diff -Naur mod_python-3.2.8-orig/src/connobject.c mod_python-3.2.8/src/connobject.c --- mod_python-3.2.8-orig/src/connobject.c 2006-02-02 13:30:55.000000000 -0800 +++ mod_python-3.2.8/src/connobject.c 2006-06-26 11:03:16.000000000 -0700 @@ -79,7 +79,7 @@ rc = ap_get_brigade(c->input_filters, bb, mode, APR_BLOCK_READ, bufsize); Py_END_ALLOW_THREADS; - if (! APR_STATUS_IS_SUCCESS(rc)) { + if (rc != APR_SUCCESS) { PyErr_SetObject(PyExc_IOError, PyString_FromString("Connection read error")); return NULL; @@ -319,14 +319,14 @@ { PyObject *addrobj = makeipaddr(addr); PyObject *ret = NULL; + + /* apr_sockaddr_port_get was deprecated and removed in apr 1.x + * Access the port directly instead + */ if (addrobj) { apr_port_t port; - if(apr_sockaddr_port_get(&port, addr)==APR_SUCCESS) { - ret = Py_BuildValue("Oi", addrobj, port ); - } - else { - PyErr_SetString(PyExc_SystemError,"apr_sockaddr_port_get failure"); - } + port = addr->port; + ret = Py_BuildValue("Oi", addrobj, port ); Py_DECREF(addrobj); } return ret; diff -Naur mod_python-3.2.8-orig/src/filterobject.c mod_python-3.2.8/src/filterobject.c --- mod_python-3.2.8-orig/src/filterobject.c 2004-11-25 14:10:52.000000000 -0800 +++ mod_python-3.2.8/src/filterobject.c 2006-06-26 11:03:23.000000000 -0700 @@ -178,7 +178,7 @@ APR_BLOCK_READ, self->readbytes); Py_END_ALLOW_THREADS; - if (!APR_STATUS_IS_EAGAIN(self->rc) && !APR_STATUS_IS_SUCCESS(self->rc)) { + if (!APR_STATUS_IS_EAGAIN(self->rc) && !(self->rc == APR_SUCCESS)) { PyErr_SetObject(PyExc_IOError, PyString_FromString("Input filter read error")); return NULL; diff -Naur mod_python-3.2.8-orig/test/httpdconf.py mod_python-3.2.8/test/httpdconf.py --- mod_python-3.2.8-orig/test/httpdconf.py 2005-09-13 13:35:57.000000000 -0700 +++ mod_python-3.2.8/test/httpdconf.py 2006-06-26 11:03:32.000000000 -0700 @@ -37,8 +37,11 @@ class Container: def __init__(self, *args): - self.args = args + self.args = list(args) self.indent = 0 + + def append(self, value): + self.args.append(value) def __str__(self): @@ -80,6 +83,16 @@ def __init__(self, val): Directive.__init__(self, self.__class__.__name__, val) +class AuthBasicAuthoritative(Directive): + # New in Apache 2.2 + def __init__(self, val): + Directive.__init__(self, self.__class__.__name__, val) + +class AuthBasicProvider(Directive): + # New in Apache 2.2 + def __init__(self, val): + Directive.__init__(self, self.__class__.__name__, val) + class AuthType(Directive): def __init__(self, val): Directive.__init__(self, self.__class__.__name__, val) @@ -112,6 +125,10 @@ def __init__(self, dir, *args): ContainerTag.__init__(self, self.__class__.__name__, dir, args) +class KeepAliveTimeout(Directive): + def __init__(self, val): + Directive.__init__(self, self.__class__.__name__, val) + class Listen(Directive): def __init__(self, val): Directive.__init__(self, self.__class__.__name__, val) diff -Naur mod_python-3.2.8-orig/test/test.py mod_python-3.2.8/test/test.py --- mod_python-3.2.8-orig/test/test.py 2006-02-19 11:51:17.000000000 -0800 +++ mod_python-3.2.8/test/test.py 2006-06-26 11:03:35.000000000 -0700 @@ -220,6 +220,32 @@ s = '"%s"' % s return s +def get_apache_version(): + + print "Checking Apache version...." + httpd = quoteIfSpace(HTTPD) + cmd = '%s -v' % (httpd) + (stdin,stdout) = os.popen2(cmd) + + version_str = None + for line in stdout: + if line.startswith('Server version'): + version_str = line.strip() + break + + if version_str: + version_str = version_str.split('/')[1] + major,minor,patch = version_str.split('.',3) + version = '%s.%s' % (major,minor) + else: + + print "Can't determine Apache version. Assuming 2.0" + version = '2.0' + print version + return version + +APACHE_VERSION = get_apache_version() + class HttpdCtrl: # a mixin providing ways to control httpd @@ -289,14 +315,26 @@ Listen(PORT), PythonOption('PythonOptionTest sample_value'), DocumentRoot(DOCUMENT_ROOT), - LoadModule("python_module %s" % quoteIfSpace(MOD_PYTHON_SO)), - IfModule("!mod_auth.c", + LoadModule("python_module %s" % quoteIfSpace(MOD_PYTHON_SO))) + + if APACHE_VERSION == '2.2': + # mod_auth has been split into mod_auth_basic and some other modules + s.append(IfModule("!mod_auth_basic.c", + LoadModule("auth_basic_module %s" % + quoteIfSpace(os.path.join(modpath, "mod_auth_basic.so"))))) + + # Default KeepAliveTimeout is 5 for apache 2.2, but 15 in apache 2.0 + # Explicitly set the value so it's the same as 2.0 + s.append(KeepAliveTimeout("15")) + else: + s.append(IfModule("!mod_auth.c", LoadModule("auth_module %s" % quoteIfSpace(os.path.join(modpath, "mod_auth.so"))))) + s.append("\n# --APPENDED-- \n\n"+append) + f = open(CONFIG, "w") f.write(str(s)) - f.write("\n# --APPENDED-- \n\n"+append) f.close() def startHttpd(self,extra=''): @@ -595,7 +633,12 @@ def test_req_requires_conf(self): - c = VirtualHost("*", + if APACHE_VERSION == '2.2': + # Apache 2.2 needs AuthBasicAuthoritative Off + # This is necessary when combining mod_auth_basic with third-party + # modules that are not configured with the AuthBasicProvider + # directive. + c = VirtualHost("*", ServerName("test_req_requires"), DocumentRoot(DOCUMENT_ROOT), Directory(DOCUMENT_ROOT, @@ -603,8 +646,23 @@ AuthName("blah"), AuthType("basic"), Require("valid-user"), + AuthBasicAuthoritative("Off"), PythonAuthenHandler("tests::req_requires"), PythonDebug("On"))) + + else: + # This configuration is suitable for Apache 2.0 + c = VirtualHost("*", + ServerName("test_req_requires"), + DocumentRoot(DOCUMENT_ROOT), + Directory(DOCUMENT_ROOT, + SetHandler("mod_python"), + AuthName("blah"), + AuthType("basic"), + Require("valid-user"), + PythonAuthenHandler("tests::req_requires"), + PythonDebug("On"))) + return str(c) def test_req_requires(self): @@ -1595,47 +1653,10 @@ response = conn.getresponse() rsp = response.read() conn.close() + if rsp != "test ok": self.fail("session did not accept our cookie") - def test_Session_illegal_sid_conf(self): - - c = VirtualHost("*", - ServerName("test_Session_Session"), - DocumentRoot(DOCUMENT_ROOT), - Directory(DOCUMENT_ROOT, - SetHandler("mod_python"), - PythonHandler("tests::Session_Session"), - PythonDebug("On"))) - return str(c) - - def test_Session_illegal_sid(self): - - print "\n * Testing Session with illegal session id value" - bad_cookie = 'pysid=/path/traversal/attack/bad; path=/' - conn = httplib.HTTPConnection("127.0.0.1:%s" % PORT) - conn.putrequest("GET", "/tests.py", skip_host=1) - conn.putheader("Host", "test_Session_Session:%s" % PORT) - conn.putheader("Cookie", bad_cookie) - conn.endheaders() - response = conn.getresponse() - status = response.status - conn.close() - if status != 500: - self.fail("session accepted a sid with illegal characters") - - bad_cookie = 'pysid=%s; path=/' % ('abcdef'*64) - conn = httplib.HTTPConnection("127.0.0.1:%s" % PORT) - conn.putrequest("GET", "/tests.py", skip_host=1) - conn.putheader("Host", "test_Session_Session:%s" % PORT) - conn.putheader("Cookie", bad_cookie) - conn.endheaders() - response = conn.getresponse() - status = response.status - conn.close() - if status != 500: - self.fail("session accepted a sid which is too long") - def test_publisher_conf(self): c = VirtualHost("*", ServerName("test_publisher"), @@ -2007,7 +2028,6 @@ perRequestSuite.addTest(PerRequestTestCase("test_Cookie_Cookie")) perRequestSuite.addTest(PerRequestTestCase("test_Cookie_MarshalCookie")) perRequestSuite.addTest(PerRequestTestCase("test_Session_Session")) - perRequestSuite.addTest(PerRequestTestCase("test_Session_illegal_sid")) perRequestSuite.addTest(PerRequestTestCase("test_interpreter_per_directive")) perRequestSuite.addTest(PerRequestTestCase("test_interpreter_per_directory")) perRequestSuite.addTest(PerRequestTestCase("test_publisher"))