summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--network/thttpd/patches/2.25b/additional-input-validation-httpd.c.diff (renamed from network/thttpd/patches/additional-input-validation-httpd.c.diff)0
-rw-r--r--network/thttpd/patches/2.25b/fix-buffer-overflow.diff (renamed from network/thttpd/patches/fix-buffer-overflow.diff)0
-rw-r--r--network/thttpd/patches/2.25b/fix-insecure-tmp-creation-CVE-2005-3124.diff (renamed from network/thttpd/patches/fix-insecure-tmp-creation-CVE-2005-3124.diff)0
-rw-r--r--network/thttpd/patches/2.25b/thttpd-2.25b-fix-illegal-path-info.patch (renamed from network/thttpd/patches/thttpd-2.25b-fix-illegal-path-info.patch)0
-rw-r--r--network/thttpd/patches/2.25b/thttpd-2.25b-monolithic-timer.patch (renamed from network/thttpd/patches/thttpd-2.25b-monolithic-timer.patch)0
-rw-r--r--network/thttpd/patches/2.25b/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch (renamed from network/thttpd/patches/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch)0
-rw-r--r--network/thttpd/patches/2.25b/thttpd-2.25b-use-Status-header.patch (renamed from network/thttpd/patches/thttpd-2.25b-use-Status-header.patch)0
-rw-r--r--network/thttpd/patches/2.25b/thttpd-2.25b-use-X-Forwarded-For-header.patch (renamed from network/thttpd/patches/thttpd-2.25b-use-X-Forwarded-For-header.patch)0
-rw-r--r--network/thttpd/patches/crypt.patch24
-rw-r--r--network/thttpd/patches/discreet.patch37
-rw-r--r--network/thttpd/patches/fix-world-readable-log.patch59
-rw-r--r--network/thttpd/patches/forwarded-for.patch16
-rw-r--r--network/thttpd/patches/thttpd-2.25b-glibc-2.10.patch21
-rw-r--r--network/thttpd/thttpd.SlackBuild35
-rw-r--r--network/thttpd/thttpd.conf4
-rw-r--r--network/thttpd/thttpd.info6
16 files changed, 165 insertions, 37 deletions
diff --git a/network/thttpd/patches/additional-input-validation-httpd.c.diff b/network/thttpd/patches/2.25b/additional-input-validation-httpd.c.diff
index 04f59eac8e..04f59eac8e 100644
--- a/network/thttpd/patches/additional-input-validation-httpd.c.diff
+++ b/network/thttpd/patches/2.25b/additional-input-validation-httpd.c.diff
diff --git a/network/thttpd/patches/fix-buffer-overflow.diff b/network/thttpd/patches/2.25b/fix-buffer-overflow.diff
index cacd732148..cacd732148 100644
--- a/network/thttpd/patches/fix-buffer-overflow.diff
+++ b/network/thttpd/patches/2.25b/fix-buffer-overflow.diff
diff --git a/network/thttpd/patches/fix-insecure-tmp-creation-CVE-2005-3124.diff b/network/thttpd/patches/2.25b/fix-insecure-tmp-creation-CVE-2005-3124.diff
index c41ec46b97..c41ec46b97 100644
--- a/network/thttpd/patches/fix-insecure-tmp-creation-CVE-2005-3124.diff
+++ b/network/thttpd/patches/2.25b/fix-insecure-tmp-creation-CVE-2005-3124.diff
diff --git a/network/thttpd/patches/thttpd-2.25b-fix-illegal-path-info.patch b/network/thttpd/patches/2.25b/thttpd-2.25b-fix-illegal-path-info.patch
index d1688f1446..d1688f1446 100644
--- a/network/thttpd/patches/thttpd-2.25b-fix-illegal-path-info.patch
+++ b/network/thttpd/patches/2.25b/thttpd-2.25b-fix-illegal-path-info.patch
diff --git a/network/thttpd/patches/thttpd-2.25b-monolithic-timer.patch b/network/thttpd/patches/2.25b/thttpd-2.25b-monolithic-timer.patch
index 9ff38aec45..9ff38aec45 100644
--- a/network/thttpd/patches/thttpd-2.25b-monolithic-timer.patch
+++ b/network/thttpd/patches/2.25b/thttpd-2.25b-monolithic-timer.patch
diff --git a/network/thttpd/patches/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch b/network/thttpd/patches/2.25b/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch
index ce915c706b..ce915c706b 100644
--- a/network/thttpd/patches/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch
+++ b/network/thttpd/patches/2.25b/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch
diff --git a/network/thttpd/patches/thttpd-2.25b-use-Status-header.patch b/network/thttpd/patches/2.25b/thttpd-2.25b-use-Status-header.patch
index 6aaae5a5d9..6aaae5a5d9 100644
--- a/network/thttpd/patches/thttpd-2.25b-use-Status-header.patch
+++ b/network/thttpd/patches/2.25b/thttpd-2.25b-use-Status-header.patch
diff --git a/network/thttpd/patches/thttpd-2.25b-use-X-Forwarded-For-header.patch b/network/thttpd/patches/2.25b/thttpd-2.25b-use-X-Forwarded-For-header.patch
index 0fec25ef7c..0fec25ef7c 100644
--- a/network/thttpd/patches/thttpd-2.25b-use-X-Forwarded-For-header.patch
+++ b/network/thttpd/patches/2.25b/thttpd-2.25b-use-X-Forwarded-For-header.patch
diff --git a/network/thttpd/patches/crypt.patch b/network/thttpd/patches/crypt.patch
new file mode 100644
index 0000000000..982e6780fc
--- /dev/null
+++ b/network/thttpd/patches/crypt.patch
@@ -0,0 +1,24 @@
+diff -Naur old/extras/htpasswd.c new/extras/htpasswd.c
+--- old/extras/htpasswd.c 2014-10-19 10:28:39.782856897 -1000
++++ new/extras/htpasswd.c 2014-10-19 10:29:12.842911168 -1000
+@@ -8,6 +8,8 @@
+ ** if stdin is a pipe or file. This is necessary for use from CGI.
+ */
+
++#define _XOPEN_SOURCE
++
+ #include <sys/types.h>
+ #include <stdio.h>
+ #include <string.h>
+diff -Naur old/libhttpd.c new/libhttpd.c
+--- old/libhttpd.c 2014-10-19 10:28:39.782856897 -1000
++++ new/libhttpd.c 2014-10-19 10:29:01.679559501 -1000
+@@ -39,6 +39,8 @@
+ #include <sys/param.h>
+ #include <sys/stat.h>
+
++#define __USE_XOPEN
++
+ #include <ctype.h>
+ #include <errno.h>
+ #include <fcntl.h>
diff --git a/network/thttpd/patches/discreet.patch b/network/thttpd/patches/discreet.patch
new file mode 100644
index 0000000000..14c84e0f00
--- /dev/null
+++ b/network/thttpd/patches/discreet.patch
@@ -0,0 +1,37 @@
+diff -Naur old/libhttpd.c new/libhttpd.c
+--- old/libhttpd.c 2014-08-15 11:32:31.040595413 +0900
++++ new/libhttpd.c 2014-08-15 11:34:57.690595931 +0900
+@@ -754,7 +754,7 @@
+ <title>%d %s</title>\n\
+ </head>\n\
+ \n\
+- <body bgcolor=\"#cc9999\" text=\"#000000\" link=\"#2020ff\" vlink=\"#4040cc\">\n\
++ <body>\n\
+ \n\
+ <h2>%d %s</h2>\n",
+ status, title, status, title );
+@@ -780,14 +780,9 @@
+ char buf[1000];
+
+ (void) my_snprintf( buf, sizeof(buf), "\
+- <hr>\n\
+-\n\
+- <address><a href=\"%s\">%s</a></address>\n\
+-\n\
+ </body>\n\
+ \n\
+-</html>\n",
+- SERVER_ADDRESS, EXPOSED_SERVER_SOFTWARE );
++</html>\n" );
+ add_response( hc, buf );
+ }
+
+@@ -2798,7 +2793,7 @@
+ <title>Index of %.80s</title>\n\
+ </head>\n\
+ \n\
+- <body bgcolor=\"#99cc99\" text=\"#000000\" link=\"#2020ff\" vlink=\"#4040cc\">\n\
++ <body>\n\
+ \n\
+ <h2>Index of %.80s</h2>\n\
+ \n\
diff --git a/network/thttpd/patches/fix-world-readable-log.patch b/network/thttpd/patches/fix-world-readable-log.patch
new file mode 100644
index 0000000000..40b06203d2
--- /dev/null
+++ b/network/thttpd/patches/fix-world-readable-log.patch
@@ -0,0 +1,59 @@
+From d2e186dbd58d274a0dea9b59357edc8498b5388d Mon Sep 17 00:00:00 2001
+From: "Anthony G. Basile" <blueness@gentoo.org>
+Date: Tue, 26 Feb 2013 14:28:26 -0500
+Subject: [PATCH] src/thttpd.c: Fix world readable log, CVE-2013-0348.
+
+Make sure that the logfile is created or reopened as read/write
+by thttpd user only.
+
+X-gentoo-Bug: 458896
+X-gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=458896
+Reported-by: Agostino Sarubbo <ago@gentoo.org>
+Signed-off-by: Anthony G. Basile <basile@opensource.dyc.edu>
+---
+ thttpd.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/thttpd.c b/thttpd.c
+index 019b8c0..f33a7a7 100644
+--- a/thttpd.c
++++ b/thttpd.c
+@@ -326,6 +326,7 @@ static void
+ re_open_logfile( void )
+ {
+ FILE* logfp;
++ int retchmod;
+
+ if ( no_log || hs == (httpd_server*) 0 )
+ return;
+@@ -335,7 +336,8 @@ re_open_logfile( void )
+ {
+ syslog( LOG_NOTICE, "re-opening logfile" );
+ logfp = fopen( logfile, "a" );
+- if ( logfp == (FILE*) 0 )
++ retchmod = chmod( logfile, S_IRUSR|S_IWUSR );
++ if ( logfp == (FILE*) 0 || retchmod != 0 )
+ {
+ syslog( LOG_CRIT, "re-opening %.80s - %m", logfile );
+ return;
+@@ -355,6 +357,7 @@ main( int argc, char** argv )
+ gid_t gid = 32767;
+ char cwd[MAXPATHLEN+1];
+ FILE* logfp;
++ int retchmod;
+ int num_ready;
+ int cnum;
+ connecttab* c;
+@@ -424,7 +427,8 @@ main( int argc, char** argv )
+ else
+ {
+ logfp = fopen( logfile, "a" );
+- if ( logfp == (FILE*) 0 )
++ retchmod = chmod( logfile, S_IRUSR|S_IWUSR );
++ if ( logfp == (FILE*) 0 || retchmod != 0 )
+ {
+ syslog( LOG_CRIT, "%.80s - %m", logfile );
+ perror( logfile );
+--
+1.7.12.4
+
diff --git a/network/thttpd/patches/forwarded-for.patch b/network/thttpd/patches/forwarded-for.patch
new file mode 100644
index 0000000000..348eb00cf2
--- /dev/null
+++ b/network/thttpd/patches/forwarded-for.patch
@@ -0,0 +1,16 @@
+diff -Naur old/libhttpd.c new/libhttpd.c
+--- old/libhttpd.c 2005-06-30 03:50:39.000000000 +1000
++++ new/libhttpd.c 2012-10-24 12:12:17.144560917 +1100
+@@ -2207,6 +2207,12 @@
+ if ( strcasecmp( cp, "keep-alive" ) == 0 )
+ hc->keep_alive = 1;
+ }
++ else if ( strncasecmp( buf, "X-Forwarded-For:", 16 ) == 0 )
++ {
++ cp = &buf[16];
++ cp += strspn( cp, " \t" );
++ inet_aton( cp, &(hc->client_addr.sa_in.sin_addr) );
++ }
+ #ifdef LOG_UNKNOWN_HEADERS
+ else if ( strncasecmp( buf, "Accept-Charset:", 15 ) == 0 ||
+ strncasecmp( buf, "Accept-Language:", 16 ) == 0 ||
diff --git a/network/thttpd/patches/thttpd-2.25b-glibc-2.10.patch b/network/thttpd/patches/thttpd-2.25b-glibc-2.10.patch
deleted file mode 100644
index c97227827e..0000000000
--- a/network/thttpd/patches/thttpd-2.25b-glibc-2.10.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-diff -ur thttpd-2.25b.orig/extras/htpasswd.c thttpd-2.25b/extras/htpasswd.c
---- thttpd-2.25b.orig/extras/htpasswd.c 2001-12-19 02:08:08.000000000 +0200
-+++ thttpd-2.25b/extras/htpasswd.c 2009-08-09 16:40:06.000000000 +0300
-@@ -49,7 +49,7 @@
- while((line[y++] = line[x++]));
- }
-
--static int getline(char *s, int n, FILE *f) {
-+static int get_line(char *s, int n, FILE *f) {
- register int i=0;
-
- while(1) {
-@@ -189,7 +189,7 @@
- strcpy(user,argv[2]);
-
- found = 0;
-- while(!(getline(line,MAX_STRING_LEN,f))) {
-+ while(!(get_line(line,MAX_STRING_LEN,f))) {
- if(found || (line[0] == '#') || (!line[0])) {
- putline(tfp,line);
- continue;
diff --git a/network/thttpd/thttpd.SlackBuild b/network/thttpd/thttpd.SlackBuild
index 9dacbc418b..b12a904b10 100644
--- a/network/thttpd/thttpd.SlackBuild
+++ b/network/thttpd/thttpd.SlackBuild
@@ -24,7 +24,7 @@
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
PRGNAM=thttpd
-VERSION=${VERSION:-2.25b}
+VERSION=${VERSION:-2.26}
BUILD=${BUILD:-1}
TAG=${TAG:-_SBo}
@@ -83,13 +83,13 @@ tar xvf $CWD/$PRGNAM-$VERSION.tar.gz
cd $PRGNAM-$VERSION
chown -R root:root .
find -L . \
- \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 -o -perm 511 \) \
- -exec chmod 755 {} \; -o \
- \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
- -exec chmod 644 {} \;
+ \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
+ -o -perm 511 \) -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
+ -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
-# Apply some patches, from gentoo:
-for i in $CWD/patches/*.diff $CWD/patches/*.patch
+# Apply some patches, from arch/gentoo:
+for i in $CWD/patches/*.patch
do
echo
echo "Appling patch $i ..."
@@ -97,6 +97,15 @@ do
done
echo
+# Fix CFLAGS detection
+sed -i \
+ -e 's/^CFLAGS =/CFLAGS +=/' \
+ -e '/^STATICFLAG =/c STATICFLAG =' \
+ Makefile* extras/Makefile* cgi-src/Makefile*
+
+# Fix --build value detection in ./configure
+libtoolize --force --copy --install
+
CFLAGS="$SLKCFLAGS" \
CXXFLAGS="$SLKCFLAGS" \
./configure \
@@ -118,19 +127,23 @@ sed -i \
# Change the group to 'thttpd', rather than 'www'
sed -i '/WEBGROUP =/ s/www/'$PRGNAM'/' Makefile* extras/Makefile* cgi-src/Makefile*
-## Use this line ONLY if you are going to build thttpd as a normal user.
-##sed -i '/WEBGROUP =/ s/www/'$(/bin/id -ng)'/' Makefile* extras/Makefile* cgi-src/Makefile*
+### Use the next line ONLY if you are going to build thttpd as a normal user.
+### sed -i '/WEBGROUP =/ s/'$PRGNAM'/'$(/bin/id -ng)'/' Makefile* extras/Makefile* cgi-src/Makefile*
# Disable the use of bin as owner user and group.
sed -i 's/-o bin -g bin//' Makefile* extras/Makefile* cgi-src/Makefile*
# Create required directories
-mkdir -p $PKG/etc/rc.d $PKG/usr/man/man1 $PKG/etc/logrotate.d $PKG/var/log/$PRGNAM
+mkdir -p $PKG/etc/rc.d $PKG/usr/man/man1 $PKG/etc/logrotate.d \
+ $PKG/var/log/$PRGNAM $PKG/var/run/$PRGNAM
+chown $PRGNAM:$PRGNAM $PKG/var/log/$PRGNAM $PKG/var/run/$PRGNAM
+CFLAGS="$SLKCFLAGS" \
+CXXFLAGS="$SLKCFLAGS" \
make
make install DESTDIR=$PKG
-find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
+find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
# Install default html file.
diff --git a/network/thttpd/thttpd.conf b/network/thttpd/thttpd.conf
index 22b9a9bb27..50d1c00b0f 100644
--- a/network/thttpd/thttpd.conf
+++ b/network/thttpd/thttpd.conf
@@ -5,5 +5,5 @@ host=localhost
port=80
user=thttpd
dir=/var/www/thttpd
-logfile=/var/log/thttpd.log
-pidfile=/var/run/thttpd.pid
+logfile=/var/log/thttpd/thttpd.log
+pidfile=/var/run/thttpd/thttpd.pid
diff --git a/network/thttpd/thttpd.info b/network/thttpd/thttpd.info
index 2950f32a0e..415059ef22 100644
--- a/network/thttpd/thttpd.info
+++ b/network/thttpd/thttpd.info
@@ -1,8 +1,8 @@
PRGNAM="thttpd"
-VERSION="2.25b"
+VERSION="2.26"
HOMEPAGE="http://acme.com/software/thttpd/"
-DOWNLOAD="http://acme.com/software/thttpd/thttpd-2.25b.tar.gz"
-MD5SUM="156b249b3b0bcd48b06badd2db0d56c5"
+DOWNLOAD="http://acme.com/software/thttpd/thttpd-2.26.tar.gz"
+MD5SUM="7b9235cad40faf7dd08ad923529c61b2"
DOWNLOAD_x86_64=""
MD5SUM_x86_64=""
REQUIRES=""