pkgsrc.se | The NetBSD package collection

./www/mini_httpd, Small, forking webserver with IPv6 and SSL support

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 1.30nb2, Package name: mini_httpd-1.30nb2, Maintainer: reed

mini_httpd is a small HTTP server. Its performance is not great, but for
low or medium traffic sites it's quite adequate. It implements all the
basic features of an HTTP server, including:

* GET, HEAD, and POST methods.
* CGI.
* Basic authentication.
* Security against ".." filename snooping.
* The common MIME types.
* Trailing-slash redirection.
* index.html, index.htm, index.cgi
* Directory listings.
* Multihoming / virtual hosting.
* Standard logging.
* Custom error pages.

It can also be configured to do SSL/HTTPS and IPv6.

Required to run:
[security/openssl]

Required to build:
[pkgtools/cwrappers]

Master sites:

http://www.acme.com/software/mini_httpd/

Version history: (Expand)

(2023-10-25) Updated to version: mini_httpd-1.30nb2
(2020-01-19) Updated to version: mini_httpd-1.30nb1
(2019-11-12) Updated to version: mini_httpd-1.30
(2017-09-29) Updated to version: mini_httpd-1.27
(2016-03-05) Updated to version: mini_httpd-1.21nb1
(2015-04-12) Updated to version: mini_httpd-1.21

CVS history: (Expand)

2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298)

Log message:
*: bump for openssl 3

2021-10-26 13:31:15 by Nia Alarie | Files touched by this commit (1030)

Log message:
www: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Not committed (merge conflicts):
www/nghttp2/distinfo

Unfetchable distfiles (almost certainly fetched conditionally...):
./www/nginx-devel/distinfo array-var-nginx-module-0.05.tar.gz
./www/nginx-devel/distinfo echo-nginx-module-0.62.tar.gz
./www/nginx-devel/distinfo encrypted-session-nginx-module-0.08.tar.gz
./www/nginx-devel/distinfo form-input-nginx-module-0.12.tar.gz
./www/nginx-devel/distinfo headers-more-nginx-module-0.33.tar.gz
./www/nginx-devel/distinfo lua-nginx-module-0.10.19.tar.gz
./www/nginx-devel/distinfo naxsi-1.3.tar.gz
./www/nginx-devel/distinfo nginx-dav-ext-module-3.0.0.tar.gz
./www/nginx-devel/distinfo nginx-rtmp-module-1.2.2.tar.gz
./www/nginx-devel/distinfo nginx_http_push_module-1.2.10.tar.gz
./www/nginx-devel/distinfo ngx_cache_purge-2.5.1.tar.gz
./www/nginx-devel/distinfo ngx_devel_kit-0.3.1.tar.gz
./www/nginx-devel/distinfo ngx_http_geoip2_module-3.3.tar.gz
./www/nginx-devel/distinfo njs-0.5.0.tar.gz
./www/nginx-devel/distinfo set-misc-nginx-module-0.32.tar.gz
./www/nginx/distinfo array-var-nginx-module-0.05.tar.gz
./www/nginx/distinfo echo-nginx-module-0.62.tar.gz
./www/nginx/distinfo encrypted-session-nginx-module-0.08.tar.gz
./www/nginx/distinfo form-input-nginx-module-0.12.tar.gz
./www/nginx/distinfo headers-more-nginx-module-0.33.tar.gz
./www/nginx/distinfo lua-nginx-module-0.10.19.tar.gz
./www/nginx/distinfo naxsi-1.3.tar.gz
./www/nginx/distinfo nginx-dav-ext-module-3.0.0.tar.gz
./www/nginx/distinfo nginx-rtmp-module-1.2.2.tar.gz
./www/nginx/distinfo nginx_http_push_module-1.2.10.tar.gz
./www/nginx/distinfo ngx_cache_purge-2.5.1.tar.gz
./www/nginx/distinfo ngx_devel_kit-0.3.1.tar.gz
./www/nginx/distinfo ngx_http_geoip2_module-3.3.tar.gz
./www/nginx/distinfo njs-0.5.0.tar.gz
./www/nginx/distinfo set-misc-nginx-module-0.32.tar.gz

2021-10-07 17:09:00 by Nia Alarie | Files touched by this commit (1033)

Log message:
www: Remove SHA1 hashes for distfiles

2021-06-06 15:43:55 by Nia Alarie | Files touched by this commit (1)

Log message:
mini_httpd: define LICENSE, link -lcrypt on all nondarwin

2020-01-18 22:51:16 by Jonathan Perkin | Files touched by this commit (1836)

Log message:
*: Recursive revision bump for openssl 1.1.1.

2019-11-12 19:39:46 by Niclas Rosenvik | Files touched by this commit (2)

Log message:
Update mini_httpd to version 1.30

pkgsrc changes: added -lsendfile to SunOS build to make it work.

Release notes:

New in version 1.30:
Enlarged request read buffer to 50KB.
Fix security bug that let remote users read arbitrary files. (CVE-2018-18778)

New in version 1.29:
Allow CGI to handle HTTP methods besides GET/HEAD/POST.

New in version 1.28:
Fix to buffer overrun bug in htpasswd. Reported by Alessio Santoru as CVE-2017-17663.
Some fixes to keep connections from getting stuck forever in FIN_WAIT_2 state.

2017-09-29 09:57:38 by Wen Heping | Files touched by this commit (2)

Log message:
Update to 1.27

Upstream changes:
 New in version 1.27:

    Fixed bug that prevented binary CGI results from working. This bug was \ 
introduced in 1.23. Noticed and diagnosed by Qipeng Zhang.

New in version 1.26:

    Long-standing bug on FreeBSD using http but not https. Files were getting \ 
truncated at 1MB. This was due to improper usage of sendfile(2), and not testing \ 
the http path since I only use mini_httpd for https. Since Linux has a \ 
completely different sendfile(2) call, it was not affected. And since https does \ 
not use sendfile(2), it also was not affected.

New in version 1.25:

    Improvements to the FreeBSD startup script. (Craig Leres)
    Improvement to SSL support.

New in version 1.24:

    Disable SSLv2 to prevent DROWN attack.
    Fix binary POST request reading. (Erik Waling)

New in version 1.23:

    Fixed CVE-2015-1548, a buffer overflow via snprintf.

New in version 1.22:

    Don't do TCP_NOPUSH on SSL connections. It doesn't help and causes problems.
    Use memmove() for self-overlapping string copies instead of strcpy().

2016-03-05 12:29:49 by Jonathan Perkin | Files touched by this commit (1813)

Log message:
Bump PKGREVISION for security/openssl ABI bump.