lighttpd1.4

lighttpd

lighttpd1.4

Author	SHA1	Message	Date
Glenn Strauss	f56800e86a	[stat_cache] no longer stat() and open() for stat do not open file in stat_cache_get_entry() no longer stat() followed by open() and close() just for stat() callers should open() file to validate readability (and then reuse fd)	4 years ago
Glenn Strauss	44156bbe81	[multiple] open target file earlier in some cases open target file earlier in some cases to validate readability	4 years ago
Glenn Strauss	470a692211	[core] http_chunk_append_file_fd()	4 years ago
Glenn Strauss	8f0adfe043	[core] emit trace using path before clearing path	4 years ago
Glenn Strauss	61e8d799f0	[scons] adjustment for static build under CentOS x-ref: "Trying to compile under CentOS 6.10" https://redmine.lighttpd.net/boards/2/topics/8572	4 years ago
Glenn Strauss	338c73fd28	[core] use high precision stat timestamp in etag use high precision stat timestamp (on systems where available) in etag	4 years ago
Glenn Strauss	311f258ab3	[mod_webdav] update stat_cache after file mod update stat_cache entries after file modifications (PUT) invalidate stat_cache entries after file movement (COPY MOVE DELETE)	4 years ago
Glenn Strauss	57470365a2	[stat_cache] interfaces to invalidate entries	4 years ago
Glenn Strauss	f89f9191f4	[stat_cache] FAM: funcs to invalidate entries	4 years ago
Glenn Strauss	c7eaa502ec	[stat_cache] FAM: ignore event with no valid match	4 years ago
Glenn Strauss	18faa0910c	[stat_cache] FAM: check hash collision before add skip monitoring new entry if there is a hash collision in stat_cache data structure associated with FAM	4 years ago
Glenn Strauss	8772e85cea	[stat_cache] FAM: ignore follow-symlink config no distinction needs to be made whether or not server.follow-symlink set	4 years ago
Glenn Strauss	1971da13db	[stat_cache] FAM: improve handling modified file	4 years ago
Glenn Strauss	38ce790657	[stat_cache] FAM: use entry hash index as userdata Upon receipt of FAM event, validate that entry exists in splaytree instead of blindly accessing memory through the pointer returned in userdata by FAM	4 years ago
Glenn Strauss	a3d171526a	[stat_cache] FAM: check FAMNextEvent() return code	4 years ago
Glenn Strauss	cc49703372	[stat_cache] FAM: reduce string copying	4 years ago
Glenn Strauss	a50b72c356	[stat_cache] remove splaytree ins/del debug code remove debug code around for splaytree_insert() and splaytree_delete() in stat_cache.c	4 years ago
Glenn Strauss	47d006ae47	[stat_cache] pass age param for stat cache cleanup	4 years ago
Glenn Strauss	baa5f04335	[stat_cache] store entries without trailing slash (no more duplication of dir entries with and without trailing slash)	4 years ago
Glenn Strauss	020a83c265	[stat_cache] separate symlink pol from data struct separate symlink polily from internal data structures no more dup entires in splaytree for allowing/disallowing symlinks hash name to provided len	4 years ago
Glenn Strauss	73bfee6308	[stat_cache] separate func for symlink policy chk Note: historical ToC-ToU race condition still exists in implementation server.follow-symlink = "disable" is not recommended (default: "enable")	4 years ago
Glenn Strauss	5ac92dca08	[mod_webdav] check If-None-Match (#1818 ) x-ref: "add RFC-compliant LOCK support to mod_webdav" https://redmine.lighttpd.net/issues/1818	4 years ago
Glenn Strauss	aacdd3da02	[mod_webdav] special-case If: (<DAV:no-lock>) (recognize <DAV:no-lock>, but supporting logic is limited)	4 years ago
Glenn Strauss	ab005809e1	[mod_webdav] disable elftc_copyfile() on FreeBSD disable elftc_copyfile() on FreeBSD until libelftc added to SCons static build	4 years ago
Glenn Strauss	278c42abc5	[mod_webdav] platform portability fixes	4 years ago
Glenn Strauss	d4b726bf24	[mod_webdav] provide ETag in more responses When file is already open, fstat() and provide ETag, e.g. in PUT requests and new LOCK requests (not LOCK refresh)	4 years ago
Glenn Strauss	d334ee5c2f	[mod_webdav] deprecated unsafe partial PUT compat RFC 7231 forbids partial PUT. However, historical versions of lighttpd mod_webdav did provide this (mis-)feature. Therefore, provide deprecated unsafe partial PUT support for compatibility with historical lighttpd mod_webdav (prior to mod_webdav rewrite), but require new config option to enable this compatible behavior: webdav.opts = ( "deprecated-unsafe-partial-put" => "enable" ) The partial PUT support implemented by historical lighttpd mod_webdav makes no effort to account for shrinkage or growth of range replaced. The request body is splat into the existing file at the offset provided which is quite unsafe and can cause corruption in data sent to concurrent download requests. Use of this (mis-)feature is discouraged, and support may be removed in the future, without any further notice.	4 years ago
Glenn Strauss	eee29b65e5	[mod_webdav] check If-Match, If-Unmodified-Since (#1818 ) x-ref: "add RFC-compliant LOCK support to mod_webdav" https://redmine.lighttpd.net/issues/1818	4 years ago
Glenn Strauss	3111e24b71	[mod_webdav] clean up resources after do{}while(0)	4 years ago
yangfl	4af0f97f14	[mod_webdav] fix misbehavior on blank nodes in PROPPATCH github: #97 x-ref: https://github.com/lighttpd/lighttpd1.4/pull/97	4 years ago
yangfl	6962fc2a5a	[mod_webdav] fix uuid detection macro github: #97 x-ref: https://github.com/lighttpd/lighttpd1.4/pull/97	4 years ago
Glenn Strauss	993cb545d8	[mod_webdav] surround Lock-Token with "<...>" (thx yangfl) github: #97 x-ref: https://github.com/lighttpd/lighttpd1.4/pull/97	4 years ago
Glenn Strauss	95aa2c178d	[core] 200 for OPTIONS /non-existent/path HTTP/1.1 (fixes #2939 ) 200 for OPTIONS /non-existent/path HTTP/1.1 when a module, such as mod_webdav, has set Allow response header x-ref: "OPTIONS should return 2xx status for non-existent resources if Allow is set" https://redmine.lighttpd.net/issues/2939	4 years ago
Glenn Strauss	50aae03c31	[mod_webdav] major rewrite (fixes #1818 ) (occurred 3 years ago on experimental branch, and now ported forward) robustness and performance improvements, including atomic updates on individual files (e.g. for PUT, COPY, MOVE) exclusive locks are fully supported shared locks are partly supported x-ref: "add RFC-compliant LOCK support to mod_webdav" https://redmine.lighttpd.net/issues/1818	4 years ago
Glenn Strauss	a15f40a569	[core] replace open() with fdevent_open_cloexec() fdevent_open_cloexec() opens files O_BINARY for consistency, and with O_NONBLOCK, so that the server will not block if the target file to open is a fifo.	4 years ago
Glenn Strauss	f1e9bcb08a	[core] new worker_init hook to follow parent fork	4 years ago
Glenn Strauss	4183e723ce	[core] log_error, log_perror using printf-like fmt	4 years ago
Glenn Strauss	cbad7517c8	[core] struct log_error_st for error logging	4 years ago
Glenn Strauss	9eead7db7c	[core] __attribute__((format ...))	4 years ago
Glenn Strauss	0dccda28ad	[core] add const to some etag prototypes	4 years ago
Mohammed Sadiq	6a988bb0d0	[multiple] cleaner calloc use in SETDEFAULTS_FUNC github: closes #99 x-ref: "cleaner calloc use in SETDEFAULTS_FUNC" https://github.com/lighttpd/lighttpd1.4/pull/99	4 years ago
Glenn Strauss	599b4f05c8	[core] fix 1.4.52 regression in mem use with POST (fixes #2948 ) (thx rgenoud) x-ref: "[regression][Bisected] lighttpd uses way more memory with POST since 1.4.52" https://redmine.lighttpd.net/issues/2948	4 years ago
Glenn Strauss	e757978497	[core] remove repeated slashes in http-parseopts remove repeated slashes in server.http-parseopts with url-path-dotseg-remove, including leading "//" (prior to this patch, leading "//" was skipped)	4 years ago
Glenn Strauss	32120d5b8b	[core] fix abort in http-parseopts (fixes #2945 ) fix abort in server.http-parseopts with url-path-2f-decode enabled (thx stze) x-ref: "Security - SIGABRT during GET request handling with url-path-2f-decode enabled" https://redmine.lighttpd.net/issues/2945	4 years ago
Glenn Strauss	107fa1f282	[mod_wstunnel] fix ping-interval for big-endian (fixes #2944 ) fix wstunnel.ping-interval for big-endian architectures (thx ste_p_james) x-ref: "[patch] wstunnel.ping-interval ineffective" https://redmine.lighttpd.net/issues/2944	4 years ago
Glenn Strauss	b135b4d24d	[core] clear FDEVENT_RDHUP if no POLLRDHUP (fix for poll() on FreeBSD 11)	4 years ago
Glenn Strauss	f2ac4cdfc5	[core] off_t upload_temp_file_size	4 years ago
Glenn Strauss	a78404cfbf	[core] fdevent_mkstemp_append() (shared)	4 years ago
Glenn Strauss	97d4c11ba6	[core] __attribute__((fallthrough)) for GCC 7.0	4 years ago
Glenn Strauss	f60f1a279e	[core] extend dir redirection to take HTTP status extend http_response_redirect_to_directory to take HTTP status code and to set Location if HTTP status >= 300, or else set Content-Location	4 years ago
Glenn Strauss	5440f04e8a	[core] fix assertion with server.error-handler (fixes #2941 ) (thx andpr) x-ref: "failed assertion on incoming bad request when server.error-handler option is used" https://redmine.lighttpd.net/issues/2941	4 years ago
Glenn Strauss	37bd124ae4	[core] pass conf.follow_symlink in more places	4 years ago
Glenn Strauss	2f46736edc	[build] remove -Wdeclaration-after-statement Declarations after statements has been permitted since C99. (That was 20 years ago!)	4 years ago
Glenn Strauss	8064b7483a	[mod_magnet] fix invalid script return-type crash (fixes #2938 ) (thx flynn) x-ref: "Lighttpd crashes on wrong return type in lua script" https://redmine.lighttpd.net/issues/2938	4 years ago
Glenn Strauss	78f24ba141	[core] silence coverity warning	4 years ago
Glenn Strauss	b9e2be50c9	[mod_auth] HTTP Auth Digest algorithm=SHA-256 (also support Digest algorithm=SHA-512-256 if library support present) enable additional algorithms by configuring lighttpd.conf auth.require with new optional keyword "algorithm" => "MD5\|SHA-256" default algorithm remains MD5 if "algorithm" not specified Tested with: curl --digest -u "user:pass" ... (which supports SHA-256) x-ref: "HTTP Digest Access Authentication" https://tools.ietf.org/html/rfc7616	4 years ago
Glenn Strauss	1fb0d7e295	[core] no SOCK_NONBLOCK on QNX 7.0 QNX 7.0 has SOCK_CLOEXEC but not SOCK_NONBLOCK (thx supergaute) github: closes #98 x-ref: "Fix compile error when system has SOCK_CLOEXEC but not SOCK_NONBLOCK" https://github.com/lighttpd/lighttpd1.4/pull/98	4 years ago
Glenn Strauss	28895ab297	[mod_auth] pass http_auth_require_t for 401 Unauth pass (http_auth_require_t *) to mod_auth_send_401_unauthorized_digest() for configured digest algorithms for 401 Unauthorized	4 years ago
Glenn Strauss	60f4cf3ad8	[mod_auth] http_auth_info_t digest abstraction	4 years ago
Glenn Strauss	07fef25867	[mod_auth] http_auth_digest_hex2bin() replace http_auth_md5_hex2bin() with more generic function to handle digests of different lengths	4 years ago
Glenn Strauss	9113011d5b	[core] pass (fdnode ) for registered fdevent fd inline fdevent_fdnode_interest() avoid array lookup for (fdnode ) for various ops	4 years ago
Glenn Strauss	0e108390e5	[core] modify config parser to handle multiple } modify config parser to handle multiple '}' on same line	4 years ago
Glenn Strauss	d76756ca10	[core] perf: pass (fdnode *) to epoll and kqueue	4 years ago
Glenn Strauss	c83fff1dda	[core] release empty chunk buf when nothing read	4 years ago
Glenn Strauss	41384a3657	[core] isolate fdevent processing	4 years ago
Glenn Strauss	1a99aad1c0	[core] pull server load checks out of main loop	4 years ago
Glenn Strauss	99f8ae0d0d	[mod_openssl] use 16k static buffer instead of 64k better match size used by openssl (avoid unused, oversized reads)	4 years ago
Glenn Strauss	4e6e787a0d	[core] remove redundant check for allow_http11 (conf.allow_http11 is handled in http_response_prepare())	4 years ago
Glenn Strauss	800e9b7349	[core] remove fde_ndx member outside fdevents (isolated to fdevent framework internals)	4 years ago
Glenn Strauss	0a46f7ec23	[core] some fdevent code streamlining isolate fde_ndx to fdevent framework internals	4 years ago
Glenn Strauss	8441c9e8e8	[core] config option to allow GET w/ request body server.http-parseopts = ( "method-get-body" = "enable" )	4 years ago
Glenn Strauss	8167497899	[mod_proxy] pass Content-Length to backend if > 0 pass Content-Length to backend if > 0, even if GET or HEAD method (and pass Content-Length: 0 for other methods if no request body)	4 years ago
Glenn Strauss	8efa6a34f4	[mod_openssl] default: ssl.cipher-list = "HIGH"	4 years ago
Glenn Strauss	3e200717cc	[mod_openssl] inherit cipherlist from global scope inherit cipherlist from global scope if not set in $SERVER["socket"]	4 years ago
Glenn Strauss	1542e44bb7	[core] use openssl to read,discard request body use openssl to read,discard request body after response has been sent on a TLS connection, at least until SSL close notify has been sent x-ref: "HTTPS POST upload hangs when i reach maximum supported request size" https://redmine.lighttpd.net/boards/2/topics/8491	4 years ago
Glenn Strauss	fca9e5a0b1	[core] prefer memchr() over strchr()	4 years ago
Glenn Strauss	fc914ae442	[core] map FDEVENT_* to OS system event frameworks (avoid need to translate event flags between OS and lighttpd FDEVENT_*)	4 years ago
Stefan Bühler	9232145024	[core] poll: fdarray uses fd as index, not fde_ndx	4 years ago
Stefan Bühler	1bd1d559b5	[core] don't call fd event handlers more than once, they might already be gone (fixes segfault)	4 years ago
Glenn Strauss	f5f221eda8	[core] dispatch events from within event framework event framework now calls interface to dispatch events rather than itself implementing multiple interfaces for fdevent_process() to be able to dispatch events generically.	4 years ago
Glenn Strauss	9459c05468	[core] fix mixed use of srv->split_vals array (fixes #2932 ) regression in mod_evhost in lighttpd 1.4.53 regression in mod_flv_streaming in lighttpd 1.4.51 - lighttpd 1.4.53 (thx moisseev) x-ref: "[regression] %0 pattern does not match hostnames without the domain part" https://redmine.lighttpd.net/issues/2932	4 years ago
Glenn Strauss	13f957d283	[core] simpler loops to run plugin hooks	4 years ago
Glenn Strauss	c38eddfc29	[core] skip plugins_call_cleanup if not init'ed	4 years ago
Glenn Strauss	b1a9f335c6	[core] connection_handle_write() updates con state (return value was always 0, so remove checks for other values)	4 years ago
Glenn Strauss	4713b6a61c	[core] con->is_ssl_sock flag to indicate if socket protocol is TLS (future use: will be needed with connection upgrade to https; not impl)	4 years ago
Glenn Strauss	d28bac32fe	[multiple] reduce code dup in list resizing reduce code duplication in list resizing realloc() of NULL ptr has behavior similar to malloc() Note that if initial size == 0, then code used to adjust size must be += x to ensure the size is non-zero for reallocation. (Multiplying 0 * x, e.g. power-2 resizing, will result in 0.)	4 years ago
Glenn Strauss	31b546e367	[core] fix gw_backend spelling of directive in err fix gw_backend spelling of bin-path directive in error message	4 years ago
Glenn Strauss	74b18c385c	[core] no keep-alive if POLLRDHUP,empty read queue send Connection: close if POLLRDHUP received and read queue is empty	4 years ago
Glenn Strauss	9948537721	[core] discard oversized trailers x-ref: "PVS-Studio Analysis Results" https://redmine.lighttpd.net/boards/3/topics/8459 http://www.fly-server.ru/pvs-studio/lighttpd/	4 years ago
Glenn Strauss	b2c18f480d	[mod_auth] minor: adjust config validation x-ref: "PVS-Studio Analysis Results" https://redmine.lighttpd.net/boards/3/topics/8459 http://www.fly-server.ru/pvs-studio/lighttpd/	4 years ago
Glenn Strauss	25bb4406fa	[mod_deflate] honor request for x-gzip, x-bzip2 honor request for x-gzip, x-bzip2 if gzip, bzip2 not requested x-ref: "PVS-Studio Analysis Results" https://redmine.lighttpd.net/boards/3/topics/8459 http://www.fly-server.ru/pvs-studio/lighttpd/	4 years ago
Glenn Strauss	859c9ae586	[multiple] minor: remove duplicated conditions x-ref: "PVS-Studio Analysis Results" https://redmine.lighttpd.net/boards/3/topics/8459 http://www.fly-server.ru/pvs-studio/lighttpd/	4 years ago
Glenn Strauss	daa5f7c576	[mod_accesslog] attempt to reconstruct req line cease http_request_parse_reqline() unconditionally copying request line, as request line is currently used only by mod_accesslog 'r' format	4 years ago
Glenn Strauss	950832af67	[core] RFC7230 HTTP-version parse	4 years ago
Glenn Strauss	9149b56418	[core] get_http_method_key() match by strlen first	4 years ago
Glenn Strauss	b9a37291cb	[core] lift code out of request line parse loop	4 years ago
Glenn Strauss	e5d61e9a5f	[core] http_request_parse() mark error paths cold	4 years ago
Glenn Strauss	e0a35b75c0	[core] mark log_error_write*() funcs cold	4 years ago
Glenn Strauss	23b0d867c5	[core] replace con->response.keep_alive set con->keep_alive = 0 to indicate backend request to close connection	4 years ago
Glenn Strauss	25185d1de0	[core] pass req hdrs buffer to http_request_parse	4 years ago
Glenn Strauss	7493d628b9	[core] prefer buffer_caseless_compare() prefer buffer_caseless_compare() to strcasecmp()	4 years ago
Glenn Strauss	7f8fd8ad09	[core] make parse_request,request.request same buf	4 years ago
Glenn Strauss	d7ad5819e6	[core] copy request only if might need for logging copy request header only if we may need to log it upon error	4 years ago
Glenn Strauss	a620f80b77	[core] log_request_header_on_error in one place	4 years ago
Glenn Strauss	9ab5469365	[core] parse request in connection_read_header()	4 years ago
Glenn Strauss	8426b94161	[core] perf: optimize connection_read_header()	4 years ago
Glenn Strauss	21afabb8f8	[core] helper funcs for connection_state_machine() carve connection_state_machine() into separate functions per state	4 years ago
Glenn Strauss	9e55fd72b5	[core] quickly clear request buffer for reuse	4 years ago
Glenn Strauss	79aa8613e1	[core] store joblist pointer on stack	4 years ago
Glenn Strauss	b8532fe073	[mod_staticfile] search ext array if not empty	4 years ago
Glenn Strauss	c8f9658536	[core] remove server.h	4 years ago
Glenn Strauss	aa2d0fb087	[core] srv->max_fds_lowat and srv->max_fds_hiwat	4 years ago
Glenn Strauss	653b0dac7c	[core] fdevent_process() process fdevents in fdevent.c	4 years ago
Glenn Strauss	aa34dfd32b	[core] some server_main_loop() cleanup	4 years ago
Glenn Strauss	fb9b8ad8ae	[core] mark startup/shutdown funcs cold	4 years ago
Glenn Strauss	413c0e557e	[core] separate server_main_loop() func, mark hot move server main loop into separate func and mark hot separate funcs for signal handling	4 years ago
Glenn Strauss	142e54b2a8	[mod_evhost] handle IPv6 literal addr; add tests	4 years ago
Glenn Strauss	2769f19ad3	[mod_openssl] ssl.privkey directive (optional) ssl.privkey can be used to specify path to file containing private key in lieu of concatenating certificate and private key into single .pem	4 years ago
Martin Storsjö	3ac7764cfe	[core] Fix recursive include_shell invocations When the output of include_shell calls include_shell itself, that second invocation must not truncate the buffer used for the outer include_shell. This might sound like a pathological setup in itself, but with e.g. debian's include-conf-enabled.pl, which outputs a list of include statements for all files in /etc/lighttpd/conf-enabled, if any of the *.conf files in that directory invokes include_shell, the parsing of the rest of the files in that directory is effectively aborted. This fixes a regression since commit `a46bc4f5de` in such setups. github: closes #95	4 years ago
Glenn Strauss	b17d3c2407	[mod_openssl] ALPN and acme-tls/1 (fixes #2931 ) ssl.acme-tls-1 = "/path/to/dir" containing .crt.pem and .key.pem named with the SNI name ("<SNI>.crt.pem" and "<SNI>.key.pem") x-ref: "Transport Layer Security (TLS) Application-Layer Protocol Negotiation Extension" https://tools.ietf.org/html/rfc7301 "ACME TLS ALPN Challenge Extension" (TLS-ALPN-01) https://tools.ietf.org/html/draft-ietf-acme-tls-alpn-05 "Support for TLS-ALPN-01" https://redmine.lighttpd.net/issues/2931	4 years ago
Glenn Strauss	f77cfe7ca8	[core] con->uri.scheme is maintained lowercase con->uri.scheme is maintained lowercase "http" or "https" so scheme string comparisons need not be case-insensitive	4 years ago
Glenn Strauss	05d20bcac2	[mod_webdav] compare COPY, MOVE Destination scheme compare COPY, MOVE Destination scheme with request URI scheme	4 years ago
Glenn Strauss	b31e7840d5	[multiple] quiet clang --analyze where trivial quiet clang --analyze warnings where trivial to do so	4 years ago
Glenn Strauss	a929de7ae5	[multiple] calloc match ptr type (clang --analyze)	4 years ago
Glenn Strauss	69d17e04cd	[mod_expire] look up expire fallback "" explicitly equivalent to prior code, but more direct (legibile in code) to look up empty string than to walk array. Might be marginally faster to walk array when the list is short, but the lookup is also fairly quick in that case, too.	4 years ago
Glenn Strauss	4608ddec2f	[build] autotools: try mysqlclient.pc and mariadb.pc (fixes #2925 ) (thx helmut) x-ref: "autotools cross build failure with lighttpd" https://redmine.lighttpd.net/issues/2925	4 years ago
Glenn Strauss	ce7b47c015	[core] systemd socket activation support	4 years ago
Glenn Strauss	5b0e27f8ad	[core] network_srv_sockets_append() shared code	4 years ago
Glenn Strauss	6b77372ae7	[core] move /dev/stdin graceful restart handling move /dev/stdin graceful restart handling special-case up out of network_server_init()	4 years ago
Glenn Strauss	b2ee667a3d	[core] move winsock init to network_init()	4 years ago
Glenn Strauss	a70cf6e5dc	[core] cache rev DNS for localhost for dir redir	4 years ago
Glenn Strauss	629b16f188	[core] send Connection: close if reqbody not read (fixes #2924 ) send Connection: close if it is known that request body has not finished being read and will not finish being read x-ref: "Suboptimal keep-alive handling when request body is not read" https://redmine.lighttpd.net/issues/2924	4 years ago
Glenn Strauss	96061c1e5e	[mod_auth] permit additional auth backends to load (For testing purposes, allow for all current auth module backends to be loaded and registered at the same time)	4 years ago
Glenn Strauss	ed6b894127	[core] define MD5_DIGEST_LENGTH 16	4 years ago
Glenn Strauss	e47ea5e2b0	[core] memeq compare rounded to 64, not next 1M	4 years ago
Glenn Strauss	b541b67459	[core] use con->server_name for dir redir use con->server_name for dir redir if con->server_name is not empty and Host header not provided in request.	4 years ago
Glenn Strauss	81dfa7a8d2	[core] http_response_buffer_append_authority() (shared code)	4 years ago
Glenn Strauss	bceeac654e	[core] use connected sock port in dir redirect	4 years ago
Glenn Strauss	c2bd063ac4	[core] do not free() reused buffer	4 years ago
Glenn Strauss	8ed98ad089	[core] perf: reuse buffer to redirect to directory	4 years ago
Glenn Strauss	7d4ecd01e8	[core] perf: incremental hash of pathname w/o copy	4 years ago
Glenn Strauss	fe3dc17968	[mod_fastcgi] fix NULL ptr deref from bugfix #2922 (fixes #2923 ) (thx rgenoud) x-ref: "SIGSEGV on file upload" https://redmine.lighttpd.net/issues/2923	4 years ago
Glenn Strauss	a1b527e473	[multiple] reduce initial buffer sz if large POST (fixes #2922 ) reduce initial buffer size if large POST to backend stored in temp files regression in lighttpd 1.4.52 (thx rgenoud) x-ref: "[regression] lighttpd gets killed after uploading a big file" https://redmine.lighttpd.net/issues/2922	4 years ago
Glenn Strauss	f03e5e239d	[tests] t/test_keyvalue create t/test_keyvalue to replace sparse tests in tests/mod-redirect.t and tests/mod-rewrite.t remove tests/mod-redirect.t and tests/mod-rewrite.t	4 years ago
Glenn Strauss	dd11144bc8	[core] use kill_signal for gw_proc_kill() After 4 seconds, send kill() every second while waiting for child to exit. Send host->kill_signal for next 4 seconds, then send SIGTERM (usually same as host->kill_signal) for following 8 seconds, and finally send SIGKILL each second after that, until the child process dies. github: closes #94	4 years ago
Glenn Strauss	c2a9692e78	[tests] include first.h and NDEBUG early	4 years ago
Glenn Strauss	5a32d0f72a	[mod_access] t/test_mod_access create t/test_mod_access to test mod_access basic logic remove tests/mod-access.t	4 years ago
Glenn Strauss	ddf95741b5	[mod_access] restructure for unit tests	4 years ago
Glenn Strauss	8aad091613	[mod_evhost] t/test_mod_evhost create t/test_mod_evhost to test mod_evhost basic logic remove tests/mod-evhost.t	4 years ago
Glenn Strauss	5299bded32	[mod_evhost] restructure for unit tests	4 years ago
Glenn Strauss	093569a6f6	[mod_evhost] split uri handler func for testing	4 years ago
Glenn Strauss	b2a6239851	[mod_simple_vhost] t/test_mod_simple_vhost create t/test_mod_simple_vhost to test mod_simple_vhost basic logic remove tests/mod-simplevhost.t, which was not testing mod_simple_vhost	4 years ago
Glenn Strauss	685f4ed62c	[mod_cml,mod_flv_streaming] fix NULL ptr deref fix possible NULL pointer dereference when query string not present and no previous query strings processed by that specific connection instance regression in lighttpd 1.4.51 (mod_flv_streaming) regression in lighttpd 1.4.52 (mod_cml) workaround for mod_flv_streaming: url.rewrite-once = ( "\.flv$" => "${url.path}?" ) (similar workaround for mod_cml) (thx fab) x-ref: "segfault with mod_flv_streaming" https://redmine.lighttpd.net/boards/2/topics/8404	4 years ago
Glenn Strauss	06ebbc3ed4	[core] invert logic for mod_indexfile load warning	4 years ago
Glenn Strauss	e92919788f	[mod_webdav] silence warnings if built w/o locks silence compiler warnings if built w/o locks	4 years ago
Glenn Strauss	a7bceb6b06	[core] quiet indexfile warning if mod not loaded	4 years ago
Glenn Strauss	77c01f9817	[core] buffer_append_path_len() concatenate paths, placing single '/' between strings reverts broken commit:b9402283 (thx avij)	4 years ago
Glenn Strauss	608026e5aa	[core] fix typo	4 years ago
Glenn Strauss	fed4573fad	[mod_proxy] silence coverity false positive	4 years ago
Glenn Strauss	80638252dc	[multiple] validate UTF-8 in url-decoded paths validate UTF-8 in url-decoded paths obtained elsewhere than from request (burl_normalize(), if enabled with server.http-parseopts, checks url for overlong encodings of ASCII chars in the HTTP request-line)	4 years ago
Glenn Strauss	e8e59396d3	[core] reject decoded url-path without leading '/' buffer_simplify_path() no longer prepends '/' if '/' is missing. Callers must check for leading '/' depending on use, such as in concatenation with others paths, or direct use accessing filesystem Note: lighttpd 1.4.50 provides the server.http-parseopts directive. Recommended settings unless specific use requires looser settings: server.http-parseopts = ( "header-strict" => "enable", "host-strict" => "enable", "host-normalize" => "enable", "url-normalize" => "enable", "url-normalize-unreserved" => "enable", "url-normalize-required" => "enable", "url-ctrls-reject" => "enable", "url-path-2f-decode" => "enable", "url-path-dotseg-remove" => "enable", "url-query-20-plus" => "enable" ) x-ref: https://digi.ninja/blog/lighttpd_rewrite_bypass.php As noted in the link above, mod_access should be preferred instead of mod_rewrite for access controls to URLs.	4 years ago
Glenn Strauss	8a8579802a	[mod_webdav] separate func for each request method split up mod_webdav_subrequest_handler_huge() into subroutines	4 years ago
Glenn Strauss	cef6ee675d	[core] limit con->uri.authority < 1024 octets (expect < 256 octets for DNS name) Since limit is imposed, can use buffer_clear() instead of buffer_reset() for con->uri.authority and con->server_name. (Also, con->uri.scheme is limited to "http" and "https", so use buffer_clear() for it, too)	4 years ago
Glenn Strauss	0bac13f6b4	[core] cygwin sample to run lighttpd under NSSM configure NSSM to set environment variables when starting lighttpd NSSM_SERVICE_NAME=lighttpd NSSM_SERVICE_DIR=/lighttpd/install/dir (optional)	4 years ago
Glenn Strauss	ad53c30d4b	[core] cygwin helper func for getcwd	4 years ago
Glenn Strauss	cf93e91c56	[core] perf: inline buffer_copy_buffer()	4 years ago
Glenn Strauss	d7cfc8a381	[mod_wstunnel] use buffer_string_length() use buffer_string_length() abstraction instead of b->used	4 years ago
Glenn Strauss	75bd40aa5d	[core] perf: buffer optimizations buffer_string_prepare_copy() no longer writes '\0' into b->ptr buffer_realloc() always allocates extra +1 for '\0'	4 years ago
Glenn Strauss	cced512116	[mod_cml] parse query string without modifying it	4 years ago
Glenn Strauss	449274903c	[core] perf: simplify buffer_move() require src and dest to be non-NULL change no longer releases large swapped buffers with buffer_reset()	4 years ago
Glenn Strauss	ef1fdcd910	[mod_webdav] one fewer buffer copy for COPY,MOVE one fewer buffer copy of Destination for COPY,MOVE	4 years ago
Glenn Strauss	956a3fb9db	[mod_webdav] fix LOCK on incorrect URI path	4 years ago
Glenn Strauss	b9402283be	[core] simpler physical path concatenation	4 years ago
Glenn Strauss	ac41c17694	[core] perf: small improvement buffer_string_space	4 years ago
Glenn Strauss	a2aba0788b	[core] perf: small improvement to encoding CGI var	4 years ago
Glenn Strauss	f69bd9cdb8	[core] perf: simple, quick buffer_clear() quickly clear buffer instead of buffer_string_set_length(b, 0) or buffer_reset(b). Avoids free() of large buffers about to be reused, or buffers that are module-scoped, persistent, and reused. (buffer_reset() should still be used with buffers in connection *con when the data in the buffers is supplied by external, untrusted source)	4 years ago
Glenn Strauss	9749503b1d	[core] separate func to reset FILE_CHUNK	4 years ago
Glenn Strauss	19b5fbdd3d	[mod_fastcgi] transfer chunks minus packet padding (thx avij)	4 years ago
Glenn Strauss	f0df89a996	[mod_redirect,mod_rewrite] use server_name use server_name for authority if Host not provided (Host is not required in HTTP/1.0)	4 years ago
Glenn Strauss	b5cd216781	[mod_fastcgi] minor: copy packet without padding	4 years ago
Glenn Strauss	758c58cda5	[core] clear chunk buffer upon release (before adding back to reusable buffer pool)	4 years ago
Glenn Strauss	b74188e5b3	[mod_cgi] reset reused buffer on internal redir	4 years ago
Glenn Strauss	aba45f68d8	[core] perf: simpler buffer_string_space() (tests)	4 years ago
Glenn Strauss	473ce93c14	[core] perf: faster HTTP pipelined requests separate reading header from connection_handle_read_state() into connection_read_header() so that HTTP pipelined requests can skip optimistic read()/recv()	4 years ago
Glenn Strauss	d1bf435573	[core] perf: simpler buffer_string_space() (fixed)	4 years ago
Glenn Strauss	70d7d0a0a1	[core] server.chunkqueue-chunk-sz = 4096 server.chunkqueue-chunk-sz = 4096 (default) Can be configured any integral value greater than 0. Value is rounded up to next 1024 if not an even multiple of 1k. Sites with large request or response headers may benefit from an 8k or 16k chunk size. Embedded systems might choose to minimize memory use by using a 1k chunk size.	4 years ago
Glenn Strauss	cc1c2f0e37	[core] server.compat-module-load = "disable" controls whether default and compatibility modules are loaded, including default modules mod_indexfile, mod_staticfile, mod_dirlisting and if mod_authn* modules are loaded when mod_auth in server.modules and if mod_openssl is loaded when ssl. directives are seen default: server.compat-module-load = "enable" (preserve existing behavior) recommended config: explicitly load desired modules in desired order	4 years ago
Glenn Strauss	1b8453886f	[mod_webdav] quiet coverity false positive	4 years ago
Glenn Strauss	f13db69012	[core] fix setting of headers previously reset (fixes #2919 ) bug may result in long delays when using mod_deflate on connections with keep-alive, as the result is sent without Content-Length or Transfer-Encoding (regression in lighttpd 1.4.51) (thx GilGalaad) x-ref: "high latency on 1.4.51 + proxy + deflate" https://redmine.lighttpd.net/boards/2/topics/8365 https://redmine.lighttpd.net/issues/2919	4 years ago
Glenn Strauss	41b50cfa71	[core] fix 301 -> 302 overwrite with Location (fixes #2918 ) fix bug resulting in status code being overwritten from 301 to 302 if Location response header is returned by a backend which is not mod_proxy (regression in lighttpd 1.4.51) (thx shochodev) x-ref: "lighttpd is not obeying the http status code sent by our application (302 sent by lighttpd when 301 is sent by application)" https://redmine.lighttpd.net/issues/2918	4 years ago
Glenn Strauss	2d91475828	[mod_cgi] perf: cache getenv() results at start up	4 years ago
Glenn Strauss	5ff1ddeb66	[mod_wstunnel] perf: reuse large buffers	4 years ago
Glenn Strauss	88ee73d0a2	[multiple] perf: simplify chunkqueue_get_memory()	4 years ago
Glenn Strauss	f512bfa4af	[core] use chunk_buf_sz instead of hard-coded num	4 years ago
Glenn Strauss	9f6a46738d	[multiple] dynamic handlers hint backend header sz	4 years ago
Glenn Strauss	31d16af78b	[core] perf: simpler buffer_string_space()	4 years ago
Glenn Strauss	1539cbfdc1	[core] perf: chunkqueue buffers already sized up provide new interface for sizing to even larger if very large request (chunkqueue_prepend_buffer_open_sz())	4 years ago
Glenn Strauss	f1e5f74f8f	[mod_webdav] return 403 if file should exist return 403 if file should exist for PROPPATCH or LOCK, but stat fails	4 years ago
Glenn Strauss	a1cda77f9b	[mod_openssl] prefer using TLS_server_method() prefer TLS_server_method() instead of SSLv23_server_method() (SSLv23_server_method() is deprecated in openssl 1.1.0)	4 years ago
Glenn Strauss	aa00359e6c	[mod_cgi] perf: use stat_cache for cgi handler	4 years ago
Glenn Strauss	d182e90bb1	[mod_openssl] SSL_read before second SSL_shutdown call SSL_read() before calling SSL_shutdown() a second time. Drain SSL read buffers in case pending records need processing. x-ref: "New session ticket breaks bidirectional shutdown of TLS 1.3 connection" https://github.com/openssl/openssl/issues/6262 reported to lighttpd by intexk https://www.lighttpd.net/2018/10/14/1.4.51/	4 years ago
Glenn Strauss	89062d8134	[mod_openssl] move SSL_shutdown() to separate func mod_openssl_close_notify()	4 years ago
Rosen Penev	bc91bbd0c6	[core] Don't call RAND_cleanup with OpenSSL 1.1.x RAND_cleanup is deprecated and does nothing with 1.1.x. It also breaks with OpenSSL compiled with no deprecated APIs. (-DOPENSSL_API_COMPAT=<version>) github: closes #93	4 years ago
Glenn Strauss	6dcdc1af18	[mod_fastcgi,mod_scgi] perf: env accumulation	4 years ago
Glenn Strauss	407b4d140b	[mod_cgi] perf: reuse buffers for creating CGI env	4 years ago
Glenn Strauss	e0dbff4750	[core] slightly simpler flag append to string	4 years ago
Glenn Strauss	5fe9339942	[core] perf: inline buffer_append_string_buffer()	4 years ago
Glenn Strauss	8c0792a58c	[multiple] better packing of struct chunk remove c->file.name previous commit modified c->file.name to share buffer with c->mem	4 years ago
Glenn Strauss	3d8d56d8de	[multiple] perf: reuse large buffers w/ backend	4 years ago
Glenn Strauss	fccc7fc607	[core] perf: chunk.c chunk pool reuse chunks across chunkqueues; remove cq->unused, cq->unused_chunks reuse same buffer c->mem and c->file.name in chunk	4 years ago
Glenn Strauss	c79bc31609	[mod_fastcgi] perf: reduce data copies http_chunk_transfer_cqlen()	4 years ago
Glenn Strauss	2df8f9ebf4	[mod_fastcgi] perf: reduce data copies reduce data copies while reading FastCGI packets from FastCGI backend	4 years ago
Glenn Strauss	f934615466	[core] permit env vars to be set with blank value (regression in lighttpd 1.4.51)	4 years ago
Glenn Strauss	f410431b58	[multiple] perf: use larger initial backend buffer use larger initial backend buffer if the client request is large	4 years ago
Glenn Strauss	7e8beee577	[multiple] perf: power-2 alloc large headers allocate large headers by power-2 as headers to backend is generated (mod_proxy, mod_fastcgi, mod_scgi)	4 years ago
Glenn Strauss	610d5c03ab	[multiple] perf: write headers to backend write cq write headers directly to dynamic backend write chunkqueue (mod_proxy, mod_fastcgi, mod_scgi)	4 years ago
Glenn Strauss	a9ae35128d	[core] chunk.c code reuse	4 years ago
Glenn Strauss	61e507bfe5	[core] perf: better buf reuse reading from backend	4 years ago
Glenn Strauss	40d3408328	[core] perf: append response directly into write q prepend non-dynamic response directly into write queue chunkqueue	4 years ago
Glenn Strauss	758174ecbc	[core] perf: specialized func for array sorting specialized func for array sorting for use in binary search	4 years ago
Glenn Strauss	59a71815dc	[core] perf: copy small strings; extend last chunk copy small strings; extend last chunk (instead of creating new, tiny chunk)	4 years ago
Glenn Strauss	e7c840502a	[core] perf: copy small strings; better buf reuse copy small strings to write queue for better buffer reuse (instead of swapping with larger buffers in write chunkqueue)	4 years ago
Glenn Strauss	23c72fc606	[core] perf: prepend headers directly into write q prepend response headers directly into write queue chunkqueue	4 years ago
Glenn Strauss	5a159e828d	[core] perf: size write buffers for reuse size write buffers for reuse in common cases (so that write buffers are BUFFER_MAX_REUSE_SIZE)	4 years ago
Glenn Strauss	2e23b43d12	[core] perf: buffer_align_size() identity if align use identity if requested size is already aligned to BUFFER_PIECE_SIZE	4 years ago
Glenn Strauss	929909a999	[core] perf: skip redundant prepare copy calls skip redundant calls to buffer_string_prepare_copy() when simply clearing buffer is sufficient, e.g. when a blanked buffer is desired before calling buffer_append_strftime(), which internally prepares buffer for the resultant formatted string	4 years ago
Glenn Strauss	d4a93a531d	[core] perf: buffer_copy_string_len() buffer_copy_string_len() short-circuit common case, but preserve blank-string initialization side-effect if buffer is empty	4 years ago
Glenn Strauss	15277bf9e1	[core] perf: one-element cache for host normalize one-element cache for http_request_host_normalize() on IP address	4 years ago
Glenn Strauss	babf8112f7	[core] perf: buffer_free_ptr() __attribute__ cold	4 years ago
Glenn Strauss	062089ff14	[core] perf: array_reset_data_strings() array_reset_data_strings() specialization	4 years ago
Glenn Strauss	29dd9379ff	[core] perf: call connection_reset() fewer times connection_reset() is called at end of request to prepare for keep-alive or to free resources while waiting for client to close connection. This is the reason why it is called earlier towards end of request rather than always waiting until the very end of request when socket is closed. connection_reset() used to additionally be called for every new socket connection, but now is only called when new conns are allocated and initialized.	4 years ago
Glenn Strauss	c8136a66fe	[core] typo in trace	4 years ago
Glenn Strauss	468b3a5b33	[mysql] MySQL 8 deprecates my_bool replace my_bool with char in mod_vhostdb_mysql and mod_mysql_vhost (mysql.h contains: typedef char my_bool; and passes a pointer to it as third argument, a (void *), to mysql_options())	4 years ago
Glenn Strauss	98f5cc6f0d	[core] permit server.error_handler to static file This use is not recommended since it means that the response body will not contain the precise error code. x-ref: "What is the proper syntax for server.error-handler in 1.4.45" https://redmine.lighttpd.net/boards/2/topics/8320	4 years ago
Glenn Strauss	bc25684f0c	[core] perf: buffer_string_append_len() buffer_string_append_len() short-circuit common case, but preserve blank-string initialization side-effect if buffer is empty	4 years ago
Glenn Strauss	082b485802	[mod_openssl] wolfSSL does not support SSLv2	4 years ago
Glenn Strauss	f1489b5a11	[core] perf: buffer.c internal inlines buffer_copy_string_len() and buffer_append_string_len() now internally inline what buffer_commit() does, but do not repeat the sanity checks already enforced by buffer_string_prepare_copy() and buffer_string_prepare_append(), respectively buffer_string_set_length() short-circuit common case	4 years ago
Glenn Strauss	78d4ef9e0f	[build] CMake support for wolfSSL (missing HAVE_WOLFSSL_SSL_H without add_definition() suggests that there are other definitions that are not being exported for use in the build, so lighttpd built with CMake has base features only)	4 years ago
Glenn Strauss	923b321094	[build] meson support for wolfSSL meson.build needed to change some args to lists to support meson objects	4 years ago
Glenn Strauss	a950ae15ca	[build] SCons support for wolfSSL	4 years ago
Glenn Strauss	0074b6d342	[mod_openssl] add support for wolfSSL requires wolfSSL library version 3.15.3 or later https://www.wolfssl.com/ https://github.com/wolfSSL/wolfssl (thx dgarske) x-ref: "Adds support for building Lighttpd with wolfSSL" https://github.com/lighttpd/lighttpd1.4/pull/92	4 years ago
Glenn Strauss	e9f223d35e	[mod_auth] use SHA1_Init,Update,Final wolfSSL does not provide the SHA1() convenience function, so use stepwise funcs SHA1_Init(), SHA1_Update(), SHA1_Final()	4 years ago
Glenn Strauss	d825966739	[core] reject Transfer-Encoding from proxy (#2913 ) reject Transfer-Encoding from backend for mod_proxy. mod_proxy currently sends HTTP/1.0 requests to the backend, for which Transfer-Encoding: chunked is not a valid response header. Additionally, there is no value to Transfer-Encoding: chunked from backend since lighttpd mod_proxy sends HTTP/1.0 request along with Connection: close, so the backend closing the socket is the end of the response from the backend. x-ref: "Reverse proxy does not work with sandstorm" https://redmine.lighttpd.net/issues/2913	4 years ago
Glenn Strauss	7a7f4f987a	[mod_openssl] no renegotiation in TLS 1.3 (fixes #2912 ) x-ref: "OpenSSL 1.1.1: renegotiation initiated by client, killing connection" https://redmine.lighttpd.net/issues/2912	4 years ago
Glenn Strauss	4674d2d180	[core] fix missing param from prev commit	4 years ago
Glenn Strauss	877ac2942a	[core] better consistency in buffer_is_equal*() buffer_is_equal_caseless_string() now correctly matches against the string only up to the provided string length, since the string might not be '\0' terminated.	4 years ago
Glenn Strauss	7af5ba92ed	[core] PATH_INFO calculation when basedir is "/" (fixes #2911 ) PATH_INFO calculation when basedir is "/" or empty x-ref: "pathinfo not recognized if basedir is empty" https://redmine.lighttpd.net/issues/2911	4 years ago
Glenn Strauss	e3c39f5cbc	[meson] build fixes for libmariadb and libsasl2 (commented out test for libmysqlclient in favor of libmariadb)	4 years ago
Glenn Strauss	d6bd929e5d	[build] put request.c in common src put request.c in common src for CMake, SCons, and meson builds (request.c is already in common source list in Makefile.am)	4 years ago
Glenn Strauss	233db8d668	[TLS] sys-crypto.h abstraction (add the header)	4 years ago

... 3 4 5 6 7 ...

2544 Commits (0fcd51438dc663dc1bebf54404e94128924687dd)