Fork 0
Commit Graph

431 Commits

Author SHA1 Message Date
Stefan Bühler 01788a7250 [common] remove hash value type (use key/value lists instead) 2014-04-10 12:40:08 +02:00
Stefan Bühler 84325a5a06 [backends: scgi,proxy,fastcgi] update *context immediately after *backend_get
- fixes use-after-free, usually caught by an assert in
2014-04-10 12:40:08 +02:00
Stefan Bühler db58828e0b [common] refactor liValue to share most of the code
* removing unused "range" value type in angel
2014-02-06 14:01:20 +01:00
Stefan Bühler 23be07f40c [mod_gnutls] don't abort if 'NORMAL:-CIPHER-ALL:+ARCFOUR-128' is not recognized, use 'NORMAL' instead 2014-02-04 14:39:07 +01:00
Stefan Bühler 133941c327 [mod_status] use PACKAGE_BUILD_DATE instead of __DATE__/__TIME__ 2014-02-04 13:59:13 +01:00
Stefan Bühler f482877825 [doc] document core config and modules in tree 2014-02-03 12:57:25 +01:00
Stefan Bühler 3f61b3c1b1 [mod_proxy] send Content-Length for all non GET/HEAD requests 2013-12-05 18:01:41 +01:00
Stefan Bühler 5222d524ad [plugin_core] fix some setup parameter handling 2013-09-09 23:23:46 +02:00
Stefan Bühler 1a7eec4aa5 [mod_gnutls] disable protect-against-beast by default now - considered mitigated on client side 2013-09-09 16:17:18 +02:00
Stefan Bühler 81ff95db84 [mod_gnutls] announce http/1.1 in ALPN 2013-09-09 16:16:38 +02:00
Stefan Bühler d65a2ffc16 [mod_redirect] fix segfault in config parsing 2013-09-09 12:28:31 +02:00
Stefan Bühler a1fbaab86b [core/modules] refactor config handling
* should be more robust now: taking list of wanted value, handling NULL
   pointers instead of value type NONE, fixed some bugs (wrong checks,
   mem leaks, ...)
 * add many methods to make handling of values easier; most methods
   can handle NULL value pointers safely (li_value_type(v) instead of
   v->type and so on)
2013-09-06 14:36:55 +02:00
Stefan Bühler 061b2a4262 [core] handle differences between options/actions/setups in plugin.c 2013-08-22 18:02:50 +02:00
Stefan Bühler cebb8df82c [mod_vhost] fix config mem leak 2013-08-22 15:02:33 +02:00
Stefan Bühler 9f9fe72d97 [lua] fix usage of lua_typename 2013-08-21 13:50:02 +02:00
Stefan Bühler 0adefe5f18 [mod_memcached] convert to handling key-value list 2013-08-19 20:09:16 +02:00
Stefan Bühler 9430a8a112 [mod_deflate] convert to handling key-value list 2013-08-19 19:22:22 +02:00
Stefan Bühler d825212823 [mod_lua] convert to handling key-value list 2013-08-19 19:11:28 +02:00
Stefan Bühler a14d0d00a5 [mod_auth] convert to handling key-value list 2013-08-19 18:53:01 +02:00
Stefan Bühler 433d4da14e [mod_vhost] convert to handling key-value list; make vhost.map_regex predictable
vhost.map_regex used to reorder the list to put often used entries at
  the top; now it just uses the first matching entry.

  new syntax now uses the default keyword for default entries instead of
  the string "default".
2013-08-19 16:25:34 +02:00
Stefan Bühler 7bc6e275ef [mod_throttle] fix refcount and double free 2013-08-18 19:58:09 +02:00
Stefan Bühler ccd512ca57 [waf] remove waf for now, doesn't work anymore 2013-08-18 18:42:15 +02:00
Stefan Bühler 919a8dd6d2 [mod_openssl] error out on unknown parameters 2013-08-18 15:53:26 +02:00
Stefan Bühler dc2f0b7885 [mod_openssl] support key-value list for multiple listen parameters 2013-08-18 15:49:12 +02:00
Stefan Bühler 8eae9f3b50 [mod_gnutls] remove ca-file option; only needed for not yet supported client cert authentication. add docs in the source 2013-08-18 14:29:26 +02:00
Stefan Bühler c372d21f2c [mod_gnutls] use key-value list for parameters, allows duplicate listen/pemfile parameters 2013-08-18 13:48:48 +02:00
Stefan Bühler ab47f9b33c [mod_gnutls] fix endless loop in client hello parser 2013-08-18 11:45:45 +02:00
Stefan Bühler 36b901afa7 [mod_gnutls] fix build with SNI disabled 2013-08-18 11:16:01 +02:00
Stefan Bühler 40169d5fc9 [autobuild] fix renamed header ssl_client_hello_parser.h 2013-08-18 11:15:30 +02:00
Stefan Bühler 975ca1cddf [mod_gnutls] parse client hello for sni and protocol version
changing priority in gnutls post_client_hello didn't work with session
2013-08-18 00:55:24 +02:00
Stefan Bühler c51d89fe6e [mod_openssl] disable SSL3 by default 2013-08-09 00:23:33 +02:00
Stefan Bühler 0b8365ca29 [mod_openssl] enable DH and ECDH 2013-08-07 20:59:46 +02:00
Stefan Bühler f3436e69f1 [gnutls] fix cleanup order (use-after-free) 2013-08-03 09:24:58 +02:00
Stefan Bühler f64ba1bb72 [fastcgi] add debug prints before all fastcgi_reset calls, don't reset connection on stderr data if connection was already closed 2013-07-20 13:33:58 +02:00
Stefan Bühler a1170b3aec [mod_gnutls] fix segfault when no sni backend was configured 2013-07-17 20:18:52 +02:00
Stefan Bühler 8f42bbe7b4 [gnutls filter] fix cork handling 2013-06-25 16:20:18 +02:00
Stefan Bühler b9fadd3db3 [ssl_sni_parser] debugging, fix parser bug (wrong shift) 2013-06-10 12:12:36 +02:00
Stefan Bühler 85fc9dbb6d [mod_gnutls,fetch api] associate sni certs with dh params, fix fetch bug 2013-06-09 18:10:23 +02:00
Stefan Bühler 796f6b1547 [mod_gnutls] send alerts instead of aborting, allow safe renegotiations 2013-06-09 16:15:43 +02:00
Stefan Bühler 3d86ada352 add ssl_sni_parser.h to make dist 2013-06-08 23:18:39 +02:00
Stefan Bühler 92f0a5f237 [mod_gnutls] add sni-fallback-pemfile option 2013-06-08 21:36:59 +02:00
Stefan Bühler 8d417cec1b [mod_gnutls] fix compile error when compiling without SNI 2013-06-08 20:23:06 +02:00
Stefan Bühler 392e7bb823 [mod_gnutls] add SNI 2013-06-08 20:11:13 +02:00
Stefan Bühler 86c93c6256 [mod_gnutls] use 4096-bit DH params by default 2013-06-02 13:31:06 +02:00
Stefan Bühler 2cc5eb90d6 [mod_gnutls] actually use dh params loaded from file 2013-06-02 12:27:36 +02:00
Stefan Bühler 9a70d79f66 [mod_gnutls] add memory session database 2013-06-02 11:43:04 +02:00
Stefan Bühler c15deb44a4 [mod_gnutls] support DH parameters, use pregenerated 3247 bit parameter by default 2013-06-02 10:44:08 +02:00
Stefan Bühler f4280dca8b [mod_gnutls] session ticket support 2013-06-01 17:40:14 +02:00
Stefan Bühler c49cf3696f [mod_gnutls] fix beast workaround (force RC4 on TLS1.0 and SSL3.0) 2013-06-01 15:28:06 +02:00
Stefan Bühler 97dbcf7e42 [core] add option to disable buffering large request bodies on disk - forward them to backend directly instead
- right now only mod_fastcgi can handle this (it won't set the CONTENT_LENGTH env var, the backend
    has to support this too)
2013-06-01 12:31:25 +02:00