[multiple] employ ck_calloc, ck_malloc shared code

employ ck_calloc(), ck_malloc() shared code to slightly reduce code size
(centralize the ck_assert() to check that memory allocation succeeded)

[multiple] mark mod_*_plugin_init() funcs cold

[build] meson crypt and dl detection on *BSD (fixes #3133)

(thx devnexen)

x-ref:
"netbsd meson build fix"
https://redmine.lighttpd.net/issues/3133

[build] feature consistency between build types

upate config.h.cmake for missing defines
minor adjustments to other builds for features consistency

[mod_auth] RFC7616 HTTP Digest username* userhash

RFC7616 HTTP Digest username* and userhash support (if configured)

userhash support must be configured to enable:
auth.require = ( "/" => ( "user

[mod_auth] RFC7616 HTTP Digest username* userhash

RFC7616 HTTP Digest username* and userhash support (if configured)

userhash support must be configured to enable:
auth.require = ( "/" => ( "userhash" => "enable", ... ) )
and one of
auth.backend = "htdigest" # mod_authn_file
or
auth.backend = "dbi" # mod_authn_dbi
and appropriate modification to add userhash into htdigest or db table
along with adding "sql-userhash" => "..." SQL query for mod_authn_dbi

Note: open issue with curl preventing userhash from working with curl:
https://github.com/curl/curl/pull/8066

show more ...

[mod_auth] clear crypt() output if len >= 13

crypt() static output buffer is cleared upon next call to crypt(),
but clear output buffer anyway since next call to crypt() might be
much later. Only c

[mod_auth] clear crypt() output if len >= 13

crypt() static output buffer is cleared upon next call to crypt(),
but clear output buffer anyway since next call to crypt() might be
much later. Only clear crypt() output if length >= 13, since if
there is an error in crypt(), 'man crypt' warns:

"Some implementations of crypt, upon error, return an invalid hash that
is stored in a read-only location or only initialized once, which means
that it is only safe to erase the buffer pointed to by the crypt return
value if an error did not occur."

show more ...

[multiple] remove base.h include where not used

(substitute request.h if file only accesses request_st,
and not connection or server structs)

[multiple] use <algo>_iov() digest funcs

reduce code duplication
make it easier to add new algos

mod_authn_file:
- leverage r->tmp_buf instead of temporary allocating buffer_init()
- mod_authn_file

[multiple] use <algo>_iov() digest funcs

reduce code duplication
make it easier to add new algos

mod_authn_file:
- leverage r->tmp_buf instead of temporary allocating buffer_init()
- mod_authn_file_htpasswd_basic()
- compare binary SHA1 (shorter) rather than base64 (longer)
- split crypt() from mod_authn_file_htpasswd_basic() to separate func
- apr_md5_encode() modifications for slightly better performance

show more ...

[multiple] reduce redundant NULL buffer checks

This commit is a large set of code changes and results in removal of
hundreds, perhaps thousands, of CPU instructions, a portion of which
are on hot co

[multiple] reduce redundant NULL buffer checks

This commit is a large set of code changes and results in removal of
hundreds, perhaps thousands, of CPU instructions, a portion of which
are on hot code paths.

Most (buffer *) used by lighttpd are not NULL, especially since buffers
were inlined into numerous larger structs such as request_st and chunk.

In the small number of instances where that is not the case, a NULL
check is often performed earlier in a function where that buffer is
later used with a buffer_* func. In the handful of cases that remained,
a NULL check was added, e.g. with r->http_host and r->conf.server_tag.

- check for empty strings at config time and set value to NULL if blank
string will be ignored at runtime; at runtime, simple pointer check
for NULL can be used to check for a value that has been set and is not
blank ("")
- use buffer_is_blank() instead of buffer_string_is_empty(),
and use buffer_is_unset() instead of buffer_is_empty(),
where buffer is known not to be NULL so that NULL check can be skipped
- use buffer_clen() instead of buffer_string_length() when buffer is
known not to be NULL (to avoid NULL check at runtime)
- use buffer_truncate() instead of buffer_string_set_length() to
truncate string, and use buffer_extend() to extend

Examples where buffer known not to be NULL:
- cpv->v.b from config_plugin_values_init is not NULL if T_CONFIG_BOOL
(though we might set it to NULL if buffer_is_blank(cpv->v.b))
- address of buffer is arg (&foo)
(compiler optimizer detects this in most, but not all, cases)
- buffer is checked for NULL earlier in func
- buffer is accessed in same scope without a NULL check (e.g. b->ptr)

internal behavior change:
callers must not pass a NULL buffer to some funcs.
- buffer_init_buffer() requires non-null args
- buffer_copy_buffer() requires non-null args
- buffer_append_string_buffer() requires non-null args
- buffer_string_space() requires non-null arg

show more ...

[mod_auth*] rename http_auth.* -> mod_auth_api.*

rename http_auth.[ch] -> mod_auth_api.[ch]

[multiple] http_auth_digest_hex2bin -> li_hex2bin

move http_auth.c:http_auth_digest_hex2bin() to buffer.c:li_hex2bin()
for reuse, e.g. for use by mod_secdownload, which is not mod_auth*

[multiple] rename safe_memclear() -> ck_memzero()

[multiple] move const time cmp funcs to ck.[ch]

http_auth_const_time_memeq_pad() -> ck_memeq_const_time()
http_auth_const_time_memeq() -> ck_memeq_const_time_fixed_len()

[mod_auth] include unistd.h for crypt() on *nix

(needed by *BSD in addition to Mac OS)

[mod_auth] include unistd.h for crypt() on Mac OS

[mod_authn_file] wipe password/digest after use

slurp password/digest file into memory and then clear after use
(avoid stdio, which buffers by default and does not wipe those buffers)

password/dige

[mod_authn_file] wipe password/digest after use

slurp password/digest file into memory and then clear after use
(avoid stdio, which buffers by default and does not wipe those buffers)

password/digest files are not expected to be very large
e.g. a password file with 1000 entries is expected to be < 64k
If files are larger, mod_authn_dbi or other mod_authn_* is recommended

show more ...

[mod_authn_mysql,file] use crypt() to save stack

use crypt() instead of crypt_r() to save stack space,
as struct crypt_data might be very large.

While crypt() is not thread-safe, lighttpd is single

[mod_authn_mysql,file] use crypt() to save stack

use crypt() instead of crypt_r() to save stack space,
as struct crypt_data might be very large.

While crypt() is not thread-safe, lighttpd is single-threaded

show more ...

[core] sys-crypto-md.h w/ inline message digest fn

sys-crypto-md.h w/ inline message digest functions; shared code

[mod_gnutls] GnuTLS option for TLS (fixes #109)

(experimental)

mod_gnutls supports most ssl.* config options supported by mod_openssl

x-ref:
"GnuTLS support for the mod_ssl"
https://redmine.li

[mod_gnutls] GnuTLS option for TLS (fixes #109)

(experimental)

mod_gnutls supports most ssl.* config options supported by mod_openssl

x-ref:
"GnuTLS support for the mod_ssl"
https://redmine.lighttpd.net/issues/109

show more ...

[mod_mbedtls] mbedTLS option for TLS

(experimental)

mod_mbedtls supports most ssl.* config options supported by mod_openssl

thx Ward Willats for the initial discussion and attempt in the comments

[mod_mbedtls] mbedTLS option for TLS

(experimental)

mod_mbedtls supports most ssl.* config options supported by mod_openssl

thx Ward Willats for the initial discussion and attempt in the comments
https://redmine.lighttpd.net/boards/3/topics/7029

show more ...

[multiple] ./configure --with-nettle to use Nettle

./configure --with-nettle to use Nettle crypto lib for algorithms,
instead of OpenSSL or wolfSSL. Note: Nettle does not provide TLS.

x-ref:
"Ho

[multiple] ./configure --with-nettle to use Nettle

./configure --with-nettle to use Nettle crypto lib for algorithms,
instead of OpenSSL or wolfSSL. Note: Nettle does not provide TLS.

x-ref:
"How to use SHA-256 without OpenSSL?"
https://redmine.lighttpd.net/boards/2/topics/8903

show more ...

[multiple] split con, request (very large change)

NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access)

NB: request read and write chunkqueues currently point to connection
chun

[multiple] split con, request (very large change)

NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access)

NB: request read and write chunkqueues currently point to connection
chunkqueues; per-request and per-connection chunkqueues are
not distinct from one another
con->read_queue == r->read_queue
con->write_queue == r->write_queue

NB: in the future, a separate connection config may be needed for
connection-level module hooks. Similarly, might need to have
per-request chunkqueues separate from per-connection chunkqueues.
Should probably also have a request_reset() which is distinct from
connection_reset().

show more ...

[multiple] copy small struct instead of memcpy()

when patching config

[multiple] prefer (connection *) to (srv *)

convert all log_error_write() to log_error() and pass (log_error_st *)

use con->errh in preference to srv->errh (even though currently same)

avoid passi

[multiple] prefer (connection *) to (srv *)

convert all log_error_write() to log_error() and pass (log_error_st *)

use con->errh in preference to srv->errh (even though currently same)

avoid passing (server *) when previously used only for logging (errh)

show more ...

[multiple] plugin.c handles common FREE_FUNC code

(simpler for modules; less boilerplate to cut-n-paste)