NetBSD Problem Report #47925
From martin@duskware.de Fri Jun 14 12:20:54 2013
Return-Path: <martin@duskware.de>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "Postmaster NetBSD.org" (verified OK))
by mollari.NetBSD.org (Postfix) with ESMTPS id 6712F709D7
for <gnats-bugs@gnats.NetBSD.org>; Fri, 14 Jun 2013 12:20:54 +0000 (UTC)
From: martin@NetBSD.org
Reply-To: martin@NetBSD.org
To: gnats-bugs@gnats.NetBSD.org
Subject: bozzohttpd nits
X-Send-Pr-Version: 3.95
>Number: 47925
>Category: bin
>Synopsis: bozzohttpd does not authenticate redirects and creates broken redirects
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: shm
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Fri Jun 14 12:25:00 +0000 2013
>Closed-Date: Thu Mar 24 15:28:15 +0000 2016
>Last-Modified: Thu Mar 24 15:28:15 +0000 2016
>Originator: Martin Husemann
>Release: NetBSD 6.1_STABLE
>Organization:
The NetBSD Foundation, Inc.
>Environment:
System: NetBSD night-porter.duskware.de 6.1_STABLE NetBSD 6.1_STABLE (PORTER) #6: Wed May 29 21:38:20 CEST 2013 martin@night-porter.duskware.de:/usr/src-6/sys/arch/i386/compile/PORTER i386
Architecture: i386
Machine: i386
>Description:
When using a .bzredirect link in a directory with a .httpasswd file, httpd
does not require authentication before redirecting.
When expanding a directory url in a virtual server (-v option), an bogus
redirect ist generated (apparently uninitialized characters plus the final
part of the url, but no /index.html appended)
>How-To-Repeat:
s/a
>Fix:
looking at it, this is just a reminder
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: bin-bug-people->martin
Responsible-Changed-By: martin@NetBSD.org
Responsible-Changed-When: Fri, 14 Jun 2013 12:34:23 +0000
Responsible-Changed-Why:
I need it urgently fixed, so I'll deal with it.
From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/47925 CVS commit: src/libexec/httpd
Date: Sun, 23 Jun 2013 20:32:56 +0000
Module Name: src
Committed By: martin
Date: Sun Jun 23 20:32:55 UTC 2013
Modified Files:
src/libexec/httpd: bozohttpd.c
Log Message:
Do not keep pointers into a readdir result (which will become invalid
when closing the directory) - strdup() it instead.
Fixes the "bogus redirects" part of PR bin/47925 (atf test case
forthcoming)
To generate a diff of this commit:
cvs rdiff -u -r1.33 -r1.34 src/libexec/httpd/bozohttpd.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: Mateusz Kocielski <shm@digitalsun.pl>
To: gnats-bugs@NetBSD.org
Cc: martin@NetBSD.org
Subject: Re: misc/47925
Date: Mon, 2 Nov 2015 08:56:52 +0000
Hi there,
may I ask you to test it with current version of httpd from CVS? It should
be fixed by that change:
http://mail-index.netbsd.org/source-changes/2015/10/28/msg069711.html
Best Regards,
Mateusz Kocielski
From: Mateusz Kocielski <shm@digitalsun.pl>
To: gnats-bugs@NetBSD.org
Cc: martin@NetBSD.org
Subject: Re: bin/47925
Date: Mon, 2 Nov 2015 08:59:59 +0000
Hi there,
may I ask you to test it with current version of httpd from CVS? It should
be fixed by that change:
http://mail-index.netbsd.org/source-changes/2015/10/28/msg069711.html
Best Regards,
Mateusz Kocielski
Responsible-Changed-From-To: martin->shm
Responsible-Changed-By: shm@NetBSD.org
Responsible-Changed-When: Thu, 24 Mar 2016 15:28:15 +0000
Responsible-Changed-Why:
http://mail-index.netbsd.org/source-changes/2015/10/28/msg069711.html
State-Changed-From-To: open->closed
State-Changed-By: shm@NetBSD.org
State-Changed-When: Thu, 24 Mar 2016 15:28:15 +0000
State-Changed-Why:
http://mail-index.netbsd.org/source-changes/2015/10/28/msg069711.html
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2014
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.