Commit Graph

2455 Commits

Author SHA1 Message Date
Glenn Strauss f5ff2a011d [core] normalize config addrs for eq and ne (#2830)
address strings need to have DNS resolved and port added
for consistency when matching other config conditionals

  "1.4.46 regression: $SERVER["socket"] matches when it shouldn't"
2017-10-22 14:13:55 -04:00
Glenn Strauss 3549fc8280 [core] normalize config addrs for != match (#2830)
address strings need to have DNS resolved and port added
for consistency when matching other config conditionals

  "1.4.46 regression: $SERVER["socket"] matches when it shouldn't"
2017-10-22 14:13:53 -04:00
Glenn Strauss 585206616d [core] fix 1.4.46 regression in config match (fixes #2830)
address strings need to have DNS resolved and port added
for consistency when matching other config conditionals

  "1.4.46 regression: $SERVER["socket"] matches when it shouldn't"
2017-10-22 12:41:02 -04:00
Glenn Strauss 60b5826849 [core] stricter validation of request-URI begin
check that request-URI begins with '/', "http://", "https://",
or is OPTIONS * request, or else reject with 400 Bad Request unless
server.http-parseopt-header-strict  = "disable" (default is enabled)

2017-10-21 21:44:34 -04:00
Glenn Strauss 6be68f569f [mod_authn_gssapi] needs -lcom_err under Darwin 2017-10-21 19:16:33 -04:00
Glenn Strauss 5780d6cc58 - next is 1.4.47 2017-10-21 16:37:13 -04:00
Glenn Strauss f07bcb145c [doc] NEWS 2017-10-21 15:42:49 -04:00
Glenn Strauss 3f2561dec5 [core] translate DNS to IP str for cond socket cmp
translate DNS to IP string for conditinal socket comparison
in lighttpd.conf for $SERVER["socket"] == ...
2017-10-21 14:47:30 -04:00
Glenn Strauss 168f67a1b1 [core] perf: more efficient fdevent_sched_run()
perf: more efficient fdevent_sched_run() over fds pending close
2017-10-21 12:34:17 -04:00
Glenn Strauss cddc481411 [core] reproducible build: hide __DATE__ __TIME__ (fixes #2828)
reproducible build: hide __DATE__ __TIME__ unless compiled with

  "Reproducible builds"
2017-10-21 11:53:27 -04:00
Stefan Bühler 0fcd756766 [cmake] link mod_cml with memcached 2017-10-21 16:03:04 +02:00
Stefan Bühler c7c106c3c0 [cmake] fix attr header detection and linking 2017-10-21 16:03:04 +02:00
Stefan Bühler 4634a05c0d [cmake] handle WITH_WEBDAV_LOCKS option 2017-10-21 16:03:04 +02:00
Glenn Strauss 41eb4d323c [core] adjust parser for valid variable expansion
adjust config parser for valid variable expansion
Return only the value when a variable is expanded so that the
array element keeps its state as value-only or part of key-value

(thx nicorac)

2017-10-20 23:04:53 -04:00
Glenn Strauss 77bdaa3a93 [mod_openssl]"disable" by default
set = "disable" by default (modifies commit f4e1357d)

Given various reports from users of embedded systems, the default is
being changed to do the sane thing for these systems.  This is the
right setting on slow embedded systems for which decoding SSL input
is slower than receiving that input over the network.

On the other hand, for faster systems, = "enable" is
recommended for a slight performance gain and should be explicitly set
in the global or $SERVER["socket"] configuration blocks in lighttpd.conf

  "https POST requests buffered in RAM since v1.4.41?"
2017-10-19 08:51:20 -04:00
Glenn Strauss 7f82ddab3f [core] remove fdevent_sched_run from fdevent_libev (#2827)
remove fdevent_sched_run from fdevent_libev.c
(redundant since commit 8ed588ce)

  "POST to mod_cgi sometimes hangs"
2017-10-16 20:07:54 -04:00
fbrosson 9b0e095c9f [core] add back REQUEST_SCHEME for backends
  "[core] Add back REQUEST_SCHEME (for use in e.g. mod_ssi)"

github: closes #85
2017-10-16 19:38:31 -04:00
Glenn Strauss fa1eef0071 [core] permit LF to end lines if !header-strict
permit LF to end header lines if
  server.http-parseopt-header-strict = "disable"
(instead of requiring CR LF)

(makes it easy to use 'openssl s_client -connect <IP:port>' on unix)

(Note: care taken to minimize diff in this commit,
 but header parsing code should be revisited and overhauled)
2017-10-16 02:17:07 -04:00
Glenn Strauss 0ff8904a72 [mod_openssl] remove erroneous SSL_set_shutdown()
remove erroneous call to SSL_set_shutdown()
(historical from commit:3888c103)
(erroneous since lighttpd 1.4.40 moved to bidirectional input/output)

  "wstunnel sample config"
2017-10-16 02:10:36 -04:00
Glenn Strauss 7661587f01 [mod_openssl] copy data for larger SSL packets
copy small mem chunks into single large buffer before SSL_write()
to reduce number times write() called underneath SSL_write() and
potentially reduce number of packets generated if socket TCP_NODELAY
2017-10-15 22:07:00 -04:00
Glenn Strauss a4d40da9f2 [core] remove fd interest if create_env returns
remove fd interest in FDEVENT_OUT to backend if create_env hook returns
2017-10-15 21:58:50 -04:00
Glenn Strauss d3f4a62c10 [mod_dirlisting] custom js date parse func (fixes #2823)
lighttpd mod_dirlisting produces a directory listing with the date in a
certain format, and lighttpd calls setlocale(LC_TIME, "C"), so strftime
date used in mod_dirlisting is predictable.  Use a custom date parse
routine to replace Date.parse() in the javascript sorting functions.

  "Directory listing / sort by last modified does not work on Safari"
2017-10-14 16:21:46 -04:00
Glenn Strauss 7bd46d1984 [core] fix $REQUEST_HEADER[...] parsing in config (#1556)
  "Allow matching against any arbitrary HTTP header in the configuration file regexps"
2017-10-14 13:51:49 -04:00
Glenn Strauss 8ed588ce32 [core] handle fds pending close after poll timeout (fixes #2827)
handle fds pending close whether or not new events are triggered

(thx davidm)

  "POST to mod_cgi sometimes hangs"
2017-10-12 02:44:35 -04:00
Glenn Strauss 60a98ebaf4 [core] quiet coverity warning 2017-10-09 08:50:26 -04:00
Glenn Strauss 513e407b06 [mod_wstunnel] remove invalid appended '\0'
remove invalid appended '\0' in code originating from Norio Kobota
mod_websocket_frame.c.  /* needs '\0' char to send */ is not valid

  "wstunnel sample config"
2017-10-09 02:45:12 -04:00
Glenn Strauss ef11fa42da [mod_wstunnel] set Sec-WebSocket-Protocol if bin
set Sec-WebSocket-Protocol: binary in response if request header
Sec-WebSocket-Protocol: binary provided by client in Upgrade: websocket
request, or if wstunnel.frame-type = "binary" in lighttpd config
2017-10-09 02:45:12 -04:00
Glenn Strauss d8dba4ae6a [core] gateways might Upgrade con before body read
some gateways might Upgrade connection before request body is read

(mod_wstunnel sets con->file_started = 1 and -1 == hctx->wb_reqlen
 and sends Connection: upgrade and Upgrade: websocket before reading
 request body)

  "wstunnel sample config"
2017-10-09 02:45:12 -04:00
Glenn Strauss b8e6419f3a [core] return from http_response_read if small rd
return from http_response_read() if read smaller than available buffer
2017-10-09 02:45:12 -04:00
Glenn Strauss 0528e2e712 [core] limit use of TCP_CORK
limit use of TCP_CORK to when chunkqueue contains a non-MEM_CHUNK
(in addition to restricting to Linux, more than one chunk, and TCP)
2017-10-09 02:45:12 -04:00
Glenn Strauss f22b5d69da [core] inline chunkqueue_is_empty() 2017-10-09 02:45:12 -04:00
Glenn Strauss 9a69f31b20 [core] compare listen addrs after DNS resolution
compare listen addrs after DNS resolution when starting up server
2017-10-09 02:45:12 -04:00
Glenn Strauss 5c25f629ab [core] /dev/stdin listener for inetd wait yes
server.bind = "/dev/stdin" for use with inetd wait yes


  "inetd/wait mode with auto-shutdown after idle timeout"
2017-10-09 02:44:30 -04:00
Glenn Strauss 00d976b130 [core] cleaner code; remove goto from network.c 2017-10-07 16:11:36 -04:00
Glenn Strauss 878dd9be49 [core] use sun_path for addr string for AF_UNIX (fixes #2826)
(occurs when lighttpd is configured to listen on unix socket path)

  "stale REMOTE_ADDR when using AF_UNIX socket"
2017-10-07 13:16:52 -04:00
Glenn Strauss 7aff5046ac [unittests] consolidate base64 test code
consolidate base64 test code

use char type for tables to reduce memory use
  (potentially increase cache hits)
2017-10-03 22:21:53 -04:00
Glenn Strauss c49f515096 [network] do not append port to unix socket paths
2017-10-03 21:16:03 -04:00
Glenn Strauss 513887fa52 [core] URI scheme is case-insensitive
check case-insensitive scheme if full URI provided in request-line

  The scheme and host are case-insensitive and normally provided
  in lowercase; all other components are compared in a case-sensitive

2017-10-03 21:16:03 -04:00
Stefan Bühler 428cd963d6 [lemon] fix gcc implicit-fallthrough warning 2017-10-03 21:16:03 -04:00
Stefan Bühler f46b1b1d53 [algo_sha1] fix compile break and warnings
size_t requires <sys/types.h> or <unistd.h>, <stdint.h>/<inttypes.h> is
not enough.

also use `const` consistently for the passed data.
2017-10-02 01:52:43 -04:00
Glenn Strauss 46719b8925 [mod_wstunnel] fix NULL ptr deref
fix NULL ptr deref if wstunnel.server configured inside a conditional
and not in global scope

(thx nicorac)

2017-09-30 00:11:59 -04:00
Glenn Strauss a156fdbc7b [core] fix triggered assert on HTTP chunked input (fixes #2822)
(thx AlxT)

  "Segmentation fault on HTTP chunked input"
2017-09-27 23:01:03 -04:00
Glenn Strauss cbb5ee621c [core] disable Nagle if streaming to backend
disable Nagle algorithm if streaming to backend and content-length
is unknown at the point where lighttpd is about to begin sending
data to backend
2017-09-23 13:11:26 -04:00
Glenn Strauss 09b2b146e1 [core] make strftime_cache_get() 16-element cache
Prior code was effectively a 1-element cache after the initial fill
of the array since only the first element was replaced after the
initial fill.  New code does round-robin replacement.

(whether or not #define FILE_CACHE_MAX 16 is appropriately sized here
 is a question for another day)
2017-09-23 12:05:13 -04:00
Glenn Strauss 93e91954a7 [core] fdevent setsockopt() helper functions
2017-09-23 10:30:08 -04:00
Glenn Strauss 17373221b8 [mod_wstunnel] fix config parsing bug
fix logic inversion when validating values in

(thx nicorac)

2017-09-21 01:03:14 -04:00
Glenn Strauss 6e171bd4b9 [core] adjust li_rand_pseudo* interfaces 2017-09-20 22:48:35 -04:00
Glenn Strauss 2bed2c14af [mod_webdav] check HAVE_UUID for -luuid
check HAVE_UUID for -luuid in order to detect more pedantic cases,
e.g. when -luuid is not installed under Cygwin, even if devel headers
are present (<uuid/uuid.h>)
2017-09-10 22:12:24 -04:00
Glenn Strauss cf4bc764dc [mod_cgi] omit cgi_handle_fdevent after proc exit
Omit calling cgi_handle_fdevent() after CGI process exit.
Another (sub)process may be holding pipe fd open and might write
response instead of the initial CGI process.
2017-09-10 22:10:12 -04:00
Glenn Strauss e951152e2b [mod_cgi] add FDEVENT_IN upon CGI exit
add FDEVENT_IN in addition to FDEVENT_HUP when triggering
cgi_handle_fdevent() after the CGI process exits.

(This helps improve reliability when running tests under Cygwin)
2017-09-10 22:08:04 -04:00