Commit Graph

2774 Commits (8aad0916137df6a6a45025f507425c777893834a)

Author SHA1 Message Date
Glenn Strauss 8aad091613 [mod_evhost] t/test_mod_evhost
create t/test_mod_evhost to test mod_evhost basic logic
remove tests/mod-evhost.t
2018-12-03 23:03:04 -05:00
Glenn Strauss 5299bded32 [mod_evhost] restructure for unit tests 2018-12-03 23:03:04 -05:00
Glenn Strauss 093569a6f6 [mod_evhost] split uri handler func for testing 2018-12-03 23:03:04 -05:00
Glenn Strauss b2a6239851 [mod_simple_vhost] t/test_mod_simple_vhost
create t/test_mod_simple_vhost to test mod_simple_vhost basic logic
remove tests/mod-simplevhost.t, which was not testing mod_simple_vhost
2018-12-03 23:03:04 -05:00
Glenn Strauss 685f4ed62c [mod_cml,mod_flv_streaming] fix NULL ptr deref
fix possible NULL pointer dereference when query string not present
and no previous query strings processed by that specific connection

regression in lighttpd 1.4.51 (mod_flv_streaming)
regression in lighttpd 1.4.52 (mod_cml)

workaround for mod_flv_streaming:
  url.rewrite-once = ( "\.flv$" => "${url.path}?" )
(similar workaround for mod_cml)

(thx fab)

  "segfault with mod_flv_streaming"
2018-12-02 00:52:11 -05:00
Glenn Strauss 53c231a764 - next is 1.4.53 2018-11-28 23:56:50 -05:00
Glenn Strauss 06ebbc3ed4 [core] invert logic for mod_indexfile load warning 2018-11-28 23:05:29 -05:00
Glenn Strauss e92919788f [mod_webdav] silence warnings if built w/o locks
silence compiler warnings if built w/o locks
2018-11-28 22:52:22 -05:00
Glenn Strauss e0d1528860 [doc] NEWS 2018-11-28 22:37:06 -05:00
Glenn Strauss a7bceb6b06 [core] quiet indexfile warning if mod not loaded 2018-11-28 02:49:09 -05:00
Glenn Strauss 77c01f9817 [core] buffer_append_path_len()
concatenate paths, placing single '/' between strings

reverts broken commit:b9402283

(thx avij)
2018-11-28 02:12:41 -05:00
Glenn Strauss 608026e5aa [core] fix typo 2018-11-26 19:38:23 -05:00
Glenn Strauss fed4573fad [mod_proxy] silence coverity false positive 2018-11-25 23:33:13 -05:00
Glenn Strauss 80638252dc [multiple] validate UTF-8 in url-decoded paths
validate UTF-8 in url-decoded paths obtained elsewhere than from request

(burl_normalize(), if enabled with server.http-parseopts, checks url for
 overlong encodings of ASCII chars in the HTTP request-line)
2018-11-25 19:52:08 -05:00
Glenn Strauss e8e59396d3 [core] reject decoded url-path without leading '/'
buffer_simplify_path() no longer prepends '/' if '/' is missing.
Callers must check for leading '/' depending on use, such as in
concatenation with others paths, or direct use accessing filesystem

Note: lighttpd 1.4.50 provides the server.http-parseopts directive.
Recommended settings unless specific use requires looser settings:
  server.http-parseopts = (
    "header-strict"            => "enable",
    "host-strict"              => "enable",
    "host-normalize"           => "enable",
    "url-normalize"            => "enable",
    "url-normalize-unreserved" => "enable",
    "url-normalize-required"   => "enable",
    "url-ctrls-reject"         => "enable",
    "url-path-2f-decode"       => "enable",
    "url-path-dotseg-remove"   => "enable",
    "url-query-20-plus"        => "enable"


As noted in the link above, mod_access should be preferred instead
of mod_rewrite for access controls to URLs.
2018-11-25 19:52:08 -05:00
Glenn Strauss 8a8579802a [mod_webdav] separate func for each request method
split up mod_webdav_subrequest_handler_huge() into subroutines
2018-11-25 19:52:08 -05:00
Glenn Strauss cef6ee675d [core] limit con->uri.authority < 1024 octets
(expect < 256 octets for DNS name)

Since limit is imposed, can use buffer_clear() instead of buffer_reset()
for con->uri.authority and con->server_name.  (Also, con->uri.scheme is
limited to "http" and "https", so use buffer_clear() for it, too)
2018-11-25 19:52:08 -05:00
Glenn Strauss 0bac13f6b4 [core] cygwin sample to run lighttpd under NSSM
configure NSSM to set environment variables when starting lighttpd
  NSSM_SERVICE_DIR=/lighttpd/install/dir (optional)
2018-11-25 19:52:08 -05:00
Glenn Strauss ad53c30d4b [core] cygwin helper func for getcwd 2018-11-25 19:52:08 -05:00
Glenn Strauss cf93e91c56 [core] perf: inline buffer_copy_buffer() 2018-11-25 19:52:08 -05:00
Glenn Strauss d7cfc8a381 [mod_wstunnel] use buffer_string_length()
use buffer_string_length() abstraction instead of b->used
2018-11-25 19:52:08 -05:00
Glenn Strauss 75bd40aa5d [core] perf: buffer optimizations
buffer_string_prepare_copy() no longer writes '\0' into b->ptr
buffer_realloc() always allocates extra +1 for '\0'
2018-11-25 19:52:08 -05:00
Glenn Strauss cced512116 [mod_cml] parse query string without modifying it 2018-11-25 19:52:08 -05:00
Glenn Strauss 449274903c [core] perf: simplify buffer_move()
require src and dest to be non-NULL

change no longer releases large swapped buffers with buffer_reset()
2018-11-25 19:51:07 -05:00
Glenn Strauss ef1fdcd910 [mod_webdav] one fewer buffer copy for COPY,MOVE
one fewer buffer copy of Destination for COPY,MOVE
2018-11-23 00:57:53 -05:00
Glenn Strauss 956a3fb9db [mod_webdav] fix LOCK on incorrect URI path 2018-11-23 00:57:03 -05:00
Glenn Strauss b9402283be [core] simpler physical path concatenation 2018-11-23 00:54:32 -05:00
Glenn Strauss ac41c17694 [core] perf: small improvement buffer_string_space 2018-11-23 00:47:08 -05:00
Glenn Strauss a2aba0788b [core] perf: small improvement to encoding CGI var 2018-11-23 00:46:19 -05:00
Glenn Strauss f69bd9cdb8 [core] perf: simple, quick buffer_clear()
quickly clear buffer instead of buffer_string_set_length(b, 0) or
buffer_reset(b).  Avoids free() of large buffers about to be reused,
or buffers that are module-scoped, persistent, and reused.

(buffer_reset() should still be used with buffers in connection *con
 when the data in the buffers is supplied by external, untrusted source)
2018-11-23 00:37:38 -05:00
Glenn Strauss 9749503b1d [core] separate func to reset FILE_CHUNK 2018-11-21 00:23:40 -05:00
Glenn Strauss 19b5fbdd3d [mod_fastcgi] transfer chunks minus packet padding
(thx avij)
2018-11-19 20:52:34 -05:00
Glenn Strauss f0df89a996 [mod_redirect,mod_rewrite] use server_name
use server_name for authority if Host not provided
(Host is not required in HTTP/1.0)
2018-11-18 22:38:47 -05:00
Glenn Strauss b5cd216781 [mod_fastcgi] minor: copy packet without padding 2018-11-18 17:04:02 -05:00
Glenn Strauss 758c58cda5 [core] clear chunk buffer upon release
(before adding back to reusable buffer pool)
2018-11-18 17:02:06 -05:00
Glenn Strauss b74188e5b3 [mod_cgi] reset reused buffer on internal redir 2018-11-18 05:29:15 -05:00
Glenn Strauss aba45f68d8 [core] perf: simpler buffer_string_space() (tests) 2018-11-18 04:57:05 -05:00
Glenn Strauss 473ce93c14 [core] perf: faster HTTP pipelined requests
separate reading header from connection_handle_read_state() into
connection_read_header() so that HTTP pipelined requests can skip
optimistic read()/recv()
2018-11-18 04:36:58 -05:00
Glenn Strauss d1bf435573 [core] perf: simpler buffer_string_space() (fixed) 2018-11-18 02:47:22 -05:00
Glenn Strauss 70d7d0a0a1 [core] server.chunkqueue-chunk-sz = 4096
server.chunkqueue-chunk-sz = 4096 (default)
Can be configured any integral value greater than 0.
Value is rounded up to next 1024 if not an even multiple of 1k.

Sites with large request or response headers may benefit from
an 8k or 16k chunk size.  Embedded systems might choose to minimize
memory use by using a 1k chunk size.
2018-11-17 23:53:50 -05:00
Glenn Strauss cc1c2f0e37 [core] server.compat-module-load = "disable"
controls whether default and compatibility modules are loaded,
including default modules mod_indexfile, mod_staticfile, mod_dirlisting
and if mod_authn* modules are loaded when mod_auth in server.modules
and if mod_openssl is loaded when ssl. directives are seen

default: server.compat-module-load = "enable"
(preserve existing behavior)

recommended config: explicitly load desired modules in desired order
2018-11-17 22:26:18 -05:00
Glenn Strauss 1b8453886f [mod_webdav] quiet coverity false positive 2018-11-17 01:48:52 -05:00
Glenn Strauss f13db69012 [core] fix setting of headers previously reset (fixes #2919)
bug may result in long delays when using mod_deflate on connections
with keep-alive, as the result is sent without Content-Length or

(regression in lighttpd 1.4.51)

(thx GilGalaad)

  "high latency on 1.4.51 + proxy + deflate"
2018-11-17 01:24:26 -05:00
Glenn Strauss 41b50cfa71 [core] fix 301 -> 302 overwrite with Location (fixes #2918)
fix bug resulting in status code being overwritten from 301 to 302 if
Location response header is returned by a backend which is not mod_proxy

(regression in lighttpd 1.4.51)

(thx shochodev)

  "lighttpd is not obeying the http status code sent by our application (302 sent by lighttpd when 301 is sent by application)"
2018-11-15 04:01:17 -05:00
Glenn Strauss 2d91475828 [mod_cgi] perf: cache getenv() results at start up 2018-11-15 04:01:17 -05:00
Glenn Strauss 5ff1ddeb66 [mod_wstunnel] perf: reuse large buffers 2018-11-12 23:01:34 -05:00
Glenn Strauss 88ee73d0a2 [multiple] perf: simplify chunkqueue_get_memory() 2018-11-12 23:01:34 -05:00
Glenn Strauss f512bfa4af [core] use chunk_buf_sz instead of hard-coded num 2018-11-12 21:56:05 -05:00
Glenn Strauss 9f6a46738d [multiple] dynamic handlers hint backend header sz 2018-11-12 21:56:05 -05:00
Glenn Strauss 31d16af78b [core] perf: simpler buffer_string_space() 2018-11-12 21:56:05 -05:00