search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[SCons] define with_krb5 for SCons build
[lighttpd.git] / src / configfile.c
blob359e683a4c0a9017233103be5e89db29a0e06786
1 #include "first.h"
2
3 #include "server.h"
4 #include "log.h"
5 #include "stream.h"
6 #include "plugin.h"
7
8 #include "configparser.h"
9 #include "configfile.h"
10 #include "proc_open.h"
11 #include "request.h"
12 #include "version.h"
13
14 #include <sys/stat.h>
15
16 #include <stdlib.h>
17 #include <fcntl.h>
18 #include <unistd.h>
19 #include <errno.h>
20 #include <string.h>
21 #include <stdio.h>
22 #include <ctype.h>
23 #include <limits.h>
24 #include <assert.h>
25 #include <glob.h>
26
27
28 static int config_insert(server *srv) {
29 size_t i;
30 int ret = 0;
31 buffer *stat_cache_string;
32
33 config_values_t cv[] = {
34 { "server.bind", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 0 */
35 { "server.errorlog", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 1 */
36 { "server.errorfile-prefix", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
37 { "server.chroot", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 3 */
38 { "server.username", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 4 */
39 { "server.groupname", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 5 */
40 { "server.port", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_SERVER }, /* 6 */
41 { "server.tag", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 7 */
42 { "server.use-ipv6", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 8 */
43 { "server.modules", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_SERVER }, /* 9 */
44
45 { "server.event-handler", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 10 */
46 { "server.pid-file", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 11 */
47 { "server.max-request-size", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_SERVER }, /* 12 */
48 { "server.max-worker", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_SERVER }, /* 13 */
49 { "server.document-root", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 14 */
50 { "server.force-lowercase-filenames", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 15 */
51 { "debug.log-condition-handling", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 16 */
52 { "server.max-keep-alive-requests", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 17 */
53 { "server.name", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 18 */
54 { "server.max-keep-alive-idle", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 19 */
55
56 { "server.max-read-idle", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 20 */
57 { "server.max-write-idle", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 21 */
58 { "server.error-handler", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 22 */
59 { "server.max-fds", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_SERVER }, /* 23 */
60 #ifdef HAVE_LSTAT
61 { "server.follow-symlink", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 24 */
62 #else
63 { "server.follow-symlink",
64 "Your system lacks lstat(). We can not differ symlinks from files."
65 "Please remove server.follow-symlinks from your config.",
66 T_CONFIG_UNSUPPORTED, T_CONFIG_SCOPE_UNSET },
67 #endif
68 { "server.kbytes-per-second", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 25 */
69 { "connection.kbytes-per-second", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 26 */
70 { "mimetype.use-xattr", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 27 */
71 { "mimetype.assign", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 28 */
72 { "ssl.pemfile", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 29 */
73
74 { "ssl.engine", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 30 */
75 { "debug.log-file-not-found", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 31 */
76 { "debug.log-request-handling", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 32 */
77 { "debug.log-response-header", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 33 */
78 { "debug.log-request-header", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 34 */
79 { "debug.log-ssl-noise", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 35 */
80 { "server.protocol-http11", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 36 */
81 { "debug.log-request-header-on-error", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 37 */
82 { "debug.log-state-handling", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 38 */
83 { "ssl.ca-file", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 39 */
84
85 { "server.errorlog-use-syslog", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 40 */
86 { "server.range-requests", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 41 */
87 { "server.stat-cache-engine", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 42 */
88 { "server.max-connections", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_SERVER }, /* 43 */
89 { "server.network-backend", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 44 */
90 { "server.upload-dirs", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_SERVER }, /* 45 */
91 { "server.core-files", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 46 */
92 { "ssl.cipher-list", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 47 */
93 { "ssl.use-sslv2", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 48 */
94 { "etag.use-inode", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 49 */
95
96 { "etag.use-mtime", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 50 */
97 { "etag.use-size", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 51 */
98 { "server.reject-expect-100-with-417", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 52 */
99 { "debug.log-timeouts", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 53 */
100 { "server.defer-accept", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 54 */
101 { "server.breakagelog", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 55 */
102 { "ssl.verifyclient.activate", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 56 */
103 { "ssl.verifyclient.enforce", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 57 */
104 { "ssl.verifyclient.depth", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 58 */
105 { "ssl.verifyclient.username", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 59 */
106
107 { "ssl.verifyclient.exportcert", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 60 */
108 { "server.set-v6only", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 61 */
109 { "ssl.use-sslv3", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 62 */
110 { "ssl.dh-file", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 63 */
111 { "ssl.ec-curve", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 64 */
112 { "ssl.disable-client-renegotiation", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 65 */
113 { "ssl.honor-cipher-order", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 66 */
114 { "ssl.empty-fragments", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 67 */
115 { "server.upload-temp-file-size", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_SERVER }, /* 68 */
116 { "mimetype.xattr-name", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 69 */
117 { "server.listen-backlog", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_CONNECTION }, /* 70 */
118 { "server.error-handler-404", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 71 */
119 { "server.http-parseopt-header-strict",NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 72 */
120 { "server.http-parseopt-host-strict", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 73 */
121 { "server.http-parseopt-host-normalize",NULL,T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 74 */
122 { "server.bsd-accept-filter", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 75 */
123 { "server.stream-request-body", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 76 */
124 { "server.stream-response-body", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 77 */
125
126 { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
127 };
128
129 /* all T_CONFIG_SCOPE_SERVER options */
130 cv[0].destination = srv->srvconf.bindhost;
131 cv[1].destination = srv->srvconf.errorlog_file;
132 cv[3].destination = srv->srvconf.changeroot;
133 cv[4].destination = srv->srvconf.username;
134 cv[5].destination = srv->srvconf.groupname;
135 cv[6].destination = &(srv->srvconf.port);
136 cv[9].destination = srv->srvconf.modules;
137
138 cv[10].destination = srv->srvconf.event_handler;
139 cv[11].destination = srv->srvconf.pid_file;
140 cv[13].destination = &(srv->srvconf.max_worker);
141
142 cv[23].destination = &(srv->srvconf.max_fds);
143
144 cv[37].destination = &(srv->srvconf.log_request_header_on_error);
145 cv[38].destination = &(srv->srvconf.log_state_handling);
146
147 cv[40].destination = &(srv->srvconf.errorlog_use_syslog);
148 stat_cache_string = buffer_init();
149 cv[42].destination = stat_cache_string;
150 cv[43].destination = &(srv->srvconf.max_conns);
151 cv[44].destination = srv->srvconf.network_backend;
152 cv[45].destination = srv->srvconf.upload_tempdirs;
153 cv[46].destination = &(srv->srvconf.enable_cores);
154
155 cv[52].destination = &(srv->srvconf.reject_expect_100_with_417);
156 cv[55].destination = srv->srvconf.breakagelog_file;
157
158 cv[68].destination = &(srv->srvconf.upload_temp_file_size);
159 cv[69].destination = srv->srvconf.xattr_name;
160 cv[72].destination = &(srv->srvconf.http_header_strict);
161 cv[73].destination = &(srv->srvconf.http_host_strict);
162 cv[74].destination = &(srv->srvconf.http_host_normalize);
163
164 srv->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
165
166 force_assert(srv->config_storage);
167
168 for (i = 0; i < srv->config_context->used; i++) {
169 data_config const* config = (data_config const*)srv->config_context->data[i];
170 specific_config *s;
171
172 s = calloc(1, sizeof(specific_config));
173 force_assert(s);
174 s->document_root = buffer_init();
175 s->mimetypes = array_init();
176 s->server_name = buffer_init();
177 s->ssl_pemfile = buffer_init();
178 s->ssl_ca_file = buffer_init();
179 s->error_handler = buffer_init();
180 s->error_handler_404 = buffer_init();
181 s->server_tag = buffer_init_string(PACKAGE_DESC);
182 s->ssl_cipher_list = buffer_init();
183 s->ssl_dh_file = buffer_init();
184 s->ssl_ec_curve = buffer_init();
185 s->errorfile_prefix = buffer_init();
186 #if defined(__FreeBSD__) || defined(__NetBSD__) \
187 || defined(__OpenBSD__) || defined(__DragonFly__)
188 s->bsd_accept_filter = (i == 0)
189 ? buffer_init()
190 : buffer_init_buffer(srv->config_storage[0]->bsd_accept_filter);
191 #endif
192 s->max_keep_alive_requests = 16;
193 s->max_keep_alive_idle = 5;
194 s->max_read_idle = 60;
195 s->max_write_idle = 360;
196 s->max_request_size = 0;
197 s->use_xattr = 0;
198 s->ssl_enabled = 0;
199 s->ssl_honor_cipher_order = 1;
200 s->ssl_empty_fragments = 0;
201 s->ssl_use_sslv2 = 0;
202 s->ssl_use_sslv3 = 0;
203 s->use_ipv6 = (i == 0) ? 0 : srv->config_storage[0]->use_ipv6;
204 s->set_v6only = (i == 0) ? 1 : srv->config_storage[0]->set_v6only;
205 s->defer_accept = (i == 0) ? 0 : srv->config_storage[0]->defer_accept;
206 #ifdef HAVE_LSTAT
207 s->follow_symlink = 1;
208 #endif
209 s->kbytes_per_second = 0;
210 s->allow_http11 = 1;
211 s->etag_use_inode = 1;
212 s->etag_use_mtime = 1;
213 s->etag_use_size = 1;
214 s->range_requests = 1;
215 s->force_lowercase_filenames = (i == 0) ? 2 : 0; /* we wan't to detect later if user changed this for global section */
216 s->global_kbytes_per_second = 0;
217 s->global_bytes_per_second_cnt = 0;
218 s->global_bytes_per_second_cnt_ptr = &s->global_bytes_per_second_cnt;
219 s->ssl_verifyclient = 0;
220 s->ssl_verifyclient_enforce = 1;
221 s->ssl_verifyclient_username = buffer_init();
222 s->ssl_verifyclient_depth = 9;
223 s->ssl_verifyclient_export_cert = 0;
224 s->ssl_disable_client_renegotiation = 1;
225 s->listen_backlog = (0 == i ? 1024 : srv->config_storage[0]->listen_backlog);
226 s->stream_request_body = 0;
227 s->stream_response_body = 0;
228
229 /* all T_CONFIG_SCOPE_CONNECTION options */
230 cv[2].destination = s->errorfile_prefix;
231 cv[7].destination = s->server_tag;
232 cv[8].destination = &(s->use_ipv6);
233
234 cv[12].destination = &(s->max_request_size);
235 cv[14].destination = s->document_root;
236 cv[15].destination = &(s->force_lowercase_filenames);
237 cv[16].destination = &(s->log_condition_handling);
238 cv[17].destination = &(s->max_keep_alive_requests);
239 cv[18].destination = s->server_name;
240 cv[19].destination = &(s->max_keep_alive_idle);
241
242 cv[20].destination = &(s->max_read_idle);
243 cv[21].destination = &(s->max_write_idle);
244 cv[22].destination = s->error_handler;
245 #ifdef HAVE_LSTAT
246 cv[24].destination = &(s->follow_symlink);
247 #endif
248 cv[25].destination = &(s->global_kbytes_per_second);
249 cv[26].destination = &(s->kbytes_per_second);
250 cv[27].destination = &(s->use_xattr);
251 cv[28].destination = s->mimetypes;
252 cv[29].destination = s->ssl_pemfile;
253
254 cv[30].destination = &(s->ssl_enabled);
255 cv[31].destination = &(s->log_file_not_found);
256 cv[32].destination = &(s->log_request_handling);
257 cv[33].destination = &(s->log_response_header);
258 cv[34].destination = &(s->log_request_header);
259 cv[35].destination = &(s->log_ssl_noise);
260 cv[36].destination = &(s->allow_http11);
261 cv[39].destination = s->ssl_ca_file;
262
263 cv[41].destination = &(s->range_requests);
264 cv[47].destination = s->ssl_cipher_list;
265 cv[48].destination = &(s->ssl_use_sslv2);
266 cv[49].destination = &(s->etag_use_inode);
267
268 cv[50].destination = &(s->etag_use_mtime);
269 cv[51].destination = &(s->etag_use_size);
270 cv[53].destination = &(s->log_timeouts);
271 cv[54].destination = &(s->defer_accept);
272 cv[56].destination = &(s->ssl_verifyclient);
273 cv[57].destination = &(s->ssl_verifyclient_enforce);
274 cv[58].destination = &(s->ssl_verifyclient_depth);
275 cv[59].destination = s->ssl_verifyclient_username;
276
277 cv[60].destination = &(s->ssl_verifyclient_export_cert);
278 cv[61].destination = &(s->set_v6only);
279 cv[62].destination = &(s->ssl_use_sslv3);
280 cv[63].destination = s->ssl_dh_file;
281 cv[64].destination = s->ssl_ec_curve;
282 cv[65].destination = &(s->ssl_disable_client_renegotiation);
283 cv[66].destination = &(s->ssl_honor_cipher_order);
284 cv[67].destination = &(s->ssl_empty_fragments);
285 cv[70].destination = &(s->listen_backlog);
286 cv[71].destination = s->error_handler_404;
287 #if defined(__FreeBSD__) || defined(__NetBSD__) \
288 || defined(__OpenBSD__) || defined(__DragonFly__)
289 cv[75].destination = s->bsd_accept_filter;
290 #endif
291 cv[76].destination = &(s->stream_request_body);
292 cv[77].destination = &(s->stream_response_body);
293
294 srv->config_storage[i] = s;
295
296 if (0 != (ret = config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION))) {
297 break;
298 }
299
300 if (s->stream_request_body & FDEVENT_STREAM_REQUEST_BUFMIN) {
301 s->stream_request_body |= FDEVENT_STREAM_REQUEST;
302 }
303 if (s->stream_response_body & FDEVENT_STREAM_RESPONSE_BUFMIN) {
304 s->stream_response_body |= FDEVENT_STREAM_RESPONSE;
305 }
306 }
307
308 {
309 specific_config *s = srv->config_storage[0];
310 s->http_parseopts= /*(global, but stored in con->conf.http_parseopts)*/
311 (srv->srvconf.http_header_strict ?(HTTP_PARSEOPT_HEADER_STRICT) :0)
312 |(srv->srvconf.http_host_strict ?(HTTP_PARSEOPT_HOST_STRICT
313 |HTTP_PARSEOPT_HOST_NORMALIZE):0)
314 |(srv->srvconf.http_host_normalize ?(HTTP_PARSEOPT_HOST_NORMALIZE):0);
315 }
316
317 if (buffer_string_is_empty(stat_cache_string)) {
318 srv->srvconf.stat_cache_engine = STAT_CACHE_ENGINE_SIMPLE;
319 } else if (buffer_is_equal_string(stat_cache_string, CONST_STR_LEN("simple"))) {
320 srv->srvconf.stat_cache_engine = STAT_CACHE_ENGINE_SIMPLE;
321 #ifdef HAVE_FAM_H
322 } else if (buffer_is_equal_string(stat_cache_string, CONST_STR_LEN("fam"))) {
323 srv->srvconf.stat_cache_engine = STAT_CACHE_ENGINE_FAM;
324 #endif
325 } else if (buffer_is_equal_string(stat_cache_string, CONST_STR_LEN("disable"))) {
326 srv->srvconf.stat_cache_engine = STAT_CACHE_ENGINE_NONE;
327 } else {
328 log_error_write(srv, __FILE__, __LINE__, "sb",
329 "server.stat-cache-engine can be one of \"disable\", \"simple\","
330 #ifdef HAVE_FAM_H
331 " \"fam\","
332 #endif
333 " but not:", stat_cache_string);
334 ret = HANDLER_ERROR;
335 }
336
337 buffer_free(stat_cache_string);
338
339 {
340 data_string *ds;
341 int prepend_mod_indexfile = 1;
342 int append_mod_dirlisting = 1;
343 int append_mod_staticfile = 1;
344 int append_mod_authn_file = 1;
345 int append_mod_authn_ldap = 1;
346 int append_mod_authn_mysql = 1;
347 int contains_mod_auth = 0;
348
349 /* prepend default modules */
350 for (i = 0; i < srv->srvconf.modules->used; i++) {
351 ds = (data_string *)srv->srvconf.modules->data[i];
352
353 if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_indexfile"))) {
354 prepend_mod_indexfile = 0;
355 }
356
357 if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_staticfile"))) {
358 append_mod_staticfile = 0;
359 }
360
361 if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_dirlisting"))) {
362 append_mod_dirlisting = 0;
363 }
364
365 if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_authn_file"))) {
366 append_mod_authn_file = 0;
367 }
368
369 if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_authn_ldap"))) {
370 append_mod_authn_ldap = 0;
371 }
372
373 if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_authn_mysql"))) {
374 append_mod_authn_mysql = 0;
375 }
376
377 if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_auth"))) {
378 contains_mod_auth = 1;
379 }
380
381 if (0 == prepend_mod_indexfile &&
382 0 == append_mod_dirlisting &&
383 0 == append_mod_staticfile &&
384 0 == append_mod_authn_file &&
385 0 == append_mod_authn_ldap &&
386 0 == append_mod_authn_mysql &&
387 1 == contains_mod_auth) {
388 break;
389 }
390 }
391
392 if (prepend_mod_indexfile) {
393 /* mod_indexfile has to be loaded before mod_fastcgi and friends */
394 array *modules = array_init();
395
396 ds = data_string_init();
397 buffer_copy_string_len(ds->value, CONST_STR_LEN("mod_indexfile"));
398 array_insert_unique(modules, (data_unset *)ds);
399
400 for (i = 0; i < srv->srvconf.modules->used; i++) {
401 data_unset *du = srv->srvconf.modules->data[i];
402 array_insert_unique(modules, du->copy(du));
403 }
404
405 array_free(srv->srvconf.modules);
406 srv->srvconf.modules = modules;
407 }
408
409 /* append default modules */
410 if (append_mod_dirlisting) {
411 ds = data_string_init();
412 buffer_copy_string_len(ds->value, CONST_STR_LEN("mod_dirlisting"));
413 array_insert_unique(srv->srvconf.modules, (data_unset *)ds);
414 }
415
416 if (append_mod_staticfile) {
417 ds = data_string_init();
418 buffer_copy_string_len(ds->value, CONST_STR_LEN("mod_staticfile"));
419 array_insert_unique(srv->srvconf.modules, (data_unset *)ds);
420 }
421
422 /* mod_auth.c,http_auth.c auth backends were split into separate modules
423 * Automatically load auth backend modules for compatibility with
424 * existing lighttpd 1.4.x configs */
425 if (contains_mod_auth) {
426 if (append_mod_authn_file) {
427 ds = data_string_init();
428 buffer_copy_string_len(ds->value, CONST_STR_LEN("mod_authn_file"));
429 array_insert_unique(srv->srvconf.modules, (data_unset *)ds);
430 }
431 if (append_mod_authn_ldap) {
432 #if defined(HAVE_LDAP_H) && defined(HAVE_LBER_H) && defined(HAVE_LIBLDAP) && defined(HAVE_LIBLBER)
433 ds = data_string_init();
434 buffer_copy_string_len(ds->value, CONST_STR_LEN("mod_authn_ldap"));
435 array_insert_unique(srv->srvconf.modules, (data_unset *)ds);
436 #endif
437 }
438 if (append_mod_authn_mysql) {
439 #if defined(HAVE_MYSQL)
440 ds = data_string_init();
441 buffer_copy_string_len(ds->value, CONST_STR_LEN("mod_authn_mysql"));
442 array_insert_unique(srv->srvconf.modules, (data_unset *)ds);
443 #endif
444 }
445 }
446 }
447
448 return ret;
449
450 }
451
452
453 #define PATCH(x) con->conf.x = s->x
454 int config_setup_connection(server *srv, connection *con) {
455 specific_config *s = srv->config_storage[0];
456
457 PATCH(http_parseopts);
458
459 PATCH(allow_http11);
460 PATCH(mimetypes);
461 PATCH(document_root);
462 PATCH(high_precision_timestamps);
463 PATCH(max_keep_alive_requests);
464 PATCH(max_keep_alive_idle);
465 PATCH(max_read_idle);
466 PATCH(max_write_idle);
467 PATCH(max_request_size);
468 PATCH(use_xattr);
469 PATCH(error_handler);
470 PATCH(error_handler_404);
471 PATCH(errorfile_prefix);
472 #ifdef HAVE_LSTAT
473 PATCH(follow_symlink);
474 #endif
475 PATCH(server_tag);
476 PATCH(kbytes_per_second);
477 PATCH(global_kbytes_per_second);
478 PATCH(global_bytes_per_second_cnt);
479
480 con->conf.global_bytes_per_second_cnt_ptr = &s->global_bytes_per_second_cnt;
481 buffer_copy_buffer(con->server_name, s->server_name);
482
483 PATCH(log_request_header);
484 PATCH(log_response_header);
485 PATCH(log_request_handling);
486 PATCH(log_condition_handling);
487 PATCH(log_file_not_found);
488 PATCH(log_ssl_noise);
489 PATCH(log_timeouts);
490
491 PATCH(range_requests);
492 PATCH(force_lowercase_filenames);
493 /*PATCH(listen_backlog);*//*(not necessary; used only at startup)*/
494 PATCH(stream_request_body);
495 PATCH(stream_response_body);
496
497 PATCH(ssl_enabled);
498
499 PATCH(ssl_pemfile);
500 #ifdef USE_OPENSSL
501 PATCH(ssl_pemfile_x509);
502 PATCH(ssl_pemfile_pkey);
503 #endif
504 PATCH(ssl_ca_file);
505 #ifdef USE_OPENSSL
506 PATCH(ssl_ca_file_cert_names);
507 #endif
508 PATCH(ssl_cipher_list);
509 PATCH(ssl_dh_file);
510 PATCH(ssl_ec_curve);
511 PATCH(ssl_honor_cipher_order);
512 PATCH(ssl_empty_fragments);
513 PATCH(ssl_use_sslv2);
514 PATCH(ssl_use_sslv3);
515 PATCH(etag_use_inode);
516 PATCH(etag_use_mtime);
517 PATCH(etag_use_size);
518
519 PATCH(ssl_verifyclient);
520 PATCH(ssl_verifyclient_enforce);
521 PATCH(ssl_verifyclient_depth);
522 PATCH(ssl_verifyclient_username);
523 PATCH(ssl_verifyclient_export_cert);
524 PATCH(ssl_disable_client_renegotiation);
525
526 return 0;
527 }
528
529 int config_patch_connection(server *srv, connection *con) {
530 size_t i, j;
531
532 /* skip the first, the global context */
533 for (i = 1; i < srv->config_context->used; i++) {
534 data_config *dc = (data_config *)srv->config_context->data[i];
535 specific_config *s = srv->config_storage[i];
536
537 /* condition didn't match */
538 if (!config_check_cond(srv, con, dc)) continue;
539
540 /* merge config */
541 for (j = 0; j < dc->value->used; j++) {
542 data_unset *du = dc->value->data[j];
543
544 if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.document-root"))) {
545 PATCH(document_root);
546 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.range-requests"))) {
547 PATCH(range_requests);
548 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.error-handler"))) {
549 PATCH(error_handler);
550 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.error-handler-404"))) {
551 PATCH(error_handler_404);
552 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.errorfile-prefix"))) {
553 PATCH(errorfile_prefix);
554 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("mimetype.assign"))) {
555 PATCH(mimetypes);
556 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.max-keep-alive-requests"))) {
557 PATCH(max_keep_alive_requests);
558 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.max-keep-alive-idle"))) {
559 PATCH(max_keep_alive_idle);
560 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.max-write-idle"))) {
561 PATCH(max_write_idle);
562 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.max-read-idle"))) {
563 PATCH(max_read_idle);
564 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.max-request-size"))) {
565 PATCH(max_request_size);
566 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("mimetype.use-xattr"))) {
567 PATCH(use_xattr);
568 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("etag.use-inode"))) {
569 PATCH(etag_use_inode);
570 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("etag.use-mtime"))) {
571 PATCH(etag_use_mtime);
572 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("etag.use-size"))) {
573 PATCH(etag_use_size);
574 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.pemfile"))) {
575 PATCH(ssl_pemfile);
576 #ifdef USE_OPENSSL
577 PATCH(ssl_pemfile_x509);
578 PATCH(ssl_pemfile_pkey);
579 #endif
580 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.ca-file"))) {
581 PATCH(ssl_ca_file);
582 #ifdef USE_OPENSSL
583 PATCH(ssl_ca_file_cert_names);
584 #endif
585 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.honor-cipher-order"))) {
586 PATCH(ssl_honor_cipher_order);
587 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.empty-fragments"))) {
588 PATCH(ssl_empty_fragments);
589 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.use-sslv2"))) {
590 PATCH(ssl_use_sslv2);
591 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.use-sslv3"))) {
592 PATCH(ssl_use_sslv3);
593 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.cipher-list"))) {
594 PATCH(ssl_cipher_list);
595 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.engine"))) {
596 PATCH(ssl_enabled);
597 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.dh-file"))) {
598 PATCH(ssl_dh_file);
599 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.ec-curve"))) {
600 PATCH(ssl_ec_curve);
601 #ifdef HAVE_LSTAT
602 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.follow-symlink"))) {
603 PATCH(follow_symlink);
604 #endif
605 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.name"))) {
606 buffer_copy_buffer(con->server_name, s->server_name);
607 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.tag"))) {
608 PATCH(server_tag);
609 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.stream-request-body"))) {
610 PATCH(stream_request_body);
611 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.stream-response-body"))) {
612 PATCH(stream_response_body);
613 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("connection.kbytes-per-second"))) {
614 PATCH(kbytes_per_second);
615 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-request-handling"))) {
616 PATCH(log_request_handling);
617 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-request-header"))) {
618 PATCH(log_request_header);
619 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-response-header"))) {
620 PATCH(log_response_header);
621 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-condition-handling"))) {
622 PATCH(log_condition_handling);
623 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-file-not-found"))) {
624 PATCH(log_file_not_found);
625 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-ssl-noise"))) {
626 PATCH(log_ssl_noise);
627 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-timeouts"))) {
628 PATCH(log_timeouts);
629 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.protocol-http11"))) {
630 PATCH(allow_http11);
631 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.force-lowercase-filenames"))) {
632 PATCH(force_lowercase_filenames);
633 #if 0 /*(not necessary; used only at startup)*/
634 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.listen-backlog"))) {
635 PATCH(listen_backlog);
636 #endif
637 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.kbytes-per-second"))) {
638 PATCH(global_kbytes_per_second);
639 PATCH(global_bytes_per_second_cnt);
640 con->conf.global_bytes_per_second_cnt_ptr = &s->global_bytes_per_second_cnt;
641 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.activate"))) {
642 PATCH(ssl_verifyclient);
643 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.enforce"))) {
644 PATCH(ssl_verifyclient_enforce);
645 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.depth"))) {
646 PATCH(ssl_verifyclient_depth);
647 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.username"))) {
648 PATCH(ssl_verifyclient_username);
649 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.exportcert"))) {
650 PATCH(ssl_verifyclient_export_cert);
651 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.disable-client-renegotiation"))) {
652 PATCH(ssl_disable_client_renegotiation);
653 }
654 }
655 }
656
657 con->etag_flags = (con->conf.etag_use_mtime ? ETAG_USE_MTIME : 0) |
658 (con->conf.etag_use_inode ? ETAG_USE_INODE : 0) |
659 (con->conf.etag_use_size ? ETAG_USE_SIZE : 0);
660
661 return 0;
662 }
663 #undef PATCH
664
665 typedef struct {
666 int foo;
667 int bar;
668
669 const buffer *source;
670 const char *input;
671 size_t offset;
672 size_t size;
673
674 int line_pos;
675 int line;
676
677 int in_key;
678 int in_brace;
679 int in_cond;
680 } tokenizer_t;
681
682 #if 0
683 static int tokenizer_open(server *srv, tokenizer_t *t, buffer *basedir, const char *fn) {
684 if (buffer_string_is_empty(basedir) ||
685 (fn[0] == '/' || fn[0] == '\\') ||
686 (fn[0] == '.' && (fn[1] == '/' || fn[1] == '\\'))) {
687 t->file = buffer_init_string(fn);
688 } else {
689 t->file = buffer_init_buffer(basedir);
690 buffer_append_string(t->file, fn);
691 }
692
693 if (0 != stream_open(&(t->s), t->file)) {
694 log_error_write(srv, __FILE__, __LINE__, "sbss",
695 "opening configfile ", t->file, "failed:", strerror(errno));
696 buffer_free(t->file);
697 return -1;
698 }
699
700 t->input = t->s.start;
701 t->offset = 0;
702 t->size = t->s.size;
703 t->line = 1;
704 t->line_pos = 1;
705
706 t->in_key = 1;
707 t->in_brace = 0;
708 t->in_cond = 0;
709 return 0;
710 }
711
712 static int tokenizer_close(server *srv, tokenizer_t *t) {
713 UNUSED(srv);
714
715 buffer_free(t->file);
716 return stream_close(&(t->s));
717 }
718 #endif
719 static int config_skip_newline(tokenizer_t *t) {
720 int skipped = 1;
721 force_assert(t->input[t->offset] == '\r' || t->input[t->offset] == '\n');
722 if (t->input[t->offset] == '\r' && t->input[t->offset + 1] == '\n') {
723 skipped ++;
724 t->offset ++;
725 }
726 t->offset ++;
727 return skipped;
728 }
729
730 static int config_skip_comment(tokenizer_t *t) {
731 int i;
732 force_assert(t->input[t->offset] == '#');
733 for (i = 1; t->input[t->offset + i] &&
734 (t->input[t->offset + i] != '\n' && t->input[t->offset + i] != '\r');
735 i++);
736 t->offset += i;
737 return i;
738 }
739
740 static int config_tokenizer(server *srv, tokenizer_t *t, int *token_id, buffer *token) {
741 int tid = 0;
742 size_t i;
743
744 for (tid = 0; tid == 0 && t->offset < t->size && t->input[t->offset] ; ) {
745 char c = t->input[t->offset];
746 const char *start = NULL;
747
748 switch (c) {
749 case '=':
750 if (t->in_brace) {
751 if (t->input[t->offset + 1] == '>') {
752 t->offset += 2;
753
754 buffer_copy_string_len(token, CONST_STR_LEN("=>"));
755
756 tid = TK_ARRAY_ASSIGN;
757 } else {
758 log_error_write(srv, __FILE__, __LINE__, "sbsdsds",
759 "source:", t->source,
760 "line:", t->line, "pos:", t->line_pos,
761 "use => for assignments in arrays");
762 return -1;
763 }
764 } else if (t->in_cond) {
765 if (t->input[t->offset + 1] == '=') {
766 t->offset += 2;
767
768 buffer_copy_string_len(token, CONST_STR_LEN("=="));
769
770 tid = TK_EQ;
771 } else if (t->input[t->offset + 1] == '~') {
772 t->offset += 2;
773
774 buffer_copy_string_len(token, CONST_STR_LEN("=~"));
775
776 tid = TK_MATCH;
777 } else {
778 log_error_write(srv, __FILE__, __LINE__, "sbsdsds",
779 "source:", t->source,
780 "line:", t->line, "pos:", t->line_pos,
781 "only =~ and == are allowed in the condition");
782 return -1;
783 }
784 t->in_key = 1;
785 t->in_cond = 0;
786 } else if (t->in_key) {
787 tid = TK_ASSIGN;
788
789 buffer_copy_string_len(token, t->input + t->offset, 1);
790
791 t->offset++;
792 t->line_pos++;
793 } else {
794 log_error_write(srv, __FILE__, __LINE__, "sbsdsds",
795 "source:", t->source,
796 "line:", t->line, "pos:", t->line_pos,
797 "unexpected equal-sign: =");
798 return -1;
799 }
800
801 break;
802 case '!':
803 if (t->in_cond) {
804 if (t->input[t->offset + 1] == '=') {
805 t->offset += 2;
806
807 buffer_copy_string_len(token, CONST_STR_LEN("!="));
808
809 tid = TK_NE;
810 } else if (t->input[t->offset + 1] == '~') {
811 t->offset += 2;
812
813 buffer_copy_string_len(token, CONST_STR_LEN("!~"));
814
815 tid = TK_NOMATCH;
816 } else {
817 log_error_write(srv, __FILE__, __LINE__, "sbsdsds",
818 "source:", t->source,
819 "line:", t->line, "pos:", t->line_pos,
820 "only !~ and != are allowed in the condition");
821 return -1;
822 }
823 t->in_key = 1;
824 t->in_cond = 0;
825 } else {
826 log_error_write(srv, __FILE__, __LINE__, "sbsdsds",
827 "source:", t->source,
828 "line:", t->line, "pos:", t->line_pos,
829 "unexpected exclamation-marks: !");
830 return -1;
831 }
832
833 break;
834 case '\t':
835 case ' ':
836 t->offset++;
837 t->line_pos++;
838 break;
839 case '\n':
840 case '\r':
841 if (t->in_brace == 0) {
842 int done = 0;
843 while (!done && t->offset < t->size) {
844 switch (t->input[t->offset]) {
845 case '\r':
846 case '\n':
847 config_skip_newline(t);
848 t->line_pos = 1;
849 t->line++;
850 break;
851
852 case '#':
853 t->line_pos += config_skip_comment(t);
854 break;
855
856 case '\t':
857 case ' ':
858 t->offset++;
859 t->line_pos++;
860 break;
861
862 default:
863 done = 1;
864 }
865 }
866 t->in_key = 1;
867 tid = TK_EOL;
868 buffer_copy_string_len(token, CONST_STR_LEN("(EOL)"));
869 } else {
870 config_skip_newline(t);
871 t->line_pos = 1;
872 t->line++;
873 }
874 break;
875 case ',':
876 if (t->in_brace > 0) {
877 tid = TK_COMMA;
878
879 buffer_copy_string_len(token, CONST_STR_LEN("(COMMA)"));
880 }
881
882 t->offset++;
883 t->line_pos++;
884 break;
885 case '"':
886 /* search for the terminating " */
887 start = t->input + t->offset + 1;
888 buffer_copy_string_len(token, CONST_STR_LEN(""));
889
890 for (i = 1; t->input[t->offset + i]; i++) {
891 if (t->input[t->offset + i] == '\\' &&
892 t->input[t->offset + i + 1] == '"') {
893
894 buffer_append_string_len(token, start, t->input + t->offset + i - start);
895
896 start = t->input + t->offset + i + 1;
897
898 /* skip the " */
899 i++;
900 continue;
901 }
902
903
904 if (t->input[t->offset + i] == '"') {
905 tid = TK_STRING;
906
907 buffer_append_string_len(token, start, t->input + t->offset + i - start);
908
909 break;
910 }
911 }
912
913 if (t->input[t->offset + i] == '\0') {
914 /* ERROR */
915
916 log_error_write(srv, __FILE__, __LINE__, "sbsdsds",
917 "source:", t->source,
918 "line:", t->line, "pos:", t->line_pos,
919 "missing closing quote");
920
921 return -1;
922 }
923
924 t->offset += i + 1;
925 t->line_pos += i + 1;
926
927 break;
928 case '(':
929 t->offset++;
930 t->in_brace++;
931
932 tid = TK_LPARAN;
933
934 buffer_copy_string_len(token, CONST_STR_LEN("("));
935 break;
936 case ')':
937 t->offset++;
938 t->in_brace--;
939
940 tid = TK_RPARAN;
941
942 buffer_copy_string_len(token, CONST_STR_LEN(")"));
943 break;
944 case '$':
945 t->offset++;
946
947 tid = TK_DOLLAR;
948 t->in_cond = 1;
949 t->in_key = 0;
950
951 buffer_copy_string_len(token, CONST_STR_LEN("$"));
952
953 break;
954
955 case '+':
956 if (t->input[t->offset + 1] == '=') {
957 t->offset += 2;
958 buffer_copy_string_len(token, CONST_STR_LEN("+="));
959 tid = TK_APPEND;
960 } else {
961 t->offset++;
962 tid = TK_PLUS;
963 buffer_copy_string_len(token, CONST_STR_LEN("+"));
964 }
965 break;
966
967 case '{':
968 t->offset++;
969
970 tid = TK_LCURLY;
971
972 buffer_copy_string_len(token, CONST_STR_LEN("{"));
973
974 break;
975
976 case '}':
977 t->offset++;
978
979 tid = TK_RCURLY;
980
981 buffer_copy_string_len(token, CONST_STR_LEN("}"));
982
983 break;
984
985 case '[':
986 t->offset++;
987
988 tid = TK_LBRACKET;
989
990 buffer_copy_string_len(token, CONST_STR_LEN("["));
991
992 break;
993
994 case ']':
995 t->offset++;
996
997 tid = TK_RBRACKET;
998
999 buffer_copy_string_len(token, CONST_STR_LEN("]"));
1000
1001 break;
1002 case '#':
1003 t->line_pos += config_skip_comment(t);
1004
1005 break;
1006 default:
1007 if (t->in_cond) {
1008 for (i = 0; t->input[t->offset + i] &&
1009 (isalpha((unsigned char)t->input[t->offset + i])
1010 ); i++);
1011
1012 if (i && t->input[t->offset + i]) {
1013 tid = TK_SRVVARNAME;
1014 buffer_copy_string_len(token, t->input + t->offset, i);
1015
1016 t->offset += i;
1017 t->line_pos += i;
1018 } else {
1019 /* ERROR */
1020 log_error_write(srv, __FILE__, __LINE__, "sbsdsds",
1021 "source:", t->source,
1022 "line:", t->line, "pos:", t->line_pos,
1023 "invalid character in condition");
1024 return -1;
1025 }
1026 } else if (isdigit((unsigned char)c)) {
1027 /* take all digits */
1028 for (i = 0; t->input[t->offset + i] && isdigit((unsigned char)t->input[t->offset + i]); i++);
1029
1030 /* was there it least a digit ? */
1031 if (i) {
1032 tid = TK_INTEGER;
1033
1034 buffer_copy_string_len(token, t->input + t->offset, i);
1035
1036 t->offset += i;
1037 t->line_pos += i;
1038 }
1039 } else {
1040 /* the key might consist of [-.0-9a-z] */
1041 for (i = 0; t->input[t->offset + i] &&
1042 (isalnum((unsigned char)t->input[t->offset + i]) ||
1043 t->input[t->offset + i] == '.' ||
1044 t->input[t->offset + i] == '_' || /* for env.* */
1045 t->input[t->offset + i] == '-'
1046 ); i++);
1047
1048 if (i && t->input[t->offset + i]) {
1049 buffer_copy_string_len(token, t->input + t->offset, i);
1050
1051 if (strcmp(token->ptr, "include") == 0) {
1052 tid = TK_INCLUDE;
1053 } else if (strcmp(token->ptr, "include_shell") == 0) {
1054 tid = TK_INCLUDE_SHELL;
1055 } else if (strcmp(token->ptr, "global") == 0) {
1056 tid = TK_GLOBAL;
1057 } else if (strcmp(token->ptr, "else") == 0) {
1058 tid = TK_ELSE;
1059 } else {
1060 tid = TK_LKEY;
1061 }
1062
1063 t->offset += i;
1064 t->line_pos += i;
1065 } else {
1066 /* ERROR */
1067 log_error_write(srv, __FILE__, __LINE__, "sbsdsds",
1068 "source:", t->source,
1069 "line:", t->line, "pos:", t->line_pos,
1070 "invalid character in variable name");
1071 return -1;
1072 }
1073 }
1074 break;
1075 }
1076 }
1077
1078 if (tid) {
1079 *token_id = tid;
1080 #if 0
1081 log_error_write(srv, __FILE__, __LINE__, "sbsdsdbdd",
1082 "source:", t->source,
1083 "line:", t->line, "pos:", t->line_pos,
1084 token, token->used - 1, tid);
1085 #endif
1086
1087 return 1;
1088 } else if (t->offset < t->size) {
1089 fprintf(stderr, "%s.%d: %d, %s\n",
1090 __FILE__, __LINE__,
1091 tid, token->ptr);
1092 }
1093 return 0;
1094 }
1095
1096 static int config_parse(server *srv, config_t *context, tokenizer_t *t) {
1097 void *pParser;
1098 int token_id;
1099 buffer *token, *lasttoken;
1100 int ret;
1101
1102 pParser = configparserAlloc( malloc );
1103 force_assert(pParser);
1104 lasttoken = buffer_init();
1105 token = buffer_init();
1106 while((1 == (ret = config_tokenizer(srv, t, &token_id, token))) && context->ok) {
1107 buffer_copy_buffer(lasttoken, token);
1108 configparser(pParser, token_id, token, context);
1109
1110 token = buffer_init();
1111 }
1112 buffer_free(token);
1113
1114 if (ret != -1 && context->ok) {
1115 /* add an EOL at EOF, better than say sorry */
1116 configparser(pParser, TK_EOL, buffer_init_string("(EOL)"), context);
1117 if (context->ok) {
1118 configparser(pParser, 0, NULL, context);
1119 }
1120 }
1121 configparserFree(pParser, free);
1122
1123 if (ret == -1) {
1124 log_error_write(srv, __FILE__, __LINE__, "sb",
1125 "configfile parser failed at:", lasttoken);
1126 } else if (context->ok == 0) {
1127 log_error_write(srv, __FILE__, __LINE__, "sbsdsdsb",
1128 "source:", t->source,
1129 "line:", t->line, "pos:", t->line_pos,
1130 "parser failed somehow near here:", lasttoken);
1131 ret = -1;
1132 }
1133 buffer_free(lasttoken);
1134
1135 return ret == -1 ? -1 : 0;
1136 }
1137
1138 static int tokenizer_init(tokenizer_t *t, const buffer *source, const char *input, size_t size) {
1139
1140 t->source = source;
1141 t->input = input;
1142 t->size = size;
1143 t->offset = 0;
1144 t->line = 1;
1145 t->line_pos = 1;
1146
1147 t->in_key = 1;
1148 t->in_brace = 0;
1149 t->in_cond = 0;
1150 return 0;
1151 }
1152
1153 static int config_parse_file_stream(server *srv, config_t *context, const buffer *filename) {
1154 tokenizer_t t;
1155 stream s;
1156 int ret;
1157
1158 if (0 != stream_open(&s, filename)) {
1159 log_error_write(srv, __FILE__, __LINE__, "sbss",
1160 "opening configfile ", filename, "failed:", strerror(errno));
1161 return -1;
1162 } else {
1163 tokenizer_init(&t, filename, s.start, s.size);
1164 ret = config_parse(srv, context, &t);
1165 }
1166
1167 stream_close(&s);
1168 return ret;
1169 }
1170
1171 int config_parse_file(server *srv, config_t *context, const char *fn) {
1172 buffer *filename;
1173 size_t i;
1174 int ret = -1;
1175 #ifdef GLOB_BRACE
1176 int flags = GLOB_BRACE;
1177 #else
1178 int flags = 0;
1179 #endif
1180 glob_t gl;
1181
1182 if ((fn[0] == '/' || fn[0] == '\\') ||
1183 (fn[0] == '.' && (fn[1] == '/' || fn[1] == '\\')) ||
1184 (fn[0] == '.' && fn[1] == '.' && (fn[2] == '/' || fn[2] == '\\'))) {
1185 filename = buffer_init_string(fn);
1186 } else {
1187 filename = buffer_init_buffer(context->basedir);
1188 buffer_append_string(filename, fn);
1189 }
1190
1191 switch (glob(filename->ptr, flags, NULL, &gl)) {
1192 case 0:
1193 for (i = 0; i < gl.gl_pathc; ++i) {
1194 buffer_copy_string(filename, gl.gl_pathv[i]);
1195 ret = config_parse_file_stream(srv, context, filename);
1196 if (0 != ret) break;
1197 }
1198 globfree(&gl);
1199 break;
1200 case GLOB_NOMATCH:
1201 if (filename->ptr[strcspn(filename->ptr, "*?[]{}")] != '\0') { /*(contains glob metachars)*/
1202 ret = 0; /* not an error if no files match glob pattern */
1203 }
1204 else {
1205 log_error_write(srv, __FILE__, __LINE__, "sb", "include file not found: ", filename);
1206 }
1207 break;
1208 case GLOB_ABORTED:
1209 case GLOB_NOSPACE:
1210 log_error_write(srv, __FILE__, __LINE__, "sbss", "glob()", filename, "failed:", strerror(errno));
1211 break;
1212 }
1213
1214 buffer_free(filename);
1215 return ret;
1216 }
1217
1218 static char* getCWD(void) {
1219 char *s, *s1;
1220 size_t len;
1221 #ifdef PATH_MAX
1222 len = PATH_MAX;
1223 #else
1224 len = 4096;
1225 #endif
1226
1227 s = malloc(len);
1228 if (!s) return NULL;
1229 while (NULL == getcwd(s, len)) {
1230 if (errno != ERANGE || SSIZE_MAX - len < len) {
1231 free(s);
1232 return NULL;
1233 }
1234 len *= 2;
1235 s1 = realloc(s, len);
1236 if (!s1) {
1237 free(s);
1238 return NULL;
1239 }
1240 s = s1;
1241 }
1242 return s;
1243 }
1244
1245 int config_parse_cmd(server *srv, config_t *context, const char *cmd) {
1246 tokenizer_t t;
1247 int ret;
1248 buffer *source;
1249 buffer *out;
1250 char *oldpwd;
1251
1252 if (NULL == (oldpwd = getCWD())) {
1253 log_error_write(srv, __FILE__, __LINE__, "s",
1254 "cannot get cwd", strerror(errno));
1255 return -1;
1256 }
1257
1258 if (!buffer_string_is_empty(context->basedir)) {
1259 if (0 != chdir(context->basedir->ptr)) {
1260 log_error_write(srv, __FILE__, __LINE__, "sbs",
1261 "cannot change directory to", context->basedir, strerror(errno));
1262 free(oldpwd);
1263 return -1;
1264 }
1265 }
1266
1267 source = buffer_init_string(cmd);
1268 out = buffer_init();
1269
1270 if (0 != proc_open_buffer(cmd, NULL, out, NULL)) {
1271 log_error_write(srv, __FILE__, __LINE__, "sbss",
1272 "opening", source, "failed:", strerror(errno));
1273 ret = -1;
1274 } else {
1275 tokenizer_init(&t, source, CONST_BUF_LEN(out));
1276 ret = config_parse(srv, context, &t);
1277 }
1278
1279 buffer_free(source);
1280 buffer_free(out);
1281 if (0 != chdir(oldpwd)) {
1282 log_error_write(srv, __FILE__, __LINE__, "sss",
1283 "cannot change directory to", oldpwd, strerror(errno));
1284 free(oldpwd);
1285 return -1;
1286 }
1287 free(oldpwd);
1288 return ret;
1289 }
1290
1291 static void context_init(server *srv, config_t *context) {
1292 context->srv = srv;
1293 context->ok = 1;
1294 vector_config_weak_init(&context->configs_stack);
1295 context->basedir = buffer_init();
1296 }
1297
1298 static void context_free(config_t *context) {
1299 vector_config_weak_clear(&context->configs_stack);
1300 buffer_free(context->basedir);
1301 }
1302
1303 int config_read(server *srv, const char *fn) {
1304 config_t context;
1305 data_config *dc;
1306 data_integer *dpid;
1307 data_string *dcwd;
1308 int ret;
1309 char *pos;
1310 buffer *filename;
1311
1312 context_init(srv, &context);
1313 context.all_configs = srv->config_context;
1314
1315 #ifdef __WIN32
1316 pos = strrchr(fn, '\\');
1317 #else
1318 pos = strrchr(fn, '/');
1319 #endif
1320 if (pos) {
1321 buffer_copy_string_len(context.basedir, fn, pos - fn + 1);
1322 }
1323
1324 dc = data_config_init();
1325 buffer_copy_string_len(dc->key, CONST_STR_LEN("global"));
1326
1327 force_assert(context.all_configs->used == 0);
1328 dc->context_ndx = context.all_configs->used;
1329 array_insert_unique(context.all_configs, (data_unset *)dc);
1330 context.current = dc;
1331
1332 /* default context */
1333 dpid = data_integer_init();
1334 dpid->value = getpid();
1335 buffer_copy_string_len(dpid->key, CONST_STR_LEN("var.PID"));
1336 array_insert_unique(dc->value, (data_unset *)dpid);
1337
1338 dcwd = data_string_init();
1339 buffer_string_prepare_copy(dcwd->value, 1023);
1340 if (NULL != getcwd(dcwd->value->ptr, dcwd->value->size - 1)) {
1341 buffer_commit(dcwd->value, strlen(dcwd->value->ptr));
1342 buffer_copy_string_len(dcwd->key, CONST_STR_LEN("var.CWD"));
1343 array_insert_unique(dc->value, (data_unset *)dcwd);
1344 } else {
1345 dcwd->free((data_unset*) dcwd);
1346 }
1347
1348 filename = buffer_init_string(fn);
1349 ret = config_parse_file_stream(srv, &context, filename);
1350 buffer_free(filename);
1351
1352 /* remains nothing if parser is ok */
1353 force_assert(!(0 == ret && context.ok && 0 != context.configs_stack.used));
1354 context_free(&context);
1355
1356 if (0 != ret) {
1357 return ret;
1358 }
1359
1360 if (0 != config_insert(srv)) {
1361 return -1;
1362 }
1363
1364 return 0;
1365 }
1366
1367 int config_set_defaults(server *srv) {
1368 size_t i;
1369 specific_config *s = srv->config_storage[0];
1370 struct stat st1, st2;
1371
1372 struct ev_map { fdevent_handler_t et; const char *name; } event_handlers[] =
1373 {
1374 /* - epoll is most reliable
1375 * - select works everywhere
1376 */
1377 #ifdef USE_LINUX_EPOLL
1378 { FDEVENT_HANDLER_LINUX_SYSEPOLL, "linux-sysepoll" },
1379 #endif
1380 #ifdef USE_POLL
1381 { FDEVENT_HANDLER_POLL, "poll" },
1382 #endif
1383 #ifdef USE_SELECT
1384 { FDEVENT_HANDLER_SELECT, "select" },
1385 #endif
1386 #ifdef USE_LIBEV
1387 { FDEVENT_HANDLER_LIBEV, "libev" },
1388 #endif
1389 #ifdef USE_SOLARIS_DEVPOLL
1390 { FDEVENT_HANDLER_SOLARIS_DEVPOLL,"solaris-devpoll" },
1391 #endif
1392 #ifdef USE_SOLARIS_PORT
1393 { FDEVENT_HANDLER_SOLARIS_PORT, "solaris-eventports" },
1394 #endif
1395 #ifdef USE_FREEBSD_KQUEUE
1396 { FDEVENT_HANDLER_FREEBSD_KQUEUE, "freebsd-kqueue" },
1397 { FDEVENT_HANDLER_FREEBSD_KQUEUE, "kqueue" },
1398 #endif
1399 { FDEVENT_HANDLER_UNSET, NULL }
1400 };
1401
1402 if (!buffer_string_is_empty(srv->srvconf.changeroot)) {
1403 if (-1 == stat(srv->srvconf.changeroot->ptr, &st1)) {
1404 log_error_write(srv, __FILE__, __LINE__, "sb",
1405 "server.chroot doesn't exist:", srv->srvconf.changeroot);
1406 return -1;
1407 }
1408 if (!S_ISDIR(st1.st_mode)) {
1409 log_error_write(srv, __FILE__, __LINE__, "sb",
1410 "server.chroot isn't a directory:", srv->srvconf.changeroot);
1411 return -1;
1412 }
1413 }
1414
1415 if (!srv->srvconf.upload_tempdirs->used) {
1416 data_string *ds = data_string_init();
1417 const char *tmpdir = getenv("TMPDIR");
1418 if (NULL == tmpdir) tmpdir = "/var/tmp";
1419 buffer_copy_string(ds->value, tmpdir);
1420 array_insert_unique(srv->srvconf.upload_tempdirs, (data_unset *)ds);
1421 }
1422
1423 if (srv->srvconf.upload_tempdirs->used) {
1424 buffer * const b = srv->tmp_buf;
1425 size_t len;
1426 if (!buffer_string_is_empty(srv->srvconf.changeroot)) {
1427 buffer_copy_buffer(b, srv->srvconf.changeroot);
1428 buffer_append_slash(b);
1429 } else {
1430 buffer_reset(b);
1431 }
1432 len = buffer_string_length(b);
1433
1434 for (i = 0; i < srv->srvconf.upload_tempdirs->used; ++i) {
1435 const data_string * const ds = (data_string *)srv->srvconf.upload_tempdirs->data[i];
1436 buffer_string_set_length(b, len); /*(truncate)*/
1437 buffer_append_string_buffer(b, ds->value);
1438 if (-1 == stat(b->ptr, &st1)) {
1439 log_error_write(srv, __FILE__, __LINE__, "sb",
1440 "server.upload-dirs doesn't exist:", b);
1441 } else if (!S_ISDIR(st1.st_mode)) {
1442 log_error_write(srv, __FILE__, __LINE__, "sb",
1443 "server.upload-dirs isn't a directory:", b);
1444 }
1445 }
1446 }
1447
1448 chunkqueue_set_tempdirs_default(
1449 srv->srvconf.upload_tempdirs,
1450 srv->srvconf.upload_temp_file_size);
1451
1452 if (buffer_string_is_empty(s->document_root)) {
1453 log_error_write(srv, __FILE__, __LINE__, "s",
1454 "a default document-root has to be set");
1455
1456 return -1;
1457 }
1458
1459 buffer_copy_buffer(srv->tmp_buf, s->document_root);
1460
1461 buffer_to_lower(srv->tmp_buf);
1462
1463 if (2 == s->force_lowercase_filenames) { /* user didn't configure it in global section? */
1464 s->force_lowercase_filenames = 0; /* default to 0 */
1465
1466 if (0 == stat(srv->tmp_buf->ptr, &st1)) {
1467 int is_lower = 0;
1468
1469 is_lower = buffer_is_equal(srv->tmp_buf, s->document_root);
1470
1471 /* lower-case existed, check upper-case */
1472 buffer_copy_buffer(srv->tmp_buf, s->document_root);
1473
1474 buffer_to_upper(srv->tmp_buf);
1475
1476 /* we have to handle the special case that upper and lower-casing results in the same filename
1477 * as in server.document-root = "/" or "/12345/" */
1478
1479 if (is_lower && buffer_is_equal(srv->tmp_buf, s->document_root)) {
1480 /* lower-casing and upper-casing didn't result in
1481 * an other filename, no need to stat(),
1482 * just assume it is case-sensitive. */
1483
1484 s->force_lowercase_filenames = 0;
1485 } else if (0 == stat(srv->tmp_buf->ptr, &st2)) {
1486
1487 /* upper case exists too, doesn't the FS handle this ? */
1488
1489 /* upper and lower have the same inode -> case-insensitve FS */
1490
1491 if (st1.st_ino == st2.st_ino) {
1492 /* upper and lower have the same inode -> case-insensitve FS */
1493
1494 s->force_lowercase_filenames = 1;
1495 }
1496 }
1497 }
1498 }
1499
1500 if (srv->srvconf.port == 0) {
1501 srv->srvconf.port = s->ssl_enabled ? 443 : 80;
1502 }
1503
1504 if (buffer_string_is_empty(srv->srvconf.event_handler)) {
1505 /* choose a good default
1506 *
1507 * the event_handler list is sorted by 'goodness'
1508 * taking the first available should be the best solution
1509 */
1510 srv->event_handler = event_handlers[0].et;
1511
1512 if (FDEVENT_HANDLER_UNSET == srv->event_handler) {
1513 log_error_write(srv, __FILE__, __LINE__, "s",
1514 "sorry, there is no event handler for this system");
1515
1516 return -1;
1517 }
1518 } else {
1519 /*
1520 * User override
1521 */
1522
1523 for (i = 0; event_handlers[i].name; i++) {
1524 if (0 == strcmp(event_handlers[i].name, srv->srvconf.event_handler->ptr)) {
1525 srv->event_handler = event_handlers[i].et;
1526 break;
1527 }
1528 }
1529
1530 if (FDEVENT_HANDLER_UNSET == srv->event_handler) {
1531 log_error_write(srv, __FILE__, __LINE__, "sb",
1532 "the selected event-handler in unknown or not supported:",
1533 srv->srvconf.event_handler );
1534
1535 return -1;
1536 }
1537 }
1538
1539 if (s->ssl_enabled) {
1540 if (buffer_string_is_empty(s->ssl_pemfile)) {
1541 /* PEM file is require */
1542
1543 log_error_write(srv, __FILE__, __LINE__, "s",
1544 "ssl.pemfile has to be set");
1545 return -1;
1546 }
1547
1548 #ifndef USE_OPENSSL
1549 log_error_write(srv, __FILE__, __LINE__, "s",
1550 "ssl support is missing, recompile with --with-openssl");
1551
1552 return -1;
1553 #endif
1554 }
1555
1556 return 0;
1557 }
A fast webserver with minimal memory-footprint (lighttpd)