Menu
▾
▴
astlinux-commits
|
From: <abe...@us...> - 2012-03-01 00:49:16
|
Revision: 5472
http://astlinux.svn.sourceforge.net/astlinux/?rev=5472&view=rev
Author: abelbeck
Date: 2012-03-01 00:49:09 +0000 (Thu, 01 Mar 2012)
Log Message:
-----------
lighttpd, add feature if directory '/mnt/kd/phoneprov' exists, enables both HTTP and HTTPS access to /phoneprov/ in that directory
Modified Paths:
--------------
branches/1.0/package/lighttpd/lighttpd.conf
branches/1.0/package/lighttpd/lighttpd.init
Modified: branches/1.0/package/lighttpd/lighttpd.conf
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.conf 2012-02-28 16:06:08 UTC (rev 5471)
+++ branches/1.0/package/lighttpd/lighttpd.conf 2012-03-01 00:49:09 UTC (rev 5472)
@@ -4,6 +4,7 @@
"mod_access",
"mod_accesslog",
"mod_auth",
+ "mod_alias",
"mod_fastcgi",
"mod_proxy" )
@@ -139,3 +140,5 @@
@CLI_PROXY_SERVER@ )
@CLI_PROXY_SERVER@}
+@PHONEPROV@alias.url = ( "/phoneprov/" => "/mnt/kd/phoneprov/" )
+
Modified: branches/1.0/package/lighttpd/lighttpd.init
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.init 2012-02-28 16:06:08 UTC (rev 5471)
+++ branches/1.0/package/lighttpd/lighttpd.init 2012-03-01 00:49:09 UTC (rev 5472)
@@ -71,6 +71,11 @@
else
cli_proxy_server="#"
fi
+ if [ -d /mnt/kd/phoneprov ]; then
+ phoneprov=""
+ else
+ phoneprov="#"
+ fi
sed -i -e "s|@HOSTNAME@|${HOSTNAME}|g" \
-e "s|@HTTPDIR@|${httpdir}|g" \
@@ -83,6 +88,7 @@
-e "s|@HTTPSCGI@|${httpscgi}|g" \
-e "s|@IPV6@|${ipv6}|g" \
-e "s|@CLI_PROXY_SERVER@|${cli_proxy_server}|g" \
+ -e "s|@PHONEPROV@|${phoneprov}|g" \
/tmp/etc/lighttpd.conf
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2013-12-02 18:08:22
|
Revision: 6298
http://sourceforge.net/p/astlinux/code/6298
Author: abelbeck
Date: 2013-12-02 18:08:19 +0000 (Mon, 02 Dec 2013)
Log Message:
-----------
lighttpd, add upstream security fixes as patches, CVE-2013-4559, CVE-2013-4560
Added Paths:
-----------
branches/1.0/package/lighttpd/lighttpd-03-fix_fam_use_after_free.patch
branches/1.0/package/lighttpd/lighttpd-04-fix_setuid.patch
Added: branches/1.0/package/lighttpd/lighttpd-03-fix_fam_use_after_free.patch
===================================================================
--- branches/1.0/package/lighttpd/lighttpd-03-fix_fam_use_after_free.patch (rev 0)
+++ branches/1.0/package/lighttpd/lighttpd-03-fix_fam_use_after_free.patch 2013-12-02 18:08:19 UTC (rev 6298)
@@ -0,0 +1,22 @@
+commit ae1335503a8f63489f847668ee37df8470a2ab0a
+Author: Stefan Bühler <stb...@we...>
+Date: Wed Nov 13 11:43:28 2013 +0000
+
+ [stat-cache] FAM: fix use after free (CVE-2013-4560)
+
+ From: Stefan Bühler <stb...@we...>
+
+ git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2921 152afb58-edef-0310-8abb-c4023f1b3aa9
+
+diff --git a/src/stat_cache.c b/src/stat_cache.c
+index e995f3b..924f4dc 100644
+--- a/src/stat_cache.c
++++ b/src/stat_cache.c
+@@ -648,6 +648,7 @@ handler_t stat_cache_get_entry(server *srv, connection *con, buffer *name, stat_
+ FamErrlist[FAMErrno]);
+
+ fam_dir_entry_free(fam_dir);
++ fam_dir = NULL;
+ } else {
+ int osize = 0;
+
Added: branches/1.0/package/lighttpd/lighttpd-04-fix_setuid.patch
===================================================================
--- branches/1.0/package/lighttpd/lighttpd-04-fix_setuid.patch (rev 0)
+++ branches/1.0/package/lighttpd/lighttpd-04-fix_setuid.patch 2013-12-02 18:08:19 UTC (rev 6298)
@@ -0,0 +1,43 @@
+commit 99cddff73ab4023186bcfca54cbb73051140e15d
+Author: Stefan Bühler <stb...@we...>
+Date: Wed Nov 13 11:43:33 2013 +0000
+
+ [core] check success of setuid,setgid,setgroups (CVE-2013-4559)
+
+ From: Stefan Bühler <stb...@we...>
+
+ git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2923 152afb58-edef-0310-8abb-c4023f1b3aa9
+
+diff --git a/src/server.c b/src/server.c
+index 2d825bb..e2b42eb 100644
+--- a/src/server.c
++++ b/src/server.c
+@@ -820,8 +820,14 @@ int main (int argc, char **argv) {
+ * to /etc/group
+ * */
+ if (NULL != grp) {
+- setgid(grp->gr_gid);
+- setgroups(0, NULL);
++ if (-1 == setgid(grp->gr_gid)) {
++ log_error_write(srv, __FILE__, __LINE__, "ss", "setgid failed: ", strerror(errno));
++ return -1;
++ }
++ if (-1 == setgroups(0, NULL)) {
++ log_error_write(srv, __FILE__, __LINE__, "ss", "setgroups failed: ", strerror(errno));
++ return -1;
++ }
+ if (srv->srvconf.username->used) {
+ initgroups(srv->srvconf.username->ptr, grp->gr_gid);
+ }
+@@ -844,7 +850,10 @@ int main (int argc, char **argv) {
+ #ifdef HAVE_PWD_H
+ /* drop root privs */
+ if (NULL != pwd) {
+- setuid(pwd->pw_uid);
++ if (-1 == setuid(pwd->pw_uid)) {
++ log_error_write(srv, __FILE__, __LINE__, "ss", "setuid failed: ", strerror(errno));
++ return -1;
++ }
+ }
+ #endif
+ #if defined(HAVE_SYS_PRCTL_H) && defined(PR_SET_DUMPABLE)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2014-01-23 01:17:14
|
Revision: 6374
http://sourceforge.net/p/astlinux/code/6374
Author: abelbeck
Date: 2014-01-23 01:17:12 +0000 (Thu, 23 Jan 2014)
Log Message:
-----------
lighttpd, version bump to 1.4.34, also specify the 'standard' ssl cipher string recommendation to ssl.cipher-list
Modified Paths:
--------------
branches/1.0/package/lighttpd/lighttpd.conf
branches/1.0/package/lighttpd/lighttpd.mk
Removed Paths:
-------------
branches/1.0/package/lighttpd/lighttpd-03-fix_fam_use_after_free.patch
branches/1.0/package/lighttpd/lighttpd-04-fix_setuid.patch
Deleted: branches/1.0/package/lighttpd/lighttpd-03-fix_fam_use_after_free.patch
===================================================================
--- branches/1.0/package/lighttpd/lighttpd-03-fix_fam_use_after_free.patch 2014-01-23 00:35:32 UTC (rev 6373)
+++ branches/1.0/package/lighttpd/lighttpd-03-fix_fam_use_after_free.patch 2014-01-23 01:17:12 UTC (rev 6374)
@@ -1,22 +0,0 @@
-commit ae1335503a8f63489f847668ee37df8470a2ab0a
-Author: Stefan Bühler <stb...@we...>
-Date: Wed Nov 13 11:43:28 2013 +0000
-
- [stat-cache] FAM: fix use after free (CVE-2013-4560)
-
- From: Stefan Bühler <stb...@we...>
-
- git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2921 152afb58-edef-0310-8abb-c4023f1b3aa9
-
-diff --git a/src/stat_cache.c b/src/stat_cache.c
-index e995f3b..924f4dc 100644
---- a/src/stat_cache.c
-+++ b/src/stat_cache.c
-@@ -648,6 +648,7 @@ handler_t stat_cache_get_entry(server *srv, connection *con, buffer *name, stat_
- FamErrlist[FAMErrno]);
-
- fam_dir_entry_free(fam_dir);
-+ fam_dir = NULL;
- } else {
- int osize = 0;
-
Deleted: branches/1.0/package/lighttpd/lighttpd-04-fix_setuid.patch
===================================================================
--- branches/1.0/package/lighttpd/lighttpd-04-fix_setuid.patch 2014-01-23 00:35:32 UTC (rev 6373)
+++ branches/1.0/package/lighttpd/lighttpd-04-fix_setuid.patch 2014-01-23 01:17:12 UTC (rev 6374)
@@ -1,43 +0,0 @@
-commit 99cddff73ab4023186bcfca54cbb73051140e15d
-Author: Stefan Bühler <stb...@we...>
-Date: Wed Nov 13 11:43:33 2013 +0000
-
- [core] check success of setuid,setgid,setgroups (CVE-2013-4559)
-
- From: Stefan Bühler <stb...@we...>
-
- git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2923 152afb58-edef-0310-8abb-c4023f1b3aa9
-
-diff --git a/src/server.c b/src/server.c
-index 2d825bb..e2b42eb 100644
---- a/src/server.c
-+++ b/src/server.c
-@@ -820,8 +820,14 @@ int main (int argc, char **argv) {
- * to /etc/group
- * */
- if (NULL != grp) {
-- setgid(grp->gr_gid);
-- setgroups(0, NULL);
-+ if (-1 == setgid(grp->gr_gid)) {
-+ log_error_write(srv, __FILE__, __LINE__, "ss", "setgid failed: ", strerror(errno));
-+ return -1;
-+ }
-+ if (-1 == setgroups(0, NULL)) {
-+ log_error_write(srv, __FILE__, __LINE__, "ss", "setgroups failed: ", strerror(errno));
-+ return -1;
-+ }
- if (srv->srvconf.username->used) {
- initgroups(srv->srvconf.username->ptr, grp->gr_gid);
- }
-@@ -844,7 +850,10 @@ int main (int argc, char **argv) {
- #ifdef HAVE_PWD_H
- /* drop root privs */
- if (NULL != pwd) {
-- setuid(pwd->pw_uid);
-+ if (-1 == setuid(pwd->pw_uid)) {
-+ log_error_write(srv, __FILE__, __LINE__, "ss", "setuid failed: ", strerror(errno));
-+ return -1;
-+ }
- }
- #endif
- #if defined(HAVE_SYS_PRCTL_H) && defined(PR_SET_DUMPABLE)
Modified: branches/1.0/package/lighttpd/lighttpd.conf
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.conf 2014-01-23 00:35:32 UTC (rev 6373)
+++ branches/1.0/package/lighttpd/lighttpd.conf 2014-01-23 01:17:12 UTC (rev 6374)
@@ -81,6 +81,7 @@
$SERVER["socket"] == "0.0.0.0:443" {
ssl.engine = "enable"
+ ssl.cipher-list = "aRSA+HIGH !3DES +kEDH +kRSA !kSRP !kPSK"
ssl.pemfile = "@HTTPSCERT@"
server.document-root = "/var/www"
accesslog.filename = "@HTTPS_ACCESSLOG@"
@@ -97,6 +98,7 @@
@IPV6@
@IPV6@$SERVER["socket"] == "[::]:443" {
@IPV6@ ssl.engine = "enable"
+@IPV6@ ssl.cipher-list = "aRSA+HIGH !3DES +kEDH +kRSA !kSRP !kPSK"
@IPV6@ ssl.pemfile = "@HTTPSCERT@"
@IPV6@ server.document-root = "/var/www"
@IPV6@ accesslog.filename = "@HTTPS_ACCESSLOG@"
Modified: branches/1.0/package/lighttpd/lighttpd.mk
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.mk 2014-01-23 00:35:32 UTC (rev 6373)
+++ branches/1.0/package/lighttpd/lighttpd.mk 2014-01-23 01:17:12 UTC (rev 6374)
@@ -4,7 +4,7 @@
#
#############################################################
-LIGHTTPD_VERSION = 1.4.33
+LIGHTTPD_VERSION = 1.4.34
LIGHTTPD_SITE = http://download.lighttpd.net/lighttpd/releases-1.4.x
LIGHTTPD_DEPENDENCIES = host-pkg-config
LIGHTTPD_CONF_OPT = \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2014-12-16 17:27:38
|
Revision: 6854
http://sourceforge.net/p/astlinux/code/6854
Author: abelbeck
Date: 2014-12-16 17:27:35 +0000 (Tue, 16 Dec 2014)
Log Message:
-----------
lighttpd, add proxy support for Monit if installed
Modified Paths:
--------------
branches/1.0/package/lighttpd/lighttpd.conf
branches/1.0/package/lighttpd/lighttpd.init
Modified: branches/1.0/package/lighttpd/lighttpd.conf
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.conf 2014-12-16 00:32:46 UTC (rev 6853)
+++ branches/1.0/package/lighttpd/lighttpd.conf 2014-12-16 17:27:35 UTC (rev 6854)
@@ -130,6 +130,12 @@
"realm" => "admin",
"require" => "user=admin"
),
+ "/admin/monit/" =>
+ (
+ "method" => "basic",
+ "realm" => "admin",
+ "require" => "user=admin"
+ ),
"/admin/netstat/" =>
(
"method" => "basic",
@@ -155,6 +161,17 @@
@CLI_PROXY_SERVER@ )
@CLI_PROXY_SERVER@}
+@MONIT_SERVER@$HTTP["scheme"] == "https" {
+@MONIT_SERVER@ proxy.server += ( "/admin/monit/" =>
+@MONIT_SERVER@ ( "localhost" =>
+@MONIT_SERVER@ (
+@MONIT_SERVER@ "host" => "127.0.0.1",
+@MONIT_SERVER@ "port" => "2812"
+@MONIT_SERVER@ )
+@MONIT_SERVER@ )
+@MONIT_SERVER@ )
+@MONIT_SERVER@}
+
@NETSTAT_SERVER@$HTTP["scheme"] == "https" {
@NETSTAT_SERVER@ proxy.server += ( "/admin/netstat/" =>
@NETSTAT_SERVER@ ( "localhost" =>
Modified: branches/1.0/package/lighttpd/lighttpd.init
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.init 2014-12-16 00:32:46 UTC (rev 6853)
+++ branches/1.0/package/lighttpd/lighttpd.init 2014-12-16 17:27:35 UTC (rev 6854)
@@ -96,6 +96,14 @@
cli_proxy_server="#"
fi
+ if [ -f /etc/init.d/monit ]; then
+ # Always enable /admin/monit/ proxy so monit can be
+ # enabled/disabled without requiring a reboot via the web interface.
+ monit_server=""
+ else
+ monit_server="#"
+ fi
+
# Always enable /admin/netstat/ proxy so darkstat can be
# enabled/disabled without requiring a reboot via the web interface.
netstat_server=""
@@ -136,6 +144,7 @@
-e "s|@HTTPSCGI@|${httpscgi}|g" \
-e "s|@IPV6@|${ipv6}|g" \
-e "s|@CLI_PROXY_SERVER@|${cli_proxy_server}|g" \
+ -e "s|@MONIT_SERVER@|${monit_server}|g" \
-e "s|@NETSTAT_SERVER@|${netstat_server}|g" \
-e "s|@PHONEPROV@|${phoneprov}|g" \
-e "s!@PHONEPROV_ALLOW@!${phoneprov_allow}!g" \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2015-07-27 16:50:27
|
Revision: 7158
http://sourceforge.net/p/astlinux/code/7158
Author: abelbeck
Date: 2015-07-27 16:50:24 +0000 (Mon, 27 Jul 2015)
Log Message:
-----------
lighttpd, version bump to 1.4.36, remove 'hostname-underscore.patch' since it doesn't work - the hostname should not contain underscores
Note: this version disables SSLv3 by default, probably not a good thing for our use, we may want to re-enable ssl.use-sslv3 in the default config
Modified Paths:
--------------
branches/1.0/package/lighttpd/lighttpd.mk
Removed Paths:
-------------
branches/1.0/package/lighttpd/lighttpd-hostname-underscore.patch
Deleted: branches/1.0/package/lighttpd/lighttpd-hostname-underscore.patch
===================================================================
--- branches/1.0/package/lighttpd/lighttpd-hostname-underscore.patch 2015-07-26 03:42:09 UTC (rev 7157)
+++ branches/1.0/package/lighttpd/lighttpd-hostname-underscore.patch 2015-07-27 16:50:24 UTC (rev 7158)
@@ -1,17 +0,0 @@
---- lighttpd-1.4.35.orig/src/request.c 2010-08-17 05:04:38.000000000 -0400
-+++ lighttpd-1.4.35/src/request.c 2011-02-24 13:11:20.000000000 -0500
-@@ -180,12 +180,12 @@
- label_len = 0;
- level++;
- } else if (i == 0) {
-- if (!light_isalnum(c)) {
-+ if (!light_isalnum(c) && c != '_') {
- return -1;
- }
- label_len++;
- } else {
-- if (c != '-' && !light_isalnum(c)) {
-+ if (c != '-' && c != '_' &&!light_isalnum(c)) {
- return -1;
- }
- label_len++;
Modified: branches/1.0/package/lighttpd/lighttpd.mk
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.mk 2015-07-26 03:42:09 UTC (rev 7157)
+++ branches/1.0/package/lighttpd/lighttpd.mk 2015-07-27 16:50:24 UTC (rev 7158)
@@ -4,7 +4,7 @@
#
#############################################################
-LIGHTTPD_VERSION = 1.4.35
+LIGHTTPD_VERSION = 1.4.36
LIGHTTPD_SITE = http://download.lighttpd.net/lighttpd/releases-1.4.x
LIGHTTPD_DEPENDENCIES = host-pkg-config
LIGHTTPD_CONF_OPT = \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2015-08-20 17:55:06
|
Revision: 7207
http://sourceforge.net/p/astlinux/code/7207
Author: abelbeck
Date: 2015-08-20 17:55:03 +0000 (Thu, 20 Aug 2015)
Log Message:
-----------
lighttpd, add support for fossil
Modified Paths:
--------------
branches/1.0/package/lighttpd/lighttpd.conf
branches/1.0/package/lighttpd/lighttpd.init
Modified: branches/1.0/package/lighttpd/lighttpd.conf
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.conf 2015-08-20 17:12:55 UTC (rev 7206)
+++ branches/1.0/package/lighttpd/lighttpd.conf 2015-08-20 17:55:03 UTC (rev 7207)
@@ -130,6 +130,12 @@
"realm" => "admin",
"require" => "user=admin"
),
+ "/admin/fossil/" =>
+ (
+ "method" => "basic",
+ "realm" => "admin",
+ "require" => "user=admin"
+ ),
"/admin/monit/" =>
(
"method" => "basic",
@@ -161,6 +167,17 @@
@CLI_PROXY_SERVER@ )
@CLI_PROXY_SERVER@}
+@FOSSIL_SERVER@$HTTP["scheme"] == "https" {
+@FOSSIL_SERVER@ proxy.server += ( "/admin/fossil/" =>
+@FOSSIL_SERVER@ ( "localhost" =>
+@FOSSIL_SERVER@ (
+@FOSSIL_SERVER@ "host" => "127.0.0.1",
+@FOSSIL_SERVER@ "port" => "8055"
+@FOSSIL_SERVER@ )
+@FOSSIL_SERVER@ )
+@FOSSIL_SERVER@ )
+@FOSSIL_SERVER@}
+
@MONIT_SERVER@$HTTP["scheme"] == "https" {
@MONIT_SERVER@ proxy.server += ( "/admin/monit/" =>
@MONIT_SERVER@ ( "localhost" =>
Modified: branches/1.0/package/lighttpd/lighttpd.init
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.init 2015-08-20 17:12:55 UTC (rev 7206)
+++ branches/1.0/package/lighttpd/lighttpd.init 2015-08-20 17:55:03 UTC (rev 7207)
@@ -96,6 +96,14 @@
cli_proxy_server="#"
fi
+ if [ -f /etc/init.d/fossil ]; then
+ # Always enable /admin/fossil/ proxy so fossil can be
+ # enabled/disabled without requiring a reboot via the web interface.
+ fossil_server=""
+ else
+ fossil_server="#"
+ fi
+
if [ -f /etc/init.d/monit ]; then
# Always enable /admin/monit/ proxy so monit can be
# enabled/disabled without requiring a reboot via the web interface.
@@ -144,6 +152,7 @@
-e "s|@HTTPSCGI@|${httpscgi}|g" \
-e "s|@IPV6@|${ipv6}|g" \
-e "s|@CLI_PROXY_SERVER@|${cli_proxy_server}|g" \
+ -e "s|@FOSSIL_SERVER@|${fossil_server}|g" \
-e "s|@MONIT_SERVER@|${monit_server}|g" \
-e "s|@NETSTAT_SERVER@|${netstat_server}|g" \
-e "s|@PHONEPROV@|${phoneprov}|g" \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2015-08-30 20:23:11
|
Revision: 7233
http://sourceforge.net/p/astlinux/code/7233
Author: abelbeck
Date: 2015-08-30 20:23:10 +0000 (Sun, 30 Aug 2015)
Log Message:
-----------
lighttpd, version bump to 1.4.37
Modified Paths:
--------------
branches/1.0/package/lighttpd/lighttpd.mk
Removed Paths:
-------------
branches/1.0/package/lighttpd/lighttpd-silence-proxy_request_finished.patch
Deleted: branches/1.0/package/lighttpd/lighttpd-silence-proxy_request_finished.patch
===================================================================
--- branches/1.0/package/lighttpd/lighttpd-silence-proxy_request_finished.patch 2015-08-29 14:35:17 UTC (rev 7232)
+++ branches/1.0/package/lighttpd/lighttpd-silence-proxy_request_finished.patch 2015-08-30 20:23:10 UTC (rev 7233)
@@ -1,11 +0,0 @@
---- lighttpd-1.4.36/src/mod_proxy.c.orig 2015-08-03 13:03:02.000000000 -0500
-+++ lighttpd-1.4.36/src/mod_proxy.c 2015-08-03 13:04:51.000000000 -0500
-@@ -940,7 +940,7 @@
- case 1:
- /* we are done */
- proxy_connection_close(srv, hctx);
-- log_error_write(srv, __FILE__, __LINE__, "s", "proxy request finished");
-+ /* log_error_write(srv, __FILE__, __LINE__, "s", "proxy request finished"); */
-
- joblist_append(srv, con);
- return HANDLER_FINISHED;
Modified: branches/1.0/package/lighttpd/lighttpd.mk
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.mk 2015-08-29 14:35:17 UTC (rev 7232)
+++ branches/1.0/package/lighttpd/lighttpd.mk 2015-08-30 20:23:10 UTC (rev 7233)
@@ -4,7 +4,7 @@
#
#############################################################
-LIGHTTPD_VERSION = 1.4.36
+LIGHTTPD_VERSION = 1.4.37
LIGHTTPD_SITE = http://download.lighttpd.net/lighttpd/releases-1.4.x
LIGHTTPD_DEPENDENCIES = host-pkg-config
LIGHTTPD_CONF_OPT = \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-10-16 21:48:40
|
Revision: 7901
http://sourceforge.net/p/astlinux/code/7901
Author: abelbeck
Date: 2016-10-16 21:48:38 +0000 (Sun, 16 Oct 2016)
Log Message:
-----------
lighttpd, cherry-pick 1.4.42 fixes:
[core] enforce wait for POLLWR after EINPROGRESS (fixes #2744)
https://git.lighttpd.net/lighttpd/lighttpd1.4.git/commit/?id=666b9fd72675bcce468ef353a1f0b32f6e89dfd4
[core] fix crash if ready events on abandoned fd (fixes #2748)
https://git.lighttpd.net/lighttpd/lighttpd1.4.git/commit/?id=40f16d52dbd2cab3987e7269cc0a949c6f0a9ea3
Added Paths:
-----------
branches/1.0/package/lighttpd/lighttpd-enforce-wait-for-POLLWR.patch
branches/1.0/package/lighttpd/lighttpd-fix-crash-fd-events.patch
Added: branches/1.0/package/lighttpd/lighttpd-enforce-wait-for-POLLWR.patch
===================================================================
--- branches/1.0/package/lighttpd/lighttpd-enforce-wait-for-POLLWR.patch (rev 0)
+++ branches/1.0/package/lighttpd/lighttpd-enforce-wait-for-POLLWR.patch 2016-10-16 21:48:38 UTC (rev 7901)
@@ -0,0 +1,61 @@
+From 666b9fd72675bcce468ef353a1f0b32f6e89dfd4 Mon Sep 17 00:00:00 2001
+From: Glenn Strauss <gst...@gl...>
+Date: Sat, 6 Aug 2016 22:04:53 -0400
+Subject: [core] enforce wait for POLLWR after EINPROGRESS (fixes #2744)
+
+mod_fastcgi, mod_scgi, and mod_proxy must enforce wait for POLLWR
+after EINPROGRESS or else getsockopt(fd, SOL_SOCKET, SO_ERROR, ...)
+may succeed even though socket connection is not yet established,
+and subsequent writev() will fail ENOTCONN.
+
+(thx pkubaj)
+
+x-ref:
+ "1.4.40/41 writev failed: Socket is not connected (fastcgi,scgi,proxy)"
+ https://redmine.lighttpd.net/issues/2744
+
+diff --git a/src/mod_fastcgi.c b/src/mod_fastcgi.c
+index 4b0f8ba..bc0dabe 100644
+--- a/src/mod_fastcgi.c
++++ b/src/mod_fastcgi.c
+@@ -3257,7 +3257,8 @@ SUBREQUEST_FUNC(mod_fastcgi_handle_subrequest) {
+ }
+ }
+
+- return (0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb))
++ return ((0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb))
++ && hctx->state != FCGI_STATE_CONNECT_DELAYED)
+ ? fcgi_send_request(srv, hctx)
+ : HANDLER_WAIT_FOR_EVENT;
+ }
+diff --git a/src/mod_proxy.c b/src/mod_proxy.c
+index 7250c91..bebf0f3 100644
+--- a/src/mod_proxy.c
++++ b/src/mod_proxy.c
+@@ -992,7 +992,8 @@ SUBREQUEST_FUNC(mod_proxy_handle_subrequest) {
+ }
+ }
+
+- return (0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb))
++ return ((0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb))
++ && hctx->state != PROXY_STATE_CONNECT)
+ ? proxy_send_request(srv, hctx)
+ : HANDLER_WAIT_FOR_EVENT;
+ }
+diff --git a/src/mod_scgi.c b/src/mod_scgi.c
+index fffbc7a..ac93d33 100644
+--- a/src/mod_scgi.c
++++ b/src/mod_scgi.c
+@@ -2585,7 +2585,8 @@ SUBREQUEST_FUNC(mod_scgi_handle_subrequest) {
+ }
+ }
+
+- return (0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb))
++ return ((0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb))
++ && hctx->state != FCGI_STATE_CONNECT)
+ ? scgi_send_request(srv, hctx)
+ : HANDLER_WAIT_FOR_EVENT;
+ }
+--
+cgit v0.10.2
+
Added: branches/1.0/package/lighttpd/lighttpd-fix-crash-fd-events.patch
===================================================================
--- branches/1.0/package/lighttpd/lighttpd-fix-crash-fd-events.patch (rev 0)
+++ branches/1.0/package/lighttpd/lighttpd-fix-crash-fd-events.patch 2016-10-16 21:48:38 UTC (rev 7901)
@@ -0,0 +1,240 @@
+From 40f16d52dbd2cab3987e7269cc0a949c6f0a9ea3 Mon Sep 17 00:00:00 2001
+From: Glenn Strauss <gst...@gl...>
+Date: Wed, 24 Aug 2016 15:30:11 -0400
+Subject: [core] fix crash if ready events on abandoned fd (fixes #2748)
+
+x-ref:
+ "1.4.40/1.4.41 uploads to CGI may cause crash (SIGABRT)"
+ https://redmine.lighttpd.net/issues/2748
+
+diff --git a/src/fdevent.c b/src/fdevent.c
+index 25bb42a..aa84a9a 100644
+--- a/src/fdevent.c
++++ b/src/fdevent.c
+@@ -23,6 +23,7 @@ fdevents *fdevent_init(server *srv, size_t maxfds, fdevent_handler_t type) {
+ ev->fdarray = calloc(maxfds, sizeof(*ev->fdarray));
+ force_assert(NULL != ev->fdarray);
+ ev->maxfds = maxfds;
++ ev->highfd = -1;
+
+ switch(type) {
+ case FDEVENT_HANDLER_POLL:
+@@ -94,7 +95,7 @@ void fdevent_free(fdevents *ev) {
+ if (ev->free) ev->free(ev);
+
+ for (i = 0; i < ev->maxfds; i++) {
+- if (ev->fdarray[i]) free(ev->fdarray[i]);
++ if (ev->fdarray[i] > (fdnode *)0x2) free(ev->fdarray[i]);
+ }
+
+ free(ev->fdarray);
+@@ -148,9 +149,42 @@ int fdevent_unregister(fdevents *ev, int fd) {
+ return 0;
+ }
+
++void fdevent_sched_close(fdevents *ev, int fd, int issock) {
++ if (!ev) return;
++ ev->fdarray[fd] = (issock ? (fdnode *)0x1 : (fdnode *)0x2);
++ if (ev->highfd < fd) ev->highfd = fd;
++}
++
++void fdevent_sched_run(server *srv, fdevents *ev) {
++ const int highfd = ev->highfd;
++ for (int fd = 0; fd <= highfd; ++fd) {
++ fdnode * const fdn = ev->fdarray[fd];
++ int rc;
++ if (!((uintptr_t)fdn & 0x3)) continue;
++ #ifdef _WIN32
++ if (fdn == (fdnode *)0x1) {
++ rc = closesocket(fd);
++ }
++ else if (fdn == (fdnode)0x2) {
++ rc = close(fd);
++ }
++ #else
++ rc = close(fd);
++ #endif
++
++ if (0 != rc) {
++ log_error_write(srv, __FILE__, __LINE__, "sds", "close failed ", fd, strerror(errno));
++ }
++
++ ev->fdarray[fd] = NULL;
++ --srv->cur_fds;
++ }
++ ev->highfd = -1;
++}
++
+ void fdevent_event_del(fdevents *ev, int *fde_ndx, int fd) {
+ if (-1 == fd) return;
+- if (NULL == ev->fdarray[fd]) return;
++ if (ev->fdarray[fd] <= (fdnode *)0x2) return;
+
+ if (ev->event_del) *fde_ndx = ev->event_del(ev, *fde_ndx, fd);
+ ev->fdarray[fd]->events = 0;
+@@ -212,6 +246,7 @@ int fdevent_event_get_fd(fdevents *ev, size_t ndx) {
+
+ fdevent_handler fdevent_get_handler(fdevents *ev, int fd) {
+ if (ev->fdarray[fd] == NULL) SEGFAULT();
++ if ((uintptr_t)ev->fdarray[fd] & 0x3) return NULL;
+ if (ev->fdarray[fd]->fd != fd) SEGFAULT();
+
+ return ev->fdarray[fd]->handler;
+@@ -219,6 +254,7 @@ fdevent_handler fdevent_get_handler(fdevents *ev, int fd) {
+
+ void * fdevent_get_context(fdevents *ev, int fd) {
+ if (ev->fdarray[fd] == NULL) SEGFAULT();
++ if ((uintptr_t)ev->fdarray[fd] & 0x3) return NULL;
+ if (ev->fdarray[fd]->fd != fd) SEGFAULT();
+
+ return ev->fdarray[fd]->ctx;
+diff --git a/src/fdevent.h b/src/fdevent.h
+index 4dc1d3c..721c6d5 100644
+--- a/src/fdevent.h
++++ b/src/fdevent.h
+@@ -125,6 +125,7 @@ typedef struct fdevents {
+
+ fdnode **fdarray;
+ size_t maxfds;
++ int highfd;
+
+ #ifdef USE_LINUX_EPOLL
+ int epoll_fd;
+@@ -202,6 +203,8 @@ int fdevent_poll(fdevents *ev, int timeout_ms);
+
+ int fdevent_register(fdevents *ev, int fd, fdevent_handler handler, void *ctx);
+ int fdevent_unregister(fdevents *ev, int fd);
++void fdevent_sched_close(fdevents *ev, int fd, int issock);
++void fdevent_sched_run(struct server *srv, fdevents *ev);
+
+ void fd_close_on_exec(int fd);
+ int fdevent_fcntl_set(fdevents *ev, int fd);
+diff --git a/src/mod_cgi.c b/src/mod_cgi.c
+index 52e7f5d..e47b7ca 100644
+--- a/src/mod_cgi.c
++++ b/src/mod_cgi.c
+@@ -606,10 +606,7 @@ static void cgi_connection_close_fdtocgi(server *srv, handler_ctx *hctx) {
+ /*(closes only hctx->fdtocgi)*/
+ fdevent_event_del(srv->ev, &(hctx->fde_ndx_tocgi), hctx->fdtocgi);
+ fdevent_unregister(srv->ev, hctx->fdtocgi);
+-
+- if (close(hctx->fdtocgi)) {
+- log_error_write(srv, __FILE__, __LINE__, "sds", "cgi stdin close failed ", hctx->fdtocgi, strerror(errno));
+- }
++ fdevent_sched_close(srv->ev, hctx->fdtocgi, 0);
+ hctx->fdtocgi = -1;
+ }
+
+@@ -631,10 +628,7 @@ static void cgi_connection_close(server *srv, handler_ctx *hctx) {
+ /* close connection to the cgi-script */
+ fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
+ fdevent_unregister(srv->ev, hctx->fd);
+-
+- if (close(hctx->fd)) {
+- log_error_write(srv, __FILE__, __LINE__, "sds", "cgi close failed ", hctx->fd, strerror(errno));
+- }
++ fdevent_sched_close(srv->ev, hctx->fd, 0);
+ }
+
+ if (hctx->fdtocgi != -1) {
+@@ -1372,6 +1366,8 @@ static int cgi_create_env(server *srv, connection *con, plugin_data *p, handler_
+ hctx->fd = from_cgi_fds[0];
+ hctx->fde_ndx = -1;
+
++ ++srv->cur_fds;
++
+ if (0 == con->request.content_length) {
+ close(to_cgi_fds[1]);
+ } else {
+@@ -1388,6 +1384,8 @@ static int cgi_create_env(server *srv, connection *con, plugin_data *p, handler_
+ cgi_connection_close(srv, hctx);
+ return -1;
+ }
++
++ ++srv->cur_fds;
+ }
+
+ fdevent_register(srv->ev, hctx->fd, cgi_handle_fdevent, hctx);
+diff --git a/src/mod_fastcgi.c b/src/mod_fastcgi.c
+index bc0dabe..f124ad2 100644
+--- a/src/mod_fastcgi.c
++++ b/src/mod_fastcgi.c
+@@ -1577,8 +1577,7 @@ static void fcgi_connection_close(server *srv, handler_ctx *hctx) {
+ if (hctx->fd != -1) {
+ fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
+ fdevent_unregister(srv->ev, hctx->fd);
+- close(hctx->fd);
+- srv->cur_fds--;
++ fdevent_sched_close(srv->ev, hctx->fd, 1);
+ }
+
+ if (hctx->host && hctx->proc) {
+@@ -1631,8 +1630,7 @@ static int fcgi_reconnect(server *srv, handler_ctx *hctx) {
+ if (hctx->fd != -1) {
+ fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
+ fdevent_unregister(srv->ev, hctx->fd);
+- close(hctx->fd);
+- srv->cur_fds--;
++ fdevent_sched_close(srv->ev, hctx->fd, 1);
+ hctx->fd = -1;
+ }
+
+diff --git a/src/mod_proxy.c b/src/mod_proxy.c
+index 0e4bfcf..c4e2bcc 100644
+--- a/src/mod_proxy.c
++++ b/src/mod_proxy.c
+@@ -341,9 +341,7 @@ static void proxy_connection_close(server *srv, handler_ctx *hctx) {
+ if (hctx->fd != -1) {
+ fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
+ fdevent_unregister(srv->ev, hctx->fd);
+-
+- close(hctx->fd);
+- srv->cur_fds--;
++ fdevent_sched_close(srv->ev, hctx->fd, 1);
+ }
+
+ if (hctx->host) {
+diff --git a/src/mod_scgi.c b/src/mod_scgi.c
+index 94a5d65..5c62fc6 100644
+--- a/src/mod_scgi.c
++++ b/src/mod_scgi.c
+@@ -1315,8 +1315,7 @@ static void scgi_connection_close(server *srv, handler_ctx *hctx) {
+ if (hctx->fd != -1) {
+ fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
+ fdevent_unregister(srv->ev, hctx->fd);
+- close(hctx->fd);
+- srv->cur_fds--;
++ fdevent_sched_close(srv->ev, hctx->fd, 1);
+ }
+
+ if (hctx->host && hctx->proc) {
+@@ -1371,8 +1370,7 @@ static int scgi_reconnect(server *srv, handler_ctx *hctx) {
+
+ fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
+ fdevent_unregister(srv->ev, hctx->fd);
+- close(hctx->fd);
+- srv->cur_fds--;
++ fdevent_sched_close(srv->ev, hctx->fd, 1);
+
+ scgi_set_state(srv, hctx, FCGI_STATE_INIT);
+
+diff --git a/src/server.c b/src/server.c
+index 382d5a6..4c3fadc 100644
+--- a/src/server.c
++++ b/src/server.c
+@@ -1792,8 +1792,11 @@ int main (int argc, char **argv) {
+ fd = fdevent_event_get_fd (srv->ev, fd_ndx);
+ handler = fdevent_get_handler(srv->ev, fd);
+ context = fdevent_get_context(srv->ev, fd);
+- (*handler)(srv, context, revents);
++ if (NULL != handler) {
++ (*handler)(srv, context, revents);
++ }
+ } while (--n > 0);
++ fdevent_sched_run(srv, srv->ev);
+ } else if (n < 0 && errno != EINTR) {
+ log_error_write(srv, __FILE__, __LINE__, "ss",
+ "fdevent_poll failed:",
+--
+cgit v0.10.2
+
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-12-24 16:29:31
|
Revision: 8055
http://sourceforge.net/p/astlinux/code/8055
Author: abelbeck
Date: 2016-12-24 16:29:28 +0000 (Sat, 24 Dec 2016)
Log Message:
-----------
lighttpd, version bump to 1.4.44
Modified Paths:
--------------
branches/1.0/package/lighttpd/lighttpd.mk
Removed Paths:
-------------
branches/1.0/package/lighttpd/lighttpd-enforce-wait-for-POLLWR.patch
branches/1.0/package/lighttpd/lighttpd-fix-crash-fd-events.patch
branches/1.0/package/lighttpd/lighttpd-ssl_shutdown-only-if-handshake-finished.patch
Deleted: branches/1.0/package/lighttpd/lighttpd-enforce-wait-for-POLLWR.patch
===================================================================
--- branches/1.0/package/lighttpd/lighttpd-enforce-wait-for-POLLWR.patch 2016-12-24 14:49:13 UTC (rev 8054)
+++ branches/1.0/package/lighttpd/lighttpd-enforce-wait-for-POLLWR.patch 2016-12-24 16:29:28 UTC (rev 8055)
@@ -1,61 +0,0 @@
-From 666b9fd72675bcce468ef353a1f0b32f6e89dfd4 Mon Sep 17 00:00:00 2001
-From: Glenn Strauss <gst...@gl...>
-Date: Sat, 6 Aug 2016 22:04:53 -0400
-Subject: [core] enforce wait for POLLWR after EINPROGRESS (fixes #2744)
-
-mod_fastcgi, mod_scgi, and mod_proxy must enforce wait for POLLWR
-after EINPROGRESS or else getsockopt(fd, SOL_SOCKET, SO_ERROR, ...)
-may succeed even though socket connection is not yet established,
-and subsequent writev() will fail ENOTCONN.
-
-(thx pkubaj)
-
-x-ref:
- "1.4.40/41 writev failed: Socket is not connected (fastcgi,scgi,proxy)"
- https://redmine.lighttpd.net/issues/2744
-
-diff --git a/src/mod_fastcgi.c b/src/mod_fastcgi.c
-index 4b0f8ba..bc0dabe 100644
---- a/src/mod_fastcgi.c
-+++ b/src/mod_fastcgi.c
-@@ -3257,7 +3257,8 @@ SUBREQUEST_FUNC(mod_fastcgi_handle_subrequest) {
- }
- }
-
-- return (0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb))
-+ return ((0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb))
-+ && hctx->state != FCGI_STATE_CONNECT_DELAYED)
- ? fcgi_send_request(srv, hctx)
- : HANDLER_WAIT_FOR_EVENT;
- }
-diff --git a/src/mod_proxy.c b/src/mod_proxy.c
-index 7250c91..bebf0f3 100644
---- a/src/mod_proxy.c
-+++ b/src/mod_proxy.c
-@@ -992,7 +992,8 @@ SUBREQUEST_FUNC(mod_proxy_handle_subrequest) {
- }
- }
-
-- return (0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb))
-+ return ((0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb))
-+ && hctx->state != PROXY_STATE_CONNECT)
- ? proxy_send_request(srv, hctx)
- : HANDLER_WAIT_FOR_EVENT;
- }
-diff --git a/src/mod_scgi.c b/src/mod_scgi.c
-index fffbc7a..ac93d33 100644
---- a/src/mod_scgi.c
-+++ b/src/mod_scgi.c
-@@ -2585,7 +2585,8 @@ SUBREQUEST_FUNC(mod_scgi_handle_subrequest) {
- }
- }
-
-- return (0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb))
-+ return ((0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb))
-+ && hctx->state != FCGI_STATE_CONNECT)
- ? scgi_send_request(srv, hctx)
- : HANDLER_WAIT_FOR_EVENT;
- }
---
-cgit v0.10.2
-
Deleted: branches/1.0/package/lighttpd/lighttpd-fix-crash-fd-events.patch
===================================================================
--- branches/1.0/package/lighttpd/lighttpd-fix-crash-fd-events.patch 2016-12-24 14:49:13 UTC (rev 8054)
+++ branches/1.0/package/lighttpd/lighttpd-fix-crash-fd-events.patch 2016-12-24 16:29:28 UTC (rev 8055)
@@ -1,240 +0,0 @@
-From 40f16d52dbd2cab3987e7269cc0a949c6f0a9ea3 Mon Sep 17 00:00:00 2001
-From: Glenn Strauss <gst...@gl...>
-Date: Wed, 24 Aug 2016 15:30:11 -0400
-Subject: [core] fix crash if ready events on abandoned fd (fixes #2748)
-
-x-ref:
- "1.4.40/1.4.41 uploads to CGI may cause crash (SIGABRT)"
- https://redmine.lighttpd.net/issues/2748
-
-diff --git a/src/fdevent.c b/src/fdevent.c
-index 25bb42a..aa84a9a 100644
---- a/src/fdevent.c
-+++ b/src/fdevent.c
-@@ -23,6 +23,7 @@ fdevents *fdevent_init(server *srv, size_t maxfds, fdevent_handler_t type) {
- ev->fdarray = calloc(maxfds, sizeof(*ev->fdarray));
- force_assert(NULL != ev->fdarray);
- ev->maxfds = maxfds;
-+ ev->highfd = -1;
-
- switch(type) {
- case FDEVENT_HANDLER_POLL:
-@@ -94,7 +95,7 @@ void fdevent_free(fdevents *ev) {
- if (ev->free) ev->free(ev);
-
- for (i = 0; i < ev->maxfds; i++) {
-- if (ev->fdarray[i]) free(ev->fdarray[i]);
-+ if (ev->fdarray[i] > (fdnode *)0x2) free(ev->fdarray[i]);
- }
-
- free(ev->fdarray);
-@@ -148,9 +149,42 @@ int fdevent_unregister(fdevents *ev, int fd) {
- return 0;
- }
-
-+void fdevent_sched_close(fdevents *ev, int fd, int issock) {
-+ if (!ev) return;
-+ ev->fdarray[fd] = (issock ? (fdnode *)0x1 : (fdnode *)0x2);
-+ if (ev->highfd < fd) ev->highfd = fd;
-+}
-+
-+void fdevent_sched_run(server *srv, fdevents *ev) {
-+ const int highfd = ev->highfd;
-+ for (int fd = 0; fd <= highfd; ++fd) {
-+ fdnode * const fdn = ev->fdarray[fd];
-+ int rc;
-+ if (!((uintptr_t)fdn & 0x3)) continue;
-+ #ifdef _WIN32
-+ if (fdn == (fdnode *)0x1) {
-+ rc = closesocket(fd);
-+ }
-+ else if (fdn == (fdnode)0x2) {
-+ rc = close(fd);
-+ }
-+ #else
-+ rc = close(fd);
-+ #endif
-+
-+ if (0 != rc) {
-+ log_error_write(srv, __FILE__, __LINE__, "sds", "close failed ", fd, strerror(errno));
-+ }
-+
-+ ev->fdarray[fd] = NULL;
-+ --srv->cur_fds;
-+ }
-+ ev->highfd = -1;
-+}
-+
- void fdevent_event_del(fdevents *ev, int *fde_ndx, int fd) {
- if (-1 == fd) return;
-- if (NULL == ev->fdarray[fd]) return;
-+ if (ev->fdarray[fd] <= (fdnode *)0x2) return;
-
- if (ev->event_del) *fde_ndx = ev->event_del(ev, *fde_ndx, fd);
- ev->fdarray[fd]->events = 0;
-@@ -212,6 +246,7 @@ int fdevent_event_get_fd(fdevents *ev, size_t ndx) {
-
- fdevent_handler fdevent_get_handler(fdevents *ev, int fd) {
- if (ev->fdarray[fd] == NULL) SEGFAULT();
-+ if ((uintptr_t)ev->fdarray[fd] & 0x3) return NULL;
- if (ev->fdarray[fd]->fd != fd) SEGFAULT();
-
- return ev->fdarray[fd]->handler;
-@@ -219,6 +254,7 @@ fdevent_handler fdevent_get_handler(fdevents *ev, int fd) {
-
- void * fdevent_get_context(fdevents *ev, int fd) {
- if (ev->fdarray[fd] == NULL) SEGFAULT();
-+ if ((uintptr_t)ev->fdarray[fd] & 0x3) return NULL;
- if (ev->fdarray[fd]->fd != fd) SEGFAULT();
-
- return ev->fdarray[fd]->ctx;
-diff --git a/src/fdevent.h b/src/fdevent.h
-index 4dc1d3c..721c6d5 100644
---- a/src/fdevent.h
-+++ b/src/fdevent.h
-@@ -125,6 +125,7 @@ typedef struct fdevents {
-
- fdnode **fdarray;
- size_t maxfds;
-+ int highfd;
-
- #ifdef USE_LINUX_EPOLL
- int epoll_fd;
-@@ -202,6 +203,8 @@ int fdevent_poll(fdevents *ev, int timeout_ms);
-
- int fdevent_register(fdevents *ev, int fd, fdevent_handler handler, void *ctx);
- int fdevent_unregister(fdevents *ev, int fd);
-+void fdevent_sched_close(fdevents *ev, int fd, int issock);
-+void fdevent_sched_run(struct server *srv, fdevents *ev);
-
- void fd_close_on_exec(int fd);
- int fdevent_fcntl_set(fdevents *ev, int fd);
-diff --git a/src/mod_cgi.c b/src/mod_cgi.c
-index 52e7f5d..e47b7ca 100644
---- a/src/mod_cgi.c
-+++ b/src/mod_cgi.c
-@@ -606,10 +606,7 @@ static void cgi_connection_close_fdtocgi(server *srv, handler_ctx *hctx) {
- /*(closes only hctx->fdtocgi)*/
- fdevent_event_del(srv->ev, &(hctx->fde_ndx_tocgi), hctx->fdtocgi);
- fdevent_unregister(srv->ev, hctx->fdtocgi);
--
-- if (close(hctx->fdtocgi)) {
-- log_error_write(srv, __FILE__, __LINE__, "sds", "cgi stdin close failed ", hctx->fdtocgi, strerror(errno));
-- }
-+ fdevent_sched_close(srv->ev, hctx->fdtocgi, 0);
- hctx->fdtocgi = -1;
- }
-
-@@ -631,10 +628,7 @@ static void cgi_connection_close(server *srv, handler_ctx *hctx) {
- /* close connection to the cgi-script */
- fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
- fdevent_unregister(srv->ev, hctx->fd);
--
-- if (close(hctx->fd)) {
-- log_error_write(srv, __FILE__, __LINE__, "sds", "cgi close failed ", hctx->fd, strerror(errno));
-- }
-+ fdevent_sched_close(srv->ev, hctx->fd, 0);
- }
-
- if (hctx->fdtocgi != -1) {
-@@ -1372,6 +1366,8 @@ static int cgi_create_env(server *srv, connection *con, plugin_data *p, handler_
- hctx->fd = from_cgi_fds[0];
- hctx->fde_ndx = -1;
-
-+ ++srv->cur_fds;
-+
- if (0 == con->request.content_length) {
- close(to_cgi_fds[1]);
- } else {
-@@ -1388,6 +1384,8 @@ static int cgi_create_env(server *srv, connection *con, plugin_data *p, handler_
- cgi_connection_close(srv, hctx);
- return -1;
- }
-+
-+ ++srv->cur_fds;
- }
-
- fdevent_register(srv->ev, hctx->fd, cgi_handle_fdevent, hctx);
-diff --git a/src/mod_fastcgi.c b/src/mod_fastcgi.c
-index bc0dabe..f124ad2 100644
---- a/src/mod_fastcgi.c
-+++ b/src/mod_fastcgi.c
-@@ -1577,8 +1577,7 @@ static void fcgi_connection_close(server *srv, handler_ctx *hctx) {
- if (hctx->fd != -1) {
- fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
- fdevent_unregister(srv->ev, hctx->fd);
-- close(hctx->fd);
-- srv->cur_fds--;
-+ fdevent_sched_close(srv->ev, hctx->fd, 1);
- }
-
- if (hctx->host && hctx->proc) {
-@@ -1631,8 +1630,7 @@ static int fcgi_reconnect(server *srv, handler_ctx *hctx) {
- if (hctx->fd != -1) {
- fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
- fdevent_unregister(srv->ev, hctx->fd);
-- close(hctx->fd);
-- srv->cur_fds--;
-+ fdevent_sched_close(srv->ev, hctx->fd, 1);
- hctx->fd = -1;
- }
-
-diff --git a/src/mod_proxy.c b/src/mod_proxy.c
-index 0e4bfcf..c4e2bcc 100644
---- a/src/mod_proxy.c
-+++ b/src/mod_proxy.c
-@@ -341,9 +341,7 @@ static void proxy_connection_close(server *srv, handler_ctx *hctx) {
- if (hctx->fd != -1) {
- fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
- fdevent_unregister(srv->ev, hctx->fd);
--
-- close(hctx->fd);
-- srv->cur_fds--;
-+ fdevent_sched_close(srv->ev, hctx->fd, 1);
- }
-
- if (hctx->host) {
-diff --git a/src/mod_scgi.c b/src/mod_scgi.c
-index 94a5d65..5c62fc6 100644
---- a/src/mod_scgi.c
-+++ b/src/mod_scgi.c
-@@ -1315,8 +1315,7 @@ static void scgi_connection_close(server *srv, handler_ctx *hctx) {
- if (hctx->fd != -1) {
- fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
- fdevent_unregister(srv->ev, hctx->fd);
-- close(hctx->fd);
-- srv->cur_fds--;
-+ fdevent_sched_close(srv->ev, hctx->fd, 1);
- }
-
- if (hctx->host && hctx->proc) {
-@@ -1371,8 +1370,7 @@ static int scgi_reconnect(server *srv, handler_ctx *hctx) {
-
- fdevent_event_del(srv->ev, &(hctx->fde_ndx), hctx->fd);
- fdevent_unregister(srv->ev, hctx->fd);
-- close(hctx->fd);
-- srv->cur_fds--;
-+ fdevent_sched_close(srv->ev, hctx->fd, 1);
-
- scgi_set_state(srv, hctx, FCGI_STATE_INIT);
-
-diff --git a/src/server.c b/src/server.c
-index 382d5a6..4c3fadc 100644
---- a/src/server.c
-+++ b/src/server.c
-@@ -1792,8 +1792,11 @@ int main (int argc, char **argv) {
- fd = fdevent_event_get_fd (srv->ev, fd_ndx);
- handler = fdevent_get_handler(srv->ev, fd);
- context = fdevent_get_context(srv->ev, fd);
-- (*handler)(srv, context, revents);
-+ if (NULL != handler) {
-+ (*handler)(srv, context, revents);
-+ }
- } while (--n > 0);
-+ fdevent_sched_run(srv, srv->ev);
- } else if (n < 0 && errno != EINTR) {
- log_error_write(srv, __FILE__, __LINE__, "ss",
- "fdevent_poll failed:",
---
-cgit v0.10.2
-
Deleted: branches/1.0/package/lighttpd/lighttpd-ssl_shutdown-only-if-handshake-finished.patch
===================================================================
--- branches/1.0/package/lighttpd/lighttpd-ssl_shutdown-only-if-handshake-finished.patch 2016-12-24 14:49:13 UTC (rev 8054)
+++ branches/1.0/package/lighttpd/lighttpd-ssl_shutdown-only-if-handshake-finished.patch 2016-12-24 16:29:28 UTC (rev 8055)
@@ -1,22 +0,0 @@
-commit 156bea38597ced5de7521ada2e85fb67aead21db
-Author: Glenn Strauss <gst...@gl...>
-Date: Tue Aug 2 22:32:28 2016 -0400
-
- [TLS] SSL_shutdown() only if handshake finished
-
- avoid noise in logs due to calling SSL_shutdown() on a connection
- that has not yet completed TLS handshake
-
-diff --git a/src/connections.c b/src/connections.c
-index ccdf360..4cd2139 100644
---- a/src/connections.c
-+++ b/src/connections.c
-@@ -183,7 +183,7 @@ static void connection_handle_shutdown(server *srv, connection *con) {
-
- #ifdef USE_OPENSSL
- server_socket *srv_sock = con->srv_socket;
-- if (srv_sock->is_ssl) {
-+ if (srv_sock->is_ssl && SSL_is_init_finished(con->ssl)) {
- int ret, ssl_r;
- unsigned long err;
- ERR_clear_error();
Modified: branches/1.0/package/lighttpd/lighttpd.mk
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.mk 2016-12-24 14:49:13 UTC (rev 8054)
+++ branches/1.0/package/lighttpd/lighttpd.mk 2016-12-24 16:29:28 UTC (rev 8055)
@@ -4,7 +4,7 @@
#
#############################################################
-LIGHTTPD_VERSION = 1.4.41
+LIGHTTPD_VERSION = 1.4.44
LIGHTTPD_SITE = http://download.lighttpd.net/lighttpd/releases-1.4.x
LIGHTTPD_DEPENDENCIES = host-pkg-config
LIGHTTPD_CONF_OPT = \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2017-04-24 16:34:34
|
Revision: 8274
http://sourceforge.net/p/astlinux/code/8274
Author: abelbeck
Date: 2017-04-24 16:34:31 +0000 (Mon, 24 Apr 2017)
Log Message:
-----------
lighttpd, fix an issue introduced with lighttpd 1.4.40 where PHP backend streams are buffered using /var/tmp/ . This commit adds the runtime configuration option 'server.stream-response-body = 2' which does not use buffer tempfiles. Previously any PHP generated downloads would fail if larger than the avalable space on /var which is about 9 MB by default.
Ref: https://redmine.lighttpd.net/projects/lighttpd/repository/revisions/18a7b2be37041987c5bde264d03a7ee7440ae788
Ref: https://redmine.lighttpd.net/projects/lighttpd/repository/revisions/e4bb56222fa7c1e315ea7d05cb4ea2f0de781534
Modified Paths:
--------------
branches/1.0/package/lighttpd/lighttpd.conf
Added Paths:
-----------
branches/1.0/package/lighttpd/lighttpd-0001-upstream-fix-stream-response-body.patch
Added: branches/1.0/package/lighttpd/lighttpd-0001-upstream-fix-stream-response-body.patch
===================================================================
--- branches/1.0/package/lighttpd/lighttpd-0001-upstream-fix-stream-response-body.patch (rev 0)
+++ branches/1.0/package/lighttpd/lighttpd-0001-upstream-fix-stream-response-body.patch 2017-04-24 16:34:31 UTC (rev 8274)
@@ -0,0 +1,143 @@
+commit e4bb56222fa7c1e315ea7d05cb4ea2f0de781534
+Author: Glenn Strauss <gst...@gl...>
+Date: Fri Mar 10 02:46:56 2017 -0500
+
+ [mod_cgi,fastcgi,scgi,proxy] fix streaming response (fixes #2796)
+
+ fix streaming response when server.stream-response-body = 2
+ and client catches up to stream from backend
+
+ (thx horgh)
+
+ x-ref:
+ "mod_fastcgi can fail to read entire response from server"
+ https://redmine.lighttpd.net/issues/2796
+
+diff --git a/src/mod_cgi.c b/src/mod_cgi.c
+index 2a50fd3..47196c9 100644
+--- a/src/mod_cgi.c
++++ b/src/mod_cgi.c
+@@ -409,7 +409,6 @@ static int cgi_demux_response(server *srv, handler_ctx *hctx) {
+ if (-1 == (n = read(hctx->fd, hctx->response->ptr, hctx->response->size - 1))) {
+ if (errno == EAGAIN || errno == EINTR) {
+ /* would block, wait for signal */
+- fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
+ return FDEVENT_HANDLED_NOT_FINISHED;
+ }
+ /* error */
+@@ -1442,9 +1441,10 @@ SUBREQUEST_FUNC(mod_cgi_handle_subrequest) {
+ if (chunkqueue_length(con->write_queue) > 65536 - 4096) {
+ fdevent_event_clr(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
+ } else if (!(fdevent_event_get_interest(srv->ev, hctx->fd) & FDEVENT_IN)) {
+- /* optimistic read from backend, which might re-enable FDEVENT_IN */
++ /* optimistic read from backend */
+ handler_t rc = cgi_recv_response(srv, hctx); /*(might invalidate hctx)*/
+ if (rc != HANDLER_GO_ON) return rc; /*(unless HANDLER_GO_ON)*/
++ fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
+ }
+ }
+
+diff --git a/src/mod_fastcgi.c b/src/mod_fastcgi.c
+index cd84338..b52d493 100644
+--- a/src/mod_fastcgi.c
++++ b/src/mod_fastcgi.c
+@@ -2378,7 +2378,6 @@ static int fcgi_demux_response(server *srv, handler_ctx *hctx) {
+ #if !defined(_WIN32) && !defined(__CYGWIN__)
+ if (ioctl(hctx->fd, FIONREAD, &toread)) {
+ if (errno == EAGAIN) {
+- fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
+ return 0;
+ }
+ log_error_write(srv, __FILE__, __LINE__, "sd",
+@@ -2411,7 +2410,6 @@ static int fcgi_demux_response(server *srv, handler_ctx *hctx) {
+
+ if (-1 == r) {
+ if (errno == EAGAIN) {
+- fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
+ return 0;
+ }
+ log_error_write(srv, __FILE__, __LINE__, "sds",
+@@ -2421,6 +2419,7 @@ static int fcgi_demux_response(server *srv, handler_ctx *hctx) {
+ }
+ }
+ if (0 == r) {
++ if (!(fdevent_event_get_interest(srv->ev, hctx->fd) & FDEVENT_IN)) return 0;
+ log_error_write(srv, __FILE__, __LINE__, "ssdsb",
+ "unexpected end-of-file (perhaps the fastcgi process died):",
+ "pid:", proc->pid,
+@@ -3004,9 +3003,10 @@ SUBREQUEST_FUNC(mod_fastcgi_handle_subrequest) {
+ if (chunkqueue_length(con->write_queue) > 65536 - 4096) {
+ fdevent_event_clr(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
+ } else if (!(fdevent_event_get_interest(srv->ev, hctx->fd) & FDEVENT_IN)) {
+- /* optimistic read from backend, which might re-enable FDEVENT_IN */
++ /* optimistic read from backend */
+ handler_t rc = fcgi_recv_response(srv, hctx); /*(might invalidate hctx)*/
+ if (rc != HANDLER_GO_ON) return rc; /*(unless HANDLER_GO_ON)*/
++ fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
+ }
+ }
+
+diff --git a/src/mod_proxy.c b/src/mod_proxy.c
+index 85279df..241d24e 100644
+--- a/src/mod_proxy.c
++++ b/src/mod_proxy.c
+@@ -843,7 +843,6 @@ static int proxy_demux_response(server *srv, handler_ctx *hctx) {
+ #if !defined(_WIN32) && !defined(__CYGWIN__)
+ if (ioctl(hctx->fd, FIONREAD, &b)) {
+ if (errno == EAGAIN) {
+- fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
+ return 0;
+ }
+ log_error_write(srv, __FILE__, __LINE__, "sd",
+@@ -882,7 +881,6 @@ static int proxy_demux_response(server *srv, handler_ctx *hctx) {
+
+ if (-1 == (r = read(hctx->fd, hctx->response->ptr + buffer_string_length(hctx->response), buffer_string_space(hctx->response)))) {
+ if (errno == EAGAIN) {
+- fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
+ return 0;
+ }
+ log_error_write(srv, __FILE__, __LINE__, "sds",
+@@ -955,6 +953,7 @@ static int proxy_demux_response(server *srv, handler_ctx *hctx) {
+ buffer_reset(hctx->response);
+ }
+ } else {
++ if (!(fdevent_event_get_interest(srv->ev, hctx->fd) & FDEVENT_IN)) return 0;
+ /* reading from upstream done */
+ fin = 1;
+ }
+@@ -1183,9 +1182,10 @@ SUBREQUEST_FUNC(mod_proxy_handle_subrequest) {
+ if (chunkqueue_length(con->write_queue) > 65536 - 4096) {
+ fdevent_event_clr(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
+ } else if (!(fdevent_event_get_interest(srv->ev, hctx->fd) & FDEVENT_IN)) {
+- /* optimistic read from backend, which might re-enable FDEVENT_IN */
++ /* optimistic read from backend */
+ handler_t rc = proxy_recv_response(srv, hctx); /*(might invalidate hctx)*/
+ if (rc != HANDLER_GO_ON) return rc; /*(unless HANDLER_GO_ON)*/
++ fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
+ }
+ }
+
+diff --git a/src/mod_scgi.c b/src/mod_scgi.c
+index ef6ab98..5da4f55 100644
+--- a/src/mod_scgi.c
++++ b/src/mod_scgi.c
+@@ -1781,7 +1781,6 @@ static int scgi_demux_response(server *srv, handler_ctx *hctx) {
+ if (-1 == (n = read(hctx->fd, hctx->response->ptr, hctx->response->size - 1))) {
+ if (errno == EAGAIN || errno == EINTR) {
+ /* would block, wait for signal */
+- fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
+ return 0;
+ }
+ /* error */
+@@ -2443,9 +2442,10 @@ SUBREQUEST_FUNC(mod_scgi_handle_subrequest) {
+ if (chunkqueue_length(con->write_queue) > 65536 - 4096) {
+ fdevent_event_clr(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
+ } else if (!(fdevent_event_get_interest(srv->ev, hctx->fd) & FDEVENT_IN)) {
+- /* optimistic read from backend, which might re-enable FDEVENT_IN */
++ /* optimistic read from backend */
+ handler_t rc = scgi_recv_response(srv, hctx); /*(might invalidate hctx)*/
+ if (rc != HANDLER_GO_ON) return rc; /*(unless HANDLER_GO_ON)*/
++ fdevent_event_add(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_IN);
+ }
+ }
+
Modified: branches/1.0/package/lighttpd/lighttpd.conf
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.conf 2017-04-23 12:58:53 UTC (rev 8273)
+++ branches/1.0/package/lighttpd/lighttpd.conf 2017-04-24 16:34:31 UTC (rev 8274)
@@ -12,6 +12,7 @@
server.document-root = "@HTTPDIR@"
server.errorlog-use-syslog = "enable"
+server.stream-response-body = 2
index-file.names = ( "index.php", "index.html",
"index.htm", "default.htm" )
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X