| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
skip optimistic client read if http version >= HTTP/2
|
| |
|
|
|
|
| |
(mod_h2 module now available as build artifact of shared lib build,
but is not yet used by lighttpd, in order to give package maintainers
a chance to update release packages to contain mod_h2)
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
expose request_set_state() in request.h for internal use
|
| |
|
|
| |
CON_STATE_REQUEST_END transient state is now implicit; not directly used
|
| |
|
|
|
| |
separate generic HTTP handling of Upgrade request header
from handling of Upgrade: h2c
|
| | |
|
| | |
|
| |
|
|
|
| |
x-ref:
https://redmine.lighttpd.net/issues/3199
|
| |
|
|
|
|
|
|
|
| |
recognize unix domain sockets starting with '/' in extforward.forwarder
before attempting to parse netmask after last '/' in string
x-ref:
"Add support for unix domain sockets in extforward.forwarder"
https://redmine.lighttpd.net/issues/3198
|
| |
|
|
| |
do not check for HTTP/2 pseudo headers already tagged by ls-hpack
|
| |
|
|
|
|
|
|
|
|
| |
check chunk file open early in chunkqueue_chunk_file_viewadj()
(thx shangzhi_xu)
x-ref:
"Found an UAF bug in /src/chunk.c"
https://redmine.lighttpd.net/issues/3197
|
| |
|
|
| |
extract to separate func; still gets inlined in optimized builds
|
| | |
|
| |
|
|
| |
SSL_CTX_set_options() takes uint64_t for options in openssl 3.0+
|
| | |
|
| |
|
|
| |
add log_request_header to http_header_parse_ctx
|
| |
|
|
|
|
|
|
|
|
|
| |
e.g.
/usr/sbin/lighttpd -D -f <(cat <<END
server.document-root = "/web/"
END
)
x-ref:
https://www.reddit.com/r/bash/comments/11wysi0/combining_heredocs_with_process_substitution/
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
(see "(lighttpd customization)" in ls-hpack/lshpack.h)
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(thx pmconrad)
IPv4: mask final octet (8 bits) of address
IPv6: mask final 10 octets (80 bits) of address
x-ref:
Enable partial masking of IP addresses in access logs
https://github.com/lighttpd/lighttpd1.4/pull/124
IP masking in Universal Analytics
https://support.google.com/analytics/answer/2763052
github: closes #124
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
manage remote addr per request for HTTP/2 requests,
rather than remote addr per connection.
Modern load balancers often provide options to reuse connections for
*different* clients, and therefore mod_extforward might change the
remote addr per request.
x-ref:
"RFE: mod_extforward and multiplexed requests via HTTP/2"
https://redmine.lighttpd.net/issues/3192
"Evaluation of remote_addr for mod_maxminddb for multiplexed connections"
https://redmine.lighttpd.net/issues/3191
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
adds two pointers to (request_st *) (cost: 16 bytes in 64-bit builds)
prepares for upcoming changes to mod_extforward to manage remote addr
per request for HTTP/2 requests, rather than remote addr per connection.
Modern load balancers often provide options to reuse connections for
*different* clients, and therefore mod_extforward might change the
remote addr per request.
x-ref:
"RFE: mod_extforward and multiplexed requests via HTTP/2"
https://redmine.lighttpd.net/issues/3192
"Evaluation of remote_addr for mod_maxminddb for multiplexed connections"
https://redmine.lighttpd.net/issues/3191
|
| |
|
|
|
|
|
|
|
|
|
| |
Many load balancers have options to reuse the same connection for
multiple clients, so check remote IP each request to detect if remote IP
has changed for a subsequent requests on the same connection, e.g. due
to mod_extforward.
x-ref:
"Evaluation of remote_addr for mod_maxminddb for multiplexed connections"
https://redmine.lighttpd.net/issues/3191
|
| |
|
|
| |
cache formatted secs string for high precision errorlog timestamp
|
| |
|
|
|
|
|
|
|
| |
skip building separate modules for built-in modules
Small modules with minimal dependencies are now built-in to lighttpd.
All 12 of these modules have a memory footprint that is approximately
the same as 1 single module built as a .dll due to mandatory minimum
binary sections and memory page sizes (4k each).
|
| |
|
|
|
|
|
|
|
| |
chmod u+w configparser.c for lemon
configparser.c might be created mode 444 and then a subsequent
repeat call to lemon will fail EACCES
This fixes that scenario in top level ./packdist.sh script.
|
| |
|
|
|
| |
remove extra HTTP/2 HEADERS frame len check
(now that the check has been added to proper place in prior commit)
|
| |
|
|
|
|
|
|
|
| |
(thx Sig Run for reproduction cases, ASAN logs, valgrind logs)
credit: sig.run https://hackerone.com/sigrun
2023.02.10 edit:
CVE ID assignment requested a few days ago, but id not yet assigned
|
| |
|
|
| |
send 409 Conflict if PUT into parent collection which does not exist
|
| |
|
|
|
|
|
|
|
|
|
| |
cgi.local-redir occurs in the subrequest handler, by which point
path-info has been set. Since CGI local redir might restart the
request for an entirely different URL, reset the path info.
Note: mod_rewrite, mod_magnet, and others which may restart the request
do so prior to path-info being set.
path-info is always reset between different requests.
|
| |
|
|
| |
path-info in debug trace (debug.log-request-handling) may be unset
|
| | |
|
| |
|
|
| |
remove the special-case which disabled this for issue in older cygwin
|
| | |
|
