diff options
Diffstat (limited to 'www/lighttpd/files')
| -rw-r--r-- | www/lighttpd/files/README.mysqlauth | 45 | ||||
| -rw-r--r-- | www/lighttpd/files/extra-patch-src_Makefile.am | 11 | ||||
| -rw-r--r-- | www/lighttpd/files/extra-patch-src_Makefile.in | 11 | ||||
| -rw-r--r-- | www/lighttpd/files/extra-patch-src_http__auth.c | 193 | ||||
| -rw-r--r-- | www/lighttpd/files/extra-patch-src_http__auth.h | 43 | ||||
| -rw-r--r-- | www/lighttpd/files/extra-patch-src_mod__auth.c | 200 | ||||
| -rw-r--r-- | www/lighttpd/files/mysql_auth.sql | 10 | ||||
| -rw-r--r-- | www/lighttpd/files/patch-src_mod__fastcgi.c | 12 | ||||
| -rw-r--r-- | www/lighttpd/files/patch-src_mod__proxy.c | 34 | ||||
| -rw-r--r-- | www/lighttpd/files/patch-src_mod__scgi.c | 34 |
10 files changed, 0 insertions, 593 deletions
diff --git a/www/lighttpd/files/README.mysqlauth b/www/lighttpd/files/README.mysqlauth deleted file mode 100644 index 322b40422fd9..000000000000 --- a/www/lighttpd/files/README.mysqlauth +++ /dev/null @@ -1,45 +0,0 @@ -References: -http://redmine.lighttpd.net/issues/752 -http://redmine.lighttpd.net/attachments/1012/03_all_lighttpd-1.4.23-mysql_auth.diff -http://redmine.lighttpd.net/attachments/download/1012/03_all_lighttpd-1.4.23-mysql_auth.diff - -This patch allows lighttpd to authenticate users against mySQL DBbr -NOTE: Only basic auth is implemented. Passwords are stored as MD5 hash in DB - -make mysql db and user (read mySQL doc's if you don't know how) -import lighttpd-1.4.11-mysql_auth.sql - -open lighttpd.conf and add -(be sure that you comment out any other auth - according to lighttpd docs) - -auth.backend = "mysql" -auth.backend.mysql.host = "localhost" -auth.backend.mysql.user = "db_user" -auth.backend.mysql.pass = "db_pass" -auth.backend.mysql.db = "db_name" -auth.backend.mysql.port = "0" # (for default port 0, always needed) -auth.backend.mysql.socket = "" # (for default leave blank, always needed) -auth.backend.mysql.users_table = "users_table" -auth.backend.mysql.col_user = "col_name_username" -auth.backend.mysql.col_pass = "col_name_password" # (md5 hash of password) -auth.backend.mysql.col_realm = "col_realm_name" - -configure lighttpd to use it (same as every other auth) - -auth.require = ( "/some_path" => - ( - "method" => "basic", - "realm" => "some_realm", - "require" => "some_user", - ) -) - -start lighttpd - -P.S. patch include more complicated setup with separate table for domains. -If you are interested please contact with me to obtain more information. - -Bugs, Patches and Suggestions -Send me E-Mail: drJeckyll@Jeckyll.net - --- drJeckyll diff --git a/www/lighttpd/files/extra-patch-src_Makefile.am b/www/lighttpd/files/extra-patch-src_Makefile.am deleted file mode 100644 index e73281add058..000000000000 --- a/www/lighttpd/files/extra-patch-src_Makefile.am +++ /dev/null @@ -1,11 +0,0 @@ ---- src/Makefile.am.orig 2016-07-16 10:06:16 UTC -+++ src/Makefile.am -@@ -254,7 +254,7 @@ mod_compress_la_LIBADD = $(Z_LIB) $(BZ_L - lib_LTLIBRARIES += mod_auth.la - mod_auth_la_SOURCES = mod_auth.c http_auth.c - mod_auth_la_LDFLAGS = $(common_module_ldflags) --mod_auth_la_LIBADD = $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) -+mod_auth_la_LIBADD = ${MYSQL_LIBS} $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) - - lib_LTLIBRARIES += mod_rewrite.la - mod_rewrite_la_SOURCES = mod_rewrite.c diff --git a/www/lighttpd/files/extra-patch-src_Makefile.in b/www/lighttpd/files/extra-patch-src_Makefile.in deleted file mode 100644 index 81aa8f763c7b..000000000000 --- a/www/lighttpd/files/extra-patch-src_Makefile.in +++ /dev/null @@ -1,11 +0,0 @@ ---- src/Makefile.in.orig 2016-07-16 10:10:53 UTC -+++ src/Makefile.in -@@ -1011,7 +1011,7 @@ mod_compress_la_LDFLAGS = $(common_modul - mod_compress_la_LIBADD = $(Z_LIB) $(BZ_LIB) $(common_libadd) - mod_auth_la_SOURCES = mod_auth.c http_auth.c - mod_auth_la_LDFLAGS = $(common_module_ldflags) --mod_auth_la_LIBADD = $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) -+mod_auth_la_LIBADD = ${MYSQL_LIBS} $(CRYPT_LIB) $(SSL_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd) - mod_rewrite_la_SOURCES = mod_rewrite.c - mod_rewrite_la_LDFLAGS = $(common_module_ldflags) - mod_rewrite_la_LIBADD = $(PCRE_LIB) $(common_libadd) diff --git a/www/lighttpd/files/extra-patch-src_http__auth.c b/www/lighttpd/files/extra-patch-src_http__auth.c deleted file mode 100644 index d823ade247f9..000000000000 --- a/www/lighttpd/files/extra-patch-src_http__auth.c +++ /dev/null @@ -1,193 +0,0 @@ ---- src/http_auth.c.orig 2016-07-16 10:06:16 UTC -+++ src/http_auth.c -@@ -30,6 +30,7 @@ - #include <errno.h> - #include <unistd.h> - #include <ctype.h> -+#include <mysql/mysql.h> - - #include "md5.h" - -@@ -194,9 +195,119 @@ static int http_auth_get_password(server - fclose(fp); - } else if (p->conf.auth_backend == AUTH_BACKEND_LDAP) { - return 0; -- } -+ } else if (p->conf.auth_backend == AUTH_BACKEND_MYSQL) { -+ MYSQL_RES *result; -+ MYSQL_ROW row; -+ int port = atoi(p->conf.auth_mysql_port->ptr); -+ char q[255]; - -- return -1; -+ if (p->conf.auth_mysql_socket->ptr != NULL) -+ if (0 == strcmp(p->conf.auth_mysql_socket->ptr, "")) p->conf.auth_mysql_socket->ptr = NULL; -+ -+ p->conf.mysql_conn = mysql_init(NULL); -+ -+ if (mysql_real_connect(p->conf.mysql_conn, p->conf.auth_mysql_host->ptr, p->conf.auth_mysql_user->ptr, p->conf.auth_mysql_pass->ptr, p->conf.auth_mysql_db->ptr, port, p->conf.auth_mysql_socket->ptr, 0)) -+ { -+//#define MY_HOSTING -+ -+#ifdef MY_HOSTING -+ char my_full_realm[255]; -+ char *my_realm = NULL; -+ char *my_domain = NULL; -+ -+ char *uname; -+ size_t unamelen; -+ -+ unamelen = strlen(username->ptr); -+ uname = malloc(unamelen*2+1); -+ -+ mysql_real_escape_string(p->conf.mysql_conn, -+ uname, username->ptr, -+ (unsigned long)unamelen); -+ -+ strcpy(my_full_realm, realm->ptr); -+ my_realm = strtok(my_full_realm, "@"); -+ -+ if (my_realm != NULL) -+ my_domain = strtok(NULL, "@"); -+ -+ sprintf(q, "SELECT %s FROM %s, %s WHERE %s='%s' AND %s='%s' AND %s='%s' AND %s=%s", -+ p->conf.auth_mysql_col_pass->ptr, -+ -+ p->conf.auth_mysql_users_table->ptr, -+ p->conf.auth_mysql_domains_table->ptr, -+ -+ p->conf.auth_mysql_col_user->ptr, -+ uname, -+ -+ p->conf.auth_mysql_col_realm->ptr, -+ my_realm, -+ -+ p->conf.auth_mysql_col_domain->ptr, -+ my_domain, -+ -+ p->conf.auth_mysql_domains_table_col_domain_id->ptr, -+ p->conf.auth_mysql_users_table_col_domain_id->ptr -+ ); -+ -+ free(uname); -+#else -+ // sanitize username & realm by taguchi@ff.iij4u.or.jp -+ char *uname, *urealm; -+ size_t unamelen, urealmlen; -+ -+ unamelen = strlen(username->ptr); -+ urealmlen = strlen(realm->ptr); -+ uname = malloc(unamelen*2+1); -+ urealm = malloc(urealmlen*2+1); -+ -+ mysql_real_escape_string(p->conf.mysql_conn, -+ uname, username->ptr, -+ (unsigned long)unamelen); -+ -+ mysql_real_escape_string(p->conf.mysql_conn, -+ urealm, realm->ptr, -+ (unsigned long)unamelen); -+ -+ mysql_real_escape_string(p->conf.mysql_conn, -+ urealm, realm->ptr, -+ (unsigned long)urealmlen); -+ -+ sprintf(q, "SELECT %s FROM %s WHERE %s='%s' AND %s='%s'", -+ p->conf.auth_mysql_col_pass->ptr, -+ p->conf.auth_mysql_users_table->ptr, -+ p->conf.auth_mysql_col_user->ptr, -+ uname, -+ p->conf.auth_mysql_col_realm->ptr, -+ urealm -+ ); -+ -+ free(uname); -+ free(urealm); -+#endif -+ -+ mysql_query(p->conf.mysql_conn, q); -+ result = mysql_store_result(p->conf.mysql_conn); -+ if (mysql_num_rows(result) == 1) -+ { -+ /* found */ -+ row = mysql_fetch_row(result); -+ buffer_copy_string_len(password, row[0], strlen(row[0])); -+ -+ return 0; -+ } else -+ { -+ /* not found */ -+ return -1; -+ } -+ -+ mysql_free_result(result); -+ mysql_close(p->conf.mysql_conn); -+ -+ p->conf.mysql_conn = NULL; -+ } else -+ return -1; -+ } - } - - int http_auth_match_rules(server *srv, array *req, const char *username, const char *group, const char *host) { -@@ -711,6 +822,60 @@ static int http_auth_basic_password_comp - - return 0; - #endif -+ } else if (p->conf.auth_backend == AUTH_BACKEND_MYSQL) { -+ /* -+ we check for md5 crypt() now -+ request by Nicola Tiling <nti@w4w.net> -+ */ -+ if (password->ptr[0] == '$' && password->ptr[2] == '$') -+ { -+ char salt[32]; -+ char *crypted; -+ size_t salt_len = 0; -+ char *dollar = NULL; -+ -+ if (NULL == (dollar = strchr(password->ptr + 3, '$'))) { -+ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__); -+ return -1; -+ } -+ -+ salt_len = dollar - password->ptr; -+ -+ if (salt_len > sizeof(salt) - 1) -+ { -+ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__); -+ return -1; -+ } -+ -+ strncpy(salt, password->ptr, salt_len); -+ -+ salt[salt_len] = '\0'; -+ -+ crypted = crypt(pw, salt); -+ -+ if (0 == strcmp(password->ptr, crypted)) -+ { -+ return 0; -+ } else { -+ fprintf(stderr, "%s.%d\n", __FILE__, __LINE__); -+ } -+ } else -+ /* plain md5 check now */ -+ { -+ li_MD5_CTX Md5Ctx; -+ HASH HA1; -+ char a1[256]; -+ -+ li_MD5_Init(&Md5Ctx); -+ li_MD5_Update(&Md5Ctx, (unsigned char *)pw, strlen(pw)); -+ li_MD5_Final(HA1, &Md5Ctx); -+ -+ CvtHex(HA1, a1); -+ -+ if (0 == strcmp(password->ptr, a1)) { -+ return 0; -+ } -+ } - } - return -1; - } diff --git a/www/lighttpd/files/extra-patch-src_http__auth.h b/www/lighttpd/files/extra-patch-src_http__auth.h deleted file mode 100644 index 789dde25a5c8..000000000000 --- a/www/lighttpd/files/extra-patch-src_http__auth.h +++ /dev/null @@ -1,43 +0,0 @@ ---- src/http_auth.h.orig 2016-07-16 10:06:16 UTC -+++ src/http_auth.h -@@ -9,13 +9,15 @@ - # define USE_LDAP - # include <ldap.h> - #endif -+#include <mysql/mysql.h> - - typedef enum { - AUTH_BACKEND_UNSET, - AUTH_BACKEND_PLAIN, - AUTH_BACKEND_LDAP, - AUTH_BACKEND_HTPASSWD, -- AUTH_BACKEND_HTDIGEST -+ AUTH_BACKEND_HTDIGEST, -+ AUTH_BACKEND_MYSQL - } auth_backend_t; - - typedef struct { -@@ -50,6 +52,23 @@ typedef struct { - buffer *ldap_filter_pre; - buffer *ldap_filter_post; - #endif -+ -+ MYSQL *mysql_conn; -+ buffer *auth_mysql_host; -+ buffer *auth_mysql_user; -+ buffer *auth_mysql_pass; -+ buffer *auth_mysql_db; -+ buffer *auth_mysql_port; -+ buffer *auth_mysql_socket; -+ buffer *auth_mysql_users_table; -+ buffer *auth_mysql_col_user; -+ buffer *auth_mysql_col_pass; -+ buffer *auth_mysql_col_realm; -+ buffer *auth_mysql_domains_table; -+ buffer *auth_mysql_col_domain; -+ buffer *auth_mysql_domains_table_col_domain_id; -+ buffer *auth_mysql_users_table_col_domain_id; -+ - } mod_auth_plugin_config; - - typedef struct { diff --git a/www/lighttpd/files/extra-patch-src_mod__auth.c b/www/lighttpd/files/extra-patch-src_mod__auth.c deleted file mode 100644 index 1e414b682eaf..000000000000 --- a/www/lighttpd/files/extra-patch-src_mod__auth.c +++ /dev/null @@ -1,200 +0,0 @@ ---- src/mod_auth.c.orig 2016-07-16 10:06:16 UTC -+++ src/mod_auth.c -@@ -13,6 +13,7 @@ - #include <errno.h> - #include <fcntl.h> - #include <unistd.h> -+#include <mysql/mysql.h> - - handler_t auth_ldap_init(server *srv, mod_auth_plugin_config *s); - -@@ -84,6 +85,19 @@ FREE_FUNC(mod_auth_free) { - - if (s->ldap) ldap_unbind_s(s->ldap); - #endif -+ buffer_free(s->auth_mysql_host); -+ buffer_free(s->auth_mysql_user); -+ buffer_free(s->auth_mysql_pass); -+ buffer_free(s->auth_mysql_db); -+ buffer_free(s->auth_mysql_socket); -+ buffer_free(s->auth_mysql_users_table); -+ buffer_free(s->auth_mysql_col_user); -+ buffer_free(s->auth_mysql_col_pass); -+ buffer_free(s->auth_mysql_col_realm); -+ buffer_free(s->auth_mysql_domains_table); -+ buffer_free(s->auth_mysql_col_domain); -+ buffer_free(s->auth_mysql_domains_table_col_domain_id); -+ buffer_free(s->auth_mysql_users_table_col_domain_id); - - free(s); - } -@@ -122,6 +136,21 @@ static int mod_auth_patch_connection(ser - PATCH(ldap_filter_post); - #endif - -+ PATCH(auth_mysql_host); -+ PATCH(auth_mysql_user); -+ PATCH(auth_mysql_pass); -+ PATCH(auth_mysql_db); -+ PATCH(auth_mysql_port); -+ PATCH(auth_mysql_socket); -+ PATCH(auth_mysql_users_table); -+ PATCH(auth_mysql_col_user); -+ PATCH(auth_mysql_col_pass); -+ PATCH(auth_mysql_col_realm); -+ PATCH(auth_mysql_domains_table); -+ PATCH(auth_mysql_col_domain); -+ PATCH(auth_mysql_domains_table_col_domain_id); -+ PATCH(auth_mysql_users_table_col_domain_id); -+ - /* skip the first, the global context */ - for (i = 1; i < srv->config_context->used; i++) { - data_config *dc = (data_config *)srv->config_context->data[i]; -@@ -171,6 +200,34 @@ static int mod_auth_patch_connection(ser - PATCH(auth_ldap_bindpw); - } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.ldap.allow-empty-pw"))) { - PATCH(auth_ldap_allow_empty_pw); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.host"))) { -+ PATCH(auth_mysql_host); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.user"))) { -+ PATCH(auth_mysql_user); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.pass"))) { -+ PATCH(auth_mysql_pass); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.db"))) { -+ PATCH(auth_mysql_db); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.port"))) { -+ PATCH(auth_mysql_port); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.socket"))) { -+ PATCH(auth_mysql_user); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.users_table"))) { -+ PATCH(auth_mysql_users_table); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_user"))) { -+ PATCH(auth_mysql_col_user); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_pass"))) { -+ PATCH(auth_mysql_col_pass); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_realm"))) { -+ PATCH(auth_mysql_col_realm); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.domains_table"))) { -+ PATCH(auth_mysql_domains_table); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.col_domain"))) { -+ PATCH(auth_mysql_col_domain); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.domains_table_col_domain_id"))) { -+ PATCH(auth_mysql_domains_table_col_domain_id); -+ } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("auth.backend.mysql.users_table_col_domain_id"))) { -+ PATCH(auth_mysql_users_table_col_domain_id); - } - } - } -@@ -362,10 +419,25 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) - { "auth.backend.ldap.starttls", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 8 */ - { "auth.backend.ldap.bind-dn", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 9 */ - { "auth.backend.ldap.bind-pw", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 10 */ -- { "auth.backend.ldap.allow-empty-pw", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 11 */ -+ { "auth.backend.ldap.allow-empty-pw", NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, - { "auth.backend.htdigest.userfile", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 12 */ - { "auth.backend.htpasswd.userfile", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 13 */ - { "auth.debug", NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION }, /* 14 */ -+ { "auth.backend.mysql.host", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.user", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.pass", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.db", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.port", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.socket", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.users_table", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.col_user", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.col_pass", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.col_realm", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 23 */ -+ { "auth.backend.mysql.domains_table", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.col_domain", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.domains_table_col_domain_id", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, -+ { "auth.backend.mysql.users_table_col_domain_id", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 27 */ -+ - { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET } - }; - -@@ -394,6 +466,22 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) - s->auth_debug = 0; - - s->auth_require = array_init(); -+ s->mysql_conn = NULL; -+ s->auth_mysql_host = buffer_init(); -+ s->auth_mysql_user = buffer_init(); -+ s->auth_mysql_pass = buffer_init(); -+ s->auth_mysql_db = buffer_init(); -+ s->auth_mysql_port = buffer_init(); -+ s->auth_mysql_socket = buffer_init(); -+ s->auth_mysql_users_table = buffer_init(); -+ s->auth_mysql_col_user = buffer_init(); -+ s->auth_mysql_col_pass = buffer_init(); -+ s->auth_mysql_col_realm = buffer_init(); -+ s->auth_mysql_domains_table = buffer_init(); -+ s->auth_mysql_col_domain = buffer_init(); -+ s->auth_mysql_domains_table_col_domain_id = buffer_init(); -+ s->auth_mysql_users_table_col_domain_id = buffer_init(); -+ - - #ifdef USE_LDAP - s->ldap_filter_pre = buffer_init(); -@@ -416,7 +504,20 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) - cv[12].destination = s->auth_htdigest_userfile; - cv[13].destination = s->auth_htpasswd_userfile; - cv[14].destination = &(s->auth_debug); -- -+ cv[15].destination = s->auth_mysql_host; -+ cv[16].destination = s->auth_mysql_user; -+ cv[17].destination = s->auth_mysql_pass; -+ cv[18].destination = s->auth_mysql_db; -+ cv[19].destination = s->auth_mysql_port; -+ cv[20].destination = s->auth_mysql_socket; -+ cv[21].destination = s->auth_mysql_users_table; -+ cv[22].destination = s->auth_mysql_col_user; -+ cv[23].destination = s->auth_mysql_col_pass; -+ cv[24].destination = s->auth_mysql_col_realm; -+ cv[25].destination = s->auth_mysql_domains_table; -+ cv[26].destination = s->auth_mysql_col_domain; -+ cv[27].destination = s->auth_mysql_domains_table_col_domain_id; -+ cv[28].destination = s->auth_mysql_users_table_col_domain_id; - p->config_storage[i] = s; - - if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) { -@@ -432,6 +533,8 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) - s->auth_backend = AUTH_BACKEND_PLAIN; - } else if (0 == strcmp(s->auth_backend_conf->ptr, "ldap")) { - s->auth_backend = AUTH_BACKEND_LDAP; -+ } else if (0 == strcmp(s->auth_backend_conf->ptr, "mysql")) { -+ s->auth_backend = AUTH_BACKEND_MYSQL; - } else { - log_error_write(srv, __FILE__, __LINE__, "sb", "auth.backend not supported:", s->auth_backend_conf); - -@@ -573,6 +676,31 @@ SETDEFAULTS_FUNC(mod_auth_set_defaults) - return (ret); - break; - } -+ case AUTH_BACKEND_MYSQL: { -+ int port = atoi(s->auth_mysql_port->ptr); -+ -+ /* ignore if auth_mysql_socket is invalid */ -+ if (p->conf.auth_mysql_socket == NULL) -+ return HANDLER_GO_ON; -+ if (p->conf.auth_mysql_socket->ptr != NULL) -+ if (0 == strcmp(s->auth_mysql_socket->ptr, "")) s->auth_mysql_socket->ptr = NULL; -+ -+ s->mysql_conn = mysql_init(NULL); -+ if (!mysql_real_connect(s->mysql_conn, s->auth_mysql_host->ptr, s->auth_mysql_user->ptr, s->auth_mysql_pass->ptr, s->auth_mysql_db->ptr, port, NULL, 0)) -+ { -+ log_error_write(srv, __FILE__, __LINE__, "sbsbsbsbss", -+ "opening connection to mysql:", s->auth_mysql_host, -+ "user:", s->auth_mysql_user, -+ "pass:", s->auth_mysql_pass, -+ "db:", s->auth_mysql_db, -+ "failed:", strerror(errno)); -+ -+ return HANDLER_ERROR; -+ } -+ mysql_close(s->mysql_conn); -+ -+ break; -+ } - default: - break; - } diff --git a/www/lighttpd/files/mysql_auth.sql b/www/lighttpd/files/mysql_auth.sql deleted file mode 100644 index 5b1a25572225..000000000000 --- a/www/lighttpd/files/mysql_auth.sql +++ /dev/null @@ -1,10 +0,0 @@ -CREATE TABLE `vhosts_secure`( - vhost_secure_id bigint(20) NOT NULL AUTO_INCREMENT, - vhost_secure_username varchar(255) NOT NULL, - vhost_secure_password varchar(255) NOT NULL, - vhost_secure_realm varchar(255) NOT NULL - PRIMARY KEY (vhost_secure_id), - INDEX i_username (vhost_secure_username), - INDEX i_password (vhost_secure_password), - INDEX i_realm (vhost_secure_realm) -); diff --git a/www/lighttpd/files/patch-src_mod__fastcgi.c b/www/lighttpd/files/patch-src_mod__fastcgi.c deleted file mode 100644 index 6a1b6fb43f96..000000000000 --- a/www/lighttpd/files/patch-src_mod__fastcgi.c +++ /dev/null @@ -1,12 +0,0 @@ ---- src/mod_fastcgi.c.orig 2016-08-07 17:19:10 UTC -+++ src/mod_fastcgi.c -@@ -3257,7 +3257,8 @@ SUBREQUEST_FUNC(mod_fastcgi_handle_subre - } - } - -- return (0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb)) -+ return ((0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb)) -+ && hctx->state != FCGI_STATE_CONNECT_DELAYED) - ? fcgi_send_request(srv, hctx) - : HANDLER_WAIT_FOR_EVENT; - } diff --git a/www/lighttpd/files/patch-src_mod__proxy.c b/www/lighttpd/files/patch-src_mod__proxy.c deleted file mode 100644 index ca3354141483..000000000000 --- a/www/lighttpd/files/patch-src_mod__proxy.c +++ /dev/null @@ -1,34 +0,0 @@ ---- src/mod_proxy.c.orig 2016-07-31 12:42:39 UTC -+++ src/mod_proxy.c -@@ -854,7 +854,20 @@ static handler_t proxy_write_request(ser - - if (hctx->wb->bytes_out == hctx->wb_reqlen) { - fdevent_event_clr(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_OUT); -- shutdown(hctx->fd, SHUT_WR);/* future: remove if HTTP/1.1 request */ -+ #if (defined(__APPLE__) && defined(__MACH__)) \ -+ || defined(__FreeBSD__) || defined(__NetBSD__) \ -+ || defined(__OpenBSD__) || defined(__DragonflyBSD__) -+ /*(*BSD stack on remote might signal POLLHUP and remote -+ * might treat as socket error instead of half-close)*/ -+ #else -+ /*(remote could be different machine running affected OS, -+ * so only issue shutdown for known local sockets)*/ -+ if ( '/' == host->host->ptr[0] -+ || buffer_is_equal_string(host->host, CONST_STR_LEN("127.0.0.1")) -+ || buffer_is_equal_string(host->host, CONST_STR_LEN("::1"))) { -+ shutdown(hctx->fd, SHUT_WR);/* future: remove if HTTP/1.1 request */ -+ } -+ #endif - proxy_set_state(srv, hctx, PROXY_STATE_READ); - } else { - off_t wblen = hctx->wb->bytes_in - hctx->wb->bytes_out; -@@ -992,7 +1005,8 @@ SUBREQUEST_FUNC(mod_proxy_handle_subrequ - } - } - -- return (0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb)) -+ return ((0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb)) -+ && hctx->state != PROXY_STATE_CONNECT) - ? proxy_send_request(srv, hctx) - : HANDLER_WAIT_FOR_EVENT; - } diff --git a/www/lighttpd/files/patch-src_mod__scgi.c b/www/lighttpd/files/patch-src_mod__scgi.c deleted file mode 100644 index 947356aa1dd3..000000000000 --- a/www/lighttpd/files/patch-src_mod__scgi.c +++ /dev/null @@ -1,34 +0,0 @@ ---- src/mod_scgi.c.orig 2016-08-07 12:39:31 UTC -+++ src/mod_scgi.c -@@ -2438,7 +2438,20 @@ static handler_t scgi_write_request(serv - - if (hctx->wb->bytes_out == hctx->wb_reqlen) { - fdevent_event_clr(srv->ev, &(hctx->fde_ndx), hctx->fd, FDEVENT_OUT); -- shutdown(hctx->fd, SHUT_WR); -+ #if (defined(__APPLE__) && defined(__MACH__)) \ -+ || defined(__FreeBSD__) || defined(__NetBSD__) \ -+ || defined(__OpenBSD__) || defined(__DragonflyBSD__) -+ /*(*BSD stack on remote might signal POLLHUP and remote -+ * might treat as socket error instead of half-close)*/ -+ #else -+ /*(remote could be different machine running affected OS, -+ * so only issue shutdown for known local sockets)*/ -+ if ( '/' == host->host->ptr[0] -+ || buffer_is_equal_string(host->host, CONST_STR_LEN("127.0.0.1")) -+ || buffer_is_equal_string(host->host, CONST_STR_LEN("::1"))) { -+ shutdown(hctx->fd, SHUT_WR); -+ } -+ #endif - scgi_set_state(srv, hctx, FCGI_STATE_READ); - } else { - off_t wblen = hctx->wb->bytes_in - hctx->wb->bytes_out; -@@ -2585,7 +2598,8 @@ SUBREQUEST_FUNC(mod_scgi_handle_subreque - } - } - -- return (0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb)) -+ return ((0 == hctx->wb->bytes_in || !chunkqueue_is_empty(hctx->wb)) -+ && hctx->state != FCGI_STATE_CONNECT) - ? scgi_send_request(srv, hctx) - : HANDLER_WAIT_FOR_EVENT; - } |