| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
| |
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.
So in order to propagate update of libwolfssl to latest stable release
done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages
using wolfSSL library.
Same bump has been done in buildroot in commit f1b7e1434f66 ("treewide:
fix security issues by bumping all packages using libwolfssl").
Signed-off-by: Petr Štetiar <ynezz@true.cz>
|
| |
|
|
|
|
| |
* update to lighttpd 1.4.67 release hash
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
|
|
| |
* update to lighttpd 1.4.66 release hash
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
|
|
| |
It doesn't seem to be used by meson.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
| |
* update to lighttpd 1.4.65 release hash
* specify lua version w/ -Dlua_version=lua to avoid patching meson.build
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
|
|
| |
remove long-deprecated modules
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
| |
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
|
|
|
|
| |
depend on libpcre2 instead of libpcre
also remove patches incorporated upstream into lighttpd 1.4.62
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
|
|
| |
also remove patches incorporated upstream into lighttpd 1.4.61
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
|
|
| |
also remove patches incorporated upstream into lighttpd 1.4.60
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
- ignore Content-Length from backend if 101 Switching Protocols
- close HTTP/2 connection after bad password
- skip cert chain build for self-issued certs
- meson zstd fix
- ls-hpack upstream update
- discard some HTTP/2 DATA frames received after response
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
|
|
|
| |
update to lighttpd 1.4.59 release hash
add new base module mod_ajp13
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
| |
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
|
|
|
| |
* update to lighttpd 1.4.57 release hash
* remove patches incorporated upstream
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
|
|
|
| |
incorporate suggestion from cotequeiroz (Eneas U de Queiroz)
https://github.com/openwrt/packages/issues/14142#issuecomment-739583111
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
| |
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
|
|
|
|
|
|
| |
x-ref:
"[lighttpd] -mod-wolfssl fails (requires dependency on -mod-openssl?)"
https://github.com/openwrt/packages/issues/14139
github: closes #14139
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
| |
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
| |
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
| |
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* update upstream version to lighttpd-1.4.56
* depend on Nettle for MD5, SHA1, SHA256
* multiple TLS options: gnutls, mbedtls, nss, openssl, wolfssl
* new module mod_authn_dbi
* mod_authn_* depend on mod_auth
* mod_authn_file is included if mod_auth is selected in build
* mod_vhostdb_* depend on mod_vhostdb
* mod_deflate subsumes mod_compress
* remove from Makefile the include of nls.mk (no longer needed)
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|
| |
|
|
| |
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
| |
|
|
|
|
|
|
| |
If lighttpd loads mod-auth, it also automatically tries to load
mod-authn_file, and fails if it's not available. That is a compatibility
feature of lighttpd after the funtionality was split into modules.
Signed-off-by: Jan Kardell <jan.kardell@telliq.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Simplifies the Makefile and allows faster compilation with Ninja.
Added patch to fix libmariadb dependency.
Added extra modules.
Speed Before:
time make package/lighttpd/compile -j 12
Executed in 47.91 secs fish external
usr time 41.83 secs 384.00 micros 41.83 secs
sys time 10.79 secs 37.00 micros 10.79 secs
Speed After:
time make package/lighttpd/compile -j 12
Executed in 19.67 secs fish external
usr time 42.79 secs 377.00 micros 42.79 secs
sys time 8.56 secs 37.00 micros 8.56 secs
Tested with fish shell.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
| |
Add new subpackage containing pam authentication module. Shouldn't
affect dependencies and nothing changes, there is just one more module
enabled for people interested in it.
Signed-off-by: Michal Hrusecky <michal@hrusecky.net>
|
| |
|
|
| |
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
|
|
|
|
| |
- Correct SPDX License Identifier
- Move MAINTAINER, SUBMENU to more appropriate place
- Use HTTPS in URL
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
|
|
| |
Fixes CVE-2019-11072
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
| |
Signed-off-by: W. Michael Petullo <mike@flyn.org>
|
| |
|
|
| |
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
| |
|
|
| |
Signed-off-by: W. Michael Petullo <mike@flyn.org>
|
| |
|
|
|
|
| |
e.g. 20-auth.conf
Signed-off-by: David Yang <mmyangfl@gmail.com>
|
| |
|
|
| |
Signed-off-by: David Yang <mmyangfl@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
lighttpd-mod-auth has to be installed with lighttpd-mod-authn_file,
otherwise an error will appear even when auth.backend is not "plain".
(plugin.c.229) dlopen() failed for: /usr/lib/lighttpd/mod_authn_file.so Error loading shared library /usr/lib/lighttpd/mod_authn_file.so: No such file or directory
Signed-off-by: David Yang <mmyangfl@gmail.com>
|
| |
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
| |
libmariadb 10.2 needs to be linked in together with iconv.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
| |
|
|
|
|
|
|
|
|
| |
With the current layout CONFIGURE_ARGS can end up like this:
--with-mysql --without-mysql
To avoid that join the ifneqs of the two mysql related plugins.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
| |
|
|
|
|
|
|
| |
At 1.4.48, base64 decode is broken when libc sees `char` as `unsigned char`
https://github.com/lighttpd/lighttpd1.4/commit/d4083effab0f9bf76528d5c47198b17e7471ed13?diff=unified
Signed-off-by: Xavier Franquet <xavier@franquet.es>
|
| |
|
|
|
| |
Exposes the mod-wstunnel plugin which implements websocket proxying over http
Signed-off-by: Vincent Riou <vincent@invizbox.com>
|
| |
|
|
| |
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| |
|
|
|
|
|
| |
If we're built with CONFIG_LIGHTTPD_SSL then mod_openssl.so should
be included into the base package. Fixes issue #5343.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
|
| |
|
|
|
|
|
| |
All of the bugs for which we had patches have been fixed upstream
in 1.4.46, so the patches can be dropped.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
|
| |
|
|
|
|
|
|
|
|
| |
fix Makefile chmod (644)
replace MD5SUM with HASH
add PKG_MIRROR_HASH when PKG_SOURCE_PROTO:=git
(PKG_SOURCE_PROTO:=svn tarballs are not reproducible for now)
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
|
| |
|
|
|
|
|
|
| |
If lighttpd's scripts are rotated from under it while they're still open,
this will cause some weird things to happen. Give it a heads up that
the logs have moved.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The most important change is local redirects being disabled by default.
There is an option called cgi.local-redir that allows enabling this
optimization manually back if needed.
Local redirects were initially introduced in 1.4.40 but caused many
problems for *some* web services.
One of problems is breaking Post/Redirect/Get design pattern. With
redirects handled on server side there is no browser redirection making
it "lose" the POST data.
Another possible issue are HTML forms with action="". With CGI local
redirects browser may be sending form data to the wrong URL (the one
that was supposed to redirect the browser).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
| |
|
|
|
|
|
| |
This will allow procd to restart the service if it crashes or otherwise
exits.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
|
| |
|
|
|
|
| |
(with feedback from @hnyman and patch additions from @MikePetullo)
Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
|