Git-Url:
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=d3aa48cc169053ed86e43825641418d3ab41ced4
commit d3aa48cc169053ed86e43825641418d3ab41ced4
Author: Miklos Vajna <vmik...@frugalware.org>
Date: Thu Nov 12 11:52:57 2009 +0100
lighttpd-1.4.24-1-i686
- version bump
diff --git a/source/network-extra/lighttpd/CVE-2008-1531.patch
b/source/network-extra/lighttpd/CVE-2008-1531.patch
deleted file mode 100644
index f26e9ce..0000000
--- a/source/network-extra/lighttpd/CVE-2008-1531.patch
+++ /dev/null
@@ -1,100 +0,0 @@
-diff -Naur lighttpd-1.4.19/NEWS lighttpd-1.4.19-p/NEWS
---- lighttpd-1.4.19/NEWS 2008-03-10 22:28:30.000000000 +0100
-+++ lighttpd-1.4.19-p/NEWS 2008-04-02 21:38:01.000000000 +0200
-@@ -8,6 +8,7 @@
- * added support for If-Range: <date> (#1346)
- * added support for matching $HTTP["scheme"] in configs
- * fixed initgroups() called after chroot (#1384)
-+ * Fix #285 again: read error after SSL_shutdown (thx
marton.il...@balabit.com) and clear the error queue before some other calls
- * fixed case-sensitive check for Auth-Method (#1456)
- * execute fcgi app without /bin/sh if used as argument to spawn-fcgi (#1428)
- * fixed a bug that made /-prefixed extensions being handled also when
-diff -Naur lighttpd-1.4.19/src/connections.c
lighttpd-1.4.19-p/src/connections.c
---- lighttpd-1.4.19/src/connections.c 2008-02-28 00:41:35.000000000 +0100
-+++ lighttpd-1.4.19-p/src/connections.c 2008-04-02 21:42:57.000000000
+0200
-@@ -199,6 +199,7 @@
-
- /* don't resize the buffer if we were in SSL_ERROR_WANT_* */
-
-+ ERR_clear_error();
- do {
- if (!con->ssl_error_want_reuse_buffer) {
- b = buffer_init();
-@@ -1668,21 +1669,51 @@
- }
- #ifdef USE_OPENSSL
- if (srv_sock->is_ssl) {
-- int ret;
-+ int ret, ssl_r;
-+ unsigned long err;
-+ ERR_clear_error();
- switch ((ret = SSL_shutdown(con->ssl))) {
- case 1:
- /* ok */
- break;
- case 0:
-- SSL_shutdown(con->ssl);
-- break;
-+ ERR_clear_error();
-+ if (-1 != (ret =
SSL_shutdown(con->ssl))) break;
-+
-+ // fall through
- default:
-- log_error_write(srv, __FILE__,
__LINE__, "sds", "SSL:",
-- SSL_get_error(con->ssl,
ret),
--
ERR_error_string(ERR_get_error(), NULL));
-- return -1;
-+
-+ switch ((ssl_r =
SSL_get_error(con->ssl, ret))) {
-+ case SSL_ERROR_WANT_WRITE:
-+ case SSL_ERROR_WANT_READ:
-+ break;
-+ case SSL_ERROR_SYSCALL:
-+ /* perhaps we have error
waiting in our error-queue */
-+ if (0 != (err =
ERR_get_error())) {
-+ do {
-+
log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
-+
ssl_r, ret,
-+
ERR_error_string(err, NULL));
-+ } while((err =
ERR_get_error()));
-+ } else {
-+ log_error_write(srv,
__FILE__, __LINE__, "sddds", "SSL (error):",
-+ ssl_r,
r, errno,
-+
strerror(errno));
-+ }
-+
-+ break;
-+ default:
-+ while((err = ERR_get_error())) {
-+ log_error_write(srv,
__FILE__, __LINE__, "sdds", "SSL:",
-+ ssl_r,
ret,
-+
ERR_error_string(err, NULL));
-+ }
-+
-+ break;
-+ }
- }
- }
-+ ERR_clear_error();
- #endif
-
- switch(con->mode) {
-diff -Naur lighttpd-1.4.19/src/network_openssl.c
lighttpd-1.4.19-p/src/network_openssl.c
---- lighttpd-1.4.19/src/network_openssl.c 2008-02-26 17:20:26.000000000
+0100
-+++ lighttpd-1.4.19-p/src/network_openssl.c 2008-04-02 21:38:01.000000000
+0200
-@@ -85,6 +85,7 @@
- *
- */
-
-+ ERR_clear_error();
- if ((r = SSL_write(ssl, offset, toSend)) <= 0) {
- unsigned long err;
-
-@@ -187,6 +188,7 @@
-
- close(ifd);
-
-+ ERR_clear_error();
- if ((r = SSL_write(ssl, s, toSend)) <= 0) {
- unsigned long err;
-
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git
