diff --git a/www/bozohttpd/Makefile b/www/bozohttpd/Makefile index dbfbd875f398..3d57f47b5b09 100644 --- a/www/bozohttpd/Makefile +++ b/www/bozohttpd/Makefile @@ -1,69 +1,68 @@ PORTNAME= bozohttpd -PORTVERSION= 20210227 -PORTREVISION= 1 +DISTVERSION= 20240126 CATEGORIES= www MASTER_SITES= http://eterna23.net/bozohttpd/ -MAINTAINER= jmohacsi@bsd.hu +MAINTAINER= cpetrik@proton.me COMMENT= Bozotic HTTP server from NetBSD WWW= http://eterna23.net/bozohttpd/ LICENSE= BSD2CLAUSE USES= cpe uidfix tar:bzip2 CPE_VENDOR= eterna USE_RC_SUBR= bozohttpd MAKE_ARGS= LDADD="${LIBS}" PLIST_FILES= bin/bozohttpd \ share/man/man8/bozohttpd.8.gz OPTIONS_DEFINE= BLACKLIST CGI DAEMON DEBUG DIRINDEX\ DYNAMIC HTPASSWD LUA SSL USER OPTIONS_DEFAULT= BLACKLIST CGI DAEMON DEBUG DIRINDEX\ DYNAMIC HTPASSWD LUA SSL USER BLACKLIST_DESC= Report Unauthorized and Forbidden accesses to blacklistd CGI_DESC= Common Gateway Interface (CGI) support (-C, -c, -E, -e) DAEMON_DESC= Optional daemon mode (-b) DEBUG_DESC= Debug support (-d) DIRINDEX_DESC= Automatic directory index if index.html is missing (-X) DYNAMIC_DESC= Dynamic content based on file suffixes (-C, -M) HTPASSWD_DESC= Basic authentication with .htpasswd files LUA_DESC= Lua scripts for dynamic content (-L) SSL_DESC= SSL/TLS for HTTPS requests (-Z, -z) USER_DESC= Optional /~user transformation (-e, -p, -u) BLACKLIST_CFLAGS_OFF= -DNO_BLACKLIST_SUPPORT BLACKLIST_LIBS= -lblacklist CGI_CFLAGS_OFF= -DNO_CGIBIN_SUPPORT DAEMON_CFLAGS_OFF= -DNO_DAEMON_MODE DEBUG_CFLAGS_OFF= -DNO_DEBUG DIRINDEX_CFLAGS_OFF= -DNO_DIRINDEX_SUPPORT DYNAMIC_CFLAGS_OFF= -DNO_DYNAMIC_CONTENT HTPASSWD_CFLAGS= -DDO_HTPASSWD HTPASSWD_LIBS= -lcrypt LUA_USES= lua LUA_CFLAGS= -I${LUA_INCDIR} LUA_CFLAGS_OFF= -DNO_LUA_SUPPORT LUA_LDFLAGS= -L${LUA_LIBDIR} LUA_LIBS= -llua-${LUA_VER} SSL_USES= ssl SSL_CFLAGS= -I${OPENSSLINC} SSL_CFLAGS_OFF= -DNO_SSL_SUPPORT SSL_LDFLAGS= -L${OPENSSLLIB} SSL_LIBS= -lcrypto -lssl USER_CFLAGS_OFF= -DNO_USER_SUPPORT .include .if ${OPSYS} == FreeBSD CFLAGS+= -Wno-error=unused-but-set-variable .endif .if ( ${OPSYS} == FreeBSD && ${OSVERSION} >= 1400092 && ${SSL_DEFAULT} == base ) || ${SSL_DEFAULT:Mopenssl3*} CFLAGS+= -DOPENSSL_API_COMPAT=0x10100000L .endif .include diff --git a/www/bozohttpd/distinfo b/www/bozohttpd/distinfo index 86e0c19344b6..6274e6aecb33 100644 --- a/www/bozohttpd/distinfo +++ b/www/bozohttpd/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1614489706 -SHA256 (bozohttpd-20210227.tar.bz2) = 23f6708be9e4f1b151718320228bf6765586965db48e2b0e5a943c4020e8adff -SIZE (bozohttpd-20210227.tar.bz2) = 63732 +TIMESTAMP = 1762476678 +SHA256 (bozohttpd-20240126.tar.bz2) = 576267bc5681c52b650294c3f2a85b8c8d8c239e75e71aaba7973771f852b56d +SIZE (bozohttpd-20240126.tar.bz2) = 62621 diff --git a/www/bozohttpd/files/patch-Makefile b/www/bozohttpd/files/patch-Makefile index 0a96851e5973..c55ab1918696 100644 --- a/www/bozohttpd/files/patch-Makefile +++ b/www/bozohttpd/files/patch-Makefile @@ -1,45 +1,47 @@ ---- Makefile.orig 2021-02-28 05:20:51 UTC +--- Makefile.orig 2024-02-04 05:55:04 UTC +++ Makefile @@ -14,7 +14,7 @@ # NO_SSL_SUPPORT /* don't support ssl (https) */ # DO_HTPASSWD /* support .htpasswd files */ # NO_LUA_SUPPORT /* don't support Lua for dynamic content */ -# NO_BLOCKLIST_SUPPORT /* don't support blocklist */ -+# NO_BLACKLIST_SUPPORT /* don't support blacklist */ ++# NO_BLACKLIST_SUPPORT /* don't support blocklist */ # # other system specific defines: # HAVE_NBUTIL_H /* netbsd compat is in -@@ -24,20 +24,17 @@ +@@ -24,22 +24,19 @@ # for setting CFLAGS relevant to your make, eg # % make COPTS="-DDO_HTPASSWD" -COPTS+= -DDO_HTPASSWD PROG= bozohttpd -LINKS= ${BINDIR}/bozohttpd ${BINDIR}/httpd MAN= bozohttpd.8 -MLINKS+=bozohttpd.8 httpd.8 SRCS= bozohttpd.c ssl-bozo.c auth-bozo.c cgi-bozo.c daemon-bozo.c \ tilde-luzah-bozo.c dir-index-bozo.c content-bozo.c lua-bozo.c SRCS+= main.c + COPTS.ssl-bozo.c+=-Wno-error=deprecated-declarations + -LDADD= -lblocklist -lcrypt -llua -lm -DPADD= ${LIBBLOCKLIST} ${LIBCRYPT} ${LIBLUA} ${LIBM} - WARNS?= 4 +BINDIR=$(PREFIX)/bin +MANDIR=$(PREFIX)/share/man/man + .if defined(.OS.MAKE) OPSYS= ${.OS.MAKE} .else -@@ -48,9 +45,6 @@ LDADD+= -lnbutil +@@ -50,9 +47,6 @@ LDADD+= -lnbutil CPPFLAGS+= -DHAVE_NBUTIL_H LDADD+= -lnbutil .endif - -LDADD+= -lssl -lcrypto -DPADD+= ${LIBSSL} ${LIBCRYPTO} # # Build release things. diff --git a/www/bozohttpd/files/patch-auth-bozo.c b/www/bozohttpd/files/patch-auth-bozo.c index 2ec07b75d1e6..ee482be33888 100644 --- a/www/bozohttpd/files/patch-auth-bozo.c +++ b/www/bozohttpd/files/patch-auth-bozo.c @@ -1,15 +1,15 @@ ---- auth-bozo.c.orig 2021-02-14 09:39:00 UTC +--- auth-bozo.c.orig 2024-02-04 05:55:04 UTC +++ auth-bozo.c -@@ -106,9 +106,9 @@ bozo_auth_check(bozo_httpreq_t *request, const char *f +@@ -111,9 +111,9 @@ bozo_auth_check(bozo_httpreq_t *request, const char *f break; fclose(fp); -#ifndef NO_BLOCKLIST_SUPPORT - pfilter_notify(BLOCKLIST_AUTH_OK, 200); -#endif /* !NO_BLOCKLIST_SUPPORT */ +#ifndef NO_BLACKLIST_SUPPORT + pfilter_notify(BLACKLIST_AUTH_OK, 200); +#endif /* !NO_BLACKLIST_SUPPORT */ return 0; } diff --git a/www/bozohttpd/files/patch-bozohttpd.8 b/www/bozohttpd/files/patch-bozohttpd.8 index 64267d5088ea..8f3e84e155e1 100644 --- a/www/bozohttpd/files/patch-bozohttpd.8 +++ b/www/bozohttpd/files/patch-bozohttpd.8 @@ -1,153 +1,153 @@ ---- bozohttpd.8.orig 2020-10-15 04:35:06 UTC +--- bozohttpd.8.orig 2024-02-04 05:55:04 UTC +++ bozohttpd.8 -@@ -354,12 +354,26 @@ since version 20040828, they take multiple options (2 +@@ -373,12 +373,26 @@ and 4 in the case of .Fl C and 4 in the case of .Fl M . ) +.Ss DEFAULT CONFIGURATION +On +.Fx , +.Nm +can be enabled as the default web server by adding the following options to +.Pa /etc/rc.conf +: +.Bd -literal +bozohttpd_enable (bool): Set it to "YES" to enable bozohttpd. + Default is "NO". +bozohttpd_flags (str): Options to pass to bozohttpd. + Default is "-b -t /var/empty -U nobody /". + The last argument, slashdir, is required. +.Ed .Ss INETD CONFIGURATION As .Nm -uses +normally uses .Xr inetd 8 -by default to process incoming TCP connections for HTTP requests +to process incoming TCP connections for HTTP requests (but see the .Fl b option), -@@ -371,8 +385,8 @@ A typical +@@ -390,8 +404,8 @@ entry would be: .Xr inetd.conf 5 entry would be: .Bd -literal -http stream tcp nowait:600 _httpd /usr/libexec/httpd httpd /var/www -http stream tcp6 nowait:600 _httpd /usr/libexec/httpd httpd /var/www +http stream tcp nowait:600 www /usr/local/bin/bozohttpd httpd /var/www +http stream tcp6 nowait:600 www /usr/local/bin/bozohttpd httpd /var/www .Ed .Pp This would serve web pages from -@@ -386,7 +400,7 @@ requests per minute to 600, up from the +@@ -405,7 +419,7 @@ Using the default of 40. .Pp Using the -.Nx +.Fx .Xr inetd 8 , you can provide multiple IP-address based HTTP servers by having multiple listening ports with different configurations. -@@ -438,15 +452,15 @@ jeremy:A.xewbx2DpQ8I +@@ -457,15 +471,15 @@ On .Ed .Pp On -.Nx , +.Fx , the -.Xr pwhash 1 +.Xr openssl-passwd 1 utility may be used to generate hashed passwords. .Pp -While +While the +.Fx +port of .Nm -distributed with -.Nx has support for HTTP Basic Authorization enabled by default, in the portable distribution it is excluded. Compile -@@ -456,21 +470,21 @@ with +@@ -475,21 +489,21 @@ It may require linking with the crypt library, using on the compiler command line to enable this support. It may require linking with the crypt library, using .Dq -lcrypt . -.Ss BLOCKLIST SUPPORT +.Ss BLACKLIST SUPPORT On -.Nx , +.Fx , .Nm supports -.Xr blocklistd 8 +.Xr blacklistd 8 by default. The support can be disabled with the -.Dq -DNO_BLOCKLIST_SUPPORT +.Dq -DNO_BLACKLIST_SUPPORT compilation option. .Pp Upon occurrence, .Nm reports two HTTP status codes to -.Xr blocklistd 8 +.Xr blacklistd 8 as failures: .Em 401 (``Unauthorized'') -@@ -482,7 +496,7 @@ Of these, +@@ -501,7 +515,7 @@ A successful authorization decreases the counter kept is the one received upon authorization failure with the HTTP Basic Authorization mechanism. A successful authorization decreases the counter kept by -.Xr blocklistd 8 . +.Xr blacklistd 8 . .Pp Note that the implementation of the HTTP Basic Authorization mechanism uses a redirection; a status code -@@ -491,7 +505,7 @@ is always initially received. +@@ -510,7 +524,7 @@ is reported as two failures to Therefore, a single authorization failure of .Pa .htpasswd is reported as two failures to -.Xr blocklistd 8 , +.Xr blacklistd 8 , but no failures are recorded upon successful authorization due to the decrease of the failure counter. .Ss SSL SUPPORT -@@ -584,7 +598,7 @@ To configure set of virtual hosts, one would use an +@@ -603,7 +617,7 @@ entry like: .Xr inetd.conf 5 entry like: .Bd -literal -http stream tcp nowait:600 _httpd /usr/libexec/httpd httpd -v /var/vroot /var/www +http stream tcp nowait:600 www /usr/local/bin/bozohttpd httpd -v /var/vroot /var/www .Ed .Pp and inside -@@ -602,7 +616,7 @@ with PHP, one must use the +@@ -621,7 +635,7 @@ Typically this will be like: option to specify a CGI handler for a particular file type. Typically this will be like: .Bd -literal -httpd -C .php /usr/pkg/bin/php-cgi /var/www +bozohttpd -C .php /usr/pkg/bin/php-cgi /var/www .Ed .Pp Note that a plain script interpreter can not be used directly as a cgihandler, -@@ -615,7 +629,7 @@ might do. +@@ -634,7 +648,7 @@ It would be invoked like: .Pp It would be invoked like: .Bd -literal -httpd -C .pl /www-scripts/bin/run.perl /var/www +bozohttpd -C .pl /www-scripts/bin/run.perl /var/www .Ed and the script could look like: .Bd -literal -@@ -809,7 +823,7 @@ provided chroot and change-to-user support, and other +@@ -821,7 +835,7 @@ provided support for .An Jukka Ruohonen .Aq Mt jruoho@NetBSD.org provided support for -.Xr blocklistd 8 +.Xr blacklistd 8 .It - .An Jared McNeill - .Aq Mt jmcneill@NetBSD.org + .An Thor Lancelot Simon + .Aq Mt tls@NetBSD.org diff --git a/www/bozohttpd/files/patch-bozohttpd.c b/www/bozohttpd/files/patch-bozohttpd.c index 7582fc976623..b898a5fd3202 100644 --- a/www/bozohttpd/files/patch-bozohttpd.c +++ b/www/bozohttpd/files/patch-bozohttpd.c @@ -1,71 +1,53 @@ ---- bozohttpd.c.orig 2021-02-28 05:20:51 UTC +--- bozohttpd.c.orig 2024-02-04 05:55:04 UTC +++ bozohttpd.c -@@ -240,7 +240,7 @@ bozo_set_pref(bozohttpd_t *httpd, bozoprefs_t *bozopre - } - - static void --bozo_clear_prefs(bozohttpd_t *httpd, bozoprefs_t *prefs) -+bozo_clear_prefs(bozoprefs_t *prefs) - { - size_t i; - -@@ -2197,22 +2197,22 @@ http_errors_long(int code) +@@ -2203,22 +2203,22 @@ http_errors_long(int code) return (help); } -#ifndef NO_BLOCKLIST_SUPPORT -static struct blocklist *blstate; +#ifndef NO_BLACKLIST_SUPPORT +static struct blacklist *blstate; void pfilter_notify(const int what, const int code) { if (blstate == NULL) - blstate = blocklist_open(); + blstate = blacklist_open(); if (blstate == NULL) return; - (void)blocklist_r(blstate, what, 0, http_errors_short(code)); + (void)blacklist_r(blstate, what, 0, http_errors_short(code)); } -#endif /* !NO_BLOCKLIST_SUPPORT */ +#endif /* !NO_BLACKLIST_SUPPORT */ /* the follow functions and variables are used in handling HTTP errors */ int -@@ -2317,18 +2317,18 @@ bozo_http_error(bozohttpd_t *httpd, int code, bozo_htt +@@ -2323,18 +2323,18 @@ bozo_http_error(bozohttpd_t *httpd, int code, bozo_htt bozo_printf(httpd, "%s", httpd->errorbuf); bozo_flush(httpd, stdout); -#ifndef NO_BLOCKLIST_SUPPORT +#ifndef NO_BLACKLIST_SUPPORT switch(code) { case 401: - pfilter_notify(BLOCKLIST_AUTH_FAIL, code); + pfilter_notify(BLACKLIST_AUTH_FAIL, code); break; case 403: - pfilter_notify(BLOCKLIST_ABUSIVE_BEHAVIOR, code); + pfilter_notify(BLACKLIST_ABUSIVE_BEHAVIOR, code); break; } -#endif /* !NO_BLOCKLIST_SUPPORT */ +#endif /* !NO_BLACKLIST_SUPPORT */ return code; } -@@ -2714,7 +2714,7 @@ bozo_setup(bozohttpd_t *httpd, bozoprefs_t *prefs, con - void - bozo_cleanup(bozohttpd_t *httpd, bozoprefs_t *prefs) - { -- bozo_clear_prefs(httpd, prefs); -+ bozo_clear_prefs(prefs); - - free(httpd->virthostname); - free(httpd->errorbuf); diff --git a/www/bozohttpd/files/patch-bozohttpd.h b/www/bozohttpd/files/patch-bozohttpd.h index f9d4ccb75867..6bb8356bab47 100644 --- a/www/bozohttpd/files/patch-bozohttpd.h +++ b/www/bozohttpd/files/patch-bozohttpd.h @@ -1,22 +1,22 @@ ---- bozohttpd.h.orig 2021-02-28 05:20:51 UTC +--- bozohttpd.h.orig 2024-02-04 05:55:04 UTC +++ bozohttpd.h @@ -44,8 +44,8 @@ #include #endif -#ifndef NO_BLOCKLIST_SUPPORT -#include +#ifndef NO_BLACKLIST_SUPPORT +#include void pfilter_notify(const int, const int); #endif -@@ -129,7 +129,7 @@ typedef struct bozohttpd_t { +@@ -130,7 +130,7 @@ typedef struct bozohttpd_t { unsigned ssl_timeout; /* ssl timeout */ unsigned initial_timeout;/* first line timeout */ unsigned header_timeout; /* header lines timeout */ - unsigned request_timeout;/* total session timeout */ + int request_timeout;/* total session timeout */ + char *ssl_min_proto; /* minimum ssl protocol level */ #ifndef NO_LUA_SUPPORT int process_lua; /* use the Lua handler */ - SIMPLEQ_HEAD(, lua_state_map) lua_states;