[pkgsrc/trunk]: pkgsrc/www/apache2 Add fix for CVE-2005-3357 from Apache bug ...

[tron <tron%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/59fb3fe53e32
branches:  trunk
changeset: 506742:59fb3fe53e32
user:      tron <tron%pkgsrc.org@localhost>
date:      Sat Jan 21 13:02:21 2006 +0000

description:
Add fix for CVE-2005-3357 from Apache bug report 37791.
Bump package revision because of this fix.

diffstat:

 www/apache2/Makefile         |   4 ++--
 www/apache2/distinfo         |   3 ++-
 www/apache2/patches/patch-af |  21 +++++++++++++++++++++
 3 files changed, 25 insertions(+), 3 deletions(-)

diffs (57 lines):

diff -r ae87f631d01e -r 59fb3fe53e32 www/apache2/Makefile
--- a/www/apache2/Makefile      Sat Jan 21 11:55:14 2006 +0000
+++ b/www/apache2/Makefile      Sat Jan 21 13:02:21 2006 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.91 2006/01/05 10:01:20 ghen Exp $
+# $NetBSD: Makefile,v 1.92 2006/01/21 13:02:21 tron Exp $
 
 .include "Makefile.common"
 
 PKGNAME=       apache-${APACHE_VERSION}
-PKGREVISION=   4
+PKGREVISION=   5
 CATEGORIES=    www
 
 HOMEPAGE=      http://httpd.apache.org/
diff -r ae87f631d01e -r 59fb3fe53e32 www/apache2/distinfo
--- a/www/apache2/distinfo      Sat Jan 21 11:55:14 2006 +0000
+++ b/www/apache2/distinfo      Sat Jan 21 13:02:21 2006 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.45 2005/12/15 11:29:00 tron Exp $
+$NetBSD: distinfo,v 1.46 2006/01/21 13:02:21 tron Exp $
 
 SHA1 (httpd-2.0.55.tar.bz2) = ab016aace57f34cb3eae5c9d48f2bcc5759d6c84
 RMD160 (httpd-2.0.55.tar.bz2) = 04749dcf9ea369152eddf9422e49bc0a77a443eb
@@ -8,6 +8,7 @@
 SHA1 (patch-ac) = 515043b5c215d49fe8f6d3191b502c978e2a2dad
 SHA1 (patch-ad) = 8c6f62346ffb5069de89a50516a3da2c6104e09b
 SHA1 (patch-ae) = 4d906691447dd718547b18ebfbb80322443afcda
+SHA1 (patch-af) = c5e5fa2ddbf7f448249c9696886e960438a9511c
 SHA1 (patch-ag) = 78dcb023f524ef65928b529320932c9664ec0d01
 SHA1 (patch-ai) = 4dc88c15b0525a5aabc80d5c2a0720cd260629de
 SHA1 (patch-ak) = f11a86b1235d5c595fa381bbb474db4fe8448215
diff -r ae87f631d01e -r 59fb3fe53e32 www/apache2/patches/patch-af
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/www/apache2/patches/patch-af      Sat Jan 21 13:02:21 2006 +0000
@@ -0,0 +1,21 @@
+$NetBSD: patch-af,v 1.6 2006/01/21 13:02:21 tron Exp $
+
+--- modules/ssl/ssl_engine_kernel.c.orig
++++ modules/ssl/ssl_engine_kernel.c
+@@ -202,11 +202,14 @@
+     }
+ 
+     /*
+-     * Check to see if SSL protocol is on
++     * Check to see whether SSL is in use; if it's not, then no
++     * further access control checks are relevant.  (the test for
++     * sc->enabled is probably strictly unnecessary)
+      */
+-    if (!(sc->enabled || ssl)) {
++    if (!sc->enabled || !ssl) {
+         return DECLINED;
+     }
++
+     /*
+      * Support for per-directory reconfigured SSL connection parameters.
+      *