kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fixup port to provide Apache version 1.3.3 with FrontPage extensions.

Browse source 
PR:		8522
Submitted by:	maintainer
This commit is contained in:
Steve Price 1998-11-10 01:56:01 +00:00
parent 3f4d1e5e02
commit 3352fe7273
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=14435
17 changed files with 1590 additions and 580 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

128
www/apache13-fp/Makefile
View file

@ -1,31 +1,37 @@
# New ports collection makefile for: apache HTTPD w/FrontPage
# Version required: 1.2.6 3.0.4 (3.0.2.1330)
# Date created: Fri Oct 17 13:36:00 CDT 1997
# New ports collection makefile for: apache HTTPD w/FrontPage Module
# Version required: 1.3* 3.0.4 (3.0.2.1330)
# Date created: Sat Oct 31 16:30:00 CDT 1997
# Whom: hetzels@westbend.net
#
# $Id: Makefile,v 1.1.1.1 1998/05/29 04:46:49 mph Exp $
# $Id$
#
BROKEN= awaiting upgrade after repository copy
DISTNAME= apache_1.2.6
PKGNAME= apache_fp-1.2.6
DISTNAME= apache_1.3.3
PKGNAME= apache_fp-1.3.3
CATEGORIES= www
MASTER_SITES= ftp://www.apache.org/apache/dist/ \
ftp://ftp.microsoft.com/products/frontpage/\
ftp://ftp.microsoft.com/products/frontpage/
PATCH_SITES= ftp://www.apache.org/apache/dist/patches/apply_to_1.3.3/ \
http://www.apache.org/dist/patches/apply_to_1.3.3/
PATCHFILES= core_404_log_bug.txt proxy_segv.txt
# This file will not apply, fails on hunk 2 for main/http_protocol.c
#PATCHFILES+= server_error_filename.txt
.if defined(PATCH_DEBUG)
PATCH_DIST_ARGS= -d ${WRKSRC}/src -E ${PATCH_DIST_STRIP}
.else
PATCH_DIST_ARGS= -d ${WRKSRC}/src --forward --quiet -E ${PATCH_DIST_STRIP}
.endif
MAINTAINER= hetzels@westbend.net
APACHE= ${DISTNAME}${EXTRACT_SUFX}
FRONTPAGE= fp30.bsdi3
FRONTPAGE= fp30.bsdi3.tar.Z
DISTFILES= ${APACHE} ${FRONTPAGE}.tar.Z
.if defined(PATCH_DEBUG)
PATCH_DIST_ARGS= -d ${WRKSRC}/src -E ${PATCH_DIST_STRIP}
.else
PATCH_DIST_ARGS= -d ${WRKSRC}/src --forward --quiet -E ${PATCH_DIST_STRIP}
.endif
DISTFILES= ${APACHE} ${FRONTPAGE}
EXTRACT_ONLY= ${APACHE}
@ -35,53 +41,85 @@ NO_PACKAGE= \
FPINSTALL= frontpage/version3.0/fp_install.sh
CHANGESERVER= frontpage/version3.0/change_server.sh
FPPATCH= frontpage/version3.0/apache-fp/fp-patch-apache_1.2.5
MOD_FP= ${FILESDIR}/mod_frontpage.c
INSTALL_FILE=${INSTALL} -c -m 555 -o bin -g bin
MAN1= htpasswd.1
MAN8= httpd.8
DOCDIR= ${PREFIX}/share/doc/apache
#
# Set APACHE_PERF_TUNING env. variable to YES to get maximum performance
#
GNU_CONFIGURE= yes
CONFIGURE_ARGS= \
--sysconfdir=${PREFIX}/etc/apache \
--includedir=${PREFIX}/include/apache \
--logfiledir=/var/log \
--runtimedir=/var/run \
--datadir=${PREFIX}/www \
--proxycachedir=${PREFIX}/www/proxy \
--libexecdir=${PREFIX}/libexec/apache \
--without-confadjust \
--enable-shared=remain \
--enable-module=most \
--enable-module=auth_db \
--disable-module=auth_dbm \
--add-module=${MOD_FP} \
--enable-shared=frontpage
# Currently perl version doesn't matter
# --with-perl=${PERL5}
OPTIM=-DHARD_SERVER_LIMIT=512 \
-DDOCUMENT_LOCATION=\\"${PREFIX}/www/data/\\" \
-DDEFAULT_PATH=\\"/bin:/usr/bin:${PREFIX}/bin\\"
.if defined(APACHE_PERF_TUNING) && ${APACHE_PERF_TUNING} == YES
OPTIM+= -DBUFFERED_LOGS
CFLAGS+= -O6 -fomit-frame-pointer
.endif
CONFIGURE_ENV= OPTIM='${OPTIM}'
MAN1= ab.1 apachectl.1 dbmmanage.1 htdigest.1 htpasswd.1
MAN8= apxs.8 httpd.8 logresolve.8 rotatelogs.8
.if defined(SUEXEC)
HTTPD_USER?=www
USER_DIR?=public_html
CONFIGURE_ARGS+= --enable-suexec \
--suexec-caller=${HTTPD_USER} \
--suexec-userdir=${USER_DIR}
MAN8+= suexec.8
.endif
pre-fetch:
@if [ ! -f /usr/lib/libdescrypt.a -a ! -f /usr/lib/libdescrypt.so.* ] ; then \
@if ! ${LDCONFIG} -r | ${GREP} -q -e "-ldescrypt"; then \
${ECHO} ; \
${ECHO} "WARNING: MS Frontpage Extentions require the DES Library"; \
${ECHO} "WARNING: MS FrontPage Extentions require the DES Library"; \
${ECHO} "WARNING: Install the DES Library, then build apache-fp"; \
${ECHO} ; \
${FALSE} ; \
fi
post-extract:
@${ECHO} "===> Extracting FrontPage patch, and install scripts"
@${ECHO} "===> Extracting FrontPage install scripts"
@cd ${WRKSRC} && \
${EXTRACT_CMD} ${EXTRACT_BEFORE_ARGS} ${DISTDIR}/${FRONTPAGE}.tar.Z ${FPINSTALL} ${FPPATCH} ${CHANGESERVER}
pre-patch:
@${ECHO} "===> Applying FrontPage patch"
@cd ${WRKSRC} && ${PATCH} ${PATCH_DIST_ARGS} < ${WRKSRC}/${FPPATCH}
${EXTRACT_CMD} ${EXTRACT_BEFORE_ARGS} ${DISTDIR}/${FRONTPAGE} ${FPINSTALL} ${CHANGESERVER}
post-install:
@${ECHO} "Installing ${PREFIX}/etc/rc.d/apache.sh.tmpl file."
@${CAT} ${FILESDIR}/apache.sh.tmpl | \
${SED} -e 's;PREFIX;${PREFIX};' -e 's;PERL5;${PERL};' \
> ${PREFIX}/etc/rc.d/apache.sh.tmpl
@if [ ! -f ${PREFIX}/etc/rc.d/apache.sh ]; then \
${ECHO} "Installing ${PREFIX}/etc/rc.d/apache.sh startup file."; \
${ECHO} "#!${SH}" > ${PREFIX}/etc/rc.d/apache.sh; \
${ECHO} "[ -x ${PREFIX}/sbin/httpd ] && ${PREFIX}/sbin/httpd && ${ECHO} -n ' httpd'" >> ${PREFIX}/etc/rc.d/apache.sh; \
${CP} ${PREFIX}/etc/rc.d/apache.sh.tmpl ${PREFIX}/etc/rc.d/apache.sh; \
chmod 751 ${PREFIX}/etc/rc.d/apache.sh; \
else \
${ECHO} "apache.sh exists, please compare with apache.sh.tmpl."; \
${ECHO} "The template will regenerate the FrontPage suidkey"; \
${ECHO} "file when the apache server is started/restarted."; \
fi
.for i in ${MAN1}
${INSTALL_MAN} ${WRKSRC}/support/$i ${PREFIX}/man/man1
.endfor
.for i in ${MAN8}
${INSTALL_MAN} ${WRKSRC}/support/$i ${PREFIX}/man/man8
.endfor
.if !defined(NOPORTDOCS)
${MKDIR} ${DOCDIR}
.for i in README LICENSE ABOUT_APACHE
${INSTALL_DATA} ${WRKSRC}/$i ${DOCDIR}
.endfor
@cd ${WRKSRC}/htdocs; ${EXTRACT_CMD} cf - . | (cd ${DOCDIR} ; \
${EXTRACT_CMD} xf -)
.endif
@${SH} ${WRKSRC}/${FPINSTALL}
@${INSTALL_FILE} ${WRKSRC}/${FPINSTALL} ${PREFIX}/${FPINSTALL}
@${INSTALL_FILE} ${WRKSRC}/${CHANGESERVER} ${PREFIX}/${CHANGESERVER}

5
www/apache13-fp/distinfo
View file

@ -1,3 +1,4 @@
MD5 (apache_1.2.6.tar.gz) = ff292bc21fe4f53b0e39dc8024019f44
MD5 (apache_1.3.3.tar.gz) = bb6f14bbb369097a55969482d395d1ae
MD5 (fp30.bsdi3.tar.Z) = 2aa4396e8bf9a349a946f726f861f97d
MD5 (suexec+.1.0.tgz) = 580f942cd90e44de97cc89fe0dd92c6f
MD5 (core_404_log_bug.txt) = ae7472c857937be679bc1224317a0654
MD5 (proxy_segv.txt) = 2131d636c758e58e753777e0658fd51f

47
www/apache13-fp/files/apache.sh.tmpl Normal file
View file

@ -0,0 +1,47 @@
#!/bin/sh
#
#
# Create New FrontPage suidkey
#
new_key() {
skdir=PREFIX/frontpage/currentversion/apache-fp
PERL=PERL5
#NOTE: We need Perl 5, to generate a new key
if [ -x ${PERL} ]
then
${PERL} -e '@a=(split(//, "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*-=_+")); print((map {$a[rand(scalar @a)]} (1..128)), "\n");' > $skdir/suidkey
fi
}
#
# Main
#
case "$1" in
start)
if [ -x PREFIX/sbin/apachectl ]
then
new_key
PREFIX/sbin/apachectl start && echo -n ' httpd'
fi
;;
stop)
if [ -r /var/run/httpd.pid ]
then
PREFIX/sbin/apachectl stop && echo -n ' httpd'
fi
;;
*)
echo "usage: $0 {start|stop}" 1>&2
exit 64
;;
esac

784
www/apache13-fp/files/mod_frontpage.c Normal file
View file

@ -0,0 +1,784 @@
/* ====================================================================
*
* Apache FrontPage module.
*
* Copyright (c) 1996-1997 Microsoft Corporation -- All Rights Reserved.
*
* NO WARRANTIES. Microsoft expressly disclaims any warranty for this code and
* information. This code and information and any related documentation is
* provided "as is" without warranty of any kind, either express or implied,
* including, without limitation, the implied warranties or merchantability,
* fitness for a particular purpose, or noninfringement. The entire risk
* arising out of use or performance of this code and information remains with
* you.
*
* NO LIABILITY FOR DAMAGES. In no event shall Microsoft or its suppliers be
* liable for any damages whatsoever (including, without limitation, damages
* for loss of business profits, business interruption, loss of business
* information, or any other pecuniary loss) arising out of the use of or
* inability to use this Microsoft product, even if Microsoft has been advised
* of the possibility of such damages. Because some states/jurisdictions do not
* allow the exclusion or limitation of liability for consequential or
* incidental damages, the above limitation may not apply to you.
*
* $Revision: 1.3 $
* $Date: 1997/10/15 17:23:46 $
*
*/
/*
* User configurable items. We will not run the server extensions with any
* UID/GID less than LOWEST_VALID_UID/LOWEST_VALID_GID.
*/
#if defined(LINUX)
#define LOWEST_VALID_UID 15
#else
#define LOWEST_VALID_UID 11
#endif
#if defined(HPUX) || defined(IRIX) || defined(SUNOS4)
#define LOWEST_VALID_GID 20
#else
#if defined(SCO)
#define LOWEST_VALID_GID 24
#else
#define LOWEST_VALID_GID 21 /* Solaris, AIX, Alpha, Bsdi, *BSD, etc. */
#endif
#endif
/*
* End of user configurable items
*/
#include "httpd.h"
#include "http_config.h"
#include "http_conf_globals.h"
#include "http_log.h"
#include <stdio.h>
#include <sys/time.h>
#if defined(UWARE7) || UW==700
#define Vstat stat32
#define Vlstat lstat32
#else
#define Vstat stat
#define Vlstat lstat
#endif
#ifndef TRUE
#define TRUE 1
#endif
#ifndef FALSE
#define FALSE 0
#endif
#ifndef MAXPATHLEN
#define MAXPATHLEN 1024
#endif
#if (MAXPATHLEN < 1024)
#undef MAXPATHLEN
#define MAXPATHLEN 1024
#endif
#define KEYLEN 128 /* Should be a multiple of sizeof(int) */
static char gszKeyVal[KEYLEN+1]; /* SUID key value used by this module */
static int gfdKeyPipe[2]; /* Pipe to fpexe stub CGI */
static int gbKeyPipeActive = FALSE;/* Pipe to fpexe stub CGI is active */
static int gbEnabled = FALSE; /* TRUE when SUID scheme is enabled */
#if !defined(SHARED_MODULE)
static int giInitializeCount = 0; /* FrontPageInit called previously */
#endif
static const char* FP =
"/usr/local/frontpage/currentversion";
static const char* FPKEYDIR =
"/usr/local/frontpage/currentversion/apache-fp";
static const char* KEYFILEXOR =
"/usr/local/frontpage/currentversion/apache-fp/suidkey";
static const char* KEYFILE =
"/usr/local/frontpage/currentversion/apache-fp/suidkey.%d";
static const char* FPSTUBDIR =
"/usr/local/frontpage/currentversion/apache-fp/_vti_bin";
static const char* FPSTUB =
"/usr/local/frontpage/currentversion/apache-fp/_vti_bin/fpexe";
static const char* SHTML =
"/_vti_bin/shtml.exe";
static const char* SHTML2 =
"/_vti_bin/shtml.dll";
static const char* VTI_BIN =
"/_vti_bin";
static const char* FPCOUNT =
"/_vti_bin/fpcount.exe";
static const char* AUTHOR =
"/_vti_bin/_vti_aut/author.exe" ;
static const char* ADMIN =
"/_vti_bin/_vti_adm/admin.exe" ;
MODULE_VAR_EXPORT module frontpage_module;
/*
* Print a descriptive error in the httpd's error_log. The format string
* should be length limited so that it is no longer than 1800 bytes.
*/
static void LogFrontPageError(
server_rec* s,
const char* szFormat,
const char* szFile,
const char* szRoutine,
int bIsDisabled)
{
char szBuf[MAXPATHLEN * 2];
sprintf(szBuf, szFormat, szFile);
strcat(szBuf, " in ");
strcat(szBuf, szRoutine);
strcat(szBuf, ".");
if (bIsDisabled)
{
strcat(szBuf, " Until this problem is fixed, the FrontPage security patch is disabled and the FrontPage extensions may not work correctly.");
gbEnabled = FALSE; /* Make double sure we're not enabled */
}
ap_log_error(APLOG_MARK, APLOG_ERR, s, szBuf);
}
/*
* Clean up stale keyfiles. Failure to clean up stale keyfiles does not
* stop the FrontPage SUID scheme.
*/
static void FrontPageCleanup(server_rec *s)
{
DIR *d;
struct DIR_TYPE *dstruct;
int myPid = getpid();
if (!(d = opendir(FPKEYDIR)))
{
/*
* This should be a rare occurrence, because we're running as root and
* should have access to the directory. Stale key files can be
* exploited. User recovery: Check that the directory exists and is
* properly protected (owned by root, permissions rwx--x--x), and that
* there are no stale key files in it (suidkey.*, where * is a
* non-existant PID).
*/
LogFrontPageError(s, "Can't clean stale key files from directory \"%-.1024s\"",
FPKEYDIR, "FrontPageCleanup()", FALSE);
return;
}
while ((dstruct = readdir(d)))
{
if (strncmp("suidkey.", dstruct->d_name, 8) == 0)
{
/*
* Make sure the key file contains a pid number - otherwise
* it is harmless and you can ignore it.
*/
char* pEnd = 0;
int pid = strtol(dstruct->d_name + 8, &pEnd, 10);
if (!pEnd || *pEnd)
continue;
/*
* Make sure there isn't some other server using this key file.
* If the process group isn't alive, then the file is stale
* and we want to remove it.
*/
if (pid == myPid || kill(pid, 0) == -1)
{
char szBuf[MAXPATHLEN];
sprintf(szBuf, "%-.500s/%-.500s", FPKEYDIR, dstruct->d_name);
if (unlink(szBuf) == -1)
{
/*
* This should be a rare occurrence, because we're running
* as root and should always have permission to delete the
* file. Stale key files can be exploited. User recovery:
* delete the offending file.
*/
LogFrontPageError(s, "Can't unlink stale key file \"%-.1024s\"",
szBuf, "FrontPageCleanup()", FALSE);
}
}
}
}
closedir(d);
}
/*
* Checks that all the permissions are currently correct for the FrontPage
* fpexe SUID stub to run correctly. If not, it logs an error and aborts
* initialization, effectively disabling the FrontPage SUID scheme.
* It checks both the file permissions (owned by root and not writable to
* group, other) and that the directory is not writable.
*/
static int FrontPageCheckup(server_rec *s)
{
struct stat fs;
if (geteuid() != 0)
{
/*
* We need to be root to have the security scheme work correctly.
* User recovery: run the server as root.
*/
LogFrontPageError(s, "Not running as root",
0, "FrontPageCheckup()", TRUE);
return (FALSE);
}
if (Vlstat(FPKEYDIR, &fs) == -1 || /* We can't stat the key dir */
fs.st_uid || /* key dir not owned by root */
(fs.st_mode & (S_IRGRP | S_IROTH)) || /* key dir is readable */
(fs.st_mode & (S_IWGRP | S_IWOTH)) || /* key dir is writable */
!(fs.st_mode & (S_IXGRP | S_IXOTH)) || /* key dir is not executable */
!(S_ISDIR(fs.st_mode)))
{
/*
* User recovery: set directory to be owned by by root with permissions
* rwx--x--x. Note you need the execute bit for group and other so
* that non-root programs can run apache-fp/_vti_bin/fpexe (even though
* non-root cannot list the directory).
*/
LogFrontPageError(s, "Incorrect permissions on key directory \"%-.1024s\", needs root ownership and perms rwx--x--x",
FPKEYDIR, "FrontPageCheckup()", TRUE);
return (FALSE);
}
if (Vlstat(FPSTUBDIR, &fs) == -1 || /* We can't stat the stub dir */
fs.st_uid || /* stub dir not owned by root */
(fs.st_mode & (S_IWGRP | S_IWOTH)) || /* stub dir is writable */
(!S_ISDIR(fs.st_mode)))
{
/*
* User recovery: set directory to be owned by by root with permissions
* r*x*-x*-x.
*/
LogFrontPageError(s, "Incorrect permissions on stub directory \"%-.1024s\", needs root ownership and perms r*x*-x*-x",
FPSTUBDIR, "FrontPageCheckup()", TRUE);
return (FALSE);
}
if (Vstat(FPSTUB, &fs) == -1 || /* We can't stat the stub */
fs.st_uid || /* stub not owned by root */
!(fs.st_mode & S_ISUID) || /* stub is not set-uid */
(fs.st_mode & S_ISGID) || /* stub is set-gid */
(fs.st_mode & (S_IWGRP | S_IWOTH)) || /* stub is writable */
!(fs.st_mode & (S_IXGRP | S_IXOTH))) /* stub is not executable */
{
/*
* User recovery: set stub to be owned by by root with permissions
* r*s*-x*-x.
*/
LogFrontPageError(s, "Incorrect permissions on stub \"%-.1024s\", needs root ownership and perms r*s*-x*-x",
FPSTUB, "FrontPageCheckup()", TRUE);
return (FALSE);
}
return (TRUE);
}
/*
* Module-initializer: Create the suidkey file and local value.
* Everything needs to be just right, or we don't create the key file, and
* therefore, the fpexe SUID stub refuses to run.
*/
static void FrontPageInit(server_rec *s, pool *p)
{
int fdPipe[2];
pid_t pid;
FILE *f;
struct stat fs;
int fd;
char szKeyFile[MAXPATHLEN];
int iRandom[5];
char* szRandom = (char*)iRandom;
struct timeval tp;
struct timezone tz;
(void)p; /* p is unused */
#if !defined(SHARED_MODULE)
/*
* Standalone servers call initialization twice: once in main() and again
* in standalone_main(). The fully initializing on the the first call is a
* waste of time, and a race condition can leave a stale suidkey.pgrpid
* file around.
*/
if (ap_standalone && !giInitializeCount++)
return;
#endif
/*
* Disable the suid scheme until everything falls perfectly into place.
*/
gbEnabled = FALSE;
gbKeyPipeActive = FALSE;
/*
* Clean up old key files before we start
*/
FrontPageCleanup(s);
if (!FrontPageCheckup(s))
return;
if (pipe(fdPipe) == -1)
{
/*
* This should be a rare occurrence. User recovery: check to see why
* the system cannot allocate a pipe (is the file table full from
* run-away processes?), and fix the problem or reboot, then try again.
*/
LogFrontPageError(s, "pipe() failed", 0, "FrontPageInit()", TRUE);
return;
}
gettimeofday(&tp, &tz);
iRandom[0] = tp.tv_sec;
iRandom[1] = tp.tv_usec | tp.tv_usec << 20;
pid = fork();
if (pid == -1)
{
/*
* This should be a rare occurrence. User recovery: check to see why
* the system cannot allocate a process (is the process table full from
* run-away processes?), and fix the problem or reboot, then try again.
*/
LogFrontPageError(s, "fork() failed", 0, "FrontPageInit()", TRUE);
return;
}
if (pid)
{
/*
* I am the parent process. Try to read a random number from the
* child process.
*/
unsigned int npos = (unsigned int)-1;
unsigned int v1 = npos, v2 = npos, v3 = npos, v4 = npos;
int stat;
int iCount;
close(fdPipe[1]);
if (waitpid(pid, &stat, 0) == -1 ||
(!WIFEXITED(stat) || WIFEXITED(stat) && WEXITSTATUS(stat)))
{
/*
* This should be a rare occurrence. User recovery: Make sure you
* have a /bin/sh, or change the shell location in the execl
* command below. Try the commands defined in RAND_CMD in a
* /bin/sh session to make sure they work properly. Rebuild this
* module and your httpd with the proper commands.
*/
LogFrontPageError(s, "Random number generator exited abnormally", 0,
"FrontPageInit()", TRUE);
return;
}
iCount = read(fdPipe[0], gszKeyVal, KEYLEN);
close(fdPipe[0]);
if (iCount < 0)
{
/*
* This should be a rare occurrence. See the above comment under
* the waitpid failure condition for user recovery steps.
*/
LogFrontPageError(s, "Could not read random numbers", 0,
"FrontPageInit()", TRUE);
return;
}
gszKeyVal[iCount] = 0;
sscanf(gszKeyVal, "%u %u %u %u", &v2, &v1, &v4, &v3);
if (v1 == npos || v2 == npos || v3 == npos || v4 == npos)
{
/*
* This should be a rare occurrence. See the above comment under
* the waitpid failure condition for user recovery steps.
*/
LogFrontPageError(s, "Could not scan random numbers", 0,
"FrontPageInit()", TRUE);
return;
}
iRandom[2] = (v1 << 16) + v2 + (v4 << 12) + v3;
}
else
{
/*
* I am the child process. Create a random number which shouldn't
* be easily duplicated.
*/
if (dup2(fdPipe[1], 1) == -1)
exit(1); /* Parent picks up the error */
close(fdPipe[0]);
#ifdef LINUX
#define RAND_CMD "/bin/ps laxww | /usr/bin/sum ; /bin/ps laxww | /usr/bin/sum"
#else
#if defined ( bsdi ) || ( defined ( BSD ) && ( BSD >=199103 ))
#define RAND_CMD "/bin/ps laxww | /usr/bin/cksum -o 1 ; /bin/ps laxww | /usr/bin/cksum -o 1"
#else
#define RAND_CMD "/bin/ps -ea | /bin/sum ; /bin/ps -ea | /bin/sum"
#endif
#endif
execl("/bin/sh", "/bin/sh", "-c", RAND_CMD, NULL);
exit(1);
}
gettimeofday(&tp, &tz);
iRandom[3] = tp.tv_sec;
iRandom[4] = tp.tv_usec | tp.tv_usec << 20;
/*
* See if there is an 'suidkey' file to merge into our key.
*/
if (Vstat(KEYFILEXOR, &fs) == -1)
{
/*
* It's a security violation if the key file is not present. User
* recovery: Make sure the key file is present and properly protected
* (owned by root, permissions r**------).
*/
LogFrontPageError(s, "The key file \"%-.1024s\" does not exist",
KEYFILEXOR, "FrontPageInit()", TRUE);
return;
}
else
{
int i, iCount;
char szBuf[KEYLEN];
if ((fs.st_mode & (S_IRWXG | S_IRWXO)) || fs.st_uid)
{
/*
* It's a security violation if the key file is not owned by root,
* and is not protected from all other group. User recovery: Make
* sure the key file is properly protected (owned by root,
* permissions r**------).
*/
LogFrontPageError(s, "The key file \"%-.1024s\" must be owned by root and have permissions r**------",
KEYFILEXOR, "FrontPageInit()", TRUE);
return;
}
if ((fd = open(KEYFILEXOR, O_RDONLY)) == -1)
{
/*
* This should be a rare occurrence. User recovery: Make sure
* the key file exists, is properly owned and protected, and is
* readable.
*/
LogFrontPageError(s, "Cannot open key file \"%-.1024s\"",
KEYFILEXOR, "FrontPageInit()", TRUE);
return;
}
iCount = read(fd, szBuf, KEYLEN);
if (iCount < 8)
{
/*
* The keyfile must be at least 8 bytes. If it longer than 128
* bytes, only the first 128 bytes will be used. Any character
* value from 0-255 is fine. User recovery: Make sure the key file
* is at least 8 bytes long.
*/
LogFrontPageError(s, "Key file \"%-.1024s\" is unreadable or is too short (must be at least 8 bytes)",
KEYFILEXOR, "FrontPageInit()", TRUE);
return;
}
/*
* Now generate the effective key we'll be using by XORing your key
* with 5 "random" 32-bit integers. The primary security of this
* scheme is your key; properly setting it and changing it often keeps
* the FrontPage SUID scheme secure. All this work above to generate 5
* random 32-bit integers is soley to make your key somewhat harder to
* crack (assuming the key files are properly protected). If you don't
* like the algorithm used to generate the 5 random integers, feel free
* to substitute as appropriate (check out SGI's Lavarand (TM) at
* lavarand.sgi.com).
*/
for (i = 0; i < KEYLEN; i++)
gszKeyVal[i] = szBuf[i % iCount] ^ szRandom[i % sizeof(iRandom)];
close(fd);
}
#if defined(SUNOS4)
pid = getpgrp(0);
#else
pid = getpgrp();
#endif
sprintf(szKeyFile, KEYFILE, (int)pid);
fd = creat(szKeyFile, 0600);
if (fd < 0)
{
/*
* This should be a rare occurrence, because we're running as root and
* should always have permission to create the file. User recovery:
* check that you are not out of disk space, or that the file is not
* NFS-mounted on a share where you do not have permissions.
*/
LogFrontPageError(s, "Could not create key file \"%-.1024s\"",
szKeyFile, "FrontPageInit()", TRUE);
return;
}
if (write(fd, gszKeyVal, 128) != 128)
{
/*
* This should be a rare occurrence. User recovery: check that you are
* not out of disk space.
*/
close(fd);
unlink(szKeyFile);
LogFrontPageError(s, "Could not write to key file \"%-.1024s\"",
szKeyFile, "FrontPageInit()", TRUE);
return;
}
close(fd);
/*
* Everything looks OK enough to start the suid scheme.
*/
gbEnabled = TRUE;
/*
* Thanks to Scot Hetzel (hetzels@westbend.net)
*/
ap_add_version_component("FrontPage/3.0.4.3");
}
/*
* Look for a valid FrontPage extensions scenario and fake a scriptalias if
* appropriate. If there are any problems, we silently decline.
*/
static int FrontPageAlias(
request_rec* r,
char* szCgi,
const char* szFpexe)
{
int iLen;
struct stat webroot;
struct stat vti_pvt;
struct stat stub;
char szBuf[MAXPATHLEN];
char chSave;
char szFormat[MAXPATHLEN * 2];
/*
* Decline if we cannot run the stub, or it is writable.
*/
if (Vstat(FPSTUB, &stub) == -1 || !(stub.st_mode & S_IXOTH) ||
stub.st_mode & (S_IWGRP | S_IWOTH))
{
/*
* The stub used to be correctly permissioned; what happened? User
* recovery: set stub to be owned by by root with permissions
* r*s*-x*-x.
*/
LogFrontPageError(r->server, "Incorrect permissions on stub \"%-.1024s\", must be owned by root with permissions r*s*-x*-x",
FPSTUB, "FrontPageAlias()", FALSE);
return DECLINED;
}
chSave = szCgi[1];
szCgi[1] = '\0';
ap_translate_name(r);
szCgi[1] = chSave;
/*
* Zap trailing slash that confuses some OSes.
*/
iLen = strlen(r->filename);
r->filename[--iLen] = 0;
if (iLen > MAXPATHLEN - 10)
return DECLINED;
sprintf(szBuf, "%s/_vti_pvt", r->filename);
/*
* Decline if webroot and webroot/_vti_pvt don't have the same
* user and group or uid < LOWEST_VALID_UID or gid < LOWEST_VALID_GID.
*/
if (Vstat(szBuf, &vti_pvt) == -1 ||
vti_pvt.st_uid < LOWEST_VALID_UID ||
vti_pvt.st_gid < LOWEST_VALID_GID ||
Vstat(r->filename, &webroot) != 0 ||
webroot.st_uid != vti_pvt.st_uid ||
webroot.st_gid != vti_pvt.st_gid)
{
/*
* The webroot and webroot/_vti_pvt don't match. User recovery: fix
* the owners and groups of both directories to match, and have both a
* uid and gid in the allowable range.
*/
sprintf(szFormat, "Incorrect permissions on webroot \"\%-.0124s\" and webroot's _vti_pvt directory, the owners and groups must match and have a uid >= %d and gid >= %d", LOWEST_VALID_UID, LOWEST_VALID_GID);
LogFrontPageError(r->server, szFormat,
szBuf, "FrontPageAlias()", FALSE);
return DECLINED;
}
/*
* If the pipe is active, it was because we previously executed a CGI.
* That CGI must have finished by now (otherwise we wouldn't be processing
* this next request), so we can and should close the pipe to avoid a
* resource leak.
*/
if (gbKeyPipeActive)
{
close(gfdKeyPipe[0]);
gbKeyPipeActive = FALSE;
}
/*
* If we can't get a pipe, that's really bad. We'll log an error, and
* decline. This should be a rare occurrence. User recovery: check to see
* why the system cannot allocate a pipe (is the file table full from
* run-away processes?), and fix the problem or reboot, then try again.
*/
if (pipe(gfdKeyPipe) == -1)
{
LogFrontPageError(r->server, "pipe() failed", 0,
"FrontPageAlias()", FALSE);
return DECLINED;
}
/*
* Note: ap_pstrdup allocates memory, but it checks for out of memory
* conditions - it will not return if out of memory.
*/
r->handler = ap_pstrdup(r->pool, "cgi-script");
ap_table_set(r->notes, "alias-forced-type", r->handler);
ap_table_set(r->subprocess_env, "FPEXE", ap_pstrdup(r->pool, szFpexe));
sprintf(szBuf, "%d", webroot.st_uid );
ap_table_set(r->subprocess_env, "FPUID", ap_pstrdup(r->pool, szBuf));
sprintf(szBuf, "%d", webroot.st_gid );
ap_table_set(r->subprocess_env, "FPGID", ap_pstrdup(r->pool, szBuf));
sprintf(szBuf, "%d", gfdKeyPipe[0]);
ap_table_set(r->subprocess_env, "FPFD", ap_pstrdup(r->pool, szBuf));
r->execfilename = ap_pstrcat(r->pool, FPSTUB, szCgi + strlen(szFpexe), NULL);
r->filename = ap_pstrcat(r->pool, r->filename, szCgi, NULL);
if (write(gfdKeyPipe[1], gszKeyVal, 128) != 128)
{
/*
* If we can't write to the pipe, that's really bad. We'll log an
* error, and decline. This should be a rare occurrence. User
* recovery: check to see why the system cannot write to the pipe (is
* the system being choked with too much load?), and fix the problem or
* reboot, then try again.
*/
LogFrontPageError(r->server, "Write to pipe failed", 0,
"FrontPageAlias()", FALSE);
close (gfdKeyPipe[0]);
close (gfdKeyPipe[1]);
return DECLINED;
}
close(gfdKeyPipe[1]);
gbKeyPipeActive = TRUE;
return OK;
}
/*
* This routine looks for shtml.exe, fpcount.exe, author.exe and admin.exe
* in a URI, and if found we call FrontPageAlias() to check for a valid
* FrontPage scenario.
*
* The return value is OK or DECLINED.
*/
static int FrontPageXlate(
request_rec *r)
{
char *szVti;
char *szCgi;
/*
* Decline if we're improperly initialized.
*/
if (!gbEnabled)
return DECLINED;
/*
* Check once for anything with _vti_bin. This is much faster than
* checking all four paths, because anything without this is definitely
* not a FrontPage scenario.
*/
if (!(szVti = strstr(r->uri, VTI_BIN)))
return DECLINED;
/*
* Test for FrontPage server extenders:
* .../_vti_bin/shtml.exe...
* .../_vti_bin/shtml.dll...
* .../_vti_bin/fpcount.exe...
* .../_vti_bin/_vti_aut/author.exe...
* .../_vti_bin/_vti_adm/admin.exe...
*/
if (szCgi = strstr(szVti, AUTHOR ))
return FrontPageAlias(r, szCgi, AUTHOR);
/*
* Convert inadvertent shtml.dll to shtml.exe
* Thanks for the idea to Scot Hetzel (hetzels@westbend.net)
*/
if (szCgi = strstr(szVti, SHTML2 ))
{
int iShtmlExtPos = strlen(SHTML2) - 3;
strncpy(szCgi + iShtmlExtPos, SHTML + iShtmlExtPos, 3);
}
if (szCgi = strstr(szVti, SHTML ))
return FrontPageAlias(r, szCgi, SHTML);
if (szCgi = strstr(szVti, ADMIN ))
return FrontPageAlias(r, szCgi, ADMIN);
if (szCgi = strstr(szVti, FPCOUNT))
return FrontPageAlias(r, szCgi, FPCOUNT);
return DECLINED;
}
/*
* Declare ourselves so the configuration routines can find us.
*/
module MODULE_VAR_EXPORT frontpage_module =
{
STANDARD_MODULE_STUFF,
FrontPageInit, /* initializer */
NULL, /* per-directory config creater */
NULL, /* dir config merger - default is to override */
NULL, /* server config creator */
NULL, /* server config merger */
NULL, /* command table */
NULL, /* [6] list of handlers */
FrontPageXlate, /* [1] filename-to-URI translation */
NULL, /* [4] check/validate HTTP user_id */
NULL, /* [5] check HTTP user_id is valid *here* */
NULL, /* [3] check access by host address, etc. */
NULL, /* [6] MIME type checker/setter */
NULL, /* [7] fixups */
NULL, /* [9] logger */
NULL, /* [2] header parser */
NULL, /* child_init */
NULL, /* child_exit */
NULL /* post read-request */
};

184
www/apache13-fp/files/patch-aa
View file

@ -1,148 +1,40 @@
*** src/Configuration.orig Sun Jul 6 06:20:07 1997
--- src/Configuration Tue Jul 15 01:18:42 1997
*** configure.orig Thu Sep 17 12:07:53 1998
--- configure Thu Sep 24 03:57:33 1998
***************
*** 41,49 ****
# Settings here have priority; If not set, Configure will attempt to guess
# the C compiler, and set OPTIM to '-O2'
#
! EXTRA_CFLAGS=
EXTRA_LFLAGS=
! EXTRA_LIBS=
EXTRA_INCLUDES=
#CC=
--- 41,62 ----
# Settings here have priority; If not set, Configure will attempt to guess
# the C compiler, and set OPTIM to '-O2'
#
! EXTRA_CFLAGS= \
! -DHTTPD_ROOT=\"${PREFIX}/etc/apache/\" \
! -DDOCUMENT_LOCATION=\"${PREFIX}/www/data/\" \
! -DSERVER_CONFIG_FILE=\"httpd.conf\" \
! -DRESOURCE_CONFIG_FILE=\"srm.conf\" \
! -DTYPES_CONFIG_FILE=\"mime.types\" \
! -DACCESS_CONFIG_FILE=\"access.conf\" \
! -DDEFAULT_PATH=\"/bin:/usr/bin:${PREFIX}/bin\" \
! -DSUEXEC_BIN=\"${PREFIX}/sbin/suexec\" \
! -DDEFAULT_XFERLOG=\"/var/log/httpd-access.log\" \
! -DDEFAULT_ERRORLOG=\"/var/log/httpd-error.log\" \
! -DDEFAULT_PIDLOG=\"/var/run/httpd.pid\" \
! -DDEFAULT_SCOREBOARD=\"/var/run/apache_runtime_status\" \
! -DDEFAULT_LOCKFILE=\"/var/spool/lock/accept.lock\"
EXTRA_LFLAGS=
! EXTRA_LIBS=-lmd
EXTRA_INCLUDES=
#CC=
*** 870,877 ****
echo " DEFAULT_PIDLOG: ${runtimedir_relative}httpd.pid"
echo " DEFAULT_SCOREBOARD: ${runtimedir_relative}httpd.scoreboard"
echo " DEFAULT_LOCKFILE: ${runtimedir_relative}httpd.lock"
! echo " DEFAULT_XFERLOG: ${logfiledir_relative}access_log"
! echo " DEFAULT_ERRORLOG: ${logfiledir_relative}error_log"
echo " TYPES_CONFIG_FILE: ${sysconfdir_relative}mime.types"
echo " SERVER_CONFIG_FILE: ${sysconfdir_relative}httpd.conf"
echo " ACCESS_CONFIG_FILE: ${sysconfdir_relative}access.conf"
--- 870,877 ----
echo " DEFAULT_PIDLOG: ${runtimedir_relative}httpd.pid"
echo " DEFAULT_SCOREBOARD: ${runtimedir_relative}httpd.scoreboard"
echo " DEFAULT_LOCKFILE: ${runtimedir_relative}httpd.lock"
! echo " DEFAULT_XFERLOG: ${logfiledir_relative}httpd-access.log"
! echo " DEFAULT_ERRORLOG: ${logfiledir_relative}httpd-error.log"
echo " TYPES_CONFIG_FILE: ${sysconfdir_relative}mime.types"
echo " SERVER_CONFIG_FILE: ${sysconfdir_relative}httpd.conf"
echo " ACCESS_CONFIG_FILE: ${sysconfdir_relative}access.conf"
***************
*** 162,173 ****
## STATUS=yes (see the Rules section near the start of this file) to allow
## full status information. Check conf/access.conf on how to enable this.
! # Module status_module mod_status.o
## The Info module displays configuration information for the server and
## all included modules. It's very useful for debugging.
! # Module info_module mod_info.o
## mod_include translates server-side include (SSI) statements in text files.
## mod_dir handles requests on directories and directory indexes.
--- 175,186 ----
## STATUS=yes (see the Rules section near the start of this file) to allow
## full status information. Check conf/access.conf on how to enable this.
! Module status_module mod_status.o
## The Info module displays configuration information for the server and
## all included modules. It's very useful for debugging.
! Module info_module mod_info.o
## mod_include translates server-side include (SSI) statements in text files.
## mod_dir handles requests on directories and directory indexes.
***************
*** 209,215 ****
## mod_rewrite allows for powerful URI-to-URI and URI-to-filename mapping,
## using regular expressions.
! # Module rewrite_module mod_rewrite.o
##
## Access control and authentication modules.
--- 222,228 ----
## mod_rewrite allows for powerful URI-to-URI and URI-to-filename mapping,
## using regular expressions.
! Module rewrite_module mod_rewrite.o
##
## Access control and authentication modules.
***************
*** 227,233 ****
## "gdbm" package if not and possibly adjust EXTRA_LIBS. (This may be
## done by Configure at a later date)
! # Module db_auth_module mod_auth_db.o
# Module dbm_auth_module mod_auth_dbm.o
## msql_auth checks against an mSQL database. You must have mSQL installed
--- 240,246 ----
## "gdbm" package if not and possibly adjust EXTRA_LIBS. (This may be
## done by Configure at a later date)
! Module db_auth_module mod_auth_db.o
# Module dbm_auth_module mod_auth_dbm.o
## msql_auth checks against an mSQL database. You must have mSQL installed
***************
*** 244,267 ****
## "digest" implements HTTP Digest Authentication rather than the less
## secure Basic Auth used by the other modules.
! # Module digest_module mod_digest.o
## Optional response header manipulation modules.
##
## cern_meta mimics the behavior of the CERN web server with regards to
## metainformation files.
! # Module cern_meta_module mod_cern_meta.o
## The expires module can apply Expires: headers to resources,
## as a function of access time or modification time.
! # Module expires_module mod_expires.o
## The headers module can set arbitrary HTTP response headers,
## as configured in server, vhost, access.conf or .htaccess configs
! # Module headers_module mod_headers.o
## Miscellaneous modules
##
--- 257,280 ----
## "digest" implements HTTP Digest Authentication rather than the less
## secure Basic Auth used by the other modules.
! Module digest_module mod_digest.o
## Optional response header manipulation modules.
##
## cern_meta mimics the behavior of the CERN web server with regards to
## metainformation files.
! Module cern_meta_module mod_cern_meta.o
## The expires module can apply Expires: headers to resources,
## as a function of access time or modification time.
! Module expires_module mod_expires.o
## The headers module can set arbitrary HTTP response headers,
## as configured in server, vhost, access.conf or .htaccess configs
! Module headers_module mod_headers.o
## Miscellaneous modules
##
*** 935,942 ****
echo "echo '-DDEFAULT_PIDLOG=\"${runtimedir_relative}httpd.pid\"'" >>$src/apaci
echo "echo '-DDEFAULT_SCOREBOARD=\"${runtimedir_relative}httpd.scoreboard\"'" >>$src/apaci
echo "echo '-DDEFAULT_LOCKFILE=\"${runtimedir_relative}httpd.lock\"'" >>$src/apaci
! echo "echo '-DDEFAULT_XFERLOG=\"${logfiledir_relative}access_log\"'" >>$src/apaci
! echo "echo '-DDEFAULT_ERRORLOG=\"${logfiledir_relative}error_log\"'" >>$src/apaci
echo "echo '-DTYPES_CONFIG_FILE=\"${sysconfdir_relative}mime.types\"'" >>$src/apaci
echo "echo '-DSERVER_CONFIG_FILE=\"${sysconfdir_relative}httpd.conf\"'" >>$src/apaci
echo "echo '-DACCESS_CONFIG_FILE=\"${sysconfdir_relative}access.conf\"'" >>$src/apaci
--- 935,942 ----
echo "echo '-DDEFAULT_PIDLOG=\"${runtimedir_relative}httpd.pid\"'" >>$src/apaci
echo "echo '-DDEFAULT_SCOREBOARD=\"${runtimedir_relative}httpd.scoreboard\"'" >>$src/apaci
echo "echo '-DDEFAULT_LOCKFILE=\"${runtimedir_relative}httpd.lock\"'" >>$src/apaci
! echo "echo '-DDEFAULT_XFERLOG=\"${logfiledir_relative}httpd-access.log\"'" >>$src/apaci
! echo "echo '-DDEFAULT_ERRORLOG=\"${logfiledir_relative}httpd-error.log\"'" >>$src/apaci
echo "echo '-DTYPES_CONFIG_FILE=\"${sysconfdir_relative}mime.types\"'" >>$src/apaci
echo "echo '-DSERVER_CONFIG_FILE=\"${sysconfdir_relative}httpd.conf\"'" >>$src/apaci
echo "echo '-DACCESS_CONFIG_FILE=\"${sysconfdir_relative}access.conf\"'" >>$src/apaci

200
www/apache13-fp/files/patch-ab
View file

@ -1,55 +1,153 @@
*** conf/access.conf-dist.orig Mon Mar 31 18:52:33 1997
--- conf/access.conf-dist Sat Oct 25 14:15:32 1997
*** Makefile.tmpl.orig Sat Sep 19 07:41:48 1998
--- Makefile.tmpl Wed Oct 14 19:07:18 1998
***************
*** 12,18 ****
*** 107,112 ****
--- 107,113 ----
runtimedir = @runtimedir@
logfiledir = @logfiledir@
proxycachedir = @proxycachedir@
+ doc_prefix = $(prefix)/share/doc/apache
# This should be changed to whatever you set DocumentRoot to.
! <Directory /usr/local/etc/httpd/htdocs>
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
--- 12,18 ----
# This should be changed to whatever you set DocumentRoot to.
! <Directory /usr/local/www/data>
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
***************
*** 26,32 ****
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
! AllowOverride None
# Controls who can get stuff from this server.
--- 26,32 ----
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
! AllowOverride All
# Controls who can get stuff from this server.
libexecdir_relative = @libexecdir_relative@
***************
*** 38,45 ****
# /usr/local/etc/httpd/cgi-bin should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
! <Directory /usr/local/etc/httpd/cgi-bin>
! AllowOverride None
Options None
</Directory>
--- 38,45 ----
# /usr/local/etc/httpd/cgi-bin should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
! <Directory /usr/local/www/cgi-bin>
! AllowOverride All
Options None
</Directory>
*** 166,173 ****
-DUID_MIN=$(suexec_uidmin) \
-DGID_MIN=$(suexec_gidmin) \
-DUSERDIR_SUFFIX=\"$(suexec_userdir)\" \
! -DLOG_EXEC=\"$(logfiledir)/suexec_log\" \
! -DDOC_ROOT=\"$(datadir)/htdocs\" \
-DSAFE_PATH=\"$(suexec_safepath)\" \
' \
suexec; \
--- 167,174 ----
-DUID_MIN=$(suexec_uidmin) \
-DGID_MIN=$(suexec_gidmin) \
-DUSERDIR_SUFFIX=\"$(suexec_userdir)\" \
! -DLOG_EXEC=\"$(logfiledir)/httpd-suexec.log\" \
! -DDOC_ROOT=\"$(datadir)/data\" \
-DSAFE_PATH=\"$(suexec_safepath)\" \
' \
suexec; \
***************
*** 224,232 ****
$(MKDIR) $(root)$(mandir)/man1
$(MKDIR) $(root)$(mandir)/man8
$(MKDIR) $(root)$(sysconfdir)
! $(MKDIR) $(root)$(datadir)/htdocs
$(MKDIR) $(root)$(datadir)/icons
! $(MKDIR) $(root)$(datadir)/cgi-bin
$(MKDIR) $(root)$(includedir)
$(MKDIR) $(root)$(runtimedir)
$(MKDIR) $(root)$(logfiledir)
--- 225,233 ----
$(MKDIR) $(root)$(mandir)/man1
$(MKDIR) $(root)$(mandir)/man8
$(MKDIR) $(root)$(sysconfdir)
! $(MKDIR) $(root)$(doc_prefix)
$(MKDIR) $(root)$(datadir)/icons
! $(MKDIR) $(root)$(datadir)/cgi-bin.default
$(MKDIR) $(root)$(includedir)
$(MKDIR) $(root)$(runtimedir)
$(MKDIR) $(root)$(logfiledir)
***************
*** 340,364 ****
# icons and distributed CGI scripts.
install-data:
@echo "===> [data: Installing initial data files]"
! -@if [ -f $(root)$(datadir)/htdocs/index.html ]; then \
! echo "[PRESERVING EXISTING DATA SUBDIR: $(root)$(datadir)/htdocs/]"; \
! else \
! echo "Copying tree $(TOP)/htdocs/ -> $(root)$(datadir)/htdocs/"; \
(cd $(TOP)/htdocs/ && $(TAR) cf - *) |\
! (cd $(root)$(datadir)/htdocs/ && $(TAR) xf -); \
! find $(root)$(datadir)/htdocs/ -type d -exec chmod a+rx {} \; ; \
! find $(root)$(datadir)/htdocs/ -type f -exec chmod a+r {} \; ; \
fi
! -@if [ -f $(root)$(datadir)/cgi-bin/printenv ]; then \
! echo "[PRESERVING EXISTING DATA SUBDIR: $(root)$(datadir)/cgi-bin/]"; \
! else \
for script in printenv test-cgi; do \
cat $(TOP)/cgi-bin/$${script} |\
sed -e 's;^#!/.*perl;#!$(PERL);' \
> $(TOP)/$(SRC)/.apaci.install.tmp; \
! echo "$(INSTALL_DATA) $(TOP)/conf/$${script}[*] $(root)$(datadir)/cgi-bin/$${script}"; \
! $(INSTALL_DATA) $(TOP)/$(SRC)/.apaci.install.tmp $(root)$(datadir)/cgi-bin/$${script}; \
done; \
fi
@echo "Copying tree $(TOP)/icons/ -> $(root)$(datadir)/icons/"; \
(cd $(TOP)/icons/ && $(TAR) cf - *) |\
--- 341,372 ----
# icons and distributed CGI scripts.
install-data:
@echo "===> [data: Installing initial data files]"
! # -@if [ -f $(root)$(datadir)/htdocs/index.html ]; then \
! # echo "[PRESERVING EXISTING DATA SUBDIR: $(root)$(datadir)/htdocs/]"; \
! # else \
! echo "Copying tree $(TOP)/htdocs/ -> $(root)$(doc_prefix)/"; \
(cd $(TOP)/htdocs/ && $(TAR) cf - *) |\
! (cd $(root)$(doc_prefix)/ && $(TAR) xf -); \
! find $(root)$(doc_prefix)/ -type d -exec chmod a+rx {} \; ; \
! find $(root)$(doc_prefix)/ -type f -exec chmod a+r {} \; ; \
! # fi
! if [ ! -d $(root)$(datadir)/data ]; then \
! $(LN) -sf $(root)$(doc_prefix) $(root)$(datadir)/data; \
fi
! $(LN) -sf $(root)$(doc_prefix) $(root)$(datadir)/data.default
! # -@if [ -f $(root)$(datadir)/cgi-bin/printenv ]; then \
! # echo "[PRESERVING EXISTING DATA SUBDIR: $(root)$(datadir)/cgi-bin/]"; \
! # else \
for script in printenv test-cgi; do \
cat $(TOP)/cgi-bin/$${script} |\
sed -e 's;^#!/.*perl;#!$(PERL);' \
> $(TOP)/$(SRC)/.apaci.install.tmp; \
! echo "$(INSTALL_DATA) $(TOP)/conf/$${script}[*] $(root)$(datadir)/cgi-bin.default/$${script}"; \
! $(INSTALL_DATA) $(TOP)/$(SRC)/.apaci.install.tmp $(root)$(datadir)/cgi-bin.default/$${script}; \
done; \
+ # fi
+ if [ ! -d $(root)$(datadir)/cgi-bin ]; then \
+ $(LN) -sf $(root)$(datadir)/cgi-bin.default $(root)$(datadir)/cgi-bin; \
fi
@echo "Copying tree $(TOP)/icons/ -> $(root)$(datadir)/icons/"; \
(cd $(TOP)/icons/ && $(TAR) cf - *) |\
***************
*** 378,395 ****
echo ""; \
cat $(TOP)/conf/$${conf}-dist ) |\
sed -e '/# LoadModule/r $(TOP)/$(SRC)/.apaci.install.conf' \
! -e 's;@@ServerRoot@@/htdocs;$(datadir)/htdocs;' \
-e 's;@@ServerRoot@@/icons;$(datadir)/icons;' \
-e 's;@@ServerRoot@@/cgi-bin;$(datadir)/cgi-bin;' \
-e 's;@@ServerRoot@@/proxy;$(proxycachedir);' \
-e 's;@@ServerRoot@@;$(prefix);' \
-e 's;logs/accept.lock;$(runtimedir)/httpd.lock;' \
-e 's;logs/apache_runtime_status;$(runtimedir)/httpd.scoreboard;' \
-e 's;logs/httpd.pid;$(runtimedir)/httpd.pid;' \
! -e 's;logs/access_log;$(logfiledir)/access_log;' \
! -e 's;logs/error_log;$(logfiledir)/error_log;' \
! -e 's;logs/referer_log;$(logfiledir)/referer_log;' \
! -e 's;logs/agent_log;$(logfiledir)/agent_log;' \
-e 's;conf/magic;$(sysconfdir)/magic;' \
-e 's;conf/mime.types;$(sysconfdir)/mime.types;' \
-e 's;Group #-1;Group $(conf_group);' \
--- 386,405 ----
echo ""; \
cat $(TOP)/conf/$${conf}-dist ) |\
sed -e '/# LoadModule/r $(TOP)/$(SRC)/.apaci.install.conf' \
! -e 's;@@ServerRoot@@/htdocs;$(datadir)/data;' \
-e 's;@@ServerRoot@@/icons;$(datadir)/icons;' \
-e 's;@@ServerRoot@@/cgi-bin;$(datadir)/cgi-bin;' \
-e 's;@@ServerRoot@@/proxy;$(proxycachedir);' \
+ -e 's;@@ServerRoot@@/srm.conf;$(sysconfdir)/srm.conf;' \
+ -e 's;@@ServerRoot@@/access.conf;$(sysconfdir)/access.conf;' \
-e 's;@@ServerRoot@@;$(prefix);' \
-e 's;logs/accept.lock;$(runtimedir)/httpd.lock;' \
-e 's;logs/apache_runtime_status;$(runtimedir)/httpd.scoreboard;' \
-e 's;logs/httpd.pid;$(runtimedir)/httpd.pid;' \
! -e 's;logs/access_log;$(logfiledir)/httpd-access.log;' \
! -e 's;logs/error_log;$(logfiledir)/httpd-error.log;' \
! -e 's;logs/referer_log;$(logfiledir)/httpd-referer.log;' \
! -e 's;logs/agent_log;$(logfiledir)/httpd-agent.log;' \
-e 's;conf/magic;$(sysconfdir)/magic;' \
-e 's;conf/mime.types;$(sysconfdir)/mime.types;' \
-e 's;Group #-1;Group $(conf_group);' \

72
www/apache13-fp/files/patch-ag Normal file
View file

@ -0,0 +1,72 @@
*** conf/httpd.conf-dist.orig Wed May 6 16:12:39 1998
--- conf/httpd.conf-dist Sat Jun 6 13:08:52 1998
***************
*** 50,56 ****
# don't use Group #-1 on these systems!
User nobody
! Group #-1
# ServerAdmin: Your address, where problems with the server should be
# e-mailed.
--- 50,56 ----
# don't use Group #-1 on these systems!
User nobody
! Group nogroup
# ServerAdmin: Your address, where problems with the server should be
# e-mailed.
***************
*** 65,70 ****
--- 65,80 ----
ServerRoot @@ServerRoot@@
+ # AccessConfig: The name and location of the Access Configuration file
+ #
+
+ AccessConfig @@ServerRoot@@/access.conf
+
+ # ResourceConfig: The name and location of the Resource Configuration file
+ #
+
+ ResourceConfig @@ServerRoot@@/srm.conf
+
# BindAddress: You can support virtual hosts with this option. This option
# is used to tell the server which IP address to listen to. It can either
# contain "*", an IP address, or a fully qualified Internet domain name.
***************
*** 94,100 ****
# The location of the access logfile (Common Logfile Format).
# If this does not start with /, ServerRoot is prepended to it.
! CustomLog logs/access_log common
# If you would like to have an agent and referer logfile uncomment the
# following directives.
--- 104,110 ----
# The location of the access logfile (Common Logfile Format).
# If this does not start with /, ServerRoot is prepended to it.
! #CustomLog logs/access_log common
# If you would like to have an agent and referer logfile uncomment the
# following directives.
***************
*** 105,111 ****
# If you prefer a single logfile with access, agent and referer information
# (Combined Logfile Format) you can use the following directive.
! #CustomLog logs/access_log combined
# PidFile: The file the server should log its pid to
PidFile logs/httpd.pid
--- 115,121 ----
# If you prefer a single logfile with access, agent and referer information
# (Combined Logfile Format) you can use the following directive.
! CustomLog logs/access_log combined
# PidFile: The file the server should log its pid to
PidFile logs/httpd.pid

40
www/apache13-fp/files/patch-ak Normal file
View file

@ -0,0 +1,40 @@
*** src/support/apachectl.orig Fri Jul 17 01:25:54 1998
--- src/support/apachectl Fri Jul 24 00:34:59 1998
***************
*** 39,44 ****
--- 39,46 ----
# -------------------- --------------------
# |||||||||||||||||||| END CONFIGURATION SECTION ||||||||||||||||||||
+ eval `limits -e -C daemon` >/dev/null 2>&1
+
ERROR=0
ARGV="$@"
if [ "x$ARGV" = "x" ] ; then
***************
*** 50,56 ****
# check for pidfile
if [ -f $PIDFILE ] ; then
PID=`cat $PIDFILE`
! if kill -0 $PID; then
STATUS="httpd (pid $PID) running"
RUNNING=1
else
--- 52,58 ----
# check for pidfile
if [ -f $PIDFILE ] ; then
PID=`cat $PIDFILE`
! if kill -0 $PID > /dev/null 2>&1; then
STATUS="httpd (pid $PID) running"
RUNNING=1
else
***************
*** 82,87 ****
--- 84,90 ----
fi
if kill $PID ; then
echo "$0 $ARG: httpd stopped"
+ rm $PIDFILE
else
echo "$0 $ARG: httpd could not be stopped"
ERROR=4

50
www/apache13-fp/files/patch-al Normal file
View file

@ -0,0 +1,50 @@
*** src/support/log_server_status.orig Tue Mar 31 16:53:50 1998
--- src/support/log_server_status Tue Apr 21 17:18:10 1998
***************
*** 67,76 ****
#
require 'sys/socket.ph';
! $wherelog = "/var/log/graph/"; # Logs will be like "/var/log/graph/960312"
$server = "localhost"; # Name of server, could be "www.foo.com"
$port = "80"; # Port on server
! $request = "/status/?auto"; # Request to send
sub tcp_connect
{
--- 67,76 ----
#
require 'sys/socket.ph';
! $wherelog = "/var/log/httpd-status-"; # Logs will be like "/var/log/graph/960312"
$server = "localhost"; # Name of server, could be "www.foo.com"
$port = "80"; # Port on server
! $request = "/server-status/?auto"; # Request to send
sub tcp_connect
{
***************
*** 93,103 ****
### Main
{
! $date=`date +%y%m%d:%H%M%S`;
chop($date);
($day,$time)=split(/:/,$date);
$res=&tcp_connect($server,$port);
! open(OUT,">>$wherelog$day");
if ($res) {
print OUT "$time:-1:-1:-1:-1:$res\n";
exit 1;
--- 93,103 ----
### Main
{
! $date=`LC_TIME=C date +%y%m%d:%H%M%S`;
chop($date);
($day,$time)=split(/:/,$date);
$res=&tcp_connect($server,$port);
! open(OUT,">>$wherelog$day.log");
if ($res) {
print OUT "$time:-1:-1:-1:-1:$res\n";
exit 1;

127
www/apache13-fp/files/patch-fd
View file

@ -1,96 +1,59 @@
*** support/suexec.h.orig Sat May 10 00:06:17 1997
--- support/suexec.h Thu Apr 23 15:57:52 1998
*** src/support/suexec.h.orig Tue Mar 31 06:54:09 1998
--- src/support/suexec.h Thu May 21 19:18:25 1998
***************
*** 50,55 ****
--- 50,62 ----
*
*** 56,61 ****
--- 56,72 ----
*/
+ /* "FPEXE modification made on Nov 2nd 1997 by Mark Wormgoor (riddles@ipe.nl)
/*
+ * "FPEXE modification made on 98.05.21 by Scot Hetzel (hetzels@westbend.net)
+ * based on previous FPEXE modifications supplied by Mark Wormgoor
+ * (riddles@ipe.nl)
+ *
+ * Changes were made in order to use Suexec and Frontpage 98 at the same time.
+ * Instead of trying to run suid on /usr/local/frontpage/currentversion/bin/fpexe,
+ * we execute this so the suid-bit does all the work
+ */
+ * After we change to the target_uid and target_gid. We check if cmd = FPEXE,
+ * if it does then we execute the cmd without performing any further tests.
+ *
+ */
+
/*
+ /*
* suexec.h -- user-definable variables for the suexec wrapper code.
*/
***************
*** 114,129 ****
* debugging purposes.
*/
#ifndef LOG_EXEC
! #define LOG_EXEC "/usr/local/etc/httpd/logs/cgi.log" /* Need me? */
#endif
/*
* DOC_ROOT -- Define as the DocumentRoot set for Apache. This
* will be the only hierarchy (aside from UserDirs)
* that can be used for suEXEC behavior.
***************
*** 129,134 ****
--- 140,173 ----
*/
#ifndef DOC_ROOT
! #define DOC_ROOT "/usr/local/etc/httpd/htdocs"
#define DOC_ROOT "/usr/local/apache/htdocs"
+ #endif
+
+ /*
+ * FPEXE, FPSTUB
+ * FPSTUBDIR -- We are running frontpage and we don't need to run
+ * fpexe suid, since it's already set suid. Also, the
+ * dir-rights are incorrect and so on...
+ */
+ #ifndef FPEXE
+ #define FPEXE "fpexe"
+ #endif
+
+ #ifndef FPSTUB
+ #define FPSTUB "/usr/local/frontpage/version3.0/apache-fp/_vti_bin/fpexe"
+ #endif
+
+ #ifndef FPSTUBDIR
+ #define FPSTUBDIR "/usr/local/frontpage/currentversion/apache-fp/_vti_bin"
+ #endif
+
+ /*
+ * SYSTEM_CGI -- Define as the cgi directory for system-wide CGI's
+ * Note that UID/GID of the cgi or the directory are
+ * NOT matched if they're in this directory, although
+ * all the other checks still apply. Caveat Emptor.
+ */
+ #ifndef SYSTEM_CGI
+ #define SYSTEM_CGI "/usr/local/www/cgi-bin"
#endif
/*
--- 121,162 ----
* debugging purposes.
*/
#ifndef LOG_EXEC
! #define LOG_EXEC "/var/log/httpd-cgi.log" /* Need me? */
#endif
/*
* DOC_ROOT -- Define as the DocumentRoot set for Apache. This
* will be the only hierarchy (aside from UserDirs)
* that can be used for suEXEC behavior.
+ * This is not used, since we have VirtualHosts defined.
*/
#ifndef DOC_ROOT
! #define DOC_ROOT "/usr/local/www"
! #endif
!
! /*
! * FPEXE
! * FRONTPAGE_EXE -- We are running frontpage and we don't need to run
! * fpexe suid, since it's already set suid. Also, the
! * dir-rights are incorrect and so on...
! */
! #ifndef FPEXE
! #define FPEXE "fpexe"
! #endif
!
! #ifndef FRONTPAGE_EXE
! #define FRONTPAGE_EXE "/usr/local/frontpage/version3.0/apache-fp/_vti_bin/fpexe"
! #endif
!
! /*
! * SYSTEM_CGI -- Define as the cgi directory for system-wide CGI's
! * Note that UID/GID of the cgi or the directory are
! * NOT matched if they're in this directory, although
! * all the other checks still apply. Caveat Emptor.
! */
!
! #ifndef SYSTEM_CGI
! #define SYSTEM_CGI "/usr/local/www/cgi-bin"
#endif
/*
***************
*** 131,137 ****
*
*/
#ifndef SAFE_PATH
! #define SAFE_PATH "/usr/local/bin:/usr/bin:/bin"
#endif
#endif /* _SUEXEC_H */
--- 164,170 ----
*
*/
#ifndef SAFE_PATH
! #define SAFE_PATH "/usr/local/bin:/usr/bin:/bin:."
#endif
#endif /* _SUEXEC_H */

273
www/apache13-fp/files/patch-fe
View file

@ -1,11 +1,11 @@
*** support/suexec.c.orig Fri Jan 30 08:45:44 1998
--- support/suexec.c Fri Apr 24 17:32:21 1998
*** src/support/suexec.c.orig Tue Apr 21 15:14:06 1998
--- src/support/suexec.c Fri May 22 17:59:43 1998
***************
*** 66,71 ****
--- 66,94 ----
*** 70,75 ****
--- 70,98 ----
*
*
*/
+ /*
+ * "System" CGI modification 97.05.10 by Rick Franchuk (rickf@netnation.com)
+ *
@ -19,8 +19,8 @@
+ * The docroot check had to be bypassed to allow functionality for VirtualHost
+ * entries. I'm somewhat suprised noone encountered that behavior before.
+ */
+
+ /* "FPEXE modification made on 98.04.24 by Scot Hetzel (hetzels@westbend.net)
+ /*
+ * "FPEXE modification made on 98.05.19 by Scot Hetzel (hetzels@westbend.net)
+ * based on previous FPEXE modifications supplied by Mark Wormgoor
+ * (riddles@ipe.nl)
+ *
@ -28,127 +28,13 @@
+ * After we change to the target_uid and target_gid. We check if cmd = FPEXE,
+ * if it does then we execute the cmd without performing any further tests.
+ *
+ */
#include "suexec.h"
+ */
#include "conf.h"
#include <sys/param.h>
***************
*** 75,81 ****
#include <sys/types.h>
#include <stdio.h>
#include <stdarg.h>
! #include <string.h>
#include <pwd.h>
#include <grp.h>
#include <time.h>
--- 98,104 ----
#include <sys/types.h>
#include <stdio.h>
#include <stdarg.h>
! #include <strings.h>
#include <pwd.h>
#include <grp.h>
#include <time.h>
***************
*** 138,144 ****
static void err_output(const char *fmt, va_list ap)
{
- #ifdef LOG_EXEC
time_t timevar;
struct tm *lt;
--- 161,166 ----
***************
*** 158,164 ****
vfprintf(log, fmt, ap);
fflush(log);
- #endif /* LOG_EXEC */
return;
}
--- 180,185 ----
***************
*** 264,270 ****
log_err("user mismatch (%s)\n", pw->pw_name);
exit(103);
}
!
/*
* Check for a leading '/' (absolute path) in the command to be executed,
* or attempts to back up out of the current directory,
--- 285,291 ----
log_err("user mismatch (%s)\n", pw->pw_name);
exit(103);
}
!
/*
* Check for a leading '/' (absolute path) in the command to be executed,
* or attempts to back up out of the current directory,
***************
*** 301,306 ****
--- 322,328 ----
/*
* Error out if the target group name is invalid.
*/
+
if (strspn(target_gname, "1234567890") != strlen(target_gname)) {
if ((gr = getgrnam(target_gname)) == NULL) {
log_err("invalid target group name: (%s)\n", target_gname);
***************
*** 325,331 ****
* Log the transaction here to be sure we have an open log
* before we setuid().
*/
! log_err("uid: (%s/%s) gid: (%s/%s) %s\n",
target_uname, actual_uname,
target_gname, actual_gname,
cmd);
--- 347,353 ----
* Log the transaction here to be sure we have an open log
* before we setuid().
*/
! log_err("uid: (%s/%s) gid: (%s/%s) cmd: %s\n",
target_uname, actual_uname,
target_gname, actual_gname,
cmd);
***************
*** 357,363 ****
* and setgid() to the target group. If unsuccessful, error out.
*/
if (((setgid(gid)) != 0) || (initgroups(actual_uname,gid) != 0)) {
! log_err("failed to setgid (%ld: %s)\n", gid, cmd);
exit(109);
}
--- 379,385 ----
* and setgid() to the target group. If unsuccessful, error out.
*/
if (((setgid(gid)) != 0) || (initgroups(actual_uname,gid) != 0)) {
! log_err("failed to setgid (%ld: %s/%s)\n", gid, cwd, cmd);
exit(109);
}
***************
*** 365,375 ****
* setuid() to the target user. Error out on fail.
*/
if ((setuid(uid)) != 0) {
! log_err("failed to setuid (%ld: %s)\n", uid, cmd);
exit(110);
}
/*
* Get the current working directory, as well as the proper
* document root (dependant upon whether or not it is a
* ~userdir request). Error out if we cannot get either one,
--- 387,405 ----
* setuid() to the target user. Error out on fail.
*/
if ((setuid(uid)) != 0) {
! log_err("failed to setuid (%ld: %s/%s)\n", uid, cwd, cmd);
exit(110);
*** 393,398 ****
--- 416,429 ----
}
/*
@ -156,17 +42,17 @@
+ * user is ok. We run fpexe now and bail out before anything goes wrong.
+ */
+ #ifdef FPEXE
+ if ((strcmp(cmd, FPEXE)) != NULL) {
+ #endif
+ if ((strcmp(cmd, FPEXE)) != NULL) {
+ #endif
+
+ /*
* Get the current working directory, as well as the proper
* document root (dependant upon whether or not it is a
* ~userdir request). Error out if we cannot get either one,
***************
*** 402,411 ****
--- 432,446 ----
}
*** 423,432 ****
--- 454,468 ----
}
}
+ /*
@ -174,74 +60,87 @@
+ * VirtualHosts running CGI in thier own directories.
+ *
if ((strncmp(cwd, dwd, strlen(dwd))) != 0) {
log_err("command not in docroot (%s/%s)\n", cwd, cmd);
exit(114);
log_err("command not in docroot (%s/%s)\n", cwd, cmd);
exit(114);
}
+ */
/*
* Stat the cwd and verify it is a directory, or error out.
***************
*** 451,470 ****
*** 472,477 ****
--- 508,516 ----
* Error out if the target name/group is different from
* the name/group of the cwd or the program.
*/
! if ((uid != dir_info.st_uid) ||
! (gid != dir_info.st_gid) ||
! (uid != prg_info.st_uid) ||
! (gid != prg_info.st_gid))
! {
! log_err("target uid/gid (%ld/%ld) mismatch with directory (%ld/%ld) or program (%ld/%ld)\n",
! uid, gid,
! dir_info.st_uid, dir_info.st_gid,
! prg_info.st_uid, prg_info.st_gid);
! exit(120);
}
clean_env();
/*
* Be sure to close the log file so the CGI can't
* mess with it. If the exec fails, it will be reopened
--- 486,516 ----
* Error out if the target name/group is different from
* the name/group of the cwd or the program.
*/
!
! #ifdef SYSTEM_CGI
! if (strncmp(cwd, SYSTEM_CGI, strlen(SYSTEM_CGI))) {
! #endif
! if ((uid != dir_info.st_uid) ||
! (gid != dir_info.st_gid) ||
! (uid != prg_info.st_uid) ||
! (gid != prg_info.st_gid))
! {
! log_err("target uid/gid (%ld/%ld) mismatch with directory %s(%ld/%ld) or program %s(%ld/%ld)\n",
! uid, gid,
! cwd, dir_info.st_uid, dir_info.st_gid,
! cmd, prg_info.st_uid, prg_info.st_gid);
! exit(120);
! }
! #ifdef SYSTEM_CGI
}
+ #ifdef SYSTEM_CGI
+ if (strncmp(cwd, SYSTEM_CGI, strlen(SYSTEM_CGI))) {
+ #endif
clean_env();
+ #ifdef FPEXE
if ((uid != dir_info.st_uid) ||
(gid != dir_info.st_gid) ||
(uid != prg_info.st_uid) ||
***************
*** 482,487 ****
--- 521,530 ----
prg_info.st_uid, prg_info.st_gid);
exit(120);
}
+ #ifdef SYSTEM_CGI
+ }
+ #endif
+
/*
* Error out if the program is not executable for the user.
* Otherwise, she won't find any error in the logs except for
***************
*** 493,498 ****
--- 536,584 ----
}
clean_env();
+
+ #ifdef FPEXE
+ }
+ else {
+
+ /* The following taken from mod_frontpage.c to check permissions */
+
+ /*
+ * We can't stat the stub dir. Make sure the stub directory is not
+ * owned by root and not group/world writable
+ */
+ if ((lstat(FPSTUBDIR, &dir_info) == -1 ||
+ dir_info.st_uid ||
+ (dir_info.st_mode & (S_IWGRP | S_IWOTH)) ||
+ (!S_ISDIR(dir_info.st_mode)))) {
+ /*
+ * User recovery: set directory to be owned by by root with
+ * permissions r*x*-x*-x.
+ */
+ log_err("Incorrect permissions on stub directory \"%-.1024s\"",
+ FPSTUBDIR);
+ exit (250);
+ }
+
+ /*
+ * We can't stat the stub. Make sure the stub is not owned by root,
+ * set-uid, set-gid, and is not group/world writable or executable.
+ */
+ if ((stat(cmd, &prg_info) == -1 ||
+ prg_info.st_uid ||
+ !(prg_info.st_mode & S_ISUID) ||
+ (prg_info.st_mode & S_ISGID) ||
+ (prg_info.st_mode & (S_IWGRP | S_IWOTH)) ||
+ !(prg_info.st_mode & (S_IXGRP | S_IXOTH)))) {
+ /*
+ * User recovery: set stub to be owned by by root with permissions
+ * r*s*-x*-x.
+ */
+ log_err("Incorrect permissions on stub \"%-.1024s\"", cmd);
+ exit (251);
+ }
+ }
+ #endif
/*
* Be sure to close the log file so the CGI can't
* mess with it. If the exec fails, it will be reopened
***************
*** 486,491 ****
--- 532,538 ----
*
* Oh well, log the failure and error out.
*/
+
log_err("exec failed (%s)\n", cmd);
exit(255);
}

42
www/apache13-fp/files/patch-ff
View file

@ -1,42 +0,0 @@
*** support/Makefile.tmpl.orig Mon Mar 10 03:31:34 1997
--- support/Makefile.tmpl Thu Apr 23 13:20:33 1998
***************
*** 8,18 ****
--- 8,32 ----
INCLUDES=-I../src -I../src/regex $(INCLUDES1) $(EXTRA_INCLUDES)
LFLAGS=$(LFLAGS1) $(EXTRA_LFLAGS)
+ PREFIX?=/usr/local
+ USER_CGI_BIN?=public_html
+ HTTPD_USER?=www
+ FP_EXE=${PREFIX}/frontpage/version3.0/apache-fp/_vti_bin/fpexe
+ SYS_CGI_BIN=${PREFIX}/www/cgi-bin
+ SU_FLAGS=-DHTTPD_USER=\"${HTTPD_USER}\"
+ SU_FLAGS+=-DSYSTEM_CGI=\"${SYS_CGI_BIN}\"
+ SU_FLAGS+=-DFRONTPAGE_EXE=\"${FP_EXE}\"
+ SU_FLAGS+=-DUSERDIR_SUFFIX=\"${USER_CGI_BIN}\"
+
.c.o:
$(CC) -c $(CFLAGS) $(INCLUDES) $<
TARGETS=htpasswd htdigest httpd_monitor rotatelogs logresolve
+ .if defined(SUEXEC)
+ TARGETS+=suexec
+ .endif
+
all: $(TARGETS)
htpasswd: htpasswd.c
***************
*** 29,34 ****
--- 43,51 ----
logresolve: logresolve.c
$(CC) $(INCLUDES) $(CFLAGS) logresolve.c -o logresolve $(LIBS)
+
+ suexec: suexec.c
+ $(CC) $(INCLUDES) $(CFLAGS) ${SU_FLAGS} suexec.c -o suexec
clean:
rm -f $(TARGETS)

24
www/apache13-fp/files/patch-fh Normal file
View file

@ -0,0 +1,24 @@
*** src/include/httpd.h.orig Thu May 21 19:37:29 1998
--- src/include/httpd.h Fri May 22 16:57:19 1998
***************
*** 689,695 ****
char *unparsed_uri; /* the uri without any parsing performed */
char *uri; /* the path portion of the URI */
! char *filename;
char *path_info;
char *args; /* QUERY_ARGS, if any */
struct stat finfo; /* ST_MODE set to zero if no such file */
--- 689,700 ----
char *unparsed_uri; /* the uri without any parsing performed */
char *uri; /* the path portion of the URI */
! char *execfilename; /* physical filename to exec */
! char *filename; /* logical filename to exec -- always the same
! * except for FrontPage CGI programs where we
! * will execute the CGI program in
! * /usr/local/frontpage....
! */
char *path_info;
char *args; /* QUERY_ARGS, if any */
struct stat finfo; /* ST_MODE set to zero if no such file */

23
www/apache13-fp/files/patch-fi Normal file
View file

@ -0,0 +1,23 @@
*** src/main/http_request.c.orig Tue Oct 6 14:06:09 1998
--- src/main/http_request.c Sat Oct 31 15:49:04 1998
***************
*** 187,192 ****
--- 187,194 ----
return OK;
}
+ if (r->execfilename) path = r->execfilename;
+
#ifdef WIN32
/* If the path is x:/, then convert it to x:/., coz that's what stat
* needs to work properly
***************
*** 461,466 ****
--- 463,469 ----
res = ap_parse_htaccess(&htaccess_conf, r, overrides_here,
ap_pstrdup(r->pool, test_dirname),
sconf->access_name);
+ if (r->execfilename) r->filename = r->execfilename;
if (res)
return res;

19
www/apache13-fp/files/patch-fj Normal file
View file

@ -0,0 +1,19 @@
*** src/main/util.c.orig Sat May 9 09:27:27 1998
--- src/main/util.c Fri May 22 16:57:19 1998
***************
*** 582,588 ****
char *res;
for (x = 0; (*line)[x]; x++) {
! if (ap_isspace((*line)[x])) {
pos = x;
break;
}
--- 582,588 ----
char *res;
for (x = 0; (*line)[x]; x++) {
! if (ap_isspace((*line)[x]) && ((*line)[x] & 0x80)==0) {
pos = x;
break;
}

16
www/apache13-fp/pkg-descr
View file

@ -1,4 +1,5 @@
Apache-FP
Version 1.0 (and up)
What is it?
-----------
@ -6,7 +7,16 @@ What is it?
Apache is an HTTP server designed as a plug-in replacement for the NCSA
server version 1.3 (or 1.4). It fixes numerous bugs in the NCSA server and
includes many frequently requested new features, and has an API which
allows it to be extended to meet users' needs more easily.
Allows it to be extended to meet users' needs more easily.
Microsoft Frontpage Extentions allows web administrators and authers to
create, modify the web pages on the Apache server using Microsoft FrontPage.
Microsoft Frontpage Extentions allows web administrators and authors to
remotely manage, create, modify, or delete web pages on the Apache server
using Microsoft FrontPage 98.
Documentation
-------------
All the documentation is on-line on the WWW, via the URL's:
Apache - http://www.apache.org
FrontPage - http://www.microsoft.com/frontpage/wpp/SERK

136
www/apache13-fp/pkg-plist
View file

@ -1,58 +1,120 @@
bin/dbmmanage
bin/htdigest
bin/htpasswd
etc/apache/access.conf.default
etc/apache/httpd.conf.default
etc/apache/magic.default
etc/apache/mime.types.default
etc/apache/srm.conf.default
etc/rc.d/apache.sh
@exec mkdir -p %D/www/cgi-bin %D/www/data
etc/apache/httpd.conf-dist
etc/apache/srm.conf-dist
etc/apache/access.conf-dist
etc/apache/mime.types-dist
etc/rc.d/apache.sh.tmpl
include/apache/alloc.h
include/apache/ap.h
include/apache/ap_compat.h
include/apache/ap_config.h
include/apache/ap_config_auto.h
include/apache/ap_ctype.h
include/apache/ap_md5.h
include/apache/ap_mmn.h
include/apache/buff.h
include/apache/compat.h
include/apache/conf.h
include/apache/explain.h
include/apache/fnmatch.h
include/apache/hsregex.h
include/apache/http_conf_globals.h
include/apache/http_config.h
include/apache/http_core.h
include/apache/http_log.h
include/apache/http_main.h
include/apache/http_protocol.h
include/apache/http_request.h
include/apache/http_vhost.h
include/apache/httpd.h
include/apache/multithread.h
include/apache/os.h
include/apache/rfc1413.h
include/apache/scoreboard.h
include/apache/util_date.h
include/apache/util_md5.h
include/apache/util_script.h
include/apache/util_uri.h
libexec/apache/libproxy.so
libexec/apache/mod_auth_anon.so
libexec/apache/mod_auth_db.so
libexec/apache/mod_cern_meta.so
libexec/apache/mod_digest.so
libexec/apache/mod_expires.so
libexec/apache/mod_frontpage.so
libexec/apache/mod_headers.so
libexec/apache/mod_info.so
libexec/apache/mod_mime_magic.so
libexec/apache/mod_rewrite.so
libexec/apache/mod_speling.so
libexec/apache/mod_unique_id.so
libexec/apache/mod_usertrack.so
sbin/ab
sbin/apachectl
sbin/apxs
sbin/httpd
sbin/logresolve
sbin/rotatelogs
sbin/suexec
share/doc/apache/ABOUT_APACHE
share/doc/apache/LICENSE
share/doc/apache/README
share/doc/apache/apache_pb.gif
@exec mkdir -p %D/www
@exec ln -fs %B %D/www/data.default
@unexec rm -f %D/www/data.default
share/doc/apache/index.html
share/doc/apache/manual/LICENSE
share/doc/apache/manual/TODO
share/doc/apache/manual/bind.html
share/doc/apache/manual/cgi_path.html
share/doc/apache/manual/content-negotiation.html
share/doc/apache/manual/custom-error.html
share/doc/apache/manual/dns-caveats.html
share/doc/apache/manual/dso.html
share/doc/apache/manual/ebcdic.html
share/doc/apache/manual/env.html
share/doc/apache/manual/footer.html
share/doc/apache/manual/handler.html
share/doc/apache/manual/header.html
share/doc/apache/manual/host.html
share/doc/apache/manual/images/custom_errordocs.gif
share/doc/apache/manual/images/home.gif
share/doc/apache/manual/images/index.gif
share/doc/apache/manual/images/mod_rewrite_fig1.fig
share/doc/apache/manual/images/mod_rewrite_fig1.gif
share/doc/apache/manual/images/mod_rewrite_fig2.fig
share/doc/apache/manual/images/mod_rewrite_fig2.gif
share/doc/apache/manual/images/sub.gif
share/doc/apache/manual/index.html
share/doc/apache/manual/install.html
share/doc/apache/manual/install_1_1.html
share/doc/apache/manual/invoking.html
share/doc/apache/manual/keepalive.html
share/doc/apache/manual/location.html
share/doc/apache/manual/man-template.html
share/doc/apache/manual/misc/API.html
share/doc/apache/manual/misc/FAQ.html
share/doc/apache/manual/misc/HTTP_Features.tsv
share/doc/apache/manual/misc/client_block_api.html
share/doc/apache/manual/misc/compat_notes.html
share/doc/apache/manual/misc/custom_errordocs.html
share/doc/apache/manual/misc/descriptors.html
share/doc/apache/manual/misc/fin_wait_2.html
share/doc/apache/manual/misc/footer.html
share/doc/apache/manual/misc/header.html
share/doc/apache/manual/misc/howto.html
share/doc/apache/manual/misc/index.html
share/doc/apache/manual/misc/known_bugs.html
share/doc/apache/manual/misc/known_client_problems.html
share/doc/apache/manual/misc/nopgp.html
share/doc/apache/manual/misc/perf-bsd44.html
share/doc/apache/manual/misc/perf-dec.html
share/doc/apache/manual/misc/perf-hp.html
share/doc/apache/manual/misc/perf-tuning.html
share/doc/apache/manual/misc/perf.html
share/doc/apache/manual/misc/security_tips.html
share/doc/apache/manual/misc/vif-info.html
share/doc/apache/manual/misc/windoz_keepalive.html
share/doc/apache/manual/mod/core.html
share/doc/apache/manual/mod/directive-dict.html
share/doc/apache/manual/mod/directives.html
share/doc/apache/manual/mod/footer.html
share/doc/apache/manual/mod/header.html
@ -65,7 +127,7 @@ share/doc/apache/manual/mod/mod_auth.html
share/doc/apache/manual/mod/mod_auth_anon.html
share/doc/apache/manual/mod/mod_auth_db.html
share/doc/apache/manual/mod/mod_auth_dbm.html
share/doc/apache/manual/mod/mod_auth_msql.html
share/doc/apache/manual/mod/mod_autoindex.html
share/doc/apache/manual/mod/mod_browser.html
share/doc/apache/manual/mod/mod_cern_meta.html
share/doc/apache/manual/mod/mod_cgi.html
@ -73,6 +135,7 @@ share/doc/apache/manual/mod/mod_cookies.html
share/doc/apache/manual/mod/mod_digest.html
share/doc/apache/manual/mod/mod_dir.html
share/doc/apache/manual/mod/mod_dld.html
share/doc/apache/manual/mod/mod_dll.html
share/doc/apache/manual/mod/mod_env.html
share/doc/apache/manual/mod/mod_example.html
share/doc/apache/manual/mod/mod_expires.html
@ -80,32 +143,51 @@ share/doc/apache/manual/mod/mod_headers.html
share/doc/apache/manual/mod/mod_imap.html
share/doc/apache/manual/mod/mod_include.html
share/doc/apache/manual/mod/mod_info.html
share/doc/apache/manual/mod/mod_isapi.html
share/doc/apache/manual/mod/mod_log_agent.html
share/doc/apache/manual/mod/mod_log_common.html
share/doc/apache/manual/mod/mod_log_config.html
share/doc/apache/manual/mod/mod_log_referer.html
share/doc/apache/manual/mod/mod_mime.html
share/doc/apache/manual/mod/mod_mime_magic.html
share/doc/apache/manual/mod/mod_mmap_static.html
share/doc/apache/manual/mod/mod_negotiation.html
share/doc/apache/manual/mod/mod_proxy.html
share/doc/apache/manual/mod/mod_rewrite.html
share/doc/apache/manual/mod/mod_setenvif.html
share/doc/apache/manual/mod/mod_so.html
share/doc/apache/manual/mod/mod_speling.html
share/doc/apache/manual/mod/mod_status.html
share/doc/apache/manual/mod/mod_unique_id.html
share/doc/apache/manual/mod/mod_userdir.html
share/doc/apache/manual/mod/mod_usertrack.html
share/doc/apache/manual/multilogs.html
share/doc/apache/manual/new_features_1_0.html
share/doc/apache/manual/new_features_1_1.html
share/doc/apache/manual/new_features_1_2.html
share/doc/apache/manual/new_features_1_3.html
share/doc/apache/manual/process-model.html
share/doc/apache/manual/sections.html
share/doc/apache/manual/sourcereorg.html
share/doc/apache/manual/stopping.html
share/doc/apache/manual/suexec.html
share/doc/apache/manual/unixware.html
share/doc/apache/manual/vhosts-in-depth.html
share/doc/apache/manual/virtual-host.html
@dirrm share/doc/apache/manual/images
@dirrm share/doc/apache/manual/misc
@dirrm share/doc/apache/manual/mod
@dirrm share/doc/apache/manual
@dirrm share/doc/apache
share/doc/apache/manual/upgrading_to_1_3.html
share/doc/apache/manual/vhosts/details.html
share/doc/apache/manual/vhosts/details_1_2.html
share/doc/apache/manual/vhosts/examples.html
share/doc/apache/manual/vhosts/fd-limits.html
share/doc/apache/manual/vhosts/footer.html
share/doc/apache/manual/vhosts/header.html
share/doc/apache/manual/vhosts/host.html
share/doc/apache/manual/vhosts/index.html
share/doc/apache/manual/vhosts/ip-based.html
share/doc/apache/manual/vhosts/name-based.html
share/doc/apache/manual/vhosts/vhosts-in-depth.html
share/doc/apache/manual/vhosts/virtual-host.html
share/doc/apache/manual/windows.html
www/cgi-bin.default/printenv
www/cgi-bin.default/test-cgi
www/icons/README
www/icons/a.gif
www/icons/alert.black.gif
@ -182,9 +264,19 @@ www/icons/uu.gif
www/icons/uuencoded.gif
www/icons/world1.gif
www/icons/world2.gif
@dirrm www/cgi-bin
@dirrm www/data
@exec mkdir -p %D/www/proxy
@dirrm etc/apache
@dirrm include/apache
@dirrm libexec/apache
@dirrm share/doc/apache/manual/images
@dirrm share/doc/apache/manual/misc
@dirrm share/doc/apache/manual/mod
@dirrm share/doc/apache/manual/vhosts
@dirrm share/doc/apache/manual
@dirrm share/doc/apache
@dirrm www/cgi-bin.default
@dirrm www/icons
@dirrm www/proxy
@dirrm www
frontpage/version3.0/LICENSE.TXT
frontpage/version3.0/change_server.sh