Stefan Bühler
916cf7cfc0
[core] remove requirement that default doc-root has to exist, there are reasonable scenarios not requiring static files at all
...
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2895 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
f9d58670d5
[auth] new method "extern" to use already present REMOTE_USER (from magnet, ssl, ...) ( fixes #2436 )
...
can be combined with ssl:
ssl.verifyclient.username = "SSL_CLIENT_S_DN_UID"
auth.require = ("/" => ( "require" => "valid-user", "method" => "extern") )
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2894 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
2bcf65c285
[mod_auth] some cleanup, only search for matching auth.require path once
...
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2893 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
559b198f86
[auth] put REMOTE_USER into cgi environment, making it accessible to lua via lighty.req_env ( fixes #2495 )
...
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2892 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
93fd9ea7a4
[ssl] add option ssl.empty-fragments, defaulting to disabled ( fixes #2492 )
...
if ssl.empty-fragments is set to enabled, but the openssl version used
to compile lighttpd doesn't support empty fragments, a warning is
displayed (it might still work).
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2891 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
6d4d2118c3
[ssl] accept ssl renegotiations if they are not disabled ( fixes #2491 )
...
* don't fiddle with ssl internals
* renegotiations should be safe with recent openssl versions,
openssl itself should reject unsafe renegotiations
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2890 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
292b8d621b
move ssl.disable-client-renegotiation and added note that it currently doesnt work inside conditionals
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2889 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
f8e9462d2f
[autoconf] pkg-config: search for lua5.1 and lua-5.1 before lua
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2888 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
05858f6cf2
[ssl] Fix $HTTP["scheme"] conditional, could be "http" for ssl connections if the ssl $SERVER["socket"] conditional was nested ( fixes #2501 )
...
con->conf.is_ssl got removed and replaced by:
* con->conf.ssl_enabled for the config var "ssl.engine" - it is only
used to determine which server-sockets should use ssl. (usually not
needed as it is mandatory and enough to set ssl.pemfile anyway)
* con->srv_socket->is_ssl to detect the actual ssl status of the
bound socket, which is the same as the ssl status of the connection
* con->uri.scheme for the actual $HTTP["scheme"] value, also used for
the CGI "HTTPS=ON" variable. This defaults to "https" if the
connection uses ssl, but can be changed for example by mod_extforward
if X-Forwarded-Proto: is set to either "http" or "https" (other values
are ignored right now)
Also removed the broken srv_socket->is_proxy_ssl as it was a connection
value in a server_socket struct...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2887 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
7147c84671
[mod_accesslog] fix log buffer <-> log file mapping
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2886 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
25a3f2e826
[network] use constants available at compile time for maximum number of chunks for writev instead of calling sysconf ( fixes #2470 )
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2885 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
6cdb46587c
[ssl] use DH only if openssl supports it ( fixes #2479 )
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2884 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
3df2ec9248
[core] recognize more http methods to forward to backends ( fixes #2346 )
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2883 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
9b36534752
[core] return 501 Not Implemented in static file mode for all methods except GET/POST/HEAD/OPTIONS
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2882 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
f0a2c0f293
[mod_user] add test cases to check handling of encoded ~ as %7E ( #2124 )
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2881 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
12c4a40b28
[mod_userdir] add userdir.active option, "enabled" by default
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2880 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
46240fdb7e
[mod_auth] fix distcheck, depends on openssl now for {SHA} crypted passwords
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2879 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
a6b42cc61e
[auto* build] simplify autogen.sh, handle automake 1.13 test running ( fixes #2490 )
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2878 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
c008fd7ec8
[mod_auth] fix invalid read in digest qop=auth-int handling ( fixes #2478 )
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2877 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
3caf47ecd9
[fdevent-libev] fix type punning warnings
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2876 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
680b714543
[cmake] Use TARGET_LINK_LIBRARIES instead of LINK_FLAGS for library dependencies, also add -Wl,--as-needed to extra warnings ( fixes #2448 )
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2875 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
838d771550
added mime type for json files
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2874 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
a0e93c678b
fix undefined stuff found with clang
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2873 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
661efa3f37
fix some bugs found with canalyze ( fixes #2484 , thx Zhenbo Xu)
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2872 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
ce4bc0c0f7
[mod_auth] fix base64_decode ( #2484 )
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2871 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
c26b50d9ad
[mod_auth] add htpasswd -s (SHA1) support if openssl is used (needs openssl for SHA1). This doesn't use any salt, md5 with salt is probably better.
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2870 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
0342dfef1d
[mod_auth] use crypt() on encrypted password instead of extracting salt first ( fixes #2483 )
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2869 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
b5da12c008
reject non ASCII characters in HTTP header names
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2868 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
25a2d665aa
call ERR_clear_error only for ssl connections in CON_STATE_ERROR
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2867 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
0e48ef6acb
[mod_fastcgi,log] support multi line logging ( fixes #2252 )
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2866 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
543bd249fb
fix handling of If-Modified-Since if If-None-Match is present (don't return 412 for date parsing errors); follow current draft for HTTP/1.1, which tells us to ignore If-Modified-Since if we have matching etags.
...
See:
http://tools.ietf.org/html/draft-ietf-httpbis-p4-conditional-21#section-5
> it makes sense to ignore the If-Modified-Since when entity tags are
> understood and available for the selected representation.
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2865 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
9cd8faa1b6
mod_fastcgi: fix mix up of "mode" => "authorizer" in other fastcgi configs ( fixes #2465 , thx peex)
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2864 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
5aef370a2d
- next is 1.4.33
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2863 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
79fed4ec04
remove whitespace at end of header keys
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2861 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
6edfc40f93
fix DoS in Connection header value split (reported by Jesse Sipprell, CVE-2012-5533)
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2860 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
6200764f05
tests: check different combination of empty values, leading/trailing spaces and commas in the Connection header
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2859 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
Stefan Bühler
29b126d5d3
mod_extforward: log address of untrusted proxy with debug.log-request-handling
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2858 152afb58-edef-0310-8abb-c4023f1b3aa9
10 years ago
4f4bcdd3c3
tests: make sure mod_proxy doesn't leave running processes ( fixes #2435 , thx kibi)
...
In case the proxy instance goes wrong, the clean-up doesn't kill the
real instance. So close both instances explicitly in the clean-up
phase.
Signed-off-by: Cyril Brulebois <kibi@debian.org>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2857 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler
4002dce596
detect "x-gzip"/"x-bzip2" as separate encodings, more strict encoding matching ( fixes #2443 )
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2856 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler
c3a9948c75
network_server_init: fix double free and memleak on error ( fixes #2440 , thx kyprizel)
...
this is not really critical - lighty will terminate anyway after hitting
this, and this is before connections are accepted.
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2855 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler
9b246c5e09
fix :port handling in $HTTP["host"] checks ( fixes #2135 . thx liming)
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2853 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler
d4d1ff36aa
add PATCH method ( fixes #2424 )
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2852 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler
fcb3f42f11
configure.ac: remove old stuff, add some new to fix warnings in automake 1.12 ( fixes #2419 , thx blino)
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2851 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler
d09fdd877f
Handle ENAMETOOLONG, return 404 Not Found ( fixes #2396 , thx dererkazo)
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2850 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler
db1d977dea
Ignore EPIPE/ECONNRESET after SSL_shutdown (thx patdk-wk for reporting)
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2849 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler
6c9d257742
Code cleanup with clang/sparse ( fixes #2437 , thx kibi)
...
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2848 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
6404e3ba09
[lighttpd-angel] Remove unused variable.
...
Signed-off-by: Cyril Brulebois <kibi@debian.org>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2847 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
b6757eaae5
[lemon] Use void* as generic pointer instead of char*.
...
Action_add() takes a char* as last parameter, which leads clang to emit
warnings about incompatible pointer types:
lemon.c:838:34: […] 'struct state *' to parameter of type 'char *'
lemon.c:939:57: […] 'struct rule *' to parameter of type 'char *'
Signed-off-by: Cyril Brulebois <kibi@debian.org>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2846 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
9c43331382
Use NULL instead of 0 where pointers are expected.
...
There are 6 remaining occurrences after this commit, in mod_compress,
due to zlib's Z_NULL being defined as 0 instead of NULL.
Signed-off-by: Cyril Brulebois <kibi@debian.org>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2845 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
b6b6eda292
[md5] Fix non-ANSI function definitions.
...
The following was used in the past:
int foo(bar, baz)
int bar;
int baz;
{ ... }
But that's written this way now:
int foo(int bar, int baz)
{ ... }
Signed-off-by: Cyril Brulebois <kibi@debian.org>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2844 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Marcus Rückert