Glenn Strauss
37f9b60d5e
[mod_authn_ldap] fix mem leak when ldap auth fails ( fixes #2849 )
...
thx, codehero
x-ref:
"Linux OOM kills lighttpd when using mod_authn_ldap"
https://redmine.lighttpd.net/issues/2849
5 years ago
Glenn Strauss
d4083effab
[core] fix base64 decode when char is unsigned ( fixes #2848 )
...
thx, codehero
x-ref:
"buffer_append_base64_decode() broken on compilers where char is assumed unsigned"
https://redmine.lighttpd.net/issues/2848
5 years ago
Glenn Strauss
0c95ed370f
[core] report to stderr if errorlog path ENOENT ( fixes #2847 )
...
x-ref:
"handling permissions at startup"
https://redmine.lighttpd.net/issues/2847
5 years ago
Glenn Strauss
84b5064dc4
[core] discard from socket using recv MSG_TRUNC
...
discard from socket using recv MSG_TRUNC on Linux TCP SOCK_STREAM socket
Currently, lighttpd supports only TCP SOCK_STREAM. If UDP SOCK_DGRAM
were to be supported in the future, then socket type will need to be
stored so that MSG_TRUNC is used appropriately for the desired effect.
To find out socket type on arbitrary socket fd:
getsockopt(..., SOL_SOCKET, SO_TYPE, ...)
but better to store it with each listening socket.
5 years ago
Glenn Strauss
e4ed2ed4ae
[mod_compress,mod_deflate] try mmap MAP_PRIVATE
...
try mmap MAP_PRIVATE if mmap MAP_SHARED fails with errno == EINVAL
Some file systems such as jffs2 and btrfs might not support MAP_SHARED
5 years ago
Glenn Strauss
bed3779617
[core] fix segfault if tempdirs fill up ( fixes #2843 )
...
(thx wolfram)
x-ref:
"lighttpd segfault if /var/tmp is full"
https://redmine.lighttpd.net/issues/2843
5 years ago
Glenn Strauss
d3b0eb8264
[mod_deflate] fix deflate of file > 2MB w/o mmap
...
fix deflate of file > 2MB when lighttpd is built without mmap support
5 years ago
Glenn Strauss
3770df2387
[mod_proxy] basic support for HTTP CONNECT method ( #2060 )
...
For security reasons, this supports only specific, pre-configured
target backends and not arbitrary CONNECT targets.
x-ref:
"mod_connect"
https://redmine.lighttpd.net/issues/2060
"ssh over https tunnel"
https://redmine.lighttpd.net/boards/2/topics/7805
https://en.wikipedia.org/wiki/HTTP_tunnel
https://nurdletech.com/linux-notes/ssh/via-http.html
5 years ago
Glenn Strauss
d5d0258362
[core] support POLLRDHUP, where available ( #2743 )
...
x-ref:
"mod_cgi, lighty not killing CGI if connection in the other end is closed"
https://redmine.lighttpd.net/boards/2/topics/5962
"1.4.40/41 mod_proxy, mod_scgi may trigger POLLHUP on *BSD,Darwin"
https://redmine.lighttpd.net/issues/2743
5 years ago
Glenn Strauss
9f02df2d39
[mod_accesslog] %{canonical,local,remote}p ( fixes #2840 )
...
x-ref:
"accesslog.format remote_port"
https://redmine.lighttpd.net/issues/2840
5 years ago
Glenn Strauss
e7f5e24aeb
[core] adjust offset if response header blank line
...
When backend returns an invalid response header which is exactly a
blank line (\n or \r\n), adjust the offset so as not to discard the
first character following, which is probably intended to be the
beginning of the response body.
5 years ago
Glenn Strauss
de937f47f8
- next is 1.4.49
5 years ago
Glenn Strauss
2c7d70eddb
[doc] NEWS
5 years ago
Glenn Strauss
d4cdaab15b
[doc] fix doc/config/conf.d/fastcgi.conf example
...
x-ref:
"Lighttpd not starting up with default fastcgi config"
https://redmine.lighttpd.net/boards/2/topics/7780
5 years ago
Stefan Bühler
d102a7113f
[scons] fix various python2/3 incompatibilities
5 years ago
Glenn Strauss
2728572af3
[core] fix dup typedef compiler warning
5 years ago
Glenn Strauss
06d108855d
[mod_openssl] quiet trace from TCP probes ( #2784 )
...
x-ref:
"huge amount of "SSL: -1 5 0 Success" messages"
https://redmine.lighttpd.net/issues/2784
5 years ago
Glenn Strauss
d61714dd0d
[mod_authn_sasl] SASL auth (new) ( fixes #2275 )
...
(experimental)
HTTP Basic authentication using saslauthd
server.modules += ( "mod_auth" )
server.modules += ( "mod_authn_sasl" )
auth.backend = "sasl"
auth.backend.sasl.opts = ( "pwcheck_method" => "saslauthd" ) # default
x-ref:
"SASL auth like libapache2-mod-authn-sasl"
https://redmine.lighttpd.net/issues/2275
5 years ago
Glenn Strauss
fdc4c324c4
[mod_authn_ldap] replace use of deprecated funcs
...
[mod_authn_ldap,mod_vhostdb_ldap]
replace use of deprecated funcs
remove -DLDAP_DEPRECATED
5 years ago
Glenn Strauss
5a5ce3dc75
[doc] NEWS - fix improper format line breaks
5 years ago
Glenn Strauss
c09acbeb8a
[mod_openssl] ssl.openssl.ssl-conf-cmd ( fixes #2758 )
...
(similar to Apache mod_ssl SSLOpenSSLConfCmd directive)
(experimental)
This new directive is for use with OpenSSL only, and is not currently
available in LibreSSL.
https://wiki.openssl.org/index.php/Manual:SSL_CONF_cmd(3)
lighttpd takes "file commands" not "command line commands" as
openssl SSL_CONF_cmd() appears to permit only one mode at a time.
lighttpd processes this directive after all other ssl.* directives
have been applied for the $SERVER["socket"] scope.
x-ref:
"Option to disable TLS session tickets"
https://redmine.lighttpd.net/issues/2758
"Allow to selectively disable TLS 1.0, 1.1 and 1.2 versions"
https://github.com/lighttpd/lighttpd1.4/pull/84
github: closes #84
5 years ago
Glenn Strauss
1a22ca87f9
[mod_openssl] allow specifying server cert chain ( fixes #2692 )
...
x-ref:
"allow setting explicit SSL server certificate chain"
https://redmine.lighttpd.net/issues/2692
https://github.com/lighttpd/lighttpd1.4/pull/62
github: closes #62
5 years ago
Glenn Strauss
35ecd4dd9d
[mod_openssl] more pedantic check of return values
...
more pedantic check of return values for openssl interfaces
(and minor adjustment of whitespace)
x-ref:
https://redmine.lighttpd.net/issues/2692
https://github.com/lighttpd/lighttpd1.4/pull/62
5 years ago
Glenn Strauss
da6b2dc1b6
[core] quiet coverity false positive
5 years ago
Glenn Strauss
a9d1c46fb9
[build] fix link of test_configfile.c
5 years ago
Glenn Strauss
d6e184aca9
[mod_cgi] quiet trace if mod_cgi sends SIGTERM ( fixes #2838 )
...
(spurious trace began in lighttpd 1.4.46)
x-ref:
".47 always kills git-http-backend"
https://redmine.lighttpd.net/issues/2838
5 years ago
Glenn Strauss
0e84df8180
[core] fix lighttpd -1 one-shot graceful shutdown
...
fix lighttpd -1 graceful shutdown (one-shot mode)
(regression in lighttpd 1.4.46)
5 years ago
Glenn Strauss
bfef0907bd
[mod_openssl] error if ssl.engine in wrong section ( fixes #2837 )
...
error if ssl.engine in wrong section of config.
ssl.engine is valid only in global scope or $SERVER["socket"] condition
x-ref:
"HTTPS requests timeout when cert not set for socket"
https://redmine.lighttpd.net/issues/2837
5 years ago
Glenn Strauss
8f3bbd7f13
[core] isolate backend fdevent handler defs
5 years ago
Glenn Strauss
7b2514cdad
[core] quiet pedantic cc warning for excess comma
5 years ago
Glenn Strauss
82d374328f
[autobuild] allow sendfile() in cross-compile ( fixes #2836 )
...
allow sendfile() in cross-compile if sys/sendfile.h header detected
and sendfile() symbol detected (e.g. in libc)
If sendfile() is present but always returns ENOSYS, lighttpd will
be slightly less efficient, but will fall back to writev() or write()
User should explicitly set server.network-backend = "writev" in
lighttpd.conf on systems with broken sendfile()
x-ref:
"Remove check for broken sendfile implementations"
https://redmine.lighttpd.net/issues/2836
5 years ago
Glenn Strauss
142971a80c
[core] consolidate backend network write handlers
...
network_write.[ch] isolates various write, writev, sendfile wrappers
5 years ago
Glenn Strauss
9287c87dcd
[core] cleanup: consolidate FAM code in stat_cache
5 years ago
Glenn Strauss
6e87da7195
[core] cleanup unused ifndef
5 years ago
Glenn Strauss
f97f2e359c
[stat_cache] remove debug code littered in file
5 years ago
Glenn Strauss
1367f60626
[core] isolate sock_addr manipulation
5 years ago
Glenn Strauss
caab4cdf8a
[autobuild] remove obsolete warning about mmap use
...
lighttpd protects against SIGBUS when accessing mmap'd files
5 years ago
Glenn Strauss
f394207d5f
[core] fix implicit wildcard IPv4 and IPv6 listen
...
fix implicit wildcard IPv4 and IPv6 listening (regression in 1.4.46)
(broken in commit:5248b46c)
workaround (without this patch): server.set-v6only = "disable"
(which may produce a warning when lighttpd parses config)
x-ref:
https://redmine.lighttpd.net/boards/2/topics/7720
5 years ago
Glenn Strauss
b27f1c0910
[core] fix var.CWD (regression in 1.4.46) ( fixes #2835 )
...
(broken in commit:86bb8be2)
x-ref:
"empty var.CWD"
https://redmine.lighttpd.net/issues/2835
5 years ago
Stefan Bühler
16c4530e61
[meson] new build system
...
Needed to extend lemon to take an output path parameter.
5 years ago
Glenn Strauss
02ad06b080
[autobuild] Merge branch 'personal/stbuehler/autobuild-cleanup'
5 years ago
Stefan Bühler
6976b5e8a8
[autobuild] generate version id with m4 instead of awk
5 years ago
Stefan Bühler
a45f3bac58
[autobuild] improve feature+module counting
5 years ago
Stefan Bühler
6751571805
[autobuild] simple check for fork
5 years ago
Stefan Bühler
5854466908
[autobuild] improve crypt[_r]
5 years ago
Stefan Bühler
34ded72469
[autobuild] improve openssl
5 years ago
Stefan Bühler
2c69ef6704
[autobuild] kerberos improvements
5 years ago
Stefan Bühler
955b029f2f
[autobuild] move some checks to the top
...
Moved some generic checks from the middle of the "feature checks" to the
top.
5 years ago
Stefan Bühler
41cd7d25a8
[autobuild] lots of small cleanups
...
- remove checks with unused results
- make some failures explicit
- improve some fail messages
5 years ago
Stefan Bühler
d8d7d1977a
[autobuild] m4 and shell quoting, whitespace changes, sort some lists
5 years ago
