kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

- Patch cgi-script to use absolute URL without host:port in forms.

Browse source 
This fixes problems where the hostname instead of the original host-part
  from the query will be used as target in forms (eg. in a FastCGI'd version).
    If you are for example accessing the webserver through localhost over an
  ssh-forwarded connection, the URLs would be rewritten to use the real hostname,
  thus becoming unusable. Bump PORTREVISION.
- Do not require perl at build-time
- Pet portlint
This commit is contained in:
Volker Stolz 2005-12-14 13:36:58 +00:00
parent aeef1db237
commit d815f7ff86
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=151161
2 changed files with 20 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
www/p5-ldap-abook/Makefile
View file

@ -7,6 +7,7 @@
PORTNAME= ldap-abook PORTNAME= ldap-abook
PORTVERSION= 1.00 PORTVERSION= 1.00
PORTREVISION= 1
CATEGORIES= www perl5 CATEGORIES= www perl5
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
MASTER_SITE_SUBDIR= ${PORTNAME} MASTER_SITE_SUBDIR= ${PORTNAME}
@ -15,7 +16,7 @@ PKGNAMEPREFIX= p5-
MAINTAINER= ports@FreeBSD.org MAINTAINER= ports@FreeBSD.org
COMMENT= Perl5 CGI script providing an LDAP addressbook web interface COMMENT= Perl5 CGI script providing an LDAP addressbook web interface
FORBIDDEN= Arbitrary command execution vulnerability in CGI script FORBIDDEN= "Arbitrary command execution vulnerability in CGI script"
RUN_DEPENDS= ${SITE_PERL}/AddressBook.pm:${PORTSDIR}/net/p5-AddressBook \ RUN_DEPENDS= ${SITE_PERL}/AddressBook.pm:${PORTSDIR}/net/p5-AddressBook \
${SITE_PERL}/CGI.pm:${PORTSDIR}/www/p5-CGI.pm \ ${SITE_PERL}/CGI.pm:${PORTSDIR}/www/p5-CGI.pm \
@ -23,11 +24,12 @@ RUN_DEPENDS= ${SITE_PERL}/AddressBook.pm:${PORTSDIR}/net/p5-AddressBook \
ABOOK= ${PREFIX}/www/ldap-abook ABOOK= ${PREFIX}/www/ldap-abook
CONFIG= ${PREFIX}/etc/AddressBook.conf CONFIG= ${PREFIX}/etc/AddressBook.conf
USE_PERL5= yes USE_REINPLACE= yes
USE_PERL5_RUN= yes
NO_BUILD= yes NO_BUILD= yes
post-patch: post-patch:
@${PERL} -pi -e 's|(/etc/AddressBook.conf)|${PREFIX}$$1|g' \ @${REINPLACE_CMD} -e 's|(/etc/AddressBook.conf)|${PREFIX}$$1|g' \
${WRKSRC}/cgi-bin/abook.cgi ${WRKSRC}/cgi-bin/abook.cgi
do-install: do-install:
@ -38,7 +40,7 @@ do-install:
${INSTALL_DATA} ${ABOOK}/examples/default/AddressBook.conf \ ${INSTALL_DATA} ${ABOOK}/examples/default/AddressBook.conf \
${CONFIG}-dist ${CONFIG}-dist
[ -f ${CONFIG} ] || \ [ -f ${CONFIG} ] || \
install -o root -g www -m 640 ${CONFIG}-dist ${CONFIG} ${INSTALL} -o root -g www -m 640 ${CONFIG}-dist ${CONFIG}
post-install: post-install:
@${CAT} ${PKGMESSAGE} @${CAT} ${PKGMESSAGE}

14
www/p5-ldap-abook/files/patch-cgi-bin_abook.cgi Normal file
View file

@ -0,0 +1,14 @@
$FreeBSD$
--- cgi-bin/abook.cgi.orig
+++ cgi-bin/abook.cgi
@@ -39,7 +39,7 @@
my $config_file='/usr/local/etc/AddressBook.conf';
my $query = CGI::new();
-my $myURL=$query->url;
+my $myURL=$query->url(-absolute=>1);
my $op = $query->param(op);
my $entry;
my $error_msg = "";