roll in some distribution patches which fix multiple vulnerabilities.

Reference: http://secunia.com/advisories/26130/ ok kili@, simon@
2007-07-22 19:44:17 +00:00 · 2007-07-22 19:44:17 +00:00 · 41ffa063ff
commit 41ffa063ff
parent d77f345395
14 changed files with 480 additions and 3 deletions
--- a/www/lighttpd/Makefile
+++ b/www/lighttpd/Makefile
@ -1,11 +1,11 @@
-# $OpenBSD: Makefile,v 1.41 2007/06/17 18:14:09 jasper Exp $
+# $OpenBSD: Makefile,v 1.42 2007/07/22 19:44:17 rui Exp $

 SHARED_ONLY=	Yes

-COMMENT=	"secure, fast, compliant, and very flexible web-server"
+COMMENT=	secure, fast, compliant, and very flexible web-server

 DISTNAME=	lighttpd-1.4.15
-PKGNAME=	${DISTNAME}p0
+PKGNAME=	${DISTNAME}p1
 CATEGORIES=	www net

 MAINTAINER=	Brad Smith <brad@openbsd.org>
--- a/www/lighttpd/patches/patch-src_connections_c
+++ b/www/lighttpd/patches/patch-src_connections_c
@ -0,0 +1,38 @@
+$OpenBSD: patch-src_connections_c,v 1.3 2007/07/22 19:44:17 rui Exp $
+--- src/connections.c.orig	Fri Apr 13 16:26:31 2007
+++ src/connections.c	Sat Jul 21 11:20:09 2007
+@@ -1252,6 +1252,16 @@ connection *connection_accept(server *srv, server_sock
+ 	socklen_t cnt_len;
+ 	/* accept it and register the fd */
+ 
+	/**
+	 * check if we can still open a new connections
+	 *
+	 * see #1216
+	 */
+
+	if (srv->conns->used >= srv->max_conns) {
+		return NULL;
+	}
+
+ 	cnt_len = sizeof(cnt_addr);
+ 
+ 	if (-1 == (cnt = accept(srv_socket->fd, (struct sockaddr *) &cnt_addr, &cnt_len))) {
+@@ -1265,6 +1275,9 @@ connection *connection_accept(server *srv, server_sock
+ 		case ECONNABORTED: /* this is a FreeBSD thingy */
+ 			/* we were stopped _after_ we had a connection */
+ 			break;
+		case EMFILE:
+			/* out of fds */
+			break;
+ 		default:
+ 			log_error_write(srv, __FILE__, __LINE__, "ssd", "accept failed:", strerror(errno), errno);
+ 		}
+@@ -1432,6 +1445,7 @@ int connection_state_machine(server *srv, connection *
+ 				} else if (con->in_error_handler) {
+ 					/* error-handler is back and has generated content */
+ 					/* if Status: was set, take it otherwise use 200 */
+					con->http_status = con->error_handler_saved_status;
+ 				}
+ 
+ 				if (con->http_status == 0) con->http_status = 200;
--- a/www/lighttpd/patches/patch-src_http_auth_c
+++ b/www/lighttpd/patches/patch-src_http_auth_c
@ -0,0 +1,50 @@
+$OpenBSD: patch-src_http_auth_c,v 1.1 2007/07/22 19:44:17 rui Exp $
+--- src/http_auth.c.orig	Fri Apr 13 16:26:31 2007
+++ src/http_auth.c	Sat Jul 21 11:15:42 2007
+@@ -830,8 +830,14 @@ int http_auth_basic_check(server *srv, connection *con
+ 
+ 	username = buffer_init();
+ 
+-	base64_decode(username, realm_str);
+	if (!base64_decode(username, realm_str)) {
+		buffer_free(username);
+ 
+		log_error_write(srv, __FILE__, __LINE__, "sb", "decodeing base64-string failed", username);
+
+		return 0;
+	}
+
+ 	/* r2 == user:password */
+ 	if (NULL == (pw = strchr(username->ptr, ':'))) {
+ 		buffer_free(username);
+@@ -967,7 +973,7 @@ int http_auth_digest_check(server *srv, connection *co
+ 	for (c = b->ptr; *c; c++) {
+ 		/* skip whitespaces */
+ 		while (*c == ' ' || *c == '\t') c++;
+-		if (!c) break;
+		if (!*c) break;
+ 
+ 		for (i = 0; dkv[i].key; i++) {
+ 			if ((0 == strncmp(c, dkv[i].key, dkv[i].key_len))) {
+@@ -1016,6 +1022,21 @@ int http_auth_digest_check(server *srv, connection *co
+ 
+ 		log_error_write(srv, __FILE__, __LINE__, "s",
+ 				"digest: missing field");
+
+		buffer_free(b);
+		return -1;
+	}
+
+	/**
+	 * protect the md5-sess against missing cnonce and nonce
+	 */
+	if (algorithm &&
+	    0 == strcasecmp(algorithm, "md5-sess") &&
+	    (!nonce || !cnonce)) {
+		log_error_write(srv, __FILE__, __LINE__, "s",
+				"digest: (md5-sess: missing field");
+
+		buffer_free(b);
+ 		return -1;
+ 	}
+ 
--- a/www/lighttpd/patches/patch-src_mod_access_c
+++ b/www/lighttpd/patches/patch-src_mod_access_c
@ -0,0 +1,77 @@
+$OpenBSD: patch-src_mod_access_c,v 1.1 2007/07/22 19:44:17 rui Exp $
+--- src/mod_access.c.orig	Thu Feb  8 16:34:46 2007
+++ src/mod_access.c	Sat Jul 21 11:23:23 2007
+@@ -111,6 +111,15 @@ static int mod_access_patch_connection(server *srv, co
+ }
+ #undef PATCH
+ 
+/**
+ * URI handler
+ *
+ * we will get called twice:
+ * - after the clean up of the URL and 
+ * - after the pathinfo checks are done
+ *
+ * this handles the issue of trailing slashes
+ */
+ URIHANDLER_FUNC(mod_access_uri_handler) {
+ 	plugin_data *p = p_d;
+ 	int s_len;
+@@ -122,28 +131,41 @@ URIHANDLER_FUNC(mod_access_uri_handler) {
+ 
+ 	s_len = con->uri.path->used - 1;
+ 
+	if (con->conf.log_request_handling) {
+ 		log_error_write(srv, __FILE__, __LINE__, "s", 
+				"-- mod_access_uri_handler called");
+	}
+
+ 	for (k = 0; k < p->conf.access_deny->used; k++) {
+ 		data_string *ds = (data_string *)p->conf.access_deny->data[k];
+ 		int ct_len = ds->value->used - 1;
+		int denied = 0;
+ 
+-		if (ct_len > s_len) continue;
+ 
+		if (ct_len > s_len) continue;
+ 		if (ds->value->used == 0) continue;
+ 
+ 		/* if we have a case-insensitive FS we have to lower-case the URI here too */
+ 
+ 		if (con->conf.force_lowercase_filenames) {
+ 			if (0 == strncasecmp(con->uri.path->ptr + s_len - ct_len, ds->value->ptr, ct_len)) {
+-				con->http_status = 403;
+-
+-				return HANDLER_FINISHED;
+				denied = 1;
+ 			}
+ 		} else {
+ 			if (0 == strncmp(con->uri.path->ptr + s_len - ct_len, ds->value->ptr, ct_len)) {
+-				con->http_status = 403;
+				denied = 1;
+			}
+		}
+ 
+-				return HANDLER_FINISHED;
+		if (denied) {
+			con->http_status = 403;
+
+			if (con->conf.log_request_handling) {
+	 			log_error_write(srv, __FILE__, __LINE__, "sb", 
+					"url denied as we match:", ds->value);
+ 			}
+
+			return HANDLER_FINISHED;
+ 		}
+ 	}
+ 
+@@ -158,7 +180,8 @@ int mod_access_plugin_init(plugin *p) {
+ 
+ 	p->init        = mod_access_init;
+ 	p->set_defaults = mod_access_set_defaults;
+-	p->handle_uri_clean  = mod_access_uri_handler;
+	p->handle_uri_clean = mod_access_uri_handler;
+	p->handle_subrequest_start  = mod_access_uri_handler;
+ 	p->cleanup     = mod_access_free;
+ 
+ 	p->data        = NULL;
--- a/www/lighttpd/patches/patch-src_mod_fastcgi_c
+++ b/www/lighttpd/patches/patch-src_mod_fastcgi_c
@ -0,0 +1,12 @@
+$OpenBSD: patch-src_mod_fastcgi_c,v 1.3 2007/07/22 19:44:17 rui Exp $
+--- src/mod_fastcgi.c.orig	Sat Jul 21 11:34:09 2007
+++ src/mod_fastcgi.c	Sat Jul 21 11:35:05 2007
+@@ -2964,7 +2964,7 @@ static handler_t fcgi_write_request(server *srv, handl
+ 				 *
+ 				 */
+ 
+-				log_error_write(srv, __FILE__, __LINE__, "ssdsd",
+				log_error_write(srv, __FILE__, __LINE__, "ssosd",
+ 						"[REPORT ME] connection was dropped after accept(). reconnect() denied:",
+ 						"write-offset:", hctx->wb->bytes_out,
+ 						"reconnect attempts:", hctx->reconnects);
--- a/www/lighttpd/patches/patch-src_mod_scgi_c
+++ b/www/lighttpd/patches/patch-src_mod_scgi_c
@ -0,0 +1,30 @@
+$OpenBSD: patch-src_mod_scgi_c,v 1.1 2007/07/22 19:44:17 rui Exp $
+--- src/mod_scgi.c.orig	Thu Feb  8 16:34:45 2007
+++ src/mod_scgi.c	Sat Jul 21 11:30:51 2007
+@@ -803,7 +803,7 @@ static int scgi_spawn_connection(server *srv,
+ 			buffer_append_string_buffer(b, host->bin_path);
+ 
+ 			/* exec the cgi */
+-			execle("/bin/sh", "sh", "-c", b->ptr, NULL, env.ptr);
+			execle("/bin/sh", "sh", "-c", b->ptr, (char *)NULL, env.ptr);
+ 
+ 			log_error_write(srv, __FILE__, __LINE__, "sbs",
+ 					"execl failed for:", host->bin_path, strerror(errno));
+@@ -2286,7 +2286,7 @@ static handler_t scgi_write_request(server *srv, handl
+ 				 *
+ 				 */
+ 
+-				log_error_write(srv, __FILE__, __LINE__, "ssdsd",
+				log_error_write(srv, __FILE__, __LINE__, "ssosd",
+ 						"[REPORT ME] connection was dropped after accept(). reconnect() denied:",
+ 						"write-offset:", hctx->wb->bytes_out,
+ 						"reconnect attempts:", hctx->reconnects);
+@@ -2536,7 +2536,7 @@ static handler_t scgi_handle_fdevent(void *s, void *ct
+ 					return HANDLER_WAIT_FOR_FD;
+ 				}
+ 
+-				log_error_write(srv, __FILE__, __LINE__, "sdsdsd",
+				log_error_write(srv, __FILE__, __LINE__, "sosdsd",
+ 						"response not sent, request sent:", hctx->wb->bytes_out,
+ 						"connection-fd:", con->fd,
+ 						"fcgi-fd:", hctx->fd);
--- a/www/lighttpd/patches/patch-src_mod_webdav_c
+++ b/www/lighttpd/patches/patch-src_mod_webdav_c
@ -0,0 +1,21 @@
+$OpenBSD: patch-src_mod_webdav_c,v 1.1 2007/07/22 19:44:17 rui Exp $
+--- src/mod_webdav.c.orig	Fri Apr 13 16:26:31 2007
+++ src/mod_webdav.c	Sat Jul 21 11:32:15 2007
+@@ -1035,7 +1035,7 @@ static int webdav_parse_chunkqueue(server *srv, connec
+ 			}
+ 
+ 			if (XML_ERR_OK != (err = xmlParseChunk(ctxt, c->file.mmap.start + c->offset, weHave, 0))) {
+-				log_error_write(srv, __FILE__, __LINE__, "sddd", "xmlParseChunk failed at:", cq->bytes_out, weHave, err);
+				log_error_write(srv, __FILE__, __LINE__, "sodd", "xmlParseChunk failed at:", cq->bytes_out, weHave, err);
+ 			}
+ 
+ 			c->offset += weHave;
+@@ -1053,7 +1053,7 @@ static int webdav_parse_chunkqueue(server *srv, connec
+ 			}
+ 
+ 			if (XML_ERR_OK != (err = xmlParseChunk(ctxt, c->mem->ptr + c->offset, weHave, 0))) {
+-				log_error_write(srv, __FILE__, __LINE__, "sddd", "xmlParseChunk failed at:", cq->bytes_out, weHave, err);
+				log_error_write(srv, __FILE__, __LINE__, "sodd", "xmlParseChunk failed at:", cq->bytes_out, weHave, err);
+ 			}
+ 
+ 			c->offset += weHave;
--- a/www/lighttpd/patches/patch-src_request_c
+++ b/www/lighttpd/patches/patch-src_request_c
@ -0,0 +1,69 @@
+$OpenBSD: patch-src_request_c,v 1.1 2007/07/22 19:44:17 rui Exp $
+--- src/request.c.orig	Fri Apr 13 16:26:31 2007
+++ src/request.c	Sat Jul 21 11:10:11 2007
+@@ -284,8 +284,6 @@ int http_request_parse(server *srv, connection *con) {
+ 
+ 	int done = 0;
+ 
+-	data_string *ds = NULL;
+-
+ 	/*
+ 	 * Request: "^(GET|POST|HEAD) ([^ ]+(\\?[^ ]+|)) (HTTP/1\\.[01])$"
+ 	 * Option : "^([-a-zA-Z]+): (.+)$"
+@@ -715,12 +713,24 @@ int http_request_parse(server *srv, connection *con) {
+ 			switch(*cur) {
+ 			case '\r':
+ 				if (con->parse_request->ptr[i+1] == '\n') {
+					data_string *ds = NULL;
+
+ 					/* End of Headerline */
+ 					con->parse_request->ptr[i] = '\0';
+ 					con->parse_request->ptr[i+1] = '\0';
+ 
+ 					if (in_folding) {
+-						if (!ds) {
+						buffer *key_b;
+						/**
+						 * we use a evil hack to handle the line-folding
+						 * 
+						 * As array_insert_unique() deletes 'ds' in the case of a duplicate
+						 * ds points somewhere and we get a evil crash. As a solution we keep the old
+						 * "key" and get the current value from the hash and append us
+						 *
+						 * */
+
+						if (!key || !key_len) {
+ 							/* 400 */
+ 
+ 							if (srv->srvconf.log_request_header_on_error) {
+@@ -737,7 +747,15 @@ int http_request_parse(server *srv, connection *con) {
+ 							con->response.keep_alive = 0;
+ 							return 0;
+ 						}
+-						buffer_append_string(ds->value, value);
+
+						key_b = buffer_init();
+						buffer_copy_string_len(key_b, key, key_len);
+
+						if (NULL != (ds = (data_string *)array_get_element(con->request.headers, key_b->ptr))) {
+							buffer_append_string(ds->value, value);
+						}
+
+						buffer_free(key_b);
+ 					} else {
+ 						int s_len;
+ 						key = con->parse_request->ptr + first;
+@@ -969,7 +987,12 @@ int http_request_parse(server *srv, connection *con) {
+ 					first = i+1;
+ 					is_key = 1;
+ 					value = 0;
+-					key_len = 0;
+#if 0
+					/**
+					 * for Bug 1230 keep the key_len a live
+					 */
+					key_len = 0; 
+#endif
+ 					in_folding = 0;
+ 				} else {
+ 					if (srv->srvconf.log_request_header_on_error) {
--- a/www/lighttpd/patches/patch-src_server_c
+++ b/www/lighttpd/patches/patch-src_server_c
@ -0,0 +1,26 @@
+$OpenBSD: patch-src_server_c,v 1.3 2007/07/22 19:44:17 rui Exp $
+--- src/server.c.orig	Fri Apr 13 16:26:31 2007
+++ src/server.c	Sat Jul 21 11:21:46 2007
+@@ -775,6 +775,22 @@ int main (int argc, char **argv) {
+ 			return -1;
+ 		}
+ 
+		/**
+		 * we are not root can can't increase the fd-limit, but we can reduce it
+		 */
+		if (srv->srvconf.max_fds && srv->srvconf.max_fds < rlim.rlim_cur) {
+			/* set rlimits */
+
+			rlim.rlim_cur = srv->srvconf.max_fds;
+
+			if (0 != setrlimit(RLIMIT_NOFILE, &rlim)) {
+				log_error_write(srv, __FILE__, __LINE__,
+						"ss", "couldn't set 'max filedescriptors'",
+						strerror(errno));
+				return -1;
+			}
+		}
+
+ 		if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
+ 			srv->max_fds = rlim.rlim_cur < FD_SETSIZE - 200 ? rlim.rlim_cur : FD_SETSIZE - 200;
+ 		} else {
--- a/www/lighttpd/patches/patch-tests_core-request_t
+++ b/www/lighttpd/patches/patch-tests_core-request_t
@ -0,0 +1,51 @@
+$OpenBSD: patch-tests_core-request_t,v 1.1 2007/07/22 19:44:17 rui Exp $
+--- tests/core-request.t.orig	Thu Feb  8 16:34:47 2007
+++ tests/core-request.t	Sat Jul 21 11:12:42 2007
+@@ -8,7 +8,7 @@ BEGIN {
+ 
+ use strict;
+ use IO::Socket;
+-use Test::More tests => 33;
+use Test::More tests => 36;
+ use LightyTest;
+ 
+ my $tf = LightyTest->new();
+@@ -272,6 +272,38 @@ EOF
+  );
+ $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
+ ok($tf->handle_http($t) == 0, 'uppercase filenames');
+
+$t->{REQUEST}  = ( <<EOF
+GET / HTTP/1.0
+Location: foo
+Location: foobar
+  baz
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
+ok($tf->handle_http($t) == 0, '#1232 - duplicate headers with line-wrapping');
+
+$t->{REQUEST}  = ( <<EOF
+GET / HTTP/1.0
+Location: 
+Location: foobar
+  baz
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
+ok($tf->handle_http($t) == 0, '#1232 - duplicate headers with line-wrapping - test 2');
+
+$t->{REQUEST}  = ( <<EOF
+GET / HTTP/1.0
+A: 
+Location: foobar
+  baz
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
+ok($tf->handle_http($t) == 0, '#1232 - duplicate headers with line-wrapping - test 3');
+
+
+ 
+ 
+ ok($tf->stop_proc == 0, "Stopping lighttpd");
--- a/www/lighttpd/patches/patch-tests_docroot_www_Makefile_am
+++ b/www/lighttpd/patches/patch-tests_docroot_www_Makefile_am
@ -0,0 +1,10 @@
+$OpenBSD: patch-tests_docroot_www_Makefile_am,v 1.1 2007/07/22 19:44:17 rui Exp $
+--- tests/docroot/www/Makefile.am.orig	Thu Feb  8 16:34:47 2007
+++ tests/docroot/www/Makefile.am	Sat Jul 21 11:26:53 2007
+@@ -1,5 +1,5 @@
+ EXTRA_DIST=cgi.php cgi.pl dummydir index.html index.txt phpinfo.php \
+ 	   redirect.php cgi-pathinfo.pl get-env.php get-server-env.php \
+ 	   nph-status.pl prefix.fcgi get-header.pl ssi.shtml get-post-len.pl \
+-	   exec-date.shtml
+	   exec-date.shtml index.html~
+ SUBDIRS=go indexfile expire
--- a/www/lighttpd/patches/patch-tests_mod-access_t
+++ b/www/lighttpd/patches/patch-tests_mod-access_t
@ -0,0 +1,26 @@
+$OpenBSD: patch-tests_mod-access_t,v 1.1 2007/07/22 19:44:17 rui Exp $
+--- tests/mod-access.t.orig	Thu Feb  8 16:34:47 2007
+++ tests/mod-access.t	Sat Jul 21 11:24:51 2007
+@@ -8,7 +8,7 @@ BEGIN {
+ 
+ use strict;
+ use IO::Socket;
+-use Test::More tests => 3;
+use Test::More tests => 4;
+ use LightyTest;
+ 
+ my $tf = LightyTest->new();
+@@ -22,6 +22,13 @@ EOF
+  );
+ $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ];
+ ok($tf->handle_http($t) == 0, 'forbid access to ...~');
+
+$t->{REQUEST}  = ( <<EOF
+GET /index.html~/ HTTP/1.0
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ];
+ok($tf->handle_http($t) == 0, '#1230 - forbid access to ...~ - trailing slash');
+ 
+ ok($tf->stop_proc == 0, "Stopping lighttpd");
+ 
--- a/www/lighttpd/patches/patch-tests_mod-auth_t
+++ b/www/lighttpd/patches/patch-tests_mod-auth_t
@ -0,0 +1,56 @@
+$OpenBSD: patch-tests_mod-auth_t,v 1.1 2007/07/22 19:44:17 rui Exp $
+--- tests/mod-auth.t.orig	Thu Feb  8 16:34:47 2007
+++ tests/mod-auth.t	Sat Jul 21 11:17:06 2007
+@@ -8,7 +8,7 @@ BEGIN {
+ 
+ use strict;
+ use IO::Socket;
+-use Test::More tests => 10;
+use Test::More tests => 13;
+ use LightyTest;
+ 
+ my $tf = LightyTest->new();
+@@ -92,6 +92,43 @@ EOF
+  );
+ $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 400 } ];
+ ok($tf->handle_http($t) == 0, 'Digest-Auth: missing nc (noncecount instead), no crash');
+
+$t->{REQUEST}  = ( <<EOF
+GET /server-status HTTP/1.0
+Authorization: Basic =
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ];
+ok($tf->handle_http($t) == 0, 'Basic-Auth: Invalid Base64');
+
+
+$t->{REQUEST}  = ( <<EOF
+GET /server-status HTTP/1.0
+User-Agent: Wget/1.9.1
+Authorization: Digest username="jan", realm="jan",
+	nonce="b1d12348b4620437c43dd61c50ae4639", algorithm="md5-sess",
+	uri="/MJ-BONG.xm.mpc", qop=auth, noncecount=00000001",
+	cnonce="036FCA5B86F7E7C4965C7F9B8FE714B7",
+	nc="asd",
+	response="29B32C2953C763C6D033C8A49983B87E"
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ];
+ok($tf->handle_http($t) == 0, 'Digest-Auth: md5-sess + missing cnonce');
+
+$t->{REQUEST}  = ( <<EOF
+GET /server-status HTTP/1.0
+User-Agent: Wget/1.9.1
+Authorization: Digest username="jan", realm="jan",
+	nonce="b1d12348b4620437c43dd61c50ae4639", algorithm="md5-sess",
+	uri="/MJ-BONG.xm.mpc", qop=auth, noncecount=00000001",
+	cnonce="036FCA5B86F7E7C4965C7F9B8FE714B7",
+	nc="asd",
+	response="29B32C2953C763C6D033C8A49983B87E"     
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ];
+ok($tf->handle_http($t) == 0, 'Digest-Auth: trailing WS');
+ 
+ 
+ 
--- a/www/lighttpd/patches/patch-tests_prepare_sh
+++ b/www/lighttpd/patches/patch-tests_prepare_sh
@ -0,0 +1,11 @@
+$OpenBSD: patch-tests_prepare_sh,v 1.1 2007/07/22 19:44:17 rui Exp $
+--- tests/prepare.sh.orig	Thu Feb  8 16:34:48 2007
+++ tests/prepare.sh	Sat Jul 21 11:25:56 2007
+@@ -25,6 +25,7 @@ mkdir -p $tmpdir/cache/compress/
+ # copy everything into the right places
+ cp $srcdir/docroot/www/*.html \
+    $srcdir/docroot/www/*.php \
+   $srcdir/docroot/www/*.html~ \
+    $srcdir/docroot/www/*.pl \
+    $srcdir/docroot/www/*.fcgi \
+    $srcdir/docroot/www/*.shtml \