Add patch from apache's CVS to fix SSL_Util_UUEncode_Binaty stack buffer

overflow vulnerability.

	http://www.securityfocus.com/bid/10355

Bump package revision.

1 files changed, 35 insertions, 0 deletions

diff --git a/www/apache2/patches/patch-as b/www/apache2/patches/patch-as
new file mode 100644
index 00000000000..68153daf2ce
--- /dev/null
+++ b/www/apache2/patches/patch-as
@@ -0,0 +1,35 @@
+$NetBSD: patch-as,v 1.1 2004/06/05 16:21:44 taca Exp $
+
+--- modules/ssl/ssl_engine_kernel.c.orig	2004-02-10 05:53:20.000000000 +0900
++++ modules/ssl/ssl_engine_kernel.c
+@@ -793,7 +793,6 @@ int ssl_hook_UserCheck(request_rec *r)
+     SSLConnRec *sslconn = myConnConfig(r->connection);
+     SSLSrvConfigRec *sc = mySrvConfig(r->server);
+     SSLDirConfigRec *dc = myDirConfig(r);
+-    char buf1[MAX_STRING_LEN], buf2[MAX_STRING_LEN];
+     char *clientdn;
+     const char *auth_line, *username, *password;
+ 
+@@ -872,14 +871,16 @@ int ssl_hook_UserCheck(request_rec *r)
+      * adding the string "xxj31ZMTZzkVA" as the password in the user file.
+      * This is just the crypted variant of the word "password" ;-)
+      */
+-    apr_snprintf(buf1, sizeof(buf1), "%s:password", clientdn);
+-    ssl_util_uuencode(buf2, buf1, FALSE);
+-
+-    apr_snprintf(buf1, sizeof(buf1), "Basic %s", buf2);
+-    apr_table_set(r->headers_in, "Authorization", buf1);
++    auth_line = apr_pstrcat(r->pool, "Basic ", 
++			    ap_pbase64encode(r->pool, 
++					     apr_pstrcat(r->pool, clientdn, 
++							 ":password", NULL)),
++                            NULL);
++    apr_table_set(r->headers_in, "Authorization", auth_line);
+ 
+     ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server,
+-                 "Faking HTTP Basic Auth header: \"Authorization: %s\"", buf1);
++		 "Faking HTTP Basic Auth header: \"Authorization: %s\"",
++		 auth_line);
+ 
+     return DECLINED;
+ }