[packages/lighttpd] Up to 1.4.68
glen
glen at pld-linux.org
Mon Feb 13 23:46:42 CET 2023
commit bd2120cd8b92efb0b1e5964f09e9a58a5bc8492a
Author: Elan Ruusamäe <glen at pld-linux.org>
Date: Tue Feb 14 00:27:06 2023 +0200
Up to 1.4.68
- https://redmine.lighttpd.net/projects/lighttpd/wiki/Release-1_4_68
Deprecated: mod_evasive has been removed.
> mod_evasive can be replaced by mod_magnet and a few lines of lua:
> Replacement:
> - https://wiki.lighttpd.net/ModMagnetExamples#lua-mod_evasive
> - https://wiki.lighttpd.net/AbsoLUAtion#Fight-DDoS
> - https://wiki.lighttpd.net/AbsoLUAtion#Mod_Security
Deprecated: mod_secdownload has been removed.
> mod_secdownload can be replaced by mod_magnet and a few lines of lua:
> Replacement: https://wiki.lighttpd.net/ModMagnetExamples#lua-mod_secdownload
> mod_secdownload historically uses insecure MD5 though SHA1, SHA256 available
Deprecated: mod_secdownload has been removed.
> mod_secdownload can be replaced by mod_magnet and a few lines of lua:
> Replacement:
> https://wiki.lighttpd.net/ModMagnetExamples#lua-mod_secdownload
> mod_secdownload historically uses insecure MD5 though SHA1, SHA256
available
Deprecated: mod_usertrack has been removed.
> mod_usertrack can be replaced by mod_magnet and a few lines of lua:
> Replacement:
> https://wiki.lighttpd.net/ModMagnetExamples#lua-mod_usertrack
> mod_usertrack historically uses insecure MD5.
Future Scheduled Behavior Changes:
> lighttpd 1.4.68 builds common modules into the lighttpd base
> executable. Separate dynamic modules are still built for the benefit
> of existing packaging scripts in various distributions, but those
> modules are not used. A future version of lighttpd will omit building
> separate modules for: mod_access mod_alias mod_evhost mod_expire
> mod_fastcgi mod_indexfile mod_redirect mod_rewrite mod_scgi mod_setenv
> mod_simple_vhost mod_staticfile
lighttpd-mod_evasive-status_code.patch | 97 ----------------------------------
lighttpd.spec | 90 ++-----------------------------
mod_evasive.conf | 12 -----
mod_secdownload.conf | 7 ---
mod_uploadprogress.conf | 16 ------
mod_usertrack.conf | 7 ---
6 files changed, 3 insertions(+), 226 deletions(-)
---
diff --git a/lighttpd.spec b/lighttpd.spec
index 6b3d28e..3152249 100644
--- a/lighttpd.spec
+++ b/lighttpd.spec
@@ -42,12 +42,12 @@
Summary: Fast and light HTTP server
Summary(pl.UTF-8): Szybki i lekki serwer HTTP
Name: lighttpd
-Version: 1.4.67
-Release: 3
+Version: 1.4.68
+Release: 1
License: BSD
Group: Networking/Daemons/HTTP
Source0: https://download.lighttpd.net/lighttpd/releases-1.4.x/%{name}-%{version}.tar.xz
-# Source0-md5: 64822c5061001673162cf9775d91a80b
+# Source0-md5: 07f42c05bc2df869ac58b12e7e21d92e
Source1: %{name}.init
Source2: %{name}.conf
Source3: %{name}.user
@@ -75,7 +75,6 @@ Source104: mod_cgi.conf
Source107: mod_deflate.conf
Source108: mod_dirlisting.conf
-Source109: mod_evasive.conf
Source110: mod_evhost.conf
Source111: mod_expire.conf
Source112: mod_fastcgi.conf
@@ -86,7 +85,6 @@ Source116: mod_redirect.conf
Source117: mod_rewrite.conf
Source118: mod_rrdtool.conf
Source119: mod_scgi.conf
-Source120: mod_secdownload.conf
Source121: mod_setenv.conf
Source122: mod_simple_vhost.conf
Source123: mod_ssi.conf
@@ -94,7 +92,6 @@ Source124: mod_staticfile.conf
Source125: mod_status.conf
Source127: mod_userdir.conf
-Source128: mod_usertrack.conf
Source129: mod_webdav.conf
Source130: php-spawned.conf
Source131: php-external.conf
@@ -104,7 +101,6 @@ Source134: mod_magnet.conf
Source135: mod_extforward.conf
Source136: mod_h264_streaming.conf
Source137: mod_cgi_php.conf
-Source139: mod_uploadprogress.conf
Source141: mod_authn_ldap.conf
Source142: mod_openssl.conf
@@ -116,7 +112,6 @@ Source147: mod_maxminddb.conf
# use branch.sh script to create branch.diff
#Patch100: %{name}-branch.diff
## Patch100-md5: 7bd09235304c8bcb16f34d49d480c0fb
-Patch1: %{name}-mod_evasive-status_code.patch
Patch2: %{name}-mod_h264_streaming.patch
Patch3: %{name}-branding.patch
Patch4: systemd.patch
@@ -411,19 +406,6 @@ control.
mod_dirlisting tworzy listingi katalogów w formacie HTML z pełną
kontrolą CSS.
-%package mod_evasive
-Summary: lighttpd evasive module
-Summary(pl.UTF-8): Moduł evasive dla lighttpd
-Group: Networking/Daemons/HTTP
-URL: http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:ModEvasive
-Requires: %{name} = %{version}-%{release}
-
-%description mod_evasive
-lighttpd evasive module.
-
-%description mod_evasive -l pl.UTF-8
-Moduł evasive dla lighttpd.
-
%package mod_evhost
Summary: lighttpd module for enhanced virtual-hosting
Summary(pl.UTF-8): Moduł lighttpd rozszerzający obsługę hostów wirtualnych
@@ -649,21 +631,6 @@ Python + WSGI.
SCGI to szybki i uproszczony interfejs CGI. Jest używany głównie przez
Pythona z WSGI.
-%package mod_secdownload
-Summary: lighttpd module for secure and fast downloading
-Summary(pl.UTF-8): Moduł lighttpd do bezpiecznego i szybkiego ściągania danych
-Group: Networking/Daemons/HTTP
-URL: http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:ModSecDownload
-Requires: %{name} = %{version}-%{release}
-
-%description mod_secdownload
-With this module you can easily achieve authenticated file requests
-and a countermeasure against deep-linking.
-
-%description mod_secdownload -l pl.UTF-8
-Przy użyciu tego modułu można łatwo umożliwić ściąganie plików z
-uwierzytelnieniem i zapobiec używaniu bezpośrednich odnośników.
-
%package mod_setenv
Summary: lighttpd module for setting conditional request headers
Summary(pl.UTF-8): Moduł lighttpd do ustawiania warunkowych nagłówków żądań
@@ -743,15 +710,6 @@ mod_status displays the server's status and configuration.
%description mod_status -l pl.UTF-8
mod_status wyświetla stan i konfigurację serwera.
-%package mod_uploadprogress
-Summary: lighttpd module for upload progress
-Group: Networking/Daemons/HTTP
-URL: https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModUploadProgress
-Requires: %{name} = %{version}-%{release}
-
-%description mod_uploadprogress
-This module can be used to track the progress of a current upload.
-
%package mod_userdir
Summary: lighttpd module for user homedirs
Summary(pl.UTF-8): Moduł lighttpd obsługujący katalogi domowe użytkowników
@@ -767,19 +725,6 @@ directories into the global namespace of the webserver.
Moduł userdir udostępnia prosty sposób włączenia katalogów
użytkowników do globalnej przestrzeni nazw serwera WWW.
-%package mod_usertrack
-Summary: lighttpd usertrack module
-Summary(pl.UTF-8): Moduł usertrack dla lighttpd
-Group: Networking/Daemons/HTTP
-URL: http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:ModUserTrack
-Requires: %{name} = %{version}-%{release}
-
-%description mod_usertrack
-lighttpd usertrack module.
-
-%description mod_usertrack -l pl.UTF-8
-Moduł usertrack dla lighttpd.
-
%package mod_vhostdb
Summary: Virtual host database to provide vhost docroot
Group: Networking/Daemons/HTTP
@@ -904,7 +849,6 @@ Plik monitrc do monitorowania serwera www lighttpd.
%prep
%setup -q
#%patch100 -p1
-#%patch1 -p1 UPDATE (and submit upstream!) if you need this
%{?with_h264_streaming:%patch2 -p1}
%patch3 -p1
%patch4 -p1
@@ -1007,7 +951,6 @@ cp -p %{SOURCE137} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_cgi_php.conf
cp -p %{SOURCE107} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_deflate.conf
cp -p %{SOURCE108} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_dirlisting.conf
-cp -p %{SOURCE109} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_evasive.conf
cp -p %{SOURCE110} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_evhost.conf
cp -p %{SOURCE112} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_fastcgi.conf
%if %{with maxminddb}
@@ -1024,15 +967,12 @@ cp -p %{SOURCE142} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_openssl.conf
cp -p %{SOURCE115} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_proxy.conf
cp -p %{SOURCE118} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_rrdtool.conf
cp -p %{SOURCE119} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_scgi.conf
-cp -p %{SOURCE120} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_secdownload.conf
cp -p %{SOURCE121} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_setenv.conf
cp -p %{SOURCE122} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_simple_vhost.conf
cp -p %{SOURCE123} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_ssi.conf
cp -p %{SOURCE124} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_staticfile.conf
cp -p %{SOURCE125} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_status.conf
-cp -p %{SOURCE139} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_uploadprogress.conf
cp -p %{SOURCE127} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_userdir.conf
-cp -p %{SOURCE128} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_usertrack.conf
cp -p %{SOURCE143} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_vhostdb.conf
cp -p %{SOURCE129} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_webdav.conf
cp -p %{SOURCE144} $RPM_BUILD_ROOT%{_sysconfdir}/conf.d/50_mod_wstunnel.conf
@@ -1133,7 +1073,6 @@ fi
%module_scripts mod_cgi
%module_scripts mod_deflate
%module_scripts mod_dirlisting
-%module_scripts mod_evasive
%module_scripts mod_evhost
%module_scripts mod_expire
%module_scripts mod_extforward
@@ -1147,16 +1086,13 @@ fi
%module_scripts mod_redirect
%module_scripts mod_rewrite
%module_scripts mod_scgi
-%module_scripts mod_secdownload
%module_scripts mod_setenv
%module_scripts mod_simple_vhost
%module_scripts mod_sockproxy
%module_scripts mod_ssi
%module_scripts mod_staticfile
%module_scripts mod_status
-%module_scripts mod_uploadprogress
%module_scripts mod_userdir
-%module_scripts mod_usertrack
%module_scripts mod_vhostdb
%module_scripts mod_webdav
%module_scripts mod_wstunnel
@@ -1293,11 +1229,6 @@ fi
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/conf.d/*mod_dirlisting.conf
%attr(755,root,root) %{pkglibdir}/mod_dirlisting.so
-%files mod_evasive
-%defattr(644,root,root,755)
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/conf.d/*mod_evasive.conf
-%attr(755,root,root) %{pkglibdir}/mod_evasive.so
-
%files mod_evhost
%defattr(644,root,root,755)
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/conf.d/*mod_evhost.conf
@@ -1373,11 +1304,6 @@ fi
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/conf.d/*mod_scgi.conf
%attr(755,root,root) %{pkglibdir}/mod_scgi.so
-%files mod_secdownload
-%defattr(644,root,root,755)
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/conf.d/*mod_secdownload.conf
-%attr(755,root,root) %{pkglibdir}/mod_secdownload.so
-
%files mod_setenv
%defattr(644,root,root,755)
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/conf.d/*mod_setenv.conf
@@ -1408,21 +1334,11 @@ fi
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/conf.d/*mod_status.conf
%attr(755,root,root) %{pkglibdir}/mod_status.so
-%files mod_uploadprogress
-%defattr(644,root,root,755)
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/conf.d/*mod_uploadprogress.conf
-%attr(755,root,root) %{pkglibdir}/mod_uploadprogress.so
-
%files mod_userdir
%defattr(644,root,root,755)
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/conf.d/*mod_userdir.conf
%attr(755,root,root) %{pkglibdir}/mod_userdir.so
-%files mod_usertrack
-%defattr(644,root,root,755)
-%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/conf.d/*mod_usertrack.conf
-%attr(755,root,root) %{pkglibdir}/mod_usertrack.so
-
%files mod_vhostdb
%defattr(644,root,root,755)
%attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/conf.d/*mod_vhostdb.conf
diff --git a/lighttpd-mod_evasive-status_code.patch b/lighttpd-mod_evasive-status_code.patch
deleted file mode 100644
index 02cbd9e..0000000
--- a/lighttpd-mod_evasive-status_code.patch
+++ /dev/null
@@ -1,97 +0,0 @@
---- lighttpd-1.4.19/src/mod_evasive.c 2008-09-19 17:50:24.307245276 +0300
-+++ lighttpd-1.4.22/src/mod_evasive.c 2009-05-12 02:21:58.524447939 +0300
-@@ -28,11 +28,15 @@
- typedef struct {
- unsigned short max_conns;
- unsigned short silent;
-+ unsigned short http_status_code;
-+ unsigned int retry_after;
- } plugin_config;
-
- typedef struct {
- PLUGIN_DATA;
-
-+ buffer *evasive_rftmp;
-+
- plugin_config **config_storage;
-
- plugin_config conf;
-@@ -46,6 +50,10 @@
-
- p = calloc(1, sizeof(*p));
-
-+ p->evasive_rftmp = buffer_init();
-+
-+ buffer_prepare_copy(p->evasive_rftmp, 255);
-+
- return p;
- }
-
-@@ -56,6 +64,8 @@
-
- if (!p) return HANDLER_GO_ON;
-
-+ buffer_free(p->evasive_rftmp);
-+
- if (p->config_storage) {
- size_t i;
- for (i = 0; i < srv->config_context->used; i++) {
-@@ -85,6 +85,8 @@
- config_values_t cv[] = {
- { "evasive.max-conns-per-ip", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 0 */
- { "evasive.silent", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
-+ { "evasive.http-status-code", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
-+ { "evasive.retry-after", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 3 */
- { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
- };
-
-@@ -94,11 +96,15 @@
- plugin_config *s;
-
- s = calloc(1, sizeof(plugin_config));
-- s->max_conns = 0;
-- s->silent = 0;
-+ s->max_conns = 0;
-+ s->silent = 0;
-+ s->http_status_code = 503;
-+ s->retry_after = 0;
-
- cv[0].destination = &(s->max_conns);
- cv[1].destination = &(s->silent);
-+ cv[2].destination = &(s->http_status_code);
-+ cv[3].destination = &(s->retry_after);
-
- p->config_storage[i] = s;
-
-@@ -107,6 +123,8 @@
-
- PATCH(max_conns);
- PATCH(silent);
-+ PATCH(http_status_code);
-+ PATCH(retry_after);
-
- /* skip the first, the global context */
- for (i = 1; i < srv->config_context->used; i++) {
-@@ -124,6 +142,10 @@
- PATCH(max_conns);
- } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("evasive.silent"))) {
- PATCH(silent);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("evasive.http-status-code"))) {
-+ PATCH(http_status_code);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("evasive.retry-after"))) {
-+ PATCH(retry_after);
- }
- }
- }
-@@ -192,8 +214,10 @@
- inet_ntop_cache_get_ip(srv, &(con->dst_addr)),
- "turned away. Too many connections.");
-
-- con->http_status = 403;
- con->mode = DIRECT;
-+ con->http_status = p->conf.http_status_code;
-+ buffer_copy_long(p->evasive_rftmp, p->conf.retry_after);
-+ response_header_overwrite(srv, con, CONST_STR_LEN("Retry-After"), CONST_BUF_LEN(p->evasive_rftmp));
- return HANDLER_FINISHED;
- }
- }
diff --git a/mod_evasive.conf b/mod_evasive.conf
deleted file mode 100644
index 8ecb17f..0000000
--- a/mod_evasive.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-# Evasive module.
-#
-# Documentation: http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModEvasive
-
-server.modules += (
- "mod_evasive"
-)
-
-##
-## Limits number of connections per IP
-##
-#evasive.max-conns-per-ip = 5
diff --git a/mod_secdownload.conf b/mod_secdownload.conf
deleted file mode 100644
index c916f1d..0000000
--- a/mod_secdownload.conf
+++ /dev/null
@@ -1,7 +0,0 @@
-# secure and fast downloading module.
-#
-# Documentation: http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModSecDownload
-
-server.modules += (
- "mod_secdownload"
-)
diff --git a/mod_uploadprogress.conf b/mod_uploadprogress.conf
deleted file mode 100644
index e8db906..0000000
--- a/mod_uploadprogress.conf
+++ /dev/null
@@ -1,16 +0,0 @@
-# Upload Progress module.
-#
-# Documentation: https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModUploadProgress
-
-server.modules += (
- "mod_uploadprogress"
-)
-
-# string, empty by default; use "/progress" (or something else) to enable the module
-#upload-progress.progress-url = "/progress"
-
-# integer, default: 60 seconds
-#upload-progress.remove-timeout = 30
-
-# boolean, default: "disable"
-#upload-progress.debug = "enable"
diff --git a/mod_usertrack.conf b/mod_usertrack.conf
deleted file mode 100644
index eb1aba4..0000000
--- a/mod_usertrack.conf
+++ /dev/null
@@ -1,7 +0,0 @@
-# usertrack module.
-#
-# Documentation: http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModUserTrack
-
-server.modules += (
- "mod_usertrack"
-)
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/lighttpd.git/commitdiff/bd2120cd8b92efb0b1e5964f09e9a58a5bc8492a
More information about the pld-cvs-commit
mailing list