From c30e10218028cb4759eb0fa5a61d06e3148c073d Mon Sep 17 00:00:00 2001 From: Lubos Uhliarik Date: Tue, 2 Apr 2019 10:53:17 +0000 Subject: [PATCH] update to 2.4.39 --- httpd-2.4.37-fips-segfault.patch | 42 -------------------------------- httpd.spec | 9 ++++--- sources | 2 +- 3 files changed, 6 insertions(+), 47 deletions(-) delete mode 100644 httpd-2.4.37-fips-segfault.patch diff --git a/httpd-2.4.37-fips-segfault.patch b/httpd-2.4.37-fips-segfault.patch deleted file mode 100644 index 6039980..0000000 --- a/httpd-2.4.37-fips-segfault.patch +++ /dev/null @@ -1,42 +0,0 @@ -diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c -index 37947e7..b50c259 100644 ---- a/modules/ssl/mod_ssl.c -+++ b/modules/ssl/mod_ssl.c -@@ -331,9 +331,6 @@ static apr_status_t ssl_cleanup_pre_config(void *data) - /* - * Try to kill the internals of the SSL library. - */ --#ifdef HAVE_FIPS -- FIPS_mode_set(0); --#endif - /* Corresponds to OBJ_create()s */ - OBJ_cleanup(); - /* Corresponds to OPENSSL_load_builtin_modules() */ -diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c -index 5063a72..21e41e2 100644 ---- a/modules/ssl/ssl_engine_init.c -+++ b/modules/ssl/ssl_engine_init.c -@@ -183,6 +183,14 @@ int ssl_is_challenge(conn_rec *c, const char *servername, - return 0; - } - -+#ifdef HAVE_FIPS -+static apr_status_t ssl_fips_cleanup(void *data) -+{ -+ FIPS_mode_set(0); -+ return APR_SUCCESS; -+} -+#endif -+ - /* - * Per-module initialization - */ -@@ -316,6 +324,8 @@ apr_status_t ssl_init_Module(apr_pool_t *p, apr_pool_t *plog, - if (FIPS_mode_set(1)) { - ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, s, APLOGNO(01884) - "Operating in SSL FIPS mode"); -+ apr_pool_cleanup_register(p, NULL, ssl_fips_cleanup, -+ apr_pool_cleanup_null); - } - else { - ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(01885) "FIPS mode failed"); diff --git a/httpd.spec b/httpd.spec index d8f2d02..c1b14c1 100644 --- a/httpd.spec +++ b/httpd.spec @@ -12,8 +12,8 @@ Summary: Apache HTTP Server Name: httpd -Version: 2.4.38 -Release: 6%{?dist} +Version: 2.4.39 +Release: 1%{?dist} URL: https://httpd.apache.org/ Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2 Source1: index.html @@ -76,7 +76,6 @@ Patch34: httpd-2.4.17-socket-activation.patch Patch36: httpd-2.4.38-r1830819+.patch Patch38: httpd-2.4.34-sslciphdefault.patch Patch39: httpd-2.4.37-sslprotdefault.patch -Patch40: httpd-2.4.37-fips-segfault.patch # Bug fixes # https://bugzilla.redhat.com/show_bug.cgi?id=1397243 @@ -226,7 +225,6 @@ interface for storing and accessing per-user session data. %patch36 -p1 -b .r1830819+ %patch38 -p1 -b .sslciphdefault %patch39 -p1 -b .sslprotdefault -%patch40 -p1 -b .fipsseg %patch58 -p1 -b .r1738878 %patch60 -p1 -b .enable-sslv3 @@ -733,6 +731,9 @@ exit $rv %{_rpmconfigdir}/macros.d/macros.httpd %changelog +* Tue Apr 02 2019 Lubos Uhliarik - 2.4.39-1 +- update to 2.4.39 + * Thu Feb 28 2019 Joe Orton - 2.4.38-6 - apachectl: cleanup and replace script wholesale (#1641237) * drop "apachectl fullstatus" support diff --git a/sources b/sources index 69cd474..248974a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (httpd-2.4.38.tar.bz2) = 8bdc36fa2bd13fd83feee17fdce4a5316ed8f96c1ac32b636ba106572ba257815438c72068d2d0e900783a3fa25c90a5da34c3f83fc2c04a1dbdbf234f7ad448 +SHA512 (httpd-2.4.39.tar.bz2) = 9742202040b3dc6344b301540f54b2d3f8e36898410d24206a7f8dcecb1bea7d7230fabc7256752724558af249facf64bffe2cf678b8f7cccb64076737abfda7