Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=d3aa48cc169053ed86e43825641418d3ab41ced4
commit d3aa48cc169053ed86e43825641418d3ab41ced4 Author: Miklos Vajna <vmik...@frugalware.org> Date: Thu Nov 12 11:52:57 2009 +0100 lighttpd-1.4.24-1-i686 - version bump diff --git a/source/network-extra/lighttpd/CVE-2008-1531.patch b/source/network-extra/lighttpd/CVE-2008-1531.patch deleted file mode 100644 index f26e9ce..0000000 --- a/source/network-extra/lighttpd/CVE-2008-1531.patch +++ /dev/null @@ -1,100 +0,0 @@ -diff -Naur lighttpd-1.4.19/NEWS lighttpd-1.4.19-p/NEWS ---- lighttpd-1.4.19/NEWS 2008-03-10 22:28:30.000000000 +0100 -+++ lighttpd-1.4.19-p/NEWS 2008-04-02 21:38:01.000000000 +0200 -@@ -8,6 +8,7 @@ - * added support for If-Range: <date> (#1346) - * added support for matching $HTTP["scheme"] in configs - * fixed initgroups() called after chroot (#1384) -+ * Fix #285 again: read error after SSL_shutdown (thx marton.il...@balabit.com) and clear the error queue before some other calls - * fixed case-sensitive check for Auth-Method (#1456) - * execute fcgi app without /bin/sh if used as argument to spawn-fcgi (#1428) - * fixed a bug that made /-prefixed extensions being handled also when -diff -Naur lighttpd-1.4.19/src/connections.c lighttpd-1.4.19-p/src/connections.c ---- lighttpd-1.4.19/src/connections.c 2008-02-28 00:41:35.000000000 +0100 -+++ lighttpd-1.4.19-p/src/connections.c 2008-04-02 21:42:57.000000000 +0200 -@@ -199,6 +199,7 @@ - - /* don't resize the buffer if we were in SSL_ERROR_WANT_* */ - -+ ERR_clear_error(); - do { - if (!con->ssl_error_want_reuse_buffer) { - b = buffer_init(); -@@ -1668,21 +1669,51 @@ - } - #ifdef USE_OPENSSL - if (srv_sock->is_ssl) { -- int ret; -+ int ret, ssl_r; -+ unsigned long err; -+ ERR_clear_error(); - switch ((ret = SSL_shutdown(con->ssl))) { - case 1: - /* ok */ - break; - case 0: -- SSL_shutdown(con->ssl); -- break; -+ ERR_clear_error(); -+ if (-1 != (ret = SSL_shutdown(con->ssl))) break; -+ -+ // fall through - default: -- log_error_write(srv, __FILE__, __LINE__, "sds", "SSL:", -- SSL_get_error(con->ssl, ret), -- ERR_error_string(ERR_get_error(), NULL)); -- return -1; -+ -+ switch ((ssl_r = SSL_get_error(con->ssl, ret))) { -+ case SSL_ERROR_WANT_WRITE: -+ case SSL_ERROR_WANT_READ: -+ break; -+ case SSL_ERROR_SYSCALL: -+ /* perhaps we have error waiting in our error-queue */ -+ if (0 != (err = ERR_get_error())) { -+ do { -+ log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:", -+ ssl_r, ret, -+ ERR_error_string(err, NULL)); -+ } while((err = ERR_get_error())); -+ } else { -+ log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL (error):", -+ ssl_r, r, errno, -+ strerror(errno)); -+ } -+ -+ break; -+ default: -+ while((err = ERR_get_error())) { -+ log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:", -+ ssl_r, ret, -+ ERR_error_string(err, NULL)); -+ } -+ -+ break; -+ } - } - } -+ ERR_clear_error(); - #endif - - switch(con->mode) { -diff -Naur lighttpd-1.4.19/src/network_openssl.c lighttpd-1.4.19-p/src/network_openssl.c ---- lighttpd-1.4.19/src/network_openssl.c 2008-02-26 17:20:26.000000000 +0100 -+++ lighttpd-1.4.19-p/src/network_openssl.c 2008-04-02 21:38:01.000000000 +0200 -@@ -85,6 +85,7 @@ - * - */ - -+ ERR_clear_error(); - if ((r = SSL_write(ssl, offset, toSend)) <= 0) { - unsigned long err; - -@@ -187,6 +188,7 @@ - - close(ifd); - -+ ERR_clear_error(); - if ((r = SSL_write(ssl, s, toSend)) <= 0) { - unsigned long err; - _______________________________________________ Frugalware-git mailing list Frugalware-git@frugalware.org http://frugalware.org/mailman/listinfo/frugalware-git