--- apr-util-1.3.12+dfsg.orig/debian/repack.sh +++ apr-util-1.3.12+dfsg/debian/repack.sh @@ -0,0 +1,49 @@ +#!/bin/bash + +# "borrowed" from pkg-perl :) + +# Repackage upstream source to exclude non-distributable files +# should be called as "repack.sh --upstream-source +# (for example, via uscan) + +set -e +set -u + +VER="$2" +FILE="$3" +PKG=$(dpkg-parsechangelog | awk -F": " '/^Source: /{print $2}') + +REPACK_DIR="$PKG-$VER.orig" # DevRef ยง 6.7.8.2 + +echo -e "\nRepackaging $FILE\n" + +DIR=`mktemp -d ./tmpRepackXXXXXX` +trap "rm -rf \"$DIR\"" QUIT INT EXIT + +# Create an extra directory to cope with rootless tarballs +UP_BASE="$DIR/unpack" +mkdir "$UP_BASE" +tar xzf "$FILE" -C "$UP_BASE" + +if [ `ls -1 "$UP_BASE" | wc -l` -eq 1 ]; then + # Tarball does contain a root directory + UP_BASE="$UP_BASE/`ls -1 "$UP_BASE"`" +fi + +## Remove stuff +rm -fvr $UP_BASE/{crypto,include}/{apr_md4.,apr_md5.}{c,h} +## End + +mv "$UP_BASE" "$DIR/$REPACK_DIR" + +# Using a pipe hides tar errors! +tar cfC "$DIR/repacked.tar" "$DIR" "$REPACK_DIR" +gzip -9 < "$DIR/repacked.tar" > "$DIR/repacked.tar.gz" + +mv "$DIR/repacked.tar.gz" "$FILE" + +echo "*** $FILE repackaged" +NEWFILE="$(echo "$FILE" | sed "s/$VER/&+dfsg/")" +mv "$FILE" "$NEWFILE" +echo +echo "Renamed $FILE to $NEWFILE" --- apr-util-1.3.12+dfsg.orig/debian/rules +++ apr-util-1.3.12+dfsg/debian/rules @@ -0,0 +1,133 @@ +#!/usr/bin/make -f + +# Turn on VERBOSE output +#export DH_VERBOSE=1 +export DH_OPTIONS + +# for ppc64 on Ubuntu +export DEB_GCC_NO_O3=1 + +#enable dpatch +include /usr/share/dpatch/dpatch.make + +# These are used for cross-compiling and for saving the configure script +# # from having to guess our platform (since we know it already) +DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) +DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) + +# get cflags frpm apr-config but remove -O2 +CFLAGS := $(CFLAGS) $(shell apr-1-config --cflags |perl -p -e 's!-O.( |$$)!!') +LDFLAGS := $(LDFLAGS) $(shell apr-1-config --ldflags) + +# hardening options +H_CFLAGS := -Wformat -Wformat-security -D_FORTIFY_SOURCE=2 -fstack-protector +H_LDFLAGS := -Wl,-z,relro + +# Enable debug builds +ifneq (,$(findstring debug,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O0 +else + ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O0 + else + CFLAGS += -O2 + endif +endif + +ifneq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) + NUMJOBS = $(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) + MAKEFLAGS += -j$(NUMJOBS) +endif + +ifeq (,$(findstring notest,$(DEB_BUILD_OPTIONS))$(findstring nocheck,$(DEB_BUILD_OPTIONS))) + TEST_TARGET = test +else + TEST_TARGET = +endif + +# disable tests on hurd until they are fixed (see #530287) +DEB_HOST_ARCH_OS := $(shell dpkg-architecture -qDEB_HOST_ARCH_OS) +ifeq (hurd, $(DEB_HOST_ARCH_OS)) + TEST_TARGET = +endif + +ifeq ($(DEB_BUILD_ARCH),i386) + CONFFLAGS=apr_lock_method=USE_PROC_PTHREAD_SERIALIZE +else + CONFFLAGS=ac_cv_func_pthread_mutexattr_setpshared=no ac_cv_func_sem_open=no +endif + +CONFFLAGS += ac_cv_prog_AWK=mawk + +SHELL=/bin/bash + +config.status: configure.in patch-stamp + dh_testdir + ./buildconf --with-apr=$(shell apr-1-config --srcdir) + $(CONFFLAGS) ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) --enable-layout=Debian --with-apr=/usr/bin/apr-1-config --with-ldap=yes --with-dbm=db --with-sqlite3 --with-pgsql=/usr --without-gdbm --without-sqlite2 --with-berkeley-db --with-mysql=/usr --with-freetds=/usr --with-odbc=/usr + +build: patch-stamp build-stamp + +build-stamp: config.status + dh_testdir + + # LDFLAGS=-Wl,--as-needed does not work since it affects only libraries + # given _after_ it on the command line, but apr's libtool puts the + # "-l..." _before_ the "-Wl,--as-needed" + $(MAKE) CFLAGS="$(CFLAGS) $(H_CFLAGS)" LDFLAGS="$(LDFLAGS) $(H_LDFLAGS)" EXTRA_CFLAGS="" + $(MAKE) dox + + touch $@ + +clean: unpatch + dh_testdir + dh_testroot + rm -f build-stamp test-stamp + [ ! -f Makefile ] || $(MAKE) distclean + rm -f test/data/test-db test/data/test-sdbm.dir test/data/test-sdbm.pag + rm -f xml/expat/aclocal.m4 xml/expat/configure xml/expat/conftools/ltmain.sh + rm -f build-outputs.mk build/apr_common.m4 build/config.guess build/config.sub config.nice configure config.log + rm -rf docs/dox + + dh_clean + +test: test-stamp + +test-stamp: build + dh_testdir + $(MAKE) -j 1 check + + touch $@ + +install: build $(TEST_TARGET) + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs -a + + $(MAKE) install DESTDIR=$(CURDIR)/debian/tmp + perl -p -i -e "s,^dependency_libs=.*,dependency_libs=''," $(CURDIR)/debian/tmp/usr/lib/libaprutil-1.la + +binary-indep: build install + +binary-arch: build install + dh_testdir + dh_testroot + dh_installchangelogs CHANGES + dh_installdocs + dh_lintian + dh_install -a + dh_link + dh_strip --dbg-package=libaprutil1-dbg + dh_compress + dh_fixperms + dh_makeshlibs -plibaprutil1 + dh_makeshlibs -n -Nlibaprutil1 + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install --- apr-util-1.3.12+dfsg.orig/debian/libaprutil1-ldap.install +++ apr-util-1.3.12+dfsg/debian/libaprutil1-ldap.install @@ -0,0 +1,3 @@ +debian/tmp/usr/lib/apr-util-1/apr_ldap-1.so usr/lib/apr-util-1/ +debian/tmp/usr/lib/apr-util-1/apr_ldap.so usr/lib/apr-util-1/ + --- apr-util-1.3.12+dfsg.orig/debian/libaprutil1-dbd-mysql.install +++ apr-util-1.3.12+dfsg/debian/libaprutil1-dbd-mysql.install @@ -0,0 +1,3 @@ +debian/tmp/usr/lib/apr-util-1/apr_dbd_mysql-1.so usr/lib/apr-util-1/ +debian/tmp/usr/lib/apr-util-1/apr_dbd_mysql.so usr/lib/apr-util-1/ + --- apr-util-1.3.12+dfsg.orig/debian/libaprutil1-dbd-sqlite3.install +++ apr-util-1.3.12+dfsg/debian/libaprutil1-dbd-sqlite3.install @@ -0,0 +1,3 @@ +debian/tmp/usr/lib/apr-util-1/apr_dbd_sqlite3-1.so usr/lib/apr-util-1/ +debian/tmp/usr/lib/apr-util-1/apr_dbd_sqlite3.so usr/lib/apr-util-1/ + --- apr-util-1.3.12+dfsg.orig/debian/compat +++ apr-util-1.3.12+dfsg/debian/compat @@ -0,0 +1 @@ +6 --- apr-util-1.3.12+dfsg.orig/debian/copyright +++ apr-util-1.3.12+dfsg/debian/copyright @@ -0,0 +1,141 @@ +This package was debianized by Thom May on +Wed, 17 Nov 2004 11:27:14 -0800 + +It was downloaded from http://httpd.apache.org/download.cgi + +Upstream Authors: The Apache Software Foundation - http://apr.apache.org/ + +Copyright: + +Licensed to the Apache Software Foundation (ASF) under one or more contributor +license agreements. The ASF licenses this work to You under the Apache License, +Version 2.0 (the "License"); you may not use this work except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +On a Debian system, the license can be found at +/usr/share/common-licenses/Apache-2.0 . + + +APACHE PORTABLE RUNTIME SUBCOMPONENTS: + +The Apache Portable Runtime includes a number of subcomponents with +separate copyright notices and license terms. Your use of the source +code for the these subcomponents is subject to the terms and +conditions of the following licenses. + +From strings/apr_fnmatch.c, include/apr_fnmatch.h, misc/unix/getopt.c, +file_io/unix/mktemp.c, strings/apr_strings.c: + +/* + * Copyright (c) 1987, 1993, 1994 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + +From network_io/unix/inet_ntop.c, network_io/unix/inet_pton.c: + +/* Copyright (c) 1996 by Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS + * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE + * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL + * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR + * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS + * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS + * SOFTWARE. + +From dso/aix/dso.c: + + * Based on libdl (dlfcn.c/dlfcn.h) which is + * Copyright (c) 1992,1993,1995,1996,1997,1988 + * Jens-Uwe Mager, Helios Software GmbH, Hannover, Germany. + * + * Not derived from licensed software. + * + * Permission is granted to freely use, copy, modify, and redistribute + * this software, provided that the author is not construed to be liable + * for any results of using the software, alterations are clearly marked + * as such, and this notice is not modified. + +From strings/apr_strnatcmp.c, include/apr_strings.h: + + strnatcmp.c -- Perform 'natural order' comparisons of strings in C. + Copyright (C) 2000 by Martin Pool + + This software is provided 'as-is', without any express or implied + warranty. In no event will the authors be held liable for any damages + arising from the use of this software. + + Permission is granted to anyone to use this software for any purpose, + including commercial applications, and to alter it and redistribute it + freely, subject to the following restrictions: + + 1. The origin of this software must not be misrepresented; you must not + claim that you wrote the original software. If you use this software + in a product, an acknowledgment in the product documentation would be + appreciated but is not required. + 2. Altered source versions must be plainly marked as such, and must not be + misrepresented as being the original software. + 3. This notice may not be removed or altered from any source distribution. + + +From test/CuTest.c, test/CuTest.h: + + * Copyright (c) 2002-2006 Asim Jalis + * + * This library is released under the zlib/libpng license as described at + * + * http://www.opensource.org/licenses/zlib-license.html + * + * Here is the statement of the license: + * + * This software is provided 'as-is', without any express or implied warranty. + * In no event will the authors be held liable for any damages arising from + * the use of this software. + * + * Permission is granted to anyone to use this software for any purpose, + * including commercial applications, and to alter it and redistribute it + * freely, subject to the following restrictions: + * + * 1. The origin of this software must not be misrepresented; you must not + * claim that you wrote the original software. If you use this software in a + * product, an acknowledgment in the product documentation would be + * appreciated but is not required. + * + * 2. Altered source versions must be plainly marked as such, and must not be + * misrepresented as being the original software. + * + * 3. This notice may not be removed or altered from any source distribution. --- apr-util-1.3.12+dfsg.orig/debian/changelog +++ apr-util-1.3.12+dfsg/debian/changelog @@ -0,0 +1,357 @@ +apr-util (1.3.12+dfsg-2) unstable; urgency=low + + * Fix unsafe pool usage in apr_thread_pool. This hopefully fixes the + occasional testreslist failures. + + -- Stefan Fritsch Sun, 22 May 2011 20:37:08 +0200 + +apr-util (1.3.12+dfsg-1) unstable; urgency=low + + * New upstream version + * Make apu-config not output dbm libs by default. Closes: #622081 + * Set DEB_GCC_NO_O3=1 for the benefit of ppc64 on Ubuntu. + + -- Stefan Fritsch Sun, 22 May 2011 01:27:59 +0200 + +apr-util (1.3.10+dfsg-2) unstable; urgency=low + + * Remove libdb4.8-dev dependency in libaprutil1-dev. This allows packages + build-depending on apr-util1 to use a different version of db than + apr-util. + * With the libdb build-dependency decoupled from subversion, we can now + build-depend on libdb-dev instead of libdb4.8-dev. Users of APU_WANT_DB + in apu_want.h would have to depend on libdb-dev explicitly, but there + are none outside of apr-util itself. Closes: #621366 + * Add configure support for libdb 5.1. + * Bump standards version to 3.9.2 (no changes) + * Fix some lintian warnings about the short descriptions. + + -- Stefan Fritsch Fri, 08 Apr 2011 19:19:23 +0200 + +apr-util (1.3.10+dfsg-1) unstable; urgency=low + + * New upstream release. + * Add ${misc:Depends} to Depends. + * Remove some old Conflicts and Breaks. + * Bump standards version to 3.9.1: + - empty dependency_libs section in libaprutil-1.la + + -- Stefan Fritsch Tue, 08 Feb 2011 22:53:01 +0100 + +apr-util (1.3.9+dfsg-5) unstable; urgency=low + + * Backports from 1.3.10: + - apr_thread_pool: Fix some potential deadlock situations. PR 49709. + - apr_thread_pool_create: Fix pool corruption caused by multithreaded + use of the pool when multiple initial threads are created. PR 47843. + - apr_thread_pool_create: Only set the output variable on success. + + -- Stefan Fritsch Fri, 01 Oct 2010 22:05:54 +0200 + +apr-util (1.3.9+dfsg-4) unstable; urgency=high + + * CVE-2010-1623: Fix denial of service vulnerability through memory + consumption in apr_brigade_split_line() + + -- Stefan Fritsch Fri, 01 Oct 2010 18:19:38 +0200 + +apr-util (1.3.9+dfsg-3) unstable; urgency=low + + * Update to db4.8 (closes: #550443) + * Bump standards-version: + - Use DEB_*_ARCH_* where applicable + + -- Stefan Fritsch Sun, 01 Nov 2009 10:40:53 +0100 + +apr-util (1.3.9+dfsg-2) unstable; urgency=low + + * Fix FTBFS (closes: #545718). The FTBFS didn't happen with dash as /bin/sh + due to dash bug #514863. + * Ship the html documentation in the -dev package. Thanks to Joel Smith for + the patch (closes: #543554). + * Make libaprutil1-dev depend on libmysqlclient-dev instead of + libmysqlclient15-dev. + + -- Stefan Fritsch Sat, 12 Sep 2009 15:04:55 +0200 + +apr-util (1.3.9+dfsg-1) unstable; urgency=high + + [ Stefan Fritsch ] + * Enable -fstack-protector for arm/armel. A workaround has been added to + gcc. + * Remove obsolete libmysqlclient15off dependency. Update build-dep to + libmysqlclient-dev. + + [ Peter Samuelson ] + * New upstream security release. + - Fix CVE-2009-2412, overflow in RMM allocations due to alignment. + * Add myself to Uploaders. + + -- Peter Samuelson Thu, 06 Aug 2009 13:21:48 -0500 + +apr-util (1.3.8+dfsg-1) unstable; urgency=low + + * New upstream version. + * Add two CVE ids to 1.3.7+dfsg-1 changelog entry. + * Bump standards version (no changes). + * Make libaprutil1-dbd-sqlite3 the default dbd driver, to reduce the size + of dependencies pulled in by apache2.2-bin by default (closes: #536466) + + -- Stefan Fritsch Sat, 25 Jul 2009 20:08:37 +0200 + +apr-util (1.3.7+dfsg-1) unstable; urgency=high + + * New upstream version: + - CVE-2009-0023: Fix underflow in apr_strmatch_precompile() which causes + remotely exploitable DoS vulnerabilities in mod_dav_svn and libapreq2. + - CVE-2009-1955: Fix DoS vulnerability (memory consumption) in handling of + internal xml entities. + - CVE-2009-1956: Fix off by one overflow in apr_brigade_vprintf. + * Disable test suite on hurd for now (closes: #530287). + * Override lintian warning about soname. + + -- Stefan Fritsch Thu, 04 Jun 2009 20:53:47 +0200 + +apr-util (1.3.4+dfsg-2) unstable; urgency=low + + [ Ryan Niebur ] + * move the versioned libmysqlclient15off dependency from libaprutil1 + to libaprutil1-dbd-mysql (Closes: #481976) + + [ Stefan Fritsch ] + * Add workaround to fix FTBFS when doing parallel build (closes: #527812) + * Add "Breaks: apache2.2-common << 2.2.11-3", to make upgrades from lenny + to squeeze less noisy. + + -- Stefan Fritsch Sun, 10 May 2009 19:18:48 +0200 + +apr-util (1.3.4+dfsg-1) unstable; urgency=low + + [ Ryan Niebur ] + * New upstream version + * add me to Uploaders + * add repack.sh + * update to libdb4.7-dev (Closes: #519818) + * Debian policy 3.8.1 + * remove *.dirs, they're not needed + * lintian overrides for the symbols file depending on different + packages, we have those "unusual circumstances" :) + - debhelper 6 (needed for dh_lintian) + * remove build/apr_common.m4 in the clean target, it gets modified + during build and is automatically generated + * switch the libaprutil1-dbg package to the debug section + * don't output ldap libs by default from apu-config + * upload to unstable this time + + [ Stefan Fritsch ] + * Fix description for libaprutil1-dbg (closes: #508145). + * Recognize DEB_BUILD_OPTIONS=nocheck in addition to notest (closes: #515352). + * Make dpkg-shlibdeps automatically generate the needed dependencies for + programs that use apr_ldap_init() or apr_dbd_init(). + For dbd, we will genreate an ORed dependency on all libaprutil1-dbd-* + packages, using libaprutil1-dbd-mysql as default. + + -- Ryan Niebur Thu, 26 Mar 2009 22:25:48 -0700 + +apr-util (1.3.2+dfsg-1) experimental; urgency=low + + [ Ryan Niebur ] + * new upstream release + * added a note to README.source about repackaging upstream tarballs + * put the mysql, sqlite3, pgsql, and ldap drivers into their own package. + (Closes: #481976, #482946) + * use symbol files + * fixed watch file + + [ Stefan Fritsch ] + * Compile drivers for odbc and freetds and add packages for them. + + -- Stefan Fritsch Tue, 29 Jul 2008 23:09:01 +0200 + +apr-util (1.2.12+dfsg-8) unstable; urgency=low + + [ Ryan Niebur ] + * Upgraded to policy version 3.8.0 + - Reference the copyright in common-licenses instead of including it + - support for noopt in DEB_BUILD_OPTIONS + - Added a README.source + - added support for parallel in DEB_BUILD_OPTIONS + * Dropped the XS- prefix for the Vcs fields in debian/control + * Made the watch file notice 1.3.x + + [ Stefan Fritsch ] + * Bump libmysqlclient dependency to 5.0.51a since 5.0.32 from etch has some + bugs that can make apache2 hang (closes: #490859). + * Add 'Provides' for the modules that are still included in libaprutil1, but + will be moved to separate packages with apr-util 1.3.x. This will make + back-porting packages from lenny+1 to lenny easier. + + -- Stefan Fritsch Wed, 20 Aug 2008 22:29:26 +0200 + +apr-util (1.2.12+dfsg-7) unstable; urgency=medium + + * Apply hardening build options independently from apr. + + -- Stefan Fritsch Sat, 21 Jun 2008 13:29:48 +0200 + +apr-util (1.2.12+dfsg-6) unstable; urgency=low + + * Make libaprutil1-dev depend on libmysqlclient15-dev. Libtool needs it for + linking (really closes: #482270). + + -- Stefan Fritsch Mon, 26 May 2008 23:45:44 +0200 + +apr-util (1.2.12+dfsg-5) unstable; urgency=low + + * Don't output "-lmysqlclient_r" in "apu-config --ldflags". It is enough if + libaprutil links to mysql, applications don't need to do it, too. + (Closes: #482270) + + -- Stefan Fritsch Sun, 25 May 2008 22:53:36 +0200 + +apr-util (1.2.12+dfsg-4) unstable; urgency=low + + * Activate mysql support (closes: #395959). This is made possible by php5 + now linking against the threadsafe version of libmysqlclient. Therefore + add a conflict with older versions of php5-mysql and with php4-mysql. + * Rebuild against apr with hardening options: CFLAGS are taken from apr, set + LDFLAGS=-Wl,-z,relro explicitly. + * Conflict with apache2 << 2.2.8-1, which used an older version of libldap + and now segfaults with current libaprutil1+libldap. + * Remove Thom May, Fabio M. Di Nitto, Daniel Stone, and Adam Conrad from the + uploaders field (thanks for your work). + + -- Stefan Fritsch Sun, 18 May 2008 17:13:24 +0200 + +apr-util (1.2.12+dfsg-3) unstable; urgency=medium + + * Fix integer overflow in apr_brigade_partition on 32bit systems. Urgency + medium because this made apache segfault when resuming a file larger than + 4GB. + * Point VCS tags in debian control to trunk, to make them useful with + debcheckout. + + -- Stefan Fritsch Fri, 29 Feb 2008 20:59:49 +0100 + +apr-util (1.2.12+dfsg-2) unstable; urgency=low + + * Build-Depend on libdb4.6-dev instead of libdb-dev >= 4.6, as the latter + causes problems with sbuild. + * Change server in watch file since www.eu.apache.org is unreliable. + + -- Stefan Fritsch Sat, 12 Jan 2008 10:17:09 +0100 + +apr-util (1.2.12+dfsg-1) unstable; urgency=low + + [ Stefan Fritsch ] + * New upstream version (Closes: #447146) + * Fix debian/rules clean + * Don't ship .svn directories. (Closes: #431508) + * Fix some lintian warnings: + - Use ${binary:Version} instead of ${Source-Version}. + - Bump standards-version to 3.7.3 (no changes). + - Remove empty /usr/share/doc/libapr1.0/. + - Don't ignore make clean errors. + * Add myself to Uploaders. + * Add Vcs info and homepage to debian/control. + * Change handling of CFLAGS in debian/rules so that they are actually used. + Fixes DEB_BUILD_OPTIONS=debug. + + [ Tollef Fog Heen ] + * Make libaprutil1-dbg Priority: extra to match overrides. + + [ Peter Samuelson ] + * Compile with db 4.6. (Closes: #422465, #429025) + * Add watch file. + + -- Stefan Fritsch Fri, 11 Jan 2008 18:43:17 +0100 + +apr-util (1.2.7+dfsg-2) unstable; urgency=low + + * Fix stupid code duplication in apr_md[45].c resulting from C&P. + Thanks to Peter Samuelson for notifying me. This makes md[45] work + correctly. + + -- Tollef Fog Heen Fri, 18 Aug 2006 19:50:31 +0200 + +apr-util (1.2.7+dfsg-1) unstable; urgency=low + + * Remove dependency on libgdbm1 from libaprutil1-dev. + * Build against libdb 4.4. Closes: #354510 + * Remove most libs from apu-config --link-ld --libs. Thanks to Peter + Samuelson, Closes: #378105 + * Use md4 and md5 implementation from Solar Designer as this is in the + public domain and not subject to RSA copyright. This requires a + repacked source, so add +dfsg to the version number. + + -- Tollef Fog Heen Fri, 14 Jul 2006 15:31:22 +0200 + +apr-util (1.2.7-2) unstable; urgency=low + + * Fix override disparity. + * Compile without gdbm. + * Get rid of all the evil libtool hacks and adjust build-depends + accordingly. + * Remove --includedir parameter and adjust config.layout instead. This + works around damage in newer autoconfs. + + -- Tollef Fog Heen Mon, 1 May 2006 17:05:28 +0200 + +apr-util (1.2.7-1) unstable; urgency=low + + * New upstream release + * Tighten build dependency on apr to a version which ships + get-version.sh + * Grab get-version.sh from APR build + * Pass --with-berkeley-db to configure so it actually picks up our + preferred BDB version. + + -- Tollef Fog Heen Fri, 28 Apr 2006 21:59:55 +0200 + +apr-util (1.2.2-4) unstable; urgency=low + + * Compile with -fPIC. Closes: #350677 + * Build with -i to avoid .svn directories in source. Closes: #357175 + + -- Tollef Fog Heen Fri, 27 Jan 2006 18:50:04 +0100 + +apr-util (1.2.2-3) unstable; urgency=low + + * Add proper depends to libaprutil1-dev + * Rename source package to match upstream. + * Rename to libaprutil1 instead of libaprutil1.0 + * Use libdb4.3, not 4.2 + * Conflict with old package names + * Add gdbm support + * Fix call to configure to avoid double linking to sqlite and sqlite3 + * Update to Standards Version: 3.6.2.2: no changes. + * Add apu-config compatibility symlink. + + -- Tollef Fog Heen Fri, 27 Jan 2006 18:50:04 +0100 + +apr-util1.0 (1.2.2-2) unstable; urgency=low + + * Upgrade to debhelper v5 + * Call dh_installdocs, so we actually get a copyright. + + -- Thom May Tue, 3 Jan 2006 13:05:02 +0000 + +apr-util1.0 (1.2.2-1) unstable; urgency=low + + * New upstream version + * Enable postgres and sqlite3 support + + -- Thom May Fri, 30 Dec 2005 10:40:03 +0000 + +apr-util1.0 (1.1.2-1) unstable; urgency=low + + * New upstream release + + -- Thom May Sun, 8 May 2005 17:12:22 +0100 + +apr-util1.0 (1.1.0-1) unstable; urgency=low + + * New Upstream Release + * First Package Release + + -- Thom May Wed, 17 Nov 2004 11:51:32 -0800 --- apr-util-1.3.12+dfsg.orig/debian/control +++ apr-util-1.3.12+dfsg/debian/control @@ -0,0 +1,128 @@ +Source: apr-util +Section: libs +Priority: optional +Maintainer: Debian Apache Maintainers +Uploaders: Tollef Fog Heen , Stefan Fritsch , Ryan Niebur , Peter Samuelson +Build-Depends: debhelper (>> 6.0.7~), autoconf, autotools-dev, mawk, libldap2-dev, libexpat1-dev, libdb-dev, libpcre3-dev, dpatch (>= 1.11), binutils (>= 2.14.90.0.7), libapr1-dev (>= 1.3.2), libsqlite3-dev, libpq-dev, python, libmysqlclient-dev, freetds-dev, unixodbc-dev, doxygen +Standards-Version: 3.9.2 +Vcs-Browser: http://svn.debian.org/wsvn/pkg-apache/trunk/apr-util +Vcs-svn: svn://svn.debian.org/pkg-apache/trunk/apr-util +Homepage: http://apr.apache.org/ + +Package: libaprutil1 +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: Apache Portable Runtime Utility Library + APR is Apache's Portable Runtime Library, designed to be a support library + that provides a predictable and consistent interface to underlying + platform-specific implementations. + . + APR Util is a utilities library implemented on top of apr, providing database + access, xml parsing, and other useful functionality. + +Package: libaprutil1-ldap +Architecture: any +Depends: libaprutil1 (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} +Description: Apache Portable Runtime Utility Library - LDAP Driver + APR is Apache's Portable Runtime Library, designed to be a support library + that provides a predictable and consistent interface to underlying + platform-specific implementations. + . + APR Util is a utilities library implemented on top of apr, providing database + access, xml parsing, and other useful functionality. + . + This package contains the LDAP driver. + +Package: libaprutil1-dbd-mysql +Architecture: any +Depends: libaprutil1 (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} +Description: Apache Portable Runtime Utility Library - MySQL Driver + APR is Apache's Portable Runtime Library, designed to be a support library + that provides a predictable and consistent interface to underlying + platform-specific implementations. + . + APR Util is a utilities library implemented on top of apr, providing database + access, xml parsing, and other useful functionality. + . + This package contains the MySQL database driver. + +Package: libaprutil1-dbd-sqlite3 +Architecture: any +Depends: libaprutil1 (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} +Description: Apache Portable Runtime Utility Library - SQLite3 Driver + APR is Apache's Portable Runtime Library, designed to be a support library + that provides a predictable and consistent interface to underlying + platform-specific implementations. + . + APR Util is a utilities library implemented on top of apr, providing database + access, xml parsing, and other useful functionality. + . + This package contains the SQLite3 database driver. + +Package: libaprutil1-dbd-odbc +Architecture: any +Depends: libaprutil1 (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} +Description: Apache Portable Runtime Utility Library - ODBC Driver + APR is Apache's Portable Runtime Library, designed to be a support library + that provides a predictable and consistent interface to underlying + platform-specific implementations. + . + APR Util is a utilities library implemented on top of apr, providing database + access, xml parsing, and other useful functionality. + . + This package contains the ODBC database driver. + +Package: libaprutil1-dbd-pgsql +Architecture: any +Depends: libaprutil1 (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} +Description: Apache Portable Runtime Utility Library - PostgreSQL Driver + APR is Apache's Portable Runtime Library, designed to be a support library + that provides a predictable and consistent interface to underlying + platform-specific implementations. + . + APR Util is a utilities library implemented on top of apr, providing database + access, xml parsing, and other useful functionality. + . + This package contains the PostgreSQL database driver. + +Package: libaprutil1-dbd-freetds +Architecture: any +Depends: libaprutil1 (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} +Description: Apache Portable Runtime Utility Library - FreeTDS Driver + APR is Apache's Portable Runtime Library, designed to be a support library + that provides a predictable and consistent interface to underlying + platform-specific implementations. + . + APR Util is a utilities library implemented on top of apr, providing database + access, xml parsing, and other useful functionality. + . + This package contains the FreeTDS (MS SQL and Sybase) database driver. + +Package: libaprutil1-dev +Architecture: any +Section: libdevel +Depends: libaprutil1 (= ${binary:Version}), libldap2-dev, libexpat1-dev, libpcre3-dev, libapr1-dev (>= 1.2.2-1), libsqlite3-dev, libpq-dev, libmysqlclient-dev, ${misc:Depends} +Description: Apache Portable Runtime Utility Library - Development Headers + APR is Apache's Portable Runtime Library, designed to be a support library + that provides a predictable and consistent interface to underlying + platform-specific implementations. + . + APR Util is a utilities library implemented on top of apr, providing database + access, xml parsing, and other useful functionality. + . + This package contains development headers for APR util. + +Package: libaprutil1-dbg +Priority: extra +Architecture: any +Section: debug +Depends: libaprutil1 (= ${binary:Version}), ${misc:Depends} +Description: Apache Portable Runtime Utility Library - Debugging Symbols + APR is Apache's Portable Runtime Library, designed to be a support library + that provides a predictable and consistent interface to underlying + platform-specific implementations. + . + APR Util is a utilities library implemented on top of apr, providing database + access, xml parsing, and other useful functionality. + . + This package contains the debugging symbols for APR util. --- apr-util-1.3.12+dfsg.orig/debian/libaprutil1-dev.install +++ apr-util-1.3.12+dfsg/debian/libaprutil1-dev.install @@ -0,0 +1,6 @@ +debian/tmp/usr/include/apr-1.0 +debian/tmp/usr/lib/libapr*a +debian/tmp/usr/lib/libaprutil-1.so +debian/tmp/usr/lib/pkgconfig +debian/tmp/usr/bin +docs/dox/html usr/share/doc/libaprutil1-dev --- apr-util-1.3.12+dfsg.orig/debian/libaprutil1-dev.links +++ apr-util-1.3.12+dfsg/debian/libaprutil1-dev.links @@ -0,0 +1 @@ +usr/bin/apu-1-config usr/bin/apu-config --- apr-util-1.3.12+dfsg.orig/debian/watch +++ apr-util-1.3.12+dfsg/debian/watch @@ -0,0 +1,3 @@ +version=3 +opts=dversionmangle=s/\+dfsg$// http://www.apache.org/dist/apr/apr-util-(1\..\..*)\.tar\.gz \ +debian bash debian/repack.sh --- apr-util-1.3.12+dfsg.orig/debian/README.source +++ apr-util-1.3.12+dfsg/debian/README.source @@ -0,0 +1,20 @@ +Debian-apache uses dpatch to make changes to the upstream source. + +To apply all of the patches run: +./debian/rules patch + +To unapply all of the patches run: +./debian/rules unpatch + +To add (or edit) a patch run: +dpatch-edit-patch name_of_patch_goes_here +#make your changes +exit + +dpatch will make a new patch in debian/patches/ if one with that name doesn't already exist, otherwise it will change the existing one. +To make it get used add it to debian/patches/00list . + +To make a patch not get used remove it from debian/patches/00list . + +Upstream tarballs need to be repackaged without crypto/apr_md4.c, crypto/apr_md5.c, include/apr_md4.h, and include/apr_md5.h because of their license. +These are removed by debian/repack.sh, which is called from uscan. --- apr-util-1.3.12+dfsg.orig/debian/libaprutil1-dbd-freetds.install +++ apr-util-1.3.12+dfsg/debian/libaprutil1-dbd-freetds.install @@ -0,0 +1,2 @@ +debian/tmp/usr/lib/apr-util-1/apr_dbd_freetds-1.so usr/lib/apr-util-1/ +debian/tmp/usr/lib/apr-util-1/apr_dbd_freetds.so usr/lib/apr-util-1/ --- apr-util-1.3.12+dfsg.orig/debian/libaprutil1-dbd-pgsql.install +++ apr-util-1.3.12+dfsg/debian/libaprutil1-dbd-pgsql.install @@ -0,0 +1,3 @@ +debian/tmp/usr/lib/apr-util-1/apr_dbd_pgsql-1.so usr/lib/apr-util-1/ +debian/tmp/usr/lib/apr-util-1/apr_dbd_pgsql.so usr/lib/apr-util-1/ + --- apr-util-1.3.12+dfsg.orig/debian/libaprutil1.symbols +++ apr-util-1.3.12+dfsg/debian/libaprutil1.symbols @@ -0,0 +1,299 @@ +libaprutil-1.so.0 libaprutil1 #MINVER# +| libaprutil1-ldap , libaprutil1 #MINVER# +| libaprutil1-dbd-sqlite3|libaprutil1-dbd-mysql|libaprutil1-dbd-odbc|libaprutil1-dbd-pgsql|libaprutil1-dbd-freetds , libaprutil1 #MINVER# + apr_base64_decode@Base 1.2.7+dfsg + apr_base64_decode_binary@Base 1.2.7+dfsg + apr_base64_decode_len@Base 1.2.7+dfsg + apr_base64_encode@Base 1.2.7+dfsg + apr_base64_encode_binary@Base 1.2.7+dfsg + apr_base64_encode_len@Base 1.2.7+dfsg + apr_brigade_cleanup@Base 1.2.7+dfsg + apr_brigade_create@Base 1.2.7+dfsg + apr_brigade_destroy@Base 1.2.7+dfsg + apr_brigade_flatten@Base 1.2.7+dfsg + apr_brigade_insert_file@Base 1.2.7+dfsg + apr_brigade_length@Base 1.2.7+dfsg + apr_brigade_partition@Base 1.2.7+dfsg + apr_brigade_pflatten@Base 1.2.7+dfsg + apr_brigade_printf@Base 1.2.7+dfsg + apr_brigade_putc@Base 1.2.7+dfsg + apr_brigade_puts@Base 1.2.7+dfsg + apr_brigade_putstrs@Base 1.2.7+dfsg + apr_brigade_split@Base 1.2.7+dfsg + apr_brigade_split_ex@Base 1.3.2+dfsg + apr_brigade_split_line@Base 1.2.7+dfsg + apr_brigade_to_iovec@Base 1.2.7+dfsg + apr_brigade_vprintf@Base 1.2.7+dfsg + apr_brigade_vputstrs@Base 1.2.7+dfsg + apr_brigade_write@Base 1.2.7+dfsg + apr_brigade_writev@Base 1.2.7+dfsg + apr_bucket_alloc@Base 1.2.7+dfsg + apr_bucket_alloc_create@Base 1.2.7+dfsg + apr_bucket_alloc_create_ex@Base 1.2.7+dfsg + apr_bucket_alloc_destroy@Base 1.2.7+dfsg + apr_bucket_copy_notimpl@Base 1.2.7+dfsg + apr_bucket_destroy_noop@Base 1.2.7+dfsg + apr_bucket_eos_create@Base 1.2.7+dfsg + apr_bucket_eos_make@Base 1.2.7+dfsg + apr_bucket_file_create@Base 1.2.7+dfsg + apr_bucket_file_enable_mmap@Base 1.2.7+dfsg + apr_bucket_file_make@Base 1.2.7+dfsg + apr_bucket_flush_create@Base 1.2.7+dfsg + apr_bucket_flush_make@Base 1.2.7+dfsg + apr_bucket_free@Base 1.2.7+dfsg + apr_bucket_heap_create@Base 1.2.7+dfsg + apr_bucket_heap_make@Base 1.2.7+dfsg + apr_bucket_immortal_create@Base 1.2.7+dfsg + apr_bucket_immortal_make@Base 1.2.7+dfsg + apr_bucket_mmap_create@Base 1.2.7+dfsg + apr_bucket_mmap_make@Base 1.2.7+dfsg + apr_bucket_pipe_create@Base 1.2.7+dfsg + apr_bucket_pipe_make@Base 1.2.7+dfsg + apr_bucket_pool_create@Base 1.2.7+dfsg + apr_bucket_pool_make@Base 1.2.7+dfsg + apr_bucket_setaside_noop@Base 1.2.7+dfsg + apr_bucket_setaside_notimpl@Base 1.2.7+dfsg + apr_bucket_shared_copy@Base 1.2.7+dfsg + apr_bucket_shared_destroy@Base 1.2.7+dfsg + apr_bucket_shared_make@Base 1.2.7+dfsg + apr_bucket_shared_split@Base 1.2.7+dfsg + apr_bucket_simple_copy@Base 1.2.7+dfsg + apr_bucket_simple_split@Base 1.2.7+dfsg + apr_bucket_socket_create@Base 1.2.7+dfsg + apr_bucket_socket_make@Base 1.2.7+dfsg + apr_bucket_split_notimpl@Base 1.2.7+dfsg + apr_bucket_transient_create@Base 1.2.7+dfsg + apr_bucket_transient_make@Base 1.2.7+dfsg + apr_bucket_type_eos@Base 1.2.7+dfsg + apr_bucket_type_file@Base 1.2.7+dfsg + apr_bucket_type_flush@Base 1.2.7+dfsg + apr_bucket_type_heap@Base 1.2.7+dfsg + apr_bucket_type_immortal@Base 1.2.7+dfsg + apr_bucket_type_mmap@Base 1.2.7+dfsg + apr_bucket_type_pipe@Base 1.2.7+dfsg + apr_bucket_type_pool@Base 1.2.7+dfsg + apr_bucket_type_socket@Base 1.2.7+dfsg + apr_bucket_type_transient@Base 1.2.7+dfsg + apr_current_hooking_module@Base 1.2.7+dfsg + apr_date_checkmask@Base 1.2.7+dfsg + apr_date_parse_http@Base 1.2.7+dfsg + apr_date_parse_rfc@Base 1.2.7+dfsg + apr_dbd_check_conn@Base 1.2.7+dfsg + apr_dbd_close@Base 1.2.7+dfsg + apr_dbd_datum_get@Base 1.3.2+dfsg + apr_dbd_error@Base 1.2.7+dfsg + apr_dbd_escape@Base 1.2.7+dfsg + apr_dbd_get_driver@Base 1.2.7+dfsg + apr_dbd_get_entry@Base 1.2.7+dfsg + apr_dbd_get_name@Base 1.3.2+dfsg + apr_dbd_get_row@Base 1.2.7+dfsg + apr_dbd_init@Base 1.2.7+dfsg 2 + apr_dbd_mutex_lock@Base 1.3.2+dfsg + apr_dbd_mutex_unlock@Base 1.3.2+dfsg +#MISSING: 1.3.2+dfsg# apr_dbd_mysql_driver@Base 1.2.12+dfsg + apr_dbd_name@Base 1.2.7+dfsg + apr_dbd_native_handle@Base 1.2.7+dfsg + apr_dbd_num_cols@Base 1.2.7+dfsg + apr_dbd_num_tuples@Base 1.2.7+dfsg + apr_dbd_open@Base 1.2.7+dfsg + apr_dbd_open_ex@Base 1.3.2+dfsg + apr_dbd_pbquery@Base 1.3.2+dfsg + apr_dbd_pbselect@Base 1.3.2+dfsg +#MISSING: 1.3.2+dfsg# apr_dbd_pgsql_driver@Base 1.2.7+dfsg + apr_dbd_pquery@Base 1.2.7+dfsg + apr_dbd_prepare@Base 1.2.7+dfsg + apr_dbd_pselect@Base 1.2.7+dfsg + apr_dbd_pvbquery@Base 1.3.2+dfsg + apr_dbd_pvbselect@Base 1.3.2+dfsg + apr_dbd_pvquery@Base 1.2.7+dfsg + apr_dbd_pvselect@Base 1.2.7+dfsg + apr_dbd_query@Base 1.2.7+dfsg + apr_dbd_select@Base 1.2.7+dfsg + apr_dbd_set_dbname@Base 1.2.7+dfsg +#MISSING: 1.3.2+dfsg# apr_dbd_sqlite3_driver@Base 1.2.12+dfsg + apr_dbd_transaction_end@Base 1.2.7+dfsg + apr_dbd_transaction_mode_get@Base 1.3.2+dfsg + apr_dbd_transaction_mode_set@Base 1.3.2+dfsg + apr_dbd_transaction_start@Base 1.2.7+dfsg + apr_dbm_close@Base 1.2.7+dfsg + apr_dbm_delete@Base 1.2.7+dfsg + apr_dbm_exists@Base 1.2.7+dfsg + apr_dbm_fetch@Base 1.2.7+dfsg + apr_dbm_firstkey@Base 1.2.7+dfsg + apr_dbm_freedatum@Base 1.2.7+dfsg + apr_dbm_get_usednames@Base 1.2.7+dfsg + apr_dbm_get_usednames_ex@Base 1.2.7+dfsg + apr_dbm_geterror@Base 1.2.7+dfsg + apr_dbm_nextkey@Base 1.2.7+dfsg + apr_dbm_open@Base 1.2.7+dfsg + apr_dbm_open_ex@Base 1.2.7+dfsg + apr_dbm_store@Base 1.2.7+dfsg +#MISSING: 1.3.5+dfsg-1# apr_dbm_type_db@Base 1.2.7+dfsg + apr_dbm_type_sdbm@Base 1.2.7+dfsg + apr_debug_module_hooks@Base 1.2.7+dfsg + apr_dynamic_fn_register@Base 1.2.7+dfsg + apr_dynamic_fn_retrieve@Base 1.2.7+dfsg + apr_global_hook_pool@Base 1.2.7+dfsg + apr_hook_debug_current@Base 1.2.7+dfsg + apr_hook_debug_enabled@Base 1.2.7+dfsg + apr_hook_debug_show@Base 1.2.7+dfsg + apr_hook_deregister_all@Base 1.2.7+dfsg + apr_hook_global_pool@Base 1.2.7+dfsg + apr_hook_sort_all@Base 1.2.7+dfsg + apr_hook_sort_register@Base 1.2.7+dfsg + apr_ldap_get_option@Base 1.2.7+dfsg + apr_ldap_info@Base 1.2.7+dfsg + apr_ldap_init@Base 1.2.7+dfsg 1 + apr_ldap_is_ldap_url@Base 1.2.7+dfsg + apr_ldap_is_ldapi_url@Base 1.2.7+dfsg + apr_ldap_is_ldaps_url@Base 1.2.7+dfsg + apr_ldap_rebind_add@Base 1.3.2+dfsg + apr_ldap_rebind_init@Base 1.3.2+dfsg + apr_ldap_rebind_remove@Base 1.3.2+dfsg + apr_ldap_set_option@Base 1.2.7+dfsg + apr_ldap_ssl_deinit@Base 1.2.7+dfsg + apr_ldap_ssl_init@Base 1.2.7+dfsg + apr_ldap_url_parse@Base 1.2.7+dfsg + apr_ldap_url_parse_ext@Base 1.2.7+dfsg + apr_md4@Base 1.2.7+dfsg + apr_md4_final@Base 1.2.7+dfsg + apr_md4_init@Base 1.2.7+dfsg + apr_md4_set_xlate@Base 1.2.7+dfsg + apr_md4_update@Base 1.2.7+dfsg + apr_md5@Base 1.2.7+dfsg + apr_md5_encode@Base 1.2.7+dfsg + apr_md5_final@Base 1.2.7+dfsg + apr_md5_init@Base 1.2.7+dfsg + apr_md5_set_xlate@Base 1.2.7+dfsg + apr_md5_update@Base 1.2.7+dfsg + apr_memcache_add@Base 1.3.2+dfsg + apr_memcache_add_multget_key@Base 1.3.2+dfsg + apr_memcache_add_server@Base 1.3.2+dfsg + apr_memcache_create@Base 1.3.2+dfsg + apr_memcache_decr@Base 1.3.2+dfsg + apr_memcache_delete@Base 1.3.2+dfsg + apr_memcache_disable_server@Base 1.3.2+dfsg + apr_memcache_enable_server@Base 1.3.2+dfsg + apr_memcache_find_server@Base 1.3.2+dfsg + apr_memcache_find_server_hash@Base 1.3.2+dfsg + apr_memcache_find_server_hash_default@Base 1.3.2+dfsg + apr_memcache_getp@Base 1.3.2+dfsg + apr_memcache_hash@Base 1.3.2+dfsg + apr_memcache_hash_crc32@Base 1.3.2+dfsg + apr_memcache_hash_default@Base 1.3.2+dfsg + apr_memcache_incr@Base 1.3.2+dfsg + apr_memcache_multgetp@Base 1.3.2+dfsg + apr_memcache_replace@Base 1.3.2+dfsg + apr_memcache_server_create@Base 1.3.2+dfsg + apr_memcache_set@Base 1.3.2+dfsg + apr_memcache_stats@Base 1.3.2+dfsg + apr_memcache_version@Base 1.3.2+dfsg + apr_optional_hook_add@Base 1.2.7+dfsg + apr_optional_hook_get@Base 1.2.7+dfsg + apr_password_validate@Base 1.2.7+dfsg + apr_posix_perms2mode@Base 1.2.7+dfsg + apr_queue_create@Base 1.2.7+dfsg + apr_queue_interrupt_all@Base 1.2.7+dfsg + apr_queue_pop@Base 1.2.7+dfsg + apr_queue_push@Base 1.2.7+dfsg + apr_queue_size@Base 1.2.7+dfsg + apr_queue_term@Base 1.2.7+dfsg + apr_queue_trypop@Base 1.2.7+dfsg + apr_queue_trypush@Base 1.2.7+dfsg + apr_reslist_acquire@Base 1.2.7+dfsg + apr_reslist_acquired_count@Base 1.3.2+dfsg + apr_reslist_create@Base 1.2.7+dfsg + apr_reslist_destroy@Base 1.2.7+dfsg + apr_reslist_invalidate@Base 1.2.7+dfsg + apr_reslist_release@Base 1.2.7+dfsg + apr_reslist_timeout_set@Base 1.2.7+dfsg + apr_rmm_addr_get@Base 1.2.7+dfsg + apr_rmm_attach@Base 1.2.7+dfsg + apr_rmm_calloc@Base 1.2.7+dfsg + apr_rmm_destroy@Base 1.2.7+dfsg + apr_rmm_detach@Base 1.2.7+dfsg + apr_rmm_free@Base 1.2.7+dfsg + apr_rmm_init@Base 1.2.7+dfsg + apr_rmm_malloc@Base 1.2.7+dfsg + apr_rmm_offset_get@Base 1.2.7+dfsg + apr_rmm_overhead_get@Base 1.2.7+dfsg + apr_rmm_realloc@Base 1.2.7+dfsg + apr_sdbm_close@Base 1.2.7+dfsg + apr_sdbm_delete@Base 1.2.7+dfsg + apr_sdbm_fetch@Base 1.2.7+dfsg + apr_sdbm_firstkey@Base 1.2.7+dfsg + apr_sdbm_lock@Base 1.2.7+dfsg + apr_sdbm_nextkey@Base 1.2.7+dfsg + apr_sdbm_open@Base 1.2.7+dfsg + apr_sdbm_rdonly@Base 1.2.7+dfsg + apr_sdbm_store@Base 1.2.7+dfsg + apr_sdbm_unlock@Base 1.2.7+dfsg + apr_sha1_base64@Base 1.2.7+dfsg + apr_sha1_final@Base 1.2.7+dfsg + apr_sha1_init@Base 1.2.7+dfsg + apr_sha1_update@Base 1.2.7+dfsg + apr_sha1_update_binary@Base 1.2.7+dfsg + apr_strmatch_precompile@Base 1.2.7+dfsg + apr_text_append@Base 1.2.7+dfsg + apr_thread_pool_busy_count@Base 1.3.2+dfsg + apr_thread_pool_create@Base 1.3.2+dfsg + apr_thread_pool_destroy@Base 1.3.2+dfsg + apr_thread_pool_idle_count@Base 1.3.2+dfsg + apr_thread_pool_idle_max_get@Base 1.3.2+dfsg + apr_thread_pool_idle_max_set@Base 1.3.2+dfsg + apr_thread_pool_idle_wait_get@Base 1.3.2+dfsg + apr_thread_pool_idle_wait_set@Base 1.3.2+dfsg + apr_thread_pool_push@Base 1.3.2+dfsg + apr_thread_pool_schedule@Base 1.3.2+dfsg + apr_thread_pool_scheduled_tasks_count@Base 1.3.2+dfsg + apr_thread_pool_task_owner_get@Base 1.3.2+dfsg + apr_thread_pool_tasks_cancel@Base 1.3.2+dfsg + apr_thread_pool_tasks_count@Base 1.3.2+dfsg + apr_thread_pool_tasks_high_count@Base 1.3.2+dfsg + apr_thread_pool_tasks_run_count@Base 1.3.2+dfsg + apr_thread_pool_thread_max_get@Base 1.3.2+dfsg + apr_thread_pool_thread_max_set@Base 1.3.2+dfsg + apr_thread_pool_threads_count@Base 1.3.2+dfsg + apr_thread_pool_threads_high_count@Base 1.3.2+dfsg + apr_thread_pool_threads_idle_timeout_count@Base 1.3.2+dfsg + apr_thread_pool_threshold_get@Base 1.3.2+dfsg + apr_thread_pool_threshold_set@Base 1.3.2+dfsg + apr_thread_pool_top@Base 1.3.2+dfsg + apr_uri_parse@Base 1.2.7+dfsg + apr_uri_parse_hostinfo@Base 1.2.7+dfsg + apr_uri_port_of_scheme@Base 1.2.7+dfsg + apr_uri_unparse@Base 1.2.7+dfsg + apr_uuid_format@Base 1.2.7+dfsg + apr_uuid_get@Base 1.2.7+dfsg + apr_uuid_parse@Base 1.2.7+dfsg + apr_xlate_close@Base 1.2.7+dfsg + apr_xlate_conv_buffer@Base 1.2.7+dfsg + apr_xlate_conv_byte@Base 1.2.7+dfsg + apr_xlate_open@Base 1.2.7+dfsg + apr_xlate_sb_get@Base 1.2.7+dfsg + apr_xml_empty_elem@Base 1.2.7+dfsg + apr_xml_insert_uri@Base 1.2.7+dfsg + apr_xml_parse_file@Base 1.2.7+dfsg + apr_xml_parser_create@Base 1.2.7+dfsg + apr_xml_parser_done@Base 1.2.7+dfsg + apr_xml_parser_feed@Base 1.2.7+dfsg + apr_xml_parser_geterror@Base 1.2.7+dfsg + apr_xml_quote_elem@Base 1.2.7+dfsg + apr_xml_quote_string@Base 1.2.7+dfsg + apr_xml_to_text@Base 1.2.7+dfsg + apu__sdbm_chkpage@Base 1.2.7+dfsg + apu__sdbm_delpair@Base 1.2.7+dfsg + apu__sdbm_duppair@Base 1.2.7+dfsg + apu__sdbm_fitpair@Base 1.2.7+dfsg + apu__sdbm_getnkey@Base 1.2.7+dfsg + apu__sdbm_getpair@Base 1.2.7+dfsg + apu__sdbm_hash@Base 1.2.7+dfsg + apu__sdbm_nullitem@Base 1.2.7+dfsg + apu__sdbm_putpair@Base 1.2.7+dfsg + apu__sdbm_splpage@Base 1.2.7+dfsg + apu_dso_init@Base 1.3.2+dfsg + apu_dso_load@Base 1.3.2+dfsg + apu_dso_mutex_lock@Base 1.3.2+dfsg + apu_dso_mutex_unlock@Base 1.3.2+dfsg + apu_version@Base 1.2.7+dfsg + apu_version_string@Base 1.2.7+dfsg --- apr-util-1.3.12+dfsg.orig/debian/libaprutil1.lintian-overrides +++ apr-util-1.3.12+dfsg/debian/libaprutil1.lintian-overrides @@ -0,0 +1,2 @@ +libaprutil1: symbols-declares-dependency-on-other-package +libaprutil1: package-name-doesnt-match-sonames libaprutil-1-0 --- apr-util-1.3.12+dfsg.orig/debian/libaprutil1.install +++ apr-util-1.3.12+dfsg/debian/libaprutil1.install @@ -0,0 +1,2 @@ +debian/tmp/usr/lib/libaprutil-1.so.* usr/lib/ +debian/tmp/usr/lib/apr-util-1/apr_dbm*.so* usr/lib/apr-util-1 --- apr-util-1.3.12+dfsg.orig/debian/libaprutil1-dbd-odbc.install +++ apr-util-1.3.12+dfsg/debian/libaprutil1-dbd-odbc.install @@ -0,0 +1,2 @@ +debian/tmp/usr/lib/apr-util-1/apr_dbd_odbc-1.so usr/lib/apr-util-1/ +debian/tmp/usr/lib/apr-util-1/apr_dbd_odbc.so usr/lib/apr-util-1/ --- apr-util-1.3.12+dfsg.orig/debian/patches/010_dont_use_all_pg_build_deps.dpatch +++ apr-util-1.3.12+dfsg/debian/patches/010_dont_use_all_pg_build_deps.dpatch @@ -0,0 +1,64 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 010_dont_use_all_pg_build_deps.dpatch by Ryan Niebur +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad aprutil~/build/dbd.m4 aprutil/build/dbd.m4 +--- aprutil~/build/dbd.m4 2008-12-26 13:40:37.000000000 -0800 ++++ aprutil/build/dbd.m4 2008-12-26 13:43:37.000000000 -0800 +@@ -44,7 +44,7 @@ + AC_CHECK_LIB(pq, PQsendQueryPrepared, [apu_have_pgsql=1],[ + if test "x$PGSQL_CONFIG" != 'x'; then + unset ac_cv_lib_pq_PQsendQueryPrepared +- pgsql_LIBS="`$PGSQL_CONFIG --libs`" ++ pgsql_LIBS="-lpq" + APR_ADDTO(LIBS, [$pgsql_LIBS]) + AC_CHECK_LIB(pq, PQsendQueryPrepared, [apu_have_pgsql=1]) + fi +@@ -55,7 +55,7 @@ + AC_CHECK_LIB(pq, PQsendQueryPrepared, [apu_have_pgsql=1],[ + if test "x$PGSQL_CONFIG" != 'x'; then + unset ac_cv_lib_pq_PQsendQueryPrepared +- pgsql_LIBS="`$PGSQL_CONFIG --libs`" ++ pgsql_LIBS="-lpq" + APR_ADDTO(LIBS, [$pgsql_LIBS]) + AC_CHECK_LIB(pq, PQsendQueryPrepared, [apu_have_pgsql=1]) + fi +@@ -85,7 +85,7 @@ + AC_CHECK_LIB(pq, PQsendQueryPrepared, [apu_have_pgsql=1],[ + if test "x$PGSQL_CONFIG" != 'x'; then + unset ac_cv_lib_pq_PQsendQueryPrepared +- pgsql_LIBS="`$PGSQL_CONFIG --libs`" ++ pgsql_LIBS="-lpq" + APR_ADDTO(LIBS, [$pgsql_LIBS]) + AC_CHECK_LIB(pq, PQsendQueryPrepared, [apu_have_pgsql=1]) + fi +@@ -96,7 +96,7 @@ + AC_CHECK_LIB(pq, PQsendQueryPrepared, [apu_have_pgsql=1],[ + if test "x$PGSQL_CONFIG" != 'x'; then + unset ac_cv_lib_pq_PQsendQueryPrepared +- pgsql_LIBS="`$PGSQL_CONFIG --libs`" ++ pgsql_LIBS="-lpq" + APR_ADDTO(LIBS, [$pgsql_LIBS]) + AC_CHECK_LIB(pq, PQsendQueryPrepared, [apu_have_pgsql=1]) + fi +@@ -121,7 +121,7 @@ + AC_CHECK_LIB(pq, PQsendQueryPrepared, [apu_have_pgsql=1],[ + if test "x$PGSQL_CONFIG" != 'x'; then + unset ac_cv_lib_pq_PQsendQueryPrepared +- pgsql_LIBS="`$PGSQL_CONFIG --libs`" ++ pgsql_LIBS="-lpq" + APR_ADDTO(LIBS, [$pgsql_LIBS]) + AC_CHECK_LIB(pq, PQsendQueryPrepared, [apu_have_pgsql=1]) + fi +@@ -132,7 +132,7 @@ + AC_CHECK_LIB(pq, PQsendQueryPrepared, [apu_have_pgsql=1],[ + if test "x$PGSQL_CONFIG" != 'x'; then + unset ac_cv_lib_pq_PQsendQueryPrepared +- pgsql_LIBS="`$PGSQL_CONFIG --libs`" ++ pgsql_LIBS="-lpq" + APR_ADDTO(LIBS, [$pgsql_LIBS]) + AC_CHECK_LIB(pq, PQsendQueryPrepared, [apu_have_pgsql=1]) + fi --- apr-util-1.3.12+dfsg.orig/debian/patches/002_configure_in_remove_syspaths.dpatch +++ apr-util-1.3.12+dfsg/debian/patches/002_configure_in_remove_syspaths.dpatch @@ -0,0 +1,21 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 002_configure_in_remove_syspaths.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ + +diff -urNad apr-util1.0-1.2.2~/configure.in apr-util1.0-1.2.2/configure.in +--- apr-util1.0-1.2.2~/configure.in 2005-05-05 21:24:29.000000000 +0200 ++++ apr-util1.0-1.2.2/configure.in 2006-01-27 13:32:04.000000000 +0100 +@@ -153,6 +153,9 @@ + dnl + APR_ADDTO(APRUTIL_LIBS, [$APR_LIBS]) + ++APR_REMOVEFROM(APRUTIL_LDFLAGS, [-L/usr/lib]) ++APR_REMOVEFROM(APRUTIL_INCLUDE, [-I/usr/include]) ++ + AC_SUBST(APRUTIL_EXPORT_LIBS) + AC_SUBST(APRUTIL_PRIV_INCLUDES) + AC_SUBST(APRUTIL_INCLUDES) --- apr-util-1.3.12+dfsg.orig/debian/patches/011_avoid_ldap_by_defaut.dpatch +++ apr-util-1.3.12+dfsg/debian/patches/011_avoid_ldap_by_defaut.dpatch @@ -0,0 +1,39 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## avoid-ldap-by-default.dpatch by Ryan Niebur +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: by default --avoid-ldap since apache2 is the only user, and we +## don't want to add extra dependencies to other apr-utils rdepends + +@DPATCH@ +diff -urNad apr-util~/apu-config.in apr-util/apu-config.in +--- apr-util~/apu-config.in 2009-03-27 11:30:29.000000000 -0700 ++++ apr-util/apu-config.in 2009-03-27 11:35:15.000000000 -0700 +@@ -30,7 +30,8 @@ + LIBS="@APRUTIL_EXPORT_LIBS@" + INCLUDES="@APRUTIL_INCLUDES@" + LDFLAGS="@APRUTIL_LDFLAGS@" +-LDAP_LIBS="@LDADD_ldap@" ++ORIG_LDAP_LIBS="@LDADD_ldap@" ++LDAP_LIBS="" + DBM_LIBS="@LDADD_dbm_db@ @LDADD_dbm_gdbm@ @LDADD_dbm_ndbm@" + + APRUTIL_LIBNAME="@APRUTIL_LIBNAME@" +@@ -54,7 +55,7 @@ + --includedir print location where headers are installed + --ldflags print linker flags + --libs print library information +- --avoid-ldap do not include ldap library information with --libs ++ --avoid-ldap do not include ldap library information with --libs (default on Debian) + --ldap-libs print additional library information to link with ldap + --srcdir print APR-util source directory + --link-ld print link switch(es) for linking to APR-util +@@ -119,7 +120,7 @@ + flags="$flags $LDAP_LIBS $LIBS" + ;; + --ldap-libs) +- flags="$flags $LDAP_LIBS" ++ flags="$flags $ORIG_LDAP_LIBS" + ;; + --includedir) + if test "$location" = "installed"; then --- apr-util-1.3.12+dfsg.orig/debian/patches/001_dbm_read_hash_or_btree +++ apr-util-1.3.12+dfsg/debian/patches/001_dbm_read_hash_or_btree @@ -0,0 +1,31 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 001_dbm_read_hash_or_btree by Adam Conrad +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Be more liberal in the types of DBM files we accept. + +@DPATCH@ +--- apr-util/dbm/apr_dbm_berkeleydb.c 2004-02-13 02:52:42.000000000 -0700 ++++ apr-util/dbm/apr_dbm_berkeleydb.c 2004-09-28 00:21:37.000000000 -0600 +@@ -172,6 +172,21 @@ + apr_posix_perms2mode(perm))) != 0) { + /* close the DB handler */ + (void) (*file.bdb->close)(file.bdb, 0); ++ if (dberr == EINVAL) { ++ if ((dberr = db_create(&file.bdb, NULL, 0)) == 0) { ++ if ((dberr = (*file.bdb->open)(file.bdb, ++#if DB_VER == 4 ++ NULL, ++#endif ++ pathname, NULL, ++ DB_BTREE, dbmode, ++ apr_posix_perms2mode(perm))) != 0) { ++ ++ /* close the DB handler */ ++ (void) (*file.bdb->close)(file.bdb, 0); ++ } ++ } ++ } + } + } + file.curs = NULL; --- apr-util-1.3.12+dfsg.orig/debian/patches/016_avoid_db_by-default.dpatch +++ apr-util-1.3.12+dfsg/debian/patches/016_avoid_db_by-default.dpatch @@ -0,0 +1,38 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 016_avoid_db_by-default.dpatch by Stefan Fritsch +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: #622081 + +@DPATCH@ +diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' trunk~/apu-config.in trunk/apu-config.in +--- trunk~/apu-config.in 2011-05-21 21:41:11.239997616 +0200 ++++ trunk/apu-config.in 2011-05-21 21:41:39.687997599 +0200 +@@ -32,7 +32,8 @@ + LDFLAGS="@APRUTIL_LDFLAGS@" + ORIG_LDAP_LIBS="@LDADD_ldap@" + LDAP_LIBS="" +-DBM_LIBS="@LDADD_dbm_db@ @LDADD_dbm_gdbm@ @LDADD_dbm_ndbm@" ++ORIG_DBM_LIBS="@LDADD_dbm_db@ @LDADD_dbm_gdbm@ @LDADD_dbm_ndbm@" ++DBM_LIBS="" + + APRUTIL_LIBNAME="@APRUTIL_LIBNAME@" + +@@ -58,7 +59,7 @@ + --libs print library information + --avoid-ldap do not include ldap library information with --libs (default on Debian) + --ldap-libs print additional library information to link with ldap +- --avoid-dbm do not include DBM library information with --libs ++ --avoid-dbm do not include DBM library information with --libs (default on Debian) + --dbm-libs print additional library information to link with DBM + --srcdir print APR-util source directory + --link-ld print link switch(es) for linking to APR-util +@@ -129,7 +130,7 @@ + flags="$flags $ORIG_LDAP_LIBS" + ;; + --dbm-libs) +- flags="$flags $DBM_LIBS" ++ flags="$flags $ORIG_DBM_LIBS" + ;; + --includedir) + if test "$location" = "installed"; then --- apr-util-1.3.12+dfsg.orig/debian/patches/004_debian_layout_fix.dpatch +++ apr-util-1.3.12+dfsg/debian/patches/004_debian_layout_fix.dpatch @@ -0,0 +1,19 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 004_debian_layout_fix.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Fix the includedir in the Debian layout. + +@DPATCH@ +diff -urNad apr-util-1.2.7~/config.layout apr-util-1.2.7/config.layout +--- apr-util-1.2.7~/config.layout 2005-02-09 13:18:43.000000000 +0100 ++++ apr-util-1.2.7/config.layout 2006-06-15 14:18:42.000000000 +0200 +@@ -223,7 +223,7 @@ + libexecdir: ${exec_prefix}/lib/apr/modules + mandir: ${exec_prefix}/share/man + datadir: ${exec_prefix}/share/apr +- includedir: ${exec_prefix}/include/apr-${APRUTIL_MAJOR_VERSION} ++ includedir: ${exec_prefix}/include/apr-1.0 + localstatedir: ${prefix}/var/run + runtimedir: ${prefix}/var/run + infodir: ${exec_prefix}/share/info --- apr-util-1.3.12+dfsg.orig/debian/patches/003_buildconf_config.guess_sub_location.dpatch +++ apr-util-1.3.12+dfsg/debian/patches/003_buildconf_config.guess_sub_location.dpatch @@ -0,0 +1,21 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 003_buildconf_config.guess_sub_location.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad apr-util-1.2.7~/buildconf apr-util-1.2.7/buildconf +--- apr-util-1.2.7~/buildconf 2006-04-28 22:53:11.000000000 +0200 ++++ apr-util-1.2.7/buildconf 2006-04-28 22:55:02.000000000 +0200 +@@ -56,8 +56,8 @@ + rm -f build/apr_common.m4 build/find_apr.m4 build/install.sh \ + build/config.guess build/config.sub build/get-version.sh + cp -p $apr_src_dir/build/apr_common.m4 $apr_src_dir/build/find_apr.m4 \ +- $apr_src_dir/build/install.sh $apr_src_dir/build/config.guess \ +- $apr_src_dir/build/config.sub $apr_src_dir/build/get-version.sh \ ++ $apr_src_dir/build/install.sh /usr/share/misc/config.guess \ ++ /usr/share/misc/config.sub $apr_src_dir/build/get-version.sh \ + build/ + + # Remove aclocal.m4 as it'll break some builds... --- apr-util-1.3.12+dfsg.orig/debian/patches/014_apu_config_dont_list_indep_libs.dpatch +++ apr-util-1.3.12+dfsg/debian/patches/014_apu_config_dont_list_indep_libs.dpatch @@ -0,0 +1,31 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## apu-config.dpatch by +## +## DP: Prevent recursive linking of dependent libraries by apr-util users. + +@DPATCH@ +diff -urNad apr-util~/apr-util.pc.in apr-util/apr-util.pc.in +--- apr-util~/apr-util.pc.in 2008-06-27 15:36:07.000000000 -0700 ++++ apr-util/apr-util.pc.in 2008-06-27 16:03:17.000000000 -0700 +@@ -8,6 +8,7 @@ + Description: Companion library for APR + Version: @APRUTIL_DOTTED_VERSION@ + # assume that apr-util requires libapr of same major version +-Requires: apr-@APRUTIL_MAJOR_VERSION@ +-Libs: -L${libdir} -l@APRUTIL_LIBNAME@ @LDADD_ldap@ @APRUTIL_EXPORT_LIBS@ ++Requires.private: apr-@APRUTIL_MAJOR_VERSION@ ++Libs: -L${libdir} -l@APRUTIL_LIBNAME@ @LDADD_ldap@ ++Libs.private: @APRUTIL_EXPORT_LIBS@ + Cflags: -I${includedir} +diff -urNad apr-util~/apu-config.in apr-util/apu-config.in +--- apr-util~/apu-config.in 2008-05-23 14:27:59.000000000 -0700 ++++ apr-util/apu-config.in 2008-06-27 16:30:04.000000000 -0700 +@@ -27,7 +27,7 @@ + libdir="@libdir@" + includedir="@includedir@" + +-LIBS="@APRUTIL_EXPORT_LIBS@" ++LIBS= + INCLUDES="@APRUTIL_INCLUDES@" + LDFLAGS="@APRUTIL_LDFLAGS@" + LDAP_LIBS="@LDADD_ldap@" --- apr-util-1.3.12+dfsg.orig/debian/patches/013_ship_find_apu.m4.dpatch +++ apr-util-1.3.12+dfsg/debian/patches/013_ship_find_apu.m4.dpatch @@ -0,0 +1,23 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 013_ship_find_apu.m4.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad apr-util~/Makefile.in apr-util/Makefile.in +--- apr-util~/Makefile.in 2008-06-27 14:56:17.000000000 -0700 ++++ apr-util/Makefile.in 2008-06-27 15:33:50.000000000 -0700 +@@ -84,6 +84,12 @@ + $(INSTALL_DATA) aprutil.exp $(DESTDIR)$(libdir) + $(INSTALL) -m 755 apu-config.out $(DESTDIR)$(bindir)/$(APU_CONFIG) + ++ if [ ! -d $(DESTDIR)$(installbuilddir) ]; then \ ++ @APR_SOURCE_DIR@/build/mkdir.sh $(DESTDIR)$(installbuilddir); \ ++ fi ++ $(LIBTOOL) --mode=install cp $(top_srcdir)/build/find_apu.m4 \ ++ $(DESTDIR)$(installbuilddir)/find_apu.m4 ++ + $(TARGET_LIB): $(OBJECTS) $(EXTRA_OBJECTS) + $(LINK) @lib_target@ $(EXTRA_OBJECTS) $(ALL_LIBS) $(APRUTIL_LDFLAGS) $(APRUTIL_LIBS) + --- apr-util-1.3.12+dfsg.orig/debian/patches/015_disable_expat_buildconf.dpatch +++ apr-util-1.3.12+dfsg/debian/patches/015_disable_expat_buildconf.dpatch @@ -0,0 +1,26 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 015_disable_expat_buildconf.dpatch by Stefan Fritsch +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: We don't need the bundled expat. This allows us to avoid a build-dep +## DP: on libtool. + +@DPATCH@ +diff -urNad trunk~/buildconf trunk/buildconf +--- trunk~/buildconf 2009-09-12 14:45:13.892735207 +0200 ++++ trunk/buildconf 2009-09-12 14:45:46.560734181 +0200 +@@ -84,14 +84,6 @@ + echo "Generating 'make' outputs ..." + $apr_src_dir/build/gen-build.py $verbose make + +-# +-# If Expat has been bundled, then go and configure the thing +-# +-if [ -f xml/expat/buildconf.sh ]; then +- echo "Invoking xml/expat/buildconf.sh ..." +- (cd xml/expat; ./buildconf.sh $verbose) +-fi +- + # Remove autoconf cache again + rm -rf autom4te*.cache + --- apr-util-1.3.12+dfsg.orig/debian/patches/099_alternate_md4_md5_impl.dpatch +++ apr-util-1.3.12+dfsg/debian/patches/099_alternate_md4_md5_impl.dpatch @@ -0,0 +1,1377 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 099_alternate_md4_md5_impl.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad apr-util-1.2.7~/crypto/apr_md4.c apr-util-1.2.7/crypto/apr_md4.c +--- apr-util-1.2.7~/crypto/apr_md4.c 1970-01-01 01:00:00.000000000 +0100 ++++ apr-util-1.2.7/crypto/apr_md4.c 2006-08-18 14:21:41.000000000 +0200 +@@ -0,0 +1,389 @@ ++/* Adopted for apr-util by Tollef Fog Heen */ ++ ++/* ++ * MD4 (RFC-1320) message digest. ++ * Modified from MD5 code by Andrey Panin ++ * ++ * Written by Solar Designer in 2001, and placed in ++ * the public domain. There's absolutely no warranty. ++ * ++ * This differs from Colin Plumb's older public domain implementation in ++ * that no 32-bit integer data type is required, there's no compile-time ++ * endianness configuration, and the function prototypes match OpenSSL's. ++ * The primary goals are portability and ease of use. ++ * ++ * This implementation is meant to be fast, but not as fast as possible. ++ * Some known optimizations are not included to reduce source code size ++ * and avoid compile-time configuration. ++ */ ++ ++/* Copyright 2001-2005 The Apache Software Foundation or its licensors, as ++ * applicable. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#include "apr_strings.h" ++#include "apr_md4.h" ++#include "apr_lib.h" ++ ++#if APR_HAVE_STRING_H ++#include ++#endif ++#if APR_HAVE_UNISTD_H ++#include ++#endif ++ ++#if APR_CHARSET_EBCDIC ++static apr_xlate_t *xlate_ebcdic_to_ascii; /* used in apr_md4_encode() */ ++#endif ++ ++static const void *body(apr_md4_ctx_t *context, const void *data, size_t size); ++ ++/* ++ * The basic MD4 functions. ++ */ ++#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) ++#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z))) ++#define H(x, y, z) ((x) ^ (y) ^ (z)) ++ ++/* ++ * The MD4 transformation for all four rounds. ++ */ ++#define STEP(f, a, b, c, d, x, s) \ ++ (a) += f((b), (c), (d)) + (x); \ ++ (a) = ((a) << (s)) | ((a) >> (32 - (s))) ++ ++ ++/* ++ * SET reads 4 input bytes in little-endian byte order and stores them ++ * in a properly aligned word in host byte order. ++ * ++ * The check for little-endian architectures which tolerate unaligned ++ * memory accesses is just an optimization. Nothing will break if it ++ * doesn't work. ++ */ ++/*#if defined(__i386__) || defined(__x86_64__) || defined(__vax__) ++#define SET(n) \ ++ (*(const apr_uint32_t *)&ptr[(n) * 4]) ++#define GET(n) \ ++ SET(n) ++ #else*/ ++#define SET(n) \ ++ (block[(n)] = \ ++ (apr_uint32_t)ptr[(n) * 4] | \ ++ ((apr_uint32_t)ptr[(n) * 4 + 1] << 8) | \ ++ ((apr_uint32_t)ptr[(n) * 4 + 2] << 16) | \ ++ ((apr_uint32_t)ptr[(n) * 4 + 3] << 24)) ++#define GET(n) \ ++ (block[(n)]) ++/*#endif*/ ++ ++ ++ ++/* MD4 initialization. Begins an MD4 operation, writing a new context. ++ */ ++APU_DECLARE(apr_status_t) apr_md4_init(apr_md4_ctx_t *context) ++{ ++ context->count[0] = context->count[1] = 0; ++ ++ /* Load magic initialization constants. */ ++ context->state[0] = 0x67452301; ++ context->state[1] = 0xefcdab89; ++ context->state[2] = 0x98badcfe; ++ context->state[3] = 0x10325476; ++ ++#if APR_HAS_XLATE ++ context->xlate = NULL; ++#endif ++ ++ return APR_SUCCESS; ++} ++ ++#if APR_HAS_XLATE ++/* MD4 translation setup. Provides the APR translation handle ++ * to be used for translating the content before calculating the ++ * digest. ++ */ ++APU_DECLARE(apr_status_t) apr_md4_set_xlate(apr_md4_ctx_t *context, ++ apr_xlate_t *xlate) ++{ ++ apr_status_t rv; ++ int is_sb; ++ ++ /* TODO: remove the single-byte-only restriction from this code ++ */ ++ rv = apr_xlate_sb_get(xlate, &is_sb); ++ if (rv != APR_SUCCESS) { ++ return rv; ++ } ++ if (!is_sb) { ++ return APR_EINVAL; ++ } ++ context->xlate = xlate; ++ return APR_SUCCESS; ++} ++#endif /* APR_HAS_XLATE */ ++ ++/* MD4 block update operation. Continues an MD4 message-digest ++ * operation, processing another message block, and updating the ++ * context. ++ */ ++APU_DECLARE(apr_status_t) apr_md4_update(apr_md4_ctx_t *context, ++ const unsigned char *input, ++ apr_size_t inputLen) ++{ ++ apr_uint32_t saved_lo; ++ unsigned long used, free; ++#if APR_HAS_XLATE ++/* apr_size_t inbytes_left, outbytes_left;*/ ++#endif ++ ++ /* Update number of bits */ ++ saved_lo = context->count[0]; ++ if ((context->count[0] = (saved_lo + inputLen) & 0x1fffffff) < saved_lo) ++ context->count[1]++; ++ context->count[1] += (apr_uint32_t)inputLen >> 29; ++ ++ /* Compute number of bytes mod 64 */ ++ used = saved_lo & 0x3f; ++ ++ /* Transform as many times as possible. */ ++ if (used) { ++ free = 64 - used; ++ ++ if (inputLen < free) { ++ memcpy(&context->buffer[used], input, inputLen); ++ return APR_SUCCESS; ++ } ++ ++ memcpy(&context->buffer[used], input, free); ++ input = (const unsigned char *) input + free; ++ inputLen -= free; ++ body(context, context->buffer, 64); ++ } ++ ++ if (inputLen >= 64) { ++ input = body(context, input, inputLen & ~(unsigned long)0x3f); ++ inputLen &= 0x3f; ++ } ++ ++ /* Buffer remaining input */ ++ memcpy(context->buffer, input, inputLen); ++ return APR_SUCCESS; ++} ++ ++/* MD4 finalization. Ends an MD4 message-digest operation, writing the ++ * the message digest and zeroizing the context. ++ */ ++APU_DECLARE(apr_status_t) apr_md4_final( ++ unsigned char digest[APR_MD4_DIGESTSIZE], ++ apr_md4_ctx_t *context) ++{ ++ unsigned long used, free; ++ ++ used = context->count[0] & 0x3f; ++ ++ context->buffer[used++] = 0x80; ++ ++ free = 64 - used; ++ ++#if APR_HAS_XLATE ++ /* apr_md4_update() should not translate for this final round. */ ++ context->xlate = NULL; ++#endif /*APR_HAS_XLATE*/ ++ ++ if (free < 8) { ++ memset(&context->buffer[used], 0, free); ++ body(context, context->buffer, 64); ++ used = 0; ++ free = 64; ++ } ++ ++ memset(&context->buffer[used], 0, free - 8); ++ ++ context->count[0] <<= 3; ++ context->buffer[56] = context->count[0]; ++ context->buffer[57] = context->count[0] >> 8; ++ context->buffer[58] = context->count[0] >> 16; ++ context->buffer[59] = context->count[0] >> 24; ++ context->buffer[60] = context->count[1]; ++ context->buffer[61] = context->count[1] >> 8; ++ context->buffer[62] = context->count[1] >> 16; ++ context->buffer[63] = context->count[1] >> 24; ++ ++ body(context, context->buffer, 64); ++ ++ digest[0] = context->state[0]; ++ digest[1] = context->state[0] >> 8; ++ digest[2] = context->state[0] >> 16; ++ digest[3] = context->state[0] >> 24; ++ digest[4] = context->state[1]; ++ digest[5] = context->state[1] >> 8; ++ digest[6] = context->state[1] >> 16; ++ digest[7] = context->state[1] >> 24; ++ digest[8] = context->state[2]; ++ digest[9] = context->state[2] >> 8; ++ digest[10] = context->state[2] >> 16; ++ digest[11] = context->state[2] >> 24; ++ digest[12] = context->state[3]; ++ digest[13] = context->state[3] >> 8; ++ digest[14] = context->state[3] >> 16; ++ digest[15] = context->state[3] >> 24; ++ ++ /* Zeroize sensitive information. */ ++ memset(context, 0, sizeof(*context)); ++ ++ return APR_SUCCESS; ++} ++ ++/* MD4 computation in one step (init, update, final) ++ */ ++APU_DECLARE(apr_status_t) apr_md4(unsigned char digest[APR_MD4_DIGESTSIZE], ++ const unsigned char *input, ++ apr_size_t inputLen) ++{ ++ apr_md4_ctx_t ctx; ++ apr_status_t rv; ++ ++ apr_md4_init(&ctx); ++ ++ if ((rv = apr_md4_update(&ctx, input, inputLen)) != APR_SUCCESS) ++ return rv; ++ ++ return apr_md4_final(digest, &ctx); ++} ++ ++/* ++ * This processes one or more 64-byte data blocks, but does NOT update ++ * the bit counters. There're no alignment requirements. ++ */ ++static const void *body(apr_md4_ctx_t *context, const void *data, size_t size) ++{ ++ const unsigned char *ptr, *convptr; ++ uint32_t a, b, c, d; ++ uint32_t saved_a, saved_b, saved_c, saved_d; ++ apr_uint32_t block[16]; ++ ++#ifdef APR_HAS_XLATE ++ apr_size_t inbytes_left, outbytes_left; ++#endif ++ ++ ptr = data; ++ ++ a = context->state[0]; ++ b = context->state[1]; ++ c = context->state[2]; ++ d = context->state[3]; ++ ++ do { ++ saved_a = a; ++ saved_b = b; ++ saved_c = c; ++ saved_d = d; ++ ++ convptr = ptr; ++#ifdef APR_HAS_XLATE ++ if (context->xlate) { ++ inbytes_left = outbytes_left = 64; ++ unsigned char inp_tmp[64]; ++ apr_xlate_conv_buffer(context->xlate, ptr, &inbytes_left, ++ inp_tmp, &outbytes_left); ++ convptr = inp_tmp; ++ } ++#endif ++ /* Round 1 */ ++ STEP(F, a, b, c, d, SET( 0), 3); ++ STEP(F, d, a, b, c, SET( 1), 7); ++ STEP(F, c, d, a, b, SET( 2), 11); ++ STEP(F, b, c, d, a, SET( 3), 19); ++ ++ STEP(F, a, b, c, d, SET( 4), 3); ++ STEP(F, d, a, b, c, SET( 5), 7); ++ STEP(F, c, d, a, b, SET( 6), 11); ++ STEP(F, b, c, d, a, SET( 7), 19); ++ ++ STEP(F, a, b, c, d, SET( 8), 3); ++ STEP(F, d, a, b, c, SET( 9), 7); ++ STEP(F, c, d, a, b, SET(10), 11); ++ STEP(F, b, c, d, a, SET(11), 19); ++ ++ STEP(F, a, b, c, d, SET(12), 3); ++ STEP(F, d, a, b, c, SET(13), 7); ++ STEP(F, c, d, a, b, SET(14), 11); ++ STEP(F, b, c, d, a, SET(15), 19); ++ /* Round 2 */ ++ STEP(G, a, b, c, d, GET( 0) + 0x5A827999, 3); ++ STEP(G, d, a, b, c, GET( 4) + 0x5A827999, 5); ++ STEP(G, c, d, a, b, GET( 8) + 0x5A827999, 9); ++ STEP(G, b, c, d, a, GET(12) + 0x5A827999, 13); ++ ++ STEP(G, a, b, c, d, GET( 1) + 0x5A827999, 3); ++ STEP(G, d, a, b, c, GET( 5) + 0x5A827999, 5); ++ STEP(G, c, d, a, b, GET( 9) + 0x5A827999, 9); ++ STEP(G, b, c, d, a, GET(13) + 0x5A827999, 13); ++ ++ STEP(G, a, b, c, d, GET( 2) + 0x5A827999, 3); ++ STEP(G, d, a, b, c, GET( 6) + 0x5A827999, 5); ++ STEP(G, c, d, a, b, GET(10) + 0x5A827999, 9); ++ STEP(G, b, c, d, a, GET(14) + 0x5A827999, 13); ++ ++ STEP(G, a, b, c, d, GET( 3) + 0x5A827999, 3); ++ STEP(G, d, a, b, c, GET( 7) + 0x5A827999, 5); ++ STEP(G, c, d, a, b, GET(11) + 0x5A827999, 9); ++ STEP(G, b, c, d, a, GET(15) + 0x5A827999, 13); ++ /* Round 3 */ ++ STEP(H, a, b, c, d, GET( 0) + 0x6ED9EBA1, 3); ++ STEP(H, d, a, b, c, GET( 8) + 0x6ED9EBA1, 9); ++ STEP(H, c, d, a, b, GET( 4) + 0x6ED9EBA1, 11); ++ STEP(H, b, c, d, a, GET(12) + 0x6ED9EBA1, 15); ++ ++ STEP(H, a, b, c, d, GET( 2) + 0x6ED9EBA1, 3); ++ STEP(H, d, a, b, c, GET(10) + 0x6ED9EBA1, 9); ++ STEP(H, c, d, a, b, GET( 6) + 0x6ED9EBA1, 11); ++ STEP(H, b, c, d, a, GET(14) + 0x6ED9EBA1, 15); ++ ++ STEP(H, a, b, c, d, GET( 1) + 0x6ED9EBA1, 3); ++ STEP(H, d, a, b, c, GET( 9) + 0x6ED9EBA1, 9); ++ STEP(H, c, d, a, b, GET( 5) + 0x6ED9EBA1, 11); ++ STEP(H, b, c, d, a, GET(13) + 0x6ED9EBA1, 15); ++ ++ STEP(H, a, b, c, d, GET( 3) + 0x6ED9EBA1, 3); ++ STEP(H, d, a, b, c, GET(11) + 0x6ED9EBA1, 9); ++ STEP(H, c, d, a, b, GET( 7) + 0x6ED9EBA1, 11); ++ STEP(H, b, c, d, a, GET(15) + 0x6ED9EBA1, 15); ++ ++ a += saved_a; ++ b += saved_b; ++ c += saved_c; ++ d += saved_d; ++ ++ ptr += 64; ++ } while (size -= 64); ++ ++ context->state[0] = a; ++ context->state[1] = b; ++ context->state[2] = c; ++ context->state[3] = d; ++ ++ return ptr; ++} ++ ++ ++#if APR_CHARSET_EBCDIC ++APU_DECLARE(apr_status_t) apr_MD4InitEBCDIC(apr_xlate_t *xlate) ++{ ++ xlate_ebcdic_to_ascii = xlate; ++ return APR_SUCCESS; ++} ++#endif +diff -urNad apr-util-1.2.7~/crypto/apr_md5.c apr-util-1.2.7/crypto/apr_md5.c +--- apr-util-1.2.7~/crypto/apr_md5.c 1970-01-01 01:00:00.000000000 +0100 ++++ apr-util-1.2.7/crypto/apr_md5.c 2006-08-18 14:21:41.000000000 +0200 +@@ -0,0 +1,686 @@ ++/* FIXME: body must handle xlate */ ++ ++/* ++ * Adopted for apr-util by Tollef Fog Heen ++ */ ++ ++/* ++ * This is an OpenSSL-compatible implementation of the RSA Data Security, ++ * Inc. MD5 Message-Digest Algorithm. ++ * ++ * Written by Solar Designer in 2001, and placed in ++ * the public domain. See md5.c for more information. ++ */ ++ ++/* Copyright 2000-2005 The Apache Software Foundation or its licensors, as ++ * applicable. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++/* ++ * The apr_md5_encode() routine uses much code obtained from the FreeBSD 3.0 ++ * MD5 crypt() function, which is licenced as follows: ++ * ---------------------------------------------------------------------------- ++ * "THE BEER-WARE LICENSE" (Revision 42): ++ * wrote this file. As long as you retain this notice you ++ * can do whatever you want with this stuff. If we meet some day, and you think ++ * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp ++ * ---------------------------------------------------------------------------- ++ */ ++#include "apr_strings.h" ++#include "apr_md5.h" ++#include "apr_lib.h" ++#include "apu_config.h" ++#include "apr_sha1.h" ++ ++#if APR_HAVE_STRING_H ++#include ++#endif ++#if APR_HAVE_CRYPT_H ++#include ++#endif ++#if APR_HAVE_UNISTD_H ++#include ++#endif ++#if APR_HAVE_PTHREAD_H ++#include ++#endif ++ ++static const void *body(apr_md5_ctx_t *context, const void *data, apr_size_t size); ++ ++#if APR_CHARSET_EBCDIC ++static apr_xlate_t *xlate_ebcdic_to_ascii; /* used in apr_md5_encode() */ ++#endif ++ ++/* ++ * The basic MD5 functions. ++ * ++ * F is optimized compared to its RFC 1321 definition just like in Colin ++ * Plumb's implementation. ++ */ ++#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) ++#define G(x, y, z) ((y) ^ ((z) & ((x) ^ (y)))) ++#define H(x, y, z) ((x) ^ (y) ^ (z)) ++#define I(x, y, z) ((y) ^ ((x) | ~(z))) ++ ++/* ++ * The MD5 transformation for all four rounds. ++ */ ++#define STEP(f, a, b, c, d, x, t, s) \ ++ (a) += f((b), (c), (d)) + (x) + (t); \ ++ (a) = (((a) << (s)) | (((a) & 0xffffffff) >> (32 - (s)))); \ ++ (a) += (b); ++ ++/* ++ * SET reads 4 input bytes in little-endian byte order and stores them ++ * in a properly aligned word in host byte order. ++ * ++ * The check for little-endian architectures which tolerate unaligned ++ * memory accesses is just an optimization. Nothing will break if it ++ * doesn't work. ++ */ ++#if defined(__i386__) || defined(__x86_64__) || defined(__vax__) ++#define SET(n) \ ++ (*(const apr_uint32_t *)&convptr[(n) * 4]) ++#define GET(n) \ ++ SET(n) ++#else ++#define SET(n) \ ++ (block[(n)] = \ ++ (apr_uint32_t)convptr[(n) * 4] | \ ++ ((apr_uint32_t)convptr[(n) * 4 + 1] << 8) | \ ++ ((apr_uint32_t)convptr[(n) * 4 + 2] << 16) | \ ++ ((apr_uint32_t)convptr[(n) * 4 + 3] << 24)) ++#define GET(n) \ ++ (block[(n)]) ++#endif ++ ++/* MD5 initialization. Begins an MD5 operation, writing a new context. ++ */ ++APU_DECLARE(apr_status_t) apr_md5_init(apr_md5_ctx_t *context) ++{ ++ context->count[0] = context->count[1] = 0; ++ ++ /* Load magic initialization constants. */ ++ context->state[0] = 0x67452301; ++ context->state[1] = 0xefcdab89; ++ context->state[2] = 0x98badcfe; ++ context->state[3] = 0x10325476; ++ context->xlate = NULL; ++ ++ return APR_SUCCESS; ++} ++ ++/* MD5 translation setup. Provides the APR translation handle ++ * to be used for translating the content before calculating the ++ * digest. ++ */ ++APU_DECLARE(apr_status_t) apr_md5_set_xlate(apr_md5_ctx_t *context, ++ apr_xlate_t *xlate) ++{ ++#if APR_HAS_XLATE ++ apr_status_t rv; ++ int is_sb; ++ ++ /* TODO: remove the single-byte-only restriction from this code ++ */ ++ rv = apr_xlate_sb_get(xlate, &is_sb); ++ if (rv != APR_SUCCESS) { ++ return rv; ++ } ++ if (!is_sb) { ++ return APR_EINVAL; ++ } ++ context->xlate = xlate; ++ return APR_SUCCESS; ++#else ++ return APR_ENOTIMPL; ++#endif /* APR_HAS_XLATE */ ++} ++ ++/* MD5 block update operation. Continues an MD5 message-digest ++ * operation, processing another message block, and updating the ++ * context. ++ */ ++APU_DECLARE(apr_status_t) apr_md5_update(apr_md5_ctx_t *context, ++ const void *_input, ++ apr_size_t inputLen) ++{ ++ apr_uint32_t saved_lo; ++ unsigned long used, free; ++#if APR_HAS_XLATE ++/* apr_size_t inbytes_left, outbytes_left;*/ ++#endif ++ ++ /* Update number of bits */ ++ saved_lo = context->count[0]; ++ if ((context->count[0] = (saved_lo + inputLen) & 0x1fffffff) < saved_lo) ++ context->count[1]++; ++ context->count[1] += (apr_uint32_t)inputLen >> 29; ++ ++ /* Compute number of bytes mod 64 */ ++ used = saved_lo & 0x3f; ++ ++ /* Transform as many times as possible. */ ++ if (used) { ++ free = 64 - used; ++ ++ if (inputLen < free) { ++ memcpy(&context->buffer[used], _input, inputLen); ++ return APR_SUCCESS; ++ } ++ ++ memcpy(&context->buffer[used], _input, free); ++ _input = (const unsigned char *) _input + free; ++ inputLen -= free; ++ body(context, context->buffer, 64); ++ } ++ ++ if (inputLen >= 64) { ++ _input = body(context, _input, inputLen & ~(unsigned long)0x3f); ++ inputLen &= 0x3f; ++ } ++ ++ /* Buffer remaining input */ ++ memcpy(context->buffer, _input, inputLen); ++ return APR_SUCCESS; ++} ++ ++/* MD5 finalization. Ends an MD5 message-digest operation, writing the ++ * the message digest and zeroizing the context. ++ */ ++APU_DECLARE(apr_status_t) apr_md5_final(unsigned char digest[APR_MD5_DIGESTSIZE], ++ apr_md5_ctx_t *context) ++{ ++ unsigned long used, free; ++ ++ used = context->count[0] & 0x3f; ++ ++ context->buffer[used++] = 0x80; ++ ++ free = 64 - used; ++ ++#if APR_HAS_XLATE ++ /* apr_md5_update() should not translate for this final round. */ ++ context->xlate = NULL; ++#endif /*APR_HAS_XLATE*/ ++ ++ if (free < 8) { ++ memset(&context->buffer[used], 0, free); ++ body(context, context->buffer, 64); ++ used = 0; ++ free = 64; ++ } ++ ++ memset(&context->buffer[used], 0, free - 8); ++ ++ context->count[0] <<= 3; ++ context->buffer[56] = context->count[0]; ++ context->buffer[57] = context->count[0] >> 8; ++ context->buffer[58] = context->count[0] >> 16; ++ context->buffer[59] = context->count[0] >> 24; ++ context->buffer[60] = context->count[1]; ++ context->buffer[61] = context->count[1] >> 8; ++ context->buffer[62] = context->count[1] >> 16; ++ context->buffer[63] = context->count[1] >> 24; ++ ++ body(context, context->buffer, 64); ++ ++ digest[0] = context->state[0]; ++ digest[1] = context->state[0] >> 8; ++ digest[2] = context->state[0] >> 16; ++ digest[3] = context->state[0] >> 24; ++ digest[4] = context->state[1]; ++ digest[5] = context->state[1] >> 8; ++ digest[6] = context->state[1] >> 16; ++ digest[7] = context->state[1] >> 24; ++ digest[8] = context->state[2]; ++ digest[9] = context->state[2] >> 8; ++ digest[10] = context->state[2] >> 16; ++ digest[11] = context->state[2] >> 24; ++ digest[12] = context->state[3]; ++ digest[13] = context->state[3] >> 8; ++ digest[14] = context->state[3] >> 16; ++ digest[15] = context->state[3] >> 24; ++ ++ /* Zeroize sensitive information. */ ++ memset(context, 0, sizeof(*context)); ++ ++ return APR_SUCCESS; ++} ++ ++/* MD5 in one step (init, update, final) ++ */ ++APU_DECLARE(apr_status_t) apr_md5(unsigned char digest[APR_MD5_DIGESTSIZE], ++ const void *_input, ++ apr_size_t inputLen) ++{ ++ const unsigned char *input = _input; ++ apr_md5_ctx_t ctx; ++ apr_status_t rv; ++ ++ apr_md5_init(&ctx); ++ ++ if ((rv = apr_md5_update(&ctx, input, inputLen)) != APR_SUCCESS) ++ return rv; ++ ++ return apr_md5_final(digest, &ctx); ++} ++ ++/* ++ * This processes one or more 64-byte data blocks, but does NOT update ++ * the bit counters. There're no alignment requirements. ++ */ ++static const void *body(apr_md5_ctx_t *context, const void *data, apr_size_t size) ++{ ++ const unsigned char *ptr, *convptr; ++ uint_fast32_t a, b, c, d; ++ uint_fast32_t saved_a, saved_b, saved_c, saved_d; ++ apr_uint32_t block[16]; ++ ++#ifdef APR_HAS_XLATE ++ apr_size_t inbytes_left, outbytes_left; ++#endif ++ ++ ptr = data; ++ ++ a = context->state[0]; ++ b = context->state[1]; ++ c = context->state[2]; ++ d = context->state[3]; ++ ++ do { ++ saved_a = a; ++ saved_b = b; ++ saved_c = c; ++ saved_d = d; ++ ++ convptr = ptr; ++#ifdef APR_HAS_XLATE ++ if (context->xlate) { ++ inbytes_left = outbytes_left = 64; ++ unsigned char inp_tmp[64]; ++ apr_xlate_conv_buffer(context->xlate, ptr, &inbytes_left, ++ inp_tmp, &outbytes_left); ++ convptr = inp_tmp; ++ } ++#endif ++ ++ ++/* Round 1 */ ++ STEP(F, a, b, c, d, SET(0), 0xd76aa478, 7) ++ STEP(F, d, a, b, c, SET(1), 0xe8c7b756, 12) ++ STEP(F, c, d, a, b, SET(2), 0x242070db, 17) ++ STEP(F, b, c, d, a, SET(3), 0xc1bdceee, 22) ++ STEP(F, a, b, c, d, SET(4), 0xf57c0faf, 7) ++ STEP(F, d, a, b, c, SET(5), 0x4787c62a, 12) ++ STEP(F, c, d, a, b, SET(6), 0xa8304613, 17) ++ STEP(F, b, c, d, a, SET(7), 0xfd469501, 22) ++ STEP(F, a, b, c, d, SET(8), 0x698098d8, 7) ++ STEP(F, d, a, b, c, SET(9), 0x8b44f7af, 12) ++ STEP(F, c, d, a, b, SET(10), 0xffff5bb1, 17) ++ STEP(F, b, c, d, a, SET(11), 0x895cd7be, 22) ++ STEP(F, a, b, c, d, SET(12), 0x6b901122, 7) ++ STEP(F, d, a, b, c, SET(13), 0xfd987193, 12) ++ STEP(F, c, d, a, b, SET(14), 0xa679438e, 17) ++ STEP(F, b, c, d, a, SET(15), 0x49b40821, 22) ++ ++/* Round 2 */ ++ STEP(G, a, b, c, d, GET(1), 0xf61e2562, 5) ++ STEP(G, d, a, b, c, GET(6), 0xc040b340, 9) ++ STEP(G, c, d, a, b, GET(11), 0x265e5a51, 14) ++ STEP(G, b, c, d, a, GET(0), 0xe9b6c7aa, 20) ++ STEP(G, a, b, c, d, GET(5), 0xd62f105d, 5) ++ STEP(G, d, a, b, c, GET(10), 0x02441453, 9) ++ STEP(G, c, d, a, b, GET(15), 0xd8a1e681, 14) ++ STEP(G, b, c, d, a, GET(4), 0xe7d3fbc8, 20) ++ STEP(G, a, b, c, d, GET(9), 0x21e1cde6, 5) ++ STEP(G, d, a, b, c, GET(14), 0xc33707d6, 9) ++ STEP(G, c, d, a, b, GET(3), 0xf4d50d87, 14) ++ STEP(G, b, c, d, a, GET(8), 0x455a14ed, 20) ++ STEP(G, a, b, c, d, GET(13), 0xa9e3e905, 5) ++ STEP(G, d, a, b, c, GET(2), 0xfcefa3f8, 9) ++ STEP(G, c, d, a, b, GET(7), 0x676f02d9, 14) ++ STEP(G, b, c, d, a, GET(12), 0x8d2a4c8a, 20) ++ ++/* Round 3 */ ++ STEP(H, a, b, c, d, GET(5), 0xfffa3942, 4) ++ STEP(H, d, a, b, c, GET(8), 0x8771f681, 11) ++ STEP(H, c, d, a, b, GET(11), 0x6d9d6122, 16) ++ STEP(H, b, c, d, a, GET(14), 0xfde5380c, 23) ++ STEP(H, a, b, c, d, GET(1), 0xa4beea44, 4) ++ STEP(H, d, a, b, c, GET(4), 0x4bdecfa9, 11) ++ STEP(H, c, d, a, b, GET(7), 0xf6bb4b60, 16) ++ STEP(H, b, c, d, a, GET(10), 0xbebfbc70, 23) ++ STEP(H, a, b, c, d, GET(13), 0x289b7ec6, 4) ++ STEP(H, d, a, b, c, GET(0), 0xeaa127fa, 11) ++ STEP(H, c, d, a, b, GET(3), 0xd4ef3085, 16) ++ STEP(H, b, c, d, a, GET(6), 0x04881d05, 23) ++ STEP(H, a, b, c, d, GET(9), 0xd9d4d039, 4) ++ STEP(H, d, a, b, c, GET(12), 0xe6db99e5, 11) ++ STEP(H, c, d, a, b, GET(15), 0x1fa27cf8, 16) ++ STEP(H, b, c, d, a, GET(2), 0xc4ac5665, 23) ++ ++/* Round 4 */ ++ STEP(I, a, b, c, d, GET(0), 0xf4292244, 6) ++ STEP(I, d, a, b, c, GET(7), 0x432aff97, 10) ++ STEP(I, c, d, a, b, GET(14), 0xab9423a7, 15) ++ STEP(I, b, c, d, a, GET(5), 0xfc93a039, 21) ++ STEP(I, a, b, c, d, GET(12), 0x655b59c3, 6) ++ STEP(I, d, a, b, c, GET(3), 0x8f0ccc92, 10) ++ STEP(I, c, d, a, b, GET(10), 0xffeff47d, 15) ++ STEP(I, b, c, d, a, GET(1), 0x85845dd1, 21) ++ STEP(I, a, b, c, d, GET(8), 0x6fa87e4f, 6) ++ STEP(I, d, a, b, c, GET(15), 0xfe2ce6e0, 10) ++ STEP(I, c, d, a, b, GET(6), 0xa3014314, 15) ++ STEP(I, b, c, d, a, GET(13), 0x4e0811a1, 21) ++ STEP(I, a, b, c, d, GET(4), 0xf7537e82, 6) ++ STEP(I, d, a, b, c, GET(11), 0xbd3af235, 10) ++ STEP(I, c, d, a, b, GET(2), 0x2ad7d2bb, 15) ++ STEP(I, b, c, d, a, GET(9), 0xeb86d391, 21) ++ ++ a += saved_a; ++ b += saved_b; ++ c += saved_c; ++ d += saved_d; ++ ++ ptr += 64; ++ } while (size -= 64); ++ ++ context->state[0] = a; ++ context->state[1] = b; ++ context->state[2] = c; ++ context->state[3] = d; ++ ++ return ptr; ++} ++ ++#if APR_CHARSET_EBCDIC ++APU_DECLARE(apr_status_t) apr_MD5InitEBCDIC(apr_xlate_t *xlate) ++{ ++ xlate_ebcdic_to_ascii = xlate; ++ return APR_SUCCESS; ++} ++#endif ++ ++/* ++ * Define the Magic String prefix that identifies a password as being ++ * hashed using our algorithm. ++ */ ++static const char *apr1_id = "$apr1$"; ++ ++/* ++ * The following MD5 password encryption code was largely borrowed from ++ * the FreeBSD 3.0 /usr/src/lib/libcrypt/crypt.c file, which is ++ * licenced as stated at the top of this file. ++ */ ++ ++static void to64(char *s, unsigned long v, int n) ++{ ++ static unsigned char itoa64[] = /* 0 ... 63 => ASCII - 64 */ ++ "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; ++ ++ while (--n >= 0) { ++ *s++ = itoa64[v&0x3f]; ++ v >>= 6; ++ } ++} ++ ++APU_DECLARE(apr_status_t) apr_md5_encode(const char *pw, const char *salt, ++ char *result, apr_size_t nbytes) ++{ ++ /* ++ * Minimum size is 8 bytes for salt, plus 1 for the trailing NUL, ++ * plus 4 for the '$' separators, plus the password hash itself. ++ * Let's leave a goodly amount of leeway. ++ */ ++ ++ char passwd[120], *p; ++ const char *sp, *ep; ++ unsigned char final[APR_MD5_DIGESTSIZE]; ++ apr_ssize_t sl, pl, i; ++ apr_md5_ctx_t ctx, ctx1; ++ unsigned long l; ++ ++ /* ++ * Refine the salt first. It's possible we were given an already-hashed ++ * string as the salt argument, so extract the actual salt value from it ++ * if so. Otherwise just use the string up to the first '$' as the salt. ++ */ ++ sp = salt; ++ ++ /* ++ * If it starts with the magic string, then skip that. ++ */ ++ if (!strncmp(sp, apr1_id, strlen(apr1_id))) { ++ sp += strlen(apr1_id); ++ } ++ ++ /* ++ * It stops at the first '$' or 8 chars, whichever comes first ++ */ ++ for (ep = sp; (*ep != '\0') && (*ep != '$') && (ep < (sp + 8)); ep++) { ++ continue; ++ } ++ ++ /* ++ * Get the length of the true salt ++ */ ++ sl = ep - sp; ++ ++ /* ++ * 'Time to make the doughnuts..' ++ */ ++ apr_md5_init(&ctx); ++#if APR_CHARSET_EBCDIC ++ apr_md5_set_xlate(&ctx, xlate_ebcdic_to_ascii); ++#endif ++ ++ /* ++ * The password first, since that is what is most unknown ++ */ ++ apr_md5_update(&ctx, pw, strlen(pw)); ++ ++ /* ++ * Then our magic string ++ */ ++ apr_md5_update(&ctx, apr1_id, strlen(apr1_id)); ++ ++ /* ++ * Then the raw salt ++ */ ++ apr_md5_update(&ctx, sp, sl); ++ ++ /* ++ * Then just as many characters of the MD5(pw, salt, pw) ++ */ ++ apr_md5_init(&ctx1); ++ apr_md5_update(&ctx1, pw, strlen(pw)); ++ apr_md5_update(&ctx1, sp, sl); ++ apr_md5_update(&ctx1, pw, strlen(pw)); ++ apr_md5_final(final, &ctx1); ++ for (pl = strlen(pw); pl > 0; pl -= APR_MD5_DIGESTSIZE) { ++ apr_md5_update(&ctx, final, ++ (pl > APR_MD5_DIGESTSIZE) ? APR_MD5_DIGESTSIZE : pl); ++ } ++ ++ /* ++ * Don't leave anything around in vm they could use. ++ */ ++ memset(final, 0, sizeof(final)); ++ ++ /* ++ * Then something really weird... ++ */ ++ for (i = strlen(pw); i != 0; i >>= 1) { ++ if (i & 1) { ++ apr_md5_update(&ctx, final, 1); ++ } ++ else { ++ apr_md5_update(&ctx, pw, 1); ++ } ++ } ++ ++ /* ++ * Now make the output string. We know our limitations, so we ++ * can use the string routines without bounds checking. ++ */ ++ strcpy(passwd, apr1_id); ++ strncat(passwd, sp, sl); ++ strcat(passwd, "$"); ++ ++ apr_md5_final(final, &ctx); ++ ++ /* ++ * And now, just to make sure things don't run too fast.. ++ * On a 60 Mhz Pentium this takes 34 msec, so you would ++ * need 30 seconds to build a 1000 entry dictionary... ++ */ ++ for (i = 0; i < 1000; i++) { ++ apr_md5_init(&ctx1); ++ if (i & 1) { ++ apr_md5_update(&ctx1, pw, strlen(pw)); ++ } ++ else { ++ apr_md5_update(&ctx1, final, APR_MD5_DIGESTSIZE); ++ } ++ if (i % 3) { ++ apr_md5_update(&ctx1, sp, sl); ++ } ++ ++ if (i % 7) { ++ apr_md5_update(&ctx1, pw, strlen(pw)); ++ } ++ ++ if (i & 1) { ++ apr_md5_update(&ctx1, final, APR_MD5_DIGESTSIZE); ++ } ++ else { ++ apr_md5_update(&ctx1, pw, strlen(pw)); ++ } ++ apr_md5_final(final,&ctx1); ++ } ++ ++ p = passwd + strlen(passwd); ++ ++ l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; to64(p, l, 4); p += 4; ++ l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; to64(p, l, 4); p += 4; ++ l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; to64(p, l, 4); p += 4; ++ l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; to64(p, l, 4); p += 4; ++ l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; to64(p, l, 4); p += 4; ++ l = final[11] ; to64(p, l, 2); p += 2; ++ *p = '\0'; ++ ++ /* ++ * Don't leave anything around in vm they could use. ++ */ ++ memset(final, 0, sizeof(final)); ++ ++ apr_cpystrn(result, passwd, nbytes - 1); ++ return APR_SUCCESS; ++} ++ ++#if !defined(WIN32) && !defined(BEOS) && !defined(NETWARE) ++#if defined(APU_CRYPT_THREADSAFE) || !APR_HAS_THREADS || \ ++ defined(CRYPT_R_CRYPTD) || defined(CRYPT_R_STRUCT_CRYPT_DATA) ++ ++#define crypt_mutex_lock() ++#define crypt_mutex_unlock() ++ ++#elif APR_HAVE_PTHREAD_H && defined(PTHREAD_MUTEX_INITIALIZER) ++ ++static pthread_mutex_t crypt_mutex = PTHREAD_MUTEX_INITIALIZER; ++static void crypt_mutex_lock(void) ++{ ++ pthread_mutex_lock(&crypt_mutex); ++} ++ ++static void crypt_mutex_unlock(void) ++{ ++ pthread_mutex_unlock(&crypt_mutex); ++} ++ ++#else ++ ++#error apr_password_validate() is not threadsafe. rebuild APR without thread support. ++ ++#endif ++#endif ++ ++/* ++ * Validate a plaintext password against a smashed one. Uses either ++ * crypt() (if available) or apr_md5_encode() or apr_sha1_base64(), depending ++ * upon the format of the smashed input password. Returns APR_SUCCESS if ++ * they match, or APR_EMISMATCH if they don't. If the platform doesn't ++ * support crypt, then the default check is against a clear text string. ++ */ ++APU_DECLARE(apr_status_t) apr_password_validate(const char *passwd, ++ const char *hash) ++{ ++ char sample[120]; ++#if !defined(WIN32) && !defined(BEOS) && !defined(NETWARE) ++ char *crypt_pw; ++#endif ++ if (!strncmp(hash, apr1_id, strlen(apr1_id))) { ++ /* ++ * The hash was created using our custom algorithm. ++ */ ++ apr_md5_encode(passwd, hash, sample, sizeof(sample)); ++ } ++ else if (!strncmp(hash, APR_SHA1PW_ID, APR_SHA1PW_IDLEN)) { ++ apr_sha1_base64(passwd, strlen(passwd), sample); ++ } ++ else { ++ /* ++ * It's not our algorithm, so feed it to crypt() if possible. ++ */ ++#if defined(WIN32) || defined(BEOS) || defined(NETWARE) ++ apr_cpystrn(sample, passwd, sizeof(sample) - 1); ++#elif defined(CRYPT_R_CRYPTD) ++ CRYPTD buffer; ++ ++ crypt_pw = crypt_r(passwd, hash, &buffer); ++ apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1); ++#elif defined(CRYPT_R_STRUCT_CRYPT_DATA) ++ struct crypt_data buffer; ++ ++ /* having to clear this seems bogus... GNU doc is ++ * confusing... user report found from google says ++ * the crypt_data struct had to be cleared to get ++ * the same result as plain crypt() ++ */ ++ memset(&buffer, 0, sizeof(buffer)); ++ crypt_pw = crypt_r(passwd, hash, &buffer); ++ apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1); ++#else ++ /* Do a bit of sanity checking since we know that crypt_r() ++ * should always be used for threaded builds on AIX, and ++ * problems in configure logic can result in the wrong ++ * choice being made. ++ */ ++#if defined(_AIX) && APR_HAS_THREADS ++#error Configuration error! crypt_r() should have been selected! ++#endif ++ ++ /* Handle thread safety issues by holding a mutex around the ++ * call to crypt(). ++ */ ++ crypt_mutex_lock(); ++ crypt_pw = crypt(passwd, hash); ++ apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1); ++ crypt_mutex_unlock(); ++#endif ++ } ++ return (strcmp(sample, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH; ++} +diff -urNad apr-util-1.2.7~/include/apr_md4.h apr-util-1.2.7/include/apr_md4.h +--- apr-util-1.2.7~/include/apr_md4.h 1970-01-01 01:00:00.000000000 +0100 ++++ apr-util-1.2.7/include/apr_md4.h 2006-08-18 14:22:04.000000000 +0200 +@@ -0,0 +1,135 @@ ++/* Copyright 2001-2005 The Apache Software Foundation or its licensors, as ++ * applicable. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++/* This is derived from material copyright RSA Data Security, Inc. ++ * Their notice is reproduced below in its entirety. ++ * ++ * Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All ++ * rights reserved. ++ * ++ * License to copy and use this software is granted provided that it ++ * is identified as the "RSA Data Security, Inc. MD4 Message-Digest ++ * Algorithm" in all material mentioning or referencing this software ++ * or this function. ++ * ++ * License is also granted to make and use derivative works provided ++ * that such works are identified as "derived from the RSA Data ++ * Security, Inc. MD4 Message-Digest Algorithm" in all material ++ * mentioning or referencing the derived work. ++ * ++ * RSA Data Security, Inc. makes no representations concerning either ++ * the merchantability of this software or the suitability of this ++ * software for any particular purpose. It is provided "as is" ++ * without express or implied warranty of any kind. ++ * ++ * These notices must be retained in any copies of any part of this ++ * documentation and/or software. ++ */ ++ ++#ifndef APR_MD4_H ++#define APR_MD4_H ++ ++#include "apu.h" ++#include "apr_xlate.h" ++/** ++ * @file apr_md4.h ++ * @brief APR-UTIL MD4 Library ++ */ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++/** ++ * @defgroup APR_Util_MD4 MD4 Library ++ * @ingroup APR_Util ++ * @{ ++ */ ++ ++/** The digestsize for MD4 */ ++#define APR_MD4_DIGESTSIZE 16 ++ ++/** @see apr_md4_ctx_t */ ++typedef struct apr_md4_ctx_t apr_md4_ctx_t; ++ ++/** MD4 context. */ ++struct apr_md4_ctx_t { ++ /** state (ABCD) */ ++ apr_uint32_t state[4]; ++ /** number of bits, modulo 2^64 (lsb first) */ ++ apr_uint32_t count[2]; ++ /** input buffer */ ++ unsigned char buffer[64]; ++#if APR_HAS_XLATE ++ /** translation handle */ ++ apr_xlate_t *xlate; ++#endif ++}; ++ ++/** ++ * MD4 Initialize. Begins an MD4 operation, writing a new context. ++ * @param context The MD4 context to initialize. ++ */ ++APU_DECLARE(apr_status_t) apr_md4_init(apr_md4_ctx_t *context); ++ ++#if APR_HAS_XLATE ++/** ++ * MDr4 translation setup. Provides the APR translation handle to be used ++ * for translating the content before calculating the digest. ++ * @param context The MD4 content to set the translation for. ++ * @param xlate The translation handle to use for this MD4 context ++ */ ++APU_DECLARE(apr_status_t) apr_md4_set_xlate(apr_md4_ctx_t *context, ++ apr_xlate_t *xlate); ++#else ++#define apr_md4_set_xlate(context, xlate) APR_ENOTIMPL ++#endif ++ ++/** ++ * MD4 block update operation. Continue an MD4 message-digest operation, ++ * processing another message block, and updating the context. ++ * @param context The MD4 content to update. ++ * @param input next message block to update ++ * @param inputLen The length of the next message block ++ */ ++APU_DECLARE(apr_status_t) apr_md4_update(apr_md4_ctx_t *context, ++ const unsigned char *input, ++ apr_size_t inputLen); ++ ++/** ++ * MD4 finalization. Ends an MD4 message-digest operation, writing the ++ * message digest and zeroing the context ++ * @param digest The final MD4 digest ++ * @param context The MD4 content we are finalizing. ++ */ ++APU_DECLARE(apr_status_t) apr_md4_final( ++ unsigned char digest[APR_MD4_DIGESTSIZE], ++ apr_md4_ctx_t *context); ++ ++/** ++ * MD4 digest computation ++ * @param digest The MD4 digest ++ * @param input message block to use ++ * @param inputLen The length of the message block ++ */ ++APU_DECLARE(apr_status_t) apr_md4(unsigned char digest[APR_MD4_DIGESTSIZE], ++ const unsigned char *input, ++ apr_size_t inputLen); ++ ++/** @} */ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* !APR_MD4_H */ +diff -urNad apr-util-1.2.7~/include/apr_md5.h apr-util-1.2.7/include/apr_md5.h +--- apr-util-1.2.7~/include/apr_md5.h 1970-01-01 01:00:00.000000000 +0100 ++++ apr-util-1.2.7/include/apr_md5.h 2006-08-18 14:22:04.000000000 +0200 +@@ -0,0 +1,144 @@ ++/* ++ * Adopted for apr-util by Tollef Fog Heen ++ */ ++ ++/* ++ * This is an OpenSSL-compatible implementation of the RSA Data Security, ++ * Inc. MD5 Message-Digest Algorithm. ++ * ++ * Written by Solar Designer in 2001, and placed in ++ * the public domain. See md5.c for more information. ++ */ ++ ++/* Copyright 2000-2005 The Apache Software Foundation or its licensors, as ++ * applicable. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef APR_MD5_H ++#define APR_MD5_H ++ ++#include "apu.h" ++#include "apr_xlate.h" ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++/** ++ * @file apr_md5.h ++ * @brief APR MD5 Routines ++ */ ++ ++/** ++ * @defgroup APR_MD5 MD5 Routines ++ * @ingroup APR ++ * @{ ++ */ ++ ++/** The MD5 digest size */ ++#define APR_MD5_DIGESTSIZE 16 ++ ++/** @see apr_md5_ctx_t */ ++typedef struct apr_md5_ctx_t apr_md5_ctx_t; ++ ++/** MD5 context. */ ++struct apr_md5_ctx_t { ++ /** state (ABCD) */ ++ apr_uint32_t state[4]; ++ /** number of bits, modulo 2^64 (lsb first) */ ++ apr_uint32_t count[2]; ++ /** input buffer */ ++ unsigned char buffer[64]; ++ /** translation handle ++ * ignored if xlate is unsupported ++ */ ++ apr_xlate_t *xlate; ++}; ++ ++/** ++ * MD5 Initialize. Begins an MD5 operation, writing a new context. ++ * @param context The MD5 context to initialize. ++ */ ++APU_DECLARE(apr_status_t) apr_md5_init(apr_md5_ctx_t *context); ++ ++/** ++ * MD5 translation setup. Provides the APR translation handle to be used ++ * for translating the content before calculating the digest. ++ * @param context The MD5 content to set the translation for. ++ * @param xlate The translation handle to use for this MD5 context ++ */ ++APU_DECLARE(apr_status_t) apr_md5_set_xlate(apr_md5_ctx_t *context, ++ apr_xlate_t *xlate); ++ ++/** ++ * MD5 block update operation. Continue an MD5 message-digest operation, ++ * processing another message block, and updating the context. ++ * @param context The MD5 content to update. ++ * @param input next message block to update ++ * @param inputLen The length of the next message block ++ */ ++APU_DECLARE(apr_status_t) apr_md5_update(apr_md5_ctx_t *context, ++ const void *input, ++ apr_size_t inputLen); ++ ++/** ++ * MD5 finalization. Ends an MD5 message-digest operation, writing the ++ * message digest and zeroing the context ++ * @param digest The final MD5 digest ++ * @param context The MD5 content we are finalizing. ++ */ ++APU_DECLARE(apr_status_t) apr_md5_final(unsigned char digest[APR_MD5_DIGESTSIZE], ++ apr_md5_ctx_t *context); ++ ++/** ++ * MD5 in one step ++ * @param digest The final MD5 digest ++ * @param input The message block to use ++ * @param inputLen The length of the message block ++ */ ++APU_DECLARE(apr_status_t) apr_md5(unsigned char digest[APR_MD5_DIGESTSIZE], ++ const void *input, ++ apr_size_t inputLen); ++ ++/** ++ * Encode a password using an MD5 algorithm ++ * @param password The password to encode ++ * @param salt The salt to use for the encoding ++ * @param result The string to store the encoded password in ++ * @param nbytes The size of the result buffer ++ */ ++APU_DECLARE(apr_status_t) apr_md5_encode(const char *password, const char *salt, ++ char *result, apr_size_t nbytes); ++ ++ ++/** ++ * Validate hashes created by APR-supported algorithms: md5 and sha1. ++ * hashes created by crypt are supported only on platforms that provide ++ * crypt(3), so don't rely on that function unless you know that your ++ * application will be run only on platforms that support it. On platforms ++ * that don't support crypt(3), this falls back to a clear text string ++ * comparison. ++ * @param passwd The password to validate ++ * @param hash The password to validate against ++ */ ++APU_DECLARE(apr_status_t) apr_password_validate(const char *passwd, ++ const char *hash); ++ ++ ++/** @} */ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* !APR_MD5_H */ --- apr-util-1.3.12+dfsg.orig/debian/patches/00list +++ apr-util-1.3.12+dfsg/debian/patches/00list @@ -0,0 +1,12 @@ +001_dbm_read_hash_or_btree +002_configure_in_remove_syspaths +003_buildconf_config.guess_sub_location +004_debian_layout_fix +010_dont_use_all_pg_build_deps +011_avoid_ldap_by_defaut.dpatch +013_ship_find_apu.m4 +014_apu_config_dont_list_indep_libs +015_disable_expat_buildconf.dpatch +016_avoid_db_by-default.dpatch +017_thread_pool_fix.dpatch +099_alternate_md4_md5_impl --- apr-util-1.3.12+dfsg.orig/debian/patches/017_thread_pool_fix.dpatch +++ apr-util-1.3.12+dfsg/debian/patches/017_thread_pool_fix.dpatch @@ -0,0 +1,34 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 017_thread_pool_fix.dpatch by Stefan Fritsch +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Fix unsafe pool usage + +@DPATCH@ +diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' trunk~/misc/apr_thread_pool.c trunk/misc/apr_thread_pool.c +--- trunk~/misc/apr_thread_pool.c 2010-12-09 15:34:41.000000000 +0100 ++++ trunk/misc/apr_thread_pool.c 2011-05-22 20:33:06.599996851 +0200 +@@ -353,13 +353,18 @@ + *me = NULL; + tp = apr_pcalloc(pool, sizeof(apr_thread_pool_t)); + +- tp->pool = pool; +- ++ /* ++ * This pool will be used by different threads. As we cannot ensure that ++ * our caller won't use the pool without acquiring the mutex, we must ++ * create a new sub pool. ++ */ ++ rv = apr_pool_create(&tp->pool, pool); ++ if (APR_SUCCESS != rv) ++ return rv; + rv = thread_pool_construct(tp, init_threads, max_threads); +- if (APR_SUCCESS != rv) { ++ if (APR_SUCCESS != rv) + return rv; +- } +- apr_pool_cleanup_register(pool, tp, thread_pool_cleanup, ++ apr_pool_cleanup_register(tp->pool, tp, thread_pool_cleanup, + apr_pool_cleanup_null); + + while (init_threads) {