diff options
Diffstat (limited to 'www-servers')
10 files changed, 305 insertions, 0 deletions
diff --git a/www-servers/thttpd/Manifest b/www-servers/thttpd/Manifest new file mode 100644 index 00000000..cfeec09b --- /dev/null +++ b/www-servers/thttpd/Manifest @@ -0,0 +1,10 @@ +AUX thttpd-2.25/additional-input-validation-httpd.c.diff 2249 RMD160 ad101512e54d1c154dc039d616067456e0130a7e SHA1 88eebce793c19d16a7a394b6142f412d92e511a2 SHA256 28fb9fa693a636df82627701df1e777bc28ffcefe90132391cbed1dc901ce51c +AUX thttpd-2.25/fix-buffer-overflow.diff 947 RMD160 30b80b19e792e0dce3eb238f664501a61bc5a3a7 SHA1 645316b836c731dc0385cfa7851c4dea8edc530c SHA256 3ef0b098398b052eb37711d1a0eb2f0cff556f606c3427d1d0529042368ce1ad +AUX thttpd-2.25/fix-insecure-tmp-creation-CVE-2005-3124.diff 724 RMD160 45ebedb4c9786d09285e976a16f0b1d8b8f11a59 SHA1 7757351b3e7f4c98f99c14067021f38d33bee045 SHA256 1d8b5295d8240603d47f32825d7d4c3e954d0e951e61af3d7de53776ab6753f8 +AUX thttpd-2.25/thttpd.conf.sample 672 RMD160 fd44c3f0c094b06aa6a18ff2b360e4cf9174ffc5 SHA1 2bd69756e0c17fe5e79a4eb76486d300defbd671 SHA256 36c778f749a1277569c72b23f9c4e25b80e10c7c74a43f493c99648ec8e5b787 +AUX thttpd-2.25/thttpd.confd 1152 RMD160 78503da6afa0bae20ecace503a3f5f8b7532c4ee SHA1 8599769e121d620eea18b27d51ce3d85414ee75d SHA256 cb723bdc62b339a20c238989d45d26bfcd79fa3a8d31e9bd666fdef979c31c54 +AUX thttpd-2.25/thttpd.init 745 RMD160 cb2eda2714728f8cee568b83013f3b5bb70974e7 SHA1 83fdd54a3ac959dc5c6a066a181a41c1d898ed9c SHA256 5e4512079ef620a442833a3ff05c0c4ac2856c6c65cc13da8191bd67d0b1b5da +AUX thttpd-getline.diff 600 RMD160 f8b1a1407c8371bfaafb0af104bc0f3104db9db0 SHA1 c8cf581642db84095c35df716b896f34dbca4917 SHA256 772092f58b93524571eb87a82906d25b5fb32c9040ea328d83aab4a5740927be +AUX thttpd.logrotate 197 RMD160 28c782571b226e49680a80bcbe5313ccc2a92d5c SHA1 384127ca1725a08fcfcd08de46a200c53966c24e SHA256 0399d9fdc31a5555307d33c4744b21271e9d7d4d6ded78573fb9b2210f593bc6 +DIST thttpd-2.25b.tar.gz 132363 RMD160 15020e8d04d27b30c4da3104387a281e35d58025 SHA1 51bc25ef035d7557c869a02ce353580a1cadfa2c SHA256 4ceaa30ef55702d5cfdffdccd3a2dee8d3090e852c18c7ce8d17d692ad0bf024 +EBUILD thttpd-2.25b-r7.ebuild 1573 RMD160 b9206ef010bd96281ce0b2e00c83e131ab431dcd SHA1 80f43f83abb9a831cec7ccee948c1ce6b8882d78 SHA256 b7148c079ea0337ae6783afdf28c379333441343be9fd7a6511b13043553dee6 diff --git a/www-servers/thttpd/files/thttpd-2.25/additional-input-validation-httpd.c.diff b/www-servers/thttpd/files/thttpd-2.25/additional-input-validation-httpd.c.diff new file mode 100644 index 00000000..04f59eac --- /dev/null +++ b/www-servers/thttpd/files/thttpd-2.25/additional-input-validation-httpd.c.diff @@ -0,0 +1,62 @@ +--- thttpd-2.25b/extras/htpasswd.c.orig 2006-03-31 04:12:42.281317000 +0000 ++++ thttpd-2.25b/extras/htpasswd.c 2006-03-31 05:21:37.741632392 +0000 +@@ -151,6 +151,7 @@ void interrupted(int signo) { + int main(int argc, char *argv[]) { + FILE *tfp,*f; + char user[MAX_STRING_LEN]; ++ char pwfilename[MAX_STRING_LEN]; + char line[MAX_STRING_LEN]; + char l[MAX_STRING_LEN]; + char w[MAX_STRING_LEN]; +@@ -168,6 +169,25 @@ int main(int argc, char *argv[]) { + perror("fopen"); + exit(1); + } ++ if (strlen(argv[2]) > (sizeof(pwfilename) - 1)) { ++ fprintf(stderr, "%s: filename is too long\n", argv[0]); ++ exit(1); ++ } ++ if (((strchr(argv[2], ';')) != NULL) || ((strchr(argv[2], '>')) != NULL)) { ++ fprintf(stderr, "%s: filename contains an illegal character\n", ++ argv[0]); ++ exit(1); ++ } ++ if (strlen(argv[3]) > (sizeof(user) - 1)) { ++ fprintf(stderr, "%s: username is too long\n", argv[0], ++ sizeof(user) - 1); ++ exit(1); ++ } ++ if ((strchr(argv[3], ':')) != NULL) { ++ fprintf(stderr, "%s: username contains an illegal character\n", ++ argv[0]); ++ exit(1); ++ } + printf("Adding password for %s.\n",argv[3]); + add_password(argv[3],tfp); + fclose(tfp); +@@ -180,6 +200,25 @@ int main(int argc, char *argv[]) { + exit(1); + } + ++ if (strlen(argv[1]) > (sizeof(pwfilename) - 1)) { ++ fprintf(stderr, "%s: filename is too long\n", argv[0]); ++ exit(1); ++ } ++ if (((strchr(argv[1], ';')) != NULL) || ((strchr(argv[1], '>')) != NULL)) { ++ fprintf(stderr, "%s: filename contains an illegal character\n", ++ argv[0]); ++ exit(1); ++ } ++ if (strlen(argv[2]) > (sizeof(user) - 1)) { ++ fprintf(stderr, "%s: username is too long\n", argv[0], ++ sizeof(user) - 1); ++ exit(1); ++ } ++ if ((strchr(argv[2], ':')) != NULL) { ++ fprintf(stderr, "%s: username contains an illegal character\n", ++ argv[0]); ++ exit(1); ++ } + if(!(f = fopen(argv[1],"r"))) { + fprintf(stderr, + "Could not open passwd file %s for reading.\n",argv[1]); diff --git a/www-servers/thttpd/files/thttpd-2.25/fix-buffer-overflow.diff b/www-servers/thttpd/files/thttpd-2.25/fix-buffer-overflow.diff new file mode 100644 index 00000000..cacd7321 --- /dev/null +++ b/www-servers/thttpd/files/thttpd-2.25/fix-buffer-overflow.diff @@ -0,0 +1,21 @@ +diff -Nrup thttpd-2.25b.orig/libhttpd.c thttpd-2.25b/libhttpd.c +--- thttpd-2.25b.orig/libhttpd.c 2003-12-25 19:06:05.000000000 +0000 ++++ thttpd-2.25b/libhttpd.c 2007-01-08 21:43:28.000000000 +0000 +@@ -1469,7 +1469,7 @@ expand_symlinks( char* path, char** rest + httpd_realloc_str( &checked, &maxchecked, checkedlen ); + (void) strcpy( checked, path ); + /* Trim trailing slashes. */ +- while ( checked[checkedlen - 1] == '/' ) ++ while ( checkedlen && checked[checkedlen - 1] == '/' ) + { + checked[checkedlen - 1] = '\0'; + --checkedlen; +@@ -1488,7 +1488,7 @@ expand_symlinks( char* path, char** rest + restlen = strlen( path ); + httpd_realloc_str( &rest, &maxrest, restlen ); + (void) strcpy( rest, path ); +- if ( rest[restlen - 1] == '/' ) ++ if ( restlen && rest[restlen - 1] == '/' ) + rest[--restlen] = '\0'; /* trim trailing slash */ + if ( ! tildemapped ) + /* Remove any leading slashes. */ diff --git a/www-servers/thttpd/files/thttpd-2.25/fix-insecure-tmp-creation-CVE-2005-3124.diff b/www-servers/thttpd/files/thttpd-2.25/fix-insecure-tmp-creation-CVE-2005-3124.diff new file mode 100644 index 00000000..c41ec46b --- /dev/null +++ b/www-servers/thttpd/files/thttpd-2.25/fix-insecure-tmp-creation-CVE-2005-3124.diff @@ -0,0 +1,19 @@ +diff -ru thttpd-2.23beta1.orig/extras/syslogtocern thttpd-2.23beta1/extras/syslogtocern +--- thttpd-2.23beta1.orig/extras/syslogtocern 1999-09-15 18:00:54.000000000 +0200 ++++ thttpd-2.23beta1/extras/syslogtocern 2005-10-26 01:45:34.000000000 +0200 +@@ -31,8 +31,8 @@ + exit 1 + fi + +-tmp1=/tmp/stc1.$$ +-rm -f $tmp1 ++tmp1=``mktemp -t stc1.XXXXXX` || { echo "$0: Cannot create temporary file" >&2; exit 1; } ++trap " [ -f \"$tmp1\" ] && /bin/rm -f -- \"$tmp1\"" 0 1 2 3 13 15 + + # Gather up all the thttpd entries. + egrep ' thttpd\[' $* > $tmp1 +@@ -65,4 +65,3 @@ + sed -e "s,\([A-Z][a-z][a-z] [0-9 ][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]\) [^ ]* thttpd\[[0-9]*\]: \(.*\),[\1 ${year}] \2," > error_log + + # Done. +-rm -f $tmp1 diff --git a/www-servers/thttpd/files/thttpd-2.25/thttpd.conf.sample b/www-servers/thttpd/files/thttpd-2.25/thttpd.conf.sample new file mode 100644 index 00000000..e7017320 --- /dev/null +++ b/www-servers/thttpd/files/thttpd-2.25/thttpd.conf.sample @@ -0,0 +1,38 @@ +## /etc/thttpd.conf +## +## do not leave empty lines in here! +## format is: key=value +## +## run in debug-mode? +#debug +## +## what interface to bind to? +## (default is binding to any interface) +#host=www.example.org +port=8080 +user=nobody +## +## CGI: +## ? match a single char +## * matches any string excluding "/" +## ** matches any string including "/" +## separate multiple patterns with "|" +#cgipat=**.sh|**.cgi +## +## chroot: +chroot +#nochroot +## +logfile=/var/log/thttpd.log +pidfile=/var/run/thttpd.pid +## +charset=iso-8859-1 +## +## control the caching: (in secs) +#maxage 60 +## +## virtual hosting: +#vhost +## +## cache-control: send this "max-age" in all HTTP-responses: +#max-age=0 diff --git a/www-servers/thttpd/files/thttpd-2.25/thttpd.confd b/www-servers/thttpd/files/thttpd-2.25/thttpd.confd new file mode 100644 index 00000000..453636c4 --- /dev/null +++ b/www-servers/thttpd/files/thttpd-2.25/thttpd.confd @@ -0,0 +1,27 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License, v2 or later +# $Header: /var/cvsroot/gentoo-x86/www-servers/thttpd/files/thttpd-2.25/thttpd.confd,v 1.1 2004/08/08 18:34:03 stuart Exp $ + +## Config file for /etc/init.d/thttpd + +## the startup-dir of thttpd is the docroot, so we specify it here +## and the init-script does a "cd" prior to startup: +THTTPD_DOCROOT="/var/www/localhost" + +## There are 2 ways to configure thttpd: +## 1) specify all params on the cmd-line +## 2) use a config-file (and start with "-C <conf-file>") +## Note: 1) and 2) can be mixed. +## +## We choose 1) here -- if you have a more complicated setup read +## thttpd(8) for details on 2). + +THTTPD_OPTS="-p 8080 -u nobody -r -i /var/run/thttpd.pid -l /var/log/thttpd.log" + +## For a more complex setup (e.g. cgi-support) use an external configfile: +## comment the THTTPD_OPTS line above und use the one below. +#THTTPD_OPTS="-C /etc/thttpd/thttpd.conf" + +## If you know what you are doing you can add cgi-support with the line below; +## but you _should_ use the extern-configfile version! +#THTTPD_OPTS="$THTTPD_OPTS -c **.cgi|**.sh" diff --git a/www-servers/thttpd/files/thttpd-2.25/thttpd.init b/www-servers/thttpd/files/thttpd-2.25/thttpd.init new file mode 100644 index 00000000..0821887c --- /dev/null +++ b/www-servers/thttpd/files/thttpd-2.25/thttpd.init @@ -0,0 +1,30 @@ +#!/sbin/runscript +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License, v2 or later +# $Header: /var/cvsroot/gentoo-x86/www-servers/thttpd/files/thttpd-2.25/thttpd.init,v 1.2 2006/09/06 14:31:17 dsd Exp $ + +depend() { + need net +} + +start() { + ebegin "Starting thttpd" + if [ ! -d "$THTTPD_DOCROOT" ]; then + eend 1 "THTTPD_DOCROOT not set correctly in /etc/conf.d/thttpd" + exit 1 + fi + start-stop-daemon --quiet --start --startas /usr/sbin/thttpd \ + --pidfile /var/run/thttpd.pid --chdir "$THTTPD_DOCROOT" -- \ + ${THTTPD_OPTS} + eend $? +} + +stop() { + local rc + + ebegin "Stopping thttpd" + start-stop-daemon --quiet --stop --pidfile /var/run/thttpd.pid + rc=$? + rm -f /var/run/thttpd.pid + eend $rc +} diff --git a/www-servers/thttpd/files/thttpd-getline.diff b/www-servers/thttpd/files/thttpd-getline.diff new file mode 100644 index 00000000..8d162b74 --- /dev/null +++ b/www-servers/thttpd/files/thttpd-getline.diff @@ -0,0 +1,20 @@ +--- extras/htpasswd.c.ori 2009-05-24 14:23:13.000000000 +0200 ++++ extras/htpasswd.c 2009-05-24 14:23:30.000000000 +0200 +@@ -49,7 +49,7 @@ + while((line[y++] = line[x++])); + } + +-static int getline(char *s, int n, FILE *f) { ++static int thttpd_getline(char *s, int n, FILE *f) { + register int i=0; + + while(1) { +@@ -228,7 +228,7 @@ + strcpy(user,argv[2]); + + found = 0; +- while(!(getline(line,MAX_STRING_LEN,f))) { ++ while(!(thttpd_getline(line,MAX_STRING_LEN,f))) { + if(found || (line[0] == '#') || (!line[0])) { + putline(tfp,line); + continue; diff --git a/www-servers/thttpd/files/thttpd.logrotate b/www-servers/thttpd/files/thttpd.logrotate new file mode 100644 index 00000000..7e75c813 --- /dev/null +++ b/www-servers/thttpd/files/thttpd.logrotate @@ -0,0 +1,12 @@ +/var/log/thttpd.log { + daily + rotate 5 + compress + delaycompress + missingok + notifempty + sharedscripts + postrotate + kill -HUP `cat /var/run/thttpd.pid 2>/dev/null` 2>/dev/null || true + endscript +} diff --git a/www-servers/thttpd/thttpd-2.25b-r7.ebuild b/www-servers/thttpd/thttpd-2.25b-r7.ebuild new file mode 100644 index 00000000..2332c2f4 --- /dev/null +++ b/www-servers/thttpd/thttpd-2.25b-r7.ebuild @@ -0,0 +1,66 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/www-servers/thttpd/thttpd-2.25b-r7.ebuild,v 1.6 2008/06/26 08:39:18 bangert Exp $ + +inherit eutils flag-o-matic + +MY_P="${P%[a-z]*}" + +DESCRIPTION="Small and fast multiplexing webserver." +HOMEPAGE="http://www.acme.com/software/thttpd/" +SRC_URI="http://www.acme.com/software/thttpd/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="amd64 ~hppa ~mips ppc sparc x86 ~x86-fbsd" +IUSE="static" + +THTTPD_USER=thttpd +THTTPD_GROUP=thttpd + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/${MY_P}/*.diff + epatch "${FILESDIR}"/${PN}-getline.diff +} + +pkg_setup() { + enewgroup ${THTTPD_GROUP} + enewuser ${THTTPD_USER} -1 -1 -1 ${THTTPD_GROUP} +} + +src_compile() { + ## TODO: what to do with IPv6? + use static && append-ldflags -static + + econf || die "econf failed" + emake || die "emake failed" +} + +src_install () { + dodir /usr/share/man/man1 + make prefix="${D}"/usr \ + MANDIR="${D}"/usr/share/man \ + WEBGROUP=${THTTPD_GROUP} \ + WEBDIR="${D}"/var/www/localhost \ + "$@" install || die "make install failed" + + mv "${D}"/usr/sbin/{,th_}htpasswd + mv "${D}"/usr/share/man/man1/{,th_}htpasswd.1 + + newinitd "${FILESDIR}"/${MY_P}/thttpd.init thttpd + newconfd "${FILESDIR}"/${MY_P}/thttpd.confd thttpd + + dodoc README INSTALL TODO + + insinto /etc/logrotate.d + newins "${FILESDIR}/thttpd.logrotate" thttpd + + insinto /etc/thttpd + doins "${FILESDIR}"/${MY_P}/thttpd.conf.sample +} + +pkg_postinst() { + elog "Adjust THTTPD_DOCROOT in /etc/conf.d/thttpd !" +} |