Activity

From 2018-03-08 to 2018-03-14

04:08 Revision 78e25f0f: [mod_extforward] allow explict IPs to be untrusted (#2860): Allowing explicit IPs to be rejected might be useful in situations
where an internal network is to be allowed by CIDR... gstrauss

12:39 Feature #2860: RFE: mod_extforward CIDR support: > it would work if all entry notes (varnish, haproxy) clear the @X-Forwarded-For@ header, so it would be filled by in... gstrauss
12:28 Feature #2860: RFE: mod_extforward CIDR support: Allowing a CIDR range in lighttpd mod_extforward is similar to allowing a CIDR range in your firewall on the server(s... gstrauss
08:58 Feature #2860: RFE: mod_extforward CIDR support: i have considered alternative, but it's insecure to trust all addresses from proxy headers in case of value chaining,... glen
01:54 Revision ae54806d: - next is 1.4.50: gstrauss
00:23 Revision d0d5d426: [doc] NEWS: gstrauss

16:18 Revision 758d2414: [core] fix incorrect hash algorithm impl: fix incorrect implementation of djb hash algorithm gstrauss
08:28 Bug #2875: CVE-2013-1599: No gstrauss didn't write that I did. Caston
05:31 Revision 5a6e4df8: [mod_auth] check that digest realm matches config: gstrauss
05:28 Revision 81b7e8e2: [mod_auth] constant time compare plain passwords: (digests have same length) gstrauss

04:02 Feature #2842 (Need Feedback): Lighttpd Returns Wrong Cert In Multi-cert Set-up: lighttpd accepts both types of certs as long as the version of openssl accepts them. There might have been something... gstrauss

Also available in: Atom

Lighttpd