Add gzip-static option to httpd. This allows to deliver precompressed

files with content-encoding gzip.
from prx at si3t dot ch; OK tracey@

4 files changed, 55 insertions, 8 deletions

diff --git a/usr.sbin/httpd/httpd.conf.5 b/usr.sbin/httpd/httpd.conf.5
index 3c6a1b7d583..7f273826335 100644
--- a/usr.sbin/httpd/httpd.conf.5
+++ b/usr.sbin/httpd/httpd.conf.5
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: httpd.conf.5,v 1.119 2021/10/24 16:01:04 ian Exp $
+.\"	$OpenBSD: httpd.conf.5,v 1.120 2022/02/27 20:30:30 bluhm Exp $
 .\"
 .\" Copyright (c) 2014, 2015 Reyk Floeter <reyk@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: October 24 2021 $
+.Dd $Mdocdate: February 27 2022 $
 .Dt HTTPD.CONF 5
 .Os
 .Sh NAME
@@ -425,6 +425,12 @@ A variable that is set to a comma separated list of TLS client verification
 features in use
 .Pq omitted when TLS client verification is not in use .
 .El
+.It Ic gzip-static
+Enable static gzip compression to save bandwith.
+.Pp
+If gzip encoding is accepted and if the requested file exists with
+an additional .gz suffix, use the compressed file instead and deliver
+it with content encoding gzip.
 .It Ic hsts Oo Ar option Oc
 Enable HTTP Strict Transport Security.
 Valid options are:
diff --git a/usr.sbin/httpd/httpd.h b/usr.sbin/httpd/httpd.h
index 6be274ccb7c..692c5611bb5 100644
--- a/usr.sbin/httpd/httpd.h
+++ b/usr.sbin/httpd/httpd.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: httpd.h,v 1.158 2021/10/24 16:01:04 ian Exp $	*/
+/*	$OpenBSD: httpd.h,v 1.159 2022/02/27 20:30:30 bluhm Exp $	*/
 
 /*
  * Copyright (c) 2006 - 2015 Reyk Floeter <reyk@openbsd.org>
@@ -396,6 +396,7 @@ SPLAY_HEAD(client_tree, client);
 #define SRVFLAG_DEFAULT_TYPE	0x00800000
 #define SRVFLAG_PATH_REWRITE	0x01000000
 #define SRVFLAG_NO_PATH_REWRITE	0x02000000
+#define SRVFLAG_GZIP_STATIC	0x04000000
 #define SRVFLAG_LOCATION_FOUND	0x40000000
 #define SRVFLAG_LOCATION_NOT_FOUND 0x80000000
 
diff --git a/usr.sbin/httpd/parse.y b/usr.sbin/httpd/parse.y
index f2cf4b6c88c..302a4e63ed6 100644
--- a/usr.sbin/httpd/parse.y
+++ b/usr.sbin/httpd/parse.y
@@ -1,4 +1,4 @@
-/*	$OpenBSD: parse.y,v 1.127 2021/10/24 16:01:04 ian Exp $	*/
+/*	$OpenBSD: parse.y,v 1.128 2022/02/27 20:30:30 bluhm Exp $	*/
 
 /*
  * Copyright (c) 2020 Matthias Pressfreund <mpfr@fn.de>
@@ -141,7 +141,7 @@ typedef struct {
 %token	TIMEOUT TLS TYPE TYPES HSTS MAXAGE SUBDOMAINS DEFAULT PRELOAD REQUEST
 %token	ERROR INCLUDE AUTHENTICATE WITH BLOCK DROP RETURN PASS REWRITE
 %token	CA CLIENT CRL OPTIONAL PARAM FORWARDED FOUND NOT
-%token	ERRDOCS
+%token	ERRDOCS GZIPSTATIC
 %token	<v.string>	STRING
 %token  <v.number>	NUMBER
 %type	<v.port>	port
@@ -553,6 +553,7 @@ serveroptsl	: LISTEN ON STRING opttls port	{
 		| logformat
 		| fastcgi
 		| authenticate
+		| gzip_static
 		| filter
 		| LOCATION optfound optmatch STRING	{
 			struct server		*s;
@@ -1217,6 +1218,14 @@ fcgiport	: NUMBER		{
 		}
 		;
 
+gzip_static	: NO GZIPSTATIC		{
+			srv->srv_conf.flags &= ~SRVFLAG_GZIP_STATIC;
+		}
+		| GZIPSTATIC		{
+			srv->srv_conf.flags |= SRVFLAG_GZIP_STATIC;
+		}
+		;
+
 tcpip		: TCP '{' optnl tcpflags_l '}'
 		| TCP tcpflags
 		;
@@ -1441,6 +1450,7 @@ lookup(char *s)
 		{ "fastcgi",		FCGI },
 		{ "forwarded",		FORWARDED },
 		{ "found",		FOUND },
+		{ "gzip-static",	GZIPSTATIC },
 		{ "hsts",		HSTS },
 		{ "include",		INCLUDE },
 		{ "index",		INDEX },
diff --git a/usr.sbin/httpd/server_file.c b/usr.sbin/httpd/server_file.c
index 8e977b988fb..f86d3bb3b35 100644
--- a/usr.sbin/httpd/server_file.c
+++ b/usr.sbin/httpd/server_file.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: server_file.c,v 1.70 2021/04/29 18:23:07 dv Exp $	*/
+/*	$OpenBSD: server_file.c,v 1.71 2022/02/27 20:30:30 bluhm Exp $	*/
 
 /*
  * Copyright (c) 2006 - 2017 Reyk Floeter <reyk@openbsd.org>
@@ -223,26 +223,56 @@ server_file_request(struct httpd *env, struct client *clt, char *path,
 	const char		*errstr = NULL;
 	int			 fd = -1, ret, code = 500;
 	size_t			 bufsiz;
+	struct stat		 gzst;
+	char			 gzpath[PATH_MAX];
 
 	if ((ret = server_file_method(clt)) != 0) {
 		code = ret;
 		goto abort;
 	}
 
+	media = media_find_config(env, srv_conf, path);
+
 	if ((ret = server_file_modified_since(clt->clt_descreq, st)) != -1) {
 		/* send the header without a body */
-		media = media_find_config(env, srv_conf, path);
 		if ((ret = server_response_http(clt, ret, media, -1,
 		    MINIMUM(time(NULL), st->st_mtim.tv_sec))) == -1)
 			goto fail;
 		goto done;
 	}
 
+	/* change path to path.gz if necessary. */
+	if (srv_conf->flags & SRVFLAG_GZIP_STATIC) {
+		struct http_descriptor	*req = clt->clt_descreq;
+		struct http_descriptor	*resp = clt->clt_descresp;
+		struct kv		*r, key;
+
+		/* check Accept-Encoding header */
+		key.kv_key = "Accept-Encoding";
+		r = kv_find(&req->http_headers, &key);
+
+		if (r != NULL && strstr(r->kv_value, "gzip") != NULL) {
+			/* append ".gz" to path and check existence */
+			if (strlcpy(gzpath, path, sizeof(gzpath)) >=
+			    sizeof(gzpath) ||
+			    strlcat(gzpath, ".gz", sizeof(gzpath)) >=
+			    sizeof(gzpath))
+				goto abort;
+
+			if ((access(gzpath, R_OK) == 0) &&
+			    (stat(gzpath, &gzst) == 0)) {
+				path = gzpath;
+				st = &gzst;
+				kv_add(&resp->http_headers,
+				    "Content-Encoding", "gzip");
+			}
+		}
+	}
+
 	/* Now open the file, should be readable or we have another problem */
 	if ((fd = open(path, O_RDONLY)) == -1)
 		goto abort;
 
-	media = media_find_config(env, srv_conf, path);
 	ret = server_response_http(clt, 200, media, st->st_size,
 	    MINIMUM(time(NULL), st->st_mtim.tv_sec));
 	switch (ret) {