* Do not apply the strict permissions of the temporary file to a possibly
existing passwd file.
This long standing bug was triggered by fixing a bug in APR in r1791029.
PR: 61240
Submitted by: rpluem
Reviewed by: rpluem, ylavic, jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1800775 13f79535-47bb-0310-9956-
ffa450edef68
*) Allow single-char field names inadvertantly disallowed in 2.4.25.
PR 61220. [Yann Ylavic]
+ *) htpasswd / htdigest: Do not apply the strict permissions of the temporary
+ passwd file to a possibly existing passwd file. PR 61240. [Ruediger Pluem]
+
*) mod_proxy_fcgi: Revert to 2.4.20 FCGI behavior for the default
ProxyFCGIBackendType, fixing a regression with PHP-FPM. PR 61202.
[Jacob Champion, Jim Jagielski]
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- *) htpasswd / htdigest: Do not apply the strict permissions of the temporary
- passwd file to a possibly existing passwd file. PR 61240.
- trunk patch: http://svn.apache.org/r1800594
- 2.4.x patch: svn merge -c 1800594 ^/httpd/httpd/trunk .
- +1: rpluem, ylavic, jim
-
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
/* The temporary file has all the data, just copy it to the new location.
*/
- if (apr_file_copy(dirname, argv[1], APR_FILE_SOURCE_PERMS, cntxt) !=
+ if (apr_file_copy(dirname, argv[1], APR_OS_DEFAULT, cntxt) !=
APR_SUCCESS) {
apr_file_printf(errfile, "%s: unable to update file %s\n",
argv[0], argv[1]);
/* The temporary file has all the data, just copy it to the new location.
*/
- if (apr_file_copy(dirname, pwfilename, APR_FILE_SOURCE_PERMS, pool) !=
+ if (apr_file_copy(dirname, pwfilename, APR_OS_DEFAULT, pool) !=
APR_SUCCESS) {
apr_file_printf(errfile, "%s: unable to update file %s" NL,
argv[0], pwfilename);
projects / apache / commitdiff