From ebedf060a5dee2f1f5ef0971c5b4653e9cc55814 Mon Sep 17 00:00:00 2001 From: Sascha Schumann Date: Fri, 17 Jan 2003 18:53:22 +0000 Subject: [PATCH] Fix POST handling once and for all. The daemon now never blocks and handles uploads of up to 2GB on 32 bit platforms. Uploads >16KB are put into a file-backed mmap area. SG(request_info).content_type got corrupted somewhere. As a workaround, we provide SAPI with a duplicate of the original string. --- sapi/thttpd/thttpd.c | 52 +-------- sapi/thttpd/thttpd_patch | 231 +++++++++++++++++++++++++++------------ 2 files changed, 166 insertions(+), 117 deletions(-) diff --git a/sapi/thttpd/thttpd.c b/sapi/thttpd/thttpd.c index 2a0334f3e1f..ae46df35091 100644 --- a/sapi/thttpd/thttpd.c +++ b/sapi/thttpd/thttpd.c @@ -42,7 +42,6 @@ typedef struct { httpd_conn *hc; - int read_post_data; void (*on_close)(int); smart_str sbuf; @@ -231,41 +230,6 @@ static int sapi_thttpd_read_post(char *buffer, uint count_bytes TSRMLS_DC) count_bytes -= read_bytes; } - count_bytes = MIN(count_bytes, - SG(request_info).content_length - SG(read_post_bytes)); - - while (read_bytes < count_bytes) { - tmp = recv(TG(hc)->conn_fd, buffer + read_bytes, - count_bytes - read_bytes, 0); - if (tmp == 0 || (tmp == -1 && errno != EAGAIN)) - break; - /* A simple "tmp > 0" produced broken code on Solaris/GCC */ - if (tmp != 0 && tmp != -1) - read_bytes += tmp; - - if (tmp == -1 && errno == EAGAIN) { - fd_set fdr; - - FD_ZERO(&fdr); - FD_SET(TG(hc)->conn_fd, &fdr); - n = select(TG(hc)->conn_fd + 1, &fdr, NULL, NULL, NULL); - if (n <= 0) - php_handle_aborted_connection(); - - continue; - } - } - - TG(read_post_data) += read_bytes; - - /* Hack for user-agents which send a LR or CRLF after POST data */ - if (TG(read_post_data) >= TG(hc)->contentlength) { - char tmpbuf[2]; - - /* we are in non-blocking mode */ - recv(TG(hc)->conn_fd, tmpbuf, 2, 0); - } - return read_bytes; } @@ -471,7 +435,8 @@ static void thttpd_request_ctor(TSRMLS_D) SG(request_info).request_uri = s.c; SG(request_info).request_method = httpd_method_str(TG(hc)->method); SG(sapi_headers).http_response_code = 200; - SG(request_info).content_type = TG(hc)->contenttype; + if (TG(hc)->contenttype) + SG(request_info).content_type = strdup(TG(hc)->contenttype); SG(request_info).content_length = TG(hc)->contentlength == -1 ? 0 : TG(hc)->contentlength; @@ -485,6 +450,8 @@ static void thttpd_request_dtor(TSRMLS_D) free(SG(request_info).query_string); free(SG(request_info).request_uri); free(SG(request_info).path_translated); + if (SG(request_info).content_type) + free(SG(request_info).content_type); } #ifdef ZTS @@ -664,14 +631,11 @@ static void remove_dead_conn(int fd) #endif -#define CT_LEN_MAX_RAM 8192 - static off_t thttpd_real_php_request(httpd_conn *hc, int show_source TSRMLS_DC) { TG(hc) = hc; hc->bytes_sent = 0; - TG(read_post_data) = 0; if (hc->method == METHOD_POST) hc->should_linger = 1; @@ -679,12 +643,8 @@ static off_t thttpd_real_php_request(httpd_conn *hc, int show_source TSRMLS_DC) && SIZEOF_UNCONSUMED_BYTES() < hc->contentlength) { int missing = hc->contentlength - SIZEOF_UNCONSUMED_BYTES(); - if (hc->contentlength < CT_LEN_MAX_RAM) { - hc->read_body_into_mem = 1; - return 0; - } else { - return -1; - } + hc->read_body_into_mem = 1; + return 0; } thttpd_request_ctor(TSRMLS_C); diff --git a/sapi/thttpd/thttpd_patch b/sapi/thttpd/thttpd_patch index bb7a2afe587..0250ba32216 100644 --- a/sapi/thttpd/thttpd_patch +++ b/sapi/thttpd/thttpd_patch @@ -1,6 +1,6 @@ diff -ur thttpd-2.21b/Makefile.in thttpd-2.21b-cool/Makefile.in --- thttpd-2.21b/Makefile.in Thu Mar 29 20:36:21 2001 -+++ thttpd-2.21b-cool/Makefile.in Fri Nov 8 14:27:14 2002 ++++ thttpd-2.21b-cool/Makefile.in Fri Jan 17 18:15:15 2003 @@ -46,13 +46,15 @@ # You shouldn't need to edit anything below here. @@ -49,7 +49,7 @@ diff -ur thttpd-2.21b/Makefile.in thttpd-2.21b-cool/Makefile.in @name=`sed -n -e '/SERVER_SOFTWARE/!d' -e 's,.*thttpd/,thttpd-,' -e 's, .*,,p' version.h` ; \ diff -ur thttpd-2.21b/config.h thttpd-2.21b-cool/config.h --- thttpd-2.21b/config.h Mon Apr 9 23:57:36 2001 -+++ thttpd-2.21b-cool/config.h Fri Nov 8 14:27:14 2002 ++++ thttpd-2.21b-cool/config.h Fri Jan 17 18:15:15 2003 @@ -82,6 +82,11 @@ */ #define IDLE_READ_TIMELIMIT 60 @@ -73,7 +73,7 @@ diff -ur thttpd-2.21b/config.h thttpd-2.21b-cool/config.h ** index pages for directories that don't have an explicit index file. diff -ur thttpd-2.21b/configure thttpd-2.21b-cool/configure --- thttpd-2.21b/configure Sat Apr 21 02:07:14 2001 -+++ thttpd-2.21b-cool/configure Fri Nov 8 14:27:14 2002 ++++ thttpd-2.21b-cool/configure Fri Jan 17 18:15:15 2003 @@ -1021,7 +1021,7 @@ fi echo "$ac_t""$CPP" 1>&6 @@ -85,7 +85,7 @@ diff -ur thttpd-2.21b/configure thttpd-2.21b-cool/configure echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 diff -ur thttpd-2.21b/configure.in thttpd-2.21b-cool/configure.in --- thttpd-2.21b/configure.in Sat Apr 21 02:06:23 2001 -+++ thttpd-2.21b-cool/configure.in Fri Nov 8 14:27:14 2002 ++++ thttpd-2.21b-cool/configure.in Fri Jan 17 18:15:15 2003 @@ -64,7 +64,7 @@ AC_MSG_RESULT(no) fi @@ -97,7 +97,7 @@ diff -ur thttpd-2.21b/configure.in thttpd-2.21b-cool/configure.in diff -ur thttpd-2.21b/fdwatch.c thttpd-2.21b-cool/fdwatch.c --- thttpd-2.21b/fdwatch.c Fri Apr 13 07:36:08 2001 -+++ thttpd-2.21b-cool/fdwatch.c Sun Nov 10 16:08:16 2002 ++++ thttpd-2.21b-cool/fdwatch.c Fri Jan 17 18:15:15 2003 @@ -460,7 +460,7 @@ ridx = 0; @@ -120,7 +120,7 @@ diff -ur thttpd-2.21b/fdwatch.c thttpd-2.21b-cool/fdwatch.c } diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c --- thttpd-2.21b/libhttpd.c Tue Apr 24 00:42:40 2001 -+++ thttpd-2.21b-cool/libhttpd.c Fri Nov 8 14:27:14 2002 ++++ thttpd-2.21b-cool/libhttpd.c Fri Jan 17 19:40:13 2003 @@ -56,6 +56,10 @@ #include #include @@ -251,7 +251,7 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c if ( extraheads[0] != '\0' ) add_response( hc, extraheads ); add_response( hc, "\r\n" ); -@@ -1603,6 +1639,63 @@ +@@ -1603,6 +1639,70 @@ int @@ -261,6 +261,14 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c + hc->read_idx = 0; + hc->checked_idx = 0; + } ++ ++ if (hc->read_buf_is_mmap) { ++ hc->read_buf_is_mmap = 0; ++ munmap(hc->read_buf, hc->read_size); ++ hc->read_buf = NULL; ++ hc->read_size = 0; ++ httpd_realloc_str( &hc->read_buf, &hc->read_size, 500 ); ++ } + hc->checked_state = CHST_FIRSTWORD; + hc->method = METHOD_UNKNOWN; + hc->status = 0; @@ -307,7 +315,6 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c + hc->should_linger = 0; + hc->file_address = (char*) 0; + hc->read_body_into_mem = 0; -+ hc->read_body_into_fd = 0; + return GC_OK; +} + @@ -315,7 +322,29 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c httpd_get_conn( httpd_server* hs, int listen_fd, httpd_conn* hc ) { httpd_sockaddr sa; -@@ -1657,53 +1750,12 @@ +@@ -1612,6 +1712,7 @@ + { + hc->read_size = 0; + httpd_realloc_str( &hc->read_buf, &hc->read_size, 500 ); ++ hc->read_buf_is_mmap = 0; + hc->maxdecodedurl = + hc->maxorigfilename = hc->maxexpnfilename = hc->maxencodings = + hc->maxpathinfo = hc->maxquery = hc->maxaccept = +@@ -1637,6 +1738,13 @@ + #endif /* TILDE_MAP_2 */ + hc->initialized = 1; + } ++ if (hc->read_buf_is_mmap) { ++ hc->read_buf_is_mmap = 0; ++ munmap(hc->read_buf, hc->read_size); ++ hc->read_buf = NULL; ++ hc->read_size = 0; ++ httpd_realloc_str( &hc->read_buf, &hc->read_size, 500 ); ++ } + + /* Accept the new connection. */ + sz = sizeof(sa); +@@ -1657,53 +1765,12 @@ hc->hs = hs; memset( &hc->client_addr, 0, sizeof(hc->client_addr) ); memcpy( &hc->client_addr, &sa, sockaddr_len( &sa ) ); @@ -375,7 +404,7 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c } -@@ -1720,6 +1772,9 @@ +@@ -1720,6 +1787,9 @@ { char c; @@ -385,7 +414,7 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c for ( ; hc->checked_idx < hc->read_idx; ++hc->checked_idx ) { c = hc->read_buf[hc->checked_idx]; -@@ -1912,8 +1967,11 @@ +@@ -1912,8 +1982,11 @@ eol = strpbrk( protocol, " \t\n\r" ); if ( eol != (char*) 0 ) *eol = '\0'; @@ -398,7 +427,7 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c } } /* Check for HTTP/1.1 absolute URL. */ -@@ -2012,6 +2070,11 @@ +@@ -2012,6 +2085,11 @@ cp = strchr( hc->hdrhost, ':' ); if ( cp != (char*) 0 ) *cp = '\0'; @@ -410,7 +439,7 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c } else if ( strncasecmp( buf, "Accept:", 7 ) == 0 ) { -@@ -2129,6 +2192,7 @@ +@@ -2129,6 +2207,7 @@ cp = &buf[11]; cp += strspn( cp, " \t" ); if ( strcasecmp( cp, "keep-alive" ) == 0 ) @@ -418,7 +447,7 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c hc->keep_alive = 1; } #ifdef LOG_UNKNOWN_HEADERS -@@ -2168,6 +2232,9 @@ +@@ -2168,6 +2247,9 @@ } } @@ -428,7 +457,7 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c if ( hc->one_one ) { /* Check that HTTP/1.1 requests specify a host, as required. */ -@@ -2177,14 +2244,14 @@ +@@ -2177,14 +2259,14 @@ return -1; } @@ -450,7 +479,7 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c } /* Ok, the request has been parsed. Now we resolve stuff that -@@ -2349,15 +2416,24 @@ +@@ -2349,15 +2431,24 @@ void @@ -479,7 +508,21 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c if ( hc->conn_fd >= 0 ) { (void) close( hc->conn_fd ); -@@ -3026,11 +3102,9 @@ +@@ -2370,7 +2461,12 @@ + { + if ( hc->initialized ) + { +- free( (void*) hc->read_buf ); ++ ++ if ( hc->read_buf_is_mmap ) { ++ munmap( hc->read_buf, hc->read_size ); ++ } else { ++ free( (void*) hc->read_buf ); ++ } + free( (void*) hc->decodedurl ); + free( (void*) hc->origfilename ); + free( (void*) hc->expnfilename ); +@@ -3026,11 +3122,9 @@ post_post_garbage_hack( httpd_conn* hc ) { char buf[2]; @@ -493,7 +536,7 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c } -@@ -3313,6 +3387,11 @@ +@@ -3313,6 +3407,11 @@ int r; ClientData client_data; @@ -505,7 +548,7 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c if ( hc->method == METHOD_GET || hc->method == METHOD_POST ) { httpd_clear_ndelay( hc->conn_fd ); -@@ -3369,6 +3448,7 @@ +@@ -3369,6 +3468,7 @@ int expnlen, indxlen; char* cp; char* pi; @@ -513,7 +556,7 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c expnlen = strlen( hc->expnfilename ); -@@ -3561,6 +3641,16 @@ +@@ -3561,6 +3661,16 @@ match( hc->hs->cgi_pattern, hc->expnfilename ) ) return cgi( hc ); @@ -530,7 +573,7 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c /* It's not CGI. If it's executable or there's pathinfo, someone's ** trying to either serve or run a non-CGI file as CGI. Either case ** is prohibited. -@@ -3594,6 +3684,8 @@ +@@ -3594,6 +3704,8 @@ hc->end_byte_loc = hc->sb.st_size - 1; figure_mime( hc ); @@ -539,7 +582,7 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c if ( hc->method == METHOD_HEAD ) { -@@ -3601,7 +3693,7 @@ +@@ -3601,7 +3713,7 @@ hc, 200, ok200title, hc->encodings, "", hc->type, hc->sb.st_size, hc->sb.st_mtime ); } @@ -548,7 +591,7 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c hc->if_modified_since >= hc->sb.st_mtime ) { hc->method = METHOD_HEAD; -@@ -3611,14 +3703,25 @@ +@@ -3611,14 +3723,25 @@ } else { @@ -578,7 +621,7 @@ diff -ur thttpd-2.21b/libhttpd.c thttpd-2.21b-cool/libhttpd.c diff -ur thttpd-2.21b/libhttpd.h thttpd-2.21b-cool/libhttpd.h --- thttpd-2.21b/libhttpd.h Tue Apr 24 00:36:50 2001 -+++ thttpd-2.21b-cool/libhttpd.h Fri Nov 8 14:27:14 2002 ++++ thttpd-2.21b-cool/libhttpd.h Fri Jan 17 19:46:41 2003 @@ -69,6 +69,8 @@ char* server_hostname; int port; @@ -588,7 +631,15 @@ diff -ur thttpd-2.21b/libhttpd.h thttpd-2.21b-cool/libhttpd.h char* charset; char* cwd; int listen4_fd, listen6_fd; -@@ -132,11 +134,13 @@ +@@ -88,6 +90,7 @@ + httpd_server* hs; + httpd_sockaddr client_addr; + char* read_buf; ++ char read_buf_is_mmap; + int read_size, read_idx, checked_idx; + int checked_state; + int method; +@@ -132,11 +135,12 @@ int got_range; int tildemapped; /* this connection got tilde-mapped */ off_t init_byte_loc, end_byte_loc; @@ -599,7 +650,6 @@ diff -ur thttpd-2.21b/libhttpd.h thttpd-2.21b-cool/libhttpd.h int conn_fd; char* file_address; + char read_body_into_mem; -+ int read_body_into_fd; } httpd_conn; /* Methods. */ @@ -624,7 +674,7 @@ diff -ur thttpd-2.21b/libhttpd.h thttpd-2.21b-cool/libhttpd.h ** mallocced strings. diff -ur thttpd-2.21b/mime_encodings.txt thttpd-2.21b-cool/mime_encodings.txt --- thttpd-2.21b/mime_encodings.txt Wed May 10 03:22:28 2000 -+++ thttpd-2.21b-cool/mime_encodings.txt Fri Nov 8 14:27:14 2002 ++++ thttpd-2.21b-cool/mime_encodings.txt Fri Jan 17 18:15:15 2003 @@ -3,6 +3,6 @@ # A list of file extensions followed by the corresponding MIME encoding. # Extensions not found in the table proceed to the mime_types table. @@ -636,7 +686,7 @@ diff -ur thttpd-2.21b/mime_encodings.txt thttpd-2.21b-cool/mime_encodings.txt uu x-uuencode diff -ur thttpd-2.21b/mime_types.txt thttpd-2.21b-cool/mime_types.txt --- thttpd-2.21b/mime_types.txt Sat Apr 14 04:53:30 2001 -+++ thttpd-2.21b-cool/mime_types.txt Fri Nov 8 14:27:14 2002 ++++ thttpd-2.21b-cool/mime_types.txt Fri Jan 17 18:15:15 2003 @@ -1,135 +1,138 @@ -# mime_types.txt -# @@ -887,7 +937,7 @@ diff -ur thttpd-2.21b/mime_types.txt thttpd-2.21b-cool/mime_types.txt +ice x-conference/x-cooltalk diff -ur thttpd-2.21b/mmc.c thttpd-2.21b-cool/mmc.c --- thttpd-2.21b/mmc.c Fri Apr 13 23:02:15 2001 -+++ thttpd-2.21b-cool/mmc.c Fri Nov 8 14:27:14 2002 ++++ thttpd-2.21b-cool/mmc.c Fri Jan 17 18:15:15 2003 @@ -70,6 +70,7 @@ unsigned int hash; int hash_idx; @@ -959,7 +1009,7 @@ diff -ur thttpd-2.21b/mmc.c thttpd-2.21b-cool/mmc.c else diff -ur thttpd-2.21b/mmc.h thttpd-2.21b-cool/mmc.h --- thttpd-2.21b/mmc.h Fri Apr 13 07:36:54 2001 -+++ thttpd-2.21b-cool/mmc.h Fri Nov 8 14:27:14 2002 ++++ thttpd-2.21b-cool/mmc.h Fri Jan 17 18:15:15 2003 @@ -31,8 +31,9 @@ /* Returns an mmap()ed area for the given file, or (void*) 0 on errors. ** If you have a stat buffer on the file, pass it in, otherwise pass 0. @@ -973,8 +1023,17 @@ diff -ur thttpd-2.21b/mmc.h thttpd-2.21b-cool/mmc.h ** If you have a stat buffer on the file, pass it in, otherwise pass 0. diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c --- thttpd-2.21b/thttpd.c Tue Apr 24 00:41:57 2001 -+++ thttpd-2.21b-cool/thttpd.c Sun Nov 10 16:10:52 2002 -@@ -66,6 +66,8 @@ ++++ thttpd-2.21b-cool/thttpd.c Fri Jan 17 19:41:07 2003 +@@ -53,6 +53,8 @@ + #endif + #include + ++#include ++ + #include "fdwatch.h" + #include "libhttpd.h" + #include "mmc.h" +@@ -66,6 +68,8 @@ static char* dir; static int do_chroot, no_log, no_symlink, do_vhost, do_global_passwd; static char* cgi_pattern; @@ -983,7 +1042,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c static char* url_pattern; static int no_empty_referers; static char* local_pattern; -@@ -95,10 +97,10 @@ +@@ -95,10 +99,10 @@ httpd_conn* hc; int tnums[MAXTHROTTLENUMS]; /* throttle indexes */ int numtnums; @@ -996,7 +1055,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c Timer* wakeup_timer; Timer* linger_timer; long wouldblock_delay; -@@ -106,17 +108,22 @@ +@@ -106,17 +110,22 @@ off_t bytes_sent; off_t bytes_to_send; } connecttab; @@ -1026,7 +1085,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c static httpd_server* hs = (httpd_server*) 0; int terminate = 0; -@@ -140,14 +147,15 @@ +@@ -140,14 +149,15 @@ static int handle_newconnect( struct timeval* tvP, int listen_fd ); static void handle_read( connecttab* c, struct timeval* tvP ); static void handle_send( connecttab* c, struct timeval* tvP ); @@ -1045,22 +1104,22 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c static void wakeup_connection( ClientData client_data, struct timeval* nowP ); static void linger_clear_connection( ClientData client_data, struct timeval* nowP ); static void occasional( ClientData client_data, struct timeval* nowP ); -@@ -156,7 +164,14 @@ +@@ -156,7 +166,14 @@ #endif /* STATS_TIME */ static void logstats( struct timeval* nowP ); static void thttpd_logstats( long secs ); +static void boot_request(connecttab *c, struct timeval *tvP); + +typedef void (*handler_func)(connecttab*, struct timeval *); -+ + +handler_func handler_array[CNST_TOTAL_NR] = +{NULL, handle_read, handle_send, NULL, handle_linger, handle_send_resp, handle_read_body}; - ++ +#define RUN_HANDLER(type, c) if (handler_array[type]) handler_array[type](c, &tv) static void handle_term( int sig ) -@@ -198,6 +213,8 @@ +@@ -198,6 +215,8 @@ } @@ -1069,7 +1128,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c static void handle_usr2( int sig ) { -@@ -217,7 +234,6 @@ +@@ -217,7 +236,6 @@ int num_ready; int cnum, ridx; connecttab* c; @@ -1077,7 +1136,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c httpd_sockaddr sa4; httpd_sockaddr sa6; int gotv4, gotv6; -@@ -420,7 +436,8 @@ +@@ -420,7 +438,8 @@ hostname, gotv4 ? &sa4 : (httpd_sockaddr*) 0, gotv6 ? &sa6 : (httpd_sockaddr*) 0, port, cgi_pattern, charset, cwd, no_log, logfp, no_symlink, do_vhost, @@ -1087,7 +1146,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c if ( hs == (httpd_server*) 0 ) exit( 1 ); -@@ -430,6 +447,12 @@ +@@ -430,6 +449,12 @@ syslog( LOG_CRIT, "tmr_create(occasional) failed" ); exit( 1 ); } @@ -1100,7 +1159,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c if ( numthrottles > 0 ) { /* Set up the throttles timer. */ -@@ -454,12 +477,14 @@ +@@ -454,12 +479,14 @@ /* If we're root, try to become someone else. */ if ( getuid() == 0 ) { @@ -1115,7 +1174,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c /* Set primary group. */ if ( setgid( gid ) < 0 ) { -@@ -495,13 +520,17 @@ +@@ -495,13 +522,17 @@ } maxconnects -= SPARE_FDS; connects = NEW( connecttab, maxconnects ); @@ -1133,7 +1192,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c connects[cnum].conn_state = CNST_FREE; connects[cnum].hc = (httpd_conn*) 0; } -@@ -518,6 +547,8 @@ +@@ -518,6 +549,8 @@ /* Main loop. */ (void) gettimeofday( &tv, (struct timezone*) 0 ); @@ -1142,7 +1201,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c while ( ( ! terminate ) || numconnects > 0 ) { /* Do the fd watch. */ -@@ -565,16 +596,10 @@ +@@ -565,16 +598,10 @@ c = (connecttab*) fdwatch_get_client_data( ridx ); if ( c == (connecttab*) 0 ) continue; @@ -1163,7 +1222,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c } tmr_run( &tv ); -@@ -627,6 +652,8 @@ +@@ -627,6 +654,8 @@ #else /* CGI_PATTERN */ cgi_pattern = (char*) 0; #endif /* CGI_PATTERN */ @@ -1172,7 +1231,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c url_pattern = (char*) 0; no_empty_referers = 0; local_pattern = (char*) 0; -@@ -833,6 +860,16 @@ +@@ -833,6 +862,16 @@ value_required( name, value ); cgi_pattern = e_strdup( value ); } @@ -1189,7 +1248,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c else if ( strcasecmp( name, "urlpat" ) == 0 ) { value_required( name, value ); -@@ -1196,8 +1233,10 @@ +@@ -1196,8 +1235,10 @@ logstats( &tv ); for ( cnum = 0; cnum < maxconnects; ++cnum ) { @@ -1201,7 +1260,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c if ( connects[cnum].hc != (httpd_conn*) 0 ) { httpd_destroy_conn( connects[cnum].hc ); -@@ -1214,6 +1253,7 @@ +@@ -1214,6 +1255,7 @@ } mmc_destroy(); tmr_destroy(); @@ -1209,7 +1268,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c free( (void*) connects ); if ( throttles != (throttletab*) 0 ) free( (void*) throttles ); -@@ -1234,7 +1274,7 @@ +@@ -1234,7 +1276,7 @@ for (;;) { /* Is there room in the connection table? */ @@ -1218,7 +1277,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c { /* Out of connection slots. Run the timers, then the ** existing connections, and maybe we'll free up a slot -@@ -1245,10 +1285,10 @@ +@@ -1245,10 +1287,10 @@ return 0; } /* Find a free connection entry. */ @@ -1233,7 +1292,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c /* Make the httpd_conn if necessary. */ if ( c->hc == (httpd_conn*) 0 ) { -@@ -1267,24 +1307,18 @@ +@@ -1267,24 +1309,18 @@ { case GC_FAIL: case GC_NO_MORE: @@ -1261,7 +1320,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c /* Set the connection file descriptor to no-delay mode. */ httpd_set_ndelay( c->hc->conn_fd ); -@@ -1297,12 +1331,49 @@ +@@ -1297,12 +1333,79 @@ } } @@ -1279,8 +1338,38 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c + missing = hc->contentlength - already; + unused = hc->read_size - hc->read_idx; + nalloc = missing - unused; ++ ++ if (missing > 16384) { ++ char filename[] = "/tmp/thttpd.upload.XXXXXX"; ++ int tmp = mkstemp(filename); ++ ++ if (tmp >= 0) { ++ void *p; ++ size_t sz = hc->contentlength + hc->checked_idx + 10; ++ ++ unlink(filename); ++ ++ ftruncate(tmp, sz); ++ p = mmap(NULL, sz, ++ PROT_READ|PROT_WRITE, MAP_PRIVATE, tmp, 0); ++ ++ if (p != MAP_FAILED) { ++ memcpy(p, hc->read_buf, hc->read_idx); ++ free(hc->read_buf); ++ hc->read_size = sz; ++ hc->read_buf = p; ++ hc->read_buf_is_mmap = 1; ++ } ++ close(tmp); ++ } + -+ httpd_realloc_str(&hc->read_buf, &hc->read_size, hc->checked_idx + hc->contentlength + 10); ++ if (!hc->read_buf_is_mmap) { ++ clear_connection( c, tvP, 0 ); ++ return; ++ } ++ } else { ++ httpd_realloc_str(&hc->read_buf, &hc->read_size, hc->checked_idx + hc->contentlength + 10); ++ } + + fdwatch_del_fd( hc->conn_fd ); + fdwatch_add_fd( hc->conn_fd, c, FDW_READ ); @@ -1312,7 +1401,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c httpd_conn* hc = c->hc; /* Is there room in our buffer to read more bytes? */ -@@ -1311,7 +1382,7 @@ +@@ -1311,7 +1414,7 @@ if ( hc->read_size > 5000 ) { httpd_send_err( hc, 400, httpd_err400title, "", httpd_err400form, "" ); @@ -1321,7 +1410,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c return; } httpd_realloc_str( -@@ -1327,14 +1398,53 @@ +@@ -1327,14 +1430,53 @@ ** EWOULDBLOCK; however, this apparently can happen if a packet gets ** garbled. */ @@ -1380,7 +1469,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c /* Do we have a complete request yet? */ switch ( httpd_got_request( hc ) ) { -@@ -1342,14 +1452,14 @@ +@@ -1342,14 +1484,14 @@ return; case GR_BAD_REQUEST: httpd_send_err( hc, 400, httpd_err400title, "", httpd_err400form, "" ); @@ -1397,7 +1486,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c return; } -@@ -1358,18 +1468,28 @@ +@@ -1358,18 +1500,28 @@ { httpd_send_err( hc, 503, httpd_err503title, "", httpd_err503form, hc->encodedurl ); @@ -1428,7 +1517,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c /* Fill in bytes_to_send. */ if ( hc->got_range ) { -@@ -1384,37 +1504,25 @@ +@@ -1384,37 +1536,25 @@ { /* No file address means someone else is handling it. */ c->bytes_sent = hc->bytes_sent; @@ -1474,7 +1563,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c static void handle_send( connecttab* c, struct timeval* tvP ) { -@@ -1443,6 +1551,9 @@ +@@ -1443,6 +1583,9 @@ iv[1].iov_base = &(hc->file_address[c->bytes_sent]); iv[1].iov_len = MIN( c->bytes_to_send - c->bytes_sent, c->limit ); sz = writev( hc->conn_fd, iv, 2 ); @@ -1484,7 +1573,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c } if ( sz == 0 || -@@ -1486,12 +1597,12 @@ +@@ -1486,12 +1629,12 @@ */ if ( errno != EPIPE && errno != EINVAL && errno != ECONNRESET ) syslog( LOG_ERR, "write - %m sending %.80s", hc->encodedurl ); @@ -1499,7 +1588,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c /* Was this a headers + file writev()? */ if ( hc->responselen > 0 ) { -@@ -1500,7 +1611,7 @@ +@@ -1500,7 +1643,7 @@ { /* Yes; move the unwritten part to the front of the buffer. */ int newlen = hc->responselen - sz; @@ -1508,7 +1597,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c hc->responselen = newlen; sz = 0; } -@@ -1519,7 +1630,7 @@ +@@ -1519,7 +1662,7 @@ if ( c->bytes_sent >= c->bytes_to_send ) { /* This conection is finished! */ @@ -1517,7 +1606,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c return; } -@@ -1560,6 +1671,9 @@ +@@ -1560,6 +1703,9 @@ char buf[1024]; int r; @@ -1527,7 +1616,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c /* In lingering-close mode we just read and ignore bytes. An error ** or EOF ends things, otherwise we go until a timeout. */ -@@ -1569,6 +1683,61 @@ +@@ -1569,6 +1715,61 @@ } @@ -1589,7 +1678,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c static int check_throttles( connecttab* c ) { -@@ -1635,23 +1804,18 @@ +@@ -1635,23 +1836,18 @@ static void @@ -1619,7 +1708,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c if ( c->wakeup_timer != (Timer*) 0 ) { tmr_cancel( c->wakeup_timer ); -@@ -1669,13 +1833,36 @@ +@@ -1669,13 +1865,36 @@ ** circumstances that make a lingering close necessary. If the flag ** isn't set we do the real close now. */ @@ -1658,7 +1747,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c client_data.p = c; c->linger_timer = tmr_create( tvP, linger_clear_connection, client_data, LINGER_TIME * 1000L, 0 ); -@@ -1684,9 +1871,19 @@ +@@ -1684,9 +1903,19 @@ syslog( LOG_CRIT, "tmr_create(linger_clear_connection) failed" ); exit( 1 ); } @@ -1679,7 +1768,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c } -@@ -1702,45 +1899,12 @@ +@@ -1702,45 +1931,12 @@ tmr_cancel( c->linger_timer ); c->linger_timer = 0; } @@ -1726,7 +1815,7 @@ diff -ur thttpd-2.21b/thttpd.c thttpd-2.21b-cool/thttpd.c static void wakeup_connection( ClientData client_data, struct timeval* nowP ) -@@ -1826,3 +1990,41 @@ +@@ -1826,3 +2022,41 @@ stats_connections = stats_bytes = 0L; stats_simultaneous = 0; }