|
|
|
|
|
|
|
|
|
====
|
|
|
|
|
NEWS
|
|
|
|
|
====
|
|
|
|
|
|
|
|
|
|
- 1.4.55 - 2020-01-31
|
|
|
|
|
* [core] fix compile error on Solaris (fixes #2959)
|
|
|
|
|
* [core] __attribute_pure__
|
|
|
|
|
* [core] array-specialized buffer_caseless_compare()
|
|
|
|
|
* [core] specialized buffer_eq_*() for short strings
|
|
|
|
|
* [core] mark some more funcs w/ __attribute_pure__
|
|
|
|
|
* [core] use buffer_eq_icase* funcs
|
|
|
|
|
* [multiple] replace strcasecmp() on short strings
|
|
|
|
|
* [core] mark some more funcs w/ __attribute_pure__
|
|
|
|
|
* [mod_webdav] fix startup crash w/ multiple conds (fixes #2958)
|
|
|
|
|
* [core] cold func http_response_omit_header()
|
|
|
|
|
* [core] use buffer_eq_icase_ssn func
|
|
|
|
|
* [core] use buffer_eq_icase_ssn func
|
|
|
|
|
* [core] correct __attribute_pure__ syntax
|
|
|
|
|
* [core] allocate unix socket paths with SUN_LEN()+1 (fixes #2962)
|
|
|
|
|
* Use explicit_memset from NetBSD if available for safe_memclear (fixes #2971)
|
|
|
|
|
* Also use explicit_memset (NetBSD) with cmake, scons and meson
|
|
|
|
|
* [cmake]: enable CMAKE_POSITION_INDEPENDENT_CODE by default
|
|
|
|
|
* [core] improve http_headers[] data struct packing
|
|
|
|
|
* [core] fdevent_poll() is effective periodic timer
|
|
|
|
|
* [core] move con state handling to connections*.c
|
|
|
|
|
* [core] issue config error for invalid ':' (fixes #2980)
|
|
|
|
|
* [mod_deflate] fix choose encoding parse error (fixes #2981)
|
|
|
|
|
* [core] retry on some fdevent set/del temporary err
|
|
|
|
|
* [core] disable stat_cache FAM if FAM conn closed
|
|
|
|
|
* [mod_auth] http_auth_const_time_memeq improvement
|
|
|
|
|
* [build] prefer pkg-config for postgres (fixes #2965)
|
|
|
|
|
* [mod_authn_gssapi] 500 if fail to delegate creds (#2967)
|
|
|
|
|
* [mod_authn_gssapi] option to store delegated creds (fixes #2967)
|
|
|
|
|
* [mod_webdav] fix file uploads > 128M (fixes #2970)
|
|
|
|
|
* [mod_auth] do not use quoted-string for algorithm
|
|
|
|
|
* [mod_auth] require digest uri= match original URI
|
|
|
|
|
* [mod_auth] Authentication-Info: nextnonce=...
|
|
|
|
|
* [mod_auth] http_auth_const_time_memeq_pad()
|
|
|
|
|
* [mod_auth] http_auth_const_time_memeq() (#2975, #2976)
|
|
|
|
|
* [build] PGSQL_CFLAGS with pkg-config for postgres (#2965)
|
|
|
|
|
* [build] PGSQL_CFLAGS with pkg-config for postgres (#2965)
|
|
|
|
|
* [core] avoid freeaddrinfo() on NULL ptr (fixes #2984)
|
|
|
|
|
* [core] reject WS following header field-name (fixes #2985)
|
|
|
|
|
* [core] reject Transfer-Encoding + Content-Length (#2985)
|
|
|
|
|
* [mod_openssl] reject invalid ALPN
|
|
|
|
|
* [mod_accesslog] parse multiple cookies (fixes #2986)
|
|
|
|
|
* [core] Oracle Solaris does not have POLLRDHUP
|
|
|
|
|
* [multiple] address coverity warnings
|
|
|
|
|
* [core] preserve %2b and %2B in query string (fixes #2999)
|
|
|
|
|
* [core] fall back to accept() if accept4() EPERM (fixes #2998)
|
|
|
|
|
* [mod_auth] close connection after bad password
|
|
|
|
|
* [core] do not accept() > server.max-connections
|
|
|
|
|
* [core] save errno before logging if execve() fails
|
|
|
|
|
* [config] update /var/run -> /run for systemd
|
|
|
|
|
* [core] Solaris has getloadavg in sys/loadavg.h
|
|
|
|
|
* [build] Fix build when using nested CMake
|
|
|
|
|
* [core] fix one-byte OOB read (underflow)
|
|
|
|
|
|
|
|
|
|
- 1.4.54 - 2019-05-27
|
|
|
|
|
* [mod_evhost] handle IPv6 literal addr; add tests
|
|
|
|
|
* [core] separate server_main_loop() func, mark hot
|
|
|
|
|
* [core] mark startup/shutdown funcs cold
|
|
|
|
|
* [core] some server_main_loop() cleanup
|
|
|
|
|
* [core] fdevent_process()
|
|
|
|
|
* [core] srv->max_fds_lowat and srv->max_fds_hiwat
|
|
|
|
|
* [core] remove server.h
|
|
|
|
|
* [mod_staticfile] search ext array if not empty
|
|
|
|
|
* [core] store joblist pointer on stack
|
|
|
|
|
* [core] quickly clear request buffer for reuse
|
|
|
|
|
* [core] helper funcs for connection_state_machine()
|
|
|
|
|
* [core] perf: optimize connection_read_header()
|
|
|
|
|
* [core] parse request in connection_read_header()
|
|
|
|
|
* [core] log_request_header_on_error in one place
|
|
|
|
|
* [core] copy request only if might need for logging
|
|
|
|
|
* [core] make parse_request,request.request same buf
|
|
|
|
|
* [core] prefer buffer_caseless_compare()
|
|
|
|
|
* [core] pass req hdrs buffer to http_request_parse
|
|
|
|
|
* [core] replace con->response.keep_alive
|
|
|
|
|
* [core] mark log_error_write*() funcs cold
|
|
|
|
|
* [core] http_request_parse() mark error paths cold
|
|
|
|
|
* [core] lift code out of request line parse loop
|
|
|
|
|
* [core] get_http_method_key() match by strlen first
|
|
|
|
|
* [core] RFC7230 HTTP-version parse
|
|
|
|
|
* [mod_accesslog] attempt to reconstruct req line
|
|
|
|
|
* [multiple] minor: remove duplicated conditions
|
|
|
|
|
* [mod_deflate] honor request for x-gzip, x-bzip2
|
|
|
|
|
* [mod_auth] minor: adjust config validation
|
|
|
|
|
* [core] discard oversized trailers
|
|
|
|
|
* [core] no keep-alive if POLLRDHUP,empty read queue
|
|
|
|
|
* [core] fix gw_backend spelling of directive in err
|
|
|
|
|
* [multiple] reduce code dup in list resizing
|
|
|
|
|
* [core] con->is_ssl_sock
|
|
|
|
|
* [core] connection_handle_write() updates con state
|
|
|
|
|
* [core] skip plugins_call_cleanup if not init'ed
|
|
|
|
|
* [core] simpler loops to run plugin hooks
|
|
|
|
|
* [core] fix mixed use of srv->split_vals array (fixes #2932)
|
|
|
|
|
* [core] dispatch events from within event framework
|
|
|
|
|
* [core] don't call fd event handlers more than once, they might already be gone (fixes segfault)
|
|
|
|
|
* [core] poll: fdarray uses fd as index, not fde_ndx
|
|
|
|
|
* [core] map FDEVENT_* to OS system event frameworks
|
|
|
|
|
* [core] prefer memchr() over strchr()
|
|
|
|
|
* [core] use openssl to read,discard request body
|
|
|
|
|
* [mod_openssl] inherit cipherlist from global scope
|
|
|
|
|
* [mod_openssl] default: ssl.cipher-list = "HIGH"
|
|
|
|
|
* [mod_proxy] pass Content-Length to backend if > 0
|
|
|
|
|
* [core] config option to allow GET w/ request body
|
|
|
|
|
* [core] some fdevent code streamlining
|
|
|
|
|
* [core] remove fde_ndx member outside fdevents
|
|
|
|
|
* [core] remove redundant check for allow_http11
|
|
|
|
|
* [mod_openssl] use 16k static buffer instead of 64k
|
|
|
|
|
* [core] pull server load checks out of main loop
|
|
|
|
|
* [core] isolate fdevent processing
|
|
|
|
|
* [core] release empty chunk buf when nothing read
|
|
|
|
|
* [core] perf: pass (fdnode *) to epoll and kqueue
|
|
|
|
|
* [core] modify config parser to handle multiple }
|
|
|
|
|
* [core] pass (fdnode *) for registered fdevent fd
|
|
|
|
|
* [mod_auth] http_auth_digest_hex2bin()
|
|
|
|
|
* [mod_auth] http_auth_info_t digest abstraction
|
|
|
|
|
* [mod_auth] pass http_auth_require_t for 401 Unauth
|
|
|
|
|
* [core] no SOCK_NONBLOCK on QNX 7.0
|
|
|
|
|
* [mod_auth] HTTP Auth Digest algorithm=SHA-256
|
|
|
|
|
* [core] silence coverity warning
|
|
|
|
|
* [mod_magnet] fix invalid script return-type crash (fixes #2938)
|
|
|
|
|
* [build] remove -Wdeclaration-after-statement
|
|
|
|
|
* [core] pass conf.follow_symlink in more places
|
|
|
|
|
* [core] fix assertion with server.error-handler (fixes #2941)
|
|
|
|
|
* [core] extend dir redirection to take HTTP status
|
|
|
|
|
* [doc] minor adjust create-mime.conf.pl regex match (#2942)
|
|
|
|
|
* [core] __attribute__((fallthrough)) for GCC 7.0
|
|
|
|
|
* [core] fdevent_mkstemp_append() (shared)
|
|
|
|
|
* [core] off_t upload_temp_file_size
|
|
|
|
|
* [core] clear FDEVENT_RDHUP if no POLLRDHUP
|
|
|
|
|
* [mod_wstunnel] fix ping-interval for big-endian (fixes #2944)
|
|
|
|
|
* [core] fix abort in http-parseopts (fixes #2945)
|
|
|
|
|
* [core] remove repeated slashes in http-parseopts
|
|
|
|
|
* [core] fix 1.4.52 regression in mem use with POST (fixes #2948)
|
|
|
|
|
* [multiple] cleaner calloc use in SETDEFAULTS_FUNC
|
|
|
|
|
* [core] add const to some etag prototypes
|
|
|
|
|
* [core] __attribute__((format ...))
|
|
|
|
|
* [core] struct log_error_st for error logging
|
|
|
|
|
* [core] log_error, log_perror using printf-like fmt
|
|
|
|
|
* [core] new worker_init hook to follow parent fork
|
|
|
|
|
* [core] replace open() with fdevent_open_cloexec()
|
|
|
|
|
* [mod_webdav] major rewrite (fixes #1818)
|
|
|
|
|
* [core] 200 for OPTIONS /non-existent/path HTTP/1.1 (fixes #2939)
|
|
|
|
|
* [mod_webdav] surround Lock-Token with "<...>"
|
|
|
|
|
* [mod_webdav] fix uuid detection macro
|
|
|
|
|
* [mod_webdav] fix misbehavior on blank nodes in PROPPATCH
|
|
|
|
|
* [mod_webdav] clean up resources after do{}while(0)
|
|
|
|
|
* [mod_webdav] check If-Match, If-Unmodified-Since (#1818)
|
|
|
|
|
* [mod_webdav] deprecated unsafe partial PUT compat
|
|
|
|
|
* [mod_webdav] provide ETag in more responses
|
|
|
|
|
* [mod_webdav] platform portability fixes
|
|
|
|
|
* [mod_webdav] disable elftc_copyfile() on FreeBSD
|
|
|
|
|
* [mod_webdav] special-case If: (<DAV:no-lock>)
|
|
|
|
|
* [mod_webdav] check If-None-Match (#1818)
|
|
|
|
|
* [stat_cache] separate func for symlink policy chk
|
|
|
|
|
* [stat_cache] separate symlink pol from data struct
|
|
|
|
|
* [stat_cache] store entries without trailing slash
|
|
|
|
|
* [stat_cache] pass age param for stat cache cleanup
|
|
|
|
|
* [stat_cache] remove splaytree ins/del debug code
|
|
|
|
|
* [stat_cache] FAM: reduce string copying
|
|
|
|
|
* [stat_cache] FAM: check FAMNextEvent() return code
|
|
|
|
|
* [stat_cache] FAM: use entry hash index as userdata
|
|
|
|
|
* [stat_cache] FAM: improve handling modified file
|
|
|
|
|
* [stat_cache] FAM: ignore follow-symlink config
|
|
|
|
|
* [stat_cache] FAM: check hash collision before add
|
|
|
|
|
* [stat_cache] FAM: ignore event with no valid match
|
|
|
|
|
* [stat_cache] FAM: funcs to invalidate entries
|
|
|
|
|
* [stat_cache] interfaces to invalidate entries
|
|
|
|
|
* [mod_webdav] update stat_cache after file mod
|
|
|
|
|
* [core] use high precision stat timestamp in etag
|
|
|
|
|
* [scons] adjustment for static build under CentOS
|
|
|
|
|
* [core] emit trace using path before clearing path
|
|
|
|
|
* [core] http_chunk_append_file_fd()
|
|
|
|
|
* [multiple] open target file earlier in some cases
|
|
|
|
|
* [stat_cache] no longer stat() and open() for stat
|
|
|
|
|
* [stat_cache] FAM: improve monitoring, cache 16 sec
|
|
|
|
|
* [stat_cache] FAM: separate routine for FDEVENT_IN
|
|
|
|
|
* [stat_cache] FAM: whitespace-only change
|
|
|
|
|
* [mod_webdav] quiet coverity warnings
|
|
|
|
|
* [doc] highlight relevance of module load order (fixes #2946)
|
|
|
|
|
* [core] behavior change: stricter URL normalization
|
|
|
|
|
* [stat_cache] fix compilation error for cmake
|
|
|
|
|
* [cmake] help cmake on FreeBSD find sys/event.h
|
|
|
|
|
* [scons] help scons on FreeBSD find sys/event.h
|
|
|
|
|
* [build] detect FreeBSD elftc_copyfile()
|
|
|
|
|
* [mod_openssl] use SSL_CTX_set_client_hello_cb()
|
|
|
|
|
* [core] support weak etags with If-None-Match
|
|
|
|
|
* [core] store log_state_handling flag on stack
|
|
|
|
|
* [core] check if splay_tree NULL before invalidate
|
|
|
|
|
* [mod_webdav] workaround Microsoft-WebDAV-MiniRedir
|
|
|
|
|
* [mod_webdav] doc Microsoft-WebDAV-MiniRedir bugs
|
|
|
|
|
* [mod_webdav] invalidate parent dir in stat_cache
|
|
|
|
|
* [doc] systemd socket activation config example
|
|
|
|
|
* [core] chunkqueue perf: code reuse
|
|
|
|
|
* [core] chunkqueue perf: specialized buffer.h funcs
|
|
|
|
|
* [core] chunkqueue perf: skip opening 0-length file
|
|
|
|
|
* [core] chunkqueue perf: read small files into mem
|
|
|
|
|
* [core] buffer_reset() should not be passed NULL
|
|
|
|
|
* [tests] has_feature() helper func
|
|
|
|
|
* [tests] skip mod-secdownload HMAC-SHA1,HMAC-SHA256
|
|
|
|
|
* [core] use high precision stat timestamp on OS X
|
|
|
|
|
* [mod_magnet] expose server addr (local IP) to lua
|
|
|
|
|
* [core] adjust http_chunk read() retry loop
|
|
|
|
|
* [mod_maxminddb] MaxMind GeoIP2 support
|
|
|
|
|
* [mod_authn_ldap] ldap_set_option LDAP_OPT_RESTART (fixes #2940)
|
|
|
|
|
|
|
|
|
|
- 1.4.53 - 2019-01-27
|
|
|
|
|
* [mod_cml,mod_flv_streaming] fix NULL ptr deref
|
|
|
|
|
* [mod_simple_vhost] t/test_mod_simple_vhost
|
|
|
|
|
* [mod_evhost] split uri handler func for testing
|
|
|
|
|
* [mod_evhost] restructure for unit tests
|
|
|
|
|
* [mod_evhost] t/test_mod_evhost
|
|
|
|
|
* [mod_access] restructure for unit tests
|
|
|
|
|
* [mod_access] t/test_mod_access
|
|
|
|
|
* [tests] include first.h and NDEBUG early
|
|
|
|
|
* [core] use kill_signal for gw_proc_kill()
|
|
|
|
|
* [tests] t/test_keyvalue
|
|
|
|
|
* [tests] some test config cleanup
|
|
|
|
|
* [tests] update skip count in mod-fastcgi.t
|
|
|
|
|
* [multiple] reduce initial buffer sz if large POST (fixes #2922)
|
|
|
|
|
* [mod_fastcgi] fix NULL ptr deref from bugfix #2922 (fixes #2923)
|
|
|
|
|
* [tests] more test config cleanup
|
|
|
|
|
* [core] perf: incremental hash of pathname w/o copy
|
|
|
|
|
* [core] perf: reuse buffer to redirect to directory
|
|
|
|
|
* [core] do not free() reused buffer
|
|
|
|
|
* [core] use connected sock port in dir redirect
|
|
|
|
|
* [core] http_response_buffer_append_authority()
|
|
|
|
|
* [core] use con->server_name for dir redir
|
|
|
|
|
* [core] memeq compare rounded to 64, not next 1M
|
|
|
|
|
* [core] define MD5_DIGEST_LENGTH 16
|
|
|
|
|
* [mod_auth] permit additional auth backends to load
|
|
|
|
|
* [core] send Connection: close if reqbody not read (fixes #2924)
|
|
|
|
|
* [core] cache rev DNS for localhost for dir redir
|
|
|
|
|
* [doc/conf] resolve some mime type conflicts from debian buster, regenerate mime.conf
|
|
|
|
|
* [core] move winsock init to network_init()
|
|
|
|
|
* [core] move /dev/stdin graceful restart handling
|
|
|
|
|
* [core] network_srv_sockets_append() shared code
|
|
|
|
|
* [core] systemd socket activation support
|
|
|
|
|
* [build] autotools: try mysqlclient.pc and mariadb.pc (fixes #2925)
|
|
|
|
|
* [mod_expire] look up expire fallback "" explicitly
|
|
|
|
|
* [multiple] calloc match ptr type (clang --analyze)
|
|
|
|
|
* [multiple] quiet clang --analyze where trivial
|
|
|
|
|
* [mod_webdav] compare COPY, MOVE Destination scheme
|
|
|
|
|
* [core] con->uri.scheme is maintained lowercase
|
|
|
|
|
* [mod_openssl] ALPN and acme-tls/1 (fixes #2931)
|
|
|
|
|
* [core] Fix recursive include_shell invocations
|
|
|
|
|
* [mod_openssl] ssl.privkey directive (optional)
|
|
|
|
|
|
|
|
|
|
- 1.4.52 - 2018-11-28
|
|
|
|
|
* [mysql] MySQL 8 deprecates my_bool
|
|
|
|
|
* [core] typo in trace
|
|
|
|
|
* [build] Fix unportable test(1) operator
|
|
|
|
|
* [core] perf: call connection_reset() fewer times
|
|
|
|
|
* [core] perf: array_reset_data_strings()
|
|
|
|
|
* [core] perf: buffer_free_ptr() __attribute__ cold
|
|
|
|
|
* [core] perf: one-element cache for host normalize
|
|
|
|
|
* [core] perf: buffer_copy_string_len()
|
|
|
|
|
* [core] perf: skip redundant prepare copy calls
|
|
|
|
|
* [core] perf: buffer_align_size() identity if align
|
|
|
|
|
* [core] perf: size write buffers for reuse
|
|
|
|
|
* [core] perf: prepend headers directly into write q
|
|
|
|
|
* [core] perf: copy small strings; better buf reuse
|
|
|
|
|
* [core] perf: copy small strings; extend last chunk
|
|
|
|
|
* [core] perf: specialized func for array sorting
|
|
|
|
|
* [core] perf: append response directly into write q
|
|
|
|
|
* [core] perf: better buf reuse reading from backend
|
|
|
|
|
* [core] chunk.c code reuse
|
|
|
|
|
* [multiple] perf: write headers to backend write cq
|
|
|
|
|
* [multiple] perf: power-2 alloc large headers
|
|
|
|
|
* [multiple] perf: use larger initial backend buffer
|
|
|
|
|
* [core] permit env vars to be set with blank value
|
|
|
|
|
* [mod_fastcgi] perf: reduce data copies
|
|
|
|
|
* [mod_fastcgi] perf: reduce data copies
|
|
|
|
|
* [core] perf: chunk.c chunk pool
|
|
|
|
|
* [multiple] perf: reuse large buffers w/ backend
|
|
|
|
|
* [multiple] better packing of struct chunk
|
|
|
|
|
* [core] perf: inline buffer_append_string_buffer()
|
|
|
|
|
* [core] slightly simpler flag append to string
|
|
|
|
|
* [mod_cgi] perf: reuse buffers for creating CGI env
|
|
|
|
|
* [mod_fastcgi,mod_scgi] perf: env accumulation
|
|
|
|
|
* [core] Don't call RAND_cleanup with OpenSSL 1.1.x
|
|
|
|
|
* [mod_openssl] move SSL_shutdown() to separate func
|
|
|
|
|
* [mod_openssl] SSL_read before second SSL_shutdown
|
|
|
|
|
* [mod_cgi] perf: use stat_cache for cgi handler
|
|
|
|
|
* [mod_openssl] prefer using TLS_server_method()
|
|
|
|
|
* [mod_webdav] return 403 if file should exist
|
|
|
|
|
* [core] perf: chunkqueue buffers already sized up
|
|
|
|
|
* [core] perf: simpler buffer_string_space()
|
|
|
|
|
* [multiple] dynamic handlers hint backend header sz
|
|
|
|
|
* [core] use chunk_buf_sz instead of hard-coded num
|
|
|
|
|
* [multiple] perf: simplify chunkqueue_get_memory()
|
|
|
|
|
* [mod_wstunnel] perf: reuse large buffers
|
|
|
|
|
* [mod_cgi] perf: cache getenv() results at start up
|
|
|
|
|
* [core] fix 301 -> 302 overwrite with Location (fixes #2918)
|
|
|
|
|
* [core] fix setting of headers previously reset (fixes #2919)
|
|
|
|
|
* [mod_webdav] quiet coverity false positive
|
|
|
|
|
* [core] server.compat-module-load = "disable"
|
|
|
|
|
* [core] server.chunkqueue-chunk-sz = 4096
|
|
|
|
|
* [core] perf: simpler buffer_string_space() (fixed)
|
|
|
|
|
* [core] perf: faster HTTP pipelined requests
|
|
|
|
|
* [core] perf: simpler buffer_string_space() (tests)
|
|
|
|
|
* [mod_cgi] reset reused buffer on internal redir
|
|
|
|
|
* [core] clear chunk buffer upon release
|
|
|
|
|
* [mod_fastcgi] minor: copy packet without padding
|
|
|
|
|
* [mod_redirect,mod_rewrite] use server_name
|
|
|
|
|
* [mod_fastcgi] transfer chunks minus packet padding
|
|
|
|
|
* [core] separate func to reset FILE_CHUNK
|
|
|
|
|
* [core] perf: simple, quick buffer_clear()
|
|
|
|
|
* [core] perf: small improvement to encoding CGI var
|
|
|
|
|
* [core] perf: small improvement buffer_string_space
|
|
|
|
|
* [core] simpler physical path concatenation
|
|
|
|
|
* [mod_webdav] fix LOCK on incorrect URI path
|
|
|
|
|
* [mod_webdav] one fewer buffer copy for COPY,MOVE
|
|
|
|
|
* [core] perf: simplify buffer_move()
|
|
|
|
|
* [mod_cml] parse query string without modifying it
|
|
|
|
|
* [core] perf: buffer optimizations
|
|
|
|
|
* [mod_wstunnel] use buffer_string_length()
|
|
|
|
|
* [core] perf: inline buffer_copy_buffer()
|
|
|
|
|
* [core] cygwin helper func for getcwd
|
|
|
|
|
* [core] cygwin sample to run lighttpd under NSSM
|
|
|
|
|
* [core] limit con->uri.authority < 1024 octets
|
|
|
|
|
* [mod_webdav] separate func for each request method
|
|
|
|
|
* [core] reject decoded url-path without leading '/'
|
|
|
|
|
* [multiple] validate UTF-8 in url-decoded paths
|
|
|
|
|
* [mod_proxy] silence coverity false positive
|
|
|
|
|
* [core] fix typo
|
|
|
|
|
* [core] buffer_append_path_len()
|
|
|
|
|
* [core] quiet indexfile warning if mod not loaded
|
|
|
|
|
|
|
|
|
|
- 1.4.51 - 2018-10-14
|
|
|
|
|
* [core] split parsing header line into separate function
|
|
|
|
|
* [core] explicitly return 0 instead of constant result
|
|
|
|
|
* [core] header parsing: use goto for error handling
|
|
|
|
|
* [core,security] process headers after combining folded headers
|
|
|
|
|
* [core] replace folding whitespace with a single space
|
|
|
|
|
* [buffer] fix duplicate assert and comment
|
|
|
|
|
* [core] redo HTTP header line folding
|
|
|
|
|
* [core] parse header line strings before copying
|
|
|
|
|
* [core] abstraction to insert/modify response hdrs
|
|
|
|
|
* [core] code reuse with array_insert_key_value()
|
|
|
|
|
* [core] simplify parsing hdr key whitespace then :
|
|
|
|
|
* [core] http_request_parse_reqline() separate func
|
|
|
|
|
* [core] abstraction layer for HTTP header manip
|
|
|
|
|
* [core] code reuse with http_response_body_clear()
|
|
|
|
|
* [mod_proxy] fix proxy.forwarded and proxy.replace-http-host (fixes #2902)
|
|
|
|
|
* [mod_rewrite] fix url.rewrite-repeat and url.rewrite-if-not-file (fixes #2908)
|
|
|
|
|
* [core] fastcgi.h link to Open Market License (OML) (fixes #2901)
|
|
|
|
|
* [mod_proxy,mod_wstunnel] copy full plugin_config (fixes #2903)
|
|
|
|
|
* [mod_fastcgi,mod_scgi] error on oversized request (fixes #2905)
|
|
|
|
|
* [mod_auth] send 401 for mismatch HTTP auth scheme (fixes #2906)
|
|
|
|
|
* [core] code reuse array_match_*() routines
|
|
|
|
|
* [mod_skeleton] review and simplify
|
|
|
|
|
* [multiple] code reuse: employ array_match_*()
|
|
|
|
|
* [doc] lighttpd.service uses network-online.target
|
|
|
|
|
* [mod_flv_streaming] code simplifications
|
|
|
|
|
* [mod_authn_pam] mod_auth PAM support (fixes #688)
|
|
|
|
|
* [mod_sockproxy] add to build
|
|
|
|
|
* [core] fix include_shell on inline shell commands (fixes #2910)
|
|
|
|
|
* [multiple] code reuse: using array_*() funcs
|
|
|
|
|
* [tests] t/test_array.c
|
|
|
|
|
* [core] array_get_int_ptr()
|
|
|
|
|
* [core] more memory-efficient fn table for data_*
|
|
|
|
|
* [tests] #undef NDEBUG before assert.h in t/test_*
|
|
|
|
|
* [core] inline status_counter routines
|
|
|
|
|
* [core] log_failed_assert() __attribute__((cold))
|
|
|
|
|
* [core] http_status_append()
|
|
|
|
|
* [core] http_method_append()
|
|
|
|
|
* [core] prefer buffer_append_string_len()
|
|
|
|
|
* [build] fix SCons build for mod_authn_pam
|
|
|
|
|
* [mod_userdir] security: skip username "." and ".."
|
|
|
|
|
* [mod_deflate] null-check to quiet coverity warning
|
|
|
|
|
* [core] quiet coverity false positive
|
|
|
|
|
* [multiple] quiet compiler warnings --without-pcre
|
|
|
|
|
* [mod_secdownload] support if HMAC() is a macro
|
|
|
|
|
* [TLS] sys-crypto.h abstraction
|
|
|
|
|
* [TLS] sys-crypto.h abstraction
|
|
|
|
|
* [build] put request.c in common src
|
|
|
|
|
* [meson] build fixes for libmariadb and libsasl2
|
|
|
|
|
* [core] PATH_INFO calculation when basedir is "/" (fixes #2911)
|
|
|
|
|
* [core] better consistency in buffer_is_equal*()
|
|
|
|
|
* [core] fix missing param from prev commit
|
|
|
|
|
* [mod_openssl] no renegotiation in TLS 1.3 (fixes #2912)
|
|
|
|
|
* [core] reject Transfer-Encoding from proxy (#2913)
|
|
|
|
|
* [mod_auth] use SHA1_Init,Update,Final
|
|
|
|
|
* [mod_openssl] add support for wolfSSL
|
|
|
|
|
* [build] automake support for wolfSSL
|
|
|
|
|
* [build] SCons support for wolfSSL
|
|
|
|
|
* [build] meson support for wolfSSL
|
|
|
|
|
* [build] CMake support for wolfSSL
|
|
|
|
|
* [core] perf: buffer.c internal inlines
|
|
|
|
|
* [mod_openssl] wolfSSL does not support SSLv2
|
|
|
|
|
* [core] perf: buffer_string_append_len()
|
|
|
|
|
* [core] permit server.error_handler to static file
|
|
|
|
|
|
|
|
|
|
- 1.4.50 - 2018-08-13
|
|
|
|
|
* [mod_extforward] allow explicit IPs to be untrusted (#2860)
|
|
|
|
|
* [core] fix crash if 'host' empty in config (fixes #2876)
|
|
|
|
|
* [mod_magnet] fix regression in lighty.stat (fixes #2877)
|
|
|
|
|
* [core] minor code cleanup in gw_recv_response()
|
|
|
|
|
* [core] fix rare race condition from backends (fixes #2878)
|
|
|
|
|
* [mod_proxy] fix segfault in Set-Cookie reverse map (fixes #2879)
|
|
|
|
|
* [core] fdevent_accept_listenfd() nonblock cloexec
|
|
|
|
|
* [build] remove m4 AC_PATH_PROG for PKG_CONFIG
|
|
|
|
|
* [core] some header cleanup
|
|
|
|
|
* [mod_wstunnel] better Sec-WebSocket-Protocol parse
|
|
|
|
|
* [mod_magnet] code reuse
|
|
|
|
|
* [mod_magnet] reduce buffer copies
|
|
|
|
|
* [mod_fastcgi,mod_scgi] fastcgi.balance,scgi.balance (fixes #2882)
|
|
|
|
|
* [core] check if SOCK_NONBLOCK is ignored (fixes #2883)
|
|
|
|
|
* [core] buffer_append_string_encoded_hex_lc()
|
|
|
|
|
* [core] more efficient hex2int()
|
|
|
|
|
* [mod_secdownload] compare bin MAC instead of hex
|
|
|
|
|
* [core] li_tohex_lc() explicitly uses lc hex chars
|
|
|
|
|
* [core] buffer_append_uint_hex_lc() uses lc hex
|
|
|
|
|
* [core] buffer_append_string_encoded() uc hex
|
|
|
|
|
* [tests] reduce test_base64 brute force tests
|
|
|
|
|
* [tests] remove test_buffer output, except on error
|
|
|
|
|
* [core] check for continuation in server.tag
|
|
|
|
|
* [core] CONNECT must be handled before fs hooks
|
|
|
|
|
* [mod_redirect, mod_rewrite] code reuse (sharing)
|
|
|
|
|
* [core] data_config_pcre_compile,exec()
|
|
|
|
|
* [tests] test_request unit tests
|
|
|
|
|
* [core] http_kv.[ch] method, status, version str
|
|
|
|
|
* [core] remove unused get_http_status_body_name()
|
|
|
|
|
* [core] remove proc_open.[ch], reduce stdio.h use
|
|
|
|
|
* [tests] move src/test_*.c to src/t/
|
|
|
|
|
* [core] server.http-parseopts URL normalization opt (fixes #1720)
|
|
|
|
|
* [core] inline some buffer.[ch] routines
|
|
|
|
|
* [core] remove some duplicative code in log.c
|
|
|
|
|
* [core] debug server.log-request-header-on-error
|
|
|
|
|
* [mod_redirect,mod_rewrite] short-circuit earlier
|
|
|
|
|
* [core] fix buffer_to_upper()
|
|
|
|
|
* [mod_cgi] handle CGI partial response header write
|
|
|
|
|
* [mod_redirect,mod_rewrite] pass request URI info
|
|
|
|
|
* [mod_redirect,mod_rewrite] encoding options (fixes #443, fixes #911)
|
|
|
|
|
* [mod_redirect,mod_rewrite] fix segfault w/ invalid syntax (fixes #2892)
|
|
|
|
|
* [mod_fastcgi] fix memleak with FastCGI auth,resp (fixes #2894)
|
|
|
|
|
* [mod_alias] security: potential path traversal with specific configs
|
|
|
|
|
* [mod_wstunnel] quiet 32-bit compiler warnings
|
|
|
|
|
* [core] POLLRDHUP handling for transparent proxying
|
|
|
|
|
* [mod_redirect,mod_rewrite] support up to 19 match
|
|
|
|
|
* [core] add missing includes to quiet compiler warn
|
|
|
|
|
* [mod_redirect,mod_rewrite] base64url encoding opt
|
|
|
|
|
* [mod_rewrite] require rewrite result to begin '/'
|
|
|
|
|
* [core] security: use-after-free invalid Range req
|
|
|
|
|
* [core] reset var if FAMMonitorDirectory() fails
|
|
|
|
|
* [core] option to propagate TCP FIN to backend host
|
|
|
|
|
* mod_sockproxy - socket forwarding
|
|
|
|
|
* [core] workaround Coverity cov-build bug with gcc7
|
|
|
|
|
* [build] add missing file for test_burl
|
|
|
|
|
* [core] quell insignificant coverity warning
|
|
|
|
|
* [core] extend server.http-parseopts
|
|
|
|
|
* [mod_alias] security: path traversal in mod_alias (in some use cases) (fixes #2898)
|
|
|
|
|
* [core] security: use-after-free after invalid Range request (fixes #2899)
|
|
|
|
|
|
|
|
|
|
- 1.4.49 - 2018-03-11
|
|
|
|
|
* [core] adjust offset if response header blank line
|
|
|
|
|
* [mod_accesslog] %{canonical,local,remote}p (fixes #2840)
|
|
|
|
|
* [core] support POLLRDHUP, where available (#2743)
|
|
|
|
|
* [mod_proxy] basic support for HTTP CONNECT method (#2060)
|
|
|
|
|
* [mod_deflate] fix deflate of file > 2MB w/o mmap
|
|
|
|
|
* [core] fix segfault if tempdirs fill up (fixes #2843)
|
|
|
|
|
* [mod_compress,mod_deflate] try mmap MAP_PRIVATE
|
|
|
|
|
* [core] discard from socket using recv MSG_TRUNC
|
|
|
|
|
* [core] report to stderr if errorlog path ENOENT (fixes #2847)
|
|
|
|
|
* [core] fix base64 decode when char is unsigned (fixes #2848)
|
|
|
|
|
* [mod_authn_ldap] fix mem leak when ldap auth fails (fixes #2849)
|
|
|
|
|
* [core] warn if mod_indexfile after dynamic handler
|
|
|
|
|
* [core] do not reparse request if async cb
|
|
|
|
|
* [core] non-blocking write() to piped loggers
|
|
|
|
|
* [mod_openssl] minor code cleanup; reduce var scope
|
|
|
|
|
* [mod_openssl] elliptic curve auto selection (fixes #2833)
|
|
|
|
|
* [core] check for path-info forward down path
|
|
|
|
|
* [mod_authn_ldap] auth with ldap referrals (fixes #2846)
|
|
|
|
|
* [core] code cleanup: separate physical path sub
|
|
|
|
|
* [core] merge redirect/rewrite pattern substitution
|
|
|
|
|
* [core] fix POST with chunked request body (fixes #2854)
|
|
|
|
|
* [core] remove unused func
|
|
|
|
|
* [doc] minor update to *outdated* doc
|
|
|
|
|
* [mod_wstunnel] fix for frames larger than 64k (fixes #2858)
|
|
|
|
|
* [core] fix 32-bit compile POST w/ chunked request body (#2854)
|
|
|
|
|
* [core] add include sys/poll.h on Solaris (fixes #2859)
|
|
|
|
|
* [core] fix path-info calculation in git master (fixes #2861)
|
|
|
|
|
* [core] pass array_get_element_klen() const array *
|
|
|
|
|
* [core] increase stat_cache abstraction
|
|
|
|
|
* [core] open additional fds O_CLOEXEC
|
|
|
|
|
* [core] fix CONNECT w strict header parsing enabled
|
|
|
|
|
* [mod_extforward] CIDR support for trusted proxies (fixes #2860)
|
|
|
|
|
* [core] re-enable overloaded backends w/ multi wkrs
|
|
|
|
|
* [autoconf] reduce minimum automake version to 1.13
|
|
|
|
|
* [mod_auth] constant time compare plain passwords
|
|
|
|
|
* [mod_auth] check that digest realm matches config
|
|
|
|
|
* [core] fix incorrect hash algorithm impl
|
|
|
|
|
|
|
|
|
|
- 1.4.48 - 2017-11-11
|
|
|
|
|
* [mod_webdav] fix crash if stat fails, not ENOENT
|
|
|
|
|
* [core] fix build --disable-ipv6 (fixes #2832)
|
|
|
|
|
* [scons] Merge branch 'personal/stbuehler/scons-cleanup'
|
|
|
|
|
* [autobuild] Merge branch 'personal/stbuehler/autobuild-cleanup'
|
|
|
|
|
* [meson] new build system
|
|
|
|
|
* [core] fix var.CWD (regression in 1.4.46) (fixes #2835)
|
|
|
|
|
* [core] fix implicit wildcard IPv4 and IPv6 listen
|
|
|
|
|
* [autobuild] remove obsolete warning about mmap use
|
|
|
|
|
* [core] isolate sock_addr manipulation
|
|
|
|
|
* [stat_cache] remove debug code littered in file
|
|
|
|
|
* [core] cleanup unused ifndef
|
|
|
|
|
* [core] cleanup: consolidate FAM code in stat_cache
|
|
|
|
|
* [core] consolidate backend network write handlers
|
|
|
|
|
* [autobuild] allow sendfile() in cross-compile (fixes #2836)
|
|
|
|
|
* [core] quiet pedantic cc warning for excess comma
|
|
|
|
|
* [core] isolate backend fdevent handler defs
|
|
|
|
|
* [mod_openssl] error if ssl.engine in wrong section (fixes #2837)
|
|
|
|
|
* [core] fix lighttpd -1 one-shot graceful shutdown
|
|
|
|
|
* [mod_cgi] quiet trace if mod_cgi sends SIGTERM (fixes #2838)
|
|
|
|
|
* [build] fix link of test_configfile.c
|
|
|
|
|
* [core] quiet coverity false positive
|
|
|
|
|
* [mod_openssl] more pedantic check of return values
|
|
|
|
|
* [mod_openssl] allow specifying server cert chain (fixes #2692)
|
|
|
|
|
* [mod_openssl] ssl.openssl.ssl-conf-cmd (fixes #2758)
|
|
|
|
|
* [doc] NEWS - fix improper format line breaks
|
|
|
|
|
* [mod_authn_ldap] replace use of deprecated funcs
|
|
|
|
|
* [mod_authn_sasl] SASL auth (new) (fixes #2275)
|
|
|
|
|
* [mod_openssl] quiet trace from TCP probes (#2784)
|
|
|
|
|
* [core] fix dup typedef compiler warning
|
|
|
|
|
* [scons] fix various python2/3 incompatibilities
|
|
|
|
|
* [doc] fix doc/config/conf.d/fastcgi.conf example
|
|
|
|
|
|
|
|
|
|
- 1.4.47 - 2017-10-22
|
|
|
|
|
* [mod_authn_gssapi] needs -lcom_err under Darwin
|
|
|
|
|
* [core] stricter validation of request-URI begin
|
|
|
|
|
* [core] fix 1.4.46 regression in config match (fixes #2830)
|
|
|
|
|
* [core] normalize config addrs for != match (#2830)
|
|
|
|
|
* [core] normalize config addrs for eq and ne (#2830)
|
|
|
|
|
* [doc] use https:// URLs to .lighttpd.net resources
|
|
|
|
|
* [core] fix 1.4.46 regression in Last-Modified
|
|
|
|
|
|
|
|
|
|
- 1.4.46 - 2017-10-21
|
|
|
|
|
* [TLS] mark code that uses -lcrypto but not -lssl
|
|
|
|
|
* remove redundant calls to end-of-request hooks
|
|
|
|
|
* [mod_mysql_vhost] remove dev debug code
|
|
|
|
|
* [core] con interface for read/write; isolate SSL
|
|
|
|
|
* [core] new plugin hooks to help isolate SSL
|
|
|
|
|
* [mod_openssl] new module (preliminary layout)
|
|
|
|
|
* [core] move network_open_file_chunk() to chunk.c
|
|
|
|
|
* [mod_openssl] move openssl code into mod_openssl
|
|
|
|
|
* [mod_openssl] move openssl config into mod_openssl
|
|
|
|
|
* [core] move connection_read_cq() to connections.c
|
|
|
|
|
* [mod_geoip] call from handle_request_env hook
|
|
|
|
|
* [build] only mod_openssl depends on -lssl
|
|
|
|
|
* [mod_auth] enable optional authz if extern authn (fixes #2481)
|
|
|
|
|
* [mod_openssl] allow ssl.verifyclient on url paths (fixes #2245)
|
|
|
|
|
* [core] do not emit req/response hdrs w/ blank val
|
|
|
|
|
* [mod_setenv] directives to overwrite/remove hdrs (fixes #650, fixes #2295)
|
|
|
|
|
* [mod_secdownload] new directives modify hash path (fixes #646, fixes #1904)
|
|
|
|
|
* [core] move con throttling to connections-glue.c
|
|
|
|
|
* [core] support Expect: 100-continue with HTTP/1.1 (fixes #377, #1017, #1953, #2438)
|
|
|
|
|
* [mod_openssl] use TLS SNI to set host-based certs
|
|
|
|
|
* [mod_ssi] send #exec cmd="..." output to temp file
|
|
|
|
|
* [mod_scgi] tests/mod-scgi.t unit tests
|
|
|
|
|
* [mod_auth] support LDAP groups for HTTP auth (fixes #1817)
|
|
|
|
|
* [core] use getaddrinfo,inet_pton vs gethostbyname (fixes #2783)
|
|
|
|
|
* [mod_auth] LDAP escape username in DN and filters
|
|
|
|
|
* mod_vhostdb* (dbi,mysql,pgsql,ldap) (fixes #485, fixes #1936, fixes #2297)
|
|
|
|
|
* [mod_auth] have LDAP template replace '?'
|
|
|
|
|
* apply debian/patches/spelling.patch
|
|
|
|
|
* [core] permit connection-level state in modules
|
|
|
|
|
* [TLS] include <openssl/opensslv.h> in rand.c
|
|
|
|
|
* [core] config match w/ arbitrary HTTP request hdrs (fixes #1556)
|
|
|
|
|
* [mod_flv_streaming] add end pos param (fixes #1887)
|
|
|
|
|
* [core] X-LIGHTTPD-KBytes-per-second from backends (fixes #954)
|
|
|
|
|
* [core] improve accuracy of bandwidth write limits
|
|
|
|
|
* [core] quicker graceful shutdown
|
|
|
|
|
* [tests] remove unused file depending on CGI.pm
|
|
|
|
|
* [doc] doc/initscripts.txt (fixes #2782)
|
|
|
|
|
* [core] check issetugid() early in main()
|
|
|
|
|
* [core] combine duplicated getrlimit, network_init
|
|
|
|
|
* [core] move interval timer near worker event loop
|
|
|
|
|
* [core] initialize globals at top of main()
|
|
|
|
|
* [core] graceful restart with SIGUSR1 (fixes #2785)
|
|
|
|
|
* [mod_authn_mysql] fix minor memleak at shutdown
|
|
|
|
|
* [mod_rrdtool] no error if loaded but no config
|
|
|
|
|
* [doc] SIGUSR1 doc and lighttpd-angel SIGUSR1
|
|
|
|
|
* [mime.conf] add text/markdown to utf-8 list, regenerate mime.conf
|
|
|
|
|
* [mod_cgi] RFC3875 CGI local-redir strict adherence (#2108)
|
|
|
|
|
* [mod_cgi] do not send "Status" back to client
|
|
|
|
|
* [core] add label for 308 Permanent Redirect
|
|
|
|
|
* [mod_openssl] inherit ssl.* from global scope
|
|
|
|
|
* [core] handle if backend sends Transfer-Encoding (#2786)
|
|
|
|
|
* [core] use kqueue in level-triggered mode (fixes #2788)
|
|
|
|
|
* [mod_fastcgi,mod_scgi] backend spawn EINTR retry (#2788)
|
|
|
|
|
* [core] config opt to intercept dynamic handler err (fixes #974)
|
|
|
|
|
* [core] set default server_tag in server.c
|
|
|
|
|
* [core] include lighttpd vers in server started msg
|
|
|
|
|
* [core] move version.h logic into server.c
|
|
|
|
|
* [core] issue trace if max-fds too large (fixes #2789)
|
|
|
|
|
* [mod_fastcgi,mod_scgi] consistent waitpid handling (fixes #2791)
|
|
|
|
|
* [mod_cgi] fix CGI local-redir w/ url.rewrite-once (fixes #2793)
|
|
|
|
|
* [mod_scgi] fix unused_procs bidirectional-links
|
|
|
|
|
* [mod_scgi] fix potential repeated use of proc->id
|
|
|
|
|
* [mod_fastcgi,mod_scgi] consolidate backend process accounting (#2788)
|
|
|
|
|
* [mod_cgi] status 200 OK if no hdrs (deprecated) (#2786)
|
|
|
|
|
* [core] fix regex condition subst w/ mod_extforward (fixes #2794)
|
|
|
|
|
* [tests] correct skip count for mod-scgi.t
|
|
|
|
|
* [mod_vhostdb_ldap] fix inverted logic (coverity)
|
|
|
|
|
* [mod_cgi] cgi.local-redir = [enable|disable] (#2108, #2793)
|
|
|
|
|
* [core] $REQUEST_HEADER[...] subsumes other config (#1556)
|
|
|
|
|
* [mod_usertrack] usertrack.cookie-attrs config opt (fixes #2795)
|
|
|
|
|
* [core] default server.max-fds=4096 if unspecified (#2789)
|
|
|
|
|
* update .gitignore, add .gitattributes
|
|
|
|
|
* [core] reduce con allocation for small max_conns
|
|
|
|
|
* [config] more specific checks for array lists
|
|
|
|
|
* [mod_authn_gssapi] needs -lcom_err under cygwin
|
|
|
|
|
* [mod_cgi,fastcgi,scgi,proxy] fix streaming response (fixes #2796)
|
|
|
|
|
* [mod_auth] Digest nonce on system with time <=1978
|
|
|
|
|
* [doc] simple-vhost.debug takes an integer value (fixes #2797)
|
|
|
|
|
* [core] fix crash if invalid config file (fixes #2798)
|
|
|
|
|
* [core] remove unused member con->in_joblist
|
|
|
|
|
* [mod_proxy] remove use of con->got_response
|
|
|
|
|
* [core] consolidate dynamic handler response parse
|
|
|
|
|
* [core] remove now-unused buffer_search_string_len
|
|
|
|
|
* [mod_cgi] eliminate warning when compiled -Os
|
|
|
|
|
* [mod_scgi] do not reconnect after connect succeeds
|
|
|
|
|
* [tests] reduce time waiting for backends to start
|
|
|
|
|
* [core] server.syslog-facility (fixes #2800)
|
|
|
|
|
* [core] server.syslog-facility (use -1 for unset) (#2800)
|
|
|
|
|
* [core] allow overriding prior config values (fixes #2799)
|
|
|
|
|
* [mod_proxy] set Content-Length, if available
|
|
|
|
|
* [mod_proxy] set X-Forwarded-Host (fixes #418)
|
|
|
|
|
* [core] remove redundant Content-Length digit check
|
|
|
|
|
* [core] remove some unused header includes
|
|
|
|
|
* [core] use con->dst_addr_buf instead of ip recalc
|
|
|
|
|
* [core] include "fdevent.h" where needed
|
|
|
|
|
* [core] make stat_cache private to stat_cache.c
|
|
|
|
|
* [core] collect ioctl FIONREAD code
|
|
|
|
|
* [core] include <netdb.h> where needed
|
|
|
|
|
* [core] report file path when mkstemp() fails (fixes #2802)
|
|
|
|
|
* [core] export http_request_host_policy() for reuse
|
|
|
|
|
* [mod_extforward] simplify header search
|
|
|
|
|
* [mod_extforward] consolidate ipstr_to_sockaddr()
|
|
|
|
|
* [mod_extforward] upd scheme after ipstr validated
|
|
|
|
|
* [mod_extforward] rearrange code; prep Forwarded
|
|
|
|
|
* [mod_extforward] support Forwarded HTTP Extension (#2703)
|
|
|
|
|
* [mod_proxy] support Forwarded HTTP Extension (fixes #2703)
|
|
|
|
|
* [core] inet_pton(), inet_ntop() on (sock_addr *)
|
|
|
|
|
* [core] save connection-level proto in con->proto
|
|
|
|
|
* [mod_extforward] support HAProxy "PROXY" protocol (fixes #2804)
|
|
|
|
|
* [mod_extforward] fix typos in Forwarded handling
|
|
|
|
|
* [core] fix stat_cache initialization error
|
|
|
|
|
* [core] perf: stat_cache_mimetype_by_ext()
|
|
|
|
|
* [core] inet_ntop_cache now 4-element cache
|
|
|
|
|
* [mod_openssl] free local_send_buffer at exit
|
|
|
|
|
* [core] extend mimetype search w/o leading '.'
|
|
|
|
|
* [core] no SOCK_CLOEXEC on Linux kernel < 2.6.27
|
|
|
|
|
* [core] inline simple buffer is empty checks
|
|
|
|
|
* [core] buffer_substr_replace()
|
|
|
|
|
* [core] sys-strings.h abstraction for strings.h
|
|
|
|
|
* [mod_proxy] fix backslash escaping
|
|
|
|
|
* [core] omit default port from normalized host str
|
|
|
|
|
* [core] fix build issue without ipv6 support
|
|
|
|
|
* [core] permit strings and integers in config array
|
|
|
|
|
* [mod_accesslog] flag high precision ts for %T (fixes #2807)
|
|
|
|
|
* [core] permit strings,ints,arrays in config array
|
|
|
|
|
* [core] calloc plugin_config for consistent init
|
|
|
|
|
* [mod_proxy] simple host/url mapping in headers (fixes #152)
|
|
|
|
|
* [mod_uploadprogress] handle query str progress ID (fixes #2808)
|
|
|
|
|
* [mod_fastcgi] consolidate backend read code
|
|
|
|
|
* [mod_proxy,mod_scgi] fix truncated error trace
|
|
|
|
|
* [core] skip socket shutdown() if con->fd negative
|
|
|
|
|
* [core] act as transparent proxy after con Upgrade
|
|
|
|
|
* [core] remove redundant resets of fde_ndx
|
|
|
|
|
* [core] configparser: fix resource handling in error cases (fixes #2809)
|
|
|
|
|
* [core] fix crash for invalid syntax in config file (fixes #2810)
|
|
|
|
|
* [core] prep mod transitions to transparent proxy
|
|
|
|
|
* [mod_proxy] basic support for Upgrade: websocket (fixes #2811)
|
|
|
|
|
* [mod_extforward] compile on OSX
|
|
|
|
|
* [core] set server.max-keep-alive-requests = 100 (fixes #2205)
|
|
|
|
|
* [core] perf: skip redundant strlen() if len known
|
|
|
|
|
* [core] optional condition in config "else" clause (fixes #1268)
|
|
|
|
|
* [mod_cgi] basic support for Upgrade: websocket
|
|
|
|
|
* [core] buffer to disk streaming to slow backends
|
|
|
|
|
* [core] silence compiler warnings if !HAVE_FORK
|
|
|
|
|
* [build] -Werror if --enable-extra-warnings=error
|
|
|
|
|
* [build] autotools use AC_PROG_CC_STDC macro
|
|
|
|
|
* [mod_openssl] ssl.ca-crl-file for CRL (fixes #2319)
|
|
|
|
|
* [mod_openssl] ssl.ca-dn-file (fixes #2694)
|
|
|
|
|
* [mod_proxy] fix typo identified by coverity
|
|
|
|
|
* [mod_openssl] ignore client verification error if not enforced
|
|
|
|
|
* [mod_openssl] fix compile with openssl 1.1.0
|
|
|
|
|
* [mod_extforward] quiet clang compiler warning
|
|
|
|
|
* [mod_dirlisting] sort "../" to top of names
|
|
|
|
|
* [mod_openssl] safer_X509_NAME_oneline() (fixes #2693)
|
|
|
|
|
* [core] allow earlier plugin init for SSL/TLS
|
|
|
|
|
* [mod_openssl] adjust use of ssl.ca-dn-file
|
|
|
|
|
* [core] fix compiler warnings on Mac OS X
|
|
|
|
|
* [core] server.socket-perms to set perms on unix (fixes #656)
|
|
|
|
|
* [core] get port from sock_addr if AF_INET,AF_INET6
|
|
|
|
|
* [core] server.error_handler_404 X-Sendfile ENOENT (#2474)
|
|
|
|
|
* [core] consolidate fork()/execve() code (#1393)
|
|
|
|
|
* [core] mv log_error_{open,cycle.close} to server.c
|
|
|
|
|
* [core] rename fd_close_on_exec()
|
|
|
|
|
* [core] remove unused includes of stat_cache.h
|
|
|
|
|
* [core] add missing include of stdlib.h
|
|
|
|
|
* [core] reduce exposure of unistd.h, other includes
|
|
|
|
|
* [core] sock_addr_from_str_hints reusable name res
|
|
|
|
|
* [core] continue collecting use of netdb.h
|
|
|
|
|
* [core] continue collecting use of netdb.h
|
|
|
|
|
* [core] continue collecting use of netdb.h
|
|
|
|
|
* [core] fdevent_connect_status() shared code
|
|
|
|
|
* [core] add const to reduce .data segment size
|
|
|
|
|
* [mod_proxy] move data_fastcgi into mod_proxy.c
|
|
|
|
|
* [mod_proxy] store address family at config time
|
|
|
|
|
* [mod_fastcgi] slightly simplify counters
|
|
|
|
|
* [mod_fastcgi] consolidate connect() error handling
|
|
|
|
|
* [mod_fastcgi] set request_id in fcgi_create_env()
|
|
|
|
|
* [mod_fastcgi] move delayed connect() into switch()
|
|
|
|
|
* [mod_fastcgi,mod_scgi] consistent connect() error
|
|
|
|
|
* [mod_scgi] remove unused parse_response member
|
|
|
|
|
* [mod_fastcgi,mod_scgi] struct member consistency
|
|
|
|
|
* [mod_fastcgi,mod_scgi] parse bin_path at startup
|
|
|
|
|
* [mod_fastcgi,mod_scgi] use temp buffer for cgi_env
|
|
|
|
|
* [core] shared code for socket backends
|
|
|
|
|
* [core] spread load on socket backend procs
|
|
|
|
|
* [core] store sockaddr for socket backend procs
|
|
|
|
|
* [core] resolve DNS at startup for socket backends
|
|
|
|
|
* [core] adaptive spawning for socket backend procs (fixes #1162)
|
|
|
|
|
* quell compiler warnings for -Wimplicit-fallthrough
|
|
|
|
|
* [doc] update README
|
|
|
|
|
* [core] fdevent_cycle_logger()
|
|
|
|
|
* [core] reap lighttpd worker pids precisely
|
|
|
|
|
* [core] restart piped loggers if they exit (fixes #1393)
|
|
|
|
|
* [mod_webdav] PROPFIND getetag attr must match GET
|
|
|
|
|
* [core] consistent behavior w/ and w/o SA_SIGINFO
|
|
|
|
|
* [core] do not remove pid-file in test mode
|
|
|
|
|
* [core] add public domain SHA1() if no crypto
|
|
|
|
|
* [mod_wstunnel] websocket tunnel to other protocol
|
|
|
|
|
* [core] forward SIGHUP only to lighttpd workers
|
|
|
|
|
* [mod_dirlisting] treat README and HEADER as paths (fixes #2818)
|
|
|
|
|
* [core] set one-shot mode fd O_NONBLOCK, FD_CLOEXEC
|
|
|
|
|
* [core] remove fdevent fcntl_set hook
|
|
|
|
|
* [mod_extforward] typo in comment
|
|
|
|
|
* [mod_cgi] add missing #include
|
|
|
|
|
* [core] fix invalid sizeof() identified by coverity
|
|
|
|
|
* [core] add missing #include
|
|
|
|
|
* [core] base_decls.h to quiet compiler warnings
|
|
|
|
|
* [core] set socket perms after bind, before listen
|
|
|
|
|
* [core] warn if backend server config contains '_'
|
|
|
|
|
* [mod_extforward] PROXY proto and SSL_CLIENT_VERIFY
|
|
|
|
|
* [core] workaround for AIX mmap define
|
|
|
|
|
* [mod_accesslog] flush access logs every 4 seconds
|
|
|
|
|
* [mod_cgi] fix bug to properly exec interpreter
|
|
|
|
|
* [mod_fastcgi] fix return when streaming min buffer
|
|
|
|
|
* [core] attempt to quiet coverity false positives
|
|
|
|
|
* [core] attempt to quiet coverity false positives
|
|
|
|
|
* [core] attempt to quiet compiler warning in LEDE
|
|
|
|
|
* [core] SIGCHLD handle_waitpid hook for modules
|
|
|
|
|
* [mod_rrdtool] handle_trigger returns HANDLER_GO_ON
|
|
|
|
|
* [mod_openssl] ssl.read-ahead="disable" for stream
|
|
|
|
|
* [mod_cgi] add FDEVENT_IN upon CGI exit
|
|
|
|
|
* [mod_cgi] omit cgi_handle_fdevent after proc exit
|
|
|
|
|
* [mod_webdav] check HAVE_UUID for -luuid
|
|
|
|
|
* [core] adjust li_rand_pseudo* interfaces
|
|
|
|
|
* [mod_wstunnel] fix config parsing bug
|
|
|
|
|
* [core] fdevent setsockopt() helper functions
|
|
|
|
|
* [core] make strftime_cache_get() 16-element cache
|
|
|
|
|
* [core] disable Nagle if streaming to backend
|
|
|
|
|
* [core] fix triggered assert on HTTP chunked input (fixes #2822)
|
|
|
|
|
* [mod_wstunnel] fix NULL ptr deref
|
|
|
|
|
* [algo_sha1] fix compile break and warnings
|
|
|
|
|
* [lemon] fix gcc implicit-fallthrough warning
|
|
|
|
|
* [core] URI scheme is case-insensitive
|
|
|
|
|
* [network] do not append port to unix socket paths
|
|
|
|
|
* [unittests] consolidate base64 test code
|
|
|
|
|
* [core] use sun_path for addr string for AF_UNIX (fixes #2826)
|
|
|
|
|
* [core] cleaner code; remove goto from network.c
|
|
|
|
|
* [core] /dev/stdin listener for inetd wait yes
|
|
|
|
|
* [core] compare listen addrs after DNS resolution
|
|
|
|
|
* [core] inline chunkqueue_is_empty()
|
|
|
|
|
* [core] limit use of TCP_CORK
|
|
|
|
|
* [core] return from http_response_read if small rd
|
|
|
|
|
* [core] gateways might Upgrade con before body read
|
|
|
|
|
* [mod_wstunnel] set Sec-WebSocket-Protocol if bin
|
|
|
|
|
* [mod_wstunnel] remove invalid appended '\0'
|
|
|
|
|
* [core] quiet coverity warning
|
|
|
|
|
* [core] handle fds pending close after poll timeout (fixes #2827)
|
|
|
|
|
* [core] fix $REQUEST_HEADER[...] parsing in config (#1556)
|
|
|
|
|
* [mod_dirlisting] custom js date parse func (fixes #2823)
|
|
|
|
|
* [core] remove fd interest if create_env returns
|
|
|
|
|
* [mod_openssl] copy data for larger SSL packets
|
|
|
|
|
* [mod_openssl] remove erroneous SSL_set_shutdown()
|
|
|
|
|
* [core] permit LF to end lines if !header-strict
|
|
|
|
|
* [core] add back REQUEST_SCHEME for backends
|
|
|
|
|
* [core] remove fdevent_sched_run from fdevent_libev (#2827)
|
|
|
|
|
* [mod_openssl] ssl.read-ahead="disable" by default
|
|
|
|
|
* [core] adjust parser for valid variable expansion
|
|
|
|
|
* [cmake] handle WITH_WEBDAV_LOCKS option
|
|
|
|
|
* [cmake] fix attr header detection and linking
|
|
|
|
|
* [cmake] link mod_cml with memcached
|
|
|
|
|
* [core] reproducible build: hide __DATE__ __TIME__ (fixes #2828)
|
|
|
|
|
* [core] perf: more efficient fdevent_sched_run()
|
|
|
|
|
* [core] translate DNS to IP str for cond socket cmp
|
|
|
|
|
|
|
|
|
|
- 1.4.45 - 2017-01-14
|
|
|
|
|
* [mod_cgi] skip local-redir handling if to self (fixes #2779, #2108)
|
|
|
|
|
* [mod_webdav] fix crash when plugin_ctx cleaned up (fixes #2780)
|
|
|
|
|
* [mod_fastcgi] detect child exit, restart proactively
|
|
|
|
|
* [mod_scgi] detect child exit, restart proactively
|
|
|
|
|
* [TLS] ssl.read-ahead = "disable" for low mem (fixes #2778)
|
|
|
|
|
|
|
|
|
|
- 1.4.44 - 2016-12-24
|
|
|
|
|
* [mod_scgi] fix segfault (fixes #2762)
|
|
|
|
|
* [mod_authn_gssapi] fix memory leak
|
|
|
|
|
* [config] warn if mod_authn_ldap,mysql not listed
|
|
|
|
|
* [mod_magnet] fix magnet_cgi_set() set of env vars (fixes #2763)
|
|
|
|
|
* [mod_cgi] FreeBSD 9.3/MacOSX does not have pipe2() (fixes #2765)
|
|
|
|
|
* [mod_extforward] fix crash on invalid IP (fixes #2766)
|
|
|
|
|
* [mod_fastcgi] fix segfault if all backends down (fixes #2768)
|
|
|
|
|
* [mod_cgi] fix out of sockets error for POST to CGI (fixes #2771)
|
|
|
|
|
* [mod_auth] compile fix for Mac OS X XCode (fixes #2772)
|
|
|
|
|
* [mod_authn_gssapi] better resource cleanup
|
|
|
|
|
* [core] compile fix for Mac OS X 10.6 (old) (fixes #2773)
|
|
|
|
|
* fix race in dynamic handler configs (reentrancy) (fixes #2774)
|
|
|
|
|
* [mod_authn_mysql] close mysql_conn in cleanup
|
|
|
|
|
* [mod_webdav] compile fix when locking not enabled
|
|
|
|
|
* load mod_auth & mod_authn_file in sample/test.conf
|
|
|
|
|
* comment out auth.backend.ldap.* in tests/*.conf
|
|
|
|
|
* [mod_fastcgi,mod_scgi] warn if invalid "bin-path"
|
|
|
|
|
* RAND_pseudo_bytes() is deprecated in openssl 1.1.0
|
|
|
|
|
* openssl 1.1.0 init and cleanup
|
|
|
|
|
* [mod_cgi] remove direct calls to network_backend*
|
|
|
|
|
* [build] build network_*.c into lighttpd executable
|
|
|
|
|
* suggest inclusion of mod_geoip... before mod_ssi.
|
|
|
|
|
* set systemd settings similar to lighttpd2
|
|
|
|
|
* [doc] remove reference to Linux rt-signals
|
|
|
|
|
* [mod_authn_gssapi] fix missing error ret, coverity
|
|
|
|
|
* [core] rename li_rand() to li_rand_pseudo_bytes()
|
|
|
|
|
* remove #include "stream.h" where not used
|
|
|
|
|
* [mod_cml] include lua headers before base.h
|
|
|
|
|
* [core] combine duplicated connection reset code
|
|
|
|
|
* [mod_ssi] produce content in subrequest hook
|
|
|
|
|
* [core] remove srv->entropy[]
|
|
|
|
|
* [core] defer li_rand_init() until first use
|
|
|
|
|
* [core] permit connection-level state in modules
|
|
|
|
|
* [mod_dirlisting] render dirlisting as HTML (fixes #2767)
|
|
|
|
|
* [mod_proxy] replace HTTP Host sent to backend (fixes #2770)
|
|
|
|
|
* [mod_ssi] basic recursive SSI include virtual (fixes #536)
|
|
|
|
|
* [mod_ssi] implement, ignore <!--#comment ... -->
|
|
|
|
|
* [core] consolidate duplicated read-to-close code
|
|
|
|
|
* [core] fix segfault when parsing a bad config file
|
|
|
|
|
* [core] support Transfer-Encoding: chunked req body (fixes #2156)
|
|
|
|
|
* [autobuild] set NO_RDYNAMIC=yes for midipix
|
|
|
|
|
* [mod_proxy] proxy.balance = "sticky" option (fixes #2117)
|
|
|
|
|
* [mod_secdownload] warn if SHA used w/o SSL crypto
|
|
|
|
|
* [build] compile fixes for AIX
|
|
|
|
|
* [build] check for pipe2() at configure time
|
|
|
|
|
* [mod_evhost] fix an incorrect error trace
|
|
|
|
|
* [tests] mark tests/docroot/www/*.pl scripts a+x
|
|
|
|
|
* [mod_cgi] fall back to pipe() if pipe2() fails
|
|
|
|
|
* fix SCons fullstatic build with glibc pthreads
|
|
|
|
|
* [TLS] openssl 1.1.0 makes SSL_OP_NO_SSLv2 no-op
|
|
|
|
|
|
|
|
|
|
- 1.4.43 - 2016-10-31
|
|
|
|
|
* [autobuild] remove mod_authn_gssapi dep on resolv
|
|
|
|
|
* [mod_deflate] ignore '*' in deflate.mimetypes
|
|
|
|
|
* [autobuild] omit module stubs when missing deps
|
|
|
|
|
* [TLS] openssl 1.1.0 hides struct bignum_st
|
|
|
|
|
* [autobuild] move http_cgi_ssl_env() for Mac OS X (fixes #2757)
|
|
|
|
|
* [core] use paccept() on NetBSD (replace accept4())
|
|
|
|
|
* [TLS] remote IP conditions are valid for TLS SNI (fixes #2272)
|
|
|
|
|
* [doc] lighttpd-angel.8 (fixes #2254)
|
|
|
|
|
* [cmake] build fcgi-auth, fcgi-responder for tests
|
|
|
|
|
* [mod_accesslog] %{ratio}n logs compression ratio (fixes #2133)
|
|
|
|
|
* [mod_deflate] skip deflate if loadavg too high (fixes #1505)
|
|
|
|
|
* [mod_expire] expire by mimetype (fixes #423)
|
|
|
|
|
* [mod_evhost] partial matching patterns (fixes #1194)
|
|
|
|
|
* build: use CC_FOR_BUILD for lemon when cross-compiling
|
|
|
|
|
* [mod_dirlisting] config header and readme files
|
|
|
|
|
* [config] warn if mod_authn_ldap,mysql not listed
|
|
|
|
|
* fix FastCGI, SCGI, proxy reconnect on failure
|
|
|
|
|
* [core] network_open_file_chunk() temp file opt
|
|
|
|
|
* [mod_rewrite] add more info in error log msg
|
|
|
|
|
* [core] fix fd leak when using libev (fixes #2761)
|
|
|
|
|
* [core] fix potential streaming tempfile corruption (fixes #2760)
|
|
|
|
|
* [mod_scgi] fix prefix matching to always match url
|
|
|
|
|
* [autobuild] adjust Makefile.am for FreeBSD
|
|
|
|
|
* [build] move some build scripts to scripts/
|
|
|
|
|
* [autotools] fix configure.ac for opensuse 13.2
|
|
|
|
|
|
|
|
|
|
- 1.4.42 - 2016-10-16
|
|
|
|
|
* [TLS] SSL_shutdown() only if handshake finished
|
|
|
|
|
* [mod_proxy,mod_scgi] shutdown remote only if local (#2743)
|
|
|
|
|
* [core] check if client half-closed TCP if POLLHUP (#2743)
|
|
|
|
|
* [core] enforce wait for POLLWR after EINPROGRESS (fixes #2744)
|
|
|
|
|
* [core] do not enter handler twice after read body
|
|
|
|
|
* [core] proxy,scgi omit shutdown() to backend (fixes #2743)
|
|
|
|
|
* [mod_dirlisting] dirlist does not handle POST
|
|
|
|
|
* [mod_dirlisting] js column sort for dirlist table (fixes #613, fixes #2315)
|
|
|
|
|
* [mod_auth] Digest auth fails after rewrite (fixes #2745)
|
|
|
|
|
* [mod_auth] refactor out auth backend code
|
|
|
|
|
* [mod_auth] extensible interface for auth backends
|
|
|
|
|
* [core] better DragonFlyBSD support (fixes #2746)
|
|
|
|
|
* [mod_auth] include base.h for USE_OPENSSL def
|
|
|
|
|
* [mod_auth] support CRYPT-MD5-NTLM algorithm (fixes #1743)
|
|
|
|
|
* [mod_auth] terminate salt for CRYPT-MD5-NTLM
|
|
|
|
|
* [core] fix crash if ready events on abandoned fd (fixes #2748)
|
|
|
|
|
* [mod_auth] http_auth_md5_hex2bin()
|
|
|
|
|
* [mod_auth] remove empty mod_auth.h
|
|
|
|
|
* [mod_auth] mod_authn_mysql.c MySQL auth backend (fixes #752, fixes #1845)
|
|
|
|
|
* [mod_cgi] permit CGI exec of unreadable files (fixes #2374)
|
|
|
|
|
* [mod_uploadprogress] add to default build
|
|
|
|
|
* [mod_geoip] add to default build (fixes #2705, fixes #2101, fixes #2092, fixes #2025, fixes #1962, fixes #1938)
|
|
|
|
|
* [mod_fastcgi] Authorizer support with Responder (fixes #321, fixes #322)
|
|
|
|
|
* [tests] test coverage for issues (#321, #322)
|
|
|
|
|
* dynamic handlers store debug flag in handler_ctx
|
|
|
|
|
* [mod_fastcgi] allow authorizer, responder for same path/ext (#321)
|
|
|
|
|
* backport mod_deflate to lighttpd 1.4 (fixes #1824, fixes #2753)
|
|
|
|
|
* [autobuild] test_configfile might need vector.c (fixes #2752)
|
|
|
|
|
* [mod_deflate] fix longjmp clobber compiler warning
|
|
|
|
|
* remove unused array type TYPE_COUNT data_count
|
|
|
|
|
* [mod_auth] structured data, register auth schemes
|
|
|
|
|
* [mod_auth] mod_authn_gssapi Kerberos auth backend (fixes #1899)
|
|
|
|
|
* [autobuild] skip two new tests if no fcgi-auth
|
|
|
|
|
* [SCons] define with_krb5 for SCons build
|
|
|
|
|
* [SCons] fix syntax error in SConstruct
|
|
|
|
|
* [SCons] define with_geoip for SCons build
|
|
|
|
|
* [CMake] fix clang -Wcast-align warnings in lemon.c
|
|
|
|
|
* remove excess initializers (fix compiler warnings)
|
|
|
|
|
* fix errors detected by Coverity Scan
|
|
|
|
|
* performance: use Linux extended syscalls and flags
|
|
|
|
|
* [mod_scgi] add uwsgi protocol support
|
|
|
|
|
* [mod_auth] refactor LDAP code into smaller funcs
|
|
|
|
|
* [mod_auth] HTTP Basic auth backends also do authz (#1817)
|
|
|
|
|
* [mod_auth] ldap filter subst user for multiple '$' (fixes #1508)
|
|
|
|
|
* [mod_auth] permit specifying ldap DN; skip search (fixes #1248)
|
|
|
|
|
* [autobuild] update module/feature report
|
|
|
|
|
* [cmake] build mod_authn_gssapi if WITH_KRB5
|
|
|
|
|
* [mod_auth] fix printing of IP in error trace
|
|
|
|
|
* [mod_mysql_vhost] support multiple '?' replacement (fixes #2163)
|
|
|
|
|
* [core] make server.max-request-size scopeable (#1901)
|
|
|
|
|
* [core] server.max-request-field-size (fixes #2130)
|
|
|
|
|
* [core] optional condition in config "else" clause (fixes #1268)
|
|
|
|
|
* [core] restrict where config "else" clauses occur (#1268)
|
|
|
|
|
* silence warnings from clang ccc-analyzer
|
|
|
|
|
* consistent, shared code to create CGI env
|
|
|
|
|
* [TLS] replace env entries in https_add_ssl_entries
|
|
|
|
|
* [TLS] set SSL_CLIENT_M_SERIAL w/ client cert SN (fixes #2268)
|
|
|
|
|
* [TLS] set SSL_CLIENT_VERIFY w/ client cert (#1288, #2693)
|
|
|
|
|
* [TLS] set SSL_PROTOCOL, SSL_CIPHER* (fixes #2511)
|
|
|
|
|
* [core] rand.[ch] to use better RNGs when available
|
|
|
|
|
* [mod_cgi] fix pipe_cloexec() when no O_CLOEXEC
|
|
|
|
|
* ignore return value from fcntl() FD_CLOEXEC
|
|
|
|
|
* build w/o compiler warnings if no zlib or bz2lib
|
|
|
|
|
|
|
|
|
|
- 1.4.41 - 2016-07-31
|
|
|
|
|
* remove long-deprecated, non-functional config opts
|
|
|
|
|
* [config] inherit server.use-ipv6 and server.set-v6only (fixes #678)
|
|
|
|
|
* [mod_auth] fix Digest auth to be better than Basic (fixes #1844)
|
|
|
|
|
* [mod_ssi] fix #config sizefmt="bytes"
|
|
|
|
|
* [autobuild] move inet_pton detection later
|
|
|
|
|
* [core] #include <sys/filio.h> for FIONREAD (fixes #2726)
|
|
|
|
|
* [autobuild] clock_gettime() -lrt with glibc < 2.17
|
|
|
|
|
* [security] do not emit HTTP_PROXY to CGI env
|
|
|
|
|
* [build_cmake] clock_gettime() -lrt w/ glibc < 2.17 (fixes #2737)
|
|
|
|
|
* [core] avoid spurious trace and error abort
|
|
|
|
|
* [core] stay in CON_STATE_CLOSE until done with req
|
|
|
|
|
* [core] $HTTP["remoteip"] must handle IPv6 w/o []
|
|
|
|
|
* [mod_status] show keep-alive status w/ text output (fixes #2740)
|
|
|
|
|
* do not set REDIRECT_URI in mod_magnet, mod_rewrite (#2738)
|
|
|
|
|
* revert 1.4.40 swap of REQUEST_URI, REDIRECT_URI (fixes #2738)
|
|
|
|
|
* [core] permit IPv6 address scope identifier
|
|
|
|
|
* [TLS] better handling of SSL_ERROR_WANT_READ/WRITE
|
|
|
|
|
* [TLS] read all available records from SSL_read()
|
|
|
|
|
* [core] try AF_INET after AF_INET6 if use-ipv6
|
|
|
|
|
* [core] set chunkqueue tempdirs at startup
|
|
|
|
|
* [security] ensure gid != 0 if server.username set (fixes #2725)
|
|
|
|
|
* [security] disable stat_cache if !follow-symlink (fixes #2724)
|
|
|
|
|
* [core] fix buffer_copy_string_hex() assert (fixes #2742)
|
|
|
|
|
* [security] encode quoting chars in HTML and XML
|
|
|
|
|
* [cmake] always define _GNU_SOURCE
|
|
|
|
|
* [cmake] enable warnings for GCC and Clang
|
|
|
|
|
* [cmake] set cmake_minimum_required to 2.8.2
|
|
|
|
|
|
|
|
|
|
- 1.4.40 - 2016-07-16
|
|
|
|
|
* [mod_ssi] enhance support for ssi vars (thx fbrosson)
|
|
|
|
|
* add handling for lua 5.2 and 5.3 (fixes #2674)
|
|
|
|
|
* use libmemcached instead of deprecated libmemcache
|
|
|
|
|
* add force_assert for more allocation results
|
|
|
|
|
* [mod_cgi] use MAP_PRIVATE to mmap temporary file (fixes #2715)
|
|
|
|
|
* [core] do not send SIGHUP to process group unless server.max-workers is used (fixes #2711)
|
|
|
|
|
* [mod_cgi] edge case chdir "/" when docroot "/" (fixes #2460)
|
|
|
|
|
* [mod_cgi] issue trace and exit if execve() fails (closes #2302)
|
|
|
|
|
* [configparser] don't continue after parse error (fixes #2717)
|
|
|
|
|
* [core] never evaluate else branches until the previous branches are ready (fixes #2598)
|
|
|
|
|
* [core] fix conditional cache handling
|
|
|
|
|
* [core] improve conditional enabling (thx Gwenlliana, #2598)
|
|
|
|
|
* [mod_compress] case-insensitive content-codings (fixes #2645)
|
|
|
|
|
* [plugins] don't include dlfcn.h if not needed (fixes #2548)
|
|
|
|
|
* [mod_fastcgi] 404 for X-Sendfile file not found (fixes #2474)
|
|
|
|
|
* [mod_cgi] send 500 if CGI ends and there is no response (fixes #2542)
|
|
|
|
|
* [mod_cgi] consolidate CGI cleanup code
|
|
|
|
|
* [mod_cgi] simplify mod_cgi_handle_subrequest()
|
|
|
|
|
* [mod_cgi] kill CGI if fail to write request body
|
|
|
|
|
* [mod_proxy] use case-insensitive comparison to filter headers, send Connection: Close to backend (fixes #421)
|
|
|
|
|
* [mod_dirlisting] dir-listing.hide-dotfiles = "enabled" by default (fixes #1081)
|
|
|
|
|
* [mod_secdownload] fix buffer overflow in secdl_verify_mac (reported by Fortify Open Review Project)
|
|
|
|
|
* [mod_fastcgi,mod_scgi] fix leaking file-descriptor when backend spawning failed (reported by Fortify Open Review Project)
|
|
|
|
|
* [core] improve array API to prevent memory leaks
|
|
|
|
|
* [core] refactor array search; raise array size limit to SSIZE_MAX
|
|
|
|
|
* [core] fix memory leak in configparser_merge_data
|
|
|
|
|
* [core] provide array_extract_element and use it
|
|
|
|
|
* [core] configparser: error on duplicate keys in array merge (fixes #2685)
|
|
|
|
|
* [core] more careful parse of $SERVER["socket"] config str (prepare #2204)
|
|
|
|
|
* [core] accept $SERVER["socket"] without port, use server.port as fallback (fixes #2204)
|
|
|
|
|
* [mod_magnet] define lua_pushglobaltable (for lua5.1) and use it (fixes #2719)
|
|
|
|
|
* [ssl] support disabling ssl.verifyclient.activate in SNI callback (fixes #2531)
|
|
|
|
|
* restart (some) syscalls after SIGCHLD interrupted them; should fix LDAP problems (fixes #2464)
|
|
|
|
|
* [core] log remote address on request timeouts (fixes #652)
|
|
|
|
|
* [autobuild] use AC_CANONICAL_HOST instead of AC_CANONICAL_TARGET (fixes #1866)
|
|
|
|
|
* [core] fix request_start in keep-alive requests to mark time when received first byte (fixes #2412)
|
|
|
|
|
* [core] truncate pidfile on exit (fixes #2695)
|
|
|
|
|
* consistent inclusion of config.h at top of files (fixes #2073)
|
|
|
|
|
* [core] add generic vector implementation
|
|
|
|
|
* [core] replace array weakref with vector
|
|
|
|
|
* [base64] fix crash due to broken force_assert
|
|
|
|
|
* [unittests] add test_buffer and test_base64 unit tests
|
|
|
|
|
* [buffer] refactor buffer_path_simplify (fixes #2560)
|
|
|
|
|
* validate return values from strtol, strtoul (fixes #2564)
|
|
|
|
|
* [mod_ssi] Add SSI vars SCRIPT_{URI,URL} and REQUEST_SCHEME (fixes #2721)
|
|
|
|
|
* [config] warn if server.upload-dirs has non-existent dirs (fixes #2508)
|
|
|
|
|
* [mod_proxy] accept LF delimited headers, not just CRLF (fixes #2594)
|
|
|
|
|
* [core] wait for grandchild to be ready when daemonizing (fixes #2712, thx pasdVn)
|
|
|
|
|
* [core] respond 411 Length Required if request has Transfer-Encoding: chunked (fixes #631)
|
|
|
|
|
* [core] fixed the loading for default modules if they are specified explicitly
|
|
|
|
|
* [core] lighttpd -tt performs preflight startup checks (fixes #411)
|
|
|
|
|
* [stat] mimetype.xattr-name global config option (fixes #2631)
|
|
|
|
|
* [mod_webdav] allow Depth: Infinity lock on file (fixes #2296)
|
|
|
|
|
* [mod_status] use snprintf() instead of sprintf()
|
|
|
|
|
* pass buf size to li_tohex()
|
|
|
|
|
* use li_[iu]tostrn() instead of li_[iu]tostr()
|
|
|
|
|
* [stream] fstat() after open() to obtain file size
|
|
|
