Resolves: #2186645 - Fix issue found by covscan in httpd package

Resolves: #2173295 - Include Apache httpd module mod_authnz_fcgi

00-optional.conf

@@ -4,6 +4,7 @@
 # 
 
 #LoadModule asis_module modules/mod_asis.so
+#LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so
 #LoadModule buffer_module modules/mod_buffer.so
 #LoadModule heartbeat_module modules/mod_heartbeat.so
 #LoadModule heartmonitor_module modules/mod_heartmonitor.so

httpd-2.4.57-covscan.patch

@@ -0,0 +1,14 @@
+diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c
+index f93f23f..4be51de 100644
+--- a/modules/mappers/mod_rewrite.c
++++ b/modules/mappers/mod_rewrite.c
+@@ -4758,8 +4758,8 @@ static int hook_uri2file(request_rec *r)
+     }
+ 
+     if (rulestatus) {
+-        unsigned skip_absolute = is_absolute_uri(r->filename, NULL);
+         apr_size_t flen =  r->filename ? strlen(r->filename) : 0;
++        unsigned skip_absolute = flen ? is_absolute_uri(r->filename, NULL) : 0;
+         int to_proxyreq = (flen > 6 && strncmp(r->filename, "proxy:", 6) == 0);
+         int will_escape = skip_absolute && (rulestatus != ACTION_NOESCAPE);
+ 

httpd.spec

@@ -13,7 +13,7 @@
 Summary: Apache HTTP Server
 Name: httpd
 Version: 2.4.57
-Release: 1%{?dist}
+Release: 2%{?dist}
 URL: https://httpd.apache.org/
 Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
 Source1: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2.asc
@@ -110,6 +110,9 @@ Patch66: httpd-2.4.51-r1892413+.patch
 Patch67: httpd-2.4.51-r1811831.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=2098056
 Patch68: httpd-2.4.53-r1878890.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=2186645
+Patch69: httpd-2.4.57-covscan.patch
+
 
 # Security fixes
 # https://bugzilla.redhat.com/show_bug.cgi?id=...
@@ -279,6 +282,7 @@ written in the Lua programming language.
 %patch66 -p1 -b .r1892413+
 %patch67 -p1 -b .r1811831
 %patch68 -p1 -b .r1878890
+%patch69 -p1 -b .covstan
 
 # Patch in the vendor string
 sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h
@@ -382,6 +386,7 @@ export LYNX_PATH=/usr/bin/links
         --enable-cgid --enable-cgi \
         --enable-cgid-fdpassing \
         --enable-authn-anon --enable-authn-alias \
+        --enable-authnz-fcgi \
         --enable-systemd \
         --disable-imagemap --disable-file-cache \
         --disable-http2 \
@@ -838,6 +843,10 @@ exit $rv
 %{_rpmconfigdir}/macros.d/macros.httpd
 
 %changelog
+* Fri Apr 14 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-2
+- Resolves: #2186645 - Fix issue found by covscan in httpd package
+- Resolves: #2173295 - Include Apache httpd module mod_authnz_fcgi
+
 * Tue Apr 11 2023 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-1
 - Resolves: #2184403 - rebase httpd to 2.4.57
 - Resolves: #2177753 - CVE-2023-25690 httpd: HTTP request splitting with