54 Commits (456d7f47901327e5edd2a334b8ef1ced80bd0a7b)

Author SHA1 Message Date
Stefan Bühler 456d7f4790 fix compile error when ssl is not enabled 11 years ago
Stefan Bühler 0f96222e7e [ssl] add option to honor server cipher order, true by default (fixes #2364) 11 years ago
Stefan Bühler 8c482a496d remove copy/paste remainings from previous commit 11 years ago
Stefan Bühler a94bdd07df [ssl] count renegotiations to prevent client renegotiations 11 years ago
Stefan Bühler cbf1baacc9 [ssl] fix build errors when Elliptic-Curve Diffie-Hellman is disabled 11 years ago
Stefan Bühler f434d514ad Limit amount of bytes we send in one go; fixes stalling in one connection and timeouts on slow systems. 11 years ago
Stefan Bühler 55e1dc1825 [ssl/build] some minor fixes; fix compile without ssl, cleanup ssl config buffers 11 years ago
Stefan Bühler f610f894a3 ssl: Support for Diffie-Hellman and Elliptic-Curve Diffie-Hellman key exchange (fixes #2301, #2246, #2239) 12 years ago
Stefan Bühler 7e5b0fe9ab Rename fdevent_event_add to _set to reflect what the function does. Fix some handlers. 12 years ago
Stefan Bühler e23e999089 bind to IPV6-only if ipv6 address was specified (http://redmine.lighttpd.net/projects/lighttpd/wiki/IPv6-Config) 12 years ago
Stefan Bühler 4ae13c32b1 only require FDEVENT_IN bit to be set for listening connections (fixes #2227) 12 years ago
Stefan Bühler 38f2d1ddd7 cleanup fdevent code, removed linux-rtsig handler, replaced some fprintf calls 12 years ago
Stefan Bühler b3892c1410 Reset uri.authority before TLS servername handling, reset all "keep-alive" data in connection_del (fixes #2125) 12 years ago
Stefan Bühler 34fb1258e4 Fix handling return value of SSL_CTX_set_options (fixes #2157, thx mlcreech) 13 years ago
Stefan Bühler 1d5d55a484 Don't print ssl error if client didn't support TLS SNI 13 years ago
Stefan Bühler b987643307 Add SSL Client Certificate verification (#1288) 13 years ago
Stefan Bühler 97cec38a3b Fix compile error if TLS SNI isn't supported 13 years ago
Stefan Bühler 7322d53684 Fix some warnings in previous commit (TLS SNI) 13 years ago
Peter Colberg 8b6dae4139 Add TLS servername indication (SNI) support (fixes #386, thx Peter Colberg <peter@colberg.org>) 13 years ago
Stefan Bühler 22e8b456a9 Fix header inclusion order, always include "config.h" before any system header 13 years ago
Stefan Bühler f9e65e8500 Fixed some small non-critical leaks reported by cppcheck 13 years ago
Stefan Bühler 4df22f2a32 Fix issues found with clang analyzer 13 years ago
Stefan Bühler 8a24665a81 Allow all comparisons for $SERVER["socket"] - only bind for "==" 13 years ago
Stefan Bühler e1645ed287 Set FD_CLOEXEC for bound sockets before pipe-logger forks (fixes #2026) 13 years ago
Stefan Bühler 0226d4bf36 Add option to enable TCP_DEFER_ACCEPT (fixes #1447) 14 years ago
Stefan Bühler 63f785a2f8 Added some extra warning options in cmake and fix the resulting warnings (unused/static functions) 14 years ago
Stefan Bühler 52861d77df Replace buffer_{append,copy}_string with the _len variant where possible (#1732, thx crypt) 14 years ago
Marcus Rückert 8cd1471cb3 - white space cleanup part 2 this time 1.4 ;) 16 years ago
Jan Kneschke 7b4097f7ee oops, use SSL_CTX_* if you modify the ssl_ctx 16 years ago
Jan Kneschke a85ca5e0ef merged [1051], [1052], [1053], [1054], [1057], [1060], [1061], [1062] 16 years ago
Jan Kneschke 609a30e896 disable the ssl-write checks for a moving SSL-write-buffer 16 years ago
Jan Kneschke 396d141efb don't init a SERVER["socket"] if it is initialized already 17 years ago
Jan Kneschke 0525ed2816 fixed calculation of socket-len if SUN_LEN is not defined 17 years ago
Jan Kneschke 0f437f2c23 remove unix domain socket if it is unused before binding to it (fixes #395) 17 years ago
Jan Kneschke b9b8a46f40 allow to bind the server to a unix-domain socket 17 years ago
Jan Kneschke 95fb9a3cf7 init the fdevent-handler AFTER daemonize and AFTER the max-worker spawning 17 years ago
Jan Kneschke d0751c5a2b fixed compile if openssl is not enabled 17 years ago
Jan Kneschke e290b119db added startup-time selectable network-backend 17 years ago
Jan Kneschke 54dea53fdf update bytes_written in con-> (fixed #737) 17 years ago
Jan Kneschke bd893badb9 added the fd as parameter for the write() functions 17 years ago
Jan Kneschke b46fa4497b only accept 100 connection in one round to remove the starvation of waiting connections 17 years ago
Jan Kneschke 7113a665b3 improved error messages 17 years ago
Jan Kneschke 38b8743af3 - don't keep the full fastcgi response in memory 17 years ago
Jan Kneschke 5c20c426b7 added gracefull shutdown and max-connections 17 years ago
Jan Kneschke e47ae00886 let kqueue startup after daemonize is done 17 years ago
Jan Kneschke 360aba360f allow _ in env. and var. and optimized matching of conditions 17 years ago
Jan Kneschke cd4c324ff2 allow numbers in header-keys 17 years ago
Jan Kneschke 8073d5fe9f added nested conditionals (merged [298]) 17 years ago
Jan Kneschke 5e134da075 dropped file-cache, added stat-cache and modules ALWAYS cleanup at connection-end 17 years ago
Jan Kneschke e678d8f765 applied selective TCP_CORK from Christian von Roques (#97) 17 years ago