From: Andrew McNab Date: Mon, 15 May 2006 14:51:38 +0000 (+0000) Subject: Use %{prefix} in .spec more X-Git-Tag: gridsite-core_R_1_1_19~26 X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=6a7c63b6d884d48d4d6989d6bbadb474a8c46a29;p=jra1mw.git Use %{prefix} in .spec more --- diff --git a/org.gridsite.core/src/gridsite.spec b/org.gridsite.core/src/gridsite.spec index 023335b..afc2e9a 100644 --- a/org.gridsite.core/src/gridsite.spec +++ b/org.gridsite.core/src/gridsite.spec @@ -17,7 +17,7 @@ GridSite adds GSI, VOMS and GACL support to Apache 2.0 (mod_gridsite), a library for manipulating these technologies (libgridsite), and CGI programs for interactive management of HTTP(S) servers (gridsite-admin.cgi) -See %(echo ${MYPREFIX:-/usr})/share/doc/gridsite-%{version} and +See %{prefix}/share/doc/gridsite-%{version} and http://www.gridsite.org/ for details. %package shared @@ -70,65 +70,68 @@ with GridSite and Grid Security credentials. %build cd src -make prefix=$RPM_BUILD_ROOT/%(echo ${MYPREFIX:-/usr}) \ +make prefix=$RPM_BUILD_ROOT/%{prefix} \ GSOAPDIR=$GSOAPDIR OPENSSL_FLAGS=$OPENSSL_FLAGS \ OPENSSL_LIBS=$OPENSSL_LIBS FLAVOR_EXT=$FLAVOR_EXT %install cd src -make install prefix=$RPM_BUILD_ROOT/%(echo ${MYPREFIX:-/usr}) \ +make install prefix=$RPM_BUILD_ROOT/%{prefix} \ GSOAPDIR=$GSOAPDIR OPENSSL_FLAGS=$OPENSSL_FLAGS \ OPENSSL_LIBS=$OPENSSL_LIBS FLAVOR_EXT=$FLAVOR_EXT %post shared -/sbin/ldconfig -ln -sf %(echo ${MYPREFIX:-/usr})/share/doc/gridsite-%{version} \ - %(echo ${MYPREFIX:-/usr})/share/doc/gridsite +if [ "$UID" = "0" ] ; then + /sbin/ldconfig +fi + +ln -sf %{prefix}/share/doc/gridsite-%{version} \ + %{prefix}/share/doc/gridsite #%postun -rm -f %(echo ${MYPREFIX:-/usr})/share/doc/gridsite +rm -f %{prefix}/share/doc/gridsite %files shared -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/lib/libgridsite.so.%{version} -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/lib/libgridsite.so -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/lib/libgridsite_globus.so.%{version} -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/lib/libgridsite_globus.so -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/doc/gridsite-%{version} +%attr(-, root, root) %{prefix}/lib/libgridsite.so.%{version} +%attr(-, root, root) %{prefix}/lib/libgridsite.so +%attr(-, root, root) %{prefix}/lib/libgridsite_globus.so.%{version} +%attr(-, root, root) %{prefix}/lib/libgridsite_globus.so +%attr(-, root, root) %{prefix}/share/doc/gridsite-%{version} %files devel -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/include/gridsite.h -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/include/gridsite-gacl.h -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/lib/libgridsite.a -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/lib/libgridsite_globus.a +%attr(-, root, root) %{prefix}/include/gridsite.h +%attr(-, root, root) %{prefix}/include/gridsite-gacl.h +%attr(-, root, root) %{prefix}/lib/libgridsite.a +%attr(-, root, root) %{prefix}/lib/libgridsite_globus.a %files apache -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man8/mod_gridsite.8.gz -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/lib/httpd/modules/mod_gridsite.so -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/sbin/real-gridsite-admin.cgi -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/sbin/gridsite-copy.cgi +%attr(-, root, root) %{prefix}/share/man/man8/mod_gridsite.8.gz +%attr(-, root, root) %{prefix}/lib/httpd/modules/mod_gridsite.so +%attr(-, root, root) %{prefix}/sbin/real-gridsite-admin.cgi +%attr(-, root, root) %{prefix}/sbin/gridsite-copy.cgi %files commands -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/htcp -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/htls -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/htll -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/htrm -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/htmkdir -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/htmv -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/htping -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/htfind -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/urlencode -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/bin/findproxyfile -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/htcp.1.gz -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/htrm.1.gz -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/htls.1.gz -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/htll.1.gz -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/htmkdir.1.gz -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/htmv.1.gz -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/htping.1.gz -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/htfind.1.gz -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/urlencode.1.gz -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man1/findproxyfile.1.gz +%attr(-, root, root) %{prefix}/bin/htcp +%attr(-, root, root) %{prefix}/bin/htls +%attr(-, root, root) %{prefix}/bin/htll +%attr(-, root, root) %{prefix}/bin/htrm +%attr(-, root, root) %{prefix}/bin/htmkdir +%attr(-, root, root) %{prefix}/bin/htmv +%attr(-, root, root) %{prefix}/bin/htping +%attr(-, root, root) %{prefix}/bin/htfind +%attr(-, root, root) %{prefix}/bin/urlencode +%attr(-, root, root) %{prefix}/bin/findproxyfile +%attr(-, root, root) %{prefix}/share/man/man1/htcp.1.gz +%attr(-, root, root) %{prefix}/share/man/man1/htrm.1.gz +%attr(-, root, root) %{prefix}/share/man/man1/htls.1.gz +%attr(-, root, root) %{prefix}/share/man/man1/htll.1.gz +%attr(-, root, root) %{prefix}/share/man/man1/htmkdir.1.gz +%attr(-, root, root) %{prefix}/share/man/man1/htmv.1.gz +%attr(-, root, root) %{prefix}/share/man/man1/htping.1.gz +%attr(-, root, root) %{prefix}/share/man/man1/htfind.1.gz +%attr(-, root, root) %{prefix}/share/man/man1/urlencode.1.gz +%attr(-, root, root) %{prefix}/share/man/man1/findproxyfile.1.gz %files gsexec -%attr(4510, root, apache) %(echo ${MYPREFIX:-/usr})/sbin/gsexec -%attr(-, root, root) %(echo ${MYPREFIX:-/usr})/share/man/man8/gsexec.8.gz +%attr(4510, root, apache) %{prefix}/sbin/gsexec +%attr(-, root, root) %{prefix}/share/man/man8/gsexec.8.gz diff --git a/org.gridsite.core/src/grst_x509.c b/org.gridsite.core/src/grst_x509.c index 9feddc4..f3c0aa5 100644 --- a/org.gridsite.core/src/grst_x509.c +++ b/org.gridsite.core/src/grst_x509.c @@ -827,6 +827,7 @@ int GRSTx509MakeProxyCert(char **proxychain, FILE *debugfp, STACK_OF (X509_EXTENSION) * req_exts; FILE *fp; BIO *reqmem, *certmem; + time_t notAfter; /* read in the request */ reqmem = BIO_new(BIO_s_mem()); @@ -960,8 +961,6 @@ int GRSTx509MakeProxyCert(char **proxychain, FILE *debugfp, return GRST_RET_FAILED; } -// need to set validity within limits of earlier certificates in the chain - /* set duration for the certificate */ if (!(X509_gmtime_adj (X509_get_notBefore(certs[0]), 0))) { @@ -975,7 +974,24 @@ int GRSTx509MakeProxyCert(char **proxychain, FILE *debugfp, mpcerror(debugfp, "GRSTx509MakeProxyCert(): error setting ending time of the certificate\n"); return GRST_RET_FAILED; - } + } + + /* go through chain making sure this proxy is not longer lived */ + + notAfter = + GRSTasn1TimeToTimeT(ASN1_STRING_data(X509_get_notAfter(certs[0])), 0); + + for (i=1; i < ncerts; ++i) + if (notAfter > + GRSTasn1TimeToTimeT(ASN1_STRING_data(X509_get_notAfter(certs[i])), + 0)) + { + notAfter = + GRSTasn1TimeToTimeT(ASN1_STRING_data(X509_get_notAfter(certs[i])), + 0); + + ASN1_UTCTIME_set(X509_get_notAfter(certs[0]), notAfter); + } /* sign the certificate with the signing private key */ if (EVP_PKEY_type (CApkey->type) == EVP_PKEY_RSA) diff --git a/org.gridsite.core/src/mod_gridsite.c b/org.gridsite.core/src/mod_gridsite.c index 4fbcfbe..36efc51 100644 --- a/org.gridsite.core/src/mod_gridsite.c +++ b/org.gridsite.core/src/mod_gridsite.c @@ -29,8 +29,8 @@ POSSIBILITY OF SUCH DAMAGE. - This program includes dav_parse_range() from Apache mod_dav.c and - associated code contributed by David O Callaghan + This program includes code from dav_parse_range() from Apache mod_dav.c, + and associated code contributed by David O Callaghan Copyright 2000-2005 The Apache Software Foundation or its licensors, as applicable. @@ -153,39 +153,54 @@ typedef struct /* - * dav_parse_range() is based on modules/dav/main/mod_dav.c from Apache + * parse_content_range() is loosely + * based on modules/dav/main/mod_dav.c from Apache */ -int dav_parse_range(request_rec *r, apr_off_t *range_start, - apr_off_t *range_end) +int parse_content_range(request_rec *r, apr_off_t *range_start, + apr_off_t *range_end, apr_off_t *range_length) { +// this all needs verifying to be ok for large (>2GB, >4GB) files + const char *range_c; char *range; char *dash; char *slash; range_c = apr_table_get(r->headers_in, "content-range"); - if (range_c == NULL) - return 0; - + if (range_c == NULL) return 0; + range = apr_pstrdup(r->pool, range_c); - if (strncasecmp(range, "bytes ", 6) != 0 - || (dash = ap_strchr(range, '-')) == NULL - || (slash = ap_strchr(range, '/')) == NULL) { - /* malformed header. ignore it (per S14.16 of RFC2616) */ - return 0; - } - *dash = *slash = '\0'; + if ((strncasecmp(range, "bytes ", 6) != 0) || + ((dash = ap_strchr(range, '-')) == NULL) || + ((slash = ap_strchr(range, '/')) == NULL)) + { + return 0; /* malformed header. ignore it (per S14.16 of RFC2616) */ + } - *range_start = apr_atoi64(range + 6); - *range_end = apr_atoi64(dash + 1); + *dash = *slash = '\0'; + + // Check for GridSite-specific Content-Range: bytes *-*/LENGTH form + + if ((range[6] == '*') && (dash[1] == '*')) + { + if (slash[1] == '*') return 0; /* invalid truncation length */ + + *range_length = apr_atoi64(&slash[1]); + *range_start = 0; + *range_end = 0; + + return 1; /* a valid (truncation) length */ + } + + *range_length = 0; + *range_start = apr_atoi64(&range[6]); + *range_end = apr_atoi64(&dash[1]); - if (*range_end < *range_start - || (slash[1] != '*' && apr_atoi64(slash + 1) <= *range_end)) { - /* invalid range. ignore it (per S14.16 of RFC2616) */ - return 0; - } + if ((*range_end < *range_start) || + ((slash[1] != '*') && (apr_atoi64(&slash[1]) <= *range_end))) + return 0; /* ignore invalid ranges */ /* we now have a valid range */ return 1; @@ -813,16 +828,13 @@ int http_gridhttp(request_rec *r, mod_gridsite_dir_cfg *conf) int http_put_method(request_rec *r, mod_gridsite_dir_cfg *conf) { char buf[2048]; - size_t length, total_length; + size_t block_length, length_sent; int retcode, stat_ret; apr_file_t *fp; apr_int32_t open_flag; struct stat statbuf; - int has_range = 0, is_done = 0; - apr_off_t range_start; - apr_off_t range_end; - size_t range_length; + apr_off_t range_start, range_end, range_length, length_to_send; /* *** check if directory creation: PUT /.../ *** */ @@ -851,12 +863,22 @@ int http_put_method(request_rec *r, mod_gridsite_dir_cfg *conf) /* find if a range is specified */ - has_range = dav_parse_range(r, &range_start, &range_end); + has_range = parse_content_range(r, &range_start, &range_end, &range_length); if (has_range) - open_flag = APR_WRITE | APR_CREATE | APR_BUFFERED; - else - open_flag = APR_WRITE | APR_CREATE | APR_BUFFERED | APR_TRUNCATE; + { + if ((range_start == 0) && (range_end == 0)) /* truncate? */ + { + if (stat_ret != 0) return HTTP_NOT_FOUND; + + if (truncate(r->filename, range_length) != 0) + return HTTP_INTERNAL_SERVER_ERROR; + else return OK; + } + + open_flag = APR_WRITE | APR_CREATE | APR_BUFFERED; + } + else open_flag = APR_WRITE | APR_CREATE | APR_BUFFERED | APR_TRUNCATE; if (apr_file_open(&fp, r->filename, open_flag, conf->diskmode, r->pool) != 0) return HTTP_INTERNAL_SERVER_ERROR; @@ -874,23 +896,24 @@ int http_put_method(request_rec *r, mod_gridsite_dir_cfg *conf) return retcode; } - range_length = range_end - range_start + 1; + length_to_send = range_end - range_start + 1; } retcode = ap_setup_client_block(r, REQUEST_CHUNKED_DECHUNK); if (retcode == OK) { - if (has_range) total_length = 0; + if (has_range) length_sent = 0; + if (ap_should_client_block(r)) - while ((length = ap_get_client_block(r, buf, sizeof(buf))) > 0) + while ((block_length = ap_get_client_block(r, buf, sizeof(buf))) > 0) { - if (has_range && (total_length + length > range_length)) + if (has_range && (length_sent + block_length > length_to_send)) { - length = range_length - total_length; + block_length = length_to_send - length_sent; is_done = 1; } - if (apr_file_write(fp, buf, &length) != 0) + if (apr_file_write(fp, buf, &block_length) != 0) { retcode = HTTP_INTERNAL_SERVER_ERROR; break; @@ -899,7 +922,7 @@ int http_put_method(request_rec *r, mod_gridsite_dir_cfg *conf) if (has_range) { if (is_done) break; - else total_length += length; + else length_sent += block_length; } } ap_set_content_length(r, 0); @@ -919,7 +942,10 @@ int http_put_method(request_rec *r, mod_gridsite_dir_cfg *conf) int http_delete_method(request_rec *r, mod_gridsite_dir_cfg *conf) { - if (apr_file_remove(r->filename, r->pool) != 0) return HTTP_FORBIDDEN; + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, + "Try remove(%s)", r->filename); + + if (remove(r->filename) != 0) return HTTP_FORBIDDEN; ap_set_content_length(r, 0); ap_set_content_type(r, "text/html"); @@ -934,9 +960,12 @@ int http_move_method(request_rec *r, mod_gridsite_dir_cfg *conf) if (r->notes != NULL) destination_translated = (char *) apr_table_get(r->notes, "GRST_DESTINATION_TRANSLATED"); - - if ((destination_translated == NULL) || - (apr_file_rename(r->filename, destination_translated, r->pool) != 0)) + if (destination_translated == NULL) return HTTP_BAD_REQUEST; + + if (strcmp(r->filename, destination_translated) == 0) + return HTTP_FORBIDDEN; + + if (apr_file_rename(r->filename, destination_translated, r->pool) != 0) return HTTP_FORBIDDEN; ap_set_content_length(r, 0);