diff --git a/www/lighttpd/Makefile b/www/lighttpd/Makefile index 7ea2e59f12a..9e8ddc14c0c 100644 --- a/www/lighttpd/Makefile +++ b/www/lighttpd/Makefile @@ -1,10 +1,11 @@ -# $OpenBSD: Makefile,v 1.47 2007/09/10 20:41:59 rui Exp $ +# $OpenBSD: Makefile,v 1.48 2008/03/02 10:04:22 jasper Exp $ SHARED_ONLY= Yes COMMENT= secure, fast, compliant, and very flexible web-server DISTNAME= lighttpd-1.4.18 +PKGNAME= ${DISTNAME}p0 CATEGORIES= www net MASTER_SITES= ${HOMEPAGE}/download/ diff --git a/www/lighttpd/patches/patch-src_fdevent_solaris_devpoll_c b/www/lighttpd/patches/patch-src_fdevent_solaris_devpoll_c new file mode 100644 index 00000000000..3d8d7fb2c6e --- /dev/null +++ b/www/lighttpd/patches/patch-src_fdevent_solaris_devpoll_c @@ -0,0 +1,12 @@ +$OpenBSD: patch-src_fdevent_solaris_devpoll_c,v 1.1 2008/03/02 10:04:22 jasper Exp $ +--- src/fdevent_solaris_devpoll.c.orig Fri Feb 29 15:51:27 2008 ++++ src/fdevent_solaris_devpoll.c Fri Feb 29 15:51:47 2008 +@@ -67,7 +67,7 @@ static int fdevent_solaris_devpoll_poll(fdevents *ev, + int ret; + + dopoll.dp_timeout = timeout_ms; +- dopoll.dp_nfds = ev->maxfds; ++ dopoll.dp_nfds = ev->maxfds - 1; + dopoll.dp_fds = ev->devpollfds; + + ret = ioctl(ev->devpoll_fd, DP_POLL, &dopoll); diff --git a/www/lighttpd/patches/patch-src_server_c b/www/lighttpd/patches/patch-src_server_c new file mode 100644 index 00000000000..96959d194a5 --- /dev/null +++ b/www/lighttpd/patches/patch-src_server_c @@ -0,0 +1,49 @@ +$OpenBSD: patch-src_server_c,v 1.5 2008/03/02 10:04:22 jasper Exp $ +--- src/server.c.orig Fri Feb 29 15:52:04 2008 ++++ src/server.c Fri Feb 29 18:59:11 2008 +@@ -697,9 +697,6 @@ int main (int argc, char **argv) { + } + } + +- /* #372: solaris need some fds extra for devpoll */ +- if (rlim.rlim_cur > 10) rlim.rlim_cur -= 10; +- + if (srv->event_handler == FDEVENT_HANDLER_SELECT) { + srv->max_fds = rlim.rlim_cur < FD_SETSIZE - 200 ? rlim.rlim_cur : FD_SETSIZE - 200; + } else { +@@ -759,6 +756,19 @@ int main (int argc, char **argv) { + + return -1; + } ++ ++#ifdef HAVE_PWD_H ++ /** ++ * initgroups() has to be called before chroot() ++ */ ++ if (srv->srvconf.groupname->used) { ++ setgid(grp->gr_gid); ++ setgroups(0, NULL); ++ if (srv->srvconf.username->used) { ++ initgroups(srv->srvconf.username->ptr, grp->gr_gid); ++ } ++ } ++#endif + #ifdef HAVE_CHROOT + if (srv->srvconf.changeroot->used) { + tzset(); +@@ -775,15 +785,7 @@ int main (int argc, char **argv) { + #endif + #ifdef HAVE_PWD_H + /* drop root privs */ +- if (srv->srvconf.groupname->used) { +- setgid(grp->gr_gid); +- setgroups(0, NULL); +- } +- + if (srv->srvconf.username->used) { +- if (srv->srvconf.groupname->used) { +- initgroups(srv->srvconf.username->ptr, grp->gr_gid); +- } + setuid(pwd->pw_uid); + } + #endif diff --git a/www/lighttpd/patches/patch-src_spawn-fcgi_c b/www/lighttpd/patches/patch-src_spawn-fcgi_c new file mode 100644 index 00000000000..9ce9d609bd0 --- /dev/null +++ b/www/lighttpd/patches/patch-src_spawn-fcgi_c @@ -0,0 +1,36 @@ +$OpenBSD: patch-src_spawn-fcgi_c,v 1.1 2008/03/02 10:04:22 jasper Exp $ +--- src/spawn-fcgi.c.orig Fri Feb 29 18:59:42 2008 ++++ src/spawn-fcgi.c Fri Feb 29 19:02:19 2008 +@@ -404,6 +404,18 @@ int main(int argc, char **argv) { + } + } + ++ /* ++ * Change group before chroot, when we have access ++ * to /etc/group ++ */ ++ if (groupname) { ++ setgid(grp->gr_gid); ++ setgroups(0, NULL); ++ if (username) { ++ initgroups(username, grp->gr_gid); ++ } ++ } ++ + if (changeroot) { + if (-1 == chroot(changeroot)) { + fprintf(stderr, "%s.%d: %s %s\n", +@@ -420,13 +432,7 @@ int main(int argc, char **argv) { + } + + /* drop root privs */ +- if (groupname) { +- setgid(grp->gr_gid); +- } + if (username) { +- if (groupname) { +- initgroups(username, grp->gr_gid); +- } + setuid(pwd->pw_uid); + } + }