[multiple] employ ck_calloc, ck_malloc shared code

employ ck_calloc(), ck_malloc() shared code to slightly reduce code size
(centralize the ck_assert() to check that memory allocation succeeded)

[multiple] employ ck_realloc_u32() shared code

employ ck_realloc_u32() shared code to slightly reduce code size

[multiple] use buffer_append_char()

[core] allow redirect,rewrite ext subst w/o pcre

allow redirect and rewrite extended substitution when lighttpd is built
without pcre. When built without pcre, url.rewrite and url.redirect
always m

[core] allow redirect,rewrite ext subst w/o pcre

allow redirect and rewrite extended substitution when lighttpd is built
without pcre. When built without pcre, url.rewrite and url.redirect
always match first list entry as if it were "", and numerical
substitutions ($0 %0 $1 %1 etc) are always ignored, but other extended
substitutions (e.g. ${url.path}) may still occur.

show more ...

[core] ignore pcre2 "bad JIT option" warning

ignore pcre2 bad JIT option warning for use of PCRE2_JIT_COMPLETE
flag with pcre2_jit_compile() returning PCRE2_ERROR_JIT_BADOPTION

x-ref:
"pcre2 - Pr

[core] ignore pcre2 "bad JIT option" warning

ignore pcre2 bad JIT option warning for use of PCRE2_JIT_COMPLETE
flag with pcre2_jit_compile() returning PCRE2_ERROR_JIT_BADOPTION

x-ref:
"pcre2 - Probable user knowledge bug, but suggestions will be welcome"
https://redmine.lighttpd.net/boards/2/topics/10202

show more ...

[core] pcre2 support (--with-pcre2)

x-ref:
"lighttpd: depends on obsolete pcre3 library"
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000063

[core] extend pcre_keyvalue_ctx to pass more state

extend pcre_keyvalue_ctx to pass internal state

[core] use stack w/ pcre_exec unless save captures

use stack w/ pcre_exec unless saving captures from config conditions

reduce memory allocations per request where lighttpd.conf does not
contain ur

[core] use stack w/ pcre_exec unless save captures

use stack w/ pcre_exec unless saving captures from config conditions

reduce memory allocations per request where lighttpd.conf does not
contain url.redirect or url.rewrite rules where replacements reference
a match of the enclosing lighttpd.conf condition (e.g. %0, %1, %2 ...)

move cond_cache_t 'patterncount' to cond_match_t 'captures'
While cond_match_t is no longer sized power-2, it is generally expected
to be used much less frequently than before (which was all the time),
since it is now used only with url.redirect or url.rewrite with
references %0, %1, %2, ...

show more ...

[multiple] reduce redundant NULL buffer checks

This commit is a large set of code changes and results in removal of
hundreds, perhaps thousands, of CPU instructions, a portion of which
are on hot co

[multiple] reduce redundant NULL buffer checks

This commit is a large set of code changes and results in removal of
hundreds, perhaps thousands, of CPU instructions, a portion of which
are on hot code paths.

Most (buffer *) used by lighttpd are not NULL, especially since buffers
were inlined into numerous larger structs such as request_st and chunk.

In the small number of instances where that is not the case, a NULL
check is often performed earlier in a function where that buffer is
later used with a buffer_* func. In the handful of cases that remained,
a NULL check was added, e.g. with r->http_host and r->conf.server_tag.

- check for empty strings at config time and set value to NULL if blank
string will be ignored at runtime; at runtime, simple pointer check
for NULL can be used to check for a value that has been set and is not
blank ("")
- use buffer_is_blank() instead of buffer_string_is_empty(),
and use buffer_is_unset() instead of buffer_is_empty(),
where buffer is known not to be NULL so that NULL check can be skipped
- use buffer_clen() instead of buffer_string_length() when buffer is
known not to be NULL (to avoid NULL check at runtime)
- use buffer_truncate() instead of buffer_string_set_length() to
truncate string, and use buffer_extend() to extend

Examples where buffer known not to be NULL:
- cpv->v.b from config_plugin_values_init is not NULL if T_CONFIG_BOOL
(though we might set it to NULL if buffer_is_blank(cpv->v.b))
- address of buffer is arg (&foo)
(compiler optimizer detects this in most, but not all, cases)
- buffer is checked for NULL earlier in func
- buffer is accessed in same scope without a NULL check (e.g. b->ptr)

internal behavior change:
callers must not pass a NULL buffer to some funcs.
- buffer_init_buffer() requires non-null args
- buffer_copy_buffer() requires non-null args
- buffer_append_string_buffer() requires non-null args
- buffer_string_space() requires non-null arg

show more ...

[core] copy string and len directly from tmp_buf

copy string and len directly from tmp_buf without buffer_commit(tb, ...)
if tmp_buf contents are not used after the copy

[multiple] PCRE w/ PCRE_STUDY_JIT_COMPILE (fixes #2361)

enabled by default
disable using server.feature-flags += ("server.pcre_jit" => "disable")

Available since pcre-8.20 (2011), and improved in p

[multiple] PCRE w/ PCRE_STUDY_JIT_COMPILE (fixes #2361)

enabled by default
disable using server.feature-flags += ("server.pcre_jit" => "disable")

Available since pcre-8.20 (2011), and improved in pcre-8.32 (2012),
PCRE_STUDY_JIT_COMPILE can greatly speed up repeated execution of PCRE
patterns. (https://zherczeg.github.io/sljit/pcre.html)

lighttpd continues to use pcre_exec() instead of pcre_jit_exec(),
even though doing so does not realize all of the performance increase
potentially available with PCRE_STUDY_JIT_COMPILE and pcre_jit_exec().

pcre_jit_exec() is available with PCRE 8.32 and later, if PCRE is
compiled with --enable-jit, but lighttpd does not currently use
pcre_jit_exec() since the PCRE library might not have been compiled
with --enable-jit (though this could be solved with a weak symbol).
Similarly, lighttpd does not currently configure the pcre_jit_stack.

(Using pcre_jit_exec() may be revisited in the future.)

x-ref:
"add support for pcre JIT"
https://redmine.lighttpd.net/issues/2361

show more ...

[multiple] add summaries to top of some modules

[core] remove r->uri.path_raw; generate as needed

(r->uri.path_raw previously duplicated from r->target, minus query-part)

[core] split cond cache from cond matches

[core] store addtl data in pcre_keyvalue_buffer

reduce pointer chasing in keyvalue.c

mark keyvalue.h config routines as cold

[multiple] reduce code dup in list resizing

reduce code duplication in list resizing
realloc() of NULL ptr has behavior similar to malloc()

Note that if initial size == 0, then code used to adjust

[multiple] reduce code dup in list resizing

reduce code duplication in list resizing
realloc() of NULL ptr has behavior similar to malloc()

Note that if initial size == 0, then code used to adjust size
must be += x to ensure the size is non-zero for reallocation.
(Multiplying 0 * x, e.g. power-2 resizing, will result in 0.)

show more ...

[core] perf: simple, quick buffer_clear()

quickly clear buffer instead of buffer_string_set_length(b, 0) or
buffer_reset(b). Avoids free() of large buffers about to be reused,
or buffers that are m

[core] perf: simple, quick buffer_clear()

quickly clear buffer instead of buffer_string_set_length(b, 0) or
buffer_reset(b). Avoids free() of large buffers about to be reused,
or buffers that are module-scoped, persistent, and reused.

(buffer_reset() should still be used with buffers in connection *con
when the data in the buffers is supplied by external, untrusted source)

show more ...

[mod_redirect,mod_rewrite] base64url encoding opt

Provide means to encode redirect and rewrite backreference substitutions

%{encb64u:...} encode to base64url characters (no-padding)
%{decb64u:.

[mod_redirect,mod_rewrite] base64url encoding opt

Provide means to encode redirect and rewrite backreference substitutions

%{encb64u:...} encode to base64url characters (no-padding)
%{decb64u:...} decode from base64url characters

show more ...

[mod_redirect,mod_rewrite] support up to 19 match

support up to 19 regex saved matches ($1 - $9 and ${1} - ${19})
for use in replacement substitutions.

lighttpd config conditionals are still limite

[mod_redirect,mod_rewrite] support up to 19 match

support up to 19 regex saved matches ($1 - $9 and ${1} - ${19})
for use in replacement substitutions.

lighttpd config conditionals are still limited to 9 matches (%1 - %9)

show more ...

[mod_redirect,mod_rewrite] fix segfault w/ invalid syntax (fixes #2892)

(thx nti)

x-ref:
"Segmentation fault with invalid lighttpd.conf syntax"
https://redmine.lighttpd.net/issues/2892

[mod_redirect,mod_rewrite] encoding options (fixes #443, fixes #911)

Provide means to encode redirect and rewrite backreference substitutions
In addition to $1 and %1, the following modifiers are

[mod_redirect,mod_rewrite] encoding options (fixes #443, fixes #911)

Provide means to encode redirect and rewrite backreference substitutions
In addition to $1 and %1, the following modifiers are now supported,
followed by the number for the backreference, e.g. ${esc:1}

${noesc:...} no escaping
${esc:...} escape all non-alphanumeric - . _ ~ incl double-escape %
${escape:...} escape all non-alphanumeric - . _ ~ incl double-escape %
${escnde:...} escape all non-alphanumeric - . _ ~ but no double-esc %
${tolower:...}
${toupper:...}

%{noesc:...}
%{esc:...}
%{escape:...}
%{escnde:...}
%{tolower:...}
%{toupper:...}

Provide means to substitute URI parts without needing a regex match
(and can be preceded by encoding modifier,
e.g. ${tolower:url.authority})

${url.scheme}
${url.authority}
${url.port}
${url.path}
${url.query}

${qsa} appends query string, if not empty

x-ref:
"[PATCH] mod_redirect: Add support for url-encoding backreferences, map %%n->%n, $$n->$n"
https://redmine.lighttpd.net/issues/443
"Need for URL encoding in mod_redirect and possibly mod_rewrite"
https://redmine.lighttpd.net/issues/911

show more ...

[core] server.http-parseopts URL normalization opt (fixes #1720)

server.http-parseopts = ( ... ) URL normalization options

Note: *not applied* to CONNECT method

Note: In a future release, URL norm

[core] server.http-parseopts URL normalization opt (fixes #1720)

server.http-parseopts = ( ... ) URL normalization options

Note: *not applied* to CONNECT method

Note: In a future release, URL normalization likely enabled by default
(normalize URL, reject control chars, remove . and .. path segments)
To prepare for this change, lighttpd.conf configurations should
explicitly select desired behavior by enabling or disabling:
server.http-parseopts = ( "url-normalize" => "enable", ... )
server.http-parseopts = ( "url-normalize" => "disable" )

x-ref:
"lighttpd ... compares URIs to patterns in the (1) url.redirect and (2) url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data."
https://www.cvedetails.com/cve/CVE-2008-4359/
"Rewrite/redirect rules and URL encoding"
https://redmine.lighttpd.net/issues/1720

show more ...

[core] http_kv.[ch] method, status, version str

move method, status, version strings from keyvalue.[ch] to http_kv.[ch]

[mod_redirect, mod_rewrite] code reuse (sharing)

[core] some header cleanup

provide standard types in first.h instead of base.h
provide lighttpd types in base_decls.h instead of settings.h
reduce headers exposed by headers for core data structures

[core] some header cleanup

provide standard types in first.h instead of base.h
provide lighttpd types in base_decls.h instead of settings.h
reduce headers exposed by headers for core data structures
do not expose <pcre.h> or <stdlib.h> in headers
move stat_cache_entry to stat_cache.h
reduce use of "server.h" and "base.h" in headers

show more ...