diff options
Diffstat (limited to 'network')
-rw-r--r-- | network/lighttpd/conf/lighttpd.conf (renamed from network/lighttpd/lighttpd.conf) | 67 | ||||
-rw-r--r-- | network/lighttpd/conf/lighttpd.logrotate (renamed from network/lighttpd/lighttpd.logrotate) | 0 | ||||
-rw-r--r-- | network/lighttpd/conf/rc.lighttpd (renamed from network/lighttpd/rc.lighttpd) | 0 | ||||
-rw-r--r-- | network/lighttpd/lighttpd.SlackBuild | 10 | ||||
-rw-r--r-- | network/lighttpd/lighttpd.info | 6 |
5 files changed, 75 insertions, 8 deletions
diff --git a/network/lighttpd/lighttpd.conf b/network/lighttpd/conf/lighttpd.conf index 0565ef3aeb5cf..974218d60abaf 100644 --- a/network/lighttpd/lighttpd.conf +++ b/network/lighttpd/conf/lighttpd.conf @@ -221,6 +221,48 @@ server.groupname = "lighttpd" # #### SSL engine +####################################################################### +### +### SSL Support +### ------------- +### +### To enable SSL for the whole server you have to provide a valid +### certificate and have to enable the SSL engine.:: +### +### ssl.engine = "enable" +### ssl.pemfile = "/path/to/server.pem" +### +### The HTTPS protocol does not allow you to use name-based virtual +### hosting with SSL. If you want to run multiple SSL servers with +### one lighttpd instance you must use IP-based virtual hosting: :: +### +### $SERVER["socket"] == "10.0.0.1:443" { +### ssl.engine = "enable" +### ssl.pemfile = "/etc/ssl/private/www.example.com.pem" +### # +### # Mitigate BEAST attack: +### # +### # A stricter base cipher suite. For details see: +### # http://blog.ivanristic.com/2011/10/mitigating-the-beast-attack-on-tls.html +### # +### ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM" +### # +### # Make the server prefer the order of the server side cipher suite instead of the client suite. +### # This is necessary to mitigate the BEAST attack (unless you disable all non RC4 algorithms). +### # This option is enabled by default, but only used if ssl.cipher-list is set. +### # +### # ssl.honor-cipher-order = "enable" +### # +### # Mitigate CVE-2009-3555 by disabling client triggered renegotation +### # This is enabled by default. +### # +### # ssl.disable-client-renegotiation = "enable" +### # +### server.name = "www.example.com" +### +### server.document-root = "/var/www/vhosts/example.com/www/" +### } +### #ssl.engine = "enable" #ssl.pemfile = "server.pem" @@ -311,6 +353,31 @@ server.groupname = "lighttpd" #index-file.names = (foo + ".php") + index-file.names #index-file.names += (foo + ".php") +## Another example on how to start an FastCGI server for php - uses php-cgi +## - copy the php.ini from /etc/httpd/php.ini into /etc/lighttpd/ +## (or change the path, if you prefeer): don't forget to enable in it +## cgi.fix_pathinfo = 1 +## - the socket is created into /var/run/lighttpd/ +## - /var/lib/php must be owned by the user owning the lighttpd +## process for php supporting sessions +## Uncomment the section below to enable. +#fastcgi.server = ( ".php" => +# (( +# "bin-path" => "/usr/bin/php-cgi -c /etc/lighttpd/php.ini", +# "socket" => "/var/run/lighttpd/php.socket", +# "max-procs" => 1, +# "idle-timeout" => 20, +# "bin-environment" => ( +# "PHP_FCGI_CHILDREN" => "8", +# "PHP_FCGI_MAX_REQUESTS" => "200" +# ), +# "bin-copy-environment" => ( +# "PATH", "SHELL", "USER" +# ), +# "broken-scriptfilename" => "enable" +# )) +#) + #### include #include /etc/lighttpd/lighttpd-inc.conf ## same as above if you run: "lighttpd -f /etc/lighttpd/lighttpd.conf" diff --git a/network/lighttpd/lighttpd.logrotate b/network/lighttpd/conf/lighttpd.logrotate index 65c13f36c8b8a..65c13f36c8b8a 100644 --- a/network/lighttpd/lighttpd.logrotate +++ b/network/lighttpd/conf/lighttpd.logrotate diff --git a/network/lighttpd/rc.lighttpd b/network/lighttpd/conf/rc.lighttpd index 919f6b2104251..919f6b2104251 100644 --- a/network/lighttpd/rc.lighttpd +++ b/network/lighttpd/conf/rc.lighttpd diff --git a/network/lighttpd/lighttpd.SlackBuild b/network/lighttpd/lighttpd.SlackBuild index 38e3ffb593972..46b7245822c65 100644 --- a/network/lighttpd/lighttpd.SlackBuild +++ b/network/lighttpd/lighttpd.SlackBuild @@ -23,7 +23,7 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PRGNAM=lighttpd -VERSION=1.4.28 +VERSION=1.4.31 BUILD=${BUILD:-1} TAG=${TAG:-_SBo} @@ -79,7 +79,7 @@ rm -rf $PKG mkdir -p $TMP $PKG $OUTPUT cd $TMP rm -rf $PRGNAM-$VERSION -tar xvf $CWD/$PRGNAM-$VERSION.tar.bz2 +tar xvf $CWD/$PRGNAM-$VERSION.tar.?z* cd $PRGNAM-$VERSION chown -R root:root . chmod -R u+w,go+r-w,a-s . @@ -109,9 +109,9 @@ touch $PKG/var/log/lighttpd/{access,error}.log.new mkdir -p $PKG/var/run/lighttpd chown $LIGHTTPD_USER:$LIGHTTPD_GROUP $PKG/var/run/lighttpd -install -D -m 0755 $CWD/rc.$PRGNAM $PKG/etc/rc.d/rc.$PRGNAM.new -install -D -m 0644 $CWD/$PRGNAM.conf $PKG/etc/$PRGNAM/$PRGNAM.conf.new -install -D -m 0644 $CWD/$PRGNAM.logrotate $PKG/etc/logrotate.d/lighttpd.new +install -D -m 0755 $CWD/conf/rc.$PRGNAM $PKG/etc/rc.d/rc.$PRGNAM.new +install -D -m 0644 $CWD/conf/$PRGNAM.conf $PKG/etc/$PRGNAM/$PRGNAM.conf.new +install -D -m 0644 $CWD/conf/$PRGNAM.logrotate $PKG/etc/logrotate.d/lighttpd.new chown -R $LIGHTTPD_USER:$LIGHTTPD_GROUP $PKG/var/log/lighttpd/ chown -R $LIGHTTPD_USER:$LIGHTTPD_GROUP $PKG/var/cache/lighttpd diff --git a/network/lighttpd/lighttpd.info b/network/lighttpd/lighttpd.info index 148fd1e5ac716..8f09904367138 100644 --- a/network/lighttpd/lighttpd.info +++ b/network/lighttpd/lighttpd.info @@ -1,8 +1,8 @@ PRGNAM="lighttpd" -VERSION="1.4.28" +VERSION="1.4.31" HOMEPAGE="http://www.lighttpd.net/" -DOWNLOAD="http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.28.tar.bz2" -MD5SUM="586eb535d31ac299652495b058dd87c4" +DOWNLOAD="http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.31.tar.xz" +MD5SUM="7d52994042f9c9202c55db8440997130" DOWNLOAD_x86_64="" MD5SUM_x86_64="" REQUIRES="" |