diff options
author | initial.commit <initial.commit@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-07-27 00:38:33 +0000 |
---|---|---|
committer | initial.commit <initial.commit@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-07-27 00:38:33 +0000 |
commit | 584cd5cbd7be997400ccb8db24ae5410b0b88117 (patch) | |
tree | 083e5f1f48d019e0f07b96fef7179483df53c823 /third_party/lighttpd | |
parent | f5b16fed647e941aa66933178da85db2860d639b (diff) | |
download | chromium_src-584cd5cbd7be997400ccb8db24ae5410b0b88117.zip chromium_src-584cd5cbd7be997400ccb8db24ae5410b0b88117.tar.gz chromium_src-584cd5cbd7be997400ccb8db24ae5410b0b88117.tar.bz2 |
Add third_party to the repository.
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@19 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'third_party/lighttpd')
80 files changed, 2743 insertions, 0 deletions
diff --git a/third_party/lighttpd/COPYING.LIGHTTPD b/third_party/lighttpd/COPYING.LIGHTTPD new file mode 100644 index 0000000..1333e45 --- /dev/null +++ b/third_party/lighttpd/COPYING.LIGHTTPD @@ -0,0 +1,31 @@ + + +Copyright (c) 2004, Jan Kneschke, incremental + All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +- Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +- Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +- Neither the name of the 'incremental' nor the names of its contributors may + be used to endorse or promote products derived from this software without + specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF +THE POSSIBILITY OF SUCH DAMAGE. + diff --git a/third_party/lighttpd/COPYING.OPENSSL b/third_party/lighttpd/COPYING.OPENSSL new file mode 100644 index 0000000..ff99d97 --- /dev/null +++ b/third_party/lighttpd/COPYING.OPENSSL @@ -0,0 +1,127 @@ + + LICENSE ISSUES + ============== + + The OpenSSL toolkit stays under a dual license, i.e. both the conditions of + the OpenSSL License and the original SSLeay license apply to the toolkit. + See below for the actual license texts. Actually both licenses are BSD-style + Open Source licenses. In case of any license issues related to OpenSSL + please contact openssl-core@openssl.org. + + OpenSSL License + --------------- + +/* ==================================================================== + * Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * openssl-core@openssl.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.openssl.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + Original SSLeay License + ----------------------- + +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * + * This package is an SSL implementation written + * by Eric Young (eay@cryptsoft.com). + * The implementation was written so as to conform with Netscapes SSL. + * + * This library is free for commercial and non-commercial use as long as + * the following conditions are aheared to. The following conditions + * apply to all code found in this distribution, be it the RC4, RSA, + * lhash, DES, etc., code; not just the SSL code. The SSL documentation + * included with this distribution is covered by the same copyright terms + * except that the holder is Tim Hudson (tjh@cryptsoft.com). + * + * Copyright remains Eric Young's, and as such any Copyright notices in + * the code are not to be removed. + * If this package is used in a product, Eric Young should be given attribution + * as the author of the parts of the library used. + * This can be in the form of a textual message at program startup or + * in documentation (online or textual) provided with the package. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + diff --git a/third_party/lighttpd/CygBZ2-1.dll b/third_party/lighttpd/CygBZ2-1.dll Binary files differnew file mode 100644 index 0000000..bbfec9e --- /dev/null +++ b/third_party/lighttpd/CygBZ2-1.dll diff --git a/third_party/lighttpd/CygCrypt-0.dll b/third_party/lighttpd/CygCrypt-0.dll Binary files differnew file mode 100644 index 0000000..6d11e42 --- /dev/null +++ b/third_party/lighttpd/CygCrypt-0.dll diff --git a/third_party/lighttpd/CygCrypto-0.9.8.dll b/third_party/lighttpd/CygCrypto-0.9.8.dll Binary files differnew file mode 100644 index 0000000..f93660b --- /dev/null +++ b/third_party/lighttpd/CygCrypto-0.9.8.dll diff --git a/third_party/lighttpd/CygLBER-2-3-0.dll b/third_party/lighttpd/CygLBER-2-3-0.dll Binary files differnew file mode 100644 index 0000000..9f1a86c --- /dev/null +++ b/third_party/lighttpd/CygLBER-2-3-0.dll diff --git a/third_party/lighttpd/CygLDAP-2-3-0.dll b/third_party/lighttpd/CygLDAP-2-3-0.dll Binary files differnew file mode 100644 index 0000000..ec6c72b --- /dev/null +++ b/third_party/lighttpd/CygLDAP-2-3-0.dll diff --git a/third_party/lighttpd/CygLightCOMP.dll b/third_party/lighttpd/CygLightCOMP.dll Binary files differnew file mode 100644 index 0000000..334f312 --- /dev/null +++ b/third_party/lighttpd/CygLightCOMP.dll diff --git a/third_party/lighttpd/CygMinires.dll b/third_party/lighttpd/CygMinires.dll Binary files differnew file mode 100644 index 0000000..7148c3a --- /dev/null +++ b/third_party/lighttpd/CygMinires.dll diff --git a/third_party/lighttpd/CygPCRE-0.dll b/third_party/lighttpd/CygPCRE-0.dll Binary files differnew file mode 100644 index 0000000..c8fa94d --- /dev/null +++ b/third_party/lighttpd/CygPCRE-0.dll diff --git a/third_party/lighttpd/CygSASL2-2.dll b/third_party/lighttpd/CygSASL2-2.dll Binary files differnew file mode 100644 index 0000000..06ee422 --- /dev/null +++ b/third_party/lighttpd/CygSASL2-2.dll diff --git a/third_party/lighttpd/CygSSL-0.9.8.dll b/third_party/lighttpd/CygSSL-0.9.8.dll Binary files differnew file mode 100644 index 0000000..e182c32 --- /dev/null +++ b/third_party/lighttpd/CygSSL-0.9.8.dll diff --git a/third_party/lighttpd/CygZ.dll b/third_party/lighttpd/CygZ.dll Binary files differnew file mode 100644 index 0000000..c94d66c --- /dev/null +++ b/third_party/lighttpd/CygZ.dll diff --git a/third_party/lighttpd/LightTPD-Angel.exe b/third_party/lighttpd/LightTPD-Angel.exe Binary files differnew file mode 100644 index 0000000..2d7bf0a --- /dev/null +++ b/third_party/lighttpd/LightTPD-Angel.exe diff --git a/third_party/lighttpd/LightTPD.exe b/third_party/lighttpd/LightTPD.exe Binary files differnew file mode 100644 index 0000000..88e894b --- /dev/null +++ b/third_party/lighttpd/LightTPD.exe diff --git a/third_party/lighttpd/NEWS.LIGHTTPD b/third_party/lighttpd/NEWS.LIGHTTPD new file mode 100644 index 0000000..1a872b9 --- /dev/null +++ b/third_party/lighttpd/NEWS.LIGHTTPD @@ -0,0 +1,784 @@ + +==== +NEWS +==== + +- 1.4.19 - 2008-03-10 + + * added support for If-Range: <date> (#1346) + * added support for matching $HTTP["scheme"] in configs + * fixed initgroups() called after chroot (#1384) + * fixed case-sensitive check for Auth-Method (#1456) + * execute fcgi app without /bin/sh if used as argument to spawn-fcgi (#1428) + * fixed a bug that made /-prefixed extensions being handled also when + matching the end of the uri in fcgi,scgi and proxy modules (#1489) + * print error if X-LIGHTTPD-send-file cannot be done; reset header + Content-Length for send-file. Patches by Stefan Buehler + * prevent crash in certain php-fcgi configurations (#841) + * add IdleServers and Scoreboard directives in ?auto mode for mod_status (#1507) + * open log immediately after daemonizing, fixes SIGPIPEs on startup (#165) + * HTTPS env var should be "on" when using mod_extforward and the X-Forwarded-Proto header is set. (#1499) + * generate ETag and Last-Modified headers for mod_ssi based on newest modified include (#1491) + * support letterhomes in mod_userdir (#1473) + * support chained proxies in mod_extforward (#1528) + * fixed bogus "cgi died ?" if we kill the CGI process on shutdown + * fixed ECONNRESET handling in network-openssl + * fixed handling of EAGAIN in network-linux-sendfile (#657) + * reset conditional cache (#1164) + * create directories in mod_compress (was broken with alias/userdir) (#1027) + * fixed out of range access in fd array (#1562, #372) (CVE-2008-0983) + * mod_compress should check if the request is already handled, e.g. by fastcgi (#1565) + * remove broken workaround for buggy Opera version with ssl/chunked encoding (#285) + * generate etag/last-modified header for on-the-fly-compressed files (#1171) + * req-method OPTIONS: do not insert default response if request was denied, do not deny OPTIONS by default (#1324) + * fixed memory leak on windows (#1347) + * fixed building outside of the src dir (#1349) + * fixed including of stdint.h/inttypes.h in etag.c (#1413) + * do not add Accept-Ranges header if range-request is disabled (#1449) + * log the ip of failed auth tries in error.log (enhancement #1544) + * fixed RoundRobin in mod_proxy (#516) + * check for symlinks after successful pathinfo matching (#1574) + * fixed mod-proxy.t to run with a builddir outside of the src dir + * do not suppress content on "307 Temporary Redirect" (#1412) + * fixed Content-Length header if response body gets removed in connections.c (#1412, part 2) + * do not generate a "Content-Length: 0" header for HEAD requests, added test too + * remove compress cache file if compression or write failed (#1150) + * fixed body handling of status 300 requests + * spawn-fcgi: only try to connect to unix socket (not tcp) before spawning (#1575) + * fix sending source of cgi script instead of 500 error if fork fails (CVE-2008-1111) + * fix min-procs handling in mod_scgi.c, just set to max-procs (patch from #623) + * fix sending "408 - Timeout" instead of "410 - Gone" for timedout urls in mod_secdownload (#1440) + * workaround #1587: require userdir.path to be set to enable mod_userdir (empty string allowed) (CVE-2008-1270) + * make configure checks for --with-pcre, --with-zlib and --with-bzip2 failing if the headers aren't found + * fixed handling of waitpid() == EINTR mod_ssi on solaris + +- 1.4.18 - 2007-09-09 + + * fixed compile error on IRIX 6.5.x on prctl() (#1333) + * fixed forwarding a SIGINT and SIGHUP when using max-workers (#902) + * fixed FastCGI header overrun in mod_fastcgi (reported by mattias@secweb.se) + * fixed hanging redirects with keep-alive due to missing + "Content-Length: 0" headers + * fixed crashing when using undefined environment variables in the config + * fixed compilation of mod_mysql_vhost on irix (#1341) + +- 1.4.17 - 2007-08-29 + + * added dir-listing.set-footer in mod_dirlisting (#1277) + * added sending UID and PID for SIGTERM and SIGINT to the logs + * fixed hardcoded font-sizes in mod_dirlisting (#1267) + * fixed different ETag length on 32/64 platforms (#1279) + * fixed compression of files < 128 bytes by disabling compression (#1241) + * fixed mysql server reconnects (#518) + * fixed disabled keep-alive for dynamic content with HTTP/1.0 (#1166) + * fixed crash on mixed EOL sequences in mod_cgi + * fixed key compare (#1287) + * fixed invalid char in header values (#1286) + * fixed invalid "304 Not Modified" on broken timestamps + * fixed endless loop on shrinked files with sendfile() on BSD (#1289) + * fixed counter overrun in ?auto in mod_status (#909) + * fixed too aggresive caching of nested conditionals (#41) + * fixed possible overflow in unix-socket path checks on BSD (#713) + * fixed extra Content-Length header on 1xx, 204 and 304 (#1002) + * fixed handling of duplicate If-Modified-Since to return 304 + * fixed extracting status code from NPH scripts (#1125) + * fixed prctl() usage (#1310) + * removed config-check if passwd files exist (#1188) + * fixed crash when etags are disabled but the client sends one (#1322) + * fixed crash when freeing the config in mod_alias + * fixed server.error-handler-404 breakage from 1.4.16 (#1270) + * fixed entering 404-handler from dynamic content (#948) + * added more debug infos for FAM based stat-cache + * use more LSB like paths in the sample config (#1242) + +- 1.4.16 - 2007-07-25 + + * added static-file.etags, etag.use-inode, etag.use-mtime, etag.use-size + to customize the generation of ETags for static files. (#1209) + (patch by <Yusufg@gmail.com>) + * fixed typecast of NULL on execl() (#1235) + (patch by F. Denis) + * fixed circumventing url.access-deny by trailing slash (#1230) + * fixed crash on duplicate headers with trailing WS (#1232) + * fixed accepting more connections then requested (#1216) + * fixed mem-leak in mod_auth (reported by Stefan Esser) + * fixed crash with md5-sess and cnonce not set in mod_auth (reported by Stefan Esser) + * fixed missing check for base64 encoded string in mod_auth and Basic auth + (reported by Stefan Esser) + * fixed possible crash in Auth-Digest header parser on trailing WS in + mod_auth (reported by Stefan Esser) + * fixed check on stale errno values, which broke handling of broken fastcgi + applications. (#1245) + * fixed crash on 32bit archs when debug-msgs are printed in mod_scgi, mod_fastcgi + and mod_webdav (#1263) + +- 1.4.15 - 2007-04-13 + + * fixed broken Set-Cookie headers + +- 1.4.14 - 2007-04-13 + + * fix crash if gethostbyaddr() failed on redirect [1718] + * properly handle 206 responses generated by *cgi scripts. (#755) [1716] + * added HTTPS=on to the environment of cgi scripts (#861) [1684] + * fix handling of 303 (#1045) [1678] + * made the configure check for lua more portable [1677] + * added mod_extforward module [1665] + * references to the fam stat cache engine should be conditional (#1039) [1664] + * fix http 500 errors (colin.stephen/at/o2.com) #1041 [1663] + * prevent wrong pidfile unlinking on graceful restart (Chris Webb) [1656] + * ignore empty packets from STDERR stream. #998 + * fix a crash for files with an mtime of 0 reported by cubiq on irc [1519] + CVE-2007-1870 + * allow empty passwords with ldap (Jörg Sonnenberger) [1516] + * mod_scgi.c segfault fix #964 [1501] + * Added round-robin support to mod_fastcgi [1500] + * Handle DragonFlyBSD the same way as Freebsd (Jörg Sonnenberger) [1492,1676] + * added now and weeks support to mod_expire. #943 + * fix cpu hog in certain requests [1473] CVE-2007-1869 + * fix for handling hostnames with trailing dot [1406] + * fixed header-injection via server.tag (#1106) + * disabled caching of files without a content-type to solve the + aggressive caching of FF + * remove trailing white-spaces from HTTP-requests before parsing (#1098) + * fixed accesslog.use-syslog in a conditional and the caching of the + accesslog for files (fixes #1064) + * fixed various crashes at startup on broken accesslog.format strings (#1000) + * fixed handling of %% in accesslog.format + * fixed conditional dir-listing.exclude (#930) + * reduced default PATH_MAX to 255 (#826) + * ECONNABORTED is not known on cygwin (#863) + * fixed crash on url.redirect and url.rewrite if %0 is used in a global context + (#800) + * fixed possible crash in debug-message in mod_extforward + * fixed compilation of mod_extforward on glibc < 2.3.4 + * fixed include of empty in the configfiles (#1076) + * send SIGUSR1 to fastcgi children before SIGTERM. libfcgi wants SIGUSR1. (#737) + * fixed missing AUTH_TYPE entry in the fastcgi environment. (#889) + * fixed compilation in network_writev.c on MacOS X 10.3.9 (#903) + * added kill-signal as another setting for fastcgi backends. See the wiki for more. + +- 1.4.13 - 2006-10-09 + + * added initgroups in spawn-fcgi (#871) + * added apr1 support htpasswd in mod-auth (#870) + * added lighty.stat() to mod_magnet + * fixed segfault in splitted CRLF CRLF sequences + (introduced in 1.4.12) (#876) + * fixed compilation of LOCK support in mod-webdav + * fixed fragments in request-URLs (#869) + * fixed pkg-config check for lua5.1 on debian + * fixed Content-Length = 0 on HEAD requests without + a known Content-Length (#119) + * fixed mkdir() forcing 0700 (#884) + * fixed writev() on FreeBSD 4.x and older (#875) + * removed warning about a 404-error-handler + returned 404 + * backported and fixed the buildsystem changes for + webdav locks + * fixed plugin loading so we can finally load lua + extensions in mod_magnet scripts + * fixed large uploads if xattr is enabled + +- 1.4.12 - 2006-09-23 + + * added experimental LOCK support for webdav + * added Content-Range support for PUT in webdav + * added support for += on empty arrays in config-files + * added ssl.cipher-list and ssl.use-sslv2 + * added $HTTP["querystring"] conditional + * added mod_magnet as long-term replacement for mod_cml + * added work-around for a Opera Bug with SSL + Chunked-Encoding + * changed --print-config to print to stdout instead of stderr + * changed no longer use 0600 for new files with webdav. umask is + honored. Make sure you have set a proper umask. + * fixed upload hangs with SSL + * fixed connection drops with SSL (aka bad retry) + * fixed path traversal with \ on cygwin + * fixed mem-leak in mod_flv_streaming + * fixed required trailing newline in configfiles (#142) + * fixed quoting the autoconf files (#466) + * fixed empty Host: + $HTTP["host"] handling (#458) + * fixed handling of If-Modified-Since if ETag is not set + * fixed default-shell if SHELL is not set (#441) + * fixed appending and assigning of env.* vars + * fixed empty FCGI_STDERR packets + * fixed conditional server.allow-http-11 + * fixed handling of follow-symlink + lstat() + * fixed SIGHUP handling if max-workers is used + * fixed "Software caused connection abort" messages on FreeBSD + +- 1.4.11 - 2006-03-09 + + * added ability to specify which ip address spawn-fci listens on + (agkr/at/pobox.com) + * added mod_flv_streaming to streaming Flash Movies efficiently + * fixed handling of error codes returned by mod_dav_svn behing a + mod_proxy + * fixed error-messages in mod_auth and mod_fastcgi + * fixed re-enabling overloaded local fastcgi backends + * fixed handling of deleted files in linux-sendfile + * fixed compilation on BSD and MacOSX + * fixed $SERVER["socket"] on a already bound socket + * fixed local source retrieval on windows + (secunia) + * fixed hanging cgi if remote side is dieing while reading + from the pipe (sandy/at/meebo.com) + +- 1.4.10 - 2006-02-08 + + * added docs for mod_dirlisting + * added fastcgi.map-extensions to mod_fastcgi + * fixed load balancing for mod_fastcgi + * fixed extra newline for syslog() in mod_accesslog + * fixed user-track cookie for IE in mod_usertrack + * fixed crash in digest handling in mod_auth + * fixed handling of 301 response-bodies from a mod_proxy backend + * fixed loading of base modules if server.modules is not set + * fixed broken cgi if mod_scgi is loaded + +- 1.4.9 - 2006-01-14 + + * added server.core-files option (sandy <sandy/at/meebo.com>) + * added docs for mod_status + * added mod_evasive to limit the number of connections by IP (<w1zzard/at/techpowerup.com>) + * added the power-magnet to mod_cml + * added internal statistics to mod_fastcgi + * added server.statistics-url to get internal statistics from mod_status + * added support for conditional range-requests through If-Range + * added static building via scons + * fixed 100% cpu loops in mod_cgi ("sandy" <sjen/at/cs.stanford.edu>) + * fixed handling for secure-download.timeout (jamis/at/37signals.com) + * fixed IE bug in content-charset in the output of mod_dirlisting (sniper/at/php.net) + * fixed typos and language in the docs (ryan-2005/at/ryandesign.com) + * fixed assertion in mod_cgi on HEAD request is Content-Length (<sandy/at/meebo.com>) + * fixed handling if equal but duplicate If-Modified-Since request headers + * fixed endless loops in mod_fastcgi if backend is dead + * fixed Depth: 1 handling in PROPFIND requests on empty dirs + * fixed encoding of UTF8 encoded dirlistings (Jani Taskinen <sniper/at/iki.fi>) + * fixed initial bind to a unix-domain socket through server.bind + * fixed handling of lowercase filesystems + * fixed duplicate request headers cause by mod_setenv + +- 1.4.8 - 2005-11-23 + + * added auto-reconnect to ldap-server in mod_auth + (joerg/at/netbsd.org) + * changed auth.ldap-cafile to be optional + (joerg/at/netbsd.org) + * added strip_request_uri in mod_fastcgi + * added more X-* headers to mod_proxy + (Ben Grimm <bengrimm/at/gmail.com>) + * added 'debug' to simple-vhost to suppress the + (mod_simple_vhost.c.157) No such file or directory /servers/ww.lighttpd.net/pages/ + messages by default + * added support to let the server listen on UNIX-socket + * changed default stat-cache-engine to 'simple' + * removed debian/ dir from source package on request by packager + * fixed max-age timestamps in mod_expire + * fixed encoding the filenames in PROPFIND in mod_webdav + * fixed range request handling in network_writev + * fixed retry on connect error in mod_fastcgi + (Robert G. Jakabosky <bobby/at/alphatrade.com>) + * fixed possible crash in mod_webdav if sqlite3 support + is available but not use + * fixed fdvent-handler init if server.max-worker was used + (Siddharth Vijayakrishnan <mail/at/bluefireworks.net>) + * fixed missing cleanup in mysql_vhost + * fixed assert() in "connections.c:962: + connection_handle_read_state: Assertion 'c->mem->used' failed." + * fixed 64bit issue in md5 + * fixed crash in mod_status + * fixed duplicate headers in mod_proxy + * fixed Content-Length in HEAD request in mod_proxy + * fixed unsigned/signed comparisions + * fixed streaming in mod_cgi + * fixed possible overflow in password-salt handling + (reported on slashdot by james-web/at/and.org) + * fixed server-traffic-limit if connection limit is not set + +- 1.4.7 - 2005-11-02 + + * added FD_CLOEXEC to fds which are kept open for a longer time + * added smaller, moving mmaped windows to network_writev + * added madvise() to instruct the kernel the do proper read-ahead in network_writev + * added support for %I in mod_accesslog + * added better compat to Apache for ?auto in mod_status + * added support for userdirs without a entry in /etc/passwd in mod_userdir + (rob/at/inversepath.com) + * added startup-time selectable network-backend + * added location of upload-files to config as array + * added webdav.log-xml for logging xml-content in mod_webdav + * added Cache-Control: max-age to mod_expire + * workaround missing client-bug by assuming we received a close-notify on + non-keep-alive requests in SSL request + * disabled kerberos5 support by default to fix compilation on RHEL + * fixed order of library checks to fix compilation on Solaris 9 + * fixed open file-descriptors on read-error + * fixed crash if /var/tmp is not writable + +- 1.4.6 - 2005-10-09 + + * fixed compilation on MacOS X and cygwin + * fixed compressed output if caching was disabled (seen in IE and Opera) + * fixed range-request option + * fixed mysql-vhost module (was broken in 1.4.5) + * fixed false positive in the detection of case-insensitive FS + +- 1.4.5 - 2005-10-02 + + * added all DeltaV methods as known methods + * added buffer-to-disk of request content + * added warning for unused variables in conditionals + * added global index-generators to mod_indexfile + * fixed caching for remote-ip conditionals with keep-alive + * fixed redirects with content + * fixed infinite loop in exec-cmd in mod_ssi + * fixed segfault in config handling for mod_mysql_vhost + * fixed segfault on FIFOs/Sockets + * fixed possible crash on uninit memory if If-Modified-Since was too long + * fixed accounting of mem-chunks + * fixed starving of connections on high load + * fixed crc errors in mod_compress on 64bit platforms + * fixed handling of overlapping fastcgi packets (bug added in 1.4.4) + * fixed logic of conditionals if a header was not set + * fixed a segfault in mod_rewrite if %1 references were used + * fixed handling of empty request URIs in HTTP requests + +- 1.4.4 - 2005-09-16 + * added support for %V in mod_accesslog + * added a option for a FastCGI responser to send static files + * added md5 and blowfish hashes to htpasswd + * fixed METHOD in mod_accesslog of WebDAV methods + * fixed check for permission before files in sent + * fixed mod-proxy and content for non-POST requests + * fixed compilation of mod_cml on MacOS X + * fixed SSL errmsg after accept() + * fixed memleak in stat-cache + * fixed aborted connections if file was moved while in transfer + * fixed mem-usage for large FastCGI transfers + +- 1.4.3 - 2005-09-01 + + * added gracefull shutdown + * added server.max-connections + * fixed compilation on all BSD platforms + * fixed init of kqueue and /dev/poll after daemonize + * fixed segfault if select() is event-handler and more than FD_SETSIZE + fds are opened + * fixed compilation of mod_cml + * fixed bin-copy-env in mod_fastcgi + +- 1.4.2 - 2005-08-29 + + * fixed mimetype detection on uppercase extensions + * fixed memleak in stat-cache + * fixed infinite loop in mod_cgi + * fixed alignment crashes on sparc64 and alpha64 + * fixed test system for gentoo ebuild + * fixed infinite loop in SSL + * fixed range request for files > 2Gb + +- 1.4.1 - 2005-08-22 + + * added a complete Class 1 complient mod_webdav + * fixed ssl support (especially on OpenBSD) + * fixed response header in body problem in mod_cgi + * fixed numbers before body problem + * fixed compilation on Solaris and FreeBSD + * fixed conditional options in mod_dirlisting + * fixed segfault in mod_dirlisting for NFS directories + * fixed check for docroot in change-root environments + +- 1.4.0 - 2005-08-17 + + * added nested conditionals + * added remote-ip to $HTTP + * added support for stat-cache via FAM + * added a read-only WebDAV module + * fixed cleanup in mod_proxy and mod_fastcgi + * fixed handling of filenames on case-insensitive filesystems + +- 1.3.16 - 2005-07-31 + + * added Date: headers to dynamic HTTP/1.0 requests + * added support for OPTION * HTTP/1.1 + * added support for accesslog to syslog + * added support for PATH_INFO guessing if check-local is disabled in + mod_fastcgi + * added switch to disable range-requests + * added valid-user option for mod_auth (tigger at gentoo.org) + * added JavaScript based sorting to mod_status (erik) + * added selective TCP_CORK (Christian von Roques) + * break up endless loops with Status: 500 + * fixed endless loops in mod_rewrite + * mapped url.rewrite and url.rewrite-final to uri.rewrite-once + * fixed compilation for mod_trigger_b4_dl + * fixed 'can't reach host' in mod_proxy + * error-handler-404 defaults to Status: 200 and static files work now + +- 1.3.15 - 2005-07-15 + + * added mod_cml + * added mod_trigger_b4_dl + * added encoding to mod_dirlisting + * added ?auto to mod_status + * relaxed handling of characters in URIs even more + * fixed detection of sendfile() on Linux 2.4.x + * fixed comparision of buffers for short strings + * server.errorfile-prefix is now conditional + * fixed mod_rrdtool to close STDERR + +- 1.3.14 - 2005-06-15 + + * added SCGI support via mod_scgi + * added hash-based and round-robin load balancing to mod_proxy + * fixed range requests larger than 2Gb + * fixed compilation on Solaris + * fixed endless loops in mod_fastcgi, mod_cgi and mod_proxy + * fixed handling of URIs for '+' and characters > 127 + +- 1.3.13 - 2005-03-06 + + * added customizable directory listings + * fixed compile error on all BSD unixes + * fixed PATHINFO handling for FastCGI + * fixed handling of remote-close on FreeBSD and OpenSSL + +- 1.3.12 - 2005-03-02 + + * added ssl.ca-file + * added support for \n\n as terminator + * rewrote test-framework and added more tests + * fixed cgi.assign with empty handler + * fixed segfault in debug-code + * fixed mod_expire if modification-timestamps are used + * fixed segfault on duplication Host-headers + * fixed endless loop in mod_fastcgi + * fixed handling of dead fastcgi-processes + +- 1.3.11 - 2005-02-20 + + * added REMOTE_PORT and SERVER_ADDR to CGI-env + * relaxed handling of newlines before keep-alive requests + * relaxed uri-parser again + * fixed PHP_SELF for php + * fixed compilation on MacOS X + * fixed handling of EPIPE and ECONNRESET + * fixed crash in mod_auth if config-options are missing + * fixed handling of missing trailing / in mod_userdir + * fixed conditional secdownload.secret + * fixed REPORT ME error due to failed reconnects in mod_fastcgi + * fixed cmdline handling in mod_fastcgi + +- 1.3.10 - 2005-02-06 + + * added support for full commandline in spawn-fcgi + * fixed missing check for IP-address in mod_fastcgi + * fixed compile error with openssl in mod_fastcgi + * removed a debug-message from network-functions + +- 1.3.9 - 2005-02-06 + + * added a stricter URI parser + * added a check to the CGI spawner if the cgi-handler exists + * added documentation for SSL and mod_status + * added handling of startup environment to FastCGI + * improved performance in FastCGI in buildind the FastCGI header + * fixed min-procs and max-procs in FastCGI on PowerPC + * fixed crash in setenv.add-response-header + * fixed handling of nph-scripts in CGI + * fixed accidently sending out physical file in CGI on error + * fixed cygwin support + * fixed handling of missing files + * fixed HEAD requests for dynamic requests + +- 1.3.8 - 2005-01-30 + + * added traffic shaping by remote host and virtual server + * added auto-spawning of FastCGI process on demand + * added virtual host based on MySQL + * added mod_setenv to add envirnoment and http headers on the fly + * added support for syslog in mod_accesslog + * improved output of mod_status + * improved debug output in request handling + * fixed build problems on netbsd 1.4.x and 1.5.x + * fixed status.url configuration + * fixed handling of != and !~ in configutation + * fixed special cases in keep-alive handling + * fixed timeout handling in handling POST requests + * fixed mode AUTHORIZER in FastCGI + * fixed handling if internal redirects if no Host: is supplied + * fixed mod_alias + pathinfo + * fixed directory indexes and permissions + * enabled sending errorlog to syslog again + +- 1.3.7 - 2004-12-11 + + * added retries for a fastcgi connect if a php-childs + dies at startup + * update the debian directory + * added setgroups() to drop all group-privs + * added native port to windows via mingw32 + * added server.tag = '...' + * added support for ${...} in mod_ssi + * ported all plugins to conditional support + * fixed multipart handling in cgi + * fixed kqueue event-handler + * fixed wrap-around in mod_status + * fixed crash with SSL + FastCGI + * fixed detection of SSL headers + * fixed handling of dangling SSL_shutdown + * fixed detection of keep-alive of Firefox + +- 1.3.6 - 2004-11-03 + + * added spawn-fcgi to the distribution + * added support in fastcgi module to spawn fastcgi + processes itself + * fixed logfile cycling if external logging is used + * fixed connection handling in fastcgi if no chunk + encoding is used + * fixed internal redirects on directories if a query + string is supplied + * fixed cgi-module for POST request above 4k + * fixed mod_alias and follow-symlink + +- 1.3.5 - 2004-10-31 + + * added mod_alias + * added mod_userdir + * added the exec command to the SSI handler + * added a switch to disable follow-symlinks + * added a switch to disable IPv6 at compile-time + * fixed compilation on FreeBSD and NetBSD 1.3.x + * fixed segfault in pipelining + * fixed a segfault in writev() handler if LFS is used + +- 1.3.4 - 2004-10-24 + + * added limiter for open files + * added logging of user supplied data to accesslogs + * added build target for OpenWRT + * added plain backend support for auth-digest + * fixed handling the external accesslog processes + * fixed SERVER_NAME in CGI and FastCGI + +- 1.3.3 - 2004-10-16 + + * added support for NL terminators in CGI-scripts + * added support for conditionals in mod_auth, + mod_simple_vhost and mod_evhost + * added a error-handler for 404 codes + * fixed request counter in the rrdtool module + * fixed log-file cycling + * fixed seg-fault + +- 1.3.2 - 2004-09-30 + + * fixed file-cache + +- 1.3.1 - 2004-09-30 + + * fixed file-cache + * fixed parsing of IPv6 adresses + * fixed cgi for cygwin + * fixed test-suite for FreeBSD and IRIX + * fixed handling of shrinked files + * fixed handling of REQUEST_URI after rewrite + +- 1.3.0 - 2004-09-17 + + * added build for MacOS X and Cygwin + * added handling of more than one socket + * added config-conditions for User-Agent and Referer + * added final rewrite-rules + +- 1.2.8 - 2004-09-11 + + * added a cache for mimetypes + * added X-Forwarded-For for mod_proxy + * fixed handling of comments in If-Modified-Since + * fixed error handling in FastCGI code + * fixed expire plugin for second Expire header + +- 1.2.7 - 2004-09-04 + + * added mod_rrdtool for internal statistics + * added xattr support + * added user-controlable timeouts + * improved documentation for many plugins + * fixed POST requests for mod_proxy + * fixed rare hang with CGI + * fixed seg-fault if no configfile is specified + * fixed rare problem in FastCGI header generation + +- 1.2.6 - 2004-08-26 + + * added apache-like accesslog definition + * enabled timestamp cache again + * improved performance in the string compare functions + * fixed double-free in fastcgi handler + * fixed error-handling in cgi handler + +- 1.2.5 - 2004-08-10 + + * added skeleton for solaris 10 port-API + * added compression support even if no cachedir is set + * added conditional configoptions + * fixed compilation on OpenBSD + * fixed kqueue support + * fixed pipelining bug + * fixed parallel build (triggered by Gentoo) + * updated debian postinst + +- 1.2.4 - 2004-07-31 + + * added kqueue support + * added server-side includes (mod_ssi) + * fixed large post uploads in fastcgi + * fixed rt-signals handling of delayed events + +- 1.2.3 - 2004-07-10 + + * added a proxy module for Java and friends + * added support to pass accesslog through an external programm + * added mimetypes for text/css and text/javascript + * fixed index-files for FastCGI if webserver is in chroot + * fixed error messages of CGI process fails to exec() + * fixed detection of pcre on IRIX and FreeBSD + * fixed timestamps in Last-Modified checks + * fixed 64bit builds + * fixed mmap-caching of large files + * relaxed the HTTP parser on empty headerfields + +- 1.2.2 - 2004-06-15 + + * added support for unix domain sockets in FastCGI + * fixed mmap caching + * fixed compile-time check for linux sendfile() + * fixed check for pcre.h on Fedora Core 2 + +- 1.2.1 - 2004-05-30 + + * added experimental support for AIX send_file() + * added an mmap cache to the filehandle cache + * enabled FreeBSD sendfile support again + * added support for calling CGI binaries directly + * fixed pipelining for POST requests + * fixed some seg-faults if no configfile is used + +- 1.2.0 - 2004-05-17 + + * added conforming Expect: handling + * added a module for secure and fast downloading + * rewrote the event handling interface + * fixed array handling which might lead to 'missing header' + * fixed pipelining support + * fixed build of the localizer extension + * fixed cgi handling for headers which are flushed to often + * fixed compilation on Solaris 2.5 + +- 1.1.9 - 2004-04-29 + + * added AUTHORIZER mode to the FastCGI module + * added 'check-local' option to disable local stat() in the FastCGI module + * added prefix-notation for FastCGI module + * added 'mod_usertrack' + * improved CGI/FastCGI spec conformance + * more code cleanup + * fixed HTTP/1.1 chunk headers + * fixed POST handling + * fixed SSL network handler + * fixed writev() network handler + +- 1.1.8 - 2004-04-16 + + * code cleanup + * limiting the size of the request-body and the request-header + * minor speed improvements + * tightend the HTTP-Parser again + +- 1.1.7 - 2004-04-12 + + * added REMOTE_USER to the Server->FastCGI parameters + * added bzip2 compression + * improved the error-messages from the new configfile parser + * fixed accesslog writing for errornous requests + * fixed LFS (64bit filesizes) handling + * fixed Content-Length for HEAD requests + * fixed some memory leaks in the configfile parser + +- 1.1.6 - 2004-04-10 + + * tightend the HTTP-Parser + * rewrote the configfile parser (based on lemon) + * fixed openssl support + * fixed mmap+write support + * use localtime in accesslog if possible + +- 1.1.5 - 2004-04-07 + + * added ldap backend to the auth + * added a mod_expire + * added debian packaging structure + * merged redhat and suse spec-file + * fixed eventhandler for solaris + * fixed 64bit fileoffsets + * fixed permissions of the PID-file + +- 1.1.4 - 2004-04-04 + + * added server.pid-file + * added support for solaris /dev/poll and solaris sendfilev() + * added support for writev() + * added PATHINFO support (again) + * fixed CLF logfile writing + +- 1.1.3 - 2004-03-25 + + * set default event-handler to 'poll' + * fixed logcycling in chroot() + * fixed hostname detection + * added syslog() as fallback for error-logging + +- 1.1.2 - 2004-03-22 + + * added a "docroot" setting for fastcgi processes + * performance improvements + * improved configure script + * rewrote the fastcgi config parser + * added a rc-script for RedHat + * added epoll() support for Linux 2.6.x + +- 1.1.1 - 2004-03-15 + + * added localizer module + * performance improvements + * code cleanup + +- 1.1.0 - 2004-03-06 + + * changed some configuration keys for better readability + * moved the virtual-host code to mod_simple_vhost + * added enhanced virtual host plugin from Christian Kruse + * added two new auth-backends (htpasswd, htdigest) + * fixed and improved authentification + * stricter parsing of the Host: field + * added a warning for unused configuration keys + * improved FastCGI documentation + +- 1.0.3 - 2004-02-13 + + * a startup script has been added (LSB compliant) + * HEAD requests were submitting the content like a GET request + * the virtual directory listing got a face-lifting and fixes + * request-headers are now handled case-in-sensitive as required + by the standard. this fixes POST requests for w3m and some Proxies. + +- 1.0.2 - 2004-02-07 + + * rearrangement of the default configfile + * some updates in the documentation + * a entry in the error-log for a 404 + * stdout is no longer the default for the accesslog diff --git a/third_party/lighttpd/NEWS.OPENSSL b/third_party/lighttpd/NEWS.OPENSSL new file mode 100644 index 0000000..40ded1a --- /dev/null +++ b/third_party/lighttpd/NEWS.OPENSSL @@ -0,0 +1,477 @@ + + NEWS + ==== + + This file gives a brief overview of the major changes between each OpenSSL + release. For more details please read the CHANGES file. + + Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g: + + o Fixes for bugs introduced with 0.9.8f. + + Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f: + + o Add gcc 4.2 support. + o Add support for AES and SSE2 assembly lanugauge optimization + for VC++ build. + o Support for RFC4507bis and server name extensions if explicitly + selected at compile time. + o DTLS improvements. + o RFC4507bis support. + o TLS Extensions support. + + Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e: + + o Various ciphersuite selection fixes. + o RFC3779 support. + + Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d: + + o Introduce limits to prevent malicious key DoS (CVE-2006-2940) + o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343) + o Changes to ciphersuite selection algorithm + + Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c: + + o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339 + o New cipher Camellia + + Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b: + + o Cipher string fixes. + o Fixes for VC++ 2005. + o Updated ECC cipher suite support. + o New functions EVP_CIPHER_CTX_new() and EVP_CIPHER_CTX_free(). + o Zlib compression usage fixes. + o Built in dynamic engine compilation support on Win32. + o Fixes auto dynamic engine loading in Win32. + + Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a: + + o Fix potential SSL 2.0 rollback, CVE-2005-2969 + o Extended Windows CE support + + Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8: + + o Major work on the BIGNUM library for higher efficiency and to + make operations more streamlined and less contradictory. This + is the result of a major audit of the BIGNUM library. + o Addition of BIGNUM functions for fields GF(2^m) and NIST + curves, to support the Elliptic Crypto functions. + o Major work on Elliptic Crypto; ECDH and ECDSA added, including + the use through EVP, X509 and ENGINE. + o New ASN.1 mini-compiler that's usable through the OpenSSL + configuration file. + o Added support for ASN.1 indefinite length constructed encoding. + o New PKCS#12 'medium level' API to manipulate PKCS#12 files. + o Complete rework of shared library construction and linking + programs with shared or static libraries, through a separate + Makefile.shared. + o Rework of the passing of parameters from one Makefile to another. + o Changed ENGINE framework to load dynamic engine modules + automatically from specifically given directories. + o New structure and ASN.1 functions for CertificatePair. + o Changed the ZLIB compression method to be stateful. + o Changed the key-generation and primality testing "progress" + mechanism to take a structure that contains the ticker + function and an argument. + o New engine module: GMP (performs private key exponentiation). + o New engine module: VIA PadLOck ACE extension in VIA C3 + Nehemiah processors. + o Added support for IPv6 addresses in certificate extensions. + See RFC 1884, section 2.2. + o Added support for certificate policy mappings, policy + constraints and name constraints. + o Added support for multi-valued AVAs in the OpenSSL + configuration file. + o Added support for multiple certificates with the same subject + in the 'openssl ca' index file. + o Make it possible to create self-signed certificates using + 'openssl ca -selfsign'. + o Make it possible to generate a serial number file with + 'openssl ca -create_serial'. + o New binary search functions with extended functionality. + o New BUF functions. + o New STORE structure and library to provide an interface to all + sorts of data repositories. Supports storage of public and + private keys, certificates, CRLs, numbers and arbitrary blobs. + This library is unfortunately unfinished and unused withing + OpenSSL. + o New control functions for the error stack. + o Changed the PKCS#7 library to support one-pass S/MIME + processing. + o Added the possibility to compile without old deprecated + functionality with the OPENSSL_NO_DEPRECATED macro or the + 'no-deprecated' argument to the config and Configure scripts. + o Constification of all ASN.1 conversion functions, and other + affected functions. + o Improved platform support for PowerPC. + o New FIPS 180-2 algorithms (SHA-224, -256, -384 and -512). + o New X509_VERIFY_PARAM structure to support parametrisation + of X.509 path validation. + o Major overhaul of RC4 performance on Intel P4, IA-64 and + AMD64. + o Changed the Configure script to have some algorithms disabled + by default. Those can be explicitely enabled with the new + argument form 'enable-xxx'. + o Change the default digest in 'openssl' commands from MD5 to + SHA-1. + o Added support for DTLS. + o New BIGNUM blinding. + o Added support for the RSA-PSS encryption scheme + o Added support for the RSA X.931 padding. + o Added support for BSD sockets on NetWare. + o Added support for files larger than 2GB. + o Added initial support for Win64. + o Added alternate pkg-config files. + + Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l: + + o Introduce limits to prevent malicious key DoS (CVE-2006-2940) + o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343) + + Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k: + + o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339 + + Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j: + + o Visual C++ 2005 fixes. + o Update Windows build system for FIPS. + + Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i: + + o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build. + + Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h: + + o Fix SSL 2.0 Rollback, CVE-2005-2969 + o Allow use of fixed-length exponent on DSA signing + o Default fixed-window RSA, DSA, DH private-key operations + + Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g: + + o More compilation issues fixed. + o Adaptation to more modern Kerberos API. + o Enhanced or corrected configuration for Solaris64, Mingw and Cygwin. + o Enhanced x86_64 assembler BIGNUM module. + o More constification. + o Added processing of proxy certificates (RFC 3820). + + Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f: + + o Several compilation issues fixed. + o Many memory allocation failure checks added. + o Improved comparison of X509 Name type. + o Mandatory basic checks on certificates. + o Performance improvements. + + Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e: + + o Fix race condition in CRL checking code. + o Fixes to PKCS#7 (S/MIME) code. + + Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d: + + o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug + o Security: Fix null-pointer assignment in do_change_cipher_spec() + o Allow multiple active certificates with same subject in CA index + o Multiple X509 verification fixes + o Speed up HMAC and other operations + + Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c: + + o Security: fix various ASN1 parsing bugs. + o New -ignore_err option to OCSP utility. + o Various interop and bug fixes in S/MIME code. + o SSL/TLS protocol fix for unrequested client certificates. + + Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b: + + o Security: counter the Klima-Pokorny-Rosa extension of + Bleichbacher's attack + o Security: make RSA blinding default. + o Configuration: Irix fixes, AIX fixes, better mingw support. + o Support for new platforms: linux-ia64-ecc. + o Build: shared library support fixes. + o ASN.1: treat domainComponent correctly. + o Documentation: fixes and additions. + + Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a: + + o Security: Important security related bugfixes. + o Enhanced compatibility with MIT Kerberos. + o Can be built without the ENGINE framework. + o IA32 assembler enhancements. + o Support for new platforms: FreeBSD/IA64 and FreeBSD/Sparc64. + o Configuration: the no-err option now works properly. + o SSL/TLS: now handles manual certificate chain building. + o SSL/TLS: certain session ID malfunctions corrected. + + Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7: + + o New library section OCSP. + o Complete rewrite of ASN1 code. + o CRL checking in verify code and openssl utility. + o Extension copying in 'ca' utility. + o Flexible display options in 'ca' utility. + o Provisional support for international characters with UTF8. + o Support for external crypto devices ('engine') is no longer + a separate distribution. + o New elliptic curve library section. + o New AES (Rijndael) library section. + o Support for new platforms: Windows CE, Tandem OSS, A/UX, AIX 64-bit, + Linux x86_64, Linux 64-bit on Sparc v9 + o Extended support for some platforms: VxWorks + o Enhanced support for shared libraries. + o Now only builds PIC code when shared library support is requested. + o Support for pkg-config. + o Lots of new manuals. + o Makes symbolic links to or copies of manuals to cover all described + functions. + o Change DES API to clean up the namespace (some applications link also + against libdes providing similar functions having the same name). + Provide macros for backward compatibility (will be removed in the + future). + o Unify handling of cryptographic algorithms (software and engine) + to be available via EVP routines for asymmetric and symmetric ciphers. + o NCONF: new configuration handling routines. + o Change API to use more 'const' modifiers to improve error checking + and help optimizers. + o Finally remove references to RSAref. + o Reworked parts of the BIGNUM code. + o Support for new engines: Broadcom ubsec, Accelerated Encryption + Processing, IBM 4758. + o A few new engines added in the demos area. + o Extended and corrected OID (object identifier) table. + o PRNG: query at more locations for a random device, automatic query for + EGD style random sources at several locations. + o SSL/TLS: allow optional cipher choice according to server's preference. + o SSL/TLS: allow server to explicitly set new session ids. + o SSL/TLS: support Kerberos cipher suites (RFC2712). + Only supports MIT Kerberos for now. + o SSL/TLS: allow more precise control of renegotiations and sessions. + o SSL/TLS: add callback to retrieve SSL/TLS messages. + o SSL/TLS: support AES cipher suites (RFC3268). + + Major changes between OpenSSL 0.9.6j and OpenSSL 0.9.6k: + + o Security: fix various ASN1 parsing bugs. + o SSL/TLS protocol fix for unrequested client certificates. + + Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j: + + o Security: counter the Klima-Pokorny-Rosa extension of + Bleichbacher's attack + o Security: make RSA blinding default. + o Build: shared library support fixes. + + Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i: + + o Important security related bugfixes. + + Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h: + + o New configuration targets for Tandem OSS and A/UX. + o New OIDs for Microsoft attributes. + o Better handling of SSL session caching. + o Better comparison of distinguished names. + o Better handling of shared libraries in a mixed GNU/non-GNU environment. + o Support assembler code with Borland C. + o Fixes for length problems. + o Fixes for uninitialised variables. + o Fixes for memory leaks, some unusual crashes and some race conditions. + o Fixes for smaller building problems. + o Updates of manuals, FAQ and other instructive documents. + + Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g: + + o Important building fixes on Unix. + + Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f: + + o Various important bugfixes. + + Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e: + + o Important security related bugfixes. + o Various SSL/TLS library bugfixes. + + Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d: + + o Various SSL/TLS library bugfixes. + o Fix DH parameter generation for 'non-standard' generators. + + Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c: + + o Various SSL/TLS library bugfixes. + o BIGNUM library fixes. + o RSA OAEP and random number generation fixes. + o Object identifiers corrected and added. + o Add assembler BN routines for IA64. + o Add support for OS/390 Unix, UnixWare with gcc, OpenUNIX 8, + MIPS Linux; shared library support for Irix, HP-UX. + o Add crypto accelerator support for AEP, Baltimore SureWare, + Broadcom and Cryptographic Appliance's keyserver + [in 0.9.6c-engine release]. + + Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b: + + o Security fix: PRNG improvements. + o Security fix: RSA OAEP check. + o Security fix: Reinsert and fix countermeasure to Bleichbacher's + attack. + o MIPS bug fix in BIGNUM. + o Bug fix in "openssl enc". + o Bug fix in X.509 printing routine. + o Bug fix in DSA verification routine and DSA S/MIME verification. + o Bug fix to make PRNG thread-safe. + o Bug fix in RAND_file_name(). + o Bug fix in compatibility mode trust settings. + o Bug fix in blowfish EVP. + o Increase default size for BIO buffering filter. + o Compatibility fixes in some scripts. + + Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a: + + o Security fix: change behavior of OpenSSL to avoid using + environment variables when running as root. + o Security fix: check the result of RSA-CRT to reduce the + possibility of deducing the private key from an incorrectly + calculated signature. + o Security fix: prevent Bleichenbacher's DSA attack. + o Security fix: Zero the premaster secret after deriving the + master secret in DH ciphersuites. + o Reimplement SSL_peek(), which had various problems. + o Compatibility fix: the function des_encrypt() renamed to + des_encrypt1() to avoid clashes with some Unixen libc. + o Bug fixes for Win32, HP/UX and Irix. + o Bug fixes in BIGNUM, SSL, PKCS#7, PKCS#12, X.509, CONF and + memory checking routines. + o Bug fixes for RSA operations in threaded environments. + o Bug fixes in misc. openssl applications. + o Remove a few potential memory leaks. + o Add tighter checks of BIGNUM routines. + o Shared library support has been reworked for generality. + o More documentation. + o New function BN_rand_range(). + o Add "-rand" option to openssl s_client and s_server. + + Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6: + + o Some documentation for BIO and SSL libraries. + o Enhanced chain verification using key identifiers. + o New sign and verify options to 'dgst' application. + o Support for DER and PEM encoded messages in 'smime' application. + o New 'rsautl' application, low level RSA utility. + o MD4 now included. + o Bugfix for SSL rollback padding check. + o Support for external crypto devices [1]. + o Enhanced EVP interface. + + [1] The support for external crypto devices is currently a separate + distribution. See the file README.ENGINE. + + Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a: + + o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8 + o Shared library support for HPUX and Solaris-gcc + o Support of Linux/IA64 + o Assembler support for Mingw32 + o New 'rand' application + o New way to check for existence of algorithms from scripts + + Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5: + + o S/MIME support in new 'smime' command + o Documentation for the OpenSSL command line application + o Automation of 'req' application + o Fixes to make s_client, s_server work under Windows + o Support for multiple fieldnames in SPKACs + o New SPKAC command line utilty and associated library functions + o Options to allow passwords to be obtained from various sources + o New public key PEM format and options to handle it + o Many other fixes and enhancements to command line utilities + o Usable certificate chain verification + o Certificate purpose checking + o Certificate trust settings + o Support of authority information access extension + o Extensions in certificate requests + o Simplified X509 name and attribute routines + o Initial (incomplete) support for international character sets + o New DH_METHOD, DSA_METHOD and enhanced RSA_METHOD + o Read only memory BIOs and simplified creation function + o TLS/SSL protocol bugfixes: Accept TLS 'client hello' in SSL 3.0 + record; allow fragmentation and interleaving of handshake and other + data + o TLS/SSL code now "tolerates" MS SGC + o Work around for Netscape client certificate hang bug + o RSA_NULL option that removes RSA patent code but keeps other + RSA functionality + o Memory leak detection now allows applications to add extra information + via a per-thread stack + o PRNG robustness improved + o EGD support + o BIGNUM library bug fixes + o Faster DSA parameter generation + o Enhanced support for Alpha Linux + o Experimental MacOS support + + Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4: + + o Transparent support for PKCS#8 format private keys: these are used + by several software packages and are more secure than the standard + form + o PKCS#5 v2.0 implementation + o Password callbacks have a new void * argument for application data + o Avoid various memory leaks + o New pipe-like BIO that allows using the SSL library when actual I/O + must be handled by the application (BIO pair) + + Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3: + o Lots of enhancements and cleanups to the Configuration mechanism + o RSA OEAP related fixes + o Added `openssl ca -revoke' option for revoking a certificate + o Source cleanups: const correctness, type-safe stacks and ASN.1 SETs + o Source tree cleanups: removed lots of obsolete files + o Thawte SXNet, certificate policies and CRL distribution points + extension support + o Preliminary (experimental) S/MIME support + o Support for ASN.1 UTF8String and VisibleString + o Full integration of PKCS#12 code + o Sparc assembler bignum implementation, optimized hash functions + o Option to disable selected ciphers + + Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b: + o Fixed a security hole related to session resumption + o Fixed RSA encryption routines for the p < q case + o "ALL" in cipher lists now means "everything except NULL ciphers" + o Support for Triple-DES CBCM cipher + o Support of Optimal Asymmetric Encryption Padding (OAEP) for RSA + o First support for new TLSv1 ciphers + o Added a few new BIOs (syslog BIO, reliable BIO) + o Extended support for DSA certificate/keys. + o Extended support for Certificate Signing Requests (CSR) + o Initial support for X.509v3 extensions + o Extended support for compression inside the SSL record layer + o Overhauled Win32 builds + o Cleanups and fixes to the Big Number (BN) library + o Support for ASN.1 GeneralizedTime + o Splitted ASN.1 SETs from SEQUENCEs + o ASN1 and PEM support for Netscape Certificate Sequences + o Overhauled Perl interface + o Lots of source tree cleanups. + o Lots of memory leak fixes. + o Lots of bug fixes. + + Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c: + o Integration of the popular NO_RSA/NO_DSA patches + o Initial support for compression inside the SSL record layer + o Added BIO proxy and filtering functionality + o Extended Big Number (BN) library + o Added RIPE MD160 message digest + o Addeed support for RC2/64bit cipher + o Extended ASN.1 parser routines + o Adjustations of the source tree for CVS + o Support for various new platforms + diff --git a/third_party/lighttpd/OpenSSL.cnf b/third_party/lighttpd/OpenSSL.cnf new file mode 100644 index 0000000..9e59020 --- /dev/null +++ b/third_party/lighttpd/OpenSSL.cnf @@ -0,0 +1,313 @@ +# +# OpenSSL example configuration file. +# This is mostly being used for generation of certificate requests. +# + +# This definition stops the following lines choking if HOME isn't +# defined. +HOME = . +RANDFILE = $ENV::HOME/.rnd + +# Extra OBJECT IDENTIFIER info: +#oid_file = $ENV::HOME/.oid +oid_section = new_oids + +# To use this configuration file with the "-extfile" option of the +# "openssl x509" utility, name here the section containing the +# X.509v3 extensions to use: +# extensions = +# (Alternatively, use a configuration file that has only +# X.509v3 extensions in its main [= default] section.) + +[ new_oids ] + +# We can add new OIDs in here for use by 'ca' and 'req'. +# Add a simple OID like this: +# testoid1=1.2.3.4 +# Or use config file substitution like this: +# testoid2=${testoid1}.5.6 + +#################################################################### +[ ca ] +default_ca = CA_default # The default ca section + +#################################################################### +[ CA_default ] + +dir = ./demoCA # Where everything is kept +certs = $dir/certs # Where the issued certs are kept +crl_dir = $dir/crl # Where the issued crl are kept +database = $dir/index.txt # database index file. +#unique_subject = no # Set to 'no' to allow creation of + # several ctificates with same subject. +new_certs_dir = $dir/newcerts # default place for new certs. + +certificate = $dir/cacert.pem # The CA certificate +serial = $dir/serial # The current serial number +crlnumber = $dir/crlnumber # the current crl number + # must be commented out to leave a V1 CRL +crl = $dir/crl.pem # The current CRL +private_key = $dir/private/cakey.pem# The private key +RANDFILE = $dir/private/.rand # private random number file + +x509_extensions = usr_cert # The extentions to add to the cert + +# Comment out the following two lines for the "traditional" +# (and highly broken) format. +name_opt = ca_default # Subject Name options +cert_opt = ca_default # Certificate field options + +# Extension copying option: use with caution. +# copy_extensions = copy + +# Extensions to add to a CRL. Note: Netscape communicator chokes on V2 CRLs +# so this is commented out by default to leave a V1 CRL. +# crlnumber must also be commented out to leave a V1 CRL. +# crl_extensions = crl_ext + +default_days = 365 # how long to certify for +default_crl_days= 30 # how long before next CRL +default_md = sha1 # which md to use. +preserve = no # keep passed DN ordering + +# A few difference way of specifying how similar the request should look +# For type CA, the listed attributes must be the same, and the optional +# and supplied fields are just that :-) +policy = policy_match + +# For the CA policy +[ policy_match ] +countryName = match +stateOrProvinceName = match +organizationName = match +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +# For the 'anything' policy +# At this point in time, you must list all acceptable 'object' +# types. +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +#################################################################### +[ req ] +default_bits = 1024 +default_keyfile = privkey.pem +distinguished_name = req_distinguished_name +attributes = req_attributes +x509_extensions = v3_ca # The extentions to add to the self signed cert + +# Passwords for private keys if not present they will be prompted for +# input_password = secret +# output_password = secret + +# This sets a mask for permitted string types. There are several options. +# default: PrintableString, T61String, BMPString. +# pkix : PrintableString, BMPString. +# utf8only: only UTF8Strings. +# nombstr : PrintableString, T61String (no BMPStrings or UTF8Strings). +# MASK:XXXX a literal mask value. +# WARNING: current versions of Netscape crash on BMPStrings or UTF8Strings +# so use this option with caution! +string_mask = nombstr + +# req_extensions = v3_req # The extensions to add to a certificate request + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = AU +countryName_min = 2 +countryName_max = 2 + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = Some-State + +localityName = Locality Name (eg, city) + +0.organizationName = Organization Name (eg, company) +0.organizationName_default = Internet Widgits Pty Ltd + +# we can do this but it is not needed normally :-) +#1.organizationName = Second Organization Name (eg, company) +#1.organizationName_default = World Wide Web Pty Ltd + +organizationalUnitName = Organizational Unit Name (eg, section) +#organizationalUnitName_default = + +commonName = Common Name (eg, YOUR name) +commonName_max = 64 + +emailAddress = Email Address +emailAddress_max = 64 + +# SET-ex3 = SET extension number 3 + +[ req_attributes ] +challengePassword = A challenge password +challengePassword_min = 4 +challengePassword_max = 20 + +unstructuredName = An optional company name + +[ usr_cert ] + +# These extensions are added when 'ca' signs a request. + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# Here are some examples of the usage of nsCertType. If it is omitted +# the certificate can be used for anything *except* object signing. + +# This is OK for an SSL server. +# nsCertType = server + +# For an object signing certificate this would be used. +# nsCertType = objsign + +# For normal client use this is typical +# nsCertType = client, email + +# and for everything including object signing: +# nsCertType = client, email, objsign + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem +#nsBaseUrl +#nsRevocationUrl +#nsRenewalUrl +#nsCaPolicyUrl +#nsSslServerName + +[ v3_req ] + +# Extensions to add to a certificate request + +basicConstraints = CA:FALSE +keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +[ v3_ca ] + + +# Extensions for a typical CA + + +# PKIX recommendation. + +subjectKeyIdentifier=hash + +authorityKeyIdentifier=keyid:always,issuer:always + +# This is what PKIX recommends but some broken software chokes on critical +# extensions. +#basicConstraints = critical,CA:true +# So we do this instead. +basicConstraints = CA:true + +# Key usage: this is typical for a CA certificate. However since it will +# prevent it being used as an test self-signed certificate it is best +# left out by default. +# keyUsage = cRLSign, keyCertSign + +# Some might want this also +# nsCertType = sslCA, emailCA + +# Include email address in subject alt name: another PKIX recommendation +# subjectAltName=email:copy +# Copy issuer details +# issuerAltName=issuer:copy + +# DER hex encoding of an extension: beware experts only! +# obj=DER:02:03 +# Where 'obj' is a standard or added object +# You can even override a supported extension: +# basicConstraints= critical, DER:30:03:01:01:FF + +[ crl_ext ] + +# CRL extensions. +# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL. + +# issuerAltName=issuer:copy +authorityKeyIdentifier=keyid:always,issuer:always + +[ proxy_cert_ext ] +# These extensions should be added when creating a proxy certificate + +# This goes against PKIX guidelines but some CAs do it and some software +# requires this to avoid interpreting an end user certificate as a CA. + +basicConstraints=CA:FALSE + +# Here are some examples of the usage of nsCertType. If it is omitted +# the certificate can be used for anything *except* object signing. + +# This is OK for an SSL server. +# nsCertType = server + +# For an object signing certificate this would be used. +# nsCertType = objsign + +# For normal client use this is typical +# nsCertType = client, email + +# and for everything including object signing: +# nsCertType = client, email, objsign + +# This is typical in keyUsage for a client certificate. +# keyUsage = nonRepudiation, digitalSignature, keyEncipherment + +# This will be displayed in Netscape's comment listbox. +nsComment = "OpenSSL Generated Certificate" + +# PKIX recommendations harmless if included in all certificates. +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer:always + +# This stuff is for subjectAltName and issuerAltname. +# Import the email address. +# subjectAltName=email:copy +# An alternative to produce certificates that aren't +# deprecated according to PKIX. +# subjectAltName=email:move + +# Copy subject details +# issuerAltName=issuer:copy + +#nsCaRevocationUrl = http://www.domain.dom/ca-crl.pem +#nsBaseUrl +#nsRevocationUrl +#nsRenewalUrl +#nsCaPolicyUrl +#nsSslServerName + +# This really needs to be in place for it to be a proxy certificate. +proxyCertInfo=critical,language:id-ppl-anyLanguage,pathlen:3,policy:foo diff --git a/third_party/lighttpd/OpenSSL.exe b/third_party/lighttpd/OpenSSL.exe Binary files differnew file mode 100644 index 0000000..ed86d65 --- /dev/null +++ b/third_party/lighttpd/OpenSSL.exe diff --git a/third_party/lighttpd/PACKINFO.TXT b/third_party/lighttpd/PACKINFO.TXT new file mode 100644 index 0000000..779184d --- /dev/null +++ b/third_party/lighttpd/PACKINFO.TXT @@ -0,0 +1,32 @@ +/***#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-#***\ +\ W | PRE-COMPILED PACKS FOR WLMP PROJECT | W / +/ L | - - - - - - - - - - - - - - - - - - - - - | L \ +\ M | Copyright (C) 2006 - 2008. | M / +/ P | WLMP Project - http://wlmp-project.net/ | P \ +\***#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-#***/ + +// -- PACKAGE: LightTPD-1.4.19-1-Win32-SSL -- // + +=================== +PACKAGE INFORMATION +=================== + +Package Name: LightTPD (Win32) - SSL +Package Type: Binary +Package Version: 1.4.19-1 +Revision: 2126 +Release Date: 2008-03-12 + +Status: Stable Release +Language: English +Compilation Platform: i686-pc-cygwin (GCC) + +Author: Jan Kneschke, http://www.lighttpd.net/ +License: Revised BSD License + +Operating System: Microsoft Windows 2000 / XP / 2003 / Vista + +Additions: OpenSSL 0.9.8g +Supported features: ZLib, BZip2, Crypt, SSL, PCRE, LDAP, LUA + +Comment: This version is built for WLMP Webserver Package. diff --git a/third_party/lighttpd/README.GOOGLE b/third_party/lighttpd/README.GOOGLE new file mode 100644 index 0000000..637d6fb --- /dev/null +++ b/third_party/lighttpd/README.GOOGLE @@ -0,0 +1,12 @@ +This is an import of a cygwin-based lighttpd for windows from: + +LightTPD-1.4.19-1-Win32-SSL.exe (http://en.wlmp-project.net/) + +Modifications to the base install: + - Move cygwin1.dll (see no_dll/README) + - Remove the docs/ directory + - Added php5-cgi binary from php-5.2.6-Win32.zip (http://www.php.net) + - Non-standard php.ini and shim code in php5/ + +LightTPD is licensed under the "revised BSD license" (see COPYING.LIGHTTPD) +PHP is licensed under the PHP license (http://www.php.net/license/) diff --git a/third_party/lighttpd/README.LIGHTTPD b/third_party/lighttpd/README.LIGHTTPD new file mode 100644 index 0000000..318da22 --- /dev/null +++ b/third_party/lighttpd/README.LIGHTTPD @@ -0,0 +1,156 @@ + +======== +lighttpd +======== + +------------- +a light httpd +------------- + +:author: Jan Kneschke +:Date: $Date: 2004/11/03 22:25:54 $ +:Revision: $Revision: 1.8 $ + +:abstract: + lighttpd a secure, fast, compliant and very flexible web-server + which has been optimized for high-performance environments. It has a very + low memory footprint compared to other webservers and takes care of cpu-load. + Its advanced feature-set (FastCGI, CGI, Auth, Output-Compression, + URL-Rewriting and many more) make lighttpd the perfect webserver-software + for every server that is suffering load problems. + +the naming +---------- + +lighttpd is a __httpd__ which is + +- fast as __light__ning and +- __light__ when it comes to memory consumption and system requirements + +Features +-------- + +Network +``````` + +- IPv4, IPv6 + +Protocols +````````` + +- HTTP/1.0 (http://www.ietf.org/rfc/rfc1945.txt) +- HTTP/1.1 (http://www.ietf.org/rfc/rfc2616.txt) +- HTTPS (provided by openssl) +- CGI/1.1 (http://CGI-Spec.Golux.Com/) +- FastCGI (http://www.fastcgi.com/devkit/doc/fcgi-spec.html) + +Advanced Features +````````````````` + +- load-balanced FastCGI + (one webserver distributes requests to multiple PHP-servers via FastCGI) +- custom error pages (for Response-Code 400-599) +- virtual hosts +- directory listings +- streaming CGI and FastCGI +- URL-Rewriting +- HTTP-Redirection +- output-compression with transparent caching + +FastCGI-Support +``````````````` + +- parses the Response-header and completes the HTTP-header accordingly +- Keep-Alive handling based on Content-Length header + +PHP-Support +``````````` + +- same speed as or faster than apache + mod_php4 +- handles various PHP bugs in the FastCGI SAPI +- includes a utility to spawn FastCGI processes (necessary for PHP 4.3.x) + +Security features +````````````````` + +- chroot(), set UID, set GID +- protecting docroot + +HTTP/1.1 features +````````````````` + +- Ranges (start-end, start-, -end, multiple ranges) +- HTTP/1.0 Keep-Alive + HTTP/1.1 persistent Connections +- methods: GET, HEAD, POST +- Last-Modified + If-Modified handling +- sends Content-Length if possible +- sends Transfer-Encoding: chunk, if Content-Length is not possible +- sends Content-Type +- on-the-fly output compression (deflate, gzip) +- authentication: basic and digest + (http://www.ietf.org/rfc/rfc2617.txt) + +HTTP/1.1 compliance +``````````````````` + +- Sends 206 for Range Requests +- Sends 304 for If-Modified Requests +- Sends 400 for missing Host on HTTP/1.1 requests +- Sends 400 for broken Request-Line +- Sends 411 for missing Content-Length on POST requests +- Sends 416 for "out-of-range" on Range: Header +- Sends 501 for request-method != (GET|POST|HEAD) +- Sends 505 for protocol != HTTP/1.0 or HTTP/1.1 +- Sends Date: on every requests + +Intended Audience +----------------- + +- Ad-Server Front-Ends ("Banner-Schleuder") + - delivering small files rapidly +- php-servers under high load + (load-balancing the php-request over multiple PHP-servers) + +Works with +---------- + +It has been tested to work with + +- IE 6.0 +- Mozilla 1.x +- Konqueror 3.1 + (for Keep-Alive/Persistent Connections, Accept-Encoding for PHP + gzip) +- wget + (for Resuming) +- acrobat plugin + (for multiple ranges) + + +Works on +-------- + +lighttpd has been verified to compile and work on + +- Linux +- FreeBSD +- NetBSD +- Solaris 8 + 9 +- SGI IRIX 6.5 + +missing for HTTP/1.1 compliance +------------------------------- +- parsing chunked POST request + +----------------- +Starting lighttpd +----------------- + +As daemon in the background: :: + + $ lighttpd -f <configfile> + +or without detaching from the console: :: + + $ lighttpd -D -f <configfile> + + diff --git a/third_party/lighttpd/README.OPENSSL b/third_party/lighttpd/README.OPENSSL new file mode 100644 index 0000000..2b49835 --- /dev/null +++ b/third_party/lighttpd/README.OPENSSL @@ -0,0 +1,201 @@ + + OpenSSL 0.9.8g + + Copyright (c) 1998-2007 The OpenSSL Project + Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson + All rights reserved. + + DESCRIPTION + ----------- + + The OpenSSL Project is a collaborative effort to develop a robust, + commercial-grade, fully featured, and Open Source toolkit implementing the + Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) + protocols as well as a full-strength general purpose cryptography library. + The project is managed by a worldwide community of volunteers that use the + Internet to communicate, plan, and develop the OpenSSL toolkit and its + related documentation. + + OpenSSL is based on the excellent SSLeay library developed from Eric A. Young + and Tim J. Hudson. The OpenSSL toolkit is licensed under a dual-license (the + OpenSSL license plus the SSLeay license) situation, which basically means + that you are free to get and use it for commercial and non-commercial + purposes as long as you fulfill the conditions of both licenses. + + OVERVIEW + -------- + + The OpenSSL toolkit includes: + + libssl.a: + Implementation of SSLv2, SSLv3, TLSv1 and the required code to support + both SSLv2, SSLv3 and TLSv1 in the one server and client. + + libcrypto.a: + General encryption and X.509 v1/v3 stuff needed by SSL/TLS but not + actually logically part of it. It includes routines for the following: + + Ciphers + libdes - EAY's libdes DES encryption package which was floating + around the net for a few years, and was then relicensed by + him as part of SSLeay. It includes 15 'modes/variations' + of DES (1, 2 and 3 key versions of ecb, cbc, cfb and ofb; + pcbc and a more general form of cfb and ofb) including desx + in cbc mode, a fast crypt(3), and routines to read + passwords from the keyboard. + RC4 encryption, + RC2 encryption - 4 different modes, ecb, cbc, cfb and ofb. + Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb. + IDEA encryption - 4 different modes, ecb, cbc, cfb and ofb. + + Digests + MD5 and MD2 message digest algorithms, fast implementations, + SHA (SHA-0) and SHA-1 message digest algorithms, + MDC2 message digest. A DES based hash that is popular on smart cards. + + Public Key + RSA encryption/decryption/generation. + There is no limit on the number of bits. + DSA encryption/decryption/generation. + There is no limit on the number of bits. + Diffie-Hellman key-exchange/key generation. + There is no limit on the number of bits. + + X.509v3 certificates + X509 encoding/decoding into/from binary ASN1 and a PEM + based ASCII-binary encoding which supports encryption with a + private key. Program to generate RSA and DSA certificate + requests and to generate RSA and DSA certificates. + + Systems + The normal digital envelope routines and base64 encoding. Higher + level access to ciphers and digests by name. New ciphers can be + loaded at run time. The BIO io system which is a simple non-blocking + IO abstraction. Current methods supported are file descriptors, + sockets, socket accept, socket connect, memory buffer, buffering, SSL + client/server, file pointer, encryption, digest, non-blocking testing + and null. + + Data structures + A dynamically growing hashing system + A simple stack. + A Configuration loader that uses a format similar to MS .ini files. + + openssl: + A command line tool that can be used for: + Creation of RSA, DH and DSA key parameters + Creation of X.509 certificates, CSRs and CRLs + Calculation of Message Digests + Encryption and Decryption with Ciphers + SSL/TLS Client and Server Tests + Handling of S/MIME signed or encrypted mail + + + PATENTS + ------- + + Various companies hold various patents for various algorithms in various + locations around the world. _YOU_ are responsible for ensuring that your use + of any algorithms is legal by checking if there are any patents in your + country. The file contains some of the patents that we know about or are + rumored to exist. This is not a definitive list. + + RSA Security holds software patents on the RC5 algorithm. If you + intend to use this cipher, you must contact RSA Security for + licensing conditions. Their web page is http://www.rsasecurity.com/. + + RC4 is a trademark of RSA Security, so use of this label should perhaps + only be used with RSA Security's permission. + + The IDEA algorithm is patented by Ascom in Austria, France, Germany, Italy, + Japan, the Netherlands, Spain, Sweden, Switzerland, UK and the USA. They + should be contacted if that algorithm is to be used; their web page is + http://www.ascom.ch/. + + The MDC2 algorithm is patented by IBM. + + NTT and Mitsubishi have patents and pending patents on the Camellia + algorithm, but allow use at no charge without requiring an explicit + licensing agreement: http://info.isl.ntt.co.jp/crypt/eng/info/chiteki.html + + INSTALLATION + ------------ + + To install this package under a Unix derivative, read the INSTALL file. For + a Win32 platform, read the INSTALL.W32 file. For OpenVMS systems, read + INSTALL.VMS. + + Read the documentation in the doc/ directory. It is quite rough, but it + lists the functions; you will probably have to look at the code to work out + how to use them. Look at the example programs. + + PROBLEMS + -------- + + For some platforms, there are some known problems that may affect the user + or application author. We try to collect those in doc/PROBLEMS, with current + thoughts on how they should be solved in a future of OpenSSL. + + SUPPORT + ------- + + If you have any problems with OpenSSL then please take the following steps + first: + + - Download the current snapshot from ftp://ftp.openssl.org/snapshot/ + to see if the problem has already been addressed + - Remove ASM versions of libraries + - Remove compiler optimisation flags + + If you wish to report a bug then please include the following information in + any bug report: + + - On Unix systems: + Self-test report generated by 'make report' + - On other systems: + OpenSSL version: output of 'openssl version -a' + OS Name, Version, Hardware platform + Compiler Details (name, version) + - Application Details (name, version) + - Problem Description (steps that will reproduce the problem, if known) + - Stack Traceback (if the application dumps core) + + Report the bug to the OpenSSL project via the Request Tracker + (http://www.openssl.org/support/rt2.html) by mail to: + + openssl-bugs@openssl.org + + Note that mail to openssl-bugs@openssl.org is recorded in the publicly + readable request tracker database and is forwarded to a public + mailing list. Confidential mail may be sent to openssl-security@openssl.org + (PGP key available from the key servers). + + HOW TO CONTRIBUTE TO OpenSSL + ---------------------------- + + Development is coordinated on the openssl-dev mailing list (see + http://www.openssl.org for information on subscribing). If you + would like to submit a patch, send it to openssl-dev@openssl.org with + the string "[PATCH]" in the subject. Please be sure to include a + textual explanation of what your patch does. + + Note: For legal reasons, contributions from the US can be accepted only + if a TSU notification and a copy of the patch are sent to crypt@bis.doc.gov + (formerly BXA) with a copy to the ENC Encryption Request Coordinator; + please take some time to look at + http://www.bis.doc.gov/Encryption/PubAvailEncSourceCodeNofify.html [sic] + and + http://w3.access.gpo.gov/bis/ear/pdf/740.pdf (EAR Section 740.13(e)) + for the details. If "your encryption source code is too large to serve as + an email attachment", they are glad to receive it by fax instead; hope you + have a cheap long-distance plan. + + Our preferred format for changes is "diff -u" output. You might + generate it like this: + + # cd openssl-work + # [your changes] + # ./Configure dist; make clean + # cd .. + # diff -ur openssl-orig openssl-work > mydiffs.patch + diff --git a/third_party/lighttpd/SSL-Gen.bat b/third_party/lighttpd/SSL-Gen.bat new file mode 100644 index 0000000..1586beb --- /dev/null +++ b/third_party/lighttpd/SSL-Gen.bat @@ -0,0 +1,7 @@ +@ECHO OFF +openssl.exe req -config openssl.cnf -new -x509 -keyout server.pem -out server.pem -days 365 -nodes +ECHO. +ECHO Done generating self-signed certificate. +ECHO Press any key to continue... +PAUSE >NUL +EXIT
\ No newline at end of file diff --git a/third_party/lighttpd/Spawn-FCGI.exe b/third_party/lighttpd/Spawn-FCGI.exe Binary files differnew file mode 100644 index 0000000..fb03295 --- /dev/null +++ b/third_party/lighttpd/Spawn-FCGI.exe diff --git a/third_party/lighttpd/TestMode.bat b/third_party/lighttpd/TestMode.bat new file mode 100644 index 0000000..e4102af --- /dev/null +++ b/third_party/lighttpd/TestMode.bat @@ -0,0 +1,8 @@ +@ECHO OFF +ECHO LightTPD Test mode (without log) +ECHO Press 'CTRL + C' to exit. +ECHO. +ECHO LightTPD Output: +ECHO ---------------- +START /B lighttpd.exe -f conf\lighttpd-inc.conf -m lib -D +PAUSE >NUL && EXIT
\ No newline at end of file diff --git a/third_party/lighttpd/bin/INSTSRV.EXE b/third_party/lighttpd/bin/INSTSRV.EXE Binary files differnew file mode 100644 index 0000000..4ebad9b --- /dev/null +++ b/third_party/lighttpd/bin/INSTSRV.EXE diff --git a/third_party/lighttpd/bin/LIGHTSRC.EXE b/third_party/lighttpd/bin/LIGHTSRC.EXE Binary files differnew file mode 100644 index 0000000..531f87b --- /dev/null +++ b/third_party/lighttpd/bin/LIGHTSRC.EXE diff --git a/third_party/lighttpd/bin/PROCESS.EXE b/third_party/lighttpd/bin/PROCESS.EXE Binary files differnew file mode 100644 index 0000000..78e4712 --- /dev/null +++ b/third_party/lighttpd/bin/PROCESS.EXE diff --git a/third_party/lighttpd/bin/Service-Install.exe b/third_party/lighttpd/bin/Service-Install.exe Binary files differnew file mode 100644 index 0000000..bb3cad1 --- /dev/null +++ b/third_party/lighttpd/bin/Service-Install.exe diff --git a/third_party/lighttpd/bin/Service-Remove.exe b/third_party/lighttpd/bin/Service-Remove.exe Binary files differnew file mode 100644 index 0000000..412495f --- /dev/null +++ b/third_party/lighttpd/bin/Service-Remove.exe diff --git a/third_party/lighttpd/conf/CONFIG.README b/third_party/lighttpd/conf/CONFIG.README new file mode 100644 index 0000000..69916be --- /dev/null +++ b/third_party/lighttpd/conf/CONFIG.README @@ -0,0 +1,15 @@ +==================== +LightTPD Configfiles +==================== + +lighttpd-inc.conf: + default configuration file + +lighttpd-srv.conf: + logging configuration for service + +lighttpd-tag.conf: + server tag information + +lighttpd-auth.conf: + backend authentication userfile (use with mod_auth) diff --git a/third_party/lighttpd/conf/lighttpd-auth.conf b/third_party/lighttpd/conf/lighttpd-auth.conf new file mode 100644 index 0000000..261a95a --- /dev/null +++ b/third_party/lighttpd/conf/lighttpd-auth.conf @@ -0,0 +1 @@ +admin:password
\ No newline at end of file diff --git a/third_party/lighttpd/conf/lighttpd-inc.conf b/third_party/lighttpd/conf/lighttpd-inc.conf new file mode 100644 index 0000000..cdc23b6 --- /dev/null +++ b/third_party/lighttpd/conf/lighttpd-inc.conf @@ -0,0 +1,329 @@ +# LightTPD Configuration file (INCLUDE) +# +# Use it as a base for LightTPD 1.0.0 and above. +# This version is built for WLMP Webserver Package - http://en.wlmp.project.net/ +# +# $Id: lighttpd-inc.conf,v 1.7 2004/11/03 22:26:05 weigon Exp $ + +############ Options you really have to take care of #################### + +## modules to load +# at least mod_access and mod_accesslog should be loaded +# all other module should only be loaded if really neccesary +# - saves some time +# - saves memory +server.modules = ( + "mod_access", + "mod_accesslog", + "mod_alias", +# "mod_auth", +# "mod_cgi", +# "mod_cml", +# "mod_compress", +# "mod_dirlisting", +# "mod_evasive", +# "mod_evhost", +# "mod_expire", +# "mod_extforward", +# "mod_fastcgi", +# "mod_flv_streaming", +# "mod_indexfile", +# "mod_magnet", +# "mod_mysql_vhost", +# "mod_proxy", +# "mod_redirect", +# "mod_rewrite", +## "mod_rrdtool", +# "mod_scgi", +# "mod_secdownload", +# "mod_setenv", +# "mod_simple_vhost", + "mod_ssi", +# "mod_staticfile", + "mod_status", +## "mod_trigger_b4_dl", +# "mod_userdir", +# "mod_usertrack", +# "mod_webdav" + ) + +## a static document-root, for virtual-hosting take look at the +## server.virtual-* options +server.document-root = "HTDOCS/" + +#directory for file uploads +server.upload-dirs = ( "TMP/" ) + +# files to check for if .../ is requested +index-file.names = ( "index.php", "index.pl", "index.cgi", + "index.html", "index.htm", "default.htm" ) + +## set the event-handler (read the performance section in the manual) +# server.event-handler = "freebsd-kqueue" # needed on OS X + +# mimetype mapping +mimetype.assign = ( + ".pdf" => "application/pdf", + ".sig" => "application/pgp-signature", + ".spl" => "application/futuresplash", + ".class" => "application/octet-stream", + ".ps" => "application/postscript", + ".torrent" => "application/x-bittorrent", + ".dvi" => "application/x-dvi", + ".gz" => "application/x-gzip", + ".pac" => "application/x-ns-proxy-autoconfig", + ".swf" => "application/x-shockwave-flash", + ".tar.gz" => "application/x-tgz", + ".tgz" => "application/x-tgz", + ".tar" => "application/x-tar", + ".zip" => "application/zip", + ".mp3" => "audio/mpeg", + ".m3u" => "audio/x-mpegurl", + ".wma" => "audio/x-ms-wma", + ".wax" => "audio/x-ms-wax", + ".ogg" => "application/ogg", + ".wav" => "audio/x-wav", + ".gif" => "image/gif", + ".jpg" => "image/jpeg", + ".jpeg" => "image/jpeg", + ".png" => "image/png", + ".xbm" => "image/x-xbitmap", + ".xpm" => "image/x-xpixmap", + ".xwd" => "image/x-xwindowdump", + ".css" => "text/css", + ".html" => "text/html", + ".htm" => "text/html", + ".js" => "text/javascript", + ".asc" => "text/plain", + ".c" => "text/plain", + ".cpp" => "text/plain", + ".log" => "text/plain", + ".conf" => "text/plain", + ".text" => "text/plain", + ".txt" => "text/plain", + ".dtd" => "text/xml", + ".xml" => "text/xml", + ".mpeg" => "video/mpeg", + ".mpg" => "video/mpeg", + ".mov" => "video/quicktime", + ".qt" => "video/quicktime", + ".avi" => "video/x-msvideo", + ".asf" => "video/x-ms-asf", + ".asx" => "video/x-ms-asf", + ".wmv" => "video/x-ms-wmv", + ".bz2" => "application/x-bzip", + ".tbz" => "application/x-bzip-compressed-tar", + ".tar.bz2" => "application/x-bzip-compressed-tar" + ) + +# Use the "Content-Type" extended attribute to obtain mime type if possible +mimetype.use-xattr = "enable" + +## deny access the file-extensions +# +# ~ is for backupfiles from vi, emacs, joe, ... +# .inc is often used for code includes which should in general not be part +# of the document-root +url.access-deny = ( "~", ".inc" ) + +$HTTP["url"] =~ "\.pdf$" { + server.range-requests = "disable" +} + +## +# which extensions should not be handle via static-file transfer +# +# .php, .pl, .fcgi are most often handled by mod_fastcgi or mod_cgi +static-file.exclude-extensions = ( ".php", ".pl", ".cgi" ) + +######### Options that are good to be but not neccesary to be changed ####### + +## bind to port (default: 80) +#server.port = 81 + +## bind to localhost (default: all interfaces) +#server.bind = "mydomain.org" + +## error-handler for status 404 +#server.error-handler-404 = "/error-handler.html" +#server.error-handler-404 = "/error-handler.php" + + +###### virtual hosts +## +## If you want name-based virtual hosting add the next three settings and load +## mod_simple_vhost +## +## document-root = +## virtual-server-root + virtual-server-default-host + virtual-server-docroot +## or +## virtual-server-root + http-host + virtual-server-docroot +## +#simple-vhost.server-root = "HTDOCS/" +#simple-vhost.default-host = "vhost.mydomain.org" +#simple-vhost.document-root = "/vhost/" + +## alias +#alias.url = ( "/logs" => "logs" ) + +## +## Format: <errorfile-prefix><status-code>.html +## -> ..../status-404.html for 'File not found' +#server.errorfile-prefix = "errors/status-" + +## virtual directory listings +dir-listing.activate = "enable" +#dir-listing.encoding = "iso-8859-2" +#dir-listing.external-css = "style/oldstyle.css" + +## enable debugging +#debug.log-request-header = "enable" +#debug.log-response-header = "enable" +#debug.log-request-handling = "enable" +#debug.log-file-not-found = "enable" + +### only root can use these options +# +# chroot() to directory (default: no chroot() ) +#server.chroot = "/" + +## change uid to <uid> (default: don't care) +#server.username = "wwwrun" + +## change uid to <uid> (default: don't care) +#server.groupname = "wwwrun" + +#### compress module +#compress.cache-dir = "tmp/" +#compress.filetype = ("text/plain", "text/html") + +#### proxy module +## read proxy.txt for more info +#proxy.server = ( ".php" => +# ( "localhost" => +# ( +# "host" => "192.168.0.101", +# "port" => 80 +# ) +# ) +# ) + +#### fastcgi module +## read fastcgi.txt for more info +## for PHP don't forget to set cgi.fix_pathinfo = 1 in the php.ini +#fastcgi.server = ( ".php" => +# ( "localhost" => +# ( +# "socket" => "TMP/php-fastcgi.socket", +# "bin-path" => "PHP/php-cgi.exe" +# ) +# ) +# ) + +#### CGI module +#cgi.assign = ( ".php" => "PHP/php-cgi.exe", +# ".pl" => "Perl/perl.exe", +# ".cgi" => "Perl/perl.exe" ) +# + +#### SSL engine +#ssl.engine = "enable" +#ssl.pemfile = "server.pem" + +#### status module +status.status-url = "/server-status" +status.config-url = "/server-config" + +#### auth module +## read authentication.txt for more info +#auth.backend = "plain" +#auth.backend.plain.userfile = "conf/lighttpd-auth.conf" +#auth.backend.plain.groupfile = "conf/lighttpd-group.conf" + +#auth.backend.ldap.hostname = "localhost" +#auth.backend.ldap.base-dn = "dc=my-domain,dc=com" +#auth.backend.ldap.filter = "(uid=$)" + +#auth.require = ( "/server-status" => +# ( +# "method" => "digest", +# "realm" => "Server status", +# "require" => "user=admin" +# ), +# "/server-config" => +# ( +# "method" => "digest", +# "realm" => "Server config", +# "require" => "user=admin" +# ) +# ) + +#### url handling modules (rewrite, redirect, access) +#url.rewrite = ( "^/$" => "/server-status" ) +#url.redirect = ( "^/wishlist/(.+)" => "http://www.123.org/$1" ) + +#### both rewrite/redirect support back reference to regex conditional using %n +#$HTTP["host"] =~ "^www\.(.*)" { +# url.redirect = ( "^/(.*)" => "http://%1/$1" ) +#} + +# +# define a pattern for the host url finding +# %% => % sign +# %0 => domain name + tld +# %1 => tld +# %2 => domain name without tld +# %3 => subdomain 1 name +# %4 => subdomain 2 name +# +#evhost.path-pattern = "HTDOCS/" + +#### expire module +#expire.url = ( "/buggy/" => "access 2 hours", "/asdhas/" => "access plus 1 seconds 2 minutes") + +#### ssi +#ssi.extension = ( ".shtml" ) + +#### rrdtool +#rrdtool.binary = "rrdtool" +#rrdtool.db-name = "lighttpd.rrd" + +#### setenv +#setenv.add-request-header = ( "TRAV_ENV" => "mysql://user@host/db" ) +#setenv.add-response-header = ( "X-Secret-Message" => "42" ) + +## for mod_trigger_b4_dl +# trigger-before-download.gdbm-filename = "GDBM/testbase/trigger.db" +# trigger-before-download.memcache-hosts = ( "127.0.0.1:11211" ) +# trigger-before-download.trigger-url = "^/trigger/" +# trigger-before-download.download-url = "^/download/" +# trigger-before-download.deny-url = "http://127.0.0.1/index.html" +# trigger-before-download.trigger-timeout = 10 + +## for mod_cml +## don't forget to add index.cml to server.indexfiles +# cml.extension = ".cml" +# cml.memcache-hosts = ( "127.0.0.1:11211" ) + +#### variable usage: +## variable name without "." is auto prefixed by "var." and becomes "var.bar" +#bar = 1 +#var.mystring = "foo" + +## integer add +#bar += 1 +## string concat, with integer cast as string, result: "www.foo1.com" +#server.name = "www." + mystring + var.bar + ".com" +## array merge +#index-file.names = (foo + ".php") + index-file.names +#index-file.names += (foo + ".php") + +#### include +#include "conf/lighttpd-ext.conf" +## same as above if you run: "lighttpd -f conf\lighttpd.conf" +#include "lighttpd-ext.conf" + +#### include_shell +#include_shell "echo var.a=1" +## the above is same as: +#var.a=1 diff --git a/third_party/lighttpd/conf/lighttpd-srv.conf b/third_party/lighttpd/conf/lighttpd-srv.conf new file mode 100644 index 0000000..edff269 --- /dev/null +++ b/third_party/lighttpd/conf/lighttpd-srv.conf @@ -0,0 +1,19 @@ +# LightTPD Configuration file (RUN AS A SERVICE) +# +# Use it as a base for LightTPD 1.0.0 and above. +# This version is built for WLMP Webserver Package - http://en.wlmp.project.net/ +# +# $Id: lighttpd-srv.conf,v 1.0 2006/11/03 23:35:28 weigon Exp $ + +## where to send error-messages to +server.errorlog = "logs/lighttpd-srv.error.log" + +#### accesslog module +accesslog.filename = "logs/lighttpd-srv.access.log" + +## to help the rc.scripts +#server.pid-file = "logs/lighttpd-srv.pid" + +#### include other configfiles +include "conf/lighttpd-tag.conf" +include "conf/lighttpd-inc.conf"
\ No newline at end of file diff --git a/third_party/lighttpd/conf/lighttpd-tag.conf b/third_party/lighttpd/conf/lighttpd-tag.conf new file mode 100644 index 0000000..51b154e --- /dev/null +++ b/third_party/lighttpd/conf/lighttpd-tag.conf @@ -0,0 +1,10 @@ +# LightTPD Configuration file (SERVER-TAG) +# +# Use it as a base for LightTPD 1.0.0 and above. +# This version is built for WLMP Webserver Package - http://en.wlmp.project.net/ +# +# $Id: lighttpd-tag.conf,v 1.0 2006/11/03 23:35:28 weigon Exp $ + +## send a different Server: header +## be nice and keep it at LightTPD +server.tag = "LightTPD/1.4.19 (Win32)"
\ No newline at end of file diff --git a/third_party/lighttpd/htdocs/index.html b/third_party/lighttpd/htdocs/index.html new file mode 100644 index 0000000..98371845 --- /dev/null +++ b/third_party/lighttpd/htdocs/index.html @@ -0,0 +1,127 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> + +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> + <head> + <title>Test Page for the LightTPD HTTP Server</title> + <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> + <style type="text/css"> + /*<![CDATA[*/ + body { + background-color: #fff; + color: #000; + font-size: 0.9em; + font-family: sans-serif,helvetica; + margin: 0; + padding: 0; + } + :link { + color: #c00; + } + :visited { + color: #c00; + } + a:hover { + color: #224; + } + h1 { + text-align: center; + margin: 0; + padding: 0.6em 2em 0.4em; + background-color: #22437f; + color: #fff; + font-weight: normal; + font-size: 1.75em; + border-bottom: 2px solid #000; + } + h1 strong { + font-weight: bold; + } + h2 { + font-size: 1.1em; + font-weight: bold; + } + hr { + display: none; + } + .content { + padding: 1em 5em; + } + .content-columns { + /* Setting relative positioning allows for + absolute positioning for sub-classes */ + position: relative; + padding-top: 1em; + } + .content-column-left { + /* Value for IE/Win; will be overwritten for other browsers */ + width: 47%; + padding-right: 3%; + float: left; + padding-bottom: 2em; + } + .content-column-left hr { + display: none; + } + .content-column-right { + /* Values for IE/Win; will be overwritten for other browsers */ + width: 47%; + padding-left: 3%; + float: left; + padding-bottom: 2em; + } + .content-columns>.content-column-left, .content-columns>.content-column-right { + /* Non-IE/Win */ + } + img { + border: 2px solid #fff; + padding: 2px; + margin: 2px; + } + a:hover img { + border: 2px solid #224; + } + /*]]>*/ + </style> + </head> + + <body> + + <h1><strong>LightTPD Test Page</strong></h1> + + <div class="content"> + <div class="content-middle"> + <p>This page is used to test the proper operation of the LightTPD HTTP server after it has been installed. If you can read this page, it means that the LightTPD HTTP server installed at this site is working properly.</p> + </div> + <hr /> + + <div class="content-columns"> + <div class="content-column-left"> + <h2>If you are a member of the general public:</h2> + + <p>The fact that you are seeing this page indicates that the website you just visited is either experiencing problems, or is undergoing routine maintenance.</p> + + <p>If you would like to let the administrators of this website know that you've seen this page instead of the page you expected, you should send them e-mail. In general, mail sent to the name "webmaster" and directed to the website's domain should reach the appropriate person.</p> + + <p>For example, if you experienced problems while visiting www.example.com, you should send e-mail to "webmaster@example.com".</p> + <p><br /></p> + <p><br /></p> + + <p><a href="http://lighttpd.net/" title="Powered by LightTPD"><img src="light_button.png" alt="[ Powered by LightTPD ]"/></a></p> + <hr /> + </div> + + <div class="content-column-right"> + <h2>If you are the website administrator:</h2> + + <p>You may now add content to the directory <tt>HTDOCS\</tt>. Note that until you do so, people visiting your website will see this page, and not your content. To prevent this page from ever being used, replace this file (<tt>index.html</tt>). You may also wish to make modifications to <tt>conf\lighttpd-inc.conf</tt>.</p> + + <p>You are free to use the images below on web sites powered by the LightTPD HTTP Server:</p> + + <p><a href="http://lighttpd.net/" title="LightTPD - 'Fly light'"><img src="light_logo.png" alt="[ Powered by LightTPD ]"/></a></p> + + </div> + + </div> + </div> + </body> +</html> diff --git a/third_party/lighttpd/htdocs/light_button.png b/third_party/lighttpd/htdocs/light_button.png Binary files differnew file mode 100644 index 0000000..6f7a55b --- /dev/null +++ b/third_party/lighttpd/htdocs/light_button.png diff --git a/third_party/lighttpd/htdocs/light_logo.png b/third_party/lighttpd/htdocs/light_logo.png Binary files differnew file mode 100644 index 0000000..0c7e3b3 --- /dev/null +++ b/third_party/lighttpd/htdocs/light_logo.png diff --git a/third_party/lighttpd/lib/mod_access.dll b/third_party/lighttpd/lib/mod_access.dll Binary files differnew file mode 100644 index 0000000..4dd016d --- /dev/null +++ b/third_party/lighttpd/lib/mod_access.dll diff --git a/third_party/lighttpd/lib/mod_accesslog.dll b/third_party/lighttpd/lib/mod_accesslog.dll Binary files differnew file mode 100644 index 0000000..5ce89ba --- /dev/null +++ b/third_party/lighttpd/lib/mod_accesslog.dll diff --git a/third_party/lighttpd/lib/mod_alias.dll b/third_party/lighttpd/lib/mod_alias.dll Binary files differnew file mode 100644 index 0000000..0d5f2a3 --- /dev/null +++ b/third_party/lighttpd/lib/mod_alias.dll diff --git a/third_party/lighttpd/lib/mod_auth.dll b/third_party/lighttpd/lib/mod_auth.dll Binary files differnew file mode 100644 index 0000000..0208479 --- /dev/null +++ b/third_party/lighttpd/lib/mod_auth.dll diff --git a/third_party/lighttpd/lib/mod_cgi.dll b/third_party/lighttpd/lib/mod_cgi.dll Binary files differnew file mode 100644 index 0000000..bfd66bc --- /dev/null +++ b/third_party/lighttpd/lib/mod_cgi.dll diff --git a/third_party/lighttpd/lib/mod_cml.dll b/third_party/lighttpd/lib/mod_cml.dll Binary files differnew file mode 100644 index 0000000..ee2ff63 --- /dev/null +++ b/third_party/lighttpd/lib/mod_cml.dll diff --git a/third_party/lighttpd/lib/mod_compress.dll b/third_party/lighttpd/lib/mod_compress.dll Binary files differnew file mode 100644 index 0000000..17e199d --- /dev/null +++ b/third_party/lighttpd/lib/mod_compress.dll diff --git a/third_party/lighttpd/lib/mod_dirlisting.dll b/third_party/lighttpd/lib/mod_dirlisting.dll Binary files differnew file mode 100644 index 0000000..73c2590 --- /dev/null +++ b/third_party/lighttpd/lib/mod_dirlisting.dll diff --git a/third_party/lighttpd/lib/mod_evasive.dll b/third_party/lighttpd/lib/mod_evasive.dll Binary files differnew file mode 100644 index 0000000..f5e21f4 --- /dev/null +++ b/third_party/lighttpd/lib/mod_evasive.dll diff --git a/third_party/lighttpd/lib/mod_evhost.dll b/third_party/lighttpd/lib/mod_evhost.dll Binary files differnew file mode 100644 index 0000000..94ef501 --- /dev/null +++ b/third_party/lighttpd/lib/mod_evhost.dll diff --git a/third_party/lighttpd/lib/mod_expire.dll b/third_party/lighttpd/lib/mod_expire.dll Binary files differnew file mode 100644 index 0000000..2cce873 --- /dev/null +++ b/third_party/lighttpd/lib/mod_expire.dll diff --git a/third_party/lighttpd/lib/mod_extforward.dll b/third_party/lighttpd/lib/mod_extforward.dll Binary files differnew file mode 100644 index 0000000..0ac6506 --- /dev/null +++ b/third_party/lighttpd/lib/mod_extforward.dll diff --git a/third_party/lighttpd/lib/mod_fastcgi.dll b/third_party/lighttpd/lib/mod_fastcgi.dll Binary files differnew file mode 100644 index 0000000..26db65f --- /dev/null +++ b/third_party/lighttpd/lib/mod_fastcgi.dll diff --git a/third_party/lighttpd/lib/mod_flv_streaming.dll b/third_party/lighttpd/lib/mod_flv_streaming.dll Binary files differnew file mode 100644 index 0000000..d974712 --- /dev/null +++ b/third_party/lighttpd/lib/mod_flv_streaming.dll diff --git a/third_party/lighttpd/lib/mod_indexfile.dll b/third_party/lighttpd/lib/mod_indexfile.dll Binary files differnew file mode 100644 index 0000000..2792859 --- /dev/null +++ b/third_party/lighttpd/lib/mod_indexfile.dll diff --git a/third_party/lighttpd/lib/mod_magnet.dll b/third_party/lighttpd/lib/mod_magnet.dll Binary files differnew file mode 100644 index 0000000..c51de16 --- /dev/null +++ b/third_party/lighttpd/lib/mod_magnet.dll diff --git a/third_party/lighttpd/lib/mod_mysql_vhost.dll b/third_party/lighttpd/lib/mod_mysql_vhost.dll Binary files differnew file mode 100644 index 0000000..455bd41 --- /dev/null +++ b/third_party/lighttpd/lib/mod_mysql_vhost.dll diff --git a/third_party/lighttpd/lib/mod_proxy.dll b/third_party/lighttpd/lib/mod_proxy.dll Binary files differnew file mode 100644 index 0000000..9aea112 --- /dev/null +++ b/third_party/lighttpd/lib/mod_proxy.dll diff --git a/third_party/lighttpd/lib/mod_redirect.dll b/third_party/lighttpd/lib/mod_redirect.dll Binary files differnew file mode 100644 index 0000000..a32b5c0 --- /dev/null +++ b/third_party/lighttpd/lib/mod_redirect.dll diff --git a/third_party/lighttpd/lib/mod_rewrite.dll b/third_party/lighttpd/lib/mod_rewrite.dll Binary files differnew file mode 100644 index 0000000..73ed7b5 --- /dev/null +++ b/third_party/lighttpd/lib/mod_rewrite.dll diff --git a/third_party/lighttpd/lib/mod_rrdtool.dll b/third_party/lighttpd/lib/mod_rrdtool.dll Binary files differnew file mode 100644 index 0000000..5911517 --- /dev/null +++ b/third_party/lighttpd/lib/mod_rrdtool.dll diff --git a/third_party/lighttpd/lib/mod_scgi.dll b/third_party/lighttpd/lib/mod_scgi.dll Binary files differnew file mode 100644 index 0000000..225a44b --- /dev/null +++ b/third_party/lighttpd/lib/mod_scgi.dll diff --git a/third_party/lighttpd/lib/mod_secdownload.dll b/third_party/lighttpd/lib/mod_secdownload.dll Binary files differnew file mode 100644 index 0000000..a59e817 --- /dev/null +++ b/third_party/lighttpd/lib/mod_secdownload.dll diff --git a/third_party/lighttpd/lib/mod_setenv.dll b/third_party/lighttpd/lib/mod_setenv.dll Binary files differnew file mode 100644 index 0000000..09d3c43 --- /dev/null +++ b/third_party/lighttpd/lib/mod_setenv.dll diff --git a/third_party/lighttpd/lib/mod_simple_vhost.dll b/third_party/lighttpd/lib/mod_simple_vhost.dll Binary files differnew file mode 100644 index 0000000..663722c --- /dev/null +++ b/third_party/lighttpd/lib/mod_simple_vhost.dll diff --git a/third_party/lighttpd/lib/mod_ssi.dll b/third_party/lighttpd/lib/mod_ssi.dll Binary files differnew file mode 100644 index 0000000..3af604d --- /dev/null +++ b/third_party/lighttpd/lib/mod_ssi.dll diff --git a/third_party/lighttpd/lib/mod_staticfile.dll b/third_party/lighttpd/lib/mod_staticfile.dll Binary files differnew file mode 100644 index 0000000..45afe0e --- /dev/null +++ b/third_party/lighttpd/lib/mod_staticfile.dll diff --git a/third_party/lighttpd/lib/mod_status.dll b/third_party/lighttpd/lib/mod_status.dll Binary files differnew file mode 100644 index 0000000..9d15c36 --- /dev/null +++ b/third_party/lighttpd/lib/mod_status.dll diff --git a/third_party/lighttpd/lib/mod_trigger_b4_dl.dll b/third_party/lighttpd/lib/mod_trigger_b4_dl.dll Binary files differnew file mode 100644 index 0000000..fff48a8 --- /dev/null +++ b/third_party/lighttpd/lib/mod_trigger_b4_dl.dll diff --git a/third_party/lighttpd/lib/mod_userdir.dll b/third_party/lighttpd/lib/mod_userdir.dll Binary files differnew file mode 100644 index 0000000..6f8fb0a --- /dev/null +++ b/third_party/lighttpd/lib/mod_userdir.dll diff --git a/third_party/lighttpd/lib/mod_usertrack.dll b/third_party/lighttpd/lib/mod_usertrack.dll Binary files differnew file mode 100644 index 0000000..1c10e5b --- /dev/null +++ b/third_party/lighttpd/lib/mod_usertrack.dll diff --git a/third_party/lighttpd/lib/mod_webdav.dll b/third_party/lighttpd/lib/mod_webdav.dll Binary files differnew file mode 100644 index 0000000..45d34b9 --- /dev/null +++ b/third_party/lighttpd/lib/mod_webdav.dll diff --git a/third_party/lighttpd/no_dll/CygWin1.dll b/third_party/lighttpd/no_dll/CygWin1.dll Binary files differnew file mode 100644 index 0000000..41b0513 --- /dev/null +++ b/third_party/lighttpd/no_dll/CygWin1.dll diff --git a/third_party/lighttpd/no_dll/README b/third_party/lighttpd/no_dll/README new file mode 100644 index 0000000..66f9b7b --- /dev/null +++ b/third_party/lighttpd/no_dll/README @@ -0,0 +1 @@ +Move out the distribution's cygwin1.dll so that we use our cygwin install's. diff --git a/third_party/lighttpd/php5/compat-shim.php b/third_party/lighttpd/php5/compat-shim.php new file mode 100644 index 0000000..95be9b4 --- /dev/null +++ b/third_party/lighttpd/php5/compat-shim.php @@ -0,0 +1,16 @@ +<?php +// This is a compat shim to make our php-cgi act more like apache mod_php. +// http://www.qijoo.com/fapm/PHP/en/function.getallheaders.html +// Well, sort of, lighttpd gives us headers like HTTP_UPPERCASE_WEE, and so +// we do some ugly php to make that Uppercase-Wee... +function getallheaders() { + foreach($_SERVER as $name => $value) { + if(substr($name, 0, 5) == 'HTTP_') { + $name = strtolower(substr($name, 5)); + $name = join("-", array_map('ucwords', explode("_", $name))); + $headers[$name] = $value; + } + } + return $headers; +} +?> diff --git a/third_party/lighttpd/php5/php-cgi.exe b/third_party/lighttpd/php5/php-cgi.exe Binary files differnew file mode 100644 index 0000000..3665a53 --- /dev/null +++ b/third_party/lighttpd/php5/php-cgi.exe diff --git a/third_party/lighttpd/php5/php.ini b/third_party/lighttpd/php5/php.ini new file mode 100644 index 0000000..b3ac652 --- /dev/null +++ b/third_party/lighttpd/php5/php.ini @@ -0,0 +1,2 @@ +include_path = "../third_party/lighttpd/php5/;../../third_party/lighttpd/php5/;../../../third_party/lighttpd/php5/;../../../../third_party/lighttpd/php5/;../../../../../third_party/lighttpd/php5/;../../../../../../third_party/lighttpd/php5/;../../../../../../../third_party/lighttpd/php5/;../../../../../../../../third_party/lighttpd/php5/;../../../../../../../../../third_party/lighttpd/php5/;" +auto_prepend_file = "compat-shim.php" diff --git a/third_party/lighttpd/php5/php5ts.dll b/third_party/lighttpd/php5/php5ts.dll Binary files differnew file mode 100644 index 0000000..899a34c --- /dev/null +++ b/third_party/lighttpd/php5/php5ts.dll diff --git a/third_party/lighttpd/style/newstyle.css b/third_party/lighttpd/style/newstyle.css new file mode 100644 index 0000000..26f91d3 --- /dev/null +++ b/third_party/lighttpd/style/newstyle.css @@ -0,0 +1,49 @@ +body { + background-color: #F5F5F5; +} +a, a:active { + text-decoration: none; + color: blue; +} +a:visited { + color: #48468F; +} +a:hover, a:focus { + text-decoration: underline; + color: red; +} +h2 { + margin-bottom: 12px; +} +table { + margin-left: 12px; +} +th, td { + font-family: "Courier New", Courier, monospace; + font-size: 10pt; + text-align: left; +} +th { + font-weight: bold; + padding-right: 14px; + padding-bottom: 3px; +} +td { + padding-right: 14px; +} +td.s, th.s { + text-align: right; +} +div.list { + background-color: white; + border-top: 1px solid #646464; + border-bottom: 1px solid #646464; + padding-top: 10px; + padding-bottom: 14px; +} +div.foot { + font-family: "Courier New", Courier, monospace; + font-size: 10pt; + color: #787878; + padding-top: 4px; +} diff --git a/third_party/lighttpd/style/oldstyle.css b/third_party/lighttpd/style/oldstyle.css new file mode 100644 index 0000000..f3e26db --- /dev/null +++ b/third_party/lighttpd/style/oldstyle.css @@ -0,0 +1,25 @@ +table { + border: 1px solid black; + padding: 1px; +} +th { + background-color: black; + border: 1px solid white; + color: white; + padding-right: 2px; + padding-left: 2px; +} +td { + background-color: #f0f0f0; + border: 1px solid white; + padding-right: 2px; + padding-left: 2px; +} +td.s { + background-color: #f0f0f0; + text-align: right; + padding-left: 14px; +} +div.foot { + margin-top: 4px; +} diff --git a/third_party/lighttpd/tmp/README.txt b/third_party/lighttpd/tmp/README.txt new file mode 100644 index 0000000..62abd79 --- /dev/null +++ b/third_party/lighttpd/tmp/README.txt @@ -0,0 +1 @@ +DO NOT DELETE THIS DIRECTORY. IT IS NEEDED FOR TEMPORARY FILES, ESPECIALLY WHEN DOING UPLOADS.
\ No newline at end of file |