2 Index: src/http_auth_digest.c
3 ===================================================================
4 --- src/http_auth_digest.c (.../tags/lighttpd-1.4.29)
5 +++ src/http_auth_digest.c (.../branches/lighttpd-1.4.x)
9 -#include "http_auth_digest.h"
16 -typedef li_MD5_CTX MD5_CTX;
17 -#define MD5_Init li_MD5_Init
18 -#define MD5_Update li_MD5_Update
19 -#define MD5_Final li_MD5_Final
23 -void CvtHex(IN HASH Bin, OUT HASHHEX Hex) {
26 - for (i = 0; i < HASHLEN; i++) {
27 - Hex[i*2] = int2hex((Bin[i] >> 4) & 0xf);
28 - Hex[i*2+1] = int2hex(Bin[i] & 0xf);
30 - Hex[HASHHEXLEN] = '\0';
33 Index: src/http_auth_digest.h
34 ===================================================================
35 --- src/http_auth_digest.h (.../tags/lighttpd-1.4.29)
36 +++ src/http_auth_digest.h (.../branches/lighttpd-1.4.x)
46 -typedef unsigned char HASH[HASHLEN];
47 -#define HASHHEXLEN 32
48 -typedef char HASHHEX[HASHHEXLEN+1];
62 Index: src/network_write.c
63 ===================================================================
64 --- src/network_write.c (.../tags/lighttpd-1.4.29)
65 +++ src/network_write.c (.../branches/lighttpd-1.4.x)
67 # include <sys/resource.h>
70 -int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq) {
71 +int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) {
73 - size_t chunks_written = 0;
75 - for(c = cq->first; c; c = c->next) {
76 + for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
77 int chunk_finished = 0;
86 if (c->mem->used == 0) {
89 offset = c->mem->ptr + c->offset;
90 toSend = c->mem->used - 1 - c->offset;
91 + if (toSend > max_bytes) toSend = max_bytes;
94 if ((r = send(fd, offset, toSend, 0)) < 0) {
95 /* no error handling for windows... */
102 if (c->offset == (off_t)c->mem->used - 1) {
110 stat_cache_entry *sce = NULL;
114 offset = c->file.start + c->offset;
115 toSend = c->file.length - c->offset;
117 + if (toSend > max_bytes) toSend = max_bytes;
119 if (offset > sce->st.st_size) {
120 log_error_write(srv, __FILE__, __LINE__, "sb", "file was shrinked:", c->file.name);
128 if (c->offset == c->file.length) {
138 - return chunks_written;
143 Index: src/mod_secure_download.c
144 ===================================================================
145 --- src/mod_secure_download.c (.../tags/lighttpd-1.4.29)
146 +++ src/mod_secure_download.c (.../branches/lighttpd-1.4.x)
152 -# include <openssl/md5.h>
157 -typedef li_MD5_CTX MD5_CTX;
158 -#define MD5_Init li_MD5_Init
159 -#define MD5_Update li_MD5_Update
160 -#define MD5_Final li_MD5_Final
165 typedef unsigned char HASH[HASHLEN];
166 #define HASHHEXLEN 32
169 URIHANDLER_FUNC(mod_secdownload_uri_handler) {
170 plugin_data *p = p_d;
174 const char *rel_uri, *ts_str, *md5_str;
177 buffer_append_string(p->md5, rel_uri);
178 buffer_append_string_len(p->md5, ts_str, 8);
181 - MD5_Update(&Md5Ctx, (unsigned char *)p->md5->ptr, p->md5->used - 1);
182 - MD5_Final(HA1, &Md5Ctx);
183 + li_MD5_Init(&Md5Ctx);
184 + li_MD5_Update(&Md5Ctx, (unsigned char *)p->md5->ptr, p->md5->used - 1);
185 + li_MD5_Final(HA1, &Md5Ctx);
187 buffer_copy_string_hex(p->md5, (char *)HA1, 16);
190 ===================================================================
191 --- src/base.h (.../tags/lighttpd-1.4.29)
192 +++ src/base.h (.../branches/lighttpd-1.4.x)
194 buffer *ssl_cipher_list;
196 buffer *ssl_ec_curve;
197 + unsigned short ssl_honor_cipher_order; /* determine SSL cipher in server-preferred order, not client-order */
198 unsigned short ssl_use_sslv2;
199 unsigned short ssl_use_sslv3;
200 unsigned short ssl_verifyclient;
202 unsigned short ssl_verifyclient_depth;
203 buffer *ssl_verifyclient_username;
204 unsigned short ssl_verifyclient_export_cert;
205 + unsigned short ssl_disable_client_renegotiation;
207 unsigned short use_ipv6, set_v6only; /* set_v6only is only a temporary option */
208 unsigned short defer_accept;
210 # ifndef OPENSSL_NO_TLSEXT
211 buffer *tlsext_server_name;
213 + unsigned int renegotiations; /* count of SSL_CB_HANDSHAKE_START */
216 etag_flags_t etag_flags;
219 fdevent_handler_t event_handler;
221 - int (* network_backend_write)(struct server *srv, connection *con, int fd, chunkqueue *cq);
222 - int (* network_backend_read)(struct server *srv, connection *con, int fd, chunkqueue *cq);
223 + int (* network_backend_write)(struct server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
225 - int (* network_ssl_backend_write)(struct server *srv, connection *con, SSL *ssl, chunkqueue *cq);
226 - int (* network_ssl_backend_read)(struct server *srv, connection *con, SSL *ssl, chunkqueue *cq);
227 + int (* network_ssl_backend_write)(struct server *srv, connection *con, SSL *ssl, chunkqueue *cq, off_t max_bytes);
231 Index: src/connections.c
232 ===================================================================
233 --- src/connections.c (.../tags/lighttpd-1.4.29)
234 +++ src/connections.c (.../branches/lighttpd-1.4.x)
237 len = SSL_read(con->ssl, b->ptr + read_offset, toread);
239 + if (con->renegotiations > 1 && con->conf.ssl_disable_client_renegotiation) {
240 + connection_set_state(srv, con, CON_STATE_ERROR);
241 + log_error_write(srv, __FILE__, __LINE__, "s", "SSL: renegotiation initiated by client");
246 if (b->used > 0) b->used--;
250 switch(con->http_status) {
251 case 400: /* bad request */
252 + case 401: /* authorization required */
253 case 414: /* overload request header */
254 case 505: /* unknown protocol */
255 case 207: /* this was webdav */
259 static int connection_handle_write(server *srv, connection *con) {
260 - switch(network_write_chunkqueue(srv, con, con->write_queue)) {
261 + switch(network_write_chunkqueue(srv, con, con->write_queue, MAX_WRITE_LIMIT)) {
263 + con->write_request_ts = srv->cur_ts;
264 if (con->file_finished) {
265 connection_set_state(srv, con, CON_STATE_RESPONSE_END);
266 joblist_append(srv, con);
268 joblist_append(srv, con);
271 + con->write_request_ts = srv->cur_ts;
272 con->is_writable = 0;
274 /* not finished yet -> WRITE */
275 @@ -1251,8 +1260,6 @@
276 log_error_write(srv, __FILE__, __LINE__, "ds",
278 "handle write failed.");
279 - } else if (con->state == CON_STATE_WRITE) {
280 - con->write_request_ts = srv->cur_ts;
284 @@ -1352,6 +1359,7 @@
288 + con->renegotiations = 0;
289 #ifndef OPENSSL_NO_TLSEXT
290 SSL_set_app_data(con->ssl, con);
292 @@ -1667,8 +1675,6 @@
294 "handle write failed.");
295 connection_set_state(srv, con, CON_STATE_ERROR);
296 - } else if (con->state == CON_STATE_WRITE) {
297 - con->write_request_ts = srv->cur_ts;
301 Index: src/mod_staticfile.c
302 ===================================================================
303 --- src/mod_staticfile.c (.../tags/lighttpd-1.4.29)
304 +++ src/mod_staticfile.c (.../branches/lighttpd-1.4.x)
308 unsigned short etags_used;
309 + unsigned short disable_pathinfo;
314 config_values_t cv[] = {
315 { "static-file.exclude-extensions", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
316 { "static-file.etags", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
317 + { "static-file.disable-pathinfo", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
318 { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
322 s = calloc(1, sizeof(plugin_config));
323 s->exclude_ext = array_init();
325 + s->disable_pathinfo = 0;
327 cv[0].destination = s->exclude_ext;
328 cv[1].destination = &(s->etags_used);
329 + cv[2].destination = &(s->disable_pathinfo);
331 p->config_storage[i] = s;
337 + PATCH(disable_pathinfo);
339 /* skip the first, the global context */
340 for (i = 1; i < srv->config_context->used; i++) {
343 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("static-file.etags"))) {
346 + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("static-file.disable-pathinfo"))) {
347 + PATCH(disable_pathinfo);
353 URIHANDLER_FUNC(mod_staticfile_subrequest) {
354 plugin_data *p = p_d;
357 stat_cache_entry *sce = NULL;
358 buffer *mtime = NULL;
362 mod_staticfile_patch_connection(srv, con, p);
364 - s_len = con->uri.path->used - 1;
365 + if (p->conf.disable_pathinfo && 0 != con->request.pathinfo->used) {
366 + if (con->conf.log_request_handling) {
367 + log_error_write(srv, __FILE__, __LINE__, "s", "-- NOT handling file as static file, pathinfo forbidden");
369 + return HANDLER_GO_ON;
372 /* ignore certain extensions */
373 for (k = 0; k < p->conf.exclude_ext->used; k++) {
375 ===================================================================
376 --- src/network.c (.../tags/lighttpd-1.4.29)
377 +++ src/network.c (.../branches/lighttpd-1.4.x)
379 # include <openssl/rand.h>
383 +static void ssl_info_callback(const SSL *ssl, int where, int ret) {
386 + if (0 != (where & SSL_CB_HANDSHAKE_START)) {
387 + connection *con = SSL_get_app_data(ssl);
388 + ++con->renegotiations;
389 + } else if (0 != (where & SSL_CB_HANDSHAKE_DONE)) {
390 + ssl->s3->flags |= SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS;
395 static handler_t network_server_handle_fdevent(server *srv, void *context, int revents) {
396 server_socket *srv_socket = (server_socket *)context;
399 network_backend_t backend;
401 #if OPENSSL_VERSION_NUMBER >= 0x0090800fL
402 +#ifndef OPENSSL_NO_ECDH
411 /* load SSL certificates */
412 for (i = 0; i < srv->config_context->used; i++) {
413 specific_config *s = srv->config_storage[i];
414 +#ifndef SSL_OP_NO_COMPRESSION
415 +# define SSL_OP_NO_COMPRESSION 0
418 + SSL_OP_ALL | SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION | SSL_OP_NO_COMPRESSION;
420 if (buffer_is_empty(s->ssl_pemfile)) continue;
426 + SSL_CTX_set_options(s->ssl_ctx, ssloptions);
427 + SSL_CTX_set_info_callback(s->ssl_ctx, ssl_info_callback);
429 if (!s->ssl_use_sslv2) {
431 if (!(SSL_OP_NO_SSLv2 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2))) {
433 ERR_error_string(ERR_get_error(), NULL));
437 + if (s->ssl_honor_cipher_order) {
438 + SSL_CTX_set_options(s->ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
442 /* Support for Diffie-Hellman key exchange */
447 -int network_write_chunkqueue(server *srv, connection *con, chunkqueue *cq) {
448 +int network_write_chunkqueue(server *srv, connection *con, chunkqueue *cq, off_t max_bytes) {
452 @@ -855,16 +882,34 @@
454 server_socket *srv_socket = con->srv_socket;
456 - if (con->conf.global_kbytes_per_second &&
457 - *(con->conf.global_bytes_per_second_cnt_ptr) > con->conf.global_kbytes_per_second * 1024) {
458 - /* we reached the global traffic limit */
459 + if (con->conf.global_kbytes_per_second) {
460 + off_t limit = con->conf.global_kbytes_per_second * 1024 - *(con->conf.global_bytes_per_second_cnt_ptr);
462 + /* we reached the global traffic limit */
464 - con->traffic_limit_reached = 1;
465 - joblist_append(srv, con);
466 + con->traffic_limit_reached = 1;
467 + joblist_append(srv, con);
472 + if (max_bytes > limit) max_bytes = limit;
476 + if (con->conf.kbytes_per_second) {
477 + off_t limit = con->conf.kbytes_per_second * 1024 - con->bytes_written_cur_second;
479 + /* we reached the traffic limit */
481 + con->traffic_limit_reached = 1;
482 + joblist_append(srv, con);
486 + if (max_bytes > limit) max_bytes = limit;
490 written = cq->bytes_out;
493 @@ -879,10 +924,10 @@
495 if (srv_socket->is_ssl) {
497 - ret = srv->network_ssl_backend_write(srv, con, con->ssl, cq);
498 + ret = srv->network_ssl_backend_write(srv, con, con->ssl, cq, max_bytes);
501 - ret = srv->network_backend_write(srv, con, con->fd, cq);
502 + ret = srv->network_backend_write(srv, con, con->fd, cq, max_bytes);
508 *(con->conf.global_bytes_per_second_cnt_ptr) += written;
510 - if (con->conf.kbytes_per_second &&
511 - (con->bytes_written_cur_second > con->conf.kbytes_per_second * 1024)) {
512 - /* we reached the traffic limit */
514 - con->traffic_limit_reached = 1;
515 - joblist_append(srv, con);
520 ===================================================================
521 --- src/network.h (.../tags/lighttpd-1.4.29)
522 +++ src/network.h (.../branches/lighttpd-1.4.x)
527 -int network_write_chunkqueue(server *srv, connection *con, chunkqueue *c);
528 +int network_write_chunkqueue(server *srv, connection *con, chunkqueue *c, off_t max_bytes);
530 int network_init(server *srv);
531 int network_close(server *srv);
532 Index: src/configfile.c
533 ===================================================================
534 --- src/configfile.c (.../tags/lighttpd-1.4.29)
535 +++ src/configfile.c (.../branches/lighttpd-1.4.x)
537 { "ssl.use-sslv3", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 62 */
538 { "ssl.dh-file", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 63 */
539 { "ssl.ec-curve", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_SERVER }, /* 64 */
540 + { "ssl.disable-client-renegotiation", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER },/* 65 */
541 + { "ssl.honor-cipher-order", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_SERVER }, /* 66 */
543 { "server.host", "use server.bind instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
544 { "server.docroot", "use server.document-root instead", T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_UNSET },
546 s->max_write_idle = 360;
549 + s->ssl_honor_cipher_order = 1;
550 s->ssl_use_sslv2 = 0;
551 s->ssl_use_sslv3 = 1;
554 s->ssl_verifyclient_username = buffer_init();
555 s->ssl_verifyclient_depth = 9;
556 s->ssl_verifyclient_export_cert = 0;
557 + s->ssl_disable_client_renegotiation = 1;
559 cv[2].destination = s->errorfile_prefix;
562 cv[62].destination = &(s->ssl_use_sslv3);
563 cv[63].destination = s->ssl_dh_file;
564 cv[64].destination = s->ssl_ec_curve;
565 + cv[66].destination = &(s->ssl_honor_cipher_order);
567 cv[49].destination = &(s->etag_use_inode);
568 cv[50].destination = &(s->etag_use_mtime);
569 cv[51].destination = &(s->etag_use_size);
571 cv[58].destination = &(s->ssl_verifyclient_depth);
572 cv[59].destination = s->ssl_verifyclient_username;
573 cv[60].destination = &(s->ssl_verifyclient_export_cert);
574 + cv[65].destination = &(s->ssl_disable_client_renegotiation);
576 srv->config_storage[i] = s;
579 PATCH(ssl_cipher_list);
582 + PATCH(ssl_honor_cipher_order);
583 PATCH(ssl_use_sslv2);
584 PATCH(ssl_use_sslv3);
585 PATCH(etag_use_inode);
587 PATCH(ssl_verifyclient_depth);
588 PATCH(ssl_verifyclient_username);
589 PATCH(ssl_verifyclient_export_cert);
590 + PATCH(ssl_disable_client_renegotiation);
596 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.ca-file"))) {
598 + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.honor-cipher-order"))) {
599 + PATCH(ssl_honor_cipher_order);
600 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.use-sslv2"))) {
601 PATCH(ssl_use_sslv2);
602 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.use-sslv3"))) {
604 PATCH(ssl_verifyclient_username);
605 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.verifyclient.exportcert"))) {
606 PATCH(ssl_verifyclient_export_cert);
607 + } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("ssl.disable-client-renegotiation"))) {
608 + PATCH(ssl_disable_client_renegotiation);
612 Index: src/mod_scgi.c
613 ===================================================================
614 --- src/mod_scgi.c (.../tags/lighttpd-1.4.29)
615 +++ src/mod_scgi.c (.../branches/lighttpd-1.4.x)
616 @@ -2296,7 +2296,7 @@
619 case FCGI_STATE_WRITE:
620 - ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb);
621 + ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb, MAX_WRITE_LIMIT);
623 chunkqueue_remove_finished_chunks(hctx->wb);
626 ===================================================================
627 --- src/request.c (.../tags/lighttpd-1.4.29)
628 +++ src/request.c (.../branches/lighttpd-1.4.x)
630 if (++colon_cnt > 7) {
633 - } else if (!light_isxdigit(*c)) {
634 + } else if (!light_isxdigit(*c) && '.' != *c) {
638 Index: src/network_backends.h
639 ===================================================================
640 --- src/network_backends.h (.../tags/lighttpd-1.4.29)
641 +++ src/network_backends.h (.../branches/lighttpd-1.4.x)
646 - * >= 0 : chunks completed
648 * -1 : error (on our side)
652 -int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq);
653 -int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq);
654 -int network_write_chunkqueue_linuxsendfile(server *srv, connection *con, int fd, chunkqueue *cq);
655 -int network_write_chunkqueue_freebsdsendfile(server *srv, connection *con, int fd, chunkqueue *cq);
656 -int network_write_chunkqueue_solarissendfilev(server *srv, connection *con, int fd, chunkqueue *cq);
657 +int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
658 +int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
659 +int network_write_chunkqueue_linuxsendfile(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
660 +int network_write_chunkqueue_freebsdsendfile(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
661 +int network_write_chunkqueue_solarissendfilev(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
663 -int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq);
664 +int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq, off_t max_bytes);
668 Index: src/SConscript
669 ===================================================================
670 --- src/SConscript (.../tags/lighttpd-1.4.29)
671 +++ src/SConscript (.../branches/lighttpd-1.4.x)
673 data_integer.c md5.c data_fastcgi.c \
674 fdevent_select.c fdevent_libev.c \
675 fdevent_poll.c fdevent_linux_sysepoll.c \
676 - fdevent_solaris_devpoll.c fdevent_freebsd_kqueue.c \
677 + fdevent_solaris_devpoll.c fdevent_solaris_port.c \
678 + fdevent_freebsd_kqueue.c \
679 data_config.c bitset.c \
680 inet_ntop_cache.c crc32.c \
683 'mod_redirect' : { 'src' : [ 'mod_redirect.c' ], 'lib' : [ env['LIBPCRE'] ] },
684 'mod_rewrite' : { 'src' : [ 'mod_rewrite.c' ], 'lib' : [ env['LIBPCRE'] ] },
686 - 'src' : [ 'mod_auth.c', 'http_auth_digest.c', 'http_auth.c' ],
687 + 'src' : [ 'mod_auth.c', 'http_auth.c' ],
688 'lib' : [ env['LIBCRYPT'], env['LIBLDAP'], env['LIBLBER'] ] },
689 'mod_webdav' : { 'src' : [ 'mod_webdav.c' ], 'lib' : [ env['LIBXML2'], env['LIBSQLITE3'], env['LIBUUID'] ] },
690 'mod_mysql_vhost' : { 'src' : [ 'mod_mysql_vhost.c' ], 'lib' : [ env['LIBMYSQL'] ] },
691 Index: src/mod_cml_funcs.c
692 ===================================================================
693 --- src/mod_cml_funcs.c (.../tags/lighttpd-1.4.29)
694 +++ src/mod_cml_funcs.c (.../branches/lighttpd-1.4.x)
700 -# include <openssl/md5.h>
705 -typedef li_MD5_CTX MD5_CTX;
706 -#define MD5_Init li_MD5_Init
707 -#define MD5_Update li_MD5_Update
708 -#define MD5_Final li_MD5_Final
713 typedef unsigned char HASH[HASHLEN];
714 #define HASHHEXLEN 32
718 int f_crypto_md5(lua_State *L) {
729 - MD5_Update(&Md5Ctx, (unsigned char *)lua_tostring(L, 1), lua_strlen(L, 1));
730 - MD5_Final(HA1, &Md5Ctx);
731 + li_MD5_Init(&Md5Ctx);
732 + li_MD5_Update(&Md5Ctx, (unsigned char *)lua_tostring(L, 1), lua_strlen(L, 1));
733 + li_MD5_Final(HA1, &Md5Ctx);
735 buffer_copy_string_hex(&b, (char *)HA1, 16);
737 Index: src/mod_userdir.c
738 ===================================================================
739 --- src/mod_userdir.c (.../tags/lighttpd-1.4.29)
740 +++ src/mod_userdir.c (.../branches/lighttpd-1.4.x)
743 URIHANDLER_FUNC(mod_userdir_docroot_handler) {
744 plugin_data *p = p_d;
751 if (p->conf.path->used == 0) return HANDLER_GO_ON;
753 - uri_len = con->uri.path->used - 1;
755 /* /~user/foo.html -> /home/user/public_html/foo.html */
757 if (con->uri.path->ptr[0] != '/' ||
758 Index: src/mod_proxy.c
759 ===================================================================
760 --- src/mod_proxy.c (.../tags/lighttpd-1.4.29)
761 +++ src/mod_proxy.c (.../branches/lighttpd-1.4.x)
765 case PROXY_STATE_WRITE:;
766 - ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb);
767 + ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb, MAX_WRITE_LIMIT);
769 chunkqueue_remove_finished_chunks(hctx->wb);
771 Index: src/Makefile.am
772 ===================================================================
773 --- src/Makefile.am (.../tags/lighttpd-1.4.29)
774 +++ src/Makefile.am (.../branches/lighttpd-1.4.x)
776 mod_compress_la_LIBADD = $(Z_LIB) $(BZ_LIB) $(common_libadd)
778 lib_LTLIBRARIES += mod_auth.la
779 -mod_auth_la_SOURCES = mod_auth.c http_auth_digest.c http_auth.c
780 +mod_auth_la_SOURCES = mod_auth.c http_auth.c
781 mod_auth_la_LDFLAGS = -module -export-dynamic -avoid-version -no-undefined
782 mod_auth_la_LIBADD = $(CRYPT_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd)
786 hdr = server.h buffer.h network.h log.h keyvalue.h \
787 response.h request.h fastcgi.h chunk.h \
788 - settings.h http_chunk.h http_auth_digest.h \
789 + settings.h http_chunk.h \
790 md5.h http_auth.h stream.h \
791 fdevent.h connections.h base.h stat_cache.h \
792 plugin.h mod_auth.h \
793 Index: src/network_writev.c
794 ===================================================================
795 --- src/network_writev.c (.../tags/lighttpd-1.4.29)
796 +++ src/network_writev.c (.../branches/lighttpd-1.4.x)
798 #define LOCAL_BUFFERING 1
801 -int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq) {
802 +int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) {
804 - size_t chunks_written = 0;
806 - for(c = cq->first; c; c = c->next) {
807 + for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
808 int chunk_finished = 0;
817 size_t num_chunks, i;
819 #error "sysconf() doesnt return _SC_IOV_MAX ..., check the output of 'man writev' for the EINVAL error and send the output to jan@kneschke.de"
822 - /* we can't send more then SSIZE_MAX bytes in one chunk */
826 * 1. limit: num_chunks < max_chunks
827 - * 2. limit: num_bytes < SSIZE_MAX
828 + * 2. limit: num_bytes < max_bytes
830 for (num_chunks = 0, tc = c; tc && tc->type == MEM_CHUNK && num_chunks < max_chunks; num_chunks++, tc = tc->next);
833 chunks[i].iov_base = offset;
835 /* protect the return value of writev() */
836 - if (toSend > SSIZE_MAX ||
837 - num_bytes + toSend > SSIZE_MAX) {
838 - chunks[i].iov_len = SSIZE_MAX - num_bytes;
839 + if (toSend > max_bytes ||
840 + (off_t) num_bytes + toSend > max_bytes) {
841 + chunks[i].iov_len = max_bytes - num_bytes;
851 /* check which chunks have been written */
853 @@ -132,11 +130,10 @@
855 if (chunk_finished) {
856 /* skip the chunks from further touches */
860 /* chunks_written + c = c->next is done in the for()*/
862 + chunk_finished = 1;
865 /* partially written */
870 + if (toSend > max_bytes) toSend = max_bytes;
872 #ifdef LOCAL_BUFFERING
881 if (c->offset == c->file.length) {
891 - return chunks_written;
896 Index: src/network_freebsd_sendfile.c
897 ===================================================================
898 --- src/network_freebsd_sendfile.c (.../tags/lighttpd-1.4.29)
899 +++ src/network_freebsd_sendfile.c (.../branches/lighttpd-1.4.x)
904 -int network_write_chunkqueue_freebsdsendfile(server *srv, connection *con, int fd, chunkqueue *cq) {
905 +int network_write_chunkqueue_freebsdsendfile(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) {
907 - size_t chunks_written = 0;
909 - for(c = cq->first; c; c = c->next, chunks_written++) {
910 + for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
911 int chunk_finished = 0;
920 size_t num_chunks, i;
923 size_t num_bytes = 0;
925 - /* we can't send more then SSIZE_MAX bytes in one chunk */
929 * 1. limit: num_chunks < UIO_MAXIOV
930 - * 2. limit: num_bytes < SSIZE_MAX
931 + * 2. limit: num_bytes < max_bytes
933 for(num_chunks = 0, tc = c; tc && tc->type == MEM_CHUNK && num_chunks < UIO_MAXIOV; num_chunks++, tc = tc->next);
936 chunks[i].iov_base = offset;
938 /* protect the return value of writev() */
939 - if (toSend > SSIZE_MAX ||
940 - num_bytes + toSend > SSIZE_MAX) {
941 - chunks[i].iov_len = SSIZE_MAX - num_bytes;
942 + if (toSend > max_bytes ||
943 + (off_t) num_bytes + toSend > max_bytes) {
944 + chunks[i].iov_len = max_bytes - num_bytes;
950 /* check which chunks have been written */
954 for(i = 0, tc = c; i < num_chunks; i++, tc = tc->next) {
955 if (r >= (ssize_t)chunks[i].iov_len) {
956 @@ -114,11 +112,10 @@
958 if (chunk_finished) {
959 /* skip the chunks from further touches */
963 /* chunks_written + c = c->next is done in the for()*/
965 + chunk_finished = 1;
968 /* partially written */
975 stat_cache_entry *sce = NULL;
977 if (HANDLER_ERROR == stat_cache_get_entry(srv, con, c->file.name, &sce)) {
981 offset = c->file.start + c->offset;
982 - /* limit the toSend to 2^31-1 bytes in a chunk */
983 - toSend = c->file.length - c->offset > ((1 << 30) - 1) ?
984 - ((1 << 30) - 1) : c->file.length - c->offset;
985 + toSend = c->file.length - c->offset;
986 + if (toSend > max_bytes) toSend = max_bytes;
988 if (-1 == c->file.fd) {
989 if (-1 == (c->file.fd = open(c->file.name->ptr, O_RDONLY))) {
996 if (c->offset == c->file.length) {
1002 - return chunks_written;
1007 Index: src/network_openssl.c
1008 ===================================================================
1009 --- src/network_openssl.c (.../tags/lighttpd-1.4.29)
1010 +++ src/network_openssl.c (.../branches/lighttpd-1.4.x)
1012 # include <openssl/ssl.h>
1013 # include <openssl/err.h>
1015 -int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq) {
1016 +int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq, off_t max_bytes) {
1019 - size_t chunks_written = 0;
1021 /* this is a 64k sendbuffer
1024 SSL_set_shutdown(ssl, SSL_RECEIVED_SHUTDOWN);
1027 - for(c = cq->first; c; c = c->next) {
1028 + for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
1029 int chunk_finished = 0;
1038 if (c->mem->used == 0 || c->mem->used == 1) {
1041 offset = c->mem->ptr + c->offset;
1042 toSend = c->mem->used - 1 - c->offset;
1043 + if (toSend > max_bytes) toSend = max_bytes;
1046 * SSL_write man-page
1051 - if ((r = SSL_write(ssl, offset, toSend)) <= 0) {
1052 + r = SSL_write(ssl, offset, toSend);
1054 + if (con->renegotiations > 1 && con->conf.ssl_disable_client_renegotiation) {
1055 + log_error_write(srv, __FILE__, __LINE__, "s", "SSL: renegotiation initiated by client");
1062 switch ((ssl_r = SSL_get_error(ssl, r))) {
1070 if (c->offset == (off_t)c->mem->used - 1) {
1073 off_t offset = c->file.start + c->offset;
1074 off_t toSend = c->file.length - c->offset;
1075 + if (toSend > max_bytes) toSend = max_bytes;
1077 if (toSend > LOCAL_SEND_BUFSIZE) toSend = LOCAL_SEND_BUFSIZE;
1079 @@ -190,7 +199,14 @@
1083 - if ((r = SSL_write(ssl, s, toSend)) <= 0) {
1084 + r = SSL_write(ssl, s, toSend);
1086 + if (con->renegotiations > 1 && con->conf.ssl_disable_client_renegotiation) {
1087 + log_error_write(srv, __FILE__, __LINE__, "s", "SSL: renegotiation initiated by client");
1094 switch ((ssl_r = SSL_get_error(ssl, r))) {
1095 @@ -243,12 +259,13 @@
1102 if (c->offset == c->file.length) {
1105 - } while(!chunk_finished && !write_wait);
1106 + } while (!chunk_finished && !write_wait && max_bytes > 0);
1110 @@ -263,11 +280,9 @@
1118 - return chunks_written;
1123 Index: src/http_auth.c
1124 ===================================================================
1125 --- src/http_auth.c (.../tags/lighttpd-1.4.29)
1126 +++ src/http_auth.c (.../branches/lighttpd-1.4.x)
1130 #include "http_auth.h"
1131 -#include "http_auth_digest.h"
1132 #include "inet_ntop_cache.h"
1140 -# include <openssl/md5.h>
1145 -typedef li_MD5_CTX MD5_CTX;
1146 -#define MD5_Init li_MD5_Init
1147 -#define MD5_Update li_MD5_Update
1148 -#define MD5_Final li_MD5_Final
1150 +#define HASHHEXLEN 32
1151 +typedef unsigned char HASH[HASHLEN];
1152 +typedef char HASHHEX[HASHHEXLEN+1];
1155 +static void CvtHex(const HASH Bin, char Hex[33]) {
1158 + for (i = 0; i < 16; i++) {
1159 + Hex[i*2] = int2hex((Bin[i] >> 4) & 0xf);
1160 + Hex[i*2+1] = int2hex(Bin[i] & 0xf);
1166 * the $apr1$ handling is taken from apache 1.3.x
1170 /* run through the whole string, converting as we go */
1171 for (i = 0; i < in_len; i++) {
1173 + ch = (unsigned char) in[i];
1175 if (ch == '\0') break;
1179 static void to64(char *s, unsigned long v, int n)
1181 - static unsigned char itoa64[] = /* 0 ... 63 => ASCII - 64 */
1182 + static const unsigned char itoa64[] = /* 0 ... 63 => ASCII - 64 */
1183 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
1187 const char *sp, *ep;
1188 unsigned char final[APR_MD5_DIGESTSIZE];
1190 - MD5_CTX ctx, ctx1;
1191 + li_MD5_CTX ctx, ctx1;
1195 @@ -487,33 +491,33 @@
1197 * 'Time to make the doughnuts..'
1200 + li_MD5_Init(&ctx);
1203 * The password first, since that is what is most unknown
1205 - MD5_Update(&ctx, pw, strlen(pw));
1206 + li_MD5_Update(&ctx, pw, strlen(pw));
1209 * Then our magic string
1211 - MD5_Update(&ctx, APR1_ID, strlen(APR1_ID));
1212 + li_MD5_Update(&ctx, APR1_ID, strlen(APR1_ID));
1217 - MD5_Update(&ctx, sp, sl);
1218 + li_MD5_Update(&ctx, sp, sl);
1221 * Then just as many characters of the MD5(pw, salt, pw)
1224 - MD5_Update(&ctx1, pw, strlen(pw));
1225 - MD5_Update(&ctx1, sp, sl);
1226 - MD5_Update(&ctx1, pw, strlen(pw));
1227 - MD5_Final(final, &ctx1);
1228 + li_MD5_Init(&ctx1);
1229 + li_MD5_Update(&ctx1, pw, strlen(pw));
1230 + li_MD5_Update(&ctx1, sp, sl);
1231 + li_MD5_Update(&ctx1, pw, strlen(pw));
1232 + li_MD5_Final(final, &ctx1);
1233 for (pl = strlen(pw); pl > 0; pl -= APR_MD5_DIGESTSIZE) {
1234 - MD5_Update(&ctx, final,
1235 + li_MD5_Update(&ctx, final,
1236 (pl > APR_MD5_DIGESTSIZE) ? APR_MD5_DIGESTSIZE : pl);
1239 @@ -527,10 +531,10 @@
1241 for (i = strlen(pw); i != 0; i >>= 1) {
1243 - MD5_Update(&ctx, final, 1);
1244 + li_MD5_Update(&ctx, final, 1);
1247 - MD5_Update(&ctx, pw, 1);
1248 + li_MD5_Update(&ctx, pw, 1);
1253 strncat(passwd, sp, sl);
1254 strcat(passwd, "$");
1256 - MD5_Final(final, &ctx);
1257 + li_MD5_Final(final, &ctx);
1260 * And now, just to make sure things don't run too fast..
1261 @@ -550,28 +554,28 @@
1262 * need 30 seconds to build a 1000 entry dictionary...
1264 for (i = 0; i < 1000; i++) {
1266 + li_MD5_Init(&ctx1);
1268 - MD5_Update(&ctx1, pw, strlen(pw));
1269 + li_MD5_Update(&ctx1, pw, strlen(pw));
1272 - MD5_Update(&ctx1, final, APR_MD5_DIGESTSIZE);
1273 + li_MD5_Update(&ctx1, final, APR_MD5_DIGESTSIZE);
1276 - MD5_Update(&ctx1, sp, sl);
1277 + li_MD5_Update(&ctx1, sp, sl);
1281 - MD5_Update(&ctx1, pw, strlen(pw));
1282 + li_MD5_Update(&ctx1, pw, strlen(pw));
1286 - MD5_Update(&ctx1, final, APR_MD5_DIGESTSIZE);
1287 + li_MD5_Update(&ctx1, final, APR_MD5_DIGESTSIZE);
1290 - MD5_Update(&ctx1, pw, strlen(pw));
1291 + li_MD5_Update(&ctx1, pw, strlen(pw));
1293 - MD5_Final(final,&ctx1);
1294 + li_MD5_Final(final,&ctx1);
1297 p = passwd + strlen(passwd);
1298 @@ -614,17 +618,17 @@
1299 * user:realm:md5(user:realm:password)
1303 + li_MD5_CTX Md5Ctx;
1307 - MD5_Init(&Md5Ctx);
1308 - MD5_Update(&Md5Ctx, (unsigned char *)username->ptr, username->used - 1);
1309 - MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1310 - MD5_Update(&Md5Ctx, (unsigned char *)realm->ptr, realm->used - 1);
1311 - MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1312 - MD5_Update(&Md5Ctx, (unsigned char *)pw, strlen(pw));
1313 - MD5_Final(HA1, &Md5Ctx);
1314 + li_MD5_Init(&Md5Ctx);
1315 + li_MD5_Update(&Md5Ctx, (unsigned char *)username->ptr, username->used - 1);
1316 + li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1317 + li_MD5_Update(&Md5Ctx, (unsigned char *)realm->ptr, realm->used - 1);
1318 + li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1319 + li_MD5_Update(&Md5Ctx, (unsigned char *)pw, strlen(pw));
1320 + li_MD5_Final(HA1, &Md5Ctx);
1326 buffer *password, *b, *username_buf, *realm_buf;
1329 + li_MD5_CTX Md5Ctx;
1333 @@ -1067,13 +1071,13 @@
1335 if (p->conf.auth_backend == AUTH_BACKEND_PLAIN) {
1336 /* generate password from plain-text */
1337 - MD5_Init(&Md5Ctx);
1338 - MD5_Update(&Md5Ctx, (unsigned char *)username, strlen(username));
1339 - MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1340 - MD5_Update(&Md5Ctx, (unsigned char *)realm, strlen(realm));
1341 - MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1342 - MD5_Update(&Md5Ctx, (unsigned char *)password->ptr, password->used - 1);
1343 - MD5_Final(HA1, &Md5Ctx);
1344 + li_MD5_Init(&Md5Ctx);
1345 + li_MD5_Update(&Md5Ctx, (unsigned char *)username, strlen(username));
1346 + li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1347 + li_MD5_Update(&Md5Ctx, (unsigned char *)realm, strlen(realm));
1348 + li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1349 + li_MD5_Update(&Md5Ctx, (unsigned char *)password->ptr, password->used - 1);
1350 + li_MD5_Final(HA1, &Md5Ctx);
1351 } else if (p->conf.auth_backend == AUTH_BACKEND_HTDIGEST) {
1353 /* transform the 32-byte-hex-md5 to a 16-byte-md5 */
1354 @@ -1090,45 +1094,45 @@
1357 strcasecmp(algorithm, "md5-sess") == 0) {
1358 - MD5_Init(&Md5Ctx);
1359 - MD5_Update(&Md5Ctx, (unsigned char *)HA1, 16);
1360 - MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1361 - MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce));
1362 - MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1363 - MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce));
1364 - MD5_Final(HA1, &Md5Ctx);
1365 + li_MD5_Init(&Md5Ctx);
1366 + li_MD5_Update(&Md5Ctx, (unsigned char *)HA1, 16);
1367 + li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1368 + li_MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce));
1369 + li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1370 + li_MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce));
1371 + li_MD5_Final(HA1, &Md5Ctx);
1376 /* calculate H(A2) */
1377 - MD5_Init(&Md5Ctx);
1378 - MD5_Update(&Md5Ctx, (unsigned char *)m, strlen(m));
1379 - MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1380 - MD5_Update(&Md5Ctx, (unsigned char *)uri, strlen(uri));
1381 + li_MD5_Init(&Md5Ctx);
1382 + li_MD5_Update(&Md5Ctx, (unsigned char *)m, strlen(m));
1383 + li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1384 + li_MD5_Update(&Md5Ctx, (unsigned char *)uri, strlen(uri));
1385 if (qop && strcasecmp(qop, "auth-int") == 0) {
1386 - MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1387 - MD5_Update(&Md5Ctx, (unsigned char *)"", HASHHEXLEN);
1388 + li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1389 + li_MD5_Update(&Md5Ctx, (unsigned char *)"", HASHHEXLEN);
1391 - MD5_Final(HA2, &Md5Ctx);
1392 + li_MD5_Final(HA2, &Md5Ctx);
1393 CvtHex(HA2, HA2Hex);
1395 /* calculate response */
1396 - MD5_Init(&Md5Ctx);
1397 - MD5_Update(&Md5Ctx, (unsigned char *)a1, HASHHEXLEN);
1398 - MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1399 - MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce));
1400 - MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1401 + li_MD5_Init(&Md5Ctx);
1402 + li_MD5_Update(&Md5Ctx, (unsigned char *)a1, HASHHEXLEN);
1403 + li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1404 + li_MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce));
1405 + li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1407 - MD5_Update(&Md5Ctx, (unsigned char *)nc, strlen(nc));
1408 - MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1409 - MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce));
1410 - MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1411 - MD5_Update(&Md5Ctx, (unsigned char *)qop, strlen(qop));
1412 - MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1413 + li_MD5_Update(&Md5Ctx, (unsigned char *)nc, strlen(nc));
1414 + li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1415 + li_MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce));
1416 + li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1417 + li_MD5_Update(&Md5Ctx, (unsigned char *)qop, strlen(qop));
1418 + li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
1420 - MD5_Update(&Md5Ctx, (unsigned char *)HA2Hex, HASHHEXLEN);
1421 - MD5_Final(RespHash, &Md5Ctx);
1422 + li_MD5_Update(&Md5Ctx, (unsigned char *)HA2Hex, HASHHEXLEN);
1423 + li_MD5_Final(RespHash, &Md5Ctx);
1424 CvtHex(RespHash, a2);
1426 if (0 != strcmp(a2, respons)) {
1427 @@ -1171,24 +1175,24 @@
1429 int http_auth_digest_generate_nonce(server *srv, mod_auth_plugin_data *p, buffer *fn, char out[33]) {
1432 + li_MD5_CTX Md5Ctx;
1437 /* generate shared-secret */
1438 - MD5_Init(&Md5Ctx);
1439 - MD5_Update(&Md5Ctx, (unsigned char *)fn->ptr, fn->used - 1);
1440 - MD5_Update(&Md5Ctx, (unsigned char *)"+", 1);
1441 + li_MD5_Init(&Md5Ctx);
1442 + li_MD5_Update(&Md5Ctx, (unsigned char *)fn->ptr, fn->used - 1);
1443 + li_MD5_Update(&Md5Ctx, (unsigned char *)"+", 1);
1445 /* we assume sizeof(time_t) == 4 here, but if not it ain't a problem at all */
1446 LI_ltostr(hh, srv->cur_ts);
1447 - MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
1448 - MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy));
1449 + li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
1450 + li_MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy));
1451 LI_ltostr(hh, rand());
1452 - MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
1453 + li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
1455 - MD5_Final(h, &Md5Ctx);
1456 + li_MD5_Final(h, &Md5Ctx);
1460 Index: src/mod_usertrack.c
1461 ===================================================================
1462 --- src/mod_usertrack.c (.../tags/lighttpd-1.4.29)
1463 +++ src/mod_usertrack.c (.../branches/lighttpd-1.4.x)
1469 -# include <openssl/md5.h>
1474 -typedef li_MD5_CTX MD5_CTX;
1475 -#define MD5_Init li_MD5_Init
1476 -#define MD5_Update li_MD5_Update
1477 -#define MD5_Final li_MD5_Final
1481 /* plugin config for all request/connections */
1485 plugin_data *p = p_d;
1487 unsigned char h[16];
1489 + li_MD5_CTX Md5Ctx;
1492 if (con->uri.path->used == 0) return HANDLER_GO_ON;
1493 @@ -228,18 +218,18 @@
1494 /* taken from mod_auth.c */
1496 /* generate shared-secret */
1497 - MD5_Init(&Md5Ctx);
1498 - MD5_Update(&Md5Ctx, (unsigned char *)con->uri.path->ptr, con->uri.path->used - 1);
1499 - MD5_Update(&Md5Ctx, (unsigned char *)"+", 1);
1500 + li_MD5_Init(&Md5Ctx);
1501 + li_MD5_Update(&Md5Ctx, (unsigned char *)con->uri.path->ptr, con->uri.path->used - 1);
1502 + li_MD5_Update(&Md5Ctx, (unsigned char *)"+", 1);
1504 /* we assume sizeof(time_t) == 4 here, but if not it ain't a problem at all */
1505 LI_ltostr(hh, srv->cur_ts);
1506 - MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
1507 - MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy));
1508 + li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
1509 + li_MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy));
1510 LI_ltostr(hh, rand());
1511 - MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
1512 + li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
1514 - MD5_Final(h, &Md5Ctx);
1515 + li_MD5_Final(h, &Md5Ctx);
1517 buffer_append_string_encoded(ds->value, (char *)h, 16, ENCODING_HEX);
1518 buffer_append_string_len(ds->value, CONST_STR_LEN("; Path=/"));
1519 Index: src/mod_status.c
1520 ===================================================================
1521 --- src/mod_status.c (.../tags/lighttpd-1.4.29)
1522 +++ src/mod_status.c (.../branches/lighttpd-1.4.x)
1525 buffer_append_string_len(b, CONST_STR_LEN("</td><td class=\"int\">"));
1527 - if (con->request.content_length) {
1528 + if (c->request.content_length) {
1529 buffer_append_long(b, c->request_content_queue->bytes_in);
1530 buffer_append_string_len(b, CONST_STR_LEN("/"));
1531 buffer_append_long(b, c->request.content_length);
1532 Index: src/settings.h
1533 ===================================================================
1534 --- src/settings.h (.../tags/lighttpd-1.4.29)
1535 +++ src/settings.h (.../branches/lighttpd-1.4.x)
1537 * 64kB (no real reason, just a guess)
1539 #define BUFFER_MAX_REUSE_SIZE (4 * 1024)
1540 -#define MAX_READ_LIMIT (4*1024*1024)
1542 +/* both should be way smaller than SSIZE_MAX :) */
1543 +#define MAX_READ_LIMIT (256*1024)
1544 +#define MAX_WRITE_LIMIT (256*1024)
1547 * max size of the HTTP request header
1549 Index: src/mod_cml_lua.c
1550 ===================================================================
1551 --- src/mod_cml_lua.c (.../tags/lighttpd-1.4.29)
1552 +++ src/mod_cml_lua.c (.../branches/lighttpd-1.4.x)
1558 -# include <openssl/md5.h>
1562 -typedef li_MD5_CTX MD5_CTX;
1563 -#define MD5_Init li_MD5_Init
1564 -#define MD5_Update li_MD5_Update
1565 -#define MD5_Final li_MD5_Final
1570 typedef unsigned char HASH[HASHLEN];
1571 #define HASHHEXLEN 32
1572 Index: src/mod_fastcgi.c
1573 ===================================================================
1574 --- src/mod_fastcgi.c (.../tags/lighttpd-1.4.29)
1575 +++ src/mod_fastcgi.c (.../branches/lighttpd-1.4.x)
1576 @@ -3075,7 +3075,7 @@
1577 fcgi_set_state(srv, hctx, FCGI_STATE_WRITE);
1579 case FCGI_STATE_WRITE:
1580 - ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb);
1581 + ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb, MAX_WRITE_LIMIT);
1583 chunkqueue_remove_finished_chunks(hctx->wb);
1585 @@ -3132,7 +3132,6 @@
1586 plugin_data *p = p_d;
1588 handler_ctx *hctx = con->plugin_ctx[p->id];
1590 fcgi_extension_host *host;
1592 if (NULL == hctx) return HANDLER_GO_ON;
1593 @@ -3201,7 +3200,6 @@
1594 /* ok, create the request */
1595 switch(fcgi_write_request(srv, hctx)) {
1597 - proc = hctx->proc;
1600 if (hctx->state == FCGI_STATE_INIT ||
1601 Index: src/network_solaris_sendfilev.c
1602 ===================================================================
1603 --- src/network_solaris_sendfilev.c (.../tags/lighttpd-1.4.29)
1604 +++ src/network_solaris_sendfilev.c (.../branches/lighttpd-1.4.x)
1609 -int network_write_chunkqueue_solarissendfilev(server *srv, connection *con, int fd, chunkqueue *cq) {
1610 +int network_write_chunkqueue_solarissendfilev(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) {
1612 - size_t chunks_written = 0;
1614 - for(c = cq->first; c; c = c->next, chunks_written++) {
1615 + for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
1616 int chunk_finished = 0;
1625 size_t num_chunks, i;
1627 chunks[i].iov_base = offset;
1629 /* protect the return value of writev() */
1630 - if (toSend > SSIZE_MAX ||
1631 - num_bytes + toSend > SSIZE_MAX) {
1632 - chunks[i].iov_len = SSIZE_MAX - num_bytes;
1633 + if (toSend > max_bytes ||
1634 + (off_t) num_bytes + toSend > max_bytes) {
1635 + chunks[i].iov_len = max_bytes - num_bytes;
1639 @@ -119,11 +118,10 @@
1641 if (chunk_finished) {
1642 /* skip the chunks from further touches */
1646 /* chunks_written + c = c->next is done in the for()*/
1648 + chunk_finished = 1;
1651 /* partially written */
1657 - size_t toSend, written;
1658 + off_t offset, toSend;
1661 stat_cache_entry *sce = NULL;
1665 offset = c->file.start + c->offset;
1666 toSend = c->file.length - c->offset;
1667 + if (toSend > max_bytes) toSend = max_bytes;
1669 if (offset > sce->st.st_size) {
1670 log_error_write(srv, __FILE__, __LINE__, "sb", "file was shrinked:", c->file.name);
1673 c->offset += written;
1674 cq->bytes_out += written;
1675 + max_bytes -= written;
1677 if (c->offset == c->file.length) {
1683 - return chunks_written;
1688 Index: src/CMakeLists.txt
1689 ===================================================================
1690 Index: src/mod_dirlisting.c
1691 ===================================================================
1692 --- src/mod_dirlisting.c (.../tags/lighttpd-1.4.29)
1693 +++ src/mod_dirlisting.c (.../branches/lighttpd-1.4.x)
1697 #ifdef HAVE_PATHCONF
1698 - if (-1 == (name_max = pathconf(dir->ptr, _PC_NAME_MAX))) {
1699 + if (0 >= (name_max = pathconf(dir->ptr, _PC_NAME_MAX))) {
1700 + /* some broken fs (fuse) return 0 instead of -1 */
1702 name_max = NAME_MAX;
1704 Index: src/network_linux_sendfile.c
1705 ===================================================================
1706 --- src/network_linux_sendfile.c (.../tags/lighttpd-1.4.29)
1707 +++ src/network_linux_sendfile.c (.../branches/lighttpd-1.4.x)
1709 /* on linux 2.4.29 + debian/ubuntu we have crashes if this is enabled */
1710 #undef HAVE_POSIX_FADVISE
1712 -int network_write_chunkqueue_linuxsendfile(server *srv, connection *con, int fd, chunkqueue *cq) {
1713 +int network_write_chunkqueue_linuxsendfile(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) {
1715 - size_t chunks_written = 0;
1717 - for(c = cq->first; c; c = c->next, chunks_written++) {
1718 + for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
1719 int chunk_finished = 0;
1728 size_t num_chunks, i;
1731 size_t num_bytes = 0;
1733 - /* we can't send more then SSIZE_MAX bytes in one chunk */
1735 /* build writev list
1737 * 1. limit: num_chunks < UIO_MAXIOV
1738 - * 2. limit: num_bytes < SSIZE_MAX
1739 + * 2. limit: num_bytes < max_bytes
1741 for (num_chunks = 0, tc = c;
1742 tc && tc->type == MEM_CHUNK && num_chunks < UIO_MAXIOV;
1744 chunks[i].iov_base = offset;
1746 /* protect the return value of writev() */
1747 - if (toSend > SSIZE_MAX ||
1748 - num_bytes + toSend > SSIZE_MAX) {
1749 - chunks[i].iov_len = SSIZE_MAX - num_bytes;
1750 + if (toSend > max_bytes ||
1751 + (off_t) num_bytes + toSend > max_bytes) {
1752 + chunks[i].iov_len = max_bytes - num_bytes;
1758 /* check which chunks have been written */
1762 for(i = 0, tc = c; i < num_chunks; i++, tc = tc->next) {
1763 if (r >= (ssize_t)chunks[i].iov_len) {
1764 @@ -109,11 +107,10 @@
1766 if (chunk_finished) {
1767 /* skip the chunks from further touches */
1771 /* chunks_written + c = c->next is done in the for()*/
1773 + chunk_finished = 1;
1776 /* partially written */
1777 @@ -130,13 +127,12 @@
1783 stat_cache_entry *sce = NULL;
1785 offset = c->file.start + c->offset;
1786 - /* limit the toSend to 2^31-1 bytes in a chunk */
1787 - toSend = c->file.length - c->offset > ((1 << 30) - 1) ?
1788 - ((1 << 30) - 1) : c->file.length - c->offset;
1789 + toSend = c->file.length - c->offset;
1790 + if (toSend > max_bytes) toSend = max_bytes;
1792 /* open file if not already opened */
1793 if (-1 == c->file.fd) {
1800 if (c->offset == c->file.length) {
1806 - return chunks_written;
1811 Index: tests/mod-auth.t
1812 ===================================================================
1813 --- tests/mod-auth.t (.../tags/lighttpd-1.4.29)
1814 +++ tests/mod-auth.t (.../branches/lighttpd-1.4.x)
1819 -use Test::More tests => 14;
1820 +use Test::More tests => 15;
1823 my $tf = LightyTest->new();
1826 $t->{REQUEST} = ( <<EOF
1827 GET /server-status HTTP/1.0
1828 +Authorization: Basic \x80mFuOmphb
1831 +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ];
1832 +ok($tf->handle_http($t) == 0, 'Basic-Auth: Invalid base64 Auth-token');
1834 +$t->{REQUEST} = ( <<EOF
1835 +GET /server-status HTTP/1.0
1836 Authorization: Basic amFuOmphb
1839 Index: tests/request.t
1840 ===================================================================
1841 --- tests/request.t (.../tags/lighttpd-1.4.29)
1842 +++ tests/request.t (.../branches/lighttpd-1.4.x)
1847 -use Test::More tests => 44;
1848 +use Test::More tests => 46;
1851 my $tf = LightyTest->new();
1852 @@ -413,5 +413,21 @@
1853 $t->{SLOWREQUEST} = 1;
1854 ok($tf->handle_http($t) == 0, 'GET, slow \\r\\n\\r\\n (#2105)');
1856 +print "\nPathinfo for static files\n";
1857 +$t->{REQUEST} = ( <<EOF
1858 +GET /image.jpg/index.php HTTP/1.0
1861 +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'Content-Type' => 'image/jpeg' } ];
1862 +ok($tf->handle_http($t) == 0, 'static file accepting pathinfo by default');
1864 +$t->{REQUEST} = ( <<EOF
1865 +GET /image.jpg/index.php HTTP/1.0
1866 +Host: zzz.example.org
1869 +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ];
1870 +ok($tf->handle_http($t) == 0, 'static file with forbidden pathinfo');
1872 ok($tf->stop_proc == 0, "Stopping lighttpd");
1874 Index: tests/wrapper.sh
1875 ===================================================================
1876 --- tests/wrapper.sh (.../tags/lighttpd-1.4.29)
1877 +++ tests/wrapper.sh (.../branches/lighttpd-1.4.x)
1880 export SHELL srcdir top_builddir
1884 Index: tests/lighttpd.conf
1885 ===================================================================
1886 --- tests/lighttpd.conf (.../tags/lighttpd-1.4.29)
1887 +++ tests/lighttpd.conf (.../branches/lighttpd-1.4.x)
1889 $HTTP["host"] == "zzz.example.org" {
1890 server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
1891 server.name = "zzz.example.org"
1892 + static-file.disable-pathinfo = "enable"
1895 $HTTP["host"] == "symlink.example.org" {
1897 ===================================================================
1898 Index: doc/config/lighttpd.conf
1899 ===================================================================
1900 --- doc/config/lighttpd.conf (.../tags/lighttpd-1.4.29)
1901 +++ doc/config/lighttpd.conf (.../branches/lighttpd-1.4.x)
1902 @@ -394,6 +394,25 @@
1903 ## $SERVER["socket"] == "10.0.0.1:443" {
1904 ## ssl.engine = "enable"
1905 ## ssl.pemfile = "/etc/ssl/private/www.example.com.pem"
1907 +## # Mitigate BEAST attack:
1909 +## # A stricter base cipher suite. For details see:
1910 +## # http://blog.ivanristic.com/2011/10/mitigating-the-beast-attack-on-tls.html
1912 +## ssl.ciphers = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
1914 +## # Make the server prefer the order of the server side cipher suite instead of the client suite.
1915 +## # This is necessary to mitigate the BEAST attack (unless you disable all non RC4 algorithms).
1916 +## # This option is enabled by default, but only used if ssl.ciphers is set.
1918 +## # ssl.honor-cipher-order = "enable"
1920 +## # Mitigate CVE-2009-3555 by disabling client triggered renegotation
1921 +## # This is enabled by default.
1923 +## # ssl.disable-client-renegotiation = "enable"
1925 ## server.name = "www.example.com"
1927 ## server.document-root = "/srv/www/vhosts/example.com/www/"
1929 ===================================================================
1931 ===================================================================
1932 --- NEWS (.../tags/lighttpd-1.4.29)
1933 +++ NEWS (.../branches/lighttpd-1.4.x)
1940 + * Always use our 'own' md5 implementation, fixes linking issues on MacOS (fixes #2331)
1941 + * Limit amount of bytes we send in one go; fixes stalling in one connection and timeouts on slow systems.
1942 + * [ssl] fix build errors when Elliptic-Curve Diffie-Hellman is disabled
1943 + * Add static-file.disable-pathinfo option to prevent handling of urls like .../secret.php/image.jpg as static file
1944 + * Don't overwrite 401 (auth required) with 501 (unknown method) (fixes #2341)
1945 + * Fix mod_status bug: always showed "0/0" in the "Read" column for uploads (fixes #2351)
1946 + * [mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362)
1947 + * [ssl] count renegotiations to prevent client renegotiations
1948 + * [ssl] add option to honor server cipher order (fixes #2364, BEAST attack)
1949 + * [core] accept dots in ipv6 addresses in host header (fixes #2359)
1950 + * [ssl] fix ssl connection aborts if files are larger than the MAX_WRITE_LIMIT (256kb)
1952 +- 1.4.29 - 2011-07-03
1953 * Fix mod_proxy waiting for response even if content-length is 0 (fixes #2259)
1954 * Silence annoying "connection closed: poll() -> ERR" error.log message (fixes #2257)
1955 * mod_cgi: make read buffer as big as incoming data block
1956 Index: CMakeLists.txt
1957 ===================================================================