Commit Graph

83 Commits (70b1af0640ef31b619bfc3f2c95712aae4ce7409)

Author SHA1 Message Date
Glenn Strauss c18f442a63 [multiple] add summaries to top of some modules 2 years ago
Glenn Strauss 7c7f8c467c [multiple] split con, request (very large change) 2 years ago
Glenn Strauss a03afc9043 [mod_auth] inline arrays in http_auth_require_t 2 years ago
Glenn Strauss ad9b7e009b [core] inline buffer as part of DATA_UNSET key 3 years ago
Glenn Strauss 0e749c1c84 [mod_auth] http_auth_const_time_memeq() (#2975, #2976) 3 years ago
Glenn Strauss 89dfbf14a5 [mod_auth] http_auth_const_time_memeq_pad() 3 years ago
Glenn Strauss ea6006944b [mod_auth] http_auth_const_time_memeq improvement 3 years ago
Glenn Strauss 60f4cf3ad8 [mod_auth] http_auth_info_t digest abstraction 4 years ago
Glenn Strauss 07fef25867 [mod_auth] http_auth_digest_hex2bin() 4 years ago
Glenn Strauss 96061c1e5e [mod_auth] permit additional auth backends to load 4 years ago
Glenn Strauss e47ea5e2b0 [core] memeq compare rounded to 64, not next 1M 4 years ago
Glenn Strauss 3dd3cde902 [core] abstraction layer for HTTP header manip 4 years ago
Glenn Strauss a7c27c9f99 [core] code reuse with array_insert_key_value() 4 years ago
Glenn Strauss 04d76e7afd [core] some header cleanup 5 years ago
Glenn Strauss 81b7e8e2fb [mod_auth] constant time compare plain passwords 5 years ago
Glenn Strauss b0c66266d9 [core] initialize globals at top of main() 6 years ago
Glenn Strauss 7ba06c71a6 [mod_auth] structured data, register auth schemes 6 years ago
Glenn Strauss cde68b7b23 [mod_auth] http_auth_md5_hex2bin() 6 years ago
Glenn Strauss 4b3a91e64b [mod_auth] extensible interface for auth backends 6 years ago
Glenn Strauss 3dcca966f4 [mod_auth] refactor out auth backend code 6 years ago
Glenn Strauss 81b2d1f020 [mod_auth] refactor out auth backend code 6 years ago
Glenn Strauss 31250a9af8 [mod_auth] refactor out auth backend code 6 years ago
Glenn Strauss cb24958c01 [mod_auth] Digest auth fails after rewrite (fixes #2745) 6 years ago
Glenn Strauss 00cc4d7c0e [mod_auth] fix Digest auth to be better than Basic (fixes #1844) 6 years ago
Glenn Strauss 72b133f595 fix errors detected by Coverity Scan 6 years ago
Glenn Strauss b47c393e26 [mod_auth] skip blank lines and comment lines (fixes #2327) 7 years ago
Glenn Strauss 8e3c6bf754 fallback to lseek()/read() if mmap() fails (#fixes 2666) 7 years ago
Glenn Strauss 47f3dbebe4 use li_[iu]tostrn() instead of li_[iu]tostr() 7 years ago
Glenn Strauss e5006d88eb pass buf size to li_tohex() 7 years ago
Glenn Strauss 733ce38203 [http_auth/mod_fastcgi] check get_http_*_name() for NULL return (#2583) 7 years ago
Glenn Strauss 8abd06a7ff consistent inclusion of config.h at top of files (fixes #2073) 7 years ago
Stefan Bühler b0a4421272 [core] refactor base64 functions into separate file 7 years ago
Loganaden Velvindron d7be04beb5 [mod_auth] implement and use safe_memclear, using memset_s or explicit_bzero if available 7 years ago
Stefan Bühler 52d72fe8fc [scons] fix crypt() detection, other improvements 7 years ago
Stefan Bühler c92496720d [mod_auth] use crypt_r instead of crypt if available 8 years ago
Stefan Bühler ad3e93ea96 Use buffer API to read and modify "used" member 8 years ago
Stefan Bühler 4365bdbebe Remove buffer_prepare_copy() and buffer_prepare_append() 8 years ago
Stefan Bühler 6afad87d2e fix buffer, chunk and http_chunk API 8 years ago
Stefan Bühler 6f208cfde1 fix/silence bugs reported by ccc-analyzer (clang) 9 years ago
Stefan Bühler 2bcf65c285 [mod_auth] some cleanup, only search for matching auth.require path once 9 years ago
Stefan Bühler c008fd7ec8 [mod_auth] fix invalid read in digest qop=auth-int handling (fixes #2478) 9 years ago
Stefan Bühler ce4bc0c0f7 [mod_auth] fix base64_decode (#2484) 10 years ago
Stefan Bühler c26b50d9ad [mod_auth] add htpasswd -s (SHA1) support if openssl is used (needs openssl for SHA1). This doesn't use any salt, md5 with salt is probably better. 10 years ago
Stefan Bühler 0342dfef1d [mod_auth] use crypt() on encrypted password instead of extracting salt first (fixes #2483) 10 years ago
Stefan Bühler bbaef6ab87 fix typo in debug output 11 years ago
Stefan Bühler 61047369c7 [mod_auth] Fix digest "md5-sess" implementation (Errata ID 1649, RFC 2617) (fixes #2410) 11 years ago
Stefan Bühler 6c9dff7cda [mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362) 11 years ago
Stefan Bühler 90dd8af32b Always use our 'own' md5 implementation, fixes linking issues on MacOS (fixes #2331) 11 years ago
Stefan Bühler 328043caf3 [ssl/md5] prefix our own md5 implementation with li_ so it doesn't conflict with the openssl one (fixes #2269) 12 years ago
Stefan Bühler 38f2d1ddd7 cleanup fdevent code, removed linux-rtsig handler, replaced some fprintf calls 12 years ago