pkgsrc/www/lighttpd/distinfo

$NetBSD: distinfo,v 1.25 2013/10/29 19:54:11 adam Exp $

SHA1 (lighttpd-1.4.33.tar.xz) = f309708105aadffba229a944d4c32423132119a5
RMD160 (lighttpd-1.4.33.tar.xz) = 4b892ac678c9153e8200318f2bd71445190c1806
Size (lighttpd-1.4.33.tar.xz) = 555248 bytes
SHA1 (patch-doc_config_lighttpd.conf) = 1f5d884ec3cc9ee1ec18b51f0d25ca2a7aae0b8c
SHA1 (patch-src_plugin.c) = 27b7a193c1f5867b5a1d2e2c5b289a0bf6368b39
Changes 1.4.32: mod_fastcgi: fix mix up of “mode” => “authorizer” in other fastcgi configs (fixes 2465, thx peex) fix handling of If-Modified-Since if If-None-Match is present (don’t return 412 for date parsing errors); follow current draft for HTTP/1.1, which tells us to ignore If-Modified-Since if we have matching etags. [mod_fastcgi,log] support multi line logging (fixes 2252) call ERR_clear_error only for ssl connections in CON_STATE_ERROR reject non ASCII characters in HTTP header names [mod_auth] use crypt() on encrypted password instead of extracting salt first (fixes 2483) [mod_auth] add htpasswd -s (SHA1) support if openssl is used (needs openssl for SHA1). This doesn’t use any salt, md5 with salt is probably better. [mod_auth] fix base64_decode (2484) fix some bugs found with canalyze (fixes 2484, thx Zhenbo Xu) fix undefined stuff found with clang [cmake] Use TARGET_LINK_LIBRARIES instead of LINK_FLAGS for library dependencies, also add Wl,-as-needed to extra warnings (fixes 2448) [mod_auth] fix invalid read in digest qop=auth-int handling (fixes 2478) [auto* build] simplify autogen.sh, handle automake 1.13 test running (fixes 2490) [mod_userdir] add userdir.active option, “enabled” by default [core] return 501 Not Implemented in static file mode for all methods except GET/POST/HEAD/OPTIONS [core] recognize more http methods to forward to backends (fixes 2346) [ssl] use DH only if openssl supports it (fixes 2479) [network] use constants available at compile time for maximum number of chunks for writev instead of calling sysconf (fixes 2470) [ssl] Fix $HTTP[“scheme”] conditional, could be “http” for ssl connections if the ssl $SERVER[“socket”] conditional was nested (fixes 2501) [ssl] accept ssl renegotiations if they are not disabled (fixes 2491) [ssl] add option ssl.empty-fragments, defaulting to disabled (fixes 2492) [auth] put REMOTE_USER into cgi environment, making it accessible to lua via lighty.req_env (fixes 2495) [auth] new method “extern” to use already present REMOTE_USER (from magnet, ssl, …) (fixes 2436) [core] remove requirement that default doc-root has to exist, there are reasonable scenarios not requiring static files at all [core] check whether server.chroot exists [mod_simple_vhost] fix cache; skip module if simple-vhost.server-root is empty (thx rm for reporting) [mod_accesslog] add accesslog.syslog-level option (fixes 2480) [core] allow files to be used as document-root (fixes 2475) [core] set signal handlers before forking child processes in modules/plugins_call_set_defaults (fixes 2502) 2013-10-29 20:54:11 +01:00			$NetBSD: distinfo,v 1.25 2013/10/29 19:54:11 adam Exp $
Initial import of lighttpd-1.4.3 as www/lighttpd. LightTPD is a secure, fast, compliant, and very flexible web-server which designed and optimized for for high-performance environments. With a small memory footprint compared to other webservers, effective management of the CPU load, and advanced feature set (FastCGI, CGI, Auth, Output-Compression, URL-Rewriting and many more), LightTPD is the perfect solution for every server that is suffering load problems. This is loosely based on the lighttpd package from pkgsrc-wip by Piotr Stolc <socrtp@soclab.eu.org>. 2005-09-04 08:37:05 +02:00
Changes 1.4.32: mod_fastcgi: fix mix up of “mode” => “authorizer” in other fastcgi configs (fixes 2465, thx peex) fix handling of If-Modified-Since if If-None-Match is present (don’t return 412 for date parsing errors); follow current draft for HTTP/1.1, which tells us to ignore If-Modified-Since if we have matching etags. [mod_fastcgi,log] support multi line logging (fixes 2252) call ERR_clear_error only for ssl connections in CON_STATE_ERROR reject non ASCII characters in HTTP header names [mod_auth] use crypt() on encrypted password instead of extracting salt first (fixes 2483) [mod_auth] add htpasswd -s (SHA1) support if openssl is used (needs openssl for SHA1). This doesn’t use any salt, md5 with salt is probably better. [mod_auth] fix base64_decode (2484) fix some bugs found with canalyze (fixes 2484, thx Zhenbo Xu) fix undefined stuff found with clang [cmake] Use TARGET_LINK_LIBRARIES instead of LINK_FLAGS for library dependencies, also add Wl,-as-needed to extra warnings (fixes 2448) [mod_auth] fix invalid read in digest qop=auth-int handling (fixes 2478) [auto* build] simplify autogen.sh, handle automake 1.13 test running (fixes 2490) [mod_userdir] add userdir.active option, “enabled” by default [core] return 501 Not Implemented in static file mode for all methods except GET/POST/HEAD/OPTIONS [core] recognize more http methods to forward to backends (fixes 2346) [ssl] use DH only if openssl supports it (fixes 2479) [network] use constants available at compile time for maximum number of chunks for writev instead of calling sysconf (fixes 2470) [ssl] Fix $HTTP[“scheme”] conditional, could be “http” for ssl connections if the ssl $SERVER[“socket”] conditional was nested (fixes 2501) [ssl] accept ssl renegotiations if they are not disabled (fixes 2491) [ssl] add option ssl.empty-fragments, defaulting to disabled (fixes 2492) [auth] put REMOTE_USER into cgi environment, making it accessible to lua via lighty.req_env (fixes 2495) [auth] new method “extern” to use already present REMOTE_USER (from magnet, ssl, …) (fixes 2436) [core] remove requirement that default doc-root has to exist, there are reasonable scenarios not requiring static files at all [core] check whether server.chroot exists [mod_simple_vhost] fix cache; skip module if simple-vhost.server-root is empty (thx rm for reporting) [mod_accesslog] add accesslog.syslog-level option (fixes 2480) [core] allow files to be used as document-root (fixes 2475) [core] set signal handlers before forking child processes in modules/plugins_call_set_defaults (fixes 2502) 2013-10-29 20:54:11 +01:00			`SHA1 (lighttpd-1.4.33.tar.xz) = f309708105aadffba229a944d4c32423132119a5`
			`RMD160 (lighttpd-1.4.33.tar.xz) = 4b892ac678c9153e8200318f2bd71445190c1806`
			`Size (lighttpd-1.4.33.tar.xz) = 555248 bytes`
Update www/lighttpd to 1.4.31. Changes from 1.4.30 - [ssl] fix segfault in counting renegotiations for openssl versions without TLSEXT/SNI (thx carpii for reporting) - Move fdevent subsystem includes to implementation files to reduce conflicts (fixes #2373) - [mod_compress] fix handling if etags are disabled but cache-dir is set - may lead to double response - disable mmap by default (fixes #2391) - buffer_caseless_compare: always convert letters to lowercase to get transitive results, fixing array lookups (fixes #2405) - Fix handling of empty header list entries in http_request_split_value, fixing invalid read in valgrind (fixes #2413) - Fix access log escaping of " and \\ (fixes #1551) - [mod_auth] Fix digest "md5-sess" implementation (Errata ID 1649, RFC 2617) (fixes #2410) - [auth] Add "AUTH_TYPE" environment (for * cgi), remove fastcgi specific workaround, add fastcgi test case (fixes #889) - [mod_*cgi,mod_accesslog] Fix splitting :port with ipv6 (fixes #2333, thx simoncpu) - Detect multiple -f options: show error message instead of assert (fixes #2416) - [mod_extforward] Support ipv6 addresses (fixes #1889) - [mod_redirect] Support url.redirect-code option (fixes #2247) - Fix --enable-mmap handling in configure.ac Changes from 1.4.29 - Always use our 'own' md5 implementation, fixes linking issues on MacOS (fixes #2331) - Limit amount of bytes we send in one go; fixes stalling in one connection and timeouts on slow systems. - [ssl] fix build errors when Elliptic-Curve Diffie-Hellman is disabled - Add static-file.disable-pathinfo option to prevent handling of urls like .../secret.php/image.jpg as static file - Don't overwrite 401 (auth required) with 501 (unknown method) (fixes #2341) - Fix mod_status bug: always showed "0/0" in the "Read" column for uploads (fixes #2351) - [mod_auth] Fix signedness error in http_auth (fixes #2370, CVE-2011-4362) - [ssl] count renegotiations to prevent client renegotiations - [ssl] add option to honor server cipher order (fixes #2364, BEAST attack) - [core] accept dots in ipv6 addresses in host header (fixes #2359) - [ssl] fix ssl connection aborts if files are larger than the MAX_WRITE_LIMIT (256kb) - [libev/cgi] fix waitpid ECHILD errors in cgi with libev (fixes #2324) 2012-08-01 13:25:22 +02:00			`SHA1 (patch-doc_config_lighttpd.conf) = 1f5d884ec3cc9ee1ec18b51f0d25ca2a7aae0b8c`
Fix dynamic extension loading on SunOS, where successful dlopen() may return non-NULL too and lighttpd was evaluating as failure. Bump PKGREVISION. 2013-01-11 12:00:02 +01:00			`SHA1 (patch-src_plugin.c) = 27b7a193c1f5867b5a1d2e2c5b289a0bf6368b39`