Eric Covener [Fri, 27 Sep 2024 13:11:05 +0000 (13:11 +0000)]
*) mod_rewrite: Improve safe question mark detection
Trunk version of patch:
https://svn.apache.org/r1920566
Backport version for 2.4.x of patch:
Trunk version of patch works
svn merge -c 1920566 ^/httpd/httpd/trunk .
+1: rpluem, covener, jorton
Eric Covener [Fri, 27 Sep 2024 13:08:17 +0000 (13:08 +0000)]
*) Windows: Make UNCList EXEC_ON_READ to be early enough for
`Include //computername/include.conf`. PR69313
Trunk version of patch:
https://svn.apache.org/r1920564
Backport version for 2.4.x of patch:
svn merge -c r1920564 ^/httpd/httpd/trunk .
+1 covener, rpluem, steffenal
Eric Covener [Fri, 27 Sep 2024 13:06:46 +0000 (13:06 +0000)]
Merge r1919532, r1919533 from trunk:
*) mod_proxy: Avoid AH01059 parsing error for SetHandler "unix:" URLs
in <Location> (incomplete fix in 2.4.62). PR 69160.
When SetHandler "unix:..." is used in a <Location "/path"> block, the path
gets appended (including $DOCUMENT_ROOT somehow) to r->filename hence the
current checks in fixup_uds_filename() to add "localhost" when missing don't
work. Fix them.
mod_proxy: Allow for empty UDS URL hostname in ProxyPass workers too.
Using "unix:/udspath|scheme:" or "unix:/udspath|scheme://" for a ProxyPass URL
does not work currently, while it works for SetHandler "proxy:unix:...".
*) mod_md: update to version 2.4.28
- When the server starts, it looks for new, staged certificates to
activate. If the staged set of files in 'md/staging/<domain>' is messed
up, this could prevent further renewals to happen. Now, when the staging
set is present, but could not be activated due to an error, purge the
whole directory. [icing]
- Fix certificate retrieval on ACME renewal to not require a 'Location:'
header returned by the ACME CA. This was the way it was done in ACME
before it became an IETF standard. Let's Encrypt still supports this,
but other CAs do not. [icing]
- Restore compatibility with OpenSSL < 1.1. [ylavic]
Stefan Eissing [Tue, 17 Sep 2024 11:17:23 +0000 (11:17 +0000)]
Merged /httpd/httpd/trunk:r1920744
*) mod_tls: removed the experimental module. It now is availble standalone
from https://github.com/icing/mod_tls. The rustls provided API is not
stable and does not align with the httpd release cycle.
Joe Orton [Tue, 20 Aug 2024 08:33:00 +0000 (08:33 +0000)]
Merge r1866894 from trunk:
* modules/mappers/mod_rewrite.c: Enhance trace-level logging to log
line numbers accurately for C99 compilers, and remove odd/awkward
double-parentheses using the rewritelog() macro. For non-C99
compilers do_rewritelog() will now be defined - but as a noop - if
REWRITELOG_DISABLED is defined at compile time.
No functional change at runtime apart from the line numbers being
fixed.
*) mod_http2: sync with module's github.
- on newer HTTPD versions, return connection monitoring
to the event MPM when block on client updates.
2.4.x versions still treat connections in the event
MPM as KeepAlive and purge them on load in the middle
of response processing.
- spelling fixes
- support for yield calls in c2 "network" filter
mpm_event,core: Handle async POLLIN/POLLOUT in CONN_STATE_PROCESS state.
* include/httpd.h:
Rename CONN_STATE_CHECK_REQUEST_LINE_READABLE to CONN_STATE_KEEPALIVE
and CONN_STATE_READ_REQUEST_LINE to CONN_STATE_PROCESS, keeping the
old enums as aliases. Rework comments about each state.
* server/mpm/event/event.c:
Use the new states names.
Let the process_connection hooks return CONN_STATE_PROCESS for mpm_event
to POLLIN or POLLOUT depending on c->cs->sense being CONN_SENSE_WANT_READ
or CONN_SENSE_WANT_WRITE respectively.
Remove (ab)use of CONN_STATE_WRITE_COMPLETION with CONN_SENSE_WANT_READ to
mean poll() for read (and the need for the obscure c->clogging_input_filters
to make it work as expected). This is what CONN_STATE_PROCESS is for now.
Update the comment about the states that can be returned by process_connection
hooks (and their usage).
Use the same queue (process_q renamed from write_completion_q) for polling
connections in both CONN_STATE_PROCESS and CONN_STATE_WRITE_COMPLETION
states since they both use the same (server_rec's) Timeout. This implies
that both states are accounted as "write-completion" in mod_status for now.
* server/mpm/motorz/motorz.c, server/mpm/simple/simple_io.c, modules/http/http_core.c:
Use the new states names (only).
* include/scoreboard.h:
Change comment about process_score->write_completion to note that the
counter refers to CONN_STATE_PROCESS connections returned to the MPM
too.
* modules/http2/h2_c1.c:
Return the c1 connection with the CONN_STATE_PROCESS state rather than
CONN_STATE_WRITE_COMPLETION when waiting for a window update (i.e. ask
the MPM to poll for read directly). This avoids the transition to
CONN_STATE_KEEPALIVE which could kill the connection under high load.
Github: closes #448
Follow up to r1918022: MMN minor bump and checks for the new conn_state_e aliases' usability.
mpm_event: Don't spam with "Stopping process due to MaxConnectionsPerChild"
When MaxConnectionsPerChild is reached there may be some connections to process
still and the listener should stop writing this at every loop. Logging once
is enough.
mpm_event, mod_status: Separate processing and write completion queues.
As a follow up to r1918022 which handled the new CONN_STATE_PROCESS(ing) and
existing CONN_STATE_WRITE_COMPLETION in the same async queue, let's now have
two separates ones which allows more relevant async accounting in mod_status.
Rename CONN_STATE_PROCESS to CONN_STATE_PROCESSING as it's how it will be
called in mod_status.
* include/ap_mmn.h:
MMN minor bump for process_score->processing counter.
* include/httpd.h:
Rename CONN_STATE_PROCESS to CONN_STATE_PROCESSING.
* server/mpm/event/event.c:
Restore write_completion_q to handle connections in CONN_STATE_WRITE_COMPLETION.
Use processing_q (renamed from process_q) solely for CONN_STATE_PROCESSING.
Update process_score->processing according to the length of processing_q.
* modules/generators/mod_status.c:
Show the value of process_score->processing in the stats.
Follow up to r1918098 (and r1918022): Push missing changes.
mpm_event,mod_http2: Keep compatibility with CONN_STATE_PROCESSING + OK
Before r1918022, returning OK with CONN_STATE_PROCESSING to mpm_event was
handled like/by CONN_STATE_LINGER "to not break old or third-party modules
which might return OK w/o touching the state and expect lingering close,
like with worker or prefork MPMs".
So we need a new return code to be allowed to apply the new POLLIN/POLLOUT
behaviour for CONN_STATE_PROCESSING, thus revive AGAIN as introduced by
Graham some times ago for a nonblocking WIP (moved to a branch/PR since then).
MPM event will advertise its ability to handle CONN_STATE_PROCESSING + AGAIN
with AP_MPMQ_CAN_AGAIN, and mod_http2 can use that to know how to return to
the MPM as expected. When !AP_MPMQ_CAN_AGAIN modules/mod_http2 can still use
CONN_STATE_WRITE_COMPLETION + CONN_SENSE_WANT_READ + c->clogging_input_filters
which will work in mpm_even-2.4.x still.
* include/ap_mmn.h:
Bump MMN minor for AP_MPMQ_CAN_AGAIN and AGAIN.
* include/ap_mpm.h:
Define AP_MPMQ_CAN_AGAIN.
* include/httpd.h:
Define AGAIN.
* modules/http2/h2.h:
No need for H2_USE_STATE_PROCESSING anymore with AP_MPMQ_CAN_AGAIN.
* modules/http2/h2_c1.c:
For !keepalive case return to the MPM using CONN_STATE_PROCESSING + AGAIN
or CONN_STATE_WRITE_COMPLETION + c->clogging_input_filters depending on
AP_MPMQ_CAN_AGAIN only.
* modules/http2/h2_session.c:
Can return to the MPM for h2_send_flow_blocked() provided it's async only.
* server/mpm/event/event.c:
Rework process_socket()'s CONN_STATE_PROCESSING to handle AGAIN and preserve
compatibility. Have a lingering_close label to goto there faster when
process_lingering_close() is to be called. Improve relevant comments.
mpm_event,mod_http2,mod_status: Follow up to r1918257: CONN_STATE_ASYNC_WAITIO.
Per discussion on PR #449, have a separate state for returning the connection
to the MPM to wait for an IO (namely CONN_STATE_ASYNC_WAITIO), rather than
(ab)using CONN_STATE_PROCESSING.
This removes the need for AGAIN added in r1918257 (for now), and AP_MPMQ_CAN_AGAIN
is renamed to AP_MPMQ_CAN_WAITIO.
This is also the state that mod_status accounts for, so rename ->processing
to ->wait_io in process_score (shows as "wait-io" in mod_status and mod_lua).
mpm_event: Follow up to r1918482: CONN_STATE_ASYNC_WAITIO > CONN_STATE_LINGER.
mpm_event: Follow up to r1918482: CONN_STATE_LINGER* are not the last anymore.
Since CONN_STATE_ASYNC_WAITIO, we cannot check for < or >= CONN_STATE_LINGER
anymore to determine if in an lingering close state, so let's add a new
CONN_STATE_IS_LINGERING_CLOSE() macro for this and use it in mpm_event.
The test for state == CONN_STATE_LINGER in process_lingering_close() is a
bit weak too in order to call ap_start_lingering_close() the first time only,
so have a conn_state->linger_started flag instead.
mod_status: Follow up to r1918482: Bump colspan for the new wait-io colomn
mod_status: "Threads" span three colomns (busy, graceful, idle), not two.
mod_rewrite: Better question mark tracking to avoid UnsafeAllow3F. PR 69197.
Track in do_expand() whether a '?' in the uri-path comes from a literal in
the substitution string or from an expansion (variable, lookup, ...).
In the former case it's safe to assume that it's the query-string separator
but for the other case it's not (could be a decoded %3f from r->uri).
This allows to avoid [UnsafeAllow3F] for most cases.
The hostname part of the URL is not mandated for UDS though the canon_handler
hooks will require it, so add "localhost" if it's missing (won't be used anyway
for an AF_UNIX socket).
This can trigger with SetHandler "unix:" URLs which are now also fixed up.
Follow up to r1919015: fix compilation.
mod_proxy: Fix canonicalisation and FCGI env (PATH_INFO, SCRIPT_NAME) for
"balancer:" URLs set via SetHandler, also allowing for "unix:"
sockets with BalancerMember(s). PR 69168.
* modules/proxy/proxy_util.h, modules/proxy/proxy_util.c:
Move proxy_interpolate() from mod_proxy.c to ap_proxy_interpolate(),
exported locally only (non public).
Move proxy_fixup() from mod_proxy.c to ap_proxy_canon_url(), exported
locally only too (non public).
Rollback ap_proxy_fixup_uds_filename() to a local fixup_uds_filename()
usable from proxy_util.c only. The public function will be removed in
a following commit.
* modules/proxy/mod_proxy.h:
Note that ap_proxy_fixup_uds_filename() is deprecated.
* modules/proxy/mod_proxy.c:
Just use ap_proxy_canon_url() from proxy_fixup() and proxy_handler()
for SetHandler URLs.
* modules/proxy/mod_proxy_balancer.c:
Do not canonicalize the path from proxy_balancer_canon() anymore but
rather from balancer_fixup() where the balancer URL is rewritten to
the BalancerMember URL.
mod_proxy: Don't mangle r->filename when ap_proxy_canon_netloc() fails.
ap_proxy_canon_netloc() called from the canon_handler hooks modifies its
given url in place, hence &r->filename[6] passed from ap_proxy_canon_url().
This is not an issue if the canon_handler hook succeeds (or declines) since
r->filename is usually completely rewritten finally, but on failure it gets
truncated.
Avoid this by passing a copy of r->filename from the start, the proxy *url
and r->filename don't need to point to the same data.
* proxy/proxy_util.c(ap_proxy_canon_url):
Pass a copy of r->filename to the canon_handler hooks.
All pollset "good methods" implement APR_POLLSET_WAKEABLE and wake-ability
is quite important for MPM event's correctness anyway so simplify code around
pollset creation so as not to suggest that APR_POLLSET_NODEFAULT if favored
against APR_POLLSET_WAKEABLE.
While at it account for the wakeup pipe in the pollset_size since not all
pollset methods seem to do it internally in APR.
mpm_worker: Fix AH00045 about children processes not terminating timely.
* server/mpm/worker/worker.c(setup_threads_runtime):
Create pollset with APR_POLLSET_WAKEABLE to be able to wake up the listener
when stopping.
* server/mpm/worker/worker.c(wakeup_listener):
Wake up the listener using the wakeup pipe (apr_pollset_wakeup).
* server/mpm/worker/worker.c(join_workers):
Like mpm_event, don't depend on `pthread_kill(listener_thread, 0)` to check
whether the listener has exited (this does not work on some systems), but use
the "dying" global variable instead which is set by the listener just before
exiting.
mpm_event,mpm_worker: Comment about pollset sizing when APR_POLLSET_WAKEABLE.
Joe Orton [Thu, 11 Jul 2024 07:28:53 +0000 (07:28 +0000)]
Merge r1914365, r1914622, r1916057, r1918024 from trunk:
mod_ssl: Add support for loading keys from OpenSSL 3.x providers via
the STORE API. Separates compile-time support for the STORE API
(supported in 3.x) from support for the ENGINE API (deprecated in
3.x).
* modules/ssl/ssl_private.h: Define MODSSL_HAVE_OPENSSL_STORE for
OpenSSL 3.0+.
* modules/ssl/ssl_engine_pphrase.c (modssl_load_store_uri,
modssl_load_keypair_store): New functions.
(modssl_load_keypair_engine): Renamed from modssl_load_keypair_engine.
(modssl_load_engine_keypair): Reimplement to use new STORE-based
functions if SSLCryptoDevice was not configured, or else old
ENGINE implementation.
* modules/ssl/ssl_util.c (modssl_is_engine_id): Match pkcs11: URIs
also for the OpenSSL 3.x STORE API.
* modules/ssl/ssl_engine_init.c (ssl_init_server_certs): Tweak log
message on error paths for the provider/STORE case.
* modules/ssl/ssl_engine_pphrase.c (modssl_load_engine_keypair): Fix
build (hopefully) for OpenSSL 3.x with OPENSSL_NO_ENGINE defined.
* modules/ssl/ssl_engine_pphrase.c (modssl_load_engine_keypair):
Update to avoid GCC warning for no-engine builds where the
SSLModConfigRec is not used. Also log an error for the ENOTIMPL
path.
Fix ENGINE use with OpenSSL 3.2, which appears to be broken due to a
refcounting issue in mod_ssl.
* modules/ssl/ssl_engine_pphrase.c (modssl_engine_cleanup):
New function.
(modssl_load_keypair_engine): Take pconf & ptemp arguments, don't
call ENGINE_finish() immediately but register the above cleanup.
(modssl_load_engine_keypair): Pass through pconf & ptemp.
* modules/ssl/ssl_engine_init.c (ssl_init_server_certs):
Pass through pconf and ptemp to modssl_load_engine_keypair.
projects / thirdparty / apache / httpd.git / log
