Lighttpd

2016-04-14

22:25 Bug #2288 (Fixed): Directory trailing-slash redirect should respect X-Forwarded-Proto header

fixed in 05858f6c... gstrauss

21:47 Feature #2254 (Missing Feedback): lighttpd-angel doesn't have man page

gstrauss

21:37 Feature #2211 (Missing Feedback): Signals doc

gstrauss

20:02 Revision e0bafab2: [mod_indexfile] save physical path to env (fixes #448, #892)

save physical path to environment (PATH_TRANSLATED_DIRINDEX)
when index generator is full path (not relative path)
f... gstrauss

20:01 Revision 186e7073: [mod_redirect,mod-rewrite] short-circuit if blank replacement (fixes #2085)

x-ref:
"null redirects for mod_redirect"
https://redmine.lighttpd.net/issues/2085 gstrauss

12:59 Revision fa3a36ff: [mod_ssi] config ssi.exec (fixes #2051)

(thx benbrown)
x-ref:
"mod_ssi Add configuration item to disable SSI exec."
https://redmine.lighttpd.net/issues/... gstrauss

12:50 Feature #2085: null redirects for mod_redirect

Similar change to add this feature to mod_rewrite:... gstrauss

12:11 Feature #2085: null redirects for mod_redirect

Thanks.
Simple modification to the patch. I'll look at mod_rewrite next.... gstrauss

11:59 Feature #2085: null redirects for mod_redirect

A blank target doesn't have any sane semantic so far, so I see no problem using it for a special purpose. Maybe the s... stbuehler

11:16 Feature #2085: null redirects for mod_redirect

Does that mean you would prefer the solution originally presented, which is a blank target pattern? gstrauss

11:02 Feature #2085: null redirects for mod_redirect

gstrauss wrote:
> mod_rewrite documents:
> https://redmine.lighttpd.net/projects/lighttpd/wiki/docs_modrewrite
> >... stbuehler

10:40 Feature #2085: null redirects for mod_redirect

Updated patch to match target pattern against "$0" and short-circuit since it is 'identity' pattern, similar to mod_r... gstrauss

12:35 Revision 6982b193: [mod_ssi] config ssi.conditional-requests

Summary:
A new SSI directive, "ssi.conditional-requests", allows to inform
lighttpd which SSI pages should be conside... fbrosson

2016-04-13

19:14 Bug #2723 (Fixed): setrlimit can increase RLIMIT_NOFILE up to rlim_max for non-root

committed in bb953177 gstrauss

19:13 Feature #2722 (Fixed): define __STDC_WANT_LIB_EXT1__ for memset_s()

committed in 51e0f208 to add define to first.h
Depending on feedback from those using memset_s() on their platform... gstrauss

08:02 Feature #2722: define __STDC_WANT_LIB_EXT1__ for memset_s()

Would you like me to add -D__STDC_WANT_LIB_EXT1__=1 to CPPFLAGS in configure.ac and to add_definitions in src/CMakeLi... gstrauss

07:38 Feature #2722: define __STDC_WANT_LIB_EXT1__ for memset_s()

As you said yourself @__STDC_WANT_LIB_EXT1__@ should also be used in the configure step. stbuehler

19:11 Feature #2642 (Fixed): add option for "fail on warning"

updated in c4edd356 gstrauss

19:10 Feature #2304 (Fixed): special class for directories tr's in directory listing

committed in c63427c9 gstrauss

19:09 Feature #2427 (Fixed): Connections Status

committed in dc9f95c7 gstrauss

19:09 Feature #2170 (Fixed): server-status page should have an automatic reload

committed in c68f83ae gstrauss

19:08 Bug #1919 (Fixed): mod_expires sends headers on 404 responses

committed in 760baed4 gstrauss

05:10 Bug #1919: mod_expires sends headers on 404 responses

It turns out that mod_expire might add caching headers (based on URL) prior to a handler determining that http status... gstrauss

19:07 Bug #1826 (Fixed): mod_webdav readdir POSIX compatibility issue

committed in f4cb07f7 gstrauss

19:06 Bug #1499 (Fixed): HTTPS env var should be "on" when using mod_extforward and the X-Forwarded-Proto header is set.

updated in e5e5548b gstrauss

19:05 Bug #1483 (Fixed): magnet offset > length bug

committed in 659ce5e7
Please feel free to enhance this with a subsequent patch to look for field named "len" (with... gstrauss

19:04 Bug #1468 (Fixed): LDAP UTF-8 encoding

committed in 4b412797 gstrauss

19:03 Bug #1339 (Fixed): lighttpd doesn't set empty QUERY_STRING in cgi environment

committed in f1681ca2 gstrauss

08:14 Feature #2358: Check if directory exists in url.rewrite-if-not-file

Just for the record: I'm not saying a feature request for a similar rewrite action checking for directories would be ... stbuehler

07:52 Feature #2358 (Invalid): Check if directory exists in url.rewrite-if-not-file

Quoting from https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModRewrite:
url.rewrite-[repeat-]if-not-fi... gstrauss

07:35 Feature #2358: Check if directory exists in url.rewrite-if-not-file

No! This breaks clearly documented behavior. @url.rewrite-if-not-file@ checks for regular file, not for directories. stbuehler

07:54 Revision bb953177: [core] setrlimit max-fds <= rlim_max for non-root (fixes #2723)

x-ref:
"setrlimit can increase RLIMIT_NOFILE up to rlim_max for non-root"
https://redmine.lighttpd.net/issues/2723 gstrauss

07:54 Revision 51e0f208: [core] define __STDC_WANT_LIB_EXT1__ (fixes #2722)

x-ref:
"define __STDC_WANT_LIB_EXT1__ for memset_s()"
https://redmine.lighttpd.net/issues/2722 gstrauss

07:53 Revision c4edd356: skip spawning backends for preflight tests (#2642)

Also, update man page for lighttpd -tt
x-ref:
"add option for "fail on warning""
https://redmine.lighttpd.net/is... gstrauss

06:18 Revision c63427c9: [mod_dirlisting] class for dir <tr> (fixes #2304)

x-ref:
"special class for directories tr's in directory listing"
https://redmine.lighttpd.net/issues/2304 gstrauss

06:12 Revision dc9f95c7: [mod_status] table w/ count of con states (fixes #2427)

(replaces "legend") gstrauss

06:08 Revision c68f83ae: [mod_status] page refresh option (fixes #2170)

e.g. http://server-address/server-status?refresh=10
x-ref:
"server-status page should have an automatic reload"
... gstrauss

05:04 Revision 760baed4: [mod_expire] reset caching response headers for error docs (fixes #1919)

remove Cache-Control and Expires headers before handling error docs
(caching headers may have been set by mod_expire ... gstrauss

04:23 Revision f4cb07f7: [mod_webdav] readdir POSIX compat (fixes #1826)

do not expect '.' to be part of dir listing
x-ref:
"mod_webdav readdir POSIX compatibility issue"
https://redmin... gstrauss

04:17 Revision e5e5548b: [mod_extforward] reset cond_cache for scheme (fixes #1499)

bug #1499 was mostly fixed in 05858f6c
This patch additionally resets the cond_cache since scheme might change
x-ref... gstrauss

04:07 Revision 659ce5e7: [mod_magnet] rename var for clarity (fixes #1483)

"length" argument is more accurately described as 0-index end of range
x-ref:
"magnet offset > length bug"
https... gstrauss

03:56 Revision 4b412797: [mod_auth] send charset="UTF-8" in WWW-Authenticate (fixes #1468)

https://tools.ietf.org/html/rfc7616 and
https://tools.ietf.org/html/rfc7617 (September 2015)
update Digest and Basic ... gstrauss

03:48 Revision f1681ca2: [mod_cgi] always set QUERY_STRING (fixes #1339)

(thx alexo)
x-ref:
"lighttpd doesn't set empty QUERY_STRING in cgi environment"
https://redmine.lighttpd.net/iss... gstrauss

03:44 Bug #919 (Fixed): scons doesn't found LIBUUID key

fixed in r3032 (52d72fe8) gstrauss

03:34 Bug #319 (Fixed): Should warn if two FastCGI servers point to same socket file

committed in 97556d99 gstrauss

2016-04-12

21:49 Bug #2724: security: stat cache *very large* race condition if caching when follow_symlink disabled

Since there is already stat() then open() race condition which can be exacerbated with busy I/O, I am okay with leavi... gstrauss

21:02 Bug #2724: security: stat cache *very large* race condition if caching when follow_symlink disabled

I'd say the FAM stat cache way should still work.
As an option to patching we could document it explicitly somehow... stbuehler

21:24 Bug #2725: server.groupname not required with server.username

In the past people sometimes asked how to run lighty as root and complained that setting username = "root" didn't wor... stbuehler

07:04 Bug #2390 (Need Feedback): getcwd() problem on Cygwin (without Cygwin environment)

I am a bit confused by your use of 'native'. The patch looks like it is for building under ... gstrauss

04:38 Bug #131 (Patch Pending): FastCGI FCGI_STDOUT before FCGI_STDIN bug

fixed submitted as part of https://github.com/lighttpd/lighttpd1.4/pull/53 gstrauss

04:37 Bug #2566 (Patch Pending): mod_fastcgi should handle "quick" responses

fixed submitted as part of https://github.com/lighttpd/lighttpd1.4/pull/53 gstrauss

2016-04-11

21:02 Bug #2725: server.groupname not required with server.username

(changed ticket title on this private ticket since the title showed up on the non-private ticket when I marked them r... gstrauss

20:58 Bug #2725 (Fixed): server.groupname not required with server.username

If lighttpd is started as root, it is a security exposure to leave the server running with root groups if server.grou... gstrauss

20:34 Bug #1357: mod_evasive, max-conns-per-ip and max-worker

limitations of using server.max-worker are documented at
https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_m... gstrauss

19:53 Bug #1258: don't send content length header

FYI: another option: mod_fastcgi supports an extension called X-Sendfile2 which does set Content-Length gstrauss

19:43 Bug #1271: /var/log/lighttpd is unsafe

(yes, I realize that this is a very old ticket)
@jescobedo: thanks for the feedback.
There are many different o... gstrauss

19:00 Feature #1104: Chunked transfer encoding not supported in request message

https://github.com/lighttpd/lighttpd1.4/pull/38 applied in 06d3c75 will return 411 Length Required if client attempts... gstrauss

18:53 Bug #406 (Patch Pending): PHP PATH_INFO improperly converted to lowercase

The following (untested!) patch should fix this for vast majority of use cases.
Would someone affected by this tes... gstrauss

18:06 Bug #560 (Fixed): "bin-environment" cannot override current valu

fixed a long time ago.... gstrauss

09:58 Bug #619 (Fixed): When create or uploading a directory to the DAV directory

Fixed with https://github.com/lighttpd/lighttpd1.4/pull/38 applied to lighttpd master in 06d3c75
send 411 Length R... gstrauss

09:24 Bug #1619: WebDAV: can't lock (HTTP/1.1 409 Conflict)

partial fix submitted in https://github.com/lighttpd/lighttpd1.4/pull/34 "[mod_webdav] allow Depth: Infinity lock on ... gstrauss

09:05 Feature #1518: Problems with IPv6 address parsing

related pull request: https://github.com/lighttpd/lighttpd1.4/pull/52 gstrauss

08:56 Bug #1834 (Fixed): Invalid Content-Type sent when more than one mimetype.assign matches

... gstrauss

07:52 Feature #2005: [PATCH] X-Sendfile-Range header support

FYI: implemented as X-Sendfile2 in #2008 gstrauss

07:27 Bug #2058 (Patch Pending): Closed connection by peer is not reported to fastcgi/scgi service

proposed patch is part of https://github.com/lighttpd/lighttpd1.4/pull/53 gstrauss

07:17 Feature #2139 (Fixed): Optimizing buffer_append_long()

optimized in r6afad87d... gstrauss

06:50 Feature #2200: More server.error handlers please

https://github.com/lighttpd/lighttpd1.4/pull/36 gstrauss

06:09 Bug #2225 (Fixed): Silent failure

Fixed with https://github.com/lighttpd/lighttpd1.4/pull/32
lighttpd parent process will exit non-zero if config pars... gstrauss

05:46 Bug #2580 (Fixed): connections.c can reset is_readable too soon

Fixed in 1.4.36... gstrauss

03:00 Bug #399 (Patch Pending): FastCGI performance on high load

The following is a minimal patch so that lighttpd will detect if client disconnects. It removes interest in FDEVENT_... gstrauss

2016-04-10

06:43 Feature #2427 (Patch Pending): Connections Status

This patch replaces the legend before the map of connection states with a combined count+legend table following the m... gstrauss

05:17 Bug #896 (Missing Feedback): partial transfer is racey (testcase provided)

If this is still an issue, please reopen ticket and add some updated info. Thanks. gstrauss

04:31 Bug #1829 (Fixed): lighttpd leaves CLOSE_WAIT connections

I believe this issues has since been fixed in historical commits, potentially this one:... gstrauss

04:22 Bug #1149 (Fixed): handle-req time too long

I believe this issues has since been fixed in historical commits, potentially this one:... gstrauss

04:14 Bug #647 (Duplicate): handle-req timeout

I believe that the build-up of very old connections in handle-req state will no longer occur. See #1149 for further ... gstrauss

2016-04-08

17:34 Bug #1829: lighttpd leaves CLOSE_WAIT connections

I'm sorry. I guess the system where this problem occurred doesn't exist anymore... for a few years now. GeorgH

06:38 Bug #1829: lighttpd leaves CLOSE_WAIT connections

@GeorgH: this might be fixed in a recent pull request:
https://github.com/lighttpd/lighttpd1.4/pull/53 improves the ... gstrauss

15:06 Bug #2588 (Patch Pending): Problem when uploading large files

https://github.com/lighttpd/lighttpd1.4/pull/54
@dirk4000: would you give this patch a try and let us know if it r... gstrauss

14:39 Revision 97556d99: [mod_fastcgi,mod_scgi] check for spawning on same unix socket (fixes #319)

error if unix socket path is duplicated
(does not check across modules, but will detect duplicated unix socket
path... gstrauss

00:04 Bug #2541 (Patch Pending): HTTP 401 Unauthorized only sent back after full POST request is read.

part of pull request https://github.com/lighttpd/lighttpd1.4/pull/53 gstrauss