From 1eda50740ea0b976ede22ac7920ca0535fc6b846 Mon Sep 17 00:00:00 2001
From: Glenn Strauss <gstrauss@gluelogic.com>
Date: Tue, 3 Jan 2023 18:00:18 -0500
Subject: [doc] remove references to removed modules

---
 doc/config/conf.d/Makefile.am      |   1 -
 doc/config/conf.d/secdownload.conf |  35 ---------
 doc/config/modules.conf            |   7 --
 doc/outdated/Makefile.am           |   2 -
 doc/outdated/configuration.txt     |   2 -
 doc/outdated/secdownload.txt       | 147 -------------------------------------
 6 files changed, 194 deletions(-)
 delete mode 100644 doc/config/conf.d/secdownload.conf
 delete mode 100644 doc/outdated/secdownload.txt

(limited to 'doc')

diff --git a/doc/config/conf.d/Makefile.am b/doc/config/conf.d/Makefile.am
index 7c976afe..a1eb33b9 100644
--- a/doc/config/conf.d/Makefile.am
+++ b/doc/config/conf.d/Makefile.am
@@ -13,7 +13,6 @@ EXTRA_DIST=access_log.conf \
 	proxy.conf \
 	rrdtool.conf \
 	scgi.conf \
-	secdownload.conf \
 	simple_vhost.conf \
 	ssi.conf \
 	status.conf \
diff --git a/doc/config/conf.d/secdownload.conf b/doc/config/conf.d/secdownload.conf
deleted file mode 100644
index 7262e62c..00000000
--- a/doc/config/conf.d/secdownload.conf
+++ /dev/null
@@ -1,35 +0,0 @@
-#######################################################################
-##
-##  Secure Download Module 
-## ------------------------ 
-##
-## See https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModSecDownload
-##
-server.modules += ( "mod_secdownload" )
-
-##
-## Document root for the download area.
-## The directory should not be below your normal 
-## document root! 
-##
-#secdownload.document-root = server_root + "/downloads"
-
-##
-## Secret string that will be used for the checksum calculation.
-##
-#secdownload.secret = ""
-
-##
-## How long is the secret valid?
-##
-## Default: 60 seconds
-##
-#secdownload.timeout = 60
-
-##
-## Prefix for the download area. 
-##
-#secdownload.uri-prefix = "/download/"
-
-##
-#######################################################################
diff --git a/doc/config/modules.conf b/doc/config/modules.conf
index f1a3e864..75235b55 100644
--- a/doc/config/modules.conf
+++ b/doc/config/modules.conf
@@ -30,7 +30,6 @@
 ## - mod_scgi          -> conf.d/scgi.conf
 ## - mod_fastcgi       -> conf.d/fastcgi.conf
 ## - mod_proxy         -> conf.d/proxy.conf
-## - mod_secdownload   -> conf.d/secdownload.conf
 ## - mod_expire        -> conf.d/expire.conf
 ##
 ## NOTE: The order of modules in server.modules is important.
@@ -48,7 +47,6 @@
 server.modules = (
 #  "mod_rewrite",
   "mod_access",
-#  "mod_evasive",
 #  "mod_auth",
 #  "mod_authn_file",
 #  "mod_redirect",
@@ -104,11 +102,6 @@ server.modules = (
 ##
 #include conf_dir + "/conf.d/rrdtool.conf"
 
-##
-## mod_secdownload
-##
-#include conf_dir + "/conf.d/secdownload.conf"
-
 ##
 #######################################################################
 
diff --git a/doc/outdated/Makefile.am b/doc/outdated/Makefile.am
index 0ee37207..b901f501 100644
--- a/doc/outdated/Makefile.am
+++ b/doc/outdated/Makefile.am
@@ -12,7 +12,6 @@ plugins.txt \
 proxy.txt \
 redirect.txt \
 rewrite.txt \
-secdownload.txt \
 security.txt \
 simple-vhost.txt \
 skeleton.txt \
@@ -47,7 +46,6 @@ HTMLDOCS=accesslog.html \
 	 proxy.html \
 	 redirect.html \
 	 rewrite.html \
-	 secdownload.html \
 	 security.html \
 	 simple-vhost.html \
 	 skeleton.html \
diff --git a/doc/outdated/configuration.txt b/doc/outdated/configuration.txt
index de7b2be5..c3cf6924 100644
--- a/doc/outdated/configuration.txt
+++ b/doc/outdated/configuration.txt
@@ -369,13 +369,11 @@ server.modules
 				"mod_simple_vhost",
 				"mod_evhost",
 				"mod_userdir",
-				"mod_secdownload",
 				"mod_fastcgi",
 				"mod_proxy",
 				"mod_cgi",
                                 "mod_ssi",
 				"mod_deflate",
-                                "mod_usertrack",
 				"mod_expire",
  				"mod_rrdtool",
 				"mod_accesslog" )
diff --git a/doc/outdated/secdownload.txt b/doc/outdated/secdownload.txt
deleted file mode 100644
index 6b2de072..00000000
--- a/doc/outdated/secdownload.txt
+++ /dev/null
@@ -1,147 +0,0 @@
-===========================
-Secure and Fast Downloading
-===========================
-
------------------------
-Module: mod_secdownload
------------------------
-
-:Author: Jan Kneschke
-:Date: $Date: 2004/08/01 07:01:29 $
-:Revision: $Revision: 1.1 $
-
-:abstract:
-  authenticated file requests and a countermeasure against
-  deep-linking can be achieved easily by using mod_secdownload
-
-.. meta::
-  :keywords: lighttpd, secure, fast, downloads
-
-.. contents:: Table of Contents
-
-Options
-=======
-
-::
-
-  secdownload.secret        = <string>
-  secdownload.document-root = <string>
-  secdownload.uri-prefix    = <string>  (default: /)
-  secdownload.timeout       = <short>   (default: 60 seconds)
-
-Description
-===========
-
-there are multiple ways to handle secured download mechanisms:
-
-1. use the webserver and the internal HTTP authentication
-2. use the application to authenticate and send the file
-   through the application
-
-Both ways have limitations:
-
-webserver:
-
-- ``+`` fast download
-- ``+`` no additional system load
-- ``-`` inflexible authentication handling
-
-application:
-
-- ``+`` integrated into the overall layout
-- ``+`` very flexible permission management
-- ``-`` the download occupies an application thread/process
-
-A simple way to combine the two ways could be:
-
-1. app authenticates user and checks permissions to
-   download the file.
-2. app redirects user to the file accessible by the webserver
-   for further downloading.
-3. the webserver transfers the file to the user.
-
-As the webserver doesn't know anything about the permissions
-used in the app, the resulting URL would be available to every
-user who knows the URL.
-
-mod_secdownload removes this problem by introducing a way to
-authenticate a URL for a specified time. The application has
-to generate a token and a timestamp which are checked by the
-webserver before it allows the file to be downloaded by the
-webserver.
-
-The generated URL has to have the format:
-
-<uri-prefix><token>/<timestamp-in-hex><rel-path>
-
-<token> is an MD5 of
-
-1. a secret string (user supplied)
-2. <rel-path> (starts with /)
-3. <timestamp-in-hex>
-
-
-As you can see, the token is not bound to the user at all. The
-only limiting factor is the timestamp which is used to
-invalidate the URL after a given timeout (secdownload.timeout).
-
-.. Note::
-  Be sure to choose a another secret than the one used in the
-  examples, as this is the only part of the token that is not
-  known to the user.
-
-
-
-If the user tries to fake the URL by choosing a random token,
-status 403 'Forbidden' will be sent out.
-
-If the timeout is reached, status 408 'Request Timeout' will be
-sent. (This does not really conform to the standard, but should
-do the trick).
-
-If token and timeout are valid, the <rel-path> is appended to
-the configured (secdownload.document-root) and passed to the
-normal internal file transfer functionality. This might lead to
-status 200 or 404.
-
-Example
-=======
-
-Application
------------
-
-Your application has to generate the correct URLs. The following sample
-code for PHP should be easily adaptable to any other language: ::
-
-  <?php
-
-  $secret = "verysecret";
-  $uri_prefix = "/dl/";
-
-  # filename
-  $f = "/secret-file.txt";
-
-  # current timestamp
-  $t = time();
-
-  $t_hex = sprintf("%08x", $t);
-  $m = md5($secret.$f.$t_hex);
-
-  # generate link
-  printf('<a href="%s%s/%s%s">%s</a>',
-         $uri_prefix, $m, $t_hex, $f, $f);
-  ?>
-
-Webserver
----------
-
-The server has to be configured in the same way. The URI prefix and
-secret have to match: ::
-
-  server.modules = ( ..., "mod_secdownload", ... )
-
-  secdownload.secret          = "verysecret"
-  secdownload.document-root   = "/home/www/servers/download-area/"
-  secdownload.uri-prefix      = "/dl/"
-  secdownload.timeout         = 120
-  secdownload.algorithm       = "md5"
-- 
cgit v1.2.1