Bug#724619: pu: package mapserver/6.0.1-3.2+deb7u1

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#724619: pu: package mapserver/6.0.1-3.2+deb7u1
From: Bas Couwenberg <sebastic@xs4all.nl>
Date: Wed, 25 Sep 2013 22:38:54 +0200
Message-id: <20130925203854.4825.18842.reportbug@osiris.linuxminded.xs4all.nl>
Reply-to: Bas Couwenberg <sebastic@xs4all.nl>, 724619@bugs.debian.org

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: pu

Hi,

As briefly discussed on debian-release@ in the thread starting at [1],
I'd like to propose an update of mapserver for wheezy.

[1] https://lists.debian.org/debian-release/2013/09/msg00083.html

The package incorporaters the feedback from the Release Team. I'm
including my last reply in the thread, with some outstanding questions.

On 09/04/2013 07:51 PM, Adam D. Barratt wrote:
> On Tue, 2013-09-03 at 22:49 +0200, Sebastiaan Couwenberg wrote:
>
> +  [Francesco Paolo Lovergine]
> +  * Fixed typo that prevented AGG use in debian/rules.
> +    (closes: #663875)
>
> What's the status of this bug with regard to the version of mapserver
> in
> testing / unstable? The BTS metadata indicates that it affects that
> version and is not resolved there.

I overlooked updating the version information for this bug with the
upload of 6.2.1-3, I've done so now.

This bug is not present in 6.2.1-3 because since the release of
MapServer 6.2.0 support for AGG is always included.

>
> +  * Migrated to debhelper level 9 and policy bumped to 3.9.3. 
>
> The former is definitely inappropriate for a stable update; the
> latter
> could be included but isn't particularly relevant.

These debhelper and policy changes have been undone in the updated
package.

In the same commit in the Debian GIS repository --sourcedir=debian/tmp
is dropped for dh_install which shouldn't effect the package as
debhelper 7 and up already look in this directory.

Should this dh_install change also be reverted none the less?

>
> +  [Bas Couwenberg]
> +  * Link executables with -ldl. Thanks Colin Watson for the patch.
> +    (closes: #709186)
>
> Unless I'm missing something, the issue this is fixing doesn't
> actually
> occur with wheezy's toolchain; as such, it's not something we'd look
> at
> changing in stable I'm afraid.

This change has also been undone in the updated package.

>
> +  * Cherry pick fix for strict Content-Type matching from v6.2.1:
> +
> https://github.com/faegi/mapserver/commit/426193cf5f6b34c97cceef2aca4649c604756cd0
>
> That would be:
>
> ++    if(strncmp(request->contenttype,
> "application/x-www-form-urlencoded",
> strlen("application/x-www-form-urlencoded")) == 0) {
>
> This will also match "application/x-www-form/urlencoded-badgers",
> which
> I assume wasn't intended. That may or may not be worse than the
> original
> bug though.

The problem without the fix is that a Content-Type header such as
"application/x-www-form-urlencoded; charset=UTF-8" is not matched
causing the request to fail.

While not a perfect fix for the problem, it does solve the issue.
MapServer is able to handle POST requests by AJAX libraries.

A better fix may be to test for either just
"application/x-www-form-urlencoded" or followed by parameter(s), like:

 if((strcmp(request->contenttype, "application/x-www-form-urlencoded") == 0)
   || (strncmp(request->contenttype, "application/x-www-form-urlencoded;",
   strlen("application/x-www-form-urlencoded;")) == 0)) {

Should I update the patch to use this, or is it acceptable as it is?

Kind Regards,

Bas Couwenberg

diff -Nru mapserver-6.0.1/debian/changelog mapserver-6.0.1/debian/changelog
--- mapserver-6.0.1/debian/changelog	2012-08-29 17:49:17.000000000 +0200
+++ mapserver-6.0.1/debian/changelog	2013-09-25 21:15:43.000000000 +0200
@@ -1,3 +1,15 @@
+mapserver (6.0.1-3.2+deb7u1) stable-proposed-updates; urgency=low
+
+  [ Francesco Paolo Lovergine ]
+  * Fixed typo that prevented AGG use in debian/rules.
+    (closes: #663875)
+
+  [ Bas Couwenberg ]
+  * Cherry pick fix for strict Content-Type matching from v6.2.1:
+    https://github.com/faegi/mapserver/commit/426193cf5f6b34c97cceef2aca4649c604756cd0
+
+ -- Bas Couwenberg <sebastic@xs4all.nl>  Wed, 24 Jul 2013 00:05:08 +0200
+
 mapserver (6.0.1-3.2) unstable; urgency=low
 
   * Non-maintainer upload.
diff -Nru mapserver-6.0.1/debian/control mapserver-6.0.1/debian/control
--- mapserver-6.0.1/debian/control	2012-08-29 17:48:49.000000000 +0200
+++ mapserver-6.0.1/debian/control	2013-09-25 21:13:43.000000000 +0200
@@ -2,7 +2,7 @@
 Section: devel
 Priority: optional
 Maintainer: Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>
-Uploaders: Francesco Paolo Lovergine <frankie@debian.org>, Alan Boudreault <aboudreault@mapgears.com>
+Uploaders: Francesco Paolo Lovergine <frankie@debian.org>, Alan Boudreault <aboudreault@mapgears.com>, Bas Couwenberg <sebastic@xs4all.nl>
 Standards-Version: 3.9.2
 Build-Depends: debhelper (>= 8), libcurl4-gnutls-dev, libpng-dev, zlib1g-dev (>= 1.1.4),
  libgd2-xpm-dev (>= 2.0.1-10), libfreetype6-dev (>= 2.0.9), libjpeg-dev, libgdal1-dev (>=1.4.0), libproj-dev,
diff -Nru mapserver-6.0.1/debian/patches/contenttype mapserver-6.0.1/debian/patches/contenttype
--- mapserver-6.0.1/debian/patches/contenttype	1970-01-01 01:00:00.000000000 +0100
+++ mapserver-6.0.1/debian/patches/contenttype	2013-09-25 21:13:43.000000000 +0200
@@ -0,0 +1,21 @@
+Description: Fix parsing POST request when Content-Type has an encoding appended.
+Origin: https://github.com/faegi/mapserver/commit/426193cf5f6b34c97cceef2aca4649c604756cd0
+Bug: https://github.com/mapserver/mapserver/pull/4585
+Last-Update 2013-05-09
+--- a/cgiutil.c	2013-05-09 03:05:00.000000000 +0200
++++ b/cgiutil.c	2013-05-09 03:07:25.000000000 +0200
+@@ -166,8 +166,12 @@
+ 
+     /* if the content_type is application/x-www-form-urlencoded, 
+        we have to parse it like the QUERY_STRING variable */
+-    if(strcmp(request->contenttype, "application/x-www-form-urlencoded") == 0)   
+-    {
++    //if(strcmp(request->contenttype, "application/x-www-form-urlencoded") == 0) {
++    /*
++     * Cherry picked fix for strict Content-Type matching from:
++     * https://github.com/faegi/mapserver/commit/426193cf5f6b34c97cceef2aca4649c604756cd0
++     */
++    if(strncmp(request->contenttype, "application/x-www-form-urlencoded", strlen("application/x-www-form-urlencoded")) == 0) {
+       while( data_len > 0 && isspace(post_data[data_len-1]) )
+         post_data[--data_len] = '\0';
+ 
diff -Nru mapserver-6.0.1/debian/patches/series mapserver-6.0.1/debian/patches/series
--- mapserver-6.0.1/debian/patches/series	2012-05-22 01:31:07.000000000 +0200
+++ mapserver-6.0.1/debian/patches/series	2013-09-25 21:13:43.000000000 +0200
@@ -1,3 +1,4 @@
 fixgeos
 php54
 multiarch-libgd
+contenttype
diff -Nru mapserver-6.0.1/debian/rules mapserver-6.0.1/debian/rules
--- mapserver-6.0.1/debian/rules	2012-08-28 20:29:25.000000000 +0200
+++ mapserver-6.0.1/debian/rules	2013-09-25 21:13:43.000000000 +0200
@@ -48,7 +48,7 @@
 		--with-threads \
 		--with-geos \
 		--with-fastcgi \
-		-with-agg \
+		--with-agg \
 		--with-experimental-png \
 		--with-cairo
 
@@ -236,7 +236,7 @@
 binary-arch: install-arch
 	dh_testdir -a
 	dh_testroot -a
-	dh_install --autodest --list-missing --sourcedir=debian/tmp
+	dh_install --autodest --list-missing 
 	dh_installchangelogs -a HISTORY.TXT
 	dh_installdocs -a
 	dh_installexamples -a

Reply to:

Follow-Ups:
- Processed: Re: Bug#724619: pu: package mapserver/6.0.1-3.2+deb7u1
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#724619: pu: package mapserver/6.0.1-3.2+deb7u1
  - From: Jonathan Wiltshire <jmw@debian.org>

Prev by Date: Re: coin3 testing migration
Next by Date: Processed: tagging 724619
Previous by thread: Re: coin3 testing migration
Next by thread: Processed: Re: Bug#724619: pu: package mapserver/6.0.1-3.2+deb7u1
Index(es):
- Date
- Thread