Parent Directory
|
Revision Log
| Links to HEAD: | (view) (download) (annotate) |
| Sticky Revision: |
mod_lua: Make r.ap_auth_type writable This completes the option of setting the remote user by the authentication mechanism which actually verified the user. One possible usecase is that a proxied (upstream) server performs the authentication, but the access log of HTTPd does not contain this information. The upstream server can pass this kind of information back to HTTPd and both servers will have consistent access logs. Submitted by: Michael Osipov <michaelo apache.org> PR: 62497 Github: closes #67
mpm_event,mod_http2,mod_status: Follow up to r1918257: CONN_STATE_ASYNC_WAITIO. Per discussion on PR #449, have a separate state for returning the connection to the MPM to wait for an IO (namely CONN_STATE_ASYNC_WAITIO), rather than (ab)using CONN_STATE_PROCESSING. This removes the need for AGAIN added in r1918257 (for now), and AP_MPMQ_CAN_AGAIN is renamed to AP_MPMQ_CAN_WAITIO. This is also the state that mod_status accounts for, so rename ->processing to ->wait_io in process_score (shows as "wait-io" in mod_status and mod_lua).
mpm_event, mod_status: Separate processing and write completion queues. As a follow up to r1918022 which handled the new CONN_STATE_PROCESS(ing) and existing CONN_STATE_WRITE_COMPLETION in the same async queue, let's now have two separates ones which allows more relevant async accounting in mod_status. Rename CONN_STATE_PROCESS to CONN_STATE_PROCESSING as it's how it will be called in mod_status. * include/ap_mmn.h: MMN minor bump for process_score->processing counter. * include/httpd.h: Rename CONN_STATE_PROCESS to CONN_STATE_PROCESSING. * include/scoreboard.h: Add process_score->processing field. * include/httpd.h, modules/http/http_core.c, modules/http2/h2_c1.c, server/mpm/event/event.c, server/mpm/motorz/motorz.c, server/mpm/simple/simple_io.c: Rename CONN_STATE_PROCESS to CONN_STATE_PROCESSING. * server/mpm/event/event.c: Restore write_completion_q to handle connections in CONN_STATE_WRITE_COMPLETION. Use processing_q (renamed from process_q) solely for CONN_STATE_PROCESSING. Update process_score->processing according to the length of processing_q. * modules/generators/mod_status.c: Show the value of process_score->processing in the stats.
use filters consistently
cast first
* Avoid "may be uninitialized" warning
mod_lua: Error out if lua_read_body() or lua_write_body() fail. Otherwise r:requestbody() or r:parsebody() failures might go unnoticed for the user.
* Improve error handling
add r/o iterable tables The current apr tables exposed support get/set but we cannot get the keys or iterate. add _table() alternatives
Fix comment in mod_lua and docs. s/addoutputfilter/add_output_filter/ See PR 62359
Fix PR54848 in a 2.4.x backportable format. Ideally deprecating the use of ->client in whatever version of 2.4 this is added into would be more logical.
Fix some typos reported in PR 59998 Most add already been fixed when PR 59990 had been applied on trunk. Thx klemens
Fix new compilation breakage in mod_lua.
More mod_lua compat for Lua 5.1, 5.2, 5.3. One last use of luaL_register() with a non-NULL "name" argument remaining. Not tested yet.
mod_lua: Improve compatibility with Lua 5.1, 5.2 and 5.3. PR58188, PR60831, PR61245. Still to solve: replace uses of luaL_register().
Save a few bytes in the request pool.
check: merge warning fixes from feature branch
https://bz.apache.org/bugzilla/show_bug.cgi?id=58855 Optimize check for empty strings
check: merge MPM-DSO fixes from feature branch
Fix typo in comment (s/patterm/pattern/).
Added some more log numbers to log statements that had none. Those were not detected by the coccinelle script. Only a few hard cases are remaining now.
Added many log numbers to log statements that had none. Those were not detected by the coccinelle script.
Added many log numbers to log statements that had none. Handled all files in modules/. I used the coccinelle script provided by Stefan.
followup to r1657261 whitespace only -- reindent body of while loop. (no change under svn diff -x-w)
*) SECURITY: CVE-2015-0228 (cve.mitre.org)
mod_lua: A maliciously crafted websockets PING after a script
calls r:wsupgrade() can cause a child process crash.
[Edward Lu <Chaosed0 gmail.com>]
Discovered by Guido Vranken <guidovranken gmail.com>
Submitted by: Edward Lu
Committed by: covener
Fix bit-shifting of websockets frame fields that would yield wrong opcodes when the FIN bit was set. Results in PING not being recognized by mod_lua. PR57524 Submitted By: Edward Lu Committed By: covener
mod_lua: Initial attempt at passing on the configuration tree to Lua.
Switch from lua_objlen() to Lua 5.2 preferred lua_rawlen(). Define lua_rawlen() in terms of lua_objlen() when building against older Lua.
Add missing APLOGNO. Refactor some lines to keep APLOGNO on the same line as ap_log_error, when applicable. Split lines longer than 80. Improve alignment.
mod_lua: Don't quote values in cookies; Make IE happy again [#56734]
SECURITY (CVE-2014-0226): Fix a race condition in scoreboard handling, which could lead to a heap buffer overflow. Thanks to Marek Kroemeke working with HP's Zero Day Initiative for reporting this. * include/scoreboard.h: Add ap_copy_scoreboard_worker. * server/scoreboard.c (ap_copy_scoreboard_worker): New function. * modules/generators/mod_status.c (status_handler): Use it. * modules/lua/lua_request.c (lua_ap_scoreboard_worker): Likewise. Reviewed by: trawick, jorton, covener, jim Submitted by: jorton, covener
back to c89
mod_lua: stop complaining
mod_lua: Use binary strstr for finding endpoints of a multipart object. (How did this EVER work?! *sigh*)
mod_lua: Redesign the table construction/access mechanism, so we pass on a struct with the request_rec, the table pointer and the table name instead of just the table pointer. This allows us to use the request_rec for logging/editing purposes, as well as inform the user which exact table in the request_rec was modified.
mod_lua: escape key/value pairs when setting cookies to prevent header splitting with tainted cookies.
this wasn't supposed to be a pointer, thanks Yann!
Remove bad line that snuck into the commit
mod_lua: Only read up to whatever the user defines as max size when using r:parsebody() - if content length is greater, return an error.
mod_lua: Add r:wspeek for checking if data is available to be read.
mod_lua: Slight null-check fix on setcookie.
use err_headers_out for setting cookies instead of headers_out, so they persist on non-2xx/3xx statuses (Thanks to Joe Schaefer for this)
mod_lua: Upgrade r:setcookie to accept a table of arguments, and add domain, path and HttpOnly to the list of options available for setting. PR 56128
mod_lua: Fix r:setcookie() to add, rather than replace, the Set-Cookie header. PR56105 Submitted By: Kevin J Walters <kjw ms com>, Edward Lu <Chaosed0 gmail com> Committed By: covener
Fix support for uploading files by using pushlstring instead of pushstring when pushing binary data.
mod_lua: Detect "All" or "None" before putting together a potentially blank (or static) string.
get arpa/inet.h from apr_want.h for htons where applicable
mod_lua: Fix compiler warning by using correct APR_SIZE_T_FMT and APR_OFF_T_FMT format macro in debug logging.
apr_file_write_full() simplification (like r1542413 and r1542416) hopefully I sidestepped the surprising conflation of OK/APR_SUCCESS in this code
mod_lua: Use a (new) global pool/mutex setup for IVM rather than a per-process pool.
mod_lua: ap_ntoh64 endianess test
mod_lua: Figure out a way to read from SSL connections with WebSockets. Brigades ain't my strong side, so if someone could adjust it a bit, that'd be swell. It _works_, but I'm sure it could be improved upon. Also make r:wsclose() work properly with SSL.
Use APR type; rename var.
Fixed ap_ntoh64 argument.
mod_lua: Add rudimentary WebSocket support. This is a WIP (emphasis on the W, I and P) and subject to change as the idea surrounding it evolves into something meaningful. But for now, WebSockets, yay! Please do review this!
mod_lua: init cookie as NULL.
remove an unneeded variable I just added, oops.
mod_lua: Use ap_cookie_read for reading cookie values, since it's already there.
Add r:setcookie(key, val, secure, expires) and r:getcookie(key) to the request_rec table.
Fix some compiler warnings.
Added new r:touch() function.
Added new function r.date_parse_rfc() to mod_lua.
Fixed crash condition when r.module_info() is called for modules which dont have directives. Bug found and fix submitted by gsmith, slightly modified by fuankg.
Added new functions r:mkdir(), r:mkrdir(), r:rmdir() to mod_lua.
Added new function r:htpassword() to mod_lua.
Added optional parameter wanted to r:stat().
cosmetics.
Remove unneeded exports from mod_lua.
Whoops - one empty line too much.
Removed a bunch of empty lines.
Changed r.sleep(s) to r.usleep(ms).
Cast uint16 return value to int. This fixes a crash on Windows when compiled with MSVC9.
Fixed Lua type.
Fixed compiler warning; sorted includes.
Revert part of r1476482 which disabled fractions of seconds with r.sleep().
lua header update part 1: EDOESNOTBUILD. First include mod_lua which sets LUA_COMPAT_ALL, then lua.h which uses it. Needed at least to build with lua 5.2.
Fixed the base64 functions.
Added function to get all entries of a directory.
Reduce compiler warnings. Fixed some types, added casts, or changed to proper function.
Fixed r.started value to return seconds.
Use a mutex to control read/write for IVM values, so we can reuse the existing structures without running into race conditions. This should get rid of the need to have MaxConnectionsPerChild set to > 0. If a new value is set and is a string, we either use the existing varbuf or grow it accordingly.
use ap_varbuf instead of allocating new strings each time we override an old one. This uses leaks less memory, but it's still not perfect (but it's a start - maybe I need to use a mutex for this, to override the original object without running into race conditions)
r.started already exists as a built in variable, so let's not make it a function as well.
exists_config_define should return a boolean, not a number, or it will always evaluate to true.
remove redundant code
Remove lua_ap_banner, as it's no longer being used. Add ivm_get/ivm_set for Inter-VM data transfer. This allows multiple VMs across a process to share data without having to resort to external databases or filesystems. This is a work in progress, and I have yet to work out a proper way of resetting a variable without causing a memory leak (this could be done by allocating a new pool for each object, but I'm trying to see if there's a more efficient way). Comments, ideas etc are most welcome.
Only ask for the stat info we really use.
Return early with an error instead of returning an incomplete match table.
Whoops, one AP_MAX_REG_MATCH not caught.
Decouple mod_lua max regex matches from AP_MAX_REG_MATCH. Bumped the default to 25 matches; this default can be overwritten with a CLFAGS define.
silly me
fix some bugs reported by fuankg on Windows release builds.
fix up r.banner and r.port so they work like variables and not functions (seems to have already been put in there), duplicate??
fix docs on regex matching, change the actual ordering of arguments to match the docs, and enforce AP_MAX_REG_MATCH in the function, should it somehow return more matches than we have allocated
MOdified r:stat() to return finer time granularity. the atime, mtime, ctime, size values ar now in mod_lua 64bit as received from apr_stat().
Fixed typo; followup to r1467188.
Added optional parameter flags to lua_ap_regex(). This enables to call r:regex() with a flag to do case-insensitive matches.
Fixed Lua r:stat() time values.
r:regex was not returning the last captured group, as we were one off on how many captures to push to the table.
If r:regex does not match, only return 'false', don't try to create error messages, because there should not be any - it's either match or no match here at this point.
Using the traditional way of declaring Lua functions does not seem to work with NetWare (and possibly Windows too?) Thus, at least until we find a smarter way, we have to move the r:* functions into lua_request.c and connect them from there. The only functional change is that the transferred functions are now called through the request object instead of the apache2 package. The distinction between what merited it to be in either structure seems very vague, so for now, we'll keep the HTTP return codes in the apache2 table, and the request/server functions in the request object.
Add database features for mod_lua (apr_dbd + mod_dbd). See documentation update for API and examples.
Remove reference to top secret project! You did not see this commit message ;)
mod_lua: Fix multipart post parsing, so it doesn't include random bytes at the end.
mod_lua: Fix Windows compatibility issues and remove an unused variable. Thanks, Gregg!
mod_lua: Fix signedness/other small bugs as per cjaillet/fuankg's emails - thanks guys :)
lua_request.c: Add support for parsing multipart form data via r:parsebody. This is a bit RFC-centric, suggestions are most welcome.
mod_lua/lua_request.c: Make r:write return the return value of ap_rwrite, so mod_lua can check for success/failure in writing.
mod_lua: Add r:flush, r:sendfile as well as additional request information in the request_rec structure
- Define LUA_COMPAT_ALL so mod_lua will be compatible with Lua 5.2 - Add an optional integer argument for parsebody, specifying the maximum size of POST that will be accepted.
Add the missing parsebody function to mod_lua, for parsing POST data. PR 53064.
mod_lua: Add a few missing request_rec fields. Rename remote_ip to client_ip to match conn_rec
allow tail call optimization in log methods, remove foo method
Fix some typos
Further clarify the naming of the entity that directly connects to us by calling that entity a client instead of a peer.
Add lots of unique tags to error log messages
Introduce a per connection "peer_ip" and a per request "client_ip" to distinguish between the raw IP address of the connection and the effective IP address of the request.
* modules/lua/mod_lua.c (ap_lua_ssl_is_https): New function. (lua_post_config): Pick up ssl_is_https optional function. * modules/lua/lua_request.c (req_ssl_is_https_field): New function. (ap_lua_load_request): Map is_https field to above.
expose r:trace1-8
mod_lua: Expose SSL variables via r:ssl_var_lookup()
correct return val, the char* is pushed on the lua stack.
provide ap_escape_html as r:escape_html()
make r.handler and r.proxyreq readable too
add constants for PROXYREQ_* to the apache2 global, allow r.proxyreq and r.handler to be writable.
alphabetize writable lua properties and use strcmp() for the oddball that's just testing quality of "user".
make r.args read/write for rewrite refugees.
expose ap_construct_url to lua scripts
Fix format string bugs in mod_lua. Found by gcc and pointed out by Igor Galic.
Cleanup effort in prep for GA push: Trim trailing whitespace... no func change
Merge branch revert-ap-ldap: Revert ap_ldap integration due to veto by Graham Leggett Mailing list threads: http://mail-archives.apache.org/mod_mbox/httpd-dev/201106.mbox/%3C4192DC1D-C0B9-42BB-B614-C3A41290F18B@sharp.fm%3E http://mail-archives.apache.org/mod_mbox/httpd-dev/201107.mbox/%3C4E15E51E.4090700@rowe-clan.net%3E
expose subprocess_env on lua request object
Added casts to make strict compilers happy.
Mop up more than a dozen const'ness faults
Drop ap_body_to_table due to missing constraints; a DoS waiting for an exploit. Some mod_lua fan aught to revisit this and provide a sensible implementation.
Use the new APLOG_USE_MODULE/AP_DECLARE_MODULE macros everywhere to take advantage of per-module loglevels
Fix some modules to make them compile with per-module loglevels.
expose r->notes to lua
* modules/lua/: s/apr_strnatcmp/strcmp/ - strnat*cmp functions are for natural order string sorting.
allow setting of r->user from lua
map r->err_headers_out into lua
push_connection, push_server also targetted for export, no?
fix symbol space and exports
remove leftover debug statement
change syntax for getting document root in mod_lua to r.document_root, suggested by Bertrand Mansion
change r.content_type = "something" to use ap_set_content_type, which it should as was pointed out by Bertrand Mansion
changes headers_in and headers_out handling in mod_lua to map apr_table_t instances as boxed pointers
Add in the ability to fetch from headers_in.
Fix more ISO C90 forbids mixed declarations and code...
Rename rstack_dump to apl_rstack_dump.
Attempt to make mod_lua compile under a strict c89 compiler by moving all variable declarations to be before code.
Reformat mod_lua according to the HTTP Server Project C Style Guide: <http://httpd.apache.org/dev/styleguide.html> No functional changes.
Rename all files in mod_lua to have a lua_ prefix, as things like 'config.h' are way to generic and will often conflict with other include files.
Rename most of the module formally known as mod_wombat to mod_lua conventions, switching apw prefixes for apl.
Rename mod_wombat -> mod_lua. Note that this isn't a complete transformation yet, but it should basically compile and load as mod_lua.
text... wonderful editable text
Merge mod_wombat from the wombat branch: <https://svn.apache.org/repos/asf/httpd/httpd/branches/wombat-integration> Into trunk.
Finish removing dependecy on apreq
Use ap_args_to_table instead of apreq for GET query params.
Initial import of mod_wombat to the modules directory.
c89 support: convert all c++ style // comments to c89 /* */ style. no functional changes.
s,check_request_rec,apw_check_request_rec,g in request.c Noticed by: ApacheCon2008 US presentation
reformat to avoid line breaks
slighty more clear debug logging
a couple docs
flag unimplemented apr_table_t dispatch
r:add_output_filter(..) is back
new request dispatch in and tests pass again!
still broken, but getting way better!
changing how dispatch works to be far less sucky, tests fail at the moment, but I am checking in anyway as I don't want to lose work
add r:document_root() to allow querying the document root
patch from DarkGod to expose hostname and subprocess_env
Clean up some of the APR mappings
Fix a case of int being used in place of size_t ... wonder if it should be osmehting like apr_size_t ?
Patch from Matthew Burke to provide an r:write(String) method which writes raw bytes to the output
Patch from Brian Akins: Adds ability to get to r.connection and r.server
Patch from Brian Akins - use hooks for: -- wombat_open - called by create_vm -- wombat_request - called instead of apw_request_push - added apr_lua.c and .h - only handles tables for now. Can be extended to do more in future.
Newlines at ends of files to satisfy cranky compilers
Server scope lua_State caching :-)
Undo some extra string copying
- fixed segfault in req_log_at - removed log messages
Maybe fix the memory dealloc error by duping things some more. Argh
Strange segfault issue where cleaning the lua state up at the request memory pool cleanup point was segfaulting. Changed the log messages to copy the strings obtained from lua rather than printing them directly, segfaults went away. Not sure *why* this fixed it.
- fixed race condition in caching code - hooks.lua does no longer depend on fs layout - alias munging happens after all translate_name hooks - made uri writable - log messages
Starting on hooks, did basics for translate name Need to bef up error handling for non handler thngs
Starting to muck with output filters
Change license header
Expose request_rec fields
A way to get nice table-like access to request_rec fields
Playing performance gamest
In-memory cache, not safe yet
Add convenience aliasing directive Allow r.status = $code to set http response status
This form allows you to request diffs between any two revisions of this file. For each of the two "sides" of the diff, enter a numeric revision.
| infrastructure at apache.org | ViewVC Help |
| Powered by ViewVC 1.1.26 |