lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity
1,860 Commits 9 Branches 87 Tags 16 MiB
Commit Graph

4 Commits

Author SHA1 Message Date
Glenn Strauss e5006d88eb pass buf size to li_tohex() 
also change passing of fixed-sized arrays: need to pass pointer to array
as otherwise size does not get enforced

From: Glenn Strauss <gstrauss@gluelogic.com>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3135 152afb58-edef-0310-8abb-c4023f1b3aa9
 2016-04-01 16:54:46 +00:00
Glenn Strauss 8abd06a7ff consistent inclusion of config.h at top of files (fixes #2073) 
From: Glenn Strauss <gstrauss@gluelogic.com>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3113 152afb58-edef-0310-8abb-c4023f1b3aa9
 2016-03-19 15:14:35 +00:00
Stefan Bühler 2a8f73e7d4 [mod_secdownload] fix buffer overflow in secdl_verify_mac (reported by Fortify Open Review Project) 
Impact is probably low on most platforms, as it will probably overwrite
one byte of "HASH HA1" which isn't used afterwards anymore.

Reference: Fortify Open Review Project - lighttpd 1.4.39
    ID 22708159 - Buffer Overflow: Off-by-One

From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3096 152afb58-edef-0310-8abb-c4023f1b3aa9
 2016-03-13 14:53:20 +00:00
Stefan Bühler bfaa48260a [mod_secdownload] add required algorithm option; old behaviour available as "md5", new options "hmac-sha1" and "hmac-sha256" 
Differential Revision: https://review.lighttpd.net/D7

From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3054 152afb58-edef-0310-8abb-c4023f1b3aa9
 2015-11-22 22:22:22 +00:00