Subject: CVS commit: pkgsrc/www/ap-ssl
To: None <>
From: Thomas Klausner <>
List: pkgsrc-changes
Date: 04/10/2003 11:36:43
Module Name:	pkgsrc
Committed By:	wiz
Date:		Thu Apr 10 08:36:42 UTC 2003

Modified Files:
	pkgsrc/www/ap-ssl: Makefile distinfo
Added Files:
	pkgsrc/www/ap-ssl/patches: patch-ac

Log Message:
Update to 2.8.14:
  Changes with mod_ssl 2.8.14 (18-Mar-2002 to 21-Mar-2003)

   *) Fixed logic in the destruction of a temporary certificate
      structure and this way avoid a crash due to freeing NULL object.

   *) Removed one newly introduced X509_free() call in the context of
      SSL_get_certificate(), because this function does not increment a
      reference count (although SSL_get_peer_certificate() does).

   *) Fixed hash-table based shared memory session cache (shmht)
      implementation by making sure that the underlying hash table
      library does not crash if memory cannot be allocated.

  Changes with mod_ssl 2.8.13 (23-Oct-2002 to 18-Mar-2003)

   *) Always enforce RSA blinding on RSA private keys in order to be
      resistent to timing attacks.

   *) Added timeout also to the "pre-sucking" of the trailing data in
      POST request handling.

   *) Correctly shutdown shared memory pools on fork+exec situations.

   *) Bugfix SSL client certificate verification: OpenSSL was not
      informed with SSL_set_verify_result(ssl, X509_V_OK) in case
      mod_ssl forced the verification to be ok.

   *) Consistently use OPENSSL_free() instead of plain free() to
      deallocate memory chunks allocated inside OpenSSL.

   *) Fixed various memory leaks related to X509 certificates.

New patch-ac sent to maintainer.

To generate a diff of this commit:
cvs rdiff -r1.67 -r1.68 pkgsrc/www/ap-ssl/Makefile
cvs rdiff -r1.16 -r1.17 pkgsrc/www/ap-ssl/distinfo
cvs rdiff -r0 -r1.1 pkgsrc/www/ap-ssl/patches/patch-ac

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.