01f9debec3
Fix handling of empty header list entries in http_request_split_value, fixing invalid read in valgrind (fixes #2413)
Stefan Bühler2012-04-19 13:02:06 +00:00
e697869e34
buffer_caseless_compare: always convert letters to lowercase to get transitive results, fixing array lookups (fixes #2405)
Stefan Bühler2012-04-08 08:02:44 +00:00
33f1ec6d28
[mod_compress] fix handling if etags are disabled but cache-dir is set - may lead to double response
Stefan Bühler2012-01-11 21:59:51 +00:00
d83b009d54
[doc] fix ssl config exaple for ssl.cipher-list
Stefan Bühler2011-12-18 12:58:08 +00:00
761bedd7fe
[libev/cgi] fix waitpid ECHILD errors in cgi with libev (fixes #2324)
Stefan Bühler2011-12-18 12:58:04 +00:00
7bdb75fb47
[ssl] fix segfault on "ssl.honor-cipher-order" option while parsing the config
Stefan Bühler2011-12-06 20:03:42 +00:00
d964e49874
[ssl] document new options in config example
Stefan Bühler2011-12-06 11:26:51 +00:00
38e3e4a65a
[ssl] fix ssl connection aborts if files are larger than the MAX_WRITE_LIMIT (256kb)
Stefan Bühler2011-12-05 17:08:17 +00:00
456d7f4790
fix compile error when ssl is not enabled
Stefan Bühler2011-11-30 20:57:54 +00:00
b748fb890d
[core] accept dots in ipv6 addresses in host header (fixes #2359)
Stefan Bühler2011-11-30 20:46:49 +00:00
0f96222e7e
[ssl] add option to honor server cipher order, true by default (fixes #2364)
Stefan Bühler2011-11-30 19:59:24 +00:00
8c482a496d
remove copy/paste remainings from previous commit
Stefan Bühler2011-11-30 19:59:20 +00:00
a94bdd07df
[ssl] count renegotiations to prevent client renegotiations
Stefan Bühler2011-11-30 18:40:08 +00:00
6c9dff7cda
[mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362)
Stefan Bühler2011-11-29 22:27:11 +00:00
f15ee9becb
Fix mod_status bug: always showed "0/0" in the "Read" column for uploads (fixes #2351)
Stefan Bühler2011-10-05 13:39:50 +00:00
3518ab60ed
Don't overwrite 401 (auth required) with 501 (unknown method) (fixes #2341)
Stefan Bühler2011-09-05 09:32:43 +00:00
e05f1b3eec
Add static-file.disable-pathinfo option to prevent handling of urls like .../secret.php/image.jpg as static file
Stefan Bühler2011-08-30 22:13:59 +00:00
cbf1baacc9
[ssl] fix build errors when Elliptic-Curve Diffie-Hellman is disabled
Stefan Bühler2011-08-22 15:32:55 +00:00
f434d514ad
Limit amount of bytes we send in one go; fixes stalling in one connection and timeouts on slow systems.
Stefan Bühler2011-08-22 15:12:28 +00:00
55e1dc1825
[ssl/build] some minor fixes; fix compile without ssl, cleanup ssl config buffers
Stefan Bühler2011-04-24 16:02:55 +00:00
328043caf3
[ssl/md5] prefix our own md5 implementation with li_ so it doesn't conflict with the openssl one (fixes #2269)
Stefan Bühler2011-04-24 16:02:52 +00:00
bf0d57d505
two additional test cases for absolute http(s) uris in the request line
Stefan Bühler2011-04-04 22:39:48 +00:00
f610f894a3
ssl: Support for Diffie-Hellman and Elliptic-Curve Diffie-Hellman key exchange (fixes #2301, #2246, #2239)
Stefan Bühler2011-03-13 18:00:09 +00:00
12f375f3b1
array.c: improve array_get_unused_element to check data type; fix mem leak if unused_element didn't find a matching entry (fixes #2145)
Stefan Bühler2010-08-05 21:08:23 +00:00
cf5fcf953d
openssl: silence annoying error messages for errno==0 (fixes #2213)
Stefan Bühler2010-08-05 20:42:18 +00:00
7b7dd1b986
autotools: don't recreate parser files with lemon after lemon rebuild
Stefan Bühler2010-08-05 19:53:52 +00:00
cece2fe3c6
mod_accesslog: Fix var declarations mixed in source (fixes #2233)
Stefan Bühler2010-07-11 17:18:54 +00:00
ac087bd9c7
- a bit more cleanup in the docs dir - move scripts and init scripts into subdirs - remove unused lighttpd.user
Marcus Rückert
2010-07-07 12:56:48 +00:00
b75fa3c990
- add new directories
Marcus Rückert
2010-07-07 12:52:30 +00:00
06721fcb35
- register makefiles in configure
Marcus Rückert
2010-07-07 12:48:07 +00:00
9b2f794c2c
- fix makefiles for the new files
Marcus Rückert
2010-07-07 12:28:35 +00:00
433c2a0c0d
- replace old default config with my config from opensuse. #2203
Marcus Rückert
2010-07-07 11:29:31 +00:00
73e0bb2715
mod_cgi: fix race condition leaving response not forwarded to client (fixes #2217)
Stefan Bühler2010-07-04 10:37:34 +00:00
165de1331b
mod_staticfile: add debug output if we ignore a file with static-file.exclude-extensions (fixes #2215)
Stefan Bühler2010-07-04 08:43:37 +00:00
c6c8ad2ac7
mod_fastcgi: Send 502 "Bad Gateway" if we couldn't open the file for X-Sendfile (fixes #2226)
Stefan Bühler2010-07-04 08:30:52 +00:00
48f1cf79b4
mod_accesslog: fix %p for ipv6 sockets (fixes #2228, thx jo.henke)
Stefan Bühler2010-07-04 08:30:48 +00:00
d58fea0c7a
Fix parsing of fastcgi.debug option on big-endian (fixes #2230)
Stefan Bühler2010-07-04 07:45:29 +00:00
a813273c2f
- Include IP addresses on error log on password failures (fixes #2191)
Elan Ruusamäe
2010-05-28 15:54:27 +00:00
5518643d39
- Print double quotes properly when dumping config file (fixes #1806)
Elan Ruusamäe
2010-05-28 15:16:39 +00:00
b3892c1410
Reset uri.authority before TLS servername handling, reset all "keep-alive" data in connection_del (fixes #2125)
Stefan Bühler2010-04-28 19:08:11 +00:00
494ce8e3b0
[mod_compress] Fix segfault when etags are disabled (fixes #2169)
Stefan Bühler2010-04-28 13:35:25 +00:00
914e499723
Fix HUP detection in close-state if event-backend doesn't support FDEVENT_HUP (like select or poll on FreeBSD)
Stefan Bühler2010-02-04 10:13:37 +00:00
f601b8028b
Append to previous buffer in con read (fixes #2147, found by liming, CVE-2010-0295)
Stefan Bühler2010-02-01 23:28:50 +00:00
Stefan Bühler
Marcus Rückert