530 Commits (57c661c1913b418fe46eaef89fed686082894057)

Author SHA1 Message Date
Stefan Bühler 57c661c191 fix unchecked return values from stream_open/stat_cache_get_entry 9 years ago
Stefan Bühler b106513e58 [network] check return value of lseek() 9 years ago
Stefan Bühler 9f2be4882d force assertion: setting FD_CLOEXEC must work (if available) 9 years ago
Stefan Bühler ef0b353fee [mod_cml_lua] fix null pointer dereference 9 years ago
Stefan Bühler 07dd0bd0a5 add force_assert() to enforce assertions as simple assert()s are disabled by -DNDEBUG (fixes #2546) 9 years ago
Stefan Bühler fba7dd6f43 fix resource leaks in error cases on config parsing and other initializations 9 years ago
Stefan Bühler bf10267807 [buffer] fix length check in buffer_is_equal_right_len 9 years ago
Stefan Bühler bcd35cc264 remove logical dead code 9 years ago
Stefan Bühler 29a1070299 add comments for switch fall throughs 9 years ago
Stefan Bühler b239e7734a [mod_magnet] fix memory leak 9 years ago
Stefan Bühler b461e031f5 [mod_fastcgi,mod_scgi] fix resource leaks on spawning backends 9 years ago
Stefan Bühler d59c910d6a [mod_dirlisting] fix memory leak if pcre fails 9 years ago
Stefan Bühler 0aaf939e5e [mod_rrdtool] fix invalid read (string not null terminated) 9 years ago
Stefan Bühler fc3a060a04 [mod_fastcgi] fix use after free (only triggered if fastcgi debug is active) 9 years ago
Stefan Bühler b8a1835093 NEWS entry for previous commit 9 years ago
Stefan Bühler 0d855be97e - next is 1.4.35 9 years ago
Stefan Bühler 24994e113a [mod_webdav] fix fd leak found with parfait (fixes #2530, thx kukackajiri) 9 years ago
Stefan Bühler 657566828e [mod_mysql_vhost] fix memory leak on config init (#2530) 9 years ago
Stefan Bühler e346794d59 [auto* build] remove -no-undefined from linker flags, as we actually link modules with undefined symbols (fixes #2533) 9 years ago
Stefan Bühler f0e5c1415d [core] decode URL before rewrite, enabling it to work in $HTTP["url"] conditionals (fixes #2526) 9 years ago
Stefan Bühler 17762fad01 maintain physical.basedir (the "acting" doc-root as prefix of physical.path) in more places 9 years ago
Stefan Bühler c8fbc16985 [ssl] fix regression from CVE-2013-4508 (client-cert sessions were broken) 9 years ago
Stefan Bühler 99cddff73a [core] check success of setuid,setgid,setgroups (CVE-2013-4559) 9 years ago
Stefan Bühler d8b363c1d1 [stat-cache] fix FAM cleanup/fdevent handling 9 years ago
Stefan Bühler ae1335503a [stat-cache] FAM: fix use after free (CVE-2013-4560) 9 years ago
Stefan Bühler 6b7240f2d8 NEWS entry for previous commit 9 years ago
Stefan Bühler 1af871fcef [ssl] fix SNI handling; only use key+cert+verify-client from SNI specific config (fixes #2525, CVE-2013-4508) 9 years ago
Stefan Bühler 268c054c40 [mod_extforward] fix compilation without IPv6, (not) using undefined var (fixes #2515, thx mm) 9 years ago
Stefan Bühler 9b0d54d7cc [mod_auth] explicitly link ssl for SHA1 (fixes #2517) 9 years ago
Stefan Bühler 32199a7bdf - next is 1.4.34 9 years ago
Stefan Bühler 29ff92d9ba [core] set signal handlers before forking child processes in modules/plugins_call_set_defaults (fixes #2502) 9 years ago
Stefan Bühler 9cfc080ab7 [core] allow files to be used as document-root (fixes #2475) 9 years ago
Stefan Bühler c26b0f9617 [mod_accesslog] add accesslog.syslog-level option (fixes #2480) 9 years ago
Stefan Bühler f0e5b84c27 [mod_simple_vhost] fix cache; skip module if simple-vhost.server-root is empty (thx rm for reporting) 9 years ago
Stefan Bühler 92567b8b8f [core] check whether server.chroot exists 9 years ago
Stefan Bühler 916cf7cfc0 [core] remove requirement that default doc-root has to exist, there are reasonable scenarios not requiring static files at all 9 years ago
Stefan Bühler f9d58670d5 [auth] new method "extern" to use already present REMOTE_USER (from magnet, ssl, ...) (fixes #2436) 9 years ago
Stefan Bühler 559b198f86 [auth] put REMOTE_USER into cgi environment, making it accessible to lua via lighty.req_env (fixes #2495) 9 years ago
Stefan Bühler 93fd9ea7a4 [ssl] add option ssl.empty-fragments, defaulting to disabled (fixes #2492) 9 years ago
Stefan Bühler 6d4d2118c3 [ssl] accept ssl renegotiations if they are not disabled (fixes #2491) 9 years ago
Stefan Bühler 05858f6cf2 [ssl] Fix $HTTP["scheme"] conditional, could be "http" for ssl connections if the ssl $SERVER["socket"] conditional was nested (fixes #2501) 9 years ago
Stefan Bühler 25a3f2e826 [network] use constants available at compile time for maximum number of chunks for writev instead of calling sysconf (fixes #2470) 9 years ago
Stefan Bühler 6cdb46587c [ssl] use DH only if openssl supports it (fixes #2479) 9 years ago
Stefan Bühler 3df2ec9248 [core] recognize more http methods to forward to backends (fixes #2346) 9 years ago
Stefan Bühler 9b36534752 [core] return 501 Not Implemented in static file mode for all methods except GET/POST/HEAD/OPTIONS 9 years ago
Stefan Bühler 12c4a40b28 [mod_userdir] add userdir.active option, "enabled" by default 9 years ago
Stefan Bühler a6b42cc61e [auto* build] simplify autogen.sh, handle automake 1.13 test running (fixes #2490) 9 years ago
Stefan Bühler c008fd7ec8 [mod_auth] fix invalid read in digest qop=auth-int handling (fixes #2478) 9 years ago
Stefan Bühler 680b714543 [cmake] Use TARGET_LINK_LIBRARIES instead of LINK_FLAGS for library dependencies, also add -Wl,--as-needed to extra warnings (fixes #2448) 9 years ago
Stefan Bühler a0e93c678b fix undefined stuff found with clang 9 years ago