From fbd221f05c5e7f72d191c10599d6ee68d18d8985 Mon Sep 17 00:00:00 2001
From: brad <brad@openbsd.org>
Date: Thu, 15 Nov 2012 10:45:23 +0000
Subject: [PATCH] More fixes from upstream..

- Fix :port handling in $HTTP["host"] checks.
- Ignore EPIPE/ECONNRESET after SSL_shutdown.
- Add PATCH method.
- Handle ENAMETOOLONG, return 404 Not Found.

ok sthen@
---
 www/lighttpd/Makefile                         |  4 +--
 .../patches/patch-src_configfile-glue_c       | 26 ++++++++++++++
 www/lighttpd/patches/patch-src_connections_c  | 36 +++++++++++++++++++
 www/lighttpd/patches/patch-src_keyvalue_c     | 14 ++++++++
 www/lighttpd/patches/patch-src_keyvalue_h     | 14 ++++++++
 www/lighttpd/patches/patch-src_response_c     | 15 ++++++++
 6 files changed, 107 insertions(+), 2 deletions(-)
 create mode 100644 www/lighttpd/patches/patch-src_configfile-glue_c
 create mode 100644 www/lighttpd/patches/patch-src_connections_c
 create mode 100644 www/lighttpd/patches/patch-src_keyvalue_c
 create mode 100644 www/lighttpd/patches/patch-src_keyvalue_h
 create mode 100644 www/lighttpd/patches/patch-src_response_c

diff --git a/www/lighttpd/Makefile b/www/lighttpd/Makefile
index 132b6d7f1bc..eadd04f5463 100644
--- a/www/lighttpd/Makefile
+++ b/www/lighttpd/Makefile
@@ -1,11 +1,11 @@
-# $OpenBSD: Makefile,v 1.101 2012/07/10 15:22:45 jasper Exp $
+# $OpenBSD: Makefile,v 1.102 2012/11/15 10:45:23 brad Exp $
 
 SHARED_ONLY=	Yes
 
 COMMENT=	secure, fast, compliant, and very flexible web-server
 
 DISTNAME=	lighttpd-1.4.31
-REVISION=	0
+REVISION=	1
 CATEGORIES=	www net
 MASTER_SITES=	http://download.lighttpd.net/lighttpd/releases-1.4.x/
 
diff --git a/www/lighttpd/patches/patch-src_configfile-glue_c b/www/lighttpd/patches/patch-src_configfile-glue_c
new file mode 100644
index 00000000000..5a30d775351
--- /dev/null
+++ b/www/lighttpd/patches/patch-src_configfile-glue_c
@@ -0,0 +1,26 @@
+$OpenBSD: patch-src_configfile-glue_c,v 1.1 2012/11/15 10:45:23 brad Exp $
+
+Fix :port handling in $HTTP["host"] checks.
+
+--- src/configfile-glue.c.orig	Wed Nov  7 21:33:53 2012
++++ src/configfile-glue.c	Wed Nov  7 21:33:21 2012
+@@ -299,17 +299,13 @@ static cond_result_t config_check_cond_nocache(server 
+ 				ck_colon = strchr(dc->string->ptr, ':');
+ 				val_colon = strchr(l->ptr, ':');
+ 
+-				if (ck_colon == val_colon) {
+-					/* nothing to do with it */
+-					break;
+-				}
+-				if (ck_colon) {
++				if (NULL != ck_colon && NULL == val_colon) {
+ 					/* condition "host:port" but client send "host" */
+ 					buffer_copy_string_buffer(srv->cond_check_buf, l);
+ 					buffer_append_string_len(srv->cond_check_buf, CONST_STR_LEN(":"));
+ 					buffer_append_long(srv->cond_check_buf, sock_addr_get_port(&(srv_sock->addr)));
+ 					l = srv->cond_check_buf;
+-				} else if (!ck_colon) {
++				} else if (NULL != val_colon && NULL == ck_colon) {
+ 					/* condition "host" but client send "host:port" */
+ 					buffer_copy_string_len(srv->cond_check_buf, l->ptr, val_colon - l->ptr);
+ 					l = srv->cond_check_buf;
diff --git a/www/lighttpd/patches/patch-src_connections_c b/www/lighttpd/patches/patch-src_connections_c
new file mode 100644
index 00000000000..231c418e72d
--- /dev/null
+++ b/www/lighttpd/patches/patch-src_connections_c
@@ -0,0 +1,36 @@
+$OpenBSD: patch-src_connections_c,v 1.21 2012/11/15 10:46:58 brad Exp $
+
+Ignore EPIPE/ECONNRESET after SSL_shutdown.
+
+--- src/connections.c.orig	Wed Nov  7 21:34:01 2012
++++ src/connections.c	Wed Nov  7 21:30:28 2012
+@@ -1712,11 +1712,18 @@ int connection_state_machine(server *srv, connection *
+ 										ERR_error_string(err, NULL));
+ 							} while((err = ERR_get_error()));
+ 						} else if (errno != 0) { /* ssl bug (see lighttpd ticket #2213): sometimes errno == 0 */
+-							log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL (error):",
++							switch(errno) {
++							case EPIPE:
++							case ECONNRESET:
++								break;
++							default:
++								log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL (error):",
+ 									ssl_r, ret, errno,
+ 									strerror(errno));
++								break;
++							}
+ 						}
+-	
++
+ 						break;
+ 					default:
+ 						while((err = ERR_get_error())) {
+@@ -1724,7 +1731,7 @@ int connection_state_machine(server *srv, connection *
+ 									ssl_r, ret,
+ 									ERR_error_string(err, NULL));
+ 						}
+-	
++
+ 						break;
+ 					}
+ 				}
diff --git a/www/lighttpd/patches/patch-src_keyvalue_c b/www/lighttpd/patches/patch-src_keyvalue_c
new file mode 100644
index 00000000000..913eb8d4294
--- /dev/null
+++ b/www/lighttpd/patches/patch-src_keyvalue_c
@@ -0,0 +1,14 @@
+$OpenBSD: patch-src_keyvalue_c,v 1.1 2012/11/15 10:46:58 brad Exp $
+
+Add PATCH method.
+
+--- src/keyvalue.c.orig	Wed Nov  7 21:34:07 2012
++++ src/keyvalue.c	Wed Nov  7 21:32:47 2012
+@@ -22,6 +22,7 @@ static keyvalue http_methods[] = {
+ 	{ HTTP_METHOD_OPTIONS, "OPTIONS" },
+ 	{ HTTP_METHOD_MKCOL, "MKCOL" },
+ 	{ HTTP_METHOD_PUT, "PUT" },
++	{ HTTP_METHOD_PATCH, "PATCH" },
+ 	{ HTTP_METHOD_DELETE, "DELETE" },
+ 	{ HTTP_METHOD_COPY, "COPY" },
+ 	{ HTTP_METHOD_MOVE, "MOVE" },
diff --git a/www/lighttpd/patches/patch-src_keyvalue_h b/www/lighttpd/patches/patch-src_keyvalue_h
new file mode 100644
index 00000000000..47e6df62428
--- /dev/null
+++ b/www/lighttpd/patches/patch-src_keyvalue_h
@@ -0,0 +1,14 @@
+$OpenBSD: patch-src_keyvalue_h,v 1.1 2012/11/15 10:46:58 brad Exp $
+
+Add PATCH method.
+
+--- src/keyvalue.h.orig	Wed Nov  7 21:34:20 2012
++++ src/keyvalue.h	Wed Nov  7 21:32:51 2012
+@@ -20,6 +20,7 @@ typedef enum {
+ 	HTTP_METHOD_PROPFIND,  /* WebDAV */
+ 	HTTP_METHOD_MKCOL,
+ 	HTTP_METHOD_PUT,
++	HTTP_METHOD_PATCH,
+ 	HTTP_METHOD_DELETE,
+ 	HTTP_METHOD_COPY,
+ 	HTTP_METHOD_MOVE,
diff --git a/www/lighttpd/patches/patch-src_response_c b/www/lighttpd/patches/patch-src_response_c
new file mode 100644
index 00000000000..9d9f81e588f
--- /dev/null
+++ b/www/lighttpd/patches/patch-src_response_c
@@ -0,0 +1,15 @@
+$OpenBSD: patch-src_response_c,v 1.5 2012/11/15 10:46:58 brad Exp $
+
+Handle ENAMETOOLONG, return 404 Not Found.
+
+--- src/response.c.orig	Wed Nov  7 21:34:30 2012
++++ src/response.c	Wed Nov  7 21:32:13 2012
+@@ -611,6 +611,8 @@ handler_t http_response_prepare(server *srv, connectio
+ 
+ 				buffer_reset(con->physical.path);
+ 				return HANDLER_FINISHED;
++			case ENAMETOOLONG:
++				/* file name to be read was too long. return 404 */
+ 			case ENOENT:
+ 				con->http_status = 404;
+