diff options
author | Francesco Colista <francesco.colista@gmail.com> | 2012-11-03 11:40:25 +0000 |
---|---|---|
committer | Francesco Colista <francesco.colista@gmail.com> | 2012-11-03 11:40:25 +0000 |
commit | aec65361be4ba73d1ac6d80c22b61a7171b63802 (patch) | |
tree | cc9c24ba884a5f3fdbb978b39841c88498688c70 | |
parent | 7e8537a95aeb56c77567d2d0f27aa1b5c507b3e7 (diff) | |
parent | b2f59ad10f25be0112e9f226a1725bc82c0e793f (diff) | |
download | alpine_aports-aec65361be4ba73d1ac6d80c22b61a7171b63802.tar.bz2 alpine_aports-aec65361be4ba73d1ac6d80c22b61a7171b63802.tar.xz alpine_aports-aec65361be4ba73d1ac6d80c22b61a7171b63802.zip |
Merge git://dev.alpinelinux.org/aports
-rw-r--r-- | main/apache2/APKBUILD | 52 | ||||
-rw-r--r-- | main/apache2/httpd.conf | 129 | ||||
-rw-r--r-- | main/apache2/lua.conf | 1 | ||||
-rw-r--r-- | main/apache2/proxy-html.conf | 1 | ||||
-rw-r--r-- | main/apache2/proxy.conf | 15 | ||||
-rw-r--r-- | main/freeradius/APKBUILD | 4 | ||||
-rw-r--r-- | main/freeradius/freeradius.initd | 10 | ||||
-rw-r--r-- | main/libc0.9.32/APKBUILD | 4 | ||||
-rw-r--r-- | main/libc0.9.32/STATUS | 18 | ||||
-rw-r--r-- | main/libc0.9.32/uclibc-rtld_next-fix.patch | 27 | ||||
-rw-r--r-- | main/libvirt/APKBUILD | 12 | ||||
-rw-r--r-- | main/libxml2/APKBUILD | 12 | ||||
-rw-r--r-- | main/libxml2/libxml2-entities-local-buffers-size.patch | 97 | ||||
-rw-r--r-- | main/libxml2/libxml2-entities-local-buffers-size2.patch | 21 | ||||
-rw-r--r-- | main/libxml2/libxml2-parser-local-buffers-size.patch | 260 | ||||
-rw-r--r-- | main/libxslt/APKBUILD | 6 | ||||
-rw-r--r-- | main/xen/APKBUILD | 8 | ||||
-rw-r--r-- | main/xen/xend.initd | 2 | ||||
-rw-r--r-- | main/xen/xenstored.initd | 1 | ||||
-rw-r--r-- | main/xen/xsa25-4.2.patch | 365 |
20 files changed, 581 insertions, 464 deletions
diff --git a/main/apache2/APKBUILD b/main/apache2/APKBUILD index 988dace899..d5151f2585 100644 --- a/main/apache2/APKBUILD +++ b/main/apache2/APKBUILD | |||
@@ -1,7 +1,7 @@ | |||
1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> | 1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> |
2 | pkgname=apache2 | 2 | pkgname=apache2 |
3 | pkgver=2.4.3 | 3 | pkgver=2.4.3 |
4 | pkgrel=1 | 4 | pkgrel=2 |
5 | pkgdesc="A high performance Unix-based HTTP server" | 5 | pkgdesc="A high performance Unix-based HTTP server" |
6 | url="http://httpd.apache.org/" | 6 | url="http://httpd.apache.org/" |
7 | arch="all" | 7 | arch="all" |
@@ -12,9 +12,10 @@ pkggroups="apache" | |||
12 | makedepends="openssl-dev zlib-dev apr-util-dev apr-dev pcre-dev sed lua-dev | 12 | makedepends="openssl-dev zlib-dev apr-util-dev apr-dev pcre-dev sed lua-dev |
13 | autoconf automake" | 13 | autoconf automake" |
14 | subpackages="$pkgname-dev $pkgname-doc $pkgname-utils $pkgname-ssl | 14 | subpackages="$pkgname-dev $pkgname-doc $pkgname-utils $pkgname-ssl |
15 | $pkgname-ldap $pkgname-webdav" | 15 | $pkgname-ldap $pkgname-webdav |
16 | # see http://lists.err.no/pipermail/mpm-itk/2011-August/000432.html for | 16 | $pkgname-proxy-html:proxy_html |
17 | # the 03-add-mpm-to-build-system.patch | 17 | $pkgname-proxy |
18 | $pkgname-lua:_lua" | ||
18 | source="http://archive.apache.org/dist/httpd/httpd-$pkgver.tar.bz2 | 19 | source="http://archive.apache.org/dist/httpd/httpd-$pkgver.tar.bz2 |
19 | apache2.confd | 20 | apache2.confd |
20 | apache2.logrotate | 21 | apache2.logrotate |
@@ -22,6 +23,9 @@ source="http://archive.apache.org/dist/httpd/httpd-$pkgver.tar.bz2 | |||
22 | httpd.conf | 23 | httpd.conf |
23 | ssl.conf | 24 | ssl.conf |
24 | ldap.conf | 25 | ldap.conf |
26 | proxy-html.conf | ||
27 | proxy.conf | ||
28 | lua.conf | ||
25 | alpine.layout | 29 | alpine.layout |
26 | " | 30 | " |
27 | _builddir="$srcdir"/httpd-$pkgver | 31 | _builddir="$srcdir"/httpd-$pkgver |
@@ -153,19 +157,57 @@ ldap() { | |||
153 | webdav() { | 157 | webdav() { |
154 | pkgdesc="WebDAV support for the Apache HTTP Server" | 158 | pkgdesc="WebDAV support for the Apache HTTP Server" |
155 | depends="apache2" | 159 | depends="apache2" |
160 | replaces="apache2" | ||
156 | 161 | ||
157 | install -d "$subpkgdir"/usr/lib/apache2 || return 1 | 162 | install -d "$subpkgdir"/usr/lib/apache2 || return 1 |
158 | mv "$pkgdir"/usr/lib/apache2/mod_*dav.so \ | 163 | mv "$pkgdir"/usr/lib/apache2/mod_*dav.so \ |
164 | "$pkgdir"/usr/lib/apache2/mod_dav_*.so \ | ||
159 | "$subpkgdir"/usr/lib/apache2/ || return 1 | 165 | "$subpkgdir"/usr/lib/apache2/ || return 1 |
160 | install -D -m644 "$_builddir"/docs/conf/extra/httpd-dav.conf \ | 166 | install -D -m644 "$_builddir"/docs/conf/extra/httpd-dav.conf \ |
161 | "$subpkgdir"/etc/apache2/conf.d/http-dav.conf || return 1 | 167 | "$subpkgdir"/etc/apache2/conf.d/http-dav.conf || return 1 |
162 | } | 168 | } |
163 | 169 | ||
170 | proxy_html() { | ||
171 | pkgdesc="HTML and XML content filters for the Apache HTTP Server" | ||
172 | depends="apache2" | ||
173 | install -d "$subpkgdir"/usr/lib/apache2 || return 1 | ||
174 | mv "$pkgdir"/usr/lib/apache2/*_proxy_html.so \ | ||
175 | "$pkgdir"/usr/lib/apache2/*xml2enc*.so \ | ||
176 | "$subpkgdir"/usr/lib/apache2/ || return 1 | ||
177 | install -D -m644 "$srcdir"/proxy-html.conf \ | ||
178 | "$subpkgdir"/etc/apache2/conf.d/proxy-html.conf || return 1 | ||
179 | } | ||
180 | |||
181 | proxy() { | ||
182 | pkgdesc="Proxy modules for the Apache HTTP Server" | ||
183 | depends="apache2" | ||
184 | install -d "$subpkgdir"/usr/lib/apache2 || return 1 | ||
185 | mv "$pkgdir"/usr/lib/apache2/*_proxy*.so \ | ||
186 | "$pkgdir"/usr/lib/apache2/*_lbmethod*.so \ | ||
187 | "$subpkgdir"/usr/lib/apache2/ || return 1 | ||
188 | install -D -m644 "$srcdir"/proxy.conf \ | ||
189 | "$subpkgdir"/etc/apache2/conf.d/proxy.conf || return 1 | ||
190 | } | ||
191 | |||
192 | _lua() { | ||
193 | pkgdesc="Lua support for the Apache HTTP server" | ||
194 | depends="apache2" | ||
195 | install -d "$subpkgdir"/usr/lib/apache2 || return 1 | ||
196 | mv "$pkgdir"/usr/lib/apache2/*_lua.so \ | ||
197 | "$subpkgdir"/usr/lib/apache2/ || return 1 | ||
198 | install -D -m644 "$srcdir"/lua.conf \ | ||
199 | "$subpkgdir"/etc/apache2/conf.d/lua.conf || return 1 | ||
200 | } | ||
201 | |||
202 | |||
164 | md5sums="87aaf7bc7e8715f0455997bb8c6791aa httpd-2.4.3.tar.bz2 | 203 | md5sums="87aaf7bc7e8715f0455997bb8c6791aa httpd-2.4.3.tar.bz2 |
165 | e322b5211e49511cac6e40c86af1b1da apache2.confd | 204 | e322b5211e49511cac6e40c86af1b1da apache2.confd |
166 | 75fe4138b98fcffd01b8c8c077b944f3 apache2.logrotate | 205 | 75fe4138b98fcffd01b8c8c077b944f3 apache2.logrotate |
167 | 7105fc70298b24bfca6dba517f7486d7 apache2.initd | 206 | 7105fc70298b24bfca6dba517f7486d7 apache2.initd |
168 | 749faf0b2916d85d1240bc34f700e5d9 httpd.conf | 207 | cceb6f5c3949326b48e0fcf196a2495d httpd.conf |
169 | 5d0d024ca43571b863874ab871b2c109 ssl.conf | 208 | 5d0d024ca43571b863874ab871b2c109 ssl.conf |
170 | b70fe826486043e3953cfe21f9e6fa16 ldap.conf | 209 | b70fe826486043e3953cfe21f9e6fa16 ldap.conf |
210 | fe26a0a70f572eb256a3c6c183a62223 proxy-html.conf | ||
211 | 96eddccfca1ec0349f844e2460cf655b proxy.conf | ||
212 | 449a4aea60473ac4a16f025fca4463e3 lua.conf | ||
171 | c66ff5f70260d5266e6803a59b39bd7f alpine.layout" | 213 | c66ff5f70260d5266e6803a59b39bd7f alpine.layout" |
diff --git a/main/apache2/httpd.conf b/main/apache2/httpd.conf index 087f3fb8c2..dd1258808d 100644 --- a/main/apache2/httpd.conf +++ b/main/apache2/httpd.conf | |||
@@ -1,9 +1,9 @@ | |||
1 | # | 1 | # |
2 | # This is the main Apache server configuration file. It contains the | 2 | # This is the main Apache server configuration file. It contains the |
3 | # configuration directives that give the server its instructions. | 3 | # configuration directives that give the server its instructions. |
4 | # See <URL:http://httpd.apache.org/docs/2.2/> for detailed information. | 4 | # See <URL:http://httpd.apache.org/docs/2.4/> for detailed information. |
5 | # In particular, see | 5 | # In particular, see |
6 | # <URL:http://httpd.apache.org/docs/2.2/mod/directives.html> | 6 | # <URL:http://httpd.apache.org/docs/2.4/mod/directives.html> |
7 | # for a discussion of each configuration directive. | 7 | # for a discussion of each configuration directive. |
8 | # | 8 | # |
9 | # | 9 | # |
@@ -49,7 +49,7 @@ ServerTokens OS | |||
49 | # | 49 | # |
50 | # NOTE! If you intend to place this on an NFS (or otherwise network) | 50 | # NOTE! If you intend to place this on an NFS (or otherwise network) |
51 | # mounted filesystem then please read the LockFile documentation | 51 | # mounted filesystem then please read the LockFile documentation |
52 | # (available at <URL:http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>); | 52 | # (available at <URL:http://httpd.apache.org/docs/2.4/mod/mpm_common.html#lockfile>); |
53 | # you will save yourself a lot of trouble. | 53 | # you will save yourself a lot of trouble. |
54 | # | 54 | # |
55 | # Do NOT add a slash at the end of the directory path. | 55 | # Do NOT add a slash at the end of the directory path. |
@@ -167,36 +167,58 @@ Listen 80 | |||
167 | # Example: | 167 | # Example: |
168 | # LoadModule foo_module modules/mod_foo.so | 168 | # LoadModule foo_module modules/mod_foo.so |
169 | # | 169 | # |
170 | LoadModule auth_basic_module modules/mod_auth_basic.so | ||
171 | LoadModule auth_digest_module modules/mod_auth_digest.so | ||
172 | LoadModule authn_file_module modules/mod_authn_file.so | 170 | LoadModule authn_file_module modules/mod_authn_file.so |
173 | LoadModule authn_alias_module modules/mod_authn_alias.so | ||
174 | LoadModule authn_anon_module modules/mod_authn_anon.so | 171 | LoadModule authn_anon_module modules/mod_authn_anon.so |
175 | LoadModule authn_dbm_module modules/mod_authn_dbm.so | 172 | LoadModule authn_socache_module modules/mod_authn_socache.so |
176 | LoadModule authn_default_module modules/mod_authn_default.so | 173 | LoadModule authn_core_module modules/mod_authn_core.so |
177 | LoadModule authz_host_module modules/mod_authz_host.so | 174 | LoadModule authz_host_module modules/mod_authz_host.so |
175 | LoadModule authz_groupfile_module modules/mod_authz_groupfile.so | ||
178 | LoadModule authz_user_module modules/mod_authz_user.so | 176 | LoadModule authz_user_module modules/mod_authz_user.so |
179 | LoadModule authz_owner_module modules/mod_authz_owner.so | 177 | LoadModule authz_owner_module modules/mod_authz_owner.so |
180 | LoadModule authz_groupfile_module modules/mod_authz_groupfile.so | 178 | LoadModule authz_core_module modules/mod_authz_core.so |
181 | LoadModule authz_dbm_module modules/mod_authz_dbm.so | 179 | LoadModule access_compat_module modules/mod_access_compat.so |
182 | LoadModule authz_default_module modules/mod_authz_default.so | 180 | LoadModule auth_basic_module modules/mod_auth_basic.so |
181 | LoadModule auth_form_module modules/mod_auth_form.so | ||
182 | LoadModule auth_digest_module modules/mod_auth_digest.so | ||
183 | LoadModule asis_module modules/mod_asis.so | ||
184 | LoadModule allowmethods_module modules/mod_allowmethods.so | ||
185 | LoadModule file_cache_module modules/mod_file_cache.so | ||
186 | LoadModule cache_module modules/mod_cache.so | ||
187 | LoadModule cache_disk_module modules/mod_cache_disk.so | ||
188 | LoadModule socache_shmcb_module modules/mod_socache_shmcb.so | ||
189 | LoadModule socache_memcache_module modules/mod_socache_memcache.so | ||
190 | LoadModule echo_module modules/mod_echo.so | ||
191 | LoadModule buffer_module modules/mod_buffer.so | ||
192 | LoadModule ratelimit_module modules/mod_ratelimit.so | ||
193 | LoadModule reqtimeout_module modules/mod_reqtimeout.so | ||
194 | LoadModule ext_filter_module modules/mod_ext_filter.so | ||
195 | LoadModule request_module modules/mod_request.so | ||
183 | LoadModule include_module modules/mod_include.so | 196 | LoadModule include_module modules/mod_include.so |
197 | LoadModule substitute_module modules/mod_substitute.so | ||
198 | LoadModule sed_module modules/mod_sed.so | ||
199 | LoadModule charset_lite_module modules/mod_charset_lite.so | ||
200 | LoadModule deflate_module modules/mod_deflate.so | ||
201 | LoadModule mime_module modules/mod_mime.so | ||
184 | LoadModule log_config_module modules/mod_log_config.so | 202 | LoadModule log_config_module modules/mod_log_config.so |
203 | LoadModule log_debug_module modules/mod_log_debug.so | ||
185 | LoadModule logio_module modules/mod_logio.so | 204 | LoadModule logio_module modules/mod_logio.so |
186 | LoadModule env_module modules/mod_env.so | 205 | LoadModule env_module modules/mod_env.so |
187 | LoadModule ext_filter_module modules/mod_ext_filter.so | ||
188 | LoadModule mime_magic_module modules/mod_mime_magic.so | 206 | LoadModule mime_magic_module modules/mod_mime_magic.so |
189 | LoadModule expires_module modules/mod_expires.so | 207 | LoadModule expires_module modules/mod_expires.so |
190 | LoadModule deflate_module modules/mod_deflate.so | ||
191 | LoadModule headers_module modules/mod_headers.so | 208 | LoadModule headers_module modules/mod_headers.so |
192 | LoadModule usertrack_module modules/mod_usertrack.so | 209 | LoadModule usertrack_module modules/mod_usertrack.so |
193 | LoadModule setenvif_module modules/mod_setenvif.so | 210 | LoadModule setenvif_module modules/mod_setenvif.so |
194 | LoadModule mime_module modules/mod_mime.so | 211 | LoadModule version_module modules/mod_version.so |
195 | LoadModule dav_module modules/mod_dav.so | 212 | LoadModule remoteip_module modules/mod_remoteip.so |
213 | LoadModule session_module modules/mod_session.so | ||
214 | LoadModule session_cookie_module modules/mod_session_cookie.so | ||
215 | LoadModule slotmem_shm_module modules/mod_slotmem_shm.so | ||
216 | LoadModule unixd_module modules/mod_unixd.so | ||
196 | LoadModule status_module modules/mod_status.so | 217 | LoadModule status_module modules/mod_status.so |
197 | LoadModule autoindex_module modules/mod_autoindex.so | 218 | LoadModule autoindex_module modules/mod_autoindex.so |
198 | LoadModule info_module modules/mod_info.so | 219 | LoadModule info_module modules/mod_info.so |
199 | LoadModule dav_fs_module modules/mod_dav_fs.so | 220 | LoadModule suexec_module modules/mod_suexec.so |
221 | LoadModule cgi_module modules/mod_cgi.so | ||
200 | LoadModule vhost_alias_module modules/mod_vhost_alias.so | 222 | LoadModule vhost_alias_module modules/mod_vhost_alias.so |
201 | LoadModule negotiation_module modules/mod_negotiation.so | 223 | LoadModule negotiation_module modules/mod_negotiation.so |
202 | LoadModule dir_module modules/mod_dir.so | 224 | LoadModule dir_module modules/mod_dir.so |
@@ -204,33 +226,44 @@ LoadModule actions_module modules/mod_actions.so | |||
204 | LoadModule speling_module modules/mod_speling.so | 226 | LoadModule speling_module modules/mod_speling.so |
205 | LoadModule userdir_module modules/mod_userdir.so | 227 | LoadModule userdir_module modules/mod_userdir.so |
206 | LoadModule alias_module modules/mod_alias.so | 228 | LoadModule alias_module modules/mod_alias.so |
207 | LoadModule substitute_module modules/mod_substitute.so | ||
208 | LoadModule rewrite_module modules/mod_rewrite.so | 229 | LoadModule rewrite_module modules/mod_rewrite.so |
209 | LoadModule proxy_module modules/mod_proxy.so | 230 | |
210 | LoadModule proxy_balancer_module modules/mod_proxy_balancer.so | 231 | LoadModule mpm_prefork_module modules/mod_mpm_prefork.so |
211 | LoadModule proxy_ftp_module modules/mod_proxy_ftp.so | 232 | #LoadModule dav_module modules/mod_dav.so |
212 | LoadModule proxy_http_module modules/mod_proxy_http.so | 233 | #LoadModule dav_fs_module modules/mod_dav_fs.so |
213 | LoadModule proxy_ajp_module modules/mod_proxy_ajp.so | 234 | #LoadModule dav_lock_module modules/mod_dav_lock.so |
214 | LoadModule proxy_connect_module modules/mod_proxy_connect.so | ||
215 | LoadModule cache_module modules/mod_cache.so | ||
216 | LoadModule suexec_module modules/mod_suexec.so | ||
217 | LoadModule disk_cache_module modules/mod_disk_cache.so | ||
218 | LoadModule cgi_module modules/mod_cgi.so | ||
219 | LoadModule version_module modules/mod_version.so | ||
220 | 235 | ||
221 | # | 236 | # |
222 | # The following modules are not loaded by default: | 237 | # The following modules are not loaded by default: |
223 | # | 238 | # |
224 | #LoadModule asis_module modules/mod_asis.so | ||
225 | #LoadModule authn_dbd_module modules/mod_authn_dbd.so | 239 | #LoadModule authn_dbd_module modules/mod_authn_dbd.so |
226 | #LoadModule cern_meta_module modules/mod_cern_meta.so | 240 | #LoadModule authn_dbm_module modules/mod_authn_dbm.so |
241 | #LoadModule authnz_ldap_module modules/mod_authnz_ldap.so | ||
242 | #LoadModule authz_dbd_module modules/mod_authz_dbd.so | ||
243 | #LoadModule authz_dbm_module modules/mod_authz_dbm.so | ||
227 | #LoadModule cgid_module modules/mod_cgid.so | 244 | #LoadModule cgid_module modules/mod_cgid.so |
245 | #LoadModule data_module modules/mod_data.so | ||
228 | #LoadModule dbd_module modules/mod_dbd.so | 246 | #LoadModule dbd_module modules/mod_dbd.so |
247 | #LoadModule dialup_module modules/mod_dialup.so | ||
229 | #LoadModule dumpio_module modules/mod_dumpio.so | 248 | #LoadModule dumpio_module modules/mod_dumpio.so |
230 | #LoadModule filter_module modules/mod_filter.so | 249 | #LoadModule filter_module modules/mod_filter.so |
231 | #LoadModule ident_module modules/mod_ident.so | 250 | #LoadModule heartbeat_module modules/mod_heartbeat.so |
251 | #LoadModule heartmonitor_module modules/mod_heartmonitor.so | ||
252 | #LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so | ||
253 | #LoadModule ldap_module modules/mod_ldap.so | ||
232 | #LoadModule log_forensic_module modules/mod_log_forensic.so | 254 | #LoadModule log_forensic_module modules/mod_log_forensic.so |
255 | #LoadModule mpm_event_module modules/mod_mpm_event.so | ||
256 | #LoadModule mpm_worker_module modules/mod_mpm_worker.so | ||
257 | #LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so | ||
258 | #LoadModule proxy_html_module modules/mod_proxy_html.so | ||
259 | #LoadModule reflector_module modules/mod_reflector.so | ||
260 | #LoadModule session_dbd_module modules/mod_session_dbd.so | ||
261 | #LoadModule slotmem_plain_module modules/mod_slotmem_plain.so | ||
262 | #LoadModule socache_dbm_module modules/mod_socache_dbm.so | ||
263 | #LoadModule ssl_module modules/mod_ssl.so | ||
233 | #LoadModule unique_id_module modules/mod_unique_id.so | 264 | #LoadModule unique_id_module modules/mod_unique_id.so |
265 | #LoadModule watchdog_module modules/mod_watchdog.so | ||
266 | #LoadModule xml2enc_module modules/mod_xml2enc.so | ||
234 | # | 267 | # |
235 | 268 | ||
236 | # | 269 | # |
@@ -245,6 +278,7 @@ Include /etc/apache2/conf.d/*.conf | |||
245 | # | 278 | # |
246 | #ExtendedStatus On | 279 | #ExtendedStatus On |
247 | 280 | ||
281 | <IfModule unixd_module> | ||
248 | # | 282 | # |
249 | # If you wish httpd to run as a different user or group, you must run | 283 | # If you wish httpd to run as a different user or group, you must run |
250 | # httpd as root initially and it will switch. | 284 | # httpd as root initially and it will switch. |
@@ -259,6 +293,7 @@ Include /etc/apache2/conf.d/*.conf | |||
259 | # | 293 | # |
260 | User apache | 294 | User apache |
261 | Group apache | 295 | Group apache |
296 | </IfModule> | ||
262 | 297 | ||
263 | ### Section 2: 'Main' server configuration | 298 | ### Section 2: 'Main' server configuration |
264 | # | 299 | # |
@@ -319,7 +354,10 @@ DocumentRoot "/var/www/localhost/htdocs" | |||
319 | # | 354 | # |
320 | <Directory /> | 355 | <Directory /> |
321 | Options FollowSymLinks | 356 | Options FollowSymLinks |
322 | AllowOverride None | 357 | AllowOverride none |
358 | # Require all denied | ||
359 | # Order allow,deny | ||
360 | # Deny from all | ||
323 | </Directory> | 361 | </Directory> |
324 | 362 | ||
325 | # | 363 | # |
@@ -343,7 +381,7 @@ DocumentRoot "/var/www/localhost/htdocs" | |||
343 | # doesn't give it to you. | 381 | # doesn't give it to you. |
344 | # | 382 | # |
345 | # The Options directive is both complicated and important. Please see | 383 | # The Options directive is both complicated and important. Please see |
346 | # http://httpd.apache.org/docs/2.2/mod/core.html#options | 384 | # http://httpd.apache.org/docs/2.4/mod/core.html#options |
347 | # for more information. | 385 | # for more information. |
348 | # | 386 | # |
349 | Options Indexes FollowSymLinks | 387 | Options Indexes FollowSymLinks |
@@ -353,11 +391,12 @@ DocumentRoot "/var/www/localhost/htdocs" | |||
353 | # It can be "All", "None", or any combination of the keywords: | 391 | # It can be "All", "None", or any combination of the keywords: |
354 | # Options FileInfo AuthConfig Limit | 392 | # Options FileInfo AuthConfig Limit |
355 | # | 393 | # |
356 | AllowOverride None | 394 | AllowOverride All |
357 | 395 | ||
358 | # | 396 | # |
359 | # Controls who can get stuff from this server. | 397 | # Controls who can get stuff from this server. |
360 | # | 398 | # |
399 | # Require all granted | ||
361 | Order allow,deny | 400 | Order allow,deny |
362 | Allow from all | 401 | Allow from all |
363 | 402 | ||
@@ -443,17 +482,6 @@ AccessFileName .htaccess | |||
443 | TypesConfig /etc/apache2/mime.types | 482 | TypesConfig /etc/apache2/mime.types |
444 | 483 | ||
445 | # | 484 | # |
446 | # DefaultType is the default MIME type the server will use for a document | ||
447 | # if it cannot otherwise determine one, such as from filename extensions. | ||
448 | # If your server contains mostly text or HTML documents, "text/plain" is | ||
449 | # a good value. If most of your content is binary, such as applications | ||
450 | # or images, you may want to use "application/octet-stream" instead to | ||
451 | # keep browsers from trying to display binary files as though they are | ||
452 | # text. | ||
453 | # | ||
454 | DefaultType text/plain | ||
455 | |||
456 | # | ||
457 | # The mod_mime_magic module allows the server to use various hints from the | 485 | # The mod_mime_magic module allows the server to use various hints from the |
458 | # contents of the file itself to determine its type. The MIMEMagicFile | 486 | # contents of the file itself to determine its type. The MIMEMagicFile |
459 | # directive tells the module where the hint definitions are located. | 487 | # directive tells the module where the hint definitions are located. |
@@ -478,7 +506,7 @@ HostnameLookups Off | |||
478 | # The default is on; turn this off if you serve from NFS-mounted | 506 | # The default is on; turn this off if you serve from NFS-mounted |
479 | # filesystems. On some systems, turning it off (regardless of | 507 | # filesystems. On some systems, turning it off (regardless of |
480 | # filesystem) can improve performance; for details, please see | 508 | # filesystem) can improve performance; for details, please see |
481 | # http://httpd.apache.org/docs/2.2/mod/core.html#enablemmap | 509 | # http://httpd.apache.org/docs/2.4/mod/core.html#enablemmap |
482 | # | 510 | # |
483 | #EnableMMAP off | 511 | #EnableMMAP off |
484 | 512 | ||
@@ -487,7 +515,7 @@ HostnameLookups Off | |||
487 | # used to deliver files (assuming that the OS supports it). | 515 | # used to deliver files (assuming that the OS supports it). |
488 | # The default is on; turn this off if you serve from NFS-mounted | 516 | # The default is on; turn this off if you serve from NFS-mounted |
489 | # filesystems. Please see | 517 | # filesystems. Please see |
490 | # http://httpd.apache.org/docs/2.2/mod/core.html#enablesendfile | 518 | # http://httpd.apache.org/docs/2.4/mod/core.html#enablesendfile |
491 | # | 519 | # |
492 | #EnableSendfile off | 520 | #EnableSendfile off |
493 | 521 | ||
@@ -570,6 +598,7 @@ Alias /icons/ "/usr/share/apache2/icons/" | |||
570 | <Directory "/usr/share/apache2/icons"> | 598 | <Directory "/usr/share/apache2/icons"> |
571 | Options Indexes MultiViews FollowSymLinks | 599 | Options Indexes MultiViews FollowSymLinks |
572 | AllowOverride None | 600 | AllowOverride None |
601 | # Require all granted | ||
573 | Order allow,deny | 602 | Order allow,deny |
574 | Allow from all | 603 | Allow from all |
575 | </Directory> | 604 | </Directory> |
@@ -599,6 +628,7 @@ ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" | |||
599 | <Directory "/var/www/cgi-bin"> | 628 | <Directory "/var/www/cgi-bin"> |
600 | AllowOverride None | 629 | AllowOverride None |
601 | Options None | 630 | Options None |
631 | # Require all granted | ||
602 | Order allow,deny | 632 | Order allow,deny |
603 | Allow from all | 633 | Allow from all |
604 | </Directory> | 634 | </Directory> |
@@ -878,6 +908,7 @@ Alias /error/ "/usr/share/apache2/error/" | |||
878 | Options IncludesNoExec | 908 | Options IncludesNoExec |
879 | AddOutputFilter Includes html | 909 | AddOutputFilter Includes html |
880 | AddHandler type-map var | 910 | AddHandler type-map var |
911 | #Require all granted | ||
881 | Order allow,deny | 912 | Order allow,deny |
882 | Allow from all | 913 | Allow from all |
883 | LanguagePriority en es de fr | 914 | LanguagePriority en es de fr |
@@ -976,7 +1007,7 @@ BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully | |||
976 | 1007 | ||
977 | # | 1008 | # |
978 | # To enable a cache of proxied content, uncomment the following lines. | 1009 | # To enable a cache of proxied content, uncomment the following lines. |
979 | # See http://httpd.apache.org/docs/2.2/mod/mod_cache.html for more details. | 1010 | # See http://httpd.apache.org/docs/2.4/mod/mod_cache.html for more details. |
980 | # | 1011 | # |
981 | #<IfModule mod_disk_cache.c> | 1012 | #<IfModule mod_disk_cache.c> |
982 | # CacheEnable disk / | 1013 | # CacheEnable disk / |
@@ -995,7 +1026,7 @@ BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully | |||
995 | # IP addresses. This is indicated by the asterisks in the directives below. | 1026 | # IP addresses. This is indicated by the asterisks in the directives below. |
996 | # | 1027 | # |
997 | # Please see the documentation at | 1028 | # Please see the documentation at |
998 | # <URL:http://httpd.apache.org/docs/2.2/vhosts/> | 1029 | # <URL:http://httpd.apache.org/docs/2.4/vhosts/> |
999 | # for further details before you try to setup virtual hosts. | 1030 | # for further details before you try to setup virtual hosts. |
1000 | # | 1031 | # |
1001 | # You may use the command line option '-S' to verify your virtual host | 1032 | # You may use the command line option '-S' to verify your virtual host |
diff --git a/main/apache2/lua.conf b/main/apache2/lua.conf new file mode 100644 index 0000000000..9e0d0db6e1 --- /dev/null +++ b/main/apache2/lua.conf | |||
@@ -0,0 +1 @@ | |||
LoadModule lua_module modules/mod_lua.so | |||
diff --git a/main/apache2/proxy-html.conf b/main/apache2/proxy-html.conf new file mode 100644 index 0000000000..90cbf71e66 --- /dev/null +++ b/main/apache2/proxy-html.conf | |||
@@ -0,0 +1 @@ | |||
LoadModule proxy_module modules/mod_proxy.so | |||
diff --git a/main/apache2/proxy.conf b/main/apache2/proxy.conf new file mode 100644 index 0000000000..a446822916 --- /dev/null +++ b/main/apache2/proxy.conf | |||
@@ -0,0 +1,15 @@ | |||
1 | # This file configures all the proxy modules: | ||
2 | LoadModule proxy_module modules/mod_proxy.so | ||
3 | LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so | ||
4 | LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so | ||
5 | LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so | ||
6 | LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so | ||
7 | LoadModule proxy_ajp_module modules/mod_proxy_ajp.so | ||
8 | LoadModule proxy_balancer_module modules/mod_proxy_balancer.so | ||
9 | LoadModule proxy_connect_module modules/mod_proxy_connect.so | ||
10 | LoadModule proxy_express_module modules/mod_proxy_express.so | ||
11 | LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so | ||
12 | LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so | ||
13 | LoadModule proxy_ftp_module modules/mod_proxy_ftp.so | ||
14 | LoadModule proxy_http_module modules/mod_proxy_http.so | ||
15 | LoadModule proxy_scgi_module modules/mod_proxy_scgi.so | ||
diff --git a/main/freeradius/APKBUILD b/main/freeradius/APKBUILD index f5cee1245f..360b01cd9b 100644 --- a/main/freeradius/APKBUILD +++ b/main/freeradius/APKBUILD | |||
@@ -2,7 +2,7 @@ | |||
2 | # Maintainer: Leonardo Arena <rnalrd@alpinelinux.org> | 2 | # Maintainer: Leonardo Arena <rnalrd@alpinelinux.org> |
3 | pkgname=freeradius | 3 | pkgname=freeradius |
4 | pkgver=2.2.0 | 4 | pkgver=2.2.0 |
5 | pkgrel=2 | 5 | pkgrel=4 |
6 | pkgdesc="RADIUS (Remote Authentication Dial-In User Service) server" | 6 | pkgdesc="RADIUS (Remote Authentication Dial-In User Service) server" |
7 | url="http://freeradius.org/" | 7 | url="http://freeradius.org/" |
8 | arch="all" | 8 | arch="all" |
@@ -174,4 +174,4 @@ pam() { | |||
174 | } | 174 | } |
175 | md5sums="2e45d3c0d22ab14c560c7c3029893a8a freeradius-server-2.2.0.tar.gz | 175 | md5sums="2e45d3c0d22ab14c560c7c3029893a8a freeradius-server-2.2.0.tar.gz |
176 | fc6693f3df5a0694610110287a28568a freeradius.confd | 176 | fc6693f3df5a0694610110287a28568a freeradius.confd |
177 | c46f34d7ddf695dfe53e5fb7f60afa59 freeradius.initd" | 177 | 5d83f40bd5c3a5d4e4a5f43c29e7f0da freeradius.initd" |
diff --git a/main/freeradius/freeradius.initd b/main/freeradius/freeradius.initd index fe44715179..8f9bbaa33b 100644 --- a/main/freeradius/freeradius.initd +++ b/main/freeradius/freeradius.initd | |||
@@ -15,8 +15,8 @@ checkconfig() { | |||
15 | return 1 | 15 | return 1 |
16 | fi | 16 | fi |
17 | 17 | ||
18 | if [ ! -d /var/run/radiusd ] && ! mkdir /var/run/radiusd ; then | 18 | if [ ! -d /var/run/radius ] && ! mkdir /var/run/radius ; then |
19 | eerror "Failed to create /var/run/radiusd" | 19 | eerror "Failed to create /var/run/radius" |
20 | return 1 | 20 | return 1 |
21 | fi | 21 | fi |
22 | 22 | ||
@@ -45,7 +45,7 @@ checkconfig() { | |||
45 | [ -f radius.log ] || touch radius.log || return 1 | 45 | [ -f radius.log ] || touch radius.log || return 1 |
46 | 46 | ||
47 | chown -R "${RADIUSD_USER:-root}:${RADIUSD_GROUP:-root}" . /var/run/radiusd && \ | 47 | chown -R "${RADIUSD_USER:-root}:${RADIUSD_GROUP:-root}" . /var/run/radiusd && \ |
48 | chmod -R u+rwX,g+rX . /var/run/radiusd || return 1 | 48 | chmod -R u+rwX,g+rX . /var/run/radius || return 1 |
49 | } | 49 | } |
50 | 50 | ||
51 | start() { | 51 | start() { |
@@ -58,13 +58,13 @@ start() { | |||
58 | 58 | ||
59 | stop () { | 59 | stop () { |
60 | ebegin "Stopping radiusd" | 60 | ebegin "Stopping radiusd" |
61 | start-stop-daemon --stop --quiet --pidfile /var/run/radiusd/radiusd.pid | 61 | start-stop-daemon --stop --quiet --pidfile /var/run/radius/radiusd.pid |
62 | eend $? | 62 | eend $? |
63 | } | 63 | } |
64 | 64 | ||
65 | reload () { | 65 | reload () { |
66 | ebegin "Reloading radiusd" | 66 | ebegin "Reloading radiusd" |
67 | kill -HUP `</var/run/radiusd/radiusd.pid` | 67 | kill -HUP `cat /var/run/radius/radiusd.pid` |
68 | eend $? | 68 | eend $? |
69 | } | 69 | } |
70 | 70 | ||
diff --git a/main/libc0.9.32/APKBUILD b/main/libc0.9.32/APKBUILD index 88fa0bf64f..714e795983 100644 --- a/main/libc0.9.32/APKBUILD +++ b/main/libc0.9.32/APKBUILD | |||
@@ -4,7 +4,7 @@ pkgname=libc$_abiver | |||
4 | _gitver= | 4 | _gitver= |
5 | pkgver=0.9.33.2 | 5 | pkgver=0.9.33.2 |
6 | _ver=${pkgver/_/-} | 6 | _ver=${pkgver/_/-} |
7 | pkgrel=13 | 7 | pkgrel=14 |
8 | pkgdesc="C library for developing embedded Linux systems" | 8 | pkgdesc="C library for developing embedded Linux systems" |
9 | url=http://uclibc.org | 9 | url=http://uclibc.org |
10 | license="LGPL-2" | 10 | license="LGPL-2" |
@@ -55,6 +55,7 @@ librt-re-add-SIGCANCEL-to-the-list-of-blocked-signal-in-helper-thread.patch | |||
55 | 0001-libc-sysdeps-get-make-set-swap-context-for-i386.patch | 55 | 0001-libc-sysdeps-get-make-set-swap-context-for-i386.patch |
56 | 0002-libc-sysdeps-add-get-make-set-swap-context-for-x86_6.patch | 56 | 0002-libc-sysdeps-add-get-make-set-swap-context-for-x86_6.patch |
57 | uclibc-dlclose-fix.patch | 57 | uclibc-dlclose-fix.patch |
58 | uclibc-rtld_next-fix.patch | ||
58 | 59 | ||
59 | uclibcconfig.x86 | 60 | uclibcconfig.x86 |
60 | uclibcconfig.x86_64 | 61 | uclibcconfig.x86_64 |
@@ -193,6 +194,7 @@ f41ab6cf22545d2e629d4c7107ac6f85 0009-sys-quota.h-sync-with-glibc.patch | |||
193 | e5aceb82bf4ffd5328113af5380fcdb6 0001-libc-sysdeps-get-make-set-swap-context-for-i386.patch | 194 | e5aceb82bf4ffd5328113af5380fcdb6 0001-libc-sysdeps-get-make-set-swap-context-for-i386.patch |
194 | da043a65003ac29ca8b96f416e7752ee 0002-libc-sysdeps-add-get-make-set-swap-context-for-x86_6.patch | 195 | da043a65003ac29ca8b96f416e7752ee 0002-libc-sysdeps-add-get-make-set-swap-context-for-x86_6.patch |
195 | 8374c98e769e603af4adad12e01cf358 uclibc-dlclose-fix.patch | 196 | 8374c98e769e603af4adad12e01cf358 uclibc-dlclose-fix.patch |
197 | ffe7564afe846026a278dd8c0251ace9 uclibc-rtld_next-fix.patch | ||
196 | ce8a33a31f5a53031fbad8b1d1b66d44 uclibcconfig.x86 | 198 | ce8a33a31f5a53031fbad8b1d1b66d44 uclibcconfig.x86 |
197 | e861a17baa541accf4d4d39a98d74c32 uclibcconfig.x86_64 | 199 | e861a17baa541accf4d4d39a98d74c32 uclibcconfig.x86_64 |
198 | ce8a33a31f5a53031fbad8b1d1b66d44 uclibcconfig.i486 | 200 | ce8a33a31f5a53031fbad8b1d1b66d44 uclibcconfig.i486 |
diff --git a/main/libc0.9.32/STATUS b/main/libc0.9.32/STATUS index c457f2fef0..155df167fb 100644 --- a/main/libc0.9.32/STATUS +++ b/main/libc0.9.32/STATUS | |||
@@ -49,4 +49,22 @@ | |||
49 | 49 | ||
50 | Needs to be upstreamed | 50 | Needs to be upstreamed |
51 | 51 | ||
52 | uclibc-dlclose-fix.patch | ||
53 | Origin: Alpine | ||
54 | Author: Timo Teräs | ||
55 | |||
56 | Fix dlclose() to not try to free static TLS symbols. This seems | ||
57 | to happen on x86_64 with certain .so's. They probably link against | ||
58 | TLS symbol defined in the main binary (or the loader has additional | ||
59 | bug on this). | ||
60 | |||
61 | Needs to be upstreamed | ||
52 | 62 | ||
63 | uclibc-rtld_next-fix.patch | ||
64 | Origin: Alpine | ||
65 | Author: Timo Teräs | ||
66 | |||
67 | Fix dlsym(RTLD_NEXT) lookups to search all linked-in modules | ||
68 | instead of just the first one of them. | ||
69 | |||
70 | Needs to be upstreamed | ||
diff --git a/main/libc0.9.32/uclibc-rtld_next-fix.patch b/main/libc0.9.32/uclibc-rtld_next-fix.patch new file mode 100644 index 0000000000..f952641f47 --- /dev/null +++ b/main/libc0.9.32/uclibc-rtld_next-fix.patch | |||
@@ -0,0 +1,27 @@ | |||
1 | --- a/ldso/libdl/libdl.c | ||
2 | +++ b/ldso/libdl/libdl.c | ||
3 | @@ -671,7 +671,7 @@ | ||
4 | { | ||
5 | struct elf_resolve *tpnt, *tfrom; | ||
6 | struct dyn_elf *handle; | ||
7 | - ElfW(Addr) from; | ||
8 | + ElfW(Addr) from = 0; | ||
9 | struct dyn_elf *rpnt; | ||
10 | void *ret; | ||
11 | struct symbol_ref sym_ref = { NULL, NULL }; | ||
12 | @@ -729,7 +729,13 @@ | ||
13 | tpnt = NULL; | ||
14 | if (handle == _dl_symbol_tables) | ||
15 | tpnt = handle->dyn; /* Only search RTLD_GLOBAL objs if global object */ | ||
16 | - ret = _dl_find_hash(name2, &handle->dyn->symbol_scope, tpnt, ELF_RTYPE_CLASS_DLSYM, &sym_ref); | ||
17 | + | ||
18 | + do { | ||
19 | + ret = _dl_find_hash(name2, &handle->dyn->symbol_scope, tpnt, ELF_RTYPE_CLASS_DLSYM, &sym_ref); | ||
20 | + if (ret != NULL) | ||
21 | + break; | ||
22 | + handle = handle->next; | ||
23 | + } while (from && handle); | ||
24 | |||
25 | #if defined(USE_TLS) && USE_TLS && defined SHARED | ||
26 | if (sym_ref.sym && (ELF_ST_TYPE(sym_ref.sym->st_info) == STT_TLS) && (sym_ref.tpnt)) { | ||
27 | |||
diff --git a/main/libvirt/APKBUILD b/main/libvirt/APKBUILD index ca4937306e..d4778aaf9d 100644 --- a/main/libvirt/APKBUILD +++ b/main/libvirt/APKBUILD | |||
@@ -1,8 +1,8 @@ | |||
1 | # Maintainer: Leonardo Arena <rnalrd@alpinelinux.org> | 1 | # Maintainer: Leonardo Arena <rnalrd@alpinelinux.org> |
2 | pkgname=libvirt | 2 | pkgname=libvirt |
3 | vmajor="1.0.0" | 3 | vmajor="1.0.0" |
4 | vminor="rc3" | 4 | vminor="" |
5 | pkgver="${vmajor}_${vminor}" | 5 | pkgver="${vmajor}" |
6 | _ver="${pkgver/_rc/-rc}" | 6 | _ver="${pkgver/_rc/-rc}" |
7 | pkgrel=0 | 7 | pkgrel=0 |
8 | pkgdesc="A virtualization API for several hypervisor and container systems" | 8 | pkgdesc="A virtualization API for several hypervisor and container systems" |
@@ -18,11 +18,10 @@ makedepends="augeas-dev bridge-utils cyrus-sasl-dev device-mapper | |||
18 | install= | 18 | install= |
19 | subpackages="$pkgname-client $pkgname-daemon $pkgname-dev $pkgname-doc $pkgname-lang | 19 | subpackages="$pkgname-client $pkgname-daemon $pkgname-dev $pkgname-doc $pkgname-lang |
20 | $pkgname-lxc $pkgname-qemu $pkgname-xen $pkgname-uml" | 20 | $pkgname-lxc $pkgname-qemu $pkgname-xen $pkgname-uml" |
21 | source="http://libvirt.org/sources/$pkgname-$_ver.tar.gz | 21 | source="http://libvirt.org/sources/$pkgname-$pkgver.tar.gz |
22 | libvirt.confd | 22 | libvirt.confd |
23 | libvirt.initd | 23 | libvirt.initd |
24 | uclibc-physmem.patch | 24 | uclibc-physmem.patch |
25 | libvirt-1.0.0-uclibc-mkostemp.patch | ||
26 | " | 25 | " |
27 | 26 | ||
28 | _builddir="$srcdir"/$pkgname-$vmajor | 27 | _builddir="$srcdir"/$pkgname-$vmajor |
@@ -125,8 +124,7 @@ uml() { | |||
125 | _mv_driver uml | 124 | _mv_driver uml |
126 | } | 125 | } |
127 | 126 | ||
128 | md5sums="f2d89d0d13c3704887134a51a09b85e8 libvirt-1.0.0-rc3.tar.gz | 127 | md5sums="7c8b006de7338e30866bb56738803b21 libvirt-1.0.0.tar.gz |
129 | 1c84a7baeafe0a7f4e9d7ae5180311b7 libvirt.confd | 128 | 1c84a7baeafe0a7f4e9d7ae5180311b7 libvirt.confd |
130 | d897df38c7e7fa1a297aa551108633c9 libvirt.initd | 129 | d897df38c7e7fa1a297aa551108633c9 libvirt.initd |
131 | df9cbfaf8a6e520a4822914a300add4d uclibc-physmem.patch | 130 | df9cbfaf8a6e520a4822914a300add4d uclibc-physmem.patch" |
132 | 39d0534c4e24baace260ceb6d8271ab7 libvirt-1.0.0-uclibc-mkostemp.patch" | ||
diff --git a/main/libxml2/APKBUILD b/main/libxml2/APKBUILD index 7c31766c11..0da46a37d6 100644 --- a/main/libxml2/APKBUILD +++ b/main/libxml2/APKBUILD | |||
@@ -1,8 +1,8 @@ | |||
1 | # Contributor: Carlo Landmeter <clandmeter@gmail.com> | 1 | # Contributor: Carlo Landmeter <clandmeter@gmail.com> |
2 | # Maintainer: Carlo Landmeter <clandmeter@gmail.com> | 2 | # Maintainer: Carlo Landmeter <clandmeter@gmail.com> |
3 | pkgname=libxml2 | 3 | pkgname=libxml2 |
4 | pkgver=2.8.0 | 4 | pkgver=2.9.0 |
5 | pkgrel=1 | 5 | pkgrel=0 |
6 | pkgdesc="XML parsing library, version 2" | 6 | pkgdesc="XML parsing library, version 2" |
7 | url="http://www.xmlsoft.org/" | 7 | url="http://www.xmlsoft.org/" |
8 | arch="all" | 8 | arch="all" |
@@ -12,9 +12,6 @@ depends_dev="zlib-dev python-dev" | |||
12 | makedepends="zlib-dev python-dev" | 12 | makedepends="zlib-dev python-dev" |
13 | subpackages="$pkgname-doc $pkgname-dev py-$pkgname:py $pkgname-utils" | 13 | subpackages="$pkgname-doc $pkgname-dev py-$pkgname:py $pkgname-utils" |
14 | source="ftp://ftp.xmlsoft.org/${pkgname}/${pkgname}-${pkgver}.tar.gz | 14 | source="ftp://ftp.xmlsoft.org/${pkgname}/${pkgname}-${pkgver}.tar.gz |
15 | libxml2-entities-local-buffers-size.patch | ||
16 | libxml2-entities-local-buffers-size2.patch | ||
17 | libxml2-parser-local-buffers-size.patch | ||
18 | " | 15 | " |
19 | 16 | ||
20 | options="!strip" | 17 | options="!strip" |
@@ -62,7 +59,4 @@ utils() { | |||
62 | mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ | 59 | mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ |
63 | } | 60 | } |
64 | 61 | ||
65 | md5sums="c62106f02ee00b6437f0fb9d370c1093 libxml2-2.8.0.tar.gz | 62 | md5sums="5b9bebf4f5d2200ae2c4efe8fa6103f7 libxml2-2.9.0.tar.gz" |
66 | c8c789a4fbdae599a47ecbfa32b889d7 libxml2-entities-local-buffers-size.patch | ||
67 | cba1201e77dc0f3e337d9ff146a2666e libxml2-entities-local-buffers-size2.patch | ||
68 | 6c5c7a125dddb616feb1b2f4254bf467 libxml2-parser-local-buffers-size.patch" | ||
diff --git a/main/libxml2/libxml2-entities-local-buffers-size.patch b/main/libxml2/libxml2-entities-local-buffers-size.patch deleted file mode 100644 index 89817d8168..0000000000 --- a/main/libxml2/libxml2-entities-local-buffers-size.patch +++ /dev/null | |||
@@ -1,97 +0,0 @@ | |||
1 | From 4f9fdc709c4861c390cd84e2ed1fd878b3442e28 Mon Sep 17 00:00:00 2001 | ||
2 | From: Daniel Veillard <veillard@redhat.com> | ||
3 | Date: Wed, 18 Jul 2012 03:38:17 +0000 | ||
4 | Subject: Fix entities local buffers size problems | ||
5 | |||
6 | --- | ||
7 | diff --git a/entities.c b/entities.c | ||
8 | index 6aef49f..859ec3b 100644 | ||
9 | --- a/entities.c | ||
10 | +++ b/entities.c | ||
11 | @@ -528,13 +528,13 @@ xmlGetDocEntity(xmlDocPtr doc, const xmlChar *name) { | ||
12 | * Macro used to grow the current buffer. | ||
13 | */ | ||
14 | #define growBufferReentrant() { \ | ||
15 | - buffer_size *= 2; \ | ||
16 | - buffer = (xmlChar *) \ | ||
17 | - xmlRealloc(buffer, buffer_size * sizeof(xmlChar)); \ | ||
18 | - if (buffer == NULL) { \ | ||
19 | - xmlEntitiesErrMemory("xmlEncodeEntitiesReentrant: realloc failed");\ | ||
20 | - return(NULL); \ | ||
21 | - } \ | ||
22 | + xmlChar *tmp; \ | ||
23 | + size_t new_size = buffer_size *= 2; \ | ||
24 | + if (new_size < buffer_size) goto mem_error; \ | ||
25 | + tmp = (xmlChar *) xmlRealloc(buffer, new_size); \ | ||
26 | + if (tmp == NULL) goto mem_error; \ | ||
27 | + buffer = tmp; \ | ||
28 | + buffer_size = new_size; \ | ||
29 | } | ||
30 | |||
31 | |||
32 | @@ -555,7 +555,7 @@ xmlEncodeEntitiesReentrant(xmlDocPtr doc, const xmlChar *input) { | ||
33 | const xmlChar *cur = input; | ||
34 | xmlChar *buffer = NULL; | ||
35 | xmlChar *out = NULL; | ||
36 | - int buffer_size = 0; | ||
37 | + size_t buffer_size = 0; | ||
38 | int html = 0; | ||
39 | |||
40 | if (input == NULL) return(NULL); | ||
41 | @@ -574,8 +574,8 @@ xmlEncodeEntitiesReentrant(xmlDocPtr doc, const xmlChar *input) { | ||
42 | out = buffer; | ||
43 | |||
44 | while (*cur != '\0') { | ||
45 | - if (out - buffer > buffer_size - 100) { | ||
46 | - int indx = out - buffer; | ||
47 | + size_t indx = out - buffer; | ||
48 | + if (indx + 100 > buffer_size) { | ||
49 | |||
50 | growBufferReentrant(); | ||
51 | out = &buffer[indx]; | ||
52 | @@ -692,6 +692,11 @@ xmlEncodeEntitiesReentrant(xmlDocPtr doc, const xmlChar *input) { | ||
53 | } | ||
54 | *out = 0; | ||
55 | return(buffer); | ||
56 | + | ||
57 | +mem_error: | ||
58 | + xmlEntitiesErrMemory("xmlEncodeEntitiesReentrant: realloc failed"); | ||
59 | + xmlFree(buffer); | ||
60 | + return(NULL); | ||
61 | } | ||
62 | |||
63 | /** | ||
64 | @@ -709,7 +714,7 @@ xmlEncodeSpecialChars(xmlDocPtr doc ATTRIBUTE_UNUSED, const xmlChar *input) { | ||
65 | const xmlChar *cur = input; | ||
66 | xmlChar *buffer = NULL; | ||
67 | xmlChar *out = NULL; | ||
68 | - int buffer_size = 0; | ||
69 | + size_t buffer_size = 0; | ||
70 | if (input == NULL) return(NULL); | ||
71 | |||
72 | /* | ||
73 | @@ -724,8 +729,8 @@ xmlEncodeSpecialChars(xmlDocPtr doc ATTRIBUTE_UNUSED, const xmlChar *input) { | ||
74 | out = buffer; | ||
75 | |||
76 | while (*cur != '\0') { | ||
77 | - if (out - buffer > buffer_size - 10) { | ||
78 | - int indx = out - buffer; | ||
79 | + size_t indx = out - buffer; | ||
80 | + if (indx + 10 > buffer_size) { | ||
81 | |||
82 | growBufferReentrant(); | ||
83 | out = &buffer[indx]; | ||
84 | @@ -774,6 +779,11 @@ xmlEncodeSpecialChars(xmlDocPtr doc ATTRIBUTE_UNUSED, const xmlChar *input) { | ||
85 | } | ||
86 | *out = 0; | ||
87 | return(buffer); | ||
88 | + | ||
89 | +mem_error: | ||
90 | + xmlEntitiesErrMemory("xmlEncodeSpecialChars: realloc failed"); | ||
91 | + xmlFree(buffer); | ||
92 | + return(NULL); | ||
93 | } | ||
94 | |||
95 | /** | ||
96 | -- | ||
97 | cgit v0.9.0.2 | ||
diff --git a/main/libxml2/libxml2-entities-local-buffers-size2.patch b/main/libxml2/libxml2-entities-local-buffers-size2.patch deleted file mode 100644 index f3cc8b65e4..0000000000 --- a/main/libxml2/libxml2-entities-local-buffers-size2.patch +++ /dev/null | |||
@@ -1,21 +0,0 @@ | |||
1 | From baaf03f80f817bb34c421421e6cb4d68c353ac9a Mon Sep 17 00:00:00 2001 | ||
2 | From: Aron Xu <happyaron.xu@gmail.com> | ||
3 | Date: Fri, 20 Jul 2012 07:41:34 +0000 | ||
4 | Subject: Fix an error in previous commit | ||
5 | |||
6 | --- | ||
7 | diff --git a/entities.c b/entities.c | ||
8 | index 859ec3b..7d06820 100644 | ||
9 | --- a/entities.c | ||
10 | +++ b/entities.c | ||
11 | @@ -529,7 +529,7 @@ xmlGetDocEntity(xmlDocPtr doc, const xmlChar *name) { | ||
12 | */ | ||
13 | #define growBufferReentrant() { \ | ||
14 | xmlChar *tmp; \ | ||
15 | - size_t new_size = buffer_size *= 2; \ | ||
16 | + size_t new_size = buffer_size * 2; \ | ||
17 | if (new_size < buffer_size) goto mem_error; \ | ||
18 | tmp = (xmlChar *) xmlRealloc(buffer, new_size); \ | ||
19 | if (tmp == NULL) goto mem_error; \ | ||
20 | -- | ||
21 | cgit v0.9.0.2 | ||
diff --git a/main/libxml2/libxml2-parser-local-buffers-size.patch b/main/libxml2/libxml2-parser-local-buffers-size.patch deleted file mode 100644 index 5b9adabac7..0000000000 --- a/main/libxml2/libxml2-parser-local-buffers-size.patch +++ /dev/null | |||
@@ -1,260 +0,0 @@ | |||
1 | From 459eeb9dc752d5185f57ff6b135027f11981a626 Mon Sep 17 00:00:00 2001 | ||
2 | From: Daniel Veillard <veillard@redhat.com> | ||
3 | Date: Tue, 17 Jul 2012 08:19:17 +0000 | ||
4 | Subject: Fix parser local buffers size problems | ||
5 | |||
6 | --- | ||
7 | diff --git a/parser.c b/parser.c | ||
8 | index 2c38fae..9863275 100644 | ||
9 | --- a/parser.c | ||
10 | +++ b/parser.c | ||
11 | @@ -40,6 +40,7 @@ | ||
12 | #endif | ||
13 | |||
14 | #include <stdlib.h> | ||
15 | +#include <limits.h> | ||
16 | #include <string.h> | ||
17 | #include <stdarg.h> | ||
18 | #include <libxml/xmlmemory.h> | ||
19 | @@ -117,10 +118,10 @@ xmlCreateEntityParserCtxtInternal(const xmlChar *URL, const xmlChar *ID, | ||
20 | * parser option. | ||
21 | */ | ||
22 | static int | ||
23 | -xmlParserEntityCheck(xmlParserCtxtPtr ctxt, unsigned long size, | ||
24 | +xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size, | ||
25 | xmlEntityPtr ent) | ||
26 | { | ||
27 | - unsigned long consumed = 0; | ||
28 | + size_t consumed = 0; | ||
29 | |||
30 | if ((ctxt == NULL) || (ctxt->options & XML_PARSE_HUGE)) | ||
31 | return (0); | ||
32 | @@ -2589,15 +2590,17 @@ xmlParserHandlePEReference(xmlParserCtxtPtr ctxt) { | ||
33 | |||
34 | /* | ||
35 | * Macro used to grow the current buffer. | ||
36 | + * buffer##_size is expected to be a size_t | ||
37 | + * mem_error: is expected to handle memory allocation failures | ||
38 | */ | ||
39 | #define growBuffer(buffer, n) { \ | ||
40 | xmlChar *tmp; \ | ||
41 | - buffer##_size *= 2; \ | ||
42 | - buffer##_size += n; \ | ||
43 | - tmp = (xmlChar *) \ | ||
44 | - xmlRealloc(buffer, buffer##_size * sizeof(xmlChar)); \ | ||
45 | + size_t new_size = buffer##_size * 2 + n; \ | ||
46 | + if (new_size < buffer##_size) goto mem_error; \ | ||
47 | + tmp = (xmlChar *) xmlRealloc(buffer, new_size); \ | ||
48 | if (tmp == NULL) goto mem_error; \ | ||
49 | buffer = tmp; \ | ||
50 | + buffer##_size = new_size; \ | ||
51 | } | ||
52 | |||
53 | /** | ||
54 | @@ -2623,14 +2626,14 @@ xmlChar * | ||
55 | xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, | ||
56 | int what, xmlChar end, xmlChar end2, xmlChar end3) { | ||
57 | xmlChar *buffer = NULL; | ||
58 | - int buffer_size = 0; | ||
59 | + size_t buffer_size = 0; | ||
60 | + size_t nbchars = 0; | ||
61 | |||
62 | xmlChar *current = NULL; | ||
63 | xmlChar *rep = NULL; | ||
64 | const xmlChar *last; | ||
65 | xmlEntityPtr ent; | ||
66 | int c,l; | ||
67 | - int nbchars = 0; | ||
68 | |||
69 | if ((ctxt == NULL) || (str == NULL) || (len < 0)) | ||
70 | return(NULL); | ||
71 | @@ -2647,7 +2650,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, | ||
72 | * allocate a translation buffer. | ||
73 | */ | ||
74 | buffer_size = XML_PARSER_BIG_BUFFER_SIZE; | ||
75 | - buffer = (xmlChar *) xmlMallocAtomic(buffer_size * sizeof(xmlChar)); | ||
76 | + buffer = (xmlChar *) xmlMallocAtomic(buffer_size); | ||
77 | if (buffer == NULL) goto mem_error; | ||
78 | |||
79 | /* | ||
80 | @@ -2667,7 +2670,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, | ||
81 | if (val != 0) { | ||
82 | COPY_BUF(0,buffer,nbchars,val); | ||
83 | } | ||
84 | - if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) { | ||
85 | + if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) { | ||
86 | growBuffer(buffer, XML_PARSER_BUFFER_SIZE); | ||
87 | } | ||
88 | } else if ((c == '&') && (what & XML_SUBSTITUTE_REF)) { | ||
89 | @@ -2685,7 +2688,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, | ||
90 | (ent->etype == XML_INTERNAL_PREDEFINED_ENTITY)) { | ||
91 | if (ent->content != NULL) { | ||
92 | COPY_BUF(0,buffer,nbchars,ent->content[0]); | ||
93 | - if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) { | ||
94 | + if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) { | ||
95 | growBuffer(buffer, XML_PARSER_BUFFER_SIZE); | ||
96 | } | ||
97 | } else { | ||
98 | @@ -2702,8 +2705,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, | ||
99 | current = rep; | ||
100 | while (*current != 0) { /* non input consuming loop */ | ||
101 | buffer[nbchars++] = *current++; | ||
102 | - if (nbchars > | ||
103 | - buffer_size - XML_PARSER_BUFFER_SIZE) { | ||
104 | + if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) { | ||
105 | if (xmlParserEntityCheck(ctxt, nbchars, ent)) | ||
106 | goto int_error; | ||
107 | growBuffer(buffer, XML_PARSER_BUFFER_SIZE); | ||
108 | @@ -2717,7 +2719,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, | ||
109 | const xmlChar *cur = ent->name; | ||
110 | |||
111 | buffer[nbchars++] = '&'; | ||
112 | - if (nbchars > buffer_size - i - XML_PARSER_BUFFER_SIZE) { | ||
113 | + if (nbchars + i + XML_PARSER_BUFFER_SIZE > buffer_size) { | ||
114 | growBuffer(buffer, i + XML_PARSER_BUFFER_SIZE); | ||
115 | } | ||
116 | for (;i > 0;i--) | ||
117 | @@ -2745,8 +2747,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, | ||
118 | current = rep; | ||
119 | while (*current != 0) { /* non input consuming loop */ | ||
120 | buffer[nbchars++] = *current++; | ||
121 | - if (nbchars > | ||
122 | - buffer_size - XML_PARSER_BUFFER_SIZE) { | ||
123 | + if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) { | ||
124 | if (xmlParserEntityCheck(ctxt, nbchars, ent)) | ||
125 | goto int_error; | ||
126 | growBuffer(buffer, XML_PARSER_BUFFER_SIZE); | ||
127 | @@ -2759,8 +2760,8 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, | ||
128 | } else { | ||
129 | COPY_BUF(l,buffer,nbchars,c); | ||
130 | str += l; | ||
131 | - if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) { | ||
132 | - growBuffer(buffer, XML_PARSER_BUFFER_SIZE); | ||
133 | + if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) { | ||
134 | + growBuffer(buffer, XML_PARSER_BUFFER_SIZE); | ||
135 | } | ||
136 | } | ||
137 | if (str < last) | ||
138 | @@ -3764,8 +3765,8 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) { | ||
139 | xmlChar limit = 0; | ||
140 | xmlChar *buf = NULL; | ||
141 | xmlChar *rep = NULL; | ||
142 | - int len = 0; | ||
143 | - int buf_size = 0; | ||
144 | + size_t len = 0; | ||
145 | + size_t buf_size = 0; | ||
146 | int c, l, in_space = 0; | ||
147 | xmlChar *current = NULL; | ||
148 | xmlEntityPtr ent; | ||
149 | @@ -3787,7 +3788,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) { | ||
150 | * allocate a translation buffer. | ||
151 | */ | ||
152 | buf_size = XML_PARSER_BUFFER_SIZE; | ||
153 | - buf = (xmlChar *) xmlMallocAtomic(buf_size * sizeof(xmlChar)); | ||
154 | + buf = (xmlChar *) xmlMallocAtomic(buf_size); | ||
155 | if (buf == NULL) goto mem_error; | ||
156 | |||
157 | /* | ||
158 | @@ -3804,7 +3805,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) { | ||
159 | |||
160 | if (val == '&') { | ||
161 | if (ctxt->replaceEntities) { | ||
162 | - if (len > buf_size - 10) { | ||
163 | + if (len + 10 > buf_size) { | ||
164 | growBuffer(buf, 10); | ||
165 | } | ||
166 | buf[len++] = '&'; | ||
167 | @@ -3813,7 +3814,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) { | ||
168 | * The reparsing will be done in xmlStringGetNodeList() | ||
169 | * called by the attribute() function in SAX.c | ||
170 | */ | ||
171 | - if (len > buf_size - 10) { | ||
172 | + if (len + 10 > buf_size) { | ||
173 | growBuffer(buf, 10); | ||
174 | } | ||
175 | buf[len++] = '&'; | ||
176 | @@ -3823,7 +3824,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) { | ||
177 | buf[len++] = ';'; | ||
178 | } | ||
179 | } else if (val != 0) { | ||
180 | - if (len > buf_size - 10) { | ||
181 | + if (len + 10 > buf_size) { | ||
182 | growBuffer(buf, 10); | ||
183 | } | ||
184 | len += xmlCopyChar(0, &buf[len], val); | ||
185 | @@ -3835,7 +3836,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) { | ||
186 | ctxt->nbentities += ent->owner; | ||
187 | if ((ent != NULL) && | ||
188 | (ent->etype == XML_INTERNAL_PREDEFINED_ENTITY)) { | ||
189 | - if (len > buf_size - 10) { | ||
190 | + if (len + 10 > buf_size) { | ||
191 | growBuffer(buf, 10); | ||
192 | } | ||
193 | if ((ctxt->replaceEntities == 0) && | ||
194 | @@ -3863,7 +3864,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) { | ||
195 | current++; | ||
196 | } else | ||
197 | buf[len++] = *current++; | ||
198 | - if (len > buf_size - 10) { | ||
199 | + if (len + 10 > buf_size) { | ||
200 | growBuffer(buf, 10); | ||
201 | } | ||
202 | } | ||
203 | @@ -3871,7 +3872,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) { | ||
204 | rep = NULL; | ||
205 | } | ||
206 | } else { | ||
207 | - if (len > buf_size - 10) { | ||
208 | + if (len + 10 > buf_size) { | ||
209 | growBuffer(buf, 10); | ||
210 | } | ||
211 | if (ent->content != NULL) | ||
212 | @@ -3899,7 +3900,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) { | ||
213 | * Just output the reference | ||
214 | */ | ||
215 | buf[len++] = '&'; | ||
216 | - while (len > buf_size - i - 10) { | ||
217 | + while (len + i + 10 > buf_size) { | ||
218 | growBuffer(buf, i + 10); | ||
219 | } | ||
220 | for (;i > 0;i--) | ||
221 | @@ -3912,7 +3913,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) { | ||
222 | if ((len != 0) || (!normalize)) { | ||
223 | if ((!normalize) || (!in_space)) { | ||
224 | COPY_BUF(l,buf,len,0x20); | ||
225 | - while (len > buf_size - 10) { | ||
226 | + while (len + 10 > buf_size) { | ||
227 | growBuffer(buf, 10); | ||
228 | } | ||
229 | } | ||
230 | @@ -3921,7 +3922,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) { | ||
231 | } else { | ||
232 | in_space = 0; | ||
233 | COPY_BUF(l,buf,len,c); | ||
234 | - if (len > buf_size - 10) { | ||
235 | + if (len + 10 > buf_size) { | ||
236 | growBuffer(buf, 10); | ||
237 | } | ||
238 | } | ||
239 | @@ -3946,7 +3947,18 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) { | ||
240 | } | ||
241 | } else | ||
242 | NEXT; | ||
243 | - if (attlen != NULL) *attlen = len; | ||
244 | + | ||
245 | + /* | ||
246 | + * There we potentially risk an overflow, don't allow attribute value of | ||
247 | + * lenght more than INT_MAX it is a very reasonnable assumption ! | ||
248 | + */ | ||
249 | + if (len >= INT_MAX) { | ||
250 | + xmlFatalErrMsg(ctxt, XML_ERR_ATTRIBUTE_NOT_FINISHED, | ||
251 | + "AttValue lenght too long\n"); | ||
252 | + goto mem_error; | ||
253 | + } | ||
254 | + | ||
255 | + if (attlen != NULL) *attlen = (int) len; | ||
256 | return(buf); | ||
257 | |||
258 | mem_error: | ||
259 | -- | ||
260 | cgit v0.9.0.2 | ||
diff --git a/main/libxslt/APKBUILD b/main/libxslt/APKBUILD index 01e9cc4549..b5a615dbdf 100644 --- a/main/libxslt/APKBUILD +++ b/main/libxslt/APKBUILD | |||
@@ -1,7 +1,7 @@ | |||
1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> | 1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> |
2 | pkgname=libxslt | 2 | pkgname=libxslt |
3 | pkgver=1.1.26 | 3 | pkgver=1.1.27 |
4 | pkgrel=9 | 4 | pkgrel=0 |
5 | pkgdesc="XML stylesheet transformation library" | 5 | pkgdesc="XML stylesheet transformation library" |
6 | url="http://xmlsoft.org/XSLT/" | 6 | url="http://xmlsoft.org/XSLT/" |
7 | arch="all" | 7 | arch="all" |
@@ -30,4 +30,4 @@ py() { | |||
30 | install -d "$subpkgdir"/usr/lib | 30 | install -d "$subpkgdir"/usr/lib |
31 | mv "$pkgdir"/usr/lib/python* "$subpkgdir"/usr/lib/ | 31 | mv "$pkgdir"/usr/lib/python* "$subpkgdir"/usr/lib/ |
32 | } | 32 | } |
33 | md5sums="e61d0364a30146aaa3001296f853b2b9 libxslt-1.1.26.tar.gz" | 33 | md5sums="4d01ff464b9ea7236925a1adf147c7f8 libxslt-1.1.27.tar.gz" |
diff --git a/main/xen/APKBUILD b/main/xen/APKBUILD index 9a70a260c1..94a7c10ed3 100644 --- a/main/xen/APKBUILD +++ b/main/xen/APKBUILD | |||
@@ -3,7 +3,7 @@ | |||
3 | # Maintainer: William Pitcock <nenolod@dereferenced.org> | 3 | # Maintainer: William Pitcock <nenolod@dereferenced.org> |
4 | pkgname=xen | 4 | pkgname=xen |
5 | pkgver=4.2.0 | 5 | pkgver=4.2.0 |
6 | pkgrel=2 | 6 | pkgrel=3 |
7 | pkgdesc="Xen hypervisor" | 7 | pkgdesc="Xen hypervisor" |
8 | url="http://www.xen.org/" | 8 | url="http://www.xen.org/" |
9 | arch="x86 x86_64" | 9 | arch="x86 x86_64" |
@@ -19,6 +19,7 @@ source="http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.g | |||
19 | librt.patch | 19 | librt.patch |
20 | make_stubdoms.patch | 20 | make_stubdoms.patch |
21 | qemu-xen_paths.patch | 21 | qemu-xen_paths.patch |
22 | xsa25-4.2.patch | ||
22 | 23 | ||
23 | xenstored.initd | 24 | xenstored.initd |
24 | xenstored.confd | 25 | xenstored.confd |
@@ -133,11 +134,12 @@ md5sums="f4f217969afc38f09251039966d91a87 xen-4.2.0.tar.gz | |||
133 | 2dc5ddf47c53ea168729975046c3c1f9 librt.patch | 134 | 2dc5ddf47c53ea168729975046c3c1f9 librt.patch |
134 | 41ad48fdc269749776fa6aa04f6778c2 make_stubdoms.patch | 135 | 41ad48fdc269749776fa6aa04f6778c2 make_stubdoms.patch |
135 | 1ccde6b36a6f9542a16d998204dc9a22 qemu-xen_paths.patch | 136 | 1ccde6b36a6f9542a16d998204dc9a22 qemu-xen_paths.patch |
136 | 6e5739dad7e2bd1b625e55ddc6c782b7 xenstored.initd | 137 | 9fc7097ed2e5e756c4ae91145c143433 xsa25-4.2.patch |
138 | 4ee9bf0c09269995569c9f05d4e8c779 xenstored.initd | ||
137 | b017ccdd5e1c27bbf1513e3569d4ff07 xenstored.confd | 139 | b017ccdd5e1c27bbf1513e3569d4ff07 xenstored.confd |
138 | ed262f15fb880badb53575539468646c xenconsoled.initd | 140 | ed262f15fb880badb53575539468646c xenconsoled.initd |
139 | ec2252c72050d7d5870a3a629b873ba6 xenconsoled.confd | 141 | ec2252c72050d7d5870a3a629b873ba6 xenconsoled.confd |
140 | 89c936ddf327a3a78eaee33835880517 xend.initd | 142 | 1803ddf6877bdf254082365389a4efa9 xend.initd |
141 | 9261ad0f285836c1b0ea07f306e4586e xend.confd | 143 | 9261ad0f285836c1b0ea07f306e4586e xend.confd |
142 | 35448ff063f8123ec4bba2e001f39c6c xendomains.initd | 144 | 35448ff063f8123ec4bba2e001f39c6c xendomains.initd |
143 | 9b20e056d475b50586cf9e1fc94e13c4 xendomains.confd | 145 | 9b20e056d475b50586cf9e1fc94e13c4 xendomains.confd |
diff --git a/main/xen/xend.initd b/main/xen/xend.initd index 1c667e8312..bd5550bd14 100644 --- a/main/xen/xend.initd +++ b/main/xen/xend.initd | |||
@@ -4,7 +4,7 @@ | |||
4 | # $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-tools/files/xend.initd-r2,v 1.2 2011/09/10 17:22:46 alexxy Exp $ | 4 | # $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-tools/files/xend.initd-r2,v 1.2 2011/09/10 17:22:46 alexxy Exp $ |
5 | 5 | ||
6 | depend() { | 6 | depend() { |
7 | need net xenconsoled xenstored | 7 | need xenconsoled xenstored |
8 | after firewall | 8 | after firewall |
9 | before xendomains sshd | 9 | before xendomains sshd |
10 | } | 10 | } |
diff --git a/main/xen/xenstored.initd b/main/xen/xenstored.initd index f2c22cc705..6187c02cc2 100644 --- a/main/xen/xenstored.initd +++ b/main/xen/xenstored.initd | |||
@@ -4,7 +4,6 @@ | |||
4 | # $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-tools/files/xenstored.initd,v 1.2 2011/04/05 21:25:03 alexxy Exp $ | 4 | # $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-tools/files/xenstored.initd,v 1.2 2011/04/05 21:25:03 alexxy Exp $ |
5 | 5 | ||
6 | depend() { | 6 | depend() { |
7 | need net | ||
8 | before xendomains xend sshd ntp-client ntpd nfs nfsmount rsyncd portmap dhcp | 7 | before xendomains xend sshd ntp-client ntpd nfs nfsmount rsyncd portmap dhcp |
9 | } | 8 | } |
10 | 9 | ||
diff --git a/main/xen/xsa25-4.2.patch b/main/xen/xsa25-4.2.patch new file mode 100644 index 0000000000..088d787e59 --- /dev/null +++ b/main/xen/xsa25-4.2.patch | |||
@@ -0,0 +1,365 @@ | |||
1 | libxc: builder: limit maximum size of kernel/ramdisk. | ||
2 | |||
3 | Allowing user supplied kernels of arbitrary sizes, especially during | ||
4 | decompression, can swallow up dom0 memory leading to either virtual | ||
5 | address space exhaustion in the builder process or allocation | ||
6 | failures/OOM killing of both toolstack and unrelated processes. | ||
7 | |||
8 | We disable these checks when building in a stub domain for pvgrub | ||
9 | since this uses the guest's own memory and is isolated. | ||
10 | |||
11 | Decompression of gzip compressed kernels and ramdisks has been safe | ||
12 | since 14954:58205257517d (Xen 3.1.0 onwards). | ||
13 | |||
14 | This is XSA-25 / CVE-2012-4544. | ||
15 | |||
16 | Also make explicit checks for buffer overflows in various | ||
17 | decompression routines. These were already ruled out due to other | ||
18 | properties of the code but check them as a belt-and-braces measure. | ||
19 | |||
20 | Signed-off-by: Ian Campbell <ian.campbell@citrix.com> | ||
21 | Acked-by: Ian Jackson <ian.jackson@eu.citrix.com> | ||
22 | |||
23 | diff --git a/stubdom/grub/kexec.c b/stubdom/grub/kexec.c | ||
24 | index 06bef52..b21c91a 100644 | ||
25 | --- a/stubdom/grub/kexec.c | ||
26 | +++ b/stubdom/grub/kexec.c | ||
27 | @@ -137,6 +137,10 @@ void kexec(void *kernel, long kernel_size, void *module, long module_size, char | ||
28 | dom = xc_dom_allocate(xc_handle, cmdline, features); | ||
29 | dom->allocate = kexec_allocate; | ||
30 | |||
31 | + /* We are using guest owned memory, therefore no limits. */ | ||
32 | + xc_dom_kernel_max_size(dom, 0); | ||
33 | + xc_dom_ramdisk_max_size(dom, 0); | ||
34 | + | ||
35 | dom->kernel_blob = kernel; | ||
36 | dom->kernel_size = kernel_size; | ||
37 | |||
38 | diff --git a/tools/libxc/xc_dom.h b/tools/libxc/xc_dom.h | ||
39 | index 2aef64a..6a72aa9 100644 | ||
40 | --- a/tools/libxc/xc_dom.h | ||
41 | +++ b/tools/libxc/xc_dom.h | ||
42 | @@ -55,6 +55,9 @@ struct xc_dom_image { | ||
43 | void *ramdisk_blob; | ||
44 | size_t ramdisk_size; | ||
45 | |||
46 | + size_t max_kernel_size; | ||
47 | + size_t max_ramdisk_size; | ||
48 | + | ||
49 | /* arguments and parameters */ | ||
50 | char *cmdline; | ||
51 | uint32_t f_requested[XENFEAT_NR_SUBMAPS]; | ||
52 | @@ -180,6 +183,23 @@ void xc_dom_release_phys(struct xc_dom_image *dom); | ||
53 | void xc_dom_release(struct xc_dom_image *dom); | ||
54 | int xc_dom_mem_init(struct xc_dom_image *dom, unsigned int mem_mb); | ||
55 | |||
56 | +/* Set this larger if you have enormous ramdisks/kernels. Note that | ||
57 | + * you should trust all kernels not to be maliciously large (e.g. to | ||
58 | + * exhaust all dom0 memory) if you do this (see CVE-2012-4544 / | ||
59 | + * XSA-25). You can also set the default independently for | ||
60 | + * ramdisks/kernels in xc_dom_allocate() or call | ||
61 | + * xc_dom_{kernel,ramdisk}_max_size. | ||
62 | + */ | ||
63 | +#ifndef XC_DOM_DECOMPRESS_MAX | ||
64 | +#define XC_DOM_DECOMPRESS_MAX (1024*1024*1024) /* 1GB */ | ||
65 | +#endif | ||
66 | + | ||
67 | +int xc_dom_kernel_check_size(struct xc_dom_image *dom, size_t sz); | ||
68 | +int xc_dom_kernel_max_size(struct xc_dom_image *dom, size_t sz); | ||
69 | + | ||
70 | +int xc_dom_ramdisk_check_size(struct xc_dom_image *dom, size_t sz); | ||
71 | +int xc_dom_ramdisk_max_size(struct xc_dom_image *dom, size_t sz); | ||
72 | + | ||
73 | size_t xc_dom_check_gzip(xc_interface *xch, | ||
74 | void *blob, size_t ziplen); | ||
75 | int xc_dom_do_gunzip(xc_interface *xch, | ||
76 | @@ -240,7 +260,8 @@ void xc_dom_log_memory_footprint(struct xc_dom_image *dom); | ||
77 | void *xc_dom_malloc(struct xc_dom_image *dom, size_t size); | ||
78 | void *xc_dom_malloc_page_aligned(struct xc_dom_image *dom, size_t size); | ||
79 | void *xc_dom_malloc_filemap(struct xc_dom_image *dom, | ||
80 | - const char *filename, size_t * size); | ||
81 | + const char *filename, size_t * size, | ||
82 | + const size_t max_size); | ||
83 | char *xc_dom_strdup(struct xc_dom_image *dom, const char *str); | ||
84 | |||
85 | /* --- alloc memory pool ------------------------------------------- */ | ||
86 | diff --git a/tools/libxc/xc_dom_bzimageloader.c b/tools/libxc/xc_dom_bzimageloader.c | ||
87 | index 113d40f..b1b2eb0 100644 | ||
88 | --- a/tools/libxc/xc_dom_bzimageloader.c | ||
89 | +++ b/tools/libxc/xc_dom_bzimageloader.c | ||
90 | @@ -47,13 +47,19 @@ static int xc_try_bzip2_decode( | ||
91 | char *out_buf; | ||
92 | char *tmp_buf; | ||
93 | int retval = -1; | ||
94 | - int outsize; | ||
95 | + unsigned int outsize; | ||
96 | uint64_t total; | ||
97 | |||
98 | stream.bzalloc = NULL; | ||
99 | stream.bzfree = NULL; | ||
100 | stream.opaque = NULL; | ||
101 | |||
102 | + if ( dom->kernel_size == 0) | ||
103 | + { | ||
104 | + DOMPRINTF("BZIP2: Input is 0 size"); | ||
105 | + return -1; | ||
106 | + } | ||
107 | + | ||
108 | ret = BZ2_bzDecompressInit(&stream, 0, 0); | ||
109 | if ( ret != BZ_OK ) | ||
110 | { | ||
111 | @@ -66,6 +72,17 @@ static int xc_try_bzip2_decode( | ||
112 | * the input buffer to start, and we'll realloc as needed. | ||
113 | */ | ||
114 | outsize = dom->kernel_size; | ||
115 | + | ||
116 | + /* | ||
117 | + * stream.avail_in and outsize are unsigned int, while kernel_size | ||
118 | + * is a size_t. Check we aren't overflowing. | ||
119 | + */ | ||
120 | + if ( outsize != dom->kernel_size ) | ||
121 | + { | ||
122 | + DOMPRINTF("BZIP2: Input too large"); | ||
123 | + goto bzip2_cleanup; | ||
124 | + } | ||
125 | + | ||
126 | out_buf = malloc(outsize); | ||
127 | if ( out_buf == NULL ) | ||
128 | { | ||
129 | @@ -98,13 +115,20 @@ static int xc_try_bzip2_decode( | ||
130 | if ( stream.avail_out == 0 ) | ||
131 | { | ||
132 | /* Protect against output buffer overflow */ | ||
133 | - if ( outsize > INT_MAX / 2 ) | ||
134 | + if ( outsize > UINT_MAX / 2 ) | ||
135 | { | ||
136 | DOMPRINTF("BZIP2: output buffer overflow"); | ||
137 | free(out_buf); | ||
138 | goto bzip2_cleanup; | ||
139 | } | ||
140 | |||
141 | + if ( xc_dom_kernel_check_size(dom, outsize * 2) ) | ||
142 | + { | ||
143 | + DOMPRINTF("BZIP2: output too large"); | ||
144 | + free(out_buf); | ||
145 | + goto bzip2_cleanup; | ||
146 | + } | ||
147 | + | ||
148 | tmp_buf = realloc(out_buf, outsize * 2); | ||
149 | if ( tmp_buf == NULL ) | ||
150 | { | ||
151 | @@ -172,9 +196,15 @@ static int _xc_try_lzma_decode( | ||
152 | unsigned char *out_buf; | ||
153 | unsigned char *tmp_buf; | ||
154 | int retval = -1; | ||
155 | - int outsize; | ||
156 | + size_t outsize; | ||
157 | const char *msg; | ||
158 | |||
159 | + if ( dom->kernel_size == 0) | ||
160 | + { | ||
161 | + DOMPRINTF("%s: Input is 0 size", what); | ||
162 | + return -1; | ||
163 | + } | ||
164 | + | ||
165 | /* sigh. We don't know up-front how much memory we are going to need | ||
166 | * for the output buffer. Allocate the output buffer to be equal | ||
167 | * the input buffer to start, and we'll realloc as needed. | ||
168 | @@ -244,13 +274,20 @@ static int _xc_try_lzma_decode( | ||
169 | if ( stream->avail_out == 0 ) | ||
170 | { | ||
171 | /* Protect against output buffer overflow */ | ||
172 | - if ( outsize > INT_MAX / 2 ) | ||
173 | + if ( outsize > SIZE_MAX / 2 ) | ||
174 | { | ||
175 | DOMPRINTF("%s: output buffer overflow", what); | ||
176 | free(out_buf); | ||
177 | goto lzma_cleanup; | ||
178 | } | ||
179 | |||
180 | + if ( xc_dom_kernel_check_size(dom, outsize * 2) ) | ||
181 | + { | ||
182 | + DOMPRINTF("%s: output too large", what); | ||
183 | + free(out_buf); | ||
184 | + goto lzma_cleanup; | ||
185 | + } | ||
186 | + | ||
187 | tmp_buf = realloc(out_buf, outsize * 2); | ||
188 | if ( tmp_buf == NULL ) | ||
189 | { | ||
190 | @@ -359,6 +396,12 @@ static int xc_try_lzo1x_decode( | ||
191 | 0x89, 0x4c, 0x5a, 0x4f, 0x00, 0x0d, 0x0a, 0x1a, 0x0a | ||
192 | }; | ||
193 | |||
194 | + /* | ||
195 | + * lzo_uint should match size_t. Check that this is the case to be | ||
196 | + * sure we won't overflow various lzo_uint fields. | ||
197 | + */ | ||
198 | + XC_BUILD_BUG_ON(sizeof(lzo_uint) != sizeof(size_t)); | ||
199 | + | ||
200 | ret = lzo_init(); | ||
201 | if ( ret != LZO_E_OK ) | ||
202 | { | ||
203 | @@ -438,6 +481,14 @@ static int xc_try_lzo1x_decode( | ||
204 | if ( src_len <= 0 || src_len > dst_len || src_len > left ) | ||
205 | break; | ||
206 | |||
207 | + msg = "Output buffer overflow"; | ||
208 | + if ( *size > SIZE_MAX - dst_len ) | ||
209 | + break; | ||
210 | + | ||
211 | + msg = "Decompressed image too large"; | ||
212 | + if ( xc_dom_kernel_check_size(dom, *size + dst_len) ) | ||
213 | + break; | ||
214 | + | ||
215 | msg = "Failed to (re)alloc memory"; | ||
216 | tmp_buf = realloc(out_buf, *size + dst_len); | ||
217 | if ( tmp_buf == NULL ) | ||
218 | diff --git a/tools/libxc/xc_dom_core.c b/tools/libxc/xc_dom_core.c | ||
219 | index fea9de5..2a01d7c 100644 | ||
220 | --- a/tools/libxc/xc_dom_core.c | ||
221 | +++ b/tools/libxc/xc_dom_core.c | ||
222 | @@ -159,7 +159,8 @@ void *xc_dom_malloc_page_aligned(struct xc_dom_image *dom, size_t size) | ||
223 | } | ||
224 | |||
225 | void *xc_dom_malloc_filemap(struct xc_dom_image *dom, | ||
226 | - const char *filename, size_t * size) | ||
227 | + const char *filename, size_t * size, | ||
228 | + const size_t max_size) | ||
229 | { | ||
230 | struct xc_dom_mem *block = NULL; | ||
231 | int fd = -1; | ||
232 | @@ -171,6 +172,13 @@ void *xc_dom_malloc_filemap(struct xc_dom_image *dom, | ||
233 | lseek(fd, 0, SEEK_SET); | ||
234 | *size = lseek(fd, 0, SEEK_END); | ||
235 | |||
236 | + if ( max_size && *size > max_size ) | ||
237 | + { | ||
238 | + xc_dom_panic(dom->xch, XC_OUT_OF_MEMORY, | ||
239 | + "tried to map file which is too large"); | ||
240 | + goto err; | ||
241 | + } | ||
242 | + | ||
243 | block = malloc(sizeof(*block)); | ||
244 | if ( block == NULL ) | ||
245 | goto err; | ||
246 | @@ -222,6 +230,40 @@ char *xc_dom_strdup(struct xc_dom_image *dom, const char *str) | ||
247 | } | ||
248 | |||
249 | /* ------------------------------------------------------------------------ */ | ||
250 | +/* decompression buffer sizing */ | ||
251 | +int xc_dom_kernel_check_size(struct xc_dom_image *dom, size_t sz) | ||
252 | +{ | ||
253 | + /* No limit */ | ||
254 | + if ( !dom->max_kernel_size ) | ||
255 | + return 0; | ||
256 | + | ||
257 | + if ( sz > dom->max_kernel_size ) | ||
258 | + { | ||
259 | + xc_dom_panic(dom->xch, XC_INVALID_KERNEL, | ||
260 | + "kernel image too large"); | ||
261 | + return 1; | ||
262 | + } | ||
263 | + | ||
264 | + return 0; | ||
265 | +} | ||
266 | + | ||
267 | +int xc_dom_ramdisk_check_size(struct xc_dom_image *dom, size_t sz) | ||
268 | +{ | ||
269 | + /* No limit */ | ||
270 | + if ( !dom->max_ramdisk_size ) | ||
271 | + return 0; | ||
272 | + | ||
273 | + if ( sz > dom->max_ramdisk_size ) | ||
274 | + { | ||
275 | + xc_dom_panic(dom->xch, XC_INVALID_KERNEL, | ||
276 | + "ramdisk image too large"); | ||
277 | + return 1; | ||
278 | + } | ||
279 | + | ||
280 | + return 0; | ||
281 | +} | ||
282 | + | ||
283 | +/* ------------------------------------------------------------------------ */ | ||
284 | /* read files, copy memory blocks, with transparent gunzip */ | ||
285 | |||
286 | size_t xc_dom_check_gzip(xc_interface *xch, void *blob, size_t ziplen) | ||
287 | @@ -235,7 +277,7 @@ size_t xc_dom_check_gzip(xc_interface *xch, void *blob, size_t ziplen) | ||
288 | |||
289 | gzlen = blob + ziplen - 4; | ||
290 | unziplen = gzlen[3] << 24 | gzlen[2] << 16 | gzlen[1] << 8 | gzlen[0]; | ||
291 | - if ( (unziplen < 0) || (unziplen > (1024*1024*1024)) ) /* 1GB limit */ | ||
292 | + if ( (unziplen < 0) || (unziplen > XC_DOM_DECOMPRESS_MAX) ) | ||
293 | { | ||
294 | xc_dom_printf | ||
295 | (xch, | ||
296 | @@ -288,6 +330,9 @@ int xc_dom_try_gunzip(struct xc_dom_image *dom, void **blob, size_t * size) | ||
297 | if ( unziplen == 0 ) | ||
298 | return 0; | ||
299 | |||
300 | + if ( xc_dom_kernel_check_size(dom, unziplen) ) | ||
301 | + return 0; | ||
302 | + | ||
303 | unzip = xc_dom_malloc(dom, unziplen); | ||
304 | if ( unzip == NULL ) | ||
305 | return -1; | ||
306 | @@ -588,6 +633,9 @@ struct xc_dom_image *xc_dom_allocate(xc_interface *xch, | ||
307 | memset(dom, 0, sizeof(*dom)); | ||
308 | dom->xch = xch; | ||
309 | |||
310 | + dom->max_kernel_size = XC_DOM_DECOMPRESS_MAX; | ||
311 | + dom->max_ramdisk_size = XC_DOM_DECOMPRESS_MAX; | ||
312 | + | ||
313 | if ( cmdline ) | ||
314 | dom->cmdline = xc_dom_strdup(dom, cmdline); | ||
315 | if ( features ) | ||
316 | @@ -608,10 +656,25 @@ struct xc_dom_image *xc_dom_allocate(xc_interface *xch, | ||
317 | return NULL; | ||
318 | } | ||
319 | |||
320 | +int xc_dom_kernel_max_size(struct xc_dom_image *dom, size_t sz) | ||
321 | +{ | ||
322 | + DOMPRINTF("%s: kernel_max_size=%zx", __FUNCTION__, sz); | ||
323 | + dom->max_kernel_size = sz; | ||
324 | + return 0; | ||
325 | +} | ||
326 | + | ||
327 | +int xc_dom_ramdisk_max_size(struct xc_dom_image *dom, size_t sz) | ||
328 | +{ | ||
329 | + DOMPRINTF("%s: ramdisk_max_size=%zx", __FUNCTION__, sz); | ||
330 | + dom->max_ramdisk_size = sz; | ||
331 | + return 0; | ||
332 | +} | ||
333 | + | ||
334 | int xc_dom_kernel_file(struct xc_dom_image *dom, const char *filename) | ||
335 | { | ||
336 | DOMPRINTF("%s: filename=\"%s\"", __FUNCTION__, filename); | ||
337 | - dom->kernel_blob = xc_dom_malloc_filemap(dom, filename, &dom->kernel_size); | ||
338 | + dom->kernel_blob = xc_dom_malloc_filemap(dom, filename, &dom->kernel_size, | ||
339 | + dom->max_kernel_size); | ||
340 | if ( dom->kernel_blob == NULL ) | ||
341 | return -1; | ||
342 | return xc_dom_try_gunzip(dom, &dom->kernel_blob, &dom->kernel_size); | ||
343 | @@ -621,7 +684,9 @@ int xc_dom_ramdisk_file(struct xc_dom_image *dom, const char *filename) | ||
344 | { | ||
345 | DOMPRINTF("%s: filename=\"%s\"", __FUNCTION__, filename); | ||
346 | dom->ramdisk_blob = | ||
347 | - xc_dom_malloc_filemap(dom, filename, &dom->ramdisk_size); | ||
348 | + xc_dom_malloc_filemap(dom, filename, &dom->ramdisk_size, | ||
349 | + dom->max_ramdisk_size); | ||
350 | + | ||
351 | if ( dom->ramdisk_blob == NULL ) | ||
352 | return -1; | ||
353 | // return xc_dom_try_gunzip(dom, &dom->ramdisk_blob, &dom->ramdisk_size); | ||
354 | @@ -781,7 +846,11 @@ int xc_dom_build_image(struct xc_dom_image *dom) | ||
355 | void *ramdiskmap; | ||
356 | |||
357 | unziplen = xc_dom_check_gzip(dom->xch, dom->ramdisk_blob, dom->ramdisk_size); | ||
358 | + if ( xc_dom_ramdisk_check_size(dom, unziplen) != 0 ) | ||
359 | + unziplen = 0; | ||
360 | + | ||
361 | ramdisklen = unziplen ? unziplen : dom->ramdisk_size; | ||
362 | + | ||
363 | if ( xc_dom_alloc_segment(dom, &dom->ramdisk_seg, "ramdisk", 0, | ||
364 | ramdisklen) != 0 ) | ||
365 | goto err; | ||