summaryrefslogtreecommitdiffstats
path: root/www/apache13-fp/files
diff options
context:
space:
mode:
authorsteve <steve@FreeBSD.org>1998-11-10 01:56:01 +0000
committersteve <steve@FreeBSD.org>1998-11-10 01:56:01 +0000
commitfb78164b4829217db239aad57723d77e28bb751a (patch)
tree46b1879e6b74d2218a6f87fe5e671941722a85c9 /www/apache13-fp/files
parent53fb01f0c0a9fba2fcd65d675420e626dfc081e2 (diff)
downloadFreeBSD-ports-fb78164b4829217db239aad57723d77e28bb751a.zip
FreeBSD-ports-fb78164b4829217db239aad57723d77e28bb751a.tar.gz
Fixup port to provide Apache version 1.3.3 with FrontPage extensions.
PR: 8522 Submitted by: maintainer
Diffstat (limited to 'www/apache13-fp/files')
-rw-r--r--www/apache13-fp/files/apache.sh.tmpl47
-rw-r--r--www/apache13-fp/files/mod_frontpage.c784
-rw-r--r--www/apache13-fp/files/patch-aa184
-rw-r--r--www/apache13-fp/files/patch-ab198
-rw-r--r--www/apache13-fp/files/patch-ag72
-rw-r--r--www/apache13-fp/files/patch-ak40
-rw-r--r--www/apache13-fp/files/patch-al50
-rw-r--r--www/apache13-fp/files/patch-fd127
-rw-r--r--www/apache13-fp/files/patch-fe267
-rw-r--r--www/apache13-fp/files/patch-ff42
-rw-r--r--www/apache13-fp/files/patch-fh24
-rw-r--r--www/apache13-fp/files/patch-fi23
-rw-r--r--www/apache13-fp/files/patch-fj19
13 files changed, 1373 insertions, 504 deletions
diff --git a/www/apache13-fp/files/apache.sh.tmpl b/www/apache13-fp/files/apache.sh.tmpl
new file mode 100644
index 0000000..95855ce
--- /dev/null
+++ b/www/apache13-fp/files/apache.sh.tmpl
@@ -0,0 +1,47 @@
+#!/bin/sh
+#
+
+#
+# Create New FrontPage suidkey
+#
+
+new_key() {
+
+ skdir=PREFIX/frontpage/currentversion/apache-fp
+ PERL=PERL5
+
+ #NOTE: We need Perl 5, to generate a new key
+ if [ -x ${PERL} ]
+ then
+ ${PERL} -e '@a=(split(//, "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*-=_+")); print((map {$a[rand(scalar @a)]} (1..128)), "\n");' > $skdir/suidkey
+ fi
+
+}
+
+#
+# Main
+#
+
+case "$1" in
+
+start)
+ if [ -x PREFIX/sbin/apachectl ]
+ then
+ new_key
+ PREFIX/sbin/apachectl start && echo -n ' httpd'
+ fi
+ ;;
+
+stop)
+ if [ -r /var/run/httpd.pid ]
+ then
+ PREFIX/sbin/apachectl stop && echo -n ' httpd'
+ fi
+ ;;
+
+*)
+ echo "usage: $0 {start|stop}" 1>&2
+ exit 64
+ ;;
+
+esac
diff --git a/www/apache13-fp/files/mod_frontpage.c b/www/apache13-fp/files/mod_frontpage.c
new file mode 100644
index 0000000..bf3cea3
--- /dev/null
+++ b/www/apache13-fp/files/mod_frontpage.c
@@ -0,0 +1,784 @@
+/* ====================================================================
+ *
+ * Apache FrontPage module.
+ *
+ * Copyright (c) 1996-1997 Microsoft Corporation -- All Rights Reserved.
+ *
+ * NO WARRANTIES. Microsoft expressly disclaims any warranty for this code and
+ * information. This code and information and any related documentation is
+ * provided "as is" without warranty of any kind, either express or implied,
+ * including, without limitation, the implied warranties or merchantability,
+ * fitness for a particular purpose, or noninfringement. The entire risk
+ * arising out of use or performance of this code and information remains with
+ * you.
+ *
+ * NO LIABILITY FOR DAMAGES. In no event shall Microsoft or its suppliers be
+ * liable for any damages whatsoever (including, without limitation, damages
+ * for loss of business profits, business interruption, loss of business
+ * information, or any other pecuniary loss) arising out of the use of or
+ * inability to use this Microsoft product, even if Microsoft has been advised
+ * of the possibility of such damages. Because some states/jurisdictions do not
+ * allow the exclusion or limitation of liability for consequential or
+ * incidental damages, the above limitation may not apply to you.
+ *
+ * $Revision: 1.3 $
+ * $Date: 1997/10/15 17:23:46 $
+ *
+ */
+
+
+/*
+ * User configurable items. We will not run the server extensions with any
+ * UID/GID less than LOWEST_VALID_UID/LOWEST_VALID_GID.
+ */
+
+#if defined(LINUX)
+#define LOWEST_VALID_UID 15
+#else
+#define LOWEST_VALID_UID 11
+#endif
+
+#if defined(HPUX) || defined(IRIX) || defined(SUNOS4)
+#define LOWEST_VALID_GID 20
+#else
+#if defined(SCO)
+#define LOWEST_VALID_GID 24
+#else
+#define LOWEST_VALID_GID 21 /* Solaris, AIX, Alpha, Bsdi, *BSD, etc. */
+#endif
+#endif
+
+/*
+ * End of user configurable items
+ */
+
+
+#include "httpd.h"
+#include "http_config.h"
+#include "http_conf_globals.h"
+#include "http_log.h"
+
+#include <stdio.h>
+#include <sys/time.h>
+
+#if defined(UWARE7) || UW==700
+#define Vstat stat32
+#define Vlstat lstat32
+#else
+#define Vstat stat
+#define Vlstat lstat
+#endif
+
+#ifndef TRUE
+#define TRUE 1
+#endif
+
+#ifndef FALSE
+#define FALSE 0
+#endif
+
+#ifndef MAXPATHLEN
+#define MAXPATHLEN 1024
+#endif
+#if (MAXPATHLEN < 1024)
+#undef MAXPATHLEN
+#define MAXPATHLEN 1024
+#endif
+
+#define KEYLEN 128 /* Should be a multiple of sizeof(int) */
+
+static char gszKeyVal[KEYLEN+1]; /* SUID key value used by this module */
+static int gfdKeyPipe[2]; /* Pipe to fpexe stub CGI */
+static int gbKeyPipeActive = FALSE;/* Pipe to fpexe stub CGI is active */
+static int gbEnabled = FALSE; /* TRUE when SUID scheme is enabled */
+#if !defined(SHARED_MODULE)
+static int giInitializeCount = 0; /* FrontPageInit called previously */
+#endif
+
+static const char* FP =
+ "/usr/local/frontpage/currentversion";
+static const char* FPKEYDIR =
+ "/usr/local/frontpage/currentversion/apache-fp";
+static const char* KEYFILEXOR =
+ "/usr/local/frontpage/currentversion/apache-fp/suidkey";
+static const char* KEYFILE =
+ "/usr/local/frontpage/currentversion/apache-fp/suidkey.%d";
+static const char* FPSTUBDIR =
+ "/usr/local/frontpage/currentversion/apache-fp/_vti_bin";
+static const char* FPSTUB =
+ "/usr/local/frontpage/currentversion/apache-fp/_vti_bin/fpexe";
+static const char* SHTML =
+ "/_vti_bin/shtml.exe";
+static const char* SHTML2 =
+ "/_vti_bin/shtml.dll";
+static const char* VTI_BIN =
+ "/_vti_bin";
+static const char* FPCOUNT =
+ "/_vti_bin/fpcount.exe";
+static const char* AUTHOR =
+ "/_vti_bin/_vti_aut/author.exe" ;
+static const char* ADMIN =
+ "/_vti_bin/_vti_adm/admin.exe" ;
+
+MODULE_VAR_EXPORT module frontpage_module;
+
+/*
+ * Print a descriptive error in the httpd's error_log. The format string
+ * should be length limited so that it is no longer than 1800 bytes.
+ */
+static void LogFrontPageError(
+ server_rec* s,
+ const char* szFormat,
+ const char* szFile,
+ const char* szRoutine,
+ int bIsDisabled)
+{
+ char szBuf[MAXPATHLEN * 2];
+ sprintf(szBuf, szFormat, szFile);
+ strcat(szBuf, " in ");
+ strcat(szBuf, szRoutine);
+ strcat(szBuf, ".");
+ if (bIsDisabled)
+ {
+ strcat(szBuf, " Until this problem is fixed, the FrontPage security patch is disabled and the FrontPage extensions may not work correctly.");
+ gbEnabled = FALSE; /* Make double sure we're not enabled */
+ }
+ ap_log_error(APLOG_MARK, APLOG_ERR, s, szBuf);
+}
+
+
+/*
+ * Clean up stale keyfiles. Failure to clean up stale keyfiles does not
+ * stop the FrontPage SUID scheme.
+ */
+static void FrontPageCleanup(server_rec *s)
+{
+ DIR *d;
+ struct DIR_TYPE *dstruct;
+ int myPid = getpid();
+
+ if (!(d = opendir(FPKEYDIR)))
+ {
+ /*
+ * This should be a rare occurrence, because we're running as root and
+ * should have access to the directory. Stale key files can be
+ * exploited. User recovery: Check that the directory exists and is
+ * properly protected (owned by root, permissions rwx--x--x), and that
+ * there are no stale key files in it (suidkey.*, where * is a
+ * non-existant PID).
+ */
+ LogFrontPageError(s, "Can't clean stale key files from directory \"%-.1024s\"",
+ FPKEYDIR, "FrontPageCleanup()", FALSE);
+ return;
+ }
+
+ while ((dstruct = readdir(d)))
+ {
+ if (strncmp("suidkey.", dstruct->d_name, 8) == 0)
+ {
+ /*
+ * Make sure the key file contains a pid number - otherwise
+ * it is harmless and you can ignore it.
+ */
+ char* pEnd = 0;
+ int pid = strtol(dstruct->d_name + 8, &pEnd, 10);
+ if (!pEnd || *pEnd)
+ continue;
+
+ /*
+ * Make sure there isn't some other server using this key file.
+ * If the process group isn't alive, then the file is stale
+ * and we want to remove it.
+ */
+ if (pid == myPid || kill(pid, 0) == -1)
+ {
+ char szBuf[MAXPATHLEN];
+ sprintf(szBuf, "%-.500s/%-.500s", FPKEYDIR, dstruct->d_name);
+ if (unlink(szBuf) == -1)
+ {
+ /*
+ * This should be a rare occurrence, because we're running
+ * as root and should always have permission to delete the
+ * file. Stale key files can be exploited. User recovery:
+ * delete the offending file.
+ */
+ LogFrontPageError(s, "Can't unlink stale key file \"%-.1024s\"",
+ szBuf, "FrontPageCleanup()", FALSE);
+ }
+ }
+ }
+ }
+
+ closedir(d);
+}
+
+/*
+ * Checks that all the permissions are currently correct for the FrontPage
+ * fpexe SUID stub to run correctly. If not, it logs an error and aborts
+ * initialization, effectively disabling the FrontPage SUID scheme.
+ * It checks both the file permissions (owned by root and not writable to
+ * group, other) and that the directory is not writable.
+ */
+static int FrontPageCheckup(server_rec *s)
+{
+ struct stat fs;
+
+ if (geteuid() != 0)
+ {
+ /*
+ * We need to be root to have the security scheme work correctly.
+ * User recovery: run the server as root.
+ */
+ LogFrontPageError(s, "Not running as root",
+ 0, "FrontPageCheckup()", TRUE);
+ return (FALSE);
+ }
+
+ if (Vlstat(FPKEYDIR, &fs) == -1 || /* We can't stat the key dir */
+ fs.st_uid || /* key dir not owned by root */
+ (fs.st_mode & (S_IRGRP | S_IROTH)) || /* key dir is readable */
+ (fs.st_mode & (S_IWGRP | S_IWOTH)) || /* key dir is writable */
+ !(fs.st_mode & (S_IXGRP | S_IXOTH)) || /* key dir is not executable */
+ !(S_ISDIR(fs.st_mode)))
+ {
+ /*
+ * User recovery: set directory to be owned by by root with permissions
+ * rwx--x--x. Note you need the execute bit for group and other so
+ * that non-root programs can run apache-fp/_vti_bin/fpexe (even though
+ * non-root cannot list the directory).
+ */
+ LogFrontPageError(s, "Incorrect permissions on key directory \"%-.1024s\", needs root ownership and perms rwx--x--x",
+ FPKEYDIR, "FrontPageCheckup()", TRUE);
+ return (FALSE);
+ }
+
+ if (Vlstat(FPSTUBDIR, &fs) == -1 || /* We can't stat the stub dir */
+ fs.st_uid || /* stub dir not owned by root */
+ (fs.st_mode & (S_IWGRP | S_IWOTH)) || /* stub dir is writable */
+ (!S_ISDIR(fs.st_mode)))
+ {
+ /*
+ * User recovery: set directory to be owned by by root with permissions
+ * r*x*-x*-x.
+ */
+ LogFrontPageError(s, "Incorrect permissions on stub directory \"%-.1024s\", needs root ownership and perms r*x*-x*-x",
+ FPSTUBDIR, "FrontPageCheckup()", TRUE);
+ return (FALSE);
+ }
+
+ if (Vstat(FPSTUB, &fs) == -1 || /* We can't stat the stub */
+ fs.st_uid || /* stub not owned by root */
+ !(fs.st_mode & S_ISUID) || /* stub is not set-uid */
+ (fs.st_mode & S_ISGID) || /* stub is set-gid */
+ (fs.st_mode & (S_IWGRP | S_IWOTH)) || /* stub is writable */
+ !(fs.st_mode & (S_IXGRP | S_IXOTH))) /* stub is not executable */
+ {
+ /*
+ * User recovery: set stub to be owned by by root with permissions
+ * r*s*-x*-x.
+ */
+ LogFrontPageError(s, "Incorrect permissions on stub \"%-.1024s\", needs root ownership and perms r*s*-x*-x",
+ FPSTUB, "FrontPageCheckup()", TRUE);
+ return (FALSE);
+ }
+
+ return (TRUE);
+}
+
+
+/*
+ * Module-initializer: Create the suidkey file and local value.
+ * Everything needs to be just right, or we don't create the key file, and
+ * therefore, the fpexe SUID stub refuses to run.
+ */
+static void FrontPageInit(server_rec *s, pool *p)
+{
+ int fdPipe[2];
+ pid_t pid;
+ FILE *f;
+ struct stat fs;
+ int fd;
+ char szKeyFile[MAXPATHLEN];
+ int iRandom[5];
+ char* szRandom = (char*)iRandom;
+ struct timeval tp;
+ struct timezone tz;
+
+ (void)p; /* p is unused */
+
+#if !defined(SHARED_MODULE)
+ /*
+ * Standalone servers call initialization twice: once in main() and again
+ * in standalone_main(). The fully initializing on the the first call is a
+ * waste of time, and a race condition can leave a stale suidkey.pgrpid
+ * file around.
+ */
+ if (ap_standalone && !giInitializeCount++)
+ return;
+#endif
+
+ /*
+ * Disable the suid scheme until everything falls perfectly into place.
+ */
+ gbEnabled = FALSE;
+ gbKeyPipeActive = FALSE;
+
+ /*
+ * Clean up old key files before we start
+ */
+ FrontPageCleanup(s);
+ if (!FrontPageCheckup(s))
+ return;
+
+ if (pipe(fdPipe) == -1)
+ {
+ /*
+ * This should be a rare occurrence. User recovery: check to see why
+ * the system cannot allocate a pipe (is the file table full from
+ * run-away processes?), and fix the problem or reboot, then try again.
+ */
+ LogFrontPageError(s, "pipe() failed", 0, "FrontPageInit()", TRUE);
+ return;
+ }
+
+ gettimeofday(&tp, &tz);
+ iRandom[0] = tp.tv_sec;
+ iRandom[1] = tp.tv_usec | tp.tv_usec << 20;
+
+ pid = fork();
+ if (pid == -1)
+ {
+ /*
+ * This should be a rare occurrence. User recovery: check to see why
+ * the system cannot allocate a process (is the process table full from
+ * run-away processes?), and fix the problem or reboot, then try again.
+ */
+ LogFrontPageError(s, "fork() failed", 0, "FrontPageInit()", TRUE);
+ return;
+ }
+
+ if (pid)
+ {
+ /*
+ * I am the parent process. Try to read a random number from the
+ * child process.
+ */
+
+ unsigned int npos = (unsigned int)-1;
+ unsigned int v1 = npos, v2 = npos, v3 = npos, v4 = npos;
+ int stat;
+ int iCount;
+
+ close(fdPipe[1]);
+ if (waitpid(pid, &stat, 0) == -1 ||
+ (!WIFEXITED(stat) || WIFEXITED(stat) && WEXITSTATUS(stat)))
+ {
+ /*
+ * This should be a rare occurrence. User recovery: Make sure you
+ * have a /bin/sh, or change the shell location in the execl
+ * command below. Try the commands defined in RAND_CMD in a
+ * /bin/sh session to make sure they work properly. Rebuild this
+ * module and your httpd with the proper commands.
+ */
+ LogFrontPageError(s, "Random number generator exited abnormally", 0,
+ "FrontPageInit()", TRUE);
+ return;
+ }
+
+ iCount = read(fdPipe[0], gszKeyVal, KEYLEN);
+ close(fdPipe[0]);
+ if (iCount < 0)
+ {
+ /*
+ * This should be a rare occurrence. See the above comment under
+ * the waitpid failure condition for user recovery steps.
+ */
+ LogFrontPageError(s, "Could not read random numbers", 0,
+ "FrontPageInit()", TRUE);
+ return;
+ }
+ gszKeyVal[iCount] = 0;
+
+ sscanf(gszKeyVal, "%u %u %u %u", &v2, &v1, &v4, &v3);
+ if (v1 == npos || v2 == npos || v3 == npos || v4 == npos)
+ {
+ /*
+ * This should be a rare occurrence. See the above comment under
+ * the waitpid failure condition for user recovery steps.
+ */
+ LogFrontPageError(s, "Could not scan random numbers", 0,
+ "FrontPageInit()", TRUE);
+ return;
+ }
+
+ iRandom[2] = (v1 << 16) + v2 + (v4 << 12) + v3;
+ }
+ else
+ {
+ /*
+ * I am the child process. Create a random number which shouldn't
+ * be easily duplicated.
+ */
+
+ if (dup2(fdPipe[1], 1) == -1)
+ exit(1); /* Parent picks up the error */
+
+ close(fdPipe[0]);
+
+#ifdef LINUX
+#define RAND_CMD "/bin/ps laxww | /usr/bin/sum ; /bin/ps laxww | /usr/bin/sum"
+#else
+#if defined ( bsdi ) || ( defined ( BSD ) && ( BSD >=199103 ))
+#define RAND_CMD "/bin/ps laxww | /usr/bin/cksum -o 1 ; /bin/ps laxww | /usr/bin/cksum -o 1"
+#else
+#define RAND_CMD "/bin/ps -ea | /bin/sum ; /bin/ps -ea | /bin/sum"
+#endif
+#endif
+ execl("/bin/sh", "/bin/sh", "-c", RAND_CMD, NULL);
+ exit(1);
+ }
+
+ gettimeofday(&tp, &tz);
+ iRandom[3] = tp.tv_sec;
+ iRandom[4] = tp.tv_usec | tp.tv_usec << 20;
+
+ /*
+ * See if there is an 'suidkey' file to merge into our key.
+ */
+ if (Vstat(KEYFILEXOR, &fs) == -1)
+ {
+ /*
+ * It's a security violation if the key file is not present. User
+ * recovery: Make sure the key file is present and properly protected
+ * (owned by root, permissions r**------).
+ */
+ LogFrontPageError(s, "The key file \"%-.1024s\" does not exist",
+ KEYFILEXOR, "FrontPageInit()", TRUE);
+ return;
+ }
+ else
+ {
+ int i, iCount;
+ char szBuf[KEYLEN];
+
+ if ((fs.st_mode & (S_IRWXG | S_IRWXO)) || fs.st_uid)
+ {
+ /*
+ * It's a security violation if the key file is not owned by root,
+ * and is not protected from all other group. User recovery: Make
+ * sure the key file is properly protected (owned by root,
+ * permissions r**------).
+ */
+ LogFrontPageError(s, "The key file \"%-.1024s\" must be owned by root and have permissions r**------",
+ KEYFILEXOR, "FrontPageInit()", TRUE);
+ return;
+ }
+
+ if ((fd = open(KEYFILEXOR, O_RDONLY)) == -1)
+ {
+ /*
+ * This should be a rare occurrence. User recovery: Make sure
+ * the key file exists, is properly owned and protected, and is
+ * readable.
+ */
+ LogFrontPageError(s, "Cannot open key file \"%-.1024s\"",
+ KEYFILEXOR, "FrontPageInit()", TRUE);
+ return;
+ }
+
+ iCount = read(fd, szBuf, KEYLEN);
+ if (iCount < 8)
+ {
+ /*
+ * The keyfile must be at least 8 bytes. If it longer than 128
+ * bytes, only the first 128 bytes will be used. Any character
+ * value from 0-255 is fine. User recovery: Make sure the key file
+ * is at least 8 bytes long.
+ */
+ LogFrontPageError(s, "Key file \"%-.1024s\" is unreadable or is too short (must be at least 8 bytes)",
+ KEYFILEXOR, "FrontPageInit()", TRUE);
+ return;
+ }
+
+ /*
+ * Now generate the effective key we'll be using by XORing your key
+ * with 5 "random" 32-bit integers. The primary security of this
+ * scheme is your key; properly setting it and changing it often keeps
+ * the FrontPage SUID scheme secure. All this work above to generate 5
+ * random 32-bit integers is soley to make your key somewhat harder to
+ * crack (assuming the key files are properly protected). If you don't
+ * like the algorithm used to generate the 5 random integers, feel free
+ * to substitute as appropriate (check out SGI's Lavarand (TM) at
+ * lavarand.sgi.com).
+ */
+ for (i = 0; i < KEYLEN; i++)
+ gszKeyVal[i] = szBuf[i % iCount] ^ szRandom[i % sizeof(iRandom)];
+ close(fd);
+ }
+
+#if defined(SUNOS4)
+ pid = getpgrp(0);
+#else
+ pid = getpgrp();
+#endif
+ sprintf(szKeyFile, KEYFILE, (int)pid);
+
+ fd = creat(szKeyFile, 0600);
+ if (fd < 0)
+ {
+ /*
+ * This should be a rare occurrence, because we're running as root and
+ * should always have permission to create the file. User recovery:
+ * check that you are not out of disk space, or that the file is not
+ * NFS-mounted on a share where you do not have permissions.
+ */
+ LogFrontPageError(s, "Could not create key file \"%-.1024s\"",
+ szKeyFile, "FrontPageInit()", TRUE);
+ return;
+ }
+
+ if (write(fd, gszKeyVal, 128) != 128)
+ {
+ /*
+ * This should be a rare occurrence. User recovery: check that you are
+ * not out of disk space.
+ */
+ close(fd);
+ unlink(szKeyFile);
+ LogFrontPageError(s, "Could not write to key file \"%-.1024s\"",
+ szKeyFile, "FrontPageInit()", TRUE);
+ return;
+ }
+
+ close(fd);
+
+ /*
+ * Everything looks OK enough to start the suid scheme.
+ */
+ gbEnabled = TRUE;
+
+ /*
+ * Thanks to Scot Hetzel (hetzels@westbend.net)
+ */
+ ap_add_version_component("FrontPage/3.0.4.3");
+}
+
+
+/*
+ * Look for a valid FrontPage extensions scenario and fake a scriptalias if
+ * appropriate. If there are any problems, we silently decline.
+ */
+static int FrontPageAlias(
+ request_rec* r,
+ char* szCgi,
+ const char* szFpexe)
+{
+ int iLen;
+ struct stat webroot;
+ struct stat vti_pvt;
+ struct stat stub;
+ char szBuf[MAXPATHLEN];
+ char chSave;
+ char szFormat[MAXPATHLEN * 2];
+
+ /*
+ * Decline if we cannot run the stub, or it is writable.
+ */
+ if (Vstat(FPSTUB, &stub) == -1 || !(stub.st_mode & S_IXOTH) ||
+ stub.st_mode & (S_IWGRP | S_IWOTH))
+ {
+ /*
+ * The stub used to be correctly permissioned; what happened? User
+ * recovery: set stub to be owned by by root with permissions
+ * r*s*-x*-x.
+ */
+ LogFrontPageError(r->server, "Incorrect permissions on stub \"%-.1024s\", must be owned by root with permissions r*s*-x*-x",
+ FPSTUB, "FrontPageAlias()", FALSE);
+ return DECLINED;
+ }
+
+ chSave = szCgi[1];
+ szCgi[1] = '\0';
+ ap_translate_name(r);
+ szCgi[1] = chSave;
+
+ /*
+ * Zap trailing slash that confuses some OSes.
+ */
+ iLen = strlen(r->filename);
+ r->filename[--iLen] = 0;
+
+ if (iLen > MAXPATHLEN - 10)
+ return DECLINED;
+ sprintf(szBuf, "%s/_vti_pvt", r->filename);
+
+ /*
+ * Decline if webroot and webroot/_vti_pvt don't have the same
+ * user and group or uid < LOWEST_VALID_UID or gid < LOWEST_VALID_GID.
+ */
+ if (Vstat(szBuf, &vti_pvt) == -1 ||
+ vti_pvt.st_uid < LOWEST_VALID_UID ||
+ vti_pvt.st_gid < LOWEST_VALID_GID ||
+ Vstat(r->filename, &webroot) != 0 ||
+ webroot.st_uid != vti_pvt.st_uid ||
+ webroot.st_gid != vti_pvt.st_gid)
+ {
+ /*
+ * The webroot and webroot/_vti_pvt don't match. User recovery: fix
+ * the owners and groups of both directories to match, and have both a
+ * uid and gid in the allowable range.
+ */
+ sprintf(szFormat, "Incorrect permissions on webroot \"\%-.0124s\" and webroot's _vti_pvt directory, the owners and groups must match and have a uid >= %d and gid >= %d", LOWEST_VALID_UID, LOWEST_VALID_GID);
+
+ LogFrontPageError(r->server, szFormat,
+ szBuf, "FrontPageAlias()", FALSE);
+ return DECLINED;
+ }
+
+ /*
+ * If the pipe is active, it was because we previously executed a CGI.
+ * That CGI must have finished by now (otherwise we wouldn't be processing
+ * this next request), so we can and should close the pipe to avoid a
+ * resource leak.
+ */
+ if (gbKeyPipeActive)
+ {
+ close(gfdKeyPipe[0]);
+ gbKeyPipeActive = FALSE;
+ }
+
+ /*
+ * If we can't get a pipe, that's really bad. We'll log an error, and
+ * decline. This should be a rare occurrence. User recovery: check to see
+ * why the system cannot allocate a pipe (is the file table full from
+ * run-away processes?), and fix the problem or reboot, then try again.
+ */
+ if (pipe(gfdKeyPipe) == -1)
+ {
+ LogFrontPageError(r->server, "pipe() failed", 0,
+ "FrontPageAlias()", FALSE);
+ return DECLINED;
+ }
+
+ /*
+ * Note: ap_pstrdup allocates memory, but it checks for out of memory
+ * conditions - it will not return if out of memory.
+ */
+ r->handler = ap_pstrdup(r->pool, "cgi-script");
+ ap_table_set(r->notes, "alias-forced-type", r->handler);
+
+ ap_table_set(r->subprocess_env, "FPEXE", ap_pstrdup(r->pool, szFpexe));
+ sprintf(szBuf, "%d", webroot.st_uid );
+ ap_table_set(r->subprocess_env, "FPUID", ap_pstrdup(r->pool, szBuf));
+ sprintf(szBuf, "%d", webroot.st_gid );
+ ap_table_set(r->subprocess_env, "FPGID", ap_pstrdup(r->pool, szBuf));
+ sprintf(szBuf, "%d", gfdKeyPipe[0]);
+ ap_table_set(r->subprocess_env, "FPFD", ap_pstrdup(r->pool, szBuf));
+
+ r->execfilename = ap_pstrcat(r->pool, FPSTUB, szCgi + strlen(szFpexe), NULL);
+ r->filename = ap_pstrcat(r->pool, r->filename, szCgi, NULL);
+
+ if (write(gfdKeyPipe[1], gszKeyVal, 128) != 128)
+ {
+ /*
+ * If we can't write to the pipe, that's really bad. We'll log an
+ * error, and decline. This should be a rare occurrence. User
+ * recovery: check to see why the system cannot write to the pipe (is
+ * the system being choked with too much load?), and fix the problem or
+ * reboot, then try again.
+ */
+ LogFrontPageError(r->server, "Write to pipe failed", 0,
+ "FrontPageAlias()", FALSE);
+ close (gfdKeyPipe[0]);
+ close (gfdKeyPipe[1]);
+ return DECLINED;
+ }
+ close(gfdKeyPipe[1]);
+
+ gbKeyPipeActive = TRUE;
+ return OK;
+}
+
+
+/*
+ * This routine looks for shtml.exe, fpcount.exe, author.exe and admin.exe
+ * in a URI, and if found we call FrontPageAlias() to check for a valid
+ * FrontPage scenario.
+ *
+ * The return value is OK or DECLINED.
+ */
+static int FrontPageXlate(
+ request_rec *r)
+{
+ char *szVti;
+ char *szCgi;
+
+ /*
+ * Decline if we're improperly initialized.
+ */
+ if (!gbEnabled)
+ return DECLINED;
+
+ /*
+ * Check once for anything with _vti_bin. This is much faster than
+ * checking all four paths, because anything without this is definitely
+ * not a FrontPage scenario.
+ */
+ if (!(szVti = strstr(r->uri, VTI_BIN)))
+ return DECLINED;
+
+ /*
+ * Test for FrontPage server extenders:
+ * .../_vti_bin/shtml.exe...
+ * .../_vti_bin/shtml.dll...
+ * .../_vti_bin/fpcount.exe...
+ * .../_vti_bin/_vti_aut/author.exe...
+ * .../_vti_bin/_vti_adm/admin.exe...
+ */
+ if (szCgi = strstr(szVti, AUTHOR ))
+ return FrontPageAlias(r, szCgi, AUTHOR);
+ /*
+ * Convert inadvertent shtml.dll to shtml.exe
+ * Thanks for the idea to Scot Hetzel (hetzels@westbend.net)
+ */
+ if (szCgi = strstr(szVti, SHTML2 ))
+ {
+ int iShtmlExtPos = strlen(SHTML2) - 3;
+ strncpy(szCgi + iShtmlExtPos, SHTML + iShtmlExtPos, 3);
+ }
+ if (szCgi = strstr(szVti, SHTML ))
+ return FrontPageAlias(r, szCgi, SHTML);
+ if (szCgi = strstr(szVti, ADMIN ))
+ return FrontPageAlias(r, szCgi, ADMIN);
+ if (szCgi = strstr(szVti, FPCOUNT))
+ return FrontPageAlias(r, szCgi, FPCOUNT);
+
+ return DECLINED;
+}
+
+
+/*
+ * Declare ourselves so the configuration routines can find us.
+ */
+module MODULE_VAR_EXPORT frontpage_module =
+{
+ STANDARD_MODULE_STUFF,
+ FrontPageInit, /* initializer */
+ NULL, /* per-directory config creater */
+ NULL, /* dir config merger - default is to override */
+ NULL, /* server config creator */
+ NULL, /* server config merger */
+ NULL, /* command table */
+ NULL, /* [6] list of handlers */
+ FrontPageXlate, /* [1] filename-to-URI translation */
+ NULL, /* [4] check/validate HTTP user_id */
+ NULL, /* [5] check HTTP user_id is valid *here* */
+ NULL, /* [3] check access by host address, etc. */
+ NULL, /* [6] MIME type checker/setter */
+ NULL, /* [7] fixups */
+ NULL, /* [9] logger */
+ NULL, /* [2] header parser */
+ NULL, /* child_init */
+ NULL, /* child_exit */
+ NULL /* post read-request */
+};
diff --git a/www/apache13-fp/files/patch-aa b/www/apache13-fp/files/patch-aa
index 1ac59f8..95661a0 100644
--- a/www/apache13-fp/files/patch-aa
+++ b/www/apache13-fp/files/patch-aa
@@ -1,148 +1,40 @@
-*** src/Configuration.orig Sun Jul 6 06:20:07 1997
---- src/Configuration Tue Jul 15 01:18:42 1997
+*** configure.orig Thu Sep 17 12:07:53 1998
+--- configure Thu Sep 24 03:57:33 1998
***************
-*** 41,49 ****
- # Settings here have priority; If not set, Configure will attempt to guess
- # the C compiler, and set OPTIM to '-O2'
- #
-! EXTRA_CFLAGS=
- EXTRA_LFLAGS=
-! EXTRA_LIBS=
- EXTRA_INCLUDES=
-
- #CC=
---- 41,62 ----
- # Settings here have priority; If not set, Configure will attempt to guess
- # the C compiler, and set OPTIM to '-O2'
- #
-! EXTRA_CFLAGS= \
-! -DHTTPD_ROOT=\"${PREFIX}/etc/apache/\" \
-! -DDOCUMENT_LOCATION=\"${PREFIX}/www/data/\" \
-! -DSERVER_CONFIG_FILE=\"httpd.conf\" \
-! -DRESOURCE_CONFIG_FILE=\"srm.conf\" \
-! -DTYPES_CONFIG_FILE=\"mime.types\" \
-! -DACCESS_CONFIG_FILE=\"access.conf\" \
-! -DDEFAULT_PATH=\"/bin:/usr/bin:${PREFIX}/bin\" \
-! -DSUEXEC_BIN=\"${PREFIX}/sbin/suexec\" \
-! -DDEFAULT_XFERLOG=\"/var/log/httpd-access.log\" \
-! -DDEFAULT_ERRORLOG=\"/var/log/httpd-error.log\" \
-! -DDEFAULT_PIDLOG=\"/var/run/httpd.pid\" \
-! -DDEFAULT_SCOREBOARD=\"/var/run/apache_runtime_status\" \
-! -DDEFAULT_LOCKFILE=\"/var/spool/lock/accept.lock\"
- EXTRA_LFLAGS=
-! EXTRA_LIBS=-lmd
- EXTRA_INCLUDES=
-
- #CC=
+*** 870,877 ****
+ echo " DEFAULT_PIDLOG: ${runtimedir_relative}httpd.pid"
+ echo " DEFAULT_SCOREBOARD: ${runtimedir_relative}httpd.scoreboard"
+ echo " DEFAULT_LOCKFILE: ${runtimedir_relative}httpd.lock"
+! echo " DEFAULT_XFERLOG: ${logfiledir_relative}access_log"
+! echo " DEFAULT_ERRORLOG: ${logfiledir_relative}error_log"
+ echo " TYPES_CONFIG_FILE: ${sysconfdir_relative}mime.types"
+ echo " SERVER_CONFIG_FILE: ${sysconfdir_relative}httpd.conf"
+ echo " ACCESS_CONFIG_FILE: ${sysconfdir_relative}access.conf"
+--- 870,877 ----
+ echo " DEFAULT_PIDLOG: ${runtimedir_relative}httpd.pid"
+ echo " DEFAULT_SCOREBOARD: ${runtimedir_relative}httpd.scoreboard"
+ echo " DEFAULT_LOCKFILE: ${runtimedir_relative}httpd.lock"
+! echo " DEFAULT_XFERLOG: ${logfiledir_relative}httpd-access.log"
+! echo " DEFAULT_ERRORLOG: ${logfiledir_relative}httpd-error.log"
+ echo " TYPES_CONFIG_FILE: ${sysconfdir_relative}mime.types"
+ echo " SERVER_CONFIG_FILE: ${sysconfdir_relative}httpd.conf"
+ echo " ACCESS_CONFIG_FILE: ${sysconfdir_relative}access.conf"
***************
-*** 162,173 ****
- ## STATUS=yes (see the Rules section near the start of this file) to allow
- ## full status information. Check conf/access.conf on how to enable this.
-
-! # Module status_module mod_status.o
-
- ## The Info module displays configuration information for the server and
- ## all included modules. It's very useful for debugging.
-
-! # Module info_module mod_info.o
-
- ## mod_include translates server-side include (SSI) statements in text files.
- ## mod_dir handles requests on directories and directory indexes.
---- 175,186 ----
- ## STATUS=yes (see the Rules section near the start of this file) to allow
- ## full status information. Check conf/access.conf on how to enable this.
-
-! Module status_module mod_status.o
-
- ## The Info module displays configuration information for the server and
- ## all included modules. It's very useful for debugging.
-
-! Module info_module mod_info.o
-
- ## mod_include translates server-side include (SSI) statements in text files.
- ## mod_dir handles requests on directories and directory indexes.
-***************
-*** 209,215 ****
- ## mod_rewrite allows for powerful URI-to-URI and URI-to-filename mapping,
- ## using regular expressions.
-
-! # Module rewrite_module mod_rewrite.o
-
- ##
- ## Access control and authentication modules.
---- 222,228 ----
- ## mod_rewrite allows for powerful URI-to-URI and URI-to-filename mapping,
- ## using regular expressions.
-
-! Module rewrite_module mod_rewrite.o
-
- ##
- ## Access control and authentication modules.
-***************
-*** 227,233 ****
- ## "gdbm" package if not and possibly adjust EXTRA_LIBS. (This may be
- ## done by Configure at a later date)
-
-! # Module db_auth_module mod_auth_db.o
- # Module dbm_auth_module mod_auth_dbm.o
-
- ## msql_auth checks against an mSQL database. You must have mSQL installed
---- 240,246 ----
- ## "gdbm" package if not and possibly adjust EXTRA_LIBS. (This may be
- ## done by Configure at a later date)
-
-! Module db_auth_module mod_auth_db.o
- # Module dbm_auth_module mod_auth_dbm.o
-
- ## msql_auth checks against an mSQL database. You must have mSQL installed
-***************
-*** 244,267 ****
- ## "digest" implements HTTP Digest Authentication rather than the less
- ## secure Basic Auth used by the other modules.
-
-! # Module digest_module mod_digest.o
-
- ## Optional response header manipulation modules.
- ##
- ## cern_meta mimics the behavior of the CERN web server with regards to
- ## metainformation files.
-
-! # Module cern_meta_module mod_cern_meta.o
-
- ## The expires module can apply Expires: headers to resources,
- ## as a function of access time or modification time.
-
-! # Module expires_module mod_expires.o
-
- ## The headers module can set arbitrary HTTP response headers,
- ## as configured in server, vhost, access.conf or .htaccess configs
-
-! # Module headers_module mod_headers.o
-
- ## Miscellaneous modules
- ##
---- 257,280 ----
- ## "digest" implements HTTP Digest Authentication rather than the less
- ## secure Basic Auth used by the other modules.
-
-! Module digest_module mod_digest.o
-
- ## Optional response header manipulation modules.
- ##
- ## cern_meta mimics the behavior of the CERN web server with regards to
- ## metainformation files.
-
-! Module cern_meta_module mod_cern_meta.o
-
- ## The expires module can apply Expires: headers to resources,
- ## as a function of access time or modification time.
-
-! Module expires_module mod_expires.o
-
- ## The headers module can set arbitrary HTTP response headers,
- ## as configured in server, vhost, access.conf or .htaccess configs
-
-! Module headers_module mod_headers.o
-
- ## Miscellaneous modules
- ##
+*** 935,942 ****
+ echo "echo '-DDEFAULT_PIDLOG=\"${runtimedir_relative}httpd.pid\"'" >>$src/apaci
+ echo "echo '-DDEFAULT_SCOREBOARD=\"${runtimedir_relative}httpd.scoreboard\"'" >>$src/apaci
+ echo "echo '-DDEFAULT_LOCKFILE=\"${runtimedir_relative}httpd.lock\"'" >>$src/apaci
+! echo "echo '-DDEFAULT_XFERLOG=\"${logfiledir_relative}access_log\"'" >>$src/apaci
+! echo "echo '-DDEFAULT_ERRORLOG=\"${logfiledir_relative}error_log\"'" >>$src/apaci
+ echo "echo '-DTYPES_CONFIG_FILE=\"${sysconfdir_relative}mime.types\"'" >>$src/apaci
+ echo "echo '-DSERVER_CONFIG_FILE=\"${sysconfdir_relative}httpd.conf\"'" >>$src/apaci
+ echo "echo '-DACCESS_CONFIG_FILE=\"${sysconfdir_relative}access.conf\"'" >>$src/apaci
+--- 935,942 ----
+ echo "echo '-DDEFAULT_PIDLOG=\"${runtimedir_relative}httpd.pid\"'" >>$src/apaci
+ echo "echo '-DDEFAULT_SCOREBOARD=\"${runtimedir_relative}httpd.scoreboard\"'" >>$src/apaci
+ echo "echo '-DDEFAULT_LOCKFILE=\"${runtimedir_relative}httpd.lock\"'" >>$src/apaci
+! echo "echo '-DDEFAULT_XFERLOG=\"${logfiledir_relative}httpd-access.log\"'" >>$src/apaci
+! echo "echo '-DDEFAULT_ERRORLOG=\"${logfiledir_relative}httpd-error.log\"'" >>$src/apaci
+ echo "echo '-DTYPES_CONFIG_FILE=\"${sysconfdir_relative}mime.types\"'" >>$src/apaci
+ echo "echo '-DSERVER_CONFIG_FILE=\"${sysconfdir_relative}httpd.conf\"'" >>$src/apaci
+ echo "echo '-DACCESS_CONFIG_FILE=\"${sysconfdir_relative}access.conf\"'" >>$src/apaci
diff --git a/www/apache13-fp/files/patch-ab b/www/apache13-fp/files/patch-ab
index 2fadd01..875c96a 100644
--- a/www/apache13-fp/files/patch-ab
+++ b/www/apache13-fp/files/patch-ab
@@ -1,55 +1,153 @@
-*** conf/access.conf-dist.orig Mon Mar 31 18:52:33 1997
---- conf/access.conf-dist Sat Oct 25 14:15:32 1997
+*** Makefile.tmpl.orig Sat Sep 19 07:41:48 1998
+--- Makefile.tmpl Wed Oct 14 19:07:18 1998
***************
-*** 12,18 ****
+*** 107,112 ****
+--- 107,113 ----
+ runtimedir = @runtimedir@
+ logfiledir = @logfiledir@
+ proxycachedir = @proxycachedir@
++ doc_prefix = $(prefix)/share/doc/apache
- # This should be changed to whatever you set DocumentRoot to.
+ libexecdir_relative = @libexecdir_relative@
-! <Directory /usr/local/etc/httpd/htdocs>
-
- # This may also be "None", "All", or any combination of "Indexes",
- # "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
---- 12,18 ----
-
- # This should be changed to whatever you set DocumentRoot to.
-
-! <Directory /usr/local/www/data>
-
- # This may also be "None", "All", or any combination of "Indexes",
- # "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
***************
-*** 26,32 ****
- # override. Can also be "All", or any combination of "Options", "FileInfo",
- # "AuthConfig", and "Limit"
-
-! AllowOverride None
-
- # Controls who can get stuff from this server.
-
---- 26,32 ----
- # override. Can also be "All", or any combination of "Options", "FileInfo",
- # "AuthConfig", and "Limit"
-
-! AllowOverride All
-
- # Controls who can get stuff from this server.
-
+*** 166,173 ****
+ -DUID_MIN=$(suexec_uidmin) \
+ -DGID_MIN=$(suexec_gidmin) \
+ -DUSERDIR_SUFFIX=\"$(suexec_userdir)\" \
+! -DLOG_EXEC=\"$(logfiledir)/suexec_log\" \
+! -DDOC_ROOT=\"$(datadir)/htdocs\" \
+ -DSAFE_PATH=\"$(suexec_safepath)\" \
+ ' \
+ suexec; \
+--- 167,174 ----
+ -DUID_MIN=$(suexec_uidmin) \
+ -DGID_MIN=$(suexec_gidmin) \
+ -DUSERDIR_SUFFIX=\"$(suexec_userdir)\" \
+! -DLOG_EXEC=\"$(logfiledir)/httpd-suexec.log\" \
+! -DDOC_ROOT=\"$(datadir)/data\" \
+ -DSAFE_PATH=\"$(suexec_safepath)\" \
+ ' \
+ suexec; \
***************
-*** 38,45 ****
- # /usr/local/etc/httpd/cgi-bin should be changed to whatever your ScriptAliased
- # CGI directory exists, if you have that configured.
-
-! <Directory /usr/local/etc/httpd/cgi-bin>
-! AllowOverride None
- Options None
- </Directory>
-
---- 38,45 ----
- # /usr/local/etc/httpd/cgi-bin should be changed to whatever your ScriptAliased
- # CGI directory exists, if you have that configured.
-
-! <Directory /usr/local/www/cgi-bin>
-! AllowOverride All
- Options None
- </Directory>
-
+*** 224,232 ****
+ $(MKDIR) $(root)$(mandir)/man1
+ $(MKDIR) $(root)$(mandir)/man8
+ $(MKDIR) $(root)$(sysconfdir)
+! $(MKDIR) $(root)$(datadir)/htdocs
+ $(MKDIR) $(root)$(datadir)/icons
+! $(MKDIR) $(root)$(datadir)/cgi-bin
+ $(MKDIR) $(root)$(includedir)
+ $(MKDIR) $(root)$(runtimedir)
+ $(MKDIR) $(root)$(logfiledir)
+--- 225,233 ----
+ $(MKDIR) $(root)$(mandir)/man1
+ $(MKDIR) $(root)$(mandir)/man8
+ $(MKDIR) $(root)$(sysconfdir)
+! $(MKDIR) $(root)$(doc_prefix)
+ $(MKDIR) $(root)$(datadir)/icons
+! $(MKDIR) $(root)$(datadir)/cgi-bin.default
+ $(MKDIR) $(root)$(includedir)
+ $(MKDIR) $(root)$(runtimedir)
+ $(MKDIR) $(root)$(logfiledir)
+***************
+*** 340,364 ****
+ # icons and distributed CGI scripts.
+ install-data:
+ @echo "===> [data: Installing initial data files]"
+! -@if [ -f $(root)$(datadir)/htdocs/index.html ]; then \
+! echo "[PRESERVING EXISTING DATA SUBDIR: $(root)$(datadir)/htdocs/]"; \
+! else \
+! echo "Copying tree $(TOP)/htdocs/ -> $(root)$(datadir)/htdocs/"; \
+ (cd $(TOP)/htdocs/ && $(TAR) cf - *) |\
+! (cd $(root)$(datadir)/htdocs/ && $(TAR) xf -); \
+! find $(root)$(datadir)/htdocs/ -type d -exec chmod a+rx {} \; ; \
+! find $(root)$(datadir)/htdocs/ -type f -exec chmod a+r {} \; ; \
+ fi
+! -@if [ -f $(root)$(datadir)/cgi-bin/printenv ]; then \
+! echo "[PRESERVING EXISTING DATA SUBDIR: $(root)$(datadir)/cgi-bin/]"; \
+! else \
+ for script in printenv test-cgi; do \
+ cat $(TOP)/cgi-bin/$${script} |\
+ sed -e 's;^#!/.*perl;#!$(PERL);' \
+ > $(TOP)/$(SRC)/.apaci.install.tmp; \
+! echo "$(INSTALL_DATA) $(TOP)/conf/$${script}[*] $(root)$(datadir)/cgi-bin/$${script}"; \
+! $(INSTALL_DATA) $(TOP)/$(SRC)/.apaci.install.tmp $(root)$(datadir)/cgi-bin/$${script}; \
+ done; \
+ fi
+ @echo "Copying tree $(TOP)/icons/ -> $(root)$(datadir)/icons/"; \
+ (cd $(TOP)/icons/ && $(TAR) cf - *) |\
+--- 341,372 ----
+ # icons and distributed CGI scripts.
+ install-data:
+ @echo "===> [data: Installing initial data files]"
+! # -@if [ -f $(root)$(datadir)/htdocs/index.html ]; then \
+! # echo "[PRESERVING EXISTING DATA SUBDIR: $(root)$(datadir)/htdocs/]"; \
+! # else \
+! echo "Copying tree $(TOP)/htdocs/ -> $(root)$(doc_prefix)/"; \
+ (cd $(TOP)/htdocs/ && $(TAR) cf - *) |\
+! (cd $(root)$(doc_prefix)/ && $(TAR) xf -); \
+! find $(root)$(doc_prefix)/ -type d -exec chmod a+rx {} \; ; \
+! find $(root)$(doc_prefix)/ -type f -exec chmod a+r {} \; ; \
+! # fi
+! if [ ! -d $(root)$(datadir)/data ]; then \
+! $(LN) -sf $(root)$(doc_prefix) $(root)$(datadir)/data; \
+ fi
+! $(LN) -sf $(root)$(doc_prefix) $(root)$(datadir)/data.default
+! # -@if [ -f $(root)$(datadir)/cgi-bin/printenv ]; then \
+! # echo "[PRESERVING EXISTING DATA SUBDIR: $(root)$(datadir)/cgi-bin/]"; \
+! # else \
+ for script in printenv test-cgi; do \
+ cat $(TOP)/cgi-bin/$${script} |\
+ sed -e 's;^#!/.*perl;#!$(PERL);' \
+ > $(TOP)/$(SRC)/.apaci.install.tmp; \
+! echo "$(INSTALL_DATA) $(TOP)/conf/$${script}[*] $(root)$(datadir)/cgi-bin.default/$${script}"; \
+! $(INSTALL_DATA) $(TOP)/$(SRC)/.apaci.install.tmp $(root)$(datadir)/cgi-bin.default/$${script}; \
+ done; \
++ # fi
++ if [ ! -d $(root)$(datadir)/cgi-bin ]; then \
++ $(LN) -sf $(root)$(datadir)/cgi-bin.default $(root)$(datadir)/cgi-bin; \
+ fi
+ @echo "Copying tree $(TOP)/icons/ -> $(root)$(datadir)/icons/"; \
+ (cd $(TOP)/icons/ && $(TAR) cf - *) |\
+***************
+*** 378,395 ****
+ echo ""; \
+ cat $(TOP)/conf/$${conf}-dist ) |\
+ sed -e '/# LoadModule/r $(TOP)/$(SRC)/.apaci.install.conf' \
+! -e 's;@@ServerRoot@@/htdocs;$(datadir)/htdocs;' \
+ -e 's;@@ServerRoot@@/icons;$(datadir)/icons;' \
+ -e 's;@@ServerRoot@@/cgi-bin;$(datadir)/cgi-bin;' \
+ -e 's;@@ServerRoot@@/proxy;$(proxycachedir);' \
+ -e 's;@@ServerRoot@@;$(prefix);' \
+ -e 's;logs/accept.lock;$(runtimedir)/httpd.lock;' \
+ -e 's;logs/apache_runtime_status;$(runtimedir)/httpd.scoreboard;' \
+ -e 's;logs/httpd.pid;$(runtimedir)/httpd.pid;' \
+! -e 's;logs/access_log;$(logfiledir)/access_log;' \
+! -e 's;logs/error_log;$(logfiledir)/error_log;' \
+! -e 's;logs/referer_log;$(logfiledir)/referer_log;' \
+! -e 's;logs/agent_log;$(logfiledir)/agent_log;' \
+ -e 's;conf/magic;$(sysconfdir)/magic;' \
+ -e 's;conf/mime.types;$(sysconfdir)/mime.types;' \
+ -e 's;Group #-1;Group $(conf_group);' \
+--- 386,405 ----
+ echo ""; \
+ cat $(TOP)/conf/$${conf}-dist ) |\
+ sed -e '/# LoadModule/r $(TOP)/$(SRC)/.apaci.install.conf' \
+! -e 's;@@ServerRoot@@/htdocs;$(datadir)/data;' \
+ -e 's;@@ServerRoot@@/icons;$(datadir)/icons;' \
+ -e 's;@@ServerRoot@@/cgi-bin;$(datadir)/cgi-bin;' \
+ -e 's;@@ServerRoot@@/proxy;$(proxycachedir);' \
++ -e 's;@@ServerRoot@@/srm.conf;$(sysconfdir)/srm.conf;' \
++ -e 's;@@ServerRoot@@/access.conf;$(sysconfdir)/access.conf;' \
+ -e 's;@@ServerRoot@@;$(prefix);' \
+ -e 's;logs/accept.lock;$(runtimedir)/httpd.lock;' \
+ -e 's;logs/apache_runtime_status;$(runtimedir)/httpd.scoreboard;' \
+ -e 's;logs/httpd.pid;$(runtimedir)/httpd.pid;' \
+! -e 's;logs/access_log;$(logfiledir)/httpd-access.log;' \
+! -e 's;logs/error_log;$(logfiledir)/httpd-error.log;' \
+! -e 's;logs/referer_log;$(logfiledir)/httpd-referer.log;' \
+! -e 's;logs/agent_log;$(logfiledir)/httpd-agent.log;' \
+ -e 's;conf/magic;$(sysconfdir)/magic;' \
+ -e 's;conf/mime.types;$(sysconfdir)/mime.types;' \
+ -e 's;Group #-1;Group $(conf_group);' \
diff --git a/www/apache13-fp/files/patch-ag b/www/apache13-fp/files/patch-ag
new file mode 100644
index 0000000..bcbbc23
--- /dev/null
+++ b/www/apache13-fp/files/patch-ag
@@ -0,0 +1,72 @@
+*** conf/httpd.conf-dist.orig Wed May 6 16:12:39 1998
+--- conf/httpd.conf-dist Sat Jun 6 13:08:52 1998
+***************
+*** 50,56 ****
+ # don't use Group #-1 on these systems!
+
+ User nobody
+! Group #-1
+
+ # ServerAdmin: Your address, where problems with the server should be
+ # e-mailed.
+--- 50,56 ----
+ # don't use Group #-1 on these systems!
+
+ User nobody
+! Group nogroup
+
+ # ServerAdmin: Your address, where problems with the server should be
+ # e-mailed.
+***************
+*** 65,70 ****
+--- 65,80 ----
+
+ ServerRoot @@ServerRoot@@
+
++ # AccessConfig: The name and location of the Access Configuration file
++ #
++
++ AccessConfig @@ServerRoot@@/access.conf
++
++ # ResourceConfig: The name and location of the Resource Configuration file
++ #
++
++ ResourceConfig @@ServerRoot@@/srm.conf
++
+ # BindAddress: You can support virtual hosts with this option. This option
+ # is used to tell the server which IP address to listen to. It can either
+ # contain "*", an IP address, or a fully qualified Internet domain name.
+***************
+*** 94,100 ****
+ # The location of the access logfile (Common Logfile Format).
+ # If this does not start with /, ServerRoot is prepended to it.
+
+! CustomLog logs/access_log common
+
+ # If you would like to have an agent and referer logfile uncomment the
+ # following directives.
+--- 104,110 ----
+ # The location of the access logfile (Common Logfile Format).
+ # If this does not start with /, ServerRoot is prepended to it.
+
+! #CustomLog logs/access_log common
+
+ # If you would like to have an agent and referer logfile uncomment the
+ # following directives.
+***************
+*** 105,111 ****
+ # If you prefer a single logfile with access, agent and referer information
+ # (Combined Logfile Format) you can use the following directive.
+
+! #CustomLog logs/access_log combined
+
+ # PidFile: The file the server should log its pid to
+ PidFile logs/httpd.pid
+--- 115,121 ----
+ # If you prefer a single logfile with access, agent and referer information
+ # (Combined Logfile Format) you can use the following directive.
+
+! CustomLog logs/access_log combined
+
+ # PidFile: The file the server should log its pid to
+ PidFile logs/httpd.pid
diff --git a/www/apache13-fp/files/patch-ak b/www/apache13-fp/files/patch-ak
new file mode 100644
index 0000000..7cda58a
--- /dev/null
+++ b/www/apache13-fp/files/patch-ak
@@ -0,0 +1,40 @@
+*** src/support/apachectl.orig Fri Jul 17 01:25:54 1998
+--- src/support/apachectl Fri Jul 24 00:34:59 1998
+***************
+*** 39,44 ****
+--- 39,46 ----
+ # -------------------- --------------------
+ # |||||||||||||||||||| END CONFIGURATION SECTION ||||||||||||||||||||
+
++ eval `limits -e -C daemon` >/dev/null 2>&1
++
+ ERROR=0
+ ARGV="$@"
+ if [ "x$ARGV" = "x" ] ; then
+***************
+*** 50,56 ****
+ # check for pidfile
+ if [ -f $PIDFILE ] ; then
+ PID=`cat $PIDFILE`
+! if kill -0 $PID; then
+ STATUS="httpd (pid $PID) running"
+ RUNNING=1
+ else
+--- 52,58 ----
+ # check for pidfile
+ if [ -f $PIDFILE ] ; then
+ PID=`cat $PIDFILE`
+! if kill -0 $PID > /dev/null 2>&1; then
+ STATUS="httpd (pid $PID) running"
+ RUNNING=1
+ else
+***************
+*** 82,87 ****
+--- 84,90 ----
+ fi
+ if kill $PID ; then
+ echo "$0 $ARG: httpd stopped"
++ rm $PIDFILE
+ else
+ echo "$0 $ARG: httpd could not be stopped"
+ ERROR=4
diff --git a/www/apache13-fp/files/patch-al b/www/apache13-fp/files/patch-al
new file mode 100644
index 0000000..039d632
--- /dev/null
+++ b/www/apache13-fp/files/patch-al
@@ -0,0 +1,50 @@
+*** src/support/log_server_status.orig Tue Mar 31 16:53:50 1998
+--- src/support/log_server_status Tue Apr 21 17:18:10 1998
+***************
+*** 67,76 ****
+ #
+ require 'sys/socket.ph';
+
+! $wherelog = "/var/log/graph/"; # Logs will be like "/var/log/graph/960312"
+ $server = "localhost"; # Name of server, could be "www.foo.com"
+ $port = "80"; # Port on server
+! $request = "/status/?auto"; # Request to send
+
+ sub tcp_connect
+ {
+--- 67,76 ----
+ #
+ require 'sys/socket.ph';
+
+! $wherelog = "/var/log/httpd-status-"; # Logs will be like "/var/log/graph/960312"
+ $server = "localhost"; # Name of server, could be "www.foo.com"
+ $port = "80"; # Port on server
+! $request = "/server-status/?auto"; # Request to send
+
+ sub tcp_connect
+ {
+***************
+*** 93,103 ****
+ ### Main
+
+ {
+! $date=`date +%y%m%d:%H%M%S`;
+ chop($date);
+ ($day,$time)=split(/:/,$date);
+ $res=&tcp_connect($server,$port);
+! open(OUT,">>$wherelog$day");
+ if ($res) {
+ print OUT "$time:-1:-1:-1:-1:$res\n";
+ exit 1;
+--- 93,103 ----
+ ### Main
+
+ {
+! $date=`LC_TIME=C date +%y%m%d:%H%M%S`;
+ chop($date);
+ ($day,$time)=split(/:/,$date);
+ $res=&tcp_connect($server,$port);
+! open(OUT,">>$wherelog$day.log");
+ if ($res) {
+ print OUT "$time:-1:-1:-1:-1:$res\n";
+ exit 1;
diff --git a/www/apache13-fp/files/patch-fd b/www/apache13-fp/files/patch-fd
index 89b5009..81d1cb8 100644
--- a/www/apache13-fp/files/patch-fd
+++ b/www/apache13-fp/files/patch-fd
@@ -1,96 +1,59 @@
-*** support/suexec.h.orig Sat May 10 00:06:17 1997
---- support/suexec.h Thu Apr 23 15:57:52 1998
+*** src/support/suexec.h.orig Tue Mar 31 06:54:09 1998
+--- src/support/suexec.h Thu May 21 19:18:25 1998
***************
-*** 50,55 ****
---- 50,62 ----
- *
+*** 56,61 ****
+--- 56,72 ----
*/
-+ /* "FPEXE modification made on Nov 2nd 1997 by Mark Wormgoor (riddles@ipe.nl)
+ /*
++ * "FPEXE modification made on 98.05.21 by Scot Hetzel (hetzels@westbend.net)
++ * based on previous FPEXE modifications supplied by Mark Wormgoor
++ * (riddles@ipe.nl)
+ *
+ * Changes were made in order to use Suexec and Frontpage 98 at the same time.
-+ * Instead of trying to run suid on /usr/local/frontpage/currentversion/bin/fpexe,
-+ * we execute this so the suid-bit does all the work
-+ */
++ * After we change to the target_uid and target_gid. We check if cmd = FPEXE,
++ * if it does then we execute the cmd without performing any further tests.
++ *
++ */
+
- /*
++ /*
* suexec.h -- user-definable variables for the suexec wrapper code.
*/
-***************
-*** 114,129 ****
- * debugging purposes.
- */
- #ifndef LOG_EXEC
-! #define LOG_EXEC "/usr/local/etc/httpd/logs/cgi.log" /* Need me? */
- #endif
-
- /*
- * DOC_ROOT -- Define as the DocumentRoot set for Apache. This
- * will be the only hierarchy (aside from UserDirs)
- * that can be used for suEXEC behavior.
- */
- #ifndef DOC_ROOT
-! #define DOC_ROOT "/usr/local/etc/httpd/htdocs"
- #endif
-
- /*
---- 121,162 ----
- * debugging purposes.
- */
- #ifndef LOG_EXEC
-! #define LOG_EXEC "/var/log/httpd-cgi.log" /* Need me? */
- #endif
- /*
- * DOC_ROOT -- Define as the DocumentRoot set for Apache. This
- * will be the only hierarchy (aside from UserDirs)
- * that can be used for suEXEC behavior.
-+ * This is not used, since we have VirtualHosts defined.
+***************
+*** 129,134 ****
+--- 140,173 ----
*/
#ifndef DOC_ROOT
-! #define DOC_ROOT "/usr/local/www"
-! #endif
-!
-! /*
-! * FPEXE
-! * FRONTPAGE_EXE -- We are running frontpage and we don't need to run
-! * fpexe suid, since it's already set suid. Also, the
-! * dir-rights are incorrect and so on...
-! */
-! #ifndef FPEXE
-! #define FPEXE "fpexe"
-! #endif
-!
-! #ifndef FRONTPAGE_EXE
-! #define FRONTPAGE_EXE "/usr/local/frontpage/version3.0/apache-fp/_vti_bin/fpexe"
-! #endif
-!
-! /*
-! * SYSTEM_CGI -- Define as the cgi directory for system-wide CGI's
-! * Note that UID/GID of the cgi or the directory are
-! * NOT matched if they're in this directory, although
-! * all the other checks still apply. Caveat Emptor.
-! */
-!
-! #ifndef SYSTEM_CGI
-! #define SYSTEM_CGI "/usr/local/www/cgi-bin"
+ #define DOC_ROOT "/usr/local/apache/htdocs"
++ #endif
++
++ /*
++ * FPEXE, FPSTUB
++ * FPSTUBDIR -- We are running frontpage and we don't need to run
++ * fpexe suid, since it's already set suid. Also, the
++ * dir-rights are incorrect and so on...
++ */
++ #ifndef FPEXE
++ #define FPEXE "fpexe"
++ #endif
++
++ #ifndef FPSTUB
++ #define FPSTUB "/usr/local/frontpage/version3.0/apache-fp/_vti_bin/fpexe"
++ #endif
++
++ #ifndef FPSTUBDIR
++ #define FPSTUBDIR "/usr/local/frontpage/currentversion/apache-fp/_vti_bin"
++ #endif
++
++ /*
++ * SYSTEM_CGI -- Define as the cgi directory for system-wide CGI's
++ * Note that UID/GID of the cgi or the directory are
++ * NOT matched if they're in this directory, although
++ * all the other checks still apply. Caveat Emptor.
++ */
++ #ifndef SYSTEM_CGI
++ #define SYSTEM_CGI "/usr/local/www/cgi-bin"
#endif
/*
-***************
-*** 131,137 ****
- *
- */
- #ifndef SAFE_PATH
-! #define SAFE_PATH "/usr/local/bin:/usr/bin:/bin"
- #endif
-
- #endif /* _SUEXEC_H */
---- 164,170 ----
- *
- */
- #ifndef SAFE_PATH
-! #define SAFE_PATH "/usr/local/bin:/usr/bin:/bin:."
- #endif
-
- #endif /* _SUEXEC_H */
diff --git a/www/apache13-fp/files/patch-fe b/www/apache13-fp/files/patch-fe
index f2877b3..03fc406 100644
--- a/www/apache13-fp/files/patch-fe
+++ b/www/apache13-fp/files/patch-fe
@@ -1,11 +1,11 @@
-*** support/suexec.c.orig Fri Jan 30 08:45:44 1998
---- support/suexec.c Fri Apr 24 17:32:21 1998
+*** src/support/suexec.c.orig Tue Apr 21 15:14:06 1998
+--- src/support/suexec.c Fri May 22 17:59:43 1998
***************
-*** 66,71 ****
---- 66,94 ----
+*** 70,75 ****
+--- 70,98 ----
+ *
*
*/
-
+ /*
+ * "System" CGI modification 97.05.10 by Rick Franchuk (rickf@netnation.com)
+ *
@@ -19,8 +19,8 @@
+ * The docroot check had to be bypassed to allow functionality for VirtualHost
+ * entries. I'm somewhat suprised noone encountered that behavior before.
+ */
-+
-+ /* "FPEXE modification made on 98.04.24 by Scot Hetzel (hetzels@westbend.net)
++ /*
++ * "FPEXE modification made on 98.05.19 by Scot Hetzel (hetzels@westbend.net)
+ * based on previous FPEXE modifications supplied by Mark Wormgoor
+ * (riddles@ipe.nl)
+ *
@@ -28,127 +28,13 @@
+ * After we change to the target_uid and target_gid. We check if cmd = FPEXE,
+ * if it does then we execute the cmd without performing any further tests.
+ *
-+ */
-
- #include "suexec.h"
-
-***************
-*** 75,81 ****
- #include <sys/types.h>
- #include <stdio.h>
- #include <stdarg.h>
-! #include <string.h>
- #include <pwd.h>
- #include <grp.h>
- #include <time.h>
---- 98,104 ----
- #include <sys/types.h>
- #include <stdio.h>
- #include <stdarg.h>
-! #include <strings.h>
- #include <pwd.h>
- #include <grp.h>
- #include <time.h>
-***************
-*** 138,144 ****
-
- static void err_output(const char *fmt, va_list ap)
- {
-- #ifdef LOG_EXEC
- time_t timevar;
- struct tm *lt;
++ */
---- 161,166 ----
-***************
-*** 158,164 ****
- vfprintf(log, fmt, ap);
-
- fflush(log);
-- #endif /* LOG_EXEC */
- return;
- }
-
---- 180,185 ----
-***************
-*** 264,270 ****
- log_err("user mismatch (%s)\n", pw->pw_name);
- exit(103);
- }
-!
- /*
- * Check for a leading '/' (absolute path) in the command to be executed,
- * or attempts to back up out of the current directory,
---- 285,291 ----
- log_err("user mismatch (%s)\n", pw->pw_name);
- exit(103);
- }
-!
- /*
- * Check for a leading '/' (absolute path) in the command to be executed,
- * or attempts to back up out of the current directory,
+ #include "conf.h"
+ #include <sys/param.h>
***************
-*** 301,306 ****
---- 322,328 ----
- /*
- * Error out if the target group name is invalid.
- */
-+
- if (strspn(target_gname, "1234567890") != strlen(target_gname)) {
- if ((gr = getgrnam(target_gname)) == NULL) {
- log_err("invalid target group name: (%s)\n", target_gname);
-***************
-*** 325,331 ****
- * Log the transaction here to be sure we have an open log
- * before we setuid().
- */
-! log_err("uid: (%s/%s) gid: (%s/%s) %s\n",
- target_uname, actual_uname,
- target_gname, actual_gname,
- cmd);
---- 347,353 ----
- * Log the transaction here to be sure we have an open log
- * before we setuid().
- */
-! log_err("uid: (%s/%s) gid: (%s/%s) cmd: %s\n",
- target_uname, actual_uname,
- target_gname, actual_gname,
- cmd);
-***************
-*** 357,363 ****
- * and setgid() to the target group. If unsuccessful, error out.
- */
- if (((setgid(gid)) != 0) || (initgroups(actual_uname,gid) != 0)) {
-! log_err("failed to setgid (%ld: %s)\n", gid, cmd);
- exit(109);
- }
-
---- 379,385 ----
- * and setgid() to the target group. If unsuccessful, error out.
- */
- if (((setgid(gid)) != 0) || (initgroups(actual_uname,gid) != 0)) {
-! log_err("failed to setgid (%ld: %s/%s)\n", gid, cwd, cmd);
- exit(109);
- }
-
-***************
-*** 365,375 ****
- * setuid() to the target user. Error out on fail.
- */
- if ((setuid(uid)) != 0) {
-! log_err("failed to setuid (%ld: %s)\n", uid, cmd);
- exit(110);
- }
-
- /*
- * Get the current working directory, as well as the proper
- * document root (dependant upon whether or not it is a
- * ~userdir request). Error out if we cannot get either one,
---- 387,405 ----
- * setuid() to the target user. Error out on fail.
- */
- if ((setuid(uid)) != 0) {
-! log_err("failed to setuid (%ld: %s/%s)\n", uid, cwd, cmd);
- exit(110);
+*** 393,398 ****
+--- 416,429 ----
}
/*
@@ -156,17 +42,17 @@
+ * user is ok. We run fpexe now and bail out before anything goes wrong.
+ */
+ #ifdef FPEXE
-+ if ((strcmp(cmd, FPEXE)) != NULL) {
-+ #endif
++ if ((strcmp(cmd, FPEXE)) != NULL) {
++ #endif
+
+ /*
* Get the current working directory, as well as the proper
* document root (dependant upon whether or not it is a
* ~userdir request). Error out if we cannot get either one,
***************
-*** 402,411 ****
---- 432,446 ----
- }
+*** 423,432 ****
+--- 454,468 ----
+ }
}
+ /*
@@ -174,74 +60,87 @@
+ * VirtualHosts running CGI in thier own directories.
+ *
if ((strncmp(cwd, dwd, strlen(dwd))) != 0) {
- log_err("command not in docroot (%s/%s)\n", cwd, cmd);
- exit(114);
+ log_err("command not in docroot (%s/%s)\n", cwd, cmd);
+ exit(114);
}
+ */
/*
* Stat the cwd and verify it is a directory, or error out.
***************
-*** 451,470 ****
+*** 472,477 ****
+--- 508,516 ----
* Error out if the target name/group is different from
* the name/group of the cwd or the program.
*/
-! if ((uid != dir_info.st_uid) ||
-! (gid != dir_info.st_gid) ||
-! (uid != prg_info.st_uid) ||
-! (gid != prg_info.st_gid))
-! {
-! log_err("target uid/gid (%ld/%ld) mismatch with directory (%ld/%ld) or program (%ld/%ld)\n",
-! uid, gid,
-! dir_info.st_uid, dir_info.st_gid,
-! prg_info.st_uid, prg_info.st_gid);
-! exit(120);
- }
-
- clean_env();
-
- /*
- * Be sure to close the log file so the CGI can't
- * mess with it. If the exec fails, it will be reopened
---- 486,516 ----
- * Error out if the target name/group is different from
- * the name/group of the cwd or the program.
- */
-!
-! #ifdef SYSTEM_CGI
-! if (strncmp(cwd, SYSTEM_CGI, strlen(SYSTEM_CGI))) {
-! #endif
-! if ((uid != dir_info.st_uid) ||
-! (gid != dir_info.st_gid) ||
-! (uid != prg_info.st_uid) ||
-! (gid != prg_info.st_gid))
-! {
-! log_err("target uid/gid (%ld/%ld) mismatch with directory %s(%ld/%ld) or program %s(%ld/%ld)\n",
-! uid, gid,
-! cwd, dir_info.st_uid, dir_info.st_gid,
-! cmd, prg_info.st_uid, prg_info.st_gid);
-! exit(120);
-! }
-! #ifdef SYSTEM_CGI
++ #ifdef SYSTEM_CGI
++ if (strncmp(cwd, SYSTEM_CGI, strlen(SYSTEM_CGI))) {
++ #endif
+ if ((uid != dir_info.st_uid) ||
+ (gid != dir_info.st_gid) ||
+ (uid != prg_info.st_uid) ||
+***************
+*** 482,487 ****
+--- 521,530 ----
+ prg_info.st_uid, prg_info.st_gid);
+ exit(120);
}
++ #ifdef SYSTEM_CGI
++ }
+ #endif
++
+ /*
+ * Error out if the program is not executable for the user.
+ * Otherwise, she won't find any error in the logs except for
+***************
+*** 493,498 ****
+--- 536,584 ----
+ }
clean_env();
-
++
+ #ifdef FPEXE
+ }
-+ #endif
++ else {
++
++ /* The following taken from mod_frontpage.c to check permissions */
+
++ /*
++ * We can't stat the stub dir. Make sure the stub directory is not
++ * owned by root and not group/world writable
++ */
++ if ((lstat(FPSTUBDIR, &dir_info) == -1 ||
++ dir_info.st_uid ||
++ (dir_info.st_mode & (S_IWGRP | S_IWOTH)) ||
++ (!S_ISDIR(dir_info.st_mode)))) {
++ /*
++ * User recovery: set directory to be owned by by root with
++ * permissions r*x*-x*-x.
++ */
++ log_err("Incorrect permissions on stub directory \"%-.1024s\"",
++ FPSTUBDIR);
++ exit (250);
++ }
++
++ /*
++ * We can't stat the stub. Make sure the stub is not owned by root,
++ * set-uid, set-gid, and is not group/world writable or executable.
++ */
++ if ((stat(cmd, &prg_info) == -1 ||
++ prg_info.st_uid ||
++ !(prg_info.st_mode & S_ISUID) ||
++ (prg_info.st_mode & S_ISGID) ||
++ (prg_info.st_mode & (S_IWGRP | S_IWOTH)) ||
++ !(prg_info.st_mode & (S_IXGRP | S_IXOTH)))) {
++ /*
++ * User recovery: set stub to be owned by by root with permissions
++ * r*s*-x*-x.
++ */
++ log_err("Incorrect permissions on stub \"%-.1024s\"", cmd);
++ exit (251);
++ }
++ }
++ #endif
+
/*
* Be sure to close the log file so the CGI can't
- * mess with it. If the exec fails, it will be reopened
-***************
-*** 486,491 ****
---- 532,538 ----
- *
- * Oh well, log the failure and error out.
- */
-+
- log_err("exec failed (%s)\n", cmd);
- exit(255);
- }
diff --git a/www/apache13-fp/files/patch-ff b/www/apache13-fp/files/patch-ff
deleted file mode 100644
index da0f609..0000000
--- a/www/apache13-fp/files/patch-ff
+++ /dev/null
@@ -1,42 +0,0 @@
-*** support/Makefile.tmpl.orig Mon Mar 10 03:31:34 1997
---- support/Makefile.tmpl Thu Apr 23 13:20:33 1998
-***************
-*** 8,18 ****
---- 8,32 ----
- INCLUDES=-I../src -I../src/regex $(INCLUDES1) $(EXTRA_INCLUDES)
- LFLAGS=$(LFLAGS1) $(EXTRA_LFLAGS)
-
-+ PREFIX?=/usr/local
-+ USER_CGI_BIN?=public_html
-+ HTTPD_USER?=www
-+ FP_EXE=${PREFIX}/frontpage/version3.0/apache-fp/_vti_bin/fpexe
-+ SYS_CGI_BIN=${PREFIX}/www/cgi-bin
-+ SU_FLAGS=-DHTTPD_USER=\"${HTTPD_USER}\"
-+ SU_FLAGS+=-DSYSTEM_CGI=\"${SYS_CGI_BIN}\"
-+ SU_FLAGS+=-DFRONTPAGE_EXE=\"${FP_EXE}\"
-+ SU_FLAGS+=-DUSERDIR_SUFFIX=\"${USER_CGI_BIN}\"
-+
- .c.o:
- $(CC) -c $(CFLAGS) $(INCLUDES) $<
-
- TARGETS=htpasswd htdigest httpd_monitor rotatelogs logresolve
-
-+ .if defined(SUEXEC)
-+ TARGETS+=suexec
-+ .endif
-+
- all: $(TARGETS)
-
- htpasswd: htpasswd.c
-***************
-*** 29,34 ****
---- 43,51 ----
-
- logresolve: logresolve.c
- $(CC) $(INCLUDES) $(CFLAGS) logresolve.c -o logresolve $(LIBS)
-+
-+ suexec: suexec.c
-+ $(CC) $(INCLUDES) $(CFLAGS) ${SU_FLAGS} suexec.c -o suexec
-
- clean:
- rm -f $(TARGETS)
diff --git a/www/apache13-fp/files/patch-fh b/www/apache13-fp/files/patch-fh
new file mode 100644
index 0000000..82895f0
--- /dev/null
+++ b/www/apache13-fp/files/patch-fh
@@ -0,0 +1,24 @@
+*** src/include/httpd.h.orig Thu May 21 19:37:29 1998
+--- src/include/httpd.h Fri May 22 16:57:19 1998
+***************
+*** 689,695 ****
+
+ char *unparsed_uri; /* the uri without any parsing performed */
+ char *uri; /* the path portion of the URI */
+! char *filename;
+ char *path_info;
+ char *args; /* QUERY_ARGS, if any */
+ struct stat finfo; /* ST_MODE set to zero if no such file */
+--- 689,700 ----
+
+ char *unparsed_uri; /* the uri without any parsing performed */
+ char *uri; /* the path portion of the URI */
+! char *execfilename; /* physical filename to exec */
+! char *filename; /* logical filename to exec -- always the same
+! * except for FrontPage CGI programs where we
+! * will execute the CGI program in
+! * /usr/local/frontpage....
+! */
+ char *path_info;
+ char *args; /* QUERY_ARGS, if any */
+ struct stat finfo; /* ST_MODE set to zero if no such file */
diff --git a/www/apache13-fp/files/patch-fi b/www/apache13-fp/files/patch-fi
new file mode 100644
index 0000000..c23dfa3
--- /dev/null
+++ b/www/apache13-fp/files/patch-fi
@@ -0,0 +1,23 @@
+*** src/main/http_request.c.orig Tue Oct 6 14:06:09 1998
+--- src/main/http_request.c Sat Oct 31 15:49:04 1998
+***************
+*** 187,192 ****
+--- 187,194 ----
+ return OK;
+ }
+
++ if (r->execfilename) path = r->execfilename;
++
+ #ifdef WIN32
+ /* If the path is x:/, then convert it to x:/., coz that's what stat
+ * needs to work properly
+***************
+*** 461,466 ****
+--- 463,469 ----
+ res = ap_parse_htaccess(&htaccess_conf, r, overrides_here,
+ ap_pstrdup(r->pool, test_dirname),
+ sconf->access_name);
++ if (r->execfilename) r->filename = r->execfilename;
+ if (res)
+ return res;
+
diff --git a/www/apache13-fp/files/patch-fj b/www/apache13-fp/files/patch-fj
new file mode 100644
index 0000000..e0b1414
--- /dev/null
+++ b/www/apache13-fp/files/patch-fj
@@ -0,0 +1,19 @@
+*** src/main/util.c.orig Sat May 9 09:27:27 1998
+--- src/main/util.c Fri May 22 16:57:19 1998
+***************
+*** 582,588 ****
+ char *res;
+
+ for (x = 0; (*line)[x]; x++) {
+! if (ap_isspace((*line)[x])) {
+ pos = x;
+ break;
+ }
+--- 582,588 ----
+ char *res;
+
+ for (x = 0; (*line)[x]; x++) {
+! if (ap_isspace((*line)[x]) && ((*line)[x] & 0x80)==0) {
+ pos = x;
+ break;
+ }
OpenPOWER on IntegriCloud