summaryrefslogtreecommitdiff
path: root/www-servers/lighttpd/files
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--www-servers/lighttpd/files/1.4.25-fix-CVE-2010-0295.patch211
-rw-r--r--www-servers/lighttpd/files/1.4.25-fix-multiple-ssl.patch12
-rw-r--r--www-servers/lighttpd/files/1.4.25-fix-unknown-AM_SILENT_RULES.patch18
-rw-r--r--www-servers/lighttpd/files/1.4.26-fix-ssl-return-check-r2716.patch16
-rw-r--r--www-servers/lighttpd/files/conf/lighttpd.conf325
-rw-r--r--www-servers/lighttpd/files/conf/mime-types.conf79
-rw-r--r--www-servers/lighttpd/files/conf/mod_cgi.conf33
-rw-r--r--www-servers/lighttpd/files/conf/mod_fastcgi.conf17
-rw-r--r--www-servers/lighttpd/files/conf/mod_fastcgi.conf-1.4.13-r217
-rw-r--r--www-servers/lighttpd/files/lighttpd.confd12
-rw-r--r--www-servers/lighttpd/files/lighttpd.initd67
-rw-r--r--www-servers/lighttpd/files/lighttpd.initd-1.4.13-r367
-rw-r--r--www-servers/lighttpd/files/lighttpd.logrotate17
-rw-r--r--www-servers/lighttpd/files/spawn-fcgi.confd35
-rw-r--r--www-servers/lighttpd/files/spawn-fcgi.initd51
15 files changed, 977 insertions, 0 deletions
diff --git a/www-servers/lighttpd/files/1.4.25-fix-CVE-2010-0295.patch b/www-servers/lighttpd/files/1.4.25-fix-CVE-2010-0295.patch
new file mode 100644
index 0000000..fcac318
--- /dev/null
+++ b/www-servers/lighttpd/files/1.4.25-fix-CVE-2010-0295.patch
@@ -0,0 +1,211 @@
+Index: branches/lighttpd-1.4.x/src/base.h
+===================================================================
+--- branches/lighttpd-1.4.x/src/base.h (revision 2709)
++++ branches/lighttpd-1.4.x/src/base.h (revision 2710)
+@@ -431,7 +431,6 @@
+
+ #ifdef USE_OPENSSL
+ SSL *ssl;
+- buffer *ssl_error_want_reuse_buffer;
+ # ifndef OPENSSL_NO_TLSEXT
+ buffer *tlsext_server_name;
+ # endif
+Index: branches/lighttpd-1.4.x/src/connections.c
+===================================================================
+--- branches/lighttpd-1.4.x/src/connections.c (revision 2709)
++++ branches/lighttpd-1.4.x/src/connections.c (revision 2710)
+@@ -192,40 +192,42 @@
+
+ static int connection_handle_read_ssl(server *srv, connection *con) {
+ #ifdef USE_OPENSSL
+- int r, ssl_err, len, count = 0;
++ int r, ssl_err, len, count = 0, read_offset, toread;
+ buffer *b = NULL;
+
+ if (!con->conf.is_ssl) return -1;
+
+- /* don't resize the buffer if we were in SSL_ERROR_WANT_* */
+-
+ ERR_clear_error();
+ do {
+- if (!con->ssl_error_want_reuse_buffer) {
+- b = buffer_init();
+- buffer_prepare_copy(b, SSL_pending(con->ssl) + (16 * 1024)); /* the pending bytes + 16kb */
++ if (NULL != con->read_queue->last) {
++ b = con->read_queue->last->mem;
++ }
+
++ if (NULL == b || b->size - b->used < 1024) {
++ b = chunkqueue_get_append_buffer(con->read_queue);
++ len = SSL_pending(con->ssl);
++ if (len < 4*1024) len = 4*1024; /* always alloc >= 4k buffer */
++ buffer_prepare_copy(b, len + 1);
++
+ /* overwrite everything with 0 */
+ memset(b->ptr, 0, b->size);
+- } else {
+- b = con->ssl_error_want_reuse_buffer;
+ }
+
+- len = SSL_read(con->ssl, b->ptr, b->size - 1);
+- con->ssl_error_want_reuse_buffer = NULL; /* reuse it only once */
++ read_offset = (b->used > 0) ? b->used - 1 : 0;
++ toread = b->size - 1 - read_offset;
+
++ len = SSL_read(con->ssl, b->ptr + read_offset, toread);
++
+ if (len > 0) {
+- b->used = len;
++ if (b->used > 0) b->used--;
++ b->used += len;
+ b->ptr[b->used++] = '\0';
+
+- /* we move the buffer to the chunk-queue, no need to free it */
++ con->bytes_read += len;
+
+- chunkqueue_append_buffer_weak(con->read_queue, b);
+ count += len;
+- con->bytes_read += len;
+- b = NULL;
+ }
+- } while (len > 0 && count < MAX_READ_LIMIT);
++ } while (len == toread && count < MAX_READ_LIMIT);
+
+
+ if (len < 0) {
+@@ -234,11 +236,11 @@
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_WRITE:
+ con->is_readable = 0;
+- con->ssl_error_want_reuse_buffer = b;
+
+- b = NULL;
++ /* the manual says we have to call SSL_read with the same arguments next time.
++ * we ignore this restriction; no one has complained about it in 1.5 yet, so it probably works anyway.
++ */
+
+- /* we have to steal the buffer from the queue-queue */
+ return 0;
+ case SSL_ERROR_SYSCALL:
+ /**
+@@ -297,16 +299,11 @@
+
+ connection_set_state(srv, con, CON_STATE_ERROR);
+
+- buffer_free(b);
+-
+ return -1;
+ } else if (len == 0) {
+ con->is_readable = 0;
+ /* the other end close the connection -> KEEP-ALIVE */
+
+- /* pipelining */
+- buffer_free(b);
+-
+ return -2;
+ }
+
+@@ -321,26 +318,41 @@
+ static int connection_handle_read(server *srv, connection *con) {
+ int len;
+ buffer *b;
+- int toread;
++ int toread, read_offset;
+
+ if (con->conf.is_ssl) {
+ return connection_handle_read_ssl(srv, con);
+ }
+
++ b = (NULL != con->read_queue->last) ? con->read_queue->last->mem : NULL;
++
++ /* default size for chunks is 4kb; only use bigger chunks if FIONREAD tells
++ * us more than 4kb is available
++ * if FIONREAD doesn't signal a big chunk we fill the previous buffer
++ * if it has >= 1kb free
++ */
+ #if defined(__WIN32)
+- b = chunkqueue_get_append_buffer(con->read_queue);
+- buffer_prepare_copy(b, 4 * 1024);
+- len = recv(con->fd, b->ptr, b->size - 1, 0);
+-#else
+- if (ioctl(con->fd, FIONREAD, &toread) || toread == 0) {
++ if (NULL == b || b->size - b->used < 1024) {
+ b = chunkqueue_get_append_buffer(con->read_queue);
+ buffer_prepare_copy(b, 4 * 1024);
++ }
++
++ read_offset = (b->used == 0) ? 0 : b->used - 1;
++ len = recv(con->fd, b->ptr + read_offset, b->size - 1 - read_offset, 0);
++#else
++ if (ioctl(con->fd, FIONREAD, &toread) || toread == 0 || toread <= 4*1024) {
++ if (NULL == b || b->size - b->used < 1024) {
++ b = chunkqueue_get_append_buffer(con->read_queue);
++ buffer_prepare_copy(b, 4 * 1024);
++ }
+ } else {
+ if (toread > MAX_READ_LIMIT) toread = MAX_READ_LIMIT;
+ b = chunkqueue_get_append_buffer(con->read_queue);
+ buffer_prepare_copy(b, toread + 1);
+ }
+- len = read(con->fd, b->ptr, b->size - 1);
++
++ read_offset = (b->used == 0) ? 0 : b->used - 1;
++ len = read(con->fd, b->ptr + read_offset, b->size - 1 - read_offset);
+ #endif
+
+ if (len < 0) {
+@@ -374,7 +386,8 @@
+ con->is_readable = 0;
+ }
+
+- b->used = len;
++ if (b->used > 0) b->used--;
++ b->used += len;
+ b->ptr[b->used++] = '\0';
+
+ con->bytes_read += len;
+@@ -850,13 +863,6 @@
+ /* The cond_cache gets reset in response.c */
+ /* config_cond_cache_reset(srv, con); */
+
+-#ifdef USE_OPENSSL
+- if (con->ssl_error_want_reuse_buffer) {
+- buffer_free(con->ssl_error_want_reuse_buffer);
+- con->ssl_error_want_reuse_buffer = NULL;
+- }
+-#endif
+-
+ con->header_len = 0;
+ con->in_error_handler = 0;
+
+@@ -1128,8 +1134,15 @@
+ } else {
+ buffer *b;
+
+- b = chunkqueue_get_append_buffer(dst_cq);
+- buffer_copy_string_len(b, c->mem->ptr + c->offset, toRead);
++ if (dst_cq->last &&
++ dst_cq->last->type == MEM_CHUNK) {
++ b = dst_cq->last->mem;
++ } else {
++ b = chunkqueue_get_append_buffer(dst_cq);
++ /* prepare buffer size for remaining POST data; is < 64kb */
++ buffer_prepare_copy(b, con->request.content_length - dst_cq->bytes_in + 1);
++ }
++ buffer_append_string_len(b, c->mem->ptr + c->offset, toRead);
+ }
+
+ c->offset += toRead;
+Index: branches/lighttpd-1.4.x/src/chunk.c
+===================================================================
+--- branches/lighttpd-1.4.x/src/chunk.c (revision 2709)
++++ branches/lighttpd-1.4.x/src/chunk.c (revision 2710)
+@@ -197,8 +197,6 @@
+ int chunkqueue_append_buffer_weak(chunkqueue *cq, buffer *mem) {
+ chunk *c;
+
+- if (mem->used == 0) return 0;
+-
+ c = chunkqueue_get_unused_chunk(cq);
+ c->type = MEM_CHUNK;
+ c->offset = 0;
diff --git a/www-servers/lighttpd/files/1.4.25-fix-multiple-ssl.patch b/www-servers/lighttpd/files/1.4.25-fix-multiple-ssl.patch
new file mode 100644
index 0000000..e9388a3
--- /dev/null
+++ b/www-servers/lighttpd/files/1.4.25-fix-multiple-ssl.patch
@@ -0,0 +1,12 @@
+--- src/network.c.orig 2009-10-17 00:03:44.000000000 +0200
++++ src/network.c 2010-03-25 23:09:56.000000000 +0100
+@@ -82,6 +82,9 @@
+ buffer_copy_string(con->tlsext_server_name, servername);
+ buffer_to_lower(con->tlsext_server_name);
+
++ /* Sometimes this is still set, confusing COMP_HTTP_HOST */
++ buffer_reset(con->uri.authority);
++
+ config_cond_cache_reset(srv, con);
+ config_setup_connection(srv, con);
+
diff --git a/www-servers/lighttpd/files/1.4.25-fix-unknown-AM_SILENT_RULES.patch b/www-servers/lighttpd/files/1.4.25-fix-unknown-AM_SILENT_RULES.patch
new file mode 100644
index 0000000..2c72c6a
--- /dev/null
+++ b/www-servers/lighttpd/files/1.4.25-fix-unknown-AM_SILENT_RULES.patch
@@ -0,0 +1,18 @@
+Allow to build on older automakes. this disables color output on tests,
+but leaves the AM_SILENT_RULES intact for automakes which support this.
+
+Signed-off-by: Thilo Bangert <bangert@gentoo.org>
+
+diff -Naur lighttpd-1.4.25.orig/configure.ac lighttpd-1.4.25/configure.ac
+--- lighttpd-1.4.25.orig/configure.ac 2009-11-25 10:27:12.000000000 +0100
++++ lighttpd-1.4.25/configure.ac 2009-11-25 10:43:20.000000000 +0100
+@@ -8,7 +8,8 @@
+
+ AC_CANONICAL_TARGET
+
+-AM_INIT_AUTOMAKE([-Wall -Wportability -Wno-override -Werror foreign dist-bzip2 tar-ustar silent-rules color-tests])
++m4_pattern_allow([AM_SILENT_RULES])
++AM_INIT_AUTOMAKE([-Wall -Wportability -Wno-override -Werror foreign dist-bzip2 tar-ustar])
+ AM_SILENT_RULES
+
+ # Checks for programs.
diff --git a/www-servers/lighttpd/files/1.4.26-fix-ssl-return-check-r2716.patch b/www-servers/lighttpd/files/1.4.26-fix-ssl-return-check-r2716.patch
new file mode 100644
index 0000000..1ef8a1c
--- /dev/null
+++ b/www-servers/lighttpd/files/1.4.26-fix-ssl-return-check-r2716.patch
@@ -0,0 +1,16 @@
+fix check of return value
+from upstream svn repo
+
+Index: network.c
+===================================================================
+--- src/network.c (revision 2715)
++++ src/network.c (revision 2716)
+@@ -525,7 +525,7 @@
+
+ if (!s->ssl_use_sslv2) {
+ /* disable SSLv2 */
+- if (SSL_OP_NO_SSLv2 != SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2)) {
++ if (!(SSL_OP_NO_SSLv2 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2))) {
+ log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
+ ERR_error_string(ERR_get_error(), NULL));
+ return -1;
diff --git a/www-servers/lighttpd/files/conf/lighttpd.conf b/www-servers/lighttpd/files/conf/lighttpd.conf
new file mode 100644
index 0000000..b56fa4d
--- /dev/null
+++ b/www-servers/lighttpd/files/conf/lighttpd.conf
@@ -0,0 +1,325 @@
+###############################################################################
+# Default lighttpd.conf for Gentoo.
+# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/conf/lighttpd.conf,v 1.4 2009/05/12 09:54:12 bangert Exp $
+###############################################################################
+
+# {{{ variables
+var.basedir = "/var/www/localhost"
+var.logdir = "/var/log/lighttpd"
+var.statedir = "/var/lib/lighttpd"
+# }}}
+
+# {{{ modules
+# At the very least, mod_access and mod_accesslog should be enabled.
+# All other modules should only be loaded if necessary.
+# NOTE: the order of modules is important.
+server.modules = (
+# "mod_rewrite",
+# "mod_redirect",
+# "mod_alias",
+ "mod_access",
+# "mod_cml",
+# "mod_trigger_b4_dl",
+# "mod_auth",
+# "mod_status",
+# "mod_setenv",
+# "mod_proxy",
+# "mod_simple_vhost",
+# "mod_evhost",
+# "mod_userdir",
+# "mod_compress",
+# "mod_ssi",
+# "mod_usertrack",
+# "mod_expire",
+# "mod_secdownload",
+# "mod_rrdtool",
+# "mod_webdav",
+ "mod_accesslog"
+)
+# }}}
+
+# {{{ includes
+include "mime-types.conf"
+# fcgi and cgi are included below
+# }}}
+
+# {{{ server settings
+server.username = "lighttpd"
+server.groupname = "lighttpd"
+
+server.document-root = var.basedir + "/htdocs"
+server.pid-file = "/var/run/lighttpd.pid"
+
+server.errorlog = var.logdir + "/error.log"
+# log errors to syslog instead
+# server.errorlog-use-syslog = "enable"
+
+server.indexfiles = ("index.php", "index.html",
+ "index.htm", "default.htm")
+
+# server.tag = "lighttpd"
+
+server.follow-symlink = "enable"
+
+# event handler (defaults to "poll")
+# see performance.txt
+#
+# for >= linux-2.4
+# server.event-handler = "linux-rtsig"
+# for >= linux-2.6
+# server.event-handler = "linux-sysepoll"
+# for FreeBSD
+# server.event-handler = "freebsd-kqueue"
+
+# chroot to directory (defaults to no chroot)
+# server.chroot = "/"
+
+# bind to port (defaults to 80)
+# server.port = 81
+
+# bind to name (defaults to all interfaces)
+# server.bind = "grisu.home.kneschke.de"
+
+# error-handler for status 404
+# server.error-handler-404 = "/error-handler.html"
+# server.error-handler-404 = "/error-handler.php"
+
+# Format: <errorfile-prefix><status-code>.html
+# -> ..../status-404.html for 'File not found'
+# server.errorfile-prefix = var.basedir + "/error/status-"
+
+# FAM support for caching stat() calls
+# requires that lighttpd be built with USE=fam
+# server.stat-cache-engine = "fam"
+# }}}
+
+# {{{ mod_staticfile
+
+# which extensions should not be handled via static-file transfer
+# (extensions that are usually handled by mod_cgi, mod_fastcgi, etc).
+static-file.exclude-extensions = (".php", ".pl", ".cgi", ".fcgi")
+# }}}
+
+# {{{ mod_accesslog
+accesslog.filename = var.logdir + "/access.log"
+# }}}
+
+# {{{ mod_dirlisting
+# enable directory listings
+# dir-listing.activate = "enable"
+#
+# don't list hidden files/directories
+# dir-listing.hide-dotfiles = "enable"
+#
+# use a different css for directory listings
+# dir-listing.external-css = "/path/to/dir-listing.css"
+#
+# list of regular expressions. files that match any of the
+# specified regular expressions will be excluded from directory
+# listings.
+# dir-listing.exclude = ("^\.", "~$")
+# }}}
+
+# {{{ mod_access
+# see access.txt
+
+url.access-deny = ("~", ".inc")
+# }}}
+
+# {{{ mod_userdir
+# see userdir.txt
+#
+# userdir.path = "public_html"
+# userdir.exclude-user = ("root")
+# }}}
+
+# {{{ mod_ssi
+# see ssi.txt
+#
+# ssi.extension = (".shtml")
+# }}}
+
+# {{{ mod_ssl
+# see ssl.txt
+#
+# ssl.engine = "enable"
+# ssl.pemfile = "server.pem"
+# }}}
+
+# {{{ mod_status
+# see status.txt
+#
+# status.status-url = "/server-status"
+# status.config-url = "/server-config"
+# }}}
+
+# {{{ mod_simple_vhost
+# see simple-vhost.txt
+#
+# If you want name-based virtual hosting add the next three settings and load
+# mod_simple_vhost
+#
+# document-root =
+# virtual-server-root + virtual-server-default-host + virtual-server-docroot
+# or
+# virtual-server-root + http-host + virtual-server-docroot
+#
+# simple-vhost.server-root = "/home/weigon/wwwroot/servers/"
+# simple-vhost.default-host = "grisu.home.kneschke.de"
+# simple-vhost.document-root = "/pages/"
+# }}}
+
+# {{{ mod_compress
+# see compress.txt
+#
+# compress.cache-dir = var.statedir + "/cache/compress"
+# compress.filetype = ("text/plain", "text/html")
+# }}}
+
+# {{{ mod_proxy
+# see proxy.txt
+#
+# proxy.server = ( ".php" =>
+# ( "localhost" =>
+# (
+# "host" => "192.168.0.101",
+# "port" => 80
+# )
+# )
+# )
+# }}}
+
+# {{{ mod_auth
+# see authentication.txt
+#
+# auth.backend = "plain"
+# auth.backend.plain.userfile = "lighttpd.user"
+# auth.backend.plain.groupfile = "lighttpd.group"
+
+# auth.backend.ldap.hostname = "localhost"
+# auth.backend.ldap.base-dn = "dc=my-domain,dc=com"
+# auth.backend.ldap.filter = "(uid=$)"
+
+# auth.require = ( "/server-status" =>
+# (
+# "method" => "digest",
+# "realm" => "download archiv",
+# "require" => "user=jan"
+# ),
+# "/server-info" =>
+# (
+# "method" => "digest",
+# "realm" => "download archiv",
+# "require" => "valid-user"
+# )
+# )
+# }}}
+
+# {{{ mod_rewrite
+# see rewrite.txt
+#
+# url.rewrite = (
+# "^/$" => "/server-status"
+# )
+# }}}
+
+# {{{ mod_redirect
+# see redirect.txt
+#
+# url.redirect = (
+# "^/wishlist/(.+)" => "http://www.123.org/$1"
+# )
+# }}}
+
+# {{{ mod_evhost
+# define a pattern for the host url finding
+# %% => % sign
+# %0 => domain name + tld
+# %1 => tld
+# %2 => domain name without tld
+# %3 => subdomain 1 name
+# %4 => subdomain 2 name
+#
+# evhost.path-pattern = "/home/storage/dev/www/%3/htdocs/"
+# }}}
+
+# {{{ mod_expire
+# expire.url = (
+# "/buggy/" => "access 2 hours",
+# "/asdhas/" => "access plus 1 seconds 2 minutes"
+# )
+# }}}
+
+# {{{ mod_rrdtool
+# see rrdtool.txt
+#
+# rrdtool.binary = "/usr/bin/rrdtool"
+# rrdtool.db-name = var.statedir + "/lighttpd.rrd"
+# }}}
+
+# {{{ mod_setenv
+# see setenv.txt
+#
+# setenv.add-request-header = ( "TRAV_ENV" => "mysql://user@host/db" )
+# setenv.add-response-header = ( "X-Secret-Message" => "42" )
+# }}}
+
+# {{{ mod_trigger_b4_dl
+# see trigger_b4_dl.txt
+#
+# trigger-before-download.gdbm-filename = "/home/weigon/testbase/trigger.db"
+# trigger-before-download.memcache-hosts = ( "127.0.0.1:11211" )
+# trigger-before-download.trigger-url = "^/trigger/"
+# trigger-before-download.download-url = "^/download/"
+# trigger-before-download.deny-url = "http://127.0.0.1/index.html"
+# trigger-before-download.trigger-timeout = 10
+# }}}
+
+# {{{ mod_cml
+# see cml.txt
+#
+# don't forget to add index.cml to server.indexfiles
+# cml.extension = ".cml"
+# cml.memcache-hosts = ( "127.0.0.1:11211" )
+# }}}
+
+# {{{ mod_webdav
+# see webdav.txt
+#
+# $HTTP["url"] =~ "^/dav($|/)" {
+# webdav.activate = "enable"
+# webdav.is-readonly = "enable"
+# }
+# }}}
+
+# {{{ extra rules
+#
+# set Content-Encoding and reset Content-Type for browsers that
+# support decompressing on-thy-fly (requires mod_setenv)
+# $HTTP["url"] =~ "\.gz$" {
+# setenv.add-response-header = ("Content-Encoding" => "x-gzip")
+# mimetype.assign = (".gz" => "text/plain")
+# }
+
+# $HTTP["url"] =~ "\.bz2$" {
+# setenv.add-response-header = ("Content-Encoding" => "x-bzip2")
+# mimetype.assign = (".bz2" => "text/plain")
+# }
+#
+# }}}
+
+# {{{ debug
+# debug.log-request-header = "enable"
+# debug.log-response-header = "enable"
+# debug.log-request-handling = "enable"
+# debug.log-file-not-found = "enable"
+# }}}
+
+# {{{ cgi includes
+# uncomment for cgi support
+# include "mod_cgi.conf"
+# uncomment for php/fastcgi support
+# include "mod_fastcgi.conf"
+# }}}
+
+# vim: set ft=conf foldmethod=marker et :
diff --git a/www-servers/lighttpd/files/conf/mime-types.conf b/www-servers/lighttpd/files/conf/mime-types.conf
new file mode 100644
index 0000000..f24d4d8
--- /dev/null
+++ b/www-servers/lighttpd/files/conf/mime-types.conf
@@ -0,0 +1,79 @@
+###############################################################################
+# Default mime-types.conf for Gentoo.
+# include'd from lighttpd.conf.
+# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/conf/mime-types.conf,v 1.4 2010/03/14 21:45:18 bangert Exp $
+###############################################################################
+
+# {{{ mime types
+mimetype.assign = (
+ ".svg" => "image/svg+xml",
+ ".svgz" => "image/svg+xml",
+ ".pdf" => "application/pdf",
+ ".sig" => "application/pgp-signature",
+ ".spl" => "application/futuresplash",
+ ".class" => "application/octet-stream",
+ ".ps" => "application/postscript",
+ ".torrent" => "application/x-bittorrent",
+ ".dvi" => "application/x-dvi",
+ ".gz" => "application/x-gzip",
+ ".pac" => "application/x-ns-proxy-autoconfig",
+ ".swf" => "application/x-shockwave-flash",
+ ".tar.gz" => "application/x-tgz",
+ ".tgz" => "application/x-tgz",
+ ".tar" => "application/x-tar",
+ ".zip" => "application/zip",
+ ".dmg" => "application/x-apple-diskimage",
+ ".mp3" => "audio/mpeg",
+ ".m3u" => "audio/x-mpegurl",
+ ".wma" => "audio/x-ms-wma",
+ ".wax" => "audio/x-ms-wax",
+ ".ogg" => "application/ogg",
+ ".wav" => "audio/x-wav",
+ ".gif" => "image/gif",
+ ".jpg" => "image/jpeg",
+ ".jpeg" => "image/jpeg",
+ ".png" => "image/png",
+ ".xbm" => "image/x-xbitmap",
+ ".xpm" => "image/x-xpixmap",
+ ".xwd" => "image/x-xwindowdump",
+ ".css" => "text/css",
+ ".html" => "text/html",
+ ".htm" => "text/html",
+ ".js" => "text/javascript",
+ ".asc" => "text/plain",
+ ".c" => "text/plain",
+ ".h" => "text/plain",
+ ".cc" => "text/plain",
+ ".cpp" => "text/plain",
+ ".hh" => "text/plain",
+ ".hpp" => "text/plain",
+ ".conf" => "text/plain",
+ ".log" => "text/plain",
+ ".text" => "text/plain",
+ ".txt" => "text/plain",
+ ".diff" => "text/plain",
+ ".patch" => "text/plain",
+ ".ebuild" => "text/plain",
+ ".eclass" => "text/plain",
+ ".rtf" => "application/rtf",
+ ".bmp" => "image/bmp",
+ ".tif" => "image/tiff",
+ ".tiff" => "image/tiff",
+ ".ico" => "image/x-icon",
+ ".dtd" => "text/xml",
+ ".xml" => "text/xml",
+ ".mpeg" => "video/mpeg",
+ ".mpg" => "video/mpeg",
+ ".mov" => "video/quicktime",
+ ".qt" => "video/quicktime",
+ ".avi" => "video/x-msvideo",
+ ".asf" => "video/x-ms-asf",
+ ".asx" => "video/x-ms-asf",
+ ".wmv" => "video/x-ms-wmv",
+ ".bz2" => "application/x-bzip",
+ ".tbz" => "application/x-bzip-compressed-tar",
+ ".tar.bz2" => "application/x-bzip-compressed-tar"
+ )
+# }}}
+
+# vim: set ft=conf foldmethod=marker et :
diff --git a/www-servers/lighttpd/files/conf/mod_cgi.conf b/www-servers/lighttpd/files/conf/mod_cgi.conf
new file mode 100644
index 0000000..1cb3770
--- /dev/null
+++ b/www-servers/lighttpd/files/conf/mod_cgi.conf
@@ -0,0 +1,33 @@
+###############################################################################
+# mod_cgi.conf
+# include'd by lighttpd.conf.
+# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/conf/mod_cgi.conf,v 1.1 2005/08/27 12:36:13 ka0ttic Exp $
+###############################################################################
+
+#
+# see cgi.txt for more information on using mod_cgi
+#
+
+server.modules += ("mod_cgi")
+
+# NOTE: this requires mod_alias
+alias.url = (
+ "/cgi-bin/" => var.basedir + "/cgi-bin/"
+)
+
+#
+# Note that you'll also want to enable the
+# cgi-bin alias via mod_alias (above).
+#
+
+$HTTP["url"] =~ "^/cgi-bin/" {
+ # disable directory listings
+ dir-listing.activate = "disable"
+ # only allow cgi's in this directory
+ cgi.assign = (
+ ".pl" => "/usr/bin/perl",
+ ".cgi" => "/usr/bin/perl"
+ )
+}
+
+# vim: set ft=conf foldmethod=marker et :
diff --git a/www-servers/lighttpd/files/conf/mod_fastcgi.conf b/www-servers/lighttpd/files/conf/mod_fastcgi.conf
new file mode 100644
index 0000000..b70aff1
--- /dev/null
+++ b/www-servers/lighttpd/files/conf/mod_fastcgi.conf
@@ -0,0 +1,17 @@
+###############################################################################
+# mod_fastcgi.conf
+# include'd by lighttpd.conf.
+# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/conf/mod_fastcgi.conf,v 1.3 2009/04/03 20:59:34 bangert Exp $
+###############################################################################
+
+server.modules += ("mod_fastcgi")
+fastcgi.server = ( ".php" =>
+ ( "localhost" =>
+ (
+ "socket" => "/var/run/lighttpd/lighttpd-fastcgi-php-" + PID + ".socket",
+ "bin-path" => "/usr/bin/php-cgi"
+ )
+ )
+ )
+
+# vim: set ft=conf foldmethod=marker et :
diff --git a/www-servers/lighttpd/files/conf/mod_fastcgi.conf-1.4.13-r2 b/www-servers/lighttpd/files/conf/mod_fastcgi.conf-1.4.13-r2
new file mode 100644
index 0000000..ca1369a
--- /dev/null
+++ b/www-servers/lighttpd/files/conf/mod_fastcgi.conf-1.4.13-r2
@@ -0,0 +1,17 @@
+###############################################################################
+# mod_fastcgi.conf
+# include'd by lighttpd.conf.
+# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/conf/mod_fastcgi.conf-1.4.13-r2,v 1.1 2007/04/01 23:22:00 robbat2 Exp $
+###############################################################################
+
+server.modules += ("mod_fastcgi")
+fastcgi.server = ( ".php" =>
+ ( "localhost" =>
+ (
+ "socket" => "/var/run/lighttpd/lighttpd-fastcgi-php-" + PID + ".socket",
+ "bin-path" => "/usr/bin/php-cgi"
+ )
+ )
+ )
+
+# vim: set ft=conf foldmethod=marker et :
diff --git a/www-servers/lighttpd/files/lighttpd.confd b/www-servers/lighttpd/files/lighttpd.confd
new file mode 100644
index 0000000..70d4170
--- /dev/null
+++ b/www-servers/lighttpd/files/lighttpd.confd
@@ -0,0 +1,12 @@
+# /etc/conf.d/lighttpd
+
+# Location of a shell used by the 'include_shell' directive
+# in the lighttpd's configuration file
+#export SHELL="/bin/bash"
+
+# Location of the lighttpd configuration file
+LIGHTTPD_CONF="/etc/lighttpd/lighttpd.conf"
+
+# Location of the lighttpd pid file
+LIGHTTPD_PID="/var/run/lighttpd.pid"
+
diff --git a/www-servers/lighttpd/files/lighttpd.initd b/www-servers/lighttpd/files/lighttpd.initd
new file mode 100644
index 0000000..71c72ba
--- /dev/null
+++ b/www-servers/lighttpd/files/lighttpd.initd
@@ -0,0 +1,67 @@
+#!/sbin/runscript
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/lighttpd.initd,v 1.13 2009/04/03 20:59:34 bangert Exp $
+
+opts="reload graceful"
+
+depend() {
+ need net
+ use mysql logger spawn-fcgi ldap slapd netmount dns
+ after famd
+ after sshd
+}
+
+checkconfig() {
+ if [ ! -f "${LIGHTTPD_CONF}" ] ; then
+ ewarn "${LIGHTTPD_CONF} does not exist."
+ return 1
+ fi
+
+ /usr/sbin/lighttpd -t -f ${LIGHTTPD_CONF} >/dev/null
+}
+
+start() {
+ checkconfig || return 1
+
+ ebegin "Starting lighttpd"
+ start-stop-daemon --start --quiet --exec /usr/sbin/lighttpd \
+ --pidfile "${LIGHTTPD_PID}" -- -f "${LIGHTTPD_CONF}"
+ eend $?
+}
+
+stop() {
+ local rv=0
+ ebegin "Stopping lighttpd"
+ start-stop-daemon --stop --quiet --pidfile "${LIGHTTPD_PID}"
+ eend $?
+}
+
+reload() {
+ if ! service_started "${SVCNAME}" ; then
+ eerror "${SVCNAME} isn't running"
+ return 1
+ fi
+ checkconfig || return 1
+
+ ebegin "Re-opening lighttpd log files"
+ start-stop-daemon --stop --oknodo --quiet --pidfile "${LIGHTTPD_PID}" \
+ --signal HUP
+ eend $?
+}
+
+graceful() {
+ if ! service_started "${SVCNAME}" ; then
+ eerror "${SVCNAME} isn't running"
+ return 1
+ fi
+ checkconfig || return 1
+
+ ebegin "Gracefully stopping lighttpd"
+ start-stop-daemon --stop --oknodo --quiet --pidfile "${LIGHTTPD_PID}" \
+ --signal INT
+ if eend $? ; then
+ rm -f "${LIGHTTPD_PID}"
+ start
+ fi
+}
diff --git a/www-servers/lighttpd/files/lighttpd.initd-1.4.13-r3 b/www-servers/lighttpd/files/lighttpd.initd-1.4.13-r3
new file mode 100644
index 0000000..56c25d8
--- /dev/null
+++ b/www-servers/lighttpd/files/lighttpd.initd-1.4.13-r3
@@ -0,0 +1,67 @@
+#!/sbin/runscript
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/lighttpd.initd-1.4.13-r3,v 1.3 2009/04/01 19:03:46 bangert Exp $
+
+opts="reload graceful"
+
+depend() {
+ need net
+ use mysql logger spawn-fcgi ldap slapd netmount dns
+ after famd
+ after sshd
+}
+
+checkconfig() {
+ if [ ! -f "${LIGHTTPD_CONF}" ] ; then
+ ewarn "${LIGHTTPD_CONF} does not exist."
+ return 1
+ fi
+
+ /usr/sbin/lighttpd -t -f ${LIGHTTPD_CONF} >/dev/null
+}
+
+start() {
+ checkconfig || return 1
+
+ ebegin "Starting lighttpd"
+ start-stop-daemon --start --quiet --exec /usr/sbin/lighttpd \
+ --pidfile "${LIGHTTPD_PID}" -- -f "${LIGHTTPD_CONF}"
+ eend $?
+}
+
+stop() {
+ local rv=0
+ ebegin "Stopping lighttpd"
+ start-stop-daemon --stop --quiet --pidfile "${LIGHTTPD_PID}"
+ eend $?
+}
+
+reload() {
+ if ! service_started "${SVCNAME}" ; then
+ eerror "${SVCNAME} isn't running"
+ return 1
+ fi
+ checkconfig || return 1
+
+ ebegin "Re-opening lighttpd log files"
+ start-stop-daemon --stop --oknodo --quiet --pidfile "${LIGHTTPD_PID}" \
+ --signal HUP
+ eend $?
+}
+
+graceful() {
+ if ! service_started "${SVCNAME}" ; then
+ eerror "${SVCNAME} isn't running"
+ return 1
+ fi
+ checkconfig || return 1
+
+ ebegin "Gracefully stopping lighttpd"
+ start-stop-daemon --stop --oknodo --quiet --pidfile "${LIGHTTPD_PID}" \
+ --signal INT
+ if eend $? ; then
+ rm -f "${LIGHTTPD_PID}"
+ start
+ fi
+}
diff --git a/www-servers/lighttpd/files/lighttpd.logrotate b/www-servers/lighttpd/files/lighttpd.logrotate
new file mode 100644
index 0000000..76f0ef3
--- /dev/null
+++ b/www-servers/lighttpd/files/lighttpd.logrotate
@@ -0,0 +1,17 @@
+# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/lighttpd.logrotate,v 1.2 2006/05/30 19:49:29 bangert Exp $
+# lighttpd logrotate script for Gentoo
+
+/var/log/lighttpd/*.log {
+ daily
+ missingok
+ copytruncate
+ rotate 7
+ compress
+ notifempty
+ sharedscripts
+ postrotate
+ if [ -f /var/run/lighttpd.pid ]; then \
+ /etc/init.d/lighttpd reload > /dev/null 2>&1 || true ; \
+ fi;
+ endscript
+}
diff --git a/www-servers/lighttpd/files/spawn-fcgi.confd b/www-servers/lighttpd/files/spawn-fcgi.confd
new file mode 100644
index 0000000..2a88806
--- /dev/null
+++ b/www-servers/lighttpd/files/spawn-fcgi.confd
@@ -0,0 +1,35 @@
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/spawn-fcgi.confd,v 1.1 2005/02/14 11:39:01 ka0ttic Exp $
+
+# Configuration file for the FCGI-Part of /etc/init.d/lighttpd
+
+## Set this to "yes" to enable SPAWNFCGI
+ENABLE_SPAWNFCGI="yes"
+
+## ABSOLUTE path to the spawn-fcgi binary
+SPAWNFCGI="/usr/bin/spawn-fcgi"
+
+## ABSOLUTE path to the PHP binary
+FCGIPROGRAM="/usr/bin/php-cgi"
+
+## bind to tcp-port on localhost
+FCGIPORT="1026"
+
+## number of PHP childs to spawn
+PHP_FCGI_CHILDREN=5
+
+## number of request server by a single php-process until is will be restarted
+PHP_FCGI_MAX_REQUESTS=1000
+
+## IP adresses where PHP should access server connections from
+FCGI_WEB_SERVER_ADDRS="127.0.0.1"
+
+# allowed environment variables sperated by spaces
+ALLOWED_ENV="PATH USER"
+# do NOT change line below
+ALLOWED_ENV="$ALLOWED_ENV PHP_FCGI_MAX_REQUESTS FCGI_WEB_SERVER_ADDRS"
+
+## if this script is run as root switch to the following user
+USERID=lighttpd
+GROUPID=lighttpd
diff --git a/www-servers/lighttpd/files/spawn-fcgi.initd b/www-servers/lighttpd/files/spawn-fcgi.initd
new file mode 100644
index 0000000..63daa75
--- /dev/null
+++ b/www-servers/lighttpd/files/spawn-fcgi.initd
@@ -0,0 +1,51 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/www-servers/lighttpd/files/spawn-fcgi.initd,v 1.2 2007/04/02 12:46:08 uberlord Exp $
+
+SPAWNFCGI_PID="/var/run/spawn-fcgi.pid"
+
+depend() {
+ need net
+}
+
+start() {
+ local my_end
+
+ ebegin "Starting spawn-fcgi"
+ export PHP_FCGI_MAX_REQUESTS FCGI_WEB_SERVER_ADDRS
+
+ EX="${SPAWNFCGI} -p ${FCGIPORT} -f ${FCGIPROGRAM} -u ${USERID} \
+ -g ${GROUPID} -C ${PHP_FCGI_CHILDREN}"
+
+ # copy the allowed environment variables
+ unset E
+ for i in ${ALLOWED_ENV}; do
+ E="${E} ${i}=${!i}"
+ done
+
+ # clean environment and set up a new one
+ env - ${E} ${EX} 2>${SPAWNFCGI_PID}
+ my_end=$?
+ if [ "$my_end" != "0" ]; then
+ [ -f ${SPAWNFCGI_PID} ] && rm -f ${SPAWNFCGI_PID}
+ eend $my_end
+ fi
+
+ #extract parent-process-id and write it back to the file
+ FCGI_PPID=`cat ${SPAWNFCGI_PID} | cut -d':' -f4`
+ echo ${FCGI_PPID} > ${SPAWNFCGI_PID}
+ eend 0
+}
+
+stop() {
+ ebegin "Stopping spawn-fcgi"
+ if ! kill `cat ${SPAWNFCGI_PID}` ; then
+ eend $?
+ return 1
+ fi
+ if [ -w ${SPAWNFCGI_PID} ]; then
+ rm ${SPAWNFCGI_PID}
+ fi
+ eend 0
+}