patch-aa:

add a local copy of SSL_SESSION_cmp which is missing in openssl 1.0.0 betas.
based on hack found at: http://trac.macports.org/ticket/19124
This fixes subversion-base build on NetBSD-current.

While here update to neon-0.28.5.

Changes in release neon 0.28.5, 3 July 2009 (PGP signature)
* Enable support for X.509v1 CA certificates in GnuTLS.
* Fix handling of EINTR in connect() calls.
* Fix use of builds with SOCK_CLOEXEC support on older Linux kernels.

Changes in release neon 0.28.4, 3 March 2009 (PGP signature)
* Fix ne_forget_auth (Kai Sommerfeld)
* GnuTLS support fixes:
  o fix handling of PKCS#12 client certs with multiple certs or keys
  o fix crash with OpenPGP certificate
  o use pkg-config data in configure, in preference to libgnutls-config
* Add PKCS#11 support for OpenSSL builds (where pakchois is available)
* Fix small memory leak in PKCS#11 code.
* Fix build on Haiku (scott mc)

3 files changed, 39 insertions, 6 deletions

diff --git a/www/neon/Makefile b/www/neon/Makefile
index a05d954ea3a..81eefe097a4 100644
--- a/www/neon/Makefile
+++ b/www/neon/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.45 2009/04/06 12:54:06 markd Exp $
+# $NetBSD: Makefile,v 1.46 2009/07/24 15:18:24 tnn Exp $
 
-DISTNAME=	neon-0.28.3
+DISTNAME=	neon-0.28.5
 CATEGORIES=	www
 MASTER_SITES=	http://www.webdav.org/neon/
 
diff --git a/www/neon/distinfo b/www/neon/distinfo
index ff0a311d087..ddab57a0608 100644
--- a/www/neon/distinfo
+++ b/www/neon/distinfo
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.18 2009/04/06 12:54:06 markd Exp $
+$NetBSD: distinfo,v 1.19 2009/07/24 15:18:24 tnn Exp $
 
-SHA1 (neon-0.28.3.tar.gz) = 544a92dbfba144ec600506cadbda92ae0b0eb9b0
-RMD160 (neon-0.28.3.tar.gz) = de6666a3f0e006e208b38a8133b43f647e35ddf8
-Size (neon-0.28.3.tar.gz) = 799681 bytes
+SHA1 (neon-0.28.5.tar.gz) = cc07c9d2967cf9b290514ad2fc756abe1f854eba
+RMD160 (neon-0.28.5.tar.gz) = 21abcf12dd813bc464f6579995ff8912a9e1996e
+Size (neon-0.28.5.tar.gz) = 777079 bytes
+SHA1 (patch-aa) = e6284e486fa5789a65827a4d6c1b4d0911523774
diff --git a/www/neon/patches/patch-aa b/www/neon/patches/patch-aa
new file mode 100644
index 00000000000..17312ecf714
--- /dev/null
+++ b/www/neon/patches/patch-aa
@@ -0,0 +1,32 @@
+$NetBSD: patch-aa,v 1.1 2009/07/24 15:18:24 tnn Exp $
+
+add a local copy of SSL_SESSION_cmp which is missing in openssl 1.0.0 betas.
+based on hack found at: http://trac.macports.org/ticket/19124
+
+--- src/ne_openssl.c.orig	2008-10-30 21:23:54.000000000 +0100
++++ src/ne_openssl.c
+@@ -593,6 +593,15 @@ void ne_ssl_context_destroy(ne_ssl_conte
+     ne_free(ctx);
+ }
+ 
++static int static_SSL_SESSION_cmp(const SSL_SESSION *a,const SSL_SESSION *b)
++{
++    if (a->ssl_version != b->ssl_version)
++        return(1);
++    if (a->session_id_length != b->session_id_length)
++        return(1);
++    return(memcmp(a->session_id, b->session_id, a->session_id_length));
++}
++
+ /* For internal use only. */
+ int ne__negotiate_ssl(ne_session *sess)
+ {
+@@ -675,7 +684,7 @@ int ne__negotiate_ssl(ne_session *sess)
+     if (ctx->sess) {
+         SSL_SESSION *newsess = SSL_get0_session(ssl);
+         /* Replace the session if it has changed. */ 
+-        if (newsess != ctx->sess || SSL_SESSION_cmp(ctx->sess, newsess)) {
++        if (newsess != ctx->sess || static_SSL_SESSION_cmp(ctx->sess, newsess)) {
+             SSL_SESSION_free(ctx->sess);
+             ctx->sess = SSL_get1_session(ssl); /* bumping the refcount */
+         }