Version 2.4.62

diff --git a/SOURCES/httpd-2.4.57.tar.bz2 b/SOURCES/httpd-2.4.57.tar.bz2
deleted file mode 100644 (file)
index 19f1a43..0000000
Binary files a/SOURCES/httpd-2.4.57.tar.bz2 and /dev/null differ

diff --git a/SOURCES/httpd-2.4.57.tar.bz2.asc b/SOURCES/httpd-2.4.57.tar.bz2.asc
deleted file mode 100644 (file)
index c15520b..0000000
--- a/SOURCES/httpd-2.4.57.tar.bz2.asc
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEEZbLUT+dL1ePeOsPwgngd5G1ZVPoFAmQpqJUACgkQgngd5G1Z
-VPrSqhAAge2udhX49FI9zwhoxeCND0dxB/DZ8vWc6MbDryYUYZBA2+o7cvwSRSdZ
-fxghFliJUWDSDD7YFjIrsAKPcjdKS2vn6+vmNRU05dw+JoZuQuyzg9PMuEOo3qRN
-poVd7SsxFhAT3ow6+j2ns3ei+B87BWrgkN6P2A4UNiUKKej+EACL3JnrOGbcPoLa
-ThEdphd5B6qTegw3Sz3aHgJ06833mH5KdrUNXwjmhsZCdgmBORyepjAQFKQChOq6
-JExsk/PTPgy0KX27IWMgrgQohW0zEzr8BtrZsu+DXxuhjen7bKm06uEoYDCR6xF1
-gu/oGBLVuDkktnRfleGUtmXoJ+yVMyz06ILL/ka5Jy3ob8sdWqD37oAcGQJeZYog
-uUnW+FoCmfv6uLRxZbFr2SCr2Jc8cnI45cPpppG0OraBJHHja99W60lInDpjFvHF
-U9Ev+UNU3PwtYuIhwp8tJB61cnQzxyH0Frt5lQfXxPKWTuFY3MSuoNJi1x3IqZvx
-fan2kxN0R0RyvXOhD6eJcQpydRHNDj/zgIo46gL7XRPB4aFBZRPyXwTVejcT6juL
-CHX/AUk18DIlBd+X7wJ115UQg9m6bABrj+Jg6ujoTb62Vstuju3P6XJ/qbCpGQcY
-ZyLOwbFiDD8CMm06ELQixDa9momkXXWH6mH+cEQDkPl+Scz5pf0=
-=qbuf
------END PGP SIGNATURE-----

diff --git a/SOURCES/httpd-2.4.17-socket-activation.patch b/SOURCES/httpd-2.4.60-socket-activation.patch
similarity index 91%
rename from SOURCES/httpd-2.4.17-socket-activation.patch
rename to SOURCES/httpd-2.4.60-socket-activation.patch
index 3d27742a03d71c31c05855b23aaecd633b3a42e3..59708aeda5f906460eae1b1e871ce6929ca4c213 100644 (file)
--- a/SOURCES/httpd-2.4.17-socket-activation.patch
+++ b/SOURCES/httpd-2.4.60-socket-activation.patch
@@ -1,11 +1,11 @@
 --- httpd-2.4.28/server/listen.c.socketactivation      2017-08-16 19:48:29.000000000 +0300
 +++ httpd-2.4.28/server/listen.c       2017-10-14 18:48:36.275690612 +0300
 --- httpd-2.4.28/server/listen.c.socketactivation      2017-08-16 19:48:29.000000000 +0300
 +++ httpd-2.4.28/server/listen.c       2017-10-14 18:48:36.275690612 +0300

-@@ -17,114 +17,107 @@
- #include "apr_network_io.h"
+@@ -18,114 +18,107 @@

  #include "apr_strings.h"
  
  #define APR_WANT_STRFUNC
  #include "apr_want.h"
  #include "apr_strings.h"
  
  #define APR_WANT_STRFUNC
  #include "apr_want.h"

+ #include "apr_version.h"

  
  #include "ap_config.h"
  #include "httpd.h"
  
  #include "ap_config.h"
  #include "httpd.h"


@@ -123,7 +123,7 @@
       * If no size is specified, use the kernel default.
       */
      if (send_buffer_size) {
       * If no size is specified, use the kernel default.
       */
      if (send_buffer_size) {

-@@ -152,55 +145,71 @@
+@@ -153,55 +146,71 @@

      ap_sock_disable_nagle(s);
  #endif
  
      ap_sock_disable_nagle(s);
  #endif
  


@@ -209,25 +209,25 @@
                       server->bind_addr);
          apr_socket_close(s);
          return stat;
                       server->bind_addr);
          apr_socket_close(s);
          return stat;

-@@ -260,40 +269,159 @@
-             ap_log_perror(APLOG_MARK, APLOG_WARNING, rv, p, APLOGNO(00075)
-                           "Failed to enable the '%s' Accept Filter",
-                           accf);
-         }
- #else
-         rv = apr_socket_opt_set(s, APR_TCP_DEFER_ACCEPT, 30);
-         if (rv != APR_SUCCESS && !APR_STATUS_IS_ENOTIMPL(rv)) {
-             ap_log_perror(APLOG_MARK, APLOG_WARNING, rv, p, APLOGNO(00076)
-                               "Failed to enable APR_TCP_DEFER_ACCEPT");
-         }
- #endif
-     }
- }
- 
- static apr_status_t close_listeners_on_exec(void *v)
+@@ -283,40 +292,159 @@
+ static int match_address(const apr_sockaddr_t *sa,
+                          const char *hostname, apr_port_t port,
+                          const char *scope_id, apr_pool_t *p)

  {
  {

-     ap_close_listeners();
-     return APR_SUCCESS;
+     const char *old_scope = NULL;
+ 
+ #if APR_VERSION_AT_LEAST(1,7,0)
+     /* To be clever here we could correctly match numeric and
+      * non-numeric zone ids.  Ignore failure, old_scope will be left
+      * as NULL. */
+     (void) apr_sockaddr_zone_get(sa, &old_scope, NULL, p);
+ #endif
+     
+     return port == sa->port
+         && ((!hostname && !sa->hostname)
+             || (hostname && sa->hostname && !strcmp(sa->hostname, hostname)))
+         && ((!scope_id && !old_scope)
+             || (scope_id && old_scope && !strcmp(scope_id, old_scope)));            

  }
  
 +
  }
  
 +


@@ -349,8 +349,10 @@
 +#endif /* HAVE_SYSTEMD */
 +
 +
 +#endif /* HAVE_SYSTEMD */
 +
 +

+ /* ### This logic doesn't cope with DNS changes across a restart. */

  static int find_listeners(ap_listen_rec **from, ap_listen_rec **to,
  static int find_listeners(ap_listen_rec **from, ap_listen_rec **to,

-                           const char *addr, apr_port_t port)
+                           const char *addr, apr_port_t port,
+                           const char *scope_id, apr_pool_t *temp_pool)

  {
      int found = 0;
  
  {
      int found = 0;
  


@@ -360,16 +362,14 @@
          /* Some listeners are not real so they will not have a bind_addr. */
          if (sa) {
              ap_listen_rec *new;
          /* Some listeners are not real so they will not have a bind_addr. */
          if (sa) {
              ap_listen_rec *new;

-             apr_port_t oldport;

  
  

-             oldport = sa->port;
-             /* If both ports are equivalent, then if their names are equivalent,
-              * then we will re-use the existing record.
-              */
-             if (port == oldport &&
-                 ((!addr && !sa->hostname) ||
-                  ((addr && sa->hostname) && !strcmp(sa->hostname, addr)))) {
-@@ -478,41 +606,41 @@
+             /* Re-use the existing record if it matches completely
+              * against an existing listener. */
+             if (match_address(sa, addr, port, scope_id, temp_pool)) {
+                 found = 1;
+                 if (!to) {
+                     break;
+@@ -512,41 +640,41 @@

                      if (lr->bind_addr->port == cur->bind_addr->port
                          && IS_IN6ADDR_ANY(cur->bind_addr)
                          && apr_socket_opt_get(cur->sd, APR_IPV6_V6ONLY,
                      if (lr->bind_addr->port == cur->bind_addr->port
                          && IS_IN6ADDR_ANY(cur->bind_addr)
                          && apr_socket_opt_get(cur->sd, APR_IPV6_V6ONLY,


@@ -412,7 +412,7 @@
                      }
                      else {
                          ap_listeners = lr->next;
                      }
                      else {
                          ap_listeners = lr->next;

-@@ -590,42 +718,62 @@
+@@ -624,42 +752,62 @@

               * use the default for this listener.
               */
              for (addr = ls->addrs; addr && !found; addr = addr->next) {
               * use the default for this listener.
               */
              for (addr = ls->addrs; addr && !found; addr = addr->next) {


@@ -477,7 +477,7 @@
          }
      }
  
          }
      }
  

-@@ -681,41 +829,41 @@
+@@ -715,41 +863,41 @@

              char *hostname;
              apr_port_t port;
              apr_sockaddr_t *sa;
              char *hostname;
              apr_port_t port;
              apr_sockaddr_t *sa;


@@ -520,8 +520,7 @@
              }
              lr = lr->next;
          }
              }
              lr = lr->next;
          }

-@@ -808,71 +956,82 @@
-         ap_have_so_reuseport = 0;
+@@ -695,74 +843,87 @@

  
      }
  }
  
      }
  }


@@ -541,12 +540,13 @@
      if (argc < 1 || argc > 2) {
          return "Listen requires 1 or 2 arguments.";
      }
      if (argc < 1 || argc > 2) {
          return "Listen requires 1 or 2 arguments.";
      }

+ 

 +#ifdef HAVE_SYSTEMD
 +    if (use_systemd == -1) {
 +        use_systemd = sd_listen_fds(0) > 0;
 +    }
 +#endif
 +#ifdef HAVE_SYSTEMD
 +    if (use_systemd == -1) {
 +        use_systemd = sd_listen_fds(0) > 0;
 +    }
 +#endif

- 
++

      rv = apr_parse_addr_port(&host, &scope_id, &port, argv[0], cmd->pool);
      if (rv != APR_SUCCESS) {
          return "Invalid address or port";
      rv = apr_parse_addr_port(&host, &scope_id, &port, argv[0], cmd->pool);
      if (rv != APR_SUCCESS) {
          return "Invalid address or port";


@@ -556,10 +556,14 @@
          host = NULL;
      }
  
          host = NULL;
      }
  

+ #if !APR_VERSION_AT_LEAST(1,7,0)

      if (scope_id) {
      if (scope_id) {

-         /* XXX scope id support is useful with link-local IPv6 addresses */
-         return "Scope id is not supported";
+         return apr_pstrcat(cmd->pool,
+                            "Scope ID in address '", argv[0],
+                            "' not supported with APR " APR_VERSION_STRING,
+                            NULL);

      }
      }

+ #endif

  
      if (!port) {
          return "Port must be specified";
  
      if (!port) {
          return "Port must be specified";


@@ -583,7 +587,9 @@
 +    }
 +#endif
 +
 +    }
 +#endif
 +

-     return alloc_listener(cmd->server->process, host, port, proto, NULL);
++
+     return alloc_listener(cmd->server->process, host, port, proto,
+                           scope_id, NULL, cmd->temp_pool);

  }
  
  AP_DECLARE_NONSTD(const char *) ap_set_listenbacklog(cmd_parms *cmd,
  }
  
  AP_DECLARE_NONSTD(const char *) ap_set_listenbacklog(cmd_parms *cmd,


@@ -602,4 +608,3 @@
          return "ListenBacklog must be > 0";
      }
  
          return "ListenBacklog must be > 0";
      }
  

-     ap_listenbacklog = b;

diff --git a/SOURCES/httpd-2.4.62.tar.bz2 b/SOURCES/httpd-2.4.62.tar.bz2
new file mode 100644 (file)
index 0000000..fa3f2c8
Binary files /dev/null and b/SOURCES/httpd-2.4.62.tar.bz2 differ

diff --git a/SOURCES/httpd-2.4.62.tar.bz2.asc b/SOURCES/httpd-2.4.62.tar.bz2.asc
new file mode 100644 (file)
index 0000000..be203e8
--- /dev/null
+++ b/SOURCES/httpd-2.4.62.tar.bz2.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEZbLUT+dL1ePeOsPwgngd5G1ZVPoFAmaVEjgACgkQgngd5G1Z
+VPqlUA//dMZ01CalmRf4Li2gDH+ETlQXkMST+2IYNCWZzV78g5wfjpZtApKOk+6O
+73WxdNSvnB15CJVIi/wXN/8ZQHu3u9kHCHw+ydDhOq7CiSAe1x5k0PcodR+me299
+PErBiAaBct+oJOnPCRdw5c5g3jomZgg1Nt5xS5NmI83UnbT9KHd92nNFdIjp6nFE
+mKzsQSWSSXkObj83inJ3HvT8ALGr5TpMjHSJAC/YP9B9FuTW4lQh0XFEESz6LcR/
+Z8GWAV0qfauRhNYcp5qYcVdreVAk0J9vfnruv9OdYsMI/sDM2PYAyDk9pCMuVIfv
+PuZd8n/EpMuQfeWBOLzkft2TjNYx0UAt0xLK0/FLQqbZSKgCxce3mnbm0N3qXl8h
+OpWYC86h4y4shaBOCAHI4oqRFbIlbf9bssMRSYfBYTJ1k8zmADWAhIsr5276A33G
+S8Z+Ah1XeYkvy1blSJDRqECAPLtAXgesLadpkTKTwu+9BmHXYllSmfdhW8D3v6SA
+Ab7RMonp7poBexO0o0mm14cEAwetffUhSrFfvGp7sTBjQYH3s309HtRBuLJOwmP2
+uZvAKo84nJVaZIe7TTjpA/om7sq08Jq8xdzGbEhfGnOrtg/34d3K5S9tDvBMkmDq
+HfYjFxCmfTbUDy4nqVNZcwno6jApweon+KAHbG/vJ2uMWozn2Bo=
+=Lelg
+-----END PGP SIGNATURE-----

diff --git a/SPECS/ihttpd.spec b/SPECS/ihttpd.spec
index 37b08fee1cc960612470f90fd2fd2af0c7ea7114..6c25f8c58faf22082d2d10993826cf092d8666ae 100644 (file)
--- a/SPECS/ihttpd.spec
+++ b/SPECS/ihttpd.spec
@@ -10,7 +10,7 @@
 %{?!serverlimit:%global serverlimit 1024}
 
 Name:          ihttpd
 %{?!serverlimit:%global serverlimit 1024}
 
 Name:          ihttpd

-Version:       2.4.57
+Version:       2.4.62

 Release:       %mkrel 1
 Summary:       The most widely used Web server on the Internet
 License:       ASL 2.0
 Release:       %mkrel 1
 Summary:       The most widely used Web server on the Internet
 License:       ASL 2.0


@@ -43,7 +43,7 @@ Patch28:      httpd-2.4.4-r1332643+.patch
 Patch29:       httpd-2.4.27-systemd.patch
 Patch30:       httpd-2.4.4-cachehardmax.patch
 #Patch31:      httpd-2.4.18-sslmultiproxy.patch
 Patch29:       httpd-2.4.27-systemd.patch
 Patch30:       httpd-2.4.4-cachehardmax.patch
 #Patch31:      httpd-2.4.18-sslmultiproxy.patch

-Patch34:       httpd-2.4.17-socket-activation.patch
+Patch34:       httpd-2.4.60-socket-activation.patch

 #Patch35:      httpd-2.4.33-sslciphdefault.patch
 # Bug fixes
 # http://issues.apache.org/bugzilla/show_bug.cgi?id=32524
 #Patch35:      httpd-2.4.33-sslciphdefault.patch
 # Bug fixes
 # http://issues.apache.org/bugzilla/show_bug.cgi?id=32524


@@ -82,28 +82,28 @@ This version of apache is fully static, and few modules are available built-in.
 %prep
 %setup -q -n httpd-%{version}
 
 %prep
 %setup -q -n httpd-%{version}
 

-%patch1 -p1 -b .apctl
-%patch2 -p1 -b .apxs
-%patch3 -p1 -b .deplibs
-%patch5 -p1 -b .layout
-%patch6 -p1 -b .apctlsystemd
-%patch7 -p1 -b .detectsystemd
+%patch1 -P 1 -p1 -b .apctl
+%patch2 -P 2 -p1 -b .apxs
+%patch3 -P 3 -p1 -b .deplibs
+%patch5 -P 5 -p1 -b .layout
+%patch6 -P 6 -p1 -b .apctlsystemd
+%patch7 -P 7 -p1 -b .detectsystemd

 
 #Disable in ihttpd to avoid build fail
 
 #Disable in ihttpd to avoid build fail

-#%patch23 -p1 -b .export
-%patch24 -p1 -b .corelimit
-#%patch26 -p1 -b .r1337344+
-%patch27 -p1 -b .icons
-%patch29 -p1 -b .systemd
-%patch30 -p1 -b .cachehardmax
+#%patch23 -P 23 -p1 -b .export
+%patch24 -P 24 -p1 -b .corelimit
+#%patch26 -P 26 -p1 -b .r1337344+
+%patch27 -P 27 -p1 -b .icons
+%patch29 -P 29 -p1 -b .systemd
+%patch30 -P 30 -p1 -b .cachehardmax

 # No longer applies
 # No longer applies

-#%patch31 -p1 -b .sslmultiproxy
-%patch34 -p1 -b .socketactivation
-#%patch35 -p1 -b .sslciphdefault
-#patch44 -p1 -b .luaresume
+#%patch31 -P 31 -p1 -b .sslmultiproxy
+%patch34 -P 34 -p1 -b .socketactivation
+#%patch35 -P 35 -p1 -b .sslciphdefault
+#patch44 -P 44 -p1 -b .luaresume

 
 

-%patch100 -p1 -b .ab_source_address.droplet
-%patch101 -p0 -b .PR45994.droplet
+%patch100 -P 100 -p1 -b .ab_source_address.droplet
+%patch101 -P 101 -p0 -b .PR45994.droplet

 
 # Patch in vendor/release string
 sed "s/@RELEASE@/%{vstring}/" < %{PATCH20} | patch -p1
 
 # Patch in vendor/release string
 sed "s/@RELEASE@/%{vstring}/" < %{PATCH20} | patch -p1