Commit Graph

1518 Commits (01f9debec31c8696d324db3d1b6a092a4e853077)
 

Author SHA1 Message Date
Stefan Bühler 01f9debec3 Fix handling of empty header list entries in http_request_split_value, fixing invalid read in valgrind (fixes #2413)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2830 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler e697869e34 buffer_caseless_compare: always convert letters to lowercase to get transitive results, fixing array lookups (fixes #2405)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2828 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler f4c3a99eea Disable mmap by default (fixes #2391)
* if a user truncates a file we are mmapping, reading the truncated
  area leads to SIGBUS
* mod_cgi and mod_webdav still use mmap for reading the tmp files
  created for large request bodies.
  as no other user should have write access for those this isn't
  a (security) problem.

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2827 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler 33f1ec6d28 [mod_compress] fix handling if etags are disabled but cache-dir is set - may lead to double response
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2826 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler 35875cd515 [ssl] include more headers explicitly
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2825 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler 6f0752da38 list all network handlers in lighttpd -V (fixes #2376)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2824 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler 79bcfab083 Move fdevent subsystem includes to implementation files to reduce conflicts (fixes #2373)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2823 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler d194c09da9 [ssl] fix segfault in counting renegotiations for openssl versions without TLSEXT/SNI
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2822 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler 10e5fda664 [doc] add systemd/lighttpd.service to Makefiles, so it ends up in the tarball
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2821 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler beb6709b6c - next is 1.4.31
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2820 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler 13d0440ac5 [doc] add systemd lighttpd.service file
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2818 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler d83b009d54 [doc] fix ssl config exaple for ssl.cipher-list
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2817 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler 761bedd7fe [libev/cgi] fix waitpid ECHILD errors in cgi with libev (fixes #2324)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2816 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler 7bdb75fb47 [ssl] fix segfault on "ssl.honor-cipher-order" option while parsing the config
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2815 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler d964e49874 [ssl] document new options in config example
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2814 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler 38e3e4a65a [ssl] fix ssl connection aborts if files are larger than the MAX_WRITE_LIMIT (256kb)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2813 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler 456d7f4790 fix compile error when ssl is not enabled
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2812 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler b748fb890d [core] accept dots in ipv6 addresses in host header (fixes #2359)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2811 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler 0f96222e7e [ssl] add option to honor server cipher order, true by default (fixes #2364)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2810 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler 8c482a496d remove copy/paste remainings from previous commit
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2809 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler a94bdd07df [ssl] count renegotiations to prevent client renegotiations
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2808 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler 6c9dff7cda [mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2806 152afb58-edef-0310-8abb-c4023f1b3aa9
11 years ago
Stefan Bühler f15ee9becb Fix mod_status bug: always showed "0/0" in the "Read" column for uploads (fixes #2351)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2805 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler 3518ab60ed Don't overwrite 401 (auth required) with 501 (unknown method) (fixes #2341)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2804 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler e05f1b3eec Add static-file.disable-pathinfo option to prevent handling of urls like .../secret.php/image.jpg as static file
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2803 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler cbf1baacc9 [ssl] fix build errors when Elliptic-Curve Diffie-Hellman is disabled
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2802 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler f434d514ad Limit amount of bytes we send in one go; fixes stalling in one connection and timeouts on slow systems.
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2801 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler 59ebf3c818 fix some gcc warnings
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2800 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler 90dd8af32b Always use our 'own' md5 implementation, fixes linking issues on MacOS (fixes #2331)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2799 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler 34abcf7309 - next is 1.4.30
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2798 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler f0816d8db2 fdevent: add solaris eventports (fixes #2171)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2796 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler 960d34c7ea [doc] Move docs to outdated/ subdir and refer to wiki instead (fixes #2248)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2795 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler adc97e5ba3 [*cgi] Use physical base dir (alias, userdir) as DOCUMENT_ROOT in cgi environments (fixes #2216)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2794 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler 8cdf9cc767 [proc,include_shell] log error if exec shell fails (fixes #2280)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2793 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler c66d21bc2b [md5] fix md5 includes if openssl is not available (#2269)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2790 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler 55e1dc1825 [ssl/build] some minor fixes; fix compile without ssl, cleanup ssl config buffers
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2789 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler 328043caf3 [ssl/md5] prefix our own md5 implementation with li_ so it doesn't conflict with the openssl one (fixes #2269)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2788 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler bf0d57d505 two additional test cases for absolute http(s) uris in the request line
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2787 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler f610f894a3 ssl: Support for Diffie-Hellman and Elliptic-Curve Diffie-Hellman key exchange (fixes #2301, #2246, #2239)
- add ssl.use-sslv3
 - load all algorithms

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2780 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler 562a6ba83b [build] Fix detection of libev (fixes #2300)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2779 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler 33e30b486a mod_cgi: make read buffer as big as incoming data block
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2778 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler 1eef447d32 [tests] Add path traversal check with $HTTP['url']
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2777 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler abf07f3a02 [mod_proxy]: fix delayed connect
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2773 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler 955fd0d08f [mod_fastcgi]: remove unused var "last_used"
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2772 152afb58-edef-0310-8abb-c4023f1b3aa9
12 years ago
Stefan Bühler cf719ec5b8 Silence annoying "connection closed: poll() -> ERR" error.log message (fixes #2257)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2771 152afb58-edef-0310-8abb-c4023f1b3aa9
13 years ago
Stefan Bühler 74ce062f56 Fix mod_proxy waiting for response even if content-length is 0 (fixes #2259)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2770 152afb58-edef-0310-8abb-c4023f1b3aa9
13 years ago
Stefan Bühler 8d769fd0e2 - next is 1.4.29
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2769 152afb58-edef-0310-8abb-c4023f1b3aa9
13 years ago
Stefan Bühler 42ad681f66 Add ticket number in NEWS for segfault fix
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2767 152afb58-edef-0310-8abb-c4023f1b3aa9
13 years ago
Stefan Bühler 2b6f7069bc Fix buffer.h to include stdio.h as it is needer for SEGFAULT() (fixes #2250)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2766 152afb58-edef-0310-8abb-c4023f1b3aa9
13 years ago
Stefan Bühler 7e5b0fe9ab Rename fdevent_event_add to _set to reflect what the function does. Fix some handlers.
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2765 152afb58-edef-0310-8abb-c4023f1b3aa9
13 years ago