sync upstream patch

2023-03-09 21:11:42 +08:00 · 2023-03-09 21:11:42 +08:00 · a914d94a99
commit a914d94a99
parent b470434654
2 changed files with 47 additions and 1 deletions
--- a/backport-open-the-lock-database-read-only-when-possible.patch
+++ b/backport-open-the-lock-database-read-only-when-possible.patch
@ -0,0 +1,39 @@
+From ddfd4663dcd327963124b03567dbd1f0880d67f4 Mon Sep 17 00:00:00 2001
+From: covener <covener@apache.org>
+Date: Wed, 30 Nov 2022 2:24:32 AM GMT+0800
+Subject: [PATCH] mod_dav:open the lock database read only when possible
+
+Conflict:NA
+Reference:https://github.com/apache/httpd/commit/ddfd4663dcd327963124b03567dbd1f0880d67f4
+
+---
+ modules/dav/main/mod_dav.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/modules/dav/main/mod_dav.c b/modules/dav/main/mod_dav.c
+index 2cbfc06..76d9a51 100644
+--- a/modules/dav/main/mod_dav.c
+++ b/modules/dav/main/mod_dav.c
+@@ -1405,8 +1405,7 @@ static dav_error *dav_gen_supported_live_props(request_rec *r,
+     dav_error *err;
+ 
+     /* open lock database, to report on supported lock properties */
+-    /* ### should open read-only */
+-    if ((err = dav_open_lockdb(r, 0, &lockdb)) != NULL) {
+    if ((err = dav_open_lockdb(r, 1, &lockdb)) != NULL) {
+         return dav_push_error(r->pool, err->status, 0,
+                               "The lock database could not be opened, "
+                               "preventing the reporting of supported lock "
+@@ -2171,8 +2170,7 @@ static int dav_method_propfind(request_rec *r)
+     apr_pool_create(&ctx.scratchpool, r->pool);
+     apr_pool_tag(ctx.scratchpool, "mod_dav-scratch");
+ 
+-    /* ### should open read-only */
+-    if ((err = dav_open_lockdb(r, 0, &ctx.w.lockdb)) != NULL) {
+    if ((err = dav_open_lockdb(r, 1, &ctx.w.lockdb)) != NULL) {
+         err = dav_push_error(r->pool, err->status, 0,
+                              "The lock database could not be opened, "
+                              "preventing access to the various lock "
+-- 
+2.27.0
+
--- a/httpd.spec
+++ b/httpd.spec
@ -8,7 +8,7 @@
 Name:             httpd
 Summary:          Apache HTTP Server
 Version:          2.4.51
-Release:          13
+Release:          14
 License:          ASL 2.0
 URL:              https://httpd.apache.org/
 Source0:          https://archive.apache.org/dist/httpd/httpd-%{version}.tar.bz2
@ -97,6 +97,7 @@ Patch43:          backport-mod_md-do-not-interfere-with-requests-to-well-known-a
 Patch44:          backport-CVE-2022-36760.patch
 Patch45:          backport-CVE-2006-20001.patch
 Patch46:          backport-CVE-2022-37436.patch
+Patch47:          backport-open-the-lock-database-read-only-when-possible.patch

 BuildRequires:    gcc autoconf pkgconfig findutils xmlto perl-interpreter perl-generators systemd-devel
 BuildRequires:    zlib-devel libselinux-devel lua-devel brotli-devel
@ -529,6 +530,12 @@ exit $rv
 %{_rpmconfigdir}/macros.d/macros.httpd

 %changelog
+* Thu Mar 9 2023 chengyechun <chengyechun1@huawei.com> - 2.4.51-14
+- Type:bugfix
+- ID:NA
+- SUG:restart
+- DESC:mod_dav:open the lock database read-only when possible
+
 * Thu Feb 2 2023 seuzw <930zhaowei@163.com> - 2.4.51-13
 - Type:cves
 - ID:CVE-2022-36760,CVE-2006-20001,CVE-2022-37436