memcpy() may be a macro and gave error for missing arguement when
CONST_STR_LEN() macro is used (which expands to two arguments)
(thx ryandesign)
x-ref:
"mod_authn_file.c:683:56: error: too few arguments provided to function-like macro invocation (memcpy)"
https://redmine.lighttpd.net/issues/2772
FreeBSD 9.3 has O_CLOEXEC, but does not have pipe2() until FreeBSD 10.
FreeBSD 10 also adds SOCK_CLOEXEC, so use that as indicator
https://wiki.freebsd.org/AtomicCloseOnExec
Note: FreeBSD 9.3 will soon reach its "extended" EOL date (31 Dec 2016),
so those using FreeBSD 9.3 should consider upgrading.
https://www.freebsd.org/security/security.html#sup
Mac OS X does not have pipe2(). User reported:
Undefined symbols for architecture x86_64:
"_pipe2", referenced from:
_mod_cgi_handle_subrequest in mod_cgi.o
x-ref:
"Undefined symbols _pipe2"
https://redmine.lighttpd.net/issues/2765
warn if mod_authn_ldap is not listed in server.modules in lighttpd.conf
but auth.backend = "ldap" is in lighttpd.conf
warn if mod_authn_mysql is not listed in server.modules in lighttpd.conf
but auth.backend = "mysql" is in lighttpd.conf
A future release of lighttpd 1.4.x will cease automatically loading
these modules. After that, lighttpd will fail to start up if
auth.backend requires one of these modules and the module is not loaded.
(The purpose of this change is to remove from the lighttpd core server
the dependencies on LDAP or MariaDB libraries.)
The error for reference:
/usr/lib/libc.a(arc4random.o): In function `arc4random':
/usr/src/lib/libc/gen/arc4random.c:(.text+0x410): multiple definition of `arc4random'
/usr/local/lib/libcrypto.a(arc4random.o):(.text+0x0): first defined here
/usr/lib/libc.a(arc4random.o): In function `arc4random_buf':
/usr/src/lib/libc/gen/arc4random.c:(.text+0x580): multiple definition of `arc4random_buf'
/usr/local/lib/libcrypto.a(arc4random.o):(.text+0x80): first defined here
- "autoreconf --force --install" should be enough to get autobuild
running, manual cp / running ./autogen.sh should not be required
- reorganize files laters, e.g. scripts/{cmake,m4}
- include ax_prog_cc_for_build.m4 manually in configure.ac as it is not
automatically loaded if it is not in m4/
the cross-compile build rule does not seem to like $^ for lemon,
so specify lemon.c explicitly in the build command
(thx stbuehler for suggested workaround)
Fix mod_scgi prefix matching: match the prefix always against url,
not the absolute filepath (regardless of check-local)
(apply fix similar to commit:fe8b7e57 applied to mod_fastcgi in 2008)
server.event-handler = "libev" would leak fds after the change made
in commit:40f16d5 since fdevent_libev.c:fdevent_libev_poll() always
returned 0 ready events after handling the event callbacks itself.
Therefore, fdevent_libev.c:fdevent_libev_poll() must also call
fdevent_sched_run() to handled fds scheduled to be closed.
This bug was introduced in 1.4.42.
(thx mittwinter for troubleshooting and identifying problem)
Note: server.event-handler = "libev" is no longer recommended.
lighttpd provides event handlers optimized for modern systems for most
platforms, and the limited way that lighttpd uses libev does not provide
any advantages over the OS-specific optimized event handlers.
x-ref:
"fd leak with libev in 1.4.42"
https://redmine.lighttpd.net/issues/2761
network_open_file_chunk() temp file optimization:
skip file size checks if file is temp file created by lighttpd
If not temp file, always fstat() for file size check instead of
using potentially out-of-date info from stat_cache
x-ref:
https://redmine.lighttpd.net/boards/3/topics/6884
warn if mod_authn_ldap is not listed in server.modules in lighttpd.conf
but auth.backend = "ldap" is in lighttpd.conf
warn if mod_authn_mysql is not listed in server.modules in lighttpd.conf
but auth.backend = "mysql" is in lighttpd.conf
A future release of lighttpd 1.4.x will cease automatically loading
these modules. After that, lighttpd will fail to start up if
auth.backend requires one of these modules and the module is not loaded.
(The purpose of this change is to remove from the lighttpd core server
the dependencies on LDAP or MariaDB libraries.)
dir-listing.show-header = "HEADER.txt"
dir-listing.show-readme = "README.txt"
now take a filename to display, in addition to "enable" or "disable".
The filename to display can not literally be "enable" or "disable",
since those retain current behavior of displaying "HEADER.txt" or
"README.txt", or disabling inclusion of a file for that directive.
"%%" "%_" "%x" "%{x.y}" where x and y are *single digit* 0 - 9
and y is the 1-indexed position of a single char to add, similar to
http://httpd.apache.org/docs/2.4/mod/mod_vhost_alias.html
(but not supporting the entire Apache mod_vhost_alias syntax)
The lighttpd syntax for adding a single char at a give position requires
that the "%{x.y}" syntax, including the curly braces, which is different
from the Apache mod_vhost_alias syntax.
x-ref:
"Partial matching in mod_evhost patterns"
https://redmine.lighttpd.net/issues/1194
new directive expire.mimetypes for list of mimetypes and expirations
mod_expire is now processed at the start of the response, and so now
may be applied to all responses, including dynamic responses.
mod_expire now applies only to GET and HEAD requests where the response
status is 200 OK or 206 Partial Content, and for which no other modules
or backend has already added a Cache-Control response header.
expire.url takes precedence over expire.mimetypes
x-ref:
"Add expire by Mimetype"
https://redmine.lighttpd.net/issues/423
[mod_deflate] skip deflate if 1 min loadavg too high
deflate.max-loadavg = "3.50" # express value as string of float num
[mod_compress] skip compression if 1 min loadavg too high
compress.max-loadavg = "3.50" # express value as string of float num
Feature available on BSD-like systems which have getloadavg() in libc
Note: load average calculations are different on different operating
systems and different types of system loads, so there is no value that
can be recommended for one-size-fits-all.
x-ref:
"Enable mod_compress to abandon compression when load average is too high"
https://redmine.lighttpd.net/issues/1505
mod_deflate and mod_compress now provide data for mod_accesslog
"%{ratio}n%%" log format to log compression ratio
Implementation detail: compression ratio is stored in con->environment
since lighttpd does not currently have concept of module notes, which is
from where %{VARNAME}n originates. In the future, this might change in
lighttpd, so be sure to use %{ratio}n%% and not %{...}e for this info.
x-ref:
"accesslog support "%n" (compress ratio)"
https://redmine.lighttpd.net/issues/2133
Aside: must have cmake enable building openssl for tests to pass
due to tests/lighttpd.conf including config options requiring openssl
algorithms in mod_secdownload.c:
(secdownload.algorithm = "hmac-sha1")
(secdownload.algorithm = "hmac-sha256")
$ cmake -L .
$ cmake -DWITH_OPENSSL:BOOL=ON .
$ make -j 4 -k
$ make test
x-ref:
https://blog.lighttpd.net/articles/2006/12/25/1-5-0-goes-cmake/
move http_cgi_ssl_env() from response.c to http-header-glue.c
for symbol visibility on Mac OS X.
x-ref:
"Undefined symbols: _http_cgi_ssl_env"
https://redmine.lighttpd.net/issues/2757
mod_deflate performs prefix match of deflate.mimetypes against the
response Content-Type. Therefore "text/" will make all text/*
mimetypes. This commit permits admin to specify "text/*" in
deflate.mimetypes = ("text/*")
and mod_deflate will treat it as "text/". This is done only when the
'*' is the last char in the mimetype.
remove mod_authn_gssapi explicit dependency on -lresolv
This fixes build on FreeBSD when ./configure --with-krb5
(On systems that need libresolv, libkrb5 depends on libresolv)
Also remove obsolete hstrerror() references from build
Andreas Oberritter