network/thttpd: Added to 13.0 repository

network/thttpd/README

@@ -0,0 +1,24 @@
+thttpd (the tiny/turbo/throttling HTTP server)
+
+thttpd is a simple, small, portable, fast, and secure HTTP server.
+Simple: It handles only the minimum necessary to implement HTTP/1.1.
+Well, maybe a little more than the minimum. Small: It has a very
+small run-time size, since it does not fork and is very careful about
+memory allocation. Portable: It compiles cleanly on most any
+Unix-like OS. Fast: In typical use it's about as fast as the best
+full-featured servers. Secure: It goes to great lengths to protect
+the web server machine against attacks and breakins from other sites.
+
+Notes:
+
+By default the directory to serve through HTTP will be '/var/www/thttpd',
+if you want to change it execute the SalckBuild for example as:
+  # WEBDIR='/opt/www' sh thttpd.SlackBuild
+for example.
+
+To build and use this package the user/group 'thttpd' is required to
+exists in your system. You can add it with:
+  # groupadd -g 227 thttpd
+  # useradd -u 227 -g 227 -c "User for thttpd" -d / -s /bin/false thttpd
+
+See http://slackbuilds.org/uid_gid.txt

network/thttpd/doinst.sh

@@ -0,0 +1,20 @@
+config() {
+  NEW="$1"
+  OLD="$(dirname $NEW)/$(basename $NEW .new)"
+  # If there's no config file by that name, mv it over:
+  if [ ! -r $OLD ]; then
+    mv $NEW $OLD
+  elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then
+    # toss the redundant copy
+    rm $NEW
+  fi
+  # Otherwise, we leave the .new copy for the admin to consider...
+}
+
+# Keep same perms on rc.INIT.new:
+if [ -e etc/rc.d/rc.thttpd ]; then
+  cp -a etc/rc.d/rc.thttpd etc/rc.d/rc.thttpd.new.incoming
+  cat etc/rc.d/rc.thttpd.new > etc/rc.d/rc.thttpd.new.incoming
+  mv etc/rc.d/rc.thttpd.new.incoming etc/rc.d/rc.thttpd.new
+fi
+

network/thttpd/patches/additional-input-validation-httpd.c.diff

@@ -0,0 +1,62 @@
+--- thttpd-2.25b/extras/htpasswd.c.orig	2006-03-31 04:12:42.281317000 +0000
++++ thttpd-2.25b/extras/htpasswd.c	2006-03-31 05:21:37.741632392 +0000
+@@ -151,6 +151,7 @@ void interrupted(int signo) {
+ int main(int argc, char *argv[]) {
+     FILE *tfp,*f;
+     char user[MAX_STRING_LEN];
++    char pwfilename[MAX_STRING_LEN];
+     char line[MAX_STRING_LEN];
+     char l[MAX_STRING_LEN];
+     char w[MAX_STRING_LEN];
+@@ -168,6 +169,25 @@ int main(int argc, char *argv[]) {
+             perror("fopen");
+             exit(1);
+         }
++        if (strlen(argv[2]) > (sizeof(pwfilename) - 1)) {
++            fprintf(stderr, "%s: filename is too long\n", argv[0]);
++	    exit(1);
++        }
++        if (((strchr(argv[2], ';')) != NULL) || ((strchr(argv[2], '>')) != NULL)) {
++	    fprintf(stderr, "%s: filename contains an illegal character\n",
++		argv[0]);
++	    exit(1);
++        }
++        if (strlen(argv[3]) > (sizeof(user) - 1)) {
++	    fprintf(stderr, "%s: username is too long\n", argv[0],
++		sizeof(user) - 1);
++	    exit(1);
++        }
++        if ((strchr(argv[3], ':')) != NULL) {
++            fprintf(stderr, "%s: username contains an illegal character\n",
++                argv[0]);
++            exit(1);
++        }
+         printf("Adding password for %s.\n",argv[3]);
+         add_password(argv[3],tfp);
+         fclose(tfp);
+@@ -180,6 +200,25 @@ int main(int argc, char *argv[]) {
+         exit(1);
+     }
+ 
++    if (strlen(argv[1]) > (sizeof(pwfilename) - 1)) {
++        fprintf(stderr, "%s: filename is too long\n", argv[0]);
++        exit(1);
++    }
++    if (((strchr(argv[1], ';')) != NULL) || ((strchr(argv[1], '>')) != NULL)) {
++        fprintf(stderr, "%s: filename contains an illegal character\n",
++                argv[0]);
++        exit(1);
++    }
++    if (strlen(argv[2]) > (sizeof(user) - 1)) {
++        fprintf(stderr, "%s: username is too long\n", argv[0],
++                sizeof(user) - 1);
++        exit(1);
++    }
++    if ((strchr(argv[2], ':')) != NULL) {
++        fprintf(stderr, "%s: username contains an illegal character\n",
++                argv[0]);
++        exit(1);
++    }
+     if(!(f = fopen(argv[1],"r"))) {
+         fprintf(stderr,
+                 "Could not open passwd file %s for reading.\n",argv[1]);

network/thttpd/patches/fix-buffer-overflow.diff

@@ -0,0 +1,21 @@
+diff -Nrup thttpd-2.25b.orig/libhttpd.c thttpd-2.25b/libhttpd.c
+--- thttpd-2.25b.orig/libhttpd.c	2003-12-25 19:06:05.000000000 +0000
++++ thttpd-2.25b/libhttpd.c	2007-01-08 21:43:28.000000000 +0000
+@@ -1469,7 +1469,7 @@ expand_symlinks( char* path, char** rest
+ 	    httpd_realloc_str( &checked, &maxchecked, checkedlen );
+ 	    (void) strcpy( checked, path );
+ 	    /* Trim trailing slashes. */
+-	    while ( checked[checkedlen - 1] == '/' )
++	    while ( checkedlen && checked[checkedlen - 1] == '/' )
+ 		{
+ 		checked[checkedlen - 1] = '\0';
+ 		--checkedlen;
+@@ -1488,7 +1488,7 @@ expand_symlinks( char* path, char** rest
+     restlen = strlen( path );
+     httpd_realloc_str( &rest, &maxrest, restlen );
+     (void) strcpy( rest, path );
+-    if ( rest[restlen - 1] == '/' )
++    if ( restlen && rest[restlen - 1] == '/' )
+ 	rest[--restlen] = '\0';         /* trim trailing slash */
+     if ( ! tildemapped )
+ 	/* Remove any leading slashes. */

network/thttpd/patches/fix-insecure-tmp-creation-CVE-2005-3124.diff

@@ -0,0 +1,19 @@
+diff -ru thttpd-2.23beta1.orig/extras/syslogtocern thttpd-2.23beta1/extras/syslogtocern
+--- thttpd-2.23beta1.orig/extras/syslogtocern	1999-09-15 18:00:54.000000000 +0200
++++ thttpd-2.23beta1/extras/syslogtocern	2005-10-26 01:45:34.000000000 +0200
+@@ -31,8 +31,8 @@
+     exit 1
+ fi
+ 
+-tmp1=/tmp/stc1.$$
+-rm -f $tmp1
++tmp1=``mktemp -t stc1.XXXXXX` || { echo "$0: Cannot create temporary file" >&2; exit 1;  }
++trap " [ -f \"$tmp1\" ] && /bin/rm -f -- \"$tmp1\"" 0 1 2 3 13 15
+ 
+ # Gather up all the thttpd entries.
+ egrep ' thttpd\[' $* > $tmp1
+@@ -65,4 +65,3 @@
+   sed -e "s,\([A-Z][a-z][a-z] [0-9 ][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]\) [^ ]* thttpd\[[0-9]*\]: \(.*\),[\1 ${year}] \2," > error_log
+ 
+ # Done.
+-rm -f $tmp1

network/thttpd/rc.thttpd

@@ -0,0 +1,63 @@
+#!/bin/sh
+
+# Start/stop/restart the thttpd daemon
+# Copyright (c) 2009 Antonio Hernández Blas <hba.nihilismus@gmail.com>
+
+CONF='/etc/thttpd.conf'
+CMMD="/usr/sbin/thttpd -C $CONF"
+
+thttpd_start() {
+  if [ -x /usr/sbin/thttpd ]; then
+    if [ -f $CONF ]; then
+      PIDOF=$(pgrep -f "$CMMD")
+      if [ ! -z "$PIDOF" ]; then
+        echo "Error, thttpd is already running."
+      else
+        echo "Starting thttpd:  $CMMD"
+        $CMMD
+      fi
+    else
+      echo "Error, file $CONF does not exist."
+    fi
+  fi
+}
+
+thttpd_stop() {
+  THTTPDPID=$(pgrep -f "$CMMD")
+  if [ -z $THTTPDPID ]; then
+    echo "Error, thttpd is not running."
+  else
+    echo "Stoping thttpd:  kill $THTTPDPID"
+    kill $THTTPDPID
+  fi
+}
+
+thttpd_status() {
+  PIDOF=$(pgrep -f "$CMMD")
+  if [ ! -z "$PIDOF" ]; then
+    echo "thttpd is running."
+  else
+    echo "thttpd is not running."
+  fi
+}
+
+case $1 in
+  start)
+    thttpd_start
+  ;;
+  stop)
+    thttpd_stop
+  ;;
+  restart)
+    thttpd_stop
+    sleep 3
+    thttpd_start
+  ;;
+  status)
+    thttpd_status
+  ;;
+  *)
+    echo "Usage $0 {start|stop|restart|status}"
+    exit 1
+  ;;
+esac

network/thttpd/slack-desc

@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description.  Line
+# up the first '|' above the ':' following the base package name, and the '|'
+# on the right side marks the last column you can put a character in.  You must
+# make exactly 11 lines for the formatting to be correct.  It's also
+# customary to leave one space after the ':'.
+
+      |-----handy-ruler------------------------------------------------------|
+thttpd: thttpd (the tiny/turbo/throttling HTTP server)
+thttpd:
+thttpd: thttpd is a simple, small, portable, fast, and secure HTTP server.
+thttpd: Simple: It handles only the minimum necessary to implement HTTP/1.1.
+thttpd: Well, maybe a little more than the minimum. Small: It has a very
+thttpd: small run-time size, since it does not fork and is very careful about
+thttpd: memory allocation. Portable: It compiles cleanly on most any
+thttpd: Unix-like OS. Fast: In typical use it's about as fast as the best
+thttpd: full-featured servers. Secure: It goes to great lengths to protect
+thttpd: the web server machine against attacks and breakins from other sites.
+thttpd: Homepage: http://acme.com/software/thttpd/

network/thttpd/thttpd.SlackBuild

@@ -0,0 +1,146 @@
+#!/bin/sh
+
+# Slackware build script for thttpd
+
+# Written by Antonio Hernández Blas <hba.nihilismus@gmail.com>
+
+# Copyright (c) 2008-2009, Antonio Hernández Blas <hba.nihilismus@gmail.com>
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+# 1.- Redistributions of source code must retain the above copyright
+#     notice, this list of conditions and the following disclaimer.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY
+# EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+PRGNAM=thttpd
+VERSION=${VERSION:-2.25b}
+ARCH=${ARCH:-i486}
+BUILD=${BUILD:-1}
+TAG=${TAG:-_SBo}
+
+CWD=$(pwd)
+TMP=${TMP:-/tmp/SBo}
+PKG=$TMP/package-$PRGNAM
+OUTPUT=${OUTPUT:-/tmp}
+
+if [ "$ARCH" = "i486" ]; then
+  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "i686" ]; then
+  SLKCFLAGS="-O2 -march=i686 -mtune=i686"
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+  SLKCFLAGS="-O2 -fPIC"
+  LIBDIRSUFFIX="64"
+fi
+
+# Set the directory to serve through HTTP
+WEBDIR=${WEBDIR:-/var/www/$PRGNAM}
+
+set -e
+
+rm -rf $PKG
+mkdir -p $TMP $PKG $OUTPUT
+cd $TMP
+rm -rf $PRGNAM-$VERSION
+tar xvf $CWD/$PRGNAM-$VERSION.tar.gz
+cd $PRGNAM-$VERSION
+chown -R root:root .
+find . \
+ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
+ -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
+ -exec chmod 644 {} \;
+
+# Apply some patches, from gentoo:
+cat $CWD/patches/additional-input-validation-httpd.c.diff | patch -p1
+cat $CWD/patches/fix-buffer-overflow.diff | patch -p1
+cat $CWD/patches/fix-insecure-tmp-creation-CVE-2005-3124.diff | patch -p1
+
+CFLAGS="$SLKCFLAGS" \
+CXXFLAGS="$SLKCFLAGS" \
+./configure \
+  --prefix=/usr \
+  --libdir=/usr/lib${LIBDIRSUFFIX} \
+  --sysconfdir=/etc \
+  --localstatedir=/var \
+  --mandir=/usr/man \
+  --build=$ARCH-slackware-linux
+
+# Fix 'DESTDIR'
+sed -i \
+  -e 's/$(DESTDIR)//g' \
+  -e '/prefix =/ s/\/usr/$(DESTDIR)\/usr/' \
+  -e '/MANDIR =/ s/\/usr\/man/$(DESTDIR)\/usr\/man/' \
+  -e '/WEBDIR =/ s/$(prefix)\/www/$(DESTDIR)'$(echo $WEBDIR | sed 's/\//\\\//g')'/' \
+    Makefile* extras/Makefile* cgi-src/Makefile*
+
+# Change the group to 'thttpd', rather than 'www'
+sed -i '/WEBGROUP =/ s/www/'$PRGNAM'/' Makefile* extras/Makefile* cgi-src/Makefile*
+
+## Use this line ONLY if your are going to build thttpd as a normal user.
+##sed -i '/WEBGROUP =/ s/www/'$(/bin/id -ng)'/' Makefile* extras/Makefile* cgi-src/Makefile*
+
+# Disable the use of bin as owner user and group. 
+sed -i 's/-o bin -g bin//' Makefile* extras/Makefile* cgi-src/Makefile*
+# Create required directories
+mkdir -p $PKG/etc/rc.d $PKG/usr/man/man1 $PKG/etc/logrotate.d
+
+make
+make install DESTDIR=$PKG
+
+( cd $PKG
+  find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | \
+    xargs strip --strip-unneeded 2> /dev/null || true
+  find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | \
+    xargs strip --strip-unneeded 2> /dev/null
+)
+
+# Install default html file.
+install -m 644 index.html $PKG/$WEBDIR
+# Install default configuration file
+install -m 644 $CWD/$PRGNAM.conf $PKG/etc/$PRGNAM.conf.new
+# Edit the configuration file to reflect the value of $WEBDIR
+sed -i 's/^dir=.*/dir='$(echo $WEBDIR | sed 's/\//\\\//g')'/' $PKG/etc/$PRGNAM.conf.new
+# Install runtime script
+install -m 755 $CWD/rc.$PRGNAM $PKG/etc/rc.d/rc.$PRGNAM.new
+# Install lograte file
+install -m 644 $CWD/$PRGNAM.logrotate $PKG/etc/logrotate.d/$PRGNAM
+
+if [ -d $PKG/usr/man ]; then
+  ( cd $PKG/usr/man
+    find . -type f -exec gzip -9 {} \;
+    for i in $( find . -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
+  )
+fi
+
+mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
+cp -a FILES INSTALL README TODO scripts $PKG/usr/doc/$PRGNAM-$VERSION
+cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+cat $CWD/doinst.sh > $PKG/install/doinst.sh
+echo "config etc/$PRGNAM.conf.new" >> $PKG/install/doinst.sh
+echo "config etc/rc.d/rc.$PRGNAM.new" >> $PKG/install/doinst.sh
+
+# Fix permissions.
+find $PKG/usr/doc/$PRGNAM-$VERSION -type f -exec chmod 644 {} \;
+
+# To avoid a conflict with httpd(apache) package.
+mv $PKG/usr/man/man1/htpasswd.1.gz $PKG/usr/man/man1/htpasswd-$PRGNAM.1.gz
+mv $PKG/usr/sbin/htpasswd $PKG/usr/sbin/htpasswd-$PRGNAM
+
+cd $PKG
+/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}

network/thttpd/thttpd.conf

@@ -0,0 +1,9 @@
+# /etc/thttpd.conf
+# Minimal configuration file for thttpd
+# Check thttpd(8) for more options.
+host=localhost
+port=80
+user=thttpd
+dir=/var/www/thttpd
+logfile=/var/log/thttpd.log
+pidfile=/var/run/thttpd.pid

network/thttpd/thttpd.info

@@ -0,0 +1,10 @@
+PRGNAM="thttpd"
+VERSION="2.25b"
+HOMEPAGE="http://acme.com/software/thttpd/"
+DOWNLOAD="http://acme.com/software/thttpd/thttpd-2.25b.tar.gz"
+MD5SUM="156b249b3b0bcd48b06badd2db0d56c5"
+DOWNLOAD_x86_64=""
+MD5SUM_x86_64=""
+MAINTAINER="Antonio Hernández Blas"
+EMAIL="hba.nihilismus@gmail.com"
+APPROVED="dsomero"

network/thttpd/thttpd.logrotate

@@ -0,0 +1,12 @@
+/var/log/thttpd.log {
+  daily
+  rotate 5
+  compress
+  delaycompress
+  missingok
+  notifempty
+  sharedscripts
+  postrotate
+    /etc/rc.d/rc.thttpd restart
+  endscript
+}