include $(TOPDIR)/rules.mk
PKG_NAME:=lighttpd
-PKG_VERSION:=1.4.56
-PKG_RELEASE:=5
+PKG_VERSION:=1.4.57
+PKG_RELEASE:=1
# release candidate ~rcX testing; remove for release
-#PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-1.4.56
+#PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-1.4.57
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=https://download.lighttpd.net/lighttpd/releases-1.4.x
-PKG_HASH:=e4ce84cd79e8ae8ba193c7a7cc79c4afba9a076b443ef9f8d4bcd13a3354df77
+PKG_HASH:=52ca961b89c12f7ecbb2e4e0c5a9e79b2863c64e33c42832a165e7f894d6217f
PKG_MAINTAINER:=W. Michael Petullo <mike@flyn.org>
PKG_LICENSE:=BSD-3-Clause
+++ /dev/null
-From 2a1e55dc62c72893d128400334131a56a218ee1a Mon Sep 17 00:00:00 2001
-From: Glenn Strauss <gstrauss@gluelogic.com>
-Date: Tue, 1 Dec 2020 16:23:49 -0500
-Subject: [PATCH] [mod_webdav] define _ATFILE_SOURCE if AT_FDCWD
-
-Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
----
- src/mod_webdav.c | 15 ++++++++++++---
- 1 file changed, 20 insertions(+), 5 deletions(-)
-
-diff --git a/src/mod_webdav.c b/src/mod_webdav.c
-index c3fe79a2..9c27ad8f 100644
---- a/src/mod_webdav.c
-+++ b/src/mod_webdav.c
-@@ -182,9 +182,18 @@
- #include <string.h>
- #include <unistd.h> /* getpid() linkat() rmdir() unlinkat() */
-
--/* Note: filesystem access race conditions exist without _ATFILE_SOURCE */
-+#ifdef AT_FDCWD
- #ifndef _ATFILE_SOURCE
-+#define _ATFILE_SOURCE
-+#endif
-+#endif
-+
-+#ifndef AT_SYMLINK_NOFOLLOW
- #define AT_SYMLINK_NOFOLLOW 0
-+#endif
-+
-+/* Note: filesystem access race conditions exist without _ATFILE_SOURCE */
-+#ifndef _ATFILE_SOURCE
- /*(trigger linkat() fail to fallback logic in mod_webdav.c)*/
- #define linkat(odfd,opath,ndfd,npath,flags) -1
- #endif
-@@ -2371,7 +2380,10 @@ webdav_delete_dir (const plugin_config * const pconf,
- buffer_append_string_len(&dst->rel_path, de->d_name, len);
-
- #ifndef _ATFILE_SOURCE
-- #ifndef _DIRENT_HAVE_D_TYPE
-+ #ifdef _DIRENT_HAVE_D_TYPE
-+ if (de->d_type == DT_UNKNOWN)
-+ #endif
-+ {
- struct stat st;
- if (0 != stat(dst->path.ptr, &st)) {
- dst->path.ptr[ (dst->path.used = dst_path_used) -1]='\0';
-@@ -2379,6 +2391,6 @@ webdav_delete_dir (const plugin_config * const pconf,
- continue; /* file *just* disappeared? */
- }
- s_isdir = S_ISDIR(st.st_mode);
-- #endif
-+ }
- #endif
-
-@@ -2903,7 +2902,10 @@ webdav_copymove_dir (const plugin_config * const pconf,
- buffer_append_string_len(&dst->rel_path, de->d_name, len);
-
- #ifndef _ATFILE_SOURCE
-- #ifndef _DIRENT_HAVE_D_TYPE
-+ #ifdef _DIRENT_HAVE_D_TYPE
-+ if (de->d_type == DT_UNKNOWN)
-+ #endif
-+ {
- if (0 != stat(src->path.ptr, &st)) {
- src->path.ptr[ (src->path.used = src_path_used) -1]='\0';
- src->rel_path.ptr[(src->rel_path.used = src_rel_path_used)-1]='\0';
-@@ -2912,7 +2914,7 @@ webdav_copymove_dir (const plugin_config * const pconf,
- continue; /* file *just* disappeared? */
- }
- d_type = st.st_mode;
-- #endif
-+ }
- #endif
-
- if (S_ISDIR(d_type)) { /* recursive call; depth first */
---
-2.28.0
-
+++ /dev/null
-From 716e4d7a5d773607d87d5521f5943cff019bcd97 Mon Sep 17 00:00:00 2001
-From: Glenn Strauss <gstrauss@gluelogic.com>
-Date: Mon, 30 Nov 2020 19:31:05 -0500
-Subject: [PATCH] [core] fix lighttpd -1 one-shot with pipes
-
-Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
----
- src/server.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/server.c b/src/server.c
-index 83c0241f..a781027e 100644
---- a/src/server.c
-+++ b/src/server.c
-@@ -356,7 +356,7 @@ static int server_oneshot_read_cq(connection *con, chunkqueue *cq, off_t max_byt
- /* temporary set con->fd to oneshot_fd (fd input) rather than outshot_fdout
- * (lighttpd generally assumes operation on sockets, so this is a kludge) */
- int fd = con->fd;
-- con->fd = oneshot_fd;
-+ con->fd = oneshot_fdn->fd;
- int rc = oneshot_read_cq(con, cq, max_bytes);
- con->fd = fd;
-
---
-2.28.0
-
+++ /dev/null
-From 233a218ab3cf449a0667438cf0b1830eeb33471b Mon Sep 17 00:00:00 2001
-From: Glenn Strauss <gstrauss@gluelogic.com>
-Date: Thu, 3 Dec 2020 17:16:52 -0500
-Subject: [PATCH] [build] fix meson.build when building all TLS mods
-
-x-ref:
- "[lighttpd] -mod-openssl fails"
- https://github.com/openwrt/packages/issues/14121
- "[lighttpd] -mod-wolfssl fails"
- https://github.com/openwrt/packages/issues/14122
-
-Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
----
- src/meson.build | 20 +++++++++++++-------
- 1 file changed, 13 insertions(+), 7 deletions(-)
-
-diff --git a/src/meson.build b/src/meson.build
-index 71e4ec90..2d6ee2df 100644
---- a/src/meson.build
-+++ b/src/meson.build
-@@ -432,15 +432,20 @@ if get_option('with_mysql')
- endif
-
- libssl = []
--libx509 = []
- libcrypto = []
-+libsslcrypto = []
- libgnutls = []
-+libmbedtls = []
-+libmbedcrypto = []
-+libmbedx509 = []
-+libwolfssl = []
- if get_option('with_openssl')
- # manual search:
- # header: openssl/ssl.h
- # function: SSL_new (-lssl)
- # function: BIO_f_base64 (-lcrypto)
- libssl = [ dependency('libssl') ]
-+ libsslcrypto = [ dependency('libcrypto') ]
- libcrypto = [ dependency('libcrypto') ]
- conf_data.set('HAVE_OPENSSL_SSL_H', true)
- conf_data.set('HAVE_LIBSSL', true)
-@@ -449,7 +454,7 @@ if get_option('with_wolfssl')
- # manual search:
- # header: wolfssl/ssl.h
- # function: wolfSSL_Init (-lwolfssl)
-- libssl = [ dependency('wolfssl') ]
-+ libwolfssl = [ dependency('wolfssl') ]
- libcrypto = [ dependency('wolfssl') ]
- conf_data.set('HAVE_WOLFSSL_SSL_H', true)
- endif
-@@ -459,8 +464,9 @@ if get_option('with_mbedtls')
- # function: mbedtls_cipher_info_from_type (-lmbedtls)
- # function: mbedtls_x509_get_name (-lmbedx509)
- # function: mbedtls_base64_encode (-lmbedcrypto)
-- libssl = [ compiler.find_library('mbedtls') ]
-- libx509 = [ compiler.find_library('mbedx509') ]
-+ libmbedtls = [ compiler.find_library('mbedtls') ]
-+ libmbedx509 = [ compiler.find_library('mbedx509') ]
-+ libmbedcrypto = [ compiler.find_library('mbedcrypto') ]
- libcrypto = [ compiler.find_library('mbedcrypto') ]
- conf_data.set('HAVE_LIBMBEDCRYPTO', true)
- endif
-@@ -1070,19 +1076,19 @@ endif
-
- if get_option('with_openssl')
- modules += [
-- [ 'mod_openssl', [ 'mod_openssl.c' ], libssl + libcrypto ],
-+ [ 'mod_openssl', [ 'mod_openssl.c' ], libssl + libsslcrypto ],
- ]
- endif
-
- if get_option('with_wolfssl')
- modules += [
-- [ 'mod_wolfssl', [ 'mod_wolfssl.c' ], libcrypto ],
-+ [ 'mod_wolfssl', [ 'mod_wolfssl.c' ], libwolfssl ],
- ]
- endif
-
- if get_option('with_mbedtls')
- modules += [
-- [ 'mod_mbedtls', [ 'mod_mbedtls.c' ], libssl + libx509 + libcrypto ],
-+ [ 'mod_mbedtls', [ 'mod_mbedtls.c' ], libmbedtls + libmbedx509 + libmbedcrypto ],
- ]
- endif
-
---
-2.28.0
-
+++ /dev/null
-From a27e55b2dd0887f462c36ff788dde5c5de20a154 Mon Sep 17 00:00:00 2001
-From: Glenn Strauss <gstrauss@gluelogic.com>
-Date: Sat, 5 Dec 2020 11:19:03 -0500
-Subject: [PATCH] [core] add missing mod_wolfssl to ssl compat list
-
-add missing mod_wolfssl to ssl compat module list
-
-x-ref:
- "[lighttpd] -mod-wolfssl fails (requires dependency on -mod-openssl?)"
- https://github.com/openwrt/packages/issues/14139
-
-Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
----
- src/configfile.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/src/configfile.c b/src/configfile.c
-index da444154..c7739c4f 100644
---- a/src/configfile.c
-+++ b/src/configfile.c
-@@ -345,6 +345,8 @@ static void config_compat_module_load (server *srv) {
- append_mod_openssl = 0;
- else if (buffer_eq_slen(m, CONST_STR_LEN("mod_openssl")))
- append_mod_openssl = 0;
-+ else if (buffer_eq_slen(m, CONST_STR_LEN("mod_wolfssl")))
-+ append_mod_openssl = 0;
- else if (buffer_eq_slen(m, CONST_STR_LEN("mod_authn_file")))
- append_mod_authn_file = 0;
- else if (buffer_eq_slen(m, CONST_STR_LEN("mod_authn_ldap")))
---
-2.28.0
-
+++ /dev/null
-From a43420ba07645acb71f31e95b9c7b4e894794afd Mon Sep 17 00:00:00 2001
-From: Glenn Strauss <gstrauss@gluelogic.com>
-Date: Sun, 6 Dec 2020 22:50:49 -0500
-Subject: [PATCH] [mod_wolfssl] add complex preproc logic for SNI
-
-add complex preproc logic for SNI detection
-- HAVE_SNI is not sufficient
-- HAVE_LIGHTY is not sufficient (in wolfssl <= 4.5.0)
-Instead, use more complex logic wrapping calls to SNI_Callback()
-in wolfssl.
-
-x-ref:
- "[lighttpd] -mod-wolfssl inhibited by missing library functionality"
- https://github.com/openwrt/packages/issues/14142
- "put all SNI code behind simpler preprocessor directive HAVE_SNI"
- https://github.com/wolfSSL/wolfssl/pull/3538
-
-Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
----
- src/mod_wolfssl.c | 15 ++++++++++++---
- 1 file changed, 12 insertions(+), 3 deletions(-)
-
-diff --git a/src/mod_wolfssl.c b/src/mod_wolfssl.c
-index a22b0ebe..70f7488b 100644
---- a/src/mod_wolfssl.c
-+++ b/src/mod_wolfssl.c
-@@ -2041,13 +2041,22 @@ network_init_ssl (server *srv, plugin_config_socket *s, plugin_data *p)
- * && (HAVE_STUNNEL || WOLFSSL_NGINX || HAVE_LIGHTY)))
- * and sniRecvCb sniRecvCbArg are hidden by *different* set of defines
- * in wolfssl/internal.h)
-- * Note: SNI callbacks disabled if wolfSSL is not built OPENSSL_ALL ! */
-- #ifdef OPENSSL_ALL /* regretable */
-+ * Note: wolfSSL SNI callbacks members not present unless wolfSSL is
-+ * built OPENSSL_ALL or some additional combination of preprocessor
-+ * defines. The following should work with more recent wolfSSL versions
-+ * (and HAVE_LIGHTY is not sufficient in wolfssl <= 4.5.0) */
-+ #if defined(OPENSSL_ALL) \
-+ || (defined(OPENSSL_EXTRA) \
-+ && (defined(HAVE_STUNNEL) \
-+ || defined(WOLFSSL_NGINX) \
-+ || defined(WOLFSSL_HAPROXY)))
-+ #else
-+ #undef HAVE_SNI
-+ #endif
- #ifdef HAVE_SNI
- wolfSSL_CTX_set_servername_callback(
- s->ssl_ctx, network_ssl_servername_callback);
- wolfSSL_CTX_set_servername_arg(s->ssl_ctx, srv);
-- #endif /* regretable */
- #else
- log_error(srv->errh, __FILE__, __LINE__,
- "SSL: WARNING: SNI callbacks *crippled* in wolfSSL library build");
---
-2.28.0
-
projects / feed / packages.git / commitdiff