Lighttpd

2019-03-07

05:32 Revision 8064b748: [mod_magnet] fix invalid script return-type crash (fixes #2938)

(thx flynn)
x-ref:
"Lighttpd crashes on wrong return type in lua script"
https://redmine.lighttpd.net/issues/2938 gstrauss

05:32 Revision 78f24ba1: [core] silence coverity warning

gstrauss

05:32 Revision b9e2be50: [mod_auth] HTTP Auth Digest algorithm=SHA-256

(also support Digest algorithm=SHA-512-256 if library support present)
enable additional algorithms by configuring l... gstrauss

05:32 Revision 1fb0d7e2: [core] no SOCK_NONBLOCK on QNX 7.0

QNX 7.0 has SOCK_CLOEXEC but not SOCK_NONBLOCK
(thx supergaute)
github: closes #98
x-ref:
"Fix compile error whe... gstrauss

05:32 Revision 28895ab2: [mod_auth] pass http_auth_require_t for 401 Unauth

pass (http_auth_require_t *) to mod_auth_send_401_unauthorized_digest()
for configured digest algorithms for 401 Unau... gstrauss

05:32 Revision 60f4cf3a: [mod_auth] http_auth_info_t digest abstraction

gstrauss

05:32 Revision 07fef258: [mod_auth] http_auth_digest_hex2bin()

replace http_auth_md5_hex2bin() with more generic function to handle
digests of different lengths gstrauss

05:32 Revision 9113011d: [core] pass (fdnode *) for registered fdevent fd

inline fdevent_fdnode_interest()
avoid array lookup for (fdnode *) for various ops gstrauss

05:32 Revision 0e108390: [core] modify config parser to handle multiple }

modify config parser to handle multiple '}' on same line gstrauss

05:32 Revision d76756ca: [core] perf: pass (fdnode *) to epoll and kqueue

gstrauss

05:32 Revision c83fff1d: [core] release empty chunk buf when nothing read

gstrauss

05:32 Revision 41384a36: [core] isolate fdevent processing

gstrauss

05:32 Revision 1a99aad1: [core] pull server load checks out of main loop

gstrauss

05:32 Revision 99f8ae0d: [mod_openssl] use 16k static buffer instead of 64k

better match size used by openssl
(avoid unused, oversized reads) gstrauss

05:32 Revision 4e6e787a: [core] remove redundant check for allow_http11

(conf.allow_http11 is handled in http_response_prepare()) gstrauss

05:32 Revision 800e9b73: [core] remove fde_ndx member outside fdevents

(isolated to fdevent framework internals) gstrauss

05:32 Revision 0a46f7ec: [core] some fdevent code streamlining

isolate fde_ndx to fdevent framework internals gstrauss

05:32 Revision 8441c9e8: [core] config option to allow GET w/ request body

server.http-parseopts = ( "method-get-body" = "enable" ) gstrauss

05:32 Revision 81674978: [mod_proxy] pass Content-Length to backend if > 0

pass Content-Length to backend if > 0, even if GET or HEAD method
(and pass Content-Length: 0 for other methods if no... gstrauss

05:32 Revision 8efa6a34: [mod_openssl] default: ssl.cipher-list = "HIGH"

gstrauss

05:32 Revision 3e200717: [mod_openssl] inherit cipherlist from global scope

inherit cipherlist from global scope if not set in $SERVER["socket"] gstrauss

05:32 Revision 1542e44b: [core] use openssl to read,discard request body

use openssl to read,discard request body after response has been sent
on a TLS connection, at least until SSL close n... gstrauss

04:14 Bug #2938 (Patch Pending): Lighttpd crashes on wrong return type in lua script

gstrauss

04:04 Bug #2938: Lighttpd crashes on wrong return type in lua script

The documentation matches your patch. Thanks!
https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModMagnet#... gstrauss

2019-03-06

14:58 Bug #2938: Lighttpd crashes on wrong return type in lua script

From my current understanding and usage of lua scripts with mod_magnet there two use cases:
1.) generating content... flynn

14:00 Bug #2938: Lighttpd crashes on wrong return type in lua script

Should lua_return_type == LUA_TNIL be an error, too? This is a programming interface. If someone is not returning a... gstrauss

09:23 Bug #2938: Lighttpd crashes on wrong return type in lua script

This patch fixes the problem for me:
- behaviour with numeric and nil types is unchanged
- all other types are ha... flynn

08:00 Bug #2938: Lighttpd crashes on wrong return type in lua script

Based on your description, please have a look at mod_magnet.c line 968:... gstrauss

06:50 Bug #2938 (Fixed): Lighttpd crashes on wrong return type in lua script

If a lua script is attached with magnet.attract-raw-url-to, this script is expected to either return nothing or a num... flynn

13:17 Bug #2937: SSL client certificate validation needs dedicated ssl.verifyclient.ca-file

@gstrauss: This seems very weird to me. According to https://redmine.lighttpd.net/issues/2694 ssl.ca-dn-file is just ... wschlich

07:49 Bug #2937: SSL client certificate validation needs dedicated ssl.verifyclient.ca-file

Perhaps the documentation needs to be made clearer.
The verify_callback() function in mod_openssl contains this co... gstrauss

05:45 Bug #2937: SSL client certificate validation needs dedicated ssl.verifyclient.ca-file

Thank you for the report.
It will take some work to put together a solution with a little impact as possible to cu... gstrauss

2019-03-01

11:36 Bug #2937 (Invalid): SSL client certificate validation needs dedicated ssl.verifyclient.ca-file

According to https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_SSL as well as https://redmine.lighttpd.net/iss... wschlich