diff --git a/.gitignore b/.gitignore index ae02cb1..a353430 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ mongoose-2.8.tgz /mongoose-3.0.tgz +/mongoose-3.1.tgz diff --git a/mongoose-fix-buffer-overflow-put_dir.patch b/mongoose-fix-buffer-overflow-put_dir.patch deleted file mode 100644 index 3b8e804..0000000 --- a/mongoose-fix-buffer-overflow-put_dir.patch +++ /dev/null @@ -1,52 +0,0 @@ -diff -r 983c674b7cfc -r 556f4de91eae mongoose.c ---- a/mongoose.c Tue Jul 26 00:39:05 2011 +0100 -+++ b/mongoose.c Wed Aug 03 11:39:55 2011 +0200 -@@ -3029,26 +3029,31 @@ - char buf[PATH_MAX]; - const char *s, *p; - struct mgstat st; -- size_t len; -- -- for (s = p = path + 2; (p = strchr(s, '/')) != NULL; s = ++p) { -+ int len, res = 1; -+ -+ for (s = p = path + 2; (p = strchr(s, DIRSEP)) != NULL; s = ++p) { - len = p - path; -- assert(len < sizeof(buf)); -- (void) memcpy(buf, path, len); -+ if (len >= (int) sizeof(buf)) { -+ res = -1; -+ break; -+ } -+ memcpy(buf, path, len); - buf[len] = '\0'; - - // Try to create intermediate directory -+ DEBUG_TRACE(("mkdir(%s)", buf)); - if (mg_stat(buf, &st) == -1 && mg_mkdir(buf, 0755) != 0) { -- return -1; -+ res = -1; -+ break; - } - - // Is path itself a directory? - if (p[1] == '\0') { -- return 0; -+ res = 0; - } - } - -- return 1; -+ return res; - } - - static void put_file(struct mg_connection *conn, const char *path) { -@@ -3245,7 +3250,7 @@ - * conn->request_info.query_string++ = '\0'; - } - uri_len = strlen(ri->uri); -- (void) url_decode(ri->uri, (size_t)uri_len, ri->uri, (size_t)(uri_len + 1), 0); -+ url_decode(ri->uri, (size_t)uri_len, ri->uri, (size_t)(uri_len + 1), 0); - remove_double_dots_and_double_slashes(ri->uri); - convert_uri_to_file_name(conn, ri->uri, path, sizeof(path)); - diff --git a/mongoose-fix-libmongoose-so-build.patch b/mongoose-fix-libmongoose-so-build.patch new file mode 100644 index 0000000..4c44133 --- /dev/null +++ b/mongoose-fix-libmongoose-so-build.patch @@ -0,0 +1,23 @@ +diff -pruN a/Makefile b/Makefile +--- a/Makefile 2012-03-11 19:41:34.000000000 -0300 ++++ b/Makefile 2012-07-05 21:02:19.380557317 -0300 +@@ -25,7 +25,8 @@ all: + CFLAGS = -W -Wall -std=c99 -pedantic -O2 $(COPT) + MAC_SHARED = -flat_namespace -bundle -undefined suppress + LINFLAGS = -ldl -pthread $(CFLAGS) +-LIB = _$(PROG).so ++LIB = lib$(PROG).so ++SONAME = $(LIB).$(SOVER) + CC = g++ + + # Make sure that the compiler flags come last in the compilation string. +@@ -33,7 +34,8 @@ CC = g++ + # "-Wl,--as-needed" turned on by default in cc command. + # Also, this is turned in many other distros in static linkage builds. + linux: +- $(CC) mongoose.c -shared -fPIC -fpic -o $(LIB) $(LINFLAGS) ++ $(CC) mongoose.c -shared -fPIC -fpic -Wl,-soname,$(SONAME) \ ++ -o $(LIB).$(VER) $(LINFLAGS) + $(CC) mongoose.c main.c -o $(PROG) $(LINFLAGS) + + bsd: diff --git a/mongoose-fix-no-ssl-dl-build-error.patch b/mongoose-fix-no-ssl-dl-build-error.patch new file mode 100644 index 0000000..30517c4 --- /dev/null +++ b/mongoose-fix-no-ssl-dl-build-error.patch @@ -0,0 +1,34 @@ +diff -pruN a/mongoose.c b/mongoose.c +--- a/mongoose.c 2012-03-11 19:41:35.000000000 -0300 ++++ b/mongoose.c 2012-07-05 18:39:35.734964177 -0300 +@@ -270,28 +270,8 @@ typedef struct ssl_ctx_st SSL_CTX; + #define CRYPTO_LOCK 1 + + #if defined(NO_SSL_DL) +-extern void SSL_free(SSL *); +-extern int SSL_accept(SSL *); +-extern int SSL_connect(SSL *); +-extern int SSL_read(SSL *, void *, int); +-extern int SSL_write(SSL *, const void *, int); +-extern int SSL_get_error(const SSL *, int); +-extern int SSL_set_fd(SSL *, int); +-extern SSL *SSL_new(SSL_CTX *); +-extern SSL_CTX *SSL_CTX_new(SSL_METHOD *); +-extern SSL_METHOD *SSLv23_server_method(void); +-extern int SSL_library_init(void); +-extern void SSL_load_error_strings(void); +-extern int SSL_CTX_use_PrivateKey_file(SSL_CTX *, const char *, int); +-extern int SSL_CTX_use_certificate_file(SSL_CTX *, const char *, int); +-extern int SSL_CTX_use_certificate_chain_file(SSL_CTX *, const char *); +-extern void SSL_CTX_set_default_passwd_cb(SSL_CTX *, mg_callback_t); +-extern void SSL_CTX_free(SSL_CTX *); +-extern unsigned long ERR_get_error(void); +-extern char *ERR_error_string(unsigned long, char *); +-extern int CRYPTO_num_locks(void); +-extern void CRYPTO_set_locking_callback(void (*)(int, int, const char *, int)); +-extern void CRYPTO_set_id_callback(unsigned long (*)(void)); ++#include ++#include + #else + // Dynamically loaded SSL functionality + struct ssl_func { diff --git a/mongoose.spec b/mongoose.spec index dd69586..d6c8be5 100644 --- a/mongoose.spec +++ b/mongoose.spec @@ -1,19 +1,21 @@ -Name: mongoose -Group: Applications/System -Summary: An easy-to-use self-sufficient web server -Version: 3.0 -Release: 3%{?dist} -License: MIT -URL: http://code.google.com/p/mongoose -Source0: http://mongoose.googlecode.com/files/mongoose-%{version}.tgz -Source1: mongoose.conf -BuildRequires: openssl-devel - -# FIX CVE-2011-2900 -# https://code.google.com/p/mongoose/source/detail?r=556f4de91eae4bac40dc5d4ddbd9ec7c424711d0# -Patch0: mongoose-fix-buffer-overflow-put_dir.patch - -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +Name: mongoose +Group: Applications/System +Summary: An easy-to-use self-sufficient web server +Version: 3.1 +Release: 1%{?dist} +License: MIT +URL: http://code.google.com/p/mongoose +Source0: http://mongoose.googlecode.com/files/mongoose-%{version}.tgz +Source1: mongoose.conf +BuildRequires: openssl-devel + +# Build changes: +# http://code.google.com/p/mongoose/issues/detail?id=372 +Patch0: mongoose-fix-libmongoose-so-build.patch +# http://code.google.com/p/mongoose/issues/detail?id=371 +Patch1: mongoose-fix-no-ssl-dl-build-error.patch + +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) %description Mongoose web server executable is self-sufficient, it does not depend on @@ -25,21 +27,53 @@ for example, different listening port or IP-based access control, then a directory where executable lives. This makes Mongoose perfect for all sorts of demos, quick tests, file sharing, and Web programming. +%package lib +Group: Development/Libraries +Summary: Shared Object for applications that use %{name} embedded + +%description lib +This package contains the shared library required by applications that +are using %{name}'s embeddable API to provide web services. + +%post lib -p /sbin/ldconfig +%postun lib -p /sbin/ldconfig + +%package devel +Group: Development/Libraries +Summary: Header files and development libraries for %{name} +Requires: %{name}-lib = %{version}-%{release} + +%description devel +This package contains the header files and development libraries +for %{name}. If you like to develop programs embedding %{name} on them, +you will need to install %{name}-devel and check %{name}'s API at its +comprisable header file. + %prep %setup -q -n %{name} -%patch0 -p1 -b .fixcve +%patch0 -p1 -b .solib-build +%patch1 -p1 -b .nossldl-build %{__install} -p -m 0644 %{SOURCE1} . %build -# get dinamically the correct version to SSL shlib -LIBV=$(find '%{_libdir}' | grep -E '/libssl.so.[0-9]?[0-9]?$' | sed -e 's!%{_libdir}/libssl.so.!!') - -%{__make} %{?_smp_mflags} CFLAGS="%{optflags} -DSSL_LIB='\"libssl.so.${LIBV}\"' -DCRYPTO_LIB='\"libcrypto.so.${LIBV}\"'" linux +export VERSION=%{version} +%{__make} %{?_smp_mflags} VER="$VERSION" SOVER="${VERSION%.?}" \ + CFLAGS="%{optflags} -lssl -lcrypto -DNO_SSL_DL" linux %install %{__rm} -rf %{buildroot} %{__install} -D -p -m 0755 %{name} %{buildroot}/%{_bindir}/%{name} %{__install} -D -p -m 0644 %{name}.1 %{buildroot}/%{_mandir}/man1/%{name}.1 +# -lib subpackage +export VERSION=%{version} +%{__install} -D -p -m 0755 lib%{name}.so.%{version} \ + %{buildroot}/%{_libdir}/lib%{name}.so.$VERSION +ln -s %{_libdir}/lib%{name}.so.$VERSION \ + %{buildroot}/%{_libdir}/lib%{name}.so.${VERSION%.?} +# -devel subpackage +%{__install} -D -p -m 0644 %{name}.h %{buildroot}/%{_includedir}/%{name}.h +ln -s %{_libdir}/lib%{name}.so.$VERSION \ + %{buildroot}/%{_libdir}/lib%{name}.so %clean %{__rm} -rf %{buildroot} @@ -50,7 +84,21 @@ LIBV=$(find '%{_libdir}' | grep -E '/libssl.so.[0-9]?[0-9]?$' | sed -e 's!%{_lib %{_bindir}/%{name} %{_mandir}/man1/%{name}.1* +%files lib +%defattr(-,root,root,-) +%{_libdir}/lib%{name}.so.* + +%files devel +%defattr(-,root,root,-) +%{_includedir}/%{name}.h +%{_libdir}/lib%{name}.so + %changelog +* Thu Jul 5 2012 Rafael Azenha Aquini - 3.1-1 +- Packaged mongoose's upstream 3.1 release. +- Introduced -lib -devel sub-packages (804843) +- Change build option to -DNO_SSL_DL (804844) + * Fri Jan 13 2012 Fedora Release Engineering - 3.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild diff --git a/sources b/sources index 5d04585..1442422 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -98a8bdb7f955404ec7ef1996445411cc mongoose-3.0.tgz +e718fc287b4eb1bd523be3fa00942bb0 mongoose-3.1.tgz