keks-overlay.git

@@ -2,13 +2,17 @@ AUX apache-noip.diff 417 RMD160 8e16f7ff130cea52449a25aafbbdeb78919d9eae SHA1 7c

 MD5 a3ccaa61507918e64dc5fd378e14a5e7 files/apache-noip.diff 417

 RMD160 8e16f7ff130cea52449a25aafbbdeb78919d9eae files/apache-noip.diff 417

 SHA256 c9ed84fec20e69f711600261a395a3d4b3ae2685318f6354c4d2ebd01c0ec4cc files/apache-noip.diff 417

+AUX apache-ssl-fix.diff 2993 RMD160 6a7627b2c957254e1a1bfc27e8101ff5da04fab5 SHA1 eb45f1d0ccffb8852315df621376e56a7880c1ba SHA256 150fdbd8ab5f45943c76b5244c9e3ef0ed30c6f70a5fd46981edb983de7ec02f

+MD5 117d11e44ccd6a2408873288b41236bd files/apache-ssl-fix.diff 2993

+RMD160 6a7627b2c957254e1a1bfc27e8101ff5da04fab5 files/apache-ssl-fix.diff 2993

+SHA256 150fdbd8ab5f45943c76b5244c9e3ef0ed30c6f70a5fd46981edb983de7ec02f files/apache-ssl-fix.diff 2993

 DIST gentoo-apache-2.2.6-20070907.tar.bz2 58121 RMD160 d0e5f55a8985f97fcdf646e04d92f6519f968104 SHA1 f9fd830bfb8e6c6e3cbac9d8342cc981032d20c5 SHA256 56f809f93fdcba204e6be271f195095d8ad033aa61447dab607af91d95cde8e6

 DIST gentoo-apache-2.2.6-r3-20071025.tar.bz2 60483 RMD160 3097b088eae160f1196f21abb1488cf54b349ba1 SHA1 1bb261c16e93bb1abc1972b38f73c2726435fb36 SHA256 3f2d0b9d210f3bb22c06901dee7df482c26647562d1a4e98f4196cd649f71d58

 DIST httpd-2.2.6.tar.bz2 4717066 RMD160 5ae895c6898213e1e3b7e7b02cdfcbe5b36a108f SHA1 e6ef926ecd1f9a412af8c266239f0a6f58c63854 SHA256 f27cd9df50a2acd9df8f37520f62f6ce51758689d425ead5883e75ff5ed6548c

-EBUILD apache-2.2.6-r3.ebuild 15825 RMD160 e80deccde132a09fc218178090580c6dc379ee0f SHA1 0a1ceab8ced6821464ff1ebaa2e8af665f5da018 SHA256 e8b32df5dda50fed51b5ac6bce3dfb50209aed43df12110a134d22d19d2d3884

-MD5 51f3bbe7d1da622c7b7fc3fcd005b8b2 apache-2.2.6-r3.ebuild 15825

-RMD160 e80deccde132a09fc218178090580c6dc379ee0f apache-2.2.6-r3.ebuild 15825

-SHA256 e8b32df5dda50fed51b5ac6bce3dfb50209aed43df12110a134d22d19d2d3884 apache-2.2.6-r3.ebuild 15825

+EBUILD apache-2.2.6-r3.ebuild 15867 RMD160 bc4754a69578b07c0887948e143535ee42d5c494 SHA1 d4cd5d82f69d4b41f1d41d74eb6ab1cbdf25ed43 SHA256 1dc997400c2f2829939da89593ff43733db032df39c2a7b36e5a7e9885808aab

+MD5 51cf3a6d14f5799bc32a220665125641 apache-2.2.6-r3.ebuild 15867

+RMD160 bc4754a69578b07c0887948e143535ee42d5c494 apache-2.2.6-r3.ebuild 15867

+SHA256 1dc997400c2f2829939da89593ff43733db032df39c2a7b36e5a7e9885808aab apache-2.2.6-r3.ebuild 15867

 EBUILD apache-2.2.6.ebuild 15409 RMD160 d28d70bee62cf49b4fa03f11af540b4d73f573b6 SHA1 7e745f24c701aa975afeea5ac0dd1a92acc61e0f SHA256 db821b99842d980acbb98f2584f5374103508c8ba9a81fd6837518b19dcd71f1

 MD5 83cc4a3331319d94de3fb5e69f74e4d3 apache-2.2.6.ebuild 15409

 RMD160 d28d70bee62cf49b4fa03f11af540b4d73f573b6 apache-2.2.6.ebuild 15409

@@ -104,6 +104,7 @@ src_unpack() {

 	unpack ${A}

 	cd "${S}"

 	epatch "${FILESDIR}/apache-noip.diff"

+	epatch "${FILESDIR}/apache-ssl-fix.diff"

 	# Use correct multilib libdir in gentoo patches

 	sed -i -e "s:/usr/lib:/usr/$(get_libdir):g" \

@@ -0,0 +1,71 @@

+--- httpd/httpd/trunk/modules/ssl/ssl_engine_io.c	2007/06/12 20:55:57	546632

++++ httpd/httpd/trunk/modules/ssl/ssl_engine_io.c	2007/11/02 16:45:46	591393

+@@ -1539,14 +1539,25 @@

+ 

+     apr_brigade_destroy(tempb);

+ 

+-    /* Insert the filter which will supply the buffered data. */

++    /* After consuming all protocol-level input, remove all protocol-level

++     * filters.  It should strictly only be necessary to remove filters

++     * at exactly ftype == AP_FTYPE_PROTOCOL, since this filter will 

++     * precede all > AP_FTYPE_PROTOCOL anyway. */

++    while (r->proto_input_filters->frec->ftype < AP_FTYPE_CONNECTION) {

++        ap_remove_input_filter(r->proto_input_filters);

++    }

++

++    /* Insert the filter which will supply the buffered content. */

+     ap_add_input_filter(ssl_io_buffer, ctx, r, c);

+ 

+     return 0;

+ }

+ 

+ /* This input filter supplies the buffered request body to the caller

+- * from the brigade stored in f->ctx. */

++ * from the brigade stored in f->ctx.  Note that the placement of this

++ * filter in the filter stack is important; it must be the first

++ * r->proto_input_filter; lower-typed filters will not be preserved

++ * across internal redirects (see PR 43738).  */

+ static apr_status_t ssl_io_filter_buffer(ap_filter_t *f,

+                                          apr_bucket_brigade *bb,

+                                          ap_input_mode_t mode,

+@@ -1565,6 +1576,19 @@

+         return APR_ENOTIMPL;

+     }

+ 

++    if (APR_BRIGADE_EMPTY(ctx->bb)) {

++        /* Suprisingly (and perhaps, wrongly), the request body can be

++         * pulled from the input filter stack more than once; a

++         * handler may read it, and ap_discard_request_body() will

++         * attempt to do so again after *every* request.  So input

++         * filters must be prepared to give up an EOS if invoked after

++         * initially reading the request. The HTTP_IN filter does this

++         * with its ->eos_sent flag. */

++

++        APR_BRIGADE_INSERT_TAIL(bb, apr_bucket_eos_create(f->c->bucket_alloc));

++        return APR_SUCCESS;

++    }

++

+     if (mode == AP_MODE_READBYTES) {

+         apr_bucket *e;

+ 

+@@ -1619,8 +1643,9 @@

+         }

+ 

+         ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, f->c,

+-                      "buffered SSL brigade now exhausted; removing filter");

+-        ap_remove_input_filter(f);

++                      "buffered SSL brigade exhausted");

++        /* Note that the filter must *not* be removed here; it may be

++         * invoked again, see comment above. */

+     }

+ 

+     return APR_SUCCESS;

+@@ -1695,7 +1720,7 @@

+     ap_register_input_filter  (ssl_io_filter, ssl_io_filter_input,  NULL, AP_FTYPE_CONNECTION + 5);

+     ap_register_output_filter (ssl_io_filter, ssl_io_filter_output, NULL, AP_FTYPE_CONNECTION + 5);

+ 

+-    ap_register_input_filter  (ssl_io_buffer, ssl_io_filter_buffer, NULL, AP_FTYPE_PROTOCOL - 1);

++    ap_register_input_filter  (ssl_io_buffer, ssl_io_filter_buffer, NULL, AP_FTYPE_PROTOCOL);

+ 

+     return;

+ }