Update "apr" package to version 0.9.12.2.0.58 and "apache" package

to version 2.0.58. Change since Apache relase 2.0.55:
- Legal: Restored original years in copyright notices.
- mod_cgid: run the get_suexec_identity hook within the request-handler
  instead of within cgid. Apache#36410.
- core: Prevent read of unitialized memory in ap_rgetline_core.
  Apache#39282.
- mod_proxy: Report the proxy server name correctly in the "Via:" header,
  when UseCanonicalName is Off. Apache#11971.
- mod_isapi: Various trivial code-fixes to permit mod_isapi to load and
  run on Unix.
- HTML-escape the Expect error message.  Not classed as security as
  an attacker has no way to influence the Expect header a victim will
  send to a target site.  Reported by Thiago Zaninotti
  <thiango nstalker.com>.
- SECURITY: CVE-2005-3357 (cve.mitre.org)
  mod_ssl: Fix a possible crash during access control checks if a
  non-SSL request is processed for an SSL vhost (such as the
  "HTTP request received on SSL port" error message when an 400
  ErrorDocument is configured, or if using "SSLEngine optional").
  Apache#37791.
- SECURITY: CVE-2005-3352 (cve.mitre.org)
  mod_imap: Escape untrusted referer header before outputting in HTML
  to avoid potential cross-site scripting.  Change also made to
  ap_escape_html so we escape quotes.  Reported by JPCERT.
- Add APR/APR-Util Compiled and Runtime Version numbers to the
  output of 'httpd -V'.
- Ensure that the proper status line is written to the client, fixing
  incorrect status lines caused by filters which modify r->status without
  resetting r->status_line, such as the built-in byterange filter.
- Default handler: Don't return output filter apr_status_t values.
  Apache#31759.
- mod_speling: Stop crashing with certain non-file requests.
- keep the Content-Length header for a HEAD with no response body.
  Apache#18757
- Modify apr[util] .h detection to avoid breakage on VPATH builds
  using Solaris make (amoung others) and avoid breakage in ./buildconf
  when srclib/apr[-util] are symlinks rather than directories proper.
- Avoid server-driven negotiation when a CGI script has emitted an
  explicit "Status:" header. Apache#38070.
- mod_log_config now logs all Set-Cookie headers if the %{Set-Cookie}o
  format is used. Apache#27787.
- mod_cache: Correctly handle responses with a 301 status. Apache#37347.
- mod_proxy_http: Prevent data corruption of POST request bodies when
  client accesses proxied resources with SSL. Apache#37145.
- Elimiated the NET_TIME filter, restructuring the timeout logic.
  This provides a working mod_echo on all platforms, and ensures any
  custom protocol module is at least given an initial timeout value
  based on the <VirtualHost > context's Timeout directive.
- mod_ssl: Correct issue where mod_ssl does not pick up the
  ssl-unclean-shutdown setting when configured. Apache#34452.
- Document the ReceiveBufferSize change done in r157583.
- mod_deflate: Merge the Vary header, instead of Setting it. Fixes
  applications that send the Vary Header themselves. Apache#37559.
- mod_dav: Fix a null pointer dereference in an error code path during the
  handling of MKCOL.
- mod_mime_magic: Handle CRLF-format magic files so that it works with
  the default installation on Windows.
- Write message to error log if AuthGroupFile cannot be opened.
  Apache#37566.
- Add ReceiveBufferSize directive to control the TCP receive buffer.
- mod_cache: Fix 'Vary: *' behavior to be RFC compliant. Apache#16125.
- Remove the base href tag from proxy_ftp, as it breaks relative
  links for clients not using an Authorization header.
- http_request.c: Add missing va_end call.
- Add httxt2dbm to support/ for creating RewriteMap DBM Files.
- support/check_forensic: Fix temp file usage
- Chunk filter: Fix chunk filter to create correct chunks in the case that
  a flush bucket is surrounded by data buckets.
- mod_cgi(d): Remove block on OPTIONS method so that scripts can
  respond to OPTIONS directly rather than via server default.
  Apache#15242
- Added new module mod_version, which provides version dependent
  configuration containers.
- Add core version query function (ap_get_server_revision) and
  accompanying ap_version_t structure (minor MMN bump).

6 files changed, 17 insertions, 47 deletions

diff --git a/www/apache2/Makefile b/www/apache2/Makefile
index f5bff945764..0fe954ca682 100644
--- a/www/apache2/Makefile
+++ b/www/apache2/Makefile
@@ -1,9 +1,8 @@
-# $NetBSD: Makefile,v 1.100 2006/04/24 20:10:02 tv Exp $
+# $NetBSD: Makefile,v 1.101 2006/05/07 12:35:27 tron Exp $
 
 .include "Makefile.common"
 
 PKGNAME=	apache-${APACHE_VERSION}
-PKGREVISION=	8
 CATEGORIES=	www
 
 HOMEPAGE=	http://httpd.apache.org/
@@ -27,7 +26,7 @@ CONFIGURE_ENV+=		perlbin=${PERL5:Q}
 CONFIGURE_ARGS+=	--with-apr=${BUILDLINK_PREFIX.apr}
 CONFIGURE_ARGS+=	--with-apr-util=${BUILDLINK_PREFIX.apr}
 
-BUILDLINK_API_DEPENDS.apr+=	apr>=0.9.7.2.0.55
+BUILDLINK_API_DEPENDS.apr+=	apr>=0.9.12.2.0.58
 
 # the following must be set before bsd.prefs.mk in order to make += work
 # in mk.conf; however, it isn't expanded until referenced, so we can
diff --git a/www/apache2/Makefile.common b/www/apache2/Makefile.common
index b10d9cbdf7d..b83955e84bb 100644
--- a/www/apache2/Makefile.common
+++ b/www/apache2/Makefile.common
@@ -1,11 +1,11 @@
-# $NetBSD: Makefile.common,v 1.19 2005/10/17 10:37:11 tron Exp $
+# $NetBSD: Makefile.common,v 1.20 2006/05/07 12:35:27 tron Exp $
 
 DISTNAME=		httpd-${APACHE_VERSION}
 EXTRACT_SUFX=		.tar.bz2
 # When updating this version be sure to update the checksum and remove
 # any PKGREVISION for devel/apr also.
-APACHE_VERSION=		2.0.55
-APR_VERSION=		0.9.7
+APACHE_VERSION=		2.0.58
+APR_VERSION=		0.9.12
 MASTER_SITES=		${MASTER_SITE_APACHE:=httpd/} \
 			${MASTER_SITE_APACHE:=httpd/old/} \
 			http://www.NetBSD.org/images/logos/
diff --git a/www/apache2/PLIST b/www/apache2/PLIST
index e21c37b37bc..4bddac45861 100644
--- a/www/apache2/PLIST
+++ b/www/apache2/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.32 2005/10/23 20:14:43 jlam Exp $
+@comment $NetBSD: PLIST,v 1.33 2006/05/07 12:35:27 tron Exp $
 include/httpd/ap_compat.h
 include/httpd/ap_config.h
 include/httpd/ap_config_auto.h
@@ -75,6 +75,7 @@ sbin/htdbm
 sbin/htdigest
 sbin/htpasswd
 sbin/httpd
+sbin/httxt2dbm
 sbin/logresolve
 sbin/mkcert
 sbin/rotatelogs
@@ -773,6 +774,10 @@ share/httpd/manual/mod/mod_userdir.html.ja.euc-jp
 share/httpd/manual/mod/mod_userdir.html.ko.euc-kr
 share/httpd/manual/mod/mod_usertrack.html
 share/httpd/manual/mod/mod_usertrack.html.en
+share/httpd/manual/mod/mod_version.html
+share/httpd/manual/mod/mod_version.html.en
+share/httpd/manual/mod/mod_version.html.ja.euc-jp
+share/httpd/manual/mod/mod_version.html.ko.euc-kr
 share/httpd/manual/mod/mod_vhost_alias.html
 share/httpd/manual/mod/mod_vhost_alias.html.en
 share/httpd/manual/mod/module-dict.html
@@ -944,6 +949,7 @@ share/httpd/manual/style/css/manual-zip-100pc.css
 share/httpd/manual/style/css/manual-zip.css
 share/httpd/manual/style/css/manual.css
 share/httpd/manual/style/faq.dtd
+share/httpd/manual/style/lang.dtd
 share/httpd/manual/style/latex/atbeginend.sty
 share/httpd/manual/style/latex/common.xsl
 share/httpd/manual/style/latex/directiveindex.xsl
@@ -964,6 +970,7 @@ share/httpd/manual/style/manual.ru.xsl
 share/httpd/manual/style/manualpage.dtd
 share/httpd/manual/style/modulesynopsis.dtd
 share/httpd/manual/style/sitemap.dtd
+share/httpd/manual/style/version.ent
 share/httpd/manual/style/xsl/common.xsl
 share/httpd/manual/style/xsl/directiveindex.xsl
 share/httpd/manual/style/xsl/faq.xsl
diff --git a/www/apache2/distinfo b/www/apache2/distinfo
index 746e248d8cb..b6c1adce7b2 100644
--- a/www/apache2/distinfo
+++ b/www/apache2/distinfo
@@ -1,14 +1,12 @@
-$NetBSD: distinfo,v 1.46 2006/01/21 13:02:21 tron Exp $
+$NetBSD: distinfo,v 1.47 2006/05/07 12:35:27 tron Exp $
 
-SHA1 (httpd-2.0.55.tar.bz2) = ab016aace57f34cb3eae5c9d48f2bcc5759d6c84
-RMD160 (httpd-2.0.55.tar.bz2) = 04749dcf9ea369152eddf9422e49bc0a77a443eb
-Size (httpd-2.0.55.tar.bz2) = 4745220 bytes
+SHA1 (httpd-2.0.58.tar.bz2) = 697e1674f8efbbe05b9f6c1ba00cd28a37293229
+RMD160 (httpd-2.0.58.tar.bz2) = 2ff44b2254552db908f1defd09e3142527f9bf83
+Size (httpd-2.0.58.tar.bz2) = 4704318 bytes
 SHA1 (patch-aa) = bff1ef591f5361e7169ff9005dcf86437b9dac23
 SHA1 (patch-ab) = 387892276efd49fd081a187c1123de26fb6486ba
 SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad
 SHA1 (patch-ad) = 8c6f62346ffb5069de89a50516a3da2c6104e09b
-SHA1 (patch-ae) = 4d906691447dd718547b18ebfbb80322443afcda
-SHA1 (patch-af) = c5e5fa2ddbf7f448249c9696886e960438a9511c
 SHA1 (patch-ag) = 78dcb023f524ef65928b529320932c9664ec0d01
 SHA1 (patch-ai) = 4dc88c15b0525a5aabc80d5c2a0720cd260629de
 SHA1 (patch-ak) = f11a86b1235d5c595fa381bbb474db4fe8448215
diff --git a/www/apache2/patches/patch-ae b/www/apache2/patches/patch-ae
deleted file mode 100644
index ea60df07095..00000000000
--- a/www/apache2/patches/patch-ae
+++ /dev/null
@@ -1,13 +0,0 @@
-$NetBSD: patch-ae,v 1.7 2005/12/15 11:29:00 tron Exp $
-
---- modules/mappers/mod_imap.c.orig	2005-02-04 20:21:18.000000000 +0000
-+++ modules/mappers/mod_imap.c	2005-12-15 11:23:25.000000000 +0000
-@@ -342,7 +342,7 @@
-     if (!strcasecmp(value, "referer")) {
-         referer = apr_table_get(r->headers_in, "Referer");
-         if (referer && *referer) {
--	    return apr_pstrdup(r->pool, referer);
-+	    return ap_escape_html(r->pool, referer);
-         }
-         else {
- 	    /* XXX:  This used to do *value = '\0'; ... which is totally bogus
diff --git a/www/apache2/patches/patch-af b/www/apache2/patches/patch-af
deleted file mode 100644
index b530d5d39aa..00000000000
--- a/www/apache2/patches/patch-af
+++ /dev/null
@@ -1,21 +0,0 @@
-$NetBSD: patch-af,v 1.6 2006/01/21 13:02:21 tron Exp $
-
---- modules/ssl/ssl_engine_kernel.c.orig
-+++ modules/ssl/ssl_engine_kernel.c
-@@ -202,11 +202,14 @@
-     }
- 
-     /*
--     * Check to see if SSL protocol is on
-+     * Check to see whether SSL is in use; if it's not, then no
-+     * further access control checks are relevant.  (the test for
-+     * sc->enabled is probably strictly unnecessary)
-      */
--    if (!(sc->enabled || ssl)) {
-+    if (!sc->enabled || !ssl) {
-         return DECLINED;
-     }
-+
-     /*
-      * Support for per-directory reconfigured SSL connection parameters.
-      *