update to 2.4.34 (#1601160)

Resolves: rhbz#1601160
This commit is contained in:
Joe Orton 2018-07-18 11:55:03 +01:00
parent bc2b0a9538
commit 5072c65a7b
4 changed files with 25 additions and 108 deletions

View File

@ -1,59 +0,0 @@
# ./pullrev.sh 1833841
http://svn.apache.org/viewvc?view=revision&revision=1833841
--- httpd-2.4.33/modules/http/http_request.c
+++ httpd-2.4.33/modules/http/http_request.c
@@ -345,6 +345,16 @@
return rv;
}
+#define RETRIEVE_BRIGADE_FROM_POOL(bb, key, pool, allocator) do { \
+ apr_pool_userdata_get((void **)&bb, key, pool); \
+ if (bb == NULL) { \
+ bb = apr_brigade_create(pool, allocator); \
+ apr_pool_userdata_setn((const void *)bb, key, NULL, pool); \
+ } \
+ else { \
+ apr_brigade_cleanup(bb); \
+ } \
+} while(0)
AP_DECLARE(void) ap_process_request_after_handler(request_rec *r)
{
@@ -357,7 +367,8 @@
* this bucket is destroyed, the request will be logged and
* its pool will be freed
*/
- bb = apr_brigade_create(c->pool, c->bucket_alloc);
+ RETRIEVE_BRIGADE_FROM_POOL(bb, "ap_process_request_after_handler_brigade",
+ c->pool, c->bucket_alloc);
b = ap_bucket_eor_create(c->bucket_alloc, r);
APR_BRIGADE_INSERT_HEAD(bb, b);
@@ -383,7 +394,7 @@
*/
rv = ap_check_pipeline(c, bb, DEFAULT_LIMIT_BLANK_LINES);
c->data_in_input_filters = (rv == APR_SUCCESS);
- apr_brigade_destroy(bb);
+ apr_brigade_cleanup(bb);
if (c->cs)
c->cs->state = (c->aborted) ? CONN_STATE_LINGER
@@ -477,7 +488,8 @@
ap_process_async_request(r);
if (!c->data_in_input_filters) {
- bb = apr_brigade_create(c->pool, c->bucket_alloc);
+ RETRIEVE_BRIGADE_FROM_POOL(bb, "ap_process_request_brigade",
+ c->pool, c->bucket_alloc);
b = apr_bucket_flush_create(c->bucket_alloc);
APR_BRIGADE_INSERT_HEAD(bb, b);
rv = ap_pass_brigade(c->output_filters, bb);
@@ -490,6 +502,7 @@
ap_log_cerror(APLOG_MARK, APLOG_INFO, rv, c, APLOGNO(01581)
"flushing data to the client");
}
+ apr_brigade_cleanup(bb);
}
if (ap_extended_status) {
ap_time_process_request(c->sbh, STOP_PREQUEST);

View File

@ -1,15 +0,0 @@
https://bugzilla.redhat.com/show_bug.cgi?id=1564537
--- httpd-2.4.33/modules/ssl/ssl_engine_init.c.sslmerging
+++ httpd-2.4.33/modules/ssl/ssl_engine_init.c
@@ -261,7 +261,8 @@
* the protocol is https. */
if (ap_get_server_protocol(s)
&& strcmp("https", ap_get_server_protocol(s)) == 0
- && sc->enabled == SSL_ENABLED_UNSET) {
+ && sc->enabled == SSL_ENABLED_UNSET
+ && (!apr_is_empty_array(sc->server->pks->cert_files))) {
sc->enabled = SSL_ENABLED_TRUE;
}

View File

@ -1,8 +1,5 @@
diff --git a/modules/proxy/ajp.h b/modules/proxy/ajp.h
index c119a7e..267150a 100644
diff -uap httpd-2.4.33/modules/proxy/ajp_header.c.r1738878 httpd-2.4.33/modules/proxy/ajp_header.c
--- httpd-2.4.33/modules/proxy/ajp_header.c.r1738878
+++ httpd-2.4.33/modules/proxy/ajp_header.c
--- httpd-2.4.34/modules/proxy/ajp_header.c.r1738878
+++ httpd-2.4.34/modules/proxy/ajp_header.c
@@ -213,7 +213,8 @@
static apr_status_t ajp_marshal_into_msgb(ajp_msg_t *msg,
@ -53,9 +50,8 @@ diff -uap httpd-2.4.33/modules/proxy/ajp_header.c.r1738878 httpd-2.4.33/modules/
if (rc != APR_SUCCESS) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00988)
"ajp_send_header: ajp_marshal_into_msgb failed");
diff -uap httpd-2.4.33/modules/proxy/ajp.h.r1738878 httpd-2.4.33/modules/proxy/ajp.h
--- httpd-2.4.33/modules/proxy/ajp.h.r1738878
+++ httpd-2.4.33/modules/proxy/ajp.h
--- httpd-2.4.34/modules/proxy/ajp.h.r1738878
+++ httpd-2.4.34/modules/proxy/ajp.h
@@ -413,12 +413,14 @@
* @param sock backend socket
* @param r current request
@ -72,9 +68,8 @@ diff -uap httpd-2.4.33/modules/proxy/ajp.h.r1738878 httpd-2.4.33/modules/proxy/a
/**
* Read the ajp message and return the type of the message.
diff -uap httpd-2.4.33/modules/proxy/mod_proxy_ajp.c.r1738878 httpd-2.4.33/modules/proxy/mod_proxy_ajp.c
--- httpd-2.4.33/modules/proxy/mod_proxy_ajp.c.r1738878
+++ httpd-2.4.33/modules/proxy/mod_proxy_ajp.c
--- httpd-2.4.34/modules/proxy/mod_proxy_ajp.c.r1738878
+++ httpd-2.4.34/modules/proxy/mod_proxy_ajp.c
@@ -193,6 +193,7 @@
apr_off_t content_length = 0;
int original_status = r->status;
@ -100,10 +95,9 @@ diff -uap httpd-2.4.33/modules/proxy/mod_proxy_ajp.c.r1738878 httpd-2.4.33/modul
if (status != APR_SUCCESS) {
conn->close = 1;
ap_log_rerror(APLOG_MARK, APLOG_ERR, status, r, APLOGNO(00868)
diff -uap httpd-2.4.33/modules/proxy/mod_proxy.c.r1738878 httpd-2.4.33/modules/proxy/mod_proxy.c
--- httpd-2.4.33/modules/proxy/mod_proxy.c.r1738878
+++ httpd-2.4.33/modules/proxy/mod_proxy.c
@@ -318,6 +318,12 @@
--- httpd-2.4.34/modules/proxy/mod_proxy.c.r1738878
+++ httpd-2.4.34/modules/proxy/mod_proxy.c
@@ -319,6 +319,12 @@
(int)sizeof(worker->s->upgrade));
}
}
@ -113,13 +107,12 @@ diff -uap httpd-2.4.33/modules/proxy/mod_proxy.c.r1738878 httpd-2.4.33/modules/p
+ (int)sizeof(worker->s->secret));
+ }
+ }
else {
if (set_worker_hc_param_f) {
return set_worker_hc_param_f(p, s, worker, key, val, NULL);
diff -uap httpd-2.4.33/modules/proxy/mod_proxy.h.r1738878 httpd-2.4.33/modules/proxy/mod_proxy.h
--- httpd-2.4.33/modules/proxy/mod_proxy.h.r1738878
+++ httpd-2.4.33/modules/proxy/mod_proxy.h
@@ -353,6 +353,7 @@
else if (!strcasecmp(key, "responsefieldsize")) {
long s = atol(val);
if (s < 0) {
--- httpd-2.4.34/modules/proxy/mod_proxy.h.r1738878
+++ httpd-2.4.34/modules/proxy/mod_proxy.h
@@ -357,6 +357,7 @@
#define PROXY_WORKER_MAX_HOSTNAME_SIZE 64
#define PROXY_BALANCER_MAX_HOSTNAME_SIZE PROXY_WORKER_MAX_HOSTNAME_SIZE
#define PROXY_BALANCER_MAX_STICKY_SIZE 64
@ -127,10 +120,10 @@ diff -uap httpd-2.4.33/modules/proxy/mod_proxy.h.r1738878 httpd-2.4.33/modules/p
#define PROXY_RFC1035_HOSTNAME_SIZE 256
@@ -447,6 +448,7 @@
apr_interval_time_t interval;
char upgrade[PROXY_WORKER_MAX_SCHEME_SIZE];/* upgrade protocol used by mod_proxy_wstunnel */
@@ -453,6 +454,7 @@
char hostname_ex[PROXY_RFC1035_HOSTNAME_SIZE]; /* RFC1035 compliant version of the remote backend address */
apr_size_t response_field_size; /* Size of proxy response buffer in bytes. */
unsigned int response_field_size_set:1;
+ char secret[PROXY_WORKER_MAX_SECRET_SIZE]; /* authentication secret (e.g. AJP13) */
} proxy_worker_shared;

View File

@ -12,8 +12,8 @@
Summary: Apache HTTP Server
Name: httpd
Version: 2.4.33
Release: 10%{?dist}
Version: 2.4.34
Release: 1%{?dist}
URL: https://httpd.apache.org/
Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
Source1: index.html
@ -78,10 +78,7 @@ Patch36: httpd-2.4.33-r1830819+.patch
# Bug fixes
# https://bugzilla.redhat.com/show_bug.cgi?id=1397243
Patch58: httpd-2.4.33-r1738878.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1564537
Patch59: httpd-2.4.33-sslmerging.patch
Patch60: httpd-2.4.33-r1833841.patch
Patch58: httpd-2.4.34-r1738878.patch
# Security fixes
@ -230,7 +227,7 @@ interface for storing and accessing per-user session data.
%patch23 -p1 -b .export
%patch24 -p1 -b .corelimit
%patch25 -p1 -b .selinux
%patch26 -p1 -b .r1337344+
#patch26 -p1 -b .r1337344+
%patch27 -p1 -b .icons
%patch29 -p1 -b .systemd
%patch30 -p1 -b .cachehardmax
@ -240,8 +237,6 @@ interface for storing and accessing per-user session data.
%patch36 -p1 -b .r1830819+
%patch58 -p1 -b .r1738878
%patch59 -p1 -b .sslmerging
%patch60 -p1 -b .r1833841
# Patch in the vendor string
sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h
@ -730,6 +725,9 @@ exit $rv
%{_rpmconfigdir}/macros.d/macros.httpd
%changelog
* Wed Jul 18 2018 Joe Orton <jorton@redhat.com> - 2.4.34-1
- update to 2.4.34 (#1601160)
* Mon Jul 16 2018 Joe Orton <jorton@redhat.com> - 2.4.33-10
- don't block on service try-restart in posttrans scriptlet
- add Lua-based /server-status example page to docs