Deep Exploration of PHP underlying layer (4)-Analysis of Apache runtime phase Wang zebin

2. Operation Phase

2.1 running stage Overview

In the running stage, Apache mainly processes users' service requests.

At this stage, Apache abandons the privileged user level and uses common permissions. This is mainly based on security considerations to prevent security vulnerabilities caused by code defects. Microsoft's IIS has been attacked by "Code Red" and "Nimda" and other malicious code overflow attacks.

 

 2.2 running process
Apache divides the request processing cycle into 11 stages: Post-read-request, Uri translation, header parsing, access control, authentication, authorization, MIME type checking, fixup, response, logging and cleanup.

 

 

Apache hook Mechanism

Apache's hook mechanism refers to the following: Apache allows modules (including internal modules and external modules, such as mod_php5.so and mod_perl.so) to inject custom functions into the request processing loop. In other words, the module can hook its own processing functions at any stage of Apache processing to participate in the Apache request processing process.

Mod_php5.so/php5apache2. dll is used to inject the contained user-defined functions into Apache through the hook mechanism. It processes PHP requests at various stages of the Apache processing process.

 

Hook mechanisms are also frequently used in Windows System Development. In Windows development, there are both system-level hooks and application-level hooks. Most of the screen-taking functions of common translation software (such as Kingsoft Mac) are completed by installing the system-level hook function, replacing the screen-output rendering function in gdi32.dll with the custom function.

 

Detailed explanation of Apache request processing cycle
What have been done in the 11 phases of Apache request processing cycle?

1. Post-read-request stage

In the normal request processing process, this is the first stage in which the module can insert hooks. This phase can be used by modules that want to process requests very early.

2. Uri translation stage
Apache's main work in this phase: map the request URL to the local file system. The module can insert hooks at this stage to execute its own ing logic. Mod_alias uses this phase of work.

3. Header Parsing stage
In this phase, Apache checks the request header. This hook is rarely used because the module can execute the task of checking the request header at any point in the request processing process. Mod_setenvif uses this phase of work.

 

4. Access control stage
Apache's main work in this phase: Check whether the requested resources are allowed to be accessed Based on the configuration file. Apache's Standard logic allows and denies commands. Mod_authz_host is used in this phase.

5. authentication stage
Apache's main work in this phase: authenticate users according to the policies set in the configuration file, and set the user name area. The module can insert hooks at this stage to implement an authentication method.

 

6. Authorization stage
Apache's main work in this phase: checks whether Authenticated Users are allowed to perform request operations based on the configuration file. The module can insert hooks at this stage to implement a user permission management method.

7. MIME type checking stage
Apache's main work in this phase: determine the content processing functions to be used based on the rules related to the MIME type of the requested resource. The standard modules mod_negotiation and mod_mime implement this hook.

8. fixup stage
This is a common stage that allows a module to run any necessary processing flow before the content generator. Similar to post_read_request, This Is A hook that can capture any information and is also the most commonly used hook.

9. response stage
Apache's main work in this phase: generate the content returned from the client and send an appropriate response to the client. This stage is the core part of the entire processing process.

10. Logging stage
Apache's main work in this phase: record transactions after replying to a client. The module may modify or replace Apache standard logging.

 

11. Cleanup stage
The main work of Apache in this phase: clean up the environment left after the transaction processing of this request is completed, such as processing files, directories, or closing socket, etc, this is the last stage of Apache request processing.

 

 

For how to inject modules into Apache, see the server/CORE. c file in the source code:

 

Mod_php5.so/php5apache2. dll is injected into Apache functions. The most important thing is the processing functions in the response stage.

Iii. Analysis of PHP processor injection into Apache