Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
50 check-ins occurring around f3ab410243c2906c.
|
2022-01-16
| ||
| 20:24 | Document how to run HTTPS from XINETD. ... (check-in: 546e540753 user: drh tags: trunk) | |
| 13:43 | Only include the OpenSSL version information in the SERVER_SOFTWARE CGI variable when althttpd is itself handling the TLS. ... (check-in: 9936a7eb71 user: drh tags: trunk) | |
| 13:28 | Include the OpenSSL version information in SERVER_SOFTWARE for TLS-enabled builds. ... (check-in: 5304d7e035 user: drh tags: trunk) | |
| 12:37 | Minor comment and documentation fixes. Increase the buffer size for althttp_printf() to 10K. ... (check-in: 3693df13df user: drh tags: trunk) | |
| 12:06 | Make the default version number 2.0, even if the version number is not set by the Makefile. Avoid an unnecessary memory allocation. ... (check-in: da83441048 user: drh tags: trunk) | |
| 03:25 | Removed manual tracking of SSL is-EOF (unnecessary), call Malfunction() if tls_gets() fails, and remove dangling tls_close_conn() calls after Redirect() calls, as those broke TLS redirects. ... (check-in: 0a03b61432 user: stephan tags: trunk) | |
| 02:58 | Default zHttpScheme to "http" so that redirects from /dir/ to /dir/index work in HTTP mode. Those same redirects in HTTPS are breaking with SSL errors ("invalid response") with or without this change. ... (check-in: f89d874075 user: stephan tags: trunk) | |
| 01:22 | Added version-related #defines, the SERVER_SOFTWARE CGI var, and the --version CLI flag. ... (check-in: b28a5df461 user: stephan tags: trunk) | |
|
2022-01-15
| ||
| 22:18 | Allow a keep-alive HTTP response when using TLS. ... (check-in: d21ce864c1 user: drh tags: trunk) | |
| 22:03 | Combine duplicate variables zHttp and zHttpScheme. Use just the latter. Other similar simplifications. ... (check-in: ce9ca4c2e0 user: drh tags: trunk) | |
| 20:05 | Ensure that the HTTPS and HTTP_SCHEME CGI variables are sent to SCGI programs. ... (check-in: f09e4e9bbd user: drh tags: trunk) | |
| 19:26 | Simplify POST data handling. POST data is now held exclusively in memory. The /tmp/-post-data-XXXXX temporary files are no longer needed. ... (check-in: 8b26e73486 user: drh tags: trunk) | |
| 17:29 | Markdown typo fix. ... (check-in: ac0938b0d1 user: stephan tags: trunk) | |
| 17:25 | Added contrib/dir-browser-cgi, a basic directory-browsing CGI for althttpd. ... (check-in: ec77434469 user: stephan tags: trunk) | |
| 16:20 | Initial go at adding a version number via a generated header and setting SERVER_SOFTWARE based on that header. Whether we want this approach or to pass all of this state along in the CPPFLAGS is as yet undecided. ... (Closed-Leaf check-in: 7242ebbe3e user: stephan tags: add-version) | |
| 15:21 | Remove the forceClose=1 from ProcessOneRequest() in TLS mode (seems to have no effect). Call Malfunction() if tls_read_server() has a read error. ... (check-in: ef1ffc3607 user: stephan tags: trunk) | |
| 14:54 | Add "/index" to the list of known index/home pages/CGIs, per /chat discussion. ... (check-in: d59cf0a83e user: stephan tags: trunk) | |
| 14:42 | Omit the --tls flag. Achieve the same functionality using "--cert builtin". ... (check-in: e3659060a9 user: drh tags: trunk) | |
| 14:39 | Refactor and simplify CGI handling such that as much work as possible is shifted into the child process, and in particular so that the parent process does not mess with file descriptors 0 or 1 (as doing so can confuse OpenSSL). ... (check-in: 09b97157ff user: drh tags: trunk) | |
| 13:40 | Removed stderr debug output. ... (check-in: 8edc94a656 user: stephan tags: trunk) | |
| 13:35 | tls_read_server() now loops over its input, as SSL_read() only reads in, at most, 16kb chunks. Resolves truncated POST data issue. ... (check-in: 10301148a9 user: stephan tags: trunk) | |
| 06:39 | Internal API doc correction. ... (Closed-Leaf check-in: e280f903b8 user: stephan tags: cert-builtin-flag) | |
| 06:31 | --cert builtin is now used to explicitly enable the builtin self-signed cert. Removed now-redundant -tls 1 flag. Corrected StartResponse() to use HTTP/1.1 as a response prefix when it would otherwise be NULL due to Malfunction() being called during certificate initialization. ... (check-in: b7e8f6c8a3 user: stephan tags: cert-builtin-flag) | |
| 03:47 | s/ENABLE_SSL/ENABLE_TLS/ ... (check-in: c8e4f08536 user: stephan tags: trunk) | |
|
2022-01-14
| ||
| 18:52 | Add TLS support. ... (check-in: f3ab410243 user: drh tags: trunk) | |
| 16:22 | Update the documentation for the latest changes. ... (Closed-Leaf check-in: cac7c08dbe user: drh tags: tls-support) | |
| 15:43 | Rename the --tls-cert-file option to just --cert. Add the new --pkey option that gives the ability to keep the private key in a separate file. ... (check-in: 78a747ad91 user: drh tags: tls-support) | |
| 14:22 | Minor comment and code formatting cleanup. ... (check-in: 2f7c76d9fe user: drh tags: tls-support) | |
|
2022-01-10
| ||
| 07:22 | Replaced a call to SSL_CTX_use_certificate_file() with SSL_CTX_use_certificate_chain_file(), per [https://fossil-scm.org/forum/forumpost/054f637e002683e3 | fossil forum post 054f637e002683e3]. ... (check-in: 83196564d0 user: stephan tags: tls-support) | |
|
2022-01-08
| ||
| 17:12 | Close the input FILE handle for NPH CGIs, as is done for non-NPH CGIs. ... (check-in: 222d466acc user: stephan tags: tls-support) | |
| 15:01 | Minor doc/comment updates. ... (check-in: 4b7b64c356 user: stephan tags: tls-support) | |
| 14:50 | Removed some dead code. Doc updates. tls_gets() now sets the atEof flag if it reaches EOF, as tsl_read_server() does. ... (check-in: 11781d0061 user: stephan tags: tls-support) | |
| 10:30 | Removed the MARKER debug bits. Added some comments. ... (check-in: 0370441d4f user: stephan tags: tls-support) | |
| 09:52 | Minor doc addition. ... (check-in: 035e0ca106 user: stephan tags: tls-support) | |
| 09:50 | Fixed non-parsed-header CGI output to work in TLS mode. ... (check-in: 788d45bd22 user: stephan tags: tls-support) | |
| 09:38 | Removed an unused var which was part of the popen2() bits. ... (check-in: 82f7f775fb user: stephan tags: tls-support) | |
| 08:17 | Seem to have found the magic needed to POST over the SSL connection, by propagating the socket ID from http_server() through to ProcessOneRequest() to pass it on to the SSL connection init. Untested with SCGI and fails for unknown reasons (SSL-specific error) for nph- scripts (but that might be my own misuse of that format). Removed superfluous popen2() bits. ... (check-in: dcc654cf3e user: stephan tags: tls-support) | |
| 00:38 | Ported in popen2() from fossil as an alternative way to launch CGIs, but the behavior is identical: TLS writes to POSTed CGIs fail with a bad file descriptor error. ... (check-in: c9216a6a82 user: stephan tags: tls-support) | |
|
2022-01-07
| ||
| 20:49 | Removed some dead code. Re-added static qualifier to Malfunction(). ... (check-in: deba23006a user: stephan tags: tls-support) | |
| 19:48 | Changed %Z to GMT in Rfc822Date(), per [/forumpost/c2777e3a72516e80 | forum dicussion c2777e3a72516e80]. It is not changed in the log file because that one is not consumed by 3rd-party apps which dislike "UTC" as the %Z string. Addresses ticket [e5a308564b4af739]. ... (check-in: c9214e8e48 user: stephan tags: tls-support) | |
| 19:26 | Doc and debug output updates. ... (check-in: 5b85958f52 user: stephan tags: tls-support) | |
| 09:32 | Debug output and assert() tweaks. ... (check-in: 92106c1bf3 user: stephan tags: tls-support) | |
| 09:17 | Made --https 2 an alias for --tls 1. SSL_write() is failing when writing out CGI POST responses for as-yet-unknown reasons (but works when posting to static files). Doc updates. ... (check-in: 18e3738dc4 user: stephan tags: tls-support) | |
| 08:00 | Corrected CGI output to go through althttpd_fwrite() instead of althttpd_printf(). ... (check-in: 3459ef5a98 user: stephan tags: tls-support) | |
| 07:29 | Removed an unnecessary level of althttpd_printf() abstraction when building without TLS support. ... (check-in: d2392b3dd4 user: stephan tags: tls-support) | |
| 07:24 | Added i/o infastructure for TLS. Non-TLS mode output seems to still work (static content and CGI tested) but TLS output is still 100% untested, as is inbound POSTed data in non-TLS mode. ... (check-in: 80f748e288 user: stephan tags: tls-support) | |
| 05:37 | Initial work on porting fossil's SSL support into althttp(s)d. Still much to do here. ... (check-in: cb7f045db0 user: stephan tags: tls-support) | |
| 03:53 | Minor doc fixes and additions in prep for attempting to add TLS support. ... (check-in: 3ac491657b user: stephan tags: tls-support) | |
|
2021-08-14
| ||
| 17:29 | Add missing va_end(). Ticket [0c1e9179be76a8c7]. ... (check-in: e28dea565e user: drh tags: trunk) | |
|
2021-06-09
| ||
| 10:26 | Fix typo in the althttpd.md document. ... (check-in: 0d3b5e232c user: drh tags: trunk) | |