diff options
Diffstat (limited to 'www/lighttpd')
-rw-r--r-- | www/lighttpd/Makefile | 3 | ||||
-rw-r--r-- | www/lighttpd/distinfo | 4 | ||||
-rw-r--r-- | www/lighttpd/files/patch-2799-bug2331 | 621 | ||||
-rw-r--r-- | www/lighttpd/files/patch-2800-gccwarnings | 62 | ||||
-rw-r--r-- | www/lighttpd/files/patch-2801-network-write | 804 | ||||
-rw-r--r-- | www/lighttpd/files/patch-2802-ssl | 16 | ||||
-rw-r--r-- | www/lighttpd/files/patch-2803-pathinfo | 122 | ||||
-rw-r--r-- | www/lighttpd/files/patch-2804-bug2341 | 12 | ||||
-rw-r--r-- | www/lighttpd/files/patch-src-fdevent.h | 11 |
9 files changed, 14 insertions, 1641 deletions
diff --git a/www/lighttpd/Makefile b/www/lighttpd/Makefile index 91139ecf96c3..4ad63ee590d2 100644 --- a/www/lighttpd/Makefile +++ b/www/lighttpd/Makefile @@ -6,8 +6,7 @@ # PORTNAME?= lighttpd -PORTVERSION= 1.4.29 -PORTREVISION= 2 +PORTVERSION= 1.4.30 CATEGORIES?= www MASTER_SITES?= http://download.lighttpd.net/lighttpd/releases-1.4.x/ diff --git a/www/lighttpd/distinfo b/www/lighttpd/distinfo index cc41415b333a..b2ee3d77f3ab 100644 --- a/www/lighttpd/distinfo +++ b/www/lighttpd/distinfo @@ -1,5 +1,5 @@ -SHA256 (lighttpd-1.4.29.tar.bz2) = afd8af213e65afb48b397d004696c6620a7ae7f3d4f162ec46a04b9b9dbfd599 -SIZE (lighttpd-1.4.29.tar.bz2) = 659974 +SHA256 (lighttpd-1.4.30.tar.bz2) = 0d795597e4666dbf6ffe44b4a42f388ddb44736ddfab0b1ac091e5bb35212c2d +SIZE (lighttpd-1.4.30.tar.bz2) = 664697 SHA256 (lighttpd-1.4.26_mod_h264_streaming-2.2.9.patch.gz) = d7c3704d5253c4f3c18459f89059063b311e50096cd2c38fc982cec683c32e61 SIZE (lighttpd-1.4.26_mod_h264_streaming-2.2.9.patch.gz) = 44695 SHA256 (lighttpd-1.4.26_mod_geoip.patch.gz) = db43cc0ed7c808b5eed3185d97346e70dea0f1ef4fa9ed436d08e4faff7f97e7 diff --git a/www/lighttpd/files/patch-2799-bug2331 b/www/lighttpd/files/patch-2799-bug2331 deleted file mode 100644 index f53e92927f3f..000000000000 --- a/www/lighttpd/files/patch-2799-bug2331 +++ /dev/null @@ -1,621 +0,0 @@ -Index: src/http_auth_digest.c -=================================================================== ---- src/http_auth_digest.c (revision 2798) -+++ src/http_auth_digest.c (revision 2799) -@@ -1,26 +0,0 @@ --#include "buffer.h" -- --#include "http_auth_digest.h" -- --#include <string.h> -- --#ifndef USE_OPENSSL --# include "md5.h" -- --typedef li_MD5_CTX MD5_CTX; --#define MD5_Init li_MD5_Init --#define MD5_Update li_MD5_Update --#define MD5_Final li_MD5_Final -- --#endif -- --void CvtHex(IN HASH Bin, OUT HASHHEX Hex) { -- unsigned short i; -- -- for (i = 0; i < HASHLEN; i++) { -- Hex[i*2] = int2hex((Bin[i] >> 4) & 0xf); -- Hex[i*2+1] = int2hex(Bin[i] & 0xf); -- } -- Hex[HASHHEXLEN] = '\0'; --} -- -Index: src/http_auth_digest.h -=================================================================== ---- src/http_auth_digest.h (revision 2798) -+++ src/http_auth_digest.h (revision 2799) -@@ -1,24 +0,0 @@ --#ifndef _DIGCALC_H_ --#define _DIGCALC_H_ -- --#ifdef HAVE_CONFIG_H --# include "config.h" --#endif -- --#define HASHLEN 16 --typedef unsigned char HASH[HASHLEN]; --#define HASHHEXLEN 32 --typedef char HASHHEX[HASHHEXLEN+1]; --#ifdef USE_OPENSSL --#define IN const --#else --#define IN --#endif --#define OUT -- --void CvtHex( -- IN HASH Bin, -- OUT HASHHEX Hex -- ); -- --#endif -Index: src/mod_secure_download.c -=================================================================== ---- src/mod_secure_download.c (revision 2798) -+++ src/mod_secure_download.c (revision 2799) -@@ -8,18 +8,8 @@ - #include <stdlib.h> - #include <string.h> - --#ifdef USE_OPENSSL --# include <openssl/md5.h> --#else --# include "md5.h" -+#include "md5.h" - --typedef li_MD5_CTX MD5_CTX; --#define MD5_Init li_MD5_Init --#define MD5_Update li_MD5_Update --#define MD5_Final li_MD5_Final -- --#endif -- - #define HASHLEN 16 - typedef unsigned char HASH[HASHLEN]; - #define HASHHEXLEN 32 -@@ -200,7 +190,7 @@ - - URIHANDLER_FUNC(mod_secdownload_uri_handler) { - plugin_data *p = p_d; -- MD5_CTX Md5Ctx; -+ li_MD5_CTX Md5Ctx; - HASH HA1; - const char *rel_uri, *ts_str, *md5_str; - time_t ts = 0; -@@ -266,9 +256,9 @@ - buffer_append_string(p->md5, rel_uri); - buffer_append_string_len(p->md5, ts_str, 8); - -- MD5_Init(&Md5Ctx); -- MD5_Update(&Md5Ctx, (unsigned char *)p->md5->ptr, p->md5->used - 1); -- MD5_Final(HA1, &Md5Ctx); -+ li_MD5_Init(&Md5Ctx); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)p->md5->ptr, p->md5->used - 1); -+ li_MD5_Final(HA1, &Md5Ctx); - - buffer_copy_string_hex(p->md5, (char *)HA1, 16); - -Index: src/SConscript -=================================================================== ---- src/SConscript (revision 2798) -+++ src/SConscript (revision 2799) -@@ -12,7 +12,8 @@ - data_integer.c md5.c data_fastcgi.c \ - fdevent_select.c fdevent_libev.c \ - fdevent_poll.c fdevent_linux_sysepoll.c \ -- fdevent_solaris_devpoll.c fdevent_freebsd_kqueue.c \ -+ fdevent_solaris_devpoll.c fdevent_solaris_port.c \ -+ fdevent_freebsd_kqueue.c \ - data_config.c bitset.c \ - inet_ntop_cache.c crc32.c \ - connections-glue.c \ -@@ -62,7 +63,7 @@ - 'mod_redirect' : { 'src' : [ 'mod_redirect.c' ], 'lib' : [ env['LIBPCRE'] ] }, - 'mod_rewrite' : { 'src' : [ 'mod_rewrite.c' ], 'lib' : [ env['LIBPCRE'] ] }, - 'mod_auth' : { -- 'src' : [ 'mod_auth.c', 'http_auth_digest.c', 'http_auth.c' ], -+ 'src' : [ 'mod_auth.c', 'http_auth.c' ], - 'lib' : [ env['LIBCRYPT'], env['LIBLDAP'], env['LIBLBER'] ] }, - 'mod_webdav' : { 'src' : [ 'mod_webdav.c' ], 'lib' : [ env['LIBXML2'], env['LIBSQLITE3'], env['LIBUUID'] ] }, - 'mod_mysql_vhost' : { 'src' : [ 'mod_mysql_vhost.c' ], 'lib' : [ env['LIBMYSQL'] ] }, -Index: src/mod_cml_funcs.c -=================================================================== ---- src/mod_cml_funcs.c (revision 2798) -+++ src/mod_cml_funcs.c (revision 2799) -@@ -17,18 +17,8 @@ - #include <dirent.h> - #include <stdio.h> - --#ifdef USE_OPENSSL --# include <openssl/md5.h> --#else --# include "md5.h" -+#include "md5.h" - --typedef li_MD5_CTX MD5_CTX; --#define MD5_Init li_MD5_Init --#define MD5_Update li_MD5_Update --#define MD5_Final li_MD5_Final -- --#endif -- - #define HASHLEN 16 - typedef unsigned char HASH[HASHLEN]; - #define HASHHEXLEN 32 -@@ -43,7 +33,7 @@ - #ifdef HAVE_LUA_H - - int f_crypto_md5(lua_State *L) { -- MD5_CTX Md5Ctx; -+ li_MD5_CTX Md5Ctx; - HASH HA1; - buffer b; - char hex[33]; -@@ -63,9 +53,9 @@ - lua_error(L); - } - -- MD5_Init(&Md5Ctx); -- MD5_Update(&Md5Ctx, (unsigned char *)lua_tostring(L, 1), lua_strlen(L, 1)); -- MD5_Final(HA1, &Md5Ctx); -+ li_MD5_Init(&Md5Ctx); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)lua_tostring(L, 1), lua_strlen(L, 1)); -+ li_MD5_Final(HA1, &Md5Ctx); - - buffer_copy_string_hex(&b, (char *)HA1, 16); - -Index: src/Makefile.am -=================================================================== ---- src/Makefile.am (revision 2798) -+++ src/Makefile.am (revision 2799) -@@ -241,7 +241,7 @@ - mod_compress_la_LIBADD = $(Z_LIB) $(BZ_LIB) $(common_libadd) - - lib_LTLIBRARIES += mod_auth.la --mod_auth_la_SOURCES = mod_auth.c http_auth_digest.c http_auth.c -+mod_auth_la_SOURCES = mod_auth.c http_auth.c - mod_auth_la_LDFLAGS = -module -export-dynamic -avoid-version -no-undefined - mod_auth_la_LIBADD = $(CRYPT_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) - -@@ -268,7 +268,7 @@ - - hdr = server.h buffer.h network.h log.h keyvalue.h \ - response.h request.h fastcgi.h chunk.h \ -- settings.h http_chunk.h http_auth_digest.h \ -+ settings.h http_chunk.h \ - md5.h http_auth.h stream.h \ - fdevent.h connections.h base.h stat_cache.h \ - plugin.h mod_auth.h \ -Index: src/http_auth.c -=================================================================== ---- src/http_auth.c (revision 2798) -+++ src/http_auth.c (revision 2799) -@@ -1,7 +1,6 @@ - #include "server.h" - #include "log.h" - #include "http_auth.h" --#include "http_auth_digest.h" - #include "inet_ntop_cache.h" - #include "stream.h" - -@@ -28,18 +27,23 @@ - #include <unistd.h> - #include <ctype.h> - --#ifdef USE_OPENSSL --# include <openssl/md5.h> --#else --# include "md5.h" -+#include "md5.h" - --typedef li_MD5_CTX MD5_CTX; --#define MD5_Init li_MD5_Init --#define MD5_Update li_MD5_Update --#define MD5_Final li_MD5_Final -+#define HASHLEN 16 -+#define HASHHEXLEN 32 -+typedef unsigned char HASH[HASHLEN]; -+typedef char HASHHEX[HASHHEXLEN+1]; - --#endif -+static void CvtHex(const HASH Bin, char Hex[33]) { -+ unsigned short i; - -+ for (i = 0; i < 16; i++) { -+ Hex[i*2] = int2hex((Bin[i] >> 4) & 0xf); -+ Hex[i*2+1] = int2hex(Bin[i] & 0xf); -+ } -+ Hex[32] = '\0'; -+} -+ - /** - * the $apr1$ handling is taken from apache 1.3.x - */ -@@ -435,7 +439,7 @@ - - static void to64(char *s, unsigned long v, int n) - { -- static unsigned char itoa64[] = /* 0 ... 63 => ASCII - 64 */ -+ static const unsigned char itoa64[] = /* 0 ... 63 => ASCII - 64 */ - "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; - - while (--n >= 0) { -@@ -455,7 +459,7 @@ - const char *sp, *ep; - unsigned char final[APR_MD5_DIGESTSIZE]; - ssize_t sl, pl, i; -- MD5_CTX ctx, ctx1; -+ li_MD5_CTX ctx, ctx1; - unsigned long l; - - /* -@@ -487,33 +491,33 @@ - /* - * 'Time to make the doughnuts..' - */ -- MD5_Init(&ctx); -+ li_MD5_Init(&ctx); - - /* - * The password first, since that is what is most unknown - */ -- MD5_Update(&ctx, pw, strlen(pw)); -+ li_MD5_Update(&ctx, pw, strlen(pw)); - - /* - * Then our magic string - */ -- MD5_Update(&ctx, APR1_ID, strlen(APR1_ID)); -+ li_MD5_Update(&ctx, APR1_ID, strlen(APR1_ID)); - - /* - * Then the raw salt - */ -- MD5_Update(&ctx, sp, sl); -+ li_MD5_Update(&ctx, sp, sl); - - /* - * Then just as many characters of the MD5(pw, salt, pw) - */ -- MD5_Init(&ctx1); -- MD5_Update(&ctx1, pw, strlen(pw)); -- MD5_Update(&ctx1, sp, sl); -- MD5_Update(&ctx1, pw, strlen(pw)); -- MD5_Final(final, &ctx1); -+ li_MD5_Init(&ctx1); -+ li_MD5_Update(&ctx1, pw, strlen(pw)); -+ li_MD5_Update(&ctx1, sp, sl); -+ li_MD5_Update(&ctx1, pw, strlen(pw)); -+ li_MD5_Final(final, &ctx1); - for (pl = strlen(pw); pl > 0; pl -= APR_MD5_DIGESTSIZE) { -- MD5_Update(&ctx, final, -+ li_MD5_Update(&ctx, final, - (pl > APR_MD5_DIGESTSIZE) ? APR_MD5_DIGESTSIZE : pl); - } - -@@ -527,10 +531,10 @@ - */ - for (i = strlen(pw); i != 0; i >>= 1) { - if (i & 1) { -- MD5_Update(&ctx, final, 1); -+ li_MD5_Update(&ctx, final, 1); - } - else { -- MD5_Update(&ctx, pw, 1); -+ li_MD5_Update(&ctx, pw, 1); - } - } - -@@ -542,7 +546,7 @@ - strncat(passwd, sp, sl); - strcat(passwd, "$"); - -- MD5_Final(final, &ctx); -+ li_MD5_Final(final, &ctx); - - /* - * And now, just to make sure things don't run too fast.. -@@ -550,28 +554,28 @@ - * need 30 seconds to build a 1000 entry dictionary... - */ - for (i = 0; i < 1000; i++) { -- MD5_Init(&ctx1); -+ li_MD5_Init(&ctx1); - if (i & 1) { -- MD5_Update(&ctx1, pw, strlen(pw)); -+ li_MD5_Update(&ctx1, pw, strlen(pw)); - } - else { -- MD5_Update(&ctx1, final, APR_MD5_DIGESTSIZE); -+ li_MD5_Update(&ctx1, final, APR_MD5_DIGESTSIZE); - } - if (i % 3) { -- MD5_Update(&ctx1, sp, sl); -+ li_MD5_Update(&ctx1, sp, sl); - } - - if (i % 7) { -- MD5_Update(&ctx1, pw, strlen(pw)); -+ li_MD5_Update(&ctx1, pw, strlen(pw)); - } - - if (i & 1) { -- MD5_Update(&ctx1, final, APR_MD5_DIGESTSIZE); -+ li_MD5_Update(&ctx1, final, APR_MD5_DIGESTSIZE); - } - else { -- MD5_Update(&ctx1, pw, strlen(pw)); -+ li_MD5_Update(&ctx1, pw, strlen(pw)); - } -- MD5_Final(final,&ctx1); -+ li_MD5_Final(final,&ctx1); - } - - p = passwd + strlen(passwd); -@@ -614,17 +618,17 @@ - * user:realm:md5(user:realm:password) - */ - -- MD5_CTX Md5Ctx; -+ li_MD5_CTX Md5Ctx; - HASH HA1; - char a1[256]; - -- MD5_Init(&Md5Ctx); -- MD5_Update(&Md5Ctx, (unsigned char *)username->ptr, username->used - 1); -- MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -- MD5_Update(&Md5Ctx, (unsigned char *)realm->ptr, realm->used - 1); -- MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -- MD5_Update(&Md5Ctx, (unsigned char *)pw, strlen(pw)); -- MD5_Final(HA1, &Md5Ctx); -+ li_MD5_Init(&Md5Ctx); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)username->ptr, username->used - 1); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)realm->ptr, realm->used - 1); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)pw, strlen(pw)); -+ li_MD5_Final(HA1, &Md5Ctx); - - CvtHex(HA1, a1); - -@@ -930,7 +934,7 @@ - int i; - buffer *password, *b, *username_buf, *realm_buf; - -- MD5_CTX Md5Ctx; -+ li_MD5_CTX Md5Ctx; - HASH HA1; - HASH HA2; - HASH RespHash; -@@ -1067,13 +1071,13 @@ - - if (p->conf.auth_backend == AUTH_BACKEND_PLAIN) { - /* generate password from plain-text */ -- MD5_Init(&Md5Ctx); -- MD5_Update(&Md5Ctx, (unsigned char *)username, strlen(username)); -- MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -- MD5_Update(&Md5Ctx, (unsigned char *)realm, strlen(realm)); -- MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -- MD5_Update(&Md5Ctx, (unsigned char *)password->ptr, password->used - 1); -- MD5_Final(HA1, &Md5Ctx); -+ li_MD5_Init(&Md5Ctx); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)username, strlen(username)); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)realm, strlen(realm)); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)password->ptr, password->used - 1); -+ li_MD5_Final(HA1, &Md5Ctx); - } else if (p->conf.auth_backend == AUTH_BACKEND_HTDIGEST) { - /* HA1 */ - /* transform the 32-byte-hex-md5 to a 16-byte-md5 */ -@@ -1090,45 +1094,45 @@ - - if (algorithm && - strcasecmp(algorithm, "md5-sess") == 0) { -- MD5_Init(&Md5Ctx); -- MD5_Update(&Md5Ctx, (unsigned char *)HA1, 16); -- MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -- MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce)); -- MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -- MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce)); -- MD5_Final(HA1, &Md5Ctx); -+ li_MD5_Init(&Md5Ctx); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)HA1, 16); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce)); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce)); -+ li_MD5_Final(HA1, &Md5Ctx); - } - - CvtHex(HA1, a1); - - /* calculate H(A2) */ -- MD5_Init(&Md5Ctx); -- MD5_Update(&Md5Ctx, (unsigned char *)m, strlen(m)); -- MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -- MD5_Update(&Md5Ctx, (unsigned char *)uri, strlen(uri)); -+ li_MD5_Init(&Md5Ctx); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)m, strlen(m)); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)uri, strlen(uri)); - if (qop && strcasecmp(qop, "auth-int") == 0) { -- MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -- MD5_Update(&Md5Ctx, (unsigned char *)"", HASHHEXLEN); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)"", HASHHEXLEN); - } -- MD5_Final(HA2, &Md5Ctx); -+ li_MD5_Final(HA2, &Md5Ctx); - CvtHex(HA2, HA2Hex); - - /* calculate response */ -- MD5_Init(&Md5Ctx); -- MD5_Update(&Md5Ctx, (unsigned char *)a1, HASHHEXLEN); -- MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -- MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce)); -- MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -+ li_MD5_Init(&Md5Ctx); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)a1, HASHHEXLEN); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)nonce, strlen(nonce)); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1); - if (qop && *qop) { -- MD5_Update(&Md5Ctx, (unsigned char *)nc, strlen(nc)); -- MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -- MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce)); -- MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -- MD5_Update(&Md5Ctx, (unsigned char *)qop, strlen(qop)); -- MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)nc, strlen(nc)); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)cnonce, strlen(cnonce)); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)qop, strlen(qop)); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)":", 1); - }; -- MD5_Update(&Md5Ctx, (unsigned char *)HA2Hex, HASHHEXLEN); -- MD5_Final(RespHash, &Md5Ctx); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)HA2Hex, HASHHEXLEN); -+ li_MD5_Final(RespHash, &Md5Ctx); - CvtHex(RespHash, a2); - - if (0 != strcmp(a2, respons)) { -@@ -1171,24 +1175,24 @@ - - int http_auth_digest_generate_nonce(server *srv, mod_auth_plugin_data *p, buffer *fn, char out[33]) { - HASH h; -- MD5_CTX Md5Ctx; -+ li_MD5_CTX Md5Ctx; - char hh[32]; - - UNUSED(p); - - /* generate shared-secret */ -- MD5_Init(&Md5Ctx); -- MD5_Update(&Md5Ctx, (unsigned char *)fn->ptr, fn->used - 1); -- MD5_Update(&Md5Ctx, (unsigned char *)"+", 1); -+ li_MD5_Init(&Md5Ctx); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)fn->ptr, fn->used - 1); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)"+", 1); - - /* we assume sizeof(time_t) == 4 here, but if not it ain't a problem at all */ - LI_ltostr(hh, srv->cur_ts); -- MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh)); -- MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy)); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh)); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy)); - LI_ltostr(hh, rand()); -- MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh)); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh)); - -- MD5_Final(h, &Md5Ctx); -+ li_MD5_Final(h, &Md5Ctx); - - CvtHex(h, out); - -Index: src/mod_usertrack.c -=================================================================== ---- src/mod_usertrack.c (revision 2798) -+++ src/mod_usertrack.c (revision 2799) -@@ -8,18 +8,8 @@ - #include <stdlib.h> - #include <string.h> - --#ifdef USE_OPENSSL --# include <openssl/md5.h> --#else --# include "md5.h" -+#include "md5.h" - --typedef li_MD5_CTX MD5_CTX; --#define MD5_Init li_MD5_Init --#define MD5_Update li_MD5_Update --#define MD5_Final li_MD5_Final -- --#endif -- - /* plugin config for all request/connections */ - - typedef struct { -@@ -182,7 +172,7 @@ - plugin_data *p = p_d; - data_string *ds; - unsigned char h[16]; -- MD5_CTX Md5Ctx; -+ li_MD5_CTX Md5Ctx; - char hh[32]; - - if (con->uri.path->used == 0) return HANDLER_GO_ON; -@@ -228,18 +218,18 @@ - /* taken from mod_auth.c */ - - /* generate shared-secret */ -- MD5_Init(&Md5Ctx); -- MD5_Update(&Md5Ctx, (unsigned char *)con->uri.path->ptr, con->uri.path->used - 1); -- MD5_Update(&Md5Ctx, (unsigned char *)"+", 1); -+ li_MD5_Init(&Md5Ctx); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)con->uri.path->ptr, con->uri.path->used - 1); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)"+", 1); - - /* we assume sizeof(time_t) == 4 here, but if not it ain't a problem at all */ - LI_ltostr(hh, srv->cur_ts); -- MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh)); -- MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy)); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh)); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy)); - LI_ltostr(hh, rand()); -- MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh)); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh)); - -- MD5_Final(h, &Md5Ctx); -+ li_MD5_Final(h, &Md5Ctx); - - buffer_append_string_encoded(ds->value, (char *)h, 16, ENCODING_HEX); - buffer_append_string_len(ds->value, CONST_STR_LEN("; Path=/")); -Index: src/mod_cml_lua.c -=================================================================== ---- src/mod_cml_lua.c (revision 2798) -+++ src/mod_cml_lua.c (revision 2799) -@@ -11,18 +11,6 @@ - #include <time.h> - #include <string.h> - --#ifdef USE_OPENSSL --# include <openssl/md5.h> --#else --# include "md5.h" -- --typedef li_MD5_CTX MD5_CTX; --#define MD5_Init li_MD5_Init --#define MD5_Update li_MD5_Update --#define MD5_Final li_MD5_Final -- --#endif -- - #define HASHLEN 16 - typedef unsigned char HASH[HASHLEN]; - #define HASHHEXLEN 32 -Index: src/mod_dirlisting.c -=================================================================== ---- src/mod_dirlisting.c (revision 2798) -+++ src/mod_dirlisting.c (revision 2799) -@@ -657,7 +657,8 @@ - i = dir->used - 1; - - #ifdef HAVE_PATHCONF -- if (-1 == (name_max = pathconf(dir->ptr, _PC_NAME_MAX))) { -+ if (0 >= (name_max = pathconf(dir->ptr, _PC_NAME_MAX))) { -+ /* some broken fs (fuse) return 0 instead of -1 */ - #ifdef NAME_MAX - name_max = NAME_MAX; - #else diff --git a/www/lighttpd/files/patch-2800-gccwarnings b/www/lighttpd/files/patch-2800-gccwarnings deleted file mode 100644 index f7f41087b8b2..000000000000 --- a/www/lighttpd/files/patch-2800-gccwarnings +++ /dev/null @@ -1,62 +0,0 @@ -Index: src/mod_staticfile.c -=================================================================== ---- src/mod_staticfile.c (revision 2799) -+++ src/mod_staticfile.c (revision 2800) -@@ -350,7 +350,6 @@ - URIHANDLER_FUNC(mod_staticfile_subrequest) { - plugin_data *p = p_d; - size_t k; -- int s_len; - stat_cache_entry *sce = NULL; - buffer *mtime = NULL; - data_string *ds; -@@ -376,8 +375,6 @@ - - mod_staticfile_patch_connection(srv, con, p); - -- s_len = con->uri.path->used - 1; -- - /* ignore certain extensions */ - for (k = 0; k < p->conf.exclude_ext->used; k++) { - ds = (data_string *)p->conf.exclude_ext->data[k]; -Index: src/mod_userdir.c -=================================================================== ---- src/mod_userdir.c (revision 2799) -+++ src/mod_userdir.c (revision 2800) -@@ -166,7 +166,6 @@ - - URIHANDLER_FUNC(mod_userdir_docroot_handler) { - plugin_data *p = p_d; -- int uri_len; - size_t k; - char *rel_url; - #ifdef HAVE_PWD_H -@@ -182,8 +181,6 @@ - */ - if (p->conf.path->used == 0) return HANDLER_GO_ON; - -- uri_len = con->uri.path->used - 1; -- - /* /~user/foo.html -> /home/user/public_html/foo.html */ - - if (con->uri.path->ptr[0] != '/' || -Index: src/mod_fastcgi.c -=================================================================== ---- src/mod_fastcgi.c (revision 2799) -+++ src/mod_fastcgi.c (revision 2800) -@@ -3132,7 +3132,6 @@ - plugin_data *p = p_d; - - handler_ctx *hctx = con->plugin_ctx[p->id]; -- fcgi_proc *proc; - fcgi_extension_host *host; - - if (NULL == hctx) return HANDLER_GO_ON; -@@ -3201,7 +3200,6 @@ - /* ok, create the request */ - switch(fcgi_write_request(srv, hctx)) { - case HANDLER_ERROR: -- proc = hctx->proc; - host = hctx->host; - - if (hctx->state == FCGI_STATE_INIT || diff --git a/www/lighttpd/files/patch-2801-network-write b/www/lighttpd/files/patch-2801-network-write deleted file mode 100644 index d7197177bee3..000000000000 --- a/www/lighttpd/files/patch-2801-network-write +++ /dev/null @@ -1,804 +0,0 @@ -Index: src/network_write.c -=================================================================== ---- src/network_write.c (revision 2800) -+++ src/network_write.c (revision 2801) -@@ -24,17 +24,16 @@ - # include <sys/resource.h> - #endif - --int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq) { -+int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) { - chunk *c; -- size_t chunks_written = 0; - -- for(c = cq->first; c; c = c->next) { -+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) { - int chunk_finished = 0; - - switch(c->type) { - case MEM_CHUNK: { - char * offset; -- size_t toSend; -+ off_t toSend; - ssize_t r; - - if (c->mem->used == 0) { -@@ -44,6 +43,8 @@ - - offset = c->mem->ptr + c->offset; - toSend = c->mem->used - 1 - c->offset; -+ if (toSend > max_bytes) toSend = max_bytes; -+ - #ifdef __WIN32 - if ((r = send(fd, offset, toSend, 0)) < 0) { - /* no error handling for windows... */ -@@ -72,6 +73,7 @@ - - c->offset += r; - cq->bytes_out += r; -+ max_bytes -= r; - - if (c->offset == (off_t)c->mem->used - 1) { - chunk_finished = 1; -@@ -85,7 +87,7 @@ - #endif - ssize_t r; - off_t offset; -- size_t toSend; -+ off_t toSend; - stat_cache_entry *sce = NULL; - int ifd; - -@@ -98,6 +100,8 @@ - offset = c->file.start + c->offset; - toSend = c->file.length - c->offset; - -+ if (toSend > max_bytes) toSend = max_bytes; -+ - if (offset > sce->st.st_size) { - log_error_write(srv, __FILE__, __LINE__, "sb", "file was shrinked:", c->file.name); - -@@ -181,6 +185,7 @@ - - c->offset += r; - cq->bytes_out += r; -+ max_bytes -= r; - - if (c->offset == c->file.length) { - chunk_finished = 1; -@@ -200,11 +205,9 @@ - - break; - } -- -- chunks_written++; - } - -- return chunks_written; -+ return 0; - } - - #if 0 -Index: src/base.h -=================================================================== ---- src/base.h (revision 2800) -+++ src/base.h (revision 2801) -@@ -647,11 +647,9 @@ - - fdevent_handler_t event_handler; - -- int (* network_backend_write)(struct server *srv, connection *con, int fd, chunkqueue *cq); -- int (* network_backend_read)(struct server *srv, connection *con, int fd, chunkqueue *cq); -+ int (* network_backend_write)(struct server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes); - #ifdef USE_OPENSSL -- int (* network_ssl_backend_write)(struct server *srv, connection *con, SSL *ssl, chunkqueue *cq); -- int (* network_ssl_backend_read)(struct server *srv, connection *con, SSL *ssl, chunkqueue *cq); -+ int (* network_ssl_backend_write)(struct server *srv, connection *con, SSL *ssl, chunkqueue *cq, off_t max_bytes); - #endif - - uid_t uid; -Index: src/connections.c -=================================================================== ---- src/connections.c (revision 2800) -+++ src/connections.c (revision 2801) -@@ -617,8 +617,9 @@ - } - - static int connection_handle_write(server *srv, connection *con) { -- switch(network_write_chunkqueue(srv, con, con->write_queue)) { -+ switch(network_write_chunkqueue(srv, con, con->write_queue, MAX_WRITE_LIMIT)) { - case 0: -+ con->write_request_ts = srv->cur_ts; - if (con->file_finished) { - connection_set_state(srv, con, CON_STATE_RESPONSE_END); - joblist_append(srv, con); -@@ -635,6 +636,7 @@ - joblist_append(srv, con); - break; - case 1: -+ con->write_request_ts = srv->cur_ts; - con->is_writable = 0; - - /* not finished yet -> WRITE */ -@@ -1251,8 +1253,6 @@ - log_error_write(srv, __FILE__, __LINE__, "ds", - con->fd, - "handle write failed."); -- } else if (con->state == CON_STATE_WRITE) { -- con->write_request_ts = srv->cur_ts; - } - } - -@@ -1667,8 +1667,6 @@ - con->fd, - "handle write failed."); - connection_set_state(srv, con, CON_STATE_ERROR); -- } else if (con->state == CON_STATE_WRITE) { -- con->write_request_ts = srv->cur_ts; - } - } - -Index: src/network.c -=================================================================== ---- src/network.c (revision 2800) -+++ src/network.c (revision 2801) -@@ -847,7 +847,7 @@ - return 0; - } - --int network_write_chunkqueue(server *srv, connection *con, chunkqueue *cq) { -+int network_write_chunkqueue(server *srv, connection *con, chunkqueue *cq, off_t max_bytes) { - int ret = -1; - off_t written = 0; - #ifdef TCP_CORK -@@ -855,16 +855,34 @@ - #endif - server_socket *srv_socket = con->srv_socket; - -- if (con->conf.global_kbytes_per_second && -- *(con->conf.global_bytes_per_second_cnt_ptr) > con->conf.global_kbytes_per_second * 1024) { -- /* we reached the global traffic limit */ -+ if (con->conf.global_kbytes_per_second) { -+ off_t limit = con->conf.global_kbytes_per_second * 1024 - *(con->conf.global_bytes_per_second_cnt_ptr); -+ if (limit <= 0) { -+ /* we reached the global traffic limit */ - -- con->traffic_limit_reached = 1; -- joblist_append(srv, con); -+ con->traffic_limit_reached = 1; -+ joblist_append(srv, con); - -- return 1; -+ return 1; -+ } else { -+ if (max_bytes > limit) max_bytes = limit; -+ } - } - -+ if (con->conf.kbytes_per_second) { -+ off_t limit = con->conf.kbytes_per_second * 1024 - con->bytes_written_cur_second; -+ if (limit <= 0) { -+ /* we reached the traffic limit */ -+ -+ con->traffic_limit_reached = 1; -+ joblist_append(srv, con); -+ -+ return 1; -+ } else { -+ if (max_bytes > limit) max_bytes = limit; -+ } -+ } -+ - written = cq->bytes_out; - - #ifdef TCP_CORK -@@ -879,10 +897,10 @@ - - if (srv_socket->is_ssl) { - #ifdef USE_OPENSSL -- ret = srv->network_ssl_backend_write(srv, con, con->ssl, cq); -+ ret = srv->network_ssl_backend_write(srv, con, con->ssl, cq, max_bytes); - #endif - } else { -- ret = srv->network_backend_write(srv, con, con->fd, cq); -+ ret = srv->network_backend_write(srv, con, con->fd, cq, max_bytes); - } - - if (ret >= 0) { -@@ -903,12 +921,5 @@ - - *(con->conf.global_bytes_per_second_cnt_ptr) += written; - -- if (con->conf.kbytes_per_second && -- (con->bytes_written_cur_second > con->conf.kbytes_per_second * 1024)) { -- /* we reached the traffic limit */ -- -- con->traffic_limit_reached = 1; -- joblist_append(srv, con); -- } - return ret; - } -Index: src/network.h -=================================================================== ---- src/network.h (revision 2800) -+++ src/network.h (revision 2801) -@@ -3,7 +3,7 @@ - - #include "server.h" - --int network_write_chunkqueue(server *srv, connection *con, chunkqueue *c); -+int network_write_chunkqueue(server *srv, connection *con, chunkqueue *c, off_t max_bytes); - - int network_init(server *srv); - int network_close(server *srv); -Index: src/mod_scgi.c -=================================================================== ---- src/mod_scgi.c (revision 2800) -+++ src/mod_scgi.c (revision 2801) -@@ -2296,7 +2296,7 @@ - - /* fall through */ - case FCGI_STATE_WRITE: -- ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb); -+ ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb, MAX_WRITE_LIMIT); - - chunkqueue_remove_finished_chunks(hctx->wb); - -Index: src/network_backends.h -=================================================================== ---- src/network_backends.h (revision 2800) -+++ src/network_backends.h (revision 2801) -@@ -47,18 +47,18 @@ - #include "base.h" - - /* return values: -- * >= 0 : chunks completed -+ * >= 0 : no error - * -1 : error (on our side) - * -2 : remote close - */ - --int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq); --int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq); --int network_write_chunkqueue_linuxsendfile(server *srv, connection *con, int fd, chunkqueue *cq); --int network_write_chunkqueue_freebsdsendfile(server *srv, connection *con, int fd, chunkqueue *cq); --int network_write_chunkqueue_solarissendfilev(server *srv, connection *con, int fd, chunkqueue *cq); -+int network_write_chunkqueue_write(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes); -+int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes); -+int network_write_chunkqueue_linuxsendfile(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes); -+int network_write_chunkqueue_freebsdsendfile(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes); -+int network_write_chunkqueue_solarissendfilev(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes); - #ifdef USE_OPENSSL --int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq); -+int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq, off_t max_bytes); - #endif - - #endif -Index: src/mod_proxy.c -=================================================================== ---- src/mod_proxy.c (revision 2800) -+++ src/mod_proxy.c (revision 2801) -@@ -825,7 +825,7 @@ - - /* fall through */ - case PROXY_STATE_WRITE:; -- ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb); -+ ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb, MAX_WRITE_LIMIT); - - chunkqueue_remove_finished_chunks(hctx->wb); - -Index: src/network_writev.c -=================================================================== ---- src/network_writev.c (revision 2800) -+++ src/network_writev.c (revision 2801) -@@ -30,17 +30,16 @@ - #define LOCAL_BUFFERING 1 - #endif - --int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq) { -+int network_write_chunkqueue_writev(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) { - chunk *c; -- size_t chunks_written = 0; - -- for(c = cq->first; c; c = c->next) { -+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) { - int chunk_finished = 0; - - switch(c->type) { - case MEM_CHUNK: { - char * offset; -- size_t toSend; -+ off_t toSend; - ssize_t r; - - size_t num_chunks, i; -@@ -65,12 +64,10 @@ - #error "sysconf() doesnt return _SC_IOV_MAX ..., check the output of 'man writev' for the EINVAL error and send the output to jan@kneschke.de" - #endif - -- /* we can't send more then SSIZE_MAX bytes in one chunk */ -- - /* build writev list - * - * 1. limit: num_chunks < max_chunks -- * 2. limit: num_bytes < SSIZE_MAX -+ * 2. limit: num_bytes < max_bytes - */ - for (num_chunks = 0, tc = c; tc && tc->type == MEM_CHUNK && num_chunks < max_chunks; num_chunks++, tc = tc->next); - -@@ -87,9 +84,9 @@ - chunks[i].iov_base = offset; - - /* protect the return value of writev() */ -- if (toSend > SSIZE_MAX || -- num_bytes + toSend > SSIZE_MAX) { -- chunks[i].iov_len = SSIZE_MAX - num_bytes; -+ if (toSend > max_bytes || -+ (off_t) num_bytes + toSend > max_bytes) { -+ chunks[i].iov_len = max_bytes - num_bytes; - - num_chunks = i + 1; - break; -@@ -121,6 +118,7 @@ - } - - cq->bytes_out += r; -+ max_bytes -= r; - - /* check which chunks have been written */ - -@@ -132,11 +130,10 @@ - - if (chunk_finished) { - /* skip the chunks from further touches */ -- chunks_written++; - c = c->next; - } else { - /* chunks_written + c = c->next is done in the for()*/ -- chunk_finished++; -+ chunk_finished = 1; - } - } else { - /* partially written */ -@@ -284,6 +281,8 @@ - assert(toSend < 0); - } - -+ if (toSend > max_bytes) toSend = max_bytes; -+ - #ifdef LOCAL_BUFFERING - start = c->mem->ptr; - #else -@@ -309,6 +308,7 @@ - - c->offset += r; - cq->bytes_out += r; -+ max_bytes -= r; - - if (c->offset == c->file.length) { - chunk_finished = 1; -@@ -334,11 +334,9 @@ - - break; - } -- -- chunks_written++; - } - -- return chunks_written; -+ return 0; - } - - #endif -Index: src/network_freebsd_sendfile.c -=================================================================== ---- src/network_freebsd_sendfile.c (revision 2800) -+++ src/network_freebsd_sendfile.c (revision 2801) -@@ -31,17 +31,16 @@ - # endif - #endif - --int network_write_chunkqueue_freebsdsendfile(server *srv, connection *con, int fd, chunkqueue *cq) { -+int network_write_chunkqueue_freebsdsendfile(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) { - chunk *c; -- size_t chunks_written = 0; - -- for(c = cq->first; c; c = c->next, chunks_written++) { -+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) { - int chunk_finished = 0; - - switch(c->type) { - case MEM_CHUNK: { - char * offset; -- size_t toSend; -+ off_t toSend; - ssize_t r; - - size_t num_chunks, i; -@@ -49,12 +48,10 @@ - chunk *tc; - size_t num_bytes = 0; - -- /* we can't send more then SSIZE_MAX bytes in one chunk */ -- - /* build writev list - * - * 1. limit: num_chunks < UIO_MAXIOV -- * 2. limit: num_bytes < SSIZE_MAX -+ * 2. limit: num_bytes < max_bytes - */ - for(num_chunks = 0, tc = c; tc && tc->type == MEM_CHUNK && num_chunks < UIO_MAXIOV; num_chunks++, tc = tc->next); - -@@ -69,9 +66,9 @@ - chunks[i].iov_base = offset; - - /* protect the return value of writev() */ -- if (toSend > SSIZE_MAX || -- num_bytes + toSend > SSIZE_MAX) { -- chunks[i].iov_len = SSIZE_MAX - num_bytes; -+ if (toSend > max_bytes || -+ (off_t) num_bytes + toSend > max_bytes) { -+ chunks[i].iov_len = max_bytes - num_bytes; - - num_chunks = i + 1; - break; -@@ -105,6 +102,7 @@ - - /* check which chunks have been written */ - cq->bytes_out += r; -+ max_bytes -= r; - - for(i = 0, tc = c; i < num_chunks; i++, tc = tc->next) { - if (r >= (ssize_t)chunks[i].iov_len) { -@@ -114,11 +112,10 @@ - - if (chunk_finished) { - /* skip the chunks from further touches */ -- chunks_written++; - c = c->next; - } else { - /* chunks_written + c = c->next is done in the for()*/ -- chunk_finished++; -+ chunk_finished = 1; - } - } else { - /* partially written */ -@@ -134,7 +131,7 @@ - } - case FILE_CHUNK: { - off_t offset, r; -- size_t toSend; -+ off_t toSend; - stat_cache_entry *sce = NULL; - - if (HANDLER_ERROR == stat_cache_get_entry(srv, con, c->file.name, &sce)) { -@@ -144,9 +141,8 @@ - } - - offset = c->file.start + c->offset; -- /* limit the toSend to 2^31-1 bytes in a chunk */ -- toSend = c->file.length - c->offset > ((1 << 30) - 1) ? -- ((1 << 30) - 1) : c->file.length - c->offset; -+ toSend = c->file.length - c->offset; -+ if (toSend > max_bytes) toSend = max_bytes; - - if (-1 == c->file.fd) { - if (-1 == (c->file.fd = open(c->file.name->ptr, O_RDONLY))) { -@@ -197,6 +193,7 @@ - - c->offset += r; - cq->bytes_out += r; -+ max_bytes -= r; - - if (c->offset == c->file.length) { - chunk_finished = 1; -@@ -218,7 +215,7 @@ - } - } - -- return chunks_written; -+ return 0; - } - - #endif -Index: src/network_openssl.c -=================================================================== ---- src/network_openssl.c (revision 2800) -+++ src/network_openssl.c (revision 2801) -@@ -27,10 +27,9 @@ - # include <openssl/ssl.h> - # include <openssl/err.h> - --int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq) { -+int network_write_chunkqueue_openssl(server *srv, connection *con, SSL *ssl, chunkqueue *cq, off_t max_bytes) { - int ssl_r; - chunk *c; -- size_t chunks_written = 0; - - /* this is a 64k sendbuffer - * -@@ -59,13 +58,13 @@ - SSL_set_shutdown(ssl, SSL_RECEIVED_SHUTDOWN); - } - -- for(c = cq->first; c; c = c->next) { -+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) { - int chunk_finished = 0; - - switch(c->type) { - case MEM_CHUNK: { - char * offset; -- size_t toSend; -+ off_t toSend; - ssize_t r; - - if (c->mem->used == 0 || c->mem->used == 1) { -@@ -75,6 +74,7 @@ - - offset = c->mem->ptr + c->offset; - toSend = c->mem->used - 1 - c->offset; -+ if (toSend > max_bytes) toSend = max_bytes; - - /** - * SSL_write man-page -@@ -139,6 +139,7 @@ - } else { - c->offset += r; - cq->bytes_out += r; -+ max_bytes -= r; - } - - if (c->offset == (off_t)c->mem->used - 1) { -@@ -168,6 +169,7 @@ - do { - off_t offset = c->file.start + c->offset; - off_t toSend = c->file.length - c->offset; -+ if (toSend > max_bytes) toSend = max_bytes; - - if (toSend > LOCAL_SEND_BUFSIZE) toSend = LOCAL_SEND_BUFSIZE; - -@@ -243,6 +245,7 @@ - } else { - c->offset += r; - cq->bytes_out += r; -+ max_bytes -= r; - } - - if (c->offset == c->file.length) { -@@ -263,11 +266,9 @@ - - break; - } -- -- chunks_written++; - } - -- return chunks_written; -+ return 0; - } - #endif - -Index: src/settings.h -=================================================================== ---- src/settings.h (revision 2800) -+++ src/settings.h (revision 2801) -@@ -21,8 +21,11 @@ - * 64kB (no real reason, just a guess) - */ - #define BUFFER_MAX_REUSE_SIZE (4 * 1024) --#define MAX_READ_LIMIT (4*1024*1024) - -+/* both should be way smaller than SSIZE_MAX :) */ -+#define MAX_READ_LIMIT (256*1024) -+#define MAX_WRITE_LIMIT (256*1024) -+ - /** - * max size of the HTTP request header - * -Index: src/mod_fastcgi.c -=================================================================== ---- src/mod_fastcgi.c (revision 2800) -+++ src/mod_fastcgi.c (revision 2801) -@@ -3075,7 +3075,7 @@ - fcgi_set_state(srv, hctx, FCGI_STATE_WRITE); - /* fall through */ - case FCGI_STATE_WRITE: -- ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb); -+ ret = srv->network_backend_write(srv, con, hctx->fd, hctx->wb, MAX_WRITE_LIMIT); - - chunkqueue_remove_finished_chunks(hctx->wb); - -Index: src/network_solaris_sendfilev.c -=================================================================== ---- src/network_solaris_sendfilev.c (revision 2800) -+++ src/network_solaris_sendfilev.c (revision 2801) -@@ -38,17 +38,16 @@ - */ - - --int network_write_chunkqueue_solarissendfilev(server *srv, connection *con, int fd, chunkqueue *cq) { -+int network_write_chunkqueue_solarissendfilev(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) { - chunk *c; -- size_t chunks_written = 0; - -- for(c = cq->first; c; c = c->next, chunks_written++) { -+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) { - int chunk_finished = 0; - - switch(c->type) { - case MEM_CHUNK: { - char * offset; -- size_t toSend; -+ off_t toSend; - ssize_t r; - - size_t num_chunks, i; -@@ -77,9 +76,9 @@ - chunks[i].iov_base = offset; - - /* protect the return value of writev() */ -- if (toSend > SSIZE_MAX || -- num_bytes + toSend > SSIZE_MAX) { -- chunks[i].iov_len = SSIZE_MAX - num_bytes; -+ if (toSend > max_bytes || -+ (off_t) num_bytes + toSend > max_bytes) { -+ chunks[i].iov_len = max_bytes - num_bytes; - - num_chunks = i + 1; - break; -@@ -119,11 +118,10 @@ - - if (chunk_finished) { - /* skip the chunks from further touches */ -- chunks_written++; - c = c->next; - } else { - /* chunks_written + c = c->next is done in the for()*/ -- chunk_finished++; -+ chunk_finished = 1; - } - } else { - /* partially written */ -@@ -139,8 +137,8 @@ - } - case FILE_CHUNK: { - ssize_t r; -- off_t offset; -- size_t toSend, written; -+ off_t offset, toSend; -+ size_t written; - sendfilevec_t fvec; - stat_cache_entry *sce = NULL; - int ifd; -@@ -153,6 +151,7 @@ - - offset = c->file.start + c->offset; - toSend = c->file.length - c->offset; -+ if (toSend > max_bytes) toSend = max_bytes; - - if (offset > sce->st.st_size) { - log_error_write(srv, __FILE__, __LINE__, "sb", "file was shrinked:", c->file.name); -@@ -186,6 +185,7 @@ - close(ifd); - c->offset += written; - cq->bytes_out += written; -+ max_bytes -= written; - - if (c->offset == c->file.length) { - chunk_finished = 1; -@@ -207,7 +207,7 @@ - } - } - -- return chunks_written; -+ return 0; - } - - #endif -Index: src/network_linux_sendfile.c -=================================================================== ---- src/network_linux_sendfile.c (revision 2800) -+++ src/network_linux_sendfile.c (revision 2801) -@@ -27,17 +27,16 @@ - /* on linux 2.4.29 + debian/ubuntu we have crashes if this is enabled */ - #undef HAVE_POSIX_FADVISE - --int network_write_chunkqueue_linuxsendfile(server *srv, connection *con, int fd, chunkqueue *cq) { -+int network_write_chunkqueue_linuxsendfile(server *srv, connection *con, int fd, chunkqueue *cq, off_t max_bytes) { - chunk *c; -- size_t chunks_written = 0; - -- for(c = cq->first; c; c = c->next, chunks_written++) { -+ for(c = cq->first; (max_bytes > 0) && (NULL != c); c = c->next) { - int chunk_finished = 0; - - switch(c->type) { - case MEM_CHUNK: { - char * offset; -- size_t toSend; -+ off_t toSend; - ssize_t r; - - size_t num_chunks, i; -@@ -45,12 +44,10 @@ - chunk *tc; - size_t num_bytes = 0; - -- /* we can't send more then SSIZE_MAX bytes in one chunk */ -- - /* build writev list - * - * 1. limit: num_chunks < UIO_MAXIOV -- * 2. limit: num_bytes < SSIZE_MAX -+ * 2. limit: num_bytes < max_bytes - */ - for (num_chunks = 0, tc = c; - tc && tc->type == MEM_CHUNK && num_chunks < UIO_MAXIOV; -@@ -67,9 +64,9 @@ - chunks[i].iov_base = offset; - - /* protect the return value of writev() */ -- if (toSend > SSIZE_MAX || -- num_bytes + toSend > SSIZE_MAX) { -- chunks[i].iov_len = SSIZE_MAX - num_bytes; -+ if (toSend > max_bytes || -+ (off_t) num_bytes + toSend > max_bytes) { -+ chunks[i].iov_len = max_bytes - num_bytes; - - num_chunks = i + 1; - break; -@@ -100,6 +97,7 @@ - - /* check which chunks have been written */ - cq->bytes_out += r; -+ max_bytes -= r; - - for(i = 0, tc = c; i < num_chunks; i++, tc = tc->next) { - if (r >= (ssize_t)chunks[i].iov_len) { -@@ -109,11 +107,10 @@ - - if (chunk_finished) { - /* skip the chunks from further touches */ -- chunks_written++; - c = c->next; - } else { - /* chunks_written + c = c->next is done in the for()*/ -- chunk_finished++; -+ chunk_finished = 1; - } - } else { - /* partially written */ -@@ -130,13 +127,12 @@ - case FILE_CHUNK: { - ssize_t r; - off_t offset; -- size_t toSend; -+ off_t toSend; - stat_cache_entry *sce = NULL; - - offset = c->file.start + c->offset; -- /* limit the toSend to 2^31-1 bytes in a chunk */ -- toSend = c->file.length - c->offset > ((1 << 30) - 1) ? -- ((1 << 30) - 1) : c->file.length - c->offset; -+ toSend = c->file.length - c->offset; -+ if (toSend > max_bytes) toSend = max_bytes; - - /* open file if not already opened */ - if (-1 == c->file.fd) { -@@ -215,6 +211,7 @@ - - c->offset += r; - cq->bytes_out += r; -+ max_bytes -= r; - - if (c->offset == c->file.length) { - chunk_finished = 1; -@@ -243,7 +240,7 @@ - } - } - -- return chunks_written; -+ return 0; - } - - #endif diff --git a/www/lighttpd/files/patch-2802-ssl b/www/lighttpd/files/patch-2802-ssl deleted file mode 100644 index cff9e61895ab..000000000000 --- a/www/lighttpd/files/patch-2802-ssl +++ /dev/null @@ -1,16 +0,0 @@ -Index: src/network.c -=================================================================== ---- src/network.c (revision 2801) -+++ src/network.c (revision 2802) -@@ -480,9 +480,11 @@ - network_backend_t backend; - - #if OPENSSL_VERSION_NUMBER >= 0x0090800fL -+#ifndef OPENSSL_NO_ECDH - EC_KEY *ecdh; - int nid; - #endif -+#endif - - #ifdef USE_OPENSSL - DH *dh; diff --git a/www/lighttpd/files/patch-2803-pathinfo b/www/lighttpd/files/patch-2803-pathinfo deleted file mode 100644 index cb0c517ead61..000000000000 --- a/www/lighttpd/files/patch-2803-pathinfo +++ /dev/null @@ -1,122 +0,0 @@ -Index: src/mod_staticfile.c -=================================================================== ---- src/mod_staticfile.c (revision 2802) -+++ src/mod_staticfile.c (revision 2803) -@@ -26,6 +26,7 @@ - typedef struct { - array *exclude_ext; - unsigned short etags_used; -+ unsigned short disable_pathinfo; - } plugin_config; - - typedef struct { -@@ -84,6 +85,7 @@ - config_values_t cv[] = { - { "static-file.exclude-extensions", NULL, T_CONFIG_ARRAY, T_CONFIG_SCOPE_CONNECTION }, /* 0 */ - { "static-file.etags", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 1 */ -+ { "static-file.disable-pathinfo", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 2 */ - { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET } - }; - -@@ -97,9 +99,11 @@ - s = calloc(1, sizeof(plugin_config)); - s->exclude_ext = array_init(); - s->etags_used = 1; -+ s->disable_pathinfo = 0; - - cv[0].destination = s->exclude_ext; - cv[1].destination = &(s->etags_used); -+ cv[2].destination = &(s->disable_pathinfo); - - p->config_storage[i] = s; - -@@ -119,6 +123,7 @@ - - PATCH(exclude_ext); - PATCH(etags_used); -+ PATCH(disable_pathinfo); - - /* skip the first, the global context */ - for (i = 1; i < srv->config_context->used; i++) { -@@ -136,7 +141,9 @@ - PATCH(exclude_ext); - } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("static-file.etags"))) { - PATCH(etags_used); -- } -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("static-file.disable-pathinfo"))) { -+ PATCH(disable_pathinfo); -+ } - } - } - -@@ -375,6 +382,13 @@ - - mod_staticfile_patch_connection(srv, con, p); - -+ if (p->conf.disable_pathinfo && 0 != con->request.pathinfo->used) { -+ if (con->conf.log_request_handling) { -+ log_error_write(srv, __FILE__, __LINE__, "s", "-- NOT handling file as static file, pathinfo forbidden"); -+ } -+ return HANDLER_GO_ON; -+ } -+ - /* ignore certain extensions */ - for (k = 0; k < p->conf.exclude_ext->used; k++) { - ds = (data_string *)p->conf.exclude_ext->data[k]; -Index: tests/request.t -=================================================================== ---- tests/request.t (revision 2802) -+++ tests/request.t (revision 2803) -@@ -8,7 +8,7 @@ - - use strict; - use IO::Socket; --use Test::More tests => 44; -+use Test::More tests => 46; - use LightyTest; - - my $tf = LightyTest->new(); -@@ -413,5 +413,21 @@ - $t->{SLOWREQUEST} = 1; - ok($tf->handle_http($t) == 0, 'GET, slow \\r\\n\\r\\n (#2105)'); - -+print "\nPathinfo for static files\n"; -+$t->{REQUEST} = ( <<EOF -+GET /image.jpg/index.php HTTP/1.0 -+EOF -+ ); -+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'Content-Type' => 'image/jpeg' } ]; -+ok($tf->handle_http($t) == 0, 'static file accepting pathinfo by default'); -+ -+$t->{REQUEST} = ( <<EOF -+GET /image.jpg/index.php HTTP/1.0 -+Host: zzz.example.org -+EOF -+ ); -+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ]; -+ok($tf->handle_http($t) == 0, 'static file with forbidden pathinfo'); -+ - ok($tf->stop_proc == 0, "Stopping lighttpd"); - -Index: tests/wrapper.sh -=================================================================== ---- tests/wrapper.sh (revision 2802) -+++ tests/wrapper.sh (revision 2803) -@@ -6,4 +6,4 @@ - top_builddir=$2 - export SHELL srcdir top_builddir - --$3 -+exec $3 -Index: tests/lighttpd.conf -=================================================================== ---- tests/lighttpd.conf (revision 2802) -+++ tests/lighttpd.conf (revision 2803) -@@ -149,6 +149,7 @@ - $HTTP["host"] == "zzz.example.org" { - server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/" - server.name = "zzz.example.org" -+ static-file.disable-pathinfo = "enable" - } - - $HTTP["host"] == "symlink.example.org" { diff --git a/www/lighttpd/files/patch-2804-bug2341 b/www/lighttpd/files/patch-2804-bug2341 deleted file mode 100644 index 00a9ee80544b..000000000000 --- a/www/lighttpd/files/patch-2804-bug2341 +++ /dev/null @@ -1,12 +0,0 @@ -Index: src/connections.c -=================================================================== ---- src/connections.c (revision 2803) -+++ src/connections.c (revision 2804) -@@ -445,6 +445,7 @@ - default: - switch(con->http_status) { - case 400: /* bad request */ -+ case 401: /* authorization required */ - case 414: /* overload request header */ - case 505: /* unknown protocol */ - case 207: /* this was webdav */ diff --git a/www/lighttpd/files/patch-src-fdevent.h b/www/lighttpd/files/patch-src-fdevent.h new file mode 100644 index 000000000000..fcafda5b3748 --- /dev/null +++ b/www/lighttpd/files/patch-src-fdevent.h @@ -0,0 +1,11 @@ +--- src/fdevent.h.orig 2011-12-19 07:41:33.183877666 +0100 ++++ src/fdevent.h 2011-12-19 07:42:01.457863868 +0100 +@@ -54,7 +54,7 @@ + # include <port.h> + #endif + +-#if defined HAVE_SYS_EVENT_H && defined HAVE_KQUEUE ++#if defined HAVE_SYS_EVENT_H && defined HAVE_KQUEUE && !defined HAVE_LIBEV + # define USE_FREEBSD_KQUEUE + # include <sys/event.h> + #endif |