Upstream bug fix:

Fix handling of If-Modified-Since if If-None-Match is present (don't
return 412 for date parsing errors); follow current draft for HTTP/1.1,
which tells us to ignore If-Modified-Since if we have matching etags.

ok sthen@

www/lighttpd/Makefile

@@ -1,11 +1,11 @@
-# $OpenBSD: Makefile,v 1.105 2013/01/14 09:17:03 brad Exp $
+# $OpenBSD: Makefile,v 1.106 2013/01/25 08:00:23 brad Exp $
 
 SHARED_ONLY=	Yes
 
 COMMENT=	secure, fast, compliant, and very flexible web-server
 
 DISTNAME=	lighttpd-1.4.32
-REVISION=	0
+REVISION=	1
 CATEGORIES=	www net
 MASTER_SITES=	http://download.lighttpd.net/lighttpd/releases-1.4.x/
 

www/lighttpd/patches/patch-src_http-header-glue_c

@@ -0,0 +1,90 @@
+$OpenBSD: patch-src_http-header-glue_c,v 1.3 2013/01/25 08:00:23 brad Exp $
+
+Fix handling of If-Modified-Since if If-None-Match is present (don't
+return 412 for date parsing errors); follow current draft for HTTP/1.1,
+which tells us to ignore If-Modified-Since if we have matching etags.
+
+--- src/http-header-glue.c.orig	Thu Jan 24 22:54:11 2013
++++ src/http-header-glue.c	Thu Jan 24 22:57:17 2013
+@@ -245,6 +245,7 @@ buffer * strftime_cache_get(server *srv, time_t last_m
+ 
+ 
+ int http_response_handle_cachable(server *srv, connection *con, buffer *mtime) {
++	UNUSED(srv);
+ 	/*
+ 	 * 14.26 If-None-Match
+ 	 *    [...]
+@@ -261,68 +262,18 @@ int http_response_handle_cachable(server *srv, connect
+ 			if (con->request.http_method == HTTP_METHOD_GET ||
+ 			    con->request.http_method == HTTP_METHOD_HEAD) {
+ 
+-				/* check if etag + last-modified */
+-				if (con->request.http_if_modified_since) {
+-					size_t used_len;
+-					char *semicolon;
++				con->http_status = 304;
++				return HANDLER_FINISHED;
+ 
+-					if (NULL == (semicolon = strchr(con->request.http_if_modified_since, ';'))) {
+-						used_len = strlen(con->request.http_if_modified_since);
+-					} else {
+-						used_len = semicolon - con->request.http_if_modified_since;
+-					}
+-
+-					if (0 == strncmp(con->request.http_if_modified_since, mtime->ptr, used_len)) {
+-						if ('\0' == mtime->ptr[used_len]) con->http_status = 304;
+-						return HANDLER_FINISHED;
+-					} else {
+-						char buf[sizeof("Sat, 23 Jul 2005 21:20:01 GMT")];
+-						time_t t_header, t_file;
+-						struct tm tm;
+-
+-						/* check if we can safely copy the string */
+-						if (used_len >= sizeof(buf)) {
+-							log_error_write(srv, __FILE__, __LINE__, "ssdd",
+-									"DEBUG: Last-Modified check failed as the received timestamp was too long:",
+-									con->request.http_if_modified_since, used_len, sizeof(buf) - 1);
+-
+-							con->http_status = 412;
+-							con->mode = DIRECT;
+-							return HANDLER_FINISHED;
+-						}
+-
+-
+-						strncpy(buf, con->request.http_if_modified_since, used_len);
+-						buf[used_len] = '\0';
+-
+-						if (NULL == strptime(buf, "%a, %d %b %Y %H:%M:%S GMT", &tm)) {
+-							con->http_status = 412;
+-							con->mode = DIRECT;
+-							return HANDLER_FINISHED;
+-						}
+-						tm.tm_isdst = 0;
+-						t_header = mktime(&tm);
+-
+-						strptime(mtime->ptr, "%a, %d %b %Y %H:%M:%S GMT", &tm);
+-						tm.tm_isdst = 0;
+-						t_file = mktime(&tm);
+-
+-						if (t_file > t_header) return HANDLER_GO_ON;
+-
+-						con->http_status = 304;
+-						return HANDLER_FINISHED;
+-					}
+-				} else {
+-					con->http_status = 304;
+-					return HANDLER_FINISHED;
+-				}
+ 			} else {
+ 				con->http_status = 412;
+ 				con->mode = DIRECT;
+ 				return HANDLER_FINISHED;
+ 			}
+ 		}
+-	} else if (con->request.http_if_modified_since) {
++	} else if (con->request.http_if_modified_since &&
++		   (con->request.http_method == HTTP_METHOD_GET ||
++		    con->request.http_method == HTTP_METHOD_HEAD)) {
+ 		size_t used_len;
+ 		char *semicolon;
+