lighttpd1.4

lighttpd

lighttpd1.4

Author	SHA1	Message	Date
Glenn Strauss	73bfee6308	[stat_cache] separate func for symlink policy chk Note: historical ToC-ToU race condition still exists in implementation server.follow-symlink = "disable" is not recommended (default: "enable")	4 years ago
Glenn Strauss	5ac92dca08	[mod_webdav] check If-None-Match (#1818 ) x-ref: "add RFC-compliant LOCK support to mod_webdav" https://redmine.lighttpd.net/issues/1818	4 years ago
Glenn Strauss	aacdd3da02	[mod_webdav] special-case If: (<DAV:no-lock>) (recognize <DAV:no-lock>, but supporting logic is limited)	4 years ago
Glenn Strauss	ab005809e1	[mod_webdav] disable elftc_copyfile() on FreeBSD disable elftc_copyfile() on FreeBSD until libelftc added to SCons static build	4 years ago
Glenn Strauss	278c42abc5	[mod_webdav] platform portability fixes	4 years ago
Glenn Strauss	d4b726bf24	[mod_webdav] provide ETag in more responses When file is already open, fstat() and provide ETag, e.g. in PUT requests and new LOCK requests (not LOCK refresh)	4 years ago
Glenn Strauss	d334ee5c2f	[mod_webdav] deprecated unsafe partial PUT compat RFC 7231 forbids partial PUT. However, historical versions of lighttpd mod_webdav did provide this (mis-)feature. Therefore, provide deprecated unsafe partial PUT support for compatibility with historical lighttpd mod_webdav (prior to mod_webdav rewrite), but require new config option to enable this compatible behavior: webdav.opts = ( "deprecated-unsafe-partial-put" => "enable" ) The partial PUT support implemented by historical lighttpd mod_webdav makes no effort to account for shrinkage or growth of range replaced. The request body is splat into the existing file at the offset provided which is quite unsafe and can cause corruption in data sent to concurrent download requests. Use of this (mis-)feature is discouraged, and support may be removed in the future, without any further notice.	4 years ago
Glenn Strauss	eee29b65e5	[mod_webdav] check If-Match, If-Unmodified-Since (#1818 ) x-ref: "add RFC-compliant LOCK support to mod_webdav" https://redmine.lighttpd.net/issues/1818	4 years ago
Glenn Strauss	3111e24b71	[mod_webdav] clean up resources after do{}while(0)	4 years ago
yangfl	4af0f97f14	[mod_webdav] fix misbehavior on blank nodes in PROPPATCH github: #97 x-ref: https://github.com/lighttpd/lighttpd1.4/pull/97	4 years ago
yangfl	6962fc2a5a	[mod_webdav] fix uuid detection macro github: #97 x-ref: https://github.com/lighttpd/lighttpd1.4/pull/97	4 years ago
Glenn Strauss	993cb545d8	[mod_webdav] surround Lock-Token with "<...>" (thx yangfl) github: #97 x-ref: https://github.com/lighttpd/lighttpd1.4/pull/97	4 years ago
Glenn Strauss	95aa2c178d	[core] 200 for OPTIONS /non-existent/path HTTP/1.1 (fixes #2939 ) 200 for OPTIONS /non-existent/path HTTP/1.1 when a module, such as mod_webdav, has set Allow response header x-ref: "OPTIONS should return 2xx status for non-existent resources if Allow is set" https://redmine.lighttpd.net/issues/2939	4 years ago
Glenn Strauss	50aae03c31	[mod_webdav] major rewrite (fixes #1818 ) (occurred 3 years ago on experimental branch, and now ported forward) robustness and performance improvements, including atomic updates on individual files (e.g. for PUT, COPY, MOVE) exclusive locks are fully supported shared locks are partly supported x-ref: "add RFC-compliant LOCK support to mod_webdav" https://redmine.lighttpd.net/issues/1818	4 years ago
Glenn Strauss	a15f40a569	[core] replace open() with fdevent_open_cloexec() fdevent_open_cloexec() opens files O_BINARY for consistency, and with O_NONBLOCK, so that the server will not block if the target file to open is a fifo.	4 years ago
Glenn Strauss	f1e9bcb08a	[core] new worker_init hook to follow parent fork	4 years ago
Glenn Strauss	4183e723ce	[core] log_error, log_perror using printf-like fmt	4 years ago
Glenn Strauss	cbad7517c8	[core] struct log_error_st for error logging	4 years ago
Glenn Strauss	9eead7db7c	[core] __attribute__((format ...))	4 years ago
Glenn Strauss	0dccda28ad	[core] add const to some etag prototypes	4 years ago
Mohammed Sadiq	6a988bb0d0	[multiple] cleaner calloc use in SETDEFAULTS_FUNC github: closes #99 x-ref: "cleaner calloc use in SETDEFAULTS_FUNC" https://github.com/lighttpd/lighttpd1.4/pull/99	4 years ago
Glenn Strauss	599b4f05c8	[core] fix 1.4.52 regression in mem use with POST (fixes #2948 ) (thx rgenoud) x-ref: "[regression][Bisected] lighttpd uses way more memory with POST since 1.4.52" https://redmine.lighttpd.net/issues/2948	4 years ago
Glenn Strauss	e757978497	[core] remove repeated slashes in http-parseopts remove repeated slashes in server.http-parseopts with url-path-dotseg-remove, including leading "//" (prior to this patch, leading "//" was skipped)	4 years ago
Glenn Strauss	32120d5b8b	[core] fix abort in http-parseopts (fixes #2945 ) fix abort in server.http-parseopts with url-path-2f-decode enabled (thx stze) x-ref: "Security - SIGABRT during GET request handling with url-path-2f-decode enabled" https://redmine.lighttpd.net/issues/2945	4 years ago
Glenn Strauss	107fa1f282	[mod_wstunnel] fix ping-interval for big-endian (fixes #2944 ) fix wstunnel.ping-interval for big-endian architectures (thx ste_p_james) x-ref: "[patch] wstunnel.ping-interval ineffective" https://redmine.lighttpd.net/issues/2944	4 years ago
Glenn Strauss	b135b4d24d	[core] clear FDEVENT_RDHUP if no POLLRDHUP (fix for poll() on FreeBSD 11)	4 years ago
Glenn Strauss	f2ac4cdfc5	[core] off_t upload_temp_file_size	4 years ago
Glenn Strauss	a78404cfbf	[core] fdevent_mkstemp_append() (shared)	4 years ago
Glenn Strauss	97d4c11ba6	[core] __attribute__((fallthrough)) for GCC 7.0	4 years ago
Glenn Strauss	1f7afa9c70	[doc] minor adjust create-mime.conf.pl regex match (#2942 ) '-' in char class should be at beginning or end, or escaped with \- so that it does not signify a char range in the char class (In the prior regex, the misuse permitted matching the comma char, which while mostly harmless, was not what was intended) x-ref: "incorrect behaviour of create-mime.assign.pl" https://redmine.lighttpd.net/issues/2942	4 years ago
Glenn Strauss	f60f1a279e	[core] extend dir redirection to take HTTP status extend http_response_redirect_to_directory to take HTTP status code and to set Location if HTTP status >= 300, or else set Content-Location	4 years ago
Glenn Strauss	5440f04e8a	[core] fix assertion with server.error-handler (fixes #2941 ) (thx andpr) x-ref: "failed assertion on incoming bad request when server.error-handler option is used" https://redmine.lighttpd.net/issues/2941	4 years ago
Glenn Strauss	37bd124ae4	[core] pass conf.follow_symlink in more places	4 years ago
Glenn Strauss	2f46736edc	[build] remove -Wdeclaration-after-statement Declarations after statements has been permitted since C99. (That was 20 years ago!)	4 years ago
Glenn Strauss	8064b7483a	[mod_magnet] fix invalid script return-type crash (fixes #2938 ) (thx flynn) x-ref: "Lighttpd crashes on wrong return type in lua script" https://redmine.lighttpd.net/issues/2938	4 years ago
Glenn Strauss	78f24ba141	[core] silence coverity warning	4 years ago
Glenn Strauss	b9e2be50c9	[mod_auth] HTTP Auth Digest algorithm=SHA-256 (also support Digest algorithm=SHA-512-256 if library support present) enable additional algorithms by configuring lighttpd.conf auth.require with new optional keyword "algorithm" => "MD5\|SHA-256" default algorithm remains MD5 if "algorithm" not specified Tested with: curl --digest -u "user:pass" ... (which supports SHA-256) x-ref: "HTTP Digest Access Authentication" https://tools.ietf.org/html/rfc7616	4 years ago
Glenn Strauss	1fb0d7e295	[core] no SOCK_NONBLOCK on QNX 7.0 QNX 7.0 has SOCK_CLOEXEC but not SOCK_NONBLOCK (thx supergaute) github: closes #98 x-ref: "Fix compile error when system has SOCK_CLOEXEC but not SOCK_NONBLOCK" https://github.com/lighttpd/lighttpd1.4/pull/98	4 years ago
Glenn Strauss	28895ab297	[mod_auth] pass http_auth_require_t for 401 Unauth pass (http_auth_require_t *) to mod_auth_send_401_unauthorized_digest() for configured digest algorithms for 401 Unauthorized	4 years ago
Glenn Strauss	60f4cf3ad8	[mod_auth] http_auth_info_t digest abstraction	4 years ago
Glenn Strauss	07fef25867	[mod_auth] http_auth_digest_hex2bin() replace http_auth_md5_hex2bin() with more generic function to handle digests of different lengths	4 years ago
Glenn Strauss	9113011d5b	[core] pass (fdnode ) for registered fdevent fd inline fdevent_fdnode_interest() avoid array lookup for (fdnode ) for various ops	4 years ago
Glenn Strauss	0e108390e5	[core] modify config parser to handle multiple } modify config parser to handle multiple '}' on same line	4 years ago
Glenn Strauss	d76756ca10	[core] perf: pass (fdnode *) to epoll and kqueue	4 years ago
Glenn Strauss	c83fff1dda	[core] release empty chunk buf when nothing read	4 years ago
Glenn Strauss	41384a3657	[core] isolate fdevent processing	4 years ago
Glenn Strauss	1a99aad1c0	[core] pull server load checks out of main loop	4 years ago
Glenn Strauss	99f8ae0d0d	[mod_openssl] use 16k static buffer instead of 64k better match size used by openssl (avoid unused, oversized reads)	4 years ago
Glenn Strauss	4e6e787a0d	[core] remove redundant check for allow_http11 (conf.allow_http11 is handled in http_response_prepare())	4 years ago
Glenn Strauss	800e9b7349	[core] remove fde_ndx member outside fdevents (isolated to fdevent framework internals)	4 years ago

1 2 3 4 5 ...

2909 Commits (73bfee6308c97af833f95dc2204c18d9e1cd3391) All Branches Search

2909 Commits (73bfee6308c97af833f95dc2204c18d9e1cd3391)

All Branches