lighttpd1.4

lighttpd

Author	SHA1	Message	Date
Gaël PORTAY	e422ac128a	[mod_openssl] ssl.ca-crl-file for CRL (fixes #2319 ) (original patch by binbrain, and updated by flynn) github: closes #82 x-ref: "Support CRLs for client certificate verification" https://redmine.lighttpd.net/issues/2319 https://github.com/lighttpd/lighttpd1.4/pull/82	5 years ago
Glenn Strauss	86bb8be2c8	[core] perf: skip redundant strlen() if len known performance: skip redundant strlen() if length is already known introduce array_get_element_klen() to take key and klen params	5 years ago
Glenn Strauss	a434a3fab0	[mod_openssl] free local_send_buffer at exit	5 years ago
Glenn Strauss	78cc72726d	[mod_extforward] support HAProxy "PROXY" protocol (fixes #2804 ) experimental support to receive requests via HAProxy "PROXY" protocol x-ref: "The PROXY protocol - Versions 1 & 2" http://www.haproxy.org/download/1.8/doc/proxy-protocol.txt "support (HAProxy) PROXY protocol for receiving requests" https://redmine.lighttpd.net/issues/2804	5 years ago
Glenn Strauss	e33ec75999	[core] save connection-level proto in con->proto The per-request scheme starts with con->proto (e.g. "http") and can later be changed per-request by mod_extforward or mod_magnet	5 years ago
Glenn Strauss	1485cb401b	[core] fix crash if invalid config file (fixes #2798 ) If lighttpd.conf is invalid, some modules may not have initialized their per-context config structures, but will have their free-functions called, which should not be run on uninitialized per-context configs. x-ref: "Segfault with simple-vhost.debug = "enable"" https://redmine.lighttpd.net/issues/2798	5 years ago
Glenn Strauss	82501d24f2	[mod_openssl] inherit ssl.* from global scope inherit ssl.* from global scope if $SERVER["socket"] contains ssl.engine = "enable" and no other ssl.* settings (In earlier versions of lighttpd, specifying ssl.engine = "enable" without specifying ssl.pemfile was a configuration error, so this change should not break any pre-existing and previously working configs) x-ref: https://github.com/pfsense/FreeBSD-ports/pull/284	5 years ago
Glenn Strauss	acc37c1cbc	[mod_openssl] use TLS SNI to set host-based certs and then allow HTTP Host header to set con->uri.authority remove con->tlsext_server_name	5 years ago
Glenn Strauss	20946a8b92	[mod_openssl] allow ssl.verifyclient on url paths (fixes #2245 ) re-patch mod_openssl config within the request so that per-request settings can be applied, such as activating client cert verification for specific URL paths. (This can be used in conjunction with auth.backend = "extern" to require auth to occur) x-ref: "SSL : authenticate only clients for a particular URL" https://redmine.lighttpd.net/issues/2245	5 years ago
Glenn Strauss	8960633dc7	[mod_openssl] move openssl config into mod_openssl move openssl data structures and config parsing into mod_openssl	5 years ago
Glenn Strauss	bdbea2aea8	[mod_openssl] move openssl code into mod_openssl large code move, but minimal changes made to code (besides whitespace), so that code builds next: need to isolate openssl data structures and config parsing	5 years ago
Glenn Strauss	cb9ebe9fa6	[mod_openssl] new module (preliminary layout)	5 years ago

1 2 3

112 Commits (c3a85c9bf56d8e3d3fc83a5fdb19c22bbf15ab61)