Fixes a number of security issues and adds support for PUT/DELETE. From the
release mail:
<snip>
Stephen Röttger reported a number of security bugs, the most serious of
which is a potential heap overflow in sliding_buffer.c (file uploads).
There is a potential for remote code execution.
At the same time, I've made an *experimental* change to allow RESTful
API's possible:
* PUT and DELETE methods are handled by the POST and GET handlers.
* For mostly historical reasons, data on the URI is still called
GET.<var>, and data in the body is named POST.<var>
* If the Content-Type is not "application/x-www-form-urlencoded", Haserl
won't try to urldecode the POST contents - it will just put the body in
POST.body verbatim.
</snip>
The lua handling now uses pkg-config, so adjust the code to match.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
f86ec0b67f