summaryrefslogtreecommitdiff
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* [mod_magnet] support ./configure --with-lua=luajit (#3199)Glenn Strauss2023-04-111-0/+7
| | | | | x-ref: https://redmine.lighttpd.net/issues/3199
* [mod_extforward] recognize unix domain sockets (fixes #3198)Glenn Strauss2023-04-061-0/+1
| | | | | | | | | recognize unix domain sockets starting with '/' in extforward.forwarder before attempting to parse netmask after last '/' in string x-ref: "Add support for unix domain sockets in extforward.forwarder" https://redmine.lighttpd.net/issues/3198
* [core] h2 http_request_parse_header() tweakGlenn Strauss2023-04-061-0/+4
| | | | do not check for HTTP/2 pseudo headers already tagged by ls-hpack
* [core] check chunk file open early in mmap viewadj (fixes #3197)Glenn Strauss2023-04-041-5/+3
| | | | | | | | | | check chunk file open early in chunkqueue_chunk_file_viewadj() (thx shangzhi_xu) x-ref: "Found an UAF bug in /src/chunk.c" https://redmine.lighttpd.net/issues/3197
* [core] connection_handle_request_start_state()Glenn Strauss2023-04-041-8/+14
| | | | extract to separate func; still gets inlined in optimized builds
* [core] reorder enum handler_tGlenn Strauss2023-04-041-1/+1
|
* [mod_openssl] SSL_CTX_set_options() takes uint64_tGlenn Strauss2023-04-041-1/+8
| | | | SSL_CTX_set_options() takes uint64_t for options in openssl 3.0+
* [mod_extforward] typo in commentGlenn Strauss2023-04-041-1/+1
|
* [core] add members to http_header_parse_ctxGlenn Strauss2023-04-042-5/+6
| | | | add log_request_header to http_header_parse_ctx
* [core] permit shell HERE docs to specify configGlenn Strauss2023-03-271-18/+62
| | | | | | | | | | | e.g. /usr/sbin/lighttpd -D -f <(cat <<END server.document-root = "/web/" END ) x-ref: https://www.reddit.com/r/bash/comments/11wysi0/combining_heredocs_with_process_substitution/
* [core] limit server.max-request-field-size <=65535Glenn Strauss2023-03-271-2/+2
|
* [core] h2 match w/ lsxpack pseudo-header key onlyGlenn Strauss2023-03-253-21/+15
|
* [core] h2 mark :status matching lsxpack enum valueGlenn Strauss2023-03-251-0/+2
|
* [core] h2: remove obsolete commentGlenn Strauss2023-03-251-7/+0
| | | | (see "(lighttpd customization)" in ls-hpack/lshpack.h)
* [core] h2_get_stream_req() code reuseGlenn Strauss2023-03-241-26/+21
|
* [core] h2_recv_headers() tweak to reduce code sizeGlenn Strauss2023-03-221-8/+5
|
* [scons] fix static build to include builtin_modsGlenn Strauss2023-03-121-0/+3
|
* [core] cast to fix compiler error in prior commitGlenn Strauss2023-03-121-1/+1
|
* [mod_accesslog] %{mask}a to mask/anonymize IPGlenn Strauss2023-03-121-2/+59
| | | | | | | | | | | | | | | (thx pmconrad) IPv4: mask final octet (8 bits) of address IPv6: mask final 10 octets (80 bits) of address x-ref: Enable partial masking of IP addresses in access logs https://github.com/lighttpd/lighttpd1.4/pull/124 IP masking in Universal Analytics https://support.google.com/analytics/answer/2763052 github: closes #124
* [core] use C23 memset_explicit() were availableGlenn Strauss2023-03-011-0/+10
|
* [mod_extforward] manage remote addr per request (fixes #3192)Glenn Strauss2023-02-281-98/+81
| | | | | | | | | | | | | | | manage remote addr per request for HTTP/2 requests, rather than remote addr per connection. Modern load balancers often provide options to reuse connections for *different* clients, and therefore mod_extforward might change the remote addr per request. x-ref: "RFE: mod_extforward and multiplexed requests via HTTP/2" https://redmine.lighttpd.net/issues/3192 "Evaluation of remote_addr for mod_maxminddb for multiplexed connections" https://redmine.lighttpd.net/issues/3191
* [multiple] store ptrs to remote addr in request_st (#3192)Glenn Strauss2023-02-2814-28/+32
| | | | | | | | | | | | | | | | | adds two pointers to (request_st *) (cost: 16 bytes in 64-bit builds) prepares for upcoming changes to mod_extforward to manage remote addr per request for HTTP/2 requests, rather than remote addr per connection. Modern load balancers often provide options to reuse connections for *different* clients, and therefore mod_extforward might change the remote addr per request. x-ref: "RFE: mod_extforward and multiplexed requests via HTTP/2" https://redmine.lighttpd.net/issues/3192 "Evaluation of remote_addr for mod_maxminddb for multiplexed connections" https://redmine.lighttpd.net/issues/3191
* [mod_maxminddb] check remote IP each request (fixes #3191)Glenn Strauss2023-02-281-33/+84
| | | | | | | | | | | Many load balancers have options to reuse the same connection for multiple clients, so check remote IP each request to detect if remote IP has changed for a subsequent requests on the same connection, e.g. due to mod_extforward. x-ref: "Evaluation of remote_addr for mod_maxminddb for multiplexed connections" https://redmine.lighttpd.net/issues/3191
* [core] cache format secs for high prec errlogGlenn Strauss2023-02-141-19/+26
| | | | cache formatted secs string for high precision errorlog timestamp
* [build] skip build separate modules for built-insGlenn Strauss2023-02-134-103/+0
| | | | | | | | | skip building separate modules for built-in modules Small modules with minimal dependencies are now built-in to lighttpd. All 12 of these modules have a memory footprint that is approximately the same as 1 single module built as a .dll due to mandatory minimum binary sections and memory page sizes (4k each).
* [autotools] chmod u+w configparser.c for lemonGlenn Strauss2023-02-101-0/+1
| | | | | | | | | chmod u+w configparser.c for lemon configparser.c might be created mode 444 and then a subsequent repeat call to lemon will fail EACCES This fixes that scenario in top level ./packdist.sh script.
* [core] remove extra HTTP/2 HEADERS frame len checkGlenn Strauss2023-02-101-1/+1
| | | | | remove extra HTTP/2 HEADERS frame len check (now that the check has been added to proper place in prior commit)
* [core] fix HTTP/2 HEADERS frame parsing bugGlenn Strauss2023-02-101-2/+1
| | | | | | | | | (thx Sig Run for reproduction cases, ASAN logs, valgrind logs) credit: sig.run https://hackerone.com/sigrun 2023.02.10 edit: CVE ID assignment requested a few days ago, but id not yet assigned
* [mod_webdav] send 409 Conflict if PUT miss parentGlenn Strauss2023-02-041-1/+9
| | | | send 409 Conflict if PUT into parent collection which does not exist
* [core] reset path-info for cgi.local-redirGlenn Strauss2023-02-041-0/+1
| | | | | | | | | | | cgi.local-redir occurs in the subrequest handler, by which point path-info has been set. Since CGI local redir might restart the request for an entirely different URL, reset the path info. Note: mod_rewrite, mod_magnet, and others which may restart the request do so prior to path-info being set. path-info is always reset between different requests.
* [core] path-info in debug trace may be unsetGlenn Strauss2023-02-041-3/+2
| | | | path-info in debug trace (debug.log-request-handling) may be unset
* [mod_dirlisting] use fdevent_rename() wrapperGlenn Strauss2023-02-041-3/+2
|
* [mod_cgi] cygwin supports CGI file I/O redirectionGlenn Strauss2023-02-041-2/+0
| | | | remove the special-case which disabled this for issue in older cygwin
* [autotools] skip modules build if LIGHTTPD_STATICGlenn Strauss2023-02-041-0/+4
|
* [autotools] add mod_evhost to static build listGlenn Strauss2023-02-041-0/+1
|
* [core] fdevent_poll_poll avoid potential raceGlenn Strauss2023-02-041-5/+4
| | | | fdevent_poll_poll avoid potential race with pollfds list being extended
* [core] gw_backend more precise backend env allocGlenn Strauss2023-02-031-1/+1
| | | | remove excess +1 per env string
* [core] avoid select() FD_ISSET repeat on active fdsGlenn Strauss2023-02-031-35/+15
|
* [core] move headers to help isolate fdevent layerGlenn Strauss2023-01-301-2/+4
| | | | move headers to help isolate fdevent layer from layers above
* [core] iOS does not provide netinet/tcp_fsm.hGlenn Strauss2023-01-241-2/+9
| | | | | x-ref: https://redmine.lighttpd.net/boards/3/topics/10842
* [core] disable sendfile() on TARGET_OS_IPHONEGlenn Strauss2023-01-241-0/+11
| | | | | | | x-ref: https://redmine.lighttpd.net/boards/3/topics/10842 https://github.com/ndfred/iperf-ios/issues/17 https://github.com/dotnet/runtime/pull/69436
* [core] pass fdn to fdevent_sched_close,_unregisterGlenn Strauss2023-01-239-40/+26
| | | | remove issock flag; on _WIN32, select(), WSAPoll() work only on sockets
* [mod_webdav] MOD_WEBDAV_BUILD_MINIMAL preproc optGlenn Strauss2023-01-201-0/+2
| | | | | | | | | | | | | | | | -DMOD_WEBDAV_BUILD_MINIMAL preprocessor option to disable PROPPATCH, LOCK, UNLOCK by removing dependencies on libxml2, libsqlite3, libuuid (even if built --with-webdav-props --with-webdav-locks) This permits building mod_webdav.so and an alternative mod_webdav_min.so without the extra dependencies if the build system is extended to build mod_webdav_min, compiling mod_webdav.c with -DMOD_WEBDAV_BUILD_MINIMAL -Dmod_webdav_plugin_init=mod_webdav_min_plugin_init (note: build systems have not been extended here for mod_webdav_min.so) x-ref: "lighttpd-mod-webdav dependency to SQLite" https://redmine.lighttpd.net/issues/3188
* [mod_webdav] modify OPTIONS response if no db cfgGlenn Strauss2023-01-201-12/+17
| | | | | | | | | | | modify OPTIONS response if webdav.sqlite-db-name is not configured if webdav.sqlite-db-name is not configured, then in OPTIONS response - do not advertise PROPPATCH, LOCK, or UNLOCK in "Allow" response header - do not advertise DAV Compliance Class 2 in "DAV" response header x-ref: https://redmine.lighttpd.net/issues/3188
* [core] reset SIGUSR1 to SIG_DFL before execve()Glenn Strauss2023-01-191-0/+1
| | | | | reset SIGUSR1 to SIG_DFL in fdevent_fork_execve() before execve() (in case SIGUSR1 had been set to SIG_IGN for server.max-worker > 0)
* [multiple] clang -Wstrict-prototypes for C2xGlenn Strauss2023-01-198-32/+56
| | | | | | | | | | | adjustments to compile warnings-free with recent clang changes that warn about potential behavior change for non-prototypes, including generic function pointers e.g. int(*)() x-ref: https://discourse.llvm.org/t/rfc-enabling-wstrict-prototypes-by-default-in-c/60521 https://www.open-std.org/jtc1/sc22/wg14/www/docs/n2432.pdf https://www.open-std.org/jtc1/sc22/wg14/www/docs/n2841.htm
* [core] remove cygwin O_NOFOLLOW workaroundGlenn Strauss2023-01-191-4/+0
| | | | | | | | | | cygwin O_NOFOLLOW fixed in cygwin 3.4.5-1 x-ref: [ANNOUNCEMENT] cygwin 3.4.5-1 https://cygwin.com/pipermail/cygwin/2023-January/252900.html Fix an uninitialized variable having weird side-effects in path handling. https://cygwin.com/pipermail/cygwin/2022-December/252734.html
* [core] add missed h2 state transition (fixes #3186)Glenn Strauss2023-01-191-0/+17
| | | | | | | | | | transition to h2 state half closed local if END_STREAM sent with HEADERS (thx gjoe) x-ref: HTTP 2 connections not properly closed https://redmine.lighttpd.net/issues/3186
* [cmake] use LIGHTTPD_MODULES_DIR as relative path (fixes #3185)Glenn Strauss2023-01-141-6/+5
| | | | | | | | (thx brad) x-ref: "CMake: issue with modules path" https://redmine.lighttpd.net/issues/3185
* [multiple] quiet some coverity false positivesGlenn Strauss2023-01-137-9/+9
|
View Lorry Controller Status