_writable
= 0;
1413 /* update timestamps when enabling interest in events */
1414 if ((r
& FDEVENT_IN
) && !(events
& FDEVENT_IN
)) {
1415 con
->read_idle_ts
= srv
->cur_ts
;
1417 if ((r
& FDEVENT_OUT
) && !(events
& FDEVENT_OUT
)) {
1418 con
->write_request_ts
= srv
->cur_ts
;
1420 fdevent_event_set(srv
->ev
, &con
->fde_ndx
, con
->fd
, r
);