thttpd: glibc 2.10 fix (getline redef)

10 files changed, 305 insertions, 0 deletions

diff --git a/www-servers/thttpd/Manifest b/www-servers/thttpd/Manifest
new file mode 100644
index 00000000..cfeec09b
--- /dev/null
+++ b/www-servers/thttpd/Manifest
@@ -0,0 +1,10 @@
+AUX thttpd-2.25/additional-input-validation-httpd.c.diff 2249 RMD160 ad101512e54d1c154dc039d616067456e0130a7e SHA1 88eebce793c19d16a7a394b6142f412d92e511a2 SHA256 28fb9fa693a636df82627701df1e777bc28ffcefe90132391cbed1dc901ce51c
+AUX thttpd-2.25/fix-buffer-overflow.diff 947 RMD160 30b80b19e792e0dce3eb238f664501a61bc5a3a7 SHA1 645316b836c731dc0385cfa7851c4dea8edc530c SHA256 3ef0b098398b052eb37711d1a0eb2f0cff556f606c3427d1d0529042368ce1ad
+AUX thttpd-2.25/fix-insecure-tmp-creation-CVE-2005-3124.diff 724 RMD160 45ebedb4c9786d09285e976a16f0b1d8b8f11a59 SHA1 7757351b3e7f4c98f99c14067021f38d33bee045 SHA256 1d8b5295d8240603d47f32825d7d4c3e954d0e951e61af3d7de53776ab6753f8
+AUX thttpd-2.25/thttpd.conf.sample 672 RMD160 fd44c3f0c094b06aa6a18ff2b360e4cf9174ffc5 SHA1 2bd69756e0c17fe5e79a4eb76486d300defbd671 SHA256 36c778f749a1277569c72b23f9c4e25b80e10c7c74a43f493c99648ec8e5b787
+AUX thttpd-2.25/thttpd.confd 1152 RMD160 78503da6afa0bae20ecace503a3f5f8b7532c4ee SHA1 8599769e121d620eea18b27d51ce3d85414ee75d SHA256 cb723bdc62b339a20c238989d45d26bfcd79fa3a8d31e9bd666fdef979c31c54
+AUX thttpd-2.25/thttpd.init 745 RMD160 cb2eda2714728f8cee568b83013f3b5bb70974e7 SHA1 83fdd54a3ac959dc5c6a066a181a41c1d898ed9c SHA256 5e4512079ef620a442833a3ff05c0c4ac2856c6c65cc13da8191bd67d0b1b5da
+AUX thttpd-getline.diff 600 RMD160 f8b1a1407c8371bfaafb0af104bc0f3104db9db0 SHA1 c8cf581642db84095c35df716b896f34dbca4917 SHA256 772092f58b93524571eb87a82906d25b5fb32c9040ea328d83aab4a5740927be
+AUX thttpd.logrotate 197 RMD160 28c782571b226e49680a80bcbe5313ccc2a92d5c SHA1 384127ca1725a08fcfcd08de46a200c53966c24e SHA256 0399d9fdc31a5555307d33c4744b21271e9d7d4d6ded78573fb9b2210f593bc6
+DIST thttpd-2.25b.tar.gz 132363 RMD160 15020e8d04d27b30c4da3104387a281e35d58025 SHA1 51bc25ef035d7557c869a02ce353580a1cadfa2c SHA256 4ceaa30ef55702d5cfdffdccd3a2dee8d3090e852c18c7ce8d17d692ad0bf024
+EBUILD thttpd-2.25b-r7.ebuild 1573 RMD160 b9206ef010bd96281ce0b2e00c83e131ab431dcd SHA1 80f43f83abb9a831cec7ccee948c1ce6b8882d78 SHA256 b7148c079ea0337ae6783afdf28c379333441343be9fd7a6511b13043553dee6
diff --git a/www-servers/thttpd/files/thttpd-2.25/additional-input-validation-httpd.c.diff b/www-servers/thttpd/files/thttpd-2.25/additional-input-validation-httpd.c.diff
new file mode 100644
index 00000000..04f59eac
--- /dev/null
+++ b/www-servers/thttpd/files/thttpd-2.25/additional-input-validation-httpd.c.diff
@@ -0,0 +1,62 @@
+--- thttpd-2.25b/extras/htpasswd.c.orig	2006-03-31 04:12:42.281317000 +0000
++++ thttpd-2.25b/extras/htpasswd.c	2006-03-31 05:21:37.741632392 +0000
+@@ -151,6 +151,7 @@ void interrupted(int signo) {
+ int main(int argc, char *argv[]) {
+     FILE *tfp,*f;
+     char user[MAX_STRING_LEN];
++    char pwfilename[MAX_STRING_LEN];
+     char line[MAX_STRING_LEN];
+     char l[MAX_STRING_LEN];
+     char w[MAX_STRING_LEN];
+@@ -168,6 +169,25 @@ int main(int argc, char *argv[]) {
+             perror("fopen");
+             exit(1);
+         }
++        if (strlen(argv[2]) > (sizeof(pwfilename) - 1)) {
++            fprintf(stderr, "%s: filename is too long\n", argv[0]);
++	    exit(1);
++        }
++        if (((strchr(argv[2], ';')) != NULL) || ((strchr(argv[2], '>')) != NULL)) {
++	    fprintf(stderr, "%s: filename contains an illegal character\n",
++		argv[0]);
++	    exit(1);
++        }
++        if (strlen(argv[3]) > (sizeof(user) - 1)) {
++	    fprintf(stderr, "%s: username is too long\n", argv[0],
++		sizeof(user) - 1);
++	    exit(1);
++        }
++        if ((strchr(argv[3], ':')) != NULL) {
++            fprintf(stderr, "%s: username contains an illegal character\n",
++                argv[0]);
++            exit(1);
++        }
+         printf("Adding password for %s.\n",argv[3]);
+         add_password(argv[3],tfp);
+         fclose(tfp);
+@@ -180,6 +200,25 @@ int main(int argc, char *argv[]) {
+         exit(1);
+     }
+ 
++    if (strlen(argv[1]) > (sizeof(pwfilename) - 1)) {
++        fprintf(stderr, "%s: filename is too long\n", argv[0]);
++        exit(1);
++    }
++    if (((strchr(argv[1], ';')) != NULL) || ((strchr(argv[1], '>')) != NULL)) {
++        fprintf(stderr, "%s: filename contains an illegal character\n",
++                argv[0]);
++        exit(1);
++    }
++    if (strlen(argv[2]) > (sizeof(user) - 1)) {
++        fprintf(stderr, "%s: username is too long\n", argv[0],
++                sizeof(user) - 1);
++        exit(1);
++    }
++    if ((strchr(argv[2], ':')) != NULL) {
++        fprintf(stderr, "%s: username contains an illegal character\n",
++                argv[0]);
++        exit(1);
++    }
+     if(!(f = fopen(argv[1],"r"))) {
+         fprintf(stderr,
+                 "Could not open passwd file %s for reading.\n",argv[1]);
diff --git a/www-servers/thttpd/files/thttpd-2.25/fix-buffer-overflow.diff b/www-servers/thttpd/files/thttpd-2.25/fix-buffer-overflow.diff
new file mode 100644
index 00000000..cacd7321
--- /dev/null
+++ b/www-servers/thttpd/files/thttpd-2.25/fix-buffer-overflow.diff
@@ -0,0 +1,21 @@
+diff -Nrup thttpd-2.25b.orig/libhttpd.c thttpd-2.25b/libhttpd.c
+--- thttpd-2.25b.orig/libhttpd.c	2003-12-25 19:06:05.000000000 +0000
++++ thttpd-2.25b/libhttpd.c	2007-01-08 21:43:28.000000000 +0000
+@@ -1469,7 +1469,7 @@ expand_symlinks( char* path, char** rest
+ 	    httpd_realloc_str( &checked, &maxchecked, checkedlen );
+ 	    (void) strcpy( checked, path );
+ 	    /* Trim trailing slashes. */
+-	    while ( checked[checkedlen - 1] == '/' )
++	    while ( checkedlen && checked[checkedlen - 1] == '/' )
+ 		{
+ 		checked[checkedlen - 1] = '\0';
+ 		--checkedlen;
+@@ -1488,7 +1488,7 @@ expand_symlinks( char* path, char** rest
+     restlen = strlen( path );
+     httpd_realloc_str( &rest, &maxrest, restlen );
+     (void) strcpy( rest, path );
+-    if ( rest[restlen - 1] == '/' )
++    if ( restlen && rest[restlen - 1] == '/' )
+ 	rest[--restlen] = '\0';         /* trim trailing slash */
+     if ( ! tildemapped )
+ 	/* Remove any leading slashes. */
diff --git a/www-servers/thttpd/files/thttpd-2.25/fix-insecure-tmp-creation-CVE-2005-3124.diff b/www-servers/thttpd/files/thttpd-2.25/fix-insecure-tmp-creation-CVE-2005-3124.diff
new file mode 100644
index 00000000..c41ec46b
--- /dev/null
+++ b/www-servers/thttpd/files/thttpd-2.25/fix-insecure-tmp-creation-CVE-2005-3124.diff
@@ -0,0 +1,19 @@
+diff -ru thttpd-2.23beta1.orig/extras/syslogtocern thttpd-2.23beta1/extras/syslogtocern
+--- thttpd-2.23beta1.orig/extras/syslogtocern	1999-09-15 18:00:54.000000000 +0200
++++ thttpd-2.23beta1/extras/syslogtocern	2005-10-26 01:45:34.000000000 +0200
+@@ -31,8 +31,8 @@
+     exit 1
+ fi
+ 
+-tmp1=/tmp/stc1.$$
+-rm -f $tmp1
++tmp1=``mktemp -t stc1.XXXXXX` || { echo "$0: Cannot create temporary file" >&2; exit 1;  }
++trap " [ -f \"$tmp1\" ] && /bin/rm -f -- \"$tmp1\"" 0 1 2 3 13 15
+ 
+ # Gather up all the thttpd entries.
+ egrep ' thttpd\[' $* > $tmp1
+@@ -65,4 +65,3 @@
+   sed -e "s,\([A-Z][a-z][a-z] [0-9 ][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]\) [^ ]* thttpd\[[0-9]*\]: \(.*\),[\1 ${year}] \2," > error_log
+ 
+ # Done.
+-rm -f $tmp1
diff --git a/www-servers/thttpd/files/thttpd-2.25/thttpd.conf.sample b/www-servers/thttpd/files/thttpd-2.25/thttpd.conf.sample
new file mode 100644
index 00000000..e7017320
--- /dev/null
+++ b/www-servers/thttpd/files/thttpd-2.25/thttpd.conf.sample
@@ -0,0 +1,38 @@
+## /etc/thttpd.conf
+##
+## do not leave empty lines in here!
+## format is: key=value
+##
+## run in debug-mode?
+#debug
+##
+## what interface to bind to?
+## (default is binding to any interface)
+#host=www.example.org
+port=8080
+user=nobody
+##
+## CGI:
+##	?	match a single char
+##	*	matches any string excluding "/"
+##	**	matches any string including "/"
+##	separate multiple patterns with "|"
+#cgipat=**.sh|**.cgi
+##
+## chroot:
+chroot
+#nochroot
+##
+logfile=/var/log/thttpd.log
+pidfile=/var/run/thttpd.pid
+##
+charset=iso-8859-1
+##
+## control the caching: (in secs)
+#maxage 60
+##
+## virtual hosting:
+#vhost
+##
+## cache-control: send this "max-age" in all HTTP-responses:
+#max-age=0
diff --git a/www-servers/thttpd/files/thttpd-2.25/thttpd.confd b/www-servers/thttpd/files/thttpd-2.25/thttpd.confd
new file mode 100644
index 00000000..453636c4
--- /dev/null
+++ b/www-servers/thttpd/files/thttpd-2.25/thttpd.confd
@@ -0,0 +1,27 @@
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License, v2 or later
+# $Header: /var/cvsroot/gentoo-x86/www-servers/thttpd/files/thttpd-2.25/thttpd.confd,v 1.1 2004/08/08 18:34:03 stuart Exp $
+
+## Config file for /etc/init.d/thttpd
+
+## the startup-dir of thttpd is the docroot, so we specify it here
+## and the init-script does a "cd" prior to startup:
+THTTPD_DOCROOT="/var/www/localhost"
+
+## There are 2 ways to configure thttpd:
+##	1) specify all params on the cmd-line
+##	2) use a config-file (and start with "-C <conf-file>")
+## Note: 1) and 2) can be mixed.
+##
+## We choose 1) here -- if you have a more complicated setup read
+## thttpd(8) for details on 2).
+
+THTTPD_OPTS="-p 8080 -u nobody -r -i /var/run/thttpd.pid -l /var/log/thttpd.log"
+
+## For a more complex setup (e.g. cgi-support) use an external configfile:
+## comment the THTTPD_OPTS line above und use the one below.
+#THTTPD_OPTS="-C /etc/thttpd/thttpd.conf"
+
+## If you know what you are doing you can add cgi-support with the line below;
+## but you _should_ use the extern-configfile version!
+#THTTPD_OPTS="$THTTPD_OPTS -c **.cgi|**.sh"
diff --git a/www-servers/thttpd/files/thttpd-2.25/thttpd.init b/www-servers/thttpd/files/thttpd-2.25/thttpd.init
new file mode 100644
index 00000000..0821887c
--- /dev/null
+++ b/www-servers/thttpd/files/thttpd-2.25/thttpd.init
@@ -0,0 +1,30 @@
+#!/sbin/runscript
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License, v2 or later
+# $Header: /var/cvsroot/gentoo-x86/www-servers/thttpd/files/thttpd-2.25/thttpd.init,v 1.2 2006/09/06 14:31:17 dsd Exp $
+
+depend() {
+	need net
+}
+
+start() {
+	ebegin "Starting thttpd"
+	if [ ! -d "$THTTPD_DOCROOT" ]; then
+		eend 1 "THTTPD_DOCROOT not set correctly in /etc/conf.d/thttpd"
+		exit 1
+	fi
+	start-stop-daemon --quiet --start --startas /usr/sbin/thttpd \
+		--pidfile /var/run/thttpd.pid --chdir "$THTTPD_DOCROOT" -- \
+			${THTTPD_OPTS}
+	eend $?
+}
+
+stop() {
+	local rc
+
+	ebegin "Stopping thttpd"
+	start-stop-daemon --quiet --stop --pidfile /var/run/thttpd.pid
+	rc=$?
+	rm -f /var/run/thttpd.pid
+	eend $rc
+}
diff --git a/www-servers/thttpd/files/thttpd-getline.diff b/www-servers/thttpd/files/thttpd-getline.diff
new file mode 100644
index 00000000..8d162b74
--- /dev/null
+++ b/www-servers/thttpd/files/thttpd-getline.diff
@@ -0,0 +1,20 @@
+--- extras/htpasswd.c.ori	2009-05-24 14:23:13.000000000 +0200
++++ extras/htpasswd.c	2009-05-24 14:23:30.000000000 +0200
+@@ -49,7 +49,7 @@
+     while((line[y++] = line[x++]));
+ }
+ 
+-static int getline(char *s, int n, FILE *f) {
++static int thttpd_getline(char *s, int n, FILE *f) {
+     register int i=0;
+ 
+     while(1) {
+@@ -228,7 +228,7 @@
+     strcpy(user,argv[2]);
+ 
+     found = 0;
+-    while(!(getline(line,MAX_STRING_LEN,f))) {
++    while(!(thttpd_getline(line,MAX_STRING_LEN,f))) {
+         if(found || (line[0] == '#') || (!line[0])) {
+             putline(tfp,line);
+             continue;
diff --git a/www-servers/thttpd/files/thttpd.logrotate b/www-servers/thttpd/files/thttpd.logrotate
new file mode 100644
index 00000000..7e75c813
--- /dev/null
+++ b/www-servers/thttpd/files/thttpd.logrotate
@@ -0,0 +1,12 @@
+/var/log/thttpd.log {
+	daily
+	rotate 5
+	compress
+	delaycompress
+	missingok
+	notifempty
+	sharedscripts
+	postrotate
+		kill -HUP `cat /var/run/thttpd.pid 2>/dev/null` 2>/dev/null || true
+	endscript
+}
diff --git a/www-servers/thttpd/thttpd-2.25b-r7.ebuild b/www-servers/thttpd/thttpd-2.25b-r7.ebuild
new file mode 100644
index 00000000..2332c2f4
--- /dev/null
+++ b/www-servers/thttpd/thttpd-2.25b-r7.ebuild
@@ -0,0 +1,66 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/www-servers/thttpd/thttpd-2.25b-r7.ebuild,v 1.6 2008/06/26 08:39:18 bangert Exp $
+
+inherit eutils flag-o-matic
+
+MY_P="${P%[a-z]*}"
+
+DESCRIPTION="Small and fast multiplexing webserver."
+HOMEPAGE="http://www.acme.com/software/thttpd/"
+SRC_URI="http://www.acme.com/software/thttpd/${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="amd64 ~hppa ~mips ppc sparc x86 ~x86-fbsd"
+IUSE="static"
+
+THTTPD_USER=thttpd
+THTTPD_GROUP=thttpd
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+	epatch "${FILESDIR}"/${MY_P}/*.diff
+	epatch "${FILESDIR}"/${PN}-getline.diff
+}
+
+pkg_setup() {
+	enewgroup ${THTTPD_GROUP}
+	enewuser ${THTTPD_USER}  -1 -1 -1 ${THTTPD_GROUP}
+}
+
+src_compile() {
+	## TODO: what to do with IPv6?
+	use static && append-ldflags -static
+
+	econf || die "econf failed"
+	emake || die "emake failed"
+}
+
+src_install () {
+	dodir /usr/share/man/man1
+	make prefix="${D}"/usr \
+		MANDIR="${D}"/usr/share/man \
+		WEBGROUP=${THTTPD_GROUP} \
+		WEBDIR="${D}"/var/www/localhost \
+		"$@" install || die "make install failed"
+
+	mv "${D}"/usr/sbin/{,th_}htpasswd
+	mv "${D}"/usr/share/man/man1/{,th_}htpasswd.1
+
+	newinitd "${FILESDIR}"/${MY_P}/thttpd.init thttpd
+	newconfd "${FILESDIR}"/${MY_P}/thttpd.confd thttpd
+
+	dodoc README INSTALL TODO
+
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}/thttpd.logrotate" thttpd
+
+	insinto /etc/thttpd
+	doins "${FILESDIR}"/${MY_P}/thttpd.conf.sample
+}
+
+pkg_postinst() {
+	elog "Adjust THTTPD_DOCROOT in /etc/conf.d/thttpd !"
+}