diff options
author | René 'Necoro' Neumann <necoro@necoro.net> | 2010-04-08 01:57:50 +0200 |
---|---|---|
committer | René 'Necoro' Neumann <necoro@necoro.net> | 2010-04-08 01:57:50 +0200 |
commit | bdf72592befa013db05df7a90ad65383b2c81438 (patch) | |
tree | 439b70e91c8cab31f84c1ddc9324967c69072af0 | |
parent | a4ed5dd8e6a38a68b22c3c95ba9072fe6fd034af (diff) | |
download | overlay-bdf72592befa013db05df7a90ad65383b2c81438.tar.gz overlay-bdf72592befa013db05df7a90ad65383b2c81438.tar.bz2 overlay-bdf72592befa013db05df7a90ad65383b2c81438.zip |
Bumped lighttpd
Diffstat (limited to '')
-rw-r--r-- | www-servers/lighttpd/Manifest | 7 | ||||
-rw-r--r-- | www-servers/lighttpd/files/1.4.25-fix-CVE-2010-0295.patch | 211 | ||||
-rw-r--r-- | www-servers/lighttpd/files/1.4.25-fix-openssl.patch | 12 | ||||
-rw-r--r-- | www-servers/lighttpd/files/1.4.25-fix-unknown-AM_SILENT_RULES.patch | 18 | ||||
-rw-r--r-- | www-servers/lighttpd/lighttpd-1.4.26-r1.ebuild (renamed from www-servers/lighttpd/lighttpd-1.4.25-r1.ebuild) | 10 |
5 files changed, 6 insertions, 252 deletions
diff --git a/www-servers/lighttpd/Manifest b/www-servers/lighttpd/Manifest index bf756fe..0ed1539 100644 --- a/www-servers/lighttpd/Manifest +++ b/www-servers/lighttpd/Manifest @@ -1,7 +1,4 @@ -AUX 1.4.25-fix-CVE-2010-0295.patch 6237 RMD160 cd9ce4410ed805d28899b0207bbc670e04491315 SHA1 2ba33d94f5628d97cb606ad97ef9630eef5191c4 SHA256 d4d269d993396cfd9146de621e0a3d5e9203ac7f6b2b6f351f9013dbbe956a4e AUX 1.4.25-fix-multiple-ssl.patch 418 RMD160 9b0b7410fa4ccb8ad874483f8bec8b69d72f80af SHA1 6e46b14b97a68b59260731b1577e531fb412f518 SHA256 0b91569695c7d6b89ce13a8deb069ee83fdcba414853401e480c1ec04760b74b -AUX 1.4.25-fix-openssl.patch 580 RMD160 98a74fc65f27766bdd378d0c57e7f00a57db9b31 SHA1 fb8fc92f8af7225a5f33839d5fe7b298aac3b532 SHA256 1f904fc7d9833099a4e4548b5a8bcef7cf4a8a08fbbb888b7fbebb27d65dd34f -AUX 1.4.25-fix-unknown-AM_SILENT_RULES.patch 744 RMD160 5da8bdca1728f2de730e90de4fb7e93a274406e8 SHA1 8ae6849a88aaaca76c1b8c13a62cc266dbebc2a7 SHA256 a1cf7c77b7ee1cbe9bf3efbb7704b8582c480ae69fd70934597d24ff3fddf663 AUX 1.4.26-fix-ssl-return-check-r2716.patch 562 RMD160 81b5fc8f13e3fbca8a48fd1f954ae7e165b261b1 SHA1 60c3665d0a4f46df1da80338970c7ce6efab64fe SHA256 28391235c48d4dc686d060bbafd711e028a07b68065f40346dc40ca242f4285c AUX conf/lighttpd.conf 8243 RMD160 0b99dbb49be34521ddda14abd9b06cef141bbfc9 SHA1 8fd27dd9b5aea94ca0d1611c8fb1d9e3cb720d0b SHA256 3c016c663d14bf1cb8bf1c7d87dc0ecc1fb4f189ebd4fb05e90ed23f20439ed5 AUX conf/mime-types.conf 3436 RMD160 e4b6024ac6cd48253d4be0abb171ad54e7fbc121 SHA1 2d060ec0d464d73896fdaaedbeb259c2fecac99d SHA256 75a6fce072250ebccde2320996fdace0ebfeb525b03322f0b454f8f4e0e29a85 @@ -14,5 +11,5 @@ AUX lighttpd.initd-1.4.13-r3 1454 RMD160 287b7b5626559f61b17e113ca00ef0cee6c6396 AUX lighttpd.logrotate 487 RMD160 2edb8b4abf75031af0a3b4182efb5b589dfa0d3c SHA1 24e1b048d7be5520ca5ef8ce31b55df13cc8d72b SHA256 503ee1cd454e2c0f9a212ef60dc8321893eda06ccf721ecbe94d189a09e0bc6c AUX spawn-fcgi.confd 1076 RMD160 9468249fdedc39fa762a569622bae93f8b3481f9 SHA1 81bad945fc016275873e01e5f69838f73b275a3a SHA256 bfa452a849165f921a2febf0b06879db18c4c921f156b1452d06bb821063f768 AUX spawn-fcgi.initd 1398 RMD160 3fd0fa41d100629e85960034237abc0866ec3d38 SHA1 9c07c9fd59ec73d5f37df109b188b8a7d691f949 SHA256 ae10c764e2bde9bfc483c57ca94a63d87c24cba00b4c06917885c533d2d245b1 -DIST lighttpd-1.4.25.tar.bz2 628267 RMD160 f0f7dd0ff3c92a6185be2e6017fd5ea74734c769 SHA1 bc4592930292ae8d0990a94a584f49fe8f52445b SHA256 7e803089f18b179097cb33b64b37d8a3b537ce9c196c88e3fb09881b471c88ce -EBUILD lighttpd-1.4.25-r1.ebuild 5975 RMD160 5b3ae660098d22a1706e3b7701669bd8c756233f SHA1 38647420bf095067cd11a0ea3903b2916c3429f7 SHA256 ee1547f3cf8ddbba9f0c2b957893963a3d18c77bfe381ff0477a23a88e2fa0db +DIST lighttpd-1.4.26.tar.bz2 627971 RMD160 2d294083fbcd4040dc8efec06090cf1c1bf66bbf SHA1 f9710da0152792d83c223a1248345a2d145d6f32 SHA256 d7c25a5bb08c8dbc3e8d86f9e564c90ebf0c365d7fcf5ee801e912fb3c2357fd +EBUILD lighttpd-1.4.26-r1.ebuild 5889 RMD160 5ae17b89f3bfb659ce950f22320a59b7a5dfe960 SHA1 e83d7525c2d599627a8dac0247eb8072c1a73ae3 SHA256 a8164e4e56d9afae4775bcc95dd17d62e26fd10824eb1304c49efdb2a524bcc1 diff --git a/www-servers/lighttpd/files/1.4.25-fix-CVE-2010-0295.patch b/www-servers/lighttpd/files/1.4.25-fix-CVE-2010-0295.patch deleted file mode 100644 index fcac318..0000000 --- a/www-servers/lighttpd/files/1.4.25-fix-CVE-2010-0295.patch +++ /dev/null @@ -1,211 +0,0 @@ -Index: branches/lighttpd-1.4.x/src/base.h -=================================================================== ---- branches/lighttpd-1.4.x/src/base.h (revision 2709) -+++ branches/lighttpd-1.4.x/src/base.h (revision 2710) -@@ -431,7 +431,6 @@ - - #ifdef USE_OPENSSL - SSL *ssl; -- buffer *ssl_error_want_reuse_buffer; - # ifndef OPENSSL_NO_TLSEXT - buffer *tlsext_server_name; - # endif -Index: branches/lighttpd-1.4.x/src/connections.c -=================================================================== ---- branches/lighttpd-1.4.x/src/connections.c (revision 2709) -+++ branches/lighttpd-1.4.x/src/connections.c (revision 2710) -@@ -192,40 +192,42 @@ - - static int connection_handle_read_ssl(server *srv, connection *con) { - #ifdef USE_OPENSSL -- int r, ssl_err, len, count = 0; -+ int r, ssl_err, len, count = 0, read_offset, toread; - buffer *b = NULL; - - if (!con->conf.is_ssl) return -1; - -- /* don't resize the buffer if we were in SSL_ERROR_WANT_* */ -- - ERR_clear_error(); - do { -- if (!con->ssl_error_want_reuse_buffer) { -- b = buffer_init(); -- buffer_prepare_copy(b, SSL_pending(con->ssl) + (16 * 1024)); /* the pending bytes + 16kb */ -+ if (NULL != con->read_queue->last) { -+ b = con->read_queue->last->mem; -+ } - -+ if (NULL == b || b->size - b->used < 1024) { -+ b = chunkqueue_get_append_buffer(con->read_queue); -+ len = SSL_pending(con->ssl); -+ if (len < 4*1024) len = 4*1024; /* always alloc >= 4k buffer */ -+ buffer_prepare_copy(b, len + 1); -+ - /* overwrite everything with 0 */ - memset(b->ptr, 0, b->size); -- } else { -- b = con->ssl_error_want_reuse_buffer; - } - -- len = SSL_read(con->ssl, b->ptr, b->size - 1); -- con->ssl_error_want_reuse_buffer = NULL; /* reuse it only once */ -+ read_offset = (b->used > 0) ? b->used - 1 : 0; -+ toread = b->size - 1 - read_offset; - -+ len = SSL_read(con->ssl, b->ptr + read_offset, toread); -+ - if (len > 0) { -- b->used = len; -+ if (b->used > 0) b->used--; -+ b->used += len; - b->ptr[b->used++] = '\0'; - -- /* we move the buffer to the chunk-queue, no need to free it */ -+ con->bytes_read += len; - -- chunkqueue_append_buffer_weak(con->read_queue, b); - count += len; -- con->bytes_read += len; -- b = NULL; - } -- } while (len > 0 && count < MAX_READ_LIMIT); -+ } while (len == toread && count < MAX_READ_LIMIT); - - - if (len < 0) { -@@ -234,11 +236,11 @@ - case SSL_ERROR_WANT_READ: - case SSL_ERROR_WANT_WRITE: - con->is_readable = 0; -- con->ssl_error_want_reuse_buffer = b; - -- b = NULL; -+ /* the manual says we have to call SSL_read with the same arguments next time. -+ * we ignore this restriction; no one has complained about it in 1.5 yet, so it probably works anyway. -+ */ - -- /* we have to steal the buffer from the queue-queue */ - return 0; - case SSL_ERROR_SYSCALL: - /** -@@ -297,16 +299,11 @@ - - connection_set_state(srv, con, CON_STATE_ERROR); - -- buffer_free(b); -- - return -1; - } else if (len == 0) { - con->is_readable = 0; - /* the other end close the connection -> KEEP-ALIVE */ - -- /* pipelining */ -- buffer_free(b); -- - return -2; - } - -@@ -321,26 +318,41 @@ - static int connection_handle_read(server *srv, connection *con) { - int len; - buffer *b; -- int toread; -+ int toread, read_offset; - - if (con->conf.is_ssl) { - return connection_handle_read_ssl(srv, con); - } - -+ b = (NULL != con->read_queue->last) ? con->read_queue->last->mem : NULL; -+ -+ /* default size for chunks is 4kb; only use bigger chunks if FIONREAD tells -+ * us more than 4kb is available -+ * if FIONREAD doesn't signal a big chunk we fill the previous buffer -+ * if it has >= 1kb free -+ */ - #if defined(__WIN32) -- b = chunkqueue_get_append_buffer(con->read_queue); -- buffer_prepare_copy(b, 4 * 1024); -- len = recv(con->fd, b->ptr, b->size - 1, 0); --#else -- if (ioctl(con->fd, FIONREAD, &toread) || toread == 0) { -+ if (NULL == b || b->size - b->used < 1024) { - b = chunkqueue_get_append_buffer(con->read_queue); - buffer_prepare_copy(b, 4 * 1024); -+ } -+ -+ read_offset = (b->used == 0) ? 0 : b->used - 1; -+ len = recv(con->fd, b->ptr + read_offset, b->size - 1 - read_offset, 0); -+#else -+ if (ioctl(con->fd, FIONREAD, &toread) || toread == 0 || toread <= 4*1024) { -+ if (NULL == b || b->size - b->used < 1024) { -+ b = chunkqueue_get_append_buffer(con->read_queue); -+ buffer_prepare_copy(b, 4 * 1024); -+ } - } else { - if (toread > MAX_READ_LIMIT) toread = MAX_READ_LIMIT; - b = chunkqueue_get_append_buffer(con->read_queue); - buffer_prepare_copy(b, toread + 1); - } -- len = read(con->fd, b->ptr, b->size - 1); -+ -+ read_offset = (b->used == 0) ? 0 : b->used - 1; -+ len = read(con->fd, b->ptr + read_offset, b->size - 1 - read_offset); - #endif - - if (len < 0) { -@@ -374,7 +386,8 @@ - con->is_readable = 0; - } - -- b->used = len; -+ if (b->used > 0) b->used--; -+ b->used += len; - b->ptr[b->used++] = '\0'; - - con->bytes_read += len; -@@ -850,13 +863,6 @@ - /* The cond_cache gets reset in response.c */ - /* config_cond_cache_reset(srv, con); */ - --#ifdef USE_OPENSSL -- if (con->ssl_error_want_reuse_buffer) { -- buffer_free(con->ssl_error_want_reuse_buffer); -- con->ssl_error_want_reuse_buffer = NULL; -- } --#endif -- - con->header_len = 0; - con->in_error_handler = 0; - -@@ -1128,8 +1134,15 @@ - } else { - buffer *b; - -- b = chunkqueue_get_append_buffer(dst_cq); -- buffer_copy_string_len(b, c->mem->ptr + c->offset, toRead); -+ if (dst_cq->last && -+ dst_cq->last->type == MEM_CHUNK) { -+ b = dst_cq->last->mem; -+ } else { -+ b = chunkqueue_get_append_buffer(dst_cq); -+ /* prepare buffer size for remaining POST data; is < 64kb */ -+ buffer_prepare_copy(b, con->request.content_length - dst_cq->bytes_in + 1); -+ } -+ buffer_append_string_len(b, c->mem->ptr + c->offset, toRead); - } - - c->offset += toRead; -Index: branches/lighttpd-1.4.x/src/chunk.c -=================================================================== ---- branches/lighttpd-1.4.x/src/chunk.c (revision 2709) -+++ branches/lighttpd-1.4.x/src/chunk.c (revision 2710) -@@ -197,8 +197,6 @@ - int chunkqueue_append_buffer_weak(chunkqueue *cq, buffer *mem) { - chunk *c; - -- if (mem->used == 0) return 0; -- - c = chunkqueue_get_unused_chunk(cq); - c->type = MEM_CHUNK; - c->offset = 0; diff --git a/www-servers/lighttpd/files/1.4.25-fix-openssl.patch b/www-servers/lighttpd/files/1.4.25-fix-openssl.patch deleted file mode 100644 index 712f158..0000000 --- a/www-servers/lighttpd/files/1.4.25-fix-openssl.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -purN orig/src/network.c lighttpd-1.4.25/src/network.c ---- orig/src/network.c 2010-01-28 10:43:33.829209750 -0500 -+++ lighttpd-1.4.25/src/network.c 2010-01-28 10:44:22.639208732 -0500 -@@ -525,7 +525,7 @@ int network_init(server *srv) { - - if (!s->ssl_use_sslv2) { - /* disable SSLv2 */ -- if (SSL_OP_NO_SSLv2 != SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2)) { -+ if (!(SSL_OP_NO_SSLv2 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2))) { - log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:", - ERR_error_string(ERR_get_error(), NULL)); - return -1; diff --git a/www-servers/lighttpd/files/1.4.25-fix-unknown-AM_SILENT_RULES.patch b/www-servers/lighttpd/files/1.4.25-fix-unknown-AM_SILENT_RULES.patch deleted file mode 100644 index 2c72c6a..0000000 --- a/www-servers/lighttpd/files/1.4.25-fix-unknown-AM_SILENT_RULES.patch +++ /dev/null @@ -1,18 +0,0 @@ -Allow to build on older automakes. this disables color output on tests, -but leaves the AM_SILENT_RULES intact for automakes which support this. - -Signed-off-by: Thilo Bangert <bangert@gentoo.org> - -diff -Naur lighttpd-1.4.25.orig/configure.ac lighttpd-1.4.25/configure.ac ---- lighttpd-1.4.25.orig/configure.ac 2009-11-25 10:27:12.000000000 +0100 -+++ lighttpd-1.4.25/configure.ac 2009-11-25 10:43:20.000000000 +0100 -@@ -8,7 +8,8 @@ - - AC_CANONICAL_TARGET - --AM_INIT_AUTOMAKE([-Wall -Wportability -Wno-override -Werror foreign dist-bzip2 tar-ustar silent-rules color-tests]) -+m4_pattern_allow([AM_SILENT_RULES]) -+AM_INIT_AUTOMAKE([-Wall -Wportability -Wno-override -Werror foreign dist-bzip2 tar-ustar]) - AM_SILENT_RULES - - # Checks for programs. diff --git a/www-servers/lighttpd/lighttpd-1.4.25-r1.ebuild b/www-servers/lighttpd/lighttpd-1.4.26-r1.ebuild index e18bbeb..14df7db 100644 --- a/www-servers/lighttpd/lighttpd-1.4.25-r1.ebuild +++ b/www-servers/lighttpd/lighttpd-1.4.26-r1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2010 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/lighttpd-1.4.25-r1.ebuild,v 1.6 2010/02/04 00:06:02 jer Exp $ +# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/lighttpd-1.4.26-r1.ebuild,v 1.3 2010/04/07 17:58:01 phajdan.jr Exp $ EAPI="2" @@ -12,7 +12,7 @@ SRC_URI="http://download.lighttpd.net/lighttpd/releases-1.4.x/${P}.tar.bz2" LICENSE="BSD" SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 sh sparc x86 ~sparc-fbsd ~x86-fbsd" +KEYWORDS="~alpha ~amd64 ~arm hppa ~ia64 ~mips ~ppc ~ppc64 ~sh ~sparc x86 ~sparc-fbsd ~x86-fbsd" IUSE="bzip2 doc fam fastcgi gdbm ipv6 ldap lua minimal memcache mysql pcre php rrdtool ssl test webdav xattr" RDEPEND=" @@ -96,14 +96,12 @@ pkg_setup() { } src_prepare() { - epatch "${FILESDIR}"/1.4.25-fix-unknown-AM_SILENT_RULES.patch - epatch "${FILESDIR}"/1.4.25-fix-CVE-2010-0295.patch - epatch "${FILESDIR}"/1.4.25-fix-openssl.patch - epatch "${FILESDIR}"/1.4.25-fix-multiple-ssl.patch # dev-python/docutils installs rst2html.py not rst2html sed -i -e 's|\(rst2html\)|\1.py|g' doc/Makefile.am || \ die "sed doc/Makefile.am failed" + epatch "${FILESDIR}/1.4.26-fix-ssl-return-check-r2716.patch" + epatch "${FILESDIR}/1.4.25-fix-multiple-ssl.patch" eautoreconf } |