From aabc40fadefac9ad55aec37a6693de06d7ba15f2 Mon Sep 17 00:00:00 2001 From: abs Date: Tue, 4 Dec 2007 12:08:45 +0000 Subject: Update www/apache to 2.2.6nb1 Add apache SVN revision 574884 to fix garbage characters in Server header http://issues.apache.org/bugzilla/show_bug.cgi?id=43334 When it hits, this issue can completely screw up returned pages if the Server header gets embedded newlines --- www/apache22/Makefile | 4 ++-- www/apache22/distinfo | 3 ++- www/apache22/patches/patch-ab | 53 +++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 57 insertions(+), 3 deletions(-) create mode 100644 www/apache22/patches/patch-ab (limited to 'www') diff --git a/www/apache22/Makefile b/www/apache22/Makefile index 57b758dc674..083146a5abe 100644 --- a/www/apache22/Makefile +++ b/www/apache22/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.20 2007/09/09 08:12:58 rillig Exp $ +# $NetBSD: Makefile,v 1.21 2007/12/04 12:08:45 abs Exp $ .include "Makefile.common" PKGNAME= apache-${APACHE_VERSION} -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= www HOMEPAGE= http://httpd.apache.org/ diff --git a/www/apache22/distinfo b/www/apache22/distinfo index 401a282c6a0..c3220b809f7 100644 --- a/www/apache22/distinfo +++ b/www/apache22/distinfo @@ -1,9 +1,10 @@ -$NetBSD: distinfo,v 1.7 2007/09/08 11:02:07 tron Exp $ +$NetBSD: distinfo,v 1.8 2007/12/04 12:08:45 abs Exp $ SHA1 (httpd-2.2.6.tar.bz2) = e6ef926ecd1f9a412af8c266239f0a6f58c63854 RMD160 (httpd-2.2.6.tar.bz2) = 5ae895c6898213e1e3b7e7b02cdfcbe5b36a108f Size (httpd-2.2.6.tar.bz2) = 4717066 bytes SHA1 (patch-aa) = ae5b34058fc6455cfa9e3d52a50829155ce2eb11 +SHA1 (patch-ab) = 7045de8ace1c13f537029931947048624c929dbe SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad SHA1 (patch-ad) = 088d6ff0e7a8acfe70b4f85a6ce58d42c935fd13 SHA1 (patch-ae) = 86b307d6eefef232b6223afc3f69e64be40bd913 diff --git a/www/apache22/patches/patch-ab b/www/apache22/patches/patch-ab new file mode 100644 index 00000000000..04390375023 --- /dev/null +++ b/www/apache22/patches/patch-ab @@ -0,0 +1,53 @@ +$NetBSD: patch-ab,v 1.4 2007/12/04 12:08:45 abs Exp $ + +# apache SVN revision 574884 to fix garbage characters in Server header +# http://issues.apache.org/bugzilla/show_bug.cgi?id=43334 + +--- modules/ssl/ssl_engine_vars.c.orig 2007-08-28 14:40:01.000000000 +0100 ++++ modules/ssl/ssl_engine_vars.c +@@ -49,7 +49,7 @@ static char *ssl_var_lookup_ssl_cert_PEM + static char *ssl_var_lookup_ssl_cert_verify(apr_pool_t *p, conn_rec *c); + static char *ssl_var_lookup_ssl_cipher(apr_pool_t *p, conn_rec *c, char *var); + static void ssl_var_lookup_ssl_cipher_bits(SSL *ssl, int *usekeysize, int *algkeysize); +-static char *ssl_var_lookup_ssl_version(apr_pool_t *p, char *var); ++static char *ssl_var_lookup_ssl_version(apr_pool_t *pp, apr_pool_t *p, char *var); + static char *ssl_var_lookup_ssl_compress_meth(SSL *ssl); + + static int ssl_is_https(conn_rec *c) +@@ -190,7 +190,7 @@ char *ssl_var_lookup(apr_pool_t *p, serv + */ + if (result == NULL) { + if (strlen(var) > 12 && strcEQn(var, "SSL_VERSION_", 12)) +- result = ssl_var_lookup_ssl_version(p, var+12); ++ result = ssl_var_lookup_ssl_version(s->process->pool, p, var+12); + else if (strcEQ(var, "SERVER_SOFTWARE")) + result = ap_get_server_banner(); + else if (strcEQ(var, "API_VERSION")) { +@@ -262,7 +262,8 @@ static char *ssl_var_lookup_ssl(apr_pool + + ssl = sslconn->ssl; + if (strlen(var) > 8 && strcEQn(var, "VERSION_", 8)) { +- result = ssl_var_lookup_ssl_version(p, var+8); ++ result = ssl_var_lookup_ssl_version(c->base_server->process->pool, ++ p, var+8); + } + else if (ssl != NULL && strcEQ(var, "PROTOCOL")) { + result = (char *)SSL_get_version(ssl); +@@ -633,7 +634,7 @@ static void ssl_var_lookup_ssl_cipher_bi + return; + } + +-static char *ssl_var_lookup_ssl_version(apr_pool_t *p, char *var) ++static char *ssl_var_lookup_ssl_version(apr_pool_t *pp, apr_pool_t *p, char *var) + { + static char interface[] = "mod_ssl/" MOD_SSL_VERSION; + static char library_interface[] = SSL_LIBRARY_TEXT; +@@ -642,7 +643,7 @@ static char *ssl_var_lookup_ssl_version( + + if (!library) { + char *cp, *cp2; +- library = apr_pstrdup(p, SSL_LIBRARY_DYNTEXT); ++ library = apr_pstrdup(pp, SSL_LIBRARY_DYNTEXT); + if ((cp = strchr(library, ' ')) != NULL) { + *cp = '/'; + if ((cp2 = strchr(cp, ' ')) != NULL) -- cgit v1.2.3