SlowHTTPTest is a highly configurable tool that simulates some
Application Layer Denial of Service attacks.
It implements most common low-bandwidth Application Layer DoS attacks,
such as slowloris, Slow HTTP POST, Slow Read attack (based on TCP persist
timer exploit) by draining concurrent connections pool, as well as Apache
Range Header attack by causing very significant memory and CPU usage on the
server.
Slowloris and Slow HTTP POST DoS attacks rely on the fact that the HTTP
protocol, by design, requires requests to be completely received by the
server before they are processed. If an HTTP request is not complete, or if
the transfer rate is very low, the server keeps its resources busy waiting
for the rest of the data. If the server keeps too many resources busy, this
creates a denial of service. This tool is sending partial HTTP requests,
trying to get denial of service from target HTTP server.
Slow Read DoS attack aims the same resources as slowloris and slow POST,
but instead of prolonging the request, it sends legitimate HTTP request and
reads the response slowly.
- Buffer overflow when pasting too long text from clipboard to dialog
boxes (not remotely exploitable)
- A write out of allocated memory in the graphics renderer
(potentially exploitable)
- An infinite loop when parsing invalid usemap specification in text and
graphics mode (can cause browser lockup, but not otherwise exploitable)
- Accesses out of memory in the xbm decoder (potentially exploitable)
Also drop dip.c patch to resolve crashes with libpng 1.5, upstream
appears to have fixed this separately in the update to 2.5.
Thanks jasper@ for additional testing.
Using Catalyst::Plugin::FormValidator is not recommended as the module
takes over the global $c->form method, rather than being applicable in
only part of your Catalyst application. Furthermore,
Data::FormValidator itself is not recommended for use.
from Andreas Voegele
Catalyst::Plugin::Cache::Store::FastMmap is deprecated because
Cache::FastMmap no longer needs to be wrapped to store plain values.
from Andreas Voegele
Fixes Catalyst with Moose 1.24+, this has been broken in the tree for a
while.
This and the many related updates to follow are all from Andreas Voegele's
repo at https://github.com/voegelas/openbsd-mystuff, thanks Andreas, this must
have been a huge bunch of work. I have forked this at github/sthen/p5-ports-wip
and am removing things from there once committed, there are various additional
new perl ports there and it would be nice if people could help work through
what's left.
Plack::Test::ExternalServer allows your to run your Plack::Test tests
against an external server instead of just against a local application
through either mocked HTTP or a locally spawned server.
Plack::Middleware::ReverseProxy resets some HTTP headers, which were
changed by reverse-proxy. You can specify the reverse proxy address and
stop fake requests using the 'enable_if' directive in your app.psgi.
Adds a "COMPONENT" method to your Catalyst component base class that
reads the optional traits parameter from app and component config and
instantiates the component subclass with those traits using
"new_with_traits" in MooseX::Traits from MooseX::Traits::Pluggable.
Catalyst::Plugin::Cache::Store::FastMmap is deprecated because
Cache::FastMmap no longer needs to be wrapped to store plain values.
from Andreas Voegele's repo
Catalyst::Plugin::Cache::FileCache has been deprecated in favor of
Catalyst::Plugin::Cache, which can be configured to use a FileCache
backend.
from Andreas Voegele's repo
- disable static libs, shrinks package size by a factor 3
- now depends on geoclue for geolocation purposes (of course its up to
the browsers to enable the feature or not..)
- simplify Makefile/FLAVORS/SHARED_LIBS
- fold most of the PFRAGs to PLIST by using variables
- remove patch-Source_JavaScriptCore_runtime_JSValue_h, seems it was
added for sparc64 but now it breaks the build there, and noone has been
able to justify the addition of that patch. Without it, GtkLauncher
shows simple html websites on sparc64 and crashes as soon as some js is
involved, but thats not much different from before
- remove patch-Source_JavaScriptCore_wtf_text_StringHash_h &
patch-Source_JavaScriptCore_wtf_text_StringImpl_cpp, replaced by
patch-Source_JavaScriptCore_runtime_UString_h for mips64/sparc64
- add patch-Source_JavaScriptCore_wtf_NumberOfCores_cpp for #82585
tested on i386/amd64 by several, amd64 bulk build, ppc & sparc64 testing
by myself. mips64el in the works..
ok ajacoutot@
fcgi-cgi is a wrapper around CGI applications to support running them under
FastCGI for use with webservers such as nginx and lighttpd 2.x which do not
support running cgi scripts/binaries directly.
MESSAGE->README, mostly from Johan Huldtgren with tweaks by me
Readd missing '@comment no checksum' lines
Add config fragments for nginx, from Johan Huldtgren
- add rss.tpl & rss_item.tpl
- install the new 'bright' template
- copy navdirectory.tpl from 'bright' to other templates since it's
missing (also debian bug #645356)
- bump
- Fixes MFSA 2012-12->19
- see http://www.seamonkey-project.org/releases/seamonkey2.8/
- complete patchset for #691898, still fixes build on ppc (and hopefully
commited in firefox 14...)
- add patchset from #706955, workarounds #669050 (xpcshell hangs during
make install and chokes on CSPUtils.csm, threads related..)
- remove obsolete/commited patches
- Fixes MFSA 2012-12->19
- see http://www.mozilla.org/en-US/firefox/11.0/releasenotes/
- complete patchset for #691898, still fixes build on ppc (and hopefully
commited in firefox 14...)
- add patchset from #706955, workarounds #669050 (xpcshell hangs during
make install and chokes on CSPUtils.csm, threads related..)
- remove obsolete/commited patches
ownCloud gives you easy and universal access to all of your files.
It also provides a platform to easily view, sync and share your
contacts, calendars, bookmarks and files across all your devices.
ok robert@
- remove dep on gtar
- patch config.php-dist & update.php to use MODPHP_BIN
- fix perms in PLIST, use @owner www for dirs where tt-rss writes
- switch MESSAGE to README, and improve the latter
- provide an rc script for the daemon updating the feeds
ok ajacoutot@
- huge cleanup of README, use PKG_DBDIR pkg_add -B to hint people how to
properly install A::G and its deps in apache's chroot, instead of
manually copying the deps/modules.
- set EPOCH=0, since 1.0RC3 wasn't a proper version
- provide an apache-gallery.conf @sample in conf/modules.sample, as other
www ports do, instead of a VHost to copy/paste
- add UNMESSAGE telling how to completely disable/remove A::G
ok ajacoutot@
The IcedTea-Web project provides a Free Software web browser plugin
running applets written in the Java programming language and an
implementation of Java Web Start, originally based on the NetX project.
It works in gecko-based AND webkit-based browsers, and is meant as a
replacement for the dead/unmaintained/dreaded sun java plugin.
It is still a it rough at the edges (java process sometimes doesn't
finish when tab is closed, awt exceptions upon first paint), but let's
import it so that people can try it and debug it.
ok sthen@
- switch to .tar.xz distfile
- bump libjavascriptgtk major
- backport a commit from upstream bz #68314, fixes issues on twitter
tested by aja@/pstumpf@/kili@ on amd64 & myself on i386/ppc.
Same comments as for thunderbird, and remove i18n xpis from the port,
they bring 20Mb to the package without reason and will be better as
no-arch in www/seamonkey-i18n.
- Fixes MFSA-2012-01..11
- remove patch-gfx_qcms_qcmstypes_h & patch-toolkit_xre_glxtest_cpp,
were commited upstream (bugs #651444 & #687320)
- remove patch-js_src_xpconnect_src_Makefile_in, dom_quickstubs.cpp hack
was apparently only needed with gcc3
- remove patch-xpcom_base_nsStackWalk_cpp, codepath not reached/solaris
only.
- add https://bug691898.bugzilla.mozilla.org/attachment.cgi?id=588391 to
use yarr interpreter on ppc, bug #691898 still being worked on
- backport https://hg.mozilla.org/mozilla-central/rev/9cfdb612a026, fixes
endianess detection on BSDs using machine/endian.h (bug #714312)
- S/b/beta/ in MOZILLA_VERSION for simpler PKGNAME by default
- only add js/src/xpconnect/shell/Makefile.in to MOZILLA_SUBST_FILES if
branch is 1.9.1/1.9.2, file disappeared in 10
- add LDFLAGS="-Wl,--no-keep-memory" to CONFIGURE_ENV to prevent libxul
linking from failing on low memory archs.
- Add a -shm FLAVOR in addition to the default (mmap), and indicate
the difference in DESCR (requested by sthen@)
- Make the MESSAGE's instructions true by @sample'ing the module's ini
file so it exists (reported by "f5b" and Glen Searle, thanks)
- simplify by making better use of the lang/php MODULE
ok sthen
multipackages, allows to parallelize builds in dpb. This way they also
share PLIST and DESCR.. while here take maintainership (agreed by previous)
and set @pkgpath for seamless updates.
prodded by/based on an initial work by espie@
nine releases to mention here.
1.9.x is pretty much end-of-line, so if anyone is actually using
this port, please consider updating it to a release which upstream are
actually supporting.
- remove "let HEAD for 0-byte files return the Content-Length" patch,
there are some cases where this is undesirable
- fix handling if etags are disabled but cache-dir is set - may
lead to double response
server and tools.
The framework is distinct from most mainstream web server frameworks
(and certainly most Python frameworks) because it is non-blocking and
reasonably fast. Because it is non-blocking and uses epoll or kqueue, it
can handle thousands of simultaneous standing connections, which means
it is ideal for real-time web services.
ok benoit@, Wen Heping (thanks).