Bug #1601

Requestion subdomain with $HTTP["scheme"] and url.redirect with %0 kills server

Added by Anonymous about 6 years ago. Updated about 5 years ago.

Status:FixedStart date:
Priority:HighDue date:
Assignee:-% Done:

0%

Category:core
Target version:-
Missing in 1.5.x:

Description

I'm using this term to create a systemwide subdomain which should only be accessed with https. non-https requests are getting identified by $HTTP["scheme"] and then redirected to https://%0:444 (I'm using 444 as secure port).
If i now make a request to the site (browser or curl doesn't matter, curl output: (52) Empty reply from server) i will get a blank site and the lighttpd process gets killed. (php5-cgi is still running)


$HTTP["host"] =~ "^webmail\.(.*)$" {
$HTTP["scheme"] == "http" {
url.redirect = ( "^/(.*)" => "https://%0:444" )
}
server.document-root = "/usr/share/squirrelmail/" 
}

strace/backtrace is available.
this bug is also reproducable (atleast for me).

-- fat-soeren

lighttpd.backtrace - backtrace of the bug -- fat-soeren (33.8 KB) Anonymous, 2008-03-18 00:42

lighttpd.strace - strace of the bug -- fat-soeren (75.7 KB) Anonymous, 2008-03-18 00:42

Associated revisions

Revision 2476
Added by stbuehler about 5 years ago

merge: Fix segfault for appending matched parts if there was no regex matching (just give empty strings) (#1601)

History

#1 Updated by stbuehler about 6 years ago

You can use %n only in a =~ conditional block; so you could say it is a config error (you now at least know that it won't work how you want it to).

To fix the segfault, the following patch should do it. (%0 will be replaced with an empty string then):


diff --git a/src/configfile-glue.c b/src/configfile-glue.c
index 66a596e..65afd01 100644
--- a/src/configfile-glue.c
+++ b/src/configfile-glue.c
@@ -529,7 +529,7 @@ int config_check_cond(server *srv, connection *con, data_config *dc) {
 int config_append_cond_match_buffer(connection *con, data_config *dc, buffer *buf, int n)
 {
     cond_cache_t *cache = &con->cond_cache[dc->context_ndx];
-    if (n > cache->patterncount) {
+    if (n >= cache->patterncount) {
         return 0;
     }

But i think somehow an error should printed to the server log in such cases.

#2 Updated by Anonymous about 6 years ago

Replying to stbuehler:

You can use %n only in a =~ conditional block; so you could say it is a config error (you now at least know that it won't work how you want it to).

so it is not possible to use $HTTP["scheme"] together with url.redirect? that sucks :|

-- fat-soeren

#3 Updated by stbuehler about 6 years ago

Replying to :

Replying to stbuehler:

You can use %n only in a =~ conditional block; so you could say it is a config error (you now at least know that it won't work how you want it to).

so it is not possible to use $HTTP["scheme"] together with url.redirect? that sucks :|

I did not say that... just use $HTTP["scheme"] =~ ".*" and you can use %0 (I don't see why you would want to use %0 after an equality test - you already know what it is)

But you cannot access the matched patterns of an outer conditional, that is right.

#4 Updated by stbuehler about 6 years ago

  • Status changed from New to Fixed
  • Resolution set to fixed

Fixed segfault in r2138

#5 Updated by stbuehler about 5 years ago

  • Patch available set to No

Also available in: Atom