Related: RHEL-14668 - RFE: httpd rebase to 2.4.59

httpd-2.4.59-gettid.patch

@@ -0,0 +1,15 @@
+
+Upstream-Status: not pushed upstream
+
+--- httpd-2.4.54/server/log.c.gettid
++++ httpd-2.4.54/server/log.c
+@@ -968,7 +972,7 @@
+ #if APR_HAS_THREADS
+         field_start = len;
+         len += cpystrn(buf + len, ":tid ", buflen - len);
+-        item_len = log_tid(info, NULL, buf + len, buflen - len);
++        item_len = log_tid(info, "g", buf + len, buflen - len);
+         if (!item_len)
+             len = field_start;
+         else
+

httpd-2.4.59-r1916863.patch

@@ -0,0 +1,55 @@
+# ./pullrev.sh 1916863
+http://svn.apache.org/viewvc?view=revision&revision=1916863
+
+Upstream-Status: in trunk, not proposed for 2.4.x
+
+--- httpd-2.4.59/modules/ssl/ssl_engine_init.c
++++ httpd-2.4.59/modules/ssl/ssl_engine_init.c
+@@ -1416,6 +1416,7 @@
+     const char *vhost_id = mctx->sc->vhost_id, *key_id, *certfile, *keyfile;
+     int i;
+     EVP_PKEY *pkey;
++    int custom_dh_done = 0;
+ #ifdef HAVE_ECC
+     EC_GROUP *ecgroup = NULL;
+     int curve_nid = 0;
+@@ -1591,14 +1592,14 @@
+      */
+     certfile = APR_ARRAY_IDX(mctx->pks->cert_files, 0, const char *);
+     if (certfile && !modssl_is_engine_id(certfile)) {
+-        int done = 0, num_bits = 0;
++        int num_bits = 0;
+ #if OPENSSL_VERSION_NUMBER < 0x30000000L
+         DH *dh = modssl_dh_from_file(certfile);
+         if (dh) {
+             num_bits = DH_bits(dh);
+             SSL_CTX_set_tmp_dh(mctx->ssl_ctx, dh);
+             DH_free(dh);
+-            done = 1;
++            custom_dh_done = 1;
+         }
+ #else
+         pkey = modssl_dh_pkey_from_file(certfile);
+@@ -1608,18 +1609,18 @@
+                 EVP_PKEY_free(pkey);
+             }
+             else {
+-                done = 1;
++                custom_dh_done = 1;
+             }
+         }
+ #endif
+-        if (done) {
++        if (custom_dh_done) {
+             ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO(02540)
+                          "Custom DH parameters (%d bits) for %s loaded from %s",
+                          num_bits, vhost_id, certfile);
+         }
+     }
+ #if !MODSSL_USE_OPENSSL_PRE_1_1_API
+-    else {
++    if (!custom_dh_done) {
+         /* If no parameter is manually configured, enable auto
+          * selection. */
+         SSL_CTX_set_dh_auto(mctx->ssl_ctx, 1);
+

httpd.spec

@@ -13,7 +13,7 @@
 Summary: Apache HTTP Server
 Name: httpd
 Version: 2.4.59
-Release: 2%{?dist}
+Release: 3%{?dist}
 URL: https://httpd.apache.org/
 Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
 Source1: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2.asc
@@ -89,12 +89,14 @@ Patch34: httpd-2.4.53-separate-systemd-fns.patch
 Patch35: httpd-2.4.57-r1912477+.patch
 # https://issues.redhat.com/browse/RHEL-35870
 Patch36: httpd-2.4.59-unifycgid.patch
+Patch37: httpd-2.4.59-gettid.patch
 
 # Bug fixes
 # https://bugzilla.redhat.com/show_bug.cgi?id=1397243
 Patch100: httpd-2.4.43-enable-sslv3.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=1932442
 Patch101: httpd-2.4.48-full-release.patch
+Patch102: httpd-2.4.59-r1916863.patch
 
 # Security fixes
 # https://bugzilla.redhat.com/show_bug.cgi?id=...
@@ -255,9 +257,11 @@ written in the Lua programming language.
 %patch34 -p1 -b .separatesystemd
 %patch35 -p1 -b .r1912477+
 %patch36 -p1 -b .unifycgid
+%patch37 -p1 -b .gettid
 
 %patch100 -p1 -b .enable-sslv3
 %patch101 -p1 -b .full-release
+%patch102 -p1 -b .r1916863
 
 # Patch in the vendor string
 sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h
@@ -818,6 +822,9 @@ exit $rv
 %{_rpmconfigdir}/macros.d/macros.httpd
 
 %changelog
+* Wed May 08 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.59-3
+- Related: RHEL-14668 - RFE: httpd rebase to 2.4.59
+
 * Wed May  8 2024 Joe Orton <jorton@redhat.com> - 2.4.59-2
 - Resolves: RHEL-35870 - httpd mod_cgi/cgid unification