lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity
1,701 Commits
9 Branches
85 Tags
14 MiB
Commit Graph

571 Commits (27ab3f76dbedbb48cfb84e1bfc61e403f0a2c851)

Author SHA1 Message Date
Stefan Bühler b239e7734a [mod_magnet] fix memory leak 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2943 152afb58-edef-0310-8abb-c4023f1b3aa9
 2014-02-14 21:06:10 +00:00
Stefan Bühler b461e031f5 [mod_fastcgi,mod_scgi] fix resource leaks on spawning backends 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2942 152afb58-edef-0310-8abb-c4023f1b3aa9
 2014-02-14 21:06:07 +00:00
Stefan Bühler d59c910d6a [mod_dirlisting] fix memory leak if pcre fails 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2941 152afb58-edef-0310-8abb-c4023f1b3aa9
 2014-02-14 21:06:05 +00:00
Stefan Bühler 0aaf939e5e [mod_rrdtool] fix invalid read (string not null terminated) 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2940 152afb58-edef-0310-8abb-c4023f1b3aa9
 2014-02-14 21:06:03 +00:00
Stefan Bühler fc3a060a04 [mod_fastcgi] fix use after free (only triggered if fastcgi debug is active) 
If a new fastcgi packet is expected, but the currently available
  data doesn't fill the header and debug is active an invalid
  read is triggerd.

From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2939 152afb58-edef-0310-8abb-c4023f1b3aa9
 2014-02-14 21:06:00 +00:00
Stefan Bühler b8a1835093 NEWS entry for previous commit 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2938 152afb58-edef-0310-8abb-c4023f1b3aa9
 2014-02-14 21:05:58 +00:00
Stefan Bühler 0d855be97e - next is 1.4.35 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2935 152afb58-edef-0310-8abb-c4023f1b3aa9
 2014-01-20 14:20:06 +00:00
Stefan Bühler 24994e113a [mod_webdav] fix fd leak found with parfait (fixes #2530, thx kukackajiri) 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2930 152afb58-edef-0310-8abb-c4023f1b3aa9
 2014-01-10 12:05:06 +00:00
Stefan Bühler 657566828e [mod_mysql_vhost] fix memory leak on config init (#2530) 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2929 152afb58-edef-0310-8abb-c4023f1b3aa9
 2014-01-10 12:05:04 +00:00
Stefan Bühler e346794d59 [auto* build] remove -no-undefined from linker flags, as we actually link modules with undefined symbols (fixes #2533) 
On platforms that support linking modules with undefined symbols we
actually do it; so most of the time -no-undefined should result in an
error.
On platforms that don't support it, it will result in an error sooner or
later anyway (on those it should build a shared libary with the core
code to link the modules against).

From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2928 152afb58-edef-0310-8abb-c4023f1b3aa9
 2014-01-10 12:05:02 +00:00
Stefan Bühler f0e5c1415d [core] decode URL before rewrite, enabling it to work in $HTTP["url"] conditionals (fixes #2526) 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2927 152afb58-edef-0310-8abb-c4023f1b3aa9
 2014-01-10 12:04:59 +00:00
Stefan Bühler 17762fad01 maintain physical.basedir (the "acting" doc-root as prefix of physical.path) in more places 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2926 152afb58-edef-0310-8abb-c4023f1b3aa9
 2014-01-10 12:04:57 +00:00
Stefan Bühler c8fbc16985 [ssl] fix regression from CVE-2013-4508 (client-cert sessions were broken) 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2925 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-11-13 17:18:39 +00:00
Stefan Bühler 99cddff73a [core] check success of setuid,setgid,setgroups (CVE-2013-4559) 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2923 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-11-13 11:43:33 +00:00
Stefan Bühler d8b363c1d1 [stat-cache] fix FAM cleanup/fdevent handling 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2922 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-11-13 11:43:31 +00:00
Stefan Bühler ae1335503a [stat-cache] FAM: fix use after free (CVE-2013-4560) 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2921 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-11-13 11:43:28 +00:00
Stefan Bühler 6b7240f2d8 NEWS entry for previous commit 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2919 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-11-13 11:43:23 +00:00
Stefan Bühler 1af871fcef [ssl] fix SNI handling; only use key+cert+verify-client from SNI specific config (fixes #2525, CVE-2013-4508) 
pull all ssl.ca-file values into all SSL_CTXs, but use only the local
ssl.ca-file for verify-client; correct SNI name is no requirement,
so enforcing verification for a subset of SNI names doesn't actually
protect those.

From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2913 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-11-05 15:29:07 +00:00
Stefan Bühler 268c054c40 [mod_extforward] fix compilation without IPv6, (not) using undefined var (fixes #2515, thx mm) 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2911 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-10-13 11:34:55 +00:00
Stefan Bühler 9b0d54d7cc [mod_auth] explicitly link ssl for SHA1 (fixes #2517) 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2910 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-10-13 11:16:55 +00:00
Stefan Bühler 32199a7bdf - next is 1.4.34 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2909 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-09-27 20:22:12 +00:00
Stefan Bühler 29ff92d9ba [core] set signal handlers before forking child processes in modules/plugins_call_set_defaults (fixes #2502) 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2901 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-08-30 15:46:13 +00:00
Stefan Bühler 9cfc080ab7 [core] allow files to be used as document-root (fixes #2475) 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2900 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-08-30 15:02:44 +00:00
Stefan Bühler c26b0f9617 [mod_accesslog] add accesslog.syslog-level option (fixes #2480) 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2899 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-08-30 14:13:43 +00:00
Stefan Bühler f0e5b84c27 [mod_simple_vhost] fix cache; skip module if simple-vhost.server-root is empty (thx rm for reporting) 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2898 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-08-30 13:15:03 +00:00
Stefan Bühler 92567b8b8f [core] check whether server.chroot exists 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2896 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-08-30 13:14:59 +00:00
Stefan Bühler 916cf7cfc0 [core] remove requirement that default doc-root has to exist, there are reasonable scenarios not requiring static files at all 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2895 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-08-30 13:14:57 +00:00
Stefan Bühler f9d58670d5 [auth] new method "extern" to use already present REMOTE_USER (from magnet, ssl, ...) (fixes #2436) 
can be combined with ssl:
    ssl.verifyclient.username = "SSL_CLIENT_S_DN_UID"
	auth.require = ("/" => ( "require" => "valid-user", "method" => "extern") )

From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2894 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-08-30 13:14:56 +00:00
Stefan Bühler 559b198f86 [auth] put REMOTE_USER into cgi environment, making it accessible to lua via lighty.req_env (fixes #2495) 
From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2892 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-08-30 13:14:52 +00:00
Stefan Bühler 93fd9ea7a4 [ssl] add option ssl.empty-fragments, defaulting to disabled (fixes #2492) 
if ssl.empty-fragments is set to enabled, but the openssl version used
  to compile lighttpd doesn't support empty fragments, a warning is
  displayed (it might still work).

From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2891 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-08-30 13:14:50 +00:00
Stefan Bühler 6d4d2118c3 [ssl] accept ssl renegotiations if they are not disabled (fixes #2491) 
* don't fiddle with ssl internals
 * renegotiations should be safe with recent openssl versions,
   openssl itself should reject unsafe renegotiations

From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2890 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-08-30 13:14:48 +00:00
Stefan Bühler 05858f6cf2 [ssl] Fix $HTTP["scheme"] conditional, could be "http" for ssl connections if the ssl $SERVER["socket"] conditional was nested (fixes #2501) 
con->conf.is_ssl got removed and replaced by:
 * con->conf.ssl_enabled for the config var "ssl.engine" - it is only
   used to determine which server-sockets should use ssl. (usually not
   needed as it is mandatory and enough to set ssl.pemfile anyway)
 * con->srv_socket->is_ssl to detect the actual ssl status of the
   bound socket, which is the same as the ssl status of the connection
 * con->uri.scheme for the actual $HTTP["scheme"] value, also used for
   the CGI "HTTPS=ON" variable. This defaults to "https" if the
   connection uses ssl, but can be changed for example by mod_extforward
   if X-Forwarded-Proto: is set to either "http" or "https" (other values
   are ignored right now)

Also removed the broken srv_socket->is_proxy_ssl as it was a connection
value in a server_socket struct...

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2887 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-07-31 20:23:21 +00:00
Stefan Bühler 25a3f2e826 [network] use constants available at compile time for maximum number of chunks for writev instead of calling sysconf (fixes #2470) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2885 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-06-29 12:46:02 +00:00
Stefan Bühler 6cdb46587c [ssl] use DH only if openssl supports it (fixes #2479) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2884 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-06-29 12:46:00 +00:00
Stefan Bühler 3df2ec9248 [core] recognize more http methods to forward to backends (fixes #2346) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2883 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-06-29 10:53:24 +00:00
Stefan Bühler 9b36534752 [core] return 501 Not Implemented in static file mode for all methods except GET/POST/HEAD/OPTIONS 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2882 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-06-29 10:53:22 +00:00
Stefan Bühler 12c4a40b28 [mod_userdir] add userdir.active option, "enabled" by default 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2880 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-06-29 10:07:43 +00:00
Stefan Bühler a6b42cc61e [auto* build] simplify autogen.sh, handle automake 1.13 test running (fixes #2490) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2878 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-06-29 09:45:29 +00:00
Stefan Bühler c008fd7ec8 [mod_auth] fix invalid read in digest qop=auth-int handling (fixes #2478) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2877 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-06-29 09:45:27 +00:00
Stefan Bühler 680b714543 [cmake] Use TARGET_LINK_LIBRARIES instead of LINK_FLAGS for library dependencies, also add -Wl,--as-needed to extra warnings (fixes #2448) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2875 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-06-29 09:45:23 +00:00
Stefan Bühler a0e93c678b fix undefined stuff found with clang 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2873 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-05-15 10:31:09 +00:00
Stefan Bühler 661efa3f37 fix some bugs found with canalyze (fixes #2484, thx Zhenbo Xu) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2872 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-05-15 10:31:07 +00:00
Stefan Bühler ce4bc0c0f7 [mod_auth] fix base64_decode (#2484) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2871 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-05-15 10:31:04 +00:00
Stefan Bühler c26b50d9ad [mod_auth] add htpasswd -s (SHA1) support if openssl is used (needs openssl for SHA1). This doesn't use any salt, md5 with salt is probably better. 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2870 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-04-29 13:08:25 +00:00
Stefan Bühler 0342dfef1d [mod_auth] use crypt() on encrypted password instead of extracting salt first (fixes #2483) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2869 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-04-29 13:08:23 +00:00
Stefan Bühler b5da12c008 reject non ASCII characters in HTTP header names 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2868 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-03-25 17:22:36 +00:00
Stefan Bühler 25a2d665aa call ERR_clear_error only for ssl connections in CON_STATE_ERROR 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2867 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-03-25 17:22:34 +00:00
Stefan Bühler 0e48ef6acb [mod_fastcgi,log] support multi line logging (fixes #2252) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2866 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-03-25 17:22:32 +00:00
Stefan Bühler 543bd249fb fix handling of If-Modified-Since if If-None-Match is present (don't return 412 for date parsing errors); follow current draft for HTTP/1.1, which tells us to ignore If-Modified-Since if we have matching etags. 
See:
 http://tools.ietf.org/html/draft-ietf-httpbis-p4-conditional-21#section-5
 > it makes sense to ignore the If-Modified-Since when entity tags are
 > understood and available for the selected representation.

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2865 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-01-22 13:08:21 +00:00
Stefan Bühler 9cd8faa1b6 mod_fastcgi: fix mix up of "mode" => "authorizer" in other fastcgi configs (fixes #2465, thx peex) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2864 152afb58-edef-0310-8abb-c4023f1b3aa9
 2013-01-04 13:54:38 +00:00
Stefan Bühler 5aef370a2d - next is 1.4.33 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2863 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-11-21 12:34:49 +00:00
Stefan Bühler 79fed4ec04 remove whitespace at end of header keys 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2861 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-11-21 12:01:46 +00:00
Stefan Bühler 6edfc40f93 fix DoS in Connection header value split (reported by Jesse Sipprell, CVE-2012-5533) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2860 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-11-21 12:01:44 +00:00
Stefan Bühler 29b126d5d3 mod_extforward: log address of untrusted proxy with debug.log-request-handling 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2858 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-11-15 08:44:10 +00:00
Cyril Brulebois 4f4bcdd3c3 tests: make sure mod_proxy doesn't leave running processes (fixes #2435, thx kibi) 
In case the proxy instance goes wrong, the clean-up doesn't kill the
real instance. So close both instances explicitly in the clean-up
phase.

Signed-off-by: Cyril Brulebois <kibi@debian.org>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2857 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-11-09 14:23:25 +00:00
Stefan Bühler 4002dce596 detect "x-gzip"/"x-bzip2" as separate encodings, more strict encoding matching (fixes #2443) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2856 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-11-09 14:23:24 +00:00
Stefan Bühler c3a9948c75 network_server_init: fix double free and memleak on error (fixes #2440, thx kyprizel) 
this is not really critical - lighty will terminate anyway after hitting
this, and this is before connections are accepted.

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2855 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-11-09 14:23:22 +00:00
Stefan Bühler 9b246c5e09 fix :port handling in $HTTP["host"] checks (fixes #2135. thx liming) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2853 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-11-07 14:23:00 +00:00
Stefan Bühler d4d1ff36aa add PATCH method (fixes #2424) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2852 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-11-07 13:53:00 +00:00
Stefan Bühler fcb3f42f11 configure.ac: remove old stuff, add some new to fix warnings in automake 1.12 (fixes #2419, thx blino) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2851 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-11-07 13:07:02 +00:00
Stefan Bühler d09fdd877f Handle ENAMETOOLONG, return 404 Not Found (fixes #2396, thx dererkazo) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2850 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-11-07 13:07:00 +00:00
Stefan Bühler db1d977dea Ignore EPIPE/ECONNRESET after SSL_shutdown (thx patdk-wk for reporting) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2849 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-11-06 17:14:37 +00:00
Stefan Bühler 6c9d257742 Code cleanup with clang/sparse (fixes #2437, thx kibi) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2848 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-08-31 14:11:48 +00:00
Stefan Bühler b6b694df3d - next is 1.4.32 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2841 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-08-31 14:11:37 +00:00
Stefan Bühler 100ed91f2d Fix --enable-mmap handling in configure.ac 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2839 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-05-31 15:08:36 +00:00
Stefan Bühler 172eeebfaa [mod_redirect] Support url.redirect-code option (fixes #2247) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2838 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-05-30 16:58:34 +00:00
Stefan Bühler 1ee35acc6f [mod_extforward] Support ipv6 addresses (fixes #1889) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2837 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-05-18 13:28:00 +00:00
Stefan Bühler 3a13ab8bf2 Detect multiple -f options: show error message instead of assert (fixes #2416) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2836 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-05-18 12:56:30 +00:00
Stefan Bühler 5677f17442 [mod_*cgi,mod_accesslog] Fix splitting :port with ipv6 (fixes #2333, thx simoncpu) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2834 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-04-19 13:02:13 +00:00
Stefan Bühler 7187271fb6 [auth] Add "AUTH_TYPE" environment (for *cgi), remove fastcgi specific workaround, add fastcgi test case (fixes #889) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2833 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-04-19 13:02:11 +00:00
Stefan Bühler 61047369c7 [mod_auth] Fix digest "md5-sess" implementation (Errata ID 1649, RFC 2617) (fixes #2410) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2832 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-04-19 13:02:09 +00:00
Stefan Bühler ab0fa7d873 Fix access log escaping of " and \\ (fixes #1551) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2831 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-04-19 13:02:08 +00:00
Stefan Bühler 01f9debec3 Fix handling of empty header list entries in http_request_split_value, fixing invalid read in valgrind (fixes #2413) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2830 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-04-19 13:02:06 +00:00
Stefan Bühler e697869e34 buffer_caseless_compare: always convert letters to lowercase to get transitive results, fixing array lookups (fixes #2405) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2828 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-04-08 08:02:44 +00:00
Stefan Bühler f4c3a99eea Disable mmap by default (fixes #2391) 
* if a user truncates a file we are mmapping, reading the truncated
  area leads to SIGBUS
* mod_cgi and mod_webdav still use mmap for reading the tmp files
  created for large request bodies.
  as no other user should have write access for those this isn't
  a (security) problem.

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2827 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-02-24 18:34:20 +00:00
Stefan Bühler 33f1ec6d28 [mod_compress] fix handling if etags are disabled but cache-dir is set - may lead to double response 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2826 152afb58-edef-0310-8abb-c4023f1b3aa9
 2012-01-11 21:59:51 +00:00
Stefan Bühler 79bcfab083 Move fdevent subsystem includes to implementation files to reduce conflicts (fixes #2373) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2823 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-12-25 15:35:01 +00:00
Stefan Bühler d194c09da9 [ssl] fix segfault in counting renegotiations for openssl versions without TLSEXT/SNI 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2822 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-12-23 10:31:57 +00:00
Stefan Bühler beb6709b6c - next is 1.4.31 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2820 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-12-18 16:35:12 +00:00
Stefan Bühler 761bedd7fe [libev/cgi] fix waitpid ECHILD errors in cgi with libev (fixes #2324) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2816 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-12-18 12:58:04 +00:00
Stefan Bühler 38e3e4a65a [ssl] fix ssl connection aborts if files are larger than the MAX_WRITE_LIMIT (256kb) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2813 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-12-05 17:08:17 +00:00
Stefan Bühler b748fb890d [core] accept dots in ipv6 addresses in host header (fixes #2359) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2811 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-11-30 20:46:49 +00:00
Stefan Bühler 0f96222e7e [ssl] add option to honor server cipher order, true by default (fixes #2364) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2810 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-11-30 19:59:24 +00:00
Stefan Bühler a94bdd07df [ssl] count renegotiations to prevent client renegotiations 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2808 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-11-30 18:40:08 +00:00
Stefan Bühler 6c9dff7cda [mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2806 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-11-29 22:27:11 +00:00
Stefan Bühler f15ee9becb Fix mod_status bug: always showed "0/0" in the "Read" column for uploads (fixes #2351) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2805 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-10-05 13:39:50 +00:00
Stefan Bühler 3518ab60ed Don't overwrite 401 (auth required) with 501 (unknown method) (fixes #2341) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2804 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-09-05 09:32:43 +00:00
Stefan Bühler e05f1b3eec Add static-file.disable-pathinfo option to prevent handling of urls like .../secret.php/image.jpg as static file 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2803 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-08-30 22:13:59 +00:00
Stefan Bühler cbf1baacc9 [ssl] fix build errors when Elliptic-Curve Diffie-Hellman is disabled 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2802 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-08-22 15:32:55 +00:00
Stefan Bühler 90dd8af32b Always use our 'own' md5 implementation, fixes linking issues on MacOS (fixes #2331) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2799 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-07-30 09:16:03 +00:00
Stefan Bühler 34abcf7309 - next is 1.4.30 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2798 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-07-03 16:34:59 +00:00
Stefan Bühler f0816d8db2 fdevent: add solaris eventports (fixes #2171) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2796 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-06-13 17:34:57 +00:00
Stefan Bühler 960d34c7ea [doc] Move docs to outdated/ subdir and refer to wiki instead (fixes #2248) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2795 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-06-13 12:55:54 +00:00
Stefan Bühler adc97e5ba3 [*cgi] Use physical base dir (alias, userdir) as DOCUMENT_ROOT in cgi environments (fixes #2216) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2794 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-06-13 12:22:02 +00:00
Stefan Bühler 8cdf9cc767 [proc,include_shell] log error if exec shell fails (fixes #2280) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2793 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-06-12 15:44:26 +00:00
Stefan Bühler 55e1dc1825 [ssl/build] some minor fixes; fix compile without ssl, cleanup ssl config buffers 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2789 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-04-24 16:02:55 +00:00
Stefan Bühler 328043caf3 [ssl/md5] prefix our own md5 implementation with li_ so it doesn't conflict with the openssl one (fixes #2269) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2788 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-04-24 16:02:52 +00:00
Stefan Bühler f610f894a3 ssl: Support for Diffie-Hellman and Elliptic-Curve Diffie-Hellman key exchange (fixes #2301, #2246, #2239) 
- add ssl.use-sslv3
 - load all algorithms

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2780 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-03-13 18:00:09 +00:00
Stefan Bühler 562a6ba83b [build] Fix detection of libev (fixes #2300) 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2779 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-03-13 17:44:42 +00:00
Stefan Bühler 33e30b486a mod_cgi: make read buffer as big as incoming data block 
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2778 152afb58-edef-0310-8abb-c4023f1b3aa9
 2011-03-13 17:44:39 +00:00