Commit Graph

681 Commits (fe02be7e34d4925d0b9ab0a39d0534cdbe202d8a)

Author SHA1 Message Date
Gaurav 37bdb250a4 [core] check configparserAlloc() result with force_assert
7 years ago
Stefan Bühler a93be99441 [core] fix search for header end if split across chunks (fixes #2670)
7 years ago
Stefan Bühler 3512b5cb77 [core] allocate at least 4k buffer for incoming data
7 years ago
Stefan Bühler 69f890e2c5 [stat-cache] fix handling of collisions, might have returned wrong data (fixes #2669)
7 years ago
Stefan Bühler d8b5492f5a -next is 1.4.38
7 years ago
Stefan Bühler dd4fe73c47 fix some warnings found by coverity ("leak" in setup phase, not catching too long unix socket paths in mod_proxy)
8 years ago
Stefan Bühler 0b02cd2690 [mmap] handle SIGBUS in network; those get triggered if the file gets smaller during reading
8 years ago
Stefan Bühler b66fa2cb68 [plugins] when modules are linked statically still only load the modules given in the config
8 years ago
Stefan Bühler 912533cd68 [mmap] fix mmap alignment
8 years ago
Stefan Bühler 6d6dbadb14 [mod_cgi] rewrite mmap and generic (post body) send error handling
8 years ago
Stefan Bühler 9257d7df4f [bsd xattr] fix compile break with BSD extended attributes in stat_cache
8 years ago
Stefan Bühler d7cd5b087a [autoconf] define HAVE_CRYPT when crypt() is present
8 years ago
Stefan Bühler e57a70174b [kqueue] fix kevent call
8 years ago
Stefan Bühler 0508bf674e fix some unchecked return value warnings
8 years ago
Stefan Bühler 593599f14a rewrite network (write) backends
8 years ago
Stefan Bühler fa8b154628 fix undefined integer shift
8 years ago
Stefan Bühler 5c5616e3e5 increase upload temporary chunk file size from 1MB to 16MB
8 years ago
Stefan Bühler 1371c87c34 fix out-of-filedescriptors when uploading "large" files (fixes #2660, thx rmilecki)
8 years ago
Stefan Bühler 47cddfd4f3 [mod_dirlisting] fix dir-listing.set-footer not showing
8 years ago
Stefan Bühler a80f75e004 [mod_proxy] remove debug log line from error log (fixes #2659)
8 years ago
Stefan Bühler 752e501231 - next is 1.4.37
8 years ago
Stefan Bühler def17b2925 [configfile] fix reading uninitialized variable (found by Willian B.)
8 years ago
Pascal Bach 4a87f75fcf [mod_proxy] add unix domain socket support (fixes #2653)
8 years ago
Stefan Bühler 8db141a1b3 mime.conf: add some new mime types, remove .dat, .sha1, .md5, update .vcf
8 years ago
Stefan Bühler 2bd89370fc fix segfault when temp file for upload couldn't be created (found by coverity)
8 years ago
Stefan Bühler c5737093db [mod_magnet] fix segfault when accessing not existing lighty.req_env[] entry (found by coverity)
8 years ago
Stefan Bühler c31bf21f97 fix memory leak in mod_status when no counters are set (found by coverity)
8 years ago
Stefan Bühler 9f05b61ab4 parse If-None-Match for ETag validation (fixes #2578)
8 years ago
Stefan Bühler 71b5c53a0a show extforward re-run warning only with debug.log-request-handling (fixes #2561)
8 years ago
Stefan Bühler 572681c9f1 fix hex escape in accesslog (fixes #2559)
8 years ago
Stefan Bühler 427120b41a escape all strings for logging (fixes #2646 log file injection, reported by Jaanus Kääp)
8 years ago
Stefan Bühler 33cebeb0f7 fix segfaults in many plugins if they failed configuration
8 years ago
Stefan Bühler df87b3ef98 fix error message for T_CONFIG_ARRAY config values if an entry value is not a string
8 years ago
Stefan Bühler c92496720d [mod_auth] use crypt_r instead of crypt if available
8 years ago
Stefan Bühler 6afad87d2e fix buffer, chunk and http_chunk API
8 years ago
Stefan Bühler 3521be8b85 print backtrace in assert logging with libunwind
8 years ago
Stefan Bühler d00e1e79b9 [connections] fix bug in connection state handling
8 years ago
Stefan Bühler b0a632f253 [network] fix compile break in calculation of sockaddr_un size if SUN_LEN is not defined (fixes #2609)
8 years ago
Stefan Bühler 76870cfef1 add NEWS entry for previous commit
8 years ago
Stefan Bühler 084df7e99a [ssl] disable SSL3.0 by default
8 years ago
Stefan Bühler 4a6838103d [mod_dirlisting,mod_redirect,mod_rewrite] abort config parsing if pcre-compile fails or isn't available
8 years ago
Stefan Bühler c4f214584a [build] use fortify flags with "extra-warnings"
8 years ago
Moritz Wilhelmy 4d55d4ada3 add support for (Free)BSD extended attributes
9 years ago
Stefan Bühler 059a5a67dd fix typo in NEWS entry for #2579
9 years ago
Stefan Bühler 3b23130ea2 add more mime types and a script to generate mime.conf (fxies #2579)
9 years ago
Stefan Bühler f8f3351506 fix bad shift in conditional netmask ".../0" handling
9 years ago
Stefan Bühler 3605a3bec3 use keep-alive timeout while waiting for HTTP headers; use always the read timeout while waiting for the HTTP body
9 years ago
Stefan Bühler e1b1c52028 - next is 1.4.36
9 years ago
Stefan Bühler d1a2356916 fix SQL injection / host name validation (thx Jann Horn)
9 years ago
Stefan Bühler efc41b2bb1 check length of unix domain socket filenames
9 years ago
Stefan Bühler 8e31e18b8e [mod_webdav] fix logic error in handling file creation error
9 years ago
Stefan Bühler 57c661c191 fix unchecked return values from stream_open/stat_cache_get_entry
9 years ago
Stefan Bühler b106513e58 [network] check return value of lseek()
9 years ago
Stefan Bühler 9f2be4882d force assertion: setting FD_CLOEXEC must work (if available)
9 years ago
Stefan Bühler ef0b353fee [mod_cml_lua] fix null pointer dereference
9 years ago
Stefan Bühler 07dd0bd0a5 add force_assert() to enforce assertions as simple assert()s are disabled by -DNDEBUG (fixes #2546)
9 years ago
Stefan Bühler fba7dd6f43 fix resource leaks in error cases on config parsing and other initializations
9 years ago
Stefan Bühler bf10267807 [buffer] fix length check in buffer_is_equal_right_len
9 years ago
Stefan Bühler bcd35cc264 remove logical dead code
9 years ago
Stefan Bühler 29a1070299 add comments for switch fall throughs
9 years ago
Stefan Bühler b239e7734a [mod_magnet] fix memory leak
9 years ago
Stefan Bühler b461e031f5 [mod_fastcgi,mod_scgi] fix resource leaks on spawning backends
9 years ago
Stefan Bühler d59c910d6a [mod_dirlisting] fix memory leak if pcre fails
9 years ago
Stefan Bühler 0aaf939e5e [mod_rrdtool] fix invalid read (string not null terminated)
9 years ago
Stefan Bühler fc3a060a04 [mod_fastcgi] fix use after free (only triggered if fastcgi debug is active)
9 years ago
Stefan Bühler b8a1835093 NEWS entry for previous commit
9 years ago
Stefan Bühler 0d855be97e - next is 1.4.35
9 years ago
Stefan Bühler 24994e113a [mod_webdav] fix fd leak found with parfait (fixes #2530, thx kukackajiri)
9 years ago
Stefan Bühler 657566828e [mod_mysql_vhost] fix memory leak on config init (#2530)
9 years ago
Stefan Bühler e346794d59 [auto* build] remove -no-undefined from linker flags, as we actually link modules with undefined symbols (fixes #2533)
9 years ago
Stefan Bühler f0e5c1415d [core] decode URL before rewrite, enabling it to work in $HTTP["url"] conditionals (fixes #2526)
9 years ago
Stefan Bühler 17762fad01 maintain physical.basedir (the "acting" doc-root as prefix of physical.path) in more places
9 years ago
Stefan Bühler c8fbc16985 [ssl] fix regression from CVE-2013-4508 (client-cert sessions were broken)
9 years ago
Stefan Bühler 99cddff73a [core] check success of setuid,setgid,setgroups (CVE-2013-4559)
9 years ago
Stefan Bühler d8b363c1d1 [stat-cache] fix FAM cleanup/fdevent handling
9 years ago
Stefan Bühler ae1335503a [stat-cache] FAM: fix use after free (CVE-2013-4560)
9 years ago
Stefan Bühler 6b7240f2d8 NEWS entry for previous commit
9 years ago
Stefan Bühler 1af871fcef [ssl] fix SNI handling; only use key+cert+verify-client from SNI specific config (fixes #2525, CVE-2013-4508)
9 years ago
Stefan Bühler 268c054c40 [mod_extforward] fix compilation without IPv6, (not) using undefined var (fixes #2515, thx mm)
9 years ago
Stefan Bühler 9b0d54d7cc [mod_auth] explicitly link ssl for SHA1 (fixes #2517)
9 years ago
Stefan Bühler 32199a7bdf - next is 1.4.34
9 years ago
Stefan Bühler 29ff92d9ba [core] set signal handlers before forking child processes in modules/plugins_call_set_defaults (fixes #2502)
10 years ago
Stefan Bühler 9cfc080ab7 [core] allow files to be used as document-root (fixes #2475)
10 years ago
Stefan Bühler c26b0f9617 [mod_accesslog] add accesslog.syslog-level option (fixes #2480)
10 years ago
Stefan Bühler f0e5b84c27 [mod_simple_vhost] fix cache; skip module if simple-vhost.server-root is empty (thx rm for reporting)
10 years ago
Stefan Bühler 92567b8b8f [core] check whether server.chroot exists
10 years ago
Stefan Bühler 916cf7cfc0 [core] remove requirement that default doc-root has to exist, there are reasonable scenarios not requiring static files at all
10 years ago
Stefan Bühler f9d58670d5 [auth] new method "extern" to use already present REMOTE_USER (from magnet, ssl, ...) (fixes #2436)
10 years ago
Stefan Bühler 559b198f86 [auth] put REMOTE_USER into cgi environment, making it accessible to lua via lighty.req_env (fixes #2495)
10 years ago
Stefan Bühler 93fd9ea7a4 [ssl] add option ssl.empty-fragments, defaulting to disabled (fixes #2492)
10 years ago
Stefan Bühler 6d4d2118c3 [ssl] accept ssl renegotiations if they are not disabled (fixes #2491)
10 years ago
Stefan Bühler 05858f6cf2 [ssl] Fix $HTTP["scheme"] conditional, could be "http" for ssl connections if the ssl $SERVER["socket"] conditional was nested (fixes #2501)
10 years ago
Stefan Bühler 25a3f2e826 [network] use constants available at compile time for maximum number of chunks for writev instead of calling sysconf (fixes #2470)
10 years ago
Stefan Bühler 6cdb46587c [ssl] use DH only if openssl supports it (fixes #2479)
10 years ago
Stefan Bühler 3df2ec9248 [core] recognize more http methods to forward to backends (fixes #2346)
10 years ago
Stefan Bühler 9b36534752 [core] return 501 Not Implemented in static file mode for all methods except GET/POST/HEAD/OPTIONS
10 years ago
Stefan Bühler 12c4a40b28 [mod_userdir] add userdir.active option, "enabled" by default
10 years ago
Stefan Bühler a6b42cc61e [auto* build] simplify autogen.sh, handle automake 1.13 test running (fixes #2490)
10 years ago
Stefan Bühler c008fd7ec8 [mod_auth] fix invalid read in digest qop=auth-int handling (fixes #2478)
10 years ago
Stefan Bühler 680b714543 [cmake] Use TARGET_LINK_LIBRARIES instead of LINK_FLAGS for library dependencies, also add -Wl,--as-needed to extra warnings (fixes #2448)
10 years ago
Stefan Bühler a0e93c678b fix undefined stuff found with clang
10 years ago
Stefan Bühler 661efa3f37 fix some bugs found with canalyze (fixes #2484, thx Zhenbo Xu)
10 years ago
Stefan Bühler ce4bc0c0f7 [mod_auth] fix base64_decode (#2484)
10 years ago
Stefan Bühler c26b50d9ad [mod_auth] add htpasswd -s (SHA1) support if openssl is used (needs openssl for SHA1). This doesn't use any salt, md5 with salt is probably better.
10 years ago
Stefan Bühler 0342dfef1d [mod_auth] use crypt() on encrypted password instead of extracting salt first (fixes #2483)
10 years ago
Stefan Bühler b5da12c008 reject non ASCII characters in HTTP header names
10 years ago
Stefan Bühler 25a2d665aa call ERR_clear_error only for ssl connections in CON_STATE_ERROR
10 years ago
Stefan Bühler 0e48ef6acb [mod_fastcgi,log] support multi line logging (fixes #2252)
10 years ago
Stefan Bühler 543bd249fb fix handling of If-Modified-Since if If-None-Match is present (don't return 412 for date parsing errors); follow current draft for HTTP/1.1, which tells us to ignore If-Modified-Since if we have matching etags.
10 years ago
Stefan Bühler 9cd8faa1b6 mod_fastcgi: fix mix up of "mode" => "authorizer" in other fastcgi configs (fixes #2465, thx peex)
10 years ago
Stefan Bühler 5aef370a2d - next is 1.4.33
10 years ago
Stefan Bühler 79fed4ec04 remove whitespace at end of header keys
10 years ago
Stefan Bühler 6edfc40f93 fix DoS in Connection header value split (reported by Jesse Sipprell, CVE-2012-5533)
10 years ago
Stefan Bühler 29b126d5d3 mod_extforward: log address of untrusted proxy with debug.log-request-handling
10 years ago
Cyril Brulebois 4f4bcdd3c3 tests: make sure mod_proxy doesn't leave running processes (fixes #2435, thx kibi)
10 years ago
Stefan Bühler 4002dce596 detect "x-gzip"/"x-bzip2" as separate encodings, more strict encoding matching (fixes #2443)
10 years ago
Stefan Bühler c3a9948c75 network_server_init: fix double free and memleak on error (fixes #2440, thx kyprizel)
10 years ago
Stefan Bühler 9b246c5e09 fix :port handling in $HTTP["host"] checks (fixes #2135. thx liming)
10 years ago
Stefan Bühler d4d1ff36aa add PATCH method (fixes #2424)
10 years ago
Stefan Bühler fcb3f42f11 configure.ac: remove old stuff, add some new to fix warnings in automake 1.12 (fixes #2419, thx blino)
10 years ago
Stefan Bühler d09fdd877f Handle ENAMETOOLONG, return 404 Not Found (fixes #2396, thx dererkazo)
10 years ago
Stefan Bühler db1d977dea Ignore EPIPE/ECONNRESET after SSL_shutdown (thx patdk-wk for reporting)
10 years ago
Stefan Bühler 6c9d257742 Code cleanup with clang/sparse (fixes #2437, thx kibi)
11 years ago
Stefan Bühler b6b694df3d - next is 1.4.32
11 years ago
Stefan Bühler 100ed91f2d Fix --enable-mmap handling in configure.ac
11 years ago
Stefan Bühler 172eeebfaa [mod_redirect] Support url.redirect-code option (fixes #2247)
11 years ago
Stefan Bühler 1ee35acc6f [mod_extforward] Support ipv6 addresses (fixes #1889)
11 years ago
Stefan Bühler 3a13ab8bf2 Detect multiple -f options: show error message instead of assert (fixes #2416)
11 years ago
Stefan Bühler 5677f17442 [mod_*cgi,mod_accesslog] Fix splitting :port with ipv6 (fixes #2333, thx simoncpu)
11 years ago
Stefan Bühler 7187271fb6 [auth] Add "AUTH_TYPE" environment (for *cgi), remove fastcgi specific workaround, add fastcgi test case (fixes #889)
11 years ago
Stefan Bühler 61047369c7 [mod_auth] Fix digest "md5-sess" implementation (Errata ID 1649, RFC 2617) (fixes #2410)
11 years ago
Stefan Bühler ab0fa7d873 Fix access log escaping of " and \\ (fixes #1551)
11 years ago
Stefan Bühler 01f9debec3 Fix handling of empty header list entries in http_request_split_value, fixing invalid read in valgrind (fixes #2413)
11 years ago
Stefan Bühler e697869e34 buffer_caseless_compare: always convert letters to lowercase to get transitive results, fixing array lookups (fixes #2405)
11 years ago
Stefan Bühler f4c3a99eea Disable mmap by default (fixes #2391)
11 years ago
Stefan Bühler 33f1ec6d28 [mod_compress] fix handling if etags are disabled but cache-dir is set - may lead to double response
11 years ago
Stefan Bühler 79bcfab083 Move fdevent subsystem includes to implementation files to reduce conflicts (fixes #2373)
11 years ago
Stefan Bühler d194c09da9 [ssl] fix segfault in counting renegotiations for openssl versions without TLSEXT/SNI
11 years ago
Stefan Bühler beb6709b6c - next is 1.4.31
11 years ago
Stefan Bühler 761bedd7fe [libev/cgi] fix waitpid ECHILD errors in cgi with libev (fixes #2324)
11 years ago
Stefan Bühler 38e3e4a65a [ssl] fix ssl connection aborts if files are larger than the MAX_WRITE_LIMIT (256kb)
11 years ago
Stefan Bühler b748fb890d [core] accept dots in ipv6 addresses in host header (fixes #2359)
11 years ago
Stefan Bühler 0f96222e7e [ssl] add option to honor server cipher order, true by default (fixes #2364)
11 years ago
Stefan Bühler a94bdd07df [ssl] count renegotiations to prevent client renegotiations
11 years ago
Stefan Bühler 6c9dff7cda [mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362)
11 years ago
Stefan Bühler f15ee9becb Fix mod_status bug: always showed "0/0" in the "Read" column for uploads (fixes #2351)
11 years ago
Stefan Bühler 3518ab60ed Don't overwrite 401 (auth required) with 501 (unknown method) (fixes #2341)
12 years ago
Stefan Bühler e05f1b3eec Add static-file.disable-pathinfo option to prevent handling of urls like .../secret.php/image.jpg as static file
12 years ago
Stefan Bühler cbf1baacc9 [ssl] fix build errors when Elliptic-Curve Diffie-Hellman is disabled
12 years ago
Stefan Bühler 90dd8af32b Always use our 'own' md5 implementation, fixes linking issues on MacOS (fixes #2331)
12 years ago