MFH: r473774
www/h2o: update 2.2.4 to 2.2.5 - fix buffer overflow CVE-2018-0608 #1775 (Frederik Deweerdt) - LibreSSL and PicoTLS changes - see https://github.com/h2o/h2o/blob/master/Changes PR: 228762 Submitted by: Max Kostikov <max@kostikov.co> Approved by: jrm Security: CVE-2018-0608 Approved by: ports-secteam
This commit is contained in:
parent
f6a64d4c67
commit
83e173361f
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/branches/2018Q3/; revision=473921
|
@ -3,8 +3,7 @@
|
|||
|
||||
PORTNAME= h2o
|
||||
DISTVERSIONPREFIX= v
|
||||
DISTVERSION= 2.2.4
|
||||
PORTREVISION= 1
|
||||
DISTVERSION= 2.2.5
|
||||
CATEGORIES= www
|
||||
|
||||
MAINTAINER= dch@FreeBSD.org
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
TIMESTAMP = 1513347798
|
||||
SHA256 (h2o-h2o-v2.2.4_GH0.tar.gz) = ebacf3b15f40958c950e18e79ad5a647f61e989c6dbfdeea858ce943ef5e3cd8
|
||||
SIZE (h2o-h2o-v2.2.4_GH0.tar.gz) = 16212596
|
||||
TIMESTAMP = 1529785115
|
||||
SHA256 (h2o-h2o-v2.2.5_GH0.tar.gz) = eafb40aa2d93b3de1af472bb046c17b2335c3e5a894462310e1822e126c97d24
|
||||
SIZE (h2o-h2o-v2.2.5_GH0.tar.gz) = 16257295
|
||||
|
|
|
@ -1,55 +0,0 @@
|
|||
https://github.com/h2o/h2o/issues/1706
|
||||
|
||||
--- include/h2o/openssl_backport.h.orig 2017-12-15 03:08:00 UTC
|
||||
+++ include/h2o/openssl_backport.h
|
||||
@@ -25,7 +25,7 @@
|
||||
#include <stdlib.h>
|
||||
|
||||
/* backports for OpenSSL 1.0.2 */
|
||||
-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
|
||||
|
||||
#define BIO_get_data(bio) ((bio)->ptr)
|
||||
#define BIO_set_data(bio, p) ((bio)->ptr = (p))
|
||||
@@ -57,7 +57,7 @@ static inline BIO_METHOD *BIO_meth_new(i
|
||||
#endif
|
||||
|
||||
/* backports for OpenSSL 1.0.1 and LibreSSL */
|
||||
-#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
|
||||
+#if OPENSSL_VERSION_NUMBER < 0x10002000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000fL)
|
||||
|
||||
#define SSL_is_server(ssl) ((ssl)->server)
|
||||
|
||||
--- deps/neverbleed/neverbleed.c.orig 2017-12-15 03:08:00 UTC
|
||||
+++ deps/neverbleed/neverbleed.c
|
||||
@@ -547,7 +547,7 @@ static int sign_stub(struct expbuf_t *bu
|
||||
return 0;
|
||||
}
|
||||
|
||||
-#if !OPENSSL_1_1_API
|
||||
+#if !OPENSSL_1_1_API && (!defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL)
|
||||
|
||||
static void RSA_get0_key(const RSA *rsa, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
|
||||
{
|
||||
--- deps/picotls/lib/openssl.c.orig 2017-12-15 03:08:00 UTC
|
||||
+++ deps/picotls/lib/openssl.c
|
||||
@@ -35,13 +35,16 @@
|
||||
#include "picotls.h"
|
||||
#include "picotls/openssl.h"
|
||||
|
||||
-#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER))
|
||||
-#define OPENSSL_1_0_API 1
|
||||
+#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
|
||||
+#define OPENSSL_1_1_API 1
|
||||
+#elif defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x2070000fL
|
||||
+#define OPENSSL_1_1_API 1
|
||||
#else
|
||||
#define OPENSSL_1_0_API 0
|
||||
+#define OPENSSL_1_1_API 0
|
||||
#endif
|
||||
|
||||
-#if OPENSSL_1_0_API
|
||||
+#if !OPENSSL_1_1_API
|
||||
|
||||
#define EVP_PKEY_up_ref(p) CRYPTO_add(&(p)->references, 1, CRYPTO_LOCK_EVP_PKEY)
|
||||
#define X509_STORE_up_ref(p) CRYPTO_add(&(p)->references, 1, CRYPTO_LOCK_X509_STORE)
|
|
@ -34,10 +34,10 @@ include/h2o/version.h
|
|||
include/h2o/websocket.h
|
||||
lib/libh2o-evloop.so
|
||||
lib/libh2o-evloop.so.0.13
|
||||
lib/libh2o-evloop.so.0.13.4
|
||||
lib/libh2o-evloop.so.0.13.5
|
||||
lib/libh2o.so
|
||||
lib/libh2o.so.0.13
|
||||
lib/libh2o.so.0.13.4
|
||||
lib/libh2o.so.0.13.5
|
||||
libdata/pkgconfig/libh2o-evloop.pc
|
||||
libdata/pkgconfig/libh2o.pc
|
||||
%%DATADIR%%/annotate-backtrace-symbols
|
||||
|
|
Loading…
Reference in New Issue
Block a user