rpms/httpd
7
0
Fork 0
Code Issues Pull Requests Releases Activity

update to 2.4.41

Browse Source
This commit is contained in:
Joe Orton 2019-08-15 06:44:03 +01:00
parent 84b529bffa
commit 1578b45343
5 changed files with 8 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
httpd-2.4.37-r1857129.patch
View File

@ -1,65 +0,0 @@
# ./pullrev.sh 1857129
http://svn.apache.org/viewvc?view=revision&revision=1857129
--- httpd-2.4.37/modules/filters/mod_reqtimeout.c
+++ httpd-2.4.37/modules/filters/mod_reqtimeout.c
@@ -31,7 +31,7 @@
#define UNSET -1
#define MRT_DEFAULT_handshake_TIMEOUT 0 /* disabled */
#define MRT_DEFAULT_handshake_MAX_TIMEOUT 0
-#define MRT_DEFAULT_handshake_MIN_RATE APR_INT32_MAX
+#define MRT_DEFAULT_handshake_MIN_RATE 0
#define MRT_DEFAULT_header_TIMEOUT 20
#define MRT_DEFAULT_header_MAX_TIMEOUT 40
#define MRT_DEFAULT_header_MIN_RATE 500
@@ -220,7 +220,7 @@
if (block == APR_NONBLOCK_READ || mode == AP_MODE_INIT
|| mode == AP_MODE_EATCRLF) {
rv = ap_get_brigade(f->next, bb, mode, block, readbytes);
- if (ccfg->cur_stage.rate_factor > 0 && rv == APR_SUCCESS) {
+ if (ccfg->cur_stage.rate_factor && rv == APR_SUCCESS) {
extend_timeout(ccfg, bb);
}
return rv;
@@ -254,7 +254,7 @@
}
if (!APR_BRIGADE_EMPTY(bb)) {
- if (ccfg->cur_stage.rate_factor > 0) {
+ if (ccfg->cur_stage.rate_factor) {
extend_timeout(ccfg, bb);
}
@@ -315,7 +315,7 @@
* the real (relevant) bytes to be asked later, within the
* currently alloted time.
*/
- if (ccfg->cur_stage.rate_factor > 0 && rv == APR_SUCCESS
+ if (ccfg->cur_stage.rate_factor && rv == APR_SUCCESS
&& mode != AP_MODE_SPECULATIVE) {
extend_timeout(ccfg, bb);
}
@@ -638,17 +638,17 @@
ap_hook_post_read_request(reqtimeout_before_body, NULL, NULL,
APR_HOOK_MIDDLE);
-#if MRT_DEFAULT_HANDSHAKE_MIN_RATE > 0
+#if MRT_DEFAULT_handshake_MIN_RATE
default_handshake_rate_factor = apr_time_from_sec(1) /
- MRT_DEFAULT_HANDSHAKE_MIN_RATE;
+ MRT_DEFAULT_handshake_MIN_RATE;
#endif
-#if MRT_DEFAULT_HEADER_MIN_RATE > 0
+#if MRT_DEFAULT_header_MIN_RATE
default_header_rate_factor = apr_time_from_sec(1) /
- MRT_DEFAULT_HEADER_MIN_RATE;
+ MRT_DEFAULT_header_MIN_RATE;
#endif
-#if MRT_DEFAULT_BODY_MIN_RATE > 0
+#if MRT_DEFAULT_body_MIN_RATE
default_body_rate_factor = apr_time_from_sec(1) /
- MRT_DEFAULT_BODY_MIN_RATE;
+ MRT_DEFAULT_body_MIN_RATE;
#endif
}

4
httpd-2.4.37-r1861793+.patch
View File

@ -46,7 +46,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1862612
+ " -5 Force SHA-512 crypt() hash of the password (very secure)." NL + " -5 Force SHA-512 crypt() hash of the password (very secure)." NL
+ " -B Force bcrypt aencryption of the password (very secure)." NL + " -B Force bcrypt aencryption of the password (very secure)." NL
" -C Set the computing time used for the bcrypt algorithm" NL " -C Set the computing time used for the bcrypt algorithm" NL
" (higher is more secure but slower, default: %d, valid: 4 to 31)." NL " (higher is more secure but slower, default: %d, valid: 4 to 17)." NL
+ " -r Set the number of rounds used for the SHA-256, SHA-512 algorithms" NL + " -r Set the number of rounds used for the SHA-256, SHA-512 algorithms" NL
+ " (higher is more secure but slower, default: 5000)." NL + " (higher is more secure but slower, default: 5000)." NL
" -d Force CRYPT encryption of the password (8 chars max, insecure)." NL " -d Force CRYPT encryption of the password (8 chars max, insecure)." NL
@ -237,7 +237,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1862612
.TP .TP
@@ -79,11 +85,14 @@ @@ -79,11 +85,14 @@
\fB-C\fR \fB-C\fR
This flag is only allowed in combination with \fB-B\fR (bcrypt encryption)\&. It sets the computing time used for the bcrypt algorithm (higher is more secure but slower, default: 5, valid: 4 to 31)\&. This flag is only allowed in combination with \fB-B\fR (bcrypt encryption)\&. It sets the computing time used for the bcrypt algorithm (higher is more secure but slower, default: 5, valid: 4 to 17)\&.
.TP .TP
+\fB-r\fR +\fB-r\fR
+This flag is only allowed in combination with \fB-2\fR or \fB-5\fR\&. It sets the number of hash rounds used for the SHA-2 algorithms (higher is more secure but slower; the default is 5,000)\&. +This flag is only allowed in combination with \fB-2\fR or \fB-5\fR\&. It sets the number of hash rounds used for the SHA-2 algorithms (higher is more secure but slower; the default is 5,000)\&.

35
httpd-2.4.39-r1842929+.patch
View File

@ -118,41 +118,6 @@ http://svn.apache.org/viewvc?view=revision&revision=1853631
dav_hook_gather_propsets(dav_fs_gather_propsets, NULL, NULL, dav_hook_gather_propsets(dav_fs_gather_propsets, NULL, NULL,
APR_HOOK_MIDDLE); APR_HOOK_MIDDLE);
dav_hook_find_liveprop(dav_fs_find_liveprop, NULL, NULL, APR_HOOK_MIDDLE); dav_hook_find_liveprop(dav_fs_find_liveprop, NULL, NULL, APR_HOOK_MIDDLE);
--- httpd-2.4.39/modules/md/mod_md_config.c.r1842929+
+++ httpd-2.4.39/modules/md/mod_md_config.c
@@ -54,10 +54,18 @@
#define DEF_VAL (-1)
+#ifndef MD_DEFAULT_BASE_DIR
+#define MD_DEFAULT_BASE_DIR "md"
+#endif
+
/* Default settings for the global conf */
static md_mod_conf_t defmc = {
NULL,
- "md",
+#if 1
+ NULL, /* apply default state-dir-relative */
+#else
+ MD_DEFAULT_BASE_DIR,
+#endif
NULL,
NULL,
80,
@@ -864,6 +872,12 @@
if (mc->hsts_max_age > 0) {
mc->hsts_header = apr_psprintf(p, "max-age=%d", mc->hsts_max_age);
}
+
+#if 1
+ if (mc->base_dir == NULL) {
+ mc->base_dir = ap_state_dir_relative(p, MD_DEFAULT_BASE_DIR);
+ }
+#endif
return APR_SUCCESS;
}
--- httpd-2.4.39/server/core.c.r1842929+ --- httpd-2.4.39/server/core.c.r1842929+
+++ httpd-2.4.39/server/core.c +++ httpd-2.4.39/server/core.c
@@ -129,6 +129,8 @@ @@ -129,6 +129,8 @@

10
httpd.spec
View File

@ -12,8 +12,8 @@
Summary: Apache HTTP Server Summary: Apache HTTP Server
Name: httpd Name: httpd
Version: 2.4.39 Version: 2.4.41
Release: 13%{?dist} Release: 1%{?dist}
URL: https://httpd.apache.org/ URL: https://httpd.apache.org/
Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2 Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
Source1: index.html Source1: index.html
@ -83,8 +83,6 @@ Patch42: httpd-2.4.37-r1828172+.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1397243 # https://bugzilla.redhat.com/show_bug.cgi?id=1397243
Patch58: httpd-2.4.34-r1738878.patch Patch58: httpd-2.4.34-r1738878.patch
Patch60: httpd-2.4.34-enable-sslv3.patch Patch60: httpd-2.4.34-enable-sslv3.patch
# https://bz.apache.org/bugzilla/show_bug.cgi?id=63325
Patch61: httpd-2.4.37-r1857129.patch
# Security fixes # Security fixes
@ -223,7 +221,6 @@ interface for storing and accessing per-user session data.
%patch58 -p1 -b .r1738878 %patch58 -p1 -b .r1738878
%patch60 -p1 -b .enable-sslv3 %patch60 -p1 -b .enable-sslv3
%patch61 -p1 -b .r1857129
# Patch in the vendor string # Patch in the vendor string
sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h
@ -744,6 +741,9 @@ exit $rv
%{_rpmconfigdir}/macros.d/macros.httpd %{_rpmconfigdir}/macros.d/macros.httpd
%changelog %changelog
* Thu Aug 15 2019 Joe Orton <jorton@redhat.com> - 2.4.41-1
- update to 2.4.41
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.39-13 * Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.39-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

2
sources
View File

@ -1 +1 @@
SHA512 (httpd-2.4.39.tar.bz2) = 9742202040b3dc6344b301540f54b2d3f8e36898410d24206a7f8dcecb1bea7d7230fabc7256752724558af249facf64bffe2cf678b8f7cccb64076737abfda7 SHA512 (httpd-2.4.41.tar.bz2) = 350cc7dcd2c439e0590338fa6da3f44df44f9bb885c381e91f91b14c2f48597f6f0bbac0ea118a8a67eaa70ae7edbb769beace368643ed73f6daee44c307b335