Lighttpd

2010-01-12

23:47 Bug #949: fastcgi, cgi, flush, php5 problem.

I think comment 18 hit the nail on the head with his input, best summarised by: "Lighty should have a MAX-output-buff... andrewsuth

14:36 Bug #2152 (Invalid): File upload doesn't work if the file is bigger than [512k?]

stbuehler

13:50 Bug #2152: File upload doesn't work if the file is bigger than [512k?]

oh no it seems that the MAX_FILE_SIZE tag (I don't remember why it's there on the form anyway) is parsed by PHP even... arnotixe

12:05 Bug #2152 (Need Feedback): File upload doesn't work if the file is bigger than [512k?]

Just a quick note: your php code is vulnerable to file overwriting and command injection since you do no validation a... icy

11:47 Bug #2152: File upload doesn't work if the file is bigger than [512k?]

got a fix from alpine linux, seems something's up there. Now I can upload up to 965259b, but 1013956b fails. arnotixe

2010-01-11

20:10 Bug #2152 (Invalid): File upload doesn't work if the file is bigger than [512k?]

My last issue was deleted by accident, so here goes:
No errors in /var/log/lighttpd/errors.log
A few files call... arnotixe

2010-01-10

20:27 Bug #2150 (Invalid): SSI Include not work

A simple SSI include not work.
Enabled the mod_ssi, created a .shtml page with a simple file include, the page serve... laforge

20:13 Bug #2125: Multiple https certs doesn't work

stbuehler wrote:
> I'm not sure if it is good to skip ssl.ca-file - i think openssl will ignore the additional certs ... dbb

17:48 Bug #2125: Multiple https certs doesn't work

I'm not sure if it is good to skip ssl.ca-file - i think openssl will ignore the additional certs in the pem-file. (P... stbuehler

17:23 Bug #2125: Multiple https certs doesn't work

So I whipped up a script to test this:
http://pastebin.com/f528c07d
Basically it uses gnutls-cli to randomly make c... dbb

13:17 Bug #2125: Multiple https certs doesn't work

Well, for some it works without problems, for others it doesn´t. But we don´t have enough informations, debugs, strac... nitrox

13:11 Bug #2125: Multiple https certs doesn't work

Any word on this? dbb

13:08 Feature #2149 (Invalid): Automatic Mime type detection via "File"

As Olaf already mentioned, executing a program for each request would be a performance killer.
If you want to, you c... icy

12:05 Feature #2149: Automatic Mime type detection via "File"

You can't execute a process each request due to performance reasons.
> * Files without file extensions will be calle... Olaf-van-der-Spek

04:04 Feature #2149 (Invalid): Automatic Mime type detection via "File"

The current way that Lighttpd detects a file's mime type is through the file extension, which is matched with the dic... matthewbauer

2010-01-08

20:22 Feature #2148 (Patch Pending): no mod_accesslog timezone support on Solaris

gadams

20:19 Feature #2148: no mod_accesslog timezone support on Solaris

I should note that my patch is against the trunk, as of r2700. gadams

20:16 Feature #2148 (Missing Feedback): no mod_accesslog timezone support on Solaris

Solaris doesnt have tm_gmtoff in its struct tm, so mod_accesslog always uses +0000. It appears to get the time right,... gadams

2010-01-07

17:39 Feature #1268: condition should be optional in "else" clause in configuration file

Any updates on this? eatnumber1

12:57 Bug #1628 (Fixed): Lighttpd glues response headers together. Setting more than one cookie impossible.

Wrong. stbuehler

12:44 Bug #1628 (Reopened): Lighttpd glues response headers together. Setting more than one cookie impossible.

Problem with "two set-cookies" was not solved in version 1.4.x.

2010-01-06

16:13 Bug #1956: mod_magnet lua issue

Update:
I just thought I would update this with some additional information.
I upgraded a server from 1.4.18 to... earthgecko

16:07 Revision e21a8393: Fix mod_cgi cgi.execute-x-only option in global block

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2702 152afb58-edef-0310-8abb-c4023f1b3aa9 stbuehler

16:07 Revision 2702 (svn): Fix mod_cgi cgi.execute-x-only option in global block

stbuehler

14:12 Bug #2147 (Fixed): slow request dos/oom attack

Hi, all
I found a serious problem.
I wrote a C program which sends a HTTP request to lighttpd very slowly, one b... stbuehler

08:42 Bug #2146 (Obsolete): fix mod_proxy_backend_http vulnerability

If the http-backend sends back an invalid response, like:
HTTP/1.1 200 OK
...
Transfer-Encoding: chunked
...
... liming

08:18 Feature #2145 (Fixed): array_get_unused_element returns correct data_type or NULL

I developped a lighty module. In this module, I mixed up data_string, data_array within one array. Lighty sometimes c... liming