4 files changed, 4 insertions, 91 deletions

diff --git a/www/apache13-modperl/Makefile b/www/apache13-modperl/Makefile
index bcab4dd3cce7..e929f7cdea48 100644
--- a/www/apache13-modperl/Makefile
+++ b/www/apache13-modperl/Makefile
@@ -7,7 +7,6 @@
 
 PORTNAME=	apache+mod_perl
 PORTVERSION=	${VERSION_APACHE}
-PORTREVISION=	3
 CATEGORIES=	www perl5
 MASTER_SITES=	${MASTER_SITE_APACHE_HTTPD:S/$/:apache/} \
 		${MASTER_SITE_PERL_CPAN:S/$/Apache\/:modperl/}
@@ -42,7 +41,7 @@ MAN3PREFIX=	${PREFIX}/lib/perl5/${PERL_VERSION}
 
 .include <bsd.port.pre.mk>
 
-VERSION_APACHE=	1.3.33
+VERSION_APACHE=		1.3.34
 VERSION_MODPERL=	1.29
 
 WRKSRC_MODPERL=	${WRKDIR}/mod_perl-${VERSION_MODPERL}
diff --git a/www/apache13-modperl/distinfo b/www/apache13-modperl/distinfo
index b12c299f7795..33bbf91b00e6 100644
--- a/www/apache13-modperl/distinfo
+++ b/www/apache13-modperl/distinfo
@@ -1,4 +1,4 @@
-MD5 (apache_1.3.33.tar.gz) = 3dfd2c3778f37a2dfc22b97417a61407
-SIZE (apache_1.3.33.tar.gz) = 2468567
+MD5 (apache_1.3.34.tar.gz) = 9978cc552b423f0015c1052d23ab619e
+SIZE (apache_1.3.34.tar.gz) = 2468056
 MD5 (mod_perl-1.29.tar.gz) = 1491931790509b9af06fc037d02b0e7a
 SIZE (mod_perl-1.29.tar.gz) = 378877
diff --git a/www/apache13-modperl/files/patch-secfix-CAN-2005-2088 b/www/apache13-modperl/files/patch-secfix-CAN-2005-2088
deleted file mode 100644
index c4315400577e..000000000000
--- a/www/apache13-modperl/files/patch-secfix-CAN-2005-2088
+++ /dev/null
@@ -1,87 +0,0 @@
---- src/modules/proxy/proxy_http.c	2005/07/14 05:09:17	218987
-+++ src/modules/proxy/proxy_http.c	2005/07/14 05:19:15	218988
-@@ -121,7 +121,7 @@
-     char portstr[32];
-     pool *p = r->pool;
-     int destport = 0;
--    int chunked = 0;
-+    const char *chunked = NULL;
-     char *destportstr = NULL;
-     const char *urlptr = NULL;
-     const char *datestr, *urlstr;
-@@ -338,7 +338,12 @@
-         ap_table_mergen(req_hdrs, "X-Forwarded-Server", r->server->server_hostname);
-     } 
- 
--    /* we don't yet support keepalives - but we will soon, I promise! */
-+    /* we don't yet support keepalives - but we will soon, I promise! 
-+     * XXX: This introduces various HTTP Request vulnerabilies if not
-+     * properly implemented.  Before changing this .. be certain to
-+     * add a hard-close of the connection if the T-E and C-L headers
-+     * are both present, or the C-L header is malformed.
-+     */
-     ap_table_set(req_hdrs, "Connection", "close");
- 
-     reqhdrs_arr = ap_table_elts(req_hdrs);
-@@ -475,25 +480,40 @@
-         }
- 
-         /* is this content chunked? */
--        chunked = ap_find_last_token(r->pool,
--                                     ap_table_get(resp_hdrs, "Transfer-Encoding"),
--                                     "chunked");
-+        chunked = ap_table_get(resp_hdrs, "Transfer-Encoding");
-+        if (chunked && (strcasecmp(chunked, "chunked") != 0)) {
-+            ap_kill_timeout(r);
-+            return ap_proxyerror(r, HTTP_BAD_GATEWAY, ap_pstrcat(r->pool,
-+                                 "Unsupported Transfer-Encoding ", chunked,
-+                                 " from remote server", NULL));
-+        }
- 
-         /* strip hop-by-hop headers defined by Connection and RFC2616 */
-         ap_proxy_clear_connection(p, resp_hdrs);
- 
-         content_length = ap_table_get(resp_hdrs, "Content-Length");
-         if (content_length != NULL) {
--            c->len = ap_strtol(content_length, NULL, 10);
--
--	    if (c->len < 0) {
--		ap_kill_timeout(r);
--		return ap_proxyerror(r, HTTP_BAD_GATEWAY, ap_pstrcat(r->pool,
--				     "Invalid Content-Length from remote server",
--                                      NULL));
-+            if (chunked) {
-+                /* XXX: We would unset keep-alive here, to the proxy
-+                 * origin server, for safety's sake but we aren't using
-+                 * keep-alives (we force Connection: close  above)
-+                 */
-+                nocache = 1;        /* do not cache this suspect file */
-+                ap_table_unset(resp_hdrs, "Content-Length");
-+            }
-+            else {
-+                char *len_end;
-+                errno = 0;
-+                c->len = ap_strtol(content_length, &len_end, 10);
-+
-+                if (errno || (c->len < 0) || (len_end && *len_end)) {
-+                    ap_kill_timeout(r);
-+                    return ap_proxyerror(r, HTTP_BAD_GATEWAY, 
-+                                         "Invalid Content-Length from remote"
-+                                         " server");
-+                }
- 	    }
-         }
--
-     }
-     else {
-         /* an http/0.9 response */
-@@ -612,7 +632,8 @@
-  * content length is not known. We need to make 100% sure c->len is always
-  * set correctly before we get here to correctly do keepalive.
-  */
--        ap_proxy_send_fb(f, r, c, c->len, 0, chunked, conf->io_buffer_size);
-+        ap_proxy_send_fb(f, r, c, c->len, 0, chunked != NULL, 
-+                         conf->io_buffer_size);
-     }
- 
-     /* ap_proxy_send_fb() closes the socket f for us */
diff --git a/www/apache13-modperl/pkg-plist b/www/apache13-modperl/pkg-plist
index 4c247fc3b260..d2f6f6e34182 100644
--- a/www/apache13-modperl/pkg-plist
+++ b/www/apache13-modperl/pkg-plist
@@ -181,6 +181,7 @@ share/doc/apache/images/sub.gif
 share/doc/apache/index.html.en
 share/doc/apache/index.html.ja.jis
 share/doc/apache/install-tpf.html
+share/doc/apache/install-ztpf.html
 share/doc/apache/install.html.es
 share/doc/apache/install.html.en
 share/doc/apache/install.html.ja.jis