gentoo auto-resync : 16:10:2024 - 04:04:29

2 files changed, 0 insertions, 82 deletions

diff --git a/www-servers/apache/Manifest b/www-servers/apache/Manifest
index c2e639597857..f8b57963524d 100644
--- a/www-servers/apache/Manifest
+++ b/www-servers/apache/Manifest
@@ -1,5 +1,4 @@
 AUX 41_mod_http2.conf 189 BLAKE2B 70f006ead657b250bb4c30a332484baf698541d44d922453bae6133e2458a7009035156f47c1dbba42bd6830ab5bef8c56d151821b0b56e9b41ef9b3db885411 SHA512 3d56a24ea98bc3188e5d6f8e2e0148e4b718e04f23452e77750bca984c44fc7c3acd4521a945b4c415284d0a5dac0f7e846bb60daf70fe61ce2632e8fa201ed6
-AUX apache-2.4.59-dh-regression.patch 3066 BLAKE2B 7c4577d8d79d67745d43775e8273c87a9afababf098e92b7dc62b4945629f887888387afe69da8619d8fb09cdf62fffd49ad993a917d6dfa9ebf37933df0c746 SHA512 304aeee808fa447e3c37d7685670493f335ae16328b4607dad71c5b6eb5a9c5281bbb0f3fb21bf6a13ff9ba64cf284d445096149ab318a27d660f0fff6b62332
 AUX apache.conf 94 BLAKE2B b0330849adfc5fc048622b3a256ecb727f3bfa339e6cc7f50843597d3e8d7b6d4463986d8f9a73f3580c93ce571d01f9ba571e0328356b62e5680ede913acc4b SHA512 e954c66da825fd6f84753cd7a50ae2da86daf5da27b37dba484019e8e1adaeb57122ba9a8fd1222e80edac04ca78d807265ef8b275278e4eeef12feb6043597b
 AUX apache2.4-hardened.service 933 BLAKE2B 60cbe1a55ded29299ba7fc453a6f13c456bc702ec77a31ede0904a52c9d726d57ec4d477df74d46e4edab157a2bf930750620c8d369a0b6900b049d9a4619a5c SHA512 711899777ea59995cecda007dca8d9ff6d0650b80990ea3b387f914e923df703e0c71ebaee5d967590c46fc5c588d35390d7c34023ef673c1791a60850efd0e8
 DIST gentoo-apache-2.4.62-20240719.tar.bz2 26207 BLAKE2B 0c0b52620d27f9f96643f8f18221e04c97a80849470f21695359f569be4cebcea0e1588bfce0744ffb86267185fe7a235c3f7b4976a6b68cd8c30c1ac0cb966a SHA512 689362c5171e72afb439dae57c73750ac1cd559a15d2b6fe57a08cc7b489f6921d0265f90e3d4551b75269f60b7222fe20c792c0c14ff5ff3303c9fc974d43f8
diff --git a/www-servers/apache/files/apache-2.4.59-dh-regression.patch b/www-servers/apache/files/apache-2.4.59-dh-regression.patch
deleted file mode 100644
index 63cb606a2630..000000000000
--- a/www-servers/apache/files/apache-2.4.59-dh-regression.patch
+++ /dev/null
@@ -1,81 +0,0 @@
-From dee1eb37d787d34cb37df7eab535240e1774293a Mon Sep 17 00:00:00 2001
-From: Ruediger Pluem <rpluem@apache.org>
-Date: Mon, 8 Apr 2024 13:18:28 +0000
-Subject: [PATCH] * Ensure that we set the default DH parameters for the key
-
-Replace else with an if as the if branch no longer ensures that
-custome DH parameters have been loaded.
-This fixes a regression that causes the default DH parameters for a key
-no longer set and thus effectively disabling DH ciphers when no explicit
-DH parameters are set.
-
-PR: 68863
-
-
-git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1916863 13f79535-47bb-0310-9956-ffa450edef68
----
- changes-entries/pr68863.txt   |  3 +++
- modules/ssl/ssl_engine_init.c | 11 ++++++-----
- 2 files changed, 9 insertions(+), 5 deletions(-)
- create mode 100644 changes-entries/pr68863.txt
-
-diff --git a/changes-entries/pr68863.txt b/changes-entries/pr68863.txt
-new file mode 100644
-index 00000000000..d45ffc708cc
---- /dev/null
-+++ b/changes-entries/pr68863.txt
-@@ -0,0 +1,3 @@
-+  *) mod_ssl: Fix a regression that causes the default DH parameters for a key
-+     no longer set and thus effectively disabling DH ciphers when no explicit
-+     DH parameters are set. PR 68863 [Ruediger Pluem]
-diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
-index 64e4aaf1dcd..f657026d137 100644
---- a/modules/ssl/ssl_engine_init.c
-+++ b/modules/ssl/ssl_engine_init.c
-@@ -1416,6 +1416,7 @@ static apr_status_t ssl_init_server_certs(server_rec *s,
-     const char *vhost_id = mctx->sc->vhost_id, *key_id, *certfile, *keyfile;
-     int i;
-     EVP_PKEY *pkey;
-+    int custom_dh_done = 0;
- #ifdef HAVE_ECC
-     EC_GROUP *ecgroup = NULL;
-     int curve_nid = 0;
-@@ -1591,14 +1592,14 @@ static apr_status_t ssl_init_server_certs(server_rec *s,
-      */
-     certfile = APR_ARRAY_IDX(mctx->pks->cert_files, 0, const char *);
-     if (certfile && !modssl_is_engine_id(certfile)) {
--        int done = 0, num_bits = 0;
-+        int num_bits = 0;
- #if OPENSSL_VERSION_NUMBER < 0x30000000L
-         DH *dh = modssl_dh_from_file(certfile);
-         if (dh) {
-             num_bits = DH_bits(dh);
-             SSL_CTX_set_tmp_dh(mctx->ssl_ctx, dh);
-             DH_free(dh);
--            done = 1;
-+            custom_dh_done = 1;
-         }
- #else
-         pkey = modssl_dh_pkey_from_file(certfile);
-@@ -1608,18 +1609,18 @@ static apr_status_t ssl_init_server_certs(server_rec *s,
-                 EVP_PKEY_free(pkey);
-             }
-             else {
--                done = 1;
-+                custom_dh_done = 1;
-             }
-         }
- #endif
--        if (done) {
-+        if (custom_dh_done) {
-             ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(02540)
-                          "Custom DH parameters (%d bits) for %s loaded from %s",
-                          num_bits, vhost_id, certfile);
-         }
-     }
- #if !MODSSL_USE_OPENSSL_PRE_1_1_API
--    else {
-+    if (!custom_dh_done) {
-         /* If no parameter is manually configured, enable auto
-          * selection. */
-         SSL_CTX_set_dh_auto(mctx->ssl_ctx, 1);