Merge lp:~jsjgruber/ubuntu/oneiric/couchdb/couchdb.fix780972.r1039345 into lp:ubuntu/oneiric/couchdb

Proposed by John S. Gruber on 2011-09-08
Status: Rejected
Rejected by: St├ęphane Graber on 2011-11-09
Proposed branch: lp:~jsjgruber/ubuntu/oneiric/couchdb/couchdb.fix780972.r1039345
Merge into: lp:ubuntu/oneiric/couchdb
Diff against target: 139 lines (+48/-32)
6 files modified
debian/changelog (+6/-0)
src/erlang-oauth/oauth.app.in (+1/-1)
src/erlang-oauth/oauth_hmac_sha1.erl (+1/-1)
src/erlang-oauth/oauth_http.erl (+1/-1)
src/erlang-oauth/oauth_plaintext.erl (+1/-1)
src/erlang-oauth/oauth_uri.erl (+38/-28)
To merge this branch: bzr merge lp:~jsjgruber/ubuntu/oneiric/couchdb/couchdb.fix780972.r1039345
Reviewer Review Type Date Requested Status
dobey (community) Disapprove on 2011-09-13
Ubuntu branches 2011-09-08 Pending
Review via email: mp+74677@code.launchpad.net

Description of the change

Proposed fix for LP: #780972, cherry picking from couchdb upstream svn r1039345.

Test build is in ppa:jsjgruber/ppa couchdb -- 1.0.1-0ubuntu17~jsg4.whole.patch

i386 build log is at: https://launchpad.net/~jsjgruber/+archive/ppa/+build/2773697/+files/buildlog_ubuntu-oneiric-i386.couchdb_1.0.1-0ubuntu17%7Ejsg4.whole.patch_BUILDING.txt.gz

to test use the command:

python -c "from desktopcouch.application.server import *; d=DesktopDatabase('test', create=True)"

Which should return without a traceback. The bug causes this to produce an unauthorized exception.

To post a comment you must log in.
dobey (dobey) wrote :

I'm voting my disapproval of this branch, not because I think the patch is bad, but because of how it is applied. Patches need to be files under debian/patches/ (like all the other patches in this package), and not direct changes in the tree. You also should not include your PPA ~version piece in the changelog version string for an upload into Ubuntu proper.

Since it was quick to do, I've went ahead and made another branch and proposed it, by making the changes into a proper patch, and tweaking the changelog entry, while still properly attributing the fix to you. It is at https://code.launchpad.net/~dobey/ubuntu/oneiric/couchdb/fix-780972/+merge/75238

Thanks.

review: Disapprove

Unmerged revisions

56. By John S. Gruber on 2011-09-08

Backport svn r1039345 from 1.0.3., fixing LP: #780972.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'debian/changelog'
2--- debian/changelog 2011-06-14 17:47:09 +0000
3+++ debian/changelog 2011-09-08 19:56:53 +0000
4@@ -1,3 +1,9 @@
5+couchdb (1.0.1-0ubuntu17~jsg4.whole.patch) oneiric; urgency=low
6+
7+ * Backport svn r1039345 from 1.0.3., fixing LP: #780972.
8+
9+ -- John S Gruber <johnsgruber@gmail.com> Fri, 02 Sep 2011 01:02:01 -0400
10+
11 couchdb (1.0.1-0ubuntu16) oneiric; urgency=low
12
13 * Update Spidermonkey 1.8.5 patchset to the more palatable ones I'm
14
15=== modified file 'src/erlang-oauth/oauth.app.in'
16--- src/erlang-oauth/oauth.app.in 2010-07-26 10:24:11 +0000
17+++ src/erlang-oauth/oauth.app.in 2011-09-08 19:56:53 +0000
18@@ -1,6 +1,6 @@
19 {application, oauth, [
20 {description, "Erlang OAuth implementation"},
21- {vsn, "dev"},
22+ {vsn, "7d85d3ef"},
23 {modules, [
24 oauth,
25 oauth_hmac_sha1,
26
27=== modified file 'src/erlang-oauth/oauth_hmac_sha1.erl'
28--- src/erlang-oauth/oauth_hmac_sha1.erl 2010-07-26 10:24:11 +0000
29+++ src/erlang-oauth/oauth_hmac_sha1.erl 2011-09-08 19:56:53 +0000
30@@ -8,4 +8,4 @@
31 base64:encode_to_string(crypto:sha_mac(Key, BaseString)).
32
33 verify(Signature, BaseString, CS, TS) ->
34- couch_util:verify(signature(BaseString, CS, TS), Signature).
35+ Signature =:= signature(BaseString, CS, TS).
36
37=== modified file 'src/erlang-oauth/oauth_http.erl'
38--- src/erlang-oauth/oauth_http.erl 2009-08-24 15:44:14 +0000
39+++ src/erlang-oauth/oauth_http.erl 2011-09-08 19:56:53 +0000
40@@ -10,7 +10,7 @@
41 request(post, {URL, [], "application/x-www-form-urlencoded", Data}).
42
43 request(Method, Request) ->
44- http:request(Method, Request, [{autoredirect, false}], []).
45+ httpc:request(Method, Request, [{autoredirect, false}], []).
46
47 response_params(Response) ->
48 oauth_uri:params_from_string(response_body(Response)).
49
50=== modified file 'src/erlang-oauth/oauth_plaintext.erl'
51--- src/erlang-oauth/oauth_plaintext.erl 2010-07-26 10:24:11 +0000
52+++ src/erlang-oauth/oauth_plaintext.erl 2011-09-08 19:56:53 +0000
53@@ -7,4 +7,4 @@
54 oauth_uri:calate("&", [CS, TS]).
55
56 verify(Signature, CS, TS) ->
57- couch_util:verify(signature(CS, TS), Signature).
58+ Signature =:= signature(CS, TS).
59
60=== modified file 'src/erlang-oauth/oauth_uri.erl'
61--- src/erlang-oauth/oauth_uri.erl 2009-08-24 15:44:14 +0000
62+++ src/erlang-oauth/oauth_uri.erl 2011-09-08 19:56:53 +0000
63@@ -6,14 +6,6 @@
64
65 -import(lists, [concat/1]).
66
67--define(is_uppercase_alpha(C), C >= $A, C =< $Z).
68--define(is_lowercase_alpha(C), C >= $a, C =< $z).
69--define(is_alpha(C), ?is_uppercase_alpha(C); ?is_lowercase_alpha(C)).
70--define(is_digit(C), C >= $0, C =< $9).
71--define(is_alphanumeric(C), ?is_alpha(C); ?is_digit(C)).
72--define(is_unreserved(C), ?is_alphanumeric(C); C =:= $-; C =:= $_; C =:= $.; C =:= $~).
73--define(is_hex(C), ?is_digit(C); C >= $A, C =< $F).
74-
75
76 normalize(URI) ->
77 case http_uri:parse(URI) of
78@@ -66,23 +58,41 @@
79 intersperse(Sep, [X|Xs]) ->
80 [X, Sep|intersperse(Sep, Xs)].
81
82-decode(Chars) ->
83- decode(Chars, []).
84-
85-decode([], Decoded) ->
86- lists:reverse(Decoded);
87-decode([$%,A,B|Etc], Decoded) when ?is_hex(A), ?is_hex(B) ->
88- decode(Etc, [erlang:list_to_integer([A,B], 16)|Decoded]);
89-decode([C|Etc], Decoded) when ?is_unreserved(C) ->
90- decode(Etc, [C|Decoded]).
91-
92-encode(Chars) ->
93- encode(Chars, []).
94-
95-encode([], Encoded) ->
96- lists:flatten(lists:reverse(Encoded));
97-encode([C|Etc], Encoded) when ?is_unreserved(C) ->
98- encode(Etc, [C|Encoded]);
99-encode([C|Etc], Encoded) ->
100- Value = io_lib:format("%~2.1.0s", [erlang:integer_to_list(C, 16)]),
101- encode(Etc, [Value|Encoded]).
102+-define(is_alphanum(C), C >= $A, C =< $Z; C >= $a, C =< $z; C >= $0, C =< $9).
103+
104+encode(Term) when is_integer(Term) ->
105+ integer_to_list(Term);
106+encode(Term) when is_atom(Term) ->
107+ encode(atom_to_list(Term));
108+encode(Term) when is_list(Term) ->
109+ encode(lists:reverse(Term, []), []).
110+
111+encode([X | T], Acc) when ?is_alphanum(X); X =:= $-; X =:= $_; X =:= $.; X =:= $~ ->
112+ encode(T, [X | Acc]);
113+encode([X | T], Acc) ->
114+ NewAcc = [$%, dec2hex(X bsr 4), dec2hex(X band 16#0f) | Acc],
115+ encode(T, NewAcc);
116+encode([], Acc) ->
117+ Acc.
118+
119+decode(Str) when is_list(Str) ->
120+ decode(Str, []).
121+
122+decode([$%, A, B | T], Acc) ->
123+ decode(T, [(hex2dec(A) bsl 4) + hex2dec(B) | Acc]);
124+decode([X | T], Acc) ->
125+ decode(T, [X | Acc]);
126+decode([], Acc) ->
127+ lists:reverse(Acc, []).
128+
129+-compile({inline, [{dec2hex, 1}, {hex2dec, 1}]}).
130+
131+dec2hex(N) when N >= 10 andalso N =< 15 ->
132+ N + $A - 10;
133+dec2hex(N) when N >= 0 andalso N =< 9 ->
134+ N + $0.
135+
136+hex2dec(C) when C >= $A andalso C =< $F ->
137+ C - $A + 10;
138+hex2dec(C) when C >= $0 andalso C =< $9 ->
139+ C - $0.

Subscribers

People subscribed via source and target branches