allow double-quotes, single-quotes or no quote on SSI param values
remove use of PCRE from mod_ssi
fix misspelling of 'unknow' to be 'unknown'
x-ref:
"mod_ssi doesn't accept single quotes"
https://redmine.lighttpd.net/issues/1768
adjust paths relative to changes made by mod_alias and mod_userdir
Note: this still works only for direct file inclusion.
lighttpd mod_ssi does not perform an "internal subrequest" for the
virtual path, so things like virtual include of CGI are not supported
x-ref:
"ssi virtual include uses wrong path"
https://redmine.lighttpd.net/issues/222
libressl defines SSL_OP_NO_SSLv2 and SSL_OP_NO_SSLv3 as 0x0
(thx Christian Heckendorf)
libressl matches ERR_remove_thread_state() signature from openssl 1.0.2
(libressl pretends that libressl is openssl version 2.0.0,
but openssl 1.1.0 changes signature of ERR_remove_thread_state())
libressl does not yet provide compatibility interfaces for the new
prototypes introduced in openssl 1.1.0, including
DH_set0_pqg() and DH_set_length()
remove OPENSSL_NO_KRB5 from build config (added in 5fab991b in 2005)
(define USE_OPENSSL_KERBEROS if required)
(Note: OPENSSL_NO_KRB5 removed in openssl 1.1.0)
fix "allprop" propfind request to report all 'live' properties
add "supportedlock" 'live' property, if ./configure --with-webdav-locks
report collections (directory) paths with trailing slash ('/') on path
redirect operations on collections without trailing slash ('/') to URI
with trailing slash ('/')
fix PROPPATCH to work properly and eliminate PROPPATCH memory leak
fix property update after MOVE
move CREATE TABLE statements *before* any prepare statements to avoid
invalidating the prepare statements when the tables are first created
**thx Uranus Zhou for the explanation:
https://zohead.com/archives/lighty-sqlite-err/?lang=en
x-ref:
"Improve DAV support to be able to handle git as a client"
https://redmine.lighttpd.net/issues/1953
"add RFC-compliant LOCK support to mod_webdav" (still not compliant)
https://redmine.lighttpd.net/issues/1818
Note: this has not been tested whether or not mod_webdav works with git
The (highly) recommended method to support git via HTTP is to use
git-http-backend via CGI. gitolite and gitosis provide other good
alternative ways to access git.
This patch does result in more WebDAV 'Litmus' tests passing, even
though mod_webdav still pretends to implement "If" conditional locking,
granting locks to all requestors and not strictly enforcing locks.
attempt to remap COPY/MOVE Destination to aliased physical paths
by finding common URI prefix between request URI and Destination
and finding how that part of the request URI was mapped to a
physical path.
This will work if the aliased physical path is above the webdav root.
It is not a good idea to remap physical paths within a webdav root.
Note: webdav paths and webdav properties are managed by mod_webdav,
so do not modify paths externally or else undefined behavior
or corruption may occur
x-ref:
"Bug in mod_webdav when using aliases and MOVE command"
https://redmine.lighttpd.net/issues/1787
(e.g. when called from xinetd)
Note: lighttpd is designed as a high performance, long-running server,
not a one-shot executable. This one-shot mode of operation has not been
tuned for performance. lighttpd server start-up and initialization aims
for correctness, not speed. If using this one-shot mode as part of fork
and exec from xinetd, then performance is already not of high concern.
x-ref:
"support for xinetd"
https://redmine.lighttpd.net/issues/1584
-i <secs> graceful shutdown after <secs> of inactivity
Option might be used with applications such as git instaweb.
While git instaweb does have command line options of its own
to [start,stop,restart], some may find it convenient to configure
git instaweb to start lighttpd with a default idle time limit,
after which lighttpd will gracefully shut itself down without
any further action from the user.
x-ref:
"[PATCH] support -i <secs> idle timeout option"
https://redmine.lighttpd.net/issues/2696
original request and patch submitted by mackyle. thx.
attempt to preserve PATH_INFO case even when the
URI is mapped onto a case-insensitive file system.
NTFS (Windows) is case-insensitive (even though it is case-preserving)
HFS+ (Mac OS X) can be formatted to be case-insensitive
x-ref:
"... PATH_INFO ... improperly converted to lowercase"
https://redmine.lighttpd.net/issues/406
fallback to lseek()/read() if mmap() fails (#fixes 2666)
e.g. when mmap() is used on lighttpd-controlled temporary files
used POST request body (mod_cgi) and PUT file upload (mod_webdav)
replace use of stream_open() on potentially untrusted files
(protect against SIGBUS if a file is modified while map is read)
Note: stream.[ch] may be removed in a future release
For now, stream.[ch] will read entire file into memory if mmap fails
and so it should only be used on trusted files, e.g. config files.
http_auth basic and digest files are typically small and so buffered
stdio fopen(), fgets(), fclose() will likely be approximately as fast
as mmap.
mod_dirlisting header and readme files are typically small and so
open(), read(), close() will typically be approximately as fast as mmap
mod_ssi will likely be much faster, now buffering SSI page construction
rather than a potentially huge number of file open() calls, one for each
tiny chunk of text between SSI directives.
mod_webdav COPY and MOVE may be slower due to removal of mmap, but are
now more resilient to partial writes.
x-ref:
"handle filesystems without mmap() support"
https://redmine.lighttpd.net/issues/2666
"WebDAV upload-> mmap failed: operation not permitted"
https://redmine.lighttpd.net/issues/962
"Lighttpd 1.4.20 Crash (SIGBUS in mod_compress)"
https://redmine.lighttpd.net/issues/1879
"Crash SIGBUS"
https://redmine.lighttpd.net/issues/2391
github: closes #57
For uploaded files or other request body, fall back to
lseek(),read() if filesystem does not support mmap()
(mmap(), if supported, is utilized regardless of --enable-mmap
since request body is either in memory or stored in temporary
files controlled by lighttpd)
x-ref:
"WebDAV upload-> mmap failed: operation not permitted"
https://redmine.lighttpd.net/issues/962
"handle filesystems without mmap() support"
https://redmine.lighttpd.net/issues/2666
github: closes #55
handle X-Sendfile and X-LIGHTTPD-send-file w/ http_response_xsendfile()
if host is configured ( "x-sendfile" = "enable" )
Note: X-Sendfile path is url-decoded for consistency, like X-Sendfile2
(response headers should be url-encoded to avoid tripping over
chars allowed in filesystem but which might change response
header parsing semantics)
Note: deprecated: "allow-x-send-file"; use "x-sendfile"
Note: deprecated: X-LIGHTTPD-send-file header; use X-Sendfile header
Note: deprecated: X-Sendfile2 header; use X-Sendfile header
For now, X-Sendfile2 is still handled internally by mod_fastcgi.
Since http_response_send_file() supports HTTP Range requests,
X-Sendfile2 is effectively obsolete. However, any code, e.g. PHP,
currently using X-Sendfile2 is probably manually generating 206 Partial
Content status and Range response headers. A future version of lighttpd
might *remove* X-Sendfile2. Existing code should be converted to use
X-Sendfile, which is easily done by removing all the special logic
around using X-Sendfile2, since the 206 Partial Content status and Range
response headers are handled in http_response_send_file().
x-ref:
"mod_fastcgi + X-Sendfile -> mod_staticfile"
https://redmine.lighttpd.net/issues/799
"Feature Request: New option "x-send-file-docroot""
https://redmine.lighttpd.net/issues/851
"X-Sendfile handoff to mod-static-file in 1.4.x"
https://redmine.lighttpd.net/issues/2017
"X-sendfile should be able to set content-type"
https://redmine.lighttpd.net/issues/2076
move code from mod_staticfile.c to http-header-glue.c to allow reuse
(includes ETag, Last-Modified headers, Range requests for static files)
operate on path arg instead of con->physical.path
skip Range requests if con->http_status already set >= 300
remove redundant calls to stat_cache_get_entry() handling Range requests
x-ref:
"X-Sendfile handoff to mod-static-file in 1.4.x"
https://redmine.lighttpd.net/issues/2017
Glenn Strauss