search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[config] opts for http header parsing strictness (fixes #551, fixes #1086, fixes...
[lighttpd.git] / src / base.h
blob871e68a6b50ac19d5995f4f77d992a8e15a37ef5
1 #ifndef _BASE_H_
2 #define _BASE_H_
3 #include "first.h"
4
5 #include "settings.h"
6
7 #include <sys/types.h>
8 #include <sys/time.h>
9 #include <sys/stat.h>
10
11 #include <limits.h>
12
13 #ifdef HAVE_STDINT_H
14 # include <stdint.h>
15 #endif
16
17 #ifdef HAVE_INTTYPES_H
18 # include <inttypes.h>
19 #endif
20
21 #include "buffer.h"
22 #include "array.h"
23 #include "chunk.h"
24 #include "keyvalue.h"
25 #include "fdevent.h"
26 #include "sys-socket.h"
27 #include "splaytree.h"
28 #include "etag.h"
29
30
31 #if defined HAVE_LIBSSL && defined HAVE_OPENSSL_SSL_H
32 # define USE_OPENSSL
33 # include <openssl/opensslconf.h>
34 # ifndef USE_OPENSSL_KERBEROS
35 # ifndef OPENSSL_NO_KRB5
36 # define OPENSSL_NO_KRB5
37 # endif
38 # endif
39 # include <openssl/ssl.h>
40 # if ! defined OPENSSL_NO_TLSEXT && ! defined SSL_CTRL_SET_TLSEXT_HOSTNAME
41 # define OPENSSL_NO_TLSEXT
42 # endif
43 #endif
44
45 #ifdef HAVE_FAM_H
46 # include <fam.h>
47 #endif
48
49 #ifndef O_BINARY
50 # define O_BINARY 0
51 #endif
52
53 #ifndef O_LARGEFILE
54 # define O_LARGEFILE 0
55 #endif
56
57 #ifndef SIZE_MAX
58 # ifdef SIZE_T_MAX
59 # define SIZE_MAX SIZE_T_MAX
60 # else
61 # define SIZE_MAX ((size_t)~0)
62 # endif
63 #endif
64
65 #ifndef SSIZE_MAX
66 # define SSIZE_MAX ((size_t)~0 >> 1)
67 #endif
68
69 #ifdef __APPLE__
70 #include <crt_externs.h>
71 #define environ (* _NSGetEnviron())
72 #else
73 extern char **environ;
74 #endif
75
76 /* for solaris 2.5 and NetBSD 1.3.x */
77 #ifndef HAVE_SOCKLEN_T
78 typedef int socklen_t;
79 #endif
80
81 /* solaris and NetBSD 1.3.x again */
82 #if (!defined(HAVE_STDINT_H)) && (!defined(HAVE_INTTYPES_H)) && (!defined(uint32_t))
83 # define uint32_t u_int32_t
84 #endif
85
86
87 #ifndef SHUT_WR
88 # define SHUT_WR 1
89 #endif
90
91 typedef enum { T_CONFIG_UNSET,
92 T_CONFIG_STRING,
93 T_CONFIG_SHORT,
94 T_CONFIG_INT,
95 T_CONFIG_BOOLEAN,
96 T_CONFIG_ARRAY,
97 T_CONFIG_LOCAL,
98 T_CONFIG_DEPRECATED,
99 T_CONFIG_UNSUPPORTED
100 } config_values_type_t;
101
102 typedef enum { T_CONFIG_SCOPE_UNSET,
103 T_CONFIG_SCOPE_SERVER,
104 T_CONFIG_SCOPE_CONNECTION
105 } config_scope_type_t;
106
107 typedef struct {
108 const char *key;
109 void *destination;
110
111 config_values_type_t type;
112 config_scope_type_t scope;
113 } config_values_t;
114
115 typedef enum { DIRECT, EXTERNAL } connection_type;
116
117 typedef struct {
118 char *key;
119 connection_type type;
120 char *value;
121 } request_handler;
122
123 typedef struct {
124 char *key;
125 char *host;
126 unsigned short port;
127 int used;
128 short factor;
129 } fcgi_connections;
130
131
132 typedef union {
133 #ifdef HAVE_IPV6
134 struct sockaddr_in6 ipv6;
135 #endif
136 struct sockaddr_in ipv4;
137 #ifdef HAVE_SYS_UN_H
138 struct sockaddr_un un;
139 #endif
140 struct sockaddr plain;
141 } sock_addr;
142
143 /* fcgi_response_header contains ... */
144 #define HTTP_STATUS BV(0)
145 #define HTTP_CONNECTION BV(1)
146 #define HTTP_CONTENT_LENGTH BV(2)
147 #define HTTP_DATE BV(3)
148 #define HTTP_LOCATION BV(4)
149
150 typedef struct {
151 /** HEADER */
152 /* the request-line */
153 buffer *request;
154 buffer *uri;
155
156 buffer *orig_uri;
157
158 http_method_t http_method;
159 http_version_t http_version;
160
161 buffer *request_line;
162
163 /* strings to the header */
164 buffer *http_host; /* not alloced */
165 const char *http_range;
166 const char *http_content_type;
167 const char *http_if_modified_since;
168 const char *http_if_none_match;
169
170 array *headers;
171
172 /* CONTENT */
173 size_t content_length; /* returned by strtoul() */
174
175 /* internal representation */
176 int accept_encoding;
177
178 /* internal */
179 buffer *pathinfo;
180 } request;
181
182 typedef struct {
183 off_t content_length;
184 int keep_alive; /* used by the subrequests in proxy, cgi and fcgi to say the subrequest was keep-alive or not */
185
186 array *headers;
187
188 enum {
189 HTTP_TRANSFER_ENCODING_IDENTITY, HTTP_TRANSFER_ENCODING_CHUNKED
190 } transfer_encoding;
191 } response;
192
193 typedef struct {
194 buffer *scheme; /* scheme without colon or slashes ( "http" or "https" ) */
195
196 /* authority with optional portnumber ("site.name" or "site.name:8080" ) NOTE: without "username:password@" */
197 buffer *authority;
198
199 /* path including leading slash ("/" or "/index.html") - urldecoded, and sanitized ( buffer_path_simplify() && buffer_urldecode_path() ) */
200 buffer *path;
201 buffer *path_raw; /* raw path, as sent from client. no urldecoding or path simplifying */
202 buffer *query; /* querystring ( everything after "?", ie: in "/index.php?foo=1", query is "foo=1" ) */
203 } request_uri;
204
205 typedef struct {
206 buffer *path;
207 buffer *basedir; /* path = "(basedir)(.*)" */
208
209 buffer *doc_root; /* path = doc_root + rel_path */
210 buffer *rel_path;
211
212 buffer *etag;
213 } physical;
214
215 typedef struct {
216 buffer *name;
217 buffer *etag;
218
219 struct stat st;
220
221 time_t stat_ts;
222
223 #ifdef HAVE_LSTAT
224 char is_symlink;
225 #endif
226
227 #ifdef HAVE_FAM_H
228 int dir_version;
229 #endif
230
231 buffer *content_type;
232 } stat_cache_entry;
233
234 typedef struct {
235 splay_tree *files; /* the nodes of the tree are stat_cache_entry's */
236
237 buffer *dir_name; /* for building the dirname from the filename */
238 #ifdef HAVE_FAM_H
239 splay_tree *dirs; /* the nodes of the tree are fam_dir_entry */
240
241 FAMConnection fam;
242 int fam_fcce_ndx;
243 #endif
244 buffer *hash_key; /* temp-store for the hash-key */
245 } stat_cache;
246
247 typedef struct {
248 array *mimetypes;
249
250 /* virtual-servers */
251 buffer *document_root;
252 buffer *server_name;
253 buffer *error_handler;
254 buffer *error_handler_404;
255 buffer *server_tag;
256 buffer *dirlist_encoding;
257 buffer *errorfile_prefix;
258
259 unsigned short max_keep_alive_requests;
260 unsigned short max_keep_alive_idle;
261 unsigned short max_read_idle;
262 unsigned short max_write_idle;
263 unsigned short use_xattr;
264 unsigned short follow_symlink;
265 unsigned short range_requests;
266
267 /* debug */
268
269 unsigned short log_file_not_found;
270 unsigned short log_request_header;
271 unsigned short log_request_handling;
272 unsigned short log_response_header;
273 unsigned short log_condition_handling;
274 unsigned short log_ssl_noise;
275 unsigned short log_timeouts;
276
277
278 /* server wide */
279 buffer *ssl_pemfile;
280 buffer *ssl_ca_file;
281 buffer *ssl_cipher_list;
282 buffer *ssl_dh_file;
283 buffer *ssl_ec_curve;
284 unsigned short ssl_honor_cipher_order; /* determine SSL cipher in server-preferred order, not client-order */
285 unsigned short ssl_empty_fragments; /* whether to not set SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS */
286 unsigned short ssl_use_sslv2;
287 unsigned short ssl_use_sslv3;
288 unsigned short ssl_verifyclient;
289 unsigned short ssl_verifyclient_enforce;
290 unsigned short ssl_verifyclient_depth;
291 buffer *ssl_verifyclient_username;
292 unsigned short ssl_verifyclient_export_cert;
293 unsigned short ssl_disable_client_renegotiation;
294
295 unsigned short use_ipv6, set_v6only; /* set_v6only is only a temporary option */
296 unsigned short defer_accept;
297 unsigned short ssl_enabled; /* only interesting for setting up listening sockets. don't use at runtime */
298 unsigned short allow_http11;
299 unsigned short etag_use_inode;
300 unsigned short etag_use_mtime;
301 unsigned short etag_use_size;
302 unsigned short force_lowercase_filenames; /* if the FS is case-insensitive, force all files to lower-case */
303 unsigned int http_parseopts;
304 unsigned int max_request_size;
305 int listen_backlog;
306
307 unsigned short kbytes_per_second; /* connection kb/s limit */
308
309 /* configside */
310 unsigned short global_kbytes_per_second; /* */
311
312 off_t global_bytes_per_second_cnt;
313 /* server-wide traffic-shaper
314 *
315 * each context has the counter which is inited once
316 * a second by the global_kbytes_per_second config-var
317 *
318 * as soon as global_kbytes_per_second gets below 0
319 * the connected conns are "offline" a little bit
320 *
321 * the problem:
322 * we somehow have to loose our "we are writable" signal
323 * on the way.
324 *
325 */
326 off_t *global_bytes_per_second_cnt_ptr; /* */
327
328 #ifdef USE_OPENSSL
329 SSL_CTX *ssl_ctx; /* not patched */
330 /* SNI per host: with COMP_SERVER_SOCKET, COMP_HTTP_SCHEME, COMP_HTTP_HOST */
331 EVP_PKEY *ssl_pemfile_pkey;
332 X509 *ssl_pemfile_x509;
333 STACK_OF(X509_NAME) *ssl_ca_file_cert_names;
334 #endif
335 } specific_config;
336
337 /* the order of the items should be the same as they are processed
338 * read before write as we use this later */
339 typedef enum {
340 CON_STATE_CONNECT,
341 CON_STATE_REQUEST_START,
342 CON_STATE_READ,
343 CON_STATE_REQUEST_END,
344 CON_STATE_READ_POST,
345 CON_STATE_HANDLE_REQUEST,
346 CON_STATE_RESPONSE_START,
347 CON_STATE_WRITE,
348 CON_STATE_RESPONSE_END,
349 CON_STATE_ERROR,
350 CON_STATE_CLOSE
351 } connection_state_t;
352
353 typedef enum {
354 /* condition not active at the moment because itself or some
355 * pre-condition depends on data not available yet
356 */
357 COND_RESULT_UNSET,
358
359 /* special "unset" for branches not selected due to pre-conditions
360 * not met (but pre-conditions are not "unset" anymore)
361 */
362 COND_RESULT_SKIP,
363
364 /* actually evaluated the condition itself */
365 COND_RESULT_FALSE, /* not active */
366 COND_RESULT_TRUE, /* active */
367 } cond_result_t;
368
369 typedef struct {
370 /* current result (with preconditions) */
371 cond_result_t result;
372 /* result without preconditions (must never be "skip") */
373 cond_result_t local_result;
374 int patterncount;
375 int matches[3 * 10];
376 buffer *comp_value; /* just a pointer */
377 } cond_cache_t;
378
379 typedef struct {
380 connection_state_t state;
381
382 /* timestamps */
383 time_t read_idle_ts;
384 time_t close_timeout_ts;
385 time_t write_request_ts;
386
387 time_t connection_start;
388 time_t request_start;
389
390 struct timeval start_tv;
391
392 size_t request_count; /* number of requests handled in this connection */
393 size_t loops_per_request; /* to catch endless loops in a single request
394 *
395 * used by mod_rewrite, mod_fastcgi, ... and others
396 * this is self-protection
397 */
398
399 int fd; /* the FD for this connection */
400 int fde_ndx; /* index for the fdevent-handler */
401 int ndx; /* reverse mapping to server->connection[ndx] */
402
403 /* fd states */
404 int is_readable;
405 int is_writable;
406
407 int keep_alive; /* only request.c can enable it, all other just disable */
408 int keep_alive_idle; /* remember max_keep_alive_idle from config */
409
410 int file_started;
411 int file_finished;
412
413 chunkqueue *write_queue; /* a large queue for low-level write ( HTTP response ) [ file, mem ] */
414 chunkqueue *read_queue; /* a small queue for low-level read ( HTTP request ) [ mem ] */
415 chunkqueue *request_content_queue; /* takes request-content into tempfile if necessary [ tempfile, mem ]*/
416
417 int traffic_limit_reached;
418
419 off_t bytes_written; /* used by mod_accesslog, mod_rrd */
420 off_t bytes_written_cur_second; /* used by mod_accesslog, mod_rrd */
421 off_t bytes_read; /* used by mod_accesslog, mod_rrd */
422 off_t bytes_header;
423
424 int http_status;
425
426 sock_addr dst_addr;
427 buffer *dst_addr_buf;
428
429 /* request */
430 buffer *parse_request;
431 unsigned int parsed_response; /* bitfield which contains the important header-fields of the parsed response header */
432
433 request request;
434 request_uri uri;
435 physical physical;
436 response response;
437
438 size_t header_len;
439
440 array *environment; /* used to pass lighttpd internal stuff to the FastCGI/CGI apps, setenv does that */
441
442 /* response */
443 int got_response;
444
445 int in_joblist;
446
447 connection_type mode;
448
449 void **plugin_ctx; /* plugin connection specific config */
450
451 specific_config conf; /* global connection specific config */
452 cond_cache_t *cond_cache;
453
454 buffer *server_name;
455
456 /* error-handler */
457 int error_handler_saved_status;
458 http_method_t error_handler_saved_method;
459
460 struct server_socket *srv_socket; /* reference to the server-socket */
461
462 #ifdef USE_OPENSSL
463 SSL *ssl;
464 # ifndef OPENSSL_NO_TLSEXT
465 buffer *tlsext_server_name;
466 # endif
467 unsigned int renegotiations; /* count of SSL_CB_HANDSHAKE_START */
468 #endif
469 /* etag handling */
470 etag_flags_t etag_flags;
471
472 int conditional_is_valid[COMP_LAST_ELEMENT];
473 } connection;
474
475 typedef struct {
476 connection **ptr;
477 size_t size;
478 size_t used;
479 } connections;
480
481
482 #ifdef HAVE_IPV6
483 typedef struct {
484 int family;
485 union {
486 struct in6_addr ipv6;
487 struct in_addr ipv4;
488 } addr;
489 char b2[INET6_ADDRSTRLEN + 1];
490 time_t ts;
491 } inet_ntop_cache_type;
492 #endif
493
494
495 typedef struct {
496 buffer *uri;
497 time_t mtime;
498 int http_status;
499 } realpath_cache_type;
500
501 typedef struct {
502 time_t mtime; /* the key */
503 buffer *str; /* a buffer for the string represenation */
504 } mtime_cache_type;
505
506 typedef struct {
507 void *ptr;
508 size_t used;
509 size_t size;
510 } buffer_plugin;
511
512 typedef struct {
513 unsigned short port;
514 buffer *bindhost;
515
516 buffer *errorlog_file;
517 unsigned short errorlog_use_syslog;
518 buffer *breakagelog_file;
519
520 unsigned short dont_daemonize;
521 unsigned short preflight_check;
522 buffer *changeroot;
523 buffer *username;
524 buffer *groupname;
525
526 buffer *pid_file;
527
528 buffer *event_handler;
529
530 buffer *modules_dir;
531 buffer *network_backend;
532 array *modules;
533 array *upload_tempdirs;
534 unsigned int upload_temp_file_size;
535
536 unsigned short max_worker;
537 unsigned short max_fds;
538 unsigned short max_conns;
539 unsigned int max_request_size;
540
541 unsigned short log_request_header_on_error;
542 unsigned short log_state_handling;
543
544 enum { STAT_CACHE_ENGINE_UNSET,
545 STAT_CACHE_ENGINE_NONE,
546 STAT_CACHE_ENGINE_SIMPLE
547 #ifdef HAVE_FAM_H
548 , STAT_CACHE_ENGINE_FAM
549 #endif
550 } stat_cache_engine;
551 unsigned short enable_cores;
552 unsigned short reject_expect_100_with_417;
553 buffer *xattr_name;
554
555 unsigned short http_header_strict;
556 unsigned short http_host_strict;
557 unsigned short http_host_normalize;
558 } server_config;
559
560 typedef struct server_socket {
561 sock_addr addr;
562 int fd;
563 int fde_ndx;
564
565 unsigned short is_ssl;
566
567 buffer *srv_token;
568
569 #ifdef USE_OPENSSL
570 SSL_CTX *ssl_ctx;
571 #endif
572 } server_socket;
573
574 typedef struct {
575 server_socket **ptr;
576
577 size_t size;
578 size_t used;
579 } server_socket_array;
580
581 typedef struct server {
582 server_socket_array srv_sockets;
583
584 /* the errorlog */
585 int errorlog_fd;
586 enum { ERRORLOG_FILE, ERRORLOG_FD, ERRORLOG_SYSLOG, ERRORLOG_PIPE } errorlog_mode;
587 buffer *errorlog_buf;
588
589 fdevents *ev, *ev_ins;
590
591 buffer_plugin plugins;
592 void *plugin_slots;
593
594 /* counters */
595 int con_opened;
596 int con_read;
597 int con_written;
598 int con_closed;
599
600 int ssl_is_init;
601
602 int max_fds; /* max possible fds */
603 int cur_fds; /* currently used fds */
604 int want_fds; /* waiting fds */
605 int sockets_disabled;
606
607 size_t max_conns;
608
609 /* buffers */
610 buffer *parse_full_path;
611 buffer *response_header;
612 buffer *response_range;
613 buffer *tmp_buf;
614
615 buffer *tmp_chunk_len;
616
617 buffer *empty_string; /* is necessary for cond_match */
618
619 buffer *cond_check_buf;
620
621 /* caches */
622 #ifdef HAVE_IPV6
623 inet_ntop_cache_type inet_ntop_cache[INET_NTOP_CACHE_MAX];
624 #endif
625 mtime_cache_type mtime_cache[FILE_CACHE_MAX];
626
627 array *split_vals;
628
629 /* Timestamps */
630 time_t cur_ts;
631 time_t last_generated_date_ts;
632 time_t last_generated_debug_ts;
633 time_t startup_ts;
634
635 char entropy[8]; /* from /dev/[u]random if possible, otherwise rand() */
636 char is_real_entropy; /* whether entropy is from /dev/[u]random */
637
638 buffer *ts_debug_str;
639 buffer *ts_date_str;
640
641 /* config-file */
642 array *config_touched;
643
644 array *config_context;
645 specific_config **config_storage;
646
647 server_config srvconf;
648
649 short int config_deprecated;
650 short int config_unsupported;
651
652 connections *conns;
653 connections *joblist;
654 connections *fdwaitqueue;
655
656 stat_cache *stat_cache;
657
658 /**
659 * The status array can carry all the status information you want
660 * the key to the array is <module-prefix>.<name>
661 * and the values are counters
662 *
663 * example:
664 * fastcgi.backends = 10
665 * fastcgi.active-backends = 6
666 * fastcgi.backend.<key>.load = 24
667 * fastcgi.backend.<key>....
668 *
669 * fastcgi.backend.<key>.disconnects = ...
670 */
671 array *status;
672
673 fdevent_handler_t event_handler;
674
675 int (* network_backend_write)(struct server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
676 #ifdef USE_OPENSSL
677 int (* network_ssl_backend_write)(struct server *srv, connection *con, SSL *ssl, chunkqueue *cq, off_t max_bytes);
678 #endif
679
680 uid_t uid;
681 gid_t gid;
682 } server;
683
684
685 #endif
A fast webserver with minimal memory-footprint (lighttpd)