Index: trunk/server/common/patches/httpd-2.2.x-CVE-2010-0434.patch =================================================================== --- trunk/server/common/patches/httpd-2.2.x-CVE-2010-0434.patch (revision 1509) +++ (revision ) @@ -1,41 +1,0 @@ ---- httpd-2.2.x/server/protocol.c 2010/03/02 04:00:01 917866 -+++ httpd-2.2.x/server/protocol.c 2010/03/02 04:01:29 917867 -@@ -1041,15 +1041,13 @@ - return r; - } - --/* if a request with a body creates a subrequest, clone the original request's -- * input headers minus any headers pertaining to the body which has already -- * been read. out-of-line helper function for ap_set_sub_req_protocol. -+/* if a request with a body creates a subrequest, remove original request's -+ * input headers which pertain to the body which has already been read. -+ * out-of-line helper function for ap_set_sub_req_protocol. - */ - --static void clone_headers_no_body(request_rec *rnew, -- const request_rec *r) -+static void strip_headers_request_body(request_rec *rnew) - { -- rnew->headers_in = apr_table_copy(rnew->pool, r->headers_in); - apr_table_unset(rnew->headers_in, "Content-Encoding"); - apr_table_unset(rnew->headers_in, "Content-Language"); - apr_table_unset(rnew->headers_in, "Content-Length"); -@@ -1083,15 +1081,14 @@ - - rnew->status = HTTP_OK; - -+ rnew->headers_in = apr_table_copy(rnew->pool, r->headers_in); -+ - /* did the original request have a body? (e.g. POST w/SSI tags) - * if so, make sure the subrequest doesn't inherit body headers - */ - if (apr_table_get(r->headers_in, "Content-Length") - || apr_table_get(r->headers_in, "Transfer-Encoding")) { -- clone_headers_no_body(rnew, r); -- } else { -- /* no body (common case). clone headers the cheap way */ -- rnew->headers_in = r->headers_in; -+ strip_headers_request_body(rnew); - } - rnew->subprocess_env = apr_table_copy(rnew->pool, r->subprocess_env); - rnew->headers_out = apr_table_make(rnew->pool, 5); Index: trunk/server/common/patches/httpd-2.2.x-mod_ssl-sessioncaching.patch =================================================================== --- trunk/server/common/patches/httpd-2.2.x-mod_ssl-sessioncaching.patch (revision 1509) +++ trunk/server/common/patches/httpd-2.2.x-mod_ssl-sessioncaching.patch (revision 1539) @@ -13,8 +13,8 @@ void *pV1, *pV2, *pV3, *pV4, *pV5, *pV6, *pV7, *pV8, *pV9, *pV10; } rCtx; -@@ -545,6 +548,7 @@ const char *ssl_cmd_SSLRequire(cmd_parm - const char *ssl_cmd_SSLUserName(cmd_parms *, void *, const char *); +@@ -547,6 +550,7 @@ const char *ssl_cmd_SSLRequire(cmd_parm const char *ssl_cmd_SSLRenegBufferSize(cmd_parms *cmd, void *dcfg, const char *arg); const char *ssl_cmd_SSLStrictSNIVHostCheck(cmd_parms *cmd, void *dcfg, int flag); + const char *ssl_cmd_SSLInsecureRenegotiation(cmd_parms *cmd, void *dcfg, int flag); +const char *ssl_cmd_SSLSessionTicketExtension(cmd_parms *cmd, void *cdfg, int flag);