import mod_wsgi-4.6.4-5.el8

2023-03-28 12:02:31 +00:00 · 2023-03-28 12:02:31 +00:00 · 3e9e2b14db
commit 3e9e2b14db
parent 3d26123430
2 changed files with 52 additions and 1 deletions
--- a/SOURCES/mod_wsgi-4.9.1-request-limit.patch
+++ b/SOURCES/mod_wsgi-4.9.1-request-limit.patch
@ -0,0 +1,46 @@
+diff --git a/src/server/mod_wsgi.c b/src/server/mod_wsgi.c
+index 59aad90..ef5f5af 100644
+--- a/src/server/mod_wsgi.c
+++ b/src/server/mod_wsgi.c
+@@ -12586,6 +12586,9 @@ static apr_status_t wsgi_header_filter(ap_filter_t *f, apr_bucket_brigade *b)
+ 
+     /* Output status line. */
+ 
+    if (!r->status_line)
+        r->status_line = ap_get_status_line(r->status);
+
+     vec1[0].iov_base = (void *)"Status:";
+     vec1[0].iov_len  = strlen("Status:");
+     vec1[1].iov_base = (void *)" ";
+@@ -12699,6 +12702,7 @@ static int wsgi_hook_daemon_handler(conn_rec *c)
+     apr_bucket_brigade *bb;
+ 
+     core_request_config *req_cfg;
+    core_dir_config *d;
+ 
+     ap_filter_t *current = NULL;
+     ap_filter_t *next = NULL;
+@@ -12890,6 +12894,23 @@ static int wsgi_hook_daemon_handler(conn_rec *c)
+ 
+     r->per_dir_config  = r->server->lookup_defaults;
+ 
+    /*
+     * Try and ensure that request body limit in daemon mode process
+     * is unlimited as Apache 2.4.54 changed rules for limit and if
+     * unset is now overridden by HTTP filters to be 1GiB rather than
+     * unlimited. This is required since we populate configuration
+     * from the base server config only so setting unlimited in a more
+     * specific context such as a virtual host wouldn't be visible.
+     * Note that setting this to unlimited in the daemon mode process
+     * is okay as the request limit body is checked in the Apache
+     * child process before request is proxied specifically to avoid
+     * unecessarily passing the content across to the daemon process.
+     */
+
+    d = (core_dir_config *)ap_get_core_module_config(r->per_dir_config);
+
+    d->limit_req_body = 0;
+
+     r->sent_bodyct = 0;
+ 
+     r->read_length = 0;
--- a/SPECS/mod_wsgi.spec
+++ b/SPECS/mod_wsgi.spec
@ -18,7 +18,7 @@

 Name:           mod_wsgi
 Version:        4.6.4
-Release:        4%{?dist}
+Release:        5%{?dist}
 Summary:        A WSGI interface for Python web applications in Apache
 Group:          System Environment/Libraries
 License:        ASL 2.0
@ -28,6 +28,7 @@ Source1:        wsgi.conf
 Source2:        wsgi-python3.conf
 Patch1:         mod_wsgi-4.5.20-exports.patch
 Patch2:         mod_wsgi-4.6.4-warnings.patch
+Patch3:         mod_wsgi-4.9.1-request-limit.patch
 BuildRequires:  httpd-devel
 BuildRequires:  python3-sphinx
 BuildRequires:  gcc
@ -77,6 +78,7 @@ BuildRequires:  python3-devel
 %setup -qn %{name}-%{version}
 %patch1 -p1 -b .exports
 %patch2 -p1 -b .warnings
+%patch3 -p1 -b .request-limit

 %if "%{py3dir}" != "."
 cp -a . %{py3dir}
@ -157,6 +159,9 @@ ln -s %{_bindir}/mod_wsgi-express-2 $RPM_BUILD_ROOT%{_bindir}/mod_wsgi-express
 %endif

 %changelog
+* Tue Sep 06 2022 Luboš Uhliarik <luhliari@redhat.com> - 4.6.4-5
+- Resolves: #2122695 - Core dumped upon file upload >= 1GB
+
 * Wed Dec 04 2019 Lubos Uhliarik <luhliari@redhat.com> - 4.6.4-4
 - Resolves: #1779705 - python3-mod_wsgi: Remove the Provides and Obsoletes for
  the name `mod_wsgi`