Commit Graph

52 Commits (68e4a416cc9936a1d5d168f199ac88a8e24b75e9)

Author SHA1 Message Date
Stefan Bühler b0a4421272 [core] refactor base64 functions into separate file 7 years ago
Loganaden Velvindron d7be04beb5 [mod_auth] implement and use safe_memclear, using memset_s or explicit_bzero if available 7 years ago
Stefan Bühler 52d72fe8fc [scons] fix crypt() detection, other improvements 7 years ago
Stefan Bühler c92496720d [mod_auth] use crypt_r instead of crypt if available 8 years ago
Stefan Bühler ad3e93ea96 Use buffer API to read and modify "used" member 8 years ago
Stefan Bühler 4365bdbebe Remove buffer_prepare_copy() and buffer_prepare_append() 8 years ago
Stefan Bühler 6afad87d2e fix buffer, chunk and http_chunk API 8 years ago
Stefan Bühler 6f208cfde1 fix/silence bugs reported by ccc-analyzer (clang) 9 years ago
Stefan Bühler 2bcf65c285 [mod_auth] some cleanup, only search for matching auth.require path once 9 years ago
Stefan Bühler c008fd7ec8 [mod_auth] fix invalid read in digest qop=auth-int handling (fixes #2478) 9 years ago
Stefan Bühler ce4bc0c0f7 [mod_auth] fix base64_decode (#2484) 10 years ago
Stefan Bühler c26b50d9ad [mod_auth] add htpasswd -s (SHA1) support if openssl is used (needs openssl for SHA1). This doesn't use any salt, md5 with salt is probably better. 10 years ago
Stefan Bühler 0342dfef1d [mod_auth] use crypt() on encrypted password instead of extracting salt first (fixes #2483) 10 years ago
Stefan Bühler bbaef6ab87 fix typo in debug output 11 years ago
Stefan Bühler 61047369c7 [mod_auth] Fix digest "md5-sess" implementation (Errata ID 1649, RFC 2617) (fixes #2410) 11 years ago
Stefan Bühler 6c9dff7cda [mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362) 11 years ago
Stefan Bühler 90dd8af32b Always use our 'own' md5 implementation, fixes linking issues on MacOS (fixes #2331) 11 years ago
Stefan Bühler 328043caf3 [ssl/md5] prefix our own md5 implementation with li_ so it doesn't conflict with the openssl one (fixes #2269) 12 years ago
Stefan Bühler 38f2d1ddd7 cleanup fdevent code, removed linux-rtsig handler, replaced some fprintf calls 12 years ago
Elan Ruusamäe a813273c2f - Include IP addresses on error log on password failures (fixes #2191) 13 years ago
Stefan Bühler 22e8b456a9 Fix header inclusion order, always include "config.h" before any system header 13 years ago
Stefan Bühler 4df22f2a32 Fix issues found with clang analyzer 13 years ago
Stefan Bühler 5204fd7e6c Adding support for additional chars in LDAP usernames (fixes #1941) 13 years ago
Stefan Bühler 7ad4792357 Add support for "real" entropy from /dev/[u]random (fixes #1977) 13 years ago
Stefan Bühler 7f103eab6c Fix error message if no auth backend was set 14 years ago
Stefan Bühler cfba07cb82 Now really fix mod auth ldap (#1066) 14 years ago
Stefan Bühler 8cfa29a7a2 Fix base64 decoding in mod_auth (#1757, thx guido) 14 years ago
Stefan Bühler 6d1d3fc203 workaround ldap connection leak if a ldap connection failed (restarting ldap) 14 years ago
Stefan Bühler 88750bb7be r2096@chromobil: stefan | 2008-02-26 17:12:09 +0100 15 years ago
Jan Kneschke 5c333340be free the buffers after the printed them in the error-msg 15 years ago
Jan Kneschke 51826fc05c renamed ltostr() to LI_ltostr() to fix compile on HP/UX (fixes #465) 15 years ago
Jan Kneschke 15e260c28b * fixed mem-leak in mod_auth (reported by Stefan Esser) 16 years ago
Jan Kneschke c3476ada45 fixed small mem-leak if auth failed 16 years ago
Marcus Rückert d471bcc9ca r1553@h2o: darix | 2007-01-14 10:37:14 +0100 16 years ago
Marcus Rückert 8cd1471cb3 - white space cleanup part 2 this time 1.4 ;) 16 years ago
Jan Kneschke 3a152b3b76 added $apr1$ support for htpasswd (fixes #870) 16 years ago
Marcus Rückert 27e3de6ca4 Remove unmaintained and not working pam code. 16 years ago
Jan Kneschke 4a81e17c6c qop is required nc and nonce (fixes #477) 17 years ago
Jan Kneschke 780bc91ffe improved the error-msgs 17 years ago
Jan Kneschke ad7d85b7f5 fixed possible overflow in password-salt handling 17 years ago
Jan Kneschke 62d8d1ef53 fixed md5 on 64bit platforms 17 years ago
Jan Kneschke ea7b9aba9b added auto-reconnect to ldap (fixes #294), patch from joerg@netbsd.org 17 years ago
Jan Kneschke b4d9d061c8 either remove include config.h or covered it in HAVE_CONFIG_H 17 years ago
Jan Kneschke be5f187d0f added support for md5 and blowfish passwords (fixes #73) 17 years ago
Jan Kneschke 35d3c10d81 on SEGFAULT tell were we where 17 years ago
Jan Kneschke 9238cad69e added support for LDAP-bind() 17 years ago
Jan Kneschke 5c26d86fd2 missing parts of the starttls patch 17 years ago
Jan Kneschke 9a62fdb85d added valid-user support, fixed #4 17 years ago
Jan Kneschke c8652e52b0 fixed #148 and let PAM use the lighttpd-handle (if someone implements it) 18 years ago
Jan Kneschke 232e6158a9 Fixed segv if debuggin is enabled 18 years ago