--- Makefile (revision 424149) +++ Makefile (working copy) @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME?= lighttpd -PORTVERSION= 1.4.41 -PORTREVISION= 1 +PORTVERSION= 1.4.42 CATEGORIES?= www MASTER_SITES?= http://download.lighttpd.net/lighttpd/releases-1.4.x/ @@ -19,6 +18,7 @@ GNU_CONFIGURE= yes USES= autoreconf gmake libtool localbase pkgconfig tar:xz +USE_CSTD= gnu99 .if !defined(_BUILDING_LIGHTTPD_MODULE) USES+= cpe @@ -30,7 +30,7 @@ .if !defined(_BUILDING_LIGHTTPD_MODULE) USE_RC_SUBR= lighttpd -OPTIONS_DEFINE= ATTR BZIP2 DOCS FAM GDBM IPV6 LIBEV LUA MEMCACHED MYSQL MYSQLAUTH \ +OPTIONS_DEFINE= ATTR BZIP2 DOCS FAM GDBM IPV6 LIBEV LUA MEMCACHED MYSQL \ LDAP OPENSSL SPAWNFCGI VALGRIND WEBDAV OPTIONS_DEFAULT= OPENSSL @@ -43,7 +43,6 @@ LUA_DESC= lua support (mod_cml, mod_magnet) MEMCACHED_DESC= memcached storage (mod_trigger_b4_dl) MYSQL_DESC= MySQL support (mod_mysql_vhost) -MYSQLAUTH_DESC= MySQL authentication SPAWNFCGI_DESC= Depend on spawn-fcgi utility VALGRIND_DESC= valgrind support WEBDAV_DESC= WebDAV support @@ -63,7 +62,6 @@ LUA_CONFIGURE_ENV= LUA_CFLAGS="-I${LUA_INCDIR}" LUA_LIBS="-L${LUA_LIBDIR} -llua-${LUA_VER}" MEMCACHED_LIB_DEPENDS= libmemcached.so:databases/libmemcached MEMCACHED_CONFIGURE_WITH=memcached -MYSQLAUTH_IMPLIES= MYSQL OPENSSL_USES= ssl OPENSSL_CONFIGURE_WITH= openssl OPENSSL_CONFIGURE_ON= --with-openssl-includes=${OPENSSLINC} --with-openssl-libs=${OPENSSLLIB} @@ -71,6 +69,10 @@ VALGRIND_BUILD_DEPENDS= valgrind:devel/valgrind VALGRIND_RUN_DEPENDS= valgrind:devel/valgrind VALGRIND_CONFIGURE_WITH=valgrind +WEBDAV_USE= GNOME=libxml2 +WEBDAV_LIB_DEPENDS= libuuid.so:misc/e2fsprogs-libuuid \ + libsqlite3.so:databases/sqlite3 +WEBDAV_CONFIGURE_WITH= webdav-props webdav-locks LIGHTTPD_CONF_FILES= lighttpd.conf modules.conf @@ -113,15 +115,6 @@ _REQUIRE+= mysql .endif -.if ${PORT_OPTIONS:MMYSQLAUTH} -EXTRA_PATCHES+= ${FILESDIR}/extra-patch-src_Makefile.am \ - ${FILESDIR}/extra-patch-src_Makefile.in \ - ${FILESDIR}/extra-patch-src_http__auth.c \ - ${FILESDIR}/extra-patch-src_http__auth.h \ - ${FILESDIR}/extra-patch-src_mod__auth.c -PORTDOCS+= README.mysqlauth mysql_auth.sql -.endif - .if ${PORT_OPTIONS:MLDAP} USE_OPENLDAP= yes CONFIGURE_ARGS+= --with-ldap @@ -128,13 +121,6 @@ _REQUIRE+= slapd .endif -.if ${PORT_OPTIONS:MWEBDAV} -USE_GNOME+= libxml2 -LIB_DEPENDS+= libuuid.so:misc/e2fsprogs-libuuid \ - libsqlite3.so:databases/sqlite3 -CONFIGURE_ARGS+= --with-webdav-props --with-webdav-locks -.endif - SUB_LIST+= REQUIRE="${_REQUIRE}" post-patch: @@ -182,12 +168,6 @@ ${INSTALL_DATA} ${WRKSRC}/${FILE} ${STAGEDIR}${DOCSDIR}/${FILE} . endfor -post-install-MYSQLAUTH-on: - @${MKDIR} ${STAGEDIR}${DOCSDIR} -. for FILE in README.mysqlauth mysql_auth.sql - ${INSTALL_DATA} ${FILESDIR}/${FILE} ${STAGEDIR}${DOCSDIR}/${FILE} -. endfor - test: build @cd ${WRKSRC}/tests && ${SETENV} ${MAKE_ENV} ${MAKE} \ ${MAKE_FLAGS} ${MAKEFILE} ${MAKE_ARGS} \ --- distinfo (revision 424149) +++ distinfo (working copy) @@ -1,7 +1,5 @@ -TIMESTAMP = 1470040166 -SHA256 (lighttpd-1.4.41.tar.xz) = 4bcc383ef6d6dc7b284f68882d71a178e2986c83c4e85eeb3c8f3b882e346b6c -SIZE (lighttpd-1.4.41.tar.xz) = 623480 -SHA256 (lighttpd-1.4.26_mod_h264_streaming-2.2.9.patch) = 4e6768af32ce16033fcb0c70b12c55b40082ca105a36f258b0bbf30d64e9dad3 -SIZE (lighttpd-1.4.26_mod_h264_streaming-2.2.9.patch) = 242458 -SHA256 (lighttpd-1.4.26_mod_geoip.patch) = 2858036310b778852d9f039a81629902edffc368658e13bf4779f3642ee1a5ba -SIZE (lighttpd-1.4.26_mod_geoip.patch) = 15173 +TIMESTAMP = 1476712210 +SHA256 (lighttpd-1.4.42.tar.xz) = b2c9069ed0bade9362c27b469a9b884641786aea1c3d686f9fd9f01d15e2a15f +SIZE (lighttpd-1.4.42.tar.xz) = 652140 +SHA256 (lighttpd-1.4.26_mod_h264_streaming-2.2.9.patch) = 716cd4f8d371e12c115a2204e649aafe2ebad42d0099777b1361c0e2cc8a1612 +SIZE (lighttpd-1.4.26_mod_h264_streaming-2.2.9.patch) = 242456 --- files/README.mysqlauth (revision 424149) +++ files/README.mysqlauth (nonexistent) @@ -1,45 +0,0 @@ -References: -http://redmine.lighttpd.net/issues/752 -http://redmine.lighttpd.net/attachments/1012/03_all_lighttpd-1.4.23-mysql_auth.diff -http://redmine.lighttpd.net/attachments/download/1012/03_all_lighttpd-1.4.23-mysql_auth.diff - -This patch allows lighttpd to authenticate users against mySQL DBbr -NOTE: Only basic auth is implemented. Passwords are stored as MD5 hash in DB - -make mysql db and user (read mySQL doc's if you don't know how) -import lighttpd-1.4.11-mysql_auth.sql - -open lighttpd.conf and add -(be sure that you comment out any other auth - according to lighttpd docs) - -auth.backend = "mysql" -auth.backend.mysql.host = "localhost" -auth.backend.mysql.user = "db_user" -auth.backend.mysql.pass = "db_pass" -auth.backend.mysql.db = "db_name" -auth.backend.mysql.port = "0" # (for default port 0, always needed) -auth.backend.mysql.socket = "" # (for default leave blank, always needed) -auth.backend.mysql.users_table = "users_table" -auth.backend.mysql.col_user = "col_name_username" -auth.backend.mysql.col_pass = "col_name_password" # (md5 hash of password) -auth.backend.mysql.col_realm = "col_realm_name" - -configure lighttpd to use it (same as every other auth) - -auth.require = ( "/some_path" => - ( - "method" => "basic", - "realm" => "some_realm", - "require" => "some_user", - ) -) - -start lighttpd - -P.S. patch include more complicated setup with separate table for domains. -If you are interested please contact with me to obtain more information. - -Bugs, Patches and Suggestions -Send me E-Mail: drJeckyll@Jeckyll.net - --- files/extra-patch-src_Makefile.am (revision 424149) +++ files/extra-patch-src_Makefile.am (nonexistent) @@ -1,11 +0,0 @@ ---- src/Makefile.am.orig 2016-07-16 10:06:16 UTC -+++ src/Makefile.am -@@ -254,7 +254,7 @@ mod_compress_la_LIBADD = $(Z_LIB) $(BZ_L - lib_LTLIBRARIES += mod_auth.la - mod_auth_la_SOURCES = mod_auth.c http_auth.c - mod_auth_la_LDFLAGS = $(common_module_ldflags) --mod_auth_la_LIBADD = $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) -+mod_auth_la_LIBADD = ${MYSQL_LIBS} $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) - - lib_LTLIBRARIES += mod_rewrite.la - mod_rewrite_la_SOURCES = mod_rewrite.c --- files/extra-patch-src_Makefile.in (revision 424149) +++ files/extra-patch-src_Makefile.in (nonexistent) @@ -1,11 +0,0 @@ ---- src/Makefile.in.orig 2016-07-16 10:10:53 UTC -+++ src/Makefile.in -@@ -1011,7 +1011,7 @@ mod_compress_la_LDFLAGS = $(common_modul - mod_compress_la_LIBADD = $(Z_LIB) $(BZ_LIB) $(common_libadd) - mod_auth_la_SOURCES = mod_auth.c http_auth.c - mod_auth_la_LDFLAGS = $(common_module_ldflags) --mod_auth_la_LIBADD = $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) -+mod_auth_la_LIBADD = ${MYSQL_LIBS} $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) - mod_rewrite_la_SOURCES = mod_rewrite.c - mod_rewrite_la_LDFLAGS = $(common_module_ldflags) - mod_rewrite_la_LIBADD = $(PCRE_LIB) $(common_libadd) --- files/extra-patch-src_http__auth.c (revision 424149) +++ files/extra-patch-src_http__auth.c (nonexistent) @@ -1,193 +0,0 @@ ---- src/http_auth.c.orig 2016-07-16 10:06:16 UTC -+++ src/http_auth.c -@@ -30,6 +30,7 @@ - #include - #include - #include -+#include - - #include "md5.h" - -@@ -194,9 +195,119 @@ static int http_auth_get_password(server - fclose(fp); - } else if (p->conf.auth_backend == AUTH_BACKEND_LDAP) { - return 0; -- } -+ } else if (p->conf.auth_backend == AUTH_BACKEND_MYSQL) { -+ MYSQL_RES *result; -+ MYSQL_ROW row; -+ int port = atoi(p->conf.auth_mysql_port->ptr); -+ char q[255]; - -- return -1; -+ if (p->conf.auth_mysql_socket->ptr != NULL) -+ if (0 == strcmp(p->conf.auth_mysql_socket->ptr, "")) p->conf.auth_mysql_socket->ptr = NULL; -+ -+ p->conf.mysql_conn = mysql_init(NULL); -+ -+ if (mysql_real_connect(p->conf.mysql_conn, p->conf.auth_mysql_host->ptr, p->conf.auth_mysql_user->ptr, p->conf.auth_mysql_pass->ptr, p->conf.auth_mysql_db->ptr, port, p->conf.auth_mysql_socket->ptr, 0)) -+ { -+//#define MY_HOSTING -+ -+#ifdef MY_HOSTING -+ char my_full_realm[255]; -+ char *my_realm = NULL; -+ char *my_domain = NULL; -+ -+ char *uname; -+ size_t unamelen; -+ -+ unamelen = strlen(username->ptr); -+ uname = malloc(unamelen*2+1); -+ -+ mysql_real_escape_string(p->conf.mysql_conn, -+ uname, username->ptr, -+ (unsigned long)unamelen); -+ -+ strcpy(my_full_realm, realm->ptr); -+ my_realm = strtok(my_full_realm, "@"); -+ -+ if (my_realm != NULL) -+ my_domain = strtok(NULL, "@"); -+ -+ sprintf(q, "SELECT %s FROM %s, %s WHERE %s='%s' AND %s='%s' AND %s='%s' AND %s=%s", -+ p->conf.auth_mysql_col_pass->ptr, -+ -+ p->conf.auth_mysql_users_table->ptr, -+ p->conf.auth_mysql_domains_table->ptr, -+ -+ p->conf.auth_mysql_col_user->ptr, -+ uname, -+ -+ p->conf.auth_mysql_col_realm->ptr, -+ my_realm, -+ -+ p->conf.auth_mysql_col_domain->ptr, -+ my_domain, -+ -+ p->conf.auth_mysql_domains_table_col_domain_id->ptr, -+ p->conf.auth_mysql_users_table_col_domain_id->ptr -+ ); -+ -+ free(uname); -+#else -+ // sanitize username & realm by taguchi@ff.iij4u.or.jp -+ char *uname, *urealm; -+ size_t unamelen, urealmlen; -+ -+ unamelen = strlen(username->ptr); -+ urealmlen = strlen(realm->ptr); -+ uname = malloc(unamelen*2+1); -+ urealm = malloc(urealmlen*2+1); -+ -+ mysql_real_escape_string(p->conf.mysql_conn, -+ uname, username->ptr, -+ (unsigned long)unamelen); -+ -+ mysql_real_escape_string(p->conf.mysql_conn, -+ urealm, realm->ptr, -+ (unsigned long)unamelen); -+ -+ mysql_real_escape_string(p->conf.mysql_conn, -+ urealm, realm->ptr, -+ (unsigned long)urealmlen); -+ -+ sprintf(q, "SELECT %s FROM %s WHERE %s='%s' AND %s='%s'", -+ p->conf.auth_mysql_col_pass->ptr, -+ p->conf.auth_mysql_users_table->ptr, -+ p->conf.auth_mysql_col_user->ptr, -+ uname, -+ p->conf.auth_mysql_col_realm->ptr, -+ urealm -+ ); -+ -+ free(uname); -+ free(urealm); -+#endif -+ -+ mysql_query(p->conf.mysql_conn, q); -+ result = mysql_store_result(p->conf.mysql_conn); -+ if (mysql_num_rows(result) == 1) -+ { -+ /* found */ -+ row = mysql_fetch_row(result); -+ buffer_copy_string_len(password, row[0], strlen(row[0])); -+ -+ return 0; -+ } else -+ { -+ /* not found */ -+ return -1; -+ } -+ -+ mysql_free_result(result); -+ mysql_close(p->conf.mysql_conn); -+ -+ p->conf.mysql_conn = NULL; -+ } else -+ return -1; -+ } - } - - int http_auth_match_rules(server *srv, array *req, const char *username, const char *group, const char *host) { -@@ -711,6 +822,60 @@ static int http_auth_basic_password_comp - - return 0; - #endif -+ } else if (p->conf.auth_backend == AUTH_BACKEND_MYSQL) { -+ /* -+ we check for md5 crypt() now -+ request by Nicola Tiling -+ */ -+ if (password->ptr[0] == '$' && password->ptr[2] == '$') -+ { -+ char salt[32]; -+ char *crypted; -+ size_t salt_len = 0; -+ char *dollar = NULL; -+ -+ if (NULL == (dollar = strchr(password->ptr + 3, '$'))) { -+ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__); -+ return -1; -+ } -+ -+ salt_len = dollar - password->ptr; -+ -+ if (salt_len > sizeof(salt) - 1) -+ { -+ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__); -+ return -1; -+ } -+ -+ strncpy(salt, password->ptr, salt_len); -+ -+ salt[salt_len] = '\0'; -+ -+ crypted = crypt(pw, salt); -+ -+ if (0 == strcmp(password->ptr, crypted)) -+ { -+ return 0; -+ } else { -+ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__); -+ } -+ } else -+ /* plain md5 check now */ -+ { -+ li_MD5_CTX Md5Ctx; -+ HASH HA1; -+ char a1[256]; -+ -+ li_MD5_Init(&Md5Ctx); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)pw, strlen(pw)); -+ li_MD5_Final(HA1, &Md5Ctx); -+ -+ CvtHex(HA1, a1); -+ -+ if (0 == strcmp(password->ptr, a1)) { -+ return 0; -+ } -+ } - } - return -1; - } --- files/extra-patch-src_http__auth.h (revision 424149) +++ files/extra-patch-src_http__auth.h (nonexistent) @@ -1,43 +0,0 @@ ---- src/http_auth.h.orig 2016-07-16 10:06:16 UTC -+++ src/http_auth.h -@@ -9,13 +9,15 @@ - # define USE_LDAP - # include - #endif -+#include - - typedef enum { - AUTH_BACKEND_UNSET, - AUTH_BACKEND_PLAIN, - AUTH_BACKEND_LDAP, - AUTH_BACKEND_HTPASSWD, -- AUTH_BACKEND_HTDIGEST -+ AUTH_BACKEND_HTDIGEST, -+ AUTH_BACKEND_MYSQL - } auth_backend_t; - - typedef struct { -@@ -50,6 +52,23 @@ typedef struct { - buffer *ldap_filter_pre; - buffer *ldap_filter_post; - #endif -+ -+ MYSQL *mysql_conn; -+ buffer *auth_mysql_host; -+ buffer *auth_mysql_user; -+ buffer *auth_mysql_pass; -+ buffer *auth_mysql_db; -+ buffer *auth_mysql_port; -+ buffer *auth_mysql_socket; -+ buffer *auth_mysql_users_table; -+ buffer *auth_mysql_col_user; -+ buffer *auth_mysql_col_pass; -+ buffer *auth_mysql_col_realm; -+ buffer *auth_mysql_domains_table; -+ buffer *auth_mysql_col_domain; -+ buffer *auth_mysql_domains_table_col_domain_id; -+ buffer *auth_mysql_users_table_col_domain_id; -+ - } mod_auth_plugin_config; - - typedef struct { --- files/extra-patch-src_mod__auth.c (revision 424149) +++ files/extra-patch-src_mod__auth.c (nonexistent) @@ -1,200 +0,0 @@ ---- src/mod_auth.c.orig 2016-07-16 10:06:16 UTC -+++ src/mod_auth.c -@@ -13,6 +13,7 @@ - #include - #include - #include -+#include - - handler_t auth_ldap_init(server *srv, mod_auth_plugin_config *s); - -@@ -84,6 +85,19 @@ FREE_FUNC(mod_auth_free) { - - if (s->ldap) ldap_unbind_s(s->ldap); - #endif -+ buffer_free(s->auth_mysql_host); -+ buffer_free(s->auth_mysql_user); -+ buffer_free(s->auth_mysql_pass); -+ buffer_free(s->auth_mysql_db); -+ buffer_free(s->auth_mysql_socket); -+ buffer_free(s->auth_mysql_users_table); -+ buffer_free(s->auth_mysql_col_user); -+ buffer_free(s->auth_mysql_col_pass); -+ buffer_free(s->auth_mysql_col_realm); -+ buffer_free(s->auth_mysql_domains_table); -+ buffer_free(s->auth_mysql_col_domain); -+ buffer_free(s->auth_mysql_domains_table_col_domain_id); -+ buffer_free(s->auth_mysql_users_table_col_domain_id); - - free(s); - } -@@ -122,6 +136,21 @@ static int mod_auth_patch_connection(ser - PATCH(ldap_filter_post); - #endif - -+ PATCH(auth_mysql_host); -+ PATCH(auth_mysql_user); -+ PATCH(auth_mysql_pass); -+ PATCH(auth_mysql_db); -+ PATCH(auth_mysql_port); -+ PATCH(auth_mysql_socket); -+ PATCH(auth_mysql_users_table); -+ PATCH(auth_mysql_col_user); -+ PATCH(auth_mysql_col_pass); -+ PATCH(auth_mysql_col_realm); -+ PATCH(auth_mysql_domains_table); -+ PATCH(auth_mysql_col_domain); -+ PATCH(auth_mysql_domains_table_col_domain_id); -+ PATCH(auth_mysql_users_table_col_domain_id); -+ - /* skip the first, the global context */ - for (i = 1; i < srv->config_context->used; i++) { - data_config *dc = (data_config *)srv->config_context->data[i]; -@@ -171,6 +200,34 @@ static int mod_auth_patch_connection(ser - PATCH(auth_ldap_bindpw); - } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.ldap.allow-empty-pw"))) { - PATCH(auth_ldap_allow_empty_pw); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.host"))) { -+ PATCH(auth_mysql_host); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.user"))) { -+ PATCH(auth_mysql_user); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.pass"))) { -+ PATCH(auth_mysql_pass); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.db"))) { -+ PATCH(auth_mysql_db); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.port"))) { -+ PATCH(auth_mysql_port); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.socket"))) { -+ PATCH(auth_mysql_user); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.users_table"))) { -+ PATCH(auth_mysql_users_table); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_user"))) { -+ PATCH(auth_mysql_col_user); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_pass"))) { -+ PATCH(auth_mysql_col_pass); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_realm"))) { -+ PATCH(auth_mysql_col_realm); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.domains_table"))) { -+ PATCH(auth_mysql_domains_table); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_domain"))) { -+ PATCH(auth_mysql_col_domain); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.domains_table_col_domain_id"))) { -+ PATCH(auth_mysql_domains_table_col_domain_id); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.users_table_col_domain_id"))) { -+ PATCH(auth_mysql_users_table_col_domain_id); - } - } - } -@@ -362,10 +419,25 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) - { "auth.backend.ldap.starttls", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 8 */ - { "auth.backend.ldap.bind-dn", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 9 */ - { "auth.backend.ldap.bind-pw", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 10 */ -- { "auth.backend.ldap.allow-empty-pw", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 11 */ -+ { "auth.backend.ldap.allow-empty-pw", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, - { "auth.backend.htdigest.userfile", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 12 */ - { "auth.backend.htpasswd.userfile", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 13 */ - { "auth.debug", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 14 */ -+ { "auth.backend.mysql.host", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.user", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.pass", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.db", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.port", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.socket", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.users_table", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.col_user", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.col_pass", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.col_realm", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 23 */ -+ { "auth.backend.mysql.domains_table", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.col_domain", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.domains_table_col_domain_id", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.users_table_col_domain_id", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 27 */ -+ - { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET } - }; - -@@ -394,6 +466,22 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) - s->auth_debug = 0; - - s->auth_require = array_init(); -+ s->mysql_conn = NULL; -+ s->auth_mysql_host = buffer_init(); -+ s->auth_mysql_user = buffer_init(); -+ s->auth_mysql_pass = buffer_init(); -+ s->auth_mysql_db = buffer_init(); -+ s->auth_mysql_port = buffer_init(); -+ s->auth_mysql_socket = buffer_init(); -+ s->auth_mysql_users_table = buffer_init(); -+ s->auth_mysql_col_user = buffer_init(); -+ s->auth_mysql_col_pass = buffer_init(); -+ s->auth_mysql_col_realm = buffer_init(); -+ s->auth_mysql_domains_table = buffer_init(); -+ s->auth_mysql_col_domain = buffer_init(); -+ s->auth_mysql_domains_table_col_domain_id = buffer_init(); -+ s->auth_mysql_users_table_col_domain_id = buffer_init(); -+ - - #ifdef USE_LDAP - s->ldap_filter_pre = buffer_init(); -@@ -416,7 +504,20 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) - cv[12].destination = s->auth_htdigest_userfile; - cv[13].destination = s->auth_htpasswd_userfile; - cv[14].destination = &(s->auth_debug); -- -+ cv[15].destination = s->auth_mysql_host; -+ cv[16].destination = s->auth_mysql_user; -+ cv[17].destination = s->auth_mysql_pass; -+ cv[18].destination = s->auth_mysql_db; -+ cv[19].destination = s->auth_mysql_port; -+ cv[20].destination = s->auth_mysql_socket; -+ cv[21].destination = s->auth_mysql_users_table; -+ cv[22].destination = s->auth_mysql_col_user; -+ cv[23].destination = s->auth_mysql_col_pass; -+ cv[24].destination = s->auth_mysql_col_realm; -+ cv[25].destination = s->auth_mysql_domains_table; -+ cv[26].destination = s->auth_mysql_col_domain; -+ cv[27].destination = s->auth_mysql_domains_table_col_domain_id; -+ cv[28].destination = s->auth_mysql_users_table_col_domain_id; - p->config_storage[i] = s; - - if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) { -@@ -432,6 +533,8 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) - s->auth_backend = AUTH_BACKEND_PLAIN; - } else if (0 == strcmp(s->auth_backend_conf->ptr, "ldap")) { - s->auth_backend = AUTH_BACKEND_LDAP; -+ } else if (0 == strcmp(s->auth_backend_conf->ptr, "mysql")) { -+ s->auth_backend = AUTH_BACKEND_MYSQL; - } else { - log_error_write(srv, __FILE__, __LINE__, "sb", "auth.backend not supported:", s->auth_backend_conf); - -@@ -573,6 +676,31 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) - return (ret); - break; - } -+ case AUTH_BACKEND_MYSQL: { -+ int port = atoi(s->auth_mysql_port->ptr); -+ -+ /* ignore if auth_mysql_socket is invalid */ -+ if (p->conf.auth_mysql_socket == NULL) -+ return HANDLER_GO_ON; -+ if (p->conf.auth_mysql_socket->ptr != NULL) -+ if (0 == strcmp(s->auth_mysql_socket->ptr, "")) s->auth_mysql_socket->ptr = NULL; -+ -+ s->mysql_conn = mysql_init(NULL); -+ if (!mysql_real_connect(s->mysql_conn, s->auth_mysql_host->ptr, s->auth_mysql_user->ptr, s->auth_mysql_pass->ptr, s->auth_mysql_db->ptr, port, NULL, 0)) -+ { -+ log_error_write(srv, __FILE__, __LINE__, "sbsbsbsbss", -+ "opening connection to mysql:", s->auth_mysql_host, -+ "user:", s->auth_mysql_user, -+ "pass:", s->auth_mysql_pass, -+ "db:", s->auth_mysql_db, -+ "failed:", strerror(errno)); -+ -+ return HANDLER_ERROR; -+ } -+ mysql_close(s->mysql_conn); -+ -+ break; -+ } - default: - break; - } --- files/mysql_auth.sql (revision 424149) +++ files/mysql_auth.sql (nonexistent) @@ -1,10 +0,0 @@ -CREATE TABLE `vhosts_secure`( - vhost_secure_id bigint(20) NOT NULL AUTO_INCREMENT, - vhost_secure_username varchar(255) NOT NULL, - vhost_secure_password varchar(255) NOT NULL, - vhost_secure_realm varchar(255) NOT NULL - PRIMARY KEY (vhost_secure_id), - INDEX i_username (vhost_secure_username), - INDEX i_password (vhost_secure_password), - INDEX i_realm (vhost_secure_realm) -); --- files/patch-src_mod__fastcgi.c (revision 424149) +++ files/patch-src_mod__fastcgi.c (nonexistent) @@ -1,12 +0,0 @@ ---- src/mod_fastcgi.c.orig 2016-08-07 17:19:10 UTC -+++ src/mod_fastcgi.c -@@ -3257,7 +3257,8 @@ SUBREQUEST_FUNC(mod_fastcgi_handle_subre - } - } - -- return (0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb)) -+ return ((0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb)) -+ && hctx->state != FCGI_STATE_CONNECT_DELAYED) - ? fcgi_send_request(srv, hctx) - : HANDLER_WAIT_FOR_EVENT; - } --- files/patch-src_mod__proxy.c (revision 424149) +++ files/patch-src_mod__proxy.c (nonexistent) @@ -1,34 +0,0 @@ ---- src/mod_proxy.c.orig 2016-07-31 12:42:39 UTC -+++ src/mod_proxy.c -@@ -854,7 +854,20 @@ static handler_t proxy_write_request(ser - - if (hctx->wb->bytes_out == hctx->wb_reqlen) { - fdevent_event_clr(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_OUT); -- shutdown(hctx->fd, SHUT_WR);/* future: remove if HTTP/1.1 request */ -+ #if (defined(__APPLE__) && defined(__MACH__)) \ -+ || defined(__FreeBSD__) || defined(__NetBSD__) \ -+ || defined(__OpenBSD__) || defined(__DragonflyBSD__) -+ /*(*BSD stack on remote might signal POLLHUP and remote -+ * might treat as socket error instead of half-close)*/ -+ #else -+ /*(remote could be different machine running affected OS, -+ * so only issue shutdown for known local sockets)*/ -+ if ( '/' == host->host->ptr[0] -+ || buffer_is_equal_string(host->host, CONST_STR_LEN("127.0.0.1")) -+ || buffer_is_equal_string(host->host, CONST_STR_LEN("::1"))) { -+ shutdown(hctx->fd, SHUT_WR);/* future: remove if HTTP/1.1 request */ -+ } -+ #endif - proxy_set_state(srv, hctx, PROXY_STATE_READ); - } else { - off_t wblen = hctx->wb->bytes_in - hctx->wb->bytes_out; -@@ -992,7 +1005,8 @@ SUBREQUEST_FUNC(mod_proxy_handle_subrequ - } - } - -- return (0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb)) -+ return ((0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb)) -+ && hctx->state != PROXY_STATE_CONNECT) - ? proxy_send_request(srv, hctx) - : HANDLER_WAIT_FOR_EVENT; - } --- files/patch-src_mod__scgi.c (revision 424149) +++ files/patch-src_mod__scgi.c (nonexistent) @@ -1,34 +0,0 @@ ---- src/mod_scgi.c.orig 2016-08-07 12:39:31 UTC -+++ src/mod_scgi.c -@@ -2438,7 +2438,20 @@ static handler_t scgi_write_request(serv - - if (hctx->wb->bytes_out == hctx->wb_reqlen) { - fdevent_event_clr(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_OUT); -- shutdown(hctx->fd, SHUT_WR); -+ #if (defined(__APPLE__) && defined(__MACH__)) \ -+ || defined(__FreeBSD__) || defined(__NetBSD__) \ -+ || defined(__OpenBSD__) || defined(__DragonflyBSD__) -+ /*(*BSD stack on remote might signal POLLHUP and remote -+ * might treat as socket error instead of half-close)*/ -+ #else -+ /*(remote could be different machine running affected OS, -+ * so only issue shutdown for known local sockets)*/ -+ if ( '/' == host->host->ptr[0] -+ || buffer_is_equal_string(host->host, CONST_STR_LEN("127.0.0.1")) -+ || buffer_is_equal_string(host->host, CONST_STR_LEN("::1"))) { -+ shutdown(hctx->fd, SHUT_WR); -+ } -+ #endif - scgi_set_state(srv, hctx, FCGI_STATE_READ); - } else { - off_t wblen = hctx->wb->bytes_in - hctx->wb->bytes_out; -@@ -2585,7 +2598,8 @@ SUBREQUEST_FUNC(mod_scgi_handle_subreque - } - } - -- return (0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb)) -+ return ((0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb)) -+ && hctx->state != FCGI_STATE_CONNECT) - ? scgi_send_request(srv, hctx) - : HANDLER_WAIT_FOR_EVENT; - } --- pkg-plist (revision 424149) +++ pkg-plist (working copy) @@ -2,8 +2,8 @@ @sample etc/lighttpd/modules.conf.sample @sample etc/lighttpd/conf.d/access_log.conf.sample @sample etc/lighttpd/conf.d/auth.conf.sample +@sample etc/lighttpd/conf.d/cgi.conf.sample @sample etc/lighttpd/conf.d/cml.conf.sample -@sample etc/lighttpd/conf.d/cgi.conf.sample @sample etc/lighttpd/conf.d/compress.conf.sample @sample etc/lighttpd/conf.d/debug.conf.sample @sample etc/lighttpd/conf.d/dirlisting.conf.sample @@ -28,9 +28,14 @@ lib/lighttpd/mod_accesslog.so lib/lighttpd/mod_alias.so lib/lighttpd/mod_auth.so +lib/lighttpd/mod_authn_file.so +lib/lighttpd/mod_authn_gssapi.so +lib/lighttpd/mod_authn_ldap.so +lib/lighttpd/mod_authn_mysql.so lib/lighttpd/mod_cgi.so lib/lighttpd/mod_cml.so lib/lighttpd/mod_compress.so +lib/lighttpd/mod_deflate.so lib/lighttpd/mod_dirlisting.so lib/lighttpd/mod_evasive.so lib/lighttpd/mod_evhost.so @@ -38,6 +43,7 @@ lib/lighttpd/mod_extforward.so lib/lighttpd/mod_fastcgi.so lib/lighttpd/mod_flv_streaming.so +lib/lighttpd/mod_geoip.so lib/lighttpd/mod_indexfile.so lib/lighttpd/mod_magnet.so lib/lighttpd/mod_mysql_vhost.so @@ -53,6 +59,7 @@ lib/lighttpd/mod_staticfile.so lib/lighttpd/mod_status.so lib/lighttpd/mod_trigger_b4_dl.so +lib/lighttpd/mod_uploadprogress.so lib/lighttpd/mod_userdir.so lib/lighttpd/mod_usertrack.so lib/lighttpd/mod_webdav.so