diff options
Diffstat (limited to 'www-servers')
9 files changed, 10 insertions, 429 deletions
diff --git a/www-servers/lighttpd/ChangeLog b/www-servers/lighttpd/ChangeLog index 9753e726ff27..2f77ceb76a8c 100644 --- a/www-servers/lighttpd/ChangeLog +++ b/www-servers/lighttpd/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for www-servers/lighttpd # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/ChangeLog,v 1.280 2012/08/11 18:27:05 blueness Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/ChangeLog,v 1.281 2012/08/11 20:33:38 hwoarang Exp $ + + 11 Aug 2012; Markos Chandras <hwoarang@gentoo.org> + -files/1.4.25-fix-CVE-2010-0295.patch, + -files/1.4.25-fix-unknown-AM_SILENT_RULES.patch, + -files/1.4.26-fix-ssl-return-check-r2716.patch, + -files/lighttpd-1.4.28-detect-libev.patch, + -files/lighttpd-1.4.29-ssl-no-ecdh.patch, -files/lighttpd.initd-1.4.13-r3, + -files/spawn-fcgi.confd, -files/spawn-fcgi.initd: + Remove obsolete files from FILESDIR 11 Aug 2012; Anthony G. Basile <blueness@gentoo.org> lighttpd-1.4.31.ebuild: Stable ppc ppc64, bug #430902 @@ -1507,4 +1516,3 @@ 23 Apr 2004; Stuart Herbert <stuart@gentoo.org> lighttpd-1.1.8.ebuild, files/lighttpd-1.1.8-gentoo.diff, files/lighttpd.initd: Initial import; thanks to Boris <sirro@nurfuerspam.de>; see bug #46833 - diff --git a/www-servers/lighttpd/files/1.4.25-fix-CVE-2010-0295.patch b/www-servers/lighttpd/files/1.4.25-fix-CVE-2010-0295.patch deleted file mode 100644 index fcac31887872..000000000000 --- a/www-servers/lighttpd/files/1.4.25-fix-CVE-2010-0295.patch +++ /dev/null @@ -1,211 +0,0 @@ -Index: branches/lighttpd-1.4.x/src/base.h -=================================================================== ---- branches/lighttpd-1.4.x/src/base.h (revision 2709) -+++ branches/lighttpd-1.4.x/src/base.h (revision 2710) -@@ -431,7 +431,6 @@ - - #ifdef USE_OPENSSL - SSL *ssl; -- buffer *ssl_error_want_reuse_buffer; - # ifndef OPENSSL_NO_TLSEXT - buffer *tlsext_server_name; - # endif -Index: branches/lighttpd-1.4.x/src/connections.c -=================================================================== ---- branches/lighttpd-1.4.x/src/connections.c (revision 2709) -+++ branches/lighttpd-1.4.x/src/connections.c (revision 2710) -@@ -192,40 +192,42 @@ - - static int connection_handle_read_ssl(server *srv, connection *con) { - #ifdef USE_OPENSSL -- int r, ssl_err, len, count = 0; -+ int r, ssl_err, len, count = 0, read_offset, toread; - buffer *b = NULL; - - if (!con->conf.is_ssl) return -1; - -- /* don't resize the buffer if we were in SSL_ERROR_WANT_* */ -- - ERR_clear_error(); - do { -- if (!con->ssl_error_want_reuse_buffer) { -- b = buffer_init(); -- buffer_prepare_copy(b, SSL_pending(con->ssl) + (16 * 1024)); /* the pending bytes + 16kb */ -+ if (NULL != con->read_queue->last) { -+ b = con->read_queue->last->mem; -+ } - -+ if (NULL == b || b->size - b->used < 1024) { -+ b = chunkqueue_get_append_buffer(con->read_queue); -+ len = SSL_pending(con->ssl); -+ if (len < 4*1024) len = 4*1024; /* always alloc >= 4k buffer */ -+ buffer_prepare_copy(b, len + 1); -+ - /* overwrite everything with 0 */ - memset(b->ptr, 0, b->size); -- } else { -- b = con->ssl_error_want_reuse_buffer; - } - -- len = SSL_read(con->ssl, b->ptr, b->size - 1); -- con->ssl_error_want_reuse_buffer = NULL; /* reuse it only once */ -+ read_offset = (b->used > 0) ? b->used - 1 : 0; -+ toread = b->size - 1 - read_offset; - -+ len = SSL_read(con->ssl, b->ptr + read_offset, toread); -+ - if (len > 0) { -- b->used = len; -+ if (b->used > 0) b->used--; -+ b->used += len; - b->ptr[b->used++] = '\0'; - -- /* we move the buffer to the chunk-queue, no need to free it */ -+ con->bytes_read += len; - -- chunkqueue_append_buffer_weak(con->read_queue, b); - count += len; -- con->bytes_read += len; -- b = NULL; - } -- } while (len > 0 && count < MAX_READ_LIMIT); -+ } while (len == toread && count < MAX_READ_LIMIT); - - - if (len < 0) { -@@ -234,11 +236,11 @@ - case SSL_ERROR_WANT_READ: - case SSL_ERROR_WANT_WRITE: - con->is_readable = 0; -- con->ssl_error_want_reuse_buffer = b; - -- b = NULL; -+ /* the manual says we have to call SSL_read with the same arguments next time. -+ * we ignore this restriction; no one has complained about it in 1.5 yet, so it probably works anyway. -+ */ - -- /* we have to steal the buffer from the queue-queue */ - return 0; - case SSL_ERROR_SYSCALL: - /** -@@ -297,16 +299,11 @@ - - connection_set_state(srv, con, CON_STATE_ERROR); - -- buffer_free(b); -- - return -1; - } else if (len == 0) { - con->is_readable = 0; - /* the other end close the connection -> KEEP-ALIVE */ - -- /* pipelining */ -- buffer_free(b); -- - return -2; - } - -@@ -321,26 +318,41 @@ - static int connection_handle_read(server *srv, connection *con) { - int len; - buffer *b; -- int toread; -+ int toread, read_offset; - - if (con->conf.is_ssl) { - return connection_handle_read_ssl(srv, con); - } - -+ b = (NULL != con->read_queue->last) ? con->read_queue->last->mem : NULL; -+ -+ /* default size for chunks is 4kb; only use bigger chunks if FIONREAD tells -+ * us more than 4kb is available -+ * if FIONREAD doesn't signal a big chunk we fill the previous buffer -+ * if it has >= 1kb free -+ */ - #if defined(__WIN32) -- b = chunkqueue_get_append_buffer(con->read_queue); -- buffer_prepare_copy(b, 4 * 1024); -- len = recv(con->fd, b->ptr, b->size - 1, 0); --#else -- if (ioctl(con->fd, FIONREAD, &toread) || toread == 0) { -+ if (NULL == b || b->size - b->used < 1024) { - b = chunkqueue_get_append_buffer(con->read_queue); - buffer_prepare_copy(b, 4 * 1024); -+ } -+ -+ read_offset = (b->used == 0) ? 0 : b->used - 1; -+ len = recv(con->fd, b->ptr + read_offset, b->size - 1 - read_offset, 0); -+#else -+ if (ioctl(con->fd, FIONREAD, &toread) || toread == 0 || toread <= 4*1024) { -+ if (NULL == b || b->size - b->used < 1024) { -+ b = chunkqueue_get_append_buffer(con->read_queue); -+ buffer_prepare_copy(b, 4 * 1024); -+ } - } else { - if (toread > MAX_READ_LIMIT) toread = MAX_READ_LIMIT; - b = chunkqueue_get_append_buffer(con->read_queue); - buffer_prepare_copy(b, toread + 1); - } -- len = read(con->fd, b->ptr, b->size - 1); -+ -+ read_offset = (b->used == 0) ? 0 : b->used - 1; -+ len = read(con->fd, b->ptr + read_offset, b->size - 1 - read_offset); - #endif - - if (len < 0) { -@@ -374,7 +386,8 @@ - con->is_readable = 0; - } - -- b->used = len; -+ if (b->used > 0) b->used--; -+ b->used += len; - b->ptr[b->used++] = '\0'; - - con->bytes_read += len; -@@ -850,13 +863,6 @@ - /* The cond_cache gets reset in response.c */ - /* config_cond_cache_reset(srv, con); */ - --#ifdef USE_OPENSSL -- if (con->ssl_error_want_reuse_buffer) { -- buffer_free(con->ssl_error_want_reuse_buffer); -- con->ssl_error_want_reuse_buffer = NULL; -- } --#endif -- - con->header_len = 0; - con->in_error_handler = 0; - -@@ -1128,8 +1134,15 @@ - } else { - buffer *b; - -- b = chunkqueue_get_append_buffer(dst_cq); -- buffer_copy_string_len(b, c->mem->ptr + c->offset, toRead); -+ if (dst_cq->last && -+ dst_cq->last->type == MEM_CHUNK) { -+ b = dst_cq->last->mem; -+ } else { -+ b = chunkqueue_get_append_buffer(dst_cq); -+ /* prepare buffer size for remaining POST data; is < 64kb */ -+ buffer_prepare_copy(b, con->request.content_length - dst_cq->bytes_in + 1); -+ } -+ buffer_append_string_len(b, c->mem->ptr + c->offset, toRead); - } - - c->offset += toRead; -Index: branches/lighttpd-1.4.x/src/chunk.c -=================================================================== ---- branches/lighttpd-1.4.x/src/chunk.c (revision 2709) -+++ branches/lighttpd-1.4.x/src/chunk.c (revision 2710) -@@ -197,8 +197,6 @@ - int chunkqueue_append_buffer_weak(chunkqueue *cq, buffer *mem) { - chunk *c; - -- if (mem->used == 0) return 0; -- - c = chunkqueue_get_unused_chunk(cq); - c->type = MEM_CHUNK; - c->offset = 0; diff --git a/www-servers/lighttpd/files/1.4.25-fix-unknown-AM_SILENT_RULES.patch b/www-servers/lighttpd/files/1.4.25-fix-unknown-AM_SILENT_RULES.patch deleted file mode 100644 index 2c72c6af3cc7..000000000000 --- a/www-servers/lighttpd/files/1.4.25-fix-unknown-AM_SILENT_RULES.patch +++ /dev/null @@ -1,18 +0,0 @@ -Allow to build on older automakes. this disables color output on tests, -but leaves the AM_SILENT_RULES intact for automakes which support this. - -Signed-off-by: Thilo Bangert <bangert@gentoo.org> - -diff -Naur lighttpd-1.4.25.orig/configure.ac lighttpd-1.4.25/configure.ac ---- lighttpd-1.4.25.orig/configure.ac 2009-11-25 10:27:12.000000000 +0100 -+++ lighttpd-1.4.25/configure.ac 2009-11-25 10:43:20.000000000 +0100 -@@ -8,7 +8,8 @@ - - AC_CANONICAL_TARGET - --AM_INIT_AUTOMAKE([-Wall -Wportability -Wno-override -Werror foreign dist-bzip2 tar-ustar silent-rules color-tests]) -+m4_pattern_allow([AM_SILENT_RULES]) -+AM_INIT_AUTOMAKE([-Wall -Wportability -Wno-override -Werror foreign dist-bzip2 tar-ustar]) - AM_SILENT_RULES - - # Checks for programs. diff --git a/www-servers/lighttpd/files/1.4.26-fix-ssl-return-check-r2716.patch b/www-servers/lighttpd/files/1.4.26-fix-ssl-return-check-r2716.patch deleted file mode 100644 index 1ef8a1c84a3c..000000000000 --- a/www-servers/lighttpd/files/1.4.26-fix-ssl-return-check-r2716.patch +++ /dev/null @@ -1,16 +0,0 @@ -fix check of return value -from upstream svn repo - -Index: network.c -=================================================================== ---- src/network.c (revision 2715) -+++ src/network.c (revision 2716) -@@ -525,7 +525,7 @@ - - if (!s->ssl_use_sslv2) { - /* disable SSLv2 */ -- if (SSL_OP_NO_SSLv2 != SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2)) { -+ if (!(SSL_OP_NO_SSLv2 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2))) { - log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:", - ERR_error_string(ERR_get_error(), NULL)); - return -1; diff --git a/www-servers/lighttpd/files/lighttpd-1.4.28-detect-libev.patch b/www-servers/lighttpd/files/lighttpd-1.4.28-detect-libev.patch deleted file mode 100644 index c1934eacb4f4..000000000000 --- a/www-servers/lighttpd/files/lighttpd-1.4.28-detect-libev.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: lighttpd-1.4.28/configure.ac -=================================================================== ---- lighttpd-1.4.28.orig/configure.ac -+++ lighttpd-1.4.28/configure.ac -@@ -105,7 +105,7 @@ if test "$WITH_LIBEV" != "no"; then - LIBEV_LIBS="-L$WITH_LIBEV/lib -lev" - else - AC_CHECK_HEADERS([ev.h],[ -- AC_CHECK_LIB([ev], [ev_loop], [ -+ AC_CHECK_LIB([ev], [ev_time], [ - LIBEV_CFLAGS="" - LIBEV_LIBS="-lev" - ],[ diff --git a/www-servers/lighttpd/files/lighttpd-1.4.29-ssl-no-ecdh.patch b/www-servers/lighttpd/files/lighttpd-1.4.29-ssl-no-ecdh.patch deleted file mode 100644 index cff9e61895ab..000000000000 --- a/www-servers/lighttpd/files/lighttpd-1.4.29-ssl-no-ecdh.patch +++ /dev/null @@ -1,16 +0,0 @@ -Index: src/network.c -=================================================================== ---- src/network.c (revision 2801) -+++ src/network.c (revision 2802) -@@ -480,9 +480,11 @@ - network_backend_t backend; - - #if OPENSSL_VERSION_NUMBER >= 0x0090800fL -+#ifndef OPENSSL_NO_ECDH - EC_KEY *ecdh; - int nid; - #endif -+#endif - - #ifdef USE_OPENSSL - DH *dh; diff --git a/www-servers/lighttpd/files/lighttpd.initd-1.4.13-r3 b/www-servers/lighttpd/files/lighttpd.initd-1.4.13-r3 deleted file mode 100644 index 124becec7f79..000000000000 --- a/www-servers/lighttpd/files/lighttpd.initd-1.4.13-r3 +++ /dev/null @@ -1,67 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2012 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/lighttpd.initd-1.4.13-r3,v 1.4 2012/01/01 00:03:47 idl0r Exp $ - -extra_started_commands="reload graceful" - -depend() { - need net - use mysql logger spawn-fcgi ldap slapd netmount dns - after famd - after sshd -} - -checkconfig() { - if [ ! -f "${LIGHTTPD_CONF}" ] ; then - ewarn "${LIGHTTPD_CONF} does not exist." - return 1 - fi - - /usr/sbin/lighttpd -t -f ${LIGHTTPD_CONF} >/dev/null -} - -start() { - checkconfig || return 1 - - ebegin "Starting lighttpd" - start-stop-daemon --start --quiet --exec /usr/sbin/lighttpd \ - --pidfile "${LIGHTTPD_PID}" -- -f "${LIGHTTPD_CONF}" - eend $? -} - -stop() { - local rv=0 - ebegin "Stopping lighttpd" - start-stop-daemon --stop --quiet --pidfile "${LIGHTTPD_PID}" - eend $? -} - -reload() { - if ! service_started "${SVCNAME}" ; then - eerror "${SVCNAME} isn't running" - return 1 - fi - checkconfig || return 1 - - ebegin "Re-opening lighttpd log files" - start-stop-daemon --quiet --pidfile "${LIGHTTPD_PID}" \ - --signal HUP - eend $? -} - -graceful() { - if ! service_started "${SVCNAME}" ; then - eerror "${SVCNAME} isn't running" - return 1 - fi - checkconfig || return 1 - - ebegin "Gracefully stopping lighttpd" - start-stop-daemon --quiet --pidfile "${LIGHTTPD_PID}" \ - --signal INT - if eend $? ; then - rm -f "${LIGHTTPD_PID}" - start - fi -} diff --git a/www-servers/lighttpd/files/spawn-fcgi.confd b/www-servers/lighttpd/files/spawn-fcgi.confd deleted file mode 100644 index 2a88806ae0d4..000000000000 --- a/www-servers/lighttpd/files/spawn-fcgi.confd +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright 1999-2004 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/spawn-fcgi.confd,v 1.1 2005/02/14 11:39:01 ka0ttic Exp $ - -# Configuration file for the FCGI-Part of /etc/init.d/lighttpd - -## Set this to "yes" to enable SPAWNFCGI -ENABLE_SPAWNFCGI="yes" - -## ABSOLUTE path to the spawn-fcgi binary -SPAWNFCGI="/usr/bin/spawn-fcgi" - -## ABSOLUTE path to the PHP binary -FCGIPROGRAM="/usr/bin/php-cgi" - -## bind to tcp-port on localhost -FCGIPORT="1026" - -## number of PHP childs to spawn -PHP_FCGI_CHILDREN=5 - -## number of request server by a single php-process until is will be restarted -PHP_FCGI_MAX_REQUESTS=1000 - -## IP adresses where PHP should access server connections from -FCGI_WEB_SERVER_ADDRS="127.0.0.1" - -# allowed environment variables sperated by spaces -ALLOWED_ENV="PATH USER" -# do NOT change line below -ALLOWED_ENV="$ALLOWED_ENV PHP_FCGI_MAX_REQUESTS FCGI_WEB_SERVER_ADDRS" - -## if this script is run as root switch to the following user -USERID=lighttpd -GROUPID=lighttpd diff --git a/www-servers/lighttpd/files/spawn-fcgi.initd b/www-servers/lighttpd/files/spawn-fcgi.initd deleted file mode 100644 index 63daa75081f9..000000000000 --- a/www-servers/lighttpd/files/spawn-fcgi.initd +++ /dev/null @@ -1,51 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2004 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/spawn-fcgi.initd,v 1.2 2007/04/02 12:46:08 uberlord Exp $ - -SPAWNFCGI_PID="/var/run/spawn-fcgi.pid" - -depend() { - need net -} - -start() { - local my_end - - ebegin "Starting spawn-fcgi" - export PHP_FCGI_MAX_REQUESTS FCGI_WEB_SERVER_ADDRS - - EX="${SPAWNFCGI} -p ${FCGIPORT} -f ${FCGIPROGRAM} -u ${USERID} \ - -g ${GROUPID} -C ${PHP_FCGI_CHILDREN}" - - # copy the allowed environment variables - unset E - for i in ${ALLOWED_ENV}; do - E="${E} ${i}=${!i}" - done - - # clean environment and set up a new one - env - ${E} ${EX} 2>${SPAWNFCGI_PID} - my_end=$? - if [ "$my_end" != "0" ]; then - [ -f ${SPAWNFCGI_PID} ] && rm -f ${SPAWNFCGI_PID} - eend $my_end - fi - - #extract parent-process-id and write it back to the file - FCGI_PPID=`cat ${SPAWNFCGI_PID} | cut -d':' -f4` - echo ${FCGI_PPID} > ${SPAWNFCGI_PID} - eend 0 -} - -stop() { - ebegin "Stopping spawn-fcgi" - if ! kill `cat ${SPAWNFCGI_PID}` ; then - eend $? - return 1 - fi - if [ -w ${SPAWNFCGI_PID} ]; then - rm ${SPAWNFCGI_PID} - fi - eend 0 -} |