- a lot of code tried to handle manually adding terminating zeroes and
keeping track of the correct "used" count.
Replaced all "external" usages with simple wrapper functions:
* buffer_string_is_empty (used <= 1), buffer_is_empty (used == 0);
prefer buffer_string_is_empty
* buffer_string_set_length
* buffer_string_length
* CONST_BUF_LEN() macro
- removed "static" buffer hacks (buffers pointing to constant/stack
memory instead of malloc()ed data)
- buffer_append_strftime(): refactor buffer+strftime uses
- li_tohex(): no need for a buffer for binary-to-hex conversion:
the output data length is easy to predict
- remove "-Winline" from extra warnings: the "inline" keyword just
supresses the warning about unused but defined (static) functions;
don't care whether it actually gets inlined or not.
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2979 152afb58-edef-0310-8abb-c4023f1b3aa9
* removed almost all usages of buffer as "memory" (without terminating
zero)
* refactored cgi variable name encoding
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2977 152afb58-edef-0310-8abb-c4023f1b3aa9
* remove unused structs and functions
(buffer_array, read_buffer)
* change return type from int to void for many functions,
as the return value (indicating error/success) was never checked,
and the function would only fail on programming errors and not on
invalid input; changed functions to use force_assert instead of
returning an error.
* all "len" parameters now are the real size of the memory to be read.
the length of strings is given always without the terminating 0.
* the "buffer" struct still counts the terminating 0 in ->used,
provide buffer_string_length() to get the length of a string in a
buffer.
unset config "strings" have used == 0, which is used in some places
to distinguish unset values from "" (empty string) values.
* most buffer usages should now use it as string container.
* optimise some buffer copying by "moving" data to other buffers
* use (u)intmax_t for generic int-to-string functions
* remove unused enum values: UNUSED_CHUNK, ENCODING_UNSET
* converted BUFFER_APPEND_SLASH to inline function (no macro feature
needed)
* refactor: create chunkqueue_steal: moving (partial) chunks into another
queue
* http_chunk: added separate function to terminate chunked body instead of
magic handling in http_chunk_append_mem().
http_chunk_append_* now handle empty chunks, and never terminate the
chunked body.
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2975 152afb58-edef-0310-8abb-c4023f1b3aa9
These should all be non critical:
* memory leaks on startup in error cases (which lead to
immediate shutdowns anyway)
* http_auth/ldap: passing uninitialized "ret" to ldap_err2string
* sizeof(T) not matching the target pointer in malloc/calloc calls;
those cases were either:
* T being the wrong pointer type - shouldn't matter as long as all
pointers have same size
* T being larger than the type needed
* mod_accesslog: direct use after free in cleanup (server shutdown);
could crash before "clean" shutdown
* some false positives (mod_compress, mod_expire)
* assert(srv->config_context->used > 0); - this is always the case,
as there is always a global config block
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2920 152afb58-edef-0310-8abb-c4023f1b3aa9
Allowing LDAP entries to use the chracters ' ', '@', '-', '_',
and '.' in the user name attribute. These characters do not
modify the behavior of the LDAP filter and are common in LDAP
user names.
Signed-off-by: David M. Syzdek <david@syzdek.net>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2526 152afb58-edef-0310-8abb-c4023f1b3aa9
Enhancement #1544: Log the ip of failed auth tries in error.log
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2091 152afb58-edef-0310-8abb-c4023f1b3aa9
* fixed crash with md5-sess and cnonce not set in mod_auth (reported
by Stefan Esser)
* fixed missing check for base64 encoded string in mod_auth and Basic
auth (reported by Stefan Esser)
* fixed possible crash in Auth-Digest header parser on trailing WS in
mod_auth (reported by Stefan Esser)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1875 152afb58-edef-0310-8abb-c4023f1b3aa9
i hope it helps with merging stuff back to 1.5
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1371 152afb58-edef-0310-8abb-c4023f1b3aa9
Most people would use pam auth with /etc/{passwd,shadow}.
This is a stupid idea anyway.
* src/server.c: Remove pam from the feature list (-V)
* src/http_auth.h, src/http_auth.c: Remove the pam code.
(merge of r1115:1116 from branches/lighttpd-merge-1.4.x/)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.11-ssl-fixes@1288 152afb58-edef-0310-8abb-c4023f1b3aa9
(reported on slashdot by james-web@and.org)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@871 152afb58-edef-0310-8abb-c4023f1b3aa9
Stefan Bühler
Elan Ruusamäe
Jan Kneschke