From 60c75ff791ce88fe9bddede4997aa2c6dfea5e64 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Antonio=20Hern=C3=A1ndez=20Blas?= Date: Wed, 5 Nov 2014 18:22:25 +0700 Subject: network/thttpd: Updated for version 2.26. Signed-off-by: Willy Sudiarto Raharjo --- .../2.25b/additional-input-validation-httpd.c.diff | 62 ++++++++++ .../thttpd/patches/2.25b/fix-buffer-overflow.diff | 21 ++++ .../fix-insecure-tmp-creation-CVE-2005-3124.diff | 19 ++++ .../2.25b/thttpd-2.25b-fix-illegal-path-info.patch | 17 +++ .../2.25b/thttpd-2.25b-monolithic-timer.patch | 126 +++++++++++++++++++++ ...pd-2.25b-respect-CFLAGS--dont-link-static.patch | 55 +++++++++ .../2.25b/thttpd-2.25b-use-Status-header.patch | 12 ++ .../thttpd-2.25b-use-X-Forwarded-For-header.patch | 15 +++ .../additional-input-validation-httpd.c.diff | 62 ---------- network/thttpd/patches/crypt.patch | 24 ++++ network/thttpd/patches/discreet.patch | 37 ++++++ network/thttpd/patches/fix-buffer-overflow.diff | 21 ---- .../fix-insecure-tmp-creation-CVE-2005-3124.diff | 19 ---- .../thttpd/patches/fix-world-readable-log.patch | 59 ++++++++++ network/thttpd/patches/forwarded-for.patch | 16 +++ .../thttpd-2.25b-fix-illegal-path-info.patch | 17 --- .../thttpd/patches/thttpd-2.25b-glibc-2.10.patch | 21 ---- .../patches/thttpd-2.25b-monolithic-timer.patch | 126 --------------------- ...pd-2.25b-respect-CFLAGS--dont-link-static.patch | 55 --------- .../patches/thttpd-2.25b-use-Status-header.patch | 12 -- .../thttpd-2.25b-use-X-Forwarded-For-header.patch | 15 --- 21 files changed, 463 insertions(+), 348 deletions(-) create mode 100644 network/thttpd/patches/2.25b/additional-input-validation-httpd.c.diff create mode 100644 network/thttpd/patches/2.25b/fix-buffer-overflow.diff create mode 100644 network/thttpd/patches/2.25b/fix-insecure-tmp-creation-CVE-2005-3124.diff create mode 100644 network/thttpd/patches/2.25b/thttpd-2.25b-fix-illegal-path-info.patch create mode 100644 network/thttpd/patches/2.25b/thttpd-2.25b-monolithic-timer.patch create mode 100644 network/thttpd/patches/2.25b/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch create mode 100644 network/thttpd/patches/2.25b/thttpd-2.25b-use-Status-header.patch create mode 100644 network/thttpd/patches/2.25b/thttpd-2.25b-use-X-Forwarded-For-header.patch delete mode 100644 network/thttpd/patches/additional-input-validation-httpd.c.diff create mode 100644 network/thttpd/patches/crypt.patch create mode 100644 network/thttpd/patches/discreet.patch delete mode 100644 network/thttpd/patches/fix-buffer-overflow.diff delete mode 100644 network/thttpd/patches/fix-insecure-tmp-creation-CVE-2005-3124.diff create mode 100644 network/thttpd/patches/fix-world-readable-log.patch create mode 100644 network/thttpd/patches/forwarded-for.patch delete mode 100644 network/thttpd/patches/thttpd-2.25b-fix-illegal-path-info.patch delete mode 100644 network/thttpd/patches/thttpd-2.25b-glibc-2.10.patch delete mode 100644 network/thttpd/patches/thttpd-2.25b-monolithic-timer.patch delete mode 100644 network/thttpd/patches/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch delete mode 100644 network/thttpd/patches/thttpd-2.25b-use-Status-header.patch delete mode 100644 network/thttpd/patches/thttpd-2.25b-use-X-Forwarded-For-header.patch (limited to 'network/thttpd/patches') diff --git a/network/thttpd/patches/2.25b/additional-input-validation-httpd.c.diff b/network/thttpd/patches/2.25b/additional-input-validation-httpd.c.diff new file mode 100644 index 0000000000..04f59eac8e --- /dev/null +++ b/network/thttpd/patches/2.25b/additional-input-validation-httpd.c.diff @@ -0,0 +1,62 @@ +--- thttpd-2.25b/extras/htpasswd.c.orig 2006-03-31 04:12:42.281317000 +0000 ++++ thttpd-2.25b/extras/htpasswd.c 2006-03-31 05:21:37.741632392 +0000 +@@ -151,6 +151,7 @@ void interrupted(int signo) { + int main(int argc, char *argv[]) { + FILE *tfp,*f; + char user[MAX_STRING_LEN]; ++ char pwfilename[MAX_STRING_LEN]; + char line[MAX_STRING_LEN]; + char l[MAX_STRING_LEN]; + char w[MAX_STRING_LEN]; +@@ -168,6 +169,25 @@ int main(int argc, char *argv[]) { + perror("fopen"); + exit(1); + } ++ if (strlen(argv[2]) > (sizeof(pwfilename) - 1)) { ++ fprintf(stderr, "%s: filename is too long\n", argv[0]); ++ exit(1); ++ } ++ if (((strchr(argv[2], ';')) != NULL) || ((strchr(argv[2], '>')) != NULL)) { ++ fprintf(stderr, "%s: filename contains an illegal character\n", ++ argv[0]); ++ exit(1); ++ } ++ if (strlen(argv[3]) > (sizeof(user) - 1)) { ++ fprintf(stderr, "%s: username is too long\n", argv[0], ++ sizeof(user) - 1); ++ exit(1); ++ } ++ if ((strchr(argv[3], ':')) != NULL) { ++ fprintf(stderr, "%s: username contains an illegal character\n", ++ argv[0]); ++ exit(1); ++ } + printf("Adding password for %s.\n",argv[3]); + add_password(argv[3],tfp); + fclose(tfp); +@@ -180,6 +200,25 @@ int main(int argc, char *argv[]) { + exit(1); + } + ++ if (strlen(argv[1]) > (sizeof(pwfilename) - 1)) { ++ fprintf(stderr, "%s: filename is too long\n", argv[0]); ++ exit(1); ++ } ++ if (((strchr(argv[1], ';')) != NULL) || ((strchr(argv[1], '>')) != NULL)) { ++ fprintf(stderr, "%s: filename contains an illegal character\n", ++ argv[0]); ++ exit(1); ++ } ++ if (strlen(argv[2]) > (sizeof(user) - 1)) { ++ fprintf(stderr, "%s: username is too long\n", argv[0], ++ sizeof(user) - 1); ++ exit(1); ++ } ++ if ((strchr(argv[2], ':')) != NULL) { ++ fprintf(stderr, "%s: username contains an illegal character\n", ++ argv[0]); ++ exit(1); ++ } + if(!(f = fopen(argv[1],"r"))) { + fprintf(stderr, + "Could not open passwd file %s for reading.\n",argv[1]); diff --git a/network/thttpd/patches/2.25b/fix-buffer-overflow.diff b/network/thttpd/patches/2.25b/fix-buffer-overflow.diff new file mode 100644 index 0000000000..cacd732148 --- /dev/null +++ b/network/thttpd/patches/2.25b/fix-buffer-overflow.diff @@ -0,0 +1,21 @@ +diff -Nrup thttpd-2.25b.orig/libhttpd.c thttpd-2.25b/libhttpd.c +--- thttpd-2.25b.orig/libhttpd.c 2003-12-25 19:06:05.000000000 +0000 ++++ thttpd-2.25b/libhttpd.c 2007-01-08 21:43:28.000000000 +0000 +@@ -1469,7 +1469,7 @@ expand_symlinks( char* path, char** rest + httpd_realloc_str( &checked, &maxchecked, checkedlen ); + (void) strcpy( checked, path ); + /* Trim trailing slashes. */ +- while ( checked[checkedlen - 1] == '/' ) ++ while ( checkedlen && checked[checkedlen - 1] == '/' ) + { + checked[checkedlen - 1] = '\0'; + --checkedlen; +@@ -1488,7 +1488,7 @@ expand_symlinks( char* path, char** rest + restlen = strlen( path ); + httpd_realloc_str( &rest, &maxrest, restlen ); + (void) strcpy( rest, path ); +- if ( rest[restlen - 1] == '/' ) ++ if ( restlen && rest[restlen - 1] == '/' ) + rest[--restlen] = '\0'; /* trim trailing slash */ + if ( ! tildemapped ) + /* Remove any leading slashes. */ diff --git a/network/thttpd/patches/2.25b/fix-insecure-tmp-creation-CVE-2005-3124.diff b/network/thttpd/patches/2.25b/fix-insecure-tmp-creation-CVE-2005-3124.diff new file mode 100644 index 0000000000..c41ec46b97 --- /dev/null +++ b/network/thttpd/patches/2.25b/fix-insecure-tmp-creation-CVE-2005-3124.diff @@ -0,0 +1,19 @@ +diff -ru thttpd-2.23beta1.orig/extras/syslogtocern thttpd-2.23beta1/extras/syslogtocern +--- thttpd-2.23beta1.orig/extras/syslogtocern 1999-09-15 18:00:54.000000000 +0200 ++++ thttpd-2.23beta1/extras/syslogtocern 2005-10-26 01:45:34.000000000 +0200 +@@ -31,8 +31,8 @@ + exit 1 + fi + +-tmp1=/tmp/stc1.$$ +-rm -f $tmp1 ++tmp1=``mktemp -t stc1.XXXXXX` || { echo "$0: Cannot create temporary file" >&2; exit 1; } ++trap " [ -f \"$tmp1\" ] && /bin/rm -f -- \"$tmp1\"" 0 1 2 3 13 15 + + # Gather up all the thttpd entries. + egrep ' thttpd\[' $* > $tmp1 +@@ -65,4 +65,3 @@ + sed -e "s,\([A-Z][a-z][a-z] [0-9 ][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]\) [^ ]* thttpd\[[0-9]*\]: \(.*\),[\1 ${year}] \2," > error_log + + # Done. +-rm -f $tmp1 diff --git a/network/thttpd/patches/2.25b/thttpd-2.25b-fix-illegal-path-info.patch b/network/thttpd/patches/2.25b/thttpd-2.25b-fix-illegal-path-info.patch new file mode 100644 index 0000000000..d1688f1446 --- /dev/null +++ b/network/thttpd/patches/2.25b/thttpd-2.25b-fix-illegal-path-info.patch @@ -0,0 +1,17 @@ +diff -Naur thttpd-2.25b.orig/libhttpd.c thttpd-2.25b/libhttpd.c +--- thttpd-2.25b.orig/libhttpd.c 2007-10-14 10:09:55.000000000 +0000 ++++ thttpd-2.25b/libhttpd.c 2007-10-14 10:09:11.000000000 +0000 +@@ -2322,8 +2320,11 @@ + { + int i; + i = strlen( hc->origfilename ) - strlen( hc->pathinfo ); +- if ( i > 0 && strcmp( &hc->origfilename[i], hc->pathinfo ) == 0 ) +- hc->origfilename[i - 1] = '\0'; ++ if ( strcmp( &hc->origfilename[i], hc->pathinfo ) == 0 ) ++ { ++ if ( i == 0 ) hc->origfilename[0] = '\0'; ++ else hc->origfilename[i - 1] = '\0'; ++ } + } + + /* If the expanded filename is an absolute path, check that it's still diff --git a/network/thttpd/patches/2.25b/thttpd-2.25b-monolithic-timer.patch b/network/thttpd/patches/2.25b/thttpd-2.25b-monolithic-timer.patch new file mode 100644 index 0000000000..9ff38aec45 --- /dev/null +++ b/network/thttpd/patches/2.25b/thttpd-2.25b-monolithic-timer.patch @@ -0,0 +1,126 @@ +diff -Nru thttpd-2.25b.orig/configure.in thttpd-2.25b/configure.in +--- thttpd-2.25b.orig/configure.in 2003-12-25 20:41:13.000000000 +0200 ++++ thttpd-2.25b/configure.in 2010-07-08 00:04:25.000000000 +0300 +@@ -123,6 +123,8 @@ + ;; + esac + ++AC_CHECK_LIB(rt, clock_gettime) ++ + AC_ACME_TM_GMTOFF + AC_ACME_INT64T + AC_ACME_SOCKLENT +diff -Nru thttpd-2.25b.orig/thttpd.c thttpd-2.25b/thttpd.c +--- thttpd-2.25b.orig/thttpd.c 2003-12-25 21:06:52.000000000 +0200 ++++ thttpd-2.25b/thttpd.c 2010-07-08 00:41:28.000000000 +0300 +@@ -742,7 +742,7 @@ + } + + /* Main loop. */ +- (void) gettimeofday( &tv, (struct timezone*) 0 ); ++ tmr_prepare_timeval( &tv ); + while ( ( ! terminate ) || num_connects > 0 ) + { + /* Do we need to re-open the log file? */ +@@ -761,7 +761,7 @@ + syslog( LOG_ERR, "fdwatch - %m" ); + exit( 1 ); + } +- (void) gettimeofday( &tv, (struct timezone*) 0 ); ++ tmr_prepare_timeval( &tv ); + + if ( num_ready == 0 ) + { +diff -Nru thttpd-2.25b.orig/timers.c thttpd-2.25b/timers.c +--- thttpd-2.25b.orig/timers.c 2002-08-22 04:04:12.000000000 +0300 ++++ thttpd-2.25b/timers.c 2010-07-08 11:47:03.000000000 +0300 +@@ -41,7 +41,13 @@ + + ClientData JunkClientData; + +- ++#undef HAVE_LIBRT_MONO ++#if defined(HAVE_LIBRT) && defined(CLOCK_MONOTONIC) ++#define HAVE_LIBRT_MONO ++#include ++static int use_monotonic = 0; /* monotonic clock runtime availability flag */ ++static struct timeval tv_diff; /* system time - monotonic difference at start */ ++#endif + + static unsigned int + hash( Timer* t ) +@@ -145,6 +151,26 @@ + timers[h] = (Timer*) 0; + free_timers = (Timer*) 0; + alloc_count = active_count = free_count = 0; ++ ++ /* Check for monotonic clock availability */ ++#ifdef HAVE_LIBRT_MONO ++ struct timespec ts; ++ struct timeval tv_start, tv; ++ ++ /* Try to get monotonic clock time */ ++ if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0) { ++ use_monotonic = 1; ++ ++ /* Get current system time */ ++ (void) gettimeofday( &tv_start , (struct timezone*) 0 ); ++ tv.tv_sec = ts.tv_sec; ++ tv.tv_usec = ts.tv_nsec / 1000L; ++ /* Calculate and save the difference: tv_start is since the Epoch, so tv_start > ts ++ tv_diff = tv_start - tv */ ++ timersub( &tv_start, &tv, &tv_diff ); ++ } ++#endif ++ + } + + +@@ -176,7 +202,7 @@ + if ( nowP != (struct timeval*) 0 ) + t->time = *nowP; + else +- (void) gettimeofday( &t->time, (struct timezone*) 0 ); ++ tmr_prepare_timeval( &t->time ); + t->time.tv_sec += msecs / 1000L; + t->time.tv_usec += ( msecs % 1000L ) * 1000L; + if ( t->time.tv_usec >= 1000000L ) +@@ -349,3 +375,27 @@ + if ( active_count + free_count != alloc_count ) + syslog( LOG_ERR, "timer counts don't add up!" ); + } ++ ++/* Fill timeval structure for further usage by the package. */ ++void ++tmr_prepare_timeval( struct timeval *tv ) ++{ ++#ifdef HAVE_LIBRT_MONO ++ struct timespec ts; ++ struct timeval tv0; ++ ++ if (use_monotonic) { /* use monotonic clock source ? */ ++ if (clock_gettime(CLOCK_MONOTONIC,&ts) < 0) { ++ perror("clock_gettime"); return; ++ } ++ tv0.tv_sec = ts.tv_sec; ++ tv0.tv_usec = ts.tv_nsec / 1000L; ++ /* Return system time value like it was running accurately */ ++ timeradd( &tv_diff, &tv0, tv ); ++ } else { ++#endif ++ (void) gettimeofday( tv , (struct timezone*) 0 ); ++#ifdef HAVE_LIBRT_MONO ++ } ++#endif ++} +diff -Nru thttpd-2.25b.orig/timers.h thttpd-2.25b/timers.h +--- thttpd-2.25b.orig/timers.h 2001-04-13 08:37:41.000000000 +0300 ++++ thttpd-2.25b/timers.h 2010-07-08 00:09:15.000000000 +0300 +@@ -106,4 +106,7 @@ + /* Generate debugging statistics syslog message. */ + extern void tmr_logstats( long secs ); + ++/* Fill timeval structure for further usage by the package. */ ++extern void tmr_prepare_timeval( struct timeval *tv ); ++ + #endif /* _TIMERS_H_ */ diff --git a/network/thttpd/patches/2.25b/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch b/network/thttpd/patches/2.25b/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch new file mode 100644 index 0000000000..ce915c706b --- /dev/null +++ b/network/thttpd/patches/2.25b/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch @@ -0,0 +1,55 @@ +diff -Naur thttpd-2.25b.orig/cgi-src/Makefile.in thttpd-2.25b/cgi-src/Makefile.in +--- thttpd-2.25b.orig/cgi-src/Makefile.in 2010-10-28 23:33:28.000000000 +0200 ++++ thttpd-2.25b/cgi-src/Makefile.in 2010-10-29 00:05:43.000000000 +0200 +@@ -31,10 +31,9 @@ + MANDIR = @mandir@ + + CC = @CC@ +-CCOPT = @V_CCOPT@ + DEFS = @DEFS@ + INCLS = -I.. +-CFLAGS = $(CCOPT) $(DEFS) $(INCLS) ++CFLAGS += $(DEFS) $(INCLS) + LDFLAGS = @LDFLAGS@ @V_STATICFLAG@ + LIBS = @LIBS@ + NETLIBS = @V_NETLIBS@ +diff -Naur thttpd-2.25b.orig/extras/Makefile.in thttpd-2.25b/extras/Makefile.in +--- thttpd-2.25b.orig/extras/Makefile.in 2010-10-28 23:33:28.000000000 +0200 ++++ thttpd-2.25b/extras/Makefile.in 2010-10-29 00:06:36.000000000 +0200 +@@ -32,11 +32,9 @@ + MANDIR = @mandir@ + + CC = @CC@ +-CCOPT = @V_CCOPT@ + DEFS = @DEFS@ + INCLS = -I.. +-CFLAGS = $(CCOPT) $(DEFS) $(INCLS) +-STATICFLAG = @V_STATICFLAG@ ++CFLAGS += $(DEFS) $(INCLS) + LDFLAGS = @LDFLAGS@ + LIBS = @LIBS@ + NETLIBS = @V_NETLIBS@ +@@ -59,7 +57,7 @@ + $(CC) $(CFLAGS) -DWEBDIR=\"$(WEBDIR)\" -c makeweb.c + + htpasswd: htpasswd.o +- $(CC) $(LDFLAGS) $(STATICFLAG) htpasswd.o -o htpasswd $(LIBS) ++ $(CC) $(LDFLAGS) htpasswd.o -o htpasswd $(LIBS) + + htpasswd.o: htpasswd.c ../config.h + $(CC) $(CFLAGS) -DWEBDIR=\"$(WEBDIR)\" -c htpasswd.c +diff -Naur thttpd-2.25b.orig/Makefile.in thttpd-2.25b/Makefile.in +--- thttpd-2.25b.orig/Makefile.in 2010-10-28 23:33:28.000000000 +0200 ++++ thttpd-2.25b/Makefile.in 2010-10-29 00:05:43.000000000 +0200 +@@ -47,10 +47,9 @@ + # You shouldn't need to edit anything below here. + + CC = @CC@ +-CCOPT = @V_CCOPT@ + DEFS = @DEFS@ + INCLS = -I. +-CFLAGS = $(CCOPT) $(DEFS) $(INCLS) ++CFLAGS += $(DEFS) $(INCLS) + LDFLAGS = @LDFLAGS@ + LIBS = @LIBS@ + NETLIBS = @V_NETLIBS@ diff --git a/network/thttpd/patches/2.25b/thttpd-2.25b-use-Status-header.patch b/network/thttpd/patches/2.25b/thttpd-2.25b-use-Status-header.patch new file mode 100644 index 0000000000..6aaae5a5d9 --- /dev/null +++ b/network/thttpd/patches/2.25b/thttpd-2.25b-use-Status-header.patch @@ -0,0 +1,12 @@ +diff -Naur thttpd-2.25b.orig/libhttpd.c thttpd-2.25b/libhttpd.c +--- thttpd-2.25b.orig/libhttpd.c 2007-10-14 10:09:11.000000000 +0000 ++++ thttpd-2.25b/libhttpd.c 2007-10-14 10:21:37.000000000 +0000 +@@ -3279,7 +3279,7 @@ + cp += strspn( cp, " \t" ); + status = atoi( cp ); + } +- if ( ( cp = strstr( headers, "Location:" ) ) != (char*) 0 && ++ else if ( ( cp = strstr( headers, "Location:" ) ) != (char*) 0 && + cp < br && + ( cp == headers || *(cp-1) == '\012' ) ) + status = 302; diff --git a/network/thttpd/patches/2.25b/thttpd-2.25b-use-X-Forwarded-For-header.patch b/network/thttpd/patches/2.25b/thttpd-2.25b-use-X-Forwarded-For-header.patch new file mode 100644 index 0000000000..0fec25ef7c --- /dev/null +++ b/network/thttpd/patches/2.25b/thttpd-2.25b-use-X-Forwarded-For-header.patch @@ -0,0 +1,15 @@ +--- thttpd-2.25b/libhttpd.c 2003-12-25 20:06:05.000000000 +0100 ++++ thttpd-2.25b-patched/libhttpd.c 2005-01-09 00:26:04.867255248 +0100 +@@ -2207,6 +2207,12 @@ + if ( strcasecmp( cp, "keep-alive" ) == 0 ) + hc->keep_alive = 1; + } ++ else if ( strncasecmp( buf, "X-Forwarded-For:", 16 ) == 0 ) ++ { // Use real IP if available ++ cp = &buf[16]; ++ cp += strspn( cp, " \t" ); ++ inet_aton( cp, &(hc->client_addr.sa_in.sin_addr) ); ++ } + #ifdef LOG_UNKNOWN_HEADERS + else if ( strncasecmp( buf, "Accept-Charset:", 15 ) == 0 || + strncasecmp( buf, "Accept-Language:", 16 ) == 0 || diff --git a/network/thttpd/patches/additional-input-validation-httpd.c.diff b/network/thttpd/patches/additional-input-validation-httpd.c.diff deleted file mode 100644 index 04f59eac8e..0000000000 --- a/network/thttpd/patches/additional-input-validation-httpd.c.diff +++ /dev/null @@ -1,62 +0,0 @@ ---- thttpd-2.25b/extras/htpasswd.c.orig 2006-03-31 04:12:42.281317000 +0000 -+++ thttpd-2.25b/extras/htpasswd.c 2006-03-31 05:21:37.741632392 +0000 -@@ -151,6 +151,7 @@ void interrupted(int signo) { - int main(int argc, char *argv[]) { - FILE *tfp,*f; - char user[MAX_STRING_LEN]; -+ char pwfilename[MAX_STRING_LEN]; - char line[MAX_STRING_LEN]; - char l[MAX_STRING_LEN]; - char w[MAX_STRING_LEN]; -@@ -168,6 +169,25 @@ int main(int argc, char *argv[]) { - perror("fopen"); - exit(1); - } -+ if (strlen(argv[2]) > (sizeof(pwfilename) - 1)) { -+ fprintf(stderr, "%s: filename is too long\n", argv[0]); -+ exit(1); -+ } -+ if (((strchr(argv[2], ';')) != NULL) || ((strchr(argv[2], '>')) != NULL)) { -+ fprintf(stderr, "%s: filename contains an illegal character\n", -+ argv[0]); -+ exit(1); -+ } -+ if (strlen(argv[3]) > (sizeof(user) - 1)) { -+ fprintf(stderr, "%s: username is too long\n", argv[0], -+ sizeof(user) - 1); -+ exit(1); -+ } -+ if ((strchr(argv[3], ':')) != NULL) { -+ fprintf(stderr, "%s: username contains an illegal character\n", -+ argv[0]); -+ exit(1); -+ } - printf("Adding password for %s.\n",argv[3]); - add_password(argv[3],tfp); - fclose(tfp); -@@ -180,6 +200,25 @@ int main(int argc, char *argv[]) { - exit(1); - } - -+ if (strlen(argv[1]) > (sizeof(pwfilename) - 1)) { -+ fprintf(stderr, "%s: filename is too long\n", argv[0]); -+ exit(1); -+ } -+ if (((strchr(argv[1], ';')) != NULL) || ((strchr(argv[1], '>')) != NULL)) { -+ fprintf(stderr, "%s: filename contains an illegal character\n", -+ argv[0]); -+ exit(1); -+ } -+ if (strlen(argv[2]) > (sizeof(user) - 1)) { -+ fprintf(stderr, "%s: username is too long\n", argv[0], -+ sizeof(user) - 1); -+ exit(1); -+ } -+ if ((strchr(argv[2], ':')) != NULL) { -+ fprintf(stderr, "%s: username contains an illegal character\n", -+ argv[0]); -+ exit(1); -+ } - if(!(f = fopen(argv[1],"r"))) { - fprintf(stderr, - "Could not open passwd file %s for reading.\n",argv[1]); diff --git a/network/thttpd/patches/crypt.patch b/network/thttpd/patches/crypt.patch new file mode 100644 index 0000000000..982e6780fc --- /dev/null +++ b/network/thttpd/patches/crypt.patch @@ -0,0 +1,24 @@ +diff -Naur old/extras/htpasswd.c new/extras/htpasswd.c +--- old/extras/htpasswd.c 2014-10-19 10:28:39.782856897 -1000 ++++ new/extras/htpasswd.c 2014-10-19 10:29:12.842911168 -1000 +@@ -8,6 +8,8 @@ + ** if stdin is a pipe or file. This is necessary for use from CGI. + */ + ++#define _XOPEN_SOURCE ++ + #include + #include + #include +diff -Naur old/libhttpd.c new/libhttpd.c +--- old/libhttpd.c 2014-10-19 10:28:39.782856897 -1000 ++++ new/libhttpd.c 2014-10-19 10:29:01.679559501 -1000 +@@ -39,6 +39,8 @@ + #include + #include + ++#define __USE_XOPEN ++ + #include + #include + #include diff --git a/network/thttpd/patches/discreet.patch b/network/thttpd/patches/discreet.patch new file mode 100644 index 0000000000..14c84e0f00 --- /dev/null +++ b/network/thttpd/patches/discreet.patch @@ -0,0 +1,37 @@ +diff -Naur old/libhttpd.c new/libhttpd.c +--- old/libhttpd.c 2014-08-15 11:32:31.040595413 +0900 ++++ new/libhttpd.c 2014-08-15 11:34:57.690595931 +0900 +@@ -754,7 +754,7 @@ + %d %s\n\ + \n\ + \n\ +- \n\ ++ \n\ + \n\ +

%d %s

\n", + status, title, status, title ); +@@ -780,14 +780,9 @@ + char buf[1000]; + + (void) my_snprintf( buf, sizeof(buf), "\ +-
\n\ +-\n\ +-
%s
\n\ +-\n\ + \n\ + \n\ +-\n", +- SERVER_ADDRESS, EXPOSED_SERVER_SOFTWARE ); ++\n" ); + add_response( hc, buf ); + } + +@@ -2798,7 +2793,7 @@ + Index of %.80s\n\ + \n\ + \n\ +- \n\ ++ \n\ + \n\ +

Index of %.80s

\n\ + \n\ diff --git a/network/thttpd/patches/fix-buffer-overflow.diff b/network/thttpd/patches/fix-buffer-overflow.diff deleted file mode 100644 index cacd732148..0000000000 --- a/network/thttpd/patches/fix-buffer-overflow.diff +++ /dev/null @@ -1,21 +0,0 @@ -diff -Nrup thttpd-2.25b.orig/libhttpd.c thttpd-2.25b/libhttpd.c ---- thttpd-2.25b.orig/libhttpd.c 2003-12-25 19:06:05.000000000 +0000 -+++ thttpd-2.25b/libhttpd.c 2007-01-08 21:43:28.000000000 +0000 -@@ -1469,7 +1469,7 @@ expand_symlinks( char* path, char** rest - httpd_realloc_str( &checked, &maxchecked, checkedlen ); - (void) strcpy( checked, path ); - /* Trim trailing slashes. */ -- while ( checked[checkedlen - 1] == '/' ) -+ while ( checkedlen && checked[checkedlen - 1] == '/' ) - { - checked[checkedlen - 1] = '\0'; - --checkedlen; -@@ -1488,7 +1488,7 @@ expand_symlinks( char* path, char** rest - restlen = strlen( path ); - httpd_realloc_str( &rest, &maxrest, restlen ); - (void) strcpy( rest, path ); -- if ( rest[restlen - 1] == '/' ) -+ if ( restlen && rest[restlen - 1] == '/' ) - rest[--restlen] = '\0'; /* trim trailing slash */ - if ( ! tildemapped ) - /* Remove any leading slashes. */ diff --git a/network/thttpd/patches/fix-insecure-tmp-creation-CVE-2005-3124.diff b/network/thttpd/patches/fix-insecure-tmp-creation-CVE-2005-3124.diff deleted file mode 100644 index c41ec46b97..0000000000 --- a/network/thttpd/patches/fix-insecure-tmp-creation-CVE-2005-3124.diff +++ /dev/null @@ -1,19 +0,0 @@ -diff -ru thttpd-2.23beta1.orig/extras/syslogtocern thttpd-2.23beta1/extras/syslogtocern ---- thttpd-2.23beta1.orig/extras/syslogtocern 1999-09-15 18:00:54.000000000 +0200 -+++ thttpd-2.23beta1/extras/syslogtocern 2005-10-26 01:45:34.000000000 +0200 -@@ -31,8 +31,8 @@ - exit 1 - fi - --tmp1=/tmp/stc1.$$ --rm -f $tmp1 -+tmp1=``mktemp -t stc1.XXXXXX` || { echo "$0: Cannot create temporary file" >&2; exit 1; } -+trap " [ -f \"$tmp1\" ] && /bin/rm -f -- \"$tmp1\"" 0 1 2 3 13 15 - - # Gather up all the thttpd entries. - egrep ' thttpd\[' $* > $tmp1 -@@ -65,4 +65,3 @@ - sed -e "s,\([A-Z][a-z][a-z] [0-9 ][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9]\) [^ ]* thttpd\[[0-9]*\]: \(.*\),[\1 ${year}] \2," > error_log - - # Done. --rm -f $tmp1 diff --git a/network/thttpd/patches/fix-world-readable-log.patch b/network/thttpd/patches/fix-world-readable-log.patch new file mode 100644 index 0000000000..40b06203d2 --- /dev/null +++ b/network/thttpd/patches/fix-world-readable-log.patch @@ -0,0 +1,59 @@ +From d2e186dbd58d274a0dea9b59357edc8498b5388d Mon Sep 17 00:00:00 2001 +From: "Anthony G. Basile" +Date: Tue, 26 Feb 2013 14:28:26 -0500 +Subject: [PATCH] src/thttpd.c: Fix world readable log, CVE-2013-0348. + +Make sure that the logfile is created or reopened as read/write +by thttpd user only. + +X-gentoo-Bug: 458896 +X-gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=458896 +Reported-by: Agostino Sarubbo +Signed-off-by: Anthony G. Basile +--- + thttpd.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/thttpd.c b/thttpd.c +index 019b8c0..f33a7a7 100644 +--- a/thttpd.c ++++ b/thttpd.c +@@ -326,6 +326,7 @@ static void + re_open_logfile( void ) + { + FILE* logfp; ++ int retchmod; + + if ( no_log || hs == (httpd_server*) 0 ) + return; +@@ -335,7 +336,8 @@ re_open_logfile( void ) + { + syslog( LOG_NOTICE, "re-opening logfile" ); + logfp = fopen( logfile, "a" ); +- if ( logfp == (FILE*) 0 ) ++ retchmod = chmod( logfile, S_IRUSR|S_IWUSR ); ++ if ( logfp == (FILE*) 0 || retchmod != 0 ) + { + syslog( LOG_CRIT, "re-opening %.80s - %m", logfile ); + return; +@@ -355,6 +357,7 @@ main( int argc, char** argv ) + gid_t gid = 32767; + char cwd[MAXPATHLEN+1]; + FILE* logfp; ++ int retchmod; + int num_ready; + int cnum; + connecttab* c; +@@ -424,7 +427,8 @@ main( int argc, char** argv ) + else + { + logfp = fopen( logfile, "a" ); +- if ( logfp == (FILE*) 0 ) ++ retchmod = chmod( logfile, S_IRUSR|S_IWUSR ); ++ if ( logfp == (FILE*) 0 || retchmod != 0 ) + { + syslog( LOG_CRIT, "%.80s - %m", logfile ); + perror( logfile ); +-- +1.7.12.4 + diff --git a/network/thttpd/patches/forwarded-for.patch b/network/thttpd/patches/forwarded-for.patch new file mode 100644 index 0000000000..348eb00cf2 --- /dev/null +++ b/network/thttpd/patches/forwarded-for.patch @@ -0,0 +1,16 @@ +diff -Naur old/libhttpd.c new/libhttpd.c +--- old/libhttpd.c 2005-06-30 03:50:39.000000000 +1000 ++++ new/libhttpd.c 2012-10-24 12:12:17.144560917 +1100 +@@ -2207,6 +2207,12 @@ + if ( strcasecmp( cp, "keep-alive" ) == 0 ) + hc->keep_alive = 1; + } ++ else if ( strncasecmp( buf, "X-Forwarded-For:", 16 ) == 0 ) ++ { ++ cp = &buf[16]; ++ cp += strspn( cp, " \t" ); ++ inet_aton( cp, &(hc->client_addr.sa_in.sin_addr) ); ++ } + #ifdef LOG_UNKNOWN_HEADERS + else if ( strncasecmp( buf, "Accept-Charset:", 15 ) == 0 || + strncasecmp( buf, "Accept-Language:", 16 ) == 0 || diff --git a/network/thttpd/patches/thttpd-2.25b-fix-illegal-path-info.patch b/network/thttpd/patches/thttpd-2.25b-fix-illegal-path-info.patch deleted file mode 100644 index d1688f1446..0000000000 --- a/network/thttpd/patches/thttpd-2.25b-fix-illegal-path-info.patch +++ /dev/null @@ -1,17 +0,0 @@ -diff -Naur thttpd-2.25b.orig/libhttpd.c thttpd-2.25b/libhttpd.c ---- thttpd-2.25b.orig/libhttpd.c 2007-10-14 10:09:55.000000000 +0000 -+++ thttpd-2.25b/libhttpd.c 2007-10-14 10:09:11.000000000 +0000 -@@ -2322,8 +2320,11 @@ - { - int i; - i = strlen( hc->origfilename ) - strlen( hc->pathinfo ); -- if ( i > 0 && strcmp( &hc->origfilename[i], hc->pathinfo ) == 0 ) -- hc->origfilename[i - 1] = '\0'; -+ if ( strcmp( &hc->origfilename[i], hc->pathinfo ) == 0 ) -+ { -+ if ( i == 0 ) hc->origfilename[0] = '\0'; -+ else hc->origfilename[i - 1] = '\0'; -+ } - } - - /* If the expanded filename is an absolute path, check that it's still diff --git a/network/thttpd/patches/thttpd-2.25b-glibc-2.10.patch b/network/thttpd/patches/thttpd-2.25b-glibc-2.10.patch deleted file mode 100644 index c97227827e..0000000000 --- a/network/thttpd/patches/thttpd-2.25b-glibc-2.10.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -ur thttpd-2.25b.orig/extras/htpasswd.c thttpd-2.25b/extras/htpasswd.c ---- thttpd-2.25b.orig/extras/htpasswd.c 2001-12-19 02:08:08.000000000 +0200 -+++ thttpd-2.25b/extras/htpasswd.c 2009-08-09 16:40:06.000000000 +0300 -@@ -49,7 +49,7 @@ - while((line[y++] = line[x++])); - } - --static int getline(char *s, int n, FILE *f) { -+static int get_line(char *s, int n, FILE *f) { - register int i=0; - - while(1) { -@@ -189,7 +189,7 @@ - strcpy(user,argv[2]); - - found = 0; -- while(!(getline(line,MAX_STRING_LEN,f))) { -+ while(!(get_line(line,MAX_STRING_LEN,f))) { - if(found || (line[0] == '#') || (!line[0])) { - putline(tfp,line); - continue; diff --git a/network/thttpd/patches/thttpd-2.25b-monolithic-timer.patch b/network/thttpd/patches/thttpd-2.25b-monolithic-timer.patch deleted file mode 100644 index 9ff38aec45..0000000000 --- a/network/thttpd/patches/thttpd-2.25b-monolithic-timer.patch +++ /dev/null @@ -1,126 +0,0 @@ -diff -Nru thttpd-2.25b.orig/configure.in thttpd-2.25b/configure.in ---- thttpd-2.25b.orig/configure.in 2003-12-25 20:41:13.000000000 +0200 -+++ thttpd-2.25b/configure.in 2010-07-08 00:04:25.000000000 +0300 -@@ -123,6 +123,8 @@ - ;; - esac - -+AC_CHECK_LIB(rt, clock_gettime) -+ - AC_ACME_TM_GMTOFF - AC_ACME_INT64T - AC_ACME_SOCKLENT -diff -Nru thttpd-2.25b.orig/thttpd.c thttpd-2.25b/thttpd.c ---- thttpd-2.25b.orig/thttpd.c 2003-12-25 21:06:52.000000000 +0200 -+++ thttpd-2.25b/thttpd.c 2010-07-08 00:41:28.000000000 +0300 -@@ -742,7 +742,7 @@ - } - - /* Main loop. */ -- (void) gettimeofday( &tv, (struct timezone*) 0 ); -+ tmr_prepare_timeval( &tv ); - while ( ( ! terminate ) || num_connects > 0 ) - { - /* Do we need to re-open the log file? */ -@@ -761,7 +761,7 @@ - syslog( LOG_ERR, "fdwatch - %m" ); - exit( 1 ); - } -- (void) gettimeofday( &tv, (struct timezone*) 0 ); -+ tmr_prepare_timeval( &tv ); - - if ( num_ready == 0 ) - { -diff -Nru thttpd-2.25b.orig/timers.c thttpd-2.25b/timers.c ---- thttpd-2.25b.orig/timers.c 2002-08-22 04:04:12.000000000 +0300 -+++ thttpd-2.25b/timers.c 2010-07-08 11:47:03.000000000 +0300 -@@ -41,7 +41,13 @@ - - ClientData JunkClientData; - -- -+#undef HAVE_LIBRT_MONO -+#if defined(HAVE_LIBRT) && defined(CLOCK_MONOTONIC) -+#define HAVE_LIBRT_MONO -+#include -+static int use_monotonic = 0; /* monotonic clock runtime availability flag */ -+static struct timeval tv_diff; /* system time - monotonic difference at start */ -+#endif - - static unsigned int - hash( Timer* t ) -@@ -145,6 +151,26 @@ - timers[h] = (Timer*) 0; - free_timers = (Timer*) 0; - alloc_count = active_count = free_count = 0; -+ -+ /* Check for monotonic clock availability */ -+#ifdef HAVE_LIBRT_MONO -+ struct timespec ts; -+ struct timeval tv_start, tv; -+ -+ /* Try to get monotonic clock time */ -+ if (clock_gettime(CLOCK_MONOTONIC, &ts) == 0) { -+ use_monotonic = 1; -+ -+ /* Get current system time */ -+ (void) gettimeofday( &tv_start , (struct timezone*) 0 ); -+ tv.tv_sec = ts.tv_sec; -+ tv.tv_usec = ts.tv_nsec / 1000L; -+ /* Calculate and save the difference: tv_start is since the Epoch, so tv_start > ts -+ tv_diff = tv_start - tv */ -+ timersub( &tv_start, &tv, &tv_diff ); -+ } -+#endif -+ - } - - -@@ -176,7 +202,7 @@ - if ( nowP != (struct timeval*) 0 ) - t->time = *nowP; - else -- (void) gettimeofday( &t->time, (struct timezone*) 0 ); -+ tmr_prepare_timeval( &t->time ); - t->time.tv_sec += msecs / 1000L; - t->time.tv_usec += ( msecs % 1000L ) * 1000L; - if ( t->time.tv_usec >= 1000000L ) -@@ -349,3 +375,27 @@ - if ( active_count + free_count != alloc_count ) - syslog( LOG_ERR, "timer counts don't add up!" ); - } -+ -+/* Fill timeval structure for further usage by the package. */ -+void -+tmr_prepare_timeval( struct timeval *tv ) -+{ -+#ifdef HAVE_LIBRT_MONO -+ struct timespec ts; -+ struct timeval tv0; -+ -+ if (use_monotonic) { /* use monotonic clock source ? */ -+ if (clock_gettime(CLOCK_MONOTONIC,&ts) < 0) { -+ perror("clock_gettime"); return; -+ } -+ tv0.tv_sec = ts.tv_sec; -+ tv0.tv_usec = ts.tv_nsec / 1000L; -+ /* Return system time value like it was running accurately */ -+ timeradd( &tv_diff, &tv0, tv ); -+ } else { -+#endif -+ (void) gettimeofday( tv , (struct timezone*) 0 ); -+#ifdef HAVE_LIBRT_MONO -+ } -+#endif -+} -diff -Nru thttpd-2.25b.orig/timers.h thttpd-2.25b/timers.h ---- thttpd-2.25b.orig/timers.h 2001-04-13 08:37:41.000000000 +0300 -+++ thttpd-2.25b/timers.h 2010-07-08 00:09:15.000000000 +0300 -@@ -106,4 +106,7 @@ - /* Generate debugging statistics syslog message. */ - extern void tmr_logstats( long secs ); - -+/* Fill timeval structure for further usage by the package. */ -+extern void tmr_prepare_timeval( struct timeval *tv ); -+ - #endif /* _TIMERS_H_ */ diff --git a/network/thttpd/patches/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch b/network/thttpd/patches/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch deleted file mode 100644 index ce915c706b..0000000000 --- a/network/thttpd/patches/thttpd-2.25b-respect-CFLAGS--dont-link-static.patch +++ /dev/null @@ -1,55 +0,0 @@ -diff -Naur thttpd-2.25b.orig/cgi-src/Makefile.in thttpd-2.25b/cgi-src/Makefile.in ---- thttpd-2.25b.orig/cgi-src/Makefile.in 2010-10-28 23:33:28.000000000 +0200 -+++ thttpd-2.25b/cgi-src/Makefile.in 2010-10-29 00:05:43.000000000 +0200 -@@ -31,10 +31,9 @@ - MANDIR = @mandir@ - - CC = @CC@ --CCOPT = @V_CCOPT@ - DEFS = @DEFS@ - INCLS = -I.. --CFLAGS = $(CCOPT) $(DEFS) $(INCLS) -+CFLAGS += $(DEFS) $(INCLS) - LDFLAGS = @LDFLAGS@ @V_STATICFLAG@ - LIBS = @LIBS@ - NETLIBS = @V_NETLIBS@ -diff -Naur thttpd-2.25b.orig/extras/Makefile.in thttpd-2.25b/extras/Makefile.in ---- thttpd-2.25b.orig/extras/Makefile.in 2010-10-28 23:33:28.000000000 +0200 -+++ thttpd-2.25b/extras/Makefile.in 2010-10-29 00:06:36.000000000 +0200 -@@ -32,11 +32,9 @@ - MANDIR = @mandir@ - - CC = @CC@ --CCOPT = @V_CCOPT@ - DEFS = @DEFS@ - INCLS = -I.. --CFLAGS = $(CCOPT) $(DEFS) $(INCLS) --STATICFLAG = @V_STATICFLAG@ -+CFLAGS += $(DEFS) $(INCLS) - LDFLAGS = @LDFLAGS@ - LIBS = @LIBS@ - NETLIBS = @V_NETLIBS@ -@@ -59,7 +57,7 @@ - $(CC) $(CFLAGS) -DWEBDIR=\"$(WEBDIR)\" -c makeweb.c - - htpasswd: htpasswd.o -- $(CC) $(LDFLAGS) $(STATICFLAG) htpasswd.o -o htpasswd $(LIBS) -+ $(CC) $(LDFLAGS) htpasswd.o -o htpasswd $(LIBS) - - htpasswd.o: htpasswd.c ../config.h - $(CC) $(CFLAGS) -DWEBDIR=\"$(WEBDIR)\" -c htpasswd.c -diff -Naur thttpd-2.25b.orig/Makefile.in thttpd-2.25b/Makefile.in ---- thttpd-2.25b.orig/Makefile.in 2010-10-28 23:33:28.000000000 +0200 -+++ thttpd-2.25b/Makefile.in 2010-10-29 00:05:43.000000000 +0200 -@@ -47,10 +47,9 @@ - # You shouldn't need to edit anything below here. - - CC = @CC@ --CCOPT = @V_CCOPT@ - DEFS = @DEFS@ - INCLS = -I. --CFLAGS = $(CCOPT) $(DEFS) $(INCLS) -+CFLAGS += $(DEFS) $(INCLS) - LDFLAGS = @LDFLAGS@ - LIBS = @LIBS@ - NETLIBS = @V_NETLIBS@ diff --git a/network/thttpd/patches/thttpd-2.25b-use-Status-header.patch b/network/thttpd/patches/thttpd-2.25b-use-Status-header.patch deleted file mode 100644 index 6aaae5a5d9..0000000000 --- a/network/thttpd/patches/thttpd-2.25b-use-Status-header.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Naur thttpd-2.25b.orig/libhttpd.c thttpd-2.25b/libhttpd.c ---- thttpd-2.25b.orig/libhttpd.c 2007-10-14 10:09:11.000000000 +0000 -+++ thttpd-2.25b/libhttpd.c 2007-10-14 10:21:37.000000000 +0000 -@@ -3279,7 +3279,7 @@ - cp += strspn( cp, " \t" ); - status = atoi( cp ); - } -- if ( ( cp = strstr( headers, "Location:" ) ) != (char*) 0 && -+ else if ( ( cp = strstr( headers, "Location:" ) ) != (char*) 0 && - cp < br && - ( cp == headers || *(cp-1) == '\012' ) ) - status = 302; diff --git a/network/thttpd/patches/thttpd-2.25b-use-X-Forwarded-For-header.patch b/network/thttpd/patches/thttpd-2.25b-use-X-Forwarded-For-header.patch deleted file mode 100644 index 0fec25ef7c..0000000000 --- a/network/thttpd/patches/thttpd-2.25b-use-X-Forwarded-For-header.patch +++ /dev/null @@ -1,15 +0,0 @@ ---- thttpd-2.25b/libhttpd.c 2003-12-25 20:06:05.000000000 +0100 -+++ thttpd-2.25b-patched/libhttpd.c 2005-01-09 00:26:04.867255248 +0100 -@@ -2207,6 +2207,12 @@ - if ( strcasecmp( cp, "keep-alive" ) == 0 ) - hc->keep_alive = 1; - } -+ else if ( strncasecmp( buf, "X-Forwarded-For:", 16 ) == 0 ) -+ { // Use real IP if available -+ cp = &buf[16]; -+ cp += strspn( cp, " \t" ); -+ inet_aton( cp, &(hc->client_addr.sa_in.sin_addr) ); -+ } - #ifdef LOG_UNKNOWN_HEADERS - else if ( strncasecmp( buf, "Accept-Charset:", 15 ) == 0 || - strncasecmp( buf, "Accept-Language:", 16 ) == 0 || -- cgit v1.2.3