Commit Graph

1854 Commits (4a51d2ab8ccfa8f8da476da100963c1b26b5b67f)

Author SHA1 Message Date
Stefan Bühler 0342dfef1d [mod_auth] use crypt() on encrypted password instead of extracting salt first (fixes #2483)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2869 152afb58-edef-0310-8abb-c4023f1b3aa9
2013-04-29 13:08:23 +00:00
Stefan Bühler b5da12c008 reject non ASCII characters in HTTP header names
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2868 152afb58-edef-0310-8abb-c4023f1b3aa9
2013-03-25 17:22:36 +00:00
Stefan Bühler 25a2d665aa call ERR_clear_error only for ssl connections in CON_STATE_ERROR
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2867 152afb58-edef-0310-8abb-c4023f1b3aa9
2013-03-25 17:22:34 +00:00
Stefan Bühler 0e48ef6acb [mod_fastcgi,log] support multi line logging (fixes #2252)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2866 152afb58-edef-0310-8abb-c4023f1b3aa9
2013-03-25 17:22:32 +00:00
Stefan Bühler 543bd249fb fix handling of If-Modified-Since if If-None-Match is present (don't return 412 for date parsing errors); follow current draft for HTTP/1.1, which tells us to ignore If-Modified-Since if we have matching etags.
See:
 http://tools.ietf.org/html/draft-ietf-httpbis-p4-conditional-21#section-5
 > it makes sense to ignore the If-Modified-Since when entity tags are
 > understood and available for the selected representation.

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2865 152afb58-edef-0310-8abb-c4023f1b3aa9
2013-01-22 13:08:21 +00:00
Stefan Bühler 9cd8faa1b6 mod_fastcgi: fix mix up of "mode" => "authorizer" in other fastcgi configs (fixes #2465, thx peex)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2864 152afb58-edef-0310-8abb-c4023f1b3aa9
2013-01-04 13:54:38 +00:00
Stefan Bühler 5aef370a2d - next is 1.4.33
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2863 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-11-21 12:34:49 +00:00
Stefan Bühler 79fed4ec04 remove whitespace at end of header keys
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2861 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-11-21 12:01:46 +00:00
Stefan Bühler 6edfc40f93 fix DoS in Connection header value split (reported by Jesse Sipprell, CVE-2012-5533)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2860 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-11-21 12:01:44 +00:00
Stefan Bühler 6200764f05 tests: check different combination of empty values, leading/trailing spaces and commas in the Connection header
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2859 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-11-21 12:01:42 +00:00
Stefan Bühler 29b126d5d3 mod_extforward: log address of untrusted proxy with debug.log-request-handling
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2858 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-11-15 08:44:10 +00:00
Cyril Brulebois 4f4bcdd3c3 tests: make sure mod_proxy doesn't leave running processes (fixes #2435, thx kibi)
In case the proxy instance goes wrong, the clean-up doesn't kill the
real instance. So close both instances explicitly in the clean-up
phase.

Signed-off-by: Cyril Brulebois <kibi@debian.org>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2857 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-11-09 14:23:25 +00:00
Stefan Bühler 4002dce596 detect "x-gzip"/"x-bzip2" as separate encodings, more strict encoding matching (fixes #2443)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2856 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-11-09 14:23:24 +00:00
Stefan Bühler c3a9948c75 network_server_init: fix double free and memleak on error (fixes #2440, thx kyprizel)
this is not really critical - lighty will terminate anyway after hitting
this, and this is before connections are accepted.

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2855 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-11-09 14:23:22 +00:00
Stefan Bühler 9b246c5e09 fix :port handling in $HTTP["host"] checks (fixes #2135. thx liming)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2853 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-11-07 14:23:00 +00:00
Stefan Bühler d4d1ff36aa add PATCH method (fixes #2424)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2852 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-11-07 13:53:00 +00:00
Stefan Bühler fcb3f42f11 configure.ac: remove old stuff, add some new to fix warnings in automake 1.12 (fixes #2419, thx blino)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2851 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-11-07 13:07:02 +00:00
Stefan Bühler d09fdd877f Handle ENAMETOOLONG, return 404 Not Found (fixes #2396, thx dererkazo)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2850 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-11-07 13:07:00 +00:00
Stefan Bühler db1d977dea Ignore EPIPE/ECONNRESET after SSL_shutdown (thx patdk-wk for reporting)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2849 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-11-06 17:14:37 +00:00
Stefan Bühler 6c9d257742 Code cleanup with clang/sparse (fixes #2437, thx kibi)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2848 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-08-31 14:11:48 +00:00
Cyril Brulebois 6404e3ba09 [lighttpd-angel] Remove unused variable.
Signed-off-by: Cyril Brulebois <kibi@debian.org>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2847 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-08-31 14:11:46 +00:00
Cyril Brulebois b6757eaae5 [lemon] Use void* as generic pointer instead of char*.
Action_add() takes a char* as last parameter, which leads clang to emit
warnings about incompatible pointer types:
  lemon.c:838:34: […] 'struct state *' to parameter of type 'char *'
  lemon.c:939:57: […] 'struct rule *' to parameter of type 'char *'

Signed-off-by: Cyril Brulebois <kibi@debian.org>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2846 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-08-31 14:11:45 +00:00
Cyril Brulebois 9c43331382 Use NULL instead of 0 where pointers are expected.
There are 6 remaining occurrences after this commit, in mod_compress,
due to zlib's Z_NULL being defined as 0 instead of NULL.

Signed-off-by: Cyril Brulebois <kibi@debian.org>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2845 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-08-31 14:11:43 +00:00
Cyril Brulebois b6b6eda292 [md5] Fix non-ANSI function definitions.
The following was used in the past:
  int foo(bar, baz)
    int bar;
    int baz;
  { ... }

But that's written this way now:
  int foo(int bar, int baz)
  { ... }

Signed-off-by: Cyril Brulebois <kibi@debian.org>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2844 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-08-31 14:11:42 +00:00
Cyril Brulebois 0c6a564543 Fix non-ANSI function declarations.
The proper way to declare a function taking no parameters isn't:
  foo bar();

But this instead:
  foo bar(void);

Signed-off-by: Cyril Brulebois <kibi@debian.org>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2843 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-08-31 14:11:41 +00:00
Cyril Brulebois f4ba2d4f24 Mark some data as static.
Those identifiers aren't used except in the files they're declared in,
so mark them static.

Signed-off-by: Cyril Brulebois <kibi@debian.org>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2842 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-08-31 14:11:39 +00:00
Stefan Bühler b6b694df3d - next is 1.4.32
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2841 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-08-31 14:11:37 +00:00
Stefan Bühler 100ed91f2d Fix --enable-mmap handling in configure.ac
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2839 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-05-31 15:08:36 +00:00
Stefan Bühler 172eeebfaa [mod_redirect] Support url.redirect-code option (fixes #2247)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2838 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-05-30 16:58:34 +00:00
Stefan Bühler 1ee35acc6f [mod_extforward] Support ipv6 addresses (fixes #1889)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2837 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-05-18 13:28:00 +00:00
Stefan Bühler 3a13ab8bf2 Detect multiple -f options: show error message instead of assert (fixes #2416)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2836 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-05-18 12:56:30 +00:00
Stefan Bühler bbaef6ab87 fix typo in debug output
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2835 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-05-18 12:56:28 +00:00
Stefan Bühler 5677f17442 [mod_*cgi,mod_accesslog] Fix splitting :port with ipv6 (fixes #2333, thx simoncpu)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2834 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-04-19 13:02:13 +00:00
Stefan Bühler 7187271fb6 [auth] Add "AUTH_TYPE" environment (for *cgi), remove fastcgi specific workaround, add fastcgi test case (fixes #889)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2833 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-04-19 13:02:11 +00:00
Stefan Bühler 61047369c7 [mod_auth] Fix digest "md5-sess" implementation (Errata ID 1649, RFC 2617) (fixes #2410)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2832 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-04-19 13:02:09 +00:00
Stefan Bühler ab0fa7d873 Fix access log escaping of " and \\ (fixes #1551)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2831 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-04-19 13:02:08 +00:00
Stefan Bühler 01f9debec3 Fix handling of empty header list entries in http_request_split_value, fixing invalid read in valgrind (fixes #2413)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2830 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-04-19 13:02:06 +00:00
Stefan Bühler e697869e34 buffer_caseless_compare: always convert letters to lowercase to get transitive results, fixing array lookups (fixes #2405)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2828 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-04-08 08:02:44 +00:00
Stefan Bühler f4c3a99eea Disable mmap by default (fixes #2391)
* if a user truncates a file we are mmapping, reading the truncated
  area leads to SIGBUS
* mod_cgi and mod_webdav still use mmap for reading the tmp files
  created for large request bodies.
  as no other user should have write access for those this isn't
  a (security) problem.

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2827 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-02-24 18:34:20 +00:00
Stefan Bühler 33f1ec6d28 [mod_compress] fix handling if etags are disabled but cache-dir is set - may lead to double response
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2826 152afb58-edef-0310-8abb-c4023f1b3aa9
2012-01-11 21:59:51 +00:00
Stefan Bühler 35875cd515 [ssl] include more headers explicitly
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2825 152afb58-edef-0310-8abb-c4023f1b3aa9
2011-12-27 13:45:36 +00:00
Stefan Bühler 6f0752da38 list all network handlers in lighttpd -V (fixes #2376)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2824 152afb58-edef-0310-8abb-c4023f1b3aa9
2011-12-27 12:14:23 +00:00
Stefan Bühler 79bcfab083 Move fdevent subsystem includes to implementation files to reduce conflicts (fixes #2373)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2823 152afb58-edef-0310-8abb-c4023f1b3aa9
2011-12-25 15:35:01 +00:00
Stefan Bühler d194c09da9 [ssl] fix segfault in counting renegotiations for openssl versions without TLSEXT/SNI
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2822 152afb58-edef-0310-8abb-c4023f1b3aa9
2011-12-23 10:31:57 +00:00
Stefan Bühler 10e5fda664 [doc] add systemd/lighttpd.service to Makefiles, so it ends up in the tarball
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2821 152afb58-edef-0310-8abb-c4023f1b3aa9
2011-12-23 10:31:53 +00:00
Stefan Bühler beb6709b6c - next is 1.4.31
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2820 152afb58-edef-0310-8abb-c4023f1b3aa9
2011-12-18 16:35:12 +00:00
Stefan Bühler 13d0440ac5 [doc] add systemd lighttpd.service file
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2818 152afb58-edef-0310-8abb-c4023f1b3aa9
2011-12-18 14:36:35 +00:00
Stefan Bühler d83b009d54 [doc] fix ssl config exaple for ssl.cipher-list
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2817 152afb58-edef-0310-8abb-c4023f1b3aa9
2011-12-18 12:58:08 +00:00
Stefan Bühler 761bedd7fe [libev/cgi] fix waitpid ECHILD errors in cgi with libev (fixes #2324)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2816 152afb58-edef-0310-8abb-c4023f1b3aa9
2011-12-18 12:58:04 +00:00
Stefan Bühler 7bdb75fb47 [ssl] fix segfault on "ssl.honor-cipher-order" option while parsing the config
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2815 152afb58-edef-0310-8abb-c4023f1b3aa9
2011-12-06 20:03:42 +00:00