summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGuido Falsi <madpilot@FreeBSD.org>2016-07-21 23:37:03 +0000
committerGuido Falsi <madpilot@FreeBSD.org>2016-07-21 23:37:03 +0000
commit06ce5f1e06baeea476a4af498e2b967257f92dbd (patch)
tree3c00a96c69f3f7cba549c88ca28d08dfc78a9c2a
parent- Unsilence INSTALL_* commands (diff)
- Update to 1.4.40
- Convert to USES=localbase - Update MAINTAINER address - Remove NODELAY option, it has been integrated upstream - Modernize Makefile PR: 211163 Submitted by: Piotr Kubaj <pkubaj at anongoth.pl> (maintainer)
Diffstat
-rw-r--r--www/lighttpd/Makefile61
-rw-r--r--www/lighttpd/distinfo9
-rw-r--r--www/lighttpd/files/extra-patch-mysqlauth458
-rw-r--r--www/lighttpd/files/extra-patch-nodelay15
-rw-r--r--www/lighttpd/files/extra-patch-src_Makefile.am11
-rw-r--r--www/lighttpd/files/extra-patch-src_Makefile.in11
-rw-r--r--www/lighttpd/files/extra-patch-src_http__auth.c193
-rw-r--r--www/lighttpd/files/extra-patch-src_http__auth.h43
-rw-r--r--www/lighttpd/files/extra-patch-src_mod__auth.c200
-rw-r--r--www/lighttpd/files/patch-configure.ac22
-rw-r--r--www/lighttpd/files/patch-src-fdevent.h11
-rw-r--r--www/lighttpd/files/patch-src_mod__cml__lua.c25
-rw-r--r--www/lighttpd/files/patch-src_mod__magnet.c13
-rw-r--r--www/lighttpd/files/patch-src_network.c23
14 files changed, 487 insertions, 608 deletions
diff --git a/www/lighttpd/Makefile b/www/lighttpd/Makefile
index d0662bc0e2a4..0cea78f4d345 100644
--- a/www/lighttpd/Makefile
+++ b/www/lighttpd/Makefile
@@ -2,12 +2,11 @@
# $FreeBSD$
PORTNAME?= lighttpd
-PORTVERSION= 1.4.39
-PORTREVISION= 1
+PORTVERSION= 1.4.40
CATEGORIES?= www
MASTER_SITES?= http://download.lighttpd.net/lighttpd/releases-1.4.x/
-MAINTAINER= pkubaj@riseup.net
+MAINTAINER= pkubaj@anongoth.pl
COMMENT?= Secure, fast, compliant, and flexible Web Server
.if !defined(_BUILDING_LIGHTTPD_MODULE)
@@ -18,7 +17,7 @@ LICENSE_FILE= ${WRKSRC}/COPYING
LIB_DEPENDS+= libpcre.so:devel/pcre
GNU_CONFIGURE= yes
-USES= autoreconf gmake libtool pkgconfig tar:xz
+USES= autoreconf gmake libtool localbase pkgconfig tar:xz
.if !defined(_BUILDING_LIGHTTPD_MODULE)
USES+= cpe
@@ -27,14 +26,11 @@ USES+= cpe
CONFIGURE_ARGS+= --libdir=${PREFIX}/lib/lighttpd
INSTALL_TARGET= install-strip
-CPPFLAGS+= -I${LOCALBASE}/include
-LDFLAGS+= -L${LOCALBASE}/lib
-
.if !defined(_BUILDING_LIGHTTPD_MODULE)
USE_RC_SUBR= lighttpd
-OPTIONS_DEFINE= ATTR BZIP2 DOCS FAM GDBM IPV6 LIBEV LUA MEMCACHE MYSQL MYSQLAUTH \
- NODELAY LDAP OPENSSL SPAWNFCGI VALGRIND WEBDAV
+OPTIONS_DEFINE= ATTR BZIP2 DOCS FAM GDBM IPV6 LIBEV LUA MEMCACHED MYSQL MYSQLAUTH \
+ LDAP OPENSSL SPAWNFCGI VALGRIND WEBDAV
OPTIONS_DEFAULT= OPENSSL
@@ -44,10 +40,9 @@ GDBM_DESC= gdbm storage (mod_trigger_b4_dl)
LDAP_DESC= LDAP authentication
LIBEV_DESC= Fast events support via libev (disables kqueue)
LUA_DESC= lua support (mod_cml, mod_magnet)
-MEMCACHE_DESC= memcached storage (mod_trigger_b4_dl)
+MEMCACHED_DESC= memcached storage (mod_trigger_b4_dl)
MYSQL_DESC= MySQL support (mod_mysql_vhost)
-MYSQLAUTH_DESC= MySQL authentication (requires WITH_MYSQL)
-NODELAY_DESC= Set TCP_NODELAY on listening sockets
+MYSQLAUTH_DESC= MySQL authentication
SPAWNFCGI_DESC= Depend on spawn-fcgi utility
VALGRIND_DESC= valgrind support
WEBDAV_DESC= WebDAV support
@@ -62,12 +57,15 @@ GDBM_CONFIGURE_WITH= gdbm
IPV6_CONFIGURE_OFF= --disable-ipv6
LIBEV_CONFIGURE_WITH= libev=${LOCALBASE}
LIBEV_LIB_DEPENDS= libev.so:devel/libev
-LUA_USES= lua:51+
+LUA_USES= lua
LUA_CONFIGURE_WITH= lua
LUA_CONFIGURE_ENV= LUA_CFLAGS="-I${LUA_INCDIR}" LUA_LIBS="-L${LUA_LIBDIR} -llua-${LUA_VER}"
-MEMCACHE_LIB_DEPENDS= libmemcache.so:databases/libmemcache
-MEMCACHE_CONFIGURE_WITH=memcache
+MEMCACHED_LIB_DEPENDS= libmemcached.so:databases/libmemcached
+MEMCACHED_CONFIGURE_WITH=memcached
MYSQLAUTH_IMPLIES= MYSQL
+OPENSSL_USES= ssl
+OPENSSL_CONFIGURE_WITH= openssl
+OPENSSL_CONFIGURE_ON= --with-openssl-includes=${OPENSSLINC} --with-openssl-libs=${OPENSSLLIB}
SPAWNFCGI_RUN_DEPENDS= spawn-fcgi:www/spawn-fcgi
VALGRIND_BUILD_DEPENDS= valgrind:devel/valgrind
VALGRIND_RUN_DEPENDS= valgrind:devel/valgrind
@@ -108,32 +106,21 @@ DOCS= AUTHORS COPYING INSTALL NEWS README
PORTDOCS= ${DOCS}
.endif
-.if ${PORT_OPTIONS:MOPENSSL}
-USE_OPENSSL= yes
-CONFIGURE_ARGS+= --with-openssl \
- --with-openssl-includes=${OPENSSLINC} \
- --with-openssl-libs=${OPENSSLLIB}
-.endif
-
.if ${PORT_OPTIONS:MMYSQL}
-USE_MYSQL= yes
+USES+= mysql
CONFIGURE_ARGS+= --with-mysql
_REQUIRE+= mysql
.endif
-.if ${PORT_OPTIONS:MMYSQLAUTH} && empty(PORT_OPTIONS:MMYSQL)
-IGNORE= option WITH_MYSQLAUTH requires WITH_MYSQL
-.endif
-
.if ${PORT_OPTIONS:MMYSQLAUTH}
-EXTRA_PATCHES+= ${FILESDIR}/extra-patch-mysqlauth
+EXTRA_PATCHES+= ${FILESDIR}/extra-patch-src_Makefile.am \
+ ${FILESDIR}/extra-patch-src_Makefile.in \
+ ${FILESDIR}/extra-patch-src_http__auth.c \
+ ${FILESDIR}/extra-patch-src_http__auth.h \
+ ${FILESDIR}/extra-patch-src_mod__auth.c
PORTDOCS+= README.mysqlauth mysql_auth.sql
.endif
-.if ${PORT_OPTIONS:MNODELAY}
-EXTRA_PATCHES+= ${FILESDIR}/extra-patch-nodelay
-.endif
-
.if ${PORT_OPTIONS:MLDAP}
USE_OPENLDAP= yes
CONFIGURE_ARGS+= --with-ldap
@@ -186,19 +173,19 @@ post-install:
.endfor
${INSTALL_DATA} ${WRKSRC}/doc/config/vhosts.d/vhosts.template \
${STAGEDIR}${PREFIX}/etc/lighttpd/vhosts.d/vhosts.template
+ @${MKDIR} -m 0700 ${STAGEDIR}${LIGHTTPD_LOGROOT}
-.if ${PORT_OPTIONS:MDOCS}
+post-install-DOCS-on:
@${MKDIR} ${STAGEDIR}${DOCSDIR}
. for FILE in ${DOCS}
${INSTALL_DATA} ${WRKSRC}/${FILE} ${STAGEDIR}${DOCSDIR}/${FILE}
. endfor
-.endif
-.if ${PORT_OPTIONS:MMYSQLAUTH}
+
+post-install-MYSQLAUTH-on:
+ @${MKDIR} ${STAGEDIR}${DOCSDIR}
. for FILE in README.mysqlauth mysql_auth.sql
${INSTALL_DATA} ${FILESDIR}/${FILE} ${STAGEDIR}${DOCSDIR}/${FILE}
. endfor
-.endif
- @${MKDIR} -m 0700 ${STAGEDIR}${LIGHTTPD_LOGROOT}
test: build
@cd ${WRKSRC}/tests && ${SETENV} ${MAKE_ENV} ${MAKE} \
diff --git a/www/lighttpd/distinfo b/www/lighttpd/distinfo
index 0764e83e3274..81a16c5aa90f 100644
--- a/www/lighttpd/distinfo
+++ b/www/lighttpd/distinfo
@@ -1,6 +1,7 @@
-SHA256 (lighttpd-1.4.39.tar.xz) = 7eb9a1853c3d6dd5851682b0733a729ba4158d6bdff80974d5ef5f1f6887365b
-SIZE (lighttpd-1.4.39.tar.xz) = 579180
+TIMESTAMP = 1468715038
+SHA256 (lighttpd-1.4.40.tar.xz) = 80450dfcf7604d6c516a00a0ce750937074ef844bbdee3b3f23384187b9d4f8d
+SIZE (lighttpd-1.4.40.tar.xz) = 621448
+SHA256 (lighttpd-1.4.26_mod_h264_streaming-2.2.9.patch) = 4e6768af32ce16033fcb0c70b12c55b40082ca105a36f258b0bbf30d64e9dad3
+SIZE (lighttpd-1.4.26_mod_h264_streaming-2.2.9.patch) = 242458
SHA256 (lighttpd-1.4.26_mod_geoip.patch) = 2858036310b778852d9f039a81629902edffc368658e13bf4779f3642ee1a5ba
SIZE (lighttpd-1.4.26_mod_geoip.patch) = 15173
-SHA256 (lighttpd-1.4.26_mod_h264_streaming-2.2.9.patch) = bc0e1b97289a89b827ea84e64b614933cc14d67c64d6b727e4928aeec516489c
-SIZE (lighttpd-1.4.26_mod_h264_streaming-2.2.9.patch) = 242421
diff --git a/www/lighttpd/files/extra-patch-mysqlauth b/www/lighttpd/files/extra-patch-mysqlauth
deleted file mode 100644
index a6bd49ae679b..000000000000
--- a/www/lighttpd/files/extra-patch-mysqlauth
+++ /dev/null
@@ -1,458 +0,0 @@
-diff -Naur new/lighttpd-1.4.23/src/http_auth.c old/lighttpd-1.4.23/src/http_auth.c
---- src/http_auth.c 2009-06-11 14:05:06.000000000 +0400
-+++ src/http_auth.c 2009-10-08 10:10:15.000000000 +0400
-@@ -24,6 +24,7 @@
- #include <errno.h>
- #include <unistd.h>
- #include <ctype.h>
-+#include <mysql/mysql.h>
-
- #include "server.h"
- #include "log.h"
-@@ -291,6 +292,117 @@
- stream_close(&f);
- } else if (p->conf.auth_backend == AUTH_BACKEND_LDAP) {
- ret = 0;
-+ } else if (p->conf.auth_backend == AUTH_BACKEND_MYSQL) {
-+ MYSQL_RES *result;
-+ MYSQL_ROW row;
-+ int port = atoi(p->conf.auth_mysql_port->ptr);
-+ char q[255];
-+
-+ if (p->conf.auth_mysql_socket->ptr != NULL)
-+ if (0 == strcmp(p->conf.auth_mysql_socket->ptr, "")) p->conf.auth_mysql_socket->ptr = NULL;
-+
-+ p->conf.mysql_conn = mysql_init(NULL);
-+
-+ if (mysql_real_connect(p->conf.mysql_conn, p->conf.auth_mysql_host->ptr, p->conf.auth_mysql_user->ptr, p->conf.auth_mysql_pass->ptr, p->conf.auth_mysql_db->ptr, port, p->conf.auth_mysql_socket->ptr, 0))
-+ {
-+//#define MY_HOSTING
-+
-+#ifdef MY_HOSTING
-+ char my_full_realm[255];
-+ char *my_realm = NULL;
-+ char *my_domain = NULL;
-+
-+ char *uname;
-+ size_t unamelen;
-+
-+ unamelen = strlen(username->ptr);
-+ uname = malloc(unamelen*2+1);
-+
-+ mysql_real_escape_string(p->conf.mysql_conn,
-+ uname, username->ptr,
-+ (unsigned long)unamelen);
-+
-+ strcpy(my_full_realm, realm->ptr);
-+ my_realm = strtok(my_full_realm, "@");
-+
-+ if (my_realm != NULL)
-+ my_domain = strtok(NULL, "@");
-+
-+ sprintf(q, "SELECT %s FROM %s, %s WHERE %s='%s' AND %s='%s' AND %s='%s' AND %s=%s",
-+ p->conf.auth_mysql_col_pass->ptr,
-+
-+ p->conf.auth_mysql_users_table->ptr,
-+ p->conf.auth_mysql_domains_table->ptr,
-+
-+ p->conf.auth_mysql_col_user->ptr,
-+ uname,
-+
-+ p->conf.auth_mysql_col_realm->ptr,
-+ my_realm,
-+
-+ p->conf.auth_mysql_col_domain->ptr,
-+ my_domain,
-+
-+ p->conf.auth_mysql_domains_table_col_domain_id->ptr,
-+ p->conf.auth_mysql_users_table_col_domain_id->ptr
-+ );
-+
-+ free(uname);
-+#else
-+ // sanitize username & realm by taguchi@ff.iij4u.or.jp
-+ char *uname, *urealm;
-+ size_t unamelen, urealmlen;
-+
-+ unamelen = strlen(username->ptr);
-+ urealmlen = strlen(realm->ptr);
-+ uname = malloc(unamelen*2+1);
-+ urealm = malloc(urealmlen*2+1);
-+
-+ mysql_real_escape_string(p->conf.mysql_conn,
-+ uname, username->ptr,
-+ (unsigned long)unamelen);
-+
-+ mysql_real_escape_string(p->conf.mysql_conn,
-+ urealm, realm->ptr,
-+ (unsigned long)unamelen);
-+
-+ mysql_real_escape_string(p->conf.mysql_conn,
-+ urealm, realm->ptr,
-+ (unsigned long)urealmlen);
-+
-+ sprintf(q, "SELECT %s FROM %s WHERE %s='%s' AND %s='%s'",
-+ p->conf.auth_mysql_col_pass->ptr,
-+ p->conf.auth_mysql_users_table->ptr,
-+ p->conf.auth_mysql_col_user->ptr,
-+ uname,
-+ p->conf.auth_mysql_col_realm->ptr,
-+ urealm
-+ );
-+
-+ free(uname);
-+ free(urealm);
-+#endif
-+
-+ mysql_query(p->conf.mysql_conn, q);
-+ result = mysql_store_result(p->conf.mysql_conn);
-+ if (mysql_num_rows(result) == 1)
-+ {
-+ /* found */
-+ row = mysql_fetch_row(result);
-+ buffer_copy_string_len(password, row[0], strlen(row[0]));
-+
-+ ret = 0;
-+ } else
-+ {
-+ /* not found */
-+ ret = -1;
-+ }
-+
-+ mysql_free_result(result);
-+ mysql_close(p->conf.mysql_conn);
-+
-+ p->conf.mysql_conn = NULL;
-+ }
- } else {
- return -1;
- }
-@@ -831,6 +943,60 @@
-
- return 0;
- #endif
-+ } else if (p->conf.auth_backend == AUTH_BACKEND_MYSQL) {
-+ /*
-+ we check for md5 crypt() now
-+ request by Nicola Tiling <nti@w4w.net>
-+ */
-+ if (password->ptr[0] == '$' && password->ptr[2] == '$')
-+ {
-+ char salt[32];
-+ char *crypted;
-+ size_t salt_len = 0;
-+ char *dollar = NULL;
-+
-+ if (NULL == (dollar = strchr(password->ptr + 3, '$'))) {
-+ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__);
-+ return -1;
-+ }
-+
-+ salt_len = dollar - password->ptr;
-+
-+ if (salt_len > sizeof(salt) - 1)
-+ {
-+ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__);
-+ return -1;
-+ }
-+
-+ strncpy(salt, password->ptr, salt_len);
-+
-+ salt[salt_len] = '\0';
-+
-+ crypted = crypt(pw, salt);
-+
-+ if (0 == strcmp(password->ptr, crypted))
-+ {
-+ return 0;
-+ } else {
-+ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__);
-+ }
-+ } else
-+ /* plain md5 check now */
-+ {
-+ li_MD5_CTX Md5Ctx;
-+ HASH HA1;
-+ char a1[256];
-+
-+ li_MD5_Init(&Md5Ctx);
-+ li_MD5_Update(&Md5Ctx, (unsigned char *)pw, strlen(pw));
-+ li_MD5_Final(HA1, &Md5Ctx);
-+
-+ CvtHex(HA1, a1);
-+
-+ if (0 == strcmp(password->ptr, a1)) {
-+ return 0;
-+ }
-+ }
- }
- return -1;
- }
-diff -Naur new/lighttpd-1.4.23/src/http_auth.h old/lighttpd-1.4.23/src/http_auth.h
---- src/http_auth.h 2009-03-31 02:16:59.000000000 +0400
-+++ src/http_auth.h 2009-10-08 10:13:56.000000000 +0400
-@@ -8,13 +8,15 @@
- # define USE_LDAP
- # include <ldap.h>
- #endif
-+#include <mysql/mysql.h>
-
- typedef enum {
- AUTH_BACKEND_UNSET,
- AUTH_BACKEND_PLAIN,
- AUTH_BACKEND_LDAP,
- AUTH_BACKEND_HTPASSWD,
-- AUTH_BACKEND_HTDIGEST
-+ AUTH_BACKEND_HTDIGEST,
-+ AUTH_BACKEND_MYSQL
- } auth_backend_t;
-
- typedef struct {
-@@ -49,6 +51,22 @@
- buffer *ldap_filter_pre;
- buffer *ldap_filter_post;
- #endif
-+
-+ MYSQL *mysql_conn;
-+ buffer *auth_mysql_host;
-+ buffer *auth_mysql_user;
-+ buffer *auth_mysql_pass;
-+ buffer *auth_mysql_db;
-+ buffer *auth_mysql_port;
-+ buffer *auth_mysql_socket;
-+ buffer *auth_mysql_users_table;
-+ buffer *auth_mysql_col_user;
-+ buffer *auth_mysql_col_pass;
-+ buffer *auth_mysql_col_realm;
-+ buffer *auth_mysql_domains_table;
-+ buffer *auth_mysql_col_domain;
-+ buffer *auth_mysql_domains_table_col_domain_id;
-+ buffer *auth_mysql_users_table_col_domain_id;
- } mod_auth_plugin_config;
-
- typedef struct {
-diff -Naur new/lighttpd-1.4.23/src/Makefile.am old/lighttpd-1.4.23/src/Makefile.am
---- src/Makefile.am.orig 2013-12-03 17:17:52.000000000 +0100
-+++ src/Makefile.am 2014-01-21 20:48:24.645439249 +0100
-@@ -243,7 +243,7 @@
- lib_LTLIBRARIES += mod_auth.la
- mod_auth_la_SOURCES = mod_auth.c http_auth.c
- mod_auth_la_LDFLAGS = -module -export-dynamic -avoid-version
--mod_auth_la_LIBADD = $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd)
-+mod_auth_la_LIBADD = $(MYSQL_LIBS) $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd)
-
- lib_LTLIBRARIES += mod_rewrite.la
- mod_rewrite_la_SOURCES = mod_rewrite.c
-diff -Naur lighttpd-1.4.23/src/Makefile.in old/lighttpd-1.4.23/src/Makefile.in
---- src/Makefile.in.orig 2014-01-20 13:09:11.000000000 +0100
-+++ src/Makefile.in 2014-01-21 20:48:37.115438375 +0100
-@@ -852,7 +852,7 @@
- mod_compress_la_LIBADD = $(Z_LIB) $(BZ_LIB) $(common_libadd)
- mod_auth_la_SOURCES = mod_auth.c http_auth.c
- mod_auth_la_LDFLAGS = -module -export-dynamic -avoid-version
--mod_auth_la_LIBADD = $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd)
-+mod_auth_la_LIBADD = $(MYSQL_LIBS) $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd)
- mod_rewrite_la_SOURCES = mod_rewrite.c
- mod_rewrite_la_LDFLAGS = -module -export-dynamic -avoid-version
- mod_rewrite_la_LIBADD = $(PCRE_LIB) $(common_libadd)
-diff -Naur new/lighttpd-1.4.23/src/mod_auth.c old/lighttpd-1.4.23/src/mod_auth.c
---- src/mod_auth.c 2009-04-11 16:08:19.000000000 +0400
-+++ src/mod_auth.c 2009-10-08 10:24:13.000000000 +0400
-@@ -6,6 +6,7 @@
- #include <errno.h>
- #include <fcntl.h>
- #include <unistd.h>
-+#include <mysql/mysql.h>
-
- #include "plugin.h"
- #include "http_auth.h"
-@@ -83,6 +84,20 @@
- if (s->ldap) ldap_unbind_s(s->ldap);
- #endif
-
-+ buffer_free(s->auth_mysql_host);
-+ buffer_free(s->auth_mysql_user);
-+ buffer_free(s->auth_mysql_pass);
-+ buffer_free(s->auth_mysql_db);
-+ buffer_free(s->auth_mysql_socket);
-+ buffer_free(s->auth_mysql_users_table);
-+ buffer_free(s->auth_mysql_col_user);
-+ buffer_free(s->auth_mysql_col_pass);
-+ buffer_free(s->auth_mysql_col_realm);
-+ buffer_free(s->auth_mysql_domains_table);
-+ buffer_free(s->auth_mysql_col_domain);
-+ buffer_free(s->auth_mysql_domains_table_col_domain_id);
-+ buffer_free(s->auth_mysql_users_table_col_domain_id);
-+
- free(s);
- }
- free(p->config_storage);
-@@ -120,6 +135,21 @@
- PATCH(ldap_filter_post);
- #endif
-
-+ PATCH(auth_mysql_host);
-+ PATCH(auth_mysql_user);
-+ PATCH(auth_mysql_pass);
-+ PATCH(auth_mysql_db);
-+ PATCH(auth_mysql_port);
-+ PATCH(auth_mysql_socket);
-+ PATCH(auth_mysql_users_table);
-+ PATCH(auth_mysql_col_user);
-+ PATCH(auth_mysql_col_pass);
-+ PATCH(auth_mysql_col_realm);
-+ PATCH(auth_mysql_domains_table);
-+ PATCH(auth_mysql_col_domain);
-+ PATCH(auth_mysql_domains_table_col_domain_id);
-+ PATCH(auth_mysql_users_table_col_domain_id);
-+
- /* skip the first, the global context */
- for (i = 1; i < srv->config_context->used; i++) {
- data_config *dc = (data_config *)srv->config_context->data[i];
-@@ -169,6 +199,34 @@
- PATCH(auth_ldap_bindpw);
- } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.ldap.allow-empty-pw"))) {
- PATCH(auth_ldap_allow_empty_pw);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.host"))) {
-+ PATCH(auth_mysql_host);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.user"))) {
-+ PATCH(auth_mysql_user);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.pass"))) {
-+ PATCH(auth_mysql_pass);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.db"))) {
-+ PATCH(auth_mysql_db);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.port"))) {
-+ PATCH(auth_mysql_port);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.socket"))) {
-+ PATCH(auth_mysql_user);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.users_table"))) {
-+ PATCH(auth_mysql_users_table);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_user"))) {
-+ PATCH(auth_mysql_col_user);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_pass"))) {
-+ PATCH(auth_mysql_col_pass);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_realm"))) {
-+ PATCH(auth_mysql_col_realm);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.domains_table"))) {
-+ PATCH(auth_mysql_domains_table);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_domain"))) {
-+ PATCH(auth_mysql_col_domain);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.domains_table_col_domain_id"))) {
-+ PATCH(auth_mysql_domains_table_col_domain_id);
-+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.users_table_col_domain_id"))) {
-+ PATCH(auth_mysql_users_table_col_domain_id);
- }
- }
- }
-@@ -323,10 +381,24 @@
- { "auth.backend.ldap.starttls", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 8 */
- { "auth.backend.ldap.bind-dn", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 9 */
- { "auth.backend.ldap.bind-pw", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 10 */
-- { "auth.backend.ldap.allow-empty-pw", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 11 */
-+ { "auth.backend.ldap.allow-empty-pw", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION },
- { "auth.backend.htdigest.userfile", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 12 */
- { "auth.backend.htpasswd.userfile", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 13 */
- { "auth.debug", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 14 */
-+ { "auth.backend.mysql.host", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
-+ { "auth.backend.mysql.user", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
-+ { "auth.backend.mysql.pass", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
-+ { "auth.backend.mysql.db", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
-+ { "auth.backend.mysql.port", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
-+ { "auth.backend.mysql.socket", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
-+ { "auth.backend.mysql.users_table", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
-+ { "auth.backend.mysql.col_user", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
-+ { "auth.backend.mysql.col_pass", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
-+ { "auth.backend.mysql.col_realm", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 23 */
-+ { "auth.backend.mysql.domains_table", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
-+ { "auth.backend.mysql.col_domain", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
-+ { "auth.backend.mysql.domains_table_col_domain_id", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
-+ { "auth.backend.mysql.users_table_col_domain_id", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 27 */
- { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
- };
-
-@@ -355,6 +427,22 @@
- s->auth_debug = 0;
-
- s->auth_require = array_init();
-+ s->mysql_conn = NULL;
-+ s->auth_mysql_host = buffer_init();
-+ s->auth_mysql_user = buffer_init();
-+ s->auth_mysql_pass = buffer_init();
-+ s->auth_mysql_db = buffer_init();
-+ s->auth_mysql_port = buffer_init();
-+ s->auth_mysql_socket = buffer_init();
-+ s->auth_mysql_users_table = buffer_init();
-+ s->auth_mysql_col_user = buffer_init();
-+ s->auth_mysql_col_pass = buffer_init();
-+ s->auth_mysql_col_realm = buffer_init();
-+ s->auth_mysql_domains_table = buffer_init();
-+ s->auth_mysql_col_domain = buffer_init();
-+ s->auth_mysql_domains_table_col_domain_id = buffer_init();
-+ s->auth_mysql_users_table_col_domain_id = buffer_init();
-+
-
- #ifdef USE_LDAP
- s->ldap_filter_pre = buffer_init();
-@@ -377,7 +465,20 @@
- cv[12].destination = s->auth_htdigest_userfile;
- cv[13].destination = s->auth_htpasswd_userfile;
- cv[14].destination = &(s->auth_debug);
--
-+ cv[15].destination = s->auth_mysql_host;
-+ cv[16].destination = s->auth_mysql_user;
-+ cv[17].destination = s->auth_mysql_pass;
-+ cv[18].destination = s->auth_mysql_db;
-+ cv[19].destination = s->auth_mysql_port;
-+ cv[20].destination = s->auth_mysql_socket;
-+ cv[21].destination = s->auth_mysql_users_table;
-+ cv[22].destination = s->auth_mysql_col_user;
-+ cv[23].destination = s->auth_mysql_col_pass;
-+ cv[24].destination = s->auth_mysql_col_realm;
-+ cv[25].destination = s->auth_mysql_domains_table;
-+ cv[26].destination = s->auth_mysql_col_domain;
-+ cv[27].destination = s->auth_mysql_domains_table_col_domain_id;
-+ cv[28].destination = s->auth_mysql_users_table_col_domain_id;
- p->config_storage[i] = s;
- ca = ((data_config *)srv->config_context->data[i])->value;
-
-@@ -394,6 +495,8 @@
- s->auth_backend = AUTH_BACKEND_PLAIN;
- } else if (0 == strcmp(s->auth_backend_conf->ptr, "ldap")) {
- s->auth_backend = AUTH_BACKEND_LDAP;
-+ } else if (0 == strcmp(s->auth_backend_conf->ptr, "mysql")) {
-+ s->auth_backend = AUTH_BACKEND_MYSQL;
- } else {
- log_error_write(srv, __FILE__, __LINE__, "sb", "auth.backend not supported:", s->auth_backend_conf);
-
-@@ -534,6 +637,31 @@
- return (ret);
- break;
- }
-+ case AUTH_BACKEND_MYSQL: {
-+ int port = atoi(s->auth_mysql_port->ptr);
-+
-+ /* ignore if auth_mysql_socket is invalid */
-+ if (p->conf.auth_mysql_socket == NULL)
-+ return HANDLER_GO_ON;
-+ if (p->conf.auth_mysql_socket->ptr != NULL)
-+ if (0 == strcmp(s->auth_mysql_socket->ptr, "")) s->auth_mysql_socket->ptr = NULL;
-+
-+ s->mysql_conn = mysql_init(NULL);
-+ if (!mysql_real_connect(s->mysql_conn, s->auth_mysql_host->ptr, s->auth_mysql_user->ptr, s->auth_mysql_pass->ptr, s->auth_mysql_db->ptr, port, NULL, 0))
-+ {
-+ log_error_write(srv, __FILE__, __LINE__, "sbsbsbsbss",
-+ "opening connection to mysql:", s->auth_mysql_host,
-+ "user:", s->auth_mysql_user,
-+ "pass:", s->auth_mysql_pass,
-+ "db:", s->auth_mysql_db,
-+ "failed:", strerror(errno));
-+
-+ return HANDLER_ERROR;
-+ }
-+ mysql_close(s->mysql_conn);
-+
-+ break;
-+ }
- default:
- break;
- }
diff --git a/www/lighttpd/files/extra-patch-nodelay b/www/lighttpd/files/extra-patch-nodelay
deleted file mode 100644
index 72fe94b97863..000000000000
--- a/www/lighttpd/files/extra-patch-nodelay
+++ /dev/null
@@ -1,15 +0,0 @@
---- src/network.c.orig Tue Jan 26 14:33:01 2010
-+++ src/network.c Tue Jan 26 14:37:39 2010
-@@ -226,6 +226,12 @@
- log_error_write(srv, __FILE__, __LINE__, "ss", "socketsockopt failed:", strerror(errno));
- goto error_free_socket;
- }
-+ if(srv_socket->addr.plain.sa_family == AF_INET || srv_socket->addr.plain.sa_family == AF_INET6 ) {
-+ if (setsockopt(srv_socket->fd, IPPROTO_TCP, TCP_NODELAY, &val, sizeof(val)) < 0) {
-+ log_error_write(srv, __FILE__, __LINE__, "ss", "socketsockopt failed:", strerror(errno));
-+ goto error_free_socket;
-+ }
-+ }
-
- switch(srv_socket->addr.plain.sa_family) {
- #ifdef HAVE_IPV6
diff --git a/www/lighttpd/files/extra-patch-src_Makefile.am b/www/lighttpd/files/extra-patch-src_Makefile.am
new file mode 100644
index 000000000000..e73281add058
--- /dev/null
+++ b/www/lighttpd/files/extra-patch-src_Makefile.am
@@ -0,0 +1,11 @@
+--- src/Makefile.am.orig 2016-07-16 10:06:16 UTC
++++ src/Makefile.am
+@@ -254,7 +254,7 @@ mod_compress_la_LIBADD = $(Z_LIB) $(BZ_L
+ lib_LTLIBRARIES += mod_auth.la
+ mod_auth_la_SOURCES = mod_auth.c http_auth.c
+ mod_auth_la_LDFLAGS = $(common_module_ldflags)
+-mod_auth_la_LIBADD = $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd)
++mod_auth_la_LIBADD = ${MYSQL_LIBS} $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd)
+
+ lib_LTLIBRARIES += mod_rewrite.la
+ mod_rewrite_la_SOURCES = mod_rewrite.c
diff --git a/www/lighttpd/files/extra-patch-src_Makefile.in b/www/lighttpd/files/extra-patch-src_Makefile.in
new file mode 100644
index 000000000000..81aa8f763c7b
--- /dev/null
+++ b/www/lighttpd/files/extra-patch-src_Makefile.in
@@ -0,0 +1,11 @@
+--- src/Makefile.in.orig 2016-07-16 10:10:53 UTC
++++ src/Makefile.in
+@@ -1011,7 +1011,7 @@ mod_compress_la_LDFLAGS = $(common_modul
+ mod_compress_la_LIBADD = $(Z_LIB) $(BZ_LIB) $(common_libadd)
+ mod_auth_la_SOURCES = mod_auth.c http_auth.c
+ mod_auth_la_LDFLAGS = $(common_module_ldflags)
+-mod_auth_la_LIBADD = $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd)
++mod_auth_la_LIBADD = ${MYSQL_LIBS} $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd)
+ mod_rewrite_la_SOURCES = mod_rewrite.c
+ mod_rewrite_la_LDFLAGS = $(common_module_ldflags)
+ mod_rewrite_la_LIBADD = $(PCRE_LIB) $(common_libadd)
diff --git a/www/lighttpd/files/extra-patch-src_http__auth.c b/www/lighttpd/files/extra-patch-src_http__auth.c
new file mode 100644
index 000000000000..d823ade247f9
--- /dev/null
+++ b/www/lighttpd/files/extra-patch-src_http__auth.c
@@ -0,0 +1,193 @@
+--- src/http_auth.c.orig 2016-07-16 10:06:16 UTC
++++ src/http_auth.c
+@@ -30,6 +30,7 @@
+ #include <errno.h>
+ #include <unistd.h>
+ #include <ctype.h>
++#include <mysql/mysql.h>
+
+ #include "md5.h"
+
+@@ -194,9 +195,119 @@ static int http_auth_get_password(server
+ fclose(fp);
+ } else if (p->conf.auth_backend == AUTH_BACKEND_LDAP) {
+ return 0;
+- }
++ } else if (p->conf.auth_backend == AUTH_BACKEND_MYSQL) {
++ MYSQL_RES *result;
++ MYSQL_ROW row;
++ int port = atoi(p->conf.auth_mysql_port->ptr);
++ char q[255];
+
+- return -1;
++ if (p->conf.auth_mysql_socket->ptr != NULL)
++ if (0 == strcmp(p->conf.auth_mysql_socket->ptr, "")) p->conf.auth_mysql_socket->ptr = NULL;
++
++ p->conf.mysql_conn = mysql_init(NULL);
++
++ if (mysql_real_connect(p->conf.mysql_conn, p->conf.auth_mysql_host->ptr, p->conf.auth_mysql_user->ptr, p->conf.auth_mysql_pass->ptr, p->conf.auth_mysql_db->ptr, port, p->conf.auth_mysql_socket->ptr, 0))
++ {
++//#define MY_HOSTING
++
++#ifdef MY_HOSTING
++ char my_full_realm[255];
++ char *my_realm = NULL;
++ char *my_domain = NULL;
++
++ char *uname;
++ size_t unamelen;
++
++ unamelen = strlen(username->ptr);
++ uname = malloc(unamelen*2+1);
++
++ mysql_real_escape_string(p->conf.mysql_conn,
++ uname, username->ptr,
++ (unsigned long)unamelen);
++
++ strcpy(my_full_realm, realm->ptr);
++ my_realm = strtok(my_full_realm, "@");
++
++ if (my_realm != NULL)
++ my_domain = strtok(NULL, "@");
++
++ sprintf(q, "SELECT %s FROM %s, %s WHERE %s='%s' AND %s='%s' AND %s='%s' AND %s=%s",
++ p->conf.auth_mysql_col_pass->ptr,
++
++ p->conf.auth_mysql_users_table->ptr,
++ p->conf.auth_mysql_domains_table->ptr,
++
++ p->conf.auth_mysql_col_user->ptr,
++ uname,
++
++ p->conf.auth_mysql_col_realm->ptr,
++ my_realm,
++
++ p->conf.auth_mysql_col_domain->ptr,
++ my_domain,
++
++ p->conf.auth_mysql_domains_table_col_domain_id->ptr,
++ p->conf.auth_mysql_users_table_col_domain_id->ptr
++ );
++
++ free(uname);
++#else
++ // sanitize username & realm by taguchi@ff.iij4u.or.jp
++ char *uname, *urealm;
++ size_t unamelen, urealmlen;
++
++ unamelen = strlen(username->ptr);
++ urealmlen = strlen(realm->ptr);
++ uname = malloc(unamelen*2+1);
++ urealm = malloc(urealmlen*2+1);
++
++ mysql_real_escape_string(p->conf.mysql_conn,
++ uname, username->ptr,
++ (unsigned long)unamelen);
++
++ mysql_real_escape_string(p->conf.mysql_conn,
++ urealm, realm->ptr,
++ (unsigned long)unamelen);
++
++ mysql_real_escape_string(p->conf.mysql_conn,
++ urealm, realm->ptr,
++ (unsigned long)urealmlen);
++
++ sprintf(q, "SELECT %s FROM %s WHERE %s='%s' AND %s='%s'",
++ p->conf.auth_mysql_col_pass->ptr,
++ p->conf.auth_mysql_users_table->ptr,
++ p->conf.auth_mysql_col_user->ptr,
++ uname,
++ p->conf.auth_mysql_col_realm->ptr,
++ urealm
++ );
++
++ free(uname);
++ free(urealm);
++#endif
++
++ mysql_query(p->conf.mysql_conn, q);
++ result = mysql_store_result(p->conf.mysql_conn);
++ if (mysql_num_rows(result) == 1)
++ {
++ /* found */
++ row = mysql_fetch_row(result);
++ buffer_copy_string_len(password, row[0], strlen(row[0]));
++
++ return 0;
++ } else
++ {
++ /* not found */
++ return -1;
++ }
++
++ mysql_free_result(result);
++ mysql_close(p->conf.mysql_conn);
++
++ p->conf.mysql_conn = NULL;
++ } else
++ return -1;
++ }
+ }
+
+ int http_auth_match_rules(server *srv, array *req, const char *username, const char *group, const char *host) {
+@@ -711,6 +822,60 @@ static int http_auth_basic_password_comp
+
+ return 0;
+ #endif
++ } else if (p->conf.auth_backend == AUTH_BACKEND_MYSQL) {
++ /*
++ we check for md5 crypt() now
++ request by Nicola Tiling <nti@w4w.net>
++ */
++ if (password->ptr[0] == '$' && password->ptr[2] == '$')
++ {
++ char salt[32];
++ char *crypted;
++ size_t salt_len = 0;
++ char *dollar = NULL;
++
++ if (NULL == (dollar = strchr(password->ptr + 3, '$'))) {
++ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__);
++ return -1;
++ }
++
++ salt_len = dollar - password->ptr;
++
++ if (salt_len > sizeof(salt) - 1)
++ {
++ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__);
++ return -1;
++ }
++
++ strncpy(salt, password->ptr, salt_len);
++
++ salt[salt_len] = '\0';
++
++ crypted = crypt(pw, salt);
++
++ if (0 == strcmp(password->ptr, crypted))
++ {
++ return 0;
++ } else {
++ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__);
++ }
++ } else
++ /* plain md5 check now */
++ {
++ li_MD5_CTX Md5Ctx;
++ HASH HA1;
++ char a1[256];
++
++ li_MD5_Init(&Md5Ctx);
++ li_MD5_Update(&Md5Ctx, (unsigned char *)pw, strlen(pw));
++ li_MD5_Final(HA1, &Md5Ctx);
++
++ CvtHex(HA1, a1);
++
++ if (0 == strcmp(password->ptr, a1)) {
++ return 0;
++ }
++ }
+ }
+ return -1;
+ }
diff --git a/www/lighttpd/files/extra-patch-src_http__auth.h b/www/lighttpd/files/extra-patch-src_http__auth.h
new file mode 100644
index 000000000000..789dde25a5c8
--- /dev/null
+++ b/www/lighttpd/files/extra-patch-src_http__auth.h
@@ -0,0 +1,43 @@
+--- src/http_auth.h.orig 2016-07-16 10:06:16 UTC
++++ src/http_auth.h
+@@ -9,13 +9,15 @@
+ # define USE_LDAP
+ # include <ldap.h>
+ #endif
++#include <mysql/mysql.h>
+
+ typedef enum {
+ AUTH_BACKEND_UNSET,
+ AUTH_BACKEND_PLAIN,
+ AUTH_BACKEND_LDAP,
+ AUTH_BACKEND_HTPASSWD,
+- AUTH_BACKEND_HTDIGEST
++ AUTH_BACKEND_HTDIGEST,
++ AUTH_BACKEND_MYSQL
+ } auth_backend_t;
+
+ typedef struct {
+@@ -50,6 +52,23 @@ typedef struct {
+ buffer *ldap_filter_pre;
+ buffer *ldap_filter_post;
+ #endif
++
++ MYSQL *mysql_conn;
++ buffer *auth_mysql_host;
++ buffer *auth_mysql_user;
++ buffer *auth_mysql_pass;
++ buffer *auth_mysql_db;
++ buffer *auth_mysql_port;
++ buffer *auth_mysql_socket;
++ buffer *auth_mysql_users_table;
++ buffer *auth_mysql_col_user;
++ buffer *auth_mysql_col_pass;
++ buffer *auth_mysql_col_realm;
++ buffer *auth_mysql_domains_table;
++ buffer *auth_mysql_col_domain;
++ buffer *auth_mysql_domains_table_col_domain_id;
++ buffer *auth_mysql_users_table_col_domain_id;
++
+ } mod_auth_plugin_config;
+
+ typedef struct {
diff --git a/www/lighttpd/files/extra-patch-src_mod__auth.c b/www/lighttpd/files/extra-patch-src_mod__auth.c
new file mode 100644
index 000000000000..1e414b682eaf
--- /dev/null
+++ b/www/lighttpd/files/extra-patch-src_mod__auth.c
@@ -0,0 +1,200 @@
+--- src/mod_auth.c.orig 2016-07-16 10:06:16 UTC
++++ src/mod_auth.c
+@@ -13,6 +13,7 @@
+ #include <errno.h>
+ #include <fcntl.h>
+ #include <unistd.h>
++#include <mysql/mysql.h>
+
+ handler_t auth_ldap_init(server *srv, mod_auth_plugin_config *s);
+
+@@ -84,6 +85,19 @@ FREE_FUNC(mod_auth_free) {
+
+ if (s->ldap) ldap_unbind_s(s->ldap);
+ #endif
++ buffer_free(s->auth_mysql_host);
++ buffer_free(s->auth_mysql_user);
++ buffer_free(s->auth_mysql_pass);
++ buffer_free(s->auth_mysql_db);
++ buffer_free(s->auth_mysql_socket);
++ buffer_free(s->auth_mysql_users_table);
++ buffer_free(s->auth_mysql_col_user);
++ buffer_free(s->auth_mysql_col_pass);
++ buffer_free(s->auth_mysql_col_realm);
++ buffer_free(s->auth_mysql_domains_table);
++ buffer_free(s->auth_mysql_col_domain);
++ buffer_free(s->auth_mysql_domains_table_col_domain_id);
++ buffer_free(s->auth_mysql_users_table_col_domain_id);
+
+ free(s);
+ }
+@@ -122,6 +136,21 @@ static int mod_auth_patch_connection(ser
+ PATCH(ldap_filter_post);
+ #endif
+
++ PATCH(auth_mysql_host);
++ PATCH(auth_mysql_user);
++ PATCH(auth_mysql_pass);
++ PATCH(auth_mysql_db);
++ PATCH(auth_mysql_port);
++ PATCH(auth_mysql_socket);
++ PATCH(auth_mysql_users_table);
++ PATCH(auth_mysql_col_user);
++ PATCH(auth_mysql_col_pass);
++ PATCH(auth_mysql_col_realm);
++ PATCH(auth_mysql_domains_table);
++ PATCH(auth_mysql_col_domain);
++ PATCH(auth_mysql_domains_table_col_domain_id);
++ PATCH(auth_mysql_users_table_col_domain_id);
++
+ /* skip the first, the global context */
+ for (i = 1; i < srv->config_context->used; i++) {
+ data_config *dc = (data_config *)srv->config_context->data[i];
+@@ -171,6 +200,34 @@ static int mod_auth_patch_connection(ser
+ PATCH(auth_ldap_bindpw);
+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.ldap.allow-empty-pw"))) {
+ PATCH(auth_ldap_allow_empty_pw);
++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.host"))) {
++ PATCH(auth_mysql_host);
++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.user"))) {
++ PATCH(auth_mysql_user);
++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.pass"))) {
++ PATCH(auth_mysql_pass);
++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.db"))) {
++ PATCH(auth_mysql_db);
++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.port"))) {
++ PATCH(auth_mysql_port);
++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.socket"))) {
++ PATCH(auth_mysql_user);
++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.users_table"))) {
++ PATCH(auth_mysql_users_table);
++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_user"))) {
++ PATCH(auth_mysql_col_user);
++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_pass"))) {
++ PATCH(auth_mysql_col_pass);
++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_realm"))) {
++ PATCH(auth_mysql_col_realm);
++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.domains_table"))) {
++ PATCH(auth_mysql_domains_table);
++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_domain"))) {
++ PATCH(auth_mysql_col_domain);
++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.domains_table_col_domain_id"))) {
++ PATCH(auth_mysql_domains_table_col_domain_id);
++ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.users_table_col_domain_id"))) {
++ PATCH(auth_mysql_users_table_col_domain_id);
+ }
+ }
+ }
+@@ -362,10 +419,25 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults)
+ { "auth.backend.ldap.starttls", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 8 */
+ { "auth.backend.ldap.bind-dn", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 9 */
+ { "auth.backend.ldap.bind-pw", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 10 */
+- { "auth.backend.ldap.allow-empty-pw", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 11 */
++ { "auth.backend.ldap.allow-empty-pw", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION },
+ { "auth.backend.htdigest.userfile", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 12 */
+ { "auth.backend.htpasswd.userfile", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 13 */
+ { "auth.debug", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 14 */
++ { "auth.backend.mysql.host", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
++ { "auth.backend.mysql.user", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
++ { "auth.backend.mysql.pass", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
++ { "auth.backend.mysql.db", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
++ { "auth.backend.mysql.port", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
++ { "auth.backend.mysql.socket", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
++ { "auth.backend.mysql.users_table", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
++ { "auth.backend.mysql.col_user", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
++ { "auth.backend.mysql.col_pass", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
++ { "auth.backend.mysql.col_realm", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 23 */
++ { "auth.backend.mysql.domains_table", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
++ { "auth.backend.mysql.col_domain", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
++ { "auth.backend.mysql.domains_table_col_domain_id", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION },
++ { "auth.backend.mysql.users_table_col_domain_id", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 27 */
++
+ { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
+ };
+
+@@ -394,6 +466,22 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults)
+ s->auth_debug = 0;
+
+ s->auth_require = array_init();
++ s->mysql_conn = NULL;
++ s->auth_mysql_host = buffer_init();
++ s->auth_mysql_user = buffer_init();
++ s->auth_mysql_pass = buffer_init();
++ s->auth_mysql_db = buffer_init();
++ s->auth_mysql_port = buffer_init();
++ s->auth_mysql_socket = buffer_init();
++ s->auth_mysql_users_table = buffer_init();
++ s->auth_mysql_col_user = buffer_init();
++ s->auth_mysql_col_pass = buffer_init();
++ s->auth_mysql_col_realm = buffer_init();
++ s->auth_mysql_domains_table = buffer_init();
++ s->auth_mysql_col_domain = buffer_init();
++ s->auth_mysql_domains_table_col_domain_id = buffer_init();
++ s->auth_mysql_users_table_col_domain_id = buffer_init();
++
+
+ #ifdef USE_LDAP
+ s->ldap_filter_pre = buffer_init();
+@@ -416,7 +504,20 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults)
+ cv[12].destination = s->auth_htdigest_userfile;
+ cv[13].destination = s->auth_htpasswd_userfile;
+ cv[14].destination = &(s->auth_debug);
+-
++ cv[15].destination = s->auth_mysql_host;
++ cv[16].destination = s->auth_mysql_user;
++ cv[17].destination = s->auth_mysql_pass;
++ cv[18].destination = s->auth_mysql_db;
++ cv[19].destination = s->auth_mysql_port;
++ cv[20].destination = s->auth_mysql_socket;
++ cv[21].destination = s->auth_mysql_users_table;
++ cv[22].destination = s->auth_mysql_col_user;
++ cv[23].destination = s->auth_mysql_col_pass;
++ cv[24].destination = s->auth_mysql_col_realm;
++ cv[25].destination = s->auth_mysql_domains_table;
++ cv[26].destination = s->auth_mysql_col_domain;
++ cv[27].destination = s->auth_mysql_domains_table_col_domain_id;
++ cv[28].destination = s->auth_mysql_users_table_col_domain_id;
+ p->config_storage[i] = s;
+
+ if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) {
+@@ -432,6 +533,8 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults)
+ s->auth_backend = AUTH_BACKEND_PLAIN;
+ } else if (0 == strcmp(s->auth_backend_conf->ptr, "ldap")) {
+ s->auth_backend = AUTH_BACKEND_LDAP;
++ } else if (0 == strcmp(s->auth_backend_conf->ptr, "mysql")) {
++ s->auth_backend = AUTH_BACKEND_MYSQL;
+ } else {
+ log_error_write(srv, __FILE__, __LINE__, "sb", "auth.backend not supported:", s->auth_backend_conf);
+
+@@ -573,6 +676,31 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults)
+ return (ret);
+ break;
+ }
++ case AUTH_BACKEND_MYSQL: {
++ int port = atoi(s->auth_mysql_port->ptr);
++
++ /* ignore if auth_mysql_socket is invalid */
++ if (p->conf.auth_mysql_socket == NULL)
++ return HANDLER_GO_ON;
++ if (p->conf.auth_mysql_socket->ptr != NULL)
++ if (0 == strcmp(s->auth_mysql_socket->ptr, "")) s->auth_mysql_socket->ptr = NULL;
++
++ s->mysql_conn = mysql_init(NULL);
++ if (!mysql_real_connect(s->mysql_conn, s->auth_mysql_host->ptr, s->auth_mysql_user->ptr, s->auth_mysql_pass->ptr, s->auth_mysql_db->ptr, port, NULL, 0))
++ {
++ log_error_write(srv, __FILE__, __LINE__, "sbsbsbsbss",
++ "opening connection to mysql:", s->auth_mysql_host,
++ "user:", s->auth_mysql_user,
++ "pass:", s->auth_mysql_pass,
++ "db:", s->auth_mysql_db,
++ "failed:", strerror(errno));
++
++ return HANDLER_ERROR;
++ }
++ mysql_close(s->mysql_conn);
++
++ break;
++ }
+ default:
+ break;
+ }
diff --git a/www/lighttpd/files/patch-configure.ac b/www/lighttpd/files/patch-configure.ac
deleted file mode 100644
index 49849dff853c..000000000000
--- a/www/lighttpd/files/patch-configure.ac
+++ /dev/null
@@ -1,22 +0,0 @@
---- configure.ac.orig 2015-07-26 10:36:36 UTC
-+++ configure.ac
-@@ -46,6 +46,7 @@ AC_DEFUN([TRY_CFLAGS],
- dnl Checks for programs.
- AC_PROG_CC
- AM_PROG_CC_C_O
-+AM_PROG_AR
- AC_PROG_LD
- AC_PROG_INSTALL
- AC_PROG_AWK
-@@ -60,11 +61,6 @@ m4_ifdef([AC_USE_SYSTEM_EXTENSIONS], [AC
- dnl AM_PROG_AR requires automake 1.11 (and uses AC_COMPILE_IFELSE which wants AC_USE_SYSTEM_EXTENSIONS)
- m4_ifdef([AM_PROG_AR], [AM_PROG_AR])
-
--dnl check environment
--AC_AIX
--AC_ISC_POSIX
--AC_MINIX
--
- dnl AC_CANONICAL_HOST
- case $host_os in
- *darwin*|*cygwin*|*aix*|*mingw* ) NO_RDYNAMIC=yes;;
diff --git a/www/lighttpd/files/patch-src-fdevent.h b/www/lighttpd/files/patch-src-fdevent.h
deleted file mode 100644
index b7773c784905..000000000000
--- a/www/lighttpd/files/patch-src-fdevent.h
+++ /dev/null
@@ -1,11 +0,0 @@
---- src/fdevent.h.orig 2015-07-26 10:36:36 UTC
-+++ src/fdevent.h
-@@ -46,7 +46,7 @@
- # include <port.h>
- #endif
-
--#if defined HAVE_SYS_EVENT_H && defined HAVE_KQUEUE
-+#if defined HAVE_SYS_EVENT_H && defined HAVE_KQUEUE && !defined HAVE_LIBEV
- # define USE_FREEBSD_KQUEUE
- #endif
-
diff --git a/www/lighttpd/files/patch-src_mod__cml__lua.c b/www/lighttpd/files/patch-src_mod__cml__lua.c
deleted file mode 100644
index fb8ebf4b0e3f..000000000000
--- a/www/lighttpd/files/patch-src_mod__cml__lua.c
+++ /dev/null
@@ -1,25 +0,0 @@
---- src/mod_cml_lua.c.orig 2015-07-26 10:36:36 UTC
-+++ src/mod_cml_lua.c
-@@ -28,6 +28,10 @@ typedef char HASHHEX[HASHHEXLEN+1];
- #include <lualib.h>
- #include <lauxlib.h>
-
-+#if LUA_VERSION_NUM >= 502
-+#define LUA_GLOBALSINDEX LUA_REGISTRYINDEX
-+#endif
-+
- typedef struct {
- stream st;
- int done;
-@@ -291,7 +295,11 @@ int cache_parse_lua(server *srv, connect
- lua_settable(L, LUA_GLOBALSINDEX);
-
- /* load lua program */
-+#if LUA_VERSION_NUM >= 502
-+ if (lua_load(L, load_file, &rm, fn->ptr, NULL) || lua_pcall(L,0,1,0)) {
-+#else
- if (lua_load(L, load_file, &rm, fn->ptr) || lua_pcall(L,0,1,0)) {
-+#endif
- log_error_write(srv, __FILE__, __LINE__, "s",
- lua_tostring(L,-1));
-
diff --git a/www/lighttpd/files/patch-src_mod__magnet.c b/www/lighttpd/files/patch-src_mod__magnet.c
deleted file mode 100644
index 884460660f94..000000000000
--- a/www/lighttpd/files/patch-src_mod__magnet.c
+++ /dev/null
@@ -1,13 +0,0 @@
---- src/mod_magnet.c.orig 2015-07-26 10:36:36 UTC
-+++ src/mod_magnet.c
-@@ -24,6 +24,10 @@
- #define MAGNET_CONFIG_PHYSICAL_PATH "magnet.attract-physical-path-to"
- #define MAGNET_RESTART_REQUEST 99
-
-+#if LUA_VERSION_NUM >= 502
-+#define LUA_GLOBALSINDEX LUA_REGISTRYINDEX
-+#endif
-+
- /* plugin config for all request/connections */
-
- static jmp_buf exceptionjmp;
diff --git a/www/lighttpd/files/patch-src_network.c b/www/lighttpd/files/patch-src_network.c
deleted file mode 100644
index 8f8815d92ede..000000000000
--- a/www/lighttpd/files/patch-src_network.c
+++ /dev/null
@@ -1,23 +0,0 @@
-Cherry-picked from upstream
-https://redmine.lighttpd.net/projects/lighttpd/repository/revisions/1ca52fdce3b87f7748dd5db6f59d738ed7a9efe1/diff
-
---- src/network.c.orig 2015-12-04 21:13:47 UTC
-+++ src/network.c
-@@ -769,7 +769,7 @@ int network_init(server *srv) {
-
- if (!s->ssl_use_sslv2) {
- /* disable SSLv2 */
-- if (!(SSL_OP_NO_SSLv2 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2))) {
-+ if ((SSL_OP_NO_SSLv2 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2)) != SSL_OP_NO_SSLv2) {
- log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
- ERR_error_string(ERR_get_error(), NULL));
- return -1;
-@@ -778,7 +778,7 @@ int network_init(server *srv) {
-
- if (!s->ssl_use_sslv3) {
- /* disable SSLv3 */
-- if (!(SSL_OP_NO_SSLv3 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv3))) {
-+ if ((SSL_OP_NO_SSLv3 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv3)) != SSL_OP_NO_SSLv3) {
- log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
- ERR_error_string(ERR_get_error(), NULL));
- return -1;
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-01 00:45:18 +0000