Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Peter Weller (welp)" <welp@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo-x86 commit in www-servers/lighttpd/files/1.4.18: 03_all_lighttpd-1.4.11-errorlog-pipe.diff 04_all_lighttpd-1.4.13-deprecated-ldap-api.diff
Date: Sun, 09 Sep 2007 22:26:27
Message-Id: E1IUV7q-0000bK-SG@stork.gentoo.org
1 welp 07/09/09 22:19:30
2
3 Added: 03_all_lighttpd-1.4.11-errorlog-pipe.diff
4 04_all_lighttpd-1.4.13-deprecated-ldap-api.diff
5 Log:
6 Security bump wrt bug 191912 - straight to stable on amd64 and x86 by request of angelos and jokey, respectively
7 (Portage version: 2.1.3_rc8)
8
9 Revision Changes Path
10 1.1 www-servers/lighttpd/files/1.4.18/03_all_lighttpd-1.4.11-errorlog-pipe.diff
11
12 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-servers/lighttpd/files/1.4.18/03_all_lighttpd-1.4.11-errorlog-pipe.diff?rev=1.1&view=markup
13 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-servers/lighttpd/files/1.4.18/03_all_lighttpd-1.4.11-errorlog-pipe.diff?rev=1.1&content-type=text/plain
14
15 Index: 03_all_lighttpd-1.4.11-errorlog-pipe.diff
16 ===================================================================
17 diff -ur lighttpd-1.4.11.orig/src/base.h lighttpd-1.4.11/src/base.h
18 --- lighttpd-1.4.11.orig/src/base.h 2006-01-13 06:51:04.000000000 -0800
19 +++ lighttpd-1.4.11/src/base.h 2006-12-17 18:01:39.000000000 -0800
20 @@ -505,7 +505,7 @@
21
22 /* the errorlog */
23 int errorlog_fd;
24 - enum { ERRORLOG_STDERR, ERRORLOG_FILE, ERRORLOG_SYSLOG } errorlog_mode;
25 + enum { ERRORLOG_STDERR, ERRORLOG_FILE, ERRORLOG_SYSLOG, ERRORLOG_PIPE } errorlog_mode;
26 buffer *errorlog_buf;
27
28 fdevents *ev, *ev_ins;
29 diff -ur lighttpd-1.4.11.orig/src/log.c lighttpd-1.4.11/src/log.c
30 --- lighttpd-1.4.11.orig/src/log.c 2005-13-07 05:01:35.000000000 -0800
31 +++ lighttpd-1.4.11/src/log.c 2006-12-17 18:09:43.000000000 -0800
32 @@ -34,10 +34,11 @@
33 /**
34 * open the errorlog
35 *
36 - * we have 3 possibilities:
37 + * we have 4 possibilities:
38 * - stderr (default)
39 * - syslog
40 * - logfile
41 + * - pipe
42 *
43 * if the open failed, report to the user and die
44 *
45 @@ -57,21 +58,81 @@
46 srv->errorlog_mode = ERRORLOG_SYSLOG;
47 } else if (!buffer_is_empty(srv->srvconf.errorlog_file)) {
48 const char *logfile = srv->srvconf.errorlog_file->ptr;
49 -
50 - if (-1 == (srv->errorlog_fd = open(logfile, O_APPEND | O_WRONLY | O_CREAT | O_LARGEFILE, 0644))) {
51 - log_error_write(srv, __FILE__, __LINE__, "SSSS",
52 - "opening errorlog '", logfile,
53 - "' failed: ", strerror(errno));
54 -
55 +
56 + if (logfile[0] == '|') {
57 +#ifdef HAVE_FORK
58 + /* create write pipe and spawn process */
59 +
60 + int to_log_fds[2];
61 + pid_t pid;
62 +
63 + if (pipe(to_log_fds)) {
64 + log_error_write(srv, __FILE__, __LINE__, "ss",
65 + "pipe failed: ", strerror(errno));
66 + return -1;
67 + }
68 +
69 + /* fork, execve */
70 + switch (pid = fork()) {
71 + case 0:
72 + /* child */
73 +
74 + close(STDIN_FILENO);
75 + dup2(to_log_fds[0], STDIN_FILENO);
76 + close(to_log_fds[0]);
77 + /* not needed */
78 + close(to_log_fds[1]);
79 +
80 + /* we don't need the client socket */
81 + for (fd = 3; fd < 256; fd++) {
82 + close(fd);
83 + }
84 +
85 + /* exec the log-process (skip the | )
86 + *
87 + */
88 +
89 + execl("/bin/sh", "sh", "-c", logfile + 1, NULL);
90 +
91 + log_error_write(srv, __FILE__, __LINE__, "sss",
92 + "spawning log-process failed: ",
93 + strerror(errno), logfile + 1);
94 +
95 + exit(-1);
96 + break;
97 + case -1:
98 + /* error */
99 + log_error_write(srv, __FILE__, __LINE__, "ss", "fork failed:", strerror(errno));
100 + break;
101 + default:
102 + close(to_log_fds[0]);
103 +
104 + srv->errorlog_fd = to_log_fds[1];
105 +
106 + break;
107 + }
108 + srv->errorlog_mode = ERRORLOG_PIPE;
109 +#else
110 + log_error_write(srv, __FILE__, __LINE__, "SSS",
111 + "opening errorlog '", logfile,"' impossible");
112 return -1;
113 - }
114 +#endif
115 + } else {
116 + if (-1 == (srv->errorlog_fd = open(logfile, O_APPEND | O_WRONLY | O_CREAT | O_LARGEFILE, 0644))) {
117 + log_error_write(srv, __FILE__, __LINE__, "SSSS",
118 + "opening errorlog '", logfile,
119 + "' failed: ", strerror(errno));
120 +
121 + return -1;
122 + }
123 + srv->errorlog_mode = ERRORLOG_FILE;
124 + }
125 #ifdef FD_CLOEXEC
126 - /* close fd on exec (cgi) */
127 - fcntl(srv->errorlog_fd, F_SETFD, FD_CLOEXEC);
128 + /* close fd on exec (cgi) */
129 + fcntl(srv->errorlog_fd, F_SETFD, FD_CLOEXEC);
130 #endif
131 - srv->errorlog_mode = ERRORLOG_FILE;
132 - }
133 -
134 + }
135 +
136 log_error_write(srv, __FILE__, __LINE__, "s", "server started");
137
138 #ifdef HAVE_VALGRIND_VALGRIND_H
139 @@ -99,7 +160,7 @@
140 */
141
142 int log_error_cycle(server *srv) {
143 - /* only cycle if we are not in syslog-mode */
144 + /* only cycle if the error log is a file */
145
146 if (srv->errorlog_mode == ERRORLOG_FILE) {
147 const char *logfile = srv->srvconf.errorlog_file->ptr;
148 @@ -135,6 +196,7 @@
149 log_error_write(srv, __FILE__, __LINE__, "s", "server stopped");
150
151 switch(srv->errorlog_mode) {
152 + case ERRORLOG_PIPE: /* fall through */
153 case ERRORLOG_FILE:
154 close(srv->errorlog_fd);
155 break;
156 @@ -154,6 +216,7 @@
157 va_list ap;
158
159 switch(srv->errorlog_mode) {
160 + case ERRORLOG_PIPE:
161 case ERRORLOG_FILE:
162 case ERRORLOG_STDERR:
163 /* cache the generated timestamp */
164 @@ -238,6 +301,7 @@
165 va_end(ap);
166
167 switch(srv->errorlog_mode) {
168 + case ERRORLOG_PIPE: /* fall through */
169 case ERRORLOG_FILE:
170 BUFFER_APPEND_STRING_CONST(srv->errorlog_buf, "\n");
171 write(srv->errorlog_fd, srv->errorlog_buf->ptr, srv->errorlog_buf->used - 1);
172 diff -ur lighttpd-1.4.11.orig/src/mod_cgi.c lighttpd-1.4.11/src/mod_cgi.c
173 --- lighttpd-1.4.11.orig/src/mod_cgi.c 2006-02-22 05:15:10.000000000 -0800
174 +++ lighttpd-1.4.11/src/mod_cgi.c 2006-12-17 18:01:39.000000000 -0800
175 @@ -750,7 +750,7 @@
176 *
177 * we feed the stderr of the CGI to our errorlog, if possible
178 */
179 - if (srv->errorlog_mode == ERRORLOG_FILE) {
180 + if ((srv->errorlog_mode == ERRORLOG_FILE) || (srv->errorlog_mode == ERRORLOG_PIPE)) {
181 close(STDERR_FILENO);
182 dup2(srv->errorlog_fd, STDERR_FILENO);
183 }
184 diff -ur lighttpd-1.4.11.orig/src/mod_rrdtool.c lighttpd-1.4.11/src/mod_rrdtool.c
185 --- lighttpd-1.4.11.orig/src/mod_rrdtool.c 2005-08-21 15:52:24.000000000 -0700
186 +++ lighttpd-1.4.11/src/mod_rrdtool.c 2006-12-17 18:01:39.000000000 -0800
187 @@ -134,7 +134,7 @@
188
189 close(STDERR_FILENO);
190
191 - if (srv->errorlog_mode == ERRORLOG_FILE) {
192 + if ((srv->errorlog_mode == ERRORLOG_FILE) || (srv->errorlog_mode == ERRORLOG_PIPE)) {
193 dup2(srv->errorlog_fd, STDERR_FILENO);
194 close(srv->errorlog_fd);
195 }
196
197
198
199 1.1 www-servers/lighttpd/files/1.4.18/04_all_lighttpd-1.4.13-deprecated-ldap-api.diff
200
201 file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-servers/lighttpd/files/1.4.18/04_all_lighttpd-1.4.13-deprecated-ldap-api.diff?rev=1.1&view=markup
202 plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/www-servers/lighttpd/files/1.4.18/04_all_lighttpd-1.4.13-deprecated-ldap-api.diff?rev=1.1&content-type=text/plain
203
204 Index: 04_all_lighttpd-1.4.13-deprecated-ldap-api.diff
205 ===================================================================
206 --- lighttpd-1.4.13.old/src/Makefile.am 2006-10-09 12:19:34.000000000 -0400
207 +++ lighttpd-1.4.13/src/Makefile.am 2007-03-26 10:10:26.000000000 -0400
208 @@ -213,6 +213,7 @@
209 mod_auth_la_SOURCES = mod_auth.c http_auth_digest.c http_auth.c
210 mod_auth_la_LDFLAGS = -module -export-dynamic -avoid-version -no-undefined
211 mod_auth_la_LIBADD = $(CRYPT_LIB) $(LDAP_LIB) $(LBER_LIB) $(common_libadd)
212 +mod_auth_la_CFLAGS = -DLDAP_DEPRECATED
213
214 lib_LTLIBRARIES += mod_rewrite.la
215 mod_rewrite_la_SOURCES = mod_rewrite.c
216
217
218
219 --
220 gentoo-commits@g.o mailing list
Report Message
Find on MARC Find on Google Groups