head	1.1;
access;
symbols;
locks; strict;
comment	@# @;


1.1
date	2012.06.25.01.10.44;	author olgeni;	state Exp;
branches;
next	;


desc
@@


1.1
log
@Upgrade to version 1.93, which contains a security fix among other changes.

From Erlyaws-list:

"Use crypto:rand_bytes() instead of the cryptographically weak random
module. Swedish security consultant and cryptographer Kalle
Zetterlund discovered a way to - given a sequence of cookies produced
by yaws_session_server - predict the next session id. Thus providing
a gaping security hole into yaws servers that use the yaws_session_server
to maintain cookie based HTTP sessions (klacke/kallez)"

PR:		ports/169363
Submitted by:	Kenji Rikitake <kenji.rikitake@@acm.org>
@
text
@--- scripts/gen-yaws.ORIG	2012-06-24 15:27:11.000000000 +0900
+++ scripts/gen-yaws	2012-06-24 15:33:26.000000000 +0900
@@@@ -1,13 +1,15 @@@@
 #!/bin/sh
 
+# CAUTION: Modified for FreeBSD Port installation
+# referring yawsdir in the installed yaws library
+
 # Used by scripts/Makefile and scripts/rebar-pre-script to generate
 # the yaws execution script
 
 set -e
 
-topdir=`cd .. && pwd`
 cat yaws.template | \
-    ./Subst %yawsdir% "${topdir}" | \
+    ./Subst %yawsdir% "/usr/local/lib/erlang/lib/yaws" | \
     ./Subst %vardir% "${VARDIR}" | \
     ./Subst %run_erl% "${ERLBINDIR}/run_erl" | \
     ./Subst %to_erl% "${ERLBINDIR}/to_erl" | \
@
