pkg/38454: neon+subversion+gssapi doesn't work

[kovert%omniscient.com@localhost]

>Number:         38454
>Category:       pkg
>Synopsis:       neon+subversion+gssapi doesn't work
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Apr 18 00:30:00 +0000 2008
>Originator:     Todd Kover
>Release:        NetBSD 4.0
>Organization:
Omniscient Technologies
>Environment:
System: NetBSD slivovice.cz.omniscient.com 4.0 NetBSD 4.0 (GENERIC) #0: Tue Dec 
25 17:07:02 EST 2007 
kovert%saidin.omniscient.com@localhost:/usr/obj/4.0-stable/i386/omniscient/os/NetBSD-4.0/src/sys/arch/i386/compile/GENERIC
 i386
Architecture: i386
Machine: i386
>Description:
        When using svn as a client to talk to a server that uses the gssapi
        Negotite extension, apache spits backa  Multi-status error because
        the negotiate dance doesn't work.

        Turns out there's some bad pointer math.
>How-To-Repeat:
        Setup a subverison repository that uses https+Negotiate and attempt
        to do something against the server.

        Watch, read, curse.

>Fix:

This patch as patches/patch-aa fixes it:

---<snip>---
$NetBSD$

--- src/ne_auth.c.orig  2008-04-18 01:07:57.000000000 +0200
+++ src/ne_auth.c       2008-04-18 01:08:23.000000000 +0200
@@ -519,7 +519,7 @@
     char *sep, *ptr = strchr(duphdr, ' ');
     int ret;
 
-    if (strncmp(hdr, "Negotiate", ptr - hdr) != 0) {
+    if (strncmp(hdr, "Negotiate", ptr - duphdr) != 0) {
         NE_DEBUG(NE_DBG_HTTPAUTH, "gssapi: Not a Negotiate response!\n");
         ne_free(duphdr);
         return NE_ERROR;