lighttpd: update to lighttpd 1.4.57lilik-openwrt-22.03
@ -1,78 +0,0 @@ | |||
From 2a1e55dc62c72893d128400334131a56a218ee1a Mon Sep 17 00:00:00 2001 | |||
From: Glenn Strauss <gstrauss@gluelogic.com> | |||
Date: Tue, 1 Dec 2020 16:23:49 -0500 | |||
Subject: [PATCH] [mod_webdav] define _ATFILE_SOURCE if AT_FDCWD | |||
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com> | |||
--- | |||
src/mod_webdav.c | 15 ++++++++++++--- | |||
1 file changed, 20 insertions(+), 5 deletions(-) | |||
diff --git a/src/mod_webdav.c b/src/mod_webdav.c | |||
index c3fe79a2..9c27ad8f 100644 | |||
--- a/src/mod_webdav.c | |||
+++ b/src/mod_webdav.c | |||
@@ -182,9 +182,18 @@ | |||
#include <string.h> | |||
#include <unistd.h> /* getpid() linkat() rmdir() unlinkat() */ | |||
-/* Note: filesystem access race conditions exist without _ATFILE_SOURCE */ | |||
+#ifdef AT_FDCWD | |||
#ifndef _ATFILE_SOURCE | |||
+#define _ATFILE_SOURCE | |||
+#endif | |||
+#endif | |||
+ | |||
+#ifndef AT_SYMLINK_NOFOLLOW | |||
#define AT_SYMLINK_NOFOLLOW 0 | |||
+#endif | |||
+ | |||
+/* Note: filesystem access race conditions exist without _ATFILE_SOURCE */ | |||
+#ifndef _ATFILE_SOURCE | |||
/*(trigger linkat() fail to fallback logic in mod_webdav.c)*/ | |||
#define linkat(odfd,opath,ndfd,npath,flags) -1 | |||
#endif | |||
@@ -2371,7 +2380,10 @@ webdav_delete_dir (const plugin_config * const pconf, | |||
buffer_append_string_len(&dst->rel_path, de->d_name, len); | |||
#ifndef _ATFILE_SOURCE | |||
- #ifndef _DIRENT_HAVE_D_TYPE | |||
+ #ifdef _DIRENT_HAVE_D_TYPE | |||
+ if (de->d_type == DT_UNKNOWN) | |||
+ #endif | |||
+ { | |||
struct stat st; | |||
if (0 != stat(dst->path.ptr, &st)) { | |||
dst->path.ptr[ (dst->path.used = dst_path_used) -1]='\0'; | |||
@@ -2379,6 +2391,6 @@ webdav_delete_dir (const plugin_config * const pconf, | |||
continue; /* file *just* disappeared? */ | |||
} | |||
s_isdir = S_ISDIR(st.st_mode); | |||
- #endif | |||
+ } | |||
#endif | |||
@@ -2903,7 +2902,10 @@ webdav_copymove_dir (const plugin_config * const pconf, | |||
buffer_append_string_len(&dst->rel_path, de->d_name, len); | |||
#ifndef _ATFILE_SOURCE | |||
- #ifndef _DIRENT_HAVE_D_TYPE | |||
+ #ifdef _DIRENT_HAVE_D_TYPE | |||
+ if (de->d_type == DT_UNKNOWN) | |||
+ #endif | |||
+ { | |||
if (0 != stat(src->path.ptr, &st)) { | |||
src->path.ptr[ (src->path.used = src_path_used) -1]='\0'; | |||
src->rel_path.ptr[(src->rel_path.used = src_rel_path_used)-1]='\0'; | |||
@@ -2912,7 +2914,7 @@ webdav_copymove_dir (const plugin_config * const pconf, | |||
continue; /* file *just* disappeared? */ | |||
} | |||
d_type = st.st_mode; | |||
- #endif | |||
+ } | |||
#endif | |||
if (S_ISDIR(d_type)) { /* recursive call; depth first */ | |||
-- | |||
2.28.0 | |||
@ -1,26 +0,0 @@ | |||
From 716e4d7a5d773607d87d5521f5943cff019bcd97 Mon Sep 17 00:00:00 2001 | |||
From: Glenn Strauss <gstrauss@gluelogic.com> | |||
Date: Mon, 30 Nov 2020 19:31:05 -0500 | |||
Subject: [PATCH] [core] fix lighttpd -1 one-shot with pipes | |||
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com> | |||
--- | |||
src/server.c | 2 +- | |||
1 file changed, 1 insertion(+), 1 deletion(-) | |||
diff --git a/src/server.c b/src/server.c | |||
index 83c0241f..a781027e 100644 | |||
--- a/src/server.c | |||
+++ b/src/server.c | |||
@@ -356,7 +356,7 @@ static int server_oneshot_read_cq(connection *con, chunkqueue *cq, off_t max_byt | |||
/* temporary set con->fd to oneshot_fd (fd input) rather than outshot_fdout | |||
* (lighttpd generally assumes operation on sockets, so this is a kludge) */ | |||
int fd = con->fd; | |||
- con->fd = oneshot_fd; | |||
+ con->fd = oneshot_fdn->fd; | |||
int rc = oneshot_read_cq(con, cq, max_bytes); | |||
con->fd = fd; | |||
-- | |||
2.28.0 | |||
@ -1,89 +0,0 @@ | |||
From 233a218ab3cf449a0667438cf0b1830eeb33471b Mon Sep 17 00:00:00 2001 | |||
From: Glenn Strauss <gstrauss@gluelogic.com> | |||
Date: Thu, 3 Dec 2020 17:16:52 -0500 | |||
Subject: [PATCH] [build] fix meson.build when building all TLS mods | |||
x-ref: | |||
"[lighttpd] -mod-openssl fails" | |||
https://github.com/openwrt/packages/issues/14121 | |||
"[lighttpd] -mod-wolfssl fails" | |||
https://github.com/openwrt/packages/issues/14122 | |||
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com> | |||
--- | |||
src/meson.build | 20 +++++++++++++------- | |||
1 file changed, 13 insertions(+), 7 deletions(-) | |||
diff --git a/src/meson.build b/src/meson.build | |||
index 71e4ec90..2d6ee2df 100644 | |||
--- a/src/meson.build | |||
+++ b/src/meson.build | |||
@@ -432,15 +432,20 @@ if get_option('with_mysql') | |||
endif | |||
libssl = [] | |||
-libx509 = [] | |||
libcrypto = [] | |||
+libsslcrypto = [] | |||
libgnutls = [] | |||
+libmbedtls = [] | |||
+libmbedcrypto = [] | |||
+libmbedx509 = [] | |||
+libwolfssl = [] | |||
if get_option('with_openssl') | |||
# manual search: | |||
# header: openssl/ssl.h | |||
# function: SSL_new (-lssl) | |||
# function: BIO_f_base64 (-lcrypto) | |||
libssl = [ dependency('libssl') ] | |||
+ libsslcrypto = [ dependency('libcrypto') ] | |||
libcrypto = [ dependency('libcrypto') ] | |||
conf_data.set('HAVE_OPENSSL_SSL_H', true) | |||
conf_data.set('HAVE_LIBSSL', true) | |||
@@ -449,7 +454,7 @@ if get_option('with_wolfssl') | |||
# manual search: | |||
# header: wolfssl/ssl.h | |||
# function: wolfSSL_Init (-lwolfssl) | |||
- libssl = [ dependency('wolfssl') ] | |||
+ libwolfssl = [ dependency('wolfssl') ] | |||
libcrypto = [ dependency('wolfssl') ] | |||
conf_data.set('HAVE_WOLFSSL_SSL_H', true) | |||
endif | |||
@@ -459,8 +464,9 @@ if get_option('with_mbedtls') | |||
# function: mbedtls_cipher_info_from_type (-lmbedtls) | |||
# function: mbedtls_x509_get_name (-lmbedx509) | |||
# function: mbedtls_base64_encode (-lmbedcrypto) | |||
- libssl = [ compiler.find_library('mbedtls') ] | |||
- libx509 = [ compiler.find_library('mbedx509') ] | |||
+ libmbedtls = [ compiler.find_library('mbedtls') ] | |||
+ libmbedx509 = [ compiler.find_library('mbedx509') ] | |||
+ libmbedcrypto = [ compiler.find_library('mbedcrypto') ] | |||
libcrypto = [ compiler.find_library('mbedcrypto') ] | |||
conf_data.set('HAVE_LIBMBEDCRYPTO', true) | |||
endif | |||
@@ -1070,19 +1076,19 @@ endif | |||
if get_option('with_openssl') | |||
modules += [ | |||
- [ 'mod_openssl', [ 'mod_openssl.c' ], libssl + libcrypto ], | |||
+ [ 'mod_openssl', [ 'mod_openssl.c' ], libssl + libsslcrypto ], | |||
] | |||
endif | |||
if get_option('with_wolfssl') | |||
modules += [ | |||
- [ 'mod_wolfssl', [ 'mod_wolfssl.c' ], libcrypto ], | |||
+ [ 'mod_wolfssl', [ 'mod_wolfssl.c' ], libwolfssl ], | |||
] | |||
endif | |||
if get_option('with_mbedtls') | |||
modules += [ | |||
- [ 'mod_mbedtls', [ 'mod_mbedtls.c' ], libssl + libx509 + libcrypto ], | |||
+ [ 'mod_mbedtls', [ 'mod_mbedtls.c' ], libmbedtls + libmbedx509 + libmbedcrypto ], | |||
] | |||
endif | |||
-- | |||
2.28.0 | |||
@ -1,32 +0,0 @@ | |||
From a27e55b2dd0887f462c36ff788dde5c5de20a154 Mon Sep 17 00:00:00 2001 | |||
From: Glenn Strauss <gstrauss@gluelogic.com> | |||
Date: Sat, 5 Dec 2020 11:19:03 -0500 | |||
Subject: [PATCH] [core] add missing mod_wolfssl to ssl compat list | |||
add missing mod_wolfssl to ssl compat module list | |||
x-ref: | |||
"[lighttpd] -mod-wolfssl fails (requires dependency on -mod-openssl?)" | |||
https://github.com/openwrt/packages/issues/14139 | |||
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com> | |||
--- | |||
src/configfile.c | 2 ++ | |||
1 file changed, 2 insertions(+) | |||
diff --git a/src/configfile.c b/src/configfile.c | |||
index da444154..c7739c4f 100644 | |||
--- a/src/configfile.c | |||
+++ b/src/configfile.c | |||
@@ -345,6 +345,8 @@ static void config_compat_module_load (server *srv) { | |||
append_mod_openssl = 0; | |||
else if (buffer_eq_slen(m, CONST_STR_LEN("mod_openssl"))) | |||
append_mod_openssl = 0; | |||
+ else if (buffer_eq_slen(m, CONST_STR_LEN("mod_wolfssl"))) | |||
+ append_mod_openssl = 0; | |||
else if (buffer_eq_slen(m, CONST_STR_LEN("mod_authn_file"))) | |||
append_mod_authn_file = 0; | |||
else if (buffer_eq_slen(m, CONST_STR_LEN("mod_authn_ldap"))) | |||
-- | |||
2.28.0 | |||
@ -1,55 +0,0 @@ | |||
From a43420ba07645acb71f31e95b9c7b4e894794afd Mon Sep 17 00:00:00 2001 | |||
From: Glenn Strauss <gstrauss@gluelogic.com> | |||
Date: Sun, 6 Dec 2020 22:50:49 -0500 | |||
Subject: [PATCH] [mod_wolfssl] add complex preproc logic for SNI | |||
add complex preproc logic for SNI detection | |||
- HAVE_SNI is not sufficient | |||
- HAVE_LIGHTY is not sufficient (in wolfssl <= 4.5.0) | |||
Instead, use more complex logic wrapping calls to SNI_Callback() | |||
in wolfssl. | |||
x-ref: | |||
"[lighttpd] -mod-wolfssl inhibited by missing library functionality" | |||
https://github.com/openwrt/packages/issues/14142 | |||
"put all SNI code behind simpler preprocessor directive HAVE_SNI" | |||
https://github.com/wolfSSL/wolfssl/pull/3538 | |||
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com> | |||
--- | |||
src/mod_wolfssl.c | 15 ++++++++++++--- | |||
1 file changed, 12 insertions(+), 3 deletions(-) | |||
diff --git a/src/mod_wolfssl.c b/src/mod_wolfssl.c | |||
index a22b0ebe..70f7488b 100644 | |||
--- a/src/mod_wolfssl.c | |||
+++ b/src/mod_wolfssl.c | |||
@@ -2041,13 +2041,22 @@ network_init_ssl (server *srv, plugin_config_socket *s, plugin_data *p) | |||
* && (HAVE_STUNNEL || WOLFSSL_NGINX || HAVE_LIGHTY))) | |||
* and sniRecvCb sniRecvCbArg are hidden by *different* set of defines | |||
* in wolfssl/internal.h) | |||
- * Note: SNI callbacks disabled if wolfSSL is not built OPENSSL_ALL ! */ | |||
- #ifdef OPENSSL_ALL /* regretable */ | |||
+ * Note: wolfSSL SNI callbacks members not present unless wolfSSL is | |||
+ * built OPENSSL_ALL or some additional combination of preprocessor | |||
+ * defines. The following should work with more recent wolfSSL versions | |||
+ * (and HAVE_LIGHTY is not sufficient in wolfssl <= 4.5.0) */ | |||
+ #if defined(OPENSSL_ALL) \ | |||
+ || (defined(OPENSSL_EXTRA) \ | |||
+ && (defined(HAVE_STUNNEL) \ | |||
+ || defined(WOLFSSL_NGINX) \ | |||
+ || defined(WOLFSSL_HAPROXY))) | |||
+ #else | |||
+ #undef HAVE_SNI | |||
+ #endif | |||
#ifdef HAVE_SNI | |||
wolfSSL_CTX_set_servername_callback( | |||
s->ssl_ctx, network_ssl_servername_callback); | |||
wolfSSL_CTX_set_servername_arg(s->ssl_ctx, srv); | |||
- #endif /* regretable */ | |||
#else | |||
log_error(srv->errh, __FILE__, __LINE__, | |||
"SSL: WARNING: SNI callbacks *crippled* in wolfSSL library build"); | |||
-- | |||
2.28.0 | |||