17 #ifdef HAVE_INTTYPES_H
18 # include <inttypes.h>
26 #include "sys-socket.h"
27 #include "splaytree.h"
31 #if defined HAVE_LIBSSL && defined HAVE_OPENSSL_SSL_H
33 # include <openssl/opensslconf.h>
34 # ifndef USE_OPENSSL_KERBEROS
35 # ifndef OPENSSL_NO_KRB5
36 # define OPENSSL_NO_KRB5
39 # include <openssl/ssl.h>
40 # if ! defined OPENSSL_NO_TLSEXT && ! defined SSL_CTRL_SET_TLSEXT_HOSTNAME
41 # define OPENSSL_NO_TLSEXT
54 # define O_LARGEFILE 0
59 # define SIZE_MAX SIZE_T_MAX
61 # define SIZE_MAX ((size_t)~0)
66 # define SSIZE_MAX ((size_t)~0 >> 1)
70 #include <crt_externs.h>
71 #define environ (* _NSGetEnviron())
73 extern char **environ
;
76 /* for solaris 2.5 and NetBSD 1.3.x */
77 #ifndef HAVE_SOCKLEN_T
78 typedef int socklen_t
;
81 /* solaris and NetBSD 1.3.x again */
82 #if (!defined(HAVE_STDINT_H)) && (!defined(HAVE_INTTYPES_H)) && (!defined(uint32_t))
83 # define uint32_t u_int32_t
91 typedef enum { T_CONFIG_UNSET
,
100 } config_values_type_t
;
102 typedef enum { T_CONFIG_SCOPE_UNSET
,
103 T_CONFIG_SCOPE_SERVER
,
104 T_CONFIG_SCOPE_CONNECTION
105 } config_scope_type_t
;
111 config_values_type_t type
;
112 config_scope_type_t scope
;
115 typedef enum { DIRECT
, EXTERNAL
} connection_type
;
119 connection_type type
;
134 struct sockaddr_in6 ipv6
;
136 struct sockaddr_in ipv4
;
138 struct sockaddr_un un
;
140 struct sockaddr plain
;
143 /* fcgi_response_header contains ... */
144 #define HTTP_STATUS BV(0)
145 #define HTTP_CONNECTION BV(1)
146 #define HTTP_CONTENT_LENGTH BV(2)
147 #define HTTP_DATE BV(3)
148 #define HTTP_LOCATION BV(4)
152 /* the request-line */
158 http_method_t http_method
;
159 http_version_t http_version
;
161 buffer
*request_line
;
163 /* strings to the header */
164 buffer
*http_host
; /* not alloced */
165 const char *http_range
;
166 const char *http_content_type
;
167 const char *http_if_modified_since
;
168 const char *http_if_none_match
;
173 size_t content_length
; /* returned by strtoul() */
175 /* internal representation */
183 off_t content_length
;
184 int keep_alive
; /* used by the subrequests in proxy, cgi and fcgi to say the subrequest was keep-alive or not */
189 HTTP_TRANSFER_ENCODING_IDENTITY
, HTTP_TRANSFER_ENCODING_CHUNKED
194 buffer
*scheme
; /* scheme without colon or slashes ( "http" or "https" ) */
196 /* authority with optional portnumber ("site.name" or "site.name:8080" ) NOTE: without "username:password@" */
199 /* path including leading slash ("/" or "/index.html") - urldecoded, and sanitized ( buffer_path_simplify() && buffer_urldecode_path() ) */
201 buffer
*path_raw
; /* raw path, as sent from client. no urldecoding or path simplifying */
202 buffer
*query
; /* querystring ( everything after "?", ie: in "/index.php?foo=1", query is "foo=1" ) */
207 buffer
*basedir
; /* path = "(basedir)(.*)" */
209 buffer
*doc_root
; /* path = doc_root + rel_path */
231 buffer
*content_type
;
235 splay_tree
*files
; /* the nodes of the tree are stat_cache_entry's */
237 buffer
*dir_name
; /* for building the dirname from the filename */
239 splay_tree
*dirs
; /* the nodes of the tree are fam_dir_entry */
244 buffer
*hash_key
; /* temp-store for the hash-key */
250 /* virtual-servers */
251 buffer
*document_root
;
253 buffer
*error_handler
;
254 buffer
*error_handler_404
;
256 buffer
*dirlist_encoding
;
257 buffer
*errorfile_prefix
;
259 unsigned short high_precision_timestamps
;
260 unsigned short max_keep_alive_requests
;
261 unsigned short max_keep_alive_idle
;
262 unsigned short max_read_idle
;
263 unsigned short max_write_idle
;
264 unsigned short use_xattr
;
265 unsigned short follow_symlink
;
266 unsigned short range_requests
;
267 unsigned short stream_request_body
;
268 unsigned short stream_response_body
;
272 unsigned short log_file_not_found
;
273 unsigned short log_request_header
;
274 unsigned short log_request_handling
;
275 unsigned short log_response_header
;
276 unsigned short log_condition_handling
;
277 unsigned short log_ssl_noise
;
278 unsigned short log_timeouts
;
284 buffer
*ssl_cipher_list
;
286 buffer
*ssl_ec_curve
;
287 unsigned short ssl_honor_cipher_order
; /* determine SSL cipher in server-preferred order, not client-order */
288 unsigned short ssl_empty_fragments
; /* whether to not set SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS */
289 unsigned short ssl_use_sslv2
;
290 unsigned short ssl_use_sslv3
;
291 unsigned short ssl_verifyclient
;
292 unsigned short ssl_verifyclient_enforce
;
293 unsigned short ssl_verifyclient_depth
;
294 buffer
*ssl_verifyclient_username
;
295 unsigned short ssl_verifyclient_export_cert
;
296 unsigned short ssl_disable_client_renegotiation
;
298 unsigned short use_ipv6
, set_v6only
; /* set_v6only is only a temporary option */
299 unsigned short defer_accept
;
300 unsigned short ssl_enabled
; /* only interesting for setting up listening sockets. don't use at runtime */
301 unsigned short allow_http11
;
302 unsigned short etag_use_inode
;
303 unsigned short etag_use_mtime
;
304 unsigned short etag_use_size
;
305 unsigned short force_lowercase_filenames
; /* if the FS is case-insensitive, force all files to lower-case */
306 unsigned int http_parseopts
;
307 unsigned int max_request_size
;
310 unsigned short kbytes_per_second
; /* connection kb/s limit */
313 unsigned short global_kbytes_per_second
; /* */
315 off_t global_bytes_per_second_cnt
;
316 /* server-wide traffic-shaper
318 * each context has the counter which is inited once
319 * a second by the global_kbytes_per_second config-var
321 * as soon as global_kbytes_per_second gets below 0
322 * the connected conns are "offline" a little bit
325 * we somehow have to loose our "we are writable" signal
329 off_t
*global_bytes_per_second_cnt_ptr
; /* */
331 #if defined(__FreeBSD__) || defined(__NetBSD__) \
332 || defined(__OpenBSD__) || defined(__DragonflyBSD__)
333 buffer
*bsd_accept_filter
;
337 SSL_CTX
*ssl_ctx
; /* not patched */
338 /* SNI per host: with COMP_SERVER_SOCKET, COMP_HTTP_SCHEME, COMP_HTTP_HOST */
339 EVP_PKEY
*ssl_pemfile_pkey
;
340 X509
*ssl_pemfile_x509
;
341 STACK_OF(X509_NAME
) *ssl_ca_file_cert_names
;
345 /* the order of the items should be the same as they are processed
346 * read before write as we use this later */
349 CON_STATE_REQUEST_START
,
351 CON_STATE_REQUEST_END
,
353 CON_STATE_HANDLE_REQUEST
,
354 CON_STATE_RESPONSE_START
,
356 CON_STATE_RESPONSE_END
,
359 } connection_state_t
;
362 /* condition not active at the moment because itself or some
363 * pre-condition depends on data not available yet
367 /* special "unset" for branches not selected due to pre-conditions
368 * not met (but pre-conditions are not "unset" anymore)
372 /* actually evaluated the condition itself */
373 COND_RESULT_FALSE
, /* not active */
374 COND_RESULT_TRUE
, /* active */
378 /* current result (with preconditions) */
379 cond_result_t result
;
380 /* result without preconditions (must never be "skip") */
381 cond_result_t local_result
;
384 buffer
*comp_value
; /* just a pointer */
388 connection_state_t state
;
392 time_t close_timeout_ts
;
393 time_t write_request_ts
;
395 time_t connection_start
;
396 time_t request_start
;
397 struct timespec request_start_hp
;
399 size_t request_count
; /* number of requests handled in this connection */
400 size_t loops_per_request
; /* to catch endless loops in a single request
402 * used by mod_rewrite, mod_fastcgi, ... and others
403 * this is self-protection
406 int fd
; /* the FD for this connection */
407 int fde_ndx
; /* index for the fdevent-handler */
408 int ndx
; /* reverse mapping to server->connection[ndx] */
414 int keep_alive
; /* only request.c can enable it, all other just disable */
415 int keep_alive_idle
; /* remember max_keep_alive_idle from config */
420 chunkqueue
*write_queue
; /* a large queue for low-level write ( HTTP response ) [ file, mem ] */
421 chunkqueue
*read_queue
; /* a small queue for low-level read ( HTTP request ) [ mem ] */
422 chunkqueue
*request_content_queue
; /* takes request-content into tempfile if necessary [ tempfile, mem ]*/
424 int traffic_limit_reached
;
426 off_t bytes_written
; /* used by mod_accesslog, mod_rrd */
427 off_t bytes_written_cur_second
; /* used by mod_accesslog, mod_rrd */
428 off_t bytes_read
; /* used by mod_accesslog, mod_rrd */
434 buffer
*dst_addr_buf
;
437 buffer
*parse_request
;
438 unsigned int parsed_response
; /* bitfield which contains the important header-fields of the parsed response header */
447 array
*environment
; /* used to pass lighttpd internal stuff to the FastCGI/CGI apps, setenv does that */
454 connection_type mode
;
456 void **plugin_ctx
; /* plugin connection specific config */
458 specific_config conf
; /* global connection specific config */
459 cond_cache_t
*cond_cache
;
464 int error_handler_saved_status
;
465 http_method_t error_handler_saved_method
;
467 struct server_socket
*srv_socket
; /* reference to the server-socket */
471 # ifndef OPENSSL_NO_TLSEXT
472 buffer
*tlsext_server_name
;
474 unsigned int renegotiations
; /* count of SSL_CB_HANDSHAKE_START */
477 etag_flags_t etag_flags
;
479 int conditional_is_valid
[COMP_LAST_ELEMENT
];
493 struct in6_addr ipv6
;
496 char b2
[INET6_ADDRSTRLEN
+ 1];
498 } inet_ntop_cache_type
;
506 } realpath_cache_type
;
509 time_t mtime
; /* the key */
510 buffer
*str
; /* a buffer for the string represenation */
523 buffer
*errorlog_file
;
524 unsigned short errorlog_use_syslog
;
525 buffer
*breakagelog_file
;
527 unsigned short dont_daemonize
;
528 unsigned short preflight_check
;
535 buffer
*event_handler
;
538 buffer
*network_backend
;
540 array
*upload_tempdirs
;
541 unsigned int upload_temp_file_size
;
543 unsigned short max_worker
;
544 unsigned short max_fds
;
545 unsigned short max_conns
;
547 unsigned short log_request_header_on_error
;
548 unsigned short log_state_handling
;
550 enum { STAT_CACHE_ENGINE_UNSET
,
551 STAT_CACHE_ENGINE_NONE
,
552 STAT_CACHE_ENGINE_SIMPLE
554 , STAT_CACHE_ENGINE_FAM
557 unsigned short enable_cores
;
558 unsigned short reject_expect_100_with_417
;
561 unsigned short http_header_strict
;
562 unsigned short http_host_strict
;
563 unsigned short http_host_normalize
;
564 unsigned short high_precision_timestamps
;
567 typedef struct server_socket
{
572 unsigned short is_ssl
;
586 } server_socket_array
;
588 typedef struct server
{
589 server_socket_array srv_sockets
;
593 enum { ERRORLOG_FILE
, ERRORLOG_FD
, ERRORLOG_SYSLOG
, ERRORLOG_PIPE
} errorlog_mode
;
594 buffer
*errorlog_buf
;
596 fdevents
*ev
, *ev_ins
;
598 buffer_plugin plugins
;
609 int max_fds
; /* max possible fds */
610 int cur_fds
; /* currently used fds */
611 int want_fds
; /* waiting fds */
612 int sockets_disabled
;
617 buffer
*parse_full_path
;
618 buffer
*response_header
;
619 buffer
*response_range
;
622 buffer
*tmp_chunk_len
;
624 buffer
*empty_string
; /* is necessary for cond_match */
626 buffer
*cond_check_buf
;
630 inet_ntop_cache_type inet_ntop_cache
[INET_NTOP_CACHE_MAX
];
632 mtime_cache_type mtime_cache
[FILE_CACHE_MAX
];
638 time_t last_generated_date_ts
;
639 time_t last_generated_debug_ts
;
642 char entropy
[8]; /* from /dev/[u]random if possible, otherwise rand() */
643 char is_real_entropy
; /* whether entropy is from /dev/[u]random */
645 buffer
*ts_debug_str
;
649 array
*config_touched
;
651 array
*config_context
;
652 specific_config
**config_storage
;
654 server_config srvconf
;
656 short int config_deprecated
;
657 short int config_unsupported
;
660 connections
*joblist
;
661 connections
*fdwaitqueue
;
663 stat_cache
*stat_cache
;
666 * The status array can carry all the status information you want
667 * the key to the array is <module-prefix>.<name>
668 * and the values are counters
671 * fastcgi.backends = 10
672 * fastcgi.active-backends = 6
673 * fastcgi.backend.<key>.load = 24
674 * fastcgi.backend.<key>....
676 * fastcgi.backend.<key>.disconnects = ...
680 fdevent_handler_t event_handler
;
682 int (* network_backend_write
)(struct server
*srv
, connection
*con
, int fd
, chunkqueue
*cq
, off_t max_bytes
);
684 int (* network_ssl_backend_write
)(struct server
*srv
, connection
*con
, SSL
*ssl
, chunkqueue
*cq
, off_t max_bytes
);