search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[mod_cgi] fix pipe_cloexec() when no O_CLOEXEC
[lighttpd.git] / src / connections.c
blob0417a9f01818496569d6968f74e946030f83ca8c
1 #include "first.h"
2
3 #include "buffer.h"
4 #include "server.h"
5 #include "log.h"
6 #include "connections.h"
7 #include "fdevent.h"
8
9 #include "configfile.h"
10 #include "request.h"
11 #include "response.h"
12 #include "network.h"
13 #include "http_chunk.h"
14 #include "stat_cache.h"
15 #include "joblist.h"
16
17 #include "plugin.h"
18
19 #include "inet_ntop_cache.h"
20
21 #include <sys/stat.h>
22
23 #include <stdlib.h>
24 #include <stdio.h>
25 #include <unistd.h>
26 #include <errno.h>
27 #include <string.h>
28 #include <fcntl.h>
29 #include <assert.h>
30
31 #ifdef USE_OPENSSL
32 # include <openssl/ssl.h>
33 # include <openssl/err.h>
34 #endif
35
36 #ifdef HAVE_SYS_FILIO_H
37 # include <sys/filio.h>
38 #endif
39
40 #include "sys-socket.h"
41
42 typedef struct {
43 PLUGIN_DATA;
44 } plugin_data;
45
46 static connection *connections_get_new_connection(server *srv) {
47 connections *conns = srv->conns;
48 size_t i;
49
50 if (conns->size == 0) {
51 conns->size = 128;
52 conns->ptr = NULL;
53 conns->ptr = malloc(sizeof(*conns->ptr) * conns->size);
54 force_assert(NULL != conns->ptr);
55 for (i = 0; i < conns->size; i++) {
56 conns->ptr[i] = connection_init(srv);
57 }
58 } else if (conns->size == conns->used) {
59 conns->size += 128;
60 conns->ptr = realloc(conns->ptr, sizeof(*conns->ptr) * conns->size);
61 force_assert(NULL != conns->ptr);
62
63 for (i = conns->used; i < conns->size; i++) {
64 conns->ptr[i] = connection_init(srv);
65 }
66 }
67
68 connection_reset(srv, conns->ptr[conns->used]);
69 #if 0
70 fprintf(stderr, "%s.%d: add: ", __FILE__, __LINE__);
71 for (i = 0; i < conns->used + 1; i++) {
72 fprintf(stderr, "%d ", conns->ptr[i]->fd);
73 }
74 fprintf(stderr, "\n");
75 #endif
76
77 conns->ptr[conns->used]->ndx = conns->used;
78 return conns->ptr[conns->used++];
79 }
80
81 static int connection_del(server *srv, connection *con) {
82 size_t i;
83 connections *conns = srv->conns;
84 connection *temp;
85
86 if (con == NULL) return -1;
87
88 if (-1 == con->ndx) return -1;
89
90 buffer_reset(con->uri.authority);
91 buffer_reset(con->uri.path);
92 buffer_reset(con->uri.query);
93 buffer_reset(con->request.orig_uri);
94
95 i = con->ndx;
96
97 /* not last element */
98
99 if (i != conns->used - 1) {
100 temp = conns->ptr[i];
101 conns->ptr[i] = conns->ptr[conns->used - 1];
102 conns->ptr[conns->used - 1] = temp;
103
104 conns->ptr[i]->ndx = i;
105 conns->ptr[conns->used - 1]->ndx = -1;
106 }
107
108 conns->used--;
109
110 con->ndx = -1;
111 #if 0
112 fprintf(stderr, "%s.%d: del: (%d)", __FILE__, __LINE__, conns->used);
113 for (i = 0; i < conns->used; i++) {
114 fprintf(stderr, "%d ", conns->ptr[i]->fd);
115 }
116 fprintf(stderr, "\n");
117 #endif
118 return 0;
119 }
120
121 static int connection_close(server *srv, connection *con) {
122 #ifdef USE_OPENSSL
123 server_socket *srv_sock = con->srv_socket;
124 if (srv_sock->is_ssl) {
125 if (con->ssl) SSL_free(con->ssl);
126 con->ssl = NULL;
127 }
128 #endif
129
130 fdevent_event_del(srv->ev, &(con->fde_ndx), con->fd);
131 fdevent_unregister(srv->ev, con->fd);
132 #ifdef __WIN32
133 if (closesocket(con->fd)) {
134 log_error_write(srv, __FILE__, __LINE__, "sds",
135 "(warning) close:", con->fd, strerror(errno));
136 }
137 #else
138 if (close(con->fd)) {
139 log_error_write(srv, __FILE__, __LINE__, "sds",
140 "(warning) close:", con->fd, strerror(errno));
141 }
142 #endif
143 else {
144 srv->cur_fds--;
145 }
146
147 con->fd = -1;
148 connection_del(srv, con);
149 connection_set_state(srv, con, CON_STATE_CONNECT);
150
151 return 0;
152 }
153
154 static void connection_handle_close_state(server *srv, connection *con) {
155 /* we have to do the linger_on_close stuff regardless
156 * of con->keep_alive; even non-keepalive sockets may
157 * still have unread data, and closing before reading
158 * it will make the client not see all our output.
159 */
160 int len;
161 char buf[1024];
162
163 len = read(con->fd, buf, sizeof(buf));
164 if (len == 0 || (len < 0 && errno != EAGAIN && errno != EINTR) ) {
165 con->close_timeout_ts = srv->cur_ts - (HTTP_LINGER_TIMEOUT+1);
166 }
167
168 if (srv->cur_ts - con->close_timeout_ts > HTTP_LINGER_TIMEOUT) {
169 connection_close(srv, con);
170
171 if (srv->srvconf.log_state_handling) {
172 log_error_write(srv, __FILE__, __LINE__, "sd",
173 "connection closed for fd", con->fd);
174 }
175 }
176 }
177
178 static void connection_handle_shutdown(server *srv, connection *con) {
179 int r;
180
181 #ifdef USE_OPENSSL
182 server_socket *srv_sock = con->srv_socket;
183 if (srv_sock->is_ssl && SSL_is_init_finished(con->ssl)) {
184 int ret, ssl_r;
185 unsigned long err;
186 ERR_clear_error();
187 switch ((ret = SSL_shutdown(con->ssl))) {
188 case 1:
189 /* ok */
190 break;
191 case 0:
192 /* wait for fd-event
193 *
194 * FIXME: wait for fdevent and call SSL_shutdown again
195 *
196 */
197 ERR_clear_error();
198 if (-1 != (ret = SSL_shutdown(con->ssl))) break;
199
200 /* fall through */
201 default:
202
203 switch ((ssl_r = SSL_get_error(con->ssl, ret))) {
204 case SSL_ERROR_ZERO_RETURN:
205 break;
206 case SSL_ERROR_WANT_WRITE:
207 /*con->is_writable = -1;*//*(no effect; shutdown() called below)*/
208 case SSL_ERROR_WANT_READ:
209 break;
210 case SSL_ERROR_SYSCALL:
211 /* perhaps we have error waiting in our error-queue */
212 if (0 != (err = ERR_get_error())) {
213 do {
214 log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
215 ssl_r, ret,
216 ERR_error_string(err, NULL));
217 } while((err = ERR_get_error()));
218 } else if (errno != 0) { /* ssl bug (see lighttpd ticket #2213): sometimes errno == 0 */
219 switch(errno) {
220 case EPIPE:
221 case ECONNRESET:
222 break;
223 default:
224 log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL (error):",
225 ssl_r, ret, errno,
226 strerror(errno));
227 break;
228 }
229 }
230
231 break;
232 default:
233 while((err = ERR_get_error())) {
234 log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
235 ssl_r, ret,
236 ERR_error_string(err, NULL));
237 }
238
239 break;
240 }
241 }
242 ERR_clear_error();
243 }
244 #endif
245
246 switch(r = plugins_call_handle_connection_close(srv, con)) {
247 case HANDLER_GO_ON:
248 case HANDLER_FINISHED:
249 break;
250 default:
251 log_error_write(srv, __FILE__, __LINE__, "sd", "unhandling return value", r);
252 break;
253 }
254
255 srv->con_closed++;
256 connection_reset(srv, con);
257
258 /* close the connection */
259 if ((0 == shutdown(con->fd, SHUT_WR))) {
260 con->close_timeout_ts = srv->cur_ts;
261 connection_set_state(srv, con, CON_STATE_CLOSE);
262
263 if (srv->srvconf.log_state_handling) {
264 log_error_write(srv, __FILE__, __LINE__, "sd",
265 "shutdown for fd", con->fd);
266 }
267 } else {
268 connection_close(srv, con);
269 }
270 }
271
272 static void connection_handle_response_end_state(server *srv, connection *con) {
273 /* log the request */
274 /* (even if error, connection dropped, still write to access log if http_status) */
275 if (con->http_status) {
276 plugins_call_handle_request_done(srv, con);
277 }
278
279 if (con->state != CON_STATE_ERROR) srv->con_written++;
280
281 if ((con->request.content_length
282 && (off_t)con->request.content_length > con->request_content_queue->bytes_in)
283 || con->state == CON_STATE_ERROR) {
284 /* request body is present and has not been read completely */
285 con->keep_alive = 0;
286 }
287
288 if (con->keep_alive) {
289 connection_reset(srv, con);
290 #if 0
291 con->request_start = srv->cur_ts;
292 con->read_idle_ts = srv->cur_ts;
293 #endif
294 connection_set_state(srv, con, CON_STATE_REQUEST_START);
295 } else {
296 connection_handle_shutdown(srv, con);
297 }
298 }
299
300 static void connection_handle_errdoc_init(server *srv, connection *con) {
301 /* modules that produce headers required with error response should
302 * typically also produce an error document. Make an exception for
303 * mod_auth WWW-Authenticate response header. */
304 buffer *www_auth = NULL;
305 if (401 == con->http_status) {
306 data_string *ds = (data_string *)array_get_element(con->response.headers, "WWW-Authenticate");
307 if (NULL != ds) {
308 www_auth = buffer_init_buffer(ds->value);
309 }
310 }
311
312 con->response.transfer_encoding = 0;
313 buffer_reset(con->physical.path);
314 array_reset(con->response.headers);
315 chunkqueue_reset(con->write_queue);
316
317 if (NULL != www_auth) {
318 response_header_insert(srv, con, CONST_STR_LEN("WWW-Authenticate"), CONST_BUF_LEN(www_auth));
319 buffer_free(www_auth);
320 }
321 }
322
323 static int connection_handle_write_prepare(server *srv, connection *con) {
324 if (con->mode == DIRECT) {
325 /* static files */
326 switch(con->request.http_method) {
327 case HTTP_METHOD_GET:
328 case HTTP_METHOD_POST:
329 case HTTP_METHOD_HEAD:
330 break;
331 case HTTP_METHOD_OPTIONS:
332 /*
333 * 400 is coming from the request-parser BEFORE uri.path is set
334 * 403 is from the response handler when noone else catched it
335 *
336 * */
337 if ((!con->http_status || con->http_status == 200) && !buffer_string_is_empty(con->uri.path) &&
338 con->uri.path->ptr[0] != '*') {
339 response_header_insert(srv, con, CONST_STR_LEN("Allow"), CONST_STR_LEN("OPTIONS, GET, HEAD, POST"));
340
341 con->response.transfer_encoding &= ~HTTP_TRANSFER_ENCODING_CHUNKED;
342 con->parsed_response &= ~HTTP_CONTENT_LENGTH;
343
344 con->http_status = 200;
345 con->file_finished = 1;
346
347 chunkqueue_reset(con->write_queue);
348 }
349 break;
350 default:
351 if (0 == con->http_status) {
352 con->http_status = 501;
353 }
354 break;
355 }
356 }
357
358 if (con->http_status == 0) {
359 con->http_status = 403;
360 }
361
362 switch(con->http_status) {
363 case 204: /* class: header only */
364 case 205:
365 case 304:
366 /* disable chunked encoding again as we have no body */
367 con->response.transfer_encoding &= ~HTTP_TRANSFER_ENCODING_CHUNKED;
368 con->parsed_response &= ~HTTP_CONTENT_LENGTH;
369 chunkqueue_reset(con->write_queue);
370
371 con->file_finished = 1;
372 break;
373 default: /* class: header + body */
374 if (con->mode != DIRECT) break;
375
376 /* only custom body for 4xx and 5xx */
377 if (con->http_status < 400 || con->http_status >= 600) break;
378
379 con->file_finished = 0;
380
381 connection_handle_errdoc_init(srv, con);
382
383 /* try to send static errorfile */
384 if (!buffer_string_is_empty(con->conf.errorfile_prefix)) {
385 stat_cache_entry *sce = NULL;
386
387 buffer_copy_buffer(con->physical.path, con->conf.errorfile_prefix);
388 buffer_append_int(con->physical.path, con->http_status);
389 buffer_append_string_len(con->physical.path, CONST_STR_LEN(".html"));
390
391 if (0 == http_chunk_append_file(srv, con, con->physical.path)) {
392 con->file_finished = 1;
393 if (HANDLER_ERROR != stat_cache_get_entry(srv, con, con->physical.path, &sce)) {
394 response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_BUF_LEN(sce->content_type));
395 }
396 }
397 }
398
399 if (!con->file_finished) {
400 buffer *b;
401
402 buffer_reset(con->physical.path);
403
404 con->file_finished = 1;
405 b = buffer_init();
406
407 /* build default error-page */
408 buffer_copy_string_len(b, CONST_STR_LEN(
409 "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?>\n"
410 "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n"
411 " \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n"
412 "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">\n"
413 " <head>\n"
414 " <title>"));
415 buffer_append_int(b, con->http_status);
416 buffer_append_string_len(b, CONST_STR_LEN(" - "));
417 buffer_append_string(b, get_http_status_name(con->http_status));
418
419 buffer_append_string_len(b, CONST_STR_LEN(
420 "</title>\n"
421 " </head>\n"
422 " <body>\n"
423 " <h1>"));
424 buffer_append_int(b, con->http_status);
425 buffer_append_string_len(b, CONST_STR_LEN(" - "));
426 buffer_append_string(b, get_http_status_name(con->http_status));
427
428 buffer_append_string_len(b, CONST_STR_LEN("</h1>\n"
429 " </body>\n"
430 "</html>\n"
431 ));
432
433 (void)http_chunk_append_buffer(srv, con, b);
434 buffer_free(b);
435
436 response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/html"));
437 }
438 break;
439 }
440
441 /* Allow filter plugins to change response headers before they are written. */
442 switch(plugins_call_handle_response_start(srv, con)) {
443 case HANDLER_GO_ON:
444 case HANDLER_FINISHED:
445 break;
446 default:
447 log_error_write(srv, __FILE__, __LINE__, "s", "response_start plugin failed");
448 return -1;
449 }
450
451 if (con->file_finished) {
452 /* we have all the content and chunked encoding is not used, set a content-length */
453
454 if ((!(con->parsed_response & HTTP_CONTENT_LENGTH)) &&
455 (con->response.transfer_encoding & HTTP_TRANSFER_ENCODING_CHUNKED) == 0) {
456 off_t qlen = chunkqueue_length(con->write_queue);
457
458 /**
459 * The Content-Length header only can be sent if we have content:
460 * - HEAD doesn't have a content-body (but have a content-length)
461 * - 1xx, 204 and 304 don't have a content-body (RFC 2616 Section 4.3)
462 *
463 * Otherwise generate a Content-Length header as chunked encoding is not
464 * available
465 */
466 if ((con->http_status >= 100 && con->http_status < 200) ||
467 con->http_status == 204 ||
468 con->http_status == 304) {
469 data_string *ds;
470 /* no Content-Body, no Content-Length */
471 if (NULL != (ds = (data_string*) array_get_element(con->response.headers, "Content-Length"))) {
472 buffer_reset(ds->value); /* Headers with empty values are ignored for output */
473 }
474 } else if (qlen > 0 || con->request.http_method != HTTP_METHOD_HEAD) {
475 /* qlen = 0 is important for Redirects (301, ...) as they MAY have
476 * a content. Browsers are waiting for a Content otherwise
477 */
478 buffer_copy_int(srv->tmp_buf, qlen);
479
480 response_header_overwrite(srv, con, CONST_STR_LEN("Content-Length"), CONST_BUF_LEN(srv->tmp_buf));
481 }
482 }
483 } else {
484 /**
485 * the file isn't finished yet, but we have all headers
486 *
487 * to get keep-alive we either need:
488 * - Content-Length: ... (HTTP/1.0 and HTTP/1.0) or
489 * - Transfer-Encoding: chunked (HTTP/1.1)
490 */
491
492 if (((con->parsed_response & HTTP_CONTENT_LENGTH) == 0) &&
493 ((con->response.transfer_encoding & HTTP_TRANSFER_ENCODING_CHUNKED) == 0)) {
494 if (con->request.http_version == HTTP_VERSION_1_1) {
495 off_t qlen = chunkqueue_length(con->write_queue);
496 con->response.transfer_encoding = HTTP_TRANSFER_ENCODING_CHUNKED;
497 if (qlen) {
498 /* create initial Transfer-Encoding: chunked segment */
499 buffer *b = srv->tmp_chunk_len;
500 buffer_string_set_length(b, 0);
501 buffer_append_uint_hex(b, (uintmax_t)qlen);
502 buffer_append_string_len(b, CONST_STR_LEN("\r\n"));
503 chunkqueue_prepend_buffer(con->write_queue, b);
504 chunkqueue_append_mem(con->write_queue, CONST_STR_LEN("\r\n"));
505 }
506 } else {
507 con->keep_alive = 0;
508 }
509 }
510
511 /**
512 * if the backend sent a Connection: close, follow the wish
513 *
514 * NOTE: if the backend sent Connection: Keep-Alive, but no Content-Length, we
515 * will close the connection. That's fine. We can always decide the close
516 * the connection
517 *
518 * FIXME: to be nice we should remove the Connection: ...
519 */
520 if (con->parsed_response & HTTP_CONNECTION) {
521 /* a subrequest disable keep-alive although the client wanted it */
522 if (con->keep_alive && !con->response.keep_alive) {
523 con->keep_alive = 0;
524 }
525 }
526 }
527
528 if (con->request.http_method == HTTP_METHOD_HEAD) {
529 /**
530 * a HEAD request has the same as a GET
531 * without the content
532 */
533 con->file_finished = 1;
534
535 chunkqueue_reset(con->write_queue);
536 con->response.transfer_encoding &= ~HTTP_TRANSFER_ENCODING_CHUNKED;
537 }
538
539 http_response_write_header(srv, con);
540
541 return 0;
542 }
543
544 static int connection_handle_write(server *srv, connection *con) {
545 switch(network_write_chunkqueue(srv, con, con->write_queue, MAX_WRITE_LIMIT)) {
546 case 0:
547 con->write_request_ts = srv->cur_ts;
548 if (con->file_finished) {
549 connection_set_state(srv, con, CON_STATE_RESPONSE_END);
550 }
551 break;
552 case -1: /* error on our side */
553 log_error_write(srv, __FILE__, __LINE__, "sd",
554 "connection closed: write failed on fd", con->fd);
555 connection_set_state(srv, con, CON_STATE_ERROR);
556 break;
557 case -2: /* remote close */
558 connection_set_state(srv, con, CON_STATE_ERROR);
559 break;
560 case 1:
561 con->write_request_ts = srv->cur_ts;
562 con->is_writable = 0;
563
564 /* not finished yet -> WRITE */
565 break;
566 }
567
568 return 0;
569 }
570
571
572
573 connection *connection_init(server *srv) {
574 connection *con;
575
576 UNUSED(srv);
577
578 con = calloc(1, sizeof(*con));
579 force_assert(NULL != con);
580
581 con->fd = 0;
582 con->ndx = -1;
583 con->fde_ndx = -1;
584 con->bytes_written = 0;
585 con->bytes_read = 0;
586 con->bytes_header = 0;
587 con->loops_per_request = 0;
588
589 #define CLEAN(x) \
590 con->x = buffer_init();
591
592 CLEAN(request.uri);
593 CLEAN(request.request_line);
594 CLEAN(request.request);
595 CLEAN(request.pathinfo);
596
597 CLEAN(request.orig_uri);
598
599 CLEAN(uri.scheme);
600 CLEAN(uri.authority);
601 CLEAN(uri.path);
602 CLEAN(uri.path_raw);
603 CLEAN(uri.query);
604
605 CLEAN(physical.doc_root);
606 CLEAN(physical.path);
607 CLEAN(physical.basedir);
608 CLEAN(physical.rel_path);
609 CLEAN(physical.etag);
610 CLEAN(parse_request);
611
612 CLEAN(server_name);
613 CLEAN(dst_addr_buf);
614 #if defined USE_OPENSSL && ! defined OPENSSL_NO_TLSEXT
615 CLEAN(tlsext_server_name);
616 #endif
617
618 #undef CLEAN
619 con->write_queue = chunkqueue_init();
620 con->read_queue = chunkqueue_init();
621 con->request_content_queue = chunkqueue_init();
622
623 con->request.headers = array_init();
624 con->response.headers = array_init();
625 con->environment = array_init();
626
627 /* init plugin specific connection structures */
628
629 con->plugin_ctx = calloc(1, (srv->plugins.used + 1) * sizeof(void *));
630 force_assert(NULL != con->plugin_ctx);
631
632 con->cond_cache = calloc(srv->config_context->used, sizeof(cond_cache_t));
633 force_assert(NULL != con->cond_cache);
634 config_setup_connection(srv, con);
635
636 return con;
637 }
638
639 void connections_free(server *srv) {
640 connections *conns = srv->conns;
641 size_t i;
642
643 for (i = 0; i < conns->size; i++) {
644 connection *con = conns->ptr[i];
645
646 connection_reset(srv, con);
647
648 chunkqueue_free(con->write_queue);
649 chunkqueue_free(con->read_queue);
650 chunkqueue_free(con->request_content_queue);
651 array_free(con->request.headers);
652 array_free(con->response.headers);
653 array_free(con->environment);
654
655 #define CLEAN(x) \
656 buffer_free(con->x);
657
658 CLEAN(request.uri);
659 CLEAN(request.request_line);
660 CLEAN(request.request);
661 CLEAN(request.pathinfo);
662
663 CLEAN(request.orig_uri);
664
665 CLEAN(uri.scheme);
666 CLEAN(uri.authority);
667 CLEAN(uri.path);
668 CLEAN(uri.path_raw);
669 CLEAN(uri.query);
670
671 CLEAN(physical.doc_root);
672 CLEAN(physical.path);
673 CLEAN(physical.basedir);
674 CLEAN(physical.etag);
675 CLEAN(physical.rel_path);
676 CLEAN(parse_request);
677
678 CLEAN(server_name);
679 CLEAN(dst_addr_buf);
680 #if defined USE_OPENSSL && ! defined OPENSSL_NO_TLSEXT
681 CLEAN(tlsext_server_name);
682 #endif
683 #undef CLEAN
684 free(con->plugin_ctx);
685 free(con->cond_cache);
686
687 free(con);
688 }
689
690 free(conns->ptr);
691 }
692
693
694 int connection_reset(server *srv, connection *con) {
695 size_t i;
696
697 plugins_call_connection_reset(srv, con);
698
699 con->is_readable = 1;
700 con->is_writable = 1;
701 con->http_status = 0;
702 con->file_finished = 0;
703 con->file_started = 0;
704 con->got_response = 0;
705
706 con->parsed_response = 0;
707
708 con->bytes_written = 0;
709 con->bytes_written_cur_second = 0;
710 con->bytes_read = 0;
711 con->bytes_header = 0;
712 con->loops_per_request = 0;
713
714 con->request.http_method = HTTP_METHOD_UNSET;
715 con->request.http_version = HTTP_VERSION_UNSET;
716
717 con->request.http_if_modified_since = NULL;
718 con->request.http_if_none_match = NULL;
719
720 con->response.keep_alive = 0;
721 con->response.content_length = -1;
722 con->response.transfer_encoding = 0;
723
724 con->mode = DIRECT;
725
726 #define CLEAN(x) \
727 if (con->x) buffer_reset(con->x);
728
729 CLEAN(request.uri);
730 CLEAN(request.request_line);
731 CLEAN(request.pathinfo);
732 CLEAN(request.request);
733
734 /* CLEAN(request.orig_uri); */
735
736 CLEAN(uri.scheme);
737 /* CLEAN(uri.authority); */
738 /* CLEAN(uri.path); */
739 CLEAN(uri.path_raw);
740 /* CLEAN(uri.query); */
741
742 CLEAN(physical.doc_root);
743 CLEAN(physical.path);
744 CLEAN(physical.basedir);
745 CLEAN(physical.rel_path);
746 CLEAN(physical.etag);
747
748 CLEAN(parse_request);
749
750 CLEAN(server_name);
751 #if defined USE_OPENSSL && ! defined OPENSSL_NO_TLSEXT
752 CLEAN(tlsext_server_name);
753 #endif
754 #undef CLEAN
755
756 #define CLEAN(x) \
757 if (con->x) con->x->used = 0;
758
759 #undef CLEAN
760
761 #define CLEAN(x) \
762 con->request.x = NULL;
763
764 CLEAN(http_host);
765 CLEAN(http_range);
766 CLEAN(http_content_type);
767 #undef CLEAN
768 con->request.content_length = 0;
769
770 array_reset(con->request.headers);
771 array_reset(con->response.headers);
772 array_reset(con->environment);
773
774 chunkqueue_reset(con->write_queue);
775 chunkqueue_reset(con->request_content_queue);
776
777 /* the plugins should cleanup themself */
778 for (i = 0; i < srv->plugins.used; i++) {
779 plugin *p = ((plugin **)(srv->plugins.ptr))[i];
780 plugin_data *pd = p->data;
781
782 if (!pd) continue;
783
784 if (con->plugin_ctx[pd->id] != NULL) {
785 log_error_write(srv, __FILE__, __LINE__, "sb", "missing cleanup in", p->name);
786 }
787
788 con->plugin_ctx[pd->id] = NULL;
789 }
790
791 /* The cond_cache gets reset in response.c */
792 /* config_cond_cache_reset(srv, con); */
793
794 con->header_len = 0;
795 con->error_handler_saved_status = 0;
796 /*con->error_handler_saved_method = HTTP_METHOD_UNSET;*/
797 /*(error_handler_saved_method value is not valid unless error_handler_saved_status is set)*/
798
799 config_setup_connection(srv, con);
800
801 return 0;
802 }
803
804 /**
805 * handle all header and content read
806 *
807 * we get called by the state-engine and by the fdevent-handler
808 */
809 static int connection_handle_read_state(server *srv, connection *con) {
810 chunk *c, *last_chunk;
811 off_t last_offset;
812 chunkqueue *cq = con->read_queue;
813 int is_closed = 0; /* the connection got closed, if we don't have a complete header, -> error */
814 /* when in CON_STATE_READ: about to receive first byte for a request: */
815 int is_request_start = chunkqueue_is_empty(cq);
816
817 if (con->is_readable) {
818 con->read_idle_ts = srv->cur_ts;
819
820 switch(connection_handle_read(srv, con)) {
821 case -1:
822 return -1;
823 case -2:
824 is_closed = 1;
825 break;
826 default:
827 break;
828 }
829 }
830
831 chunkqueue_remove_finished_chunks(cq);
832
833 /* we might have got several packets at once
834 */
835
836 /* update request_start timestamp when first byte of
837 * next request is received on a keep-alive connection */
838 if (con->request_count > 1 && is_request_start) {
839 con->request_start = srv->cur_ts;
840 if (con->conf.high_precision_timestamps)
841 log_clock_gettime_realtime(&con->request_start_hp);
842 }
843
844 /* if there is a \r\n\r\n in the chunkqueue
845 *
846 * scan the chunk-queue twice
847 * 1. to find the \r\n\r\n
848 * 2. to copy the header-packet
849 *
850 */
851
852 last_chunk = NULL;
853 last_offset = 0;
854
855 for (c = cq->first; c; c = c->next) {
856 size_t i;
857 size_t len = buffer_string_length(c->mem) - c->offset;
858 const char *b = c->mem->ptr + c->offset;
859
860 for (i = 0; i < len; ++i) {
861 char ch = b[i];
862
863 if ('\r' == ch) {
864 /* chec if \n\r\n follows */
865 size_t j = i+1;
866 chunk *cc = c;
867 const char header_end[] = "\r\n\r\n";
868 int header_end_match_pos = 1;
869
870 for ( ; cc; cc = cc->next, j = 0 ) {
871 size_t bblen = buffer_string_length(cc->mem) - cc->offset;
872 const char *bb = cc->mem->ptr + cc->offset;
873
874 for ( ; j < bblen; j++) {
875 ch = bb[j];
876
877 if (ch == header_end[header_end_match_pos]) {
878 header_end_match_pos++;
879 if (4 == header_end_match_pos) {
880 last_chunk = cc;
881 last_offset = j+1;
882 goto found_header_end;
883 }
884 } else {
885 goto reset_search;
886 }
887 }
888 }
889 }
890 reset_search: ;
891 }
892 }
893 found_header_end:
894
895 /* found */
896 if (last_chunk) {
897 buffer_reset(con->request.request);
898
899 for (c = cq->first; c; c = c->next) {
900 size_t len = buffer_string_length(c->mem) - c->offset;
901
902 if (c == last_chunk) {
903 len = last_offset;
904 }
905
906 buffer_append_string_len(con->request.request, c->mem->ptr + c->offset, len);
907 c->offset += len;
908 cq->bytes_out += len;
909
910 if (c == last_chunk) break;
911 }
912
913 connection_set_state(srv, con, CON_STATE_REQUEST_END);
914 } else if (is_closed) {
915 /* the connection got closed and we didn't got enough data to leave CON_STATE_READ;
916 * the only way is to leave here */
917 connection_set_state(srv, con, CON_STATE_ERROR);
918 }
919
920 if ((last_chunk ? buffer_string_length(con->request.request) : (size_t)chunkqueue_length(cq))
921 > srv->srvconf.max_request_field_size) {
922 log_error_write(srv, __FILE__, __LINE__, "s", "oversized request-header -> sending Status 431");
923 con->http_status = 431; /* Request Header Fields Too Large */
924 con->keep_alive = 0;
925 connection_set_state(srv, con, CON_STATE_HANDLE_REQUEST);
926 }
927
928 chunkqueue_remove_finished_chunks(cq);
929
930 return 0;
931 }
932
933 static handler_t connection_handle_fdevent(server *srv, void *context, int revents) {
934 connection *con = context;
935
936 joblist_append(srv, con);
937
938 if (con->srv_socket->is_ssl) {
939 /* ssl may read and write for both reads and writes */
940 if (revents & (FDEVENT_IN | FDEVENT_OUT)) {
941 con->is_readable = 1;
942 con->is_writable = 1;
943 }
944 } else {
945 if (revents & FDEVENT_IN) {
946 con->is_readable = 1;
947 }
948 if (revents & FDEVENT_OUT) {
949 con->is_writable = 1;
950 /* we don't need the event twice */
951 }
952 }
953
954
955 if (con->state == CON_STATE_READ) {
956 connection_handle_read_state(srv, con);
957 }
958
959 if (con->state == CON_STATE_WRITE &&
960 !chunkqueue_is_empty(con->write_queue) &&
961 con->is_writable) {
962
963 if (-1 == connection_handle_write(srv, con)) {
964 connection_set_state(srv, con, CON_STATE_ERROR);
965
966 log_error_write(srv, __FILE__, __LINE__, "ds",
967 con->fd,
968 "handle write failed.");
969 }
970 }
971
972 if (con->state == CON_STATE_CLOSE) {
973 /* flush the read buffers */
974 int len;
975 char buf[1024];
976
977 len = read(con->fd, buf, sizeof(buf));
978 if (len == 0 || (len < 0 && errno != EAGAIN && errno != EINTR) ) {
979 con->close_timeout_ts = srv->cur_ts - (HTTP_LINGER_TIMEOUT+1);
980 }
981 }
982
983
984 /* attempt (above) to read data in kernel socket buffers
985 * prior to handling FDEVENT_HUP and FDEVENT_ERR */
986
987 if ((revents & ~(FDEVENT_IN | FDEVENT_OUT)) && con->state != CON_STATE_ERROR) {
988 if (con->state == CON_STATE_CLOSE) {
989 con->close_timeout_ts = srv->cur_ts - (HTTP_LINGER_TIMEOUT+1);
990 } else if (revents & FDEVENT_HUP) {
991 if (fdevent_is_tcp_half_closed(con->fd)) {
992 con->keep_alive = 0;
993 } else {
994 connection_set_state(srv, con, CON_STATE_ERROR);
995 }
996 } else if (revents & FDEVENT_ERR) { /* error, connection reset */
997 connection_set_state(srv, con, CON_STATE_ERROR);
998 } else {
999 log_error_write(srv, __FILE__, __LINE__, "sd",
1000 "connection closed: poll() -> ???", revents);
1001 }
1002 }
1003
1004 return HANDLER_FINISHED;
1005 }
1006
1007
1008 connection *connection_accept(server *srv, server_socket *srv_socket) {
1009 /* accept everything */
1010
1011 /* search an empty place */
1012 int cnt;
1013 sock_addr cnt_addr;
1014 socklen_t cnt_len;
1015 /* accept it and register the fd */
1016
1017 /**
1018 * check if we can still open a new connections
1019 *
1020 * see #1216
1021 */
1022
1023 if (srv->conns->used >= srv->max_conns) {
1024 return NULL;
1025 }
1026
1027 cnt_len = sizeof(cnt_addr);
1028
1029 #if defined(SOCK_CLOEXEC) && defined(SOCK_NONBLOCK)
1030 cnt = accept4(srv_socket->fd, (struct sockaddr *) &cnt_addr, &cnt_len, SOCK_CLOEXEC | SOCK_NONBLOCK);
1031 #else
1032 cnt = accept(srv_socket->fd, (struct sockaddr *) &cnt_addr, &cnt_len);
1033 #endif
1034 if (-1 == cnt) {
1035 switch (errno) {
1036 case EAGAIN:
1037 #if EWOULDBLOCK != EAGAIN
1038 case EWOULDBLOCK:
1039 #endif
1040 case EINTR:
1041 /* we were stopped _before_ we had a connection */
1042 case ECONNABORTED: /* this is a FreeBSD thingy */
1043 /* we were stopped _after_ we had a connection */
1044 break;
1045 case EMFILE:
1046 /* out of fds */
1047 break;
1048 default:
1049 log_error_write(srv, __FILE__, __LINE__, "ssd", "accept failed:", strerror(errno), errno);
1050 }
1051 return NULL;
1052 } else {
1053 if (cnt_addr.plain.sa_family != AF_UNIX) {
1054 network_accept_tcp_nagle_disable(cnt);
1055 }
1056 return connection_accepted(srv, srv_socket, &cnt_addr, cnt);
1057 }
1058 }
1059
1060 connection *connection_accepted(server *srv, server_socket *srv_socket, sock_addr *cnt_addr, int cnt) {
1061 connection *con;
1062
1063 srv->cur_fds++;
1064
1065 /* ok, we have the connection, register it */
1066 #if 0
1067 log_error_write(srv, __FILE__, __LINE__, "sd",
1068 "appected()", cnt);
1069 #endif
1070 srv->con_opened++;
1071
1072 con = connections_get_new_connection(srv);
1073
1074 con->fd = cnt;
1075 con->fde_ndx = -1;
1076 fdevent_register(srv->ev, con->fd, connection_handle_fdevent, con);
1077
1078 connection_set_state(srv, con, CON_STATE_REQUEST_START);
1079
1080 con->connection_start = srv->cur_ts;
1081 con->dst_addr = *cnt_addr;
1082 buffer_copy_string(con->dst_addr_buf, inet_ntop_cache_get_ip(srv, &(con->dst_addr)));
1083 con->srv_socket = srv_socket;
1084
1085 if (-1 == fdevent_fcntl_set_nb_cloexec_sock(srv->ev, con->fd)) {
1086 log_error_write(srv, __FILE__, __LINE__, "ss", "fcntl failed: ", strerror(errno));
1087 connection_close(srv, con);
1088 return NULL;
1089 }
1090 #ifdef USE_OPENSSL
1091 /* connect FD to SSL */
1092 if (srv_socket->is_ssl) {
1093 if (NULL == (con->ssl = SSL_new(srv_socket->ssl_ctx))) {
1094 log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
1095 ERR_error_string(ERR_get_error(), NULL));
1096
1097 connection_close(srv, con);
1098 return NULL;
1099 }
1100
1101 con->renegotiations = 0;
1102 SSL_set_app_data(con->ssl, con);
1103 SSL_set_accept_state(con->ssl);
1104
1105 if (1 != (SSL_set_fd(con->ssl, cnt))) {
1106 log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
1107 ERR_error_string(ERR_get_error(), NULL));
1108 connection_close(srv, con);
1109 return NULL;
1110 }
1111 }
1112 #endif
1113 return con;
1114 }
1115
1116
1117 int connection_state_machine(server *srv, connection *con) {
1118 int done = 0, r;
1119
1120 if (srv->srvconf.log_state_handling) {
1121 log_error_write(srv, __FILE__, __LINE__, "sds",
1122 "state at start",
1123 con->fd,
1124 connection_get_state(con->state));
1125 }
1126
1127 while (done == 0) {
1128 size_t ostate = con->state;
1129
1130 if (srv->srvconf.log_state_handling) {
1131 log_error_write(srv, __FILE__, __LINE__, "sds",
1132 "state for fd", con->fd, connection_get_state(con->state));
1133 }
1134
1135 switch (con->state) {
1136 case CON_STATE_REQUEST_START: /* transient */
1137 con->request_start = srv->cur_ts;
1138 con->read_idle_ts = srv->cur_ts;
1139 if (con->conf.high_precision_timestamps)
1140 log_clock_gettime_realtime(&con->request_start_hp);
1141
1142 con->request_count++;
1143 con->loops_per_request = 0;
1144
1145 connection_set_state(srv, con, CON_STATE_READ);
1146
1147 break;
1148 case CON_STATE_REQUEST_END: /* transient */
1149 buffer_reset(con->uri.authority);
1150 buffer_reset(con->uri.path);
1151 buffer_reset(con->uri.query);
1152 buffer_reset(con->request.orig_uri);
1153
1154 if (http_request_parse(srv, con)) {
1155 /* we have to read some data from the POST request */
1156
1157 connection_set_state(srv, con, CON_STATE_READ_POST);
1158
1159 break;
1160 }
1161
1162 connection_set_state(srv, con, CON_STATE_HANDLE_REQUEST);
1163
1164 break;
1165 case CON_STATE_READ_POST:
1166 case CON_STATE_HANDLE_REQUEST:
1167 /*
1168 * the request is parsed
1169 *
1170 * decided what to do with the request
1171 * -
1172 *
1173 *
1174 */
1175
1176 switch (r = http_response_prepare(srv, con)) {
1177 case HANDLER_WAIT_FOR_EVENT:
1178 if (!con->file_finished && (!con->file_started || 0 == con->conf.stream_response_body)) {
1179 break; /* come back here */
1180 }
1181 /* response headers received from backend; fall through to start response */
1182 case HANDLER_FINISHED:
1183 if (con->error_handler_saved_status > 0) {
1184 con->request.http_method = con->error_handler_saved_method;
1185 }
1186 if (con->mode == DIRECT) {
1187 if (con->error_handler_saved_status) {
1188 if (con->error_handler_saved_status > 0) {
1189 con->http_status = con->error_handler_saved_status;
1190 } else if (con->http_status == 404 || con->http_status == 403) {
1191 /* error-handler-404 is a 404 */
1192 con->http_status = -con->error_handler_saved_status;
1193 } else {
1194 /* error-handler-404 is back and has generated content */
1195 /* if Status: was set, take it otherwise use 200 */
1196 }
1197 } else if (con->http_status >= 400) {
1198 buffer *error_handler = NULL;
1199 if (!buffer_string_is_empty(con->conf.error_handler)) {
1200 error_handler = con->conf.error_handler;
1201 } else if ((con->http_status == 404 || con->http_status == 403)
1202 && !buffer_string_is_empty(con->conf.error_handler_404)) {
1203 error_handler = con->conf.error_handler_404;
1204 }
1205
1206 if (error_handler) {
1207 /* call error-handler */
1208
1209 /* set REDIRECT_STATUS to save current HTTP status code
1210 * for access by dynamic handlers
1211 * https://redmine.lighttpd.net/issues/1828 */
1212 data_string *ds;
1213 if (NULL == (ds = (data_string *)array_get_unused_element(con->environment, TYPE_STRING))) {
1214 ds = data_string_init();
1215 }
1216 buffer_copy_string_len(ds->key, CONST_STR_LEN("REDIRECT_STATUS"));
1217 buffer_append_int(ds->value, con->http_status);
1218 array_insert_unique(con->environment, (data_unset *)ds);
1219
1220 if (error_handler == con->conf.error_handler) {
1221 plugins_call_connection_reset(srv, con);
1222
1223 if (con->request.content_length) {
1224 if ((off_t)con->request.content_length != chunkqueue_length(con->request_content_queue)) {
1225 con->keep_alive = 0;
1226 }
1227 con->request.content_length = 0;
1228 chunkqueue_reset(con->request_content_queue);
1229 }
1230
1231 con->is_writable = 1;
1232 con->file_finished = 0;
1233 con->file_started = 0;
1234 con->got_response = 0;
1235 con->parsed_response = 0;
1236 con->response.keep_alive = 0;
1237 con->response.content_length = -1;
1238 con->response.transfer_encoding = 0;
1239
1240 con->error_handler_saved_status = con->http_status;
1241 con->error_handler_saved_method = con->request.http_method;
1242
1243 con->request.http_method = HTTP_METHOD_GET;
1244 } else { /*(preserve behavior for server.error-handler-404)*/
1245 con->error_handler_saved_status = -con->http_status; /*(negative to flag old behavior)*/
1246 }
1247
1248 buffer_copy_buffer(con->request.uri, error_handler);
1249 connection_handle_errdoc_init(srv, con);
1250 con->http_status = 0; /*(after connection_handle_errdoc_init())*/
1251
1252 done = -1;
1253 break;
1254 }
1255 }
1256 }
1257 if (con->http_status == 0) con->http_status = 200;
1258
1259 /* we have something to send, go on */
1260 connection_set_state(srv, con, CON_STATE_RESPONSE_START);
1261 break;
1262 case HANDLER_WAIT_FOR_FD:
1263 srv->want_fds++;
1264
1265 fdwaitqueue_append(srv, con);
1266
1267 break;
1268 case HANDLER_COMEBACK:
1269 done = -1;
1270 break;
1271 case HANDLER_ERROR:
1272 /* something went wrong */
1273 connection_set_state(srv, con, CON_STATE_ERROR);
1274 break;
1275 default:
1276 log_error_write(srv, __FILE__, __LINE__, "sdd", "unknown ret-value: ", con->fd, r);
1277 break;
1278 }
1279
1280 if (con->state == CON_STATE_HANDLE_REQUEST && ostate == CON_STATE_READ_POST) {
1281 ostate = CON_STATE_HANDLE_REQUEST;
1282 }
1283 break;
1284 case CON_STATE_RESPONSE_START:
1285 /*
1286 * the decision is done
1287 * - create the HTTP-Response-Header
1288 *
1289 */
1290
1291 if (-1 == connection_handle_write_prepare(srv, con)) {
1292 connection_set_state(srv, con, CON_STATE_ERROR);
1293
1294 break;
1295 }
1296
1297 connection_set_state(srv, con, CON_STATE_WRITE);
1298 break;
1299 case CON_STATE_RESPONSE_END: /* transient */
1300 case CON_STATE_ERROR: /* transient */
1301 connection_handle_response_end_state(srv, con);
1302 break;
1303 case CON_STATE_CONNECT:
1304 chunkqueue_reset(con->read_queue);
1305
1306 con->request_count = 0;
1307
1308 break;
1309 case CON_STATE_CLOSE:
1310 connection_handle_close_state(srv, con);
1311 break;
1312 case CON_STATE_READ:
1313 connection_handle_read_state(srv, con);
1314 break;
1315 case CON_STATE_WRITE:
1316 do {
1317 /* only try to write if we have something in the queue */
1318 if (!chunkqueue_is_empty(con->write_queue)) {
1319 if (con->is_writable) {
1320 if (-1 == connection_handle_write(srv, con)) {
1321 log_error_write(srv, __FILE__, __LINE__, "ds",
1322 con->fd,
1323 "handle write failed.");
1324 connection_set_state(srv, con, CON_STATE_ERROR);
1325 break;
1326 }
1327 if (con->state != CON_STATE_WRITE) break;
1328 }
1329 } else if (con->file_finished) {
1330 connection_set_state(srv, con, CON_STATE_RESPONSE_END);
1331 break;
1332 }
1333
1334 if (con->mode != DIRECT && !con->file_finished) {
1335 switch(r = plugins_call_handle_subrequest(srv, con)) {
1336 case HANDLER_WAIT_FOR_EVENT:
1337 case HANDLER_FINISHED:
1338 case HANDLER_GO_ON:
1339 break;
1340 case HANDLER_WAIT_FOR_FD:
1341 srv->want_fds++;
1342 fdwaitqueue_append(srv, con);
1343 break;
1344 case HANDLER_COMEBACK:
1345 default:
1346 log_error_write(srv, __FILE__, __LINE__, "sdd", "unexpected subrequest handler ret-value: ", con->fd, r);
1347 /* fall through */
1348 case HANDLER_ERROR:
1349 connection_set_state(srv, con, CON_STATE_ERROR);
1350 break;
1351 }
1352 }
1353 } while (con->state == CON_STATE_WRITE && (!chunkqueue_is_empty(con->write_queue) ? con->is_writable : con->file_finished));
1354
1355 break;
1356 default:
1357 log_error_write(srv, __FILE__, __LINE__, "sdd",
1358 "unknown state:", con->fd, con->state);
1359
1360 break;
1361 }
1362
1363 if (done == -1) {
1364 done = 0;
1365 } else if (ostate == con->state) {
1366 done = 1;
1367 }
1368 }
1369
1370 if (srv->srvconf.log_state_handling) {
1371 log_error_write(srv, __FILE__, __LINE__, "sds",
1372 "state at exit:",
1373 con->fd,
1374 connection_get_state(con->state));
1375 }
1376
1377 r = 0;
1378 switch(con->state) {
1379 case CON_STATE_READ:
1380 case CON_STATE_CLOSE:
1381 r = FDEVENT_IN;
1382 break;
1383 case CON_STATE_WRITE:
1384 /* request write-fdevent only if we really need it
1385 * - if we have data to write
1386 * - if the socket is not writable yet
1387 */
1388 if (!chunkqueue_is_empty(con->write_queue) &&
1389 (con->is_writable == 0) &&
1390 (con->traffic_limit_reached == 0)) {
1391 r |= FDEVENT_OUT;
1392 }
1393 /* fall through */
1394 case CON_STATE_READ_POST:
1395 if (con->conf.stream_request_body & FDEVENT_STREAM_REQUEST_POLLIN) {
1396 r |= FDEVENT_IN;
1397 }
1398 break;
1399 default:
1400 break;
1401 }
1402 if (-1 != con->fd) {
1403 const int events = fdevent_event_get_interest(srv->ev, con->fd);
1404 if (con->is_readable < 0) {
1405 con->is_readable = 0;
1406 r |= FDEVENT_IN;
1407 }
1408 if (con->is_writable < 0) {
1409 con->is_writable = 0;
1410 r |= FDEVENT_OUT;
1411 }
1412 if (r != events) {
1413 /* update timestamps when enabling interest in events */
1414 if ((r & FDEVENT_IN) && !(events & FDEVENT_IN)) {
1415 con->read_idle_ts = srv->cur_ts;
1416 }
1417 if ((r & FDEVENT_OUT) && !(events & FDEVENT_OUT)) {
1418 con->write_request_ts = srv->cur_ts;
1419 }
1420 fdevent_event_set(srv->ev, &con->fde_ndx, con->fd, r);
1421 }
1422 }
1423
1424 return 0;
1425 }
A fast webserver with minimal memory-footprint (lighttpd)