- update to 2.8.28-1.3.37

- merge Configure patches
author: dinoex <dinoex@FreeBSD.org> 2007-09-17 04:05:49 +0800
committer: dinoex <dinoex@FreeBSD.org> 2007-09-17 04:05:49 +0800
commit: f83dfb899ac51e3f69c16eb7a4c9b0976469162f (patch)
tree: a59a710ac4b1d3eb77b0e11f0916358ce7e5d4ca /www
parent: 4aa1a0a5519256ea952aec5da4538aaf751674ef (diff)
download: freebsd-ports-graphics-f83dfb899ac51e3f69c16eb7a4c9b0976469162f.tar.gz
freebsd-ports-graphics-f83dfb899ac51e3f69c16eb7a4c9b0976469162f.tar.zst
freebsd-ports-graphics-f83dfb899ac51e3f69c16eb7a4c9b0976469162f.zip
6 files changed, 30 insertions, 371 deletions
diff --git a/www/apache13-modssl/Makefile b/www/apache13-modssl/Makefile
index f09700febb7..063575082a2 100644
--- a/www/apache13-modssl/Makefile
+++ b/www/apache13-modssl/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	apache+mod_ssl
 PORTVERSION=	${VERSION_APACHE}+${VERSION_MODSSL}
-PORTREVISION?=	1
+PORTREVISION?=	0
 CATEGORIES?=	www security
 MASTER_SITES=	${MASTER_SITE_APACHE_HTTPD} \
 		${MASTER_SITES_MODSSL:S/$/:mod_ssl/} \
@@ -36,8 +36,8 @@ PATCH_DEPENDS=	${BUILD_DEPENDS}
 CONFLICTS?=	apache+ipv6-1.* apache+ssl-1.* apache-1.* apache-2.* \
 		apache_fp-1.* caudium-devel-1.* caudium10-1.* caudium12-* \
 		ru-apache+mod_ssl-1.* ru-apache-1.* w3c-httpd-3.*
-VERSION_APACHE=	1.3.37
-VERSION_MODSSL=	2.8.28
+VERSION_APACHE=	1.3.39
+VERSION_MODSSL=	2.8.30
 VERSION_MODSNMP=	1.3.14.13
 VERSION_MODACCEL=	1.0.34
 VERSION_MODDEFLATE=	1.0.21
diff --git a/www/apache13-modssl/distinfo b/www/apache13-modssl/distinfo
index ada678df693..611d50bdd3f 100644
--- a/www/apache13-modssl/distinfo
+++ b/www/apache13-modssl/distinfo
@@ -1,9 +1,9 @@
-MD5 (apache_1.3.37.tar.gz) = b278f0969a9ccadeb781316e79e3520f
-SHA256 (apache_1.3.37.tar.gz) = 9f27889bfbf418b987a892160e52fd217d66391df2870f3ecac877ef565c4bfc
-SIZE (apache_1.3.37.tar.gz) = 2665370
-MD5 (mod_ssl-2.8.28-1.3.37.tar.gz) = 5e9486a86fcd4efef395f58fd795aaea
-SHA256 (mod_ssl-2.8.28-1.3.37.tar.gz) = 76437105b5b5593a7dbd8ee45af417233897dcaf910cbc337a68b0db24e35489
-SIZE (mod_ssl-2.8.28-1.3.37.tar.gz) = 820417
+MD5 (apache_1.3.39.tar.gz) = 76066f630203291acd20c764e5eedb6e
+SHA256 (apache_1.3.39.tar.gz) = 4c1356ff7ed01848c1121bfd85fac5277584a41e5d39a817ea8372bf3e7bdc82
+SIZE (apache_1.3.39.tar.gz) = 2504830
+MD5 (mod_ssl-2.8.30-1.3.39.tar.gz) = 66c1ad26954cb1abe59b42dab54d2cd1
+SHA256 (mod_ssl-2.8.30-1.3.39.tar.gz) = cbcaa1f5e555b5ab8d4f7041c2ad5aeebb52711e37a76be7e80551ef304ecaad
+SIZE (mod_ssl-2.8.30-1.3.39.tar.gz) = 820416
 MD5 (mod_snmp_1.3.14.13.tar.gz) = c6bcbbba1ee2ead2dcdcc6a687c234d1
 SHA256 (mod_snmp_1.3.14.13.tar.gz) = 49962e8c9455e97dca3bba5f1b84ed97214bf42b5cb27b797dea1b8d931cb8ba
 SIZE (mod_snmp_1.3.14.13.tar.gz) = 91125
diff --git a/www/apache13-modssl/files/patch-CVE-2007-3304 b/www/apache13-modssl/files/patch-CVE-2007-3304
deleted file mode 100644
index 235aae2214b..00000000000
--- a/www/apache13-modssl/files/patch-CVE-2007-3304
+++ /dev/null
@@ -1,348 +0,0 @@
---- src/CHANGES.orig	Thu Jul 27 20:19:46 2006
-+++ src/CHANGES	Mon Sep 10 09:25:24 2007
-@@ -1,3 +1,22 @@
-+Changes with Apache 1.3.39
-+
-+  *) SECURITY: CVE-2006-5752 (cve.mitre.org)
-+     mod_status: Fix a possible XSS attack against a site with a public
-+     server-status page and ExtendedStatus enabled, for browsers which
-+     perform charset "detection".  Reported by Stefan Esser.  [Joe Orton]
-+
-+  *) SECURITY: CVE-2007-3304 (cve.mitre.org)
-+     Ensure that the parent process cannot be forced to kill non-child
-+     processes by checking scoreboard PID data with parent process
-+     privately stored PID data. [Jim Jagielski]
-+
-+  *) mime.types: Many updates to sync with IANA registry and common
-+     unregistered types that the owners refuse to register.  Admins
-+     are encouraged to update their installed mime.types file.
-+     PR: 35550, 37798, 39317, 31483 [Roy T. Fielding]
-+
-+There was no Apache 1.3.38
-+
- Changes with Apache 1.3.37
- 
-   *) SECURITY: CVE-2006-3747 (cve.mitre.org)
-@@ -25,10 +44,11 @@
-   *) core: Allow usage of the "Include" configuration directive within
-      previously "Include"d files. [Colm MacCarthaigh]
- 
--  *) HTML-escape the Expect error message.  Not classed as security as
--     an attacker has no way to influence the Expect header a victim will
--     send to a target site.  Reported by Thiago Zaninotti 
--     <thiango nstalker.com>. [Mark Cox]
-+  *) SECURITY: CVE-2006-3918 (cve.mitre.org)
-+     HTML-escape the Expect error message.  Only a security issue if
-+     an attacker can influence the Expect header a victim will send to a 
-+     target site (it's known that some versions of Flash can do this)
-+     Reported by Thiago Zaninotti <thiango nstalker.com>.  [Mark Cox]
- 
-   *) mod_cgi: Remove block on OPTIONS method so that scripts can
-      respond to OPTIONS directly rather than via server default.
---- src/Configure.orig	Mon Sep 10 09:25:22 2007
-+++ src/Configure	Mon Sep 10 09:25:24 2007
-@@ -457,7 +457,7 @@
-     	PLATOSVERS=`echo $PLAT | sed 's/^.*freebsd//'`
- 	OS="FreeBSD $PLATOSVERS"
- 	case "$PLATOSVERS" in
--	    [2345]*)
-+	    [234567]*)
- 		DEF_WANTHSREGEX=no
- 		CFLAGS="$CFLAGS -funsigned-char"
- 		;;
-@@ -2002,7 +2002,7 @@
- 	#    select the special subtarget for shared core generation
- 	SUBTARGET=target_shared
- 	#    determine additional suffixes for libhttpd.so
--	V=1 R=3 P=37
-+	V=1 R=3 P=39
- 	if [ "x$SHLIB_SUFFIX_DEPTH" = "x0" ]; then
- 	    SHLIB_SUFFIX_LIST=""
- 	fi
---- src/include/httpd.h.orig	Mon Sep 10 09:25:22 2007
-+++ src/include/httpd.h	Mon Sep 10 09:25:24 2007
-@@ -419,7 +419,7 @@
- 
- #define SERVER_BASEVENDOR   "Apache Group"
- #define SERVER_BASEPRODUCT  "Apache"
--#define SERVER_BASEREVISION "1.3.37"
-+#define SERVER_BASEREVISION "1.3.39"
- #define SERVER_BASEVERSION  SERVER_BASEPRODUCT "/" SERVER_BASEREVISION
- 
- #define SERVER_PRODUCT  SERVER_BASEPRODUCT
-@@ -443,7 +443,7 @@
-  * Always increases along the same track as the source branch.
-  * For example, Apache 1.4.2 would be '10402100', 2.5b7 would be '20500007'.
-  */
--#define APACHE_RELEASE 10337100
-+#define APACHE_RELEASE 10339100
- 
- #define SERVER_PROTOCOL "HTTP/1.1"
- #ifndef SERVER_SUPPORT
---- src/main/NWGNUmakefile.mak.orig	Mon Oct 31 18:00:43 2005
-+++ src/main/NWGNUmakefile.mak	Mon Sep 10 09:25:24 2007
-@@ -39,10 +39,8 @@
- 			$(EOLIST)
- 
- ifdef MULTIPROC
--XLFLAGS		+= \
--		XDCData $(NWOS)\apache.xdc \
--		$(EOLIST)
--endif			
-+XDCDATA		= $(NWOS)\apache.xdc
-+endif
- 
- #
- # These values will be appended to the correct variables based on the value of
---- src/NWGNUmakefile.mak.orig	Mon Oct 31 18:00:43 2005
-+++ src/NWGNUmakefile.mak	Mon Sep 10 09:25:24 2007
-@@ -40,10 +40,8 @@
- 			$(EOLIST)
- 
- ifdef MULTIPROC
--XLFLAGS		+= \
--		XDCData $(NWOS)\apache.xdc \
--		$(EOLIST)
--endif			
-+XDCDATA		= $(NWOS)\apache.xdc
-+endif
- 
- #
- # These values will be appended to the correct variables based on the value of
---- src/main/http_main.c.orig	Mon Sep 10 09:25:22 2007
-+++ src/main/http_main.c	Mon Sep 10 09:28:31 2007
-@@ -357,9 +357,17 @@
- char tpf_mutex_key[TPF_MUTEX_KEY_SIZE];
- #endif /* TPF */
- 
-+/*
-+ * Shared memory scoreboard
-+ */
- scoreboard *ap_scoreboard_image = NULL;
- 
- /*
-+ * Parent process local storage of child pids
-+ */
-+static table *pid_table;
-+
-+/*
-  * Pieces for managing the contents of the Server response header
-  * field.
-  */
-@@ -375,6 +383,33 @@
- API_VAR_EXPORT int ap_change_shmem_uid = 0;
- 
- /*
-+ * Check the pid table to see if the actual pid exists
-+ */
-+
-+static int in_pid_table(int pid) {
-+    char apid[64];      /* WAY generous! */
-+    const char *spid;
-+    ap_snprintf(apid, sizeof(apid), "%d", pid);
-+    spid = ap_table_get(pid_table, apid);
-+    if (spid && spid[0] == '1' && spid[1] == '\0')
-+        return 1;
-+    else
-+        return 0;
-+}
-+
-+static void set_pid_table(int pid) {
-+    char apid[64];
-+    ap_snprintf(apid, sizeof(apid), "%d", pid);
-+    ap_table_set(pid_table, apid, "1");
-+}
-+
-+static void unset_pid_table(int pid) {
-+    char apid[64];
-+    ap_snprintf(apid, sizeof(apid), "%d", pid);
-+    ap_table_unset(pid_table, apid);
-+}
-+
-+/*
-  * This routine is called when the pconf pool is vacuumed.  It resets the
-  * server version string to a known value and [re]enables modifications
-  * (which are disabled by configuration completion). 
-@@ -2829,9 +2864,15 @@
- 	    if (pid == my_pid || pid == 0)
- 		continue;
- 
-+            if (!in_pid_table(pid)) {
-+                ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, server_conf,
-+                             "Bad pid (%d) in scoreboard slot %d", pid, i);
-+                continue;
-+            }
- 	    waitret = waitpid(pid, &status, WNOHANG);
- 	    if (waitret == pid || waitret == -1) {
- 		ap_scoreboard_image->parent[i].pid = 0;
-+                unset_pid_table(pid);
- 		continue;
- 	    }
- 	    ++not_dead_yet;
-@@ -2929,13 +2970,22 @@
- 
-     for (n = 0; n < max_daemons_limit; ++n) {
-         ap_sync_scoreboard_image();
--	if (ap_scoreboard_image->servers[n].status != SERVER_DEAD &&
--		kill((pid = ap_scoreboard_image->parent[n].pid), 0) == -1) {
--	    ap_update_child_status(n, SERVER_DEAD, NULL);
--	    /* just mark it as having a successful exit status */
--	    bzero((char *) status, sizeof(ap_wait_t));
--	    return(pid);
--	}
-+        pid = ap_scoreboard_image->parent[n].pid;
-+        if (ap_scoreboard_image->servers[n].status != SERVER_DEAD) {
-+            if (in_pid_table(pid)) {
-+                if (kill(pid, 0) == -1) {
-+                    ap_update_child_status(n, SERVER_DEAD, NULL);
-+                    /* just mark it as having a successful exit status */
-+                    bzero((char *) status, sizeof(ap_wait_t));
-+                    unset_pid_table(pid);       /* to be safe */
-+                    return(pid);
-+                }
-+            }
-+            else {
-+                ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, server_conf,
-+                            "Bad pid (%d) in scoreboard slot %d", pid, n);
-+            }
-+        }
-     }
-     return 0;
- }
-@@ -2958,15 +3008,21 @@
- #define MAXWAITOBJ MAXIMUM_WAIT_OBJECTS
-     HANDLE h[MAXWAITOBJ];
-     int e[MAXWAITOBJ];
--    int round, pi, hi, rv, err;
-+    int round, pi, hi, rv, err, pid;
-     for (round = 0; round <= (HARD_SERVER_LIMIT - 1) / MAXWAITOBJ + 1; round++) {
- 	hi = 0;
- 	for (pi = round * MAXWAITOBJ;
- 	     (pi < (round + 1) * MAXWAITOBJ) && (pi < HARD_SERVER_LIMIT);
- 	     pi++) {
- 	    if (ap_scoreboard_image->servers[pi].status != SERVER_DEAD) {
--		e[hi] = pi;
--		h[hi++] = (HANDLE) ap_scoreboard_image->parent[pi].pid;
-+                e[hi] = pi;
-+                pid = ap_scoreboard_image->parent[pi].pid;
-+                if (in_pid_table(pid))
-+                    h[hi++] = (HANDLE) pid;
-+                else {
-+                    ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, server_conf,
-+                                 "Bad pid (%d) in scoreboard slot %d", pid, pi);
-+                }
- 	    }
- 
- 	}
-@@ -4408,6 +4464,8 @@
-     ap_server_pre_read_config  = ap_make_array(pcommands, 1, sizeof(char *));
-     ap_server_post_read_config = ap_make_array(pcommands, 1, sizeof(char *));
-     ap_server_config_defines   = ap_make_array(pcommands, 1, sizeof(char *));
-+    ap_server_config_defines   = ap_make_array(pcommands, 1, sizeof(char *));
-+    pid_table                  = ap_make_table(pglobal, HARD_SERVER_LIMIT);
- 
- #ifdef EAPI
-     ap_hook_init();
-@@ -5081,6 +5139,7 @@
-     ap_scoreboard_image->parent[slot].last_rtime = now;
- #endif
-     ap_scoreboard_image->parent[slot].pid = pid;
-+    set_pid_table(pid);
- #ifdef SCOREBOARD_FILE
-     lseek(scoreboard_fd, XtOffsetOf(scoreboard, parent[slot]), 0);
-     force_write(scoreboard_fd, &ap_scoreboard_image->parent[slot],
-@@ -5143,6 +5202,7 @@
-     int i;
-     int to_kill;
-     int idle_count;
-+    int pid;
-     short_score *ss;
-     time_t now = time(NULL);
-     int free_length;
-@@ -5207,8 +5267,15 @@
- 		else if (ps->last_rtime + ss->timeout_len < now) {
- 		    /* no progress, and the timeout length has been exceeded */
- 		    ss->timeout_len = 0;
--		    kill(ps->pid, SIG_TIMEOUT_KILL);
--		}
-+                    pid = ps->pid;
-+                    if (in_pid_table(pid)) {
-+                        kill(pid, SIG_TIMEOUT_KILL);
-+                    }
-+                    else {
-+                        ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, server_conf,
-+                            "Bad pid (%d) in scoreboard slot %d", pid, i);
-+                    }
-+                }
- 	    }
- #endif
- 	}
-@@ -5220,11 +5287,18 @@
- 	 * while we were counting. Use the define SIG_IDLE_KILL to reflect
- 	 * which signal should be used on the specific OS.
- 	 */
--	kill(ap_scoreboard_image->parent[to_kill].pid, SIG_IDLE_KILL);
--	idle_spawn_rate = 1;
-+        pid = ap_scoreboard_image->parent[to_kill].pid;
-+        if (in_pid_table(pid)) {
-+            kill(pid, SIG_IDLE_KILL);
-+            idle_spawn_rate = 1;
- #ifdef TPF
--        ap_update_child_status(to_kill, SERVER_DEAD, (request_rec *)NULL);
-+            ap_update_child_status(to_kill, SERVER_DEAD, (request_rec *)NULL);
- #endif
-+        }
-+        else {
-+            ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, server_conf,
-+                         "Bad pid (%d) in scoreboard slot %d", pid, to_kill);
-+        }
-     }
-     else if (idle_count < ap_daemons_min_free) {
- 	/* terminate the free list */
-@@ -5471,6 +5545,7 @@
-             }
- #endif
- 	    if (pid >= 0) {
-+		unset_pid_table(pid);
- 		process_child_status(pid, status);
- 		/* non-fatal death... note that it's gone in the scoreboard. */
- 		ap_sync_scoreboard_image();
-@@ -5796,7 +5871,7 @@
-     if (!tpf_child) {
-         memcpy(tpf_server_name, input_parms.parent.servname,
-                INETD_SERVNAME_LENGTH);
--        tpf_server_name[INETD_SERVNAME_LENGTH + 1] = '\0';
-+        tpf_server_name[INETD_SERVNAME_LENGTH] = '\0';
-         sprintf(tpf_mutex_key, "%.*x", (int) TPF_MUTEX_KEY_SIZE - 1, getpid());
-         tpf_parent_pid = getppid();
-         ap_open_logs(server_conf, plog);
---- src/modules/standard/mod_status.c.orig	Mon Sep 10 09:25:24 2007
-+++ src/modules/standard/mod_status.c	Mon Sep 10 09:25:24 2007
-@@ -221,7 +221,7 @@
-     if (r->method_number != M_GET)
- 	return DECLINED;
- 
--    r->content_type = "text/html";
-+    r->content_type = "text/html; charset=ISO-8859-1";
- 
-     /*
-      * Simple table-driven form data set parser that lets you alter the header
-@@ -247,7 +247,7 @@
- 		    no_table_report = 1;
- 		    break;
- 		case STAT_OPT_AUTO:
--		    r->content_type = "text/plain";
-+		    r->content_type = "text/plain; charset=ISO-8859-1";
- 		    short_report = 1;
- 		    break;
- 		}
-@@ -591,7 +591,8 @@
- 			ap_rputs(")\n", r);
- 			ap_rprintf(r, " <i>%s {%s}</i> <b>[%s]</b><br>\n\n",
- 			    ap_escape_html(r->pool, score_record.client),
--			    ap_escape_html(r->pool, score_record.request),
-+			    ap_escape_html(r->pool,
-+                                           ap_escape_logitem(r->pool, score_record.request)),
- 			    vhost ? ap_escape_html(r->pool, 
- 				vhost->server_hostname) : "(unavailable)");
- 		    }
diff --git a/www/apache13-modssl/files/patch-Configure b/www/apache13-modssl/files/patch-Configure
index 3ff19d74763..3fb094b110a 100644
--- a/www/apache13-modssl/files/patch-Configure
+++ b/www/apache13-modssl/files/patch-Configure
@@ -1,5 +1,14 @@
---- src/Configure.orig	Thu May 31 12:16:27 2007
-+++ src/Configure	Thu May 31 12:20:30 2007
+--- src/Configure.orig	Sun Sep 16 21:36:49 2007
++++ src/Configure	Sun Sep 16 21:36:51 2007
+@@ -457,7 +457,7 @@
+     	PLATOSVERS=`echo $PLAT | sed 's/^.*freebsd//'`
+ 	OS="FreeBSD $PLATOSVERS"
+ 	case "$PLATOSVERS" in
+-	    [23456]*)
++	    [2-9]*)
+ 		DEF_WANTHSREGEX=no
+ 		CFLAGS="$CFLAGS -funsigned-char"
+ 		;;
 @@ -968,8 +968,8 @@
  
  for uppercase in "tr [a-z] [A-Z]" "tr [:lower:] [:upper:]" "sed y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/"
@@ -11,3 +20,12 @@
    esac
  done
  echo " + using \"$uppercase\" to uppercase"
+@@ -1080,7 +1080,7 @@
+ 	    ;;
+ 	*-freebsd[3-9]*)
+ 		LD_SHLIB="gcc"
+-	    CFLAGS_SHLIB="-fpic"
++	    CFLAGS_SHLIB="-fPIC"
+ 	    LDFLAGS_SHLIB="-shared"
+ 	    LDFLAGS_MOD_SHLIB=$LDFLAGS_SHLIB
+ 	    OBJFORMAT=`test -x /usr/bin/objformat && /usr/bin/objformat || echo aout` 
diff --git a/www/apache13-modssl/files/patch-ai b/www/apache13-modssl/files/patch-ai
deleted file mode 100644
index 97185fa3d9a..00000000000
--- a/www/apache13-modssl/files/patch-ai
+++ /dev/null
@@ -1,11 +0,0 @@
---- src/Configure.orig	Sat Dec  7 17:30:28 2002
-+++ src/Configure	Sat Dec  7 17:29:43 2002
-@@ -1112,7 +1112,7 @@
- 	    ;;
- 	*-freebsd[3-9]*)
- 		LD_SHLIB="gcc"
--	    CFLAGS_SHLIB="-fpic"
-+	    CFLAGS_SHLIB="-fPIC"
- 	    LDFLAGS_SHLIB="-shared"
- 	    LDFLAGS_MOD_SHLIB=$LDFLAGS_SHLIB
- 	    OBJFORMAT=`test -x /usr/bin/objformat && /usr/bin/objformat || echo aout` 
diff --git a/www/apache13-modssl/pkg-plist b/www/apache13-modssl/pkg-plist
index 5d3f19a46b3..421006a0b1a 100644
--- a/www/apache13-modssl/pkg-plist
+++ b/www/apache13-modssl/pkg-plist
@@ -512,6 +512,7 @@ www/data-dist/index.html.zh-tw.big5
 www/cgi-bin-dist/printenv
 www/cgi-bin-dist/test-cgi
 www/icons/README
+www/icons/README.html
 www/icons/a.gif
 www/icons/alert.black.gif
 www/icons/alert.red.gif
@@ -575,7 +576,6 @@ www/icons/right.gif
 www/icons/screw1.gif
 www/icons/screw2.gif
 www/icons/script.gif
-www/icons/small/README.txt
 www/icons/small/back.gif
 www/icons/small/binary.gif
 www/icons/small/binhex.gif
author	dinoex <dinoex@FreeBSD.org>	2007-09-17 04:05:49 +0800
committer	dinoex <dinoex@FreeBSD.org>	2007-09-17 04:05:49 +0800
commit	f83dfb899ac51e3f69c16eb7a4c9b0976469162f (patch)
tree	a59a710ac4b1d3eb77b0e11f0916358ce7e5d4ca /www
parent	4aa1a0a5519256ea952aec5da4538aaf751674ef (diff)
download	freebsd-ports-graphics-f83dfb899ac51e3f69c16eb7a4c9b0976469162f.tar.gz freebsd-ports-graphics-f83dfb899ac51e3f69c16eb7a4c9b0976469162f.tar.zst freebsd-ports-graphics-f83dfb899ac51e3f69c16eb7a4c9b0976469162f.zip