debian/0000755000000000000000000000000012225564610007171 5ustar debian/rules0000755000000000000000000000111612201402727010242 0ustar #!/usr/bin/make -f # -*- makefile -*- # TODO: distclean? %: dh $@ --parallel --with apache2 override_dh_auto_configure: APXS=apxs2 ./configure.apxs override_dh_install: dh_install --fail-missing \ -X/usr/share/apache2/default-site/htdocs/manual \ -X/etc/apache2 override_dh_installchangelogs: dh_installchangelogs CHANGES-FCGID override_dh_strip: dh_strip --dbg-package=libapache2-mod-fcgid-dbg override_dh_fixperms: dh_fixperms chown -R www-data:www-data debian/libapache2-mod-fcgid/var/lib/apache2/fcgid chmod -R 755 debian/libapache2-mod-fcgid/var/lib/apache2/fcgid debian/source/0000755000000000000000000000000012201375472010471 5ustar debian/source/format0000644000000000000000000000001412201375472011677 0ustar 3.0 (quilt) debian/README.Debian0000644000000000000000000000053612201375472011236 0ustar libapache2-mod-fcgid for Debian ------------------------------ On Debian System, just put a file has .fcgi suffix in directory with ExecCGI, and you can run the scripts as FastCGI. If you need more information, visit website of upstream author; http://fastcgi.coremail.cn/ -- Tatsuki Sugiura , Wed, 21 Jul 2004 06:38:33 +0900 debian/libapache2-mod-fcgid.postinst0000644000000000000000000000016412201402754014612 0ustar #!/bin/sh set -e if [ "$1" = "configure" ]; then chown www-data:www-data /var/lib/apache2/fcgid fi #DEBHELPER# debian/libapache2-mod-fcgid.install0000644000000000000000000000004512201376004014371 0ustar usr/lib/apache2/modules/mod_fcgid.so debian/libapache2-mod-fcgid.apache20000644000000000000000000000005412201375472014236 0ustar mod debian/fcgid.load mod debian/fcgid.conf debian/fcgid.conf0000644000000000000000000000020512201402754011103 0ustar FcgidConnectTimeout 20 AddHandler fcgid-script .fcgi debian/fcgid.load0000644000000000000000000000007612201375472011111 0ustar LoadModule fcgid_module /usr/lib/apache2/modules/mod_fcgid.so debian/libapache2-mod-fcgid.docs0000644000000000000000000000021712201376043013657 0ustar README-FCGID docs/manual/mod/mod_fcgid.xml.meta docs/manual/mod/mod_fcgid.xml docs/manual/mod/mod_fcgid.html docs/manual/mod/mod_fcgid.html.en debian/libapache2-mod-fcgid.dirs0000644000000000000000000000003312201376043013664 0ustar var/lib/apache2/fcgid/sock debian/compat0000644000000000000000000000000212201402753010360 0ustar 9 debian/changelog0000644000000000000000000001676412225564610011061 0ustar libapache2-mod-fcgid (1:2.3.9-1) unstable; urgency=high * New upstream release. - Fixes CVE-2013-4365: heap buffer overwrite. (Closes: #725942) * Further improve the long description. (Closes: #719534) -- Felix Geyer Thu, 10 Oct 2013 19:49:42 +0200 libapache2-mod-fcgid (1:2.3.7-1) unstable; urgency=low * Adopt the package. (Closes: #713917) * Switch from cdbs to dh-style rules file. * Switch to debhelper compat level 9. * Bump Standards-Version to 3.9.4, no changes needed. * Improve the short description. (Closes: #664202) * Guard AddHandler option in fgcid.conf so it's only used when the mime module is laoded. (Closes: #711542) * Add Vcs-* headers. -- Felix Geyer Sat, 10 Aug 2013 11:15:31 +0200 libapache2-mod-fcgid (1:2.3.7-0.1) unstable; urgency=low * Non-maintainer upload. * New upstream release. (Closes: #689149) - Drop 20_honor_FcgidMaxProcessesPerClass_setting.dpatch, applied upstream. * Switch from dpatch to source format 3.0 (quilt). (Closes: #664353) * Fix the watch file, thanks to Bart Martens. * Fix building twice in a row. (Closes: #693625) - Call make distclean. -- Felix Geyer Wed, 05 Jun 2013 22:14:50 +0200 libapache2-mod-fcgid (1:2.3.6-1.3) unstable; urgency=low * Non-maintainer upload. * Transition towards Apache 2.4. (Closes: #666863) - Use dh_apache2 instead of calling a2{en,dis}mod manually in the maintainer scripts. -- Felix Geyer Mon, 20 May 2013 10:50:54 +0200 libapache2-mod-fcgid (1:2.3.6-1.2) unstable; urgency=low * Non-maintainer upload. * Fix "mod_fcgid: requests with chunked encoding have no body available to FCGI backend": Applied upstream patch (Closes: #691929) -- Tobias Frost Sun, 18 Nov 2012 18:33:32 +0100 libapache2-mod-fcgid (1:2.3.6-1.1) unstable; urgency=low * Non-maintainer upload. * import r1037727 from upstream to fix vhost-specific process controls (Closes: #615814) -- Daniel Kahn Gillmor Wed, 07 Mar 2012 17:00:08 -0500 libapache2-mod-fcgid (1:2.3.6-1) unstable; urgency=low * New upstream release (Closes: #595276) -- Tatsuki Sugiura Thu, 11 Nov 2010 02:48:54 +0900 libapache2-mod-fcgid (1:2.3.5-2) unstable; urgency=low * Fix build problem with new ash (Closes: #583025) Thanks Hideki Yamane and Igor Galić. -- Tatsuki Sugiura Mon, 08 Feb 2010 09:58:38 +0900 libapache2-mod-fcgid (1:2.3.5-1) unstable; urgency=medium * New upstream release * Change default shared memory path to /var/lib/apache2/fcgid/shm. * Update watch file. -- Tatsuki Sugiura Mon, 01 Feb 2010 05:29:36 +0900 libapache2-mod-fcgid (1:2.3.4-2) unstable; urgency=medium * Fix segfault with empty outout from fcgi process (Closes: #468559) * Add -dbg package * Update package description from official site. -- Tatsuki Sugiura Thu, 28 Jan 2010 04:59:12 +0900 libapache2-mod-fcgid (1:2.3.4-1) unstable; urgency=low * New upstream release (Closes: #561913, #531851) -- Tatsuki Sugiura Sat, 23 Jan 2010 12:20:20 +0900 libapache2-mod-fcgid (1:2.2-1) unstable; urgency=medium * New upstream release (Closes: #446585) * fixed debian/watch to new version (Closes: #446586) -- Tatsuki Sugiura Sun, 14 Oct 2007 17:37:02 +0900 libapache2-mod-fcgid (1:2.1-3) unstable; urgency=low * Built-in default settings was changed to compat with Debian policy. Now, you don't need to specify SocketPath and SharememPath in config. (Closes: #431215) -- Tatsuki Sugiura Sun, 01 Jul 2007 05:00:25 +0900 libapache2-mod-fcgid (1:2.1-2) unstable; urgency=medium * Add proper dependency by shlibs:Depends (Closes: #427046, #427120) -- Tatsuki Sugiura Sat, 02 Jun 2007 18:01:15 +0900 libapache2-mod-fcgid (1:2.1-1) unstable; urgency=low * New upstream release (Closes: #420910) * Add SharememPath to default config. Thanks to Philipp Wollermann. -- Tatsuki Sugiura Mon, 14 May 2007 02:53:56 +0900 libapache2-mod-fcgid (1:1.10-2) unstable; urgency=high * rewind upstream version temporary for etch release. (Related: #401938) -- Tatsuki Sugiura Wed, 31 Jan 2007 18:25:18 +0900 libapache2-mod-fcgid (2.0-1) unstable; urgency=high * New upstream release * Apply NMU Update (Closes: #394473) -- Tatsuki Sugiura Wed, 1 Nov 2006 13:28:02 +0900 libapache2-mod-fcgid (1.10-1.1) unstable; urgency=medium * Non-maintainer upload. * Update for apache 2.2 (Closes: #391757). * Stop overriding what libtool to use (Closes: #393020). -- Luk Claes Sat, 21 Oct 2006 15:36:56 +0200 libapache2-mod-fcgid (1.10-1.1~smcv0) unstable; urgency=low * Non-maintainer upload. * Compile against Apache 2.2 and APR 1.0 (Closes: #391757, #393020). -- Simon McVittie Sun, 15 Oct 2006 15:17:28 +0100 libapache2-mod-fcgid (1.10-1) unstable; urgency=low * New upstream release * Update app kill patch: Rename Directive ErrorTimeout -> ShutdownTimeout -- Tatsuki Sugiura Wed, 5 Jul 2006 13:24:02 +0900 libapache2-mod-fcgid (1.09-2) UNRELEASED; urgency=low * NOT RELEASED YET -- Tatsuki Sugiura Mon, 15 May 2006 07:06:17 +0900 libapache2-mod-fcgid (1.09-1) unstable; urgency=low * New upstream release (Closes: #361975, #361579, #345752) * Set "IPCConnectTimeout 20" in default config file (Closes: #352498) -- Tatsuki Sugiura Mon, 15 May 2006 06:06:03 +0900 libapache2-mod-fcgid (1.07-1) unstable; urgency=low * New upstream release (Closes: #339604) * Unnecessary dependency has been removed. Those provied from apache2-common. (Closes: #334011) -- Tatsuki Sugiura Mon, 21 Nov 2005 05:55:39 +0900 libapache2-mod-fcgid (1.06-2) UNRELEASED; urgency=low * add ErrorTimeout directive for timeout of force kill -- Tatsuki Sugiura Wed, 16 Nov 2005 05:47:41 +0900 libapache2-mod-fcgid (1.06-1) unstable; urgency=low * New upstream release -- Tatsuki Sugiura Tue, 16 Aug 2005 07:33:24 +0900 libapache2-mod-fcgid (1.05-1) unstable; urgency=low * New upstream release -- Tatsuki Sugiura Thu, 7 Apr 2005 16:31:07 +0900 libapache2-mod-fcgid (1.04-1) unstable; urgency=low * New upstream release -- Tatsuki Sugiura Sun, 19 Dec 2004 01:43:57 +0900 libapache2-mod-fcgid (1.03-2) unstable; urgency=low * supports non HTTP_OK status code -- Tatsuki Sugiura Thu, 11 Nov 2004 09:37:41 +0900 libapache2-mod-fcgid (1.03-1) unstable; urgency=low * New upstream release -- Tatsuki Sugiura Wed, 10 Nov 2004 17:24:08 +0900 libapache2-mod-fcgid (1.02-1) unstable; urgency=low * New upstream release -- Tatsuki Sugiura Wed, 13 Oct 2004 15:53:34 +0900 libapache2-mod-fcgid (1.01-1) unstable; urgency=low * New upstream release -- Tatsuki Sugiura Sat, 25 Sep 2004 02:20:16 +0900 libapache2-mod-fcgid (0.86-1) unstable; urgency=low * New upstream release -- Tatsuki Sugiura Wed, 25 Aug 2004 15:01:09 +0900 libapache2-mod-fcgid (0.80-1) unstable; urgency=low * New upstream release -- Tatsuki Sugiura Thu, 12 Aug 2004 09:59:01 +0900 libapache2-mod-fcgid (0.77-1) unstable; urgency=low * Initial Release. -- Tatsuki Sugiura Wed, 21 Jul 2004 06:38:33 +0900 debian/control0000644000000000000000000000253312216127111010566 0ustar Source: libapache2-mod-fcgid Section: httpd Priority: optional Maintainer: Felix Geyer Build-Depends: debhelper (>= 9), apache2-dev (>= 2.4) Standards-Version: 3.9.4 Homepage: http://httpd.apache.org/mod_fcgid/ Vcs-Git: git://anonscm.debian.org/collab-maint/libapache2-mod-fcgid.git Vcs-Browser: http://anonscm.debian.org/gitweb/?p=collab-maint/libapache2-mod-fcgid.git Package: libapache2-mod-fcgid Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Description: FastCGI interface module for Apache 2 This package contains mod_fcgid, a high-performance alternative to mod_cgi or mod_cgid. It starts a sufficient number of instances of the CGI program to handle concurrent requests. These programs remain running to handle further incoming requests. . It is a binary-compatible alternative to Apache module mod_fastcgi. Package: libapache2-mod-fcgid-dbg Architecture: any Section: debug Priority: extra Depends: libapache2-mod-fcgid (= ${binary:Version}), ${misc:Depends} Description: debugging symbols for mod_fcgid This package contains mod_fcgid, a high-performance alternative to mod_cgi or mod_cgid. It starts a sufficient number of instances of the CGI program to handle concurrent requests. These programs remain running to handle further incoming requests. . This package contains the debugging symbols for mod_fcgid. debian/watch0000644000000000000000000000013712201375472010223 0ustar version=3 http://httpd.apache.org/download.cgi .*/mod_fcgid-(\d.*)\.(?:tgz|tar\.(?:gz|bz2|xz)) debian/copyright0000644000000000000000000000054012201375472011123 0ustar This package was debianized by Tatsuki Sugiura on Wed, 21 Jul 2004 06:38:33 +0900. It was downloaded from http://httpd.apache.org/download.cgi#mod_fcgid Upstream Author: Pan qingfeng Copyright: Copyright 2009 The Apache Software Foundation under Apache License 2.0, details for /usr/share/common-licenses/Apache-2.0 debian/patches/0000755000000000000000000000000012201375472010620 5ustar debian/patches/30_fix-bts-691929.patch0000644000000000000000000000560012201375472014301 0ustar Description: Patch to set CONTENT_LENGTH FCGI params based on actual request body Author: Dominic Benson Bug: https://issues.apache.org/bugzilla/show_bug.cgi?id=53332 diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' libapache2-mod-fcgid-2.3.6~/modules/fcgid/fcgid_spawn_ctl.c libapache2-mod-fcgid-2.3.6/modules/fcgid/fcgid_spawn_ctl.c --- mod_fcgid-2.3.6.orig/modules/fcgid/fcgid_bridge.c 2012-05-30 09:53:20.928783540 +0100 +++ mod_fcgid-2.3.6/modules/fcgid/fcgid_bridge.c 2012-05-30 18:04:01.648850877 +0100 @@ -662,6 +662,11 @@ static int add_request_body(request_rec apr_brigade_destroy(input_brigade); apr_brigade_destroy(tmp_brigade); + char sizestr[21]; + apr_snprintf(sizestr, sizeof sizestr, "%" APR_OFF_T_FMT, request_size); + apr_table_set(r->subprocess_env, "CONTENT_LENGTH", sizestr); + apr_table_unset(r->subprocess_env, "HTTP_TRANSFER_ENCODING"); + /* Append an empty body stdin header */ stdin_request_header = apr_bucket_alloc(sizeof(FCGI_Header), r->connection->bucket_alloc); @@ -682,31 +687,37 @@ static int add_request_body(request_rec int bridge_request(request_rec * r, int role, fcgid_cmd_conf *cmd_conf) { apr_bucket_brigade *output_brigade; + apr_bucket_brigade *header_brigade; apr_bucket *bucket_eos; - char **envp = ap_create_environment(r->pool, - r->subprocess_env); int rc; /* Create brigade for the request to fastcgi server */ output_brigade = apr_brigade_create(r->pool, r->connection->bucket_alloc); + header_brigade = + apr_brigade_create(r->pool, r->connection->bucket_alloc); + + if (role == FCGI_RESPONDER) { + rc = add_request_body(r, r->pool, output_brigade); + if (rc) { + return rc; + } + } + + char **envp = ap_create_environment(r->pool, + r->subprocess_env); /* Build the begin request and environ request, append them to output_brigade */ if (!build_begin_block - (role, r, r->connection->bucket_alloc, output_brigade) + (role, r, r->connection->bucket_alloc, header_brigade) || !build_env_block(r, envp, r->connection->bucket_alloc, - output_brigade)) { + header_brigade)) { ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, "mod_fcgid: can't build begin or env request"); return HTTP_INTERNAL_SERVER_ERROR; } - if (role == FCGI_RESPONDER) { - rc = add_request_body(r, r->pool, output_brigade); - if (rc) { - return rc; - } - } + APR_BRIGADE_PREPEND(output_brigade,header_brigade); /* The eos bucket now */ bucket_eos = apr_bucket_eos_create(r->connection->bucket_alloc); debian/patches/series0000644000000000000000000000006512201375472012036 0ustar 10_debian_default_path.patch 30_fix-bts-691929.patch debian/patches/10_debian_default_path.patch0000644000000000000000000000201512201375472016101 0ustar #! /bin/sh /usr/share/dpatch/dpatch-run ## 10_debian_default_sockprefix.dpatch by ## ## All lines beginning with `## DP:' are a description of the patch. ## DP: Change default socket and shm path to compt with debian layout. @DPATCH@ diff -urNad libapache2-mod-fcgid~/modules/fcgid/fcgid_conf.c libapache2-mod-fcgid/modules/fcgid/fcgid_conf.c --- libapache2-mod-fcgid~/modules/fcgid/fcgid_conf.c 2010-02-01 05:15:22.000000000 +0900 +++ libapache2-mod-fcgid/modules/fcgid/fcgid_conf.c 2010-02-01 05:19:23.281304519 +0900 @@ -39,8 +39,8 @@ #define DEFAULT_ERROR_SCAN_INTERVAL 3 #define DEFAULT_ZOMBIE_SCAN_INTERVAL 3 #define DEFAULT_PROC_LIFETIME (60*60) -#define DEFAULT_SOCKET_PREFIX DEFAULT_REL_RUNTIMEDIR "/fcgidsock" -#define DEFAULT_SHM_PATH DEFAULT_REL_RUNTIMEDIR "/fcgid_shm" +#define DEFAULT_SOCKET_PREFIX "/var/lib/apache2/fcgid/sock" +#define DEFAULT_SHM_PATH "/var/lib/apache2/fcgid/shm" #define DEFAULT_SPAWNSOCRE_UPLIMIT 10 #define DEFAULT_SPAWN_SCORE 1 #define DEFAULT_TERMINATION_SCORE 2