Import rpm: 83f89e967cf6729d4e78591b29ebde950ff12aea

2023-02-23 13:18:24 -05:00 · 2023-02-23 13:18:24 -05:00 · 512c002228
commit 512c002228
parent 800cad3880
3 changed files with 53 additions and 2 deletions
--- a/mod_wsgi-4.9.1-request-limit.patch
+++ b/mod_wsgi-4.9.1-request-limit.patch
@ -0,0 +1,46 @@
+diff --git a/src/server/mod_wsgi.c b/src/server/mod_wsgi.c
+index 59aad90..ef5f5af 100644
+--- a/src/server/mod_wsgi.c
+++ b/src/server/mod_wsgi.c
+@@ -12586,6 +12586,9 @@ static apr_status_t wsgi_header_filter(ap_filter_t *f, apr_bucket_brigade *b)
+ 
+     /* Output status line. */
+ 
+    if (!r->status_line)
+        r->status_line = ap_get_status_line(r->status);
+
+     vec1[0].iov_base = (void *)"Status:";
+     vec1[0].iov_len  = strlen("Status:");
+     vec1[1].iov_base = (void *)" ";
+@@ -12699,6 +12702,7 @@ static int wsgi_hook_daemon_handler(conn_rec *c)
+     apr_bucket_brigade *bb;
+ 
+     core_request_config *req_cfg;
+    core_dir_config *d;
+ 
+     ap_filter_t *current = NULL;
+     ap_filter_t *next = NULL;
+@@ -12890,6 +12894,23 @@ static int wsgi_hook_daemon_handler(conn_rec *c)
+ 
+     r->per_dir_config  = r->server->lookup_defaults;
+ 
+    /*
+     * Try and ensure that request body limit in daemon mode process
+     * is unlimited as Apache 2.4.54 changed rules for limit and if
+     * unset is now overridden by HTTP filters to be 1GiB rather than
+     * unlimited. This is required since we populate configuration
+     * from the base server config only so setting unlimited in a more
+     * specific context such as a virtual host wouldn't be visible.
+     * Note that setting this to unlimited in the daemon mode process
+     * is okay as the request limit body is checked in the Apache
+     * child process before request is proxied specifically to avoid
+     * unecessarily passing the content across to the daemon process.
+     */
+
+    d = (core_dir_config *)ap_get_core_module_config(r->per_dir_config);
+
+    d->limit_req_body = 0;
+
+     r->sent_bodyct = 0;
+ 
+     r->read_length = 0;
--- a/mod_wsgi.spec
+++ b/mod_wsgi.spec
@ -15,7 +15,7 @@

 Name:           mod_wsgi
 Version:        4.7.1
-Release:        4%{?dist}
+Release:        5%{?dist}
 Summary:        A WSGI interface for Python web applications in Apache
 License:        ASL 2.0
 URL:            https://modwsgi.readthedocs.io/
@ -23,6 +23,7 @@ Source0:        https://github.com/GrahamDumpleton/mod_wsgi/archive/%{version}.t
 Source1:        wsgi.conf
 Source2:        wsgi-python3.conf
 Patch1:         mod_wsgi-4.5.20-exports.patch
+Patch2:         mod_wsgi-4.9.1-request-limit.patch

 # Exclude i686 arch. Due to a modularity issue it's being added to the
 # x86_64 compose of CRB, but we don't want to ship it at all.
@ -177,6 +178,10 @@ ln -s %{_bindir}/mod_wsgi-express-2 $RPM_BUILD_ROOT%{_bindir}/mod_wsgi-express
 %endif

 %changelog
+* Thu Sep 08 2022 Lumír Balhar <lbalhar@redhat.com> - 4.7.1-5
+- Core dumped upon file upload >= 1GB
+Resolves: rhbz#2125172
+
 * Fri Jan 15 2021 Tomas Orsava <torsava@redhat.com> - 4.7.1-4
 - Convert from Fedora to the python39 module in RHEL8
 - Resolves: rhbz#1877430
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (mod_wsgi-4.7.1.tar.gz) = cbb5ec53d55e47a83f2b0630527c6a52b48ef21d5d2c18adcb875fc455795b39b3c93f4a86dfbf9738c0bd554d86cc4912cc9ff83c428af302ab94a61f66b5b4
+SHA1 (mod_wsgi-4.7.1.tar.gz) = e63cf367594da6d0efd685057d5b497883004599