lighty labs

2025-09-12

19:21 Lighttpd Release: lighttpd 1.4.82

[[Release-1_4_82|lighttpd 1.4.82 release notes]] gstrauss

19:12 Lighttpd Revision 564dd880: - next is 1.4.83

gstrauss

19:08 Lighttpd Revision 95a86758: [doc] NEWS

gstrauss

2025-09-10

16:38 Lighttpd Revision 48c5d482: [core] avoid chunk mem reallocation on read/recv

avoid chunk mem reallocation on read/recv, or not reading all available
data, by adding space for '\0' in calls to ch... gstrauss

06:21 Lighttpd Revision dc0cadef: [ci] Bump actions/checkout from 4 to 5

Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actio... dependabot[bot]

00:38 Lighttpd Feature #3288: mod_mbedtls: ECDSA OpenSSL certificates do not work with lighttpd + mbedTLS/PSA (MBEDTLS_USE_PSA_CRYPTO)

https://github.com/Mbed-TLS/mbedtls/issues/10395 filed requesting enhancement for mbedtls to continue to build libmbe... gstrauss

2025-09-09

06:55 Lighttpd Feature #3288 (Fixed): mod_mbedtls: ECDSA OpenSSL certificates do not work with lighttpd + mbedTLS/PSA (MBEDTLS_USE_PSA_CRYPTO)

Applied in changeset commit:185f83738a15bd53c1ad62ccbfde47b4d16bee5e. gstrauss

06:39 Lighttpd Feature #3288: mod_mbedtls: ECDSA OpenSSL certificates do not work with lighttpd + mbedTLS/PSA (MBEDTLS_USE_PSA_CRYPTO)

With @MBEDTLS_USE_PSA_CRYPTO@, it appears that @psa_crypto_init()@ must be called even for pemfile parsing. This is ... gstrauss

06:45 Lighttpd Revision 29928223: [build] mod_mbedtls: use tfpsacrypto if found

mod_mbedtls: use tfpsacrypto, if found, in preference to mbedcrypto
The existence of tfpsacrypto suggests MBEDTLS_USE... gstrauss

06:39 Lighttpd Revision 185f8373: [mod_mbedtls] psa_crypto_init() for MBEDTLS_USE_PSA_CRYPTO (fixes #3288)

psa_crypto_init() if MBEDTLS_USE_PSA_CRYPTO is set
in order for PEM files to be parsed
(psa_crypto_init() can not be... gstrauss

2025-09-08

06:46 Lighttpd Revision 6403952c: [cmake,mod_mbedtls] mbedx509 mbedcrypto order

gstrauss

06:42 Lighttpd Revision b82a7a71: [mod_redirect,mod_rewrite] ${authority.noport} tok

add ${authority.noport} token for rewriting vhost on non-default port to
a different port, e.g. non-default port http... gstrauss

06:19 Lighttpd Revision 2ab82105: [core] fix logic inversion in "toupper:" modifier

for mod_rewrite and mod_redirect ${toupper:...} variable substitution gstrauss

06:18 Lighttpd Revision ddde78d5: [core] restrict request trailers to configured list

restrict request trailers to configured list of field names
server.feature-flags += ("request.trailer-whitelist" => ... gstrauss

06:12 Lighttpd Feature #3288: mod_mbedtls: ECDSA OpenSSL certificates do not work with lighttpd + mbedTLS/PSA (MBEDTLS_USE_PSA_CRYPTO)

It appears that @-lmbedcrypto@ should be replaced with @-ltfpsacrypto@ when @MBEDTLS_USE_PSA_CRYPTO@ is set, so if yo... gstrauss

05:47 Lighttpd Feature #3288 (Need Feedback): mod_mbedtls: ECDSA OpenSSL certificates do not work with lighttpd + mbedTLS/PSA (MBEDTLS_USE_PSA_CRYPTO)

I won't accept mbedtls moving target interfaces as a bug in lighttpd, so I have changed this issue to a feature reque... gstrauss

05:07 Lighttpd Feature #3288: mod_mbedtls: ECDSA OpenSSL certificates do not work with lighttpd + mbedTLS/PSA (MBEDTLS_USE_PSA_CRYPTO)

> And - in addition to that - when using it without the given MBEDTLS-option above, the lighttpd crashes at startup "... gstrauss

04:58 Lighttpd Feature #3288: mod_mbedtls: ECDSA OpenSSL certificates do not work with lighttpd + mbedTLS/PSA (MBEDTLS_USE_PSA_CRYPTO)

Thank you for the report. Are you able to provide more details to reproduce, e.g. sample commands to create the cert... gstrauss