Related: RHEL-14668 - RFE: httpd rebase to 2.4.59

This commit is contained in:
Luboš Uhliarik 2024-05-08 18:48:35 +02:00 committed by root
parent 48a224a9c9
commit 0997f80151
4 changed files with 81 additions and 1 deletions

3
.httpd.metadata Normal file
View File

@ -0,0 +1,3 @@
93445483aaf136cf415e1dddeb332fc52955a70c httpd-2.4.59.tar.bz2
702c6a5a1a33f2c481fd0b33fe7f0baed2273b56 httpd-2.4.59.tar.bz2.asc
b2457e3ce46a7634bf9272a92b4214974b9bc9e0 KEYS

15
httpd-2.4.59-gettid.patch Normal file
View File

@ -0,0 +1,15 @@
Upstream-Status: not pushed upstream
--- httpd-2.4.54/server/log.c.gettid
+++ httpd-2.4.54/server/log.c
@@ -968,7 +972,7 @@
#if APR_HAS_THREADS
field_start = len;
len += cpystrn(buf + len, ":tid ", buflen - len);
- item_len = log_tid(info, NULL, buf + len, buflen - len);
+ item_len = log_tid(info, "g", buf + len, buflen - len);
if (!item_len)
len = field_start;
else

View File

@ -0,0 +1,55 @@
# ./pullrev.sh 1916863
http://svn.apache.org/viewvc?view=revision&revision=1916863
Upstream-Status: in trunk, not proposed for 2.4.x
--- httpd-2.4.59/modules/ssl/ssl_engine_init.c
+++ httpd-2.4.59/modules/ssl/ssl_engine_init.c
@@ -1416,6 +1416,7 @@
const char *vhost_id = mctx->sc->vhost_id, *key_id, *certfile, *keyfile;
int i;
EVP_PKEY *pkey;
+ int custom_dh_done = 0;
#ifdef HAVE_ECC
EC_GROUP *ecgroup = NULL;
int curve_nid = 0;
@@ -1591,14 +1592,14 @@
*/
certfile = APR_ARRAY_IDX(mctx->pks->cert_files, 0, const char *);
if (certfile && !modssl_is_engine_id(certfile)) {
- int done = 0, num_bits = 0;
+ int num_bits = 0;
#if OPENSSL_VERSION_NUMBER < 0x30000000L
DH *dh = modssl_dh_from_file(certfile);
if (dh) {
num_bits = DH_bits(dh);
SSL_CTX_set_tmp_dh(mctx->ssl_ctx, dh);
DH_free(dh);
- done = 1;
+ custom_dh_done = 1;
}
#else
pkey = modssl_dh_pkey_from_file(certfile);
@@ -1608,18 +1609,18 @@
EVP_PKEY_free(pkey);
}
else {
- done = 1;
+ custom_dh_done = 1;
}
}
#endif
- if (done) {
+ if (custom_dh_done) {
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(02540)
"Custom DH parameters (%d bits) for %s loaded from %s",
num_bits, vhost_id, certfile);
}
}
#if !MODSSL_USE_OPENSSL_PRE_1_1_API
- else {
+ if (!custom_dh_done) {
/* If no parameter is manually configured, enable auto
* selection. */
SSL_CTX_set_dh_auto(mctx->ssl_ctx, 1);

View File

@ -13,7 +13,7 @@
Summary: Apache HTTP Server
Name: httpd
Version: 2.4.59
Release: 2%{?dist}
Release: 3%{?dist}
URL: https://httpd.apache.org/
Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
Source1: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2.asc
@ -89,12 +89,14 @@ Patch34: httpd-2.4.53-separate-systemd-fns.patch
Patch35: httpd-2.4.57-r1912477+.patch
# https://issues.redhat.com/browse/RHEL-35870
Patch36: httpd-2.4.59-unifycgid.patch
Patch37: httpd-2.4.59-gettid.patch
# Bug fixes
# https://bugzilla.redhat.com/show_bug.cgi?id=1397243
Patch100: httpd-2.4.43-enable-sslv3.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1932442
Patch101: httpd-2.4.48-full-release.patch
Patch102: httpd-2.4.59-r1916863.patch
# Security fixes
# https://bugzilla.redhat.com/show_bug.cgi?id=...
@ -255,9 +257,11 @@ written in the Lua programming language.
%patch34 -p1 -b .separatesystemd
%patch35 -p1 -b .r1912477+
%patch36 -p1 -b .unifycgid
%patch37 -p1 -b .gettid
%patch100 -p1 -b .enable-sslv3
%patch101 -p1 -b .full-release
%patch102 -p1 -b .r1916863
# Patch in the vendor string
sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h
@ -818,6 +822,9 @@ exit $rv
%{_rpmconfigdir}/macros.d/macros.httpd
%changelog
* Wed May 08 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.59-3
- Related: RHEL-14668 - RFE: httpd rebase to 2.4.59
* Wed May 8 2024 Joe Orton <jorton@redhat.com> - 2.4.59-2
- Resolves: RHEL-35870 - httpd mod_cgi/cgid unification