This website requires JavaScript.
1371c87c34
fix out-of-filedescriptors when uploading "large" files (fixes #2660 , thx rmilecki)
Stefan Bühler
2015-08-13 18:44:27 +00:00
47cddfd4f3
[mod_dirlisting] fix dir-listing.set-footer not showing
Stefan Bühler
2015-08-09 13:03:52 +00:00
a80f75e004
[mod_proxy] remove debug log line from error log (fixes #2659 )
Stefan Bühler
2015-08-03 19:43:06 +00:00
752e501231
- next is 1.4.37
Stefan Bühler
2015-07-26 13:02:44 +00:00
66d4e93b59
[dist] add dist-xz, remove dist-bzip2, allow ~rc appendix in packdist.sh
Stefan Bühler
2015-07-19 11:20:16 +00:00
def17b2925
[configfile] fix reading uninitialized variable (found by Willian B.)
Stefan Bühler
2015-07-19 10:03:12 +00:00
4a87f75fcf
[mod_proxy] add unix domain socket support (fixes #2653 )
2015-07-11 11:20:18 +00:00
8db141a1b3
mime.conf: add some new mime types, remove .dat, .sha1, .md5, update .vcf
Stefan Bühler
2015-07-07 17:12:48 +00:00
cfaa78ebc5
check fcgi_env_add return value (found by coverity)
Stefan Bühler
2015-07-05 22:00:20 +00:00
2bd89370fc
fix segfault when temp file for upload couldn't be created (found by coverity)
Stefan Bühler
2015-07-05 22:00:17 +00:00
c5737093db
[mod_magnet] fix segfault when accessing not existing lighty.req_env[] entry (found by coverity)
Stefan Bühler
2015-07-05 22:00:14 +00:00
2edec63597
#ifdef all parts belonging to the connection-state debugging
Stefan Bühler
2015-07-05 22:00:11 +00:00
c31bf21f97
fix memory leak in mod_status when no counters are set (found by coverity)
Stefan Bühler
2015-07-05 21:34:07 +00:00
cfc88cf8f2
check pointer before usage in new etag compare
Stefan Bühler
2015-07-05 20:19:17 +00:00
9f05b61ab4
parse If-None-Match for ETag validation (fixes #2578 )
Stefan Bühler
2015-07-05 16:59:01 +00:00
71b5c53a0a
show extforward re-run warning only with debug.log-request-handling (fixes #2561 )
Stefan Bühler
2015-07-05 16:48:27 +00:00
572681c9f1
fix hex escape in accesslog (fixes #2559 )
Stefan Bühler
2015-07-05 16:01:16 +00:00
780e8e6ef4
minor spelling fixes
Stefan Bühler
2015-06-21 12:47:16 +00:00
e6925949ab
add some until now missing files to dist tarball
Stefan Bühler
2015-06-21 12:47:14 +00:00
427120b41a
escape all strings for logging (fixes #2646 log file injection, reported by Jaanus Kääp)
Stefan Bühler
2015-05-28 15:47:14 +00:00
33cebeb0f7
fix segfaults in many plugins if they failed configuration
Stefan Bühler
2015-05-14 09:38:33 +00:00
df87b3ef98
fix error message for T_CONFIG_ARRAY config values if an entry value is not a string
Stefan Bühler
2015-05-14 09:38:30 +00:00
c92496720d
[mod_auth] use crypt_r instead of crypt if available
Stefan Bühler
2015-02-12 06:39:39 +00:00
673923daf8
[tests] fix undefined index warning in sendfile.php
Stefan Bühler
2015-02-08 19:10:58 +00:00
deceae78c9
[crc32] fix method signature (const pointer)
Stefan Bühler
2015-02-08 19:10:56 +00:00
68add2602b
remove unused stuff from server.h
Stefan Bühler
2015-02-08 19:10:53 +00:00
bfce99aacc
[bitset] unused -> remove
Stefan Bühler
2015-02-08 19:10:51 +00:00
66ad587f2f
[buffer] constify some parameters
Stefan Bühler
2015-02-08 19:10:49 +00:00
91a9a6b391
rename buffer_append_long_hex to buffer_append_uint_hex
Stefan Bühler
2015-02-08 19:10:46 +00:00
ad3e93ea96
Use buffer API to read and modify "used" member
Stefan Bühler
2015-02-08 19:10:44 +00:00
adfa06de99
[tests] improve valgrind and strace TRACEME, disable condition logging in normal configs
Stefan Bühler
2015-02-08 19:10:41 +00:00
4365bdbebe
Remove buffer_prepare_copy() and buffer_prepare_append()
Stefan Bühler
2015-02-08 19:10:39 +00:00
1be163b44a
Remove chunkqueue_get_{append,prepend}* API
Stefan Bühler
2015-02-08 19:10:36 +00:00
6afad87d2e
fix buffer, chunk and http_chunk API
Stefan Bühler
2015-02-08 12:37:10 +00:00
3521be8b85
print backtrace in assert logging with libunwind
Stefan Bühler
2015-02-07 13:32:56 +00:00
d00e1e79b9
[connections] fix bug in connection state handling
Stefan Bühler
2015-02-07 13:32:54 +00:00
b0a632f253
[network] fix compile break in calculation of sockaddr_un size if SUN_LEN is not defined (fixes #2609 )
Stefan Bühler
2015-02-07 11:33:30 +00:00
76870cfef1
add NEWS entry for previous commit
Stefan Bühler
2015-02-07 11:33:28 +00:00
e1aab1c420
Fixed typo found by openSUSE user (boo# 907709)
2015-02-05 15:29:01 +00:00
084df7e99a
[ssl] disable SSL3.0 by default
Stefan Bühler
2014-10-16 17:52:14 +00:00
4a6838103d
[mod_dirlisting,mod_redirect,mod_rewrite] abort config parsing if pcre-compile fails or isn't available
Stefan Bühler
2014-10-16 17:52:12 +00:00
c4f214584a
[build] use fortify flags with "extra-warnings"
Stefan Bühler
2014-10-16 17:52:10 +00:00
4d55d4ada3
add support for (Free)BSD extended attributes
2014-05-22 08:30:13 +00:00
059a5a67dd
fix typo in NEWS entry for #2579
Stefan Bühler
2014-05-13 13:04:35 +00:00
3b23130ea2
add more mime types and a script to generate mime.conf (fxies #2579 )
Stefan Bühler
2014-05-13 10:34:46 +00:00
f8f3351506
fix bad shift in conditional netmask ".../0" handling
Stefan Bühler
2014-04-14 16:12:11 +00:00
3605a3bec3
use keep-alive timeout while waiting for HTTP headers; use always the read timeout while waiting for the HTTP body
Stefan Bühler
2014-04-02 10:04:11 +00:00
e1b1c52028
- next is 1.4.36
Stefan Bühler
2014-04-02 10:04:09 +00:00
d1a2356916
fix SQL injection / host name validation (thx Jann Horn)
Stefan Bühler
2014-03-12 12:03:55 +00:00
efc41b2bb1
check length of unix domain socket filenames
Stefan Bühler
2014-02-16 13:08:43 +00:00
7bd0f54ab2
add some asserts to help static analyzers
Stefan Bühler
2014-02-16 13:08:41 +00:00
326f2fb8a4
[mod_accesslog] don't close fd -1
Stefan Bühler
2014-02-16 13:08:38 +00:00
8e31e18b8e
[mod_webdav] fix logic error in handling file creation error
Stefan Bühler
2014-02-16 13:08:36 +00:00
57c661c191
fix unchecked return values from stream_open/stat_cache_get_entry
Stefan Bühler
2014-02-16 13:08:34 +00:00
b106513e58
[network] check return value of lseek()
Stefan Bühler
2014-02-16 13:08:32 +00:00
9f2be4882d
force assertion: setting FD_CLOEXEC must work (if available)
Stefan Bühler
2014-02-16 13:08:29 +00:00
ef0b353fee
[mod_cml_lua] fix null pointer dereference
Stefan Bühler
2014-02-16 13:08:27 +00:00
954184e949
[mod_scgi] use goto error for all error cases in mod_scgi_set_defaults
Stefan Bühler
2014-02-16 13:08:24 +00:00
8f0e19738f
fix r2943 (added invalid read after free)
Stefan Bühler
2014-02-16 13:08:22 +00:00
07dd0bd0a5
add force_assert() to enforce assertions as simple assert()s are disabled by -DNDEBUG (fixes #2546 )
Stefan Bühler
2014-02-16 13:08:20 +00:00
fba7dd6f43
fix resource leaks in error cases on config parsing and other initializations
Stefan Bühler
2014-02-14 21:06:19 +00:00
bf10267807
[buffer] fix length check in buffer_is_equal_right_len
Stefan Bühler
2014-02-14 21:06:16 +00:00
bcd35cc264
remove logical dead code
Stefan Bühler
2014-02-14 21:06:14 +00:00
29a1070299
add comments for switch fall throughs
Stefan Bühler
2014-02-14 21:06:12 +00:00
b239e7734a
[mod_magnet] fix memory leak
Stefan Bühler
2014-02-14 21:06:10 +00:00
b461e031f5
[mod_fastcgi,mod_scgi] fix resource leaks on spawning backends
Stefan Bühler
2014-02-14 21:06:07 +00:00
d59c910d6a
[mod_dirlisting] fix memory leak if pcre fails
Stefan Bühler
2014-02-14 21:06:05 +00:00
0aaf939e5e
[mod_rrdtool] fix invalid read (string not null terminated)
Stefan Bühler
2014-02-14 21:06:03 +00:00
fc3a060a04
[mod_fastcgi] fix use after free (only triggered if fastcgi debug is active)
Stefan Bühler
2014-02-14 21:06:00 +00:00
b8a1835093
NEWS entry for previous commit
Stefan Bühler
2014-02-14 21:05:58 +00:00
a7396296da
[network/ssl] fix build error if TLSEXT is disabled
Stefan Bühler
2014-01-20 21:31:26 +00:00
9061670c28
[dist]: fix typo in link title generated by packdist.sh
Stefan Bühler
2014-01-20 14:20:09 +00:00
0d855be97e
- next is 1.4.35
Stefan Bühler
2014-01-20 14:20:06 +00:00
3ca6adc233
[docs] add !kPSK to the cipher string recommendation as the comments before already mention
Stefan Bühler
2014-01-20 12:07:36 +00:00
d7c90814c3
[tests] add cleanup.sh to cmake test runs, reset SLOWREQUEST in request.t
Stefan Bühler
2014-01-10 12:05:12 +00:00
524e0a30a0
add two asserts to help parfait (#2530 )
Stefan Bühler
2014-01-10 12:05:09 +00:00
24994e113a
[mod_webdav] fix fd leak found with parfait (fixes #2530 , thx kukackajiri)
Stefan Bühler
2014-01-10 12:05:06 +00:00
657566828e
[mod_mysql_vhost] fix memory leak on config init (#2530 )
Stefan Bühler
2014-01-10 12:05:04 +00:00
e346794d59
[auto* build] remove -no-undefined from linker flags, as we actually link modules with undefined symbols (fixes #2533 )
Stefan Bühler
2014-01-10 12:05:02 +00:00
f0e5c1415d
[core] decode URL before rewrite, enabling it to work in $HTTP["url"] conditionals (fixes #2526 )
Stefan Bühler
2014-01-10 12:04:59 +00:00
17762fad01
maintain physical.basedir (the "acting" doc-root as prefix of physical.path) in more places
Stefan Bühler
2014-01-10 12:04:57 +00:00
c8fbc16985
[ssl] fix regression from CVE-2013-4508 (client-cert sessions were broken)
Stefan Bühler
2013-11-13 17:18:39 +00:00
18869bcfed
[mod_ssi] fix "ssi_val_init" prototype
Stefan Bühler
2013-11-13 17:18:35 +00:00
99cddff73a
[core] check success of setuid,setgid,setgroups (CVE-2013-4559)
Stefan Bühler
2013-11-13 11:43:33 +00:00
d8b363c1d1
[stat-cache] fix FAM cleanup/fdevent handling
Stefan Bühler
2013-11-13 11:43:31 +00:00
ae1335503a
[stat-cache] FAM: fix use after free (CVE-2013-4560)
Stefan Bühler
2013-11-13 11:43:28 +00:00
6f208cfde1
fix/silence bugs reported by ccc-analyzer (clang)
Stefan Bühler
2013-11-13 11:43:26 +00:00
6b7240f2d8
NEWS entry for previous commit
Stefan Bühler
2013-11-13 11:43:23 +00:00
cdcd49b547
[doc] update ssl.cipher-list recommendation
Stefan Bühler
2013-11-10 16:44:34 +00:00
ff86b5cc67
[autobuild] create m4/ before calling autoreconf
Stefan Bühler
2013-11-10 13:59:43 +00:00
4938c94ada
fix typo (fixes #2519 )
Stefan Bühler
2013-11-10 13:49:47 +00:00
1985df2a48
add "packdist.sh" script to build (pre-) releases
Stefan Bühler
2013-11-10 13:41:12 +00:00
cb02c73860
[autobuild] use autoreconf instead of calling tools manually; add generated files to .gitignore
Stefan Bühler
2013-11-10 13:41:09 +00:00
1af871fcef
[ssl] fix SNI handling; only use key+cert+verify-client from SNI specific config (fixes #2525 , CVE-2013-4508)
Stefan Bühler
2013-11-05 15:29:07 +00:00
3ce548c8d0
remove unused members from struct server_socket
Stefan Bühler
2013-11-05 15:29:04 +00:00
268c054c40
[mod_extforward] fix compilation without IPv6, (not) using undefined var (fixes #2515 , thx mm)
Stefan Bühler
2013-10-13 11:34:55 +00:00
9b0d54d7cc
[mod_auth] explicitly link ssl for SHA1 (fixes #2517 )
Stefan Bühler
2013-10-13 11:16:55 +00:00
32199a7bdf
- next is 1.4.34
Stefan Bühler
2013-09-27 20:22:12 +00:00
a4640b457e
[tests] use list for perl exec to skip the sh wrapper
Stefan Bühler
2013-09-06 16:44:41 +00:00
3863053b99
[mod_scgi] fix log typos
Stefan Bühler
2013-09-06 16:44:39 +00:00
Stefan Bühler
Pascal Bach