This website requires JavaScript.
f4cb07f723
[mod_webdav] readdir POSIX compat (fixes #1826 )
Glenn Strauss
2016-04-13 00:23:31 -04:00
e5e5548b88
[mod_extforward] reset cond_cache for scheme (fixes #1499 )
Glenn Strauss
2016-04-13 00:17:46 -04:00
659ce5e78e
[mod_magnet] rename var for clarity (fixes #1483 )
Glenn Strauss
2016-04-13 00:07:26 -04:00
4b412797b8
[mod_auth] send charset="UTF-8" in WWW-Authenticate (fixes #1468 )
Glenn Strauss
2016-04-12 23:56:55 -04:00
f1681ca29b
[mod_cgi] always set QUERY_STRING (fixes #1339 )
Glenn Strauss
2016-04-12 23:48:14 -04:00
97556d992b
[mod_fastcgi,mod_scgi] check for spawning on same unix socket (fixes #319 )
Glenn Strauss
2016-03-31 21:59:32 -04:00
de08a135ea
[core] clean up srv before exiting for lighttpd -[vVh]
Glenn Strauss
2016-04-01 17:38:32 +00:00
36ab0587c0
[stream] fstat() after open() to obtain file size
Glenn Strauss
2016-04-01 17:38:29 +00:00
47f3dbebe4
use li_[iu]tostrn() instead of li_[iu]tostr()
Glenn Strauss
2016-04-01 17:38:26 +00:00
e5006d88eb
pass buf size to li_tohex()
Glenn Strauss
2016-04-01 16:54:46 +00:00
dac02e257c
[mod_status] use snprintf() instead of sprintf()
Glenn Strauss
2016-04-01 16:54:43 +00:00
ab829cee5e
[mod_webdav] allow Depth: Infinity lock on file (fixes #2296 )
Glenn Strauss
2016-04-01 16:26:25 +00:00
dd33a350bb
[configparser] fix small leak on config failure
Stefan Bühler
2016-03-26 13:57:03 +00:00
d17d48e01e
[stat] mimetype.xattr-name global config option (fixes #2631 )
Glenn Strauss
2016-03-26 13:49:43 +00:00
292309f88b
[core] lighttpd -tt performs preflight startup checks (fixes #411 )
Glenn Strauss
2016-03-26 13:39:54 +00:00
9ae7813685
[core] fixed the loading for default modules if they are specified explicitly
Jan Kneschke
2016-03-26 13:07:48 +00:00
06d3c75440
[core] respond 411 Length Required if request has Transfer-Encoding: chunked (fixes #631 )
Glenn Strauss
2016-03-26 12:58:33 +00:00
f11089ed2b
[core] wait for grandchild to be ready when daemonizing (fixes #2712 , thx pasdVn)
Glenn Strauss
2016-03-26 12:52:23 +00:00
0aa2ea74e3
[mod_proxy] accept LF delimited headers, not just CRLF (fixes #2594 )
Glenn Strauss
2016-03-26 11:32:13 +00:00
b4a4afdaf7
[config] warn if server.upload-dirs has non-existent dirs (fixes #2508 )
Glenn Strauss
2016-03-26 11:24:15 +00:00
a579e7ffc0
[mod_ssi] Add SSI vars SCRIPT_{URI,URL} and REQUEST_SCHEME (fixes #2721 )
2016-03-26 11:14:21 +00:00
cc81f1f9dc
add NEWS entry for previous commit
Stefan Bühler
2016-03-26 11:14:19 +00:00
f5453290b7
validate return values from strtol, strtoul (fixes #2564 )
Glenn Strauss
2016-03-26 10:58:49 +00:00
733ce38203
[http_auth/mod_fastcgi] check get_http_*_name() for NULL return (#2583 )
Glenn Strauss
2016-03-26 10:44:47 +00:00
0a61fdecac
[buffer] refactor buffer_path_simplify (fixes #2560 )
Stefan Bühler
2016-03-25 16:58:16 +00:00
82bee8d5c3
[base64] fix another crash due to broken force_assert conditions
Stefan Bühler
2016-03-25 16:58:14 +00:00
92c3da847b
[unittests] add test_buffer and test_base64 unit tests
Stefan Bühler
2016-03-25 16:58:12 +00:00
7b983ae054
[base64] fix crash due to broken force_assert
2016-03-23 20:25:29 +00:00
5c68caa6d7
[core] replace array weakref with vector
Stefan Bühler
2016-03-19 15:27:38 +00:00
8455734f4a
[core] add generic vector implementation
Stefan Bühler
2016-03-19 15:27:36 +00:00
15ac5b6986
[autobuild] include first.h in make dist
Stefan Bühler
2016-03-19 15:19:01 +00:00
8abd06a7ff
consistent inclusion of config.h at top of files (fixes #2073 )
Glenn Strauss
2016-03-19 15:14:35 +00:00
c92b1762ba
[core] truncate pidfile on exit (fixes #2695 )
2016-03-19 15:01:23 +00:00
6f89a8bbef
[core] fix request_start in keep-alive requests to mark time when received first byte (fixes #2412 )
Stefan Bühler
2016-03-19 15:01:21 +00:00
cfd13c7938
[autobuild] use AC_CANONICAL_HOST instead of AC_CANONICAL_TARGET (fixes #1866 )
Stefan Bühler
2016-03-19 14:46:21 +00:00
06005655e6
[core] log remote address on request timeouts (fixes #652 )
Stefan Bühler
2016-03-19 14:46:18 +00:00
d8f4d20d9a
restart (some) syscalls after SIGCHLD interrupted them; should fix LDAP problems (fixes #2464 )
Stefan Bühler
2016-03-19 14:31:53 +00:00
00063098c1
[ssl] support disabling ssl.verifyclient.activate in SNI callback (fixes #2531 )
Stefan Bühler
2016-03-19 13:27:13 +00:00
82ee3fb2f8
[mod_magnet] define lua_pushglobaltable (for lua5.1) and use it (fixes #2719 )
Stefan Bühler
2016-03-19 13:16:31 +00:00
70036ff572
[core] accept $SERVER["socket"] without port, use server.port as fallback (fixes #2204 )
Stefan Bühler
2016-03-19 13:06:56 +00:00
d85bdab43f
[core] more careful parse of $SERVER["socket"] config str (prepare #2204 )
Glenn Strauss
2016-03-19 13:06:54 +00:00
43da581893
[core] configparser: error on duplicate keys in array merge (fixes #2685 )
Glenn Strauss
2016-03-15 18:56:05 +00:00
68e4a416cc
[core] provide array_extract_element and use it
Stefan Bühler
2016-03-15 18:56:02 +00:00
e7a39cde36
[core] fix memory leak in configparser_merge_data
Stefan Bühler
2016-03-15 18:41:59 +00:00
224bf545c1
[core] refactor array search; raise array size limit to SSIZE_MAX
Stefan Bühler
2016-03-15 18:41:57 +00:00
be121a638b
[core] rename variable in array.c
Stefan Bühler
2016-03-15 18:41:54 +00:00
8d8ae9cbc8
[core] improve array API to prevent theoretical memory leaks
Stefan Bühler
2016-03-15 18:26:57 +00:00
c5a42e932f
[mod_fastcgi,mod_scgi] fix leaking file-descriptor when backend spawning failed (reported by Fortify Open Review Project)
Stefan Bühler
2016-03-14 18:07:01 +00:00
2a8f73e7d4
[mod_secdownload] fix buffer overflow in secdl_verify_mac (reported by Fortify Open Review Project)
Stefan Bühler
2016-03-13 14:53:20 +00:00
a6477d8481
[mod_rewrite] fix return type of process_rewrite_rules
Stefan Bühler
2016-03-13 14:53:18 +00:00
f3606dc539
[mod_dirlisting] dir-listing.hide-dotfiles = "enabled" by default (fixes #1081 )
Stefan Bühler
2016-03-04 19:46:29 +00:00
f56fe331e5
[mod_proxy] use case-insensitive comparision to filter headers, send Connection: Close to backend (fixes #421 )
Stefan Bühler
2016-03-04 19:23:16 +00:00
dde7bea99a
[mod_cgi] kill CGI if fail to write request body
Glenn Strauss
2016-03-04 18:54:30 +00:00
f2cbd0a3aa
[mod_cgi] simplify mod_cgi_handle_subrequest()
Glenn Strauss
2016-03-04 18:54:28 +00:00
e5e66f791f
[mod_cgi] consolidate CGI cleanup code
Glenn Strauss
2016-03-04 18:54:26 +00:00
94647804cf
[mod_cgi] send 500 if CGI ends and there is no response (fixes #2542 )
Glenn Strauss
2016-03-04 18:54:24 +00:00
c80ae9b212
[mod_fastcgi] 404 for X-Sendfile file not found (fixes #2474 )
Glenn Strauss
2016-03-04 15:37:17 +00:00
02594f107a
[plugins] don't include dlfcn.h if not needed (fixes #2548 )
Stefan Bühler
2016-02-28 12:12:05 +00:00
75e4859a1b
[mod_compress] case-insensitive content-codings (fixes #2645 )
Glenn Strauss
2016-02-28 11:59:09 +00:00
6c3c360129
[config] extend duplicate-array-key error (fixes #2704 )
Stefan Bühler
2016-02-23 17:05:10 +00:00
2abdf0143b
[buffer] use explicit integer promotion to make the code more readable
Stefan Bühler
2016-02-23 16:28:48 +00:00
c033a1966e
[core] improve conditional enabling (thx Gwenlliana, #2598 )
Stefan Bühler
2016-02-21 18:32:17 +00:00
ad65603ec0
[core] fix conditional cache handling
Stefan Bühler
2016-02-21 18:32:14 +00:00
1c01a42aa3
[core] never evaluate else branches until the previous branches are aready (fixes #2598 )
Glenn Strauss
2016-02-21 17:56:24 +00:00
431559e5df
[configparser] don't continue after parse error (fixes #2717 )
Stefan Bühler
2016-02-19 15:49:06 +00:00
f23a24a263
[mod_cgi] issue trace and exit if execve() fails (closes #2302 )
Glenn Strauss
2016-02-14 11:11:15 +00:00
36a266ec29
fix links to online docs in template config files
2016-02-14 10:56:25 +00:00
665cc39b95
[mod_cgi] edge case chdir "/" when docroot "/" (fixes #2460 )
Glenn Strauss
2016-02-14 10:54:26 +00:00
5cc061bfab
[core] do not send SIGHUP to process group unless server.max-workers is used (fixes #2711 )
Glenn Strauss
2016-02-14 10:44:30 +00:00
3fd80ff8ec
[mod_cgi] use MAP_PRIVATE to mmap temporary file instead of MAP_SHARED (fixes #2715 )
Glenn Strauss
2016-02-10 19:33:57 +00:00
1a71c13869
[autobuild] fix lua configure error handling
Stefan Bühler
2016-01-30 15:01:19 +00:00
107f40545c
cleanup dead keyvalue code
Stefan Bühler
2016-01-30 13:59:10 +00:00
566cf8decb
add force_assert for more allocation results
Stefan Bühler
2016-01-30 13:59:07 +00:00
f3b577ddee
use libmemcached instead of deprecated libmemcache
Stefan Bühler
2016-01-03 14:48:11 +00:00
c354229f42
add handling for lua 5.2 and 5.3 (fixes #2674 )
Stefan Bühler
2016-01-03 14:48:09 +00:00
d8e028e069
[mod_ssi] enhance support for ssi vars
2016-01-03 14:48:07 +00:00
3dd2f66d13
- next is 1.4.40
Stefan Bühler
2016-01-03 14:48:04 +00:00
c27e27a51b
[scons] fix fullstatic build
Stefan Bühler
2015-12-19 08:28:42 +00:00
6ef3b709db
[chunk] fix use after free / double free (fixes #2700 )
Stefan Bühler
2015-12-19 08:28:39 +00:00
737d4f0f20
[core] fix memset_s call (fixes #2698 )
Stefan Bühler
2015-12-18 21:56:59 +00:00
53c4ab8438
- next ist 1.4.39
Stefan Bühler
2015-12-05 14:18:38 +00:00
b37dd77491
[core] show correct crypt support result (fixes #2690 )
2015-12-04 20:53:51 +00:00
159ca0c15d
[network] add darwin-sendfile backend (fixes #2687 )
2015-12-04 20:48:21 +00:00
b0ecb4d44b
[mod_fastcgi/mod_scgi] zero sockaddr structs before use (fixes #2691 )
2015-12-04 20:22:42 +00:00
ab05eb7cec
[tests] do not half-close socket before having received the response (fixes #2688 )
Stefan Bühler
2015-12-04 20:22:38 +00:00
1566748b1a
[tests] test apr-md5 in mod-auth.t
Stefan Bühler
2015-12-04 20:11:35 +00:00
2bcb73cdb8
mod-auth.t: no crypt md5 for darwin
2015-12-04 20:11:33 +00:00
b9c14b24dd
[autobuild] fix missing header in tar ball
Stefan Bühler
2015-11-22 22:37:19 +00:00
bfaa48260a
[mod_secdownload] add required algorithm option; old behaviour available as "md5", new options "hmac-sha1" and "hmac-sha256"
Stefan Bühler
2015-11-22 22:22:22 +00:00
b0a4421272
[core] refactor base64 functions into separate file
Stefan Bühler
2015-11-22 22:22:20 +00:00
85d8a17575
[core] encode path with ENCODING_REL_URI in redirect to directory (fixes #2661 , thx gstrauss)
Stefan Bühler
2015-11-07 15:00:18 +00:00
3943de280e
[core] add '~' to safe characters in ENCODING_REL_URI/ENCODING_REL_URI_PART encoding
Stefan Bühler
2015-11-07 15:00:15 +00:00
a069548370
[core] revert increase of temp file size back to 1MB, provide a configure option "server.upload-temp-file-size" instead (fixes #2680 )
Stefan Bühler
2015-11-07 12:51:14 +00:00
c512345fa2
[config] check config option scope; warn if server option is given in conditional
Stefan Bühler
2015-11-07 12:51:11 +00:00
39add4476f
[mod_secdownload] use a hopefully constant time comparison to check hash (fixes #2679 )
Stefan Bühler
2015-10-27 20:50:53 +00:00
5c5f67a5c7
add force_assert for many allocations and function results
2015-10-16 19:44:06 +00:00
f19128086c
[core] don't buffer request bodies smaller than 64k on disk
Stefan Bühler
2015-10-13 19:46:04 +00:00
d7be04beb5
[mod_auth] implement and use safe_memclear, using memset_s or explicit_bzero if available
2015-09-26 10:11:24 +00:00
37bdb250a4
[core] check configparserAlloc() result with force_assert
2015-09-26 10:11:22 +00:00
a93be99441
[core] fix search for header end if split across chunks (fixes #2670 )
Stefan Bühler
2015-09-24 06:03:40 +00:00
Glenn Strauss
Stefan Bühler
Jan Kneschke
fbrosson