1 #include "buffer.h"
2 #include "server.h"
3 #include "log.h"
4 #include "connections.h"
5 #include "fdevent.h"
6
7 #include "request.h"
8 #include "response.h"
9 #include "network.h"
10 #include "http_chunk.h"
11 #include "stat_cache.h"
12 #include "joblist.h"
13
14 #include "plugin.h"
15
16 #include "inet_ntop_cache.h"
17
18 #include <sys/stat.h>
19
20 #include <stdlib.h>
21 #include <stdio.h>
22 #include <unistd.h>
23 #include <errno.h>
24 #include <string.h>
25 #include <fcntl.h>
26 #include <assert.h>
27
28 #ifdef USE_OPENSSL
29 # include <openssl/ssl.h>
30 # include <openssl/err.h>
31 #endif
32
33 #ifdef HAVE_SYS_FILIO_H
34 # include <sys/filio.h>
35 #endif
36
37 #include "sys-socket.h"
38
39 typedef struct {
40 PLUGIN_DATA;
41 } plugin_data;
42
connections_get_new_connection(server * srv)43 static connection *connections_get_new_connection(server *srv) {
44 connections *conns = srv->conns;
45 size_t i;
46
47 if (conns->size == 0) {
48 conns->size = 128;
49 conns->ptr = NULL;
50 conns->ptr = malloc(sizeof(*conns->ptr) * conns->size);
51 for (i = 0; i < conns->size; i++) {
52 conns->ptr[i] = connection_init(srv);
53 }
54 } else if (conns->size == conns->used) {
55 conns->size += 128;
56 conns->ptr = realloc(conns->ptr, sizeof(*conns->ptr) * conns->size);
57
58 for (i = conns->used; i < conns->size; i++) {
59 conns->ptr[i] = connection_init(srv);
60 }
61 }
62
63 connection_reset(srv, conns->ptr[conns->used]);
64 #if 0
65 fprintf(stderr, "%s.%d: add: ", __FILE__, __LINE__);
66 for (i = 0; i < conns->used + 1; i++) {
67 fprintf(stderr, "%d ", conns->ptr[i]->fd);
68 }
69 fprintf(stderr, "\n");
70 #endif
71
72 conns->ptr[conns->used]->ndx = conns->used;
73 return conns->ptr[conns->used++];
74 }
75
connection_del(server * srv,connection * con)76 static int connection_del(server *srv, connection *con) {
77 size_t i;
78 connections *conns = srv->conns;
79 connection *temp;
80
81 if (con == NULL) return -1;
82
83 if (-1 == con->ndx) return -1;
84
85 buffer_reset(con->uri.authority);
86 buffer_reset(con->uri.path);
87 buffer_reset(con->uri.query);
88 buffer_reset(con->request.orig_uri);
89
90 i = con->ndx;
91
92 /* not last element */
93
94 if (i != conns->used - 1) {
95 temp = conns->ptr[i];
96 conns->ptr[i] = conns->ptr[conns->used - 1];
97 conns->ptr[conns->used - 1] = temp;
98
99 conns->ptr[i]->ndx = i;
100 conns->ptr[conns->used - 1]->ndx = -1;
101 }
102
103 conns->used--;
104
105 con->ndx = -1;
106 #if 0
107 fprintf(stderr, "%s.%d: del: (%d)", __FILE__, __LINE__, conns->used);
108 for (i = 0; i < conns->used; i++) {
109 fprintf(stderr, "%d ", conns->ptr[i]->fd);
110 }
111 fprintf(stderr, "\n");
112 #endif
113 return 0;
114 }
115
connection_close(server * srv,connection * con)116 int connection_close(server *srv, connection *con) {
117 #ifdef USE_OPENSSL
118 server_socket *srv_sock = con->srv_socket;
119 #endif
120
121 #ifdef USE_OPENSSL
122 if (srv_sock->is_ssl) {
123 if (con->ssl) SSL_free(con->ssl);
124 con->ssl = NULL;
125 }
126 #endif
127
128 fdevent_event_del(srv->ev, &(con->fde_ndx), con->fd);
129 fdevent_unregister(srv->ev, con->fd);
130 #ifdef __WIN32
131 if (closesocket(con->fd)) {
132 log_error_write(srv, __FILE__, __LINE__, "sds",
133 "(warning) close:", con->fd, strerror(errno));
134 }
135 #else
136 #ifdef HAVE_LIBMTCP
137 if (mtcp_close(srv->mctx, con->fd)) {
138 #else
139 if (close(con->fd)) {
140 #endif
141 log_error_write(srv, __FILE__, __LINE__, "sds",
142 "(warning) close:", con->fd, strerror(errno));
143 }
144 #endif
145
146 srv->cur_fds--;
147 #if 0
148 log_error_write(srv, __FILE__, __LINE__, "sd",
149 "closed()", con->fd);
150 #endif
151
152 connection_del(srv, con);
153 connection_set_state(srv, con, CON_STATE_CONNECT);
154
155 return 0;
156 }
157
158 #if 0
159 static void dump_packet(const unsigned char *data, size_t len) {
160 size_t i, j;
161
162 if (len == 0) return;
163
164 for (i = 0; i < len; i++) {
165 if (i % 16 == 0) fprintf(stderr, " ");
166
167 fprintf(stderr, "%02x ", data[i]);
168
169 if ((i + 1) % 16 == 0) {
170 fprintf(stderr, " ");
171 for (j = 0; j <= i % 16; j++) {
172 unsigned char c;
173
174 if (i-15+j >= len) break;
175
176 c = data[i-15+j];
177
178 fprintf(stderr, "%c", c > 32 && c < 128 ? c : '.');
179 }
180
181 fprintf(stderr, "\n");
182 }
183 }
184
185 if (len % 16 != 0) {
186 for (j = i % 16; j < 16; j++) {
187 fprintf(stderr, " ");
188 }
189
190 fprintf(stderr, " ");
191 for (j = i & ~0xf; j < len; j++) {
192 unsigned char c;
193
194 c = data[j];
195 fprintf(stderr, "%c", c > 32 && c < 128 ? c : '.');
196 }
197 fprintf(stderr, "\n");
198 }
199 }
200 #endif
201
202 static int connection_handle_read_ssl(server *srv, connection *con) {
203 #ifdef USE_OPENSSL
204 int r, ssl_err, len, count = 0, read_offset, toread;
205 buffer *b = NULL;
206
207 if (!con->conf.is_ssl) return -1;
208
209 ERR_clear_error();
210 do {
211 if (NULL != con->read_queue->last) {
212 b = con->read_queue->last->mem;
213 }
214
215 if (NULL == b || b->size - b->used < 1024) {
216 b = chunkqueue_get_append_buffer(con->read_queue);
217 len = SSL_pending(con->ssl);
218 if (len < 4*1024) len = 4*1024; /* always alloc >= 4k buffer */
219 buffer_prepare_copy(b, len + 1);
220
221 /* overwrite everything with 0 */
222 memset(b->ptr, 0, b->size);
223 }
224
225 read_offset = (b->used > 0) ? b->used - 1 : 0;
226 toread = b->size - 1 - read_offset;
227
228 len = SSL_read(con->ssl, b->ptr + read_offset, toread);
229
230 if (con->renegotiations > 1 && con->conf.ssl_disable_client_renegotiation) {
231 connection_set_state(srv, con, CON_STATE_ERROR);
232 log_error_write(srv, __FILE__, __LINE__, "s", "SSL: renegotiation initiated by client");
233 return -1;
234 }
235
236 if (len > 0) {
237 if (b->used > 0) b->used--;
238 b->used += len;
239 b->ptr[b->used++] = '\0';
240
241 con->bytes_read += len;
242
243 count += len;
244 }
245 } while (len == toread && count < MAX_READ_LIMIT);
246
247
248 if (len < 0) {
249 int oerrno = errno;
250 switch ((r = SSL_get_error(con->ssl, len))) {
251 case SSL_ERROR_WANT_READ:
252 case SSL_ERROR_WANT_WRITE:
253 con->is_readable = 0;
254
255 /* the manual says we have to call SSL_read with the same arguments next time.
256 * we ignore this restriction; no one has complained about it in 1.5 yet, so it probably works anyway.
257 */
258
259 return 0;
260 case SSL_ERROR_SYSCALL:
261 /**
262 * man SSL_get_error()
263 *
264 * SSL_ERROR_SYSCALL
265 * Some I/O error occurred. The OpenSSL error queue may contain more
266 * information on the error. If the error queue is empty (i.e.
267 * ERR_get_error() returns 0), ret can be used to find out more about
268 * the error: If ret == 0, an EOF was observed that violates the
269 * protocol. If ret == -1, the underlying BIO reported an I/O error
270 * (for socket I/O on Unix systems, consult errno for details).
271 *
272 */
273 while((ssl_err = ERR_get_error())) {
274 /* get all errors from the error-queue */
275 log_error_write(srv, __FILE__, __LINE__, "sds", "SSL:",
276 r, ERR_error_string(ssl_err, NULL));
277 }
278
279 switch(oerrno) {
280 default:
281 log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL:",
282 len, r, oerrno,
283 strerror(oerrno));
284 break;
285 }
286
287 break;
288 case SSL_ERROR_ZERO_RETURN:
289 /* clean shutdown on the remote side */
290
291 if (r == 0) {
292 /* FIXME: later */
293 }
294
295 /* fall thourgh */
296 default:
297 while((ssl_err = ERR_get_error())) {
298 switch (ERR_GET_REASON(ssl_err)) {
299 case SSL_R_SSL_HANDSHAKE_FAILURE:
300 case SSL_R_TLSV1_ALERT_UNKNOWN_CA:
301 case SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN:
302 case SSL_R_SSLV3_ALERT_BAD_CERTIFICATE:
303 if (!con->conf.log_ssl_noise) continue;
304 break;
305 default:
306 break;
307 }
308 /* get all errors from the error-queue */
309 log_error_write(srv, __FILE__, __LINE__, "sds", "SSL:",
310 r, ERR_error_string(ssl_err, NULL));
311 }
312 break;
313 }
314
315 connection_set_state(srv, con, CON_STATE_ERROR);
316
317 return -1;
318 } else if (len == 0) {
319 con->is_readable = 0;
320 /* the other end close the connection -> KEEP-ALIVE */
321
322 return -2;
323 } else {
324 joblist_append(srv, con);
325 }
326
327 return 0;
328 #else
329 UNUSED(srv);
330 UNUSED(con);
331 return -1;
332 #endif
333 }
334
335 /* 0: everything ok, -1: error, -2: con closed */
336 static int connection_handle_read(server *srv, connection *con) {
337 int len;
338 buffer *b;
339 int toread, read_offset;
340
341 if (con->conf.is_ssl) {
342 return connection_handle_read_ssl(srv, con);
343 }
344
345 b = (NULL != con->read_queue->last) ? con->read_queue->last->mem : NULL;
346
347 /* default size for chunks is 4kb; only use bigger chunks if FIONREAD tells
348 * us more than 4kb is available
349 * if FIONREAD doesn't signal a big chunk we fill the previous buffer
350 * if it has >= 1kb free
351 */
352 #if defined(__WIN32)
353 if (NULL == b || b->size - b->used < 1024) {
354 b = chunkqueue_get_append_buffer(con->read_queue);
355 buffer_prepare_copy(b, 4 * 1024);
356 }
357
358 read_offset = (b->used == 0) ? 0 : b->used - 1;
359 len = recv(con->fd, b->ptr + read_offset, b->size - 1 - read_offset, 0);
360 #else
361 #ifdef HAVE_LIBMTCP
362 /* toread = MAX_READ_LIMIT; */
363 if (mtcp_ioctl(srv->mctx, con->fd, FIONREAD, &toread)
364 || toread == 0 || toread <= 4*1024) {
365 #else
366 if (ioctl(con->fd, FIONREAD, &toread) || toread == 0 || toread <= 4*1024) {
367 #endif
368 if (NULL == b || b->size - b->used < 1024) {
369 b = chunkqueue_get_append_buffer(con->read_queue);
370 buffer_prepare_copy(b, 4 * 1024);
371 }
372 } else {
373 if (toread > MAX_READ_LIMIT) toread = MAX_READ_LIMIT;
374 b = chunkqueue_get_append_buffer(con->read_queue);
375 buffer_prepare_copy(b, toread + 1);
376 }
377
378 read_offset = (b->used == 0) ? 0 : b->used - 1;
379 #ifdef HAVE_LIBMTCP
380 len = mtcp_read(srv->mctx, con->fd, b->ptr + read_offset,
381 b->size - 1 - read_offset);
382 #else
383 len = read(con->fd, b->ptr + read_offset, b->size - 1 - read_offset);
384 #endif
385 #endif
386
387 if (len < 0) {
388 con->is_readable = 0;
389
390 if (errno == EAGAIN) return 0;
391 if (errno == EINTR) {
392 /* we have been interrupted before we could read */
393 con->is_readable = 1;
394 return 0;
395 }
396
397 if (errno != ECONNRESET) {
398 /* expected for keep-alive */
399 log_error_write(srv, __FILE__, __LINE__, "ssd", "connection closed - read failed: ", strerror(errno), errno);
400 }
401
402 connection_set_state(srv, con, CON_STATE_ERROR);
403
404 return -1;
405 } else if (len == 0) {
406 con->is_readable = 0;
407 /* the other end close the connection -> KEEP-ALIVE */
408
409 /* pipelining */
410
411 return -2;
412 } else if ((size_t)len < b->size - 1) {
413 /* we got less then expected, wait for the next fd-event */
414
415 con->is_readable = 0;
416 }
417
418 if (b->used > 0) b->used--;
419 b->used += len;
420 b->ptr[b->used++] = '\0';
421
422 con->bytes_read += len;
423 #if 0
424 dump_packet(b->ptr, len);
425 #endif
426
427 return 0;
428 }
429
430 static int connection_handle_write_prepare(server *srv, connection *con) {
431 if (con->mode == DIRECT) {
432 /* static files */
433 switch(con->request.http_method) {
434 case HTTP_METHOD_GET:
435 case HTTP_METHOD_POST:
436 case HTTP_METHOD_HEAD:
437 case HTTP_METHOD_PUT:
438 case HTTP_METHOD_PATCH:
439 case HTTP_METHOD_MKCOL:
440 case HTTP_METHOD_DELETE:
441 case HTTP_METHOD_COPY:
442 case HTTP_METHOD_MOVE:
443 case HTTP_METHOD_PROPFIND:
444 case HTTP_METHOD_PROPPATCH:
445 case HTTP_METHOD_LOCK:
446 case HTTP_METHOD_UNLOCK:
447 break;
448 case HTTP_METHOD_OPTIONS:
449 /*
450 * 400 is coming from the request-parser BEFORE uri.path is set
451 * 403 is from the response handler when noone else catched it
452 *
453 * */
454 if ((!con->http_status || con->http_status == 200) && con->uri.path->used &&
455 con->uri.path->ptr[0] != '*') {
456 response_header_insert(srv, con, CONST_STR_LEN("Allow"), CONST_STR_LEN("OPTIONS, GET, HEAD, POST"));
457
458 con->response.transfer_encoding &= ~HTTP_TRANSFER_ENCODING_CHUNKED;
459 con->parsed_response &= ~HTTP_CONTENT_LENGTH;
460
461 con->http_status = 200;
462 con->file_finished = 1;
463
464 chunkqueue_reset(con->write_queue);
465 }
466 break;
467 default:
468 switch(con->http_status) {
469 case 400: /* bad request */
470 case 401: /* authorization required */
471 case 414: /* overload request header */
472 case 505: /* unknown protocol */
473 case 207: /* this was webdav */
474 break;
475 default:
476 con->http_status = 501;
477 break;
478 }
479 break;
480 }
481 }
482
483 if (con->http_status == 0) {
484 con->http_status = 403;
485 }
486
487 switch(con->http_status) {
488 case 204: /* class: header only */
489 case 205:
490 case 304:
491 /* disable chunked encoding again as we have no body */
492 con->response.transfer_encoding &= ~HTTP_TRANSFER_ENCODING_CHUNKED;
493 con->parsed_response &= ~HTTP_CONTENT_LENGTH;
494 chunkqueue_reset(con->write_queue);
495
496 con->file_finished = 1;
497 break;
498 default: /* class: header + body */
499 if (con->mode != DIRECT) break;
500
501 /* only custom body for 4xx and 5xx */
502 if (con->http_status < 400 || con->http_status >= 600) break;
503
504 con->file_finished = 0;
505
506 buffer_reset(con->physical.path);
507
508 /* try to send static errorfile */
509 if (!buffer_is_empty(con->conf.errorfile_prefix)) {
510 stat_cache_entry *sce = NULL;
511
512 buffer_copy_string_buffer(con->physical.path, con->conf.errorfile_prefix);
513 buffer_append_long(con->physical.path, con->http_status);
514 buffer_append_string_len(con->physical.path, CONST_STR_LEN(".html"));
515
516 if (HANDLER_ERROR != stat_cache_get_entry(srv, con, con->physical.path, &sce)) {
517 con->file_finished = 1;
518
519 http_chunk_append_file(srv, con, con->physical.path, 0, sce->st.st_size);
520 response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_BUF_LEN(sce->content_type));
521 }
522 }
523
524 if (!con->file_finished) {
525 buffer *b;
526
527 buffer_reset(con->physical.path);
528
529 con->file_finished = 1;
530 b = chunkqueue_get_append_buffer(con->write_queue);
531
532 /* build default error-page */
533 buffer_copy_string_len(b, CONST_STR_LEN(
534 "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?>\n"
535 "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n"
536 " \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n"
537 "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">\n"
538 " <head>\n"
539 " <title>"));
540 buffer_append_long(b, con->http_status);
541 buffer_append_string_len(b, CONST_STR_LEN(" - "));
542 buffer_append_string(b, get_http_status_name(con->http_status));
543
544 buffer_append_string_len(b, CONST_STR_LEN(
545 "</title>\n"
546 " </head>\n"
547 " <body>\n"
548 " <h1>"));
549 buffer_append_long(b, con->http_status);
550 buffer_append_string_len(b, CONST_STR_LEN(" - "));
551 buffer_append_string(b, get_http_status_name(con->http_status));
552
553 buffer_append_string_len(b, CONST_STR_LEN("</h1>\n"
554 " </body>\n"
555 "</html>\n"
556 ));
557
558 response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/html"));
559 }
560 break;
561 }
562
563 if (con->file_finished) {
564 /* we have all the content and chunked encoding is not used, set a content-length */
565
566 if ((!(con->parsed_response & HTTP_CONTENT_LENGTH)) &&
567 (con->response.transfer_encoding & HTTP_TRANSFER_ENCODING_CHUNKED) == 0) {
568 off_t qlen = chunkqueue_length(con->write_queue);
569
570 /**
571 * The Content-Length header only can be sent if we have content:
572 * - HEAD doesn't have a content-body (but have a content-length)
573 * - 1xx, 204 and 304 don't have a content-body (RFC 2616 Section 4.3)
574 *
575 * Otherwise generate a Content-Length header as chunked encoding is not
576 * available
577 */
578 if ((con->http_status >= 100 && con->http_status < 200) ||
579 con->http_status == 204 ||
580 con->http_status == 304) {
581 data_string *ds;
582 /* no Content-Body, no Content-Length */
583 if (NULL != (ds = (data_string*) array_get_element(con->response.headers, "Content-Length"))) {
584 buffer_reset(ds->value); /* Headers with empty values are ignored for output */
585 }
586 } else if (qlen > 0 || con->request.http_method != HTTP_METHOD_HEAD) {
587 /* qlen = 0 is important for Redirects (301, ...) as they MAY have
588 * a content. Browsers are waiting for a Content otherwise
589 */
590 buffer_copy_off_t(srv->tmp_buf, qlen);
591
592 response_header_overwrite(srv, con, CONST_STR_LEN("Content-Length"), CONST_BUF_LEN(srv->tmp_buf));
593 }
594 }
595 } else {
596 /**
597 * the file isn't finished yet, but we have all headers
598 *
599 * to get keep-alive we either need:
600 * - Content-Length: ... (HTTP/1.0 and HTTP/1.0) or
601 * - Transfer-Encoding: chunked (HTTP/1.1)
602 */
603
604 if (((con->parsed_response & HTTP_CONTENT_LENGTH) == 0) &&
605 ((con->response.transfer_encoding & HTTP_TRANSFER_ENCODING_CHUNKED) == 0)) {
606 con->keep_alive = 0;
607 }
608
609 /**
610 * if the backend sent a Connection: close, follow the wish
611 *
612 * NOTE: if the backend sent Connection: Keep-Alive, but no Content-Length, we
613 * will close the connection. That's fine. We can always decide the close
614 * the connection
615 *
616 * FIXME: to be nice we should remove the Connection: ...
617 */
618 if (con->parsed_response & HTTP_CONNECTION) {
619 /* a subrequest disable keep-alive although the client wanted it */
620 if (con->keep_alive && !con->response.keep_alive) {
621 con->keep_alive = 0;
622 }
623 }
624 }
625
626 if (con->request.http_method == HTTP_METHOD_HEAD) {
627 /**
628 * a HEAD request has the same as a GET
629 * without the content
630 */
631 con->file_finished = 1;
632
633 chunkqueue_reset(con->write_queue);
634 con->response.transfer_encoding &= ~HTTP_TRANSFER_ENCODING_CHUNKED;
635 }
636
637 http_response_write_header(srv, con);
638
639 return 0;
640 }
641
642 static int connection_handle_write(server *srv, connection *con) {
643 switch(network_write_chunkqueue(srv, con, con->write_queue, MAX_WRITE_LIMIT)) {
644 case 0:
645 con->write_request_ts = srv->cur_ts;
646 if (con->file_finished) {
647 connection_set_state(srv, con, CON_STATE_RESPONSE_END);
648 joblist_append(srv, con);
649 }
650 break;
651 case -1: /* error on our side */
652 log_error_write(srv, __FILE__, __LINE__, "sd",
653 "connection closed: write failed on fd", con->fd);
654 connection_set_state(srv, con, CON_STATE_ERROR);
655 joblist_append(srv, con);
656 break;
657 case -2: /* remote close */
658 connection_set_state(srv, con, CON_STATE_ERROR);
659 joblist_append(srv, con);
660 break;
661 case 1:
662 con->write_request_ts = srv->cur_ts;
663 con->is_writable = 0;
664
665 /* not finished yet -> WRITE */
666 break;
667 }
668
669 return 0;
670 }
671
672
673
674 connection *connection_init(server *srv) {
675 connection *con;
676
677 UNUSED(srv);
678
679 con = calloc(1, sizeof(*con));
680
681 con->fd = 0;
682 con->ndx = -1;
683 con->fde_ndx = -1;
684 con->bytes_written = 0;
685 con->bytes_read = 0;
686 con->bytes_header = 0;
687 con->loops_per_request = 0;
688
689 #define CLEAN(x) \
690 con->x = buffer_init();
691
692 CLEAN(request.uri);
693 CLEAN(request.request_line);
694 CLEAN(request.request);
695 CLEAN(request.pathinfo);
696
697 CLEAN(request.orig_uri);
698
699 CLEAN(uri.scheme);
700 CLEAN(uri.authority);
701 CLEAN(uri.path);
702 CLEAN(uri.path_raw);
703 CLEAN(uri.query);
704
705 CLEAN(physical.doc_root);
706 CLEAN(physical.path);
707 CLEAN(physical.basedir);
708 CLEAN(physical.rel_path);
709 CLEAN(physical.etag);
710 CLEAN(parse_request);
711
712 CLEAN(authed_user);
713 CLEAN(server_name);
714 CLEAN(error_handler);
715 CLEAN(dst_addr_buf);
716 #if defined USE_OPENSSL && ! defined OPENSSL_NO_TLSEXT
717 CLEAN(tlsext_server_name);
718 #endif
719
720 #undef CLEAN
721 con->write_queue = chunkqueue_init();
722 con->read_queue = chunkqueue_init();
723 con->request_content_queue = chunkqueue_init();
724 chunkqueue_set_tempdirs(con->request_content_queue, srv->srvconf.upload_tempdirs);
725
726 con->request.headers = array_init();
727 con->response.headers = array_init();
728 con->environment = array_init();
729
730 /* init plugin specific connection structures */
731
732 con->plugin_ctx = calloc(1, (srv->plugins.used + 1) * sizeof(void *));
733
734 con->cond_cache = calloc(srv->config_context->used, sizeof(cond_cache_t));
735 config_setup_connection(srv, con);
736
737 return con;
738 }
739
740 void connections_free(server *srv) {
741 connections *conns = srv->conns;
742 size_t i;
743
744 for (i = 0; i < conns->size; i++) {
745 connection *con = conns->ptr[i];
746
747 connection_reset(srv, con);
748
749 chunkqueue_free(con->write_queue);
750 chunkqueue_free(con->read_queue);
751 chunkqueue_free(con->request_content_queue);
752 array_free(con->request.headers);
753 array_free(con->response.headers);
754 array_free(con->environment);
755
756 #define CLEAN(x) \
757 buffer_free(con->x);
758
759 CLEAN(request.uri);
760 CLEAN(request.request_line);
761 CLEAN(request.request);
762 CLEAN(request.pathinfo);
763
764 CLEAN(request.orig_uri);
765
766 CLEAN(uri.scheme);
767 CLEAN(uri.authority);
768 CLEAN(uri.path);
769 CLEAN(uri.path_raw);
770 CLEAN(uri.query);
771
772 CLEAN(physical.doc_root);
773 CLEAN(physical.path);
774 CLEAN(physical.basedir);
775 CLEAN(physical.etag);
776 CLEAN(physical.rel_path);
777 CLEAN(parse_request);
778
779 CLEAN(authed_user);
780 CLEAN(server_name);
781 CLEAN(error_handler);
782 CLEAN(dst_addr_buf);
783 #if defined USE_OPENSSL && ! defined OPENSSL_NO_TLSEXT
784 CLEAN(tlsext_server_name);
785 #endif
786 #undef CLEAN
787 free(con->plugin_ctx);
788 free(con->cond_cache);
789
790 free(con);
791 }
792
793 free(conns->ptr);
794 }
795
796
797 int connection_reset(server *srv, connection *con) {
798 size_t i;
799
800 plugins_call_connection_reset(srv, con);
801
802 con->is_readable = 1;
803 con->is_writable = 1;
804 con->http_status = 0;
805 con->file_finished = 0;
806 con->file_started = 0;
807 con->got_response = 0;
808
809 con->parsed_response = 0;
810
811 con->bytes_written = 0;
812 con->bytes_written_cur_second = 0;
813 con->bytes_read = 0;
814 con->bytes_header = 0;
815 con->loops_per_request = 0;
816
817 con->request.http_method = HTTP_METHOD_UNSET;
818 con->request.http_version = HTTP_VERSION_UNSET;
819
820 con->request.http_if_modified_since = NULL;
821 con->request.http_if_none_match = NULL;
822
823 con->response.keep_alive = 0;
824 con->response.content_length = -1;
825 con->response.transfer_encoding = 0;
826
827 con->mode = DIRECT;
828
829 #define CLEAN(x) \
830 if (con->x) buffer_reset(con->x);
831
832 CLEAN(request.uri);
833 CLEAN(request.request_line);
834 CLEAN(request.pathinfo);
835 CLEAN(request.request);
836
837 /* CLEAN(request.orig_uri); */
838
839 CLEAN(uri.scheme);
840 /* CLEAN(uri.authority); */
841 /* CLEAN(uri.path); */
842 CLEAN(uri.path_raw);
843 /* CLEAN(uri.query); */
844
845 CLEAN(physical.doc_root);
846 CLEAN(physical.path);
847 CLEAN(physical.basedir);
848 CLEAN(physical.rel_path);
849 CLEAN(physical.etag);
850
851 CLEAN(parse_request);
852
853 CLEAN(authed_user);
854 CLEAN(server_name);
855 CLEAN(error_handler);
856 #if defined USE_OPENSSL && ! defined OPENSSL_NO_TLSEXT
857 CLEAN(tlsext_server_name);
858 #endif
859 #undef CLEAN
860
861 #define CLEAN(x) \
862 if (con->x) con->x->used = 0;
863
864 #undef CLEAN
865
866 #define CLEAN(x) \
867 con->request.x = NULL;
868
869 CLEAN(http_host);
870 CLEAN(http_range);
871 CLEAN(http_content_type);
872 #undef CLEAN
873 con->request.content_length = 0;
874
875 array_reset(con->request.headers);
876 array_reset(con->response.headers);
877 array_reset(con->environment);
878
879 chunkqueue_reset(con->write_queue);
880 chunkqueue_reset(con->request_content_queue);
881
882 /* the plugins should cleanup themself */
883 for (i = 0; i < srv->plugins.used; i++) {
884 plugin *p = ((plugin **)(srv->plugins.ptr))[i];
885 plugin_data *pd = p->data;
886
887 if (!pd) continue;
888
889 if (con->plugin_ctx[pd->id] != NULL) {
890 log_error_write(srv, __FILE__, __LINE__, "sb", "missing cleanup in", p->name);
891 }
892
893 con->plugin_ctx[pd->id] = NULL;
894 }
895
896 /* The cond_cache gets reset in response.c */
897 /* config_cond_cache_reset(srv, con); */
898
899 con->header_len = 0;
900 con->in_error_handler = 0;
901
902 config_setup_connection(srv, con);
903
904 return 0;
905 }
906
907 /**
908 * handle all header and content read
909 *
910 * we get called by the state-engine and by the fdevent-handler
911 */
912 static int connection_handle_read_state(server *srv, connection *con) {
913 connection_state_t ostate = con->state;
914 chunk *c, *last_chunk;
915 off_t last_offset;
916 chunkqueue *cq = con->read_queue;
917 chunkqueue *dst_cq = con->request_content_queue;
918 int is_closed = 0; /* the connection got closed, if we don't have a complete header, -> error */
919
920 if (con->is_readable) {
921 con->read_idle_ts = srv->cur_ts;
922
923 switch(connection_handle_read(srv, con)) {
924 case -1:
925 return -1;
926 case -2:
927 is_closed = 1;
928 break;
929 default:
930 break;
931 }
932 }
933
934 /* the last chunk might be empty */
935 for (c = cq->first; c;) {
936 if (cq->first == c && c->mem->used == 0) {
937 /* the first node is empty */
938 /* ... and it is empty, move it to unused */
939
940 cq->first = c->next;
941 if (cq->first == NULL) cq->last = NULL;
942
943 c->next = cq->unused;
944 cq->unused = c;
945 cq->unused_chunks++;
946
947 c = cq->first;
948 } else if (c->next && c->next->mem->used == 0) {
949 chunk *fc;
950 /* next node is the last one */
951 /* ... and it is empty, move it to unused */
952
953 fc = c->next;
954 c->next = fc->next;
955
956 fc->next = cq->unused;
957 cq->unused = fc;
958 cq->unused_chunks++;
959
960 /* the last node was empty */
961 if (c->next == NULL) {
962 cq->last = c;
963 }
964
965 c = c->next;
966 } else {
967 c = c->next;
968 }
969 }
970
971 /* we might have got several packets at once
972 */
973
974 switch(ostate) {
975 case CON_STATE_READ:
976 /* if there is a \r\n\r\n in the chunkqueue
977 *
978 * scan the chunk-queue twice
979 * 1. to find the \r\n\r\n
980 * 2. to copy the header-packet
981 *
982 */
983
984 last_chunk = NULL;
985 last_offset = 0;
986
987 for (c = cq->first; c; c = c->next) {
988 buffer b;
989 size_t i;
990
991 b.ptr = c->mem->ptr + c->offset;
992 b.used = c->mem->used - c->offset;
993 if (b.used > 0) b.used--; /* buffer "used" includes terminating zero */
994
995 for (i = 0; i < b.used; i++) {
996 char ch = b.ptr[i];
997
998 if ('\r' == ch) {
999 /* chec if \n\r\n follows */
1000 size_t j = i+1;
1001 chunk *cc = c;
1002 const char header_end[] = "\r\n\r\n";
1003 int header_end_match_pos = 1;
1004
1005 for ( ; cc; cc = cc->next, j = 0 ) {
1006 buffer bb;
1007 bb.ptr = cc->mem->ptr + cc->offset;
1008 bb.used = cc->mem->used - cc->offset;
1009 if (bb.used > 0) bb.used--; /* buffer "used" includes terminating zero */
1010
1011 for ( ; j < bb.used; j++) {
1012 ch = bb.ptr[j];
1013
1014 if (ch == header_end[header_end_match_pos]) {
1015 header_end_match_pos++;
1016 if (4 == header_end_match_pos) {
1017 last_chunk = cc;
1018 last_offset = j+1;
1019 goto found_header_end;
1020 }
1021 } else {
1022 goto reset_search;
1023 }
1024 }
1025 }
1026 }
1027 reset_search: ;
1028 }
1029 }
1030 found_header_end:
1031
1032 /* found */
1033 if (last_chunk) {
1034 buffer_reset(con->request.request);
1035
1036 for (c = cq->first; c; c = c->next) {
1037 buffer b;
1038
1039 b.ptr = c->mem->ptr + c->offset;
1040 b.used = c->mem->used - c->offset;
1041
1042 if (c == last_chunk) {
1043 b.used = last_offset + 1;
1044 }
1045
1046 buffer_append_string_buffer(con->request.request, &b);
1047
1048 if (c == last_chunk) {
1049 c->offset += last_offset;
1050
1051 break;
1052 } else {
1053 /* the whole packet was copied */
1054 c->offset = c->mem->used - 1;
1055 }
1056 }
1057
1058 connection_set_state(srv, con, CON_STATE_REQUEST_END);
1059 } else if (chunkqueue_length(cq) > 64 * 1024) {
1060 log_error_write(srv, __FILE__, __LINE__, "s", "oversized request-header -> sending Status 414");
1061
1062 con->http_status = 414; /* Request-URI too large */
1063 con->keep_alive = 0;
1064 connection_set_state(srv, con, CON_STATE_HANDLE_REQUEST);
1065 }
1066 break;
1067 case CON_STATE_READ_POST:
1068 for (c = cq->first; c && (dst_cq->bytes_in != (off_t)con->request.content_length); c = c->next) {
1069 off_t weWant, weHave, toRead;
1070
1071 weWant = con->request.content_length - dst_cq->bytes_in;
1072
1073 assert(c->mem->used);
1074
1075 weHave = c->mem->used - c->offset - 1;
1076
1077 toRead = weHave > weWant ? weWant : weHave;
1078
1079 /* the new way, copy everything into a chunkqueue whcih might use tempfiles */
1080 if (con->request.content_length > 64 * 1024) {
1081 chunk *dst_c = NULL;
1082 /* copy everything to max 1Mb sized tempfiles */
1083
1084 /*
1085 * if the last chunk is
1086 * - smaller than 1Mb (size < 1Mb)
1087 * - not read yet (offset == 0)
1088 * -> append to it
1089 * otherwise
1090 * -> create a new chunk
1091 *
1092 * */
1093
1094 if (dst_cq->last &&
1095 dst_cq->last->type == FILE_CHUNK &&
1096 dst_cq->last->file.is_temp &&
1097 dst_cq->last->offset == 0) {
1098 /* ok, take the last chunk for our job */
1099
1100 if (dst_cq->last->file.length < 1 * 1024 * 1024) {
1101 dst_c = dst_cq->last;
1102
1103 if (dst_c->file.fd == -1) {
1104 /* this should not happen as we cache the fd, but you never know */
1105 dst_c->file.fd = open(dst_c->file.name->ptr, O_WRONLY | O_APPEND);
1106 #ifdef FD_CLOEXEC
1107 fcntl(dst_c->file.fd, F_SETFD, FD_CLOEXEC);
1108 #endif
1109 }
1110 } else {
1111 /* the chunk is too large now, close it */
1112 dst_c = dst_cq->last;
1113
1114 if (dst_c->file.fd != -1) {
1115 close(dst_c->file.fd);
1116 dst_c->file.fd = -1;
1117 }
1118 dst_c = chunkqueue_get_append_tempfile(dst_cq);
1119 }
1120 } else {
1121 dst_c = chunkqueue_get_append_tempfile(dst_cq);
1122 }
1123
1124 /* we have a chunk, let's write to it */
1125
1126 if (dst_c->file.fd == -1) {
1127 /* we don't have file to write to,
1128 * EACCES might be one reason.
1129 *
1130 * Instead of sending 500 we send 413 and say the request is too large
1131 * */
1132
1133 log_error_write(srv, __FILE__, __LINE__, "sbs",
1134 "denying upload as opening to temp-file for upload failed:",
1135 dst_c->file.name, strerror(errno));
1136
1137 con->http_status = 413; /* Request-Entity too large */
1138 con->keep_alive = 0;
1139 connection_set_state(srv, con, CON_STATE_HANDLE_REQUEST);
1140
1141 break;
1142 }
1143
1144 if (toRead != write(dst_c->file.fd, c->mem->ptr + c->offset, toRead)) {
1145 /* write failed for some reason ... disk full ? */
1146 log_error_write(srv, __FILE__, __LINE__, "sbs",
1147 "denying upload as writing to file failed:",
1148 dst_c->file.name, strerror(errno));
1149
1150 con->http_status = 413; /* Request-Entity too large */
1151 con->keep_alive = 0;
1152 connection_set_state(srv, con, CON_STATE_HANDLE_REQUEST);
1153
1154 close(dst_c->file.fd);
1155 dst_c->file.fd = -1;
1156
1157 break;
1158 }
1159
1160 dst_c->file.length += toRead;
1161
1162 if (dst_cq->bytes_in + toRead == (off_t)con->request.content_length) {
1163 /* we read everything, close the chunk */
1164 close(dst_c->file.fd);
1165 dst_c->file.fd = -1;
1166 }
1167 } else {
1168 buffer *b;
1169
1170 if (dst_cq->last &&
1171 dst_cq->last->type == MEM_CHUNK) {
1172 b = dst_cq->last->mem;
1173 } else {
1174 b = chunkqueue_get_append_buffer(dst_cq);
1175 /* prepare buffer size for remaining POST data; is < 64kb */
1176 buffer_prepare_copy(b, con->request.content_length - dst_cq->bytes_in + 1);
1177 }
1178 buffer_append_string_len(b, c->mem->ptr + c->offset, toRead);
1179 }
1180
1181 c->offset += toRead;
1182 dst_cq->bytes_in += toRead;
1183 }
1184
1185 /* Content is ready */
1186 if (dst_cq->bytes_in == (off_t)con->request.content_length) {
1187 connection_set_state(srv, con, CON_STATE_HANDLE_REQUEST);
1188 }
1189
1190 break;
1191 default: break;
1192 }
1193
1194 /* the connection got closed and we didn't got enough data to leave one of the READ states
1195 * the only way is to leave here */
1196 if (is_closed && ostate == con->state) {
1197 connection_set_state(srv, con, CON_STATE_ERROR);
1198 }
1199
1200 chunkqueue_remove_finished_chunks(cq);
1201
1202 return 0;
1203 }
1204
1205 static handler_t connection_handle_fdevent(server *srv, void *context, int revents) {
1206 connection *con = context;
1207
1208 joblist_append(srv, con);
1209
1210 if (con->conf.is_ssl) {
1211 /* ssl may read and write for both reads and writes */
1212 if (revents & (FDEVENT_IN | FDEVENT_OUT)) {
1213 con->is_readable = 1;
1214 con->is_writable = 1;
1215 }
1216 } else {
1217 if (revents & FDEVENT_IN) {
1218 con->is_readable = 1;
1219 }
1220 if (revents & FDEVENT_OUT) {
1221 con->is_writable = 1;
1222 /* we don't need the event twice */
1223 }
1224 }
1225
1226
1227 if (revents & ~(FDEVENT_IN | FDEVENT_OUT)) {
1228 /* looks like an error */
1229
1230 /* FIXME: revents = 0x19 still means that we should read from the queue */
1231 if (revents & FDEVENT_HUP) {
1232 if (con->state == CON_STATE_CLOSE) {
1233 con->close_timeout_ts = srv->cur_ts - (HTTP_LINGER_TIMEOUT+1);
1234 } else {
1235 /* sigio reports the wrong event here
1236 *
1237 * there was no HUP at all
1238 */
1239 #ifdef USE_LINUX_SIGIO
1240 if (srv->ev->in_sigio == 1) {
1241 log_error_write(srv, __FILE__, __LINE__, "sd",
1242 "connection closed: poll() -> HUP", con->fd);
1243 } else {
1244 connection_set_state(srv, con, CON_STATE_ERROR);
1245 }
1246 #else
1247 connection_set_state(srv, con, CON_STATE_ERROR);
1248 #endif
1249
1250 }
1251 } else if (revents & FDEVENT_ERR) {
1252 /* error, connection reset, whatever... we don't want to spam the logfile */
1253 #if 0
1254 log_error_write(srv, __FILE__, __LINE__, "sd",
1255 "connection closed: poll() -> ERR", con->fd);
1256 #endif
1257 connection_set_state(srv, con, CON_STATE_ERROR);
1258 } else {
1259 log_error_write(srv, __FILE__, __LINE__, "sd",
1260 "connection closed: poll() -> ???", revents);
1261 }
1262 }
1263
1264 if (con->state == CON_STATE_READ ||
1265 con->state == CON_STATE_READ_POST) {
1266 connection_handle_read_state(srv, con);
1267 }
1268
1269 if (con->state == CON_STATE_WRITE &&
1270 !chunkqueue_is_empty(con->write_queue) &&
1271 con->is_writable) {
1272
1273 if (-1 == connection_handle_write(srv, con)) {
1274 connection_set_state(srv, con, CON_STATE_ERROR);
1275
1276 log_error_write(srv, __FILE__, __LINE__, "ds",
1277 con->fd,
1278 "handle write failed.");
1279 }
1280 }
1281
1282 if (con->state == CON_STATE_CLOSE) {
1283 /* flush the read buffers */
1284 int len;
1285 char buf[1024];
1286
1287 #ifdef HAVE_LIBMTCP
1288 len = mtcp_read(srv->mctx, con->fd, buf, sizeof(buf));
1289 #else
1290 len = read(con->fd, buf, sizeof(buf));
1291 #endif
1292 if (len == 0 || (len < 0 && errno != EAGAIN && errno != EINTR) ) {
1293 con->close_timeout_ts = srv->cur_ts - (HTTP_LINGER_TIMEOUT+1);
1294 }
1295 }
1296
1297 return HANDLER_FINISHED;
1298 }
1299
1300
1301 connection *connection_accept(server *srv, server_socket *srv_socket) {
1302 /* accept everything */
1303
1304 /* search an empty place */
1305 int cnt;
1306 sock_addr cnt_addr;
1307 #ifndef HAVE_LIBMTCP
1308 socklen_t cnt_len;
1309 #endif
1310 /* accept it and register the fd */
1311
1312 /**
1313 * check if we can still open a new connections
1314 *
1315 * see #1216
1316 */
1317
1318 if (srv->conns->used >= srv->max_conns) {
1319 return NULL;
1320 }
1321
1322 #ifdef HAVE_LIBMTCP
1323 if (-1 == (cnt = mtcp_accept(srv->mctx, srv_socket->fd, NULL, NULL))) {
1324 #else
1325 cnt_len = sizeof(cnt_addr);
1326 if (-1 == (cnt = accept(srv_socket->fd, (struct sockaddr *) &cnt_addr, &cnt_len))) {
1327 #endif
1328 switch (errno) {
1329 case EAGAIN:
1330 #if EWOULDBLOCK != EAGAIN
1331 case EWOULDBLOCK:
1332 #endif
1333 case EINTR:
1334 /* we were stopped _before_ we had a connection */
1335 case ECONNABORTED: /* this is a FreeBSD thingy */
1336 /* we were stopped _after_ we had a connection */
1337 break;
1338 case EMFILE:
1339 /* out of fds */
1340 break;
1341 default:
1342 log_error_write(srv, __FILE__, __LINE__, "ssd", "accept failed:", strerror(errno), errno);
1343 }
1344 return NULL;
1345 } else {
1346 connection *con;
1347
1348 srv->cur_fds++;
1349
1350 /* ok, we have the connection, register it */
1351 #if 0
1352 log_error_write(srv, __FILE__, __LINE__, "sd",
1353 "appected()", cnt);
1354 #endif
1355 srv->con_opened++;
1356
1357 con = connections_get_new_connection(srv);
1358
1359 con->fd = cnt;
1360 con->fde_ndx = -1;
1361 #if 0
1362 gettimeofday(&(con->start_tv), NULL);
1363 #endif
1364 fdevent_register(srv->ev, con->fd, connection_handle_fdevent, con);
1365
1366 connection_set_state(srv, con, CON_STATE_REQUEST_START);
1367
1368 con->connection_start = srv->cur_ts;
1369 con->dst_addr = cnt_addr;
1370 buffer_copy_string(con->dst_addr_buf, inet_ntop_cache_get_ip(srv, &(con->dst_addr)));
1371 con->srv_socket = srv_socket;
1372
1373 if (-1 == (fdevent_fcntl_set(srv->ev, con->fd))) {
1374 log_error_write(srv, __FILE__, __LINE__, "ss", "fcntl failed: ", strerror(errno));
1375 return NULL;
1376 }
1377 #ifdef USE_OPENSSL
1378 /* connect FD to SSL */
1379 if (srv_socket->is_ssl) {
1380 if (NULL == (con->ssl = SSL_new(srv_socket->ssl_ctx))) {
1381 log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
1382 ERR_error_string(ERR_get_error(), NULL));
1383
1384 return NULL;
1385 }
1386
1387 con->renegotiations = 0;
1388 SSL_set_app_data(con->ssl, con);
1389 SSL_set_accept_state(con->ssl);
1390 con->conf.is_ssl=1;
1391
1392 if (1 != (SSL_set_fd(con->ssl, cnt))) {
1393 log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
1394 ERR_error_string(ERR_get_error(), NULL));
1395 return NULL;
1396 }
1397 }
1398 #endif
1399 return con;
1400 }
1401 }
1402
1403
1404 int connection_state_machine(server *srv, connection *con) {
1405 int done = 0, r;
1406 #ifdef USE_OPENSSL
1407 server_socket *srv_sock = con->srv_socket;
1408 #endif
1409
1410 if (srv->srvconf.log_state_handling) {
1411 log_error_write(srv, __FILE__, __LINE__, "sds",
1412 "state at start",
1413 con->fd,
1414 connection_get_state(con->state));
1415 }
1416
1417 while (done == 0) {
1418 size_t ostate = con->state;
1419
1420 switch (con->state) {
1421 case CON_STATE_REQUEST_START: /* transient */
1422 if (srv->srvconf.log_state_handling) {
1423 log_error_write(srv, __FILE__, __LINE__, "sds",
1424 "state for fd", con->fd, connection_get_state(con->state));
1425 }
1426
1427 con->request_start = srv->cur_ts;
1428 con->read_idle_ts = srv->cur_ts;
1429
1430 con->request_count++;
1431 con->loops_per_request = 0;
1432
1433 connection_set_state(srv, con, CON_STATE_READ);
1434
1435 /* patch con->conf.is_ssl if the connection is a ssl-socket already */
1436
1437 #ifdef USE_OPENSSL
1438 con->conf.is_ssl = srv_sock->is_ssl;
1439 #endif
1440
1441 break;
1442 case CON_STATE_REQUEST_END: /* transient */
1443 if (srv->srvconf.log_state_handling) {
1444 log_error_write(srv, __FILE__, __LINE__, "sds",
1445 "state for fd", con->fd, connection_get_state(con->state));
1446 }
1447
1448 buffer_reset(con->uri.authority);
1449 buffer_reset(con->uri.path);
1450 buffer_reset(con->uri.query);
1451 buffer_reset(con->request.orig_uri);
1452
1453 if (http_request_parse(srv, con)) {
1454 /* we have to read some data from the POST request */
1455
1456 connection_set_state(srv, con, CON_STATE_READ_POST);
1457
1458 break;
1459 }
1460
1461 connection_set_state(srv, con, CON_STATE_HANDLE_REQUEST);
1462
1463 break;
1464 case CON_STATE_HANDLE_REQUEST:
1465 /*
1466 * the request is parsed
1467 *
1468 * decided what to do with the request
1469 * -
1470 *
1471 *
1472 */
1473
1474 if (srv->srvconf.log_state_handling) {
1475 log_error_write(srv, __FILE__, __LINE__, "sds",
1476 "state for fd", con->fd, connection_get_state(con->state));
1477 }
1478
1479 switch (r = http_response_prepare(srv, con)) {
1480 case HANDLER_FINISHED:
1481 if (con->mode == DIRECT) {
1482 if (con->http_status == 404 ||
1483 con->http_status == 403) {
1484 /* 404 error-handler */
1485
1486 if (con->in_error_handler == 0 &&
1487 (!buffer_is_empty(con->conf.error_handler) ||
1488 !buffer_is_empty(con->error_handler))) {
1489 /* call error-handler */
1490
1491 con->error_handler_saved_status = con->http_status;
1492 con->http_status = 0;
1493
1494 if (buffer_is_empty(con->error_handler)) {
1495 buffer_copy_string_buffer(con->request.uri, con->conf.error_handler);
1496 } else {
1497 buffer_copy_string_buffer(con->request.uri, con->error_handler);
1498 }
1499 buffer_reset(con->physical.path);
1500
1501 con->in_error_handler = 1;
1502
1503 connection_set_state(srv, con, CON_STATE_HANDLE_REQUEST);
1504
1505 done = -1;
1506 break;
1507 } else if (con->in_error_handler) {
1508 /* error-handler is a 404 */
1509
1510 con->http_status = con->error_handler_saved_status;
1511 }
1512 } else if (con->in_error_handler) {
1513 /* error-handler is back and has generated content */
1514 /* if Status: was set, take it otherwise use 200 */
1515 }
1516 }
1517 if (con->http_status == 0) con->http_status = 200;
1518
1519 /* we have something to send, go on */
1520 connection_set_state(srv, con, CON_STATE_RESPONSE_START);
1521 break;
1522 case HANDLER_WAIT_FOR_FD:
1523 srv->want_fds++;
1524
1525 fdwaitqueue_append(srv, con);
1526
1527 connection_set_state(srv, con, CON_STATE_HANDLE_REQUEST);
1528
1529 break;
1530 case HANDLER_COMEBACK:
1531 done = -1;
1532 case HANDLER_WAIT_FOR_EVENT:
1533 /* come back here */
1534 connection_set_state(srv, con, CON_STATE_HANDLE_REQUEST);
1535
1536 break;
1537 case HANDLER_ERROR:
1538 /* something went wrong */
1539 connection_set_state(srv, con, CON_STATE_ERROR);
1540 break;
1541 default:
1542 log_error_write(srv, __FILE__, __LINE__, "sdd", "unknown ret-value: ", con->fd, r);
1543 break;
1544 }
1545
1546 break;
1547 case CON_STATE_RESPONSE_START:
1548 /*
1549 * the decision is done
1550 * - create the HTTP-Response-Header
1551 *
1552 */
1553
1554 if (srv->srvconf.log_state_handling) {
1555 log_error_write(srv, __FILE__, __LINE__, "sds",
1556 "state for fd", con->fd, connection_get_state(con->state));
1557 }
1558
1559 if (-1 == connection_handle_write_prepare(srv, con)) {
1560 connection_set_state(srv, con, CON_STATE_ERROR);
1561
1562 break;
1563 }
1564
1565 connection_set_state(srv, con, CON_STATE_WRITE);
1566 break;
1567 case CON_STATE_RESPONSE_END: /* transient */
1568 /* log the request */
1569
1570 if (srv->srvconf.log_state_handling) {
1571 log_error_write(srv, __FILE__, __LINE__, "sds",
1572 "state for fd", con->fd, connection_get_state(con->state));
1573 }
1574
1575 plugins_call_handle_request_done(srv, con);
1576
1577 srv->con_written++;
1578
1579 if (con->keep_alive) {
1580 connection_set_state(srv, con, CON_STATE_REQUEST_START);
1581
1582 #if 0
1583 con->request_start = srv->cur_ts;
1584 con->read_idle_ts = srv->cur_ts;
1585 #endif
1586 } else {
1587 switch(r = plugins_call_handle_connection_close(srv, con)) {
1588 case HANDLER_GO_ON:
1589 case HANDLER_FINISHED:
1590 break;
1591 default:
1592 log_error_write(srv, __FILE__, __LINE__, "sd", "unhandling return value", r);
1593 break;
1594 }
1595
1596 #ifdef USE_OPENSSL
1597 if (srv_sock->is_ssl) {
1598 switch (SSL_shutdown(con->ssl)) {
1599 case 1:
1600 /* done */
1601 break;
1602 case 0:
1603 /* wait for fd-event
1604 *
1605 * FIXME: wait for fdevent and call SSL_shutdown again
1606 *
1607 */
1608
1609 break;
1610 default:
1611 log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
1612 ERR_error_string(ERR_get_error(), NULL));
1613 }
1614 }
1615 #endif
1616 #ifdef HAVE_LIBMTCP
1617 connection_close(srv, con);
1618 #else
1619 if ((0 == shutdown(con->fd, SHUT_WR))) {
1620 con->close_timeout_ts = srv->cur_ts;
1621 connection_set_state(srv, con, CON_STATE_CLOSE);
1622 } else {
1623 connection_close(srv, con);
1624 }
1625 #endif
1626
1627 srv->con_closed++;
1628 }
1629
1630 connection_reset(srv, con);
1631
1632 break;
1633 case CON_STATE_CONNECT:
1634 if (srv->srvconf.log_state_handling) {
1635 log_error_write(srv, __FILE__, __LINE__, "sds",
1636 "state for fd", con->fd, connection_get_state(con->state));
1637 }
1638
1639 chunkqueue_reset(con->read_queue);
1640
1641 con->request_count = 0;
1642
1643 break;
1644 case CON_STATE_CLOSE:
1645 if (srv->srvconf.log_state_handling) {
1646 log_error_write(srv, __FILE__, __LINE__, "sds",
1647 "state for fd", con->fd, connection_get_state(con->state));
1648 }
1649
1650 /* we have to do the linger_on_close stuff regardless
1651 * of con->keep_alive; even non-keepalive sockets may
1652 * still have unread data, and closing before reading
1653 * it will make the client not see all our output.
1654 */
1655 {
1656 int len;
1657 char buf[1024];
1658 #ifdef HAVE_LIBMTCP
1659 len = mtcp_read(srv->mctx, con->fd, buf, sizeof(buf));
1660 #else
1661 len = read(con->fd, buf, sizeof(buf));
1662 #endif
1663 if (len == 0 || (len < 0 && errno != EAGAIN && errno != EINTR) ) {
1664 con->close_timeout_ts = srv->cur_ts - (HTTP_LINGER_TIMEOUT+1);
1665 }
1666 }
1667
1668 if (srv->cur_ts - con->close_timeout_ts > HTTP_LINGER_TIMEOUT) {
1669 connection_close(srv, con);
1670
1671 if (srv->srvconf.log_state_handling) {
1672 log_error_write(srv, __FILE__, __LINE__, "sd",
1673 "connection closed for fd", con->fd);
1674 }
1675 }
1676
1677 break;
1678 case CON_STATE_READ_POST:
1679 case CON_STATE_READ:
1680 if (srv->srvconf.log_state_handling) {
1681 log_error_write(srv, __FILE__, __LINE__, "sds",
1682 "state for fd", con->fd, connection_get_state(con->state));
1683 }
1684
1685 connection_handle_read_state(srv, con);
1686 break;
1687 case CON_STATE_WRITE:
1688 if (srv->srvconf.log_state_handling) {
1689 log_error_write(srv, __FILE__, __LINE__, "sds",
1690 "state for fd", con->fd, connection_get_state(con->state));
1691 }
1692
1693 /* only try to write if we have something in the queue */
1694 if (!chunkqueue_is_empty(con->write_queue)) {
1695 #if 0
1696 log_error_write(srv, __FILE__, __LINE__, "dsd",
1697 con->fd,
1698 "packets to write:",
1699 con->write_queue->used);
1700 #endif
1701 }
1702 if (!chunkqueue_is_empty(con->write_queue) && con->is_writable) {
1703 if (-1 == connection_handle_write(srv, con)) {
1704 log_error_write(srv, __FILE__, __LINE__, "ds",
1705 con->fd,
1706 "handle write failed.");
1707 connection_set_state(srv, con, CON_STATE_ERROR);
1708 }
1709 }
1710
1711 break;
1712 case CON_STATE_ERROR: /* transient */
1713
1714 /* even if the connection was drop we still have to write it to the access log */
1715 if (con->http_status) {
1716 plugins_call_handle_request_done(srv, con);
1717 }
1718 #ifdef USE_OPENSSL
1719 if (srv_sock->is_ssl) {
1720 int ret, ssl_r;
1721 unsigned long err;
1722 ERR_clear_error();
1723 switch ((ret = SSL_shutdown(con->ssl))) {
1724 case 1:
1725 /* ok */
1726 break;
1727 case 0:
1728 ERR_clear_error();
1729 if (-1 != (ret = SSL_shutdown(con->ssl))) break;
1730
1731 /* fall through */
1732 default:
1733
1734 switch ((ssl_r = SSL_get_error(con->ssl, ret))) {
1735 case SSL_ERROR_WANT_WRITE:
1736 case SSL_ERROR_WANT_READ:
1737 break;
1738 case SSL_ERROR_SYSCALL:
1739 /* perhaps we have error waiting in our error-queue */
1740 if (0 != (err = ERR_get_error())) {
1741 do {
1742 log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
1743 ssl_r, ret,
1744 ERR_error_string(err, NULL));
1745 } while((err = ERR_get_error()));
1746 } else if (errno != 0) { /* ssl bug (see lighttpd ticket #2213): sometimes errno == 0 */
1747 switch(errno) {
1748 case EPIPE:
1749 case ECONNRESET:
1750 break;
1751 default:
1752 log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL (error):",
1753 ssl_r, ret, errno,
1754 strerror(errno));
1755 break;
1756 }
1757 }
1758
1759 break;
1760 default:
1761 while((err = ERR_get_error())) {
1762 log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
1763 ssl_r, ret,
1764 ERR_error_string(err, NULL));
1765 }
1766
1767 break;
1768 }
1769 }
1770 }
1771 ERR_clear_error();
1772 #endif
1773
1774 switch(con->mode) {
1775 case DIRECT:
1776 #if 0
1777 log_error_write(srv, __FILE__, __LINE__, "sd",
1778 "emergency exit: direct",
1779 con->fd);
1780 #endif
1781 break;
1782 default:
1783 switch(r = plugins_call_handle_connection_close(srv, con)) {
1784 case HANDLER_GO_ON:
1785 case HANDLER_FINISHED:
1786 break;
1787 default:
1788 log_error_write(srv, __FILE__, __LINE__, "sd", "unhandling return value", r);
1789 break;
1790 }
1791 break;
1792 }
1793
1794 connection_reset(srv, con);
1795 #ifdef HAVE_LIBMTCP
1796 connection_close(srv, con);
1797 #else
1798 /* close the connection */
1799 if ((0 == shutdown(con->fd, SHUT_WR))) {
1800 con->close_timeout_ts = srv->cur_ts;
1801 connection_set_state(srv, con, CON_STATE_CLOSE);
1802
1803 if (srv->srvconf.log_state_handling) {
1804 log_error_write(srv, __FILE__, __LINE__, "sd",
1805 "shutdown for fd", con->fd);
1806 }
1807 } else {
1808 connection_close(srv, con);
1809 }
1810 #endif
1811
1812 con->keep_alive = 0;
1813
1814 srv->con_closed++;
1815
1816 break;
1817 default:
1818 log_error_write(srv, __FILE__, __LINE__, "sdd",
1819 "unknown state:", con->fd, con->state);
1820
1821 break;
1822 }
1823
1824 if (done == -1) {
1825 done = 0;
1826 } else if (ostate == con->state) {
1827 done = 1;
1828 }
1829 }
1830
1831 if (srv->srvconf.log_state_handling) {
1832 log_error_write(srv, __FILE__, __LINE__, "sds",
1833 "state at exit:",
1834 con->fd,
1835 connection_get_state(con->state));
1836 }
1837
1838 switch(con->state) {
1839 case CON_STATE_READ_POST:
1840 case CON_STATE_READ:
1841 case CON_STATE_CLOSE:
1842 fdevent_event_set(srv->ev, &(con->fde_ndx), con->fd, FDEVENT_IN);
1843 break;
1844 case CON_STATE_WRITE:
1845 /* request write-fdevent only if we really need it
1846 * - if we have data to write
1847 * - if the socket is not writable yet
1848 */
1849 if (!chunkqueue_is_empty(con->write_queue) &&
1850 (con->is_writable == 0) &&
1851 (con->traffic_limit_reached == 0)) {
1852 fdevent_event_set(srv->ev, &(con->fde_ndx), con->fd, FDEVENT_OUT);
1853 } else {
1854 fdevent_event_del(srv->ev, &(con->fde_ndx), con->fd);
1855 }
1856 break;
1857 default:
1858 fdevent_event_del(srv->ev, &(con->fde_ndx), con->fd);
1859 break;
1860 }
1861
1862 return 0;
1863 }
1864