From d395400e1a9c91d1c0826bc4ed80ff3d03b1e633 Mon Sep 17 00:00:00 2001 From: Jim Jagielski Date: Tue, 4 Jul 2017 12:35:11 +0000 Subject: [PATCH] Merge r1800594 from trunk: * Do not apply the strict permissions of the temporary file to a possibly existing passwd file. This long standing bug was triggered by fixing a bug in APR in r1791029. PR: 61240 Submitted by: rpluem Reviewed by: rpluem, ylavic, jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1800775 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 3 +++ STATUS | 7 ------- support/htdigest.c | 2 +- support/htpasswd.c | 2 +- 4 files changed, 5 insertions(+), 9 deletions(-) diff --git a/CHANGES b/CHANGES index 491fca9b85..3490b2a54e 100644 --- a/CHANGES +++ b/CHANGES @@ -8,6 +8,9 @@ Changes with Apache 2.4.27 *) Allow single-char field names inadvertantly disallowed in 2.4.25. PR 61220. [Yann Ylavic] + *) htpasswd / htdigest: Do not apply the strict permissions of the temporary + passwd file to a possibly existing passwd file. PR 61240. [Ruediger Pluem] + *) mod_proxy_fcgi: Revert to 2.4.20 FCGI behavior for the default ProxyFCGIBackendType, fixing a regression with PHP-FPM. PR 61202. [Jacob Champion, Jim Jagielski] diff --git a/STATUS b/STATUS index 3ef182284f..87cccd335f 100644 --- a/STATUS +++ b/STATUS @@ -115,13 +115,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - *) htpasswd / htdigest: Do not apply the strict permissions of the temporary - passwd file to a possibly existing passwd file. PR 61240. - trunk patch: http://svn.apache.org/r1800594 - 2.4.x patch: svn merge -c 1800594 ^/httpd/httpd/trunk . - +1: rpluem, ylavic, jim - - PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ New proposals should be added at the end of the list ] diff --git a/support/htdigest.c b/support/htdigest.c index 972fa82d20..018c0ea200 100644 --- a/support/htdigest.c +++ b/support/htdigest.c @@ -282,7 +282,7 @@ int main(int argc, const char * const argv[]) /* The temporary file has all the data, just copy it to the new location. */ - if (apr_file_copy(dirname, argv[1], APR_FILE_SOURCE_PERMS, cntxt) != + if (apr_file_copy(dirname, argv[1], APR_OS_DEFAULT, cntxt) != APR_SUCCESS) { apr_file_printf(errfile, "%s: unable to update file %s\n", argv[0], argv[1]); diff --git a/support/htpasswd.c b/support/htpasswd.c index 11023499a4..93308d8e93 100644 --- a/support/htpasswd.c +++ b/support/htpasswd.c @@ -498,7 +498,7 @@ int main(int argc, const char * const argv[]) /* The temporary file has all the data, just copy it to the new location. */ - if (apr_file_copy(dirname, pwfilename, APR_FILE_SOURCE_PERMS, pool) != + if (apr_file_copy(dirname, pwfilename, APR_OS_DEFAULT, pool) != APR_SUCCESS) { apr_file_printf(errfile, "%s: unable to update file %s" NL, argv[0], pwfilename); -- 2.40.0