Lack of pipe2() on relic Unix as well as missing on Mac OSX is likely
one reason why threaded web servers such as nginx choose not to support
CGI except via an external service to the process. Without pipe2(),
race conditions exist and it is not safe for a threaded server to use
pipe() and fork() when the server also does not want to potentially leak
open file descriptors to various unrelated CGI scripts.
[mod_deflate] skip deflate if 1 min loadavg too high
deflate.max-loadavg = "3.50" # express value as string of float num
[mod_compress] skip compression if 1 min loadavg too high
compress.max-loadavg = "3.50" # express value as string of float num
Feature available on BSD-like systems which have getloadavg() in libc
Note: load average calculations are different on different operating
systems and different types of system loads, so there is no value that
can be recommended for one-size-fits-all.
"Enable mod_compress to abandon compression when load average is too high"
remove mod_authn_gssapi explicit dependency on -lresolv
This fixes build on FreeBSD when ./configure --with-krb5
(On systems that need libresolv, libkrb5 depends on libresolv)
Also remove obsolete hstrerror() references from build
module status: experimental; more testing and review needed
Kerberos library calls have been preserved from original patch set
and should be reviewed.
module has been quickly tested with Basic auth (Use over TLS!)
SPNEGO -has not- been tested. Again, kerberos library calls have
been preserved from original patch set. YMMV. (Use over TLS!)
"Kerberos/GSSAPI Delegation Support"
lots of fixes and improvements
limitations: see comments at top of mod_deflate.c
missing functionality: encode streaming response
(module currently requires response be collected before being sent)
potential functionality: addition of compressed file cache would
allow mod_deflate to fully supplant mod_compress in lighttpd 1.4.x
"Adding mod_deflate to 1.4.xx"
"mod_deflate backport compile error if ENABLE_MMAP not defined"
github: closes #67
create new, extensible interface for (additional) auth backends
attempt to handle HANDLER_WAIT_FOR_EVENT returned by auth backends
to allow for async auth backends (e.g. to mysql database)
separate auth backends from mod_auth and http_auth
mod_authn_file.c htdigest, htpasswd, plain auth backends
mod_authn_ldap.c ldap auth backend
add http_auth.c to common_sources for auth backend registration
(mod_authn_file could be three separate modules, but no need for now)
clock_gettime() needs -lrt with glibc < 2.17,
and possibly other platforms
This commit contains fixes for CMake and SCONS
See also commit:4d920466 which updated configure.ac for same
"1.4.40 compiling issuses on Debian Wheezy"
add instructions in INSTALL to build using CMake and Xcode on Mac OS X
along with MacPorts
update CMake to link test_configfile with pcre
"loadable-module naming on macosx + cmake"
allow double-quotes, single-quotes or no quote on SSI param values
remove use of PCRE from mod_ssi
fix misspelling of 'unknow' to be 'unknown'
"mod_ssi doesn't accept single quotes"
libressl defines SSL_OP_NO_SSLv2 and SSL_OP_NO_SSLv3 as 0x0
(thx Christian Heckendorf)
libressl matches ERR_remove_thread_state() signature from openssl 1.0.2
(libressl pretends that libressl is openssl version 2.0.0,
but openssl 1.1.0 changes signature of ERR_remove_thread_state())
libressl does not yet provide compatibility interfaces for the new
prototypes introduced in openssl 1.1.0, including
DH_set0_pqg() and DH_set_length()
remove OPENSSL_NO_KRB5 from build config (added in 5fab991b in 2005)
(define USE_OPENSSL_KERBEROS if required)
(Note: OPENSSL_NO_KRB5 removed in openssl 1.1.0)
The FreeBSD version of sendfile is already supported. Starting
with OS X 10.5, Darwin also supports sendfile, but using a
slightly different argument list even though much of the
implementation is likely taken from FreeBSD just like the man
Add support for darwin's sendfile by introducing a new
network_darwin_sendfile.c file that's just a copy of the
network_freebsd_sendfile.c file except with the arguments
adjusted to compensate for the minor API difference (FreeBSD
has separate in and out byte count arguments whereas Darwin
has a combined in/out byte count argument).
Signed-off-by: Kyle J. McKay <email@example.com>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3060 152afb58-edef-0310-8abb-c4023f1b3aa9
- a lot of code tried to handle manually adding terminating zeroes and
keeping track of the correct "used" count.
Replaced all "external" usages with simple wrapper functions:
* buffer_string_is_empty (used <= 1), buffer_is_empty (used == 0);
* CONST_BUF_LEN() macro
- removed "static" buffer hacks (buffers pointing to constant/stack
memory instead of malloc()ed data)
- buffer_append_strftime(): refactor buffer+strftime uses
- li_tohex(): no need for a buffer for binary-to-hex conversion:
the output data length is easy to predict
- remove "-Winline" from extra warnings: the "inline" keyword just
supresses the warning about unused but defined (static) functions;
don't care whether it actually gets inlined or not.
From: Stefan Bühler <firstname.lastname@example.org>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2979 152afb58-edef-0310-8abb-c4023f1b3aa9