From afe8a98648069a6774bc4d85d16adfed47e688296dbe04063904b9839d229d6e Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Mon, 15 Jan 2007 23:39:05 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/thttpd?expand=0&rev=1 --- .gitattributes | 23 ++++ .gitignore | 1 + ready | 0 thttpd-2.25b-configure.patch | 102 ++++++++++++++ thttpd-2.25b-dirs.patch | 68 ++++++++++ thttpd-2.25b-newautoconf.patch | 11 ++ thttpd-2.25b-overflow.diff | 32 +++++ thttpd-2.25b-pie.patch | 15 +++ thttpd-2.25b-sec.patch | 16 +++ thttpd-2.25b-static.patch | 37 +++++ thttpd-2.25b-syslogtocern.diff | 18 +++ thttpd-2.25b-time_h.patch | 11 ++ thttpd-2.25b.tar.bz2 | 3 + thttpd-SuSE.tar.bz2 | 3 + thttpd.changes | 237 +++++++++++++++++++++++++++++++++ thttpd.spec | 233 ++++++++++++++++++++++++++++++++ 16 files changed, 810 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 ready create mode 100644 thttpd-2.25b-configure.patch create mode 100644 thttpd-2.25b-dirs.patch create mode 100644 thttpd-2.25b-newautoconf.patch create mode 100644 thttpd-2.25b-overflow.diff create mode 100644 thttpd-2.25b-pie.patch create mode 100644 thttpd-2.25b-sec.patch create mode 100644 thttpd-2.25b-static.patch create mode 100644 thttpd-2.25b-syslogtocern.diff create mode 100644 thttpd-2.25b-time_h.patch create mode 100644 thttpd-2.25b.tar.bz2 create mode 100644 thttpd-SuSE.tar.bz2 create mode 100644 thttpd.changes create mode 100644 thttpd.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/ready b/ready new file mode 100644 index 0000000..473a0f4 diff --git a/thttpd-2.25b-configure.patch b/thttpd-2.25b-configure.patch new file mode 100644 index 0000000..1ac1e94 --- /dev/null +++ b/thttpd-2.25b-configure.patch @@ -0,0 +1,102 @@ +--- config.h ++++ config.h +@@ -57,17 +57,7 @@ + ** as a security measure that's how you do it, just don't define any + ** pattern here and don't run with the -c flag. + */ +-#ifdef notdef +-/* Some sample patterns. Allow programs only in one central directory: */ +-#define CGI_PATTERN "/cgi-bin/*" +-/* Allow programs in a central directory, or anywhere in a trusted +-** user's tree: */ +-#define CGI_PATTERN "/cgi-bin/*|/jef/**" +-/* Allow any program ending with a .cgi: */ +-#define CGI_PATTERN "**.cgi" +-/* When virtual hosting, enable the central directory on every host: */ +-#define CGI_PATTERN "/*/cgi-bin/*" +-#endif ++#define CGI_PATTERN "/cgi-bin/*|**.cgi" + + /* CONFIGURE: How many seconds to allow CGI programs to run before killing + ** them. This is in case someone writes a CGI program that goes into an +@@ -75,7 +65,7 @@ + ** or whatever. If you don't want any limit, comment this out, but that's + ** probably a really bad idea. + */ +-#define CGI_TIMELIMIT 30 ++#define CGI_TIMELIMIT 60 + + /* CONFIGURE: Maximum number of simultaneous CGI programs allowed. + ** If this many are already running, then attempts to run more will +@@ -123,8 +113,8 @@ + ** You can also leave both options undefined, and thttpd will not do + ** anything special about tildes. Enabling both options is an error. + */ +-#ifdef notdef + #define TILDE_MAP_1 "users" ++#ifdef notdef + #define TILDE_MAP_2 "public_html" + #endif + +@@ -185,9 +175,7 @@ + ** measure, to prevent inadvertant exposure by accidentally running without -r. + ** You can still disable it at runtime with the -nor flag. + */ +-#ifdef notdef + #define ALWAYS_CHROOT +-#endif + + /* CONFIGURE: Define this if you want to always do virtual hosting, without + ** having to give the -v command line flag. You can still disable it at +@@ -237,7 +225,7 @@ + ** initializing. If this user (or the one specified by the -u flag) does + ** not exist, the program will refuse to run. + */ +-#define DEFAULT_USER "nobody" ++#define DEFAULT_USER "wwwrun" + + /* CONFIGURE: When started as root, the program can automatically chdir() + ** to the home directory of the user specified by -u or DEFAULT_USER. +@@ -276,7 +264,7 @@ + + /* CONFIGURE: $PATH to use for CGI programs. + */ +-#define CGI_PATH "/usr/local/bin:/usr/ucb:/bin:/usr/bin" ++#define CGI_PATH "/bin:/usr/bin" + + /* CONFIGURE: If defined, $LD_LIBRARY_PATH to use for CGI programs. + */ +@@ -333,7 +321,7 @@ + /* CONFIGURE: A list of index filenames to check. The files are searched + ** for in this order. + */ +-#define INDEX_NAMES "index.html", "index.htm", "index.xhtml", "index.xht", "Default.htm", "index.cgi" ++#define INDEX_NAMES "index.html", "index.htm", "index.xhtml", "index.xht", "index.cgi" + + /* CONFIGURE: If this is defined then thttpd will automatically generate + ** index pages for directories that don't have an explicit index file. +--- configure.in ++++ configure.in +@@ -6,8 +6,10 @@ + + AC_PROG_CC + +-V_CCOPT="-O" +-if test "$GCC" = yes ; then ++if test "x$V_CCOPT" = "x"; then ++ V_CCOPT="-O" ++ ++ if test "$GCC" = yes ; then + AC_MSG_CHECKING(gcc version) + AC_CACHE_VAL(ac_cv_lbl_gcc_vers, + ac_cv_lbl_gcc_vers=`$CC -dumpversion 2>&1 | \ +@@ -16,7 +18,8 @@ + if test "$ac_cv_lbl_gcc_vers" -gt 1 ; then + V_CCOPT="-O2" + fi +-fi ++ fi ++fi + if test -f .devel ; then + V_CCOPT="-g $V_CCOPT -Wall -Wmissing-prototypes -Wstrict-prototypes" + fi diff --git a/thttpd-2.25b-dirs.patch b/thttpd-2.25b-dirs.patch new file mode 100644 index 0000000..131be3b --- /dev/null +++ b/thttpd-2.25b-dirs.patch @@ -0,0 +1,68 @@ +--- Makefile.in ++++ Makefile.in +@@ -30,11 +30,12 @@ + prefix = @prefix@ + exec_prefix = @exec_prefix@ + # Pathname of directory to install the binary. +-BINDIR = @sbindir@ ++BINDIR = @bindir@ ++SBINDIR = @sbindir@ + # Pathname of directory to install the man page. + MANDIR = @mandir@ + # Pathname of directory to install the CGI programs. +-WEBDIR = $(prefix)/www ++WEBDIR = /srv/www/htdocs + + # CONFIGURE: The group that the web directory belongs to. This is so that + # the makeweb program can be installed set-group-id to that group, and make +@@ -110,7 +111,7 @@ + + installthis: + -mkdir -p $(DESTDIR)$(BINDIR) +- $(INSTALL) -m 555 -o bin -g bin thttpd $(DESTDIR)$(BINDIR) ++ $(INSTALL) -m 555 -o bin -g bin thttpd $(DESTDIR)$(SBINDIR) + + install-man: + -mkdir -p $(DESTDIR)$(MANDIR)/man8 +@@ -121,9 +122,11 @@ + cd $$i ; \ + pwd ; \ + $(MAKE) $(MFLAGS) \ +- WEBDIR=$(WEBDIR) \ +- CGIBINDIR=$(CGIBINDIR) \ +- MANDIR=$(MANDIR) \ ++ BINDIR=$(DESTDIR)$(BINDIR) \ ++ SBINDIR=$(DESTDIR)$(SBINDIR) \ ++ WEBDIR=$(DESTDIR)$(WEBDIR) \ ++ CGIBINDIR=$(DESTDIR)$(CGIBINDIR) \ ++ MANDIR=$(DESTDIR)$(MANDIR) \ + WEBGROUP=$(WEBGROUP) \ + install \ + ) ; done +--- extras/Makefile.in ++++ extras/Makefile.in +@@ -26,7 +26,8 @@ + + prefix = @prefix@ + exec_prefix = @exec_prefix@ +-BINDIR = @sbindir@ ++BINDIR = @bindir@ ++SBINDIR = @sbindir@ + WEBDIR = $(prefix)/www + CGIBINDIR = $(WEBDIR)/cgi-bin + MANDIR = @mandir@ +@@ -66,12 +67,12 @@ + + + install: all +- rm -f $(BINDIR)/makeweb $(BINDIR)/htpasswd $(BINDIR)/syslogtocern ++ rm -f $(SBINDIR)/makeweb $(SBINDIR)/htpasswd $(SBINDIR)/syslogtocern + cp makeweb $(BINDIR)/makeweb + chgrp $(WEBGROUP) $(BINDIR)/makeweb + chmod 2755 $(BINDIR)/makeweb + cp htpasswd $(BINDIR)/htpasswd +- cp syslogtocern $(BINDIR)/syslogtocern ++ cp syslogtocern $(SBINDIR)/syslogtocern + rm -f $(MANDIR)/man1/makeweb.1 + cp makeweb.1 $(MANDIR)/man1/makeweb.1 + rm -f $(MANDIR)/man1/htpasswd.1 diff --git a/thttpd-2.25b-newautoconf.patch b/thttpd-2.25b-newautoconf.patch new file mode 100644 index 0000000..64754d7 --- /dev/null +++ b/thttpd-2.25b-newautoconf.patch @@ -0,0 +1,11 @@ +--- aclocal.m4 ++++ aclocal.m4 +@@ -26,7 +26,7 @@ + AC_TRY_LINK(dnl + ifelse([$2], [main], , dnl Avoid conflicting decl of main. + [/* Override any gcc2 internal prototype to avoid an error. */ +-]ifelse(AC_LANG, CPLUSPLUS, [#ifdef __cplusplus ++]ifelse([AC_LANG], CPLUSPLUS, [#ifdef __cplusplus + extern "C" + #endif + ])dnl diff --git a/thttpd-2.25b-overflow.diff b/thttpd-2.25b-overflow.diff new file mode 100644 index 0000000..12987b2 --- /dev/null +++ b/thttpd-2.25b-overflow.diff @@ -0,0 +1,32 @@ +--- extras/htpasswd.c ++++ extras/htpasswd.c +@@ -186,15 +186,16 @@ + fprintf(stderr,"Use -c option to create new one.\n"); + exit(1); + } +- strcpy(user,argv[2]); +- ++ strncpy(user,argv[2],MAX_STRING_LEN); ++ user[MAX_STRING_LEN-1]='\0'; + found = 0; + while(!(getline(line,MAX_STRING_LEN,f))) { + if(found || (line[0] == '#') || (!line[0])) { + putline(tfp,line); + continue; + } +- strcpy(l,line); ++ strncpy(l,line,MAX_STRING_LEN); ++ l[MAX_STRING_LEN-1]='\0'; + getword(w,l,':'); + if(strcmp(user,w)) { + putline(tfp,line); +@@ -212,7 +213,8 @@ + } + fclose(f); + fclose(tfp); +- sprintf(command,"cp %s %s",temp_template,argv[1]); ++ snprintf(command,MAX_STRING_LEN,"cp %s %s",temp_template,argv[1]); ++ command[MAX_STRING_LEN-1]='\0'; + system(command); + unlink(temp_template); + exit(0); diff --git a/thttpd-2.25b-pie.patch b/thttpd-2.25b-pie.patch new file mode 100644 index 0000000..32ed7a4 --- /dev/null +++ b/thttpd-2.25b-pie.patch @@ -0,0 +1,15 @@ +--- extras/Makefile.in ++++ extras/Makefile.in +@@ -60,10 +60,10 @@ + $(CC) $(CFLAGS) -DWEBDIR=\"$(WEBDIR)\" -c makeweb.c + + htpasswd: htpasswd.o +- $(CC) $(LDFLAGS) $(STATICFLAG) htpasswd.o -o htpasswd $(LIBS) ++ $(CC) $(LDFLAGS) $(STATICFLAG) -pie htpasswd.o -o htpasswd $(LIBS) + + htpasswd.o: htpasswd.c ../config.h +- $(CC) $(CFLAGS) -DWEBDIR=\"$(WEBDIR)\" -c htpasswd.c ++ $(CC) $(CFLAGS) $(F_PIE) -DWEBDIR=\"$(WEBDIR)\" -c htpasswd.c + + + install: all diff --git a/thttpd-2.25b-sec.patch b/thttpd-2.25b-sec.patch new file mode 100644 index 0000000..b34f1d3 --- /dev/null +++ b/thttpd-2.25b-sec.patch @@ -0,0 +1,16 @@ +--- libhttpd.c ++++ libhttpd.c +@@ -1044,10 +1044,12 @@ + } + + /* Decode it. */ ++ memset(authinfo, 0, sizeof(authinfo)); + l = b64_decode( + &(hc->authorization[6]), (unsigned char*) authinfo, + sizeof(authinfo) - 1 ); +- authinfo[l] = '\0'; ++ authinfo[sizeof(authinfo)-1] = '\0'; ++ + /* Split into user and password. */ + authpass = strchr( authinfo, ':' ); + if ( authpass == (char*) 0 ) diff --git a/thttpd-2.25b-static.patch b/thttpd-2.25b-static.patch new file mode 100644 index 0000000..492fa3d --- /dev/null +++ b/thttpd-2.25b-static.patch @@ -0,0 +1,37 @@ +--- configure.in ++++ configure.in +@@ -24,34 +24,6 @@ + V_CCOPT="-g $V_CCOPT -Wall -Wmissing-prototypes -Wstrict-prototypes" + fi + +-dnl +-dnl maybe this should be a loop +-dnl +-AC_MSG_CHECKING(how to link static binaries) +-AC_CACHE_VAL(ac_cv_lbl_static_flag, +- ac_cv_lbl_static_flag=unknown +- echo 'main() {}' > conftest.c +- if test "$GCC" != yes ; then +- trial_flag="-Bstatic" +- test=`$CC $trial_flag -o conftest conftest.c 2>&1` +- if test -z "$test" ; then +- ac_cv_lbl_static_flag="$trial_flag" +- fi +- rm -f conftest +- fi +- if test "$ac_cv_lbl_static_flag" = unknown ; then +- trial_flag="-static" +- test=`$CC $trial_flag -o conftest conftest.c 2>&1` +- if test -z "$test" ; then +- ac_cv_lbl_static_flag="$trial_flag" +- fi +- rm -f conftest +- fi +- rm conftest.c) +-AC_MSG_RESULT($ac_cv_lbl_static_flag) +-if test "$ac_cv_lbl_static_flag" != unknown ; then +- V_STATICFLAG="$ac_cv_lbl_static_flag" +-fi + + AC_MSG_CHECKING(for __progname) + AC_CACHE_VAL(ac_cv_extern__progname, diff --git a/thttpd-2.25b-syslogtocern.diff b/thttpd-2.25b-syslogtocern.diff new file mode 100644 index 0000000..6e44856 --- /dev/null +++ b/thttpd-2.25b-syslogtocern.diff @@ -0,0 +1,18 @@ +--- extras/syslogtocern ++++ extras/syslogtocern +@@ -31,8 +31,8 @@ + exit 1 + fi + +-tmp1=/tmp/stc1.$$ +-rm -f $tmp1 ++tmp1=`mktemp -t stc1.XXXXXX` || { echo "$0: Cannot create temporary file" >&2; exit 1; } ++trap " [ -f \"$tmp1\" ] && /bin/rm -f -- \"$tmp1\"" 0 1 2 3 13 15 + + # Gather up all the thttpd entries. + egrep ' thttpd\[' $* > $tmp1 +@@ -65,4 +65,3 @@ + sed -e "s,\([A-Z][a-z][a-z] [0-9 ][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]\) [^ ]* thttpd\[[0-9]*\]: \(.*\),[\1 ${year}] \2," > error_log + + # Done. +-rm -f $tmp1 diff --git a/thttpd-2.25b-time_h.patch b/thttpd-2.25b-time_h.patch new file mode 100644 index 0000000..fbfcd21 --- /dev/null +++ b/thttpd-2.25b-time_h.patch @@ -0,0 +1,11 @@ +--- libhttpd.h ++++ libhttpd.h +@@ -28,6 +28,8 @@ + #ifndef _LIBHTTPD_H_ + #define _LIBHTTPD_H_ + ++#include ++ + #include + #include + #include diff --git a/thttpd-2.25b.tar.bz2 b/thttpd-2.25b.tar.bz2 new file mode 100644 index 0000000..e1891f3 --- /dev/null +++ b/thttpd-2.25b.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:fd1fb01e3d5c9261b5357c246289d3b38f145aeb5faf922965238b86a09cb22d +size 108797 diff --git a/thttpd-SuSE.tar.bz2 b/thttpd-SuSE.tar.bz2 new file mode 100644 index 0000000..1cf94a5 --- /dev/null +++ b/thttpd-SuSE.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:dd96062d39b17433a52b66f2783bb2b5ebf48af68304386913b73ef4406c99d2 +size 60713 diff --git a/thttpd.changes b/thttpd.changes new file mode 100644 index 0000000..a1c88c9 --- /dev/null +++ b/thttpd.changes @@ -0,0 +1,237 @@ +------------------------------------------------------------------- +Fri Mar 10 17:14:09 CET 2006 - anicka@suse.cz + +- fix buffer overflows in htpasswd (#156978) + +------------------------------------------------------------------- +Wed Jan 25 21:42:09 CET 2006 - mls@suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Mon Nov 21 15:57:27 CET 2005 - anicka@suse.cz + +- fix tmp race in syslogtocern (#131056) + +------------------------------------------------------------------- +Wed Oct 12 19:11:17 CEST 2005 - anicka@suse.cz + +- use %config(noreplace) for index.html + +------------------------------------------------------------------- +Wed Jun 22 15:54:10 CEST 2005 - anicka@suse.cz + +- compile dynamic binaries instead of static +- compile htpasswd with -pie + +------------------------------------------------------------------- +Wed Mar 9 18:26:33 CET 2005 - mcihar@suse.cz + +- do not conflict with other webservers (bug #71742) + +------------------------------------------------------------------- +Tue Feb 17 17:46:41 CET 2004 - tcrhak@suse.cz + +- update to version 2.25b + +------------------------------------------------------------------- +Tue Jan 13 18:07:52 CET 2004 - schwab@suse.de + +- Fix use of aclocal. + +------------------------------------------------------------------- +Wed Oct 29 16:59:58 CET 2003 - tcrhak@suse.cz + +- update to 2.24, includes a fix for a buffer overflow [bug #32734] +- fixed virtual hosting security hole [bug #32757] +- fixed permissions according to permissions.secure, + added macros %run_permissions and %verify_permissions + +------------------------------------------------------------------- +Mon Sep 01 20:40:30 CEST 2003 - tcrhak@suse.cz + +- added macros %stop_on_removal and %restart_on_update [bug #29022] + +------------------------------------------------------------------- +Thu Jun 5 15:57:54 CEST 2003 - ro@suse.de + +- remove unpackaged files from buildroot + +------------------------------------------------------------------- +Tue Mar 11 16:55:30 CET 2003 - tcrhak@suse.cz + +- fixed permissions of the init scipt [bug #25084] + +------------------------------------------------------------------- +Tue Oct 15 15:08:21 CEST 2002 - tcrhak@suse.cz + +- substitute correct servroot during built + +------------------------------------------------------------------- +Mon Oct 14 19:52:11 CEST 2002 - tcrhak@suse.cz + +- use /srv/www rather then /usr/local/httpd [bug #20802] + +------------------------------------------------------------------- +Fri Aug 2 01:23:09 CEST 2002 - ro@suse.de + +- adapt server root + +------------------------------------------------------------------- +Sat Jul 27 19:01:40 CEST 2002 - kukuk@suse.de + +- Change group from wwwadmin to www + +------------------------------------------------------------------- +Sat Jul 27 18:54:13 CEST 2002 - adrian@suse.de + +- do not source rc.config anymore + +------------------------------------------------------------------- +Tue Jul 02 15:15:28 CEST 2002 - tcrhak@suse.cz + +- update to version 2.23beta1 + +------------------------------------------------------------------- +Tue Jan 15 13:14:02 CET 2002 - tcrhak@suse.cz + +- update to version 2.20c +- added thttpd-2.20c-sec.patch +- removed START_THTTPD from README.SuSE + +------------------------------------------------------------------- +Tue Jan 15 00:28:27 CET 2002 - ro@suse.de + +- removed START_THTTPD + +------------------------------------------------------------------- +Fri Sep 21 13:32:45 CEST 2001 - bjacke@suse.de + +- fix version on template webpage + +------------------------------------------------------------------- +Mon Sep 3 12:10:09 CEST 2001 - adostal@suse.cz + +- fix /etc/init.d in thttpd-SuSE.tar.bz2 files +- split patches on configure, dirs, time_h and newautoconf + +------------------------------------------------------------------- +Thu Jun 14 14:16:41 CEST 2001 - adostal@suse.cz + +- fix for new autoconf + +------------------------------------------------------------------- +Fri Apr 13 14:44:59 CEST 2001 - nadvornik@suse.cz + +- changed initscript according to skeleton + +------------------------------------------------------------------- +Thu Mar 8 14:13:39 CET 2001 - nadvornik@suse.cz + +- compiled with RPM_OPT_FLAGS + +------------------------------------------------------------------- +Thu Feb 15 09:12:17 CET 2001 - nadvornik@suse.cz + +- fixed to compile + +------------------------------------------------------------------- +Wed Dec 13 11:22:35 CET 2000 - smid@suse.cz + +- generatig of default page moved to %install (it was in %post and +- caused [#4566] + +------------------------------------------------------------------- +Tue Dec 12 12:00:29 CET 2000 - smid@suse.cz + +- default cgibin pattern changed [#4564] +- rcthttpd link added + +------------------------------------------------------------------- +Sun Dec 3 13:49:37 CET 2000 - smid@suse.cz + +- new version: 2.20b + +------------------------------------------------------------------- +Fri Dec 1 12:52:43 CET 2000 - ro@suse.de + +- moved init-script + +------------------------------------------------------------------- +Thu Nov 2 11:09:38 CET 2000 - smid@suse.cz + +- fix ugly bug in startup scripts + +------------------------------------------------------------------- +Thu Sep 28 15:08:03 CEST 2000 - smid@suse.cz + +- new version: 2.20 + +------------------------------------------------------------------- +Wed Aug 30 10:37:06 CEST 2000 - smid@suse.cz + +- fix bug in startup script + +------------------------------------------------------------------- +Wed Jul 5 14:20:46 MEST 2000 - mha@suse.de + +- new version: 2.19 + +------------------------------------------------------------------- +Tue May 23 09:03:05 CEST 2000 - smid@suse.cz + +- buildroot fixed + +------------------------------------------------------------------- +Wed May 3 12:35:48 CEST 2000 - smid@suse.cz + +- buildroot added + +------------------------------------------------------------------- +Tue Mar 21 11:34:04 CET 2000 - mha@suse.de + +- update to 2.16 + +------------------------------------------------------------------- +Fri Mar 3 17:32:43 MET 2000 - uli@suse.de + +- moved man pages to %{_mandir} + +------------------------------------------------------------------- +Mon Feb 28 16:34:00 MET 2000 - mha@suse.de + +- new version: 2.15 + +------------------------------------------------------------------- +Thu Feb 17 18:23:19 CET 2000 - dipa@suse.de + +- bug #1268 rc.config variable set to no + +------------------------------------------------------------------- +Wed Jan 12 13:40:40 MET 2000 - mha@suse.de + +- new version: 2.11 +- new conflicts (roxen, apache, aolserv), provides (http_daemon) +- new homepage + +------------------------------------------------------------------- +Tue Nov 16 18:14:45 MET 1999 - kukuk@suse.de + +- Fix stack overflow + +------------------------------------------------------------------- +Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de + +- ran old prepare_spec on spec file to switch to new prepare_spec. + +------------------------------------------------------------------- +Thu Sep 9 12:15:28 CEST 1999 - bs@suse.de + +- fixed call of Check at the end of %install section + +------------------------------------------------------------------- +Sun Jul 11 16:21:57 MEST 1999 - mha@suse.de + +- new package: thttpd (a _small_ webserver) + absolutely no configuration needed - and yet save (chroot)! + diff --git a/thttpd.spec b/thttpd.spec new file mode 100644 index 0000000..c7dea40 --- /dev/null +++ b/thttpd.spec @@ -0,0 +1,233 @@ +# +# spec file for package thttpd (Version 2.25b) +# +# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany. +# This file and all modifications and additions to the pristine +# package are under the same license as the package itself. +# +# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# + + +Name: thttpd +License: Other License(s), see package, X11/MIT +Group: Productivity/Networking/Web/Servers +Provides: http_daemon +PreReq: %fillup_prereq %insserv_prereq permissions +Autoreqprov: on +Version: 2.25b +Release: 38 +Source: %{name}-%{version}.tar.bz2 +Source1: %{name}-SuSE.tar.bz2 +Patch0: %{name}-%{version}-configure.patch +Patch1: %{name}-%{version}-dirs.patch +Patch2: %{name}-%{version}-time_h.patch +Patch3: %{name}-%{version}-newautoconf.patch +Patch4: %{name}-%{version}-sec.patch +Patch5: %{name}-%{version}-static.patch +Patch6: %{name}-%{version}-pie.patch +Patch7: %{name}-%{version}-syslogtocern.diff +Patch8: %{name}-%{version}-overflow.diff +URL: http://www.acme.com/software/thttpd/ +BuildRoot: %{_tmppath}/%{name}-%{version}-build +Summary: Small and very simple webserver + +%description +Thttpd is a very compact no-frills httpd serving daemon that can handle +very high loads. While lacking many of the advanced features of Roxen +or Apache, thttpd operates without forking and is extremely efficient +in memory use. Basic support for cgi scripts, authentication, and ssi +is provided for. Advanced features include the ability to throttle +traffic. + + + +Authors: +-------- + jef@acme.com + +%define prefix /usr +%define sysconfdir /etc +%define serverroot /srv/www +%prep +%setup -q -a 1 +%patch0 +%patch1 +%patch2 +%patch3 +%patch4 +%patch5 +%patch6 +%patch7 +%patch8 + +%build +for i in README.SuSE SuSE/etc/init.d/thttpd; do +sed "s @SRVROOT@ %{serverroot}/htdocs " $i >$i.new +mv $i.new $i +done +chmod 744 SuSE/etc/init.d/thttpd +%{suse_update_config} +mv aclocal.m4 acinclude.m4 +libtoolize --force +aclocal --force +autoconf -f +V_CCOPT="$RPM_OPT_FLAGS -Wall" \ + ./configure \ + --mandir=%{_mandir} \ + --prefix=%{prefix} \ + --infodir=%{_infodir} \ + --sysconfdir=%{sysconfdir} +%ifarch s390 s390x +make F_PIE="-fPIE" +%else +make F_PIE="-fpie" +%endif + +%install +rm -rf $RPM_BUILD_ROOT +install -d $RPM_BUILD_ROOT/usr/bin \ + $RPM_BUILD_ROOT/usr/sbin \ + $RPM_BUILD_ROOT/%{_mandir}/man1 \ + $RPM_BUILD_ROOT/%{_mandir}/man8 \ + $RPM_BUILD_ROOT%{serverroot}/htdocs/users +make DESTDIR=$RPM_BUILD_ROOT/ install +cp -a SuSE/* $RPM_BUILD_ROOT +sed "s@THTTPD-RELEASE@%{version}@" \ + $RPM_BUILD_ROOT%{serverroot}/htdocs/index.html.template > \ + $RPM_BUILD_ROOT%{serverroot}/htdocs/index.html +rm -f $RPM_BUILD_ROOT%{serverroot}/htdocs/index.html.template + +%post +%{fillup_and_insserv thttpd} +%run_permissions + +%verifyscript +%verify_permissions -e /usr/bin/makeweb + +%preun +%stop_on_removal thttpd + +%postun +%restart_on_update thttpd +%{insserv_cleanup} + +%clean +rm -rf $RPM_BUILD_ROOT + +%files +%defattr(-, root, root) +%doc README README.SuSE config.h +%{serverroot}/htdocs/cgi-bin +%{serverroot}/htdocs/gif +%attr(775, root, www) %{serverroot}/htdocs/users +%config(noreplace) %{serverroot}/htdocs/index.html +%verify(not mode) %attr(2750, root, www) /usr/bin/makeweb +/usr/bin/htpasswd +/usr/sbin/* +/usr/share/man/*/* +%config /etc/init.d/thttpd + +%changelog -n thttpd +* Fri Mar 10 2006 - anicka@suse.cz +- fix buffer overflows in htpasswd (#156978) +* Wed Jan 25 2006 - mls@suse.de +- converted neededforbuild to BuildRequires +* Mon Nov 21 2005 - anicka@suse.cz +- fix tmp race in syslogtocern (#131056) +* Wed Oct 12 2005 - anicka@suse.cz +- use %%config(noreplace) for index.html +* Wed Jun 22 2005 - anicka@suse.cz +- compile dynamic binaries instead of static +- compile htpasswd with -pie +* Wed Mar 09 2005 - mcihar@suse.cz +- do not conflict with other webservers (bug #71742) +* Tue Feb 17 2004 - tcrhak@suse.cz +- update to version 2.25b +* Tue Jan 13 2004 - schwab@suse.de +- Fix use of aclocal. +* Wed Oct 29 2003 - tcrhak@suse.cz +- update to 2.24, includes a fix for a buffer overflow [bug #32734] +- fixed virtual hosting security hole [bug #32757] +- fixed permissions according to permissions.secure, + added macros %%run_permissions and %%verify_permissions +* Mon Sep 01 2003 - tcrhak@suse.cz +- added macros %%stop_on_removal and %%restart_on_update [bug #29022] +* Thu Jun 05 2003 - ro@suse.de +- remove unpackaged files from buildroot +* Tue Mar 11 2003 - tcrhak@suse.cz +- fixed permissions of the init scipt [bug #25084] +* Tue Oct 15 2002 - tcrhak@suse.cz +- substitute correct servroot during built +* Mon Oct 14 2002 - tcrhak@suse.cz +- use /srv/www rather then /usr/local/httpd [bug #20802] +* Fri Aug 02 2002 - ro@suse.de +- adapt server root +* Sat Jul 27 2002 - kukuk@suse.de +- Change group from wwwadmin to www +* Sat Jul 27 2002 - adrian@suse.de +- do not source rc.config anymore +* Tue Jul 02 2002 - tcrhak@suse.cz +- update to version 2.23beta1 +* Tue Jan 15 2002 - tcrhak@suse.cz +- update to version 2.20c +- added thttpd-2.20c-sec.patch +- removed START_THTTPD from README.SuSE +* Tue Jan 15 2002 - ro@suse.de +- removed START_THTTPD +* Fri Sep 21 2001 - bjacke@suse.de +- fix version on template webpage +* Mon Sep 03 2001 - adostal@suse.cz +- fix /etc/init.d in thttpd-SuSE.tar.bz2 files +- split patches on configure, dirs, time_h and newautoconf +* Thu Jun 14 2001 - adostal@suse.cz +- fix for new autoconf +* Fri Apr 13 2001 - nadvornik@suse.cz +- changed initscript according to skeleton +* Thu Mar 08 2001 - nadvornik@suse.cz +- compiled with RPM_OPT_FLAGS +* Thu Feb 15 2001 - nadvornik@suse.cz +- fixed to compile +* Wed Dec 13 2000 - smid@suse.cz +- generatig of default page moved to %%install (it was in %%post and +- caused [#4566] +* Tue Dec 12 2000 - smid@suse.cz +- default cgibin pattern changed [#4564] +- rcthttpd link added +* Sun Dec 03 2000 - smid@suse.cz +- new version: 2.20b +* Fri Dec 01 2000 - ro@suse.de +- moved init-script +* Thu Nov 02 2000 - smid@suse.cz +- fix ugly bug in startup scripts +* Thu Sep 28 2000 - smid@suse.cz +- new version: 2.20 +* Wed Aug 30 2000 - smid@suse.cz +- fix bug in startup script +* Wed Jul 05 2000 - mha@suse.de +- new version: 2.19 +* Tue May 23 2000 - smid@suse.cz +- buildroot fixed +* Wed May 03 2000 - smid@suse.cz +- buildroot added +* Tue Mar 21 2000 - mha@suse.de +- update to 2.16 +* Fri Mar 03 2000 - uli@suse.de +- moved man pages to %%{_mandir} +* Mon Feb 28 2000 - mha@suse.de +- new version: 2.15 +* Thu Feb 17 2000 - dipa@suse.de +- bug #1268 rc.config variable set to no +* Wed Jan 12 2000 - mha@suse.de +- new version: 2.11 +- new conflicts (roxen, apache, aolserv), provides (http_daemon) +- new homepage +* Tue Nov 16 1999 - kukuk@suse.de +- Fix stack overflow +* Mon Sep 13 1999 - bs@suse.de +- ran old prepare_spec on spec file to switch to new prepare_spec. +* Thu Sep 09 1999 - bs@suse.de +- fixed call of Check at the end of %%install section +* Sun Jul 11 1999 - mha@suse.de +- new package: thttpd (a _small_ webserver) + absolutely no configuration needed - and yet save (chroot)!