1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-25 04:43:33 +00:00

Update to 1.4.30

Unbreak build if using libev
This commit is contained in:
Martin Matuska 2011-12-19 07:56:10 +00:00
parent c0de1a9c64
commit 449e0af321
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=287641
9 changed files with 14 additions and 1641 deletions

View File

@ -6,8 +6,7 @@
#
PORTNAME?= lighttpd
PORTVERSION= 1.4.29
PORTREVISION= 2
PORTVERSION= 1.4.30
CATEGORIES?= www
MASTER_SITES?= http://download.lighttpd.net/lighttpd/releases-1.4.x/

View File

@ -1,5 +1,5 @@
SHA256 (lighttpd-1.4.29.tar.bz2) = afd8af213e65afb48b397d004696c6620a7ae7f3d4f162ec46a04b9b9dbfd599
SIZE (lighttpd-1.4.29.tar.bz2) = 659974
SHA256 (lighttpd-1.4.30.tar.bz2) = 0d795597e4666dbf6ffe44b4a42f388ddb44736ddfab0b1ac091e5bb35212c2d
SIZE (lighttpd-1.4.30.tar.bz2) = 664697
SHA256 (lighttpd-1.4.26_mod_h264_streaming-2.2.9.patch.gz) = d7c3704d5253c4f3c18459f89059063b311e50096cd2c38fc982cec683c32e61
SIZE (lighttpd-1.4.26_mod_h264_streaming-2.2.9.patch.gz) = 44695
SHA256 (lighttpd-1.4.26_mod_geoip.patch.gz) = db43cc0ed7c808b5eed3185d97346e70dea0f1ef4fa9ed436d08e4faff7f97e7

View File

@ -1,621 +0,0 @@
Index: src/http_auth_digest.c
===================================================================
--- src/http_auth_digest.c (revision 2798)
+++ src/http_auth_digest.c (revision 2799)
@@ -1,26 +0,0 @@
-#include "buffer.h"
-
-#include "http_auth_digest.h"
-
-#include <string.h>
-
-#ifndef USE_OPENSSL
-# include "md5.h"
-
-typedef li_MD5_CTX MD5_CTX;
-#define MD5_Init li_MD5_Init
-#define MD5_Update li_MD5_Update
-#define MD5_Final li_MD5_Final
-
-#endif
-
-void CvtHex(IN HASH Bin, OUT HASHHEX Hex) {
- unsigned short i;
-
- for (i = 0; i < HASHLEN; i++) {
- Hex[i*2] = int2hex((Bin[i] >> 4) & 0xf);
- Hex[i*2+1] = int2hex(Bin[i] & 0xf);
- }
- Hex[HASHHEXLEN] = '\0';
-}
-
Index: src/http_auth_digest.h
===================================================================
--- src/http_auth_digest.h (revision 2798)
+++ src/http_auth_digest.h (revision 2799)
@@ -1,24 +0,0 @@
-#ifndef _DIGCALC_H_
-#define _DIGCALC_H_
-
-#ifdef HAVE_CONFIG_H
-# include "config.h"
-#endif
-
-#define HASHLEN 16
-typedef unsigned char HASH[HASHLEN];
-#define HASHHEXLEN 32
-typedef char HASHHEX[HASHHEXLEN+1];
-#ifdef USE_OPENSSL
-#define IN const
-#else
-#define IN
-#endif
-#define OUT
-
-void CvtHex(
- IN HASH Bin,
- OUT HASHHEX Hex
- );
-
-#endif
Index: src/mod_secure_download.c
===================================================================
--- src/mod_secure_download.c (revision 2798)
+++ src/mod_secure_download.c (revision 2799)
@@ -8,18 +8,8 @@
#include <stdlib.h>
#include <string.h>
-#ifdef USE_OPENSSL
-# include <openssl/md5.h>
-#else
-# include "md5.h"
+#include "md5.h"
-typedef li_MD5_CTX MD5_CTX;
-#define MD5_Init li_MD5_Init
-#define MD5_Update li_MD5_Update
-#define MD5_Final li_MD5_Final
-
-#endif
-
#define HASHLEN 16
typedef unsigned char HASH[HASHLEN];
#define HASHHEXLEN 32
@@ -200,7 +190,7 @@
URIHANDLER_FUNC(mod_secdownload_uri_handler) {
plugin_data *p = p_d;
- MD5_CTX Md5Ctx;
+ li_MD5_CTX Md5Ctx;
HASH HA1;
const char *rel_uri, *ts_str, *md5_str;
time_t ts = 0;
@@ -266,9 +256,9 @@
buffer_append_string(p->md5, rel_uri);
buffer_append_string_len(p->md5, ts_str, 8);
- MD5_Init(&Md5Ctx);
- MD5_Update(&Md5Ctx, (unsigned char *)p->md5->ptr, p->md5->used - 1);
- MD5_Final(HA1, &Md5Ctx);
+ li_MD5_Init(&Md5Ctx);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)p->md5->ptr, p->md5->used - 1);
+ li_MD5_Final(HA1, &Md5Ctx);
buffer_copy_string_hex(p->md5, (char *)HA1, 16);
Index: src/SConscript
===================================================================
--- src/SConscript (revision 2798)
+++ src/SConscript (revision 2799)
@@ -12,7 +12,8 @@
data_integer.c md5.c data_fastcgi.c \
fdevent_select.c fdevent_libev.c \
fdevent_poll.c fdevent_linux_sysepoll.c \
- fdevent_solaris_devpoll.c fdevent_freebsd_kqueue.c \
+ fdevent_solaris_devpoll.c fdevent_solaris_port.c \
+ fdevent_freebsd_kqueue.c \
data_config.c bitset.c \
inet_ntop_cache.c crc32.c \
connections-glue.c \
@@ -62,7 +63,7 @@
'mod_redirect' : { 'src' : [ 'mod_redirect.c' ], 'lib' : [ env['LIBPCRE'] ] },
'mod_rewrite' : { 'src' : [ 'mod_rewrite.c' ], 'lib' : [ env['LIBPCRE'] ] },
'mod_auth' : {
- 'src' : [ 'mod_auth.c', 'http_auth_digest.c', 'http_auth.c' ],
+ 'src' : [ 'mod_auth.c', 'http_auth.c' ],
'lib' : [ env['LIBCRYPT'], env['LIBLDAP'], env['LIBLBER'] ] },
'mod_webdav' : { 'src' : [ 'mod_webdav.c' ], 'lib' : [ env['LIBXML2'], env['LIBSQLITE3'], env['LIBUUID'] ] },
'mod_mysql_vhost' : { 'src' : [ 'mod_mysql_vhost.c' ], 'lib' : [ env['LIBMYSQL'] ] },
Index: src/mod_cml_funcs.c
===================================================================
--- src/mod_cml_funcs.c (revision 2798)
+++ src/mod_cml_funcs.c (revision 2799)
@@ -17,18 +17,8 @@
#include <dirent.h>
#include <stdio.h>
-#ifdef USE_OPENSSL
-# include <openssl/md5.h>
-#else
-# include "md5.h"
+#include "md5.h"
-typedef li_MD5_CTX MD5_CTX;
-#define MD5_Init li_MD5_Init
-#define MD5_Update li_MD5_Update
-#define MD5_Final li_MD5_Final
-
-#endif
-
#define HASHLEN 16
typedef unsigned char HASH[HASHLEN];
#define HASHHEXLEN 32
@@ -43,7 +33,7 @@
#ifdef HAVE_LUA_H
int f_crypto_md5(lua_State *L) {
- MD5_CTX Md5Ctx;
+ li_MD5_CTX Md5Ctx;
HASH HA1;
buffer b;
char hex[33];
@@ -63,9 +53,9 @@
lua_error(L);
}
- MD5_Init(&Md5Ctx);
- MD5_Update(&Md5Ctx, (unsigned char *)lua_tostring(L, 1), lua_strlen(L, 1));
- MD5_Final(HA1, &Md5Ctx);
+ li_MD5_Init(&Md5Ctx);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)lua_tostring(L, 1), lua_strlen(L, 1));
+ li_MD5_Final(HA1, &Md5Ctx);
buffer_copy_string_hex(&b, (char *)HA1, 16);
Index: src/Makefile.am
===================================================================
--- src/Makefile.am (revision 2798)
+++ src/Makefile.am (revision 2799)
@@ -241,7 +241,7 @@
mod_compress_la_LIBADD = $(Z_LIB) $(BZ_LIB) $(common_libadd)
lib_LTLIBRARIES += mod_auth.la
-mod_auth_la_SOURCES = mod_auth.c http_auth_digest.c http_auth.c
+mod_auth_la_SOURCES = mod_auth.c http_auth.c
mod_auth_la_LDFLAGS = -module -export-dynamic -avoid-version -no-undefined
mod_auth_la_LIBADD = $(CRYPT_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd)
@@ -268,7 +268,7 @@
hdr = server.h buffer.h network.h log.h keyvalue.h \
response.h request.h fastcgi.h chunk.h \
- settings.h http_chunk.h http_auth_digest.h \
+ settings.h http_chunk.h \
md5.h http_auth.h stream.h \
fdevent.h connections.h base.h stat_cache.h \
plugin.h mod_auth.h \
Index: src/http_auth.c
===================================================================
--- src/http_auth.c (revision 2798)
+++ src/http_auth.c (revision 2799)
@@ -1,7 +1,6 @@
#include "server.h"
#include "log.h"
#include "http_auth.h"
-#include "http_auth_digest.h"
#include "inet_ntop_cache.h"
#include "stream.h"
@@ -28,18 +27,23 @@
#include <unistd.h>
#include <ctype.h>
-#ifdef USE_OPENSSL
-# include <openssl/md5.h>
-#else
-# include "md5.h"
+#include "md5.h"
-typedef li_MD5_CTX MD5_CTX;
-#define MD5_Init li_MD5_Init
-#define MD5_Update li_MD5_Update
-#define MD5_Final li_MD5_Final
+#define HASHLEN 16
+#define HASHHEXLEN 32
+typedef unsigned char HASH[HASHLEN];
+typedef char HASHHEX[HASHHEXLEN+1];
-#endif
+static void CvtHex(const HASH Bin, char Hex[33]) {
+ unsigned short i;
+ for (i = 0; i < 16; i++) {
+ Hex[i*2] = int2hex((Bin[i] >> 4) & 0xf);
+ Hex[i*2+1] = int2hex(Bin[i] & 0xf);
+ }
+ Hex[32] = '\0';
+}
+
/**
* the $apr1$ handling is taken from apache 1.3.x
*/
@@ -435,7 +439,7 @@
static void to64(char *s, unsigned long v, int n)
{
- static unsigned char itoa64[] = /* 0 ... 63 => ASCII - 64 */
+ static const unsigned char itoa64[] = /* 0 ... 63 => ASCII - 64 */
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
while (--n >= 0) {
@@ -455,7 +459,7 @@
const char *sp, *ep;
unsigned char final[APR_MD5_DIGESTSIZE];
ssize_t sl, pl, i;
- MD5_CTX ctx, ctx1;
+ li_MD5_CTX ctx, ctx1;
unsigned long l;
/*
@@ -487,33 +491,33 @@
/*
* 'Time to make the doughnuts..'
*/
- MD5_Init(&ctx);
+ li_MD5_Init(&ctx);
/*
* The password first, since that is what is most unknown
*/
- MD5_Update(&ctx, pw, strlen(pw));
+ li_MD5_Update(&ctx, pw, strlen(pw));
/*
* Then our magic string
*/
- MD5_Update(&ctx, APR1_ID, strlen(APR1_ID));
+ li_MD5_Update(&ctx, APR1_ID, strlen(APR1_ID));
/*
* Then the raw salt
*/
- MD5_Update(&ctx, sp, sl);
+ li_MD5_Update(&ctx, sp, sl);
/*
* Then just as many characters of the MD5(pw, salt, pw)
*/
- MD5_Init(&ctx1);
- MD5_Update(&ctx1, pw, strlen(pw));
- MD5_Update(&ctx1, sp, sl);
- MD5_Update(&ctx1, pw, strlen(pw));
- MD5_Final(final, &ctx1);
+ li_MD5_Init(&ctx1);
+ li_MD5_Update(&ctx1, pw, strlen(pw));
+ li_MD5_Update(&ctx1, sp, sl);
+ li_MD5_Update(&ctx1, pw, strlen(pw));
+ li_MD5_Final(final, &ctx1);
for (pl = strlen(pw); pl > 0; pl -= APR_MD5_DIGESTSIZE) {
- MD5_Update(&ctx, final,
+ li_MD5_Update(&ctx, final,
(pl > APR_MD5_DIGESTSIZE) ? APR_MD5_DIGESTSIZE : pl);
}
@@ -527,10 +531,10 @@
*/
for (i = strlen(pw); i != 0; i >>= 1) {
if (i & 1) {
- MD5_Update(&ctx, final, 1);
+ li_MD5_Update(&ctx, final, 1);
}
else {
- MD5_Update(&ctx, pw, 1);
+ li_MD5_Update(&ctx, pw, 1);
}
}
@@ -542,7 +546,7 @@
strncat(passwd, sp, sl);
strcat(passwd, "$");
- MD5_Final(final, &ctx);
+ li_MD5_Final(final, &ctx);
/*
* And now, just to make sure things don't run too fast..
@@ -550,28 +554,28 @@
* need 30 seconds to build a 1000 entry dictionary...
*/
for (i = 0; i < 1000; i++) {
- MD5_Init(&ctx1);
+ li_MD5_Init(&ctx1);
if (i & 1) {
- MD5_Update(&ctx1, pw, strlen(pw));
+ li_MD5_Update(&ctx1, pw, strlen(pw));
}
else {
- MD5_Update(&ctx1, final, APR_MD5_DIGESTSIZE);
+ li_MD5_Update(&ctx1, final, APR_MD5_DIGESTSIZE);
}
if (i % 3) {
- MD5_Update(&ctx1, sp, sl);
+ li_MD5_Update(&ctx1, sp, sl);
}
if (i % 7) {
- MD5_Update(&ctx1, pw, strlen(pw));
+ li_MD5_Update(&ctx1, pw, strlen(pw));
}
if (i & 1) {
- MD5_Update(&ctx1, final, APR_MD5_DIGESTSIZE);
+ li_MD5_Update(&ctx1, final, APR_MD5_DIGESTSIZE);
}
else {
- MD5_Update(&ctx1, pw, strlen(pw));
+ li_MD5_Update(&ctx1, pw, strlen(pw));
}
- MD5_Final(final,&ctx1);
+ li_MD5_Final(final,&ctx1);
}
p = passwd + strlen(passwd);
@@ -614,17 +618,17 @@
* user:realm:md5(user:realm:password)
*/
- MD5_CTX Md5Ctx;
+ li_MD5_CTX Md5Ctx;
HASH HA1;
char a1[256];
- MD5_Init(&Md5Ctx);
- MD5_Update(&Md5Ctx, (unsigned char *)username->ptr, username->used - 1);
- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
- MD5_Update(&Md5Ctx, (unsigned char *)realm->ptr, realm->used - 1);
- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
- MD5_Update(&Md5Ctx, (unsigned char *)pw, strlen(pw));
- MD5_Final(HA1, &Md5Ctx);
+ li_MD5_Init(&Md5Ctx);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)username->ptr, username->used - 1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)realm->ptr, realm->used - 1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)pw, strlen(pw));
+ li_MD5_Final(HA1, &Md5Ctx);
CvtHex(HA1, a1);
@@ -930,7 +934,7 @@
int i;
buffer *password, *b, *username_buf, *realm_buf;
- MD5_CTX Md5Ctx;
+ li_MD5_CTX Md5Ctx;
HASH HA1;
HASH HA2;
HASH RespHash;
@@ -1067,13 +1071,13 @@
if (p->conf.auth_backend == AUTH_BACKEND_PLAIN) {
/* generate password from plain-text */
- MD5_Init(&Md5Ctx);
- MD5_Update(&Md5Ctx, (unsigned char *)username, strlen(username));
- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
- MD5_Update(&Md5Ctx, (unsigned char *)realm, strlen(realm));
- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
- MD5_Update(&Md5Ctx, (unsigned char *)password->ptr, password->used - 1);
- MD5_Final(HA1, &Md5Ctx);
+ li_MD5_Init(&Md5Ctx);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)username, strlen(username));
+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)realm, strlen(realm));
+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)password->ptr, password->used - 1);
+ li_MD5_Final(HA1, &Md5Ctx);
} else if (p->conf.auth_backend == AUTH_BACKEND_HTDIGEST) {
/* HA1 */
/* transform the 32-byte-hex-md5 to a 16-byte-md5 */
@@ -1090,45 +1094,45 @@
if (algorithm &&
strcasecmp(algorithm, "md5-sess") == 0) {
- MD5_Init(&Md5Ctx);
- MD5_Update(&Md5Ctx, (unsigned char *)HA1, 16);
- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
- MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce));
- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
- MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce));
- MD5_Final(HA1, &Md5Ctx);
+ li_MD5_Init(&Md5Ctx);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)HA1, 16);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce));
+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce));
+ li_MD5_Final(HA1, &Md5Ctx);
}
CvtHex(HA1, a1);
/* calculate H(A2) */
- MD5_Init(&Md5Ctx);
- MD5_Update(&Md5Ctx, (unsigned char *)m, strlen(m));
- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
- MD5_Update(&Md5Ctx, (unsigned char *)uri, strlen(uri));
+ li_MD5_Init(&Md5Ctx);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)m, strlen(m));
+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)uri, strlen(uri));
if (qop && strcasecmp(qop, "auth-int") == 0) {
- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
- MD5_Update(&Md5Ctx, (unsigned char *)"", HASHHEXLEN);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)"", HASHHEXLEN);
}
- MD5_Final(HA2, &Md5Ctx);
+ li_MD5_Final(HA2, &Md5Ctx);
CvtHex(HA2, HA2Hex);
/* calculate response */
- MD5_Init(&Md5Ctx);
- MD5_Update(&Md5Ctx, (unsigned char *)a1, HASHHEXLEN);
- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
- MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce));
- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
+ li_MD5_Init(&Md5Ctx);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)a1, HASHHEXLEN);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce));
+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
if (qop && *qop) {
- MD5_Update(&Md5Ctx, (unsigned char *)nc, strlen(nc));
- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
- MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce));
- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
- MD5_Update(&Md5Ctx, (unsigned char *)qop, strlen(qop));
- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)nc, strlen(nc));
+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce));
+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)qop, strlen(qop));
+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
};
- MD5_Update(&Md5Ctx, (unsigned char *)HA2Hex, HASHHEXLEN);
- MD5_Final(RespHash, &Md5Ctx);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)HA2Hex, HASHHEXLEN);
+ li_MD5_Final(RespHash, &Md5Ctx);
CvtHex(RespHash, a2);
if (0 != strcmp(a2, respons)) {
@@ -1171,24 +1175,24 @@
int http_auth_digest_generate_nonce(server *srv, mod_auth_plugin_data *p, buffer *fn, char out[33]) {
HASH h;
- MD5_CTX Md5Ctx;
+ li_MD5_CTX Md5Ctx;
char hh[32];
UNUSED(p);
/* generate shared-secret */
- MD5_Init(&Md5Ctx);
- MD5_Update(&Md5Ctx, (unsigned char *)fn->ptr, fn->used - 1);
- MD5_Update(&Md5Ctx, (unsigned char *)"+", 1);
+ li_MD5_Init(&Md5Ctx);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)fn->ptr, fn->used - 1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)"+", 1);
/* we assume sizeof(time_t) == 4 here, but if not it ain't a problem at all */
LI_ltostr(hh, srv->cur_ts);
- MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
- MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy));
+ li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
+ li_MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy));
LI_ltostr(hh, rand());
- MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
+ li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
- MD5_Final(h, &Md5Ctx);
+ li_MD5_Final(h, &Md5Ctx);
CvtHex(h, out);
Index: src/mod_usertrack.c
===================================================================
--- src/mod_usertrack.c (revision 2798)
+++ src/mod_usertrack.c (revision 2799)
@@ -8,18 +8,8 @@
#include <stdlib.h>
#include <string.h>
-#ifdef USE_OPENSSL
-# include <openssl/md5.h>
-#else
-# include "md5.h"
+#include "md5.h"
-typedef li_MD5_CTX MD5_CTX;
-#define MD5_Init li_MD5_Init
-#define MD5_Update li_MD5_Update
-#define MD5_Final li_MD5_Final
-
-#endif
-
/* plugin config for all request/connections */
typedef struct {
@@ -182,7 +172,7 @@
plugin_data *p = p_d;
data_string *ds;
unsigned char h[16];
- MD5_CTX Md5Ctx;
+ li_MD5_CTX Md5Ctx;
char hh[32];
if (con->uri.path->used == 0) return HANDLER_GO_ON;
@@ -228,18 +218,18 @@
/* taken from mod_auth.c */
/* generate shared-secret */
- MD5_Init(&Md5Ctx);
- MD5_Update(&Md5Ctx, (unsigned char *)con->uri.path->ptr, con->uri.path->used - 1);
- MD5_Update(&Md5Ctx, (unsigned char *)"+", 1);
+ li_MD5_Init(&Md5Ctx);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)con->uri.path->ptr, con->uri.path->used - 1);
+ li_MD5_Update(&Md5Ctx, (unsigned char *)"+", 1);
/* we assume sizeof(time_t) == 4 here, but if not it ain't a problem at all */
LI_ltostr(hh, srv->cur_ts);
- MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
- MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy));
+ li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
+ li_MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy));
LI_ltostr(hh, rand());
- MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
+ li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
- MD5_Final(h, &Md5Ctx);
+ li_MD5_Final(h, &Md5Ctx);
buffer_append_string_encoded(ds->value, (char *)h, 16, ENCODING_HEX);
buffer_append_string_len(ds->value, CONST_STR_LEN("; Path=/"));
Index: src/mod_cml_lua.c
===================================================================
--- src/mod_cml_lua.c (revision 2798)
+++ src/mod_cml_lua.c (revision 2799)
@@ -11,18 +11,6 @@
#include <time.h>
#include <string.h>
-#ifdef USE_OPENSSL
-# include <openssl/md5.h>
-#else
-# include "md5.h"
-
-typedef li_MD5_CTX MD5_CTX;
-#define MD5_Init li_MD5_Init
-#define MD5_Update li_MD5_Update
-#define MD5_Final li_MD5_Final
-
-#endif
-
#define HASHLEN 16
typedef unsigned char HASH[HASHLEN];
#define HASHHEXLEN 32
Index: src/mod_dirlisting.c
===================================================================
--- src/mod_dirlisting.c (revision 2798)
+++ src/mod_dirlisting.c (revision 2799)
@@ -657,7 +657,8 @@
i = dir->used - 1;
#ifdef HAVE_PATHCONF
- if (-1 == (name_max = pathconf(dir->ptr, _PC_NAME_MAX))) {
+ if (0 >= (name_max = pathconf(dir->ptr, _PC_NAME_MAX))) {
+ /* some broken fs (fuse) return 0 instead of -1 */
#ifdef NAME_MAX
name_max = NAME_MAX;
#else

View File

@ -1,62 +0,0 @@
Index: src/mod_staticfile.c
===================================================================
--- src/mod_staticfile.c (revision 2799)
+++ src/mod_staticfile.c (revision 2800)
@@ -350,7 +350,6 @@
URIHANDLER_FUNC(mod_staticfile_subrequest) {
plugin_data *p = p_d;
size_t k;
- int s_len;
stat_cache_entry *sce = NULL;
buffer *mtime = NULL;
data_string *ds;
@@ -376,8 +375,6 @@
mod_staticfile_patch_connection(srv, con, p);
- s_len = con->uri.path->used - 1;
-
/* ignore certain extensions */
for (k = 0; k < p->conf.exclude_ext->used; k++) {
ds = (data_string *)p->conf.exclude_ext->data[k];
Index: src/mod_userdir.c
===================================================================
--- src/mod_userdir.c (revision 2799)
+++ src/mod_userdir.c (revision 2800)
@@ -166,7 +166,6 @@
URIHANDLER_FUNC(mod_userdir_docroot_handler) {
plugin_data *p = p_d;
- int uri_len;
size_t k;
char *rel_url;
#ifdef HAVE_PWD_H
@@ -182,8 +181,6 @@
*/
if (p->conf.path->used == 0) return HANDLER_GO_ON;
- uri_len = con->uri.path->used - 1;
-
/* /~user/foo.html -> /home/user/public_html/foo.html */
if (con->uri.path->ptr[0] != '/' ||
Index: src/mod_fastcgi.c
===================================================================
--- src/mod_fastcgi.c (revision 2799)
+++ src/mod_fastcgi.c (revision 2800)
@@ -3132,7 +3132,6 @@
plugin_data *p = p_d;
handler_ctx *hctx = con->plugin_ctx[p->id];
- fcgi_proc *proc;
fcgi_extension_host *host;
if (NULL == hctx) return HANDLER_GO_ON;
@@ -3201,7 +3200,6 @@
/* ok, create the request */
switch(fcgi_write_request(srv, hctx)) {
case HANDLER_ERROR:
- proc = hctx->proc;
host = hctx->host;
if (hctx->state == FCGI_STATE_INIT ||

View File

@ -1,804 +0,0 @@
Index: src/network_write.c
===================================================================
--- src/network_write.c (revision 2800)
+++ src/network_write.c (revision 2801)
@@ -24,17 +24,16 @@
# include <sys/resource.h>
#endif
-int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq) {
+int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) {
chunk *c;
- size_t chunks_written = 0;
- for(c = cq->first; c; c = c->next) {
+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
int chunk_finished = 0;
switch(c->type) {
case MEM_CHUNK: {
char * offset;
- size_t toSend;
+ off_t toSend;
ssize_t r;
if (c->mem->used == 0) {
@@ -44,6 +43,8 @@
offset = c->mem->ptr + c->offset;
toSend = c->mem->used - 1 - c->offset;
+ if (toSend > max_bytes) toSend = max_bytes;
+
#ifdef __WIN32
if ((r = send(fd, offset, toSend, 0)) < 0) {
/* no error handling for windows... */
@@ -72,6 +73,7 @@
c->offset += r;
cq->bytes_out += r;
+ max_bytes -= r;
if (c->offset == (off_t)c->mem->used - 1) {
chunk_finished = 1;
@@ -85,7 +87,7 @@
#endif
ssize_t r;
off_t offset;
- size_t toSend;
+ off_t toSend;
stat_cache_entry *sce = NULL;
int ifd;
@@ -98,6 +100,8 @@
offset = c->file.start + c->offset;
toSend = c->file.length - c->offset;
+ if (toSend > max_bytes) toSend = max_bytes;
+
if (offset > sce->st.st_size) {
log_error_write(srv, __FILE__, __LINE__, "sb", "file was shrinked:", c->file.name);
@@ -181,6 +185,7 @@
c->offset += r;
cq->bytes_out += r;
+ max_bytes -= r;
if (c->offset == c->file.length) {
chunk_finished = 1;
@@ -200,11 +205,9 @@
break;
}
-
- chunks_written++;
}
- return chunks_written;
+ return 0;
}
#if 0
Index: src/base.h
===================================================================
--- src/base.h (revision 2800)
+++ src/base.h (revision 2801)
@@ -647,11 +647,9 @@
fdevent_handler_t event_handler;
- int (* network_backend_write)(struct server *srv, connection *con, int fd, chunkqueue *cq);
- int (* network_backend_read)(struct server *srv, connection *con, int fd, chunkqueue *cq);
+ int (* network_backend_write)(struct server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
#ifdef USE_OPENSSL
- int (* network_ssl_backend_write)(struct server *srv, connection *con, SSL *ssl, chunkqueue *cq);
- int (* network_ssl_backend_read)(struct server *srv, connection *con, SSL *ssl, chunkqueue *cq);
+ int (* network_ssl_backend_write)(struct server *srv, connection *con, SSL *ssl, chunkqueue *cq, off_t max_bytes);
#endif
uid_t uid;
Index: src/connections.c
===================================================================
--- src/connections.c (revision 2800)
+++ src/connections.c (revision 2801)
@@ -617,8 +617,9 @@
}
static int connection_handle_write(server *srv, connection *con) {
- switch(network_write_chunkqueue(srv, con, con->write_queue)) {
+ switch(network_write_chunkqueue(srv, con, con->write_queue, MAX_WRITE_LIMIT)) {
case 0:
+ con->write_request_ts = srv->cur_ts;
if (con->file_finished) {
connection_set_state(srv, con, CON_STATE_RESPONSE_END);
joblist_append(srv, con);
@@ -635,6 +636,7 @@
joblist_append(srv, con);
break;
case 1:
+ con->write_request_ts = srv->cur_ts;
con->is_writable = 0;
/* not finished yet -> WRITE */
@@ -1251,8 +1253,6 @@
log_error_write(srv, __FILE__, __LINE__, "ds",
con->fd,
"handle write failed.");
- } else if (con->state == CON_STATE_WRITE) {
- con->write_request_ts = srv->cur_ts;
}
}
@@ -1667,8 +1667,6 @@
con->fd,
"handle write failed.");
connection_set_state(srv, con, CON_STATE_ERROR);
- } else if (con->state == CON_STATE_WRITE) {
- con->write_request_ts = srv->cur_ts;
}
}
Index: src/network.c
===================================================================
--- src/network.c (revision 2800)
+++ src/network.c (revision 2801)
@@ -847,7 +847,7 @@
return 0;
}
-int network_write_chunkqueue(server *srv, connection *con, chunkqueue *cq) {
+int network_write_chunkqueue(server *srv, connection *con, chunkqueue *cq, off_t max_bytes) {
int ret = -1;
off_t written = 0;
#ifdef TCP_CORK
@@ -855,16 +855,34 @@
#endif
server_socket *srv_socket = con->srv_socket;
- if (con->conf.global_kbytes_per_second &&
- *(con->conf.global_bytes_per_second_cnt_ptr) > con->conf.global_kbytes_per_second * 1024) {
- /* we reached the global traffic limit */
+ if (con->conf.global_kbytes_per_second) {
+ off_t limit = con->conf.global_kbytes_per_second * 1024 - *(con->conf.global_bytes_per_second_cnt_ptr);
+ if (limit <= 0) {
+ /* we reached the global traffic limit */
- con->traffic_limit_reached = 1;
- joblist_append(srv, con);
+ con->traffic_limit_reached = 1;
+ joblist_append(srv, con);
- return 1;
+ return 1;
+ } else {
+ if (max_bytes > limit) max_bytes = limit;
+ }
}
+ if (con->conf.kbytes_per_second) {
+ off_t limit = con->conf.kbytes_per_second * 1024 - con->bytes_written_cur_second;
+ if (limit <= 0) {
+ /* we reached the traffic limit */
+
+ con->traffic_limit_reached = 1;
+ joblist_append(srv, con);
+
+ return 1;
+ } else {
+ if (max_bytes > limit) max_bytes = limit;
+ }
+ }
+
written = cq->bytes_out;
#ifdef TCP_CORK
@@ -879,10 +897,10 @@
if (srv_socket->is_ssl) {
#ifdef USE_OPENSSL
- ret = srv->network_ssl_backend_write(srv, con, con->ssl, cq);
+ ret = srv->network_ssl_backend_write(srv, con, con->ssl, cq, max_bytes);
#endif
} else {
- ret = srv->network_backend_write(srv, con, con->fd, cq);
+ ret = srv->network_backend_write(srv, con, con->fd, cq, max_bytes);
}
if (ret >= 0) {
@@ -903,12 +921,5 @@
*(con->conf.global_bytes_per_second_cnt_ptr) += written;
- if (con->conf.kbytes_per_second &&
- (con->bytes_written_cur_second > con->conf.kbytes_per_second * 1024)) {
- /* we reached the traffic limit */
-
- con->traffic_limit_reached = 1;
- joblist_append(srv, con);
- }
return ret;
}
Index: src/network.h
===================================================================
--- src/network.h (revision 2800)
+++ src/network.h (revision 2801)
@@ -3,7 +3,7 @@
#include "server.h"
-int network_write_chunkqueue(server *srv, connection *con, chunkqueue *c);
+int network_write_chunkqueue(server *srv, connection *con, chunkqueue *c, off_t max_bytes);
int network_init(server *srv);
int network_close(server *srv);
Index: src/mod_scgi.c
===================================================================
--- src/mod_scgi.c (revision 2800)
+++ src/mod_scgi.c (revision 2801)
@@ -2296,7 +2296,7 @@
/* fall through */
case FCGI_STATE_WRITE:
- ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb);
+ ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb, MAX_WRITE_LIMIT);
chunkqueue_remove_finished_chunks(hctx->wb);
Index: src/network_backends.h
===================================================================
--- src/network_backends.h (revision 2800)
+++ src/network_backends.h (revision 2801)
@@ -47,18 +47,18 @@
#include "base.h"
/* return values:
- * >= 0 : chunks completed
+ * >= 0 : no error
* -1 : error (on our side)
* -2 : remote close
*/
-int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq);
-int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq);
-int network_write_chunkqueue_linuxsendfile(server *srv, connection *con, int fd, chunkqueue *cq);
-int network_write_chunkqueue_freebsdsendfile(server *srv, connection *con, int fd, chunkqueue *cq);
-int network_write_chunkqueue_solarissendfilev(server *srv, connection *con, int fd, chunkqueue *cq);
+int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
+int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
+int network_write_chunkqueue_linuxsendfile(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
+int network_write_chunkqueue_freebsdsendfile(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
+int network_write_chunkqueue_solarissendfilev(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
#ifdef USE_OPENSSL
-int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq);
+int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq, off_t max_bytes);
#endif
#endif
Index: src/mod_proxy.c
===================================================================
--- src/mod_proxy.c (revision 2800)
+++ src/mod_proxy.c (revision 2801)
@@ -825,7 +825,7 @@
/* fall through */
case PROXY_STATE_WRITE:;
- ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb);
+ ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb, MAX_WRITE_LIMIT);
chunkqueue_remove_finished_chunks(hctx->wb);
Index: src/network_writev.c
===================================================================
--- src/network_writev.c (revision 2800)
+++ src/network_writev.c (revision 2801)
@@ -30,17 +30,16 @@
#define LOCAL_BUFFERING 1
#endif
-int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq) {
+int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) {
chunk *c;
- size_t chunks_written = 0;
- for(c = cq->first; c; c = c->next) {
+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
int chunk_finished = 0;
switch(c->type) {
case MEM_CHUNK: {
char * offset;
- size_t toSend;
+ off_t toSend;
ssize_t r;
size_t num_chunks, i;
@@ -65,12 +64,10 @@
#error "sysconf() doesnt return _SC_IOV_MAX ..., check the output of 'man writev' for the EINVAL error and send the output to jan@kneschke.de"
#endif
- /* we can't send more then SSIZE_MAX bytes in one chunk */
-
/* build writev list
*
* 1. limit: num_chunks < max_chunks
- * 2. limit: num_bytes < SSIZE_MAX
+ * 2. limit: num_bytes < max_bytes
*/
for (num_chunks = 0, tc = c; tc && tc->type == MEM_CHUNK && num_chunks < max_chunks; num_chunks++, tc = tc->next);
@@ -87,9 +84,9 @@
chunks[i].iov_base = offset;
/* protect the return value of writev() */
- if (toSend > SSIZE_MAX ||
- num_bytes + toSend > SSIZE_MAX) {
- chunks[i].iov_len = SSIZE_MAX - num_bytes;
+ if (toSend > max_bytes ||
+ (off_t) num_bytes + toSend > max_bytes) {
+ chunks[i].iov_len = max_bytes - num_bytes;
num_chunks = i + 1;
break;
@@ -121,6 +118,7 @@
}
cq->bytes_out += r;
+ max_bytes -= r;
/* check which chunks have been written */
@@ -132,11 +130,10 @@
if (chunk_finished) {
/* skip the chunks from further touches */
- chunks_written++;
c = c->next;
} else {
/* chunks_written + c = c->next is done in the for()*/
- chunk_finished++;
+ chunk_finished = 1;
}
} else {
/* partially written */
@@ -284,6 +281,8 @@
assert(toSend < 0);
}
+ if (toSend > max_bytes) toSend = max_bytes;
+
#ifdef LOCAL_BUFFERING
start = c->mem->ptr;
#else
@@ -309,6 +308,7 @@
c->offset += r;
cq->bytes_out += r;
+ max_bytes -= r;
if (c->offset == c->file.length) {
chunk_finished = 1;
@@ -334,11 +334,9 @@
break;
}
-
- chunks_written++;
}
- return chunks_written;
+ return 0;
}
#endif
Index: src/network_freebsd_sendfile.c
===================================================================
--- src/network_freebsd_sendfile.c (revision 2800)
+++ src/network_freebsd_sendfile.c (revision 2801)
@@ -31,17 +31,16 @@
# endif
#endif
-int network_write_chunkqueue_freebsdsendfile(server *srv, connection *con, int fd, chunkqueue *cq) {
+int network_write_chunkqueue_freebsdsendfile(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) {
chunk *c;
- size_t chunks_written = 0;
- for(c = cq->first; c; c = c->next, chunks_written++) {
+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
int chunk_finished = 0;
switch(c->type) {
case MEM_CHUNK: {
char * offset;
- size_t toSend;
+ off_t toSend;
ssize_t r;
size_t num_chunks, i;
@@ -49,12 +48,10 @@
chunk *tc;
size_t num_bytes = 0;
- /* we can't send more then SSIZE_MAX bytes in one chunk */
-
/* build writev list
*
* 1. limit: num_chunks < UIO_MAXIOV
- * 2. limit: num_bytes < SSIZE_MAX
+ * 2. limit: num_bytes < max_bytes
*/
for(num_chunks = 0, tc = c; tc && tc->type == MEM_CHUNK && num_chunks < UIO_MAXIOV; num_chunks++, tc = tc->next);
@@ -69,9 +66,9 @@
chunks[i].iov_base = offset;
/* protect the return value of writev() */
- if (toSend > SSIZE_MAX ||
- num_bytes + toSend > SSIZE_MAX) {
- chunks[i].iov_len = SSIZE_MAX - num_bytes;
+ if (toSend > max_bytes ||
+ (off_t) num_bytes + toSend > max_bytes) {
+ chunks[i].iov_len = max_bytes - num_bytes;
num_chunks = i + 1;
break;
@@ -105,6 +102,7 @@
/* check which chunks have been written */
cq->bytes_out += r;
+ max_bytes -= r;
for(i = 0, tc = c; i < num_chunks; i++, tc = tc->next) {
if (r >= (ssize_t)chunks[i].iov_len) {
@@ -114,11 +112,10 @@
if (chunk_finished) {
/* skip the chunks from further touches */
- chunks_written++;
c = c->next;
} else {
/* chunks_written + c = c->next is done in the for()*/
- chunk_finished++;
+ chunk_finished = 1;
}
} else {
/* partially written */
@@ -134,7 +131,7 @@
}
case FILE_CHUNK: {
off_t offset, r;
- size_t toSend;
+ off_t toSend;
stat_cache_entry *sce = NULL;
if (HANDLER_ERROR == stat_cache_get_entry(srv, con, c->file.name, &sce)) {
@@ -144,9 +141,8 @@
}
offset = c->file.start + c->offset;
- /* limit the toSend to 2^31-1 bytes in a chunk */
- toSend = c->file.length - c->offset > ((1 << 30) - 1) ?
- ((1 << 30) - 1) : c->file.length - c->offset;
+ toSend = c->file.length - c->offset;
+ if (toSend > max_bytes) toSend = max_bytes;
if (-1 == c->file.fd) {
if (-1 == (c->file.fd = open(c->file.name->ptr, O_RDONLY))) {
@@ -197,6 +193,7 @@
c->offset += r;
cq->bytes_out += r;
+ max_bytes -= r;
if (c->offset == c->file.length) {
chunk_finished = 1;
@@ -218,7 +215,7 @@
}
}
- return chunks_written;
+ return 0;
}
#endif
Index: src/network_openssl.c
===================================================================
--- src/network_openssl.c (revision 2800)
+++ src/network_openssl.c (revision 2801)
@@ -27,10 +27,9 @@
# include <openssl/ssl.h>
# include <openssl/err.h>
-int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq) {
+int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq, off_t max_bytes) {
int ssl_r;
chunk *c;
- size_t chunks_written = 0;
/* this is a 64k sendbuffer
*
@@ -59,13 +58,13 @@
SSL_set_shutdown(ssl, SSL_RECEIVED_SHUTDOWN);
}
- for(c = cq->first; c; c = c->next) {
+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
int chunk_finished = 0;
switch(c->type) {
case MEM_CHUNK: {
char * offset;
- size_t toSend;
+ off_t toSend;
ssize_t r;
if (c->mem->used == 0 || c->mem->used == 1) {
@@ -75,6 +74,7 @@
offset = c->mem->ptr + c->offset;
toSend = c->mem->used - 1 - c->offset;
+ if (toSend > max_bytes) toSend = max_bytes;
/**
* SSL_write man-page
@@ -139,6 +139,7 @@
} else {
c->offset += r;
cq->bytes_out += r;
+ max_bytes -= r;
}
if (c->offset == (off_t)c->mem->used - 1) {
@@ -168,6 +169,7 @@
do {
off_t offset = c->file.start + c->offset;
off_t toSend = c->file.length - c->offset;
+ if (toSend > max_bytes) toSend = max_bytes;
if (toSend > LOCAL_SEND_BUFSIZE) toSend = LOCAL_SEND_BUFSIZE;
@@ -243,6 +245,7 @@
} else {
c->offset += r;
cq->bytes_out += r;
+ max_bytes -= r;
}
if (c->offset == c->file.length) {
@@ -263,11 +266,9 @@
break;
}
-
- chunks_written++;
}
- return chunks_written;
+ return 0;
}
#endif
Index: src/settings.h
===================================================================
--- src/settings.h (revision 2800)
+++ src/settings.h (revision 2801)
@@ -21,8 +21,11 @@
* 64kB (no real reason, just a guess)
*/
#define BUFFER_MAX_REUSE_SIZE (4 * 1024)
-#define MAX_READ_LIMIT (4*1024*1024)
+/* both should be way smaller than SSIZE_MAX :) */
+#define MAX_READ_LIMIT (256*1024)
+#define MAX_WRITE_LIMIT (256*1024)
+
/**
* max size of the HTTP request header
*
Index: src/mod_fastcgi.c
===================================================================
--- src/mod_fastcgi.c (revision 2800)
+++ src/mod_fastcgi.c (revision 2801)
@@ -3075,7 +3075,7 @@
fcgi_set_state(srv, hctx, FCGI_STATE_WRITE);
/* fall through */
case FCGI_STATE_WRITE:
- ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb);
+ ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb, MAX_WRITE_LIMIT);
chunkqueue_remove_finished_chunks(hctx->wb);
Index: src/network_solaris_sendfilev.c
===================================================================
--- src/network_solaris_sendfilev.c (revision 2800)
+++ src/network_solaris_sendfilev.c (revision 2801)
@@ -38,17 +38,16 @@
*/
-int network_write_chunkqueue_solarissendfilev(server *srv, connection *con, int fd, chunkqueue *cq) {
+int network_write_chunkqueue_solarissendfilev(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) {
chunk *c;
- size_t chunks_written = 0;
- for(c = cq->first; c; c = c->next, chunks_written++) {
+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
int chunk_finished = 0;
switch(c->type) {
case MEM_CHUNK: {
char * offset;
- size_t toSend;
+ off_t toSend;
ssize_t r;
size_t num_chunks, i;
@@ -77,9 +76,9 @@
chunks[i].iov_base = offset;
/* protect the return value of writev() */
- if (toSend > SSIZE_MAX ||
- num_bytes + toSend > SSIZE_MAX) {
- chunks[i].iov_len = SSIZE_MAX - num_bytes;
+ if (toSend > max_bytes ||
+ (off_t) num_bytes + toSend > max_bytes) {
+ chunks[i].iov_len = max_bytes - num_bytes;
num_chunks = i + 1;
break;
@@ -119,11 +118,10 @@
if (chunk_finished) {
/* skip the chunks from further touches */
- chunks_written++;
c = c->next;
} else {
/* chunks_written + c = c->next is done in the for()*/
- chunk_finished++;
+ chunk_finished = 1;
}
} else {
/* partially written */
@@ -139,8 +137,8 @@
}
case FILE_CHUNK: {
ssize_t r;
- off_t offset;
- size_t toSend, written;
+ off_t offset, toSend;
+ size_t written;
sendfilevec_t fvec;
stat_cache_entry *sce = NULL;
int ifd;
@@ -153,6 +151,7 @@
offset = c->file.start + c->offset;
toSend = c->file.length - c->offset;
+ if (toSend > max_bytes) toSend = max_bytes;
if (offset > sce->st.st_size) {
log_error_write(srv, __FILE__, __LINE__, "sb", "file was shrinked:", c->file.name);
@@ -186,6 +185,7 @@
close(ifd);
c->offset += written;
cq->bytes_out += written;
+ max_bytes -= written;
if (c->offset == c->file.length) {
chunk_finished = 1;
@@ -207,7 +207,7 @@
}
}
- return chunks_written;
+ return 0;
}
#endif
Index: src/network_linux_sendfile.c
===================================================================
--- src/network_linux_sendfile.c (revision 2800)
+++ src/network_linux_sendfile.c (revision 2801)
@@ -27,17 +27,16 @@
/* on linux 2.4.29 + debian/ubuntu we have crashes if this is enabled */
#undef HAVE_POSIX_FADVISE
-int network_write_chunkqueue_linuxsendfile(server *srv, connection *con, int fd, chunkqueue *cq) {
+int network_write_chunkqueue_linuxsendfile(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) {
chunk *c;
- size_t chunks_written = 0;
- for(c = cq->first; c; c = c->next, chunks_written++) {
+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
int chunk_finished = 0;
switch(c->type) {
case MEM_CHUNK: {
char * offset;
- size_t toSend;
+ off_t toSend;
ssize_t r;
size_t num_chunks, i;
@@ -45,12 +44,10 @@
chunk *tc;
size_t num_bytes = 0;
- /* we can't send more then SSIZE_MAX bytes in one chunk */
-
/* build writev list
*
* 1. limit: num_chunks < UIO_MAXIOV
- * 2. limit: num_bytes < SSIZE_MAX
+ * 2. limit: num_bytes < max_bytes
*/
for (num_chunks = 0, tc = c;
tc && tc->type == MEM_CHUNK && num_chunks < UIO_MAXIOV;
@@ -67,9 +64,9 @@
chunks[i].iov_base = offset;
/* protect the return value of writev() */
- if (toSend > SSIZE_MAX ||
- num_bytes + toSend > SSIZE_MAX) {
- chunks[i].iov_len = SSIZE_MAX - num_bytes;
+ if (toSend > max_bytes ||
+ (off_t) num_bytes + toSend > max_bytes) {
+ chunks[i].iov_len = max_bytes - num_bytes;
num_chunks = i + 1;
break;
@@ -100,6 +97,7 @@
/* check which chunks have been written */
cq->bytes_out += r;
+ max_bytes -= r;
for(i = 0, tc = c; i < num_chunks; i++, tc = tc->next) {
if (r >= (ssize_t)chunks[i].iov_len) {
@@ -109,11 +107,10 @@
if (chunk_finished) {
/* skip the chunks from further touches */
- chunks_written++;
c = c->next;
} else {
/* chunks_written + c = c->next is done in the for()*/
- chunk_finished++;
+ chunk_finished = 1;
}
} else {
/* partially written */
@@ -130,13 +127,12 @@
case FILE_CHUNK: {
ssize_t r;
off_t offset;
- size_t toSend;
+ off_t toSend;
stat_cache_entry *sce = NULL;
offset = c->file.start + c->offset;
- /* limit the toSend to 2^31-1 bytes in a chunk */
- toSend = c->file.length - c->offset > ((1 << 30) - 1) ?
- ((1 << 30) - 1) : c->file.length - c->offset;
+ toSend = c->file.length - c->offset;
+ if (toSend > max_bytes) toSend = max_bytes;
/* open file if not already opened */
if (-1 == c->file.fd) {
@@ -215,6 +211,7 @@
c->offset += r;
cq->bytes_out += r;
+ max_bytes -= r;
if (c->offset == c->file.length) {
chunk_finished = 1;
@@ -243,7 +240,7 @@
}
}
- return chunks_written;
+ return 0;
}
#endif

View File

@ -1,16 +0,0 @@
Index: src/network.c
===================================================================
--- src/network.c (revision 2801)
+++ src/network.c (revision 2802)
@@ -480,9 +480,11 @@
network_backend_t backend;
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
+#ifndef OPENSSL_NO_ECDH
EC_KEY *ecdh;
int nid;
#endif
+#endif
#ifdef USE_OPENSSL
DH *dh;

View File

@ -1,122 +0,0 @@
Index: src/mod_staticfile.c
===================================================================
--- src/mod_staticfile.c (revision 2802)
+++ src/mod_staticfile.c (revision 2803)
@@ -26,6 +26,7 @@
typedef struct {
array *exclude_ext;
unsigned short etags_used;
+ unsigned short disable_pathinfo;
} plugin_config;
typedef struct {
@@ -84,6 +85,7 @@
config_values_t cv[] = {
{ "static-file.exclude-extensions", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
{ "static-file.etags", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
+ { "static-file.disable-pathinfo", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
{ NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
};
@@ -97,9 +99,11 @@
s = calloc(1, sizeof(plugin_config));
s->exclude_ext = array_init();
s->etags_used = 1;
+ s->disable_pathinfo = 0;
cv[0].destination = s->exclude_ext;
cv[1].destination = &(s->etags_used);
+ cv[2].destination = &(s->disable_pathinfo);
p->config_storage[i] = s;
@@ -119,6 +123,7 @@
PATCH(exclude_ext);
PATCH(etags_used);
+ PATCH(disable_pathinfo);
/* skip the first, the global context */
for (i = 1; i < srv->config_context->used; i++) {
@@ -136,7 +141,9 @@
PATCH(exclude_ext);
} else if (buffer_is_equal_string(du->key, CONST_STR_LEN("static-file.etags"))) {
PATCH(etags_used);
- }
+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("static-file.disable-pathinfo"))) {
+ PATCH(disable_pathinfo);
+ }
}
}
@@ -375,6 +382,13 @@
mod_staticfile_patch_connection(srv, con, p);
+ if (p->conf.disable_pathinfo && 0 != con->request.pathinfo->used) {
+ if (con->conf.log_request_handling) {
+ log_error_write(srv, __FILE__, __LINE__, "s", "-- NOT handling file as static file, pathinfo forbidden");
+ }
+ return HANDLER_GO_ON;
+ }
+
/* ignore certain extensions */
for (k = 0; k < p->conf.exclude_ext->used; k++) {
ds = (data_string *)p->conf.exclude_ext->data[k];
Index: tests/request.t
===================================================================
--- tests/request.t (revision 2802)
+++ tests/request.t (revision 2803)
@@ -8,7 +8,7 @@
use strict;
use IO::Socket;
-use Test::More tests => 44;
+use Test::More tests => 46;
use LightyTest;
my $tf = LightyTest->new();
@@ -413,5 +413,21 @@
$t->{SLOWREQUEST} = 1;
ok($tf->handle_http($t) == 0, 'GET, slow \\r\\n\\r\\n (#2105)');
+print "\nPathinfo for static files\n";
+$t->{REQUEST} = ( <<EOF
+GET /image.jpg/index.php HTTP/1.0
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'Content-Type' => 'image/jpeg' } ];
+ok($tf->handle_http($t) == 0, 'static file accepting pathinfo by default');
+
+$t->{REQUEST} = ( <<EOF
+GET /image.jpg/index.php HTTP/1.0
+Host: zzz.example.org
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ];
+ok($tf->handle_http($t) == 0, 'static file with forbidden pathinfo');
+
ok($tf->stop_proc == 0, "Stopping lighttpd");
Index: tests/wrapper.sh
===================================================================
--- tests/wrapper.sh (revision 2802)
+++ tests/wrapper.sh (revision 2803)
@@ -6,4 +6,4 @@
top_builddir=$2
export SHELL srcdir top_builddir
-$3
+exec $3
Index: tests/lighttpd.conf
===================================================================
--- tests/lighttpd.conf (revision 2802)
+++ tests/lighttpd.conf (revision 2803)
@@ -149,6 +149,7 @@
$HTTP["host"] == "zzz.example.org" {
server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
server.name = "zzz.example.org"
+ static-file.disable-pathinfo = "enable"
}
$HTTP["host"] == "symlink.example.org" {

View File

@ -1,12 +0,0 @@
Index: src/connections.c
===================================================================
--- src/connections.c (revision 2803)
+++ src/connections.c (revision 2804)
@@ -445,6 +445,7 @@
default:
switch(con->http_status) {
case 400: /* bad request */
+ case 401: /* authorization required */
case 414: /* overload request header */
case 505: /* unknown protocol */
case 207: /* this was webdav */

View File

@ -0,0 +1,11 @@
--- src/fdevent.h.orig 2011-12-19 07:41:33.183877666 +0100
+++ src/fdevent.h 2011-12-19 07:42:01.457863868 +0100
@@ -54,7 +54,7 @@
# include <port.h>
#endif
-#if defined HAVE_SYS_EVENT_H && defined HAVE_KQUEUE
+#if defined HAVE_SYS_EVENT_H && defined HAVE_KQUEUE && !defined HAVE_LIBEV
# define USE_FREEBSD_KQUEUE
# include <sys/event.h>
#endif