Commit Graph

1295 Commits (3dd2f66d1321025078938015bd20df2c69fd5e48)

Author SHA1 Message Date
Stefan Bühler a7396296da [network/ssl] fix build error if TLSEXT is disabled 9 years ago
Stefan Bühler 524e0a30a0 add two asserts to help parfait (#2530) 9 years ago
Stefan Bühler 24994e113a [mod_webdav] fix fd leak found with parfait (fixes #2530, thx kukackajiri) 9 years ago
Stefan Bühler 657566828e [mod_mysql_vhost] fix memory leak on config init (#2530) 9 years ago
Stefan Bühler e346794d59 [auto* build] remove -no-undefined from linker flags, as we actually link modules with undefined symbols (fixes #2533) 9 years ago
Stefan Bühler f0e5c1415d [core] decode URL before rewrite, enabling it to work in $HTTP["url"] conditionals (fixes #2526) 9 years ago
Stefan Bühler 17762fad01 maintain physical.basedir (the "acting" doc-root as prefix of physical.path) in more places 9 years ago
Stefan Bühler c8fbc16985 [ssl] fix regression from CVE-2013-4508 (client-cert sessions were broken) 9 years ago
Stefan Bühler 18869bcfed [mod_ssi] fix "ssi_val_init" prototype 9 years ago
Stefan Bühler 99cddff73a [core] check success of setuid,setgid,setgroups (CVE-2013-4559) 9 years ago
Stefan Bühler d8b363c1d1 [stat-cache] fix FAM cleanup/fdevent handling 9 years ago
Stefan Bühler ae1335503a [stat-cache] FAM: fix use after free (CVE-2013-4560) 9 years ago
Stefan Bühler 6f208cfde1 fix/silence bugs reported by ccc-analyzer (clang) 9 years ago
Stefan Bühler 4938c94ada fix typo (fixes #2519) 9 years ago
Stefan Bühler 1af871fcef [ssl] fix SNI handling; only use key+cert+verify-client from SNI specific config (fixes #2525, CVE-2013-4508) 9 years ago
Stefan Bühler 3ce548c8d0 remove unused members from struct server_socket 9 years ago
Stefan Bühler 268c054c40 [mod_extforward] fix compilation without IPv6, (not) using undefined var (fixes #2515, thx mm) 9 years ago
Stefan Bühler 9b0d54d7cc [mod_auth] explicitly link ssl for SHA1 (fixes #2517) 9 years ago
Stefan Bühler 3863053b99 [mod_scgi] fix log typos 9 years ago
Stefan Bühler 29ff92d9ba [core] set signal handlers before forking child processes in modules/plugins_call_set_defaults (fixes #2502) 9 years ago
Stefan Bühler 9cfc080ab7 [core] allow files to be used as document-root (fixes #2475) 9 years ago
Stefan Bühler c26b0f9617 [mod_accesslog] add accesslog.syslog-level option (fixes #2480) 9 years ago
Stefan Bühler f0e5b84c27 [mod_simple_vhost] fix cache; skip module if simple-vhost.server-root is empty (thx rm for reporting) 9 years ago
Stefan Bühler 92567b8b8f [core] check whether server.chroot exists 9 years ago
Stefan Bühler 916cf7cfc0 [core] remove requirement that default doc-root has to exist, there are reasonable scenarios not requiring static files at all 9 years ago
Stefan Bühler f9d58670d5 [auth] new method "extern" to use already present REMOTE_USER (from magnet, ssl, ...) (fixes #2436) 9 years ago
Stefan Bühler 2bcf65c285 [mod_auth] some cleanup, only search for matching auth.require path once 9 years ago
Stefan Bühler 559b198f86 [auth] put REMOTE_USER into cgi environment, making it accessible to lua via lighty.req_env (fixes #2495) 9 years ago
Stefan Bühler 93fd9ea7a4 [ssl] add option ssl.empty-fragments, defaulting to disabled (fixes #2492) 9 years ago
Stefan Bühler 6d4d2118c3 [ssl] accept ssl renegotiations if they are not disabled (fixes #2491) 9 years ago
Stefan Bühler 05858f6cf2 [ssl] Fix $HTTP["scheme"] conditional, could be "http" for ssl connections if the ssl $SERVER["socket"] conditional was nested (fixes #2501) 9 years ago
Stefan Bühler 7147c84671 [mod_accesslog] fix log buffer <-> log file mapping 9 years ago
Stefan Bühler 25a3f2e826 [network] use constants available at compile time for maximum number of chunks for writev instead of calling sysconf (fixes #2470) 9 years ago
Stefan Bühler 6cdb46587c [ssl] use DH only if openssl supports it (fixes #2479) 9 years ago
Stefan Bühler 3df2ec9248 [core] recognize more http methods to forward to backends (fixes #2346) 9 years ago
Stefan Bühler 9b36534752 [core] return 501 Not Implemented in static file mode for all methods except GET/POST/HEAD/OPTIONS 9 years ago
Stefan Bühler 12c4a40b28 [mod_userdir] add userdir.active option, "enabled" by default 9 years ago
Stefan Bühler c008fd7ec8 [mod_auth] fix invalid read in digest qop=auth-int handling (fixes #2478) 9 years ago
Stefan Bühler 3caf47ecd9 [fdevent-libev] fix type punning warnings 9 years ago
Stefan Bühler 680b714543 [cmake] Use TARGET_LINK_LIBRARIES instead of LINK_FLAGS for library dependencies, also add -Wl,--as-needed to extra warnings (fixes #2448) 9 years ago
Stefan Bühler a0e93c678b fix undefined stuff found with clang 10 years ago
Stefan Bühler 661efa3f37 fix some bugs found with canalyze (fixes #2484, thx Zhenbo Xu) 10 years ago
Stefan Bühler ce4bc0c0f7 [mod_auth] fix base64_decode (#2484) 10 years ago
Stefan Bühler c26b50d9ad [mod_auth] add htpasswd -s (SHA1) support if openssl is used (needs openssl for SHA1). This doesn't use any salt, md5 with salt is probably better. 10 years ago
Stefan Bühler 0342dfef1d [mod_auth] use crypt() on encrypted password instead of extracting salt first (fixes #2483) 10 years ago
Stefan Bühler b5da12c008 reject non ASCII characters in HTTP header names 10 years ago
Stefan Bühler 25a2d665aa call ERR_clear_error only for ssl connections in CON_STATE_ERROR 10 years ago
Stefan Bühler 0e48ef6acb [mod_fastcgi,log] support multi line logging (fixes #2252) 10 years ago
Stefan Bühler 543bd249fb fix handling of If-Modified-Since if If-None-Match is present (don't return 412 for date parsing errors); follow current draft for HTTP/1.1, which tells us to ignore If-Modified-Since if we have matching etags. 10 years ago
Stefan Bühler 9cd8faa1b6 mod_fastcgi: fix mix up of "mode" => "authorizer" in other fastcgi configs (fixes #2465, thx peex) 10 years ago