aboutsummaryrefslogtreecommitdiffstats
path: root/www/lighttpd/files
diff options
context:
space:
mode:
Diffstat (limited to 'www/lighttpd/files')
-rw-r--r--www/lighttpd/files/patch-2799-bug2331621
-rw-r--r--www/lighttpd/files/patch-2800-gccwarnings62
-rw-r--r--www/lighttpd/files/patch-2801-network-write804
-rw-r--r--www/lighttpd/files/patch-2802-ssl16
-rw-r--r--www/lighttpd/files/patch-2803-pathinfo122
-rw-r--r--www/lighttpd/files/patch-2804-bug234112
-rw-r--r--www/lighttpd/files/patch-src-fdevent.h11
7 files changed, 11 insertions, 1637 deletions
diff --git a/www/lighttpd/files/patch-2799-bug2331 b/www/lighttpd/files/patch-2799-bug2331
deleted file mode 100644
index f53e92927f3f..000000000000
--- a/www/lighttpd/files/patch-2799-bug2331
+++ /dev/null
@@ -1,621 +0,0 @@
-Index: src/http_auth_digest.c
-===================================================================
---- src/http_auth_digest.c (revision 2798)
-+++ src/http_auth_digest.c (revision 2799)
-@@ -1,26 +0,0 @@
--#include "buffer.h"
--
--#include "http_auth_digest.h"
--
--#include <string.h>
--
--#ifndef USE_OPENSSL
--# include "md5.h"
--
--typedef li_MD5_CTX MD5_CTX;
--#define MD5_Init li_MD5_Init
--#define MD5_Update li_MD5_Update
--#define MD5_Final li_MD5_Final
--
--#endif
--
--void CvtHex(IN HASH Bin, OUT HASHHEX Hex) {
-- unsigned short i;
--
-- for (i = 0; i < HASHLEN; i++) {
-- Hex[i*2] = int2hex((Bin[i] >> 4) & 0xf);
-- Hex[i*2+1] = int2hex(Bin[i] & 0xf);
-- }
-- Hex[HASHHEXLEN] = '\0';
--}
--
-Index: src/http_auth_digest.h
-===================================================================
---- src/http_auth_digest.h (revision 2798)
-+++ src/http_auth_digest.h (revision 2799)
-@@ -1,24 +0,0 @@
--#ifndef _DIGCALC_H_
--#define _DIGCALC_H_
--
--#ifdef HAVE_CONFIG_H
--# include "config.h"
--#endif
--
--#define HASHLEN 16
--typedef unsigned char HASH[HASHLEN];
--#define HASHHEXLEN 32
--typedef char HASHHEX[HASHHEXLEN+1];
--#ifdef USE_OPENSSL
--#define IN const
--#else
--#define IN
--#endif
--#define OUT
--
--void CvtHex(
-- IN HASH Bin,
-- OUT HASHHEX Hex
-- );
--
--#endif
-Index: src/mod_secure_download.c
-===================================================================
---- src/mod_secure_download.c (revision 2798)
-+++ src/mod_secure_download.c (revision 2799)
-@@ -8,18 +8,8 @@
- #include <stdlib.h>
- #include <string.h>
-
--#ifdef USE_OPENSSL
--# include <openssl/md5.h>
--#else
--# include "md5.h"
-+#include "md5.h"
-
--typedef li_MD5_CTX MD5_CTX;
--#define MD5_Init li_MD5_Init
--#define MD5_Update li_MD5_Update
--#define MD5_Final li_MD5_Final
--
--#endif
--
- #define HASHLEN 16
- typedef unsigned char HASH[HASHLEN];
- #define HASHHEXLEN 32
-@@ -200,7 +190,7 @@
-
- URIHANDLER_FUNC(mod_secdownload_uri_handler) {
- plugin_data *p = p_d;
-- MD5_CTX Md5Ctx;
-+ li_MD5_CTX Md5Ctx;
- HASH HA1;
- const char *rel_uri, *ts_str, *md5_str;
- time_t ts = 0;
-@@ -266,9 +256,9 @@
- buffer_append_string(p->md5, rel_uri);
- buffer_append_string_len(p->md5, ts_str, 8);
-
-- MD5_Init(&Md5Ctx);
-- MD5_Update(&Md5Ctx, (unsigned char *)p->md5->ptr, p->md5->used - 1);
-- MD5_Final(HA1, &Md5Ctx);
-+ li_MD5_Init(&Md5Ctx);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)p->md5->ptr, p->md5->used - 1);
-+ li_MD5_Final(HA1, &Md5Ctx);
-
- buffer_copy_string_hex(p->md5, (char *)HA1, 16);
-
-Index: src/SConscript
-===================================================================
---- src/SConscript (revision 2798)
-+++ src/SConscript (revision 2799)
-@@ -12,7 +12,8 @@
- data_integer.c md5.c data_fastcgi.c \
- fdevent_select.c fdevent_libev.c \
- fdevent_poll.c fdevent_linux_sysepoll.c \
-- fdevent_solaris_devpoll.c fdevent_freebsd_kqueue.c \
-+ fdevent_solaris_devpoll.c fdevent_solaris_port.c \
-+ fdevent_freebsd_kqueue.c \
- data_config.c bitset.c \
- inet_ntop_cache.c crc32.c \
- connections-glue.c \
-@@ -62,7 +63,7 @@
- 'mod_redirect' : { 'src' : [ 'mod_redirect.c' ], 'lib' : [ env['LIBPCRE'] ] },
- 'mod_rewrite' : { 'src' : [ 'mod_rewrite.c' ], 'lib' : [ env['LIBPCRE'] ] },
- 'mod_auth' : {
-- 'src' : [ 'mod_auth.c', 'http_auth_digest.c', 'http_auth.c' ],
-+ 'src' : [ 'mod_auth.c', 'http_auth.c' ],
- 'lib' : [ env['LIBCRYPT'], env['LIBLDAP'], env['LIBLBER'] ] },
- 'mod_webdav' : { 'src' : [ 'mod_webdav.c' ], 'lib' : [ env['LIBXML2'], env['LIBSQLITE3'], env['LIBUUID'] ] },
- 'mod_mysql_vhost' : { 'src' : [ 'mod_mysql_vhost.c' ], 'lib' : [ env['LIBMYSQL'] ] },
-Index: src/mod_cml_funcs.c
-===================================================================
---- src/mod_cml_funcs.c (revision 2798)
-+++ src/mod_cml_funcs.c (revision 2799)
-@@ -17,18 +17,8 @@
- #include <dirent.h>
- #include <stdio.h>
-
--#ifdef USE_OPENSSL
--# include <openssl/md5.h>
--#else
--# include "md5.h"
-+#include "md5.h"
-
--typedef li_MD5_CTX MD5_CTX;
--#define MD5_Init li_MD5_Init
--#define MD5_Update li_MD5_Update
--#define MD5_Final li_MD5_Final
--
--#endif
--
- #define HASHLEN 16
- typedef unsigned char HASH[HASHLEN];
- #define HASHHEXLEN 32
-@@ -43,7 +33,7 @@
- #ifdef HAVE_LUA_H
-
- int f_crypto_md5(lua_State *L) {
-- MD5_CTX Md5Ctx;
-+ li_MD5_CTX Md5Ctx;
- HASH HA1;
- buffer b;
- char hex[33];
-@@ -63,9 +53,9 @@
- lua_error(L);
- }
-
-- MD5_Init(&Md5Ctx);
-- MD5_Update(&Md5Ctx, (unsigned char *)lua_tostring(L, 1), lua_strlen(L, 1));
-- MD5_Final(HA1, &Md5Ctx);
-+ li_MD5_Init(&Md5Ctx);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)lua_tostring(L, 1), lua_strlen(L, 1));
-+ li_MD5_Final(HA1, &Md5Ctx);
-
- buffer_copy_string_hex(&b, (char *)HA1, 16);
-
-Index: src/Makefile.am
-===================================================================
---- src/Makefile.am (revision 2798)
-+++ src/Makefile.am (revision 2799)
-@@ -241,7 +241,7 @@
- mod_compress_la_LIBADD = $(Z_LIB) $(BZ_LIB) $(common_libadd)
-
- lib_LTLIBRARIES += mod_auth.la
--mod_auth_la_SOURCES = mod_auth.c http_auth_digest.c http_auth.c
-+mod_auth_la_SOURCES = mod_auth.c http_auth.c
- mod_auth_la_LDFLAGS = -module -export-dynamic -avoid-version -no-undefined
- mod_auth_la_LIBADD = $(CRYPT_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd)
-
-@@ -268,7 +268,7 @@
-
- hdr = server.h buffer.h network.h log.h keyvalue.h \
- response.h request.h fastcgi.h chunk.h \
-- settings.h http_chunk.h http_auth_digest.h \
-+ settings.h http_chunk.h \
- md5.h http_auth.h stream.h \
- fdevent.h connections.h base.h stat_cache.h \
- plugin.h mod_auth.h \
-Index: src/http_auth.c
-===================================================================
---- src/http_auth.c (revision 2798)
-+++ src/http_auth.c (revision 2799)
-@@ -1,7 +1,6 @@
- #include "server.h"
- #include "log.h"
- #include "http_auth.h"
--#include "http_auth_digest.h"
- #include "inet_ntop_cache.h"
- #include "stream.h"
-
-@@ -28,18 +27,23 @@
- #include <unistd.h>
- #include <ctype.h>
-
--#ifdef USE_OPENSSL
--# include <openssl/md5.h>
--#else
--# include "md5.h"
-+#include "md5.h"
-
--typedef li_MD5_CTX MD5_CTX;
--#define MD5_Init li_MD5_Init
--#define MD5_Update li_MD5_Update
--#define MD5_Final li_MD5_Final
-+#define HASHLEN 16
-+#define HASHHEXLEN 32
-+typedef unsigned char HASH[HASHLEN];
-+typedef char HASHHEX[HASHHEXLEN+1];
-
--#endif
-+static void CvtHex(const HASH Bin, char Hex[33]) {
-+ unsigned short i;
-
-+ for (i = 0; i < 16; i++) {
-+ Hex[i*2] = int2hex((Bin[i] >> 4) & 0xf);
-+ Hex[i*2+1] = int2hex(Bin[i] & 0xf);
-+ }
-+ Hex[32] = '\0';
-+}
-+
- /**
- * the $apr1$ handling is taken from apache 1.3.x
- */
-@@ -435,7 +439,7 @@
-
- static void to64(char *s, unsigned long v, int n)
- {
-- static unsigned char itoa64[] = /* 0 ... 63 => ASCII - 64 */
-+ static const unsigned char itoa64[] = /* 0 ... 63 => ASCII - 64 */
- "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-
- while (--n >= 0) {
-@@ -455,7 +459,7 @@
- const char *sp, *ep;
- unsigned char final[APR_MD5_DIGESTSIZE];
- ssize_t sl, pl, i;
-- MD5_CTX ctx, ctx1;
-+ li_MD5_CTX ctx, ctx1;
- unsigned long l;
-
- /*
-@@ -487,33 +491,33 @@
- /*
- * 'Time to make the doughnuts..'
- */
-- MD5_Init(&ctx);
-+ li_MD5_Init(&ctx);
-
- /*
- * The password first, since that is what is most unknown
- */
-- MD5_Update(&ctx, pw, strlen(pw));
-+ li_MD5_Update(&ctx, pw, strlen(pw));
-
- /*
- * Then our magic string
- */
-- MD5_Update(&ctx, APR1_ID, strlen(APR1_ID));
-+ li_MD5_Update(&ctx, APR1_ID, strlen(APR1_ID));
-
- /*
- * Then the raw salt
- */
-- MD5_Update(&ctx, sp, sl);
-+ li_MD5_Update(&ctx, sp, sl);
-
- /*
- * Then just as many characters of the MD5(pw, salt, pw)
- */
-- MD5_Init(&ctx1);
-- MD5_Update(&ctx1, pw, strlen(pw));
-- MD5_Update(&ctx1, sp, sl);
-- MD5_Update(&ctx1, pw, strlen(pw));
-- MD5_Final(final, &ctx1);
-+ li_MD5_Init(&ctx1);
-+ li_MD5_Update(&ctx1, pw, strlen(pw));
-+ li_MD5_Update(&ctx1, sp, sl);
-+ li_MD5_Update(&ctx1, pw, strlen(pw));
-+ li_MD5_Final(final, &ctx1);
- for (pl = strlen(pw); pl > 0; pl -= APR_MD5_DIGESTSIZE) {
-- MD5_Update(&ctx, final,
-+ li_MD5_Update(&ctx, final,
- (pl > APR_MD5_DIGESTSIZE) ? APR_MD5_DIGESTSIZE : pl);
- }
-
-@@ -527,10 +531,10 @@
- */
- for (i = strlen(pw); i != 0; i >>= 1) {
- if (i & 1) {
-- MD5_Update(&ctx, final, 1);
-+ li_MD5_Update(&ctx, final, 1);
- }
- else {
-- MD5_Update(&ctx, pw, 1);
-+ li_MD5_Update(&ctx, pw, 1);
- }
- }
-
-@@ -542,7 +546,7 @@
- strncat(passwd, sp, sl);
- strcat(passwd, "$");
-
-- MD5_Final(final, &ctx);
-+ li_MD5_Final(final, &ctx);
-
- /*
- * And now, just to make sure things don't run too fast..
-@@ -550,28 +554,28 @@
- * need 30 seconds to build a 1000 entry dictionary...
- */
- for (i = 0; i < 1000; i++) {
-- MD5_Init(&ctx1);
-+ li_MD5_Init(&ctx1);
- if (i & 1) {
-- MD5_Update(&ctx1, pw, strlen(pw));
-+ li_MD5_Update(&ctx1, pw, strlen(pw));
- }
- else {
-- MD5_Update(&ctx1, final, APR_MD5_DIGESTSIZE);
-+ li_MD5_Update(&ctx1, final, APR_MD5_DIGESTSIZE);
- }
- if (i % 3) {
-- MD5_Update(&ctx1, sp, sl);
-+ li_MD5_Update(&ctx1, sp, sl);
- }
-
- if (i % 7) {
-- MD5_Update(&ctx1, pw, strlen(pw));
-+ li_MD5_Update(&ctx1, pw, strlen(pw));
- }
-
- if (i & 1) {
-- MD5_Update(&ctx1, final, APR_MD5_DIGESTSIZE);
-+ li_MD5_Update(&ctx1, final, APR_MD5_DIGESTSIZE);
- }
- else {
-- MD5_Update(&ctx1, pw, strlen(pw));
-+ li_MD5_Update(&ctx1, pw, strlen(pw));
- }
-- MD5_Final(final,&ctx1);
-+ li_MD5_Final(final,&ctx1);
- }
-
- p = passwd + strlen(passwd);
-@@ -614,17 +618,17 @@
- * user:realm:md5(user:realm:password)
- */
-
-- MD5_CTX Md5Ctx;
-+ li_MD5_CTX Md5Ctx;
- HASH HA1;
- char a1[256];
-
-- MD5_Init(&Md5Ctx);
-- MD5_Update(&Md5Ctx, (unsigned char *)username->ptr, username->used - 1);
-- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-- MD5_Update(&Md5Ctx, (unsigned char *)realm->ptr, realm->used - 1);
-- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-- MD5_Update(&Md5Ctx, (unsigned char *)pw, strlen(pw));
-- MD5_Final(HA1, &Md5Ctx);
-+ li_MD5_Init(&Md5Ctx);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)username->ptr, username->used - 1);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)realm->ptr, realm->used - 1);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)pw, strlen(pw));
-+ li_MD5_Final(HA1, &Md5Ctx);
-
- CvtHex(HA1, a1);
-
-@@ -930,7 +934,7 @@
- int i;
- buffer *password, *b, *username_buf, *realm_buf;
-
-- MD5_CTX Md5Ctx;
-+ li_MD5_CTX Md5Ctx;
- HASH HA1;
- HASH HA2;
- HASH RespHash;
-@@ -1067,13 +1071,13 @@
-
- if (p->conf.auth_backend == AUTH_BACKEND_PLAIN) {
- /* generate password from plain-text */
-- MD5_Init(&Md5Ctx);
-- MD5_Update(&Md5Ctx, (unsigned char *)username, strlen(username));
-- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-- MD5_Update(&Md5Ctx, (unsigned char *)realm, strlen(realm));
-- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-- MD5_Update(&Md5Ctx, (unsigned char *)password->ptr, password->used - 1);
-- MD5_Final(HA1, &Md5Ctx);
-+ li_MD5_Init(&Md5Ctx);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)username, strlen(username));
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)realm, strlen(realm));
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)password->ptr, password->used - 1);
-+ li_MD5_Final(HA1, &Md5Ctx);
- } else if (p->conf.auth_backend == AUTH_BACKEND_HTDIGEST) {
- /* HA1 */
- /* transform the 32-byte-hex-md5 to a 16-byte-md5 */
-@@ -1090,45 +1094,45 @@
-
- if (algorithm &&
- strcasecmp(algorithm, "md5-sess") == 0) {
-- MD5_Init(&Md5Ctx);
-- MD5_Update(&Md5Ctx, (unsigned char *)HA1, 16);
-- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-- MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce));
-- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-- MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce));
-- MD5_Final(HA1, &Md5Ctx);
-+ li_MD5_Init(&Md5Ctx);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)HA1, 16);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce));
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce));
-+ li_MD5_Final(HA1, &Md5Ctx);
- }
-
- CvtHex(HA1, a1);
-
- /* calculate H(A2) */
-- MD5_Init(&Md5Ctx);
-- MD5_Update(&Md5Ctx, (unsigned char *)m, strlen(m));
-- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-- MD5_Update(&Md5Ctx, (unsigned char *)uri, strlen(uri));
-+ li_MD5_Init(&Md5Ctx);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)m, strlen(m));
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)uri, strlen(uri));
- if (qop && strcasecmp(qop, "auth-int") == 0) {
-- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-- MD5_Update(&Md5Ctx, (unsigned char *)"", HASHHEXLEN);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)"", HASHHEXLEN);
- }
-- MD5_Final(HA2, &Md5Ctx);
-+ li_MD5_Final(HA2, &Md5Ctx);
- CvtHex(HA2, HA2Hex);
-
- /* calculate response */
-- MD5_Init(&Md5Ctx);
-- MD5_Update(&Md5Ctx, (unsigned char *)a1, HASHHEXLEN);
-- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-- MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce));
-- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-+ li_MD5_Init(&Md5Ctx);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)a1, HASHHEXLEN);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce));
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
- if (qop && *qop) {
-- MD5_Update(&Md5Ctx, (unsigned char *)nc, strlen(nc));
-- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-- MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce));
-- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-- MD5_Update(&Md5Ctx, (unsigned char *)qop, strlen(qop));
-- MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)nc, strlen(nc));
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce));
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)qop, strlen(qop));
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1);
- };
-- MD5_Update(&Md5Ctx, (unsigned char *)HA2Hex, HASHHEXLEN);
-- MD5_Final(RespHash, &Md5Ctx);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)HA2Hex, HASHHEXLEN);
-+ li_MD5_Final(RespHash, &Md5Ctx);
- CvtHex(RespHash, a2);
-
- if (0 != strcmp(a2, respons)) {
-@@ -1171,24 +1175,24 @@
-
- int http_auth_digest_generate_nonce(server *srv, mod_auth_plugin_data *p, buffer *fn, char out[33]) {
- HASH h;
-- MD5_CTX Md5Ctx;
-+ li_MD5_CTX Md5Ctx;
- char hh[32];
-
- UNUSED(p);
-
- /* generate shared-secret */
-- MD5_Init(&Md5Ctx);
-- MD5_Update(&Md5Ctx, (unsigned char *)fn->ptr, fn->used - 1);
-- MD5_Update(&Md5Ctx, (unsigned char *)"+", 1);
-+ li_MD5_Init(&Md5Ctx);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)fn->ptr, fn->used - 1);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)"+", 1);
-
- /* we assume sizeof(time_t) == 4 here, but if not it ain't a problem at all */
- LI_ltostr(hh, srv->cur_ts);
-- MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
-- MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy));
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy));
- LI_ltostr(hh, rand());
-- MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
-
-- MD5_Final(h, &Md5Ctx);
-+ li_MD5_Final(h, &Md5Ctx);
-
- CvtHex(h, out);
-
-Index: src/mod_usertrack.c
-===================================================================
---- src/mod_usertrack.c (revision 2798)
-+++ src/mod_usertrack.c (revision 2799)
-@@ -8,18 +8,8 @@
- #include <stdlib.h>
- #include <string.h>
-
--#ifdef USE_OPENSSL
--# include <openssl/md5.h>
--#else
--# include "md5.h"
-+#include "md5.h"
-
--typedef li_MD5_CTX MD5_CTX;
--#define MD5_Init li_MD5_Init
--#define MD5_Update li_MD5_Update
--#define MD5_Final li_MD5_Final
--
--#endif
--
- /* plugin config for all request/connections */
-
- typedef struct {
-@@ -182,7 +172,7 @@
- plugin_data *p = p_d;
- data_string *ds;
- unsigned char h[16];
-- MD5_CTX Md5Ctx;
-+ li_MD5_CTX Md5Ctx;
- char hh[32];
-
- if (con->uri.path->used == 0) return HANDLER_GO_ON;
-@@ -228,18 +218,18 @@
- /* taken from mod_auth.c */
-
- /* generate shared-secret */
-- MD5_Init(&Md5Ctx);
-- MD5_Update(&Md5Ctx, (unsigned char *)con->uri.path->ptr, con->uri.path->used - 1);
-- MD5_Update(&Md5Ctx, (unsigned char *)"+", 1);
-+ li_MD5_Init(&Md5Ctx);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)con->uri.path->ptr, con->uri.path->used - 1);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)"+", 1);
-
- /* we assume sizeof(time_t) == 4 here, but if not it ain't a problem at all */
- LI_ltostr(hh, srv->cur_ts);
-- MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
-- MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy));
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy));
- LI_ltostr(hh, rand());
-- MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh));
-
-- MD5_Final(h, &Md5Ctx);
-+ li_MD5_Final(h, &Md5Ctx);
-
- buffer_append_string_encoded(ds->value, (char *)h, 16, ENCODING_HEX);
- buffer_append_string_len(ds->value, CONST_STR_LEN("; Path=/"));
-Index: src/mod_cml_lua.c
-===================================================================
---- src/mod_cml_lua.c (revision 2798)
-+++ src/mod_cml_lua.c (revision 2799)
-@@ -11,18 +11,6 @@
- #include <time.h>
- #include <string.h>
-
--#ifdef USE_OPENSSL
--# include <openssl/md5.h>
--#else
--# include "md5.h"
--
--typedef li_MD5_CTX MD5_CTX;
--#define MD5_Init li_MD5_Init
--#define MD5_Update li_MD5_Update
--#define MD5_Final li_MD5_Final
--
--#endif
--
- #define HASHLEN 16
- typedef unsigned char HASH[HASHLEN];
- #define HASHHEXLEN 32
-Index: src/mod_dirlisting.c
-===================================================================
---- src/mod_dirlisting.c (revision 2798)
-+++ src/mod_dirlisting.c (revision 2799)
-@@ -657,7 +657,8 @@
- i = dir->used - 1;
-
- #ifdef HAVE_PATHCONF
-- if (-1 == (name_max = pathconf(dir->ptr, _PC_NAME_MAX))) {
-+ if (0 >= (name_max = pathconf(dir->ptr, _PC_NAME_MAX))) {
-+ /* some broken fs (fuse) return 0 instead of -1 */
- #ifdef NAME_MAX
- name_max = NAME_MAX;
- #else
diff --git a/www/lighttpd/files/patch-2800-gccwarnings b/www/lighttpd/files/patch-2800-gccwarnings
deleted file mode 100644
index f7f41087b8b2..000000000000
--- a/www/lighttpd/files/patch-2800-gccwarnings
+++ /dev/null
@@ -1,62 +0,0 @@
-Index: src/mod_staticfile.c
-===================================================================
---- src/mod_staticfile.c (revision 2799)
-+++ src/mod_staticfile.c (revision 2800)
-@@ -350,7 +350,6 @@
- URIHANDLER_FUNC(mod_staticfile_subrequest) {
- plugin_data *p = p_d;
- size_t k;
-- int s_len;
- stat_cache_entry *sce = NULL;
- buffer *mtime = NULL;
- data_string *ds;
-@@ -376,8 +375,6 @@
-
- mod_staticfile_patch_connection(srv, con, p);
-
-- s_len = con->uri.path->used - 1;
--
- /* ignore certain extensions */
- for (k = 0; k < p->conf.exclude_ext->used; k++) {
- ds = (data_string *)p->conf.exclude_ext->data[k];
-Index: src/mod_userdir.c
-===================================================================
---- src/mod_userdir.c (revision 2799)
-+++ src/mod_userdir.c (revision 2800)
-@@ -166,7 +166,6 @@
-
- URIHANDLER_FUNC(mod_userdir_docroot_handler) {
- plugin_data *p = p_d;
-- int uri_len;
- size_t k;
- char *rel_url;
- #ifdef HAVE_PWD_H
-@@ -182,8 +181,6 @@
- */
- if (p->conf.path->used == 0) return HANDLER_GO_ON;
-
-- uri_len = con->uri.path->used - 1;
--
- /* /~user/foo.html -> /home/user/public_html/foo.html */
-
- if (con->uri.path->ptr[0] != '/' ||
-Index: src/mod_fastcgi.c
-===================================================================
---- src/mod_fastcgi.c (revision 2799)
-+++ src/mod_fastcgi.c (revision 2800)
-@@ -3132,7 +3132,6 @@
- plugin_data *p = p_d;
-
- handler_ctx *hctx = con->plugin_ctx[p->id];
-- fcgi_proc *proc;
- fcgi_extension_host *host;
-
- if (NULL == hctx) return HANDLER_GO_ON;
-@@ -3201,7 +3200,6 @@
- /* ok, create the request */
- switch(fcgi_write_request(srv, hctx)) {
- case HANDLER_ERROR:
-- proc = hctx->proc;
- host = hctx->host;
-
- if (hctx->state == FCGI_STATE_INIT ||
diff --git a/www/lighttpd/files/patch-2801-network-write b/www/lighttpd/files/patch-2801-network-write
deleted file mode 100644
index d7197177bee3..000000000000
--- a/www/lighttpd/files/patch-2801-network-write
+++ /dev/null
@@ -1,804 +0,0 @@
-Index: src/network_write.c
-===================================================================
---- src/network_write.c (revision 2800)
-+++ src/network_write.c (revision 2801)
-@@ -24,17 +24,16 @@
- # include <sys/resource.h>
- #endif
-
--int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq) {
-+int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) {
- chunk *c;
-- size_t chunks_written = 0;
-
-- for(c = cq->first; c; c = c->next) {
-+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
- int chunk_finished = 0;
-
- switch(c->type) {
- case MEM_CHUNK: {
- char * offset;
-- size_t toSend;
-+ off_t toSend;
- ssize_t r;
-
- if (c->mem->used == 0) {
-@@ -44,6 +43,8 @@
-
- offset = c->mem->ptr + c->offset;
- toSend = c->mem->used - 1 - c->offset;
-+ if (toSend > max_bytes) toSend = max_bytes;
-+
- #ifdef __WIN32
- if ((r = send(fd, offset, toSend, 0)) < 0) {
- /* no error handling for windows... */
-@@ -72,6 +73,7 @@
-
- c->offset += r;
- cq->bytes_out += r;
-+ max_bytes -= r;
-
- if (c->offset == (off_t)c->mem->used - 1) {
- chunk_finished = 1;
-@@ -85,7 +87,7 @@
- #endif
- ssize_t r;
- off_t offset;
-- size_t toSend;
-+ off_t toSend;
- stat_cache_entry *sce = NULL;
- int ifd;
-
-@@ -98,6 +100,8 @@
- offset = c->file.start + c->offset;
- toSend = c->file.length - c->offset;
-
-+ if (toSend > max_bytes) toSend = max_bytes;
-+
- if (offset > sce->st.st_size) {
- log_error_write(srv, __FILE__, __LINE__, "sb", "file was shrinked:", c->file.name);
-
-@@ -181,6 +185,7 @@
-
- c->offset += r;
- cq->bytes_out += r;
-+ max_bytes -= r;
-
- if (c->offset == c->file.length) {
- chunk_finished = 1;
-@@ -200,11 +205,9 @@
-
- break;
- }
--
-- chunks_written++;
- }
-
-- return chunks_written;
-+ return 0;
- }
-
- #if 0
-Index: src/base.h
-===================================================================
---- src/base.h (revision 2800)
-+++ src/base.h (revision 2801)
-@@ -647,11 +647,9 @@
-
- fdevent_handler_t event_handler;
-
-- int (* network_backend_write)(struct server *srv, connection *con, int fd, chunkqueue *cq);
-- int (* network_backend_read)(struct server *srv, connection *con, int fd, chunkqueue *cq);
-+ int (* network_backend_write)(struct server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
- #ifdef USE_OPENSSL
-- int (* network_ssl_backend_write)(struct server *srv, connection *con, SSL *ssl, chunkqueue *cq);
-- int (* network_ssl_backend_read)(struct server *srv, connection *con, SSL *ssl, chunkqueue *cq);
-+ int (* network_ssl_backend_write)(struct server *srv, connection *con, SSL *ssl, chunkqueue *cq, off_t max_bytes);
- #endif
-
- uid_t uid;
-Index: src/connections.c
-===================================================================
---- src/connections.c (revision 2800)
-+++ src/connections.c (revision 2801)
-@@ -617,8 +617,9 @@
- }
-
- static int connection_handle_write(server *srv, connection *con) {
-- switch(network_write_chunkqueue(srv, con, con->write_queue)) {
-+ switch(network_write_chunkqueue(srv, con, con->write_queue, MAX_WRITE_LIMIT)) {
- case 0:
-+ con->write_request_ts = srv->cur_ts;
- if (con->file_finished) {
- connection_set_state(srv, con, CON_STATE_RESPONSE_END);
- joblist_append(srv, con);
-@@ -635,6 +636,7 @@
- joblist_append(srv, con);
- break;
- case 1:
-+ con->write_request_ts = srv->cur_ts;
- con->is_writable = 0;
-
- /* not finished yet -> WRITE */
-@@ -1251,8 +1253,6 @@
- log_error_write(srv, __FILE__, __LINE__, "ds",
- con->fd,
- "handle write failed.");
-- } else if (con->state == CON_STATE_WRITE) {
-- con->write_request_ts = srv->cur_ts;
- }
- }
-
-@@ -1667,8 +1667,6 @@
- con->fd,
- "handle write failed.");
- connection_set_state(srv, con, CON_STATE_ERROR);
-- } else if (con->state == CON_STATE_WRITE) {
-- con->write_request_ts = srv->cur_ts;
- }
- }
-
-Index: src/network.c
-===================================================================
---- src/network.c (revision 2800)
-+++ src/network.c (revision 2801)
-@@ -847,7 +847,7 @@
- return 0;
- }
-
--int network_write_chunkqueue(server *srv, connection *con, chunkqueue *cq) {
-+int network_write_chunkqueue(server *srv, connection *con, chunkqueue *cq, off_t max_bytes) {
- int ret = -1;
- off_t written = 0;
- #ifdef TCP_CORK
-@@ -855,16 +855,34 @@
- #endif
- server_socket *srv_socket = con->srv_socket;
-
-- if (con->conf.global_kbytes_per_second &&
-- *(con->conf.global_bytes_per_second_cnt_ptr) > con->conf.global_kbytes_per_second * 1024) {
-- /* we reached the global traffic limit */
-+ if (con->conf.global_kbytes_per_second) {
-+ off_t limit = con->conf.global_kbytes_per_second * 1024 - *(con->conf.global_bytes_per_second_cnt_ptr);
-+ if (limit <= 0) {
-+ /* we reached the global traffic limit */
-
-- con->traffic_limit_reached = 1;
-- joblist_append(srv, con);
-+ con->traffic_limit_reached = 1;
-+ joblist_append(srv, con);
-
-- return 1;
-+ return 1;
-+ } else {
-+ if (max_bytes > limit) max_bytes = limit;
-+ }
- }
-
-+ if (con->conf.kbytes_per_second) {
-+ off_t limit = con->conf.kbytes_per_second * 1024 - con->bytes_written_cur_second;
-+ if (limit <= 0) {
-+ /* we reached the traffic limit */
-+
-+ con->traffic_limit_reached = 1;
-+ joblist_append(srv, con);
-+
-+ return 1;
-+ } else {
-+ if (max_bytes > limit) max_bytes = limit;
-+ }
-+ }
-+
- written = cq->bytes_out;
-
- #ifdef TCP_CORK
-@@ -879,10 +897,10 @@
-
- if (srv_socket->is_ssl) {
- #ifdef USE_OPENSSL
-- ret = srv->network_ssl_backend_write(srv, con, con->ssl, cq);
-+ ret = srv->network_ssl_backend_write(srv, con, con->ssl, cq, max_bytes);
- #endif
- } else {
-- ret = srv->network_backend_write(srv, con, con->fd, cq);
-+ ret = srv->network_backend_write(srv, con, con->fd, cq, max_bytes);
- }
-
- if (ret >= 0) {
-@@ -903,12 +921,5 @@
-
- *(con->conf.global_bytes_per_second_cnt_ptr) += written;
-
-- if (con->conf.kbytes_per_second &&
-- (con->bytes_written_cur_second > con->conf.kbytes_per_second * 1024)) {
-- /* we reached the traffic limit */
--
-- con->traffic_limit_reached = 1;
-- joblist_append(srv, con);
-- }
- return ret;
- }
-Index: src/network.h
-===================================================================
---- src/network.h (revision 2800)
-+++ src/network.h (revision 2801)
-@@ -3,7 +3,7 @@
-
- #include "server.h"
-
--int network_write_chunkqueue(server *srv, connection *con, chunkqueue *c);
-+int network_write_chunkqueue(server *srv, connection *con, chunkqueue *c, off_t max_bytes);
-
- int network_init(server *srv);
- int network_close(server *srv);
-Index: src/mod_scgi.c
-===================================================================
---- src/mod_scgi.c (revision 2800)
-+++ src/mod_scgi.c (revision 2801)
-@@ -2296,7 +2296,7 @@
-
- /* fall through */
- case FCGI_STATE_WRITE:
-- ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb);
-+ ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb, MAX_WRITE_LIMIT);
-
- chunkqueue_remove_finished_chunks(hctx->wb);
-
-Index: src/network_backends.h
-===================================================================
---- src/network_backends.h (revision 2800)
-+++ src/network_backends.h (revision 2801)
-@@ -47,18 +47,18 @@
- #include "base.h"
-
- /* return values:
-- * >= 0 : chunks completed
-+ * >= 0 : no error
- * -1 : error (on our side)
- * -2 : remote close
- */
-
--int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq);
--int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq);
--int network_write_chunkqueue_linuxsendfile(server *srv, connection *con, int fd, chunkqueue *cq);
--int network_write_chunkqueue_freebsdsendfile(server *srv, connection *con, int fd, chunkqueue *cq);
--int network_write_chunkqueue_solarissendfilev(server *srv, connection *con, int fd, chunkqueue *cq);
-+int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
-+int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
-+int network_write_chunkqueue_linuxsendfile(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
-+int network_write_chunkqueue_freebsdsendfile(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
-+int network_write_chunkqueue_solarissendfilev(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes);
- #ifdef USE_OPENSSL
--int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq);
-+int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq, off_t max_bytes);
- #endif
-
- #endif
-Index: src/mod_proxy.c
-===================================================================
---- src/mod_proxy.c (revision 2800)
-+++ src/mod_proxy.c (revision 2801)
-@@ -825,7 +825,7 @@
-
- /* fall through */
- case PROXY_STATE_WRITE:;
-- ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb);
-+ ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb, MAX_WRITE_LIMIT);
-
- chunkqueue_remove_finished_chunks(hctx->wb);
-
-Index: src/network_writev.c
-===================================================================
---- src/network_writev.c (revision 2800)
-+++ src/network_writev.c (revision 2801)
-@@ -30,17 +30,16 @@
- #define LOCAL_BUFFERING 1
- #endif
-
--int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq) {
-+int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) {
- chunk *c;
-- size_t chunks_written = 0;
-
-- for(c = cq->first; c; c = c->next) {
-+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
- int chunk_finished = 0;
-
- switch(c->type) {
- case MEM_CHUNK: {
- char * offset;
-- size_t toSend;
-+ off_t toSend;
- ssize_t r;
-
- size_t num_chunks, i;
-@@ -65,12 +64,10 @@
- #error "sysconf() doesnt return _SC_IOV_MAX ..., check the output of 'man writev' for the EINVAL error and send the output to jan@kneschke.de"
- #endif
-
-- /* we can't send more then SSIZE_MAX bytes in one chunk */
--
- /* build writev list
- *
- * 1. limit: num_chunks < max_chunks
-- * 2. limit: num_bytes < SSIZE_MAX
-+ * 2. limit: num_bytes < max_bytes
- */
- for (num_chunks = 0, tc = c; tc && tc->type == MEM_CHUNK && num_chunks < max_chunks; num_chunks++, tc = tc->next);
-
-@@ -87,9 +84,9 @@
- chunks[i].iov_base = offset;
-
- /* protect the return value of writev() */
-- if (toSend > SSIZE_MAX ||
-- num_bytes + toSend > SSIZE_MAX) {
-- chunks[i].iov_len = SSIZE_MAX - num_bytes;
-+ if (toSend > max_bytes ||
-+ (off_t) num_bytes + toSend > max_bytes) {
-+ chunks[i].iov_len = max_bytes - num_bytes;
-
- num_chunks = i + 1;
- break;
-@@ -121,6 +118,7 @@
- }
-
- cq->bytes_out += r;
-+ max_bytes -= r;
-
- /* check which chunks have been written */
-
-@@ -132,11 +130,10 @@
-
- if (chunk_finished) {
- /* skip the chunks from further touches */
-- chunks_written++;
- c = c->next;
- } else {
- /* chunks_written + c = c->next is done in the for()*/
-- chunk_finished++;
-+ chunk_finished = 1;
- }
- } else {
- /* partially written */
-@@ -284,6 +281,8 @@
- assert(toSend < 0);
- }
-
-+ if (toSend > max_bytes) toSend = max_bytes;
-+
- #ifdef LOCAL_BUFFERING
- start = c->mem->ptr;
- #else
-@@ -309,6 +308,7 @@
-
- c->offset += r;
- cq->bytes_out += r;
-+ max_bytes -= r;
-
- if (c->offset == c->file.length) {
- chunk_finished = 1;
-@@ -334,11 +334,9 @@
-
- break;
- }
--
-- chunks_written++;
- }
-
-- return chunks_written;
-+ return 0;
- }
-
- #endif
-Index: src/network_freebsd_sendfile.c
-===================================================================
---- src/network_freebsd_sendfile.c (revision 2800)
-+++ src/network_freebsd_sendfile.c (revision 2801)
-@@ -31,17 +31,16 @@
- # endif
- #endif
-
--int network_write_chunkqueue_freebsdsendfile(server *srv, connection *con, int fd, chunkqueue *cq) {
-+int network_write_chunkqueue_freebsdsendfile(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) {
- chunk *c;
-- size_t chunks_written = 0;
-
-- for(c = cq->first; c; c = c->next, chunks_written++) {
-+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
- int chunk_finished = 0;
-
- switch(c->type) {
- case MEM_CHUNK: {
- char * offset;
-- size_t toSend;
-+ off_t toSend;
- ssize_t r;
-
- size_t num_chunks, i;
-@@ -49,12 +48,10 @@
- chunk *tc;
- size_t num_bytes = 0;
-
-- /* we can't send more then SSIZE_MAX bytes in one chunk */
--
- /* build writev list
- *
- * 1. limit: num_chunks < UIO_MAXIOV
-- * 2. limit: num_bytes < SSIZE_MAX
-+ * 2. limit: num_bytes < max_bytes
- */
- for(num_chunks = 0, tc = c; tc && tc->type == MEM_CHUNK && num_chunks < UIO_MAXIOV; num_chunks++, tc = tc->next);
-
-@@ -69,9 +66,9 @@
- chunks[i].iov_base = offset;
-
- /* protect the return value of writev() */
-- if (toSend > SSIZE_MAX ||
-- num_bytes + toSend > SSIZE_MAX) {
-- chunks[i].iov_len = SSIZE_MAX - num_bytes;
-+ if (toSend > max_bytes ||
-+ (off_t) num_bytes + toSend > max_bytes) {
-+ chunks[i].iov_len = max_bytes - num_bytes;
-
- num_chunks = i + 1;
- break;
-@@ -105,6 +102,7 @@
-
- /* check which chunks have been written */
- cq->bytes_out += r;
-+ max_bytes -= r;
-
- for(i = 0, tc = c; i < num_chunks; i++, tc = tc->next) {
- if (r >= (ssize_t)chunks[i].iov_len) {
-@@ -114,11 +112,10 @@
-
- if (chunk_finished) {
- /* skip the chunks from further touches */
-- chunks_written++;
- c = c->next;
- } else {
- /* chunks_written + c = c->next is done in the for()*/
-- chunk_finished++;
-+ chunk_finished = 1;
- }
- } else {
- /* partially written */
-@@ -134,7 +131,7 @@
- }
- case FILE_CHUNK: {
- off_t offset, r;
-- size_t toSend;
-+ off_t toSend;
- stat_cache_entry *sce = NULL;
-
- if (HANDLER_ERROR == stat_cache_get_entry(srv, con, c->file.name, &sce)) {
-@@ -144,9 +141,8 @@
- }
-
- offset = c->file.start + c->offset;
-- /* limit the toSend to 2^31-1 bytes in a chunk */
-- toSend = c->file.length - c->offset > ((1 << 30) - 1) ?
-- ((1 << 30) - 1) : c->file.length - c->offset;
-+ toSend = c->file.length - c->offset;
-+ if (toSend > max_bytes) toSend = max_bytes;
-
- if (-1 == c->file.fd) {
- if (-1 == (c->file.fd = open(c->file.name->ptr, O_RDONLY))) {
-@@ -197,6 +193,7 @@
-
- c->offset += r;
- cq->bytes_out += r;
-+ max_bytes -= r;
-
- if (c->offset == c->file.length) {
- chunk_finished = 1;
-@@ -218,7 +215,7 @@
- }
- }
-
-- return chunks_written;
-+ return 0;
- }
-
- #endif
-Index: src/network_openssl.c
-===================================================================
---- src/network_openssl.c (revision 2800)
-+++ src/network_openssl.c (revision 2801)
-@@ -27,10 +27,9 @@
- # include <openssl/ssl.h>
- # include <openssl/err.h>
-
--int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq) {
-+int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq, off_t max_bytes) {
- int ssl_r;
- chunk *c;
-- size_t chunks_written = 0;
-
- /* this is a 64k sendbuffer
- *
-@@ -59,13 +58,13 @@
- SSL_set_shutdown(ssl, SSL_RECEIVED_SHUTDOWN);
- }
-
-- for(c = cq->first; c; c = c->next) {
-+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
- int chunk_finished = 0;
-
- switch(c->type) {
- case MEM_CHUNK: {
- char * offset;
-- size_t toSend;
-+ off_t toSend;
- ssize_t r;
-
- if (c->mem->used == 0 || c->mem->used == 1) {
-@@ -75,6 +74,7 @@
-
- offset = c->mem->ptr + c->offset;
- toSend = c->mem->used - 1 - c->offset;
-+ if (toSend > max_bytes) toSend = max_bytes;
-
- /**
- * SSL_write man-page
-@@ -139,6 +139,7 @@
- } else {
- c->offset += r;
- cq->bytes_out += r;
-+ max_bytes -= r;
- }
-
- if (c->offset == (off_t)c->mem->used - 1) {
-@@ -168,6 +169,7 @@
- do {
- off_t offset = c->file.start + c->offset;
- off_t toSend = c->file.length - c->offset;
-+ if (toSend > max_bytes) toSend = max_bytes;
-
- if (toSend > LOCAL_SEND_BUFSIZE) toSend = LOCAL_SEND_BUFSIZE;
-
-@@ -243,6 +245,7 @@
- } else {
- c->offset += r;
- cq->bytes_out += r;
-+ max_bytes -= r;
- }
-
- if (c->offset == c->file.length) {
-@@ -263,11 +266,9 @@
-
- break;
- }
--
-- chunks_written++;
- }
-
-- return chunks_written;
-+ return 0;
- }
- #endif
-
-Index: src/settings.h
-===================================================================
---- src/settings.h (revision 2800)
-+++ src/settings.h (revision 2801)
-@@ -21,8 +21,11 @@
- * 64kB (no real reason, just a guess)
- */
- #define BUFFER_MAX_REUSE_SIZE (4 * 1024)
--#define MAX_READ_LIMIT (4*1024*1024)
-
-+/* both should be way smaller than SSIZE_MAX :) */
-+#define MAX_READ_LIMIT (256*1024)
-+#define MAX_WRITE_LIMIT (256*1024)
-+
- /**
- * max size of the HTTP request header
- *
-Index: src/mod_fastcgi.c
-===================================================================
---- src/mod_fastcgi.c (revision 2800)
-+++ src/mod_fastcgi.c (revision 2801)
-@@ -3075,7 +3075,7 @@
- fcgi_set_state(srv, hctx, FCGI_STATE_WRITE);
- /* fall through */
- case FCGI_STATE_WRITE:
-- ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb);
-+ ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb, MAX_WRITE_LIMIT);
-
- chunkqueue_remove_finished_chunks(hctx->wb);
-
-Index: src/network_solaris_sendfilev.c
-===================================================================
---- src/network_solaris_sendfilev.c (revision 2800)
-+++ src/network_solaris_sendfilev.c (revision 2801)
-@@ -38,17 +38,16 @@
- */
-
-
--int network_write_chunkqueue_solarissendfilev(server *srv, connection *con, int fd, chunkqueue *cq) {
-+int network_write_chunkqueue_solarissendfilev(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) {
- chunk *c;
-- size_t chunks_written = 0;
-
-- for(c = cq->first; c; c = c->next, chunks_written++) {
-+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
- int chunk_finished = 0;
-
- switch(c->type) {
- case MEM_CHUNK: {
- char * offset;
-- size_t toSend;
-+ off_t toSend;
- ssize_t r;
-
- size_t num_chunks, i;
-@@ -77,9 +76,9 @@
- chunks[i].iov_base = offset;
-
- /* protect the return value of writev() */
-- if (toSend > SSIZE_MAX ||
-- num_bytes + toSend > SSIZE_MAX) {
-- chunks[i].iov_len = SSIZE_MAX - num_bytes;
-+ if (toSend > max_bytes ||
-+ (off_t) num_bytes + toSend > max_bytes) {
-+ chunks[i].iov_len = max_bytes - num_bytes;
-
- num_chunks = i + 1;
- break;
-@@ -119,11 +118,10 @@
-
- if (chunk_finished) {
- /* skip the chunks from further touches */
-- chunks_written++;
- c = c->next;
- } else {
- /* chunks_written + c = c->next is done in the for()*/
-- chunk_finished++;
-+ chunk_finished = 1;
- }
- } else {
- /* partially written */
-@@ -139,8 +137,8 @@
- }
- case FILE_CHUNK: {
- ssize_t r;
-- off_t offset;
-- size_t toSend, written;
-+ off_t offset, toSend;
-+ size_t written;
- sendfilevec_t fvec;
- stat_cache_entry *sce = NULL;
- int ifd;
-@@ -153,6 +151,7 @@
-
- offset = c->file.start + c->offset;
- toSend = c->file.length - c->offset;
-+ if (toSend > max_bytes) toSend = max_bytes;
-
- if (offset > sce->st.st_size) {
- log_error_write(srv, __FILE__, __LINE__, "sb", "file was shrinked:", c->file.name);
-@@ -186,6 +185,7 @@
- close(ifd);
- c->offset += written;
- cq->bytes_out += written;
-+ max_bytes -= written;
-
- if (c->offset == c->file.length) {
- chunk_finished = 1;
-@@ -207,7 +207,7 @@
- }
- }
-
-- return chunks_written;
-+ return 0;
- }
-
- #endif
-Index: src/network_linux_sendfile.c
-===================================================================
---- src/network_linux_sendfile.c (revision 2800)
-+++ src/network_linux_sendfile.c (revision 2801)
-@@ -27,17 +27,16 @@
- /* on linux 2.4.29 + debian/ubuntu we have crashes if this is enabled */
- #undef HAVE_POSIX_FADVISE
-
--int network_write_chunkqueue_linuxsendfile(server *srv, connection *con, int fd, chunkqueue *cq) {
-+int network_write_chunkqueue_linuxsendfile(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) {
- chunk *c;
-- size_t chunks_written = 0;
-
-- for(c = cq->first; c; c = c->next, chunks_written++) {
-+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) {
- int chunk_finished = 0;
-
- switch(c->type) {
- case MEM_CHUNK: {
- char * offset;
-- size_t toSend;
-+ off_t toSend;
- ssize_t r;
-
- size_t num_chunks, i;
-@@ -45,12 +44,10 @@
- chunk *tc;
- size_t num_bytes = 0;
-
-- /* we can't send more then SSIZE_MAX bytes in one chunk */
--
- /* build writev list
- *
- * 1. limit: num_chunks < UIO_MAXIOV
-- * 2. limit: num_bytes < SSIZE_MAX
-+ * 2. limit: num_bytes < max_bytes
- */
- for (num_chunks = 0, tc = c;
- tc && tc->type == MEM_CHUNK && num_chunks < UIO_MAXIOV;
-@@ -67,9 +64,9 @@
- chunks[i].iov_base = offset;
-
- /* protect the return value of writev() */
-- if (toSend > SSIZE_MAX ||
-- num_bytes + toSend > SSIZE_MAX) {
-- chunks[i].iov_len = SSIZE_MAX - num_bytes;
-+ if (toSend > max_bytes ||
-+ (off_t) num_bytes + toSend > max_bytes) {
-+ chunks[i].iov_len = max_bytes - num_bytes;
-
- num_chunks = i + 1;
- break;
-@@ -100,6 +97,7 @@
-
- /* check which chunks have been written */
- cq->bytes_out += r;
-+ max_bytes -= r;
-
- for(i = 0, tc = c; i < num_chunks; i++, tc = tc->next) {
- if (r >= (ssize_t)chunks[i].iov_len) {
-@@ -109,11 +107,10 @@
-
- if (chunk_finished) {
- /* skip the chunks from further touches */
-- chunks_written++;
- c = c->next;
- } else {
- /* chunks_written + c = c->next is done in the for()*/
-- chunk_finished++;
-+ chunk_finished = 1;
- }
- } else {
- /* partially written */
-@@ -130,13 +127,12 @@
- case FILE_CHUNK: {
- ssize_t r;
- off_t offset;
-- size_t toSend;
-+ off_t toSend;
- stat_cache_entry *sce = NULL;
-
- offset = c->file.start + c->offset;
-- /* limit the toSend to 2^31-1 bytes in a chunk */
-- toSend = c->file.length - c->offset > ((1 << 30) - 1) ?
-- ((1 << 30) - 1) : c->file.length - c->offset;
-+ toSend = c->file.length - c->offset;
-+ if (toSend > max_bytes) toSend = max_bytes;
-
- /* open file if not already opened */
- if (-1 == c->file.fd) {
-@@ -215,6 +211,7 @@
-
- c->offset += r;
- cq->bytes_out += r;
-+ max_bytes -= r;
-
- if (c->offset == c->file.length) {
- chunk_finished = 1;
-@@ -243,7 +240,7 @@
- }
- }
-
-- return chunks_written;
-+ return 0;
- }
-
- #endif
diff --git a/www/lighttpd/files/patch-2802-ssl b/www/lighttpd/files/patch-2802-ssl
deleted file mode 100644
index cff9e61895ab..000000000000
--- a/www/lighttpd/files/patch-2802-ssl
+++ /dev/null
@@ -1,16 +0,0 @@
-Index: src/network.c
-===================================================================
---- src/network.c (revision 2801)
-+++ src/network.c (revision 2802)
-@@ -480,9 +480,11 @@
- network_backend_t backend;
-
- #if OPENSSL_VERSION_NUMBER >= 0x0090800fL
-+#ifndef OPENSSL_NO_ECDH
- EC_KEY *ecdh;
- int nid;
- #endif
-+#endif
-
- #ifdef USE_OPENSSL
- DH *dh;
diff --git a/www/lighttpd/files/patch-2803-pathinfo b/www/lighttpd/files/patch-2803-pathinfo
deleted file mode 100644
index cb0c517ead61..000000000000
--- a/www/lighttpd/files/patch-2803-pathinfo
+++ /dev/null
@@ -1,122 +0,0 @@
-Index: src/mod_staticfile.c
-===================================================================
---- src/mod_staticfile.c (revision 2802)
-+++ src/mod_staticfile.c (revision 2803)
-@@ -26,6 +26,7 @@
- typedef struct {
- array *exclude_ext;
- unsigned short etags_used;
-+ unsigned short disable_pathinfo;
- } plugin_config;
-
- typedef struct {
-@@ -84,6 +85,7 @@
- config_values_t cv[] = {
- { "static-file.exclude-extensions", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
- { "static-file.etags", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
-+ { "static-file.disable-pathinfo", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
- { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
- };
-
-@@ -97,9 +99,11 @@
- s = calloc(1, sizeof(plugin_config));
- s->exclude_ext = array_init();
- s->etags_used = 1;
-+ s->disable_pathinfo = 0;
-
- cv[0].destination = s->exclude_ext;
- cv[1].destination = &(s->etags_used);
-+ cv[2].destination = &(s->disable_pathinfo);
-
- p->config_storage[i] = s;
-
-@@ -119,6 +123,7 @@
-
- PATCH(exclude_ext);
- PATCH(etags_used);
-+ PATCH(disable_pathinfo);
-
- /* skip the first, the global context */
- for (i = 1; i < srv->config_context->used; i++) {
-@@ -136,7 +141,9 @@
- PATCH(exclude_ext);
- } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("static-file.etags"))) {
- PATCH(etags_used);
-- }
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("static-file.disable-pathinfo"))) {
-+ PATCH(disable_pathinfo);
-+ }
- }
- }
-
-@@ -375,6 +382,13 @@
-
- mod_staticfile_patch_connection(srv, con, p);
-
-+ if (p->conf.disable_pathinfo && 0 != con->request.pathinfo->used) {
-+ if (con->conf.log_request_handling) {
-+ log_error_write(srv, __FILE__, __LINE__, "s", "-- NOT handling file as static file, pathinfo forbidden");
-+ }
-+ return HANDLER_GO_ON;
-+ }
-+
- /* ignore certain extensions */
- for (k = 0; k < p->conf.exclude_ext->used; k++) {
- ds = (data_string *)p->conf.exclude_ext->data[k];
-Index: tests/request.t
-===================================================================
---- tests/request.t (revision 2802)
-+++ tests/request.t (revision 2803)
-@@ -8,7 +8,7 @@
-
- use strict;
- use IO::Socket;
--use Test::More tests => 44;
-+use Test::More tests => 46;
- use LightyTest;
-
- my $tf = LightyTest->new();
-@@ -413,5 +413,21 @@
- $t->{SLOWREQUEST} = 1;
- ok($tf->handle_http($t) == 0, 'GET, slow \\r\\n\\r\\n (#2105)');
-
-+print "\nPathinfo for static files\n";
-+$t->{REQUEST} = ( <<EOF
-+GET /image.jpg/index.php HTTP/1.0
-+EOF
-+ );
-+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'Content-Type' => 'image/jpeg' } ];
-+ok($tf->handle_http($t) == 0, 'static file accepting pathinfo by default');
-+
-+$t->{REQUEST} = ( <<EOF
-+GET /image.jpg/index.php HTTP/1.0
-+Host: zzz.example.org
-+EOF
-+ );
-+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ];
-+ok($tf->handle_http($t) == 0, 'static file with forbidden pathinfo');
-+
- ok($tf->stop_proc == 0, "Stopping lighttpd");
-
-Index: tests/wrapper.sh
-===================================================================
---- tests/wrapper.sh (revision 2802)
-+++ tests/wrapper.sh (revision 2803)
-@@ -6,4 +6,4 @@
- top_builddir=$2
- export SHELL srcdir top_builddir
-
--$3
-+exec $3
-Index: tests/lighttpd.conf
-===================================================================
---- tests/lighttpd.conf (revision 2802)
-+++ tests/lighttpd.conf (revision 2803)
-@@ -149,6 +149,7 @@
- $HTTP["host"] == "zzz.example.org" {
- server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
- server.name = "zzz.example.org"
-+ static-file.disable-pathinfo = "enable"
- }
-
- $HTTP["host"] == "symlink.example.org" {
diff --git a/www/lighttpd/files/patch-2804-bug2341 b/www/lighttpd/files/patch-2804-bug2341
deleted file mode 100644
index 00a9ee80544b..000000000000
--- a/www/lighttpd/files/patch-2804-bug2341
+++ /dev/null
@@ -1,12 +0,0 @@
-Index: src/connections.c
-===================================================================
---- src/connections.c (revision 2803)
-+++ src/connections.c (revision 2804)
-@@ -445,6 +445,7 @@
- default:
- switch(con->http_status) {
- case 400: /* bad request */
-+ case 401: /* authorization required */
- case 414: /* overload request header */
- case 505: /* unknown protocol */
- case 207: /* this was webdav */
diff --git a/www/lighttpd/files/patch-src-fdevent.h b/www/lighttpd/files/patch-src-fdevent.h
new file mode 100644
index 000000000000..fcafda5b3748
--- /dev/null
+++ b/www/lighttpd/files/patch-src-fdevent.h
@@ -0,0 +1,11 @@
+--- src/fdevent.h.orig 2011-12-19 07:41:33.183877666 +0100
++++ src/fdevent.h 2011-12-19 07:42:01.457863868 +0100
+@@ -54,7 +54,7 @@
+ # include <port.h>
+ #endif
+
+-#if defined HAVE_SYS_EVENT_H && defined HAVE_KQUEUE
++#if defined HAVE_SYS_EVENT_H && defined HAVE_KQUEUE && !defined HAVE_LIBEV
+ # define USE_FREEBSD_KQUEUE
+ # include <sys/event.h>
+ #endif