pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/www/ruby-actionpack/patches Remove an unused patch.
details: https://anonhg.NetBSD.org/pkgsrc/rev/735b1b4b2581
branches: trunk
changeset: 399069:735b1b4b2581
user: minskim <minskim%pkgsrc.org@localhost>
date: Sat Sep 12 22:19:56 2009 +0000
description:
Remove an unused patch.
diffstat:
www/ruby-actionpack/patches/patch-aa | 24 ------------------------
1 files changed, 0 insertions(+), 24 deletions(-)
diffs (28 lines):
diff -r 9872e11988f4 -r 735b1b4b2581 www/ruby-actionpack/patches/patch-aa
--- a/www/ruby-actionpack/patches/patch-aa Sat Sep 12 22:14:16 2009 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,24 +0,0 @@
-$NetBSD: patch-aa,v 1.3 2009/07/16 11:00:25 minskim Exp $
-
-http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2422
-rails git commit 056ddbdcfb07f0b5c7e6ed8a35f6c3b55b4ab489
-
---- lib/action_controller/http_authentication.rb.orig 2009-07-16 03:45:19.000000000 -0700
-+++ lib/action_controller/http_authentication.rb
-@@ -183,7 +183,7 @@ module ActionController
- request.env['REDIRECT_X_HTTP_AUTHORIZATION']
- end
-
-- # Raises error unless the request credentials response value matches the expected value.
-+ # Returns false unless the request credentials response value matches the expected value.
- # First try the password as a ha1 digest password. If this fails, then try it as a plain
- # text password.
- def validate_digest_response(request, realm, &password_procedure)
-@@ -192,6 +192,7 @@ module ActionController
-
- if valid_nonce && realm == credentials[:realm] && opaque == credentials[:opaque]
- password = password_procedure.call(credentials[:username])
-+ return false unless password
-
- [true, false].any? do |password_is_ha1|
- expected = expected_response(request.env['REQUEST_METHOD'], request.env['REQUEST_URI'], credentials, password, password_is_ha1)
Home |
Main Index |
Thread Index |
Old Index