[Frugalware-git] frugalware-current: lighttpd-1.4.24-1-i686

Thu Nov 12 12:45:34 CET 2009

Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=d3aa48cc169053ed86e43825641418d3ab41ced4

commit d3aa48cc169053ed86e43825641418d3ab41ced4
Author: Miklos Vajna <vmiklos at frugalware.org>
Date:   Thu Nov 12 11:52:57 2009 +0100

lighttpd-1.4.24-1-i686

- version bump

diff --git a/source/network-extra/lighttpd/CVE-2008-1531.patch b/source/network-extra/lighttpd/CVE-2008-1531.patch
deleted file mode 100644
index f26e9ce..0000000
--- a/source/network-extra/lighttpd/CVE-2008-1531.patch
+++ /dev/null
@@ -1,100 +0,0 @@
-diff -Naur lighttpd-1.4.19/NEWS lighttpd-1.4.19-p/NEWS
---- lighttpd-1.4.19/NEWS	2008-03-10 22:28:30.000000000 +0100
-+++ lighttpd-1.4.19-p/NEWS	2008-04-02 21:38:01.000000000 +0200
-@@ -8,6 +8,7 @@
-   * added support for If-Range: <date> (#1346)
-   * added support for matching $HTTP["scheme"] in configs
-   * fixed initgroups() called after chroot (#1384)
-+  * Fix #285 again: read error after SSL_shutdown (thx marton.illes at balabit.com) and clear the error queue before some other calls
-   * fixed case-sensitive check for Auth-Method (#1456)
-   * execute fcgi app without /bin/sh if used as argument to spawn-fcgi (#1428)
-   * fixed a bug that made /-prefixed extensions being handled also when
-diff -Naur lighttpd-1.4.19/src/connections.c lighttpd-1.4.19-p/src/connections.c
---- lighttpd-1.4.19/src/connections.c	2008-02-28 00:41:35.000000000 +0100
-+++ lighttpd-1.4.19-p/src/connections.c	2008-04-02 21:42:57.000000000 +0200
-@@ -199,6 +199,7 @@
-
- 	/* don't resize the buffer if we were in SSL_ERROR_WANT_* */
-
-+	ERR_clear_error();
- 	do {
- 		if (!con->ssl_error_want_reuse_buffer) {
- 			b = buffer_init();
-@@ -1668,21 +1669,51 @@
- 			}
- #ifdef USE_OPENSSL
- 			if (srv_sock->is_ssl) {
--				int ret;
-+				int ret, ssl_r;
-+				unsigned long err;
-+				ERR_clear_error();
- 				switch ((ret = SSL_shutdown(con->ssl))) {
- 				case 1:
- 					/* ok */
- 					break;
- 				case 0:
--					SSL_shutdown(con->ssl);
--					break;
-+					ERR_clear_error();
-+					if (-1 != (ret = SSL_shutdown(con->ssl))) break;
-+
-+					// fall through
- 				default:
--					log_error_write(srv, __FILE__, __LINE__, "sds", "SSL:",
--							SSL_get_error(con->ssl, ret),
--							ERR_error_string(ERR_get_error(), NULL));
--					return -1;
-+
-+					switch ((ssl_r = SSL_get_error(con->ssl, ret))) {
-+					case SSL_ERROR_WANT_WRITE:
-+					case SSL_ERROR_WANT_READ:
-+						break;
-+					case SSL_ERROR_SYSCALL:
-+						/* perhaps we have error waiting in our error-queue */
-+						if (0 != (err = ERR_get_error())) {
-+							do {
-+								log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
-+										ssl_r, ret,
-+										ERR_error_string(err, NULL));
-+							} while((err = ERR_get_error()));
-+						} else {
-+							log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL (error):",
-+									ssl_r, r, errno,
-+									strerror(errno));
-+						}
-+
-+						break;
-+					default:
-+						while((err = ERR_get_error())) {
-+							log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
-+									ssl_r, ret,
-+									ERR_error_string(err, NULL));
-+						}
-+
-+						break;
-+					}
- 				}
- 			}
-+			ERR_clear_error();
- #endif
-
- 			switch(con->mode) {
-diff -Naur lighttpd-1.4.19/src/network_openssl.c lighttpd-1.4.19-p/src/network_openssl.c
---- lighttpd-1.4.19/src/network_openssl.c	2008-02-26 17:20:26.000000000 +0100
-+++ lighttpd-1.4.19-p/src/network_openssl.c	2008-04-02 21:38:01.000000000 +0200
-@@ -85,6 +85,7 @@
- 			 *
- 			 */
-
-+			ERR_clear_error();
- 			if ((r = SSL_write(ssl, offset, toSend)) <= 0) {
- 				unsigned long err;
-
-@@ -187,6 +188,7 @@
-
- 				close(ifd);
-
-+				ERR_clear_error();
- 				if ((r = SSL_write(ssl, s, toSend)) <= 0) {
- 					unsigned long err;
-
