You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rp...@apache.org on 2007/12/15 09:42:13 UTC
svn commit: r604403 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS
modules/ssl/ssl_expr_eval.c
Author: rpluem
Date: Sat Dec 15 00:42:11 2007
New Revision: 604403
URL: http://svn.apache.org/viewvc?rev=604403&view=rev
Log:
* Correctly terminate string in SSL client certificate extensions
parsing by ensuring that it always has a \0 at the end.
PR: PR 44073
Submitted by: yl <yl bee-ware.net>
Reviewed by: rpluem, jorton, trawick
Modified:
httpd/httpd/branches/2.2.x/CHANGES
httpd/httpd/branches/2.2.x/STATUS
httpd/httpd/branches/2.2.x/modules/ssl/ssl_expr_eval.c
Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=604403&r1=604402&r2=604403&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Sat Dec 15 00:42:11 2007
@@ -9,6 +9,9 @@
This has no security impact since the browser cannot be tricked
into sending arbitrary method strings. [Jeff Trawick]
+ *) mod_ssl: Fix SSL client certificate extensions parsing bug. PR 44073.
+ [yl <yl bee-ware.net>]
+
*) mod_proxy_ajp: Use 64K as maximum AJP packet size. This is the maximum
length we can squeeze inside the AJP message packet.
[Mladen Turk]
Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=604403&r1=604402&r2=604403&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Sat Dec 15 00:42:11 2007
@@ -79,18 +79,6 @@
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * mod_ssl: Correctly terminate string in SSL client certificate extensions
- parsing by ensuring that it always has a \0 at the end.
- PR: 44073
- Trunk version of patch:
- Trunk changed in http://svn.apache.org/viewvc?view=rev&revision=289444
- in a way that IMHO is not backportable (due to the changes done in
- mod_ssl.h).
- Backport version for 2.2.x of patch:
- http://people.apache.org/~rpluem/patches/foreign_patches/44073_2.2.x.diff
- +1: rpluem, jorton, trawick
- jorton: s/pstrndup/pstrmemdup/ would be better but it works either way
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
Modified: httpd/httpd/branches/2.2.x/modules/ssl/ssl_expr_eval.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/ssl/ssl_expr_eval.c?rev=604403&r1=604402&r2=604403&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/ssl/ssl_expr_eval.c (original)
+++ httpd/httpd/branches/2.2.x/modules/ssl/ssl_expr_eval.c Sat Dec 15 00:42:11 2007
@@ -239,7 +239,7 @@
BIO_get_mem_ptr(bio, &buf);
- *new = apr_pstrdup(r->pool, buf->data);
+ *new = apr_pstrmemdup(r->pool, buf->data, buf->length);
}
BIO_vfree(bio);