Index: cmake/LighttpdMacros.cmake =================================================================== --- cmake/LighttpdMacros.cmake (.../tags/lighttpd-1.4.20) (revision 0) +++ cmake/LighttpdMacros.cmake (.../branches/lighttpd-1.4.x) (revision 2389) @@ -0,0 +1,43 @@ +## our modules are without the "lib" prefix + +MACRO(ADD_AND_INSTALL_LIBRARY LIBNAME SRCFILES) + IF(BUILD_STATIC) + ADD_LIBRARY(${LIBNAME} STATIC ${SRCFILES}) + TARGET_LINK_LIBRARIES(lighttpd ${LIBNAME}) + ELSE(BUILD_STATIC) + ADD_LIBRARY(${LIBNAME} SHARED ${SRCFILES}) + SET(L_INSTALL_TARGETS ${L_INSTALL_TARGETS} ${LIBNAME}) + ## Windows likes to link it this way back to app! + IF(WIN32) + SET_TARGET_PROPERTIES(${LIBNAME} PROPERTIES LINK_FLAGS lighttpd.lib) + ENDIF(WIN32) + + IF(APPLE) + SET_TARGET_PROPERTIES(${LIBNAME} PROPERTIES LINK_FLAGS "-flat_namespace -undefined suppress") + ENDIF(APPLE) + ENDIF(BUILD_STATIC) +ENDMACRO(ADD_AND_INSTALL_LIBRARY) + +MACRO(LEMON_PARSER SRCFILE) + GET_FILENAME_COMPONENT(SRCBASE ${SRCFILE} NAME_WE) + ADD_CUSTOM_COMMAND(OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/${SRCBASE}.c ${CMAKE_CURRENT_BINARY_DIR}/${SRCBASE}.h + COMMAND ${CMAKE_BINARY_DIR}/build/lemon + ARGS -q ${CMAKE_CURRENT_SOURCE_DIR}/${SRCFILE} ${CMAKE_SOURCE_DIR}/src/lempar.c + DEPENDS ${CMAKE_BINARY_DIR}/build/lemon ${CMAKE_CURRENT_SOURCE_DIR}/${SRCFILE} ${CMAKE_SOURCE_DIR}/src/lempar.c + COMMENT "Generating ${SRCBASE}.c from ${SRCFILE}" +) +ENDMACRO(LEMON_PARSER) + +MACRO(ADD_TARGET_PROPERTIES _target _name) + SET(_properties) + FOREACH(_prop ${ARGN}) + SET(_properties "${_properties} ${_prop}") + ENDFOREACH(_prop) + GET_TARGET_PROPERTY(_old_properties ${_target} ${_name}) + MESSAGE("adding property to ${_target} ${_name}:" ${_properties}) + IF(NOT _old_properties) + # in case it's NOTFOUND + SET(_old_properties) + ENDIF(NOT _old_properties) + SET_TARGET_PROPERTIES(${_target} PROPERTIES ${_name} "${_old_properties} ${_properties}") +ENDMACRO(ADD_TARGET_PROPERTIES) Index: configure.in =================================================================== Index: src/configfile-glue.c =================================================================== --- src/configfile-glue.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/configfile-glue.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -1,4 +1,5 @@ #include +#include #include "base.h" #include "buffer.h" @@ -90,6 +91,22 @@ case TYPE_STRING: { data_string *ds = (data_string *)du; + /* If the value came from an environment variable, then it is a + * data_string, although it may contain a number in ASCII + * decimal format. We try to interpret the string as a decimal + * short before giving up, in order to support setting numeric + * values with environment variables (eg, port number). + */ + if (ds->value->ptr && *ds->value->ptr) { + char *e; + long l = strtol(ds->value->ptr, &e, 10); + if (e != ds->value->ptr && !*e && l >=0 && l <= 65535) { + *((unsigned short *)(cv[i].destination)) = l; + break; + + } + } + log_error_write(srv, __FILE__, __LINE__, "ssb", "got a string but expected a short:", cv[i].key, ds->value); return -1; Index: src/mod_cgi.c =================================================================== --- src/mod_cgi.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/mod_cgi.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -822,15 +822,27 @@ ); cgi_env_add(&env, CONST_STR_LEN("SERVER_PORT"), buf, strlen(buf)); + switch (srv_sock->addr.plain.sa_family) { #ifdef HAVE_IPV6 - s = inet_ntop(srv_sock->addr.plain.sa_family, - srv_sock->addr.plain.sa_family == AF_INET6 ? - (const void *) &(srv_sock->addr.ipv6.sin6_addr) : - (const void *) &(srv_sock->addr.ipv4.sin_addr), - b2, sizeof(b2)-1); + case AF_INET6: + s = inet_ntop(srv_sock->addr.plain.sa_family, + (const void *) &(srv_sock->addr.ipv6.sin6_addr), + b2, sizeof(b2)-1); + break; + case AF_INET: + s = inet_ntop(srv_sock->addr.plain.sa_family, + (const void *) &(srv_sock->addr.ipv4.sin_addr), + b2, sizeof(b2)-1); + break; #else - s = inet_ntoa(srv_sock->addr.ipv4.sin_addr); + case AF_INET: + s = inet_ntoa(srv_sock->addr.ipv4.sin_addr); + break; #endif + default: + s = ""; + break; + } cgi_env_add(&env, CONST_STR_LEN("SERVER_ADDR"), s, strlen(s)); s = get_http_method_name(con->request.http_method); @@ -848,15 +860,27 @@ } + switch (con->dst_addr.plain.sa_family) { #ifdef HAVE_IPV6 - s = inet_ntop(con->dst_addr.plain.sa_family, - con->dst_addr.plain.sa_family == AF_INET6 ? - (const void *) &(con->dst_addr.ipv6.sin6_addr) : - (const void *) &(con->dst_addr.ipv4.sin_addr), - b2, sizeof(b2)-1); + case AF_INET6: + s = inet_ntop(con->dst_addr.plain.sa_family, + (const void *) &(con->dst_addr.ipv6.sin6_addr), + b2, sizeof(b2)-1); + break; + case AF_INET: + s = inet_ntop(con->dst_addr.plain.sa_family, + (const void *) &(con->dst_addr.ipv4.sin_addr), + b2, sizeof(b2)-1); + break; #else - s = inet_ntoa(con->dst_addr.ipv4.sin_addr); + case AF_INET: + s = inet_ntoa(con->dst_addr.ipv4.sin_addr); + break; #endif + default: + s = ""; + break; + } cgi_env_add(&env, CONST_STR_LEN("REMOTE_ADDR"), s, strlen(s)); LI_ltostr(buf, Index: src/base.h =================================================================== --- src/base.h (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/base.h (.../branches/lighttpd-1.4.x) (revision 2389) @@ -497,6 +497,7 @@ #endif } stat_cache_engine; unsigned short enable_cores; + unsigned short reject_expect_100_with_417; } server_config; typedef struct { Index: src/mod_rewrite.c =================================================================== --- src/mod_rewrite.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/mod_rewrite.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -350,11 +350,7 @@ if (!p->conf.rewrite) return HANDLER_GO_ON; - buffer_copy_string_buffer(p->match_buf, con->uri.path); - if (con->uri.query->used > 0) { - buffer_append_string_len(p->match_buf, CONST_STR_LEN("?")); - buffer_append_string_buffer(p->match_buf, con->uri.query); - } + buffer_copy_string_buffer(p->match_buf, con->request.uri); for (i = 0; i < p->conf.rewrite->used; i++) { pcre *match; Index: src/connections.c =================================================================== --- src/connections.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/connections.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -330,15 +330,13 @@ buffer_prepare_copy(b, 4 * 1024); len = recv(con->fd, b->ptr, b->size - 1, 0); #else - if (ioctl(con->fd, FIONREAD, &toread)) { - log_error_write(srv, __FILE__, __LINE__, "sd", - "unexpected end-of-file:", - con->fd); - return -1; + if (ioctl(con->fd, FIONREAD, &toread) || toread == 0) { + b = chunkqueue_get_append_buffer(con->read_queue); + buffer_prepare_copy(b, 4 * 1024); + } else { + b = chunkqueue_get_append_buffer(con->read_queue); + buffer_prepare_copy(b, toread + 1); } - b = chunkqueue_get_append_buffer(con->read_queue); - buffer_prepare_copy(b, toread + 1); - len = read(con->fd, b->ptr, b->size - 1); #endif @@ -1066,6 +1064,9 @@ if (dst_c->file.fd == -1) { /* this should not happen as we cache the fd, but you never know */ dst_c->file.fd = open(dst_c->file.name->ptr, O_WRONLY | O_APPEND); +#ifdef FD_CLOEXEC + fcntl(dst_c->file.fd, F_SETFD, FD_CLOEXEC); +#endif } } else { /* the chunk is too large now, close it */ Index: src/mod_alias.c =================================================================== --- src/mod_alias.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/mod_alias.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -103,9 +103,8 @@ } /* ok, they have same prefix. check position */ if (a->sorted[j] < a->sorted[k]) { - fprintf(stderr, "url.alias: `%s' will never match as `%s' matched first\n", - key->ptr, - prefix->ptr); + log_error_write(srv, __FILE__, __LINE__, "SBSBS", + "url.alias: `", key, "' will never match as `", prefix, "' matched first"); return HANDLER_ERROR; } } Index: src/configfile.c =================================================================== --- src/configfile.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/configfile.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -94,6 +94,7 @@ { "etag.use-inode", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 49 */ { "etag.use-mtime", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 50 */ { "etag.use-size", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 51 */ + { "server.reject-expect-100-with-417", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 52 */ { "server.host", "use server.bind instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET }, { "server.docroot", "use server.document-root instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET }, { "server.virtual-root", "load mod_simple_vhost and use simple-vhost.server-root instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET }, @@ -135,6 +136,7 @@ cv[43].destination = &(srv->srvconf.max_conns); cv[12].destination = &(srv->srvconf.max_request_size); + cv[52].destination = &(srv->srvconf.reject_expect_100_with_417); srv->config_storage = calloc(1, srv->config_context->used * sizeof(specific_config *)); assert(srv->config_storage); @@ -159,7 +161,7 @@ s->max_write_idle = 360; s->use_xattr = 0; s->is_ssl = 0; - s->ssl_use_sslv2 = 1; + s->ssl_use_sslv2 = 0; s->use_ipv6 = 0; #ifdef HAVE_LSTAT s->follow_symlink = 1; @@ -940,7 +942,6 @@ } int config_parse_cmd(server *srv, config_t *context, const char *cmd) { - proc_handler_t proc; tokenizer_t t; int ret; buffer *source; @@ -960,7 +961,7 @@ chdir(context->basedir->ptr); } - if (0 != proc_open_buffer(&proc, cmd, NULL, out, NULL)) { + if (0 != proc_open_buffer(cmd, NULL, out, NULL)) { log_error_write(srv, __FILE__, __LINE__, "sbss", "opening", source, "failed:", strerror(errno)); ret = -1; Index: src/mod_trigger_b4_dl.c =================================================================== --- src/mod_trigger_b4_dl.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/mod_trigger_b4_dl.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -1,5 +1,6 @@ #include #include +#include #include #include "base.h" @@ -180,6 +181,9 @@ "gdbm-open failed"); return HANDLER_ERROR; } +#ifdef FD_CLOEXEC + fcntl(gdbm_fdesc(s->db), F_SETFD, FD_CLOEXEC); +#endif } #endif #if defined(HAVE_PCRE_H) Index: src/mod_mysql_vhost.c =================================================================== --- src/mod_mysql_vhost.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/mod_mysql_vhost.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -245,7 +245,6 @@ if (!(buffer_is_empty(s->myuser) || buffer_is_empty(s->mydb))) { my_bool reconnect = 1; - int fd; if (NULL == (s->mysql = mysql_init(NULL))) { log_error_write(srv, __FILE__, __LINE__, "s", "mysql_init() failed, exiting..."); @@ -267,19 +266,27 @@ return HANDLER_ERROR; } #undef FOO + +#if 0 /* set close_on_exec for mysql the hard way */ /* Note: this only works as it is done during startup, */ /* otherwise we cannot be sure that mysql is fd i-1 */ - if (-1 == (fd = open("/dev/null", 0))) { + { int fd; + if (-1 != (fd = open("/dev/null", 0))) { close(fd); +#ifdef FD_CLOEXEC fcntl(fd-1, F_SETFD, FD_CLOEXEC); - } +#endif + } } +#else +#ifdef FD_CLOEXEC + fcntl(s->mysql->net.fd, F_SETFD, FD_CLOEXEC); +#endif +#endif } } - - - return HANDLER_GO_ON; + return HANDLER_GO_ON; } #define PATCH(x) \ Index: src/request.c =================================================================== --- src/request.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/request.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -894,11 +894,12 @@ * */ - con->http_status = 417; - con->keep_alive = 0; - - array_insert_unique(con->request.headers, (data_unset *)ds); - return 0; + if (srv->srvconf.reject_expect_100_with_417 && 0 == buffer_caseless_compare(CONST_BUF_LEN(ds->value), CONST_STR_LEN("100-continue"))) { + con->http_status = 417; + con->keep_alive = 0; + array_insert_unique(con->request.headers, (data_unset *)ds); + return 0; + } } else if (cmp > 0 && 0 == (cmp = buffer_caseless_compare(CONST_BUF_LEN(ds->key), CONST_STR_LEN("Host")))) { if (!con->request.http_host) { con->request.http_host = ds->value; Index: src/inet_ntop_cache.c =================================================================== --- src/inet_ntop_cache.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/inet_ntop_cache.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -11,7 +11,7 @@ #ifdef HAVE_IPV6 size_t ndx = 0, i; for (i = 0; i < INET_NTOP_CACHE_MAX; i++) { - if (srv->inet_ntop_cache[i].ts != 0) { + if (srv->inet_ntop_cache[i].ts != 0 && srv->inet_ntop_cache[i].family == addr->plain.sa_family) { if (srv->inet_ntop_cache[i].family == AF_INET6 && 0 == memcmp(srv->inet_ntop_cache[i].addr.ipv6.s6_addr, addr->ipv6.sin6_addr.s6_addr, 16)) { /* IPv6 found in cache */ Index: src/mod_rrdtool.c =================================================================== --- src/mod_rrdtool.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/mod_rrdtool.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -179,6 +179,11 @@ p->read_fd = from_rrdtool_fds[0]; p->rrdtool_pid = pid; +#ifdef FD_CLOEXEC + fcntl(p->write_fd, F_SETFD, FD_CLOEXEC); + fcntl(p->read_fd, F_SETFD, FD_CLOEXEC); +#endif + break; } } Index: src/response.c =================================================================== --- src/response.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/response.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -44,16 +44,15 @@ buffer_append_string(b, get_http_status_name(con->http_status)); if (con->request.http_version != HTTP_VERSION_1_1 || con->keep_alive == 0) { - buffer_append_string_len(b, CONST_STR_LEN("\r\nConnection: ")); if (con->keep_alive) { - buffer_append_string_len(b, CONST_STR_LEN("keep-alive")); + response_header_overwrite(srv, con, CONST_STR_LEN("Connection"), CONST_STR_LEN("keep-alive")); } else { - buffer_append_string_len(b, CONST_STR_LEN("close")); + response_header_overwrite(srv, con, CONST_STR_LEN("Connection"), CONST_STR_LEN("close")); } } if (con->response.transfer_encoding & HTTP_TRANSFER_ENCODING_CHUNKED) { - buffer_append_string_len(b, CONST_STR_LEN("\r\nTransfer-Encoding: chunked")); + response_header_overwrite(srv, con, CONST_STR_LEN("Transfer-Encoding"), CONST_STR_LEN("chunked")); } @@ -233,6 +232,27 @@ } + /** + * + * call plugins + * + * - based on the raw URL + * + */ + + switch(r = plugins_call_handle_uri_raw(srv, con)) { + case HANDLER_GO_ON: + break; + case HANDLER_FINISHED: + case HANDLER_COMEBACK: + case HANDLER_WAIT_FOR_EVENT: + case HANDLER_ERROR: + return r; + default: + log_error_write(srv, __FILE__, __LINE__, "sd", "handle_uri_raw: unknown return value", r); + break; + } + /* build filename * * - decode url-encodings (e.g. %20 -> ' ') @@ -240,6 +260,7 @@ */ + if (con->request.http_method == HTTP_METHOD_OPTIONS && con->uri.path_raw->ptr[0] == '*' && con->uri.path_raw->ptr[1] == '\0') { /* OPTIONS * ... */ @@ -255,32 +276,10 @@ log_error_write(srv, __FILE__, __LINE__, "sb", "URI-path : ", con->uri.path); } - /** * * call plugins * - * - based on the raw URL - * - */ - - switch(r = plugins_call_handle_uri_raw(srv, con)) { - case HANDLER_GO_ON: - break; - case HANDLER_FINISHED: - case HANDLER_COMEBACK: - case HANDLER_WAIT_FOR_EVENT: - case HANDLER_ERROR: - return r; - default: - log_error_write(srv, __FILE__, __LINE__, "sd", "handle_uri_raw: unknown return value", r); - break; - } - - /** - * - * call plugins - * * - based on the clean URL * */ Index: src/buffer.c =================================================================== --- src/buffer.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/buffer.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -159,7 +159,7 @@ if (!src) return -1; if (src->used == 0) { - b->used = 0; + buffer_reset(b); return 0; } return buffer_copy_string_len(b, src->ptr, src->used - 1); @@ -187,6 +187,7 @@ if (!s || !b) return -1; s_len = strlen(s); + if (s_len > maxlen) s_len = maxlen; buffer_prepare_append(b, maxlen + 1); if (b->used == 0) b->used++; Index: src/mod_simple_vhost.c =================================================================== --- src/mod_simple_vhost.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/mod_simple_vhost.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -249,6 +249,8 @@ return HANDLER_GO_ON; } else { buffer_copy_string_buffer(con->server_name, p->conf.default_host); + /* do not cache default host */ + return HANDLER_GO_ON; } } else { buffer_copy_string_buffer(con->server_name, con->uri.authority); Index: src/mod_proxy.c =================================================================== --- src/mod_proxy.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/mod_proxy.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -454,6 +454,7 @@ if (ds->value->used && ds->key->used) { if (buffer_is_equal_string(ds->key, CONST_STR_LEN("Connection"))) continue; + if (buffer_is_equal_string(ds->key, CONST_STR_LEN("Proxy-Connection"))) continue; buffer_append_string_buffer(b, ds->key); buffer_append_string_len(b, CONST_STR_LEN(": ")); @@ -652,7 +653,7 @@ buffer_prepare_append(hctx->response, b + 1); hctx->response->used = 1; } else { - buffer_prepare_append(hctx->response, hctx->response->used + b); + buffer_prepare_append(hctx->response, b); } if (-1 == (r = read(hctx->fd, hctx->response->ptr + hctx->response->used - 1, b))) { @@ -1198,7 +1199,8 @@ host = (data_proxy *)extension->value->data[0]; /* Use last_used_ndx from first host in list */ - k = ndx = host->last_used_ndx; + k = host->last_used_ndx; + ndx = k + 1; /* use next host after the last one */ if (ndx < 0) ndx = 0; /* Search first active host after last_used_ndx */ Index: src/config.h.cmake =================================================================== --- src/config.h.cmake (.../tags/lighttpd-1.4.20) (revision 0) +++ src/config.h.cmake (.../branches/lighttpd-1.4.x) (revision 2389) @@ -0,0 +1,157 @@ +/* + CMake autogenerated config.h file. Do not edit! +*/ + +/* Package details */ +#define LIGHTTPD_VERSION_ID ${LIGHTTPD_VERSION_ID} +#define PACKAGE_NAME "${PACKAGE_NAME}" +#define PACKAGE_VERSION "${PACKAGE_VERSION}" +#define PACKAGE_BUILD_DATE "${PACKAGE_BUILD_DATE}" +#define LIBRARY_DIR "${LIGHTTPD_LIBRARY_DIR}" + +/* System */ +#cmakedefine HAVE_SYS_DEVPOLL_H +#cmakedefine HAVE_SYS_EPOLL_H +#cmakedefine HAVE_SYS_EVENT_H +#cmakedefine HAVE_SYS_MMAN_H +#cmakedefine HAVE_SYS_POLL_H +#cmakedefine HAVE_SYS_PORT_H +#cmakedefine HAVE_SYS_PRCTL_H +#cmakedefine HAVE_SYS_RESOURCE_H +#cmakedefine HAVE_SYS_SENDFILE_H +#cmakedefine HAVE_SYS_SELECT_H +#cmakedefine HAVE_SYS_SYSLIMITS_H +#cmakedefine HAVE_SYS_TYPES_H +#cmakedefine HAVE_SYS_UIO_H +#cmakedefine HAVE_SYS_UN_H +#cmakedefine HAVE_SYS_WAIT_H +#cmakedefine HAVE_SYS_TIME_H +#cmakedefine HAVE_UNISTD_H +#cmakedefine HAVE_PTHREAD_H +#cmakedefine HAVE_INET_ATON +#cmakedefine HAVE_IPV6 + +/* XATTR */ +#cmakedefine HAVE_ATTR_ATTRIBUTES_H +#cmakedefine HAVE_XATTR + +/* mySQL */ +#cmakedefine HAVE_MYSQL_H +#cmakedefine HAVE_MYSQL + +/* OpenSSL */ +#cmakedefine HAVE_OPENSSL_SSL_H +#cmakedefine HAVE_LIBCRYPTO +#cmakedefine OPENSSL_NO_KRB5 +#cmakedefine HAVE_LIBSSL + +/* BZip */ +#cmakedefine HAVE_BZLIB_H +#cmakedefine HAVE_LIBBZ2 + +/* FAM */ +#cmakedefine HAVE_FAM_H +#cmakedefine HAVE_FAMNOEXISTS + +/* getopt */ +#cmakedefine HAVE_GETOPT_H + +#cmakedefine HAVE_INTTYPES_H + +/* LDAP */ +#cmakedefine HAVE_LDAP_H +#cmakedefine HAVE_LIBLDAP +#cmakedefine HAVE_LBER_H +#cmakedefine HAVE_LIBLBER +#cmakedefine LDAP_DEPRECATED 1 + +/* XML */ +#cmakedefine HAVE_LIBXML_H +#cmakedefine HAVE_LIBXML + +/* PCRE */ +#cmakedefine HAVE_PCRE_H +#cmakedefine HAVE_LIBPCRE + +#cmakedefine HAVE_POLL_H +#cmakedefine HAVE_PWD_H + +/* sqlite3 */ +#cmakedefine HAVE_SQLITE3_H +#cmakedefine HAVE_LIBPCRE + +#cmakedefine HAVE_STDDEF_H +#cmakedefine HAVE_STDINT_H +#cmakedefine HAVE_SYSLOG_H + +/* UUID */ +#cmakedefine HAVE_UUID_UUID_H +#cmakedefine HAVE_LIBUUID + +/* ZLIB */ +#cmakedefine HAVE_ZLIB_H +#cmakedefine HAVE_LIBZ + +/* lua */ +#cmakedefine HAVE_LUA_H +#cmakedefine HAVE_LIBLUA + +/* gdbm */ +#cmakedefine HAVE_GDBM_H +#cmakedefine HAVE_GDBM + +/* memcache */ +#cmakedefine HAVE_MEMCACHE_H + +/* inotify */ +#cmakedefine HAVE_INOTIFY_INIT +#cmakedefine HAVE_SYS_INOTIFY_H + +/* Types */ +#cmakedefine HAVE_SOCKLEN_T +#cmakedefine SIZEOF_LONG ${SIZEOF_LONG} +#cmakedefine SIZEOF_OFF_T ${SIZEOF_OFF_T} + +/* Functions */ +#cmakedefine HAVE_CHROOT +#cmakedefine HAVE_CRYPT +#cmakedefine HAVE_EPOLL_CTL +#cmakedefine HAVE_FORK +#cmakedefine HAVE_GETRLIMIT +#cmakedefine HAVE_GETUID +#cmakedefine HAVE_GMTIME_R +#cmakedefine HAVE_INET_NTOP +#cmakedefine HAVE_KQUEUE +#cmakedefine HAVE_LOCALTIME_R +#cmakedefine HAVE_LSTAT +#cmakedefine HAVE_MADVISE +#cmakedefine HAVE_MEMCPY +#cmakedefine HAVE_MEMSET +#cmakedefine HAVE_MMAP +#cmakedefine HAVE_PATHCONF +#cmakedefine HAVE_POLL +#cmakedefine HAVE_PORT_CREATE +#cmakedefine HAVE_PRCTL +#cmakedefine HAVE_PREAD +#cmakedefine HAVE_POSIX_FADVISE +#cmakedefine HAVE_SELECT +#cmakedefine HAVE_SENDFILE +#cmakedefine HAVE_SEND_FILE +#cmakedefine HAVE_SENDFILE64 +#cmakedefine HAVE_SENDFILEV +#cmakedefine HAVE_SIGACTION +#cmakedefine HAVE_SIGNAL +#cmakedefine HAVE_SIGTIMEDWAIT +#cmakedefine HAVE_STRPTIME +#cmakedefine HAVE_SYSLOG +#cmakedefine HAVE_WRITEV + +/* libcrypt */ +#cmakedefine HAVE_CRYPT_H +#cmakedefine HAVE_LIBCRYPT + +/* fastcgi */ +#cmakedefine HAVE_FASTCGI_H +#cmakedefine HAVE_FASTCGI_FASTCGI_H + +#cmakedefine LIGHTTPD_STATIC Index: src/network_freebsd_sendfile.c =================================================================== --- src/network_freebsd_sendfile.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/network_freebsd_sendfile.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -167,6 +167,7 @@ switch(errno) { case EAGAIN: case EINTR: + r = 0; /* try again later */ break; case ENOTCONN: return -2; @@ -174,10 +175,7 @@ log_error_write(srv, __FILE__, __LINE__, "ssd", "sendfile: ", strerror(errno), errno); return -1; } - } - - if (r == 0 && (errno != EAGAIN && errno != EINTR)) { - int oerrno = errno; + } else if (r == 0) { /* We got an event to write but we wrote nothing * * - the file shrinked -> error @@ -190,12 +188,9 @@ if (offset >= sce->st.st_size) { /* file shrinked, close the connection */ - errno = oerrno; - return -1; } - errno = oerrno; return -2; } Index: src/http_auth.c =================================================================== --- src/http_auth.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/http_auth.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -57,22 +57,25 @@ static const char base64_pad = '='; +/* "A-Z a-z 0-9 + /" maps to 0-63 */ static const short base64_reverse_table[256] = { - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63, - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, - -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, - 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, - -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, - 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 +/* 0 1 2 3 4 5 6 7 8 9 A B C D E F */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0x00 - 0x0F */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0x10 - 0x1F */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63, /* 0x20 - 0x2F */ + 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, /* 0x30 - 0x3F */ + -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, /* 0x40 - 0x4F */ + 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, /* 0x50 - 0x5F */ + -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, /* 0x60 - 0x6F */ + 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1, /* 0x70 - 0x7F */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0x80 - 0x8F */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0x90 - 0x9F */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0xA0 - 0xAF */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0xB0 - 0xBF */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0xC0 - 0xCF */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0xD0 - 0xDF */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0xE0 - 0xEF */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0xF0 - 0xFF */ }; @@ -697,7 +700,7 @@ } } else if (p->conf.auth_backend == AUTH_BACKEND_LDAP) { #ifdef USE_LDAP - LDAP *ldap = NULL; + LDAP *ldap; LDAPMessage *lm, *first; char *dn; int ret; @@ -742,56 +745,45 @@ buffer_append_string_buffer(p->ldap_filter, username); buffer_append_string_buffer(p->ldap_filter, p->conf.ldap_filter_post); + /* 2. */ - if (p->conf.ldap == NULL || - LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) { - /* try again if ldap was only temporary down */ - if (p->conf.ldap == NULL || ret != LDAP_SERVER_DOWN || LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) { - if (auth_ldap_init(srv, &p->conf) != HANDLER_GO_ON) + if (p->anon_conf->ldap == NULL || + LDAP_SUCCESS != (ret = ldap_search_s(p->anon_conf->ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) { + + /* try again; the ldap library sometimes fails for the first call but reconnects */ + if (p->anon_conf->ldap == NULL || ret != LDAP_SERVER_DOWN || + LDAP_SUCCESS != (ret = ldap_search_s(p->anon_conf->ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) { + + if (auth_ldap_init(srv, p->anon_conf) != HANDLER_GO_ON) return -1; - ldap = p->conf.ldap; /* save temporary ldap connection (TODO: redo ldap) */ - if (LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) { + if (p->anon_conf->ldap == NULL || + LDAP_SUCCESS != (ret = ldap_search_s(p->anon_conf->ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) { log_error_write(srv, __FILE__, __LINE__, "sssb", "ldap:", ldap_err2string(ret), "filter:", p->ldap_filter); - /* destroy temporary ldap connection (TODO: redo ldap) */ - ldap_unbind_s(ldap); return -1; } } } - if (NULL == (first = ldap_first_entry(p->conf.ldap, lm))) { - /* No matching entry is not an error */ - /* log_error_write(srv, __FILE__, __LINE__, "s", "ldap ..."); */ + if (NULL == (first = ldap_first_entry(p->anon_conf->ldap, lm))) { + log_error_write(srv, __FILE__, __LINE__, "s", "ldap ..."); ldap_msgfree(lm); - /* destroy temporary ldap connection (TODO: redo ldap) */ - if (NULL != ldap) { - ldap_unbind_s(ldap); - } return -1; } - if (NULL == (dn = ldap_get_dn(p->conf.ldap, first))) { - log_error_write(srv, __FILE__, __LINE__, "s", "ldap: ldap_get_dn failed"); + if (NULL == (dn = ldap_get_dn(p->anon_conf->ldap, first))) { + log_error_write(srv, __FILE__, __LINE__, "s", "ldap ..."); ldap_msgfree(lm); - /* destroy temporary ldap connection (TODO: redo ldap) */ - if (NULL != ldap) { - ldap_unbind_s(ldap); - } return -1; } ldap_msgfree(lm); - /* destroy temporary ldap connection (TODO: redo ldap) */ - if (NULL != ldap) { - ldap_unbind_s(ldap); - } /* 3. */ if (NULL == (ldap = ldap_init(p->conf.auth_ldap_hostname->ptr, LDAP_PORT))) { Index: src/mod_redirect.c =================================================================== --- src/mod_redirect.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/mod_redirect.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -178,11 +178,7 @@ mod_redirect_patch_connection(srv, con, p); - buffer_copy_string_buffer(p->match_buf, con->uri.path); - if (con->uri.query->used > 0) { - buffer_append_string_len(p->match_buf, CONST_STR_LEN("?")); - buffer_append_string_buffer(p->match_buf, con->uri.query); - } + buffer_copy_string_buffer(p->match_buf, con->request.uri); for (i = 0; i < p->conf.redirect->used; i++) { pcre *match; Index: src/http_auth.h =================================================================== --- src/http_auth.h (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/http_auth.h (.../branches/lighttpd-1.4.x) (revision 2389) @@ -63,7 +63,7 @@ mod_auth_plugin_config **config_storage; - mod_auth_plugin_config conf; /* this is only used as long as no handler_ctx is setup */ + mod_auth_plugin_config conf, *anon_conf; /* this is only used as long as no handler_ctx is setup */ } mod_auth_plugin_data; int http_auth_basic_check(server *srv, connection *con, mod_auth_plugin_data *p, array *req, buffer *url, const char *realm_str); Index: src/mod_webdav.c =================================================================== --- src/mod_webdav.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/mod_webdav.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -1026,6 +1026,8 @@ if (MAP_FAILED == (c->file.mmap.start = mmap(0, c->file.length, PROT_READ, MAP_SHARED, c->file.fd, 0))) { log_error_write(srv, __FILE__, __LINE__, "ssbd", "mmap failed: ", strerror(errno), c->file.name, c->file.fd); + close(c->file.fd); + c->file.fd = -1; return -1; } @@ -1723,6 +1725,8 @@ if (MAP_FAILED == (c->file.mmap.start = mmap(0, c->file.length, PROT_READ, MAP_SHARED, c->file.fd, 0))) { log_error_write(srv, __FILE__, __LINE__, "ssbd", "mmap failed: ", strerror(errno), c->file.name, c->file.fd); + close(c->file.fd); + c->file.fd = -1; return HANDLER_ERROR; } Index: src/mod_compress.c =================================================================== --- src/mod_compress.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/mod_compress.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -49,6 +49,7 @@ buffer *compress_cache_dir; array *compress; off_t compress_max_filesize; /** max filesize in kb */ + int allowed_encodings; } plugin_config; typedef struct { @@ -154,6 +155,7 @@ { "compress.cache-dir", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, { "compress.filetype", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, { "compress.max-filesize", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, + { "compress.allowed-encodings", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET } }; @@ -161,15 +163,18 @@ for (i = 0; i < srv->config_context->used; i++) { plugin_config *s; + array *encodings_arr = array_init(); s = calloc(1, sizeof(plugin_config)); s->compress_cache_dir = buffer_init(); s->compress = array_init(); s->compress_max_filesize = 0; + s->allowed_encodings = 0; cv[0].destination = s->compress_cache_dir; cv[1].destination = s->compress; cv[2].destination = &(s->compress_max_filesize); + cv[3].destination = encodings_arr; /* temp array for allowed encodings list */ p->config_storage[i] = s; @@ -177,6 +182,39 @@ return HANDLER_ERROR; } + if (encodings_arr->used) { + size_t j = 0; + for (j = 0; j < encodings_arr->used; j++) { + data_string *ds = (data_string *)encodings_arr->data[j]; +#ifdef USE_ZLIB + if (NULL != strstr(ds->value->ptr, "gzip")) + s->allowed_encodings |= HTTP_ACCEPT_ENCODING_GZIP; + if (NULL != strstr(ds->value->ptr, "deflate")) + s->allowed_encodings |= HTTP_ACCEPT_ENCODING_DEFLATE; + /* + if (NULL != strstr(ds->value->ptr, "compress")) + s->allowed_encodings |= HTTP_ACCEPT_ENCODING_COMPRESS; + */ +#endif +#ifdef USE_BZ2LIB + if (NULL != strstr(ds->value->ptr, "bzip2")) + s->allowed_encodings |= HTTP_ACCEPT_ENCODING_BZIP2; +#endif + } + } else { + /* default encodings */ + s->allowed_encodings = 0 +#ifdef USE_ZLIB + | HTTP_ACCEPT_ENCODING_GZIP | HTTP_ACCEPT_ENCODING_DEFLATE +#endif +#ifdef USE_BZ2LIB + | HTTP_ACCEPT_ENCODING_BZIP2 +#endif + ; + } + + array_free(encodings_arr); + if (!buffer_is_empty(s->compress_cache_dir)) { struct stat st; mkdir_recursive(s->compress_cache_dir->ptr); @@ -587,6 +625,7 @@ PATCH(compress_cache_dir); PATCH(compress); PATCH(compress_max_filesize); + PATCH(allowed_encodings); /* skip the first, the global context */ for (i = 1; i < srv->config_context->used; i++) { @@ -606,6 +645,8 @@ PATCH(compress); } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("compress.max-filesize"))) { PATCH(compress_max_filesize); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("compress.allowed-encodings"))) { + PATCH(allowed_encodings); } } } @@ -619,6 +660,7 @@ size_t m; off_t max_fsize; stat_cache_entry *sce = NULL; + buffer *mtime = NULL; if (con->mode != DIRECT || con->http_status) return HANDLER_GO_ON; @@ -636,8 +678,30 @@ max_fsize = p->conf.compress_max_filesize; - stat_cache_get_entry(srv, con, con->physical.path, &sce); + if (con->conf.log_request_handling) { + log_error_write(srv, __FILE__, __LINE__, "s", "-- handling file as static file"); + } + if (HANDLER_ERROR == stat_cache_get_entry(srv, con, con->physical.path, &sce)) { + con->http_status = 403; + + log_error_write(srv, __FILE__, __LINE__, "sbsb", + "not a regular file:", con->uri.path, + "->", con->physical.path); + + return HANDLER_FINISHED; + } + + /* we only handle regular files */ +#ifdef HAVE_LSTAT + if ((sce->is_symlink == 1) && !con->conf.follow_symlink) { + return HANDLER_GO_ON; + } +#endif + if (!S_ISREG(sce->st.st_mode)) { + return HANDLER_GO_ON; + } + /* don't compress files that are too large as we need to much time to handle them */ if (max_fsize && (sce->st.st_size >> 10) > max_fsize) return HANDLER_GO_ON; @@ -668,27 +732,21 @@ if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Accept-Encoding"))) { int accept_encoding = 0; char *value = ds->value->ptr; - int srv_encodings = 0; int matched_encodings = 0; /* get client side support encodings */ +#ifdef USE_ZLIB if (NULL != strstr(value, "gzip")) accept_encoding |= HTTP_ACCEPT_ENCODING_GZIP; if (NULL != strstr(value, "deflate")) accept_encoding |= HTTP_ACCEPT_ENCODING_DEFLATE; if (NULL != strstr(value, "compress")) accept_encoding |= HTTP_ACCEPT_ENCODING_COMPRESS; +#endif +#ifdef USE_BZ2LIB if (NULL != strstr(value, "bzip2")) accept_encoding |= HTTP_ACCEPT_ENCODING_BZIP2; +#endif if (NULL != strstr(value, "identity")) accept_encoding |= HTTP_ACCEPT_ENCODING_IDENTITY; - /* get server side supported ones */ -#ifdef USE_BZ2LIB - srv_encodings |= HTTP_ACCEPT_ENCODING_BZIP2; -#endif -#ifdef USE_ZLIB - srv_encodings |= HTTP_ACCEPT_ENCODING_GZIP; - srv_encodings |= HTTP_ACCEPT_ENCODING_DEFLATE; -#endif - /* find matching entries */ - matched_encodings = accept_encoding & srv_encodings; + matched_encodings = accept_encoding & p->conf.allowed_encodings; if (matched_encodings) { const char *dflt_gzip = "gzip"; @@ -698,6 +756,17 @@ const char *compression_name = NULL; int compression_type = 0; + mtime = strftime_cache_get(srv, sce->st.st_mtime); + + /* try matching original etag of uncompressed version */ + etag_mutate(con->physical.etag, sce->etag); + if (HANDLER_FINISHED == http_response_handle_cachable(srv, con, mtime)) { + response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_BUF_LEN(sce->content_type)); + response_header_overwrite(srv, con, CONST_STR_LEN("Last-Modified"), CONST_BUF_LEN(mtime)); + response_header_overwrite(srv, con, CONST_STR_LEN("ETag"), CONST_BUF_LEN(con->physical.etag)); + return HANDLER_FINISHED; + } + /* select best matching encoding */ if (matched_encodings & HTTP_ACCEPT_ENCODING_BZIP2) { compression_type = HTTP_ACCEPT_ENCODING_BZIP2; @@ -710,41 +779,34 @@ compression_name = dflt_deflate; } - /* deflate it */ - if (p->conf.compress_cache_dir->used) { - if (0 == deflate_file_to_file(srv, con, p, - con->physical.path, sce, compression_type)) { - buffer *mtime; + /* try matching etag of compressed version */ + buffer_copy_string_buffer(srv->tmp_buf, sce->etag); + buffer_append_string_len(srv->tmp_buf, CONST_STR_LEN("-")); + buffer_append_string(srv->tmp_buf, compression_name); + etag_mutate(con->physical.etag, srv->tmp_buf); - response_header_overwrite(srv, con, CONST_STR_LEN("Content-Encoding"), compression_name, strlen(compression_name)); - - mtime = strftime_cache_get(srv, sce->st.st_mtime); - response_header_overwrite(srv, con, CONST_STR_LEN("Last-Modified"), CONST_BUF_LEN(mtime)); - - etag_mutate(con->physical.etag, sce->etag); - response_header_overwrite(srv, con, CONST_STR_LEN("ETag"), CONST_BUF_LEN(con->physical.etag)); - - response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_BUF_LEN(sce->content_type)); - - return HANDLER_GO_ON; - } - } else if (0 == deflate_file_to_buffer(srv, con, p, - con->physical.path, sce, compression_type)) { - buffer *mtime; - + if (HANDLER_FINISHED == http_response_handle_cachable(srv, con, mtime)) { response_header_overwrite(srv, con, CONST_STR_LEN("Content-Encoding"), compression_name, strlen(compression_name)); - - mtime = strftime_cache_get(srv, sce->st.st_mtime); + response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_BUF_LEN(sce->content_type)); response_header_overwrite(srv, con, CONST_STR_LEN("Last-Modified"), CONST_BUF_LEN(mtime)); - - etag_mutate(con->physical.etag, sce->etag); response_header_overwrite(srv, con, CONST_STR_LEN("ETag"), CONST_BUF_LEN(con->physical.etag)); - - response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_BUF_LEN(sce->content_type)); - return HANDLER_FINISHED; } - break; + + /* deflate it */ + if (p->conf.compress_cache_dir->used) { + if (0 != deflate_file_to_file(srv, con, p, con->physical.path, sce, compression_type)) + return HANDLER_GO_ON; + } else { + if (0 != deflate_file_to_buffer(srv, con, p, con->physical.path, sce, compression_type)) + return HANDLER_GO_ON; + } + response_header_overwrite(srv, con, CONST_STR_LEN("Content-Encoding"), compression_name, strlen(compression_name)); + response_header_overwrite(srv, con, CONST_STR_LEN("Last-Modified"), CONST_BUF_LEN(mtime)); + response_header_overwrite(srv, con, CONST_STR_LEN("ETag"), CONST_BUF_LEN(con->physical.etag)); + response_header_overwrite(srv, con, CONST_STR_LEN("Content-Type"), CONST_BUF_LEN(sce->content_type)); + /* let mod_staticfile handle the cached compressed files, physical path was modified */ + return p->conf.compress_cache_dir->used ? HANDLER_GO_ON : HANDLER_FINISHED; } } } Index: src/spawn-fcgi.c =================================================================== --- src/spawn-fcgi.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/spawn-fcgi.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -58,7 +58,7 @@ if (unixsocket) { - memset(&fcgi_addr, 0, sizeof(fcgi_addr)); + memset(&fcgi_addr_un, 0, sizeof(fcgi_addr_un)); fcgi_addr_un.sun_family = AF_UNIX; strcpy(fcgi_addr_un.sun_path, unixsocket); @@ -72,12 +72,13 @@ socket_type = AF_UNIX; fcgi_addr = (struct sockaddr *) &fcgi_addr_un; } else { + memset(&fcgi_addr_in, 0, sizeof(fcgi_addr_in)); fcgi_addr_in.sin_family = AF_INET; - if (addr != NULL) { - fcgi_addr_in.sin_addr.s_addr = inet_addr(addr); - } else { - fcgi_addr_in.sin_addr.s_addr = htonl(INADDR_ANY); - } + if (addr != NULL) { + fcgi_addr_in.sin_addr.s_addr = inet_addr(addr); + } else { + fcgi_addr_in.sin_addr.s_addr = htonl(INADDR_ANY); + } fcgi_addr_in.sin_port = htons(port); servlen = sizeof(fcgi_addr_in); Index: src/mod_auth.c =================================================================== --- src/mod_auth.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/mod_auth.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -115,7 +115,7 @@ PATCH(auth_ldap_starttls); PATCH(auth_ldap_allow_empty_pw); #ifdef USE_LDAP - PATCH(ldap); + p->anon_conf = s; PATCH(ldap_filter_pre); PATCH(ldap_filter_post); #endif @@ -149,7 +149,7 @@ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.ldap.hostname"))) { PATCH(auth_ldap_hostname); #ifdef USE_LDAP - PATCH(ldap); + p->anon_conf = s; #endif } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.ldap.base-dn"))) { PATCH(auth_ldap_basedn); @@ -527,7 +527,7 @@ } } - switch(s->auth_backend) { + switch(s->auth_ldap_hostname->used) { case AUTH_BACKEND_LDAP: { handler_t ret = auth_ldap_init(srv, s); if (ret == HANDLER_ERROR) @@ -554,6 +554,9 @@ #endif if (s->auth_ldap_hostname->used) { + /* free old context */ + if (NULL != s->ldap) ldap_unbind_s(s->ldap); + if (NULL == (s->ldap = ldap_init(s->auth_ldap_hostname->ptr, LDAP_PORT))) { log_error_write(srv, __FILE__, __LINE__, "ss", "ldap ...", strerror(errno)); Index: src/http-header-glue.c =================================================================== --- src/http-header-glue.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/http-header-glue.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -280,6 +280,7 @@ strncpy(buf, con->request.http_if_modified_since, used_len); buf[used_len] = '\0'; + tm.tm_isdst = 0; if (NULL == strptime(buf, "%a, %d %b %Y %H:%M:%S GMT", &tm)) { con->http_status = 412; con->mode = DIRECT; @@ -329,6 +330,7 @@ strncpy(buf, con->request.http_if_modified_since, used_len); buf[used_len] = '\0'; + tm.tm_isdst = 0; if (NULL == strptime(buf, "%a, %d %b %Y %H:%M:%S GMT", &tm)) { /** * parsing failed, let's get out of here Index: src/mod_fastcgi.c =================================================================== --- src/mod_fastcgi.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/mod_fastcgi.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -3252,6 +3252,7 @@ fcgi_connection_close(srv, hctx); con->mode = DIRECT; + con->http_status = 0; con->file_started = 1; /* fcgi_extension won't touch the request afterwards */ } else { /* we are done */ @@ -3608,47 +3609,50 @@ "handling it in mod_fastcgi"); } - /* the prefix is the SCRIPT_NAME, - * everything from start to the next slash - * this is important for check-local = "disable" - * - * if prefix = /admin.fcgi - * - * /admin.fcgi/foo/bar - * - * SCRIPT_NAME = /admin.fcgi - * PATH_INFO = /foo/bar - * - * if prefix = /fcgi-bin/ - * - * /fcgi-bin/foo/bar - * - * SCRIPT_NAME = /fcgi-bin/foo - * PATH_INFO = /bar - * - * if prefix = /, and fix-root-path-name is enable - * - * /fcgi-bin/foo/bar - * - * SCRIPT_NAME = /fcgi-bin/foo - * PATH_INFO = /bar - * - */ + /* do not split path info for authorizer */ + if (host->mode != FCGI_AUTHORIZER) { + /* the prefix is the SCRIPT_NAME, + * everything from start to the next slash + * this is important for check-local = "disable" + * + * if prefix = /admin.fcgi + * + * /admin.fcgi/foo/bar + * + * SCRIPT_NAME = /admin.fcgi + * PATH_INFO = /foo/bar + * + * if prefix = /fcgi-bin/ + * + * /fcgi-bin/foo/bar + * + * SCRIPT_NAME = /fcgi-bin/foo + * PATH_INFO = /bar + * + * if prefix = /, and fix-root-path-name is enable + * + * /fcgi-bin/foo/bar + * + * SCRIPT_NAME = /fcgi-bin/foo + * PATH_INFO = /bar + * + */ - /* the rewrite is only done for /prefix/? matches */ - if (extension->key->ptr[0] == '/' && - con->uri.path->used > extension->key->used && - NULL != (pathinfo = strchr(con->uri.path->ptr + extension->key->used - 1, '/'))) { - /* rewrite uri.path and pathinfo */ + /* the rewrite is only done for /prefix/? matches */ + if (extension->key->ptr[0] == '/' && + con->uri.path->used > extension->key->used && + NULL != (pathinfo = strchr(con->uri.path->ptr + extension->key->used - 1, '/'))) { + /* rewrite uri.path and pathinfo */ - buffer_copy_string(con->request.pathinfo, pathinfo); + buffer_copy_string(con->request.pathinfo, pathinfo); - con->uri.path->used -= con->request.pathinfo->used - 1; - con->uri.path->ptr[con->uri.path->used - 1] = '\0'; - } else if (host->fix_root_path_name && extension->key->ptr[0] == '/' && extension->key->ptr[1] == '\0') { - buffer_copy_string(con->request.pathinfo, con->uri.path->ptr); - con->uri.path->used = 1; - con->uri.path->ptr[con->uri.path->used - 1] = '\0'; + con->uri.path->used -= con->request.pathinfo->used - 1; + con->uri.path->ptr[con->uri.path->used - 1] = '\0'; + } else if (host->fix_root_path_name && extension->key->ptr[0] == '/' && extension->key->ptr[1] == '\0') { + buffer_copy_string(con->request.pathinfo, con->uri.path->ptr); + con->uri.path->used = 1; + con->uri.path->ptr[con->uri.path->used - 1] = '\0'; + } } } } else { Index: src/CMakeLists.txt =================================================================== --- src/CMakeLists.txt (.../tags/lighttpd-1.4.20) (revision 0) +++ src/CMakeLists.txt (.../branches/lighttpd-1.4.x) (revision 2389) @@ -0,0 +1,598 @@ +INCLUDE(CheckCSourceCompiles) +INCLUDE(CheckIncludeFiles) +INCLUDE(CheckFunctionExists) +INCLUDE(CheckVariableExists) +INCLUDE(CheckTypeSize) +INCLUDE(CheckLibraryExists) +INCLUDE(CMakeDetermineCCompiler) +INCLUDE(FindThreads) +INCLUDE(FindPkgConfig) + +INCLUDE(LighttpdMacros) + +ADD_DEFINITIONS(-D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGE_FILES) + +OPTION(WITH_XATTR "with xattr-support for the stat-cache [default: off]") +OPTION(WITH_MYSQL "with mysql-support for the mod_sql_vhost [default: off]") +# OPTION(WITH_POSTGRESQL "with postgress-support for the mod_sql_vhost [default: off]") +OPTION(WITH_OPENSSL "with openssl-support [default: off]") +OPTION(WITH_PCRE "with regex support [default: on]" ON) +OPTION(WITH_WEBDAV_PROPS "with property-support for mod_webdav [default: off]") +OPTION(WITH_WEBDAV_LOCKS "locks in webdav [default: off]") +OPTION(WITH_BZIP "with bzip2-support for mod_compress [default: off]") +OPTION(WITH_ZLIB "with deflate-support for mod_compress [default: on]" ON) +OPTION(WITH_LDAP "with LDAP-support for the mod_auth [default: off]") +OPTION(WITH_LUA "with lua 5.1 for mod_magnet [default: off]") +# OPTION(WITH_VALGRIND "with internal support for valgrind [default: off]") +# OPTION(WITH_KERBEROS5 "use Kerberos5 support with OpenSSL [default: off]") +OPTION(WITH_FAM "fam/gamin for reducing number of stat() calls [default: off]") +OPTION(WITH_GDBM "gdbm storage for mod_trigger_b4_dl [default: off]") +OPTION(WITH_MEMCACHE "memcached storage for mod_trigger_b4_dl [default: off]") + +OPTION(BUILD_STATIC "build a static lighttpd with all modules added") + +IF(BUILD_STATIC) + SET(LIGHTTPD_STATIC 1) +ELSE(BUILD_STATIC) + SET(CMAKE_SHARED_LIBRARY_PREFIX "") +ENDIF(BUILD_STATIC) + +IF(WITH_WEBDAV_PROPS) + SET(WITH_XML 1) + SET(WITH_SQLITE3 1) + SET(WITH_UUID 1) +ENDIF(WITH_WEBDAV_PROPS) + +CHECK_INCLUDE_FILES(sys/devpoll.h HAVE_SYS_DEVPOLL_H) +CHECK_INCLUDE_FILES(sys/epoll.h HAVE_SYS_EPOLL_H) +CHECK_INCLUDE_FILES(sys/event.h HAVE_SYS_EVENT_H) +CHECK_INCLUDE_FILES(sys/mman.h HAVE_SYS_MMAN_H) +CHECK_INCLUDE_FILES(sys/poll.h HAVE_SYS_POLL_H) +CHECK_INCLUDE_FILES(sys/port.h HAVE_SYS_PORT_H) +CHECK_INCLUDE_FILES(sys/prctl.h HAVE_SYS_PRCTL_H) +CHECK_INCLUDE_FILES(sys/resource.h HAVE_SYS_RESOURCE_H) +CHECK_INCLUDE_FILES(sys/sendfile.h HAVE_SYS_SENDFILE_H) +CHECK_INCLUDE_FILES(sys/select.h HAVE_SYS_SELECT_H) +CHECK_INCLUDE_FILES(sys/syslimits.h HAVE_SYS_SYSLIMITS_H) +CHECK_INCLUDE_FILES(sys/types.h HAVE_SYS_TYPES_H) +CHECK_INCLUDE_FILES(sys/uio.h HAVE_SYS_UIO_H) +CHECK_INCLUDE_FILES(sys/un.h HAVE_SYS_UN_H) +CHECK_INCLUDE_FILES(sys/wait.h HAVE_SYS_WAIT_H) +CHECK_INCLUDE_FILES(sys/time.h HAVE_SYS_TIME_H) +CHECK_INCLUDE_FILES(unistd.h HAVE_UNISTD_H) +CHECK_INCLUDE_FILES(pthread.h HAVE_PTHREAD_H) +CHECK_INCLUDE_FILES(getopt.h HAVE_GETOPT_H) +CHECK_INCLUDE_FILES(inttypes.h HAVE_INTTYPES_H) +CHECK_INCLUDE_FILES(poll.h HAVE_POLL_H) +CHECK_INCLUDE_FILES(pwd.h HAVE_PWD_H) +CHECK_INCLUDE_FILES(stddef.h HAVE_STDDEF_H) +CHECK_INCLUDE_FILES(stdint.h HAVE_STDINT_H) +CHECK_INCLUDE_FILES(syslog.h HAVE_SYSLOG_H) + +# check for fastcgi lib, for the tests only +CHECK_INCLUDE_FILES(fastcgi.h HAVE_FASTCGI_H) +CHECK_INCLUDE_FILES(fastcgi/fastcgi.h HAVE_FASTCGI_FASTCGI_H) + +CHECK_INCLUDE_FILES(crypt.h HAVE_CRYPT_H) +IF(HAVE_CRYPT_H) + ## check if we need libcrypt for crypt() + CHECK_LIBRARY_EXISTS(crypt crypt "" HAVE_LIBCRYPT) +ENDIF(HAVE_CRYPT_H) + +CHECK_INCLUDE_FILES(sys/inotify.h HAVE_SYS_INOTIFY_H) +IF(HAVE_SYS_INOTIFY_H) + CHECK_FUNCTION_EXISTS(inotify_init HAVE_INOTIFY_INIT) +ENDIF(HAVE_SYS_INOTIFY_H) + +SET(CMAKE_EXTRA_INCLUDE_FILES sys/socket.h) +CHECK_TYPE_SIZE(socklen_t HAVE_SOCKLEN_T) +SET(CMAKE_EXTRA_INCLUDE_FILES) + +CHECK_TYPE_SIZE(long SIZEOF_LONG) +CHECK_TYPE_SIZE(off_t SIZEOF_OFF_T) + +CHECK_FUNCTION_EXISTS(chroot HAVE_CHROOT) +CHECK_FUNCTION_EXISTS(crypt HAVE_CRYPT) +CHECK_FUNCTION_EXISTS(epoll_ctl HAVE_EPOLL_CTL) +CHECK_FUNCTION_EXISTS(fork HAVE_FORK) +CHECK_FUNCTION_EXISTS(getrlimit HAVE_GETRLIMIT) +CHECK_FUNCTION_EXISTS(getuid HAVE_GETUID) +CHECK_FUNCTION_EXISTS(gmtime_r HAVE_GMTIME_R) +CHECK_FUNCTION_EXISTS(inet_ntop HAVE_INET_NTOP) +CHECK_FUNCTION_EXISTS(kqueue HAVE_KQUEUE) +CHECK_FUNCTION_EXISTS(localtime_r HAVE_LOCALTIME_R) +CHECK_FUNCTION_EXISTS(lstat HAVE_LSTAT) +CHECK_FUNCTION_EXISTS(madvise HAVE_MADVISE) +CHECK_FUNCTION_EXISTS(memcpy HAVE_MEMCPY) +CHECK_FUNCTION_EXISTS(memset HAVE_MEMSET) +CHECK_FUNCTION_EXISTS(mmap HAVE_MMAP) +CHECK_FUNCTION_EXISTS(pathconf HAVE_PATHCONF) +CHECK_FUNCTION_EXISTS(poll HAVE_POLL) +CHECK_FUNCTION_EXISTS(port_create HAVE_PORT_CREATE) +CHECK_FUNCTION_EXISTS(prctl HAVE_PRCTL) +CHECK_FUNCTION_EXISTS(pread HAVE_PREAD) +CHECK_FUNCTION_EXISTS(posix_fadvise HAVE_POSIX_FADVISE) +CHECK_FUNCTION_EXISTS(select HAVE_SELECT) +CHECK_FUNCTION_EXISTS(sendfile HAVE_SENDFILE) +CHECK_FUNCTION_EXISTS(send_file HAVE_SEND_FILE) +CHECK_FUNCTION_EXISTS(sendfile64 HAVE_SENDFILE64) +CHECK_FUNCTION_EXISTS(sendfilev HAVE_SENDFILEV) +CHECK_FUNCTION_EXISTS(sigaction HAVE_SIGACTION) +CHECK_FUNCTION_EXISTS(signal HAVE_SIGNAL) +CHECK_FUNCTION_EXISTS(sigtimedwait HAVE_SIGTIMEDWAIT) +CHECK_FUNCTION_EXISTS(strptime HAVE_STRPTIME) +CHECK_FUNCTION_EXISTS(syslog HAVE_SYSLOG) +CHECK_FUNCTION_EXISTS(writev HAVE_WRITEV) +CHECK_FUNCTION_EXISTS(inet_aton HAVE_INET_ATON) +CHECK_C_SOURCE_COMPILES(" + #include + #include + #include + + int main() { + struct sockaddr_in6 s; struct in6_addr t=in6addr_any; int i=AF_INET6; s; t.s6_addr[0] = 0; + return 0; + }" HAVE_IPV6) + +## refactor me +MACRO(XCONFIG _package _include_DIR _link_DIR _link_FLAGS _cflags) +# reset the variables at the beginning + SET(${_include_DIR}) + SET(${_link_DIR}) + SET(${_link_FLAGS}) + SET(${_cflags}) + + FIND_PROGRAM(${_package}CONFIG_EXECUTABLE NAMES ${_package} PATHS /usr/local/bin ) + + # if pkg-config has been found + IF(${_package}CONFIG_EXECUTABLE) + SET(XCONFIG_EXECUTABLE "${${_package}CONFIG_EXECUTABLE}") + MESSAGE(STATUS "found ${_package}: ${XCONFIG_EXECUTABLE}") + + EXEC_PROGRAM(${XCONFIG_EXECUTABLE} ARGS --libs OUTPUT_VARIABLE __link_FLAGS) + STRING(REPLACE "\n" "" ${_link_FLAGS} ${__link_FLAGS}) + EXEC_PROGRAM(${XCONFIG_EXECUTABLE} ARGS --cflags OUTPUT_VARIABLE __cflags) + STRING(REPLACE "\n" "" ${_cflags} ${__cflags}) + + ELSE(${_package}CONFIG_EXECUTABLE) + MESSAGE(STATUS "found ${_package}: no") + ENDIF(${_package}CONFIG_EXECUTABLE) +ENDMACRO(XCONFIG _package _include_DIR _link_DIR _link_FLAGS _cflags) + +IF(WITH_XATTR) + CHECK_INCLUDE_FILES(attr/attributes.h HAVE_ATTR_ATTRIBUTES_H) + CHECK_LIBRARY_EXISTS(attr attr_get "" HAVE_XATTR) +ENDIF(WITH_XATTR) + +IF(WITH_MYSQL) + XCONFIG(mysql_config MYSQL_INCDIR MYSQL_LIBDIR MYSQL_LDFLAGS MYSQL_CFLAGS) + + SET(CMAKE_REQUIRED_INCLUDES /usr/include/mysql) + CHECK_INCLUDE_FILES(mysql.h HAVE_MYSQL_H) + SET(CMAKE_REQUIRED_INCLUDES) + IF(HAVE_MYSQL_H) + CHECK_LIBRARY_EXISTS(mysqlclient mysql_real_connect "" HAVE_MYSQL) + ENDIF(HAVE_MYSQL_H) +ENDIF(WITH_MYSQL) + +IF(WITH_OPENSSL) + CHECK_INCLUDE_FILES(openssl/ssl.h HAVE_OPENSSL_SSL_H) + IF(HAVE_OPENSSL_SSL_H) + CHECK_LIBRARY_EXISTS(crypto BIO_f_base64 "" HAVE_LIBCRYPTO) + IF(HAVE_LIBCRYPTO) + SET(OPENSSL_NO_KRB5 1) + CHECK_LIBRARY_EXISTS(ssl SSL_new "" HAVE_LIBSSL) + ENDIF(HAVE_LIBCRYPTO) + ENDIF(HAVE_OPENSSL_SSL_H) +ENDIF(WITH_OPENSSL) + +IF(WITH_PCRE) + ## if we have pcre-config, use it + XCONFIG(pcre-config PCRE_INCDIR PCRE_LIBDIR PCRE_LDFLAGS PCRE_CFLAGS) + IF(PCRE_LDFLAGS OR PCRE_CFLAGS) + MESSAGE(STATUS "found pcre at: LDFLAGS: ${PCRE_LDFLAGS} CFLAGS: ${PCRE_CFLAGS}") + + IF(NOT PCRE_CFLAGS STREQUAL "\n") + ## if it is empty we'll get newline returned + SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${PCRE_CFLAGS}") + ENDIF(NOT PCRE_CFLAGS STREQUAL "\n") + + SET(HAVE_PCRE_H 1) + SET(HAVE_LIBPCRE 1) + ELSE(PCRE_LDFLAGS OR PCRE_CFLAGS) + IF(NOT WIN32) + CHECK_INCLUDE_FILES(pcre.h HAVE_PCRE_H) + CHECK_LIBRARY_EXISTS(pcre pcre_exec "" HAVE_LIBPCRE) + SET(PCRE_LDFLAGS -lpcre) + ELSE(NOT WIN32) + FIND_PATH(PCRE_INCLUDE_DIR pcre.h + /usr/local/include + /usr/include + ) + + SET(PCRE_NAMES pcre) + FIND_LIBRARY(PCRE_LIBRARY + NAMES ${PCRE_NAMES} + PATHS /usr/lib /usr/local/lib + ) + + IF(PCRE_INCLUDE_DIR AND PCRE_LIBRARY) + SET(CMAKE_REQUIRED_INCLUDES ${PCRE_INCLUDE_DIR}) + SET(CMAKE_REQUIRED_LIBRARIES ${PCRE_LIBRARY}) + CHECK_INCLUDE_FILES(pcre.h HAVE_PCRE_H) + CHECK_LIBRARY_EXISTS(pcre pcre_exec "" HAVE_LIBPCRE) + SET(CMAKE_REQUIRED_INCLUDES) + SET(CMAKE_REQUIRED_LIBRARIES) + INCLUDE_DIRECTORIES(${PCRE_INCLUDE_DIR}) + ENDIF(PCRE_INCLUDE_DIR AND PCRE_LIBRARY) + ENDIF(NOT WIN32) + ENDIF(PCRE_LDFLAGS OR PCRE_CFLAGS) + + IF(NOT HAVE_PCRE_H) + MESSAGE(FATAL_ERROR "pcre.h couldn't be found") + ENDIF(NOT HAVE_PCRE_H) + IF(NOT HAVE_LIBPCRE) + MESSAGE(FATAL_ERROR "libpcre couldn't be found") + ENDIF(NOT HAVE_LIBPCRE) + +ENDIF(WITH_PCRE) + + +IF(WITH_XML) + XCONFIG(xml2-config XML2_INCDIR XML2_LIBDIR XML2_LDFLAGS XML2_CFLAGS) + IF(XML2_LDFLAGS OR XML2_CFLAGS) + MESSAGE(STATUS "found xml2 at: LDFLAGS: ${XML2_LDFLAGS} CFLAGS: ${XML2_CFLAGS}") + + ## if it is empty we'll get newline returned + SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${XML2_CFLAGS}") + + CHECK_INCLUDE_FILES(libxml/tree.h HAVE_LIBXML_H) + + SET(CMAKE_REQUIRED_FLAGS ${XML2_LDFLAGS}) + CHECK_LIBRARY_EXISTS(xml2 xmlParseChunk "" HAVE_LIBXML) + SET(CMAKE_REQUIRED_FLAGS) + ELSE(XML2_LDFLAGS OR XML2_CFLAGS) + CHECK_INCLUDE_FILES(libxml.h HAVE_LIBXML_H) + CHECK_LIBRARY_EXISTS(xml2 xmlParseChunk "" HAVE_LIBXML) + ENDIF(XML2_LDFLAGS OR XML2_CFLAGS) + + IF(NOT HAVE_LIBXML_H) + MESSAGE(FATAL_ERROR "libxml/tree.h couldn't be found") + ENDIF(NOT HAVE_LIBXML_H) + IF(NOT HAVE_LIBXML) + MESSAGE(FATAL_ERROR "libxml2 couldn't be found") + ENDIF(NOT HAVE_LIBXML) + +ENDIF(WITH_XML) + +IF(WITH_SQLITE3) + CHECK_INCLUDE_FILES(sqlite3.h HAVE_SQLITE3_H) + CHECK_LIBRARY_EXISTS(sqlite3 sqlite3_reset "" HAVE_SQLITE3) +ENDIF(WITH_SQLITE3) + +IF(WITH_UUID) + CHECK_INCLUDE_FILES(uuid/uuid.h HAVE_UUID_UUID_H) + CHECK_LIBRARY_EXISTS(uuid uuid_generate "" NEED_LIBUUID) + IF(NOT NEED_LIBUUID) + CHECK_FUNCTION_EXISTS(uuid_generate HAVE_LIBUUID) + ELSE(NOT NEED_LIBUUID) + SET(HAVE_LIBUUID 1) + ENDIF(NOT NEED_LIBUUID) +ENDIF(WITH_UUID) + +IF(WITH_ZLIB) + IF(NOT WIN32) + CHECK_INCLUDE_FILES(zlib.h HAVE_ZLIB_H) + CHECK_LIBRARY_EXISTS(z deflate "" HAVE_LIBZ) + SET(ZLIB_LIBRARY z) + ELSE(NOT WIN32) + FIND_PATH(ZLIB_INCLUDE_DIR zlib.h + /usr/local/include + /usr/include + ) + + SET(ZLIB_NAMES z zlib zdll) + FIND_LIBRARY(ZLIB_LIBRARY + NAMES ${ZLIB_NAMES} + PATHS /usr/lib /usr/local/lib + ) + + + IF(ZLIB_INCLUDE_DIR AND ZLIB_LIBRARY) + SET(CMAKE_REQUIRED_INCLUDES ${ZLIB_INCLUDE_DIR}) + SET(CMAKE_REQUIRED_LIBRARIES ${ZLIB_LIBRARY}) + GET_FILENAME_COMPONENT(ZLIB_NAME ${ZLIB_LIBRARY} NAME) + CHECK_INCLUDE_FILES(zlib.h HAVE_ZLIB_H) + CHECK_LIBRARY_EXISTS(${ZLIB_NAME} deflate "" HAVE_LIBZ) + SET(CMAKE_REQUIRED_INCLUDES) + SET(CMAKE_REQUIRED_LIBRARIES) + INCLUDE_DIRECTORIES(${ZLIB_INCLUDE_DIR}) + + ENDIF(ZLIB_INCLUDE_DIR AND ZLIB_LIBRARY) + ENDIF(NOT WIN32) +ENDIF(WITH_ZLIB) + +IF(WITH_BZIP) + CHECK_INCLUDE_FILES(bzlib.h HAVE_BZLIB_H) + CHECK_LIBRARY_EXISTS(bz2 BZ2_bzCompress "" HAVE_LIBBZ2) +ENDIF(WITH_BZIP) + +IF(WITH_LDAP) + CHECK_INCLUDE_FILES(ldap.h HAVE_LDAP_H) + CHECK_LIBRARY_EXISTS(ldap ldap_bind "" HAVE_LIBLDAP) + CHECK_INCLUDE_FILES(lber.h HAVE_LBER_H) + CHECK_LIBRARY_EXISTS(lber ber_printf "" HAVE_LIBLBER) + SET(LDAP_DEPRECATED 1) # Using deprecated ldap api +ENDIF(WITH_LDAP) + +IF(WITH_LUA) + pkg_search_module(LUA REQUIRED lua lua5.1) + MESSAGE(STATUS "found lua at: INCDIR: ${LUA_INCLUDE_DIRS} LIBDIR: ${LUA_LIBRARY_DIRS} LDFLAGS: ${LUA_LDFLAGS} CFLAGS: ${LUA_CFLAGS}") + SET(HAVE_LIBLUA 1 "Have liblua") + SET(HAVE_LUA_H 1 "Have liblua header") +ENDIF(WITH_LUA) + +IF(WITH_FAM) + CHECK_INCLUDE_FILES(fam.h HAVE_FAM_H) + CHECK_LIBRARY_EXISTS(fam FAMOpen2 "" HAVE_LIBFAM) + IF(HAVE_LIBFAM) + SET(CMAKE_REQUIRED_LIBRARIES fam) + CHECK_FUNCTION_EXISTS(FAMNoExists HAVE_FAMNOEXISTS) + ENDIF(HAVE_LIBFAM) +ENDIF(WITH_FAM) + +IF(WITH_GDBM) + CHECK_INCLUDE_FILES(gdbm.h HAVE_GDBM_H) + CHECK_LIBRARY_EXISTS(gdbm gdbm_open "" HAVE_GDBM) +ENDIF(WITH_GDBM) + +IF(WITH_MEMCACHE) + CHECK_INCLUDE_FILES(memcache.h HAVE_MEMCACHE_H) + CHECK_LIBRARY_EXISTS(memcache mc_new "" HAVE_MEMCACHE) +ENDIF(WITH_MEMCACHE) + +IF(NOT BUILD_STATIC) + CHECK_INCLUDE_FILES(dlfcn.h HAVE_DLFCN_H) +ENDIF(NOT BUILD_STATIC) + +IF(HAVE_DLFCN_H) + CHECK_LIBRARY_EXISTS(dl dlopen "" HAVE_LIBDL) +ENDIF(HAVE_DLFCN_H) + +SET(LIGHTTPD_VERSION_ID 10400) +SET(PACKAGE_NAME "${CMAKE_PROJECT_NAME}") +SET(PACKAGE_VERSION "${CPACK_PACKAGE_VERSION}") +EXEC_PROGRAM(date ARGS "'+%b %d %Y %H:%M:%S UTC'" OUTPUT_VARIABLE PACKAGE_BUILD_DATE) + +IF(NOT SBINDIR) + SET(SBINDIR "sbin") +ENDIF(NOT SBINDIR) + +IF(NOT LIGHTTPD_MODULES_DIR) + SET(LIGHTTPD_MODULES_DIR "lib${LIB_SUFFIX}/lighttpd") +ENDIF(NOT LIGHTTPD_MODULES_DIR) + +IF(NOT WIN32) + SET(LIGHTTPD_LIBRARY_DIR "${CMAKE_INSTALL_PREFIX}/${LIGHTTPD_MODULES_DIR}") +ELSE(NOT WIN32) + ## We use relative path in windows + SET(LIGHTTPD_LIBRARY_DIR "lib") +ENDIF(NOT WIN32) + +## Write out config.h +CONFIGURE_FILE(${CMAKE_CURRENT_SOURCE_DIR}/config.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/config.h) + +ADD_DEFINITIONS(-DHAVE_CONFIG_H) + +INCLUDE_DIRECTORIES(${CMAKE_CURRENT_BINARY_DIR} ${CMAKE_CURRENT_SOURCE_DIR}) + +SET(COMMON_SRC + buffer.c log.c + keyvalue.c chunk.c + http_chunk.c stream.c fdevent.c + stat_cache.c plugin.c joblist.c etag.c array.c + data_string.c data_count.c data_array.c + data_integer.c md5.c data_fastcgi.c + fdevent_select.c fdevent_linux_rtsig.c + fdevent_poll.c fdevent_linux_sysepoll.c + fdevent_solaris_devpoll.c fdevent_freebsd_kqueue.c + data_config.c bitset.c + inet_ntop_cache.c crc32.c + connections-glue.c + configfile-glue.c + http-header-glue.c + splaytree.c network_writev.c + network_write.c network_linux_sendfile.c + network_freebsd_sendfile.c + network_solaris_sendfilev.c network_openssl.c + status_counter.c +) + +IF(WIN32) + MESSAGE(STATUS "Adding local getopt implementation.") + SET(COMMON_SRC ${COMMON_SRC} xgetopt.c) +ENDIF(WIN32) + +ADD_EXECUTABLE(lemon lemon.c) + +## Build parsers by using lemon... +LEMON_PARSER(configparser.y) +LEMON_PARSER(mod_ssi_exprparser.y) + +SET(L_INSTALL_TARGETS) + +ADD_EXECUTABLE(spawn-fcgi spawn-fcgi.c) +SET(L_INSTALL_TARGETS ${L_INSTALL_TARGETS} spawn-fcgi) + +ADD_EXECUTABLE(lighttpd + server.c + response.c + connections.c + network.c + configfile.c + configparser.c + request.c + proc_open.c + ${COMMON_SRC} +) +SET(L_INSTALL_TARGETS ${L_INSTALL_TARGETS} lighttpd) + +ADD_AND_INSTALL_LIBRARY(mod_access mod_access.c) +ADD_AND_INSTALL_LIBRARY(mod_accesslog mod_accesslog.c) +ADD_AND_INSTALL_LIBRARY(mod_alias mod_alias.c) +ADD_AND_INSTALL_LIBRARY(mod_auth "mod_auth.c;http_auth_digest.c;http_auth.c") +IF(NOT WIN32) +ADD_AND_INSTALL_LIBRARY(mod_cgi mod_cgi.c) +ENDIF(NOT WIN32) +ADD_AND_INSTALL_LIBRARY(mod_cml "mod_cml.c;mod_cml_lua.c;mod_cml_funcs.c") +ADD_AND_INSTALL_LIBRARY(mod_compress mod_compress.c) +ADD_AND_INSTALL_LIBRARY(mod_dirlisting mod_dirlisting.c) +ADD_AND_INSTALL_LIBRARY(mod_evasive mod_evasive.c) +ADD_AND_INSTALL_LIBRARY(mod_evhost mod_evhost.c) +ADD_AND_INSTALL_LIBRARY(mod_expire mod_expire.c) +ADD_AND_INSTALL_LIBRARY(mod_extforward mod_extforward.c) +ADD_AND_INSTALL_LIBRARY(mod_fastcgi mod_fastcgi.c) +ADD_AND_INSTALL_LIBRARY(mod_flv_streaming mod_flv_streaming.c) +ADD_AND_INSTALL_LIBRARY(mod_indexfile mod_indexfile.c) +ADD_AND_INSTALL_LIBRARY(mod_magnet "mod_magnet.c;mod_magnet_cache.c") +ADD_AND_INSTALL_LIBRARY(mod_mysql_vhost mod_mysql_vhost.c) +ADD_AND_INSTALL_LIBRARY(mod_proxy mod_proxy.c) +ADD_AND_INSTALL_LIBRARY(mod_redirect mod_redirect.c) +ADD_AND_INSTALL_LIBRARY(mod_rewrite mod_rewrite.c) +ADD_AND_INSTALL_LIBRARY(mod_rrdtool mod_rrdtool.c) +ADD_AND_INSTALL_LIBRARY(mod_scgi mod_scgi.c) +ADD_AND_INSTALL_LIBRARY(mod_secdownload mod_secure_download.c) +ADD_AND_INSTALL_LIBRARY(mod_setenv mod_setenv.c) +ADD_AND_INSTALL_LIBRARY(mod_simple_vhost mod_simple_vhost.c) +ADD_AND_INSTALL_LIBRARY(mod_ssi "mod_ssi_exprparser.c;mod_ssi_expr.c;mod_ssi.c") +ADD_AND_INSTALL_LIBRARY(mod_staticfile mod_staticfile.c) +ADD_AND_INSTALL_LIBRARY(mod_status mod_status.c) +ADD_AND_INSTALL_LIBRARY(mod_trigger_b4_dl mod_trigger_b4_dl.c) +ADD_AND_INSTALL_LIBRARY(mod_uploadprogress mod_uploadprogress.c) +ADD_AND_INSTALL_LIBRARY(mod_userdir mod_userdir.c) +ADD_AND_INSTALL_LIBRARY(mod_usertrack mod_usertrack.c) +ADD_AND_INSTALL_LIBRARY(mod_webdav mod_webdav.c) + +IF(HAVE_PCRE_H) + ADD_TARGET_PROPERTIES(lighttpd LINK_FLAGS ${PCRE_LDFLAGS}) + ADD_TARGET_PROPERTIES(lighttpd COMPILE_FLAGS ${PCRE_CFLAGS}) + ADD_TARGET_PROPERTIES(mod_rewrite LINK_FLAGS ${PCRE_LDFLAGS}) + ADD_TARGET_PROPERTIES(mod_rewrite COMPILE_FLAGS ${PCRE_CFLAGS}) + ADD_TARGET_PROPERTIES(mod_dirlisting LINK_FLAGS ${PCRE_LDFLAGS}) + ADD_TARGET_PROPERTIES(mod_dirlisting COMPILE_FLAGS ${PCRE_CFLAGS}) + ADD_TARGET_PROPERTIES(mod_redirect LINK_FLAGS ${PCRE_LDFLAGS}) + ADD_TARGET_PROPERTIES(mod_redirect COMPILE_FLAGS ${PCRE_CFLAGS}) + ADD_TARGET_PROPERTIES(mod_ssi LINK_FLAGS ${PCRE_LDFLAGS}) + ADD_TARGET_PROPERTIES(mod_ssi COMPILE_FLAGS ${PCRE_CFLAGS}) + ADD_TARGET_PROPERTIES(mod_trigger_b4_dl LINK_FLAGS ${PCRE_LDFLAGS}) + ADD_TARGET_PROPERTIES(mod_trigger_b4_dl COMPILE_FLAGS ${PCRE_CFLAGS}) +ENDIF(HAVE_PCRE_H) + +ADD_TARGET_PROPERTIES(mod_magnet LINK_FLAGS ${LUA_LDFLAGS}) +ADD_TARGET_PROPERTIES(mod_magnet COMPILE_FLAGS ${LUA_CFLAGS}) + +ADD_TARGET_PROPERTIES(mod_cml LINK_FLAGS ${LUA_LDFLAGS}) +ADD_TARGET_PROPERTIES(mod_cml COMPILE_FLAGS ${LUA_CFLAGS}) + +IF(HAVE_MYSQL_H AND HAVE_LIBMYSQL) + TARGET_LINK_LIBRARIES(mod_mysql_vhost mysqlclient) + INCLUDE_DIRECTORIES(/usr/include/mysql) +ENDIF(HAVE_MYSQL_H AND HAVE_LIBMYSQL) + +SET(L_MOD_WEBDAV) +IF(HAVE_SQLITE3_H) + SET(L_MOD_WEBDAV ${L_MOD_WEBDAV} sqlite3) +ENDIF(HAVE_SQLITE3_H) +IF(HAVE_LIBXML_H) + SET_TARGET_PROPERTIES(mod_webdav PROPERTIES LINK_FLAGS ${XML2_LDFLAGS}) +ENDIF(HAVE_LIBXML_H) +IF(HAVE_UUID_H) + IF(NEED_LIBUUID) + SET(L_MOD_WEBDAV ${L_MOD_WEBDAV} uuid) + ENDIF(NEED_LIBUUID) +ENDIF(HAVE_UUID_H) + +TARGET_LINK_LIBRARIES(mod_webdav ${L_MOD_WEBDAV}) + +SET(L_MOD_AUTH) +IF(HAVE_LIBCRYPT) + SET(L_MOD_AUTH ${L_MOD_AUTH} crypt) +ENDIF(HAVE_LIBCRYPT) + +IF(HAVE_LDAP_H) + SET(L_MOD_AUTH ${L_MOD_AUTH} ldap lber) +ENDIF(HAVE_LDAP_H) +TARGET_LINK_LIBRARIES(mod_auth ${L_MOD_AUTH}) + +IF(HAVE_ZLIB_H) + IF(HAVE_BZLIB_H) + TARGET_LINK_LIBRARIES(mod_compress ${ZLIB_LIBRARY} bz2) + ELSE(HAVE_BZLIB_H) + TARGET_LINK_LIBRARIES(mod_compress ${ZLIB_LIBRARY}) + ENDIF(HAVE_BZLIB_H) +ENDIF(HAVE_ZLIB_H) + +IF(HAVE_LIBFAM) + TARGET_LINK_LIBRARIES(lighttpd fam) +ENDIF(HAVE_LIBFAM) + +IF(HAVE_GDBM_H) + TARGET_LINK_LIBRARIES(mod_trigger_b4_dl gdbm) +ENDIF(HAVE_GDBM_H) + +IF(HAVE_MEMCACHE_H) + TARGET_LINK_LIBRARIES(mod_trigger_b4_dl memcache) +ENDIF(HAVE_MEMCACHE_H) + +IF(CMAKE_COMPILER_IS_GNUCC) + SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -std=gnu99 -Wall -g -Wshadow -W -pedantic") + SET(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -O2") + SET(CMAKE_C_FLAGS_DEBUG "${CMAKE_C_FLAGS_DEBUG} -O0") + SET(CMAKE_C_FLAGS_RELWITHDEBINFO "${CMAKE_C_FLAGS_WITHDEBINFO} -O2") + ADD_DEFINITIONS(-D_GNU_SOURCE) +ENDIF(CMAKE_COMPILER_IS_GNUCC) + +SET_TARGET_PROPERTIES(lighttpd PROPERTIES CMAKE_INSTALL_PREFIX ${CMAKE_INSTALL_PREFIX}) + +IF(WIN32) + SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DNVALGRIND") + ADD_TARGET_PROPERTIES(lighttpd COMPILE_FLAGS "-DLI_DECLARE_EXPORTS") + TARGET_LINK_LIBRARIES(lighttpd ws2_32) + TARGET_LINK_LIBRARIES(mod_proxy ws2_32) + TARGET_LINK_LIBRARIES(mod_fcgi ws2_32) + TARGET_LINK_LIBRARIES(mod_scgi ws2_32) + TARGET_LINK_LIBRARIES(mod_ssi ws2_32) + + IF(MINGW) + TARGET_LINK_LIBRARIES(lighttpd msvcr70) + ADD_TARGET_PROPERTIES(lighttpd LINK_FLAGS "-Wl,-subsystem,console") + ENDIF(MINGW) +ENDIF(WIN32) + +IF(NOT BUILD_STATIC) + IF(HAVE_LIBDL) + TARGET_LINK_LIBRARIES(lighttpd dl) + ENDIF(HAVE_LIBDL) +ENDIF(NOT BUILD_STATIC) + +IF(HAVE_LIBSSL AND HAVE_LIBCRYPTO) + TARGET_LINK_LIBRARIES(lighttpd ssl) + TARGET_LINK_LIBRARIES(lighttpd crypto) +ENDIF(HAVE_LIBSSL AND HAVE_LIBCRYPTO) + +IF(NOT WIN32) +INSTALL(TARGETS ${L_INSTALL_TARGETS} + RUNTIME DESTINATION ${SBINDIR} + LIBRARY DESTINATION ${LIGHTTPD_MODULES_DIR} + ARCHIVE DESTINATION ${LIGHTTPD_MODULES_DIR}/static) +ELSE(NOT WIN32) +## HACK to make win32 to install our libraries in desired directory.. +INSTALL(TARGETS lighttpd + RUNTIME DESTINATION ${SBINDIR} + ARCHIVE DESTINATION lib/static) +LIST(REMOVE_ITEM L_INSTALL_TARGETS lighttpd) +INSTALL(TARGETS ${L_INSTALL_TARGETS} + RUNTIME DESTINATION ${SBINDIR}/lib + LIBRARY DESTINATION lib + ARCHIVE DESTINATION lib/static) +ENDIF(NOT WIN32) Index: src/mod_accesslog.c =================================================================== --- src/mod_accesslog.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/mod_accesslog.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -169,13 +169,13 @@ if (fields->size == 0) { fields->size = 16; fields->used = 0; - fields->ptr = malloc(fields->size * sizeof(format_fields * )); + fields->ptr = malloc(fields->size * sizeof(format_field * )); } else if (fields->used == fields->size) { fields->size += 16; - fields->ptr = realloc(fields->ptr, fields->size * sizeof(format_fields * )); + fields->ptr = realloc(fields->ptr, fields->size * sizeof(format_field * )); } - fields->ptr[fields->used] = malloc(sizeof(format_fields)); + fields->ptr[fields->used] = malloc(sizeof(format_field)); fields->ptr[fields->used]->type = FIELD_STRING; fields->ptr[fields->used]->string = buffer_init(); @@ -189,10 +189,10 @@ if (fields->size == 0) { fields->size = 16; fields->used = 0; - fields->ptr = malloc(fields->size * sizeof(format_fields * )); + fields->ptr = malloc(fields->size * sizeof(format_field * )); } else if (fields->used == fields->size) { fields->size += 16; - fields->ptr = realloc(fields->ptr, fields->size * sizeof(format_fields * )); + fields->ptr = realloc(fields->ptr, fields->size * sizeof(format_field * )); } /* search for the terminating command */ @@ -211,7 +211,7 @@ /* found key */ - fields->ptr[fields->used] = malloc(sizeof(format_fields)); + fields->ptr[fields->used] = malloc(sizeof(format_field)); fields->ptr[fields->used]->type = FIELD_FORMAT; fields->ptr[fields->used]->field = fmap[j].type; fields->ptr[fields->used]->string = NULL; @@ -258,7 +258,7 @@ /* found key */ - fields->ptr[fields->used] = malloc(sizeof(format_fields)); + fields->ptr[fields->used] = malloc(sizeof(format_field)); fields->ptr[fields->used]->type = FIELD_FORMAT; fields->ptr[fields->used]->field = fmap[j].type; fields->ptr[fields->used]->string = buffer_init(); @@ -291,7 +291,7 @@ /* found key */ - fields->ptr[fields->used] = malloc(sizeof(format_fields)); + fields->ptr[fields->used] = malloc(sizeof(format_field)); fields->ptr[fields->used]->type = FIELD_FORMAT; fields->ptr[fields->used]->field = fmap[j].type; fields->ptr[fields->used]->string = NULL; @@ -321,13 +321,13 @@ if (fields->size == 0) { fields->size = 16; fields->used = 0; - fields->ptr = malloc(fields->size * sizeof(format_fields * )); + fields->ptr = malloc(fields->size * sizeof(format_field * )); } else if (fields->used == fields->size) { fields->size += 16; - fields->ptr = realloc(fields->ptr, fields->size * sizeof(format_fields * )); + fields->ptr = realloc(fields->ptr, fields->size * sizeof(format_field * )); } - fields->ptr[fields->used] = malloc(sizeof(format_fields)); + fields->ptr[fields->used] = malloc(sizeof(format_field)); fields->ptr[fields->used]->type = FIELD_STRING; fields->ptr[fields->used]->string = buffer_init(); @@ -540,8 +540,9 @@ return HANDLER_ERROR; } +#ifdef FD_CLOEXEC fcntl(s->log_access_fd, F_SETFD, FD_CLOEXEC); - +#endif } return HANDLER_GO_ON; @@ -584,6 +585,9 @@ return HANDLER_ERROR; } +#ifdef FD_CLOEXEC + fcntl(s->log_access_fd, F_SETFD, FD_CLOEXEC); +#endif } } Index: src/fdevent_linux_sysepoll.c =================================================================== --- src/fdevent_linux_sysepoll.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/fdevent_linux_sysepoll.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -91,7 +91,7 @@ if (e & EPOLLHUP) events |= FDEVENT_HUP; if (e & EPOLLPRI) events |= FDEVENT_PRI; - return e; + return events; } static int fdevent_linux_sysepoll_event_get_fd(fdevents *ev, size_t ndx) { Index: src/server.c =================================================================== --- src/server.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/server.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -210,6 +210,7 @@ srv->srvconf.modules_dir = buffer_init_string(LIBRARY_DIR); srv->srvconf.network_backend = buffer_init(); srv->srvconf.upload_tempdirs = array_init(); + srv->srvconf.reject_expect_100_with_417 = 1; /* use syslog */ srv->errorlog_fd = -1; @@ -844,15 +845,16 @@ } /* set max-conns */ - if (srv->srvconf.max_conns > srv->max_fds) { - /* we can't have more connections than max-fds */ - srv->max_conns = srv->max_fds; + if (srv->srvconf.max_conns > srv->max_fds/2) { + /* we can't have more connections than max-fds/2 */ + log_error_write(srv, __FILE__, __LINE__, "sdd", "can't have more connections than fds/2: ", srv->srvconf.max_conns, srv->max_fds); + srv->max_conns = srv->max_fds/2; } else if (srv->srvconf.max_conns) { /* otherwise respect the wishes of the user */ srv->max_conns = srv->srvconf.max_conns; } else { - /* or use the default */ - srv->max_conns = srv->max_fds; + /* or use the default: we really don't want to hit max-fds */ + srv->max_conns = srv->max_fds/3; } if (HANDLER_GO_ON != plugins_call_init(srv)) { @@ -1295,8 +1297,8 @@ if (srv->sockets_disabled) { /* our server sockets are disabled, why ? */ - if ((srv->cur_fds + srv->want_fds < srv->max_fds * 0.8) && /* we have enough unused fds */ - (srv->conns->used < srv->max_conns * 0.9) && + if ((srv->cur_fds + srv->want_fds < srv->max_fds * 8 / 10) && /* we have enough unused fds */ + (srv->conns->used <= srv->max_conns * 9 / 10) && (0 == graceful_shutdown)) { for (i = 0; i < srv->srv_sockets.used; i++) { server_socket *srv_socket = srv->srv_sockets.ptr[i]; @@ -1308,8 +1310,8 @@ srv->sockets_disabled = 0; } } else { - if ((srv->cur_fds + srv->want_fds > srv->max_fds * 0.9) || /* out of fds */ - (srv->conns->used > srv->max_conns) || /* out of connections */ + if ((srv->cur_fds + srv->want_fds > srv->max_fds * 9 / 10) || /* out of fds */ + (srv->conns->used >= srv->max_conns) || /* out of connections */ (graceful_shutdown)) { /* graceful_shutdown */ /* disable server-fds */ @@ -1348,7 +1350,7 @@ if (graceful_shutdown) { log_error_write(srv, __FILE__, __LINE__, "s", "[note] graceful shutdown started"); - } else if (srv->conns->used > srv->max_conns) { + } else if (srv->conns->used >= srv->max_conns) { log_error_write(srv, __FILE__, __LINE__, "s", "[note] sockets disabled, connection limit reached"); } else { log_error_write(srv, __FILE__, __LINE__, "s", "[note] sockets disabled, out-of-fds"); Index: src/log.c =================================================================== --- src/log.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/log.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -146,6 +146,10 @@ /* ok, new log is open, close the old one */ close(srv->errorlog_fd); srv->errorlog_fd = new_fd; +#ifdef FD_CLOEXEC + /* close fd on exec (cgi) */ + fcntl(srv->errorlog_fd, F_SETFD, FD_CLOEXEC); +#endif } } Index: src/proc_open.c =================================================================== --- src/proc_open.c (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/proc_open.c (.../branches/lighttpd-1.4.x) (revision 2389) @@ -287,32 +287,33 @@ } /* }}} */ /* {{{ proc_open_buffer */ -int proc_open_buffer(proc_handler_t *proc, const char *command, buffer *in, buffer *out, buffer *err) { +int proc_open_buffer(const char *command, buffer *in, buffer *out, buffer *err) { + proc_handler_t proc; - UNUSED(err); - - if (proc_open(proc, command) != 0) { + if (proc_open(&proc, command) != 0) { return -1; } if (in) { - if (write(proc->in.fd, (void *)in->ptr, in->used) < 0) { + if (write(proc.in.fd, (void *)in->ptr, in->used) < 0) { perror("error writing pipe"); return -1; } } - pipe_close(&proc->in); + pipe_close(&proc.in); if (out) { - proc_read_fd_to_buffer(proc->out.fd, out); + proc_read_fd_to_buffer(proc.out.fd, out); } - pipe_close(&proc->out); + pipe_close(&proc.out); if (err) { - proc_read_fd_to_buffer(proc->err.fd, err); + proc_read_fd_to_buffer(proc.err.fd, err); } - pipe_close(&proc->err); + pipe_close(&proc.err); + proc_close(&proc); + return 0; } /* }}} */ @@ -366,7 +367,7 @@ RESET(); fprintf(stdout, "test: echo 321 with read\n"); fflush(stdout); - if (proc_open_buffer(&proc, "echo 321", NULL, out, err) != 0) { + if (proc_open_buffer("echo 321", NULL, out, err) != 0) { ERROR_OUT(); } fprintf(stdout, "result: ->%s<-\n\n", out->ptr); fflush(stdout); @@ -374,7 +375,7 @@ fprintf(stdout, "test: echo 123 | " CMD_CAT "\n"); fflush(stdout); buffer_copy_string_len(in, CONST_STR_LEN("123\n")); - if (proc_open_buffer(&proc, CMD_CAT, in, out, err) != 0) { + if (proc_open_buffer(CMD_CAT, in, out, err) != 0) { ERROR_OUT(); } fprintf(stdout, "result: ->%s<-\n\n", out->ptr); fflush(stdout); Index: src/proc_open.h =================================================================== --- src/proc_open.h (.../tags/lighttpd-1.4.20) (revision 2389) +++ src/proc_open.h (.../branches/lighttpd-1.4.x) (revision 2389) @@ -22,4 +22,4 @@ int proc_close(proc_handler_t *ht); int proc_open(proc_handler_t *ht, const char *command); -int proc_open_buffer(proc_handler_t *ht, const char *command, buffer *in, buffer *out, buffer *err); +int proc_open_buffer(const char *command, buffer *in, buffer *out, buffer *err); Index: tests/mod-proxy.t =================================================================== --- tests/mod-proxy.t (.../tags/lighttpd-1.4.20) (revision 2389) +++ tests/mod-proxy.t (.../branches/lighttpd-1.4.x) (revision 2389) @@ -8,14 +8,24 @@ use strict; use IO::Socket; -use Test::More tests => 6; +use Test::More tests => 9; use LightyTest; my $tf_real = LightyTest->new(); my $tf_proxy = LightyTest->new(); my $t; +my $php_child = -1; +my $phpbin = (defined $ENV{'PHP'} ? $ENV{'PHP'} : '/usr/bin/php-cgi'); +$ENV{'PHP'} = $phpbin; + +SKIP: { + skip "PHP already running on port 1026", 1 if $tf_real->listening_on(1026); + skip "no php binary found", 1 unless -x $phpbin; + ok(-1 != ($php_child = $tf_real->spawnfcgi($phpbin, 1026)), "Spawning php"); +} + ## we need two procs ## 1. the real webserver ## 2. the proxy server @@ -26,9 +36,9 @@ $tf_proxy->{PORT} = 2050; $tf_proxy->{CONFIGFILE} = 'proxy.conf'; -ok($tf_real->start_proc == 0, "Starting lighttpd") or die(); +ok($tf_real->start_proc == 0, "Starting lighttpd") or goto cleanup; -ok($tf_proxy->start_proc == 0, "Starting lighttpd as proxy") or die(); +ok($tf_proxy->start_proc == 0, "Starting lighttpd as proxy") or goto cleanup; $t->{REQUEST} = ( <{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'Server' => 'Apache 1.3.29' } ]; ok($tf_proxy->handle_http($t) == 0, 'drop Server from real server'); +SKIP: { + skip "no PHP running on port 1026", 1 unless $tf_real->listening_on(1026); + $t->{REQUEST} = ( <{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'HTTP-Content' => '/some+test%3axxx%20with%20space' } ]; + ok($tf_proxy->handle_http($t) == 0, 'rewrited urls work with encoded path'); +} + ok($tf_proxy->stop_proc == 0, "Stopping lighttpd proxy"); ok($tf_real->stop_proc == 0, "Stopping lighttpd"); + +SKIP: { + skip "PHP not started, cannot stop it", 1 unless $php_child != -1; + ok(0 == $tf_real->endspawnfcgi($php_child), "Stopping php"); + $php_child = -1; +} + +exit 0; + +cleanup: + +$tf_real->endspawnfcgi($php_child) if $php_child != -1; + +die(); Index: tests/CMakeLists.txt =================================================================== --- tests/CMakeLists.txt (.../tags/lighttpd-1.4.20) (revision 0) +++ tests/CMakeLists.txt (.../branches/lighttpd-1.4.x) (revision 2389) @@ -0,0 +1,34 @@ +SET(T_FILES + prepare.sh + cachable.t + core-404-handler.t + core-condition.t + core-keepalive.t + core-request.t + core-response.t + core.t + core-var-include.t + lowercase.t + mod-access.t + mod-auth.t + mod-cgi.t + mod-compress.t + mod-extforward.t + mod-fastcgi.t + mod-proxy.t + mod-redirect.t + mod-rewrite.t + mod-secdownload.t + mod-setenv.t + mod-ssi.t + mod-userdir.t + request.t + symlink.t +) + +FOREACH(it ${T_FILES}) + ADD_TEST(${it} "${lighttpd_SOURCE_DIR}/tests/wrapper.sh" + "${lighttpd_SOURCE_DIR}/tests" + "${lighttpd_BINARY_DIR}" + "${lighttpd_SOURCE_DIR}/tests/${it}") +ENDFOREACH(it) Index: tests/SConscript =================================================================== --- tests/SConscript (.../tags/lighttpd-1.4.20) (revision 2389) +++ tests/SConscript (.../branches/lighttpd-1.4.x) (revision 2389) @@ -23,6 +23,7 @@ mod-auth.t \ mod-cgi.t \ mod-compress.t \ + mod-compress.conf \ mod-fastcgi.t \ mod-redirect.t \ mod-userdir.t \ Index: tests/mod-compress.conf =================================================================== --- tests/mod-compress.conf (.../tags/lighttpd-1.4.20) (revision 0) +++ tests/mod-compress.conf (.../branches/lighttpd-1.4.x) (revision 2389) @@ -0,0 +1,32 @@ +debug.log-request-handling = "enable" +debug.log-response-header = "disable" +debug.log-request-header = "disable" + +server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" +server.pid-file = env.SRCDIR + "/tmp/lighttpd/lighttpd.pid" + +## bind to port (default: 80) +server.port = 2048 + +## bind to localhost (default: all interfaces) +server.bind = "localhost" +server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log" +server.name = "www.example.org" + +server.modules = ( + "mod_compress" +) + +######################## MODULE CONFIG ############################ + +mimetype.assign = ( + ".html" => "text/html", + ".txt" => "text/plain", +) + +$HTTP["host"] == "cache.example.org" { + compress.cache-dir = env.SRCDIR + "/tmp/lighttpd/cache/compress/" +} +compress.filetype = ("text/plain", "text/html") + +compress.allowed-encodings = ( "gzip", "deflate" ) Index: tests/mod-fastcgi.t =================================================================== --- tests/mod-fastcgi.t (.../tags/lighttpd-1.4.20) (revision 2389) +++ tests/mod-fastcgi.t (.../branches/lighttpd-1.4.x) (revision 2389) @@ -7,7 +7,7 @@ } use strict; -use Test::More tests => 49; +use Test::More tests => 50; use LightyTest; my $tf = LightyTest->new(); @@ -215,7 +215,7 @@ } SKIP: { - skip "no fcgi-auth found", 4 unless -x $tf->{BASEDIR}."/tests/fcgi-auth" || -x $tf->{BASEDIR}."/tests/fcgi-auth.exe"; + skip "no fcgi-auth found", 5 unless -x $tf->{BASEDIR}."/tests/fcgi-auth" || -x $tf->{BASEDIR}."/tests/fcgi-auth.exe"; $tf->{CONFIGFILE} = 'fastcgi-auth.conf'; ok($tf->start_proc == 0, "Starting lighttpd with $tf->{CONFIGFILE}") or die(); @@ -235,6 +235,14 @@ $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ]; ok($tf->handle_http($t) == 0, 'FastCGI - Auth'); + $t->{REQUEST} = ( <{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; + ok($tf->handle_http($t) == 0, 'FastCGI - Auth in subdirectory'); + ok($tf->stop_proc == 0, "Stopping lighttpd"); } Index: tests/mod-rewrite.t =================================================================== --- tests/mod-rewrite.t (.../tags/lighttpd-1.4.20) (revision 2389) +++ tests/mod-rewrite.t (.../branches/lighttpd-1.4.x) (revision 2389) @@ -8,7 +8,7 @@ use strict; use IO::Socket; -use Test::More tests => 8; +use Test::More tests => 7; use LightyTest; my $tf = LightyTest->new(); @@ -35,7 +35,7 @@ ); $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'HTTP-Content' => '' } ]; ok($tf->handle_http($t) == 0, 'valid request'); - + $t->{REQUEST} = ( <{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'HTTP-Content' => 'bar&a=b' } ]; ok($tf->handle_http($t) == 0, 'valid request'); - $t->{REQUEST} = ( <{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'HTTP-Content' => 'a=b' } ]; - ok($tf->handle_http($t) == 0, 'valid request with url encoded characters'); - ok($tf->stop_proc == 0, "Stopping lighttpd"); } Index: tests/lighttpd.conf =================================================================== --- tests/lighttpd.conf (.../tags/lighttpd-1.4.20) (revision 2389) +++ tests/lighttpd.conf (.../branches/lighttpd-1.4.x) (revision 2389) @@ -217,4 +217,5 @@ $HTTP["host"] == "etag.example.org" { static-file.etags = "disable" + compress.filetype = () } Index: tests/fastcgi-auth.conf =================================================================== --- tests/fastcgi-auth.conf (.../tags/lighttpd-1.4.20) (revision 2389) +++ tests/fastcgi-auth.conf (.../branches/lighttpd-1.4.x) (revision 2389) @@ -89,6 +89,7 @@ "bin-path" => env.SRCDIR + "/fcgi-auth", "mode" => "authorizer", "docroot" => env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/", + "check-local" => "disable", ) ) Index: tests/proxy.conf =================================================================== --- tests/proxy.conf (.../tags/lighttpd-1.4.20) (revision 2389) +++ tests/proxy.conf (.../branches/lighttpd-1.4.x) (revision 2389) @@ -122,7 +122,8 @@ url.redirect = ( "^/redirect/$" => "http://localhost:2048/" ) url.rewrite = ( "^/rewrite/foo($|\?.+)" => "/indexfile/rewrite.php$1", - "^/rewrite/bar(?:$|\?(.+))" => "/indexfile/rewrite.php?bar&$1" ) + "^/rewrite/bar(?:$|\?(.+))" => "/indexfile/rewrite.php?bar&$1", + "^/rewrite/all(/.*)$" => "/indexfile/rewrite.php?$1" ) expire.url = ( "/expire/access" => "access 2 hours", "/expire/modification" => "access plus 1 seconds 2 minutes") Index: tests/Makefile.am =================================================================== --- tests/Makefile.am (.../tags/lighttpd-1.4.20) (revision 2389) +++ tests/Makefile.am (.../branches/lighttpd-1.4.x) (revision 2389) @@ -38,6 +38,7 @@ mod-auth.t \ mod-cgi.t \ mod-compress.t \ + mod-compress.conf \ mod-fastcgi.t \ mod-redirect.t \ mod-rewrite.t \ Index: tests/mod-compress.t =================================================================== --- tests/mod-compress.t (.../tags/lighttpd-1.4.20) (revision 2389) +++ tests/mod-compress.t (.../branches/lighttpd-1.4.x) (revision 2389) @@ -8,12 +8,14 @@ use strict; use IO::Socket; -use Test::More tests => 10; +use Test::More tests => 11; use LightyTest; my $tf = LightyTest->new(); my $t; +$tf->{CONFIGFILE} = 'mod-compress.conf'; + ok($tf->start_proc == 0, "Starting lighttpd") or die(); $t->{REQUEST} = ( <{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, '+Vary' => '', 'Content-Type' => "text/plain" } ]; ok($tf->handle_http($t) == 0, 'Empty Accept-Encoding'); +$t->{REQUEST} = ( <{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, '+Vary' => '', 'Content-Encoding' => 'gzip', 'Content-Type' => "text/plain" } ]; +ok($tf->handle_http($t) == 0, 'bzip2 requested but disabled'); + ok($tf->stop_proc == 0, "Stopping lighttpd"); Index: doc/redirect.txt =================================================================== --- doc/redirect.txt (.../tags/lighttpd-1.4.20) (revision 2389) +++ doc/redirect.txt (.../branches/lighttpd-1.4.x) (revision 2389) @@ -39,3 +39,9 @@ $HTTP["host"] =~ "^www\.(.*)" { url.redirect = ( "^/(.*)" => "http://%1/$1" ) } + +Warning +======= + +Do NOT use mod_redirect to protect specific urls, as the original url passed from the client +is matched against your rules, for example strings like "/abc/../xyz%2f/path". Index: doc/compress.txt =================================================================== --- doc/compress.txt (.../tags/lighttpd-1.4.20) (revision 2389) +++ doc/compress.txt (.../branches/lighttpd-1.4.x) (revision 2389) @@ -6,13 +6,7 @@ Module: mod_compress -------------------- -:Author: Jan Kneschke -:Date: $Date$ -:Revision: $Revision$ -:abstract: - a nice, short abstrace about the module - .. meta:: :keywords: lighttpd, compress @@ -22,16 +16,57 @@ =========== Output compression reduces the network load and can improve the overall -throughput of the webserver. +throughput of the webserver. All major http-clients support compression by +announcing it in the Accept-Encoding header. This is used to negotiate the +most suitable compression method. We support deflate, gzip and bzip2. -Only static content is supported up to now. +deflate (RFC1950, RFC1951) and gzip (RFC1952) depend on zlib while bzip2 +depends on libbzip2. bzip2 is only supported by lynx and some other console +text-browsers. -The server negotiates automaticly which compression method is used. -Supported are gzip, deflate, bzip. +We currently limit to compression support to static files. +Caching +------- + +mod_compress can store compressed files on disk to optimize the compression +on a second request away. As soon as compress.cache-dir is set the files are +compressed. + +(You will need to create the cache directory if it doesn't already exist. The web server will not do this for you. The directory will also need the proper ownership. For Debian/Ubuntu the user and group ids should both be www-data.) + +The names of the cache files are made of the filename, the compression method +and the etag associated to the file. + +Cleaning the cache is left to the user. A cron job deleting files older than +10 days could do it: :: + + find /var/www/cache -type f -mtime +10 | xargs -r rm + +Limitations +----------- + +The module limits the compression of files to files smaller than 128 MByte and +larger than 128 Byte. + +The lower limit is set as small files tend to become larger by compressing due +to the compression headers, the upper limit is set to work sensibly with +memory and cpu-time. + +Directories containing a tilde ('~') are not created automatically (See ticket +#113). To enable compression for user dirs you have to create the directories +by hand in the cache directory. + Options ======= +compress.allowed-encodings + override default set of allowed encodings + + e.g.: :: + + compress.allowed-encodings = ("bzip2", "gzip", "deflate") + compress.cache-dir name of the directory where compressed content will be cached @@ -47,20 +82,111 @@ Default: not set, compress the file for every request compress.filetype - mimetypes where might get compressed + mimetypes which might get compressed e.g.: :: compress.filetype = ("text/plain", "text/html") + Keep in mind that compressed JavaScript and CSS files are broken in some + browsers. Not setting any filetypes will result in no files being compressed. + + NOTE: You have to specify the full mime-type! If you also define a charset, for example, you have to use "text/plain; charset=utf-8" instead of just "text/plain". + Default: not set +compress.max-filesize + maximum size of the original file to be compressed kBytes. + This is meant to protect the server against DoSing as compressing large + (let's say 1Gbyte) takes a lot of time and would delay the whole operation + of the server. + + There is a hard upper limit of 128Mbyte. + + Default: unlimited (== hard-limit of 128MByte) + +Display compressed files +======================== + +If you enable mod_compress, and you want to force clients to uncompress and display compressed text files, please force mimetype to nothing. +Exemple : +If you want to add headers for uncompress and display diff.gz files , add this section in your conf : :: + + $HTTP["url"] =~ "\.diff\.gz" { + setenv.add-response-header = ( "Content-Encoding" => "gzip" ) + mimetype.assign = () + } + + Compressing Dynamic Content =========================== +PHP +--- + To compress dynamic content with PHP please enable :: zlib.output_compression = 1 + zlib.output_handler = On in the php.ini as PHP provides compression support by itself. + +mod_compress of lighttpd 1.5 r1992 may not set correct Content-Encoding with php-fcgi. A solution to that problem would be: + +1.disable mod_compress when request a php file:: + + $HTTP["url"] !~ "\.php$" { + compress.filetype = ("text/plain", "text/html", "text/javascript", "text/css", "text/xml") + } + +2.enable mod_setenv of your lighttpd:: + + server.modules += ( "mod_setenv" ) + +3.manually set Content-Encoding:: + + $HTTP["url"] =~ "\.php$" { + setenv.add-response-header = ( "Content-Encoding" => "gzip") + } + + +TurboGears +---------- + +To compress dynamic content with TurboGears please enable :: + + [/] + gzip_filter.on = True + gzip_filter.mime_types = ["application/x-javascript", "text/javascript", "text/html", "text/css", "text/plain"] + +in the config/app.cfg file in your TurboGears application. The above lines should already be in the file. You just need to remove the comment symbol in front of the lines to make them active. + +Django +------ + +To compress dynamic content with Django please enable the GZipMiddleware :: + + MIDDLEWARE_CLASSES = ( + 'django.middleware.gzip.GZipMiddleware', + ... + ) + +in the settings.py file in your Django project. + +Catalyst +-------- + +To compress dynamic content with Perl/Catalyst, simply use the Catalyst::Plugin::Compress::Gzip module available on CPAN :: + + use Catalyst qw( + Compress::Gzip + ... + ); + +in your main package (MyApp.pm). Further configuration is not required. + +}}} + + + Index: doc/rewrite.txt =================================================================== --- doc/rewrite.txt (.../tags/lighttpd-1.4.20) (revision 2389) +++ doc/rewrite.txt (.../branches/lighttpd-1.4.x) (revision 2389) @@ -43,6 +43,12 @@ The options ``url.rewrite`` and ``url.rewrite-final`` were mapped to ``url.rewrite-once`` in 1.3.16. +Warning +======= + +Do NOT use mod_rewrite to protect specific urls, as the original url passed from the client +is matched against your rules, for example strings like "/abc/../xyz%2f/path". + Examples ======== Index: SConstruct =================================================================== --- SConstruct (.../tags/lighttpd-1.4.20) (revision 2389) +++ SConstruct (.../branches/lighttpd-1.4.x) (revision 2389) @@ -5,7 +5,7 @@ from stat import * package = 'lighttpd' -version = '1.4.20' +version = '1.4.21' def checkCHeaders(autoconf, hdrs): p = re.compile('[^A-Z0-9]') Index: Makefile.am =================================================================== --- Makefile.am (.../tags/lighttpd-1.4.20) (revision 2389) +++ Makefile.am (.../branches/lighttpd-1.4.x) (revision 2389) @@ -1,4 +1,4 @@ -SUBDIRS=src doc tests cygwin openwrt +SUBDIRS=src doc tests EXTRA_DIST=autogen.sh SConstruct Index: NEWS =================================================================== --- NEWS (.../tags/lighttpd-1.4.20) (revision 2389) +++ NEWS (.../branches/lighttpd-1.4.x) (revision 2389) @@ -3,8 +3,41 @@ NEWS ==== -- 1.4.20 - +- 1.4.21 - + * Fix base64 decoding in mod_auth (#1757, thx guido) + * Fix mod_cgi segfault when bound to unix domain socket (#653) + * Do not rely on ioctl FIONREAD (#673) + * Now really fix mod auth ldap (#1066) + * Fix leaving zombie process with include_shell (#1777) + * Removed debian/, openwrt/ and cygwin/; they weren't kept up-to-date, and we decided to remove dist. specific stuff + * Try to convert string options to shorts for numeric options in config file; allows to use env-vars for numeric options. (#1159, thx andrewb) + * Do not cache default vhost in mod_simple_vhost (#709) + * Trust pcre-config, do not check for pcre manually (#1769) + * Fix fastcgi authorization in subdirectories with check-local=disabled; don't split pathinfo for authorizer. (#963) + * Add possibility to disable methods in mod_compress (#1773) + * Fix duplicate connection keep-alive/transfer-encoding headers (#960) + * Fixed fix for round-robin in mod_proxy (forgot to increment the index) (#1715) + * Fix fastcgi-authorizer handling; Status: 200 is now accepted as the doc requests + * Compare address family in inet_ntop_cache + * Revert CVE-2008-4359 (#1720) fix "encoding+simplifying urls for rewrite/redirect": too many regressions. + * Use FD_CLOEXEC if possible (fixes #1821) + * Optimized buffer usage in mod_proxy (fixes #1850) + * Fix uninitialized value in time struct after strptime + * Do not pass Proxy-Connection: header from client to backend http server in mod_proxy (#1877) + * Fix wrong malloc sizes in mod_accesslog (probably nothing bad happened...) (fixes #1855, thx ycheng) + * Some small buffer.c fixes (closes #1837) + * Remove floating point math from server.c (fixes #1402) + * Disable SSLv2 by default + * Use/enforce sane max-connection values (fixes #1803) + * Allow mod_compress to return 304 (Not Modified); compress ignores the static-file.etags option.(fixes #1884) + * Add option to ignore the "Expect: 100-continue" header instead of returning 417 Expectation failed (closes #1017) + * Use modified etags in mod_compress (fixes #1800) + * Fix max-connection limit handling/100% cpu usage (fixes #1436) + * Fix error handling in freebsd-sendfile (fixes #1813) + +- 1.4.20 - 2008-09-30 + * Fix mod_compress to compile with old gcc version (#1592) * Fix mod_extforward to compile with old gcc version (#1591) * Update documentation for #1587 @@ -49,10 +82,10 @@ * allow digits in [s]cgi env vars (#1712) * fixed dropping last character of evhost pattern (#161) * print helpful error message on conditionals in global block (#1550) - * decode url before matching in mod_rewrite (#1720) + * decode url before matching in mod_rewrite (#1720) -- (reverted for 1.4.21) * fixed conditional patching of ldap filter (#1564) - * Match headers case insensitive in response (removing of X-{Sendfile,LIGHTTPD-*}, catching Date/Server) - * fixed bug with case-insensitive filenames in mod_userdir (#1589), spotted by "anders1" + * Match headers case insensitive in response (removing of X-{Sendfile,LIGHTTPD-*}, catching Date/Server) [2281] + * fixed bug with case-insensitive filenames in mod_userdir (#1589), spotted by "anders1" (CVE-2008-4360) * fixed format string bugs in mod_accesslog for SYSLOG * replaced fprintf with log_error_write in fastcgi debug * fixed mem leak in ssi expression parser (#1753), thx Take5k @@ -62,9 +95,9 @@ * fix splitting of auth-ldap filter * workaround ldap connection leak if a ldap connection failed (restarting ldap) * fix auth.backend.ldap.bind-dn/pw problems (only read from global context for temporary ldap reconnects, thx ruskie) - * fix memleak in request header parsing (#1774, thx qhy) + * fix memleak in request header parsing (#1774, thx qhy) (CVE-2008-4298) * fix mod_rewrite memleak/endless loop detection (#1775, thx phy - again!) - * use decoded url for matching in mod_redirect (#1720) + * use decoded url for matching in mod_redirect (#1720) (CVE-2008-4359) -- (reverted for 1.4.21) - 1.4.19 - 2008-03-10 Index: CMakeLists.txt =================================================================== --- CMakeLists.txt (.../tags/lighttpd-1.4.20) (revision 0) +++ CMakeLists.txt (.../branches/lighttpd-1.4.x) (revision 2389) @@ -0,0 +1,27 @@ +PROJECT(lighttpd C) + +CMAKE_MINIMUM_REQUIRED(VERSION 2.4.0 FATAL_ERROR) + +SET(CMAKE_MODULE_PATH ${CMAKE_SOURCE_DIR}/cmake) + +INCLUDE(CTest) + +ENABLE_TESTING() + +SET(CPACK_PACKAGE_VERSION_MAJOR 1) +SET(CPACK_PACKAGE_VERSION_MINOR 4) +SET(CPACK_PACKAGE_VERSION_PATCH 21) +SET(CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}") + +SET(CPACK_RESOURCE_FILE_LICENSE "${CMAKE_SOURCE_DIR}/COPYING") +SET(CPACK_RESOURCE_FILE_README "${CMAKE_SOURCE_DIR}/README") +SET(CPACK_PACKAGE_VENDOR "jan@kneschke.de") + +SET(CPACK_SOURCE_GENERATOR "TGZ") +SET(CPACK_SOURCE_IGNORE_FILES "/\\\\.;~$;/_;build/;CMakeFiles/;CMakeCache;gz$;Makefile\\\\.;trace;Testing/;foo;autom4te;cmake_install;CPack;\\\\.pem;ltmain.sh;configure;libtool;/config\\\\.;missing;autogen.sh;install-sh;Dart;aclocal;log$;Makefile$") + +SET(CPACK_SOURCE_PACKAGE_FILE_NAME "${CMAKE_PROJECT_NAME}-${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}") + +ADD_SUBDIRECTORY(src build) +#ADD_SUBDIRECTORY(doc) +ADD_SUBDIRECTORY(tests) Property changes on: . ___________________________________________________________________ Modified: bzr:revision-info - timestamp: 2008-09-23 21:04:22.819999933 +0200 committer: Stefan Bühler properties: branch-nick: lighttpd-1.4.x + timestamp: 2009-02-05 12:44:42.130000114 +0100 committer: Stefan Bühler properties: branch-nick: lighttpd-1.4.x Modified: bzr:revision-id:v3-trunk0 - 1127 stbuehler@web.de-20080728081644-j4cxnhduw8kbt8um 1128 stbuehler@web.de-20080728084246-axvxdtjsrratxixs 1129 stbuehler@web.de-20080729211700-s8v6nq2cu06qesls 1130 stbuehler@web.de-20080729211726-4yxb6e5dva1cn0lz 1131 stbuehler@web.de-20080729211750-4ulzigswx17uciyu 1132 stbuehler@web.de-20080729211850-nliz3kd0m576ztuu 1133 stbuehler@web.de-20080730163440-dg2y2sbf0u4grmn4 1134 stbuehler@web.de-20080730173952-kiutzg6geqy7mick 1135 stbuehler@web.de-20080730193616-9kc2ms7rrhv1lkn7 1136 stbuehler@web.de-20080730211457-z4a6uth1y29glbqh 1137 stbuehler@web.de-20080730213517-b6sjcrdwbmipl334 1138 stbuehler@web.de-20080731102617-2xw8unjfqic7lsew 1139 stbuehler@web.de-20080731102703-q4tu5a6em9y8xdg0 1140 stbuehler@web.de-20080731102729-l6vn5b05w9swqbg5 1141 stbuehler@web.de-20080731102756-oj3d4tnk0l90mj77 1142 stbuehler@web.de-20080731204442-blw14cj2fkr3l8ly 1143 stbuehler@web.de-20080731204508-imtfnurf922mg7tj 1144 stbuehler@web.de-20080801112347-girnwswdkwm8wuip 1145 stbuehler@web.de-20080801161245-kx1temr529o7xko9 1146 stbuehler@web.de-20080801175332-oc9e7x8edn1owcc0 1147 stbuehler@web.de-20080801183454-5i66v0gsdv0cgmia 1148 stbuehler@web.de-20080801192849-6zklfbb832sx0hvr 1149 stbuehler@web.de-20080801203119-o16elp8w854s6lol 1150 stbuehler@web.de-20080802162146-a4v57svc788pwdsv 1151 stbuehler@web.de-20080802162202-9udlc1wuwt09pyh2 1152 stbuehler@web.de-20080804135803-yuor9ze06px7qta4 1153 stbuehler@web.de-20080812194728-fupt781o6q058unh 1154 stbuehler@web.de-20080818162116-piz0ukqsaecv2li2 1155 stbuehler@web.de-20080818235700-94t0xc6ml70zojwq 1156 stbuehler@web.de-20080819163650-1qhwsqszr78cr4xx 1157 stbuehler@web.de-20080819163757-1qq3t1f1wj69t8xs 1158 stbuehler@web.de-20080819163914-rklhkurg8apv85l2 1159 stbuehler@web.de-20080819163953-tlqew751e43phf5b 1160 stbuehler@web.de-20080819164108-8ogh68sm1uyteawe 1161 stbuehler@web.de-20080819173911-w5bqpb7cp9jmdqye 1162 stbuehler@web.de-20080819222242-c0ta5gnli9p3j35a 1163 stbuehler@web.de-20080820100730-g1bwdh4nqb53ag9u 1164 stbuehler@web.de-20080820100752-9pggugdyfnnps8qu 1165 stbuehler@web.de-20080820164258-v2j00motsrsc5esp 1166 stbuehler@web.de-20080827144628-hi9hf4ch3n1wf9ao 1167 stbuehler@web.de-20080827144903-tfxu4yehlyu5kegc 1168 stbuehler@web.de-20080827155155-7mt92orehbxkh2lh 1169 stbuehler@web.de-20080917142048-zbcwpk39q9ewd516 1170 stbuehler@web.de-20080917142300-16gzt21x4nbjtj87 1171 stbuehler@web.de-20080919160134-385anjnd3txxdw3x 1172 stbuehler@web.de-20080920134142-fvvwaw2ys51dg4rj 1173 stbuehler@web.de-20080921153311-1f7rn01atdilmxmy 1174 stbuehler@web.de-20080922101346-wel327kjmykkpvmp 1175 stbuehler@web.de-20080923190422-uow06l38ndue36o4 + 1127 stbuehler@web.de-20080728081644-j4cxnhduw8kbt8um 1128 stbuehler@web.de-20080728084246-axvxdtjsrratxixs 1129 stbuehler@web.de-20080729211700-s8v6nq2cu06qesls 1130 stbuehler@web.de-20080729211726-4yxb6e5dva1cn0lz 1131 stbuehler@web.de-20080729211750-4ulzigswx17uciyu 1132 stbuehler@web.de-20080729211850-nliz3kd0m576ztuu 1133 stbuehler@web.de-20080730163440-dg2y2sbf0u4grmn4 1134 stbuehler@web.de-20080730173952-kiutzg6geqy7mick 1135 stbuehler@web.de-20080730193616-9kc2ms7rrhv1lkn7 1136 stbuehler@web.de-20080730211457-z4a6uth1y29glbqh 1137 stbuehler@web.de-20080730213517-b6sjcrdwbmipl334 1138 stbuehler@web.de-20080731102617-2xw8unjfqic7lsew 1139 stbuehler@web.de-20080731102703-q4tu5a6em9y8xdg0 1140 stbuehler@web.de-20080731102729-l6vn5b05w9swqbg5 1141 stbuehler@web.de-20080731102756-oj3d4tnk0l90mj77 1142 stbuehler@web.de-20080731204442-blw14cj2fkr3l8ly 1143 stbuehler@web.de-20080731204508-imtfnurf922mg7tj 1144 stbuehler@web.de-20080801112347-girnwswdkwm8wuip 1145 stbuehler@web.de-20080801161245-kx1temr529o7xko9 1146 stbuehler@web.de-20080801175332-oc9e7x8edn1owcc0 1147 stbuehler@web.de-20080801183454-5i66v0gsdv0cgmia 1148 stbuehler@web.de-20080801192849-6zklfbb832sx0hvr 1149 stbuehler@web.de-20080801203119-o16elp8w854s6lol 1150 stbuehler@web.de-20080802162146-a4v57svc788pwdsv 1151 stbuehler@web.de-20080802162202-9udlc1wuwt09pyh2 1152 stbuehler@web.de-20080804135803-yuor9ze06px7qta4 1153 stbuehler@web.de-20080812194728-fupt781o6q058unh 1154 stbuehler@web.de-20080818162116-piz0ukqsaecv2li2 1155 stbuehler@web.de-20080818235700-94t0xc6ml70zojwq 1156 stbuehler@web.de-20080819163650-1qhwsqszr78cr4xx 1157 stbuehler@web.de-20080819163757-1qq3t1f1wj69t8xs 1158 stbuehler@web.de-20080819163914-rklhkurg8apv85l2 1159 stbuehler@web.de-20080819163953-tlqew751e43phf5b 1160 stbuehler@web.de-20080819164108-8ogh68sm1uyteawe 1161 stbuehler@web.de-20080819173911-w5bqpb7cp9jmdqye 1162 stbuehler@web.de-20080819222242-c0ta5gnli9p3j35a 1163 stbuehler@web.de-20080820100730-g1bwdh4nqb53ag9u 1164 stbuehler@web.de-20080820100752-9pggugdyfnnps8qu 1165 stbuehler@web.de-20080820164258-v2j00motsrsc5esp 1166 stbuehler@web.de-20080827144628-hi9hf4ch3n1wf9ao 1167 stbuehler@web.de-20080827144903-tfxu4yehlyu5kegc 1168 stbuehler@web.de-20080827155155-7mt92orehbxkh2lh 1169 stbuehler@web.de-20080917142048-zbcwpk39q9ewd516 1170 stbuehler@web.de-20080917142300-16gzt21x4nbjtj87 1171 stbuehler@web.de-20080919160134-385anjnd3txxdw3x 1172 stbuehler@web.de-20080920134142-fvvwaw2ys51dg4rj 1173 stbuehler@web.de-20080921153311-1f7rn01atdilmxmy 1174 stbuehler@web.de-20080922101346-wel327kjmykkpvmp 1175 stbuehler@web.de-20080923190422-uow06l38ndue36o4 1176 stbuehler@web.de-20080930112012-53jby2m8xslmd1hm 1177 stbuehler@web.de-20080930134824-j9q72rwuiczzof5k 1178 stbuehler@web.de-20080930142037-32pb6m3zjcwryw1w 1179 stbuehler@web.de-20080930142756-ueovgoshyb996bce 1180 stbuehler@web.de-20080930152935-1zfy67brol3xdbc0 1181 stbuehler@web.de-20080930193919-13n2q4c6fbgw0dkx 1182 stbuehler@web.de-20080930211152-4hmgs95wyg2deol7 1183 stbuehler@web.de-20081001132402-hxnyu6yzyk3mjf4d 1184 stbuehler@web.de-20081001155102-qf0mmu2kkpgr7xf0 1185 stbuehler@web.de-20081001160009-n67ss0vzlac2y60k 1186 stbuehler@web.de-20081001200802-l5og517etnneitk0 1188 stbuehler@web.de-20081004160711-ygaohrecmutiqlla 1189 stbuehler@web.de-20081004211932-vq16u26mthbeed7d 1191 stbuehler@web.de-20081005224446-1bztt6zqrjh8w8fd 1192 stbuehler@web.de-20081012114652-ihgz590f0gl5gxpw 1193 stbuehler@web.de-20081012114716-jnzljhexi4z2gh92 1195 stbuehler@web.de-20081016120614-kz39vxtz1pebho0o 1196 stbuehler@web.de-20081016121103-trug4hts0o62d1ut 1197 stbuehler@web.de-20081016121114-65quosenmso8frf8 1198 stbuehler@web.de-20081016121421-xjjb7fb53pxu6odj 1199 stbuehler@web.de-20081205222033-6qok7y19pwp3kxm9 1200 stbuehler@web.de-20081205222811-49izmzxui0y9ncq6 1201 stbuehler@web.de-20081205233903-708beaujtf26gprx 1202 stbuehler@web.de-20081207151631-yv9bdf94zw83jxpv 1203 stbuehler@web.de-20081207151822-mhyg0gkedmttdqvd 1204 stbuehler@web.de-20081207151835-1m3yta2fjc4pgb8y 1205 stbuehler@web.de-20081218221139-w8los43bjbhy9urh 1206 stbuehler@web.de-20081218222305-5wz7000a62iqa81r 1208 stbuehler@web.de-20090203201352-ivan8lsb3nkv1go5 1209 stbuehler@web.de-20090203204231-03zjmk7qiol9yxgq 1210 stbuehler@web.de-20090203210157-bx1e59fqple5oj3v 1211 stbuehler@web.de-20090203221006-qd6w80m7lmeqgrjh 1212 stbuehler@web.de-20090203225303-3dwmialad2u720h8 1213 stbuehler@web.de-20090204102521-jl3vo2ftp5rsbx9y 1214 stbuehler@web.de-20090204151616-n56of74dydkqdkgh 1215 stbuehler@web.de-20090204172956-6wzsv0nm5nxcgfym 1216 stbuehler@web.de-20090205105134-6i5key9439wspueq 1217 stbuehler@web.de-20090205114017-0voscqjd5bdm9mwv 1218 stbuehler@web.de-20090205114442-peekxwpevjl3t7j3