diff --git a/net/haproxy/Makefile b/net/haproxy/Makefile index a5292734f55..f73e43b77dc 100644 --- a/net/haproxy/Makefile +++ b/net/haproxy/Makefile @@ -1,9 +1,8 @@ -# $OpenBSD: Makefile,v 1.10 2013/04/03 06:23:25 jasper Exp $ +# $OpenBSD: Makefile,v 1.11 2013/04/28 20:30:50 gonzalo Exp $ COMMENT = reliable, high performance TCP/HTTP load balancer -DISTNAME = haproxy-1.4.22 -REVISION = 0 +DISTNAME = haproxy-1.4.23 CATEGORIES = net www HOMEPAGE = http://haproxy.1wt.eu/ diff --git a/net/haproxy/distinfo b/net/haproxy/distinfo index 748ccc735c9..853b04bd78b 100644 --- a/net/haproxy/distinfo +++ b/net/haproxy/distinfo @@ -1,2 +1,2 @@ -SHA256 (haproxy-1.4.22.tar.gz) = uiIbPqpNcSMyMLFWwwAPXCvU2s6U2SZiNVF/5C+Rf8Y= -SIZE (haproxy-1.4.22.tar.gz) = 831791 +SHA256 (haproxy-1.4.23.tar.gz) = 6lrUFms5S0rMUGWgE8eNMAL+RWnexfkZwJ8qKPtEOPE= +SIZE (haproxy-1.4.23.tar.gz) = 835907 diff --git a/net/haproxy/patches/patch-src_proto_http_c b/net/haproxy/patches/patch-src_proto_http_c deleted file mode 100644 index 183be3253d8..00000000000 --- a/net/haproxy/patches/patch-src_proto_http_c +++ /dev/null @@ -1,43 +0,0 @@ -$OpenBSD: patch-src_proto_http_c,v 1.1 2013/04/03 06:23:25 jasper Exp $ - -Security fix for CVE-2013-1912, haproxy may crash on TCP content inspection rules -BUG/CRITICAL: using HTTP information in tcp-request content may crash the process - ---- src/proto_http.c.orig Tue Aug 14 09:09:31 2012 -+++ src/proto_http.c Wed Apr 3 08:20:41 2013 -@@ -8278,6 +8278,14 @@ acl_fetch_proto_http(struct proxy *px, struct session - return 1; - } - -+ /* If the buffer does not leave enough free space at the end, -+ * we must first realign it. -+ */ -+ if (unlikely(req->lr > req->data && -+ (req->r < req->lr || req->r > req->data + req->size - global.tune.maxrewrite)) && -+ (req->l <= req->size - global.tune.maxrewrite)) -+ http_buffer_heavy_realign(req, msg); -+ - /* Try to decode HTTP request */ - if (likely(req->lr < req->r)) - http_msg_analyzer(req, msg, &txn->hdr_idx); -@@ -8295,6 +8303,20 @@ acl_fetch_proto_http(struct proxy *px, struct session - /* OK we got a valid HTTP request. We have some minor preparation to - * perform so that further checks can rely on HTTP tests. - */ -+ -+ /* If the request was parsed but was too large, we must absolutely -+ * return an error so that it is not processed. At the moment this -+ * cannot happen, but if the parsers are to change in the future, -+ * we want this check to be maintained. -+ */ -+ if (unlikely(req->lr > req->data && -+ (req->r < req->lr || req->l > req->size - global.tune.maxrewrite || -+ req->r > req->data + req->size - global.tune.maxrewrite))) { -+ msg->msg_state = HTTP_MSG_ERROR; -+ test->flags |= ACL_TEST_F_SET_RES_PASS; -+ return 1; -+ } -+ - txn->meth = find_http_meth(msg->sol, msg->sl.rq.m_l); - if (txn->meth == HTTP_METH_GET || txn->meth == HTTP_METH_HEAD) - s->flags |= SN_REDIRECTABLE;