The NetBSD Project

CVS log for pkgsrc/www/lighttpd/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / www / lighttpd

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.118 / (download) - annotate - [select for diffs], Wed Jan 4 09:37:37 2023 UTC (3 weeks, 6 days ago) by wiz
Branch: MAIN
CVS Tags: HEAD
Changes since 1.117: +2 -3 lines
Diff to previous 1.117 (colored)

lighttpd: update to 1.4.68.

Important changes:
* stronger TLS defaults (as previously announced)
* KTLS sendfile in mod_openssl and mod_gnutls, if available and enabled
* removal of deprecated modules

Revision 1.117 / (download) - annotate - [select for diffs], Wed Nov 23 16:21:20 2022 UTC (2 months, 1 week ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q4-base, pkgsrc-2022Q4
Changes since 1.116: +2 -2 lines
Diff to previous 1.116 (colored)

massive revision bump after textproc/icu update

Revision 1.116 / (download) - annotate - [select for diffs], Wed Oct 26 10:32:04 2022 UTC (3 months ago) by wiz
Branch: MAIN
Changes since 1.115: +2 -1 lines
Diff to previous 1.115 (colored)

*: bump PKGREVISION for libunistring shlib major bump

Revision 1.115 / (download) - annotate - [select for diffs], Sun Sep 18 11:29:15 2022 UTC (4 months, 1 week ago) by schmonz
Branch: MAIN
CVS Tags: pkgsrc-2022Q3-base, pkgsrc-2022Q3
Changes since 1.114: +2 -3 lines
Diff to previous 1.114 (colored)

Update to 1.4.67. From the changelog:

* Update comment about TCP_INFO on OpenBSD
* [mod_ajp13] fix crash with bad response headers (fixes #3170)
* [core] handle RDHUP when collecting chunked body
* [core] tweak streaming request body to backends
* [core] handle ENOSPC with pwritev() (#3171)
* [core] manually calculate off_t max (fixes #3171)
* [autoconf] force large file support (#3171)
* [multiple] quiet coverity warnings using casts
* [meson] add license keyword to project declaration

Revision 1.114 / (download) - annotate - [select for diffs], Thu Aug 11 06:41:58 2022 UTC (5 months, 3 weeks ago) by wiz
Branch: MAIN
Changes since 1.113: +2 -1 lines
Diff to previous 1.113 (colored)

*: recursive PKGREVISION bump for mbedtls shlib major increases

Revision 1.113 / (download) - annotate - [select for diffs], Tue Aug 9 14:19:22 2022 UTC (5 months, 3 weeks ago) by schmonz
Branch: MAIN
Changes since 1.112: +2 -3 lines
Diff to previous 1.112 (colored)

Update to 1.4.66. From the changelog:

* [core] h2: optim: send window update in 16k units
* [mod_magnet] reset for http-response-send-file
* [multiple] fix json encoding
* [core] buffer_append_bs_escaped_json()
* [autoconf] update ax_prog_cc_for_build.m4
* [doc] add libdeflate to INSTALL
* [mod_webdav] cold func if xml reqbody w/o db conf
* [mod_webdav] check reqbody Content-Type is XML
* [doc] more consistent use of vars in examples
* [core] do not load indexfile, dirlisting if unused
* [mod_dirlisting] send ETag, Cache-Control w/ cache
* [mod_openssl] compile compat w/ openssl < 1.1.0
* [mod_webdav] webdav_reqbody_type_xml() fixes
* [core] clarify server.username = "root" error msg
* [mod_wolfssl] compat with older wolfssl versions
* [core] fix li_base64_dec() on whitespace
* [core] perf tweak buffer_eq_icase_ssn()
* [mod_deflate] fix use of libdeflate for files>128k (fixes #3161)
* [core] fix buffer_substr_replace() extend (fixes #3160)
* [mod_webdav] build with Android NDK
* [core] check r->http_status before handling Range
* [core] preprocessor option to force crypto lib
* [core] fix SIGUSR1 graceful restart w/ TLS (fixes #3164)
* [mod_authn_gssapi] warn if no confidentiality flag (fixes #3163)
* [mod_wstunnel] fix crash with bad hybivers (fixes #3165)
* [core] perf: adjust max h2 stream send increment
* [core] fix HTTP/2 downloads >= 4GiB (fixes #3166)

Revision 1.112 / (download) - annotate - [select for diffs], Tue Jun 28 11:37:06 2022 UTC (7 months ago) by wiz
Branch: MAIN
Changes since 1.111: +2 -1 lines
Diff to previous 1.111 (colored)

*: recursive bump for perl 5.36

Revision 1.111 / (download) - annotate - [select for diffs], Mon Jun 13 15:34:54 2022 UTC (7 months, 2 weeks ago) by schmonz
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base, pkgsrc-2022Q2
Changes since 1.110: +2 -3 lines
Diff to previous 1.110 (colored)

Update to 1.4.65. From the changelog:

HIGHLIGHTS
* WebSockets over HTTP/2
  RFC 8441 Bootstrapping WebSockets with HTTP/2
* HTTP/2 PRIORITY_UPDATE
  RFC 9218 Extensible Prioritization Scheme for HTTP
* prefix/suffix conditions in lighttpd.conf
* mod_webdav safe partial-PUT
  webdav.opts += ("partial-put-copy-modify" => "enable")
* mod_accesslog option: accesslog.escaping = "json"
* mod_deflate libdeflate build option
* speed up request body uploads via HTTP/2

BEHAVIOR CHANGES:

* change default server.max-keep-alive-requests = 1000 to adjust
  to increasing HTTP/2 usage and to web2/web3 application usage
  (prior default was 100)
* mod_status HTML now includes HTTP/2 control stream id 0 in the output
  which contains aggregate counts for the HTTP/2 connection
  (These lines can be identified with URL '*', part of "PRI *" preface)
  alternative: https://wiki.lighttpd.net/ModMagnetExamples#lua-mod_status
* MIME type application/javascript is translated to text/javascript (RFC 9239)

Revision 1.110 / (download) - annotate - [select for diffs], Mon Apr 18 19:12:18 2022 UTC (9 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.109: +2 -1 lines
Diff to previous 1.109 (colored)

revbump for textproc/icu update

Revision 1.109 / (download) - annotate - [select for diffs], Wed Jan 19 21:41:48 2022 UTC (12 months, 1 week ago) by schmonz
Branch: MAIN
CVS Tags: pkgsrc-2022Q1-base, pkgsrc-2022Q1
Changes since 1.108: +2 -3 lines
Diff to previous 1.108 (colored)

Update to 1.4.64. From the changelog:

## Important changes

* remove deprecated modules, bugfixes, CVE-2022-22707 (rare configs)

## Behavior Changes

(previously announced and scheduled)

* graceful restart/shutdown timeout changed from 0 (disabled) to 8 seconds
  configure an alternative with:
  server.feature-flags += ("server.graceful-shutdown-timeout" => 8)

* build: lighttpd defaults to --with-pcre2 instead of --with-pcre
  pcre2 is current. pcre is no longer maintained.
  Explicitly specify --with-pcre in build to use pcre instead of pcre2.

* deprecated modules (previously announced) have been removed
  * mod_authn_mysql
  * mod_mysql_vhost
  * mod_cml
  * mod_flv_streaming
  * mod_geoip
  * mod_trigger_b4_dl

## Changes from 1.4.63

* [core] fix trace issued for loading mod_auth (fixes #3121)
* [meson] need -lrt with glibc < 2.17 (fixes #3120)
* [core] adjust time jump detection (fixes #3123)
* [core] make setrlimit() warn, not fatal
* [core] add remote IP to some error msgs (fixes #3122)
* [mod_webdav] If-None-Match on non-existent entity
* [build] check getxattr before attr_get and -lattr
* [doc] SELinux: setsebool -P httpd_setrlimit on
* [build] create sha512sum file with release
* [build] CI builds now use make -j 2
* [core] http_response_send_file() takes const path
* [core] use ETag response header to check cachable
* [core] add more const to stat_cache_update_entry()
* [multiple] remove r->physical.etag
* [mod_magnet] interface to http_response_send_file
* [build] add headers for sendfile() detect on MacOS
* [core] http_response_write_prepare optimization
* [core] define static_assert for uClibc (fixes #3127)
* [build] -Wno-implicit-fallthrough for ls-hpack
* [core] ignore pcre2 "bad JIT option" warning
* [build] pcre2: use pkg-config before pcre2-config
* [core] http_response_has_error_handler()
* [core] consolidate request restart loop check
* [core] defer retrieving Last-Modified until needed
* [mod_dirlisting] fix logic inversion in cache
* [core] mark expect cond in http_response_send_file
* [core] connection_handle_read_state() tweak
* [core] connection_state_machine_loop() tweaks
* [core] connection_state_machine_h2() tweaks
* [core] quiet coverity noise
* [core] use lower limit for max-fds if !setrlimit
* [build] do not check for prctl; HAVE_PRCTL unused
* [core] server.core-files support on FreeBSD (fixes #3128)
* [mod_extforward] support longer PROXY v2 TLV vec
* [mod_webdav] detect truncated copy_file_range()
* [mod_webdav] copy_file_range() new in FreeBSD 13
* [mod_webdav] copy_file_range() new in FreeBSD 13
* [build] feature consistency between build types
* [build] cmake build now defaults to C11
* [core] CCRandomGenerateBytes() for rand on macOS (fixes #3129)
* [multiple] remove long-deprecated modules
* [build] default --with-pcre2 unless --with-pcre
* [core] "server.graceful-shutdown-timeout" => 8
* [build] adjust trace for regex-conditionals
* [build] update tests/SConscript
* [core] errno_t detection on Illumos
* [build] cmake build now defaults to C11
* [build] meson: find pcre2 w/o pkg-config
* [core] define _EXTENSIONS_ on Illumos
* [build] cmake,meson socket libs for win32, Illumos (fixes #3130)
* [core] hide bsd_accept_filter code on OpenBSD (fixes #3131)
* [core] errno_t and rsize_t detection on Illumos
* [mod_webdav] copy acceleration
* [mod_webdav] define HAVE_RENAMEAT2 earlier
* [build] meson misdetects mempcpy on some platforms
* [build] cmake: skip "-Wl,-export-dynamic" Illumos
* [build] adjust .gitignore for macOS
* [build] meson crypt and dl detection on *BSD (fixes #3133)
* [core] /dev/null is a symlink on Illumos (fixes #3132)
* [core] server.core-files support for solaris (fixes #3135)
* [build] feature consistency between build types
* [build] Haiku build fix (fixes #3136)
* [lemon] silence coverity warnings
* [cmake] raise minimum version to 3.7
* [cmake] add address/undefined sanitize compile options
* [asan tests] fix memory leaks
* [array] use speaking names for array "fn" vtables for better debugging experience
* [ci] add cmake-asan build type
* [core] buffer_copy_string() use "" if s is NULL
* [mod_authn_gssapi] code reuse: fdevent_mkostemp()
* [mod_authn_gssapi] reduce KRB5CCNAME mem alloc
* [build] adjust help strings for pcre2 default
* [core] (const char *) for srvconf.modules_dir
* [multiple] remove buffer_init_string()
* [multiple] remove buffer_init_buffer()
* [mod_extforward] fix out-of-bounds (OOB) write (fixes #3134)
* [build] use -fstack-protector-strong w/ extra warn
* [build] collect Sun-specific headers and funcs
* [build] collect Sun-specific headers and funcs
* [build] rm redundant check for -lnetwork on Haiku
* [build] check headers before some funcs
* [core] allow LISTEN_PID to be ppid if TRACEME (fixes #3137)
* [core] allow tests/tmp/bind.conf override (#3137)
* [mod_webdav] no sys/ioctl.h on _WIN32
* [tests] _WIN32 adjustments in LightyTest.pm
* [tests] revert _WIN32 adjustments in LightyTest.pm
* [mod_gnutls] lift size check out of DN loop
* [mod_mbedtls] lift size check out of DN loop
* [mbedtls] save (mbedtls_ssl_config *) in hctx
* [multiple] permit UTF-8 in SSL_CLIENT_S_DN_*
* [mod_openssl] do not esc UTF-8 in cert subject
* [mod_mbedtls] reconstruct SSL_CLIENT_S_DN
* [mod_mbedtls] changes to build with mbedtls 3.0.0
* [mod_mbedtls] remove use of out_left in mbedtls 3
* [mod_mbedtls] mbedtls_ssl_conf_groups for 3.1.0

pkgsrc changes:

- Remove options 'gdbm' and 'memcached', no longer used

Revision 1.108 / (download) - annotate - [select for diffs], Wed Dec 8 16:06:57 2021 UTC (13 months, 3 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q4-base, pkgsrc-2021Q4
Changes since 1.107: +2 -1 lines
Diff to previous 1.107 (colored)

revbump for icu and libffi

Revision 1.107 / (download) - annotate - [select for diffs], Sun Dec 5 18:17:24 2021 UTC (13 months, 3 weeks ago) by schmonz
Branch: MAIN
Changes since 1.106: +2 -2 lines
Diff to previous 1.106 (colored)

Reorder CONFIGURE_ARGS from previous. NFCI.

Revision 1.106 / (download) - annotate - [select for diffs], Sun Dec 5 18:15:19 2021 UTC (13 months, 3 weeks ago) by schmonz
Branch: MAIN
Changes since 1.105: +4 -2 lines
Diff to previous 1.105 (colored)

Update to 1.4.63. From the changelog:

- [core] import xxHash v0.8.1
- [core] isolate use of sys/filio.h
- [core] fix reqpool mem corruption in 1.4.62 (fixes #3118)

pkgsrc changes:

- Link with pkgsrc xxhash instead of the vendored copy

Revision 1.105 / (download) - annotate - [select for diffs], Fri Dec 3 15:55:54 2021 UTC (13 months, 4 weeks ago) by schmonz
Branch: MAIN
Changes since 1.104: +4 -5 lines
Diff to previous 1.104 (colored)

Update to 1.4.62. From the changelog:

- support pcre2; HTTP Digest auth userhash; bugfixes

pkgsrc changes:

- switch to pcre2

Revision 1.104 / (download) - annotate - [select for diffs], Wed Nov 3 15:06:51 2021 UTC (14 months, 3 weeks ago) by schmonz
Branch: MAIN
Changes since 1.103: +2 -1 lines
Diff to previous 1.103 (colored)

Apply upstream 584a69c4 to fix use-after-free. Bump PKGREVISION.

Revision 1.103 / (download) - annotate - [select for diffs], Fri Oct 29 07:11:36 2021 UTC (15 months ago) by wiz
Branch: MAIN
Changes since 1.102: +3 -4 lines
Diff to previous 1.102 (colored)

lighttpd: update to 1.4.61.

Add missing test dependency.

- 1.4.61 - 2021-10-28
  * [core] define __BEGIN_DECLS, __END_DECLS if needed
  * [core] Y2038: error log high-precision timestamps
  * [multiple] __attribute_nonnull__ now takes params
  * [core] bounds check while url-decoding
  * [mod_magnet] prefer lua_newuserdatauv() w/ lua 5.4
  * [core] earlier macOS need define for errno_t (fixes #3107)
  * [tests] force POSIX::WNOHANG() autovivification (fixes #3110)
  * [mod_dirlisting] sort "../" to top (fixes #3109)
  * [tests] force Fcntl::F_SETFD() autovivification (#3110)
  * [core] avoid repeated typedef for fdlog_st
  * [doc] update INSTALL
  * [mod_extforward] keep remote IP thru request reset
  * [core] fix HTTP/2 upload > 64k w/ max-request-size (fixes #3108)
  * [mod_auth] fix Basic auth passwd cache (fixes #3112)
  * [mod_ajp13,mod_fastcgi] comment: no response body
  * [mod_webdav] ignore PROPFIND Depth for files
  * [core] add comment to ck_memeq_const_time()
  * [core] accept up to 5 digit port num in host cond
  * [core] expose chunkqueue_remove_empty_chunks()
  * [core] short-circuit if response body recv w/ hdrs (fixes #3111)
  * [core] resched HTTP/2 streams w/ pending data (#3111)
  * [core] separate func for gw_authorizer_ok()
  * [core] make ck_memeq_const_time() more generic (#3112)
  * [mod_auth] revert adjustment to auth passwd cache (#3112)
  * [core] thwart h2c smuggling when Upgrade enabled
  * [core] separate funcs to check for valid chars
  * [core] thwart h2 request tunnelling
  * [core] clear shared log buffer after writes
  * [mod_nss] quiet trace for PR_END_OF_FILE_ERROR
  * [core] allow debug.log-state-handling in condition
  * [core] combine more dup header processing code
  * [mod_ajp13,mod_fastcgi] check resp w/ content len
  * [mod_proxy] Length Req if proxy forcing HTTP/1.0
  * [core] restart dead proc on connect error if local
  * [mod_ajp13,mod_fastcgi] recv_parse smaller funcs
  * [multiple] warn deprecated mods slated for removal
  * [core] remove redundant checks in same context
  * [core] tighten chunkqueue_steal* code; better asm
  * [build] check for preadv(), pwritev()
  * [core] pwritev w/ chunkqueue_steal_with_tempfiles
  * [core] tighten chunkqueue_mark_written; better asm
  * [doc] uncomment mod_auth load in conf.d/auth.conf
  * [core] tighten chunkqueue_small_resp_optim()
  * [core] chunkqueue_small_resp_optim if resp < 16k
  * [mod_auth] clear crypt() output if len >= 13
  * [multiple] add assert after malloc in two spots
  * [core] add HTTP/2 check resp finished w/ empty cq (#3111)
  * [core] chunkqueue_small_resp_optim() comment

Revision 1.102 / (download) - annotate - [select for diffs], Thu Oct 21 07:46:39 2021 UTC (15 months, 1 week ago) by wiz
Branch: MAIN
Changes since 1.101: +2 -1 lines
Diff to previous 1.101 (colored)

*: recursive bump for heimdal 7.7.0

its buildlink3.mk now includes openssl's buildlink3.mk

Revision 1.101 / (download) - annotate - [select for diffs], Mon Oct 4 09:13:22 2021 UTC (15 months, 3 weeks ago) by wiz
Branch: MAIN
Changes since 1.100: +2 -3 lines
Diff to previous 1.100 (colored)

lighttpd: update to 1.4.60.

Highlights

* improve performance, reduce memory use, bugfixes
* HTTP/2 smoother and lower memory use (in general)
* HTTP/2 tuning to better handle aggressive client initial requests
* reduce memory footprint; workaround poor glibc behavior; jemalloc is better
* mod_magnet lua performance improvements
* mod_dirlisting performance improvements and new caching option
* memory constraints for extreme edge cases in mod_dirlisting, mod_ssi, mod_webdav
* connect(), write(), read() time limits on backends (separate from client timeouts)
* lighttpd restarts if large discontinuity in time occurs (embedded systems)
* RFC7233 Range support for all non-streaming responses, not only static files

Revision 1.100 / (download) - annotate - [select for diffs], Wed Sep 29 19:01:27 2021 UTC (16 months ago) by adam
Branch: MAIN
Changes since 1.99: +2 -2 lines
Diff to previous 1.99 (colored)

revbump for boost-libs

Revision 1.99 / (download) - annotate - [select for diffs], Wed Jun 23 20:33:18 2021 UTC (19 months, 1 week ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2021Q3-base, pkgsrc-2021Q3
Changes since 1.98: +2 -2 lines
Diff to previous 1.98 (colored)

Revbump for MySQL default change

Revision 1.98 / (download) - annotate - [select for diffs], Fri May 14 11:11:00 2021 UTC (20 months, 2 weeks ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2021Q2-base, pkgsrc-2021Q2
Changes since 1.97: +4 -2 lines
Diff to previous 1.97 (colored)

lighttpd: improve options support

as well as adding options for other SSL libraries, disabling options
explicitly should cause less problems when the OS contains libraries used
by the options.

Revision 1.97 / (download) - annotate - [select for diffs], Wed Apr 21 11:42:54 2021 UTC (21 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.96: +2 -1 lines
Diff to previous 1.96 (colored)

revbump for textproc/icu

Revision 1.96 / (download) - annotate - [select for diffs], Wed Feb 3 08:49:49 2021 UTC (23 months, 3 weeks ago) by schmonz
Branch: MAIN
CVS Tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1
Changes since 1.95: +2 -2 lines
Diff to previous 1.95 (colored)

Update to 1.4.59. From the changelog:

Summary:

HTTP/2 enabled by default, mod_deflate zstd support, mod_ajp13
(new), bugfixes.

Future Scheduled Behavior Changes:

* graceful restart/shutdown default timeout will change from 0
  (infinite/no timeout) to 5 seconds (or some similar non-zero period)
  configure an alternative with:
  server.feature-flags += ("server.graceful-shutdown-timeout" => 5)

* mod_compress is DEPRECATED; use mod_deflate
  mod_compress has been subsumed by mod_deflate
  Note: mod_compress config options may be removed in a future release

* mod_geoip is DEPRECATED; use mod_maxminddb
  Note: mod_geoip will be removed from a future lighttpd release

* mod_authn_mysql is DEPRECATED; use mod_authn_dbi
  Note: mod_authn_mysql will be removed from a future lighttpd release

* mod_mysql_vhost is DEPRECATED; use mod_vhostdb_dbi or mod_vhostdb_mysql
  Note: mod_mysql_vhost will be removed from a future lighttpd release

* mod_cml is DEPRECATED; use mod_magnet
  Note: mod_cml will be removed from a future lighttpd release

Changes from 1.4.58:

* [mod_webdav] hide unused funcs depending on build
* [mod_mbedtls] include mbedtls/platform_util.h
* [mod_mbedtls] use local strncmp_const()
* [mod_gnutls] use local strncmp_const()
* [mod_dirlisting] place vars closer to where used
* [autotools] autoupdate; subst deprecated/obsolete
* [autoconf] update ax_prog_cc_for_build.m4
* [core] fix crash at shutdown w/ certain config
* [tests] use ephemeral ports in tests
* [mod_wolfssl] minor updates for wolfSSL v4.6.0
* [doc] create-mime.conf.pl improve case handling
* [mod_openssl] extend ssl.openssl.ssl-conf-cmd
* [mod_extforward] config warning for module order
* [mod_extforward] fix extforward.headers defaults (fixes #3051)
* [multiple] use HTTP_HEADER_* enum before strcmp
* [multiple] replace buffer_is_equal_caseless_string
* [mod_dirlisting] quiet coverity false positive
* [doc] create-mime.conf.pl improve case handling
* [autoconf] fix LT_INIT syntax
* [doc] create-mime.conf.pl -v for warnings
* [core] fix crash in error trace if backend is down (fixes #3052)
* [doc] create-mime.conf.pl -v silent for mult vnd
* [mod_openssl] update LIBRESSL_VERSION_NUMBER check
* [multiple] fix: honor CipherString for alt TLS lib
* [mod_openssl] set Ciphersuites once API available
* [mod_dirlisting] use fdopendir(), fstatat()
* [mod_deflate] support Accept-Encoding: zstd
* [mod_deflate] use zstd streaming API
* [mod_dirlisting] hide unused variable on MacOS
* [doc] add --with-zstd to INSTALL
* [mod_access] mark mod_access_check attribute pure
* [core] add decls in connections.h
* [build] update scripts/ci-build.sh
* [core] check ifdef WOLFSSL_SHA512 for SHA512 avail
* [build] scripts/ci-build.sh --with-nettle
* [mod_openssl] update LIBRESSL_VERSION_NUMBER check
* [build] scripts/ci-build.sh w/o --with-wolfssl
* [build] scripts/ci-build.sh adjustments
* [build] fix typo in src/CMakeLists.txt
* [build] adjust mbedtls vars in src/CMakeLists.txt
* [build] scripts/ci-build.sh adjustments
* [build] adjust crypto vars in src/CMakeLists.txt
* [core] avoid multiple definition of SHA512_CTX
* [build] adjust crypto vars in src/CMakeLists.txt
* [mod_alias] modify r->physical.path in place
* [build] scripts/ci-build.sh add --with-maxminddb
* build] scripts/ci-build.sh remove --with-maxminddb
* [mod_deflate] use zstd typedefs (minor cleanup)
* [mod_deflate] compat with zstd < v1.4.0
* [multiple] fix coverity warnings
* [multiple] fix TLS config string parsing
* [mod_gnutls] fix ssl.ca_dn_file data access
* [mod_wolfssl] wipe ssl_pemfile_pkey before free()
* [mod_wolfssl] fix syntax errors
* [multiple] fix TLS config string parsing
* [mod_gnutls] fix alt code for coverity
* [core] check more carefully after SSL_WANT_WRITE
* [core] fix 100% CPU spin if traffic limit hit
* [core] skip interest in POLLRDHUP after POLLRDHUP (#3059)
* [TLS] detect expired stapling file at startup (fixes #3056)
* [multiple] avoid duplicate parsing in trigger func (#3056)
* [multiple] quiet some clang-analyzer warnings
* [core] enable HTTP/2 by default
* [mod_ajp13] AJPv13 Tomcat connector for lighttpd
* [core] const data_unset *array_get_element_klen()
* [core] tighten struct data_config and related code
* [core] fix merging large headers across mult reads (fixes #3059)
* [mod_gnutls,mod_mbedtls] recog common cipherstring
* [build] fix typo in SConstruct (fixes #3061)
* [mod_wolfssl] wolfSSL might repeat SNI_Callback()
* [TLS] fix invalid cfg warning
* [mod_openssl] fix acme-tls/1 challenge bootstrap
* [TLS] set r->uri.authority empty str upon accept()
* [mod_gnutls] fix acme-tls/1 challenge bootstrap
* [mod_nss] fix acme-tls/1 challenge bootstrap
* [mod_wolfssl] copy stapling buf for OCSP resp
* [mod_mbedtls] fix acme-tls/1 challenge bootstrap
* [mod_mbedtls] fix acme-tls/1 challenge bootstrap
* [mod_cgi] fix assert if empty X-Sendfile path (fixes #3062)
* [mod_mbedtls] restore ALPN chk after client hello
* [core] re-validate h2 CONTINUATION frame len in cq
* [mod_mbedtls] remove redundant condition check
* [core] quiet coverity warning

Revision 1.95 / (download) - annotate - [select for diffs], Mon Dec 28 09:35:04 2020 UTC (2 years, 1 month ago) by schmonz
Branch: MAIN
CVS Tags: pkgsrc-2020Q4-base, pkgsrc-2020Q4
Changes since 1.94: +2 -2 lines
Diff to previous 1.94 (colored)

Update to 1.4.58. From the changelog:

- [tests] collect code for "die-at-end" tests
- [tests] remove FastCGI test dependency on libfcgi
- [core] prefer IPv6+IPv4 func vs IPv4-specific func
- [tests] remove FastCGI test dependency on PHP
- [core] reuse large mem chunks (fix mem usage) (fixes #3033)
- [core] add comment for FastCGI mem use in hctxb (#3033)
- [mod_proxy] fix sending of initial reqbody chunked
- [multiple] fdevent_waitpid() wrapper
- [core] sys-time.h localtime_r,gmtime_r macros
- [core] http_date.[ch] encapsulate HTTP-date parse
- [core] specialized strptime() for HTTP date fmts
- [multiple] employ http_date.h, sys-time.h
- [core] http_date_timegm() (portable timegm())
- buffer_append_path_len() to join paths
- [core] inet_ntop_cache -> sock_addr_cache
- [tests] slight speed up checking for server ready
- [tests] load required modules in alt .conf tests
- [multiple] etag.[ch] -> http_etag.[ch]; better imp
- [core] fix crash after specific err in config file
- [core] fix bug in FastCGI uploads (#3033)
- [tests] OpenBSD crypt() support limited to bcrypt
- [core] http_response_match_if_range()
- [mod_webdav] typedef off_t loff_t for FreeBSD
- [multiple] chunkqueue_write_chunk()
- [build] add GNUMAKEFLAGS=o-print-directory
- [tests] consolidate some tests/ content
- [core] fix bug in read retry found by coverity

Updating during the freeze for (also from the changelog) "important
changes: bugfixes, portability".

Revision 1.94 / (download) - annotate - [select for diffs], Thu Dec 17 10:38:13 2020 UTC (2 years, 1 month ago) by schmonz
Branch: MAIN
Changes since 1.93: +2 -3 lines
Diff to previous 1.93 (colored)

Update to 1.4.57. From the changelog:

- [core] attempt to quiet some coverity warnings
- [mod_webdav] compile fix for Mac OSX/11
- [core] handle U+00A0 in config parser
- [core] fix lighttpd -1 one-shot with pipes
- [core] quiet start/shutdown trace in one-shot mode
- [core] allow keep-alives in one-shot mode (#3042)
- [mod_webdav] define _ATFILE_SOURCE if AT_FDCWD
- [core] setsockopt IPV6_V6ONLY if server.v4mapped
- [build] fix meson.build when building all TLS mods
- [core] prefer inet_aton() over inet_addr()
- [build] fix SCons build when building all TLS mods
- [core] add missing mod_wolfssl to ssl compat list
- [mod_openssl] remove ancient preprocessor logic
- [core] SHA512_Init, SHA512_Update, SHA512_Final
- [mod_wolfssl] add complex preproc logic for SNI
- [core] wrap a macro value with parens
- [core] fix handling chunked response from backend (fixes #3044)
- [core] always set file.fd = -1 on FILE_CHUNK reset (fixes #3044)
- [core] skip some trace if backend Upgrade (#3044)
- [TLS] cert-staple.sh POSIX sh compat (fixes #3043)
- [core] portability fix if st_mtime not defined
- [mod_nss] portability fix
- [core] warn if mod_authn_file needed in conf
- [core] fix chunked decoding from backend (fixes #3044)
- [core] reject excess data after chunked encoding (#3046)
- [core] track chunked encoding state from backend (fixes #3046)
- [core] li_restricted_strtoint64()
- [core] track Content-Length from backend (fixes #3046)
- [core] enhance config parsing debugging (#3047)
- [core] reorder srv->config_context to match ndx (fixes #3047)
- [mod_proxy] proxy.header = ("force-http10" => ...)
- [mod_authn_ldap] fix crash (fixes #3048)
- [mod_authn_ldap, mod_vhostdb_ldap] default cafile
- [core] fix array_copy_array() sorted[]
- [multiple] replace fall through comment with attr
- [core] fix crash printing trace if backend is down
- [core] fix decoding chunked from backend (fixes #3049)
- [core] attempt to quiet some coverity warnings

Revision 1.93 / (download) - annotate - [select for diffs], Tue Dec 1 09:44:12 2020 UTC (2 years, 2 months ago) by schmonz
Branch: MAIN
Changes since 1.92: +2 -1 lines
Diff to previous 1.92 (colored)

Enable --with-nettle as recommended in the release announcement; we'll
add options for other SSL libraries later. Add 'libdbi' option to enable
mod_vhostdb_dbi and the new mod_authn_dbi module, off by default. Bump
PKGREVISION.

Revision 1.92 / (download) - annotate - [select for diffs], Mon Nov 30 10:28:33 2020 UTC (2 years, 2 months ago) by schmonz
Branch: MAIN
Changes since 1.91: +2 -3 lines
Diff to previous 1.91 (colored)

Update to 1.4.56. From the changelog:

# Highlights

- HTTP/2 support
  - must be enabled in lighttpd.conf in lighttpd 1.4.56;
    may be enabled by default in a future release
  - `server.feature-flags += ("server.h2proto" => "enable", "server.h2c" => "enable")`
- TLS library options: OpenSSL, mbedTLS, wolfSSL, GnuTLS, NSS
  - mod_openssl (existing)
  - mod_mbedtls (experimental)
  - mod_wolfssl (experimental)
  - mod_gnutls (experimental)
  - mod_nss (experimental)
- TLS OCSP stapling
  (except mbedTLS; not currently supported by mbedTLS)
- TLS session ticket key rotation control
  (except NSS; API limitation in NSS)
- mod_deflate brotli support
- mod_proxy makes HTTP/1.1 requests to backends (change from HTTP/1.0)
- RFC 8297 support for 103 Early Hints produced by backends (scripts)
- graceful restart option to transfer listen fds (minimal pause)
  - `server.systemd-socket-activation = "enable"`
  - `server.feature-flags += ("server.graceful-restart-bg" => "enable", "server.graceful-shutdown-timeout" => "15")`

# Behavior Changes

- mod_openssl
  - default MinProtocol TLSv1.2
    TLSv1 and TLSv1.1 are deprecated and no longer supported by major browsers.
    <https://news.netcraft.com/archives/2020/03/03/browsers-on-track-to-block-850000-tls-1-0-sites.html>
    If prior behavior is required, configure:
    `ssl.openssl.ssl-conf-cmd = ("MinProtocol" => "TLSv1")`
    If using openssl <= 1.0.2 (end-of-life)
    `ssl.openssl.ssl-conf-cmd = ("Protocol" => "-ALL, TLSv1, TLSv1.1, TLSv1.2")`
  - (internal) TLS session cache is disabled by default,
    replaced by lighttpd robust TLSv1.2 session ticket support
    If backward compatibility is needed:
    `server.feature-flags += ("ssl.session-cache" => "enable")`
  - (internal) openssl creates a session ticket encryption key per SSL_CTX.
    lighttpd 1.4.56 and later assigns a single session ticket encryption key
    for the lighttpd server (across all SSL_CTX) for consistency.
  - behavior change with ssl.ca-dn-file (uncommon); applies to client
    certificate verification and ssl.ca-dn-file (uncommon)
    If client certificate verification is enabled
    (ssl.verifyclient.activate = "enable"),
    all CAs used for client certificate verification must be present in
    ssl.ca-file. This is the typical use case when client certificate
    verification is enabled. Certificates in (optional) ssl.ca-dn-file
    are used to send issuer names to client when the server sends a
    client certificate request. These names are use by the client
    during certificate selection, and the server requires that the
    certificate sent by the client be issued by one of the subjects
    in ssl.ca-dn-file.
    (Prior behavior merged ssl.ca-file and ssl.ca-dn-file for trusted CAs.
    New behavior requires all trusted CAs be listed in ssl.ca-file,
    and a subset be duplicated into ssl.ca-dn-file to specify allowed
    client cert issuer.)
- mod_deflate: support for bzip2 is now disabled by default in the build
  - (enable using `./configure --with-bzip2`)
    bzip2 Content-Encoding is not widely supported
    Prefer to build `--with-brotli`
    brotli Content-Encoding is more widely supported than bzip2

# Future Scheduled Behavior Changes

- HTTP/2 support will be enabled by default in a future release
- graceful restart/shutdown default timeout will change from
  0 (infinite/no timeout) to 5 seconds (or some similar non-zero period)
  configure an alternative with:
  `server.feature-flags += ("server.graceful-shutdown-timeout" => 5)`
- mod_compress is DEPRECATED; use mod_deflate
  mod_compress has been subsumed by mod_deflate
  Note: mod_compress config options may be removed in a future release
- mod_geoip is DEPRECATED; use mod_maxminddb
  Note: mod_geoip will be removed from a future lighttpd release
- mod_authn_mysql is DEPRECATED; use mod_authn_dbi
  Note: mod_authn_mysql will be removed from a future lighttpd release
- mod_mysql_vhost is DEPRECATED; use mod_vhostdb_dbi or mod_vhostdb_mysql
  Note: mod_mysql_vhost will be removed from a future lighttpd release
- mod_cml is DEPRECATED; use mod_magnet
  Note: mod_cml will be removed from a future lighttpd release

Revision 1.91 / (download) - annotate - [select for diffs], Thu Nov 5 09:09:21 2020 UTC (2 years, 2 months ago) by ryoon
Branch: MAIN
Changes since 1.90: +2 -2 lines
Diff to previous 1.90 (colored)

*: Recursive revbump from textproc/icu-68.1

Revision 1.90 / (download) - annotate - [select for diffs], Sun Oct 25 14:59:14 2020 UTC (2 years, 3 months ago) by schmonz
Branch: MAIN
Changes since 1.89: +2 -2 lines
Diff to previous 1.89 (colored)

Add upstream patch to fix segfault in __readdir30 (from
webdav_propfind_dir) on NetBSD. Bump PKGREVISION.

Revision 1.89 / (download) - annotate - [select for diffs], Tue Jun 2 08:24:57 2020 UTC (2 years, 7 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2020Q3-base, pkgsrc-2020Q3, pkgsrc-2020Q2-base, pkgsrc-2020Q2
Changes since 1.88: +2 -2 lines
Diff to previous 1.88 (colored)

Revbump for icu

Revision 1.88 / (download) - annotate - [select for diffs], Sun Apr 12 08:29:17 2020 UTC (2 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.87: +2 -1 lines
Diff to previous 1.87 (colored)

Recursive revision bump after textproc/icu update

Revision 1.87 / (download) - annotate - [select for diffs], Fri Mar 20 11:45:01 2020 UTC (2 years, 10 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2020Q1-base, pkgsrc-2020Q1
Changes since 1.86: +3 -3 lines
Diff to previous 1.86 (colored)

lighttpd: use https

Revision 1.86 / (download) - annotate - [select for diffs], Mon Feb 3 11:08:06 2020 UTC (2 years, 11 months ago) by nros
Branch: MAIN
Changes since 1.85: +2 -3 lines
Diff to previous 1.85 (colored)

Update lighttpd to version 1.4.55

patch-src_fdevent__solaris__port.c was removed since what it solves is fixed
in this version.

Changes from 1.4.54

    [core] fix compile error on Solaris
    [core] attribute_pure
    [core] array-specialized buffer_caseless_compare()
    [core] specialized buffer_eq_*() for short strings
    [core] mark some more funcs w/ attribute_pure
    [core] use buffer_eq_icase* funcs
    [multiple] replace strcasecmp() on short strings
    [core] mark some more funcs w/ attribute_pure
    [mod_webdav] fix startup crash w/ multiple conds
    [core] cold func http_response_omit_header()
    [core] use buffer_eq_icase_ssn func
    [core] use buffer_eq_icase_ssn func
    [core] correct attribute_pure syntax
    [core] allocate unix socket paths with SUN_LEN()+1
    Use explicit_memset from NetBSD if available for safe_memclear
    Also use explicit_memset (NetBSD) with cmake, scons and meson
    [cmake]: enable CMAKE_POSITION_INDEPENDENT_CODE by default
    [core] improve http_headers[] data struct packing
    [core] fdevent_poll() is effective periodic timer
    [core] move con state handling to connections*.c
    [core] issue config error for invalid     [mod_deflate] fix choose encoding parse error
    [core] retry on some fdevent set/del temporary err
    [core] disable stat_cache FAM if FAM conn closed
    [mod_auth] http_auth_const_time_memeq improvement
    [build] prefer pkg-config for postgres
    [mod_authn_gssapi] 500 if fail to delegate creds
    [mod_authn_gssapi] option to store delegated creds
    [mod_webdav] fix file uploads > 128M
    [mod_auth] do not use quoted-string for algorithm
    [mod_auth] require digest uri= match original URI
    [mod_auth] Authentication-Info: nextnonce=    [mod_auth] http_auth_const_time_memeq_pad()
    [mod_auth] http_auth_const_time_memeq()
    [build] PGSQL_CFLAGS with pkg-config for postgres
    [core] avoid freeaddrinfo() on NULL ptr
    [core] reject WS following header field-name
    [core] reject Transfer-Encoding + Content-Length
    [mod_openssl] reject invalid ALPN
    [mod_accesslog] parse multiple cookies
    [core] Oracle Solaris does not have POLLRDHUP
    [multiple] address coverity warnings
    [core] preserve %2b and %2B in query string
    [core] fall back to accept() if accept4() EPERM
    [mod_auth] close connection after bad password
    [core] do not accept() > server.max-connections
    [core] save errno before logging if execve() fails
    [config] update /var/run /run for systemd
    [core] Solaris has getloadavg in sys/loadavg.h
    [build] Fix build when using nested CMake
    [core] fix one-byte OOB read (underflow)

Revision 1.85 / (download) - annotate - [select for diffs], Sat Jan 18 21:51:08 2020 UTC (3 years ago) by jperkin
Branch: MAIN
Changes since 1.84: +2 -1 lines
Diff to previous 1.84 (colored)

*: Recursive revision bump for openssl 1.1.1.

Revision 1.84 / (download) - annotate - [select for diffs], Mon Nov 4 22:09:57 2019 UTC (3 years, 2 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base, pkgsrc-2019Q4
Changes since 1.83: +8 -8 lines
Diff to previous 1.83 (colored)

www: align variable assignments

pkglint -Wall -F --only aligned --only indent -r

Manually excluded phraseanet since pkglint got the indentation wrong.

Revision 1.83 / (download) - annotate - [select for diffs], Wed May 29 10:01:28 2019 UTC (3 years, 8 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base, pkgsrc-2019Q3, pkgsrc-2019Q2-base, pkgsrc-2019Q2
Changes since 1.82: +2 -3 lines
Diff to previous 1.82 (colored)

lighttpd: Update to 1.4.54.

pkgsrc changes:

Replace use of legacy GeoIP library with libmaxminddb.
Uses a different module.

Changes:

Highlights
behavior change: strict URL parsing and normalization (configurable)
behavior change: mod_webdav now rejects partial PUT (configurable)
mod_auth: HTTP Auth Digest algorithm=SHA-256
mod_webdav: major rewrite: robustness, performance, RFC compliance
mod_maxminddb: new; obsoletes discontinued mod_geoip

Changes from 1.4.53
[mod_evhost] handle IPv6 literal addr; add tests
[core] separate server_main_loop() func, mark hot
[core] mark startup/shutdown funcs cold
[core] some server_main_loop() cleanup
[core] fdevent_process()
[core] srvax_fds_lowat and srvax_fds_hiwat
[core] remove server.h
[mod_staticfile] search ext array if not empty
[core] store joblist pointer on stack
[core] quickly clear request buffer for reuse
[core] helper funcs for connection_state_machine()
[core] perf: optimize connection_read_header()
[core] parse request in connection_read_header()
[core] log_request_header_on_error in one place
[core] copy request only if might need for logging
[core] make parse_request,request.request same buf
[core] prefer buffer_caseless_compare()
[core] pass req hdrs buffer to http_request_parse
[core] replace conesponse.keep_alive
[core] mark log_error_write*() funcs cold
[core] http_request_parse() mark error paths cold
[core] lift code out of request line parse loop
[core] get_http_method_key() match by strlen first
[core] RFC7230 HTTP-version parse
[mod_accesslog] attempt to reconstruct req line
[multiple] minor: remove duplicated conditions
[mod_deflate] honor request for x-gzip, x-bzip2
[mod_auth] minor: adjust config validation
[core] discard oversized trailers
[core] no keep-alive if POLLRDHUP,empty read queue
[core] fix gw_backend spelling of directive in err
[multiple] reduce code dup in list resizing
[core] cons_ssl_sock
[core] connection_handle_write() updates con state
[core] skip plugins_call_cleanup if not initd
[core] simpler loops to run plugin hooks
[core] fix mixed use of srvplit_vals array (fixes #2932)
[core] dispatch events from within event framework
[core] don call fd event handlers more than once, they might already be gone (fixes segfault)
[core] poll: fdarray uses fd as index, not fde_ndx
[core] map FDEVENT_* to OS system event frameworks
[core] prefer memchr() over strchr()
[core] use openssl to read,discard request body
[mod_openssl] inherit cipherlist from global scope
[mod_openssl] default: ssl.cipher-list = שIGH[mod_proxy] pass Content-Length to backend if > 0
[core] config option to allow GET w/ request body
[core] some fdevent code streamlining
[core] remove fde_ndx member outside fdevents
[core] remove redundant check for allow_http11
[mod_openssl] use 16k static buffer instead of 64k
[core] pull server load checks out of main loop
[core] isolate fdevent processing
[core] release empty chunk buf when nothing read
[core] perf: pass (fdnode *) to epoll and kqueue
[core] modify config parser to handle multiple }
[core] pass (fdnode *) for registered fdevent fd
[mod_auth] http_auth_digest_hex2bin()
[mod_auth] http_auth_info_t digest abstraction
[mod_auth] pass http_auth_require_t for 401 Unauth
[core] no SOCK_NONBLOCK on QNX 7.0
[mod_auth] HTTP Auth Digest algorithm=SHA-256
[core] silence coverity warning
[mod_magnet] fix invalid script return-type crash (fixes #2938)
[build] remove -Wdeclaration-after-statement
[core] pass conf.follow_symlink in more places
[core] fix assertion with server.error-handler (fixes #2941)
[core] extend dir redirection to take HTTP status
[doc] minor adjust create-mime.conf.pl regex match (#2942)
[core] attribute((fallthrough)) for GCC 7.0
[core] fdevent_mkstemp_append() (shared)
[core] off_t upload_temp_file_size
[core] clear FDEVENT_RDHUP if no POLLRDHUP
[mod_wstunnel] fix ping-interval for big-endian (fixes #2944)
[core] fix abort in http-parseopts (fixes #2945)
[core] remove repeated slashes in http-parseopts
[core] fix 1.4.52 regression in mem use with POST (fixes #2948)
[multiple] cleaner calloc use in SETDEFAULTS_FUNC
[core] add const to some etag prototypes
[core] attribute((format )
[core] struct log_error_st for error logging
[core] log_error, log_perror using printf-like fmt
[core] new worker_init hook to follow parent fork
[core] replace open() with fdevent_open_cloexec()
[mod_webdav] major rewrite (fixes #1818)
[core] 200 for OPTIONS /non-existent/path HTTP/1.1 (fixes #2939)
[mod_webdav] surround Lock-Token with [mod_webdav] fix uuid detection macro
[mod_webdav] fix misbehavior on blank nodes in PROPPATCH
[mod_webdav] clean up resources after do{}while(0)
[mod_webdav] check If-Match, If-Unmodified-Since (#1818)
[mod_webdav] deprecated unsafe partial PUT compat
[mod_webdav] provide ETag in more responses
[mod_webdav] platform portability fixes
[mod_webdav] disable elftc_copyfile() on FreeBSD
[mod_webdav] special-case If: ()
[mod_webdav] check If-None-Match (#1818)
[stat_cache] separate func for symlink policy chk
[stat_cache] separate symlink pol from data struct
[stat_cache] store entries without trailing slash
[stat_cache] pass age param for stat cache cleanup
[stat_cache] remove splaytree ins/del debug code
[stat_cache] FAM: reduce string copying
[stat_cache] FAM: check FAMNextEvent() return code
[stat_cache] FAM: use entry hash index as userdata
[stat_cache] FAM: improve handling modified file
[stat_cache] FAM: ignore follow-symlink config
[stat_cache] FAM: check hash collision before add
[stat_cache] FAM: ignore event with no valid match
[stat_cache] FAM: funcs to invalidate entries
[stat_cache] interfaces to invalidate entries
[mod_webdav] update stat_cache after file mod
[core] use high precision stat timestamp in etag
[scons] adjustment for static build under CentOS
[core] emit trace using path before clearing path
[core] http_chunk_append_file_fd()
[multiple] open target file earlier in some cases
[stat_cache] no longer stat() and open() for stat
[stat_cache] FAM: improve monitoring, cache 16 sec
[stat_cache] FAM: separate routine for FDEVENT_IN
[stat_cache] FAM: whitespace-only change
[mod_webdav] quiet coverity warnings
[doc] highlight relevance of module load order (fixes #2946)
[core] behavior change: stricter URL normalization
[stat_cache] fix compilation error for cmake
[cmake] help cmake on FreeBSD find sys/event.h
[scons] help scons on FreeBSD find sys/event.h
[build] detect FreeBSD elftc_copyfile()
[mod_openssl] use SSL_CTX_set_client_hello_cb()
[core] support weak etags with If-None-Match
[core] store log_state_handling flag on stack
[core] check if splay_tree NULL before invalidate
[mod_webdav] workaround Microsoft-WebDAV-MiniRedir
[mod_webdav] doc Microsoft-WebDAV-MiniRedir bugs
[mod_webdav] invalidate parent dir in stat_cache
[doc] systemd socket activation config example
[core] chunkqueue perf: code reuse
[core] chunkqueue perf: specialized buffer.h funcs
[core] chunkqueue perf: skip opening 0-length file
[core] chunkqueue perf: read small files into mem
[core] buffer_reset() should not be passed NULL
[tests] has_feature() helper func
[tests] skip mod-secdownload HMAC-SHA1,HMAC-SHA256
[core] use high precision stat timestamp on OS X
[mod_magnet] expose server addr (local IP) to lua
[core] adjust http_chunk read() retry loop
[mod_maxminddb] MaxMind GeoIP2 support
[mod_authn_ldap] ldap_set_option LDAP_OPT_RESTART (fixes #2940)

Revision 1.82 / (download) - annotate - [select for diffs], Wed Apr 3 00:33:12 2019 UTC (3 years, 10 months ago) by ryoon
Branch: MAIN
Changes since 1.81: +2 -1 lines
Diff to previous 1.81 (colored)

Recursive revbump from textproc/icu

Revision 1.81 / (download) - annotate - [select for diffs], Tue Jan 29 12:31:46 2019 UTC (4 years ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base, pkgsrc-2019Q1
Changes since 1.80: +1 -3 lines
Diff to previous 1.80 (colored)

lighttpd: Fix a pkglint warnings.

Revision 1.80 / (download) - annotate - [select for diffs], Mon Jan 28 22:39:52 2019 UTC (4 years ago) by schmonz
Branch: MAIN
Changes since 1.79: +2 -3 lines
Diff to previous 1.79 (colored)

Update to 1.4.53. From the changelog:

* [mod_cml,mod_flv_streaming] fix NULL ptr deref
* [mod_simple_vhost] t/test_mod_simple_vhost
* [mod_evhost] split uri handler func for testing
* [mod_evhost] restructure for unit tests
* [mod_evhost] t/test_mod_evhost
* [mod_access] restructure for unit tests
* [mod_access] t/test_mod_access
* [tests] include first.h and NDEBUG early
* [core] use kill_signal for gw_proc_kill()
* [tests] t/test_keyvalue
* [tests] some test config cleanup
* [tests] update skip count in mod-fastcgi.t
* [multiple] reduce initial buffer sz if large POST (fixes #2922)
* [mod_fastcgi] fix NULL ptr deref from bugfix #2922 (fixes #2923)
* [tests] more test config cleanup
* [core] perf: incremental hash of pathname w/o copy
* [core] perf: reuse buffer to redirect to directory
* [core] do not free() reused buffer
* [core] use connected sock port in dir redirect
* [core] http_response_buffer_append_authority()
* [core] use con->server_name for dir redir
* [core] memeq compare rounded to 64, not next 1M
* [core] define MD5_DIGEST_LENGTH 16
* [mod_auth] permit additional auth backends to load
* [core] send Connection: close if reqbody not read (fixes #2924)
* [core] cache rev DNS for localhost for dir redir
* [doc/conf] resolve some mime type conflicts from debian buster,
  regenerate mime.conf
* [core] move winsock init to network_init()
* [core] move /dev/stdin graceful restart handling
* [core] network_srv_sockets_append() shared code
* [core] systemd socket activation support
* [build] autotools: try mysqlclient.pc and mariadb.pc (fixes #2925)
* [mod_expire] look up expire fallback "" explicitly
* [multiple] calloc match ptr type (clang --analyze)
* [multiple] quiet clang --analyze where trivial
* [mod_webdav] compare COPY, MOVE Destination scheme
* [core] con->uri.scheme is maintained lowercase
* [mod_openssl] ALPN and acme-tls/1 (fixes #2931)
* [core] Fix recursive include_shell invocations
* [mod_openssl] ssl.privkey directive (optional)

Revision 1.79 / (download) - annotate - [select for diffs], Sun Dec 9 18:52:49 2018 UTC (4 years, 1 month ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2018Q4-base, pkgsrc-2018Q4
Changes since 1.78: +2 -1 lines
Diff to previous 1.78 (colored)

revbump after updating textproc/icu

Revision 1.78 / (download) - annotate - [select for diffs], Thu Nov 29 06:34:02 2018 UTC (4 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.77: +2 -2 lines
Diff to previous 1.77 (colored)

lighttpd: update to 1.4.52.

- 1.4.52 - 2018-11-28
  * [mysql] MySQL 8 deprecates my_bool
  * [core] typo in trace
  * [build] Fix unportable test(1) operator
  * [core] perf: call connection_reset() fewer times
  * [core] perf: array_reset_data_strings()
  * [core] perf: buffer_free_ptr() __attribute__ cold
  * [core] perf: one-element cache for host normalize
  * [core] perf: buffer_copy_string_len()
  * [core] perf: skip redundant prepare copy calls
  * [core] perf: buffer_align_size() identity if align
  * [core] perf: size write buffers for reuse
  * [core] perf: prepend headers directly into write q
  * [core] perf: copy small strings; better buf reuse
  * [core] perf: copy small strings; extend last chunk
  * [core] perf: specialized func for array sorting
  * [core] perf: append response directly into write q
  * [core] perf: better buf reuse reading from backend
  * [core] chunk.c code reuse
  * [multiple] perf: write headers to backend write cq
  * [multiple] perf: power-2 alloc large headers
  * [multiple] perf: use larger initial backend buffer
  * [core] permit env vars to be set with blank value
  * [mod_fastcgi] perf: reduce data copies
  * [mod_fastcgi] perf: reduce data copies
  * [core] perf: chunk.c chunk pool
  * [multiple] perf: reuse large buffers w/ backend
  * [multiple] better packing of struct chunk
  * [core] perf: inline buffer_append_string_buffer()
  * [core] slightly simpler flag append to string
  * [mod_cgi] perf: reuse buffers for creating CGI env
  * [mod_fastcgi,mod_scgi] perf: env accumulation
  * [core] Don't call RAND_cleanup with OpenSSL 1.1.x
  * [mod_openssl] move SSL_shutdown() to separate func
  * [mod_openssl] SSL_read before second SSL_shutdown
  * [mod_cgi] perf: use stat_cache for cgi handler
  * [mod_openssl] prefer using TLS_server_method()
  * [mod_webdav] return 403 if file should exist
  * [core] perf: chunkqueue buffers already sized up
  * [core] perf: simpler buffer_string_space()
  * [multiple] dynamic handlers hint backend header sz
  * [core] use chunk_buf_sz instead of hard-coded num
  * [multiple] perf: simplify chunkqueue_get_memory()
  * [mod_wstunnel] perf: reuse large buffers
  * [mod_cgi] perf: cache getenv() results at start up
  * [core] fix 301 -> 302 overwrite with Location (fixes #2918)
  * [core] fix setting of headers previously reset (fixes #2919)
  * [mod_webdav] quiet coverity false positive
  * [core] server.compat-module-load = "disable"
  * [core] server.chunkqueue-chunk-sz = 4096
  * [core] perf: simpler buffer_string_space() (fixed)
  * [core] perf: faster HTTP pipelined requests
  * [core] perf: simpler buffer_string_space() (tests)
  * [mod_cgi] reset reused buffer on internal redir
  * [core] clear chunk buffer upon release
  * [mod_fastcgi] minor: copy packet without padding
  * [mod_redirect,mod_rewrite] use server_name
  * [mod_fastcgi] transfer chunks minus packet padding
  * [core] separate func to reset FILE_CHUNK
  * [core] perf: simple, quick buffer_clear()
  * [core] perf: small improvement to encoding CGI var
  * [core] perf: small improvement buffer_string_space
  * [core] simpler physical path concatenation
  * [mod_webdav] fix LOCK on incorrect URI path
  * [mod_webdav] one fewer buffer copy for COPY,MOVE
  * [core] perf: simplify buffer_move()
  * [mod_cml] parse query string without modifying it
  * [core] perf: buffer optimizations
  * [mod_wstunnel] use buffer_string_length()
  * [core] perf: inline buffer_copy_buffer()
  * [core] cygwin helper func for getcwd
  * [core] cygwin sample to run lighttpd under NSSM
  * [core] limit con->uri.authority < 1024 octets
  * [mod_webdav] separate func for each request method
  * [core] reject decoded url-path without leading '/'
  * [multiple] validate UTF-8 in url-decoded paths
  * [mod_proxy] silence coverity false positive
  * [core] fix typo
  * [core] buffer_append_path_len()
  * [core] quiet indexfile warning if mod not loaded

Revision 1.77 / (download) - annotate - [select for diffs], Tue Oct 16 06:11:54 2018 UTC (4 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.76: +2 -2 lines
Diff to previous 1.76 (colored)

lighttpd: update to 1.4.51.

- 1.4.51 - 2018-10-14
  * [core] split parsing header line into separate function
  * [core] explicitly return 0 instead of constant result
  * [core] header parsing: use goto for error handling
  * [core,security] process headers after combining folded headers
  * [core] replace folding whitespace with a single space
  * [buffer] fix duplicate assert and comment
  * [core] redo HTTP header line folding
  * [core] parse header line strings before copying
  * [core] abstraction to insert/modify response hdrs
  * [core] code reuse with array_insert_key_value()
  * [core] simplify parsing hdr key whitespace then :
  * [core] http_request_parse_reqline() separate func
  * [core] abstraction layer for HTTP header manip
  * [core] code reuse with http_response_body_clear()
  * [mod_proxy] fix proxy.forwarded and proxy.replace-http-host (fixes #2902)
  * [mod_rewrite] fix url.rewrite-repeat and url.rewrite-if-not-file (fixes #2908)
  * [core] fastcgi.h link to Open Market License (OML) (fixes #2901)
  * [mod_proxy,mod_wstunnel] copy full plugin_config (fixes #2903)
  * [mod_fastcgi,mod_scgi] error on oversized request (fixes #2905)
  * [mod_auth] send 401 for mismatch HTTP auth scheme (fixes #2906)
  * [core] code reuse array_match_*() routines
  * [mod_skeleton] review and simplify
  * [multiple] code reuse: employ array_match_*()
  * [doc] lighttpd.service uses network-online.target
  * [mod_flv_streaming] code simplifications
  * [mod_authn_pam] mod_auth PAM support (fixes #688)
  * [mod_sockproxy] add to build
  * [core] fix include_shell on inline shell commands (fixes #2910)
  * [multiple] code reuse: using array_*() funcs
  * [tests] t/test_array.c
  * [core] array_get_int_ptr()
  * [core] more memory-efficient fn table for data_*
  * [tests] #undef NDEBUG before assert.h in t/test_*
  * [core] inline status_counter routines
  * [core] log_failed_assert() __attribute__((cold))
  * [core] http_status_append()
  * [core] http_method_append()
  * [core] prefer buffer_append_string_len()
  * [build] fix SCons build for mod_authn_pam
  * [mod_userdir] security: skip username "." and ".."
  * [mod_deflate] null-check to quiet coverity warning
  * [core] quiet coverity false positive
  * [multiple] quiet compiler warnings --without-pcre
  * [mod_secdownload] support if HMAC() is a macro
  * [TLS] sys-crypto.h abstraction
  * [TLS] sys-crypto.h abstraction
  * [build] put request.c in common src
  * [meson] build fixes for libmariadb and libsasl2
  * [core] PATH_INFO calculation when basedir is "/" (fixes #2911)
  * [core] better consistency in buffer_is_equal*()
  * [core] fix missing param from prev commit
  * [mod_openssl] no renegotiation in TLS 1.3 (fixes #2912)
  * [core] reject Transfer-Encoding from proxy (#2913)
  * [mod_auth] use SHA1_Init,Update,Final
  * [mod_openssl] add support for wolfSSL
  * [build] automake support for wolfSSL
  * [build] SCons support for wolfSSL
  * [build] meson support for wolfSSL
  * [build] CMake support for wolfSSL
  * [core] perf: buffer.c internal inlines
  * [mod_openssl] wolfSSL does not support SSLv2
  * [core] perf: buffer_string_append_len()
  * [core] permit server.error_handler to static file

Revision 1.76 / (download) - annotate - [select for diffs], Tue Aug 14 06:24:54 2018 UTC (4 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2018Q3-base, pkgsrc-2018Q3
Changes since 1.75: +2 -3 lines
Diff to previous 1.75 (colored)

lighttpd: update to 1.4.50.

- 1.4.50 - 2018-08-13
  * [mod_extforward] allow explict IPs to be untrusted (#2860)
  * [core] fix crash if 'host' empty in config (fixes #2876)
  * [mod_magnet] fix regression in lighty.stat (fixes #2877)
  * [core] minor code cleanup in gw_recv_response()
  * [core] fix rare race condition from backends (fixes #2878)
  * [mod_proxy] fix segfault in Set-Cookie reverse map (fixes #2879)
  * [core] fdevent_accept_listenfd() nonblock cloexec
  * [build] remove m4 AC_PATH_PROG for PKG_CONFIG
  * [core] some header cleanup
  * [mod_wstunnel] better Sec-WebSocket-Protocol parse
  * [mod_magnet] code reuse
  * [mod_magnet] reduce buffer copies
  * [mod_fastcgi,mod_scgi] fastcgi.balance,scgi.balance (fixes #2882)
  * [core] check if SOCK_NONBLOCK is ignored (fixes #2883)
  * [core] buffer_append_string_encoded_hex_lc()
  * [core] more efficient hex2int()
  * [mod_secdownload] compare bin MAC instead of hex
  * [core] li_tohex_lc() explicitly uses lc hex chars
  * [core] buffer_append_uint_hex_lc() uses lc hex
  * [core] buffer_append_string_encoded() uc hex
  * [tests] reduce test_base64 brute force tests
  * [tests] remove test_buffer output, except on error
  * [core] check for continuation in server.tag
  * [core] CONNECT must be handled before fs hooks
  * [mod_redirect, mod_rewrite] code reuse (sharing)
  * [core] data_config_pcre_compile,exec()
  * [tests] test_request unit tests
  * [core] http_kv.[ch] method, status, version str
  * [core] remove unused get_http_status_body_name()
  * [core] remove proc_open.[ch], reduce stdio.h use
  * [tests] move src/test_*.c to src/t/
  * [core] server.http-parseopts URL normalization opt (fixes #1720)
  * [core] inline some buffer.[ch] routines
  * [core] remove some duplicative code in log.c
  * [core] debug server.log-request-header-on-error
  * [mod_redirect,mod_rewrite] short-circuit earlier
  * [core] fix buffer_to_upper()
  * [mod_cgi] handle CGI partial response header write
  * [mod_redirect,mod_rewrite] pass request URI info
  * [mod_redirect,mod_rewrite] encoding options (fixes #443, fixes #911)
  * [mod_redirect,mod_rewrite] fix segfault w/ invalid syntax (fixes #2892)
  * [mod_fastcgi] fix memleak with FastCGI auth,resp (fixes #2894)
  * [mod_alias] security: potential path traversal with specific configs
  * [mod_wstunnel] quiet 32-bit compiler warnings
  * [core] POLLRDHUP handling for transparent proxying
  * [mod_redirect,mod_rewrite] support up to 19 match
  * [core] add missing includes to quiet compiler warn
  * [mod_redirect,mod_rewrite] base64url encoding opt
  * [mod_rewrite] require rewrite result to begin '/'
  * [core] security: use-after-free invalid Range req
  * [core] reset var if FAMMonitorDirectory() fails
  * [core] option to propagate TCP FIN to backend host
  * mod_sockproxy - socket forwarding
  * [core] workaround Coverity cov-build bug with gcc7
  * [build] add missing file for test_burl
  * [core] quell insignificant coverity warning
  * [core] extend server.http-parseopts

Revision 1.75 / (download) - annotate - [select for diffs], Fri Jul 20 03:34:31 2018 UTC (4 years, 6 months ago) by ryoon
Branch: MAIN
Changes since 1.74: +2 -2 lines
Diff to previous 1.74 (colored)

Recursive revbump from textproc/icu-62.1

Revision 1.74 / (download) - annotate - [select for diffs], Tue Apr 17 21:35:18 2018 UTC (4 years, 9 months ago) by triaxx
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2
Changes since 1.73: +2 -2 lines
Diff to previous 1.73 (colored)

Bump revision

Revision 1.73 / (download) - annotate - [select for diffs], Tue Apr 17 20:11:15 2018 UTC (4 years, 9 months ago) by triaxx
Branch: MAIN
Changes since 1.72: +2 -2 lines
Diff to previous 1.72 (colored)

Change libmemcache dependency to libmemcached

See https://www.lighttpd.net/2017/10/21/1.4.46/

Revision 1.72 / (download) - annotate - [select for diffs], Tue Apr 17 11:27:11 2018 UTC (4 years, 9 months ago) by triaxx
Branch: MAIN
Changes since 1.71: +2 -2 lines
Diff to previous 1.71 (colored)

Fix manpage paths

Revision 1.71 / (download) - annotate - [select for diffs], Tue Apr 17 10:22:00 2018 UTC (4 years, 9 months ago) by triaxx
Branch: MAIN
Changes since 1.70: +6 -2 lines
Diff to previous 1.70 (colored)

Replace hardcoded paths with variables

Revision 1.70 / (download) - annotate - [select for diffs], Sat Apr 14 07:34:44 2018 UTC (4 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.69: +2 -1 lines
Diff to previous 1.69 (colored)

revbump after icu update

Revision 1.69 / (download) - annotate - [select for diffs], Mon Mar 12 09:00:59 2018 UTC (4 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2018Q1-base, pkgsrc-2018Q1
Changes since 1.68: +2 -3 lines
Diff to previous 1.68 (colored)

lighttpd: update to 1.4.49.

- 1.4.49 - 2018-03-11
  * [core] adjust offset if response header blank line
  * [mod_accesslog] %{canonical,local,remote}p (fixes #2840)
  * [core] support POLLRDHUP, where available (#2743)
  * [mod_proxy] basic support for HTTP CONNECT method (#2060)
  * [mod_deflate] fix deflate of file > 2MB w/o mmap
  * [core] fix segfault if tempdirs fill up (fixes #2843)
  * [mod_compress,mod_deflate] try mmap MAP_PRIVATE
  * [core] discard from socket using recv MSG_TRUNC
  * [core] report to stderr if errorlog path ENOENT (fixes #2847)
  * [core] fix base64 decode when char is unsigned (fixes #2848)
  * [mod_authn_ldap] fix mem leak when ldap auth fails (fixes #2849)
  * [core] warn if mod_indexfile after dynamic handler
  * [core] do not reparse request if async cb
  * [core] non-blocking write() to piped loggers
  * [mod_openssl] minor code cleanup; reduce var scope
  * [mod_openssl] elliptic curve auto selection (fixes #2833)
  * [core] check for path-info forward down path
  * [mod_authn_ldap] auth with ldap referrals (fixes #2846)
  * [core] code cleanup: separate physical path sub
  * [core] merge redirect/rewrite pattern substitution
  * [core] fix POST with chunked request body (fixes #2854)
  * [core] remove unused func
  * [doc] minor update to *outdated* doc
  * [mod_wstunnel] fix for frames larger than 64k (fixes #2858)
  * [core] fix 32-bit compile POST w/ chunked request body (#2854)
  * [core] add include sys/poll.h on Solaris (fixes #2859)
  * [core] fix path-info calculation in git master (fixes #2861)
  * [core] pass array_get_element_klen() const array *
  * [core] increase stat_cache abstraction
  * [core] open additional fds O_CLOEXEC
  * [core] fix CONNECT w strict header parsing enabled
  * [mod_extforward] CIDR support for trusted proxies (fixes #2860)
  * [core] re-enable overloaded backends w/ multi wkrs
  * [autoconf] reduce minimum automake version to 1.13
  * [mod_auth] constant time compare plain passwords
  * [mod_auth] check that digest realm matches config
  * [core] fix incorrect hash algorithm impl

Revision 1.68 / (download) - annotate - [select for diffs], Sun Jan 28 20:11:07 2018 UTC (5 years ago) by wiz
Branch: MAIN
Changes since 1.67: +2 -2 lines
Diff to previous 1.67 (colored)

Bump PKGREVISION for gdbm shlib major bump

Revision 1.67 / (download) - annotate - [select for diffs], Thu Nov 30 16:45:41 2017 UTC (5 years, 2 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base, pkgsrc-2017Q4
Changes since 1.66: +2 -1 lines
Diff to previous 1.66 (colored)

Revbump after textproc/icu update

Revision 1.66 / (download) - annotate - [select for diffs], Fri Nov 17 09:51:48 2017 UTC (5 years, 2 months ago) by adam
Branch: MAIN
Changes since 1.65: +2 -2 lines
Diff to previous 1.65 (colored)

lighttpd: updated to 1.4.48

This release fixes a few regressions from lighttpd 1.4.46 and adds
a new module mod_authn_sasl when lighttpd is built --with-sasl

Revision 1.65 / (download) - annotate - [select for diffs], Sun Oct 29 00:34:29 2017 UTC (5 years, 3 months ago) by schmonz
Branch: MAIN
Changes since 1.64: +2 -2 lines
Diff to previous 1.64 (colored)

Fix building without IPv6 and packaging without SSL.

Revision 1.64 / (download) - annotate - [select for diffs], Tue Oct 24 07:27:34 2017 UTC (5 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.63: +3 -3 lines
Diff to previous 1.63 (colored)

lighttpd: updated to 1.4.47

- 1.4.47
  * [mod_authn_gssapi] needs -lcom_err under Darwin
  * [core] stricter validation of request-URI begin
  * [core] fix 1.4.46 regression in config match
  * [core] normalize config addrs for != match
  * [core] normalize config addrs for eq and ne
  * [doc] use https:// URLs to .lighttpd.net resources
  * [core] fix 1.4.46 regression in Last-Modified

Revision 1.63 / (download) - annotate - [select for diffs], Mon Sep 18 09:53:38 2017 UTC (5 years, 4 months ago) by maya
Branch: MAIN
CVS Tags: pkgsrc-2017Q3-base, pkgsrc-2017Q3
Changes since 1.62: +2 -2 lines
Diff to previous 1.62 (colored)

revbump for requiring ICU 59.x

Revision 1.62 / (download) - annotate - [select for diffs], Thu Jun 22 12:49:56 2017 UTC (5 years, 7 months ago) by schmonz
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base, pkgsrc-2017Q2
Changes since 1.61: +2 -1 lines
Diff to previous 1.61 (colored)

Needs pkg-config, at least for some build options.

Revision 1.61 / (download) - annotate - [select for diffs], Wed Jun 21 19:27:36 2017 UTC (5 years, 7 months ago) by schmonz
Branch: MAIN
Changes since 1.60: +2 -2 lines
Diff to previous 1.60 (colored)

Add "webdav" option for fuller-featured WebDAV server support.

Revision 1.57.2.1 / (download) - annotate - [select for diffs], Sat Feb 25 09:18:10 2017 UTC (5 years, 11 months ago) by bsiegert
Branch: pkgsrc-2016Q4
Changes since 1.57: +2 -1 lines
Diff to previous 1.57 (colored) next main 1.58 (colored)

Pullup ticket #5213 - requested by he
www/lighttpd: bugfix

Revisions pulled up:
- www/lighttpd/Makefile                                         1.60
- www/lighttpd/distinfo                                         1.38
- www/lighttpd/patches/patch-src_fdevent__freebsd__kqueue.c     1.1

---
   Module Name:	pkgsrc
   Committed By:	he
   Date:		Sat Feb 11 21:13:08 UTC 2017

   Modified Files:
   	pkgsrc/www/lighttpd: Makefile distinfo
   Added Files:
   	pkgsrc/www/lighttpd/patches: patch-src_fdevent__freebsd__kqueue.c

   Log Message:
   Apply fix from https://redmine.lighttpd.net/issues/2788,
   per message to pkgsrc-users@ from Glenn Strauss.
   Bump PKGREVISION.

Revision 1.60 / (download) - annotate - [select for diffs], Sat Feb 11 21:13:08 2017 UTC (5 years, 11 months ago) by he
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base, pkgsrc-2017Q1
Changes since 1.59: +2 -1 lines
Diff to previous 1.59 (colored)

Apply fix from https://redmine.lighttpd.net/issues/2788,
per message to pkgsrc-users@ from Glenn Strauss.
Bump PKGREVISION.

Revision 1.59 / (download) - annotate - [select for diffs], Mon Jan 16 00:30:46 2017 UTC (6 years ago) by schmonz
Branch: MAIN
Changes since 1.58: +2 -2 lines
Diff to previous 1.58 (colored)

Update to 1.4.45. From the changelog:

* [mod_cgi] skip local-redir handling if to self (fixes #2779, #2108)
* [mod_webdav] fix crash when plugin_ctx cleaned up (fixes #2780)
* [mod_fastcgi] detect child exit, restart proactively
* [mod_scgi] detect child exit, restart proactively
* [TLS] ssl.read-ahead = "disable" for low mem (fixes #2778)

pkgsrc changes:

- Rename non-standard "memcache" option to "memcached" (retaining
  compatibility for the old option for a while)

Revision 1.58 / (download) - annotate - [select for diffs], Tue Jan 3 14:31:13 2017 UTC (6 years ago) by mef
Branch: MAIN
Changes since 1.57: +4 -2 lines
Diff to previous 1.57 (colored)

Updated www/lighttpd to 1.4.44
------------------------------
- 1.4.44
  * [mod_scgi] fix segfault (fixes #2762)
  * [mod_authn_gssapi] fix memory leak
  * [config] warn if mod_authn_ldap,mysql not listed
  * [mod_magnet] fix magnet_cgi_set() set of env vars (fixes #2763)
  * [mod_cgi] FreeBSD 9.3/MacOSX does not have pipe2() (fixes #2765)
  * [mod_extforward] fix crash on invalid IP (fixes #2766)
  * [mod_fastcgi] fix segfault if all backends down (fixes #2768)
  * [mod_cgi] fix out of sockets error for POST to CGI (fixes #2771)
  * [mod_auth] compile fix for Mac OS X XCode (fixes #2772)
  * [mod_authn_gssapi] better resource cleanup
  * [core] compile fix for Mac OS X 10.6 (old) (fixes #2773)
  * fix race in dynamic handler configs (reentrancy) (fixes #2774)
  * [mod_authn_mysql] close mysql_conn in cleanup
  * [mod_webdav] compile fix when locking not enabled
  * load mod_auth & mod_authn_file in sample/test.conf
  * comment out auth.backend.ldap.* in tests/*.conf
  * [mod_fastcgi,mod_scgi] warn if invalid "bin-path"
  * RAND_pseudo_bytes() is deprecated in openssl 1.1.0
  * openssl 1.1.0 init and cleanup
  * [mod_cgi] remove direct calls to network_backend*
  * [build] build network_*.c into lighttpd executable
  * suggest inclusion of mod_geoip... before mod_ssi.
  * set systemd settings similar to lighttpd2
  * [doc] remove reference to Linux rt-signals
  * [mod_authn_gssapi] fix missing error ret, coverity
  * [core] rename li_rand() to li_rand_pseudo_bytes()
  * remove #include "stream.h" where not used
  * [mod_cml] include lua headers before base.h
  * [core] combine duplicated connection reset code
  * [mod_ssi] produce content in subrequest hook
  * [core] remove srv->entropy[]
  * [core] defer li_rand_init() until first use
  * [core] permit connection-level state in modules
  * [mod_dirlisting] render dirlisting as HTML (fixes #2767)
  * [mod_proxy] replace HTTP Host sent to backend (fixes #2770)
  * [mod_ssi] basic recursive SSI include virtual (fixes #536)
  * [mod_ssi] implement, ignore <!--#comment ... -->
  * [core] consolidate duplicated read-to-close code
  * [core] fix segfault when parsing a bad config file
  * [core] support Transfer-Encoding: chunked req body (fixes #2156)
  * [autobuild] set NO_RDYNAMIC=yes for midipix
  * [mod_proxy] proxy.balance = "sticky" option (fixes #2117)
  * [mod_secdownload] warn if SHA used w/o SSL crypto
  * [build] compile fixes for AIX
  * [build] check for pipe2() at configure time
  * [mod_evhost] fix an incorrect error trace
  * [tests] mark tests/docroot/www/*.pl scripts a+x
  * [mod_cgi] fall back to pipe() if pipe2() fails
  * fix SCons fullstatic build with glibc pthreads
  * [TLS] openssl 1.1.0 makes SSL_OP_NO_SSLv2 no-op
(pkgsrc changes)
 - Add Selection on PLIST depending on options

Revision 1.57 / (download) - annotate - [select for diffs], Mon Oct 17 22:00:22 2016 UTC (6 years, 3 months ago) by nros
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base
Branch point for: pkgsrc-2016Q4
Changes since 1.56: +2 -2 lines
Diff to previous 1.56 (colored)

Updated lighttpd to version 1.4.42.
Added geoip build option.

Changelog:
  * [TLS] SSL_shutdown() only if handshake finished
  * [mod_proxy,mod_scgi] shutdown remote only if local (#2743)
  * [core] check if client half-closed TCP if POLLHUP (#2743)
  * [core] enforce wait for POLLWR after EINPROGRESS (fixes #2744)
  * [core] do not enter handler twice after read body
  * [core] proxy,scgi omit shutdown() to backend (fixes #2743)
  * [mod_dirlisting] dirlist does not handle POST
  * [mod_dirlisting] js column sort for dirlist table (fixes #613, fixes #2315)
  * [mod_auth] Digest auth fails after rewrite (fixes #2745)
  * [mod_auth] refactor out auth backend code
  * [mod_auth] extensible interface for auth backends
  * [core] better DragonFlyBSD support (fixes #2746)
  * [mod_auth] include base.h for USE_OPENSSL def
  * [mod_auth] support CRYPT-MD5-NTLM algorithm (fixes #1743)
  * [mod_auth] terminate salt for CRYPT-MD5-NTLM
  * [core] fix crash if ready events on abandoned fd (fixes #2748)
  * [mod_auth] http_auth_md5_hex2bin()
  * [mod_auth] remove empty mod_auth.h
  * [mod_auth] mod_authn_mysql.c MySQL auth backend (fixes #752, fixes #1845)
  * [mod_cgi] permit CGI exec of unreadable files (fixes #2374)
  * [mod_uploadprogress] add to default build
  * [mod_geoip] add to default build (fixes #2705, fixes #2101, fixes #2092,
    fixes #2025, fixes #1962, fixes #1938)
  * [mod_fastcgi] Authorizer support with Responder (fixes #321, fixes #322)
  * [tests] test coverage for issues (#321, #322)
  * dynamic handlers store debug flag in handler_ctx
  * [mod_fastcgi] allow authorizer, responder for same path/ext (#321)
  * backport mod_deflate to lighttpd 1.4 (fixes #1824, fixes #2753)
  * [autobuild] test_configfile might need vector.c (fixes #2752)
  * [mod_deflate] fix longjmp clobber compiler warning
  * remove unused array type TYPE_COUNT data_count
  * [mod_auth] structured data, register auth schemes
  * [mod_auth] mod_authn_gssapi Kerberos auth backend (fixes #1899)
  * [autobuild] skip two new tests if no fcgi-auth
  * [SCons] define with_krb5 for SCons build
  * [SCons] fix syntax error in SConstruct
  * [SCons] define with_geoip for SCons build
  * [CMake] fix clang -Wcast-align warnings in lemon.c
  * remove excess initializers (fix compiler warnings)
  * fix errors detected by Coverity Scan
  * performance: use Linux extended syscalls and flags
  * [mod_scgi] add uwsgi protocol support
  * [mod_auth] refactor LDAP code into smaller funcs
  * [mod_auth] HTTP Basic auth backends also do authz (#1817)
  * [mod_auth] ldap filter subst user for multiple '$' (fixes #1508)
  * [mod_auth] permit specifying ldap DN; skip search (fixes #1248)
  * [autobuild] update module/feature report
  * [cmake] build mod_authn_gssapi if WITH_KRB5
  * [mod_auth] fix printing of IP in error trace
  * [mod_mysql_vhost] support multiple '?' replacement (fixes #2163)
  * [core] make server.max-request-size scopeable (#1901)
  * [core] server.max-request-field-size (fixes #2130)
  * [core] optional condition in config "else" clause (fixes #1268)
  * [core] restrict where config "else" clauses occur (#1268)
  * silence warnings from clang ccc-analyzer
  * consistent, shared code to create CGI env
  * [TLS] replace env entries in https_add_ssl_entries
  * [TLS] set SSL_CLIENT_M_SERIAL w/ client cert SN (fixes #2268)
  * [TLS] set SSL_CLIENT_VERIFY w/ client cert (#1288, #2693)
  * [TLS] set SSL_PROTOCOL, SSL_CIPHER* (fixes #2511)
  * [core] rand.[ch] to use better RNGs when available
  * [mod_cgi] fix pipe_cloexec() when no O_CLOEXEC
  * ignore return value from fcntl() FD_CLOEXEC
  * build w/o compiler warnings if no zlib or bz2lib

Revision 1.56 / (download) - annotate - [select for diffs], Mon Aug 1 09:25:20 2016 UTC (6 years, 6 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2016Q3-base, pkgsrc-2016Q3
Changes since 1.55: +2 -2 lines
Diff to previous 1.55 (colored)

Updated lighttpd to 1.4.41.

- 1.4.41
  * remove long-deprecated, non-functional config opts
  * [config] inherit server.use-ipv6 and server.set-v6only (fixes #678)
  * [mod_auth] fix Digest auth to be better than Basic (fixes #1844)
  * [mod_ssi] fix #config sizefmt="bytes"
  * [autobuild] move inet_pton detection later
  * [core] #include <sys/filio.h> for FIONREAD (fixes #2726)
  * [autobuild] clock_gettime() -lrt with glibc < 2.17
  * [security] do not emit HTTP_PROXY to CGI env
  * [build_cmake] clock_gettime() -lrt w/ glibc < 2.17 (fixes #2737)
  * [core] avoid spurious trace and error abort
  * [core] stay in CON_STATE_CLOSE until done with req
  * [core] $HTTP["remoteip"] must handle IPv6 w/o []
  * [mod_status] show keep-alive status w/ text output (fixes #2740)
  * do not set REDIRECT_URI in mod_magnet, mod_rewrite (#2738)
  * revert 1.4.40 swap of REQUEST_URI, REDIRECT_URI (fixes #2738)
  * [core] permit IPv6 address scope identifier
  * [TLS] better handling of SSL_ERROR_WANT_READ/WRITE
  * [TLS] read all available records from SSL_read()
  * [core] try AF_INET after AF_INET6 if use-ipv6
  * [core] set chunkqueue tempdirs at startup
  * [security] ensure gid != 0 if server.username set (fixes #2725)
  * [security] disable stat_cache if !follow-symlink (fixes #2724)
  * [core] fix buffer_copy_string_hex() assert (fixes #2742)
  * [security] encode quoting chars in HTML and XML
  * [cmake] always define _GNU_SOURCE
  * [cmake] enable warnings for GCC and Clang
  * [cmake] set cmake_minimum_required to 2.8.2

Revision 1.55 / (download) - annotate - [select for diffs], Tue Jul 19 19:40:48 2016 UTC (6 years, 6 months ago) by wiz
Branch: MAIN
Changes since 1.54: +2 -3 lines
Diff to previous 1.54 (colored)

Updated lighttpd to 1.4.40.

- 1.4.40
  * [mod_ssi] enhance support for ssi vars (thx fbrosson)
  * add handling for lua 5.2 and 5.3 (fixes #2674)
  * use libmemcached instead of deprecated libmemcache
  * add force_assert for more allocation results
  * [mod_cgi] use MAP_PRIVATE to mmap temporary file (fixes #2715)
  * [core] do not send SIGHUP to process group unless server.max-workers is used (fixes #2711)
  * [mod_cgi] edge case chdir "/" when docroot "/" (fixes #2460)
  * [mod_cgi] issue trace and exit if execve() fails (closes #2302)
  * [configparser] don't continue after parse error (fixes #2717)
  * [core] never evaluate else branches until the previous branches are ready (fixes #2598)
  * [core] fix conditional cache handling
  * [core] improve conditional enabling (thx Gwenlliana, #2598)
  * [mod_compress] case-insensitive content-codings (fixes #2645)
  * [plugins] don't include dlfcn.h if not needed (fixes #2548)
  * [mod_fastcgi] 404 for X-Sendfile file not found (fixes #2474)
  * [mod_cgi] send 500 if CGI ends and there is no response (fixes #2542)
  * [mod_cgi] consolidate CGI cleanup code
  * [mod_cgi] simplify mod_cgi_handle_subrequest()
  * [mod_cgi] kill CGI if fail to write request body
  * [mod_proxy] use case-insensitive comparision to filter headers, send Connection: Close to backend (fixes #421)
  * [mod_dirlisting] dir-listing.hide-dotfiles = "enabled" by default (fixes #1081)
  * [mod_secdownload] fix buffer overflow in secdl_verify_mac (reported by Fortify Open Review Project)
  * [mod_fastcgi,mod_scgi] fix leaking file-descriptor when backend spawning failed (reported by Fortify Open Review Project)
  * [core] improve array API to prevent memory leaks
  * [core] refactor array search; raise array size limit to SSIZE_MAX
  * [core] fix memory leak in configparser_merge_data
  * [core] provide array_extract_element and use it
  * [core] configparser: error on duplicate keys in array merge (fixes #2685)
  * [core] more careful parse of $SERVER["socket"] config str (prepare #2204)
  * [core] accept $SERVER["socket"] without port, use server.port as fallback (fixes #2204)
  * [mod_magnet] define lua_pushglobaltable (for lua5.1) and use it (fixes #2719)
  * [ssl] support disabling ssl.verifyclient.activate in SNI callback (fixes #2531)
  * restart (some) syscalls after SIGCHLD interrupted them; should fix LDAP problems (fixes #2464)
  * [core] log remote address on request timeouts (fixes #652)
  * [autobuild] use AC_CANONICAL_HOST instead of AC_CANONICAL_TARGET (fixes #1866)
  * [core] fix request_start in keep-alive requests to mark time when received first byte (fixes #2412)
  * [core] truncate pidfile on exit (fixes #2695)
  * consistent inclusion of config.h at top of files (fixes #2073)
  * [core] add generic vector implementation
  * [core] replace array weakref with vector
  * [base64] fix crash due to broken force_assert
  * [unittests] add test_buffer and test_base64 unit tests
  * [buffer] refactor buffer_path_simplify (fixes #2560)
  * validate return values from strtol, strtoul (fixes #2564)
  * [mod_ssi] Add SSI vars SCRIPT_{URI,URL} and REQUEST_SCHEME (fixes #2721)
  * [config] warn if server.upload-dirs has non-existent dirs (fixes #2508)
  * [mod_proxy] accept LF delimited headers, not just CRLF (fixes #2594)
  * [core] wait for grandchild to be ready when daemonizing (fixes #2712, thx pasdVn)
  * [core] respond 411 Length Required if request has Transfer-Encoding: chunked (fixes #631)
  * [core] fixed the loading for default modules if they are specified explicitly
  * [core] lighttpd -tt performs preflight startup checks (fixes #411)
  * [stat] mimetype.xattr-name global config option (fixes #2631)
  * [mod_webdav] allow Depth: Infinity lock on file (fixes #2296)
  * [mod_status] use snprintf() instead of sprintf()
  * pass buf size to li_tohex()
  * use li_[iu]tostrn() instead of li_[iu]tostr()
  * [stream] fstat() after open() to obtain file size
  * [core] clean up srv before exiting for lighttpd -[vVh]
  * [mod_fastcgi,mod_scgi] check for spawning on same unix socket (fixes #319)
  * [mod_cgi] always set QUERY_STRING (fixes #1339)
  * [mod_auth] send charset="UTF-8" in WWW-Authenticate (fixes #1468)
  * [mod_magnet] rename var for clarity (fixes #1483)
  * [mod_extforward] reset cond_cache for scheme (fixes #1499)
  * [mod_webdav] readdir POSIX compat (fixes #1826)
  * [mod_expire] reset caching response headers for error docs (fixes #1919)
  * [mod_status] page refresh option (fixes #2170)
  * [mod_status] table w/ count of con states (fixes #2427)
  * [mod_dirlisting] class for dir <tr> (fixes #2304)
  * [core] define __STDC_WANT_LIB_EXT1__ (fixes #2722)
  * [core] setrlimit max-fds <= rlim_max for non-root (fixes #2723)
  * [mod_ssi] config ssi.conditional-requests
  * [mod_ssi] config ssi.exec (fixes #2051)
  * [mod_redirect,mod_rewrite] short-circuit if blank replacement (fixes #2085)
  * [mod_indexfile] save physical path to env (fixes #448, #892)
  * [core] open fd when appending file to cq (fixes #2655)
  * [config] server.listen-backlog option (fixes #1825, #2116)
  * [core] retry tempdirs on partial write, ENOSPC (fixes #2588)
  * [core] compile with upcoming openssl 1.1.0 release (fixes #2727)
  * [core] improve dynamic handler control flow logic
  * [core] defer reading request body until handle subrequest (fixes #2541)
  * [core] always poll for client POLLHUP/POLLERR events (fixes #399)
  * [mod_fastcgi,mod_scgi,mod_proxy] handlers can read response before sending req body (fixes #131, #2566)
  * [mod_cgi] asynchronous send of request body to CGI
  * [core] compile with upcoming openssl 1.1.0 release (fixes #2727)
  * [core] set REDIRECT_STATUS to error_handler_saved_status (fixes #1828)
  * [core] server.error-handler new directive for error pages (fixes #2702)
  * [core] support IPv6 in $HTTP["remote-ip"] CIDR cond match (fixes #2706)
  * [core] http_response_send_file() shared code (#2017)
  * [mod_fastcgi] use http_response_xsendfile() (fixes #799, fixes #851, fixes #2017, fixes #2076)
  * [mod_scgi] X-Sendfile feature (fixes #2253)
  * [mod_cgi] X-Sendfile feature (fixes #2313)
  * [mod_webdav] lseek,read if fs can not mmap (#2666, fixes #962)
  * [mod_compress] use mmap and trap SIGBUS (#2666, fixes #1879)
  * fallback to lseek()/read() if mmap() fails (#fixes 2666)
  * [mod_auth] skip blank lines and comment lines (fixes #2327)
  * [core] fallback to write if sendfile not supported (fixes #471, #987)
  * [core] preserve PATH_INFO case on case-insensitive fs (fixes #406)
  * [mod_ssi, mod_cml] set DOCUMENT_ROOT to basedir (fixes #2383)
  * [core] cmd line opt to shutdown after idle time limit (fixes #2696)
  * [core] lighttpd -1 handles single request on stdin socket (fixes #1584)
  * [mod_fastcgi,mod_scgi] IPv6 support (fixes #2372)
  * [mod_status] add JSON output option (fixed #2432)
  * [mod_webdav] map COPY/MOVE Destination to aliases (fixes #1787)
  * [mod_webdav] improve PROPFIND,PROPPATCH (#1818, #1953)
  * [core] reset response headers, write_queue for error docs
  * build with libressl
  * static build instructions using SCons or make
  * [mod_auth] preserve WWW-Authenticate for error docs (fixes #2730)
  * check close() return code after writing to file
  * adjustments for openssl 1.1.0 pre-release
  * [config] support include file glob (fixes #1221)
  * [mod_evasive] 302 redirect option if limit reached (fixes #2199)
  * [build] enhancements for cross-compiling (fixes #2276)
  * [mod_accesslog] report aborted con state with %X (fixes #1890)
  * [mod_ssi] fix SSI statement parser
  * [mod_ssi] include relative to alias,userdir (fixes #222)
  * [mod_ssi] add PCRE_* options to constrain regex
  * [mod_ssi] more flexible quoting (fixes #1768)
  * [core] wrap IPv6 literal in "[]" in redirect URL
  * [mod_ssi] fix parse of tag across buf boundary (fixes #2732)
  * [mod_cgi,mod_scgi] X-Sendfile sets file_started (fixes #2733)
  * [mod_fastcgi] no chunked response w/ X-Sendfile (fixes #2733)
  * [config] opts for http header parsing strictness (fixes #551,
  fixes #1086, fixes #1184, fixes #2143, #2258, #2281, fixes #946,
  fixes #1330, fixes #602, #1016)
  * [config] normalize IP strings in lighttpd.conf
  * [build_cmake] use MODULE on Mac OS X (fixes #1761)
  * [config] server.bsd-accept-filter option
  * [mod_webdav] create file w/ LOCK request if ENOENT
  * [core] buffer large responses to tempfiles (fixes #758, fixes #760, fixes #933, fixes #1387, #1283, fixes #2083)
  * [core] stream response to client (#949)
  * [TLS] release openssl buffers as used (fixes #1265, fixes #1283, #881)
  * [config] config options to stream request/response (#949, #376)
  * [core] option to stream request body to backend (fixes #376)
  * [core] option to stream response body to client (fixes #949, #760, #1283, #1387)
  * drain backend socket/pipe bufs upon FDEVENT_HUP
  * remove excess calls to joblist_append()
  * defer choosing "Transfer-Encoding: chunked"
  * asynchronous, bidirectional streaming options
  * fix errors detected by Coverity Scan
  * [cygwin] fix mod_proxy and mod_fastcgi ioctl use
  * [mod_webdav] remove excess SQL param to UNLOCK
  * graceful shutdown without unnecessary 1 sec delay
  * [core] disable Nagle algorithm (TCP_NODELAY)
  * [core] add declarations to fdevent.h (#2373)
  * [tests] remove dependency on CGI.pm
  * [TLS] fix return value checks during cert init
  * [core] fix server.max-request-size to be precise (fixes #2131)
  * [mod_webdav] fix proppatch mem leak, other fixes (#fixes 1334, #fixes 2000)
  * [autobuild] CMake check for struct tm tm_gmtoff (fixes #2014)
  * [mod_uploadprogress] fix mem leak (#1858)
  * [core] make server.max-request-size scopeable (fixes #1901)
  * [mod_fastcgi,mod_scgi] check for spawning on same unix socket (#319)
  * [mod_accesslog] %a %A %C %D %k %{}t %{}T (fixes #1145, fixes
  #1415, fixes #2081)
  * [mod_access] new directive url.access-allow (fixes #1421)
  * [core] fdevent_libev: update use of ev_timer
  * [mod_cgi] handle local redirect response (fixes #2108)

Revision 1.54 / (download) - annotate - [select for diffs], Sat Mar 5 11:29:37 2016 UTC (6 years, 10 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2016Q2-base, pkgsrc-2016Q2, pkgsrc-2016Q1-base, pkgsrc-2016Q1
Changes since 1.53: +2 -1 lines
Diff to previous 1.53 (colored)

Bump PKGREVISION for security/openssl ABI bump.

Revision 1.53 / (download) - annotate - [select for diffs], Thu Jan 28 13:10:17 2016 UTC (7 years ago) by mef
Branch: MAIN
Changes since 1.52: +2 -2 lines
Diff to previous 1.52 (colored)

Update to 1.4.39
----------------
 - 1.4.39  2015-12-19
  * [core] fix memset_s call (fixes #2698)
  * [chunk] fix use after free / double free (fixes #2700)

Revision 1.52 / (download) - annotate - [select for diffs], Mon Dec 28 14:34:30 2015 UTC (7 years, 1 month ago) by mef
Branch: MAIN
Changes since 1.51: +2 -2 lines
Diff to previous 1.51 (colored)

Update to 1.4.38
----------------------
- 1.4.38 - 2015-12-05
  * [stat-cache] fix handling of collisions, might have returned wrong
    data (fixes #2669)
  * [core] allocate at least 4k buffer for incoming data
  * [core] fix search for header end if split across chunks (fixes #2670)
  * [core] check configparserAlloc() result with force_assert
  * [mod_auth] implement and use safe_memclear, using memset_s or
    explicit_bzero if available (thx loganaden)
  * [core] don't buffer request bodies smaller than 64k on disk
  * add force_assert for many allocations and function results
  * [mod_secdownload] use a hopefully constant time comparison to check
    hash (fixes #2679)
  * [config] check config option scope; warn if server option is given
    in conditional
  * [core] revert increase of temp file size back to 1MB, provide a
    configure option "server.upload-temp-file-size" instead (fixes
    #2680)
  * [core] add '~' to safe characters in
    ENCODING_REL_URI/ENCODING_REL_URI_PART encoding
  * [core] encode path with ENCODING_REL_URI in redirect to directory
    (fixes #2661, thx gstrauss)
  * [mod_secdownload] add required algorithm option; old behaviour
    available as "md5", new options "hmac-sha1" and "hmac-sha256"
  * [mod_fastcgi/mod_scgi] zero sockaddr structs before use (fixes
    #2691, thx Kyle J. McKay)
  * [network] add darwin-sendfile backend (fixes #2687, thx Kyle J. McKay)
  * [core] show correct crypt support result (fixes #2690, thx Kyle J. McKay)

Revision 1.51 / (download) - annotate - [select for diffs], Tue Sep 1 11:54:30 2015 UTC (7 years, 5 months ago) by mef
Branch: MAIN
CVS Tags: pkgsrc-2015Q4-base, pkgsrc-2015Q4, pkgsrc-2015Q3-base, pkgsrc-2015Q3
Changes since 1.50: +2 -2 lines
Diff to previous 1.50 (colored)

Update to 1.4.37
----------------
- 1.4.37
  * [mod_proxy] remove debug log line from error log (fixes #2659)
  * [mod_dirlisting] fix dir-listing.set-footer not showing
  * fix out-of-filedescriptors when uploading "large" files (fixes #2660, thx rmilecki)
  * increase upload temporary chunk file size from 1MB to 16MB
  * fix undefined integer shift
  * rewrite network sendfile/mmap/writev/write backends
  * fix some unchecked return value warnings
  * [kqueue] fix kevent call
  * [autoconf] define HAVE_CRYPT when crypt() is present
  * [bsd xattr] fix compile break with BSD extended attributes in stat_cache
  * [mod_cgi] rewrite mmap and generic (post body) send error handling
  * [mmap] fix mmap alignment
  * [plugins] when modules are linked statically still only load the modules given in the config
  * [mmap] handle SIGBUS in network; those get triggered if the file gets smaller during reading
  * fix some warnings found by coverity ("leak" in setup phase, not catching too long unix socket paths in mod_proxy)

Revision 1.50 / (download) - annotate - [select for diffs], Tue Jul 28 09:51:49 2015 UTC (7 years, 6 months ago) by youri
Branch: MAIN
Changes since 1.49: +2 -3 lines
Diff to previous 1.49 (colored)

Update to 1.4.36,

This release contains mostly bug fixes.

Important changes
-----------------
- [ssl] disable SSL3.0 by default
- escape all strings for logging
- fix segfault when temp file for upload couldn be created (found by coverity)
- changes to the internal API for buffers, chunks and more; 3rd party plugins are likely to break

Revision 1.49 / (download) - annotate - [select for diffs], Sun Oct 19 22:27:48 2014 UTC (8 years, 3 months ago) by alnsn
Branch: MAIN
CVS Tags: pkgsrc-2015Q2-base, pkgsrc-2015Q2, pkgsrc-2015Q1-base, pkgsrc-2015Q1, pkgsrc-2014Q4-base, pkgsrc-2014Q4
Changes since 1.48: +2 -2 lines
Diff to previous 1.48 (colored)

Revbump after lang/lua51 update.

Revision 1.48 / (download) - annotate - [select for diffs], Sat Jun 14 10:18:34 2014 UTC (8 years, 7 months ago) by wiedi
Branch: MAIN
CVS Tags: pkgsrc-2014Q3-base, pkgsrc-2014Q3, pkgsrc-2014Q2-base, pkgsrc-2014Q2
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)

fix SMF Manifest installation by not overwriting INSTALLATION_DIRS

Revision 1.47 / (download) - annotate - [select for diffs], Sat May 3 13:14:39 2014 UTC (8 years, 9 months ago) by alnsn
Branch: MAIN
Changes since 1.46: +2 -1 lines
Diff to previous 1.46 (colored)

Revbump for Lua multiversion support.

Revision 1.46 / (download) - annotate - [select for diffs], Tue Apr 22 19:01:52 2014 UTC (8 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.45: +2 -3 lines
Diff to previous 1.45 (colored)

Changes 1.4.35:
This release contains a lot of bug fixes, many detected by scan.coverity.com (and more to come). The main reason for the release is a fix for an SQL injection (and path traversal) bug triggered by specially crafted (and invalid) Host: headers.

Revision 1.45 / (download) - annotate - [select for diffs], Wed Feb 12 23:18:45 2014 UTC (8 years, 11 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1
Changes since 1.44: +2 -1 lines
Diff to previous 1.44 (colored)

Recursive PKGREVISION bump for OpenSSL API version bump.

Revision 1.44 / (download) - annotate - [select for diffs], Thu Jan 23 13:21:04 2014 UTC (9 years ago) by joerg
Branch: MAIN
Changes since 1.43: +2 -2 lines
Diff to previous 1.43 (colored)

Drop maintainership, haven't used it in ages.

Revision 1.43 / (download) - annotate - [select for diffs], Thu Jan 23 13:20:12 2014 UTC (9 years ago) by adam
Branch: MAIN
Changes since 1.42: +2 -2 lines
Diff to previous 1.42 (colored)

Changes 1.4.34:
* [mod_auth] explicitly link ssl for SHA1 (fixes 2517)
* [mod_extforward] fix compilation without IPv6, (not) using undefined var (fixes 2515, thx mm)
* [ssl] fix SNI handling; only use key+cert from SNI specific config (fixes 2525, CVE-2013-4508)
* [doc] update ssl.cipher-list recommendation
* [stat-cache] FAM: fix use after free (CVE-2013-4560)
* [stat-cache] fix FAM cleanup/fdevent handling
* [core] check success of setuid,setgid,setgroups (CVE-2013-4559)
* [ssl] fix regression from CVE-2013-4508 (client-cert sessions were broken)
* maintain physical.basedir (the "acting" doc-root as prefix of physical.path) in more places
* [core] decode URL before rewrite, enabling it to work in $HTTP["url"] conditionals (fixes 2526)
* [auto* build] remove -no-undefined from linker flags, as we actually link modules with undefined symbols (fixes 2533)
* [mod_mysql_vhost] fix memory leak on config init (2530)
* [mod_webdav] fix fd leak found with parfait (fixes 2530, thx kukackajiri)

Revision 1.42 / (download) - annotate - [select for diffs], Tue Oct 29 19:54:11 2013 UTC (9 years, 3 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2013Q4-base, pkgsrc-2013Q4
Changes since 1.41: +3 -4 lines
Diff to previous 1.41 (colored)

Changes 1.4.32:
mod_fastcgi: fix mix up of ode=> uthorizerin other fastcgi configs (fixes 2465, thx peex)
fix handling of If-Modified-Since if If-None-Match is present (don return 412 for date parsing errors);
follow current draft for HTTP/1.1, which tells us to ignore If-Modified-Since if we have matching etags.
[mod_fastcgi,log] support multi line logging (fixes 2252)
call ERR_clear_error only for ssl connections in CON_STATE_ERROR
reject non ASCII characters in HTTP header names
[mod_auth] use crypt() on encrypted password instead of extracting salt first (fixes 2483)
[mod_auth] add htpasswd -s (SHA1) support if openssl is used (needs openssl for SHA1). This doesn use any salt, md5 with salt is probably better.
[mod_auth] fix base64_decode (2484)
fix some bugs found with canalyze (fixes 2484, thx Zhenbo Xu)
fix undefined stuff found with clang
[cmake] Use TARGET_LINK_LIBRARIES instead of LINK_FLAGS for library dependencies, also add Wl,-as-needed to extra warnings (fixes 2448)
[mod_auth] fix invalid read in digest qop=auth-int handling (fixes 2478)
[auto* build] simplify autogen.sh, handle automake 1.13 test running (fixes 2490)
[mod_userdir] add userdir.active option, nabledby default
[core] return 501 Not Implemented in static file mode for all methods except GET/POST/HEAD/OPTIONS
[core] recognize more http methods to forward to backends (fixes 2346)
[ssl] use DH only if openssl supports it (fixes 2479)
[network] use constants available at compile time for maximum number of chunks for writev instead of calling sysconf (fixes 2470)
[ssl] Fix $HTTP[chemeپ conditional, could be ttpfor ssl connections if the ssl $SERVER[ocketپ conditional was nested (fixes 2501)
[ssl] accept ssl renegotiations if they are not disabled (fixes 2491)
[ssl] add option ssl.empty-fragments, defaulting to disabled (fixes 2492)
[auth] put REMOTE_USER into cgi environment, making it accessible to lua via lighty.req_env (fixes 2495)
[auth] new method xternto use already present REMOTE_USER (from magnet, ssl,  (fixes 2436)
[core] remove requirement that default doc-root has to exist, there are reasonable scenarios not requiring static files at all
[core] check whether server.chroot exists
[mod_simple_vhost] fix cache; skip module if simple-vhost.server-root is empty (thx rm for reporting)
[mod_accesslog] add accesslog.syslog-level option (fixes 2480)
[core] allow files to be used as document-root (fixes 2475)
[core] set signal handlers before forking child processes in modules/plugins_call_set_defaults (fixes 2502)

Revision 1.41 / (download) - annotate - [select for diffs], Thu Jul 4 21:27:59 2013 UTC (9 years, 6 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2013Q3-base, pkgsrc-2013Q3
Changes since 1.40: +2 -2 lines
Diff to previous 1.40 (colored)

Revbump after updating lang/lua to 5.2.2.

Revision 1.40 / (download) - annotate - [select for diffs], Wed Mar 13 13:28:09 2013 UTC (9 years, 10 months ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2, pkgsrc-2013Q1-base, pkgsrc-2013Q1
Changes since 1.39: +5 -1 lines
Diff to previous 1.39 (colored)

tell required user/group to pkgsrc framework.

Revision 1.39 / (download) - annotate - [select for diffs], Sat Mar 2 20:33:34 2013 UTC (9 years, 11 months ago) by wiz
Branch: MAIN
Changes since 1.38: +2 -2 lines
Diff to previous 1.38 (colored)

Bump PKGREVISION for mysql default change to 55.

Revision 1.38 / (download) - annotate - [select for diffs], Wed Feb 6 23:24:01 2013 UTC (9 years, 11 months ago) by jperkin
Branch: MAIN
Changes since 1.37: +2 -2 lines
Diff to previous 1.37 (colored)

PKGREVISION bumps for the security/openssl 1.0.1d update.

Revision 1.37 / (download) - annotate - [select for diffs], Fri Jan 11 11:00:02 2013 UTC (10 years ago) by fhajny
Branch: MAIN
Changes since 1.36: +2 -2 lines
Diff to previous 1.36 (colored)

Fix dynamic extension loading on SunOS, where successful dlopen() may
return non-NULL too and lighttpd was evaluating as failure.
Bump PKGREVISION.

Revision 1.36 / (download) - annotate - [select for diffs], Sun Dec 16 01:52:38 2012 UTC (10 years, 1 month ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2012Q4-base, pkgsrc-2012Q4
Changes since 1.35: +2 -1 lines
Diff to previous 1.35 (colored)

recursive bump from cyrus-sasl libsasl2 shlib major bump.

Revision 1.33.2.1 / (download) - annotate - [select for diffs], Sat Dec 1 12:07:23 2012 UTC (10 years, 2 months ago) by tron
Branch: pkgsrc-2012Q3
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored) next main 1.34 (colored)

Pullup ticket #3976 - requested by drochner
www/lighttpd: security update

Revisions pulled up:
- www/lighttpd/Makefile                                         1.35
- www/lighttpd/distinfo                                         1.23

---
   Module Name:    pkgsrc
   Committed By:   drochner
   Date:           Fri Nov 23 13:12:49 UTC 2012

   Modified Files:
           pkgsrc/www/lighttpd: Makefile distinfo

   Log Message:
   update to 1.4.32
   fixes a DOS problem (CVE-2012-5533)

Revision 1.35 / (download) - annotate - [select for diffs], Fri Nov 23 13:12:49 2012 UTC (10 years, 2 months ago) by drochner
Branch: MAIN
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)

update to 1.4.32
fixes a DOS problem (CVE-2012-5533)

Revision 1.34 / (download) - annotate - [select for diffs], Sun Oct 28 06:30:20 2012 UTC (10 years, 3 months ago) by asau
Branch: MAIN
Changes since 1.33: +1 -3 lines
Diff to previous 1.33 (colored)

Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.

Revision 1.33 / (download) - annotate - [select for diffs], Wed Aug 1 11:25:22 2012 UTC (10 years, 6 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2012Q3-base
Branch point for: pkgsrc-2012Q3
Changes since 1.32: +21 -3 lines
Diff to previous 1.32 (colored)

Update www/lighttpd to 1.4.31.

Changes from 1.4.30
- [ssl] fix segfault in counting renegotiations for openssl versions
  without TLSEXT/SNI (thx carpii for reporting)
- Move fdevent subsystem includes to implementation files to reduce
  conflicts (fixes #2373)
- [mod_compress] fix handling if etags are disabled but cache-dir
  is set - may lead to double response
- disable mmap by default (fixes #2391)
- buffer_caseless_compare: always convert letters to lowercase to get
  transitive results, fixing array lookups (fixes #2405)
- Fix handling of empty header list entries in http_request_split_value,
  fixing invalid read in valgrind (fixes #2413)
- Fix access log escaping of " and \\ (fixes #1551)
- [mod_auth] Fix digest "md5-sess" implementation (Errata ID 1649,
  RFC 2617) (fixes #2410)
- [auth] Add "AUTH_TYPE" environment (for * cgi), remove fastcgi specific
  workaround, add fastcgi test case (fixes #889)
- [mod_*cgi,mod_accesslog] Fix splitting :port with ipv6 (fixes #2333,
  thx simoncpu)
- Detect multiple -f options: show error message instead of assert
  (fixes #2416)
- [mod_extforward] Support ipv6 addresses (fixes #1889)
- [mod_redirect] Support url.redirect-code option (fixes #2247)
- Fix --enable-mmap handling in configure.ac

Changes from 1.4.29
- Always use our 'own' md5 implementation, fixes linking issues on MacOS
  (fixes #2331)
- Limit amount of bytes we send in one go; fixes stalling in one connection
  and timeouts on slow systems.
- [ssl] fix build errors when Elliptic-Curve Diffie-Hellman is disabled
- Add static-file.disable-pathinfo option to prevent handling of urls like
  .../secret.php/image.jpg as static file
- Don't overwrite 401 (auth required) with 501 (unknown method) (fixes #2341)
- Fix mod_status bug: always showed "0/0" in the "Read" column for uploads
  (fixes #2351)
- [mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362)
- [ssl] count renegotiations to prevent client renegotiations
- [ssl] add option to honor server cipher order (fixes #2364, BEAST attack)
- [core] accept dots in ipv6 addresses in host header (fixes #2359)
- [ssl] fix ssl connection aborts if files are larger than
  the MAX_WRITE_LIMIT (256kb)
- [libev/cgi] fix waitpid ECHILD errors in cgi with libev (fixes #2324)

Revision 1.32 / (download) - annotate - [select for diffs], Sat Mar 3 00:14:06 2012 UTC (10 years, 11 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2012Q2-base, pkgsrc-2012Q2, pkgsrc-2012Q1-base, pkgsrc-2012Q1
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)

Recursive bump for pcre-8.30* (shlib major change)

Revision 1.31 / (download) - annotate - [select for diffs], Tue Jan 24 09:11:17 2012 UTC (11 years ago) by sbd
Branch: MAIN
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)

Recursive dependency bump for databases/gdbm ABI_DEPENDS change.

Revision 1.30 / (download) - annotate - [select for diffs], Tue Jan 17 21:43:21 2012 UTC (11 years ago) by sbd
Branch: MAIN
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)

Convert packages with add --libdir=* to CONFIGURE_ARGS to use
GNU_CONFIGURE_LIBDIR or GNU_CONFIGURE_LIBSUBDIR.

Revision 1.29 / (download) - annotate - [select for diffs], Wed Nov 30 11:13:59 2011 UTC (11 years, 2 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2011Q4-base, pkgsrc-2011Q4
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)

add patch from upstream to fix sign extension bug which can lead
to out-of-bounds array read
(possible DOS, CVE-2011-4362)
bump PKGREV

Revision 1.28 / (download) - annotate - [select for diffs], Tue Aug 23 13:06:54 2011 UTC (11 years, 5 months ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2011Q3-base, pkgsrc-2011Q3
Changes since 1.27: +2 -1 lines
Diff to previous 1.27 (colored)

Recursive bump from gdbm shlib bump.

Revision 1.27 / (download) - annotate - [select for diffs], Thu Jul 14 19:59:45 2011 UTC (11 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.25: +3 -7 lines
Diff to previous 1.25 (colored)

Changes 1.4.29:
* solve name conflict of md5 functions with OpenSSL lib
* mod_proxy, mod_cgi and other mod_*cgi fixes
* ssl improvements
* Native solaris ports fdevent handler olaris-eventports----------------------------
revision 1.26
date: 2011/04/05 08:29:26;  author: adam;  state: Exp;  lines: +30 -27
Changes 1.4.28:
* Rename fdevent_event_add to _set to reflect what the function does. Fix some
  handlers.
* Fix buffer.h to include stdio.h as it is needer for SEGFAULT()

Changes 1.4.27:
* Fix handling return value of SSL_CTX_set_options
* Fix mod_proxy HUP handling (send final chunk, fix usage counter)
* mod_proxy: close connection on write error
* Check uri instead of physical path for directory redirect
* Fix detecting git repository
* [mod_compress] Fix segfault when etags are disabled
* Reset uri.authority before TLS servername handling, reset all "keep-alive"
  data in connection_del
* Print double quotes properly when dumping config file
* Include IP addresses on error log on password failures
* Fix stalls while reading from ssl sockets
* Fix etag formatting on boxes with 32-bit longs
* Fix two compiler warnings
* mod_accesslog: fix %p for ipv6 sockets
* mod_fastcgi: Send 502 "Bad Gateway" if we couldn't open the file for
  X-Sendfile
* mod_staticfile: add debug output if we ignore a file with
  static-file.exclude-extensions
* mod_cgi: fix race condition leaving response not forwarded to client
* mod_accesslog: Fix var declarations mixed in source
* mod_status: Add version to status page
* mod_accesslog: optimize accesslog_append_escaped
* openssl: silence annoying error messages for errno==0
* array.c: improve array_get_unused_element to check data type; fix mem leak if
  unused_element didn't find a matching entry
* add check to stop loading plugins twice
* cleanup fdevent code, removed linux-rtsig handler, replaced some fprintf calls
* only require FDEVENT_IN bit to be set for listening connections
* add libev fdevent handler: server.event-handler = "libev"
* mod_proxy: return response as soon as it is available
* don't overwrite global server.force-lowercase-filenames setting
* bind to IPV6-only if ipv6 address was specified

Revision 1.25 / (download) - annotate - [select for diffs], Tue Mar 23 15:20:09 2010 UTC (12 years, 10 months ago) by gson
Branch: MAIN
CVS Tags: pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4, pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2, pkgsrc-2010Q1-base, pkgsrc-2010Q1
Changes since 1.24: +6 -1 lines
Diff to previous 1.24 (colored)

Apply patch to fix the issue reported in
<http://redmine.lighttpd.net/issues/2157>.  Without this patch,
lighttpd 1.4.26 will fail to start if built with the pkgsrc OpenSSL
and configured to serve HTTPS.  Bump PKGREVISION.

Revision 1.24 / (download) - annotate - [select for diffs], Mon Feb 8 14:47:54 2010 UTC (12 years, 11 months ago) by joerg
Branch: MAIN
Changes since 1.23: +7 -3 lines
Diff to previous 1.23 (colored)

Update to lighttpd-1.4.26:
- fix various bugs, including a trivial to trigger OOM/DoS
- Allow support for checking for exec bit on cgi scripts
- Add support for TLS servername indication
- Add support client certificate verification
- Split off spawn-fcgi into a separate package

Revision 1.23 / (download) - annotate - [select for diffs], Mon Mar 23 00:37:41 2009 UTC (13 years, 10 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base, pkgsrc-2009Q4, pkgsrc-2009Q3-base, pkgsrc-2009Q3, pkgsrc-2009Q2-base, pkgsrc-2009Q2, pkgsrc-2009Q1-base, pkgsrc-2009Q1
Changes since 1.22: +2 -2 lines
Diff to previous 1.22 (colored)

lighttpd-1.4.22:
- fix a number of bugs in various modules
- if-modifed-since handling for mod_compress
- disabled SSLv2 by default

Revision 1.21.4.1 / (download) - annotate - [select for diffs], Fri Oct 3 11:12:18 2008 UTC (14 years, 4 months ago) by tron
Branch: pkgsrc-2008Q2
Changes since 1.21: +2 -3 lines
Diff to previous 1.21 (colored) next main 1.22 (colored)

Pullup ticket #2538 - requested by taca
lighttpd: security update

Revisions pulled up:
- www/lighttpd/Makefile			1.22
- www/lighttpd/distinfo			1.15
- www/lighttpd/patches/patch-aa		delete
- www/lighttpd/patches/patch-ac		delete
---
Module Name:	pkgsrc
Committed By:	taca
Date:		Fri Oct  3 01:08:36 UTC 2008

Modified Files:
	pkgsrc/www/lighttpd: Makefile distinfo
Removed Files:
	pkgsrc/www/lighttpd/patches: patch-aa patch-ac

Log Message:
Update lighttpd to 1.4.20.

This contains security fix: http://trac.lighttpd.net/trac/ticket/1774

- 1.4.20 -

  * Fix mod_compress to compile with old gcc version (#1592)
  * Fix mod_extforward to compile with old gcc version (#1591)
  * Update documentation for #1587
  * Fix #285 again: read error after SSL_shutdown (thx marton.illes@balabit.com) and clear the error queue before some other calls (CVE-2008-1531)
  * Fix mod_magnet: enable "request.method" and "request.protocol" in lighty.env (#1308)
  * Fix segfault for appending matched parts if there was no regex matching (just give empty strings) (#1601)
  * Use data_response_init in mod_fastcgi x-sendfile handling for response.headers, fix a small "memleak" (#1628)
  * Don't send empty Server headers (#1620)
  * Fix conditional interpretation of core options
  * Enable escaping of % and $ in redirect/rewrite; only two cases changed their behaviour: "%%" => "%", "$$" => "$"
  * Fix accesslog port (should be port from the connection, not the "server.port") (#1618)
  * Fix mod_fastcgi prefix matching: match the prefix always against url, not the absolute filepath (regardless of check-local)
  * Overwrite Content-Type header in mod_dirlisting instead of inserting (#1614), patch by Henrik Holst
  * Handle EINTR in mod_cgi during write() (#1640)
  * Allow all http status codes by default; disable body only for 204,205 and 304; generate error pages for 4xx and 5xx (#1639)
  * Fix mod_magnet to set con->mode = p->id if it generates content, so returning 4xx/5xx doesn't append an error page
  * Remove lighttpd.spec* from source, fixing all problems with it ;-)
  * Do not rely on PATH_MAX (POSIX does not require it) (#580)
  * Disable logging to access.log if filename is an empty string
  * Implement a clean way to open /dev/null and use it to close stdin/out/err in the needed places (#624)
  * merge spawn-fcgi changes from trunk (from @2191)
  * let spawn-fcgi propagate exit code from spawned fcgi application
  * close connection after redirect in trigger_b4_dl (thx icy)
  * close connection in mod_magnet if returned status code
  * fix bug with IPv6 in mod_evasive (#1579)
  * fix scgi HTTP/1.* status parsing (#1638), found by met@uberstats.com
  * [tests] fixed system, use foreground daemons and waitpid
  * [tests] removed pidfile from test system
  * [tests] fixed tests needing php running (if not running on port 1026, search php in env[PHP] or /usr/bin/php-cgi)
  * fixed typo in mod_accesslog (#1699)
  * replaced buffer_{append,copy}_string with the _len variant where possible (#1732) (thx crypt)
  * case insensitive match for secdownload md5 token (#1710)
  * Handle only HEAD, GET and POST in mod_dirlisting (same as in staticfile) (#1687)
  * fixed mod_secdownload problem with unsigned time_t (#1688)
  * handle EAGAIN and EINTR for freebsd sendfile (#1675)
  * Use filedescriptor 0 for mod_scgi spawn socket, redirect STDERR to /dev/null (#1716)
  * fixed round-robin balancing in mod_proxy (#1715)
  * fixed EINTR handling for waitpid in mod_fastcgi
  * mod_{fast,s}cgi: overwrite environment variables (#1722)
  * inserted many con->mode checks; they should prevent two modules to handle the same request if they shouldn't (#631)
  * fixed url encoding to encode more characters (#266)
  * allow digits in [s]cgi env vars (#1712)
  * fixed dropping last character of evhost pattern (#161)
  * print helpful error message on conditionals in global block (#1550)
  * decode url before matching in mod_rewrite (#1720)
  * fixed conditional patching of ldap filter (#1564)
  * Match headers case insensitive in response (removing of X-{Sendfile,LIGHTTPD-*}, catching Date/Server)
  * fixed bug with case-insensitive filenames in mod_userdir (#1589), spotted by "anders1"
  * fixed format string bugs in mod_accesslog for SYSLOG
  * replaced fprintf with log_error_write in fastcgi debug
  * fixed mem leak in ssi expression parser (#1753), thx Take5k
  * hide some ssl errors per default, enable them with debug.log-ssl-noise (#397)
  * do not send content-encoding for 304 (#1754), thx yzlai
  * fix segfault for stat_cache(fam) calls with relative path (without '/', can be triggered by x-sendfile) (#1750)
  * fix splitting of auth-ldap filter
  * workaround ldap connection leak if a ldap connection failed (restarting ldap)
  * fix auth.backend.ldap.bind-dn/pw problems (only read from global context for temporary ldap reconnects, thx ruskie)
  * fix memleak in request header parsing (#1774, thx qhy)
  * fix mod_rewrite memleak/endless loop detection (#1775, thx phy - again!)
  * use decoded url for matching in mod_redirect (#1720)

Revision 1.22 / (download) - annotate - [select for diffs], Fri Oct 3 01:08:36 2008 UTC (14 years, 4 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2008Q4-base, pkgsrc-2008Q4, pkgsrc-2008Q3-base, pkgsrc-2008Q3
Changes since 1.21: +2 -3 lines
Diff to previous 1.21 (colored)

Update lighttpd to 1.4.20.

This contains security fix: http://trac.lighttpd.net/trac/ticket/1774


- 1.4.20 -

  * Fix mod_compress to compile with old gcc version (#1592)
  * Fix mod_extforward to compile with old gcc version (#1591)
  * Update documentation for #1587
  * Fix #285 again: read error after SSL_shutdown (thx marton.illes@balabit.com) and clear the error queue before some other calls (CVE-2008-1531)
  * Fix mod_magnet: enable "request.method" and "request.protocol" in lighty.env (#1308)
  * Fix segfault for appending matched parts if there was no regex matching (just give empty strings) (#1601)
  * Use data_response_init in mod_fastcgi x-sendfile handling for response.headers, fix a small "memleak" (#1628)
  * Don't send empty Server headers (#1620)
  * Fix conditional interpretation of core options
  * Enable escaping of % and $ in redirect/rewrite; only two cases changed their behaviour: "%%" => "%", "$$" => "$"
  * Fix accesslog port (should be port from the connection, not the "server.port") (#1618)
  * Fix mod_fastcgi prefix matching: match the prefix always against url, not the absolute filepath (regardless of check-local)
  * Overwrite Content-Type header in mod_dirlisting instead of inserting (#1614), patch by Henrik Holst
  * Handle EINTR in mod_cgi during write() (#1640)
  * Allow all http status codes by default; disable body only for 204,205 and 304; generate error pages for 4xx and 5xx (#1639)
  * Fix mod_magnet to set con->mode = p->id if it generates content, so returning 4xx/5xx doesn't append an error page
  * Remove lighttpd.spec* from source, fixing all problems with it ;-)
  * Do not rely on PATH_MAX (POSIX does not require it) (#580)
  * Disable logging to access.log if filename is an empty string
  * Implement a clean way to open /dev/null and use it to close stdin/out/err in the needed places (#624)
  * merge spawn-fcgi changes from trunk (from @2191)
  * let spawn-fcgi propagate exit code from spawned fcgi application
  * close connection after redirect in trigger_b4_dl (thx icy)
  * close connection in mod_magnet if returned status code
  * fix bug with IPv6 in mod_evasive (#1579)
  * fix scgi HTTP/1.* status parsing (#1638), found by met@uberstats.com
  * [tests] fixed system, use foreground daemons and waitpid
  * [tests] removed pidfile from test system
  * [tests] fixed tests needing php running (if not running on port 1026, search php in env[PHP] or /usr/bin/php-cgi)
  * fixed typo in mod_accesslog (#1699)
  * replaced buffer_{append,copy}_string with the _len variant where possible (#1732) (thx crypt)
  * case insensitive match for secdownload md5 token (#1710)
  * Handle only HEAD, GET and POST in mod_dirlisting (same as in staticfile) (#1687)
  * fixed mod_secdownload problem with unsigned time_t (#1688)
  * handle EAGAIN and EINTR for freebsd sendfile (#1675)
  * Use filedescriptor 0 for mod_scgi spawn socket, redirect STDERR to /dev/null (#1716)
  * fixed round-robin balancing in mod_proxy (#1715)
  * fixed EINTR handling for waitpid in mod_fastcgi
  * mod_{fast,s}cgi: overwrite environment variables (#1722)
  * inserted many con->mode checks; they should prevent two modules to handle the same request if they shouldn't (#631)
  * fixed url encoding to encode more characters (#266)
  * allow digits in [s]cgi env vars (#1712)
  * fixed dropping last character of evhost pattern (#161)
  * print helpful error message on conditionals in global block (#1550)
  * decode url before matching in mod_rewrite (#1720)
  * fixed conditional patching of ldap filter (#1564)
  * Match headers case insensitive in response (removing of X-{Sendfile,LIGHTTPD-*}, catching Date/Server)
  * fixed bug with case-insensitive filenames in mod_userdir (#1589), spotted by "anders1"
  * fixed format string bugs in mod_accesslog for SYSLOG
  * replaced fprintf with log_error_write in fastcgi debug
  * fixed mem leak in ssi expression parser (#1753), thx Take5k
  * hide some ssl errors per default, enable them with debug.log-ssl-noise (#397)
  * do not send content-encoding for 304 (#1754), thx yzlai
  * fix segfault for stat_cache(fam) calls with relative path (without '/', can be triggered by x-sendfile) (#1750)
  * fix splitting of auth-ldap filter
  * workaround ldap connection leak if a ldap connection failed (restarting ldap)
  * fix auth.backend.ldap.bind-dn/pw problems (only read from global context for temporary ldap reconnects, thx ruskie)
  * fix memleak in request header parsing (#1774, thx qhy)
  * fix mod_rewrite memleak/endless loop detection (#1775, thx phy - again!)
  * use decoded url for matching in mod_redirect (#1720)

Revision 1.20.2.1 / (download) - annotate - [select for diffs], Wed May 21 13:01:02 2008 UTC (14 years, 8 months ago) by tron
Branch: pkgsrc-2008Q1
Changes since 1.20: +2 -1 lines
Diff to previous 1.20 (colored) next main 1.21 (colored)

Pullup ticket 2391 - requested by joerg
Security fix for lighttpd

Revisions pulled up:
- www/lighttpd/Makefile		1.21
- www/lighttpd/distinfo		1.14
- www/lighttpd/patches/patch-aa	1.9
- www/lighttpd/patches/patch-ac	1.5

    Module Name:	pkgsrc
    Committed By:	joerg
    Date:		Fri Apr 25 19:58:17 UTC 2008

    Modified Files:
	pkgsrc/www/lighttpd: distinfo
    Added Files:
	pkgsrc/www/lighttpd/patches: patch-aa patch-ac

    Log Message:
    Fix a potential DOS when using SSL. Bump revision.
---
    Module Name:	pkgsrc
    Committed By:	joerg
    Date:		Tue May 20 14:22:50 UTC 2008

    Modified Files:
	pkgsrc/www/lighttpd: Makefile

    Log Message:
    Belatedly bump revision for CVE-2008-1531 fix.

Revision 1.21 / (download) - annotate - [select for diffs], Tue May 20 14:22:50 2008 UTC (14 years, 8 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2008Q2-base, cwrapper, cube-native-xorg-base, cube-native-xorg
Branch point for: pkgsrc-2008Q2
Changes since 1.20: +2 -1 lines
Diff to previous 1.20 (colored)

Belatedly bump revision for CVE-2008-1531 fix.

Revision 1.20 / (download) - annotate - [select for diffs], Sat Mar 15 10:53:50 2008 UTC (14 years, 10 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2008Q1-base
Branch point for: pkgsrc-2008Q1
Changes since 1.19: +2 -3 lines
Diff to previous 1.19 (colored)

lighttpd-1.4.19:
Fix a DOS under high load and some information leaks.

Revision 1.19 / (download) - annotate - [select for diffs], Tue Mar 4 11:17:57 2008 UTC (14 years, 11 months ago) by kefren
Branch: MAIN
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)

add temporary patch from
http://trac.lighttpd.net/trac/attachment/ticket/1562/Fix-372-and-1562.patch
in order to fix CVE-2008-0983. Bump PKGREVISION

Revision 1.18 / (download) - annotate - [select for diffs], Fri Jan 18 05:09:51 2008 UTC (15 years ago) by tnn
Branch: MAIN
Changes since 1.17: +2 -1 lines
Diff to previous 1.17 (colored)

Per the process outlined in revbump(1), perform a recursive revbump
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@

Revision 1.17 / (download) - annotate - [select for diffs], Fri Nov 23 19:12:08 2007 UTC (15 years, 2 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2007Q4-base, pkgsrc-2007Q4
Changes since 1.16: +8 -6 lines
Diff to previous 1.16 (colored)

DESTDIR support.

Revision 1.14.2.2 / (download) - annotate - [select for diffs], Mon Sep 10 20:13:31 2007 UTC (15 years, 4 months ago) by ghen
Branch: pkgsrc-2007Q2
Changes since 1.14.2.1: +2 -2 lines
Diff to previous 1.14.2.1 (colored) to branchpoint 1.14 (colored) next main 1.15 (colored)

Pullup ticket 2187 - requested by jlam
security update for lighttpd

- pkgsrc/www/lighttpd/DESCR				1.2
- pkgsrc/www/lighttpd/Makefile				1.16
- pkgsrc/www/lighttpd/PLIST				1.7
- pkgsrc/www/lighttpd/distinfo				1.11
- pkgsrc/www/lighttpd/patches/patch-aa			1.7
- pkgsrc/www/lighttpd/patches/patch-ab			1.4
- pkgsrc/www/lighttpd/patches/patch-ac			1.3

   Module Name:	pkgsrc
   Committed By:	jlam
   Date:		Mon Sep 10 13:59:51 UTC 2007

   Modified Files:
	   pkgsrc/www/lighttpd: DESCR Makefile PLIST distinfo
   Added Files:
	   pkgsrc/www/lighttpd/patches: patch-aa patch-ab patch-ac

   Log Message:
   Update www/lighttpd to 1.4.18.  Changes from 1.4.16 include:

     * fixed forwarding a SIGINT and SIGHUP when using max-workers (#902)
   --> fixed FastCGI header overrun in mod_fastcgi
     * fixed hanging redirects with keep-alive due to missing
       "Content-Length: 0" headers
     * fixed crashing when using undefined environment variables in the config
     * added dir-listing.set-footer in mod_dirlisting (#1277)
     * added sending UID and PID for SIGTERM and SIGINT to the logs
     * fixed compression of files < 128 bytes by disabling compression (#1241)
     * fixed mysql server reconnects (#518)
     * fixed disabled keep-alive for dynamic content with HTTP/1.0 (#1166)
     * fixed crash on mixed EOL sequences in mod_cgi
     * fixed key compare (#1287)
     * fixed invalid char in header values (#1286)
     * fixed invalid "304 Not Modified" on broken timestamps
   --> fixed endless loop on shrinked files with sendfile() on BSD (#1289)
   --> fixed counter overrun in ?auto in mod_status (#909)
     * fixed too aggresive caching of nested conditionals (#41)
   --> fixed possible overflow in unix-socket path checks on BSD (#713)
     * fixed extra Content-Length header on 1xx, 204 and 304 (#1002)
     * fixed handling of duplicate If-Modified-Since to return 304
     * fixed extracting status code from NPH scripts (#1125)
     * removed config-check if passwd files exist (#1188)
     * fixed crash when etags are disabled but the client sends one (#1322)
     * fixed crash when freeing the config in mod_alias
     * fixed server.error-handler-404 breakage from 1.4.16 (#1270)
     * fixed entering 404-handler from dynamic content (#948)
     * added more debug infos for FAM based stat-cache

   The highlighted changes are security vulnerabilities that are fixed in
   this release.

Revision 1.16 / (download) - annotate - [select for diffs], Mon Sep 10 13:59:50 2007 UTC (15 years, 4 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2007Q3-base, pkgsrc-2007Q3
Changes since 1.15: +2 -2 lines
Diff to previous 1.15 (colored)

Update www/lighttpd to 1.4.18.  Changes from 1.4.16 include:

  * fixed forwarding a SIGINT and SIGHUP when using max-workers (#902)
--> fixed FastCGI header overrun in mod_fastcgi
  * fixed hanging redirects with keep-alive due to missing
    "Content-Length: 0" headers
  * fixed crashing when using undefined environment variables in the config
  * added dir-listing.set-footer in mod_dirlisting (#1277)
  * added sending UID and PID for SIGTERM and SIGINT to the logs
  * fixed compression of files < 128 bytes by disabling compression (#1241)
  * fixed mysql server reconnects (#518)
  * fixed disabled keep-alive for dynamic content with HTTP/1.0 (#1166)
  * fixed crash on mixed EOL sequences in mod_cgi
  * fixed key compare (#1287)
  * fixed invalid char in header values (#1286)
  * fixed invalid "304 Not Modified" on broken timestamps
--> fixed endless loop on shrinked files with sendfile() on BSD (#1289)
--> fixed counter overrun in ?auto in mod_status (#909)
  * fixed too aggresive caching of nested conditionals (#41)
--> fixed possible overflow in unix-socket path checks on BSD (#713)
  * fixed extra Content-Length header on 1xx, 204 and 304 (#1002)
  * fixed handling of duplicate If-Modified-Since to return 304
  * fixed extracting status code from NPH scripts (#1125)
  * removed config-check if passwd files exist (#1188)
  * fixed crash when etags are disabled but the client sends one (#1322)
  * fixed crash when freeing the config in mod_alias
  * fixed server.error-handler-404 breakage from 1.4.16 (#1270)
  * fixed entering 404-handler from dynamic content (#948)
  * added more debug infos for FAM based stat-cache

The highlighted changes are security vulnerabilities that are fixed in
this release.

Revision 1.14.2.1 / (download) - annotate - [select for diffs], Fri Jul 27 22:47:14 2007 UTC (15 years, 6 months ago) by ghen
Branch: pkgsrc-2007Q2
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)

Pullup ticket 2151 - requested by joerg
security update for lighttpd

- pkgsrc/www/lighttpd/Makefile				1.15
- pkgsrc/www/lighttpd/distinfo				1.10

   Module Name:	pkgsrc
   Committed By:	joerg
   Date:		Wed Jul 25 10:26:05 UTC 2007

   Modified Files:
	   pkgsrc/www/lighttpd: Makefile distinfo

   Log Message:
   Update to lighttpd 1.4.16. This fixes a number of security issues:
   - various possible NULL pointer references
   - two cases were uninitialised memory is used or memory could be
   corrupted. This might be exploitable to execute arbitrary code.
   - possible mod_access by-pass by appending /
   - a local DOS by broken FastCGI handlers

Revision 1.15 / (download) - annotate - [select for diffs], Wed Jul 25 10:26:05 2007 UTC (15 years, 6 months ago) by joerg
Branch: MAIN
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)

Update to lighttpd 1.4.16. This fixes a number of security issues:
- various possible NULL pointer references
- two cases were uninitialised memory is used or memory could be
corrupted. This might be exploitable to execute arbitrary code.
- possible mod_access by-pass by appending /
- a local DOS by broken FastCGI handlers

Revision 1.13.2.1 / (download) - annotate - [select for diffs], Thu Apr 19 17:23:03 2007 UTC (15 years, 9 months ago) by ghen
Branch: pkgsrc-2007Q1
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored) next main 1.14 (colored)

Pullup ticket 2070 - requested by joerg
security update for lighttpd

- pkgsrc/www/lighttpd/Makefile				1.14
- pkgsrc/www/lighttpd/PLIST				1.6
- pkgsrc/www/lighttpd/distinfo				1.9
- pkgsrc/www/lighttpd/patches/patch-aa			removed
- pkgsrc/www/lighttpd/patches/patch-ab			removed
- pkgsrc/www/lighttpd/patches/patch-ac			removed
- pkgsrc/www/lighttpd/patches/patch-ad			removed
- pkgsrc/www/lighttpd/patches/patch-ae			removed
- pkgsrc/www/lighttpd/patches/patch-af			removed
- pkgsrc/www/lighttpd/patches/patch-ag			removed
- pkgsrc/www/lighttpd/patches/patch-ah			removed

   Module Name:	pkgsrc
   Committed By:	joerg
   Date:		Thu Apr 19 16:16:19 UTC 2007

   Modified Files:
	   pkgsrc/www/lighttpd: Makefile PLIST distinfo
   Removed Files:
	   pkgsrc/www/lighttpd/patches: patch-aa patch-ab patch-ac patch-ad
	       patch-ae patch-af patch-ag patch-ah

   Log Message:
   Update to lighttpd 1.4.15:

   Most important changes are:
   - fix a crash for files with an mtime of 0
   - fix cpu hog in certain requests
   - added mod_extforward module
   - reduced default PATH_MAX to 255

Revision 1.14 / (download) - annotate - [select for diffs], Thu Apr 19 16:16:17 2007 UTC (15 years, 9 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2007Q2-base
Branch point for: pkgsrc-2007Q2
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored)

Update to lighttpd 1.4.15:

Most important changes are:
- fix a crash for files with an mtime of 0
- fix cpu hog in certain requests
- added mod_extforward module
- reduced default PATH_MAX to 255

Revision 1.12.2.1 / (download) - annotate - [select for diffs], Tue Feb 20 14:26:59 2007 UTC (15 years, 11 months ago) by salo
Branch: pkgsrc-2006Q4
Changes since 1.12: +2 -3 lines
Diff to previous 1.12 (colored) next main 1.13 (colored)

Pullup ticket 2028 - requested by joerg
bugfix update for lighttpd

Revisions pulled up:
- pkgsrc/www/lighttpd/Makefile				1.13
- pkgsrc/www/lighttpd/PLIST				1.5
- pkgsrc/www/lighttpd/distinfo				1.8
- pkgsrc/www/lighttpd/patches/patch-ab			1.2
- pkgsrc/www/lighttpd/patches/patch-ac			1.1
- pkgsrc/www/lighttpd/patches/patch-ad			1.1
- pkgsrc/www/lighttpd/patches/patch-ae			1.1
- pkgsrc/www/lighttpd/patches/patch-af			1.1
- pkgsrc/www/lighttpd/patches/patch-ag			1.1
- pkgsrc/www/lighttpd/patches/patch-ah			1.1

   Module Name:		pkgsrc
   Committed By:	joerg
   Date:		Mon Feb 19 21:31:38 UTC 2007

   Modified Files:
   	pkgsrc/www/lighttpd: Makefile PLIST distinfo
   	pkgsrc/www/lighttpd/patches: patch-ab
   Added Files:
   	pkgsrc/www/lighttpd/patches: patch-ac patch-ad patch-ae
   	    patch-af patch-ag patch-ah

   Log Message:
   Update to lighttpd-1.4.13.

   Changes in 1.4.13:
     * added initgroups in spawn-fcgi (#871)
     * added apr1 support htpasswd in mod-auth (#870)
     * added lighty.stat() to mod_magnet
     * fixed segfault in splitted CRLF CRLF sequences
       (introduced in 1.4.12) (#876)
     * fixed compilation of LOCK support in mod-webdav
     * fixed fragments in request-URLs (#869)
     * fixed pkg-config check for lua5.1 on debian
     * fixed Content-Length = 0 on HEAD requests without
       a known Content-Length (#119)
     * fixed mkdir() forcing 0700 (#884)
     * fixed writev() on FreeBSD 4.x and older (#875)
     * removed warning about a 404-error-handler
       returned 404
     * backported and fixed the buildsystem changes for
       webdav locks
     * fixed plugin loading so we can finally load lua
       extensions in mod_magnet scripts
     * fixed large uploads if xattr is enabled

   Changes in 1.4.12:
     * added experimental LOCK support for webdav
     * added Content-Range support for PUT in webdav
     * added support for += on empty arrays in config-files
     * added ssl.cipher-list and ssl.use-sslv2
     * added $HTTP["querystring"] conditional
     * added mod_magnet as long-term replacement for mod_cml
     * added work-around for a Opera Bug with SSL + Chunked-Encoding
     * changed --print-config to print to stdout instead of stderr
     * changed no longer use 0600 for new files with webdav. umask is
       honored. Make sure you have set a proper umask.
     * fixed upload hangs with SSL
     * fixed connection drops with SSL (aka bad retry)
     * fixed path traversal with \ on cygwin
     * fixed mem-leak in mod_flv_streaming
     * fixed required trailing newline in configfiles (#142)
     * fixed quoting the autoconf files (#466)
     * fixed empty Host: + $HTTP["host"] handling (#458)
     * fixed handling of If-Modified-Since if ETag is not set
     * fixed default-shell if SHELL is not set (#441)
     * fixed appending and assigning of env.* vars
     * fixed empty FCGI_STDERR packets
     * fixed conditional server.allow-http-11
     * fixed handling of follow-symlink + lstat()
     * fixed SIGHUP handling if max-workers is used
     * fixed "Software caused connection abort" messages on FreeBSD

   In addition fix a nasty problem in LDAP auth when using with buggy
   commercial servers. Some threat an empty password as anonymous bind
   and would only fail on the first query, if that requires privileges.
   Patch will be included with 1.4.14.

Revision 1.13 / (download) - annotate - [select for diffs], Mon Feb 19 21:31:30 2007 UTC (15 years, 11 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2007Q1-base
Branch point for: pkgsrc-2007Q1
Changes since 1.12: +2 -3 lines
Diff to previous 1.12 (colored)

Update to lighttpd-1.4.13.

Changes in 1.4.13:
  * added initgroups in spawn-fcgi (#871)
  * added apr1 support htpasswd in mod-auth (#870)
  * added lighty.stat() to mod_magnet
  * fixed segfault in splitted CRLF CRLF sequences
    (introduced in 1.4.12) (#876)
  * fixed compilation of LOCK support in mod-webdav
  * fixed fragments in request-URLs (#869)
  * fixed pkg-config check for lua5.1 on debian
  * fixed Content-Length = 0 on HEAD requests without
    a known Content-Length (#119)
  * fixed mkdir() forcing 0700 (#884)
  * fixed writev() on FreeBSD 4.x and older (#875)
  * removed warning about a 404-error-handler
    returned 404
  * backported and fixed the buildsystem changes for
    webdav locks
  * fixed plugin loading so we can finally load lua
    extensions in mod_magnet scripts
  * fixed large uploads if xattr is enabled

Changes in 1.4.12:
  * added experimental LOCK support for webdav
  * added Content-Range support for PUT in webdav
  * added support for += on empty arrays in config-files
  * added ssl.cipher-list and ssl.use-sslv2
  * added $HTTP["querystring"] conditional
  * added mod_magnet as long-term replacement for mod_cml
  * added work-around for a Opera Bug with SSL + Chunked-Encoding
  * changed --print-config to print to stdout instead of stderr
  * changed no longer use 0600 for new files with webdav. umask is
    honored. Make sure you have set a proper umask.
  * fixed upload hangs with SSL
  * fixed connection drops with SSL (aka bad retry)
  * fixed path traversal with \ on cygwin
  * fixed mem-leak in mod_flv_streaming
  * fixed required trailing newline in configfiles (#142)
  * fixed quoting the autoconf files (#466)
  * fixed empty Host: + $HTTP["host"] handling (#458)
  * fixed handling of If-Modified-Since if ETag is not set
  * fixed default-shell if SHELL is not set (#441)
  * fixed appending and assigning of env.* vars
  * fixed empty FCGI_STDERR packets
  * fixed conditional server.allow-http-11
  * fixed handling of follow-symlink + lstat()
  * fixed SIGHUP handling if max-workers is used
  * fixed "Software caused connection abort" messages on FreeBSD

In addition fix a nasty problem in LDAP auth when using with buggy
commercial servers. Some threat an empty password as anonymous bind
and would only fail on the first query, if that requires privileges.
Patch will be included with 1.4.14.

Revision 1.12 / (download) - annotate - [select for diffs], Fri Dec 22 21:07:11 2006 UTC (16 years, 1 month ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2006Q4-base
Branch point for: pkgsrc-2006Q4
Changes since 1.11: +2 -1 lines
Diff to previous 1.11 (colored)

Allow sendfile on DragonFly to be compiled in. Bump revision.
Noticed by Peter Avalos.

Revision 1.11 / (download) - annotate - [select for diffs], Fri Jul 7 15:49:34 2006 UTC (16 years, 6 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2006Q3-base, pkgsrc-2006Q3
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)

LIBTOOL_OVERRIDE generally doesn't need to be specified anymore... just
set OVERRIDE_DIRDEPTH to find any libtool scripts deeper in the WRKSRC
tree unless they're named something other than "libtool".

SHLIBTOOL_OVERRIDE generally doesn't need to be specified either -- just
define it to the empty list and shlibtool-override will look for libtool
scripts.

Revision 1.10 / (download) - annotate - [select for diffs], Mon Apr 10 12:07:18 2006 UTC (16 years, 9 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2006Q2-base, pkgsrc-2006Q2
Changes since 1.9: +2 -3 lines
Diff to previous 1.9 (colored)

Update lighttpd to 1.4.11.

  * added ability to specify which ip address spawn-fci listens on
    (agkr@pobox.com)
  * added mod_flv_streaming to streaming Flash Movies efficiently
  * fixed handling of error codes returned by mod_dav_svn behing a
    mod_proxy
  * fixed error-messages in mod_auth and mod_fastcgi
  * fixed re-enabling overloaded local fastcgi backends
  * fixed handling of deleted files in linux-sendfile
  * fixed compilation on BSD and MacOSX
  * fixed $SERVER["socket"] on a already bound socket
  * fixed local source retrieval on windows
    (secunia)
  * fixed hanging cgi if remote side is dieing while reading
    from the pipe (sandy@meebo.com)

Revision 1.5.2.1 / (download) - annotate - [select for diffs], Thu Feb 16 14:47:48 2006 UTC (16 years, 11 months ago) by salo
Branch: pkgsrc-2005Q4
Changes since 1.5: +3 -2 lines
Diff to previous 1.5 (colored) next main 1.6 (colored)

Pullup ticket 1138 - requested by Joerg Sonnenberger
security update for lighttpd

Revisions pulled up:
- pkgsrc/www/lighttpd/Makefile			1.8, 1.9
- pkgsrc/www/lighttpd/PLIST			1.3
- pkgsrc/www/lighttpd/distinfo			1.5
- pkgsrc/www/lighttpd/patches/patch-aa		1.3

   Module Name:		pkgsrc
   Committed By:	joerg
   Date:		Wed Feb 15 16:46:32 UTC 2006

   Modified Files:
   	pkgsrc/www/lighttpd: Makefile distinfo
   Added Files:
   	pkgsrc/www/lighttpd/patches: patch-aa

   Log Message:
   Update lighttpd to 1.4.10.

   From NEWS:
   1.4.10 - 2005-02-08

       * added docs for mod_dirlisting
       * added fastcgi.map-extensions to mod_fastcgi
       * fixed load balancing for mod_fastcgi
       * fixed extra newline for syslog() in mod_accesslog
       * fixed user-track cookie for IE in mod_usertrack
       * fixed crash in digest handling in mod_auth
       * fixed handling of 301 response-bodies from a mod_proxy backend
       * fixed loading of base modules if server.modules is not set
       * fixed broken cgi if mod_scgi is loaded

   1.4.9 - 2006-01-14

       * added server.core-files option (sandy <sandy@meebo.com>)
       * added docs for mod_status
       * added mod_evasive to limit the number of connections by IP
         (<w1zzard@techpowerup.com>)
       * added the power-magnet to mod_cml
       * added internal statistics to mod_fastcgi
       * added server.statistics-url to get internal statistics from
         mod_status
       * added support for conditional range-requests through If-Range
       * added static building via scons
       * fixed 100% cpu loops in mod_cgi ("sandy" <sjen@cs.stanford.edu>)
       * fixed handling for secure-download.timeout (jamis@37signals.com)
       * fixed IE bug in content-charset in the output of mod_dirlisting
         (sniper@php.net)
       * fixed typos and language in the docs (ryan-2005@ryandesign.com)
       * fixed assertion in mod_cgi on HEAD request is Content-Length
         (<sandy@meebo.com>)
       * fixed handling if equal but duplicate If-Modified-Since request
         headers
       * fixed endless loops in mod_fastcgi if backend is dead
       * fixed Depth: 1 handling in PROPFIND requests on empty dirs
       * fixed encoding of UTF8 encoded dirlistings (Jani Taskinen
         <sniper@iki.fi>)
       * fixed initial bind to a unix-domain socket through server.bind
       * fixed handling of lowercase filesystems
       * fixed duplicate request headers cause by mod_setenv
---
   Module Name:		pkgsrc
   Committed By:	joerg
   Date:		Wed Feb 15 21:15:45 UTC 2006

   Modified Files:
   	pkgsrc/www/lighttpd: Makefile PLIST

   Log Message:
   Add mod_evasive to PLIST. Bump revision.

Revision 1.9 / (download) - annotate - [select for diffs], Wed Feb 15 21:15:45 2006 UTC (16 years, 11 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2006Q1-base, pkgsrc-2006Q1
Changes since 1.8: +2 -1 lines
Diff to previous 1.8 (colored)

Add mod_evasive to PLIST. Bump revision.

Revision 1.8 / (download) - annotate - [select for diffs], Wed Feb 15 16:46:32 2006 UTC (16 years, 11 months ago) by joerg
Branch: MAIN
Changes since 1.7: +2 -3 lines
Diff to previous 1.7 (colored)

Update lighttpd to 1.4.10.

From NEWS:
1.4.10 - 2005-02-08

    * added docs for mod_dirlisting
    * added fastcgi.map-extensions to mod_fastcgi
    * fixed load balancing for mod_fastcgi
    * fixed extra newline for syslog() in mod_accesslog
    * fixed user-track cookie for IE in mod_usertrack
    * fixed crash in digest handling in mod_auth
    * fixed handling of 301 response-bodies from a mod_proxy backend
    * fixed loading of base modules if server.modules is not set
    * fixed broken cgi if mod_scgi is loaded

1.4.9 - 2006-01-14

    * added server.core-files option (sandy <sandy@meebo.com>)
    * added docs for mod_status
    * added mod_evasive to limit the number of connections by IP (<w1zzard@techpowerup.com>)
    * added the power-magnet to mod_cml
    * added internal statistics to mod_fastcgi
    * added server.statistics-url to get internal statistics from mod_status
    * added support for conditional range-requests through If-Range
    * added static building via scons
    * fixed 100% cpu loops in mod_cgi ("sandy" <sjen@cs.stanford.edu>)
    * fixed handling for secure-download.timeout (jamis@37signals.com)
    * fixed IE bug in content-charset in the output of mod_dirlisting (sniper@php.net)
    * fixed typos and language in the docs (ryan-2005@ryandesign.com)
    * fixed assertion in mod_cgi on HEAD request is Content-Length (<sandy@meebo.com>)
    * fixed handling if equal but duplicate If-Modified-Since request headers
    * fixed endless loops in mod_fastcgi if backend is dead
    * fixed Depth: 1 handling in PROPFIND requests on empty dirs
    * fixed encoding of UTF8 encoded dirlistings (Jani Taskinen <sniper@iki.fi>)
    * fixed initial bind to a unix-domain socket through server.bind
    * fixed handling of lowercase filesystems
    * fixed duplicate request headers cause by mod_setenv

Revision 1.7 / (download) - annotate - [select for diffs], Sun Jan 8 18:35:12 2006 UTC (17 years ago) by xtraeme
Branch: MAIN
Changes since 1.6: +2 -1 lines
Diff to previous 1.6 (colored)

Bump PKGREVISION due to mysql.buildlink3.mk changes (default mysql
pkg has been changed to 5.x). Reminded by wiz... thanks.

Revision 1.6 / (download) - annotate - [select for diffs], Thu Dec 29 06:22:23 2005 UTC (17 years, 1 month ago) by jlam
Branch: MAIN
Changes since 1.5: +1 -2 lines
Diff to previous 1.5 (colored)

Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.

Revision 1.5 / (download) - annotate - [select for diffs], Mon Dec 12 17:56:51 2005 UTC (17 years, 1 month ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2005Q4-base
Branch point for: pkgsrc-2005Q4
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)

Update lighttpd to 1.4.8.

From NEWS:
  * added auto-reconnect to ldap-server in mod_auth
    (joerg@netbsd.org)
  * changed auth.ldap-cafile to be optional
    (joerg@netbsd.org)
  * added strip_request_uri in mod_fastcgi
  * added more X-* headers to mod_proxy
    (Ben Grimm <bengrimm@gmail.com>)
  * added 'debug' to simple-vhost to suppress the
    (mod_simple_vhost.c.157) No such file or directory /servers/ww.lighttpd.net/pages/
    messages by default
  * added support to let the server listen on UNIX-socket
  * changed default stat-cache-engine to 'simple'
  * fixed max-age timestamps in mod_expire
  * fixed encoding the filenames in PROPFIND in mod_webdav
  * fixed range request handling in network_writev
  * fixed retry on connect error in mod_fastcgi
    (Robert G. Jakabosky <bobby@alphatrade.com>)
  * fixed possible crash in mod_webdav if sqlite3 support
    is available but not use
  * fixed fdvent-handler init if server.max-worker was used
    (Siddharth Vijayakrishnan <mail@bluefireworks.net>)
  * fixed missing cleanup in mysql_vhost
  * fixed assert() in "connections.c:962:
      connection_handle_read_state: Assertion 'c->mem->used' failed."
  * fixed 64bit issue in md5
  * fixed crash in mod_status
  * fixed duplicate headers in mod_proxy
  * fixed Content-Length in HEAD request in mod_proxy
  * fixed unsigned/signed comparisions
  * fixed streaming in mod_cgi
  * fixed possible overflow in password-salt handling
    (reported on slashdot by james-web@and.org)
  * fixed server-traffic-limit if connection limit is not set

Revision 1.4 / (download) - annotate - [select for diffs], Sun Nov 6 16:47:33 2005 UTC (17 years, 2 months ago) by joerg
Branch: MAIN
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)

Update lighttpd to version 1.4.7, changes from NEWS:
  * added FD_CLOEXEC to fds which are kept open for a longer time
  * added smaller, moving mmaped windows to network_writev
  * added madvise() to instruct the kernel the do proper read-ahead in
    network_writev
  * added support for %I in mod_accesslog
  * added better compat to Apache for ?auto in mod_status
  * added support for userdirs without a entry in /etc/passwd in
    mod_userdir
  * added startup-time selectable network-backend
  * added location of upload-files to config as array
  * added webdav.log-xml for logging xml-content in mod_webdav
  * added Cache-Control: max-age to mod_expire
  * workaround missing client-bug by assuming we received a close-notify
    on non-keep-alive requests in SSL request
  * disabled kerberos5 support by default to fix compilation on RHEL
  * fixed order of library checks to fix compilation on Solaris 9
  * fixed open file-descriptors on read-error
  * fixed crash if /var/tmp is not writable

Revision 1.3 / (download) - annotate - [select for diffs], Tue Oct 11 15:44:00 2005 UTC (17 years, 3 months ago) by joerg
Branch: MAIN
Changes since 1.2: +3 -3 lines
Diff to previous 1.2 (colored)

Update lighttpd to 1.4.6. Take maintainership.

Activate memcache option, now that devel/libmemcache is imported.

From NEWS:
- 1.4.6 - 2005-10-09

  * fixed compilation on MacOS X and cygwin
  * fixed compressed output if caching was disabled (seen in IE and
Opera)
  * fixed range-request option
  * fixed mysql-vhost module (was broken in 1.4.5)
  * fixed false positive in the detection of case-insensitive FS

- 1.4.5 - 2005-10-02

  * added all DeltaV methods as known methods
  * added buffer-to-disk of request content
  * added warning for unused variables in conditionals
  * added global index-generators to mod_indexfile
  * fixed caching for remote-ip conditionals with keep-alive
  * fixed redirects with content
  * fixed infinite loop in exec-cmd in mod_ssi
  * fixed segfault in config handling for mod_mysql_vhost
  * fixed segfault on FIFOs/Sockets
  * fixed possible crash on uninit memory if If-Modified-Since was too long
  * fixed accounting of mem-chunks
  * fixed starving of connections on high load
  * fixed crc errors in mod_compress on 64bit platforms
  * fixed handling of overlapping fastcgi packets (bug added in 1.4.4)
  * fixed logic of conditionals if a header was not set
  * fixed a segfault in mod_rewrite if %1 references were used
  * fixed handling of empty request URIs in HTTP requests

- 1.4.4 - 2005-09-16
  * added support for %V in mod_accesslog
  * added a option for a FastCGI responser to send static files
  * added md5 and blowfish hashes to htpasswd
  * fixed METHOD in mod_accesslog of WebDAV methods
  * fixed check for permission before files in sent
  * fixed mod-proxy and content for non-POST requests
  * fixed compilation of mod_cml on MacOS X
  * fixed SSL errmsg after accept()
  * fixed memleak in stat-cache
  * fixed aborted connections if file was moved while in transfer
  * fixed mem-usage for large FastCGI transfers

Revision 1.2 / (download) - annotate - [select for diffs], Wed Sep 28 12:27:52 2005 UTC (17 years, 4 months ago) by rillig
Branch: MAIN
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)

Fixed pkglint warnings.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Sun Sep 4 06:37:05 2005 UTC (17 years, 5 months ago) by jlam
Branch: TNF
CVS Tags: pkgsrc-base, pkgsrc-2005Q3-base, pkgsrc-2005Q3
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

Initial import of lighttpd-1.4.3 as www/lighttpd.

LightTPD is a secure, fast, compliant, and very flexible web-server
which designed and optimized for for high-performance environments.
With a small memory footprint compared to other webservers, effective
management of the CPU load, and advanced feature set (FastCGI, CGI,
Auth, Output-Compression, URL-Rewriting and many more), LightTPD is
the perfect solution for every server that is suffering load problems.

This is loosely based on the lighttpd package from pkgsrc-wip by
Piotr Stolc <socrtp@soclab.eu.org>.

Revision 1.1 / (download) - annotate - [select for diffs], Sun Sep 4 06:37:05 2005 UTC (17 years, 5 months ago) by jlam
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>