update to 2.4.39

2019-04-02 10:53:17 +00:00 · 2019-04-02 10:53:17 +00:00 · c30e102180
commit c30e102180
parent b86b48c4a2
3 changed files with 6 additions and 47 deletions
--- a/httpd-2.4.37-fips-segfault.patch
+++ b/httpd-2.4.37-fips-segfault.patch
@ -1,42 +0,0 @@
-diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c
-index 37947e7..b50c259 100644
--- a/modules/ssl/mod_ssl.c
-+++ b/modules/ssl/mod_ssl.c
-@@ -331,9 +331,6 @@ static apr_status_t ssl_cleanup_pre_config(void *data)
-     /*
-      * Try to kill the internals of the SSL library.
-      */
-#ifdef HAVE_FIPS
-    FIPS_mode_set(0);
-#endif
-     /* Corresponds to OBJ_create()s */
-     OBJ_cleanup();
-     /* Corresponds to OPENSSL_load_builtin_modules() */
-diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
-index 5063a72..21e41e2 100644
--- a/modules/ssl/ssl_engine_init.c
-+++ b/modules/ssl/ssl_engine_init.c
-@@ -183,6 +183,14 @@ int ssl_is_challenge(conn_rec *c, const char *servername,
-     return 0;
- }
- 
-+#ifdef HAVE_FIPS
-+static apr_status_t ssl_fips_cleanup(void *data)
-+{
-+    FIPS_mode_set(0);
-+    return APR_SUCCESS;
-+}
-+#endif
-+
- /*
-  *  Per-module initialization
-  */
-@@ -316,6 +324,8 @@ apr_status_t ssl_init_Module(apr_pool_t *p, apr_pool_t *plog,
-             if (FIPS_mode_set(1)) {
-                 ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, s, APLOGNO(01884)
-                              "Operating in SSL FIPS mode");
-+                apr_pool_cleanup_register(p, NULL, ssl_fips_cleanup,
-+                                          apr_pool_cleanup_null);
-             }
-             else {
-                 ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(01885) "FIPS mode failed");
--- a/httpd.spec
+++ b/httpd.spec
@ -12,8 +12,8 @@

 Summary: Apache HTTP Server
 Name: httpd
-Version: 2.4.38
-Release: 6%{?dist}
+Version: 2.4.39
+Release: 1%{?dist}
 URL: https://httpd.apache.org/
 Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
 Source1: index.html
@ -76,7 +76,6 @@ Patch34: httpd-2.4.17-socket-activation.patch
 Patch36: httpd-2.4.38-r1830819+.patch
 Patch38: httpd-2.4.34-sslciphdefault.patch
 Patch39: httpd-2.4.37-sslprotdefault.patch
-Patch40: httpd-2.4.37-fips-segfault.patch

 # Bug fixes
 # https://bugzilla.redhat.com/show_bug.cgi?id=1397243
@ -226,7 +225,6 @@ interface for storing and accessing per-user session data.
 %patch36 -p1 -b .r1830819+
 %patch38 -p1 -b .sslciphdefault
 %patch39 -p1 -b .sslprotdefault
-%patch40 -p1 -b .fipsseg

 %patch58 -p1 -b .r1738878
 %patch60 -p1 -b .enable-sslv3
@ -733,6 +731,9 @@ exit $rv
 %{_rpmconfigdir}/macros.d/macros.httpd

 %changelog
+* Tue Apr 02 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.39-1
+- update to 2.4.39
+
 * Thu Feb 28 2019 Joe Orton <jorton@redhat.com> - 2.4.38-6
 - apachectl: cleanup and replace script wholesale (#1641237)
 * drop "apachectl fullstatus" support
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (httpd-2.4.38.tar.bz2) = 8bdc36fa2bd13fd83feee17fdce4a5316ed8f96c1ac32b636ba106572ba257815438c72068d2d0e900783a3fa25c90a5da34c3f83fc2c04a1dbdbf234f7ad448
+SHA512 (httpd-2.4.39.tar.bz2) = 9742202040b3dc6344b301540f54b2d3f8e36898410d24206a7f8dcecb1bea7d7230fabc7256752724558af249facf64bffe2cf678b8f7cccb64076737abfda7