Index: configure.in =================================================================== Index: src/configfile-glue.c =================================================================== --- src/configfile-glue.c (.../tags/lighttpd-1.4.20) (revision 2336) +++ src/configfile-glue.c (.../branches/lighttpd-1.4.x) (revision 2336) @@ -1,4 +1,5 @@ #include +#include #include "base.h" #include "buffer.h" @@ -90,6 +91,22 @@ case TYPE_STRING: { data_string *ds = (data_string *)du; + /* If the value came from an environment variable, then it is a + * data_string, although it may contain a number in ASCII + * decimal format. We try to interpret the string as a decimal + * short before giving up, in order to support setting numeric + * values with environment variables (eg, port number). + */ + if (ds->value->ptr && *ds->value->ptr) { + char *e; + long l = strtol(ds->value->ptr, &e, 10); + if (e != ds->value->ptr && !*e && l >=0 && l <= 65535) { + *((unsigned short *)(cv[i].destination)) = l; + break; + + } + } + log_error_write(srv, __FILE__, __LINE__, "ssb", "got a string but expected a short:", cv[i].key, ds->value); return -1; Index: src/mod_cgi.c =================================================================== --- src/mod_cgi.c (.../tags/lighttpd-1.4.20) (revision 2336) +++ src/mod_cgi.c (.../branches/lighttpd-1.4.x) (revision 2336) @@ -822,15 +822,27 @@ ); cgi_env_add(&env, CONST_STR_LEN("SERVER_PORT"), buf, strlen(buf)); + switch (srv_sock->addr.plain.sa_family) { #ifdef HAVE_IPV6 - s = inet_ntop(srv_sock->addr.plain.sa_family, - srv_sock->addr.plain.sa_family == AF_INET6 ? - (const void *) &(srv_sock->addr.ipv6.sin6_addr) : - (const void *) &(srv_sock->addr.ipv4.sin_addr), - b2, sizeof(b2)-1); + case AF_INET6: + s = inet_ntop(srv_sock->addr.plain.sa_family, + (const void *) &(srv_sock->addr.ipv6.sin6_addr), + b2, sizeof(b2)-1); + break; + case AF_INET: + s = inet_ntop(srv_sock->addr.plain.sa_family, + (const void *) &(srv_sock->addr.ipv4.sin_addr), + b2, sizeof(b2)-1); + break; #else - s = inet_ntoa(srv_sock->addr.ipv4.sin_addr); + case AF_INET: + s = inet_ntoa(srv_sock->addr.ipv4.sin_addr); + break; #endif + default: + s = ""; + break; + } cgi_env_add(&env, CONST_STR_LEN("SERVER_ADDR"), s, strlen(s)); s = get_http_method_name(con->request.http_method); @@ -848,15 +860,27 @@ } + switch (con->dst_addr.plain.sa_family) { #ifdef HAVE_IPV6 - s = inet_ntop(con->dst_addr.plain.sa_family, - con->dst_addr.plain.sa_family == AF_INET6 ? - (const void *) &(con->dst_addr.ipv6.sin6_addr) : - (const void *) &(con->dst_addr.ipv4.sin_addr), - b2, sizeof(b2)-1); + case AF_INET6: + s = inet_ntop(con->dst_addr.plain.sa_family, + (const void *) &(con->dst_addr.ipv6.sin6_addr), + b2, sizeof(b2)-1); + break; + case AF_INET: + s = inet_ntop(con->dst_addr.plain.sa_family, + (const void *) &(con->dst_addr.ipv4.sin_addr), + b2, sizeof(b2)-1); + break; #else - s = inet_ntoa(con->dst_addr.ipv4.sin_addr); + case AF_INET: + s = inet_ntoa(con->dst_addr.ipv4.sin_addr); + break; #endif + default: + s = ""; + break; + } cgi_env_add(&env, CONST_STR_LEN("REMOTE_ADDR"), s, strlen(s)); LI_ltostr(buf, Index: src/connections.c =================================================================== --- src/connections.c (.../tags/lighttpd-1.4.20) (revision 2336) +++ src/connections.c (.../branches/lighttpd-1.4.x) (revision 2336) @@ -330,15 +330,13 @@ buffer_prepare_copy(b, 4 * 1024); len = recv(con->fd, b->ptr, b->size - 1, 0); #else - if (ioctl(con->fd, FIONREAD, &toread)) { - log_error_write(srv, __FILE__, __LINE__, "sd", - "unexpected end-of-file:", - con->fd); - return -1; + if (ioctl(con->fd, FIONREAD, &toread) || toread == 0) { + b = chunkqueue_get_append_buffer(con->read_queue); + buffer_prepare_copy(b, 4 * 1024); + } else { + b = chunkqueue_get_append_buffer(con->read_queue); + buffer_prepare_copy(b, toread + 1); } - b = chunkqueue_get_append_buffer(con->read_queue); - buffer_prepare_copy(b, toread + 1); - len = read(con->fd, b->ptr, b->size - 1); #endif Index: src/configfile.c =================================================================== --- src/configfile.c (.../tags/lighttpd-1.4.20) (revision 2336) +++ src/configfile.c (.../branches/lighttpd-1.4.x) (revision 2336) @@ -940,7 +940,6 @@ } int config_parse_cmd(server *srv, config_t *context, const char *cmd) { - proc_handler_t proc; tokenizer_t t; int ret; buffer *source; @@ -960,7 +959,7 @@ chdir(context->basedir->ptr); } - if (0 != proc_open_buffer(&proc, cmd, NULL, out, NULL)) { + if (0 != proc_open_buffer(cmd, NULL, out, NULL)) { log_error_write(srv, __FILE__, __LINE__, "sbss", "opening", source, "failed:", strerror(errno)); ret = -1; Index: src/response.c =================================================================== --- src/response.c (.../tags/lighttpd-1.4.20) (revision 2336) +++ src/response.c (.../branches/lighttpd-1.4.x) (revision 2336) @@ -44,16 +44,15 @@ buffer_append_string(b, get_http_status_name(con->http_status)); if (con->request.http_version != HTTP_VERSION_1_1 || con->keep_alive == 0) { - buffer_append_string_len(b, CONST_STR_LEN("\r\nConnection: ")); if (con->keep_alive) { - buffer_append_string_len(b, CONST_STR_LEN("keep-alive")); + response_header_overwrite(srv, con, CONST_STR_LEN("Connection"), CONST_STR_LEN("keep-alive")); } else { - buffer_append_string_len(b, CONST_STR_LEN("close")); + response_header_overwrite(srv, con, CONST_STR_LEN("Connection"), CONST_STR_LEN("close")); } } if (con->response.transfer_encoding & HTTP_TRANSFER_ENCODING_CHUNKED) { - buffer_append_string_len(b, CONST_STR_LEN("\r\nTransfer-Encoding: chunked")); + response_header_overwrite(srv, con, CONST_STR_LEN("Transfer-Encoding"), CONST_STR_LEN("chunked")); } Index: src/mod_simple_vhost.c =================================================================== --- src/mod_simple_vhost.c (.../tags/lighttpd-1.4.20) (revision 2336) +++ src/mod_simple_vhost.c (.../branches/lighttpd-1.4.x) (revision 2336) @@ -249,6 +249,8 @@ return HANDLER_GO_ON; } else { buffer_copy_string_buffer(con->server_name, p->conf.default_host); + /* do not cache default host */ + return HANDLER_GO_ON; } } else { buffer_copy_string_buffer(con->server_name, con->uri.authority); Index: src/mod_proxy.c =================================================================== --- src/mod_proxy.c (.../tags/lighttpd-1.4.20) (revision 2336) +++ src/mod_proxy.c (.../branches/lighttpd-1.4.x) (revision 2336) @@ -1198,7 +1198,8 @@ host = (data_proxy *)extension->value->data[0]; /* Use last_used_ndx from first host in list */ - k = ndx = host->last_used_ndx; + k = host->last_used_ndx; + ndx = k + 1; /* use next host after the last one */ if (ndx < 0) ndx = 0; /* Search first active host after last_used_ndx */ Index: src/http_auth.c =================================================================== --- src/http_auth.c (.../tags/lighttpd-1.4.20) (revision 2336) +++ src/http_auth.c (.../branches/lighttpd-1.4.x) (revision 2336) @@ -57,22 +57,25 @@ static const char base64_pad = '='; +/* "A-Z a-z 0-9 + /" maps to 0-63 */ static const short base64_reverse_table[256] = { - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63, - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, - -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, - 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, - -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, - 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1 +/* 0 1 2 3 4 5 6 7 8 9 A B C D E F */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0x00 - 0x0F */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0x10 - 0x1F */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63, /* 0x20 - 0x2F */ + 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, /* 0x30 - 0x3F */ + -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, /* 0x40 - 0x4F */ + 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, /* 0x50 - 0x5F */ + -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, /* 0x60 - 0x6F */ + 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1, /* 0x70 - 0x7F */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0x80 - 0x8F */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0x90 - 0x9F */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0xA0 - 0xAF */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0xB0 - 0xBF */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0xC0 - 0xCF */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0xD0 - 0xDF */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0xE0 - 0xEF */ + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, /* 0xF0 - 0xFF */ }; @@ -697,7 +700,7 @@ } } else if (p->conf.auth_backend == AUTH_BACKEND_LDAP) { #ifdef USE_LDAP - LDAP *ldap = NULL; + LDAP *ldap; LDAPMessage *lm, *first; char *dn; int ret; @@ -742,56 +745,45 @@ buffer_append_string_buffer(p->ldap_filter, username); buffer_append_string_buffer(p->ldap_filter, p->conf.ldap_filter_post); + /* 2. */ - if (p->conf.ldap == NULL || - LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) { - /* try again if ldap was only temporary down */ - if (p->conf.ldap == NULL || ret != LDAP_SERVER_DOWN || LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) { - if (auth_ldap_init(srv, &p->conf) != HANDLER_GO_ON) + if (p->anon_conf->ldap == NULL || + LDAP_SUCCESS != (ret = ldap_search_s(p->anon_conf->ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) { + + /* try again; the ldap library sometimes fails for the first call but reconnects */ + if (p->anon_conf->ldap == NULL || ret != LDAP_SERVER_DOWN || + LDAP_SUCCESS != (ret = ldap_search_s(p->anon_conf->ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) { + + if (auth_ldap_init(srv, p->anon_conf) != HANDLER_GO_ON) return -1; - ldap = p->conf.ldap; /* save temporary ldap connection (TODO: redo ldap) */ - if (LDAP_SUCCESS != (ret = ldap_search_s(p->conf.ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) { + if (p->anon_conf->ldap == NULL || + LDAP_SUCCESS != (ret = ldap_search_s(p->anon_conf->ldap, p->conf.auth_ldap_basedn->ptr, LDAP_SCOPE_SUBTREE, p->ldap_filter->ptr, attrs, 0, &lm))) { log_error_write(srv, __FILE__, __LINE__, "sssb", "ldap:", ldap_err2string(ret), "filter:", p->ldap_filter); - /* destroy temporary ldap connection (TODO: redo ldap) */ - ldap_unbind_s(ldap); return -1; } } } - if (NULL == (first = ldap_first_entry(p->conf.ldap, lm))) { - /* No matching entry is not an error */ - /* log_error_write(srv, __FILE__, __LINE__, "s", "ldap ..."); */ + if (NULL == (first = ldap_first_entry(p->anon_conf->ldap, lm))) { + log_error_write(srv, __FILE__, __LINE__, "s", "ldap ..."); ldap_msgfree(lm); - /* destroy temporary ldap connection (TODO: redo ldap) */ - if (NULL != ldap) { - ldap_unbind_s(ldap); - } return -1; } - if (NULL == (dn = ldap_get_dn(p->conf.ldap, first))) { - log_error_write(srv, __FILE__, __LINE__, "s", "ldap: ldap_get_dn failed"); + if (NULL == (dn = ldap_get_dn(p->anon_conf->ldap, first))) { + log_error_write(srv, __FILE__, __LINE__, "s", "ldap ..."); ldap_msgfree(lm); - /* destroy temporary ldap connection (TODO: redo ldap) */ - if (NULL != ldap) { - ldap_unbind_s(ldap); - } return -1; } ldap_msgfree(lm); - /* destroy temporary ldap connection (TODO: redo ldap) */ - if (NULL != ldap) { - ldap_unbind_s(ldap); - } /* 3. */ if (NULL == (ldap = ldap_init(p->conf.auth_ldap_hostname->ptr, LDAP_PORT))) { Index: src/http_auth.h =================================================================== --- src/http_auth.h (.../tags/lighttpd-1.4.20) (revision 2336) +++ src/http_auth.h (.../branches/lighttpd-1.4.x) (revision 2336) @@ -63,7 +63,7 @@ mod_auth_plugin_config **config_storage; - mod_auth_plugin_config conf; /* this is only used as long as no handler_ctx is setup */ + mod_auth_plugin_config conf, *anon_conf; /* this is only used as long as no handler_ctx is setup */ } mod_auth_plugin_data; int http_auth_basic_check(server *srv, connection *con, mod_auth_plugin_data *p, array *req, buffer *url, const char *realm_str); Index: src/mod_compress.c =================================================================== --- src/mod_compress.c (.../tags/lighttpd-1.4.20) (revision 2336) +++ src/mod_compress.c (.../branches/lighttpd-1.4.x) (revision 2336) @@ -49,6 +49,7 @@ buffer *compress_cache_dir; array *compress; off_t compress_max_filesize; /** max filesize in kb */ + int allowed_encodings; } plugin_config; typedef struct { @@ -154,6 +155,7 @@ { "compress.cache-dir", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, { "compress.filetype", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, { "compress.max-filesize", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, + { "compress.allowed-encodings", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET } }; @@ -161,15 +163,18 @@ for (i = 0; i < srv->config_context->used; i++) { plugin_config *s; + array *encodings_arr = array_init(); s = calloc(1, sizeof(plugin_config)); s->compress_cache_dir = buffer_init(); s->compress = array_init(); s->compress_max_filesize = 0; + s->allowed_encodings = 0; cv[0].destination = s->compress_cache_dir; cv[1].destination = s->compress; cv[2].destination = &(s->compress_max_filesize); + cv[3].destination = encodings_arr; /* temp array for allowed encodings list */ p->config_storage[i] = s; @@ -177,6 +182,39 @@ return HANDLER_ERROR; } + if (encodings_arr->used) { + size_t j = 0; + for (j = 0; j < encodings_arr->used; j++) { + data_string *ds = (data_string *)encodings_arr->data[j]; +#ifdef USE_ZLIB + if (NULL != strstr(ds->value->ptr, "gzip")) + s->allowed_encodings |= HTTP_ACCEPT_ENCODING_GZIP; + if (NULL != strstr(ds->value->ptr, "deflate")) + s->allowed_encodings |= HTTP_ACCEPT_ENCODING_DEFLATE; + /* + if (NULL != strstr(ds->value->ptr, "compress")) + s->allowed_encodings |= HTTP_ACCEPT_ENCODING_COMPRESS; + */ +#endif +#ifdef USE_BZ2LIB + if (NULL != strstr(ds->value->ptr, "bzip2")) + s->allowed_encodings |= HTTP_ACCEPT_ENCODING_BZIP2; +#endif + } + } else { + /* default encodings */ + s->allowed_encodings = 0 +#ifdef USE_ZLIB + | HTTP_ACCEPT_ENCODING_GZIP | HTTP_ACCEPT_ENCODING_DEFLATE +#endif +#ifdef USE_BZ2LIB + | HTTP_ACCEPT_ENCODING_BZIP2 +#endif + ; + } + + array_free(encodings_arr); + if (!buffer_is_empty(s->compress_cache_dir)) { struct stat st; mkdir_recursive(s->compress_cache_dir->ptr); @@ -587,6 +625,7 @@ PATCH(compress_cache_dir); PATCH(compress); PATCH(compress_max_filesize); + PATCH(allowed_encodings); /* skip the first, the global context */ for (i = 1; i < srv->config_context->used; i++) { @@ -606,6 +645,8 @@ PATCH(compress); } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("compress.max-filesize"))) { PATCH(compress_max_filesize); + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("compress.allowed-encodings"))) { + PATCH(allowed_encodings); } } } @@ -668,27 +709,21 @@ if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Accept-Encoding"))) { int accept_encoding = 0; char *value = ds->value->ptr; - int srv_encodings = 0; int matched_encodings = 0; /* get client side support encodings */ +#ifdef USE_ZLIB if (NULL != strstr(value, "gzip")) accept_encoding |= HTTP_ACCEPT_ENCODING_GZIP; if (NULL != strstr(value, "deflate")) accept_encoding |= HTTP_ACCEPT_ENCODING_DEFLATE; if (NULL != strstr(value, "compress")) accept_encoding |= HTTP_ACCEPT_ENCODING_COMPRESS; +#endif +#ifdef USE_BZ2LIB if (NULL != strstr(value, "bzip2")) accept_encoding |= HTTP_ACCEPT_ENCODING_BZIP2; +#endif if (NULL != strstr(value, "identity")) accept_encoding |= HTTP_ACCEPT_ENCODING_IDENTITY; - /* get server side supported ones */ -#ifdef USE_BZ2LIB - srv_encodings |= HTTP_ACCEPT_ENCODING_BZIP2; -#endif -#ifdef USE_ZLIB - srv_encodings |= HTTP_ACCEPT_ENCODING_GZIP; - srv_encodings |= HTTP_ACCEPT_ENCODING_DEFLATE; -#endif - /* find matching entries */ - matched_encodings = accept_encoding & srv_encodings; + matched_encodings = accept_encoding & p->conf.allowed_encodings; if (matched_encodings) { const char *dflt_gzip = "gzip"; Index: src/mod_auth.c =================================================================== --- src/mod_auth.c (.../tags/lighttpd-1.4.20) (revision 2336) +++ src/mod_auth.c (.../branches/lighttpd-1.4.x) (revision 2336) @@ -115,7 +115,7 @@ PATCH(auth_ldap_starttls); PATCH(auth_ldap_allow_empty_pw); #ifdef USE_LDAP - PATCH(ldap); + p->anon_conf = s; PATCH(ldap_filter_pre); PATCH(ldap_filter_post); #endif @@ -149,7 +149,7 @@ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.ldap.hostname"))) { PATCH(auth_ldap_hostname); #ifdef USE_LDAP - PATCH(ldap); + p->anon_conf = s; #endif } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.ldap.base-dn"))) { PATCH(auth_ldap_basedn); @@ -527,7 +527,7 @@ } } - switch(s->auth_backend) { + switch(s->auth_ldap_hostname->used) { case AUTH_BACKEND_LDAP: { handler_t ret = auth_ldap_init(srv, s); if (ret == HANDLER_ERROR) @@ -554,6 +554,9 @@ #endif if (s->auth_ldap_hostname->used) { + /* free old context */ + if (NULL != s->ldap) ldap_unbind_s(s->ldap); + if (NULL == (s->ldap = ldap_init(s->auth_ldap_hostname->ptr, LDAP_PORT))) { log_error_write(srv, __FILE__, __LINE__, "ss", "ldap ...", strerror(errno)); Index: src/mod_fastcgi.c =================================================================== --- src/mod_fastcgi.c (.../tags/lighttpd-1.4.20) (revision 2336) +++ src/mod_fastcgi.c (.../branches/lighttpd-1.4.x) (revision 2336) @@ -3608,47 +3608,50 @@ "handling it in mod_fastcgi"); } - /* the prefix is the SCRIPT_NAME, - * everything from start to the next slash - * this is important for check-local = "disable" - * - * if prefix = /admin.fcgi - * - * /admin.fcgi/foo/bar - * - * SCRIPT_NAME = /admin.fcgi - * PATH_INFO = /foo/bar - * - * if prefix = /fcgi-bin/ - * - * /fcgi-bin/foo/bar - * - * SCRIPT_NAME = /fcgi-bin/foo - * PATH_INFO = /bar - * - * if prefix = /, and fix-root-path-name is enable - * - * /fcgi-bin/foo/bar - * - * SCRIPT_NAME = /fcgi-bin/foo - * PATH_INFO = /bar - * - */ + /* do not split path info for authorizer */ + if (host->mode != FCGI_AUTHORIZER) { + /* the prefix is the SCRIPT_NAME, + * everything from start to the next slash + * this is important for check-local = "disable" + * + * if prefix = /admin.fcgi + * + * /admin.fcgi/foo/bar + * + * SCRIPT_NAME = /admin.fcgi + * PATH_INFO = /foo/bar + * + * if prefix = /fcgi-bin/ + * + * /fcgi-bin/foo/bar + * + * SCRIPT_NAME = /fcgi-bin/foo + * PATH_INFO = /bar + * + * if prefix = /, and fix-root-path-name is enable + * + * /fcgi-bin/foo/bar + * + * SCRIPT_NAME = /fcgi-bin/foo + * PATH_INFO = /bar + * + */ - /* the rewrite is only done for /prefix/? matches */ - if (extension->key->ptr[0] == '/' && - con->uri.path->used > extension->key->used && - NULL != (pathinfo = strchr(con->uri.path->ptr + extension->key->used - 1, '/'))) { - /* rewrite uri.path and pathinfo */ + /* the rewrite is only done for /prefix/? matches */ + if (extension->key->ptr[0] == '/' && + con->uri.path->used > extension->key->used && + NULL != (pathinfo = strchr(con->uri.path->ptr + extension->key->used - 1, '/'))) { + /* rewrite uri.path and pathinfo */ - buffer_copy_string(con->request.pathinfo, pathinfo); + buffer_copy_string(con->request.pathinfo, pathinfo); - con->uri.path->used -= con->request.pathinfo->used - 1; - con->uri.path->ptr[con->uri.path->used - 1] = '\0'; - } else if (host->fix_root_path_name && extension->key->ptr[0] == '/' && extension->key->ptr[1] == '\0') { - buffer_copy_string(con->request.pathinfo, con->uri.path->ptr); - con->uri.path->used = 1; - con->uri.path->ptr[con->uri.path->used - 1] = '\0'; + con->uri.path->used -= con->request.pathinfo->used - 1; + con->uri.path->ptr[con->uri.path->used - 1] = '\0'; + } else if (host->fix_root_path_name && extension->key->ptr[0] == '/' && extension->key->ptr[1] == '\0') { + buffer_copy_string(con->request.pathinfo, con->uri.path->ptr); + con->uri.path->used = 1; + con->uri.path->ptr[con->uri.path->used - 1] = '\0'; + } } } } else { Index: src/proc_open.c =================================================================== --- src/proc_open.c (.../tags/lighttpd-1.4.20) (revision 2336) +++ src/proc_open.c (.../branches/lighttpd-1.4.x) (revision 2336) @@ -287,32 +287,33 @@ } /* }}} */ /* {{{ proc_open_buffer */ -int proc_open_buffer(proc_handler_t *proc, const char *command, buffer *in, buffer *out, buffer *err) { +int proc_open_buffer(const char *command, buffer *in, buffer *out, buffer *err) { + proc_handler_t proc; - UNUSED(err); - - if (proc_open(proc, command) != 0) { + if (proc_open(&proc, command) != 0) { return -1; } if (in) { - if (write(proc->in.fd, (void *)in->ptr, in->used) < 0) { + if (write(proc.in.fd, (void *)in->ptr, in->used) < 0) { perror("error writing pipe"); return -1; } } - pipe_close(&proc->in); + pipe_close(&proc.in); if (out) { - proc_read_fd_to_buffer(proc->out.fd, out); + proc_read_fd_to_buffer(proc.out.fd, out); } - pipe_close(&proc->out); + pipe_close(&proc.out); if (err) { - proc_read_fd_to_buffer(proc->err.fd, err); + proc_read_fd_to_buffer(proc.err.fd, err); } - pipe_close(&proc->err); + pipe_close(&proc.err); + proc_close(&proc); + return 0; } /* }}} */ @@ -366,7 +367,7 @@ RESET(); fprintf(stdout, "test: echo 321 with read\n"); fflush(stdout); - if (proc_open_buffer(&proc, "echo 321", NULL, out, err) != 0) { + if (proc_open_buffer("echo 321", NULL, out, err) != 0) { ERROR_OUT(); } fprintf(stdout, "result: ->%s<-\n\n", out->ptr); fflush(stdout); @@ -374,7 +375,7 @@ fprintf(stdout, "test: echo 123 | " CMD_CAT "\n"); fflush(stdout); buffer_copy_string_len(in, CONST_STR_LEN("123\n")); - if (proc_open_buffer(&proc, CMD_CAT, in, out, err) != 0) { + if (proc_open_buffer(CMD_CAT, in, out, err) != 0) { ERROR_OUT(); } fprintf(stdout, "result: ->%s<-\n\n", out->ptr); fflush(stdout); Index: src/proc_open.h =================================================================== --- src/proc_open.h (.../tags/lighttpd-1.4.20) (revision 2336) +++ src/proc_open.h (.../branches/lighttpd-1.4.x) (revision 2336) @@ -22,4 +22,4 @@ int proc_close(proc_handler_t *ht); int proc_open(proc_handler_t *ht, const char *command); -int proc_open_buffer(proc_handler_t *ht, const char *command, buffer *in, buffer *out, buffer *err); +int proc_open_buffer(const char *command, buffer *in, buffer *out, buffer *err); Index: tests/mod-compress.conf =================================================================== --- tests/mod-compress.conf (.../tags/lighttpd-1.4.20) (revision 0) +++ tests/mod-compress.conf (.../branches/lighttpd-1.4.x) (revision 2336) @@ -0,0 +1,32 @@ +debug.log-request-handling = "enable" +debug.log-response-header = "disable" +debug.log-request-header = "disable" + +server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" +server.pid-file = env.SRCDIR + "/tmp/lighttpd/lighttpd.pid" + +## bind to port (default: 80) +server.port = 2048 + +## bind to localhost (default: all interfaces) +server.bind = "localhost" +server.errorlog = env.SRCDIR + "/tmp/lighttpd/logs/lighttpd.error.log" +server.name = "www.example.org" + +server.modules = ( + "mod_compress" +) + +######################## MODULE CONFIG ############################ + +mimetype.assign = ( + ".html" => "text/html", + ".txt" => "text/plain", +) + +$HTTP["host"] == "cache.example.org" { + compress.cache-dir = env.SRCDIR + "/tmp/lighttpd/cache/compress/" +} +compress.filetype = ("text/plain", "text/html") + +compress.allowed-encodings = ( "gzip", "deflate" ) Index: tests/mod-fastcgi.t =================================================================== --- tests/mod-fastcgi.t (.../tags/lighttpd-1.4.20) (revision 2336) +++ tests/mod-fastcgi.t (.../branches/lighttpd-1.4.x) (revision 2336) @@ -7,7 +7,7 @@ } use strict; -use Test::More tests => 49; +use Test::More tests => 50; use LightyTest; my $tf = LightyTest->new(); @@ -215,7 +215,7 @@ } SKIP: { - skip "no fcgi-auth found", 4 unless -x $tf->{BASEDIR}."/tests/fcgi-auth" || -x $tf->{BASEDIR}."/tests/fcgi-auth.exe"; + skip "no fcgi-auth found", 5 unless -x $tf->{BASEDIR}."/tests/fcgi-auth" || -x $tf->{BASEDIR}."/tests/fcgi-auth.exe"; $tf->{CONFIGFILE} = 'fastcgi-auth.conf'; ok($tf->start_proc == 0, "Starting lighttpd with $tf->{CONFIGFILE}") or die(); @@ -235,6 +235,14 @@ $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ]; ok($tf->handle_http($t) == 0, 'FastCGI - Auth'); + $t->{REQUEST} = ( <{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; + ok($tf->handle_http($t) == 0, 'FastCGI - Auth in subdirectory'); + ok($tf->stop_proc == 0, "Stopping lighttpd"); } Index: tests/fastcgi-auth.conf =================================================================== --- tests/fastcgi-auth.conf (.../tags/lighttpd-1.4.20) (revision 2336) +++ tests/fastcgi-auth.conf (.../branches/lighttpd-1.4.x) (revision 2336) @@ -89,6 +89,7 @@ "bin-path" => env.SRCDIR + "/fcgi-auth", "mode" => "authorizer", "docroot" => env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/", + "check-local" => "disable", ) ) Index: tests/mod-compress.t =================================================================== --- tests/mod-compress.t (.../tags/lighttpd-1.4.20) (revision 2336) +++ tests/mod-compress.t (.../branches/lighttpd-1.4.x) (revision 2336) @@ -8,12 +8,14 @@ use strict; use IO::Socket; -use Test::More tests => 10; +use Test::More tests => 11; use LightyTest; my $tf = LightyTest->new(); my $t; +$tf->{CONFIGFILE} = 'mod-compress.conf'; + ok($tf->start_proc == 0, "Starting lighttpd") or die(); $t->{REQUEST} = ( <{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, '+Vary' => '', 'Content-Type' => "text/plain" } ]; ok($tf->handle_http($t) == 0, 'Empty Accept-Encoding'); +$t->{REQUEST} = ( <{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, '+Vary' => '', 'Content-Encoding' => 'gzip', 'Content-Type' => "text/plain" } ]; +ok($tf->handle_http($t) == 0, 'bzip2 requested but disabled'); + ok($tf->stop_proc == 0, "Stopping lighttpd"); Index: doc/compress.txt =================================================================== --- doc/compress.txt (.../tags/lighttpd-1.4.20) (revision 2336) +++ doc/compress.txt (.../branches/lighttpd-1.4.x) (revision 2336) @@ -6,13 +6,7 @@ Module: mod_compress -------------------- -:Author: Jan Kneschke -:Date: $Date$ -:Revision: $Revision$ -:abstract: - a nice, short abstrace about the module - .. meta:: :keywords: lighttpd, compress @@ -22,16 +16,57 @@ =========== Output compression reduces the network load and can improve the overall -throughput of the webserver. +throughput of the webserver. All major http-clients support compression by +announcing it in the Accept-Encoding header. This is used to negotiate the +most suitable compression method. We support deflate, gzip and bzip2. -Only static content is supported up to now. +deflate (RFC1950, RFC1951) and gzip (RFC1952) depend on zlib while bzip2 +depends on libbzip2. bzip2 is only supported by lynx and some other console +text-browsers. -The server negotiates automaticly which compression method is used. -Supported are gzip, deflate, bzip. +We currently limit to compression support to static files. +Caching +------- + +mod_compress can store compressed files on disk to optimize the compression +on a second request away. As soon as compress.cache-dir is set the files are +compressed. + +(You will need to create the cache directory if it doesn't already exist. The web server will not do this for you. The directory will also need the proper ownership. For Debian/Ubuntu the user and group ids should both be www-data.) + +The names of the cache files are made of the filename, the compression method +and the etag associated to the file. + +Cleaning the cache is left to the user. A cron job deleting files older than +10 days could do it: :: + + find /var/www/cache -type f -mtime +10 | xargs -r rm + +Limitations +----------- + +The module limits the compression of files to files smaller than 128 MByte and +larger than 128 Byte. + +The lower limit is set as small files tend to become larger by compressing due +to the compression headers, the upper limit is set to work sensibly with +memory and cpu-time. + +Directories containing a tilde ('~') are not created automatically (See ticket +#113). To enable compression for user dirs you have to create the directories +by hand in the cache directory. + Options ======= +compress.allowed-encodings + override default set of allowed encodings + + e.g.: :: + + compress.allowed-encodings = ("bzip2", "gzip", "deflate") + compress.cache-dir name of the directory where compressed content will be cached @@ -47,20 +82,111 @@ Default: not set, compress the file for every request compress.filetype - mimetypes where might get compressed + mimetypes which might get compressed e.g.: :: compress.filetype = ("text/plain", "text/html") + Keep in mind that compressed JavaScript and CSS files are broken in some + browsers. Not setting any filetypes will result in no files being compressed. + + NOTE: You have to specify the full mime-type! If you also define a charset, for example, you have to use "text/plain; charset=utf-8" instead of just "text/plain". + Default: not set +compress.max-filesize + maximum size of the original file to be compressed kBytes. + This is meant to protect the server against DoSing as compressing large + (let's say 1Gbyte) takes a lot of time and would delay the whole operation + of the server. + + There is a hard upper limit of 128Mbyte. + + Default: unlimited (== hard-limit of 128MByte) + +Display compressed files +======================== + +If you enable mod_compress, and you want to force clients to uncompress and display compressed text files, please force mimetype to nothing. +Exemple : +If you want to add headers for uncompress and display diff.gz files , add this section in your conf : :: + + $HTTP["url"] =~ "\.diff\.gz" { + setenv.add-response-header = ( "Content-Encoding" => "gzip" ) + mimetype.assign = () + } + + Compressing Dynamic Content =========================== +PHP +--- + To compress dynamic content with PHP please enable :: zlib.output_compression = 1 + zlib.output_handler = On in the php.ini as PHP provides compression support by itself. + +mod_compress of lighttpd 1.5 r1992 may not set correct Content-Encoding with php-fcgi. A solution to that problem would be: + +1.disable mod_compress when request a php file:: + + $HTTP["url"] !~ "\.php$" { + compress.filetype = ("text/plain", "text/html", "text/javascript", "text/css", "text/xml") + } + +2.enable mod_setenv of your lighttpd:: + + server.modules += ( "mod_setenv" ) + +3.manually set Content-Encoding:: + + $HTTP["url"] =~ "\.php$" { + setenv.add-response-header = ( "Content-Encoding" => "gzip") + } + + +TurboGears +---------- + +To compress dynamic content with TurboGears please enable :: + + [/] + gzip_filter.on = True + gzip_filter.mime_types = ["application/x-javascript", "text/javascript", "text/html", "text/css", "text/plain"] + +in the config/app.cfg file in your TurboGears application. The above lines should already be in the file. You just need to remove the comment symbol in front of the lines to make them active. + +Django +------ + +To compress dynamic content with Django please enable the GZipMiddleware :: + + MIDDLEWARE_CLASSES = ( + 'django.middleware.gzip.GZipMiddleware', + ... + ) + +in the settings.py file in your Django project. + +Catalyst +-------- + +To compress dynamic content with Perl/Catalyst, simply use the Catalyst::Plugin::Compress::Gzip module available on CPAN :: + + use Catalyst qw( + Compress::Gzip + ... + ); + +in your main package (MyApp.pm). Further configuration is not required. + +}}} + + + Index: SConstruct =================================================================== --- SConstruct (.../tags/lighttpd-1.4.20) (revision 2336) +++ SConstruct (.../branches/lighttpd-1.4.x) (revision 2336) @@ -5,7 +5,7 @@ from stat import * package = 'lighttpd' -version = '1.4.20' +version = '1.4.21' def checkCHeaders(autoconf, hdrs): p = re.compile('[^A-Z0-9]') Index: Makefile.am =================================================================== --- Makefile.am (.../tags/lighttpd-1.4.20) (revision 2336) +++ Makefile.am (.../branches/lighttpd-1.4.x) (revision 2336) @@ -1,4 +1,4 @@ -SUBDIRS=src doc tests cygwin openwrt +SUBDIRS=src doc tests EXTRA_DIST=autogen.sh SConstruct Index: NEWS =================================================================== --- NEWS (.../tags/lighttpd-1.4.20) (revision 2336) +++ NEWS (.../branches/lighttpd-1.4.x) (revision 2336) @@ -3,8 +3,24 @@ NEWS ==== -- 1.4.20 - +- 1.4.21 - + * Fix base64 decoding in mod_auth (#1757, thx guido) + * Fix mod_cgi segfault when bound to unix domain socket (#653) + * Do not rely on ioctl FIONREAD (#673) + * Now really fix mod auth ldap (#1066) + * Fix leaving zombie process with include_shell (#1777) + * Removed debian/, openwrt/ and cygwin/; they weren't kept up-to-date, and we decided to remove dist. specific stuff + * Try to convert string options to shorts for numeric options in config file; allows to use env-vars for numeric options. (#1159, thx andrewb) + * Do not cache default vhost in mod_simple_vhost (#709) + * Trust pcre-config, do not check for pcre manually (#1769) + * Fix fastcgi authorization in subdirectories with check-local=disabled; don't split pathinfo for authorizer. (#963) + * Add possibility to disable methods in mod_compress (#1773) + * Fix duplicate connection keep-alive/transfer-encoding headers (#960) + * Fixed fix for round-robin in mod_proxy (forgot to increment the index) (#1715) + +- 1.4.20 - 2008-09-30 + * Fix mod_compress to compile with old gcc version (#1592) * Fix mod_extforward to compile with old gcc version (#1591) * Update documentation for #1587 @@ -52,7 +68,7 @@ * decode url before matching in mod_rewrite (#1720) * fixed conditional patching of ldap filter (#1564) * Match headers case insensitive in response (removing of X-{Sendfile,LIGHTTPD-*}, catching Date/Server) - * fixed bug with case-insensitive filenames in mod_userdir (#1589), spotted by "anders1" + * fixed bug with case-insensitive filenames in mod_userdir (#1589), spotted by "anders1" (CVE-2008-4360) * fixed format string bugs in mod_accesslog for SYSLOG * replaced fprintf with log_error_write in fastcgi debug * fixed mem leak in ssi expression parser (#1753), thx Take5k @@ -62,9 +78,9 @@ * fix splitting of auth-ldap filter * workaround ldap connection leak if a ldap connection failed (restarting ldap) * fix auth.backend.ldap.bind-dn/pw problems (only read from global context for temporary ldap reconnects, thx ruskie) - * fix memleak in request header parsing (#1774, thx qhy) + * fix memleak in request header parsing (#1774, thx qhy) (CVE-2008-4298) * fix mod_rewrite memleak/endless loop detection (#1775, thx phy - again!) - * use decoded url for matching in mod_redirect (#1720) + * use decoded url for matching in mod_redirect (#1720) (CVE-2008-4359) - 1.4.19 - 2008-03-10 Property changes on: . ___________________________________________________________________ Modified: bzr:revision-info - timestamp: 2008-09-23 21:04:22.819999933 +0200 committer: Stefan Bühler properties: branch-nick: lighttpd-1.4.x + timestamp: 2008-10-06 00:44:46.096999884 +0200 committer: Stefan Bühler properties: branch-nick: lighttpd-1.4.x rebase-of: stbuehler@web.de-20081005224446-yvb2zjumu0opxywc Modified: bzr:revision-id:v3-trunk0 - 1127 stbuehler@web.de-20080728081644-j4cxnhduw8kbt8um 1128 stbuehler@web.de-20080728084246-axvxdtjsrratxixs 1129 stbuehler@web.de-20080729211700-s8v6nq2cu06qesls 1130 stbuehler@web.de-20080729211726-4yxb6e5dva1cn0lz 1131 stbuehler@web.de-20080729211750-4ulzigswx17uciyu 1132 stbuehler@web.de-20080729211850-nliz3kd0m576ztuu 1133 stbuehler@web.de-20080730163440-dg2y2sbf0u4grmn4 1134 stbuehler@web.de-20080730173952-kiutzg6geqy7mick 1135 stbuehler@web.de-20080730193616-9kc2ms7rrhv1lkn7 1136 stbuehler@web.de-20080730211457-z4a6uth1y29glbqh 1137 stbuehler@web.de-20080730213517-b6sjcrdwbmipl334 1138 stbuehler@web.de-20080731102617-2xw8unjfqic7lsew 1139 stbuehler@web.de-20080731102703-q4tu5a6em9y8xdg0 1140 stbuehler@web.de-20080731102729-l6vn5b05w9swqbg5 1141 stbuehler@web.de-20080731102756-oj3d4tnk0l90mj77 1142 stbuehler@web.de-20080731204442-blw14cj2fkr3l8ly 1143 stbuehler@web.de-20080731204508-imtfnurf922mg7tj 1144 stbuehler@web.de-20080801112347-girnwswdkwm8wuip 1145 stbuehler@web.de-20080801161245-kx1temr529o7xko9 1146 stbuehler@web.de-20080801175332-oc9e7x8edn1owcc0 1147 stbuehler@web.de-20080801183454-5i66v0gsdv0cgmia 1148 stbuehler@web.de-20080801192849-6zklfbb832sx0hvr 1149 stbuehler@web.de-20080801203119-o16elp8w854s6lol 1150 stbuehler@web.de-20080802162146-a4v57svc788pwdsv 1151 stbuehler@web.de-20080802162202-9udlc1wuwt09pyh2 1152 stbuehler@web.de-20080804135803-yuor9ze06px7qta4 1153 stbuehler@web.de-20080812194728-fupt781o6q058unh 1154 stbuehler@web.de-20080818162116-piz0ukqsaecv2li2 1155 stbuehler@web.de-20080818235700-94t0xc6ml70zojwq 1156 stbuehler@web.de-20080819163650-1qhwsqszr78cr4xx 1157 stbuehler@web.de-20080819163757-1qq3t1f1wj69t8xs 1158 stbuehler@web.de-20080819163914-rklhkurg8apv85l2 1159 stbuehler@web.de-20080819163953-tlqew751e43phf5b 1160 stbuehler@web.de-20080819164108-8ogh68sm1uyteawe 1161 stbuehler@web.de-20080819173911-w5bqpb7cp9jmdqye 1162 stbuehler@web.de-20080819222242-c0ta5gnli9p3j35a 1163 stbuehler@web.de-20080820100730-g1bwdh4nqb53ag9u 1164 stbuehler@web.de-20080820100752-9pggugdyfnnps8qu 1165 stbuehler@web.de-20080820164258-v2j00motsrsc5esp 1166 stbuehler@web.de-20080827144628-hi9hf4ch3n1wf9ao 1167 stbuehler@web.de-20080827144903-tfxu4yehlyu5kegc 1168 stbuehler@web.de-20080827155155-7mt92orehbxkh2lh 1169 stbuehler@web.de-20080917142048-zbcwpk39q9ewd516 1170 stbuehler@web.de-20080917142300-16gzt21x4nbjtj87 1171 stbuehler@web.de-20080919160134-385anjnd3txxdw3x 1172 stbuehler@web.de-20080920134142-fvvwaw2ys51dg4rj 1173 stbuehler@web.de-20080921153311-1f7rn01atdilmxmy 1174 stbuehler@web.de-20080922101346-wel327kjmykkpvmp 1175 stbuehler@web.de-20080923190422-uow06l38ndue36o4 + 1127 stbuehler@web.de-20080728081644-j4cxnhduw8kbt8um 1128 stbuehler@web.de-20080728084246-axvxdtjsrratxixs 1129 stbuehler@web.de-20080729211700-s8v6nq2cu06qesls 1130 stbuehler@web.de-20080729211726-4yxb6e5dva1cn0lz 1131 stbuehler@web.de-20080729211750-4ulzigswx17uciyu 1132 stbuehler@web.de-20080729211850-nliz3kd0m576ztuu 1133 stbuehler@web.de-20080730163440-dg2y2sbf0u4grmn4 1134 stbuehler@web.de-20080730173952-kiutzg6geqy7mick 1135 stbuehler@web.de-20080730193616-9kc2ms7rrhv1lkn7 1136 stbuehler@web.de-20080730211457-z4a6uth1y29glbqh 1137 stbuehler@web.de-20080730213517-b6sjcrdwbmipl334 1138 stbuehler@web.de-20080731102617-2xw8unjfqic7lsew 1139 stbuehler@web.de-20080731102703-q4tu5a6em9y8xdg0 1140 stbuehler@web.de-20080731102729-l6vn5b05w9swqbg5 1141 stbuehler@web.de-20080731102756-oj3d4tnk0l90mj77 1142 stbuehler@web.de-20080731204442-blw14cj2fkr3l8ly 1143 stbuehler@web.de-20080731204508-imtfnurf922mg7tj 1144 stbuehler@web.de-20080801112347-girnwswdkwm8wuip 1145 stbuehler@web.de-20080801161245-kx1temr529o7xko9 1146 stbuehler@web.de-20080801175332-oc9e7x8edn1owcc0 1147 stbuehler@web.de-20080801183454-5i66v0gsdv0cgmia 1148 stbuehler@web.de-20080801192849-6zklfbb832sx0hvr 1149 stbuehler@web.de-20080801203119-o16elp8w854s6lol 1150 stbuehler@web.de-20080802162146-a4v57svc788pwdsv 1151 stbuehler@web.de-20080802162202-9udlc1wuwt09pyh2 1152 stbuehler@web.de-20080804135803-yuor9ze06px7qta4 1153 stbuehler@web.de-20080812194728-fupt781o6q058unh 1154 stbuehler@web.de-20080818162116-piz0ukqsaecv2li2 1155 stbuehler@web.de-20080818235700-94t0xc6ml70zojwq 1156 stbuehler@web.de-20080819163650-1qhwsqszr78cr4xx 1157 stbuehler@web.de-20080819163757-1qq3t1f1wj69t8xs 1158 stbuehler@web.de-20080819163914-rklhkurg8apv85l2 1159 stbuehler@web.de-20080819163953-tlqew751e43phf5b 1160 stbuehler@web.de-20080819164108-8ogh68sm1uyteawe 1161 stbuehler@web.de-20080819173911-w5bqpb7cp9jmdqye 1162 stbuehler@web.de-20080819222242-c0ta5gnli9p3j35a 1163 stbuehler@web.de-20080820100730-g1bwdh4nqb53ag9u 1164 stbuehler@web.de-20080820100752-9pggugdyfnnps8qu 1165 stbuehler@web.de-20080820164258-v2j00motsrsc5esp 1166 stbuehler@web.de-20080827144628-hi9hf4ch3n1wf9ao 1167 stbuehler@web.de-20080827144903-tfxu4yehlyu5kegc 1168 stbuehler@web.de-20080827155155-7mt92orehbxkh2lh 1169 stbuehler@web.de-20080917142048-zbcwpk39q9ewd516 1170 stbuehler@web.de-20080917142300-16gzt21x4nbjtj87 1171 stbuehler@web.de-20080919160134-385anjnd3txxdw3x 1172 stbuehler@web.de-20080920134142-fvvwaw2ys51dg4rj 1173 stbuehler@web.de-20080921153311-1f7rn01atdilmxmy 1174 stbuehler@web.de-20080922101346-wel327kjmykkpvmp 1175 stbuehler@web.de-20080923190422-uow06l38ndue36o4 1176 stbuehler@web.de-20080930112012-53jby2m8xslmd1hm 1177 stbuehler@web.de-20080930134824-j9q72rwuiczzof5k 1178 stbuehler@web.de-20080930142037-32pb6m3zjcwryw1w 1179 stbuehler@web.de-20080930142756-ueovgoshyb996bce 1180 stbuehler@web.de-20080930152935-1zfy67brol3xdbc0 1181 stbuehler@web.de-20080930193919-13n2q4c6fbgw0dkx 1182 stbuehler@web.de-20080930211152-4hmgs95wyg2deol7 1183 stbuehler@web.de-20081001132402-hxnyu6yzyk3mjf4d 1184 stbuehler@web.de-20081001155102-qf0mmu2kkpgr7xf0 1185 stbuehler@web.de-20081001160009-n67ss0vzlac2y60k 1186 stbuehler@web.de-20081001200802-l5og517etnneitk0 1188 stbuehler@web.de-20081004160711-ygaohrecmutiqlla 1189 stbuehler@web.de-20081004211932-vq16u26mthbeed7d 1191 stbuehler@web.de-20081005224446-1bztt6zqrjh8w8fd