1 Index: src/configfile-glue.c
2 ===================================================================
3 --- src/configfile-glue.c (.../tags/lighttpd-1.4.18) (revision 2026)
4 +++ src/configfile-glue.c (.../branches/lighttpd-1.4.x) (revision 2026)
9 + case COMP_HTTP_SCHEME:
10 + l = con->uri.scheme;
17 ===================================================================
18 --- src/array.h (.../tags/lighttpd-1.4.18) (revision 2026)
19 +++ src/array.h (.../branches/lighttpd-1.4.x) (revision 2026)
23 COMP_HTTP_QUERYSTRING,
28 Index: src/mod_staticfile.c
29 ===================================================================
30 --- src/mod_staticfile.c (.../tags/lighttpd-1.4.18) (revision 2026)
31 +++ src/mod_staticfile.c (.../branches/lighttpd-1.4.x) (revision 2026)
33 /* if the value is the same as our ETag, we do a Range-request,
34 * otherwise a full 200 */
36 - if (!buffer_is_equal(ds->value, con->physical.etag)) {
37 + if (ds->value->ptr[0] == '"') {
39 + * client wants a ETag
41 + if (!con->physical.etag) {
42 + do_range_request = 0;
43 + } else if (!buffer_is_equal(ds->value, con->physical.etag)) {
44 + do_range_request = 0;
46 + } else if (!mtime) {
48 + * we don't have a Last-Modified and can match the If-Range:
53 + } else if (!buffer_is_equal(ds->value, mtime)) {
54 + do_range_request = 0;
59 ===================================================================
60 --- src/response.c (.../tags/lighttpd-1.4.18) (revision 2026)
61 +++ src/response.c (.../branches/lighttpd-1.4.x) (revision 2026)
63 buffer_copy_string_buffer(con->uri.authority, con->request.http_host);
64 buffer_to_lower(con->uri.authority);
66 + config_patch_connection(srv, con, COMP_HTTP_SCHEME); /* Scheme: */
67 config_patch_connection(srv, con, COMP_HTTP_HOST); /* Host: */
68 config_patch_connection(srv, con, COMP_HTTP_REMOTEIP); /* Client-IP */
69 config_patch_connection(srv, con, COMP_HTTP_REFERER); /* Referer: */
70 Index: src/configparser.y
71 ===================================================================
72 --- src/configparser.y (.../tags/lighttpd-1.4.18) (revision 2026)
73 +++ src/configparser.y (.../branches/lighttpd-1.4.x) (revision 2026)
75 { COMP_HTTP_COOKIE, CONST_STR_LEN("HTTP[\"cookie\"]" ) },
76 { COMP_HTTP_REMOTEIP, CONST_STR_LEN("HTTP[\"remoteip\"]" ) },
77 { COMP_HTTP_QUERYSTRING, CONST_STR_LEN("HTTP[\"querystring\"]") },
78 + { COMP_HTTP_SCHEME, CONST_STR_LEN("HTTP[\"scheme\"]" ) },
79 { COMP_UNSET, NULL, 0 },
82 Index: src/spawn-fcgi.c
83 ===================================================================
84 --- src/spawn-fcgi.c (.../tags/lighttpd-1.4.18) (revision 2026)
85 +++ src/spawn-fcgi.c (.../branches/lighttpd-1.4.x) (revision 2026)
90 -int fcgi_spawn_connection(char *appPath, char *addr, unsigned short port, const char *unixsocket, int child_count, int pid_fd, int nofork) {
91 +int fcgi_spawn_connection(char *appPath, char **appArgv, char *addr, unsigned short port, const char *unixsocket, int child_count, int pid_fd, int nofork) {
93 int socket_type, status;
94 struct timeval tv = { 0, 100 * 1000 };
103 - /* is save as we limit to 256 childs */
104 + /* is safe as we limit to 256 childs */
105 sprintf(cgi_childs, "PHP_FCGI_CHILDREN=%d", child_count);
107 if(fcgi_fd != FCGI_LISTENSOCK_FILENO) {
108 @@ -160,13 +159,18 @@
111 /* fork and replace shell */
112 - b = malloc(strlen("exec ") + strlen(appPath) + 1);
113 - strcpy(b, "exec ");
114 - strcat(b, appPath);
116 + execv(appArgv[0], appArgv);
119 - execl("/bin/sh", "sh", "-c", b, (char *)NULL);
121 + char *b = malloc(strlen("exec ") + strlen(appPath) + 1);
122 + strcpy(b, "exec ");
123 + strcat(b, appPath);
126 + execl("/bin/sh", "sh", "-c", b, (char *)NULL);
136 - char *b = "spawn-fcgi" "-" PACKAGE_VERSION \
137 -" - spawns fastcgi processes\n" \
140 +"Usage: spawn-fcgi [options] -- <fcgiapp> [fcgi app arguments]\n" \
142 +"spawn-fcgi v" PACKAGE_VERSION " - spawns fastcgi processes\n" \
145 " -f <fcgiapp> filename of the fcgi-application\n" \
146 " -a <addr> bind to ip address\n" \
147 " -p <port> bind to tcp-port\n" \
149 char *fcgi_app = NULL, *changeroot = NULL, *username = NULL,
150 *groupname = NULL, *unixsocket = NULL, *pid_file = NULL,
152 + char **fcgi_app_argv = { NULL };
153 unsigned short port = 0;
158 i_am_root = (getuid() == 0);
160 - while(-1 != (o = getopt(argc, argv, "c:f:g:hna:p:u:vC:s:P:"))) {
161 + while(-1 != (o = getopt(argc, argv, "c:f:g:hna:p:u:vC:s:P:"))) {
163 case 'f': fcgi_app = optarg; break;
164 case 'a': addr = optarg;/* ip addr */ break;
169 - if (fcgi_app == NULL || (port == 0 && unixsocket == NULL)) {
170 + if (optind < argc) {
171 + fcgi_app_argv = &argv[optind];
174 + if ((fcgi_app == NULL && fcgi_app_argv == NULL) || (port == 0 && unixsocket == NULL)) {
183 + * Change group before chroot, when we have access
187 + setgid(grp->gr_gid);
188 + setgroups(0, NULL);
190 + initgroups(username, grp->gr_gid);
195 if (-1 == chroot(changeroot)) {
196 fprintf(stderr, "%s.%d: %s %s\n",
197 @@ -420,18 +444,12 @@
200 /* drop root privs */
202 - setgid(grp->gr_gid);
206 - initgroups(username, grp->gr_gid);
212 - return fcgi_spawn_connection(fcgi_app, addr, port, unixsocket, child_count, pid_fd, nofork);
213 + return fcgi_spawn_connection(fcgi_app, fcgi_app_argv, addr, port, unixsocket, child_count, pid_fd, nofork);
217 Index: src/mod_auth.c
218 ===================================================================
219 --- src/mod_auth.c (.../tags/lighttpd-1.4.18) (revision 2026)
220 +++ src/mod_auth.c (.../branches/lighttpd-1.4.x) (revision 2026)
221 @@ -238,13 +238,13 @@
222 int auth_type_len = auth_realm - http_authorization;
224 if ((auth_type_len == 5) &&
225 - (0 == strncmp(http_authorization, "Basic", auth_type_len))) {
226 + (0 == strncasecmp(http_authorization, "Basic", auth_type_len))) {
228 if (0 == strcmp(method->value->ptr, "basic")) {
229 auth_satisfied = http_auth_basic_check(srv, con, p, req, con->uri.path, auth_realm+1);
231 } else if ((auth_type_len == 6) &&
232 - (0 == strncmp(http_authorization, "Digest", auth_type_len))) {
233 + (0 == strncasecmp(http_authorization, "Digest", auth_type_len))) {
234 if (0 == strcmp(method->value->ptr, "digest")) {
235 if (-1 == (auth_satisfied = http_auth_digest_check(srv, con, p, req, con->uri.path, auth_realm+1))) {
236 con->http_status = 400;
238 ===================================================================
239 --- src/server.c (.../tags/lighttpd-1.4.18) (revision 2026)
240 +++ src/server.c (.../branches/lighttpd-1.4.x) (revision 2026)
247 + * Change group before chroot, when we have access
250 + if (srv->srvconf.groupname->used) {
251 + setgid(grp->gr_gid);
252 + setgroups(0, NULL);
253 + if (srv->srvconf.username->used) {
254 + initgroups(srv->srvconf.username->ptr, grp->gr_gid);
259 if (srv->srvconf.changeroot->used) {
264 /* drop root privs */
265 - if (srv->srvconf.groupname->used) {
266 - setgid(grp->gr_gid);
267 - setgroups(0, NULL);
270 if (srv->srvconf.username->used) {
271 - if (srv->srvconf.groupname->used) {
272 - initgroups(srv->srvconf.username->ptr, grp->gr_gid);
277 Index: tests/mod-auth.t
278 ===================================================================
279 --- tests/mod-auth.t (.../tags/lighttpd-1.4.18) (revision 2026)
280 +++ tests/mod-auth.t (.../branches/lighttpd-1.4.x) (revision 2026)
285 -use Test::More tests => 13;
286 +use Test::More tests => 14;
289 my $tf = LightyTest->new();
291 $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
292 ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token - htpasswd (des)');
294 +$t->{REQUEST} = ( <<EOF
295 +GET /server-config HTTP/1.0
296 +Host: auth-htpasswd.example.org
297 +Authorization: basic ZGVzOmRlcw==
300 +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
301 +ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token - htpasswd (des) (lowercase)');
305 skip "no md5 for crypt under cygwin", 1 if $^O eq 'cygwin';
306 $t->{REQUEST} = ( <<EOF
307 Index: doc/configuration.txt
308 ===================================================================
309 --- doc/configuration.txt (.../tags/lighttpd-1.4.18) (revision 2026)
310 +++ doc/configuration.txt (.../branches/lighttpd-1.4.x) (revision 2026)
321 ===================================================================
322 --- Makefile.am (.../tags/lighttpd-1.4.18) (revision 2026)
323 +++ Makefile.am (.../branches/lighttpd-1.4.x) (revision 2026)
325 SUBDIRS=src doc tests cygwin openwrt
327 -EXTRA_DIST=lighttpd.spec
328 +EXTRA_DIST=lighttpd.spec SConstruct
330 ===================================================================
331 --- NEWS (.../tags/lighttpd-1.4.18) (revision 2026)
332 +++ NEWS (.../branches/lighttpd-1.4.x) (revision 2026)
339 + * added support for If-Range: <date> (#1346)
340 + * added support for matching $HTTP["scheme"] in configs
341 + * fixed initgroups() called after chroot (#1384)
342 + * fixed case-sensitive check for Auth-Method (#1456)
343 + * execute fcgi app without /bin/sh if used as argument to spawn-fcgi (#1428)
345 - 1.4.18 - 2007-09-09
347 * fixed compile error on IRIX 6.5.x on prctl() (#1333)
348 Index: lighttpd.spec.in
349 ===================================================================
350 --- lighttpd.spec.in (.../tags/lighttpd-1.4.18) (revision 2026)
351 +++ lighttpd.spec.in (.../branches/lighttpd-1.4.x) (revision 2026)
353 Packager: Jan Kneschke <jan@kneschke.de>
355 Group: Networking/Daemons
356 -URL: http://jan.kneschke.de/projects/lighttpd/
357 +URL: http://www.lighttpd.net/
358 Requires: pcre >= 3.1 zlib
359 -BuildPrereq: libtool zlib-devel
360 +BuildRequires: libtool zlib-devel
361 BuildRoot: %{_tmppath}/%{name}-root
365 lighttpd is intented to be a frontend for ad-servers which have to deliver
366 small files concurrently to many connections.
368 -Available rpmbuild rebuild options :
369 ---with : ssl mysql lua memcache
370 +Available rpmbuild rebuild options:
371 +--with: ssl mysql lua memcache
385 mkdir -p %{buildroot}%{_sysconfdir}/{init.d,sysconfig}
386 -if test -f /etc/redhat-release -o -f /etc/fedora-release; then
387 - install -m 755 doc/rc.lighttpd.redhat %{buildroot}%{_sysconfdir}/init.d/lighttpd
388 +if [ -f /etc/redhat-release -o -f /etc/fedora-release ]; then
389 + install -m 755 doc/rc.lighttpd.redhat %{buildroot}%{_sysconfdir}/init.d/lighttpd
391 - install -m 755 doc/rc.lighttpd %{buildroot}%{_sysconfdir}/init.d/lighttpd
392 + install -m 755 doc/rc.lighttpd %{buildroot}%{_sysconfdir}/init.d/lighttpd
394 install -m 644 doc/sysconfig.lighttpd %{buildroot}%{_sysconfdir}/sysconfig/lighttpd
399 ## read http://www.fedora.us/docs/spec.html next time :)
400 -if test "$1" = "1"; then
401 - # real install, not upgrade
402 - /sbin/chkconfig --add lighttpd
403 +if [ "$1" = "1" ]; then
404 + # real install, not upgrade
405 + /sbin/chkconfig --add lighttpd
409 -if test "$1" = "0"; then
410 - # real uninstall, not upgrade
411 - %{_sysconfdir}/init.d/lighttpd stop
412 - /sbin/chkconfig --del lighttpd
413 +if [ "$1" = "0"]; then
414 + # real uninstall, not upgrade
415 + %{_sysconfdir}/init.d/lighttpd stop
416 + /sbin/chkconfig --del lighttpd