Version in base suite: 1.2.7+dfsg-2 Version in overlay suite: 1.2.7+dfsg-2+etch2 Base version: apr-util_1.2.7+dfsg-2 Target version: apr-util_1.2.7+dfsg-2+etch3 Base file: /org/ftp.debian.org/ftp/pool/main/a/apr-util/apr-util_1.2.7+dfsg-2.dsc Target file: /org/ftp.debian.org/queue/o-p-u-new/apr-util_1.2.7+dfsg-2+etch3.dsc apr-util-1.2.7+dfsg/debian/changelog | 15 apr-util-1.2.7+dfsg/debian/patches/00list | 1 debian/.svn/README.txt | 2 debian/.svn/entries | 108 debian/.svn/format | 1 debian/.svn/prop-base/rules.svn-base | 5 debian/.svn/props/rules.svn-work | 5 debian/.svn/text-base/changelog.svn-base | 89 debian/.svn/text-base/compat.svn-base | 1 debian/.svn/text-base/control.svn-base | 49 debian/.svn/text-base/copyright.svn-base | 334 -- debian/.svn/text-base/libaprutil1-dev.dirs.svn-base | 4 debian/.svn/text-base/libaprutil1-dev.install.svn-base | 5 debian/.svn/text-base/libaprutil1-dev.links.svn-base | 1 debian/.svn/text-base/libaprutil1.dirs.svn-base | 2 debian/.svn/text-base/libaprutil1.install.svn-base | 2 debian/.svn/text-base/rules.svn-base | 102 debian/patches/.svn/README.txt | 2 debian/patches/.svn/entries | 86 debian/patches/.svn/format | 1 debian/patches/.svn/prop-base/001_dbm_read_hash_or_btree.svn-base | 5 debian/patches/.svn/prop-base/002_configure_in_remove_syspaths.dpatch.svn-base | 5 debian/patches/.svn/prop-base/003_buildconf_config.guess_sub_location.dpatch.svn-base | 5 debian/patches/.svn/prop-base/004_debian_layout_fix.dpatch.svn-base | 5 debian/patches/.svn/prop-base/013_ship_find_apu.m4.dpatch.svn-base | 5 debian/patches/.svn/prop-base/014_apu_config_dont_list_indep_libs.dpatch.svn-base | 5 debian/patches/.svn/prop-base/099_alternate_md4_md5_impl.dpatch.svn-base | 5 debian/patches/.svn/props/001_dbm_read_hash_or_btree.svn-work | 5 debian/patches/.svn/props/002_configure_in_remove_syspaths.dpatch.svn-work | 5 debian/patches/.svn/props/003_buildconf_config.guess_sub_location.dpatch.svn-work | 5 debian/patches/.svn/props/004_debian_layout_fix.dpatch.svn-work | 5 debian/patches/.svn/props/013_ship_find_apu.m4.dpatch.svn-work | 5 debian/patches/.svn/props/014_apu_config_dont_list_indep_libs.dpatch.svn-work | 5 debian/patches/.svn/props/099_alternate_md4_md5_impl.dpatch.svn-work | 5 debian/patches/.svn/text-base/001_dbm_read_hash_or_btree.svn-base | 31 debian/patches/.svn/text-base/002_configure_in_remove_syspaths.dpatch.svn-base | 21 debian/patches/.svn/text-base/003_buildconf_config.guess_sub_location.dpatch.svn-base | 21 debian/patches/.svn/text-base/004_debian_layout_fix.dpatch.svn-base | 19 debian/patches/.svn/text-base/00list.svn-base | 7 debian/patches/.svn/text-base/013_ship_find_apu.m4.dpatch.svn-base | 24 debian/patches/.svn/text-base/014_apu_config_dont_list_indep_libs.dpatch.svn-base | 31 debian/patches/.svn/text-base/099_alternate_md4_md5_impl.dpatch.svn-base | 1377 ---------- debian/patches/017_CVE-2009-0023.dpatch | 31 debian/patches/018_expat_entity_expansion.dpatch | 54 debian/patches/020_CVE-2009-2412.dpatch | 96 45 files changed, 196 insertions(+), 2401 deletions(-) reverted: --- apr-util-1.2.7+dfsg/debian/.svn/text-base/control.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/.svn/text-base/control.svn-base @@ -1,49 +0,0 @@ -Source: apr-util -Section: libs -Priority: optional -Maintainer: Debian Apache Maintainers -Uploaders: Tollef Fog Heen , Thom May , Fabio M. Di Nitto , Daniel Stone , Adam Conrad -Build-Depends: debhelper (>> 5.0.0), autoconf, autotools-dev, mawk, libldap2-dev, libexpat1-dev, libdb4.4-dev, libpcre3-dev, dpatch (>= 1.11), binutils (>= 2.14.90.0.7), libapr1-dev (>= 1.2.7-3), libsqlite3-dev, libpq-dev, python -Standards-Version: 3.6.2.2 - -Package: libaprutil1 -Architecture: any -Depends: ${shlibs:Depends} -Conflicts: libaprutil1.0 -Description: The Apache Portable Runtime Utility Library - APR is Apache's Portable Runtime Library, designed to be a support library - that provides a predictable and consistent interface to underlying - platform-specific implementations. - . - APR Util is a utilities library implemented on top of apr, providing database - access, xml parsing, and other useful functionality. - -Package: libaprutil1-dev -Architecture: any -Section: libdevel -Depends: libaprutil1 (= ${Source-Version}), libldap2-dev, libexpat1-dev, libdb4.4-dev, libpcre3-dev, libapr1-dev (>= 1.2.2-1), libsqlite3-dev, libpq-dev -Conflicts: libaprutil1.0-dev -Description: The Apache Portable Runtime Utility Library - Development Headers - APR is Apache's Portable Runtime Library, designed to be a support library - that provides a predictable and consistent interface to underlying - platform-specific implementations. - . - APR Util is a utilities library implemented on top of apr, providing database - access, xml parsing, and other useful functionality. - . - This package contains development headers for APR util. - -Package: libaprutil1-dbg -Architecture: any -Section: libdevel -Depends: libaprutil1 (= ${Source-Version}) -Conflicts: libaprutil1.0-dev -Description: The Apache Portable Runtime Utility Library - Development Headers - APR is Apache's Portable Runtime Library, designed to be a support library - that provides a predictable and consistent interface to underlying - platform-specific implementations. - . - APR Util is a utilities library implemented on top of apr, providing database - access, xml parsing, and other useful functionality. - . - This package contains the debugging symbols for APR util. reverted: --- apr-util-1.2.7+dfsg/debian/.svn/text-base/compat.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/.svn/text-base/compat.svn-base @@ -1 +0,0 @@ -5 reverted: --- apr-util-1.2.7+dfsg/debian/.svn/text-base/libaprutil1-dev.links.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/.svn/text-base/libaprutil1-dev.links.svn-base @@ -1 +0,0 @@ -usr/bin/apu-1-config usr/bin/apu-config reverted: --- apr-util-1.2.7+dfsg/debian/.svn/text-base/libaprutil1-dev.dirs.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/.svn/text-base/libaprutil1-dev.dirs.svn-base @@ -1,4 +0,0 @@ -usr/include/apr-1.0 -usr/lib -usr/lib/pkgconfig -usr/bin reverted: --- apr-util-1.2.7+dfsg/debian/.svn/text-base/changelog.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/.svn/text-base/changelog.svn-base @@ -1,89 +0,0 @@ -apr-util (1.2.7+dfsg-2) unstable; urgency=low - - * Fix stupid code duplication in apr_md[45].c resulting from C&P. - Thanks to Peter Samuelson for notifying me. This makes md[45] work - correctly. - - -- Tollef Fog Heen Fri, 18 Aug 2006 19:50:31 +0200 - -apr-util (1.2.7+dfsg-1) unstable; urgency=low - - * Remove dependency on libgdbm1 from libaprutil1-dev. - * Build against libdb 4.4. Closes: #354510 - * Remove most libs from apu-config --link-ld --libs. Thanks to Peter - Samuelson, Closes: #378105 - * Use md4 and md5 implementation from Solar Designer as this is in the - public domain and not subject to RSA copyright. This requires a - repacked source, so add +dfsg to the version number. - - -- Tollef Fog Heen Fri, 14 Jul 2006 15:31:22 +0200 - -apr-util (1.2.7-2) unstable; urgency=low - - * Fix override disparity. - * Compile without gdbm. - * Get rid of all the evil libtool hacks and adjust build-depends - accordingly. - * Remove --includedir parameter and adjust config.layout instead. This - works around damage in newer autoconfs. - - -- Tollef Fog Heen Mon, 1 May 2006 17:05:28 +0200 - -apr-util (1.2.7-1) unstable; urgency=low - - * New upstream release - * Tighten build dependency on apr to a version which ships - get-version.sh - * Grab get-version.sh from APR build - * Pass --with-berkeley-db to configure so it actually picks up our - preferred BDB version. - - -- Tollef Fog Heen Fri, 28 Apr 2006 21:59:55 +0200 - -apr-util (1.2.2-4) unstable; urgency=low - - * Compile with -fPIC. Closes: #350677 - * Build with -i to avoid .svn directories in source. Closes: #357175 - - -- Tollef Fog Heen Fri, 27 Jan 2006 18:50:04 +0100 - -apr-util (1.2.2-3) unstable; urgency=low - - * Add proper depends to libaprutil1-dev - * Rename source package to match upstream. - * Rename to libaprutil1 instead of libaprutil1.0 - * Use libdb4.3, not 4.2 - * Conflict with old package names - * Add gdbm support - * Fix call to configure to avoid double linking to sqlite and sqlite3 - * Update to Standards Version: 3.6.2.2: no changes. - * Add apu-config compatibility symlink. - - -- Tollef Fog Heen Fri, 27 Jan 2006 18:50:04 +0100 - -apr-util1.0 (1.2.2-2) unstable; urgency=low - - * Upgrade to debhelper v5 - * Call dh_installdocs, so we actually get a copyright. - - -- Thom May Tue, 3 Jan 2006 13:05:02 +0000 - -apr-util1.0 (1.2.2-1) unstable; urgency=low - - * New upstream version - * Enable postgres and sqlite3 support - - -- Thom May Fri, 30 Dec 2005 10:40:03 +0000 - -apr-util1.0 (1.1.2-1) unstable; urgency=low - - * New upstream release - - -- Thom May Sun, 8 May 2005 17:12:22 +0100 - -apr-util1.0 (1.1.0-1) unstable; urgency=low - - * New Upstream Release - * First Package Release - - -- Thom May Wed, 17 Nov 2004 11:51:32 -0800 reverted: --- apr-util-1.2.7+dfsg/debian/.svn/text-base/copyright.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/.svn/text-base/copyright.svn-base @@ -1,334 +0,0 @@ -This package was debianized by Thom May on -Wed, 17 Nov 2004 11:27:14 -0800 - -It was downloaded from http://httpd.apache.org/download.cgi - -Upstream Authors: The Apache Software Foundation - http://apr.apache.org/ - -Copyright: - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - - - -APACHE PORTABLE RUNTIME SUBCOMPONENTS: - -The Apache Portable Runtime includes a number of subcomponents with -separate copyright notices and license terms. Your use of the source -code for the these subcomponents is subject to the terms and -conditions of the following licenses. - -From strings/apr_fnmatch.c, include/apr_fnmatch.h, misc/unix/getopt.c, -file_io/unix/mktemp.c, strings/apr_strings.c: - -/* - * Copyright (c) 1987, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - -From network_io/unix/inet_ntop.c, network_io/unix/inet_pton.c: - -/* Copyright (c) 1996 by Internet Software Consortium. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS - * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE - * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL - * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR - * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS - * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS - * SOFTWARE. - -From dso/aix/dso.c: - - * Based on libdl (dlfcn.c/dlfcn.h) which is - * Copyright (c) 1992,1993,1995,1996,1997,1988 - * Jens-Uwe Mager, Helios Software GmbH, Hannover, Germany. - * - * Not derived from licensed software. - * - * Permission is granted to freely use, copy, modify, and redistribute - * this software, provided that the author is not construed to be liable - * for any results of using the software, alterations are clearly marked - * as such, and this notice is not modified. - -From strings/apr_strnatcmp.c, include/apr_strings.h: - - strnatcmp.c -- Perform 'natural order' comparisons of strings in C. - Copyright (C) 2000 by Martin Pool - - This software is provided 'as-is', without any express or implied - warranty. In no event will the authors be held liable for any damages - arising from the use of this software. - - Permission is granted to anyone to use this software for any purpose, - including commercial applications, and to alter it and redistribute it - freely, subject to the following restrictions: - - 1. The origin of this software must not be misrepresented; you must not - claim that you wrote the original software. If you use this software - in a product, an acknowledgment in the product documentation would be - appreciated but is not required. - 2. Altered source versions must be plainly marked as such, and must not be - misrepresented as being the original software. - 3. This notice may not be removed or altered from any source distribution. - - -From test/CuTest.c, test/CuTest.h: - - * Copyright (c) 2002-2006 Asim Jalis - * - * This library is released under the zlib/libpng license as described at - * - * http://www.opensource.org/licenses/zlib-license.html - * - * Here is the statement of the license: - * - * This software is provided 'as-is', without any express or implied warranty. - * In no event will the authors be held liable for any damages arising from - * the use of this software. - * - * Permission is granted to anyone to use this software for any purpose, - * including commercial applications, and to alter it and redistribute it - * freely, subject to the following restrictions: - * - * 1. The origin of this software must not be misrepresented; you must not - * claim that you wrote the original software. If you use this software in a - * product, an acknowledgment in the product documentation would be - * appreciated but is not required. - * - * 2. Altered source versions must be plainly marked as such, and must not be - * misrepresented as being the original software. - * - * 3. This notice may not be removed or altered from any source distribution. reverted: --- apr-util-1.2.7+dfsg/debian/.svn/text-base/libaprutil1.dirs.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/.svn/text-base/libaprutil1.dirs.svn-base @@ -1,2 +0,0 @@ -usr/lib -usr/share/doc/libapr1.0 reverted: --- apr-util-1.2.7+dfsg/debian/.svn/text-base/libaprutil1-dev.install.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/.svn/text-base/libaprutil1-dev.install.svn-base @@ -1,5 +0,0 @@ -debian/tmp/usr/include/apr-1.0 -debian/tmp/usr/lib/libapr*a -debian/tmp/usr/lib/libaprutil-1.so -debian/tmp/usr/lib/pkgconfig -debian/tmp/usr/bin reverted: --- apr-util-1.2.7+dfsg/debian/.svn/text-base/rules.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/.svn/text-base/rules.svn-base @@ -1,102 +0,0 @@ -#!/usr/bin/make -f - -# Turn on VERBOSE output -#export DH_VERBOSE=1 -export DH_OPTIONS - -#enable dpatch -include /usr/share/dpatch/dpatch.make - -# These are used for cross-compiling and for saving the configure script -# # from having to guess our platform (since we know it already) -DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) -DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) - -CFLAGS := $(CFLAGS) -pipe -Wall -g -fPIC - -# Enable debug builds -ifneq (,$(findstring debug,$(DEB_BUILD_OPTIONS))) -CFLAGS += -O0 -else -CFLAGS += -O2 -endif - -ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) - INSTALL_PROGRAM += -s -endif - -ifeq (,$(findstring notest,$(DEB_BUILD_OPTIONS))) - TEST_TARGET = test -else - TEST_TARGET = -endif - -ifeq ($(DEB_BUILD_ARCH),i386) - CONFFLAGS=apr_lock_method=USE_PROC_PTHREAD_SERIALIZE -else - CONFFLAGS=ac_cv_func_pthread_mutexattr_setpshared=no ac_cv_func_sem_open=no -endif - -CONFFLAGS += ac_cv_prog_AWK=mawk - -SHELL=/bin/bash - -config.status: configure - dh_testdir - ./buildconf --with-apr=$(shell apr-1-config --srcdir) - CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" $(CONFFLAGS) ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) --enable-layout=Debian --with-apr=/usr/bin/apr-1-config --with-ldap=yes --with-dbm=db43 --with-sqlite3 --with-pgsql=/usr --without-gdbm --without-sqlite2 --with-berkeley-db - -build: patch-stamp build-stamp - -build-stamp: config.status - dh_testdir - - $(MAKE) - - touch $@ - -clean: unpatch - dh_testdir - dh_testroot - rm -f build-stamp test-stamp - -$(MAKE) distclean - - dh_clean - -test: test-stamp - -test-stamp: build - dh_testdir - $(MAKE) check - - touch $@ - -install: build $(TEST_TARGET) - dh_testdir - dh_testroot - dh_clean -k - dh_installdirs -a - - $(MAKE) install DESTDIR=$(CURDIR)/debian/tmp - -binary-indep: build install - -binary-arch: build install - dh_testdir - dh_testroot - dh_installchangelogs CHANGES - dh_installdocs - dh_install -a - dh_link - dh_strip --dbg-package=libaprutil1-dbg - dh_compress - dh_fixperms - dh_makeshlibs - dh_installdeb - dh_shlibdeps - dh_gencontrol - dh_md5sums - dh_builddeb - -binary: binary-indep binary-arch -.PHONY: build clean binary-indep binary-arch binary install reverted: --- apr-util-1.2.7+dfsg/debian/.svn/text-base/libaprutil1.install.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/.svn/text-base/libaprutil1.install.svn-base @@ -1,2 +0,0 @@ -debian/tmp/usr/lib/libaprutil-1.so.* usr/lib/ - reverted: --- apr-util-1.2.7+dfsg/debian/.svn/prop-base/rules.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/.svn/prop-base/rules.svn-base @@ -1,5 +0,0 @@ -K 14 -svn:executable -V 1 -* -END reverted: --- apr-util-1.2.7+dfsg/debian/.svn/props/rules.svn-work +++ apr-util-1.2.7+dfsg.orig/debian/.svn/props/rules.svn-work @@ -1,5 +0,0 @@ -K 14 -svn:executable -V 1 -* -END reverted: --- apr-util-1.2.7+dfsg/debian/.svn/entries +++ apr-util-1.2.7+dfsg.orig/debian/.svn/entries @@ -1,108 +0,0 @@ - - - - - - - - - - - - - - - reverted: --- apr-util-1.2.7+dfsg/debian/.svn/README.txt +++ apr-util-1.2.7+dfsg.orig/debian/.svn/README.txt @@ -1,2 +0,0 @@ -This is a Subversion working copy administrative directory. -Visit http://subversion.tigris.org/ for more information. reverted: --- apr-util-1.2.7+dfsg/debian/.svn/format +++ apr-util-1.2.7+dfsg.orig/debian/.svn/format @@ -1 +0,0 @@ -4 reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/text-base/001_dbm_read_hash_or_btree.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/text-base/001_dbm_read_hash_or_btree.svn-base @@ -1,31 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 001_dbm_read_hash_or_btree by Adam Conrad -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Be more liberal in the types of DBM files we accept. - -@DPATCH@ ---- apr-util/dbm/apr_dbm_berkeleydb.c 2004-02-13 02:52:42.000000000 -0700 -+++ apr-util/dbm/apr_dbm_berkeleydb.c 2004-09-28 00:21:37.000000000 -0600 -@@ -172,6 +172,21 @@ - apr_posix_perms2mode(perm))) != 0) { - /* close the DB handler */ - (void) (*file.bdb->close)(file.bdb, 0); -+ if (dberr == EINVAL) { -+ if ((dberr = db_create(&file.bdb, NULL, 0)) == 0) { -+ if ((dberr = (*file.bdb->open)(file.bdb, -+#if DB_VER == 4 -+ NULL, -+#endif -+ pathname, NULL, -+ DB_BTREE, dbmode, -+ apr_posix_perms2mode(perm))) != 0) { -+ -+ /* close the DB handler */ -+ (void) (*file.bdb->close)(file.bdb, 0); -+ } -+ } -+ } - } - } - file.curs = NULL; reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/text-base/003_buildconf_config.guess_sub_location.dpatch.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/text-base/003_buildconf_config.guess_sub_location.dpatch.svn-base @@ -1,21 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 003_buildconf_config.guess_sub_location.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: No description. - -@DPATCH@ -diff -urNad apr-util-1.2.7~/buildconf apr-util-1.2.7/buildconf ---- apr-util-1.2.7~/buildconf 2006-04-28 22:53:11.000000000 +0200 -+++ apr-util-1.2.7/buildconf 2006-04-28 22:55:02.000000000 +0200 -@@ -56,8 +56,8 @@ - rm -f build/apr_common.m4 build/find_apr.m4 build/install.sh \ - build/config.guess build/config.sub build/get-version.sh - cp -p $apr_src_dir/build/apr_common.m4 $apr_src_dir/build/find_apr.m4 \ -- $apr_src_dir/build/install.sh $apr_src_dir/build/config.guess \ -- $apr_src_dir/build/config.sub $apr_src_dir/build/get-version.sh \ -+ $apr_src_dir/build/install.sh /usr/share/misc/config.guess \ -+ /usr/share/misc/config.sub $apr_src_dir/build/get-version.sh \ - build/ - - # Remove aclocal.m4 as it'll break some builds... reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/text-base/002_configure_in_remove_syspaths.dpatch.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/text-base/002_configure_in_remove_syspaths.dpatch.svn-base @@ -1,21 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 002_configure_in_remove_syspaths.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: No description. - -@DPATCH@ - -diff -urNad apr-util1.0-1.2.2~/configure.in apr-util1.0-1.2.2/configure.in ---- apr-util1.0-1.2.2~/configure.in 2005-05-05 21:24:29.000000000 +0200 -+++ apr-util1.0-1.2.2/configure.in 2006-01-27 13:32:04.000000000 +0100 -@@ -153,6 +153,9 @@ - dnl - APR_ADDTO(APRUTIL_LIBS, [$APR_LIBS]) - -+APR_REMOVEFROM(APRUTIL_LDFLAGS, [-L/usr/lib]) -+APR_REMOVEFROM(APRUTIL_INCLUDE, [-I/usr/include]) -+ - AC_SUBST(APRUTIL_EXPORT_LIBS) - AC_SUBST(APRUTIL_PRIV_INCLUDES) - AC_SUBST(APRUTIL_INCLUDES) reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/text-base/014_apu_config_dont_list_indep_libs.dpatch.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/text-base/014_apu_config_dont_list_indep_libs.dpatch.svn-base @@ -1,31 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## apu-config.dpatch by -## -## DP: Prevent recursive linking of dependent libraries by apr-util users. - -@DPATCH@ -Index: apr-util.pc.in ---- a/apr-util.pc.in -+++ b/apr-util.pc.in -@@ -8,6 +8,7 @@ - Description: Companion library for APR - Version: @APRUTIL_DOTTED_VERSION@ - # assume that apr-util requires libapr of same major version --Requires: apr-@APRUTIL_MAJOR_VERSION@ --Libs: -L${libdir} -l@APRUTIL_LIBNAME@ @APRUTIL_EXPORT_LIBS@ -+Requires.private: apr-@APRUTIL_MAJOR_VERSION@ -+Libs: -L${libdir} -l@APRUTIL_LIBNAME@ -+Libs.private: @APRUTIL_EXPORT_LIBS@ - Cflags: -I${includedir} -Index: apu-config.in ---- a/apu-config.in -+++ b/apu-config.in -@@ -27,7 +27,7 @@ - libdir="@libdir@" - includedir="@includedir@" - --LIBS="@APRUTIL_EXPORT_LIBS@" -+LIBS= - INCLUDES="@APRUTIL_INCLUDES@" - LDFLAGS="@APRUTIL_LDFLAGS@" - reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/text-base/004_debian_layout_fix.dpatch.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/text-base/004_debian_layout_fix.dpatch.svn-base @@ -1,19 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 004_debian_layout_fix.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Fix the includedir in the Debian layout. - -@DPATCH@ -diff -urNad apr-util-1.2.7~/config.layout apr-util-1.2.7/config.layout ---- apr-util-1.2.7~/config.layout 2005-02-09 13:18:43.000000000 +0100 -+++ apr-util-1.2.7/config.layout 2006-06-15 14:18:42.000000000 +0200 -@@ -223,7 +223,7 @@ - libexecdir: ${exec_prefix}/lib/apr/modules - mandir: ${exec_prefix}/share/man - datadir: ${exec_prefix}/share/apr -- includedir: ${exec_prefix}/include/apr-${APRUTIL_MAJOR_VERSION} -+ includedir: ${exec_prefix}/include/apr-1.0 - localstatedir: ${prefix}/var/run - runtimedir: ${prefix}/var/run - infodir: ${exec_prefix}/share/info reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/text-base/00list.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/text-base/00list.svn-base @@ -1,7 +0,0 @@ -001_dbm_read_hash_or_btree -002_configure_in_remove_syspaths -003_buildconf_config.guess_sub_location -004_debian_layout_fix -013_ship_find_apu.m4 -014_apu_config_dont_list_indep_libs -099_alternate_md4_md5_impl \ No newline at end of file reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/text-base/013_ship_find_apu.m4.dpatch.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/text-base/013_ship_find_apu.m4.dpatch.svn-base @@ -1,24 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 013_ship_find_apu.m4.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: No description. - -@DPATCH@ -diff -urNad apr-util1.0-1.2.2~/Makefile.in apr-util1.0-1.2.2/Makefile.in ---- apr-util1.0-1.2.2~/Makefile.in 2005-05-24 14:09:35.000000000 +0200 -+++ apr-util1.0-1.2.2/Makefile.in 2006-01-27 17:18:08.000000000 +0100 -@@ -67,6 +67,13 @@ - $(INSTALL_DATA) aprutil.exp $(DESTDIR)$(libdir) - $(INSTALL) -m 755 apu-config.out $(DESTDIR)$(bindir)/$(APU_CONFIG) - -+ if [ ! -d $(DESTDIR)$(installbuilddir) ]; then \ -+ @APR_SOURCE_DIR@/build/mkdir.sh $(DESTDIR)$(installbuilddir); \ -+ fi -+ $(LIBTOOL) --mode=install cp $(top_srcdir)/build/find_apu.m4 \ -+ $(DESTDIR)$(installbuilddir)/find_apu.m4 -+ -+ - $(TARGET_LIB): $(OBJECTS) - $(LINK) @lib_target@ $(ALL_LIBS) $(APRUTIL_LDFLAGS) $(APRUTIL_LIBS) - reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/text-base/099_alternate_md4_md5_impl.dpatch.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/text-base/099_alternate_md4_md5_impl.dpatch.svn-base @@ -1,1377 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 099_alternate_md4_md5_impl.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: No description. - -@DPATCH@ -diff -urNad apr-util-1.2.7~/crypto/apr_md4.c apr-util-1.2.7/crypto/apr_md4.c ---- apr-util-1.2.7~/crypto/apr_md4.c 1970-01-01 01:00:00.000000000 +0100 -+++ apr-util-1.2.7/crypto/apr_md4.c 2006-08-18 14:21:41.000000000 +0200 -@@ -0,0 +1,389 @@ -+/* Adopted for apr-util by Tollef Fog Heen */ -+ -+/* -+ * MD4 (RFC-1320) message digest. -+ * Modified from MD5 code by Andrey Panin -+ * -+ * Written by Solar Designer in 2001, and placed in -+ * the public domain. There's absolutely no warranty. -+ * -+ * This differs from Colin Plumb's older public domain implementation in -+ * that no 32-bit integer data type is required, there's no compile-time -+ * endianness configuration, and the function prototypes match OpenSSL's. -+ * The primary goals are portability and ease of use. -+ * -+ * This implementation is meant to be fast, but not as fast as possible. -+ * Some known optimizations are not included to reduce source code size -+ * and avoid compile-time configuration. -+ */ -+ -+/* Copyright 2001-2005 The Apache Software Foundation or its licensors, as -+ * applicable. -+ * -+ * Licensed under the Apache License, Version 2.0 (the "License"); -+ * you may not use this file except in compliance with the License. -+ * You may obtain a copy of the License at -+ * -+ * http://www.apache.org/licenses/LICENSE-2.0 -+ * -+ * Unless required by applicable law or agreed to in writing, software -+ * distributed under the License is distributed on an "AS IS" BASIS, -+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -+ * See the License for the specific language governing permissions and -+ * limitations under the License. -+ */ -+ -+#include "apr_strings.h" -+#include "apr_md4.h" -+#include "apr_lib.h" -+ -+#if APR_HAVE_STRING_H -+#include -+#endif -+#if APR_HAVE_UNISTD_H -+#include -+#endif -+ -+#if APR_CHARSET_EBCDIC -+static apr_xlate_t *xlate_ebcdic_to_ascii; /* used in apr_md4_encode() */ -+#endif -+ -+static const void *body(apr_md4_ctx_t *context, const void *data, size_t size); -+ -+/* -+ * The basic MD4 functions. -+ */ -+#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) -+#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z))) -+#define H(x, y, z) ((x) ^ (y) ^ (z)) -+ -+/* -+ * The MD4 transformation for all four rounds. -+ */ -+#define STEP(f, a, b, c, d, x, s) \ -+ (a) += f((b), (c), (d)) + (x); \ -+ (a) = ((a) << (s)) | ((a) >> (32 - (s))) -+ -+ -+/* -+ * SET reads 4 input bytes in little-endian byte order and stores them -+ * in a properly aligned word in host byte order. -+ * -+ * The check for little-endian architectures which tolerate unaligned -+ * memory accesses is just an optimization. Nothing will break if it -+ * doesn't work. -+ */ -+/*#if defined(__i386__) || defined(__x86_64__) || defined(__vax__) -+#define SET(n) \ -+ (*(const apr_uint32_t *)&ptr[(n) * 4]) -+#define GET(n) \ -+ SET(n) -+ #else*/ -+#define SET(n) \ -+ (block[(n)] = \ -+ (apr_uint32_t)ptr[(n) * 4] | \ -+ ((apr_uint32_t)ptr[(n) * 4 + 1] << 8) | \ -+ ((apr_uint32_t)ptr[(n) * 4 + 2] << 16) | \ -+ ((apr_uint32_t)ptr[(n) * 4 + 3] << 24)) -+#define GET(n) \ -+ (block[(n)]) -+/*#endif*/ -+ -+ -+ -+/* MD4 initialization. Begins an MD4 operation, writing a new context. -+ */ -+APU_DECLARE(apr_status_t) apr_md4_init(apr_md4_ctx_t *context) -+{ -+ context->count[0] = context->count[1] = 0; -+ -+ /* Load magic initialization constants. */ -+ context->state[0] = 0x67452301; -+ context->state[1] = 0xefcdab89; -+ context->state[2] = 0x98badcfe; -+ context->state[3] = 0x10325476; -+ -+#if APR_HAS_XLATE -+ context->xlate = NULL; -+#endif -+ -+ return APR_SUCCESS; -+} -+ -+#if APR_HAS_XLATE -+/* MD4 translation setup. Provides the APR translation handle -+ * to be used for translating the content before calculating the -+ * digest. -+ */ -+APU_DECLARE(apr_status_t) apr_md4_set_xlate(apr_md4_ctx_t *context, -+ apr_xlate_t *xlate) -+{ -+ apr_status_t rv; -+ int is_sb; -+ -+ /* TODO: remove the single-byte-only restriction from this code -+ */ -+ rv = apr_xlate_sb_get(xlate, &is_sb); -+ if (rv != APR_SUCCESS) { -+ return rv; -+ } -+ if (!is_sb) { -+ return APR_EINVAL; -+ } -+ context->xlate = xlate; -+ return APR_SUCCESS; -+} -+#endif /* APR_HAS_XLATE */ -+ -+/* MD4 block update operation. Continues an MD4 message-digest -+ * operation, processing another message block, and updating the -+ * context. -+ */ -+APU_DECLARE(apr_status_t) apr_md4_update(apr_md4_ctx_t *context, -+ const unsigned char *input, -+ apr_size_t inputLen) -+{ -+ apr_uint32_t saved_lo; -+ unsigned long used, free; -+#if APR_HAS_XLATE -+/* apr_size_t inbytes_left, outbytes_left;*/ -+#endif -+ -+ /* Update number of bits */ -+ saved_lo = context->count[0]; -+ if ((context->count[0] = (saved_lo + inputLen) & 0x1fffffff) < saved_lo) -+ context->count[1]++; -+ context->count[1] += (apr_uint32_t)inputLen >> 29; -+ -+ /* Compute number of bytes mod 64 */ -+ used = saved_lo & 0x3f; -+ -+ /* Transform as many times as possible. */ -+ if (used) { -+ free = 64 - used; -+ -+ if (inputLen < free) { -+ memcpy(&context->buffer[used], input, inputLen); -+ return APR_SUCCESS; -+ } -+ -+ memcpy(&context->buffer[used], input, free); -+ input = (const unsigned char *) input + free; -+ inputLen -= free; -+ body(context, context->buffer, 64); -+ } -+ -+ if (inputLen >= 64) { -+ input = body(context, input, inputLen & ~(unsigned long)0x3f); -+ inputLen &= 0x3f; -+ } -+ -+ /* Buffer remaining input */ -+ memcpy(context->buffer, input, inputLen); -+ return APR_SUCCESS; -+} -+ -+/* MD4 finalization. Ends an MD4 message-digest operation, writing the -+ * the message digest and zeroizing the context. -+ */ -+APU_DECLARE(apr_status_t) apr_md4_final( -+ unsigned char digest[APR_MD4_DIGESTSIZE], -+ apr_md4_ctx_t *context) -+{ -+ unsigned long used, free; -+ -+ used = context->count[0] & 0x3f; -+ -+ context->buffer[used++] = 0x80; -+ -+ free = 64 - used; -+ -+#if APR_HAS_XLATE -+ /* apr_md4_update() should not translate for this final round. */ -+ context->xlate = NULL; -+#endif /*APR_HAS_XLATE*/ -+ -+ if (free < 8) { -+ memset(&context->buffer[used], 0, free); -+ body(context, context->buffer, 64); -+ used = 0; -+ free = 64; -+ } -+ -+ memset(&context->buffer[used], 0, free - 8); -+ -+ context->count[0] <<= 3; -+ context->buffer[56] = context->count[0]; -+ context->buffer[57] = context->count[0] >> 8; -+ context->buffer[58] = context->count[0] >> 16; -+ context->buffer[59] = context->count[0] >> 24; -+ context->buffer[60] = context->count[1]; -+ context->buffer[61] = context->count[1] >> 8; -+ context->buffer[62] = context->count[1] >> 16; -+ context->buffer[63] = context->count[1] >> 24; -+ -+ body(context, context->buffer, 64); -+ -+ digest[0] = context->state[0]; -+ digest[1] = context->state[0] >> 8; -+ digest[2] = context->state[0] >> 16; -+ digest[3] = context->state[0] >> 24; -+ digest[4] = context->state[1]; -+ digest[5] = context->state[1] >> 8; -+ digest[6] = context->state[1] >> 16; -+ digest[7] = context->state[1] >> 24; -+ digest[8] = context->state[2]; -+ digest[9] = context->state[2] >> 8; -+ digest[10] = context->state[2] >> 16; -+ digest[11] = context->state[2] >> 24; -+ digest[12] = context->state[3]; -+ digest[13] = context->state[3] >> 8; -+ digest[14] = context->state[3] >> 16; -+ digest[15] = context->state[3] >> 24; -+ -+ /* Zeroize sensitive information. */ -+ memset(context, 0, sizeof(*context)); -+ -+ return APR_SUCCESS; -+} -+ -+/* MD4 computation in one step (init, update, final) -+ */ -+APU_DECLARE(apr_status_t) apr_md4(unsigned char digest[APR_MD4_DIGESTSIZE], -+ const unsigned char *input, -+ apr_size_t inputLen) -+{ -+ apr_md4_ctx_t ctx; -+ apr_status_t rv; -+ -+ apr_md4_init(&ctx); -+ -+ if ((rv = apr_md4_update(&ctx, input, inputLen)) != APR_SUCCESS) -+ return rv; -+ -+ return apr_md4_final(digest, &ctx); -+} -+ -+/* -+ * This processes one or more 64-byte data blocks, but does NOT update -+ * the bit counters. There're no alignment requirements. -+ */ -+static const void *body(apr_md4_ctx_t *context, const void *data, size_t size) -+{ -+ const unsigned char *ptr, *convptr; -+ uint32_t a, b, c, d; -+ uint32_t saved_a, saved_b, saved_c, saved_d; -+ apr_uint32_t block[16]; -+ -+#ifdef APR_HAS_XLATE -+ apr_size_t inbytes_left, outbytes_left; -+#endif -+ -+ ptr = data; -+ -+ a = context->state[0]; -+ b = context->state[1]; -+ c = context->state[2]; -+ d = context->state[3]; -+ -+ do { -+ saved_a = a; -+ saved_b = b; -+ saved_c = c; -+ saved_d = d; -+ -+ convptr = ptr; -+#ifdef APR_HAS_XLATE -+ if (context->xlate) { -+ inbytes_left = outbytes_left = 64; -+ unsigned char inp_tmp[64]; -+ apr_xlate_conv_buffer(context->xlate, ptr, &inbytes_left, -+ inp_tmp, &outbytes_left); -+ convptr = inp_tmp; -+ } -+#endif -+ /* Round 1 */ -+ STEP(F, a, b, c, d, SET( 0), 3); -+ STEP(F, d, a, b, c, SET( 1), 7); -+ STEP(F, c, d, a, b, SET( 2), 11); -+ STEP(F, b, c, d, a, SET( 3), 19); -+ -+ STEP(F, a, b, c, d, SET( 4), 3); -+ STEP(F, d, a, b, c, SET( 5), 7); -+ STEP(F, c, d, a, b, SET( 6), 11); -+ STEP(F, b, c, d, a, SET( 7), 19); -+ -+ STEP(F, a, b, c, d, SET( 8), 3); -+ STEP(F, d, a, b, c, SET( 9), 7); -+ STEP(F, c, d, a, b, SET(10), 11); -+ STEP(F, b, c, d, a, SET(11), 19); -+ -+ STEP(F, a, b, c, d, SET(12), 3); -+ STEP(F, d, a, b, c, SET(13), 7); -+ STEP(F, c, d, a, b, SET(14), 11); -+ STEP(F, b, c, d, a, SET(15), 19); -+ /* Round 2 */ -+ STEP(G, a, b, c, d, GET( 0) + 0x5A827999, 3); -+ STEP(G, d, a, b, c, GET( 4) + 0x5A827999, 5); -+ STEP(G, c, d, a, b, GET( 8) + 0x5A827999, 9); -+ STEP(G, b, c, d, a, GET(12) + 0x5A827999, 13); -+ -+ STEP(G, a, b, c, d, GET( 1) + 0x5A827999, 3); -+ STEP(G, d, a, b, c, GET( 5) + 0x5A827999, 5); -+ STEP(G, c, d, a, b, GET( 9) + 0x5A827999, 9); -+ STEP(G, b, c, d, a, GET(13) + 0x5A827999, 13); -+ -+ STEP(G, a, b, c, d, GET( 2) + 0x5A827999, 3); -+ STEP(G, d, a, b, c, GET( 6) + 0x5A827999, 5); -+ STEP(G, c, d, a, b, GET(10) + 0x5A827999, 9); -+ STEP(G, b, c, d, a, GET(14) + 0x5A827999, 13); -+ -+ STEP(G, a, b, c, d, GET( 3) + 0x5A827999, 3); -+ STEP(G, d, a, b, c, GET( 7) + 0x5A827999, 5); -+ STEP(G, c, d, a, b, GET(11) + 0x5A827999, 9); -+ STEP(G, b, c, d, a, GET(15) + 0x5A827999, 13); -+ /* Round 3 */ -+ STEP(H, a, b, c, d, GET( 0) + 0x6ED9EBA1, 3); -+ STEP(H, d, a, b, c, GET( 8) + 0x6ED9EBA1, 9); -+ STEP(H, c, d, a, b, GET( 4) + 0x6ED9EBA1, 11); -+ STEP(H, b, c, d, a, GET(12) + 0x6ED9EBA1, 15); -+ -+ STEP(H, a, b, c, d, GET( 2) + 0x6ED9EBA1, 3); -+ STEP(H, d, a, b, c, GET(10) + 0x6ED9EBA1, 9); -+ STEP(H, c, d, a, b, GET( 6) + 0x6ED9EBA1, 11); -+ STEP(H, b, c, d, a, GET(14) + 0x6ED9EBA1, 15); -+ -+ STEP(H, a, b, c, d, GET( 1) + 0x6ED9EBA1, 3); -+ STEP(H, d, a, b, c, GET( 9) + 0x6ED9EBA1, 9); -+ STEP(H, c, d, a, b, GET( 5) + 0x6ED9EBA1, 11); -+ STEP(H, b, c, d, a, GET(13) + 0x6ED9EBA1, 15); -+ -+ STEP(H, a, b, c, d, GET( 3) + 0x6ED9EBA1, 3); -+ STEP(H, d, a, b, c, GET(11) + 0x6ED9EBA1, 9); -+ STEP(H, c, d, a, b, GET( 7) + 0x6ED9EBA1, 11); -+ STEP(H, b, c, d, a, GET(15) + 0x6ED9EBA1, 15); -+ -+ a += saved_a; -+ b += saved_b; -+ c += saved_c; -+ d += saved_d; -+ -+ ptr += 64; -+ } while (size -= 64); -+ -+ context->state[0] = a; -+ context->state[1] = b; -+ context->state[2] = c; -+ context->state[3] = d; -+ -+ return ptr; -+} -+ -+ -+#if APR_CHARSET_EBCDIC -+APU_DECLARE(apr_status_t) apr_MD4InitEBCDIC(apr_xlate_t *xlate) -+{ -+ xlate_ebcdic_to_ascii = xlate; -+ return APR_SUCCESS; -+} -+#endif -diff -urNad apr-util-1.2.7~/crypto/apr_md5.c apr-util-1.2.7/crypto/apr_md5.c ---- apr-util-1.2.7~/crypto/apr_md5.c 1970-01-01 01:00:00.000000000 +0100 -+++ apr-util-1.2.7/crypto/apr_md5.c 2006-08-18 14:21:41.000000000 +0200 -@@ -0,0 +1,686 @@ -+/* FIXME: body must handle xlate */ -+ -+/* -+ * Adopted for apr-util by Tollef Fog Heen -+ */ -+ -+/* -+ * This is an OpenSSL-compatible implementation of the RSA Data Security, -+ * Inc. MD5 Message-Digest Algorithm. -+ * -+ * Written by Solar Designer in 2001, and placed in -+ * the public domain. See md5.c for more information. -+ */ -+ -+/* Copyright 2000-2005 The Apache Software Foundation or its licensors, as -+ * applicable. -+ * -+ * Licensed under the Apache License, Version 2.0 (the "License"); -+ * you may not use this file except in compliance with the License. -+ * You may obtain a copy of the License at -+ * -+ * http://www.apache.org/licenses/LICENSE-2.0 -+ * -+ * Unless required by applicable law or agreed to in writing, software -+ * distributed under the License is distributed on an "AS IS" BASIS, -+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -+ * See the License for the specific language governing permissions and -+ * limitations under the License. -+ */ -+ -+/* -+ * The apr_md5_encode() routine uses much code obtained from the FreeBSD 3.0 -+ * MD5 crypt() function, which is licenced as follows: -+ * ---------------------------------------------------------------------------- -+ * "THE BEER-WARE LICENSE" (Revision 42): -+ * wrote this file. As long as you retain this notice you -+ * can do whatever you want with this stuff. If we meet some day, and you think -+ * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp -+ * ---------------------------------------------------------------------------- -+ */ -+#include "apr_strings.h" -+#include "apr_md5.h" -+#include "apr_lib.h" -+#include "apu_config.h" -+#include "apr_sha1.h" -+ -+#if APR_HAVE_STRING_H -+#include -+#endif -+#if APR_HAVE_CRYPT_H -+#include -+#endif -+#if APR_HAVE_UNISTD_H -+#include -+#endif -+#if APR_HAVE_PTHREAD_H -+#include -+#endif -+ -+static const void *body(apr_md5_ctx_t *context, const void *data, apr_size_t size); -+ -+#if APR_CHARSET_EBCDIC -+static apr_xlate_t *xlate_ebcdic_to_ascii; /* used in apr_md5_encode() */ -+#endif -+ -+/* -+ * The basic MD5 functions. -+ * -+ * F is optimized compared to its RFC 1321 definition just like in Colin -+ * Plumb's implementation. -+ */ -+#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z)))) -+#define G(x, y, z) ((y) ^ ((z) & ((x) ^ (y)))) -+#define H(x, y, z) ((x) ^ (y) ^ (z)) -+#define I(x, y, z) ((y) ^ ((x) | ~(z))) -+ -+/* -+ * The MD5 transformation for all four rounds. -+ */ -+#define STEP(f, a, b, c, d, x, t, s) \ -+ (a) += f((b), (c), (d)) + (x) + (t); \ -+ (a) = (((a) << (s)) | (((a) & 0xffffffff) >> (32 - (s)))); \ -+ (a) += (b); -+ -+/* -+ * SET reads 4 input bytes in little-endian byte order and stores them -+ * in a properly aligned word in host byte order. -+ * -+ * The check for little-endian architectures which tolerate unaligned -+ * memory accesses is just an optimization. Nothing will break if it -+ * doesn't work. -+ */ -+#if defined(__i386__) || defined(__x86_64__) || defined(__vax__) -+#define SET(n) \ -+ (*(const apr_uint32_t *)&convptr[(n) * 4]) -+#define GET(n) \ -+ SET(n) -+#else -+#define SET(n) \ -+ (block[(n)] = \ -+ (apr_uint32_t)convptr[(n) * 4] | \ -+ ((apr_uint32_t)convptr[(n) * 4 + 1] << 8) | \ -+ ((apr_uint32_t)convptr[(n) * 4 + 2] << 16) | \ -+ ((apr_uint32_t)convptr[(n) * 4 + 3] << 24)) -+#define GET(n) \ -+ (block[(n)]) -+#endif -+ -+/* MD5 initialization. Begins an MD5 operation, writing a new context. -+ */ -+APU_DECLARE(apr_status_t) apr_md5_init(apr_md5_ctx_t *context) -+{ -+ context->count[0] = context->count[1] = 0; -+ -+ /* Load magic initialization constants. */ -+ context->state[0] = 0x67452301; -+ context->state[1] = 0xefcdab89; -+ context->state[2] = 0x98badcfe; -+ context->state[3] = 0x10325476; -+ context->xlate = NULL; -+ -+ return APR_SUCCESS; -+} -+ -+/* MD5 translation setup. Provides the APR translation handle -+ * to be used for translating the content before calculating the -+ * digest. -+ */ -+APU_DECLARE(apr_status_t) apr_md5_set_xlate(apr_md5_ctx_t *context, -+ apr_xlate_t *xlate) -+{ -+#if APR_HAS_XLATE -+ apr_status_t rv; -+ int is_sb; -+ -+ /* TODO: remove the single-byte-only restriction from this code -+ */ -+ rv = apr_xlate_sb_get(xlate, &is_sb); -+ if (rv != APR_SUCCESS) { -+ return rv; -+ } -+ if (!is_sb) { -+ return APR_EINVAL; -+ } -+ context->xlate = xlate; -+ return APR_SUCCESS; -+#else -+ return APR_ENOTIMPL; -+#endif /* APR_HAS_XLATE */ -+} -+ -+/* MD5 block update operation. Continues an MD5 message-digest -+ * operation, processing another message block, and updating the -+ * context. -+ */ -+APU_DECLARE(apr_status_t) apr_md5_update(apr_md5_ctx_t *context, -+ const void *_input, -+ apr_size_t inputLen) -+{ -+ apr_uint32_t saved_lo; -+ unsigned long used, free; -+#if APR_HAS_XLATE -+/* apr_size_t inbytes_left, outbytes_left;*/ -+#endif -+ -+ /* Update number of bits */ -+ saved_lo = context->count[0]; -+ if ((context->count[0] = (saved_lo + inputLen) & 0x1fffffff) < saved_lo) -+ context->count[1]++; -+ context->count[1] += (apr_uint32_t)inputLen >> 29; -+ -+ /* Compute number of bytes mod 64 */ -+ used = saved_lo & 0x3f; -+ -+ /* Transform as many times as possible. */ -+ if (used) { -+ free = 64 - used; -+ -+ if (inputLen < free) { -+ memcpy(&context->buffer[used], _input, inputLen); -+ return APR_SUCCESS; -+ } -+ -+ memcpy(&context->buffer[used], _input, free); -+ _input = (const unsigned char *) _input + free; -+ inputLen -= free; -+ body(context, context->buffer, 64); -+ } -+ -+ if (inputLen >= 64) { -+ _input = body(context, _input, inputLen & ~(unsigned long)0x3f); -+ inputLen &= 0x3f; -+ } -+ -+ /* Buffer remaining input */ -+ memcpy(context->buffer, _input, inputLen); -+ return APR_SUCCESS; -+} -+ -+/* MD5 finalization. Ends an MD5 message-digest operation, writing the -+ * the message digest and zeroizing the context. -+ */ -+APU_DECLARE(apr_status_t) apr_md5_final(unsigned char digest[APR_MD5_DIGESTSIZE], -+ apr_md5_ctx_t *context) -+{ -+ unsigned long used, free; -+ -+ used = context->count[0] & 0x3f; -+ -+ context->buffer[used++] = 0x80; -+ -+ free = 64 - used; -+ -+#if APR_HAS_XLATE -+ /* apr_md5_update() should not translate for this final round. */ -+ context->xlate = NULL; -+#endif /*APR_HAS_XLATE*/ -+ -+ if (free < 8) { -+ memset(&context->buffer[used], 0, free); -+ body(context, context->buffer, 64); -+ used = 0; -+ free = 64; -+ } -+ -+ memset(&context->buffer[used], 0, free - 8); -+ -+ context->count[0] <<= 3; -+ context->buffer[56] = context->count[0]; -+ context->buffer[57] = context->count[0] >> 8; -+ context->buffer[58] = context->count[0] >> 16; -+ context->buffer[59] = context->count[0] >> 24; -+ context->buffer[60] = context->count[1]; -+ context->buffer[61] = context->count[1] >> 8; -+ context->buffer[62] = context->count[1] >> 16; -+ context->buffer[63] = context->count[1] >> 24; -+ -+ body(context, context->buffer, 64); -+ -+ digest[0] = context->state[0]; -+ digest[1] = context->state[0] >> 8; -+ digest[2] = context->state[0] >> 16; -+ digest[3] = context->state[0] >> 24; -+ digest[4] = context->state[1]; -+ digest[5] = context->state[1] >> 8; -+ digest[6] = context->state[1] >> 16; -+ digest[7] = context->state[1] >> 24; -+ digest[8] = context->state[2]; -+ digest[9] = context->state[2] >> 8; -+ digest[10] = context->state[2] >> 16; -+ digest[11] = context->state[2] >> 24; -+ digest[12] = context->state[3]; -+ digest[13] = context->state[3] >> 8; -+ digest[14] = context->state[3] >> 16; -+ digest[15] = context->state[3] >> 24; -+ -+ /* Zeroize sensitive information. */ -+ memset(context, 0, sizeof(*context)); -+ -+ return APR_SUCCESS; -+} -+ -+/* MD5 in one step (init, update, final) -+ */ -+APU_DECLARE(apr_status_t) apr_md5(unsigned char digest[APR_MD5_DIGESTSIZE], -+ const void *_input, -+ apr_size_t inputLen) -+{ -+ const unsigned char *input = _input; -+ apr_md5_ctx_t ctx; -+ apr_status_t rv; -+ -+ apr_md5_init(&ctx); -+ -+ if ((rv = apr_md5_update(&ctx, input, inputLen)) != APR_SUCCESS) -+ return rv; -+ -+ return apr_md5_final(digest, &ctx); -+} -+ -+/* -+ * This processes one or more 64-byte data blocks, but does NOT update -+ * the bit counters. There're no alignment requirements. -+ */ -+static const void *body(apr_md5_ctx_t *context, const void *data, apr_size_t size) -+{ -+ const unsigned char *ptr, *convptr; -+ uint_fast32_t a, b, c, d; -+ uint_fast32_t saved_a, saved_b, saved_c, saved_d; -+ apr_uint32_t block[16]; -+ -+#ifdef APR_HAS_XLATE -+ apr_size_t inbytes_left, outbytes_left; -+#endif -+ -+ ptr = data; -+ -+ a = context->state[0]; -+ b = context->state[1]; -+ c = context->state[2]; -+ d = context->state[3]; -+ -+ do { -+ saved_a = a; -+ saved_b = b; -+ saved_c = c; -+ saved_d = d; -+ -+ convptr = ptr; -+#ifdef APR_HAS_XLATE -+ if (context->xlate) { -+ inbytes_left = outbytes_left = 64; -+ unsigned char inp_tmp[64]; -+ apr_xlate_conv_buffer(context->xlate, ptr, &inbytes_left, -+ inp_tmp, &outbytes_left); -+ convptr = inp_tmp; -+ } -+#endif -+ -+ -+/* Round 1 */ -+ STEP(F, a, b, c, d, SET(0), 0xd76aa478, 7) -+ STEP(F, d, a, b, c, SET(1), 0xe8c7b756, 12) -+ STEP(F, c, d, a, b, SET(2), 0x242070db, 17) -+ STEP(F, b, c, d, a, SET(3), 0xc1bdceee, 22) -+ STEP(F, a, b, c, d, SET(4), 0xf57c0faf, 7) -+ STEP(F, d, a, b, c, SET(5), 0x4787c62a, 12) -+ STEP(F, c, d, a, b, SET(6), 0xa8304613, 17) -+ STEP(F, b, c, d, a, SET(7), 0xfd469501, 22) -+ STEP(F, a, b, c, d, SET(8), 0x698098d8, 7) -+ STEP(F, d, a, b, c, SET(9), 0x8b44f7af, 12) -+ STEP(F, c, d, a, b, SET(10), 0xffff5bb1, 17) -+ STEP(F, b, c, d, a, SET(11), 0x895cd7be, 22) -+ STEP(F, a, b, c, d, SET(12), 0x6b901122, 7) -+ STEP(F, d, a, b, c, SET(13), 0xfd987193, 12) -+ STEP(F, c, d, a, b, SET(14), 0xa679438e, 17) -+ STEP(F, b, c, d, a, SET(15), 0x49b40821, 22) -+ -+/* Round 2 */ -+ STEP(G, a, b, c, d, GET(1), 0xf61e2562, 5) -+ STEP(G, d, a, b, c, GET(6), 0xc040b340, 9) -+ STEP(G, c, d, a, b, GET(11), 0x265e5a51, 14) -+ STEP(G, b, c, d, a, GET(0), 0xe9b6c7aa, 20) -+ STEP(G, a, b, c, d, GET(5), 0xd62f105d, 5) -+ STEP(G, d, a, b, c, GET(10), 0x02441453, 9) -+ STEP(G, c, d, a, b, GET(15), 0xd8a1e681, 14) -+ STEP(G, b, c, d, a, GET(4), 0xe7d3fbc8, 20) -+ STEP(G, a, b, c, d, GET(9), 0x21e1cde6, 5) -+ STEP(G, d, a, b, c, GET(14), 0xc33707d6, 9) -+ STEP(G, c, d, a, b, GET(3), 0xf4d50d87, 14) -+ STEP(G, b, c, d, a, GET(8), 0x455a14ed, 20) -+ STEP(G, a, b, c, d, GET(13), 0xa9e3e905, 5) -+ STEP(G, d, a, b, c, GET(2), 0xfcefa3f8, 9) -+ STEP(G, c, d, a, b, GET(7), 0x676f02d9, 14) -+ STEP(G, b, c, d, a, GET(12), 0x8d2a4c8a, 20) -+ -+/* Round 3 */ -+ STEP(H, a, b, c, d, GET(5), 0xfffa3942, 4) -+ STEP(H, d, a, b, c, GET(8), 0x8771f681, 11) -+ STEP(H, c, d, a, b, GET(11), 0x6d9d6122, 16) -+ STEP(H, b, c, d, a, GET(14), 0xfde5380c, 23) -+ STEP(H, a, b, c, d, GET(1), 0xa4beea44, 4) -+ STEP(H, d, a, b, c, GET(4), 0x4bdecfa9, 11) -+ STEP(H, c, d, a, b, GET(7), 0xf6bb4b60, 16) -+ STEP(H, b, c, d, a, GET(10), 0xbebfbc70, 23) -+ STEP(H, a, b, c, d, GET(13), 0x289b7ec6, 4) -+ STEP(H, d, a, b, c, GET(0), 0xeaa127fa, 11) -+ STEP(H, c, d, a, b, GET(3), 0xd4ef3085, 16) -+ STEP(H, b, c, d, a, GET(6), 0x04881d05, 23) -+ STEP(H, a, b, c, d, GET(9), 0xd9d4d039, 4) -+ STEP(H, d, a, b, c, GET(12), 0xe6db99e5, 11) -+ STEP(H, c, d, a, b, GET(15), 0x1fa27cf8, 16) -+ STEP(H, b, c, d, a, GET(2), 0xc4ac5665, 23) -+ -+/* Round 4 */ -+ STEP(I, a, b, c, d, GET(0), 0xf4292244, 6) -+ STEP(I, d, a, b, c, GET(7), 0x432aff97, 10) -+ STEP(I, c, d, a, b, GET(14), 0xab9423a7, 15) -+ STEP(I, b, c, d, a, GET(5), 0xfc93a039, 21) -+ STEP(I, a, b, c, d, GET(12), 0x655b59c3, 6) -+ STEP(I, d, a, b, c, GET(3), 0x8f0ccc92, 10) -+ STEP(I, c, d, a, b, GET(10), 0xffeff47d, 15) -+ STEP(I, b, c, d, a, GET(1), 0x85845dd1, 21) -+ STEP(I, a, b, c, d, GET(8), 0x6fa87e4f, 6) -+ STEP(I, d, a, b, c, GET(15), 0xfe2ce6e0, 10) -+ STEP(I, c, d, a, b, GET(6), 0xa3014314, 15) -+ STEP(I, b, c, d, a, GET(13), 0x4e0811a1, 21) -+ STEP(I, a, b, c, d, GET(4), 0xf7537e82, 6) -+ STEP(I, d, a, b, c, GET(11), 0xbd3af235, 10) -+ STEP(I, c, d, a, b, GET(2), 0x2ad7d2bb, 15) -+ STEP(I, b, c, d, a, GET(9), 0xeb86d391, 21) -+ -+ a += saved_a; -+ b += saved_b; -+ c += saved_c; -+ d += saved_d; -+ -+ ptr += 64; -+ } while (size -= 64); -+ -+ context->state[0] = a; -+ context->state[1] = b; -+ context->state[2] = c; -+ context->state[3] = d; -+ -+ return ptr; -+} -+ -+#if APR_CHARSET_EBCDIC -+APU_DECLARE(apr_status_t) apr_MD5InitEBCDIC(apr_xlate_t *xlate) -+{ -+ xlate_ebcdic_to_ascii = xlate; -+ return APR_SUCCESS; -+} -+#endif -+ -+/* -+ * Define the Magic String prefix that identifies a password as being -+ * hashed using our algorithm. -+ */ -+static const char *apr1_id = "$apr1$"; -+ -+/* -+ * The following MD5 password encryption code was largely borrowed from -+ * the FreeBSD 3.0 /usr/src/lib/libcrypt/crypt.c file, which is -+ * licenced as stated at the top of this file. -+ */ -+ -+static void to64(char *s, unsigned long v, int n) -+{ -+ static unsigned char itoa64[] = /* 0 ... 63 => ASCII - 64 */ -+ "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; -+ -+ while (--n >= 0) { -+ *s++ = itoa64[v&0x3f]; -+ v >>= 6; -+ } -+} -+ -+APU_DECLARE(apr_status_t) apr_md5_encode(const char *pw, const char *salt, -+ char *result, apr_size_t nbytes) -+{ -+ /* -+ * Minimum size is 8 bytes for salt, plus 1 for the trailing NUL, -+ * plus 4 for the '$' separators, plus the password hash itself. -+ * Let's leave a goodly amount of leeway. -+ */ -+ -+ char passwd[120], *p; -+ const char *sp, *ep; -+ unsigned char final[APR_MD5_DIGESTSIZE]; -+ apr_ssize_t sl, pl, i; -+ apr_md5_ctx_t ctx, ctx1; -+ unsigned long l; -+ -+ /* -+ * Refine the salt first. It's possible we were given an already-hashed -+ * string as the salt argument, so extract the actual salt value from it -+ * if so. Otherwise just use the string up to the first '$' as the salt. -+ */ -+ sp = salt; -+ -+ /* -+ * If it starts with the magic string, then skip that. -+ */ -+ if (!strncmp(sp, apr1_id, strlen(apr1_id))) { -+ sp += strlen(apr1_id); -+ } -+ -+ /* -+ * It stops at the first '$' or 8 chars, whichever comes first -+ */ -+ for (ep = sp; (*ep != '\0') && (*ep != '$') && (ep < (sp + 8)); ep++) { -+ continue; -+ } -+ -+ /* -+ * Get the length of the true salt -+ */ -+ sl = ep - sp; -+ -+ /* -+ * 'Time to make the doughnuts..' -+ */ -+ apr_md5_init(&ctx); -+#if APR_CHARSET_EBCDIC -+ apr_md5_set_xlate(&ctx, xlate_ebcdic_to_ascii); -+#endif -+ -+ /* -+ * The password first, since that is what is most unknown -+ */ -+ apr_md5_update(&ctx, pw, strlen(pw)); -+ -+ /* -+ * Then our magic string -+ */ -+ apr_md5_update(&ctx, apr1_id, strlen(apr1_id)); -+ -+ /* -+ * Then the raw salt -+ */ -+ apr_md5_update(&ctx, sp, sl); -+ -+ /* -+ * Then just as many characters of the MD5(pw, salt, pw) -+ */ -+ apr_md5_init(&ctx1); -+ apr_md5_update(&ctx1, pw, strlen(pw)); -+ apr_md5_update(&ctx1, sp, sl); -+ apr_md5_update(&ctx1, pw, strlen(pw)); -+ apr_md5_final(final, &ctx1); -+ for (pl = strlen(pw); pl > 0; pl -= APR_MD5_DIGESTSIZE) { -+ apr_md5_update(&ctx, final, -+ (pl > APR_MD5_DIGESTSIZE) ? APR_MD5_DIGESTSIZE : pl); -+ } -+ -+ /* -+ * Don't leave anything around in vm they could use. -+ */ -+ memset(final, 0, sizeof(final)); -+ -+ /* -+ * Then something really weird... -+ */ -+ for (i = strlen(pw); i != 0; i >>= 1) { -+ if (i & 1) { -+ apr_md5_update(&ctx, final, 1); -+ } -+ else { -+ apr_md5_update(&ctx, pw, 1); -+ } -+ } -+ -+ /* -+ * Now make the output string. We know our limitations, so we -+ * can use the string routines without bounds checking. -+ */ -+ strcpy(passwd, apr1_id); -+ strncat(passwd, sp, sl); -+ strcat(passwd, "$"); -+ -+ apr_md5_final(final, &ctx); -+ -+ /* -+ * And now, just to make sure things don't run too fast.. -+ * On a 60 Mhz Pentium this takes 34 msec, so you would -+ * need 30 seconds to build a 1000 entry dictionary... -+ */ -+ for (i = 0; i < 1000; i++) { -+ apr_md5_init(&ctx1); -+ if (i & 1) { -+ apr_md5_update(&ctx1, pw, strlen(pw)); -+ } -+ else { -+ apr_md5_update(&ctx1, final, APR_MD5_DIGESTSIZE); -+ } -+ if (i % 3) { -+ apr_md5_update(&ctx1, sp, sl); -+ } -+ -+ if (i % 7) { -+ apr_md5_update(&ctx1, pw, strlen(pw)); -+ } -+ -+ if (i & 1) { -+ apr_md5_update(&ctx1, final, APR_MD5_DIGESTSIZE); -+ } -+ else { -+ apr_md5_update(&ctx1, pw, strlen(pw)); -+ } -+ apr_md5_final(final,&ctx1); -+ } -+ -+ p = passwd + strlen(passwd); -+ -+ l = (final[ 0]<<16) | (final[ 6]<<8) | final[12]; to64(p, l, 4); p += 4; -+ l = (final[ 1]<<16) | (final[ 7]<<8) | final[13]; to64(p, l, 4); p += 4; -+ l = (final[ 2]<<16) | (final[ 8]<<8) | final[14]; to64(p, l, 4); p += 4; -+ l = (final[ 3]<<16) | (final[ 9]<<8) | final[15]; to64(p, l, 4); p += 4; -+ l = (final[ 4]<<16) | (final[10]<<8) | final[ 5]; to64(p, l, 4); p += 4; -+ l = final[11] ; to64(p, l, 2); p += 2; -+ *p = '\0'; -+ -+ /* -+ * Don't leave anything around in vm they could use. -+ */ -+ memset(final, 0, sizeof(final)); -+ -+ apr_cpystrn(result, passwd, nbytes - 1); -+ return APR_SUCCESS; -+} -+ -+#if !defined(WIN32) && !defined(BEOS) && !defined(NETWARE) -+#if defined(APU_CRYPT_THREADSAFE) || !APR_HAS_THREADS || \ -+ defined(CRYPT_R_CRYPTD) || defined(CRYPT_R_STRUCT_CRYPT_DATA) -+ -+#define crypt_mutex_lock() -+#define crypt_mutex_unlock() -+ -+#elif APR_HAVE_PTHREAD_H && defined(PTHREAD_MUTEX_INITIALIZER) -+ -+static pthread_mutex_t crypt_mutex = PTHREAD_MUTEX_INITIALIZER; -+static void crypt_mutex_lock(void) -+{ -+ pthread_mutex_lock(&crypt_mutex); -+} -+ -+static void crypt_mutex_unlock(void) -+{ -+ pthread_mutex_unlock(&crypt_mutex); -+} -+ -+#else -+ -+#error apr_password_validate() is not threadsafe. rebuild APR without thread support. -+ -+#endif -+#endif -+ -+/* -+ * Validate a plaintext password against a smashed one. Uses either -+ * crypt() (if available) or apr_md5_encode() or apr_sha1_base64(), depending -+ * upon the format of the smashed input password. Returns APR_SUCCESS if -+ * they match, or APR_EMISMATCH if they don't. If the platform doesn't -+ * support crypt, then the default check is against a clear text string. -+ */ -+APU_DECLARE(apr_status_t) apr_password_validate(const char *passwd, -+ const char *hash) -+{ -+ char sample[120]; -+#if !defined(WIN32) && !defined(BEOS) && !defined(NETWARE) -+ char *crypt_pw; -+#endif -+ if (!strncmp(hash, apr1_id, strlen(apr1_id))) { -+ /* -+ * The hash was created using our custom algorithm. -+ */ -+ apr_md5_encode(passwd, hash, sample, sizeof(sample)); -+ } -+ else if (!strncmp(hash, APR_SHA1PW_ID, APR_SHA1PW_IDLEN)) { -+ apr_sha1_base64(passwd, strlen(passwd), sample); -+ } -+ else { -+ /* -+ * It's not our algorithm, so feed it to crypt() if possible. -+ */ -+#if defined(WIN32) || defined(BEOS) || defined(NETWARE) -+ apr_cpystrn(sample, passwd, sizeof(sample) - 1); -+#elif defined(CRYPT_R_CRYPTD) -+ CRYPTD buffer; -+ -+ crypt_pw = crypt_r(passwd, hash, &buffer); -+ apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1); -+#elif defined(CRYPT_R_STRUCT_CRYPT_DATA) -+ struct crypt_data buffer; -+ -+ /* having to clear this seems bogus... GNU doc is -+ * confusing... user report found from google says -+ * the crypt_data struct had to be cleared to get -+ * the same result as plain crypt() -+ */ -+ memset(&buffer, 0, sizeof(buffer)); -+ crypt_pw = crypt_r(passwd, hash, &buffer); -+ apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1); -+#else -+ /* Do a bit of sanity checking since we know that crypt_r() -+ * should always be used for threaded builds on AIX, and -+ * problems in configure logic can result in the wrong -+ * choice being made. -+ */ -+#if defined(_AIX) && APR_HAS_THREADS -+#error Configuration error! crypt_r() should have been selected! -+#endif -+ -+ /* Handle thread safety issues by holding a mutex around the -+ * call to crypt(). -+ */ -+ crypt_mutex_lock(); -+ crypt_pw = crypt(passwd, hash); -+ apr_cpystrn(sample, crypt_pw, sizeof(sample) - 1); -+ crypt_mutex_unlock(); -+#endif -+ } -+ return (strcmp(sample, hash) == 0) ? APR_SUCCESS : APR_EMISMATCH; -+} -diff -urNad apr-util-1.2.7~/include/apr_md4.h apr-util-1.2.7/include/apr_md4.h ---- apr-util-1.2.7~/include/apr_md4.h 1970-01-01 01:00:00.000000000 +0100 -+++ apr-util-1.2.7/include/apr_md4.h 2006-08-18 14:22:04.000000000 +0200 -@@ -0,0 +1,135 @@ -+/* Copyright 2001-2005 The Apache Software Foundation or its licensors, as -+ * applicable. -+ * -+ * Licensed under the Apache License, Version 2.0 (the "License"); -+ * you may not use this file except in compliance with the License. -+ * You may obtain a copy of the License at -+ * -+ * http://www.apache.org/licenses/LICENSE-2.0 -+ * -+ * Unless required by applicable law or agreed to in writing, software -+ * distributed under the License is distributed on an "AS IS" BASIS, -+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -+ * See the License for the specific language governing permissions and -+ * limitations under the License. -+ */ -+/* This is derived from material copyright RSA Data Security, Inc. -+ * Their notice is reproduced below in its entirety. -+ * -+ * Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All -+ * rights reserved. -+ * -+ * License to copy and use this software is granted provided that it -+ * is identified as the "RSA Data Security, Inc. MD4 Message-Digest -+ * Algorithm" in all material mentioning or referencing this software -+ * or this function. -+ * -+ * License is also granted to make and use derivative works provided -+ * that such works are identified as "derived from the RSA Data -+ * Security, Inc. MD4 Message-Digest Algorithm" in all material -+ * mentioning or referencing the derived work. -+ * -+ * RSA Data Security, Inc. makes no representations concerning either -+ * the merchantability of this software or the suitability of this -+ * software for any particular purpose. It is provided "as is" -+ * without express or implied warranty of any kind. -+ * -+ * These notices must be retained in any copies of any part of this -+ * documentation and/or software. -+ */ -+ -+#ifndef APR_MD4_H -+#define APR_MD4_H -+ -+#include "apu.h" -+#include "apr_xlate.h" -+/** -+ * @file apr_md4.h -+ * @brief APR-UTIL MD4 Library -+ */ -+#ifdef __cplusplus -+extern "C" { -+#endif -+ -+/** -+ * @defgroup APR_Util_MD4 MD4 Library -+ * @ingroup APR_Util -+ * @{ -+ */ -+ -+/** The digestsize for MD4 */ -+#define APR_MD4_DIGESTSIZE 16 -+ -+/** @see apr_md4_ctx_t */ -+typedef struct apr_md4_ctx_t apr_md4_ctx_t; -+ -+/** MD4 context. */ -+struct apr_md4_ctx_t { -+ /** state (ABCD) */ -+ apr_uint32_t state[4]; -+ /** number of bits, modulo 2^64 (lsb first) */ -+ apr_uint32_t count[2]; -+ /** input buffer */ -+ unsigned char buffer[64]; -+#if APR_HAS_XLATE -+ /** translation handle */ -+ apr_xlate_t *xlate; -+#endif -+}; -+ -+/** -+ * MD4 Initialize. Begins an MD4 operation, writing a new context. -+ * @param context The MD4 context to initialize. -+ */ -+APU_DECLARE(apr_status_t) apr_md4_init(apr_md4_ctx_t *context); -+ -+#if APR_HAS_XLATE -+/** -+ * MDr4 translation setup. Provides the APR translation handle to be used -+ * for translating the content before calculating the digest. -+ * @param context The MD4 content to set the translation for. -+ * @param xlate The translation handle to use for this MD4 context -+ */ -+APU_DECLARE(apr_status_t) apr_md4_set_xlate(apr_md4_ctx_t *context, -+ apr_xlate_t *xlate); -+#else -+#define apr_md4_set_xlate(context, xlate) APR_ENOTIMPL -+#endif -+ -+/** -+ * MD4 block update operation. Continue an MD4 message-digest operation, -+ * processing another message block, and updating the context. -+ * @param context The MD4 content to update. -+ * @param input next message block to update -+ * @param inputLen The length of the next message block -+ */ -+APU_DECLARE(apr_status_t) apr_md4_update(apr_md4_ctx_t *context, -+ const unsigned char *input, -+ apr_size_t inputLen); -+ -+/** -+ * MD4 finalization. Ends an MD4 message-digest operation, writing the -+ * message digest and zeroing the context -+ * @param digest The final MD4 digest -+ * @param context The MD4 content we are finalizing. -+ */ -+APU_DECLARE(apr_status_t) apr_md4_final( -+ unsigned char digest[APR_MD4_DIGESTSIZE], -+ apr_md4_ctx_t *context); -+ -+/** -+ * MD4 digest computation -+ * @param digest The MD4 digest -+ * @param input message block to use -+ * @param inputLen The length of the message block -+ */ -+APU_DECLARE(apr_status_t) apr_md4(unsigned char digest[APR_MD4_DIGESTSIZE], -+ const unsigned char *input, -+ apr_size_t inputLen); -+ -+/** @} */ -+#ifdef __cplusplus -+} -+#endif -+ -+#endif /* !APR_MD4_H */ -diff -urNad apr-util-1.2.7~/include/apr_md5.h apr-util-1.2.7/include/apr_md5.h ---- apr-util-1.2.7~/include/apr_md5.h 1970-01-01 01:00:00.000000000 +0100 -+++ apr-util-1.2.7/include/apr_md5.h 2006-08-18 14:22:04.000000000 +0200 -@@ -0,0 +1,144 @@ -+/* -+ * Adopted for apr-util by Tollef Fog Heen -+ */ -+ -+/* -+ * This is an OpenSSL-compatible implementation of the RSA Data Security, -+ * Inc. MD5 Message-Digest Algorithm. -+ * -+ * Written by Solar Designer in 2001, and placed in -+ * the public domain. See md5.c for more information. -+ */ -+ -+/* Copyright 2000-2005 The Apache Software Foundation or its licensors, as -+ * applicable. -+ * -+ * Licensed under the Apache License, Version 2.0 (the "License"); -+ * you may not use this file except in compliance with the License. -+ * You may obtain a copy of the License at -+ * -+ * http://www.apache.org/licenses/LICENSE-2.0 -+ * -+ * Unless required by applicable law or agreed to in writing, software -+ * distributed under the License is distributed on an "AS IS" BASIS, -+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -+ * See the License for the specific language governing permissions and -+ * limitations under the License. -+ */ -+ -+#ifndef APR_MD5_H -+#define APR_MD5_H -+ -+#include "apu.h" -+#include "apr_xlate.h" -+ -+#ifdef __cplusplus -+extern "C" { -+#endif -+/** -+ * @file apr_md5.h -+ * @brief APR MD5 Routines -+ */ -+ -+/** -+ * @defgroup APR_MD5 MD5 Routines -+ * @ingroup APR -+ * @{ -+ */ -+ -+/** The MD5 digest size */ -+#define APR_MD5_DIGESTSIZE 16 -+ -+/** @see apr_md5_ctx_t */ -+typedef struct apr_md5_ctx_t apr_md5_ctx_t; -+ -+/** MD5 context. */ -+struct apr_md5_ctx_t { -+ /** state (ABCD) */ -+ apr_uint32_t state[4]; -+ /** number of bits, modulo 2^64 (lsb first) */ -+ apr_uint32_t count[2]; -+ /** input buffer */ -+ unsigned char buffer[64]; -+ /** translation handle -+ * ignored if xlate is unsupported -+ */ -+ apr_xlate_t *xlate; -+}; -+ -+/** -+ * MD5 Initialize. Begins an MD5 operation, writing a new context. -+ * @param context The MD5 context to initialize. -+ */ -+APU_DECLARE(apr_status_t) apr_md5_init(apr_md5_ctx_t *context); -+ -+/** -+ * MD5 translation setup. Provides the APR translation handle to be used -+ * for translating the content before calculating the digest. -+ * @param context The MD5 content to set the translation for. -+ * @param xlate The translation handle to use for this MD5 context -+ */ -+APU_DECLARE(apr_status_t) apr_md5_set_xlate(apr_md5_ctx_t *context, -+ apr_xlate_t *xlate); -+ -+/** -+ * MD5 block update operation. Continue an MD5 message-digest operation, -+ * processing another message block, and updating the context. -+ * @param context The MD5 content to update. -+ * @param input next message block to update -+ * @param inputLen The length of the next message block -+ */ -+APU_DECLARE(apr_status_t) apr_md5_update(apr_md5_ctx_t *context, -+ const void *input, -+ apr_size_t inputLen); -+ -+/** -+ * MD5 finalization. Ends an MD5 message-digest operation, writing the -+ * message digest and zeroing the context -+ * @param digest The final MD5 digest -+ * @param context The MD5 content we are finalizing. -+ */ -+APU_DECLARE(apr_status_t) apr_md5_final(unsigned char digest[APR_MD5_DIGESTSIZE], -+ apr_md5_ctx_t *context); -+ -+/** -+ * MD5 in one step -+ * @param digest The final MD5 digest -+ * @param input The message block to use -+ * @param inputLen The length of the message block -+ */ -+APU_DECLARE(apr_status_t) apr_md5(unsigned char digest[APR_MD5_DIGESTSIZE], -+ const void *input, -+ apr_size_t inputLen); -+ -+/** -+ * Encode a password using an MD5 algorithm -+ * @param password The password to encode -+ * @param salt The salt to use for the encoding -+ * @param result The string to store the encoded password in -+ * @param nbytes The size of the result buffer -+ */ -+APU_DECLARE(apr_status_t) apr_md5_encode(const char *password, const char *salt, -+ char *result, apr_size_t nbytes); -+ -+ -+/** -+ * Validate hashes created by APR-supported algorithms: md5 and sha1. -+ * hashes created by crypt are supported only on platforms that provide -+ * crypt(3), so don't rely on that function unless you know that your -+ * application will be run only on platforms that support it. On platforms -+ * that don't support crypt(3), this falls back to a clear text string -+ * comparison. -+ * @param passwd The password to validate -+ * @param hash The password to validate against -+ */ -+APU_DECLARE(apr_status_t) apr_password_validate(const char *passwd, -+ const char *hash); -+ -+ -+/** @} */ -+#ifdef __cplusplus -+} -+#endif -+ -+#endif /* !APR_MD5_H */ reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/prop-base/001_dbm_read_hash_or_btree.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/prop-base/001_dbm_read_hash_or_btree.svn-base @@ -1,5 +0,0 @@ -K 14 -svn:executable -V 1 -* -END reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/prop-base/003_buildconf_config.guess_sub_location.dpatch.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/prop-base/003_buildconf_config.guess_sub_location.dpatch.svn-base @@ -1,5 +0,0 @@ -K 14 -svn:executable -V 1 -* -END reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/prop-base/002_configure_in_remove_syspaths.dpatch.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/prop-base/002_configure_in_remove_syspaths.dpatch.svn-base @@ -1,5 +0,0 @@ -K 14 -svn:executable -V 1 -* -END reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/prop-base/014_apu_config_dont_list_indep_libs.dpatch.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/prop-base/014_apu_config_dont_list_indep_libs.dpatch.svn-base @@ -1,5 +0,0 @@ -K 14 -svn:executable -V 1 -* -END reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/prop-base/004_debian_layout_fix.dpatch.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/prop-base/004_debian_layout_fix.dpatch.svn-base @@ -1,5 +0,0 @@ -K 14 -svn:executable -V 1 -* -END reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/prop-base/013_ship_find_apu.m4.dpatch.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/prop-base/013_ship_find_apu.m4.dpatch.svn-base @@ -1,5 +0,0 @@ -K 14 -svn:executable -V 1 -* -END reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/prop-base/099_alternate_md4_md5_impl.dpatch.svn-base +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/prop-base/099_alternate_md4_md5_impl.dpatch.svn-base @@ -1,5 +0,0 @@ -K 14 -svn:executable -V 1 -* -END reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/props/001_dbm_read_hash_or_btree.svn-work +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/props/001_dbm_read_hash_or_btree.svn-work @@ -1,5 +0,0 @@ -K 14 -svn:executable -V 1 -* -END reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/props/003_buildconf_config.guess_sub_location.dpatch.svn-work +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/props/003_buildconf_config.guess_sub_location.dpatch.svn-work @@ -1,5 +0,0 @@ -K 14 -svn:executable -V 1 -* -END reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/props/002_configure_in_remove_syspaths.dpatch.svn-work +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/props/002_configure_in_remove_syspaths.dpatch.svn-work @@ -1,5 +0,0 @@ -K 14 -svn:executable -V 1 -* -END reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/props/014_apu_config_dont_list_indep_libs.dpatch.svn-work +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/props/014_apu_config_dont_list_indep_libs.dpatch.svn-work @@ -1,5 +0,0 @@ -K 14 -svn:executable -V 1 -* -END reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/props/004_debian_layout_fix.dpatch.svn-work +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/props/004_debian_layout_fix.dpatch.svn-work @@ -1,5 +0,0 @@ -K 14 -svn:executable -V 1 -* -END reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/props/013_ship_find_apu.m4.dpatch.svn-work +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/props/013_ship_find_apu.m4.dpatch.svn-work @@ -1,5 +0,0 @@ -K 14 -svn:executable -V 1 -* -END reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/props/099_alternate_md4_md5_impl.dpatch.svn-work +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/props/099_alternate_md4_md5_impl.dpatch.svn-work @@ -1,5 +0,0 @@ -K 14 -svn:executable -V 1 -* -END reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/entries +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/entries @@ -1,86 +0,0 @@ - - - - - - - - - - - - reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/README.txt +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/README.txt @@ -1,2 +0,0 @@ -This is a Subversion working copy administrative directory. -Visit http://subversion.tigris.org/ for more information. reverted: --- apr-util-1.2.7+dfsg/debian/patches/.svn/format +++ apr-util-1.2.7+dfsg.orig/debian/patches/.svn/format @@ -1 +0,0 @@ -4 diff -u apr-util-1.2.7+dfsg/debian/patches/00list apr-util-1.2.7+dfsg/debian/patches/00list --- apr-util-1.2.7+dfsg/debian/patches/00list +++ apr-util-1.2.7+dfsg/debian/patches/00list @@ -7 +7,4 @@ -099_alternate_md4_md5_impl \ No newline at end of file +017_CVE-2009-0023 +018_expat_entity_expansion.dpatch +020_CVE-2009-2412 +099_alternate_md4_md5_impl diff -u apr-util-1.2.7+dfsg/debian/changelog apr-util-1.2.7+dfsg/debian/changelog --- apr-util-1.2.7+dfsg/debian/changelog +++ apr-util-1.2.7+dfsg/debian/changelog @@ -1,3 +1,18 @@ +apr-util (1.2.7+dfsg-2+etch3) oldstable-security; urgency=high + + * CVE-2009-2412: Fix overflow in RMM allocations due to alignment. + + -- Peter Samuelson Thu, 06 Aug 2009 09:27:58 -0500 + +apr-util (1.2.7+dfsg-2+etch2) oldstable-security; urgency=high + + * CVE-2009-0023: Fix underflow in apr_strmatch_precompile() which causes + remotely exploitable DoS vulnerabilities in mod_dav_svn and libapreq2. + * Fix DoS vulnerability (memory consumption) in handling of internal xml + entities. + + -- Stefan Fritsch Wed, 03 Jun 2009 23:12:43 +0200 + apr-util (1.2.7+dfsg-2) unstable; urgency=low * Fix stupid code duplication in apr_md[45].c resulting from C&P. only in patch2: unchanged: --- apr-util-1.2.7+dfsg.orig/debian/patches/018_expat_entity_expansion.dpatch +++ apr-util-1.2.7+dfsg/debian/patches/018_expat_entity_expansion.dpatch @@ -0,0 +1,54 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 018_expat_entity_expansion.dpatch by Stefan Fritsch +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad apr-util-1.2.12+dfsg~/xml/apr_xml.c apr-util-1.2.12+dfsg/xml/apr_xml.c +--- apr-util-1.2.12+dfsg~/xml/apr_xml.c 2007-11-01 15:07:19.000000000 +0100 ++++ apr-util-1.2.12+dfsg/xml/apr_xml.c 2009-06-02 19:02:28.063634350 +0200 +@@ -347,6 +347,25 @@ + return APR_SUCCESS; + } + ++#if XML_MAJOR_VERSION > 0 ++/* XML_StopParser is present in expat 2.x */ ++#define HAVE_XML_STOPPARSER ++#endif ++ ++#ifdef HAVE_XML_STOPPARSER ++/* Stop the parser if an entity declaration is hit. */ ++static void entity_declaration(void *userData, const XML_Char *entityName, ++ int is_parameter_entity, const XML_Char *value, ++ int value_length, const XML_Char *base, ++ const XML_Char *systemId, const XML_Char *publicId, ++ const XML_Char *notationName) ++{ ++ apr_xml_parser *parser = userData; ++ ++ XML_StopParser(parser->xp, XML_FALSE); ++} ++#endif ++ + APU_DECLARE(apr_xml_parser *) apr_xml_parser_create(apr_pool_t *pool) + { + apr_xml_parser *parser = apr_pcalloc(pool, sizeof(*parser)); +@@ -372,6 +391,17 @@ + XML_SetElementHandler(parser->xp, start_handler, end_handler); + XML_SetCharacterDataHandler(parser->xp, cdata_handler); + ++ /* Prevent the "billion laughs" attack against expat by disabling ++ * internal entity expansion. With 2.x, forcibly stop the parser ++ * if an entity is declared - this is safer and a more obvious ++ * failure mode. With older versions, simply prevent expenansion ++ * of such entities. */ ++#ifdef HAVE_XML_STOPPARSER ++ XML_SetEntityDeclHandler(parser->xp, entity_declaration); ++#else ++ XML_SetDefaultHandler(parser->xp, NULL); ++#endif ++ + return parser; + } + only in patch2: unchanged: --- apr-util-1.2.7+dfsg.orig/debian/patches/020_CVE-2009-2412.dpatch +++ apr-util-1.2.7+dfsg/debian/patches/020_CVE-2009-2412.dpatch @@ -0,0 +1,96 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 020_CVE-2009-2412 by William Rowe +## +## DP: SECURITY: CVE-2009-2412 (cve.mitre.org) +## DP: Fix overflow in rmm, where size alignment was taking place. +## DP: +## DP: Reported by: Matt Lewis +## DP: +## DP: * misc/apr_rmm.c +## DP: (apr_rmm_malloc, apr_rmm_calloc, apr_rmm_realloc): Check for overflow after aligning size. +## DP: +## DP: SEE ALSO: apr-1.x-CVE-2009-2412.patch + +@DPATCH@ +Index: misc/apr_rmm.c +=================================================================== +--- a/misc/apr_rmm.c ++++ b/misc/apr_rmm.c +@@ -306,13 +306,17 @@ + + APU_DECLARE(apr_rmm_off_t) apr_rmm_malloc(apr_rmm_t *rmm, apr_size_t reqsize) + { ++ apr_size_t size; + apr_rmm_off_t this; + +- reqsize = APR_ALIGN_DEFAULT(reqsize) + RMM_BLOCK_SIZE; ++ size = APR_ALIGN_DEFAULT(reqsize) + RMM_BLOCK_SIZE; ++ if (size < reqsize) { ++ return 0; ++ } + + APR_ANYLOCK_LOCK(&rmm->lock); + +- this = find_block_of_size(rmm, reqsize); ++ this = find_block_of_size(rmm, size); + + if (this) { + move_block(rmm, this, 0); +@@ -325,18 +329,22 @@ + + APU_DECLARE(apr_rmm_off_t) apr_rmm_calloc(apr_rmm_t *rmm, apr_size_t reqsize) + { ++ apr_size_t size; + apr_rmm_off_t this; + +- reqsize = APR_ALIGN_DEFAULT(reqsize) + RMM_BLOCK_SIZE; ++ size = APR_ALIGN_DEFAULT(reqsize) + RMM_BLOCK_SIZE; ++ if (size < reqsize) { ++ return 0; ++ } + + APR_ANYLOCK_LOCK(&rmm->lock); + +- this = find_block_of_size(rmm, reqsize); ++ this = find_block_of_size(rmm, size); + + if (this) { + move_block(rmm, this, 0); + this += RMM_BLOCK_SIZE; +- memset((char*)rmm->base + this, 0, reqsize - RMM_BLOCK_SIZE); ++ memset((char*)rmm->base + this, 0, size - RMM_BLOCK_SIZE); + } + + APR_ANYLOCK_UNLOCK(&rmm->lock); +@@ -349,16 +357,19 @@ + apr_rmm_off_t this; + apr_rmm_off_t old; + struct rmm_block_t *blk; +- apr_size_t oldsize; ++ apr_size_t size, oldsize; + + if (!entity) { + return apr_rmm_malloc(rmm, reqsize); + } + +- reqsize = APR_ALIGN_DEFAULT(reqsize); ++ size = APR_ALIGN_DEFAULT(reqsize); ++ if (size < reqsize) { ++ return 0; ++ } + old = apr_rmm_offset_get(rmm, entity); + +- if ((this = apr_rmm_malloc(rmm, reqsize)) == 0) { ++ if ((this = apr_rmm_malloc(rmm, size)) == 0) { + return 0; + } + +@@ -366,7 +377,7 @@ + oldsize = blk->size; + + memcpy(apr_rmm_addr_get(rmm, this), +- apr_rmm_addr_get(rmm, old), oldsize < reqsize ? oldsize : reqsize); ++ apr_rmm_addr_get(rmm, old), oldsize < size ? oldsize : size); + apr_rmm_free(rmm, old); + + return this; only in patch2: unchanged: --- apr-util-1.2.7+dfsg.orig/debian/patches/017_CVE-2009-0023.dpatch +++ apr-util-1.2.7+dfsg/debian/patches/017_CVE-2009-0023.dpatch @@ -0,0 +1,31 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run + +@DPATCH@ +diff -urNad apr-util-1.2.12+dfsg~/strmatch/apr_strmatch.c apr-util-1.2.12+dfsg/strmatch/apr_strmatch.c +--- apr-util-1.2.12+dfsg~/strmatch/apr_strmatch.c 2009-06-02 18:58:49.000000000 +0200 ++++ apr-util-1.2.12+dfsg/strmatch/apr_strmatch.c 2009-06-03 23:03:55.650337096 +0200 +@@ -74,7 +74,7 @@ + } + s_tmp--; + } +- s_next += shift[apr_tolower(*s_next)]; ++ s_next += shift[(unsigned char)apr_tolower(*s_next)]; + } + return NULL; + } +@@ -103,13 +103,13 @@ + if (case_sensitive) { + pattern->compare = match_boyer_moore_horspool; + for (i = 0; i < pattern->length - 1; i++) { +- shift[(int)s[i]] = pattern->length - i - 1; ++ shift[(unsigned char)s[i]] = pattern->length - i - 1; + } + } + else { + pattern->compare = match_boyer_moore_horspool_nocase; + for (i = 0; i < pattern->length - 1; i++) { +- shift[apr_tolower(s[i])] = pattern->length - i - 1; ++ shift[(unsigned char)apr_tolower(s[i])] = pattern->length - i - 1; + } + } + pattern->context = shift;