From 44d2208ac0bcf29d70fcd1c6363bcbfcdb8f1529 Mon Sep 17 00:00:00 2001 From: wiz Date: Thu, 10 Apr 2003 08:36:41 +0000 Subject: Update to 2.8.14: Changes with mod_ssl 2.8.14 (18-Mar-2002 to 21-Mar-2003) *) Fixed logic in the destruction of a temporary certificate structure and this way avoid a crash due to freeing NULL object. *) Removed one newly introduced X509_free() call in the context of SSL_get_certificate(), because this function does not increment a reference count (although SSL_get_peer_certificate() does). *) Fixed hash-table based shared memory session cache (shmht) implementation by making sure that the underlying hash table library does not crash if memory cannot be allocated. Changes with mod_ssl 2.8.13 (23-Oct-2002 to 18-Mar-2003) *) Always enforce RSA blinding on RSA private keys in order to be resistent to timing attacks. *) Added timeout also to the "pre-sucking" of the trailing data in POST request handling. *) Correctly shutdown shared memory pools on fork+exec situations. *) Bugfix SSL client certificate verification: OpenSSL was not informed with SSL_set_verify_result(ssl, X509_V_OK) in case mod_ssl forced the verification to be ok. *) Consistently use OPENSSL_free() instead of plain free() to deallocate memory chunks allocated inside OpenSSL. *) Fixed various memory leaks related to X509 certificates. New patch-ac sent to maintainer. --- www/ap-ssl/Makefile | 9 ++++----- www/ap-ssl/distinfo | 7 ++++--- www/ap-ssl/patches/patch-ac | 13 +++++++++++++ 3 files changed, 21 insertions(+), 8 deletions(-) create mode 100644 www/ap-ssl/patches/patch-ac (limited to 'www') diff --git a/www/ap-ssl/Makefile b/www/ap-ssl/Makefile index 71d6bc1cee5..03c1569d295 100644 --- a/www/ap-ssl/Makefile +++ b/www/ap-ssl/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.67 2003/03/14 19:37:59 jlam Exp $ +# $NetBSD: Makefile,v 1.68 2003/04/10 08:36:41 wiz Exp $ -DISTNAME= mod_ssl-2.8.12-1.3.27 -PKGNAME= ap-ssl-2.8.12 -PKGREVISION= 1 +DISTNAME= mod_ssl-2.8.14-1.3.27 +PKGNAME= ap-ssl-2.8.14 CATEGORIES= www security MASTER_SITES= http://www.modssl.org/source/ \ ftp://ftp.pca.dfn.de/pub/tools/net/mod_ssl/source/ \ @@ -14,7 +13,7 @@ COMMENT= SSL/TLS protocols module for Apache CONFLICTS= apache-1.3.[0-9] apache-*modssl-[0-9]* apache6-[0-9]* -BUILDLINK_DEPENDS.apache= apache>=1.3.27nb1 +BUILDLINK_DEPENDS.apache= apache>=1.3.27nb4 USE_BUILDLINK2= YES USE_PKGINSTALL= YES diff --git a/www/ap-ssl/distinfo b/www/ap-ssl/distinfo index a427b561a93..40f38a86567 100644 --- a/www/ap-ssl/distinfo +++ b/www/ap-ssl/distinfo @@ -1,6 +1,7 @@ -$NetBSD: distinfo,v 1.16 2002/12/03 14:31:32 grant Exp $ +$NetBSD: distinfo,v 1.17 2003/04/10 08:36:41 wiz Exp $ -SHA1 (mod_ssl-2.8.12-1.3.27.tar.gz) = 76842c9cb12442d845bfb8e6920da28809da74bd -Size (mod_ssl-2.8.12-1.3.27.tar.gz) = 753529 bytes +SHA1 (mod_ssl-2.8.14-1.3.27.tar.gz) = 9a9d783d096fd7312481c03421db56ee73b49546 +Size (mod_ssl-2.8.14-1.3.27.tar.gz) = 754179 bytes SHA1 (patch-aa) = 6b66b8d9e8bd03613376dca3b4e0dad3a2e7ed15 SHA1 (patch-ab) = 936bc956761559c51263cf7645d135abe40069cd +SHA1 (patch-ac) = ebdd43a3ce98fbd20ea515e06eb7f41d440cd294 diff --git a/www/ap-ssl/patches/patch-ac b/www/ap-ssl/patches/patch-ac new file mode 100644 index 00000000000..90319bd460e --- /dev/null +++ b/www/ap-ssl/patches/patch-ac @@ -0,0 +1,13 @@ +$NetBSD: patch-ac,v 1.1 2003/04/10 08:36:42 wiz Exp $ + +--- pkg.sslmod/ssl_util_ssl.h.orig Thu Oct 24 09:08:11 2002 ++++ pkg.sslmod/ssl_util_ssl.h +@@ -86,7 +86,7 @@ + /* + * Backward compatibility. + */ +-#if SSL_LIBRARY_VERSION < 0x00906100 ++#ifndef OPENSSL_free + #define OPENSSL_free free + #endif + -- cgit v1.2.3