With this patch support for SSL is compiled into lighttpd.
IMO encryption is in most use cases important, therefore SSL support should be build in. This would simplify the setup of a standard web application a lot.
SSL support of lighttpd is documented at
http://redmine.lighttpd.net/projects/1/wiki/Docs_SSL
The build complains about missing "file" and "which" commands, so add them as
build inputs.
"file" is used by the autotools configure script to tweak what -m flag
(if any) to pass to the linker when it asks it for shared library
support.
Here is an example of -m values for GNU ld:
Supported emulations:
elf_x86_64
elf32_x86_64
elf_i386
i386linux
elf_l1om
elf_k1om
"which" is used in the build phase to look for svnversion and git, to build a
version stamp. Since we build from a release tarball (and don't pass svn or git
as inputs either), this check fails and falls back to the version number in the
tarball.
There is one build warning left, but I think this is normal on NixOS:
/tmp/nix-build-lighttpd-1.4.32.drv-0/lighttpd-1.4.32/libtool: line 1085: ldconfig: command not found
One important denial of service (in 1.4.31) fix: CVE-2012-5533[1].
NOTE: There are some errors about missing commands during the build, but
I'm pretty sure they were there before. And the result seems to be
working anyway...
* /usr/bin/file: No such file or directory
* /bin/sh: line 2: which: command not found
* /tmp/nix-build-lighttpd-1.4.32.drv-0/lighttpd-1.4.32/libtool: line 1085: ldconfig: command not found
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5533
The NixOS service module loads those modules by default. So we need to build
them here as well.
I'm not really sure why these modules are included by default, because (except
from maybe CGI) they obviously are only usable in very rare cases. Am I wrong?
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The reason because the configure script is unnable to find libxml2 is because it
is searching for a header file in `libxml/*.h`. Obviously this cases an error,
because it's actually in `${libxml2}/include/libxml2/libxml/*.h`, so let's add
the parent directory to --with-libxml2 and remove the comment from buildInputs.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>