diff options
| author | fhajny <fhajny@pkgsrc.org> | 2012-08-01 11:25:22 +0000 |
|---|---|---|
| committer | fhajny <fhajny@pkgsrc.org> | 2012-08-01 11:25:22 +0000 |
| commit | ed15a8e27f07e296f0c336ded43e1d8a2dca4d5f (patch) | |
| tree | 5f3a218ca711cbfce26c3ba9a4a72ff96047c747 /www | |
| parent | 4dd26e7b34ad7f29c1a7c488bde6e78f7001c2f7 (diff) | |
| download | pkgsrc-ed15a8e27f07e296f0c336ded43e1d8a2dca4d5f.tar.gz | |
Update www/lighttpd to 1.4.31.
Changes from 1.4.30
- [ssl] fix segfault in counting renegotiations for openssl versions
without TLSEXT/SNI (thx carpii for reporting)
- Move fdevent subsystem includes to implementation files to reduce
conflicts (fixes #2373)
- [mod_compress] fix handling if etags are disabled but cache-dir
is set - may lead to double response
- disable mmap by default (fixes #2391)
- buffer_caseless_compare: always convert letters to lowercase to get
transitive results, fixing array lookups (fixes #2405)
- Fix handling of empty header list entries in http_request_split_value,
fixing invalid read in valgrind (fixes #2413)
- Fix access log escaping of " and \\ (fixes #1551)
- [mod_auth] Fix digest "md5-sess" implementation (Errata ID 1649,
RFC 2617) (fixes #2410)
- [auth] Add "AUTH_TYPE" environment (for * cgi), remove fastcgi specific
workaround, add fastcgi test case (fixes #889)
- [mod_*cgi,mod_accesslog] Fix splitting :port with ipv6 (fixes #2333,
thx simoncpu)
- Detect multiple -f options: show error message instead of assert
(fixes #2416)
- [mod_extforward] Support ipv6 addresses (fixes #1889)
- [mod_redirect] Support url.redirect-code option (fixes #2247)
- Fix --enable-mmap handling in configure.ac
Changes from 1.4.29
- Always use our 'own' md5 implementation, fixes linking issues on MacOS
(fixes #2331)
- Limit amount of bytes we send in one go; fixes stalling in one connection
and timeouts on slow systems.
- [ssl] fix build errors when Elliptic-Curve Diffie-Hellman is disabled
- Add static-file.disable-pathinfo option to prevent handling of urls like
.../secret.php/image.jpg as static file
- Don't overwrite 401 (auth required) with 501 (unknown method) (fixes #2341)
- Fix mod_status bug: always showed "0/0" in the "Read" column for uploads
(fixes #2351)
- [mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362)
- [ssl] count renegotiations to prevent client renegotiations
- [ssl] add option to honor server cipher order (fixes #2364, BEAST attack)
- [core] accept dots in ipv6 addresses in host header (fixes #2359)
- [ssl] fix ssl connection aborts if files are larger than
the MAX_WRITE_LIMIT (256kb)
- [libev/cgi] fix waitpid ECHILD errors in cgi with libev (fixes #2324)
Diffstat (limited to 'www')
| -rw-r--r-- | www/lighttpd/Makefile | 24 | ||||
| -rw-r--r-- | www/lighttpd/distinfo | 10 | ||||
| -rw-r--r-- | www/lighttpd/patches/patch-aa | 15 | ||||
| -rw-r--r-- | www/lighttpd/patches/patch-doc_config_lighttpd.conf | 49 |
4 files changed, 75 insertions, 23 deletions
diff --git a/www/lighttpd/Makefile b/www/lighttpd/Makefile index cad67460de4..1b083c73ce6 100644 --- a/www/lighttpd/Makefile +++ b/www/lighttpd/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.32 2012/03/03 00:14:06 wiz Exp $ +# $NetBSD: Makefile,v 1.33 2012/08/01 11:25:22 fhajny Exp $ -DISTNAME= lighttpd-1.4.29 -PKGREVISION= 4 +DISTNAME= lighttpd-1.4.31 CATEGORIES= www MASTER_SITES= http://download.lighttpd.net/lighttpd/releases-1.4.x/ EXTRACT_SUFX= .tar.bz2 @@ -32,9 +31,28 @@ CNFS= ${CNFS_cmd:sh} CONF_FILES+= ${EGDIR}/${file:Q} ${PKG_SYSCONFDIR}/${file:Q} .endfor +BUILD_DEFS+= VARBASE LIGHTTPD_LOGDIR LIGHTTPD_STATEDIR +BUILD_DEFS+= LIGHTTPD_USER LIGHTTPD_GROUP + +.include "../../mk/bsd.prefs.mk" + +LIGHTTPD_LOGDIR?= ${VARBASE}/log/lighttpd +LIGHTTPD_STATEDIR?= ${VARBASE}/run +LIGHTTPD_USER?= lighttpd +LIGHTTPD_GROUP?= lighttpd + INSTALLATION_DIRS= ${DOCDIR} ${EGDIR} ${EGDIR}/conf.d ${EGDIR}/vhosts.d OWN_DIRS= ${PKG_SYSCONFDIR}/conf.d OWN_DIRS+= ${PKG_SYSCONFDIR}/vhosts.d +OWN_DIRS_PERMS= ${LIGHTTPD_LOGDIR} ${LIGHTTPD_USER} ${LIGHTTPD_GROUP} 0755 +OWN_DIRS+= ${LIGHTTPD_STATEDIR} + +SUBST_CLASSES+= path +SUBST_MESSAGE.path= Fixing config file paths +SUBST_STAGE.path= pre-configure +SUBST_FILES.path= doc/config/lighttpd.conf +SUBST_VARS.path= LIGHTTPD_LOGDIR LIGHTTPD_STATEDIR LIGHTTPD_USER \ + LIGHTTPD_GROUP PKG_SYSCONFDIR post-install: set -e; cd ${WRKSRC}/doc; \ diff --git a/www/lighttpd/distinfo b/www/lighttpd/distinfo index 43f7c6be2ad..a5a9a0742d5 100644 --- a/www/lighttpd/distinfo +++ b/www/lighttpd/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.21 2011/11/30 11:13:59 drochner Exp $ +$NetBSD: distinfo,v 1.22 2012/08/01 11:25:22 fhajny Exp $ -SHA1 (lighttpd-1.4.29.tar.bz2) = fe8ee6dc5f5302bffef905fcdf0b35f255e59b32 -RMD160 (lighttpd-1.4.29.tar.bz2) = d4369e8970001d2ebe4e49767053c341c4bd2f27 -Size (lighttpd-1.4.29.tar.bz2) = 659974 bytes -SHA1 (patch-aa) = 12969ff0e488494e83188ba8130466c8d7e0275e +SHA1 (lighttpd-1.4.31.tar.bz2) = fadfd4bd25d794536ea646fa376caee6a105368e +RMD160 (lighttpd-1.4.31.tar.bz2) = 4d1669269c787928388daf3dd4e99f2760db1d43 +Size (lighttpd-1.4.31.tar.bz2) = 675275 bytes +SHA1 (patch-doc_config_lighttpd.conf) = 1f5d884ec3cc9ee1ec18b51f0d25ca2a7aae0b8c diff --git a/www/lighttpd/patches/patch-aa b/www/lighttpd/patches/patch-aa deleted file mode 100644 index bf1cc720e00..00000000000 --- a/www/lighttpd/patches/patch-aa +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-aa,v 1.11 2011/11/30 11:13:59 drochner Exp $ - -CVE-2011-4362 - ---- src/http_auth.c.orig 2011-04-24 15:44:59.000000000 +0000 -+++ src/http_auth.c -@@ -95,7 +95,7 @@ static unsigned char * base64_decode(buf - ch = in[0]; - /* run through the whole string, converting as we go */ - for (i = 0; i < in_len; i++) { -- ch = in[i]; -+ ch = (unsigned char) in[i]; - - if (ch == '\0') break; - diff --git a/www/lighttpd/patches/patch-doc_config_lighttpd.conf b/www/lighttpd/patches/patch-doc_config_lighttpd.conf new file mode 100644 index 00000000000..bfa1eb07e22 --- /dev/null +++ b/www/lighttpd/patches/patch-doc_config_lighttpd.conf @@ -0,0 +1,49 @@ +$NetBSD: patch-doc_config_lighttpd.conf,v 1.1 2012/08/01 11:25:22 fhajny Exp $ + +Sane defaults. +--- doc/config/lighttpd.conf.orig 2010-07-11 17:01:32.000000000 +0000 ++++ doc/config/lighttpd.conf +@@ -13,11 +13,11 @@ + ## if you add a variable here. Add the corresponding variable in the + ## chroot example aswell. + ## +-var.log_root = "/var/log/lighttpd" ++var.log_root = "@LIGHTTPD_LOGDIR@" + var.server_root = "/srv/www" +-var.state_dir = "/var/run" ++var.state_dir = "@LIGHTTPD_STATEDIR@" + var.home_dir = "/var/lib/lighttpd" +-var.conf_dir = "/etc/lighttpd" ++var.conf_dir = "@PKG_SYSCONFDIR@" + + ## + ## run the server chrooted. +@@ -101,8 +101,8 @@ server.use-ipv6 = "enable" + ## Run as a different username/groupname. + ## This requires root permissions during startup. + ## +-server.username = "lighttpd" +-server.groupname = "lighttpd" ++server.username = "@LIGHTTPD_USER@" ++server.groupname = "@LIGHTTPD_GROUP@" + + ## + ## enable core files. +@@ -178,7 +178,7 @@ include "conf.d/debug.conf" + ## + ## linux-sysepoll is recommended on kernel 2.6. + ## +-server.event-handler = "linux-sysepoll" ++#server.event-handler = "linux-sysepoll" + + ## + ## The basic network interface for all platforms at the syscalls read() +@@ -188,7 +188,7 @@ server.event-handler = "linux-sysepoll" + ## linux-sendfile - is recommended for small files. + ## writev - is recommended for sending many large files + ## +-server.network-backend = "linux-sendfile" ++#server.network-backend = "linux-sendfile" + + ## + ## As lighttpd is a single-threaded server, its main resource limit is |