diff options
Diffstat (limited to 'data/lighttpd/lighttpd-1.4.53/src/configfile.c')
| -rw-r--r-- | data/lighttpd/lighttpd-1.4.53/src/configfile.c | 1665 |
1 files changed, 1665 insertions, 0 deletions
diff --git a/data/lighttpd/lighttpd-1.4.53/src/configfile.c b/data/lighttpd/lighttpd-1.4.53/src/configfile.c new file mode 100644 index 000000000..b359dcbeb --- /dev/null +++ b/data/lighttpd/lighttpd-1.4.53/src/configfile.c @@ -0,0 +1,1665 @@ +#include "first.h" + +#include "base.h" +#include "burl.h" +#include "fdevent.h" +#include "keyvalue.h" +#include "log.h" +#include "stream.h" + +#include "configparser.h" +#include "configfile.h" +#include "stat_cache.h" +#include "sys-crypto.h" + +#include <sys/stat.h> +#include <sys/wait.h> + +#include <stdlib.h> +#include <fcntl.h> +#include <unistd.h> +#include <errno.h> +#include <string.h> +#include <ctype.h> +#include <limits.h> +#include <glob.h> + +#ifndef PATH_MAX +#define PATH_MAX 4096 +#endif + +#if defined(HAVE_MYSQL) || (defined(HAVE_LDAP_H) && defined(HAVE_LBER_H) && defined(HAVE_LIBLDAP) && defined(HAVE_LIBLBER)) +static void config_warn_authn_module (server *srv, const char *module, size_t len) { + for (size_t i = 0; i < srv->config_context->used; ++i) { + const data_config *config = (data_config const*)srv->config_context->data[i]; + const data_unset *du = array_get_element(config->value, "auth.backend"); + if (NULL != du && du->type == TYPE_STRING) { + data_string *ds = (data_string *)du; + if (buffer_is_equal_string(ds->value, module, len)) { + buffer_copy_string_len(srv->tmp_buf, CONST_STR_LEN("mod_authn_")); + buffer_append_string_len(srv->tmp_buf, module, len); + array_insert_value(srv->srvconf.modules, CONST_BUF_LEN(srv->tmp_buf)); + log_error_write(srv, __FILE__, __LINE__, "SSSsSSS", "Warning: please add \"mod_authn_", module, "\" to server.modules list in lighttpd.conf. A future release of lighttpd 1.4.x will not automatically load mod_authn_", module, "and lighttpd will fail to start up since your lighttpd.conf uses auth.backend = \"", module, "\"."); + return; + } + } + } +} +#endif + +#ifdef USE_OPENSSL_CRYPTO +static void config_warn_openssl_module (server *srv) { + for (size_t i = 0; i < srv->config_context->used; ++i) { + const data_config *config = (data_config const*)srv->config_context->data[i]; + for (size_t j = 0; j < config->value->used; ++j) { + data_unset *du = config->value->data[j]; + if (0 == strncmp(du->key->ptr, "ssl.", sizeof("ssl.")-1)) { + /* mod_openssl should be loaded after mod_extforward */ + array_insert_value(srv->srvconf.modules, CONST_STR_LEN("mod_openssl")); + log_error_write(srv, __FILE__, __LINE__, "S", "Warning: please add \"mod_openssl\" to server.modules list in lighttpd.conf. A future release of lighttpd 1.4.x *will not* automatically load mod_openssl and lighttpd *will not* use SSL/TLS where your lighttpd.conf contains ssl.* directives"); + return; + } + } + } +} +#endif + +static int config_http_parseopts (server *srv, array *a) { + unsigned short int opts = srv->srvconf.http_url_normalize; + unsigned short int decode_2f = 1; + int rc = 1; + if (!array_is_kvstring(a)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for server.http-parseopts; " + "expected list of \"key\" => \"[enable|disable]\""); + return 0; + } + for (size_t i = 0; i < a->used; ++i) { + const data_string * const ds = (data_string *)a->data[i]; + unsigned short int opt; + int val = 0; + if (buffer_is_equal_string(ds->value, CONST_STR_LEN("enable"))) + val = 1; + else if (buffer_is_equal_string(ds->value, CONST_STR_LEN("disable"))) + val = 0; + else { + log_error_write(srv, __FILE__, __LINE__, "sbsbs", + "unrecognized value for server.http-parseopts:", + ds->key, "=>", ds->value, + "(expect \"[enable|disable]\")"); + rc = 0; + } + if (buffer_is_equal_string(ds->key, CONST_STR_LEN("url-normalize"))) + opt = HTTP_PARSEOPT_URL_NORMALIZE; + else if (buffer_is_equal_string(ds->key, CONST_STR_LEN("url-normalize-unreserved"))) + opt = HTTP_PARSEOPT_URL_NORMALIZE_UNRESERVED; + else if (buffer_is_equal_string(ds->key, CONST_STR_LEN("url-normalize-required"))) + opt = HTTP_PARSEOPT_URL_NORMALIZE_REQUIRED; + else if (buffer_is_equal_string(ds->key, CONST_STR_LEN("url-ctrls-reject"))) + opt = HTTP_PARSEOPT_URL_NORMALIZE_CTRLS_REJECT; + else if (buffer_is_equal_string(ds->key, CONST_STR_LEN("url-path-backslash-trans"))) + opt = HTTP_PARSEOPT_URL_NORMALIZE_PATH_BACKSLASH_TRANS; + else if (buffer_is_equal_string(ds->key, CONST_STR_LEN("url-path-2f-decode"))) + opt = HTTP_PARSEOPT_URL_NORMALIZE_PATH_2F_DECODE; + else if (buffer_is_equal_string(ds->key, CONST_STR_LEN("url-path-2f-reject"))) + opt = HTTP_PARSEOPT_URL_NORMALIZE_PATH_2F_REJECT; + else if (buffer_is_equal_string(ds->key, CONST_STR_LEN("url-path-dotseg-remove"))) + opt = HTTP_PARSEOPT_URL_NORMALIZE_PATH_DOTSEG_REMOVE; + else if (buffer_is_equal_string(ds->key, CONST_STR_LEN("url-path-dotseg-reject"))) + opt = HTTP_PARSEOPT_URL_NORMALIZE_PATH_DOTSEG_REJECT; + else if (buffer_is_equal_string(ds->key, CONST_STR_LEN("url-query-20-plus"))) + opt = HTTP_PARSEOPT_URL_NORMALIZE_QUERY_20_PLUS; + else if (buffer_is_equal_string(ds->key, CONST_STR_LEN("header-strict"))) { + srv->srvconf.http_header_strict = val; + continue; + } + else if (buffer_is_equal_string(ds->key, CONST_STR_LEN("host-strict"))) { + srv->srvconf.http_host_strict = val; + continue; + } + else if (buffer_is_equal_string(ds->key, CONST_STR_LEN("host-normalize"))) { + srv->srvconf.http_host_normalize = val; + continue; + } + else { + log_error_write(srv, __FILE__, __LINE__, "sb", + "unrecognized key for server.http-parseopts:", + ds->key); + rc = 0; + continue; + } + if (val) + opts |= opt; + else { + opts &= ~opt; + if (opt == HTTP_PARSEOPT_URL_NORMALIZE) { + opts = 0; + break; + } + if (opt == HTTP_PARSEOPT_URL_NORMALIZE_PATH_2F_DECODE) { + decode_2f = 0; + } + } + } + if (opts != 0) { + opts |= HTTP_PARSEOPT_URL_NORMALIZE; + if ((opts & (HTTP_PARSEOPT_URL_NORMALIZE_PATH_2F_DECODE + |HTTP_PARSEOPT_URL_NORMALIZE_PATH_2F_REJECT)) + == (HTTP_PARSEOPT_URL_NORMALIZE_PATH_2F_DECODE + |HTTP_PARSEOPT_URL_NORMALIZE_PATH_2F_REJECT)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "conflicting options in server.http-parseopts:" + "url-path-2f-decode, url-path-2f-reject"); + rc = 0; + } + if ((opts & (HTTP_PARSEOPT_URL_NORMALIZE_PATH_DOTSEG_REMOVE + |HTTP_PARSEOPT_URL_NORMALIZE_PATH_DOTSEG_REJECT)) + == (HTTP_PARSEOPT_URL_NORMALIZE_PATH_DOTSEG_REMOVE + |HTTP_PARSEOPT_URL_NORMALIZE_PATH_DOTSEG_REJECT)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "conflicting options in server.http-parseopts:" + "url-path-dotseg-remove, url-path-dotseg-reject"); + rc = 0; + } + if (!(opts & (HTTP_PARSEOPT_URL_NORMALIZE_UNRESERVED + |HTTP_PARSEOPT_URL_NORMALIZE_REQUIRED))) { + opts |= HTTP_PARSEOPT_URL_NORMALIZE_UNRESERVED; + if (decode_2f + && !(opts & HTTP_PARSEOPT_URL_NORMALIZE_PATH_2F_REJECT)) + opts |= HTTP_PARSEOPT_URL_NORMALIZE_PATH_2F_DECODE; + } + } + srv->srvconf.http_url_normalize = opts; + return rc; +} + +static int config_insert(server *srv) { + size_t i; + int ret = 0; + buffer *stat_cache_string; + array *http_parseopts; + unsigned int chunk_sz = 0; + + config_values_t cv[] = { + { "server.bind", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 0 */ + { "server.errorlog", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 1 */ + { "server.errorfile-prefix", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 2 */ + { "server.chroot", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 3 */ + { "server.username", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 4 */ + { "server.groupname", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 5 */ + { "server.port", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_SERVER }, /* 6 */ + { "server.tag", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 7 */ + { "server.use-ipv6", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 8 */ + { "server.modules", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_SERVER }, /* 9 */ + + { "server.event-handler", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 10 */ + { "server.pid-file", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 11 */ + { "server.max-request-size", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_CONNECTION }, /* 12 */ + { "server.max-worker", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_SERVER }, /* 13 */ + { "server.document-root", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 14 */ + { "server.force-lowercase-filenames", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 15 */ + { "debug.log-condition-handling", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 16 */ + { "server.max-keep-alive-requests", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 17 */ + { "server.name", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 18 */ + { "server.max-keep-alive-idle", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 19 */ + + { "server.max-read-idle", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 20 */ + { "server.max-write-idle", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 21 */ + { "server.error-handler", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 22 */ + { "server.max-fds", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_SERVER }, /* 23 */ +#ifdef HAVE_LSTAT + { "server.follow-symlink", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 24 */ +#else + { "server.follow-symlink", + "Your system lacks lstat(). We can not differ symlinks from files." + "Please remove server.follow-symlinks from your config.", + T_CONFIG_UNSUPPORTED, T_CONFIG_SCOPE_UNSET }, +#endif + { "server.kbytes-per-second", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 25 */ + { "connection.kbytes-per-second", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 26 */ + { "mimetype.use-xattr", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 27 */ + { "mimetype.assign", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 28 */ + { "unused-slot-moved-to-mod-openssl", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 29 */ + + { "ssl.engine", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 30 */ + { "debug.log-file-not-found", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 31 */ + { "debug.log-request-handling", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 32 */ + { "debug.log-response-header", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 33 */ + { "debug.log-request-header", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 34 */ + { "unused-slot-moved-to-mod-openssl", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 35 */ + { "server.protocol-http11", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 36 */ + { "debug.log-request-header-on-error", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 37 */ + { "debug.log-state-handling", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 38 */ + { "unused-slot-moved-to-mod-openssl", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 39 */ + + { "server.errorlog-use-syslog", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 40 */ + { "server.range-requests", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 41 */ + { "server.stat-cache-engine", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 42 */ + { "server.max-connections", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_SERVER }, /* 43 */ + { "server.network-backend", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 44 */ + { "server.upload-dirs", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_SERVER }, /* 45 */ + { "server.core-files", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 46 */ + { "server.compat-module-load", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 47 */ + { "server.chunkqueue-chunk-sz", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_SERVER }, /* 48 */ + { "etag.use-inode", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 49 */ + + { "etag.use-mtime", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 50 */ + { "etag.use-size", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 51 */ + { "server.reject-expect-100-with-417", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 52 */ + { "debug.log-timeouts", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 53 */ + { "server.defer-accept", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 54 */ + { "server.breakagelog", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 55 */ + { "unused-slot-moved-to-mod-openssl", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 56 */ + { "unused-slot-moved-to-mod-openssl", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 57 */ + { "unused-slot-moved-to-mod-openssl", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 58 */ + { "unused-slot-moved-to-mod-openssl", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 59 */ + + { "unused-slot-moved-to-mod-openssl", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 60 */ + { "server.set-v6only", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 61 */ + { "unused-slot-moved-to-mod-openssl", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 62 */ + { "unused-slot-moved-to-mod-openssl", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 63 */ + { "unused-slot-moved-to-mod-openssl", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 64 */ + { "unused-slot-moved-to-mod-openssl", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 65 */ + { "unused-slot-moved-to-mod-openssl", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 66 */ + { "unused-slot-moved-to-mod-openssl", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 67 */ + { "server.upload-temp-file-size", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_SERVER }, /* 68 */ + { "mimetype.xattr-name", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 69 */ + { "server.listen-backlog", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_CONNECTION }, /* 70 */ + { "server.error-handler-404", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 71 */ + { "server.http-parseopt-header-strict",NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 72 */ + { "server.http-parseopt-host-strict", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 73 */ + { "server.http-parseopt-host-normalize",NULL,T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 74 */ + { "server.bsd-accept-filter", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 75 */ + { "server.stream-request-body", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 76 */ + { "server.stream-response-body", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 77 */ + { "server.max-request-field-size", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_SERVER }, /* 78 */ + { "server.error-intercept", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 79 */ + { "server.syslog-facility", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 80 */ + { "server.socket-perms", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 81 */ + { "server.http-parseopts", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_SERVER }, /* 82 */ + { "server.systemd-socket-activation", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 83 */ + + { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET } + }; + + /* all T_CONFIG_SCOPE_SERVER options */ + cv[0].destination = srv->srvconf.bindhost; + cv[1].destination = srv->srvconf.errorlog_file; + cv[3].destination = srv->srvconf.changeroot; + cv[4].destination = srv->srvconf.username; + cv[5].destination = srv->srvconf.groupname; + cv[6].destination = &(srv->srvconf.port); + cv[9].destination = srv->srvconf.modules; + + cv[10].destination = srv->srvconf.event_handler; + cv[11].destination = srv->srvconf.pid_file; + cv[13].destination = &(srv->srvconf.max_worker); + + cv[23].destination = &(srv->srvconf.max_fds); + + cv[37].destination = &(srv->srvconf.log_request_header_on_error); + cv[38].destination = &(srv->srvconf.log_state_handling); + + cv[40].destination = &(srv->srvconf.errorlog_use_syslog); + stat_cache_string = buffer_init(); + cv[42].destination = stat_cache_string; + cv[43].destination = &(srv->srvconf.max_conns); + cv[44].destination = srv->srvconf.network_backend; + cv[45].destination = srv->srvconf.upload_tempdirs; + cv[46].destination = &(srv->srvconf.enable_cores); + cv[47].destination = &(srv->srvconf.compat_module_load); + cv[48].destination = &chunk_sz; + + cv[52].destination = &(srv->srvconf.reject_expect_100_with_417); + cv[55].destination = srv->srvconf.breakagelog_file; + + cv[68].destination = &(srv->srvconf.upload_temp_file_size); + cv[69].destination = srv->srvconf.xattr_name; + cv[72].destination = &(srv->srvconf.http_header_strict); + cv[73].destination = &(srv->srvconf.http_host_strict); + cv[74].destination = &(srv->srvconf.http_host_normalize); + cv[78].destination = &(srv->srvconf.max_request_field_size); + cv[80].destination = srv->srvconf.syslog_facility; + http_parseopts = array_init(); + cv[82].destination = http_parseopts; + cv[83].destination = &(srv->srvconf.systemd_socket_activation); + + srv->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *)); + + force_assert(srv->config_storage); + force_assert(srv->config_context->used); /* static analysis hint for ccc +-analyzer */ + + for (i = 0; i < srv->config_context->used; i++) { + data_config * const config = (data_config *)srv->config_context->data[i]; + specific_config *s; + + s = calloc(1, sizeof(specific_config)); + force_assert(s); + s->document_root = buffer_init(); + s->mimetypes = array_init(); + s->server_name = buffer_init(); + s->error_handler = buffer_init(); + s->error_handler_404 = buffer_init(); + s->server_tag = buffer_init(); + s->errorfile_prefix = buffer_init(); + #if defined(__FreeBSD__) || defined(__NetBSD__) \ + || defined(__OpenBSD__) || defined(__DragonFly__) + s->bsd_accept_filter = (i == 0) + ? buffer_init() + : buffer_init_buffer(srv->config_storage[0]->bsd_accept_filter); + #endif + s->socket_perms = (i == 0 || buffer_string_is_empty(srv->config_storage[0]->socket_perms)) + ? buffer_init() + : buffer_init_buffer(srv->config_storage[0]->socket_perms); + s->max_keep_alive_requests = 100; + s->max_keep_alive_idle = 5; + s->max_read_idle = 60; + s->max_write_idle = 360; + s->max_request_size = 0; + s->use_xattr = 0; + s->ssl_enabled = 0; + s->use_ipv6 = (i == 0) ? 0 : srv->config_storage[0]->use_ipv6; + s->set_v6only = (i == 0) ? 1 : srv->config_storage[0]->set_v6only; + s->defer_accept = (i == 0) ? 0 : srv->config_storage[0]->defer_accept; +#ifdef HAVE_LSTAT + s->follow_symlink = 1; +#endif + s->kbytes_per_second = 0; + s->allow_http11 = 1; + s->etag_use_inode = 1; + s->etag_use_mtime = 1; + s->etag_use_size = 1; + s->range_requests = 1; + s->force_lowercase_filenames = (i == 0) ? 2 : 0; /* we wan't to detect later if user changed this for global section */ + s->global_kbytes_per_second = 0; + s->global_bytes_per_second_cnt = 0; + s->global_bytes_per_second_cnt_ptr = &s->global_bytes_per_second_cnt; + s->listen_backlog = (0 == i ? 1024 : srv->config_storage[0]->listen_backlog); + s->stream_request_body = 0; + s->stream_response_body = 0; + s->error_intercept = 0; + + /* all T_CONFIG_SCOPE_CONNECTION options */ + cv[2].destination = s->errorfile_prefix; + cv[7].destination = s->server_tag; + cv[8].destination = &(s->use_ipv6); + + cv[12].destination = &(s->max_request_size); + cv[14].destination = s->document_root; + cv[15].destination = &(s->force_lowercase_filenames); + cv[16].destination = &(s->log_condition_handling); + cv[17].destination = &(s->max_keep_alive_requests); + cv[18].destination = s->server_name; + cv[19].destination = &(s->max_keep_alive_idle); + + cv[20].destination = &(s->max_read_idle); + cv[21].destination = &(s->max_write_idle); + cv[22].destination = s->error_handler; +#ifdef HAVE_LSTAT + cv[24].destination = &(s->follow_symlink); +#endif + cv[25].destination = &(s->global_kbytes_per_second); + cv[26].destination = &(s->kbytes_per_second); + cv[27].destination = &(s->use_xattr); + cv[28].destination = s->mimetypes; + /*cv[29].destination = s->unused;*/ + + cv[30].destination = &(s->ssl_enabled); + cv[31].destination = &(s->log_file_not_found); + cv[32].destination = &(s->log_request_handling); + cv[33].destination = &(s->log_response_header); + cv[34].destination = &(s->log_request_header); + /*cv[35].destination = &(s->unused);*/ + cv[36].destination = &(s->allow_http11); + /*cv[39].destination = s->unused;*/ + + cv[41].destination = &(s->range_requests); + /*cv[47].destination = s->unused;*/ + /*cv[48].destination = &(s->unused);*/ + cv[49].destination = &(s->etag_use_inode); + + cv[50].destination = &(s->etag_use_mtime); + cv[51].destination = &(s->etag_use_size); + cv[53].destination = &(s->log_timeouts); + cv[54].destination = &(s->defer_accept); + /*cv[56].destination = &(s->unused);*/ + /*cv[57].destination = &(s->unused);*/ + /*cv[58].destination = &(s->unused);*/ + /*cv[59].destination = s->unused;*/ + + /*cv[60].destination = &(s->unused);*/ + cv[61].destination = &(s->set_v6only); + /*cv[62].destination = &(s->unused);*/ + /*cv[63].destination = s->unused;*/ + /*cv[64].destination = s->unused;*/ + /*cv[65].destination = &(s->unused);*/ + /*cv[66].destination = &(s->unused);*/ + /*cv[67].destination = &(s->unused);*/ + cv[70].destination = &(s->listen_backlog); + cv[71].destination = s->error_handler_404; + #if defined(__FreeBSD__) || defined(__NetBSD__) \ + || defined(__OpenBSD__) || defined(__DragonFly__) + cv[75].destination = s->bsd_accept_filter; + #endif + cv[76].destination = &(s->stream_request_body); + cv[77].destination = &(s->stream_response_body); + cv[79].destination = &(s->error_intercept); + cv[81].destination = s->socket_perms; + + srv->config_storage[i] = s; + + if (0 != (ret = config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION))) { + break; + } + + if (s->stream_request_body & FDEVENT_STREAM_REQUEST_BUFMIN) { + s->stream_request_body |= FDEVENT_STREAM_REQUEST; + } + if (s->stream_response_body & FDEVENT_STREAM_RESPONSE_BUFMIN) { + s->stream_response_body |= FDEVENT_STREAM_RESPONSE; + } + + if (!array_is_kvstring(s->mimetypes)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for mimetype.assign; expected list of \"ext\" => \"mimetype\""); + } + + if (!buffer_string_is_empty(s->server_tag)) { + for (char *t = strchr(s->server_tag->ptr,'\n'); NULL != t; t = strchr(t+2,'\n')) { + /* not expecting admin to define multi-line server.tag, + * but ensure server_tag has proper header continuation, + * if needed */ + off_t off = t - s->server_tag->ptr; + size_t len; + if (t[1] == ' ' || t[1] == '\t') continue; + len = buffer_string_length(s->server_tag); + buffer_string_prepare_append(s->server_tag, 1); + t = s->server_tag->ptr+off; + memmove(t+2, t+1, len - off - 1); + t[1] = ' '; + buffer_commit(s->server_tag, 1); + } + } + + if (0 == i) { + if (!config_http_parseopts(srv, http_parseopts)) { + ret = HANDLER_ERROR; + break; + } + } + + if (srv->srvconf.http_url_normalize + && COMP_HTTP_QUERY_STRING == config->comp) { + switch(config->cond) { + case CONFIG_COND_NE: + case CONFIG_COND_EQ: + /* (can use this routine as long as it does not perform + * any regex-specific normalization of first arg) */ + pcre_keyvalue_burl_normalize_key(config->string, srv->tmp_buf); + break; + case CONFIG_COND_NOMATCH: + case CONFIG_COND_MATCH: + pcre_keyvalue_burl_normalize_key(config->string, srv->tmp_buf); + if (!data_config_pcre_compile(config)) { + ret = HANDLER_ERROR; + } + break; + default: + break; + } + if (HANDLER_ERROR == ret) break; + } + + #ifndef USE_OPENSSL_CRYPTO + if (s->ssl_enabled) { + log_error_write(srv, __FILE__, __LINE__, "s", + "ssl support is missing, recompile with e.g. --with-openssl"); + ret = HANDLER_ERROR; + break; + } + #endif + } + array_free(http_parseopts); + + { + specific_config *s = srv->config_storage[0]; + s->http_parseopts= /*(global, but stored in con->conf.http_parseopts)*/ + (srv->srvconf.http_header_strict ?(HTTP_PARSEOPT_HEADER_STRICT) :0) + |(srv->srvconf.http_host_strict ?(HTTP_PARSEOPT_HOST_STRICT + |HTTP_PARSEOPT_HOST_NORMALIZE):0) + |(srv->srvconf.http_host_normalize ?(HTTP_PARSEOPT_HOST_NORMALIZE):0); + s->http_parseopts |= srv->srvconf.http_url_normalize; + + if (s->log_request_handling || s->log_request_header) + srv->srvconf.log_request_header_on_error = 1; + } + + if (0 != chunk_sz) { + chunkqueue_set_chunk_size(chunk_sz); + } + + if (0 != stat_cache_choose_engine(srv, stat_cache_string)) { + ret = HANDLER_ERROR; + } + buffer_free(stat_cache_string); + + if (!array_is_vlist(srv->srvconf.upload_tempdirs)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for server.upload-dirs; expected list of \"path\" strings"); + ret = HANDLER_ERROR; + } + + if (!array_is_vlist(srv->srvconf.modules)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "unexpected value for server.modules; expected list of \"mod_xxxxxx\" strings"); + ret = HANDLER_ERROR; + } else if (srv->srvconf.compat_module_load) { + data_string *ds; + int prepend_mod_indexfile = 1; + int append_mod_dirlisting = 1; + int append_mod_staticfile = 1; + int append_mod_authn_file = 1; + int append_mod_authn_ldap = 1; + int append_mod_authn_mysql = 1; + int append_mod_openssl = 1; + int contains_mod_auth = 0; + + /* prepend default modules */ + for (i = 0; i < srv->srvconf.modules->used; i++) { + ds = (data_string *)srv->srvconf.modules->data[i]; + + if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_indexfile"))) { + prepend_mod_indexfile = 0; + } + + if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_staticfile"))) { + append_mod_staticfile = 0; + } + + if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_dirlisting"))) { + append_mod_dirlisting = 0; + } + + if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_openssl"))) { + append_mod_openssl = 0; + } + + if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_authn_file"))) { + append_mod_authn_file = 0; + } + + if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_authn_ldap"))) { + append_mod_authn_ldap = 0; + } + + if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_authn_mysql"))) { + append_mod_authn_mysql = 0; + } + + if (buffer_is_equal_string(ds->value, CONST_STR_LEN("mod_auth"))) { + contains_mod_auth = 1; + } + + if (0 == prepend_mod_indexfile && + 0 == append_mod_dirlisting && + 0 == append_mod_staticfile && + 0 == append_mod_openssl && + 0 == append_mod_authn_file && + 0 == append_mod_authn_ldap && + 0 == append_mod_authn_mysql && + 1 == contains_mod_auth) { + break; + } + } + + if (prepend_mod_indexfile) { + /* mod_indexfile has to be loaded before mod_fastcgi and friends */ + array *modules = array_init(); + array_insert_value(modules, CONST_STR_LEN("mod_indexfile")); + + for (i = 0; i < srv->srvconf.modules->used; i++) { + ds = (data_string *)srv->srvconf.modules->data[i]; + array_insert_value(modules, CONST_BUF_LEN(ds->value)); + } + + array_free(srv->srvconf.modules); + srv->srvconf.modules = modules; + } + + /* append default modules */ + if (append_mod_dirlisting) { + array_insert_value(srv->srvconf.modules, CONST_STR_LEN("mod_dirlisting")); + } + + if (append_mod_staticfile) { + array_insert_value(srv->srvconf.modules, CONST_STR_LEN("mod_staticfile")); + } + + if (append_mod_openssl) { + #ifdef USE_OPENSSL_CRYPTO + config_warn_openssl_module(srv); + #endif + } + + /* mod_auth.c,http_auth.c auth backends were split into separate modules + * Automatically load auth backend modules for compatibility with + * existing lighttpd 1.4.x configs */ + if (contains_mod_auth) { + if (append_mod_authn_file) { + array_insert_value(srv->srvconf.modules, CONST_STR_LEN("mod_authn_file")); + } + if (append_mod_authn_ldap) { + #if defined(HAVE_LDAP_H) && defined(HAVE_LBER_H) && defined(HAVE_LIBLDAP) && defined(HAVE_LIBLBER) + config_warn_authn_module(srv, CONST_STR_LEN("ldap")); + #endif + } + if (append_mod_authn_mysql) { + #if defined(HAVE_MYSQL) + config_warn_authn_module(srv, CONST_STR_LEN("mysql")); + #endif + } + } + } + + return ret; + +} + + +#define PATCH(x) con->conf.x = s->x +int config_setup_connection(server *srv, connection *con) { + specific_config *s = srv->config_storage[0]; + + PATCH(http_parseopts); + + PATCH(allow_http11); + PATCH(mimetypes); + PATCH(document_root); + PATCH(high_precision_timestamps); + PATCH(max_keep_alive_requests); + PATCH(max_keep_alive_idle); + PATCH(max_read_idle); + PATCH(max_write_idle); + PATCH(max_request_size); + PATCH(use_xattr); + PATCH(error_handler); + PATCH(error_handler_404); + PATCH(error_intercept); + PATCH(errorfile_prefix); +#ifdef HAVE_LSTAT + PATCH(follow_symlink); +#endif + PATCH(server_tag); + PATCH(kbytes_per_second); + PATCH(global_kbytes_per_second); + PATCH(global_bytes_per_second_cnt); + + con->conf.global_bytes_per_second_cnt_ptr = &s->global_bytes_per_second_cnt; + buffer_copy_buffer(con->server_name, s->server_name); + + PATCH(log_request_header); + PATCH(log_response_header); + PATCH(log_request_handling); + PATCH(log_condition_handling); + PATCH(log_file_not_found); + PATCH(log_timeouts); + + PATCH(range_requests); + PATCH(force_lowercase_filenames); + /*PATCH(listen_backlog);*//*(not necessary; used only at startup)*/ + PATCH(stream_request_body); + PATCH(stream_response_body); + PATCH(socket_perms); + + PATCH(etag_use_inode); + PATCH(etag_use_mtime); + PATCH(etag_use_size); + + return 0; +} + +int config_patch_connection(server *srv, connection *con) { + size_t i, j; + + /* skip the first, the global context */ + for (i = 1; i < srv->config_context->used; i++) { + data_config *dc = (data_config *)srv->config_context->data[i]; + specific_config *s = srv->config_storage[i]; + + /* condition didn't match */ + if (!config_check_cond(srv, con, dc)) continue; + + /* merge config */ + for (j = 0; j < dc->value->used; j++) { + data_unset *du = dc->value->data[j]; + + if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.document-root"))) { + PATCH(document_root); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.range-requests"))) { + PATCH(range_requests); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.error-handler"))) { + PATCH(error_handler); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.error-handler-404"))) { + PATCH(error_handler_404); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.error-intercept"))) { + PATCH(error_intercept); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.errorfile-prefix"))) { + PATCH(errorfile_prefix); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("mimetype.assign"))) { + PATCH(mimetypes); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.max-keep-alive-requests"))) { + PATCH(max_keep_alive_requests); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.max-keep-alive-idle"))) { + PATCH(max_keep_alive_idle); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.max-write-idle"))) { + PATCH(max_write_idle); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.max-read-idle"))) { + PATCH(max_read_idle); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.max-request-size"))) { + PATCH(max_request_size); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("mimetype.use-xattr"))) { + PATCH(use_xattr); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("etag.use-inode"))) { + PATCH(etag_use_inode); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("etag.use-mtime"))) { + PATCH(etag_use_mtime); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("etag.use-size"))) { + PATCH(etag_use_size); +#ifdef HAVE_LSTAT + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.follow-symlink"))) { + PATCH(follow_symlink); +#endif + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.name"))) { + buffer_copy_buffer(con->server_name, s->server_name); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.tag"))) { + PATCH(server_tag); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.stream-request-body"))) { + PATCH(stream_request_body); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.stream-response-body"))) { + PATCH(stream_response_body); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("connection.kbytes-per-second"))) { + PATCH(kbytes_per_second); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-request-handling"))) { + PATCH(log_request_handling); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-request-header"))) { + PATCH(log_request_header); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-response-header"))) { + PATCH(log_response_header); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-condition-handling"))) { + PATCH(log_condition_handling); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-file-not-found"))) { + PATCH(log_file_not_found); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("debug.log-timeouts"))) { + PATCH(log_timeouts); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.protocol-http11"))) { + PATCH(allow_http11); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.force-lowercase-filenames"))) { + PATCH(force_lowercase_filenames); + #if 0 /*(not necessary; used only at startup)*/ + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.listen-backlog"))) { + PATCH(listen_backlog); + #endif + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.kbytes-per-second"))) { + PATCH(global_kbytes_per_second); + PATCH(global_bytes_per_second_cnt); + con->conf.global_bytes_per_second_cnt_ptr = &s->global_bytes_per_second_cnt; + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("server.socket-perms"))) { + PATCH(socket_perms); + } + } + } + + con->etag_flags = (con->conf.etag_use_mtime ? ETAG_USE_MTIME : 0) | + (con->conf.etag_use_inode ? ETAG_USE_INODE : 0) | + (con->conf.etag_use_size ? ETAG_USE_SIZE : 0); + + return 0; +} +#undef PATCH + +typedef struct { + int foo; + int bar; + + const buffer *source; + const char *input; + size_t offset; + size_t size; + + int line_pos; + int line; + + int in_key; + int in_brace; + int in_cond; +} tokenizer_t; + +#if 0 +static int tokenizer_open(server *srv, tokenizer_t *t, buffer *basedir, const char *fn) { + if (buffer_string_is_empty(basedir) || + (fn[0] == '/' || fn[0] == '\\') || + (fn[0] == '.' && (fn[1] == '/' || fn[1] == '\\'))) { + t->file = buffer_init_string(fn); + } else { + t->file = buffer_init_buffer(basedir); + buffer_append_string(t->file, fn); + } + + if (0 != stream_open(&(t->s), t->file)) { + log_error_write(srv, __FILE__, __LINE__, "sbss", + "opening configfile ", t->file, "failed:", strerror(errno)); + buffer_free(t->file); + return -1; + } + + t->input = t->s.start; + t->offset = 0; + t->size = t->s.size; + t->line = 1; + t->line_pos = 1; + + t->in_key = 1; + t->in_brace = 0; + t->in_cond = 0; + return 0; +} + +static int tokenizer_close(server *srv, tokenizer_t *t) { + UNUSED(srv); + + buffer_free(t->file); + return stream_close(&(t->s)); +} +#endif +static int config_skip_newline(tokenizer_t *t) { + int skipped = 1; + force_assert(t->input[t->offset] == '\r' || t->input[t->offset] == '\n'); + if (t->input[t->offset] == '\r' && t->input[t->offset + 1] == '\n') { + skipped ++; + t->offset ++; + } + t->offset ++; + return skipped; +} + +static int config_skip_comment(tokenizer_t *t) { + int i; + force_assert(t->input[t->offset] == '#'); + for (i = 1; t->input[t->offset + i] && + (t->input[t->offset + i] != '\n' && t->input[t->offset + i] != '\r'); + i++); + t->offset += i; + return i; +} + +static int config_tokenizer(server *srv, tokenizer_t *t, int *token_id, buffer *token) { + int tid = 0; + size_t i; + + for (tid = 0; tid == 0 && t->offset < t->size && t->input[t->offset] ; ) { + char c = t->input[t->offset]; + const char *start = NULL; + + switch (c) { + case '=': + if (t->in_brace) { + if (t->input[t->offset + 1] == '>') { + t->offset += 2; + + buffer_copy_string_len(token, CONST_STR_LEN("=>")); + + tid = TK_ARRAY_ASSIGN; + } else { + log_error_write(srv, __FILE__, __LINE__, "sbsdsds", + "source:", t->source, + "line:", t->line, "pos:", t->line_pos, + "use => for assignments in arrays"); + return -1; + } + } else if (t->in_cond) { + if (t->input[t->offset + 1] == '=') { + t->offset += 2; + + buffer_copy_string_len(token, CONST_STR_LEN("==")); + + tid = TK_EQ; + } else if (t->input[t->offset + 1] == '~') { + t->offset += 2; + + buffer_copy_string_len(token, CONST_STR_LEN("=~")); + + tid = TK_MATCH; + } else { + log_error_write(srv, __FILE__, __LINE__, "sbsdsds", + "source:", t->source, + "line:", t->line, "pos:", t->line_pos, + "only =~ and == are allowed in the condition"); + return -1; + } + t->in_key = 1; + t->in_cond = 0; + } else if (t->in_key) { + tid = TK_ASSIGN; + + buffer_copy_string_len(token, t->input + t->offset, 1); + + t->offset++; + t->line_pos++; + } else { + log_error_write(srv, __FILE__, __LINE__, "sbsdsds", + "source:", t->source, + "line:", t->line, "pos:", t->line_pos, + "unexpected equal-sign: ="); + return -1; + } + + break; + case '!': + if (t->in_cond) { + if (t->input[t->offset + 1] == '=') { + t->offset += 2; + + buffer_copy_string_len(token, CONST_STR_LEN("!=")); + + tid = TK_NE; + } else if (t->input[t->offset + 1] == '~') { + t->offset += 2; + + buffer_copy_string_len(token, CONST_STR_LEN("!~")); + + tid = TK_NOMATCH; + } else { + log_error_write(srv, __FILE__, __LINE__, "sbsdsds", + "source:", t->source, + "line:", t->line, "pos:", t->line_pos, + "only !~ and != are allowed in the condition"); + return -1; + } + t->in_key = 1; + t->in_cond = 0; + } else { + log_error_write(srv, __FILE__, __LINE__, "sbsdsds", + "source:", t->source, + "line:", t->line, "pos:", t->line_pos, + "unexpected exclamation-marks: !"); + return -1; + } + + break; + case '\t': + case ' ': + t->offset++; + t->line_pos++; + break; + case '\n': + case '\r': + if (t->in_brace == 0) { + int done = 0; + while (!done && t->offset < t->size) { + switch (t->input[t->offset]) { + case '\r': + case '\n': + config_skip_newline(t); + t->line_pos = 1; + t->line++; + break; + + case '#': + t->line_pos += config_skip_comment(t); + break; + + case '\t': + case ' ': + t->offset++; + t->line_pos++; + break; + + default: + done = 1; + } + } + t->in_key = 1; + tid = TK_EOL; + buffer_copy_string_len(token, CONST_STR_LEN("(EOL)")); + } else { + config_skip_newline(t); + t->line_pos = 1; + t->line++; + } + break; + case ',': + if (t->in_brace > 0) { + tid = TK_COMMA; + + buffer_copy_string_len(token, CONST_STR_LEN("(COMMA)")); + } + + t->offset++; + t->line_pos++; + break; + case '"': + /* search for the terminating " */ + start = t->input + t->offset + 1; + buffer_copy_string_len(token, CONST_STR_LEN("")); + + for (i = 1; t->input[t->offset + i]; i++) { + if (t->input[t->offset + i] == '\\' && + t->input[t->offset + i + 1] == '"') { + + buffer_append_string_len(token, start, t->input + t->offset + i - start); + + start = t->input + t->offset + i + 1; + + /* skip the " */ + i++; + continue; + } + + + if (t->input[t->offset + i] == '"') { + tid = TK_STRING; + + buffer_append_string_len(token, start, t->input + t->offset + i - start); + + break; + } + } + + if (t->input[t->offset + i] == '\0') { + /* ERROR */ + + log_error_write(srv, __FILE__, __LINE__, "sbsdsds", + "source:", t->source, + "line:", t->line, "pos:", t->line_pos, + "missing closing quote"); + + return -1; + } + + t->offset += i + 1; + t->line_pos += i + 1; + + break; + case '(': + t->offset++; + t->in_brace++; + + tid = TK_LPARAN; + + buffer_copy_string_len(token, CONST_STR_LEN("(")); + break; + case ')': + t->offset++; + t->in_brace--; + + tid = TK_RPARAN; + + buffer_copy_string_len(token, CONST_STR_LEN(")")); + break; + case '$': + t->offset++; + + tid = TK_DOLLAR; + t->in_cond = 1; + t->in_key = 0; + + buffer_copy_string_len(token, CONST_STR_LEN("$")); + + break; + + case '+': + if (t->input[t->offset + 1] == '=') { + t->offset += 2; + buffer_copy_string_len(token, CONST_STR_LEN("+=")); + tid = TK_APPEND; + } else { + t->offset++; + tid = TK_PLUS; + buffer_copy_string_len(token, CONST_STR_LEN("+")); + } + break; + + case ':': + if (t->input[t->offset+1] == '=') { + t->offset += 2; + tid = TK_FORCE_ASSIGN; + buffer_copy_string_len(token, CONST_STR_LEN(":=")); + } + break; + + case '{': + t->offset++; + + tid = TK_LCURLY; + + buffer_copy_string_len(token, CONST_STR_LEN("{")); + + break; + + case '}': + t->offset++; + + tid = TK_RCURLY; + + buffer_copy_string_len(token, CONST_STR_LEN("}")); + + break; + + case '[': + t->offset++; + + tid = TK_LBRACKET; + + buffer_copy_string_len(token, CONST_STR_LEN("[")); + + break; + + case ']': + t->offset++; + + tid = TK_RBRACKET; + + buffer_copy_string_len(token, CONST_STR_LEN("]")); + + break; + case '#': + t->line_pos += config_skip_comment(t); + + break; + default: + if (t->in_cond) { + for (i = 0; t->input[t->offset + i] && + (isalpha((unsigned char)t->input[t->offset + i]) + || t->input[t->offset + i] == '_'); ++i); + + if (i && t->input[t->offset + i]) { + tid = TK_SRVVARNAME; + buffer_copy_string_len(token, t->input + t->offset, i); + + t->offset += i; + t->line_pos += i; + } else { + /* ERROR */ + log_error_write(srv, __FILE__, __LINE__, "sbsdsds", + "source:", t->source, + "line:", t->line, "pos:", t->line_pos, + "invalid character in condition"); + return -1; + } + } else if (isdigit((unsigned char)c)) { + /* take all digits */ + for (i = 0; t->input[t->offset + i] && isdigit((unsigned char)t->input[t->offset + i]); i++); + + /* was there it least a digit ? */ + if (i) { + tid = TK_INTEGER; + + buffer_copy_string_len(token, t->input + t->offset, i); + + t->offset += i; + t->line_pos += i; + } + } else { + /* the key might consist of [-.0-9a-z] */ + for (i = 0; t->input[t->offset + i] && + (isalnum((unsigned char)t->input[t->offset + i]) || + t->input[t->offset + i] == '.' || + t->input[t->offset + i] == '_' || /* for env.* */ + t->input[t->offset + i] == '-' + ); i++); + + if (i && t->input[t->offset + i]) { + buffer_copy_string_len(token, t->input + t->offset, i); + + if (strcmp(token->ptr, "include") == 0) { + tid = TK_INCLUDE; + } else if (strcmp(token->ptr, "include_shell") == 0) { + tid = TK_INCLUDE_SHELL; + } else if (strcmp(token->ptr, "global") == 0) { + tid = TK_GLOBAL; + } else if (strcmp(token->ptr, "else") == 0) { + tid = TK_ELSE; + } else { + tid = TK_LKEY; + } + + t->offset += i; + t->line_pos += i; + } else { + /* ERROR */ + log_error_write(srv, __FILE__, __LINE__, "sbsdsds", + "source:", t->source, + "line:", t->line, "pos:", t->line_pos, + "invalid character in variable name"); + return -1; + } + } + break; + } + } + + if (tid) { + *token_id = tid; +#if 0 + log_error_write(srv, __FILE__, __LINE__, "sbsdsdbdd", + "source:", t->source, + "line:", t->line, "pos:", t->line_pos, + token, token->used - 1, tid); +#endif + + return 1; + } else if (t->offset < t->size) { + log_error_write(srv, __FILE__, __LINE__, "Dsb", tid, ",", token); + } + return 0; +} + +static int config_parse(server *srv, config_t *context, tokenizer_t *t) { + void *pParser; + int token_id; + buffer *token, *lasttoken; + int ret; + + pParser = configparserAlloc( malloc ); + force_assert(pParser); + lasttoken = buffer_init(); + token = buffer_init(); + while((1 == (ret = config_tokenizer(srv, t, &token_id, token))) && context->ok) { + buffer_copy_buffer(lasttoken, token); + configparser(pParser, token_id, token, context); + + token = buffer_init(); + } + buffer_free(token); + + if (ret != -1 && context->ok) { + /* add an EOL at EOF, better than say sorry */ + configparser(pParser, TK_EOL, buffer_init_string("(EOL)"), context); + if (context->ok) { + configparser(pParser, 0, NULL, context); + } + } + configparserFree(pParser, free); + + if (ret == -1) { + log_error_write(srv, __FILE__, __LINE__, "sb", + "configfile parser failed at:", lasttoken); + } else if (context->ok == 0) { + log_error_write(srv, __FILE__, __LINE__, "sbsdsdsb", + "source:", t->source, + "line:", t->line, "pos:", t->line_pos, + "parser failed somehow near here:", lasttoken); + ret = -1; + } + buffer_free(lasttoken); + + return ret == -1 ? -1 : 0; +} + +static int tokenizer_init(tokenizer_t *t, const buffer *source, const char *input, size_t size) { + + t->source = source; + t->input = input; + t->size = size; + t->offset = 0; + t->line = 1; + t->line_pos = 1; + + t->in_key = 1; + t->in_brace = 0; + t->in_cond = 0; + return 0; +} + +static int config_parse_file_stream(server *srv, config_t *context, const buffer *filename) { + tokenizer_t t; + stream s; + int ret; + + if (0 != stream_open(&s, filename)) { + log_error_write(srv, __FILE__, __LINE__, "sbss", + "opening configfile ", filename, "failed:", strerror(errno)); + return -1; + } else { + tokenizer_init(&t, filename, s.start, s.size); + ret = config_parse(srv, context, &t); + } + + stream_close(&s); + return ret; +} + +int config_parse_file(server *srv, config_t *context, const char *fn) { + buffer *filename; + size_t i; + int ret = -1; + #ifdef GLOB_BRACE + int flags = GLOB_BRACE; + #else + int flags = 0; + #endif + glob_t gl; + + if ((fn[0] == '/' || fn[0] == '\\') || + (fn[0] == '.' && (fn[1] == '/' || fn[1] == '\\')) || + (fn[0] == '.' && fn[1] == '.' && (fn[2] == '/' || fn[2] == '\\'))) { + filename = buffer_init_string(fn); + } else { + filename = buffer_init_buffer(context->basedir); + buffer_append_string(filename, fn); + } + + switch (glob(filename->ptr, flags, NULL, &gl)) { + case 0: + for (i = 0; i < gl.gl_pathc; ++i) { + buffer_copy_string(filename, gl.gl_pathv[i]); + ret = config_parse_file_stream(srv, context, filename); + if (0 != ret) break; + } + globfree(&gl); + break; + case GLOB_NOMATCH: + if (filename->ptr[strcspn(filename->ptr, "*?[]{}")] != '\0') { /*(contains glob metachars)*/ + ret = 0; /* not an error if no files match glob pattern */ + } + else { + log_error_write(srv, __FILE__, __LINE__, "sb", "include file not found: ", filename); + } + break; + case GLOB_ABORTED: + case GLOB_NOSPACE: + log_error_write(srv, __FILE__, __LINE__, "sbss", "glob()", filename, "failed:", strerror(errno)); + break; + } + + buffer_free(filename); + return ret; +} + +#ifdef __CYGWIN__ + +static char* getCWD(char *buf, size_t sz) { + if (NULL == getcwd(buf, sz)) { + return NULL; + } + for (size_t i = 0; buf[i]; ++i) { + if (buf[i] == '\\') buf[i] = '/'; + } + return buf; +} + +#define getcwd(buf, sz) getCWD((buf),(sz)) + +#endif /* __CYGWIN__ */ + +int config_parse_cmd(server *srv, config_t *context, const char *cmd) { + int ret = 0; + int fds[2]; + char oldpwd[PATH_MAX]; + + if (NULL == getcwd(oldpwd, sizeof(oldpwd))) { + log_error_write(srv, __FILE__, __LINE__, "s", + "cannot get cwd", strerror(errno)); + return -1; + } + + if (!buffer_string_is_empty(context->basedir)) { + if (0 != chdir(context->basedir->ptr)) { + log_error_write(srv, __FILE__, __LINE__, "sbs", + "cannot change directory to", context->basedir, strerror(errno)); + return -1; + } + } + + if (pipe(fds)) { + log_error_write(srv, __FILE__, __LINE__, "ss", + "pipe failed: ", strerror(errno)); + ret = -1; + } + else { + char *shell = getenv("SHELL"); + char *args[4]; + pid_t pid; + *(const char **)&args[0] = shell ? shell : "/bin/sh"; + *(const char **)&args[1] = "-c"; + *(const char **)&args[2] = cmd; + args[3] = NULL; + + fdevent_setfd_cloexec(fds[0]); + pid = fdevent_fork_execve(args[0], args, NULL, -1, fds[1], -1, -1); + if (-1 == pid) { + log_error_write(srv, __FILE__, __LINE__, "SSss", + "fork/exec(", cmd, "):", strerror(errno)); + ret = -1; + } + else { + ssize_t rd; + pid_t wpid; + int wstatus; + buffer *out = buffer_init(); + close(fds[1]); + fds[1] = -1; + do { + rd = read(fds[0], buffer_string_prepare_append(out, 1023), 1023); + if (rd >= 0) buffer_commit(out, (size_t)rd); + } while (rd > 0 || (-1 == rd && errno == EINTR)); + if (0 != rd) { + log_error_write(srv, __FILE__, __LINE__, "SSss", + "read \"", cmd, "\" failed:", strerror(errno)); + ret = -1; + } + close(fds[0]); + fds[0] = -1; + while (-1 == (wpid = waitpid(pid, &wstatus, 0)) && errno == EINTR) ; + if (wpid != pid) { + log_error_write(srv, __FILE__, __LINE__, "SSss", + "waitpid \"", cmd, "\" failed:", strerror(errno)); + ret = -1; + } + if (0 != wstatus) { + log_error_write(srv, __FILE__, __LINE__, "SSsd", + "command \"", cmd, "\" exited non-zero:", WEXITSTATUS(wstatus)); + ret = -1; + } + + if (-1 != ret) { + buffer *source = buffer_init_string(cmd); + tokenizer_t t; + tokenizer_init(&t, source, CONST_BUF_LEN(out)); + ret = config_parse(srv, context, &t); + buffer_free(source); + } + buffer_free(out); + } + if (-1 != fds[0]) close(fds[0]); + if (-1 != fds[1]) close(fds[1]); + } + + if (0 != chdir(oldpwd)) { + log_error_write(srv, __FILE__, __LINE__, "sss", + "cannot change directory to", oldpwd, strerror(errno)); + ret = -1; + } + return ret; +} + +static void context_init(server *srv, config_t *context) { + context->srv = srv; + context->ok = 1; + vector_config_weak_init(&context->configs_stack); + context->basedir = buffer_init(); +} + +static void context_free(config_t *context) { + vector_config_weak_clear(&context->configs_stack); + buffer_free(context->basedir); +} + +int config_read(server *srv, const char *fn) { + config_t context; + data_config *dc; + buffer *dcwd; + int ret; + char *pos; + buffer *filename; + + context_init(srv, &context); + context.all_configs = srv->config_context; + +#ifdef __WIN32 + pos = strrchr(fn, '\\'); +#else + pos = strrchr(fn, '/'); +#endif + if (pos) { + buffer_copy_string_len(context.basedir, fn, pos - fn + 1); + } + + dc = data_config_init(); + buffer_copy_string_len(dc->key, CONST_STR_LEN("global")); + + force_assert(context.all_configs->used == 0); + dc->context_ndx = context.all_configs->used; + array_insert_unique(context.all_configs, (data_unset *)dc); + context.current = dc; + + /* default context */ + *array_get_int_ptr(dc->value, CONST_STR_LEN("var.PID")) = getpid(); + + dcwd = srv->tmp_buf; + buffer_string_prepare_copy(dcwd, PATH_MAX-1); + if (NULL != getcwd(dcwd->ptr, buffer_string_space(dcwd)+1)) { + buffer_commit(dcwd, strlen(dcwd->ptr)); + array_set_key_value(dc->value, CONST_STR_LEN("var.CWD"), CONST_BUF_LEN(dcwd)); + } + + filename = buffer_init_string(fn); + ret = config_parse_file_stream(srv, &context, filename); + buffer_free(filename); + + /* remains nothing if parser is ok */ + force_assert(!(0 == ret && context.ok && 0 != context.configs_stack.used)); + context_free(&context); + + if (0 != ret) { + return ret; + } + + if (0 != config_insert(srv)) { + return -1; + } + + return 0; +} + +int config_set_defaults(server *srv) { + size_t i; + specific_config *s = srv->config_storage[0]; + struct stat st1, st2; + + force_assert(sizeof(((connection *)0)->conditional_is_valid) >= COMP_LAST_ELEMENT); + + if (0 != fdevent_config(srv)) return -1; + + if (!buffer_string_is_empty(srv->srvconf.changeroot)) { + if (-1 == stat(srv->srvconf.changeroot->ptr, &st1)) { + log_error_write(srv, __FILE__, __LINE__, "sb", + "server.chroot doesn't exist:", srv->srvconf.changeroot); + return -1; + } + if (!S_ISDIR(st1.st_mode)) { + log_error_write(srv, __FILE__, __LINE__, "sb", + "server.chroot isn't a directory:", srv->srvconf.changeroot); + return -1; + } + } + + if (!srv->srvconf.upload_tempdirs->used) { + const char *tmpdir = getenv("TMPDIR"); + if (NULL == tmpdir) tmpdir = "/var/tmp"; + array_insert_value(srv->srvconf.upload_tempdirs, tmpdir, strlen(tmpdir)); + } + + if (srv->srvconf.upload_tempdirs->used) { + buffer * const b = srv->tmp_buf; + size_t len; + buffer_clear(b); + if (!buffer_string_is_empty(srv->srvconf.changeroot)) { + buffer_copy_buffer(b, srv->srvconf.changeroot); + buffer_append_slash(b); + } + len = buffer_string_length(b); + + for (i = 0; i < srv->srvconf.upload_tempdirs->used; ++i) { + const data_string * const ds = (data_string *)srv->srvconf.upload_tempdirs->data[i]; + buffer_string_set_length(b, len); /*(truncate)*/ + buffer_append_string_buffer(b, ds->value); + if (-1 == stat(b->ptr, &st1)) { + log_error_write(srv, __FILE__, __LINE__, "sb", + "server.upload-dirs doesn't exist:", b); + } else if (!S_ISDIR(st1.st_mode)) { + log_error_write(srv, __FILE__, __LINE__, "sb", + "server.upload-dirs isn't a directory:", b); + } + } + } + + chunkqueue_set_tempdirs_default( + srv->srvconf.upload_tempdirs, + srv->srvconf.upload_temp_file_size); + + if (buffer_string_is_empty(s->document_root)) { + log_error_write(srv, __FILE__, __LINE__, "s", + "a default document-root has to be set"); + + return -1; + } + + buffer_copy_buffer(srv->tmp_buf, s->document_root); + + buffer_to_lower(srv->tmp_buf); + + if (2 == s->force_lowercase_filenames) { /* user didn't configure it in global section? */ + s->force_lowercase_filenames = 0; /* default to 0 */ + + if (0 == stat(srv->tmp_buf->ptr, &st1)) { + int is_lower = 0; + + is_lower = buffer_is_equal(srv->tmp_buf, s->document_root); + + /* lower-case existed, check upper-case */ + buffer_copy_buffer(srv->tmp_buf, s->document_root); + + buffer_to_upper(srv->tmp_buf); + + /* we have to handle the special case that upper and lower-casing results in the same filename + * as in server.document-root = "/" or "/12345/" */ + + if (is_lower && buffer_is_equal(srv->tmp_buf, s->document_root)) { + /* lower-casing and upper-casing didn't result in + * an other filename, no need to stat(), + * just assume it is case-sensitive. */ + + s->force_lowercase_filenames = 0; + } else if (0 == stat(srv->tmp_buf->ptr, &st2)) { + + /* upper case exists too, doesn't the FS handle this ? */ + + /* upper and lower have the same inode -> case-insensitve FS */ + + if (st1.st_ino == st2.st_ino) { + /* upper and lower have the same inode -> case-insensitve FS */ + + s->force_lowercase_filenames = 1; + } + } + } + } + + if (srv->srvconf.port == 0) { + srv->srvconf.port = s->ssl_enabled ? 443 : 80; + } + + return 0; +} |