Upgrade to apache 2.4.33

diff --git a/SOURCES/httpd-2.4.20.tar.bz2 b/SOURCES/httpd-2.4.20.tar.bz2
deleted file mode 100644 (file)
index 8d0b460..0000000
Binary files a/SOURCES/httpd-2.4.20.tar.bz2 and /dev/null differ

diff --git a/SOURCES/httpd-2.4.17-socket-activation.patch b/SOURCES/httpd-2.4.33-socket-activation.patch
similarity index 89%
rename from SOURCES/httpd-2.4.17-socket-activation.patch
rename to SOURCES/httpd-2.4.33-socket-activation.patch
index d5cbdf20d69f2987fbe0a00b284204c86958dad7..9158866bc0dcc69220f9968d525dc46b55b17091 100644 (file)
--- a/SOURCES/httpd-2.4.17-socket-activation.patch
+++ b/SOURCES/httpd-2.4.33-socket-activation.patch
@@ -1,7 +1,6 @@
-diff --git a/server/listen.c b/server/listen.c
-index 1d9be83..f5f7754 100644
---- a/server/listen.c
-+++ b/server/listen.c
+diff -urNp a/server/listen.c.socketactivation b/server/listen.c
+--- a/server/listen.c.socketactivation 2017-08-16 18:48:29.000000000 +0200
++++ b/server/listen.c  2018-06-18 14:31:10.639221470 +0200

 @@ -34,6 +34,10 @@
  #include <unistd.h>
  #endif
 @@ -34,6 +34,10 @@
  #include <unistd.h>
  #endif


@@ -27,7 +26,7 @@ index 1d9be83..f5f7754 100644
  {
      apr_socket_t *s = server->sd;
      int one = 1;
  {
      apr_socket_t *s = server->sd;
      int one = 1;

-@@ -94,20 +101,6 @@ static apr_status_t make_sock(apr_pool_t *p, ap_listen_rec *server)
+@@ -94,20 +101,6 @@ static apr_status_t make_sock(apr_pool_t

          return stat;
      }
  
          return stat;
      }
  


@@ -48,7 +47,7 @@ index 1d9be83..f5f7754 100644
      /*
       * To send data over high bandwidth-delay connections at full
       * speed we must force the TCP window to open wide enough to keep the
      /*
       * To send data over high bandwidth-delay connections at full
       * speed we must force the TCP window to open wide enough to keep the

-@@ -169,21 +162,37 @@ static apr_status_t make_sock(apr_pool_t *p, ap_listen_rec *server)
+@@ -169,21 +162,37 @@ static apr_status_t make_sock(apr_pool_t

      }
  #endif
  
      }
  #endif
  


@@ -100,11 +99,10 @@ index 1d9be83..f5f7754 100644
      }
  
  #ifdef WIN32
      }
  
  #ifdef WIN32

-@@ -277,6 +286,124 @@ static apr_status_t close_listeners_on_exec(void *v)
+@@ -277,6 +286,123 @@ static apr_status_t close_listeners_on_e

      return APR_SUCCESS;
  }
  
      return APR_SUCCESS;
  }
  

-+

 +#ifdef HAVE_SYSTEMD
 +
 +static int find_systemd_socket(process_rec * process, apr_port_t port) {
 +#ifdef HAVE_SYSTEMD
 +
 +static int find_systemd_socket(process_rec * process, apr_port_t port) {


@@ -222,10 +220,10 @@ index 1d9be83..f5f7754 100644
 +
 +#endif /* HAVE_SYSTEMD */
 +
 +
 +#endif /* HAVE_SYSTEMD */
 +

- static const char *alloc_listener(process_rec *process, char *addr,
-                                   apr_port_t port, const char* proto,
-                                   void *slave)
-@@ -479,7 +606,7 @@ static int open_listeners(apr_pool_t *pool)
+ static int find_listeners(ap_listen_rec **from, ap_listen_rec **to,
+                           const char *addr, apr_port_t port)
+ {
+@@ -495,7 +621,7 @@ static int open_listeners(apr_pool_t *po

                  }
              }
  #endif
                  }
              }
  #endif


@@ -234,7 +232,7 @@ index 1d9be83..f5f7754 100644
                  ++num_open;
              }
              else {
                  ++num_open;
              }
              else {

-@@ -591,8 +718,28 @@ AP_DECLARE(int) ap_setup_listeners(server_rec *s)
+@@ -607,8 +733,28 @@ AP_DECLARE(int) ap_setup_listeners(serve

          }
      }
  
          }
      }
  


@@ -265,7 +263,7 @@ index 1d9be83..f5f7754 100644
      }
  
      for (lr = ap_listeners; lr; lr = lr->next) {
      }
  
      for (lr = ap_listeners; lr; lr = lr->next) {

-@@ -682,7 +829,7 @@ AP_DECLARE(apr_status_t) ap_duplicate_listeners(apr_pool_t *p, server_rec *s,
+@@ -698,7 +844,7 @@ AP_DECLARE(apr_status_t) ap_duplicate_li

                              duplr->bind_addr);
                  return stat;
              }
                              duplr->bind_addr);
                  return stat;
              }


@@ -274,7 +272,7 @@ index 1d9be83..f5f7754 100644
  #if AP_NONBLOCK_WHEN_MULTI_LISTEN
              use_nonblock = (ap_listeners && ap_listeners->next);
              stat = apr_socket_opt_set(duplr->sd, APR_SO_NONBLOCK, use_nonblock);
  #if AP_NONBLOCK_WHEN_MULTI_LISTEN
              use_nonblock = (ap_listeners && ap_listeners->next);
              stat = apr_socket_opt_set(duplr->sd, APR_SO_NONBLOCK, use_nonblock);

-@@ -809,6 +956,11 @@ AP_DECLARE_NONSTD(const char *) ap_set_listener(cmd_parms *cmd, void *dummy,
+@@ -825,6 +971,11 @@ AP_DECLARE_NONSTD(const char *) ap_set_l

      if (argc < 1 || argc > 2) {
          return "Listen requires 1 or 2 arguments.";
      }
      if (argc < 1 || argc > 2) {
          return "Listen requires 1 or 2 arguments.";
      }


@@ -286,7 +284,7 @@ index 1d9be83..f5f7754 100644
  
      rv = apr_parse_addr_port(&host, &scope_id, &port, argv[0], cmd->pool);
      if (rv != APR_SUCCESS) {
  
      rv = apr_parse_addr_port(&host, &scope_id, &port, argv[0], cmd->pool);
      if (rv != APR_SUCCESS) {

-@@ -840,6 +992,12 @@ AP_DECLARE_NONSTD(const char *) ap_set_listener(cmd_parms *cmd, void *dummy,
+@@ -856,6 +1007,12 @@ AP_DECLARE_NONSTD(const char *) ap_set_l

          ap_str_tolower(proto);
      }
  
          ap_str_tolower(proto);
      }
  

diff --git a/SOURCES/httpd-2.4.17-sslciphdefault.patch b/SOURCES/httpd-2.4.33-sslciphdefault.patch
similarity index 75%
rename from SOURCES/httpd-2.4.17-sslciphdefault.patch
rename to SOURCES/httpd-2.4.33-sslciphdefault.patch
index 8efc46158fb9a71d69030f76d15265044fad7ec9..6b94a16935118d5248ce8695c45f3918a4b8d3fd 100644 (file)
--- a/SOURCES/httpd-2.4.17-sslciphdefault.patch
+++ b/SOURCES/httpd-2.4.33-sslciphdefault.patch
@@ -3,9 +3,9 @@ https://bugzilla.redhat.com/show_bug.cgi?id=1109119
 
 Don't prepend !aNULL etc if PROFILE= is used with SSLCipherSuite.
 
 
 Don't prepend !aNULL etc if PROFILE= is used with SSLCipherSuite.
 

---- httpd-2.4.17/modules/ssl/ssl_engine_config.c.sslciphdefault
-+++ httpd-2.4.17/modules/ssl/ssl_engine_config.c
-@@ -708,8 +708,10 @@ const char *ssl_cmd_SSLCipherSuite(cmd_p
+--- httpd-2.4.33/modules/ssl/ssl_engine_config.c.sslciphdefault
++++ httpd-2.4.33/modules/ssl/ssl_engine_config.c
+@@ -758,8 +758,10 @@ const char *ssl_cmd_SSLCipherSuite(cmd_p

      SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
      SSLDirConfigRec *dc = (SSLDirConfigRec *)dcfg;
  
      SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
      SSLDirConfigRec *dc = (SSLDirConfigRec *)dcfg;
  


@@ -18,9 +18,9 @@ Don't prepend !aNULL etc if PROFILE= is used with SSLCipherSuite.
  
      if (cmd->path) {
          dc->szCipherSuite = arg;
  
      if (cmd->path) {
          dc->szCipherSuite = arg;

-@@ -1428,8 +1430,10 @@ const char *ssl_cmd_SSLProxyCipherSuite(
+@@ -1502,8 +1504,10 @@ const char *ssl_cmd_SSLProxyCipherSuite(

  {
  {

-     SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
+     SSLDirConfigRec *dc = (SSLDirConfigRec *)dcfg;

  
 -    /* always disable null and export ciphers */
 -    arg = apr_pstrcat(cmd->pool, arg, ":!aNULL:!eNULL:!EXP", NULL);
  
 -    /* always disable null and export ciphers */
 -    arg = apr_pstrcat(cmd->pool, arg, ":!aNULL:!eNULL:!EXP", NULL);


@@ -29,5 +29,5 @@ Don't prepend !aNULL etc if PROFILE= is used with SSLCipherSuite.
 +    if (strncmp(arg, "PROFILE=", 8) != 0)
 +        arg = apr_pstrcat(cmd->pool, arg, ":!aNULL:!eNULL:!EXP", NULL);
  
 +    if (strncmp(arg, "PROFILE=", 8) != 0)
 +        arg = apr_pstrcat(cmd->pool, arg, ":!aNULL:!eNULL:!EXP", NULL);
  

-     sc->proxy->auth.cipher_suite = arg;
+     dc->proxy->auth.cipher_suite = arg;

  
  

diff --git a/SOURCES/httpd-2.4.33.tar.bz2 b/SOURCES/httpd-2.4.33.tar.bz2
new file mode 100644 (file)
index 0000000..725aded
Binary files /dev/null and b/SOURCES/httpd-2.4.33.tar.bz2 differ