17 #ifdef HAVE_INTTYPES_H
18 # include <inttypes.h>
26 #include "sys-socket.h"
27 #include "splaytree.h"
31 #if defined HAVE_LIBSSL && defined HAVE_OPENSSL_SSL_H
33 # include <openssl/ssl.h>
34 # if ! defined OPENSSL_NO_TLSEXT && ! defined SSL_CTRL_SET_TLSEXT_HOSTNAME
35 # define OPENSSL_NO_TLSEXT
48 # define O_LARGEFILE 0
53 # define SIZE_MAX SIZE_T_MAX
55 # define SIZE_MAX ((size_t)~0)
60 # define SSIZE_MAX ((size_t)~0 >> 1)
64 #include <crt_externs.h>
65 #define environ (* _NSGetEnviron())
67 extern char **environ
;
70 /* for solaris 2.5 and NetBSD 1.3.x */
71 #ifndef HAVE_SOCKLEN_T
72 typedef int socklen_t
;
75 /* solaris and NetBSD 1.3.x again */
76 #if (!defined(HAVE_STDINT_H)) && (!defined(HAVE_INTTYPES_H)) && (!defined(uint32_t))
77 # define uint32_t u_int32_t
85 typedef enum { T_CONFIG_UNSET
,
94 } config_values_type_t
;
96 typedef enum { T_CONFIG_SCOPE_UNSET
,
97 T_CONFIG_SCOPE_SERVER
,
98 T_CONFIG_SCOPE_CONNECTION
99 } config_scope_type_t
;
105 config_values_type_t type
;
106 config_scope_type_t scope
;
109 typedef enum { DIRECT
, EXTERNAL
} connection_type
;
113 connection_type type
;
128 struct sockaddr_in6 ipv6
;
130 struct sockaddr_in ipv4
;
132 struct sockaddr_un un
;
134 struct sockaddr plain
;
137 /* fcgi_response_header contains ... */
138 #define HTTP_STATUS BV(0)
139 #define HTTP_CONNECTION BV(1)
140 #define HTTP_CONTENT_LENGTH BV(2)
141 #define HTTP_DATE BV(3)
142 #define HTTP_LOCATION BV(4)
146 /* the request-line */
152 http_method_t http_method
;
153 http_version_t http_version
;
155 buffer
*request_line
;
157 /* strings to the header */
158 buffer
*http_host
; /* not alloced */
159 const char *http_range
;
160 const char *http_content_type
;
161 const char *http_if_modified_since
;
162 const char *http_if_none_match
;
167 size_t content_length
; /* returned by strtoul() */
169 /* internal representation */
177 off_t content_length
;
178 int keep_alive
; /* used by the subrequests in proxy, cgi and fcgi to say the subrequest was keep-alive or not */
183 HTTP_TRANSFER_ENCODING_IDENTITY
, HTTP_TRANSFER_ENCODING_CHUNKED
188 buffer
*scheme
; /* scheme without colon or slashes ( "http" or "https" ) */
190 /* authority with optional portnumber ("site.name" or "site.name:8080" ) NOTE: without "username:password@" */
193 /* path including leading slash ("/" or "/index.html") - urldecoded, and sanitized ( buffer_path_simplify() && buffer_urldecode_path() ) */
195 buffer
*path_raw
; /* raw path, as sent from client. no urldecoding or path simplifying */
196 buffer
*query
; /* querystring ( everything after "?", ie: in "/index.php?foo=1", query is "foo=1" ) */
201 buffer
*basedir
; /* path = "(basedir)(.*)" */
203 buffer
*doc_root
; /* path = doc_root + rel_path */
225 buffer
*content_type
;
229 splay_tree
*files
; /* the nodes of the tree are stat_cache_entry's */
231 buffer
*dir_name
; /* for building the dirname from the filename */
233 splay_tree
*dirs
; /* the nodes of the tree are fam_dir_entry */
238 buffer
*hash_key
; /* temp-store for the hash-key */
244 /* virtual-servers */
245 buffer
*document_root
;
247 buffer
*error_handler
;
248 buffer
*error_handler_404
;
250 buffer
*dirlist_encoding
;
251 buffer
*errorfile_prefix
;
253 unsigned short max_keep_alive_requests
;
254 unsigned short max_keep_alive_idle
;
255 unsigned short max_read_idle
;
256 unsigned short max_write_idle
;
257 unsigned short use_xattr
;
258 unsigned short follow_symlink
;
259 unsigned short range_requests
;
263 unsigned short log_file_not_found
;
264 unsigned short log_request_header
;
265 unsigned short log_request_handling
;
266 unsigned short log_response_header
;
267 unsigned short log_condition_handling
;
268 unsigned short log_ssl_noise
;
269 unsigned short log_timeouts
;
275 buffer
*ssl_cipher_list
;
277 buffer
*ssl_ec_curve
;
278 unsigned short ssl_honor_cipher_order
; /* determine SSL cipher in server-preferred order, not client-order */
279 unsigned short ssl_empty_fragments
; /* whether to not set SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS */
280 unsigned short ssl_use_sslv2
;
281 unsigned short ssl_use_sslv3
;
282 unsigned short ssl_verifyclient
;
283 unsigned short ssl_verifyclient_enforce
;
284 unsigned short ssl_verifyclient_depth
;
285 buffer
*ssl_verifyclient_username
;
286 unsigned short ssl_verifyclient_export_cert
;
287 unsigned short ssl_disable_client_renegotiation
;
289 unsigned short use_ipv6
, set_v6only
; /* set_v6only is only a temporary option */
290 unsigned short defer_accept
;
291 unsigned short ssl_enabled
; /* only interesting for setting up listening sockets. don't use at runtime */
292 unsigned short allow_http11
;
293 unsigned short etag_use_inode
;
294 unsigned short etag_use_mtime
;
295 unsigned short etag_use_size
;
296 unsigned short force_lowercase_filenames
; /* if the FS is case-insensitive, force all files to lower-case */
297 unsigned int max_request_size
;
300 unsigned short kbytes_per_second
; /* connection kb/s limit */
303 unsigned short global_kbytes_per_second
; /* */
305 off_t global_bytes_per_second_cnt
;
306 /* server-wide traffic-shaper
308 * each context has the counter which is inited once
309 * a second by the global_kbytes_per_second config-var
311 * as soon as global_kbytes_per_second gets below 0
312 * the connected conns are "offline" a little bit
315 * we somehow have to loose our "we are writable" signal
319 off_t
*global_bytes_per_second_cnt_ptr
; /* */
322 SSL_CTX
*ssl_ctx
; /* not patched */
323 /* SNI per host: with COMP_SERVER_SOCKET, COMP_HTTP_SCHEME, COMP_HTTP_HOST */
324 EVP_PKEY
*ssl_pemfile_pkey
;
325 X509
*ssl_pemfile_x509
;
326 STACK_OF(X509_NAME
) *ssl_ca_file_cert_names
;
330 /* the order of the items should be the same as they are processed
331 * read before write as we use this later */
334 CON_STATE_REQUEST_START
,
336 CON_STATE_REQUEST_END
,
338 CON_STATE_HANDLE_REQUEST
,
339 CON_STATE_RESPONSE_START
,
341 CON_STATE_RESPONSE_END
,
344 } connection_state_t
;
347 /* condition not active at the moment because itself or some
348 * pre-condition depends on data not available yet
352 /* special "unset" for branches not selected due to pre-conditions
353 * not met (but pre-conditions are not "unset" anymore)
357 /* actually evaluated the condition itself */
358 COND_RESULT_FALSE
, /* not active */
359 COND_RESULT_TRUE
, /* active */
363 /* current result (with preconditions) */
364 cond_result_t result
;
365 /* result without preconditions (must never be "skip") */
366 cond_result_t local_result
;
369 buffer
*comp_value
; /* just a pointer */
373 connection_state_t state
;
377 time_t close_timeout_ts
;
378 time_t write_request_ts
;
380 time_t connection_start
;
381 time_t request_start
;
383 struct timeval start_tv
;
385 size_t request_count
; /* number of requests handled in this connection */
386 size_t loops_per_request
; /* to catch endless loops in a single request
388 * used by mod_rewrite, mod_fastcgi, ... and others
389 * this is self-protection
392 int fd
; /* the FD for this connection */
393 int fde_ndx
; /* index for the fdevent-handler */
394 int ndx
; /* reverse mapping to server->connection[ndx] */
400 int keep_alive
; /* only request.c can enable it, all other just disable */
401 int keep_alive_idle
; /* remember max_keep_alive_idle from config */
406 chunkqueue
*write_queue
; /* a large queue for low-level write ( HTTP response ) [ file, mem ] */
407 chunkqueue
*read_queue
; /* a small queue for low-level read ( HTTP request ) [ mem ] */
408 chunkqueue
*request_content_queue
; /* takes request-content into tempfile if necessary [ tempfile, mem ]*/
410 int traffic_limit_reached
;
412 off_t bytes_written
; /* used by mod_accesslog, mod_rrd */
413 off_t bytes_written_cur_second
; /* used by mod_accesslog, mod_rrd */
414 off_t bytes_read
; /* used by mod_accesslog, mod_rrd */
420 buffer
*dst_addr_buf
;
423 buffer
*parse_request
;
424 unsigned int parsed_response
; /* bitfield which contains the important header-fields of the parsed response header */
433 array
*environment
; /* used to pass lighttpd internal stuff to the FastCGI/CGI apps, setenv does that */
440 connection_type mode
;
442 void **plugin_ctx
; /* plugin connection specific config */
444 specific_config conf
; /* global connection specific config */
445 cond_cache_t
*cond_cache
;
450 int error_handler_saved_status
;
451 http_method_t error_handler_saved_method
;
453 struct server_socket
*srv_socket
; /* reference to the server-socket */
457 # ifndef OPENSSL_NO_TLSEXT
458 buffer
*tlsext_server_name
;
460 unsigned int renegotiations
; /* count of SSL_CB_HANDSHAKE_START */
463 etag_flags_t etag_flags
;
465 int conditional_is_valid
[COMP_LAST_ELEMENT
];
479 struct in6_addr ipv6
;
482 char b2
[INET6_ADDRSTRLEN
+ 1];
484 } inet_ntop_cache_type
;
492 } realpath_cache_type
;
495 time_t mtime
; /* the key */
496 buffer
*str
; /* a buffer for the string represenation */
509 buffer
*errorlog_file
;
510 unsigned short errorlog_use_syslog
;
511 buffer
*breakagelog_file
;
513 unsigned short dont_daemonize
;
514 unsigned short preflight_check
;
521 buffer
*event_handler
;
524 buffer
*network_backend
;
526 array
*upload_tempdirs
;
527 unsigned int upload_temp_file_size
;
529 unsigned short max_worker
;
530 unsigned short max_fds
;
531 unsigned short max_conns
;
532 unsigned int max_request_size
;
534 unsigned short log_request_header_on_error
;
535 unsigned short log_state_handling
;
537 enum { STAT_CACHE_ENGINE_UNSET
,
538 STAT_CACHE_ENGINE_NONE
,
539 STAT_CACHE_ENGINE_SIMPLE
541 , STAT_CACHE_ENGINE_FAM
544 unsigned short enable_cores
;
545 unsigned short reject_expect_100_with_417
;
549 typedef struct server_socket
{
554 unsigned short is_ssl
;
568 } server_socket_array
;
570 typedef struct server
{
571 server_socket_array srv_sockets
;
575 enum { ERRORLOG_FILE
, ERRORLOG_FD
, ERRORLOG_SYSLOG
, ERRORLOG_PIPE
} errorlog_mode
;
576 buffer
*errorlog_buf
;
578 fdevents
*ev
, *ev_ins
;
580 buffer_plugin plugins
;
591 int max_fds
; /* max possible fds */
592 int cur_fds
; /* currently used fds */
593 int want_fds
; /* waiting fds */
594 int sockets_disabled
;
599 buffer
*parse_full_path
;
600 buffer
*response_header
;
601 buffer
*response_range
;
604 buffer
*tmp_chunk_len
;
606 buffer
*empty_string
; /* is necessary for cond_match */
608 buffer
*cond_check_buf
;
612 inet_ntop_cache_type inet_ntop_cache
[INET_NTOP_CACHE_MAX
];
614 mtime_cache_type mtime_cache
[FILE_CACHE_MAX
];
620 time_t last_generated_date_ts
;
621 time_t last_generated_debug_ts
;
624 char entropy
[8]; /* from /dev/[u]random if possible, otherwise rand() */
625 char is_real_entropy
; /* whether entropy is from /dev/[u]random */
627 buffer
*ts_debug_str
;
632 array
*config_touched
;
634 array
*config_context
;
635 specific_config
**config_storage
;
637 server_config srvconf
;
639 short int config_deprecated
;
640 short int config_unsupported
;
643 connections
*joblist
;
644 connections
*fdwaitqueue
;
646 stat_cache
*stat_cache
;
649 * The status array can carry all the status information you want
650 * the key to the array is <module-prefix>.<name>
651 * and the values are counters
654 * fastcgi.backends = 10
655 * fastcgi.active-backends = 6
656 * fastcgi.backend.<key>.load = 24
657 * fastcgi.backend.<key>....
659 * fastcgi.backend.<key>.disconnects = ...
663 fdevent_handler_t event_handler
;
665 int (* network_backend_write
)(struct server
*srv
, connection
*con
, int fd
, chunkqueue
*cq
, off_t max_bytes
);
667 int (* network_ssl_backend_write
)(struct server
*srv
, connection
*con
, SSL
*ssl
, chunkqueue
*cq
, off_t max_bytes
);