From b7a648faaf12832eee94339ef5bfdfa82706422b Mon Sep 17 00:00:00 2001 From: =?utf8?q?Rafa=C5=82=20Mi=C5=82ecki?= Date: Sat, 9 Jun 2018 22:02:51 +0200 Subject: [PATCH] lighttpd: backport fix for plain auth from 1.4.49 release MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Update commit 3d59ce6f502b ("lighttpd: update to 1.4.48") resulted in plain auth regression: it simply stopped working with: (mod_auth.c.525) password doesn't match for (...) appearing on every authentication try. This regression was fixed in 1.4.49 release. Backport the fix instead of updating to the 1.4.49 to avoid risking more/other regressions. Signed-off-by: Rafał Miłecki (cherry picked from commit 4cc0c8871398d7c2fb879a319c87e320249bfdcc) --- net/lighttpd/Makefile | 2 +- ...decode-when-char-is-unsigned-fixes-2.patch | 43 +++++++++++++++++++ 2 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 net/lighttpd/patches/0001-core-fix-base64-decode-when-char-is-unsigned-fixes-2.patch diff --git a/net/lighttpd/Makefile b/net/lighttpd/Makefile index 16321e864c..ed38ca118c 100644 --- a/net/lighttpd/Makefile +++ b/net/lighttpd/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=lighttpd PKG_VERSION:=1.4.48 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=http://download.lighttpd.net/lighttpd/releases-1.4.x diff --git a/net/lighttpd/patches/0001-core-fix-base64-decode-when-char-is-unsigned-fixes-2.patch b/net/lighttpd/patches/0001-core-fix-base64-decode-when-char-is-unsigned-fixes-2.patch new file mode 100644 index 0000000000..18a9a1dec0 --- /dev/null +++ b/net/lighttpd/patches/0001-core-fix-base64-decode-when-char-is-unsigned-fixes-2.patch @@ -0,0 +1,43 @@ +From d4083effab0f9bf76528d5c47198b17e7471ed13 Mon Sep 17 00:00:00 2001 +From: Glenn Strauss +Date: Thu, 21 Dec 2017 17:41:17 -0500 +Subject: [PATCH] [core] fix base64 decode when char is unsigned (fixes #2848) + +thx, codehero + +x-ref: + "buffer_append_base64_decode() broken on compilers where char is assumed unsigned" + https://redmine.lighttpd.net/issues/2848 +--- + src/base64.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +--- a/src/base64.c ++++ b/src/base64.c +@@ -11,7 +11,7 @@ + + /* BASE64_STANDARD: "A-Z a-z 0-9 + /" maps to 0-63, pad with "=" */ + static const char base64_standard_table[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="; +-static const char base64_standard_reverse_table[] = { ++static const signed char base64_standard_reverse_table[] = { + /* 0 1 2 3 4 5 6 7 8 9 A B C D E F */ + -1, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, /* 0x00 - 0x0F */ + -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, /* 0x10 - 0x1F */ +@@ -25,7 +25,7 @@ static const char base64_standard_revers + + /* BASE64_URL: "A-Z a-z 0-9 - _" maps to 0-63, pad with "." */ + static const char base64_url_table[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_."; +-static const char base64_url_reverse_table[] = { ++static const signed char base64_url_reverse_table[] = { + /* 0 1 2 3 4 5 6 7 8 9 A B C D E F */ + -1, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, /* 0x00 - 0x0F */ + -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, /* 0x10 - 0x1F */ +@@ -42,7 +42,7 @@ unsigned char* buffer_append_base64_deco + size_t out_pos = 0; /* current output character (position) that is decoded. can contain partial result */ + unsigned int group = 0; /* how many base64 digits in the current group were decoded already. each group has up to 4 digits */ + size_t i; +- const char *base64_reverse_table; ++ const signed char *base64_reverse_table; + + switch (charset) { + case BASE64_STANDARD: -- 2.30.2