diff options
author | Michael Stewart <vericgar@gentoo.org> | 2006-05-15 23:45:12 +0000 |
---|---|---|
committer | Michael Stewart <vericgar@gentoo.org> | 2006-05-15 23:45:12 +0000 |
commit | 4f71aeb3d29c017bf6c0f1ce9903dbf164e5cb59 (patch) | |
tree | d49ccb0ff96dc32df26e9271ad16dd9a3b1cc48d /2.0 | |
parent | Rewritten patch for AddDirectoryIndex that fixes the segfaults from bug 106808. (diff) | |
download | apache-4f71aeb3d29c017bf6c0f1ce9903dbf164e5cb59.tar.gz apache-4f71aeb3d29c017bf6c0f1ce9903dbf164e5cb59.tar.bz2 apache-4f71aeb3d29c017bf6c0f1ce9903dbf164e5cb59.zip |
Patch cleanup in preperation for 2.0.58:
* Updated mpm-peruser to 0.2.0 - Should fix bug 125244 and maybe bug 105778
* Removed CVE patches that are included included upstream
Diffstat (limited to '2.0')
-rw-r--r-- | 2.0/patches/05_all_peruser-0.2.0.patch (renamed from 2.0/patches/05_all_peruser-0.1.6.patch) | 379 | ||||
-rw-r--r-- | 2.0/patches/10_all_peruser-0.1.6-brigadefix.patch | 14 | ||||
-rw-r--r-- | 2.0/patches/99_all_2.0.55-cve-2005-3352.patch | 35 | ||||
-rw-r--r-- | 2.0/patches/99_all_2.0.55-cve-2005-3357.patch | 21 |
4 files changed, 259 insertions, 190 deletions
diff --git a/2.0/patches/05_all_peruser-0.1.6.patch b/2.0/patches/05_all_peruser-0.2.0.patch index f558520..61bff34 100644 --- a/2.0/patches/05_all_peruser-0.1.6.patch +++ b/2.0/patches/05_all_peruser-0.2.0.patch @@ -1,6 +1,6 @@ -diff -Nur httpd-2.0.52/server/mpm/config.m4 httpd-2.0.52-peruser/server/mpm/config.m4 ---- httpd-2.0.52/server/mpm/config.m4 2003-03-11 00:07:52.000000000 -0700 -+++ httpd-2.0.52-peruser/server/mpm/config.m4 2005-07-12 01:57:22.000000000 -0600 +diff -Nur httpd-2.0.55/server/mpm/config.m4 httpd-2.0.55-new/server/mpm/config.m4 +--- httpd-2.0.55/server/mpm/config.m4 2004-11-24 12:31:09.000000000 -0700 ++++ httpd-2.0.55-new/server/mpm/config.m4 2006-03-02 01:12:04.000000000 -0700 @@ -1,7 +1,7 @@ AC_MSG_CHECKING(which MPM to use) AC_ARG_WITH(mpm, @@ -19,26 +19,26 @@ diff -Nur httpd-2.0.52/server/mpm/config.m4 httpd-2.0.52-peruser/server/mpm/conf AC_MSG_WARN(You have selected an EXPERIMENTAL MPM. Be warned!) MPM_SUBDIR_NAME=experimental/$MPM_NAME else -diff -Nur httpd-2.0.52/server/mpm/experimental/peruser/Makefile.in httpd-2.0.52-peruser/server/mpm/experimental/peruser/Makefile.in ---- httpd-2.0.52/server/mpm/experimental/peruser/Makefile.in 1969-12-31 17:00:00.000000000 -0700 -+++ httpd-2.0.52-peruser/server/mpm/experimental/peruser/Makefile.in 2005-07-12 01:57:22.000000000 -0600 +diff -Nur httpd-2.0.55/server/mpm/experimental/peruser/config.m4 httpd-2.0.55-new/server/mpm/experimental/peruser/config.m4 +--- httpd-2.0.55/server/mpm/experimental/peruser/config.m4 1969-12-31 17:00:00.000000000 -0700 ++++ httpd-2.0.55-new/server/mpm/experimental/peruser/config.m4 2006-03-02 01:12:04.000000000 -0700 +@@ -0,0 +1,3 @@ ++if test "$MPM_NAME" = "peruser" ; then ++ APACHE_FAST_OUTPUT(server/mpm/experimental/$MPM_NAME/Makefile) ++fi +diff -Nur httpd-2.0.55/server/mpm/experimental/peruser/Makefile.in httpd-2.0.55-new/server/mpm/experimental/peruser/Makefile.in +--- httpd-2.0.55/server/mpm/experimental/peruser/Makefile.in 1969-12-31 17:00:00.000000000 -0700 ++++ httpd-2.0.55-new/server/mpm/experimental/peruser/Makefile.in 2006-03-02 01:12:04.000000000 -0700 @@ -0,0 +1,5 @@ + +LTLIBRARY_NAME = libperuser.la +LTLIBRARY_SOURCES = peruser.c + +include $(top_srcdir)/build/ltlib.mk -diff -Nur httpd-2.0.52/server/mpm/experimental/peruser/config.m4 httpd-2.0.52-peruser/server/mpm/experimental/peruser/config.m4 ---- httpd-2.0.52/server/mpm/experimental/peruser/config.m4 1969-12-31 17:00:00.000000000 -0700 -+++ httpd-2.0.52-peruser/server/mpm/experimental/peruser/config.m4 2005-07-12 01:57:22.000000000 -0600 -@@ -0,0 +1,3 @@ -+if test "$MPM_NAME" = "peruser" ; then -+ APACHE_FAST_OUTPUT(server/mpm/experimental/$MPM_NAME/Makefile) -+fi -diff -Nur httpd-2.0.52/server/mpm/experimental/peruser/mpm.h httpd-2.0.52-peruser/server/mpm/experimental/peruser/mpm.h ---- httpd-2.0.52/server/mpm/experimental/peruser/mpm.h 1969-12-31 17:00:00.000000000 -0700 -+++ httpd-2.0.52-peruser/server/mpm/experimental/peruser/mpm.h 2005-07-12 01:57:22.000000000 -0600 -@@ -0,0 +1,103 @@ +diff -Nur httpd-2.0.55/server/mpm/experimental/peruser/mpm_default.h httpd-2.0.55-new/server/mpm/experimental/peruser/mpm_default.h +--- httpd-2.0.55/server/mpm/experimental/peruser/mpm_default.h 1969-12-31 17:00:00.000000000 -0700 ++++ httpd-2.0.55-new/server/mpm/experimental/peruser/mpm_default.h 2006-03-02 01:12:04.000000000 -0700 +@@ -0,0 +1,110 @@ +/* ==================================================================== + * The Apache Software License, Version 1.1 + * @@ -97,55 +97,62 @@ diff -Nur httpd-2.0.52/server/mpm/experimental/peruser/mpm.h httpd-2.0.52-peruse + * University of Illinois, Urbana-Champaign. + */ + -+#include "httpd.h" -+#include "mpm_default.h" -+#include "scoreboard.h" -+#include "unixd.h" ++#ifndef APACHE_MPM_DEFAULT_H ++#define APACHE_MPM_DEFAULT_H + -+#ifndef APACHE_MPM_PERUSER_H -+#define APACHE_MPM_PERUSER_H ++/* Number of processors to spawn off for each ServerEnvironment by default */ + -+#define PERUSER_MPM ++#ifndef DEFAULT_START_PROCESSORS ++#define DEFAULT_START_PROCESSORS 0 ++#endif + -+#define MPM_NAME "Peruser" ++/* Minimum number of running processors per ServerEnvironment */ + -+#define AP_MPM_WANT_RECLAIM_CHILD_PROCESSES -+#define AP_MPM_WANT_WAIT_OR_TIMEOUT -+#define AP_MPM_WANT_PROCESS_CHILD_STATUS -+#define AP_MPM_WANT_SET_PIDFILE -+#define AP_MPM_WANT_SET_SCOREBOARD -+#define AP_MPM_WANT_SET_LOCKFILE -+#define AP_MPM_WANT_SET_MAX_REQUESTS -+#define AP_MPM_WANT_SET_COREDUMPDIR -+#define AP_MPM_WANT_SET_ACCEPT_LOCK_MECH -+#define AP_MPM_WANT_SIGNAL_SERVER -+#define AP_MPM_WANT_SET_MAX_MEM_FREE -+#define AP_MPM_DISABLE_NAGLE_ACCEPTED_SOCK ++#ifndef DEFAULT_MIN_PROCESSORS ++#define DEFAULT_MIN_PROCESSORS 0 ++#endif + -+#define AP_MPM_USES_POD 1 -+#define MPM_CHILD_PID(i) (ap_scoreboard_image->parent[i].pid) -+#define MPM_NOTE_CHILD_KILLED(i) (MPM_CHILD_PID(i) = 0) -+#define MPM_ACCEPT_FUNC unixd_accept ++/* Minimum --- fewer than this, and more will be created */ + -+extern int ap_threads_per_child; -+extern int ap_max_daemons_limit; -+extern server_rec *ap_server_conf; ++#ifndef DEFAULT_MIN_FREE_PROCESSORS ++#define DEFAULT_MIN_FREE_PROCESSORS 2 ++#endif + -+/* Table of child status */ -+#define SERVER_DEAD 0 -+#define SERVER_DYING 1 -+#define SERVER_ALIVE 2 ++/* Maximum processors per ServerEnvironment */ + -+typedef struct ap_ctable { -+ pid_t pid; -+ unsigned char status; -+} ap_ctable; ++#ifndef DEFAULT_MAX_PROCESSORS ++#define DEFAULT_MAX_PROCESSORS 10 ++#endif + -+#endif /* APACHE_MPM_PERUSER_H */ -diff -Nur httpd-2.0.52/server/mpm/experimental/peruser/mpm_default.h httpd-2.0.52-peruser/server/mpm/experimental/peruser/mpm_default.h ---- httpd-2.0.52/server/mpm/experimental/peruser/mpm_default.h 1969-12-31 17:00:00.000000000 -0700 -+++ httpd-2.0.52-peruser/server/mpm/experimental/peruser/mpm_default.h 2005-07-12 01:57:22.000000000 -0600 -@@ -0,0 +1,110 @@ ++/* File used for accept locking, when we use a file */ ++#ifndef DEFAULT_LOCKFILE ++#define DEFAULT_LOCKFILE DEFAULT_REL_RUNTIMEDIR "/accept.lock" ++#endif ++ ++/* Where the main/parent process's pid is logged */ ++#ifndef DEFAULT_PIDLOG ++#define DEFAULT_PIDLOG DEFAULT_REL_RUNTIMEDIR "/httpd.pid" ++#endif ++ ++/* ++ * Interval, in microseconds, between scoreboard maintenance. ++ */ ++#ifndef SCOREBOARD_MAINTENANCE_INTERVAL ++#define SCOREBOARD_MAINTENANCE_INTERVAL 1000000 ++#endif ++ ++/* Number of requests to try to handle in a single process. If <= 0, ++ * the children don't die off. ++ */ ++#ifndef DEFAULT_MAX_REQUESTS_PER_CHILD ++#define DEFAULT_MAX_REQUESTS_PER_CHILD 10000 ++#endif ++ ++#endif /* AP_MPM_DEFAULT_H */ +diff -Nur httpd-2.0.55/server/mpm/experimental/peruser/mpm.h httpd-2.0.55-new/server/mpm/experimental/peruser/mpm.h +--- httpd-2.0.55/server/mpm/experimental/peruser/mpm.h 1969-12-31 17:00:00.000000000 -0700 ++++ httpd-2.0.55-new/server/mpm/experimental/peruser/mpm.h 2006-03-02 01:12:04.000000000 -0700 +@@ -0,0 +1,103 @@ +/* ==================================================================== + * The Apache Software License, Version 1.1 + * @@ -204,62 +211,55 @@ diff -Nur httpd-2.0.52/server/mpm/experimental/peruser/mpm_default.h httpd-2.0.5 + * University of Illinois, Urbana-Champaign. + */ + -+#ifndef APACHE_MPM_DEFAULT_H -+#define APACHE_MPM_DEFAULT_H -+ -+/* Number of processors to spawn off for each ServerEnvironment by default */ -+ -+#ifndef DEFAULT_START_PROCESSORS -+#define DEFAULT_START_PROCESSORS 0 -+#endif -+ -+/* Minimum number of running processors per ServerEnvironment */ -+ -+#ifndef DEFAULT_MIN_PROCESSORS -+#define DEFAULT_MIN_PROCESSORS 0 -+#endif ++#include "httpd.h" ++#include "mpm_default.h" ++#include "scoreboard.h" ++#include "unixd.h" + -+/* Minimum --- fewer than this, and more will be created */ ++#ifndef APACHE_MPM_PERUSER_H ++#define APACHE_MPM_PERUSER_H + -+#ifndef DEFAULT_MIN_FREE_PROCESSORS -+#define DEFAULT_MIN_FREE_PROCESSORS 2 -+#endif ++#define PERUSER_MPM + -+/* Maximum processors per ServerEnvironment */ ++#define MPM_NAME "Peruser" + -+#ifndef DEFAULT_MAX_PROCESSORS -+#define DEFAULT_MAX_PROCESSORS 10 -+#endif ++#define AP_MPM_WANT_RECLAIM_CHILD_PROCESSES ++#define AP_MPM_WANT_WAIT_OR_TIMEOUT ++#define AP_MPM_WANT_PROCESS_CHILD_STATUS ++#define AP_MPM_WANT_SET_PIDFILE ++#define AP_MPM_WANT_SET_SCOREBOARD ++#define AP_MPM_WANT_SET_LOCKFILE ++#define AP_MPM_WANT_SET_MAX_REQUESTS ++#define AP_MPM_WANT_SET_COREDUMPDIR ++#define AP_MPM_WANT_SET_ACCEPT_LOCK_MECH ++#define AP_MPM_WANT_SIGNAL_SERVER ++#define AP_MPM_WANT_SET_MAX_MEM_FREE ++#define AP_MPM_DISABLE_NAGLE_ACCEPTED_SOCK + -+/* File used for accept locking, when we use a file */ -+#ifndef DEFAULT_LOCKFILE -+#define DEFAULT_LOCKFILE DEFAULT_REL_RUNTIMEDIR "/accept.lock" -+#endif ++#define AP_MPM_USES_POD 1 ++#define MPM_CHILD_PID(i) (ap_scoreboard_image->parent[i].pid) ++#define MPM_NOTE_CHILD_KILLED(i) (MPM_CHILD_PID(i) = 0) ++#define MPM_ACCEPT_FUNC unixd_accept + -+/* Where the main/parent process's pid is logged */ -+#ifndef DEFAULT_PIDLOG -+#define DEFAULT_PIDLOG DEFAULT_REL_RUNTIMEDIR "/httpd.pid" -+#endif ++extern int ap_threads_per_child; ++extern int ap_max_daemons_limit; ++extern server_rec *ap_server_conf; + -+/* -+ * Interval, in microseconds, between scoreboard maintenance. -+ */ -+#ifndef SCOREBOARD_MAINTENANCE_INTERVAL -+#define SCOREBOARD_MAINTENANCE_INTERVAL 1000000 -+#endif ++/* Table of child status */ ++#define SERVER_DEAD 0 ++#define SERVER_DYING 1 ++#define SERVER_ALIVE 2 + -+/* Number of requests to try to handle in a single process. If <= 0, -+ * the children don't die off. -+ */ -+#ifndef DEFAULT_MAX_REQUESTS_PER_CHILD -+#define DEFAULT_MAX_REQUESTS_PER_CHILD 10000 -+#endif ++typedef struct ap_ctable { ++ pid_t pid; ++ unsigned char status; ++} ap_ctable; + -+#endif /* AP_MPM_DEFAULT_H */ -diff -Nur httpd-2.0.52/server/mpm/experimental/peruser/peruser.c httpd-2.0.52-peruser/server/mpm/experimental/peruser/peruser.c ---- httpd-2.0.52/server/mpm/experimental/peruser/peruser.c 1969-12-31 17:00:00.000000000 -0700 -+++ httpd-2.0.52-peruser/server/mpm/experimental/peruser/peruser.c 2005-07-12 01:57:38.000000000 -0600 -@@ -0,0 +1,2796 @@ ++#endif /* APACHE_MPM_PERUSER_H */ +diff -Nur httpd-2.0.55/server/mpm/experimental/peruser/peruser.c httpd-2.0.55-new/server/mpm/experimental/peruser/peruser.c +--- httpd-2.0.55/server/mpm/experimental/peruser/peruser.c 1969-12-31 17:00:00.000000000 -0700 ++++ httpd-2.0.55-new/server/mpm/experimental/peruser/peruser.c 2006-03-06 02:08:38.000000000 -0700 +@@ -0,0 +1,2935 @@ +/* ==================================================================== + * The Apache Software License, Version 1.1 + * @@ -328,7 +328,6 @@ diff -Nur httpd-2.0.52/server/mpm/experimental/peruser/peruser.c httpd-2.0.52-pe +#include "apr_strings.h" +#include "apr_thread_proc.h" +#include "apr_signal.h" -+ +#define APR_WANT_STDIO +#define APR_WANT_STRFUNC +#define APR_WANT_IOVEC @@ -1082,13 +1081,155 @@ diff -Nur httpd-2.0.52/server/mpm/experimental/peruser/peruser.c httpd-2.0.52-pe + return 0; +} + ++/* ++ * This function sends a raw socket over to a processor. It uses the same ++ * on-wire format as pass_request. The recipient can determine if he got ++ * a socket or a whole request by inspecting the header_length of the ++ * message. If it is zero then only a socket was sent. ++ */ ++static int pass_socket(apr_socket_t *thesock, child_info_t *processor, apr_pool_t *pool) ++{ ++ int rv; ++ struct msghdr msg; ++ struct cmsghdr *cmsg; ++ int sock_fd; ++ char *body = ""; ++ struct iovec iov[4]; ++ apr_size_t len = 0; ++ apr_size_t header_len = 0; ++ apr_size_t body_len = 0; ++ peruser_header h; ++ apr_bucket *bucket; ++ const apr_array_header_t *headers_in_array; ++ const apr_table_entry_t *headers_in; ++ int counter; ++ ++ if (!processor) ++ { ++ _DBG("server %s in child %d has no child_info associated", ++ "(unkonwn)", my_child_num); ++ return -1; ++ } ++ ++ _DBG("passing request to another child.", 0); ++ ++ apr_os_sock_get(&sock_fd, thesock); ++ ++ header_len = 0; ++ body_len = 0; ++ ++ iov[0].iov_base = &header_len; ++ iov[0].iov_len = sizeof(header_len); ++ iov[1].iov_base = &body_len; ++ iov[1].iov_len = sizeof(body_len); ++ iov[2].iov_base = h.headers; ++ iov[2].iov_len = 0; ++ iov[3].iov_base = body; ++ iov[3].iov_len = body_len; ++ ++ msg.msg_name = NULL; ++ msg.msg_namelen = 0; ++ msg.msg_iov = iov; ++ msg.msg_iovlen = 4; ++ ++ cmsg = apr_palloc(pool, sizeof(*cmsg) + sizeof(sock_fd)); ++ cmsg->cmsg_len = sizeof(*cmsg) + sizeof(sock_fd); ++ cmsg->cmsg_level = SOL_SOCKET; ++ cmsg->cmsg_type = SCM_RIGHTS; ++ ++ memcpy(CMSG_DATA(cmsg), &sock_fd, sizeof(sock_fd)); ++ ++ msg.msg_control = cmsg; ++ msg.msg_controllen = cmsg->cmsg_len; ++ ++ if (processor->status == CHILD_STATUS_STANDBY) ++ { ++ _DBG("Activating child #%d", processor->id); ++ processor->status = CHILD_STATUS_STARTING; ++ } ++ ++ while (processor->status != CHILD_STATUS_ACTIVE) ++ { ++ _DBG("Waiting for child #%d...", processor->id); ++ sleep(1); ++ } ++ ++ _DBG("Writing message to %d, passing sock_fd: %d", processor->senv->output, sock_fd); ++ _DBG("header_len=%d headers=\"%s\"", header_len, h.headers); ++ _DBG("body_len=%d body=\"%s\"", body_len, body); ++ ++ if ((rv = sendmsg(processor->senv->output, &msg, 0)) == -1) ++ { ++ apr_pool_destroy(pool); ++ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, ap_server_conf, ++ "Writing message failed %d %d", rv, errno); ++ return -1; ++ } ++ ++ _DBG("Writing message succeeded %d", rv); ++ ++ /* -- close the socket on our side -- */ ++ _DBG("closing socket %d on our side", sock_fd); ++ apr_socket_close(thesock); ++ ++ apr_pool_destroy(pool); ++ return 1; ++} ++ +static void process_socket(apr_pool_t *p, apr_socket_t *sock, long conn_id, -+ apr_bucket_alloc_t *bucket_alloc) ++ apr_bucket_alloc_t *bucket_alloc, apr_pool_t *pool) +{ + conn_rec *current_conn; + int sock_fd; + apr_status_t rv; + ap_sb_handle_t *sbh; ++ child_info_t *processor; ++ apr_pool_t *ptrans; ++ peruser_server_conf *sconf; ++ ++ _DBG("Creating dummy connection to use the vhost lookup api", 0); ++ ++ ap_create_sb_handle(&sbh, p, conn_id, 0); ++ current_conn = ap_run_create_connection(p, ap_server_conf, sock, conn_id, ++ sbh, bucket_alloc); ++ _DBG("Looking up the right vhost"); ++ ap_update_vhost_given_ip(current_conn); ++ _DBG("Base server is %s, name based vhosts %s", current_conn->base_server->server_hostname, ++ current_conn->vhost_lookup_data ? "on" : "off"); ++ ++ ++ if (!current_conn->vhost_lookup_data && CHILD_INFO_TABLE[my_child_num].type == CHILD_TYPE_MULTIPLEXER) { ++ _DBG("We are not using name based vhosts, we'll directly pass the socket."); ++ ++ sconf = PERUSER_SERVER_CONF(current_conn->base_server->module_config); ++ processor = &CHILD_INFO_TABLE[sconf->senv->processor_id]; ++ ++ _DBG("Forwarding without further inspection, processor %d", processor->id); ++ if (processor->status == CHILD_STATUS_STANDBY) ++ { ++ _DBG("Activating child #%d", processor->id); ++ processor->status = CHILD_STATUS_STARTING; ++ } ++ ++ _DBG("Creating new pool",0); ++ apr_pool_create(&ptrans, pool); ++ _DBG("Passing request.",0); ++ if (pass_socket(sock, processor, ptrans) == -1) ++ { ++ ap_log_error(APLOG_MARK, APLOG_ERR, 0, ++ ap_server_conf, "Could not pass request to proper " ++ "child, request will not be honoured."); ++ return; ++ } ++ if (current_conn) ++ { ++ _DBG("freeing connection",0); ++ ap_lingering_close(current_conn); ++ } ++ _DBG("doing longjmp",0); ++ longjmp(CHILD_INFO_TABLE[my_child_num].jmpbuffer, 1); ++ return; ++ } + + if ((rv = apr_os_sock_get(&sock_fd, sock)) != APR_SUCCESS) + { @@ -1115,9 +1256,11 @@ diff -Nur httpd-2.0.52/server/mpm/experimental/peruser/peruser.c httpd-2.0.52-pe + ap_sock_disable_nagle(sock); + } + -+ ap_create_sb_handle(&sbh, p, conn_id, 0); -+ current_conn = ap_run_create_connection(p, ap_server_conf, sock, conn_id, -+ sbh, bucket_alloc); ++ if (!current_conn) { ++ ap_create_sb_handle(&sbh, p, conn_id, 0); ++ current_conn = ap_run_create_connection(p, ap_server_conf, sock, conn_id, ++ sbh, bucket_alloc); ++ } + + if (current_conn) + { @@ -1148,10 +1291,8 @@ diff -Nur httpd-2.0.52/server/mpm/experimental/peruser/peruser.c httpd-2.0.52-pe + net = filter->ctx; + net->in_ctx = apr_palloc(conn->pool, sizeof(*net->in_ctx)); + net->in_ctx->b = bb; -+/* + net->in_ctx->tmpbb = apr_brigade_create(net->in_ctx->b->p, + net->in_ctx->b->bucket_alloc); -+*/ + } + } + _DBG("leaving (DECLINED)", 0); @@ -1309,12 +1450,6 @@ diff -Nur httpd-2.0.52/server/mpm/experimental/peruser/peruser.c httpd-2.0.52-pe + processor->status = CHILD_STATUS_STARTING; + } + -+ while (processor->status != CHILD_STATUS_ACTIVE) -+ { -+ _DBG("Waiting for child #%d...", processor->id); -+ sleep(1); -+ } -+ + _DBG("Writing message to %d, passing sock_fd: %d", processor->senv->output, sock_fd); + _DBG("header_len=%d headers=\"%s\"", header_len, h.headers); + _DBG("body_len=%d body=\"%s\"", body_len, body); @@ -1399,6 +1534,8 @@ diff -Nur httpd-2.0.52/server/mpm/experimental/peruser/peruser.c httpd-2.0.52-pe + apr_cpystrn(headers, buff, header_len + 1); + _DBG("header_len=%d headers=\"%s\"", header_len, headers); + ++if (header_len) { ++ _DBG("header_len > 0, we got a request", 0); + /* -- store received data into an brigade and add + it to the current transaction's pool -- */ + bucket = apr_bucket_eos_create(alloc); @@ -1420,7 +1557,9 @@ diff -Nur httpd-2.0.52/server/mpm/experimental/peruser/peruser.c httpd-2.0.52-pe + + APR_BRIGADE_INSERT_HEAD(bb, bucket); + apr_pool_userdata_set(bb, "PERUSER_SOCKETS", NULL, ptrans); -+ ++} else { ++ _DBG("header_len == 0, we got a socket only", 0); ++} + _DBG("returning 0", 0); + return 0; +} @@ -1815,7 +1954,7 @@ diff -Nur httpd-2.0.52/server/mpm/experimental/peruser/peruser.c httpd-2.0.52-pe + + if(total_processors(my_child_num) < + CHILD_INFO_TABLE[my_child_num].senv->max_processors && -+ idle_processors(my_child_num) < ++ idle_processors(my_child_num) <= + CHILD_INFO_TABLE[my_child_num].senv->min_free_processors) + { + _DBG("CLONING CHILD"); @@ -1827,7 +1966,7 @@ diff -Nur httpd-2.0.52/server/mpm/experimental/peruser/peruser.c httpd-2.0.52-pe + { + _DBG("marked jmpbuffer",0); + _TRACE_CALL("process_socket()",0); -+ process_socket(ptrans, sock, my_child_num, bucket_alloc); ++ process_socket(ptrans, sock, my_child_num, bucket_alloc, pchild); + _TRACE_RET("process_socket()",0); + } + else diff --git a/2.0/patches/10_all_peruser-0.1.6-brigadefix.patch b/2.0/patches/10_all_peruser-0.1.6-brigadefix.patch deleted file mode 100644 index f1a8926..0000000 --- a/2.0/patches/10_all_peruser-0.1.6-brigadefix.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff -NurpP httpd-2.0.54-peruser/server/mpm/experimental/peruser/peruser.c httpd-2.0.54-peruser-brigadefix/server/mpm/experimental/peruser/peruser.c ---- httpd-2.0.54-peruser/server/mpm/experimental/peruser/peruser.c 2005-08-22 08:04:59.397143536 +0200 -+++ httpd-2.0.54-peruser-brigadefix/server/mpm/experimental/peruser/peruser.c 2005-08-22 08:07:32.979795424 +0200 -@@ -886,10 +886,8 @@ static int peruser_process_connection(co - net = filter->ctx; - net->in_ctx = apr_palloc(conn->pool, sizeof(*net->in_ctx)); - net->in_ctx->b = bb; --/* - net->in_ctx->tmpbb = apr_brigade_create(net->in_ctx->b->p, - net->in_ctx->b->bucket_alloc); --*/ - } - } - _DBG("leaving (DECLINED)", 0); diff --git a/2.0/patches/99_all_2.0.55-cve-2005-3352.patch b/2.0/patches/99_all_2.0.55-cve-2005-3352.patch deleted file mode 100644 index 2347338..0000000 --- a/2.0/patches/99_all_2.0.55-cve-2005-3352.patch +++ /dev/null @@ -1,35 +0,0 @@ -http://bugs.gentoo.org/show_bug.cgi?id=118875 - ---- server/util.c (revision 330526) -+++ server/util.c (working copy) -@@ -1762,6 +1762,8 @@ - j += 3; - else if (s[i] == '&') - j += 4; -+ else if (s[i] == '"') -+ j += 5; - - if (j == 0) - return apr_pstrmemdup(p, s, i); -@@ -1780,6 +1782,10 @@ - memcpy(&x[j], "&", 5); - j += 4; - } -+ else if (s[i] == '"') { -+ memcpy(&x[j], """, 6); -+ j += 5; -+ } - else - x[j] = s[i]; - ---- modules/mappers/mod_imap.c (revision 330526) -+++ modules/mappers/mod_imap.c (working copy) -@@ -342,7 +342,7 @@ - if (!strcasecmp(value, "referer")) { - referer = apr_table_get(r->headers_in, "Referer"); - if (referer && *referer) { -- return apr_pstrdup(r->pool, referer); -+ return ap_escape_html(r->pool, referer); - } - else { - /* XXX: This used to do *value = '\0'; ... which is totally bogus diff --git a/2.0/patches/99_all_2.0.55-cve-2005-3357.patch b/2.0/patches/99_all_2.0.55-cve-2005-3357.patch deleted file mode 100644 index bdd5793..0000000 --- a/2.0/patches/99_all_2.0.55-cve-2005-3357.patch +++ /dev/null @@ -1,21 +0,0 @@ -http://bugs.gentoo.org/show_bug.cgi?id=115324 - ---- modules/ssl/ssl_engine_kernel.c (Revision 368148) -+++ modules/ssl/ssl_engine_kernel.c (Arbeitskopie) -@@ -202,11 +202,14 @@ - } - - /* -- * Check to see if SSL protocol is on -+ * Check to see whether SSL is in use; if it's not, then no -+ * further access control checks are relevant. (the test for -+ * sc->enabled is probably strictly unnecessary) - */ -- if (!(sc->enabled || ssl)) { -+ if (!sc->enabled || !ssl) { - return DECLINED; - } -+ - /* - * Support for per-directory reconfigured SSL connection parameters. - * |