'interpolate' is a keyword, not a user-defined string.
So it should not be in <var></var> in <syntax> and <code> should be used instead of <var> in explanations.
While at it, fix some other style issues and missing links spotted here and there.
Yann Ylavic [Mon, 7 Mar 2022 14:48:54 +0000 (14:48 +0000)]
core: Make sure and check that LimitXMLRequestBody fits in system memory.
LimitXMLRequestBody can not exceed the size needed to ap_escape_html2() the
body without failing to allocate memory, so enforce this at load time based
on APR_SIZE_MAX, and make sure that ap_escape_html2() is within the bounds.
Document the limits for LimitXMLRequestBody in our docs.
*) dbm: Split the loading of a dbm driver from the opening of a dbm file. When
an attempt to load a dbm driver fails, log clearly which driver triggered
the error (not "default"), and what the error was.
Stefan Eissing [Thu, 3 Mar 2022 09:31:51 +0000 (09:31 +0000)]
Merge of r1898127 from trunk:
*) mod_proxy: Use the maxium of front end and backend timeouts instead of the
minimum when tunneling requests (websockets, CONNECT requests).
Backend timeouts can be configured more selectively (per worker if needed)
as front end timeouts and typically the backend timeouts reflect the
application requirements better. PR 65886
Yann Ylavic [Mon, 28 Feb 2022 11:56:43 +0000 (11:56 +0000)]
ap_regex: Use Thread Local Storage (if efficient) to avoid allocations.
PCRE2 wants an opaque context by providing the API to allocate and free it, so
to minimize these calls we maintain one opaque context per thread (in Thread
Local Storage, TLS) grown as needed, and while at it we do the same for PCRE1
ints vectors. Note that this requires a fast TLS mechanism to be worth it,
which is the case of apr_thread_data_get/set() from/to apr_thread_current()
when APR_HAS_THREAD_LOCAL; otherwise we'll do the allocation and freeing for
each ap_regexec().
The small stack vector is used for PCRE1 && !APR_HAS_THREAD_LOCAL only now.
Follow up to r1897240: APR_HAS_THREAD_LOCAL wants #ifdef instead of #if.
Follow up to r1897240: CHANGES entry.
ap_regex: PCRE needs buffers sized against the number of captures only.
No more (useless), no less (or PCRE will allocate a new buffer by itself to
satisfy the needs), so we should base our buffer size solely on the number
of captures in the regex (determined at compile time from the pattern).
The nmatch provided by the user is used to fill in pmatch only (up to that),
but "our" buffers are sized exactly as needed to avoid oversized allocations
or PCRE allocating by itself.
ap_regex: Follow up to r1897244: Fix pmatch overflow and returned value at limits.
Don't write to pmatch[nlimit:] when ncaps > nmatch, rc should not exceed nmatch
either as before r1897244.
ap_regex: Follow up to r1897240: Fix issues spotted by RĂ¼diger (thanks!).
#include "apr_thread_proc.h" is enough/needed by util_pcre.c and main.c.
Fix compilation (vector => ovector) for !HAVE_PCRE2 && APR_HAS_THREAD_LOCAL.
Check pcre2_match_data_create() return value for HAVE_PCRE2 && !APR_HAS_THREAD_LOCAL.
ap_regex: Follow up to r1897240: runtime fallback to alloc/free.
Even though APR_HAS_THREAD_LOCAL is compiled in, ap_regexec() might still be
called by non a apr_thread_t thread, let's fall back to alloc/free in this
case too.
ap_regex: Follow up to r1897240: no ap_thread_current() yet.
ap_regex: Follow up to r1897240: cleanups.
ap_regex: Follow up to r1897240: cleanup PCRE2 match data on exit.
ap_regex: Follow up to r1897240: #if APR_HAS_THREAD_LOCAL, not #ifdef.
core: Efficient ap_thread_current() with APR < 1.8.
#define ap_thread_create, ap_thread_current_create and ap_thread_current to
their apr-1.8+ equivalent if available, or implement them using the compiler's
thread_local mechanism if available, or finally provide stubs otherwise.
#define AP_HAS_THREAD_LOCAL to 1 in the two former case or 0 otherwise, while
AP_THREAD_LOCAL is defined to the compiler's keyword iff AP_HAS_THREAD_LOCAL.
Replace all apr_thread_create() calls with ap_thread_create() so that httpd
threads can use ap_thread_current()'s pool data as Thread Local Storage.
Bump MMN minor.
* include/httpd.h():
Define AP_HAS_THREAD_LOCAL, AP_THREAD_LOCAL (eventually), ap_thread_create(),
ap_thread_current_create() and ap_thread_current().
* server/util.c:
Implement ap_thread_create(), ap_thread_current_create() and
ap_thread_current() when APR < 1.8.
* modules/core/mod_watchdog.c, modules/http2/h2_workers.c,
modules/ssl/mod_ssl_ct.c:
Use ap_thread_create() instead of apr_thread_create.
* server/main.c:
Use AP_HAS_THREAD_LOCAL and ap_thread_current_create instead of APR's.
* server/util_pcre.c:
Use AP_HAS_THREAD_LOCAL and ap_thread_current instead of APR's.
* server/mpm/event/event.c, server/mpm/worker/worker.c,
server/mpm/prefork/prefork.c:
Use ap_thread_create() instead of apr_thread_create.
Create an apr_thread_t/ap_thread_current() for the main chaild thread usable
at child_init().
* server/mpm/winnt/child.c:
Use ap_thread_create() instead of CreateThread().
Create an apr_thread_t/ap_thread_current() for the main chaild thread usable
Follow up to r1897460: APLOGNOs.
Follow up to r1897460: !APR_HAS_THREAD implies no ap_thread_* either.
core: Follow up to r1897460: Implement and use ap_thread_current_after_fork().
thread_local variables are not (always?) reset on fork(), so we need a way
to set the current_thread to NULL in the child process.
Implement and use ap_thread_current_after_fork() for that.
* server/mpm/event/event.c, server/mpm/prefork/prefork.c,
server/mpm/worker/worker.c:
Use ap_thread_current_after_fork().
* server/mpm/winnt/child.c:
Windows processes are not fork()ed and each child runs the main(), so
ap_thread_current_create() was already called there.
core: Follow up to r1897460: Provide ap_thread_main_create().
Replace ap_thread_current_create() by ap_thread_main_create() which is how
it's used by httpd. The former is now a local helper only to implement the
latter.
This allows to consolidate/factorize common code in the main() of httpd and
the unix MPMs.
ap_regex: Follow up to r1897240: Fetch the ovector _after_ the match.
Possibly(?) pcre2_match() can modifiy the given pcre2_match_data and invalidate
the old ovector, be safe and fetch it after.
main: Follow up to r1897240: Fix bad log copypasta.
Don't stderr printf the "stat" and "failed" results from the previous
apr_app_initialize() call for an error in ap_thread_main_create().
core: Follow up to r1897240: Opt-out for AP_HAS_THREAD_LOCAL and/or pcre's usage.
If the compiler's thread_local is not efficient enough on some platforms, or
not desired, have a way to disable its usage in httpd (at compile time).
Handle -DAP_NO_THREAD_LOCAL and/or -DAPREG_NO_THREAD_LOCAL as build opt-out for
thread_local usage in httpd gobally and/or in ap_regex only (respectively).
core: Follow up to r1897240: Provide/export ap_thread_current_create()
For completness, and possibly to ease backport to 2.4.x for MPM winnt.
core: Follow up to r1897240 & r1897691: Syntax.
Add compiled and loaded PCRE version numbers
to "httpd -V" output and to mod_info page.
PCRE 8.45 from May '21 is at end-of-life and will not receive security
vulnerability attention. pcre2-10.x replaces this and has been updated
(as of this time) as recently as Oct '21.
This patch removes the needless assignment of re_erroffset in the conf pool
by the worker threads; such mistakes break the shared copy-on-write pages of
memory that should have remained common between all httpd worker processes.
Two de-optimizations are inherent in this patch, the former ovector-on-stack
opportunity is lost. This is by design of pcre2, more serious exploits were
available with stack array underrun/overrun manipulation. Heap for all pcre
array processing is the recommendation of the implementor, enforced by API.
Safer that we either create a new general context using pool allocation
in heap (requires thread-pool args we don't have in our api), or recycle
a per-req, per-pool, TLS match_data buffer on heap of some arbitrary 10 elts
or so, for these most common cases. Since this can't be done portably in C89
we may revisit this optimization in post-2.4 releases.
This logic refuses to consider --without-pcre, which is nonsequitor.
Merge r1897325, r1897326, r1897329, r1898255 from trunk
APR and APU must be at least 1.3 to be able to configure and build httpd 2.4.x.
So remove some osbolete #if in the source code.
- mod_socache_memcache
- mod_authn_dbd
- mod_log_config
- mod_proxy_ftp and proxy-util
Merge r1881379, r1892422, r1893011, r1897270, r1897271 from trunk
Easy patches: synch 2.4.x and trunk
- mod_ssl: Fix a few warnings on 64 bits windows compilation
- ap_escape_quotes(): Remove unneeded checks to improve performance
- test/time-sem.c: unlock the accept mutex before exiting (error conditions)
- mod_ext_filter: Fix a spurious -1 used as a APR_SIZE_T_FMT in an error message
- mod_sed: fix some format string (s/lld/APR_INT64_T_FMT/)
*) Add the ldap function to the expression API, allowing LDAP filters and
distinguished names based on expressions to be escaped correctly to
guard against LDAP injection.
projects / thirdparty / apache / httpd.git / log
