From: Raphaƫl Gertz Date: Mon, 24 Sep 2018 14:34:28 +0000 (+0200) Subject: Upgrade to apache 2.4.33 X-Git-Tag: 2.4.38-6~15 X-Git-Url: https://git.rapsys.eu/.gitweb.cgi/ihttpd/commitdiff_plain/9028059ad6c85a6a221a7d6de279c4f4d8603158?ds=sidebyside Upgrade to apache 2.4.33 --- diff --git a/SOURCES/httpd-2.4.20.tar.bz2 b/SOURCES/httpd-2.4.20.tar.bz2 deleted file mode 100644 index 8d0b460..0000000 Binary files a/SOURCES/httpd-2.4.20.tar.bz2 and /dev/null differ diff --git a/SOURCES/httpd-2.4.17-socket-activation.patch b/SOURCES/httpd-2.4.33-socket-activation.patch similarity index 89% rename from SOURCES/httpd-2.4.17-socket-activation.patch rename to SOURCES/httpd-2.4.33-socket-activation.patch index d5cbdf2..9158866 100644 --- a/SOURCES/httpd-2.4.17-socket-activation.patch +++ b/SOURCES/httpd-2.4.33-socket-activation.patch @@ -1,7 +1,6 @@ -diff --git a/server/listen.c b/server/listen.c -index 1d9be83..f5f7754 100644 ---- a/server/listen.c -+++ b/server/listen.c +diff -urNp a/server/listen.c.socketactivation b/server/listen.c +--- a/server/listen.c.socketactivation 2017-08-16 18:48:29.000000000 +0200 ++++ b/server/listen.c 2018-06-18 14:31:10.639221470 +0200 @@ -34,6 +34,10 @@ #include #endif @@ -27,7 +26,7 @@ index 1d9be83..f5f7754 100644 { apr_socket_t *s = server->sd; int one = 1; -@@ -94,20 +101,6 @@ static apr_status_t make_sock(apr_pool_t *p, ap_listen_rec *server) +@@ -94,20 +101,6 @@ static apr_status_t make_sock(apr_pool_t return stat; } @@ -48,7 +47,7 @@ index 1d9be83..f5f7754 100644 /* * To send data over high bandwidth-delay connections at full * speed we must force the TCP window to open wide enough to keep the -@@ -169,21 +162,37 @@ static apr_status_t make_sock(apr_pool_t *p, ap_listen_rec *server) +@@ -169,21 +162,37 @@ static apr_status_t make_sock(apr_pool_t } #endif @@ -100,11 +99,10 @@ index 1d9be83..f5f7754 100644 } #ifdef WIN32 -@@ -277,6 +286,124 @@ static apr_status_t close_listeners_on_exec(void *v) +@@ -277,6 +286,123 @@ static apr_status_t close_listeners_on_e return APR_SUCCESS; } -+ +#ifdef HAVE_SYSTEMD + +static int find_systemd_socket(process_rec * process, apr_port_t port) { @@ -222,10 +220,10 @@ index 1d9be83..f5f7754 100644 + +#endif /* HAVE_SYSTEMD */ + - static const char *alloc_listener(process_rec *process, char *addr, - apr_port_t port, const char* proto, - void *slave) -@@ -479,7 +606,7 @@ static int open_listeners(apr_pool_t *pool) + static int find_listeners(ap_listen_rec **from, ap_listen_rec **to, + const char *addr, apr_port_t port) + { +@@ -495,7 +621,7 @@ static int open_listeners(apr_pool_t *po } } #endif @@ -234,7 +232,7 @@ index 1d9be83..f5f7754 100644 ++num_open; } else { -@@ -591,8 +718,28 @@ AP_DECLARE(int) ap_setup_listeners(server_rec *s) +@@ -607,8 +733,28 @@ AP_DECLARE(int) ap_setup_listeners(serve } } @@ -265,7 +263,7 @@ index 1d9be83..f5f7754 100644 } for (lr = ap_listeners; lr; lr = lr->next) { -@@ -682,7 +829,7 @@ AP_DECLARE(apr_status_t) ap_duplicate_listeners(apr_pool_t *p, server_rec *s, +@@ -698,7 +844,7 @@ AP_DECLARE(apr_status_t) ap_duplicate_li duplr->bind_addr); return stat; } @@ -274,7 +272,7 @@ index 1d9be83..f5f7754 100644 #if AP_NONBLOCK_WHEN_MULTI_LISTEN use_nonblock = (ap_listeners && ap_listeners->next); stat = apr_socket_opt_set(duplr->sd, APR_SO_NONBLOCK, use_nonblock); -@@ -809,6 +956,11 @@ AP_DECLARE_NONSTD(const char *) ap_set_listener(cmd_parms *cmd, void *dummy, +@@ -825,6 +971,11 @@ AP_DECLARE_NONSTD(const char *) ap_set_l if (argc < 1 || argc > 2) { return "Listen requires 1 or 2 arguments."; } @@ -286,7 +284,7 @@ index 1d9be83..f5f7754 100644 rv = apr_parse_addr_port(&host, &scope_id, &port, argv[0], cmd->pool); if (rv != APR_SUCCESS) { -@@ -840,6 +992,12 @@ AP_DECLARE_NONSTD(const char *) ap_set_listener(cmd_parms *cmd, void *dummy, +@@ -856,6 +1007,12 @@ AP_DECLARE_NONSTD(const char *) ap_set_l ap_str_tolower(proto); } diff --git a/SOURCES/httpd-2.4.17-sslciphdefault.patch b/SOURCES/httpd-2.4.33-sslciphdefault.patch similarity index 75% rename from SOURCES/httpd-2.4.17-sslciphdefault.patch rename to SOURCES/httpd-2.4.33-sslciphdefault.patch index 8efc461..6b94a16 100644 --- a/SOURCES/httpd-2.4.17-sslciphdefault.patch +++ b/SOURCES/httpd-2.4.33-sslciphdefault.patch @@ -3,9 +3,9 @@ https://bugzilla.redhat.com/show_bug.cgi?id=1109119 Don't prepend !aNULL etc if PROFILE= is used with SSLCipherSuite. ---- httpd-2.4.17/modules/ssl/ssl_engine_config.c.sslciphdefault -+++ httpd-2.4.17/modules/ssl/ssl_engine_config.c -@@ -708,8 +708,10 @@ const char *ssl_cmd_SSLCipherSuite(cmd_p +--- httpd-2.4.33/modules/ssl/ssl_engine_config.c.sslciphdefault ++++ httpd-2.4.33/modules/ssl/ssl_engine_config.c +@@ -758,8 +758,10 @@ const char *ssl_cmd_SSLCipherSuite(cmd_p SSLSrvConfigRec *sc = mySrvConfig(cmd->server); SSLDirConfigRec *dc = (SSLDirConfigRec *)dcfg; @@ -18,9 +18,9 @@ Don't prepend !aNULL etc if PROFILE= is used with SSLCipherSuite. if (cmd->path) { dc->szCipherSuite = arg; -@@ -1428,8 +1430,10 @@ const char *ssl_cmd_SSLProxyCipherSuite( +@@ -1502,8 +1504,10 @@ const char *ssl_cmd_SSLProxyCipherSuite( { - SSLSrvConfigRec *sc = mySrvConfig(cmd->server); + SSLDirConfigRec *dc = (SSLDirConfigRec *)dcfg; - /* always disable null and export ciphers */ - arg = apr_pstrcat(cmd->pool, arg, ":!aNULL:!eNULL:!EXP", NULL); @@ -29,5 +29,5 @@ Don't prepend !aNULL etc if PROFILE= is used with SSLCipherSuite. + if (strncmp(arg, "PROFILE=", 8) != 0) + arg = apr_pstrcat(cmd->pool, arg, ":!aNULL:!eNULL:!EXP", NULL); - sc->proxy->auth.cipher_suite = arg; + dc->proxy->auth.cipher_suite = arg; diff --git a/SOURCES/httpd-2.4.33.tar.bz2 b/SOURCES/httpd-2.4.33.tar.bz2 new file mode 100644 index 0000000..725aded Binary files /dev/null and b/SOURCES/httpd-2.4.33.tar.bz2 differ