Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Release 8.5

  • Loading branch information...
commit 4d7196fc1d811a448476332cff38dbf76e4cc988 0 parents
@hsleisink authored
Showing with 31,961 additions and 0 deletions.
  1. +1 −0  AUTHORS
  2. +96 −0 CMakeFiles.txt
  3. +156 −0 CMakeLists.txt
  4. +1,125 −0 ChangeLog
  5. +38 −0 INSTALL
  6. +339 −0 LICENSE
  7. +12 −0 cmake/CopyIfNotExists.cmake
  8. +182 −0 cmake/GNUInstallDirs.cmake
  9. +47 −0 config.h.in
  10. +17 −0 config/cgi-wrapper.conf
  11. +110 −0 config/hiawatha.conf.in
  12. +117 −0 config/index.xslt
  13. +91 −0 config/mimetype.conf
  14. +23 −0 config/php-fcgi.conf.in
  15. +23 −0 config/toolkit.conf
  16. +47 −0 extra/config.h
  17. +1 −0  extra/debian/README.debian
  18. +1 −0  extra/debian/compat
  19. +16 −0 extra/debian/control
  20. +10 −0 extra/debian/copyright
  21. +8 −0 extra/debian/hiawatha.dirs
  22. +17 −0 extra/debian/hiawatha.dsc
  23. +5 −0 extra/debian/hiawatha.postinst
  24. +5 −0 extra/debian/hiawatha.postrm
  25. +4 −0 extra/debian/hiawatha.prerm
  26. +1 −0  extra/debian/hiawatha.substvars
  27. +15 −0 extra/debian/info
  28. +116 −0 extra/debian/init.d/hiawatha
  29. +69 −0 extra/debian/init.d/php-fcgi
  30. +1 −0  extra/debian/source/format
  31. +52 −0 extra/hiawatha.html
  32. +49 −0 extra/index.html
  33. +9 −0 extra/logrotate.in
  34. +48 −0 extra/macosx/HiawathaWebserver.prefPane/Contents/Info.plist
  35. BIN  extra/macosx/HiawathaWebserver.prefPane/Contents/MacOS/HiawathaWebserver
  36. BIN  extra/macosx/HiawathaWebserver.prefPane/Contents/Resources/English.lproj/HiawathaWebserverPref.nib
  37. BIN  extra/macosx/HiawathaWebserver.prefPane/Contents/Resources/English.lproj/InfoPlist.strings
  38. BIN  extra/macosx/HiawathaWebserver.prefPane/Contents/Resources/HiawathaWebserverPref.tiff
  39. BIN  extra/macosx/HiawathaWebserver.prefPane/Contents/Resources/hiawatha_logo.png
  40. BIN  extra/macosx/HiawathaWebserver.prefPane_source.tar.gz
  41. +1 −0  extra/macosx/Introduction.txt
  42. +339 −0 extra/macosx/License.txt
  43. +3 −0  extra/macosx/Readme.txt
  44. +8 −0 extra/macosx/diskimage/Installation.txt
  45. +19 −0 extra/macosx/diskimage/Uninstallation.txt
  46. +1 −0  extra/macosx/hiawatha.pmdoc/01root-contents.xml
  47. +1 −0  extra/macosx/hiawatha.pmdoc/01root.xml
  48. BIN  extra/macosx/hiawatha.pmdoc/hiawatha_logo.png
  49. +1 −0  extra/macosx/hiawatha.pmdoc/index.xml
  50. BIN  extra/macosx/hiawatha_logo.png
  51. +20 −0 extra/macosx/org.hiawatha-webserver.httpd.plist
  52. +52 −0 extra/make_debian_extra
  53. +75 −0 extra/make_debian_package
  54. +72 −0 extra/make_macosx_package
  55. +22 −0 extra/make_source_package
  56. +93 −0 extra/make_windows_package
  57. +9 −0 extra/mkcert
  58. +117 −0 extra/newroot
  59. BIN  extra/windows/Hiawatha webserver.lnk
  60. +12 −0 extra/windows/Hiawatha.bat
  61. BIN  extra/windows/Hiawatha.ico
  62. +30 −0 extra/windows/Installation.txt
  63. BIN  extra/windows/PHP5 FastCGI.lnk
  64. +12 −0 extra/windows/TestConfig.bat
  65. +81 −0 extra/windows/hiawatha.conf
  66. +52 −0 man/cgi-wrapper.1.in
  67. +971 −0 man/hiawatha.1.in
  68. +31 −0 man/newroot.1
  69. +67 −0 man/php-fcgi.1.in
  70. +102 −0 man/ssi-cgi.1
  71. +41 −0 man/wigwam.1
  72. +31 −0 polarssl/CMakeLists.txt
  73. +522 −0 polarssl/ChangeLog
  74. +339 −0 polarssl/LICENSE
  75. +11 −0 polarssl/include/CMakeLists.txt
  76. +176 −0 polarssl/include/polarssl/aes.h
  77. +80 −0 polarssl/include/polarssl/arc4.h
  78. +244 −0 polarssl/include/polarssl/asn1.h
  79. +87 −0 polarssl/include/polarssl/base64.h
  80. +632 −0 polarssl/include/polarssl/bignum.h
  81. +742 −0 polarssl/include/polarssl/bn_mul.h
  82. +182 −0 polarssl/include/polarssl/camellia.h
  83. +47 −0 polarssl/include/polarssl/certs.h
  84. +456 −0 polarssl/include/polarssl/cipher.h
  85. +91 −0 polarssl/include/polarssl/cipher_wrap.h
  86. +688 −0 polarssl/include/polarssl/config.h
  87. +228 −0 polarssl/include/polarssl/ctr_drbg.h
  88. +89 −0 polarssl/include/polarssl/debug.h
  89. +227 −0 polarssl/include/polarssl/des.h
  90. +153 −0 polarssl/include/polarssl/dhm.h
  91. +150 −0 polarssl/include/polarssl/entropy.h
  92. +75 −0 polarssl/include/polarssl/entropy_poll.h
  93. +101 −0 polarssl/include/polarssl/error.h
  94. +71 −0 polarssl/include/polarssl/havege.h
  95. +354 −0 polarssl/include/polarssl/md.h
  96. +153 −0 polarssl/include/polarssl/md2.h
  97. +152 −0 polarssl/include/polarssl/md4.h
  98. +154 −0 polarssl/include/polarssl/md5.h
  99. +64 −0 polarssl/include/polarssl/md_wrap.h
  100. +159 −0 polarssl/include/polarssl/net.h
  101. +136 −0 polarssl/include/polarssl/openssl.h
  102. +100 −0 polarssl/include/polarssl/padlock.h
  103. +100 −0 polarssl/include/polarssl/pem.h
  104. +126 −0 polarssl/include/polarssl/pkcs11.h
  105. +372 −0 polarssl/include/polarssl/rsa.h
  106. +152 −0 polarssl/include/polarssl/sha1.h
  107. +160 −0 polarssl/include/polarssl/sha2.h
  108. +168 −0 polarssl/include/polarssl/sha4.h
  109. +703 −0 polarssl/include/polarssl/ssl.h
  110. +75 −0 polarssl/include/polarssl/timing.h
  111. +81 −0 polarssl/include/polarssl/version.h
  112. +726 −0 polarssl/include/polarssl/x509.h
  113. +111 −0 polarssl/include/polarssl/xtea.h
  114. +56 −0 polarssl/library/CMakeLists.txt
  115. +72 −0 polarssl/library/Makefile
  116. +1,336 −0 polarssl/library/aes.c
  117. +169 −0 polarssl/library/arc4.c
  118. +260 −0 polarssl/library/asn1parse.c
  119. +254 −0 polarssl/library/base64.c
  120. +2,111 −0 polarssl/library/bignum.c
  121. +1,035 −0 polarssl/library/camellia.c
  122. +196 −0 polarssl/library/certs.c
  123. +527 −0 polarssl/library/cipher.c
  124. +552 −0 polarssl/library/cipher_wrap.c
  125. +566 −0 polarssl/library/ctr_drbg.c
  126. +238 −0 polarssl/library/debug.c
  127. +993 −0 polarssl/library/des.c
  128. +302 −0 polarssl/library/dhm.c
  129. +204 −0 polarssl/library/entropy.c
  130. +136 −0 polarssl/library/entropy_poll.c
  131. +512 −0 polarssl/library/error.c
  132. +231 −0 polarssl/library/havege.c
  133. +297 −0 polarssl/library/md.c
  134. +364 −0 polarssl/library/md2.c
  135. +460 −0 polarssl/library/md4.c
  136. +583 −0 polarssl/library/md5.c
  137. +715 −0 polarssl/library/md_wrap.c
  138. +356 −0 polarssl/library/net.c
  139. +162 −0 polarssl/library/padlock.c
  140. +352 −0 polarssl/library/pem.c
  141. +238 −0 polarssl/library/pkcs11.c
  142. +1,211 −0 polarssl/library/rsa.c
  143. +624 −0 polarssl/library/sha1.c
  144. +705 −0 polarssl/library/sha2.c
  145. +760 −0 polarssl/library/sha4.c
  146. +833 −0 polarssl/library/ssl_cli.c
Sorry, we could not display the entire diff because it was too big.
1  AUTHORS
@@ -0,0 +1 @@
+The Hiawatha webserver has been written by Hugo Leisink <hugo@leisink.net>.
96 CMakeFiles.txt
@@ -0,0 +1,96 @@
+# cgi-wrapper sources
+set(cgi_wrapper_src
+ src/alternative.c
+ src/cgi-wrapper.c
+ src/userconfig.c
+ src/libfs.c
+ src/libstr.c
+)
+
+# hiawatha sources
+set(hiawatha_src
+ src/alternative.c
+ src/cache.c
+ src/cgi.c
+ src/client.c
+ src/envir.c
+ src/hiawatha.c
+ src/http.c
+ src/httpauth.c
+ src/libfs.c
+ src/libip.c
+ src/liblist.c
+ src/libssl.c
+ src/libstr.c
+ src/log.c
+ src/mimetype.c
+ src/monitor.c
+ src/rproxy.c
+ src/send.c
+ src/serverconfig.c
+ src/session.c
+ src/target.c
+ src/tomahawk.c
+ src/toolkit.c
+ src/userconfig.c
+ src/xslt.c
+)
+if(NOT ENABLE_SSL)
+ set(hiawatha_src ${hiawatha_src} polarssl/library/md5.c)
+endif()
+
+# php-fcgi sources
+set(php_fcgi_src
+ src/alternative.c
+ src/libip.c
+ src/liblist.c
+ src/libstr.c
+ src/php-fcgi.c
+ src/userconfig.c
+)
+
+# ssi-cgi sources
+set(ssi_cgi_src
+ src/alternative.c
+ src/libfs.c
+ src/libip.c
+ src/liblist.c
+ src/libstr.c
+ src/ssi-cgi.c
+)
+
+# wigwam sources
+set(wigwam_src
+ src/alternative.c
+ src/libfs.c
+ src/libip.c
+ src/libstr.c
+ src/liblist.c
+ src/toolkit.c
+ src/wigwam.c
+ polarssl/library/md5.c
+)
+
+# configuration files
+set(config_files
+ config/cgi-wrapper.conf
+ config/index.xslt
+ config/mimetype.conf
+)
+
+set(config_files_in
+ config/hiawatha.conf
+ config/php-fcgi.conf
+)
+
+# manual pages
+set(manual_pages
+ man/ssi-cgi.1
+ man/wigwam.1
+)
+
+set(manual_pages_in
+ man/cgi-wrapper.1
+ man/hiawatha.1
+ man/php-fcgi.1
+)
156 CMakeLists.txt
@@ -0,0 +1,156 @@
+cmake_minimum_required(VERSION 2.8.4)
+project(Hiawatha C)
+
+# Options
+option(ENABLE_CACHE "Enable cache support in Hiawatha." on)
+option(ENABLE_CHROOT "Enable chroot support in Hiawatha." off)
+option(ENABLE_DEBUG "Enable debug information (for development only)." off)
+option(ENABLE_IPV6 "Enable IPv6 support in Hiawatha." on)
+option(ENABLE_MONITOR "Enable support for the Hiawatha Monitor." off)
+option(ENABLE_RPROXY "Enable reverse proxy support in Hiawatha." on)
+option(ENABLE_SSL "Enable SSL (PolarSSL) support in Hiawatha." on)
+option(ENABLE_TOMAHAWK "Enable Tomahawk in Hiawatha" off)
+option(ENABLE_TOOLKIT "Enable the URL toolkit in Hiawatha" on)
+option(ENABLE_XSLT "Enable XSLT support in Hiawatha." on)
+
+# Includes
+include(CMakeFiles.txt)
+include(CheckIncludeFile)
+include(CheckIncludeFiles)
+include(CheckFunctionExists)
+include(CheckLibraryExists)
+include(FindLibXml2)
+include(FindLibXslt)
+include(cmake/GNUInstallDirs.cmake)
+include(cmake/CopyIfNotExists.cmake)
+
+# Settings
+set(HIAWATHA_VERSION_MAJOR 8)
+set(HIAWATHA_VERSION_MINOR 5)
+set(HIAWATHA_VERSION_PATCH 0)
+string(TOLOWER ${CMAKE_PROJECT_NAME} PROJECT_NAME)
+if(${HIAWATHA_VERSION_PATCH} EQUAL 0)
+ set(HIAWATHA_VERSION "${HIAWATHA_VERSION_MAJOR}.${HIAWATHA_VERSION_MINOR}")
+else()
+ set(HIAWATHA_VERSION "${HIAWATHA_VERSION_MAJOR}.${HIAWATHA_VERSION_MINOR}.${HIAWATHA_VERSION_PATCH}")
+endif()
+if(EXISTS "/proc/loadavg")
+ option(ENABLE_LOADCHECK "Enable the ability to check for server load." on)
+endif()
+set(CONFIG_DIR ${CMAKE_INSTALL_FULL_SYSCONFDIR}/hiawatha CACHE STRING "Configuration directory")
+set(LOG_DIR ${CMAKE_INSTALL_FULL_LOCALSTATEDIR}/log/hiawatha CACHE STRING "Log directory")
+set(PID_DIR ${CMAKE_INSTALL_FULL_LOCALSTATEDIR}/run CACHE STRING "PID directory")
+set(WEBROOT_DIR ${CMAKE_INSTALL_FULL_LOCALSTATEDIR}/www/hiawatha CACHE STRING "Webroot directory")
+set(WORK_DIR ${CMAKE_INSTALL_FULL_LOCALSTATEDIR}/lib/hiawatha CACHE STRING "Work directory")
+set(CMAKE_BUILD_TYPE "RelWithDebInfo")
+set(CMAKE_C_FLAGS "-Wall -Wextra")
+
+# Compiler options
+check_include_file(crypt.h HAVE_CRYPT_H)
+check_include_file(arpa/inet.h HAVE_ARPA_INET_H)
+check_include_files("sys/types.h;netinet/in.h" HAVE_NETINET_IN_H)
+check_include_files("sys/types.h;netinet/tcp.h" HAVE_NETINET_TCP_H)
+check_include_file(rpcsvc/crypt.h HAVE_RPCSVC_CRYPT_H)
+
+check_function_exists(setenv HAVE_SETENV)
+check_function_exists(unsetenv HAVE_UNSETENV)
+check_function_exists(clearenv HAVE_CLEARENV)
+check_function_exists(strcasecmp HAVE_STRCASECMP)
+check_function_exists(strncasecmp HAVE_STRNCASECMP)
+check_function_exists(strnstr HAVE_STRNSTR)
+check_function_exists(strcasestr HAVE_STRCASESTR)
+
+check_library_exists(crypt crypt "" HAVE_CRYPT_LIBRARY)
+check_library_exists(network socket "" HAVE_NETWORK_LIBRARY)
+check_library_exists(z gzdopen "" HAVE_Z_LIBRARY)
+
+if(HAVE_CRYPT_LIBRARY)
+ set(CRYPT_LIBRARY "crypt")
+endif()
+if(HAVE_NETWORK_LIBRARY)
+ set(NETWORK_LIBRARY "network")
+endif()
+if(HAVE_Z_LIBRARY)
+ set(Z_LIBRARY "z")
+endif()
+if (APPLE OR CYGWIN)
+ set(CIFS 1)
+endif()
+
+# CPack
+set(CPACK_PACKAGE_VERSION_MAJOR ${HIAWATHA_VERSION_MAJOR})
+set(CPACK_PACKAGE_VERSION_MINOR ${HIAWATHA_VERSION_MINOR})
+set(CPACK_PACKAGE_VERSION_PATCH ${HIAWATHA_VERSION_PATCH})
+set(CPACK_SOURCE_GENERATOR "TGZ")
+set(CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${HIAWATHA_VERSION}")
+set(CPACK_SOURCE_IGNORE_FILES "/build(/|_.*/)")
+include(CPack)
+
+# PolarSSL
+if(ENABLE_SSL)
+ option(USE_SHARED_POLARSSL_LIBRARY "Build PolarSSL as a shared library." ON)
+ set(CMAKE_INSTALL_NAME_DIR ${CMAKE_INSTALL_FULL_LIBDIR}/hiawatha)
+ set(LIB_INSTALL_DIR ${CMAKE_INSTALL_LIBDIR}/hiawatha)
+ add_subdirectory(polarssl)
+ set(POLARSSL_LIBRARY "polarssl")
+endif()
+
+# Hiawatha
+include_directories(${CMAKE_CURRENT_BINARY_DIR} polarssl/include)
+if(ENABLE_XSLT)
+ include_directories(${LIBXML2_INCLUDE_DIR} ${LIBXSLT_INCLUDE_DIR})
+endif()
+
+# Configure files
+configure_file(config.h.in config.h)
+foreach (configfile ${config_files_in})
+ configure_file(${configfile}.in ${configfile} @ONLY)
+endforeach()
+foreach(manpage ${manual_pages_in})
+ configure_file(${manpage}.in ${manpage})
+endforeach()
+configure_file(extra/logrotate.in logrotate.d/hiawatha)
+
+# Binaries
+add_executable(cgi-wrapper ${cgi_wrapper_src})
+add_executable(hiawatha ${hiawatha_src})
+add_executable(php-fcgi ${php_fcgi_src})
+add_executable(ssi-cgi ${ssi_cgi_src})
+add_executable(wigwam ${wigwam_src})
+target_link_libraries(wigwam ${CRYPT_LIBRARY})
+target_link_libraries(hiawatha ${CRYPT_LIBRARY} pthread ${Z_LIBRARY})
+if(ENABLE_SSL)
+ target_link_libraries(hiawatha ${POLARSSL_LIBRARY})
+ set_target_properties(hiawatha PROPERTIES INSTALL_RPATH ${CMAKE_INSTALL_FULL_LIBDIR}/hiawatha)
+endif()
+if(ENABLE_XSLT)
+ target_link_libraries(hiawatha ${LIBXML2_LIBRARIES} ${LIBXSLT_LIBRARIES})
+endif()
+
+# Installation
+install(TARGETS hiawatha php-fcgi wigwam DESTINATION ${CMAKE_INSTALL_SBINDIR})
+install(TARGETS cgi-wrapper DESTINATION ${CMAKE_INSTALL_SBINDIR}
+ PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE SETUID)
+install(TARGETS ssi-cgi DESTINATION ${CMAKE_INSTALL_BINDIR})
+if(ENABLE_CHROOT)
+ install(PROGRAMS extra/newroot DESTINATION ${CMAKE_INSTALL_SBINDIR})
+endif()
+
+foreach(configfile ${config_files})
+ install(CODE "copy_if_not_exists(\"${CMAKE_SOURCE_DIR}/${configfile}\" \"${CONFIG_DIR}\")")
+endforeach()
+foreach(configfile ${config_files_in})
+ install(CODE "copy_if_not_exists(\"${CMAKE_CURRENT_BINARY_DIR}/${configfile}\" \"${CONFIG_DIR}\")")
+endforeach()
+
+install(FILES ${manual_pages} DESTINATION ${CMAKE_INSTALL_FULL_MANDIR}/man1)
+foreach(manpage ${manual_pages_in})
+ install(FILES ${CMAKE_CURRENT_BINARY_DIR}/${manpage} DESTINATION ${CMAKE_INSTALL_FULL_MANDIR}/man1)
+endforeach()
+
+install(FILES extra/index.html DESTINATION ${WEBROOT_DIR})
+
+# Create directories
+install(DIRECTORY empty DESTINATION ${LOG_DIR} PATTERN "empty" EXCLUDE)
+install(DIRECTORY empty DESTINATION ${PID_DIR} PATTERN "empty" EXCLUDE)
+install(DIRECTORY empty DESTINATION ${WORK_DIR} PATTERN "empty" EXCLUDE)
1,125 ChangeLog
@@ -0,0 +1,1125 @@
+hiawatha (8.5) stable; urgency=low
+
+ * Improved Reverse Proxy.
+ * Changed error message style.
+ * Renamed Command Channel to Tomahawk.
+ * Return 403 instead of 401 upon correct password for HTTP
+ authentication but user not in right group.
+ * Small improvements.
+ * Bugfix: replaced select() with poll() to prevent crashes in case of
+ large amount of simultaneous connections.
+
+ -- Hugo Leisink <hugo@leisink.net> Mon, 3 Sep 2012 19:39:12 +0200
+
+hiawatha (8.4) stable; urgency=low
+
+ * MaxServerLoad option added.
+ * PolarSSL updated to version 1.1.4.
+ * Small bugfixes and improvements.
+ * Bugfix: invalid reverse proxy request when URL parameters are present.
+
+ -- Hugo Leisink <hugo@leisink.net> Thu, 7 Jun 2012 20:07:46 +0200
+
+hiawatha (8.3.2) stable; urgency=high
+
+ * Bugfix: memory leak in SSL library.
+
+ -- Hugo Leisink <hugo@leisink.net> Tue, 29 May 2012 18:02:59 +0200
+
+hiawatha (8.3.1) stable; urgency=low
+
+ * Improved security for reverse proxy (works with PreventSQLi, etc).
+
+ -- Hugo Leisink <hugo@leisink.net> Mon, 28 May 2012 21:50:31 +0200
+
+hiawatha (8.3) stable; urgency=low
+
+ * ReverseProxy option added.
+ * PolarSSL updated to version 1.1.3.
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 23 May 2012 18:11:56 +0200
+
+hiawatha (8.2) stable; urgency=low
+
+ * WebDAVapp option added. Enables support for WebDAV applications
+ like ownCloud (http://owncloud.org/).
+ * Removed support for the OPTIONS method.
+ * AllowDotFiles option added.
+ * Global forks setting in php-fcgi.conf moved to Server setting.
+ * Small bugfixes and improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Tue, 1 May 2012 17:48:27 +0200
+
+hiawatha (8.1) stable; urgency=low
+
+ * BanOnInvalidURL option added.
+ * PolarSSL updated to version 1.1.1.
+ * Small improvements in Windows packaging script.
+ * Bugfix: paths missing in default values and examples in manual pages.
+
+ -- Hugo Leisink <hugo@leisink.net> Sat, 25 Feb 2012 19:02:41 +0100
+
+hiawatha (8.0) stable; urgency=low
+
+ * Replaced Autoconf with CMake. Many thanks to Sander Niemeijer.
+ * Replaced OpenSSL with PolarSSL. Many thanks to Paul Bakker.
+ * AllowedCiphers and DHparameters options removed.
+ * Added IE7 to UrlToolkit's OldBrowser list, removed IE5.
+ * MaxUrlLength option added, can return 414 Request-URI Too Long.
+ * Changed default value of TriggerOnCGIstatus to 'no'.
+ * Equalized format of logfiles.
+ * Extra checks added to php-fcgi.
+ * Small improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Fri, 27 Jan 2012 12:06:10 +0100
+
+hiawatha (7.8.2) stable; urgency=high
+
+ * Improved SQL injection detection.
+ * Bugfix: memory leak in PreventSQLi routine.
+ * Bugfix: potential server freeze with 100% CPU in CGI output caching.
+
+ -- Hugo Leisink <hugo@leisink.net> Fri, 18 Nov 2011 06:51:07 +0100
+
+hiawatha (7.8.1) stable; urgency=low
+
+ * Small bugfixes and improvements.
+ * Bugfix: null byte in HTTP header of cached CGI content.
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 9 Nov 2011 17:21:52 +0100
+
+hiawatha (7.8) stable; urgency=low
+
+ * Control CGI output cache via X-Hiawatha-Cache and X-Hiawatha-Cache-Remove
+ CGI headers. See the CGI OUTPUT CACHE section in the manual page.
+ * BanOnWrongPassword now also triggers on wrong username.
+ * Small improvements.
+ * Bugfix: timeout issue with large POST requests on SSL connections.
+
+ -- Hugo Leisink <hugo@leisink.net> Mon, 31 Oct 2011 21:27:18 +0100
+
+hiawatha (7.7) stable; urgency=low
+
+ * First parameter of Alias can now contain subdirectories.
+ * Improved stability for connections with SSL client authentication.
+ * Bugfix: BanOnFlooding was broken.
+
+ -- Hugo Leisink <hugo@leisink.net> Tue, 4 Oct 2011 19:48:30 +0200
+
+hiawatha (7.6) stable; urgency=low
+
+ * PreventSQLi option rewritten.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 21 Aug 2011 08:06:21 +0200
+
+hiawatha (7.5) stable; urgency=low
+
+ * OldBrowser option added to URL toolkit.
+ * Improved mimetype configuration.
+ * Do-not-track HTTP header support.
+ * Password file entries can now be created with Wigwam.
+ * Small bugfixes and improvements.
+ * Bugfix: sent one byte too few for Range -XX.
+ * Bugfix: possible crash when using PreventSQLi.
+
+ -- Hugo Leisink <hugo@leisink.net> Sat, 28 May 2011 15:39:13 +0200
+
+hiawatha (7.4.1) stable; urgency=high
+
+ * Bugfix: integer overflow in fetch_request() which could
+ lead to a server crash.
+
+ -- Hugo Leisink <hugo@leisink.net> Sat, 26 Feb 2011 10:32:24 +0100
+
+hiawatha (7.4) stable; urgency=medium
+
+ * Connections per IP added to RequestLimitMask.
+ * NoExtensionAs made a per-host setting.
+ * Small bugfixes and improvements.
+ * Bugfix: usage of HideProxy caused Hiawatha to refuse new connections
+ after ConnectionsTotal connections.
+ * Bugfix: memory leak in XSLT module.
+
+ -- Hugo Leisink <hugo@leisink.net> Mon, 8 Nov 2010 20:58:54 +0100
+
+hiawatha (7.3) stable; urgency=low
+
+ * RequestLimitMask option added.
+ * URL parameters for ErrorHandler.
+ * Support for Haiku OS.
+ * Small security bugfixes.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 6 Jun 2010 23:18:37 +0200
+
+hiawatha (7.2) stable; urgency=low
+
+ * URL toolkit code restructured.
+ * UseSSL option added to URL toolkit.
+ * Digest HTTP authentication works with htdigest(1) created password files.
+ * Small improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 21 Apr 2010 18:12:37 +0200
+
+hiawatha (7.1) stable; urgency=low
+
+ * Small bugfixes.
+ * Bugfix: deny access and redirect result via toolkit subroutine.
+ * Bugfix: broken flooding protection.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 28 Mar 2010 10:39:12 +0200
+
+hiawatha (7.0) stable; urgency=low
+
+ * Remote Monitoring support. MonitorServer, MonitorRequests and
+ MonitorStatsInterval options added.
+ * IPv6 support for Windows version, due to IPv6 support in Cygwin 1.7.
+ * XSLT support turned on by default.
+ * All directory listings are done via XSLT. The internal index layout has
+ been removed. IndexStyle option removed.
+ * ServerRoot option has been made available via configure parameter.
+ * Small improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Fri, 12 Feb 2010 14:13:09 +0100
+
+hiawatha (6.19) stable; urgency=low
+
+ * Expire option added to URL toolkit.
+ * HideProxy option added.
+ * UNIX socket support for connections to FastCGI daemons.
+ * ExploitLogfile option added.
+ * Small bugfixes.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 6 Dec 2009 21:25:41 +0100
+
+hiawatha (6.18) stable; urgency=low
+
+ * DenyBody and BanOnDeniedBody options added.
+ * PreventCMDi and BanOnCMDi options removed. DenyBody and UrlToolkit offer
+ better functionality.
+ * Ban option added to URL toolkit.
+ * UseGZfile now first looks for .gz file instead of after requested file
+ does not exist.
+ * Changed duplicate hostnames in configuration from blocking error to
+ warning in Wigwam.
+ * Small bugfixes.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 15 Nov 2009 20:19:57 +0100
+
+hiawatha (6.17.1) stable; urgency=high
+
+ * Bugfix: possible crash due to bug in log.c.
+
+ -- Hugo Leisink <hugo@leisink.net> Sat, 5 Sep 2009 08:45:18 +0200
+
+hiawatha (6.17) stable; urgency=low
+
+ * Directory index via XSLT.
+ * Small bugfixes and improvements.
+ * Bugfix: incorrect SCRIPT_NAME value with PathInfo.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 30 Aug 2009 20:04:22 +0200
+
+hiawatha (6.16) stable; urgency=medium
+
+ * Main configuration file httpd.conf renamed to hiawatha.conf.
+ * Improved error detecting and logging in php-fcgi.
+ * RunOnDownload option added.
+ * Small bugfixes and improvements.
+ * Bugfix: repeated PIDs in php-fcgi.pid with multiple servers.
+ * Bugfix: incorrect extended log format.
+ * Bugfix: crash on too long StartFile in .hiawatha file.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 26 Jul 2009 18:13:37 +0200
+
+hiawatha (6.15) stable; urgency=low
+
+ * Basic SSI support.
+ * TimeForCGI option per directory.
+ * SocketSendTimeout option added.
+ * Small improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 5 Jul 2009 17:20:53 +0200
+
+hiawatha (6.14.1) stable; urgency=low
+
+ * Bugfix: Wigwam updated with UseFastCGI change.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 7 Jun 2009 23:41:07 +0200
+
+hiawatha (6.14) stable; urgency=medium
+
+ * Platform independent read-timeout handlers.
+ * RequiredCA option added.
+ * UseSSL option removed, ServerKey option renamed to SSLcertFile and made
+ available only in Binding section.
+ * FastCGI option renamed to UseFastCGI.
+ * Small bugfixes and improvements.
+ * Bugfix: fork-mutex issue when executing CGI.
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 3 Jun 2009 19:50:37 +0200
+
+hiawatha (6.13) stable; urgency=low
+
+ * LSB style header added to init script.
+ * SSL initialization improved for cross compiling.
+ * Change in signal handling (HUP and USR2 signal).
+ * Small bugfixes and improvements.
+ * Bugfix: incorrect MD5 hashing on 64bit machines.
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 6 May 2009 21:33:49 +0200
+
+hiawatha (6.12) stable; urgency=low
+
+ * Compile errors under the latest Ubuntu release fixed.
+ * Small bugfixes and improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 29 Mar 2009 13:27:05 +0200
+
+hiawatha (6.11) stable; urgency=low
+
+ * Duplicate hostname check included in Wigwam.
+ * All HTTP headers starting with X- are added to CGI environment and
+ set as XSLT parameter.
+ * Non-present HTTP/CGI variable set as empty XSLT parameter.
+ * Small bugfixes and improvements.
+ * Bugfix: toolkit's FastCGI setting issues.
+
+ -- Hugo Leisink <hugo@leisink.net> Mon, 29 Dec 2008 08:57:42 +0100
+
+hiawatha (6.10) stable; urgency=low
+
+ * Prevention of cross-site request forgery. PreventCSRF option added.
+ * A start and stop preference pane has been added to the MacOS X package.
+ * A new dedicated website for Hiawatha has been launched. Please, visit
+ http://www.hiawatha-webserver.org/. The welcome webpage inside the package
+ has been updated to match the new design.
+ * Small bugfixes and improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 29 Oct 2008 21:48:21 +0100
+
+hiawatha (6.9) stable; urgency=low
+
+ * NoExtensionAs option added.
+ * Tool added to the Windows package to start Hiawatha as a service under
+ Windows (see Installation.txt in Windows package for more information).
+ * Small bugfixes and improvements.
+ * Bugfix: URL encoding of links in directory listing.
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 24 Sep 2008 19:12:45 +0200
+
+hiawatha (6.8) stable; urgency=low
+
+ * XSLT parameter support.
+ * 'URL rewriting' has been renamed to 'URL toolkit' (because rewriting
+ is just one of the four options of this feature).
+ * FastCGI option added to URL toolkit.
+ * WaitForCGI option added.
+ * Small bugfixes and improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Tue, 22 Jul 2008 09:30:12 +0200
+
+hiawatha (6.7) stable; urgency=low
+
+ * BanOnWrongPassword option added.
+ * Workaround to handle non-compliant CGI headers.
+ * Updated Debian package building files.
+ * Small bugfixes and improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 28 May 2008 22:06:36 +0200
+
+hiawatha (6.6) stable; urgency=medium
+
+ * XSLT support (compile with --enable-xslt).
+ * Bugfix: possible crash when using HTTPS (due to bug in OpenSSL).
+
+ -- Hugo Leisink <hugo@leisink.net> Mon, 28 Apr 2008 19:30:44 +0200
+
+hiawatha (6.5) stable; urgency=medium
+
+ * Small bugfixes and improvements.
+ * Bugfix: integer overflow in str2int().
+ * Bugfix: compile error with --disable-ssl.
+
+ -- Hugo Leisink <hugo@leisink.net> Sat, 8 Mar 2008 08:12:41 +0100
+
+hiawatha (6.4) stable; urgency=medium
+
+ * SSL memory leak fixed.
+ * Skip, Redirect and RequestURI options added to URL rewriting.
+ * Old format of ConnectTo is no longer valid.
+ * Small bugfixes and improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 10 Feb 2008 08:54:01 +0100
+
+hiawatha (6.3) stable; urgency=low
+
+ * Release of stdin, stdout and stderr on startup.
+ * Small improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Mon, 21 Jan 2008 20:51:18 +0100
+
+hiawatha (6.2) stable; urgency=medium
+
+ * Moved TimeForCGI from 'server settings' to virtual host section.
+ * RunOnAlter option added.
+ * Improved error logging.
+ * URL rewriting disabled for PUT and DELETE requests.
+ * Path corrections in manpages via autoconf.
+ * Workaround: dot at end of filename in Windows version.
+ * Bugfix: digest HTTP authentication was broken when using GET data.
+
+ -- Hugo Leisink <hugo@leisink.net> Thu, 13 Dec 2007 08:21:10 +0100
+
+hiawatha (6.1) stable; urgency=low
+
+ * Format of ConnectTo changed. Old format will be valid for a few
+ more releases.
+ * Changed some CGI environment variables after URL rewriting.
+ * Some URL rewrite checks included in Wigwam.
+ * TriggerOnCGIstatus option added.
+ * RequireResolveIP option removed.
+ * Bugfix: POST data larger then 64kB via FastCGI.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 11 Nov 2007 09:45:08 +0100
+
+hiawatha (6.0) stable; urgency=low
+
+ * IPv6 support.
+ * Delimiters in php-fcgi.conf en cgi-wrapper.conf changed to ';'.
+ * Format of AccessList, AlterList, BanlistMask, ConnectTo and
+ LogfileMask changed (colon changed to space because of IPv6).
+ * Small bugfixes and improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Fri, 26 Oct 2007 18:13:05 +0200
+
+hiawatha (5.14) stable; urgency=low
+
+ * Improved logfile handling.
+ * More checks included in Wigwam.
+ * Small improvements.
+ * Bugfix: memory issue in Wigwam.
+
+ -- Hugo Leisink <hugo@leisink.net> Sat, 13 Oct 2007 12:11:37 +0200
+
+hiawatha (5.13) stable; urgency=low
+
+ * DenyAccess option added to URL rewriting.
+ * Path 'aliases' (set C: = /cygdrive/c) and usage of forward slashes
+ no longer necessary in configuration file of the Windows version.
+ * SCRIPT_URL logged as URL in case of URL rewrite.
+ * Cookies no longer present in logfiles.
+ * Optimizations for compiling under Solaris. See the INSTALL file for
+ more information (Thanks to Richard Barrington).
+ * Some dependency fixes.
+ * CGI zombies under OpenBSD fixed.
+ * Pthread issue under OpenBSD fixed (Thanks to Kurt Miller).
+ * Small bugfixes and improvements.
+ * Bugfix: POST data larger then 64kB via FastCGI.
+
+ -- Hugo Leisink <hugo@leisink.net> Thu, 27 Sep 2007 17:34:14 +0200
+
+hiawatha (5.12) stable; urgency=medium
+
+ * URL rewriting.
+ * Small bugfixes.
+ * Bugfix: possible crash (non-exploitable) on too large request.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 26 Aug 2007 15:35:44 +0200
+
+hiawatha (5.11) stable; urgency=low
+
+ * Made some changes to the ErrorHandler behaviour.
+ * Uploading (PUT) goes directly to disk, instead of buffering in memory.
+ * Option MaxUploadSize added.
+ * 201 Created.
+ * 411 Length Required.
+ * Small improvements.
+ * Bugfix: two bugs in the parsing of CGI HTTP headers.
+ * Bugfix: Hiawatha for Windows returned 403 for CGI because of Cygwin
+ file access rights.
+ * Bugfix: setenv in php-fcgi was not working.
+ * Bugfix: 404 for non-existing local file and remote FastCGI server
+ and non-gzip content-encoding.
+
+ -- Hugo Leisink <hugo@leisink.net> Tue, 7 Aug 2007 17:26:21 +0200
+
+hiawatha (5.10) stable; urgency=low
+
+ * Improved CGI support for Windows version (Cygwin).
+ * Throttle configuration merged into httpd.conf.
+ * EnablePathInfo option added.
+ * Workaround for syntax-bug in php-fcgi.conf (comma in GIDs conflicts
+ with comma before PHP configuration file).
+ * Improved ErrorHandler.
+ * Small improvements.
+ * Bugfix: possible crash when using load-balanced FastCGI.
+
+ -- Hugo Leisink <hugo@leisink.net> Thu, 5 Jul 2007 22:08:20 +0200
+
+hiawatha (5.9) stable; urgency=medium
+
+ * PUT and DELETE method implemented.
+ * 204 No Content.
+ * Options EnableAlter, AlterGroup, AlterList and AlterMode added.
+ * Options PasswordFile and RequiredGroup have been changed.
+ * Better handling of URL encoded characters.
+ * Improved SQL/command injection and XSS prevention.
+ * Autoconf improvements (Thanks to Sander Niemeijer, again).
+ * Small bugfixes and improvements.
+ * Bugfix: alias in directory index also appeared in subdirectories.
+ * Bugfix: ranges were ignored while reading from cache.
+ * Bugfix: digest HTTP authentication failed when a comma was present
+ in the URL.
+ * Bugfix: small memory leak when reading a .hiawatha file.
+
+ -- Hugo Leisink <hugo@leisink.net> Sat, 16 Jun 2007 16:03:14 +0200
+
+hiawatha (5.8) stable; urgency=low
+
+ * Source-plugin has been removed. It's obsolete because of FastCGI.
+ * Entropy fix during SSL initialization if needed.
+ * UserDirectory option added.
+ * More error logging for Hiawatha and the CGI-wrapper.
+ * Added OpenSSL exception to the license file and libssl.c.
+ * Bugfixes and small improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 25 Apr 2007 15:19:40 +0200
+
+hiawatha (5.7) stable; urgency=medium
+
+ * RequireResolveIP option added.
+ * KillTimedoutCGI option added.
+ * Aliases added to directory index.
+ * Extended Command Channel status output.
+ * Configurationfiles read in alfabetic order when including a directory.
+ * More error logging.
+ * (Fast)CGI code improvement.
+ * Small bugfixes and improvements.
+ * Bugfix: minor memory issue fixed in show_index().
+ * Bugfix: possible webserver crash due to bug in log_error().
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 4 Mar 2007 08:43:28 +0100
+
+hiawatha (5.6) stable; urgency=low
+
+ * Chrooted FastCGI server support.
+ * Configuration reading routine rewritten. Angle bracket sections
+ are no longer available. Only curly bracket sections can be used.
+ * An error in a .hiawatha file results in a 500. An errormessage
+ will be written to the ErrorLogfile.
+ * Command Channel improved.
+ * AllowedCiphers option added.
+ * DHparameters option added.
+ * CGIwrapId option renamed to WrapCGI.
+ * FCGIserverId option renamed to FastCGIid.
+ * Small bugfixes and improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Mon, 12 Feb 2007 21:16:19 +0100
+
+hiawatha (5.5) stable; urgency=low
+
+ * Segmentation fault handler (just in case). Logs an alert to syslog.
+ * An 'include' configuration option can now handle a directory.
+ * CGI-wrapper logs errors to ErrorLogfile.
+ * Commandline options -k and -v added.
+ * LogFormat option added.
+ * UseGZfile option added.
+ * Alternative strcasecmp() en strncasecmp().
+ * 'cgi_wrapper' renamed to 'cgi-wrapper'.
+ * 'fcgi-server' replaced by 'php-fcgi'.
+ * 'newroot' installed via autotools.
+ * Complete code review and rewrites of 'old code'.
+ * Small bugfixes and improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 21 Jan 2007 12:56:12 +0100
+
+hiawatha (5.4) stable; urgency=low
+
+ * Alternative setenv() en unsetenv() (for HP-UX and Solaris).
+ * Commandline options -c, -d and -h added.
+ * Faster flooding-check.
+ * Proper exit-codes when an error occurs.
+ * Bugfix in default_config() which made it fail to run on OpenBSD.
+ * Small bugfixes and improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Fri, 29 Dec 2006 01:42:38 +0100
+
+hiawatha (5.3) stable; urgency=low
+
+ * Handling of not-available FastCGI servers.
+ * Large file support.
+ * Cache speed improvement.
+ * Total-connections-counter adjusted in case of ReconnectDelay.
+ * StartFile option now available inside a Directory section.
+ * 'newroot' and 'fcgi-server' scripts added to the Debian package
+ and the FreeBSD Makefile.
+ * CacheMinFilesize option added.
+ * Alternative clearenv() en strcasestr().
+ * Small bugfixes in the cache module.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 17 Dec 2006 11:52:26 +0100
+
+hiawatha (5.2) stable; urgency=low
+
+ * Multiple, load-balanced FastCGI server support.
+ * Digest HTTP authentication.
+ * Improved error checking by Wigwam.
+ * Included FreeBSD port files.
+
+ -- Hugo Leisink <hugo@leisink.net> Sat, 25 Nov 2006 09:37:44 +0100
+
+hiawatha (5.1) stable; urgency=low
+
+ * BindingId added to CGI environment (SERVER_BINDING).
+ * Improved error checking by Wigwam.
+ * Small improvements (source dependencies)
+ * Bugfix: BindingId instead of Binding_Id
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 8 Nov 2006 22:07:41 +0100
+
+hiawatha (5.0) stable; urgency=low
+
+ * FastCGI support (Responder role only).
+ * Configurationfile checker (Wigwam).
+ * Internal file caching. CacheSize and CacheMaxFilesize options added
+ (Compile with --disable-cache to disable this feature).
+ * Start/stop and install script for FreeBSD (see freebsd/ in source package).
+ * PIDfile option added.
+ * Name in a binding section renamed to BindingId.
+ * Small bugfixes.
+ * Bugfix: directory index with no keep-alive for HTTP/1.0 proxies.
+
+ -- Hugo Leisink <hugo@leisink.net> Thu, 26 Oct 2006 18:31:57 +0100
+
+hiawatha (4.3.2) stable; urgency=medium
+
+ * Bugfix: client/time information missing in unbanned-logmessage.
+
+ -- Hugo Leisink <hugo@leisink.net> Tue, 6 Jun 2006 21:10:55 +0200
+
+hiawatha (4.3.1) stable; urgency=high
+
+ * Bugfix: HTTP authentication was broken.
+
+ -- Hugo Leisink <hugo@leisink.net> Mon, 15 May 2006 10:12:55 +0200
+
+hiawatha (4.3) stable; urgency=low
+
+ * Speed improvement (real improvement for static content).
+ * Reason for 403 HTTP error added to access logfile (not for wrapped CGIs).
+ * X-Forwarded-For header field also used for AccessList.
+ * Code cleanup: Uniform variablename format.
+ * Small bugfixes.
+ * Bugfix: removed double Content-Type for HTTP error messages.
+
+ -- Hugo Leisink <hugo@leisink.net> Thu, 23 Feb 2006 19:57:14 +0100
+
+hiawatha (4.2) stable; urgency=low
+
+ * Seperate keyfile for every SSL binding.
+ * ErrorLogfile option added.
+ * LogFile option renamed to AccessLogfile.
+ * Prevention of command injection. PreventCMDi and BanOnCMDi options added.
+ * Separate manualpage for the CGI-wrapper: cgi_wrapper(1).
+
+ -- Hugo Leisink <hugo@leisink.net> Thu, 23 Feb 2006 19:57:14 +0100
+
+hiawatha (4.1) stable; urgency=low
+
+ * Chroot functionality for wrapped CGIs.
+ * New section boundaries (section{...}).
+ * Small bugfixes.
+ * Bugfix: fixed ImageReferer for HTTPS connections.
+ * Bugfix: directories with the beginning of its name equal to an Alias now
+ accessible again.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 22 Jan 2006 16:31:24 +0100
+
+hiawatha (4.0) stable; urgency=low
+
+ * BindHTTP and BindHTTPS options replaced by Binding sections.
+ * CGI-wrapper replaced the HostId options. See the CGI-WRAPPER section in
+ the manualpage for more information.
+ * TimeForRequest option improved.
+ * ServerId option improved.
+ * BanOnTimeout option added.
+ * ReconnectDelay option added.
+ * Improved FollowSymlink check: symlinks are always followed if they stay
+ inside the webroot.
+ * Number of bytes sent per request added to the requestlog.
+ * Configuration-reload removed. Gave to much trouble.
+ * Customizable stylesheet for directory listings. IndexStyle option added.
+ * New layout for the errormessages.
+ * Small bugfixes.
+
+ -- Hugo Leisink <hugo@leisink.net> Tue, 18 Dec 2005 21:04:37 +0100
+
+hiawatha (3.7) stable; urgency=low
+
+ * SSLv2 has been removed from HTTPS. Only SSLv3 en TLSv1 are available.
+ * HomedirSource option added.
+ * Multiple presence of BindHTTP, BindHTTPS, AccessList, BanlistMask
+ and LogfileMask in configurationfile now allowed.
+ * get_hostrecord() rewritten: the wildcard in the Hostname now also matches
+ the domainname. Example: 'Hostname = www.domainname.com, *.domainname.com'
+ now also matches 'http://domainname.com/'.
+ * RequireBinding option renamed to RequiredBinding. RequireBinding has become
+ a temporary alias.
+ * TRACE method implemented. EnableTRACE option added.
+ * Small bugfixes and improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Tue, 12 Nov 2005 22:36:06 +0100
+
+hiawatha (3.6.1) stable; urgency=medium
+
+ * HTTP_GENERATED_ERROR environment variable added for ErrorHandler.
+ * ErrorHandler from a Virtual Host ignored when handling a userwebsite.
+ * Bugfix: gzip Content-Encoding was broken.
+ * Bugfix: logfile got flooded with warnings in case of a configuration reload
+ and an error in the configurationfile.
+
+ -- Hugo Leisink <hugo@leisink.net> Tue, 23 Aug 2005 08:45:43 +0200
+
+hiawatha (3.6) stable; urgency=medium
+
+ * Prevention of SQL injection. PreventSQLi and BanOnSQLi options added.
+ * Prevention of cross-site scripting. PreventXSS option added.
+ * Alias option added.
+ * FollowSymlinks option added.
+ * Use of variables in configurationfile via 'set'.
+ * Path option changed, PathMatch option removed.
+ * Removal of dangerous characters (ASCII-values 0..31) from the URL.
+ * Manualpage updated.
+ * Improved Debian package.
+ * Small bugfixes and improvements.
+ * Bugfix: filethrottling and UploadSpeed were broken.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 14 Aug 2005 18:43:57 +0200
+
+hiawatha (3.5) stable; urgency=low
+
+ * HTTP_CLIENT_IP and HTTP_VIA variable passed thru to CGI programs.
+ * Case-insensitive HTTP-header matching.
+ * Small bugfixes.
+
+ -- Hugo Leisink <hugo@leisink.net> Sat, 16 Apr 2005 22:31:14 +0100
+
+hiawatha (3.4) stable; urgency=low
+
+ * Specify the returncode of an ErrorHandler.
+ * DenyBot option added.
+ * BindHTTP and BindHTTPS options added (BindAddress option has been removed).
+ * ServerPort and SSLPort have become an alias for BindHTTP and BindHTTPS.
+ * RequireBinding option added.
+ * CGIextension and CGIhandler options updated.
+ * Source dependencies re-organized.
+ * BSD autoconf errors fixed (Thanks to Sander Niemeijer).
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 23 Jan 2005 22:36:13 +0100
+
+hiawatha (3.3) stable; urgency=low
+
+ * CGIhandler option added (PHPextension, PHPprogram and ExecutePHP options
+ have been removed).
+ * Support for HTTP/1.0 proxies (No chunked Transfer-Encoding, so no
+ keep-alive connections for CGI).
+ * Username of HTTP authentication logged.
+ * Escape characters removed from logfile.
+ * BanlistMask option added.
+ * LogAccess option renamed to LogfileMask.
+ * HTTP pipelining support.
+ * Bugfix: GarbageLogfile was not created on startup.
+ * Bugfix: removed double Content-Type for CGI ErrorHandler.
+
+ -- Hugo Leisink <hugo@leisink.net> Fri, 26 Nov 2004 00:16:40 +0100
+
+hiawatha (3.2) stable; urgency=medium
+
+ * Gentoo ebuild script (see gentoo/ in sourcepackage).
+ * Bugfix: incorrect Chunked Transfer-Encoding.
+ * Bugfix: wrong hostname on 301.
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 3 Nov 2004 18:51:52 +0100
+
+hiawatha (3.1) stable; urgency=low
+
+ * Small bugfixes and improvements.
+ * Start and stop script (extra/hiawatha).
+ * Command Channel made optional.
+ * ServerString moved from host to main section in the configuration file.
+ * Compile errors fixed (under Cygwin for example).
+ * Bugfix: SERVER_PORT was set to ServerPort instead of SSLPort on HTTPS
+ connections.
+ * Bugfix: 301 via HTTPS used ServerPort instead of SSLPort.
+
+ -- Hugo Leisink <hugo@leisink.net> Mon, 20 Sep 2004 00:12:30 +0200
+
+hiawatha (3.0) stable; urgency=low
+
+ * SSL support: SSLPort, ServerKey and RequireSSL option added.
+ (Many thanks to Denis de Leeuw Duarte. Compile with --disable-ssl
+ to disable this feature).
+ * SetEnvir option added.
+ * RequiredGroup option added.
+ * Case-insensitive configuration options.
+ * Directory independent installation support.
+ (Many thanks to Sander Niemeijer).
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 1 Sep 2004 23:54:46 +0200
+
+hiawatha (2.8) stable; urgency=low
+
+ * gzip Content-Encoding support (see manpage for more information).
+ * BanOnMaxReqSize option added.
+ * Some 400 and 413 returncode fixes.
+ * Garbage log for 400.
+ * Faster restart.
+ * Configuration reload stable (USR1 signal).
+ * Small bugfixes and improvements.
+
+ -- Hugo Leisink <hugo@leisink.net> Thu, 26 Aug 2004 18:28:17 +0200
+
+hiawatha (2.7) stable; urgency=low
+
+ * RequestBuffer option added.
+ * Binary upload support.
+ * AccessList option improved with 'pwd'.
+ * Bugfix: incorrect Content-Length for HTTP code screens.
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 18 Aug 2004 12:32:40 +0200
+
+hiawatha (2.6) stable; urgency=low
+
+ * log.c rewritten.
+ * Connect attempts during ban counted (to prefent long logfiles).
+ * Bugfix: netmask 0 for AccessList didn't work.
+ * Bugfix: Directory record ended configfile.
+
+ -- Hugo Leisink <hugo@leisink.net> Fri, 6 Aug 2004 15:37:46 +0200
+
+hiawatha (2.5) stable; urgency=high
+
+ * Range header field (single range support).
+ * 206 Partial Content.
+ * 416 Requested Range Not Satisfiable.
+ * Date header field.
+ * Modified-Since header field.
+ * Bugfix: memory-leak fixed (free(error_line) in target.c).
+ * Bugfix: thread-record problem fixed.
+
+ -- Hugo Leisink <hugo@leisink.net> Mon, 26 Jul 2004 09:09:18 +0200
+
+hiawatha (2.4.1) stable; urgency=medium
+
+ * Bugfix: use of <Directory> without UploadSpeed always resulted in a 503.
+
+ -- Hugo Leisink <hugo@leisink.net> Mon, 24 May 2004 13:38:06 +0200
+
+hiawatha (2.4) stable; urgency=high
+
+ * 503 Service Unavailable.
+ * Access option removed.
+ * AccessList option added.
+ * AccessLog option added.
+ * BindAddresses option added.
+ * GarbageLogfile option added.
+ * ImageReferer option added.
+ * PathMatch option added.
+ * UploadSpeed option extended.
+ * Global change: extention -> extension.
+ * exePHP/CGI option renamed to ExecutePHP/CGI.
+ * Bugfix: only the first Directory record could be used.
+ * Bugfix: If-Modified-Since time converted to GMT.
+ * Bugfix: filedescriptor to .hiawatha left open.
+
+ -- Hugo Leisink <hugo@leisink.net> Fri, 16 Apr 2004 23:29:09 +0100
+
+hiawatha (2.3.2) stable; urgency=low
+
+ * Include option added.
+ * Log requestresult code.
+ * Code improvement.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 28 Mar 2004 23:03:09 +0100
+
+hiawatha (2.3.1) stable; urgency=low
+
+ * Extra CGI environment variables.
+ * Bugfix: incorrect Content-Type for multipart/form-data CGI data.
+ * Bugfix: pidfile problem.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 28 Mar 2004 12:33:06 +0100
+
+hiawatha (2.3) stable; urgency=low
+
+ * OPTIONS method improved.
+ * A .hiawatha configurationfile will also be active in all the
+ subdirectories.
+ * CGI errors are logged to the SystemLogfile.
+ * PHPextension option added.
+ * ServerName option renamed to Hostname.
+ * ReconnectDelay option renamed to BanOnMaxPerIP.
+ * BanOnGarbage option added.
+ * BanOnFlooding option added.
+ * KickOnBan option added.
+ * Manualpage updated.
+ * Small bugfixes.
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 24 Mar 2004 20:10:17 +0100
+
+hiawatha (2.2) stable; urgency=low
+
+ * Improved directory listing (ShowIndex) and errorcode layout.
+ * 405 response for PUT, DELETE, TRACE and CONNECT methods changed to 501
+ Method Not Implemented.
+ * POST request for a non CGI script results in a 405.
+ * If-Modified-Since and If-Unmodigied-Since header fields.
+ * 304 Not Modified.
+ * 408 Request Timeout.
+ * 412 Precondition Failed.
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 17 Mar 2004 20:25:50 +0100
+
+hiawatha (2.1.1) stable; urgency=high
+
+ * Bugfix: Basic HTTP authentication fixed. Also full path for
+ PasswordFile allowed in chroot environment.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 14 Mar 2004 11:58:56 +0100
+
+hiawatha (2.1) stable; urgency=high
+
+ * Command Channel (compile with --enable-command).
+ * UserWebsite option added. (UserDirectory option removed, userwebsites.conf
+ added to /etc/hiawatha).
+ * UploadSpeed option for Directory sections added.
+ * Improved error checking.
+ * Traffic throttling for CGI scripts.
+ * SystemLogfile option added.
+ * Small bugfixes.
+ * Bugfix: CONTENT_LENGTH was set incorrectly for POST requests.
+ * Bugfix: reloading throttleconfiguration.
+ * Bugfix: zombie CGI scripts. A kill (9) signal is send to all CGI processes
+ after finishing. Just to be sure. :)
+
+ -- Hugo Leisink <hugo@leisink.net> Thu, 11 Mar 2004 18:11:26 +0100
+
+hiawatha (2.0) stable; urgency=low
+
+ * Multi-threading instead of forking
+ (Many thanks to Sander Niemeijer).
+ * Configuration reloading (USR1 signal).
+ * Disconnect all clients (USR2 signal).
+ * Mimetype and throttletype checking case unsensitive.
+ * Improved URI checking.
+ * run_script() rewritten: faster and bugfix (also using select()).
+ * ServerId option added.
+ * UserId and GroupId option combined to HostId.
+ * Access option for Directory sections added.
+ * Some code improvements.
+ * Small bugfixes.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 7 Mar 2004 14:51:27 +0100
+
+hiawatha (1.7) stable; urgency=low
+
+ * nanny_thread() removed. select() timeout used to check childs.
+ * fetch_request() rewritten: it's much faster now (using select()).
+ * RootDirectory option renamed to WebsiteRoot.
+ * ServerRoot option added (Hiawatha will chroot() to that directory).
+
+ -- Hugo Leisink <hugo@leisink.net> Sat, 24 Feb 2004 14:06:53 +0100
+
+hiawatha (1.6.1) stable; urgency=medium
+
+ * Source-plugin support (compile with --enable-plugin).
+ * Bugfix: problem with reading directory configurationfile (.hiawatha).
+ * Bugfix: several realloc() fixes.
+ * Bugfix: config->directory set to NULL on init.
+
+ -- Hugo Leisink <hugo@leisink.net> Tue, 26 Jan 2004 10:13:26 +0100
+
+hiawatha (1.6) stable; urgency=low
+
+ * URL checked for special characters (%20 = ' ', etc).
+ * Remarks on every line in configuration file allowed.
+ * Added some MIME-types.
+
+ -- Hugo Leisink <hugo@leisink.net> Fri, 19 Dec 2003 13:23:08 +0100
+
+hiawatha (1.5.1) stable; urgency=high
+
+ * ServerString option added.
+ * Bugfix: CGI server hang-up bug fixed.
+
+ -- Hugo Leisink <hugo@leisink.net> Mon, 15 Sep 2003 11:13:12 +0100
+
+hiawatha (1.5) stable; urgency=low
+
+ * Improved 301: first ServerName may now contain a wildcard.
+ * 302 Found (when a CGI script prints Location).
+ * 413 Request Entity Too Large.
+ * CGI scripts can now output binary data.
+ * Automake script (Many thanks to Sander Niemeijer and Denis de Leeuw
+ Duarte). Compilation tested on FreeBSD and MacOS X.
+ * Small bugfixes.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 17 Aug 2003 14:13:17 +0100
+
+hiawatha (1.4) stable; urgency=low
+
+ * Multiple ServerName options.
+ * Wildcard allowed in ServerName.
+ * Ownership logfiles set to UserId:GroupId from configurationfile.
+ * Small bugfixes.
+
+ -- Hugo Leisink <hugo@leisink.net> Tue, 22 Jul 2003 09:44:12 +0100
+
+hiawatha (1.3) stable; urgency=low
+
+ * Directory settings support.
+ * Flooding protection.
+ * Volatile object support.
+ * Bugfixes: some potential segmentation faults.
+
+ -- Hugo Leisink <hugo@leisink.net> Thu, 17 Oct 2002 20:40:00 +0100
+
+hiawatha (1.2) stable; urgency=low
+
+ * <VirtualHost> settings.
+ * Check for errors in configurationfile.
+ * Manpage updated.
+
+ -- Hugo Leisink <hugo@leisink.net> Sat, 28 Sep 2002 18:13:21 +0100
+
+hiawatha (1.1.1) stable; urgency=high
+
+ * Bugfix: server lock-up for POST request with Content-Length = 0.
+
+ -- Hugo Leisink <hugo@leisink.net> Thu, 26 Sep 2002 10:46:55 +0100
+
+hiawatha (1.1) stable; urgency=low
+
+ * Traffic throttling.
+
+ -- Hugo Leisink <hugo@leisink.net> Sat, 21 Sep 2002 23:04:19 +0100
+
+hiawatha (1.0) stable; urgency=low
+
+ * 405 Method not allowed.
+ * 505 HTTP version not supported.
+ * Logrotate script added to the package.
+ * Bugfix: no Content-Type for directorylisting.
+ * Bugfix: chunks didn't end with CRLF.
+ * Bugfix: a PHP script couldn't be used as an ErrorHandler.
+ * Bugfix: logfile problem.
+ * Bugfix: StartFile from .hiawatha didn't work.
+
+ -- Hugo Leisink <hugo@leisink.net> Thu, 17 Sep 2002 18:12:35 +0100
+
+hiawatha (1.0b) stable; urgency=low
+
+ * Basic HTTP authentication.
+ * 401 Unauthorized.
+ * Support for PHP.
+ * Chunked Transfer-encoding.
+ * Directorylisting in HTML for directories without a startfile.
+ * Main request-handling routine splitted in seperate functions.
+ * parse_request() rewritten.
+ * Some minor bugfixes.
+ * Bugfix: setuid() security issue fixed.
+
+ -- Hugo Leisink <hugo@leisink.net> Thu, 16 Sep 2002 23:21:26 +0100
+
+hiawatha (0.9) stable; urgency=low
+
+ * Keep-alive connections.
+ * Some minor bugfixes.
+
+ -- Hugo Leisink <hugo@leisink.net> Thu, 5 Sep 2002 19:36:04 +0100
+
+hiawatha (0.8) stable; urgency=low
+
+ * Size HTTP request limited to 64 kilobytes.
+ * Better Content-Length handling for incoming HTTP requests.
+ * Number of connections per IP address can be limited.
+ * Filelock on logfile.
+ * More actions are being logged.
+ * Manpage added to the package.
+ * Finally got rid of the root group. :)
+ * User configurationfile.
+ * Some minor bugfixes.
+ * Bugfix: When the ErrorHandler was set a 301 error was not returned
+ correctly.
+
+ -- Hugo Leisink <hugo@leisink.net> Fri, 28 Jun 2002 11:55:26 +0100
+
+hiawatha (0.7.1) stable; urgency=low
+
+ * Bugfix: the local IP address was logged instead of the remote IP address.
+ * Bugfix: when CGI was disabled and the ErrorHandler was needed, the server
+ crashed.
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 19 Jun 2002 11:55:26 +0100
+
+hiawatha (0.7) stable; urgency=low
+
+ * StartFile added to the configurationfile.
+ * ErrorHandler added to the configurationfile.
+ * The number of total connections can be limited.
+ * The processortime for a CGI process can be limited.
+ * Cookie support.
+ * HTTP_USER_AGENT, HTTP_X_FORWARDED_FOR and HTTP_REFERER variables are passed
+ thru to a CGI script.
+ * Bugfix: the zombie problem has been fixed.
+ * Bugfix: child quits when client disconnects.
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 19 Jun 2002 10:33:41 +0100
+
+hiawatha (0.6) stable; urgency=low
+
+ * 400 Bad request.
+ * HEAD method implemented.
+ * POST method implemented.
+ * OPTIONS method implemented.
+ * User directories.
+ * Improved security.
+
+ -- Hugo Leisink <hugo@leisink.net> Sat, 18 May 2002 13:57:50 +0100
+
+hiawatha (0.5) stable; urgency=low
+
+ * Content-Type header field (Mimetypes).
+ * Logfile.
+
+ -- Hugo Leisink <hugo@leisink.net> Thu, 16 May 2002 12:41:28 +0100
+
+hiawatha (0.4) stable; urgency=low
+
+ * Server can execute scripts.
+ * Server information in header.
+ * 403 Forbidden.
+ * 500 Internal server error.
+
+ -- Hugo Leisink <hugo@leisink.net> Thu, 18 May 2002 13:57:50 +0100
+
+hiawatha (0.3) stable; urgency=low
+
+ * 200 OK.
+ * 301 Redirect.
+ * 404 File not found.
+
+ -- Hugo Leisink <hugo@leisink.net> Sat, 27 Apr 2002 17:21:42 +0100
+
+hiawatha (0.2) stable; urgency=low
+
+ * Configurationfile (/etc/hiawatha.conf).
+
+ -- Hugo Leisink <hugo@leisink.net> Sat, 20 Apr 2002 18:48:09 +0100
+
+hiawatha (0.1) stable; urgency=low
+
+ * Initial release.
+ * GET method implemented.
+
+ -- Hugo Leisink <hugo@leisink.net> Sun, 27 Jan 2002 12:06:10 +0100
38 INSTALL
@@ -0,0 +1,38 @@
+If your CMake version is lower than 2.8.4, download the latest version from http://www.cmake.org/cmake/resources/software.html and install it. Make sure other CMake versions are removed from your system.
+ tar -xzf cmake-<version>.tar.gz
+ cd cmake-<version>
+ ./configure
+ sudo make install
+
+Use the following commands to compile and install Hiawatha. This will install Hiawatha in /usr/local.
+ mkdir build
+ cd build
+ cmake .. [options]
+ sudo make install/strip
+
+The following options for cmake are available. Default value is in uppercase.
+ -DENABLE_CACHE=ON|off Enable internal cache support.
+ -DENABLE_CHROOT=on|OFF Enable chroot support.
+ -DENABLE_DEBUG=on|OFF Enable debug information (for development only).
+ -DENABLE_IPV6=ON|off Enable IPv6 support.
+ -DENABLE_MONITOR=on|OFF Enable support for the Hiawatha Monitor.
+ -DENABLE_RPROXY=ON|off Enable reverse proxy support.
+ -DENABLE_SSL=ON|off Enable SSL (PolarSSL) support.
+ -DENABLE_TOMAHAWK=on|OFF Enable Tomahawk, Hiawatha command shell.
+ -DENABLE_TOOLKIT=ON|off Enable the URL Toolkit.
+ -DENABLE_XSLT=ON|off Enable XSLT support.
+
+The following path settings are available for cmake.
+ -DCMAKE_INSTALL_PREFIX=<path> The prefix for all other CMAKE_INSTALL directories.
+ -DCMAKE_INSTALL_BINDIR=<path> Location of the ssi-cgi binary.
+ -DCMAKE_INSTALL_SBINDIR=<path> Location of the other Hiawatha binaries.
+ -DCMAKE_INSTALL_SYSCONFDIR=<path> The configuration files will be installed in <path>/hiawatha.
+ -DCMAKE_INSTALL_LIBDIR=<path> The PolarSSL shared library will be installed in <path>/hiawatha.
+ -DCMAKE_INSTALL_MANDIR=<path> Manual pages will be installed in <path>/man1.
+ -DCONFIG_DIR=<path> Location of the Hiawatha configuration files.
+ -DLOG_DIR=<path> Log directory used in the default hiawatha.conf.
+ -DPID_DIR=<path> Location of the Hiawatha and php-fcgi PID files.
+ -DWEBROOT_DIR=<path> Webroot directory used in the default hiawatha.conf.
+ -DWORK_DIR=<path> Path of directory where Hiawatha can write temporary files.
+
+Look inside the directory 'extra' for scripts to build packages for Debian, MacOS X and Windows (via Cygwin).
339 LICENSE
@@ -0,0 +1,339 @@
+ GNU GENERAL PUBLIC LICENSE
+ Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+ Preamble
+
+ The licenses for most software are designed to take away your
+freedom to share and change it. By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users. This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it. (Some other Free Software Foundation software is covered by
+the GNU Lesser General Public License instead.) You can apply it to
+your programs, too.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+ To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+ For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have. You must make sure that they, too, receive or can get the
+source code. And you must show them these terms so they know their
+rights.
+
+ We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+ Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software. If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+ Finally, any free program is threatened constantly by software
+patents. We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary. To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+ The precise terms and conditions for copying, distribution and
+modification follow.
+
+ GNU GENERAL PUBLIC LICENSE
+ TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+ 0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License. The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language. (Hereinafter, translation is included without limitation in
+the term "modification".) Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope. The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+ 1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+ 2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+ a) You must cause the modified files to carry prominent notices
+ stating that you changed the files and the date of any change.
+
+ b) You must cause any work that you distribute or publish, that in
+ whole or in part contains or is derived from the Program or any
+ part thereof, to be licensed as a whole at no charge to all third
+ parties under the terms of this License.
+
+ c) If the modified program normally reads commands interactively
+ when run, you must cause it, when started running for such
+ interactive use in the most ordinary way, to print or display an
+ announcement including an appropriate copyright notice and a
+ notice that there is no warranty (or else, saying that you provide
+ a warranty) and that users may redistribute the program under
+ these conditions, and telling the user how to view a copy of this
+ License. (Exception: if the Program itself is interactive but
+ does not normally print such an announcement, your work based on
+ the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole. If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works. But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+ 3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+ a) Accompany it with the complete corresponding machine-readable
+ source code, which must be distributed under the terms of Sections
+ 1 and 2 above on a medium customarily used for software interchange; or,
+
+ b) Accompany it with a written offer, valid for at least three
+ years, to give any third party, for a charge no more than your
+ cost of physically performing source distribution, a complete
+ machine-readable copy of the corresponding source code, to be
+ distributed under the terms of Sections 1 and 2 above on a medium
+ customarily used for software interchange; or,
+
+ c) Accompany it with the information you received as to the offer
+ to distribute corresponding source code. (This alternative is
+ allowed only for noncommercial distribution and only if you
+ received the program in object code or executable form with such
+ an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it. For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable. However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+ 4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License. Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+ 5. You are not required to accept this License, since you have not
+signed it. However, nothing else grants you permission to modify or
+distribute the Program or its derivative works. These actions are
+prohibited by law if you do not accept this License. Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+ 6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions. You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+ 7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all. For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices. Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+ 8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded. In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+ 9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time. Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number. If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation. If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+ 10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission. For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this. Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+ NO WARRANTY
+
+ 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+ 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Programs
+
+ If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+ To do so, attach the following notices to the program. It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+ <one line to give the program's name and a brief idea of what it does.>
+ Copyright (C) <year> <name of author>
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+ Gnomovision version 69, Copyright (C) year name of author
+ Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+ This is free software, and you are welcome to redistribute it
+ under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License. Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary. Here is a sample; alter the names:
+
+ Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+ `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+ <signature of Ty Coon>, 1 April 1989
+ Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs. If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library. If this is what you want to do, use the GNU Lesser General
+Public License instead of this License.
12 cmake/CopyIfNotExists.cmake
@@ -0,0 +1,12 @@
+# CopyIfNotExists, written by Hugo Leisink <hugo@leisink.net>
+#
+install(CODE "
+ macro(copy_if_not_exists SRC DEST)
+ get_filename_component(filename \${SRC} NAME)
+ if(NOT EXISTS \"\$ENV{DESTDIR}/\${DEST}/\${filename}\")
+ file(INSTALL \"\${SRC}\" DESTINATION \"\${DEST}\")
+ else()
+ message(\"-- Skipping : \$ENV{DESTDIR}/\${DEST}/\${filename}\")
+ endif()
+ endmacro()
+")
182 cmake/GNUInstallDirs.cmake
@@ -0,0 +1,182 @@
+# - Define GNU standard installation directories
+# Provides install directory variables as defined for GNU software:
+# http://www.gnu.org/prep/standards/html_node/Directory-Variables.html
+# Inclusion of this module defines the following variables:
+# CMAKE_INSTALL_<dir> - destination for files of a given type
+# CMAKE_INSTALL_FULL_<dir> - corresponding absolute path
+# where <dir> is one of:
+# BINDIR - user executables (bin)
+# SBINDIR - system admin executables (sbin)
+# LIBEXECDIR - program executables (libexec)
+# SYSCONFDIR - read-only single-machine data (etc)
+# SHAREDSTATEDIR - modifiable architecture-independent data (com)
+# LOCALSTATEDIR - modifiable single-machine data (var)
+# LIBDIR - object code libraries (lib or lib64)
+# INCLUDEDIR - C header files (include)
+# OLDINCLUDEDIR - C header files for non-gcc (/usr/include)
+# DATAROOTDIR - read-only architecture-independent data root (share)
+# DATADIR - read-only architecture-independent data (DATAROOTDIR)
+# INFODIR - info documentation (DATAROOTDIR/info)
+# LOCALEDIR - locale-dependent data (DATAROOTDIR/locale)
+# MANDIR - man documentation (DATAROOTDIR/man)
+# DOCDIR - documentation root (DATAROOTDIR/doc/PROJECT_NAME)
+# Each CMAKE_INSTALL_<dir> value may be passed to the DESTINATION options of
+# install() commands for the corresponding file type. If the includer does
+# not define a value the above-shown default will be used and the value will
+# appear in the cache for editing by the user.
+# Each CMAKE_INSTALL_FULL_<dir> value contains an absolute path constructed
+# from the corresponding destination by prepending (if necessary) the value
+# of CMAKE_INSTALL_PREFIX.
+
+#=============================================================================
+# Copyright 2011 Nikita Krupen'ko <krnekit@gmail.com>
+# Copyright 2011 Kitware, Inc.
+#
+# Distributed under the OSI-approved BSD License (the "License");
+# see accompanying file Copyright.txt for details.
+#
+# This software is distributed WITHOUT ANY WARRANTY; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+# See the License for more information.
+#=============================================================================
+# (To distribute this file outside of CMake, substitute the full
+# License text for the above reference.)
+
+# Installation directories
+#
+if(NOT DEFINED CMAKE_INSTALL_BINDIR)
+ set(CMAKE_INSTALL_BINDIR "bin" CACHE PATH "user executables (bin)")
+endif()
+
+if(NOT DEFINED CMAKE_INSTALL_SBINDIR)
+ set(CMAKE_INSTALL_SBINDIR "sbin" CACHE PATH "system admin executables (sbin)")
+endif()
+
+if(NOT DEFINED CMAKE_INSTALL_LIBEXECDIR)
+ set(CMAKE_INSTALL_LIBEXECDIR "libexec" CACHE PATH "program executables (libexec)")
+endif()
+
+if(NOT DEFINED CMAKE_INSTALL_SYSCONFDIR)
+ set(CMAKE_INSTALL_SYSCONFDIR "etc" CACHE PATH "read-only single-machine data (etc)")
+endif()
+
+if(NOT DEFINED CMAKE_INSTALL_SHAREDSTATEDIR)
+ set(CMAKE_INSTALL_SHAREDSTATEDIR "com" CACHE PATH "modifiable architecture-independent data (com)")
+endif()
+
+if(NOT DEFINED CMAKE_INSTALL_LOCALSTATEDIR)
+ set(CMAKE_INSTALL_LOCALSTATEDIR "var" CACHE PATH "modifiable single-machine data (var)")
+endif()
+
+if(NOT DEFINED CMAKE_INSTALL_LIBDIR)
+ set(_LIBDIR_DEFAULT "lib")
+ # Override this default 'lib' with 'lib64' iff:
+ # - we are on Linux system but NOT cross-compiling
+ # - we are NOT on debian
+ # - we are on a 64 bits system
+ # reason is: amd64 ABI: http://www.x86-64.org/documentation/abi.pdf
+ # Note that the future of multi-arch handling may be even
+ # more complicated than that: http://wiki.debian.org/Multiarch
+ if(CMAKE_SYSTEM_NAME MATCHES "Linux"
+ AND NOT CMAKE_CROSSCOMPILING
+ AND NOT EXISTS "/etc/debian_version")
+ if(NOT DEFINED CMAKE_SIZEOF_VOID_P)
+ message(AUTHOR_WARNING
+ "Unable to determine default CMAKE_INSTALL_LIBDIR directory because no target architecture is known. "
+ "Please enable at least one language before including GNUInstallDirs.")
+ else()
+ if("${CMAKE_SIZEOF_VOID_P}" EQUAL "8")
+ set(_LIBDIR_DEFAULT "lib64")
+ endif()
+ endif()
+ endif()
+ set(CMAKE_INSTALL_LIBDIR "${_LIBDIR_DEFAULT}" CACHE PATH "object code libraries (${_LIBDIR_DEFAULT})")
+endif()
+
+if(NOT DEFINED CMAKE_INSTALL_INCLUDEDIR)
+ set(CMAKE_INSTALL_INCLUDEDIR "include" CACHE PATH "C header files (include)")
+endif()
+
+if(NOT DEFINED CMAKE_INSTALL_OLDINCLUDEDIR)
+ set(CMAKE_INSTALL_OLDINCLUDEDIR "/usr/include" CACHE PATH "C header files for non-gcc (/usr/include)")
+endif()
+
+if(NOT DEFINED CMAKE_INSTALL_DATAROOTDIR)
+ set(CMAKE_INSTALL_DATAROOTDIR "share" CACHE PATH "read-only architecture-independent data root (share)")
+endif()
+
+#-----------------------------------------------------------------------------
+# Values whose defaults are relative to DATAROOTDIR. Store empty values in
+# the cache and store the defaults in local variables if the cache values are
+# not set explicitly. This auto-updates the defaults as DATAROOTDIR changes.
+
+if(NOT CMAKE_INSTALL_DATADIR)
+ set(CMAKE_INSTALL_DATADIR "" CACHE PATH "read-only architecture-independent data (DATAROOTDIR)")
+ set(CMAKE_INSTALL_DATADIR "${CMAKE_INSTALL_DATAROOTDIR}")
+endif()
+
+if(NOT CMAKE_INSTALL_INFODIR)
+ set(CMAKE_INSTALL_INFODIR "" CACHE PATH "info documentation (DATAROOTDIR/info)")
+ set(CMAKE_INSTALL_INFODIR "${CMAKE_INSTALL_DATAROOTDIR}/info")
+endif()
+
+if(NOT CMAKE_INSTALL_LOCALEDIR)
+ set(CMAKE_INSTALL_LOCALEDIR "" CACHE PATH "locale-dependent data (DATAROOTDIR/locale)")
+ set(CMAKE_INSTALL_LOCALEDIR "${CMAKE_INSTALL_DATAROOTDIR}/locale")
+endif()
+
+if(NOT CMAKE_INSTALL_MANDIR)
+ set(CMAKE_INSTALL_MANDIR "" CACHE PATH "man documentation (DATAROOTDIR/man)")
+ set(CMAKE_INSTALL_MANDIR "${CMAKE_INSTALL_DATAROOTDIR}/man")
+endif()
+
+if(NOT CMAKE_INSTALL_DOCDIR)
+ set(CMAKE_INSTALL_DOCDIR "" CACHE PATH "documentation root (DATAROOTDIR/doc/PROJECT_NAME)")
+ set(CMAKE_INSTALL_DOCDIR "${CMAKE_INSTALL_DATAROOTDIR}/doc/${PROJECT_NAME}")
+endif()
+
+#-----------------------------------------------------------------------------
+
+mark_as_advanced(
+ CMAKE_INSTALL_BINDIR
+ CMAKE_INSTALL_SBINDIR
+ CMAKE_INSTALL_LIBEXECDIR
+ CMAKE_INSTALL_SYSCONFDIR
+ CMAKE_INSTALL_SHAREDSTATEDIR
+ CMAKE_INSTALL_LOCALSTATEDIR
+ CMAKE_INSTALL_LIBDIR
+ CMAKE_INSTALL_INCLUDEDIR
+ CMAKE_INSTALL_OLDINCLUDEDIR
+ CMAKE_INSTALL_DATAROOTDIR
+ CMAKE_INSTALL_DATADIR
+ CMAKE_INSTALL_INFODIR
+ CMAKE_INSTALL_LOCALEDIR
+ CMAKE_INSTALL_MANDIR
+ CMAKE_INSTALL_DOCDIR
+ )
+
+# Result directories
+#
+foreach(dir
+ BINDIR
+ SBINDIR
+ LIBEXECDIR
+ SYSCONFDIR
+ SHAREDSTATEDIR
+ LOCALSTATEDIR
+ LIBDIR
+ INCLUDEDIR
+ OLDINCLUDEDIR
+ DATAROOTDIR
+ DATADIR
+ INFODIR
+ LOCALEDIR
+ MANDIR
+ DOCDIR
+ )
+ if(NOT IS_ABSOLUTE ${CMAKE_INSTALL_${dir}})
+ set(CMAKE_INSTALL_FULL_${dir} "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_${dir}}")
+ else()
+ set(CMAKE_INSTALL_FULL_${dir} "${CMAKE_INSTALL_${dir}}")
+ endif()
+endforeach()
47 config.h.in
@@ -0,0 +1,47 @@
+/* Directory settings
+ */
+#define CONFIG_DIR "${CONFIG_DIR}"
+#define LOG_DIR "${LOG_DIR}"
+#define PID_DIR "${PID_DIR}"
+#define SBIN_DIR "${CMAKE_INSTALL_FULL_SBINDIR}"
+#define VERSION "${HIAWATHA_VERSION}"
+#define WEBROOT_DIR "${WEBROOT_DIR}"
+#define WORK_DIR "${WORK_DIR}"
+
+/* Settings
+ */
+#define _GNU_SOURCE 1
+#cmakedefine CYGWIN ${CYGWIN}
+#cmakedefine CIFS ${CIFS}
+
+/* Hiawatha modules
+ */
+#cmakedefine ENABLE_CACHE ${ENABLE_CACHE}
+#cmakedefine ENABLE_CHROOT ${ENABLE_CHROOT}
+#cmakedefine ENABLE_DEBUG ${ENABLE_DEBUG}
+#cmakedefine ENABLE_IPV6 ${ENABLE_IPV6}
+#cmakedefine ENABLE_LOADCHECK ${ENABLE_LOADCHECK}
+#cmakedefine ENABLE_MONITOR ${ENABLE_MONITOR}
+#cmakedefine ENABLE_RPROXY ${ENABLE_RPROXY}
+#cmakedefine ENABLE_SSL ${ENABLE_SSL}
+#cmakedefine ENABLE_TOMAHAWK ${ENABLE_TOMAHAWK}
+#cmakedefine ENABLE_TOOLKIT ${ENABLE_TOOLKIT}
+#cmakedefine ENABLE_XSLT ${ENABLE_XSLT}
+
+/* Includes
+ */
+#cmakedefine HAVE_CRYPT_H ${HAVE_CRYPT_H}
+#cmakedefine HAVE_ARPA_INET_H ${HAVE_ARPA_INET_H}
+#cmakedefine HAVE_NETINET_IN_H ${HAVE_NETINET_IN_H}
+#cmakedefine HAVE_NETINET_TCP_H ${HAVE_NETINET_TCP_H}
+#cmakedefine HAVE_RPCSVC_CRYPT_H ${HAVE_RPCSVC_CRYPT_H}
+
+/* Functions
+ */
+#cmakedefine HAVE_SETENV ${HAVE_SETENV}
+#cmakedefine HAVE_UNSETENV ${HAVE_UNSETENV}
+#cmakedefine HAVE_CLEARENV ${HAVE_CLEARENV}
+#cmakedefine HAVE_STRCASECMP ${HAVE_STRCASECMP}
+#cmakedefine HAVE_STRNCASECMP ${HAVE_STRNCASECMP}
+#cmakedefine HAVE_STRNSTR ${HAVE_STRNSTR}
+#cmakedefine HAVE_STRCASESTR ${HAVE_STRCASESTR}
17 config/cgi-wrapper.conf
@@ -0,0 +1,17 @@
+# CGI wrapper configuration
+#
+# Use the 'newroot' tool to copy applications to a chroot directory.
+
+# CGIhandler = /path/to/cgi-handler
+#
+#CGIhandler = /usr/bin/perl
+#CGIhandler = /usr/bin/php-cgi
+#CGIhandler = /usr/bin/python
+#CGIhandler = /usr/bin/ruby
+#CGIhandler = /usr/bin/ssi-cgi
+
+# Wrap = <wrap-id>;<cgiroot>;<userid>[:<group>]
+#
+#Wrap = nobody ; /var/www|nobody ; 65534:65534
+#Wrap = somebody ; /var/www/site ; 1001:33,200,201
+#Wrap = hugo ; ~hugo ; hugo
110 config/hiawatha.conf.in
@@ -0,0 +1,110 @@
+# Hiawatha main configuration file
+#
+
+
+# GENERAL SETTINGS
+#
+#ServerId = www-data
+ConnectionsTotal = 150
+ConnectionsPerIP = 10
+SystemLogfile = @LOG_DIR@/system.log
+GarbageLogfile = @LOG_DIR@/garbage.log
+
+
+# BINDING SETTINGS
+# A binding is where a client can connect to.
+#
+Binding {
+ Port = 80
+# Interface = 127.0.0.1
+# MaxKeepAlive = 30
+# TimeForRequest = 3,20
+}
+#
+#Binding {
+# Port = 443
+# Interface = ::1
+# MaxKeepAlive = 30
+# TimeForRequest = 3,20
+# SSLcertFile = hiawatha.pem
+#}
+
+
+# BANNING SETTINGS
+# Deny service to clients who misbehave.
+#
+#BanOnGarbage = 300
+#BanOnMaxPerIP = 60
+#BanOnMaxReqSize = 300
+#KickOnBan = yes
+#RebanDuringBan = yes
+
+
+# COMMON GATEWAY INTERFACE (CGI) SETTINGS
+# These settings can be used to run CGI applications. Use the 'php-fcgi'
+# tool to start PHP as a FastCGI daemon.
+#
+#CGIhandler = /usr/bin/perl:pl
+#CGIhandler = /usr/bin/php-cgi:php
+#CGIhandler = /usr/bin/python:py
+#CGIhandler = /usr/bin/ruby:rb
+#CGIhandler = /usr/bin/ssi-cgi:shtml
+#CGIextension = cgi
+#
+#FastCGIserver {
+# FastCGIid = PHP5
+# ConnectTo = 127.0.0.1:2005
+# Extension = php
+#}
+
+
+# URL TOOLKIT
+# This URL toolkit rule was made for the Banshee PHP framework, which
+# can be downloaded from http://www.hiawatha-webserver.org/banshee
+#
+#UrlToolkit {
+# ToolkitID = banshee
+# RequestURI isfile Return
+# Match ^/(css|files|images|js|slimstat)($|/) Return
+# Match ^/(favicon.ico|robots.txt|sitemap.xml)$ Return
+# Match .*\?(.*) Rewrite /index.php?$1
+# Match .* Rewrite /index.php
+#}
+
+
+# DEFAULT WEBSITE
+# It is wise to use your IP address as the hostname of the default website
+# and give it a blank webpage. By doing so, automated webscanners won't find
+# your possible vulnerable website.
+#
+Hostname = 127.0.0.1
+WebsiteRoot = @WEBROOT_DIR@
+StartFile = index.html
+AccessLogfile = @LOG_DIR@/access.log
+ErrorLogfile = @LOG_DIR@/error.log
+#ErrorHandler = 404:/error.cgi
+
+
+# VIRTUAL HOSTS
+# Use a VirtualHost section to declare the websites you want to host.
+#
+#VirtualHost {
+# Hostname = www.my-domain.com
+# WebsiteRoot = /var/www/my-domain/public
+# StartFile = index.php
+# AccessLogfile = /var/www/my-domain/log/access.log
+# ErrorLogfile = /var/www/my-domain/log/error.log
+# TimeForCGI = 5
+# UseFastCGI = PHP5
+# UseToolkit = banshee
+#}
+
+
+# DIRECTORY SETTINGS
+# You can specify some settings per directory.
+#
+#Directory {
+# Path = /home/baduser
+# ExecuteCGI = no
+# UploadSpeed = 10,2
+#}
117 config/index.xslt
@@ -0,0 +1,117 @@
+<?xml version="1.0" ?>
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+
+<xsl:output method="html" encoding="utf-8" doctype-public="-//W3C//DTD HTML 4.01//EN" doctype-system="http://www.w3.org/TR/html4/strict.dtd" />
+
+<xsl:template match="/index">
+<html>
+
+<head>
+<title><xsl:value-of select="hostname" /> : <xsl:value-of select="request_uri" /></title>
+<style type="text/css">
+ body {
+ background-color:#ffffff;
+ font-family:sans-serif;
+ font-size:12px;
+ padding:25px 100px 25px 100px;
+ }
+
+ h1 {
+ letter-spacing:5px;
+ }
+
+ table.list {
+ width:100%;
+ padding:20px;
+ border-spacing:0;
+ border:1px solid #c0c0c0;
+ background-color:#f4f4f4;
+ border-radius:15px;
+ box-shadow:6px 12px 10px #808080;
+ }
+
+ tr.header th {
+ border-bottom:1px solid #e0e0e0;
+ letter-spacing:1px;
+ }
+ tr.header th.timestamp {
+ width:160px;
+ }
+ tr.header th.size {
+ width:140px;
+ }
+
+ tr.file td {
+ border-bottom:1px solid #e0e0e0;
+ padding:2px 15px;
+ }
+ tr.file:hover td {
+ background-color:#ffffc0;
+ cursor:pointer;
+ }
+ tr.file:nth-child(even) {
+ background-color:#e8e8f0;
+ }
+ tr.file:nth-child(odd) {
+ background-color:#f0f0f8;
+ }
+ tr.file td.size {
+ text-align:right;
+ }
+ tr.file td.dir a {
+ color:#0000ff;
+ }
+ tr.file td.file a {
+ color:#4080ff;
+ }
+
+ tr.bottom td {
+ padding:20px 15px 0 15px;
+ }
+ tr.bottom td.totalsize {
+ text-align:right;
+ }
+
+ a {
+ text-decoration:none;
+ }
+
+ div.powered {
+ margin-top:40px;
+ text-align:center;
+ color:#808080;
+ }
+ div.powered a {
+ color:#80b0c0;
+ }
+</style>
+</head>
+
+<body>
+<h1><xsl:value-of select="hostname" /> : <xsl:value-of select="request_uri" /></h1>
+<table class="list">
+<tr class="header">
+ <th class="filename">filename</th>
+ <th class="timestamp">timestamp</th>
+ <th class="size">filesize</th>
+</tr>
+<xsl:for-each select="files/file">
+<tr class="file" onClick="javascript:window.location.href='{@url_encoded}'">
+ <td class="{@type}"><a href="{@url_encoded}"><xsl:value-of select="." /></a></td>
+ <td><xsl:value-of select="@timestamp" /></td>
+ <td class="size"><xsl:value-of select="@size" /></td>
+</tr>
+</xsl:for-each>
+<tr class="bottom">
+ <td class="totalfiles"><xsl:value-of select="count(files/file)" /> files</td>
+ <td></td>
+ <td class="totalsize"><xsl:value-of select="total_size" /></td>
+</tr>
+</table>
+<div class="powered">Powered by <a href="http://www.hiawatha-webserver.org/" target="_blank"><xsl:value-of select="software" /></a></div>
+</body>
+
+</html>
+</xsl:template>
+
+</xsl:stylesheet>
91 config/mimetype.conf
@@ -0,0 +1,91 @@
+# Application
+#
+application/json json
+application/pdf pdf
+application/pkcs-crl crl
+application/postscript ps ai eps
+application/vnd.google-earth.kml+xml kml
+application/vnd.google-earth.kmz kmz
+application/xml xml xsl xslt
+application/x-binary bin
+application/x-bzip2 bz2
+application/x-debian-package deb
+application/x-dvi dvi
+application/x-gzip gz
+application/x-java-archive jar
+application/x-java-vm class
+application/x-latex latex
+application/x-msdos-program com exe bat dll
+application/x-redhat-packet-manager rpm
+application/x-shockwave-flash swf swfl
+application/x-sh sh
+application/x-tar tgz tar
+application/x-trash bak old
+application/x-x509-ca-cert crt cer pem
+application/zip zip
+
+# Application / Office
+#
+application/excel xls xlb xlc xlt
+application/msaccess mdb
+application/msword doc dot
+application/powerpoint ppt pps pot
+application/vnd.openxmlformats-officedocument.presentationml.presentation pptx
+application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx
+application/vnd.openxmlformats-officedocument.wordprocessingml.document docx
+application/vnd.oasis.opendocument.graphics odg
+application/vnd.oasis.opendocument.presentation odp
+application/vnd.oasis.opendocument.spreadsheet ods
+application/vnd.oasis.opendocument.text odt
+
+# Audio
+#
+audio/basic au snd
+audio/midi mid midi rmi
+audio/mp4a-latm m4a m4b m4p
+audio/mpeg mp3 m4a
+audio/ogg ogg
+audio/x-aac aac
+audio/x-wav wav
+
+# Image
+#
+image/bmp bmp
+image/gif gif
+image/jpeg jpg jpeg jpe
+image/pcx pcx
+image/png png
+image/svg+xml svg svgz
+image/tiff tiff tif
+image/vnd.nok-oplogo-color nol
+image/x-icon ico
+
+# Text
+#
+text/cache-manifest cache
+text/calendar ics
+text/css css
+text/html htm html xhtml
+text/javascript js
+text/plain asc asm txt text diff h java log
+text/richtext rtf
+text/vnd.wap.wml wml
+text/x-c c h
+text/x-c++src c++ cpp cxx cc
+text/x-pascal p pas
+text/x-tcl tcl tk
+text/x-tex tex ltx sty cls
+
+# Video
+#
+video/3gpp 3gp 3gpp amr
+video/avi avi
+video/mpeg mpeg mpg mpe mp2
+video/mp4 mp4
+video/quicktime qt mov
+video/flv flv
+video/x-ms-asf asf asr asx
+
+# Virtual reality
+#
+x-world/x-vrml flr vrm vrml wrl wrz xaf xof
23 config/php-fcgi.conf.in
@@ -0,0 +1,23 @@
+# PHP FastCGI configuration
+
+# Path to PID-file.
+# PidFile = <filename>
+#
+PidFile = @PID_DIR@/php-fcgi.pid
+
+# Number of maximum requests per fork before respawning.
+# MaxRequests = <number>
+#
+MaxRequests = 100
+
+# Set environment variables for the FastCGI processes.
+# Setenv <key> = <value>
+#
+
+# PHP FastCGI servers to start.
+# Server = <php-cgi executable>;<forks>;<binding>;<UID>[:<GIDs>][;<PHP configuration file>]
+#
+#Server = /usr/bin/php5-cgi ; 3 ; /var/lib/hiawatha/php-fcgi.sock ; www-data
+#Server = /usr/bin/php5-cgi ; 2 ; 127.0.0.1:2005 ; 1000:100,101
+#Server = /usr/bin/php5-cgi ; 3 ; 127.0.0.1:2005 ; www-data ; /etc/php5/cgi/php.ini
+#Server = /usr/chroot|usr/bin/php5-cgi ; 1 ; 127.0.0.1:2005 ; www-data
23 config/toolkit.conf
@@ -0,0 +1,23 @@
+UrlToolkit {
+ Call <rewrite_id>
+ Match <url> Ban <seconds>
+ Match <url> Call <toolkit_id>
+ Match <url> DenyAccess
+ Match <url> Exit
+ Match <url> Expire <number> (seconds|minutes|hours|days|weeks|months) [return|exit]
+ Match <url> Goto <toolkit_id>
+ Match <url> Return
+ Match <url> Rewrite <replace> [<max_loop>] [continue|return]
+ Match <url> Redirect <url>
+ Match <url> Skip <lines>
+ Match <url> UseFastCGI <fastcgi_server_id>
+ OldBrowser <url>
+ RequestURI (exists|isfile|isdir) (return|exit)
+ Skip <lines>
+ ToolkitID = <toolkit_id>
+ UseSSL Call <toolkit_id>
+ UseSSL Exit
+ UseSSL Goto <toolkit_id>
+ UseSSL Return
+ UseSSL Skip <lines>
+}
47 extra/config.h
@@ -0,0 +1,47 @@
+/* Directory settings
+ */
+#define CONFIG_DIR "/etc/hiawatha"
+#define LOG_DIR "/var/log/hiawatha"
+#define PID_DIR "/var/run"
+#define SBIN_DIR "/usr/sbin"
+#define VERSION "8.5"
+#define WEBROOT_DIR "/var/www/hiawatha"
+#define WORK_DIR "/var/lib/hiawatha"
+
+/* Settings
+ */
+#define _GNU_SOURCE 1
+/* #undef CYGWIN */