Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 18 Feb 2021 07:28:52 +0000 (UTC)
From:      =?UTF-8?Q?Fernando_Apestegu=c3=ada?= <fernape@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r565909 - in head/www/bozohttpd: . files
Message-ID:  <202102180728.11I7SqwH005953@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: fernape
Date: Thu Feb 18 07:28:52 2021
New Revision: 565909
URL: https://svnweb.freebsd.org/changeset/ports/565909

Log:
  www/bozohttpd: update to 20201014
  
  Add config options.
  
  ChangeLog: http://www.eterna.com.au/bozohttpd/CHANGES
  
  PR:	253542
  Submitted by:	henrik@gulbra.net
  Reviewed by:	jmohacsi@bsd.hu (maintainer)

Added:
  head/www/bozohttpd/files/patch-auth-bozo.c   (contents, props changed)
  head/www/bozohttpd/files/patch-bozohttpd.c   (contents, props changed)
  head/www/bozohttpd/files/patch-bozohttpd.h   (contents, props changed)
Modified:
  head/www/bozohttpd/Makefile
  head/www/bozohttpd/distinfo
  head/www/bozohttpd/files/bozohttpd.in
  head/www/bozohttpd/files/patch-Makefile
  head/www/bozohttpd/files/patch-bozohttpd.8
  head/www/bozohttpd/pkg-descr

Modified: head/www/bozohttpd/Makefile
==============================================================================
--- head/www/bozohttpd/Makefile	Thu Feb 18 07:06:48 2021	(r565908)
+++ head/www/bozohttpd/Makefile	Thu Feb 18 07:28:52 2021	(r565909)
@@ -2,58 +2,71 @@
 # $FreeBSD$
 
 PORTNAME=	bozohttpd
-PORTVERSION=	20130711
+PORTVERSION=	20201014
 CATEGORIES=	www
 MASTER_SITES=	http://www.eterna.com.au/bozohttpd/ \
 		NETBSD
 
 MAINTAINER=	jmohacsi@bsd.hu
-COMMENT=	The bozotic HTTP server
+COMMENT=	Bozotic HTTP server from NetBSD
 
 LICENSE=	BSD2CLAUSE
 
-USE_RC_SUBR=	bozohttpd
+USES=		cpe uidfix tar:bzip2
+CPE_VENDOR=	eterna
 
-#options handling
-OPTIONS_DEFINE=		HTPASSWD SSL CGI
-OPTIONS_DEFAULT=	SSL CGI
+OPTIONS_DEFINE=		BLACKLIST CGI DAEMON DEBUG DIRINDEX\
+			DYNAMIC HTPASSWD LUA SSL USER
+OPTIONS_DEFAULT=	BLACKLIST CGI DAEMON DEBUG DIRINDEX\
+			DYNAMIC HTPASSWD LUA SSL USER
 
-SSL_USES=	ssl
-SSL_CFLAGS=	-I${OPENSSLINC}
-SSL_LDFLAGS=	-L${OPENSSLLIB}
+BLACKLIST_DESC=		Report Unauthorized and Forbidden accesses to blacklistd
+BLACKLIST_CFLAGS_OFF=	-DNO_BLACKLIST_SUPPORT
+BLACKLIST_LIBS=		-lblacklist
 
-USES=		cpe uidfix tar:bzip2
-CPE_VENDOR=	eterna
+CGI_DESC=		Common Gateway Interface (CGI) support (-C, -c, -E, -e)
+CGI_CFLAGS_OFF=		-DNO_CGIBIN_SUPPORT
 
-HTPASSWD_DESC=		Enable htpassword support
-CGI_DESC=		Enable CGI support
+DAEMON_DESC=		Optional daemon mode (-b)
+DAEMON_CFLAGS_OFF=	-DNO_DAEMON_MODE
 
-.include <bsd.port.options.mk>
+DEBUG_DESC=		Debug support (-d)
+DEBUG_CFLAGS_OFF=	-DNO_DEBUG
 
-.if ${PORT_OPTIONS:MHTPASSWD}
-MAKE_ARGS+=	'COPTS+=	-DDO_HTPASSWD' \
-		'LDFLAGS+= -lcrypt'
-.else
-MAKE_ARGS+=	'COPTS+=	-UDO_HTPASSWD'
-.endif
+DIRINDEX_DESC=		Automatic directory index if index.html is missing (-X)
+DIRINDEX_CFLAGS_OFF=	-DNO_DIRINDEX_SUPPORT
 
-.if ${PORT_OPTIONS:MSSL}
-MAKE_ARGS+=	'COPTS+=	-UNO_SSL_SUPPORT'
-.else
-MAKE_ARGS+=	'COPTS+=	-DNO_SSL_SUPPORT' \
-		'CRYPTOLIBS=' \
-		'CRYPTODEPS='
-.endif
+DYNAMIC_DESC=		Dynamic content based on file suffixes (-C, -M)
+DYNAMIC_CFLAGS_OFF=	-DNO_DYNAMIC_CONTENT
 
-.if ${PORT_OPTIONS:MCGI}
-MAKE_ARGS+=	'COPTS+=	-UNO_CGIBIN_SUPPORT'
-.else
-MAKE_ARGS+=	'COPTS+=	-DNO_CGIBIN_SUPPORT'
-.endif
+HTPASSWD_DESC=		Basic authentication with .htpasswd files
+HTPASSWD_CFLAGS=	-DDO_HTPASSWD
+HTPASSWD_LIBS=		-lcrypt
 
-PLIST_FILES=	libexec/bozohttpd \
+LUA_DESC=		Lua scripts for dynamic content (-L)
+LUA_CFLAGS=		-I${LUA_INCDIR}
+LUA_CFLAGS_OFF=		-DNO_LUA_SUPPORT
+LUA_LDFLAGS=		-L${LUA_LIBDIR}
+LUA_LIBS=		-llua-${LUA_VER}
+LUA_USES=		lua
+
+SSL_DESC=		SSL/TLS for HTTPS requests (-Z, -z)
+SSL_CFLAGS=		-I${OPENSSLINC}
+SSL_CFLAGS_OFF=		-DNO_SSL_SUPPORT
+SSL_LDFLAGS=		-L${OPENSSLLIB}
+SSL_LIBS=		-lcrypto -lssl
+SSL_USES=		ssl
+
+USER_DESC=		Optional /~user transformation (-e, -p, -u)
+USER_CFLAGS_OFF=	-DNO_USER_SUPPORT
+
+.include <bsd.port.options.mk>
+
+MAKE_ARGS=	LDADD="${LIBS}"
+
+USE_RC_SUBR=	bozohttpd
+
+PLIST_FILES=	bin/bozohttpd \
 		man/man8/bozohttpd.8.gz
-post-patch:
-	@${REINPLACE_CMD} -e 's|@@PREFIX@@|${PREFIX}|g' ${WRKSRC}/bozohttpd.8
 
 .include <bsd.port.mk>

Modified: head/www/bozohttpd/distinfo
==============================================================================
--- head/www/bozohttpd/distinfo	Thu Feb 18 07:06:48 2021	(r565908)
+++ head/www/bozohttpd/distinfo	Thu Feb 18 07:28:52 2021	(r565909)
@@ -1,2 +1,3 @@
-SHA256 (bozohttpd-20130711.tar.bz2) = b9682e37ae2c4a1b7309225e95787df8c037239fe1d8c9dd8faede35921e910b
-SIZE (bozohttpd-20130711.tar.bz2) = 48974
+TIMESTAMP = 1613243155
+SHA256 (bozohttpd-20201014.tar.bz2) = 5bbca7a3cf5cdadb1de2a40c41c51c8e8ded8569dd1e8f81962cca6b4c0b97ed
+SIZE (bozohttpd-20201014.tar.bz2) = 76913

Modified: head/www/bozohttpd/files/bozohttpd.in
==============================================================================
--- head/www/bozohttpd/files/bozohttpd.in	Thu Feb 18 07:06:48 2021	(r565908)
+++ head/www/bozohttpd/files/bozohttpd.in	Thu Feb 18 07:28:52 2021	(r565909)
@@ -25,6 +25,6 @@ load_rc_config $name
 : ${bozohttpd_enable="NO"}
 : ${bozohttpd_flags="-b -t /var/empty -U nobody /"}
 
-command=%%PREFIX%%/libexec/${name}
+command=%%PREFIX%%/bin/${name}
 
 run_rc_command "$1"

Modified: head/www/bozohttpd/files/patch-Makefile
==============================================================================
--- head/www/bozohttpd/files/patch-Makefile	Thu Feb 18 07:06:48 2021	(r565908)
+++ head/www/bozohttpd/files/patch-Makefile	Thu Feb 18 07:28:52 2021	(r565909)
@@ -1,53 +1,45 @@
---- Makefile.orig
+--- Makefile.orig	2020-10-15 04:35:06 UTC
 +++ Makefile
-@@ -19,30 +19,34 @@
+@@ -14,7 +14,7 @@
+ #	NO_SSL_SUPPORT		/* don't support ssl (https) */
+ #	DO_HTPASSWD		/* support .htpasswd files */
+ #	NO_LUA_SUPPORT		/* don't support Lua for dynamic content */
+-#	NO_BLOCKLIST_SUPPORT	/* don't support blocklist */
++#	NO_BLACKLIST_SUPPORT	/* don't support blacklist */
+ #
+ # other system specific defines:
+ #	HAVE_NBUTIL_H		/* netbsd compat is in <nbutil.h>
+@@ -24,20 +24,17 @@
+ # for setting CFLAGS relevant to your make, eg
  #   % make COPTS="-DDO_HTPASSWD"
  
- COPTS+=	-DDO_HTPASSWD
--PROG=	httpd
--MAN=	httpd.8
--BUILDSYMLINKS+=bozohttpd.8 httpd.8
-+PROG=	bozohttpd
-+MAN=	bozohttpd.8
-+#BUILDSYMLINKS+=bozohttpd.8
+-COPTS+=	-DDO_HTPASSWD
+ PROG=	bozohttpd
+-LINKS=	${BINDIR}/bozohttpd ${BINDIR}/httpd
+ MAN=	bozohttpd.8
+-MLINKS+=bozohttpd.8 httpd.8
  SRCS=	bozohttpd.c ssl-bozo.c auth-bozo.c cgi-bozo.c daemon-bozo.c \
- 	tilde-luzah-bozo.c dir-index-bozo.c content-bozo.c
+ 	tilde-luzah-bozo.c dir-index-bozo.c content-bozo.c lua-bozo.c
  SRCS+=	main.c
  
--LDADD=	-lcrypt
-+LDADD=	-lcrypt -lcrypto -lssl
- DPADD=	${LIBCRYPT}
- 
+-LDADD=	-lblocklist -lcrypt -llua -lm
+-DPADD=	${LIBBLOCKLIST} ${LIBCRYPT} ${LIBLUA} ${LIBM}
+-
  WARNS?=	4
-+NO_WERROR=1
-+ 
-+BINDIR=$(PREFIX)/libexec
-+MANDIR=$(PREFIX)/man/man
  
--.include <bsd.own.mk>
++BINDIR=$(PREFIX)/bin
++MANDIR=$(PREFIX)/man/man
++
+ .if defined(.OS.MAKE)
+ OPSYS=	${.OS.MAKE}
+ .else
+@@ -48,9 +45,6 @@ OPSYS:=	${:!uname -s!:S/-//g:S/\///g}
+ CPPFLAGS+=	-DHAVE_NBUTIL_H
+ LDADD+=		-lnbutil
+ .endif
 -
--.if ${MKCRYPTO} != "no"
--
 -LDADD+=	-lssl -lcrypto
 -DPADD+=	${LIBSSL} ${LIBCRYPTO}
--
--.else
--
--COPTS+=	-DNO_SSL_SUPPORT
--
--.endif
-+#.include <bsd.own.mk>
-+#
-+#.if ${PORT_OPTIONS:MSSL}
-+#
-+#LDADD+=	-lssl -lcrypto
-+#DPADD+=	${LIBSSL} ${LIBCRYPTO}
-+#
-+#.else
-+#
-+#COPTS+=	-DNO_SSL_SUPPORT
-+#
-+#.endif
  
  #
  # Build release things.

Added: head/www/bozohttpd/files/patch-auth-bozo.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/bozohttpd/files/patch-auth-bozo.c	Thu Feb 18 07:28:52 2021	(r565909)
@@ -0,0 +1,15 @@
+--- auth-bozo.c.orig	2021-02-14 09:39:00 UTC
++++ auth-bozo.c
+@@ -106,9 +106,9 @@ bozo_auth_check(bozo_httpreq_t *request, const char *f
+ 				break;
+ 			fclose(fp);
+ 
+-#ifndef NO_BLOCKLIST_SUPPORT
+-			pfilter_notify(BLOCKLIST_AUTH_OK, 200);
+-#endif /* !NO_BLOCKLIST_SUPPORT */
++#ifndef NO_BLACKLIST_SUPPORT
++			pfilter_notify(BLACKLIST_AUTH_OK, 200);
++#endif /* !NO_BLACKLIST_SUPPORT */
+ 
+ 			return 0;
+ 		}

Modified: head/www/bozohttpd/files/patch-bozohttpd.8
==============================================================================
--- head/www/bozohttpd/files/patch-bozohttpd.8	Thu Feb 18 07:06:48 2021	(r565908)
+++ head/www/bozohttpd/files/patch-bozohttpd.8	Thu Feb 18 07:28:52 2021	(r565909)
@@ -1,22 +1,153 @@
---- bozohttpd.8.orig
+--- bozohttpd.8.orig	2020-10-15 04:35:06 UTC
 +++ bozohttpd.8
-@@ -316,8 +316,8 @@
+@@ -354,12 +354,26 @@ since version 20040828, they take multiple options (2 
+ .Fl C
+ and 4 in the case of
+ .Fl M . )
++.Ss DEFAULT CONFIGURATION
++On
++.Fx ,
++.Nm
++can be enabled as the default web server by adding the following options to
++.Pa /etc/rc.conf
++:
++.Bd -literal
++bozohttpd_enable (bool):      Set it to "YES" to enable bozohttpd.
++                              Default is "NO".
++bozohttpd_flags (str):        Options to pass to bozohttpd.
++                              Default is "-b -t /var/empty -U nobody /".
++                              The last argument, slashdir, is required.
++.Ed
+ .Ss INETD CONFIGURATION
+ As
+ .Nm
+-uses
++normally uses
+ .Xr inetd 8
+-by default to process incoming TCP connections for HTTP requests
++to process incoming TCP connections for HTTP requests
+ (but see the
+ .Fl b
+ option),
+@@ -371,8 +385,8 @@ A typical
  .Xr inetd.conf 5
  entry would be:
  .Bd -literal
 -http stream tcp  nowait:600 _httpd /usr/libexec/httpd httpd /var/www
 -http stream tcp6 nowait:600 _httpd /usr/libexec/httpd httpd /var/www
-+http stream tcp  nowait:600 _httpd @@PREFIX@@/libexec/httpd httpd /var/www
-+http stream tcp6 nowait:600 _httpd @@PREFIX@@/libexec/httpd httpd /var/www
++http stream tcp  nowait:600 www /usr/local/bin/bozohttpd httpd /var/www
++http stream tcp6 nowait:600 www /usr/local/bin/bozohttpd httpd /var/www
  .Ed
  .Pp
  This would serve web pages from
-@@ -447,7 +447,7 @@
+@@ -386,7 +400,7 @@ requests per minute to 600, up from the
+ default of 40.
+ .Pp
+ Using the
+-.Nx
++.Fx
+ .Xr inetd 8 ,
+ you can provide multiple IP-address based HTTP servers by having multiple
+ listening ports with different configurations.
+@@ -438,15 +452,15 @@ jeremy:A.xewbx2DpQ8I
+ .Ed
+ .Pp
+ On
+-.Nx ,
++.Fx ,
+ the
+-.Xr pwhash 1
++.Xr openssl-passwd 1
+ utility may be used to generate hashed passwords.
+ .Pp
+-While
++While the
++.Fx
++port of
+ .Nm
+-distributed with
+-.Nx
+ has support for HTTP Basic Authorization enabled by default,
+ in the portable distribution it is excluded.
+ Compile
+@@ -456,21 +470,21 @@ with
+ on the compiler command line to enable this support.
+ It may require linking with the crypt library, using
+ .Dq -lcrypt .
+-.Ss BLOCKLIST SUPPORT
++.Ss BLACKLIST SUPPORT
+ On
+-.Nx ,
++.Fx ,
+ .Nm
+ supports
+-.Xr blocklistd 8
++.Xr blacklistd 8
+ by default.
+ The support can be disabled with the
+-.Dq -DNO_BLOCKLIST_SUPPORT
++.Dq -DNO_BLACKLIST_SUPPORT
+ compilation option.
+ .Pp
+ Upon occurrence,
+ .Nm
+ reports two HTTP status codes to
+-.Xr blocklistd 8
++.Xr blacklistd 8
+ as failures:
+ .Em 401
+ (``Unauthorized'')
+@@ -482,7 +496,7 @@ Of these,
+ is the one received upon authorization failure with the
+ HTTP Basic Authorization mechanism.
+ A successful authorization decreases the counter kept by
+-.Xr blocklistd 8 .
++.Xr blacklistd 8 .
+ .Pp
+ Note that the implementation of the HTTP Basic Authorization mechanism
+ uses a redirection; a status code
+@@ -491,7 +505,7 @@ is always initially received.
+ Therefore, a single authorization failure of
+ .Pa .htpasswd
+ is reported as two failures to
+-.Xr blocklistd 8 ,
++.Xr blacklistd 8 ,
+ but no failures are recorded upon successful authorization
+ due to the decrease of the failure counter.
+ .Ss SSL SUPPORT
+@@ -584,7 +598,7 @@ To configure set of virtual hosts, one would use an
  .Xr inetd.conf 5
  entry like:
  .Bd -literal
 -http stream tcp  nowait:600 _httpd /usr/libexec/httpd httpd -v /var/vroot /var/www
-+http stream tcp  nowait:600 _httpd @@PREFIX@@/libexec/httpd httpd -v /var/vroot /var/www
++http stream tcp  nowait:600 www /usr/local/bin/bozohttpd httpd -v /var/vroot /var/www
  .Ed
  .Pp
  and inside
+@@ -602,7 +616,7 @@ with PHP, one must use the
+ option to specify a CGI handler for a particular file type.
+ Typically this will be like:
+ .Bd -literal
+-httpd -C .php /usr/pkg/bin/php-cgi /var/www
++bozohttpd -C .php /usr/pkg/bin/php-cgi /var/www
+ .Ed
+ .Pp
+ Note that a plain script interpreter can not be used directly as a cgihandler,
+@@ -615,7 +629,7 @@ might do.
+ .Pp
+ It would be invoked like:
+ .Bd -literal
+-httpd -C .pl /www-scripts/bin/run.perl /var/www
++bozohttpd -C .pl /www-scripts/bin/run.perl /var/www
+ .Ed
+ and the script could look like:
+ .Bd -literal
+@@ -809,7 +823,7 @@ provided chroot and change-to-user support, and other 
+ .An Jukka Ruohonen
+ .Aq Mt jruoho@NetBSD.org
+ provided support for
+-.Xr blocklist 8
++.Xr blacklist 8
+ .It
+ .An Jared McNeill
+ .Aq Mt jmcneill@NetBSD.org

Added: head/www/bozohttpd/files/patch-bozohttpd.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/bozohttpd/files/patch-bozohttpd.c	Thu Feb 18 07:28:52 2021	(r565909)
@@ -0,0 +1,53 @@
+--- bozohttpd.c.orig	2021-02-14 09:40:33 UTC
++++ bozohttpd.c
+@@ -2174,22 +2174,22 @@ http_errors_long(int code)
+ 	return (help);
+ }
+ 
+-#ifndef NO_BLOCKLIST_SUPPORT
+-static struct blocklist *blstate;
++#ifndef NO_BLACKLIST_SUPPORT
++static struct blacklist *blstate;
+ 
+ void
+ pfilter_notify(const int what, const int code)
+ {
+ 
+ 	if (blstate == NULL)
+-		blstate = blocklist_open();
++		blstate = blacklist_open();
+ 
+ 	if (blstate == NULL)
+ 		return;
+ 
+-	(void)blocklist_r(blstate, what, 0, http_errors_short(code));
++	(void)blacklist_r(blstate, what, 0, http_errors_short(code));
+ }
+-#endif /* !NO_BLOCKLIST_SUPPORT */
++#endif /* !NO_BLACKLIST_SUPPORT */
+ 
+ /* the follow functions and variables are used in handling HTTP errors */
+ int
+@@ -2294,18 +2294,18 @@ bozo_http_error(bozohttpd_t *httpd, int code, bozo_htt
+ 		bozo_printf(httpd, "%s", httpd->errorbuf);
+ 	bozo_flush(httpd, stdout);
+ 
+-#ifndef NO_BLOCKLIST_SUPPORT
++#ifndef NO_BLACKLIST_SUPPORT
+ 	switch(code) {
+ 
+ 	case 401:
+-		pfilter_notify(BLOCKLIST_AUTH_FAIL, code);
++		pfilter_notify(BLACKLIST_AUTH_FAIL, code);
+ 		break;
+ 
+ 	case 403:
+-		pfilter_notify(BLOCKLIST_ABUSIVE_BEHAVIOR, code);
++		pfilter_notify(BLACKLIST_ABUSIVE_BEHAVIOR, code);
+ 		break;
+ 	}
+-#endif /* !NO_BLOCKLIST_SUPPORT */
++#endif /* !NO_BLACKLIST_SUPPORT */
+ 
+ 	return code;
+ }

Added: head/www/bozohttpd/files/patch-bozohttpd.h
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/www/bozohttpd/files/patch-bozohttpd.h	Thu Feb 18 07:28:52 2021	(r565909)
@@ -0,0 +1,13 @@
+--- bozohttpd.h.orig	2021-02-13 19:42:32 UTC
++++ bozohttpd.h
+@@ -44,8 +44,8 @@
+ #include <lua.h>
+ #endif
+ 
+-#ifndef NO_BLOCKLIST_SUPPORT
+-#include <blocklist.h>
++#ifndef NO_BLACKLIST_SUPPORT
++#include <blacklist.h>
+ void pfilter_notify(const int, const int);
+ #endif
+ 

Modified: head/www/bozohttpd/pkg-descr
==============================================================================
--- head/www/bozohttpd/pkg-descr	Thu Feb 18 07:06:48 2021	(r565908)
+++ head/www/bozohttpd/pkg-descr	Thu Feb 18 07:28:52 2021	(r565909)
@@ -1,10 +1,23 @@
 Bozohttpd is a small and secure HTTP version 1.1 server. Its main feature
 is the lack of features, reducing the code size and improving verifiability.
+This is also the minimal web server that is shipped by default in NetBSD.
 
-It supports CGI/1.1, HTTP/1.1, HTTP/1.0, HTTP/0.9, ~user translations,
+It supports SSL, CGI/1.1, HTTP/1.1, HTTP/1.0, HTTP/0.9, ~user translations,
 virtual hosting support, as well as multiple IP-based servers on a single
-machine. It is capable of services pages via the IPv6 protocol. It has no
-configuration file by design. Recently added features are htpasswd, SSL,
-and dynamic redirection, that can be easily disabled.
+machine. It is capable of serving pages via the IPv6 protocol. It has no
+configuration file by design. Many features are enabled with CLI options.
+
+For extra security, unused features can be excluded when you build the port:
+
+    o Support for blacklistd(8) to avoid DoS abuse
+    o Common Gateway Interface (CGI) support (-C, -c, -E, -e)
+    o Optional daemon mode (-b)
+    o Debug support (-d)
+    o Automatic directory index if index.html is missing (-X)
+    o Dynamic content based on file suffixes (-C, -M)
+    o Basic authentication with .htpasswd files
+    o SSL/TLS for HTTPS requests (-Z, -z)
+    o Lua scripts for dynamic content (-L)
+    o Optional /~user transformation (-e, -p, -u)
 
 WWW: http://www.eterna.com.au/bozohttpd/



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202102180728.11I7SqwH005953>