From aad6511a2a500fb4cb5ccd9487a0b9daf8e3d796 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Sep 20 2022 12:30:41 +0000 Subject: import mod_wsgi-4.7.1-5.module+el8.7.0+16654+645aad7f --- diff --git a/SOURCES/mod_wsgi-4.9.1-request-limit.patch b/SOURCES/mod_wsgi-4.9.1-request-limit.patch new file mode 100644 index 0000000..f8f29e3 --- /dev/null +++ b/SOURCES/mod_wsgi-4.9.1-request-limit.patch @@ -0,0 +1,46 @@ +diff --git a/src/server/mod_wsgi.c b/src/server/mod_wsgi.c +index 59aad90..ef5f5af 100644 +--- a/src/server/mod_wsgi.c ++++ b/src/server/mod_wsgi.c +@@ -12586,6 +12586,9 @@ static apr_status_t wsgi_header_filter(ap_filter_t *f, apr_bucket_brigade *b) + + /* Output status line. */ + ++ if (!r->status_line) ++ r->status_line = ap_get_status_line(r->status); ++ + vec1[0].iov_base = (void *)"Status:"; + vec1[0].iov_len = strlen("Status:"); + vec1[1].iov_base = (void *)" "; +@@ -12699,6 +12702,7 @@ static int wsgi_hook_daemon_handler(conn_rec *c) + apr_bucket_brigade *bb; + + core_request_config *req_cfg; ++ core_dir_config *d; + + ap_filter_t *current = NULL; + ap_filter_t *next = NULL; +@@ -12890,6 +12894,23 @@ static int wsgi_hook_daemon_handler(conn_rec *c) + + r->per_dir_config = r->server->lookup_defaults; + ++ /* ++ * Try and ensure that request body limit in daemon mode process ++ * is unlimited as Apache 2.4.54 changed rules for limit and if ++ * unset is now overridden by HTTP filters to be 1GiB rather than ++ * unlimited. This is required since we populate configuration ++ * from the base server config only so setting unlimited in a more ++ * specific context such as a virtual host wouldn't be visible. ++ * Note that setting this to unlimited in the daemon mode process ++ * is okay as the request limit body is checked in the Apache ++ * child process before request is proxied specifically to avoid ++ * unecessarily passing the content across to the daemon process. ++ */ ++ ++ d = (core_dir_config *)ap_get_core_module_config(r->per_dir_config); ++ ++ d->limit_req_body = 0; ++ + r->sent_bodyct = 0; + + r->read_length = 0; diff --git a/SPECS/mod_wsgi.spec b/SPECS/mod_wsgi.spec index 02d03af..29463c8 100644 --- a/SPECS/mod_wsgi.spec +++ b/SPECS/mod_wsgi.spec @@ -15,7 +15,7 @@ Name: mod_wsgi Version: 4.7.1 -Release: 4%{?dist} +Release: 5%{?dist} Summary: A WSGI interface for Python web applications in Apache License: ASL 2.0 URL: https://modwsgi.readthedocs.io/ @@ -23,6 +23,7 @@ Source0: https://github.com/GrahamDumpleton/mod_wsgi/archive/%{version}.t Source1: wsgi.conf Source2: wsgi-python3.conf Patch1: mod_wsgi-4.5.20-exports.patch +Patch2: mod_wsgi-4.9.1-request-limit.patch # Exclude i686 arch. Due to a modularity issue it's being added to the # x86_64 compose of CRB, but we don't want to ship it at all. @@ -177,6 +178,10 @@ ln -s %{_bindir}/mod_wsgi-express-2 $RPM_BUILD_ROOT%{_bindir}/mod_wsgi-express %endif %changelog +* Thu Sep 08 2022 Lumír Balhar - 4.7.1-5 +- Core dumped upon file upload >= 1GB +Resolves: rhbz#2125172 + * Fri Jan 15 2021 Tomas Orsava - 4.7.1-4 - Convert from Fedora to the python39 module in RHEL8 - Resolves: rhbz#1877430