lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity
4,055 Commits
8 Branches
85 Tags
72 MiB
master
personal/gstrauss/master
personal/stbuehler/ci-build
personal/stbuehler/fix-fdevent
personal/stbuehler/1.4.48-mod-proxy-fix
personal/stbuehler/cleanup-build
personal/stbuehler/mod-csrf
personal/stbuehler/mod-csrf-old
lighttpd-1.4.71
lighttpd-1.4.70
lighttpd-1.4.69
lighttpd-1.4.68
lighttpd-1.4.67
lighttpd-1.4.66
lighttpd-1.4.65
lighttpd-1.4.64
lighttpd-1.4.63
lighttpd-1.4.62
lighttpd-1.4.61
lighttpd-1.4.60
lighttpd-1.4.59
lighttpd-1.4.58
lighttpd-1.4.57
lighttpd-1.4.56
lighttpd-1.4.56-rc7
lighttpd-1.4.56-rc6
lighttpd-1.4.56-rc5
lighttpd-1.4.56-rc4
lighttpd-1.4.56-rc3
lighttpd-1.4.56-rc2
lighttpd-1.4.56-rc1
lighttpd-1.4.55
lighttpd-1.4.54
lighttpd-1.4.53
lighttpd-1.4.52
lighttpd-1.4.51
lighttpd-1.4.50
lighttpd-1.4.49
lighttpd-1.4.48
lighttpd-1.4.47
lighttpd-1.4.46
lighttpd-1.4.45
lighttpd-1.4.44
lighttpd-1.4.43
lighttpd-1.4.42
lighttpd-1.4.41
lighttpd-1.4.40
lighttpd-1.4.39
lighttpd-1.4.38
lighttpd-1.4.37
lighttpd-1.4.36
lighttpd-1.4.36--rc1
lighttpd-1.4.35
lighttpd-1.4.34
lighttpd-1.4.33
lighttpd-1.4.32
lighttpd-1.4.31
lighttpd-1.4.30
lighttpd-1.4.29
lighttpd-1.4.24
lighttpd-1.3.11
lighttpd-1.3.12
lighttpd-1.3.13
lighttpd-1.3.14
lighttpd-1.3.15
lighttpd-1.3.16
lighttpd-1.4.1
lighttpd-1.4.10
lighttpd-1.4.11
lighttpd-1.4.12
lighttpd-1.4.13
lighttpd-1.4.14
lighttpd-1.4.15
lighttpd-1.4.16
lighttpd-1.4.17
lighttpd-1.4.18
lighttpd-1.4.19
lighttpd-1.4.2
lighttpd-1.4.20
lighttpd-1.4.21
lighttpd-1.4.22
lighttpd-1.4.23
lighttpd-1.4.25
lighttpd-1.4.26
lighttpd-1.4.27
lighttpd-1.4.28
lighttpd-1.4.3
lighttpd-1.4.4
lighttpd-1.4.5
lighttpd-1.4.6
lighttpd-1.4.7
lighttpd-1.4.8
lighttpd-1.4.9
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f472611597'
${ noResults }
Commit Graph

4055 Commits (f47261159720e90dc4444082b2a28bd1491634d4)
 

Author SHA1 Message Date
Glenn Strauss b03b86f47b [core] fix merging large headers across mult reads (fixes #3059) 
(thx mitd)

x-ref:
  "Connections stuck in Close_Wait causing 100% cpu usage"
  https://redmine.lighttpd.net/issues/3059
 2 years ago
Glenn Strauss cf3e301272 [core] tighten struct data_config and related code 
tighten struct data_config and config_cond_info
create config key at startup and reuse for debug/trace
separate routine for configparser_parse_condition()
separate routine for configparser_parse_else_condition()
 2 years ago
Glenn Strauss 0045b9aa1a [core] const data_unset *array_get_element_klen() 
return (const data_unset *) from array_get_element_klen();
use array_get_data_unset() for non-const (note: marked attribute cold)
 2 years ago
Glenn Strauss db73879bf0 [mod_ajp13] AJPv13 Tomcat connector for lighttpd 
(experimental)

AJPv13 protocol reference:
  https://tomcat.apache.org/connectors-doc/ajp/ajpv13a.html
 2 years ago
Glenn Strauss d9b956b938 [core] enable HTTP/2 by default 
HTTP/2 via TLS ALPN extension  (TLS)
HTTP/2 via Upgrade: h2c        (cleartext)
HTTP/2 via Prior Knowledge     (cleartext)

To disable HTTP/2:
  server.feature-flags += ("server.h2proto" => "disable")
To disable upgrade to HTTP/2 over cleartext HTTP:
  server.feature-flags += ("server.h2c"     => "disable")
 2 years ago
Glenn Strauss 5ccebbf04e [multiple] quiet some clang-analyzer warnings 2 years ago
Glenn Strauss 33e400b429 [multiple] avoid duplicate parsing in trigger func (#3056) 
x-ref:
  "OCSP Stapling reload seems not to work"
  https://redmine.lighttpd.net/issues/3056
 2 years ago
Glenn Strauss 81e4f4c4a7 [TLS] detect expired stapling file at startup (fixes #3056) 
also adjust time_t comparison to (pc_stapling_nextts > cur_ts + 256)
(time_t is expected to be signed integral type, but might be unsigned)

x-ref:
  "OCSP Stapling reload seems not to work"
  https://redmine.lighttpd.net/issues/3056
 2 years ago
Glenn Strauss 3a2ddc6cf8 [core] skip interest in POLLRDHUP after POLLRDHUP (#3059) 
x-ref:
  "Connections stuck in Close_Wait causing 100% cpu usage"
  https://redmine.lighttpd.net/issues/3059
 2 years ago
Glenn Strauss 471ab4dd5b [core] fix 100% CPU spin if traffic limit hit 
(thx Dirk) (reported on FreeBSD)

HTTP/1.1 requests might end up spinning if traffic limits are configured
  (connection.kbytes-per-second)
  (server.kbytes-per-second)
 2 years ago
Glenn Strauss fcbfc08352 [core] check more carefully after SSL_WANT_WRITE 
con->is_readable and con->is_writable might be set to -1 by TLS modules
which encounter SSL_WANT_READ or SSL_WANT_WRITE.  Either might occur
during read or write, and so -1 was used to flag this.

However, code which used con->is_readable and con->is_writable now needs
to check for value > 0 rather than treating value as a boolean.
 2 years ago
Glenn Strauss b757e738fd [mod_gnutls] fix alt code for coverity 2 years ago
Glenn Strauss 915b4ef3fc [multiple] fix TLS config string parsing 
flagged by coverity

(incomplete fix a few commits back)
 2 years ago
Glenn Strauss 9d8d559e1f [mod_wolfssl] fix syntax errors 2 years ago
Glenn Strauss 755f895b79 [mod_wolfssl] wipe ssl_pemfile_pkey before free() 2 years ago
Glenn Strauss a16488269d [mod_gnutls] fix ssl.ca_dn_file data access 
identified by coverity

If ssl.ca_dn_file is set, then its contents were not properly matched
against the provided client certificate
 2 years ago
Glenn Strauss d5b166c04d [multiple] fix TLS config string parsing 
flagged by coverity

final segment of colon (':') separated string was being ignored
in some TLS config strings in mod_gnutls and mod_mbedtls

workaround: add ':' at end of config string (or apply this patch)
 2 years ago
Glenn Strauss 0e2a14921e [multiple] fix coverity warnings 2 years ago
Glenn Strauss 5b0aed8c32 [mod_deflate] compat with zstd < v1.4.0 
ZSTD_compressStream2() was an "advanced API" (experimental; unstable)
in v1.3.x
 2 years ago
Glenn Strauss f8792bfb5a [mod_deflate] use zstd typedefs (minor cleanup) 2 years ago
Glenn Strauss 625d57b2d9 build] scripts/ci-build.sh remove --with-maxminddb 
remove --with-maxminddb;
  maxminddb libs not currently part of our FreeBSD build images
 2 years ago
Glenn Strauss 02c83d735c [build] scripts/ci-build.sh add --with-maxminddb 2 years ago
Glenn Strauss 62a874df32 [mod_alias] modify r->physical.path in place 
(reduce string copying)

split out func mod_alias_remap() from handler func for unit testing
 2 years ago
Glenn Strauss 43cc87dd67 [build] adjust crypto vars in src/CMakeLists.txt 2 years ago
Glenn Strauss 073f57e51a [core] avoid multiple definition of SHA512_CTX 
avoid multiple definition of SHA512_CTX when using Nettle
 2 years ago
Glenn Strauss f680e1b234 [build] adjust crypto vars in src/CMakeLists.txt 
use different vars for different crypto libs
 2 years ago
Glenn Strauss f23be1a116 [build] scripts/ci-build.sh adjustments 
remove --with-mbedtls; mbedlts not currently part of our FreeBSD bld img
 2 years ago
Glenn Strauss 2c875a649d [build] adjust mbedtls vars in src/CMakeLists.txt 2 years ago
Glenn Strauss 7ec08905b9 [build] fix typo in src/CMakeLists.txt 2 years ago
Glenn Strauss f0b74faa45 [build] scripts/ci-build.sh adjustments 
remove --with-nss; nss libs not currently part of our FreeBSD build img
remove with_zstd=yes from SCons build, due to dependency on libpthread
 2 years ago
Glenn Strauss 73cace9401 [build] scripts/ci-build.sh w/o --with-wolfssl 
WolfSSL is not generally available in *BSD due to WolfSSL limitations.
(Might be revisited with the Dec 2020 release of WolfSSL 4.6.0)
 2 years ago
Glenn Strauss 4d5405f0a1 [mod_openssl] update LIBRESSL_VERSION_NUMBER check 2 years ago
Glenn Strauss f6c79fff94 [build] scripts/ci-build.sh --with-nettle 2 years ago
Glenn Strauss fdf45433c8 [core] check ifdef WOLFSSL_SHA512 for SHA512 avail 2 years ago
Glenn Strauss 2d94d56fe5 [build] update scripts/ci-build.sh 
* remove use of deprecated or obsolete packages on Linux, *BSD builds
  --with-attr --with-fam --with-geoip
* add zstd
  --with-zstd
* add multiple TLS options to build
  --with-gnutls --with-mbedtls --with-nss --with-openssl --with-wolfssl
  (leave one TLS option (openssl) for SCons static build)
 2 years ago
Glenn Strauss db1ca2a60f [core] add decls in connections.h 2 years ago
Glenn Strauss f0074a7ded [mod_access] mark mod_access_check attribute pure 2 years ago
Glenn Strauss 947d36941d [doc] add --with-zstd to INSTALL 2 years ago
Glenn Strauss c0e73fd1d8 [mod_dirlisting] hide unused variable on MacOS 
(quiet compiler warning)
 2 years ago
Glenn Strauss 8ae6807654 [mod_deflate] use zstd streaming API 2 years ago
Glenn Strauss 9211fb3d86 [mod_deflate] support Accept-Encoding: zstd 2 years ago
Glenn Strauss ef28cce5e5 [mod_dirlisting] use fdopendir(), fstatat() 
use fdopendir(), fstatat(), if available
 2 years ago
Glenn Strauss 14f8f9b21c [mod_openssl] set Ciphersuites once API available 
set Ciphersuites once API is available (SSL_CTX_set_ciphersuites())
in LibreSSL.

x-ref:
  "Add support for TLS 1.3"
  https://github.com/libressl-portable/portable/issues/228
 2 years ago
Glenn Strauss cb24e1c70b [multiple] fix: honor CipherString for alt TLS lib 
fix typo: honor user-defined CipherString for alternative TLS libraries
(LibreSSL, BoringSSL, wolfSSL)
 2 years ago
Glenn Strauss 3adbb3e3fa [mod_openssl] update LIBRESSL_VERSION_NUMBER check 2 years ago
Glenn Strauss 0b4733f244 [doc] create-mime.conf.pl -v silent for mult vnd 
Do not issue trace if multiple */vnd.* register the same extension

(silently mark mime-type for extension as application/octet-stream)
 2 years ago
Glenn Strauss 8faa456fc8 [core] fix crash in error trace if backend is down (fixes #3052) 
(thx hamelg)

x-ref:
  "segfault with mod_scgi on backend server with unix socket domain"
  https://redmine.lighttpd.net/issues/3052
 2 years ago
Glenn Strauss be8909833b [doc] create-mime.conf.pl -v for warnings 
Do not issue warnings about duplicated entries unless called with -v

/etc/mime.types is not typically edited by the end user,
so the warning trace is noise to most end users.
 2 years ago
Glenn Strauss a89e94e0bf [autoconf] fix LT_INIT syntax 2 years ago
Glenn Strauss 35675284a2 [doc] create-mime.conf.pl improve case handling 
make create-mime.conf.pl more resilient to questionable edits
to /etc/mime.types

non-vnd.* subtype takes precedence over vnd.* subtype
  (type/subtype, e.g. text/plain)

x-ref:
  "lighttpd: does not start with media-types 1.1.0"
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979232
 2 years ago