--- apr-util-1.2.12+dfsg.orig/debian/control +++ apr-util-1.2.12+dfsg/debian/control @@ -0,0 +1,53 @@ +Source: apr-util +Section: libs +Priority: optional +Maintainer: Debian Apache Maintainers +Uploaders: Tollef Fog Heen , Stefan Fritsch +Build-Depends: debhelper (>> 5.0.0), autoconf, autotools-dev, mawk, libldap2-dev, libexpat1-dev, libdb4.6-dev, libpcre3-dev, dpatch (>= 1.11), binutils (>= 2.14.90.0.7), libapr1-dev (>= 1.2.7-3), libsqlite3-dev, libpq-dev, python, libmysqlclient15-dev +Standards-Version: 3.7.3.0 +XS-Vcs-Browser: http://svn.debian.org/wsvn/pkg-apache/trunk/apr-util +XS-Vcs-svn: svn://svn.debian.org/pkg-apache/trunk/apr-util +Homepage: http://apr.apache.org/ + +Package: libaprutil1 +Architecture: any +Depends: ${shlibs:Depends} +Conflicts: libaprutil1.0, apache2.2-common (<< 2.2.8-1~), php5-mysql (<< 5.2.6-1~), php4-mysql (<< 6:4.4.4-10) +Description: The Apache Portable Runtime Utility Library + APR is Apache's Portable Runtime Library, designed to be a support library + that provides a predictable and consistent interface to underlying + platform-specific implementations. + . + APR Util is a utilities library implemented on top of apr, providing database + access, xml parsing, and other useful functionality. + +Package: libaprutil1-dev +Architecture: any +Section: libdevel +Depends: libaprutil1 (= ${binary:Version}), libldap2-dev, libexpat1-dev, libdb4.6-dev, libpcre3-dev, libapr1-dev (>= 1.2.2-1), libsqlite3-dev, libpq-dev, libmysqlclient15-dev +Conflicts: libaprutil1.0-dev +Description: The Apache Portable Runtime Utility Library - Development Headers + APR is Apache's Portable Runtime Library, designed to be a support library + that provides a predictable and consistent interface to underlying + platform-specific implementations. + . + APR Util is a utilities library implemented on top of apr, providing database + access, xml parsing, and other useful functionality. + . + This package contains development headers for APR util. + +Package: libaprutil1-dbg +Priority: extra +Architecture: any +Section: libdevel +Depends: libaprutil1 (= ${binary:Version}) +Conflicts: libaprutil1.0-dev +Description: The Apache Portable Runtime Utility Library - Development Headers + APR is Apache's Portable Runtime Library, designed to be a support library + that provides a predictable and consistent interface to underlying + platform-specific implementations. + . + APR Util is a utilities library implemented on top of apr, providing database + access, xml parsing, and other useful functionality. + . + This package contains the debugging symbols for APR util. --- apr-util-1.2.12+dfsg.orig/debian/libaprutil1.install +++ apr-util-1.2.12+dfsg/debian/libaprutil1.install @@ -0,0 +1,2 @@ +debian/tmp/usr/lib/libaprutil-1.so.* usr/lib/ + --- apr-util-1.2.12+dfsg.orig/debian/rules +++ apr-util-1.2.12+dfsg/debian/rules @@ -0,0 +1,116 @@ +#!/usr/bin/make -f + +# Turn on VERBOSE output +#export DH_VERBOSE=1 +export DH_OPTIONS + +#enable dpatch +include /usr/share/dpatch/dpatch.make + +# These are used for cross-compiling and for saving the configure script +# # from having to guess our platform (since we know it already) +DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) +DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) + +# get cflags frpm apr-config but remove -O2 +CFLAGS := $(CFLAGS) $(shell apr-1-config --cflags |perl -p -e 's!-O.( |$$)!!') +LDFLAGS := $(LDFLAGS) $(shell apr-1-config --ldflags) + +# hardening options +H_CFLAGS := -Wformat -Wformat-security -D_FORTIFY_SOURCE=2 +H_LDFLAGS := -Wl,-z,relro +# do not enable -fstack-protector on arm and armel, see #477772, #469517 +ifeq (,$(findstring arm,$(DEB_HOST_GNU_TYPE))) + H_CFLAGS += -fstack-protector +endif + +# Enable debug builds +ifneq (,$(findstring debug,$(DEB_BUILD_OPTIONS))) +CFLAGS += -O0 +else +CFLAGS += -O2 +endif + +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) + INSTALL_PROGRAM += -s +endif + +ifeq (,$(findstring notest,$(DEB_BUILD_OPTIONS))) + TEST_TARGET = test +else + TEST_TARGET = +endif + +ifeq ($(DEB_BUILD_ARCH),i386) + CONFFLAGS=apr_lock_method=USE_PROC_PTHREAD_SERIALIZE +else + CONFFLAGS=ac_cv_func_pthread_mutexattr_setpshared=no ac_cv_func_sem_open=no +endif + +CONFFLAGS += ac_cv_prog_AWK=mawk + +SHELL=/bin/bash + +config.status: configure + dh_testdir + ./buildconf --with-apr=$(shell apr-1-config --srcdir) + $(CONFFLAGS) ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) --enable-layout=Debian --with-apr=/usr/bin/apr-1-config --with-ldap=yes --with-dbm=db46 --with-sqlite3 --with-pgsql=/usr --without-gdbm --without-sqlite2 --with-berkeley-db --with-mysql=/usr + +build: patch-stamp build-stamp + +build-stamp: config.status + dh_testdir + + # LDFLAGS=-Wl,--as-needed does not work since it affects only libraries + # given _after_ it on the command line, but apr's libtool puts the + # "-l..." _before_ the "-Wl,--as-needed" + $(MAKE) CFLAGS="$(CFLAGS) $(H_CFLAGS)" LDFLAGS="$(LDFLAGS) $(H_LDFLAGS)" EXTRA_CFLAGS="" + + touch $@ + +clean: unpatch + dh_testdir + dh_testroot + rm -f build-stamp test-stamp + [ ! -f Makefile ] || $(MAKE) distclean + rm -f test/data/test-db test/data/test-sdbm.dir test/data/test-sdbm.pag + + dh_clean + +test: test-stamp + +test-stamp: build + dh_testdir + $(MAKE) check + + touch $@ + +install: build $(TEST_TARGET) + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs -a + + $(MAKE) install DESTDIR=$(CURDIR)/debian/tmp + +binary-indep: build install + +binary-arch: build install + dh_testdir + dh_testroot + dh_installchangelogs CHANGES + dh_installdocs + dh_install -a + dh_link + dh_strip --dbg-package=libaprutil1-dbg + dh_compress + dh_fixperms + dh_makeshlibs + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install --- apr-util-1.2.12+dfsg.orig/debian/watch +++ apr-util-1.2.12+dfsg/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://www.apache.org/dist/apr/apr-util-(1\.[24]\..*)\.tar\.gz --- apr-util-1.2.12+dfsg.orig/debian/changelog +++ apr-util-1.2.12+dfsg/debian/changelog @@ -0,0 +1,167 @@ +apr-util (1.2.12+dfsg-7) unstable; urgency=medium + + * Apply hardening build options independently from apr. + + -- Stefan Fritsch Sat, 21 Jun 2008 13:29:48 +0200 + +apr-util (1.2.12+dfsg-6) unstable; urgency=low + + * Make libaprutil1-dev depend on libmysqlclient15-dev. Libtool needs it for + linking (really closes: #482270). + + -- Stefan Fritsch Mon, 26 May 2008 23:45:44 +0200 + +apr-util (1.2.12+dfsg-5) unstable; urgency=low + + * Don't output "-lmysqlclient_r" in "apu-config --ldflags". It is enough if + libaprutil links to mysql, applications don't need to do it, too. + (Closes: #482270) + + -- Stefan Fritsch Sun, 25 May 2008 22:53:36 +0200 + +apr-util (1.2.12+dfsg-4) unstable; urgency=low + + * Activate mysql support (closes: #395959). This is made possible by php5 + now linking against the threadsafe version of libmysqlclient. Therefore + add a conflict with older versions of php5-mysql and with php4-mysql. + * Rebuild against apr with hardening options: CFLAGS are taken from apr, set + LDFLAGS=-Wl,-z,relro explicitly. + * Conflict with apache2 << 2.2.8-1, which used an older version of libldap + and now segfaults with current libaprutil1+libldap. + * Remove Thom May, Fabio M. Di Nitto, Daniel Stone, and Adam Conrad from the + uploaders field (thanks for your work). + + -- Stefan Fritsch Sun, 18 May 2008 17:13:24 +0200 + +apr-util (1.2.12+dfsg-3) unstable; urgency=medium + + * Fix integer overflow in apr_brigade_partition on 32bit systems. Urgency + medium because this made apache segfault when resuming a file larger than + 4GB. + * Point VCS tags in debian control to trunk, to make them useful with + debcheckout. + + -- Stefan Fritsch Fri, 29 Feb 2008 20:59:49 +0100 + +apr-util (1.2.12+dfsg-2) unstable; urgency=low + + * Build-Depend on libdb4.6-dev instead of libdb-dev >= 4.6, as the latter + causes problems with sbuild. + * Change server in watch file since www.eu.apache.org is unreliable. + + -- Stefan Fritsch Sat, 12 Jan 2008 10:17:09 +0100 + +apr-util (1.2.12+dfsg-1) unstable; urgency=low + + [ Stefan Fritsch ] + * New upstream version (Closes: #447146) + * Fix debian/rules clean + * Don't ship .svn directories. (Closes: #431508) + * Fix some lintian warnings: + - Use ${binary:Version} instead of ${Source-Version}. + - Bump standards-version to 3.7.3 (no changes). + - Remove empty /usr/share/doc/libapr1.0/. + - Don't ignore make clean errors. + * Add myself to Uploaders. + * Add Vcs info and homepage to debian/control. + * Change handling of CFLAGS in debian/rules so that they are actually used. + Fixes DEB_BUILD_OPTIONS=debug. + + [ Tollef Fog Heen ] + * Make libaprutil1-dbg Priority: extra to match overrides. + + [ Peter Samuelson ] + * Compile with db 4.6. (Closes: #422465, #429025) + * Add watch file. + + -- Stefan Fritsch Fri, 11 Jan 2008 18:43:17 +0100 + +apr-util (1.2.7+dfsg-2) unstable; urgency=low + + * Fix stupid code duplication in apr_md[45].c resulting from C&P. + Thanks to Peter Samuelson for notifying me. This makes md[45] work + correctly. + + -- Tollef Fog Heen Fri, 18 Aug 2006 19:50:31 +0200 + +apr-util (1.2.7+dfsg-1) unstable; urgency=low + + * Remove dependency on libgdbm1 from libaprutil1-dev. + * Build against libdb 4.4. Closes: #354510 + * Remove most libs from apu-config --link-ld --libs. Thanks to Peter + Samuelson, Closes: #378105 + * Use md4 and md5 implementation from Solar Designer as this is in the + public domain and not subject to RSA copyright. This requires a + repacked source, so add +dfsg to the version number. + + -- Tollef Fog Heen Fri, 14 Jul 2006 15:31:22 +0200 + +apr-util (1.2.7-2) unstable; urgency=low + + * Fix override disparity. + * Compile without gdbm. + * Get rid of all the evil libtool hacks and adjust build-depends + accordingly. + * Remove --includedir parameter and adjust config.layout instead. This + works around damage in newer autoconfs. + + -- Tollef Fog Heen Mon, 1 May 2006 17:05:28 +0200 + +apr-util (1.2.7-1) unstable; urgency=low + + * New upstream release + * Tighten build dependency on apr to a version which ships + get-version.sh + * Grab get-version.sh from APR build + * Pass --with-berkeley-db to configure so it actually picks up our + preferred BDB version. + + -- Tollef Fog Heen Fri, 28 Apr 2006 21:59:55 +0200 + +apr-util (1.2.2-4) unstable; urgency=low + + * Compile with -fPIC. Closes: #350677 + * Build with -i to avoid .svn directories in source. Closes: #357175 + + -- Tollef Fog Heen Fri, 27 Jan 2006 18:50:04 +0100 + +apr-util (1.2.2-3) unstable; urgency=low + + * Add proper depends to libaprutil1-dev + * Rename source package to match upstream. + * Rename to libaprutil1 instead of libaprutil1.0 + * Use libdb4.3, not 4.2 + * Conflict with old package names + * Add gdbm support + * Fix call to configure to avoid double linking to sqlite and sqlite3 + * Update to Standards Version: 3.6.2.2: no changes. + * Add apu-config compatibility symlink. + + -- Tollef Fog Heen Fri, 27 Jan 2006 18:50:04 +0100 + +apr-util1.0 (1.2.2-2) unstable; urgency=low + + * Upgrade to debhelper v5 + * Call dh_installdocs, so we actually get a copyright. + + -- Thom May Tue, 3 Jan 2006 13:05:02 +0000 + +apr-util1.0 (1.2.2-1) unstable; urgency=low + + * New upstream version + * Enable postgres and sqlite3 support + + -- Thom May Fri, 30 Dec 2005 10:40:03 +0000 + +apr-util1.0 (1.1.2-1) unstable; urgency=low + + * New upstream release + + -- Thom May Sun, 8 May 2005 17:12:22 +0100 + +apr-util1.0 (1.1.0-1) unstable; urgency=low + + * New Upstream Release + * First Package Release + + -- Thom May Wed, 17 Nov 2004 11:51:32 -0800 --- apr-util-1.2.12+dfsg.orig/debian/libaprutil1-dev.links +++ apr-util-1.2.12+dfsg/debian/libaprutil1-dev.links @@ -0,0 +1 @@ +usr/bin/apu-1-config usr/bin/apu-config --- apr-util-1.2.12+dfsg.orig/debian/compat +++ apr-util-1.2.12+dfsg/debian/compat @@ -0,0 +1 @@ +5 --- apr-util-1.2.12+dfsg.orig/debian/copyright +++ apr-util-1.2.12+dfsg/debian/copyright @@ -0,0 +1,334 @@ +This package was debianized by Thom May on +Wed, 17 Nov 2004 11:27:14 -0800 + +It was downloaded from http://httpd.apache.org/download.cgi + +Upstream Authors: The Apache Software Foundation - http://apr.apache.org/ + +Copyright: + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + + + +APACHE PORTABLE RUNTIME SUBCOMPONENTS: + +The Apache Portable Runtime includes a number of subcomponents with +separate copyright notices and license terms. Your use of the source +code for the these subcomponents is subject to the terms and +conditions of the following licenses. + +From strings/apr_fnmatch.c, include/apr_fnmatch.h, misc/unix/getopt.c, +file_io/unix/mktemp.c, strings/apr_strings.c: + +/* + * Copyright (c) 1987, 1993, 1994 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + +From network_io/unix/inet_ntop.c, network_io/unix/inet_pton.c: + +/* Copyright (c) 1996 by Internet Software Consortium. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS + * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE + * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL + * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR + * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS + * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS + * SOFTWARE. + +From dso/aix/dso.c: + + * Based on libdl (dlfcn.c/dlfcn.h) which is + * Copyright (c) 1992,1993,1995,1996,1997,1988 + * Jens-Uwe Mager, Helios Software GmbH, Hannover, Germany. + * + * Not derived from licensed software. + * + * Permission is granted to freely use, copy, modify, and redistribute + * this software, provided that the author is not construed to be liable + * for any results of using the software, alterations are clearly marked + * as such, and this notice is not modified. + +From strings/apr_strnatcmp.c, include/apr_strings.h: + + strnatcmp.c -- Perform 'natural order' comparisons of strings in C. + Copyright (C) 2000 by Martin Pool + + This software is provided 'as-is', without any express or implied + warranty. In no event will the authors be held liable for any damages + arising from the use of this software. + + Permission is granted to anyone to use this software for any purpose, + including commercial applications, and to alter it and redistribute it + freely, subject to the following restrictions: + + 1. The origin of this software must not be misrepresented; you must not + claim that you wrote the original software. If you use this software + in a product, an acknowledgment in the product documentation would be + appreciated but is not required. + 2. Altered source versions must be plainly marked as such, and must not be + misrepresented as being the original software. + 3. This notice may not be removed or altered from any source distribution. + + +From test/CuTest.c, test/CuTest.h: + + * Copyright (c) 2002-2006 Asim Jalis + * + * This library is released under the zlib/libpng license as described at + * + * http://www.opensource.org/licenses/zlib-license.html + * + * Here is the statement of the license: + * + * This software is provided 'as-is', without any express or implied warranty. + * In no event will the authors be held liable for any damages arising from + * the use of this software. + * + * Permission is granted to anyone to use this software for any purpose, + * including commercial applications, and to alter it and redistribute it + * freely, subject to the following restrictions: + * + * 1. The origin of this software must not be misrepresented; you must not + * claim that you wrote the original software. If you use this software in a + * product, an acknowledgment in the product documentation would be + * appreciated but is not required. + * + * 2. Altered source versions must be plainly marked as such, and must not be + * misrepresented as being the original software. + * + * 3. This notice may not be removed or altered from any source distribution. --- apr-util-1.2.12+dfsg.orig/debian/libaprutil1-dev.dirs +++ apr-util-1.2.12+dfsg/debian/libaprutil1-dev.dirs @@ -0,0 +1,4 @@ +usr/include/apr-1.0 +usr/lib +usr/lib/pkgconfig +usr/bin --- apr-util-1.2.12+dfsg.orig/debian/libaprutil1-dev.install +++ apr-util-1.2.12+dfsg/debian/libaprutil1-dev.install @@ -0,0 +1,5 @@ +debian/tmp/usr/include/apr-1.0 +debian/tmp/usr/lib/libapr*a +debian/tmp/usr/lib/libaprutil-1.so +debian/tmp/usr/lib/pkgconfig +debian/tmp/usr/bin --- apr-util-1.2.12+dfsg.orig/debian/libaprutil1.dirs +++ apr-util-1.2.12+dfsg/debian/libaprutil1.dirs @@ -0,0 +1 @@ +usr/lib --- apr-util-1.2.12+dfsg.orig/debian/patches/014_apu_config_dont_list_indep_libs.dpatch +++ apr-util-1.2.12+dfsg/debian/patches/014_apu_config_dont_list_indep_libs.dpatch @@ -0,0 +1,31 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## apu-config.dpatch by +## +## DP: Prevent recursive linking of dependent libraries by apr-util users. + +@DPATCH@ +Index: apr-util.pc.in +--- a/apr-util.pc.in ++++ b/apr-util.pc.in +@@ -8,6 +8,7 @@ + Description: Companion library for APR + Version: @APRUTIL_DOTTED_VERSION@ + # assume that apr-util requires libapr of same major version +-Requires: apr-@APRUTIL_MAJOR_VERSION@ +-Libs: -L${libdir} -l@APRUTIL_LIBNAME@ @APRUTIL_EXPORT_LIBS@ ++Requires.private: apr-@APRUTIL_MAJOR_VERSION@ ++Libs: -L${libdir} -l@APRUTIL_LIBNAME@ ++Libs.private: @APRUTIL_EXPORT_LIBS@ + Cflags: -I${includedir} +Index: apu-config.in +--- a/apu-config.in ++++ b/apu-config.in +@@ -27,7 +27,7 @@ + libdir="@libdir@" + includedir="@includedir@" + +-LIBS="@APRUTIL_EXPORT_LIBS@" ++LIBS= + INCLUDES="@APRUTIL_INCLUDES@" + LDFLAGS="@APRUTIL_LDFLAGS@" + --- apr-util-1.2.12+dfsg.orig/debian/patches/002_configure_in_remove_syspaths.dpatch +++ apr-util-1.2.12+dfsg/debian/patches/002_configure_in_remove_syspaths.dpatch @@ -0,0 +1,21 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 002_configure_in_remove_syspaths.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ + +diff -urNad apr-util1.0-1.2.2~/configure.in apr-util1.0-1.2.2/configure.in +--- apr-util1.0-1.2.2~/configure.in 2005-05-05 21:24:29.000000000 +0200 ++++ apr-util1.0-1.2.2/configure.in 2006-01-27 13:32:04.000000000 +0100 +@@ -153,6 +153,9 @@ + dnl + APR_ADDTO(APRUTIL_LIBS, [$APR_LIBS]) + ++APR_REMOVEFROM(APRUTIL_LDFLAGS, [-L/usr/lib]) ++APR_REMOVEFROM(APRUTIL_INCLUDE, [-I/usr/include]) ++ + AC_SUBST(APRUTIL_EXPORT_LIBS) + AC_SUBST(APRUTIL_PRIV_INCLUDES) + AC_SUBST(APRUTIL_INCLUDES) --- apr-util-1.2.12+dfsg.orig/debian/patches/003_buildconf_config.guess_sub_location.dpatch +++ apr-util-1.2.12+dfsg/debian/patches/003_buildconf_config.guess_sub_location.dpatch @@ -0,0 +1,21 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 003_buildconf_config.guess_sub_location.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad apr-util-1.2.7~/buildconf apr-util-1.2.7/buildconf +--- apr-util-1.2.7~/buildconf 2006-04-28 22:53:11.000000000 +0200 ++++ apr-util-1.2.7/buildconf 2006-04-28 22:55:02.000000000 +0200 +@@ -56,8 +56,8 @@ + rm -f build/apr_common.m4 build/find_apr.m4 build/install.sh \ + build/config.guess build/config.sub build/get-version.sh + cp -p $apr_src_dir/build/apr_common.m4 $apr_src_dir/build/find_apr.m4 \ +- $apr_src_dir/build/install.sh $apr_src_dir/build/config.guess \ +- $apr_src_dir/build/config.sub $apr_src_dir/build/get-version.sh \ ++ $apr_src_dir/build/install.sh /usr/share/misc/config.guess \ ++ /usr/share/misc/config.sub $apr_src_dir/build/get-version.sh \ + build/ + + # Remove aclocal.m4 as it'll break some builds... --- apr-util-1.2.12+dfsg.orig/debian/patches/004_debian_layout_fix.dpatch +++ apr-util-1.2.12+dfsg/debian/patches/004_debian_layout_fix.dpatch @@ -0,0 +1,19 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 004_debian_layout_fix.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Fix the includedir in the Debian layout. + +@DPATCH@ +diff -urNad apr-util-1.2.7~/config.layout apr-util-1.2.7/config.layout +--- apr-util-1.2.7~/config.layout 2005-02-09 13:18:43.000000000 +0100 ++++ apr-util-1.2.7/config.layout 2006-06-15 14:18:42.000000000 +0200 +@@ -223,7 +223,7 @@ + libexecdir: ${exec_prefix}/lib/apr/modules + mandir: ${exec_prefix}/share/man + datadir: ${exec_prefix}/share/apr +- includedir: ${exec_prefix}/include/apr-${APRUTIL_MAJOR_VERSION} ++ includedir: ${exec_prefix}/include/apr-1.0 + localstatedir: ${prefix}/var/run + runtimedir: ${prefix}/var/run + infodir: ${exec_prefix}/share/info --- apr-util-1.2.12+dfsg.orig/debian/patches/016_omit_mysql_from_APRUTIL_LDFLAGS.dpatch +++ apr-util-1.2.12+dfsg/debian/patches/016_omit_mysql_from_APRUTIL_LDFLAGS.dpatch @@ -0,0 +1,35 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 016_omit_mysql_from_APRUTIL_LDFLAGS.dpatch by Stefan Fritsch +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Don't make applications link to mysql, it is enough if libaprutil does that +## DP: See #482270 +## DP: This seems to be fixed in 1.3.x already + +@DPATCH@ +diff -urNad trunk~/build/dbd.m4 trunk/build/dbd.m4 +--- trunk~/build/dbd.m4 2007-11-01 15:07:19.000000000 +0100 ++++ trunk/build/dbd.m4 2008-05-25 23:05:43.765295411 +0200 +@@ -101,7 +101,6 @@ + else + if test "x$MYSQL_CONFIG" != 'x'; then + APR_ADDTO(APRUTIL_INCLUDES, [$mysql_CPPFLAGS]) +- APR_ADDTO(APRUTIL_LDFLAGS, [$mysql_LDFLAGS]) + fi + fi + +@@ -129,14 +128,12 @@ + AC_CHECK_HEADERS(mysql.h, AC_CHECK_LIB(mysqlclient_r, mysql_init, [apu_have_mysql=1])) + if test "$apu_have_mysql" != "0"; then + APR_ADDTO(APRUTIL_INCLUDES, [$mysql_CPPFLAGS]) +- APR_ADDTO(APRUTIL_LDFLAGS, [$mysql_LDFLAGS]) + fi + + if test "$apu_have_mysql" != "1"; then + AC_CHECK_HEADERS(mysql/mysql.h, AC_CHECK_LIB(mysqlclient_r, mysql_init, [apu_have_mysql=1])) + if test "$apu_have_mysql" != "0"; then + APR_ADDTO(APRUTIL_INCLUDES, [-I$withval/include/mysql]) +- APR_ADDTO(APRUTIL_LDFLAGS, [-L$withval/lib]) + fi + fi + --- apr-util-1.2.12+dfsg.orig/debian/patches/001_dbm_read_hash_or_btree +++ apr-util-1.2.12+dfsg/debian/patches/001_dbm_read_hash_or_btree @@ -0,0 +1,31 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 001_dbm_read_hash_or_btree by Adam Conrad +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Be more liberal in the types of DBM files we accept. + +@DPATCH@ +--- apr-util/dbm/apr_dbm_berkeleydb.c 2004-02-13 02:52:42.000000000 -0700 ++++ apr-util/dbm/apr_dbm_berkeleydb.c 2004-09-28 00:21:37.000000000 -0600 +@@ -172,6 +172,21 @@ + apr_posix_perms2mode(perm))) != 0) { + /* close the DB handler */ + (void) (*file.bdb->close)(file.bdb, 0); ++ if (dberr == EINVAL) { ++ if ((dberr = db_create(&file.bdb, NULL, 0)) == 0) { ++ if ((dberr = (*file.bdb->open)(file.bdb, ++#if DB_VER == 4 ++ NULL, ++#endif ++ pathname, NULL, ++ DB_BTREE, dbmode, ++ apr_posix_perms2mode(perm))) != 0) { ++ ++ /* close the DB handler */ ++ (void) (*file.bdb->close)(file.bdb, 0); ++ } ++ } ++ } + } + } + file.curs = NULL; --- apr-util-1.2.12+dfsg.orig/debian/patches/099_alternate_md4_md5_impl.dpatch +++ apr-util-1.2.12+dfsg/debian/patches/099_alternate_md4_md5_impl.dpatch @@ -0,0 +1,1377 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 099_alternate_md4_md5_impl.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad apr-util-1.2.7~/crypto/apr_md4.c apr-util-1.2.7/crypto/apr_md4.c +--- apr-util-1.2.7~/crypto/apr_md4.c 1970-01-01 01:00:00.000000000 +0100 ++++ apr-util-1.2.7/crypto/apr_md4.c 2006-08-18 14:21:41.000000000 +0200 +@@ -0,0 +1,389 @@ ++/* Adopted for apr-util by Tollef Fog Heen */ ++ ++/* ++ * MD4 (RFC-1320) message digest. ++ * Modified from MD5 code by Andrey Panin ++ * ++ * Written by Solar Designer in 2001, and placed in ++ * the public domain. There's absolutely no warranty. ++ * ++ * This differs from Colin Plumb's older public domain implementation in ++ * that no 32-bit integer data type is required, there's no compile-time ++ * endianness configuration, and the function prototypes match OpenSSL's. ++ * The primary goals are portability and ease of use. ++ * ++ * This implementation is meant to be fast, but not as fast as possible. ++ * Some known optimizations are not included to reduce source code size ++ * and avoid compile-time configuration. ++ */ ++ ++/* Copyright 2001-2005 The Apache Software Foundation or its licensors, as ++ * applicable. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#include "apr_strings.h" ++#include "apr_md4.h" ++#include "apr_lib.h" ++ ++#if APR_HAVE_STRING_H ++#include ++#endif ++#if APR_HAVE_UNISTD_H ++#include ++#endif ++ ++#if APR_CHARSET_EBCDIC ++static apr_xlate_t *xlate_ebcdic_to_ascii; /* used in apr_md4_encode() */ ++#endif ++ ++static const void *body(apr_md4_ctx_t *context, const void *data, size_t size); ++ ++/* ++ * The basic MD4 functions. ++ */ ++#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) ++#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z))) ++#define H(x, y, z) ((x) ^ (y) ^ (z)) ++ ++/* ++ * The MD4 transformation for all four rounds. ++ */ ++#define STEP(f, a, b, c, d, x, s) \ ++ (a) += f((b), (c), (d)) + (x); \ ++ (a) = ((a) << (s)) | ((a) >> (32 - (s))) ++ ++ ++/* ++ * SET reads 4 input bytes in little-endian byte order and stores them ++ * in a properly aligned word in host byte order. ++ * ++ * The check for little-endian architectures which tolerate unaligned ++ * memory accesses is just an optimization. Nothing will break if it ++ * doesn't work. ++ */ ++/*#if defined(__i386__) || defined(__x86_64__) || defined(__vax__) ++#define SET(n) \ ++ (*(const apr_uint32_t *)&ptr[(n) * 4]) ++#define GET(n) \ ++ SET(n) ++ #else*/ ++#define SET(n) \ ++ (block[(n)] = \ ++ (apr_uint32_t)ptr[(n) * 4] | \ ++ ((apr_uint32_t)ptr[(n) * 4 + 1] << 8) | \ ++ ((apr_uint32_t)ptr[(n) * 4 + 2] << 16) | \ ++ ((apr_uint32_t)ptr[(n) * 4 + 3] << 24)) ++#define GET(n) \ ++ (block[(n)]) ++/*#endif*/ ++ ++ ++ ++/* MD4 initialization. Begins an MD4 operation, writing a new context. ++ */ ++APU_DECLARE(apr_status_t) apr_md4_init(apr_md4_ctx_t *context) ++{ ++ context->count[0] = context->count[1] = 0; ++ ++ /* Load magic initialization constants. */ ++ context->state[0] = 0x67452301; ++ context->state[1] = 0xefcdab89; ++ context->state[2] = 0x98badcfe; ++ context->state[3] = 0x10325476; ++ ++#if APR_HAS_XLATE ++ context->xlate = NULL; ++#endif ++ ++ return APR_SUCCESS; ++} ++ ++#if APR_HAS_XLATE ++/* MD4 translation setup. Provides the APR translation handle ++ * to be used for translating the content before calculating the ++ * digest. ++ */ ++APU_DECLARE(apr_status_t) apr_md4_set_xlate(apr_md4_ctx_t *context, ++ apr_xlate_t *xlate) ++{ ++ apr_status_t rv; ++ int is_sb; ++ ++ /* TODO: remove the single-byte-only restriction from this code ++ */ ++ rv = apr_xlate_sb_get(xlate, &is_sb); ++ if (rv != APR_SUCCESS) { ++ return rv; ++ } ++ if (!is_sb) { ++ return APR_EINVAL; ++ } ++ context->xlate = xlate; ++ return APR_SUCCESS; ++} ++#endif /* APR_HAS_XLATE */ ++ ++/* MD4 block update operation. Continues an MD4 message-digest ++ * operation, processing another message block, and updating the ++ * context. ++ */ ++APU_DECLARE(apr_status_t) apr_md4_update(apr_md4_ctx_t *context, ++ const unsigned char *input, ++ apr_size_t inputLen) ++{ ++ apr_uint32_t saved_lo; ++ unsigned long used, free; ++#if APR_HAS_XLATE ++/* apr_size_t inbytes_left, outbytes_left;*/ ++#endif ++ ++ /* Update number of bits */ ++ saved_lo = context->count[0]; ++ if ((context->count[0] = (saved_lo + inputLen) & 0x1fffffff) < saved_lo) ++ context->count[1]++; ++ context->count[1] += (apr_uint32_t)inputLen >> 29; ++ ++ /* Compute number of bytes mod 64 */ ++ used = saved_lo & 0x3f; ++ ++ /* Transform as many times as possible. */ ++ if (used) { ++ free = 64 - used; ++ ++ if (inputLen < free) { ++ memcpy(&context->buffer[used], input, inputLen); ++ return APR_SUCCESS; ++ } ++ ++ memcpy(&context->buffer[used], input, free); ++ input = (const unsigned char *) input + free; ++ inputLen -= free; ++ body(context, context->buffer, 64); ++ } ++ ++ if (inputLen >= 64) { ++ input = body(context, input, inputLen & ~(unsigned long)0x3f); ++ inputLen &= 0x3f; ++ } ++ ++ /* Buffer remaining input */ ++ memcpy(context->buffer, input, inputLen); ++ return APR_SUCCESS; ++} ++ ++/* MD4 finalization. Ends an MD4 message-digest operation, writing the ++ * the message digest and zeroizing the context. ++ */ ++APU_DECLARE(apr_status_t) apr_md4_final( ++ unsigned char digest[APR_MD4_DIGESTSIZE], ++ apr_md4_ctx_t *context) ++{ ++ unsigned long used, free; ++ ++ used = context->count[0] & 0x3f; ++ ++ context->buffer[used++] = 0x80; ++ ++ free = 64 - used; ++ ++#if APR_HAS_XLATE ++ /* apr_md4_update() should not translate for this final round. */ ++ context->xlate = NULL; ++#endif /*APR_HAS_XLATE*/ ++ ++ if (free < 8) { ++ memset(&context->buffer[used], 0, free); ++ body(context, context->buffer, 64); ++ used = 0; ++ free = 64; ++ } ++ ++ memset(&context->buffer[used], 0, free - 8); ++ ++ context->count[0] <<= 3; ++ context->buffer[56] = context->count[0]; ++ context->buffer[57] = context->count[0] >> 8; ++ context->buffer[58] = context->count[0] >> 16; ++ context->buffer[59] = context->count[0] >> 24; ++ context->buffer[60] = context->count[1]; ++ context->buffer[61] = context->count[1] >> 8; ++ context->buffer[62] = context->count[1] >> 16; ++ context->buffer[63] = context->count[1] >> 24; ++ ++ body(context, context->buffer, 64); ++ ++ digest[0] = context->state[0]; ++ digest[1] = context->state[0] >> 8; ++ digest[2] = context->state[0] >> 16; ++ digest[3] = context->state[0] >> 24; ++ digest[4] = context->state[1]; ++ digest[5] = context->state[1] >> 8; ++ digest[6] = context->state[1] >> 16; ++ digest[7] = context->state[1] >> 24; ++ digest[8] = context->state[2]; ++ digest[9] = context->state[2] >> 8; ++ digest[10] = context->state[2] >> 16; ++ digest[11] = context->state[2] >> 24; ++ digest[12] = context->state[3]; ++ digest[13] = context->state[3] >> 8; ++ digest[14] = context->state[3] >> 16; ++ digest[15] = context->state[3] >> 24; ++ ++ /* Zeroize sensitive information. */ ++ memset(context, 0, sizeof(*context)); ++ ++ return APR_SUCCESS; ++} ++ ++/* MD4 computation in one step (init, update, final) ++ */ ++APU_DECLARE(apr_status_t) apr_md4(unsigned char digest[APR_MD4_DIGESTSIZE], ++ const unsigned char *input, ++ apr_size_t inputLen) ++{ ++ apr_md4_ctx_t ctx; ++ apr_status_t rv; ++ ++ apr_md4_init(&ctx); ++ ++ if ((rv = apr_md4_update(&ctx, input, inputLen)) != APR_SUCCESS) ++ return rv; ++ ++ return apr_md4_final(digest, &ctx); ++} ++ ++/* ++ * This processes one or more 64-byte data blocks, but does NOT update ++ * the bit counters. There're no alignment requirements. ++ */ ++static const void *body(apr_md4_ctx_t *context, const void *data, size_t size) ++{ ++ const unsigned char *ptr, *convptr; ++ uint32_t a, b, c, d; ++ uint32_t saved_a, saved_b, saved_c, saved_d; ++ apr_uint32_t block[16]; ++ ++#ifdef APR_HAS_XLATE ++ apr_size_t inbytes_left, outbytes_left; ++#endif ++ ++ ptr = data; ++ ++ a = context->state[0]; ++ b = context->state[1]; ++ c = context->state[2]; ++ d = context->state[3]; ++ ++ do { ++ saved_a = a; ++ saved_b = b; ++ saved_c = c; ++ saved_d = d; ++ ++ convptr = ptr; ++#ifdef APR_HAS_XLATE ++ if (context->xlate) { ++ inbytes_left = outbytes_left = 64; ++ unsigned char inp_tmp[64]; ++ apr_xlate_conv_buffer(context->xlate, ptr, &inbytes_left, ++ inp_tmp, &outbytes_left); ++ convptr = inp_tmp; ++ } ++#endif ++ /* Round 1 */ ++ STEP(F, a, b, c, d, SET( 0), 3); ++ STEP(F, d, a, b, c, SET( 1), 7); ++ STEP(F, c, d, a, b, SET( 2), 11); ++ STEP(F, b, c, d, a, SET( 3), 19); ++ ++ STEP(F, a, b, c, d, SET( 4), 3); ++ STEP(F, d, a, b, c, SET( 5), 7); ++ STEP(F, c, d, a, b, SET( 6), 11); ++ STEP(F, b, c, d, a, SET( 7), 19); ++ ++ STEP(F, a, b, c, d, SET( 8), 3); ++ STEP(F, d, a, b, c, SET( 9), 7); ++ STEP(F, c, d, a, b, SET(10), 11); ++ STEP(F, b, c, d, a, SET(11), 19); ++ ++ STEP(F, a, b, c, d, SET(12), 3); ++ STEP(F, d, a, b, c, SET(13), 7); ++ STEP(F, c, d, a, b, SET(14), 11); ++ STEP(F, b, c, d, a, SET(15), 19); ++ /* Round 2 */ ++ STEP(G, a, b, c, d, GET( 0) + 0x5A827999, 3); ++ STEP(G, d, a, b, c, GET( 4) + 0x5A827999, 5); ++ STEP(G, c, d, a, b, GET( 8) + 0x5A827999, 9); ++ STEP(G, b, c, d, a, GET(12) + 0x5A827999, 13); ++ ++ STEP(G, a, b, c, d, GET( 1) + 0x5A827999, 3); ++ STEP(G, d, a, b, c, GET( 5) + 0x5A827999, 5); ++ STEP(G, c, d, a, b, GET( 9) + 0x5A827999, 9); ++ STEP(G, b, c, d, a, GET(13) + 0x5A827999, 13); ++ ++ STEP(G, a, b, c, d, GET( 2) + 0x5A827999, 3); ++ STEP(G, d, a, b, c, GET( 6) + 0x5A827999, 5); ++ STEP(G, c, d, a, b, GET(10) + 0x5A827999, 9); ++ STEP(G, b, c, d, a, GET(14) + 0x5A827999, 13); ++ ++ STEP(G, a, b, c, d, GET( 3) + 0x5A827999, 3); ++ STEP(G, d, a, b, c, GET( 7) + 0x5A827999, 5); ++ STEP(G, c, d, a, b, GET(11) + 0x5A827999, 9); ++ STEP(G, b, c, d, a, GET(15) + 0x5A827999, 13); ++ /* Round 3 */ ++ STEP(H, a, b, c, d, GET( 0) + 0x6ED9EBA1, 3); ++ STEP(H, d, a, b, c, GET( 8) + 0x6ED9EBA1, 9); ++ STEP(H, c, d, a, b, GET( 4) + 0x6ED9EBA1, 11); ++ STEP(H, b, c, d, a, GET(12) + 0x6ED9EBA1, 15); ++ ++ STEP(H, a, b, c, d, GET( 2) + 0x6ED9EBA1, 3); ++ STEP(H, d, a, b, c, GET(10) + 0x6ED9EBA1, 9); ++ STEP(H, c, d, a, b, GET( 6) + 0x6ED9EBA1, 11); ++ STEP(H, b, c, d, a, GET(14) + 0x6ED9EBA1, 15); ++ ++ STEP(H, a, b, c, d, GET( 1) + 0x6ED9EBA1, 3); ++ STEP(H, d, a, b, c, GET( 9) + 0x6ED9EBA1, 9); ++ STEP(H, c, d, a, b, GET( 5) + 0x6ED9EBA1, 11); ++ STEP(H, b, c, d, a, GET(13) + 0x6ED9EBA1, 15); ++ ++ STEP(H, a, b, c, d, GET( 3) + 0x6ED9EBA1, 3); ++ STEP(H, d, a, b, c, GET(11) + 0x6ED9EBA1, 9); ++ STEP(H, c, d, a, b, GET( 7) + 0x6ED9EBA1, 11); ++ STEP(H, b, c, d, a, GET(15) + 0x6ED9EBA1, 15); ++ ++ a += saved_a; ++ b += saved_b; ++ c += saved_c; ++ d += saved_d; ++ ++ ptr += 64; ++ } while (size -= 64); ++ ++ context->state[0] = a; ++ context->state[1] = b; ++ context->state[2] = c; ++ context->state[3] = d; ++ ++ return ptr; ++} ++ ++ ++#if APR_CHARSET_EBCDIC ++APU_DECLARE(apr_status_t) apr_MD4InitEBCDIC(apr_xlate_t *xlate) ++{ ++ xlate_ebcdic_to_ascii = xlate; ++ return APR_SUCCESS; ++} ++#endif +diff -urNad apr-util-1.2.7~/crypto/apr_md5.c apr-util-1.2.7/crypto/apr_md5.c +--- apr-util-1.2.7~/crypto/apr_md5.c 1970-01-01 01:00:00.000000000 +0100 ++++ apr-util-1.2.7/crypto/apr_md5.c 2006-08-18 14:21:41.000000000 +0200 +@@ -0,0 +1,686 @@ ++/* FIXME: body must handle xlate */ ++ ++/* ++ * Adopted for apr-util by Tollef Fog Heen ++ */ ++ ++/* ++ * This is an OpenSSL-compatible implementation of the RSA Data Security, ++ * Inc. MD5 Message-Digest Algorithm. ++ * ++ * Written by Solar Designer in 2001, and placed in ++ * the public domain. See md5.c for more information. ++ */ ++ ++/* Copyright 2000-2005 The Apache Software Foundation or its licensors, as ++ * applicable. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++/* ++ * The apr_md5_encode() routine uses much code obtained from the FreeBSD 3.0 ++ * MD5 crypt() function, which is licenced as follows: ++ * ---------------------------------------------------------------------------- ++ * "THE BEER-WARE LICENSE" (Revision 42): ++ * wrote this file. As long as you retain this notice you ++ * can do whatever you want with this stuff. If we meet some day, and you think ++ * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp ++ * ---------------------------------------------------------------------------- ++ */ ++#include "apr_strings.h" ++#include "apr_md5.h" ++#include "apr_lib.h" ++#include "apu_config.h" ++#include "apr_sha1.h" ++ ++#if APR_HAVE_STRING_H ++#include ++#endif ++#if APR_HAVE_CRYPT_H ++#include ++#endif ++#if APR_HAVE_UNISTD_H ++#include ++#endif ++#if APR_HAVE_PTHREAD_H ++#include ++#endif ++ ++static const void *body(apr_md5_ctx_t *context, const void *data, apr_size_t size); ++ ++#if APR_CHARSET_EBCDIC ++static apr_xlate_t *xlate_ebcdic_to_ascii; /* used in apr_md5_encode() */ ++#endif ++ ++/* ++ * The basic MD5 functions. ++ * ++ * F is optimized compared to its RFC 1321 definition just like in Colin ++ * Plumb's implementation. ++ */ ++#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) ++#define G(x, y, z) ((y) ^ ((z) & ((x) ^ (y)))) ++#define H(x, y, z) ((x) ^ (y) ^ (z)) ++#define I(x, y, z) ((y) ^ ((x) | ~(z))) ++ ++/* ++ * The MD5 transformation for all four rounds. ++ */ ++#define STEP(f, a, b, c, d, x, t, s) \ ++ (a) += f((b), (c), (d)) + (x) + (t); \ ++ (a) = (((a) << (s)) | (((a) & 0xffffffff) >> (32 - (s)))); \ ++ (a) += (b); ++ ++/* ++ * SET reads 4 input bytes in little-endian byte order and stores them ++ * in a properly aligned word in host byte order. ++ * ++ * The check for little-endian architectures which tolerate unaligned ++ * memory accesses is just an optimization. Nothing will break if it ++ * doesn't work. ++ */ ++#if defined(__i386__) || defined(__x86_64__) || defined(__vax__) ++#define SET(n) \ ++ (*(const apr_uint32_t *)&convptr[(n) * 4]) ++#define GET(n) \ ++ SET(n) ++#else ++#define SET(n) \ ++ (block[(n)] = \ ++ (apr_uint32_t)convptr[(n) * 4] | \ ++ ((apr_uint32_t)convptr[(n) * 4 + 1] << 8) | \ ++ ((apr_uint32_t)convptr[(n) * 4 + 2] << 16) | \ ++ ((apr_uint32_t)convptr[(n) * 4 + 3] << 24)) ++#define GET(n) \ ++ (block[(n)]) ++#endif ++ ++/* MD5 initialization. Begins an MD5 operation, writing a new context. ++ */ ++APU_DECLARE(apr_status_t) apr_md5_init(apr_md5_ctx_t *context) ++{ ++ context->count[0] = context->count[1] = 0; ++ ++ /* Load magic initialization constants. */ ++ context->state[0] = 0x67452301; ++ context->state[1] = 0xefcdab89; ++ context->state[2] = 0x98badcfe; ++ context->state[3] = 0x10325476; ++ context->xlate = NULL; ++ ++ return APR_SUCCESS; ++} ++ ++/* MD5 translation setup. Provides the APR translation handle ++ * to be used for translating the content before calculating the ++ * digest. ++ */ ++APU_DECLARE(apr_status_t) apr_md5_set_xlate(apr_md5_ctx_t *context, ++ apr_xlate_t *xlate) ++{ ++#if APR_HAS_XLATE ++ apr_status_t rv; ++ int is_sb; ++ ++ /* TODO: remove the single-byte-only restriction from this code ++ */ ++ rv = apr_xlate_sb_get(xlate, &is_sb); ++ if (rv != APR_SUCCESS) { ++ return rv; ++ } ++ if (!is_sb) { ++ return APR_EINVAL; ++ } ++ context->xlate = xlate; ++ return APR_SUCCESS; ++#else ++ return APR_ENOTIMPL; ++#endif /* APR_HAS_XLATE */ ++} ++ ++/* MD5 block update operation. Continues an MD5 message-digest ++ * operation, processing another message block, and updating the ++ * context. ++ */ ++APU_DECLARE(apr_status_t) apr_md5_update(apr_md5_ctx_t *context, ++ const void *_input, ++ apr_size_t inputLen) ++{ ++ apr_uint32_t saved_lo; ++ unsigned long used, free; ++#if APR_HAS_XLATE ++/* apr_size_t inbytes_left, outbytes_left;*/ ++#endif ++ ++ /* Update number of bits */ ++ saved_lo = context->count[0]; ++ if ((context->count[0] = (saved_lo + inputLen) & 0x1fffffff) < saved_lo) ++ context->count[1]++; ++ context->count[1] += (apr_uint32_t)inputLen >> 29; ++ ++ /* Compute number of bytes mod 64 */ ++ used = saved_lo & 0x3f; ++ ++ /* Transform as many times as possible. */ ++ if (used) { ++ free = 64 - used; ++ ++ if (inputLen < free) { ++ memcpy(&context->buffer[used], _input, inputLen); ++ return APR_SUCCESS; ++ } ++ ++ memcpy(&context->buffer[used], _input, free); ++ _input = (const unsigned char *) _input + free; ++ inputLen -= free; ++ body(context, context->buffer, 64); ++ } ++ ++ if (inputLen >= 64) { ++ _input = body(context, _input, inputLen & ~(unsigned long)0x3f); ++ inputLen &= 0x3f; ++ } ++ ++ /* Buffer remaining input */ ++ memcpy(context->buffer, _input, inputLen); ++ return APR_SUCCESS; ++} ++ ++/* MD5 finalization. Ends an MD5 message-digest operation, writing the ++ * the message digest and zeroizing the context. ++ */ ++APU_DECLARE(apr_status_t) apr_md5_final(unsigned char digest[APR_MD5_DIGESTSIZE], ++ apr_md5_ctx_t *context) ++{ ++ unsigned long used, free; ++ ++ used = context->count[0] & 0x3f; ++ ++ context->buffer[used++] = 0x80; ++ ++ free = 64 - used; ++ ++#if APR_HAS_XLATE ++ /* apr_md5_update() should not translate for this final round. */ ++ context->xlate = NULL; ++#endif /*APR_HAS_XLATE*/ ++ ++ if (free < 8) { ++ memset(&context->buffer[used], 0, free); ++ body(context, context->buffer, 64); ++ used = 0; ++ free = 64; ++ } ++ ++ memset(&context->buffer[used], 0, free - 8); ++ ++ context->count[0] <<= 3; ++ context->buffer[56] = context->count[0]; ++ context->buffer[57] = context->count[0] >> 8; ++ context->buffer[58] = context->count[0] >> 16; ++ context->buffer[59] = context->count[0] >> 24; ++ context->buffer[60] = context->count[1]; ++ context->buffer[61] = context->count[1] >> 8; ++ context->buffer[62] = context->count[1] >> 16; ++ context->buffer[63] = context->count[1] >> 24; ++ ++ body(context, context->buffer, 64); ++ ++ digest[0] = context->state[0]; ++ digest[1] = context->state[0] >> 8; ++ digest[2] = context->state[0] >> 16; ++ digest[3] = context->state[0] >> 24; ++ digest[4] = context->state[1]; ++ digest[5] = context->state[1] >> 8; ++ digest[6] = context->state[1] >> 16; ++ digest[7] = context->state[1] >> 24; ++ digest[8] = context->state[2]; ++ digest[9] = context->state[2] >> 8; ++ digest[10] = context->state[2] >> 16; ++ digest[11] = context->state[2] >> 24; ++ digest[12] = context->state[3]; ++ digest[13] = context->state[3] >> 8; ++ digest[14] = context->state[3] >> 16; ++ digest[15] = context->state[3] >> 24; ++ ++ /* Zeroize sensitive information. */ ++ memset(context, 0, sizeof(*context)); ++ ++ return APR_SUCCESS; ++} ++ ++/* MD5 in one step (init, update, final) ++ */ ++APU_DECLARE(apr_status_t) apr_md5(unsigned char digest[APR_MD5_DIGESTSIZE], ++ const void *_input, ++ apr_size_t inputLen) ++{ ++ const unsigned char *input = _input; ++ apr_md5_ctx_t ctx; ++ apr_status_t rv; ++ ++ apr_md5_init(&ctx); ++ ++ if ((rv = apr_md5_update(&ctx, input, inputLen)) != APR_SUCCESS) ++ return rv; ++ ++ return apr_md5_final(digest, &ctx); ++} ++ ++/* ++ * This processes one or more 64-byte data blocks, but does NOT update ++ * the bit counters. There're no alignment requirements. ++ */ ++static const void *body(apr_md5_ctx_t *context, const void *data, apr_size_t size) ++{ ++ const unsigned char *ptr, *convptr; ++ uint_fast32_t a, b, c, d; ++ uint_fast32_t saved_a, saved_b, saved_c, saved_d; ++ apr_uint32_t block[16]; ++ ++#ifdef APR_HAS_XLATE ++ apr_size_t inbytes_left, outbytes_left; ++#endif ++ ++ ptr = data; ++ ++ a = context->state[0]; ++ b = context->state[1]; ++ c = context->state[2]; ++ d = context->state[3]; ++ ++ do { ++ saved_a = a; ++ saved_b = b; ++ saved_c = c; ++ saved_d = d; ++ ++ convptr = ptr; ++#ifdef APR_HAS_XLATE ++ if (context->xlate) { ++ inbytes_left = outbytes_left = 64; ++ unsigned char inp_tmp[64]; ++ apr_xlate_conv_buffer(context->xlate, ptr, &inbytes_left, ++ inp_tmp, &outbytes_left); ++ convptr = inp_tmp; ++ } ++#endif ++ ++ ++/* Round 1 */ ++ STEP(F, a, b, c, d, SET(0), 0xd76aa478, 7) ++ STEP(F, d, a, b, c, SET(1), 0xe8c7b756, 12) ++ STEP(F, c, d, a, b, SET(2), 0x242070db, 17) ++ STEP(F, b, c, d, a, SET(3), 0xc1bdceee, 22) ++ STEP(F, a, b, c, d, SET(4), 0xf57c0faf, 7) ++ STEP(F, d, a, b, c, SET(5), 0x4787c62a, 12) ++ STEP(F, c, d, a, b, SET(6), 0xa8304613, 17) ++ STEP(F, b, c, d, a, SET(7), 0xfd469501, 22) ++ STEP(F, a, b, c, d, SET(8), 0x698098d8, 7) ++ STEP(F, d, a, b, c, SET(9), 0x8b44f7af, 12) ++ STEP(F, c, d, a, b, SET(10), 0xffff5bb1, 17) ++ STEP(F, b, c, d, a, SET(11), 0x895cd7be, 22) ++ STEP(F, a, b, c, d, SET(12), 0x6b901122, 7) ++ STEP(F, d, a, b, c, SET(13), 0xfd987193, 12) ++ STEP(F, c, d, a, b, SET(14), 0xa679438e, 17) ++ STEP(F, b, c, d, a, SET(15), 0x49b40821, 22) ++ ++/* Round 2 */ ++ STEP(G, a, b, c, d, GET(1), 0xf61e2562, 5) ++ STEP(G, d, a, b, c, GET(6), 0xc040b340, 9) ++ STEP(G, c, d, a, b, GET(11), 0x265e5a51, 14) ++ STEP(G, b, c, d, a, GET(0), 0xe9b6c7aa, 20) ++ STEP(G, a, b, c, d, GET(5), 0xd62f105d, 5) ++ STEP(G, d, a, b, c, GET(10), 0x02441453, 9) ++ STEP(G, c, d, a, b, GET(15), 0xd8a1e681, 14) ++ STEP(G, b, c, d, a, GET(4), 0xe7d3fbc8, 20) ++ STEP(G, a, b, c, d, GET(9), 0x21e1cde6, 5) ++ STEP(G, d, a, b, c, GET(14), 0xc33707d6, 9) ++ STEP(G, c, d, a, b, GET(3), 0xf4d50d87, 14) ++ STEP(G, b, c, d, a, GET(8), 0x455a14ed, 20) ++ STEP(G, a, b, c, d, GET(13), 0xa9e3e905, 5) ++ STEP(G, d, a, b, c, GET(2), 0xfcefa3f8, 9) ++ STEP(G, c, d, a, b, GET(7), 0x676f02d9, 14) ++ STEP(G, b, c, d, a, GET(12), 0x8d2a4c8a, 20) ++ ++/* Round 3 */ ++ STEP(H, a, b, c, d, GET(5), 0xfffa3942, 4) ++ STEP(H, d, a, b, c, GET(8), 0x8771f681, 11) ++ STEP(H, c, d, a, b, GET(11), 0x6d9d6122, 16) ++ STEP(H, b, c, d, a, GET(14), 0xfde5380c, 23) ++ STEP(H, a, b, c, d, GET(1), 0xa4beea44, 4) ++ STEP(H, d, a, b, c, GET(4), 0x4bdecfa9, 11) ++ STEP(H, c, d, a, b, GET(7), 0xf6bb4b60, 16) ++ STEP(H, b, c, d, a, GET(10), 0xbebfbc70, 23) ++ STEP(H, a, b, c, d, GET(13), 0x289b7ec6, 4) ++ STEP(H, d, a, b, c, GET(0), 0xeaa127fa, 11) ++ STEP(H, c, d, a, b, GET(3), 0xd4ef3085, 16) ++ STEP(H, b, c, d, a, GET(6), 0x04881d05, 23) ++ STEP(H, a, b, c, d, GET(9), 0xd9d4d039, 4) ++ STEP(H, d, a, b, c, GET(12), 0xe6db99e5, 11) ++ STEP(H, c, d, a, b, GET(15), 0x1fa27cf8, 16) ++ STEP(H, b, c, d, a, GET(2), 0xc4ac5665, 23) ++ ++/* Round 4 */ ++ STEP(I, a, b, c, d, GET(0), 0xf4292244, 6) ++ STEP(I, d, a, b, c, GET(7), 0x432aff97, 10) ++ STEP(I, c, d, a, b, GET(14), 0xab9423a7, 15) ++ STEP(I, b, c, d, a, GET(5), 0xfc93a039, 21) ++ STEP(I, a, b, c, d, GET(12), 0x655b59c3, 6) ++ STEP(I, d, a, b, c, GET(3), 0x8f0ccc92, 10) ++ STEP(I, c, d, a, b, GET(10), 0xffeff47d, 15) ++ STEP(I, b, c, d, a, GET(1), 0x85845dd1, 21) ++ STEP(I, a, b, c, d, GET(8), 0x6fa87e4f, 6) ++ STEP(I, d, a, b, c, GET(15), 0xfe2ce6e0, 10) ++ STEP(I, c, d, a, b, GET(6), 0xa3014314, 15) ++ STEP(I, b, c, d, a, GET(13), 0x4e0811a1, 21) ++ STEP(I, a, b, c, d, GET(4), 0xf7537e82, 6) ++ STEP(I, d, a, b, c, GET(11), 0xbd3af235, 10) ++ STEP(I, c, d, a, b, GET(2), 0x2ad7d2bb, 15) ++ STEP(I, b, c, d, a, GET(9), 0xeb86d391, 21) ++ ++ a += saved_a; ++ b += saved_b; ++ c += saved_c; ++ d += saved_d; ++ ++ ptr += 64; ++ } while (size -= 64); ++ ++ context->state[0] = a; ++ context->state[1] = b; ++ context->state[2] = c; ++ context->state[3] = d; ++ ++ return ptr; ++} ++ ++#if APR_CHARSET_EBCDIC ++APU_DECLARE(apr_status_t) apr_MD5InitEBCDIC(apr_xlate_t *xlate) ++{ ++ xlate_ebcdic_to_ascii = xlate; ++ return APR_SUCCESS; ++} ++#endif ++ ++/* ++ * Define the Magic String prefix that identifies a password as being ++ * hashed using our algorithm. ++ */ ++static const char *apr1_id = "$apr1$"; ++ ++/* ++ * The following MD5 password encryption code was largely borrowed from ++ * the FreeBSD 3.0 /usr/src/lib/libcrypt/crypt.c file, which is ++ * licenced as stated at the top of this file. ++ */ ++ ++static void to64(char *s, unsigned long v, int n) ++{ ++ static unsigned char itoa64[] = /* 0 ... 63 => ASCII - 64 */ ++ "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; ++ ++ while (--n >= 0) { ++ *s++ = itoa64[v&0x3f]; ++ v >>= 6; ++ } ++} ++ ++APU_DECLARE(apr_status_t) apr_md5_encode(const char *pw, const char *salt, ++ char *result, apr_size_t nbytes) ++{ ++ /* ++ * Minimum size is 8 bytes for salt, plus 1 for the trailing NUL, ++ * plus 4 for the '$' separators, plus the password hash itself. ++ * Let's leave a goodly amount of leeway. ++ */ ++ ++ char passwd[120], *p; ++ const char *sp, *ep; ++ unsigned char final[APR_MD5_DIGESTSIZE]; ++ apr_ssize_t sl, pl, i; ++ apr_md5_ctx_t ctx, ctx1; ++ unsigned long l; ++ ++ /* ++ * Refine the salt first. It's possible we were given an already-hashed ++ * string as the salt argument, so extract the actual salt value from it ++ * if so. Otherwise just use the string up to the first '$' as the salt. ++ */ ++ sp = salt; ++ ++ /* ++ * If it starts with the magic string, then skip that. ++ */ ++ if (!strncmp(sp, apr1_id, strlen(apr1_id))) { ++ sp += strlen(apr1_id); ++ } ++ ++ /* ++ * It stops at the first '$' or 8 chars, whichever comes first ++ */ ++ for (ep = sp; (*ep != '\0') && (*ep != '$') && (ep < (sp + 8)); ep++) { ++ continue; ++ } ++ ++ /* ++ * Get the length of the true salt ++ */ ++ sl = ep - sp; ++ ++ /* ++ * 'Time to make the doughnuts..' ++ */ ++ apr_md5_init(&ctx); ++#if APR_CHARSET_EBCDIC ++ apr_md5_set_xlate(&ctx, xlate_ebcdic_to_ascii); ++#endif ++ ++ /* ++ * The password first, since that is what is most unknown ++ */ ++ apr_md5_update(&ctx, pw, strlen(pw)); ++ ++ /* ++ * Then our magic string ++ */ ++ apr_md5_update(&ctx, apr1_id, strlen(apr1_id)); ++ ++ /* ++ * Then the raw salt ++ */ ++ apr_md5_update(&ctx, sp, sl); ++ ++ /* ++ * Then just as many characters of the MD5(pw, salt, pw) ++ */ ++ apr_md5_init(&ctx1); ++ apr_md5_update(&ctx1, pw, strlen(pw)); ++ apr_md5_update(&ctx1, sp, sl); ++ apr_md5_update(&ctx1, pw, strlen(pw)); ++ apr_md5_final(final, &ctx1); ++ for (pl = strlen(pw); pl > 0; pl -= APR_MD5_DIGESTSIZE) { ++ apr_md5_update(&ctx, final, ++ (pl > APR_MD5_DIGESTSIZE) ? APR_MD5_DIGESTSIZE : pl); ++ } ++ ++ /* ++ * Don't leave anything around in vm they could use. ++ */ ++ memset(final, 0, sizeof(final)); ++ ++ /* ++ * Then something really weird... ++ */ ++ for (i = strlen(pw); i != 0; i >>= 1) { ++ if (i & 1) { ++ apr_md5_update(&ctx, final, 1); ++ } ++ else { ++ apr_md5_update(&ctx, pw, 1); ++ } ++ } ++ ++ /* ++ * Now make the output string. We know our limitations, so we ++ * can use the string routines without bounds checking. ++ */ ++ strcpy(passwd, apr1_id); ++ strncat(passwd, sp, sl); ++ strcat(passwd, "$"); ++ ++ apr_md5_final(final, &ctx); ++ ++ /* ++ * And now, just to make sure things don't run too fast.. ++ * On a 60 Mhz Pentium this takes 34 msec, so you would ++ * need 30 seconds to build a 1000 entry dictionary... ++ */ ++ for (i = 0; i < 1000; i++) { ++ apr_md5_init(&ctx1); ++ if (i & 1) { ++ apr_md5_update(&ctx1, pw, strlen(pw)); ++ } ++ else { ++ apr_md5_update(&ctx1, final, APR_MD5_DIGESTSIZE); ++ } ++ if (i % 3) { ++ apr_md5_update(&ctx1, sp, sl); ++ } ++ ++ if (i % 7) { ++ apr_md5_update(&ctx1, pw, strlen(pw)); ++ } ++ ++ if (i & 1) { ++ apr_md5_update(&ctx1, final, APR_MD5_DIGESTSIZE); ++ } ++ else { ++ apr_md5_update(&ctx1, pw, strlen(pw)); ++ } ++ apr_md5_final(final,&ctx1); ++ } ++ ++ p = passwd + strlen(passwd); ++ ++ l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; to64(p, l, 4); p += 4; ++ l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; to64(p, l, 4); p += 4; ++ l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; to64(p, l, 4); p += 4; ++ l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; to64(p, l, 4); p += 4; ++ l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; to64(p, l, 4); p += 4; ++ l = final[11] ; to64(p, l, 2); p += 2; ++ *p = '\0'; ++ ++ /* ++ * Don't leave anything around in vm they could use. ++ */ ++ memset(final, 0, sizeof(final)); ++ ++ apr_cpystrn(result, passwd, nbytes - 1); ++ return APR_SUCCESS; ++} ++ ++#if !defined(WIN32) && !defined(BEOS) && !defined(NETWARE) ++#if defined(APU_CRYPT_THREADSAFE) || !APR_HAS_THREADS || \ ++ defined(CRYPT_R_CRYPTD) || defined(CRYPT_R_STRUCT_CRYPT_DATA) ++ ++#define crypt_mutex_lock() ++#define crypt_mutex_unlock() ++ ++#elif APR_HAVE_PTHREAD_H && defined(PTHREAD_MUTEX_INITIALIZER) ++ ++static pthread_mutex_t crypt_mutex = PTHREAD_MUTEX_INITIALIZER; ++static void crypt_mutex_lock(void) ++{ ++ pthread_mutex_lock(&crypt_mutex); ++} ++ ++static void crypt_mutex_unlock(void) ++{ ++ pthread_mutex_unlock(&crypt_mutex); ++} ++ ++#else ++ ++#error apr_password_validate() is not threadsafe. rebuild APR without thread support. ++ ++#endif ++#endif ++ ++/* ++ * Validate a plaintext password against a smashed one. Uses either ++ * crypt() (if available) or apr_md5_encode() or apr_sha1_base64(), depending ++ * upon the format of the smashed input password. Returns APR_SUCCESS if ++ * they match, or APR_EMISMATCH if they don't. If the platform doesn't ++ * support crypt, then the default check is against a clear text string. ++ */ ++APU_DECLARE(apr_status_t) apr_password_validate(const char *passwd, ++ const char *hash) ++{ ++ char sample[120]; ++#if !defined(WIN32) && !defined(BEOS) && !defined(NETWARE) ++ char *crypt_pw; ++#endif ++ if (!strncmp(hash, apr1_id, strlen(apr1_id))) { ++ /* ++ * The hash was created using our custom algorithm. ++ */ ++ apr_md5_encode(passwd, hash, sample, sizeof(sample)); ++ } ++ else if (!strncmp(hash, APR_SHA1PW_ID, APR_SHA1PW_IDLEN)) { ++ apr_sha1_base64(passwd, strlen(passwd), sample); ++ } ++ else { ++ /* ++ * It's not our algorithm, so feed it to crypt() if possible. ++ */ ++#if defined(WIN32) || defined(BEOS) || defined(NETWARE) ++ apr_cpystrn(sample, passwd, sizeof(sample) - 1); ++#elif defined(CRYPT_R_CRYPTD) ++ CRYPTD buffer; ++ ++ crypt_pw = crypt_r(passwd, hash, &buffer); ++ apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1); ++#elif defined(CRYPT_R_STRUCT_CRYPT_DATA) ++ struct crypt_data buffer; ++ ++ /* having to clear this seems bogus... GNU doc is ++ * confusing... user report found from google says ++ * the crypt_data struct had to be cleared to get ++ * the same result as plain crypt() ++ */ ++ memset(&buffer, 0, sizeof(buffer)); ++ crypt_pw = crypt_r(passwd, hash, &buffer); ++ apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1); ++#else ++ /* Do a bit of sanity checking since we know that crypt_r() ++ * should always be used for threaded builds on AIX, and ++ * problems in configure logic can result in the wrong ++ * choice being made. ++ */ ++#if defined(_AIX) && APR_HAS_THREADS ++#error Configuration error! crypt_r() should have been selected! ++#endif ++ ++ /* Handle thread safety issues by holding a mutex around the ++ * call to crypt(). ++ */ ++ crypt_mutex_lock(); ++ crypt_pw = crypt(passwd, hash); ++ apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1); ++ crypt_mutex_unlock(); ++#endif ++ } ++ return (strcmp(sample, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH; ++} +diff -urNad apr-util-1.2.7~/include/apr_md4.h apr-util-1.2.7/include/apr_md4.h +--- apr-util-1.2.7~/include/apr_md4.h 1970-01-01 01:00:00.000000000 +0100 ++++ apr-util-1.2.7/include/apr_md4.h 2006-08-18 14:22:04.000000000 +0200 +@@ -0,0 +1,135 @@ ++/* Copyright 2001-2005 The Apache Software Foundation or its licensors, as ++ * applicable. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++/* This is derived from material copyright RSA Data Security, Inc. ++ * Their notice is reproduced below in its entirety. ++ * ++ * Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All ++ * rights reserved. ++ * ++ * License to copy and use this software is granted provided that it ++ * is identified as the "RSA Data Security, Inc. MD4 Message-Digest ++ * Algorithm" in all material mentioning or referencing this software ++ * or this function. ++ * ++ * License is also granted to make and use derivative works provided ++ * that such works are identified as "derived from the RSA Data ++ * Security, Inc. MD4 Message-Digest Algorithm" in all material ++ * mentioning or referencing the derived work. ++ * ++ * RSA Data Security, Inc. makes no representations concerning either ++ * the merchantability of this software or the suitability of this ++ * software for any particular purpose. It is provided "as is" ++ * without express or implied warranty of any kind. ++ * ++ * These notices must be retained in any copies of any part of this ++ * documentation and/or software. ++ */ ++ ++#ifndef APR_MD4_H ++#define APR_MD4_H ++ ++#include "apu.h" ++#include "apr_xlate.h" ++/** ++ * @file apr_md4.h ++ * @brief APR-UTIL MD4 Library ++ */ ++#ifdef __cplusplus ++extern "C" { ++#endif ++ ++/** ++ * @defgroup APR_Util_MD4 MD4 Library ++ * @ingroup APR_Util ++ * @{ ++ */ ++ ++/** The digestsize for MD4 */ ++#define APR_MD4_DIGESTSIZE 16 ++ ++/** @see apr_md4_ctx_t */ ++typedef struct apr_md4_ctx_t apr_md4_ctx_t; ++ ++/** MD4 context. */ ++struct apr_md4_ctx_t { ++ /** state (ABCD) */ ++ apr_uint32_t state[4]; ++ /** number of bits, modulo 2^64 (lsb first) */ ++ apr_uint32_t count[2]; ++ /** input buffer */ ++ unsigned char buffer[64]; ++#if APR_HAS_XLATE ++ /** translation handle */ ++ apr_xlate_t *xlate; ++#endif ++}; ++ ++/** ++ * MD4 Initialize. Begins an MD4 operation, writing a new context. ++ * @param context The MD4 context to initialize. ++ */ ++APU_DECLARE(apr_status_t) apr_md4_init(apr_md4_ctx_t *context); ++ ++#if APR_HAS_XLATE ++/** ++ * MDr4 translation setup. Provides the APR translation handle to be used ++ * for translating the content before calculating the digest. ++ * @param context The MD4 content to set the translation for. ++ * @param xlate The translation handle to use for this MD4 context ++ */ ++APU_DECLARE(apr_status_t) apr_md4_set_xlate(apr_md4_ctx_t *context, ++ apr_xlate_t *xlate); ++#else ++#define apr_md4_set_xlate(context, xlate) APR_ENOTIMPL ++#endif ++ ++/** ++ * MD4 block update operation. Continue an MD4 message-digest operation, ++ * processing another message block, and updating the context. ++ * @param context The MD4 content to update. ++ * @param input next message block to update ++ * @param inputLen The length of the next message block ++ */ ++APU_DECLARE(apr_status_t) apr_md4_update(apr_md4_ctx_t *context, ++ const unsigned char *input, ++ apr_size_t inputLen); ++ ++/** ++ * MD4 finalization. Ends an MD4 message-digest operation, writing the ++ * message digest and zeroing the context ++ * @param digest The final MD4 digest ++ * @param context The MD4 content we are finalizing. ++ */ ++APU_DECLARE(apr_status_t) apr_md4_final( ++ unsigned char digest[APR_MD4_DIGESTSIZE], ++ apr_md4_ctx_t *context); ++ ++/** ++ * MD4 digest computation ++ * @param digest The MD4 digest ++ * @param input message block to use ++ * @param inputLen The length of the message block ++ */ ++APU_DECLARE(apr_status_t) apr_md4(unsigned char digest[APR_MD4_DIGESTSIZE], ++ const unsigned char *input, ++ apr_size_t inputLen); ++ ++/** @} */ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* !APR_MD4_H */ +diff -urNad apr-util-1.2.7~/include/apr_md5.h apr-util-1.2.7/include/apr_md5.h +--- apr-util-1.2.7~/include/apr_md5.h 1970-01-01 01:00:00.000000000 +0100 ++++ apr-util-1.2.7/include/apr_md5.h 2006-08-18 14:22:04.000000000 +0200 +@@ -0,0 +1,144 @@ ++/* ++ * Adopted for apr-util by Tollef Fog Heen ++ */ ++ ++/* ++ * This is an OpenSSL-compatible implementation of the RSA Data Security, ++ * Inc. MD5 Message-Digest Algorithm. ++ * ++ * Written by Solar Designer in 2001, and placed in ++ * the public domain. See md5.c for more information. ++ */ ++ ++/* Copyright 2000-2005 The Apache Software Foundation or its licensors, as ++ * applicable. ++ * ++ * Licensed under the Apache License, Version 2.0 (the "License"); ++ * you may not use this file except in compliance with the License. ++ * You may obtain a copy of the License at ++ * ++ * http://www.apache.org/licenses/LICENSE-2.0 ++ * ++ * Unless required by applicable law or agreed to in writing, software ++ * distributed under the License is distributed on an "AS IS" BASIS, ++ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ++ * See the License for the specific language governing permissions and ++ * limitations under the License. ++ */ ++ ++#ifndef APR_MD5_H ++#define APR_MD5_H ++ ++#include "apu.h" ++#include "apr_xlate.h" ++ ++#ifdef __cplusplus ++extern "C" { ++#endif ++/** ++ * @file apr_md5.h ++ * @brief APR MD5 Routines ++ */ ++ ++/** ++ * @defgroup APR_MD5 MD5 Routines ++ * @ingroup APR ++ * @{ ++ */ ++ ++/** The MD5 digest size */ ++#define APR_MD5_DIGESTSIZE 16 ++ ++/** @see apr_md5_ctx_t */ ++typedef struct apr_md5_ctx_t apr_md5_ctx_t; ++ ++/** MD5 context. */ ++struct apr_md5_ctx_t { ++ /** state (ABCD) */ ++ apr_uint32_t state[4]; ++ /** number of bits, modulo 2^64 (lsb first) */ ++ apr_uint32_t count[2]; ++ /** input buffer */ ++ unsigned char buffer[64]; ++ /** translation handle ++ * ignored if xlate is unsupported ++ */ ++ apr_xlate_t *xlate; ++}; ++ ++/** ++ * MD5 Initialize. Begins an MD5 operation, writing a new context. ++ * @param context The MD5 context to initialize. ++ */ ++APU_DECLARE(apr_status_t) apr_md5_init(apr_md5_ctx_t *context); ++ ++/** ++ * MD5 translation setup. Provides the APR translation handle to be used ++ * for translating the content before calculating the digest. ++ * @param context The MD5 content to set the translation for. ++ * @param xlate The translation handle to use for this MD5 context ++ */ ++APU_DECLARE(apr_status_t) apr_md5_set_xlate(apr_md5_ctx_t *context, ++ apr_xlate_t *xlate); ++ ++/** ++ * MD5 block update operation. Continue an MD5 message-digest operation, ++ * processing another message block, and updating the context. ++ * @param context The MD5 content to update. ++ * @param input next message block to update ++ * @param inputLen The length of the next message block ++ */ ++APU_DECLARE(apr_status_t) apr_md5_update(apr_md5_ctx_t *context, ++ const void *input, ++ apr_size_t inputLen); ++ ++/** ++ * MD5 finalization. Ends an MD5 message-digest operation, writing the ++ * message digest and zeroing the context ++ * @param digest The final MD5 digest ++ * @param context The MD5 content we are finalizing. ++ */ ++APU_DECLARE(apr_status_t) apr_md5_final(unsigned char digest[APR_MD5_DIGESTSIZE], ++ apr_md5_ctx_t *context); ++ ++/** ++ * MD5 in one step ++ * @param digest The final MD5 digest ++ * @param input The message block to use ++ * @param inputLen The length of the message block ++ */ ++APU_DECLARE(apr_status_t) apr_md5(unsigned char digest[APR_MD5_DIGESTSIZE], ++ const void *input, ++ apr_size_t inputLen); ++ ++/** ++ * Encode a password using an MD5 algorithm ++ * @param password The password to encode ++ * @param salt The salt to use for the encoding ++ * @param result The string to store the encoded password in ++ * @param nbytes The size of the result buffer ++ */ ++APU_DECLARE(apr_status_t) apr_md5_encode(const char *password, const char *salt, ++ char *result, apr_size_t nbytes); ++ ++ ++/** ++ * Validate hashes created by APR-supported algorithms: md5 and sha1. ++ * hashes created by crypt are supported only on platforms that provide ++ * crypt(3), so don't rely on that function unless you know that your ++ * application will be run only on platforms that support it. On platforms ++ * that don't support crypt(3), this falls back to a clear text string ++ * comparison. ++ * @param passwd The password to validate ++ * @param hash The password to validate against ++ */ ++APU_DECLARE(apr_status_t) apr_password_validate(const char *passwd, ++ const char *hash); ++ ++ ++/** @} */ ++#ifdef __cplusplus ++} ++#endif ++ ++#endif /* !APR_MD5_H */ --- apr-util-1.2.12+dfsg.orig/debian/patches/00list +++ apr-util-1.2.12+dfsg/debian/patches/00list @@ -0,0 +1,9 @@ +001_dbm_read_hash_or_btree +002_configure_in_remove_syspaths +003_buildconf_config.guess_sub_location +004_debian_layout_fix +013_ship_find_apu.m4 +014_apu_config_dont_list_indep_libs +015_apr_brigade_partition_int_overflow.dpatch +016_omit_mysql_from_APRUTIL_LDFLAGS.dpatch +099_alternate_md4_md5_impl --- apr-util-1.2.12+dfsg.orig/debian/patches/015_apr_brigade_partition_int_overflow.dpatch +++ apr-util-1.2.12+dfsg/debian/patches/015_apr_brigade_partition_int_overflow.dpatch @@ -0,0 +1,91 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## by rpluem@apache.org +## +## DP: Use a 64 bit unsigned int for all calculations of point to avoid overflows +## DP: on systems where apr_off_t > apr_size_t (e.g. 32 bit with LFS) +## DP: while still doing the correct thing on other systems where +## DP: apr_off_t = apr_size_t. + +@DPATCH@ +--- x/buckets/apr_brigade.c 2008/02/27 11:18:03 631558 ++++ x/buckets/apr_brigade.c 2008/02/27 11:31:42 631559 +@@ -103,6 +103,7 @@ + apr_bucket *e; + const char *s; + apr_size_t len; ++ apr_uint64_t point64; + apr_status_t rv; + + if (point < 0) { +@@ -114,17 +115,25 @@ + return APR_SUCCESS; + } + ++ /* ++ * Try to reduce the following casting mess: We know that point will be ++ * larger equal 0 now and forever and thus that point (apr_off_t) and ++ * apr_size_t will fit into apr_uint64_t in any case. ++ */ ++ point64 = (apr_uint64_t)point; ++ + APR_BRIGADE_CHECK_CONSISTENCY(b); + + for (e = APR_BRIGADE_FIRST(b); + e != APR_BRIGADE_SENTINEL(b); + e = APR_BUCKET_NEXT(e)) + { +- /* For an unknown length bucket, while 'point' is beyond the possible ++ /* For an unknown length bucket, while 'point64' is beyond the possible + * size contained in apr_size_t, read and continue... + */ +- if ((e->length == (apr_size_t)(-1)) && (point > MAX_APR_SIZE_T)) { +- /* point is too far out to simply split this bucket, ++ if ((e->length == (apr_size_t)(-1)) ++ && (point64 > (apr_uint64_t)MAX_APR_SIZE_T)) { ++ /* point64 is too far out to simply split this bucket, + * we must fix this bucket's size and keep going... */ + rv = apr_bucket_read(e, &s, &len, APR_BLOCK_READ); + if (rv != APR_SUCCESS) { +@@ -132,14 +141,15 @@ + return rv; + } + } +- else if (((apr_size_t)point < e->length) || (e->length == (apr_size_t)(-1))) { +- /* We already consumed buckets where point is beyond +- * our interest ( point > MAX_APR_SIZE_T ), above. +- * Here point falls between 0 and MAX_APR_SIZE_T ++ else if ((point64 < (apr_uint64_t)e->length) ++ || (e->length == (apr_size_t)(-1))) { ++ /* We already consumed buckets where point64 is beyond ++ * our interest ( point64 > MAX_APR_SIZE_T ), above. ++ * Here point falls between 0 and MAX_APR_SIZE_T + * and is within this bucket, or this bucket's len + * is undefined, so now we are ready to split it. + * First try to split the bucket natively... */ +- if ((rv = apr_bucket_split(e, (apr_size_t)point)) ++ if ((rv = apr_bucket_split(e, (apr_size_t)point64)) + != APR_ENOTIMPL) { + *after_point = APR_BUCKET_NEXT(e); + return rv; +@@ -156,17 +166,17 @@ + /* this assumes that len == e->length, which is okay because e + * might have been morphed by the apr_bucket_read() above, but + * if it was, the length would have been adjusted appropriately */ +- if ((apr_size_t)point < e->length) { +- rv = apr_bucket_split(e, (apr_size_t)point); ++ if (point64 < (apr_uint64_t)e->length) { ++ rv = apr_bucket_split(e, (apr_size_t)point64); + *after_point = APR_BUCKET_NEXT(e); + return rv; + } + } +- if (point == e->length) { ++ if (point64 == (apr_uint64_t)e->length) { + *after_point = APR_BUCKET_NEXT(e); + return APR_SUCCESS; + } +- point -= e->length; ++ point64 -= (apr_uint64_t)e->length; + } + *after_point = APR_BRIGADE_SENTINEL(b); + return APR_INCOMPLETE; --- apr-util-1.2.12+dfsg.orig/debian/patches/013_ship_find_apu.m4.dpatch +++ apr-util-1.2.12+dfsg/debian/patches/013_ship_find_apu.m4.dpatch @@ -0,0 +1,24 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 013_ship_find_apu.m4.dpatch by +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad apr-util1.0-1.2.2~/Makefile.in apr-util1.0-1.2.2/Makefile.in +--- apr-util1.0-1.2.2~/Makefile.in 2005-05-24 14:09:35.000000000 +0200 ++++ apr-util1.0-1.2.2/Makefile.in 2006-01-27 17:18:08.000000000 +0100 +@@ -67,6 +67,13 @@ + $(INSTALL_DATA) aprutil.exp $(DESTDIR)$(libdir) + $(INSTALL) -m 755 apu-config.out $(DESTDIR)$(bindir)/$(APU_CONFIG) + ++ if [ ! -d $(DESTDIR)$(installbuilddir) ]; then \ ++ @APR_SOURCE_DIR@/build/mkdir.sh $(DESTDIR)$(installbuilddir); \ ++ fi ++ $(LIBTOOL) --mode=install cp $(top_srcdir)/build/find_apu.m4 \ ++ $(DESTDIR)$(installbuilddir)/find_apu.m4 ++ ++ + $(TARGET_LIB): $(OBJECTS) + $(LINK) @lib_target@ $(ALL_LIBS) $(APRUTIL_LDFLAGS) $(APRUTIL_LIBS) +