[Pkg-apache-commits] [SCM] Debian packaging for apache2 (Apache HTTPD 2.x) branch, next, updated. 9ab7c89a2f83bae78e2ad16d5e75b181ffb25467
Arno Töll
debian at toell.net
Wed Feb 29 17:02:34 UTC 2012
The following commit has been merged in the next branch:
commit f771cabaef1779b5f19f27b3d53d0c18ffa15cd7
Author: Jean-Michel Vourgère <jmv_deb at nirgal.com>
Date: Sat Feb 25 17:04:32 2012 +0100
Refresh patches to use DEP-3. Reactivated patches
Signed-off-by: Arno Töll <debian at toell.net>
diff --git a/debian/changelog b/debian/changelog
index 29029f3..0c1c9bb 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -126,6 +126,14 @@ apache2 (2.4.1-1) experimental; urgency=low
* Update bash completion functions to reflect the new site setup. (Closes:
#657492)
+ * Migrate patches to DEP-3 format.
+ * Drop patches:
+ + 004_usr_bin_perl_0wnz_j00: printenv exemple doesn't refer to
+ /usr/local/bin/perl anymore
+ + 008_make_include_safe: Include doesn't support directory anymore.
+ Include dir/*.conf must be used.
+ + 009_apache2_has_dso: Upstream is no longer testing DSO is available. So
+ we don't need to remove that test anymore.
-- arno <arno at build.fritz.box> Wed, 29 Feb 2012 15:44:04 +0100
diff --git a/debian/patches/008_make_include_safe b/debian/patches/008_make_include_safe
old mode 100755
new mode 100644
index 7bb040e..736943a
--- a/debian/patches/008_make_include_safe
+++ b/debian/patches/008_make_include_safe
@@ -1,12 +1,12 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 008_make_include_safe by Adam Conrad <adconrad at 0c3.net>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: Avoid including dpkg droppings in globbed includes.
-
- at DPATCH@
---- a/server/config.c
-+++ b/server/config.c
+Description: Avoid including dpkg droppings in globbed includes.
+ Include /dir/* will ignore /dir/*.dpkg* files
+Forwarded: not-needed
+Author: Adam Conrad <adconrad at 0c3.net>
+Last-Update: 2012-02-25
+Index: apache2/server/config.c
+===================================================================
+--- apache2.orig/server/config.c
++++ apache2/server/config.c
@@ -34,6 +34,7 @@
#include "apr_portable.h"
#include "apr_file_io.h"
@@ -15,8 +15,8 @@
#define APR_WANT_STDIO
#define APR_WANT_STRFUNC
-@@ -1543,6 +1544,30 @@
- return strcmp(f1->fname,f2->fname);
+@@ -1787,6 +1788,29 @@
+ return NULL;
}
+static int fname_valid(const char *fname) {
@@ -27,8 +27,7 @@
+ return 0;
+ }
+ ++c;
-+
-+
++
+ while (*c) {
+ if (!apr_isalnum(*c) && *c!='_' && *c!='-' && *c!='.') {
+ return 0;
@@ -46,7 +45,7 @@
static const char *process_resource_config_nofnmatch(server_rec *s,
const char *fname,
ap_directive_t **conftree,
-@@ -1586,7 +1611,8 @@
+@@ -1829,7 +1853,8 @@
while (apr_dir_read(&dirent, APR_FINFO_DIRENT, dirp) == APR_SUCCESS) {
/* strip out '.' and '..' */
if (strcmp(dirent.name, ".")
@@ -54,15 +53,15 @@
+ && strcmp(dirent.name, "..")
+ && fname_valid(dirent.name)) {
fnew = (fnames *) apr_array_push(candidates);
- fnew->fname = ap_make_full_path(p, path, dirent.name);
- }
-@@ -1714,7 +1740,8 @@
- if (strcmp(dirent.name, ".")
- && strcmp(dirent.name, "..")
- && (apr_fnmatch(pattern, dirent.name,
-- APR_FNM_PERIOD) == APR_SUCCESS)) {
-+ APR_FNM_PERIOD) == APR_SUCCESS)
-+ && fname_valid(dirent.name)) {
- fnew = (fnames *) apr_array_push(candidates);
- fnew->fname = ap_make_full_path(p, path, dirent.name);
+ fnew->fname = ap_make_full_path(ptemp, path, dirent.name);
}
+@@ -1918,7 +1943,8 @@
+ if (strcmp(dirent.name, ".")
+ && strcmp(dirent.name, "..")
+ && (apr_fnmatch(fname, dirent.name,
+- APR_FNM_PERIOD) == APR_SUCCESS)) {
++ APR_FNM_PERIOD) == APR_SUCCESS)
++ && fname_valid(dirent.name)) {
+ const char *full_path = ap_make_full_path(ptemp, path, dirent.name);
+ /* If matching internal to path, and we happen to match something
+ * other than a directory, skip it
diff --git a/debian/patches/010_fhs_compliance b/debian/patches/010_fhs_compliance
index 361e8f7..46f0934 100644
--- a/debian/patches/010_fhs_compliance
+++ b/debian/patches/010_fhs_compliance
@@ -1,13 +1,12 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 010_more_fhs_compliance by Adam Conrad <adconrad at 0c3.net>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: Fix up FHS file locations for apache2 droppings.
-
- at DPATCH@
---- a/configure
-+++ b/configure
-@@ -31402,17 +31402,17 @@
+Description: Fix up FHS file locations for apache2 droppings.
+Forwarded: not-needed
+Author: Adam Conrad <adconrad at 0c3.net>
+Last-Update: 2012-02-25
+Index: apache2/configure
+===================================================================
+--- apache2.orig/configure
++++ apache2/configure
+@@ -31752,17 +31752,17 @@
cat >>confdefs.h <<_ACEOF
@@ -28,9 +27,11 @@
_ACEOF
---- a/configure.in
-+++ b/configure.in
-@@ -770,11 +770,11 @@
+Index: apache2/configure.in
+===================================================================
+--- apache2.orig/configure.in
++++ apache2/configure.in
+@@ -780,11 +780,11 @@
echo $MODLIST | $AWK -f $srcdir/build/build-modules-c.awk > modules.c
APR_EXPAND_VAR(ap_prefix, $prefix)
@@ -45,8 +46,10 @@
[Location of the MIME types config file, relative to the Apache root directory])
perlbin=`$ac_aux_dir/PrintPath perl`
---- a/include/ap_config_layout.h.in
-+++ b/include/ap_config_layout.h.in
+Index: apache2/include/ap_config_layout.h.in
+===================================================================
+--- apache2.orig/include/ap_config_layout.h.in
++++ apache2/include/ap_config_layout.h.in
@@ -60,5 +60,6 @@
#define DEFAULT_REL_LOGFILEDIR "@rel_logfiledir@"
#define DEFAULT_EXP_PROXYCACHEDIR "@exp_proxycachedir@"
diff --git a/debian/patches/031_apxs2_sucks_more b/debian/patches/031_apxs2_sucks_more
old mode 100755
new mode 100644
index 7d6f68e..1d334c6
--- a/debian/patches/031_apxs2_sucks_more
+++ b/debian/patches/031_apxs2_sucks_more
@@ -1,22 +1,13 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 031_apxs2_sucks_more by Adam Conrad <adconrad at 0c3.net>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: Make apxs2 use httpd.conf, instead of apache2.conf, plus other random fixes.
-
- at DPATCH@
---- a/support/apxs.in
-+++ b/support/apxs.in
-@@ -189,7 +189,7 @@
- my $httpd = get_vars("sbindir") . "/" . get_vars("progname");
- $httpd = eval qq("$httpd");
- $httpd = eval qq("$httpd");
--my $envvars = get_vars("sbindir") . "/envvars";
-+my $envvars = "$CFG_SYSCONFDIR" . "/envvars";
- $envvars = eval qq("$envvars");
- $envvars = eval qq("$envvars");
-
-@@ -292,6 +292,7 @@
+Description: Make apxs2 use httpd.conf, instead of apache2.conf, plus other
+ random fixes.
+Forwarded: no
+Author: Adam Conrad <adconrad at 0c3.net>
+Last-Update: 2012-02-25
+Index: apache2/support/apxs.in
+===================================================================
+--- apache2.orig/support/apxs.in
++++ apache2/support/apxs.in
+@@ -274,6 +274,7 @@
$data =~ s|%TARGET%|$CFG_TARGET|sg;
$data =~ s|%PREFIX%|$prefix|sg;
$data =~ s|%INSTALLBUILDDIR%|$installbuilddir|sg;
@@ -24,7 +15,7 @@
my ($mkf, $mods, $src) = ($data =~ m|^(.+)-=#=-\n(.+)-=#=-\n(.+)|s);
-@@ -480,7 +481,7 @@
+@@ -500,7 +501,7 @@
if ($opt_i) {
push(@cmds, "$installbuilddir/instdso.sh SH_LIBTOOL='" .
"$libtool' $f $CFG_LIBEXECDIR");
@@ -33,7 +24,7 @@
}
# determine module symbolname and filename
-@@ -516,7 +517,8 @@
+@@ -536,7 +537,8 @@
$filename = "mod_${name}.c";
}
my $dir = $CFG_LIBEXECDIR;
@@ -43,7 +34,7 @@
$dir =~ s|(.)$|$1/|;
$t =~ s|\.la$|.so|;
push(@lmd, sprintf("LoadModule %-18s %s", "${name}_module", "$dir$t"));
-@@ -527,17 +529,17 @@
+@@ -547,17 +549,17 @@
# activate module via LoadModule/AddModule directive
if ($opt_a or $opt_A) {
@@ -65,7 +56,7 @@
error("At least one `LoadModule' directive already has to exist.");
exit(1);
}
-@@ -616,15 +618,15 @@
+@@ -636,15 +638,15 @@
$content =~ s|^(.*\n)#?\s*$lmd_re[^\n]*\n|$1$c$lmd\n|s;
}
$lmd =~ m|LoadModule\s+(.+?)_module.*|;
@@ -86,7 +77,7 @@
} else {
notice("unable to open configuration file");
}
-@@ -648,8 +650,8 @@
+@@ -668,8 +670,8 @@
##
builddir=.
diff --git a/debian/patches/033_dbm_read_hash_or_btree b/debian/patches/033_dbm_read_hash_or_btree
old mode 100755
new mode 100644
index 4638322..6fbb54a
--- a/debian/patches/033_dbm_read_hash_or_btree
+++ b/debian/patches/033_dbm_read_hash_or_btree
@@ -1,12 +1,11 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 033_dbm_read_hash_or_btree by Adam Conrad <adconrad at 0c3.net>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: Be more liberal in the sorts of DBM files we accept.
-
- at DPATCH@
---- a/support/dbmmanage.in
-+++ b/support/dbmmanage.in
+Description: Be more liberal in the sorts of DBM files we accept.
+Forwarded: no
+Author: Adam Conrad <adconrad at 0c3.net>
+Last-Update: 2012-02-25
+Index: apache2/support/dbmmanage.in
+===================================================================
+--- apache2.orig/support/dbmmanage.in
++++ apache2/support/dbmmanage.in
@@ -25,7 +25,7 @@
BEGIN { @AnyDBM_File::ISA = qw(DB_File NDBM_File GDBM_File SDBM_File) }
use strict;
diff --git a/debian/patches/034_apxs2_libtool_fixtastic b/debian/patches/034_apxs2_libtool_fixtastic
index 605b015..e103d97 100644
--- a/debian/patches/034_apxs2_libtool_fixtastic
+++ b/debian/patches/034_apxs2_libtool_fixtastic
@@ -1,12 +1,12 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 034_apxs2_libtool_fixtastic by Peter Samuelson <peter at p12n.org>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: Make libtool happier
-
---- a/support/apxs.in
-+++ b/support/apxs.in
-@@ -410,7 +410,7 @@
+Description: Make libtool happier
+Forwarded: no
+Author: Peter Samuelson <peter at p12n.org>
+Last-Update: 2012-02-25
+Index: apache2/support/apxs.in
+===================================================================
+--- apache2.orig/support/apxs.in
++++ apache2/support/apxs.in
+@@ -427,7 +427,7 @@
$la =~ s|\.c$|.la|;
my $o = $s;
$o =~ s|\.c$|.o|;
@@ -15,7 +15,7 @@
unshift(@objs, $lo);
}
-@@ -447,7 +447,7 @@
+@@ -467,7 +467,7 @@
$opt .= " -rpath $CFG_LIBEXECDIR -module -avoid-version $apr_ldflags";
}
diff --git a/debian/patches/038_no_LD_LIBRARY_PATH b/debian/patches/038_no_LD_LIBRARY_PATH
old mode 100755
new mode 100644
index c43c133..9a0f95f
--- a/debian/patches/038_no_LD_LIBRARY_PATH
+++ b/debian/patches/038_no_LD_LIBRARY_PATH
@@ -1,12 +1,11 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 038_no_LD_LIBRARY_PATH by Adam Conrad <adconrad at 0c3.net>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: Remove LD_LIBRARY_PATH from envvars-std
-
- at DPATCH@
---- a/support/envvars-std.in
-+++ b/support/envvars-std.in
+Description: Remove LD_LIBRARY_PATH from envvars-std
+Forwarded: no
+Author: Adam Conrad <adconrad at 0c3.net>
+Last-Update: 2012-02-25
+Index: apache2/support/envvars-std.in
+===================================================================
+--- apache2.orig/support/envvars-std.in
++++ apache2/support/envvars-std.in
@@ -18,7 +18,4 @@
#
# This file is generated from envvars-std.in
diff --git a/debian/patches/058_suexec-CVE-2007-1742 b/debian/patches/058_suexec-CVE-2007-1742
old mode 100755
new mode 100644
index ef660c6..c17d3c7
--- a/debian/patches/058_suexec-CVE-2007-1742
+++ b/debian/patches/058_suexec-CVE-2007-1742
@@ -1,13 +1,13 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: Fix race condition with chdir
-## DP: Fix /var/www* being accepted as docroot instead of /var/www/*
-## DP: (the same for public_html* instead of public_html/* )
-
- at DPATCH@
---- a/support/suexec.c
-+++ b/support/suexec.c
+Description: Fix race condition with chdir
+ Fix /var/www* being accepted as docroot instead of /var/www/*
+ (the same for public_html* instead of public_html/* )
+Author: Stefan Fritsch <sf at debian.org>
+Last-Update: 2012-02-25
+Bug: https://issues.apache.org/bugzilla/show_bug.cgi?id=44752
+Index: apache2/support/suexec.c
+===================================================================
+--- apache2.orig/support/suexec.c
++++ apache2/support/suexec.c
@@ -42,6 +42,7 @@
#if APR_HAVE_UNISTD_H
#include <unistd.h>
@@ -16,7 +16,7 @@
#include <stdio.h>
#include <stdarg.h>
-@@ -264,6 +265,7 @@
+@@ -251,6 +252,7 @@
struct group *gr; /* group entry holder */
struct stat dir_info; /* directory info holder */
struct stat prg_info; /* program info holder */
@@ -24,13 +24,13 @@
/*
* Start with a "clean" environment
-@@ -499,11 +501,16 @@
+@@ -485,11 +487,16 @@
exit(111);
}
+ if ( (cwdh = open(".", O_RDONLY)) == -1 ) {
+ log_err("cannot open current working directory\n");
-+ exit(111);
++ exit(111);
+ }
+
if (userdir) {
@@ -42,7 +42,7 @@
log_err("cannot get docroot information (%s)\n", target_homedir);
exit(112);
}
-@@ -511,12 +518,18 @@
+@@ -497,12 +504,18 @@
else {
if (((chdir(AP_DOC_ROOT)) != 0) ||
((getcwd(dwd, AP_MAXPATH)) == NULL) ||
diff --git a/debian/patches/076_apxs2_a2enmod b/debian/patches/076_apxs2_a2enmod
old mode 100755
new mode 100644
index 2268f28..0ecddd4
--- a/debian/patches/076_apxs2_a2enmod
+++ b/debian/patches/076_apxs2_a2enmod
@@ -1,13 +1,12 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 076_apxs2_a2enmo.dpatch by Stefan Fritsch <sf at debian.org>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: Make apxs2 use a2enmod and /etc/apache2/mods-available
-
- at DPATCH@
---- a/support/apxs.in
-+++ b/support/apxs.in
-@@ -521,7 +521,7 @@
+Description: Make apxs2 use a2enmod and /etc/apache2/mods-available
+Forwarded: not-needed
+Author: Stefan Fritsch <sf at debian.org>
+Last-Update: 2012-02-25
+Index: apache2/support/apxs.in
+===================================================================
+--- apache2.orig/support/apxs.in
++++ apache2/support/apxs.in
+@@ -541,7 +541,7 @@
# $dir =~ s|^$CFG_PREFIX/?||;
$dir =~ s|(.)$|$1/|;
$t =~ s|\.la$|.so|;
@@ -16,7 +15,7 @@
}
# execute the commands
-@@ -529,108 +529,35 @@
+@@ -549,108 +549,35 @@
# activate module via LoadModule/AddModule directive
if ($opt_a or $opt_A) {
@@ -65,7 +64,15 @@
- error('Configuration file is not valid. There are sections'
- . ' closed before opened.');
- exit(1);
-- }
++ my $entry;
++ foreach $entry (@lmd) {
++ my ($name, $lmd) = @{$entry};
++ my $filename = "$CFG_SYSCONFDIR/mods-available/$name.load";
++ if (-f $filename) {
++ my $cmd = "mv $filename $filename.bak~";
++ if (system($cmd) != 0) {
++ die "'$cmd' failed\n";
+ }
- else {
- # put our cmd after the section containing the last
- # LoadModule.
@@ -105,21 +112,7 @@
- . 'sections opened and not closed.');
- exit(1);
- }
-+ my $entry;
-+ foreach $entry (@lmd) {
-+ my ($name, $lmd) = @{$entry};
-+ my $filename = "$CFG_SYSCONFDIR/mods-available/$name.load";
-+ if (-f $filename) {
-+ my $cmd = "mv $filename $filename.bak~";
-+ if (system($cmd) != 0) {
-+ die "'$cmd' failed\n";
- }
-- } else {
-- # replace already existing LoadModule line
-- $content =~ s|^(.*\n)#?\s*$lmd_re[^\n]*\n|$1$c$lmd\n|s;
- }
-- $lmd =~ m|LoadModule\s+(.+?)_module.*|;
-- notice("[$what module `$1' in $CFG_SYSCONFDIR/httpd.conf]");
++ }
+
+ notice("[preparing module `$name' in $filename]");
+ open(FP, ">$filename") || die;
@@ -130,8 +123,13 @@
+ my $cmd = "a2enmod $name";
+ if (system($cmd) != 0) {
+ die "'$cmd' failed\n";
-+ }
-+ }
+ }
+- } else {
+- # replace already existing LoadModule line
+- $content =~ s|^(.*\n)#?\s*$lmd_re[^\n]*\n|$1$c$lmd\n|s;
+ }
+- $lmd =~ m|LoadModule\s+(.+?)_module.*|;
+- notice("[$what module `$1' in $CFG_SYSCONFDIR/httpd.conf]");
+
}
- if (@lmd) {
diff --git a/debian/patches/201_build_suexec-custom b/debian/patches/201_build_suexec-custom
index 1c94adb..351fe23 100644
--- a/debian/patches/201_build_suexec-custom
+++ b/debian/patches/201_build_suexec-custom
@@ -1,12 +1,11 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 201_make_suexec-custom.dpatch by Stefan Fritsch <sf at debian.org>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: add suexec-custom to the build system
-
- at DPATCH@
---- a/Makefile.in
-+++ b/Makefile.in
+Description: add suexec-custom to the build system
+Forwarded: not-needed
+Author: Stefan Fritsch <sf at debian.org>
+Last-Update: 2012-02-25
+Index: apache2/Makefile.in
+===================================================================
+--- apache2.orig/Makefile.in
++++ apache2/Makefile.in
@@ -237,14 +237,16 @@
fi
@@ -28,8 +27,10 @@
x-local-distclean:
@rm -rf autom4te.cache
---- a/support/Makefile.in
-+++ b/support/Makefile.in
+Index: apache2/support/Makefile.in
+===================================================================
+--- apache2.orig/support/Makefile.in
++++ apache2/support/Makefile.in
@@ -1,7 +1,7 @@
DISTCLEAN_TARGETS = apxs apachectl dbmmanage log_server_status \
logresolve.pl phf_abuse_log.cgi split-logfile envvars-std
diff --git a/debian/patches/202_suexec-custom b/debian/patches/202_suexec-custom
index 98916b8..154b0a7 100644
--- a/debian/patches/202_suexec-custom
+++ b/debian/patches/202_suexec-custom
@@ -1,12 +1,11 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 202_suexec-custom.dpatch by Stefan Fritsch <sf at debian.org>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: the actual patch to make suexec-custom read a config file
-
- at DPATCH@
---- a/support/suexec-custom.c
-+++ b/support/suexec-custom.c
+Description: the actual patch to make suexec-custom read a config file
+Forwarded: not-needed
+Author: Stefan Fritsch <sf at debian.org>
+Last-Update: 2012-02-25
+Index: apache2/support/suexec-custom.c
+===================================================================
+--- apache2.orig/support/suexec-custom.c
++++ apache2/support/suexec-custom.c
@@ -29,6 +29,7 @@
*
*
@@ -23,7 +22,7 @@
#if APR_HAVE_UNISTD_H
#include <unistd.h>
#endif
-@@ -190,6 +192,26 @@
+@@ -191,6 +193,26 @@
return;
}
@@ -50,25 +49,26 @@
static void clean_env(void)
{
char pathbuf[512];
-@@ -251,6 +273,10 @@
- struct group *gr; /* group entry holder */
+@@ -253,6 +275,11 @@
struct stat dir_info; /* directory info holder */
struct stat prg_info; /* program info holder */
+ int cwdh; /* handle to cwd */
+ char *suexec_docroot = NULL;
+ char *suexec_userdir_suffix = NULL;
+ char *filename = NULL;
+ FILE *configfile;
++
/*
* Start with a "clean" environment
-@@ -280,15 +306,10 @@
+@@ -282,15 +309,10 @@
|| (! strcmp(AP_HTTPD_USER, pw->pw_name)))
#endif /* _OSD_POSIX */
) {
-#ifdef AP_DOC_ROOT
- fprintf(stderr, " -D AP_DOC_ROOT=\"%s\"\n", AP_DOC_ROOT);
-#endif
-+ fprintf(stderr, " -D SUEXEC_CONFIG_DIR=%s\n", SUEXEC_CONFIG_DIR);
++ fprintf(stderr, " -D SUEXEC_CONFIG_DIR=%s\n", SUEXEC_CONFIG_DIR);
#ifdef AP_GID_MIN
fprintf(stderr, " -D AP_GID_MIN=%d\n", AP_GID_MIN);
#endif
@@ -78,7 +78,7 @@
#ifdef AP_LOG_EXEC
fprintf(stderr, " -D AP_LOG_EXEC=\"%s\"\n", AP_LOG_EXEC);
#endif
-@@ -301,9 +322,6 @@
+@@ -303,9 +325,6 @@
#ifdef AP_UID_MIN
fprintf(stderr, " -D AP_UID_MIN=%d\n", AP_UID_MIN);
#endif
@@ -88,7 +88,7 @@
exit(0);
}
/*
-@@ -318,23 +336,6 @@
+@@ -320,23 +339,6 @@
target_gname = argv[2];
cmd = argv[3];
@@ -112,7 +112,7 @@
/*
* Check for a leading '/' (absolute path) in the command to be executed,
-@@ -359,6 +360,63 @@
+@@ -361,6 +363,63 @@
}
/*
@@ -126,7 +126,7 @@
+ suexec_userdir_suffix = malloc(AP_MAXPATH+1);
+ if (!filename || !suexec_docroot || !suexec_userdir_suffix) {
+ log_err("malloc failed\n");
-+ exit(120);
++ exit(120);
+ }
+
+ strncpy(filename, SUEXEC_CONFIG_DIR, AP_MAXPATH);
@@ -135,66 +135,62 @@
+
+ configfile = fopen(filename, "r");
+ if (!configfile) {
-+ log_err("User %s not allowed: Could not open config file %s\n", pw->pw_name, filename);
-+ exit(123);
++ log_err("User %s not allowed: Could not open config file %s\n", pw->pw_name, filename);
++ exit(123);
+ }
+
+ if (!read_line(suexec_docroot, configfile)) {
-+ log_err("Could not read docroot from %s\n", filename);
-+ exit(124);
++ log_err("Could not read docroot from %s\n", filename);
++ exit(124);
+ }
+
+ if (!read_line(suexec_userdir_suffix, configfile)) {
-+ log_err("Could not read userdir suffix from %s\n", filename);
-+ exit(125);
++ log_err("Could not read userdir suffix from %s\n", filename);
++ exit(125);
+ }
+
+ fclose(configfile);
+
+ if (userdir) {
+ if ( !isalnum(*suexec_userdir_suffix) && suexec_userdir_suffix[0] != '.') {
-+ log_err("userdir suffix disabled in %s\n", filename);
-+ exit(126);
-+ }
++ log_err("userdir suffix disabled in %s\n", filename);
++ exit(126);
++ }
+ }
+ else {
-+ if (suexec_docroot[0] != '/') {
-+ log_err("docroot disabled in %s\n", filename);
-+ exit(127);
-+ }
++ if (suexec_docroot[0] != '/') {
++ log_err("docroot disabled in %s\n", filename);
++ exit(127);
++ }
+
-+ if (suexec_docroot[1] == '/' ||
-+ suexec_docroot[1] == '.' ||
-+ suexec_docroot[1] == '\0' )
-+ {
-+ log_err("invalid docroot %s in %s\n", suexec_docroot, filename);
-+ exit(128);
-+ }
++ if (suexec_docroot[1] == '/' ||
++ suexec_docroot[1] == '.' ||
++ suexec_docroot[1] == '\0' )
++ {
++ log_err("invalid docroot %s in %s\n", suexec_docroot, filename);
++ exit(128);
++ }
+ }
-+
++
+ /*
* Error out if the target username is invalid.
*/
if (strspn(target_uname, "1234567890") != strlen(target_uname)) {
-@@ -487,7 +545,7 @@
+@@ -494,7 +553,7 @@
if (userdir) {
if (((chdir(target_homedir)) != 0) ||
- ((chdir(AP_USERDIR_SUFFIX)) != 0) ||
+ ((chdir(suexec_userdir_suffix)) != 0) ||
((getcwd(dwd, AP_MAXPATH)) == NULL) ||
- ((chdir(cwd)) != 0)) {
+ ((fchdir(cwdh)) != 0)) {
log_err("cannot get docroot information (%s)\n", target_homedir);
-@@ -495,10 +553,10 @@
+@@ -502,7 +561,7 @@
}
}
else {
- if (((chdir(AP_DOC_ROOT)) != 0) ||
+ if (((chdir(suexec_docroot)) != 0) ||
((getcwd(dwd, AP_MAXPATH)) == NULL) ||
- ((chdir(cwd)) != 0)) {
-- log_err("cannot get docroot information (%s)\n", AP_DOC_ROOT);
-+ log_err("cannot get docroot information (%s)\n", suexec_docroot);
- exit(113);
- }
- }
+ ((fchdir(cwdh)) != 0)) {
+ log_err("cannot get docroot information (%s)\n", AP_DOC_ROOT);
diff --git a/debian/patches/series b/debian/patches/series
index 5f7b7a3..e76ac37 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,13 +1,12 @@
-#008_make_include_safe
+#008_make_include_safe # Probably to be droped in 2.4
010_fhs_compliance
-#031_apxs2_sucks_more
-#032_suexec_is_shared
-#033_dbm_read_hash_or_btree
-#034_apxs2_libtool_fixtastic
-#038_no_LD_LIBRARY_PATH
-#058_suexec-CVE-2007-1742
-#076_apxs2_a2enmod
-#099_config_guess_sub_update
+031_apxs2_sucks_more
+#032_suexec_is_shared # Probably not needed in 2.4
+033_dbm_read_hash_or_btree
+034_apxs2_libtool_fixtastic
+038_no_LD_LIBRARY_PATH
+058_suexec-CVE-2007-1742
+076_apxs2_a2enmod
201_build_suexec-custom
# The patch below must not be applied by quilt at extraction time. It depends
# on some script-fu to be executed before. Have a look
--
Debian packaging for apache2 (Apache HTTPD 2.x)
More information about the Pkg-apache-commits
mailing list