Lines Matching refs:in

10 …* configure.ac: remove old stuff, add some new to fix warnings in automake 1.12 (fixes #2419, thx …
12 * fix :port handling in $HTTP["host"] checks (fixes #2135. thx liming)
17 * fix DoS in Connection header value split (reported by Jesse Sipprell, CVE-2012-5533)
21 …* [ssl] fix segfault in counting renegotiations for openssl versions without TLSEXT/SNI (thx carpi…
26 …* Fix handling of empty header list entries in http_request_split_value, fixing invalid read in va…
34 * Fix --enable-mmap handling in configure.ac
38 …* Limit amount of bytes we send in one go; fixes stalling in one connection and timeouts on slow s…
42 * Fix mod_status bug: always showed "0/0" in the "Read" column for uploads (fixes #2351)
43 * [mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362)
46 * [core] accept dots in ipv6 addresses in host header (fixes #2359)
48 * [libev/cgi] fix waitpid ECHILD errors in cgi with libev (fixes #2324)
61 * [*cgi] Use physical base dir (alias, userdir) as DOCUMENT_ROOT in cgi environments (fixes #2216)
76 …* Reset uri.authority before TLS servername handling, reset all "keep-alive" data in connection_de…
86 * mod_accesslog: Fix var declarations mixed in source (fixes #2233)
103 * Fix mod_cgi cgi.execute-x-only option in global block
106 …* Fix fd leaks in mod_cgi (fds not closed on pipe/fork failures, found by Rodrigo, fixes #2158, #2…
108 …* Append to previous buffer in con read, fix DoS/OOM vulnerability (fixes #2147, found by liming, …
109 …* Fix HUP detection in close-state if event-backend doesn't support FDEVENT_HUP (like select or po…
117 …* reset tlsext_server_name in connection_reset - fixes random hostnames in the $HTTP["host"] condi…
127 …* Keep url/host values from connection to display information while keep-alive in mod_status (fixe…
133 * Fix unused function webdav_lockdiscovery in mod_webdav
137 * Reset ignored signals to SIG_DFL before exec() in fastcgi/scgi (fixes #2029)
139 * Fix hanging connection in mod_scgi (fixes #2024)
140 * Allow digits in hostnames in more places (fixes #1148)
148 * Use disable-time in fastcgi for all disables after errors, default is 1sec (fixes #2040)
151 * Fix ipv6 in mod_proxy (fixes #2043)
155 * Print an error if you use too many captures in a regex pattern (fixes #2059)
156 …* Combine Cache-Control header value in mod_expire to existing HTTP header if header already added…
157 * Remember keep-alive-idle in separate variable (fixes #1988)
161 * Read hostname from absolute uris in the request line (fixes #1937)
181 * Fix broken return values from int to enum in mod_fastcgi
184 …* Added some extra warning options in cmake and fix the resulting warnings (unused/static function…
186 * Create rrd file for empty rrdfile in mod_rrdtool (#1788)
194 * Rename configure.in to configure.ac, with small cleanups (fixes #1932)
196 * Check for regular file in mod_cgi, so we don't try to start directories
201 * Fix trailing zero char in REQUEST_URI after "strip-request-uri" in mod_fastcgi
211 * Add '%_' pattern for complete hostname in mod_evhost (fixes #1737)
219 * Fix max-age value in mod_expire for 'modification' (fixes #1978)
225 * Workaround broken operating systems: check for trailing '/' in filenames (fixes #1989)
228 * Fix segfault in mod_expire after failed config parsing (fixes #1992)
231 * Adding support for additional chars in LDAP usernames (fixes #1941)
238 * Fix wrong lua type for CACHE_MISS/CACHE_HIT in mod_cml (fixes #533)
239 * Fix default vhost in mod_simple_vhost (fixes #1905)
240 * Handle EINTR in mod_rrdtool (fixes #604)
243 * Fix segfault in mod_scgi (fixes #1911)
244 * Treat EPIPE as connection-closed error in network_freebsd_sendfile.c (another fix from #1913)
245 …* Fix useless redirection of stderr in mod_rrdtool, as it gets redirected to /dev/null later. (fix…
247 * Fix segfault if siginfo_t* is NULL in sigaction handler (fixes #1926)
251 * Fix base64 decoding in mod_auth (#1757, thx guido)
257 …* Try to convert string options to shorts for numeric options in config file; allows to use env-va…
258 * Do not cache default vhost in mod_simple_vhost (#709)
260 …* Fix fastcgi authorization in subdirectories with check-local=disabled; don't split pathinfo for …
261 * Add possibility to disable methods in mod_compress (#1773)
263 * Fixed fix for round-robin in mod_proxy (forgot to increment the index) (#1715)
265 * Compare address family in inet_ntop_cache
268 * Optimized buffer usage in mod_proxy (fixes #1850)
269 * Fix uninitialized value in time struct after strptime
270 * Do not pass Proxy-Connection: header from client to backend http server in mod_proxy (#1877)
271 …* Fix wrong malloc sizes in mod_accesslog (probably nothing bad happened...) (fixes #1855, thx ych…
278 * Use modified etags in mod_compress (fixes #1800)
280 * Fix error handling in freebsd-sendfile (fixes #1813)
282 * Allow tabs in header values (fixes #1822)
292 * Fix mod_magnet: enable "request.method" and "request.protocol" in lighty.env (#1308)
294 …* Use data_response_init in mod_fastcgi x-sendfile handling for response.headers, fix a small "mem…
297 …* Enable escaping of % and $ in redirect/rewrite; only two cases changed their behaviour: "%%" => …
300 …* Overwrite Content-Type header in mod_dirlisting instead of inserting (#1614), patch by Henrik Ho…
301 * Handle EINTR in mod_cgi during write() (#1640)
307 …* Implement a clean way to open /dev/null and use it to close stdin/out/err in the needed places (…
310 * close connection after redirect in trigger_b4_dl (thx icy)
311 * close connection in mod_magnet if returned status code
312 * fix bug with IPv6 in mod_evasive (#1579)
316 …* [tests] fixed tests needing php running (if not running on port 1026, search php in env[PHP] or …
317 * fixed typo in mod_accesslog (#1699)
320 * Handle only HEAD, GET and POST in mod_dirlisting (same as in staticfile) (#1687)
324 * fixed round-robin balancing in mod_proxy (#1715)
325 * fixed EINTR handling for waitpid in mod_fastcgi
329 * allow digits in [s]cgi env vars (#1712)
331 * print helpful error message on conditionals in global block (#1550)
332 * decode url before matching in mod_rewrite (#1720) -- (reverted for 1.4.21)
334 …* Match headers case insensitive in response (removing of X-{Sendfile,LIGHTTPD-*}, catching Date/S…
335 …* fixed bug with case-insensitive filenames in mod_userdir (#1589), spotted by "anders1" (CVE-2008…
336 * fixed format string bugs in mod_accesslog for SYSLOG
337 * replaced fprintf with log_error_write in fastcgi debug
338 * fixed mem leak in ssi expression parser (#1753), thx Take5k
345 * fix memleak in request header parsing (#1774, thx qhy) (CVE-2008-4298)
347 * use decoded url for matching in mod_redirect (#1720) (CVE-2008-4359) -- (reverted for 1.4.21)
352 * added support for matching $HTTP["scheme"] in configs
357 matching the end of the uri in fcgi,scgi and proxy modules (#1489)
360 * prevent crash in certain php-fcgi configurations (#841)
361 * add IdleServers and Scoreboard directives in ?auto mode for mod_status (#1507)
365 * support letterhomes in mod_userdir (#1473)
366 * support chained proxies in mod_extforward (#1528)
368 * fixed ECONNRESET handling in network-openssl
369 * fixed handling of EAGAIN in network-linux-sendfile (#657)
371 * create directories in mod_compress (was broken with alias/userdir) (#1027)
372 * fixed out of range access in fd array (#1562, #372) (CVE-2008-0983)
379 * fixed including of stdint.h/inttypes.h in etag.c (#1413)
381 * log the ip of failed auth tries in error.log (enhancement #1544)
382 * fixed RoundRobin in mod_proxy (#516)
386 * fixed Content-Length header if response body gets removed in connections.c (#1412, part 2)
392 * fix min-procs handling in mod_scgi.c, just set to max-procs (patch from #623)
393 * fix sending "408 - Timeout" instead of "410 - Gone" for timedout urls in mod_secdownload (#1440)
402 * fixed FastCGI header overrun in mod_fastcgi (reported by [email protected])
405 * fixed crashing when using undefined environment variables in the config
410 * added dir-listing.set-footer in mod_dirlisting (#1277)
412 * fixed hardcoded font-sizes in mod_dirlisting (#1267)
417 * fixed crash on mixed EOL sequences in mod_cgi
419 * fixed invalid char in header values (#1286)
422 * fixed counter overrun in ?auto in mod_status (#909)
424 * fixed possible overflow in unix-socket path checks on BSD (#713)
431 * fixed crash when freeing the config in mod_alias
435 * use more LSB like paths in the sample config (#1242)
447 * fixed mem-leak in mod_auth (reported by Stefan Esser)
448 * fixed crash with md5-sess and cnonce not set in mod_auth (reported by Stefan Esser)
449 * fixed missing check for base64 encoded string in mod_auth and Basic auth
451 * fixed possible crash in Auth-Digest header parser on trailing WS in
455 * fixed crash on 32bit archs when debug-msgs are printed in mod_scgi, mod_fastcgi
481 * fix cpu hog in certain requests [1473] CVE-2007-1869
487 * fixed accesslog.use-syslog in a conditional and the caching of the
490 * fixed handling of %% in accesslog.format
494 * fixed crash on url.redirect and url.rewrite if %0 is used in a global context
496 * fixed possible crash in debug-message in mod_extforward
498 * fixed include of empty in the configfiles (#1076)
500 * fixed missing AUTH_TYPE entry in the fastcgi environment. (#889)
501 * fixed compilation in network_writev.c on MacOS X 10.3.9 (#903)
506 * added initgroups in spawn-fcgi (#871)
507 * added apr1 support htpasswd in mod-auth (#870)
509 * fixed segfault in splitted CRLF CRLF sequences
510 (introduced in 1.4.12) (#876)
511 * fixed compilation of LOCK support in mod-webdav
512 * fixed fragments in request-URLs (#869)
523 extensions in mod_magnet scripts
529 * added Content-Range support for PUT in webdav
530 * added support for += on empty arrays in config-files
541 * fixed mem-leak in mod_flv_streaming
542 * fixed required trailing newline in configfiles (#142)
561 * fixed error-messages in mod_auth and mod_fastcgi
563 * fixed handling of deleted files in linux-sendfile
576 * fixed extra newline for syslog() in mod_accesslog
577 * fixed user-track cookie for IE in mod_usertrack
578 * fixed crash in digest handling in mod_auth
593 * fixed 100% cpu loops in mod_cgi ("sandy" <sjen/at/cs.stanford.edu>)
595 * fixed IE bug in content-charset in the output of mod_dirlisting (sniper/at/php.net)
596 * fixed typos and language in the docs (ryan-2005/at/ryandesign.com)
597 * fixed assertion in mod_cgi on HEAD request is Content-Length (<sandy/at/meebo.com>)
599 * fixed endless loops in mod_fastcgi if backend is dead
600 * fixed Depth: 1 handling in PROPFIND requests on empty dirs
608 * added auto-reconnect to ldap-server in mod_auth
612 * added strip_request_uri in mod_fastcgi
621 * fixed max-age timestamps in mod_expire
622 * fixed encoding the filenames in PROPFIND in mod_webdav
623 * fixed range request handling in network_writev
624 * fixed retry on connect error in mod_fastcgi
626 * fixed possible crash in mod_webdav if sqlite3 support
630 * fixed missing cleanup in mysql_vhost
631 * fixed assert() in "connections.c:962:
633 * fixed 64bit issue in md5
634 * fixed crash in mod_status
635 * fixed duplicate headers in mod_proxy
636 * fixed Content-Length in HEAD request in mod_proxy
638 * fixed streaming in mod_cgi
639 * fixed possible overflow in password-salt handling
647 * added madvise() to instruct the kernel the do proper read-ahead in network_writev
648 * added support for %I in mod_accesslog
649 * added better compat to Apache for ?auto in mod_status
650 * added support for userdirs without a entry in /etc/passwd in mod_userdir
654 * added webdav.log-xml for logging xml-content in mod_webdav
657 non-keep-alive requests in SSL request
666 * fixed compressed output if caching was disabled (seen in IE and Opera)
668 * fixed mysql-vhost module (was broken in 1.4.5)
669 * fixed false positive in the detection of case-insensitive FS
675 * added warning for unused variables in conditionals
679 * fixed infinite loop in exec-cmd in mod_ssi
680 * fixed segfault in config handling for mod_mysql_vhost
685 * fixed crc errors in mod_compress on 64bit platforms
686 * fixed handling of overlapping fastcgi packets (bug added in 1.4.4)
688 * fixed a segfault in mod_rewrite if %1 references were used
689 * fixed handling of empty request URIs in HTTP requests
692 * added support for %V in mod_accesslog
695 * fixed METHOD in mod_accesslog of WebDAV methods
696 * fixed check for permission before files in sent
700 * fixed memleak in stat-cache
701 * fixed aborted connections if file was moved while in transfer
713 * fixed bin-copy-env in mod_fastcgi
718 * fixed memleak in stat-cache
719 * fixed infinite loop in mod_cgi
722 * fixed infinite loop in SSL
729 * fixed response header in body problem in mod_cgi
732 * fixed conditional options in mod_dirlisting
733 * fixed segfault in mod_dirlisting for NFS directories
734 * fixed check for docroot in change-root environments
742 * fixed cleanup in mod_proxy and mod_fastcgi
750 * added support for PATH_INFO guessing if check-local is disabled in
757 * fixed endless loops in mod_rewrite
760 * fixed 'can't reach host' in mod_proxy
769 * relaxed handling of characters in URIs even more
781 * fixed endless loops in mod_fastcgi, mod_cgi and mod_proxy
797 * fixed segfault in debug-code
800 * fixed endless loop in mod_fastcgi
811 * fixed crash in mod_auth if config-options are missing
812 * fixed handling of missing trailing / in mod_userdir
814 * fixed REPORT ME error due to failed reconnects in mod_fastcgi
815 * fixed cmdline handling in mod_fastcgi
819 * added support for full commandline in spawn-fcgi
820 * fixed missing check for IP-address in mod_fastcgi
821 * fixed compile error with openssl in mod_fastcgi
830 * improved performance in FastCGI in buildind the FastCGI header
831 * fixed min-procs and max-procs in FastCGI on PowerPC
832 * fixed crash in setenv.add-response-header
833 * fixed handling of nph-scripts in CGI
834 * fixed accidently sending out physical file in CGI on error
845 * added support for syslog in mod_accesslog
847 * improved debug output in request handling
850 * fixed handling of != and !~ in configutation
851 * fixed special cases in keep-alive handling
852 * fixed timeout handling in handling POST requests
853 * fixed mode AUTHORIZER in FastCGI
867 * added support for ${...} in mod_ssi
869 * fixed multipart handling in cgi
871 * fixed wrap-around in mod_status
880 * added support in fastcgi module to spawn fastcgi
883 * fixed connection handling in fastcgi if no chunk
898 * fixed segfault in pipelining
899 * fixed a segfault in writev() handler if LFS is used
908 * fixed SERVER_NAME in CGI and FastCGI
912 * added support for NL terminators in CGI-scripts
913 * added support for conditionals in mod_auth,
916 * fixed request counter in the rrdtool module
944 * fixed handling of comments in If-Modified-Since
945 * fixed error handling in FastCGI code
957 * fixed rare problem in FastCGI header generation
963 * improved performance in the string compare functions
964 * fixed double-free in fastcgi handler
965 * fixed error-handling in cgi handler
982 * fixed large post uploads in fastcgi
990 * fixed index-files for FastCGI if webserver is in chroot
993 * fixed timestamps in Last-Modified checks
1000 * added support for unix domain sockets in FastCGI
1028 * added 'check-local' option to disable local stat() in the FastCGI module
1053 * fixed some memory leaks in the configfile parser
1061 * use localtime in accesslog if possible
1084 * fixed logcycling in chroot()
1119 * request-headers are now handled case-in-sensitive as required
1125 * some updates in the documentation
1126 * a entry in the error-log for a 404