2005-02-20 14:27:00 +00:00
|
|
|
|
|
|
|
|
====
|
|
|
|
|
NEWS
|
|
|
|
|
====
|
|
|
|
|
|
2016-07-31 12:40:41 +00:00
|
|
|
- 1.4.42
|
2016-10-16 07:07:46 +00:00
|
|
|
* [TLS] SSL_shutdown() only if handshake finished
|
|
|
|
|
* [mod_proxy,mod_scgi] shutdown remote only if local (#2743)
|
|
|
|
|
* [core] check if client half-closed TCP if POLLHUP (#2743)
|
|
|
|
|
* [core] enforce wait for POLLWR after EINPROGRESS (fixes #2744)
|
|
|
|
|
* [core] do not enter handler twice after read body
|
|
|
|
|
* [core] proxy,scgi omit shutdown() to backend (fixes #2743)
|
|
|
|
|
* [mod_dirlisting] dirlist does not handle POST
|
|
|
|
|
* [mod_dirlisting] js column sort for dirlist table (fixes #613, fixes #2315)
|
|
|
|
|
* [mod_auth] Digest auth fails after rewrite (fixes #2745)
|
|
|
|
|
* [mod_auth] refactor out auth backend code
|
|
|
|
|
* [mod_auth] extensible interface for auth backends
|
|
|
|
|
* [core] better DragonFlyBSD support (fixes #2746)
|
|
|
|
|
* [mod_auth] include base.h for USE_OPENSSL def
|
|
|
|
|
* [mod_auth] support CRYPT-MD5-NTLM algorithm (fixes #1743)
|
|
|
|
|
* [mod_auth] terminate salt for CRYPT-MD5-NTLM
|
|
|
|
|
* [core] fix crash if ready events on abandoned fd (fixes #2748)
|
|
|
|
|
* [mod_auth] http_auth_md5_hex2bin()
|
|
|
|
|
* [mod_auth] remove empty mod_auth.h
|
|
|
|
|
* [mod_auth] mod_authn_mysql.c MySQL auth backend (fixes #752, fixes #1845)
|
|
|
|
|
* [mod_cgi] permit CGI exec of unreadable files (fixes #2374)
|
|
|
|
|
* [mod_uploadprogress] add to default build
|
|
|
|
|
* [mod_geoip] add to default build (fixes #2705, fixes #2101, fixes #2092, fixes #2025, fixes #1962, fixes #1938)
|
|
|
|
|
* [mod_fastcgi] Authorizer support with Responder (fixes #321, fixes #322)
|
|
|
|
|
* [tests] test coverage for issues (#321, #322)
|
|
|
|
|
* dynamic handlers store debug flag in handler_ctx
|
|
|
|
|
* [mod_fastcgi] allow authorizer, responder for same path/ext (#321)
|
|
|
|
|
* backport mod_deflate to lighttpd 1.4 (fixes #1824, fixes #2753)
|
|
|
|
|
* [autobuild] test_configfile might need vector.c (fixes #2752)
|
|
|
|
|
* [mod_deflate] fix longjmp clobber compiler warning
|
|
|
|
|
* remove unused array type TYPE_COUNT data_count
|
|
|
|
|
* [mod_auth] structured data, register auth schemes
|
|
|
|
|
* [mod_auth] mod_authn_gssapi Kerberos auth backend (fixes #1899)
|
|
|
|
|
* [autobuild] skip two new tests if no fcgi-auth
|
|
|
|
|
* [SCons] define with_krb5 for SCons build
|
|
|
|
|
* [SCons] fix syntax error in SConstruct
|
|
|
|
|
* [SCons] define with_geoip for SCons build
|
|
|
|
|
* [CMake] fix clang -Wcast-align warnings in lemon.c
|
|
|
|
|
* remove excess initializers (fix compiler warnings)
|
|
|
|
|
* fix errors detected by Coverity Scan
|
|
|
|
|
* performance: use Linux extended syscalls and flags
|
|
|
|
|
* [mod_scgi] add uwsgi protocol support
|
|
|
|
|
* [mod_auth] refactor LDAP code into smaller funcs
|
|
|
|
|
* [mod_auth] HTTP Basic auth backends also do authz (#1817)
|
|
|
|
|
* [mod_auth] ldap filter subst user for multiple '$' (fixes #1508)
|
|
|
|
|
* [mod_auth] permit specifying ldap DN; skip search (fixes #1248)
|
|
|
|
|
* [autobuild] update module/feature report
|
|
|
|
|
* [cmake] build mod_authn_gssapi if WITH_KRB5
|
|
|
|
|
* [mod_auth] fix printing of IP in error trace
|
|
|
|
|
* [mod_mysql_vhost] support multiple '?' replacement (fixes #2163)
|
|
|
|
|
* [core] make server.max-request-size scopeable (#1901)
|
|
|
|
|
* [core] server.max-request-field-size (fixes #2130)
|
|
|
|
|
* [core] optional condition in config "else" clause (fixes #1268)
|
|
|
|
|
* [core] restrict where config "else" clauses occur (#1268)
|
|
|
|
|
* silence warnings from clang ccc-analyzer
|
|
|
|
|
* consistent, shared code to create CGI env
|
|
|
|
|
* [TLS] replace env entries in https_add_ssl_entries
|
|
|
|
|
* [TLS] set SSL_CLIENT_M_SERIAL w/ client cert SN (fixes #2268)
|
|
|
|
|
* [TLS] set SSL_CLIENT_VERIFY w/ client cert (#1288, #2693)
|
|
|
|
|
* [TLS] set SSL_PROTOCOL, SSL_CIPHER* (fixes #2511)
|
|
|
|
|
* [core] rand.[ch] to use better RNGs when available
|
|
|
|
|
* [mod_cgi] fix pipe_cloexec() when no O_CLOEXEC
|
|
|
|
|
* ignore return value from fcntl() FD_CLOEXEC
|
|
|
|
|
* build w/o compiler warnings if no zlib or bz2lib
|
2016-07-31 12:40:41 +00:00
|
|
|
|
|
|
|
|
- 1.4.41 - 2016-07-31
|
2016-07-30 08:25:32 +00:00
|
|
|
* remove long-deprecated, non-functional config opts
|
|
|
|
|
* [config] inherit server.use-ipv6 and server.set-v6only (fixes #678)
|
|
|
|
|
* [mod_auth] fix Digest auth to be better than Basic (fixes #1844)
|
|
|
|
|
* [mod_ssi] fix #config sizefmt="bytes"
|
|
|
|
|
* [autobuild] move inet_pton detection later
|
|
|
|
|
* [core] #include <sys/filio.h> for FIONREAD (fixes #2726)
|
|
|
|
|
* [autobuild] clock_gettime() -lrt with glibc < 2.17
|
|
|
|
|
* [security] do not emit HTTP_PROXY to CGI env
|
|
|
|
|
* [build_cmake] clock_gettime() -lrt w/ glibc < 2.17 (fixes #2737)
|
|
|
|
|
* [core] avoid spurious trace and error abort
|
|
|
|
|
* [core] stay in CON_STATE_CLOSE until done with req
|
|
|
|
|
* [core] $HTTP["remoteip"] must handle IPv6 w/o []
|
|
|
|
|
* [mod_status] show keep-alive status w/ text output (fixes #2740)
|
|
|
|
|
* do not set REDIRECT_URI in mod_magnet, mod_rewrite (#2738)
|
|
|
|
|
* revert 1.4.40 swap of REQUEST_URI, REDIRECT_URI (fixes #2738)
|
|
|
|
|
* [core] permit IPv6 address scope identifier
|
|
|
|
|
* [TLS] better handling of SSL_ERROR_WANT_READ/WRITE
|
|
|
|
|
* [TLS] read all available records from SSL_read()
|
|
|
|
|
* [core] try AF_INET after AF_INET6 if use-ipv6
|
|
|
|
|
* [core] set chunkqueue tempdirs at startup
|
|
|
|
|
* [security] ensure gid != 0 if server.username set (fixes #2725)
|
|
|
|
|
* [security] disable stat_cache if !follow-symlink (fixes #2724)
|
|
|
|
|
* [core] fix buffer_copy_string_hex() assert (fixes #2742)
|
|
|
|
|
* [security] encode quoting chars in HTML and XML
|
|
|
|
|
* [cmake] always define _GNU_SOURCE
|
|
|
|
|
* [cmake] enable warnings for GCC and Clang
|
|
|
|
|
* [cmake] set cmake_minimum_required to 2.8.2
|
2016-07-16 11:58:40 +00:00
|
|
|
|
|
|
|
|
- 1.4.40 - 2016-07-16
|
2016-01-03 14:48:07 +00:00
|
|
|
* [mod_ssi] enhance support for ssi vars (thx fbrosson)
|
2016-01-03 14:48:09 +00:00
|
|
|
* add handling for lua 5.2 and 5.3 (fixes #2674)
|
2016-01-03 14:48:11 +00:00
|
|
|
* use libmemcached instead of deprecated libmemcache
|
2016-01-30 13:59:07 +00:00
|
|
|
* add force_assert for more allocation results
|
2016-02-10 19:33:57 +00:00
|
|
|
* [mod_cgi] use MAP_PRIVATE to mmap temporary file (fixes #2715)
|
2016-02-14 10:44:30 +00:00
|
|
|
* [core] do not send SIGHUP to process group unless server.max-workers is used (fixes #2711)
|
2016-02-14 10:54:26 +00:00
|
|
|
* [mod_cgi] edge case chdir "/" when docroot "/" (fixes #2460)
|
2016-02-14 11:11:15 +00:00
|
|
|
* [mod_cgi] issue trace and exit if execve() fails (closes #2302)
|
2016-02-19 15:49:06 +00:00
|
|
|
* [configparser] don't continue after parse error (fixes #2717)
|
2016-02-21 17:56:24 +00:00
|
|
|
* [core] never evaluate else branches until the previous branches are ready (fixes #2598)
|
2016-02-21 18:32:14 +00:00
|
|
|
* [core] fix conditional cache handling
|
2016-02-21 18:32:17 +00:00
|
|
|
* [core] improve conditional enabling (thx Gwenlliana, #2598)
|
2016-02-28 11:59:09 +00:00
|
|
|
* [mod_compress] case-insensitive content-codings (fixes #2645)
|
2016-02-28 12:12:05 +00:00
|
|
|
* [plugins] don't include dlfcn.h if not needed (fixes #2548)
|
2016-03-04 15:37:17 +00:00
|
|
|
* [mod_fastcgi] 404 for X-Sendfile file not found (fixes #2474)
|
2016-03-04 18:54:24 +00:00
|
|
|
* [mod_cgi] send 500 if CGI ends and there is no response (fixes #2542)
|
2016-03-04 18:54:26 +00:00
|
|
|
* [mod_cgi] consolidate CGI cleanup code
|
2016-03-04 18:54:28 +00:00
|
|
|
* [mod_cgi] simplify mod_cgi_handle_subrequest()
|
2016-03-04 18:54:30 +00:00
|
|
|
* [mod_cgi] kill CGI if fail to write request body
|
2016-03-04 19:23:16 +00:00
|
|
|
* [mod_proxy] use case-insensitive comparision to filter headers, send Connection: Close to backend (fixes #421)
|
2016-03-04 19:46:29 +00:00
|
|
|
* [mod_dirlisting] dir-listing.hide-dotfiles = "enabled" by default (fixes #1081)
|
2016-03-13 14:53:20 +00:00
|
|
|
* [mod_secdownload] fix buffer overflow in secdl_verify_mac (reported by Fortify Open Review Project)
|
2016-03-14 18:07:01 +00:00
|
|
|
* [mod_fastcgi,mod_scgi] fix leaking file-descriptor when backend spawning failed (reported by Fortify Open Review Project)
|
2016-03-15 18:26:57 +00:00
|
|
|
* [core] improve array API to prevent memory leaks
|
2016-03-15 18:41:57 +00:00
|
|
|
* [core] refactor array search; raise array size limit to SSIZE_MAX
|
2016-03-15 18:41:59 +00:00
|
|
|
* [core] fix memory leak in configparser_merge_data
|
2016-03-15 18:56:02 +00:00
|
|
|
* [core] provide array_extract_element and use it
|
2016-03-15 18:56:05 +00:00
|
|
|
* [core] configparser: error on duplicate keys in array merge (fixes #2685)
|
2016-03-19 13:06:54 +00:00
|
|
|
* [core] more careful parse of $SERVER["socket"] config str (prepare #2204)
|
2016-03-19 13:06:56 +00:00
|
|
|
* [core] accept $SERVER["socket"] without port, use server.port as fallback (fixes #2204)
|
2016-03-19 13:16:31 +00:00
|
|
|
* [mod_magnet] define lua_pushglobaltable (for lua5.1) and use it (fixes #2719)
|
2016-03-19 13:27:13 +00:00
|
|
|
* [ssl] support disabling ssl.verifyclient.activate in SNI callback (fixes #2531)
|
2016-03-19 14:31:53 +00:00
|
|
|
* restart (some) syscalls after SIGCHLD interrupted them; should fix LDAP problems (fixes #2464)
|
2016-03-19 14:46:18 +00:00
|
|
|
* [core] log remote address on request timeouts (fixes #652)
|
2016-03-19 14:46:21 +00:00
|
|
|
* [autobuild] use AC_CANONICAL_HOST instead of AC_CANONICAL_TARGET (fixes #1866)
|
2016-03-19 15:01:21 +00:00
|
|
|
* [core] fix request_start in keep-alive requests to mark time when received first byte (fixes #2412)
|
2016-03-19 15:01:23 +00:00
|
|
|
* [core] truncate pidfile on exit (fixes #2695)
|
2016-03-19 15:14:35 +00:00
|
|
|
* consistent inclusion of config.h at top of files (fixes #2073)
|
2016-03-19 15:27:36 +00:00
|
|
|
* [core] add generic vector implementation
|
2016-03-19 15:27:38 +00:00
|
|
|
* [core] replace array weakref with vector
|
2016-03-23 20:25:29 +00:00
|
|
|
* [base64] fix crash due to broken force_assert
|
2016-03-25 16:58:12 +00:00
|
|
|
* [unittests] add test_buffer and test_base64 unit tests
|
2016-03-25 16:58:16 +00:00
|
|
|
* [buffer] refactor buffer_path_simplify (fixes #2560)
|
2016-03-26 11:14:19 +00:00
|
|
|
* validate return values from strtol, strtoul (fixes #2564)
|
2016-03-26 11:14:21 +00:00
|
|
|
* [mod_ssi] Add SSI vars SCRIPT_{URI,URL} and REQUEST_SCHEME (fixes #2721)
|
2016-03-26 11:24:15 +00:00
|
|
|
* [config] warn if server.upload-dirs has non-existent dirs (fixes #2508)
|
2016-03-26 11:32:13 +00:00
|
|
|
* [mod_proxy] accept LF delimited headers, not just CRLF (fixes #2594)
|
2016-03-26 12:52:23 +00:00
|
|
|
* [core] wait for grandchild to be ready when daemonizing (fixes #2712, thx pasdVn)
|
2016-03-26 12:58:33 +00:00
|
|
|
* [core] respond 411 Length Required if request has Transfer-Encoding: chunked (fixes #631)
|
2016-03-26 13:07:48 +00:00
|
|
|
* [core] fixed the loading for default modules if they are specified explicitly
|
2016-03-26 13:39:54 +00:00
|
|
|
* [core] lighttpd -tt performs preflight startup checks (fixes #411)
|
2016-03-26 13:49:43 +00:00
|
|
|
* [stat] mimetype.xattr-name global config option (fixes #2631)
|
2016-04-01 16:26:25 +00:00
|
|
|
* [mod_webdav] allow Depth: Infinity lock on file (fixes #2296)
|
2016-04-01 16:54:43 +00:00
|
|
|
* [mod_status] use snprintf() instead of sprintf()
|
2016-04-01 16:54:46 +00:00
|
|
|
* pass buf size to li_tohex()
|
2016-04-01 17:38:26 +00:00
|
|
|
* use li_[iu]tostrn() instead of li_[iu]tostr()
|
2016-04-01 17:38:29 +00:00
|
|
|
* [stream] fstat() after open() to obtain file size
|
2016-04-01 17:38:32 +00:00
|
|
|
* [core] clean up srv before exiting for lighttpd -[vVh]
|
2016-04-01 01:59:32 +00:00
|
|
|
* [mod_fastcgi,mod_scgi] check for spawning on same unix socket (fixes #319)
|
2016-04-13 03:48:14 +00:00
|
|
|
* [mod_cgi] always set QUERY_STRING (fixes #1339)
|
2016-04-13 03:56:55 +00:00
|
|
|
* [mod_auth] send charset="UTF-8" in WWW-Authenticate (fixes #1468)
|
2016-04-13 04:07:26 +00:00
|
|
|
* [mod_magnet] rename var for clarity (fixes #1483)
|
2016-04-13 04:17:46 +00:00
|
|
|
* [mod_extforward] reset cond_cache for scheme (fixes #1499)
|
2016-04-13 04:23:31 +00:00
|
|
|
* [mod_webdav] readdir POSIX compat (fixes #1826)
|
2016-04-13 05:04:39 +00:00
|
|
|
* [mod_expire] reset caching response headers for error docs (fixes #1919)
|
2016-04-13 06:07:29 +00:00
|
|
|
* [mod_status] page refresh option (fixes #2170)
|
2016-04-13 06:12:54 +00:00
|
|
|
* [mod_status] table w/ count of con states (fixes #2427)
|
2016-04-13 06:18:16 +00:00
|
|
|
* [mod_dirlisting] class for dir <tr> (fixes #2304)
|
2016-04-13 06:34:34 +00:00
|
|
|
* [core] define __STDC_WANT_LIB_EXT1__ (fixes #2722)
|
2016-04-13 06:39:14 +00:00
|
|
|
* [core] setrlimit max-fds <= rlim_max for non-root (fixes #2723)
|
[mod_ssi] config ssi.conditional-requests
Summary:
A new SSI directive, "ssi.conditional-requests", allows to inform
lighttpd which SSI pages should be considered as cacheable and which
should not. In particular, the "ETag" & "Last-Modified" headers will
only be sent for those SSI pages for which the directive is enabled.
Long description:
"ETag" and "Last-Modified" headers were being sent for all SSI pages,
regardless of whether they were cacheable or not. And yet, there was
no cache validation at all for any SSI page.
This commit fixes these two minor issues by adding a new directive,
"ssi.conditional-requests", which allows to specify which SSI pages
are cacheable and which are not, and by adding cache validation to
those SSI pages which are cacheable. And since sending ETags for
non-cacheable documents is not appropriate, they are no longuer
computed nor sent for those SSI pages which are not cacheable.
Regarding the "Last-Modified" header for non-cacheable documents,
the standards allow to either send the current date and time for
that header or to simply skip it. The approach chosen is to not send
it for non-cacheable SSI pages. "ETag" and "Last-Modified" headers
are therefore only sent for an SSI page if ssi.conditional-requests
is enabled for that page.
The ssi.conditional-requests directive can be enabled or disabled
globally and/or in any context. It is disabled by default.
An index.shtml which only includes deterministic SSI commands such as:
<!--#echo var="LAST_MODIFIED"-->
is a trivial example of a dynamic SSI page that is cacheable.
2016-04-13 12:27:47 +00:00
|
|
|
* [mod_ssi] config ssi.conditional-requests
|
2016-04-13 23:50:31 +00:00
|
|
|
* [mod_ssi] config ssi.exec (fixes #2051)
|
2016-04-14 10:29:50 +00:00
|
|
|
* [mod_redirect,mod_rewrite] short-circuit if blank replacement (fixes #2085)
|
2016-04-14 12:14:24 +00:00
|
|
|
* [mod_indexfile] save physical path to env (fixes #448, #892)
|
2016-03-30 10:39:33 +00:00
|
|
|
* [core] open fd when appending file to cq (fixes #2655)
|
2016-03-30 20:17:17 +00:00
|
|
|
* [config] server.listen-backlog option (fixes #1825, #2116)
|
2016-04-08 04:39:50 +00:00
|
|
|
* [core] retry tempdirs on partial write, ENOSPC (fixes #2588)
|
2016-04-20 07:57:38 +00:00
|
|
|
* [core] compile with upcoming openssl 1.1.0 release (fixes #2727)
|
2016-04-25 05:53:19 +00:00
|
|
|
* [core] improve dynamic handler control flow logic
|
|
|
|
|
* [core] defer reading request body until handle subrequest (fixes #2541)
|
|
|
|
|
* [core] always poll for client POLLHUP/POLLERR events (fixes #399)
|
|
|
|
|
* [mod_fastcgi,mod_scgi,mod_proxy] handlers can read response before sending req body (fixes #131, #2566)
|
|
|
|
|
* [mod_cgi] asynchronous send of request body to CGI
|
|
|
|
|
* [core] compile with upcoming openssl 1.1.0 release (fixes #2727)
|
|
|
|
|
* [core] set REDIRECT_STATUS to error_handler_saved_status (fixes #1828)
|
|
|
|
|
* [core] server.error-handler new directive for error pages (fixes #2702)
|
|
|
|
|
* [core] support IPv6 in $HTTP["remote-ip"] CIDR cond match (fixes #2706)
|
2016-04-28 17:39:57 +00:00
|
|
|
* [core] http_response_send_file() shared code (#2017)
|
|
|
|
|
* [mod_fastcgi] use http_response_xsendfile() (fixes #799, fixes #851, fixes #2017, fixes #2076)
|
|
|
|
|
* [mod_scgi] X-Sendfile feature (fixes #2253)
|
|
|
|
|
* [mod_cgi] X-Sendfile feature (fixes #2313)
|
|
|
|
|
* [mod_webdav] lseek,read if fs can not mmap (#2666, fixes #962)
|
|
|
|
|
* [mod_compress] use mmap and trap SIGBUS (#2666, fixes #1879)
|
|
|
|
|
* fallback to lseek()/read() if mmap() fails (#fixes 2666)
|
|
|
|
|
* [mod_auth] skip blank lines and comment lines (fixes #2327)
|
|
|
|
|
* [core] fallback to write if sendfile not supported (fixes #471, #987)
|
|
|
|
|
* [core] preserve PATH_INFO case on case-insensitive fs (fixes #406)
|
2016-05-02 20:03:51 +00:00
|
|
|
* [mod_ssi, mod_cml] set DOCUMENT_ROOT to basedir (fixes #2383)
|
|
|
|
|
* [core] cmd line opt to shutdown after idle time limit (fixes #2696)
|
|
|
|
|
* [core] lighttpd -1 handles single request on stdin socket (fixes #1584)
|
|
|
|
|
* [mod_fastcgi,mod_scgi] IPv6 support (fixes #2372)
|
|
|
|
|
* [mod_status] add JSON output option (fixed #2432)
|
|
|
|
|
* [mod_webdav] map COPY/MOVE Destination to aliases (fixes #1787)
|
|
|
|
|
* [mod_webdav] improve PROPFIND,PROPPATCH (#1818, #1953)
|
2016-05-11 02:19:21 +00:00
|
|
|
* [core] reset response headers, write_queue for error docs
|
|
|
|
|
* build with libressl
|
|
|
|
|
* static build instructions using SCons or make
|
|
|
|
|
* [mod_auth] preserve WWW-Authenticate for error docs (fixes #2730)
|
|
|
|
|
* check close() return code after writing to file
|
2016-06-04 22:50:48 +00:00
|
|
|
* adjustments for openssl 1.1.0 pre-release
|
|
|
|
|
* [config] support include file glob (fixes #1221)
|
|
|
|
|
* [mod_evasive] 302 redirect option if limit reached (fixes #2199)
|
|
|
|
|
* [build] enhancements for cross-compiling (fixes #2276)
|
|
|
|
|
* [mod_accesslog] report aborted con state with %X (fixes #1890)
|
|
|
|
|
* [mod_ssi] fix SSI statement parser
|
|
|
|
|
* [mod_ssi] include relative to alias,userdir (fixes #222)
|
|
|
|
|
* [mod_ssi] add PCRE_* options to constrain regex
|
|
|
|
|
* [mod_ssi] more flexible quoting (fixes #1768)
|
|
|
|
|
* [core] wrap IPv6 literal in "[]" in redirect URL
|
|
|
|
|
* [mod_ssi] fix parse of tag across buf boundary (fixes #2732)
|
|
|
|
|
* [mod_cgi,mod_scgi] X-Sendfile sets file_started (fixes #2733)
|
|
|
|
|
* [mod_fastcgi] no chunked response w/ X-Sendfile (fixes #2733)
|
|
|
|
|
* [config] opts for http header parsing strictness (fixes #551, fixes #1086, f
|
|
|
|
|
ixes #1184, fixes #2143, #2258, #2281, fixes #946, fixes #1330, fixes #602, #101
|
|
|
|
|
6)
|
|
|
|
|
* [config] normalize IP strings in lighttpd.conf
|
|
|
|
|
* [build_cmake] use MODULE on Mac OS X (fixes #1761)
|
|
|
|
|
* [config] server.bsd-accept-filter option
|
|
|
|
|
* [mod_webdav] create file w/ LOCK request if ENOENT
|
2016-06-26 05:23:24 +00:00
|
|
|
* [core] buffer large responses to tempfiles (fixes #758, fixes #760, fixes #933, fixes #1387, #1283, fixes #2083)
|
|
|
|
|
* [core] stream response to client (#949)
|
|
|
|
|
* [TLS] release openssl buffers as used (fixes #1265, fixes #1283, #881)
|
|
|
|
|
* [config] config options to stream request/response (#949, #376)
|
|
|
|
|
* [core] option to stream request body to backend (fixes #376)
|
|
|
|
|
* [core] option to stream response body to client (fixes #949, #760, #1283, #1387)
|
|
|
|
|
* drain backend socket/pipe bufs upon FDEVENT_HUP
|
|
|
|
|
* remove excess calls to joblist_append()
|
|
|
|
|
* defer choosing "Transfer-Encoding: chunked"
|
|
|
|
|
* asynchronous, bidirectional streaming options
|
|
|
|
|
* fix errors detected by Coverity Scan
|
|
|
|
|
* [cygwin] fix mod_proxy and mod_fastcgi ioctl use
|
|
|
|
|
* [mod_webdav] remove excess SQL param to UNLOCK
|
2016-07-16 00:02:17 +00:00
|
|
|
* graceful shutdown without unnecessary 1 sec delay
|
|
|
|
|
* [core] disable Nagle algorithm (TCP_NODELAY)
|
|
|
|
|
* [core] add declarations to fdevent.h (#2373)
|
|
|
|
|
* [tests] remove dependency on CGI.pm
|
|
|
|
|
* [TLS] fix return value checks during cert init
|
|
|
|
|
* [core] fix server.max-request-size to be precise (fixes #2131)
|
|
|
|
|
* [mod_webdav] fix proppatch mem leak, other fixes (#fixes 1334, #fixes 2000)
|
|
|
|
|
* [autobuild] CMake check for struct tm tm_gmtoff (fixes #2014)
|
|
|
|
|
* [mod_uploadprogress] fix mem leak (#1858)
|
|
|
|
|
* [core] make server.max-request-size scopeable (fixes #1901)
|
|
|
|
|
* [mod_fastcgi,mod_scgi] check for spawning on same unix socket (#319)
|
|
|
|
|
* [mod_accesslog] %a %A %C %D %k %{}t %{}T (fixes #1145, fixes #1415, fixes #2
|
|
|
|
|
081)
|
|
|
|
|
* [mod_access] new directive url.access-allow (fixes #1421)
|
|
|
|
|
* [core] fdevent_libev: update use of ev_timer
|
|
|
|
|
* [mod_cgi] handle local redirect response (fixes #2108)
|
2016-01-03 14:48:04 +00:00
|
|
|
|
|
|
|
|
- 1.4.39 - 2016-01-02
|
2015-12-18 21:56:59 +00:00
|
|
|
* [core] fix memset_s call (fixes #2698)
|
2015-12-19 08:28:39 +00:00
|
|
|
* [chunk] fix use after free / double free (fixes #2700)
|
2015-12-05 14:18:38 +00:00
|
|
|
|
|
|
|
|
- 1.4.38 - 2015-12-05
|
2015-09-16 00:18:11 +00:00
|
|
|
* [stat-cache] fix handling of collisions, might have returned wrong data (fixes #2669)
|
2015-09-24 06:03:38 +00:00
|
|
|
* [core] allocate at least 4k buffer for incoming data
|
2015-09-24 06:03:40 +00:00
|
|
|
* [core] fix search for header end if split across chunks (fixes #2670)
|
2015-09-26 10:11:22 +00:00
|
|
|
* [core] check configparserAlloc() result with force_assert
|
2015-09-26 10:11:24 +00:00
|
|
|
* [mod_auth] implement and use safe_memclear, using memset_s or explicit_bzero if available (thx loganaden)
|
2015-10-13 19:46:04 +00:00
|
|
|
* [core] don't buffer request bodies smaller than 64k on disk
|
2015-10-16 19:44:06 +00:00
|
|
|
* add force_assert for many allocations and function results
|
2015-10-27 20:50:53 +00:00
|
|
|
* [mod_secdownload] use a hopefully constant time comparison to check hash (fixes #2679)
|
2015-11-07 12:51:11 +00:00
|
|
|
* [config] check config option scope; warn if server option is given in conditional
|
2015-11-07 12:51:14 +00:00
|
|
|
* [core] revert increase of temp file size back to 1MB, provide a configure option "server.upload-temp-file-size" instead (fixes #2680)
|
2015-11-07 15:00:15 +00:00
|
|
|
* [core] add '~' to safe characters in ENCODING_REL_URI/ENCODING_REL_URI_PART encoding
|
2015-11-07 15:00:18 +00:00
|
|
|
* [core] encode path with ENCODING_REL_URI in redirect to directory (fixes #2661, thx gstrauss)
|
2015-11-22 22:22:22 +00:00
|
|
|
* [mod_secdownload] add required algorithm option; old behaviour available as "md5", new options "hmac-sha1" and "hmac-sha256"
|
2015-12-04 20:22:42 +00:00
|
|
|
* [mod_fastcgi/mod_scgi] zero sockaddr structs before use (fixes #2691, thx Kyle J. McKay)
|
2015-12-04 20:48:21 +00:00
|
|
|
* [network] add darwin-sendfile backend (fixes #2687, thx Kyle J. McKay)
|
2015-12-04 20:53:51 +00:00
|
|
|
* [core] show correct crypt support result (fixes #2690, thx Kyle J. McKay)
|
2015-09-15 11:52:35 +00:00
|
|
|
|
|
|
|
|
- 1.4.37 - 2015-08-30
|
2015-08-03 19:43:06 +00:00
|
|
|
* [mod_proxy] remove debug log line from error log (fixes #2659)
|
2015-08-09 13:03:52 +00:00
|
|
|
* [mod_dirlisting] fix dir-listing.set-footer not showing
|
2015-08-13 18:44:27 +00:00
|
|
|
* fix out-of-filedescriptors when uploading "large" files (fixes #2660, thx rmilecki)
|
2015-08-13 18:44:30 +00:00
|
|
|
* increase upload temporary chunk file size from 1MB to 16MB
|
2015-08-22 16:00:56 +00:00
|
|
|
* fix undefined integer shift
|
2015-08-22 16:00:59 +00:00
|
|
|
* rewrite network sendfile/mmap/writev/write backends
|
2015-08-22 16:01:08 +00:00
|
|
|
* fix some unchecked return value warnings
|
2015-08-22 21:39:19 +00:00
|
|
|
* [kqueue] fix kevent call
|
2015-08-22 21:39:24 +00:00
|
|
|
* [autoconf] define HAVE_CRYPT when crypt() is present
|
2015-08-22 23:27:17 +00:00
|
|
|
* [bsd xattr] fix compile break with BSD extended attributes in stat_cache
|
2015-08-23 11:53:48 +00:00
|
|
|
* [mod_cgi] rewrite mmap and generic (post body) send error handling
|
2015-08-23 12:59:07 +00:00
|
|
|
* [mmap] fix mmap alignment
|
2015-08-29 09:28:01 +00:00
|
|
|
* [plugins] when modules are linked statically still only load the modules given in the config
|
2015-08-29 12:23:42 +00:00
|
|
|
* [mmap] handle SIGBUS in network; those get triggered if the file gets smaller during reading
|
2015-08-30 10:16:28 +00:00
|
|
|
* fix some warnings found by coverity ("leak" in setup phase, not catching too long unix socket paths in mod_proxy)
|
2015-07-26 13:02:44 +00:00
|
|
|
|
|
|
|
|
- 1.4.36 - 2015-07-26
|
2014-04-02 10:04:11 +00:00
|
|
|
* use keep-alive timeout while waiting for HTTP headers; use always the read timeout while waiting for the HTTP body
|
2014-04-14 16:12:11 +00:00
|
|
|
* fix bad shift in conditional netmask ".../0" handling
|
2014-05-13 13:04:35 +00:00
|
|
|
* add more mime types and a script to generate mime.conf (fixes #2579)
|
2014-05-22 08:30:13 +00:00
|
|
|
* add support for (Free)BSD extended attributes
|
2014-10-16 17:52:10 +00:00
|
|
|
* [build] use fortify flags with "extra-warnings"
|
2014-10-16 17:52:12 +00:00
|
|
|
* [mod_dirlisting,mod_redirect,mod_rewrite] abort config parsing if pcre-compile fails or isn't available
|
2014-10-16 17:52:14 +00:00
|
|
|
* [ssl] disable SSL3.0 by default
|
2015-02-07 11:33:28 +00:00
|
|
|
* fixed typo in example config found by openSUSE user (boo# 907709)
|
2015-02-07 11:33:30 +00:00
|
|
|
* [network] fix compile break in calculation of sockaddr_un size if SUN_LEN is not defined (fixes #2609)
|
2015-02-07 13:32:54 +00:00
|
|
|
* [connections] fix bug in connection state handling
|
2015-02-07 13:32:56 +00:00
|
|
|
* print backtrace in assert logging with libunwind
|
2015-02-08 12:37:10 +00:00
|
|
|
* major refactoring of internal buffer/chunk handling
|
2015-02-12 06:39:39 +00:00
|
|
|
* [mod_auth] use crypt_r instead of crypt if available
|
2015-05-14 09:38:30 +00:00
|
|
|
* fix error message for T_CONFIG_ARRAY config values if an entry value is not a string
|
2015-05-14 09:38:33 +00:00
|
|
|
* fix segfaults in many plugins if they failed configuration
|
2015-05-28 15:47:14 +00:00
|
|
|
* escape all strings for logging (fixes #2646 log file injection, reported by Jaanus Kääp)
|
2015-07-05 16:01:16 +00:00
|
|
|
* fix hex escape in accesslog (fixes #2559)
|
2015-07-05 16:48:27 +00:00
|
|
|
* show extforward re-run warning only with debug.log-request-handling (fixes #2561)
|
2015-07-05 16:59:01 +00:00
|
|
|
* parse If-None-Match for ETag validation (fixes #2578)
|
2015-07-05 21:34:07 +00:00
|
|
|
* fix memory leak in mod_status when no counters are set (found by coverity)
|
2015-07-05 22:00:14 +00:00
|
|
|
* [mod_magnet] fix segfault when accessing not existing lighty.req_env[] entry (found by coverity)
|
2015-07-05 22:00:17 +00:00
|
|
|
* fix segfault when temp file for upload couldn't be created (found by coverity)
|
2015-07-07 17:12:48 +00:00
|
|
|
* mime.conf: add some new mime types, remove .dat, .sha1, .md5, update .vcf
|
2015-07-11 11:20:18 +00:00
|
|
|
* [mod_proxy] add unix domain socket support (fixes #2653)
|
2015-07-19 10:03:12 +00:00
|
|
|
* [configfile] fix reading uninitialized variable (found by Willian B.)
|
2014-04-02 10:04:09 +00:00
|
|
|
|
|
|
|
|
- 1.4.35 - 2014-03-12
|
2014-02-14 21:05:58 +00:00
|
|
|
* [network/ssl] fix build error if TLSEXT is disabled
|
2014-02-14 21:06:00 +00:00
|
|
|
* [mod_fastcgi] fix use after free (only triggered if fastcgi debug is active)
|
2014-02-14 21:06:03 +00:00
|
|
|
* [mod_rrdtool] fix invalid read (string not null terminated)
|
2014-02-14 21:06:05 +00:00
|
|
|
* [mod_dirlisting] fix memory leak if pcre fails
|
2014-02-14 21:06:07 +00:00
|
|
|
* [mod_fastcgi,mod_scgi] fix resource leaks on spawning backends
|
2014-02-14 21:06:10 +00:00
|
|
|
* [mod_magnet] fix memory leak
|
2014-02-14 21:06:12 +00:00
|
|
|
* add comments for switch fall throughs
|
2014-02-14 21:06:14 +00:00
|
|
|
* remove logical dead code
|
2014-02-14 21:06:16 +00:00
|
|
|
* [buffer] fix length check in buffer_is_equal_right_len
|
2014-02-14 21:06:19 +00:00
|
|
|
* fix resource leaks in error cases on config parsing and other initializations
|
2014-02-16 13:08:20 +00:00
|
|
|
* add force_assert() to enforce assertions as simple assert()s are disabled by -DNDEBUG (fixes #2546)
|
2014-02-16 13:08:27 +00:00
|
|
|
* [mod_cml_lua] fix null pointer dereference
|
2014-02-16 13:08:29 +00:00
|
|
|
* force assertion: setting FD_CLOEXEC must work (if available)
|
2014-02-16 13:08:32 +00:00
|
|
|
* [network] check return value of lseek()
|
2014-02-16 13:08:34 +00:00
|
|
|
* fix unchecked return values from stream_open/stat_cache_get_entry
|
2014-02-16 13:08:36 +00:00
|
|
|
* [mod_webdav] fix logic error in handling file creation error
|
2014-02-16 13:08:43 +00:00
|
|
|
* check length of unix domain socket filenames
|
2014-03-12 12:03:55 +00:00
|
|
|
* fix SQL injection / host name validation (thx Jann Horn)
|
2014-01-20 14:20:06 +00:00
|
|
|
|
2014-04-02 10:04:09 +00:00
|
|
|
- 1.4.34 - 2014-01-20
|
2013-10-13 11:16:55 +00:00
|
|
|
* [mod_auth] explicitly link ssl for SHA1 (fixes #2517)
|
2013-10-13 11:34:55 +00:00
|
|
|
* [mod_extforward] fix compilation without IPv6, (not) using undefined var (fixes #2515, thx mm)
|
2013-11-05 15:29:07 +00:00
|
|
|
* [ssl] fix SNI handling; only use key+cert from SNI specific config (fixes #2525, CVE-2013-4508)
|
2013-11-13 11:43:23 +00:00
|
|
|
* [doc] update ssl.cipher-list recommendation
|
2013-11-13 11:43:28 +00:00
|
|
|
* [stat-cache] FAM: fix use after free (CVE-2013-4560)
|
2013-11-13 11:43:31 +00:00
|
|
|
* [stat-cache] fix FAM cleanup/fdevent handling
|
2013-11-13 11:43:33 +00:00
|
|
|
* [core] check success of setuid,setgid,setgroups (CVE-2013-4559)
|
2013-11-13 17:18:39 +00:00
|
|
|
* [ssl] fix regression from CVE-2013-4508 (client-cert sessions were broken)
|
2014-01-10 12:04:57 +00:00
|
|
|
* maintain physical.basedir (the "acting" doc-root as prefix of physical.path) in more places
|
2014-01-10 12:04:59 +00:00
|
|
|
* [core] decode URL before rewrite, enabling it to work in $HTTP["url"] conditionals (fixes #2526)
|
2014-01-10 12:05:02 +00:00
|
|
|
* [auto* build] remove -no-undefined from linker flags, as we actually link modules with undefined symbols (fixes #2533)
|
2014-01-10 12:05:04 +00:00
|
|
|
* [mod_mysql_vhost] fix memory leak on config init (#2530)
|
2014-01-10 12:05:06 +00:00
|
|
|
* [mod_webdav] fix fd leak found with parfait (fixes #2530, thx kukackajiri)
|
2013-09-27 20:22:12 +00:00
|
|
|
|
|
|
|
|
- 1.4.33 - 2013-09-27
|
2013-01-04 13:54:38 +00:00
|
|
|
* mod_fastcgi: fix mix up of "mode" => "authorizer" in other fastcgi configs (fixes #2465, thx peex)
|
2013-01-22 13:08:21 +00:00
|
|
|
* fix handling of If-Modified-Since if If-None-Match is present (don't return 412 for date parsing errors);
|
|
|
|
|
follow current draft for HTTP/1.1, which tells us to ignore If-Modified-Since if we have matching etags.
|
2013-03-25 17:22:32 +00:00
|
|
|
* [mod_fastcgi,log] support multi line logging (fixes #2252)
|
2013-03-25 17:22:34 +00:00
|
|
|
* call ERR_clear_error only for ssl connections in CON_STATE_ERROR
|
2013-03-25 17:22:36 +00:00
|
|
|
* reject non ASCII characters in HTTP header names
|
2013-04-29 13:08:23 +00:00
|
|
|
* [mod_auth] use crypt() on encrypted password instead of extracting salt first (fixes #2483)
|
2013-04-29 13:08:25 +00:00
|
|
|
* [mod_auth] add htpasswd -s (SHA1) support if openssl is used (needs openssl for SHA1). This doesn't use any salt, md5 with salt is probably better.
|
2013-05-15 10:31:04 +00:00
|
|
|
* [mod_auth] fix base64_decode (#2484)
|
2013-05-15 10:31:07 +00:00
|
|
|
* fix some bugs found with canalyze (fixes #2484, thx Zhenbo Xu)
|
2013-05-15 10:31:09 +00:00
|
|
|
* fix undefined stuff found with clang
|
2013-06-29 09:45:23 +00:00
|
|
|
* [cmake] Use TARGET_LINK_LIBRARIES instead of LINK_FLAGS for library dependencies, also add -Wl,--as-needed to extra warnings (fixes #2448)
|
2013-06-29 09:45:27 +00:00
|
|
|
* [mod_auth] fix invalid read in digest qop=auth-int handling (fixes #2478)
|
2013-06-29 09:45:29 +00:00
|
|
|
* [auto* build] simplify autogen.sh, handle automake 1.13 test running (fixes #2490)
|
2013-06-29 10:07:43 +00:00
|
|
|
* [mod_userdir] add userdir.active option, "enabled" by default
|
2013-06-29 10:53:22 +00:00
|
|
|
* [core] return 501 Not Implemented in static file mode for all methods except GET/POST/HEAD/OPTIONS
|
2013-06-29 10:53:24 +00:00
|
|
|
* [core] recognize more http methods to forward to backends (fixes #2346)
|
2013-06-29 12:46:00 +00:00
|
|
|
* [ssl] use DH only if openssl supports it (fixes #2479)
|
2013-06-29 12:46:02 +00:00
|
|
|
* [network] use constants available at compile time for maximum number of chunks for writev instead of calling sysconf (fixes #2470)
|
2013-07-31 20:23:21 +00:00
|
|
|
* [ssl] Fix $HTTP["scheme"] conditional, could be "http" for ssl connections if the ssl $SERVER["socket"] conditional was nested (fixes #2501)
|
2013-08-30 13:14:48 +00:00
|
|
|
* [ssl] accept ssl renegotiations if they are not disabled (fixes #2491)
|
2013-08-30 13:14:50 +00:00
|
|
|
* [ssl] add option ssl.empty-fragments, defaulting to disabled (fixes #2492)
|
2013-08-30 13:14:52 +00:00
|
|
|
* [auth] put REMOTE_USER into cgi environment, making it accessible to lua via lighty.req_env (fixes #2495)
|
2013-08-30 13:14:56 +00:00
|
|
|
* [auth] new method "extern" to use already present REMOTE_USER (from magnet, ssl, ...) (fixes #2436)
|
2013-08-30 13:14:57 +00:00
|
|
|
* [core] remove requirement that default doc-root has to exist, there are reasonable scenarios not requiring static files at all
|
2013-08-30 13:14:59 +00:00
|
|
|
* [core] check whether server.chroot exists
|
2013-08-30 13:15:03 +00:00
|
|
|
* [mod_simple_vhost] fix cache; skip module if simple-vhost.server-root is empty (thx rm for reporting)
|
2013-08-30 14:13:43 +00:00
|
|
|
* [mod_accesslog] add accesslog.syslog-level option (fixes #2480)
|
2013-08-30 15:02:44 +00:00
|
|
|
* [core] allow files to be used as document-root (fixes #2475)
|
2013-08-30 15:46:13 +00:00
|
|
|
* [core] set signal handlers before forking child processes in modules/plugins_call_set_defaults (fixes #2502)
|
2012-11-21 12:34:49 +00:00
|
|
|
|
|
|
|
|
- 1.4.32 - 2012-11-21
|
2012-08-31 14:11:48 +00:00
|
|
|
* Code cleanup with clang/sparse (fixes #2437, thx kibi)
|
2012-11-06 17:14:37 +00:00
|
|
|
* Ignore EPIPE/ECONNRESET after SSL_shutdown
|
2012-11-07 13:07:00 +00:00
|
|
|
* Handle ENAMETOOLONG, return 404 Not Found (fixes #2396, thx dererkazo)
|
2012-11-07 13:07:02 +00:00
|
|
|
* configure.ac: remove old stuff, add some new to fix warnings in automake 1.12 (fixes #2419, thx blino)
|
2012-11-07 13:53:00 +00:00
|
|
|
* add PATCH method (fixes #2424)
|
2012-11-07 14:23:00 +00:00
|
|
|
* fix :port handling in $HTTP["host"] checks (fixes #2135. thx liming)
|
2012-11-09 14:23:22 +00:00
|
|
|
* network_server_init: fix double free and memleak on error (fixes #2440, thx kyprizel)
|
2012-11-09 14:23:24 +00:00
|
|
|
* detect "x-gzip"/"x-bzip2" as separate encodings, more strict encoding matching (fixes #2443)
|
2012-11-09 14:23:25 +00:00
|
|
|
* tests: make sure mod_proxy doesn't leave running processes (fixes #2435, thx kibi)
|
2012-11-15 08:44:10 +00:00
|
|
|
* mod_extforward: log address of untrusted proxy with debug.log-request-handling
|
2012-11-21 12:01:44 +00:00
|
|
|
* fix DoS in Connection header value split (reported by Jesse Sipprell, CVE-2012-5533)
|
2012-11-21 12:01:46 +00:00
|
|
|
* remove whitespace at end of header keys
|
2012-08-31 14:11:37 +00:00
|
|
|
|
|
|
|
|
- 1.4.31 - 2012-05-31
|
2012-05-31 15:08:36 +00:00
|
|
|
* [ssl] fix segfault in counting renegotiations for openssl versions without TLSEXT/SNI (thx carpii for reporting)
|
2011-12-25 15:35:01 +00:00
|
|
|
* Move fdevent subsystem includes to implementation files to reduce conflicts (fixes #2373)
|
2012-01-11 21:59:51 +00:00
|
|
|
* [mod_compress] fix handling if etags are disabled but cache-dir is set - may lead to double response
|
2012-02-24 18:34:20 +00:00
|
|
|
* disable mmap by default (fixes #2391)
|
2012-04-08 08:02:44 +00:00
|
|
|
* buffer_caseless_compare: always convert letters to lowercase to get transitive results, fixing array lookups (fixes #2405)
|
2012-04-19 13:02:06 +00:00
|
|
|
* Fix handling of empty header list entries in http_request_split_value, fixing invalid read in valgrind (fixes #2413)
|
2012-04-19 13:02:08 +00:00
|
|
|
* Fix access log escaping of " and \\ (fixes #1551)
|
2012-04-19 13:02:09 +00:00
|
|
|
* [mod_auth] Fix digest "md5-sess" implementation (Errata ID 1649, RFC 2617) (fixes #2410)
|
2012-04-19 13:02:11 +00:00
|
|
|
* [auth] Add "AUTH_TYPE" environment (for *cgi), remove fastcgi specific workaround, add fastcgi test case (fixes #889)
|
2012-04-19 13:02:13 +00:00
|
|
|
* [mod_*cgi,mod_accesslog] Fix splitting :port with ipv6 (fixes #2333, thx simoncpu)
|
2012-05-18 12:56:30 +00:00
|
|
|
* Detect multiple -f options: show error message instead of assert (fixes #2416)
|
2012-05-18 13:28:00 +00:00
|
|
|
* [mod_extforward] Support ipv6 addresses (fixes #1889)
|
2012-05-30 16:58:34 +00:00
|
|
|
* [mod_redirect] Support url.redirect-code option (fixes #2247)
|
2012-05-31 15:08:36 +00:00
|
|
|
* Fix --enable-mmap handling in configure.ac
|
2011-12-18 16:35:12 +00:00
|
|
|
|
|
|
|
|
- 1.4.30 - 2011-12-18
|
2011-07-30 09:16:03 +00:00
|
|
|
* Always use our 'own' md5 implementation, fixes linking issues on MacOS (fixes #2331)
|
2011-08-22 15:32:55 +00:00
|
|
|
* Limit amount of bytes we send in one go; fixes stalling in one connection and timeouts on slow systems.
|
|
|
|
|
* [ssl] fix build errors when Elliptic-Curve Diffie-Hellman is disabled
|
2011-08-30 22:13:59 +00:00
|
|
|
* Add static-file.disable-pathinfo option to prevent handling of urls like .../secret.php/image.jpg as static file
|
2011-09-05 09:32:43 +00:00
|
|
|
* Don't overwrite 401 (auth required) with 501 (unknown method) (fixes #2341)
|
2011-10-05 13:39:50 +00:00
|
|
|
* Fix mod_status bug: always showed "0/0" in the "Read" column for uploads (fixes #2351)
|
2011-11-29 22:27:11 +00:00
|
|
|
* [mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362)
|
2011-11-30 18:40:08 +00:00
|
|
|
* [ssl] count renegotiations to prevent client renegotiations
|
2011-11-30 19:59:24 +00:00
|
|
|
* [ssl] add option to honor server cipher order (fixes #2364, BEAST attack)
|
2011-11-30 20:46:49 +00:00
|
|
|
* [core] accept dots in ipv6 addresses in host header (fixes #2359)
|
2011-12-05 17:08:17 +00:00
|
|
|
* [ssl] fix ssl connection aborts if files are larger than the MAX_WRITE_LIMIT (256kb)
|
2011-12-18 12:58:04 +00:00
|
|
|
* [libev/cgi] fix waitpid ECHILD errors in cgi with libev (fixes #2324)
|
2011-07-03 16:34:59 +00:00
|
|
|
|
|
|
|
|
- 1.4.29 - 2011-07-03
|
2010-09-17 16:43:07 +00:00
|
|
|
* Fix mod_proxy waiting for response even if content-length is 0 (fixes #2259)
|
2010-09-17 16:43:11 +00:00
|
|
|
* Silence annoying "connection closed: poll() -> ERR" error.log message (fixes #2257)
|
2011-03-13 17:44:39 +00:00
|
|
|
* mod_cgi: make read buffer as big as incoming data block
|
2011-03-13 17:44:42 +00:00
|
|
|
* [build] Fix detection of libev (fixes #2300)
|
2011-03-13 18:00:09 +00:00
|
|
|
* ssl: Support for Diffie-Hellman and Elliptic-Curve Diffie-Hellman key exchange (fixes #2301)
|
|
|
|
|
add ssl.use-sslv3 (fixes #2246)
|
|
|
|
|
load all algorithms (fixes #2239)
|
2011-04-24 16:02:52 +00:00
|
|
|
* [ssl/md5] prefix our own md5 implementation with li_ so it doesn't conflict with the openssl one (fixes #2269)
|
2011-04-24 16:02:55 +00:00
|
|
|
* [ssl/build] some minor fixes; fix compile without ssl, cleanup ssl config buffers
|
2011-06-12 15:44:26 +00:00
|
|
|
* [proc,include_shell] log error if exec shell fails (fixes #2280)
|
2011-06-13 12:22:02 +00:00
|
|
|
* [*cgi] Use physical base dir (alias, userdir) as DOCUMENT_ROOT in cgi environments (fixes #2216)
|
2011-06-13 12:55:54 +00:00
|
|
|
* [doc] Move docs to outdated/ subdir and refer to wiki instead (fixes #2248)
|
2011-06-13 17:34:57 +00:00
|
|
|
* fdevent: add solaris eventports (fixes #2171)
|
2010-08-22 15:37:46 +00:00
|
|
|
|
|
|
|
|
- 1.4.28 - 2010-08-22
|
2010-08-22 11:44:49 +00:00
|
|
|
* Rename fdevent_event_add to _set to reflect what the function does. Fix some handlers. (fixes #2249)
|
2010-08-22 11:35:12 +00:00
|
|
|
* Fix buffer.h to include stdio.h as it is needer for SEGFAULT() (fixes #2250)
|
2010-08-13 11:12:28 +00:00
|
|
|
|
|
|
|
|
- 1.4.27 - 2010-08-13
|
2010-02-28 11:48:05 +00:00
|
|
|
* Fix handling return value of SSL_CTX_set_options (fixes #2157, thx mlcreech)
|
2010-04-07 15:34:51 +00:00
|
|
|
* Fix mod_proxy HUP handling (send final chunk, fix usage counter)
|
2010-04-07 15:54:28 +00:00
|
|
|
* mod_proxy: close connection on write error (fixes #2114)
|
2010-04-13 15:47:29 +00:00
|
|
|
* Check uri instead of physical path for directory redirect
|
2010-04-28 13:12:36 +00:00
|
|
|
* Fix detecting git repository (fixes #2173, thx ncopa)
|
2010-04-28 13:35:25 +00:00
|
|
|
* [mod_compress] Fix segfault when etags are disabled (fixes #2169)
|
2010-04-28 19:08:11 +00:00
|
|
|
* Reset uri.authority before TLS servername handling, reset all "keep-alive" data in connection_del (fixes #2125)
|
2010-05-28 15:16:39 +00:00
|
|
|
* Print double quotes properly when dumping config file (fixes #1806)
|
2010-05-28 15:54:27 +00:00
|
|
|
* Include IP addresses on error log on password failures (fixes #2191)
|
2010-07-04 07:45:13 +00:00
|
|
|
* Fix stalls while reading from ssl sockets (fixes #2197)
|
2010-07-04 07:45:17 +00:00
|
|
|
* Fix etag formatting on boxes with 32-bit longs
|
2010-07-04 07:45:25 +00:00
|
|
|
* Fix two compiler warnings
|
2010-07-04 08:30:48 +00:00
|
|
|
* mod_accesslog: fix %p for ipv6 sockets (fixes #2228, thx jo.henke)
|
2010-07-04 08:30:52 +00:00
|
|
|
* mod_fastcgi: Send 502 "Bad Gateway" if we couldn't open the file for X-Sendfile (fixes #2226)
|
2010-07-04 08:43:37 +00:00
|
|
|
* mod_staticfile: add debug output if we ignore a file with static-file.exclude-extensions (fixes #2215)
|
2010-07-04 10:37:34 +00:00
|
|
|
* mod_cgi: fix race condition leaving response not forwarded to client (fixes #2217)
|
2010-07-11 17:18:54 +00:00
|
|
|
* mod_accesslog: Fix var declarations mixed in source (fixes #2233)
|
2010-07-11 17:18:59 +00:00
|
|
|
* mod_status: Add version to status page (fixes #2219)
|
2010-08-05 19:53:49 +00:00
|
|
|
* mod_accesslog: optimize accesslog_append_escaped (fixes #2236, thx crypt)
|
2010-08-05 20:42:18 +00:00
|
|
|
* openssl: silence annoying error messages for errno==0 (fixes #2213)
|
2010-08-05 21:08:23 +00:00
|
|
|
* array.c: improve array_get_unused_element to check data type; fix mem leak if unused_element didn't find a matching entry (fixes #2145)
|
2010-08-05 22:55:18 +00:00
|
|
|
* add check to stop loading plugins twice
|
2010-08-06 21:57:15 +00:00
|
|
|
* cleanup fdevent code, removed linux-rtsig handler, replaced some fprintf calls
|
2010-08-06 21:57:19 +00:00
|
|
|
* only require FDEVENT_IN bit to be set for listening connections (fixes #2227)
|
2010-08-07 10:46:34 +00:00
|
|
|
* add libev fdevent handler: server.event-handler = "libev"
|
2010-08-07 11:41:27 +00:00
|
|
|
* mod_proxy: return response as soon as it is available (fixes #2196)
|
2010-08-07 11:56:09 +00:00
|
|
|
* don't overwrite global server.force-lowercase-filenames setting (fixes #2042)
|
2010-08-07 13:16:16 +00:00
|
|
|
* bind to IPV6-only if ipv6 address was specified (http://redmine.lighttpd.net/projects/lighttpd/wiki/IPv6-Config)
|
2010-02-07 21:02:54 +00:00
|
|
|
|
|
|
|
|
- 1.4.26 - 2010-02-07
|
2010-01-30 21:27:38 +00:00
|
|
|
* Fix request parser to handle packets with splitted \r\n\r\n (fixes #2105)
|
|
|
|
|
* Remove dependency on automake >= 1.11 with m4_ifdef check
|
|
|
|
|
* mod_accesslog: support %e (fixes #2113, thx presbrey)
|
|
|
|
|
* Fix mod_cgi cgi.execute-x-only option in global block
|
|
|
|
|
* mod_fastcgi: x-sendfile2 parse error debugging
|
|
|
|
|
* Fix mod_proxy dead host detection if connect() fails
|
|
|
|
|
* Fix fd leaks in mod_cgi (fds not closed on pipe/fork failures, found by Rodrigo, fixes #2158, #2159)
|
|
|
|
|
* Fix segfault with broken rewrite/redirect patterns (fixes #2140, found by crypt)
|
2010-02-07 19:51:52 +00:00
|
|
|
* Append to previous buffer in con read, fix DoS/OOM vulnerability (fixes #2147, found by liming, CVE-2010-0295)
|
2010-02-04 10:13:37 +00:00
|
|
|
* Fix HUP detection in close-state if event-backend doesn't support FDEVENT_HUP (like select or poll on FreeBSD)
|
2009-11-21 16:08:36 +00:00
|
|
|
|
|
|
|
|
- 1.4.25 - 2009-11-21
|
2009-10-26 14:16:15 +00:00
|
|
|
* mod_magnet: fix pairs() for normal tables and strings (fixes #1307)
|
2009-10-26 14:16:20 +00:00
|
|
|
* mod_magnet: add traceback for printing lua errors
|
2009-10-26 18:48:26 +00:00
|
|
|
* mod_rewrite: fix compile error if compiled without pcre
|
2009-10-27 08:46:05 +00:00
|
|
|
* disable warning "CLOSE-read" (fixes #2091)
|
2009-10-31 09:54:13 +00:00
|
|
|
* mod_rrdtool: fix creating file if it doesn't exist (#1788)
|
2009-11-05 17:32:08 +00:00
|
|
|
* reset tlsext_server_name in connection_reset - fixes random hostnames in the $HTTP["host"] conditional
|
2009-11-05 21:46:48 +00:00
|
|
|
* export some SSL_CLIENT_* vars for client cert validation (fixes #1288, thx presbrey)
|
2009-11-07 18:24:04 +00:00
|
|
|
* mod_fastcgi: fix mod_fastcgi packet parsing
|
2009-11-07 22:00:10 +00:00
|
|
|
* mod_fastcgi: Don't reconnect after connect() succeeded (fixes #2096)
|
2009-11-21 15:11:59 +00:00
|
|
|
* Fix configure.ac to allow autoreconf, also enables make V=0
|
2009-10-26 14:16:09 +00:00
|
|
|
|
|
|
|
|
- 1.4.24 - 2009-10-25
|
2009-06-21 17:25:24 +00:00
|
|
|
* Add T_CONFIG_INT for bigger integers from the config (needed for #1966)
|
2009-06-21 17:25:31 +00:00
|
|
|
* Use unsigned int (and T_CONFIG_INT) for max_request_size
|
|
|
|
|
* Use unsigned int for secdownload.timeout (fixes #1966)
|
2009-06-21 17:25:34 +00:00
|
|
|
* Keep url/host values from connection to display information while keep-alive in mod_status (fixes #1202)
|
2009-06-21 17:25:39 +00:00
|
|
|
* Add server.breakagelog, a "special" stderr (fixes #1863)
|
2009-07-01 16:04:17 +00:00
|
|
|
* Fix config evaluation for debug.log-timeouts option (#1529)
|
2009-07-04 20:23:00 +00:00
|
|
|
* Add "cgi.execute-x-only" to mod_cgi, requires +x for cgi scripts (fixes #2013)
|
2009-07-10 16:16:11 +00:00
|
|
|
* Fix FD_SETSIZE comparision warnings
|
2009-07-10 16:19:45 +00:00
|
|
|
* Add "lua-5.1" to searched pkg-config names for lua
|
2009-07-10 16:23:59 +00:00
|
|
|
* Fix unused function webdav_lockdiscovery in mod_webdav
|
2009-07-10 16:36:36 +00:00
|
|
|
* cmake: Fix crypt lib check
|
2009-07-10 16:46:04 +00:00
|
|
|
* cmake: Add -export-dynamic to link flags, fixes build on FreeBSD
|
2009-07-11 09:01:18 +00:00
|
|
|
* Set FD_CLOEXEC for bound sockets before pipe-logger forks (fixes #2026)
|
2009-07-13 13:41:44 +00:00
|
|
|
* Reset ignored signals to SIG_DFL before exec() in fastcgi/scgi (fixes #2029)
|
2009-07-13 13:48:29 +00:00
|
|
|
* Show "no uri specified -> 400" error only when "debug.log-request-header-on-error" is enabled (fixes #2030)
|
2009-07-13 14:13:52 +00:00
|
|
|
* Fix hanging connection in mod_scgi (fixes #2024)
|
2009-07-14 12:57:27 +00:00
|
|
|
* Allow digits in hostnames in more places (fixes #1148)
|
2009-07-14 13:15:38 +00:00
|
|
|
* Use connection_reset instead of handle_request_done for cleanup callbacks
|
2009-07-23 23:37:46 +00:00
|
|
|
* Change mod_expire to append Cache-Control instead of overwriting it (fixes #1997)
|
2009-07-16 23:23:08 +00:00
|
|
|
* Allow all comparisons for $SERVER["socket"] - only bind for "=="
|
2009-07-21 08:52:33 +00:00
|
|
|
* Remove strptime failed message (fixes #2031)
|
2009-07-21 20:35:27 +00:00
|
|
