summaryrefslogtreecommitdiffstats
path: root/httpd-2.4.2-r1346905.patch
diff options
context:
space:
mode:
authorRemi Collet <fedora@famillecollet.com>2012-06-09 10:58:17 +0200
committerRemi Collet <fedora@famillecollet.com>2012-06-09 10:58:17 +0200
commite26c4bfaba5c888e3fe9a227c6ee805c4e3379f1 (patch)
tree0faf8862537e5ac89b1a851758c72617a2dd4767 /httpd-2.4.2-r1346905.patch
parenta0b7d94015d8356e3d8b0a6f35877578512e0f5b (diff)
httpd: sync with rawhide, backport for remi-dev
Diffstat (limited to 'httpd-2.4.2-r1346905.patch')
-rw-r--r--httpd-2.4.2-r1346905.patch65
1 files changed, 65 insertions, 0 deletions
diff --git a/httpd-2.4.2-r1346905.patch b/httpd-2.4.2-r1346905.patch
new file mode 100644
index 0000000..e94558e
--- /dev/null
+++ b/httpd-2.4.2-r1346905.patch
@@ -0,0 +1,65 @@
+# ./pullrev.sh 1346905
+
+https://bugzilla.redhat.com/show_bug.cgi?id=818684
+
+http://svn.apache.org/viewvc?view=revision&revision=1346905
+
+--- httpd-2.4.2/support/htdbm.c
++++ httpd-2.4.2/support/htdbm.c
+@@ -288,6 +288,9 @@
+ {
+ char cpw[MAX_STRING_LEN];
+ char salt[9];
++#if (!(defined(WIN32) || defined(NETWARE)))
++ char *cbuf;
++#endif
+
+ switch (htdbm->alg) {
+ case ALG_APSHA:
+@@ -315,7 +318,15 @@
+ (void) srand((int) time((time_t *) NULL));
+ to64(&salt[0], rand(), 8);
+ salt[8] = '\0';
+- apr_cpystrn(cpw, crypt(htdbm->userpass, salt), sizeof(cpw) - 1);
++ cbuf = crypt(htdbm->userpass, salt);
++ if (cbuf == NULL) {
++ char errbuf[128];
++
++ fprintf(stderr, "crypt() failed: %s\n",
++ apr_strerror(errno, errbuf, sizeof errbuf));
++ exit(ERR_PWMISMATCH);
++ }
++ apr_cpystrn(cpw, cbuf, sizeof(cpw) - 1);
+ fprintf(stderr, "CRYPT is now deprecated, use MD5 instead!\n");
+ #endif
+ default:
+--- httpd-2.4.2/support/htpasswd.c
++++ httpd-2.4.2/support/htpasswd.c
+@@ -174,6 +174,9 @@
+ char pwv[MAX_STRING_LEN];
+ char salt[9];
+ apr_size_t bufsize;
++#if CRYPT_ALGO_SUPPORTED
++ char *cbuf;
++#endif
+
+ if (passwd != NULL) {
+ pw = passwd;
+@@ -226,7 +229,16 @@
+ to64(&salt[0], rand(), 8);
+ salt[8] = '\0';
+
+- apr_cpystrn(cpw, crypt(pw, salt), sizeof(cpw) - 1);
++ cbuf = crypt(pw, salt);
++ if (cbuf == NULL) {
++ char errbuf[128];
++
++ apr_snprintf(record, rlen-1, "crypt() failed: %s",
++ apr_strerror(errno, errbuf, sizeof errbuf));
++ return ERR_PWMISMATCH;
++ }
++
++ apr_cpystrn(cpw, cbuf, sizeof(cpw) - 1);
+ if (strlen(pw) > 8) {
+ char *truncpw = strdup(pw);
+ truncpw[8] = '\0';