util_expr_eval.c

Checkout Tools
  • last updated 7 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Easy patches: synch 2.4.x and trunk

- core: 80 chars

- http_core: Clean-uo and style. No functional change overall

- http_core: One more style fix in ap_process_http_async_connection()

- mod_mime: Fix a cppcheck warning

- mod_proxy_ajp: Fix a harmless clang warning

- suexec: avoid a potential sprintf overflow

- mod_headers: This is harmless, but this really should be an 'echo_do *'

- core: Fix typo

- core: Update a comment about the 'PATCH' HTTP command

- mod_proxy_balancer: Fix some HTML syntax issues

trunk patch:

- http://svn.apache.org/r1780282

- http://svn.apache.org/r1814659

- http://svn.apache.org/r1814660

- http://svn.apache.org/r1838285

- http://svn.apache.org/r1842881

- http://svn.apache.org/r1846253

- http://svn.apache.org/r1853757

- http://svn.apache.org/r1851702

- http://svn.apache.org/r1853980

- http://svn.apache.org/r1855614

2.4.x patch: svn merge -c 1780282,1814659,1814660,1838285,1842881,1846253,1853757,1851702,1853980,1855614 ^/httpd/httpd/trunk .

+1: jailletc36, jim, rjung

  1. … 11 more files in changeset.
Merge r1490294, r1734635, r1749403, r1813116, r1816179, r1817598, r1832198, r1832200, r1832277, r1832317 from trunk:

Note that the function will be available in APR.

Silent a smatch warning:

mod_auth_form.c:626 get_form_auth() warn: variable dereferenced before check 'sent_user' (see line 616)

Use 'memcpy' instead of 'strcpy' when the size of the string has already been computed.

Fix compilation failure :

unixd.c: In function ‘ap_unixd_mpm_set_signals’:

unixd.c:579:5: error: implicit declaration of function ‘apr_signal’; did you mean ‘strsignal’? [-Werror=implicit-function-declaration]

apr_signal(SIGPIPE, SIG_IGN);

^~~~~~~~~~

strsignal

Not sure where it comes from, maybe related to r1812301.

mod_substitute: add runtime traces. PR 61132.

In verify_ocsp_status in ssl_engine_ocsp.c, the log message, "OCSP response not successful: %d" should print the value of r instead of rc.

The value of rc will always be 0.

PR 61876 [sam <sam.eastman.4114 gmail.com>]

Success of 'SHGetMalloc()' should be tested with the SUCCEEDED macro.

/!\ This commit is _NOT COMPILE TESTED_. (I don't have a windows build environment available)

See PR 60086.

Axe some dead code.

See PR 60086.

Fix typo

Fix a potential un-intialized variable usage warning.

This can not be a runtime ixsue, because, in such a case, we would assert and abort before.

PR 59819.

Submitted by: minfrin, jailletc36, jailletc36, jailletc36, ylavic, jailletc36, jailletc36, jailletc36, jailletc36, jailletc36

Reviewed by: jailletc36, ylavic, covener

  1. … 11 more files in changeset.
Merge r1812307 from trunk:

* server/util_expr_eval.c (ap_expr_eval_re_backref): Fix gcc 7.x warning.

util_expr_eval.c: In function ‘ap_expr_eval_re_backref’:

util_expr_eval.c:265:63: error: comparison between pointer and zero character constant [-Werror=pointer-compare]

if (!ctx->re_pmatch || !ctx->re_source || *ctx->re_source == '\0' ||

Reviewed by: rjung, ylavic, jorton

  1. … 1 more file in changeset.
Merge r1808746, r1809028 from trunk:

mod_rewrite/core: avoid the 'Vary: Host' header

In PR 58231 is was brought up that httpd adds the

Vary: Host header whenever a condition is set to true

in mod_rewrite or in an <If> block.

The https://tools.ietf.org/html/rfc7231#section-7.1.4

section seems to disallow this use case:

"The "Vary" header field in a response describes "

"what parts of a request message, "

"aside from the method, Host header field, [...]"

I had a chat with the folks in #traffic-server and

they don't see much point in having a Vary: Host header,

plus it was reported that Varnish doesn't like it very

much (namely it does not cache the response when

it sees the header, links of the report in the PR).

I don't see much value in this behavior of httpd so

I am inclined to remove this response header value,

but I'd be glad to get a more experienced opinion.

mod_rewrite,core: avoid Vary:Host (part 2)

This is a follow up of r1808746 after a chat

with Yann on dev@:

- the HTTP:Host variable suffers from the same problem

- the strcasecmp should be used to allow case-sensitive

comparisons.

- in mod_rewrite is less cumbersome and more clean to just

make the Host header check in lookup_header, so it will

be automatically picked up by every part of the code

that uses it. It shouldn't be a relevant overhead for

mod_rewrite.

Submitted by: elukey

Reviewed by: elukey, ylavic, wrowe

  1. … 4 more files in changeset.
Merge r1776459, r1788508 from trunk:

PR59938: add %{REMOTE_PORT} to the expression parser

Submitted By: Hank Ibell <hwibell gmail.com>

compat note for REMOTE_PORT

Submitted by: covener

Reviewed by: covener, ylavic, jchampion

  1. … 5 more files in changeset.
Merge r1780095 from trunk:

Fix %{DOCUMENT_URI} in SSI w/ default parser

*) core: %{DOCUMENT_URI} used in nested SSI expressions should point to the

URI originally requsted by the user, not the nested documents URI. This

restores the behavior of this variable to match the "legacy" SSI parser.

PR60624.

Submitted By [Hank Ibell <hwibell gmail.com>]

Submitted by: covener

Reviewed by: covener, wrowe, ylavic

  1. … 3 more files in changeset.
Merge r1726167 from trunk:

expr support for HTTP2 variable

Submitted by: icing

Reviewed/backported by: jim

  1. … 4 more files in changeset.
Merge r1729930, r1729931 from trunk:

hostname: Test and log useragent_host per-request across various modules,

including the scoreboard, expression and rewrite engines, setenvif,

authz_host, access_compat, custom logging, ssl and REMOTE_HOST variables.

PR55348 [William Rowe]

This is the complete change set which applies cleanly to 2.4.x as well,

the server/scoreboard.c will follow, which does not apply due to drift.

A rather ugly patch since the code was refactored recently to exclude

the simple patch for 2.4.x, illustrated below.

Completes the changeset r1729930 and resolves all 2.4.19-dev corrections,

but other 2.5.0-dev specific changes may still be needed on trunk.

--- server/scoreboard.c (revision 1729907)

+++ server/scoreboard.c (working copy)

@@ -491,9 +491,8 @@

ws->conn_bytes = 0;

}

if (r) {

- const char *client = ap_get_remote_host(c, r->per_dir_config,

- REMOTE_NOLOOKUP, NULL);

- if (!client || !strcmp(client, c->client_ip)) {

+ const char *client;

+ if (!(client = ap_get_useragent_host(r, REMOTE_NOLOOKUP, NULL))) {

apr_cpystrn(ws->client, r->useragent_ip, sizeof(ws->client));

}

else {

Submitted by: wrowe

Reviewed/backported by: jim

  1. … 12 more files in changeset.
Merge r1719252, r1719254, r1719255, r1720996 from trunk:

Use 'ap_array_str_contains' to simplify code.

Use 'ap_array_str_contains' to simplify code.

Use 'ap_array_str_contains' to simplify code.

Use 'ap_array_str_contains' to simplify code.

Submitted by: jailletc36

Reviewed/backported by: jim

  1. … 5 more files in changeset.
Merge r1657685 from trunk:

core: Optimize string concatenation in expression

parser when evaluating a string expression.

We have a relatively small recursion limit of

about 10 operations. This is a compilation

limit (a define). It can be hit if many expr

vars or function calls are concatenated in an

expression that is evaluated as a string not as

a boolean.

The new optimization uses iteration instead of

recursion and is very similar to the

existing one, which optimizes consecutive

concatenations in node2 of the tree. The new

one optimizes consecutive concatenations in

node 1.

Submitted by: rjung

Reviewed by: rjung, ylavic, covener

Backported by: rjung

  1. … 3 more files in changeset.
Merge r1611979, r1611725, r1588448, r1642803, r1657949, r1451108 (part of it),

r1643672, r1496178 from trunk

* Synch with trunk:

- Add missing APLOGNO.

- mod_deflate: don't require <limits.h> by using APR_INT32_MAX instead of INT_MAX.

- Move two variable assignments off the fast path.

- Fix curly braces style. Remove useless empty lines

- tab vs space

- Removed tabs.

- dump fcgi headers with trace8 instead of debug+compile-time flag.

- Drop severity of "LDAP: Setting referrals to ON" from DEBUG to TRACE4

Submitted by: jailletc36, ylavic, minfrin, fuankg, covener

Reviewed by: jailletc36, minfrin, ylavic

Backported by: jailletc36

  1. … 12 more files in changeset.
Merge r1619297, r1621806 from trunk:

Missing va_end spotted by cppcheck

Silent some cppcheck warnings.

Submitted by: jailletc36

Reviewed/backported by: jim

  1. … 5 more files in changeset.
Merge r1597642, r1608999, r1605207, r1610366, r1610353, r1611871 from trunk:

Rename module name in doxygen + partly revert r832442 which skipped doxygen doc generation for 'mod_watchdog.h'

s/apr_pstrndup/apr_pstrmemdup/ to save a few cycles

Use ap_remove_input_filter_byhandle instead of duplicating the code.

Remove some 'register' in variable declaration.

Remove some 'register' in variable declaration.

Save a few cycles by calling 'apr_isalnum' instead of 'apr_isalpha' and 'apr_isdigit'.

Do not use deprecated define.

No change in generated code because MODULE_MAGIC_NUMBER is defined as:

#define MODULE_MAGIC_NUMBER MODULE_MAGIC_NUMBER_MAJOR

Submitted by: jailletc36

Reviewed/backported by: jim

  1. … 12 more files in changeset.
Merge r1546730, r1583008, r1571369, r1552130, r1578760, r1592615, r1592632, r1595321, r1550302, r1550307, r1585435 from trunk:

fix whitespace in a debug message

s/comment/self-documenting/

normalize an ugly construct which somehow manages to return the correct value

This is annoying to see in a casual "LogLevel debug foo:traceX ..."

Use 'apr_table_setn' instead of 'apr_table_set' when possible in order to save memory.

Follow-up to r1592529:

Define default port for "scgi" schemes (as chosen by

mod_proxy_scgi) in a common location.

Suggested by: jailletc36

fix Doxygen markup error

Submitted by: jailletc36

Tweak a AP_DEBUG_ASSERT condition.

Valid index to use 'req_header_var_names' are 0...6

mod_auth_form: Add a debug message when the fields on a form are not

recognised.

mod_auth_form: Make the trace logging consistent through the notes, session

and form authentication steps.

mod_auth_form: update empty log tags.

Submitted by: trawick, covener, jailletc36, trawick, trawick, jailletc36, minfrin, minfrin, ylavic

Reviewed/backported by: jim

  1. … 11 more files in changeset.
Merge r1458004 from trunk:

add md5 function, too

Submitted by: sf

Reviewed/backported by: jim

  1. … 4 more files in changeset.
Merge r1457450, r1457610, r1457995, r1458003 from trunk:

Expression parser: Add the ability to apply a SHA1 hash to strings within

the parser.

Expression parser: use hex encoding for the sha1 hash.

sha1 now does hex encoding

simplify code by using ap_bin2hex()

Submitted by: minfrin, sf, sf

Reviewed/backported by: jim

  1. … 4 more files in changeset.
Merge r1457437, r1457520 from trunk:

Expression parser: Add the ability to base64 encode and base64 decode

strings within the parser.

Remove the comment, this is done.

Submitted by: minfrin

Reviewed/backported by: jim

  1. … 4 more files in changeset.
Revert, let us try that again.

  1. … 1 more file in changeset.
Backport r1457520.

RPM spec file: we depend on libuuid-devel to build.

  1. … 1 more file in changeset.
ap_expr: Add req_novary function that allows HTTP header lookups

without adding the name to the Vary header.

Submitted by: sf

Backported by: rjung

Reviewed by: rjung, jailletc36, sf

Backport of r1403483 from trunk.

  1. … 5 more files in changeset.
Various code cleanup to avoid compiler, cppcheck, or clang warnings:

modules/filters/mod_charset_lite.c: Remove dead assignments

modules/filters/mod_include.c: likewise

modules/metadata/mod_usertrack.c: likewise

modules/proxy/mod_proxy_ftp.c: likewise

modules/ssl/ssl_engine_pphrase.c: likewise

modules/proxy/mod_proxy_balancer.c: likewise;

Remove NULL check that can never happen

modules/proxy/proxy_util.c: Axe NULL-check that can never happen and if it

would, it would just mask another bug

os/unix/unixd.c: likewise

modules/http/http_filters.c: Remove sub-condition that is always true

modules/lua/mod_lua.c: Add default cases to switch statements

modules/generators/mod_autoindex.c: Unsigned value can never be < 0

server/util_expr_eval.c: Fix compiler warnings with VC and on OS2

  1. … 12 more files in changeset.
Backport:

Further clarify the naming of the entity that originates the request by

calling that entity a useragent instead of a client.

Further clarify the naming of the entity that directly connects to us by

calling that entity a client instead of a peer.

  1. … 26 more files in changeset.
Merge r1213567:

Explicitly cast function pointer, to remove 'const'.

Hopefully this makes the NetWare compiler happy.

  1. … 1 more file in changeset.
Merge r1212883:

Fix names of unary operators like '-s' being compared case insensitively.

Improve error message if op or function is not found. Document '-s' operator.

  1. … 2 more files in changeset.
Merge r1210378:

Fix a few compiler warning reported by Steffen:

- some signed/unsigned mismatches

- const for a function does not make sense

  1. … 1 more file in changeset.
Backport r1209766, r1210252, r1210284:

Add lots of unique tags to error log messages

ssl_util.c: Downgrade some dynamic locking messages from level DEBUG

to TRACE1-3

  1. … 164 more files in changeset.
Backport:

Introduce a per request version of the remote IP address, which can be

optionally modified by a module when the effective IP of the client

is not the same as the real IP of the client (such as a load balancer).

Introduce a per connection "peer_ip" and a per request "client_ip" to

distinguish between the raw IP address of the connection and the effective

IP address of the request.

  1. … 31 more files in changeset.
Merge r1204998 from trunk:

Hello. Let's compile again.

Reviewed/backported by: jim

Merge r1204087, 1204090:

Limit recursion in ap_expr evaluation to avoid unbounded stack usage

* evaluate chains of ||, &&, and string concatenation non-recursively

* limit other types of recursion to 20 levels

* avoid some string copies if concatenating more than 2 strings

  1. … 4 more files in changeset.