lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity
2,938 Commits
9 Branches
85 Tags
14 MiB
Commit Graph

2938 Commits (ec94594504f4eec3a91fe5a55153dedbe8535790)

Author SHA1 Message Date
Glenn Strauss ec94594504 [scons] help scons on FreeBSD find sys/event.h 2019-05-05 23:05:02 -04:00
Glenn Strauss 3abbb8dc4b [cmake] help cmake on FreeBSD find sys/event.h 
sys/event.h does not compile standalone, so check_include_files() fails

Add compiler flags -include sys/types.h so that the compile check passes

This allows cmake builds on FreeBSD to detect and use kqueue.
 2019-05-05 03:02:01 -04:00
Glenn Strauss d836d20317 [stat_cache] fix compilation error for cmake 2019-05-04 18:16:01 -04:00
Glenn Strauss 1cf68f79eb [core] behavior change: stricter URL normalization 
behavior change: stricter URL normalization

Prior behavior can be obtained by configuring lighttpd.conf with:
      server.http-parseopts = (“url-normalize” => “disable” )
although this is not recommended.

This behavior change was pre-announced with the releases of
  lighttpd 1.4.52 (2018.11.28)
  lighttpd 1.4.53 (2019.01.27)

The recommended settings are:
      server.http-parseopts = (
        "header-strict"            => "enable",
        "host-strict"              => "enable",
        "host-normalize"           => "enable",
        "url-normalize"            => "enable",
        "url-normalize-unreserved" => "enable",
        "url-normalize-required"   => "enable",
        "url-ctrls-reject"         => "enable",
        "url-path-2f-decode"       => "enable",
        "url-path-backslash-trans" => "enable",
        "url-path-dotseg-remove"   => "enable",
        "url-query-20-plus"        => "enable"
      )

The lighttpd defaults with this commit are slightly less strict:
      server.http-parseopts = (
        "header-strict"            => "enable",
        "host-strict"              => "enable",
        "host-normalize"           => "enable",
        "url-normalize"            => "enable",
        "url-normalize-unreserved" => "enable",
       #"url-normalize-required"   => "enable",
        "url-ctrls-reject"         => "enable",
        "url-path-2f-decode"       => "enable",
       #"url-path-backslash-trans" => "enable",
        "url-path-dotseg-remove"   => "enable",
       #"url-query-20-plus"        => "enable"
      )
 2019-05-04 17:48:04 -04:00
Glenn Strauss 49e9f0acdc [doc] highlight relevance of module load order (fixes #2946) 
x-ref:
  "modules.conf order unhelpful (setenv vs. redirect)"
  https://redmine.lighttpd.net/issues/2946
 2019-05-04 17:10:35 -04:00
Glenn Strauss 77c2883da9 [mod_webdav] quiet coverity warnings 2019-05-04 16:36:10 -04:00
Glenn Strauss 84db583e3e [stat_cache] FAM: whitespace-only change 
whitespace-only changes in stat_cache_handle_fdevent_in()
 2019-05-04 16:36:10 -04:00
Glenn Strauss 60a4b5f118 [stat_cache] FAM: separate routine for FDEVENT_IN 2019-05-04 16:36:10 -04:00
Glenn Strauss 8cc189f4c6 [stat_cache] FAM: improve monitoring, cache 16 sec 
improve FAM monitoring to use reference counting in internal cache

revalidate entries upon use after 16 sec to recover from missed events

(see comments in commit for more details about limitations)
 2019-05-04 16:36:10 -04:00
Glenn Strauss f56800e86a [stat_cache] no longer stat() and open() for stat 
do not open file in stat_cache_get_entry()
no longer stat() followed by open() and close() just for stat()

callers should open() file to validate readability (and then reuse fd)
 2019-05-04 13:48:22 -04:00
Glenn Strauss 44156bbe81 [multiple] open target file earlier in some cases 
open target file earlier in some cases to validate readability
 2019-05-04 13:48:22 -04:00
Glenn Strauss 470a692211 [core] http_chunk_append_file_fd() 2019-05-04 13:48:22 -04:00
Glenn Strauss 8f0adfe043 [core] emit trace using path before clearing path 2019-05-04 13:48:22 -04:00
Glenn Strauss 61e8d799f0 [scons] adjustment for static build under CentOS 
x-ref:
  "Trying to compile under CentOS 6.10"
  https://redmine.lighttpd.net/boards/2/topics/8572
 2019-05-04 13:48:22 -04:00
Glenn Strauss 338c73fd28 [core] use high precision stat timestamp in etag 
use high precision stat timestamp (on systems where available) in etag
 2019-05-04 13:48:22 -04:00
Glenn Strauss 311f258ab3 [mod_webdav] update stat_cache after file mod 
update stat_cache entries after file modifications (PUT)
invalidate stat_cache entries after file movement (COPY MOVE DELETE)
 2019-05-04 13:48:22 -04:00
Glenn Strauss 57470365a2 [stat_cache] interfaces to invalidate entries 2019-05-04 13:48:22 -04:00
Glenn Strauss f89f9191f4 [stat_cache] FAM: funcs to invalidate entries 2019-05-04 13:48:22 -04:00
Glenn Strauss c7eaa502ec [stat_cache] FAM: ignore event with no valid match 2019-05-04 13:48:22 -04:00
Glenn Strauss 18faa0910c [stat_cache] FAM: check hash collision before add 
skip monitoring new entry if there is a hash collision in stat_cache
data structure associated with FAM
 2019-05-04 13:48:22 -04:00
Glenn Strauss 8772e85cea [stat_cache] FAM: ignore follow-symlink config 
no distinction needs to be made whether or not server.follow-symlink set
 2019-05-04 13:48:22 -04:00
Glenn Strauss 1971da13db [stat_cache] FAM: improve handling modified file 2019-05-04 13:48:22 -04:00
Glenn Strauss 38ce790657 [stat_cache] FAM: use entry hash index as userdata 
Upon receipt of FAM event, validate that entry exists in splaytree
instead of blindly accessing memory through the pointer returned in
userdata by FAM
 2019-05-04 13:48:22 -04:00
Glenn Strauss a3d171526a [stat_cache] FAM: check FAMNextEvent() return code 2019-05-04 13:48:22 -04:00
Glenn Strauss cc49703372 [stat_cache] FAM: reduce string copying 2019-05-04 13:48:22 -04:00
Glenn Strauss a50b72c356 [stat_cache] remove splaytree ins/del debug code 
remove debug code around for splaytree_insert() and splaytree_delete()
in stat_cache.c
 2019-05-04 13:48:22 -04:00
Glenn Strauss 47d006ae47 [stat_cache] pass age param for stat cache cleanup 2019-05-04 13:48:22 -04:00
Glenn Strauss baa5f04335 [stat_cache] store entries without trailing slash 
(no more duplication of dir entries with and without trailing slash)
 2019-05-04 13:48:22 -04:00
Glenn Strauss 020a83c265 [stat_cache] separate symlink pol from data struct 
separate symlink polily from internal data structures
no more dup entires in splaytree for allowing/disallowing symlinks

hash name to provided len
 2019-05-04 13:48:11 -04:00
Glenn Strauss 73bfee6308 [stat_cache] separate func for symlink policy chk 
Note: historical ToC-ToU race condition still exists in implementation
server.follow-symlink = "disable" is not recommended (default: "enable")
 2019-04-29 18:11:15 -04:00
Glenn Strauss 5ac92dca08 [mod_webdav] check If-None-Match (#1818) 
x-ref:
  "add RFC-compliant LOCK support to mod_webdav"
  https://redmine.lighttpd.net/issues/1818
 2019-04-23 10:36:55 -04:00
Glenn Strauss aacdd3da02 [mod_webdav] special-case If: (<DAV:no-lock>) 
(recognize <DAV:no-lock>, but supporting logic is limited)
 2019-04-23 10:36:55 -04:00
Glenn Strauss ab005809e1 [mod_webdav] disable elftc_copyfile() on FreeBSD 
disable elftc_copyfile() on FreeBSD
until libelftc added to SCons static build
 2019-04-22 02:36:53 -04:00
Glenn Strauss 278c42abc5 [mod_webdav] platform portability fixes 2019-04-22 02:18:56 -04:00
Glenn Strauss d4b726bf24 [mod_webdav] provide ETag in more responses 
When file is already open, fstat() and provide ETag,
e.g. in PUT requests and new LOCK requests (not LOCK refresh)
 2019-04-22 01:09:28 -04:00
Glenn Strauss d334ee5c2f [mod_webdav] deprecated unsafe partial PUT compat 
RFC 7231 forbids partial PUT.  However, historical versions of
lighttpd mod_webdav did provide this (mis-)feature.  Therefore,
provide *deprecated* unsafe partial PUT support for compatibility
with historical lighttpd mod_webdav (prior to mod_webdav rewrite),
but require new config option to enable this compatible behavior:

webdav.opts = ( "deprecated-unsafe-partial-put" => "enable" )

The partial PUT support implemented by historical lighttpd mod_webdav
makes no effort to account for shrinkage or growth of range replaced.
The request body is splat into the *existing* file at the offset
provided which is quite unsafe and can cause corruption in data sent
to concurrent download requests.

Use of this (mis-)feature is discouraged, and support may be removed
in the future, without any further notice.
 2019-04-22 01:09:28 -04:00
Glenn Strauss eee29b65e5 [mod_webdav] check If-Match, If-Unmodified-Since (#1818) 
x-ref:
  "add RFC-compliant LOCK support to mod_webdav"
  https://redmine.lighttpd.net/issues/1818
 2019-04-22 01:09:23 -04:00
Glenn Strauss 3111e24b71 [mod_webdav] clean up resources after do{}while(0) 2019-04-22 01:08:58 -04:00
yangfl 4af0f97f14 [mod_webdav] fix misbehavior on blank nodes in PROPPATCH 
github: #97

x-ref:
  https://github.com/lighttpd/lighttpd1.4/pull/97
 2019-04-22 01:08:58 -04:00
yangfl 6962fc2a5a [mod_webdav] fix uuid detection macro 
github: #97

x-ref:
  https://github.com/lighttpd/lighttpd1.4/pull/97
 2019-04-22 01:08:58 -04:00
Glenn Strauss 993cb545d8 [mod_webdav] surround Lock-Token with "<...>" 
(thx yangfl)

github: #97

x-ref:
  https://github.com/lighttpd/lighttpd1.4/pull/97
 2019-04-22 01:08:58 -04:00
Glenn Strauss 95aa2c178d [core] 200 for OPTIONS /non-existent/path HTTP/1.1 (fixes #2939) 
200 for OPTIONS /non-existent/path HTTP/1.1 when a module,
such as mod_webdav, has set Allow response header

x-ref:
  "OPTIONS should return 2xx status for non-existent resources if Allow is set"
  https://redmine.lighttpd.net/issues/2939
 2019-04-22 01:08:58 -04:00
Glenn Strauss 50aae03c31 [mod_webdav] major rewrite (fixes #1818) 
(occurred 3 years ago on experimental branch, and now ported forward)

robustness and performance improvements, including atomic updates on
individual files (e.g. for PUT, COPY, MOVE)

exclusive locks are fully supported
shared locks are partly supported

x-ref:
  "add RFC-compliant LOCK support to mod_webdav"
  https://redmine.lighttpd.net/issues/1818
 2019-04-22 01:08:54 -04:00
Glenn Strauss a15f40a569 [core] replace open() with fdevent_open_cloexec() 
fdevent_open_cloexec() opens files O_BINARY for consistency,
and with O_NONBLOCK, so that the server will not block if the
target file to open is a fifo.
 2019-04-20 02:10:28 -04:00
Glenn Strauss f1e9bcb08a [core] new worker_init hook to follow parent fork 2019-04-20 02:10:28 -04:00
Glenn Strauss 4183e723ce [core] log_error, log_perror using printf-like fmt 2019-04-20 02:10:28 -04:00
Glenn Strauss cbad7517c8 [core] struct log_error_st for error logging 2019-04-20 02:10:28 -04:00
Glenn Strauss 9eead7db7c [core] __attribute__((format ...)) 2019-04-20 02:10:28 -04:00
Glenn Strauss 0dccda28ad [core] add const to some etag prototypes 2019-04-20 02:10:28 -04:00
Mohammed Sadiq 6a988bb0d0 [multiple] cleaner calloc use in SETDEFAULTS_FUNC 
github: closes #99

x-ref:
  "cleaner calloc use in SETDEFAULTS_FUNC"
  https://github.com/lighttpd/lighttpd1.4/pull/99
 2019-04-20 02:09:04 -04:00