Accepting request 250670 from server:http

- drop thttpd-2.25b.tar.bz2 (old tarball) - update to 2.26 (bnc#894285) Ignore ECONNABORTED on accept(). Correctly implemented the config-file option change from "nosymlink" to "nosymlinkcheck", which was supposedly done in version 2.24. Removed mailto: link from default index page. Allow CGIs to provide both Location and Status headers. Better logic for figuring out CGI SERVER_NAME environment variable. Updated for clang, and general cleanup. - dropped thttpd-2.25b-getline.patch (upstream) - added thttpd-crypt_is_in_crypt.h.patch OBS-URL: https://build.opensuse.org/request/show/250670 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/thttpd?expand=0&rev=33
2014-09-23 08:42:42 +00:00 · 2014-09-23 08:42:42 +00:00 · 3145b4e8df
commit 3145b4e8df
parent 5a78415803 65fceb0319
9 changed files with 131 additions and 98 deletions
--- a/thttpd-2.25b-configure.patch
+++ b/thttpd-2.25b-configure.patch
@ -1,5 +1,7 @@
--- config.h
-+++ config.h
+Index: config.h
+===================================================================
+--- config.h.orig	2014-09-03 09:38:25.650677391 +0200
+++ config.h	2014-09-03 09:38:50.657956674 +0200
@@ -57,17 +57,7 @@
 ** as a security measure that's how you do it, just don't define any
 ** pattern here and don't run with the -c flag.
@ -66,7 +68,7 @@
 
 /* CONFIGURE: If defined, $LD_LIBRARY_PATH to use for CGI programs.
 */
-@@ -333,7 +321,7 @@
+@@ -327,7 +315,7 @@
 /* CONFIGURE: A list of index filenames to check.  The files are searched
 ** for in this order.
 */
@ -75,9 +77,11 @@
 
 /* CONFIGURE: If this is defined then thttpd will automatically generate
 ** index pages for directories that don't have an explicit index file.
--- configure.in
-+++ configure.in
-@@ -6,8 +6,10 @@
+Index: configure.in
+===================================================================
+--- configure.in.orig	2014-09-03 09:38:25.651677402 +0200
+++ configure.in	2014-09-03 09:38:50.657956674 +0200
+@@ -6,8 +6,10 @@ AC_CANONICAL_SYSTEM
 
 AC_PROG_CC
 
@ -85,18 +89,18 @@
 -if test "$GCC" = yes ; then
 +if test "x$V_CCOPT" = "x"; then
 +  V_CCOPT="-O"
-+  
+
 +  if test "$GCC" = yes ; then
 	AC_MSG_CHECKING(gcc version)
 	AC_CACHE_VAL(ac_cv_lbl_gcc_vers,
 	    ac_cv_lbl_gcc_vers=`$CC -dumpversion 2>&1 | \
-@@ -16,7 +18,8 @@
+@@ -16,7 +18,8 @@ if test "$GCC" = yes ; then
 	if test "$ac_cv_lbl_gcc_vers" -gt 1 ; then
 		V_CCOPT="-O2"
 	fi
 -fi
 +  fi
-+fi  
+fi
 if test -f .devel ; then
- 	V_CCOPT="-g $V_CCOPT -Wall -Wmissing-prototypes -Wstrict-prototypes"
+ 	V_CCOPT="-g $V_CCOPT -ansi -pedantic -U__STRICT_ANSI__ -Wall -Wpointer-arith -Wshadow -Wcast-qual -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wredundant-decls -Wno-long-long"
 fi
--- a/thttpd-2.25b-getline.patch
+++ b/thttpd-2.25b-getline.patch
@ -1,20 +0,0 @@
--- extras/htpasswd.c
-+++ extras/htpasswd.c
-@@ -49,7 +49,7 @@
-     while((line[y++] = line[x++]));
- }
- 
-static int getline(char *s, int n, FILE *f) {
-+static int my_getline(char *s, int n, FILE *f) {
-     register int i=0;
- 
-     while(1) {
-@@ -189,7 +189,7 @@
-     strncpy(user,argv[2],MAX_STRING_LEN);
-     user[MAX_STRING_LEN-1]='\0';
-     found = 0;
-    while(!(getline(line,MAX_STRING_LEN,f))) {
-+    while(!(my_getline(line,MAX_STRING_LEN,f))) {
-         if(found || (line[0] == '#') || (!line[0])) {
-             putline(tfp,line);
-             continue;
--- a/thttpd-2.25b-overflow.diff
+++ b/thttpd-2.25b-overflow.diff
@ -1,15 +1,17 @@
--- extras/htpasswd.c
-+++ extras/htpasswd.c
-@@ -186,15 +186,16 @@
+Index: extras/htpasswd.c
+===================================================================
+--- extras/htpasswd.c.orig	2014-09-03 09:40:24.741007309 +0200
+++ extras/htpasswd.c	2014-09-03 09:42:47.188597773 +0200
+@@ -184,15 +184,17 @@ int main(int argc, char *argv[]) {
         fprintf(stderr,"Use -c option to create new one.\n");
         exit(1);
     }
 -    strcpy(user,argv[2]);
-
+ 
 +    strncpy(user,argv[2],MAX_STRING_LEN);
 +    user[MAX_STRING_LEN-1]='\0';
     found = 0;
-     while(!(getline(line,MAX_STRING_LEN,f))) {
+     while(!(my_getline(line,MAX_STRING_LEN,f))) {
         if(found || (line[0] == '#') || (!line[0])) {
             putline(tfp,line);
             continue;
@ -20,7 +22,7 @@
         getword(w,l,':');
         if(strcmp(user,w)) {
             putline(tfp,line);
-@@ -212,7 +213,8 @@
+@@ -210,7 +212,8 @@ int main(int argc, char *argv[]) {
     }
     fclose(f);
     fclose(tfp);
--- a/thttpd-2.25b-static.patch
+++ b/thttpd-2.25b-static.patch
@ -1,7 +1,9 @@
--- configure.in
-+++ configure.in
-@@ -24,34 +24,6 @@
- 	V_CCOPT="-g $V_CCOPT -Wall -Wmissing-prototypes -Wstrict-prototypes"
+Index: configure.in
+===================================================================
+--- configure.in.orig	2014-09-03 09:46:46.273266534 +0200
+++ configure.in	2014-09-03 09:46:46.300266836 +0200
+@@ -24,34 +24,6 @@ if test -f .devel ; then
+ 	V_CCOPT="-g $V_CCOPT -ansi -pedantic -U__STRICT_ANSI__ -Wall -Wpointer-arith -Wshadow -Wcast-qual -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wredundant-decls -Wno-long-long"
 fi
 
 -dnl
--- a/thttpd-2.25b.tar.bz2
+++ b/thttpd-2.25b.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:fd1fb01e3d5c9261b5357c246289d3b38f145aeb5faf922965238b86a09cb22d
-size 108797
--- a/thttpd-2.26.tar.gz
+++ b/thttpd-2.26.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:15b3f6c60f854061e333227e9ea9ff789d34a092c9365690a8c0d3ecfc85cbb7
+size 132950
--- a/thttpd-crypt_is_in_crypt.h.patch
+++ b/thttpd-crypt_is_in_crypt.h.patch
@ -0,0 +1,24 @@
+Index: thttpd-2.26/extras/htpasswd.c
+===================================================================
+--- thttpd-2.26.orig/extras/htpasswd.c	2014-09-03 09:54:25.155386527 +0200
+++ thttpd-2.26/extras/htpasswd.c	2014-09-03 10:32:19.736082368 +0200
+@@ -15,6 +15,7 @@
+ #include <stdlib.h>
+ #include <time.h>
+ #include <unistd.h>
+#include <crypt.h>
+ 
+ #define LF 10
+ #define CR 13
+Index: thttpd-2.26/libhttpd.c
+===================================================================
+--- thttpd-2.26.orig/libhttpd.c	2014-09-03 09:54:25.155386527 +0200
+++ thttpd-2.26/libhttpd.c	2014-09-03 10:33:13.913694495 +0200
+@@ -53,6 +53,7 @@
+ #include <string.h>
+ #include <syslog.h>
+ #include <unistd.h>
+#include <crypt.h>
+ #include <stdarg.h>
+ 
+ #ifdef HAVE_OSRELDATE_H
--- a/thttpd.changes
+++ b/thttpd.changes
@ -1,3 +1,22 @@
+-------------------------------------------------------------------
+Mon Sep 22 13:34:52 UTC 2014 - vcizek@suse.com
+
+- drop thttpd-2.25b.tar.bz2 (old tarball)
+
+-------------------------------------------------------------------
+Wed Sep  3 07:42:53 UTC 2014 - vcizek@suse.com
+
+- update to 2.26 (bnc#894285)
+  Ignore ECONNABORTED on accept().
+  Correctly implemented the config-file option change from "nosymlink"
+  to "nosymlinkcheck", which was supposedly done in version 2.24.
+  Removed mailto: link from default index page.
+  Allow CGIs to provide both Location and Status headers.
+  Better logic for figuring out CGI SERVER_NAME environment variable.
+  Updated for clang, and general cleanup.
+- dropped thttpd-2.25b-getline.patch (upstream)
+- added thttpd-crypt_is_in_crypt.h.patch
+
 -------------------------------------------------------------------
 Fri Jul 18 16:40:22 UTC 2014 - p.drouand@gmail.com

--- a/thttpd.spec
+++ b/thttpd.spec
@ -15,49 +15,50 @@
 # Please submit bugfixes or comments via http://bugs.opensuse.org/
 #

+
 %if 0%{?suse_version} > 1220
 %define with_systemd 1
 %else
 %define with_systemd 0
 %endif
-
 Name:           thttpd
+Version:        2.26
+Release:        0
+Summary:        Small and very simple webserver
+License:        BSD-3-Clause
+Group:          Productivity/Networking/Web/Servers
+Url:            http://www.acme.com/software/thttpd/
+Source:         %{name}-%{version}.tar.gz
+Source1:        %{name}-SuSE.tar.bz2
+Source2:        %{name}.service
+Patch0:         %{name}-2.25b-configure.patch
+Patch1:         %{name}-2.25b-dirs.patch
+Patch2:         %{name}-2.25b-time_h.patch
+Patch3:         %{name}-2.25b-newautoconf.patch
+Patch4:         %{name}-2.25b-sec.patch
+Patch5:         %{name}-2.25b-static.patch
+Patch6:         %{name}-2.25b-pie.patch
+Patch7:         %{name}-2.25b-syslogtocern.diff
+Patch8:         %{name}-2.25b-overflow.diff
+Patch9:         %{name}-2.25b-chown.diff
+Patch10:        %{name}-2.25b-zerolen.patch
+Patch11:        %{name}-2.25b-strcpy.patch
+# PATCH-FIX-SUSE CVE-2012-5640
+Patch13:        thttpd-2.25b-CVE-2012-5640-check_crypt_return_value.patch
+Patch14:        thttpd-CVE-2013-0348.patch
+Patch15:        thttpd-crypt_is_in_crypt.h.patch
+BuildRequires:  automake
+BuildRequires:  libtool
+Requires(post): permissions
 Provides:       http_daemon
+BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %if %{with_systemd}
 BuildRequires:  systemd
 %{?systemd_requires}
 %else
-PreReq:         %fillup_prereq %insserv_prereq
+Requires(post): %fillup_prereq
+Requires(post): %insserv_prereq
 %endif
-PreReq:         permissions
-Version:        2.25b
-Release:        0
-Source:         %{name}-%{version}.tar.bz2
-Source1:        %{name}-SuSE.tar.bz2
-Source2:        %{name}.service
-Patch0:         %{name}-%{version}-configure.patch
-Patch1:         %{name}-%{version}-dirs.patch
-Patch2:         %{name}-%{version}-time_h.patch
-Patch3:         %{name}-%{version}-newautoconf.patch  
-Patch4:         %{name}-%{version}-sec.patch
-Patch5:         %{name}-%{version}-static.patch
-Patch6:         %{name}-%{version}-pie.patch
-Patch7:         %{name}-%{version}-syslogtocern.diff
-Patch8:         %{name}-%{version}-overflow.diff
-Patch9:         %{name}-%{version}-chown.diff
-Patch10:        %{name}-%{version}-zerolen.patch
-Patch11:        %{name}-%{version}-strcpy.patch
-Patch12:        thttpd-2.25b-getline.patch
-# PATCH-FIX-SUSE CVE-2012-5640
-Patch13:        thttpd-2.25b-CVE-2012-5640-check_crypt_return_value.patch
-Patch14:        thttpd-CVE-2013-0348.patch
-Url:            http://www.acme.com/software/thttpd/
-BuildRoot:      %{_tmppath}/%{name}-%{version}-build
-Summary:        Small and very simple webserver
-License:        BSD-3-Clause
-Group:          Productivity/Networking/Web/Servers
-BuildRequires:  automake
-BuildRequires:  libtool

 %description
 Thttpd is a very compact no-frills httpd serving daemon that can handle
@ -83,51 +84,52 @@ traffic.
 %patch9
 %patch10
 %patch11
-%patch12
 %patch13 -p1
 %patch14 -p1
+%patch15 -p1

 %build
-cp /usr/share/automake-1.*/config.* . 
+cp %{_datadir}/automake-1.*/config.* .
 # update server root path
-sed -i "s@__SRVROOT__@%{serverroot}/htdocs@g" README.SuSE SuSE/etc/thttpd.conf
+sed -i "s@__SRVROOT__@%{serverroot}/htdocs@g" README.SuSE SuSE%{_sysconfdir}/thttpd.conf
 sed -i "s@__PREFIX__@%{_prefix}@g;\
    s@__SYSCONFDIR__@%{_sysconfdir}@g;\
    s@__NAME__@%{name}@g;\
-    s@__VERSION__@%{version}@g" SuSE/etc/init.d/thttpd
-chmod 744 SuSE/etc/init.d/thttpd
-chmod 644 SuSE/etc/thttpd.conf
+    s@__VERSION__@%{version}@g" SuSE%{_initddir}/thttpd
+chmod 744 SuSE%{_initddir}/thttpd
+chmod 644 SuSE%{_sysconfdir}/thttpd.conf
 mv aclocal.m4 acinclude.m4
 libtoolize --force
 aclocal --force
 autoconf -f
-V_CCOPT="$RPM_OPT_FLAGS -Wall" \
+V_CCOPT="%{optflags} -Wall" \
 %configure
 %ifarch s390 s390x
-make F_PIE="-fPIE"
+make F_PIE="-fPIE" %{?_smp_mflags}
 %else
-make F_PIE="-fpie"
+make F_PIE="-fpie" %{?_smp_mflags}
 %endif

 %install
-install -d %{buildroot}/usr/bin \
-    %{buildroot}/usr/sbin \
+install -d %{buildroot}%{_bindir} \
+    %{buildroot}%{_sbindir} \
    %{buildroot}%{_mandir}/man1 \
    %{buildroot}%{_mandir}/man8 \
    %{buildroot}%{serverroot}/htdocs/users
-make DESTDIR=%{buildroot} install
+make DESTDIR=%{buildroot} install %{?_smp_mflags}
 cp -a SuSE/* %{buildroot}
 rm -f %{buildroot}%{serverroot}/htdocs/index.html
 %if %{with_systemd}
-rm -rf %{buildroot}/etc/init.d
+rm -rf %{buildroot}%{_sysconfdir}/init.d
 rm %{buildroot}%{_sbindir}/rc%{name}
 mkdir -p %{buildroot}%{_unitdir}
 install -m 644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.service
-ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rc%{name}
+ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
 %endif

 %if %{with_systemd}
-%pre 
+
+%pre
 %service_add_pre %{name}.service
 %endif

@ -140,11 +142,11 @@ ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rc%{name}
 %if 0%{?suse_version} <= 1130
 %run_permissions
 %else
-%set_permissions /usr/bin/makeweb
+%set_permissions %{_bindir}/makeweb
 %endif

 %verifyscript
-%verify_permissions -e /usr/bin/makeweb
+%verify_permissions -e %{_bindir}/makeweb

 %preun
 %if %{with_systemd}
@ -158,7 +160,7 @@ ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rc%{name}
 %service_del_postun %{name}.service
 %else
 %restart_on_update thttpd
-%{insserv_cleanup}
+%insserv_cleanup
 %endif

 %files
@ -166,15 +168,15 @@ ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rc%{name}
 %doc README README.SuSE config.h
 %{serverroot}/htdocs/*
 %attr(775, root, www) %{serverroot}/htdocs/users
-%verify(not mode) %attr(2750, root, www) /usr/bin/makeweb
-/usr/bin/htpasswd
-/usr/sbin/*
-/usr/share/man/*/*
+%verify(not mode) %attr(2750, root, www) %{_bindir}/makeweb
+%{_bindir}/htpasswd
+%{_sbindir}/*
+%{_mandir}/*/*
 %if %{with_systemd}
 %{_unitdir}/%{name}.service
 %else
-%config /etc/init.d/thttpd
+%config %{_initddir}/thttpd
 %endif
-%config(noreplace) /etc/thttpd.conf
+%config(noreplace) %{_sysconfdir}/thttpd.conf

 %changelog