Yann Ylavic [Wed, 29 Dec 2021 13:12:44 +0000 (13:12 +0000)]
mpm_event: Fix a possible listener deadlock. PR 65769.
When the listener starts accepting more connections than the number of workers
already started (due to scheduling), the listening sockets gets disabled (per
AH03269) but nothing was re-enabling them before the end of the connections,
despite the creation of more idle/available workers in the meantime.
In the wost case there is no idle worker when the listener accepts the first
connection thus nothing to wake up the listener blocked in poll() with no
socket, hence a deadlock.
Fix this by waking up the listener when a worker becomes idle and this unblocks
connections_above_limit(). This is also worthwhile when all the workers are
started (fully initialized runtime) since the number of idle workers is a
condition for connections_above_limit() anyway so the sooner the listeners are
re-enabled the better (the other condition is the number of connections which
is unblocked appropriately by decrement_connection_count() already).
Also when a child exists with ps->quiescing == 1 and it's caught by
server_main_loop() before perform_idle_server_maintenance(), active_daemons was
not decrement as needed (including accross restarts), leading to an invalid
active_daemons accounting.
* server/mpm/event/event.c(should_enable_listensocks):
New helper that returns whether listenning sockets can be poll()ed again.
* server/mpm/event/event.c(decrement_connection_count, listener_thread):
Use should_enable_listensocks() where previously open-coded.
* server/mpm/event/event.c(worker_thread):
Wake up the listener when is_idle => 1 and should_enable_listensocks().
Have a single point of exit when workers_may_exit to make sure that the
wake always occurs (even when exiting).
* server/mpm/event/event.c(server_main_loop):
Decrement active_daemons not only when !ps->quiescing but also when
ps->quiescing == 1, i.e. all the cases not handled by
perform_idle_server_maintenance() already.
Yann Ylavic [Tue, 21 Dec 2021 18:42:30 +0000 (18:42 +0000)]
mod_proxy: Bump max worker name to 384 chars.
The worker name is a fully qualified URI while the hostname's limit is 256
already, so potentially more than 256 are needed to store the name. Let's
use 384.
Stefan Eissing [Wed, 15 Dec 2021 16:39:38 +0000 (16:39 +0000)]
*) test: added first mod_proxy tests in test/modules/proxy that
check some variations on forward, reverse and mixed vhosts
and also using a unix: domain socket backend.
Joe Orton [Wed, 15 Dec 2021 11:37:53 +0000 (11:37 +0000)]
Add Travis job against OpenSSL 3 with -Werror but with deprecation
warnings disabled.
Be careful to remove the previous OpenSSL install prefix is rebuilding.
Yann Ylavic [Wed, 15 Dec 2021 11:35:36 +0000 (11:35 +0000)]
mod_proxy: follow up to r1895921: Don't prevent forwarding URIs w/ no hostname.
r1895921 changed proxy_detect() to disable forward proxying for URIs with no
hostname which is wrong, there might exist a third-party proxy module handling
the "urn:" scheme for instance (thanks Roy for the catch!).
For this to work, we also need to leave the forward proxied URI alone in
ap_proxy_pre_request() with no UDS special case or alike, a proxy module can
then catch (or not) the original URI as expected.
Yann Ylavic [Mon, 13 Dec 2021 18:55:18 +0000 (18:55 +0000)]
http: Enforce that fully qualified uri-paths not to be forward-proxied
have an http(s) scheme, and that the ones to be forward proxied have a
hostname, per HTTP specifications.
The early checks avoid failing the request later on and thus save cycles
for those invalid cases.
Joe Orton [Fri, 10 Dec 2021 14:50:19 +0000 (14:50 +0000)]
* modules/ssl/ssl_engine_io.c (bio_filter_in_ctrl): Remove debugging
assert for unexpected control commands, matching bio_filter_out_ctrl
which also ignores such invocations. Fixes core dumps in debug
builds with OpenSSL 3.0.0 which triggers this via the
BIO_get_ktls_recv() call on the SSL bio, aka
BIO_ctrl(b, BIO_CTRL_GET_KTLS_RECV, ...);
Stefan Eissing [Thu, 9 Dec 2021 14:15:19 +0000 (14:15 +0000)]
* When reaching server limits, such as MaxRequestsPerChild, the HTTP/2 connection
send a GOAWAY frame much too early on new connections, leading to invalid
protocol state and a client failing the request. See PR65731 at
<https://bz.apache.org/bugzilla/show_bug.cgi?id=65731>.
The module now initializes the HTTP/2 protocol correctly and allows the
client to submit one request before the shutdown via a GOAWAY frame
is being announced.
No changes-entries, since this fix is proposed for backport on the 1.15.x
module codebase in 2.4.x in a separate PR.
Ruediger Pluem [Thu, 9 Dec 2021 08:38:30 +0000 (08:38 +0000)]
* Correctly sent a 100 Continue status code when sending an interim
response as result of an Expect: 100-Continue in the request and not the
current status code of the request.
Ruediger Pluem [Thu, 9 Dec 2021 07:40:25 +0000 (07:40 +0000)]
* Do not change the status code after we already sent it to the client.
Changing the status code after we sent it to the client causes a status
code being logged that is different from the one sent to the client which
can be confusing.
Joe Orton [Tue, 7 Dec 2021 16:02:21 +0000 (16:02 +0000)]
As in r1877467 for mod_ssl, for OpenSSL 1.1.1+ require that OpenSSL is
configured with a suitable entropy source and don't try to seed it
from getpid etc.
* support/ab.c (main): Check RAND_status().
(ssl_rand_seed, ssl_rand_choosenum): Drop for OpenSSL 1.1.1+.
Yann Ylavic [Mon, 6 Dec 2021 17:12:28 +0000 (17:12 +0000)]
mpm_event: Follow up to r1895553.
We can still kill processes above MaxSpareThreads at every maintenance cycle
unless there is not enough headromm in the scoreboard for a graceful restart.
Stefan Eissing [Mon, 6 Dec 2021 10:34:27 +0000 (10:34 +0000)]
*) mod_http2: fixed a bug in v2.0.0 that could lead to an infinite
loop when clients close connections prematurely.
Enhanced the scoreboard status updates on h2 connections for
mod_status. 'server-status' now gives a better idea what the
connection is working on.
Joe Orton [Fri, 3 Dec 2021 16:40:18 +0000 (16:40 +0000)]
* support/ab.c (main): Check apr_getopt() returned APR_EOF, fixing clang
warning:
support/ab.c:2343:13: warning[deadcode.DeadStores]: Although the value stored to 'status' is used in the enclosing expression, the value is never actually read from 'status'
Joe Orton [Fri, 3 Dec 2021 13:07:42 +0000 (13:07 +0000)]
* modules/filters/mod_deflate.c (deflate_in_filter): Handle FLUSH in
the input brigade even if done inflating (ctx->done is true), but
don't try to flush the inflate stream in that case. (Caught by
Coverity)
Yann Ylavic [Fri, 3 Dec 2021 12:59:02 +0000 (12:59 +0000)]
mpm_event: Retain active_daemons instead of resetting it on restart.
Since active_daemons is tracked by perform_idle_server_maintenance() and
decremented when a child gets quiescing or exits, clearing it on restart
is actually an off by -total_daemons (of the old gen) after the first calls
to perform_idle_server_maintenance().
Let perform_idle_server_maintenance() be the only one to update active_daemons
by putting it in the retained struct to keep track accross restarts.
Stefan Eissing [Tue, 30 Nov 2021 16:29:20 +0000 (16:29 +0000)]
*) mod_tls: added mod_tls from abetterinternet, donated
by ISRG/Prossimo <https://github.com/abetterinternet/mod_tls>.
- adds font-/backend TLS (v1.2/v1.3) via the Rust rustls crate
and its rustls-ffi C binding <https://github.com/rustls/rustls-ffi>.
- documentation at <https://github.com/abetterinternet/mod_tls>
(adding to Apache's manual TBD)
- build support for Apache httpd configure on *nix platforms,
rustls is linked statically into mod_tls.
Yann Ylavic [Thu, 25 Nov 2021 15:57:21 +0000 (15:57 +0000)]
mod_http2: fix logic for non-proxy Server and Date response headers.
First error was in r1890564 where the test for !PROXYREQ_NONE was replaced by
PROXYREQ_RESPONSE (which is never the case besides the fake proxy origin
request) so a mod_h2 PR tried to fix that but the logic is now incorrect.
Let's finally use the same logic as ap_basic_http_header().
Stefan Eissing [Wed, 24 Nov 2021 10:13:42 +0000 (10:13 +0000)]
*) mod_md: values for External Account Binding (EAB) can
now also be configured to be read from a separate JSON
file. This allows to keep server configuration permissions
world readable without exposing secrets.
Stefan Eissing [Wed, 10 Nov 2021 15:54:27 +0000 (15:54 +0000)]
* testsuite: possible now to issue client certificates and the chain file for them
* testsuite: handling of cert+key in same file improved
* testsuite: using 'stop' configuration to terminate server in case test cases
leave borked test configs lying around.
projects / thirdparty / apache / httpd.git / log
