Ubuntu
couchdb package

Merge lp:~jsjgruber/ubuntu/oneiric/couchdb/couchdb.fix780972.r1039345 into lp:ubuntu/oneiric/couchdb

  1. Oneiric (11.10)
  2. couchdb.fix780972.r1039345
  3. Merge into oneiric
Proposed by John S. Gruber
Status: Rejected
Rejected by: Stéphane Graber
Proposed branch: lp:~jsjgruber/ubuntu/oneiric/couchdb/couchdb.fix780972.r1039345
Merge into: lp:ubuntu/oneiric/couchdb
Diff against target: 139 lines (+48/-32)
6 files modified
debian/changelog (+6/-0)
src/erlang-oauth/oauth.app.in (+1/-1)
src/erlang-oauth/oauth_hmac_sha1.erl (+1/-1)
src/erlang-oauth/oauth_http.erl (+1/-1)
src/erlang-oauth/oauth_plaintext.erl (+1/-1)
src/erlang-oauth/oauth_uri.erl (+38/-28)
To merge this branch: bzr merge lp:~jsjgruber/ubuntu/oneiric/couchdb/couchdb.fix780972.r1039345
Reviewer Review Type Date Requested Status
dobey (community) Disapprove
Ubuntu branches Pending
Review via email: mp+74677@code.launchpad.net

Description of the change

Proposed fix for LP: #780972, cherry picking from couchdb upstream svn r1039345.

Test build is in ppa:jsjgruber/ppa couchdb -- 1.0.1-0ubuntu17~jsg4.whole.patch

i386 build log is at: https://launchpad.net/~jsjgruber/+archive/ppa/+build/2773697/+files/buildlog_ubuntu-oneiric-i386.couchdb_1.0.1-0ubuntu17%7Ejsg4.whole.patch_BUILDING.txt.gz

to test use the command:

python -c "from desktopcouch.application.server import *; d=DesktopDatabase('test', create=True)"

Which should return without a traceback. The bug causes this to produce an unauthorized exception.

To post a comment you must log in.
Revision history for this message
dobey (dobey) wrote :

I'm voting my disapproval of this branch, not because I think the patch is bad, but because of how it is applied. Patches need to be files under debian/patches/ (like all the other patches in this package), and not direct changes in the tree. You also should not include your PPA ~version piece in the changelog version string for an upload into Ubuntu proper.

Since it was quick to do, I've went ahead and made another branch and proposed it, by making the changes into a proper patch, and tweaking the changelog entry, while still properly attributing the fix to you. It is at https://code.launchpad.net/~dobey/ubuntu/oneiric/couchdb/fix-780972/+merge/75238

Thanks.

review: Disapprove

Unmerged revisions

56. By John S. Gruber

Backport svn r1039345 from 1.0.3., fixing LP: #780972.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'debian/changelog'
2--- debian/changelog 2011-06-14 17:47:09 +0000
3+++ debian/changelog 2011-09-08 19:56:53 +0000
4@@ -1,3 +1,9 @@
5+couchdb (1.0.1-0ubuntu17~jsg4.whole.patch) oneiric; urgency=low
6+
7+ * Backport svn r1039345 from 1.0.3., fixing LP: #780972.
8+
9+ -- John S Gruber <johnsgruber@gmail.com> Fri, 02 Sep 2011 01:02:01 -0400
10+
11 couchdb (1.0.1-0ubuntu16) oneiric; urgency=low
12
13 * Update Spidermonkey 1.8.5 patchset to the more palatable ones I'm
14
15=== modified file 'src/erlang-oauth/oauth.app.in'
16--- src/erlang-oauth/oauth.app.in 2010-07-26 10:24:11 +0000
17+++ src/erlang-oauth/oauth.app.in 2011-09-08 19:56:53 +0000
18@@ -1,6 +1,6 @@
19 {application, oauth, [
20 {description, "Erlang OAuth implementation"},
21- {vsn, "dev"},
22+ {vsn, "7d85d3ef"},
23 {modules, [
24 oauth,
25 oauth_hmac_sha1,
26
27=== modified file 'src/erlang-oauth/oauth_hmac_sha1.erl'
28--- src/erlang-oauth/oauth_hmac_sha1.erl 2010-07-26 10:24:11 +0000
29+++ src/erlang-oauth/oauth_hmac_sha1.erl 2011-09-08 19:56:53 +0000
30@@ -8,4 +8,4 @@
31 base64:encode_to_string(crypto:sha_mac(Key, BaseString)).
32
33 verify(Signature, BaseString, CS, TS) ->
34- couch_util:verify(signature(BaseString, CS, TS), Signature).
35+ Signature =:= signature(BaseString, CS, TS).
36
37=== modified file 'src/erlang-oauth/oauth_http.erl'
38--- src/erlang-oauth/oauth_http.erl 2009-08-24 15:44:14 +0000
39+++ src/erlang-oauth/oauth_http.erl 2011-09-08 19:56:53 +0000
40@@ -10,7 +10,7 @@
41 request(post, {URL, [], "application/x-www-form-urlencoded", Data}).
42
43 request(Method, Request) ->
44- http:request(Method, Request, [{autoredirect, false}], []).
45+ httpc:request(Method, Request, [{autoredirect, false}], []).
46
47 response_params(Response) ->
48 oauth_uri:params_from_string(response_body(Response)).
49
50=== modified file 'src/erlang-oauth/oauth_plaintext.erl'
51--- src/erlang-oauth/oauth_plaintext.erl 2010-07-26 10:24:11 +0000
52+++ src/erlang-oauth/oauth_plaintext.erl 2011-09-08 19:56:53 +0000
53@@ -7,4 +7,4 @@
54 oauth_uri:calate("&", [CS, TS]).
55
56 verify(Signature, CS, TS) ->
57- couch_util:verify(signature(CS, TS), Signature).
58+ Signature =:= signature(CS, TS).
59
60=== modified file 'src/erlang-oauth/oauth_uri.erl'
61--- src/erlang-oauth/oauth_uri.erl 2009-08-24 15:44:14 +0000
62+++ src/erlang-oauth/oauth_uri.erl 2011-09-08 19:56:53 +0000
63@@ -6,14 +6,6 @@
64
65 -import(lists, [concat/1]).
66
67--define(is_uppercase_alpha(C), C >= $A, C =< $Z).
68--define(is_lowercase_alpha(C), C >= $a, C =< $z).
69--define(is_alpha(C), ?is_uppercase_alpha(C); ?is_lowercase_alpha(C)).
70--define(is_digit(C), C >= $0, C =< $9).
71--define(is_alphanumeric(C), ?is_alpha(C); ?is_digit(C)).
72--define(is_unreserved(C), ?is_alphanumeric(C); C =:= $-; C =:= $_; C =:= $.; C =:= $~).
73--define(is_hex(C), ?is_digit(C); C >= $A, C =< $F).
74-
75
76 normalize(URI) ->
77 case http_uri:parse(URI) of
78@@ -66,23 +58,41 @@
79 intersperse(Sep, [X|Xs]) ->
80 [X, Sep|intersperse(Sep, Xs)].
81
82-decode(Chars) ->
83- decode(Chars, []).
84-
85-decode([], Decoded) ->
86- lists:reverse(Decoded);
87-decode([$%,A,B|Etc], Decoded) when ?is_hex(A), ?is_hex(B) ->
88- decode(Etc, [erlang:list_to_integer([A,B], 16)|Decoded]);
89-decode([C|Etc], Decoded) when ?is_unreserved(C) ->
90- decode(Etc, [C|Decoded]).
91-
92-encode(Chars) ->
93- encode(Chars, []).
94-
95-encode([], Encoded) ->
96- lists:flatten(lists:reverse(Encoded));
97-encode([C|Etc], Encoded) when ?is_unreserved(C) ->
98- encode(Etc, [C|Encoded]);
99-encode([C|Etc], Encoded) ->
100- Value = io_lib:format("%~2.1.0s", [erlang:integer_to_list(C, 16)]),
101- encode(Etc, [Value|Encoded]).
102+-define(is_alphanum(C), C >= $A, C =< $Z; C >= $a, C =< $z; C >= $0, C =< $9).
103+
104+encode(Term) when is_integer(Term) ->
105+ integer_to_list(Term);
106+encode(Term) when is_atom(Term) ->
107+ encode(atom_to_list(Term));
108+encode(Term) when is_list(Term) ->
109+ encode(lists:reverse(Term, []), []).
110+
111+encode([X | T], Acc) when ?is_alphanum(X); X =:= $-; X =:= $_; X =:= $.; X =:= $~ ->
112+ encode(T, [X | Acc]);
113+encode([X | T], Acc) ->
114+ NewAcc = [$%, dec2hex(X bsr 4), dec2hex(X band 16#0f) | Acc],
115+ encode(T, NewAcc);
116+encode([], Acc) ->
117+ Acc.
118+
119+decode(Str) when is_list(Str) ->
120+ decode(Str, []).
121+
122+decode([$%, A, B | T], Acc) ->
123+ decode(T, [(hex2dec(A) bsl 4) + hex2dec(B) | Acc]);
124+decode([X | T], Acc) ->
125+ decode(T, [X | Acc]);
126+decode([], Acc) ->
127+ lists:reverse(Acc, []).
128+
129+-compile({inline, [{dec2hex, 1}, {hex2dec, 1}]}).
130+
131+dec2hex(N) when N >= 10 andalso N =< 15 ->
132+ N + $A - 10;
133+dec2hex(N) when N >= 0 andalso N =< 9 ->
134+ N + $0.
135+
136+hex2dec(C) when C >= $A andalso C =< $F ->
137+ C - $A + 10;
138+hex2dec(C) when C >= $0 andalso C =< $9 ->
139+ C - $0.

Subscribers

People subscribed via source and target branches