forked from pool/varnish
Accepting request 220760 from server:http
- Updated to 3.0.5 OBS-URL: https://build.opensuse.org/request/show/220760 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/varnish?expand=0&rev=13
This commit is contained in:
commit
cf376d0e54
@ -1,136 +0,0 @@
|
|||||||
From 4bd5b7991bf602a6c46dd0d65fc04d4b8d9667a6 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Martin Blix Grydeland <martin@varnish-software.com>
|
|
||||||
Date: Wed, 30 Oct 2013 13:48:20 +0100
|
|
||||||
Subject: [PATCH] Make up our mind: Any req.* we receive from the client with
|
|
||||||
fundamental trouble gets failed back without VCL involvement.
|
|
||||||
References: https://www.varnish-cache.org/trac/ticket/1367
|
|
||||||
References: CVE-2013-4484
|
|
||||||
References: https://bugzilla.novell.com/show_bug.cgi?id=848451
|
|
||||||
|
|
||||||
Fixes #1367
|
|
||||||
---
|
|
||||||
bin/varnishd/cache_center.c | 28 +++++++++++++++-------------
|
|
||||||
bin/varnishd/cache_http.c | 2 +-
|
|
||||||
bin/varnishtest/tests/r01367.vtc | 30 ++++++++++++++++++++++++++++++
|
|
||||||
3 files changed, 46 insertions(+), 14 deletions(-)
|
|
||||||
create mode 100644 bin/varnishtest/tests/r01367.vtc
|
|
||||||
|
|
||||||
diff --git a/bin/varnishd/cache_center.c b/bin/varnishd/cache_center.c
|
|
||||||
index 19eb2ce..fdf7cee 100644
|
|
||||||
--- a/bin/varnishd/cache_center.c
|
|
||||||
+++ b/bin/varnishd/cache_center.c
|
|
||||||
@@ -1474,9 +1474,12 @@ DOT start -> recv [style=bold,color=green]
|
|
||||||
static int
|
|
||||||
cnt_start(struct sess *sp)
|
|
||||||
{
|
|
||||||
- uint16_t done;
|
|
||||||
+ uint16_t err_code;
|
|
||||||
char *p;
|
|
||||||
- const char *r = "HTTP/1.1 100 Continue\r\n\r\n";
|
|
||||||
+ const char *r_100 = "HTTP/1.1 100 Continue\r\n\r\n";
|
|
||||||
+ const char *r_400 = "HTTP/1.1 400 Bad Request\r\n\r\n";
|
|
||||||
+ const char *r_413 = "HTTP/1.1 413 Request Entity Too Large\r\n\r\n";
|
|
||||||
+ const char *r_417 = "HTTP/1.1 417 Expectation Failed\r\n\r\n";
|
|
||||||
|
|
||||||
CHECK_OBJ_NOTNULL(sp, SESS_MAGIC);
|
|
||||||
AZ(sp->restarts);
|
|
||||||
@@ -1499,10 +1502,14 @@ cnt_start(struct sess *sp)
|
|
||||||
sp->wrk->vcl = NULL;
|
|
||||||
|
|
||||||
http_Setup(sp->http, sp->ws);
|
|
||||||
- done = http_DissectRequest(sp);
|
|
||||||
+ err_code = http_DissectRequest(sp);
|
|
||||||
|
|
||||||
/* If we could not even parse the request, just close */
|
|
||||||
- if (done == 400) {
|
|
||||||
+ if (err_code == 400)
|
|
||||||
+ (void)write(sp->fd, r_400, strlen(r_400));
|
|
||||||
+ else if (err_code == 413)
|
|
||||||
+ (void)write(sp->fd, r_413, strlen(r_413));
|
|
||||||
+ if (err_code != 0) {
|
|
||||||
sp->step = STP_DONE;
|
|
||||||
vca_close_session(sp, "junk");
|
|
||||||
return (0);
|
|
||||||
@@ -1514,12 +1521,6 @@ cnt_start(struct sess *sp)
|
|
||||||
/* Catch original request, before modification */
|
|
||||||
HTTP_Copy(sp->http0, sp->http);
|
|
||||||
|
|
||||||
- if (done != 0) {
|
|
||||||
- sp->err_code = done;
|
|
||||||
- sp->step = STP_ERROR;
|
|
||||||
- return (0);
|
|
||||||
- }
|
|
||||||
-
|
|
||||||
sp->doclose = http_DoConnection(sp->http);
|
|
||||||
|
|
||||||
/* XXX: Handle TRACE & OPTIONS of Max-Forwards = 0 */
|
|
||||||
@@ -1529,13 +1530,14 @@ cnt_start(struct sess *sp)
|
|
||||||
*/
|
|
||||||
if (http_GetHdr(sp->http, H_Expect, &p)) {
|
|
||||||
if (strcasecmp(p, "100-continue")) {
|
|
||||||
- sp->err_code = 417;
|
|
||||||
- sp->step = STP_ERROR;
|
|
||||||
+ (void)write(sp->fd, r_417, strlen(r_417));
|
|
||||||
+ sp->step = STP_DONE;
|
|
||||||
+ vca_close_session(sp, "junk");
|
|
||||||
return (0);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* XXX: Don't bother with write failures for now */
|
|
||||||
- (void)write(sp->fd, r, strlen(r));
|
|
||||||
+ (void)write(sp->fd, r_100, strlen(r_100));
|
|
||||||
/* XXX: When we do ESI includes, this is not removed
|
|
||||||
* XXX: because we use http0 as our basis. Believed
|
|
||||||
* XXX: safe, but potentially confusing.
|
|
||||||
diff --git a/bin/varnishd/cache_http.c b/bin/varnishd/cache_http.c
|
|
||||||
index 8753acc..605975b 100644
|
|
||||||
--- a/bin/varnishd/cache_http.c
|
|
||||||
+++ b/bin/varnishd/cache_http.c
|
|
||||||
@@ -601,7 +601,7 @@ http_splitline(struct worker *w, int fd, struct http *hp,
|
|
||||||
hp->hd[h2].e = p;
|
|
||||||
|
|
||||||
if (!Tlen(hp->hd[h2]))
|
|
||||||
- return (413);
|
|
||||||
+ return (400);
|
|
||||||
|
|
||||||
/* Skip SP */
|
|
||||||
for (; vct_issp(*p); p++) {
|
|
||||||
diff --git a/bin/varnishtest/tests/r01367.vtc b/bin/varnishtest/tests/r01367.vtc
|
|
||||||
new file mode 100644
|
|
||||||
index 0000000..e1de20a
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/bin/varnishtest/tests/r01367.vtc
|
|
||||||
@@ -0,0 +1,30 @@
|
|
||||||
+varnishtest "blank GET"
|
|
||||||
+
|
|
||||||
+server s1 {
|
|
||||||
+ rxreq
|
|
||||||
+ txresp
|
|
||||||
+} -start
|
|
||||||
+
|
|
||||||
+varnish v1 -vcl+backend {
|
|
||||||
+ sub vcl_error {
|
|
||||||
+ return (restart);
|
|
||||||
+ }
|
|
||||||
+} -start
|
|
||||||
+
|
|
||||||
+client c1 {
|
|
||||||
+ send "GET \nHost: example.com\n\n"
|
|
||||||
+ rxresp
|
|
||||||
+ expect resp.status == 400
|
|
||||||
+} -run
|
|
||||||
+
|
|
||||||
+client c1 {
|
|
||||||
+ txreq -hdr "Expect: Santa-Claus"
|
|
||||||
+ rxresp
|
|
||||||
+ expect resp.status == 417
|
|
||||||
+} -run
|
|
||||||
+
|
|
||||||
+client c1 {
|
|
||||||
+ txreq
|
|
||||||
+ rxresp
|
|
||||||
+ expect resp.status == 200
|
|
||||||
+} -run
|
|
||||||
--
|
|
||||||
1.8.2
|
|
||||||
|
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:e5ca91011229ca8d225aa1080dd827041b8121436d8dcddef507b95305533741
|
|
||||||
size 1152008
|
|
3
varnish-3.0.5.tar.gz
Normal file
3
varnish-3.0.5.tar.gz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:302fd6afc771524ca3912f5d945ab197a55762385c012b2054df7d86bf7ae2b7
|
||||||
|
size 2116664
|
@ -1,27 +0,0 @@
|
|||||||
From: Piotr Jankowski <piotr.jankowski@nsn.com>
|
|
||||||
Date: 2013-09-10 10:55:57 CEST
|
|
||||||
References: http://bugzilla.novell.com/show_bug.cgi?id=839358
|
|
||||||
References: https://www.varnish-cache.org/trac/ticket/1191
|
|
||||||
|
|
||||||
"The JIT compiler is broken on some versions of PCRE, at least on
|
|
||||||
i386, so disable it by default."
|
|
||||||
|
|
||||||
---
|
|
||||||
lib/libvarnish/vre.c | 3 +--
|
|
||||||
1 file changed, 1 insertion(+), 2 deletions(-)
|
|
||||||
|
|
||||||
Index: varnish-3.0.3/lib/libvarnish/vre.c
|
|
||||||
===================================================================
|
|
||||||
--- varnish-3.0.3.orig/lib/libvarnish/vre.c
|
|
||||||
+++ varnish-3.0.3/lib/libvarnish/vre.c
|
|
||||||
@@ -40,9 +40,8 @@ struct vre {
|
|
||||||
pcre_extra *re_extra;
|
|
||||||
};
|
|
||||||
|
|
||||||
-#ifndef PCRE_STUDY_JIT_COMPILE
|
|
||||||
+#undef PCRE_STUDY_JIT_COMPILE
|
|
||||||
#define PCRE_STUDY_JIT_COMPILE 0
|
|
||||||
-#endif
|
|
||||||
|
|
||||||
/*
|
|
||||||
* We don't want to spread or even expose the majority of PCRE options
|
|
@ -1,3 +1,18 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Jan 3 10:57:19 UTC 2014 - danimo@owncloud.com
|
||||||
|
|
||||||
|
- Updated to 3.0.5, contains fix for CVE-2013-4484
|
||||||
|
* A bad interaction between -b, -c and -m in the varnishlog tool
|
||||||
|
has been fixed.
|
||||||
|
* A malformed request could in some configurations lead to Varnish
|
||||||
|
crashing has been corrected. (CVE-2013-4484)
|
||||||
|
* Duplicate Content-Length headers were in some cases sent to
|
||||||
|
clients when streaming is enabled, this has been fixed.
|
||||||
|
* ESI parse errors are no longer printed to standard output.
|
||||||
|
* Stop segfaulting if the first part of a synthetic page is NULL.
|
||||||
|
- Remove 0001-Make-up-our-mind-Any-req.-we-receive-from-the-client.patch
|
||||||
|
and varnish-disable-pcrejit.diff (merged upstream)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Nov 1 18:52:49 UTC 2013 - jengelh@inai.de
|
Fri Nov 1 18:52:49 UTC 2013 - jengelh@inai.de
|
||||||
|
|
||||||
|
@ -17,7 +17,7 @@
|
|||||||
|
|
||||||
Name: varnish
|
Name: varnish
|
||||||
%define library_name libvarnishapi1
|
%define library_name libvarnishapi1
|
||||||
Version: 3.0.3
|
Version: 3.0.5
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: Varnish is a high-performance HTTP accelerator
|
Summary: Varnish is a high-performance HTTP accelerator
|
||||||
License: BSD-2-Clause
|
License: BSD-2-Clause
|
||||||
@ -27,7 +27,7 @@ URL: http://varnish-cache.org/
|
|||||||
#Git-Clone: git://git.varnish-cache.org/varnish-cache
|
#Git-Clone: git://git.varnish-cache.org/varnish-cache
|
||||||
#Git-Web: https://varnish-cache.org/trac/browser
|
#Git-Web: https://varnish-cache.org/trac/browser
|
||||||
#DL-URL: http://downloads.sf.net/varnish/%name-%version.tar.bz2
|
#DL-URL: http://downloads.sf.net/varnish/%name-%version.tar.bz2
|
||||||
Source: %name-%version.tar.xz
|
Source: %name-%version.tar.gz
|
||||||
Source2: varnish.init
|
Source2: varnish.init
|
||||||
Source3: varnish.sysconfig
|
Source3: varnish.sysconfig
|
||||||
Source4: vcl.conf
|
Source4: vcl.conf
|
||||||
@ -35,11 +35,9 @@ Source5: varnish.logrotate
|
|||||||
Source6: varnishlog.init
|
Source6: varnishlog.init
|
||||||
Source7: varnish.service
|
Source7: varnish.service
|
||||||
Source8: varnishlog.service
|
Source8: varnishlog.service
|
||||||
Patch1: varnish-disable-pcrejit.diff
|
|
||||||
Patch2: 0001-Make-up-our-mind-Any-req.-we-receive-from-the-client.patch
|
|
||||||
|
|
||||||
BuildRoot: %_tmppath/%name-%version-build
|
BuildRoot: %_tmppath/%name-%version-build
|
||||||
BuildRequires: libxslt, ncurses-devel, pcre-devel
|
BuildRequires: libxslt, ncurses-devel, pcre-devel, readline-devel
|
||||||
BuildRequires: pkgconfig, xz
|
BuildRequires: pkgconfig, xz
|
||||||
Prereq(post): %_sbindir/useradd %_sbindir/groupadd
|
Prereq(post): %_sbindir/useradd %_sbindir/groupadd
|
||||||
%if 0%{?suse_version} >= 1010
|
%if 0%{?suse_version} >= 1010
|
||||||
@ -99,7 +97,6 @@ This package holds the development files for varnish.
|
|||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
%patch -P 1 -P 2 -p1
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
export CFLAGS="%optflags -fstack-protector"
|
export CFLAGS="%optflags -fstack-protector"
|
||||||
|
Loading…
Reference in New Issue
Block a user