]> git.pld-linux.org Git - packages/apache.git/blobdiff - apache-bug-39653.patch
projects / packages / apache.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
up to 2.2.32 (released 2017-01-13); CVE-2016-8743, CVE-2016-5387
[packages/apache.git] / apache-bug-39653.patch
diff --git a/apache-bug-39653.patch b/apache-bug-39653.patch
index b3aad6bb8ffd9565b3c56baeefa8f2a2c51fff71..dd8ca1e59e52d6db4930d9ebc32617d67a02075e 100644 (file)
--- a/apache-bug-39653.patch
+++ b/apache-bug-39653.patch
@@ -1,21 +1,7 @@
-commit baf08a26b4e3f40491ae9459ef80a7460194c064
-Author: jorton <jorton@13f79535-47bb-0310-9956-ffa450edef68>
-Date:   Fri Dec 12 16:08:16 2008 +0000
-
-    * server/mpm_common.c (dummy_connection): If possible, use a non-SSL
-      listening port to use for the dummy connection, to avoid causing
-      (confusing) error log spam by sending EOF down an SSL port.
-    
-    PR: 39653
-    
-    
-    git-svn-id: http://svn.apache.org/repos/asf/httpd/httpd/trunk@726065 13f79535-47bb-0310-9956-ffa450edef68
-
-diff --git a/server/mpm_common.c b/server/mpm_common.c
-index f5941f5..72b0e66 100644
---- a/server/mpm_common.c
-+++ b/server/mpm_common.c
-@@ -657,6 +657,7 @@ static apr_status_t dummy_connection(ap_pod_t *pod)
+diff -urp httpd-2.2.24.org/server/mpm_common.c httpd-2.2.24/server/mpm_common.c
+--- httpd-2.2.24.org/server/mpm_common.c       2013-02-16 23:51:16.000000000 +0100
++++ httpd-2.2.24/server/mpm_common.c   2013-04-10 21:25:06.322056566 +0200
+@@ -648,6 +648,7 @@ static apr_status_t dummy_connection(ap_
      apr_socket_t *sock;
      apr_pool_t *p;
      apr_size_t len;
@@ -23,7 +9,7 @@ index f5941f5..72b0e66 100644
  
      /* create a temporary pool for the socket.  pconf stays around too long */
      rv = apr_pool_create(&p, pod->p);
-@@ -664,8 +665,19 @@ static apr_status_t dummy_connection(ap_pod_t *pod)
+@@ -655,8 +656,19 @@ static apr_status_t dummy_connection(ap_
          return rv;
      }
  
@@ -45,7 +31,7 @@ index f5941f5..72b0e66 100644
      if (rv != APR_SUCCESS) {
          ap_log_error(APLOG_MARK, APLOG_WARNING, rv, ap_server_conf,
                       "get socket to connect to listener");
-@@ -688,7 +700,7 @@ static apr_status_t dummy_connection(ap_pod_t *pod)
+@@ -679,7 +691,7 @@ static apr_status_t dummy_connection(ap_
          return rv;
      }
  
@@ -54,7 +40,7 @@ index f5941f5..72b0e66 100644
      if (rv != APR_SUCCESS) {
          int log_level = APLOG_WARNING;
  
-@@ -704,7 +704,7 @@ static apr_status_t dummy_connection(ap_
+@@ -692,12 +704,12 @@ static apr_status_t dummy_connection(ap_
          }
  
          ap_log_error(APLOG_MARK, log_level, rv, ap_server_conf,
@@ -63,4 +49,9 @@ index f5941f5..72b0e66 100644
          apr_pool_destroy(p);
          return rv;
      }
-
+-    if (ap_listeners->protocol && strcasecmp(ap_listeners->protocol, "https") == 0) {
++    if (lp->protocol && strcasecmp(lp->protocol, "https") == 0) {
+         /* Send a TLS 1.0 close_notify alert.  This is perhaps the
+          * "least wrong" way to open and cleanly terminate an SSL
+          * connection.  It should "work" without noisy error logs if
The most widely used Web server on the Internet
This page took 0.072879 seconds and 4 git commands to generate.