update to sthttpd-2.26.4

* while this is the 'gentoo version' it does resolve htpasswd conflict * drop a patch in favor of FAKE_FLAGS while here discussed with/ok brad@
2014-05-06 09:00:37 +00:00 · 2014-05-06 09:00:37 +00:00 · e8ade12bcf
commit e8ade12bcf
parent 2bef45b262
7 changed files with 29 additions and 55 deletions
--- a/www/sthttpd/Makefile
+++ b/www/sthttpd/Makefile
@ -1,8 +1,8 @@
-# $OpenBSD: Makefile,v 1.1.1.1 2013/08/10 02:48:26 brad Exp $
+# $OpenBSD: Makefile,v 1.2 2014/05/06 09:00:37 jasper Exp $

 COMMENT=	tiny/turbo/throttling HTTP server

-DISTNAME=	sthttpd-2.26.3
+DISTNAME=	sthttpd-2.26.4
 CATEGORIES=	www
 MASTER_SITES=	http://opensource.dyc.edu/pub/sthttpd/

@ -16,6 +16,8 @@ WANTLIB=	c
 CONFIGURE_STYLE= gnu
 CONFIGURE_ENV+=	WEBDIR="/var/www/htdocs" WEBGROUP=www

+FAKE_FLAGS=	cgidir="${PREFIX}/libexec/sthttpd"
+
 NO_TEST=	Yes

 .include <bsd.port.mk>
--- a/www/sthttpd/distinfo
+++ b/www/sthttpd/distinfo
@ -1,2 +1,2 @@
-SHA256 (sthttpd-2.26.3.tar.gz) = 5d8lpFSCvRi7mBVe3ebaIXHmi6G4WY9HRQNXyvioVsE=
-SIZE (sthttpd-2.26.3.tar.gz) = 195629
+SHA256 (sthttpd-2.26.4.tar.gz) = eOh5eRQMvaEjyBtAUVUiQtu/+13sGhfl+V7Egmserds=
+SIZE (sthttpd-2.26.4.tar.gz) = 194544
--- a/www/sthttpd/patches/patch-extras_Makefile_in
+++ b/www/sthttpd/patches/patch-extras_Makefile_in
@ -1,11 +0,0 @@
-$OpenBSD: patch-extras_Makefile_in,v 1.1.1.1 2013/08/10 02:48:26 brad Exp $
--- extras/Makefile.in.orig	Thu Jul 19 23:23:10 2012
-+++ extras/Makefile.in	Thu Jul 19 23:23:49 2012
-@@ -460,7 +460,6 @@ install-dvi-am:
- 
- install-exec-am: install-dist_sbinSCRIPTS install-sbinPROGRAMS
- 	@$(NORMAL_INSTALL)
-	$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
- install-html: install-html-am
- 
- install-html-am:
--- a/www/sthttpd/patches/patch-extras_htpasswd_c
+++ b/www/sthttpd/patches/patch-extras_htpasswd_c
@ -1,20 +0,0 @@
-$OpenBSD: patch-extras_htpasswd_c,v 1.1.1.1 2013/08/10 02:48:26 brad Exp $
-
-A local attacker with the ability to alter .htpasswd files could
-cause a Denial of Service in thttpd by specially-crafting them.
-CVE-2012-5640
-
--- extras/htpasswd.c.orig	Thu Mar 14 04:10:47 2013
-+++ extras/htpasswd.c	Thu Mar 14 04:11:29 2013
-@@ -136,7 +136,10 @@ add_password( char* user, FILE* f )
-     (void) srandom( (int) time( (time_t*) 0 ) );
-     to64( &salt[0], random(), 2 );
-     cpw = crypt( pw, salt );
-    (void) fprintf( f, "%s:%s\n", user, cpw );
-+    if (cpw)
-+        (void) fprintf( f, "%s:%s\n", user, cpw );
-+    else
-+        (void) fprintf( stderr, "crypt() returned NULL, sorry\n" );
-     }
- 
- static void usage(void) {
--- a/www/sthttpd/patches/patch-extras_th_htpasswd_c
+++ b/www/sthttpd/patches/patch-extras_th_htpasswd_c
@ -0,0 +1,20 @@
+$OpenBSD: patch-extras_th_htpasswd_c,v 1.1 2014/05/06 09:00:37 jasper Exp $
+
+A local attacker with the ability to alter .htpasswd files could
+cause a Denial of Service in thttpd by specially-crafting them.
+CVE-2012-5640
+
+--- extras/th_htpasswd.c.orig	Thu May  1 10:49:44 2014
+++ extras/th_htpasswd.c	Thu May  1 10:50:16 2014
+@@ -140,7 +140,10 @@ add_password( char* user, FILE* f )
+     (void) srandom( (int) time( (time_t*) 0 ) );
+     to64( &salt[0], random(), 2 );
+     cpw = crypt( pw, salt );
+-    (void) fprintf( f, "%s:%s\n", user, cpw );
+    if (cpw)
+       (void) fprintf( f, "%s:%s\n", user, cpw );
+     else
+       (void) fprintf( stderr, "crypt() returned NULL, sorry\n" );
+     }
+ 
+ static void usage(void) {
--- a/www/sthttpd/patches/patch-www_cgi-bin_Makefile_in
+++ b/www/sthttpd/patches/patch-www_cgi-bin_Makefile_in
@ -1,12 +0,0 @@
-$OpenBSD: patch-www_cgi-bin_Makefile_in,v 1.1.1.1 2013/08/10 02:48:26 brad Exp $
--- www/cgi-bin/Makefile.in.orig	Fri Jul 13 07:50:37 2012
-+++ www/cgi-bin/Makefile.in	Sun Aug  5 04:53:10 2012
-@@ -180,7 +180,7 @@ target_alias = @target_alias@
- top_build_prefix = @top_build_prefix@
- top_builddir = @top_builddir@
- top_srcdir = @top_srcdir@
-cgidir = $(WEBDIR)/cgi-bin
-+cgidir = $(pkglibexecdir)
- redirect_SOURCES = redirect.c
- redirect_CPPFLAGS = -I$(top_srcdir)/src
- ssi_SOURCES = ssi.c
--- a/www/sthttpd/pkg/PLIST
+++ b/www/sthttpd/pkg/PLIST
@ -1,19 +1,14 @@
-@comment $OpenBSD: PLIST,v 1.1.1.1 2013/08/10 02:48:26 brad Exp $
+@comment $OpenBSD: PLIST,v 1.2 2014/05/06 09:00:37 jasper Exp $
@conflict thttpd-*
@pkgpath www/thttpd
 libexec/sthttpd/
-@comment libexec/sthttpd/index.html
-@comment @bin libexec/sthttpd/phf
-@comment libexec/sthttpd/printenv
@bin libexec/sthttpd/redirect
@bin libexec/sthttpd/ssi
-@comment @man man/man1/htpasswd.1
-@comment @man man/man1/makeweb.1
+@man man/man1/th_htpasswd.1
@man man/man8/redirect.8
@man man/man8/ssi.8
@man man/man8/syslogtocern.8
@man man/man8/thttpd.8
-@comment @bin sbin/htpasswd
-@comment @bin sbin/makeweb
 sbin/syslogtocern
+@bin sbin/th_htpasswd
@bin sbin/thttpd