Newer
Older
5001
5002
5003
5004
5005
5006
5007
5008
5009
5010
5011
5012
5013
5014
5015
5016
5017
5018
5019
5020
5021
5022
5023
5024
5025
5026
5027
5028
5029
5030
5031
5032
5033
5034
5035
5036
5037
5038
5039
5040
5041
5042
5043
5044
5045
5046
5047
5048
5049
5050
5051
5052
5053
5054
5055
5056
5057
5058
5059
5060
5061
5062
5063
5064
5065
5066
5067
5068
5069
5070
5071
5072
5073
5074
5075
5076
5077
5078
5079
5080
5081
5082
5083
5084
5085
5086
5087
5088
5089
5090
5091
5092
5093
5094
5095
5096
5097
5098
5099
5100
5101
5102
5103
5104
5105
5106
5107
5108
5109
5110
5111
5112
5113
5114
5115
5116
5117
5118
5119
5120
5121
5122
5123
5124
5125
5126
5127
5128
5129
5130
5131
5132
5133
5134
5135
5136
5137
5138
5139
5140
5141
5142
5143
5144
5145
5146
5147
5148
5149
5150
5151
5152
5153
5154
5155
5156
5157
5158
5159
5160
5161
5162
5163
5164
5165
5166
5167
5168
5169
5170
5171
5172
5173
5174
5175
5176
5177
5178
5179
5180
5181
5182
5183
5184
5185
5186
5187
5188
5189
5190
5191
5192
5193
5194
5195
5196
5197
5198
5199
5200
5201
5202
5203
5204
5205
5206
5207
5208
5209
5210
5211
5212
5213
5214
5215
5216
5217
5218
5219
5220
5221
5222
5223
5224
5225
5226
5227
5228
5229
5230
5231
5232
5233
5234
5235
5236
5237
5238
5239
5240
5241
5242
5243
5244
5245
5246
5247
5248
5249
5250
5251
5252
5253
5254
5255
5256
5257
5258
5259
5260
5261
5262
5263
5264
5265
5266
5267
5268
5269
5270
5271
5272
5273
5274
5275
5276
5277
5278
5279
5280
5281
5282
5283
5284
5285
5286
5287
5288
5289
5290
5291
5292
5293
5294
5295
5296
5297
5298
5299
5300
5301
5302
5303
5304
5305
5306
5307
5308
5309
5310
5311
5312
5313
5314
5315
5316
5317
5318
5319
5320
5321
5322
5323
5324
5325
5326
5327
5328
5329
5330
5331
5332
5333
5334
5335
5336
5337
5338
5339
5340
5341
5342
5343
5344
5345
5346
5347
5348
5349
5350
5351
5352
5353
5354
5355
5356
5357
5358
5359
5360
5361
5362
5363
5364
5365
5366
5367
5368
5369
5370
5371
5372
5373
5374
5375
5376
5377
5378
5379
5380
5381
5382
5383
5384
5385
5386
5387
5388
5389
5390
5391
5392
5393
5394
5395
5396
5397
5398
5399
5400
5401
return NULL;
}
apr_sockaddr_ip_get(&c->local_ip, c->local_addr);
if ((rv = apr_socket_addr_get(&c->client_addr, APR_REMOTE, csd))
!= APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_INFO, rv, server, APLOGNO(00138)
"apr_socket_addr_get(APR_REMOTE)");
apr_socket_close(csd);
return NULL;
}
apr_sockaddr_ip_get(&c->client_ip, c->client_addr);
c->base_server = server;
c->id = id;
c->bucket_alloc = alloc;
c->clogging_input_filters = 0;
return c;
}
static int core_pre_connection(conn_rec *c, void *csd)
{
core_net_rec *net = apr_palloc(c->pool, sizeof(*net));
apr_status_t rv;
/* The Nagle algorithm says that we should delay sending partial
* packets in hopes of getting more data. We don't want to do
* this; we are not telnet. There are bad interactions between
* persistent connections and Nagle's algorithm that have very severe
* performance penalties. (Failing to disable Nagle is not much of a
* problem with simple HTTP.)
*/
rv = apr_socket_opt_set(csd, APR_TCP_NODELAY, 1);
if (rv != APR_SUCCESS && rv != APR_ENOTIMPL) {
/* expected cause is that the client disconnected already,
* hence the debug level
*/
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, rv, c, APLOGNO(00139)
"apr_socket_opt_set(APR_TCP_NODELAY)");
}
/* The core filter requires the timeout mode to be set, which
* incidentally sets the socket to be nonblocking. If this
* is not initialized correctly, Linux - for example - will
* be initially blocking, while Solaris will be non blocking
* and any initial read will fail.
*/
rv = apr_socket_timeout_set(csd, c->base_server->timeout);
if (rv != APR_SUCCESS) {
/* expected cause is that the client disconnected already */
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, rv, c, APLOGNO(00140)
"apr_socket_timeout_set");
}
net->c = c;
net->in_ctx = NULL;
net->out_ctx = NULL;
net->client_socket = csd;
ap_set_core_module_config(net->c->conn_config, csd);
ap_add_input_filter_handle(ap_core_input_filter_handle, net, NULL, net->c);
ap_add_output_filter_handle(ap_core_output_filter_handle, net, NULL, net->c);
return DONE;
}
AP_DECLARE(int) ap_state_query(int query)
{
switch (query) {
case AP_SQ_MAIN_STATE:
return ap_main_state;
case AP_SQ_RUN_MODE:
return ap_run_mode;
case AP_SQ_CONFIG_GEN:
return ap_config_generation;
default:
return AP_SQ_NOT_SUPPORTED;
}
}
static apr_random_t *rng = NULL;
#if APR_HAS_THREADS
static apr_thread_mutex_t *rng_mutex = NULL;
#endif
static void core_child_init(apr_pool_t *pchild, server_rec *s)
{
apr_proc_t proc;
#if APR_HAS_THREADS
int threaded_mpm;
if (ap_mpm_query(AP_MPMQ_IS_THREADED, &threaded_mpm) == APR_SUCCESS
&& threaded_mpm)
{
apr_thread_mutex_create(&rng_mutex, APR_THREAD_MUTEX_DEFAULT, pchild);
}
#endif
/* The MPMs use plain fork() and not apr_proc_fork(), so we have to call
* apr_random_after_fork() manually in the child
*/
proc.pid = getpid();
apr_random_after_fork(&proc);
}
static void core_optional_fn_retrieve(void)
{
ap_init_scoreboard(NULL);
}
AP_CORE_DECLARE(void) ap_random_parent_after_fork(void)
{
/*
* To ensure that the RNG state in the parent changes after the fork, we
* pull some data from the RNG and discard it. This ensures that the RNG
* states in the children are different even after the pid wraps around.
* As we only use apr_random for insecure random bytes, pulling 2 bytes
* should be enough.
* XXX: APR should probably have some dedicated API to do this, but it
* XXX: currently doesn't.
*/
apr_uint16_t data;
apr_random_insecure_bytes(rng, &data, sizeof(data));
}
AP_CORE_DECLARE(void) ap_init_rng(apr_pool_t *p)
{
unsigned char seed[8];
apr_status_t rv;
rng = apr_random_standard_new(p);
do {
rv = apr_generate_random_bytes(seed, sizeof(seed));
if (rv != APR_SUCCESS)
goto error;
apr_random_add_entropy(rng, seed, sizeof(seed));
rv = apr_random_insecure_ready(rng);
} while (rv == APR_ENOTENOUGHENTROPY);
if (rv == APR_SUCCESS)
return;
error:
ap_log_error(APLOG_MARK, APLOG_CRIT, rv, NULL, APLOGNO(00141)
"Could not initialize random number generator");
exit(1);
}
AP_DECLARE(void) ap_random_insecure_bytes(void *buf, apr_size_t size)
{
#if APR_HAS_THREADS
if (rng_mutex)
apr_thread_mutex_lock(rng_mutex);
#endif
/* apr_random_insecure_bytes can only fail with APR_ENOTENOUGHENTROPY,
* and we have ruled that out during initialization. Therefore we don't
* need to check the return code.
*/
apr_random_insecure_bytes(rng, buf, size);
#if APR_HAS_THREADS
if (rng_mutex)
apr_thread_mutex_unlock(rng_mutex);
#endif
}
/*
* Finding a random number in a range.
* n' = a + n(b-a+1)/(M+1)
* where:
* n' = random number in range
* a = low end of range
* b = high end of range
* n = random number of 0..M
* M = maxint
* Algorithm 'borrowed' from PHP's rand() function.
*/
#define RAND_RANGE(__n, __min, __max, __tmax) \
(__n) = (__min) + (long) ((double) ((__max) - (__min) + 1.0) * ((__n) / ((__tmax) + 1.0)))
AP_DECLARE(apr_uint32_t) ap_random_pick(apr_uint32_t min, apr_uint32_t max)
{
apr_uint32_t number;
#if (!__GNUC__ || __GNUC__ >= 5 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 8) || \
!__sparc__ || APR_SIZEOF_VOIDP != 8)
/* This triggers a gcc bug on sparc/64bit with gcc < 4.8, PR 52900 */
if (max < 16384) {
apr_uint16_t num16;
ap_random_insecure_bytes(&num16, sizeof(num16));
RAND_RANGE(num16, min, max, APR_UINT16_MAX);
number = num16;
}
else
#endif
{
ap_random_insecure_bytes(&number, sizeof(number));
RAND_RANGE(number, min, max, APR_UINT32_MAX);
}
return number;
}
static apr_status_t core_insert_network_bucket(conn_rec *c,
apr_bucket_brigade *bb,
apr_socket_t *socket)
{
apr_bucket *e = apr_bucket_socket_create(socket, c->bucket_alloc);
APR_BRIGADE_INSERT_TAIL(bb, e);
return APR_SUCCESS;
}
static apr_status_t core_dirwalk_stat(apr_finfo_t *finfo, request_rec *r,
apr_int32_t wanted)
{
return apr_stat(finfo, r->filename, wanted, r->pool);
}
static void core_dump_config(apr_pool_t *p, server_rec *s)
{
core_server_config *sconf = ap_get_core_module_config(s->module_config);
apr_file_t *out = NULL;
const char *tmp;
const char **defines;
int i;
if (!ap_exists_config_define("DUMP_RUN_CFG"))
return;
apr_file_open_stdout(&out, p);
apr_file_printf(out, "ServerRoot: \"%s\"\n", ap_server_root);
tmp = ap_server_root_relative(p, sconf->ap_document_root);
apr_file_printf(out, "Main DocumentRoot: \"%s\"\n", tmp);
if (s->error_fname[0] != '|' && strcmp(s->error_fname, "syslog") != 0)
tmp = ap_server_root_relative(p, s->error_fname);
else
tmp = s->error_fname;
apr_file_printf(out, "Main ErrorLog: \"%s\"\n", tmp);
if (ap_scoreboard_fname) {
tmp = ap_server_root_relative(p, ap_scoreboard_fname);
apr_file_printf(out, "ScoreBoardFile: \"%s\"\n", tmp);
}
ap_dump_mutexes(p, s, out);
ap_mpm_dump_pidfile(p, out);
defines = (const char **)ap_server_config_defines->elts;
for (i = 0; i < ap_server_config_defines->nelts; i++) {
const char *name = defines[i];
const char *val = NULL;
if (server_config_defined_vars)
val = apr_table_get(server_config_defined_vars, name);
if (val)
apr_file_printf(out, "Define: %s=%s\n", name, val);
else
apr_file_printf(out, "Define: %s\n", name);
}
}
static int core_upgrade_handler(request_rec *r)
{
conn_rec *c = r->connection;
const char *upgrade;
if (c->master) {
/* Not possible to perform an HTTP/1.1 upgrade from a slave
* connection. */
return DECLINED;
}
upgrade = apr_table_get(r->headers_in, "Upgrade");
if (upgrade && *upgrade) {
const char *conn = apr_table_get(r->headers_in, "Connection");
if (ap_find_token(r->pool, conn, "upgrade")) {
apr_array_header_t *offers = NULL;
const char *err;
err = ap_parse_token_list_strict(r->pool, upgrade, &offers, 0);
if (err) {
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02910)
"parsing Upgrade header: %s", err);
return DECLINED;
}
if (offers && offers->nelts > 0) {
const char *protocol = ap_select_protocol(c, r, NULL, offers);
if (protocol && strcmp(protocol, ap_get_protocol(c))) {
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02909)
"Upgrade selects '%s'", protocol);
/* Let the client know what we are upgrading to. */
apr_table_clear(r->headers_out);
apr_table_setn(r->headers_out, "Upgrade", protocol);
apr_table_setn(r->headers_out, "Connection", "Upgrade");
r->status = HTTP_SWITCHING_PROTOCOLS;
r->status_line = ap_get_status_line(r->status);
ap_send_interim_response(r, 1);
ap_switch_protocol(c, r, r->server, protocol);
/* make sure httpd closes the connection after this */
c->keepalive = AP_CONN_CLOSE;
return DONE;
}
}
}
}
else if (!c->keepalives) {
/* first request on a master connection, if we have protocols other
* than the current one enabled here, announce them to the
* client. If the client is already talking a protocol with requests
* on slave connections, leave it be. */
const apr_array_header_t *upgrades;
ap_get_protocol_upgrades(c, r, NULL, 0, &upgrades);
if (upgrades && upgrades->nelts > 0) {
char *protocols = apr_array_pstrcat(r->pool, upgrades, ',');
apr_table_setn(r->headers_out, "Upgrade", protocols);
apr_table_setn(r->headers_out, "Connection", "Upgrade");
}
}
return DECLINED;
}
static int core_upgrade_storage(request_rec *r)
{
if ((r->method_number == M_OPTIONS) && r->uri && (r->uri[0] == '*') &&
(r->uri[1] == '\0')) {
return core_upgrade_handler(r);
}
return DECLINED;
}
static void register_hooks(apr_pool_t *p)
{
errorlog_hash = apr_hash_make(p);
ap_register_log_hooks(p);
ap_register_config_hooks(p);
ap_expr_init(p);
/* create_connection and pre_connection should always be hooked
* APR_HOOK_REALLY_LAST by core to give other modules the opportunity
* to install alternate network transports and stop other functions
* from being run.
*/
ap_hook_create_connection(core_create_conn, NULL, NULL,
APR_HOOK_REALLY_LAST);
ap_hook_pre_connection(core_pre_connection, NULL, NULL,
APR_HOOK_REALLY_LAST);
ap_hook_pre_config(core_pre_config, NULL, NULL, APR_HOOK_REALLY_FIRST);
ap_hook_post_config(core_post_config,NULL,NULL,APR_HOOK_REALLY_FIRST);
ap_hook_check_config(core_check_config,NULL,NULL,APR_HOOK_FIRST);
ap_hook_test_config(core_dump_config,NULL,NULL,APR_HOOK_FIRST);
ap_hook_translate_name(ap_core_translate,NULL,NULL,APR_HOOK_REALLY_LAST);
ap_hook_map_to_storage(core_upgrade_storage,NULL,NULL,APR_HOOK_REALLY_FIRST);
ap_hook_map_to_storage(core_map_to_storage,NULL,NULL,APR_HOOK_REALLY_LAST);
ap_hook_open_logs(ap_open_logs,NULL,NULL,APR_HOOK_REALLY_FIRST);
ap_hook_child_init(core_child_init,NULL,NULL,APR_HOOK_REALLY_FIRST);
ap_hook_child_init(ap_logs_child_init,NULL,NULL,APR_HOOK_MIDDLE);
ap_hook_handler(core_upgrade_handler,NULL,NULL,APR_HOOK_REALLY_FIRST);
ap_hook_handler(default_handler,NULL,NULL,APR_HOOK_REALLY_LAST);
/* FIXME: I suspect we can eliminate the need for these do_nothings - Ben */
ap_hook_type_checker(do_nothing,NULL,NULL,APR_HOOK_REALLY_LAST);
ap_hook_fixups(core_override_type,NULL,NULL,APR_HOOK_REALLY_FIRST);
ap_hook_create_request(core_create_req, NULL, NULL, APR_HOOK_MIDDLE);
APR_OPTIONAL_HOOK(proxy, create_req, core_create_proxy_req, NULL, NULL,
APR_HOOK_MIDDLE);
ap_hook_pre_mpm(ap_create_scoreboard, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_child_status(ap_core_child_status, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_insert_network_bucket(core_insert_network_bucket, NULL, NULL,
APR_HOOK_REALLY_LAST);
ap_hook_dirwalk_stat(core_dirwalk_stat, NULL, NULL, APR_HOOK_REALLY_LAST);
ap_hook_open_htaccess(ap_open_htaccess, NULL, NULL, APR_HOOK_REALLY_LAST);
ap_hook_optional_fn_retrieve(core_optional_fn_retrieve, NULL, NULL,
APR_HOOK_MIDDLE);
/* register the core's insert_filter hook and register core-provided
* filters
*/
ap_hook_insert_filter(core_insert_filter, NULL, NULL, APR_HOOK_MIDDLE);
ap_core_input_filter_handle =
ap_register_input_filter("CORE_IN", ap_core_input_filter,
NULL, AP_FTYPE_NETWORK);
ap_content_length_filter_handle =
ap_register_output_filter("CONTENT_LENGTH", ap_content_length_filter,
NULL, AP_FTYPE_PROTOCOL);
ap_core_output_filter_handle =
ap_register_output_filter("CORE", ap_core_output_filter,
NULL, AP_FTYPE_NETWORK);
ap_subreq_core_filter_handle =
ap_register_output_filter("SUBREQ_CORE", ap_sub_req_output_filter,
NULL, AP_FTYPE_CONTENT_SET);
ap_old_write_func =
ap_register_output_filter("OLD_WRITE", ap_old_write_filter,
NULL, AP_FTYPE_RESOURCE - 10);
}
AP_DECLARE_MODULE(core) = {
MPM20_MODULE_STUFF,
AP_PLATFORM_REWRITE_ARGS_HOOK, /* hook to run before apache parses args */
create_core_dir_config, /* create per-directory config structure */
merge_core_dir_configs, /* merge per-directory config structures */
create_core_server_config, /* create per-server config structure */
merge_core_server_configs, /* merge per-server config structures */
core_cmds, /* command apr_table_t */
register_hooks /* register hooks */
};