Permalink
Browse files

Release 8.7

  • Loading branch information...
1 parent a98bd07 commit b279f6928b665e9daa040fdda63aa03b10cb479e @hsleisink committed Feb 14, 2013
Showing with 890 additions and 1,196 deletions.
  1. +0 −12 CMakeFiles.txt
  2. +2 −3 CMakeLists.txt
  3. +13 −0 ChangeLog
  4. +1 −1 INSTALL
  5. +1 −2 config/hiawatha.conf.in
  6. +1 −0 config/mimetype.conf
  7. +0 −25 config/php-fcgi.conf.in
  8. +1 −1 config/toolkit.conf
  9. +1 −1 extra/debian/control
  10. +0 −1 extra/debian/hiawatha.postinst
  11. +0 −1 extra/debian/hiawatha.postrm
  12. +0 −69 extra/debian/init.d/php-fcgi
  13. +0 −52 extra/hiawatha.html
  14. +0 −2 extra/macosx/diskimage/Uninstallation.txt
  15. +1 −0 extra/make_debian_package
  16. +2 −1 extra/make_macosx_package
  17. +1 −1 extra/make_windows_package
  18. +1 −2 extra/windows/hiawatha.conf
  19. +9 −9 man/hiawatha.1.in
  20. +0 −70 man/php-fcgi.1.in
  21. +28 −0 polarssl/ChangeLog
  22. +1 −0 polarssl/include/.gitignore
  23. +1 −1 polarssl/include/polarssl/aes.h
  24. +1 −1 polarssl/include/polarssl/arc4.h
  25. +7 −2 polarssl/include/polarssl/bignum.h
  26. +1 −1 polarssl/include/polarssl/blowfish.h
  27. +1 −1 polarssl/include/polarssl/camellia.h
  28. +4 −3 polarssl/include/polarssl/config.h
  29. +1 −1 polarssl/include/polarssl/des.h
  30. +1 −1 polarssl/include/polarssl/dhm.h
  31. +5 −0 polarssl/include/polarssl/gcm.h
  32. +2 −2 polarssl/include/polarssl/pkcs11.h
  33. +3 −0 polarssl/include/polarssl/rsa.h
  34. +29 −13 polarssl/include/polarssl/ssl.h
  35. +4 −4 polarssl/include/polarssl/version.h
  36. +2 −2 polarssl/include/polarssl/x509.h
  37. +1 −1 polarssl/include/polarssl/xtea.h
  38. +2 −0 polarssl/library/.gitignore
  39. +1 −1 polarssl/library/CMakeLists.txt
  40. +7 −1 polarssl/library/Makefile
  41. +6 −7 polarssl/library/bignum.c
  42. +1 −1 polarssl/library/ctr_drbg.c
  43. +1 −1 polarssl/library/entropy_poll.c
  44. +2 −2 polarssl/library/error.c
  45. +2 −2 polarssl/library/gcm.c
  46. +1 −1 polarssl/library/pkcs11.c
  47. +21 −14 polarssl/library/rsa.c
  48. +113 −30 polarssl/library/ssl_cli.c
  49. +82 −16 polarssl/library/ssl_srv.c
  50. +25 −2 polarssl/library/ssl_tls.c
  51. +60 −51 polarssl/library/x509parse.c
  52. +0 −2 polarssl/library/x509write.c
  53. +19 −8 src/cache.c
  54. +1 −1 src/cgi.c
  55. +5 −0 src/envir.c
  56. +18 −13 src/hiawatha.c
  57. +10 −2 src/http.c
  58. +10 −10 src/httpauth.c
  59. +2 −2 src/libip.c
  60. +5 −11 src/liblist.c
  61. +0 −2 src/liblist.h
  62. +46 −10 src/libssl.c
  63. +4 −1 src/libssl.h
  64. +32 −2 src/libstr.c
  65. +6 −0 src/libstr.h
  66. +4 −4 src/monitor.c
  67. +0 −550 src/php-fcgi.c
  68. +82 −37 src/rproxy.c
  69. +1 −1 src/rproxy.h
  70. +15 −32 src/send.c
  71. +15 −1 src/serverconfig.c
  72. +1 −0 src/serverconfig.h
  73. +11 −11 src/session.c
  74. +100 −49 src/target.c
  75. +3 −1 src/tomahawk.c
  76. +0 −1 src/toolkit.h
  77. +1 −1 src/wigwam.c
  78. +49 −29 src/xslt.c
View
@@ -39,16 +39,6 @@ if(NOT ENABLE_SSL)
set(hiawatha_src ${hiawatha_src} polarssl/library/base64.c polarssl/library/md5.c)
endif()
-# php-fcgi sources
-set(php_fcgi_src
- src/alternative.c
- src/libip.c
- src/liblist.c
- src/libstr.c
- src/php-fcgi.c
- src/userconfig.c
-)
-
# ssi-cgi sources
set(ssi_cgi_src
src/alternative.c
@@ -80,7 +70,6 @@ set(config_files
set(config_files_in
config/hiawatha.conf
- config/php-fcgi.conf
)
# manual pages
@@ -92,5 +81,4 @@ set(manual_pages
set(manual_pages_in
man/cgi-wrapper.1
man/hiawatha.1
- man/php-fcgi.1
)
View
@@ -29,7 +29,7 @@ include(cmake/CopyIfNotExists.cmake)
# Settings
set(HIAWATHA_VERSION_MAJOR 8)
-set(HIAWATHA_VERSION_MINOR 6)
+set(HIAWATHA_VERSION_MINOR 7)
set(HIAWATHA_VERSION_PATCH 0)
string(TOLOWER ${CMAKE_PROJECT_NAME} PROJECT_NAME)
if(${HIAWATHA_VERSION_PATCH} EQUAL 0)
@@ -115,7 +115,6 @@ configure_file(extra/logrotate.in logrotate.d/hiawatha)
# Binaries
add_executable(cgi-wrapper ${cgi_wrapper_src})
add_executable(hiawatha ${hiawatha_src})
-add_executable(php-fcgi ${php_fcgi_src})
add_executable(ssi-cgi ${ssi_cgi_src})
add_executable(wigwam ${wigwam_src})
target_link_libraries(wigwam ${CRYPT_LIBRARY})
@@ -129,7 +128,7 @@ if(ENABLE_XSLT)
endif()
# Installation
-install(TARGETS hiawatha php-fcgi wigwam DESTINATION ${CMAKE_INSTALL_SBINDIR})
+install(TARGETS hiawatha wigwam DESTINATION ${CMAKE_INSTALL_SBINDIR})
install(TARGETS cgi-wrapper DESTINATION ${CMAKE_INSTALL_SBINDIR}
PERMISSIONS OWNER_READ OWNER_WRITE OWNER_EXECUTE GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE SETUID)
install(TARGETS ssi-cgi DESTINATION ${CMAKE_INSTALL_BINDIR})
View
@@ -1,3 +1,16 @@
+hiawatha (8.7) stable; urgency=low
+
+ * Support for HTTP Strict Transport Security (RFC 6797). Integrated
+ in RequireSSL option.
+ * DHsize option added.
+ * PolarSSL updated to version 1.2.3.
+ * CloudFlare headers placed in environment variables.
+ * Removed php-fcgi.
+ * Small improvements.
+ * Bugfix: slow page loading via Reverse Proxy.
+
+ -- Hugo Leisink <hugo@leisink.net> Wed, 9 Jan 2013 20:18:23 +0100
+
hiawatha (8.6) stable; urgency=low
* PolarSSL updated to version 1.2. Added support for TLS 1.2 and
View
@@ -30,7 +30,7 @@ The following path settings are available for cmake.
-DCMAKE_INSTALL_MANDIR=<path> Manual pages will be installed in <path>/man1.
-DCONFIG_DIR=<path> Location of the Hiawatha configuration files.
-DLOG_DIR=<path> Log directory used in the default hiawatha.conf.
- -DPID_DIR=<path> Location of the Hiawatha and php-fcgi PID files.
+ -DPID_DIR=<path> Location of the Hiawatha PID file.
-DWEBROOT_DIR=<path> Webroot directory used in the default hiawatha.conf.
-DWORK_DIR=<path> Path of directory where Hiawatha can write temporary files.
View
@@ -41,8 +41,7 @@ Binding {
# COMMON GATEWAY INTERFACE (CGI) SETTINGS
-# These settings can be used to run CGI applications. Use the 'php-fcgi'
-# tool to start PHP as a FastCGI daemon.
+# These settings can be used to run CGI applications.
#
#CGIhandler = /usr/bin/perl:pl
#CGIhandler = /usr/bin/php-cgi:php
View
@@ -65,6 +65,7 @@ image/x-icon ico
text/cache-manifest cache
text/calendar ics
text/css css
+text/csv csv
text/html htm html xhtml
text/javascript js
text/plain asc asm txt text diff h java log
View
@@ -1,25 +0,0 @@
-# PHP FastCGI configuration
-
-# !! Warning, this tool is deprecated. Use php-fpm instead.
-
-# Path to PID-file.
-# PidFile = <filename>
-#
-PidFile = @PID_DIR@/php-fcgi.pid
-
-# Number of maximum requests per fork before respawning.
-# MaxRequests = <number>
-#
-MaxRequests = 100
-
-# Set environment variables for the FastCGI processes.
-# Setenv <key> = <value>
-#
-
-# PHP FastCGI servers to start.
-# Server = <php-cgi executable>;<forks>;<binding>;<UID>[:<GIDs>][;<PHP configuration file>]
-#
-#Server = /usr/bin/php5-cgi ; 3 ; /var/lib/hiawatha/php-fcgi.sock ; www-data
-#Server = /usr/bin/php5-cgi ; 2 ; 127.0.0.1:2005 ; 1000:100,101
-#Server = /usr/bin/php5-cgi ; 3 ; 127.0.0.1:2005 ; www-data ; /etc/php5/cgi/php.ini
-#Server = /usr/chroot|usr/bin/php5-cgi ; 1 ; 127.0.0.1:2005 ; www-data
View
@@ -12,7 +12,7 @@ UrlToolkit {
Match <url> Skip <lines>
Match <url> UseFastCGI <fastcgi_server_id>
OldBrowser <url>
- RequestURI (exists|isfile|isdir) (return|exit)
+ RequestURI exists|isfile|isdir return|exit
Skip <lines>
ToolkitID = <toolkit_id>
UseSSL Call <toolkit_id>
View
@@ -9,7 +9,7 @@ Build-Depends: libc6-dev, dpkg-dev, debhelper, fakeroot, libxml2-dev, libxslt1-d
Package: hiawatha
Architecture: any
Depends: ${shlibs:Depends}, logrotate
-Suggests: php5-cgi
+Suggests: php5-fpm
Conflicts:
Provides: httpd, httpd-cgi
Description: Advanced and secure webserver for Unix
@@ -2,4 +2,3 @@
set -e
#DEBHELPER#
-update-rc.d php-fcgi defaults > /dev/null
@@ -2,4 +2,3 @@
set -e
#DEBHELPER#
-update-rc.d -f php-fcgi remove >/dev/null || exit $?
@@ -1,69 +0,0 @@
-#!/bin/bash
-#
-# PHP-FastCGI start/stop script
-#
-### BEGIN INIT INFO
-# Provides: php-fcgi
-# Required-Start: $syslog $network $remote_fs
-# Required-Stop: $syslog $network $remote_fs
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-# Short-Description: PHP FastCGI daemon
-# Description: Run PHP as a FastCGI daemon.
-### END INIT INFO
-
-PATH="/bin:/usr/bin:/sbin:/usr/sbin"
-PHP_FCGI="/usr/sbin/php-fcgi"
-PIDFILE="/var/run/php-fcgi.pid"
-
-NORMAL="\033[0m"
-RED="\033[00;31m"
-YELLOW="\033[00;33m"
-GREEN="\033[00;32m"
-
-test -f ${PHP_FCGI} || exit 0
-
-function start_php_fcgi {
- if [ -f ${PIDFILE} ]; then
- echo -e ${YELLOW}"FastCGI server is already running"${NORMAL}
- else
- echo -n "Starting FastCGI server: "
- ${PHP_FCGI} -q
- result=$?
- if [ "${result}" = "0" ]; then
- echo -e ${GREEN}"PHP"${NORMAL}
- else
- echo -e ${RED}"error!"${NORMAL}
- fi
- fi
-}
-
-function stop_php_fcgi {
- if [ -f ${PIDFILE} ]; then
-
- echo -en "Stopping FastCGI server: "${GREEN}
- ${PHP_FCGI} -q -k
- echo -e "PHP"${NORMAL}
- else
- echo -e ${YELLOW}"FastCGI server is not running"${NORMAL}
- fi
-}
-
-case "$1" in
- start)
- start_php_fcgi
- ;;
- stop)
- stop_php_fcgi
- ;;
- restart|force-reload)
- stop_php_fcgi
- start_php_fcgi
- ;;
- *)
- echo "Usage: $0 {start|stop|restart}"
- exit 1
- ;;
-esac
-
-exit 0
View
@@ -1,52 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
-<html>
-<head>
-<base href="http://www.hiawatha-webserver.org/" />
-<title>Hiawatha webserver</title>
-<link rel="stylesheet" type="text/css" href="/css/includes/layout_hiawatha.css" title="Hiawatha webserver" />
-</head>
-
-<body>
-<div class="header">
- <div class="wrapper">
- <div class="menu"><ul>
- <li><a href="/">Homepage</a></li>
- <li><a href="/about">About</a></li>
- <li><a href="/download">Download</a></li>
- <li><a href="/support">Support</a></li>
- <li><a href="/weblog">Weblog</a></li>
- </ul></div>
- </div>
-</div>
-
-<div class="title">
- <div class="wrapper">
- </div>
-</div>
-
-<div class="page">
- <div class="wrapper">
- <div class="content">
- <img src="/images/hiawatha_logo.png" alt="Hiawatha logo" class="logo">
- <h1>Congratulations</h1>
- <h2>Hiawatha webserver</h2>
- <p>The Hiawatha webserver has successfully been installed on this computer. For more information about this webserver, visit the <a href="http://www.hiawatha-webserver.org/">Hiawatha website</a>.</p>
- <p>Please, give some feedback about your Hiawatha experiences at the <a href="http://www.hiawatha-webserver.org/forum">Hiawatha forum</a>.</p>
- <h2>Hiawatha Monitor</h2>
- <p>Use the <a href="http://www.hiawatha-webserver.org/monitor">Hiawatha Monitor</a> to keep track of all your websites served by Hiawatha.</p>
- <h2>Banshee PHP framework</h2>
- <p>About to create a new website? Use the <a href="http://www.banshee-php.org/">Banshee PHP framework</a> for improved website security.</p>
- </div>
-
- <br clear="both" />
- </div>
-</div>
-
-<div class="footer">
- <div class="wrapper">
- <div class="copyright">Copyright &#169; by Hugo Leisink. All rights reserved.<br />Built upon the <a href="http://www.banshee-php.org/" target="_blank">Banshee PHP framework</a>.</div>
- </div>
-</div>
-</body>
-
-</html>
@@ -7,11 +7,9 @@ Remove the following files or directories to uninstall the Hiawatha webserver:
/usr/local/lib/hiawatha/
/usr/local/sbin/cgi-wrapper
/usr/local/sbin/hiawatha
- /usr/local/sbin/php-fcgi
/usr/local/sbin/wigwam
/usr/local/share/man/man1/cgi-wrapper.1
/usr/local/share/man/man1/hiawatha.1
- /usr/local/share/man/man1/php-fcgi.1
/usr/local/share/man/man1/ssi-cgi.1
/usr/local/share/man/man1/wigwam.1
/Library/LaunchDaemons/org.hiawatha-webserver.httpd.plist
@@ -53,6 +53,7 @@ make install DESTDIR=`pwd`/debian/hiawatha
echo "-- Building package"
dh_strip
gzip -9 debian/hiawatha/usr/share/man/man1/*
+sed "s/#ServerId/ServerId/" config/hiawatha.conf > debian/hiawatha/etc/hiawatha/hiawatha.conf
cp -r logrotate.d debian/hiawatha/etc
cp -r ../extra/debian/init.d debian/hiawatha/etc
chmod 755 debian/hiawatha/etc/init.d/*
@@ -36,8 +36,9 @@ make
# Make MacOS X package
#
-strip cgi-wrapper hiawatha php-fcgi ssi-cgi wigwam
+strip cgi-wrapper hiawatha ssi-cgi wigwam
make install DESTDIR=`pwd`/root
+sed "s/#ServerId = www-data/ServerId = _www/" config/hiawatha.conf > root/usr/local/etc/hiawatha/hiawatha.conf
mkdir -p root/Library/PreferencePanes
cp -r ../extra/macosx/HiawathaWebserver.prefPane root/Library/PreferencePanes
mkdir -p root/Library/LaunchDaemons
@@ -58,7 +58,7 @@ cp wigwam.exe ${dir}/Hiawatha/bin
cp polarssl/library/cygpolarssl-2.dll ${dir}/Hiawatha/bin
strip ${dir}/Hiawatha/bin/*.exe
-files="cygcrypt-0.dll cyggcc_s-1.dll cygrunsrv.exe cygiconv-2.dll cygwin1.dll cygxml2-2.dll cygxslt-1.dll cygz.dll"
+files="cygcrypt-0.dll cyggcc_s-1.dll cygrunsrv.exe cygiconv-2.dll cygwin1.dll cygxml2-2.dll cygxslt-1.dll cygz.dll cyglzma-5.dll"
for file in ${files}; do
cp /bin/${file} ${dir}/Hiawatha/bin
done
@@ -41,8 +41,7 @@ Binding {
# COMMON GATEWAY INTERFACE (CGI) SETTINGS
-# These settings can be used to run CGI applications. Use the 'php-fcgi'
-# tool to start PHP as a FastCGI daemon.
+# These settings can be used to run CGI applications.
#
#CGIhandler = C:\Program Files\PHP5\php-cgi.exe:php
#CGIhandler = C:\Program Files\Hiawatha\bin\ssi-cgi.exe:shtml
View
@@ -38,9 +38,6 @@ See chapters SERVER CONFIGURATION, BINDING CONFIGURATION, VIRTUAL HOST CONFIGURA
.B mimetype.conf
See chapter MIMETYPES for more information.
.TP
-.B php-fcgi.conf
-See php-fcgi(1) for more information.
-.TP
.B .hiawatha
See chapter USER SETTINGS PER DIRECTORY for more information.
@@ -167,6 +164,11 @@ Maximum number of simultaneous connections.
.br
Default = 100, example: ConnectionsTotal = 250
.TP
+.B DHsize = 1024|2048|4096
+Set the size of the Diffie-Hellman key.
+.br
+Default = PolarSSL's default key size (=1024), Example: DHsize = 4096
+.TP
.B ExploitLogfile = <filename with full path>
Logfile for all exploit attempts: CSRF, denied bodies, SQL injection and XSS
.br
@@ -540,8 +542,8 @@ Default = no, example: RequireSSL = yes
(requires that Hiawatha was not compiled with -DENABLE_SSL=off)
.TP
-.B ReverseProxy <pattern> http[s]://<hostname>[:<port>][/<path>]
-Forward the request with URLs that match the regular expression <pattern> to another webserver, where <path> is placed before the original URL. Note that the reverse proxy selection comes before the URL toolkit handling. When <hostname> is an IP address, the value of the Host HTTP header is unchanged. Otherwise, it is replaced with the value of <hostname>.
+.B ReverseProxy <pattern> http[s]://<hostname>[:<port>][/<path>] [<timeout>]
+Forward the request with URLs that match the regular expression <pattern> to another webserver, where <path> is placed before the original URL. Note that the reverse proxy selection comes before the URL toolkit handling. When <hostname> is an IP address, the value of the Host HTTP header is unchanged. Otherwise, it is replaced with the value of <hostname>. The connection is closed after <timeout> seconds.
.br
Example: ReverseProxy ^/icons http://resources.lan/images
.TP
@@ -694,7 +696,7 @@ and
.\" ==========[ FastCGI configuration ]========================================
.SH FASTCGI CONFIGURATION
-This chapter explains how to use one or more FastCGI servers. Use the 'php-fcgi' tool to start PHP as a FastCGI daemon.
+This chapter explains how to use one or more FastCGI servers.
.TP
.B ConnectTo = <ip-address>:<port number>|<path>[, <ip-address>:<port number>|<path>, ...]
The IP-address and TCP port or UNIX socket Hiawatha must connect to to reach the FastCGI server.
@@ -962,12 +964,10 @@ Clear the internal cache (requires that Hiawatha was not compiled with -DENABLE_
.B /etc/hiawatha/mime.types
.br
.B /etc/hiawatha/cgi-wrapper.conf
-.br
-.B /etc/hiawatha/php-fcgi.conf
.SH SEE ALSO
-cgi-wrapper(1), php-fcgi(1), newroot(1), ssi-cgi(1), wigwam(1)
+cgi-wrapper(1), newroot(1), ssi-cgi(1), wigwam(1)
.SH AUTHOR
Oops, something went wrong.

0 comments on commit b279f69

Please sign in to comment.