pool/thttpd
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
thttpd/thttpd.spec
Adam Majer 0e01d6d1eb - added thttpd-c99.patch 
* keep using the deprecated function sigset
  * patch borrowed from fedora rpm
- Use %patch -P N instead of deprecated %patchN.
- Added hardening to systemd service(s) (bsc#1181400). Modified:
  * thttpd.service
- Allow regular users to execute makeweb (bsc#1171580)
  * Set permissions to 2751
- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to
  shortcut through the -mini flavors.
- Update to 2.29 (bsc#1112629)
  Allow CGI to handle HTTP methods besides GET/HEAD/POST.
  Improvements to the FreeBSD startup script. (Craig Leres)
  Minor portability tweak in mmc.c.
  Fix to buffer overrun bug in htpasswd. Reported by Alessio Santoru as CVE-2017-17663.
- update thttpd-2.25b-overflow.diff
- Trim filler wording from description.
- Require group www (bsc#1057985)
- update to 2.27
  Stats syslogs changed from LOG_INFO to LOG_NOTICE.
  Use memmove() for self-overlapping string copies instead of strcpy().
  Couple of subroutine name changes for consistency.
- drop thttpd-2.25b-strcpy.patch (upstream)
- enforce single process build, as parallel does fail sometimes
- added Conflicts: apache2-example-pages
  * both packages provide /srv/www/htdocs/index.html
- build with pie and full relro
- package cleanup (bnc#899218)
  * removed SUSE branding
  * added logrotate support
  * changed note about default codepage
- added Conflicts: apache2-utils
  * both packages provide /usr/bin/htpasswd
  * see comments in https://build.opensuse.org/request/show/310178
- use /usr/sbin path in service to fix start (bnc#906696)
- drop thttpd-2.25b.tar.bz2 (old tarball)
- update to 2.26 (bnc#894285)
  Ignore ECONNABORTED on accept().
  Correctly implemented the config-file option change from "nosymlink"
  to "nosymlinkcheck", which was supposedly done in version 2.24.
  Removed mailto: link from default index page.
  Allow CGIs to provide both Location and Status headers.
  Better logic for figuring out CGI SERVER_NAME environment variable.
  Updated for clang, and general cleanup.
- dropped thttpd-2.25b-getline.patch (upstream)
- added thttpd-crypt_is_in_crypt.h.patch
- Use systemd instead of sysvinit in openSUSE > 12.2
- fix CVE-2013-0348 (bnc#853381)
  * don't create a world readable logfile
- DO not add sample index.html that will conflict with apache 
- added checks for crypt() return value (CVE-2012-5640) (bnc#783165)
  * thttpd-2.25b-CVE-2012-5640-check_crypt_return_value.patch
- use different versions of automake (SLE)
- use %set_permissions instead of %run_permissions (bnc#764110)
- fix build with automake 1.12 
- drop thttpd-2.25b-x86_64_machine_not_recognized.patch but copy
  config.guess from automake to fix ppc64 as well 
- fixed build and added -fpie for makeweb
- add libtool as buildrequire to avoid implicit dependency
- rename getline to my_getline to avoid collision with function
  from glibc 
- add new branding (bnc#492693) 
- fixed another syntax error in config file
- fix syntax error in config file
- use %config(noreplace) for /etc/thttpd.conf
- added Short-Description tag into init script 
- added config file (/etc/thttpd.conf)
- Adding check for zero length
  - from Marcus Meissner
  - zerolen.patch
- Replacing strcpy with memmove when they overlap
  - strcpy.patch
- Both from #230776
- Fix building as non-root.
- fix buffer overflows in htpasswd (#156978) 
- converted neededforbuild to BuildRequires
- fix tmp race in syslogtocern (#131056) 
- use %config(noreplace) for index.html 
- compile dynamic binaries instead of static
- compile htpasswd with -pie
- do not conflict with other webservers (bug #71742)
- update to version 2.25b
- Fix use of aclocal.
- update to 2.24, includes a fix for a buffer overflow [bug #32734]
- fixed virtual hosting security hole [bug #32757]
- fixed permissions according to permissions.secure,
  added macros %run_permissions and %verify_permissions
- added macros %stop_on_removal and %restart_on_update [bug #29022]
- remove unpackaged files from buildroot 
- fixed permissions of the init scipt [bug #25084]
- substitute correct servroot during built
- use /srv/www rather then /usr/local/httpd [bug #20802]
- adapt server root 
- Change group from wwwadmin to www
- do not source rc.config anymore
- update to version 2.23beta1
- update to version 2.20c
- added thttpd-2.20c-sec.patch
- removed START_THTTPD from README.SuSE
- removed START_THTTPD 
- fix version on template webpage
- fix /etc/init.d in thttpd-SuSE.tar.bz2 files
- split patches on configure, dirs, time_h and newautoconf 
- fix for new autoconf 
- changed initscript according to skeleton
- compiled with RPM_OPT_FLAGS
- fixed to compile
- generatig of default page moved to %install (it was in %post and
- caused [#4566]
- default cgibin pattern changed [#4564]
- rcthttpd link added
- new version: 2.20b
- moved init-script 
- fix ugly bug in startup scripts
- new version: 2.20
- fix bug in startup script
- new version: 2.19
- buildroot fixed
- buildroot added
- update to 2.16 
- moved man pages to %{_mandir}
- new version: 2.15
- bug #1268 rc.config variable set to no 
- new version: 2.11
- new conflicts (roxen, apache, aolserv), provides (http_daemon)
- new homepage
- Fix stack overflow
- ran old prepare_spec on spec file to switch to new prepare_spec.
- fixed call of Check at the end of %install section
- new package: thttpd (a _small_ webserver)
  absolutely no configuration needed - and yet save (chroot)!

OBS-URL: https://build.opensuse.org/package/show/server:http/thttpd?expand=0&rev=51
2024-12-05 17:25:02 +00:00

179 lines
4.9 KiB
RPMSpec
Raw Permalink Blame History

#
# spec file for package thttpd
#
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define serverroot /srv/www
%if 0%{?suse_version} > 1220
%define with_systemd 1
%else
%define with_systemd 0
%endif
Name: thttpd
Version: 2.29
Release: 0
Summary: Small and simple webserver
License: BSD-3-Clause
Group: Productivity/Networking/Web/Servers
URL: http://www.acme.com/software/thttpd/
Source: http://www.acme.com/software/thttpd/%{name}-%{version}.tar.gz
Source1: %{name}-initd.script
Source2: %{name}.service
Source3: %{name}.logrotate
Source4: %{name}.conf
Patch0: %{name}-2.25b-configure.patch
Patch1: %{name}-2.25b-dirs.patch
Patch2: %{name}-2.25b-time_h.patch
Patch3: %{name}-2.25b-newautoconf.patch
Patch4: %{name}-2.25b-sec.patch
Patch5: %{name}-2.25b-static.patch
Patch6: %{name}-2.25b-pie.patch
Patch7: %{name}-2.25b-syslogtocern.diff
Patch8: %{name}-2.25b-overflow.diff
Patch9: %{name}-2.25b-chown.diff
Patch10: %{name}-2.25b-zerolen.patch
# PATCH-FIX-SUSE CVE-2012-5640
Patch13: thttpd-2.25b-CVE-2012-5640-check_crypt_return_value.patch
Patch14: thttpd-CVE-2013-0348.patch
Patch15: thttpd-crypt_is_in_crypt.h.patch
# PATCH-FIX-SUSE keep using deprecated function sigset
Patch16: thttpd-c99.patch
BuildRequires: automake
BuildRequires: libtool
Requires(post): permissions
Requires: group(www)
Recommends: logrotate
# both packages provide /srw/www/htdocs/index.html
Conflicts: apache2-example-pages
# both packages provide /usr/bin/htpasswd
Conflicts: apache2-utils
Provides: http_daemon
%if %{with_systemd}
BuildRequires: pkgconfig(systemd)
%{?systemd_ordering}
%else
Requires(post): %fillup_prereq
Requires(post): %insserv_prereq
%endif
%description
Thttpd is a compact httpd serving daemon that can handle
high loads. While lacking many of the advanced features of Roxen
or Apache, thttpd operates without forking and is efficient
in memory use. Basic support for CGI scripts, authentication, and SSI
is provided. Advanced features include the ability to throttle
traffic.
%prep
%setup -q
%patch -P 0
%patch -P 1
%patch -P 2
%patch -P 3
%patch -P 4
%patch -P 5
%patch -P 6
%patch -P 7
%patch -P 8
%patch -P 9
%patch -P 10
%patch -P 13 -p1
%patch -P 14 -p1
%patch -P 15 -p1
%patch -P 16 -p1
%build
cp %{_datadir}/automake-1.*/config.* .
mv aclocal.m4 acinclude.m4
libtoolize --force
aclocal --force
autoconf -f
export V_CCOPT="%{optflags} -fPIC -DPIC -fPIE"
export CFLAGS="%{optflags} -fPIC -DPIC -fPIE"
export LDFLAGS="-pie -Wl,-z,relro,-z,now"
%configure
# parallel build causes problems, single thread build takes only 10s anyway
make -j1
%install
install -d %{buildroot}%{_bindir} \
%{buildroot}%{_sbindir} \
%{buildroot}%{_mandir}/man1 \
%{buildroot}%{_mandir}/man8 \
%{buildroot}%{serverroot}/htdocs/users
%make_install
install -D -m0644 index.html %{buildroot}/%{serverroot}/htdocs/index.html
install -D -m0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/%{name}.conf
install -D -m0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
%if %{with_systemd}
install -D -m0644 %{SOURCE2} %{buildroot}%{_unitdir}/%{name}.service
ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
%else
install -D -m0644 %{SOURCE1} %{buildroot}%{_initddir}/%{name}
ln -s %{buildroot}%{_initddir}/%{name} %{buildroot}%{_sbindir}/rc%{name}
%endif
%if %{with_systemd}
%pre
%service_add_pre %{name}.service
%endif
%post
%if %{with_systemd}
%service_add_post %{name}.service
%else
%{fillup_and_insserv thttpd}
%endif
%set_permissions %{_bindir}/makeweb
%verifyscript
%verify_permissions -e %{_bindir}/makeweb
%preun
%if %{with_systemd}
%service_del_preun %{name}.service
%else
%stop_on_removal thttpd
%endif
%postun
%if %{with_systemd}
%service_del_postun %{name}.service
%else
%restart_on_update thttpd
%insserv_cleanup
%endif
%files
%doc README config.h
%dir %{serverroot}
%dir %{serverroot}/htdocs
%{serverroot}/htdocs/*
%attr(775, root, www) %{serverroot}/htdocs/users
%verify(not mode) %attr(2751, root, www) %{_bindir}/makeweb
%{_bindir}/htpasswd
%{_sbindir}/*
%{_mandir}/*/*
%config %{_sysconfdir}/logrotate.d/%{name}
%if %{with_systemd}
%{_unitdir}/%{name}.service
%else
%config %{_initddir}/thttpd
%endif
%config(noreplace) %{_sysconfdir}/thttpd.conf
%changelog
Reference in New Issue View Git Blame Copy Permalink