Insert many con->mode checks; they should prevent two modules to handle the same request if they shouldn't (#631)

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2271 152afb58-edef-0310-8abb-c4023f1b3aa9

21 files changed, 41 insertions, 9 deletions

diff --git a/NEWS b/NEWS
index db3189f2..93539101 100644
--- a/NEWS
+++ b/NEWS
@@ -44,6 +44,7 @@ NEWS
   * fixed round-robin balancing in mod_proxy (#1715)
   * fixed EINTR handling for waitpid in mod_fastcgi
   * mod_{fast,s}cgi: overwrite environment variables (#1722)
+  * inserted many con->mode checks; they should prevent two modules to handle the same request if they shouldn't (#631)
 
 - 1.4.19 - 2008-03-10
 
diff --git a/src/http-header-glue.c b/src/http-header-glue.c
index 312e9a1a..1c8205fd 100644
--- a/src/http-header-glue.c
+++ b/src/http-header-glue.c
@@ -272,6 +272,7 @@ int http_response_handle_cachable(server *srv, connection *con, buffer *mtime) {
 									con->request.http_if_modified_since, used_len, sizeof(buf) - 1);
 
 							con->http_status = 412;
+							con->mode = DIRECT;
 							return HANDLER_FINISHED;
 						}
 
@@ -281,6 +282,7 @@ int http_response_handle_cachable(server *srv, connection *con, buffer *mtime) {
 
 						if (NULL == strptime(buf, "%a, %d %b %Y %H:%M:%S GMT", &tm)) {
 							con->http_status = 412;
+							con->mode = DIRECT;
 							return HANDLER_FINISHED;
 						}
 						t_header = mktime(&tm);
@@ -299,6 +301,7 @@ int http_response_handle_cachable(server *srv, connection *con, buffer *mtime) {
 				}
 			} else {
 				con->http_status = 412;
+				con->mode = DIRECT;
 				return HANDLER_FINISHED;
 			}
 		}
diff --git a/src/mod_access.c b/src/mod_access.c
index f100c804..67b68026 100644
--- a/src/mod_access.c
+++ b/src/mod_access.c
@@ -159,6 +159,7 @@ URIHANDLER_FUNC(mod_access_uri_handler) {
 
 		if (denied) {
 			con->http_status = 403;
+			con->mode = DIRECT;
 
 			if (con->conf.log_request_handling) {
 	 			log_error_write(srv, __FILE__, __LINE__, "sb", 
diff --git a/src/mod_auth.c b/src/mod_auth.c
index 8411585f..3992fdf6 100644
--- a/src/mod_auth.c
+++ b/src/mod_auth.c
@@ -248,6 +248,7 @@ static handler_t mod_auth_uri_handler(server *srv, connection *con, void *p_d) {
 				if (0 == strcmp(method->value->ptr, "digest")) {
 					if (-1 == (auth_satisfied = http_auth_digest_check(srv, con, p, req, con->uri.path, auth_realm+1))) {
 						con->http_status = 400;
+						con->mode = DIRECT;
 
 						/* a field was missing */
 
@@ -268,6 +269,7 @@ static handler_t mod_auth_uri_handler(server *srv, connection *con, void *p_d) {
 		realm = (data_string *)array_get_element(req, "realm");
 
 		con->http_status = 401;
+		con->mode = DIRECT;
 
 		if (0 == strcmp(method->value->ptr, "basic")) {
 			buffer_copy_string_len(p->tmp_buf, CONST_STR_LEN("Basic realm=\""));
diff --git a/src/mod_cgi.c b/src/mod_cgi.c
index 116972d5..a92aac81 100644
--- a/src/mod_cgi.c
+++ b/src/mod_cgi.c
@@ -1180,6 +1180,8 @@ URIHANDLER_FUNC(cgi_is_handled) {
 	plugin_data *p = p_d;
 	buffer *fn = con->physical.path;
 
+	if (con->mode != DIRECT) return HANDLER_GO_ON;
+
 	if (fn->used == 0) return HANDLER_GO_ON;
 
 	mod_cgi_patch_connection(srv, con, p);
@@ -1195,6 +1197,7 @@ URIHANDLER_FUNC(cgi_is_handled) {
 
 		if (0 == strncmp(fn->ptr + s_len - ct_len, ds->key->ptr, ct_len)) {
 			if (cgi_create_env(srv, con, p, ds->value)) {
+				con->mode = DIRECT;
 				con->http_status = 500;
 
 				buffer_reset(con->physical.path);
diff --git a/src/mod_dirlisting.c b/src/mod_dirlisting.c
index 8fe768f0..511003ff 100644
--- a/src/mod_dirlisting.c
+++ b/src/mod_dirlisting.c
@@ -869,6 +869,8 @@ URIHANDLER_FUNC(mod_dirlisting_subrequest) {
 		return HANDLER_GO_ON;
 	}
 
+	if (con->mode != DIRECT) return HANDLER_GO_ON;
+
 	if (con->physical.path->used == 0) return HANDLER_GO_ON;
 	if (con->uri.path->used == 0) return HANDLER_GO_ON;
 	if (con->uri.path->ptr[con->uri.path->used - 2] != '/') return HANDLER_GO_ON;
diff --git a/src/mod_evasive.c b/src/mod_evasive.c
index e415f88c..b247f0af 100644
--- a/src/mod_evasive.c
+++ b/src/mod_evasive.c
@@ -177,6 +177,7 @@ URIHANDLER_FUNC(mod_evasive_uri_handler) {
 				"turned away. Too many connections.");
 
 			con->http_status = 403;
+			con->mode = DIRECT;
 			return HANDLER_FINISHED;
 		}
 	}
diff --git a/src/mod_fastcgi.c b/src/mod_fastcgi.c
index 22940c09..77212b96 100644
--- a/src/mod_fastcgi.c
+++ b/src/mod_fastcgi.c
@@ -3464,6 +3464,8 @@ static handler_t fcgi_check_extension(server *srv, connection *con, void *p_d, i
 	fcgi_extension *extension = NULL;
 	fcgi_extension_host *host = NULL;
 
+	if (con->mode != DIRECT) return HANDLER_GO_ON;
+
 	/* Possibly, we processed already this request */
 	if (con->file_started == 1) return HANDLER_GO_ON;
 
diff --git a/src/mod_flv_streaming.c b/src/mod_flv_streaming.c
index 238dc9aa..c0b1dd64 100644
--- a/src/mod_flv_streaming.c
+++ b/src/mod_flv_streaming.c
@@ -193,6 +193,8 @@ URIHANDLER_FUNC(mod_flv_streaming_path_handler) {
 
 	UNUSED(srv);
 
+	if (con->mode != DIRECT) return HANDLER_GO_ON;
+
 	if (buffer_is_empty(con->physical.path)) return HANDLER_GO_ON;
 
 	mod_flv_streaming_patch_connection(srv, con, p);
diff --git a/src/mod_indexfile.c b/src/mod_indexfile.c
index d167424a..36b9e452 100644
--- a/src/mod_indexfile.c
+++ b/src/mod_indexfile.c
@@ -140,6 +140,8 @@ URIHANDLER_FUNC(mod_indexfile_subrequest) {
 	size_t k;
 	stat_cache_entry *sce = NULL;
 
+	if (con->mode != DIRECT) return HANDLER_GO_ON;
+
 	if (con->uri.path->used == 0) return HANDLER_GO_ON;
 	if (con->uri.path->ptr[con->uri.path->used - 2] != '/') return HANDLER_GO_ON;
 
diff --git a/src/mod_magnet.c b/src/mod_magnet.c
index 2c2e1a9e..02bcaedb 100644
--- a/src/mod_magnet.c
+++ b/src/mod_magnet.c
@@ -653,6 +653,7 @@ static handler_t magnet_attract(server *srv, connection *con, plugin_data *p, bu
 		assert(lua_gettop(L) == 0); /* only the function should be on the stack */
 
 		con->http_status = 500;
+		con->mode = DIRECT;
 
 		return HANDLER_FINISHED;
 	}
@@ -750,6 +751,7 @@ static handler_t magnet_attract(server *srv, connection *con, plugin_data *p, bu
 		assert(lua_gettop(L) == 1); /* only the function should be on the stack */
 
 		con->http_status = 500;
+		con->mode = DIRECT;
 
 		return HANDLER_FINISHED;
 	}
@@ -778,6 +780,7 @@ static handler_t magnet_attract(server *srv, connection *con, plugin_data *p, bu
 		} else {
 			/* } catch () { */
 			con->http_status = 500;
+			con->mode = DIRECT;
 		}
 
 		assert(lua_gettop(L) == 1); /* only the function should be on the stack */
diff --git a/src/mod_mysql_vhost.c b/src/mod_mysql_vhost.c
index fe2b67fe..a92ff4f3 100644
--- a/src/mod_mysql_vhost.c
+++ b/src/mod_mysql_vhost.c
@@ -410,6 +410,7 @@ GO_ON:	buffer_copy_string_buffer(con->server_name, c->server_name);
 
 ERR500:	if (result) mysql_free_result(result);
 	con->http_status = 500; /* Internal Error */
+	con->mode = DIRECT;
 	return HANDLER_FINISHED;
 }
 
diff --git a/src/mod_proxy.c b/src/mod_proxy.c
index e0f452a0..832306fe 100644
--- a/src/mod_proxy.c
+++ b/src/mod_proxy.c
@@ -1060,6 +1060,8 @@ static handler_t mod_proxy_check_extension(server *srv, connection *con, void *p
 	data_array *extension = NULL;
 	size_t path_info_offset;
 
+	if (con->mode != DIRECT) return HANDLER_GO_ON;
+
 	/* Possibly, we processed already this request */
 	if (con->file_started == 1) return HANDLER_GO_ON;
 
diff --git a/src/mod_redirect.c b/src/mod_redirect.c
index bc058579..d5f78640 100644
--- a/src/mod_redirect.c
+++ b/src/mod_redirect.c
@@ -253,6 +253,7 @@ static handler_t mod_redirect_uri_handler(server *srv, connection *con, void *p_
 			response_header_insert(srv, con, CONST_STR_LEN("Location"), CONST_BUF_LEN(p->location));
 
 			con->http_status = 301;
+			con->mode = DIRECT;
 			con->file_finished = 1;
 
 			return HANDLER_FINISHED;
diff --git a/src/mod_scgi.c b/src/mod_scgi.c
index e6f17541..06342056 100644
--- a/src/mod_scgi.c
+++ b/src/mod_scgi.c
@@ -1187,11 +1187,6 @@ void scgi_connection_cleanup(server *srv, handler_ctx *hctx) {
 	p    = hctx->plugin_data;
 	con  = hctx->remote_conn;
 
-	if (con->mode != p->id) {
-		WP();
-		return;
-	}
-
 	if (hctx->fd != -1) {
 		fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
 		fdevent_unregister(srv->ev, hctx->fd);
@@ -2469,15 +2464,11 @@ static handler_t scgi_connection_close(server *srv, handler_ctx *hctx) {
 	p    = hctx->plugin_data;
 	con  = hctx->remote_conn;
 
-	if (con->mode != p->id) return HANDLER_GO_ON;
-
 	log_error_write(srv, __FILE__, __LINE__, "ssdsd",
 			"emergency exit: scgi:",
 			"connection-fd:", con->fd,
 			"fcgi-fd:", hctx->fd);
 
-
-
 	scgi_connection_cleanup(srv, hctx);
 
 	return HANDLER_FINISHED;
@@ -2704,6 +2695,8 @@ static handler_t scgi_check_extension(server *srv, connection *con, void *p_d, i
 	scgi_extension *extension = NULL;
 	scgi_extension_host *host = NULL;
 
+	if (con->mode != DIRECT) return HANDLER_GO_ON;
+
 	/* Possibly, we processed already this request */
 	if (con->file_started == 1) return HANDLER_GO_ON;
 
diff --git a/src/mod_secure_download.c b/src/mod_secure_download.c
index 6f3f36d3..0ff01020 100644
--- a/src/mod_secure_download.c
+++ b/src/mod_secure_download.c
@@ -204,6 +204,8 @@ URIHANDLER_FUNC(mod_secdownload_uri_handler) {
 	time_t ts = 0;
 	size_t i;
 
+	if (con->mode != DIRECT) return HANDLER_GO_ON;
+
 	if (con->uri.path->used == 0) return HANDLER_GO_ON;
 
 	mod_secdownload_patch_connection(srv, con, p);
diff --git a/src/mod_skeleton.c b/src/mod_skeleton.c
index 9cea92cc..0ce833f5 100644
--- a/src/mod_skeleton.c
+++ b/src/mod_skeleton.c
@@ -169,6 +169,8 @@ URIHANDLER_FUNC(mod_skeleton_uri_handler) {
 
 	UNUSED(srv);
 
+	if (con->mode != DIRECT) return HANDLER_GO_ON;
+
 	if (con->uri.path->used == 0) return HANDLER_GO_ON;
 
 	mod_skeleton_patch_connection(srv, con, p);
diff --git a/src/mod_ssi.c b/src/mod_ssi.c
index bd74225f..8323c8e8 100644
--- a/src/mod_ssi.c
+++ b/src/mod_ssi.c
@@ -1027,6 +1027,7 @@ static int mod_ssi_handle_request(server *srv, connection *con, plugin_data *p)
 
 	con->file_started  = 1;
 	con->file_finished = 1;
+	con->mode = p->id;
 
 	response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_STR_LEN("text/html"));
 
@@ -1094,6 +1095,8 @@ URIHANDLER_FUNC(mod_ssi_physical_path) {
 	plugin_data *p = p_d;
 	size_t k;
 
+	if (con->mode != DIRECT) return HANDLER_GO_ON;
+
 	if (con->physical.path->used == 0) return HANDLER_GO_ON;
 
 	mod_ssi_patch_connection(srv, con, p);
@@ -1109,6 +1112,7 @@ URIHANDLER_FUNC(mod_ssi_physical_path) {
 			if (mod_ssi_handle_request(srv, con, p)) {
 				/* on error */
 				con->http_status = 500;
+				con->mode = DIRECT;
 			}
 
 			return HANDLER_FINISHED;
diff --git a/src/mod_status.c b/src/mod_status.c
index 7cf5d1a4..3f8b1206 100644
--- a/src/mod_status.c
+++ b/src/mod_status.c
@@ -792,6 +792,8 @@ static int mod_status_patch_connection(server *srv, connection *con, plugin_data
 static handler_t mod_status_handler(server *srv, connection *con, void *p_d) {
 	plugin_data *p = p_d;
 
+	if (con->mode != DIRECT) return HANDLER_GO_ON;
+
 	mod_status_patch_connection(srv, con, p);
 
 	if (!buffer_is_empty(p->conf.status_url) &&
diff --git a/src/mod_trigger_b4_dl.c b/src/mod_trigger_b4_dl.c
index f5422c68..1e10d4cd 100644
--- a/src/mod_trigger_b4_dl.c
+++ b/src/mod_trigger_b4_dl.c
@@ -316,6 +316,8 @@ URIHANDLER_FUNC(mod_trigger_b4_dl_uri_handler) {
 # define N 10
 	int ovec[N * 3];
 
+	if (con->mode != DIRECT) return HANDLER_GO_ON;
+
 	if (con->uri.path->used == 0) return HANDLER_GO_ON;
 
 	mod_trigger_b4_dl_patch_connection(srv, con, p);
diff --git a/src/mod_uploadprogress.c b/src/mod_uploadprogress.c
index 0d13d29d..c377fe47 100644
--- a/src/mod_uploadprogress.c
+++ b/src/mod_uploadprogress.c
@@ -355,6 +355,7 @@ URIHANDLER_FUNC(mod_uploadprogress_uri_handler) {
 		con->file_finished = 1;
 
 		con->http_status = 200;
+		con->mode = DIRECT;
 
 		/* get the connection */
 		if (NULL == (post_con = connection_map_get_connection(p->con_map, b))) {