svn commit: r565909 - in head/www/bozohttpd: . files
Fernando Apesteguía
fernape at FreeBSD.org
Thu Feb 18 07:28:55 UTC 2021
Author: fernape
Date: Thu Feb 18 07:28:52 2021
New Revision: 565909
URL: https://svnweb.freebsd.org/changeset/ports/565909
Log:
www/bozohttpd: update to 20201014
Add config options.
ChangeLog: http://www.eterna.com.au/bozohttpd/CHANGES
PR: 253542
Submitted by: henrik at gulbra.net
Reviewed by: jmohacsi at bsd.hu (maintainer)
Added:
head/www/bozohttpd/files/patch-auth-bozo.c (contents, props changed)
head/www/bozohttpd/files/patch-bozohttpd.c (contents, props changed)
head/www/bozohttpd/files/patch-bozohttpd.h (contents, props changed)
Modified:
head/www/bozohttpd/Makefile
head/www/bozohttpd/distinfo
head/www/bozohttpd/files/bozohttpd.in
head/www/bozohttpd/files/patch-Makefile
head/www/bozohttpd/files/patch-bozohttpd.8
head/www/bozohttpd/pkg-descr
Modified: head/www/bozohttpd/Makefile
==============================================================================
--- head/www/bozohttpd/Makefile Thu Feb 18 07:06:48 2021 (r565908)
+++ head/www/bozohttpd/Makefile Thu Feb 18 07:28:52 2021 (r565909)
@@ -2,58 +2,71 @@
# $FreeBSD$
PORTNAME= bozohttpd
-PORTVERSION= 20130711
+PORTVERSION= 20201014
CATEGORIES= www
MASTER_SITES= http://www.eterna.com.au/bozohttpd/ \
NETBSD
MAINTAINER= jmohacsi at bsd.hu
-COMMENT= The bozotic HTTP server
+COMMENT= Bozotic HTTP server from NetBSD
LICENSE= BSD2CLAUSE
-USE_RC_SUBR= bozohttpd
+USES= cpe uidfix tar:bzip2
+CPE_VENDOR= eterna
-#options handling
-OPTIONS_DEFINE= HTPASSWD SSL CGI
-OPTIONS_DEFAULT= SSL CGI
+OPTIONS_DEFINE= BLACKLIST CGI DAEMON DEBUG DIRINDEX\
+ DYNAMIC HTPASSWD LUA SSL USER
+OPTIONS_DEFAULT= BLACKLIST CGI DAEMON DEBUG DIRINDEX\
+ DYNAMIC HTPASSWD LUA SSL USER
-SSL_USES= ssl
-SSL_CFLAGS= -I${OPENSSLINC}
-SSL_LDFLAGS= -L${OPENSSLLIB}
+BLACKLIST_DESC= Report Unauthorized and Forbidden accesses to blacklistd
+BLACKLIST_CFLAGS_OFF= -DNO_BLACKLIST_SUPPORT
+BLACKLIST_LIBS= -lblacklist
-USES= cpe uidfix tar:bzip2
-CPE_VENDOR= eterna
+CGI_DESC= Common Gateway Interface (CGI) support (-C, -c, -E, -e)
+CGI_CFLAGS_OFF= -DNO_CGIBIN_SUPPORT
-HTPASSWD_DESC= Enable htpassword support
-CGI_DESC= Enable CGI support
+DAEMON_DESC= Optional daemon mode (-b)
+DAEMON_CFLAGS_OFF= -DNO_DAEMON_MODE
-.include <bsd.port.options.mk>
+DEBUG_DESC= Debug support (-d)
+DEBUG_CFLAGS_OFF= -DNO_DEBUG
-.if ${PORT_OPTIONS:MHTPASSWD}
-MAKE_ARGS+= 'COPTS+= -DDO_HTPASSWD' \
- 'LDFLAGS+= -lcrypt'
-.else
-MAKE_ARGS+= 'COPTS+= -UDO_HTPASSWD'
-.endif
+DIRINDEX_DESC= Automatic directory index if index.html is missing (-X)
+DIRINDEX_CFLAGS_OFF= -DNO_DIRINDEX_SUPPORT
-.if ${PORT_OPTIONS:MSSL}
-MAKE_ARGS+= 'COPTS+= -UNO_SSL_SUPPORT'
-.else
-MAKE_ARGS+= 'COPTS+= -DNO_SSL_SUPPORT' \
- 'CRYPTOLIBS=' \
- 'CRYPTODEPS='
-.endif
+DYNAMIC_DESC= Dynamic content based on file suffixes (-C, -M)
+DYNAMIC_CFLAGS_OFF= -DNO_DYNAMIC_CONTENT
-.if ${PORT_OPTIONS:MCGI}
-MAKE_ARGS+= 'COPTS+= -UNO_CGIBIN_SUPPORT'
-.else
-MAKE_ARGS+= 'COPTS+= -DNO_CGIBIN_SUPPORT'
-.endif
+HTPASSWD_DESC= Basic authentication with .htpasswd files
+HTPASSWD_CFLAGS= -DDO_HTPASSWD
+HTPASSWD_LIBS= -lcrypt
-PLIST_FILES= libexec/bozohttpd \
+LUA_DESC= Lua scripts for dynamic content (-L)
+LUA_CFLAGS= -I${LUA_INCDIR}
+LUA_CFLAGS_OFF= -DNO_LUA_SUPPORT
+LUA_LDFLAGS= -L${LUA_LIBDIR}
+LUA_LIBS= -llua-${LUA_VER}
+LUA_USES= lua
+
+SSL_DESC= SSL/TLS for HTTPS requests (-Z, -z)
+SSL_CFLAGS= -I${OPENSSLINC}
+SSL_CFLAGS_OFF= -DNO_SSL_SUPPORT
+SSL_LDFLAGS= -L${OPENSSLLIB}
+SSL_LIBS= -lcrypto -lssl
+SSL_USES= ssl
+
+USER_DESC= Optional /~user transformation (-e, -p, -u)
+USER_CFLAGS_OFF= -DNO_USER_SUPPORT
+
+.include <bsd.port.options.mk>
+
+MAKE_ARGS= LDADD="${LIBS}"
+
+USE_RC_SUBR= bozohttpd
+
+PLIST_FILES= bin/bozohttpd \
man/man8/bozohttpd.8.gz
-post-patch:
- @${REINPLACE_CMD} -e 's|@@PREFIX@@|${PREFIX}|g' ${WRKSRC}/bozohttpd.8
.include <bsd.port.mk>
Modified: head/www/bozohttpd/distinfo
==============================================================================
--- head/www/bozohttpd/distinfo Thu Feb 18 07:06:48 2021 (r565908)
+++ head/www/bozohttpd/distinfo Thu Feb 18 07:28:52 2021 (r565909)
@@ -1,2 +1,3 @@
-SHA256 (bozohttpd-20130711.tar.bz2) = b9682e37ae2c4a1b7309225e95787df8c037239fe1d8c9dd8faede35921e910b
-SIZE (bozohttpd-20130711.tar.bz2) = 48974
+TIMESTAMP = 1613243155
+SHA256 (bozohttpd-20201014.tar.bz2) = 5bbca7a3cf5cdadb1de2a40c41c51c8e8ded8569dd1e8f81962cca6b4c0b97ed
+SIZE (bozohttpd-20201014.tar.bz2) = 76913
Modified: head/www/bozohttpd/files/bozohttpd.in
==============================================================================
--- head/www/bozohttpd/files/bozohttpd.in Thu Feb 18 07:06:48 2021 (r565908)
+++ head/www/bozohttpd/files/bozohttpd.in Thu Feb 18 07:28:52 2021 (r565909)
@@ -25,6 +25,6 @@ load_rc_config $name
: ${bozohttpd_enable="NO"}
: ${bozohttpd_flags="-b -t /var/empty -U nobody /"}
-command=%%PREFIX%%/libexec/${name}
+command=%%PREFIX%%/bin/${name}
run_rc_command "$1"
Modified: head/www/bozohttpd/files/patch-Makefile
==============================================================================
--- head/www/bozohttpd/files/patch-Makefile Thu Feb 18 07:06:48 2021 (r565908)
+++ head/www/bozohttpd/files/patch-Makefile Thu Feb 18 07:28:52 2021 (r565909)
@@ -1,53 +1,45 @@
---- Makefile.orig
+--- Makefile.orig 2020-10-15 04:35:06 UTC
+++ Makefile
-@@ -19,30 +19,34 @@
+@@ -14,7 +14,7 @@
+ # NO_SSL_SUPPORT /* don't support ssl (https) */
+ # DO_HTPASSWD /* support .htpasswd files */
+ # NO_LUA_SUPPORT /* don't support Lua for dynamic content */
+-# NO_BLOCKLIST_SUPPORT /* don't support blocklist */
++# NO_BLACKLIST_SUPPORT /* don't support blacklist */
+ #
+ # other system specific defines:
+ # HAVE_NBUTIL_H /* netbsd compat is in <nbutil.h>
+@@ -24,20 +24,17 @@
+ # for setting CFLAGS relevant to your make, eg
# % make COPTS="-DDO_HTPASSWD"
- COPTS+= -DDO_HTPASSWD
--PROG= httpd
--MAN= httpd.8
--BUILDSYMLINKS+=bozohttpd.8 httpd.8
-+PROG= bozohttpd
-+MAN= bozohttpd.8
-+#BUILDSYMLINKS+=bozohttpd.8
+-COPTS+= -DDO_HTPASSWD
+ PROG= bozohttpd
+-LINKS= ${BINDIR}/bozohttpd ${BINDIR}/httpd
+ MAN= bozohttpd.8
+-MLINKS+=bozohttpd.8 httpd.8
SRCS= bozohttpd.c ssl-bozo.c auth-bozo.c cgi-bozo.c daemon-bozo.c \
- tilde-luzah-bozo.c dir-index-bozo.c content-bozo.c
+ tilde-luzah-bozo.c dir-index-bozo.c content-bozo.c lua-bozo.c
SRCS+= main.c
--LDADD= -lcrypt
-+LDADD= -lcrypt -lcrypto -lssl
- DPADD= ${LIBCRYPT}
-
+-LDADD= -lblocklist -lcrypt -llua -lm
+-DPADD= ${LIBBLOCKLIST} ${LIBCRYPT} ${LIBLUA} ${LIBM}
+-
WARNS?= 4
-+NO_WERROR=1
-+
-+BINDIR=$(PREFIX)/libexec
-+MANDIR=$(PREFIX)/man/man
--.include <bsd.own.mk>
++BINDIR=$(PREFIX)/bin
++MANDIR=$(PREFIX)/man/man
++
+ .if defined(.OS.MAKE)
+ OPSYS= ${.OS.MAKE}
+ .else
+@@ -48,9 +45,6 @@ OPSYS:= ${:!uname -s!:S/-//g:S/\///g}
+ CPPFLAGS+= -DHAVE_NBUTIL_H
+ LDADD+= -lnbutil
+ .endif
-
--.if ${MKCRYPTO} != "no"
--
-LDADD+= -lssl -lcrypto
-DPADD+= ${LIBSSL} ${LIBCRYPTO}
--
--.else
--
--COPTS+= -DNO_SSL_SUPPORT
--
--.endif
-+#.include <bsd.own.mk>
-+#
-+#.if ${PORT_OPTIONS:MSSL}
-+#
-+#LDADD+= -lssl -lcrypto
-+#DPADD+= ${LIBSSL} ${LIBCRYPTO}
-+#
-+#.else
-+#
-+#COPTS+= -DNO_SSL_SUPPORT
-+#
-+#.endif
#
# Build release things.
Added: head/www/bozohttpd/files/patch-auth-bozo.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/www/bozohttpd/files/patch-auth-bozo.c Thu Feb 18 07:28:52 2021 (r565909)
@@ -0,0 +1,15 @@
+--- auth-bozo.c.orig 2021-02-14 09:39:00 UTC
++++ auth-bozo.c
+@@ -106,9 +106,9 @@ bozo_auth_check(bozo_httpreq_t *request, const char *f
+ break;
+ fclose(fp);
+
+-#ifndef NO_BLOCKLIST_SUPPORT
+- pfilter_notify(BLOCKLIST_AUTH_OK, 200);
+-#endif /* !NO_BLOCKLIST_SUPPORT */
++#ifndef NO_BLACKLIST_SUPPORT
++ pfilter_notify(BLACKLIST_AUTH_OK, 200);
++#endif /* !NO_BLACKLIST_SUPPORT */
+
+ return 0;
+ }
Modified: head/www/bozohttpd/files/patch-bozohttpd.8
==============================================================================
--- head/www/bozohttpd/files/patch-bozohttpd.8 Thu Feb 18 07:06:48 2021 (r565908)
+++ head/www/bozohttpd/files/patch-bozohttpd.8 Thu Feb 18 07:28:52 2021 (r565909)
@@ -1,22 +1,153 @@
---- bozohttpd.8.orig
+--- bozohttpd.8.orig 2020-10-15 04:35:06 UTC
+++ bozohttpd.8
-@@ -316,8 +316,8 @@
+@@ -354,12 +354,26 @@ since version 20040828, they take multiple options (2
+ .Fl C
+ and 4 in the case of
+ .Fl M . )
++.Ss DEFAULT CONFIGURATION
++On
++.Fx ,
++.Nm
++can be enabled as the default web server by adding the following options to
++.Pa /etc/rc.conf
++:
++.Bd -literal
++bozohttpd_enable (bool): Set it to "YES" to enable bozohttpd.
++ Default is "NO".
++bozohttpd_flags (str): Options to pass to bozohttpd.
++ Default is "-b -t /var/empty -U nobody /".
++ The last argument, slashdir, is required.
++.Ed
+ .Ss INETD CONFIGURATION
+ As
+ .Nm
+-uses
++normally uses
+ .Xr inetd 8
+-by default to process incoming TCP connections for HTTP requests
++to process incoming TCP connections for HTTP requests
+ (but see the
+ .Fl b
+ option),
+@@ -371,8 +385,8 @@ A typical
.Xr inetd.conf 5
entry would be:
.Bd -literal
-http stream tcp nowait:600 _httpd /usr/libexec/httpd httpd /var/www
-http stream tcp6 nowait:600 _httpd /usr/libexec/httpd httpd /var/www
-+http stream tcp nowait:600 _httpd @@PREFIX@@/libexec/httpd httpd /var/www
-+http stream tcp6 nowait:600 _httpd @@PREFIX@@/libexec/httpd httpd /var/www
++http stream tcp nowait:600 www /usr/local/bin/bozohttpd httpd /var/www
++http stream tcp6 nowait:600 www /usr/local/bin/bozohttpd httpd /var/www
.Ed
.Pp
This would serve web pages from
-@@ -447,7 +447,7 @@
+@@ -386,7 +400,7 @@ requests per minute to 600, up from the
+ default of 40.
+ .Pp
+ Using the
+-.Nx
++.Fx
+ .Xr inetd 8 ,
+ you can provide multiple IP-address based HTTP servers by having multiple
+ listening ports with different configurations.
+@@ -438,15 +452,15 @@ jeremy:A.xewbx2DpQ8I
+ .Ed
+ .Pp
+ On
+-.Nx ,
++.Fx ,
+ the
+-.Xr pwhash 1
++.Xr openssl-passwd 1
+ utility may be used to generate hashed passwords.
+ .Pp
+-While
++While the
++.Fx
++port of
+ .Nm
+-distributed with
+-.Nx
+ has support for HTTP Basic Authorization enabled by default,
+ in the portable distribution it is excluded.
+ Compile
+@@ -456,21 +470,21 @@ with
+ on the compiler command line to enable this support.
+ It may require linking with the crypt library, using
+ .Dq -lcrypt .
+-.Ss BLOCKLIST SUPPORT
++.Ss BLACKLIST SUPPORT
+ On
+-.Nx ,
++.Fx ,
+ .Nm
+ supports
+-.Xr blocklistd 8
++.Xr blacklistd 8
+ by default.
+ The support can be disabled with the
+-.Dq -DNO_BLOCKLIST_SUPPORT
++.Dq -DNO_BLACKLIST_SUPPORT
+ compilation option.
+ .Pp
+ Upon occurrence,
+ .Nm
+ reports two HTTP status codes to
+-.Xr blocklistd 8
++.Xr blacklistd 8
+ as failures:
+ .Em 401
+ (``Unauthorized'')
+@@ -482,7 +496,7 @@ Of these,
+ is the one received upon authorization failure with the
+ HTTP Basic Authorization mechanism.
+ A successful authorization decreases the counter kept by
+-.Xr blocklistd 8 .
++.Xr blacklistd 8 .
+ .Pp
+ Note that the implementation of the HTTP Basic Authorization mechanism
+ uses a redirection; a status code
+@@ -491,7 +505,7 @@ is always initially received.
+ Therefore, a single authorization failure of
+ .Pa .htpasswd
+ is reported as two failures to
+-.Xr blocklistd 8 ,
++.Xr blacklistd 8 ,
+ but no failures are recorded upon successful authorization
+ due to the decrease of the failure counter.
+ .Ss SSL SUPPORT
+@@ -584,7 +598,7 @@ To configure set of virtual hosts, one would use an
.Xr inetd.conf 5
entry like:
.Bd -literal
-http stream tcp nowait:600 _httpd /usr/libexec/httpd httpd -v /var/vroot /var/www
-+http stream tcp nowait:600 _httpd @@PREFIX@@/libexec/httpd httpd -v /var/vroot /var/www
++http stream tcp nowait:600 www /usr/local/bin/bozohttpd httpd -v /var/vroot /var/www
.Ed
.Pp
and inside
+@@ -602,7 +616,7 @@ with PHP, one must use the
+ option to specify a CGI handler for a particular file type.
+ Typically this will be like:
+ .Bd -literal
+-httpd -C .php /usr/pkg/bin/php-cgi /var/www
++bozohttpd -C .php /usr/pkg/bin/php-cgi /var/www
+ .Ed
+ .Pp
+ Note that a plain script interpreter can not be used directly as a cgihandler,
+@@ -615,7 +629,7 @@ might do.
+ .Pp
+ It would be invoked like:
+ .Bd -literal
+-httpd -C .pl /www-scripts/bin/run.perl /var/www
++bozohttpd -C .pl /www-scripts/bin/run.perl /var/www
+ .Ed
+ and the script could look like:
+ .Bd -literal
+@@ -809,7 +823,7 @@ provided chroot and change-to-user support, and other
+ .An Jukka Ruohonen
+ .Aq Mt jruoho at NetBSD.org
+ provided support for
+-.Xr blocklist 8
++.Xr blacklist 8
+ .It
+ .An Jared McNeill
+ .Aq Mt jmcneill at NetBSD.org
Added: head/www/bozohttpd/files/patch-bozohttpd.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/www/bozohttpd/files/patch-bozohttpd.c Thu Feb 18 07:28:52 2021 (r565909)
@@ -0,0 +1,53 @@
+--- bozohttpd.c.orig 2021-02-14 09:40:33 UTC
++++ bozohttpd.c
+@@ -2174,22 +2174,22 @@ http_errors_long(int code)
+ return (help);
+ }
+
+-#ifndef NO_BLOCKLIST_SUPPORT
+-static struct blocklist *blstate;
++#ifndef NO_BLACKLIST_SUPPORT
++static struct blacklist *blstate;
+
+ void
+ pfilter_notify(const int what, const int code)
+ {
+
+ if (blstate == NULL)
+- blstate = blocklist_open();
++ blstate = blacklist_open();
+
+ if (blstate == NULL)
+ return;
+
+- (void)blocklist_r(blstate, what, 0, http_errors_short(code));
++ (void)blacklist_r(blstate, what, 0, http_errors_short(code));
+ }
+-#endif /* !NO_BLOCKLIST_SUPPORT */
++#endif /* !NO_BLACKLIST_SUPPORT */
+
+ /* the follow functions and variables are used in handling HTTP errors */
+ int
+@@ -2294,18 +2294,18 @@ bozo_http_error(bozohttpd_t *httpd, int code, bozo_htt
+ bozo_printf(httpd, "%s", httpd->errorbuf);
+ bozo_flush(httpd, stdout);
+
+-#ifndef NO_BLOCKLIST_SUPPORT
++#ifndef NO_BLACKLIST_SUPPORT
+ switch(code) {
+
+ case 401:
+- pfilter_notify(BLOCKLIST_AUTH_FAIL, code);
++ pfilter_notify(BLACKLIST_AUTH_FAIL, code);
+ break;
+
+ case 403:
+- pfilter_notify(BLOCKLIST_ABUSIVE_BEHAVIOR, code);
++ pfilter_notify(BLACKLIST_ABUSIVE_BEHAVIOR, code);
+ break;
+ }
+-#endif /* !NO_BLOCKLIST_SUPPORT */
++#endif /* !NO_BLACKLIST_SUPPORT */
+
+ return code;
+ }
Added: head/www/bozohttpd/files/patch-bozohttpd.h
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/www/bozohttpd/files/patch-bozohttpd.h Thu Feb 18 07:28:52 2021 (r565909)
@@ -0,0 +1,13 @@
+--- bozohttpd.h.orig 2021-02-13 19:42:32 UTC
++++ bozohttpd.h
+@@ -44,8 +44,8 @@
+ #include <lua.h>
+ #endif
+
+-#ifndef NO_BLOCKLIST_SUPPORT
+-#include <blocklist.h>
++#ifndef NO_BLACKLIST_SUPPORT
++#include <blacklist.h>
+ void pfilter_notify(const int, const int);
+ #endif
+
Modified: head/www/bozohttpd/pkg-descr
==============================================================================
--- head/www/bozohttpd/pkg-descr Thu Feb 18 07:06:48 2021 (r565908)
+++ head/www/bozohttpd/pkg-descr Thu Feb 18 07:28:52 2021 (r565909)
@@ -1,10 +1,23 @@
Bozohttpd is a small and secure HTTP version 1.1 server. Its main feature
is the lack of features, reducing the code size and improving verifiability.
+This is also the minimal web server that is shipped by default in NetBSD.
-It supports CGI/1.1, HTTP/1.1, HTTP/1.0, HTTP/0.9, ~user translations,
+It supports SSL, CGI/1.1, HTTP/1.1, HTTP/1.0, HTTP/0.9, ~user translations,
virtual hosting support, as well as multiple IP-based servers on a single
-machine. It is capable of services pages via the IPv6 protocol. It has no
-configuration file by design. Recently added features are htpasswd, SSL,
-and dynamic redirection, that can be easily disabled.
+machine. It is capable of serving pages via the IPv6 protocol. It has no
+configuration file by design. Many features are enabled with CLI options.
+
+For extra security, unused features can be excluded when you build the port:
+
+ o Support for blacklistd(8) to avoid DoS abuse
+ o Common Gateway Interface (CGI) support (-C, -c, -E, -e)
+ o Optional daemon mode (-b)
+ o Debug support (-d)
+ o Automatic directory index if index.html is missing (-X)
+ o Dynamic content based on file suffixes (-C, -M)
+ o Basic authentication with .htpasswd files
+ o SSL/TLS for HTTPS requests (-Z, -z)
+ o Lua scripts for dynamic content (-L)
+ o Optional /~user transformation (-e, -p, -u)
WWW: http://www.eterna.com.au/bozohttpd/
More information about the svn-ports-all
mailing list