#
3cc21533 |
| 17-Jan-2024 |
claudio <claudio@openbsd.org> |
Convert to use imsg_get_fd() since proc_forward_imsg() never forwards a file descriptor just use -1 there. OK tb@
|
#
8e42cc06 |
| 17-Jan-2024 |
claudio <claudio@openbsd.org> |
Get all variable-length values for the parent server before linking the server onto various list. Fixes a use-after-free if former fails. OK tb@
|
#
3a50f0a9 |
| 28-Dec-2022 |
jmc <jmc@openbsd.org> |
spelling fixes; from paul tagliamonte any parts of his diff not taken are noted on tech
|
#
cbced0bd |
| 24-Oct-2021 |
ian <ian@openbsd.org> |
Add httpd custom error page facility. Adapted by me from https://github.com/mpfr/httpd-plus. Improvements from & (earlier version) reads fine to tracey@; improvements & OK this version benno@, floria
Add httpd custom error page facility. Adapted by me from https://github.com/mpfr/httpd-plus. Improvements from & (earlier version) reads fine to tracey@; improvements & OK this version benno@, florian@. Thanks.
show more ...
|
#
78a658ca |
| 21-Sep-2020 |
tobhe <tobhe@openbsd.org> |
Fix memory leak in "iov".
ok jca@
|
#
52ef30a3 |
| 26-Aug-2020 |
florian <florian@openbsd.org> |
Set fastcgi socket default on server and location. This allows "fastcgi" directly inside of a server directive without giving specifying socket. OK tracey
|
#
9ea72f95 |
| 24-Aug-2020 |
tracey <tracey@openbsd.org> |
Add support for non-localhost fastcgi sockets.
Lots of review time kn@ Lots of review time, tweaks, and ok florian@
|
#
d8e56de2 |
| 03-Aug-2020 |
benno <benno@openbsd.org> |
remove dead assignments from Ross L Richardson <openbsd AT rlr DOT id DOT au>, Thanks ok claudio@
|
#
e95f05c9 |
| 08-May-2019 |
reyk <reyk@openbsd.org> |
spacing
|
#
03cb893c |
| 19-Feb-2019 |
pirofti <pirofti@openbsd.org> |
httpd(8): add support for setting custom FastCGI parameters.
This commit extends the existing grammar by adding the param option to the fastcgi directive: fastcgi param name value.
Example usage:
httpd(8): add support for setting custom FastCGI parameters.
This commit extends the existing grammar by adding the param option to the fastcgi directive: fastcgi param name value.
Example usage: fastcgi param VAR1 hello fastcgi param VAR2 world
With help and OK florian@ Rogue manpage bits, feel free to modify them.
show more ...
|
#
93038d14 |
| 20-Jun-2018 |
reyk <reyk@openbsd.org> |
Add support for simple one-off internal rewrites.
For example:
location match "/page/(%d+)/.*" { request rewrite "/static/index.php?id=%1&$QUERY_STRING" }
Requested by many.
Ok benno@
|
#
1d0dc528 |
| 19-May-2018 |
jsing <jsing@openbsd.org> |
Add support for client certificate authentication to httpd.
From Jack Burton <jack at saosce dot com dot au> - thanks!
Also tested by Jan Klemkow <j.klemkow at wemelug dot de>.
ok beck@ reyk@
|
#
88ad1069 |
| 19-Jul-2017 |
jsing <jsing@openbsd.org> |
Rework the way that TLS configuration is sent/received via imsgs, so that are no longer limited by the 16KB maximum size of a single imsg. Configuration data that is larger than a single message is n
Rework the way that TLS configuration is sent/received via imsgs, so that are no longer limited by the 16KB maximum size of a single imsg. Configuration data that is larger than a single message is now chunked and sent via multiple imsgs.
Prompted by a diff from Jack Burton <jack at saosce dot com dot au>.
ok reyk@
show more ...
|
#
a3d8d4e4 |
| 28-May-2017 |
benno <benno@openbsd.org> |
use __func__ in log messages. From Hiltjo Posthuma hiltjo -AT codemadness -DOT- org, thanks! ok florian, claudio
|
#
fe006a11 |
| 25-Mar-2017 |
claudio <claudio@openbsd.org> |
Implement TLS ticket support in httpd. Off by default. Use tls ticket lifetime default to turn it on with a 2h ticket lifetime. Rekeying happens after a quarter of that time. OK reky@ and bob@
|
#
e80948e2 |
| 06-Nov-2016 |
beck <beck@openbsd.org> |
Add OCSP stapling support to httpd ok jsing@ bcook@
|
#
93c3ddf9 |
| 12-Oct-2016 |
reyk <reyk@openbsd.org> |
Prevent fd exhaustion in the parent when loading the listening server sockets by sending the fd one-by-one. This allows to start httpd with max 32 server instances and many server sockets without ch
Prevent fd exhaustion in the parent when loading the listening server sockets by sending the fd one-by-one. This allows to start httpd with max 32 server instances and many server sockets without changing the default rlimits in any way.
OK rzalamena@
show more ...
|
#
29cf46cf |
| 01-Sep-2016 |
reyk <reyk@openbsd.org> |
The fork+exec diff broke "what?!", the ps_what field determines the configuration that has to be initialized in each process and was inherited from the parent instead of setting it everywhere. I'm s
The fork+exec diff broke "what?!", the ps_what field determines the configuration that has to be initialized in each process and was inherited from the parent instead of setting it everywhere. I'm surprised that it worked.
OK florian
show more ...
|
#
90ddef02 |
| 15-Aug-2016 |
jsing <jsing@openbsd.org> |
Use lowercase 'tls' in debug and log messages for consistency.
Requested by reyk@
|
#
90ba594d |
| 31-May-2016 |
jsing <jsing@openbsd.org> |
Unbreak compilation with -DDEBUG.
From Fabian Raetz <fabian dot raetz at gmail dot com>
|
#
a342d684 |
| 28-Apr-2016 |
jsing <jsing@openbsd.org> |
Simplify TLS configuration handling. Instead of matching by address/port, match by configuration ID. This also prevents a memory leak when there are multiple certificates specified for the same serve
Simplify TLS configuration handling. Instead of matching by address/port, match by configuration ID. This also prevents a memory leak when there are multiple certificates specified for the same server.
ok beck@
show more ...
|
#
f19e65be |
| 02-Dec-2015 |
reyk <reyk@openbsd.org> |
sync with relayd, use proc_compose()
|
#
4703e0fa |
| 20-Aug-2015 |
reyk <reyk@openbsd.org> |
Change httpd(8) to use C99-style fixed-width integers (uintN_t instead of u_intN_t) and replace u_int with unsigned int. Mixing both variants is a bad style and most contributors seem to prefer this
Change httpd(8) to use C99-style fixed-width integers (uintN_t instead of u_intN_t) and replace u_int with unsigned int. Mixing both variants is a bad style and most contributors seem to prefer this style; it also helps us to get used to it, portability, and standardization.
Theoretically no binary change, except one in practice: httpd.o has a different checksum because gcc with -O2 pads/optimizes "struct privsep" differently when using "unsigned int" instead "u_int" for the affected members. "u_int" is just a typedef of "unsigned int", -O0 doesn't build the difference and clang with -O2 doesn't do it either - it is just another curiosity from gcc-land.
OK semarie@
show more ...
|
#
52f7cd50 |
| 19-Jul-2015 |
reyk <reyk@openbsd.org> |
For the completeness of HSTS, add the non-standard preload option.
OK florian@
|
#
d24f6b1e |
| 18-Jul-2015 |
reyk <reyk@openbsd.org> |
Allow to change the default media type globally or per-location, eg. default type text/html.
OK florian@
|