lighty.c.md("algo", "data")
lighty.c.hmac("algo", "secret", "data")
"algo" can be one of: "md5", "sha1", "sha256", "sha512"
(as long as lighttpd compiled w/ crypto lib supporting those algorithms)
lighty.c.digest_eq("digest1", "digest2")
- performs a timing-safe, case-insensitive comparison of two hex digests
- "digest1" and "digest2" are hex strings (of binary digests)
- returns boolean true or false
lighty.c.secret_eq("data1", "data2")
- performs a timing-safe comparison of two strings
(and attempts to hides differences in string lengths)
- "data1" and "data2" are strings
- returns boolean true or false
lighty.c.time()
- cached time(); seconds since 1 Jan 1970 00:00:00 GMT
(faster than os.time())
lighty.c.rand()
- generate pseudo-random number
Note: the "lighty.c.*" namespace is EXPERIMENTAL / UNSTABLE
In the future, these may be removed, altered, or moved to a different
namespace.
merge connection_list_append() into connection_fdwaitqueue_append()
(not converted to singly-linked-list since fdwaitqueue is not expected
to be used during normal operation (except extreme overload condition),
so use allocated list of pointers (allocated when needed) instead of
adding ptr member to (every) allocated struct connection)
remove connections-glue.c
remove inclusion of connections.h by non-base files
(mod_auth_api.c would be part of mod_auth.c
and mod_vhostdb_api.c would be part of mod_vhostdb.c
if not for MacOS)
MacOS modules can link against .dylib, but not against other modules
MacOS link with -module produces a .so, which lighttpd uses
MacOS link without -module procudes a .dylib,
but name *must* have prefix "lib...",
which lighttpd "mod_*" do not have.
Other lighttpd build configs (CMake, SCONS, meson) might not work
on MacOS. Patches (which do not make a huge mess of things) welcome.
link http_auth.c into mod_auth
link http_vhostdb.c into mod_vhostdb
ensure that mod_auth loads before mod_authn_*
ensure that mod_vhostdb loads before mod_vhostdb_*
move native data_* types into array.c
(the types are already declared in array.h)
The array data structure remains extendable, as is done with data_config
(configfile) and data_auth (mod_auth), though array data structure
primary uses are at startup (config time) and header parsing. The
insertion logic into sorted list can be expensive for large lists,
so header parsing might choose a different data structure in the future.
use keyvalue.[ch] for basic matching
consolidate PCRE logic and leverage PCRE study in keyvalue.[ch]
remove direct link to -lpcre from modules using keyvalue.[ch]
sys-time.h - localtime_r,gmtime_r macros if needed
provide rudimentary localtime_r() and gmtime_r() if not present
(wraps localtime() and gmtime() funtions, but are not thread-safe since
they do not take a lock around access to localtime() and gmtime())
(import from one of my development branches from 2015)
LiteSpeed ls-hpack v2.2.1
XXX: might be better to include this as a git submodule
but minor code changes were made here for portability:
- C99 flexible array members defined as a[] instead of a[0])
- pedantic compiler warnings (excess ';' and missing declarations)
- deletion of large tables from ls-hpack/huff-tables.h (code size)
(subsequently incrementally updated using git rebase)
huge props and many thank yous to writers of testing tools used while
developing HTTP/2 support in lighttpd:
h2spec - conformance testing tool for HTTP/2 implementation
https://github.com/summerwind/h2spec
h2load - HTTP/2 benchmarking tool
https://nghttp2.org/documentation/h2load-howto.html
curl - command line tool and library for transferring data with URLs
https://curl.haxx.se/
(experimental)
mod_gnutls supports most ssl.* config options supported by mod_openssl
x-ref:
"GnuTLS support for the mod_ssl"
https://redmine.lighttpd.net/issues/109
(experimental)
mod_mbedtls supports most ssl.* config options supported by mod_openssl
thx Ward Willats for the initial discussion and attempt in the comments
https://redmine.lighttpd.net/boards/3/topics/7029
