Date: Thu, 18 Feb 2021 07:28:52 +0000 (UTC) From: =?UTF-8?Q?Fernando_Apestegu=c3=ada?= <fernape@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r565909 - in head/www/bozohttpd: . files Message-ID: <202102180728.11I7SqwH005953@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: fernape Date: Thu Feb 18 07:28:52 2021 New Revision: 565909 URL: https://svnweb.freebsd.org/changeset/ports/565909 Log: www/bozohttpd: update to 20201014 Add config options. ChangeLog: http://www.eterna.com.au/bozohttpd/CHANGES PR: 253542 Submitted by: henrik@gulbra.net Reviewed by: jmohacsi@bsd.hu (maintainer) Added: head/www/bozohttpd/files/patch-auth-bozo.c (contents, props changed) head/www/bozohttpd/files/patch-bozohttpd.c (contents, props changed) head/www/bozohttpd/files/patch-bozohttpd.h (contents, props changed) Modified: head/www/bozohttpd/Makefile head/www/bozohttpd/distinfo head/www/bozohttpd/files/bozohttpd.in head/www/bozohttpd/files/patch-Makefile head/www/bozohttpd/files/patch-bozohttpd.8 head/www/bozohttpd/pkg-descr Modified: head/www/bozohttpd/Makefile ============================================================================== --- head/www/bozohttpd/Makefile Thu Feb 18 07:06:48 2021 (r565908) +++ head/www/bozohttpd/Makefile Thu Feb 18 07:28:52 2021 (r565909) @@ -2,58 +2,71 @@ # $FreeBSD$ PORTNAME= bozohttpd -PORTVERSION= 20130711 +PORTVERSION= 20201014 CATEGORIES= www MASTER_SITES= http://www.eterna.com.au/bozohttpd/ \ NETBSD MAINTAINER= jmohacsi@bsd.hu -COMMENT= The bozotic HTTP server +COMMENT= Bozotic HTTP server from NetBSD LICENSE= BSD2CLAUSE -USE_RC_SUBR= bozohttpd +USES= cpe uidfix tar:bzip2 +CPE_VENDOR= eterna -#options handling -OPTIONS_DEFINE= HTPASSWD SSL CGI -OPTIONS_DEFAULT= SSL CGI +OPTIONS_DEFINE= BLACKLIST CGI DAEMON DEBUG DIRINDEX\ + DYNAMIC HTPASSWD LUA SSL USER +OPTIONS_DEFAULT= BLACKLIST CGI DAEMON DEBUG DIRINDEX\ + DYNAMIC HTPASSWD LUA SSL USER -SSL_USES= ssl -SSL_CFLAGS= -I${OPENSSLINC} -SSL_LDFLAGS= -L${OPENSSLLIB} +BLACKLIST_DESC= Report Unauthorized and Forbidden accesses to blacklistd +BLACKLIST_CFLAGS_OFF= -DNO_BLACKLIST_SUPPORT +BLACKLIST_LIBS= -lblacklist -USES= cpe uidfix tar:bzip2 -CPE_VENDOR= eterna +CGI_DESC= Common Gateway Interface (CGI) support (-C, -c, -E, -e) +CGI_CFLAGS_OFF= -DNO_CGIBIN_SUPPORT -HTPASSWD_DESC= Enable htpassword support -CGI_DESC= Enable CGI support +DAEMON_DESC= Optional daemon mode (-b) +DAEMON_CFLAGS_OFF= -DNO_DAEMON_MODE -.include <bsd.port.options.mk> +DEBUG_DESC= Debug support (-d) +DEBUG_CFLAGS_OFF= -DNO_DEBUG -.if ${PORT_OPTIONS:MHTPASSWD} -MAKE_ARGS+= 'COPTS+= -DDO_HTPASSWD' \ - 'LDFLAGS+= -lcrypt' -.else -MAKE_ARGS+= 'COPTS+= -UDO_HTPASSWD' -.endif +DIRINDEX_DESC= Automatic directory index if index.html is missing (-X) +DIRINDEX_CFLAGS_OFF= -DNO_DIRINDEX_SUPPORT -.if ${PORT_OPTIONS:MSSL} -MAKE_ARGS+= 'COPTS+= -UNO_SSL_SUPPORT' -.else -MAKE_ARGS+= 'COPTS+= -DNO_SSL_SUPPORT' \ - 'CRYPTOLIBS=' \ - 'CRYPTODEPS=' -.endif +DYNAMIC_DESC= Dynamic content based on file suffixes (-C, -M) +DYNAMIC_CFLAGS_OFF= -DNO_DYNAMIC_CONTENT -.if ${PORT_OPTIONS:MCGI} -MAKE_ARGS+= 'COPTS+= -UNO_CGIBIN_SUPPORT' -.else -MAKE_ARGS+= 'COPTS+= -DNO_CGIBIN_SUPPORT' -.endif +HTPASSWD_DESC= Basic authentication with .htpasswd files +HTPASSWD_CFLAGS= -DDO_HTPASSWD +HTPASSWD_LIBS= -lcrypt -PLIST_FILES= libexec/bozohttpd \ +LUA_DESC= Lua scripts for dynamic content (-L) +LUA_CFLAGS= -I${LUA_INCDIR} +LUA_CFLAGS_OFF= -DNO_LUA_SUPPORT +LUA_LDFLAGS= -L${LUA_LIBDIR} +LUA_LIBS= -llua-${LUA_VER} +LUA_USES= lua + +SSL_DESC= SSL/TLS for HTTPS requests (-Z, -z) +SSL_CFLAGS= -I${OPENSSLINC} +SSL_CFLAGS_OFF= -DNO_SSL_SUPPORT +SSL_LDFLAGS= -L${OPENSSLLIB} +SSL_LIBS= -lcrypto -lssl +SSL_USES= ssl + +USER_DESC= Optional /~user transformation (-e, -p, -u) +USER_CFLAGS_OFF= -DNO_USER_SUPPORT + +.include <bsd.port.options.mk> + +MAKE_ARGS= LDADD="${LIBS}" + +USE_RC_SUBR= bozohttpd + +PLIST_FILES= bin/bozohttpd \ man/man8/bozohttpd.8.gz -post-patch: - @${REINPLACE_CMD} -e 's|@@PREFIX@@|${PREFIX}|g' ${WRKSRC}/bozohttpd.8 .include <bsd.port.mk> Modified: head/www/bozohttpd/distinfo ============================================================================== --- head/www/bozohttpd/distinfo Thu Feb 18 07:06:48 2021 (r565908) +++ head/www/bozohttpd/distinfo Thu Feb 18 07:28:52 2021 (r565909) @@ -1,2 +1,3 @@ -SHA256 (bozohttpd-20130711.tar.bz2) = b9682e37ae2c4a1b7309225e95787df8c037239fe1d8c9dd8faede35921e910b -SIZE (bozohttpd-20130711.tar.bz2) = 48974 +TIMESTAMP = 1613243155 +SHA256 (bozohttpd-20201014.tar.bz2) = 5bbca7a3cf5cdadb1de2a40c41c51c8e8ded8569dd1e8f81962cca6b4c0b97ed +SIZE (bozohttpd-20201014.tar.bz2) = 76913 Modified: head/www/bozohttpd/files/bozohttpd.in ============================================================================== --- head/www/bozohttpd/files/bozohttpd.in Thu Feb 18 07:06:48 2021 (r565908) +++ head/www/bozohttpd/files/bozohttpd.in Thu Feb 18 07:28:52 2021 (r565909) @@ -25,6 +25,6 @@ load_rc_config $name : ${bozohttpd_enable="NO"} : ${bozohttpd_flags="-b -t /var/empty -U nobody /"} -command=%%PREFIX%%/libexec/${name} +command=%%PREFIX%%/bin/${name} run_rc_command "$1" Modified: head/www/bozohttpd/files/patch-Makefile ============================================================================== --- head/www/bozohttpd/files/patch-Makefile Thu Feb 18 07:06:48 2021 (r565908) +++ head/www/bozohttpd/files/patch-Makefile Thu Feb 18 07:28:52 2021 (r565909) @@ -1,53 +1,45 @@ ---- Makefile.orig +--- Makefile.orig 2020-10-15 04:35:06 UTC +++ Makefile -@@ -19,30 +19,34 @@ +@@ -14,7 +14,7 @@ + # NO_SSL_SUPPORT /* don't support ssl (https) */ + # DO_HTPASSWD /* support .htpasswd files */ + # NO_LUA_SUPPORT /* don't support Lua for dynamic content */ +-# NO_BLOCKLIST_SUPPORT /* don't support blocklist */ ++# NO_BLACKLIST_SUPPORT /* don't support blacklist */ + # + # other system specific defines: + # HAVE_NBUTIL_H /* netbsd compat is in <nbutil.h> +@@ -24,20 +24,17 @@ + # for setting CFLAGS relevant to your make, eg # % make COPTS="-DDO_HTPASSWD" - COPTS+= -DDO_HTPASSWD --PROG= httpd --MAN= httpd.8 --BUILDSYMLINKS+=bozohttpd.8 httpd.8 -+PROG= bozohttpd -+MAN= bozohttpd.8 -+#BUILDSYMLINKS+=bozohttpd.8 +-COPTS+= -DDO_HTPASSWD + PROG= bozohttpd +-LINKS= ${BINDIR}/bozohttpd ${BINDIR}/httpd + MAN= bozohttpd.8 +-MLINKS+=bozohttpd.8 httpd.8 SRCS= bozohttpd.c ssl-bozo.c auth-bozo.c cgi-bozo.c daemon-bozo.c \ - tilde-luzah-bozo.c dir-index-bozo.c content-bozo.c + tilde-luzah-bozo.c dir-index-bozo.c content-bozo.c lua-bozo.c SRCS+= main.c --LDADD= -lcrypt -+LDADD= -lcrypt -lcrypto -lssl - DPADD= ${LIBCRYPT} - +-LDADD= -lblocklist -lcrypt -llua -lm +-DPADD= ${LIBBLOCKLIST} ${LIBCRYPT} ${LIBLUA} ${LIBM} +- WARNS?= 4 -+NO_WERROR=1 -+ -+BINDIR=$(PREFIX)/libexec -+MANDIR=$(PREFIX)/man/man --.include <bsd.own.mk> ++BINDIR=$(PREFIX)/bin ++MANDIR=$(PREFIX)/man/man ++ + .if defined(.OS.MAKE) + OPSYS= ${.OS.MAKE} + .else +@@ -48,9 +45,6 @@ OPSYS:= ${:!uname -s!:S/-//g:S/\///g} + CPPFLAGS+= -DHAVE_NBUTIL_H + LDADD+= -lnbutil + .endif - --.if ${MKCRYPTO} != "no" -- -LDADD+= -lssl -lcrypto -DPADD+= ${LIBSSL} ${LIBCRYPTO} -- --.else -- --COPTS+= -DNO_SSL_SUPPORT -- --.endif -+#.include <bsd.own.mk> -+# -+#.if ${PORT_OPTIONS:MSSL} -+# -+#LDADD+= -lssl -lcrypto -+#DPADD+= ${LIBSSL} ${LIBCRYPTO} -+# -+#.else -+# -+#COPTS+= -DNO_SSL_SUPPORT -+# -+#.endif # # Build release things. Added: head/www/bozohttpd/files/patch-auth-bozo.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/bozohttpd/files/patch-auth-bozo.c Thu Feb 18 07:28:52 2021 (r565909) @@ -0,0 +1,15 @@ +--- auth-bozo.c.orig 2021-02-14 09:39:00 UTC ++++ auth-bozo.c +@@ -106,9 +106,9 @@ bozo_auth_check(bozo_httpreq_t *request, const char *f + break; + fclose(fp); + +-#ifndef NO_BLOCKLIST_SUPPORT +- pfilter_notify(BLOCKLIST_AUTH_OK, 200); +-#endif /* !NO_BLOCKLIST_SUPPORT */ ++#ifndef NO_BLACKLIST_SUPPORT ++ pfilter_notify(BLACKLIST_AUTH_OK, 200); ++#endif /* !NO_BLACKLIST_SUPPORT */ + + return 0; + } Modified: head/www/bozohttpd/files/patch-bozohttpd.8 ============================================================================== --- head/www/bozohttpd/files/patch-bozohttpd.8 Thu Feb 18 07:06:48 2021 (r565908) +++ head/www/bozohttpd/files/patch-bozohttpd.8 Thu Feb 18 07:28:52 2021 (r565909) @@ -1,22 +1,153 @@ ---- bozohttpd.8.orig +--- bozohttpd.8.orig 2020-10-15 04:35:06 UTC +++ bozohttpd.8 -@@ -316,8 +316,8 @@ +@@ -354,12 +354,26 @@ since version 20040828, they take multiple options (2 + .Fl C + and 4 in the case of + .Fl M . ) ++.Ss DEFAULT CONFIGURATION ++On ++.Fx , ++.Nm ++can be enabled as the default web server by adding the following options to ++.Pa /etc/rc.conf ++: ++.Bd -literal ++bozohttpd_enable (bool): Set it to "YES" to enable bozohttpd. ++ Default is "NO". ++bozohttpd_flags (str): Options to pass to bozohttpd. ++ Default is "-b -t /var/empty -U nobody /". ++ The last argument, slashdir, is required. ++.Ed + .Ss INETD CONFIGURATION + As + .Nm +-uses ++normally uses + .Xr inetd 8 +-by default to process incoming TCP connections for HTTP requests ++to process incoming TCP connections for HTTP requests + (but see the + .Fl b + option), +@@ -371,8 +385,8 @@ A typical .Xr inetd.conf 5 entry would be: .Bd -literal -http stream tcp nowait:600 _httpd /usr/libexec/httpd httpd /var/www -http stream tcp6 nowait:600 _httpd /usr/libexec/httpd httpd /var/www -+http stream tcp nowait:600 _httpd @@PREFIX@@/libexec/httpd httpd /var/www -+http stream tcp6 nowait:600 _httpd @@PREFIX@@/libexec/httpd httpd /var/www ++http stream tcp nowait:600 www /usr/local/bin/bozohttpd httpd /var/www ++http stream tcp6 nowait:600 www /usr/local/bin/bozohttpd httpd /var/www .Ed .Pp This would serve web pages from -@@ -447,7 +447,7 @@ +@@ -386,7 +400,7 @@ requests per minute to 600, up from the + default of 40. + .Pp + Using the +-.Nx ++.Fx + .Xr inetd 8 , + you can provide multiple IP-address based HTTP servers by having multiple + listening ports with different configurations. +@@ -438,15 +452,15 @@ jeremy:A.xewbx2DpQ8I + .Ed + .Pp + On +-.Nx , ++.Fx , + the +-.Xr pwhash 1 ++.Xr openssl-passwd 1 + utility may be used to generate hashed passwords. + .Pp +-While ++While the ++.Fx ++port of + .Nm +-distributed with +-.Nx + has support for HTTP Basic Authorization enabled by default, + in the portable distribution it is excluded. + Compile +@@ -456,21 +470,21 @@ with + on the compiler command line to enable this support. + It may require linking with the crypt library, using + .Dq -lcrypt . +-.Ss BLOCKLIST SUPPORT ++.Ss BLACKLIST SUPPORT + On +-.Nx , ++.Fx , + .Nm + supports +-.Xr blocklistd 8 ++.Xr blacklistd 8 + by default. + The support can be disabled with the +-.Dq -DNO_BLOCKLIST_SUPPORT ++.Dq -DNO_BLACKLIST_SUPPORT + compilation option. + .Pp + Upon occurrence, + .Nm + reports two HTTP status codes to +-.Xr blocklistd 8 ++.Xr blacklistd 8 + as failures: + .Em 401 + (``Unauthorized'') +@@ -482,7 +496,7 @@ Of these, + is the one received upon authorization failure with the + HTTP Basic Authorization mechanism. + A successful authorization decreases the counter kept by +-.Xr blocklistd 8 . ++.Xr blacklistd 8 . + .Pp + Note that the implementation of the HTTP Basic Authorization mechanism + uses a redirection; a status code +@@ -491,7 +505,7 @@ is always initially received. + Therefore, a single authorization failure of + .Pa .htpasswd + is reported as two failures to +-.Xr blocklistd 8 , ++.Xr blacklistd 8 , + but no failures are recorded upon successful authorization + due to the decrease of the failure counter. + .Ss SSL SUPPORT +@@ -584,7 +598,7 @@ To configure set of virtual hosts, one would use an .Xr inetd.conf 5 entry like: .Bd -literal -http stream tcp nowait:600 _httpd /usr/libexec/httpd httpd -v /var/vroot /var/www -+http stream tcp nowait:600 _httpd @@PREFIX@@/libexec/httpd httpd -v /var/vroot /var/www ++http stream tcp nowait:600 www /usr/local/bin/bozohttpd httpd -v /var/vroot /var/www .Ed .Pp and inside +@@ -602,7 +616,7 @@ with PHP, one must use the + option to specify a CGI handler for a particular file type. + Typically this will be like: + .Bd -literal +-httpd -C .php /usr/pkg/bin/php-cgi /var/www ++bozohttpd -C .php /usr/pkg/bin/php-cgi /var/www + .Ed + .Pp + Note that a plain script interpreter can not be used directly as a cgihandler, +@@ -615,7 +629,7 @@ might do. + .Pp + It would be invoked like: + .Bd -literal +-httpd -C .pl /www-scripts/bin/run.perl /var/www ++bozohttpd -C .pl /www-scripts/bin/run.perl /var/www + .Ed + and the script could look like: + .Bd -literal +@@ -809,7 +823,7 @@ provided chroot and change-to-user support, and other + .An Jukka Ruohonen + .Aq Mt jruoho@NetBSD.org + provided support for +-.Xr blocklist 8 ++.Xr blacklist 8 + .It + .An Jared McNeill + .Aq Mt jmcneill@NetBSD.org Added: head/www/bozohttpd/files/patch-bozohttpd.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/bozohttpd/files/patch-bozohttpd.c Thu Feb 18 07:28:52 2021 (r565909) @@ -0,0 +1,53 @@ +--- bozohttpd.c.orig 2021-02-14 09:40:33 UTC ++++ bozohttpd.c +@@ -2174,22 +2174,22 @@ http_errors_long(int code) + return (help); + } + +-#ifndef NO_BLOCKLIST_SUPPORT +-static struct blocklist *blstate; ++#ifndef NO_BLACKLIST_SUPPORT ++static struct blacklist *blstate; + + void + pfilter_notify(const int what, const int code) + { + + if (blstate == NULL) +- blstate = blocklist_open(); ++ blstate = blacklist_open(); + + if (blstate == NULL) + return; + +- (void)blocklist_r(blstate, what, 0, http_errors_short(code)); ++ (void)blacklist_r(blstate, what, 0, http_errors_short(code)); + } +-#endif /* !NO_BLOCKLIST_SUPPORT */ ++#endif /* !NO_BLACKLIST_SUPPORT */ + + /* the follow functions and variables are used in handling HTTP errors */ + int +@@ -2294,18 +2294,18 @@ bozo_http_error(bozohttpd_t *httpd, int code, bozo_htt + bozo_printf(httpd, "%s", httpd->errorbuf); + bozo_flush(httpd, stdout); + +-#ifndef NO_BLOCKLIST_SUPPORT ++#ifndef NO_BLACKLIST_SUPPORT + switch(code) { + + case 401: +- pfilter_notify(BLOCKLIST_AUTH_FAIL, code); ++ pfilter_notify(BLACKLIST_AUTH_FAIL, code); + break; + + case 403: +- pfilter_notify(BLOCKLIST_ABUSIVE_BEHAVIOR, code); ++ pfilter_notify(BLACKLIST_ABUSIVE_BEHAVIOR, code); + break; + } +-#endif /* !NO_BLOCKLIST_SUPPORT */ ++#endif /* !NO_BLACKLIST_SUPPORT */ + + return code; + } Added: head/www/bozohttpd/files/patch-bozohttpd.h ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/bozohttpd/files/patch-bozohttpd.h Thu Feb 18 07:28:52 2021 (r565909) @@ -0,0 +1,13 @@ +--- bozohttpd.h.orig 2021-02-13 19:42:32 UTC ++++ bozohttpd.h +@@ -44,8 +44,8 @@ + #include <lua.h> + #endif + +-#ifndef NO_BLOCKLIST_SUPPORT +-#include <blocklist.h> ++#ifndef NO_BLACKLIST_SUPPORT ++#include <blacklist.h> + void pfilter_notify(const int, const int); + #endif + Modified: head/www/bozohttpd/pkg-descr ============================================================================== --- head/www/bozohttpd/pkg-descr Thu Feb 18 07:06:48 2021 (r565908) +++ head/www/bozohttpd/pkg-descr Thu Feb 18 07:28:52 2021 (r565909) @@ -1,10 +1,23 @@ Bozohttpd is a small and secure HTTP version 1.1 server. Its main feature is the lack of features, reducing the code size and improving verifiability. +This is also the minimal web server that is shipped by default in NetBSD. -It supports CGI/1.1, HTTP/1.1, HTTP/1.0, HTTP/0.9, ~user translations, +It supports SSL, CGI/1.1, HTTP/1.1, HTTP/1.0, HTTP/0.9, ~user translations, virtual hosting support, as well as multiple IP-based servers on a single -machine. It is capable of services pages via the IPv6 protocol. It has no -configuration file by design. Recently added features are htpasswd, SSL, -and dynamic redirection, that can be easily disabled. +machine. It is capable of serving pages via the IPv6 protocol. It has no +configuration file by design. Many features are enabled with CLI options. + +For extra security, unused features can be excluded when you build the port: + + o Support for blacklistd(8) to avoid DoS abuse + o Common Gateway Interface (CGI) support (-C, -c, -E, -e) + o Optional daemon mode (-b) + o Debug support (-d) + o Automatic directory index if index.html is missing (-X) + o Dynamic content based on file suffixes (-C, -M) + o Basic authentication with .htpasswd files + o SSL/TLS for HTTPS requests (-Z, -z) + o Lua scripts for dynamic content (-L) + o Optional /~user transformation (-e, -p, -u) WWW: http://www.eterna.com.au/bozohttpd/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202102180728.11I7SqwH005953>