| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
| |
check getaddrinfo() error EAI_ADDRFAMILY only with __GLIBC__ defined
x-ref:
"www/lighttpd: fix listening on IPv6 and IPv4 addresses"
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=271335
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
(thx fstelzer)
adjust optimization to fix use of posix_spawn() with some glibc vers,
as older versions rejected sigaction() SIG_DFL on some signals including
SIGKILL, SIGSTOP, and bits in signal mask set higher than NSIG
x-ref:
"include_shell not working on all platforms"
https://redmine.lighttpd.net/issues/3201
|
|
|
|
|
|
|
|
|
|
|
| |
(thx desmana)
missing algo_hmac.c from static build
(since removal of mod_secdownload in lighttpd 1.4.68)
x-ref:
"static build fails due to missing algo_hmac"
https://redmine.lighttpd.net/issues/3203
|
|
|
|
| |
HTTP/2 separate module; no longer built-in to lighttpd executable
|
| |
|
|
|
|
|
|
|
|
| |
(addendum to previous commit)
(lighttpd test confs set server.compat-module-load = "disable")
Note: a future release of lighttpd will build mod_h2 as a separate
module (not built-in) when lighttpd is built with shared modules (.so)
|
|
|
|
|
|
|
|
| |
(addendum to previous commit)
(lighttpd test confs set server.compat-module-load = "disable")
Note: a future release of lighttpd will build mod_h2 as a separate
module (not built-in) when lighttpd is built with shared modules (.so)
|
| |
|
|
|
|
|
| |
Note: a future release of lighttpd will build mod_h2 as a separate
module (not built-in) when lighttpd is built with shared modules (.so)
|
|
|
|
|
| |
tests will fail to run from an alternate build root on platforms
on which cp -n is not supported, such as NetBSD and OpenBSD
|
|
|
|
| |
currently used w/ power-2 limit values, but add check >= if not power-2
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
modify use of posix_spawnattr_setsigdefault() on __linux__
Subprocesses (CGI scripts and backends FastCGI, SCGI, proxy, etc)
which spawned their own children and accidentally relied on inheriting
SA_RESTART on SIGCHLD from lighttpd will now have to set that flag
themselves, if desired.
From a quick survey:
- bash sets SA_RESTART on SIGCHLD.
- Perl and Python unconditionally reset signals.
(Other interpreters are expected to do so as well.)
|
|
|
|
| |
use Mac OS POSIX_SPAWN_CLOEXEC_DEFAULT where available
|
|
|
|
| |
use posix_spawn_file_actions_addclosefrom_np() where available
|
|
|
|
|
|
|
| |
use posix_spawnattr_setcwd_np() (QNX Neutrino 7.1 or later)
NOTE: HAVE_POSIX_SPAWNATTR_SETCWD_NP *is not* currently checked and set
in the builds, so must be manually defined for build in order to enable.
|
|
|
|
|
|
|
| |
limit KTLS attempts to linux kernel version >= 4.17
or to FreeBSD 13 and kern.ipc.tls.enable
(avoid setsockopt() if KTLS is not enabled in running kernel)
|
|
|
|
| |
(bug recently reached master branch; not released)
|
|
|
|
|
| |
FreeBSD: check sysctl "kern.ipc.tls.enable" before attempting KTLS
(avoid setsockopt() if KTLS is not enabled in running FreeBSD kernel)
|
| |
|
|
|
|
|
|
| |
fix fstat() after close(); revert part of 699e0e46
(bug on master branch; not released) (found by coverity static analysis)
|
|
|
|
| |
enable SSL_OP_ENABLE_KTLS_TX_ZEROCOPY_SENDFILE if available
|
|
|
|
|
|
|
| |
revert previous commit adding fs_win32.h to Makefile.am hdrs
ifdef _WIN32 check before include fs_win32.h so that other platforms
do not have to care
|
| |
|
| |
|
|
|
|
| |
copy tests/*.conf for running tests in alternative build dir
|
|
|
|
| |
reset upload_temp_file_size in cgi_connection_close if p->tempfile_accum
|
|
|
|
|
|
| |
lighttpd STDIN_FILENO is reopened to /dev/null at server startup
Let CGI inherit fd STDIN_FILENO when (0 == r->reqbody_length)
|
|
|
|
| |
(issue in lighttpd 1.4.60 - 1.4.69)
|
|
|
|
| |
(e.g. support for HTTP/2 module mod_h2)
|
|
|
|
| |
(e.g. support for HTTP/2 module mod_h2)
|
| |
|
| |
|
| |
|
|
|
|
| |
wrap mbedtls_debug_set_threshold() in #ifdef for MBEDTLS_DEBUG_C
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
always decr fd count in connection_close()
always decr fd count in fdevent_sched_run()
Error return value from close() should be used for diagnostics and
recovery, but the state of the file descriptor is unspecified by POSIX.
On most systems, it is invalid to redo close(). (Linux 'man 2 close'
suggests that HP-UX is an outlier, and that a future POSIX standard
update will specify the behavior for the file descriptor to be closed)
EBADF should not happen in those funcs for lighttpd since those should
be the only locations in lighttpd where those fds are closed.
|
|
|
|
|
| |
collect error handling code for cgi_create_env()
(for code reuse and consistency; also reduces code size)
|
|
|
|
| |
It is not necessarily an error for CGI to close its input early
|
|
|
|
|
|
|
| |
.text segment was slightly over (2) 4k pages;
tweak code to be slightly less than (2) 4k pages
(when compiled optimized -O2)
(likely smaller when compiled -Os)
|
| |
|
|
|
|
|
| |
rename http_kv funcs for consistency ("http_" prefix)
reorder http_versions[]
|
| |
|
|
|
|
|
|
|
| |
match "map-host-response" with authority provided in (request) Host
for "-" in response map and when no other "map-host-request" mapped
request to a different authority. This is a bit friendlier for use
with bidirectional https-remap.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
$SERVER["socket"] inherits ssl.engine = "enable" from global scope
fixes issue of TLS-enabled socket, but missing config,
if ssl.engine = "enable" in global scope
and $SERVER["socket"] does not contain ssl.engine = "enable"
e.g. default TLS-enabled, and explicitly disabled on specific sockets
server.port = 443
ssl.engine = "enable"
ssl.pemfile = ...
ssl.privkey = ...
$SERVER["socket"] == ":80" { ssl.engine = "disable" }
$SERVER["socket"] == "[::]:80" { ssl.engine = "disable" }
$SERVER["socket"] == " :443" { }
$SERVER["socket"] == "[::]:443" { }
|
|
|
|
|
| |
slightly reduces code size for less-hot code
better collects shutdown process for r->http_version > HTTP_VERSION_1_1
|
| |
|
|
|
|
| |
warn if auth.require path never matches due to an earlier, shorter path
|
|
|
|
|
|
|
| |
check FORCE_WOLFSSL_CRYPTO and FORCE_MBEDTLS_CRYPTO when choosing
cryptolib
todo: should also apply to lighttpd autoconf, CMake, SCONS builds
|