[Frugalware-darcs] frugalware-0.6: elinks-0.11.2-2terminus2-i686

voroskoi voroskoi at frugalware.org
Mon Oct 1 11:56:18 CEST 2007


Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071001094207-dd049-7520f5d2d6cdb409a68cd237188e2399de51b888.gz;

[elinks-0.11.2-2terminus2-i686
voroskoi <voroskoi at frugalware.org>**20071001094207
 secfix relbump, closes #2457
] {
addfile ./source/network/elinks/CVE-2007-5034.diff
hunk ./source/network/elinks/CVE-2007-5034.diff 1
+diff -aur elinks-0.11.2/src/protocol/http/http.c fw_elinks-0.11.2/src/protocol/http/http.c
+--- elinks-0.11.2/src/protocol/http/http.c	2006-11-19 14:46:37.000000000 +0100
++++ fw_elinks-0.11.2/src/protocol/http/http.c	2007-10-01 11:26:47.000000000 +0200
+@@ -685,31 +685,33 @@
+ 		add_crlf_to_string(&header);
+ 	}
+ 
+-	switch (get_opt_int("protocol.http.referer.policy")) {
+-		case REFERER_NONE:
+-			/* oh well */
+-			break;
++	if (!use_connect) {
++		switch (get_opt_int("protocol.http.referer.policy")) {
++			case REFERER_NONE:
++				/* oh well */
++				break;
+ 
+-		case REFERER_FAKE:
+-			optstr = get_opt_str("protocol.http.referer.fake");
+-			if (!optstr[0]) break;
+-			add_to_string(&header, "Referer: ");
+-			add_to_string(&header, optstr);
+-			add_crlf_to_string(&header);
+-			break;
++			case REFERER_FAKE:
++				optstr = get_opt_str("protocol.http.referer.fake");
++				if (!optstr[0]) break;
++				add_to_string(&header, "Referer: ");
++				add_to_string(&header, optstr);
++				add_crlf_to_string(&header);
++				break;
+ 
+-		case REFERER_TRUE:
+-			if (!conn->referrer) break;
+-			add_to_string(&header, "Referer: ");
+-			add_url_to_http_string(&header, conn->referrer, URI_HTTP_REFERRER);
+-			add_crlf_to_string(&header);
+-			break;
++			case REFERER_TRUE:
++				if (!conn->referrer) break;
++				add_to_string(&header, "Referer: ");
++				add_url_to_http_string(&header, conn->referrer, URI_HTTP_REFERRER);
++				add_crlf_to_string(&header);
++				break;
+ 
+-		case REFERER_SAME_URL:
+-			add_to_string(&header, "Referer: ");
+-			add_url_to_http_string(&header, uri, URI_HTTP_REFERRER);
+-			add_crlf_to_string(&header);
+-			break;
++			case REFERER_SAME_URL:
++				add_to_string(&header, "Referer: ");
++				add_url_to_http_string(&header, uri, URI_HTTP_REFERRER);
++				add_crlf_to_string(&header);
++				break;
++		}
+ 	}
+ 
+ 	add_to_string(&header, "Accept: */*");
+@@ -782,7 +784,7 @@
+ 		add_crlf_to_string(&header);
+ 	}
+ 
+-	if (conn->cached) {
++	if (!use_connect && conn->cached) {
+ 		if (!conn->cached->incomplete && conn->cached->head && conn->cached->last_modified
+ 		    && conn->cache_mode <= CACHE_MODE_CHECK_IF_MODIFIED) {
+ 			add_to_string(&header, "If-Modified-Since: ");
+@@ -798,7 +800,7 @@
+ 		add_crlf_to_string(&header);
+ 	}
+ 
+-	if (conn->from || conn->progress->start > 0) {
++	if (!use_connect && (conn->from || conn->progress->start > 0)) {
+ 		/* conn->from takes precedence. conn->progress.start is set only the first
+ 		 * time, then conn->from gets updated and in case of any retries
+ 		 * etc we have everything interesting in conn->from already. */
+@@ -808,7 +810,9 @@
+ 		add_crlf_to_string(&header);
+ 	}
+ 
+-	entry = find_auth(uri);
++	if (!use_connect) {
++		entry = find_auth(uri);
++	}
+ 	if (entry) {
+ 		if (entry->digest) {
+ 			unsigned char *response;
+@@ -848,7 +852,7 @@
+ 		}
+ 	}
+ 
+-	if (uri->post) {
++	if (!use_connect && uri->post) {
+ 		/* We search for first '\n' in uri->post to get content type
+ 		 * as set by get_form_uri(). This '\n' is dropped if any
+ 		 * and replaced by correct '\r\n' termination here. */
+@@ -867,7 +871,7 @@
+ 	}
+ 
+ #ifdef CONFIG_COOKIES
+-	{
++	if (!use_connect) {
+ 		struct string *cookies = send_cookies(uri);
+ 
+ 		if (cookies) {
+@@ -887,6 +891,8 @@
+ 		unsigned char buffer[POST_BUFFER_SIZE];
+ 		int n = 0;
+ 
++		assert(!use_connect);
++
+ 		while (post[0] && post[1]) {
+ 			int h1, h2;
+ 
hunk ./source/network/elinks/FrugalBuild 7
-pkgrel=2terminus1
+pkgrel=2terminus2
hunk ./source/network/elinks/FrugalBuild 16
-	elinks-0.11.0-gcc4-inline.patch  elinks-0.11.0-ruby.patch CVE-2007-2027.diff)
+	elinks-0.11.0-gcc4-inline.patch elinks-0.11.0-ruby.patch \
+	CVE-2007-2027.diff CVE-2007-5034.diff)
hunk ./source/network/elinks/FrugalBuild 30
-sha1sums=('47669c38e1e5ebb35015a9a9a8f9c898821bd408'\
-          '68f6c6dc3bf170aeef6b0d3a5df46bd53b7a3bef'\
-          'e11b612c791cbf371d61e943556220aff0e1b472'\
-          '5cb02dfd86fe1967d2e07b47609762e22b9a236e')
+sha1sums=('47669c38e1e5ebb35015a9a9a8f9c898821bd408' \
+          '68f6c6dc3bf170aeef6b0d3a5df46bd53b7a3bef' \
+          'e11b612c791cbf371d61e943556220aff0e1b472' \
+          '5cb02dfd86fe1967d2e07b47609762e22b9a236e' \
+          '01e58c6236d9f1ffd9fa14f6c79b8f975c1e02d7')
}


More information about the Frugalware-darcs mailing list