Commit Graph

2999 Commits

Author SHA1 Message Date
Glenn Strauss 61f85d14ee [core] reject WS following header field-name (fixes #2985)
reject whitespace following request header field-name and before colon
Such whitespace is forbidden in RFC 7230 Section 3.2.4.

strict header parsing is enabled by default in lighttpd.  However,
if explicitly disabled in lighttpd.conf, lighttpd will continue to
accept (and re-format) such field-names before passing to any backend.
  UNSAFE: server.http-parseopts = ( "header-strict" => "disable" )
  This is NOT RECOMMENDED since doing so disables other protections
  provided by lighttpd strict http header parsing.

(thx fedormixalich)

  stricter request header parsing
2020-01-26 00:40:20 -05:00
Glenn Strauss 851728c6a1 [core] avoid freeaddrinfo() on NULL ptr (fixes #2984)
getaddrinfo() should return non-empty result list (res)
or else should return EAI_NONAME or some other error

(musl C library does not check for NULL argument to freeaddrinfo())

  "Segmentation fault in mod_extforward with libmusl"
2020-01-26 00:14:28 -05:00
Glenn Strauss 5c3f439bcf [build] PGSQL_CFLAGS with pkg-config for postgres (#2965)
build postgres modules with $(PGSQL_CFLAGS) in

  "pg_config is deprecated to build postgres client applications"
2019-09-11 02:15:06 -04:00
Glenn Strauss e790203a75 [build] PGSQL_CFLAGS with pkg-config for postgres (#2965)
  "pg_config is deprecated to build postgres client applications"
2019-09-11 02:04:44 -04:00
Glenn Strauss 0e749c1c84 [mod_auth] http_auth_const_time_memeq() (#2975, #2976)
use constant time comparison when comparing digests

(mitigation for brute-force timing attacks against digests
 generated using the same nonce)

  "Digest auth nonces are not validated"
  "safe_memcmp new function proposal"
2019-09-08 18:26:58 -04:00
Glenn Strauss 89dfbf14a5 [mod_auth] http_auth_const_time_memeq_pad()
rename http_auth_const_time_memeq() to http_auth_const_time_memeq_pad()
for constant time padded comparison of strings of potentially different
2019-09-08 18:25:39 -04:00
Glenn Strauss 6ad325c659 [mod_auth] Authentication-Info: nextnonce=...
send Authentication-Info nextnonce when nonce is approaching expiration
2019-09-08 18:22:10 -04:00
Glenn Strauss c81bd354b2 [mod_auth] require digest uri= match original URI
lighttpd requires a strict match between the request URI and the uri=
auth-param provided in the Authenticate header.  lighttpd does not
attempt to determine if different URIs are semantically equivalent.

This commit removes a condition which permitted an Authenticate header
with a uri= containing a query-string to be used with the request-uri
which did not contain any query-string.  The condition was likely added
in the original implementation which operated on lighttpd request.uri
instead of the correct request.orig_uri (original URI sent to lighttpd).


HTTP Digest Access Authentication

3.4.6.  Various Considerations

   The authenticating server MUST assure that the resource designated by
   the "uri" parameter is the same as the resource specified in the
   Request-Line; if they are not, the server SHOULD return a 400 Bad
   Request error.  (Since this may be a symptom of an attack, server
   implementers may want to consider logging such errors.)  The purpose
   of duplicating information from the request URL in this field is to
   deal with the possibility that an intermediate proxy may alter the
   client's Request-Line.  This altered (but presumably semantically
   equivalent) request would not result in the same digest as that
   calculated by the client.

  "HTTP Digest Access Authentication"
  "HTTP digest authentication not compatible with some clients"
2019-09-08 15:14:26 -04:00
Glenn Strauss 1799e4c3eb [mod_auth] do not use quoted-string for algorithm
3.3.  The WWW-Authenticate Response Header Field
   For historical reasons, a sender MUST only generate the quoted string
   syntax values for the following parameters: realm, domain, nonce,
   opaque, and qop.

   For historical reasons, a sender MUST NOT generate the quoted string
   syntax values for the following parameters: stale and algorithm.
2019-09-08 13:55:33 -04:00
Glenn Strauss 019efb0ed8 [mod_webdav] fix file uploads > 128M (fixes #2970)
(thx Gundersanne)

  "mod_webdav writes to fd=-1 when uploading large files (1000M)"
2019-09-08 02:15:15 -04:00
Glenn Strauss 3390642285 [mod_authn_gssapi] option to store delegated creds (fixes #2967)
default enabled for backwards compatibility; disable in future

(thx lameventanas)

  "mod_authn_gssapi requires delegation?"
2019-09-08 02:14:41 -04:00
Glenn Strauss e9440ecfdf [mod_authn_gssapi] 500 if fail to delegate creds (#2967)
  "mod_authn_gssapi requires delegation?"
2019-09-07 16:37:00 -04:00
Glenn Strauss 3eff9bac4e [build] prefer pkg-config for postgres (fixes #2965)
  "pg_config is deprecated to build postgres client applications"
2019-09-07 14:53:00 -04:00
Glenn Strauss ea6006944b [mod_auth] http_auth_const_time_memeq improvement
employ volatile, which might matter with some compilers (or might not)
explicitly check that string lengths match
  (or else might match string where last char of short string matches
   repeated chars in longer string)
2019-09-07 13:44:51 -04:00
Glenn Strauss 84fb334476 [core] disable stat_cache FAM if FAM conn closed
  "Lighttpd Stopping suddenly, no apparent reason on the logfile"
2019-09-07 12:23:20 -04:00
Glenn Strauss c6b46da2c9 [core] retry on some fdevent set/del temporary err 2019-09-07 12:22:04 -04:00
Glenn Strauss 2e7a3c0ac5 [mod_deflate] fix choose encoding parse error (fixes #2981)
regression in mod_deflate in lighttpd 1.4.54

(thx ocin)

  "mod_deflate_choose_encoding() parse error"
2019-09-07 12:08:10 -04:00
Glenn Strauss 06a395a93e [core] issue config error for invalid ':' (fixes #2980)
  "Embedded vim command line in conf file with no comment (#) hangs server"
2019-09-07 11:59:56 -04:00
Glenn Strauss 670b2086f8 [core] move con state handling to connections*.c
move maint code from server.c to connections.c
2019-09-07 11:57:26 -04:00
Glenn Strauss b1cc0856d2 [core] fdevent_poll() is effective periodic timer
document that USE_ALARM in server.c is not used
2019-09-07 11:57:26 -04:00
Glenn Strauss 5718a471b0 [core] improve http_headers[] data struct packing 2019-09-07 11:44:21 -04:00
Stefan Bühler 7e5dfc1a40 [cmake]: enable CMAKE_POSITION_INDEPENDENT_CODE by default 2019-08-23 13:33:17 +02:00
Stefan Bühler d7c0fc295f Also use explicit_memset (NetBSD) with cmake, scons and meson 2019-08-22 13:13:24 +02:00
Stefan Bühler 79760d935a Use explicit_memset from NetBSD if available for safe_memclear (fixes #2971) 2019-08-22 13:08:28 +02:00
Glenn Strauss 186ce8a2b1 [core] allocate unix socket paths with SUN_LEN()+1 (fixes #2962)
(thx lighthouse2)

  "SUN_LEN in sock_addr.c (1.4.53, 1.4.54)"
2019-06-25 00:39:24 -04:00
Glenn Strauss cc492d438b [core] correct __attribute_pure__ syntax 2019-06-06 02:56:37 -04:00
Glenn Strauss 1300815688 [core] use buffer_eq_icase_ssn func
specialized buffer_eq_icase_ssn func replace strncasecmp()
in cases where string lengths are not known to be at least
as large as the len being compared case-insensitively.
(Separate commit in case any future changes modify the
implementation to be unsafe for shorter strings, where
strncasecmp() would stop at '\0' in either string)
2019-06-06 02:48:43 -04:00
Glenn Strauss e20b5318d5 [core] use buffer_eq_icase_ssn func
specialized buffer_eq_icase_ssn func replace strncasecmp()
in cases where string lengths are known to be at least as
large as the len being compared case-insensitively
2019-06-06 02:48:43 -04:00
Glenn Strauss 02cd38687b [core] cold func http_response_omit_header() 2019-06-06 02:48:43 -04:00
Glenn Strauss 075241c773 [mod_webdav] fix startup crash w/ multiple conds (fixes #2958)
(thx flynn)

  "lighttpd 1.4.54 segfaults on start in mod_webdav"
2019-06-06 02:48:43 -04:00
Glenn Strauss 72d4fe7451 [core] mark some more funcs w/ __attribute_pure__ 2019-06-06 02:48:43 -04:00
Glenn Strauss fc42ec12d9 [multiple] replace strcasecmp() on short strings 2019-06-06 02:48:43 -04:00
Glenn Strauss e3874a20ba [core] use buffer_eq_icase* funcs
specialized buffer_eq_icase* funcs replace buffer_caseless_compare()
2019-06-06 02:48:43 -04:00
Glenn Strauss 49ed72cef4 [core] mark some more funcs w/ __attribute_pure__ 2019-06-06 02:48:43 -04:00
Glenn Strauss ac8444f2e6 [core] specialized buffer_eq_*() for short strings
specialized buffer_eq_*() funcs for use with short strings,
e.g. case-insensitive comparison for equality
2019-06-06 02:48:43 -04:00
Glenn Strauss ca059d580d [core] array-specialized buffer_caseless_compare()
specialize buffer_caseless_compare() for array.c
2019-06-06 02:48:43 -04:00
Glenn Strauss 4fb5a791b0 [core] __attribute_pure__ 2019-06-06 02:48:43 -04:00
Glenn Strauss 32a8f0b3b5 [core] fix compile error on Solaris (fixes #2959)
(thx pyhalov)

  "Release 1.4.54 does not compile on an Open Solaris clone"
2019-06-06 02:47:59 -04:00
Glenn Strauss 51a46f0211 - next is 1.4.55 2019-05-27 17:46:26 -04:00
Glenn Strauss 445ce2c44f [doc] NEWS 2019-05-27 08:53:03 -04:00
Glenn Strauss ae9cafecea [mod_authn_ldap] ldap_set_option LDAP_OPT_RESTART (fixes #2940)
ldap_set_option LDAP_OPT_RESTART to handle EINTR on SIGCHLD from CGI

(ldap uses poll(), which is not restartable with sigaction SA_RESTART)

  "mod_authn_ldap/mod_cgi race condition, "Can't contact LDAP server""
2019-05-27 08:32:48 -04:00
Glenn Strauss 4ac239c401 [mod_maxminddb] MaxMind GeoIP2 support 2019-05-26 10:21:57 -04:00
Glenn Strauss ef0a211733 [core] adjust http_chunk read() retry loop 2019-05-18 13:02:59 -04:00
Glenn Strauss cb1c49a74a [mod_magnet] expose server addr (local IP) to lua
expose server addr (local IP) to lua via
lighty.env["request.server-addr"] (read-only)
2019-05-14 01:03:08 -04:00
Glenn Strauss 42942ec97c [core] use high precision stat timestamp on OS X 2019-05-13 21:01:57 -04:00
Glenn Strauss d5774fc6b3 [tests] skip mod-secdownload HMAC-SHA1,HMAC-SHA256
skip mod-secdownload.t HMAC-SHA1, HMAC-SHA256 tests if crypto algorithms
are not available (e.g. lighttpd build without openssl)
2019-05-13 21:01:57 -04:00
Glenn Strauss da6a94efbb [tests] has_feature() helper func
has_feature() helper func so that tests
can be skipped if support is not present
2019-05-13 21:01:57 -04:00
Glenn Strauss 64b0f7229e [core] buffer_reset() should not be passed NULL 2019-05-13 21:01:57 -04:00
Glenn Strauss a86ea83b5a [core] chunkqueue perf: read small files into mem 2019-05-13 21:01:57 -04:00
Glenn Strauss 8ae0646748 [core] chunkqueue perf: skip opening 0-length file 2019-05-13 20:27:49 -04:00