17 #ifdef HAVE_INTTYPES_H
18 # include <inttypes.h>
26 #include "sys-socket.h"
27 #include "splaytree.h"
31 #if defined HAVE_LIBSSL && defined HAVE_OPENSSL_SSL_H
33 # include <openssl/opensslconf.h>
34 # ifndef USE_OPENSSL_KERBEROS
35 # ifndef OPENSSL_NO_KRB5
36 # define OPENSSL_NO_KRB5
39 # include <openssl/ssl.h>
40 # if ! defined OPENSSL_NO_TLSEXT && ! defined SSL_CTRL_SET_TLSEXT_HOSTNAME
41 # define OPENSSL_NO_TLSEXT
54 # define O_LARGEFILE 0
59 # define SIZE_MAX SIZE_T_MAX
61 # define SIZE_MAX ((size_t)~0)
66 # define SSIZE_MAX ((size_t)~0 >> 1)
70 #include <crt_externs.h>
71 #define environ (* _NSGetEnviron())
73 extern char **environ
;
76 /* for solaris 2.5 and NetBSD 1.3.x */
77 #ifndef HAVE_SOCKLEN_T
78 typedef int socklen_t
;
81 /* solaris and NetBSD 1.3.x again */
82 #if (!defined(HAVE_STDINT_H)) && (!defined(HAVE_INTTYPES_H)) && (!defined(uint32_t))
83 # define uint32_t u_int32_t
91 typedef enum { T_CONFIG_UNSET
,
100 } config_values_type_t
;
102 typedef enum { T_CONFIG_SCOPE_UNSET
,
103 T_CONFIG_SCOPE_SERVER
,
104 T_CONFIG_SCOPE_CONNECTION
105 } config_scope_type_t
;
111 config_values_type_t type
;
112 config_scope_type_t scope
;
115 typedef enum { DIRECT
, EXTERNAL
} connection_type
;
119 connection_type type
;
134 struct sockaddr_in6 ipv6
;
136 struct sockaddr_in ipv4
;
138 struct sockaddr_un un
;
140 struct sockaddr plain
;
143 /* fcgi_response_header contains ... */
144 #define HTTP_STATUS BV(0)
145 #define HTTP_CONNECTION BV(1)
146 #define HTTP_CONTENT_LENGTH BV(2)
147 #define HTTP_DATE BV(3)
148 #define HTTP_LOCATION BV(4)
152 /* the request-line */
158 http_method_t http_method
;
159 http_version_t http_version
;
161 buffer
*request_line
;
163 /* strings to the header */
164 buffer
*http_host
; /* not alloced */
165 const char *http_range
;
166 const char *http_content_type
;
167 const char *http_if_modified_since
;
168 const char *http_if_none_match
;
173 size_t content_length
; /* returned by strtoul() */
175 /* internal representation */
183 off_t content_length
;
184 int keep_alive
; /* used by the subrequests in proxy, cgi and fcgi to say the subrequest was keep-alive or not */
189 HTTP_TRANSFER_ENCODING_IDENTITY
, HTTP_TRANSFER_ENCODING_CHUNKED
194 buffer
*scheme
; /* scheme without colon or slashes ( "http" or "https" ) */
196 /* authority with optional portnumber ("site.name" or "site.name:8080" ) NOTE: without "username:password@" */
199 /* path including leading slash ("/" or "/index.html") - urldecoded, and sanitized ( buffer_path_simplify() && buffer_urldecode_path() ) */
201 buffer
*path_raw
; /* raw path, as sent from client. no urldecoding or path simplifying */
202 buffer
*query
; /* querystring ( everything after "?", ie: in "/index.php?foo=1", query is "foo=1" ) */
207 buffer
*basedir
; /* path = "(basedir)(.*)" */
209 buffer
*doc_root
; /* path = doc_root + rel_path */
231 buffer
*content_type
;
235 splay_tree
*files
; /* the nodes of the tree are stat_cache_entry's */
237 buffer
*dir_name
; /* for building the dirname from the filename */
239 splay_tree
*dirs
; /* the nodes of the tree are fam_dir_entry */
244 buffer
*hash_key
; /* temp-store for the hash-key */
250 /* virtual-servers */
251 buffer
*document_root
;
253 buffer
*error_handler
;
254 buffer
*error_handler_404
;
256 buffer
*dirlist_encoding
;
257 buffer
*errorfile_prefix
;
259 unsigned short max_keep_alive_requests
;
260 unsigned short max_keep_alive_idle
;
261 unsigned short max_read_idle
;
262 unsigned short max_write_idle
;
263 unsigned short use_xattr
;
264 unsigned short follow_symlink
;
265 unsigned short range_requests
;
269 unsigned short log_file_not_found
;
270 unsigned short log_request_header
;
271 unsigned short log_request_handling
;
272 unsigned short log_response_header
;
273 unsigned short log_condition_handling
;
274 unsigned short log_ssl_noise
;
275 unsigned short log_timeouts
;
281 buffer
*ssl_cipher_list
;
283 buffer
*ssl_ec_curve
;
284 unsigned short ssl_honor_cipher_order
; /* determine SSL cipher in server-preferred order, not client-order */
285 unsigned short ssl_empty_fragments
; /* whether to not set SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS */
286 unsigned short ssl_use_sslv2
;
287 unsigned short ssl_use_sslv3
;
288 unsigned short ssl_verifyclient
;
289 unsigned short ssl_verifyclient_enforce
;
290 unsigned short ssl_verifyclient_depth
;
291 buffer
*ssl_verifyclient_username
;
292 unsigned short ssl_verifyclient_export_cert
;
293 unsigned short ssl_disable_client_renegotiation
;
295 unsigned short use_ipv6
, set_v6only
; /* set_v6only is only a temporary option */
296 unsigned short defer_accept
;
297 unsigned short ssl_enabled
; /* only interesting for setting up listening sockets. don't use at runtime */
298 unsigned short allow_http11
;
299 unsigned short etag_use_inode
;
300 unsigned short etag_use_mtime
;
301 unsigned short etag_use_size
;
302 unsigned short force_lowercase_filenames
; /* if the FS is case-insensitive, force all files to lower-case */
303 unsigned int http_parseopts
;
304 unsigned int max_request_size
;
307 unsigned short kbytes_per_second
; /* connection kb/s limit */
310 unsigned short global_kbytes_per_second
; /* */
312 off_t global_bytes_per_second_cnt
;
313 /* server-wide traffic-shaper
315 * each context has the counter which is inited once
316 * a second by the global_kbytes_per_second config-var
318 * as soon as global_kbytes_per_second gets below 0
319 * the connected conns are "offline" a little bit
322 * we somehow have to loose our "we are writable" signal
326 off_t
*global_bytes_per_second_cnt_ptr
; /* */
329 SSL_CTX
*ssl_ctx
; /* not patched */
330 /* SNI per host: with COMP_SERVER_SOCKET, COMP_HTTP_SCHEME, COMP_HTTP_HOST */
331 EVP_PKEY
*ssl_pemfile_pkey
;
332 X509
*ssl_pemfile_x509
;
333 STACK_OF(X509_NAME
) *ssl_ca_file_cert_names
;
337 /* the order of the items should be the same as they are processed
338 * read before write as we use this later */
341 CON_STATE_REQUEST_START
,
343 CON_STATE_REQUEST_END
,
345 CON_STATE_HANDLE_REQUEST
,
346 CON_STATE_RESPONSE_START
,
348 CON_STATE_RESPONSE_END
,
351 } connection_state_t
;
354 /* condition not active at the moment because itself or some
355 * pre-condition depends on data not available yet
359 /* special "unset" for branches not selected due to pre-conditions
360 * not met (but pre-conditions are not "unset" anymore)
364 /* actually evaluated the condition itself */
365 COND_RESULT_FALSE
, /* not active */
366 COND_RESULT_TRUE
, /* active */
370 /* current result (with preconditions) */
371 cond_result_t result
;
372 /* result without preconditions (must never be "skip") */
373 cond_result_t local_result
;
376 buffer
*comp_value
; /* just a pointer */
380 connection_state_t state
;
384 time_t close_timeout_ts
;
385 time_t write_request_ts
;
387 time_t connection_start
;
388 time_t request_start
;
390 struct timeval start_tv
;
392 size_t request_count
; /* number of requests handled in this connection */
393 size_t loops_per_request
; /* to catch endless loops in a single request
395 * used by mod_rewrite, mod_fastcgi, ... and others
396 * this is self-protection
399 int fd
; /* the FD for this connection */
400 int fde_ndx
; /* index for the fdevent-handler */
401 int ndx
; /* reverse mapping to server->connection[ndx] */
407 int keep_alive
; /* only request.c can enable it, all other just disable */
408 int keep_alive_idle
; /* remember max_keep_alive_idle from config */
413 chunkqueue
*write_queue
; /* a large queue for low-level write ( HTTP response ) [ file, mem ] */
414 chunkqueue
*read_queue
; /* a small queue for low-level read ( HTTP request ) [ mem ] */
415 chunkqueue
*request_content_queue
; /* takes request-content into tempfile if necessary [ tempfile, mem ]*/
417 int traffic_limit_reached
;
419 off_t bytes_written
; /* used by mod_accesslog, mod_rrd */
420 off_t bytes_written_cur_second
; /* used by mod_accesslog, mod_rrd */
421 off_t bytes_read
; /* used by mod_accesslog, mod_rrd */
427 buffer
*dst_addr_buf
;
430 buffer
*parse_request
;
431 unsigned int parsed_response
; /* bitfield which contains the important header-fields of the parsed response header */
440 array
*environment
; /* used to pass lighttpd internal stuff to the FastCGI/CGI apps, setenv does that */
447 connection_type mode
;
449 void **plugin_ctx
; /* plugin connection specific config */
451 specific_config conf
; /* global connection specific config */
452 cond_cache_t
*cond_cache
;
457 int error_handler_saved_status
;
458 http_method_t error_handler_saved_method
;
460 struct server_socket
*srv_socket
; /* reference to the server-socket */
464 # ifndef OPENSSL_NO_TLSEXT
465 buffer
*tlsext_server_name
;
467 unsigned int renegotiations
; /* count of SSL_CB_HANDSHAKE_START */
470 etag_flags_t etag_flags
;
472 int conditional_is_valid
[COMP_LAST_ELEMENT
];
486 struct in6_addr ipv6
;
489 char b2
[INET6_ADDRSTRLEN
+ 1];
491 } inet_ntop_cache_type
;
499 } realpath_cache_type
;
502 time_t mtime
; /* the key */
503 buffer
*str
; /* a buffer for the string represenation */
516 buffer
*errorlog_file
;
517 unsigned short errorlog_use_syslog
;
518 buffer
*breakagelog_file
;
520 unsigned short dont_daemonize
;
521 unsigned short preflight_check
;
528 buffer
*event_handler
;
531 buffer
*network_backend
;
533 array
*upload_tempdirs
;
534 unsigned int upload_temp_file_size
;
536 unsigned short max_worker
;
537 unsigned short max_fds
;
538 unsigned short max_conns
;
539 unsigned int max_request_size
;
541 unsigned short log_request_header_on_error
;
542 unsigned short log_state_handling
;
544 enum { STAT_CACHE_ENGINE_UNSET
,
545 STAT_CACHE_ENGINE_NONE
,
546 STAT_CACHE_ENGINE_SIMPLE
548 , STAT_CACHE_ENGINE_FAM
551 unsigned short enable_cores
;
552 unsigned short reject_expect_100_with_417
;
555 unsigned short http_header_strict
;
556 unsigned short http_host_strict
;
557 unsigned short http_host_normalize
;
560 typedef struct server_socket
{
565 unsigned short is_ssl
;
579 } server_socket_array
;
581 typedef struct server
{
582 server_socket_array srv_sockets
;
586 enum { ERRORLOG_FILE
, ERRORLOG_FD
, ERRORLOG_SYSLOG
, ERRORLOG_PIPE
} errorlog_mode
;
587 buffer
*errorlog_buf
;
589 fdevents
*ev
, *ev_ins
;
591 buffer_plugin plugins
;
602 int max_fds
; /* max possible fds */
603 int cur_fds
; /* currently used fds */
604 int want_fds
; /* waiting fds */
605 int sockets_disabled
;
610 buffer
*parse_full_path
;
611 buffer
*response_header
;
612 buffer
*response_range
;
615 buffer
*tmp_chunk_len
;
617 buffer
*empty_string
; /* is necessary for cond_match */
619 buffer
*cond_check_buf
;
623 inet_ntop_cache_type inet_ntop_cache
[INET_NTOP_CACHE_MAX
];
625 mtime_cache_type mtime_cache
[FILE_CACHE_MAX
];
631 time_t last_generated_date_ts
;
632 time_t last_generated_debug_ts
;
635 char entropy
[8]; /* from /dev/[u]random if possible, otherwise rand() */
636 char is_real_entropy
; /* whether entropy is from /dev/[u]random */
638 buffer
*ts_debug_str
;
642 array
*config_touched
;
644 array
*config_context
;
645 specific_config
**config_storage
;
647 server_config srvconf
;
649 short int config_deprecated
;
650 short int config_unsupported
;
653 connections
*joblist
;
654 connections
*fdwaitqueue
;
656 stat_cache
*stat_cache
;
659 * The status array can carry all the status information you want
660 * the key to the array is <module-prefix>.<name>
661 * and the values are counters
664 * fastcgi.backends = 10
665 * fastcgi.active-backends = 6
666 * fastcgi.backend.<key>.load = 24
667 * fastcgi.backend.<key>....
669 * fastcgi.backend.<key>.disconnects = ...
673 fdevent_handler_t event_handler
;
675 int (* network_backend_write
)(struct server
*srv
, connection
*con
, int fd
, chunkqueue
*cq
, off_t max_bytes
);
677 int (* network_ssl_backend_write
)(struct server
*srv
, connection
*con
, SSL
*ssl
, chunkqueue
*cq
, off_t max_bytes
);