diff -Nru mighttpd2-4.0.2/conf/example.conf mighttpd2-4.0.3/conf/example.conf --- mighttpd2-4.0.2/conf/example.conf 2001-09-09 01:46:40.000000000 +0000 +++ mighttpd2-4.0.3/conf/example.conf 2001-09-09 01:46:40.000000000 +0000 @@ -32,7 +32,7 @@ Tls_Chain_Files: chain.pem # Currently, Tls_Key_File must not be encrypted Tls_Key_File: privkey.pem # should change this with an absolute path -Quic_Addr: 127.0.0.1,::1 +Quic_Addr: 0.0.0.0,:: Quic_Port: 443 #Quic_Debug_Dir: /var/log/mighy/quic-debug/ #Quic_Qlog_Dir: /varlog/mighty/qlog/ diff -Nru mighttpd2-4.0.2/conf/example.dhall mighttpd2-4.0.3/conf/example.dhall --- mighttpd2-4.0.2/conf/example.dhall 1970-01-01 00:00:00.000000000 +0000 +++ mighttpd2-4.0.3/conf/example.dhall 2001-09-09 01:46:40.000000000 +0000 @@ -0,0 +1,65 @@ +-- { port : Natural +-- , host : Text +-- , debugMode : Bool +-- , user : Text +-- , group : Text +-- , pidFile : Text +-- , reportFile : Text +-- , logging : Bool +-- , logFile : Text +-- , logFileSize : Natural +-- , logBackupNumber : Natural +-- , indexFile : Text +-- , indexCgi : Text +-- , statusFileDir : Text +-- , connectionTimeout : Natural +-- , proxyTimeout : Natural +-- , fdCacheDuration : Natural +-- , service : Natural +-- , tlsPort : Natural +-- , tlsCertFile : Text +-- , tlsChainFiles : Text +-- , tlsKeyFile : Text +-- , quicAddr : List Text +-- , quicPort : Natural +-- , quicDebugDir : Optional Text +-- , quicQlogDir : Optional Text +-- } +{ port = 80 +-- IP address or "*" +, host = "*" +, debugMode = True +-- If available, "nobody" is much more secure for user +, user = "root" +-- If available, "nobody" is much more secure for group +, group = "root" +, pidFile = "/var/run/mighty.pid" +, reportFile = "/tmp/mighty_report" +, logging = True +-- The directory must be writable by the user. +, logFile = "/var/log/mighty" +, logFileSize = 16777216 -- bytes +, logBackupNumber = 10 +, indexFile = "index.html" +, indexCgi = "index.cgi" +, statusFileDir = "/usr/local/share/mighty/status" +, connectionTimeout = 30 -- seconds +, proxyTimeout = 0 -- seconds, 0 is default of http-client, ie 30 seconds +, fdCacheDuration = 10 -- seconds +-- 0 is HTTP only +-- 1 is HTTPS only +-- 2 is for both HTTP and HTTPs +-- 3 is for HTTP, HTTPs and QUIC(HTTP/3) +, service = 0 +, tlsPort = 443 +-- should change this with an absolute path +, tlsCertFile = "cert.pem" +-- should change this with an absolute path +, tlsChainFiles = "chain.pem" +-- Currently, tlsKeyFile must not be encrypted +, tlsKeyFile = "privkey.pem" +, quicPort = 443 +, quicAddr = ["0.0.0.0","::"] +, quicDebugDir = None Text +, quicQlogDir = None Text +} diff -Nru mighttpd2-4.0.2/debian/changelog mighttpd2-4.0.3/debian/changelog --- mighttpd2-4.0.2/debian/changelog 2022-08-02 19:02:22.000000000 +0000 +++ mighttpd2-4.0.3/debian/changelog 2023-10-26 14:57:23.000000000 +0000 @@ -1,3 +1,19 @@ +mighttpd2 (4.0.3-2) unstable; urgency=medium + + * Backport patch to fix tests + + -- Ilias Tsitsimpis Thu, 26 Oct 2023 17:57:23 +0300 + +mighttpd2 (4.0.3-1) unstable; urgency=medium + + [ Ilias Tsitsimpis ] + * Declare compliance with Debian policy 4.6.2 + + [ Clint Adams ] + * New upstream release + + -- Clint Adams Wed, 25 Oct 2023 10:54:42 -0400 + mighttpd2 (4.0.2-1) unstable; urgency=medium [ Ilias Tsitsimpis ] diff -Nru mighttpd2-4.0.2/debian/control mighttpd2-4.0.3/debian/control --- mighttpd2-4.0.2/debian/control 2022-08-02 19:02:22.000000000 +0000 +++ mighttpd2-4.0.3/debian/control 2023-10-26 07:01:51.000000000 +0000 @@ -46,8 +46,6 @@ libghc-old-locale-prof, libghc-time-manager-dev, libghc-time-manager-prof, - libghc-wai-http2-extra-dev (>= 0.1.3), - libghc-wai-http2-extra-prof, libghc-wai-logger-dev (>= 2.3.0), libghc-wai-logger-prof, libghc-warp-dev (>= 3.3.13), @@ -71,7 +69,7 @@ libghc-wai-doc, libghc-wai-app-file-cgi-doc, libghc-warp-doc, -Standards-Version: 4.6.1 +Standards-Version: 4.6.2 Homepage: https://kazu-yamamoto.github.io/mighttpd2/ Vcs-Browser: https://salsa.debian.org/haskell-team/DHG_packages/tree/master/p/mighttpd2 Vcs-Git: https://salsa.debian.org/haskell-team/DHG_packages.git [p/mighttpd2] diff -Nru mighttpd2-4.0.2/debian/patches/fix-tests mighttpd2-4.0.3/debian/patches/fix-tests --- mighttpd2-4.0.2/debian/patches/fix-tests 1970-01-01 00:00:00.000000000 +0000 +++ mighttpd2-4.0.3/debian/patches/fix-tests 2023-10-26 14:56:40.000000000 +0000 @@ -0,0 +1,83 @@ +From ec51acfc7c663451041de45d1ff1d550b240af3c Mon Sep 17 00:00:00 2001 +From: Felix Yan +Date: Wed, 21 Jun 2023 03:20:26 +0800 +Subject: [PATCH] Fix QUIC addr in ConfigSpec.hs + +The addrs were updated in https://github.com/kazu-yamamoto/mighttpd2/commit/499723135a202f573bb60cdfb62c346c53c42c5c without updating the tests, resulting in following test failures: + +``` +Failures: + + test/ConfigSpec.hs:14:45: + 1) Config.parseConfig parses example.conf correctly + expected: @@ 21 lines omitted @@ + opt_tls_chain_files = "chain.pem", + opt_tls_key_file = "privkey.pem", + opt_quic_port = 443, + opt_quic_addr = ["127.0.0.1", "::1"], + opt_quic_debug_dir = Nothing, + opt_quic_qlog_dir = Nothing, + opt_server_name = "foo", + opt_routing_file = Nothing + } + but got: @@ 21 lines omitted @@ + opt_tls_chain_files = "chain.pem", + opt_tls_key_file = "privkey.pem", + opt_quic_port = 443, + opt_quic_addr = ["0.0.0.0", "::"], + opt_quic_debug_dir = Nothing, + opt_quic_qlog_dir = Nothing, + opt_server_name = "foo", + opt_routing_file = Nothing + } + + To rerun use: --match "/Config/parseConfig/parses example.conf correctly/" + + test/ConfigSpec.hs:20:45: + 2) Config.parseDhall parses example.dhall correctly + expected: @@ 21 lines omitted @@ + opt_tls_chain_files = "chain.pem", + opt_tls_key_file = "privkey.pem", + opt_quic_port = 443, + opt_quic_addr = ["127.0.0.1", "::1"], + opt_quic_debug_dir = Nothing, + opt_quic_qlog_dir = Nothing, + opt_server_name = "foo", + opt_routing_file = Nothing + } + but got: @@ 21 lines omitted @@ + opt_tls_chain_files = "chain.pem", + opt_tls_key_file = "privkey.pem", + opt_quic_port = 443, + opt_quic_addr = ["0.0.0.0", "::"], + opt_quic_debug_dir = Nothing, + opt_quic_qlog_dir = Nothing, + opt_server_name = "foo", + opt_routing_file = Nothing + } + + To rerun use: --match "/Config/parseDhall/parses example.dhall correctly/" + +Randomized with seed 254466943 + +Finished in 0.0099 seconds +3 examples, 2 failures +Test suite spec: FAIL +``` +--- + test/ConfigSpec.hs | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: b/test/ConfigSpec.hs +=================================================================== +--- a/test/ConfigSpec.hs ++++ b/test/ConfigSpec.hs +@@ -44,7 +44,7 @@ ans = Option + , opt_tls_cert_file = "cert.pem" + , opt_tls_chain_files = "chain.pem" + , opt_tls_key_file = "privkey.pem" +- , opt_quic_addr = ["127.0.0.1","::1"] ++ , opt_quic_addr = ["0.0.0.0","::"] + , opt_quic_port = 443 + , opt_quic_debug_dir = Nothing + , opt_quic_qlog_dir = Nothing diff -Nru mighttpd2-4.0.2/debian/patches/series mighttpd2-4.0.3/debian/patches/series --- mighttpd2-4.0.2/debian/patches/series 1970-01-01 00:00:00.000000000 +0000 +++ mighttpd2-4.0.3/debian/patches/series 2023-10-26 14:56:30.000000000 +0000 @@ -0,0 +1 @@ +fix-tests diff -Nru mighttpd2-4.0.2/mighttpd2.cabal mighttpd2-4.0.3/mighttpd2.cabal --- mighttpd2-4.0.2/mighttpd2.cabal 2001-09-09 01:46:40.000000000 +0000 +++ mighttpd2-4.0.3/mighttpd2.cabal 2001-09-09 01:46:40.000000000 +0000 @@ -1,174 +1,208 @@ -Name: mighttpd2 -Version: 4.0.2 -Author: Kazu Yamamoto -Maintainer: Kazu Yamamoto -License: BSD3 -License-File: LICENSE -Synopsis: High performance web server on WAI/warp -Description: High performance web server to handle static - files and CGI on WAI/warp. - Reverse proxy functionality is also provided - to connect web applications behind. -Homepage: https://kazu-yamamoto.github.io/mighttpd2/ -Category: Network, Web -Cabal-Version: >= 1.10 -Build-Type: Simple -Data-Dir: conf -Data-Files: example.conf example.route -Extra-Source-Files: Program/Mighty/Dhall/Option.dhall - -Flag tls - Description: Support HTTP over TLS (HTTPS). - Default: False - -Flag quic - Description: Support HTTP over QUIC (HTTP/3). - Default: False - -Flag dhall - Description: Support Dhall - Default: False - -Library - Default-Language: Haskell2010 - GHC-Options: -Wall - Exposed-Modules: Program.Mighty - Program.Mighty.ByteString - Program.Mighty.Config - Program.Mighty.Network - Program.Mighty.Parser - Program.Mighty.Process - Program.Mighty.Report - Program.Mighty.Resource - Program.Mighty.Route - Program.Mighty.Signal - Program.Mighty.Dhall.Option - Program.Mighty.Types - Build-Depends: base >= 4.9 && < 5 - , array - , async - , auto-update - , byteorder - , bytestring - , case-insensitive - , conduit >= 1.1 - , conduit-extra - , directory - , filepath - , http-date - , http-types - , network - , parsec >= 3 - , resourcet - , streaming-commons - , split - , text - , unix - , unix-time - , unordered-containers - , wai >= 3.2 && < 3.3 - , wai-app-file-cgi >= 3.1.9 && < 3.2 - , warp >= 3.3.15 && < 3.4 - , unliftio - if impl(ghc >= 8) - Default-Extensions: Strict StrictData - if flag(dhall) - Cpp-Options: -DDHALL - Build-Depends: dhall - -Executable mighty - Default-Language: Haskell2010 - HS-Source-Dirs: src - Main-Is: Mighty.hs - GHC-Options: -Wall -threaded -rtsopts - if flag(tls) - Cpp-Options: -DHTTP_OVER_TLS - Build-Depends: async - , tls-session-manager >= 0.0.2.0 - if flag(quic) - Cpp-Options: -DHTTP_OVER_QUIC - Build-Depends: async - , base16-bytestring - if os(linux) - C-sources: cbits/setcap.c - Cpp-Options: -DDROP_EXCEPT_BIND - - if flag(dhall) - Cpp-Options: -DDHALL - Build-Depends: dhall - Build-Depends: base >= 4.9 && < 5 - , bytestring - , directory - , filepath - , http-client >= 0.5 - , http-date - , http-types - , mighttpd2 - , network - , conduit-extra - , transformers - , unix - , streaming-commons - , time-manager - , wai >= 3.2 && < 3.3 - , wai-app-file-cgi >= 3.1.9 && < 3.2 - , wai-logger >= 2.3.0 - , warp >= 3.3.13 && < 3.4 - , wai-http2-extra >= 0.1.3 - if flag(tls) - Build-Depends: tls - , warp-tls >= 3.2.12 && < 3.4 - if flag(quic) - Build-Depends: quic - , warp-quic - Other-Modules: Server - WaiApp - Paths_mighttpd2 - if impl(ghc >= 8) - Default-Extensions: Strict StrictData - -Executable mighty-mkindex - Default-Language: Haskell2010 - HS-Source-Dirs: utils, src - Main-Is: mkindex.hs - GHC-Options: -Wall - Build-Depends: base >= 4.9 && < 5 - , directory - , old-locale - , time - , unix - -Executable mightyctl - Default-Language: Haskell2010 - HS-Source-Dirs: utils, src - Main-Is: mightyctl.hs - GHC-Options: -Wall - Build-Depends: base >= 4.9 && < 5 - , unix - , mighttpd2 - if impl(ghc >= 8) - Default-Extensions: Strict StrictData - -Test-Suite spec - Default-Language: Haskell2010 - Main-Is: Spec.hs - Hs-Source-Dirs: test, src - Type: exitcode-stdio-1.0 - Other-Modules: ConfigSpec - RouteSpec - Build-Depends: base >= 4.9 && < 5 - , hspec >= 1.3 - , mighttpd2 - , http-client >= 0.5 - if flag(tls) - Build-Depends: tls - , warp-tls >= 3.2.12 && < 3.4 - if impl(ghc >= 8) - Default-Extensions: Strict StrictData - if flag(dhall) - Cpp-Options: -DDHALL - Build-Depends: dhall - -Source-Repository head - Type: git - Location: git://github.com/kazu-yamamoto/mighttpd2.git +cabal-version: >=1.10 +name: mighttpd2 +version: 4.0.3 +license: BSD3 +license-file: LICENSE +maintainer: Kazu Yamamoto +author: Kazu Yamamoto +homepage: https://kazu-yamamoto.github.io/mighttpd2/ +synopsis: High performance web server on WAI/warp +description: + High performance web server to handle static + files and CGI on WAI/warp. + Reverse proxy functionality is also provided + to connect web applications behind. + +category: Network, Web +build-type: Simple +data-files: + example.conf + example.route + +data-dir: conf +extra-source-files: + Program/Mighty/Dhall/Option.dhall + conf/example.dhall + +source-repository head + type: git + location: git://github.com/kazu-yamamoto/mighttpd2.git + +flag tls + description: Support HTTP over TLS (HTTPS). + default: False + +flag quic + description: Support HTTP over QUIC (HTTP/3). + default: False + +flag dhall + description: Support Dhall + default: False + +library + exposed-modules: + Program.Mighty + Program.Mighty.ByteString + Program.Mighty.Config + Program.Mighty.Network + Program.Mighty.Parser + Program.Mighty.Process + Program.Mighty.Report + Program.Mighty.Resource + Program.Mighty.Route + Program.Mighty.Signal + Program.Mighty.Dhall.Option + Program.Mighty.Types + + default-language: Haskell2010 + ghc-options: -Wall + build-depends: + base >=4.9 && <5, + array, + async, + auto-update, + byteorder, + bytestring, + case-insensitive, + conduit >=1.1, + conduit-extra, + directory, + filepath, + http-date, + http-types, + network, + parsec >=3, + resourcet, + streaming-commons, + split, + text, + unix, + unix-time, + unordered-containers, + wai >=3.2 && <3.3, + wai-app-file-cgi >=3.1.9 && <3.2, + warp >=3.3.15 && <3.4, + unliftio + + if impl(ghc >=8) + default-extensions: Strict StrictData + + if flag(dhall) + cpp-options: -DDHALL + build-depends: dhall + +executable mighty + main-is: Mighty.hs + hs-source-dirs: src + other-modules: + Server + WaiApp + Paths_mighttpd2 + + default-language: Haskell2010 + ghc-options: -Wall -threaded -rtsopts + build-depends: + base >=4.9 && <5, + bytestring, + directory, + filepath, + http-client >=0.5, + http-date, + http-types, + mighttpd2, + network, + conduit-extra, + transformers, + unix, + streaming-commons, + time-manager, + wai >=3.2 && <3.3, + wai-app-file-cgi >=3.1.9 && <3.2, + wai-logger >=2.3.0, + warp >=3.3.13 && <3.4 + + if flag(tls) + cpp-options: -DHTTP_OVER_TLS + build-depends: + async, + tls-session-manager >=0.0.2.0 + + if flag(quic) + cpp-options: -DHTTP_OVER_QUIC + build-depends: + async, + base16-bytestring + + if os(linux) + cpp-options: -DDROP_EXCEPT_BIND + c-sources: cbits/setcap.c + + if flag(dhall) + cpp-options: -DDHALL + build-depends: dhall + + if flag(tls) + build-depends: + tls, + warp-tls >=3.2.12 && <3.5 + + if flag(quic) + build-depends: + quic, + warp-quic + + if impl(ghc >=8) + default-extensions: Strict StrictData + +executable mighty-mkindex + main-is: mkindex.hs + hs-source-dirs: utils src + default-language: Haskell2010 + ghc-options: -Wall + build-depends: + base >=4.9 && <5, + directory, + old-locale, + time, + unix + +executable mightyctl + main-is: mightyctl.hs + hs-source-dirs: utils src + default-language: Haskell2010 + ghc-options: -Wall + build-depends: + base >=4.9 && <5, + unix, + mighttpd2 + + if impl(ghc >=8) + default-extensions: Strict StrictData + +test-suite spec + type: exitcode-stdio-1.0 + main-is: Spec.hs + hs-source-dirs: test src + other-modules: + ConfigSpec + RouteSpec + + default-language: Haskell2010 + build-depends: + base >=4.9 && <5, + hspec >=1.3, + mighttpd2, + http-client >=0.5 + + if flag(tls) + build-depends: + tls, + warp-tls >=3.2.12 && <3.5 + + if impl(ghc >=8) + default-extensions: Strict StrictData + + if flag(dhall) + cpp-options: -DDHALL + build-depends: dhall diff -Nru mighttpd2-4.0.2/src/Server.hs mighttpd2-4.0.3/src/Server.hs --- mighttpd2-4.0.2/src/Server.hs 2001-09-09 01:46:40.000000000 +0000 +++ mighttpd2-4.0.3/src/Server.hs 2001-09-09 01:46:40.000000000 +0000 @@ -7,6 +7,7 @@ import Control.Concurrent (runInUnboundThread) import Control.Exception (try) import Control.Monad (unless, when) +import Data.Either (fromRight) import qualified Data.ByteString.Char8 as BS import Data.Streaming.Network (bindPortTCP) import qualified Network.HTTP.Client as H @@ -24,8 +25,6 @@ import Program.Mighty import WaiApp -import qualified Network.Wai.Middleware.Push.Referer as P - #ifdef HTTP_OVER_TLS import Control.Concurrent.Async (concurrently_) import Data.Char (isSpace) @@ -158,7 +157,7 @@ cert <- BS.readFile $ opt_tls_cert_file opt chains <- mapM BS.readFile chain_files key <- BS.readFile $ opt_tls_key_file opt - let Right cred = TLS.credentialLoadX509ChainFromMemory cert chains key + let cred = fromRight (error "loadCredentials") $ TLS.credentialLoadX509ChainFromMemory cert chains key return $ Credentials [cred] where strip = dropWhileEnd isSpace . dropWhile isSpace @@ -198,6 +197,7 @@ QUIC s1 s2 -> do let quicPort' = BS.pack $ show quicPort strver Q.Version1 = "" + strver Q.Version2 = "" strver v = BS.append "-" $ BS.pack $ show $ fromVersion v quicDrafts = map strver quicVersions value v = BS.concat ["h3",v,"=\":",quicPort',"\""] @@ -214,7 +214,7 @@ _ -> error "never reach" #endif where - app = P.pushOnReferer P.defaultSettings $ fileCgiApp cspec filespec cgispec revproxyspec rdr + app = fileCgiApp cspec filespec cgispec revproxyspec rdr debug = opt_debug_mode opt -- We don't use setInstallShutdownHandler because we may use -- two sockets for HTTP and HTTPS. @@ -232,6 +232,7 @@ tlsSetting = defaultTlsSettings { tlsCredentials = _mcreds , tlsSessionManager = _msmgr + , tlsAllowedVersions = [TLS.TLS13,TLS.TLS12] } #endif serverName = BS.pack $ opt_server_name opt @@ -270,8 +271,10 @@ Just proto -> return proto where h3 | ver == Q.Version1 = "h3" + | ver == Q.Version2 = "h3" | otherwise = "h3-" `BS.append` BS.pack (show (fromVersion ver)) hq | ver == Q.Version1 = "hq-interop" + | ver == Q.Version2 = "hq-interop" | otherwise = "hq-" `BS.append` BS.pack (show (fromVersion ver)) fromVersion :: Q.Version -> Int