From: Peter Palfrader <peter@palfrader.org>
Date: Sat, 10 Jan 2009 13:54:49 +0000 (+0100)
Subject: Do not allow include statements in sites
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=dsa-metapackages.git;a=commitdiff_plain;h=15fadc336d0d511bd4faac6f1031985070d9a12d;hp=09efc8cd9d37f03c72dae07112972b145fee82b8;ds=sidebyside

Do not allow include statements in sites
---

diff --git a/apache2-vhost-update b/apache2-vhost-update
index 61c5bf3..a61369e 100755
--- a/apache2-vhost-update
+++ b/apache2-vhost-update
@@ -112,8 +112,16 @@ if [ "$?" != "0" ]; then
 	echo "Could not get a lock/checkout $DESTINATION/$site." >&2
 	exit 1
 fi
+
 cp -f "$STATINGDIR/$site" "$DESTINATION/$site"
 
+if grep -i include "$DESTINATION/$site" > /dev/null; then
+	echo "New site may have include statements - rejecting." >&2
+	rm -f "$DESTINATION/$site"
+	co "$DESTINATION/$site"
+	exit 1
+fi
+
 /usr/sbin/apache2ctl configtest
 if [ "$?" != "0" ]; then
 	echo "configtest returned errors; reverting." >&2
diff --git a/debian/changelog b/debian/changelog
index 1afa4c8..03fe383 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+debian.org (10) stable; urgency=low
+
+  * Do not allow include statements.
+
+ -- Peter Palfrader <weasel@debian.org>  Sat, 10 Jan 2009 14:54:34 +0100
+
 debian.org (9) stable; urgency=low
 
   * Make restart-apache way more powerful.