diff options
Diffstat (limited to 'www-servers')
| -rw-r--r-- | www-servers/Manifest.gz | bin | 4372 -> 4371 bytes | |||
| -rw-r--r-- | www-servers/h2o/Manifest | 6 | ||||
| -rw-r--r-- | www-servers/h2o/files/h2o-2.2-CVE-2023-44487.patch | 225 | ||||
| -rw-r--r-- | www-servers/h2o/files/h2o-2.2-libressl.patch | 54 | ||||
| -rw-r--r-- | www-servers/h2o/files/h2o-2.2-mruby.patch | 57 | ||||
| -rw-r--r-- | www-servers/h2o/files/h2o-2.2-ruby30.patch | 63 | ||||
| -rw-r--r-- | www-servers/h2o/h2o-2.2.6-r2.ebuild | 107 | ||||
| -rw-r--r-- | www-servers/lighttpd/Manifest | 2 | ||||
| -rw-r--r-- | www-servers/lighttpd/lighttpd-1.4.77.ebuild | 2 |
9 files changed, 2 insertions, 514 deletions
diff --git a/www-servers/Manifest.gz b/www-servers/Manifest.gz Binary files differindex 3572a39dc6e9..d3edca2c7601 100644 --- a/www-servers/Manifest.gz +++ b/www-servers/Manifest.gz diff --git a/www-servers/h2o/Manifest b/www-servers/h2o/Manifest index 5e0393a6fcbc..7334bdf83b23 100644 --- a/www-servers/h2o/Manifest +++ b/www-servers/h2o/Manifest @@ -1,16 +1,10 @@ -AUX h2o-2.2-CVE-2023-44487.patch 10281 BLAKE2B 8de372faab97f790623e3b4c72519b684d1bc104d4cd98d5804b00459f1e16f7f4e248e2decbc2ff07c36c6f3f05c014a5a5e798afed0b2ada9d1afef476e4a9 SHA512 bf858f0ae7126fc0da8f2a2062e698e5e0c14a62f6d109e581c47e58115f0efc31c6a3c91a09343819eda702aa9fe608bfbcc1f9e95237c195a9f51eac31a683 -AUX h2o-2.2-libressl.patch 2098 BLAKE2B 18bd0375a4c44ab7d744899cfaaa983ec2d494a9d58f5d358fb2157fc3b919a977a216e22c26aaa9908d8addda27871832f97093bffd4b4faf10e9d95ae51a6d SHA512 0970aa90e07c762ba586f7d071dc5b4183336adb2602c95dcff568124a9bd737aefc9ecc812f6b006edc6e4c4f9cbc664e6af96c7d6f09681f65e8eac552ac7a -AUX h2o-2.2-mruby.patch 2034 BLAKE2B 78ab2c8080c017ae03b33366aed553e8d47581bc04b274adc7a7e18bc79ddb5a95266ce13824a8286d9b52d4432b0895598301bd07aa42b1d7e4cbb4d46d98a9 SHA512 724186190756292ce9589a5aae28fd9ae089e377beccb1a2a6562d3d764777dec820413f31d820f61691a529dbdac0dcb55b2e395e46629b2656496bea9c182a -AUX h2o-2.2-ruby30.patch 2452 BLAKE2B c94318a2493a6e121da571b81cd641021dea43fec30f3d9acf791e697d7daa194d2c4b8120a9281028cbb01a47b8b3ccddb6364f5e0a2004ad4a7d127276e1e1 SHA512 b44c64d5ede422a18df63dac5c9129bbc21b59179b657af09c2a6cc246247d17fee8ad1ecf4d2aec55df855bdfefcc102d07b21d8002023474df5627c9de961d AUX h2o-2.3-mruby.patch 3326 BLAKE2B 4fece07444b396e99be9ac80635ca60aa420fe1a74a26bcb1117fb5c941c433d8d059560fbdc216134c072fd0f3d3dc8271e111036ff23a8df6d69ac0cc16d51 SHA512 dc071bc111e543c552d67f9d11069b370329f92224d8a570be78b8a1d559471257065a81b26bc8cae655f68d2b63c02dbca0a7d32605a1249959b87f82e2bcdb AUX h2o.conf 350 BLAKE2B 948c90451fd76cb55f3b42eaa9ddc01564b2bd2c46437649fb639d6cee89c5adfac780e533c13793133e6798d847c1c87c631979162af9a1b7c5caebb8963b3b SHA512 b2ba08c3bcd15c3c7631913dc64006870487773f952421aec624f82dcbe836137a2b8357cbd0b8e26626f9c6f108c8aee46beb61e8649fe78fac0e31ef585b6e AUX h2o.initd 845 BLAKE2B f420962962517051c695f00e11a3b6edb899a672d0984db3d68b88545064767e7059cd9b3ec60b7cb70469b403e0927dbaea4e9f7b7a00979b4f036f945585d5 SHA512 9fdfde2857d97937939b1dd591b94f26f77b6fd6061d385c807738be508f1df740acf36c38ca95c22a36f13caed5d537b6fc1f6cceaf1beda8f8f48ef452c177 AUX h2o.logrotate 230 BLAKE2B 44eeaf3b0e60104d4f87c7110815a30f907a6fd676e75a2068fb9cddd8192d3e75729aaeabc89d6430eef7c075b21271918fd65b086de188f7df0c6ceb332141 SHA512 88d36e272c52c5df765d8ebac8f2acca378c8b096af7fa8eda68e1ec5597cba6096286f0ab634f128329148e65980128f0612e90a185de781c5d109653e096dd AUX h2o.service 364 BLAKE2B 9995cde4d79e5998624a2cadfc6ec3e954d4609458cc267628c2fbcb44dccd78277bddc032a784a00445c6b399fafc1ee629920355bf7aa84d26b1010bd103b0 SHA512 475b1e7b616eae335e094451532b0de5aa9cf9abc4999aaa44a9a35c43def4fb060ee5e728409bc33960f8ad3a81e6f549783906ac7ebad5b72cb7422ffb96a2 -DIST h2o-2.2.6.tar.gz 16257760 BLAKE2B 8474751ca9832ddae2022710654ca58a93ebf9ca01afe934950209b04357b7548b05c598c49fe92684b2910fd6309d6fc3923a0b01cdeeb4b0dc65b08842255f SHA512 f2f28905c01782a0432c9dfdb2f21054e0a4741ac4c5f26802d4b439d0172840aa215aba5dc7c9af62275dcc24de105674a3819384dc38246e43ce3e8263eb20 DIST h2o-2.3.0_pre20241014.tar.gz 30845679 BLAKE2B 9c0d21f31770dd0591690ab8b2fc5e08052cf0aa40046e9bb03158907c05cfd8121bdb140f175172da3a0c8653a09d2729581017f6cc20a53c0bbb534db6263b SHA512 d4d3cdf8553f8583fe3dd7fe9f34e055f0cef39a8c0fa370e837afbe11a7ff9fa0e907a2edf014ec494b663a6216f643daca19a1c23ff163a4c2514a45ccc706 DIST h2o-2.3.0_pre20250130.tar.gz 30811885 BLAKE2B e40c59c9fc010412e613bd8059108f88b554131afd64a832c6e2db3ee0a9aa01b14451abee680d91b430a47550f32897dde367b86ee48397029d4b7890258e0e SHA512 3d855ed1571e11fb6b0ed3b0f85cd26a015448347423eb0b994f8803b23c73bf7b773b0d84b6a2b70f08c314496488ad02f358a2269478e86da18fc983c26ae1 -EBUILD h2o-2.2.6-r2.ebuild 2302 BLAKE2B a8278b2a88bddffb1b364673b5c01cbf842b3eec5f5c3c11cd453537bb1e0995858f97c436a41a9661655fae62d804d2d99d6d403651f3edd1b901a0d7f54d2b SHA512 4654d98e8827aecb84b48fb5278640292f34b2d82406bb21cc55a26d6936aa0b166b2405aee3c817e4362b0fc1c7a3ffd1d7ec1a45eb583a32f086377c73c377 EBUILD h2o-2.3.0_pre20241014.ebuild 2243 BLAKE2B 9aa1c6ea2fe73c3a8a7a425f9e318e51921840b8f4be03dc48b07a9bf5a7f8241142ad6533910f73dff79212513f8cb1d54a9b8993d1f67c0df54fb62e9a91d3 SHA512 e61d16bbe15733deb69658bef4243fc9e6b0b25380bb0ba6d2a4da81d582e04cf7dae1c77a788cd8c7fa9bbcee52bab886c5d2f1d05c35b67147c8a1e24d5e90 EBUILD h2o-2.3.0_pre20250130.ebuild 2245 BLAKE2B 4ac97b208d6f061347beeebe3767a5da3a6f658a0082dd209d873af159fdac8a7564e63ac8b6dede966f648063dc4ad7856287150f79fa578f43ec099ff41288 SHA512 769478c3bedb46a235960b2df9e193e98ca455489a709c5f01117fb592c9eb4f8c006dc630e0b37fb31372101687e2d6ad5394eeecd042d1fb462d7ae9648581 EBUILD h2o-9999.ebuild 2137 BLAKE2B d20fb05da90ccbb376837fede3218ed8a97461f6da9cd740acb53ac2709bdcfb6e59da643bbe54bd04762223803c56c92fa9221f615370457f3b4d51b98dce7f SHA512 6e9cca2c835988010fa73f5a655ac1358871c8962b93737a204e67527fcd143827670b97b4897bd9b214f4c765fa4734be9bb428fc5eb75ad7053fdbb0f29d00 diff --git a/www-servers/h2o/files/h2o-2.2-CVE-2023-44487.patch b/www-servers/h2o/files/h2o-2.2-CVE-2023-44487.patch deleted file mode 100644 index 71a511ac9ed2..000000000000 --- a/www-servers/h2o/files/h2o-2.2-CVE-2023-44487.patch +++ /dev/null @@ -1,225 +0,0 @@ -https://github.com/h2o/h2o/pull/3293 - -From 770208bbe3955c47e005a1e8cb08266e4a8dfc9a Mon Sep 17 00:00:00 2001 -From: Remi Gacogne <remi.gacogne@powerdns.com> -Date: Tue, 10 Oct 2023 15:47:57 +0200 -Subject: [PATCH] [http2] delay processing requests upon observing suspicious - behavior - -Backport of 94fbc54b6c9309912fe3d53e7b63408bbe9a1b0d to v2.2.x ---- - include/h2o.h | 8 +++++++ - include/h2o/http2_internal.h | 8 +++++++ - lib/core/config.c | 1 + - lib/core/configurator.c | 9 ++++++++ - lib/core/context.c | 2 ++ - lib/http2/connection.c | 41 ++++++++++++++++++++++++++++++++---- - 6 files changed, 65 insertions(+), 4 deletions(-) - -diff --git a/include/h2o.h b/include/h2o.h -index 57877bd12c..409cd5c21c 100644 ---- a/include/h2o.h -+++ b/include/h2o.h -@@ -378,6 +378,10 @@ struct st_h2o_globalconf_t { - * list of callbacks - */ - h2o_protocol_callbacks_t callbacks; -+ /** -+ * milliseconds to delay processing requests when suspicious behavior is detected -+ */ -+ uint64_t dos_delay; - } http2; - - struct { -@@ -590,6 +594,10 @@ struct st_h2o_context_t { - * timeout entry used for graceful shutdown - */ - h2o_timeout_entry_t _graceful_shutdown_timeout; -+ /* -+ * dos timeout -+ */ -+ h2o_timeout_t dos_delay_timeout; - struct { - /** - * counter for http2 errors internally emitted by h2o -diff --git a/include/h2o/http2_internal.h b/include/h2o/http2_internal.h -index 5cfc4d8204..b9cf400929 100644 ---- a/include/h2o/http2_internal.h -+++ b/include/h2o/http2_internal.h -@@ -179,6 +179,7 @@ struct st_h2o_http2_stream_t { - h2o_linklist_t link; - h2o_http2_scheduler_openref_t scheduler; - } _refs; -+ unsigned reset_by_peer : 1; - h2o_send_state_t send_state; /* state of the ostream, only used in push mode */ - /* placed at last since it is large and has it's own ctor */ - h2o_req_t req; -@@ -232,6 +233,13 @@ struct st_h2o_http2_conn_t { - } _write; - h2o_cache_t *push_memo; - h2o_http2_casper_t *casper; -+ /** -+ * DoS mitigation; the idea here is to delay processing requests when observing suspicious behavior -+ */ -+ struct { -+ h2o_timeout_entry_t process_delay; -+ size_t reset_budget; /* RST_STREAM frames are considered suspicious when this value goes down to zero */ -+ } dos_mitigation; - }; - - int h2o_http2_update_peer_settings(h2o_http2_settings_t *settings, const uint8_t *src, size_t len, const char **err_desc); -diff --git a/lib/core/config.c b/lib/core/config.c -index ce1d320183..08e43a6d30 100644 ---- a/lib/core/config.c -+++ b/lib/core/config.c -@@ -189,6 +189,7 @@ void h2o_config_init(h2o_globalconf_t *config) - config->http2.latency_optimization.min_rtt = 50; // milliseconds - config->http2.latency_optimization.max_additional_delay = 10; - config->http2.latency_optimization.max_cwnd = 65535; -+ config->http2.dos_delay = 100; /* 100ms processing delay when observing suspicious behavior */ - config->http2.callbacks = H2O_HTTP2_CALLBACKS; - config->mimemap = h2o_mimemap_create(); - -diff --git a/lib/core/configurator.c b/lib/core/configurator.c -index 891770cc2d..4731ba2707 100644 ---- a/lib/core/configurator.c -+++ b/lib/core/configurator.c -@@ -531,6 +531,12 @@ static int on_config_http2_casper(h2o_configurator_command_t *cmd, h2o_configura - return 0; - } - -+ -+static int on_config_http2_dos_delay(h2o_configurator_command_t *cmd, h2o_configurator_context_t *ctx, yoml_t *node) -+{ -+ return config_timeout(cmd, node, &ctx->globalconf->http2.dos_delay); -+} -+ - static int assert_is_mimetype(h2o_configurator_command_t *cmd, yoml_t *node) - { - if (node->type != YOML_TYPE_SCALAR) { -@@ -910,6 +916,9 @@ void h2o_configurator__init_core(h2o_globalconf_t *conf) - on_config_http2_push_preload); - h2o_configurator_define_command(&c->super, "http2-casper", H2O_CONFIGURATOR_FLAG_GLOBAL | H2O_CONFIGURATOR_FLAG_HOST, - on_config_http2_casper); -+ h2o_configurator_define_command(&c->super, "http2-dos-delay", -+ H2O_CONFIGURATOR_FLAG_GLOBAL | H2O_CONFIGURATOR_FLAG_EXPECT_SCALAR, -+ on_config_http2_dos_delay); - h2o_configurator_define_command(&c->super, "file.mime.settypes", - (H2O_CONFIGURATOR_FLAG_ALL_LEVELS & ~H2O_CONFIGURATOR_FLAG_EXTENSION) | - H2O_CONFIGURATOR_FLAG_EXPECT_MAPPING, -diff --git a/lib/core/context.c b/lib/core/context.c -index 8d11013810..ac4b0aaf08 100644 ---- a/lib/core/context.c -+++ b/lib/core/context.c -@@ -101,6 +101,7 @@ void h2o_context_init(h2o_context_t *ctx, h2o_loop_t *loop, h2o_globalconf_t *co - h2o_linklist_init_anchor(&ctx->http1._conns); - h2o_timeout_init(ctx->loop, &ctx->http2.idle_timeout, config->http2.idle_timeout); - h2o_timeout_init(ctx->loop, &ctx->http2.graceful_shutdown_timeout, config->http2.graceful_shutdown_timeout); -+ h2o_timeout_init(ctx->loop, &ctx->http2.dos_delay_timeout, config->http2.dos_delay); - h2o_linklist_init_anchor(&ctx->http2._conns); - ctx->proxy.client_ctx.loop = loop; - h2o_timeout_init(ctx->loop, &ctx->proxy.io_timeout, config->proxy.io_timeout); -@@ -146,6 +147,7 @@ void h2o_context_dispose(h2o_context_t *ctx) - h2o_timeout_dispose(ctx->loop, &ctx->http1.req_timeout); - h2o_timeout_dispose(ctx->loop, &ctx->http2.idle_timeout); - h2o_timeout_dispose(ctx->loop, &ctx->http2.graceful_shutdown_timeout); -+ h2o_timeout_dispose(ctx->loop, &ctx->http2.dos_delay_timeout); - h2o_timeout_dispose(ctx->loop, &ctx->proxy.io_timeout); - /* what should we do here? assert(!h2o_linklist_is_empty(&ctx->http2._conns); */ - -diff --git a/lib/http2/connection.c b/lib/http2/connection.c -index e2da293043..4910e33098 100644 ---- a/lib/http2/connection.c -+++ b/lib/http2/connection.c -@@ -161,7 +161,6 @@ static void update_idle_timeout(h2o_http2_conn_t *conn) - h2o_timeout_unlink(&conn->_timeout_entry); - - if (conn->num_streams.pull.half_closed + conn->num_streams.push.half_closed == 0) { -- assert(h2o_linklist_is_empty(&conn->_pending_reqs)); - conn->_timeout_entry.cb = on_idle_timeout; - h2o_timeout_link(conn->super.ctx->loop, &conn->super.ctx->http2.idle_timeout, &conn->_timeout_entry); - } -@@ -175,6 +174,9 @@ static int can_run_requests(h2o_http2_conn_t *conn) - - static void run_pending_requests(h2o_http2_conn_t *conn) - { -+ if (h2o_timeout_is_linked(&conn->dos_mitigation.process_delay)) -+ return; -+ - while (!h2o_linklist_is_empty(&conn->_pending_reqs) && can_run_requests(conn)) { - /* fetch and detach a pending stream */ - h2o_http2_stream_t *stream = H2O_STRUCT_FROM_MEMBER(h2o_http2_stream_t, _refs.link, conn->_pending_reqs.next); -@@ -226,6 +228,16 @@ void h2o_http2_conn_unregister_stream(h2o_http2_conn_t *conn, h2o_http2_stream_t - assert(h2o_http2_scheduler_is_open(&stream->_refs.scheduler)); - h2o_http2_scheduler_close(&stream->_refs.scheduler); - -+ /* Decrement reset_budget if the stream was reset by peer, otherwise increment. By doing so, we penalize connections that -+ * generate resets for >50% of requests. */ -+ if (stream->reset_by_peer) { -+ if (conn->dos_mitigation.reset_budget > 0) -+ --conn->dos_mitigation.reset_budget; -+ } else { -+ if (conn->dos_mitigation.reset_budget < conn->super.ctx->globalconf->http2.max_concurrent_requests_per_connection) -+ ++conn->dos_mitigation.reset_budget; -+ } -+ - switch (stream->state) { - case H2O_HTTP2_STREAM_STATE_IDLE: - case H2O_HTTP2_STREAM_STATE_RECV_HEADERS: -@@ -272,6 +284,8 @@ void close_connection_now(h2o_http2_conn_t *conn) - h2o_hpack_dispose_header_table(&conn->_output_header_table); - assert(h2o_linklist_is_empty(&conn->_pending_reqs)); - h2o_timeout_unlink(&conn->_timeout_entry); -+ if (h2o_timeout_is_linked(&conn->dos_mitigation.process_delay)) -+ h2o_timeout_unlink(&conn->dos_mitigation.process_delay); - h2o_buffer_dispose(&conn->_write.buf); - if (conn->_write.buf_in_flight != NULL) - h2o_buffer_dispose(&conn->_write.buf_in_flight); -@@ -797,11 +811,19 @@ static int handle_rst_stream_frame(h2o_http2_conn_t *conn, h2o_http2_frame_t *fr - return H2O_HTTP2_ERROR_PROTOCOL; - } - -- stream = h2o_http2_conn_get_stream(conn, frame->stream_id); -- if (stream != NULL) { -+ if ((stream = h2o_http2_conn_get_stream(conn, frame->stream_id)) == NULL) -+ return 0; -+ - /* reset the stream */ -+ stream->reset_by_peer = 1; - h2o_http2_stream_reset(conn, stream); -- } -+ -+ /* setup process delay if we've just ran out of reset budget */ -+ if (conn->dos_mitigation.reset_budget == 0 && conn->super.ctx->globalconf->http2.dos_delay != 0 && -+ !h2o_timeout_is_linked(&conn->dos_mitigation.process_delay)) -+ h2o_timeout_link(conn->super.ctx->loop, &conn->super.ctx->http2.dos_delay_timeout, -+ &conn->dos_mitigation.process_delay); -+ - /* TODO log */ - - return 0; -@@ -1204,6 +1226,14 @@ static h2o_iovec_t log_priority_actual_weight(h2o_req_t *req) - return h2o_iovec_init(s, len); - } - -+static void on_dos_process_delay(h2o_timeout_entry_t *timer) -+{ -+ h2o_http2_conn_t *conn = H2O_STRUCT_FROM_MEMBER(h2o_http2_conn_t, dos_mitigation.process_delay, timer); -+ -+ assert(!h2o_timeout_is_linked(&conn->dos_mitigation.process_delay)); -+ run_pending_requests(conn); -+} -+ - static h2o_http2_conn_t *create_conn(h2o_context_t *ctx, h2o_hostconf_t **hosts, h2o_socket_t *sock, struct timeval connected_at) - { - static const h2o_conn_callbacks_t callbacks = { -@@ -1240,6 +1270,9 @@ static h2o_http2_conn_t *create_conn(h2o_context_t *ctx, h2o_hostconf_t **hosts, - conn->_write.timeout_entry.cb = emit_writereq; - h2o_http2_window_init(&conn->_write.window, &conn->peer_settings); - -+ conn->dos_mitigation.process_delay.cb = on_dos_process_delay; -+ conn->dos_mitigation.reset_budget = conn->super.ctx->globalconf->http2.max_concurrent_requests_per_connection; -+ - return conn; - } - diff --git a/www-servers/h2o/files/h2o-2.2-libressl.patch b/www-servers/h2o/files/h2o-2.2-libressl.patch deleted file mode 100644 index 59aca8df8550..000000000000 --- a/www-servers/h2o/files/h2o-2.2-libressl.patch +++ /dev/null @@ -1,54 +0,0 @@ -https://bugs.gentoo.org/903001 -https://github.com/h2o/neverbleed/pull/51 -https://github.com/h2o/neverbleed/commit/e1005c16e11b2ca358c86df2a4226632a2992d55 -https://github.com/h2o/h2o/pull/3214 -https://github.com/h2o/h2o/commit/83f89f2fe7c5399b88386a940b2a675742478aca -https://github.com/h2o/h2o/pull/2062 -https://github.com/h2o/h2o/commit/e61e9c8296e894a479268d041985e65433c17e67 - -From 81494ee75e8f533c9fbf841d0dfe83f8eeba7bbd Mon Sep 17 00:00:00 2001 -From: Kazuho Oku <kazuhooku@gmail.com> -Date: Mon, 13 Mar 2023 18:56:12 +0900 -Subject: [PATCH] libressl 3.5 and above have opaque RSA struct - ---- - deps/neverbleed/neverbleed.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/neverbleed.c b/neverbleed.c -index d7cd979..74d7aa3 100644 ---- a/deps/neverbleed/neverbleed.c -+++ b/deps/neverbleed/neverbleed.c -@@ -45,7 +45,7 @@ - #endif - #include "neverbleed.h" - --#if (!defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x1010000fL) -+#if defined(LIBRESSL_VERSION_NUMBER) ? LIBRESSL_VERSION_NUMBER >= 0x3050000fL : OPENSSL_VERSION_NUMBER >= 0x1010000fL - #define OPENSSL_1_1_API 1 - #else - #define OPENSSL_1_1_API 0 -Silence compiler warning. The get_session_cb has had const since LibreSSL 2.8. - -From b408b9e015627394003a04577dd7ee7e870d1797 Mon Sep 17 00:00:00 2001 -From: David Carlier <devnexen@gmail.com> -Date: Thu, 30 May 2019 15:05:44 +0100 -Subject: [PATCH] LibreSSL little build warning fix proposal - ---- - lib/common/socket.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/lib/common/socket.c b/lib/common/socket.c -index 172b75026f..45c18591b7 100644 ---- a/lib/common/socket.c -+++ b/lib/common/socket.c -@@ -946,7 +946,7 @@ static void create_ossl(h2o_socket_t *sock) - } - - static SSL_SESSION *on_async_resumption_get(SSL *ssl, --#if OPENSSL_VERSION_NUMBER >= 0x1010000fL && !defined(LIBRESSL_VERSION_NUMBER) -+#if !defined(LIBRESSL_VERSION_NUMBER) ? OPENSSL_VERSION_NUMBER >= 0x1010000fL : LIBRESSL_VERSION_NUMBER > 0x2070000f - const - #endif - unsigned char *data, diff --git a/www-servers/h2o/files/h2o-2.2-mruby.patch b/www-servers/h2o/files/h2o-2.2-mruby.patch deleted file mode 100644 index 92e7a8e7f1d7..000000000000 --- a/www-servers/h2o/files/h2o-2.2-mruby.patch +++ /dev/null @@ -1,57 +0,0 @@ ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -157,6 +157,19 @@ - SET(WSLAY_LIBRARIES -lwslay) - ENDIF (NOT WSLAY_FOUND) - -+IF (PKG_CONFIG_FOUND) -+ PKG_CHECK_MODULES(ONIG onigmo) -+ IF (NOT ONIG_FOUND) -+ PKG_CHECK_MODULES(ONIG oniguruma) -+ ENDIF (NOT ONIG_FOUND) -+ IF (ONIG_FOUND) -+ LINK_DIRECTORIES(${ONIG_LIBRARY_DIRS}) -+ ENDIF (ONIG_FOUND) -+ENDIF (PKG_CONFIG_FOUND) -+IF (NOT ONIG_FOUND AND WITH_MRUBY) -+ MESSAGE(FATAL_ERROR "Onigmo/Oniguruma not found") -+ENDIF (NOT ONIG_FOUND AND WITH_MRUBY) -+ - IF (ZLIB_FOUND) - INCLUDE_DIRECTORIES(${ZLIB_INCLUDE_DIRS}) - LINK_DIRECTORIES(${ZLIB_LIBRARY_DIRS}) -@@ -460,7 +473,7 @@ - ELSE () - SET(MRUBY_TOOLCHAIN "gcc") - ENDIF () -- ADD_CUSTOM_TARGET(mruby MRUBY_TOOLCHAIN=${MRUBY_TOOLCHAIN} MRUBY_CONFIG=${CMAKE_CURRENT_SOURCE_DIR}/misc/mruby_config.rb MRUBY_BUILD_DIR=${CMAKE_CURRENT_BINARY_DIR}/mruby ruby minirake -+ ADD_CUSTOM_TARGET(mruby MRUBY_TOOLCHAIN=${MRUBY_TOOLCHAIN} MRUBY_CONFIG=${CMAKE_CURRENT_SOURCE_DIR}/misc/mruby_config.rb MRUBY_BUILD_DIR=${CMAKE_CURRENT_BINARY_DIR}/mruby ruby minirake -v - WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/deps/mruby) - LIST(APPEND STANDALONE_SOURCE_FILES - lib/handler/mruby.c -@@ -491,7 +504,7 @@ - # note: the paths need to be determined before libmruby.flags.mak is generated - TARGET_LINK_LIBRARIES(h2o - "${CMAKE_CURRENT_BINARY_DIR}/mruby/host/lib/libmruby.a" -- "${CMAKE_CURRENT_BINARY_DIR}/mruby/host/mrbgems/mruby-onig-regexp/onigmo-6.1.1/.libs/libonigmo.a" -+ ${ONIG_LIBRARIES} - "m") - ADD_DEPENDENCIES(h2o mruby) - ENDIF (WITH_MRUBY) ---- a/misc/mruby_config.rb -+++ b/misc/mruby_config.rb -@@ -15,13 +15,7 @@ - # use mrbgems - Dir.glob("../mruby-*/mrbgem.rake") do |x| - g = File.basename File.dirname x -- if g == 'mruby-onig-regexp' -- conf.gem "../deps/#{g}" do |c| -- c.bundle_onigmo -- end -- else -- conf.gem "../deps/#{g}" -- end -+ conf.gem "../deps/#{g}" - end - - # include all the core GEMs diff --git a/www-servers/h2o/files/h2o-2.2-ruby30.patch b/www-servers/h2o/files/h2o-2.2-ruby30.patch deleted file mode 100644 index 47692d68bba5..000000000000 --- a/www-servers/h2o/files/h2o-2.2-ruby30.patch +++ /dev/null @@ -1,63 +0,0 @@ ---- a/deps/mruby/Rakefile -+++ b/deps/mruby/Rakefile -@@ -37,15 +37,15 @@ - task :default => :all - - bin_path = ENV['INSTALL_DIR'] || "#{MRUBY_ROOT}/bin" --FileUtils.mkdir_p bin_path, { :verbose => $verbose } -+FileUtils.mkdir_p bin_path, :verbose => $verbose - - depfiles = MRuby.targets['host'].bins.map do |bin| - install_path = MRuby.targets['host'].exefile("#{bin_path}/#{bin}") - source_path = MRuby.targets['host'].exefile("#{MRuby.targets['host'].build_dir}/bin/#{bin}") - - file install_path => source_path do |t| -- FileUtils.rm_f t.name, { :verbose => $verbose } -- FileUtils.cp t.prerequisites.first, t.name, { :verbose => $verbose } -+ FileUtils.rm_f t.name, :verbose => $verbose -+ FileUtils.cp t.prerequisites.first, t.name, :verbose => $verbose - end - - install_path -@@ -78,8 +78,8 @@ - install_path = MRuby.targets['host'].exefile("#{bin_path}/#{bin}") - - file install_path => exec do |t| -- FileUtils.rm_f t.name, { :verbose => $verbose } -- FileUtils.cp t.prerequisites.first, t.name, { :verbose => $verbose } -+ FileUtils.rm_f t.name, :verbose => $verbose -+ FileUtils.cp t.prerequisites.first, t.name, :verbose => $verbose - end - depfiles += [ install_path ] - elsif target == MRuby.targets['host-debug'] -@@ -87,8 +87,8 @@ - install_path = MRuby.targets['host-debug'].exefile("#{bin_path}/#{bin}") - - file install_path => exec do |t| -- FileUtils.rm_f t.name, { :verbose => $verbose } -- FileUtils.cp t.prerequisites.first, t.name, { :verbose => $verbose } -+ FileUtils.rm_f t.name, :verbose => $verbose -+ FileUtils.cp t.prerequisites.first, t.name, :verbose => $verbose - end - depfiles += [ install_path ] - end -@@ -127,16 +127,16 @@ - desc "clean all built and in-repo installed artifacts" - task :clean do - MRuby.each_target do |t| -- FileUtils.rm_rf t.build_dir, { :verbose => $verbose } -+ FileUtils.rm_rf t.build_dir, :verbose => $verbose - end -- FileUtils.rm_f depfiles, { :verbose => $verbose } -+ FileUtils.rm_f depfiles, :verbose => $verbose - puts "Cleaned up target build folder" - end - - desc "clean everything!" - task :deep_clean => ["clean"] do - MRuby.each_target do |t| -- FileUtils.rm_rf t.gem_clone_dir, { :verbose => $verbose } -+ FileUtils.rm_rf t.gem_clone_dir, :verbose => $verbose - end - puts "Cleaned up mrbgems build folder" - end diff --git a/www-servers/h2o/h2o-2.2.6-r2.ebuild b/www-servers/h2o/h2o-2.2.6-r2.ebuild deleted file mode 100644 index 45ad42c87a40..000000000000 --- a/www-servers/h2o/h2o-2.2.6-r2.ebuild +++ /dev/null @@ -1,107 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI="8" -CMAKE_MAKEFILE_GENERATOR="emake" -SSL_DEPS_SKIP=1 -USE_RUBY="ruby31 ruby32" - -inherit cmake ruby-single ssl-cert systemd toolchain-funcs - -DESCRIPTION="H2O - the optimized HTTP/1, HTTP/2 server" -HOMEPAGE="https://h2o.examp1e.net/" -SRC_URI="https://github.com/${PN}/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz" - -LICENSE="MIT" -SLOT="0" -KEYWORDS="amd64 x86" -IUSE="libh2o +mruby" - -RDEPEND="acct-group/h2o - acct-user/h2o - dev-lang/perl - dev-libs/openssl:0= - !sci-libs/libh2o - sys-libs/zlib - libh2o? ( dev-libs/libuv )" -DEPEND="${RDEPEND} - mruby? ( - ${RUBY_DEPS} - || ( - dev-libs/onigmo - dev-libs/oniguruma - ) - )" -BDEPEND="libh2o? ( virtual/pkgconfig ) - mruby? ( - app-alternatives/yacc - virtual/pkgconfig - )" - -PATCHES=( - "${FILESDIR}"/${PN}-2.2-libressl.patch #903001 - "${FILESDIR}"/${PN}-2.2-mruby.patch - "${FILESDIR}"/${PN}-2.2-ruby30.patch - "${FILESDIR}"/${PN}-2.2-CVE-2023-44487.patch -) - -src_prepare() { - cmake_src_prepare - - local ruby="ruby" - if use mruby; then - for ruby in ${RUBY_TARGETS_PREFERENCE}; do - if has_version dev-lang/ruby:${ruby:4:1}.${ruby:5}; then - break - fi - ruby= - done - [[ -z ${ruby} ]] && die "no suitable ruby version found" - fi - - sed -i \ - -e "/INSTALL/s:\(/doc/${PN}\) :\1/html :" \ - -e "/INSTALL/s:\(/doc\)/${PN}:\1/${PF}:" \ - -e "s: ruby: ${ruby}:" \ - CMakeLists.txt - - sed -i "s:pkg-config:$(tc-getPKG_CONFIG):g" deps/mruby/lib/mruby/gem.rb - tc-export CC - export LD="$(tc-getCC)" -} - -src_configure() { - local mycmakeargs=( - -DCMAKE_INSTALL_SYSCONFDIR="${EPREFIX}"/etc/${PN} - -DWITH_MRUBY=$(usex mruby) - -DWITHOUT_LIBS=$(usex !libh2o) - -DBUILD_SHARED_LIBS=$(usex libh2o) - ) - cmake_src_configure -} - -src_install() { - cmake_src_install - - keepdir /var/www/localhost/htdocs - - insinto /etc/${PN} - doins "${FILESDIR}"/${PN}.conf - - newinitd "${FILESDIR}"/${PN}.initd ${PN} - systemd_dounit "${FILESDIR}"/${PN}.service - - insinto /etc/logrotate.d - newins "${FILESDIR}"/${PN}.logrotate ${PN} - - keepdir /var/log/${PN} - fowners ${PN}:${PN} /var/log/${PN} - fperms 0750 /var/log/${PN} -} - -pkg_postinst() { - if [[ ! -f "${EROOT}"/etc/ssl/${PN}/server.key ]]; then - install_cert /etc/ssl/${PN}/server - chown ${PN}:${PN} "${EROOT}"/etc/ssl/${PN}/server.* - fi -} diff --git a/www-servers/lighttpd/Manifest b/www-servers/lighttpd/Manifest index 8affd52cd1a2..dbee5ca1c909 100644 --- a/www-servers/lighttpd/Manifest +++ b/www-servers/lighttpd/Manifest @@ -17,6 +17,6 @@ DIST lighttpd-1.4.76.tar.xz.asc 833 BLAKE2B b46b3543e694c132d6e49ee239ef2d71718b DIST lighttpd-1.4.77.tar.xz 857872 BLAKE2B 52775633d494d502b76ec200efefadb99996d32e5127ac858d11712f683ffd8233855c8dcd30b3e5f285389ba2fbfbddc1090752d38e4ec0c0f267fc7d4afe80 SHA512 696fd4fd8486a6c3fd1131c7e8a935a02b5384882b74ddc19bf79d085e2a0abed9184a30f97e3a7aafb816d3589e110e8d70115daa15cdc52cf61aa4129e3565 DIST lighttpd-1.4.77.tar.xz.asc 833 BLAKE2B 5d3bdccd5788fce50d908eb028760290bd8033d27c0f15f414d2c5fe7d07b31ecd05aa2028d3a6b37ebdaaf2aafebb37c685834af6c502b80de185740c52de3a SHA512 5068f871244929054cc63c0381ec99f43cea573bd1d303ce3ad8a46df09e4358a96679fcb0a689d49ee2ab0228f11a95270b4e8418b7d69b7cddce425f1b14b1 EBUILD lighttpd-1.4.76-r3.ebuild 5634 BLAKE2B 7622bc4110c0cfeeb2420f161408cb312079a57d3659387d74e98da576630927422b93541700c01108854e81c4d568ec8edeba2730581e8df58654aa30afe5a5 SHA512 04bcc37758a37f8cde2fb9d34519f09576972b114466e003f919ff245182b5b48342c6b2b9b7c771476627699a822111303acd67bf69c2929152dfef1cd0be9e -EBUILD lighttpd-1.4.77.ebuild 5596 BLAKE2B 2886161ea52ea6c45e3e8ab3600e4015ff844d3401946797f4c3bbd4796eaeeb023a04f5afd71cb12241226b628d56a5f8a87b8e4cfc77ed2c8e693d98fecbb6 SHA512 7a0432a1336aaddf9f22a6a30c4fbae95f6134547981da8fe4cb35f52e90ddf2b4c7c9891b620bce0ecdd9170e5191868f77eb051d40b14af348d8520c77f021 +EBUILD lighttpd-1.4.77.ebuild 5589 BLAKE2B a32dd6dea0ffc0ceac6abca642f3ff58fa579e4073b62e5795c96db485d1967d3c2facc25c8b49b5075d1c39c1ac3f78bf7cb8aae60c6035ccb4d79dea1e48a6 SHA512 ee3ba16ac1cf01ab30f6f4dbbd81a023d0b58f40fec4ce517e57db7f13f453fd880cba1ab51c1b41c181d53bfda39ec080370d4869519f2d36d306f10013b950 EBUILD lighttpd-9999.ebuild 5596 BLAKE2B 2886161ea52ea6c45e3e8ab3600e4015ff844d3401946797f4c3bbd4796eaeeb023a04f5afd71cb12241226b628d56a5f8a87b8e4cfc77ed2c8e693d98fecbb6 SHA512 7a0432a1336aaddf9f22a6a30c4fbae95f6134547981da8fe4cb35f52e90ddf2b4c7c9891b620bce0ecdd9170e5191868f77eb051d40b14af348d8520c77f021 MISC metadata.xml 1839 BLAKE2B 1d3bb5474c1bf9f16d84013bec3c0b43d2e2c5d44535e80b2a225bc64345155ba812d0ed9826f8f4072b9a9a113ede7ab5de05b0442bd8968fcad0916edba9fb SHA512 bb491fac80fd3e92b38f35fdd75e09ca6574819eba0d9fd8bed7256be603a113a3127d2ca32c42b9dc4e3a3359f55f62d44650768844cae374d7aa81432a7983 diff --git a/www-servers/lighttpd/lighttpd-1.4.77.ebuild b/www-servers/lighttpd/lighttpd-1.4.77.ebuild index 54f788708629..02da35bdfb04 100644 --- a/www-servers/lighttpd/lighttpd-1.4.77.ebuild +++ b/www-servers/lighttpd/lighttpd-1.4.77.ebuild @@ -17,7 +17,7 @@ else https://download.lighttpd.net/lighttpd/releases-1.4.x/${P}.tar.xz verify-sig? ( https://download.lighttpd.net/lighttpd/releases-$(ver_cut 1-2).x/${P}.tar.xz.asc ) " - KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" + KEYWORDS="~alpha amd64 arm arm64 ~hppa ~loong ~mips ppc ppc64 ~riscv ~s390 sparc x86" fi LICENSE="BSD GPL-2" |