diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2021-01-08 11:28:34 +0000 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2021-01-08 11:28:34 +0000 |
| commit | 24fd814c326e282c4321965c31f341dad77e270d (patch) | |
| tree | 033d63b33c21a3209964ab56005bb9bdd523630d /www-apps/webdavcgi | |
| parent | 129160ec854dca4c3fedb5bcfbcb56930371da0f (diff) | |
gentoo resync : 08.01.2021
Diffstat (limited to 'www-apps/webdavcgi')
| -rw-r--r-- | www-apps/webdavcgi/Manifest | 7 | ||||
| -rw-r--r-- | www-apps/webdavcgi/files/apache-webdavcgi-1.1-example.conf | 7 | ||||
| -rw-r--r-- | www-apps/webdavcgi/files/webdavcgi-1.1.2-fix-unescaped-braces.patch | 98 | ||||
| -rw-r--r-- | www-apps/webdavcgi/webdavcgi-1.1.2.ebuild (renamed from www-apps/webdavcgi/webdavcgi-1.1.1.ebuild) | 46 |
4 files changed, 140 insertions, 18 deletions
diff --git a/www-apps/webdavcgi/Manifest b/www-apps/webdavcgi/Manifest index 70751c9f11d5..e186eda4973c 100644 --- a/www-apps/webdavcgi/Manifest +++ b/www-apps/webdavcgi/Manifest @@ -1,5 +1,6 @@ -AUX apache-webdavcgi-1.1-example.conf 2621 BLAKE2B 0ef587bc87f08043c5503db0bf04259daf1c047a653203ba1794ce247d340fec722b91334f9a8b2d1af32bddc9b8e3cf1d31118d869816e8d20e46208362e4c1 SHA512 36e440c8274a46c3e415291f08eb1263694bcb512c9c5bfe6b58f8c24b4d665672788500fc31d87b104c4a654458572798a2e92ab913bd4a438e39b4e90e6ac8 +AUX apache-webdavcgi-1.1-example.conf 2613 BLAKE2B 0c6a1cc621b6d1d8ea07fdc6dd11d2ecffaa9f141641ecd696bd440a6978f141f38626d00d6ae84eddaf8c762f95c86c75c9c91a149d63c8db46dee5c8f1b1dc SHA512 54c338d68b18ed91c8a55b9eeb840c0d1f37fc75404f81dfeb351998d3294a04fd04762963c319ce37adee957bc5ad0117363323caf47252e37e934233460aed AUX webdav-1.1.conf 4450 BLAKE2B 29c7dcfdc623938d90a060e4e86d70d82bceb03aba95da72c323415dfc501de975a23cacda18929126f219f540da4b015fe6871e02a551ac25b7017268bf7d58 SHA512 4e867f9d8de4eb3f864ddc0671bf048d1a8daa9e01c830045a7adb5ac712c46925f0ed60d5aeba9acb3f9c3fd259411af23c41476f06d38f3d8f3cb2027c51c8 -DIST webdavcgi-1.1.1.tar.bz2 11623234 BLAKE2B a5a2b67f2666ce4180e5ed145045b8552e6e988967d99bad518d72a67a417ce600619b11af9171aa291bb4b98ec0b0c8c3ce56511d65c4e8b8c92932e8da418f SHA512 660b3e54d72c5b96c1fb329d8e0838b1dbf68e1671af3880f7e096bfdfe559909cf3e1e3069fe4877e0ffbd67d24dc4a38c3db8baaae6d62db05bde31cea789f -EBUILD webdavcgi-1.1.1.ebuild 5736 BLAKE2B 46d043b9252bdf52f75696ee6476489ebf8bde2a208f81d121b504bb4bd1e8b347bb2ae85ab650bb19e2dd6f47779387afb331219fa4e6d7e448699f5469a89d SHA512 e4fb54e0f2fee21772eae95816a4b9fca5179a5231606f904db5f61d50ecab7d1ad6922dc87d022dc199b8af5ff7b642148cc662c1413c73ae378648cc94ac8e +AUX webdavcgi-1.1.2-fix-unescaped-braces.patch 4681 BLAKE2B fcb31cbbbcb12aba3113693a603373301160997822be2172b02fafd0be97fea0c25a8bcad7196ffce08ea4f437c27a94f808822c49e4a12589dffac9cbe472f0 SHA512 4cc4bf31acd200365777d8b6ec3bdbc2325c81191a4f71308203a38cd0e918861c2432a50b3c11fdd04323ca3403f42541a3bc2aa6a6c1625fc841a836bf7606 +DIST webdavcgi-1.1.2.tar.gz 16844485 BLAKE2B 1a9f1b0b5b4520badaca1992ba51760a6a1b250edeb3debe6bdcb962fb43c3c660a837882bccfa645a466e967c726569113665ff3a3c0f4db88e573299a30582 SHA512 cddd8461bfb16b5d50a9a2bbe270d3b09e973e74d07b2f54a16473c48dbaaab7d561becf223405a03ef6ce45502bf9684e41dc8e9977b0af788d700693946826 +EBUILD webdavcgi-1.1.2.ebuild 6535 BLAKE2B 681db50e69128d224dfca6079236d1e1dbcbf9e90c61948546d7d7e7e5f18ea28a5478ed80ed471f14e39e697a49b2cc9490498464baa30a1b1aa7bbb0d2d5db SHA512 10ce76759f406c07308ef24438da31e856d31fe653f754189bc19e301be573cbd0a1d73ff6c56a45d417d657a7bd1ee2858c7ed60d8eae880a3cf73cb67787b5 MISC metadata.xml 1040 BLAKE2B fb1efea181e0b46f16e8086c4e183af13f61d4113d9957cb3b9e8ded4894c13e8559989c543cc9bdd326083805d7357c64c8ffc80518ed8fe12945c947cefbb0 SHA512 af3c8574f9b2c376194b27190dd6e1acf2e7a1e01f1becf41b84de395d96e6a6c739ebfb969c772104c8bdac3de4a8e725ad95a10e8a40902595602692bdcddb diff --git a/www-apps/webdavcgi/files/apache-webdavcgi-1.1-example.conf b/www-apps/webdavcgi/files/apache-webdavcgi-1.1-example.conf index 4ee926fbd7c7..900e0ba5a2c4 100644 --- a/www-apps/webdavcgi/files/apache-webdavcgi-1.1-example.conf +++ b/www-apps/webdavcgi/files/apache-webdavcgi-1.1-example.conf @@ -30,9 +30,10 @@ # # - The WEBDAVCONF environment variable has to point to your configuration # -# For further informations and other configuration possibilities consult the -# WebDAV CGI documentation which is located at http://webdavcgi.sourceforge.net -# and the Apache HTTP server documentation at https://httpd.apache.org/docs/ +# For further information and other configuration possibilities consult the +# WebDAV CGI documentation and Apache HTTP server documentation: +# * https://danrohde.github.io/webdavcgi/doc.html +# * https://httpd.apache.org/docs/ # ScriptAlias /webdavcgi "/usr/libexec/webdavcgi-1.1/cgi-bin/webdavwrapper" ScriptAlias /webdav/logout "/usr/libexec/webdavcgi-1.1/cgi-bin/logout" diff --git a/www-apps/webdavcgi/files/webdavcgi-1.1.2-fix-unescaped-braces.patch b/www-apps/webdavcgi/files/webdavcgi-1.1.2-fix-unescaped-braces.patch new file mode 100644 index 000000000000..3b3262bfd088 --- /dev/null +++ b/www-apps/webdavcgi/files/webdavcgi-1.1.2-fix-unescaped-braces.patch @@ -0,0 +1,98 @@ +diff --git a/lib/perl/Requests/WebDAVRequest.pm b/lib/perl/Requests/WebDAVRequest.pm +index 8d5b89e6..2b6ea4d9 100644 +--- a/lib/perl/Requests/WebDAVRequest.pm ++++ b/lib/perl/Requests/WebDAVRequest.pm +@@ -134,7 +134,7 @@ sub get_prop_stat { + $fn .= $is_dir && $fn !~ /\/$/xms ? q{/} : q{}; + foreach my $prop ( @{$props} ) { + my ( $xmlnsuri, $propname ) = ( 'DAV:', $prop ); +- if ( $prop =~ /^{([^}]*)}(.*)$/xms ) { ++ if ( $prop =~ /^[{]([^}]*)[}](.*)$/xms ) { + ( $xmlnsuri, $propname ) = ( $1, $2 ); + } + +diff --git a/lib/perl/WebDAV/Properties.pm b/lib/perl/WebDAV/Properties.pm +index 2baf319b..a9ee2d73 100644 +--- a/lib/perl/WebDAV/Properties.pm ++++ b/lib/perl/WebDAV/Properties.pm +@@ -139,7 +139,7 @@ sub set_property { + my $rfn = $self->resolve($fn); + my $ru = $REQUEST_URI; + my ( $ns, $pn ); +- if ( $propname =~ /^{([^}]+)}(.*)$/xms ) { ++ if ( $propname =~ /^[{]([^}]+)[}](.*)$/xms ) { + ( $ns, $pn ) = ( $1, $2 ); + } + +@@ -186,7 +186,7 @@ sub set_property { + if ( $parref + && ref($parref) eq 'HASH' + && ( !${$parref}{xmlns} || ${$parref}{xmlns} eq q{} ) +- && $n !~ /^{[^}]*}/xms ) ++ && $n !~ /^[{][^}]*[}]/xms ) + { + $n = '{}' . $n; + } +diff --git a/lib/perl/WebDAV/XMLHelper.pm b/lib/perl/WebDAV/XMLHelper.pm +index 10ec2ceb..c8116927 100644 +--- a/lib/perl/WebDAV/XMLHelper.pm ++++ b/lib/perl/WebDAV/XMLHelper.pm +@@ -229,7 +229,7 @@ sub get_namespace_uri { + + sub nonamespace { + my ($prop) = @_; +- $prop =~ s/^{[^}]*}//xms; ++ $prop =~ s/^[{][^}]*[}]//xms; + return $prop; + } + +diff --git a/lib/perl/WebInterface/Common.pm b/lib/perl/WebInterface/Common.pm +index a4236fae..6fa904cf 100644 +--- a/lib/perl/WebInterface/Common.pm ++++ b/lib/perl/WebInterface/Common.pm +@@ -562,7 +562,7 @@ sub _get_varref { + if ( defined $self->{$str} ) { + return $self->{$str}; + } +- if ($str=~/^(.*){(.*?)}/xms) { ++ if ($str=~/^(.*)[{](.*?)[}]/xms) { + $ref = $DefaultConfig::{$1}{$2}; + return $ref; + } +diff --git a/lib/perl/WebInterface/Extension/PropertiesViewer.pm b/lib/perl/WebInterface/Extension/PropertiesViewer.pm +index 2f6223e8..be7ba438 100644 +--- a/lib/perl/WebInterface/Extension/PropertiesViewer.pm ++++ b/lib/perl/WebInterface/Extension/PropertiesViewer.pm +@@ -157,7 +157,7 @@ sub _render_viewer { + my $title = create_xml( $r200{prop}, 1 ); + my $value = create_xml( $r200{prop}{$prop}, 1 ); + my $namespace = get_namespace_uri($prop); +- if ( $prop =~ /^{([^}]*)}/xms ) { ++ if ( $prop =~ /^[{]([^}]*)[}]/xms ) { + $namespace = $1; + } + push @bgstyleclasses, shift @bgstyleclasses; +diff --git a/lib/perl/WebInterface/View/Simple/RenderFileListTable.pm b/lib/perl/WebInterface/View/Simple/RenderFileListTable.pm +index 44cfd894..972d431f 100644 +--- a/lib/perl/WebInterface/View/Simple/RenderFileListTable.pm ++++ b/lib/perl/WebInterface/View/Simple/RenderFileListTable.pm +@@ -85,7 +85,7 @@ sub render_file_list_table { + unselectable => $self->is_unselectable($fn) ? 'yes' : 'no', + ); + $filelisttabletemplate =~ +- s/[\$]{?(\w+)}?/exists $stdvars{$1} && defined $stdvars{$1}?$stdvars{$1}:"\$$1"/xmegs; ++ s/[\$][{]?(\w+)[}]?/exists $stdvars{$1} && defined $stdvars{$1}?$stdvars{$1}:"\$$1"/xmegs; + my %jsondata = ( + content => $self->minify_html( + $self->render_template( $fn, $ru, $filelisttabletemplate ) +@@ -253,8 +253,8 @@ sub _render_file_list_entry { + my $displayname = $self->{cgi}->escapeHTML( $self->{backend}->getDisplayName($full) ); + my $now = $self->{c}{_render_file_list_entry}{now}{$lang} //= DateTime->now( locale => $lang ); + my $cct = $self->can_create_thumb($full); +- my $u = $self->{c}{_render_file_list_entry}{uid}{$uid // 'unknown'} //= $uid && $uid=~/^\d+$/xms ? scalar getpwuid( $uid ) : $uid ? $uid : 'unknown'; +- my $g = $self->{c}{_render_file_list_entry}{gid}{$gid // 'unknown'} //= $gid && $gid=~/^\d+$/xms ? scalar getgrgid( $gid ) : $gid ? $gid : 'unknown'; ++ my $u = $self->{c}{_render_file_list_entry}{uid}{$uid // 'unknown'} //= $uid && $uid=~/^\d+$/xms ? scalar getpwuid( $uid ) // $uid: $uid ? $uid : 'unknown'; ++ my $g = $self->{c}{_render_file_list_entry}{gid}{$gid // 'unknown'} //= $gid && $gid=~/^\d+$/xms ? scalar getgrgid( $gid ) // $gid: $gid ? $gid : 'unknown'; + my $icon = $self->{c}{_render_file_list_entry}{icon}{$mime} + //= $self->get_icon($mime); + my $enthumb = $self->{c}{_render_file_list_entry}{cookie}{thumbnails} diff --git a/www-apps/webdavcgi/webdavcgi-1.1.1.ebuild b/www-apps/webdavcgi/webdavcgi-1.1.2.ebuild index 54da3b6b4416..b9ddf2f7e102 100644 --- a/www-apps/webdavcgi/webdavcgi-1.1.1.ebuild +++ b/www-apps/webdavcgi/webdavcgi-1.1.2.ebuild @@ -1,20 +1,20 @@ -# Copyright 1999-2016 Gentoo Foundation +# Copyright 1999-2021 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 -EAPI=6 +EAPI=7 -inherit eutils toolchain-funcs versionator +inherit toolchain-funcs DESCRIPTION="A Perl CGI for accessing and sharing files, or calendar/addressbooks via WebDAV." -HOMEPAGE="http://webdavcgi.sourceforge.net/" -SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" +HOMEPAGE="https://danrohde.github.io/webdavcgi/" +SRC_URI="https://github.com/DanRohde/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz" LICENSE="GPL-3+" # Provide slotting on minor versions. WebDAV CGI is a web application which # can be shared by multiple instances and thus major updates shouldn't be # enforced to all users/instances at the same time. -SLOT="$(get_version_component_range 1-2)" +SLOT="$(ver_cut 1-2)" KEYWORDS="~amd64" IUSE="afs git kerberos ldap mysql pdf postgres rcs samba +sqlite +suid" @@ -27,6 +27,7 @@ RDEPEND="afs? ( net-fs/openafs ) dev-perl/DateTime dev-perl/DateTime-Format-Human-Duration dev-perl/File-Copy-Link + dev-perl/IO-Compress-Brotli dev-perl/JSON dev-perl/List-MoreUtils dev-perl/MIME-tools @@ -55,6 +56,16 @@ REQUIRED_USE="|| ( mysql postgres sqlite )" CGIBINDIR="cgi-bin" +PATCHES=( + # Fix unescaped braces, which adresses #674772 and #658470 + # + # The patch originates from + # https://github.com/DanRohde/webdavcgi/commit/04e79b7ecbaf3aae5ab813cd4fc0a009c72b1580 + # and can be remove as soon as this ebuild gets bumped to 1.1.3 which + # already includes the change. + "${FILESDIR}/${P}-fix-unescaped-braces.patch" +) + src_compile() { if use suid; then WEBDAVWRAPPERS="webdavwrapper" # Standard UID/GID wrapper @@ -146,7 +157,7 @@ src_install() { dodoc CHANGELOG dodoc etc/webdav.conf.complete dodoc "${FILESDIR}/${APACHEEXAMPLECONFIG}" - dodoc -r "doc/" + dodoc -r "docs/" } pkg_postinst() { @@ -162,23 +173,34 @@ pkg_postinst() { elog "The WebDAV CGI config is located at ${WEBDAVCONFIG}." elog elog "An example Apache HTTP server configuration snippet is available in" - elog "${ROOT%/}/usr/share/doc/${PF} in the file ${APACHEEXAMPLECONFIG}" + elog "${EROOT}/usr/share/doc/${PF} in the file ${APACHEEXAMPLECONFIG}" elog elog "An important note to systemd user's running the Apache HTTP server:" + elog "" elog "The default apache2.service will be started with private file system" - elog "namespaces for /var/tmp and /tmp enabled (PrivateTmp=true)." + elog "namespaces for /var/tmp and /tmp enabled (PrivateTmp=true) and with" + elog "restricted privileges and securebits flags (NoNewPrivileges=true" + elog "SecureBits=noroot-locked)" + elog "" elog "This means that you either need to disable PrivateTmp, relocate the" elog "directories starting with /var/tmp within ${WEBDAVCONFIG}" elog "or pre-create the directory structure with a user defined systemd" elog "companion unit using the JoinsNamespaceOf directive." + elog "" + elog "For those using the setuid/guid webdavwrapper, additional systemd" + elog "execution environment relaxation is required." elog - elog "To disable the private file system namespace, override the existing" - elog "service:" + elog "To override the existing systemd service unit:" elog "systemctl edit apache2.service" + elog "" elog "[Service]" + elog "# Disable private file system namespaces" elog "PrivateTmp=false" + elog "# Uncomment the following if you're using the setuid/guid webdavwrapper" + elog "#NoNewPrivileges=false" + elog "#SecureBits=" einfo einfo "Detailed installation and configuration instructions can be found at" - einfo "http://webdavcgi.sourceforge.net/" + einfo "https://danrohde.github.io/webdavcgi/doc.html" } |