Currently, it is not feasible to configure lighttpd to use OpenSSL as
its internal crypto library. Instead, one must rely on alternative
crypto libraries such as Nettle or mbedTLS. This setup is not ideal in
scenarios where a single crypto library is preferred. To address this
issue, lets propose introducing OpenSSL as an additional configuration
option. Similarly, propose GnuTLS as additional configuration option.
Closes: #24004
Co-developed-by: Glenn Strauss <gstrauss@gluelogic.com>
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The next version of lighttpd will move HTTP/2 support from the lighttpd
base executable into a separate module: mod_h2
Include patch to do so now, and update packaging to handle it.
HTTP/2 support is enabled by default since lighttpd 1.4.59, but if
HTTP/2 support is explicitly disabled in the configuration, then mod_h2
will not be loaded, thereby reducing lighttpd memory use.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
add lighttpd-mod-webdav_min package alternative to lighttpd-mod-webdav
lighttpd-mod-webdav_min is more minimal than full lighttpd-mod-webdav.
lighttpd-mod-webdav_min does not support PROPPATCH, LOCK, UNLOCK, and
by not supporting those methods, removes dependencies on libxml2,
libsqlite3, and libuuid.
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
- ignore Content-Length from backend if 101 Switching Protocols
- close HTTP/2 connection after bad password
- skip cert chain build for self-issued certs
- meson zstd fix
- ls-hpack upstream update
- discard some HTTP/2 DATA frames received after response
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
The crude loop I wrote to come up with this changeset:
find -L package/feeds/packages/ -name patches | \
sed 's/patches$/refresh/' | sort | xargs make
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
Simplifies the Makefile and allows faster compilation with Ninja.
Added patch to fix libmariadb dependency.
Added extra modules.
Speed Before:
time make package/lighttpd/compile -j 12
Executed in 47.91 secs fish external
usr time 41.83 secs 384.00 micros 41.83 secs
sys time 10.79 secs 37.00 micros 10.79 secs
Speed After:
time make package/lighttpd/compile -j 12
Executed in 19.67 secs fish external
usr time 42.79 secs 377.00 micros 42.79 secs
sys time 8.56 secs 37.00 micros 8.56 secs
Tested with fish shell.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
All of the bugs for which we had patches have been fixed upstream
in 1.4.46, so the patches can be dropped.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
The most important change is local redirects being disabled by default.
There is an option called cgi.local-redir that allows enabling this
optimization manually back if needed.
Local redirects were initially introduced in 1.4.40 but caused many
problems for *some* web services.
One of problems is breaking Post/Redirect/Get design pattern. With
redirects handled on server side there is no browser redirection making
it "lose" the POST data.
Another possible issue are HTML forms with action="". With CGI local
redirects browser may be sending form data to the wrong URL (the one
that was supposed to redirect the browser).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This fixes upstream regression introduced in 1.4.40. It was reported &
debugged in https://redmine.lighttpd.net/issues/2793
This fix is queued for 1.4.46 in the personal/gstrauss/master upstream
branch.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
