| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
(regression in lighttpd 1.4.60 - lighttpd 1.4.65)
impacted: mod_wolfssl loading certificate private keys
must ignore whitespace in count of encoded chars
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
RFC4648 base64url pad char is '='; change from '.' in lighttpd
The base64url encoding was introduced in lighttpd 1.4.38 in 2015,
but at the time, does not appear to have been used in base64url
decoding where padding might be present.
In lighttpd 1.4.50, base64url decoding was possible with %{decb64u:...}
potentially used in mod_redirect and mod_rewrite rules. However, this
is not believed to be widely used, and even if used, it is strongly
recommended that the URLs contain a base64url-encoded string WITHOUT
padding, since padding of '=' might be %-encoded and require decoding
before base64url-decoding.
Note: this change may affect %{decb64u:...} substitution in
mod_redirect and mod_rewrite, but *ONLY* in case where URL contains
a base64url-encoded string *WITH* padding, and that padding had been
created specifically for use with lighttpd, using '.' as padding char
x-ref:
RFC4648 https://datatracker.ietf.org/doc/html/rfc4648#section-5
|
| |
|
|
| |
(make public in base64.h, like li_base64_enc())
|
| |
|
|
| |
(triggers preload-access of table)
|
| | |
|
| |
|
|
| |
single func with option to add padding or not
|
| | |
|
| |
|
|
|
|
|
| |
no need for extra work for precision allocation to avoid 0-3 extra chars
note: callers passing precise buffer size for without padding will need
to be modified to pass a slightly larger buffer, e.g. mod_secdownload
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
with option to include or omit padding
single func to handle both:
- buffer_append_base64_encode_no_padding
- buffer_append_base64_encode
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
x-ref:
"Script for fixing spelling errors with codespell"
https://redmine.lighttpd.net/boards/3/topics/8947
|
| |
|
|
|
|
|
|
| |
thx, codehero
x-ref:
"buffer_append_base64_decode() broken on compilers where char is assumed unsigned"
https://redmine.lighttpd.net/issues/2848
|
| |
|
|
|
|
|
| |
consolidate base64 test code
use char type for tables to reduce memory use
(potentially increase cache hits)
|
| |
|
|
|
|
| |
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3119 152afb58-edef-0310-8abb-c4023f1b3aa9
|
| |
|
|
|
|
|
|
|
|
| |
if the input to `li_to_base64_no_padding` has length 3*n,
`out_tuple_remainder` = `in_tuple_remainder` = 0, and `4*full_tuples
== 4*full_tuples + out_tuple_remainder`
From: Andrey Mnatsakanov <andrey.mnatsakanov@gmail.com>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3117 152afb58-edef-0310-8abb-c4023f1b3aa9
|
| |
|
|
|
|
| |
From: Glenn Strauss <gstrauss@gluelogic.com>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3113 152afb58-edef-0310-8abb-c4023f1b3aa9
|
|
|
Differential Revision: https://review.lighttpd.net/D6
From: Stefan Bühler <stbuehler@web.de>
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@3053 152afb58-edef-0310-8abb-c4023f1b3aa9
|
