Wed May 21 13:01:02 2008 UTC ()
Pullup ticket 2391 - requested by joerg
Security fix for lighttpd
Revisions pulled up:
- www/lighttpd/Makefile 1.21
- www/lighttpd/distinfo 1.14
- www/lighttpd/patches/patch-aa 1.9
- www/lighttpd/patches/patch-ac 1.5
Module Name: pkgsrc
Committed By: joerg
Date: Fri Apr 25 19:58:17 UTC 2008
Modified Files:
pkgsrc/www/lighttpd: distinfo
Added Files:
pkgsrc/www/lighttpd/patches: patch-aa patch-ac
Log Message:
Fix a potential DOS when using SSL. Bump revision.
---
Module Name: pkgsrc
Committed By: joerg
Date: Tue May 20 14:22:50 UTC 2008
Modified Files:
pkgsrc/www/lighttpd: Makefile
Log Message:
Belatedly bump revision for CVE-2008-1531 fix.
(tron)
diff -r1.20 -r1.20.2.1 pkgsrc/www/lighttpd/Makefile
diff -r1.13 -r1.13.2.1 pkgsrc/www/lighttpd/distinfo
diff -r0 -r1.8.2.1 pkgsrc/www/lighttpd/patches/patch-aa
diff -r0 -r1.4.2.1 pkgsrc/www/lighttpd/patches/patch-ac
--- pkgsrc/www/lighttpd/Makefile 2008/03/15 10:53:50 1.20
+++ pkgsrc/www/lighttpd/Makefile 2008/05/21 13:01:02 1.20.2.1
| @@ -1,16 +1,17 @@ | | | @@ -1,16 +1,17 @@ |
1 | # $NetBSD: Makefile,v 1.20 2008/03/15 10:53:50 joerg Exp $ | | 1 | # $NetBSD: Makefile,v 1.20.2.1 2008/05/21 13:01:02 tron Exp $ |
2 | | | 2 | |
3 | DISTNAME= lighttpd-1.4.19 | | 3 | DISTNAME= lighttpd-1.4.19 |
| | | 4 | PKGREVISION= 1 |
4 | CATEGORIES= www | | 5 | CATEGORIES= www |
5 | MASTER_SITES= http://www.lighttpd.net/download/ | | 6 | MASTER_SITES= http://www.lighttpd.net/download/ |
6 | | | 7 | |
7 | MAINTAINER= joerg@NetBSD.org | | 8 | MAINTAINER= joerg@NetBSD.org |
8 | HOMEPAGE= http://www.lighttpd.net/ | | 9 | HOMEPAGE= http://www.lighttpd.net/ |
9 | COMMENT= Fast, light-footprint HTTP server | | 10 | COMMENT= Fast, light-footprint HTTP server |
10 | | | 11 | |
11 | PKG_DESTDIR_SUPPORT= user-destdir | | 12 | PKG_DESTDIR_SUPPORT= user-destdir |
12 | | | 13 | |
13 | USE_LIBTOOL= yes | | 14 | USE_LIBTOOL= yes |
14 | SHLIBTOOL_OVERRIDE= # empty | | 15 | SHLIBTOOL_OVERRIDE= # empty |
15 | | | 16 | |
16 | GNU_CONFIGURE= yes | | 17 | GNU_CONFIGURE= yes |
--- pkgsrc/www/lighttpd/distinfo 2008/03/15 10:53:50 1.13
+++ pkgsrc/www/lighttpd/distinfo 2008/05/21 13:01:02 1.13.2.1
| @@ -1,6 +1,8 @@ | | | @@ -1,6 +1,8 @@ |
1 | $NetBSD: distinfo,v 1.13 2008/03/15 10:53:50 joerg Exp $ | | 1 | $NetBSD: distinfo,v 1.13.2.1 2008/05/21 13:01:02 tron Exp $ |
2 | | | 2 | |
3 | SHA1 (lighttpd-1.4.19.tar.gz) = 79e2d61dd9017c3c50c0fe98b2289cae5c1255ee | | 3 | SHA1 (lighttpd-1.4.19.tar.gz) = 79e2d61dd9017c3c50c0fe98b2289cae5c1255ee |
4 | RMD160 (lighttpd-1.4.19.tar.gz) = 7dbe2a22051e18f4037b48ee4811e2c9738d20cf | | 4 | RMD160 (lighttpd-1.4.19.tar.gz) = 7dbe2a22051e18f4037b48ee4811e2c9738d20cf |
5 | Size (lighttpd-1.4.19.tar.gz) = 815568 bytes | | 5 | Size (lighttpd-1.4.19.tar.gz) = 815568 bytes |
| | | 6 | SHA1 (patch-aa) = 4e3a6bf761bc0e0b8b2ff75fbec739d2cad145ab |
6 | SHA1 (patch-ab) = b02003db1b2ac978846eb0f7be178b91f59fc176 | | 7 | SHA1 (patch-ab) = b02003db1b2ac978846eb0f7be178b91f59fc176 |
| | | 8 | SHA1 (patch-ac) = eca334f430362b2095727e28b9cc15f757fd440d |
$NetBSD: patch-aa,v 1.8.2.1 2008/05/21 13:01:02 tron Exp $
From SVN: Fix potential DOS by clearing SSL error queue.
--- src/connections.c.orig 2008-04-25 18:28:26.000000000 +0200
+++ src/connections.c
@@ -199,6 +199,7 @@ static int connection_handle_read_ssl(se
/* don't resize the buffer if we were in SSL_ERROR_WANT_* */
+ ERR_clear_error();
do {
if (!con->ssl_error_want_reuse_buffer) {
b = buffer_init();
@@ -1668,19 +1669,47 @@ int connection_state_machine(server *srv
}
#ifdef USE_OPENSSL
if (srv_sock->is_ssl) {
- int ret;
+ int ret, ssl_r;
+ unsigned long err;
+ ERR_clear_error();
switch ((ret = SSL_shutdown(con->ssl))) {
case 1:
/* ok */
break;
case 0:
- SSL_shutdown(con->ssl);
- break;
+ ERR_clear_error();
+ if (-1 != (ret = SSL_shutdown(con->ssl))) break;
+
+ // fall through
default:
- log_error_write(srv, __FILE__, __LINE__, "sds", "SSL:",
- SSL_get_error(con->ssl, ret),
- ERR_error_string(ERR_get_error(), NULL));
- return -1;
+
+ switch ((ssl_r = SSL_get_error(con->ssl, ret))) {
+ case SSL_ERROR_WANT_WRITE:
+ case SSL_ERROR_WANT_READ:
+ break;
+ case SSL_ERROR_SYSCALL:
+ /* perhaps we have error waiting in our error-queue */
+ if (0 != (err = ERR_get_error())) {
+ do {
+ log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
+ ssl_r, ret,
+ ERR_error_string(err, NULL));
+ } while ((err = ERR_get_error()));
+ } else {
+ log_error_write(srv, __FILE__, __LINE__, "sddds", "SSL (error):",
+ ssl_r, r, errno,
+ strerror(errno));
+ }
+ break;
+
+ default:
+ while ((err = ERR_get_error())) {
+ log_error_write(srv, __FILE__, __LINE__, "sdds", "SSL:",
+ ssl_r, ret,
+ ERR_error_string(err, NULL));
+ }
+ break;
+ }
}
}
#endif
$NetBSD: patch-ac,v 1.4.2.1 2008/05/21 13:01:02 tron Exp $
From SVN: Fix potential DOS by clearing SSL error queue.
--- src/network_openssl.c.orig 2008-04-25 18:29:42.000000000 +0200
+++ src/network_openssl.c
@@ -85,6 +85,7 @@ int network_write_chunkqueue_openssl(ser
*
*/
+ ERR_clear_error();
if ((r = SSL_write(ssl, offset, toSend)) <= 0) {
unsigned long err;
@@ -187,6 +188,7 @@ int network_write_chunkqueue_openssl(ser
close(ifd);
+ ERR_clear_error();
if ((r = SSL_write(ssl, s, toSend)) <= 0) {
unsigned long err;