/* Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License.
*/
/* Server core module... This module provides support for really basic * server operations, including options and commands which control the * operation of other modules. Consider this the bureaucracy module. * * The core module also defines handlers, etc., to handle just enough * to allow a server with the core module ONLY to actually serve documents. * * This file could almost be mod_core.c, except for the stuff which affects * the http_conf_globals.
*/
/* we know core's module_index is 0 */ #undef APLOG_MODULE_INDEX #define APLOG_MODULE_INDEX AP_CORE_MODULE_INDEX
/* Provide ap_document_root_check storage and default value = true */
AP_DECLARE_DATA int ap_document_root_check = 1;
/* magic pointer for ErrorDocument xxx "default" */ staticchar errordocument_default;
/* Global state allocated out of pconf: variables here MUST be * cleared/reset in reset_config(), a pconf cleanup, to avoid the
* variable getting reused after the pool is cleared. */ static apr_array_header_t *saved_server_config_defines = NULL; static apr_table_t *server_config_defined_vars = NULL;
AP_DECLARE_DATA constchar *ap_runtime_dir = NULL;
AP_DECLARE_DATA int ap_main_state = AP_SQ_MS_INITIAL_STARTUP;
AP_DECLARE_DATA int ap_run_mode = AP_SQ_RM_UNKNOWN;
AP_DECLARE_DATA int ap_config_generation = 0;
/* Create this conf by duplicating the base, replacing elements * (or creating copies for merging) where new-> values exist.
*/
conf = (core_dir_config *)apr_pmemdup(a, base, sizeof(core_dir_config));
if (new->opts & OPT_UNSET) { /* there was no explicit setting of new->opts, so we merge * preserve the invariant (opts_add & opts_remove) == 0
*/
conf->opts_add = (conf->opts_add & ~new->opts_remove) | new->opts_add;
conf->opts_remove = (conf->opts_remove & ~new->opts_add)
| new->opts_remove;
conf->opts = (conf->opts & ~conf->opts_remove) | conf->opts_add;
/* If Includes was enabled with exec in the base config, but * was enabled without exec in the new config, then disable
* exec in the merged set. */ if (((base->opts & (OPT_INCLUDES|OPT_INC_WITH_EXEC))
== (OPT_INCLUDES|OPT_INC_WITH_EXEC))
&& ((new->opts & (OPT_INCLUDES|OPT_INC_WITH_EXEC))
== OPT_INCLUDES)) {
conf->opts &= ~OPT_INC_WITH_EXEC;
}
} else { /* otherwise we just copy, because an explicit opts setting * overrides all earlier +/- modifiers
*/
conf->opts = new->opts;
conf->opts_add = new->opts_add;
conf->opts_remove = new->opts_remove;
}
if (!(new->override & OR_UNSET)) {
conf->override = new->override;
}
if (!(new->override_opts & OPT_UNSET)) {
conf->override_opts = new->override_opts;
}
if (new->override_list != NULL) {
conf->override_list = new->override_list;
}
if (conf->response_code_exprs == NULL) {
conf->response_code_exprs = new->response_code_exprs;
} elseif (new->response_code_exprs != NULL) {
conf->response_code_exprs = apr_hash_overlay(a,
new->response_code_exprs, conf->response_code_exprs);
} /* Otherwise we simply use the base->response_code_exprs array
*/
if (new->hostname_lookups != HOSTNAME_LOOKUP_UNSET) {
conf->hostname_lookups = new->hostname_lookups;
}
if (new->content_md5 != AP_CONTENT_MD5_UNSET) {
conf->content_md5 = new->content_md5;
}
if (new->accept_path_info != AP_ACCEPT_PATHINFO_UNSET) {
conf->accept_path_info = new->accept_path_info;
}
if (new->use_canonical_name != USE_CANONICAL_NAME_UNSET) {
conf->use_canonical_name = new->use_canonical_name;
}
if (new->use_canonical_phys_port != USE_CANONICAL_PHYS_PORT_UNSET) {
conf->use_canonical_phys_port = new->use_canonical_phys_port;
}
#ifdef RLIMIT_CPU if (new->limit_cpu) {
conf->limit_cpu = new->limit_cpu;
} #endif
#ifdef RLIMIT_NPROC if (new->limit_nproc) {
conf->limit_nproc = new->limit_nproc;
} #endif
if (new->limit_req_body != AP_LIMIT_REQ_BODY_UNSET) {
conf->limit_req_body = new->limit_req_body;
}
if (new->limit_xml_body != AP_LIMIT_UNSET)
conf->limit_xml_body = new->limit_xml_body;
if (!conf->sec_file) {
conf->sec_file = new->sec_file;
} elseif (new->sec_file) { /* If we merge, the merge-result must have its own array
*/
conf->sec_file = apr_array_append(a, base->sec_file, new->sec_file);
} /* Otherwise we simply use the base->sec_file array
*/
if (!conf->sec_if) {
conf->sec_if = new->sec_if;
} elseif (new->sec_if) { /* If we merge, the merge-result must have its own array
*/
conf->sec_if = apr_array_append(a, base->sec_if, new->sec_if);
} /* Otherwise we simply use the base->sec_if array
*/
if (new->server_signature != srv_sig_unset) {
conf->server_signature = new->server_signature;
}
if (!is_virtual) {
conf->ap_document_root = DOCUMENT_LOCATION;
conf->access_name = DEFAULT_ACCESS_FNAME;
/* A mapping only makes sense in the global context */
conf->accf_map = apr_table_make(a, 5); #if APR_HAS_SO_ACCEPTFILTER
apr_table_setn(conf->accf_map, "http", ACCEPT_FILTER_NAME);
apr_table_setn(conf->accf_map, "https", "dataready"); #elifdefined(WIN32) /* 'data' is disabled on Windows due to a DoS vuln (PR 59970) */
apr_table_setn(conf->accf_map, "http", "connect");
apr_table_setn(conf->accf_map, "https", "connect"); #else
apr_table_setn(conf->accf_map, "http", "data");
apr_table_setn(conf->accf_map, "https", "data"); #endif
conf->flush_max_threshold = AP_FLUSH_MAX_THRESHOLD;
conf->flush_max_pipelined = AP_FLUSH_MAX_PIPELINED;
} else { /* Use main ErrorLogFormat while the vhost is loading */
core_server_config *main_conf =
ap_get_core_module_config(ap_server_conf->module_config);
conf->error_log_format = main_conf->error_log_format;
conf->flush_max_pipelined = -1;
}
/* initialization, no special case for global context */
/* We need to do a stable sort, qsort isn't stable. So to make it stable * we'll be maintaining the original index into the list, and using it * as the minor key during sorting. The major key is the number of * components (where the root component is zero).
*/ struct reorder_sort_rec {
ap_conf_vector_t *elt; int orig_index;
};
/* a regex always sorts after a non-regex
*/ if (!core_a->r && core_b->r) { return -1;
} elseif (core_a->r && !core_b->r) { return 1;
}
/* we always sort next by the number of components
*/ if (core_a->d_components < core_b->d_components) { return -1;
} elseif (core_a->d_components > core_b->d_components) { return 1;
}
/* They have the same number of components, we now have to compare * the minor key to maintain the original order (from the config.)
*/ return a->orig_index - b->orig_index;
}
if (!nelts) { /* simple case of already being sorted... */ /* We're not checking this condition to be fast... we're checking * it to avoid trying to palloc zero bytes, which can trigger some * memory debuggers to barf
*/ return;
}
/* we have to allocate tmp space to do a stable sort */
apr_pool_create(&tmp, p);
apr_pool_tag(tmp, "core_reorder_directories");
sortbin = apr_palloc(tmp, sec_dir->nelts * sizeof(*sortbin)); for (i = 0; i < nelts; ++i) {
sortbin[i].orig_index = i;
sortbin[i].elt = elts[i];
}
/* and now copy back to the original array */ for (i = 0; i < nelts; ++i) {
elts[i] = sortbin[i].elt;
}
apr_pool_destroy(tmp);
}
/***************************************************************** * * There are some elements of the core config structures in which * other modules have a legitimate interest (this is ugly, but necessary * to preserve NCSA back-compatibility). So, we have a bunch of accessors * here...
*/
/* * Optional function coming from mod_authn_core, used for * retrieving the type of authorization
*/ static APR_OPTIONAL_FN_TYPE(authn_ap_auth_type) *authn_ap_auth_type;
/* * Optional function coming from mod_authn_core, used for * retrieving the authorization realm
*/ static APR_OPTIONAL_FN_TYPE(authn_ap_auth_name) *authn_ap_auth_name;
/* * Optional function coming from mod_access_compat, used to determine how access control interacts with authentication/authorization
*/ static APR_OPTIONAL_FN_TYPE(access_compat_ap_satisfies) *access_compat_ap_satisfies;
/* Should probably just get rid of this... the only code that cares is * part of the core anyway (and in fact, it isn't publicised to other * modules).
*/
/* alas, duplication required as we return not-const */ return apr_pstrdup(r->pool, response);
}
/* Code from Harald Hanche-Olsen <hanche@imf.unit.no> */ static APR_INLINE int do_double_reverse (int double_reverse, constchar *remote_host,
apr_sockaddr_t *client_addr,
apr_pool_t *pool)
{
apr_sockaddr_t *sa;
apr_status_t rv;
if (double_reverse) { /* already done */ return double_reverse;
}
if (remote_host == NULL || remote_host[0] == '\0') { /* single reverse failed, so don't bother */ return -1;
}
rv = apr_sockaddr_info_get(&sa, remote_host, APR_UNSPEC, 0, 0, pool); if (rv == APR_SUCCESS) { while (sa) { if (apr_sockaddr_equal(sa, client_addr)) { return 1;
}
sa = sa->next;
}
}
return -1;
}
AP_DECLARE(constchar *) ap_get_remote_host(conn_rec *conn, void *dir_config, int type, int *str_is_ip)
{ int hostname_lookups; int ignored_str_is_ip;
if (!str_is_ip) { /* caller doesn't want to know */
str_is_ip = &ignored_str_is_ip;
}
*str_is_ip = 0;
/* If we haven't checked the host name, and we want to */ if (dir_config) {
hostname_lookups = ((core_dir_config *)ap_get_core_module_config(dir_config))
->hostname_lookups;
if (hostname_lookups == HOSTNAME_LOOKUP_UNSET) {
hostname_lookups = HOSTNAME_LOOKUP_OFF;
}
} else { /* the default */
hostname_lookups = HOSTNAME_LOOKUP_OFF;
}
/* if failed, set it to the NULL string to indicate error */ if (conn->remote_host == NULL) {
conn->remote_host = "";
}
}
if (type == REMOTE_DOUBLE_REV) {
conn->double_reverse = do_double_reverse(conn->double_reverse,
conn->remote_host,
conn->client_addr, conn->pool); if (conn->double_reverse == -1) { return NULL;
}
}
/* * Return the desired information; either the remote DNS name, if found, * or either NULL (if the hostname was requested) or the IP address * (if any identifier was requested).
*/ if (conn->remote_host != NULL && conn->remote_host[0] != '\0') { return conn->remote_host;
} else { if (type == REMOTE_HOST || type == REMOTE_DOUBLE_REV) { return NULL;
} else {
*str_is_ip = 1; return conn->client_ip;
}
}
}
AP_DECLARE(constchar *) ap_get_useragent_host(request_rec *r, int type, int *str_is_ip)
{
conn_rec *conn = r->connection; int hostname_lookups; int ignored_str_is_ip;
/* Guard here when examining the host before the read_request hook * has populated an r->useragent_addr
*/ if (!r->useragent_addr || (r->useragent_addr == conn->client_addr)) { return ap_get_remote_host(conn, r->per_dir_config, type, str_is_ip);
}
if (!str_is_ip) { /* caller doesn't want to know */
str_is_ip = &ignored_str_is_ip;
}
*str_is_ip = 0;
/* if failed, set it to the NULL string to indicate error */ if (r->useragent_host == NULL) {
r->useragent_host = "";
}
}
if (type == REMOTE_DOUBLE_REV) {
r->double_reverse = do_double_reverse(r->double_reverse,
r->useragent_host,
r->useragent_addr, r->pool); if (r->double_reverse == -1) { return NULL;
}
}
/* * Return the desired information; either the remote DNS name, if found, * or either NULL (if the hostname was requested) or the IP address * (if any identifier was requested).
*/ if (r->useragent_host != NULL && r->useragent_host[0] != '\0') { return r->useragent_host;
} else { if (type == REMOTE_HOST || type == REMOTE_DOUBLE_REV) { return NULL;
} else {
*str_is_ip = 1; return r->useragent_ip;
}
}
}
/* * Optional function coming from mod_ident, used for looking up ident user
*/ static APR_OPTIONAL_FN_TYPE(ap_ident_lookup) *ident_lookup;
/* There are two options regarding what the "name" of a server is. The * "canonical" name as defined by ServerName and Port, or the "client's * name" as supplied by a possible Host: header or full URI. * * The DNS option to UseCanonicalName causes this routine to do a * reverse lookup on the local IP address of the connection and use * that for the ServerName. This makes its value more reliable while * at the same time allowing Demon's magic virtual hosting to work. * The assumption is that DNS lookups are sufficiently quick... * -- fanf 1998-10-03
*/
AP_DECLARE(constchar *) ap_get_server_name(request_rec *r)
{
conn_rec *conn = r->connection;
core_dir_config *d; constchar *retval;
d = (core_dir_config *)ap_get_core_module_config(r->per_dir_config);
/* * Get the current server name from the request for the purposes * of using in a URL. If the server name is an IPv6 literal * address, it will be returned in URL format (e.g., "[fe80::1]").
*/
AP_DECLARE(constchar *) ap_get_server_name_for_url(request_rec *r)
{ constchar *plain_server_name = ap_get_server_name(r);
switch (d->use_canonical_name) { case USE_CANONICAL_NAME_OFF: case USE_CANONICAL_NAME_DNS: case USE_CANONICAL_NAME_UNSET: if (d->use_canonical_phys_port == USE_CANONICAL_PHYS_PORT_ON)
port = r->parsed_uri.port_str ? r->parsed_uri.port :
r->connection->local_addr->port ? r->connection->local_addr->port :
r->server->port ? r->server->port :
ap_default_port(r); else/* USE_CANONICAL_PHYS_PORT_OFF or USE_CANONICAL_PHYS_PORT_UNSET */
port = r->parsed_uri.port_str ? r->parsed_uri.port :
r->server->port ? r->server->port :
ap_default_port(r); break; case USE_CANONICAL_NAME_ON: /* With UseCanonicalName on (and in all versions prior to 1.3) * Apache will use the hostname and port specified in the * ServerName directive to construct a canonical name for the * server. (If no port was specified in the ServerName * directive, Apache uses the port supplied by the client if * any is supplied, and finally the default port for the protocol * used.
*/ if (d->use_canonical_phys_port == USE_CANONICAL_PHYS_PORT_ON)
port = r->server->port ? r->server->port :
r->connection->local_addr->port ? r->connection->local_addr->port :
ap_default_port(r); else/* USE_CANONICAL_PHYS_PORT_OFF or USE_CANONICAL_PHYS_PORT_UNSET */
port = r->server->port ? r->server->port :
ap_default_port(r); break; default:
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00110) "ap_get_server_port: Invalid UCN Option somehow");
port = ap_default_port(r); break;
}
/***************************************************************** * * Commands... this module handles almost all of the NCSA httpd.conf * commands, but most of the old srm.conf is in the modules.
*/
/* returns a parent if it matches the given directive */ staticconst ap_directive_t * find_parent(const ap_directive_t *dirp, constchar *what)
{ while (dirp->parent != NULL) {
dirp = dirp->parent;
/* ### it would be nice to have atom-ized directives */ if (ap_cstr_casecmp(dirp->directive, what) == 0) return dirp;
}
if ((forbidden & NOT_IN_DIR_LOC_FILE) == NOT_IN_DIR_LOC_FILE) { if (cmd->path != NULL) { return apr_pstrcat(cmd->pool, cmd->cmd->name, gt, " cannot occur within directory context", NULL);
} if (cmd->cmd->req_override & EXEC_ON_READ) { /* EXEC_ON_READ must be NOT_IN_DIR_LOC_FILE, if not, it will * (deliberately) segfault below in the individual tests...
*/ return NULL;
}
}
s = ap_strchr_c(word, '$'); if (!s) { return word;
}
/* well, actually something to do */
ep = word + strlen(word);
spc = 0;
result = current = &(sresult[spc++]);
current->next = NULL;
current->string = word;
current->len = s - word;
outlen = current->len;
do { /* prepare next entry */ if (current->len) {
current->next = (spc < SMALL_EXPANSION)
? &(sresult[spc++])
: (struct sll *)apr_palloc(p, sizeof(*current->next));
current = current->next;
current->next = NULL;
current->len = 0;
}
if (*s == '$') { if (s[1] == '{' && (e = ap_strchr_c(s+2, '}'))) { char *name = apr_pstrmemdup(p, s+2, e-s-2);
word = NULL; if (server_config_defined_vars)
word = apr_table_get(server_config_defined_vars, name); if (!word)
word = apr_pstrdup(p, getenv(name)); if (word) {
current->string = word;
current->len = strlen(word);
outlen += current->len;
} else { if (ap_strchr(name, ':') == 0)
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, APLOGNO(00111) "Config variable ${%s} is not defined",
name);
current->string = s;
current->len = e - s + 1;
outlen += current->len;
}
s = e + 1;
} else {
current->string = s++;
current->len = 1;
++outlen;
}
} else {
word = s;
s = ap_strchr_c(s, '$');
current->string = word;
current->len = s ? s - word : ep - word;
outlen += current->len;
}
} while (s && *s);
/* assemble result */
res_buf = cp = apr_palloc(p, outlen + 1); do { if (result->len) {
memcpy(cp, result->string, result->len);
cp += result->len;
}
result = result->next;
} while (result);
res_buf[outlen] = '\0';
/* * Make sure we can revert the effects of Define/UnDefine when restarting. * This function must be called once per loading of the config, before * ap_server_config_defines is changed. This may be during reading of the * config, which is even before the pre_config hook is run (due to * EXEC_ON_READ for Define/UnDefine).
*/ staticvoid init_config_defines(apr_pool_t *pconf)
{
saved_server_config_defines = ap_server_config_defines; /* Use apr_array_copy instead of apr_array_copy_hdr because it does not * protect from the way unset_define removes entries.
*/
ap_server_config_defines = apr_array_copy(pconf, ap_server_config_defines);
}
staticconstchar *set_define(cmd_parms *cmd, void *dummy, constchar *name, constchar *value)
{ constchar *err = ap_check_cmd_context(cmd, NOT_IN_HTACCESS); if (err) return err; if (ap_strchr_c(name, ':') != NULL) { return"Variable name must not contain ':'";
}
if (!saved_server_config_defines) {
init_config_defines(cmd->pool);
} if (!ap_exists_config_define(name)) {
*(constchar **)apr_array_push(ap_server_config_defines) = name;
} if (value) { if (!server_config_defined_vars) {
server_config_defined_vars = apr_table_make(cmd->pool, 5);
}
apr_table_setn(server_config_defined_vars, name, value);
}
return NULL;
}
staticconstchar *unset_define(cmd_parms *cmd, void *dummy, constchar *name)
{ int i; constchar **defines; constchar *err = ap_check_cmd_context(cmd, NOT_IN_HTACCESS); if (err) return err; if (ap_strchr_c(name, ':') != NULL) { return"Variable name must not contain ':'";
}
if (!saved_server_config_defines) {
init_config_defines(cmd->pool);
}
defines = (constchar **)ap_server_config_defines->elts; for (i = 0; i < ap_server_config_defines->nelts; i++) { if (strcmp(defines[i], name) == 0) {
defines[i] = *(constchar **)apr_array_pop(ap_server_config_defines); break;
}
}
if (server_config_defined_vars) {
apr_table_unset(server_config_defined_vars, name);
}
return NULL;
}
staticconstchar *generate_error(cmd_parms *cmd, void *dummy, constchar *arg)
{ if (!arg || !*arg) { return"The Error directive was used with no message.";
}
if (*arg == '"' || *arg == '\'') { /* strip off quotes */
apr_size_t len = strlen(arg); char last = *(arg + len - 1);
if (*arg == last) { return apr_pstrndup(cmd->pool, arg + 1, len - 2);
}
}
/* When ap_document_root_check is false; skip all the stuff below */ if (!ap_document_root_check) {
conf->ap_document_root = arg; return NULL;
}
/* Make it absolute, relative to ServerRoot */
arg = ap_server_root_relative(cmd->pool, arg); if (arg == NULL) { return"DocumentRoot must be a directory";
}
/* TODO: ap_configtestonly */ if (apr_filepath_merge((char**)&conf->ap_document_root, NULL, arg,
APR_FILEPATH_TRUENAME, cmd->pool) != APR_SUCCESS
|| !ap_is_directory(cmd->temp_pool, arg)) { if (cmd->server->is_virtual) {
ap_log_perror(APLOG_MARK, APLOG_STARTUP, 0,
cmd->pool, APLOGNO(00112) "Warning: DocumentRoot [%s] does not exist",
arg);
conf->ap_document_root = arg;
} else { return apr_psprintf(cmd->pool, "DocumentRoot '%s' is not a directory, or is not readable",
arg);
}
} return NULL;
}
AP_DECLARE(void) ap_custom_response(request_rec *r, int status, constchar *string)
{
core_request_config *conf = ap_get_core_module_config(r->request_config); int idx;
/* 1st parameter should be a 3 digit number, which we recognize; * convert it into an array index
*/
error_number = atoi(errno_str);
idx500 = ap_index_of_response(HTTP_INTERNAL_SERVER_ERROR);
/* Heuristic to determine second argument. */ if (ap_strchr_c(msg,' '))
what = MSG; elseif (msg[0] == '/')
what = LOCAL_PATH; elseif (ap_is_url(msg))
what = REMOTE_PATH; else
what = MSG;
/* The entry should be ignored if it is a full URL for a 401 error */
if (error_number == 401 && what == REMOTE_PATH) {
ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, cmd->server, APLOGNO(00113) "%s:%d cannot use a full URL in a 401 ErrorDocument " "directive --- ignoring!", cmd->directive->filename, cmd->directive->line_num);
} else { /* Store it... */ if (conf->response_code_exprs == NULL) {
conf->response_code_exprs = apr_hash_make(cmd->pool);
}
if (ap_cstr_casecmp(msg, "default") == 0) { /* special case: ErrorDocument 404 default restores the * canned server error response
*/
apr_hash_set(conf->response_code_exprs,
apr_pmemdup(cmd->pool, &index_number, sizeof(index_number)), sizeof(index_number), &errordocument_default);
} else {
ap_expr_info_t *expr; constchar *expr_err = NULL;
/* hack. Prefix a " if it is a msg; as that is what * http_protocol.c relies on to distinguish between * a msg and a (local) path.
*/ constchar *response =
(what == MSG) ? apr_pstrcat(cmd->pool, "\"", msg, NULL) :
apr_pstrdup(cmd->pool, msg);
/* Throw a warning if we're in <Location> or <Files> */ if (ap_check_cmd_context(cmd, NOT_IN_LOCATION | NOT_IN_FILES)) {
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(00114) "Useless use of AllowOverride in line %d of %s.",
cmd->directive->line_num, cmd->directive->filename);
} if ((err = ap_check_cmd_context(cmd, NOT_IN_HTACCESS)) != NULL) return err;
d->override = OR_NONE; while (l[0]) {
w = ap_getword_conf(cmd->temp_pool, &l);
k = w;
v = strchr(k, '='); if (v) {
*v++ = '\0';
}
staticconstchar *set_override_list(cmd_parms *cmd, void *d_, int argc, char *const argv[])
{
core_dir_config *d = d_; int i; constchar *err;
/* Throw a warning if we're in <Location> or <Files> */ if (ap_check_cmd_context(cmd, NOT_IN_LOCATION | NOT_IN_FILES)) {
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(00115) "Useless use of AllowOverrideList at %s:%d",
cmd->directive->filename, cmd->directive->line_num);
} if ((err = ap_check_cmd_context(cmd, NOT_IN_HTACCESS)) != NULL) return err;
for (i = 0; i < argc; i++) { if (!ap_cstr_casecmp(argv[i], "None")) { if (argc != 1) { return"'None' not allowed with other directives in " "AllowOverrideList";
} return NULL;
} else { const command_rec *result = NULL;
module *mod = ap_top_module;
result = ap_find_command_in_modules(argv[i], &mod); if (result == NULL) {
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server,
APLOGNO(00116) "Discarding unrecognized " "directive `%s' in AllowOverrideList at %s:%d",
argv[i], cmd->directive->filename,
cmd->directive->line_num); continue;
} elseif ((result->req_override & (OR_ALL|ACCESS_CONF)) == 0) {
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server,
APLOGNO(02304) "Discarding directive `%s' not " "allowed in AllowOverrideList at %s:%d",
argv[i], cmd->directive->filename,
cmd->directive->line_num); continue;
} else {
apr_table_setn(d->override_list, argv[i], "1");
}
}
}
return NULL;
}
staticconstchar *set_options(cmd_parms *cmd, void *d_, constchar *l)
{
core_dir_config *d = d_;
allow_options_t opt; int first = 1; int merge = 0; int all_none = 0; char action;
if (*w == '+' || *w == '-') {
action = *(w++); if (!merge && !first && !all_none) { return"Either all Options must start with + or -, or no Option may.";
}
merge = 1;
} elseif (first) {
d->opts = OPT_NONE;
} elseif (merge) { return"Either all Options must start with + or -, or no Option may.";
}
if (!ap_cstr_casecmp(w, "Indexes")) {
opt = OPT_INDEXES;
} elseif (!ap_cstr_casecmp(w, "Includes")) {
opt = (OPT_INCLUDES | OPT_INC_WITH_EXEC);
} elseif (!ap_cstr_casecmp(w, "IncludesNOEXEC")) {
opt = OPT_INCLUDES;
} elseif (!ap_cstr_casecmp(w, "FollowSymLinks")) {
opt = OPT_SYM_LINKS;
} elseif (!ap_cstr_casecmp(w, "SymLinksIfOwnerMatch")) {
opt = OPT_SYM_OWNER;
} elseif (!ap_cstr_casecmp(w, "ExecCGI")) {
opt = OPT_EXECCGI;
} elseif (!ap_cstr_casecmp(w, "MultiViews")) {
opt = OPT_MULTI;
} elseif (!ap_cstr_casecmp(w, "RunScripts")) { /* AI backcompat. Yuck */
opt = OPT_MULTI|OPT_EXECCGI;
} elseif (!ap_cstr_casecmp(w, "None")) { if (!first) { return"'Options None' must be the first Option given.";
} elseif (merge) { /* Only works since None may not follow any other option. */ return"You may not use 'Options +None' or 'Options -None'.";
}
opt = OPT_NONE;
all_none = 1;
} elseif (!ap_cstr_casecmp(w, "All")) { if (!first) { return"'Options All' must be the first option given.";
} elseif (merge) { /* Only works since All may not follow any other option. */ return"You may not use 'Options +All' or 'Options -All'.";
}
opt = OPT_ALL;
all_none = 1;
} else { return apr_pstrcat(cmd->pool, "Illegal option ", w, NULL);
}
/* * Note what data should be used when forming file ETag values. * It would be nicer to do this as an ITERATE, but then we couldn't * remember the +/- state properly.
*/ staticconstchar *set_etag_bits(cmd_parms *cmd, void *mconfig, constchar *args_p)
{
core_dir_config *cfg;
etag_components_t bit; char action; char *token; constchar *args; int valid; int first; intexplicit;
cfg = (core_dir_config *)mconfig;
args = args_p;
first = 1; explicit = 0; while (args[0] != '\0') {
action = '*';
bit = ETAG_UNSET;
valid = 1;
token = ap_getword_conf(cmd->temp_pool, &args); if ((*token == '+') || (*token == '-')) {
action = *token;
token++;
} else { /* * The occurrence of an absolute setting wipes * out any previous relative ones. The first such * occurrence forgets any inherited ones, too.
*/ if (first) {
cfg->etag_bits = ETAG_UNSET;
cfg->etag_add = ETAG_UNSET;
cfg->etag_remove = ETAG_UNSET;
first = 0;
}
}
if (apr_strtoff(&size, arg, &end, 10)
|| *end || size < 0 || size > APR_UINT32_MAX) return apr_pstrcat(cmd->pool, "parameter must be a number between 0 and "
APR_STRINGIFY(APR_UINT32_MAX) "): ",
arg, NULL);
if (apr_strtoff(&size, arg, &end, 10)
|| *end || size < 0 || size > APR_UINT32_MAX) return apr_pstrcat(cmd->pool, "parameter must be a number between 0 and "
APR_STRINGIFY(APR_UINT32_MAX) "): ",
arg, NULL);
if (apr_strtoff(&num, arg, &end, 10)
|| *end || num < -1 || num > APR_INT32_MAX) return apr_pstrcat(cmd->pool, "parameter must be a number between -1 and "
APR_STRINGIFY(APR_INT32_MAX) ": ",
arg, NULL);
if (!limited_methods[0]) { return missing_container_arg(cmd);
}
while (limited_methods[0]) { char *method = ap_getword_conf(cmd->temp_pool, &limited_methods); int methnum;
/* check for builtin or module registered method number */
methnum = ap_method_number_of(method);
if (methnum == M_TRACE && !tog) { return"TRACE cannot be controlled by <Limit>, see TraceEnable";
} elseif (methnum == M_INVALID) { /* method has not been registered yet, but resource restriction * is always checked before method handling, so register it.
*/ if (cmd->pool == cmd->temp_pool) { /* In .htaccess, we can't globally register new methods. */ return apr_psprintf(cmd->pool, "Could not register method '%s' " "for %s from .htaccess configuration",
method, cmd->cmd->name);
}
methnum = ap_method_register(cmd->pool,
apr_pstrdup(cmd->pool, method));
}
limited |= (AP_METHOD_BIT << methnum);
}
/* Killing two features with one function, * if (tog == NULL) <Limit>, else <LimitExcept>
*/
limited = tog ? ~limited : limited;
/* XXX: Bogus - need to do this differently (at least OS2/Netware suffer * the same problem!!! * We use this in <DirectoryMatch> and <FilesMatch>, to ensure that * people don't get bitten by wrong-cased regex matches
*/
if (!strcmp(cmd->path, "~")) {
cmd->path = ap_getword_conf(cmd->pool, &arg); if (!cmd->path) return"<Directory ~ > block must specify a path";
r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED|USE_ICASE); if (!r) { return"Regex could not be compiled";
}
} elseif (thiscmd->cmd_data) { /* <DirectoryMatch> */
r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED|USE_ICASE); if (!r) { return"Regex could not be compiled";
}
} elseif (strcmp(cmd->path, "/") != 0)
{ char *newpath;
/* * Ensure that the pathname is canonical, and append the trailing /
*/
apr_status_t rv = apr_filepath_merge(&newpath, NULL, cmd->path,
APR_FILEPATH_TRUENAME, cmd->pool); if (rv != APR_SUCCESS && rv != APR_EPATHWILD) { return apr_pstrcat(cmd->pool, "<Directory \"", cmd->path, "\"> path is invalid.", NULL);
}
/* Make this explicit - the "/" root has 0 elements, that is, we * will always merge it, and it will always sort and merge first. * All others are sorted and tested by the number of slashes.
*/ if (strcmp(conf->d, "/") == 0)
conf->d_components = 0; else
conf->d_components = ap_count_dirs(conf->d);
ap_add_per_dir_conf(cmd->server, new_dir_conf);
if (*arg != '\0') { return apr_pstrcat(cmd->pool, "Multiple ", thiscmd->name, "> arguments not (yet) supported.", NULL);
}
if (thiscmd->cmd_data) { /* <LocationMatch> */
r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED); if (!r) { return"Regex could not be compiled";
}
} elseif (!strcmp(cmd->path, "~")) {
cmd->path = ap_getword_conf(cmd->pool, &arg);
r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED); if (!r) { return"Regex could not be compiled";
}
}
/* initialize our config and fetch it */
conf = ap_set_config_vectors(cmd->server, new_url_conf, cmd->path,
&core_module, cmd->pool);
if (!arg[0]) { return missing_container_arg(cmd);
}
cmd->path = ap_getword_conf(cmd->pool, &arg); /* Only if not an .htaccess file */ if (!old_path) {
cmd->override = OR_ALL|ACCESS_CONF;
}
if (thiscmd->cmd_data) { /* <FilesMatch> */
r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED|USE_ICASE); if (!r) { return"Regex could not be compiled";
}
} elseif (!strcmp(cmd->path, "~")) {
cmd->path = ap_getword_conf(cmd->pool, &arg);
r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED|USE_ICASE); if (!r) { return"Regex could not be compiled";
}
} else { char *newpath; /* Ensure that the pathname is canonical, but we
* can't test the case/aliases without a fixed path */ if (apr_filepath_merge(&newpath, "", cmd->path,
0, cmd->pool) != APR_SUCCESS) return apr_pstrcat(cmd->pool, "<Files \"", cmd->path, "\"> is invalid.", NULL);
cmd->path = newpath;
}
/* initialize our config and fetch it */
conf = ap_set_config_vectors(cmd->server, new_file_conf, cmd->path,
&core_module, cmd->pool);
/* * Set a dummy value so that other directives notice that they are inside * a config section.
*/
cmd->path = "*If"; /* Only if not an .htaccess file */ if (!old_path) {
cmd->override = OR_ALL|ACCESS_CONF;
}
/* initialize our config and fetch it */
conf = ap_set_config_vectors(cmd->server, new_if_conf, cmd->path,
&core_module, cmd->pool);
if (check_symbol) { /* * There are two phases where calling ap_find_loaded_module_symbol * is problematic: * * During reading of the config, ap_server_conf is invalid but s * points to the main server config, if passed from cmd->server * of an EXEC_ON_READ directive. * * During config parsing, s may be a virtual host that would cause * a segfault in mod_so if passed to ap_find_loaded_module_symbol, * because mod_so's server config for vhosts is initialized later. * But ap_server_conf is already set at this time. * * Therefore we use s if it is not virtual and ap_server_conf if * s is virtual.
*/
found = check_symbol(s->is_virtual ? ap_server_conf : s, name);
}
}
return found;
}
/* Callback function type used by start_cond_section. */ typedefint (*test_cond_section_fn)(cmd_parms *cmd, constchar *arg);
/* Implementation of <IfXXXXX>-style conditional sections. Callback * to test condition must be in cmd->info, matching function type
* test_cond_section_fn. */ staticconstchar *start_cond_section(cmd_parms *cmd, void *mconfig, constchar *arg)
{ constchar *endp = ap_strrchr_c(arg, '>'); int result, not = (arg[0] == '!');
test_cond_section_fn testfn = (test_cond_section_fn)cmd->info; constchar *arg1;
if (endp == NULL) { return unclosed_directive(cmd);
}
/* * At least on Windows, if the path we are testing is not valid (for example * a path on a USB key that is not plugged), 'ap_server_root_relative()' will * return NULL. In such a case, consider that the file is not there and that * the section should be skipped.
*/
relative = ap_server_root_relative(cmd->temp_pool, arg); return (relative &&
(apr_stat(&sb, relative, APR_FINFO_TYPE, cmd->temp_pool) == APR_SUCCESS));
}
if (!arg[0]) { return missing_container_arg(cmd);
}
/* FIXME: There's another feature waiting to happen here -- since you can now put multiple addresses/names on a single <VirtualHost> you might want to use it to group common definitions and then define other "subhosts" with their individual differences. But
personally I'd rather just do it with a macro preprocessor. -djg */ if (main_server->is_virtual) { return"<VirtualHost> doesn't nest!";
}
staticconstchar *set_server_alias(cmd_parms *cmd, void *dummy, constchar *arg)
{ if (!cmd->server->names) { return"ServerAlias only used in <VirtualHost>";
}
while (*arg) { char **item, *name = ap_getword_conf(cmd->pool, &arg);
/* * The ServerName directive takes one argument with format * [scheme://]fully-qualified-domain-name[:port], for instance * ServerName www.example.com * ServerName www.example.com:80 * ServerName https://www.example.com:443
*/
if ((apr_filepath_merge((char**)&ap_server_root, NULL, arg,
APR_FILEPATH_TRUENAME, cmd->pool) != APR_SUCCESS)
|| !ap_is_directory(cmd->temp_pool, ap_server_root)) { return"ServerRoot must be a valid directory";
}
if ((apr_filepath_merge((char**)&ap_runtime_dir, NULL,
ap_server_root_relative(cmd->temp_pool, arg),
APR_FILEPATH_TRUENAME, cmd->pool) != APR_SUCCESS)
|| !ap_is_directory(cmd->temp_pool, ap_runtime_dir)) { return"DefaultRuntimeDir must be a valid directory, absolute or relative to ServerRoot";
}
/* NOTE: ap_include_sentinel is also used by ap_process_resource_config() * during DUMP_INCLUDES; don't change its type or remove it without updating * the other.
*/
apr_pool_userdata_get(&data, "ap_include_sentinel", cmd->pool); if (data) {
recursion = data;
} else {
data = recursion = apr_palloc(cmd->pool, sizeof(*recursion));
*recursion = 0;
apr_pool_userdata_setn(data, "ap_include_sentinel", NULL, cmd->pool);
}
if (++*recursion > AP_MAX_INCLUDE_DEPTH) {
*recursion = 0; return apr_psprintf(cmd->pool, "Exceeded maximum include depth of %u, " "There appears to be a recursion.",
AP_MAX_INCLUDE_DEPTH);
}
conffile = ap_server_root_relative(cmd->pool, name); if (!conffile) {
*recursion = 0; return apr_pstrcat(cmd->pool, "Invalid Include path ",
name, NULL);
}
if (ap_exists_config_define("DUMP_INCLUDES")) { unsigned *line_number;
/* NOTE: ap_include_lineno is used by ap_process_resource_config() * during DUMP_INCLUDES; don't change its type or remove it without * updating the other.
*/
apr_pool_userdata_get(&data, "ap_include_lineno", cmd->pool); if (data) {
line_number = data;
} else {
data = line_number = apr_palloc(cmd->pool, sizeof(*line_number));
apr_pool_userdata_setn(data, "ap_include_lineno", NULL, cmd->pool);
}
if (arg == NULL) return"LogLevel requires level keyword or module loglevel specifier";
level_str = ap_strrchr(arg, ':');
if (level_str == NULL) {
err = ap_parse_log_level(arg, &log->level); if (err != NULL) return err;
ap_reset_module_loglevels(log, APLOG_NO_MODULE);
ap_log_error(APLOG_MARK, APLOG_TRACE3, 0, cmd->server, "Setting LogLevel for all modules to %s", arg); return NULL;
}
*level_str++ = '\0'; if (!*level_str) { return apr_psprintf(cmd->temp_pool, "Module specifier '%s' must be " "followed by a log level keyword", arg);
}
if (conf->server_signature == srv_sig_withmail) { return apr_pstrcat(r->pool, prefix, "<address>",
ap_get_server_banner(), " Server at <a href=\"",
ap_is_url(r->server->server_admin) ? "" : "mailto:",
ap_escape_html(r->pool, r->server->server_admin), "\">",
ap_escape_html(r->pool, ap_get_server_name(r)), "</a> Port ", sport, "</address>\n", NULL);
}
return apr_pstrcat(r->pool, prefix, "<address>", ap_get_server_banner(), " Server at ",
ap_escape_html(r->pool, ap_get_server_name(r)), " Port ", sport, "</address>\n", NULL);
}
/* * Handle a request to include the server's OS platform in the Server * response header field (the ServerTokens directive). Unfortunately * this requires a new global in order to communicate the setting back to * http_main so it can insert the information in the right place in the * string.
*/
AP_DECLARE(void) ap_add_version_component(apr_pool_t *pconf, constchar *component)
{ if (! banner_locked) { /* * If the version string is null, register our cleanup to reset the * pointer on pool destruction. We also know that, if NULL, * we are adding the original SERVER_BASEVERSION string.
*/ if (server_banner == NULL) {
apr_pool_cleanup_register(pconf, NULL, reset_banner,
apr_pool_cleanup_null);
server_banner = apr_pstrdup(pconf, component);
} else { /* * Tack the given component identifier to the end of * the existing string.
*/
server_banner = apr_pstrcat(pconf, server_banner, " ",
component, NULL);
}
}
server_description = apr_pstrcat(pconf, server_description, " ",
component, NULL);
}
/* * This routine adds the real server base identity to the banner string, * and then locks out changes until the next reconfig.
*/ staticvoid set_banner(apr_pool_t *pconf)
{ if (ap_server_tokens == SrvTk_PRODUCT_ONLY) {
ap_add_version_component(pconf, AP_SERVER_BASEPRODUCT);
} elseif (ap_server_tokens == SrvTk_MINIMAL) {
ap_add_version_component(pconf, AP_SERVER_BASEVERSION);
} elseif (ap_server_tokens == SrvTk_MINOR) {
ap_add_version_component(pconf, AP_SERVER_BASEPRODUCT "/" AP_SERVER_MINORREVISION);
} elseif (ap_server_tokens == SrvTk_MAJOR) {
ap_add_version_component(pconf, AP_SERVER_BASEPRODUCT "/" AP_SERVER_MAJORVERSION);
} else {
ap_add_version_component(pconf, AP_SERVER_BASEVERSION " (" PLATFORM ")");
}
/* * Lock the server_banner string if we're not displaying * the full set of tokens
*/ if (ap_server_tokens != SrvTk_FULL) {
banner_locked++;
}
server_description = AP_SERVER_BASEVERSION " (" PLATFORM ")";
}
lim = atoi(arg); if (lim < 0) { return apr_pstrcat(cmd->temp_pool, "LimitRequestFields \"", arg, "\" must be a non-negative integer (0 = no limit)",
NULL);
}
conf->limit_xml_body = atol(arg); if (conf->limit_xml_body < 0) return"LimitXMLRequestBody requires a non-negative integer.";
/* zero is AP_MAX_LIMIT_XML_BODY (implicitly) */ if ((apr_size_t)conf->limit_xml_body > AP_MAX_LIMIT_XML_BODY) return apr_psprintf(cmd->pool, "LimitXMLRequestBody must not exceed " "%" APR_SIZE_T_FMT, AP_MAX_LIMIT_XML_BODY);
return NULL;
}
staticconstchar *set_max_ranges(cmd_parms *cmd, void *conf_, constchar *arg)
{
core_dir_config *conf = conf_; int val = 0;
if (!ap_cstr_casecmp(arg, "none")) {
val = AP_MAXRANGES_NORANGES;
} elseif (!ap_cstr_casecmp(arg, "default")) {
val = AP_MAXRANGES_DEFAULT;
} elseif (!ap_cstr_casecmp(arg, "unlimited")) {
val = AP_MAXRANGES_UNLIMITED;
} else {
val = atoi(arg); if (val <= 0) return"MaxRanges requires 'none', 'default', 'unlimited' or " "a positive integer";
}
conf->max_ranges = val;
return NULL;
}
staticconstchar *set_max_overlaps(cmd_parms *cmd, void *conf_, constchar *arg)
{
core_dir_config *conf = conf_; int val = 0;
if (!ap_cstr_casecmp(arg, "none")) {
val = AP_MAXRANGES_NORANGES;
} elseif (!ap_cstr_casecmp(arg, "default")) {
val = AP_MAXRANGES_DEFAULT;
} elseif (!ap_cstr_casecmp(arg, "unlimited")) {
val = AP_MAXRANGES_UNLIMITED;
} else {
val = atoi(arg); if (val <= 0) return"MaxRangeOverlaps requires 'none', 'default', 'unlimited' or " "a positive integer";
}
conf->max_overlaps = val;
return NULL;
}
staticconstchar *set_max_reversals(cmd_parms *cmd, void *conf_, constchar *arg)
{
core_dir_config *conf = conf_; int val = 0;
if (!ap_cstr_casecmp(arg, "none")) {
val = AP_MAXRANGES_NORANGES;
} elseif (!ap_cstr_casecmp(arg, "default")) {
val = AP_MAXRANGES_DEFAULT;
} elseif (!ap_cstr_casecmp(arg, "unlimited")) {
val = AP_MAXRANGES_UNLIMITED;
} else {
val = atoi(arg); if (val <= 0) return"MaxRangeReversals requires 'none', 'default', 'unlimited' or " "a positive integer";
}
if (limit <= 0) { return"The recursion limit must be greater than zero.";
} if (limit < 4) {
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(00119) "Limiting internal redirects to very low numbers may " "cause normal requests to fail.");
}
conf->redirect_limit = limit;
if (arg2) {
limit = atoi(arg2);
if (limit <= 0) { return"The recursion limit must be greater than zero.";
} if (limit < 4) {
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(00120) "Limiting the subrequest depth to a very low level may" " cause normal requests to fail.");
}
}
while (top->prev || top->main) { if (top->prev) { if (++redirects >= rlimit) { /* uuh, too much. */
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00124) "Request exceeded the limit of %d internal " "redirects due to probable configuration error. " "Use 'LimitInternalRecursion' to increase the " "limit if necessary. Use 'LogLevel debug' to get " "a backtrace.", rlimit);
/* post backtrace */
log_backtrace(r);
/* return failure */ return 1;
}
top = top->prev;
}
if (!top->prev && top->main) { if (++subreqs >= slimit) { /* uuh, too much. */
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00125) "Request exceeded the limit of %d subrequest " "nesting levels due to probable configuration " "error. Use 'LimitInternalRecursion' to increase " "the limit if necessary. Use 'LogLevel debug' to " "get a backtrace.", slimit);
staticchar *parse_errorlog_misc_string(apr_pool_t *p,
ap_errorlog_format_item *it, constchar **sa)
{ constchar *s; char scratch[MAX_STRING_LEN]; char *d = scratch; /* * non-leading white space terminates this string to allow the next field * separator to be inserted
*/ int at_start = 1;
while (s && *s) {
ap_errorlog_format_item *item =
(ap_errorlog_format_item *)apr_array_push(a);
memset(item, 0, sizeof(*item));
res = parse_errorlog_item(p, item, &s); if (res) {
*err = res; return NULL;
} if (item->flags & AP_ERRORLOG_FLAG_MESSAGE) { if (!is_main_fmt) {
*err = "%M cannot be used in once-per-request or " "once-per-connection formats"; return NULL;
}
seen_msg_fmt = 1;
} if (is_main_fmt && item->flags & AP_ERRORLOG_FLAG_REQUIRED) {
*err = "The '+' flag cannot be used in the main error log format"; return NULL;
} if (!is_main_fmt && item->min_loglevel) {
*err = "The loglevel cannot be used as a condition in " "once-per-request or once-per-connection formats"; return NULL;
} if (item->min_loglevel > APLOG_TRACE8) {
*err = "The specified loglevel modifier is out of range"; return NULL;
}
}
if (is_main_fmt && !seen_msg_fmt) {
*err = "main ErrorLogFormat must contain message format string '%M'"; return NULL;
}
if (*arg2) {
apr_array_header_t **e;
e = (apr_array_header_t **) apr_array_push(conf->error_log_req);
*e = parse_errorlog_string(cmd->pool, arg2, &err_string, 0);
}
} else {
err_string = "ErrorLogFormat type must be one of request, connection";
}
for (i = 0; i < argc; i++) {
*(char **)apr_array_push(sconf->unc_list) = apr_pstrdup(cmd->pool, argv[i]);
}
return NULL;
} #endif /* Note --- ErrorDocument will now work from .htaccess files. * The AllowOverride of Fileinfo allows webmasters to turn it off
*/
staticconst command_rec core_cmds[] = {
/* Old access config file commands */
AP_INIT_RAW_ARGS("<Directory", dirsection, NULL, RSRC_CONF, "Container for directives affecting resources located in the specified " "directories"),
AP_INIT_RAW_ARGS("<Location", urlsection, NULL, RSRC_CONF, "Container for directives affecting resources accessed through the " "specified URL paths"),
AP_INIT_RAW_ARGS("<VirtualHost", virtualhost_section, NULL, RSRC_CONF, "Container to map directives to a particular virtual host, takes one or " "more host addresses"),
AP_INIT_RAW_ARGS("<Files", filesection, NULL, OR_ALL, "Container for directives affecting files matching specified patterns"),
AP_INIT_RAW_ARGS("<Limit", ap_limit_section, NULL, OR_LIMIT | OR_AUTHCFG, "Container for authentication directives when accessed using specified HTTP " "methods"),
AP_INIT_RAW_ARGS("<LimitExcept", ap_limit_section, (void*)1,
OR_LIMIT | OR_AUTHCFG, "Container for authentication directives to be applied when any HTTP " "method other than those specified is used to access the resource"),
AP_INIT_RAW_ARGS("<IfModule", start_cond_section, (void *)test_ifmod_section,
EXEC_ON_READ | OR_ALL, "Container for directives based on existence of specified modules"),
AP_INIT_RAW_ARGS("<IfDefine", start_cond_section, (void *)test_ifdefine_section,
EXEC_ON_READ | OR_ALL, "Container for directives based on existence of command line defines"),
AP_INIT_RAW_ARGS("<IfFile", start_cond_section, (void *)test_iffile_section,
EXEC_ON_READ | OR_ALL, "Container for directives based on existence of files on disk"),
AP_INIT_RAW_ARGS("<IfDirective", start_cond_section, (void *)test_ifdirective_section,
EXEC_ON_READ | OR_ALL, "Container for directives based on existence of named directive"),
AP_INIT_RAW_ARGS("<IfSection", start_cond_section, (void *)test_ifsection_section,
EXEC_ON_READ | OR_ALL, "Container for directives based on existence of named section"),
AP_INIT_RAW_ARGS("<DirectoryMatch", dirsection, (void*)1, RSRC_CONF, "Container for directives affecting resources located in the " "specified directories"),
AP_INIT_RAW_ARGS("<LocationMatch", urlsection, (void*)1, RSRC_CONF, "Container for directives affecting resources accessed through the " "specified URL paths"),
AP_INIT_RAW_ARGS("<FilesMatch", filesection, (void*)1, OR_ALL, "Container for directives affecting files matching specified patterns"), #ifdef GPROF
AP_INIT_TAKE1("GprofDir", set_gprof_dir, NULL, RSRC_CONF, "Directory to plop gmon.out files"), #endif
AP_INIT_TAKE1("AddDefaultCharset", set_add_default_charset, NULL, OR_FILEINFO, "The name of the default charset to add to any Content-Type without one or 'Off' to disable"),
AP_INIT_TAKE1("AcceptPathInfo", set_accept_path_info, NULL, OR_FILEINFO, "Set to on or off for PATH_INFO to be accepted by handlers, or default for the per-handler preference"),
AP_INIT_TAKE12("Define", set_define, NULL, EXEC_ON_READ|ACCESS_CONF|RSRC_CONF, "Define a variable, optionally to a value. Same as passing -D to the command line."),
AP_INIT_TAKE1("UnDefine", unset_define, NULL, EXEC_ON_READ|ACCESS_CONF|RSRC_CONF, "Undefine the existence of a variable. Undo a Define."),
AP_INIT_RAW_ARGS("Error", generate_error, NULL, OR_ALL, "Generate error message from within configuration"),
AP_INIT_RAW_ARGS("<If", ifsection, COND_IF, OR_ALL, "Container for directives to be conditionally applied"),
AP_INIT_RAW_ARGS("<ElseIf", ifsection, COND_ELSEIF, OR_ALL, "Container for directives to be conditionally applied"),
AP_INIT_RAW_ARGS("<Else", ifsection, COND_ELSE, OR_ALL, "Container for directives to be conditionally applied"),
/* Old resource config file commands */
AP_INIT_RAW_ARGS("AccessFileName", set_access_name, NULL, RSRC_CONF, "Name(s) of per-directory config files (default: .htaccess)"),
AP_INIT_TAKE1("DocumentRoot", set_document_root, NULL, RSRC_CONF, "Root directory of the document tree"),
AP_INIT_TAKE2("ErrorDocument", set_error_document, NULL, OR_FILEINFO, "Change responses for HTTP errors"),
AP_INIT_RAW_ARGS("AllowOverride", set_override, NULL, ACCESS_CONF, "Controls what groups of directives can be configured by per-directory " "config files"),
AP_INIT_TAKE_ARGV("AllowOverrideList", set_override_list, NULL, ACCESS_CONF, "Controls what individual directives can be configured by per-directory " "config files"),
AP_INIT_RAW_ARGS("Options", set_options, NULL, OR_OPTIONS, "Set a number of attributes for a given directory"),
AP_INIT_TAKE1("DefaultType", set_default_type, NULL, OR_FILEINFO, "the default media type for otherwise untyped files (DEPRECATED)"),
AP_INIT_RAW_ARGS("FileETag", set_etag_bits, NULL, OR_FILEINFO, "Specify components used to construct a file's ETag"),
AP_INIT_TAKE1("EnableMMAP", set_enable_mmap, NULL, OR_FILEINFO, "Controls whether memory-mapping may be used to read files"),
AP_INIT_TAKE1("EnableSendfile", set_enable_sendfile, NULL, OR_FILEINFO, "Controls whether sendfile may be used to transmit files"),
AP_INIT_TAKE1("ReadBufferSize", set_read_buf_size, NULL, ACCESS_CONF|RSRC_CONF, "Size (in bytes) of the memory buffers used to read data"),
AP_INIT_TAKE1("FlushMaxThreshold", set_flush_max_threshold, NULL, RSRC_CONF, "Maximum threshold above which pending data are flushed to the network"),
AP_INIT_TAKE1("FlushMaxPipelined", set_flush_max_pipelined, NULL, RSRC_CONF, "Maximum number of pipelined responses (pending) above which they are " "flushed to the network"), #ifdef WIN32
AP_INIT_TAKE_ARGV("UNCList", set_unc_list, NULL, RSRC_CONF|EXEC_ON_READ, "Controls what UNC hosts may be looked up"), #endif
/* Old server config file commands */
AP_INIT_TAKE1("Protocol", set_protocol, NULL, RSRC_CONF, "Set the Protocol for httpd to use."),
AP_INIT_TAKE2("AcceptFilter", set_accf_map, NULL, RSRC_CONF, "Set the Accept Filter to use for a protocol"),
AP_INIT_TAKE1("Port", ap_set_deprecated, NULL, RSRC_CONF, "Port was replaced with Listen in Apache 2.0"),
AP_INIT_TAKE1("HostnameLookups", set_hostname_lookups, NULL,
ACCESS_CONF|RSRC_CONF, "\"on\" to enable, \"off\" to disable reverse DNS lookups, or \"double\" to " "enable double-reverse DNS lookups"),
AP_INIT_TAKE1("ServerAdmin", set_server_string_slot,
(void *)APR_OFFSETOF(server_rec, server_admin), RSRC_CONF, "The email address of the server administrator"),
AP_INIT_TAKE1("ServerName", server_hostname_port, NULL, RSRC_CONF, "The hostname and port of the server"),
AP_INIT_TAKE1("ServerSignature", set_signature_flag, NULL, OR_ALL, "En-/disable server signature (on|off|email)"),
AP_INIT_TAKE1("ServerRoot", set_server_root, NULL, RSRC_CONF | EXEC_ON_READ, "Common directory of server-related files (logs, confs, etc.)"),
AP_INIT_TAKE1("DefaultRuntimeDir", set_runtime_dir, NULL, RSRC_CONF | EXEC_ON_READ, "Common directory for run-time files (shared memory, locks, etc.)"),
AP_INIT_TAKE1("ErrorLog", set_server_string_slot,
(void *)APR_OFFSETOF(server_rec, error_fname), RSRC_CONF, "The filename of the error log"),
AP_INIT_TAKE12("ErrorLogFormat", set_errorlog_format, NULL, RSRC_CONF, "Format string for the ErrorLog"),
AP_INIT_RAW_ARGS("ServerAlias", set_server_alias, NULL, RSRC_CONF, "A name or names alternately used to access the server"),
AP_INIT_TAKE1("ServerPath", set_serverpath, NULL, RSRC_CONF, "The pathname the server can be reached at"),
AP_INIT_TAKE1("Timeout", set_timeout, NULL, RSRC_CONF, "Timeout duration (sec)"),
AP_INIT_FLAG("ContentDigest", set_content_md5, NULL, OR_OPTIONS, "whether or not to send a Content-MD5 header with each request"),
AP_INIT_TAKE1("UseCanonicalName", set_use_canonical_name, NULL,
RSRC_CONF|ACCESS_CONF, "How to work out the ServerName : Port when constructing URLs"),
AP_INIT_TAKE1("UseCanonicalPhysicalPort", set_use_canonical_phys_port, NULL,
RSRC_CONF|ACCESS_CONF, "Whether to use the physical Port when constructing URLs"), /* TODO: RlimitFoo should all be part of mod_cgi, not in the core */ /* TODO: ListenBacklog in MPM */
AP_INIT_TAKE1("Include", include_config, NULL,
(RSRC_CONF | ACCESS_CONF | EXEC_ON_READ), "Name(s) of the config file(s) to be included; fails if the wildcard does " "not match at least one file"),
AP_INIT_TAKE1("IncludeOptional", include_config, (void*)1,
(RSRC_CONF | ACCESS_CONF | EXEC_ON_READ), "Name or pattern of the config file(s) to be included; ignored if the file " "does not exist or the pattern does not match any files"),
AP_INIT_ITERATE("LogLevel", set_loglevel, NULL, RSRC_CONF|ACCESS_CONF, "Level of verbosity in error logging"),
AP_INIT_TAKE1("NameVirtualHost", ap_set_name_virtual_host, NULL, RSRC_CONF, "A numeric IP address:port, or the name of a host"),
AP_INIT_TAKE1("ServerTokens", set_serv_tokens, NULL, RSRC_CONF, "Determine tokens displayed in the Server: header - Min(imal), " "Major, Minor, Prod(uctOnly), OS, or Full"),
AP_INIT_TAKE1("LimitRequestLine", set_limit_req_line, NULL, RSRC_CONF, "Limit on maximum size of an HTTP request line"),
AP_INIT_TAKE1("LimitRequestFieldsize", set_limit_req_fieldsize, NULL,
RSRC_CONF, "Limit on maximum size of an HTTP request header field"),
AP_INIT_TAKE1("LimitRequestFields", set_limit_req_fields, NULL, RSRC_CONF, "Limit (0 = unlimited) on max number of header fields in a request message"),
AP_INIT_TAKE1("LimitRequestBody", set_limit_req_body,
(void*)APR_OFFSETOF(core_dir_config, limit_req_body), OR_ALL, "Limit (in bytes) on maximum size of request message body"),
AP_INIT_TAKE1("LimitXMLRequestBody", set_limit_xml_req_body, NULL, OR_ALL, "Limit (in bytes) on maximum size of an XML-based request " "body"),
AP_INIT_RAW_ARGS("Mutex", ap_set_mutex, NULL, RSRC_CONF, "mutex (or \"default\") and mechanism"),
AP_INIT_TAKE1("MaxRanges", set_max_ranges, NULL, RSRC_CONF|ACCESS_CONF, "Maximum number of Ranges in a request before returning the entire " "resource, or 0 for unlimited"),
AP_INIT_TAKE1("MaxRangeOverlaps", set_max_overlaps, NULL, RSRC_CONF|ACCESS_CONF, "Maximum number of overlaps in Ranges in a request before returning the entire " "resource, or 0 for unlimited"),
AP_INIT_TAKE1("MaxRangeReversals", set_max_reversals, NULL, RSRC_CONF|ACCESS_CONF, "Maximum number of reversals in Ranges in a request before returning the entire " "resource, or 0 for unlimited"), /* System Resource Controls */ #ifdef RLIMIT_CPU
AP_INIT_TAKE12("RLimitCPU", set_limit_cpu,
(void*)APR_OFFSETOF(core_dir_config, limit_cpu),
OR_ALL, "Soft/hard limits for max CPU usage in seconds"), #else
AP_INIT_TAKE12("RLimitCPU", no_set_limit, NULL,
OR_ALL, "Soft/hard limits for max CPU usage in seconds"), #endif #ifdefined (RLIMIT_DATA) || defined (RLIMIT_VMEM) || defined (RLIMIT_AS)
AP_INIT_TAKE12("RLimitMEM", set_limit_mem,
(void*)APR_OFFSETOF(core_dir_config, limit_mem),
OR_ALL, "Soft/hard limits for max memory usage per process"), #else
AP_INIT_TAKE12("RLimitMEM", no_set_limit, NULL,
OR_ALL, "Soft/hard limits for max memory usage per process"), #endif #ifdef RLIMIT_NPROC
AP_INIT_TAKE12("RLimitNPROC", set_limit_nproc,
(void*)APR_OFFSETOF(core_dir_config, limit_nproc),
OR_ALL, "soft/hard limits for max number of processes per uid"), #else
AP_INIT_TAKE12("RLimitNPROC", no_set_limit, NULL,
OR_ALL, "soft/hard limits for max number of processes per uid"), #endif
AP_INIT_RAW_ARGS("RegexDefaultOptions", set_regex_default_options, NULL, RSRC_CONF, "default options for regexes (prefixed by '+' to add, '-' to del)"),
/* internal recursion stopper */
AP_INIT_TAKE12("LimitInternalRecursion", set_recursion_limit, NULL, RSRC_CONF, "maximum recursion depth of internal redirects and subrequests"),
AP_INIT_FLAG("CGIPassAuth", set_cgi_pass_auth, NULL, OR_AUTHCFG, "Controls whether HTTP authorization headers, normally hidden, will " "be passed to scripts"),
AP_INIT_TAKE2("CGIVar", set_cgi_var, NULL, OR_FILEINFO, "Controls how some CGI variables are set"),
AP_INIT_FLAG("QualifyRedirectURL", set_qualify_redirect_url, NULL, OR_FILEINFO, "Controls whether the REDIRECT_URL environment variable is fully " "qualified"),
AP_INIT_FLAG("StrictHostCheck", set_core_server_flag,
(void *)APR_OFFSETOF(core_server_config, strict_host_check),
RSRC_CONF, "Controls whether a hostname match is required"),
AP_INIT_TAKE1("ForceType", ap_set_string_slot_lower,
(void *)APR_OFFSETOF(core_dir_config, mime_type), OR_FILEINFO, "a mime type that overrides other configured type"),
AP_INIT_TAKE1("SetHandler", set_sethandler, NULL, OR_FILEINFO, "a handler name that overrides any other configured handler"),
AP_INIT_TAKE1("SetOutputFilter", ap_set_string_slot,
(void *)APR_OFFSETOF(core_dir_config, output_filters), OR_FILEINFO, "filter (or ; delimited list of filters) to be run on the request content"),
AP_INIT_TAKE1("SetInputFilter", ap_set_string_slot,
(void *)APR_OFFSETOF(core_dir_config, input_filters), OR_FILEINFO, "filter (or ; delimited list of filters) to be run on the request body"),
AP_INIT_TAKE1("AllowEncodedSlashes", set_allow2f, NULL, RSRC_CONF, "Allow URLs containing '/' encoded as '%2F'"),
/* scoreboard.c directives */
AP_INIT_TAKE1("ScoreBoardFile", ap_set_scoreboard, NULL, RSRC_CONF, "A file for Apache to maintain runtime process management information"),
AP_INIT_FLAG("ExtendedStatus", ap_set_extended_status, NULL, RSRC_CONF, "\"On\" to track extended status information, \"Off\" to disable"),
AP_INIT_FLAG("SeeRequestTail", ap_set_reqtail, NULL, RSRC_CONF, "For extended status, \"On\" to see the last 63 chars of " "the request line, \"Off\" (default) to see the first 63"),
/* * These are default configuration directives that mpms can/should * pay attention to. * XXX These are not for all platforms, and even some Unix MPMs might not want * some directives.
*/
AP_INIT_TAKE1("PidFile", ap_mpm_set_pidfile, NULL, RSRC_CONF, "A file for logging the server process ID"),
AP_INIT_TAKE1("MaxRequestsPerChild", ap_mpm_set_max_requests, NULL, RSRC_CONF, "Maximum number of connections a particular child serves before " "dying. (DEPRECATED, use MaxConnectionsPerChild)"),
AP_INIT_TAKE1("MaxConnectionsPerChild", ap_mpm_set_max_requests, NULL, RSRC_CONF, "Maximum number of connections a particular child serves before dying."),
AP_INIT_TAKE1("CoreDumpDirectory", ap_mpm_set_coredumpdir, NULL, RSRC_CONF, "The location of the directory Apache changes to before dumping core"),
AP_INIT_TAKE1("MaxMemFree", ap_mpm_set_max_mem_free, NULL, RSRC_CONF, "Maximum number of 1k blocks a particular child's allocator may hold."),
AP_INIT_TAKE1("ThreadStackSize", ap_mpm_set_thread_stacksize, NULL, RSRC_CONF, "Size in bytes of stack used by threads handling client connections"), #if AP_ENABLE_EXCEPTION_HOOK
AP_INIT_TAKE1("EnableExceptionHook", ap_mpm_set_exception_hook, NULL, RSRC_CONF, "Controls whether exception hook may be called after a crash"), #endif
AP_INIT_TAKE1("TraceEnable", set_trace_enable, NULL, RSRC_CONF, "'on' (default), 'off' or 'extended' to trace request body content"),
AP_INIT_FLAG("MergeTrailers", set_merge_trailers, NULL, RSRC_CONF, "merge request trailers into request headers or not"),
AP_INIT_ITERATE("Protocols", set_protocols, NULL, RSRC_CONF, "Controls which protocols are allowed"),
AP_INIT_TAKE1("ProtocolsHonorOrder", set_protocols_honor_order, NULL, RSRC_CONF, "'off' (default) or 'on' to respect given order of protocols, " "by default the client specified order determines selection"),
AP_INIT_ITERATE("HttpProtocolOptions", set_http_protocol_options, NULL, RSRC_CONF, "'Allow0.9' or 'Require1.0' (default); " "'RegisteredMethods' or 'LenientMethods' (default); " "'Unsafe' or 'Strict' (default). Sets HTTP acceptance rules"),
AP_INIT_ITERATE("RegisterHttpMethod", set_http_method, NULL, RSRC_CONF, "Registers non-standard HTTP methods"),
AP_INIT_FLAG("MergeSlashes", set_core_server_flag,
(void *)APR_OFFSETOF(core_server_config, merge_slashes),
RSRC_CONF, "Controls whether consecutive slashes in the URI path are merged"),
{ NULL }
};
/***************************************************************** * * Core handlers for various phases of server operation...
*/
/* XXX this seems too specific, this should probably become * some general-case test
*/ if (r->proxyreq) { return HTTP_FORBIDDEN;
} if (!r->uri || ((r->uri[0] != '/') && strcmp(r->uri, "*"))) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00126) "Invalid URI in request '%s' '%s'", r->uri, r->the_request); return HTTP_BAD_REQUEST;
}
if (r->server->path
&& !strncmp(r->uri, r->server->path, r->server->pathlen)
&& (r->server->path[r->server->pathlen - 1] == '/'
|| r->uri[r->server->pathlen] == '/'
|| r->uri[r->server->pathlen] == '\0'))
{
path = r->uri + r->server->pathlen;
} else {
path = r->uri;
} /* * Make sure that we do not mess up the translation by adding two * /'s in a row. This happens under windows when the document * root ends with a /
*/ /* skip all leading /'s (e.g. http://localhost///foo) * so we are looking at only the relative path.
*/ while (*path == '/') {
++path;
} if ((rv = apr_filepath_merge(&r->filename, ap_document_root(r), path,
APR_FILEPATH_TRUENAME
| APR_FILEPATH_SECUREROOT, r->pool))
!= APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(00127) "Cannot map %s to file", r->the_request); return HTTP_FORBIDDEN;
}
r->canonical_filename = r->filename;
return OK;
}
/***************************************************************** * * Test the filesystem name through directory_walk and file_walk
*/ staticint core_map_to_storage(request_rec *r)
{ int access_status;
if ((access_status = ap_directory_walk(r))) { return access_status;
}
if ((access_status = ap_file_walk(r))) { return access_status;
}
/* Check for overrides with ForceType / SetHandler
*/ if (conf->mime_type && strcmp(conf->mime_type, "none"))
ap_set_content_type_ex(r, (char*) conf->mime_type, 1);
if (conf->expr_handler) { constchar *err; constchar *val;
val = ap_expr_str_exec(r, conf->expr_handler, &err); if (err) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(03154) "Can't evaluate handler expression: %s", err); return HTTP_INTERNAL_SERVER_ERROR;
}
if (val != ap_strstr_c(val, "proxy:unix")) { /* Retained for compatibility -- but not for UDS */ char *tmp = apr_pstrdup(r->pool, val);
ap_str_tolower(tmp);
val = tmp;
}
/* Deal with the poor soul who is trying to force path_info to be * accepted within the core_handler, where they will let the subreq * address its contents. This is toggled by the user in the very * beginning of the fixup phase (here!), so modules should override the user's * discretion in their own module fixup phase. It is tristate, if * the user doesn't specify, the result is AP_REQ_DEFAULT_PATH_INFO. * (which the module may interpret to its own customary behavior.) * It won't be touched if the value is no longer AP_ACCEPT_PATHINFO_UNSET, * so any module changing the value prior to the fixup phase * OVERRIDES the user's choice.
*/ if ((r->used_path_info == AP_REQ_DEFAULT_PATH_INFO)
&& (conf->accept_path_info != AP_ACCEPT_PATHINFO_UNSET)) { /* No module knew better, and the user coded AcceptPathInfo */
r->used_path_info = conf->accept_path_info;
}
return OK;
}
staticint default_handler(request_rec *r)
{
conn_rec *c = r->connection;
apr_bucket_brigade *bb;
apr_bucket *e;
core_dir_config *d; int errstatus;
apr_file_t *fd = NULL;
apr_status_t status; /* XXX if/when somebody writes a content-md5 filter we either need to * remove this support or coordinate when to use the filter vs. * when to use this code * The current choice of when to compute the md5 here matches the 1.3 * support fairly closely (unlike 1.3, we don't handle computing md5 * when the charset is translated).
*/ int bld_content_md5;
/* If filters intend to consume the request body, they must * register an InputFilter to slurp the contents of the POST * data from the POST input stream. It no longer exists when * the output filters are invoked by the default handler.
*/ if ((errstatus = ap_discard_request_body(r)) != OK) { return errstatus;
}
if (r->method_number == M_GET || r->method_number == M_POST) { if (r->finfo.filetype == APR_NOFILE) {
ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00128) "File does not exist: %s",
apr_pstrcat(r->pool, r->filename, r->path_info, NULL)); return HTTP_NOT_FOUND;
}
/* Don't try to serve a dir. Some OSs do weird things with * raw I/O on a dir.
*/ if (r->finfo.filetype == APR_DIR) {
ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00129) "Attempt to serve directory: %s", r->filename); return HTTP_NOT_FOUND;
}
if ((r->used_path_info != AP_REQ_ACCEPT_PATH_INFO) &&
r->path_info && *r->path_info)
{ /* default to reject */
ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00130) "File does not exist: %s",
apr_pstrcat(r->pool, r->filename, r->path_info, NULL)); return HTTP_NOT_FOUND;
}
/* We understood the (non-GET) method, but it might not be legal for this particular resource. Check to see if the 'deliver_script' flag is set. If so, then we go ahead and deliver the file since it isn't really content (only GET normally returns content).
Note: based on logic further above, the only possible non-GET method at this point is POST. In the future, we should enable
script delivery for all methods. */ if (r->method_number != M_GET) {
core_request_config *req_cfg;
req_cfg = ap_get_core_module_config(r->request_config); if (!req_cfg->deliver_script) { /* The flag hasn't been set for this request. Punt. */
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00131) "This resource does not accept the %s method.",
r->method); return HTTP_METHOD_NOT_ALLOWED;
}
}
e = apr_bucket_eos_create(c->bucket_alloc);
APR_BRIGADE_INSERT_TAIL(bb, e);
status = ap_pass_brigade(r->output_filters, bb);
apr_brigade_cleanup(bb);
if (status == APR_SUCCESS
|| r->status != HTTP_OK
|| c->aborted) { return OK;
} else { /* no way to know what type of error occurred */
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, status, r, APLOGNO(00133) "default_handler: ap_pass_brigade returned %i",
status); return AP_FILTER_ERROR;
}
} else { /* unusual method (not GET or POST) */ if (r->method_number == M_INVALID) { /* See if this looks like an undecrypted SSL handshake attempt. * It's safe to look a couple bytes into the_request if it exists, as it's * always allocated at least MIN_LINE_ALLOC (80) bytes.
*/ if (r->the_request
&& r->the_request[0] == 0x16
&& (r->the_request[1] == 0x2 || r->the_request[1] == 0x3)) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00134) "Invalid method in request %s - possible attempt to establish SSL connection on non-SSL port", r->the_request);
} else {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00135) "Invalid method in request %s", r->the_request);
} return HTTP_NOT_IMPLEMENTED;
}
/* Optional function coming from mod_logio, used for logging of output * traffic
*/
APR_OPTIONAL_FN_TYPE(ap_logio_add_bytes_out) *ap__logio_add_bytes_out;
APR_OPTIONAL_FN_TYPE(authz_some_auth_required) *ap__authz_ap_some_auth_required;
/* Insist that at least one module will undertake to provide system * security by dropping startup privileges.
*/ staticint sys_privileges = 0;
AP_DECLARE(int) ap_sys_privileges_handlers(int inc)
{
sys_privileges += inc; return sys_privileges;
}
staticint core_create_req(request_rec *r)
{ /* Alloc the config struct and the array of request notes in * a single block for efficiency
*/
core_request_config *req_cfg;
/* Got a connection structure, so initialize what fields we can * (the rest are zeroed out by pcalloc).
*/
c->pool = ptrans;
c->conn_config = ap_create_conn_config(ptrans);
c->notes = apr_table_make(ptrans, 5);
net = apr_palloc(c->pool, sizeof(*net)); /* The Nagle algorithm says that we should delay sending partial * packets in hopes of getting more data. We don't want to do * this; we are not telnet. There are bad interactions between * persistent connections and Nagle's algorithm that have very severe * performance penalties. (Failing to disable Nagle is not much of a * problem with simple HTTP.)
*/
rv = apr_socket_opt_set(csd, APR_TCP_NODELAY, 1); if (rv != APR_SUCCESS && rv != APR_ENOTIMPL) { /* expected cause is that the client disconnected already, * hence the debug level
*/
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, rv, c, APLOGNO(00139) "apr_socket_opt_set(APR_TCP_NODELAY)");
}
/* The core filter requires the timeout mode to be set, which * incidentally sets the socket to be nonblocking. If this * is not initialized correctly, Linux - for example - will * be initially blocking, while Solaris will be non blocking * and any initial read will fail.
*/
rv = apr_socket_timeout_set(csd, c->base_server->timeout); if (rv != APR_SUCCESS) { /* expected cause is that the client disconnected already */
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, rv, c, APLOGNO(00140) "apr_socket_timeout_set");
}
AP_DECLARE(int) ap_pre_connection(conn_rec *c, void *csd)
{ int rc = OK;
rc = ap_run_pre_connection(c, csd); if (rc != OK && rc != DONE) {
c->aborted = 1; /* * In case we errored, the pre_connection hook of the core * module maybe did not run (it is APR_HOOK_REALLY_LAST) and * hence we missed to * * - Put the socket in c->conn_config * - Setup core output and input filters * - Set socket options and timeouts * * Hence call it in this case.
*/ if (!ap_get_conn_socket(c)) {
core_pre_connection(c, csd);
}
} return rc;
}
AP_DECLARE(int) ap_state_query(int query)
{ switch (query) { case AP_SQ_MAIN_STATE: return ap_main_state; case AP_SQ_RUN_MODE: return ap_run_mode; case AP_SQ_CONFIG_GEN: return ap_config_generation; default: return AP_SQ_NOT_SUPPORTED;
}
}
staticvoid core_child_init(apr_pool_t *pchild, server_rec *s)
{
apr_proc_t proc; #if APR_HAS_THREADS int threaded_mpm; if (ap_mpm_query(AP_MPMQ_IS_THREADED, &threaded_mpm) == APR_SUCCESS
&& threaded_mpm)
{
apr_thread_mutex_create(&rng_mutex, APR_THREAD_MUTEX_DEFAULT, pchild);
} #endif /* The MPMs use plain fork() and not apr_proc_fork(), so we have to call * apr_random_after_fork() manually in the child
*/
proc.pid = getpid();
apr_random_after_fork(&proc);
}
AP_CORE_DECLARE(void) ap_random_parent_after_fork(void)
{ /* * To ensure that the RNG state in the parent changes after the fork, we * pull some data from the RNG and discard it. This ensures that the RNG * states in the children are different even after the pid wraps around. * As we only use apr_random for insecure random bytes, pulling 2 bytes * should be enough. * XXX: APR should probably have some dedicated API to do this, but it * XXX: currently doesn't.
*/
apr_uint16_t data;
apr_random_insecure_bytes(rng, &data, sizeof(data));
}
AP_CORE_DECLARE(void) ap_init_rng(apr_pool_t *p)
{ unsignedchar seed[8];
apr_status_t rv;
rng = apr_random_standard_new(p); do {
rv = apr_generate_random_bytes(seed, sizeof(seed)); if (rv != APR_SUCCESS) goto error;
apr_random_add_entropy(rng, seed, sizeof(seed));
rv = apr_random_insecure_ready(rng);
} while (rv == APR_ENOTENOUGHENTROPY); if (rv == APR_SUCCESS) return;
error:
ap_log_error(APLOG_MARK, APLOG_CRIT, rv, NULL, APLOGNO(00141) "Could not initialize random number generator"); exit(1);
}
AP_DECLARE(void) ap_random_insecure_bytes(void *buf, apr_size_t size)
{ #if APR_HAS_THREADS if (rng_mutex)
apr_thread_mutex_lock(rng_mutex); #endif /* apr_random_insecure_bytes can only fail with APR_ENOTENOUGHENTROPY, * and we have ruled that out during initialization. Therefore we don't * need to check the return code.
*/
apr_random_insecure_bytes(rng, buf, size); #if APR_HAS_THREADS if (rng_mutex)
apr_thread_mutex_unlock(rng_mutex); #endif
}
/* * Finding a random number in a range. * n' = a + n(b-a+1)/(M+1) * where: * n' = random number in range * a = low end of range * b = high end of range * n = random number of 0..M * M = maxint * Algorithm 'borrowed' from PHP's rand() function.
*/ #define RAND_RANGE(__n, __min, __max, __tmax) \
(__n) = (__min) + (long) ((double) ((__max) - (__min) + 1.0) * ((__n) / ((__tmax) + 1.0)))
AP_DECLARE(apr_uint32_t) ap_random_pick(apr_uint32_t min, apr_uint32_t max)
{
apr_uint32_t number; #if (!__GNUC__ || __GNUC__ >= 5 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 8) || \
!__sparc__ || APR_SIZEOF_VOIDP != 8) /* This triggers a gcc bug on sparc/64bit with gcc < 4.8, PR 52900 */ if (max < 16384) {
apr_uint16_t num16;
ap_random_insecure_bytes(&num16, sizeof(num16));
RAND_RANGE(num16, min, max, APR_UINT16_MAX);
number = num16;
} else #endif
{
ap_random_insecure_bytes(&number, sizeof(number));
RAND_RANGE(number, min, max, APR_UINT32_MAX);
} return number;
}
/* make sure httpd closes the connection after this */
c->keepalive = AP_CONN_CLOSE; return DONE;
}
}
}
} elseif (!c->keepalives) { /* first request on a master connection, if we have protocols other * than the current one enabled here, announce them to the * client. If the client is already talking a protocol with requests
* on slave connections, leave it be. */ const apr_array_header_t *upgrades;
ap_get_protocol_upgrades(c, r, NULL, 0, &upgrades); if (upgrades && upgrades->nelts > 0) { char *protocols = apr_array_pstrcat(r->pool, upgrades, ',');
apr_table_setn(r->headers_out, "Upgrade", protocols);
apr_table_setn(r->headers_out, "Connection", "Upgrade");
}
}
/* create_connection and pre_connection should always be hooked * APR_HOOK_REALLY_LAST by core to give other modules the opportunity * to install alternate network transports and stop other functions * from being run.
*/
ap_hook_create_connection(core_create_conn, NULL, NULL,
APR_HOOK_REALLY_LAST);
ap_hook_pre_connection(core_pre_connection, NULL, NULL,
APR_HOOK_REALLY_LAST);
ap_hook_pre_config(core_pre_config, NULL, NULL, APR_HOOK_REALLY_FIRST);
ap_hook_post_config(core_post_config,NULL,NULL,APR_HOOK_REALLY_FIRST);
ap_hook_check_config(core_check_config,NULL,NULL,APR_HOOK_FIRST);
ap_hook_test_config(core_dump_config,NULL,NULL,APR_HOOK_FIRST);
ap_hook_translate_name(ap_core_translate,NULL,NULL,APR_HOOK_REALLY_LAST);
ap_hook_map_to_storage(core_upgrade_storage,NULL,NULL,APR_HOOK_REALLY_FIRST);
ap_hook_map_to_storage(core_map_to_storage,NULL,NULL,APR_HOOK_REALLY_LAST);
ap_hook_open_logs(ap_open_logs,NULL,NULL,APR_HOOK_REALLY_FIRST);
ap_hook_child_init(core_child_init,NULL,NULL,APR_HOOK_REALLY_FIRST);
ap_hook_child_init(ap_logs_child_init,NULL,NULL,APR_HOOK_MIDDLE);
ap_hook_handler(core_upgrade_handler,NULL,NULL,APR_HOOK_REALLY_FIRST);
ap_hook_handler(default_handler,NULL,NULL,APR_HOOK_REALLY_LAST); /* FIXME: I suspect we can eliminate the need for these do_nothings - Ben */
ap_hook_type_checker(do_nothing,NULL,NULL,APR_HOOK_REALLY_LAST);
ap_hook_fixups(core_override_type,NULL,NULL,APR_HOOK_REALLY_FIRST);
ap_hook_create_request(core_create_req, NULL, NULL, APR_HOOK_MIDDLE);
APR_OPTIONAL_HOOK(proxy, create_req, core_create_proxy_req, NULL, NULL,
APR_HOOK_MIDDLE);
ap_hook_pre_mpm(ap_create_scoreboard, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_child_status(ap_core_child_status, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_insert_network_bucket(core_insert_network_bucket, NULL, NULL,
APR_HOOK_REALLY_LAST);
ap_hook_dirwalk_stat(core_dirwalk_stat, NULL, NULL, APR_HOOK_REALLY_LAST);
ap_hook_open_htaccess(ap_open_htaccess, NULL, NULL, APR_HOOK_REALLY_LAST);
ap_hook_optional_fn_retrieve(core_optional_fn_retrieve, NULL, NULL,
APR_HOOK_MIDDLE);
ap_hook_get_pollfd_from_conn(core_get_pollfd_from_conn, NULL, NULL,
APR_HOOK_REALLY_LAST);
/* register the core's insert_filter hook and register core-provided * filters
*/
ap_hook_insert_filter(core_insert_filter, NULL, NULL, APR_HOOK_MIDDLE);
¤ Diese beiden folgenden Angebotsgruppen bietet das Unternehmen0.103Angebot
(Wie Sie bei der Firma Beratungs- und Dienstleistungen beauftragen können 2026-04-25)
¤
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.
