New 1.4.13 version, pmasked for testing.

Package-Manager: portage-2.1.2_rc4-r6

3 files changed, 55 insertions, 0 deletions

diff --git a/www-servers/lighttpd/files/1.4.13/01_lighttpd-1.4.13-99cpu-fix.diff b/www-servers/lighttpd/files/1.4.13/01_lighttpd-1.4.13-99cpu-fix.diff
new file mode 100644
index 000000000000..56f4243218e0
--- /dev/null
+++ b/www-servers/lighttpd/files/1.4.13/01_lighttpd-1.4.13-99cpu-fix.diff
@@ -0,0 +1,11 @@
+--- src/connections.c.orig	2007-01-05 10:56:08.000000000 -0800
++++ src/connections.c	2007-01-05 10:56:23.000000000 -0800
+@@ -970,7 +970,7 @@
+ 								}
+ 							} else {
+ 								/* a splited \r \n */
+-								return -1;
++								break;
+ 							}
+ 						}
+ 					}
diff --git a/www-servers/lighttpd/files/1.4.13/02_lighttpd-1.4.13-fcgi-auth-type.diff b/www-servers/lighttpd/files/1.4.13/02_lighttpd-1.4.13-fcgi-auth-type.diff
new file mode 100644
index 000000000000..aa051c7e1b36
--- /dev/null
+++ b/www-servers/lighttpd/files/1.4.13/02_lighttpd-1.4.13-fcgi-auth-type.diff
@@ -0,0 +1,41 @@
+--- lighttpd-1.4.13/src/mod_fastcgi.c	2006-10-05 03:22:32.000000000 -0700
++++ lighttpd-1.4.13.patch/src/mod_fastcgi.c	2006-10-18 00:57:19.000000000 -0700
+@@ -1875,8 +1875,36 @@
+ 	fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REMOTE_ADDR"), s, strlen(s));
+ 
+ 	if (!buffer_is_empty(con->authed_user)) {
+-		fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REMOTE_USER"),
+-			     CONST_BUF_LEN(con->authed_user));
++		fcgi_env_add(p->fcgi_env, CONST_STR_LEN("REMOTE_USER"), CONST_BUF_LEN(con->authed_user));
++	
++		/* AUTH_TYPE fix by Troy Kruthoff (tkruthoff@gmail.com)
++		 * section 4.1.1 of RFC 3875 (cgi spec) requires the server to set a AUTH_TYPE env
++		 * declaring the type of authentication used.	 (see http://tools.ietf.org/html/rfc3875#page-11)
++		 *
++		 * I copied this code from mod_auth.c where it extracts auth info from the "Authorization" 
++		 * header to authenticate the user before allowing the request to proceed.  I'm guessing it makes
++		 * sense to re-parse the header here, as mod_auth is unaware if the request is headed for cgi/fcgi.
++		 * Someone more familiar with the lighty internals should be able to quickly determine if we are 
++		 * better storing AUTH_TYPE on the initial parse in mod_auth.
++		 */
++		char *http_authorization = NULL;
++		data_string *ds;
++	  	
++		if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Authorization"))) {
++			http_authorization = ds->value->ptr;
++		}
++	
++		if (ds && ds->value && ds->value->used) {
++			char *auth_realm;
++		  if (NULL != (auth_realm = strchr(http_authorization, ' '))) {
++				int auth_type_len = auth_realm - http_authorization;
++				if ((auth_type_len == 5) && (0 == strncmp(http_authorization, "Basic", auth_type_len))) {
++					  fcgi_env_add(p->fcgi_env, CONST_STR_LEN("AUTH_TYPE"), CONST_STR_LEN("Basic"));
++				} else if ((auth_type_len == 6) && (0 == strncmp(http_authorization, "Digest", auth_type_len))) {
++					  fcgi_env_add(p->fcgi_env, CONST_STR_LEN("AUTH_TYPE"), CONST_STR_LEN("Digest"));
++				}
++			}
++		}
+ 	}
+ 
+ 	if (con->request.content_length > 0 && host->mode != FCGI_AUTHORIZER) {
diff --git a/www-servers/lighttpd/files/digest-lighttpd-1.4.13 b/www-servers/lighttpd/files/digest-lighttpd-1.4.13
new file mode 100644
index 000000000000..7a885e91935a
--- /dev/null
+++ b/www-servers/lighttpd/files/digest-lighttpd-1.4.13
@@ -0,0 +1,3 @@
+MD5 d775d6478391b95d841a1018c8db0b95 lighttpd-1.4.13.tar.gz 797813
+RMD160 4e67e42dc3692d50c044561cc903de7b906f260c lighttpd-1.4.13.tar.gz 797813
+SHA256 62d5997fdb41afa9400adcdb040d04a1f5fa950045df96e3e3f593e8f0de5739 lighttpd-1.4.13.tar.gz 797813