pool/thttpd
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 250670 from server:http

Browse Source 
- drop thttpd-2.25b.tar.bz2 (old tarball)

- update to 2.26 (bnc#894285)
  Ignore ECONNABORTED on accept().
  Correctly implemented the config-file option change from "nosymlink"
  to "nosymlinkcheck", which was supposedly done in version 2.24.
  Removed mailto: link from default index page.
  Allow CGIs to provide both Location and Status headers.
  Better logic for figuring out CGI SERVER_NAME environment variable.
  Updated for clang, and general cleanup.
- dropped thttpd-2.25b-getline.patch (upstream)
- added thttpd-crypt_is_in_crypt.h.patch

OBS-URL: https://build.opensuse.org/request/show/250670
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/thttpd?expand=0&rev=33
This commit is contained in:
Stephan Kulow 2014-09-23 08:42:42 +00:00 committed by Git OBS Bridge
commit 3145b4e8df
9 changed files with 131 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
thttpd-2.25b-configure.patch
View File

@ -1,5 +1,7 @@
--- config.h Index: config.h
+++ config.h ===================================================================
--- config.h.orig 2014-09-03 09:38:25.650677391 +0200
+++ config.h 2014-09-03 09:38:50.657956674 +0200
@@ -57,17 +57,7 @@ @@ -57,17 +57,7 @@
** as a security measure that's how you do it, just don't define any ** as a security measure that's how you do it, just don't define any
** pattern here and don't run with the -c flag. ** pattern here and don't run with the -c flag.
@ -66,7 +68,7 @@
/* CONFIGURE: If defined, $LD_LIBRARY_PATH to use for CGI programs. /* CONFIGURE: If defined, $LD_LIBRARY_PATH to use for CGI programs.
*/ */
@@ -333,7 +321,7 @@ @@ -327,7 +315,7 @@
/* CONFIGURE: A list of index filenames to check. The files are searched /* CONFIGURE: A list of index filenames to check. The files are searched
** for in this order. ** for in this order.
*/ */
@ -75,9 +77,11 @@
/* CONFIGURE: If this is defined then thttpd will automatically generate /* CONFIGURE: If this is defined then thttpd will automatically generate
** index pages for directories that don't have an explicit index file. ** index pages for directories that don't have an explicit index file.
--- configure.in Index: configure.in
+++ configure.in ===================================================================
@@ -6,8 +6,10 @@ --- configure.in.orig 2014-09-03 09:38:25.651677402 +0200
+++ configure.in 2014-09-03 09:38:50.657956674 +0200
@@ -6,8 +6,10 @@ AC_CANONICAL_SYSTEM
AC_PROG_CC AC_PROG_CC
@ -85,18 +89,18 @@
-if test "$GCC" = yes ; then -if test "$GCC" = yes ; then
+if test "x$V_CCOPT" = "x"; then +if test "x$V_CCOPT" = "x"; then
+ V_CCOPT="-O" + V_CCOPT="-O"
+ +
+ if test "$GCC" = yes ; then + if test "$GCC" = yes ; then
AC_MSG_CHECKING(gcc version) AC_MSG_CHECKING(gcc version)
AC_CACHE_VAL(ac_cv_lbl_gcc_vers, AC_CACHE_VAL(ac_cv_lbl_gcc_vers,
ac_cv_lbl_gcc_vers=`$CC -dumpversion 2>&1 | \ ac_cv_lbl_gcc_vers=`$CC -dumpversion 2>&1 | \
@@ -16,7 +18,8 @@ @@ -16,7 +18,8 @@ if test "$GCC" = yes ; then
if test "$ac_cv_lbl_gcc_vers" -gt 1 ; then if test "$ac_cv_lbl_gcc_vers" -gt 1 ; then
V_CCOPT="-O2" V_CCOPT="-O2"
fi fi
-fi -fi
+ fi + fi
+fi +fi
if test -f .devel ; then if test -f .devel ; then
V_CCOPT="-g $V_CCOPT -Wall -Wmissing-prototypes -Wstrict-prototypes" V_CCOPT="-g $V_CCOPT -ansi -pedantic -U__STRICT_ANSI__ -Wall -Wpointer-arith -Wshadow -Wcast-qual -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wredundant-decls -Wno-long-long"
fi fi

20
thttpd-2.25b-getline.patch
View File

@ -1,20 +0,0 @@
--- extras/htpasswd.c
+++ extras/htpasswd.c
@@ -49,7 +49,7 @@
while((line[y++] = line[x++]));
}
-static int getline(char *s, int n, FILE *f) {
+static int my_getline(char *s, int n, FILE *f) {
register int i=0;
while(1) {
@@ -189,7 +189,7 @@
strncpy(user,argv[2],MAX_STRING_LEN);
user[MAX_STRING_LEN-1]='\0';
found = 0;
- while(!(getline(line,MAX_STRING_LEN,f))) {
+ while(!(my_getline(line,MAX_STRING_LEN,f))) {
if(found || (line[0] == '#') || (!line[0])) {
putline(tfp,line);
continue;

14
thttpd-2.25b-overflow.diff
View File

@ -1,15 +1,17 @@
--- extras/htpasswd.c Index: extras/htpasswd.c
+++ extras/htpasswd.c ===================================================================
@@ -186,15 +186,16 @@ --- extras/htpasswd.c.orig 2014-09-03 09:40:24.741007309 +0200
+++ extras/htpasswd.c 2014-09-03 09:42:47.188597773 +0200
@@ -184,15 +184,17 @@ int main(int argc, char *argv[]) {
fprintf(stderr,"Use -c option to create new one.\n"); fprintf(stderr,"Use -c option to create new one.\n");
exit(1); exit(1);
} }
- strcpy(user,argv[2]); - strcpy(user,argv[2]);
-
+ strncpy(user,argv[2],MAX_STRING_LEN); + strncpy(user,argv[2],MAX_STRING_LEN);
+ user[MAX_STRING_LEN-1]='\0'; + user[MAX_STRING_LEN-1]='\0';
found = 0; found = 0;
while(!(getline(line,MAX_STRING_LEN,f))) { while(!(my_getline(line,MAX_STRING_LEN,f))) {
if(found || (line[0] == '#') || (!line[0])) { if(found || (line[0] == '#') || (!line[0])) {
putline(tfp,line); putline(tfp,line);
continue; continue;
@ -20,7 +22,7 @@
getword(w,l,':'); getword(w,l,':');
if(strcmp(user,w)) { if(strcmp(user,w)) {
putline(tfp,line); putline(tfp,line);
@@ -212,7 +213,8 @@ @@ -210,7 +212,8 @@ int main(int argc, char *argv[]) {
} }
fclose(f); fclose(f);
fclose(tfp); fclose(tfp);

10
thttpd-2.25b-static.patch
View File

@ -1,7 +1,9 @@
--- configure.in Index: configure.in
+++ configure.in ===================================================================
@@ -24,34 +24,6 @@ --- configure.in.orig 2014-09-03 09:46:46.273266534 +0200
V_CCOPT="-g $V_CCOPT -Wall -Wmissing-prototypes -Wstrict-prototypes" +++ configure.in 2014-09-03 09:46:46.300266836 +0200
@@ -24,34 +24,6 @@ if test -f .devel ; then
V_CCOPT="-g $V_CCOPT -ansi -pedantic -U__STRICT_ANSI__ -Wall -Wpointer-arith -Wshadow -Wcast-qual -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wredundant-decls -Wno-long-long"
fi fi
-dnl -dnl

3
thttpd-2.25b.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:fd1fb01e3d5c9261b5357c246289d3b38f145aeb5faf922965238b86a09cb22d
size 108797

3
thttpd-2.26.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:15b3f6c60f854061e333227e9ea9ff789d34a092c9365690a8c0d3ecfc85cbb7
size 132950

24
thttpd-crypt_is_in_crypt.h.patch Normal file
View File

@ -0,0 +1,24 @@
Index: thttpd-2.26/extras/htpasswd.c
===================================================================
--- thttpd-2.26.orig/extras/htpasswd.c 2014-09-03 09:54:25.155386527 +0200
+++ thttpd-2.26/extras/htpasswd.c 2014-09-03 10:32:19.736082368 +0200
@@ -15,6 +15,7 @@
#include <stdlib.h>
#include <time.h>
#include <unistd.h>
+#include <crypt.h>
#define LF 10
#define CR 13
Index: thttpd-2.26/libhttpd.c
===================================================================
--- thttpd-2.26.orig/libhttpd.c 2014-09-03 09:54:25.155386527 +0200
+++ thttpd-2.26/libhttpd.c 2014-09-03 10:33:13.913694495 +0200
@@ -53,6 +53,7 @@
#include <string.h>
#include <syslog.h>
#include <unistd.h>
+#include <crypt.h>
#include <stdarg.h>
#ifdef HAVE_OSRELDATE_H

19
thttpd.changes
View File

@ -1,3 +1,22 @@
-------------------------------------------------------------------
Mon Sep 22 13:34:52 UTC 2014 - vcizek@suse.com
- drop thttpd-2.25b.tar.bz2 (old tarball)
-------------------------------------------------------------------
Wed Sep 3 07:42:53 UTC 2014 - vcizek@suse.com
- update to 2.26 (bnc#894285)
Ignore ECONNABORTED on accept().
Correctly implemented the config-file option change from "nosymlink"
to "nosymlinkcheck", which was supposedly done in version 2.24.
Removed mailto: link from default index page.
Allow CGIs to provide both Location and Status headers.
Better logic for figuring out CGI SERVER_NAME environment variable.
Updated for clang, and general cleanup.
- dropped thttpd-2.25b-getline.patch (upstream)
- added thttpd-crypt_is_in_crypt.h.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Jul 18 16:40:22 UTC 2014 - p.drouand@gmail.com Fri Jul 18 16:40:22 UTC 2014 - p.drouand@gmail.com

112
thttpd.spec
View File

@ -15,49 +15,50 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/ # Please submit bugfixes or comments via http://bugs.opensuse.org/
# #
%if 0%{?suse_version} > 1220 %if 0%{?suse_version} > 1220
%define with_systemd 1 %define with_systemd 1
%else %else
%define with_systemd 0 %define with_systemd 0
%endif %endif
Name: thttpd Name: thttpd
Version: 2.26
Release: 0
Summary: Small and very simple webserver
License: BSD-3-Clause
Group: Productivity/Networking/Web/Servers
Url: http://www.acme.com/software/thttpd/
Source: %{name}-%{version}.tar.gz
Source1: %{name}-SuSE.tar.bz2
Source2: %{name}.service
Patch0: %{name}-2.25b-configure.patch
Patch1: %{name}-2.25b-dirs.patch
Patch2: %{name}-2.25b-time_h.patch
Patch3: %{name}-2.25b-newautoconf.patch
Patch4: %{name}-2.25b-sec.patch
Patch5: %{name}-2.25b-static.patch
Patch6: %{name}-2.25b-pie.patch
Patch7: %{name}-2.25b-syslogtocern.diff
Patch8: %{name}-2.25b-overflow.diff
Patch9: %{name}-2.25b-chown.diff
Patch10: %{name}-2.25b-zerolen.patch
Patch11: %{name}-2.25b-strcpy.patch
# PATCH-FIX-SUSE CVE-2012-5640
Patch13: thttpd-2.25b-CVE-2012-5640-check_crypt_return_value.patch
Patch14: thttpd-CVE-2013-0348.patch
Patch15: thttpd-crypt_is_in_crypt.h.patch
BuildRequires: automake
BuildRequires: libtool
Requires(post): permissions
Provides: http_daemon Provides: http_daemon
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if %{with_systemd} %if %{with_systemd}
BuildRequires: systemd BuildRequires: systemd
%{?systemd_requires} %{?systemd_requires}
%else %else
PreReq: %fillup_prereq %insserv_prereq Requires(post): %fillup_prereq
Requires(post): %insserv_prereq
%endif %endif
PreReq: permissions
Version: 2.25b
Release: 0
Source: %{name}-%{version}.tar.bz2
Source1: %{name}-SuSE.tar.bz2
Source2: %{name}.service
Patch0: %{name}-%{version}-configure.patch
Patch1: %{name}-%{version}-dirs.patch
Patch2: %{name}-%{version}-time_h.patch
Patch3: %{name}-%{version}-newautoconf.patch
Patch4: %{name}-%{version}-sec.patch
Patch5: %{name}-%{version}-static.patch
Patch6: %{name}-%{version}-pie.patch
Patch7: %{name}-%{version}-syslogtocern.diff
Patch8: %{name}-%{version}-overflow.diff
Patch9: %{name}-%{version}-chown.diff
Patch10: %{name}-%{version}-zerolen.patch
Patch11: %{name}-%{version}-strcpy.patch
Patch12: thttpd-2.25b-getline.patch
# PATCH-FIX-SUSE CVE-2012-5640
Patch13: thttpd-2.25b-CVE-2012-5640-check_crypt_return_value.patch
Patch14: thttpd-CVE-2013-0348.patch
Url: http://www.acme.com/software/thttpd/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Summary: Small and very simple webserver
License: BSD-3-Clause
Group: Productivity/Networking/Web/Servers
BuildRequires: automake
BuildRequires: libtool
%description %description
Thttpd is a very compact no-frills httpd serving daemon that can handle Thttpd is a very compact no-frills httpd serving daemon that can handle
@ -83,51 +84,52 @@ traffic.
%patch9 %patch9
%patch10 %patch10
%patch11 %patch11
%patch12
%patch13 -p1 %patch13 -p1
%patch14 -p1 %patch14 -p1
%patch15 -p1
%build %build
cp /usr/share/automake-1.*/config.* . cp %{_datadir}/automake-1.*/config.* .
# update server root path # update server root path
sed -i "s@__SRVROOT__@%{serverroot}/htdocs@g" README.SuSE SuSE/etc/thttpd.conf sed -i "s@__SRVROOT__@%{serverroot}/htdocs@g" README.SuSE SuSE%{_sysconfdir}/thttpd.conf
sed -i "s@__PREFIX__@%{_prefix}@g;\ sed -i "s@__PREFIX__@%{_prefix}@g;\
s@__SYSCONFDIR__@%{_sysconfdir}@g;\ s@__SYSCONFDIR__@%{_sysconfdir}@g;\
s@__NAME__@%{name}@g;\ s@__NAME__@%{name}@g;\
s@__VERSION__@%{version}@g" SuSE/etc/init.d/thttpd s@__VERSION__@%{version}@g" SuSE%{_initddir}/thttpd
chmod 744 SuSE/etc/init.d/thttpd chmod 744 SuSE%{_initddir}/thttpd
chmod 644 SuSE/etc/thttpd.conf chmod 644 SuSE%{_sysconfdir}/thttpd.conf
mv aclocal.m4 acinclude.m4 mv aclocal.m4 acinclude.m4
libtoolize --force libtoolize --force
aclocal --force aclocal --force
autoconf -f autoconf -f
V_CCOPT="$RPM_OPT_FLAGS -Wall" \ V_CCOPT="%{optflags} -Wall" \
%configure %configure
%ifarch s390 s390x %ifarch s390 s390x
make F_PIE="-fPIE" make F_PIE="-fPIE" %{?_smp_mflags}
%else %else
make F_PIE="-fpie" make F_PIE="-fpie" %{?_smp_mflags}
%endif %endif
%install %install
install -d %{buildroot}/usr/bin \ install -d %{buildroot}%{_bindir} \
%{buildroot}/usr/sbin \ %{buildroot}%{_sbindir} \
%{buildroot}%{_mandir}/man1 \ %{buildroot}%{_mandir}/man1 \
%{buildroot}%{_mandir}/man8 \ %{buildroot}%{_mandir}/man8 \
%{buildroot}%{serverroot}/htdocs/users %{buildroot}%{serverroot}/htdocs/users
make DESTDIR=%{buildroot} install make DESTDIR=%{buildroot} install %{?_smp_mflags}
cp -a SuSE/* %{buildroot} cp -a SuSE/* %{buildroot}
rm -f %{buildroot}%{serverroot}/htdocs/index.html rm -f %{buildroot}%{serverroot}/htdocs/index.html
%if %{with_systemd} %if %{with_systemd}
rm -rf %{buildroot}/etc/init.d rm -rf %{buildroot}%{_sysconfdir}/init.d
rm %{buildroot}%{_sbindir}/rc%{name} rm %{buildroot}%{_sbindir}/rc%{name}
mkdir -p %{buildroot}%{_unitdir} mkdir -p %{buildroot}%{_unitdir}
install -m 644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.service install -m 644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.service
ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rc%{name} ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
%endif %endif
%if %{with_systemd} %if %{with_systemd}
%pre
%pre
%service_add_pre %{name}.service %service_add_pre %{name}.service
%endif %endif
@ -140,11 +142,11 @@ ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rc%{name}
%if 0%{?suse_version} <= 1130 %if 0%{?suse_version} <= 1130
%run_permissions %run_permissions
%else %else
%set_permissions /usr/bin/makeweb %set_permissions %{_bindir}/makeweb
%endif %endif
%verifyscript %verifyscript
%verify_permissions -e /usr/bin/makeweb %verify_permissions -e %{_bindir}/makeweb
%preun %preun
%if %{with_systemd} %if %{with_systemd}
@ -158,7 +160,7 @@ ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rc%{name}
%service_del_postun %{name}.service %service_del_postun %{name}.service
%else %else
%restart_on_update thttpd %restart_on_update thttpd
%{insserv_cleanup} %insserv_cleanup
%endif %endif
%files %files
@ -166,15 +168,15 @@ ln -s /usr/sbin/service %{buildroot}%{_sbindir}/rc%{name}
%doc README README.SuSE config.h %doc README README.SuSE config.h
%{serverroot}/htdocs/* %{serverroot}/htdocs/*
%attr(775, root, www) %{serverroot}/htdocs/users %attr(775, root, www) %{serverroot}/htdocs/users
%verify(not mode) %attr(2750, root, www) /usr/bin/makeweb %verify(not mode) %attr(2750, root, www) %{_bindir}/makeweb
/usr/bin/htpasswd %{_bindir}/htpasswd
/usr/sbin/* %{_sbindir}/*
/usr/share/man/*/* %{_mandir}/*/*
%if %{with_systemd} %if %{with_systemd}
%{_unitdir}/%{name}.service %{_unitdir}/%{name}.service
%else %else
%config /etc/init.d/thttpd %config %{_initddir}/thttpd
%endif %endif
%config(noreplace) /etc/thttpd.conf %config(noreplace) %{_sysconfdir}/thttpd.conf
%changelog %changelog