Commit Graph

681 Commits (fe02be7e34d4925d0b9ab0a39d0534cdbe202d8a)

Author SHA1 Message Date
Stefan Bühler 06005655e6 [core] log remote address on request timeouts (fixes #652)
7 years ago
Stefan Bühler d8f4d20d9a restart (some) syscalls after SIGCHLD interrupted them; should fix LDAP problems (fixes #2464)
7 years ago
Stefan Bühler 00063098c1 [ssl] support disabling ssl.verifyclient.activate in SNI callback (fixes #2531)
7 years ago
Stefan Bühler 82ee3fb2f8 [mod_magnet] define lua_pushglobaltable (for lua5.1) and use it (fixes #2719)
7 years ago
Stefan Bühler 70036ff572 [core] accept $SERVER["socket"] without port, use server.port as fallback (fixes #2204)
7 years ago
Glenn Strauss d85bdab43f [core] more careful parse of $SERVER["socket"] config str (prepare #2204)
7 years ago
Glenn Strauss 43da581893 [core] configparser: error on duplicate keys in array merge (fixes #2685)
7 years ago
Stefan Bühler 68e4a416cc [core] provide array_extract_element and use it
7 years ago
Stefan Bühler e7a39cde36 [core] fix memory leak in configparser_merge_data
7 years ago
Stefan Bühler 224bf545c1 [core] refactor array search; raise array size limit to SSIZE_MAX
7 years ago
Stefan Bühler 8d8ae9cbc8 [core] improve array API to prevent theoretical memory leaks
7 years ago
Stefan Bühler c5a42e932f [mod_fastcgi,mod_scgi] fix leaking file-descriptor when backend spawning failed (reported by Fortify Open Review Project)
7 years ago
Stefan Bühler 2a8f73e7d4 [mod_secdownload] fix buffer overflow in secdl_verify_mac (reported by Fortify Open Review Project)
7 years ago
Stefan Bühler f3606dc539 [mod_dirlisting] dir-listing.hide-dotfiles = "enabled" by default (fixes #1081)
7 years ago
Stefan Bühler f56fe331e5 [mod_proxy] use case-insensitive comparision to filter headers, send Connection: Close to backend (fixes #421)
7 years ago
Glenn Strauss dde7bea99a [mod_cgi] kill CGI if fail to write request body
7 years ago
Glenn Strauss f2cbd0a3aa [mod_cgi] simplify mod_cgi_handle_subrequest()
7 years ago
Glenn Strauss e5e66f791f [mod_cgi] consolidate CGI cleanup code
7 years ago
Glenn Strauss 94647804cf [mod_cgi] send 500 if CGI ends and there is no response (fixes #2542)
7 years ago
Glenn Strauss c80ae9b212 [mod_fastcgi] 404 for X-Sendfile file not found (fixes #2474)
7 years ago
Stefan Bühler 02594f107a [plugins] don't include dlfcn.h if not needed (fixes #2548)
7 years ago
Glenn Strauss 75e4859a1b [mod_compress] case-insensitive content-codings (fixes #2645)
7 years ago
Stefan Bühler c033a1966e [core] improve conditional enabling (thx Gwenlliana, #2598)
7 years ago
Stefan Bühler ad65603ec0 [core] fix conditional cache handling
7 years ago
Glenn Strauss 1c01a42aa3 [core] never evaluate else branches until the previous branches are aready (fixes #2598)
7 years ago
Stefan Bühler 431559e5df [configparser] don't continue after parse error (fixes #2717)
7 years ago
Glenn Strauss f23a24a263 [mod_cgi] issue trace and exit if execve() fails (closes #2302)
7 years ago
Glenn Strauss 665cc39b95 [mod_cgi] edge case chdir "/" when docroot "/" (fixes #2460)
7 years ago
Glenn Strauss 5cc061bfab [core] do not send SIGHUP to process group unless server.max-workers is used (fixes #2711)
7 years ago
Glenn Strauss 3fd80ff8ec [mod_cgi] use MAP_PRIVATE to mmap temporary file instead of MAP_SHARED (fixes #2715)
7 years ago
Stefan Bühler 566cf8decb add force_assert for more allocation results
7 years ago
Stefan Bühler f3b577ddee use libmemcached instead of deprecated libmemcache
7 years ago
Stefan Bühler c354229f42 add handling for lua 5.2 and 5.3 (fixes #2674)
7 years ago
fbrosson d8e028e069 [mod_ssi] enhance support for ssi vars
7 years ago
Stefan Bühler 3dd2f66d13 - next is 1.4.40
7 years ago
Stefan Bühler 6ef3b709db [chunk] fix use after free / double free (fixes #2700)
7 years ago
Stefan Bühler 737d4f0f20 [core] fix memset_s call (fixes #2698)
7 years ago
Stefan Bühler 53c4ab8438 - next ist 1.4.39
7 years ago
Kyle J. McKay b37dd77491 [core] show correct crypt support result (fixes #2690)
7 years ago
Kyle J. McKay 159ca0c15d [network] add darwin-sendfile backend (fixes #2687)
7 years ago
Kyle J. McKay b0ecb4d44b [mod_fastcgi/mod_scgi] zero sockaddr structs before use (fixes #2691)
7 years ago
Stefan Bühler bfaa48260a [mod_secdownload] add required algorithm option; old behaviour available as "md5", new options "hmac-sha1" and "hmac-sha256"
7 years ago
Stefan Bühler 85d8a17575 [core] encode path with ENCODING_REL_URI in redirect to directory (fixes #2661, thx gstrauss)
7 years ago
Stefan Bühler 3943de280e [core] add '~' to safe characters in ENCODING_REL_URI/ENCODING_REL_URI_PART encoding
7 years ago
Stefan Bühler a069548370 [core] revert increase of temp file size back to 1MB, provide a configure option "server.upload-temp-file-size" instead (fixes #2680)
7 years ago
Stefan Bühler c512345fa2 [config] check config option scope; warn if server option is given in conditional
7 years ago
Stefan Bühler 39add4476f [mod_secdownload] use a hopefully constant time comparison to check hash (fixes #2679)
7 years ago
Gaurav 5c5f67a5c7 add force_assert for many allocations and function results
7 years ago
Stefan Bühler f19128086c [core] don't buffer request bodies smaller than 64k on disk
7 years ago
Loganaden Velvindron d7be04beb5 [mod_auth] implement and use safe_memclear, using memset_s or explicit_bzero if available
7 years ago
Gaurav 37bdb250a4 [core] check configparserAlloc() result with force_assert
7 years ago
Stefan Bühler a93be99441 [core] fix search for header end if split across chunks (fixes #2670)
7 years ago
Stefan Bühler 3512b5cb77 [core] allocate at least 4k buffer for incoming data
7 years ago
Stefan Bühler 69f890e2c5 [stat-cache] fix handling of collisions, might have returned wrong data (fixes #2669)
7 years ago
Stefan Bühler d8b5492f5a -next is 1.4.38
7 years ago
Stefan Bühler dd4fe73c47 fix some warnings found by coverity ("leak" in setup phase, not catching too long unix socket paths in mod_proxy)
8 years ago
Stefan Bühler 0b02cd2690 [mmap] handle SIGBUS in network; those get triggered if the file gets smaller during reading
8 years ago
Stefan Bühler b66fa2cb68 [plugins] when modules are linked statically still only load the modules given in the config
8 years ago
Stefan Bühler 912533cd68 [mmap] fix mmap alignment
8 years ago
Stefan Bühler 6d6dbadb14 [mod_cgi] rewrite mmap and generic (post body) send error handling
8 years ago
Stefan Bühler 9257d7df4f [bsd xattr] fix compile break with BSD extended attributes in stat_cache
8 years ago
Stefan Bühler d7cd5b087a [autoconf] define HAVE_CRYPT when crypt() is present
8 years ago
Stefan Bühler e57a70174b [kqueue] fix kevent call
8 years ago
Stefan Bühler 0508bf674e fix some unchecked return value warnings
8 years ago
Stefan Bühler 593599f14a rewrite network (write) backends
8 years ago
Stefan Bühler fa8b154628 fix undefined integer shift
8 years ago
Stefan Bühler 5c5616e3e5 increase upload temporary chunk file size from 1MB to 16MB
8 years ago
Stefan Bühler 1371c87c34 fix out-of-filedescriptors when uploading "large" files (fixes #2660, thx rmilecki)
8 years ago
Stefan Bühler 47cddfd4f3 [mod_dirlisting] fix dir-listing.set-footer not showing
8 years ago
Stefan Bühler a80f75e004 [mod_proxy] remove debug log line from error log (fixes #2659)
8 years ago
Stefan Bühler 752e501231 - next is 1.4.37
8 years ago
Stefan Bühler def17b2925 [configfile] fix reading uninitialized variable (found by Willian B.)
8 years ago
Pascal Bach 4a87f75fcf [mod_proxy] add unix domain socket support (fixes #2653)
8 years ago
Stefan Bühler 8db141a1b3 mime.conf: add some new mime types, remove .dat, .sha1, .md5, update .vcf
8 years ago
Stefan Bühler 2bd89370fc fix segfault when temp file for upload couldn't be created (found by coverity)
8 years ago
Stefan Bühler c5737093db [mod_magnet] fix segfault when accessing not existing lighty.req_env[] entry (found by coverity)
8 years ago
Stefan Bühler c31bf21f97 fix memory leak in mod_status when no counters are set (found by coverity)
8 years ago
Stefan Bühler 9f05b61ab4 parse If-None-Match for ETag validation (fixes #2578)
8 years ago
Stefan Bühler 71b5c53a0a show extforward re-run warning only with debug.log-request-handling (fixes #2561)
8 years ago
Stefan Bühler 572681c9f1 fix hex escape in accesslog (fixes #2559)
8 years ago
Stefan Bühler 427120b41a escape all strings for logging (fixes #2646 log file injection, reported by Jaanus Kääp)
8 years ago
Stefan Bühler 33cebeb0f7 fix segfaults in many plugins if they failed configuration
8 years ago
Stefan Bühler df87b3ef98 fix error message for T_CONFIG_ARRAY config values if an entry value is not a string
8 years ago
Stefan Bühler c92496720d [mod_auth] use crypt_r instead of crypt if available
8 years ago
Stefan Bühler 6afad87d2e fix buffer, chunk and http_chunk API
8 years ago
Stefan Bühler 3521be8b85 print backtrace in assert logging with libunwind
8 years ago
Stefan Bühler d00e1e79b9 [connections] fix bug in connection state handling
8 years ago
Stefan Bühler b0a632f253 [network] fix compile break in calculation of sockaddr_un size if SUN_LEN is not defined (fixes #2609)
8 years ago
Stefan Bühler 76870cfef1 add NEWS entry for previous commit
8 years ago
Stefan Bühler 084df7e99a [ssl] disable SSL3.0 by default
8 years ago
Stefan Bühler 4a6838103d [mod_dirlisting,mod_redirect,mod_rewrite] abort config parsing if pcre-compile fails or isn't available
8 years ago
Stefan Bühler c4f214584a [build] use fortify flags with "extra-warnings"
8 years ago
Moritz Wilhelmy 4d55d4ada3 add support for (Free)BSD extended attributes
9 years ago
Stefan Bühler 059a5a67dd fix typo in NEWS entry for #2579
9 years ago
Stefan Bühler 3b23130ea2 add more mime types and a script to generate mime.conf (fxies #2579)
9 years ago
Stefan Bühler f8f3351506 fix bad shift in conditional netmask ".../0" handling
9 years ago
Stefan Bühler 3605a3bec3 use keep-alive timeout while waiting for HTTP headers; use always the read timeout while waiting for the HTTP body
9 years ago
Stefan Bühler e1b1c52028 - next is 1.4.36
9 years ago
Stefan Bühler d1a2356916 fix SQL injection / host name validation (thx Jann Horn)
9 years ago
Stefan Bühler efc41b2bb1 check length of unix domain socket filenames
9 years ago