search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[config] server.bsd-accept-filter option
[lighttpd.git] / src / configfile.c
blobb1d5a235e4310106341a461d6b2fe049d40850e1
1 #include "first.h"
2
3 #include "server.h"
4 #include "log.h"
5 #include "stream.h"
6 #include "plugin.h"
7
8 #include "configparser.h"
9 #include "configfile.h"
10 #include "proc_open.h"
11 #include "request.h"
12
13 #include <sys/stat.h>
14
15 #include <stdlib.h>
16 #include <fcntl.h>
17 #include <unistd.h>
18 #include <errno.h>
19 #include <string.h>
20 #include <stdio.h>
21 #include <ctype.h>
22 #include <limits.h>
23 #include <assert.h>
24 #include <glob.h>
25
26
27 static int config_insert(server *srv) {
28 size_t i;
29 int ret = 0;
30 buffer *stat_cache_string;
31
32 config_values_t cv[] = {
33 { "server.bind", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 0 */
34 { "server.errorlog", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 1 */
35 { "server.errorfile-prefix", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
36 { "server.chroot", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 3 */
37 { "server.username", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 4 */
38 { "server.groupname", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 5 */
39 { "server.port", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_SERVER }, /* 6 */
40 { "server.tag", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 7 */
41 { "server.use-ipv6", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 8 */
42 { "server.modules", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_SERVER }, /* 9 */
43
44 { "server.event-handler", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 10 */
45 { "server.pid-file", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 11 */
46 { "server.max-request-size", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_SERVER }, /* 12 */
47 { "server.max-worker", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_SERVER }, /* 13 */
48 { "server.document-root", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 14 */
49 { "server.force-lowercase-filenames", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 15 */
50 { "debug.log-condition-handling", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 16 */
51 { "server.max-keep-alive-requests", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 17 */
52 { "server.name", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 18 */
53 { "server.max-keep-alive-idle", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 19 */
54
55 { "server.max-read-idle", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 20 */
56 { "server.max-write-idle", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 21 */
57 { "server.error-handler", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 22 */
58 { "server.max-fds", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_SERVER }, /* 23 */
59 #ifdef HAVE_LSTAT
60 { "server.follow-symlink", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 24 */
61 #else
62 { "server.follow-symlink",
63 "Your system lacks lstat(). We can not differ symlinks from files."
64 "Please remove server.follow-symlinks from your config.",
65 T_CONFIG_UNSUPPORTED, T_CONFIG_SCOPE_UNSET },
66 #endif
67 { "server.kbytes-per-second", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 25 */
68 { "connection.kbytes-per-second", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 26 */
69 { "mimetype.use-xattr", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 27 */
70 { "mimetype.assign", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 28 */
71 { "ssl.pemfile", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 29 */
72
73 { "ssl.engine", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 30 */
74 { "debug.log-file-not-found", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 31 */
75 { "debug.log-request-handling", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 32 */
76 { "debug.log-response-header", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 33 */
77 { "debug.log-request-header", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 34 */
78 { "debug.log-ssl-noise", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 35 */
79 { "server.protocol-http11", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 36 */
80 { "debug.log-request-header-on-error", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 37 */
81 { "debug.log-state-handling", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 38 */
82 { "ssl.ca-file", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 39 */
83
84 { "server.errorlog-use-syslog", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 40 */
85 { "server.range-requests", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 41 */
86 { "server.stat-cache-engine", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 42 */
87 { "server.max-connections", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_SERVER }, /* 43 */
88 { "server.network-backend", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 44 */
89 { "server.upload-dirs", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_SERVER }, /* 45 */
90 { "server.core-files", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 46 */
91 { "ssl.cipher-list", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 47 */
92 { "ssl.use-sslv2", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 48 */
93 { "etag.use-inode", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 49 */
94
95 { "etag.use-mtime", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 50 */
96 { "etag.use-size", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 51 */
97 { "server.reject-expect-100-with-417", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 52 */
98 { "debug.log-timeouts", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 53 */
99 { "server.defer-accept", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 54 */
100 { "server.breakagelog", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 55 */
101 { "ssl.verifyclient.activate", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 56 */
102 { "ssl.verifyclient.enforce", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 57 */
103 { "ssl.verifyclient.depth", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 58 */
104 { "ssl.verifyclient.username", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 59 */
105
106 { "ssl.verifyclient.exportcert", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 60 */
107 { "server.set-v6only", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 61 */
108 { "ssl.use-sslv3", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 62 */
109 { "ssl.dh-file", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 63 */
110 { "ssl.ec-curve", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 64 */
111 { "ssl.disable-client-renegotiation", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 65 */
112 { "ssl.honor-cipher-order", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 66 */
113 { "ssl.empty-fragments", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 67 */
114 { "server.upload-temp-file-size", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_SERVER }, /* 68 */
115 { "mimetype.xattr-name", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 69 */
116 { "server.listen-backlog", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_CONNECTION }, /* 70 */
117 { "server.error-handler-404", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 71 */
118 { "server.http-parseopt-header-strict",NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 72 */
119 { "server.http-parseopt-host-strict", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 73 */
120 { "server.http-parseopt-host-normalize",NULL,T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 74 */
121 { "server.bsd-accept-filter", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 75 */
122
123 { "server.host",
124 "use server.bind instead",
125 T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
126 { "server.docroot",
127 "use server.document-root instead",
128 T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
129 { "server.virtual-root",
130 "load mod_simple_vhost and use simple-vhost.server-root instead",
131 T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
132 { "server.virtual-default-host",
133 "load mod_simple_vhost and use simple-vhost.default-host instead",
134 T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
135 { "server.virtual-docroot",
136 "load mod_simple_vhost and use simple-vhost.document-root instead",
137 T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
138 { "server.userid",
139 "use server.username instead",
140 T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
141 { "server.groupid",
142 "use server.groupname instead",
143 T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
144 { "server.use-keep-alive",
145 "use server.max-keep-alive-requests = 0 instead",
146 T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
147 { "server.force-lower-case-files",
148 "use server.force-lowercase-filenames instead",
149 T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
150
151 { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
152 };
153
154 /* all T_CONFIG_SCOPE_SERVER options */
155 cv[0].destination = srv->srvconf.bindhost;
156 cv[1].destination = srv->srvconf.errorlog_file;
157 cv[3].destination = srv->srvconf.changeroot;
158 cv[4].destination = srv->srvconf.username;
159 cv[5].destination = srv->srvconf.groupname;
160 cv[6].destination = &(srv->srvconf.port);
161 cv[9].destination = srv->srvconf.modules;
162
163 cv[10].destination = srv->srvconf.event_handler;
164 cv[11].destination = srv->srvconf.pid_file;
165 cv[12].destination = &(srv->srvconf.max_request_size);
166 cv[13].destination = &(srv->srvconf.max_worker);
167
168 cv[23].destination = &(srv->srvconf.max_fds);
169
170 cv[37].destination = &(srv->srvconf.log_request_header_on_error);
171 cv[38].destination = &(srv->srvconf.log_state_handling);
172
173 cv[40].destination = &(srv->srvconf.errorlog_use_syslog);
174 stat_cache_string = buffer_init();
175 cv[42].destination = stat_cache_string;
176 cv[43].destination = &(srv->srvconf.max_conns);
177 cv[44].destination = srv->srvconf.network_backend;
178 cv[45].destination = srv->srvconf.upload_tempdirs;
179 cv[46].destination = &(srv->srvconf.enable_cores);
180
181 cv[52].destination = &(srv->srvconf.reject_expect_100_with_417);
182 cv[55].destination = srv->srvconf.breakagelog_file;
183
184 cv[68].destination = &(srv->srvconf.upload_temp_file_size);
185 cv[69].destination = srv->srvconf.xattr_name;
186 cv[72].destination = &(srv->srvconf.http_header_strict);
187 cv[73].destination = &(srv->srvconf.http_host_strict);
188 cv[74].destination = &(srv->srvconf.http_host_normalize);
189
190 srv->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
191
192 force_assert(srv->config_storage);
193
194 for (i = 0; i < srv->config_context->used; i++) {
195 data_config const* config = (data_config const*)srv->config_context->data[i];
196 specific_config *s;
197
198 s = calloc(1, sizeof(specific_config));
199 force_assert(s);
200 s->document_root = buffer_init();
201 s->mimetypes = array_init();
202 s->server_name = buffer_init();
203 s->ssl_pemfile = buffer_init();
204 s->ssl_ca_file = buffer_init();
205 s->error_handler = buffer_init();
206 s->error_handler_404 = buffer_init();
207 s->server_tag = buffer_init();
208 s->ssl_cipher_list = buffer_init();
209 s->ssl_dh_file = buffer_init();
210 s->ssl_ec_curve = buffer_init();
211 s->errorfile_prefix = buffer_init();
212 #if defined(__FreeBSD__) || defined(__NetBSD__) \
213 || defined(__OpenBSD__) || defined(__DragonflyBSD__)
214 s->bsd_accept_filter = (i == 0)
215 ? buffer_init()
216 : buffer_init_buffer(srv->config_storage[0]->bsd_accept_filter);
217 #endif
218 s->max_keep_alive_requests = 16;
219 s->max_keep_alive_idle = 5;
220 s->max_read_idle = 60;
221 s->max_write_idle = 360;
222 s->use_xattr = 0;
223 s->ssl_enabled = 0;
224 s->ssl_honor_cipher_order = 1;
225 s->ssl_empty_fragments = 0;
226 s->ssl_use_sslv2 = 0;
227 s->ssl_use_sslv3 = 0;
228 s->use_ipv6 = 0;
229 s->set_v6only = 1;
230 s->defer_accept = (i == 0) ? 0 : srv->config_storage[0]->defer_accept;
231 #ifdef HAVE_LSTAT
232 s->follow_symlink = 1;
233 #endif
234 s->kbytes_per_second = 0;
235 s->allow_http11 = 1;
236 s->etag_use_inode = 1;
237 s->etag_use_mtime = 1;
238 s->etag_use_size = 1;
239 s->range_requests = 1;
240 s->force_lowercase_filenames = (i == 0) ? 2 : 0; /* we wan't to detect later if user changed this for global section */
241 s->global_kbytes_per_second = 0;
242 s->global_bytes_per_second_cnt = 0;
243 s->global_bytes_per_second_cnt_ptr = &s->global_bytes_per_second_cnt;
244 s->ssl_verifyclient = 0;
245 s->ssl_verifyclient_enforce = 1;
246 s->ssl_verifyclient_username = buffer_init();
247 s->ssl_verifyclient_depth = 9;
248 s->ssl_verifyclient_export_cert = 0;
249 s->ssl_disable_client_renegotiation = 1;
250 s->listen_backlog = (0 == i ? 1024 : srv->config_storage[0]->listen_backlog);
251
252 /* all T_CONFIG_SCOPE_CONNECTION options */
253 cv[2].destination = s->errorfile_prefix;
254 cv[7].destination = s->server_tag;
255 cv[8].destination = &(s->use_ipv6);
256
257 cv[14].destination = s->document_root;
258 cv[15].destination = &(s->force_lowercase_filenames);
259 cv[16].destination = &(s->log_condition_handling);
260 cv[17].destination = &(s->max_keep_alive_requests);
261 cv[18].destination = s->server_name;
262 cv[19].destination = &(s->max_keep_alive_idle);
263
264 cv[20].destination = &(s->max_read_idle);
265 cv[21].destination = &(s->max_write_idle);
266 cv[22].destination = s->error_handler;
267 #ifdef HAVE_LSTAT
268 cv[24].destination = &(s->follow_symlink);
269 #endif
270 cv[25].destination = &(s->global_kbytes_per_second);
271 cv[26].destination = &(s->kbytes_per_second);
272 cv[27].destination = &(s->use_xattr);
273 cv[28].destination = s->mimetypes;
274 cv[29].destination = s->ssl_pemfile;
275
276 cv[30].destination = &(s->ssl_enabled);
277 cv[31].destination = &(s->log_file_not_found);
278 cv[32].destination = &(s->log_request_handling);
279 cv[33].destination = &(s->log_response_header);
280 cv[34].destination = &(s->log_request_header);
281 cv[35].destination = &(s->log_ssl_noise);
282 cv[36].destination = &(s->allow_http11);
283 cv[39].destination = s->ssl_ca_file;
284
285 cv[41].destination = &(s->range_requests);
286 cv[47].destination = s->ssl_cipher_list;
287 cv[48].destination = &(s->ssl_use_sslv2);
288 cv[49].destination = &(s->etag_use_inode);
289
290 cv[50].destination = &(s->etag_use_mtime);
291 cv[51].destination = &(s->etag_use_size);
292 cv[53].destination = &(s->log_timeouts);
293 cv[54].destination = &(s->defer_accept);
294 cv[56].destination = &(s->ssl_verifyclient);
295 cv[57].destination = &(s->ssl_verifyclient_enforce);
296 cv[58].destination = &(s->ssl_verifyclient_depth);
297 cv[59].destination = s->ssl_verifyclient_username;
298
299 cv[60].destination = &(s->ssl_verifyclient_export_cert);
300 cv[61].destination = &(s->set_v6only);
301 cv[62].destination = &(s->ssl_use_sslv3);
302 cv[63].destination = s->ssl_dh_file;
303 cv[64].destination = s->ssl_ec_curve;
304 cv[65].destination = &(s->ssl_disable_client_renegotiation);
305 cv[66].destination = &(s->ssl_honor_cipher_order);
306 cv[67].destination = &(s->ssl_empty_fragments);
307 cv[70].destination = &(s->listen_backlog);
308 cv[71].destination = s->error_handler_404;
309 #if defined(__FreeBSD__) || defined(__NetBSD__) \
310 || defined(__OpenBSD__) || defined(__DragonflyBSD__)
311 cv[75].destination = s->bsd_accept_filter;
312 #endif
313
314 srv->config_storage[i] = s;
315
316 if (0 != (ret = config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION))) {
317 break;
318 }
319 }
320
321 {
322 specific_config *s = srv->config_storage[0];
323 s->http_parseopts= /*(global, but stored in con->conf.http_parseopts)*/
324 (srv->srvconf.http_header_strict ?(HTTP_PARSEOPT_HEADER_STRICT) :0)
325 |(srv->srvconf.http_host_strict ?(HTTP_PARSEOPT_HOST_STRICT
326 |HTTP_PARSEOPT_HOST_NORMALIZE):0)
327 |(srv->srvconf.http_host_normalize ?(HTTP_PARSEOPT_HOST_NORMALIZE):0);
328 }
329
330 if (buffer_string_is_empty(stat_cache_string)) {
331 srv->srvconf.stat_cache_engine = STAT_CACHE_ENGINE_SIMPLE;
332 } else if (buffer_is_equal_string(stat_cache_string, CONST_STR_LEN("simple"))) {
333 srv->srvconf.stat_cache_engine = STAT_CACHE_ENGINE_SIMPLE;
334 #ifdef HAVE_FAM_H
335 } else if (buffer_is_equal_string(stat_cache_string, CONST_STR_LEN("fam"))) {
336 srv->srvconf.stat_cache_engine = STAT_CACHE_ENGINE_FAM;
337 #endif
338 } else if (buffer_is_equal_string(stat_cache_string, CONST_STR_LEN("disable"))) {
339 srv->srvconf.stat_cache_engine = STAT_CACHE_ENGINE_NONE;
340 } else {
341 log_error_write(srv, __FILE__, __LINE__, "sb",
342 "server.stat-cache-engine can be one of \"disable\", \"simple\","
343 #ifdef HAVE_FAM_H
344 " \"fam\","
345 #endif
346 " but not:", stat_cache_string);
347 ret = HANDLER_ERROR;
348 }
349
350 buffer_free(stat_cache_string);
351
352 {
353 data_string *ds;
354 int prepend_mod_indexfile = 1;
355 int append_mod_dirlisting = 1;
356 int append_mod_staticfile = 1;
357
358 /* prepend default modules */
359 for (i = 0; i < srv->srvconf.modules->used; i++) {
360 ds = (data_string *)srv->srvconf.modules->data[i];
361
362 if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_indexfile"))) {
363 prepend_mod_indexfile = 0;
364 }
365
366 if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_staticfile"))) {
367 append_mod_staticfile = 0;
368 }
369
370 if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_dirlisting"))) {
371 append_mod_dirlisting = 0;
372 }
373
374 if (0 == prepend_mod_indexfile &&
375 0 == append_mod_dirlisting &&
376 0 == append_mod_staticfile) {
377 break;
378 }
379 }
380
381 if (prepend_mod_indexfile) {
382 /* mod_indexfile has to be loaded before mod_fastcgi and friends */
383 array *modules = array_init();
384
385 ds = data_string_init();
386 buffer_copy_string_len(ds->value, CONST_STR_LEN("mod_indexfile"));
387 array_insert_unique(modules, (data_unset *)ds);
388
389 for (i = 0; i < srv->srvconf.modules->used; i++) {
390 data_unset *du = srv->srvconf.modules->data[i];
391 array_insert_unique(modules, du->copy(du));
392 }
393
394 array_free(srv->srvconf.modules);
395 srv->srvconf.modules = modules;
396 }
397
398 /* append default modules */
399 if (append_mod_dirlisting) {
400 ds = data_string_init();
401 buffer_copy_string_len(ds->value, CONST_STR_LEN("mod_dirlisting"));
402 array_insert_unique(srv->srvconf.modules, (data_unset *)ds);
403 }
404
405 if (append_mod_staticfile) {
406 ds = data_string_init();
407 buffer_copy_string_len(ds->value, CONST_STR_LEN("mod_staticfile"));
408 array_insert_unique(srv->srvconf.modules, (data_unset *)ds);
409 }
410 }
411
412 return ret;
413
414 }
415
416
417 #define PATCH(x) con->conf.x = s->x
418 int config_setup_connection(server *srv, connection *con) {
419 specific_config *s = srv->config_storage[0];
420
421 PATCH(http_parseopts);
422
423 PATCH(allow_http11);
424 PATCH(mimetypes);
425 PATCH(document_root);
426 PATCH(max_keep_alive_requests);
427 PATCH(max_keep_alive_idle);
428 PATCH(max_read_idle);
429 PATCH(max_write_idle);
430 PATCH(use_xattr);
431 PATCH(error_handler);
432 PATCH(error_handler_404);
433 PATCH(errorfile_prefix);
434 #ifdef HAVE_LSTAT
435 PATCH(follow_symlink);
436 #endif
437 PATCH(server_tag);
438 PATCH(kbytes_per_second);
439 PATCH(global_kbytes_per_second);
440 PATCH(global_bytes_per_second_cnt);
441
442 con->conf.global_bytes_per_second_cnt_ptr = &s->global_bytes_per_second_cnt;
443 buffer_copy_buffer(con->server_name, s->server_name);
444
445 PATCH(log_request_header);
446 PATCH(log_response_header);
447 PATCH(log_request_handling);
448 PATCH(log_condition_handling);
449 PATCH(log_file_not_found);
450 PATCH(log_ssl_noise);
451 PATCH(log_timeouts);
452
453 PATCH(range_requests);
454 PATCH(force_lowercase_filenames);
455 /*PATCH(listen_backlog);*//*(not necessary; used only at startup)*/
456 PATCH(ssl_enabled);
457
458 PATCH(ssl_pemfile);
459 #ifdef USE_OPENSSL
460 PATCH(ssl_pemfile_x509);
461 PATCH(ssl_pemfile_pkey);
462 #endif
463 PATCH(ssl_ca_file);
464 #ifdef USE_OPENSSL
465 PATCH(ssl_ca_file_cert_names);
466 #endif
467 PATCH(ssl_cipher_list);
468 PATCH(ssl_dh_file);
469 PATCH(ssl_ec_curve);
470 PATCH(ssl_honor_cipher_order);
471 PATCH(ssl_empty_fragments);
472 PATCH(ssl_use_sslv2);
473 PATCH(ssl_use_sslv3);
474 PATCH(etag_use_inode);
475 PATCH(etag_use_mtime);
476 PATCH(etag_use_size);
477
478 PATCH(ssl_verifyclient);
479 PATCH(ssl_verifyclient_enforce);
480 PATCH(ssl_verifyclient_depth);
481 PATCH(ssl_verifyclient_username);
482 PATCH(ssl_verifyclient_export_cert);
483 PATCH(ssl_disable_client_renegotiation);
484
485 return 0;
486 }
487
488 int config_patch_connection(server *srv, connection *con) {
489 size_t i, j;
490
491 /* skip the first, the global context */
492 for (i = 1; i < srv->config_context->used; i++) {
493 data_config *dc = (data_config *)srv->config_context->data[i];
494 specific_config *s = srv->config_storage[i];
495
496 /* condition didn't match */
497 if (!config_check_cond(srv, con, dc)) continue;
498
499 /* merge config */
500 for (j = 0; j < dc->value->used; j++) {
501 data_unset *du = dc->value->data[j];
502
503 if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.document-root"))) {
504 PATCH(document_root);
505 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.range-requests"))) {
506 PATCH(range_requests);
507 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.error-handler"))) {
508 PATCH(error_handler);
509 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.error-handler-404"))) {
510 PATCH(error_handler_404);
511 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.errorfile-prefix"))) {
512 PATCH(errorfile_prefix);
513 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("mimetype.assign"))) {
514 PATCH(mimetypes);
515 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.max-keep-alive-requests"))) {
516 PATCH(max_keep_alive_requests);
517 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.max-keep-alive-idle"))) {
518 PATCH(max_keep_alive_idle);
519 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.max-write-idle"))) {
520 PATCH(max_write_idle);
521 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.max-read-idle"))) {
522 PATCH(max_read_idle);
523 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("mimetype.use-xattr"))) {
524 PATCH(use_xattr);
525 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("etag.use-inode"))) {
526 PATCH(etag_use_inode);
527 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("etag.use-mtime"))) {
528 PATCH(etag_use_mtime);
529 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("etag.use-size"))) {
530 PATCH(etag_use_size);
531 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.pemfile"))) {
532 PATCH(ssl_pemfile);
533 #ifdef USE_OPENSSL
534 PATCH(ssl_pemfile_x509);
535 PATCH(ssl_pemfile_pkey);
536 #endif
537 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.ca-file"))) {
538 PATCH(ssl_ca_file);
539 #ifdef USE_OPENSSL
540 PATCH(ssl_ca_file_cert_names);
541 #endif
542 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.honor-cipher-order"))) {
543 PATCH(ssl_honor_cipher_order);
544 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.empty-fragments"))) {
545 PATCH(ssl_empty_fragments);
546 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.use-sslv2"))) {
547 PATCH(ssl_use_sslv2);
548 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.use-sslv3"))) {
549 PATCH(ssl_use_sslv3);
550 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.cipher-list"))) {
551 PATCH(ssl_cipher_list);
552 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.engine"))) {
553 PATCH(ssl_enabled);
554 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.dh-file"))) {
555 PATCH(ssl_dh_file);
556 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.ec-curve"))) {
557 PATCH(ssl_ec_curve);
558 #ifdef HAVE_LSTAT
559 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.follow-symlink"))) {
560 PATCH(follow_symlink);
561 #endif
562 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.name"))) {
563 buffer_copy_buffer(con->server_name, s->server_name);
564 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.tag"))) {
565 PATCH(server_tag);
566 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("connection.kbytes-per-second"))) {
567 PATCH(kbytes_per_second);
568 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-request-handling"))) {
569 PATCH(log_request_handling);
570 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-request-header"))) {
571 PATCH(log_request_header);
572 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-response-header"))) {
573 PATCH(log_response_header);
574 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-condition-handling"))) {
575 PATCH(log_condition_handling);
576 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-file-not-found"))) {
577 PATCH(log_file_not_found);
578 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-ssl-noise"))) {
579 PATCH(log_ssl_noise);
580 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-timeouts"))) {
581 PATCH(log_timeouts);
582 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.protocol-http11"))) {
583 PATCH(allow_http11);
584 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.force-lowercase-filenames"))) {
585 PATCH(force_lowercase_filenames);
586 #if 0 /*(not necessary; used only at startup)*/
587 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.listen-backlog"))) {
588 PATCH(listen_backlog);
589 #endif
590 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.kbytes-per-second"))) {
591 PATCH(global_kbytes_per_second);
592 PATCH(global_bytes_per_second_cnt);
593 con->conf.global_bytes_per_second_cnt_ptr = &s->global_bytes_per_second_cnt;
594 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.activate"))) {
595 PATCH(ssl_verifyclient);
596 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.enforce"))) {
597 PATCH(ssl_verifyclient_enforce);
598 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.depth"))) {
599 PATCH(ssl_verifyclient_depth);
600 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.username"))) {
601 PATCH(ssl_verifyclient_username);
602 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.exportcert"))) {
603 PATCH(ssl_verifyclient_export_cert);
604 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.disable-client-renegotiation"))) {
605 PATCH(ssl_disable_client_renegotiation);
606 }
607 }
608 }
609
610 con->etag_flags = (con->conf.etag_use_mtime ? ETAG_USE_MTIME : 0) |
611 (con->conf.etag_use_inode ? ETAG_USE_INODE : 0) |
612 (con->conf.etag_use_size ? ETAG_USE_SIZE : 0);
613
614 return 0;
615 }
616 #undef PATCH
617
618 typedef struct {
619 int foo;
620 int bar;
621
622 const buffer *source;
623 const char *input;
624 size_t offset;
625 size_t size;
626
627 int line_pos;
628 int line;
629
630 int in_key;
631 int in_brace;
632 int in_cond;
633 } tokenizer_t;
634
635 #if 0
636 static int tokenizer_open(server *srv, tokenizer_t *t, buffer *basedir, const char *fn) {
637 if (buffer_string_is_empty(basedir) ||
638 (fn[0] == '/' || fn[0] == '\\') ||
639 (fn[0] == '.' && (fn[1] == '/' || fn[1] == '\\'))) {
640 t->file = buffer_init_string(fn);
641 } else {
642 t->file = buffer_init_buffer(basedir);
643 buffer_append_string(t->file, fn);
644 }
645
646 if (0 != stream_open(&(t->s), t->file)) {
647 log_error_write(srv, __FILE__, __LINE__, "sbss",
648 "opening configfile ", t->file, "failed:", strerror(errno));
649 buffer_free(t->file);
650 return -1;
651 }
652
653 t->input = t->s.start;
654 t->offset = 0;
655 t->size = t->s.size;
656 t->line = 1;
657 t->line_pos = 1;
658
659 t->in_key = 1;
660 t->in_brace = 0;
661 t->in_cond = 0;
662 return 0;
663 }
664
665 static int tokenizer_close(server *srv, tokenizer_t *t) {
666 UNUSED(srv);
667
668 buffer_free(t->file);
669 return stream_close(&(t->s));
670 }
671 #endif
672 static int config_skip_newline(tokenizer_t *t) {
673 int skipped = 1;
674 force_assert(t->input[t->offset] == '\r' || t->input[t->offset] == '\n');
675 if (t->input[t->offset] == '\r' && t->input[t->offset + 1] == '\n') {
676 skipped ++;
677 t->offset ++;
678 }
679 t->offset ++;
680 return skipped;
681 }
682
683 static int config_skip_comment(tokenizer_t *t) {
684 int i;
685 force_assert(t->input[t->offset] == '#');
686 for (i = 1; t->input[t->offset + i] &&
687 (t->input[t->offset + i] != '\n' && t->input[t->offset + i] != '\r');
688 i++);
689 t->offset += i;
690 return i;
691 }
692
693 static int config_tokenizer(server *srv, tokenizer_t *t, int *token_id, buffer *token) {
694 int tid = 0;
695 size_t i;
696
697 for (tid = 0; tid == 0 && t->offset < t->size && t->input[t->offset] ; ) {
698 char c = t->input[t->offset];
699 const char *start = NULL;
700
701 switch (c) {
702 case '=':
703 if (t->in_brace) {
704 if (t->input[t->offset + 1] == '>') {
705 t->offset += 2;
706
707 buffer_copy_string_len(token, CONST_STR_LEN("=>"));
708
709 tid = TK_ARRAY_ASSIGN;
710 } else {
711 log_error_write(srv, __FILE__, __LINE__, "sbsdsds",
712 "source:", t->source,
713 "line:", t->line, "pos:", t->line_pos,
714 "use => for assignments in arrays");
715 return -1;
716 }
717 } else if (t->in_cond) {
718 if (t->input[t->offset + 1] == '=') {
719 t->offset += 2;
720
721 buffer_copy_string_len(token, CONST_STR_LEN("=="));
722
723 tid = TK_EQ;
724 } else if (t->input[t->offset + 1] == '~') {
725 t->offset += 2;
726
727 buffer_copy_string_len(token, CONST_STR_LEN("=~"));
728
729 tid = TK_MATCH;
730 } else {
731 log_error_write(srv, __FILE__, __LINE__, "sbsdsds",
732 "source:", t->source,
733 "line:", t->line, "pos:", t->line_pos,
734 "only =~ and == are allowed in the condition");
735 return -1;
736 }
737 t->in_key = 1;
738 t->in_cond = 0;
739 } else if (t->in_key) {
740 tid = TK_ASSIGN;
741
742 buffer_copy_string_len(token, t->input + t->offset, 1);
743
744 t->offset++;
745 t->line_pos++;
746 } else {
747 log_error_write(srv, __FILE__, __LINE__, "sbsdsds",
748 "source:", t->source,
749 "line:", t->line, "pos:", t->line_pos,
750 "unexpected equal-sign: =");
751 return -1;
752 }
753
754 break;
755 case '!':
756 if (t->in_cond) {
757 if (t->input[t->offset + 1] == '=') {
758 t->offset += 2;
759
760 buffer_copy_string_len(token, CONST_STR_LEN("!="));
761
762 tid = TK_NE;
763 } else if (t->input[t->offset + 1] == '~') {
764 t->offset += 2;
765
766 buffer_copy_string_len(token, CONST_STR_LEN("!~"));
767
768 tid = TK_NOMATCH;
769 } else {
770 log_error_write(srv, __FILE__, __LINE__, "sbsdsds",
771 "source:", t->source,
772 "line:", t->line, "pos:", t->line_pos,
773 "only !~ and != are allowed in the condition");
774 return -1;
775 }
776 t->in_key = 1;
777 t->in_cond = 0;
778 } else {
779 log_error_write(srv, __FILE__, __LINE__, "sbsdsds",
780 "source:", t->source,
781 "line:", t->line, "pos:", t->line_pos,
782 "unexpected exclamation-marks: !");
783 return -1;
784 }
785
786 break;
787 case '\t':
788 case ' ':
789 t->offset++;
790 t->line_pos++;
791 break;
792 case '\n':
793 case '\r':
794 if (t->in_brace == 0) {
795 int done = 0;
796 while (!done && t->offset < t->size) {
797 switch (t->input[t->offset]) {
798 case '\r':
799 case '\n':
800 config_skip_newline(t);
801 t->line_pos = 1;
802 t->line++;
803 break;
804
805 case '#':
806 t->line_pos += config_skip_comment(t);
807 break;
808
809 case '\t':
810 case ' ':
811 t->offset++;
812 t->line_pos++;
813 break;
814
815 default:
816 done = 1;
817 }
818 }
819 t->in_key = 1;
820 tid = TK_EOL;
821 buffer_copy_string_len(token, CONST_STR_LEN("(EOL)"));
822 } else {
823 config_skip_newline(t);
824 t->line_pos = 1;
825 t->line++;
826 }
827 break;
828 case ',':
829 if (t->in_brace > 0) {
830 tid = TK_COMMA;
831
832 buffer_copy_string_len(token, CONST_STR_LEN("(COMMA)"));
833 }
834
835 t->offset++;
836 t->line_pos++;
837 break;
838 case '"':
839 /* search for the terminating " */
840 start = t->input + t->offset + 1;
841 buffer_copy_string_len(token, CONST_STR_LEN(""));
842
843 for (i = 1; t->input[t->offset + i]; i++) {
844 if (t->input[t->offset + i] == '\\' &&
845 t->input[t->offset + i + 1] == '"') {
846
847 buffer_append_string_len(token, start, t->input + t->offset + i - start);
848
849 start = t->input + t->offset + i + 1;
850
851 /* skip the " */
852 i++;
853 continue;
854 }
855
856
857 if (t->input[t->offset + i] == '"') {
858 tid = TK_STRING;
859
860 buffer_append_string_len(token, start, t->input + t->offset + i - start);
861
862 break;
863 }
864 }
865
866 if (t->input[t->offset + i] == '\0') {
867 /* ERROR */
868
869 log_error_write(srv, __FILE__, __LINE__, "sbsdsds",
870 "source:", t->source,
871 "line:", t->line, "pos:", t->line_pos,
872 "missing closing quote");
873
874 return -1;
875 }
876
877 t->offset += i + 1;
878 t->line_pos += i + 1;
879
880 break;
881 case '(':
882 t->offset++;
883 t->in_brace++;
884
885 tid = TK_LPARAN;
886
887 buffer_copy_string_len(token, CONST_STR_LEN("("));
888 break;
889 case ')':
890 t->offset++;
891 t->in_brace--;
892
893 tid = TK_RPARAN;
894
895 buffer_copy_string_len(token, CONST_STR_LEN(")"));
896 break;
897 case '$':
898 t->offset++;
899
900 tid = TK_DOLLAR;
901 t->in_cond = 1;
902 t->in_key = 0;
903
904 buffer_copy_string_len(token, CONST_STR_LEN("$"));
905
906 break;
907
908 case '+':
909 if (t->input[t->offset + 1] == '=') {
910 t->offset += 2;
911 buffer_copy_string_len(token, CONST_STR_LEN("+="));
912 tid = TK_APPEND;
913 } else {
914 t->offset++;
915 tid = TK_PLUS;
916 buffer_copy_string_len(token, CONST_STR_LEN("+"));
917 }
918 break;
919
920 case '{':
921 t->offset++;
922
923 tid = TK_LCURLY;
924
925 buffer_copy_string_len(token, CONST_STR_LEN("{"));
926
927 break;
928
929 case '}':
930 t->offset++;
931
932 tid = TK_RCURLY;
933
934 buffer_copy_string_len(token, CONST_STR_LEN("}"));
935
936 break;
937
938 case '[':
939 t->offset++;
940
941 tid = TK_LBRACKET;
942
943 buffer_copy_string_len(token, CONST_STR_LEN("["));
944
945 break;
946
947 case ']':
948 t->offset++;
949
950 tid = TK_RBRACKET;
951
952 buffer_copy_string_len(token, CONST_STR_LEN("]"));
953
954 break;
955 case '#':
956 t->line_pos += config_skip_comment(t);
957
958 break;
959 default:
960 if (t->in_cond) {
961 for (i = 0; t->input[t->offset + i] &&
962 (isalpha((unsigned char)t->input[t->offset + i])
963 ); i++);
964
965 if (i && t->input[t->offset + i]) {
966 tid = TK_SRVVARNAME;
967 buffer_copy_string_len(token, t->input + t->offset, i);
968
969 t->offset += i;
970 t->line_pos += i;
971 } else {
972 /* ERROR */
973 log_error_write(srv, __FILE__, __LINE__, "sbsdsds",
974 "source:", t->source,
975 "line:", t->line, "pos:", t->line_pos,
976 "invalid character in condition");
977 return -1;
978 }
979 } else if (isdigit((unsigned char)c)) {
980 /* take all digits */
981 for (i = 0; t->input[t->offset + i] && isdigit((unsigned char)t->input[t->offset + i]); i++);
982
983 /* was there it least a digit ? */
984 if (i) {
985 tid = TK_INTEGER;
986
987 buffer_copy_string_len(token, t->input + t->offset, i);
988
989 t->offset += i;
990 t->line_pos += i;
991 }
992 } else {
993 /* the key might consist of [-.0-9a-z] */
994 for (i = 0; t->input[t->offset + i] &&
995 (isalnum((unsigned char)t->input[t->offset + i]) ||
996 t->input[t->offset + i] == '.' ||
997 t->input[t->offset + i] == '_' || /* for env.* */
998 t->input[t->offset + i] == '-'
999 ); i++);
1000
1001 if (i && t->input[t->offset + i]) {
1002 buffer_copy_string_len(token, t->input + t->offset, i);
1003
1004 if (strcmp(token->ptr, "include") == 0) {
1005 tid = TK_INCLUDE;
1006 } else if (strcmp(token->ptr, "include_shell") == 0) {
1007 tid = TK_INCLUDE_SHELL;
1008 } else if (strcmp(token->ptr, "global") == 0) {
1009 tid = TK_GLOBAL;
1010 } else if (strcmp(token->ptr, "else") == 0) {
1011 tid = TK_ELSE;
1012 } else {
1013 tid = TK_LKEY;
1014 }
1015
1016 t->offset += i;
1017 t->line_pos += i;
1018 } else {
1019 /* ERROR */
1020 log_error_write(srv, __FILE__, __LINE__, "sbsdsds",
1021 "source:", t->source,
1022 "line:", t->line, "pos:", t->line_pos,
1023 "invalid character in variable name");
1024 return -1;
1025 }
1026 }
1027 break;
1028 }
1029 }
1030
1031 if (tid) {
1032 *token_id = tid;
1033 #if 0
1034 log_error_write(srv, __FILE__, __LINE__, "sbsdsdbdd",
1035 "source:", t->source,
1036 "line:", t->line, "pos:", t->line_pos,
1037 token, token->used - 1, tid);
1038 #endif
1039
1040 return 1;
1041 } else if (t->offset < t->size) {
1042 fprintf(stderr, "%s.%d: %d, %s\n",
1043 __FILE__, __LINE__,
1044 tid, token->ptr);
1045 }
1046 return 0;
1047 }
1048
1049 static int config_parse(server *srv, config_t *context, tokenizer_t *t) {
1050 void *pParser;
1051 int token_id;
1052 buffer *token, *lasttoken;
1053 int ret;
1054
1055 pParser = configparserAlloc( malloc );
1056 force_assert(pParser);
1057 lasttoken = buffer_init();
1058 token = buffer_init();
1059 while((1 == (ret = config_tokenizer(srv, t, &token_id, token))) && context->ok) {
1060 buffer_copy_buffer(lasttoken, token);
1061 configparser(pParser, token_id, token, context);
1062
1063 token = buffer_init();
1064 }
1065 buffer_free(token);
1066
1067 if (ret != -1 && context->ok) {
1068 /* add an EOL at EOF, better than say sorry */
1069 configparser(pParser, TK_EOL, buffer_init_string("(EOL)"), context);
1070 if (context->ok) {
1071 configparser(pParser, 0, NULL, context);
1072 }
1073 }
1074 configparserFree(pParser, free);
1075
1076 if (ret == -1) {
1077 log_error_write(srv, __FILE__, __LINE__, "sb",
1078 "configfile parser failed at:", lasttoken);
1079 } else if (context->ok == 0) {
1080 log_error_write(srv, __FILE__, __LINE__, "sbsdsdsb",
1081 "source:", t->source,
1082 "line:", t->line, "pos:", t->line_pos,
1083 "parser failed somehow near here:", lasttoken);
1084 ret = -1;
1085 }
1086 buffer_free(lasttoken);
1087
1088 return ret == -1 ? -1 : 0;
1089 }
1090
1091 static int tokenizer_init(tokenizer_t *t, const buffer *source, const char *input, size_t size) {
1092
1093 t->source = source;
1094 t->input = input;
1095 t->size = size;
1096 t->offset = 0;
1097 t->line = 1;
1098 t->line_pos = 1;
1099
1100 t->in_key = 1;
1101 t->in_brace = 0;
1102 t->in_cond = 0;
1103 return 0;
1104 }
1105
1106 static int config_parse_file_stream(server *srv, config_t *context, const buffer *filename) {
1107 tokenizer_t t;
1108 stream s;
1109 int ret;
1110
1111 if (0 != stream_open(&s, filename)) {
1112 log_error_write(srv, __FILE__, __LINE__, "sbss",
1113 "opening configfile ", filename, "failed:", strerror(errno));
1114 return -1;
1115 } else {
1116 tokenizer_init(&t, filename, s.start, s.size);
1117 ret = config_parse(srv, context, &t);
1118 }
1119
1120 stream_close(&s);
1121 return ret;
1122 }
1123
1124 int config_parse_file(server *srv, config_t *context, const char *fn) {
1125 buffer *filename;
1126 size_t i;
1127 int ret = -1;
1128 #ifdef GLOB_BRACE
1129 int flags = GLOB_BRACE;
1130 #else
1131 int flags = 0;
1132 #endif
1133 glob_t gl;
1134
1135 if ((fn[0] == '/' || fn[0] == '\\') ||
1136 (fn[0] == '.' && (fn[1] == '/' || fn[1] == '\\')) ||
1137 (fn[0] == '.' && fn[1] == '.' && (fn[2] == '/' || fn[2] == '\\'))) {
1138 filename = buffer_init_string(fn);
1139 } else {
1140 filename = buffer_init_buffer(context->basedir);
1141 buffer_append_string(filename, fn);
1142 }
1143
1144 switch (glob(filename->ptr, flags, NULL, &gl)) {
1145 case 0:
1146 for (i = 0; i < gl.gl_pathc; ++i) {
1147 buffer_copy_string(filename, gl.gl_pathv[i]);
1148 ret = config_parse_file_stream(srv, context, filename);
1149 if (0 != ret) break;
1150 }
1151 globfree(&gl);
1152 break;
1153 case GLOB_NOMATCH:
1154 if (filename->ptr[strcspn(filename->ptr, "*?[]{}")] != '\0') { /*(contains glob metachars)*/
1155 ret = 0; /* not an error if no files match glob pattern */
1156 }
1157 else {
1158 log_error_write(srv, __FILE__, __LINE__, "sb", "include file not found: ", filename);
1159 }
1160 break;
1161 case GLOB_ABORTED:
1162 case GLOB_NOSPACE:
1163 log_error_write(srv, __FILE__, __LINE__, "sbss", "glob()", filename, "failed:", strerror(errno));
1164 break;
1165 }
1166
1167 buffer_free(filename);
1168 return ret;
1169 }
1170
1171 static char* getCWD(void) {
1172 char *s, *s1;
1173 size_t len;
1174 #ifdef PATH_MAX
1175 len = PATH_MAX;
1176 #else
1177 len = 4096;
1178 #endif
1179
1180 s = malloc(len);
1181 if (!s) return NULL;
1182 while (NULL == getcwd(s, len)) {
1183 if (errno != ERANGE || SSIZE_MAX - len < len) {
1184 free(s);
1185 return NULL;
1186 }
1187 len *= 2;
1188 s1 = realloc(s, len);
1189 if (!s1) {
1190 free(s);
1191 return NULL;
1192 }
1193 s = s1;
1194 }
1195 return s;
1196 }
1197
1198 int config_parse_cmd(server *srv, config_t *context, const char *cmd) {
1199 tokenizer_t t;
1200 int ret;
1201 buffer *source;
1202 buffer *out;
1203 char *oldpwd;
1204
1205 if (NULL == (oldpwd = getCWD())) {
1206 log_error_write(srv, __FILE__, __LINE__, "s",
1207 "cannot get cwd", strerror(errno));
1208 return -1;
1209 }
1210
1211 if (!buffer_string_is_empty(context->basedir)) {
1212 if (0 != chdir(context->basedir->ptr)) {
1213 log_error_write(srv, __FILE__, __LINE__, "sbs",
1214 "cannot change directory to", context->basedir, strerror(errno));
1215 free(oldpwd);
1216 return -1;
1217 }
1218 }
1219
1220 source = buffer_init_string(cmd);
1221 out = buffer_init();
1222
1223 if (0 != proc_open_buffer(cmd, NULL, out, NULL)) {
1224 log_error_write(srv, __FILE__, __LINE__, "sbss",
1225 "opening", source, "failed:", strerror(errno));
1226 ret = -1;
1227 } else {
1228 tokenizer_init(&t, source, CONST_BUF_LEN(out));
1229 ret = config_parse(srv, context, &t);
1230 }
1231
1232 buffer_free(source);
1233 buffer_free(out);
1234 if (0 != chdir(oldpwd)) {
1235 log_error_write(srv, __FILE__, __LINE__, "sss",
1236 "cannot change directory to", oldpwd, strerror(errno));
1237 free(oldpwd);
1238 return -1;
1239 }
1240 free(oldpwd);
1241 return ret;
1242 }
1243
1244 static void context_init(server *srv, config_t *context) {
1245 context->srv = srv;
1246 context->ok = 1;
1247 vector_config_weak_init(&context->configs_stack);
1248 context->basedir = buffer_init();
1249 }
1250
1251 static void context_free(config_t *context) {
1252 vector_config_weak_clear(&context->configs_stack);
1253 buffer_free(context->basedir);
1254 }
1255
1256 int config_read(server *srv, const char *fn) {
1257 config_t context;
1258 data_config *dc;
1259 data_integer *dpid;
1260 data_string *dcwd;
1261 int ret;
1262 char *pos;
1263 buffer *filename;
1264
1265 context_init(srv, &context);
1266 context.all_configs = srv->config_context;
1267
1268 #ifdef __WIN32
1269 pos = strrchr(fn, '\\');
1270 #else
1271 pos = strrchr(fn, '/');
1272 #endif
1273 if (pos) {
1274 buffer_copy_string_len(context.basedir, fn, pos - fn + 1);
1275 }
1276
1277 dc = data_config_init();
1278 buffer_copy_string_len(dc->key, CONST_STR_LEN("global"));
1279
1280 force_assert(context.all_configs->used == 0);
1281 dc->context_ndx = context.all_configs->used;
1282 array_insert_unique(context.all_configs, (data_unset *)dc);
1283 context.current = dc;
1284
1285 /* default context */
1286 dpid = data_integer_init();
1287 dpid->value = getpid();
1288 buffer_copy_string_len(dpid->key, CONST_STR_LEN("var.PID"));
1289 array_insert_unique(dc->value, (data_unset *)dpid);
1290
1291 dcwd = data_string_init();
1292 buffer_string_prepare_copy(dcwd->value, 1023);
1293 if (NULL != getcwd(dcwd->value->ptr, dcwd->value->size - 1)) {
1294 buffer_commit(dcwd->value, strlen(dcwd->value->ptr));
1295 buffer_copy_string_len(dcwd->key, CONST_STR_LEN("var.CWD"));
1296 array_insert_unique(dc->value, (data_unset *)dcwd);
1297 } else {
1298 dcwd->free((data_unset*) dcwd);
1299 }
1300
1301 filename = buffer_init_string(fn);
1302 ret = config_parse_file_stream(srv, &context, filename);
1303 buffer_free(filename);
1304
1305 /* remains nothing if parser is ok */
1306 force_assert(!(0 == ret && context.ok && 0 != context.configs_stack.used));
1307 context_free(&context);
1308
1309 if (0 != ret) {
1310 return ret;
1311 }
1312
1313 if (0 != config_insert(srv)) {
1314 return -1;
1315 }
1316
1317 return 0;
1318 }
1319
1320 int config_set_defaults(server *srv) {
1321 size_t i;
1322 specific_config *s = srv->config_storage[0];
1323 struct stat st1, st2;
1324
1325 struct ev_map { fdevent_handler_t et; const char *name; } event_handlers[] =
1326 {
1327 /* - epoll is most reliable
1328 * - select works everywhere
1329 */
1330 #ifdef USE_LINUX_EPOLL
1331 { FDEVENT_HANDLER_LINUX_SYSEPOLL, "linux-sysepoll" },
1332 #endif
1333 #ifdef USE_POLL
1334 { FDEVENT_HANDLER_POLL, "poll" },
1335 #endif
1336 #ifdef USE_SELECT
1337 { FDEVENT_HANDLER_SELECT, "select" },
1338 #endif
1339 #ifdef USE_LIBEV
1340 { FDEVENT_HANDLER_LIBEV, "libev" },
1341 #endif
1342 #ifdef USE_SOLARIS_DEVPOLL
1343 { FDEVENT_HANDLER_SOLARIS_DEVPOLL,"solaris-devpoll" },
1344 #endif
1345 #ifdef USE_SOLARIS_PORT
1346 { FDEVENT_HANDLER_SOLARIS_PORT, "solaris-eventports" },
1347 #endif
1348 #ifdef USE_FREEBSD_KQUEUE
1349 { FDEVENT_HANDLER_FREEBSD_KQUEUE, "freebsd-kqueue" },
1350 { FDEVENT_HANDLER_FREEBSD_KQUEUE, "kqueue" },
1351 #endif
1352 { FDEVENT_HANDLER_UNSET, NULL }
1353 };
1354
1355 if (!buffer_string_is_empty(srv->srvconf.changeroot)) {
1356 if (-1 == stat(srv->srvconf.changeroot->ptr, &st1)) {
1357 log_error_write(srv, __FILE__, __LINE__, "sb",
1358 "server.chroot doesn't exist:", srv->srvconf.changeroot);
1359 return -1;
1360 }
1361 if (!S_ISDIR(st1.st_mode)) {
1362 log_error_write(srv, __FILE__, __LINE__, "sb",
1363 "server.chroot isn't a directory:", srv->srvconf.changeroot);
1364 return -1;
1365 }
1366 }
1367
1368 if (srv->srvconf.upload_tempdirs->used) {
1369 buffer * const b = srv->tmp_buf;
1370 size_t len;
1371 if (!buffer_string_is_empty(srv->srvconf.changeroot)) {
1372 buffer_copy_buffer(b, srv->srvconf.changeroot);
1373 buffer_append_slash(b);
1374 } else {
1375 buffer_reset(b);
1376 }
1377 len = buffer_string_length(b);
1378
1379 for (i = 0; i < srv->srvconf.upload_tempdirs->used; ++i) {
1380 const data_string * const ds = (data_string *)srv->srvconf.upload_tempdirs->data[i];
1381 buffer_string_set_length(b, len); /*(truncate)*/
1382 buffer_append_string_buffer(b, ds->value);
1383 if (-1 == stat(b->ptr, &st1)) {
1384 log_error_write(srv, __FILE__, __LINE__, "sb",
1385 "server.upload-dirs doesn't exist:", b);
1386 } else if (!S_ISDIR(st1.st_mode)) {
1387 log_error_write(srv, __FILE__, __LINE__, "sb",
1388 "server.upload-dirs isn't a directory:", b);
1389 }
1390 }
1391 }
1392
1393 if (buffer_string_is_empty(s->document_root)) {
1394 log_error_write(srv, __FILE__, __LINE__, "s",
1395 "a default document-root has to be set");
1396
1397 return -1;
1398 }
1399
1400 buffer_copy_buffer(srv->tmp_buf, s->document_root);
1401
1402 buffer_to_lower(srv->tmp_buf);
1403
1404 if (2 == s->force_lowercase_filenames) { /* user didn't configure it in global section? */
1405 s->force_lowercase_filenames = 0; /* default to 0 */
1406
1407 if (0 == stat(srv->tmp_buf->ptr, &st1)) {
1408 int is_lower = 0;
1409
1410 is_lower = buffer_is_equal(srv->tmp_buf, s->document_root);
1411
1412 /* lower-case existed, check upper-case */
1413 buffer_copy_buffer(srv->tmp_buf, s->document_root);
1414
1415 buffer_to_upper(srv->tmp_buf);
1416
1417 /* we have to handle the special case that upper and lower-casing results in the same filename
1418 * as in server.document-root = "/" or "/12345/" */
1419
1420 if (is_lower && buffer_is_equal(srv->tmp_buf, s->document_root)) {
1421 /* lower-casing and upper-casing didn't result in
1422 * an other filename, no need to stat(),
1423 * just assume it is case-sensitive. */
1424
1425 s->force_lowercase_filenames = 0;
1426 } else if (0 == stat(srv->tmp_buf->ptr, &st2)) {
1427
1428 /* upper case exists too, doesn't the FS handle this ? */
1429
1430 /* upper and lower have the same inode -> case-insensitve FS */
1431
1432 if (st1.st_ino == st2.st_ino) {
1433 /* upper and lower have the same inode -> case-insensitve FS */
1434
1435 s->force_lowercase_filenames = 1;
1436 }
1437 }
1438 }
1439 }
1440
1441 if (srv->srvconf.port == 0) {
1442 srv->srvconf.port = s->ssl_enabled ? 443 : 80;
1443 }
1444
1445 if (buffer_string_is_empty(srv->srvconf.event_handler)) {
1446 /* choose a good default
1447 *
1448 * the event_handler list is sorted by 'goodness'
1449 * taking the first available should be the best solution
1450 */
1451 srv->event_handler = event_handlers[0].et;
1452
1453 if (FDEVENT_HANDLER_UNSET == srv->event_handler) {
1454 log_error_write(srv, __FILE__, __LINE__, "s",
1455 "sorry, there is no event handler for this system");
1456
1457 return -1;
1458 }
1459 } else {
1460 /*
1461 * User override
1462 */
1463
1464 for (i = 0; event_handlers[i].name; i++) {
1465 if (0 == strcmp(event_handlers[i].name, srv->srvconf.event_handler->ptr)) {
1466 srv->event_handler = event_handlers[i].et;
1467 break;
1468 }
1469 }
1470
1471 if (FDEVENT_HANDLER_UNSET == srv->event_handler) {
1472 log_error_write(srv, __FILE__, __LINE__, "sb",
1473 "the selected event-handler in unknown or not supported:",
1474 srv->srvconf.event_handler );
1475
1476 return -1;
1477 }
1478 }
1479
1480 if (s->ssl_enabled) {
1481 if (buffer_string_is_empty(s->ssl_pemfile)) {
1482 /* PEM file is require */
1483
1484 log_error_write(srv, __FILE__, __LINE__, "s",
1485 "ssl.pemfile has to be set");
1486 return -1;
1487 }
1488
1489 #ifndef USE_OPENSSL
1490 log_error_write(srv, __FILE__, __LINE__, "s",
1491 "ssl support is missing, recompile with --with-openssl");
1492
1493 return -1;
1494 #endif
1495 }
1496
1497 return 0;
1498 }
A fast webserver with minimal memory-footprint (lighttpd)