Commit Graph

3183 Commits

Author SHA1 Message Date
Glenn Strauss 2e7a3c0ac5 [mod_deflate] fix choose encoding parse error (fixes #2981)
regression in mod_deflate in lighttpd 1.4.54

(thx ocin)

  "mod_deflate_choose_encoding() parse error"
2019-09-07 12:08:10 -04:00
Glenn Strauss 06a395a93e [core] issue config error for invalid ':' (fixes #2980)
  "Embedded vim command line in conf file with no comment (#) hangs server"
2019-09-07 11:59:56 -04:00
Glenn Strauss 670b2086f8 [core] move con state handling to connections*.c
move maint code from server.c to connections.c
2019-09-07 11:57:26 -04:00
Glenn Strauss b1cc0856d2 [core] fdevent_poll() is effective periodic timer
document that USE_ALARM in server.c is not used
2019-09-07 11:57:26 -04:00
Glenn Strauss 5718a471b0 [core] improve http_headers[] data struct packing 2019-09-07 11:44:21 -04:00
Stefan Bühler 7e5dfc1a40 [cmake]: enable CMAKE_POSITION_INDEPENDENT_CODE by default 2019-08-23 13:33:17 +02:00
Stefan Bühler d7c0fc295f Also use explicit_memset (NetBSD) with cmake, scons and meson 2019-08-22 13:13:24 +02:00
Stefan Bühler 79760d935a Use explicit_memset from NetBSD if available for safe_memclear (fixes #2971) 2019-08-22 13:08:28 +02:00
Glenn Strauss 186ce8a2b1 [core] allocate unix socket paths with SUN_LEN()+1 (fixes #2962)
(thx lighthouse2)

  "SUN_LEN in sock_addr.c (1.4.53, 1.4.54)"
2019-06-25 00:39:24 -04:00
Glenn Strauss cc492d438b [core] correct __attribute_pure__ syntax 2019-06-06 02:56:37 -04:00
Glenn Strauss 1300815688 [core] use buffer_eq_icase_ssn func
specialized buffer_eq_icase_ssn func replace strncasecmp()
in cases where string lengths are not known to be at least
as large as the len being compared case-insensitively.
(Separate commit in case any future changes modify the
implementation to be unsafe for shorter strings, where
strncasecmp() would stop at '\0' in either string)
2019-06-06 02:48:43 -04:00
Glenn Strauss e20b5318d5 [core] use buffer_eq_icase_ssn func
specialized buffer_eq_icase_ssn func replace strncasecmp()
in cases where string lengths are known to be at least as
large as the len being compared case-insensitively
2019-06-06 02:48:43 -04:00
Glenn Strauss 02cd38687b [core] cold func http_response_omit_header() 2019-06-06 02:48:43 -04:00
Glenn Strauss 075241c773 [mod_webdav] fix startup crash w/ multiple conds (fixes #2958)
(thx flynn)

  "lighttpd 1.4.54 segfaults on start in mod_webdav"
2019-06-06 02:48:43 -04:00
Glenn Strauss 72d4fe7451 [core] mark some more funcs w/ __attribute_pure__ 2019-06-06 02:48:43 -04:00
Glenn Strauss fc42ec12d9 [multiple] replace strcasecmp() on short strings 2019-06-06 02:48:43 -04:00
Glenn Strauss e3874a20ba [core] use buffer_eq_icase* funcs
specialized buffer_eq_icase* funcs replace buffer_caseless_compare()
2019-06-06 02:48:43 -04:00
Glenn Strauss 49ed72cef4 [core] mark some more funcs w/ __attribute_pure__ 2019-06-06 02:48:43 -04:00
Glenn Strauss ac8444f2e6 [core] specialized buffer_eq_*() for short strings
specialized buffer_eq_*() funcs for use with short strings,
e.g. case-insensitive comparison for equality
2019-06-06 02:48:43 -04:00
Glenn Strauss ca059d580d [core] array-specialized buffer_caseless_compare()
specialize buffer_caseless_compare() for array.c
2019-06-06 02:48:43 -04:00
Glenn Strauss 4fb5a791b0 [core] __attribute_pure__ 2019-06-06 02:48:43 -04:00
Glenn Strauss 32a8f0b3b5 [core] fix compile error on Solaris (fixes #2959)
(thx pyhalov)

  "Release 1.4.54 does not compile on an Open Solaris clone"
2019-06-06 02:47:59 -04:00
Glenn Strauss 51a46f0211 - next is 1.4.55 2019-05-27 17:46:26 -04:00
Glenn Strauss 445ce2c44f [doc] NEWS 2019-05-27 08:53:03 -04:00
Glenn Strauss ae9cafecea [mod_authn_ldap] ldap_set_option LDAP_OPT_RESTART (fixes #2940)
ldap_set_option LDAP_OPT_RESTART to handle EINTR on SIGCHLD from CGI

(ldap uses poll(), which is not restartable with sigaction SA_RESTART)

  "mod_authn_ldap/mod_cgi race condition, "Can't contact LDAP server""
2019-05-27 08:32:48 -04:00
Glenn Strauss 4ac239c401 [mod_maxminddb] MaxMind GeoIP2 support 2019-05-26 10:21:57 -04:00
Glenn Strauss ef0a211733 [core] adjust http_chunk read() retry loop 2019-05-18 13:02:59 -04:00
Glenn Strauss cb1c49a74a [mod_magnet] expose server addr (local IP) to lua
expose server addr (local IP) to lua via
lighty.env["request.server-addr"] (read-only)
2019-05-14 01:03:08 -04:00
Glenn Strauss 42942ec97c [core] use high precision stat timestamp on OS X 2019-05-13 21:01:57 -04:00
Glenn Strauss d5774fc6b3 [tests] skip mod-secdownload HMAC-SHA1,HMAC-SHA256
skip mod-secdownload.t HMAC-SHA1, HMAC-SHA256 tests if crypto algorithms
are not available (e.g. lighttpd build without openssl)
2019-05-13 21:01:57 -04:00
Glenn Strauss da6a94efbb [tests] has_feature() helper func
has_feature() helper func so that tests
can be skipped if support is not present
2019-05-13 21:01:57 -04:00
Glenn Strauss 64b0f7229e [core] buffer_reset() should not be passed NULL 2019-05-13 21:01:57 -04:00
Glenn Strauss a86ea83b5a [core] chunkqueue perf: read small files into mem 2019-05-13 21:01:57 -04:00
Glenn Strauss 8ae0646748 [core] chunkqueue perf: skip opening 0-length file 2019-05-13 20:27:49 -04:00
Glenn Strauss d9e2dd4b2e [core] chunkqueue perf: specialized buffer.h funcs 2019-05-13 20:27:49 -04:00
Glenn Strauss 6572976e06 [core] chunkqueue perf: code reuse
code reuse, simplification, and inlining
remove excess calls to chunkqueue_remove_finished_chunks()

(it may still be possible for there to be an empty chunk in chunkqueue
 if nothing were written to a temporary file (need to verify this), so
 preserve some calls to chunkqueue_remove_finished_chunks() for now)
2019-05-13 20:27:49 -04:00
Elan Ruusamäe 4f0261e5e1 [doc] systemd socket activation config example
(minor edits by gstrauss)

github: closes #96

  "doc/systemd: add example lighttpd.socket for systemd socket activation"
2019-05-11 02:21:03 -04:00
Glenn Strauss 146ea6bad0 [mod_webdav] invalidate parent dir in stat_cache
invalidate directory in stat_cache when a new file or dir is created
within that directory
2019-05-09 21:09:52 -04:00
Glenn Strauss dd3d20c3d0 [mod_webdav] doc Microsoft-WebDAV-MiniRedir bugs 2019-05-08 07:31:25 -04:00
Glenn Strauss e9abd76acc [mod_webdav] workaround Microsoft-WebDAV-MiniRedir
workaround Microsoft-WebDAV-MiniRedir bugs
2019-05-08 02:56:37 -04:00
Glenn Strauss 9bb01a49df [core] check if splay_tree NULL before invalidate 2019-05-08 00:54:52 -04:00
Glenn Strauss 003fd0f8c3 [core] store log_state_handling flag on stack 2019-05-07 20:14:50 -04:00
Glenn Strauss b0ae5fcbcd [core] support weak etags with If-None-Match
support weak etags with If-None-Match

(but require strong etags for Range requests)
2019-05-06 01:13:58 -04:00
Glenn Strauss 1a325a196c [mod_openssl] use SSL_CTX_set_client_hello_cb()
use SSL_CTX_set_client_hello_cb() when available

(obsoletes SSL_CTX_set_tlsext_servername_callback()
 and SSL_CTX_set_tlsext_servername_arg())
2019-05-06 01:13:58 -04:00
Glenn Strauss 52c489837f [build] detect FreeBSD elftc_copyfile() 2019-05-05 23:05:02 -04:00
Glenn Strauss ec94594504 [scons] help scons on FreeBSD find sys/event.h 2019-05-05 23:05:02 -04:00
Glenn Strauss 3abbb8dc4b [cmake] help cmake on FreeBSD find sys/event.h
sys/event.h does not compile standalone, so check_include_files() fails

Add compiler flags -include sys/types.h so that the compile check passes

This allows cmake builds on FreeBSD to detect and use kqueue.
2019-05-05 03:02:01 -04:00
Glenn Strauss d836d20317 [stat_cache] fix compilation error for cmake 2019-05-04 18:16:01 -04:00
Glenn Strauss 1cf68f79eb [core] behavior change: stricter URL normalization
behavior change: stricter URL normalization

Prior behavior can be obtained by configuring lighttpd.conf with:
      server.http-parseopts = (“url-normalize” => “disable” )
although this is not recommended.

This behavior change was pre-announced with the releases of
  lighttpd 1.4.52 (2018.11.28)
  lighttpd 1.4.53 (2019.01.27)

The recommended settings are:
      server.http-parseopts = (
        "header-strict"            => "enable",
        "host-strict"              => "enable",
        "host-normalize"           => "enable",
        "url-normalize"            => "enable",
        "url-normalize-unreserved" => "enable",
        "url-normalize-required"   => "enable",
        "url-ctrls-reject"         => "enable",
        "url-path-2f-decode"       => "enable",
        "url-path-backslash-trans" => "enable",
        "url-path-dotseg-remove"   => "enable",
        "url-query-20-plus"        => "enable"

The lighttpd defaults with this commit are slightly less strict:
      server.http-parseopts = (
        "header-strict"            => "enable",
        "host-strict"              => "enable",
        "host-normalize"           => "enable",
        "url-normalize"            => "enable",
        "url-normalize-unreserved" => "enable",
       #"url-normalize-required"   => "enable",
        "url-ctrls-reject"         => "enable",
        "url-path-2f-decode"       => "enable",
       #"url-path-backslash-trans" => "enable",
        "url-path-dotseg-remove"   => "enable",
       #"url-query-20-plus"        => "enable"
2019-05-04 17:48:04 -04:00
Glenn Strauss 49e9f0acdc [doc] highlight relevance of module load order (fixes #2946)
  "modules.conf order unhelpful (setenv vs. redirect)"
2019-05-04 17:10:35 -04:00