pkgsrc changes:
Replace use of legacy GeoIP library with libmaxminddb.
Uses a different module.
Changes:
Highlights
behavior change: strict URL parsing and normalization (configurable)
behavior change: mod_webdav now rejects partial PUT (configurable)
mod_auth: HTTP Auth Digest algorithm=SHA-256
mod_webdav: major rewrite: robustness, performance, RFC compliance
mod_maxminddb: new; obsoletes discontinued mod_geoip
Changes from 1.4.53
[mod_evhost] handle IPv6 literal addr; add tests
[core] separate server_main_loop() func, mark hot
[core] mark startup/shutdown funcs cold
[core] some server_main_loop() cleanup
[core] fdevent_process()
[core] srv→max_fds_lowat and srv→max_fds_hiwat
[core] remove server.h
[mod_staticfile] search ext array if not empty
[core] store joblist pointer on stack
[core] quickly clear request buffer for reuse
[core] helper funcs for connection_state_machine()
[core] perf: optimize connection_read_header()
[core] parse request in connection_read_header()
[core] log_request_header_on_error in one place
[core] copy request only if might need for logging
[core] make parse_request,request.request same buf
[core] prefer buffer_caseless_compare()
[core] pass req hdrs buffer to http_request_parse
[core] replace con→response.keep_alive
[core] mark log_error_write*() funcs cold
[core] http_request_parse() mark error paths cold
[core] lift code out of request line parse loop
[core] get_http_method_key() match by strlen first
[core] RFC7230 HTTP-version parse
[mod_accesslog] attempt to reconstruct req line
[multiple] minor: remove duplicated conditions
[mod_deflate] honor request for x-gzip, x-bzip2
[mod_auth] minor: adjust config validation
[core] discard oversized trailers
[core] no keep-alive if POLLRDHUP,empty read queue
[core] fix gw_backend spelling of directive in err
[multiple] reduce code dup in list resizing
[core] con→is_ssl_sock
[core] connection_handle_write() updates con state
[core] skip plugins_call_cleanup if not init’ed
[core] simpler loops to run plugin hooks
[core] fix mixed use of srv→split_vals array (fixes#2932)
[core] dispatch events from within event framework
[core] don’t call fd event handlers more than once, they might already be gone (fixes segfault)
[core] poll: fdarray uses fd as index, not fde_ndx
[core] map FDEVENT_* to OS system event frameworks
[core] prefer memchr() over strchr()
[core] use openssl to read,discard request body
[mod_openssl] inherit cipherlist from global scope
[mod_openssl] default: ssl.cipher-list = “HIGH”
[mod_proxy] pass Content-Length to backend if > 0
[core] config option to allow GET w/ request body
[core] some fdevent code streamlining
[core] remove fde_ndx member outside fdevents
[core] remove redundant check for allow_http11
[mod_openssl] use 16k static buffer instead of 64k
[core] pull server load checks out of main loop
[core] isolate fdevent processing
[core] release empty chunk buf when nothing read
[core] perf: pass (fdnode *) to epoll and kqueue
[core] modify config parser to handle multiple }
[core] pass (fdnode *) for registered fdevent fd
[mod_auth] http_auth_digest_hex2bin()
[mod_auth] http_auth_info_t digest abstraction
[mod_auth] pass http_auth_require_t for 401 Unauth
[core] no SOCK_NONBLOCK on QNX 7.0
[mod_auth] HTTP Auth Digest algorithm=SHA-256
[core] silence coverity warning
[mod_magnet] fix invalid script return-type crash (fixes#2938)
[build] remove -Wdeclaration-after-statement
[core] pass conf.follow_symlink in more places
[core] fix assertion with server.error-handler (fixes#2941)
[core] extend dir redirection to take HTTP status
[doc] minor adjust create-mime.conf.pl regex match (#2942)
[core] attribute((fallthrough)) for GCC 7.0
[core] fdevent_mkstemp_append() (shared)
[core] off_t upload_temp_file_size
[core] clear FDEVENT_RDHUP if no POLLRDHUP
[mod_wstunnel] fix ping-interval for big-endian (fixes#2944)
[core] fix abort in http-parseopts (fixes#2945)
[core] remove repeated slashes in http-parseopts
[core] fix 1.4.52 regression in mem use with POST (fixes#2948)
[multiple] cleaner calloc use in SETDEFAULTS_FUNC
[core] add const to some etag prototypes
[core] attribute((format …))
[core] struct log_error_st for error logging
[core] log_error, log_perror using printf-like fmt
[core] new worker_init hook to follow parent fork
[core] replace open() with fdevent_open_cloexec()
[mod_webdav] major rewrite (fixes#1818)
[core] 200 for OPTIONS /non-existent/path HTTP/1.1 (fixes#2939)
[mod_webdav] surround Lock-Token with “<…>”
[mod_webdav] fix uuid detection macro
[mod_webdav] fix misbehavior on blank nodes in PROPPATCH
[mod_webdav] clean up resources after do{}while(0)
[mod_webdav] check If-Match, If-Unmodified-Since (#1818)
[mod_webdav] deprecated unsafe partial PUT compat
[mod_webdav] provide ETag in more responses
[mod_webdav] platform portability fixes
[mod_webdav] disable elftc_copyfile() on FreeBSD
[mod_webdav] special-case If: ()
[mod_webdav] check If-None-Match (#1818)
[stat_cache] separate func for symlink policy chk
[stat_cache] separate symlink pol from data struct
[stat_cache] store entries without trailing slash
[stat_cache] pass age param for stat cache cleanup
[stat_cache] remove splaytree ins/del debug code
[stat_cache] FAM: reduce string copying
[stat_cache] FAM: check FAMNextEvent() return code
[stat_cache] FAM: use entry hash index as userdata
[stat_cache] FAM: improve handling modified file
[stat_cache] FAM: ignore follow-symlink config
[stat_cache] FAM: check hash collision before add
[stat_cache] FAM: ignore event with no valid match
[stat_cache] FAM: funcs to invalidate entries
[stat_cache] interfaces to invalidate entries
[mod_webdav] update stat_cache after file mod
[core] use high precision stat timestamp in etag
[scons] adjustment for static build under CentOS
[core] emit trace using path before clearing path
[core] http_chunk_append_file_fd()
[multiple] open target file earlier in some cases
[stat_cache] no longer stat() and open() for stat
[stat_cache] FAM: improve monitoring, cache 16 sec
[stat_cache] FAM: separate routine for FDEVENT_IN
[stat_cache] FAM: whitespace-only change
[mod_webdav] quiet coverity warnings
[doc] highlight relevance of module load order (fixes#2946)
[core] behavior change: stricter URL normalization
[stat_cache] fix compilation error for cmake
[cmake] help cmake on FreeBSD find sys/event.h
[scons] help scons on FreeBSD find sys/event.h
[build] detect FreeBSD elftc_copyfile()
[mod_openssl] use SSL_CTX_set_client_hello_cb()
[core] support weak etags with If-None-Match
[core] store log_state_handling flag on stack
[core] check if splay_tree NULL before invalidate
[mod_webdav] workaround Microsoft-WebDAV-MiniRedir
[mod_webdav] doc Microsoft-WebDAV-MiniRedir bugs
[mod_webdav] invalidate parent dir in stat_cache
[doc] systemd socket activation config example
[core] chunkqueue perf: code reuse
[core] chunkqueue perf: specialized buffer.h funcs
[core] chunkqueue perf: skip opening 0-length file
[core] chunkqueue perf: read small files into mem
[core] buffer_reset() should not be passed NULL
[tests] has_feature() helper func
[tests] skip mod-secdownload HMAC-SHA1,HMAC-SHA256
[core] use high precision stat timestamp on OS X
[mod_magnet] expose server addr (local IP) to lua
[core] adjust http_chunk read() retry loop
[mod_maxminddb] MaxMind GeoIP2 support
[mod_authn_ldap] ldap_set_option LDAP_OPT_RESTART (fixes#2940)
* [mod_cml,mod_flv_streaming] fix NULL ptr deref
* [mod_simple_vhost] t/test_mod_simple_vhost
* [mod_evhost] split uri handler func for testing
* [mod_evhost] restructure for unit tests
* [mod_evhost] t/test_mod_evhost
* [mod_access] restructure for unit tests
* [mod_access] t/test_mod_access
* [tests] include first.h and NDEBUG early
* [core] use kill_signal for gw_proc_kill()
* [tests] t/test_keyvalue
* [tests] some test config cleanup
* [tests] update skip count in mod-fastcgi.t
* [multiple] reduce initial buffer sz if large POST (fixes#2922)
* [mod_fastcgi] fix NULL ptr deref from bugfix #2922 (fixes#2923)
* [tests] more test config cleanup
* [core] perf: incremental hash of pathname w/o copy
* [core] perf: reuse buffer to redirect to directory
* [core] do not free() reused buffer
* [core] use connected sock port in dir redirect
* [core] http_response_buffer_append_authority()
* [core] use con->server_name for dir redir
* [core] memeq compare rounded to 64, not next 1M
* [core] define MD5_DIGEST_LENGTH 16
* [mod_auth] permit additional auth backends to load
* [core] send Connection: close if reqbody not read (fixes#2924)
* [core] cache rev DNS for localhost for dir redir
* [doc/conf] resolve some mime type conflicts from debian buster,
regenerate mime.conf
* [core] move winsock init to network_init()
* [core] move /dev/stdin graceful restart handling
* [core] network_srv_sockets_append() shared code
* [core] systemd socket activation support
* [build] autotools: try mysqlclient.pc and mariadb.pc (fixes#2925)
* [mod_expire] look up expire fallback "" explicitly
* [multiple] calloc match ptr type (clang --analyze)
* [multiple] quiet clang --analyze where trivial
* [mod_webdav] compare COPY, MOVE Destination scheme
* [core] con->uri.scheme is maintained lowercase
* [mod_openssl] ALPN and acme-tls/1 (fixes#2931)
* [core] Fix recursive include_shell invocations
* [mod_openssl] ssl.privkey directive (optional)
- 1.4.47
* [mod_authn_gssapi] needs -lcom_err under Darwin
* [core] stricter validation of request-URI begin
* [core] fix 1.4.46 regression in config match
* [core] normalize config addrs for != match
* [core] normalize config addrs for eq and ne
* [doc] use https:// URLs to .lighttpd.net resources
* [core] fix 1.4.46 regression in Last-Modified
* [mod_cgi] skip local-redir handling if to self (fixes#2779, #2108)
* [mod_webdav] fix crash when plugin_ctx cleaned up (fixes#2780)
* [mod_fastcgi] detect child exit, restart proactively
* [mod_scgi] detect child exit, restart proactively
* [TLS] ssl.read-ahead = "disable" for low mem (fixes#2778)
pkgsrc changes:
- Rename non-standard "memcache" option to "memcached" (retaining
compatibility for the old option for a while)
------------------------------
- 1.4.44
* [mod_scgi] fix segfault (fixes#2762)
* [mod_authn_gssapi] fix memory leak
* [config] warn if mod_authn_ldap,mysql not listed
* [mod_magnet] fix magnet_cgi_set() set of env vars (fixes#2763)
* [mod_cgi] FreeBSD 9.3/MacOSX does not have pipe2() (fixes#2765)
* [mod_extforward] fix crash on invalid IP (fixes#2766)
* [mod_fastcgi] fix segfault if all backends down (fixes#2768)
* [mod_cgi] fix out of sockets error for POST to CGI (fixes#2771)
* [mod_auth] compile fix for Mac OS X XCode (fixes#2772)
* [mod_authn_gssapi] better resource cleanup
* [core] compile fix for Mac OS X 10.6 (old) (fixes#2773)
* fix race in dynamic handler configs (reentrancy) (fixes#2774)
* [mod_authn_mysql] close mysql_conn in cleanup
* [mod_webdav] compile fix when locking not enabled
* load mod_auth & mod_authn_file in sample/test.conf
* comment out auth.backend.ldap.* in tests/*.conf
* [mod_fastcgi,mod_scgi] warn if invalid "bin-path"
* RAND_pseudo_bytes() is deprecated in openssl 1.1.0
* openssl 1.1.0 init and cleanup
* [mod_cgi] remove direct calls to network_backend*
* [build] build network_*.c into lighttpd executable
* suggest inclusion of mod_geoip... before mod_ssi.
* set systemd settings similar to lighttpd2
* [doc] remove reference to Linux rt-signals
* [mod_authn_gssapi] fix missing error ret, coverity
* [core] rename li_rand() to li_rand_pseudo_bytes()
* remove #include "stream.h" where not used
* [mod_cml] include lua headers before base.h
* [core] combine duplicated connection reset code
* [mod_ssi] produce content in subrequest hook
* [core] remove srv->entropy[]
* [core] defer li_rand_init() until first use
* [core] permit connection-level state in modules
* [mod_dirlisting] render dirlisting as HTML (fixes#2767)
* [mod_proxy] replace HTTP Host sent to backend (fixes#2770)
* [mod_ssi] basic recursive SSI include virtual (fixes#536)
* [mod_ssi] implement, ignore <!--#comment ... -->
* [core] consolidate duplicated read-to-close code
* [core] fix segfault when parsing a bad config file
* [core] support Transfer-Encoding: chunked req body (fixes#2156)
* [autobuild] set NO_RDYNAMIC=yes for midipix
* [mod_proxy] proxy.balance = "sticky" option (fixes#2117)
* [mod_secdownload] warn if SHA used w/o SSL crypto
* [build] compile fixes for AIX
* [build] check for pipe2() at configure time
* [mod_evhost] fix an incorrect error trace
* [tests] mark tests/docroot/www/*.pl scripts a+x
* [mod_cgi] fall back to pipe() if pipe2() fails
* fix SCons fullstatic build with glibc pthreads
* [TLS] openssl 1.1.0 makes SSL_OP_NO_SSLv2 no-op
(pkgsrc changes)
- Add Selection on PLIST depending on options
- 1.4.41
* remove long-deprecated, non-functional config opts
* [config] inherit server.use-ipv6 and server.set-v6only (fixes#678)
* [mod_auth] fix Digest auth to be better than Basic (fixes#1844)
* [mod_ssi] fix #config sizefmt="bytes"
* [autobuild] move inet_pton detection later
* [core] #include <sys/filio.h> for FIONREAD (fixes#2726)
* [autobuild] clock_gettime() -lrt with glibc < 2.17
* [security] do not emit HTTP_PROXY to CGI env
* [build_cmake] clock_gettime() -lrt w/ glibc < 2.17 (fixes#2737)
* [core] avoid spurious trace and error abort
* [core] stay in CON_STATE_CLOSE until done with req
* [core] $HTTP["remoteip"] must handle IPv6 w/o []
* [mod_status] show keep-alive status w/ text output (fixes#2740)
* do not set REDIRECT_URI in mod_magnet, mod_rewrite (#2738)
* revert 1.4.40 swap of REQUEST_URI, REDIRECT_URI (fixes#2738)
* [core] permit IPv6 address scope identifier
* [TLS] better handling of SSL_ERROR_WANT_READ/WRITE
* [TLS] read all available records from SSL_read()
* [core] try AF_INET after AF_INET6 if use-ipv6
* [core] set chunkqueue tempdirs at startup
* [security] ensure gid != 0 if server.username set (fixes#2725)
* [security] disable stat_cache if !follow-symlink (fixes#2724)
* [core] fix buffer_copy_string_hex() assert (fixes#2742)
* [security] encode quoting chars in HTML and XML
* [cmake] always define _GNU_SOURCE
* [cmake] enable warnings for GCC and Clang
* [cmake] set cmake_minimum_required to 2.8.2
----------------------
- 1.4.38 - 2015-12-05
* [stat-cache] fix handling of collisions, might have returned wrong
data (fixes#2669)
* [core] allocate at least 4k buffer for incoming data
* [core] fix search for header end if split across chunks (fixes#2670)
* [core] check configparserAlloc() result with force_assert
* [mod_auth] implement and use safe_memclear, using memset_s or
explicit_bzero if available (thx loganaden)
* [core] don't buffer request bodies smaller than 64k on disk
* add force_assert for many allocations and function results
* [mod_secdownload] use a hopefully constant time comparison to check
hash (fixes#2679)
* [config] check config option scope; warn if server option is given
in conditional
* [core] revert increase of temp file size back to 1MB, provide a
configure option "server.upload-temp-file-size" instead (fixes
#2680)
* [core] add '~' to safe characters in
ENCODING_REL_URI/ENCODING_REL_URI_PART encoding
* [core] encode path with ENCODING_REL_URI in redirect to directory
(fixes#2661, thx gstrauss)
* [mod_secdownload] add required algorithm option; old behaviour
available as "md5", new options "hmac-sha1" and "hmac-sha256"
* [mod_fastcgi/mod_scgi] zero sockaddr structs before use (fixes
#2691, thx Kyle J. McKay)
* [network] add darwin-sendfile backend (fixes#2687, thx Kyle J. McKay)
* [core] show correct crypt support result (fixes#2690, thx Kyle J. McKay)
----------------
- 1.4.37
* [mod_proxy] remove debug log line from error log (fixes#2659)
* [mod_dirlisting] fix dir-listing.set-footer not showing
* fix out-of-filedescriptors when uploading "large" files (fixes#2660, thx rmilecki)
* increase upload temporary chunk file size from 1MB to 16MB
* fix undefined integer shift
* rewrite network sendfile/mmap/writev/write backends
* fix some unchecked return value warnings
* [kqueue] fix kevent call
* [autoconf] define HAVE_CRYPT when crypt() is present
* [bsd xattr] fix compile break with BSD extended attributes in stat_cache
* [mod_cgi] rewrite mmap and generic (post body) send error handling
* [mmap] fix mmap alignment
* [plugins] when modules are linked statically still only load the modules given in the config
* [mmap] handle SIGBUS in network; those get triggered if the file gets smaller during reading
* fix some warnings found by coverity ("leak" in setup phase, not catching too long unix socket paths in mod_proxy)
This release contains mostly bug fixes.
Important changes
-----------------
- [ssl] disable SSL3.0 by default
- escape all strings for logging
- fix segfault when temp file for upload couldn’t be created (found by coverity)
- changes to the internal API for buffers, chunks and more; 3rd party plugins are likely to break
This release contains a lot of bug fixes, many detected by scan.coverity.com (and more to come). The main reason for the release is a fix for an SQL injection (and path traversal) bug triggered by specially crafted (and invalid) Host: headers.
* [mod_auth] explicitly link ssl for SHA1 (fixes 2517)
* [mod_extforward] fix compilation without IPv6, (not) using undefined var (fixes 2515, thx mm)
* [ssl] fix SNI handling; only use key+cert from SNI specific config (fixes 2525, CVE-2013-4508)
* [doc] update ssl.cipher-list recommendation
* [stat-cache] FAM: fix use after free (CVE-2013-4560)
* [stat-cache] fix FAM cleanup/fdevent handling
* [core] check success of setuid,setgid,setgroups (CVE-2013-4559)
* [ssl] fix regression from CVE-2013-4508 (client-cert sessions were broken)
* maintain physical.basedir (the "acting" doc-root as prefix of physical.path) in more places
* [core] decode URL before rewrite, enabling it to work in $HTTP["url"] conditionals (fixes 2526)
* [auto* build] remove -no-undefined from linker flags, as we actually link modules with undefined symbols (fixes 2533)
* [mod_mysql_vhost] fix memory leak on config init (2530)
* [mod_webdav] fix fd leak found with parfait (fixes 2530, thx kukackajiri)
mod_fastcgi: fix mix up of “mode” => “authorizer” in other fastcgi configs (fixes 2465, thx peex)
fix handling of If-Modified-Since if If-None-Match is present (don’t return 412 for date parsing errors);
follow current draft for HTTP/1.1, which tells us to ignore If-Modified-Since if we have matching etags.
[mod_fastcgi,log] support multi line logging (fixes 2252)
call ERR_clear_error only for ssl connections in CON_STATE_ERROR
reject non ASCII characters in HTTP header names
[mod_auth] use crypt() on encrypted password instead of extracting salt first (fixes 2483)
[mod_auth] add htpasswd -s (SHA1) support if openssl is used (needs openssl for SHA1). This doesn’t use any salt, md5 with salt is probably better.
[mod_auth] fix base64_decode (2484)
fix some bugs found with canalyze (fixes 2484, thx Zhenbo Xu)
fix undefined stuff found with clang
[cmake] Use TARGET_LINK_LIBRARIES instead of LINK_FLAGS for library dependencies, also add Wl,-as-needed to extra warnings (fixes 2448)
[mod_auth] fix invalid read in digest qop=auth-int handling (fixes 2478)
[auto* build] simplify autogen.sh, handle automake 1.13 test running (fixes 2490)
[mod_userdir] add userdir.active option, “enabled” by default
[core] return 501 Not Implemented in static file mode for all methods except GET/POST/HEAD/OPTIONS
[core] recognize more http methods to forward to backends (fixes 2346)
[ssl] use DH only if openssl supports it (fixes 2479)
[network] use constants available at compile time for maximum number of chunks for writev instead of calling sysconf (fixes 2470)
[ssl] Fix $HTTP[“scheme”] conditional, could be “http” for ssl connections if the ssl $SERVER[“socket”] conditional was nested (fixes 2501)
[ssl] accept ssl renegotiations if they are not disabled (fixes 2491)
[ssl] add option ssl.empty-fragments, defaulting to disabled (fixes 2492)
[auth] put REMOTE_USER into cgi environment, making it accessible to lua via lighty.req_env (fixes 2495)
[auth] new method “extern” to use already present REMOTE_USER (from magnet, ssl, …) (fixes 2436)
[core] remove requirement that default doc-root has to exist, there are reasonable scenarios not requiring static files at all
[core] check whether server.chroot exists
[mod_simple_vhost] fix cache; skip module if simple-vhost.server-root is empty (thx rm for reporting)
[mod_accesslog] add accesslog.syslog-level option (fixes 2480)
[core] allow files to be used as document-root (fixes 2475)
[core] set signal handlers before forking child processes in modules/plugins_call_set_defaults (fixes 2502)
