-Index: src/base.h
+Index: ChangeLog
===================================================================
---- src/base.h (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/base.h (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -269,6 +269,9 @@
- unsigned short use_ipv6;
- unsigned short is_ssl;
- unsigned short allow_http11;
-+ unsigned short etag_use_inode;
-+ unsigned short etag_use_mtime;
-+ unsigned short etag_use_size;
- unsigned short force_lowercase_filenames; /* if the FS is case-insensitive, force all files to lower-case */
- unsigned short max_request_size;
-
-Index: src/connections.c
+Index: .cvsignore
===================================================================
---- src/connections.c (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/connections.c (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -1252,6 +1252,16 @@
- socklen_t cnt_len;
- /* accept it and register the fd */
-
-+ /**
-+ * check if we can still open a new connections
-+ *
-+ * see #1216
-+ */
-+
-+ if (srv->conns->used >= srv->max_conns) {
-+ return NULL;
-+ }
-+
- cnt_len = sizeof(cnt_addr);
+Index: src/.cvsignore
+===================================================================
+Index: src/configfile-glue.c
+===================================================================
+--- src/configfile-glue.c (.../tags/lighttpd-1.4.23)
++++ src/configfile-glue.c (.../branches/lighttpd-1.4.x)
+@@ -103,7 +103,6 @@
+ if (e != ds->value->ptr && !*e && l >=0 && l <= 65535) {
+ *((unsigned short *)(cv[i].destination)) = l;
+ break;
+-
+ }
+ }
- if (-1 == (cnt = accept(srv_socket->fd, (struct sockaddr *) &cnt_addr, &cnt_len))) {
-@@ -1265,6 +1275,9 @@
- case ECONNABORTED: /* this is a FreeBSD thingy */
- /* we were stopped _after_ we had a connection */
+@@ -112,10 +111,40 @@
+ return -1;
+ }
+ default:
+- log_error_write(srv, __FILE__, __LINE__, "ssds", "unexpected type for key:", cv[i].key, du->type, "expected a integer, range 0 ... 65535");
++ log_error_write(srv, __FILE__, __LINE__, "ssds", "unexpected type for key:", cv[i].key, du->type, "expected a short integer, range 0 ... 65535");
+ return -1;
+ }
break;
-+ case EMFILE:
-+ /* out of fds */
++ case T_CONFIG_INT:
++ switch(du->type) {
++ case TYPE_INTEGER: {
++ data_integer *di = (data_integer *)du;
++
++ *((unsigned int *)(cv[i].destination)) = di->value;
++ break;
++ }
++ case TYPE_STRING: {
++ data_string *ds = (data_string *)du;
++
++ if (ds->value->ptr && *ds->value->ptr) {
++ char *e;
++ long l = strtol(ds->value->ptr, &e, 10);
++ if (e != ds->value->ptr && !*e && l >= 0) {
++ *((unsigned int *)(cv[i].destination)) = l;
++ break;
++ }
++ }
++
++
++ log_error_write(srv, __FILE__, __LINE__, "ssb", "got a string but expected an integer:", cv[i].key, ds->value);
++
++ return -1;
++ }
++ default:
++ log_error_write(srv, __FILE__, __LINE__, "ssds", "unexpected type for key:", cv[i].key, du->type, "expected an integer, range 0 ... 4294967295");
++ return -1;
++ }
+ break;
- default:
- log_error_write(srv, __FILE__, __LINE__, "ssd", "accept failed:", strerror(errno), errno);
- }
-@@ -1432,6 +1445,7 @@
- } else if (con->in_error_handler) {
- /* error-handler is back and has generated content */
- /* if Status: was set, take it otherwise use 200 */
-+ con->http_status = con->error_handler_saved_status;
- }
-
- if (con->http_status == 0) con->http_status = 200;
-Index: src/mod_staticfile.c
+ case T_CONFIG_BOOLEAN:
+ if (du->type == TYPE_STRING) {
+ data_string *ds = (data_string *)du;
+Index: src/mod_cgi.c
===================================================================
---- src/mod_staticfile.c (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/mod_staticfile.c (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -25,6 +25,7 @@
+--- src/mod_cgi.c (.../tags/lighttpd-1.4.23)
++++ src/mod_cgi.c (.../branches/lighttpd-1.4.x)
+@@ -56,6 +56,7 @@
typedef struct {
- array *exclude_ext;
-+ unsigned short etags_used;
+ array *cgi;
++ unsigned short execute_x_only;
} plugin_config;
typedef struct {
-@@ -82,6 +83,7 @@
+@@ -151,6 +152,7 @@
config_values_t cv[] = {
- { "static-file.exclude-extensions", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
-+ { "static-file.etags", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
- { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
+ { "cgi.assign", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
++ { "cgi.execute-x-only", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
+ { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET}
};
-@@ -94,8 +96,10 @@
+@@ -165,8 +167,10 @@
+ assert(s);
- s = calloc(1, sizeof(plugin_config));
- s->exclude_ext = array_init();
-+ s->etags_used = 1;
+ s->cgi = array_init();
++ s->execute_x_only = 0;
- cv[0].destination = s->exclude_ext;
-+ cv[1].destination = &(s->etags_used);
+ cv[0].destination = s->cgi;
++ cv[1].destination = &(s->execute_x_only);
p->config_storage[i] = s;
-@@ -114,6 +118,7 @@
- plugin_config *s = p->config_storage[0];
-
- PATCH(exclude_ext);
-+ PATCH(etags_used);
-
- /* skip the first, the global context */
- for (i = 1; i < srv->config_context->used; i++) {
-@@ -129,7 +134,9 @@
+@@ -580,12 +584,9 @@
+ #if 0
+ log_error_write(srv, __FILE__, __LINE__, "sd", "(debug) cgi exited fine, pid:", pid);
+ #endif
+- pid = 0;
+-
+ return HANDLER_GO_ON;
+ } else {
+ log_error_write(srv, __FILE__, __LINE__, "sd", "cgi died, pid:", pid);
+- pid = 0;
+ return HANDLER_GO_ON;
+ }
+ }
+@@ -1005,7 +1006,7 @@
+ args[i++] = cgi_handler->ptr;
+ }
+ args[i++] = con->physical.path->ptr;
+- args[i++] = NULL;
++ args[i ] = NULL;
+
+ /* search for the last / */
+ if (NULL != (c = strrchr(con->physical.path->ptr, '/'))) {
+@@ -1018,8 +1019,6 @@
+ *c = '/';
+ }
- if (buffer_is_equal_string(du->key, CONST_STR_LEN("static-file.exclude-extensions"))) {
- PATCH(exclude_ext);
-- }
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("static-file.etags"))) {
-+ PATCH(etags_used);
-+ }
+- openDevNull(STDERR_FILENO);
+-
+ /* we don't need the client socket */
+ for (i = 3; i < 256; i++) {
+ if (i != srv->errorlog_fd) close(i);
+@@ -1198,6 +1197,8 @@
+
+ if (buffer_is_equal_string(du->key, CONST_STR_LEN("cgi.assign"))) {
+ PATCH(cgi);
++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("cgi.execute-x-only"))) {
++ PATCH(execute_x_only);
+ }
}
}
+@@ -1220,6 +1221,7 @@
-@@ -446,11 +453,17 @@
- response_header_overwrite(srv, con, CONST_STR_LEN("Accept-Ranges"), CONST_STR_LEN("bytes"));
+ if (HANDLER_ERROR == stat_cache_get_entry(srv, con, con->physical.path, &sce)) return HANDLER_GO_ON;
+ if (!S_ISREG(sce->st.st_mode)) return HANDLER_GO_ON;
++ if (p->conf.execute_x_only == 1 && (sce->st.st_mode & (S_IXUSR | S_IXGRP | S_IXOTH)) == 0) return HANDLER_GO_ON;
- if (allow_caching) {
-- if (NULL == array_get_element(con->response.headers, "ETag")) {
-- /* generate e-tag */
-- etag_mutate(con->physical.etag, sce->etag);
-+ etag_flags_t flags;
-
-- response_header_overwrite(srv, con, CONST_STR_LEN("ETag"), CONST_BUF_LEN(con->physical.etag));
-+ flags = (con->conf.etag_use_mtime ? ETAG_USE_MTIME : 0) | (con->conf.etag_use_inode ? ETAG_USE_INODE : 0) | (con->conf.etag_use_size ? ETAG_USE_SIZE : 0);
-+
-+ if (p->conf.etags_used && flags != 0 && !buffer_is_empty(sce->etag)) {
-+ if (NULL == array_get_element(con->response.headers, "ETag")) {
-+ /* generate e-tag */
-+ etag_mutate(con->physical.etag, sce->etag);
-+
-+ response_header_overwrite(srv, con, CONST_STR_LEN("ETag"), CONST_BUF_LEN(con->physical.etag));
-+ }
- }
+ s_len = fn->used - 1;
- /* prepare header */
-Index: src/configfile.c
+Index: src/network_write.c
===================================================================
---- src/configfile.c (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/configfile.c (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -89,7 +89,9 @@
- { "server.core-files", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 45 */
- { "ssl.cipher-list", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 46 */
- { "ssl.use-sslv2", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 47 */
--
-+ { "etag.use-inode", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 48 */
-+ { "etag.use-mtime", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 49 */
-+ { "etag.use-size", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 50 */
- { "server.host", "use server.bind instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
- { "server.docroot", "use server.document-root instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
- { "server.virtual-root", "load mod_simple_vhost and use simple-vhost.server-root instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
-@@ -162,6 +164,9 @@
+--- src/network_write.c (.../tags/lighttpd-1.4.23)
++++ src/network_write.c (.../branches/lighttpd-1.4.x)
+@@ -46,15 +46,27 @@
+ toSend = c->mem->used - 1 - c->offset;
+ #ifdef __WIN32
+ if ((r = send(fd, offset, toSend, 0)) < 0) {
+- log_error_write(srv, __FILE__, __LINE__, "ssd", "write failed: ", strerror(errno), fd);
++ /* no error handling for windows... */
++ log_error_write(srv, __FILE__, __LINE__, "ssd", "send failed: ", strerror(errno), fd);
+
+ return -1;
+ }
+ #else
+ if ((r = write(fd, offset, toSend)) < 0) {
+- log_error_write(srv, __FILE__, __LINE__, "ssd", "write failed: ", strerror(errno), fd);
++ switch (errno) {
++ case EAGAIN:
++ case EINTR:
++ r = 0;
++ break;
++ case EPIPE:
++ case ECONNRESET:
++ return -2;
++ default:
++ log_error_write(srv, __FILE__, __LINE__, "ssd",
++ "write failed:", strerror(errno), fd);
+
+- return -1;
++ return -1;
++ }
+ }
#endif
- s->kbytes_per_second = 0;
- s->allow_http11 = 1;
-+ s->etag_use_inode = 1;
-+ s->etag_use_mtime = 1;
-+ s->etag_use_size = 1;
- s->range_requests = 1;
- s->force_lowercase_filenames = 0;
- s->global_kbytes_per_second = 0;
-@@ -206,6 +211,9 @@
-
- cv[46].destination = s->ssl_cipher_list;
- cv[47].destination = &(s->ssl_use_sslv2);
-+ cv[48].destination = &(s->etag_use_inode);
-+ cv[49].destination = &(s->etag_use_mtime);
-+ cv[50].destination = &(s->etag_use_size);
-
- srv->config_storage[i] = s;
-
-@@ -280,8 +288,10 @@
- PATCH(ssl_ca_file);
- PATCH(ssl_cipher_list);
- PATCH(ssl_use_sslv2);
--
--
-+ PATCH(etag_use_inode);
-+ PATCH(etag_use_mtime);
-+ PATCH(etag_use_size);
-+
- return 0;
- }
-@@ -323,6 +333,12 @@
- PATCH(max_read_idle);
- } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("mimetype.use-xattr"))) {
- PATCH(use_xattr);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("etag.use-inode"))) {
-+ PATCH(etag_use_inode);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("etag.use-mtime"))) {
-+ PATCH(etag_use_mtime);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("etag.use-size"))) {
-+ PATCH(etag_use_size);
- } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.pemfile"))) {
- PATCH(ssl_pemfile);
- } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.ca-file"))) {
-Index: src/etag.c
-===================================================================
---- src/etag.c (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/etag.c (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -8,13 +8,25 @@
- return 0;
- }
+@@ -98,7 +110,7 @@
+ return -1;
+ }
+
+-#if defined USE_MMAP
++#ifdef USE_MMAP
+ if (MAP_FAILED == (p = mmap(0, sce->st.st_size, PROT_READ, MAP_SHARED, ifd, 0))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "mmap failed: ", strerror(errno));
+
+@@ -109,13 +121,26 @@
+ close(ifd);
+
+ if ((r = write(fd, p + offset, toSend)) <= 0) {
+- log_error_write(srv, __FILE__, __LINE__, "ss", "write failed: ", strerror(errno));
+- munmap(p, sce->st.st_size);
+- return -1;
++ switch (errno) {
++ case EAGAIN:
++ case EINTR:
++ r = 0;
++ break;
++ case EPIPE:
++ case ECONNRESET:
++ munmap(p, sce->st.st_size);
++ return -2;
++ default:
++ log_error_write(srv, __FILE__, __LINE__, "ssd",
++ "write failed:", strerror(errno), fd);
++ munmap(p, sce->st.st_size);
++
++ return -1;
++ }
+ }
--int etag_create(buffer *etag, struct stat *st) {
-- buffer_copy_off_t(etag, st->st_ino);
-- buffer_append_string_len(etag, CONST_STR_LEN("-"));
-- buffer_append_off_t(etag, st->st_size);
-- buffer_append_string_len(etag, CONST_STR_LEN("-"));
-- buffer_append_long(etag, st->st_mtime);
-+int etag_create(buffer *etag, struct stat *st,etag_flags_t flags) {
-+ if (0 == flags) return 0;
+ munmap(p, sce->st.st_size);
+-#else
++#else /* USE_MMAP */
+ buffer_prepare_copy(srv->tmp_buf, toSend);
-+ buffer_reset(etag);
+ lseek(ifd, offset, SEEK_SET);
+@@ -127,12 +152,33 @@
+ }
+ close(ifd);
+
+- if (-1 == (r = send(fd, srv->tmp_buf->ptr, toSend, 0))) {
+- log_error_write(srv, __FILE__, __LINE__, "ss", "write: ", strerror(errno));
++#ifdef __WIN32
++ if ((r = send(fd, srv->tmp_buf->ptr, toSend, 0)) < 0) {
++ /* no error handling for windows... */
++ log_error_write(srv, __FILE__, __LINE__, "ssd", "send failed: ", strerror(errno), fd);
+
+ return -1;
+ }
+-#endif
++#else /* __WIN32 */
++ if ((r = write(fd, srv->tmp_buf->ptr, toSend)) < 0) {
++ switch (errno) {
++ case EAGAIN:
++ case EINTR:
++ r = 0;
++ break;
++ case EPIPE:
++ case ECONNRESET:
++ return -2;
++ default:
++ log_error_write(srv, __FILE__, __LINE__, "ssd",
++ "write failed:", strerror(errno), fd);
+
-+ if (flags & ETAG_USE_INODE) {
-+ buffer_append_off_t(etag, st->st_ino);
-+ buffer_append_string_len(etag, CONST_STR_LEN("-"));
-+ }
-+
-+ if (flags & ETAG_USE_SIZE) {
-+ buffer_append_off_t(etag, st->st_size);
-+ buffer_append_string_len(etag, CONST_STR_LEN("-"));
-+ }
-+
-+ if (flags & ETAG_USE_MTIME) {
-+ buffer_append_long(etag, st->st_mtime);
-+ }
++ return -1;
++ }
++ }
++#endif /* __WIN32 */
++#endif /* USE_MMAP */
+
- return 0;
- }
+ c->offset += r;
+ cq->bytes_out += r;
-Index: src/mod_scgi.c
+Index: src/mod_secure_download.c
===================================================================
---- src/mod_scgi.c (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/mod_scgi.c (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -803,7 +803,7 @@
- buffer_append_string_buffer(b, host->bin_path);
+--- src/mod_secure_download.c (.../tags/lighttpd-1.4.23)
++++ src/mod_secure_download.c (.../branches/lighttpd-1.4.x)
+@@ -37,7 +37,7 @@
+ buffer *secret;
+ buffer *uri_prefix;
+
+- unsigned short timeout;
++ unsigned int timeout;
+ } plugin_config;
- /* exec the cgi */
-- execle("/bin/sh", "sh", "-c", b->ptr, NULL, env.ptr);
-+ execle("/bin/sh", "sh", "-c", b->ptr, (char *)NULL, env.ptr);
+ typedef struct {
+@@ -99,7 +99,7 @@
+ { "secdownload.secret", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
+ { "secdownload.document-root", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
+ { "secdownload.uri-prefix", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
+- { "secdownload.timeout", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 3 */
++ { "secdownload.timeout", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_CONNECTION }, /* 3 */
+ { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
+ };
- log_error_write(srv, __FILE__, __LINE__, "sbs",
- "execl failed for:", host->bin_path, strerror(errno));
-Index: src/etag.h
+@@ -245,8 +245,8 @@
+ }
+
+ /* timed-out */
+- if ( (srv->cur_ts > ts && srv->cur_ts - ts > p->conf.timeout) ||
+- (srv->cur_ts < ts && ts - srv->cur_ts > p->conf.timeout) ) {
++ if ( (srv->cur_ts > ts && (unsigned int) (srv->cur_ts - ts) > p->conf.timeout) ||
++ (srv->cur_ts < ts && (unsigned int) (ts - srv->cur_ts) > p->conf.timeout) ) {
+ /* "Gone" as the url will never be valid again instead of "408 - Timeout" where the request may be repeated */
+ con->http_status = 410;
+
+Index: src/base.h
===================================================================
---- src/etag.h (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/etag.h (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -7,8 +7,10 @@
+--- src/base.h (.../tags/lighttpd-1.4.23)
++++ src/base.h (.../branches/lighttpd-1.4.x)
+@@ -84,6 +84,7 @@
+ typedef enum { T_CONFIG_UNSET,
+ T_CONFIG_STRING,
+ T_CONFIG_SHORT,
++ T_CONFIG_INT,
+ T_CONFIG_BOOLEAN,
+ T_CONFIG_ARRAY,
+ T_CONFIG_LOCAL,
+@@ -281,7 +282,7 @@
+ unsigned short etag_use_mtime;
+ unsigned short etag_use_size;
+ unsigned short force_lowercase_filenames; /* if the FS is case-insensitive, force all files to lower-case */
+- unsigned short max_request_size;
++ unsigned int max_request_size;
+
+ unsigned short kbytes_per_second; /* connection kb/s limit */
+
+@@ -472,6 +473,7 @@
+
+ buffer *errorlog_file;
+ unsigned short errorlog_use_syslog;
++ buffer *breakagelog_file;
+
+ unsigned short dont_daemonize;
+ buffer *changeroot;
+@@ -490,7 +492,7 @@
+ unsigned short max_worker;
+ unsigned short max_fds;
+ unsigned short max_conns;
+- unsigned short max_request_size;
++ unsigned int max_request_size;
+
+ unsigned short log_request_header_on_error;
+ unsigned short log_state_handling;
+@@ -538,7 +540,7 @@
+
+ /* the errorlog */
+ int errorlog_fd;
+- enum { ERRORLOG_STDERR, ERRORLOG_FILE, ERRORLOG_SYSLOG, ERRORLOG_PIPE } errorlog_mode;
++ enum { ERRORLOG_FILE, ERRORLOG_FD, ERRORLOG_SYSLOG, ERRORLOG_PIPE } errorlog_mode;
+ buffer *errorlog_buf;
+
+ fdevents *ev, *ev_ins;
+Index: src/mod_rewrite.c
+===================================================================
+--- src/mod_rewrite.c (.../tags/lighttpd-1.4.23)
++++ src/mod_rewrite.c (.../branches/lighttpd-1.4.x)
+@@ -176,7 +176,7 @@
+ data_unset *du;
+
+ if (NULL != (du = array_get_element(ca, option))) {
+- data_array *da = (data_array *)du;
++ data_array *da;
+ size_t j;
+
+ if (du->type != TYPE_ARRAY) {
+@@ -373,7 +373,7 @@
+ }
+ } else {
+ const char **list;
+- size_t start, end;
++ size_t start;
+ size_t k;
- #include "buffer.h"
+ /* it matched */
+@@ -383,17 +383,15 @@
-+typedef enum { ETAG_USE_INODE = 1, ETAG_USE_MTIME = 2, ETAG_USE_SIZE = 4 } etag_flags_t;
-+
- int etag_is_equal(buffer *etag, const char *matches);
--int etag_create(buffer *etag, struct stat *st);
-+int etag_create(buffer *etag, struct stat *st, etag_flags_t flags);
- int etag_mutate(buffer *mut, buffer *etag);
+ buffer_reset(con->request.uri);
+- start = 0; end = pattern_len;
++ start = 0;
+ for (k = 0; k < pattern_len; k++) {
+ if (pattern[k] == '$' || pattern[k] == '%') {
+ /* got one */
-Index: src/request.c
-===================================================================
---- src/request.c (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/request.c (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -284,8 +284,6 @@
+ size_t num = pattern[k + 1] - '0';
- int done = 0;
+- end = k;
++ buffer_append_string_len(con->request.uri, pattern + start, k - start);
-- data_string *ds = NULL;
+- buffer_append_string_len(con->request.uri, pattern + start, end - start);
-
- /*
- * Request: "^(GET|POST|HEAD) ([^ ]+(\\?[^ ]+|)) (HTTP/1\\.[01])$"
- * Option : "^([-a-zA-Z]+): (.+)$"
-@@ -715,12 +713,24 @@
- switch(*cur) {
- case '\r':
- if (con->parse_request->ptr[i+1] == '\n') {
-+ data_string *ds = NULL;
-+
- /* End of Headerline */
- con->parse_request->ptr[i] = '\0';
- con->parse_request->ptr[i+1] = '\0';
-
- if (in_folding) {
-- if (!ds) {
-+ buffer *key_b;
-+ /**
-+ * we use a evil hack to handle the line-folding
-+ *
-+ * As array_insert_unique() deletes 'ds' in the case of a duplicate
-+ * ds points somewhere and we get a evil crash. As a solution we keep the old
-+ * "key" and get the current value from the hash and append us
-+ *
-+ * */
-+
-+ if (!key || !key_len) {
- /* 400 */
-
- if (srv->srvconf.log_request_header_on_error) {
-@@ -737,7 +747,15 @@
- con->response.keep_alive = 0;
- return 0;
- }
-- buffer_append_string(ds->value, value);
-+
-+ key_b = buffer_init();
-+ buffer_copy_string_len(key_b, key, key_len);
-+
-+ if (NULL != (ds = (data_string *)array_get_element(con->request.headers, key_b->ptr))) {
-+ buffer_append_string(ds->value, value);
-+ }
-+
-+ buffer_free(key_b);
- } else {
- int s_len;
- key = con->parse_request->ptr + first;
-@@ -969,7 +987,12 @@
- first = i+1;
- is_key = 1;
- value = 0;
-- key_len = 0;
-+#if 0
-+ /**
-+ * for Bug 1230 keep the key_len a live
-+ */
-+ key_len = 0;
-+#endif
- in_folding = 0;
- } else {
- if (srv->srvconf.log_request_header_on_error) {
-Index: src/stat_cache.c
+ if (!isdigit((unsigned char)pattern[k + 1])) {
+ /* enable escape: "%%" => "%", "%a" => "%a", "$$" => "$" */
+ buffer_append_string_len(con->request.uri, pattern+k, pattern[k] == pattern[k+1] ? 1 : 2);
+Index: src/connections.c
===================================================================
---- src/stat_cache.c (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/stat_cache.c (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -608,14 +608,16 @@
- break;
+--- src/connections.c (.../tags/lighttpd-1.4.23)
++++ src/connections.c (.../branches/lighttpd-1.4.x)
+@@ -782,13 +782,13 @@
+ CLEAN(request.pathinfo);
+ CLEAN(request.request);
+
+- CLEAN(request.orig_uri);
++ /* CLEAN(request.orig_uri); */
+
+ CLEAN(uri.scheme);
+- CLEAN(uri.authority);
+- CLEAN(uri.path);
++ /* CLEAN(uri.authority); */
++ /* CLEAN(uri.path); */
+ CLEAN(uri.path_raw);
+- CLEAN(uri.query);
++ /* CLEAN(uri.query); */
+
+ CLEAN(physical.doc_root);
+ CLEAN(physical.path);
+@@ -1401,6 +1401,11 @@
+ "state for fd", con->fd, connection_get_state(con->state));
}
- }
-- etag_create(sce->etag, &(sce->st));
-+ etag_create(sce->etag, &(sce->st),
-+ (con->conf.etag_use_mtime ? ETAG_USE_MTIME : 0) | (con->conf.etag_use_inode ? ETAG_USE_INODE : 0) | (con->conf.etag_use_size ? ETAG_USE_SIZE : 0));
- #ifdef HAVE_XATTR
-- if (buffer_is_empty(sce->content_type)) {
-+ if (con->conf.use_xattr && buffer_is_empty(sce->content_type)) {
- stat_cache_attr_get(sce->content_type, name->ptr);
- }
- #endif
- } else if (S_ISDIR(st.st_mode)) {
-- etag_create(sce->etag, &(sce->st));
-+ etag_create(sce->etag, &(sce->st),
-+ (con->conf.etag_use_mtime ? ETAG_USE_MTIME : 0) | (con->conf.etag_use_inode ? ETAG_USE_INODE : 0) | (con->conf.etag_use_size ? ETAG_USE_SIZE : 0));
- }
- #ifdef HAVE_FAM_H
-Index: src/http_auth.c
++ buffer_reset(con->uri.authority);
++ buffer_reset(con->uri.path);
++ buffer_reset(con->uri.query);
++ buffer_reset(con->request.orig_uri);
++
+ if (http_request_parse(srv, con)) {
+ /* we have to read some data from the POST request */
+
+@@ -1725,7 +1730,7 @@
+ case HANDLER_FINISHED:
+ break;
+ default:
+- log_error_write(srv, __FILE__, __LINE__, "");
++ log_error_write(srv, __FILE__, __LINE__, "sd", "unhandling return value", r);
+ break;
+ }
+ break;
+Index: src/network.c
===================================================================
---- src/http_auth.c (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/http_auth.c (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -830,8 +830,14 @@
+--- src/network.c (.../tags/lighttpd-1.4.23)
++++ src/network.c (.../branches/lighttpd-1.4.x)
+@@ -90,6 +90,7 @@
+
+ srv_socket = calloc(1, sizeof(*srv_socket));
+ srv_socket->fd = -1;
++ srv_socket->fde_ndx = -1;
+
+ srv_socket->srv_token = buffer_init();
+ buffer_copy_string_buffer(srv_socket->srv_token, host_token);
+@@ -103,7 +104,7 @@
+ if (NULL == (sp = strrchr(b->ptr, ':'))) {
+ log_error_write(srv, __FILE__, __LINE__, "sb", "value of $SERVER[\"socket\"] has to be \"ip:port\".", b);
+
+- return -1;
++ goto error_free_socket;
+ }
- username = buffer_init();
+ host = b->ptr;
+@@ -126,7 +127,7 @@
+ } else if (port == 0 || port > 65535) {
+ log_error_write(srv, __FILE__, __LINE__, "sd", "port out of range:", port);
-- base64_decode(username, realm_str);
-+ if (!base64_decode(username, realm_str)) {
-+ buffer_free(username);
+- return -1;
++ goto error_free_socket;
+ }
-+ log_error_write(srv, __FILE__, __LINE__, "sb", "decodeing base64-string failed", username);
-+
-+ return 0;
-+ }
-+
- /* r2 == user:password */
- if (NULL == (pw = strchr(username->ptr, ':'))) {
- buffer_free(username);
-@@ -967,7 +973,7 @@
- for (c = b->ptr; *c; c++) {
- /* skip whitespaces */
- while (*c == ' ' || *c == '\t') c++;
-- if (!c) break;
-+ if (!*c) break;
-
- for (i = 0; dkv[i].key; i++) {
- if ((0 == strncmp(c, dkv[i].key, dkv[i].key_len))) {
-@@ -1016,9 +1022,24 @@
+ if (*host == '\0') host = NULL;
+@@ -138,12 +139,12 @@
+ if (-1 == (srv_socket->fd = socket(srv_socket->addr.plain.sa_family, SOCK_STREAM, 0))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "socket failed:", strerror(errno));
+- return -1;
++ goto error_free_socket;
+ }
+ #else
log_error_write(srv, __FILE__, __LINE__, "s",
- "digest: missing field");
-+
-+ buffer_free(b);
- return -1;
+ "ERROR: Unix Domain sockets are not supported.");
+- return -1;
++ goto error_free_socket;
+ #endif
}
-+ /**
-+ * protect the md5-sess against missing cnonce and nonce
-+ */
-+ if (algorithm &&
-+ 0 == strcasecmp(algorithm, "md5-sess") &&
-+ (!nonce || !cnonce)) {
-+ log_error_write(srv, __FILE__, __LINE__, "s",
-+ "digest: (md5-sess: missing field");
-+
-+ buffer_free(b);
-+ return -1;
-+ }
-+
- m = get_http_method_name(con->request.http_method);
+@@ -153,7 +154,7 @@
- /* password-string == HA1 */
-Index: src/mod_status.c
-===================================================================
---- src/mod_status.c (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/mod_status.c (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -220,6 +220,7 @@
- BUFFER_APPEND_STRING_CONST(b,
- " <style type=\"text/css\">\n"
- " table.status { border: black solid thin; }\n"
-+ " td { white-space: nowrap; }\n"
- " td.int { background-color: #f0f0f0; text-align: right }\n"
- " td.string { background-color: #f0f0f0; text-align: left }\n"
- " th.status { background-color: black; color: white; font-weight: bold; }\n"
-@@ -520,6 +521,16 @@
- buffer_append_string_encoded(b, CONST_BUF_LEN(c->uri.path), ENCODING_HTML);
+ if (-1 == (srv_socket->fd = socket(srv_socket->addr.plain.sa_family, SOCK_STREAM, IPPROTO_TCP))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "socket failed:", strerror(errno));
+- return -1;
++ goto error_free_socket;
+ }
+ srv_socket->use_ipv6 = 1;
+ }
+@@ -163,17 +164,22 @@
+ srv_socket->addr.plain.sa_family = AF_INET;
+ if (-1 == (srv_socket->fd = socket(srv_socket->addr.plain.sa_family, SOCK_STREAM, IPPROTO_TCP))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "socket failed:", strerror(errno));
+- return -1;
++ goto error_free_socket;
}
+ }
-+ if (!buffer_is_empty(c->uri.query)) {
-+ BUFFER_APPEND_STRING_CONST(b, "?");
-+ buffer_append_string_encoded(b, CONST_BUF_LEN(c->uri.query), ENCODING_HTML);
-+ }
++#ifdef FD_CLOEXEC
++ /* set FD_CLOEXEC now, fdevent_fcntl_set is called later; needed for pipe-logger forks */
++ fcntl(srv_socket->fd, F_SETFD, FD_CLOEXEC);
++#endif
+
-+ if (!buffer_is_empty(c->request.orig_uri)) {
-+ BUFFER_APPEND_STRING_CONST(b, " (");
-+ buffer_append_string_encoded(b, CONST_BUF_LEN(c->request.orig_uri), ENCODING_HTML);
-+ BUFFER_APPEND_STRING_CONST(b, ")");
-+ }
- BUFFER_APPEND_STRING_CONST(b, "</td><td class=\"string\">");
-
- buffer_append_string_buffer(b, c->physical.path);
-Index: src/mod_ssi.c
-===================================================================
---- src/mod_ssi.c (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/mod_ssi.c (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -702,7 +702,7 @@
- /* close stdin */
- close(STDIN_FILENO);
-
-- execl("/bin/sh", "sh", "-c", cmd, NULL);
-+ execl("/bin/sh", "sh", "-c", cmd, (char *)NULL);
+ /* */
+ srv->cur_fds = srv_socket->fd;
+
+ val = 1;
+ if (setsockopt(srv_socket->fd, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val)) < 0) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "socketsockopt failed:", strerror(errno));
+- return -1;
++ goto error_free_socket;
+ }
- log_error_write(srv, __FILE__, __LINE__, "sss", "spawing exec failed:", strerror(errno), cmd);
+ switch(srv_socket->addr.plain.sa_family) {
+@@ -198,7 +204,7 @@
+ "sssss", "getaddrinfo failed: ",
+ gai_strerror(r), "'", host, "'");
-Index: src/spawn-fcgi.c
-===================================================================
---- src/spawn-fcgi.c (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/spawn-fcgi.c (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -169,7 +169,7 @@
- strcat(b, appPath);
+- return -1;
++ goto error_free_socket;
+ }
- /* exec the cgi */
-- execl("/bin/sh", "sh", "-c", b, NULL);
-+ execl("/bin/sh", "sh", "-c", b, (char *)NULL);
+ memcpy(&(srv_socket->addr), res->ai_addr, res->ai_addrlen);
+@@ -220,17 +226,17 @@
+ log_error_write(srv, __FILE__, __LINE__,
+ "sds", "gethostbyname failed: ",
+ h_errno, host);
+- return -1;
++ goto error_free_socket;
+ }
- exit(errno);
+ if (he->h_addrtype != AF_INET) {
+ log_error_write(srv, __FILE__, __LINE__, "sd", "addr-type != AF_INET: ", he->h_addrtype);
+- return -1;
++ goto error_free_socket;
+ }
-Index: src/mod_fastcgi.c
-===================================================================
---- src/mod_fastcgi.c (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/mod_fastcgi.c (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -69,7 +69,7 @@
- buffer *unixsocket; /* config.socket + "-" + id */
- unsigned port; /* config.port + pno */
+ if (he->h_length != sizeof(struct in_addr)) {
+ log_error_write(srv, __FILE__, __LINE__, "sd", "addr-length != sizeof(in_addr): ", he->h_length);
+- return -1;
++ goto error_free_socket;
+ }
-- buffer *connection_name; /* either tcp:<host>:<port> or unix:<socket> for debuggin purposes */
-+ buffer *connection_name; /* either tcp:<host>:<port> or unix:<socket> for debugging purposes */
+ memcpy(&(srv_socket->addr.ipv4.sin_addr.s_addr), he->h_addr_list[0], he->h_length);
+@@ -260,7 +266,7 @@
+ host);
- pid_t pid; /* PID of the spawned process (0 if not spawned locally) */
-@@ -80,7 +80,7 @@
- size_t requests; /* see max_requests */
- struct fcgi_proc *prev, *next; /* see first */
+- return -1;
++ goto error_free_socket;
+ }
-- time_t disabled_until; /* this proc is disabled until, use something else until than */
-+ time_t disabled_until; /* this proc is disabled until, use something else until then */
+ /* connect failed */
+@@ -275,14 +281,12 @@
+ "testing socket failed:",
+ host, strerror(errno));
- int is_local;
+- return -1;
++ goto error_free_socket;
+ }
-@@ -88,7 +88,7 @@
- PROC_STATE_UNSET, /* init-phase */
- PROC_STATE_RUNNING, /* alive */
- PROC_STATE_OVERLOADED, /* listen-queue is full,
-- don't send something to this proc for the next 2 seconds */
-+ don't send anything to this proc for the next 2 seconds */
- PROC_STATE_DIED_WAIT_FOR_PID, /* */
- PROC_STATE_DIED, /* marked as dead, should be restarted */
- PROC_STATE_KILLED /* was killed as we don't have the load anymore */
-@@ -145,7 +145,7 @@
- unsigned short disable_time;
+ break;
+ default:
+- addr_len = 0;
+-
+- return -1;
++ goto error_free_socket;
+ }
- /*
-- * same fastcgi processes get a little bit larger
-+ * some fastcgi processes get a little bit larger
- * than wanted. max_requests_per_proc kills a
- * process after a number of handled requests.
- *
-@@ -184,7 +184,7 @@
- * bin-path is the path to the binary
- *
- * check min_procs and max_procs for the number
-- * of process to start-up
-+ * of process to start up
- */
- buffer *bin_path;
+ if (0 != bind(srv_socket->fd, (struct sockaddr *) &(srv_socket->addr), addr_len)) {
+@@ -298,12 +302,12 @@
+ host, port, strerror(errno));
+ break;
+ }
+- return -1;
++ goto error_free_socket;
+ }
-@@ -217,7 +217,7 @@
- unsigned short mode;
+ if (-1 == listen(srv_socket->fd, 128 * 8)) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "listen failed: ", strerror(errno));
+- return -1;
++ goto error_free_socket;
+ }
- /*
-- * check_local tell you if the phys file is stat()ed
-+ * check_local tells you if the phys file is stat()ed
- * or not. FastCGI doesn't care if the service is
- * remote. If the web-server side doesn't contain
- * the fastcgi-files we should not stat() for them
-@@ -228,7 +228,7 @@
- /*
- * append PATH_INFO to SCRIPT_FILENAME
- *
-- * php needs this if cgi.fix_pathinfo is provied
-+ * php needs this if cgi.fix_pathinfo is provided
- *
- */
+ if (s->is_ssl) {
+@@ -316,14 +320,14 @@
+ if (0 == RAND_status()) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
+ "not enough entropy in the pool");
+- return -1;
++ goto error_free_socket;
+ }
+ }
-@@ -247,7 +247,7 @@
- num_procs.
+ if (NULL == (s->ssl_ctx = SSL_CTX_new(SSLv23_server_method()))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
+ ERR_error_string(ERR_get_error(), NULL));
+- return -1;
++ goto error_free_socket;
+ }
- only if a process is killed max_id waits for the process itself
-- to die and decrements its afterwards */
-+ to die and decrements it afterwards */
+ if (!s->ssl_use_sslv2) {
+@@ -331,7 +335,7 @@
+ if (SSL_OP_NO_SSLv2 != SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2)) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
+ ERR_error_string(ERR_get_error(), NULL));
+- return -1;
++ goto error_free_socket;
+ }
+ }
- buffer *strip_request_uri;
+@@ -340,33 +344,33 @@
+ if (SSL_CTX_set_cipher_list(s->ssl_ctx, s->ssl_cipher_list->ptr) != 1) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
+ ERR_error_string(ERR_get_error(), NULL));
+- return -1;
++ goto error_free_socket;
+ }
+ }
-@@ -826,7 +826,7 @@
- } else {
- struct hostent *he;
+ if (buffer_is_empty(s->ssl_pemfile)) {
+ log_error_write(srv, __FILE__, __LINE__, "s", "ssl.pemfile has to be set");
+- return -1;
++ goto error_free_socket;
+ }
-- /* set a usefull default */
-+ /* set a useful default */
- fcgi_addr_in.sin_addr.s_addr = htonl(INADDR_ANY);
+ if (!buffer_is_empty(s->ssl_ca_file)) {
+ if (1 != SSL_CTX_load_verify_locations(s->ssl_ctx, s->ssl_ca_file->ptr, NULL)) {
+ log_error_write(srv, __FILE__, __LINE__, "ssb", "SSL:",
+ ERR_error_string(ERR_get_error(), NULL), s->ssl_ca_file);
+- return -1;
++ goto error_free_socket;
+ }
+ }
+ if (SSL_CTX_use_certificate_file(s->ssl_ctx, s->ssl_pemfile->ptr, SSL_FILETYPE_PEM) < 0) {
+ log_error_write(srv, __FILE__, __LINE__, "ssb", "SSL:",
+ ERR_error_string(ERR_get_error(), NULL), s->ssl_pemfile);
+- return -1;
++ goto error_free_socket;
+ }
-@@ -869,7 +869,7 @@
- }
+ if (SSL_CTX_use_PrivateKey_file (s->ssl_ctx, s->ssl_pemfile->ptr, SSL_FILETYPE_PEM) < 0) {
+ log_error_write(srv, __FILE__, __LINE__, "ssb", "SSL:",
+ ERR_error_string(ERR_get_error(), NULL), s->ssl_pemfile);
+- return -1;
++ goto error_free_socket;
+ }
- if (-1 == connect(fcgi_fd, fcgi_addr, servlen)) {
-- /* server is not up, spawn in */
-+ /* server is not up, spawn it */
- pid_t child;
- int val;
-
-@@ -1029,10 +1029,11 @@
- "child exited with status",
- WEXITSTATUS(status), host->bin_path);
- log_error_write(srv, __FILE__, __LINE__, "s",
-- "if you try do run PHP as FastCGI backend make sure you use the FastCGI enabled version.\n"
-+ "If you're trying to run PHP as a FastCGI backend, make sure you're using the FastCGI-enabled version.\n"
- "You can find out if it is the right one by executing 'php -v' and it should display '(cgi-fcgi)' "
-- "in the output, NOT (cgi) NOR (cli)\n"
-- "For more information check http://www.lighttpd.net/documentation/fastcgi.html#preparing-php-as-a-fastcgi-program");
-+ "in the output, NOT '(cgi)' NOR '(cli)'.\n"
-+ "For more information, check http://trac.lighttpd.net/trac/wiki/Docs%3AModFastCGI#preparing-php-as-a-fastcgi-program"
-+ "If this is PHP on Gentoo, add 'fastcgi' to the USE flags.");
- } else if (WIFSIGNALED(status)) {
- log_error_write(srv, __FILE__, __LINE__, "sd",
- "terminated by signal:",
-@@ -1040,9 +1041,9 @@
-
- if (WTERMSIG(status) == 11) {
- log_error_write(srv, __FILE__, __LINE__, "s",
-- "to be exact: it seg-fault, crashed, died, ... you get the idea." );
-+ "to be exact: it segfaulted, crashed, died, ... you get the idea." );
- log_error_write(srv, __FILE__, __LINE__, "s",
-- "If this is PHP try to remove the byte-code caches for now and try again.");
-+ "If this is PHP, try removing the bytecode caches for now and try again.");
- }
- } else {
- log_error_write(srv, __FILE__, __LINE__, "sd",
-@@ -1066,7 +1067,7 @@
-
- if (p->conf.debug) {
- log_error_write(srv, __FILE__, __LINE__, "sb",
-- "(debug) socket is already used, won't spawn:",
-+ "(debug) socket is already used; won't spawn:",
- proc->connection_name);
+ if (SSL_CTX_check_private_key(s->ssl_ctx) != 1) {
+@@ -374,7 +378,7 @@
+ "Private key does not match the certificate public key, reason:",
+ ERR_error_string(ERR_get_error(), NULL),
+ s->ssl_pemfile);
+- return -1;
++ goto error_free_socket;
}
+ SSL_CTX_set_default_read_ahead(s->ssl_ctx, 1);
+ SSL_CTX_set_mode(s->ssl_ctx, SSL_CTX_get_mode(s->ssl_ctx) | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
+@@ -390,7 +394,7 @@
+ log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
+ "ssl requested but openssl support is not compiled in");
+
+- return -1;
++ goto error_free_socket;
+ #endif
+ #ifdef TCP_DEFER_ACCEPT
+ } else if (s->defer_accept) {
+@@ -414,7 +418,6 @@
}
-@@ -1508,7 +1509,7 @@
- *
- * next step is resetting this attemp and setup a connection again
- *
-- * if we have more then 5 reconnects for the same request, die
-+ * if we have more than 5 reconnects for the same request, die
- *
- * 2.
- *
-@@ -1626,7 +1627,7 @@
- CONNECTION_UNSET,
- CONNECTION_OK,
- CONNECTION_DELAYED, /* retry after event, take same host */
-- CONNECTION_OVERLOADED, /* disable for 1 seconds, take another backend */
-+ CONNECTION_OVERLOADED, /* disable for 1 second, take another backend */
- CONNECTION_DEAD /* disable for 60 seconds, take another backend */
- } connection_result_t;
-
-@@ -1669,7 +1670,7 @@
- fcgi_addr_in.sin_family = AF_INET;
- if (0 == inet_aton(host->host->ptr, &(fcgi_addr_in.sin_addr))) {
- log_error_write(srv, __FILE__, __LINE__, "sbs",
-- "converting IP-adress failed for", host->host,
-+ "converting IP address failed for", host->host,
- "\nBe sure to specify an IP address here");
- return -1;
-@@ -1694,16 +1695,16 @@
- errno == EINTR) {
- if (hctx->conf.debug > 2) {
- log_error_write(srv, __FILE__, __LINE__, "sb",
-- "connect delayed, will continue later:", proc->connection_name);
-+ "connect delayed; will continue later:", proc->connection_name);
- }
+ srv_socket->is_ssl = s->is_ssl;
+- srv_socket->fde_ndx = -1;
- return CONNECTION_DELAYED;
- } else if (errno == EAGAIN) {
- if (hctx->conf.debug) {
- log_error_write(srv, __FILE__, __LINE__, "sbsd",
-- "This means that the you have more incoming requests than your fastcgi-backend can handle in parallel. "
-- "Perhaps it helps to spawn more fastcgi backend or php-children, if not decrease server.max-connections."
-- "The load for this fastcgi backend", proc->connection_name, "is", proc->load);
-+ "This means that you have more incoming requests than your FastCGI backend can handle in parallel."
-+ "It might help to spawn more FastCGI backends or PHP children; if not, decrease server.max-connections."
-+ "The load for this FastCGI backend", proc->connection_name, "is", proc->load);
- }
+ if (srv->srv_sockets.size == 0) {
+ srv->srv_sockets.size = 4;
+@@ -430,6 +433,21 @@
+ buffer_free(b);
- return CONNECTION_OVERLOADED;
-@@ -1881,8 +1882,6 @@
- fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REMOTE_ADDR"), s, strlen(s));
-
- if (!buffer_is_empty(con->authed_user)) {
-- fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REMOTE_USER"), CONST_BUF_LEN(con->authed_user));
--
- /* AUTH_TYPE fix by Troy Kruthoff (tkruthoff@gmail.com)
- * section 4.1.1 of RFC 3875 (cgi spec) requires the server to set a AUTH_TYPE env
- * declaring the type of authentication used. (see http://tools.ietf.org/html/rfc3875#page-11)
-@@ -1896,6 +1895,8 @@
- char *http_authorization = NULL;
- data_string *ds;
-
-+ fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REMOTE_USER"), CONST_BUF_LEN(con->authed_user));
-+
- if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Authorization"))) {
- http_authorization = ds->value->ptr;
- }
-@@ -2055,8 +2056,8 @@
- off_t written = 0;
- off_t weHave = 0;
-
-- /* we announce toWrite octects
-- * now take all the request_content chunk that we need to fill this request
-+ /* we announce toWrite octets
-+ * now take all the request_content chunks that we need to fill this request
- * */
-
- b = chunkqueue_get_append_buffer(hctx->wb);
-@@ -2356,7 +2357,7 @@
- }
+ return 0;
++
++error_free_socket:
++ if (srv_socket->fd != -1) {
++ /* check if server fd are already registered */
++ if (srv_socket->fde_ndx != -1) {
++ fdevent_event_del(srv->ev, &(srv_socket->fde_ndx), srv_socket->fd);
++ fdevent_unregister(srv->ev, srv_socket->fd);
++ }
++
++ close(srv_socket->fd);
++ }
++ buffer_free(srv_socket->srv_token);
++ free(srv_socket);
++
++ return -1;
+ }
- if (packet->b->used < packet->len + 1) {
-- /* we didn't got the full packet */
-+ /* we didn't get the full packet */
+ int network_close(server *srv) {
+@@ -567,12 +585,8 @@
+ /* not our stage */
+ if (COMP_SERVER_SOCKET != dc->comp) continue;
- buffer_free(packet->b);
- return -1;
-@@ -2439,7 +2440,6 @@
- b->used = r + 1; /* one extra for the fake \0 */
- b->ptr[b->used - 1] = '\0';
- } else {
-- if (errno == EAGAIN) return 0;
- log_error_write(srv, __FILE__, __LINE__, "ssdsb",
- "unexpected end-of-file (perhaps the fastcgi process died):",
- "pid:", proc->pid,
-@@ -2558,7 +2558,7 @@
- if (host->mode != FCGI_AUTHORIZER ||
- !(con->http_status == 0 ||
- con->http_status == 200)) {
-- /* send chunk-end if nesseary */
-+ /* send chunk-end if necessary */
- http_chunk_append_mem(srv, con, NULL, 0);
- joblist_append(srv, con);
- }
-@@ -2653,7 +2653,7 @@
- if (proc->state != PROC_STATE_DIED) break;
+- if (dc->cond != CONFIG_COND_EQ) {
+- log_error_write(srv, __FILE__, __LINE__, "s", "only == is allowed for $SERVER[\"socket\"].");
++ if (dc->cond != CONFIG_COND_EQ) continue;
- case PROC_STATE_DIED:
-- /* local proc get restarted by us,
-+ /* local procs get restarted by us,
- * remote ones hopefully by the admin */
+- return -1;
+- }
+-
+ /* check if we already know this socket,
+ * if yes, don't init it */
+ for (j = 0; j < srv->srv_sockets.used; j++) {
+Index: src/configfile.c
+===================================================================
+--- src/configfile.c (.../tags/lighttpd-1.4.23)
++++ src/configfile.c (.../branches/lighttpd-1.4.x)
+@@ -42,12 +42,12 @@
+
+ { "server.event-handler", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 10 */
+ { "server.pid-file", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 11 */
+- { "server.max-request-size", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 12 */
++ { "server.max-request-size", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_CONNECTION }, /* 12 */
+ { "server.max-worker", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_SERVER }, /* 13 */
+ { "server.document-root", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 14 */
+- { "server.force-lowercase-filenames", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 15 */
++ { "server.force-lowercase-filenames", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER },/* 15 */
+ { "debug.log-condition-handling", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 16 */
+- { "server.max-keep-alive-requests", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 17 */
++ { "server.max-keep-alive-requests", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION },/* 17 */
+ { "server.name", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 18 */
+ { "server.max-keep-alive-idle", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 19 */
+
+@@ -91,12 +91,13 @@
+ { "server.core-files", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 46 */
+ { "ssl.cipher-list", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 47 */
+ { "ssl.use-sslv2", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 48 */
+- { "etag.use-inode", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 49 */
+- { "etag.use-mtime", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 50 */
+- { "etag.use-size", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 51 */
++ { "etag.use-inode", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 49 */
++ { "etag.use-mtime", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 50 */
++ { "etag.use-size", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 51 */
+ { "server.reject-expect-100-with-417", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 52 */
+ { "debug.log-timeouts", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 53 */
+- { "server.defer-accept", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 54 */
++ { "server.defer-accept", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 54 */
++ { "server.breakagelog", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 55 */
+ { "server.host", "use server.bind instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
+ { "server.docroot", "use server.document-root instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
+ { "server.virtual-root", "load mod_simple_vhost and use simple-vhost.server-root instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
+@@ -139,6 +140,8 @@
+ cv[43].destination = &(srv->srvconf.max_conns);
+ cv[12].destination = &(srv->srvconf.max_request_size);
+ cv[52].destination = &(srv->srvconf.reject_expect_100_with_417);
++ cv[55].destination = srv->srvconf.breakagelog_file;
++
+ srv->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *));
+
+ assert(srv->config_storage);
+@@ -290,6 +293,7 @@
+ PATCH(log_condition_handling);
+ PATCH(log_file_not_found);
+ PATCH(log_ssl_noise);
++ PATCH(log_timeouts);
+
+ PATCH(range_requests);
+ PATCH(force_lowercase_filenames);
+@@ -1135,15 +1139,15 @@
+ * - select works everywhere
+ * - linux-* are experimental
+ */
++#ifdef USE_LINUX_EPOLL
++ { FDEVENT_HANDLER_LINUX_SYSEPOLL, "linux-sysepoll" },
++#endif
+ #ifdef USE_POLL
+ { FDEVENT_HANDLER_POLL, "poll" },
+ #endif
+ #ifdef USE_SELECT
+ { FDEVENT_HANDLER_SELECT, "select" },
+ #endif
+-#ifdef USE_LINUX_EPOLL
+- { FDEVENT_HANDLER_LINUX_SYSEPOLL, "linux-sysepoll" },
+-#endif
+ #ifdef USE_LINUX_SIGIO
+ { FDEVENT_HANDLER_LINUX_RTSIG, "linux-rtsig" },
+ #endif
+Index: src/mod_evhost.c
+===================================================================
+--- src/mod_evhost.c (.../tags/lighttpd-1.4.23)
++++ src/mod_evhost.c (.../branches/lighttpd-1.4.x)
+@@ -213,7 +213,7 @@
+ if (colon != ptr) {
+ ds = data_string_init();
+ buffer_copy_string_len(ds->key,CONST_STR_LEN("%"));
+- buffer_append_long(ds->key, i++);
++ buffer_append_long(ds->key, i /* ++ */);
+ buffer_copy_string_len(ds->value,ptr,colon-ptr);
+
+ array_insert_unique(host,(data_unset *)ds);
+@@ -294,10 +294,10 @@
+ char *colon = strchr(con->uri.authority->ptr, ':');
+
+ if(colon == NULL) {
+- buffer_append_string_buffer(p->tmp_buf, con->uri.authority); // adds fqdn
++ buffer_append_string_buffer(p->tmp_buf, con->uri.authority); /* adds fqdn */
+ } else {
+ /* strip the port out of the authority-part of the URI scheme */
+- buffer_append_string_len(p->tmp_buf, con->uri.authority->ptr, colon - con->uri.authority->ptr); // adds fqdn
++ buffer_append_string_len(p->tmp_buf, con->uri.authority->ptr, colon - con->uri.authority->ptr); /* adds fqdn */
+ }
+ } else if (NULL != (ds = (data_string *)array_get_element(parsed_host,p->conf.path_pieces[i]->ptr))) {
+ if (ds->value->used) {
+Index: src/splaytree.c
+===================================================================
+--- src/splaytree.c (.../tags/lighttpd-1.4.23)
++++ src/splaytree.c (.../branches/lighttpd-1.4.x)
+@@ -61,12 +61,11 @@
+ * size fields are maintained */
+ splay_tree * splaytree_splay (splay_tree *t, int i) {
+ splay_tree N, *l, *r, *y;
+- int comp, root_size, l_size, r_size;
++ int comp, l_size, r_size;
+
+ if (t == NULL) return t;
+ N.left = N.right = NULL;
+ l = r = &N;
+- root_size = node_size(t);
+ l_size = r_size = 0;
+
+ for (;;) {
+Index: src/lemon.c
+===================================================================
+--- src/lemon.c (.../tags/lighttpd-1.4.23)
++++ src/lemon.c (.../branches/lighttpd-1.4.x)
+@@ -39,6 +39,12 @@
+ # endif
+ #endif
- if (proc->is_local) {
-@@ -2774,7 +2774,7 @@
- proc && proc->state != PROC_STATE_RUNNING;
- proc = proc->next);
++#if __GNUC__ > 2
++#define NORETURN __attribute__ ((__noreturn__))
++#else
++#define NORETURN
++#endif
++
+ /* #define PRIVATE static */
+ #define PRIVATE static
+
+@@ -51,7 +57,7 @@
+ char *msort();
+ extern void *malloc();
+
+-extern void memory_error();
++extern void memory_error() NORETURN;
+
+ /******** From the file "action.h" *************************************/
+ struct action *Action_new();
+@@ -59,7 +65,7 @@
+ void Action_add();
+
+ /********* From the file "assert.h" ************************************/
+-void myassert();
++void myassert() NORETURN;
+ #ifndef NDEBUG
+ # define assert(X) if(!(X))myassert(__FILE__,__LINE__)
+ #else
+@@ -1333,7 +1339,7 @@
+ /* Report an out-of-memory condition and abort. This function
+ ** is used mostly by the "MemoryCheck" macro in struct.h
+ */
+-void memory_error(){
++void memory_error() {
+ fprintf(stderr,"Out of memory. Aborting...\n");
+ exit(1);
+ }
+@@ -1608,7 +1614,6 @@
+ FILE *err;
+ {
+ int spcnt, i;
+- spcnt = 0;
+ if( argv[0] ) fprintf(err,"%s",argv[0]);
+ spcnt = strlen(argv[0]) + 1;
+ for(i=1; i<n && argv[i]; i++){
+@@ -2336,6 +2341,7 @@
+ if( filebuf==0 ){
+ ErrorMsg(ps.filename,0,"Can't allocate %d of memory to hold this file.",
+ filesize+1);
++ fclose(fp);
+ gp->errorcnt++;
+ return;
+ }
+@@ -2343,6 +2349,7 @@
+ ErrorMsg(ps.filename,0,"Can't read in all %d bytes of this file.",
+ filesize);
+ free(filebuf);
++ fclose(fp);
+ gp->errorcnt++;
+ return;
+ }
+@@ -2913,7 +2920,7 @@
+ }else if( sp->destructor ){
+ cp = sp->destructor;
+ fprintf(out,"#line %d \"%s\"\n{",sp->destructorln,lemp->filename);
+- }else if( lemp->vardest ){
++ }else{
+ cp = lemp->vardest;
+ if( cp==0 ) return;
+ fprintf(out,"#line %d \"%s\"\n{",lemp->vardestln,lemp->filename);
+@@ -3042,7 +3049,7 @@
+ int *plineno; /* Pointer to the line number */
+ int mhflag; /* True if generating makeheaders output */
+ {
+- int lineno = *plineno; /* The line number of the output */
++ int lineno; /* The line number of the output */
+ char **types; /* A hash table of datatypes */
+ int arraysize; /* Size of the "types" array */
+ int maxdtlength; /* Maximum length of any ".datatype" field. */
+Index: src/mod_scgi.c
+===================================================================
+--- src/mod_scgi.c (.../tags/lighttpd-1.4.23)
++++ src/mod_scgi.c (.../branches/lighttpd-1.4.x)
+@@ -331,8 +331,21 @@
-- /* all childs are dead */
-+ /* all children are dead */
- if (proc == NULL) {
- hctx->fde_ndx = -1;
+ int scgi_proclist_sort_down(server *srv, scgi_extension_host *host, scgi_proc *proc);
-@@ -2834,7 +2834,7 @@
- * -> EAGAIN */
++static void reset_signals(void) {
++#ifdef SIGTTOU
++ signal(SIGTTOU, SIG_DFL);
++#endif
++#ifdef SIGTTIN
++ signal(SIGTTIN, SIG_DFL);
++#endif
++#ifdef SIGTSTP
++ signal(SIGTSTP, SIG_DFL);
++#endif
++ signal(SIGHUP, SIG_DFL);
++ signal(SIGPIPE, SIG_DFL);
++ signal(SIGUSR1, SIG_DFL);
++}
- log_error_write(srv, __FILE__, __LINE__, "ssdsd",
-- "backend is overloaded, we disable it for a 2 seconds and send the request to another backend instead:",
-+ "backend is overloaded; we'll disable it for 2 seconds and send the request to another backend instead:",
- "reconnects:", hctx->reconnects,
- "load:", host->load);
+-
+ static handler_ctx * handler_ctx_init() {
+ handler_ctx * hctx;
+
+@@ -772,10 +785,8 @@
+ env.used = 0;
-@@ -2864,7 +2864,7 @@
+ if (scgi_fd != 0) {
+- close(0);
+ dup2(scgi_fd, 0);
+ close(scgi_fd);
+- scgi_fd = 0;
}
- log_error_write(srv, __FILE__, __LINE__, "ssdsd",
-- "backend died, we disable it for a 5 seconds and send the request to another backend instead:",
-+ "backend died; we'll disable it for 5 seconds and send the request to another backend instead:",
- "reconnects:", hctx->reconnects,
- "load:", host->load);
+ /* we don't need the client socket */
+@@ -783,8 +794,6 @@
+ close(fd);
+ }
-@@ -2950,7 +2950,7 @@
- if (hctx->wb->bytes_out == 0 &&
- hctx->reconnects < 5) {
- usleep(10000); /* take away the load of the webserver
-- * to let the php a chance to restart
-+ * to give the php a chance to restart
- */
+- openDevNull(STDERR_FILENO);
+-
+ /* build clean environment */
+ if (host->bin_env_copy->used) {
+ for (i = 0; i < host->bin_env_copy->used; i++) {
+@@ -828,6 +837,8 @@
+ buffer_copy_string_len(b, CONST_STR_LEN("exec "));
+ buffer_append_string_buffer(b, host->bin_path);
- fcgi_reconnect(srv, hctx);
-@@ -3152,9 +3152,9 @@
- (con->http_status == 200 ||
- con->http_status == 0)) {
- /*
-- * If we are here in AUTHORIZER mode then a request for autorizer
-- * was proceeded already, and status 200 has been returned. We need
-- * now to handle autorized request.
-+ * If we are here in AUTHORIZER mode then a request for authorizer
-+ * was processed already, and status 200 has been returned. We need
-+ * now to handle authorized request.
++ reset_signals();
++
+ /* exec the cgi */
+ execle("/bin/sh", "sh", "-c", b->ptr, (char *)NULL, env.ptr);
+
+@@ -2163,8 +2174,11 @@
+ int ret;
+
+ /* sanity check */
+- if (!host ||
+- ((!host->host->used || !host->port) && !host->unixsocket->used)) {
++ if (!host) {
++ log_error_write(srv, __FILE__, __LINE__, "s", "fatal error: host = NULL");
++ return HANDLER_ERROR;
++ }
++ if (((!host->host->used || !host->port) && !host->unixsocket->used)) {
+ log_error_write(srv, __FILE__, __LINE__, "sxddd",
+ "write-req: error",
+ host,
+@@ -2299,8 +2313,8 @@
+
+ chunkqueue_remove_finished_chunks(hctx->wb);
+
+- if (-1 == ret) {
+- if (errno == ENOTCONN) {
++ if (ret < 0) {
++ if (errno == ENOTCONN || ret == -2) {
+ /* the connection got dropped after accept()
+ *
+ * this is most of the time a PHP which dies
+@@ -2325,24 +2339,17 @@
*/
- buffer_copy_string_buffer(con->physical.doc_root, host->docroot);
-@@ -3220,7 +3220,7 @@
+ log_error_write(srv, __FILE__, __LINE__, "ssosd",
+- "[REPORT ME] connection was dropped after accept(). reconnect() denied:",
++ "connection was dropped after accept(). reconnect() denied:",
+ "write-offset:", hctx->wb->bytes_out,
+ "reconnect attempts:", hctx->reconnects);
+
+ return HANDLER_ERROR;
+- }
+-
+- if ((errno != EAGAIN) &&
+- (errno != EINTR)) {
+-
++ } else {
++ /* -1 == ret => error on our side */
+ log_error_write(srv, __FILE__, __LINE__, "ssd",
+- "write failed:", strerror(errno), errno);
++ "write failed:", strerror(errno), errno);
+
+ return HANDLER_ERROR;
+- } else {
+- fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_OUT);
+-
+- return HANDLER_WAIT_FOR_EVENT;
}
+ }
- if (con->file_started == 0) {
-- /* nothing has been send out yet, try to use another child */
-+ /* nothing has been sent out yet, try to use another child */
+@@ -2469,12 +2476,10 @@
+ }
- if (hctx->wb->bytes_out == 0 &&
- hctx->reconnects < 5) {
-@@ -3270,8 +3270,8 @@
- hctx->state == FCGI_STATE_WRITE) {
- /* we are allowed to send something out
- *
-- * 1. in a unfinished connect() call
-- * 2. in a unfinished write() call (long POST request)
-+ * 1. in an unfinished connect() call
-+ * 2. in an unfinished write() call (long POST request)
- */
- return mod_fastcgi_handle_subrequest(srv, con, p);
- } else {
-@@ -3286,8 +3286,8 @@
- if (hctx->state == FCGI_STATE_CONNECT_DELAYED) {
- /* getoptsock will catch this one (right ?)
- *
-- * if we are in connect we might get a EINPROGRESS
-- * in the first call and a FDEVENT_HUP in the
-+ * if we are in connect we might get an EINPROGRESS
-+ * in the first call and an FDEVENT_HUP in the
- * second round
- *
- * FIXME: as it is a bit ugly.
-@@ -3485,7 +3485,7 @@
- return HANDLER_FINISHED;
- }
+ static handler_t scgi_connection_close(server *srv, handler_ctx *hctx) {
+- plugin_data *p;
+ connection *con;
-- /* a note about no handler is not sent yey */
-+ /* a note about no handler is not sent yet */
- extension->note_is_sent = 0;
+ if (NULL == hctx) return HANDLER_GO_ON;
- /*
-@@ -3520,7 +3520,7 @@
- }
+- p = hctx->plugin_data;
+ con = hctx->remote_conn;
- /* the prefix is the SCRIPT_NAME,
-- * everthing from start to the next slash
-+ * everything from start to the next slash
- * this is important for check-local = "disable"
- *
- * if prefix = /admin.fcgi
-@@ -3630,13 +3630,13 @@
+ log_error_write(srv, __FILE__, __LINE__, "ssdsd",
+@@ -2724,27 +2729,29 @@
+ /* check if extension matches */
+ for (k = 0; k < p->conf.exts->used; k++) {
+ size_t ct_len;
++ scgi_extension *ext = p->conf.exts->exts[k];
- /* perhaps we should kill a connect attempt after 10-15 seconds
- *
-- * currently we wait for the TCP timeout which is on Linux 180 seconds
-+ * currently we wait for the TCP timeout which is 180 seconds on Linux
- *
- *
- *
- */
+- extension = p->conf.exts->exts[k];
++ if (ext->key->used == 0) continue;
-- /* check all childs if they are still up */
-+ /* check all children if they are still up */
+- if (extension->key->used == 0) continue;
++ ct_len = ext->key->used - 1;
- for (i = 0; i < srv->config_context->used; i++) {
- plugin_config *conf;
-@@ -3718,11 +3718,11 @@
+- ct_len = extension->key->used - 1;
+-
+ if (s_len < ct_len) continue;
+
+ /* check extension in the form "/scgi_pattern" */
+- if (*(extension->key->ptr) == '/') {
+- if (strncmp(fn->ptr, extension->key->ptr, ct_len) == 0)
++ if (*(ext->key->ptr) == '/') {
++ if (strncmp(fn->ptr, ext->key->ptr, ct_len) == 0) {
++ extension = ext;
+ break;
+- } else if (0 == strncmp(fn->ptr + s_len - ct_len, extension->key->ptr, ct_len)) {
++ }
++ } else if (0 == strncmp(fn->ptr + s_len - ct_len, ext->key->ptr, ct_len)) {
+ /* check extension in the form ".fcg" */
++ extension = ext;
+ break;
+ }
+ }
- if (srv->cur_ts - proc->last_used > host->idle_timeout) {
- /* a proc is idling for a long time now,
-- * terminated it */
-+ * terminate it */
+ /* extension doesn't match */
+- if (k == p->conf.exts->used) {
++ if (NULL == extension) {
+ return HANDLER_GO_ON;
+ }
- if (p->conf.debug) {
- log_error_write(srv, __FILE__, __LINE__, "ssbsd",
-- "idle-timeout reached, terminating child:",
-+ "idle-timeout reached; terminating child:",
- "socket:", proc->connection_name,
- "pid", proc->pid);
- }
-Index: src/mod_access.c
+Index: src/mod_mysql_vhost.c
===================================================================
---- src/mod_access.c (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/mod_access.c (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -111,6 +111,15 @@
+--- src/mod_mysql_vhost.c (.../tags/lighttpd-1.4.23)
++++ src/mod_mysql_vhost.c (.../branches/lighttpd-1.4.x)
+@@ -259,8 +259,14 @@
+
+ #define FOO(x) (s->x->used ? s->x->ptr : NULL)
+
++#if MYSQL_VERSION_ID >= 40100
++ /* CLIENT_MULTI_STATEMENTS first appeared in 4.1 */
+ if (!mysql_real_connect(s->mysql, FOO(hostname), FOO(myuser), FOO(mypass),
++ FOO(mydb), s->port, FOO(mysock), CLIENT_MULTI_STATEMENTS)) {
++#else
++ if (!mysql_real_connect(s->mysql, FOO(hostname), FOO(myuser), FOO(mypass),
+ FOO(mydb), s->port, FOO(mysock), 0)) {
++#endif
+ log_error_write(srv, __FILE__, __LINE__, "s", mysql_error(s->mysql));
+
+ return HANDLER_ERROR;
+@@ -369,6 +375,9 @@
+ if (!row || cols < 1) {
+ /* no such virtual host */
+ mysql_free_result(result);
++#if MYSQL_VERSION_ID >= 40100
++ while (mysql_next_result(p->conf.mysql) == 0);
++#endif
+ return HANDLER_GO_ON;
+ }
+
+@@ -402,6 +411,9 @@
+ c->fcgi_offset = c->fcgi_arg->used = 0;
+ }
+ mysql_free_result(result);
++#if MYSQL_VERSION_ID >= 40100
++ while (mysql_next_result(p->conf.mysql) == 0);
++#endif
+
+ /* fix virtual server and docroot */
+ GO_ON: buffer_copy_string_buffer(con->server_name, c->server_name);
+@@ -416,6 +428,9 @@
+ return HANDLER_GO_ON;
+
+ ERR500: if (result) mysql_free_result(result);
++#if MYSQL_VERSION_ID >= 40100
++ while (mysql_next_result(p->conf.mysql) == 0);
++#endif
+ con->http_status = 500; /* Internal Error */
+ con->mode = DIRECT;
+ return HANDLER_FINISHED;
+@@ -424,15 +439,15 @@
+ /* this function is called at dlopen() time and inits the callbacks */
+ int mod_mysql_vhost_plugin_init(plugin *p);
+ int mod_mysql_vhost_plugin_init(plugin *p) {
+- p->version = LIGHTTPD_VERSION_ID;
+- p->name = buffer_init_string("mysql_vhost");
++ p->version = LIGHTTPD_VERSION_ID;
++ p->name = buffer_init_string("mysql_vhost");
+
+- p->init = mod_mysql_vhost_init;
+- p->cleanup = mod_mysql_vhost_cleanup;
+- p->handle_request_done = mod_mysql_vhost_handle_connection_close;
++ p->init = mod_mysql_vhost_init;
++ p->cleanup = mod_mysql_vhost_cleanup;
++ p->connection_reset = mod_mysql_vhost_handle_connection_close;
+
+- p->set_defaults = mod_mysql_vhost_set_defaults;
+- p->handle_docroot = mod_mysql_vhost_handle_docroot;
++ p->set_defaults = mod_mysql_vhost_set_defaults;
++ p->handle_docroot = mod_mysql_vhost_handle_docroot;
+
+ return 0;
+ }
+@@ -441,7 +456,7 @@
+ int mod_mysql_vhost_plugin_init(plugin *p);
+ int mod_mysql_vhost_plugin_init(plugin *p) {
+ p->version = LIGHTTPD_VERSION_ID;
+- p->name = buffer_init_string("mysql_vhost");
++ p->name = buffer_init_string("mysql_vhost");
+
+ return 0;
}
- #undef PATCH
-
-+/**
-+ * URI handler
-+ *
-+ * we will get called twice:
-+ * - after the clean up of the URL and
-+ * - after the pathinfo checks are done
-+ *
-+ * this handles the issue of trailing slashes
+Index: src/request.c
+===================================================================
+--- src/request.c (.../tags/lighttpd-1.4.23)
++++ src/request.c (.../branches/lighttpd-1.4.x)
+@@ -111,7 +111,7 @@
+
+ /* check the first character at right of the dot */
+ if (is_ip == 0) {
+- if (!light_isalpha(host->ptr[i+1])) {
++ if (!light_isalnum(host->ptr[i+1])) {
+ return -1;
+ }
+ } else if (!light_isdigit(host->ptr[i+1])) {
+@@ -133,7 +133,7 @@
+ }
+ } else if (i == 0) {
+ /* the first character of the hostname */
+- if (!light_isalpha(c)) {
++ if (!light_isalnum(c)) {
+ return -1;
+ }
+ label_len++;
+@@ -540,8 +540,8 @@
+ con->response.keep_alive = 0;
+ con->keep_alive = 0;
+
+- log_error_write(srv, __FILE__, __LINE__, "s", "no uri specified -> 400");
+ if (srv->srvconf.log_request_header_on_error) {
++ log_error_write(srv, __FILE__, __LINE__, "s", "no uri specified -> 400");
+ log_error_write(srv, __FILE__, __LINE__, "Sb",
+ "request-header:\n",
+ con->request.request);
+Index: src/network_backends.h
+===================================================================
+--- src/network_backends.h (.../tags/lighttpd-1.4.23)
++++ src/network_backends.h (.../branches/lighttpd-1.4.x)
+@@ -45,6 +45,11 @@
+
+ #include "base.h"
+
++/* return values:
++ * >= 0 : chunks completed
++ * -1 : error (on our side)
++ * -2 : remote close
+ */
- URIHANDLER_FUNC(mod_access_uri_handler) {
- plugin_data *p = p_d;
- int s_len;
-@@ -122,28 +131,41 @@
- s_len = con->uri.path->used - 1;
+ int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq);
+ int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq);
+Index: src/mod_rrdtool.c
+===================================================================
+--- src/mod_rrdtool.c (.../tags/lighttpd-1.4.23)
++++ src/mod_rrdtool.c (.../branches/lighttpd-1.4.x)
+@@ -139,10 +139,8 @@
-+ if (con->conf.log_request_handling) {
-+ log_error_write(srv, __FILE__, __LINE__, "s",
-+ "-- mod_access_uri_handler called");
-+ }
-+
- for (k = 0; k < p->conf.access_deny->used; k++) {
- data_string *ds = (data_string *)p->conf.access_deny->data[k];
- int ct_len = ds->value->used - 1;
-+ int denied = 0;
+ args[i++] = p->conf.path_rrdtool_bin->ptr;
+ args[i++] = dash;
+- args[i++] = NULL;
++ args[i ] = NULL;
-+
- if (ct_len > s_len) continue;
+- openDevNull(STDERR_FILENO);
-
- if (ds->value->used == 0) continue;
+ /* we don't need the client socket */
+ for (i = 3; i < 256; i++) {
+ close(i);
+@@ -268,7 +266,7 @@
+ "RRA:MIN:0.5:24:775 "
+ "RRA:MIN:0.5:288:797\n"));
+
+- if (-1 == (r = safe_write(p->write_fd, p->cmd->ptr, p->cmd->used - 1))) {
++ if (-1 == (safe_write(p->write_fd, p->cmd->ptr, p->cmd->used - 1))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss",
+ "rrdtool-write: failed", strerror(errno));
- /* if we have a case-insensitive FS we have to lower-case the URI here too */
+Index: src/stat_cache.c
+===================================================================
+--- src/stat_cache.c (.../tags/lighttpd-1.4.23)
++++ src/stat_cache.c (.../branches/lighttpd-1.4.x)
+@@ -503,12 +503,10 @@
+ }
- if (con->conf.force_lowercase_filenames) {
- if (0 == strncasecmp(con->uri.path->ptr + s_len - ct_len, ds->value->ptr, ct_len)) {
-- con->http_status = 403;
+ if (NULL == sce) {
+- int osize = 0;
++#ifdef DEBUG_STAT_CACHE
++ int osize = splaytree_size(sc->files);
++#endif
+
+- if (sc->files) {
+- osize = sc->files->size;
+- }
-
-- return HANDLER_FINISHED;
-+ denied = 1;
+ sce = stat_cache_entry_init();
+ buffer_copy_string_buffer(sce->name, name);
+
+Index: src/response.h
+===================================================================
+--- src/response.h (.../tags/lighttpd-1.4.23)
++++ src/response.h (.../branches/lighttpd-1.4.x)
+@@ -10,6 +10,7 @@
+
+ int response_header_insert(server *srv, connection *con, const char *key, size_t keylen, const char *value, size_t vallen);
+ int response_header_overwrite(server *srv, connection *con, const char *key, size_t keylen, const char *value, size_t vallen);
++int response_header_append(server *srv, connection *con, const char *key, size_t keylen, const char *value, size_t vallen);
+
+ handler_t http_response_prepare(server *srv, connection *con);
+ int http_response_redirect_to_directory(server *srv, connection *con);
+Index: src/mod_proxy.c
+===================================================================
+--- src/mod_proxy.c (.../tags/lighttpd-1.4.23)
++++ src/mod_proxy.c (.../branches/lighttpd-1.4.x)
+@@ -756,12 +756,15 @@
+
+ switch(hctx->state) {
+ case PROXY_STATE_INIT:
++#if defined(HAVE_IPV6) && defined(HAVE_INET_PTON)
+ if (strstr(host->host->ptr,":")) {
+ if (-1 == (hctx->fd = socket(AF_INET6, SOCK_STREAM, 0))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "socket failed: ", strerror(errno));
+ return HANDLER_ERROR;
+ }
+- } else {
++ } else
++#endif
++ {
+ if (-1 == (hctx->fd = socket(AF_INET, SOCK_STREAM, 0))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "socket failed: ", strerror(errno));
+ return HANDLER_ERROR;
+@@ -842,17 +845,14 @@
+
+ chunkqueue_remove_finished_chunks(hctx->wb);
+
+- if (-1 == ret) {
+- if (errno != EAGAIN &&
+- errno != EINTR) {
+- log_error_write(srv, __FILE__, __LINE__, "ssd", "write failed:", strerror(errno), errno);
++ if (-1 == ret) { /* error on our side */
++ log_error_write(srv, __FILE__, __LINE__, "ssd", "write failed:", strerror(errno), errno);
+
+- return HANDLER_ERROR;
+- } else {
+- fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_OUT);
++ return HANDLER_WAIT_FOR_EVENT;
++ } else if (-2 == ret) { /* remote close */
++ log_error_write(srv, __FILE__, __LINE__, "ssd", "write failed, remote connection close:", strerror(errno), errno);
+
+- return HANDLER_WAIT_FOR_EVENT;
+- }
++ return HANDLER_WAIT_FOR_EVENT;
+ }
+
+ if (hctx->wb->bytes_out == hctx->wb->bytes_in) {
+@@ -1107,19 +1107,20 @@
+
+ /* check if extension matches */
+ for (k = 0; k < p->conf.extensions->used; k++) {
++ data_array *ext = NULL;
+ size_t ct_len;
+
+- extension = (data_array *)p->conf.extensions->data[k];
++ ext = (data_array *)p->conf.extensions->data[k];
+
+- if (extension->key->used == 0) continue;
++ if (ext->key->used == 0) continue;
+
+- ct_len = extension->key->used - 1;
++ ct_len = ext->key->used - 1;
+
+ if (s_len < ct_len) continue;
+
+ /* check extension in the form "/proxy_pattern" */
+- if (*(extension->key->ptr) == '/') {
+- if (strncmp(fn->ptr, extension->key->ptr, ct_len) == 0) {
++ if (*(ext->key->ptr) == '/') {
++ if (strncmp(fn->ptr, ext->key->ptr, ct_len) == 0) {
+ if (s_len > ct_len + 1) {
+ char *pi_offset;
+
+@@ -1127,15 +1128,17 @@
+ path_info_offset = pi_offset - fn->ptr;
+ }
+ }
++ extension = ext;
+ break;
+ }
+- } else if (0 == strncmp(fn->ptr + s_len - ct_len, extension->key->ptr, ct_len)) {
++ } else if (0 == strncmp(fn->ptr + s_len - ct_len, ext->key->ptr, ct_len)) {
+ /* check extension in the form ".fcg" */
++ extension = ext;
+ break;
+ }
+ }
+
+- if (k == p->conf.extensions->used) {
++ if (NULL == extension) {
+ return HANDLER_GO_ON;
+ }
+
+Index: src/Makefile.am
+===================================================================
+--- src/Makefile.am (.../tags/lighttpd-1.4.23)
++++ src/Makefile.am (.../branches/lighttpd-1.4.x)
+@@ -13,14 +13,14 @@
+ versionstamp:
+ @test -f versionstamp.h || touch versionstamp.h; \
+ REVISION=""; \
+- if test -x "`which svnversion`"; then \
+- REVISION="$$(LANG=C svnversion "$(top_srcdir)" 2>/dev/null || echo exported)"; \
++ if test -d "$(top_srcdir)/.svn" -a -x "`which svnversion`"; then \
++ REVISION="$$(LANG= LC_ALL=C svnversion "$(top_srcdir)" 2>/dev/null || echo exported)"; \
+ if test "$$REVISION" = "exported"; then \
+ REVISION=""; \
+ fi; \
+ fi; \
+ if test -z "$$REVISION" -a -x "`which git`"; then \
+- REVISION="$$(cd "$(top_srcdir)"; LANG=C git describe --always 2>/dev/null || echo)"; \
++ REVISION="$$(cd "$(top_srcdir)"; LANG= LC_ALL=C git describe --always 2>/dev/null || echo)"; \
+ fi; \
+ if test -n "$$REVISION"; then \
+ echo "#define REPO_VERSION \"-devel-$$REVISION\"" > versionstamp.h.tmp; \
+Index: src/mod_expire.c
+===================================================================
+--- src/mod_expire.c (.../tags/lighttpd-1.4.23)
++++ src/mod_expire.c (.../branches/lighttpd-1.4.x)
+@@ -342,7 +342,7 @@
+ buffer_copy_string_len(p->expire_tstmp, CONST_STR_LEN("max-age="));
+ buffer_append_long(p->expire_tstmp, expires - srv->cur_ts); /* as expires >= srv->cur_ts the difference is >= 0 */
+
+- response_header_overwrite(srv, con, CONST_STR_LEN("Cache-Control"), CONST_BUF_LEN(p->expire_tstmp));
++ response_header_append(srv, con, CONST_STR_LEN("Cache-Control"), CONST_BUF_LEN(p->expire_tstmp));
+
+ return HANDLER_GO_ON;
+ }
+Index: src/http_auth.c
+===================================================================
+--- src/http_auth.c (.../tags/lighttpd-1.4.23)
++++ src/http_auth.c (.../branches/lighttpd-1.4.x)
+@@ -918,15 +918,15 @@
+ char a1[256];
+ char a2[256];
+
+- char *username;
+- char *realm;
+- char *nonce;
+- char *uri;
+- char *algorithm;
+- char *qop;
+- char *cnonce;
+- char *nc;
+- char *respons;
++ char *username = NULL;
++ char *realm = NULL;
++ char *nonce = NULL;
++ char *uri = NULL;
++ char *algorithm = NULL;
++ char *qop = NULL;
++ char *cnonce = NULL;
++ char *nc = NULL;
++ char *respons = NULL;
+
+ char *e, *c;
+ const char *m = NULL;
+@@ -967,15 +967,9 @@
+ dkv[6].ptr = &cnonce;
+ dkv[7].ptr = &nc;
+ dkv[8].ptr = &respons;
+- dkv[9].ptr = NULL;
+
+ UNUSED(req);
+
+- for (i = 0; dkv[i].key; i++) {
+- *(dkv[i].ptr) = NULL;
+- }
+-
+-
+ if (p->conf.auth_backend != AUTH_BACKEND_HTDIGEST &&
+ p->conf.auth_backend != AUTH_BACKEND_PLAIN) {
+ log_error_write(srv, __FILE__, __LINE__, "s",
+Index: src/mod_redirect.c
+===================================================================
+--- src/mod_redirect.c (.../tags/lighttpd-1.4.23)
++++ src/mod_redirect.c (.../branches/lighttpd-1.4.x)
+@@ -203,7 +203,7 @@
}
} else {
- if (0 == strncmp(con->uri.path->ptr + s_len - ct_len, ds->value->ptr, ct_len)) {
-- con->http_status = 403;
-+ denied = 1;
-+ }
-+ }
+ const char **list;
+- size_t start, end;
++ size_t start;
+ size_t k;
+
+ /* it matched */
+@@ -213,17 +213,15 @@
+
+ buffer_reset(p->location);
-- return HANDLER_FINISHED;
-+ if (denied) {
-+ con->http_status = 403;
+- start = 0; end = pattern_len;
++ start = 0;
+ for (k = 0; k < pattern_len; k++) {
+ if (pattern[k] == '$' || pattern[k] == '%') {
+ /* got one */
+
+ size_t num = pattern[k + 1] - '0';
+
+- end = k;
++ buffer_append_string_len(p->location, pattern + start, k - start);
+
+- buffer_append_string_len(p->location, pattern + start, end - start);
+-
+ if (!isdigit((unsigned char)pattern[k + 1])) {
+ /* enable escape: "%%" => "%", "%a" => "%a", "$$" => "$" */
+ buffer_append_string_len(p->location, pattern+k, pattern[k] == pattern[k+1] ? 1 : 2);
+Index: src/mod_webdav.c
+===================================================================
+--- src/mod_webdav.c (.../tags/lighttpd-1.4.23)
++++ src/mod_webdav.c (.../branches/lighttpd-1.4.x)
+@@ -1096,6 +1096,7 @@
+ }
+ #endif
+
++#ifdef USE_LOCKS
+ static int webdav_lockdiscovery(server *srv, connection *con,
+ buffer *locktoken, const char *lockscope, const char *locktype, int depth) {
+
+@@ -1150,6 +1151,8 @@
+
+ return 0;
+ }
++#endif
+
-+ if (con->conf.log_request_handling) {
-+ log_error_write(srv, __FILE__, __LINE__, "sb",
-+ "url denied as we match:", ds->value);
+ /**
+ * check if resource is having the right locks to access to resource
+ *
+Index: src/configparser.y
+===================================================================
+--- src/configparser.y (.../tags/lighttpd-1.4.23)
++++ src/configparser.y (.../branches/lighttpd-1.4.x)
+@@ -72,7 +72,7 @@
+ op1->free(op1);
+ return (data_unset *)ds;
+ } else {
+- fprintf(stderr, "data type mismatch, cannot be merge\n");
++ fprintf(stderr, "data type mismatch, cannot merge\n");
+ return NULL;
+ }
+ }
+@@ -193,7 +193,6 @@
+ du = configparser_merge_data(du, B);
+ if (NULL == du) {
+ ctx->ok = 0;
+- du->free(du);
+ }
+ else {
+ buffer_copy_string_buffer(du->key, A);
+@@ -470,7 +469,7 @@
+ case CONFIG_COND_MATCH: {
+ #ifdef HAVE_PCRE_H
+ const char *errptr;
+- int erroff;
++ int erroff, captures;
+
+ if (NULL == (dc->regex =
+ pcre_compile(rvalue->ptr, 0, &errptr, &erroff, NULL))) {
+@@ -487,6 +486,14 @@
+ fprintf(stderr, "studying regex failed: %s -> %s\n",
+ rvalue->ptr, errptr);
+ ctx->ok = 0;
++ } else if (0 != (pcre_fullinfo(dc->regex, dc->regex_study, PCRE_INFO_CAPTURECOUNT, &captures))) {
++ fprintf(stderr, "getting capture count for regex failed: %s\n",
++ rvalue->ptr);
++ ctx->ok = 0;
++ } else if (captures > 9) {
++ fprintf(stderr, "Too many captures in regex, use (?:...) instead of (...): %s\n",
++ rvalue->ptr);
++ ctx->ok = 0;
+ } else {
+ dc->string = buffer_init_buffer(rvalue);
+ }
+Index: src/mod_status.c
+===================================================================
+--- src/mod_status.c (.../tags/lighttpd-1.4.23)
++++ src/mod_status.c (.../branches/lighttpd-1.4.x)
+@@ -438,7 +438,7 @@
+
+ buffer_append_string_len(b, CONST_STR_LEN(
+ "<hr />\n<pre><b>legend</b>\n"
+- ". = connect, C = close, E = hard error\n"
++ ". = connect, C = close, E = hard error, k = keep-alive\n"
+ "r = read, R = read-POST, W = write, h = handle-request\n"
+ "q = request-start, Q = request-end\n"
+ "s = response-start, S = response-end\n"));
+@@ -449,8 +449,14 @@
+
+ for (j = 0; j < srv->conns->used; j++) {
+ connection *c = srv->conns->ptr[j];
+- const char *state = connection_get_short_state(c->state);
++ const char *state;
+
++ if (CON_STATE_READ == c->state && c->request.orig_uri->used > 0) {
++ state = "k";
++ } else {
++ state = connection_get_short_state(c->state);
++ }
++
+ buffer_append_string_len(b, state, 1);
+
+ if (((j + 1) % 50) == 0) {
+@@ -497,7 +503,11 @@
+
+ buffer_append_string_len(b, CONST_STR_LEN("</td><td class=\"string\">"));
+
+- buffer_append_string(b, connection_get_state(c->state));
++ if (CON_STATE_READ == c->state && c->request.orig_uri->used > 0) {
++ buffer_append_string_len(b, CONST_STR_LEN("keep-alive"));
++ } else {
++ buffer_append_string(b, connection_get_state(c->state));
++ }
+
+ buffer_append_string_len(b, CONST_STR_LEN("</td><td class=\"int\">"));
+
+@@ -611,10 +621,10 @@
+ }
+
+ static handler_t mod_status_handle_server_statistics(server *srv, connection *con, void *p_d) {
+- plugin_data *p = p_d;
+- buffer *b = p->module_list;
++ buffer *b;
+ size_t i;
+ array *st = srv->status;
++ UNUSED(p_d);
+
+ if (0 == st->used) {
+ /* we have nothing to send */
+Index: src/mod_ssi.c
+===================================================================
+--- src/mod_ssi.c (.../tags/lighttpd-1.4.23)
++++ src/mod_ssi.c (.../branches/lighttpd-1.4.x)
+@@ -362,7 +362,8 @@
+ switch(ssicmd) {
+ case SSI_ECHO: {
+ /* echo */
+- int var = 0, enc = 0;
++ int var = 0;
++ /* int enc = 0; */
+ const char *var_val = NULL;
+ stat_cache_entry *sce = NULL;
+
+@@ -381,6 +382,7 @@
+ { NULL, SSI_ECHO_UNSET }
+ };
+
++/*
+ struct {
+ const char *var;
+ enum { SSI_ENC_UNSET, SSI_ENC_URL, SSI_ENC_NONE, SSI_ENC_ENTITY } type;
+@@ -391,6 +393,7 @@
+
+ { NULL, SSI_ENC_UNSET }
+ };
++*/
+
+ for (i = 2; i < n; i += 2) {
+ if (0 == strcmp(l[i], "var")) {
+@@ -405,6 +408,7 @@
+ }
+ }
+ } else if (0 == strcmp(l[i], "encoding")) {
++/*
+ int j;
+
+ for (j = 0; encvars[j].var; j++) {
+@@ -413,6 +417,7 @@
+ break;
+ }
+ }
++*/
+ } else {
+ log_error_write(srv, __FILE__, __LINE__, "sss",
+ "ssi: unknow attribute for ",
+Index: src/mod_auth.c
+===================================================================
+--- src/mod_auth.c (.../tags/lighttpd-1.4.23)
++++ src/mod_auth.c (.../branches/lighttpd-1.4.x)
+@@ -468,7 +468,7 @@
+
+ if (method == NULL) {
+ log_error_write(srv, __FILE__, __LINE__, "ss",
+- "the require field is missing in:",
++ "the method field is missing in:",
+ "auth.require = ( \"...\" => ( ..., \"method\" => \"...\" ) )");
+ return HANDLER_ERROR;
+ } else {
+@@ -483,7 +483,7 @@
+
+ if (realm == NULL) {
+ log_error_write(srv, __FILE__, __LINE__, "ss",
+- "the require field is missing in:",
++ "the realm field is missing in:",
+ "auth.require = ( \"...\" => ( ..., \"realm\" => \"...\" ) )");
+ return HANDLER_ERROR;
}
+Index: src/mod_cml_lua.c
+===================================================================
+--- src/mod_cml_lua.c (.../tags/lighttpd-1.4.23)
++++ src/mod_cml_lua.c (.../branches/lighttpd-1.4.x)
+@@ -2,6 +2,7 @@
+ #include <stdio.h>
+ #include <errno.h>
+ #include <time.h>
++#include <string.h>
+
+ #include "mod_cml.h"
+ #include "mod_cml_funcs.h"
+Index: src/http-header-glue.c
+===================================================================
+--- src/http-header-glue.c (.../tags/lighttpd-1.4.23)
++++ src/http-header-glue.c (.../branches/lighttpd-1.4.x)
+@@ -104,6 +104,21 @@
+ return response_header_insert(srv, con, key, keylen, value, vallen);
+ }
+
++int response_header_append(server *srv, connection *con, const char *key, size_t keylen, const char *value, size_t vallen) {
++ data_string *ds;
++
++ UNUSED(srv);
++
++ /* if there already is a key by this name append the value */
++ if (NULL != (ds = (data_string *)array_get_element(con->response.headers, key))) {
++ buffer_append_string_len(ds->value, CONST_STR_LEN(", "));
++ buffer_append_string_len(ds->value, value, vallen);
++ return 0;
++ }
++
++ return response_header_insert(srv, con, key, keylen, value, vallen);
++}
+
-+ return HANDLER_FINISHED;
+ int http_response_redirect_to_directory(server *srv, connection *con) {
+ buffer *o;
+
+@@ -259,7 +274,7 @@
+ }
+
+ if (0 == strncmp(con->request.http_if_modified_since, mtime->ptr, used_len)) {
+- con->http_status = 304;
++ if ('\0' == mtime->ptr[used_len]) con->http_status = 304;
+ return HANDLER_FINISHED;
+ } else {
+ char buf[sizeof("Sat, 23 Jul 2005 21:20:01 GMT")];
+@@ -281,15 +296,16 @@
+ strncpy(buf, con->request.http_if_modified_since, used_len);
+ buf[used_len] = '\0';
+
+- tm.tm_isdst = 0;
+ if (NULL == strptime(buf, "%a, %d %b %Y %H:%M:%S GMT", &tm)) {
+ con->http_status = 412;
+ con->mode = DIRECT;
+ return HANDLER_FINISHED;
+ }
++ tm.tm_isdst = 0;
+ t_header = mktime(&tm);
+
+ strptime(mtime->ptr, "%a, %d %b %Y %H:%M:%S GMT", &tm);
++ tm.tm_isdst = 0;
+ t_file = mktime(&tm);
+
+ if (t_file > t_header) return HANDLER_GO_ON;
+@@ -318,7 +334,7 @@
}
- }
-@@ -158,7 +180,8 @@
+ if (0 == strncmp(con->request.http_if_modified_since, mtime->ptr, used_len)) {
+- con->http_status = 304;
++ if ('\0' == mtime->ptr[used_len]) con->http_status = 304;
+ return HANDLER_FINISHED;
+ } else {
+ char buf[sizeof("Sat, 23 Jul 2005 21:20:01 GMT")];
+@@ -331,18 +347,17 @@
+ strncpy(buf, con->request.http_if_modified_since, used_len);
+ buf[used_len] = '\0';
+
+- tm.tm_isdst = 0;
+ if (NULL == strptime(buf, "%a, %d %b %Y %H:%M:%S GMT", &tm)) {
+ /**
+ * parsing failed, let's get out of here
+ */
+- log_error_write(srv, __FILE__, __LINE__, "ss",
+- "strptime() failed on", buf);
+ return HANDLER_GO_ON;
+ }
++ tm.tm_isdst = 0;
+ t_header = mktime(&tm);
+
+ strptime(mtime->ptr, "%a, %d %b %Y %H:%M:%S GMT", &tm);
++ tm.tm_isdst = 0;
+ t_file = mktime(&tm);
+
+ if (t_file > t_header) return HANDLER_GO_ON;
+Index: src/mod_setenv.c
+===================================================================
+--- src/mod_setenv.c (.../tags/lighttpd-1.4.23)
++++ src/mod_setenv.c (.../branches/lighttpd-1.4.x)
+@@ -215,7 +215,7 @@
+ return HANDLER_GO_ON;
+ }
+
+-REQUESTDONE_FUNC(mod_setenv_reset) {
++CONNECTION_FUNC(mod_setenv_reset) {
+ plugin_data *p = p_d;
- p->init = mod_access_init;
- p->set_defaults = mod_access_set_defaults;
-- p->handle_uri_clean = mod_access_uri_handler;
-+ p->handle_uri_clean = mod_access_uri_handler;
-+ p->handle_subrequest_start = mod_access_uri_handler;
- p->cleanup = mod_access_free;
+ UNUSED(srv);
+@@ -240,7 +240,7 @@
+ p->set_defaults = mod_setenv_set_defaults;
+ p->cleanup = mod_setenv_free;
+
+- p->handle_request_done = mod_setenv_reset;
++ p->connection_reset = mod_setenv_reset;
p->data = NULL;
-Index: src/mod_accesslog.c
+
+Index: src/mod_fastcgi.c
===================================================================
---- src/mod_accesslog.c (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/mod_accesslog.c (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -507,7 +507,7 @@
- *
- */
+--- src/mod_fastcgi.c (.../tags/lighttpd-1.4.23)
++++ src/mod_fastcgi.c (.../branches/lighttpd-1.4.x)
+@@ -122,24 +122,11 @@
+ *
+ */
-- execl("/bin/sh", "sh", "-c", s->access_logfile->ptr + 1, NULL);
-+ execl("/bin/sh", "sh", "-c", s->access_logfile->ptr + 1, (char *)NULL);
+- unsigned short min_procs;
+ unsigned short max_procs;
+ size_t num_procs; /* how many procs are started */
+ size_t active_procs; /* how many of them are really running */
- log_error_write(srv, __FILE__, __LINE__, "sss",
- "spawning log-process failed: ", strerror(errno),
+- unsigned short max_load_per_proc;
+-
+ /*
+- * kick the process from the list if it was not
+- * used for idle_timeout until min_procs is
+- * reached. this helps to get the processlist
+- * small again we had a small peak load.
+- *
+- */
+-
+- unsigned short idle_timeout;
+-
+- /*
+ * time after a disabled remote connection is tried to be re-enabled
+ *
+ *
+@@ -384,6 +371,21 @@
+ /* ok, we need a prototype */
+ static handler_t fcgi_handle_fdevent(void *s, void *ctx, int revents);
+
++static void reset_signals(void) {
++#ifdef SIGTTOU
++ signal(SIGTTOU, SIG_DFL);
++#endif
++#ifdef SIGTTIN
++ signal(SIGTTIN, SIG_DFL);
++#endif
++#ifdef SIGTSTP
++ signal(SIGTSTP, SIG_DFL);
++#endif
++ signal(SIGHUP, SIG_DFL);
++ signal(SIGPIPE, SIG_DFL);
++ signal(SIGUSR1, SIG_DFL);
++}
++
+ static void fastcgi_status_copy_procname(buffer *b, fcgi_extension_host *host, fcgi_proc *proc) {
+ buffer_copy_string_len(b, CONST_STR_LEN("fastcgi.backend."));
+ buffer_append_string_buffer(b, host->id);
+@@ -993,8 +995,6 @@
+ close(fcgi_fd);
+ }
+
+- openDevNull(STDERR_FILENO);
+-
+ /* we don't need the client socket */
+ for (i = 3; i < 256; i++) {
+ close(i);
+@@ -1054,6 +1054,7 @@
+ *c = '/';
+ }
+
++ reset_signals();
+
+ /* exec the cgi */
+ execve(arg.ptr[0], arg.ptr, env.ptr);
+@@ -1235,20 +1236,17 @@
+
+ { "check-local", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 5 */
+ { "port", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 6 */
+- { "min-procs-not-working", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 7 this is broken for now */
+- { "max-procs", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 8 */
+- { "max-load-per-proc", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 9 */
+- { "idle-timeout", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 10 */
+- { "disable-time", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 11 */
++ { "max-procs", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 7 */
++ { "disable-time", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 8 */
+
+- { "bin-environment", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 12 */
+- { "bin-copy-environment", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 13 */
++ { "bin-environment", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 9 */
++ { "bin-copy-environment", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 10 */
+
+- { "broken-scriptfilename", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 14 */
+- { "allow-x-send-file", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 15 */
+- { "strip-request-uri", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 16 */
+- { "kill-signal", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 17 */
+- { "fix-root-scriptname", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 18 */
++ { "broken-scriptfilename", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 11 */
++ { "allow-x-send-file", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 12 */
++ { "strip-request-uri", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 13 */
++ { "kill-signal", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 14 */
++ { "fix-root-scriptname", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 15 */
+
+ { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
+ };
+@@ -1267,12 +1265,9 @@
+ buffer_copy_string_buffer(host->id, da_host->key);
+
+ host->check_local = 1;
+- host->min_procs = 4;
+ host->max_procs = 4;
+- host->max_load_per_proc = 1;
+- host->idle_timeout = 60;
+ host->mode = FCGI_RESPONDER;
+- host->disable_time = 60;
++ host->disable_time = 1;
+ host->break_scriptfilename_for_php = 0;
+ host->allow_xsendfile = 0; /* handle X-LIGHTTPD-send-file */
+ host->kill_signal = SIGTERM;
+@@ -1286,19 +1281,16 @@
+
+ fcv[5].destination = &(host->check_local);
+ fcv[6].destination = &(host->port);
+- fcv[7].destination = &(host->min_procs);
+- fcv[8].destination = &(host->max_procs);
+- fcv[9].destination = &(host->max_load_per_proc);
+- fcv[10].destination = &(host->idle_timeout);
+- fcv[11].destination = &(host->disable_time);
++ fcv[7].destination = &(host->max_procs);
++ fcv[8].destination = &(host->disable_time);
+
+- fcv[12].destination = host->bin_env;
+- fcv[13].destination = host->bin_env_copy;
+- fcv[14].destination = &(host->break_scriptfilename_for_php);
+- fcv[15].destination = &(host->allow_xsendfile);
+- fcv[16].destination = host->strip_request_uri;
+- fcv[17].destination = &(host->kill_signal);
+- fcv[18].destination = &(host->fix_root_path_name);
++ fcv[9].destination = host->bin_env;
++ fcv[10].destination = host->bin_env_copy;
++ fcv[11].destination = &(host->break_scriptfilename_for_php);
++ fcv[12].destination = &(host->allow_xsendfile);
++ fcv[13].destination = host->strip_request_uri;
++ fcv[14].destination = &(host->kill_signal);
++ fcv[15].destination = &(host->fix_root_path_name);
+
+ if (0 != config_insert_values_internal(srv, da_host->value, fcv)) {
+ return HANDLER_ERROR;
+@@ -1355,23 +1347,16 @@
+ /* a local socket + self spawning */
+ size_t pno;
+
+- /* HACK: just to make sure the adaptive spawing is disabled */
+- host->min_procs = host->max_procs;
+-
+- if (host->min_procs > host->max_procs) host->max_procs = host->min_procs;
+- if (host->max_load_per_proc < 1) host->max_load_per_proc = 0;
+-
+ if (s->debug) {
+- log_error_write(srv, __FILE__, __LINE__, "ssbsdsbsdsd",
++ log_error_write(srv, __FILE__, __LINE__, "ssbsdsbsd",
+ "--- fastcgi spawning local",
+ "\n\tproc:", host->bin_path,
+ "\n\tport:", host->port,
+ "\n\tsocket", host->unixsocket,
+- "\n\tmin-procs:", host->min_procs,
+ "\n\tmax-procs:", host->max_procs);
+ }
+
+- for (pno = 0; pno < host->min_procs; pno++) {
++ for (pno = 0; pno < host->max_procs; pno++) {
+ fcgi_proc *proc;
+
+ proc = fastcgi_process_init();
+@@ -1391,7 +1376,7 @@
+ "--- fastcgi spawning",
+ "\n\tport:", host->port,
+ "\n\tsocket", host->unixsocket,
+- "\n\tcurrent:", pno, "/", host->min_procs);
++ "\n\tcurrent:", pno, "/", host->max_procs);
+ }
+
+ if (fcgi_spawn_connection(srv, p, host, proc)) {
+@@ -1426,7 +1411,6 @@
+
+ host->first = proc;
+
+- host->min_procs = 1;
+ host->max_procs = 1;
+ }
+
+@@ -2739,7 +2723,7 @@
+ log_error_write(srv, __FILE__, __LINE__, "ssbsdsd",
+ "--- fastcgi spawning",
+ "\n\tsocket", proc->connection_name,
+- "\n\tcurrent:", 1, "/", host->min_procs);
++ "\n\tcurrent:", 1, "/", host->max_procs);
+ }
+
+ if (fcgi_spawn_connection(srv, p, host, proc)) {
+@@ -2778,8 +2762,11 @@
+ * - tcp socket (do not check host->host->uses, as it may be not set which means INADDR_LOOPBACK)
+ * - unix socket
+ */
+- if (!host ||
+- (!host->port && !host->unixsocket->used)) {
++ if (!host) {
++ log_error_write(srv, __FILE__, __LINE__, "s", "fatal error: host = NULL");
++ return HANDLER_ERROR;
++ }
++ if ((!host->port && !host->unixsocket->used)) {
+ log_error_write(srv, __FILE__, __LINE__, "sxddd",
+ "write-req: error",
+ host,
+@@ -2787,7 +2774,7 @@
+ host->port,
+ host->unixsocket->used);
+
+- hctx->proc->disabled_until = srv->cur_ts + 10;
++ hctx->proc->disabled_until = srv->cur_ts + hctx->host->disable_time;
+ hctx->proc->state = PROC_STATE_DIED;
+
+ return HANDLER_ERROR;
+@@ -2803,7 +2790,7 @@
+ log_error_write(srv, __FILE__, __LINE__, "ss",
+ "getsockopt failed:", strerror(errno));
+
+- hctx->proc->disabled_until = srv->cur_ts + 10;
++ hctx->proc->disabled_until = srv->cur_ts + hctx->host->disable_time;
+ hctx->proc->state = PROC_STATE_DIED;
+
+ return HANDLER_ERROR;
+@@ -2817,7 +2804,7 @@
+ "socket:", hctx->proc->connection_name);
+ }
+
+- hctx->proc->disabled_until = srv->cur_ts + 5;
++ hctx->proc->disabled_until = srv->cur_ts + hctx->host->disable_time;
+
+ if (hctx->proc->is_local) {
+ hctx->proc->state = PROC_STATE_DIED_WAIT_FOR_PID;
+@@ -2910,13 +2897,13 @@
+ /* cool down the backend, it is overloaded
+ * -> EAGAIN */
+
+- log_error_write(srv, __FILE__, __LINE__, "ssdsd",
+- "backend is overloaded; we'll disable it for 2 seconds and send the request to another backend instead:",
++ log_error_write(srv, __FILE__, __LINE__, "sdssdsd",
++ "backend is overloaded; we'll disable it for", hctx->host->disable_time, "seconds and send the request to another backend instead:",
+ "reconnects:", hctx->reconnects,
+ "load:", host->load);
+
+
+- hctx->proc->disabled_until = srv->cur_ts + 2;
++ hctx->proc->disabled_until = srv->cur_ts + hctx->host->disable_time;
+ hctx->proc->state = PROC_STATE_OVERLOADED;
+
+ fastcgi_status_copy_procname(p->statuskey, hctx->host, hctx->proc);
+@@ -2930,18 +2917,18 @@
+ * - ECONNREFUSED for tcp-ip sockets
+ * - ENOENT for unix-domain-sockets
+ *
+- * for check if the host is back in 5 seconds
++ * for check if the host is back in hctx->host->disable_time seconds
+ * */
+
+- hctx->proc->disabled_until = srv->cur_ts + 5;
++ hctx->proc->disabled_until = srv->cur_ts + hctx->host->disable_time;
+ if (hctx->proc->is_local) {
+ hctx->proc->state = PROC_STATE_DIED_WAIT_FOR_PID;
+ } else {
+ hctx->proc->state = PROC_STATE_DIED;
+ }
+
+- log_error_write(srv, __FILE__, __LINE__, "ssdsd",
+- "backend died; we'll disable it for 5 seconds and send the request to another backend instead:",
++ log_error_write(srv, __FILE__, __LINE__, "sdssdsd",
++ "backend died; we'll disable it for", hctx->host->disable_time, "seconds and send the request to another backend instead:",
+ "reconnects:", hctx->reconnects,
+ "load:", host->load);
+
+@@ -3032,11 +3019,6 @@
+ "reconnect attempts:", hctx->reconnects);
+
+ return HANDLER_ERROR;
+- case EAGAIN:
+- case EINTR:
+- fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_OUT);
+-
+- return HANDLER_WAIT_FOR_EVENT;
+ default:
+ log_error_write(srv, __FILE__, __LINE__, "ssd",
+ "write failed:", strerror(errno), errno);
+@@ -3266,7 +3248,7 @@
+ log_error_write(srv, __FILE__, __LINE__, "ssbsdsd",
+ "--- fastcgi spawning",
+ "\n\tsocket", proc->connection_name,
+- "\n\tcurrent:", 1, "/", host->min_procs);
++ "\n\tcurrent:", 1, "/", host->max_procs);
+ }
+
+ if (fcgi_spawn_connection(srv, p, host, proc)) {
+@@ -3288,18 +3270,18 @@
+ hctx->reconnects < 5) {
+ fcgi_reconnect(srv, hctx);
+
+- log_error_write(srv, __FILE__, __LINE__, "ssbsbs",
++ log_error_write(srv, __FILE__, __LINE__, "ssbsBSBs",
+ "response not received, request not sent",
+ "on socket:", proc->connection_name,
+- "for", con->uri.path, ", reconnecting");
++ "for", con->uri.path, "?", con->uri.query, ", reconnecting");
+
+ return HANDLER_WAIT_FOR_FD;
+ }
+
+- log_error_write(srv, __FILE__, __LINE__, "sosbsbs",
++ log_error_write(srv, __FILE__, __LINE__, "sosbsBSBs",
+ "response not received, request sent:", hctx->wb->bytes_out,
+ "on socket:", proc->connection_name,
+- "for", con->uri.path, ", closing connection");
++ "for", con->uri.path, "?", con->uri.query, ", closing connection");
+
+ fcgi_connection_close(srv, hctx);
+
+@@ -3311,10 +3293,10 @@
+ /* response might have been already started, kill the connection */
+ fcgi_connection_close(srv, hctx);
+
+- log_error_write(srv, __FILE__, __LINE__, "ssbsbs",
++ log_error_write(srv, __FILE__, __LINE__, "ssbsBSBs",
+ "response already sent out, but backend returned error",
+ "on socket:", proc->connection_name,
+- "for", con->uri.path, ", terminating connection");
++ "for", con->uri.path, "?", con->uri.query, ", terminating connection");
+
+ connection_set_state(srv, con, CON_STATE_ERROR);
+ }
+@@ -3364,9 +3346,9 @@
+ * even if the FCGI_FIN packet is not received yet
+ */
+ } else {
+- log_error_write(srv, __FILE__, __LINE__, "sbsbsd",
++ log_error_write(srv, __FILE__, __LINE__, "sBSbsbsd",
+ "error: unexpected close of fastcgi connection for",
+- con->uri.path,
++ con->uri.path, "?", con->uri.query,
+ "(no fastcgi process on socket:", proc->connection_name, "?)",
+ hctx->state);
+
+@@ -3489,25 +3471,27 @@
+ /* check if extension matches */
+ for (k = 0; k < p->conf.exts->used; k++) {
+ size_t ct_len; /* length of the config entry */
++ fcgi_extension *ext = p->conf.exts->exts[k];
+
+- extension = p->conf.exts->exts[k];
++ if (ext->key->used == 0) continue;
+
+- if (extension->key->used == 0) continue;
++ ct_len = ext->key->used - 1;
+
+- ct_len = extension->key->used - 1;
+-
+ /* check _url_ in the form "/fcgi_pattern" */
+- if (extension->key->ptr[0] == '/') {
++ if (ext->key->ptr[0] == '/') {
+ if ((ct_len <= con->uri.path->used -1) &&
+- (strncmp(con->uri.path->ptr, extension->key->ptr, ct_len) == 0))
++ (strncmp(con->uri.path->ptr, ext->key->ptr, ct_len) == 0)) {
++ extension = ext;
+ break;
+- } else if ((ct_len <= s_len) && (0 == strncmp(fn->ptr + s_len - ct_len, extension->key->ptr, ct_len))) {
++ }
++ } else if ((ct_len <= s_len) && (0 == strncmp(fn->ptr + s_len - ct_len, ext->key->ptr, ct_len))) {
+ /* check extension in the form ".fcg" */
++ extension = ext;
+ break;
+ }
+ }
+ /* extension doesn't match */
+- if (k == p->conf.exts->used) {
++ if (NULL == extension) {
+ return HANDLER_GO_ON;
+ }
+ }
+@@ -3535,8 +3519,8 @@
+ if (!extension->note_is_sent) {
+ extension->note_is_sent = 1;
+
+- log_error_write(srv, __FILE__, __LINE__, "sbsbs",
+- "all handlers for ", con->uri.path,
++ log_error_write(srv, __FILE__, __LINE__, "sBSbsbs",
++ "all handlers for", con->uri.path, "?", con->uri.query,
+ "on", extension->key,
+ "are down.");
+ }
+@@ -3727,107 +3711,12 @@
+ for (n = 0; n < ex->used; n++) {
+
+ fcgi_proc *proc;
+- unsigned long sum_load = 0;
+ fcgi_extension_host *host;
+
+ host = ex->hosts[n];
+
+ fcgi_restart_dead_procs(srv, p, host);
+
+- for (proc = host->first; proc; proc = proc->next) {
+- sum_load += proc->load;
+- }
+-
+- if (host->num_procs &&
+- host->num_procs < host->max_procs &&
+- (sum_load / host->num_procs) > host->max_load_per_proc) {
+- /* overload, spawn new child */
+- if (p->conf.debug) {
+- log_error_write(srv, __FILE__, __LINE__, "s",
+- "overload detected, spawning a new child");
+- }
+-
+- for (proc = host->unused_procs; proc && proc->pid != 0; proc = proc->next);
+-
+- if (proc) {
+- if (proc == host->unused_procs) host->unused_procs = proc->next;
+-
+- if (proc->next) proc->next->prev = NULL;
+-
+- host->max_id++;
+- } else {
+- proc = fastcgi_process_init();
+- proc->id = host->max_id++;
+- }
+-
+- host->num_procs++;
+-
+- if (buffer_is_empty(host->unixsocket)) {
+- proc->port = host->port + proc->id;
+- } else {
+- buffer_copy_string_buffer(proc->unixsocket, host->unixsocket);
+- buffer_append_string_len(proc->unixsocket, CONST_STR_LEN("-"));
+- buffer_append_long(proc->unixsocket, proc->id);
+- }
+-
+- if (fcgi_spawn_connection(srv, p, host, proc)) {
+- log_error_write(srv, __FILE__, __LINE__, "s",
+- "ERROR: spawning fcgi failed.");
+- return HANDLER_ERROR;
+- }
+-
+- proc->prev = NULL;
+- proc->next = host->first;
+- if (host->first) {
+- host->first->prev = proc;
+- }
+- host->first = proc;
+- }
+-
+- for (proc = host->first; proc; proc = proc->next) {
+- if (proc->load != 0) break;
+- if (host->num_procs <= host->min_procs) break;
+- if (proc->pid == 0) continue;
+-
+- if (srv->cur_ts - proc->last_used > host->idle_timeout) {
+- /* a proc is idling for a long time now,
+- * terminate it */
+-
+- if (p->conf.debug) {
+- log_error_write(srv, __FILE__, __LINE__, "ssbsd",
+- "idle-timeout reached; terminating child:",
+- "socket:", proc->connection_name,
+- "pid", proc->pid);
+- }
+-
+-
+- if (proc->next) proc->next->prev = proc->prev;
+- if (proc->prev) proc->prev->next = proc->next;
+-
+- if (proc->prev == NULL) host->first = proc->next;
+-
+- proc->prev = NULL;
+- proc->next = host->unused_procs;
+-
+- if (host->unused_procs) host->unused_procs->prev = proc;
+- host->unused_procs = proc;
+-
+- kill(proc->pid, SIGTERM);
+-
+- proc->state = PROC_STATE_KILLED;
+-
+- log_error_write(srv, __FILE__, __LINE__, "ssbsd",
+- "killed:",
+- "socket:", proc->connection_name,
+- "pid", proc->pid);
+-
+- host->num_procs--;
+-
+- /* proc is now in unused, let the next second handle the next process */
+- break;
+- }
+- }
+-
+ for (proc = host->unused_procs; proc; proc = proc->next) {
+ int status;
+
+Index: src/fdevent_poll.c
+===================================================================
+--- src/fdevent_poll.c (.../tags/lighttpd-1.4.23)
++++ src/fdevent_poll.c (.../branches/lighttpd-1.4.x)
+@@ -132,7 +132,7 @@
+ if (poll_r & POLLNVAL) r |= FDEVENT_NVAL;
+ if (poll_r & POLLPRI) r |= FDEVENT_PRI;
+
+- return ev->pollfds[ndx].revents;
++ return r;
+ }
+
+ static int fdevent_poll_event_get_fd(fdevents *ev, size_t ndx) {
+Index: src/fdevent_select.c
+===================================================================
+--- src/fdevent_select.c (.../tags/lighttpd-1.4.23)
++++ src/fdevent_select.c (.../branches/lighttpd-1.4.x)
+@@ -38,7 +38,7 @@
+ UNUSED(fde_ndx);
+
+ /* we should be protected by max-fds, but you never know */
+- assert(fd < FD_SETSIZE);
++ assert(fd < ((int)FD_SETSIZE));
+
+ if (events & FDEVENT_IN) {
+ FD_SET(fd, &(ev->select_set_read));
+Index: src/CMakeLists.txt
+===================================================================
Index: src/server.c
===================================================================
---- src/server.c (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/server.c (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -775,6 +775,22 @@
- return -1;
+--- src/server.c (.../tags/lighttpd-1.4.23)
++++ src/server.c (.../branches/lighttpd-1.4.x)
+@@ -187,6 +187,7 @@
+ CLEAN(cond_check_buf);
+
+ CLEAN(srvconf.errorlog_file);
++ CLEAN(srvconf.breakagelog_file);
+ CLEAN(srvconf.groupname);
+ CLEAN(srvconf.username);
+ CLEAN(srvconf.changeroot);
+@@ -242,8 +243,8 @@
+ srv->srvconf.reject_expect_100_with_417 = 1;
+
+ /* use syslog */
+- srv->errorlog_fd = -1;
+- srv->errorlog_mode = ERRORLOG_STDERR;
++ srv->errorlog_fd = STDERR_FILENO;
++ srv->errorlog_mode = ERRORLOG_FD;
+
+ srv->split_vals = array_init();
+
+@@ -271,6 +272,7 @@
+ CLEAN(cond_check_buf);
+
+ CLEAN(srvconf.errorlog_file);
++ CLEAN(srvconf.breakagelog_file);
+ CLEAN(srvconf.groupname);
+ CLEAN(srvconf.username);
+ CLEAN(srvconf.changeroot);
+@@ -717,7 +719,7 @@
+ }
+
+ if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
+- srv->max_fds = rlim.rlim_cur < FD_SETSIZE - 200 ? rlim.rlim_cur : FD_SETSIZE - 200;
++ srv->max_fds = rlim.rlim_cur < ((int)FD_SETSIZE) - 200 ? rlim.rlim_cur : FD_SETSIZE - 200;
+ } else {
+ srv->max_fds = rlim.rlim_cur;
+ }
+@@ -730,7 +732,7 @@
+ #endif
+ if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
+ /* don't raise the limit above FD_SET_SIZE */
+- if (srv->max_fds > FD_SETSIZE - 200) {
++ if (srv->max_fds > ((int)FD_SETSIZE) - 200) {
+ log_error_write(srv, __FILE__, __LINE__, "sd",
+ "can't raise max filedescriptors above", FD_SETSIZE - 200,
+ "if event-handler is 'select'. Use 'poll' or something else or reduce server.max-fds.");
+@@ -780,7 +782,7 @@
+ * Change group before chroot, when we have access
+ * to /etc/group
+ * */
+- if (srv->srvconf.groupname->used) {
++ if (NULL != grp) {
+ setgid(grp->gr_gid);
+ setgroups(0, NULL);
+ if (srv->srvconf.username->used) {
+@@ -804,7 +806,7 @@
+ #endif
+ #ifdef HAVE_PWD_H
+ /* drop root privs */
+- if (srv->srvconf.username->used) {
++ if (NULL != pwd) {
+ setuid(pwd->pw_uid);
+ }
+ #endif
+@@ -843,7 +845,7 @@
}
-+ /**
-+ * we are not root can can't increase the fd-limit, but we can reduce it
-+ */
-+ if (srv->srvconf.max_fds && srv->srvconf.max_fds < rlim.rlim_cur) {
-+ /* set rlimits */
+ if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
+- srv->max_fds = rlim.rlim_cur < FD_SETSIZE - 200 ? rlim.rlim_cur : FD_SETSIZE - 200;
++ srv->max_fds = rlim.rlim_cur < ((int)FD_SETSIZE) - 200 ? rlim.rlim_cur : FD_SETSIZE - 200;
+ } else {
+ srv->max_fds = rlim.rlim_cur;
+ }
+@@ -857,7 +859,7 @@
+ #endif
+ if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
+ /* don't raise the limit above FD_SET_SIZE */
+- if (srv->max_fds > FD_SETSIZE - 200) {
++ if (srv->max_fds > ((int)FD_SETSIZE) - 200) {
+ log_error_write(srv, __FILE__, __LINE__, "sd",
+ "can't raise max filedescriptors above", FD_SETSIZE - 200,
+ "if event-handler is 'select'. Use 'poll' or something else or reduce server.max-fds.");
+Index: src/mod_dirlisting.c
+===================================================================
+--- src/mod_dirlisting.c (.../tags/lighttpd-1.4.23)
++++ src/mod_dirlisting.c (.../branches/lighttpd-1.4.x)
+@@ -198,7 +198,7 @@
+ data_unset *du;
+
+ if (NULL != (du = array_get_element(ca, option))) {
+- data_array *da = (data_array *)du;
++ data_array *da;
+ size_t j;
+
+ if (du->type != TYPE_ARRAY) {
+Index: src/mod_magnet.c
+===================================================================
+--- src/mod_magnet.c (.../tags/lighttpd-1.4.23)
++++ src/mod_magnet.c (.../branches/lighttpd-1.4.x)
+@@ -283,17 +283,11 @@
+ }
+
+ static int magnet_reqhdr_get(lua_State *L) {
+- server *srv;
+ connection *con;
+ data_string *ds;
+
+ const char *key = luaL_checkstring(L, 2);
+
+- lua_pushstring(L, "lighty.srv");
+- lua_gettable(L, LUA_REGISTRYINDEX);
+- srv = lua_touserdata(L, -1);
+- lua_pop(L, 1);
+-
+ lua_pushstring(L, "lighty.con");
+ lua_gettable(L, LUA_REGISTRYINDEX);
+ con = lua_touserdata(L, -1);
+Index: src/log.c
+===================================================================
+--- src/log.c (.../tags/lighttpd-1.4.23)
++++ src/log.c (.../branches/lighttpd-1.4.x)
+@@ -62,7 +62,6 @@
+ /* create write pipe and spawn process */
+
+ int to_log_fds[2];
+- pid_t pid;
+
+ if (pipe(to_log_fds)) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "pipe failed: ", strerror(errno));
+@@ -70,7 +69,7 @@
+ }
+
+ /* fork, execve */
+- switch (pid = fork()) {
++ switch (fork()) {
+ case 0:
+ /* child */
+ close(STDIN_FILENO);
+@@ -150,14 +149,14 @@
+ */
+
+ int log_error_open(server *srv) {
+- int close_stderr = 1;
+-
+ #ifdef HAVE_SYSLOG_H
+ /* perhaps someone wants to use syslog() */
+ openlog("lighttpd", LOG_CONS | LOG_PID, LOG_DAEMON);
+ #endif
+- srv->errorlog_mode = ERRORLOG_STDERR;
+
++ srv->errorlog_mode = ERRORLOG_FD;
++ srv->errorlog_fd = STDERR_FILENO;
+
-+ rlim.rlim_cur = srv->srvconf.max_fds;
+ if (srv->srvconf.errorlog_use_syslog) {
+ srv->errorlog_mode = ERRORLOG_SYSLOG;
+ } else if (!buffer_is_empty(srv->srvconf.errorlog_file)) {
+@@ -171,20 +170,36 @@
+
+ log_error_write(srv, __FILE__, __LINE__, "s", "server started");
+
+-#ifdef HAVE_VALGRIND_VALGRIND_H
+- /* don't close stderr for debugging purposes if run in valgrind */
+- if (RUNNING_ON_VALGRIND) close_stderr = 0;
+-#endif
+-
+- if (srv->errorlog_mode == ERRORLOG_STDERR && srv->srvconf.dont_daemonize) {
++ if (srv->errorlog_mode == ERRORLOG_FD && !srv->srvconf.dont_daemonize) {
+ /* We can only log to stderr in dont-daemonize mode;
+ * if we do daemonize and no errorlog file is specified, we log into /dev/null
+ */
+- close_stderr = 0;
++ srv->errorlog_fd = -1;
+ }
+
+- /* move stderr to /dev/null */
+- if (close_stderr) openDevNull(STDERR_FILENO);
++ if (!buffer_is_empty(srv->srvconf.breakagelog_file)) {
++ int breakage_fd;
++ const char *logfile = srv->srvconf.breakagelog_file->ptr;
+
-+ if (0 != setrlimit(RLIMIT_NOFILE, &rlim)) {
-+ log_error_write(srv, __FILE__, __LINE__,
-+ "ss", "couldn't set 'max filedescriptors'",
-+ strerror(errno));
-+ return -1;
-+ }
++ if (srv->errorlog_mode == ERRORLOG_FD) {
++ srv->errorlog_fd = dup(STDERR_FILENO);
++#ifdef FD_CLOEXEC
++ fcntl(srv->errorlog_fd, F_SETFD, FD_CLOEXEC);
++#endif
+ }
+
- if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
- srv->max_fds = rlim.rlim_cur < FD_SETSIZE - 200 ? rlim.rlim_cur : FD_SETSIZE - 200;
- } else {
++ if (-1 == (breakage_fd = open_logfile_or_pipe(srv, logfile))) {
++ return -1;
++ }
++
++ if (STDERR_FILENO != breakage_fd) {
++ dup2(breakage_fd, STDERR_FILENO);
++ close(breakage_fd);
++ }
++ } else if (!srv->srvconf.dont_daemonize) {
++ /* move stderr to /dev/null */
++ openDevNull(STDERR_FILENO);
++ }
+ return 0;
+ }
+
+@@ -235,15 +250,19 @@
+ switch(srv->errorlog_mode) {
+ case ERRORLOG_PIPE:
+ case ERRORLOG_FILE:
+- close(srv->errorlog_fd);
++ case ERRORLOG_FD:
++ if (-1 != srv->errorlog_fd) {
++ /* don't close STDERR */
++ if (STDERR_FILENO != srv->errorlog_fd)
++ close(srv->errorlog_fd);
++ srv->errorlog_fd = -1;
++ }
+ break;
+ case ERRORLOG_SYSLOG:
+ #ifdef HAVE_SYSLOG_H
+ closelog();
+ #endif
+ break;
+- case ERRORLOG_STDERR:
+- break;
+ }
+
+ return 0;
+@@ -255,7 +274,8 @@
+ switch(srv->errorlog_mode) {
+ case ERRORLOG_PIPE:
+ case ERRORLOG_FILE:
+- case ERRORLOG_STDERR:
++ case ERRORLOG_FD:
++ if (-1 == srv->errorlog_fd) return 0;
+ /* cache the generated timestamp */
+ if (srv->cur_ts != srv->last_generated_debug_ts) {
+ buffer_prepare_copy(srv->ts_debug_str, 255);
+@@ -349,13 +369,10 @@
+ switch(srv->errorlog_mode) {
+ case ERRORLOG_PIPE:
+ case ERRORLOG_FILE:
++ case ERRORLOG_FD:
+ buffer_append_string_len(srv->errorlog_buf, CONST_STR_LEN("\n"));
+ write(srv->errorlog_fd, srv->errorlog_buf->ptr, srv->errorlog_buf->used - 1);
+ break;
+- case ERRORLOG_STDERR:
+- buffer_append_string_len(srv->errorlog_buf, CONST_STR_LEN("\n"));
+- write(STDERR_FILENO, srv->errorlog_buf->ptr, srv->errorlog_buf->used - 1);
+- break;
+ case ERRORLOG_SYSLOG:
+ syslog(LOG_ERR, "%s", srv->errorlog_buf->ptr);
+ break;
Index: src/proc_open.c
===================================================================
---- src/proc_open.c (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ src/proc_open.c (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -255,7 +255,7 @@
- */
- proc_close_parents(proc);
-
-- execl(shell, shell, "-c", command, NULL);
-+ execl(shell, shell, "-c", command, (char *)NULL);
- _exit(127);
-
- } else if (child < 0) {
-Index: tests/mod-auth.t
-===================================================================
---- tests/mod-auth.t (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ tests/mod-auth.t (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -8,7 +8,7 @@
-
- use strict;
- use IO::Socket;
--use Test::More tests => 10;
-+use Test::More tests => 13;
- use LightyTest;
-
- my $tf = LightyTest->new();
-@@ -93,7 +93,44 @@
- $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 400 } ];
- ok($tf->handle_http($t) == 0, 'Digest-Auth: missing nc (noncecount instead), no crash');
-
-+$t->{REQUEST} = ( <<EOF
-+GET /server-status HTTP/1.0
-+Authorization: Basic =
-+EOF
-+ );
-+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ];
-+ok($tf->handle_http($t) == 0, 'Basic-Auth: Invalid Base64');
-
-
-+$t->{REQUEST} = ( <<EOF
-+GET /server-status HTTP/1.0
-+User-Agent: Wget/1.9.1
-+Authorization: Digest username="jan", realm="jan",
-+ nonce="b1d12348b4620437c43dd61c50ae4639", algorithm="md5-sess",
-+ uri="/MJ-BONG.xm.mpc", qop=auth, noncecount=00000001",
-+ cnonce="036FCA5B86F7E7C4965C7F9B8FE714B7",
-+ nc="asd",
-+ response="29B32C2953C763C6D033C8A49983B87E"
-+EOF
-+ );
-+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ];
-+ok($tf->handle_http($t) == 0, 'Digest-Auth: md5-sess + missing cnonce');
-+
-+$t->{REQUEST} = ( <<EOF
-+GET /server-status HTTP/1.0
-+User-Agent: Wget/1.9.1
-+Authorization: Digest username="jan", realm="jan",
-+ nonce="b1d12348b4620437c43dd61c50ae4639", algorithm="md5-sess",
-+ uri="/MJ-BONG.xm.mpc", qop=auth, noncecount=00000001",
-+ cnonce="036FCA5B86F7E7C4965C7F9B8FE714B7",
-+ nc="asd",
-+ response="29B32C2953C763C6D033C8A49983B87E"
-+EOF
-+ );
-+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ];
-+ok($tf->handle_http($t) == 0, 'Digest-Auth: trailing WS');
+--- src/proc_open.c (.../tags/lighttpd-1.4.23)
++++ src/proc_open.c (.../branches/lighttpd-1.4.x)
+@@ -309,6 +309,14 @@
+
+ if (err) {
+ proc_read_fd_to_buffer(proc.err.fd, err);
++ } else {
++ buffer *tmp = buffer_init();
++ proc_read_fd_to_buffer(proc.err.fd, tmp);
++ if (tmp->used > 0 && write(2, (void*)tmp->ptr, tmp->used) < 0) {
++ perror("error writing pipe");
++ return -1;
++ }
++ buffer_free(tmp);
+ }
+ pipe_close(&proc.err);
+
+Index: tests/.cvsignore
+===================================================================
+Index: tests/bug-12.conf
+===================================================================
+--- tests/bug-12.conf (.../tags/lighttpd-1.4.23)
++++ tests/bug-12.conf (.../branches/lighttpd-1.4.x)
+@@ -8,6 +8,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/fastcgi-10.conf
+===================================================================
+--- tests/fastcgi-10.conf (.../tags/lighttpd-1.4.23)
++++ tests/fastcgi-10.conf (.../branches/lighttpd-1.4.x)
+@@ -6,6 +6,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/bug-06.conf
+===================================================================
+--- tests/bug-06.conf (.../tags/lighttpd-1.4.23)
++++ tests/bug-06.conf (.../branches/lighttpd-1.4.x)
+@@ -8,6 +8,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/mod-extforward.conf
+===================================================================
+Index: tests/var-include.conf
+===================================================================
+--- tests/var-include.conf (.../tags/lighttpd-1.4.23)
++++ tests/var-include.conf (.../branches/lighttpd-1.4.x)
+@@ -10,6 +10,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/404-handler.conf
+===================================================================
+--- tests/404-handler.conf (.../tags/lighttpd-1.4.23)
++++ tests/404-handler.conf (.../branches/lighttpd-1.4.x)
+@@ -10,6 +10,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/lowercase.conf
+===================================================================
+--- tests/lowercase.conf (.../tags/lighttpd-1.4.23)
++++ tests/lowercase.conf (.../branches/lighttpd-1.4.x)
+@@ -6,6 +6,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+
+ server.force-lowercase-filenames = "enable"
+
+Index: tests/condition.conf
+===================================================================
+--- tests/condition.conf (.../tags/lighttpd-1.4.23)
++++ tests/condition.conf (.../branches/lighttpd-1.4.x)
+@@ -10,6 +10,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/fastcgi-13.conf
+===================================================================
+--- tests/fastcgi-13.conf (.../tags/lighttpd-1.4.23)
++++ tests/fastcgi-13.conf (.../branches/lighttpd-1.4.x)
+@@ -10,6 +10,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/mod-compress.conf
+===================================================================
+--- tests/mod-compress.conf (.../tags/lighttpd-1.4.23)
++++ tests/mod-compress.conf (.../branches/lighttpd-1.4.x)
+@@ -11,6 +11,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+
+ server.modules = (
+Index: tests/lighttpd.conf
+===================================================================
+--- tests/lighttpd.conf (.../tags/lighttpd-1.4.23)
++++ tests/lighttpd.conf (.../branches/lighttpd-1.4.x)
+@@ -13,6 +13,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/fastcgi-responder.conf
+===================================================================
+--- tests/fastcgi-responder.conf (.../tags/lighttpd-1.4.23)
++++ tests/fastcgi-responder.conf (.../branches/lighttpd-1.4.x)
+@@ -15,6 +15,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/fastcgi-auth.conf
+===================================================================
+--- tests/fastcgi-auth.conf (.../tags/lighttpd-1.4.23)
++++ tests/fastcgi-auth.conf (.../branches/lighttpd-1.4.x)
+@@ -12,6 +12,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Apache 1.3.29"
+
+Index: tests/proxy.conf
+===================================================================
+--- tests/proxy.conf (.../tags/lighttpd-1.4.23)
++++ tests/proxy.conf (.../branches/lighttpd-1.4.x)
+@@ -6,6 +6,7 @@
+ ## bind to localhost (default: all interfaces)
+ server.bind = "localhost"
+ server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log"
++server.breakagelog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.breakage.log"
+ server.name = "www.example.org"
+ server.tag = "Proxy"
+
+Index: tests/LightyTest.pm
+===================================================================
+--- tests/LightyTest.pm (.../tags/lighttpd-1.4.23)
++++ tests/LightyTest.pm (.../branches/lighttpd-1.4.x)
+@@ -87,14 +87,21 @@
+ my $self = shift;
+ my $port = shift;
+ my $child = shift;
++ my $timeout = 5*10; # 5 secs, select waits 0.1 s
+
+ while (0 == $self->listening_on($port)) {
+ select(undef, undef, undef, 0.1);
++ $timeout--;
+
+ # the process is gone, we failed
+ if (0 != waitpid($child, WNOHANG)) {
+ return -1;
+ }
++ if (0 >= $timeout) {
++ diag("Timeout while trying to connect; killing child");
++ kill('TERM', $child);
++ return -1;
++ }
+ }
+
+ return 0;
+Index: configure.ac
+===================================================================
+Index: doc/.cvsignore
+===================================================================
+Index: doc/fastcgi.txt
+===================================================================
+--- doc/fastcgi.txt (.../tags/lighttpd-1.4.23)
++++ doc/fastcgi.txt (.../branches/lighttpd-1.4.x)
+@@ -95,23 +95,22 @@
+ (
+ ( "host" => <string> ,
+ "port" => <integer> ,
+- "socket" => <string>, # either socket
+- # or host+port
+- "bin-path" => <string>, # OPTIONAL
+- "bin-environment" => <array>, # OPTIONAL
+- "bin-copy-environment" => <array>, # OPTIONAL
++ "socket" => <string>, # either socket
++ # or host+port
++ "bin-path" => <string>, # OPTIONAL
++ "bin-environment" => <array>, # OPTIONAL
++ "bin-copy-environment" => <array>, # OPTIONAL
+ "mode" => <string>, # OPTIONAL
+ "docroot" => <string> , # OPTIONAL if "mode"
+- # is not "authorizer"
++ # is not "authorizer"
+ "check-local" => <string>, # OPTIONAL
+- "min-procs" => <integer>, # OPTIONAL
+- "max-procs" => <integer>, # OPTIONAL
+- "max-load-per-proc" => <integer>, # OPTIONAL
+- "idle-timeout" => <integer>, # OPTIONAL
+- "broken-scriptfilename" => <boolean>, # OPTIONAL
++ "max-procs" => <integer>, # OPTIONAL
++ "broken-scriptfilename" => <boolean>, # OPTIONAL
+ "disable-time" => <integer>, # optional
+- "allow-x-send-file" => <boolean> # optional
+- ),
++ "allow-x-send-file" => <boolean>, # optional
++ "kill-signal" => <integer>, # OPTIONAL
++ "fix-root-scriptname" => <boolean>,
++ # OPTIONAL
+ ( "host" => ...
+ )
+ )
+@@ -127,42 +126,38 @@
+ :"socket": path to the unix-domain socket
+ :"mode": is the FastCGI protocol mode.
+ Default is "responder", also "authorizer"
+- mode is implemented.
++ mode is implemented.
+ :"docroot": is optional and is the docroot on the remote
+ host for default "responder" mode. For
+- "authorizer" mode it is MANDATORY and it points
+- to docroot for authorized requests. For security
+- reasons it is recommended to keep this docroot
++ "authorizer" mode it is MANDATORY and it points
++ to docroot for authorized requests. For security
++ reasons it is recommended to keep this docroot
+ outside of server.document-root tree.
+ :"check-local": is optional and may be "enable" (default) or
+ "disable". If enabled the server first check
+- for a file in local server.document-root tree
+- and return 404 (Not Found) if no such file.
++ for a file in local server.document-root tree
++ and return 404 (Not Found) if no such file.
+ If disabled, the server forward request to
+- FastCGI interface without this check.
++ FastCGI interface without this check.
+ :"broken-scriptfilename": breaks SCRIPT_FILENAME in a wat that
+ PHP can extract PATH_INFO from it (default: disabled)
+ :"disable-time": time to wait before a disabled backend is checked
+ again
+ :"allow-x-send-file": controls if X-LIGHTTPD-send-file headers
+ are allowed
++ :"fix-root-scriptname": fix broken path-info split for "/" extension ("prefix")
+
+ If bin-path is set:
+
+- :"min-procs": sets the minium processes to start
+ :"max-procs": the upper limit of the processess to start
+- :"max-load-per-proc": maximum number of waiting processes on
+- average per process before a new process is
+- spawned
+- :"idle-timeout": number of seconds before a unused process
+- gets terminated
+ :"bin-environment": put an entry into the environment of
+ the started process
+ :"bin-copy-environement": clean up the environment and copy
+ only the specified entries into the fresh
+ environment of the spawn process
++ :"kill-signal": signal to terminate the FastCGI process with,
++ defauls to SIGTERM
+
+-
+ Examples
+ --------
+
+@@ -171,11 +166,11 @@
+ fastcgi.server = ( ".php" =>
+ (( "host" => "127.0.0.1",
+ "port" => 1026,
+- "bin-path" => "/usr/local/bin/php"
++ "bin-path" => "/usr/local/bin/php"
+ )),
+ ".php4" =>
+ (( "host" => "127.0.0.1",
+- "port" => 1026
++ "port" => 1026
+ ))
+ )
+
+@@ -183,10 +178,10 @@
+
+ fastcgi.server = ( "/remote_scripts/" =>
+ (( "host" => "192.168.0.3",
+- "port" => 9000,
++ "port" => 9000,
+ "check-local" => "disable",
+ "docroot" => "/" # remote server may use
+- # it's own docroot
++ # it's own docroot
+ ))
+ )
+
+@@ -206,7 +201,7 @@
+
+ fastcgi.server = ( "/remote_scripts/" =>
+ (( "host" => "10.0.0.2",
+- "port" => 9000,
++ "port" => 9000,
+ "docroot" => "/path_to_private_docs",
+ "mode" => "authorizer"
+ ))
+@@ -318,10 +313,10 @@
+ $ PHP_FCGI_CHILDREN=384 ./lighttpd -f ./lighttpd.conf
+
+ fastcgi.server = ( ".php" =>
+- (( "socket" => "/tmp/php.socket",
++ (( "socket" => "/tmp/php.socket",
+ "bin-path" => "/usr/local/bin/php",
+ "min-procs" => 1,
+- "max-procs" => 1,
++ "max-procs" => 1,
+ "max-load-per-proc" => 4,
+ "idle-timeout" => 20
+ ))
+@@ -408,7 +403,7 @@
+ "PHP_FCGI_CHILDREN" => "16",
+ "PHP_FCGI_MAX_REQUESTS" => "10000" ),
+ "bin-copy-environment" => (
+- "PATH", "SHELL", "USER" )
++ "PATH", "SHELL", "USER" )
+ ))
+ )
+
+Index: SConstruct
+===================================================================
+Index: Makefile.am
+===================================================================
+--- Makefile.am (.../tags/lighttpd-1.4.23)
++++ Makefile.am (.../branches/lighttpd-1.4.x)
+@@ -2,4 +2,6 @@
+
+ EXTRA_DIST=autogen.sh SConstruct
+
++ACLOCAL_AMFLAGS = -I m4
+
+ distcleancheck_listfiles = find -type f -exec sh -c 'test -f $(srcdir)/{} || echo {}' ';'
+Index: autogen.sh
+===================================================================
+--- autogen.sh (.../tags/lighttpd-1.4.23)
++++ autogen.sh (.../branches/lighttpd-1.4.x)
+@@ -1,27 +1,92 @@
+ #!/bin/sh
+ # Run this to generate all the initial makefiles, etc.
+
+-LIBTOOLIZE=${LIBTOOLIZE:-libtoolize}
+ LIBTOOLIZE_FLAGS="--copy --force"
+-ACLOCAL=${ACLOCAL:-aclocal}
+-AUTOHEADER=${AUTOHEADER:-autoheader}
+-AUTOMAKE=${AUTOMAKE:-automake}
+-AUTOMAKE_FLAGS="--add-missing --copy"
+-AUTOCONF=${AUTOCONF:-autoconf}
++AUTOMAKE_FLAGS="--add-missing --copy --foreign"
+
+ ARGV0=$0
++ARGS="$@"
+
+-set -e
+
+-
+ run() {
+- echo "$ARGV0: running \`$@'"
+- $@
++ echo "$ARGV0: running \`$@' $ARGS"
++ $@ $ARGS
+ }
+
++## jump out if one of the programs returns 'false'
++set -e
+
++## on macosx glibtoolize, others have libtool
++if test x$LIBTOOLIZE = x; then
++ if test \! "x`which glibtoolize 2> /dev/null | grep -v '^no'`" = x; then
++ LIBTOOLIZE=glibtoolize
++ elif test \! "x`which libtoolize-1.5 2> /dev/null | grep -v '^no'`" = x; then
++ LIBTOOLIZE=libtoolize-1.5
++ elif test \! "x`which libtoolize 2> /dev/null | grep -v '^no'`" = x; then
++ LIBTOOLIZE=libtoolize
++ else
++ echo "libtoolize 1.5.x wasn't found, exiting"; exit 0
++ fi
++fi
+
- ok($tf->stop_proc == 0, "Stopping lighttpd");
-
-Index: tests/mod-access.t
-===================================================================
---- tests/mod-access.t (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ tests/mod-access.t (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -8,7 +8,7 @@
-
- use strict;
- use IO::Socket;
--use Test::More tests => 3;
-+use Test::More tests => 4;
- use LightyTest;
-
- my $tf = LightyTest->new();
-@@ -23,5 +23,12 @@
- $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ];
- ok($tf->handle_http($t) == 0, 'forbid access to ...~');
-
-+$t->{REQUEST} = ( <<EOF
-+GET /index.html~/ HTTP/1.0
-+EOF
-+ );
-+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ];
-+ok($tf->handle_http($t) == 0, '#1230 - forbid access to ...~ - trailing slash');
++## suse has aclocal and aclocal-1.9
++if test x$ACLOCAL = x; then
++ if test \! "x`which aclocal-1.9 2> /dev/null | grep -v '^no'`" = x; then
++ ACLOCAL=aclocal-1.9
++ elif test \! "x`which aclocal19 2> /dev/null | grep -v '^no'`" = x; then
++ ACLOCAL=aclocal19
++ elif test \! "x`which aclocal 2> /dev/null | grep -v '^no'`" = x; then
++ ACLOCAL=aclocal
++ else
++ echo "automake 1.9.x (aclocal) wasn't found, exiting"; exit 0
++ fi
++fi
+
- ok($tf->stop_proc == 0, "Stopping lighttpd");
-
-Index: tests/core-request.t
-===================================================================
---- tests/core-request.t (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ tests/core-request.t (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -8,7 +8,7 @@
-
- use strict;
- use IO::Socket;
--use Test::More tests => 33;
-+use Test::More tests => 36;
- use LightyTest;
-
- my $tf = LightyTest->new();
-@@ -273,6 +273,38 @@
- $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
- ok($tf->handle_http($t) == 0, 'uppercase filenames');
-
-+$t->{REQUEST} = ( <<EOF
-+GET / HTTP/1.0
-+Location: foo
-+Location: foobar
-+ baz
-+EOF
-+ );
-+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
-+ok($tf->handle_http($t) == 0, '#1232 - duplicate headers with line-wrapping');
-
-+$t->{REQUEST} = ( <<EOF
-+GET / HTTP/1.0
-+Location:
-+Location: foobar
-+ baz
-+EOF
-+ );
-+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
-+ok($tf->handle_http($t) == 0, '#1232 - duplicate headers with line-wrapping - test 2');
++if test x$AUTOMAKE = x; then
++ if test \! "x`which automake-1.9 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOMAKE=automake-1.9
++ elif test \! "x`which automake19 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOMAKE=automake19
++ elif test \! "x`which automake 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOMAKE=automake
++ else
++ echo "automake 1.9.x wasn't found, exiting"; exit 0
++ fi
++fi
+
-+$t->{REQUEST} = ( <<EOF
-+GET / HTTP/1.0
-+A:
-+Location: foobar
-+ baz
-+EOF
-+ );
-+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
-+ok($tf->handle_http($t) == 0, '#1232 - duplicate headers with line-wrapping - test 3');
+
++## macosx has autoconf-2.59 and autoconf-2.60
++if test x$AUTOCONF = x; then
++ if test \! "x`which autoconf-2.59 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOCONF=autoconf-2.59
++ elif test \! "x`which autoconf259 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOCONF=autoconf259
++ elif test \! "x`which autoconf 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOCONF=autoconf
++ else
++ echo "autoconf 2.59+ wasn't found, exiting"; exit 0
++ fi
++fi
+
++if test x$AUTOHEADER = x; then
++ if test \! "x`which autoheader-2.59 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOHEADER=autoheader-2.59
++ elif test \! "x`which autoheader259 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOHEADER=autoheader259
++ elif test \! "x`which autoheader 2> /dev/null | grep -v '^no'`" = x; then
++ AUTOHEADER=autoheader
++ else
++ echo "autoconf 2.59+ (autoheader) wasn't found, exiting"; exit 0
++ fi
++fi
+
++mkdir -p m4
+ run $LIBTOOLIZE $LIBTOOLIZE_FLAGS
+-run $ACLOCAL $ACLOCAL_FLAGS
++run $ACLOCAL $ACLOCAL_FLAGS -I m4
+ run $AUTOHEADER
+ run $AUTOMAKE $AUTOMAKE_FLAGS
+ run $AUTOCONF
+-echo "Now type './configure ...' and 'make' to compile."
+
- ok($tf->stop_proc == 0, "Stopping lighttpd");
-
-Index: tests/prepare.sh
-===================================================================
---- tests/prepare.sh (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ tests/prepare.sh (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -25,6 +25,7 @@
- # copy everything into the right places
- cp $srcdir/docroot/www/*.html \
- $srcdir/docroot/www/*.php \
-+ $srcdir/docroot/www/*.html~ \
- $srcdir/docroot/www/*.pl \
- $srcdir/docroot/www/*.fcgi \
- $srcdir/docroot/www/*.shtml \
-Index: tests/docroot/www/index.html~
-===================================================================
-Index: tests/docroot/www/Makefile.am
-===================================================================
---- tests/docroot/www/Makefile.am (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ tests/docroot/www/Makefile.am (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -1,5 +1,5 @@
- EXTRA_DIST=cgi.php cgi.pl dummydir index.html index.txt phpinfo.php \
- redirect.php cgi-pathinfo.pl get-env.php get-server-env.php \
- nph-status.pl prefix.fcgi get-header.pl ssi.shtml get-post-len.pl \
-- exec-date.shtml
-+ exec-date.shtml index.html~
- SUBDIRS=go indexfile expire
++if test "$ARGS" = "" ; then
++ echo "Now type './configure ...' and 'make' to compile."
++fi
Index: NEWS
===================================================================
---- NEWS (.../tags/lighttpd-1.4.15) (revision 1880)
-+++ NEWS (.../branches/lighttpd-1.4.x) (revision 1880)
-@@ -3,9 +3,28 @@
+--- NEWS (.../tags/lighttpd-1.4.23)
++++ NEWS (.../branches/lighttpd-1.4.x)
+@@ -3,7 +3,42 @@
NEWS
====
-+- 1.4.16 -
+-- 1.4.23 -
++- 1.4.24 -
++ * Add T_CONFIG_INT for bigger integers from the config (needed for #1966)
++ * Use unsigned int (and T_CONFIG_INT) for max_request_size
++ * Use unsigned int for secdownload.timeout (fixes #1966)
++ * Keep url/host values from connection to display information while keep-alive in mod_status (fixes #1202)
++ * Add server.breakagelog, a "special" stderr (fixes #1863)
++ * Fix config evaluation for debug.log-timeouts option (#1529)
++ * Add "cgi.execute-x-only" to mod_cgi, requires +x for cgi scripts (fixes #2013)
++ * Fix FD_SETSIZE comparision warnings
++ * Add "lua-5.1" to searched pkg-config names for lua
++ * Fix unused function webdav_lockdiscovery in mod_webdav
++ * cmake: Fix crypt lib check
++ * cmake: Add -export-dynamic to link flags, fixes build on FreeBSD
++ * Set FD_CLOEXEC for bound sockets before pipe-logger forks (fixes #2026)
++ * Reset ignored signals to SIG_DFL before exec() in fastcgi/scgi (fixes #2029)
++ * Show "no uri specified -> 400" error only when "debug.log-request-header-on-error" is enabled (fixes #2030)
++ * Fix hanging connection in mod_scgi (fixes #2024)
++ * Allow digits in hostnames in more places (fixes #1148)
++ * Use connection_reset instead of handle_request_done for cleanup callbacks
++ * Change mod_expire to append Cache-Control instead of overwriting it (fixes #1997)
++ * Allow all comparisons for $SERVER["socket"] - only bind for "=="
++ * Remove strptime failed message (fixes #2031)
++ * Fix issues found with clang analyzer
++ * Try to fix server.tag issue with localized svnversion
++ * Fix handling network-write return values (#2024)
++ * Use disable-time in fastcgi for all disables after errors, default is 1sec (fixes #2040)
++ * Remove adaptive spawning code from fastcgi (was disabled for a long time)
++ * Allow mod_mysql_vhost to use stored procedures (fixes #2011, thx Ben Brown)
++ * Fix ipv6 in mod_proxy (fixes #2043)
++ * Print errors from include_shell to stderr
++ * Set tm.tm_isdst = 0 before mktime() (fixes #2047)
++ * Use linux-epoll by default if available (fixes #2021, thx Olaf van der Spek)
++ * Print an error if you use too many captures in a regex pattern (fixes #2059)
++ * Combine Cache-Control header value in mod_expire to existing HTTP header if header already added by other modules (fixes #2068)
+
-+ * added static-file.etags, etag.use-inode, etag.use-mtime, etag.use-size
-+ to customize the generation of ETags for static files. (#1209)
-+ (patch by <Yusufg@gmail.com>)
-+ * fixed typecast of NULL on execl() (#1235)
-+ (patch by F. Denis)
-+ * fixed circumventing url.access-deny by trailing slash (#1230)
-+ * fixed crash on duplicate headers with trailing WS (#1232)
-+ * fixed accepting more connections then requested (#1216)
-+ * fixed mem-leak in mod_auth (reported by Stefan Esser)
-+ * fixed crash with md5-sess and cnonce not set in mod_auth (reported by Stefan Esser)
-+ * fixed missing check for base64 encoded string in mod_auth and Basic auth
-+ (reported by Stefan Esser)
-+ * fixed possible crash in Auth-Digest header parser on trailing WS in
-+ mod_auth (reported by Stefan Esser)
-+ * fixed check on stale errno values, which broke handling of broken fastcgi
-+ applications. (#1245)
-+
- - 1.4.15 - 2007-04-13
-
-- * fixed broken Set-Cookie headers
-+ * fixed broken Set-Cookie headers
-
- - 1.4.14 - 2007-04-13
-
-@@ -29,7 +48,7 @@
- * fix cpu hog in certain requests [1473] CVE-2007-1869
- * fix for handling hostnames with trailing dot [1406]
- * fixed header-injection via server.tag (#1106)
-- * disabled caching of files without a content-type to solve the
-+ * disabled caching of files without a content-type to solve the
- aggressive caching of FF
- * remove trailing white-spaces from HTTP-requests before parsing (#1098)
- * fixed accesslog.use-syslog in a conditional and the caching of the
-@@ -42,7 +61,7 @@
- * fixed crash on url.redirect and url.rewrite if %0 is used in a global context
- (#800)
- * fixed possible crash in debug-message in mod_extforward
-- * fixed compilation of mod_extforward on glibc < 2.3.4
-+ * fixed compilation of mod_extforward on glibc < 2.3.4
- * fixed include of empty in the configfiles (#1076)
- * send SIGUSR1 to fastcgi children before SIGTERM. libfcgi wants SIGUSR1. (#737)
- * fixed missing AUTH_TYPE entry in the fastcgi environment. (#889)
-@@ -54,16 +73,16 @@
- * added initgroups in spawn-fcgi (#871)
- * added apr1 support htpasswd in mod-auth (#870)
- * added lighty.stat() to mod_magnet
-- * fixed segfault in splitted CRLF CRLF sequences
-+ * fixed segfault in splitted CRLF CRLF sequences
- (introduced in 1.4.12) (#876)
- * fixed compilation of LOCK support in mod-webdav
- * fixed fragments in request-URLs (#869)
- * fixed pkg-config check for lua5.1 on debian
-- * fixed Content-Length = 0 on HEAD requests without
-+ * fixed Content-Length = 0 on HEAD requests without
- a known Content-Length (#119)
- * fixed mkdir() forcing 0700 (#884)
- * fixed writev() on FreeBSD 4.x and older (#875)
-- * removed warning about a 404-error-handler
-+ * removed warning about a 404-error-handler
- returned 404
- * backported and fixed the buildsystem changes for
- webdav locks
++- 1.4.23 - 2009-06-19
+ * Added some extra warning options in cmake and fix the resulting warnings (unused/static functions)
+ * New lighttpd man page (moved it to section 8) (fixes #1875)
+ * Create rrd file for empty rrdfile in mod_rrdtool (#1788)
+Index: CMakeLists.txt
+===================================================================
projects / packages / lighttpd.git / blobdiff