1616 Commits (54d7b4677482942b0084bbb8c9bd91faf0798e97)

Author SHA1 Message Date
Stefan Bühler 54d7b46774 [lua] protect setup and action metatable
Change-Id: I3cba403ad9bdfc3025cdb801d194b12e420ee0c0
2 years ago
Stefan Bühler 3bf903c398 [lua] provide and use li_lua_new_protected_metatable to prevent tampering with metatables
Change-Id: Ifda5a1465c8fc291f0f09490a9f6e2c3f6b27504
2 years ago
Stefan Bühler 53337c81d4 [lua] prevent tampering with global "lighty" table
Change-Id: If92ea8d7b58868904ab6d1ffaa27534cb09b7d29
2 years ago
Stefan Bühler 5977493f47 [lua] one li_lua_init_*_mt function per "file", add a few missing ones
Change-Id: I95661db55debe76c0aca99b2920ce202af7d9967
2 years ago
Stefan Bühler 7aec09dd27 [lua] split all metatable init/create code into separate functions
- lua_push_*_metatable and init_*_mt (init only used by push)

Change-Id: I42a3d58b884205f30e4ee9a99c693ce65e9dbf66
2 years ago
Stefan Bühler 4a4fd8fd11 [core] include and use hedley (v15) header
hedley is a single header to handle compiler-specific features:

Prefer headly macros over glib for now.

Change-Id: I3c67ebee0d43e27fde6402d47788e1045144e864
2 years ago
Stefan Bühler b41e02860c [mod_proxy] fall back to waiting for connection close if no message length indicator is found in HTTP/1.1 response
It seems this is actually allowed by the RFCs; although it is intended
as HTTP/1.0 backward compatibility, and HTTP/1.1 servers (backends)
really should do better.

Change-Id: I93265bfe7fae57beb10d70d3a4596c5cae7b51bd
2 years ago
Stefan Bühler b033a4fcb4 [test] enable TestRedirectDirWithQueryAndSpecialChars
Change-Id: Ic649c1e4ea158853c362836f31f6ec7e250413cd
2 years ago
Stefan Bühler 140a3c9018 fix refcount issue: don't drop rc in li_iostream_reset
... so li_stream_simple_socket_close doesn't need to acquire (when the rc might already be 0).

Instead call li_iostream_reset in all places that didn't acquire before,
and drop the acquire.

Change-Id: I347f49eb57989738ed811a1f3a31b8942ff32881
2 years ago
Stefan Bühler 850aea7a5d [build] enable all "main" features by default
Change-Id: I9bf8ee3f4bfc6736f5fc5aea6b3958ee298c65d6
2 years ago
Stefan Bühler 21865cbbd2 [autobuild] install and use glib tap helpers, replaces gtester
Change-Id: I889eba5be61a1c2b89f9f53b38abbba201625b6b
2 years ago
Stefan Bühler 2a4744a677 [autobuild] raise autoconf min version, fix various deprecated macros
Change-Id: Ic7ae8f7bb0720ba4e6b965f1951f091cf03f6b83
2 years ago
Stefan Bühler c8bf635551 [tests] fix memcached and scgi-envcheck for python3; use asyncio
Change-Id: If3be7d98701d90c0374f625d1571140a100009df
2 years ago
Stefan Bühler 98ea1dc7de [contrib] add overrides for new mime types, regenerate mimetypes.conf
Change-Id: I6e0116b1f227c96eb98a6e45300030bc5cde72fd
2 years ago
Stefan Bühler 424e1a37f8 [core] Reset con->out (response body) queue counters (used by mod_accesslog) for keep-alive
Change-Id: Id644a71c808c8a3c73e476fddb6022177de8dd5f
2 years ago
Stefan Bühler d544ee105d [core] docs say empty log targets request not logging; actually implement that (went to stderr)
Change-Id: If71dc0b309c4e8221ecef877202d9a1a571ad5c6
2 years ago
Stefan Bühler 7a343d4765 [mod_acceslog]: fix log target reference in docs
Change-Id: If390d666db5e4952a64d545eb77ddf6e8f7ed9df
2 years ago
Stefan Bühler a5d3e11c1f [tests] add tests for mod_dirlist
Change-Id: I5d6ea970cd5dca7e202c8bd888142e44ef8f4211
3 years ago
Stefan Bühler 76fccefc84 [core] encode path in li_vrequest_redirect_directory
To handle whitespace and ? (and other special chars).

Change-Id: Ie597c1d784d42dba70dd21650f5fc9770e9e6547
3 years ago
Stefan Bühler 51a7fd577c [core]: fix query string handling in li_vrequest_redirect_directory (dirlist, index)
- use decoded path instead of orig raw path (which includes the query
  string); the decoded path should be safe, and we also really don't
  need to support any "raw" handling - we're at the filesystem level

Change-Id: Ic9a5b362bea9813873631b18aaa908c59f2bb0a6
3 years ago
Stefan Bühler 92681fcde4 [tests] fix PrepareDir
Change-Id: Idb26de002ad1586101c9e9bdb0256170b8e287b9
3 years ago
Stefan Bühler 505bfb053f [core] move CGI environment creation to core
Change-Id: Ia826381365a04352249321097fda57f704984821
4 years ago
Stefan Bühler 8989ca32d4 [mod_{fast,s}cgi] support REQUEST_SCHEME cgi variable
Change-Id: I4750086962ee50a530694309ec8a6165eddabcf3
4 years ago
Stefan Bühler afaf285bfb [core] fix chunk decoding bug: reused stale context after forwarding chunk data
Change-Id: Ie37e3c2d605ae23dcb7a6b74ff6b5f0699074ac5
4 years ago
Stefan Bühler 7078063491 [core] fix parsing of chunk digits
Change-Id: I8fd5b916172c432b63329078e261a8ed5eff23dc
4 years ago
Stefan Bühler a41b92eb8a [core] fix segfault in http response streaming
Change-Id: I61a0167d8a7fdede96075960f5099b33c0a8ab02
4 years ago
Stefan Bühler d8bd405a19 [core] fix crash when HTTP backend "Upgrade"s
Change-Id: If7143f49baa2efa8d1fb3f78c6390969730c678e
4 years ago
Stefan Bühler bffe96f5d0 [build] sync extra warning flags between cmake and autobuild
Change-Id: I4165d22ef944b959f9acd8f57c3d7658049b39f0
4 years ago
Stefan Bühler d167e6e416 [core/mod_proxy] support http backends trying to run keep-alive
Even if they shouldn't (due to HTTP/1.0 or Connection; close) some
backends send HTTP/1.1 without Connection: close, and use Content-Length
to signal end of response (and don't close the connection, as they wait
for another request).

Now Content-Length is used to find the end of the response (chunked
transfer-encoding was already supported).

mod_proxy now signals HTTP/1.1, but also sends "Connection: close": it
doesn't reuse the connection yet.

Change-Id: Ica0c9b3b7da79899412a746f21e7348ccd3d23ee
4 years ago
Stefan Bühler 52566836a0 [core] fix fallthrough annotation for gcc
Change-Id: I3130f87b0709055d1f496961f7bd8167329e2c46
4 years ago
Stefan Bühler 16ccf1d307 [tests] show error log of failed tests
Change-Id: Iaee7559a0526cdb4a8d337d003a79062ff912dce
4 years ago
Stefan Bühler f60b53bd44 [tests] build custom http backend server, require python3 for socketserver
Change-Id: Id4deaad74799a8cc2454869e941e7a00106d25cd
4 years ago
Stefan Bühler 9263deaeef [tests] python3 compability
Change-Id: I09c8eaf0cbe4a74b795aeb2a3b04f0abc39383c8
4 years ago
Stefan Bühler 8643cafa22 [core] fix log level of connection: (backend) response header parsing
Change-Id: Idd8263ccf19bf60df10cf22fa8c7037615171c35
4 years ago
Stefan Bühler f66defba93 [doc] mod_fastcgi: extend php fastcgi example with physical file test
Change-Id: I061278e2bd588d27f57be8b6711d470161a955cc
4 years ago
Stefan Bühler bda1a90f27 [core] add strict.post_content_length option
Change-Id: Ie9d67eceed7e957b667554925d562018a3217209
5 years ago
Stefan Bühler bc6b256c34 [core] use readdir instead of readdir_r
readdir_r is deprecated in glibc due to serious memory handling issues
in the API: one cannot pass the size of the allocated dirent.

glibc authors claims readdir is thread-safe in modern implementations,
and expect POSIX to require it in a future version.

No way to check whether readdir is thread-safe though :(

("thread-safe" in this context means different directory streams, which
is good enough.)

Also remove li_dirent_buf_size.

Change-Id: Ia5eae3327e97dc4b0751fb2604ea21c0ce09a5f9
6 years ago
Stefan Bühler b3dcc9662e [mod_openssl] fix C90 mixed declarations and code warning
Change-Id: I04f5e5dba87b7174eb5e93d18bddb5fb0ba717e9
6 years ago
Stefan Bühler 04e54a4388 [mod_openssl] fix crash with libressl or openssl < 1.1
Change-Id: I920ab1e4bc36df8396dcbf3d5777af32ae273a8b
6 years ago
Stefan Bühler 8c68b120da [mod_gnutls] support OCSP responses in sni backends
Change-Id: I7ec08bf6e414140b53019885eb906bdfe3251a2e
6 years ago
Stefan Bühler e0e96ae377 [plugin_core] fix segfault in fetch.files_static init
Change-Id: Icbc8e1440ea35b80a25e600e4a1bd913cafc72f1
6 years ago
Stefan Bühler 808cdf301b handle ENAMETOOLONG in various places
  - static, flv: return 414
  - dirlist, pathinfo: treat as not-existing (i.e. no handling)
- also return 500 instead of closing the connection when stat/open
  fails an unhandled error
- explicit return instead of switch-case fallthrough (no semantic
  change) in actions.c

Change-Id: I1e2dd721dd18544500b4436ada843cb6e7f2db72
6 years ago
Stefan Bühler 863b433aa6 [doc build] remove markdown support
- bluecloth is dead, and was dropped from debian
- markdown wasn't used in any doc

Change-Id: I61f51724a5abbae6cc0e4cbf993873b59b6e563d
6 years ago
Stefan Bühler f6990a9d8a [plugin_core] support patterns in alias target
Change-Id: Ic77080dc5d7e1821832d10b56366cc79d0ff8a6a
6 years ago
Stefan Bühler ca446911ef [mimetypes.conf] add text/markdown to utf-8 list, regenerate mimetypes.conf
Change-Id: I653b49a49f348224f6b29d76194cf1061968b494
7 years ago
Stefan Bühler c8b27d7462 [mod_openssl] fix warnings and compile breaks with openssl 1.1.0
Change-Id: Ia69e8192004208a9e55246196b5b64d39cd53a66
7 years ago
Simon Lundström 64096982fa [mod_openssl/doc] Update links to man pages
Change-Id: I4f6fc1bca8ac7a4145b792fe7cb6fd57e4edcff6
7 years ago
Simon Lundström a4804cbd93 Add NO_TLSv1_1 and higher options
Change-Id: I69b675a8b41f84b9e786bc2ce1b9661fbd76cbd4
7 years ago
Stefan Bühler 3d2880258d [mod_gnutls] workaround gnutls API breakage, and prepare for future ones
Change-Id: I1b97aa31fd1a7adb0107761d05bf81a4509e9fc9
7 years ago
Stefan Bühler 9926bef92e [mod_gnutls/doc] more details which certificates are needed for OCSP
Change-Id: I1f7004bf2182f8023f19c0e3d2e3f5dee4968a9b
7 years ago