head 1.4; access; symbols pkgsrc-2014Q1:1.3.0.34 pkgsrc-2014Q1-base:1.3 pkgsrc-2013Q4:1.3.0.32 pkgsrc-2013Q4-base:1.3 pkgsrc-2013Q3:1.3.0.30 pkgsrc-2013Q3-base:1.3 pkgsrc-2013Q2:1.3.0.28 pkgsrc-2013Q2-base:1.3 pkgsrc-2013Q1:1.3.0.26 pkgsrc-2013Q1-base:1.3 pkgsrc-2012Q4:1.3.0.24 pkgsrc-2012Q4-base:1.3 pkgsrc-2012Q3:1.3.0.22 pkgsrc-2012Q3-base:1.3 pkgsrc-2012Q2:1.3.0.20 pkgsrc-2012Q2-base:1.3 pkgsrc-2012Q1:1.3.0.18 pkgsrc-2012Q1-base:1.3 pkgsrc-2011Q4:1.3.0.16 pkgsrc-2011Q4-base:1.3 pkgsrc-2011Q3:1.3.0.14 pkgsrc-2011Q3-base:1.3 pkgsrc-2011Q2:1.3.0.12 pkgsrc-2011Q2-base:1.3 pkgsrc-2011Q1:1.3.0.10 pkgsrc-2011Q1-base:1.3 pkgsrc-2010Q4:1.3.0.8 pkgsrc-2010Q4-base:1.3 pkgsrc-2010Q3:1.3.0.6 pkgsrc-2010Q3-base:1.3 pkgsrc-2010Q2:1.3.0.4 pkgsrc-2010Q2-base:1.3 pkgsrc-2010Q1:1.3.0.2 pkgsrc-2010Q1-base:1.3 pkgsrc-2009Q4:1.2.0.32 pkgsrc-2009Q4-base:1.2 pkgsrc-2008Q4:1.2.0.30 pkgsrc-2008Q4-base:1.2 pkgsrc-2008Q3:1.2.0.28 pkgsrc-2008Q3-base:1.2 cube-native-xorg:1.2.0.26 cube-native-xorg-base:1.2 pkgsrc-2008Q2:1.2.0.24 pkgsrc-2008Q2-base:1.2 pkgsrc-2008Q1:1.2.0.22 pkgsrc-2008Q1-base:1.2 pkgsrc-2007Q4:1.2.0.20 pkgsrc-2007Q4-base:1.2 pkgsrc-2007Q3:1.2.0.18 pkgsrc-2007Q3-base:1.2 pkgsrc-2007Q2:1.2.0.16 pkgsrc-2007Q2-base:1.2 pkgsrc-2007Q1:1.2.0.14 pkgsrc-2007Q1-base:1.2 pkgsrc-2006Q4:1.2.0.12 pkgsrc-2006Q4-base:1.2 pkgsrc-2006Q3:1.2.0.10 pkgsrc-2006Q3-base:1.2 pkgsrc-2006Q2:1.2.0.8 pkgsrc-2006Q2-base:1.2 pkgsrc-2006Q1:1.2.0.6 pkgsrc-2006Q1-base:1.2 pkgsrc-2005Q4:1.2.0.4 pkgsrc-2005Q4-base:1.2 pkgsrc-2005Q3:1.2.0.2 pkgsrc-2005Q3-base:1.2 pkgsrc-2005Q2:1.1.0.16 pkgsrc-2005Q2-base:1.1 pkgsrc-2005Q1:1.1.0.14 pkgsrc-2005Q1-base:1.1 pkgsrc-2004Q4:1.1.0.12 pkgsrc-2004Q4-base:1.1 pkgsrc-2004Q3:1.1.0.10 pkgsrc-2004Q3-base:1.1 pkgsrc-2004Q2:1.1.0.8 pkgsrc-2004Q2-base:1.1 pkgsrc-2004Q1:1.1.0.6 pkgsrc-2004Q1-base:1.1 pkgsrc-2003Q4:1.1.0.4 pkgsrc-2003Q4-base:1.1 netbsd-1-6-1:1.1.0.2; locks; strict; comment @# @; 1.4 date 2014.06.10.15.22.16; author joerg; state dead; branches; next 1.3; commitid djgMkPoOrhNxnZDx; 1.3 date 2010.02.10.03.55.18; author dholland; state Exp; branches; next 1.2; 1.2 date 2005.07.14.04.04.58; author wiz; state dead; branches 1.2.32.1; next 1.1; 1.1 date 2003.04.10.08.36.42; author wiz; state Exp; branches 1.1.2.1; next ; 1.2.32.1 date 2010.02.10.20.37.32; author spz; state Exp; branches; next ; 1.1.2.1 date 2003.04.10.08.36.42; author grant; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2003.08.05.11.54.59; author grant; state Exp; branches; next ; desc @@ 1.4 log @Retire Apache 1.3 and 2.0. @ text @$NetBSD: patch-ac,v 1.3 2010/02/10 03:55:18 dholland Exp $ Hack this brutally to accept the security-fixed apache 1.3 from 2/2010. The differences from 1.3.41 to 1.3.42 are minimal. --- pkg.sslmod/libssl.version~ 2008-02-08 06:18:01.000000000 -0500 +++ pkg.sslmod/libssl.version 2010-02-09 05:29:19.000000000 -0500 @@@@ -1 +1 @@@@ -mod_ssl/2.8.31-1.3.41 +mod_ssl/2.8.31-1.3.42 @ 1.3 log @Hack this to build against Apache 1.3.42. As 1.3.42 doesn't change anything significant in the internals, all this requires is patching the accepted version and bumping BUILDLINK_API_DEPENDS. PKGREVISION++. @ text @d1 1 a1 1 $NetBSD$ @ 1.2 log @Update to 2.8.23: Changes with mod_ssl 2.8.23 (30-Oct-2004 to 06-Jul-2005) *) Ported to OpenSSL 0.9.8 *) Fixed connection timeout handling by calling the EAPI connection close hook after (and not before) the B_OUT flag was set on the underlying I/O buffer in order to prevent attempted buffer flushes from blocking the connection. *) Updated the ca-bundle.crt file from Mozilla's "certdata.txt" (CVS revision 1.37). *) Fix timeout handling in POST request processing by resetting timeouts. *) Fixed double-definition of OPENSSL_free under OpenSSL 0.9.6 by fixing the version test in ssl_util_ssl.h *) Adjusted all copyright messages to contain the new year 2005 ;) @ text @d1 1 a1 1 $NetBSD: patch-ac,v 1.1 2003/04/10 08:36:42 wiz Exp $ d3 8 a10 11 --- pkg.sslmod/ssl_util_ssl.h.orig Thu Oct 24 09:08:11 2002 +++ pkg.sslmod/ssl_util_ssl.h @@@@ -86,7 +86,7 @@@@ /* * Backward compatibility. */ -#if SSL_LIBRARY_VERSION < 0x00906100 +#ifndef OPENSSL_free #define OPENSSL_free free #endif @ 1.2.32.1 log @Pullup ticket 2996 - requested by dholland security update Revisions pulled up: - pkgsrc/www/apache/Makefile 1.199 - pkgsrc/www/apache/distinfo 1.60 - pkgsrc/www/ap-ssl/Makefile 1.109 - pkgsrc/www/ap-ssl/distinfo 1.35 Files added: pkgsrc/www/ap-ssl/patches/patch-ac ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: dholland Date: Tue Feb 9 07:22:06 UTC 2010 Modified Files: pkgsrc/www/apache: Makefile distinfo Log Message: Update to 1.3.42, fixing CVE-2010-0010. Note: this package is now EOL upstream. The next security bug probably won't get patched, so if you're still using this, it's time to migrate to 2.x. To generate a diff of this commit: cvs rdiff -u -r1.198 -r1.199 pkgsrc/www/apache/Makefile cvs rdiff -u -r1.59 -r1.60 pkgsrc/www/apache/distinfo ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: dholland Date: Wed Feb 10 03:55:18 UTC 2010 Modified Files: pkgsrc/www/ap-ssl: Makefile distinfo Added Files: pkgsrc/www/ap-ssl/patches: patch-ac Log Message: Hack this to build against Apache 1.3.42. As 1.3.42 doesn't change anything significant in the internals, all this requires is patching the accepted version and bumping BUILDLINK_API_DEPENDS. PKGREVISION++. To generate a diff of this commit: cvs rdiff -u -r1.108 -r1.109 pkgsrc/www/ap-ssl/Makefile cvs rdiff -u -r1.34 -r1.35 pkgsrc/www/ap-ssl/distinfo cvs rdiff -u -r0 -r1.3 pkgsrc/www/ap-ssl/patches/patch-ac @ text @d1 1 a1 1 $NetBSD: patch-ac,v 1.3 2010/02/10 03:55:18 dholland Exp $ d3 11 a13 8 Hack this brutally to accept the security-fixed apache 1.3 from 2/2010. The differences from 1.3.41 to 1.3.42 are minimal. --- pkg.sslmod/libssl.version~ 2008-02-08 06:18:01.000000000 -0500 +++ pkg.sslmod/libssl.version 2010-02-09 05:29:19.000000000 -0500 @@@@ -1 +1 @@@@ -mod_ssl/2.8.31-1.3.41 +mod_ssl/2.8.31-1.3.42 @ 1.1 log @Update to 2.8.14: Changes with mod_ssl 2.8.14 (18-Mar-2002 to 21-Mar-2003) *) Fixed logic in the destruction of a temporary certificate structure and this way avoid a crash due to freeing NULL object. *) Removed one newly introduced X509_free() call in the context of SSL_get_certificate(), because this function does not increment a reference count (although SSL_get_peer_certificate() does). *) Fixed hash-table based shared memory session cache (shmht) implementation by making sure that the underlying hash table library does not crash if memory cannot be allocated. Changes with mod_ssl 2.8.13 (23-Oct-2002 to 18-Mar-2003) *) Always enforce RSA blinding on RSA private keys in order to be resistent to timing attacks. *) Added timeout also to the "pre-sucking" of the trailing data in POST request handling. *) Correctly shutdown shared memory pools on fork+exec situations. *) Bugfix SSL client certificate verification: OpenSSL was not informed with SSL_set_verify_result(ssl, X509_V_OK) in case mod_ssl forced the verification to be ok. *) Consistently use OPENSSL_free() instead of plain free() to deallocate memory chunks allocated inside OpenSSL. *) Fixed various memory leaks related to X509 certificates. New patch-ac sent to maintainer. @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-ac was added on branch netbsd-1-6-1 on 2003-08-05 11:54:59 +0000 @ text @d1 13 @ 1.1.2.2 log @Create new file from rev 1.1 (requested by tron in ticket #1381): Update to 2.8.14. @ text @a0 13 $NetBSD: patch-ac,v 1.1.2.1 2003/08/05 11:54:59 grant Exp $ --- pkg.sslmod/ssl_util_ssl.h.orig Thu Oct 24 09:08:11 2002 +++ pkg.sslmod/ssl_util_ssl.h @@@@ -86,7 +86,7 @@@@ /* * Backward compatibility. */ -#if SSL_LIBRARY_VERSION < 0x00906100 +#ifndef OPENSSL_free #define OPENSSL_free free #endif @