summaryrefslogtreecommitdiffhomepage
path: root/src (follow)
AgeCommit message (Collapse)AuthorFilesLines
2022-05-26Added const to remove unnecessary casts.Alejandro Colomar1-5/+5
Casts are usually very dangerous, disabling most compiler warnings and basically removing type safety. This change adds 'const' to a pointer where we don't need to write, improving type safety, and that also allows removing some casts.
2022-05-18HTTP: generalized argument and cookie parsing.Zhidao HONG3-291/+291
No functional changes.
2022-05-17Wrapped debug code in '#if (NXT_DEBUG)'.Alejandro Colomar1-1/+4
2022-05-17Fixed memcpy(dest, NULL, 0) Undefined Behavior.Alejandro Colomar1-1/+1
nxt_str_null() setted the loc.start pointer to NULL, which was being passed to memcpy(3) through nxt_debug(). That caused Undefined Behavior, so we now pass an empty string.
2022-05-16Supporting empty Location URIs.Alejandro Colomar3-30/+27
An empty string in Location was being handled specially by not sending a Location header. This may occur after variable resolution, so we need to consider this scenario. The obsolete RFC 2616 defined the Location header as consisting of an absolute URI <https://www.rfc-editor.org/rfc/rfc2616#section-14.30>, which cannot be an empty string. However, the current RFC 7231 allows the Location to be a relative URI <https://www.rfc-editor.org/rfc/rfc7231#section-7.1.2>, and a relative URI may be an empty string <https://stackoverflow.com/a/43338457>. Due to these considerations, this patch allows sending an empty Location header without handling this case specially. This behavior will probably be more straightforward to users, too. It also simplifies the code, which is now more readable, fast, and conformant to the current RFC. We're skipping an allocation at request time in a common case such as "action": {"return": 404}
2022-05-16Renamed nxt_http_static_ctx_t field 'index' to 'share_idx'.Alejandro Colomar1-7/+7
Having a configurable index filename will require adding an index field to this structure. The most natural name for that field is 'index', so the current index field should be renamed to allow for that. A sensible name is 'share_idx', since it's the index of the shares array in 'nxt_http_static_conf_t'. Instead of 'share_index' I opted for the shorter 'share_idx'. Also, when 'index' allows an array of filenames in a following commit, another similar variable 'index_idx' should be created, and having a different prefix and suffix seems more readable than for example 'index_index'.
2022-05-13Ruby: added stream IO "close" required by Rack specification.Zhidao HONG1-0/+10
This closes #654 issue on Github.
2022-05-12Using SSL_OP_IGNORE_UNEXPECTED_EOF.Sergey Kandaurov1-0/+5
A new behaviour was introduced in OpenSSL 1.1.1e, when a peer does not send close_notify before closing the connection. Previously, it was to return SSL_ERROR_SYSCALL with errno 0, known since at least OpenSSL 0.9.7, and is handled gracefully in unitd. Now it returns SSL_ERROR_SSL with a distinct reason SSL_R_UNEXPECTED_EOF_WHILE_READING ("unexpected eof while reading"). This leads to critical errors seen in nginx within various routines such as SSL_do_handshake(), SSL_read(), SSL_shutdown(). The behaviour was restored in OpenSSL 1.1.1f, but presents in OpenSSL 3.0 by default. Use of the SSL_OP_IGNORE_UNEXPECTED_EOF option added in OpenSSL 3.0 allows setting a compatible behaviour to return SSL_ERROR_ZERO_RETURN: https://git.openssl.org/?p=openssl.git;a=commitdiff;h=09b90e0 See for additional details: https://github.com/openssl/openssl/issues/11381
2022-05-12Using OPENSSL_SUPPRESS_DEPRECATED.Sergey Kandaurov1-0/+3
The macro is used to suppress deprecation warnings with OpenSSL 3.0. Unlike OPENSSL_API_COMPAT, it works well with OpenSSL built with no-deprecated. In particular, it doesn't unhide various macros in OpenSSL includes, which are meant to be hidden under OPENSSL_NO_DEPRECATED.
2022-03-09Ruby: added the Rack environment parameter "SCRIPT_NAME".Zhidao HONG2-4/+42
2022-05-03Fixed #define style.Alejandro Colomar41-518/+259
We had a mix of styles for declaring function-like macros: Style A: #define \ foo() \ do { \ ... \ } while (0) Style B: #define foo() \ do { \ ... \ } while (0) We had a similar number of occurences of each style: $ grep -rnI '^\w*(.*\\' | wc -l 244 $ grep -rn 'define.*(.*)' | wc -l 239 (Those regexes aren't perfect, but a very decent approximation.) Real examples: $ find src -type f | xargs sed -n '/^nxt_double_is_zero/,/^$/p' nxt_double_is_zero(f) \ (fabs(f) <= FLT_EPSILON) $ find src -type f | xargs sed -n '/define nxt_http_field_set/,/^$/p' #define nxt_http_field_set(_field, _name, _value) \ do { \ (_field)->name_length = nxt_length(_name); \ (_field)->value_length = nxt_length(_value); \ (_field)->name = (u_char *) _name; \ (_field)->value = (u_char *) _value; \ } while (0) I'd like to standardize on a single style for them, and IMO, having the identifier in the same line as #define is a better option for the following reasons: - Programmers are used to `#define foo() ...` (readability). - One less line of code. - The program for finding them is really simple (see below). function grep_ngx_func() { if (($# != 1)); then >&2 echo "Usage: ${FUNCNAME[0]} <func>"; return 1; fi; find src -type f \ | grep '\.[ch]$' \ | xargs grep -l "$1" \ | sort \ | xargs pcregrep -Mn "(?s)^\$[\w\s*]+?^$1\(.*?^}"; find src -type f \ | grep '\.[ch]$' \ | xargs grep -l "$1" \ | sort \ | xargs pcregrep -Mn "(?s)define $1\(.*?^$" \ | sed -E '1s/^[^:]+:[0-9]+:/&\n\n/'; } $ grep_ngx_func Usage: grep_ngx_func <func> $ grep_ngx_func nxt_http_field_set src/nxt_http.h:98: #define nxt_http_field_set(_field, _name, _value) \ do { \ (_field)->name_length = nxt_length(_name); \ (_field)->value_length = nxt_length(_value); \ (_field)->name = (u_char *) _name; \ (_field)->value = (u_char *) _value; \ } while (0) $ grep_ngx_func nxt_sprintf src/nxt_sprintf.c:56: u_char * nxt_cdecl nxt_sprintf(u_char *buf, u_char *end, const char *fmt, ...) { u_char *p; va_list args; va_start(args, fmt); p = nxt_vsprintf(buf, end, fmt, args); va_end(args); return p; } ................ Scripted change: ................ $ find src -type f \ | grep '\.[ch]$' \ | xargs sed -i '/define *\\$/{N;s/ *\\\n/ /;s/ //}'
2022-04-28Supporting variables in "location".Alejandro Colomar2-37/+147
............ Description: ............ Before this commit, the encoded URI could be calculated at configuration time. Now, since variables can only be resolved at request time, we have different situations: - "location" contains no variables: In this case, we still encode the URI in the conf structure, at configuration time, and then we just copy the resulting string to the ctx structure at request time. - "location" contains variables: In this case, we compile the var string at configure time, then when we resolve it at request time, and then we encode the string. In both cases, as was being done before, if the string is empty, either before or after resolving variables, we skip the encoding. ........... Usefulness: ........... An example of why this feature may be useful is redirecting HTTP to HTTPS with something like: "action": { "return": 301, "location": "https://${host}${uri}" } ..... Bugs: ..... This feature conflicts with the relevant RFCs in the following: '$' is used for Unit variables, but '$' is a reserved character in a URI, to be used as a sub-delimiter. However, it's almost never used as that, and in fact, other parts of Unit already conflict with '$' being a reserved character for use as a sub-delimiter, so this is at least consistent in that sense. VBart suggested an easy workaround if we ever need it: adding a variable '$sign' which resolves to a literal '$'. ...... Notes: ...... An empty string is handled as if "location" wasn't specified at all, so no Location header is sent. This is incorrect, and the code is slightly misleading. The Location header consists of a URI-reference[1], which might be a relative one, which itself might consist of an empty string[2]. [1]: <https://www.rfc-editor.org/rfc/rfc7231#section-7.1.2> [2]: <https://stackoverflow.com/a/43338457> Now that we have variables, it's more likely that an empty Location header will be requested, and we should handle it correctly. I think in a future commit we should modify the code to allow differentiating between an unset "location" and an empty one, which should be treated as any other "location" string. ................. Testing (manual): ................. { "listeners": { "*:80": { "pass": "routes/str" }, "*:81": { "pass": "routes/empty" }, "*:82": { "pass": "routes/var" }, "*:83": { "pass": "routes/enc-str" }, "*:84": { "pass": "routes/enc-var" } }, "routes": { "str": [ { "action": { "return": 301, "location": "foo" } } ], "empty": [ { "action": { "return": 301, "location": "" } } ], "var": [ { "action": { "return": 301, "location": "$host" } } ], "enc-str": [ { "action": { "return": 301, "location": "f%23o#o" } } ], "enc-var": [ { "action": { "return": 301, "location": "f%23o${host}#o" } } ] } } $ curl --dump-header - localhost:80 HTTP/1.1 301 Moved Permanently Location: foo Server: Unit/1.27.0 Date: Thu, 07 Apr 2022 23:30:06 GMT Content-Length: 0 $ curl --dump-header - localhost:81 HTTP/1.1 301 Moved Permanently Server: Unit/1.27.0 Date: Thu, 07 Apr 2022 23:30:08 GMT Content-Length: 0 $ curl --dump-header - localhost:82 HTTP/1.1 301 Moved Permanently Location: localhost Server: Unit/1.27.0 Date: Thu, 07 Apr 2022 23:30:15 GMT Content-Length: 0 $ curl --dump-header - -H "Host: bar" localhost:82 HTTP/1.1 301 Moved Permanently Location: bar Server: Unit/1.27.0 Date: Thu, 07 Apr 2022 23:30:23 GMT Content-Length: 0 $ curl --dump-header - -H "Host: " localhost:82 HTTP/1.1 301 Moved Permanently Server: Unit/1.27.0 Date: Thu, 07 Apr 2022 23:30:29 GMT Content-Length: 0 $ curl --dump-header - localhost:83 HTTP/1.1 301 Moved Permanently Location: f%23o#o Server: Unit/1.27.0 Date: Sat, 09 Apr 2022 11:22:23 GMT Content-Length: 0 $ curl --dump-header - -H "Host: " localhost:84 HTTP/1.1 301 Moved Permanently Location: f%23o#o Server: Unit/1.27.0 Date: Sat, 09 Apr 2022 11:22:44 GMT Content-Length: 0 $ curl --dump-header - -H "Host: alx" localhost:84 HTTP/1.1 301 Moved Permanently Location: f%23oalx#o Server: Unit/1.27.0 Date: Sat, 09 Apr 2022 11:22:52 GMT Content-Length: 0 $ curl --dump-header - -H "Host: a#l%23x" localhost:84 HTTP/1.1 301 Moved Permanently Location: f%2523oa#l%2523x%23o Server: Unit/1.27.0 Date: Sat, 09 Apr 2022 11:23:09 GMT Content-Length: 0 $ curl --dump-header - -H "Host: b##ar" localhost:82 HTTP/1.1 301 Moved Permanently Location: b#%23ar Server: Unit/1.27.0 Date: Sat, 09 Apr 2022 11:25:01 GMT Content-Length: 0
2022-04-27Added NXT_MAYBE_UNUSED for __attribute__((__unused__)).Alejandro Colomar2-1/+13
When testing some configurations of compilers and OSes, I noticed that clang(1) 13 on Debian caused a function to be compiled but unused, and the compiler triggered a compile error. To avoid that error, use __attribute__((__unused__)). Let's call our wrapper NXT_MAYBE_UNUSED, since it describes itself more precisely than the GCC attribute name. It's also the name that C2x (likely C23) has given to the standard attribute, which is [[maybe_unused]], so it's also likely to be more readable because of that name being in ISO C.
2022-04-26Fixed indentation.Alejandro Colomar13-38/+38
Some lines (incorrectly) had an indentation of 3 or 5, or 7 or 9, or 11 or 13, or 15 or 17 spaces instead of 4, 8, 12, or 16. Fix them. Found with: $ find src -type f | xargs grep -n '^ [^ ]'; $ find src -type f | xargs grep -n '^ [^ *]'; $ find src -type f | xargs grep -n '^ [^ ]'; $ find src -type f | xargs grep -n '^ [^ *]'; $ find src -type f | xargs grep -n '^ [^ +]'; $ find src -type f | xargs grep -n '^ [^ *+]'; $ find src -type f | xargs grep -n '^ [^ +]'; $ find src -type f | xargs grep -n '^ [^ *+]';
2022-04-26Removed special cases for non-NXT_CONF_VALUE_ARRAY.Alejandro Colomar5-113/+27
The previous commit added more generic APIs for handling NXT_CONF_VALUE_ARRAY and non-NXT_CONF_VALUE_ARRAY together. Modify calling code to remove special cases for arrays and non-arrays, taking special care that the path for non arrays is logically equivalent to the previous special cased code. Use the now-generic array code only.
2022-04-26Added new array APIs that also work with non-arrays.Alejandro Colomar2-0/+30
Similar to how C pointers to variables can always be considered as pointers to the first element of an array of size 1 (see the following code for an example of how they are equivalent), treating non-NXT_CONF_VALUE_ARRAY as if they were NXT_CONF_VALUE_ARRAYs of size 1 allows for simpler and more generic code. void foo(ptrdiff_t sz, int arr[sz]) { for (ptrdiff_t i = 0; i < sz; i++) arr[i] = 0; } void bar(void) { int x; int y[1]; foo(1, &x); foo(1, y); } nxt_conf_array_elements_count_or_1(): Similar to nxt_conf_array_elements_count(). Return a size of 1 when input is non-array, instead of causing undefined behavior. That value (1) makes sense because it will be used as the limiter of a loop that loops over the array and calls nxt_conf_get_array_element_or_itself(), which will return a correct element for such loops. nxt_conf_get_array_element_or_itself(): Similar to nxt_conf_get_array_element(). Return the input pointer unmodified (i.e., a pointer to the unique element of a hypothetical array), instead of returning NULL, which wasn't very useful. nxt_conf_array_qsort(): Since it's a no-op for non-arrays, this API can be reused.
2022-04-26Added 'const' for read-only function parameter.Alejandro Colomar2-2/+3
That parameter is not being modified in the function. Make it 'const' to allow passing 'static const' variables.
2022-02-22Workaround for the warning in nxt_realloc() on GCC 12.Zhidao HONG1-3/+10
This closes #639 issue on Github.
2022-02-14Certificates: fixed crash when reallocating chain.Zhidao HONG1-1/+0
2022-02-09Python: fixing debug message field type.Max Romanov1-1/+2
Introduced in the 78864c9d5ba8 commit. Sorry about that.
2022-02-08Python: fixing incorrect function object dereference.Max Romanov1-6/+12
The __call__ method can be native and not be a PyFunction type. A type check is thus required before accessing op_code and other fields. Reproduced on Ubuntu 21.04, Python 3.9.4 and Falcon framework: here, the App.__call__ method is compiled with Cython, so accessing op_code->co_flags is invalid; accidentally, the COROUTINE bit is set which forces the Python module into the ASGI mode. The workaround is explicit protocol specification. Note: it is impossible to specify the legacy mode for ASGI.
2021-12-27Java: fixing multiple SCI initializations.Max Romanov1-4/+15
- Ignoring Tomcat WebSocket container initialization. - Renaming application class loader to UnitClassLoader to avoid development environment enablement in Spring Boot. This closes #609 issue on GitHub.
2021-12-27Perl: creating input and error streams if closed.Max Romanov3-167/+113
Application handler can do anything with a stream object (including close it). Once the stream is closed, Unit creates a new stream. This closes #616 issue on GitHub.
2021-12-03Fixed debug message broken in 45b25ffb2e8c.Zhidao HONG1-1/+2
2021-12-01Fixing prototype process crash.Max Romanov1-0/+2
A prototype stores linked application processes structures. When an application process terminates, it's removed from the list. To avoid double removal, the pointer to the next element should be set to NULL. The issue was introduced in c8790d2a89bb.
2021-12-01Fixing uninitialized structure field.Max Romanov1-0/+1
Port's "data" field may be used by application and thus need to be set to NULL. The issue was introduced in the f8a0992944df commit. Found by Coverity (CID 374352).
2021-12-01Logging of the daemon version on startup.Valentin Bartenev1-1/+1
2021-11-25PHP: fixed crash when calling module functions in OPcache preload.Valentin Bartenev1-2/+5
In PHP, custom fastcgi_finish_request() and overloaded chdir() functions can be invoked by an OPcache preloading script (it runs when php_module_startup() is called in the app process setup handler). In this case, there was no runtime context set so trying to access it caused a segmentation fault. This closes #602 issue on GitHub.
2021-11-25Fixing access_log structure reference counting.Max Romanov1-4/+26
The reference to the access_log structure is stored in the current nxt_router_conf_t and the global nxt_router_t. When the reference is copied, the reference counter should be adjusted accordingly. This closes #593 issue on GitHub.
2021-11-24Fixing zombie process appearance and hang up on shutdown.Max Romanov1-1/+3
After the c8790d2a89bb commit, the SIGCHLD handler may return before processing all awaiting PIDs. To avoid zombie processes and ensure successful main process termination, waitpid() must be called until an error is returned. This closes #600 issue on GitHub.
2021-11-24Fixing alerts on router restart.Max Romanov3-7/+16
Splitting the process type connectivity matrix to 'keep ports' and 'send ports'; the 'keep ports' matrix is used to clean up unnecessary ports after forking a new process, and the 'send ports' matrix determines which process types expect to get created process ports. Unfortunately, the original single connectivity matrix no longer works because of an application stop delay caused by prototypes. Existing applications should not get the new router port at the moment.
2021-11-24Sending shared port to application prototype.Max Romanov8-85/+110
Application process started with shared port (and queue) already configured. But still waits for PORT_ACK message from router to start request processing (so-called "ready state"). Waiting for router confirmation is necessary. Otherwise, the application may produce response and send it to router before the router have the information about the application process. This is a subject of further optimizations.
2021-11-23Fixed possible access to an uninitialized field.Valentin Bartenev1-3/+3
The "recv_msg.incoming_buf" is checked after jumping to the "done" label if nxt_socket_msg_oob_get_fds() returns an error. Also moved initialization of "port_msg" near to its first usage. Found by Coverity (CID 373899).
2021-11-11Removed the execute permission bit from "nxt_h1proto.c".Valentin Bartenev1-0/+0
It was accidentally added in 4645a43bc248.
2021-11-09Introducing application prototype processes.Tiago Natel de Moura14-182/+1092
2021-11-09Changed nxt_process_* for reuse.Tiago Natel de Moura7-261/+255
This enables the reuse of process creation functions.
2021-11-09Introduced SCM_CREDENTIALS / SCM_CREDS in the socket control msgs.Tiago Natel de Moura11-343/+515
2021-11-05Router: matching query string support.Zhidao HONG3-0/+51
The "query" option matches decoded arguments, including plus ('+') to space (' '). Like "uri", it can be a string or an array of strings.
2021-11-05HTTP: removed surplus check for r->args is not NULL.Zhidao HONG2-6/+2
2021-11-05Router: fixed nxt_http_route_arguments_parse().Zhidao HONG1-20/+11
A valid query string argument is a string of "key=value\[&key=value ...\]" pairs with non-empty keys. The fix removes invalid empty arguments.
2021-11-05Configuration: improved matching pattern error messages.Zhidao HONG1-22/+51
2021-11-02Improved logging of app module load errors.Valentin Bartenev1-5/+22
2021-10-28Moving request limit control to libunit.Max Romanov22-247/+264
Introducting application graceful stop. For now only used when application process reach request limit value. This closes #585 issue on GitHub.
2021-10-28Python: creating and reusing asgi_add_reader() wrapper.Max Romanov1-62/+21
2021-10-28Adding explicit app reference to nxt_router_app_port_release().Max Romanov1-11/+8
port->app field is not thread safe and should be used in main thread only. To release port after request processing, application reference should be obtained from corresponding request descriptor.
2021-10-27Fixed memleaks if PID checks fail in nxt_port_incoming_port_mmap().Valentin Bartenev1-11/+12
Memory allocated for "mem" and "mmap_handler" leaked in that case. Also removed one dead assigment of "hdr" pointer.
2021-10-26Fixed a potential descriptor leak if mmap() failed.Valentin Bartenev1-0/+1
2021-10-26Custom implementation of Base64 decoding function.Valentin Bartenev8-82/+208
Compared to the previous implementation based on OpenSSL, the new implementation has these advantages: 1. Strict and reliable detection of invalid strings, including strings with less than 4 bytes of garbage at the end; 2. Allows to use Base64 strings without '=' padding.
2021-10-12Removed unused declarations.Zhidao HONG1-4/+0
Declarations became unused after 6976d36be926. No functional changes.
2021-10-09Configuration: automatic migration to the new "share" behavior.Zhidao HONG7-46/+167