FreeBSD Bugzilla – Attachment 186940 Details for
Bug 222814
www/apache24: Update to 2.4.29
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
svn diff for www/apache24
patch-www_apache24-2.4.28 (text/plain), 16.18 KB, created by
Bernard Spil
on 2017-10-06 07:54:37 UTC
(
hide
)
Description:
svn diff for www/apache24
Filename:
MIME Type:
Creator:
Bernard Spil
Created:
2017-10-06 07:54:37 UTC
Size:
16.18 KB
patch
obsolete
>Index: www/apache24/Makefile >=================================================================== >--- www/apache24/Makefile (revision 450581) >+++ www/apache24/Makefile (working copy) >@@ -1,8 +1,7 @@ > # $FreeBSD$ > > PORTNAME= apache24 >-PORTVERSION= 2.4.27 >-PORTREVISION= 1 >+PORTVERSION= 2.4.28 > CATEGORIES= www ipv6 > MASTER_SITES= APACHE_HTTPD > DISTNAME= httpd-${PORTVERSION} >Index: www/apache24/distinfo >=================================================================== >--- www/apache24/distinfo (revision 450581) >+++ www/apache24/distinfo (working copy) >@@ -1,3 +1,3 @@ >-TIMESTAMP = 1499686775 >-SHA256 (apache24/httpd-2.4.27.tar.bz2) = 71fcc128238a690515bd8174d5330a5309161ef314a326ae45c7c15ed139c13a >-SIZE (apache24/httpd-2.4.27.tar.bz2) = 6527394 >+TIMESTAMP = 1507272082 >+SHA256 (apache24/httpd-2.4.28.tar.bz2) = c1197a3a62a4ab5c584ab89b249af38cf28b4adee9c0106b62999fd29f920666 >+SIZE (apache24/httpd-2.4.28.tar.bz2) = 6553163 >Index: www/apache24/files/patch-CVE-2017-9798 >=================================================================== >--- www/apache24/files/patch-CVE-2017-9798 (revision 450581) >+++ www/apache24/files/patch-CVE-2017-9798 (nonexistent) >@@ -1,15 +0,0 @@ >---- server/core.c 2017/08/16 16:50:29 1805223 >-+++ server/core.c 2017/09/08 13:13:11 1807754 >-@@ -2266,6 +2266,12 @@ >- /* method has not been registered yet, but resource restriction >- * is always checked before method handling, so register it. >- */ >-+ if (cmd->pool == cmd->temp_pool) { >-+ /* In .htaccess, we can't globally register new methods. */ >-+ return apr_psprintf(cmd->pool, "Could not register method '%s' " >-+ "for %s from .htaccess configuration", >-+ method, cmd->cmd->name); >-+ } >- methnum = ap_method_register(cmd->pool, >- apr_pstrdup(cmd->pool, method)); >- } > >Property changes on: www/apache24/files/patch-CVE-2017-9798 >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: www/apache24/files/patch-modules_ssl_mod__ssl.c >=================================================================== >--- www/apache24/files/patch-modules_ssl_mod__ssl.c (revision 450581) >+++ www/apache24/files/patch-modules_ssl_mod__ssl.c (nonexistent) >@@ -1,34 +0,0 @@ >---- modules/ssl/mod_ssl.c.orig 2017-04-03 11:39:20 UTC >-+++ modules/ssl/mod_ssl.c >-@@ -337,12 +337,12 @@ static apr_status_t ssl_cleanup_pre_conf >- #if HAVE_ENGINE_LOAD_BUILTIN_ENGINES >- ENGINE_cleanup(); >- #endif >--#if OPENSSL_VERSION_NUMBER >= 0x1000200fL >-+#if OPENSSL_VERSION_NUMBER >= 0x1000200fL && !defined(OPENSSL_NO_COMP) >- SSL_COMP_free_compression_methods(); >- #endif >- >- /* Usually needed per thread, but this parent process is single-threaded */ >--#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) >- #if OPENSSL_VERSION_NUMBER >= 0x1000000fL >- ERR_remove_thread_state(NULL); >- #else >-@@ -383,14 +383,14 @@ static int ssl_hook_pre_config(apr_pool_ >- /* Some OpenSSL internals are allocated per-thread, make sure they >- * are associated to the/our same thread-id until cleaned up. >- */ >--#if APR_HAS_THREADS && OPENSSL_VERSION_NUMBER < 0x10100000L >-+#if APR_HAS_THREADS && OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) >- ssl_util_thread_id_setup(pconf); >- #endif >- >- /* We must register the library in full, to ensure our configuration >- * code can successfully test the SSL environment. >- */ >--#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) >- CRYPTO_malloc_init(); >- #else >- OPENSSL_malloc_init(); > >Property changes on: www/apache24/files/patch-modules_ssl_mod__ssl.c >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: www/apache24/files/patch-modules_ssl_ssl__engine__init.c >=================================================================== >--- www/apache24/files/patch-modules_ssl_ssl__engine__init.c (revision 450581) >+++ www/apache24/files/patch-modules_ssl_ssl__engine__init.c (nonexistent) >@@ -1,47 +0,0 @@ >---- modules/ssl/ssl_engine_init.c.orig 2017-04-03 11:39:20 UTC >-+++ modules/ssl/ssl_engine_init.c >-@@ -47,7 +47,7 @@ APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL(ssl, >- #define KEYTYPES "RSA or DSA" >- #endif >- >--#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) >- /* OpenSSL Pre-1.1.0 compatibility */ >- /* Taken from OpenSSL 1.1.0 snapshot 20160410 */ >- static int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) >-@@ -257,7 +257,7 @@ apr_status_t ssl_init_Module(apr_pool_t >- #endif >- } >- >--#if APR_HAS_THREADS && OPENSSL_VERSION_NUMBER < 0x10100000L >-+#if APR_HAS_THREADS && ( OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ) >- ssl_util_thread_setup(p); >- #endif >- >-@@ -380,7 +380,7 @@ apr_status_t ssl_init_Module(apr_pool_t >- modssl_init_app_data2_idx(); /* for modssl_get_app_data2() at request time */ >- >- init_dh_params(); >--#if OPENSSL_VERSION_NUMBER >= 0x10100000L >-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) >- init_bio_methods(); >- #endif >- >-@@ -1301,7 +1301,7 @@ static apr_status_t ssl_init_server_cert >- * or configure NIST P-256 (required to enable ECDHE for earlier versions) >- * ECDH is always enabled in 1.1.0 unless excluded from SSLCipherList >- */ >--#if (OPENSSL_VERSION_NUMBER < 0x10100000L) >-+#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER) >- else { >- #if defined(SSL_CTX_set_ecdh_auto) >- SSL_CTX_set_ecdh_auto(mctx->ssl_ctx, 1); >-@@ -2011,7 +2011,7 @@ apr_status_t ssl_init_ModuleKill(void *d >- >- } >- >--#if OPENSSL_VERSION_NUMBER >= 0x10100000L >-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) >- free_bio_methods(); >- #endif >- free_dh_params(); > >Property changes on: www/apache24/files/patch-modules_ssl_ssl__engine__init.c >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: www/apache24/files/patch-modules_ssl_ssl__engine__io.c >=================================================================== >--- www/apache24/files/patch-modules_ssl_ssl__engine__io.c (revision 450581) >+++ www/apache24/files/patch-modules_ssl_ssl__engine__io.c (nonexistent) >@@ -1,38 +0,0 @@ >---- modules/ssl/ssl_engine_io.c.orig 2017-05-30 12:26:05 UTC >-+++ modules/ssl/ssl_engine_io.c >-@@ -164,7 +164,7 @@ static int bio_filter_create(BIO *bio) >- { >- BIO_set_shutdown(bio, 1); >- BIO_set_init(bio, 1); >--#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) >- /* No setter method for OpenSSL 1.1.0 available, >- * but I can't find any functional use of the >- * "num" field there either. >-@@ -549,7 +549,7 @@ static long bio_filter_in_ctrl(BIO *bio, >- return -1; >- } >- >--#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) >- >- static BIO_METHOD bio_filter_out_method = { >- BIO_TYPE_MEM, >-@@ -2024,7 +2024,7 @@ static void ssl_io_input_add_filter(ssl_ >- >- filter_ctx->pInputFilter = ap_add_input_filter(ssl_io_filter, inctx, r, c); >- >--#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) >- filter_ctx->pbioRead = BIO_new(&bio_filter_in_method); >- #else >- filter_ctx->pbioRead = BIO_new(bio_filter_in_method); >-@@ -2059,7 +2059,7 @@ void ssl_io_filter_init(conn_rec *c, req >- filter_ctx->pOutputFilter = ap_add_output_filter(ssl_io_filter, >- filter_ctx, r, c); >- >--#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) >- filter_ctx->pbioWrite = BIO_new(&bio_filter_out_method); >- #else >- filter_ctx->pbioWrite = BIO_new(bio_filter_out_method); > >Property changes on: www/apache24/files/patch-modules_ssl_ssl__engine__io.c >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: www/apache24/files/patch-modules_ssl_ssl__engine__kernel.c >=================================================================== >--- www/apache24/files/patch-modules_ssl_ssl__engine__kernel.c (revision 450581) >+++ www/apache24/files/patch-modules_ssl_ssl__engine__kernel.c (nonexistent) >@@ -1,11 +0,0 @@ >---- modules/ssl/ssl_engine_kernel.c.orig 2017-05-02 11:01:17 UTC >-+++ modules/ssl/ssl_engine_kernel.c >-@@ -1733,7 +1733,7 @@ static void modssl_proxy_info_log(conn_r >- * so we need to increment here to prevent them from >- * being freed. >- */ >--#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) >- #define modssl_set_cert_info(info, cert, pkey) \ >- *cert = info->x509; \ >- CRYPTO_add(&(*cert)->references, +1, CRYPTO_LOCK_X509); \ > >Property changes on: www/apache24/files/patch-modules_ssl_ssl__engine__kernel.c >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: www/apache24/files/patch-modules_ssl_ssl__engine__vars.c >=================================================================== >--- www/apache24/files/patch-modules_ssl_ssl__engine__vars.c (revision 450581) >+++ www/apache24/files/patch-modules_ssl_ssl__engine__vars.c (nonexistent) >@@ -1,11 +0,0 @@ >---- modules/ssl/ssl_engine_vars.c.orig 2017-03-20 12:01:16 UTC >-+++ modules/ssl/ssl_engine_vars.c >-@@ -529,7 +529,7 @@ static char *ssl_var_lookup_ssl_cert(apr >- resdup = FALSE; >- } >- else if (strcEQ(var, "A_SIG")) { >--#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) >- nid = OBJ_obj2nid((ASN1_OBJECT *)(xs->cert_info->signature->algorithm)); >- #else >- const ASN1_OBJECT *paobj; > >Property changes on: www/apache24/files/patch-modules_ssl_ssl__engine__vars.c >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: www/apache24/files/patch-modules_ssl_ssl__private.h >=================================================================== >--- www/apache24/files/patch-modules_ssl_ssl__private.h (revision 450581) >+++ www/apache24/files/patch-modules_ssl_ssl__private.h (nonexistent) >@@ -1,55 +0,0 @@ >---- modules/ssl/ssl_private.h.orig 2017-04-03 11:39:20 UTC >-+++ modules/ssl/ssl_private.h >-@@ -123,6 +123,16 @@ >- #define MODSSL_SSL_METHOD_CONST >- #endif >- >-+#if defined(LIBRESSL_VERSION_NUMBER) >-+/* Missing from LibreSSL */ >-+#define SSL_CTRL_SET_MIN_PROTO_VERSION 123 >-+#define SSL_CTRL_SET_MAX_PROTO_VERSION 124 >-+#define SSL_CTX_set_min_proto_version(ctx, version) \ >-+ SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL) >-+#define SSL_CTX_set_max_proto_version(ctx, version) \ >-+ SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL) >-+#endif >-+ >- #if defined(OPENSSL_FIPS) >- #define HAVE_FIPS >- #endif >-@@ -136,7 +146,7 @@ >- #endif >- >- /* session id constness */ >--#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) >- #define IDCONST >- #else >- #define IDCONST const >-@@ -199,7 +209,7 @@ >- >- #endif /* !defined(OPENSSL_NO_TLSEXT) && defined(SSL_set_tlsext_host_name) */ >- >--#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) >- #define BN_get_rfc2409_prime_768 get_rfc2409_prime_768 >- #define BN_get_rfc2409_prime_1024 get_rfc2409_prime_1024 >- #define BN_get_rfc3526_prime_1536 get_rfc3526_prime_1536 >-@@ -219,7 +229,7 @@ void init_bio_methods(void); >- void free_bio_methods(void); >- #endif >- >--#if OPENSSL_VERSION_NUMBER < 0x10002000L >-+#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) >- #define X509_STORE_CTX_get0_store(x) (x->ctx) >- #endif >- >-@@ -934,7 +944,7 @@ char *ssl_util_readfilter(server_ >- const char * const *); >- BOOL ssl_util_path_check(ssl_pathcheck_t, const char *, apr_pool_t *); >- #if APR_HAS_THREADS >--#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) >- void ssl_util_thread_setup(apr_pool_t *); >- #endif >- void ssl_util_thread_id_setup(apr_pool_t *); > >Property changes on: www/apache24/files/patch-modules_ssl_ssl__private.h >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: www/apache24/files/patch-modules_ssl_ssl__util.c >=================================================================== >--- www/apache24/files/patch-modules_ssl_ssl__util.c (revision 450581) >+++ www/apache24/files/patch-modules_ssl_ssl__util.c (nonexistent) >@@ -1,11 +0,0 @@ >---- modules/ssl/ssl_util.c.orig 2017-03-24 13:31:03 UTC >-+++ modules/ssl/ssl_util.c >-@@ -247,7 +247,7 @@ void ssl_asn1_table_unset(apr_hash_t *ta >- } >- >- #if APR_HAS_THREADS >--#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) >- /* >- * To ensure thread-safetyness in OpenSSL - work in progress >- */ > >Property changes on: www/apache24/files/patch-modules_ssl_ssl__util.c >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: www/apache24/files/patch-modules_ssl_ssl__util__ssl.h >=================================================================== >--- www/apache24/files/patch-modules_ssl_ssl__util__ssl.h (revision 450581) >+++ www/apache24/files/patch-modules_ssl_ssl__util__ssl.h (nonexistent) >@@ -1,11 +0,0 @@ >---- modules/ssl/ssl_util_ssl.h.orig 2017-03-20 12:01:16 UTC >-+++ modules/ssl/ssl_util_ssl.h >-@@ -41,7 +41,7 @@ >- #define MODSSL_LIBRARY_VERSION OPENSSL_VERSION_NUMBER >- #define MODSSL_LIBRARY_NAME "OpenSSL" >- #define MODSSL_LIBRARY_TEXT OPENSSL_VERSION_TEXT >--#if OPENSSL_VERSION_NUMBER < 0x10100000L >-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) >- #define MODSSL_LIBRARY_DYNTEXT SSLeay_version(SSLEAY_VERSION) >- #else >- #define MODSSL_LIBRARY_DYNTEXT OpenSSL_version(OPENSSL_VERSION) > >Property changes on: www/apache24/files/patch-modules_ssl_ssl__util__ssl.h >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=186940">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 222814
:
186940
|
187386