anyone? On Fri, Nov 30, 2018 at 10:16:45AM +0100, Florian Obser wrote: > On Fri, Oct 26, 2018 at 03:08:11PM -0600, Tracey Emery wrote: > > On Mon, Jul 30, 2018 at 10:24:03AM -0600, Base Pr1me wrote: > > > Sorry, this time with the correct diff. > > > > > > On 7/25/18 4:15 PM, Base Pr1me wrote: > > > > Hi, > > > > > > > > I discovered that the wrong server configuration is evaluated in the > > > > server_read_http function. Only the first server in httpd.conf is > > > > checked. For > > > > example, I have five servers setup in httpd.conf and the third server > > > > is the > > > > only one with connection { max request body ####} set, because I desire > > > > it to > > > > accept larger uploads than the other servers. When the upload is > > > > initiated, > > > > server one dictates the max request body size, globally. > > > > > > > > The attached diff moves the queue loop out of the server_response > > > > function in to > > > > its own function, as to not duplicate code. > > > > > > > > I don't know if this is the only place the wrong information is > > > > evaluated. Also, > > > > I'm not sure this is the best method to fix the problem, but it should > > > > point the > > > > powers that be in the right direction. > > > > > > > > Thanks, > > > > > > > > Tracey > > > > > > > > > > > Hello, > > > > I reworked the last sent diff. I missed fixing up the hostname. This was > > causing > > an incorrect 301 on urls not containing an ending slash. I also moved the > > srv_conf assignment into the new function. > > > > Again, this is to use the correct server config information from the queue > > for > > server_read_http and remove code duplication. > > > > If anyone is willing to look at this and make suggestions, that'd be great. > > If > > not, that'd be great too! LOL. Have a great weekend. > > > > Thanks, > > Tracey > > (moving back from bugs@) > > Sorry for slacking of on this for so long and thanks for prodding > patiently :) > > The issue is that in server_read_http we haven't found the correct > virtual server & location yet. > clt->clt_srv_conf contains the server_config struct for the listening IP. > > But there is no need to check maxrequestbody just yet, we can do it in > server_response() where we do know the virtual host. > > Tracey, can you please test this, it should solve your problem. > > OK? > > diff --git server_http.c server_http.c > index e05cec56dfc..52698a66b2e 100644 > --- server_http.c > +++ server_http.c > @@ -198,7 +198,6 @@ void > server_read_http(struct bufferevent *bev, void *arg) > { > struct client *clt = arg; > - struct server_config *srv_conf = clt->clt_srv_conf; > struct http_descriptor *desc = clt->clt_descreq; > struct evbuffer *src = EVBUFFER_INPUT(bev); > char *line = NULL, *key, *value; > @@ -357,11 +356,6 @@ server_read_http(struct bufferevent *bev, void *arg) > server_abort_http(clt, 500, errstr); > goto abort; > } > - if ((size_t)clt->clt_toread > > - srv_conf->maxrequestbody) { > - server_abort_http(clt, 413, NULL); > - goto abort; > - } > } > > if (strcasecmp("Transfer-Encoding", key) == 0 && > @@ -1334,6 +1328,12 @@ server_response(struct httpd *httpd, struct client > *clt) > srv_conf = server_getlocation(clt, desc->http_path); > } > > + if (clt->clt_toread > 0 && (size_t)clt->clt_toread > > + srv_conf->maxrequestbody) { > + server_abort_http(clt, 413, NULL); > + return (-1); > + } > + > if (srv_conf->flags & SRVFLAG_BLOCK) { > server_abort_http(clt, srv_conf->return_code, > srv_conf->return_uri); > > > > -- > I'm not entirely sure you are real. >
-- I'm not entirely sure you are real.