http_core.c revision 2238fa6fe679a13fdf742389391629a753d22ba5
2N/A/* ==================================================================== 2N/A * The Apache Software License, Version 1.1 2N/A * Copyright (c) 2000 The Apache Software Foundation. All rights 2N/A * Redistribution and use in source and binary forms, with or without 2N/A * modification, are permitted provided that the following conditions 2N/A * 1. Redistributions of source code must retain the above copyright 2N/A * notice, this list of conditions and the following disclaimer. 2N/A * 2. Redistributions in binary form must reproduce the above copyright 2N/A * notice, this list of conditions and the following disclaimer in 2N/A * the documentation and/or other materials provided with the 2N/A * 3. The end-user documentation included with the redistribution, 2N/A * if any, must include the following acknowledgment: 2790N/A * "This product includes software developed by the 2515N/A * Alternately, this acknowledgment may appear in the software itself, 2N/A * if and wherever such third-party acknowledgments normally appear. 2N/A * 4. The names "Apache" and "Apache Software Foundation" must 2N/A * not be used to endorse or promote products derived from this 2N/A * software without prior written permission. For written 2N/A * permission, please contact apache@apache.org. 2N/A * 5. Products derived from this software may not be called "Apache", 2N/A * nor may "Apache" appear in their name, without prior written 2N/A * permission of the Apache Software Foundation. 59N/A * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED 2N/A * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 2N/A * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 2N/A * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR 2N/A * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 26N/A * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 26N/A * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 2N/A * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 26N/A * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 1470N/A * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 38N/A * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 1470N/A * ==================================================================== 181N/A * This software consists of voluntary contributions made by many 26N/A * individuals on behalf of the Apache Software Foundation. For more 26N/A * information on the Apache Software Foundation, please see 26N/A * Portions of this software are based upon public domain software 26N/A * originally written at the National Center for Supercomputing Applications, 26N/A * University of Illinois, Urbana-Champaign. 26N/A/* Allow Apache to use ap_mmap */ 26N/A/* mmap support for static files based on ideas from John Heidemann's 26N/A * patch against 1.0.5. See 26N/A/* Files have to be at least this big before they're mmap()d. This is to deal 26N/A * with systems where the expense of doing an mmap() and an munmap() outweighs 26N/A * the benefit for small files. It shouldn't be set lower than 1. 379N/A#
endif /* MMAP_THRESHOLD */ 26N/A/* Server core module... This module provides support for really basic 26N/A * server operations, including options and commands which control the 181N/A * operation of other modules. Consider this the bureaucracy module. 181N/A * The core module also defines handlers, etc., do handle just enough 99N/A * to allow a server with the core module ONLY to actually serve documents 59N/A * (though it slaps DefaultType on all of 'em); this was useful in testing, 12N/A * but may not be worth preserving. 1256N/A /* there was no explicit setting of new->opts, so we merge 1256N/A * preserve the invariant (opts_add & opts_remove) == 0 1256N/A /* otherwise we just copy, because an explicit opts setting 1934N/A * overrides all earlier +/- modifiers 1899N/A/* Add per-directory configuration entry (for <directory> section); 185N/A * these are part of the core server config. 38N/A/* core_reorder_directories reorders the directory sections such that the 38N/A * 1-component sections come first, then the 2-component, and so on, finally 145N/A * followed by the "special" sections. A section is "special" if it's a regex, 38N/A * or if it doesn't start with / -- consider proxy: matching. All movements 38N/A * are in-order to preserve the ordering of the sections from the config files. 26N/A * See directory_walk(). 32N/A/* We need to do a stable sort, qsort isn't stable. So to make it stable 32N/A * we'll be maintaining the original index into the list, and using it 32N/A * as the minor key during sorting. The major key is the number of 32N/A * components (where a "special" section has infinite components). /* we know they're both not special */ /* Either they're both special, or they're both not special and have the * same number of components. In any event, we now have to compare /* we have to allocate tmp space to do a stable sort */ for (i = 0; i <
nelts; ++i) {
/* and now copy back to the original array */ for (i = 0; i <
nelts; ++i) {
/***************************************************************** * There are some elements of the core config structures in which * other modules have a legitimate interest (this is ugly, but necessary * to preserve NCSA back-compatibility). So, we have a bunch of accessors /* Should probably just get rid of this... the only code that cares is * part of the core anyway (and in fact, it isn't publicised to other /* Code from Harald Hanche-Olsen <hanche@imf.unit.no> */ /* single reverse failed, so don't bother */ /* If we haven't checked the host name, and we want to */ /* if failed, set it to the NULL string to indicate error */ * Return the desired information; either the remote DNS name, if found, * or either NULL (if the hostname was requested) or the IP address * (if any identifier was requested). /* If we haven't checked the identity, and we want to */ /* There are two options regarding what the "name" of a server is. The * "canonical" name as defined by ServerName and Port, or the "client's * name" as supplied by a possible Host: header or full URI. We never * trust the port passed in the client's headers, we always use the * port of the actual socket. * The DNS option to UseCanonicalName causes this routine to do a * reverse lookup on the local IP address of the connectiona and use * that for the ServerName. This makes its value more reliable while * at the same time allowing Demon's magic virtual hosting to work. * The assumption is that DNS lookups are sufficiently quick... * When the registry is successfully searched, store the interpreter * string in a ap_table_t to make subsequent look-ups faster /* Open the key associated with the script extension */ /* Read to NULL buffer to find value size */ /* Open the key associated with the interpreter path */ /* Read to NULL buffer to find value size */ * The canonical way shell command entries are entered in the Win32 * registry is as follows: * shell - full path name to interpreter or shell to run. * E.g., c:\usr\local\ntreskit\perl\bin\perl.exe * options - optional switches * "%1" - Place holder for file to run the shell against. * If we find a %1 or a quoted %1, lop it off. /* Find the file extension */ /* If the file has an extension and it is not .com and not .exe and * we've been instructed to search the registry, then do it! "ScriptInterpreterSource config directive set to \"registry\".\n\t" "Registry was searched but interpreter not found. Trying the shebang line.");
/* Need to peek into the file figure out what it really is... */ /* Script or executable, that is the question... */ /* Assuming file is a script since it starts with a shebang */ for (i =
2; i <
sizeof(
buffer); i++) {
for (i =
2;
buffer[i] ==
' ' ; ++i)
/* Not a script, is it an executable? */ /***************************************************************** * Commands... this module handles almost all of the NCSA httpd.conf * commands, but most of the old srm.conf is in the the modules. " cannot occur within <VirtualHost> section",
NULL);
" cannot occur within <Limit> section",
NULL);
"Warning: DocumentRoot [%s] does not exist",
return "DocumentRoot must be a directory";
/* 1st parameter should be a 3 digit number, which we recognize; * convert it into an array index /* Heuristic to determine second argument. */ /* The entry should be ignored if it is a full URL for a 401 error */ "cannot use a full URL in a 401 ErrorDocument " "directive --- ignoring!");
/* hack. Prefix a " if it is a msg; as that is what * a msg and a (local) path. * The *only* thing that can appear in access.conf at top level is a * <Directory> section. NB we need to have a way to cut the srm_command_loop * invoked by dirsection (i.e., <Directory>) short when </Directory> is seen. * We do that by returning an error, which dirsection itself recognizes and * discards as harmless. Cheesy, but it works. if (*w ==
'+' || *w ==
'-') {
else if (!
strcasecmp(w,
"SymLinksIfOwnerMatch")) {
else if (!
strcasecmp(w,
"RunScripts")) {
/* AI backcompat. Yuck */ /* we ensure the invariant (d->opts_add & d->opts_remove) == 0 */ return "Satisfy either 'any' or 'all'.";
/* XXX: NB: Currently, we have no way of checking * whether <Limit> or <LimitExcept> sections are closed properly. * (If we would add a srm_command_loop() here we might...) return "TRACE cannot be controlled by <Limit>";
"\" in <Limit",
tog ?
"Except>" :
">",
NULL);
/* Killing two features with one function, * if (tog == NULL) <Limit>, else <LimitExcept> return tog ?
"</LimitExcept> unexpected" :
"</Limit> unexpected";
* When a section is not closed properly when end-of-file is reached, * then an error message should be printed: /* We use this in <DirectoryMatch> and <FilesMatch>, to ensure that * people don't get bitten by wrong-cased regex matches * This '!=' may look weird on a string comparison, but it's correct -- * it's been set up so that checking for two pointers to the same datum * is valid here. And faster. * Report a missing-'>' syntax error. "> directive missing closing '>'",
NULL);
/* Ensure that the pathname is canonical */ "> arguments not (yet) supported.",
NULL);
"> arguments not (yet) supported.",
NULL);
/* Only if not an .htaccess file */ /* Ensure that the pathname is canonical */ "> arguments not (yet) supported.",
NULL);
/* XXX: NB: Currently, we have no way of checking * whether <IfModule> sections are closed properly. * Extra (redundant, unpaired) </IfModule> directives are * simply silently ignored. if ((!
not &&
defined) || (
not && !
defined)) {
/* httpd.conf commands... beginning with the <VirtualHost> business */ /* FIXME: There's another feature waiting to happen here -- since you you might want to use it to group common definitions and then define other "subhosts" with their individual differences. But personally I'd rather just do it with a macro preprocessor. -djg */ return "<VirtualHost> doesn't nest!";
return "ServerAlias only used in <VirtualHost>";
"': not in list of loaded modules",
NULL);
/* This one's pretty generic... */ if (
port <= 0 ||
port >=
65536) {
/* 65536 == 1<<16 */ "\" is outside the appropriate range " "(i.e., 1..65535).",
NULL);
return "ServerSignature: use one of: off | on | email";
return "ServerRoot must be a valid directory";
/* We've changed it to On/Off, but used to use numbers * so we accept anything but "Off" or "0" as "On" return "parameter must be 'on', 'off', or 'double'";
return "parameter must be 'on', 'off', or 'dns'";
return "LogLevel requires level keyword: one of " return "LogLevel requires level keyword";
" Server at <A HREF=\"mailto:",
* Load an authorisation realm into our location configuration, applying the * usual rules that apply to realms. * Handle a request to include the server's OS platform in the Server * response header field (the ServerTokens directive). Unfortunately * this requires a new global in order to communicate the setting back to * http_main so it can insert the information in the right place in the /* TODO: reimplement the server token stuff. */ "\" must be a non-negative integer",
NULL);
"must not exceed the precompiled maximum of %d",
"\" must be a non-negative integer (0 = no limit)",
"must not exceed the precompiled maximum of %d",
"\" must be a non-negative integer (0 = no limit)",
/* WTF: If strtoul is not portable, then write a replacement. * Instead we have an idiotic define in httpd.h that prevents * it from being used even when it is available. Sheesh. /* Note --- ErrorDocument will now work from .htaccess files. * The AllowOverride of Fileinfo allows webmasters to turn it off /* Old access config file commands */ "Container for directives affecting resources located in the specified " "Marks end of <Directory>" },
"Container for directives affecting resources accessed through the " "Marks end of <Location>" },
"Container to map directives to a particular virtual host, takes one or " "Marks end of <VirtualHost>" },
"affecting files matching specified patterns" },
"Marks end of <Files>" },
"authentication directives when accessed using specified HTTP methods" },
"Marks end of <Limit>" },
"Container for authentication directives to be applied when any HTTP " "method other than those specified is used to access the resource" },
"Marks end of <LimitExcept>" },
"Container for directives based on existance of specified modules" },
"Marks end of <IfModule>" },
"Container for directives based on existance of command line defines" },
"Marks end of <IfDefine>" },
"Container for directives affecting resources located in the " "specified directories" },
"Marks end of <DirectoryMatch>" },
"Container for directives affecting resources accessed through the " "Marks end of <LocationMatch>" },
"Container for directives affecting files matching specified patterns" },
"Marks end of <FilesMatch>" },
"An HTTP authorization type (e.g., \"Basic\")" },
"The authentication realm (e.g. \"Members Only\")" },
"Selects which authenticated users or groups may access a protected space" },
"access policy if both allow and require used ('all' or 'any')" },
"Directory to plop gmon.out files" },
TAKE1,
"The name of the default charset to add to any Content-Type without one or 'Off' to disable" },
/* Old resource config file commands */ "Name(s) of per-directory config files (default: .htaccess)" },
"Root directory of the document tree" },
"Change responses for HTTP errors" },
"Controls what groups of directives can be configured by per-directory " "Set a number of attributes for a given directory" },
/* Old server config file commands */ "\"on\" to enable, \"off\" to disable reverse DNS lookups, or \"double\" to " "enable double-reverse DNS lookups" },
"The email address of the server administrator" },
"The hostname of the server" },
"Common directory of server-related files (logs, confs, etc.)" },
"The filename of the error log" },
"A name or names alternately used to access the server" },
"The pathname the server can be reached at" },
"Keep-Alive timeout duration (sec)"},
"Maximum number of Keep-Alive requests per connection, or 0 for infinite" },
"Whether persistent connections should be On or Off" },
"Enable identd (RFC 1413) user lookups - SLOW" },
FLAG,
"whether or not to send a Content-MD5 header with each request" },
"How to work out the ServerName : Port when constructing URLs" },
/* TODO: RlimitFoo should all be part of mod_cgi, not in the core */ "The name of a module" },
/* TODO: ListenBacklog in MPM */ "Name of the config file to be included" },
"Level of verbosity in error logging" },
"A numeric IP address:port, or the name of a host" },
"Name of server User's bs2000 logon account name" },
"Where to find interpreter to run Win32 scripts (Registry or script shebang line)" },
"Determine tokens displayed in the Server: header - Min(imal), OS or Full" },
"Limit on maximum size of an HTTP request line"},
"Limit on maximum size of an HTTP request header field"},
"Limit (0 = unlimited) on max number of header fields in a request message"},
"Limit (in bytes) on maximum size of request message body" },
/***************************************************************** * Core handlers for various phases of server operation... * Make sure that we do not mess up the translation by adding two * /'s in a row. This happens under windows when the document * Default handler for MIME types without other handlers. Only GET * and OPTIONS at this point... anyone who wants to write a generic * handler for PUT or POST is free to do so, but it seems unwise to provide * any defaults yet... So, for now, we assume that this will always be * the last handler called and return 405 or 501. /* To make serving of "raw ASCII text" files easy (they serve faster * since they don't have to be converted from EBCDIC), a new * "magic" type prefix was invented: text/x-ascii-{plain,html,...} * If we detect one of these content types here, we simply correct * the type to the real text/{plain,html,...} type. Otherwise, we * set a flag that translation is required later on. /* This handler has no use for a request body (yet), but we still * need to read and discard it if the client sent one. "file permissions deny server access: %s", r->
filename);
/* we need to protect ourselves in case we die while we've got the "default_handler: mmap failed: %s", r->
filename);
#
endif /* CHARSET_EBCDIC */ "error byteserving file: %s", r->
filename);
/* FIXME: I suspect we can eliminate the need for these - Ben */