Stefan Eissing [Tue, 2 Mar 2021 14:21:18 +0000 (14:21 +0000)]
Adding more ap_ssl_* functions and hooks to the core server.
- ap_ssl_add_cert_files() to enable other modules like mod_md to provide
certificate and keys for an SSL module like mod_ssl.
- ap_ssl_add_fallback_cert_files() to enable other modules like mod_md to
provide a fallback certificate in case no 'proper' certificate is
available for an SSL module like mod_ssl.
- ap_ssl_answer_challenge() to enable other modules like mod_md to
provide a certificate as used in the RFC 8555 'tls-alpn-01' challenge
for the ACME protocol for an SSL module like mod_ssl.
- Hooks for 'ssl_add_cert_files', 'ssl_add_fallback_cert_files' and
'ssl_answer_challenge' where modules like mod_md can provide providers
to the above mentioned functions.
Add an exemple.
Synch with 2.4.x (syntax highlight) + secret introduced in 2.4.42.
Small doc rearrangement so that the "Beyond this list of basic attributes" is actually after the description of all items.
Joe Orton [Thu, 25 Feb 2021 09:11:57 +0000 (09:11 +0000)]
Enable mod_cgid stderr handling via Unix socket fd transfer by
default, rather than as an opt-in configure flag. (This has been
tested in Fedora for >12 months without seeing any new problems)
* configure.in: Check for CMSG_DATA here, and define HAVE_FDPASSING
and $ap_has_fdpassing if fd passing is supported.
* modules/generator/config5.m4,
modules/generator/mod_cgid.c: Drop configure flag for mod_cgid
fdpassing support, instead enable where possible by default.
* modules/proxy/config.m4: Rely on configure test for CMSG_DATA.
* .travis.yml: Switch test for cgid fdpassing for testing w/o
CMSG_DATA.
Stefan Eissing [Tue, 23 Feb 2021 15:08:24 +0000 (15:08 +0000)]
*) core: Adding SSL related inquiry functions to the server API.
These function are always available, even when no module providing
SSL is loaded. They provide their own "shadowing" implementation for
the optional functions of similar name that mod_ssl and impersonators
of mod_ssl provide.
This enables loading of several SSL providing modules when all but
one of them registers itself into the new hooks. Two old-style SSL
modules will not work, as they replace the others optional functions
with their own.
Modules using the old-style optional functions will continue to work
as core supplies its own versions of those.
The following has been added so far:
- ap_ssl_conn_is_ssl() to query if a connection is using SSL.
- ap_ssl_var_lookup() to query SSL related variables for a
server/connection/request.
- Hooks for 'ssl_conn_is_ssl' and 'ssl_var_lookup' where modules
providing SSL can install their own value supplying functions.
Stefan Eissing [Mon, 22 Feb 2021 14:11:09 +0000 (14:11 +0000)]
mod_htt2, synch with changes from github module version:
- logio: improvements to reporting of sent bytes for http2 responses
- directive H2OutputBuffering, controls if any output should be sent immediately.
Yann Ylavic [Sat, 6 Feb 2021 12:17:40 +0000 (12:17 +0000)]
mod_http2: Fix workers synchronization on pchild cleanup.
When the MPM child exits and pre-workers_pool_cleanup() is called, all the
workers are are necessarily in their idle critical section, thus aborting slots
in the ->idle list only may leave worker threads alive, later blocked in the
idle critical section with no one to wake them.
Instead of the per-slot ->aborted flag, workers_pool_cleanup() will now set
workers->aborted "globally" such that slot_run() does not wait to be woken up
from idle in this case, and all workers really exit.
Also, for workers_pool_cleanup() to wait for all the workers to reach the
->zombies list before returning, a new ->all_done condition variable is armed
when the last thread exits. Since this depends on the atomic ->worker_count to
reach zero, for accuracy the increment in activate_slot() is moved before the
thread startup.
* modules/http2/h2_workers.h (struct h2_workers): volatilize ->aborted and
add the ->all_done condition variable.
* modules/http2/h2_workers.c (push_slot, pop_slot): volatilize the h2_slot*
being cas-ed.
* modules/http2/h2_workers.c (cleanup_zombies): rename to join_zombies(), and
move ->worker_count atomic inc to slot_done().
* modules/http2/h2_workers.c (get_next): when workers->aborted, leave and don't
wait for ->not_idle. Return an int/bool since it's gotten / not gotten.
* modules/http2/h2_workers.c (slot_done): signal ->all_done when the last
worker and the MPM child are exiting.
* modules/http2/h2_workers.c (slot_run): rework the loops now that get_next()
is the stop signal.
* modules/http2/h2_workers.c (workers_pool_cleanup): wait for ->all_done when
needed, and remove the !workers->aborted condition since the cleanup will
only be called once.
* modules/http2/h2_workers.c (activate_slot): move ->worker_count atomic inc
before the thread creation and handle failure rollback.
Yann Ylavic [Wed, 3 Feb 2021 11:29:10 +0000 (11:29 +0000)]
mod_proxy_http: follow up to r1886141, axe overlong scheme check.
Since mod_proxy can see CONNECT URIs, "hostname:port" versus "scheme:"
is hardly distinguishable (we don't want to limit the length of hostnames),
and we don't allocate the scheme anymore while parsing, let's simply decline
unrecognized schemes (overlong or not) and be caught by the no-handler case
if there really is no proxy handler interested.
Ruediger Pluem [Tue, 2 Feb 2021 19:50:14 +0000 (19:50 +0000)]
* We need to check for (!scheme && (u = strchr(url, ':')) && (u - url) > 14)
later as (!scheme || u[0] != '/' || u[1] != '/' || u[2] == '\0') is true
for requests with the CONNECT method which we need to decline. But in many
cases requests with the CONNECT method have (u - url) > 14 as in this
case (u - url) is the length of the FQDN the forward proxy should connect
to.
Joe Orton [Fri, 29 Jan 2021 12:42:56 +0000 (12:42 +0000)]
Update Travis LDAP testing to use a CentOS based container, pulled
from quay.io, to avoid the new Docker hub pull rate-limiting which
is causing intermittent failures.
Ruediger Pluem [Wed, 27 Jan 2021 08:08:56 +0000 (08:08 +0000)]
Before doing any bind check that the provided username is not NULL and that the
password is neither NULL nor empty.
Binds with empty passwords always succeed, but in case the password of the
user was not empty subsequent LDAP operations fail.
This causes authentications that use user supplied credentials
(AuthLDAPInitialBindAsUser set to on) to fail with status code 500 instead of
401 if the user supplied an empty password.
Add some missing hyper links to directives.
Remove some <var> in <syntax> to be more consistant with the rest of the doc.
Remove a duplicated traling ".".
Yann Ylavic [Tue, 19 Jan 2021 14:16:44 +0000 (14:16 +0000)]
mod_proxy_hcheck: don't pile up health checks. PR 63010.
Prevent health checks from running for a worker until the last one is fully
finished, to avoid making things worse (memory growth, #connections, ..).
This is done by zeroing worker->s->updated before scheduling the worker in the
threadpool, and resetting the time when it's finished. The scheduler then does
nothing if worker->s->updated is zero.
Also, to save some apr_time_now() calls when !HC_USE_THREADS, *baton->now is
updated in the callback and reused by the scheduler.
Yann Ylavic [Thu, 7 Jan 2021 13:19:08 +0000 (13:19 +0000)]
mod_proxy_wstunnel: leave Upgrade requests handling to mod_proxy_http.
Let mod_proxy_http's canon and scheme handlers accept "ws[s]:" schemes so that
mod_proxy_wstunnel can decline requests when mod_proxy_http is loaded.
* modules/proxy/{mod_proxy.h,proxy_util.c} (ap_proxy_worker_can_upgrade):
Add a "dflt" argument to ap_proxy_worker_can_upgrade() which, if not NULL,
is matched when no worker upgrade= parameter is configured. This allows to
handle the default "Upgrade: websocket" case for "ws[s]:" schemes.
* modules/proxy/mod_proxy_http.c (proxy_http_canon, proxy_http_handler):
Add and use the new get_url_scheme() helper to parse URL schemes handled by
mod_proxy_http and use it in canon and scheme handlers. This helper now
accepts ws[s] schemes.
* modules/proxy/mod_proxy_wstunnel.c (proxy_wstunnel_post_config):
New post_config hook to detect whether mod_proxy_http is loaded and set
global fallback_to_mod_proxy_http flag in this case.
* modules/proxy/mod_proxy_wstunnel.c (proxy_wstunnel_check_trans,
proxy_wstunnel_canon,
proxy_wstunnel_handler):
These hooks now early return DECLINED if fallback_to_mod_proxy_http is set.
While at it, removes the "based on the value of" because, it is not really based on the value of the environment variable, but on its existence or not.
Joe Orton [Thu, 17 Dec 2020 12:44:41 +0000 (12:44 +0000)]
Treat non-leaf certificates present in SSLProxyMachineCertificateFile
the same was as non-leaf certs are in SSLCertificateFile - use them to
build the trusted cert chain for the end-entity (client) cert.
* modules/ssl/ssl_engine_init.c (ssl_init_proxy_certs):
For any non-leaf certificate present in the configured, trust as
if used in SSLProxyMachineCertificateChainFile.
Joe Orton [Thu, 17 Dec 2020 09:27:08 +0000 (09:27 +0000)]
Add job using APR thread debugging, switching to the pthreads
error-checking mutex as the default type. This results in
errors rather than undefined behaviour when double-locking
a mutex.
This mimetypes contains 'xml', but is unfortunately not an xml file.
xml2enc processes these files (in particular, when mod_proxy_html is
used), typically resulting in them being corrupted as it seems to
attempt to perform a ISO-8859-1 to UTF-8 conversion on them.
* modules/filters/mod_xml2enc.c (xml2enc_ffunc): Restrict test for XML
types to matching "+xml".
Yann Ylavic [Tue, 8 Dec 2020 14:06:16 +0000 (14:06 +0000)]
Fix misleading crypt vs hash terminology in ht* and dbmmanage tools.
What the htpasswd, htdbm and dbmmanage tools do is hashing passwords, not
encrypting them, so fix the terminology in manpages, docs, --help, comments
and function names.
Yann Ylavic [Sun, 6 Dec 2020 23:13:38 +0000 (23:13 +0000)]
mod_proxy_http2: stop/wait the workers threads before their pool is killed.
There shouldn't be any worker thread active when pchild is destroyed (thus each
thread's pool), so register workers_pool_cleanup as a pre_cleanup of pchild.
This is to avoid races like the below stacktrace, where slot_run() threads
are still running when clean_child_exit() is called.
Thread 23 (Thread 0x7f4865b79800 (LWP 3740)):
#0 0x00007f4864dec449 in pthread_cond_destroy@@GLIBC_2.3.2 () from /lib/x86_64-linux-gnu/libpthread.so.0
#1 0x00007f4865020117 in run_cleanups (cref=<optimized out>) at memory/unix/apr_pools.c:2629
#2 pool_clear_debug (pool=pool@entry=0x558a5297e4a0, file_line=0x558a5237456b "event.c:757") at memory/unix/apr_pools.c:1830
#3 0x00007f486501ffee in pool_destroy_debug (pool=0x558a5297e4a0, file_line=<optimized out>) at memory/unix/apr_pools.c:1915
#4 0x00007f48650200f0 in pool_clear_debug (pool=pool@entry=0x558a52a41070, file_line=0x558a5237456b "event.c:757") at memory/unix/apr_pools.c:1827
#5 0x00007f486501ffee in pool_destroy_debug (pool=0x558a52a41070, file_line=<optimized out>) at memory/unix/apr_pools.c:1915
#6 0x00007f486502085c in apr_pool_destroy_debug (pool=<optimized out>, file_line=<optimized out>) at memory/unix/apr_pools.c:1957
#7 0x0000558a52326cfc in clean_child_exit (code=0) at event.c:757
#8 0x0000558a52327969 in child_main (child_num_arg=child_num_arg@entry=1, child_bucket=child_bucket@entry=0) at event.c:2926
#9 0x0000558a52327ce5 in make_child (s=0x558a52c9f840, slot=slot@entry=1, bucket=0) at event.c:2992
#10 0x0000558a52327d4c in startup_children (number_to_start=2, number_to_start@entry=3) at event.c:3015
#11 0x0000558a523289ac in event_run (_pconf=<optimized out>, plog=0x558a5273ce00, s=0x558a52c9f840) at event.c:3374
#12 0x0000558a5233e91e in ap_run_mpm (pconf=0x558a5270cbe0, plog=0x558a5273ce00, s=0x558a52c9f840) at mpm_common.c:100
#13 0x0000558a5231b763 in main (argc=<optimized out>, argv=<optimized out>) at main.c:844
Thread 2 (Thread 0x7f4840b70700 (LWP 3836)):
#0 0x00007f4864dec9f3 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib/x86_64-linux-gnu/libpthread.so.0
#1 0x00007f486501f65d in apr_thread_cond_wait (cond=<optimized out>, mutex=<optimized out>) at locks/unix/thread_cond.c:68
#2 0x00007f484e14ae4a in get_next (slot=0x558a528d5fe0) at h2_workers.c:209
#3 slot_run (thread=0x558a52828b30, wctx=0x558a528d5fe0) at h2_workers.c:228
#4 0x00007f4864de66db in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
#5 0x00007f4864b0f88f in clone () from /lib/x86_64-linux-gnu/libc.so.6
Thread 1 (Thread 0x7f4841b72700 (LWP 3834)):
#0 0x00007f4864a2ce97 in raise () from /lib/x86_64-linux-gnu/libc.so.6
#1 0x00007f4864a2e801 in abort () from /lib/x86_64-linux-gnu/libc.so.6
#2 0x00007f4865020865 in apr_pool_destroy_debug (pool=<optimized out>, file_line=<optimized out>) at memory/unix/apr_pools.c:1955
#3 0x00007f486502b536 in apr_thread_exit (thd=thd@entry=0x558a52ba8980, retval=retval@entry=0) at threadproc/unix/thread.c:206
#4 0x00007f484e14aec6 in slot_run (thread=0x558a52ba8980, wctx=0x558a528d6060) at h2_workers.c:248
#5 0x00007f4864de66db in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
#6 0x00007f4864b0f88f in clone () from /lib/x86_64-linux-gnu/libc.so.6
projects / thirdparty / apache / httpd.git / log
