httpd: sync with rawhide, backport for remi-dev

10 files changed, 179 insertions, 72 deletions

diff --git a/httpd-2.4.1-layout.patch b/httpd-2.4.1-layout.patch
index b1dcf5c..57cf13b 100644
--- a/httpd-2.4.1-layout.patch
+++ b/httpd-2.4.1-layout.patch
@@ -23,7 +23,7 @@
 +    cgidir:        /var/www/cgi-bin
 +    includedir:    ${prefix}/include/httpd
 +    localstatedir: /var
-+    runtimedir:    ${localstatedir}/run/httpd
++    runtimedir:    /run/httpd
 +    logfiledir:    ${localstatedir}/log/httpd
 +    proxycachedir: ${localstatedir}/cache/httpd
 +</Layout>     
diff --git a/httpd-2.4.2-iconlink.patch b/httpd-2.4.2-iconlink.patch
deleted file mode 100644
index 4ef8dd9..0000000
--- a/httpd-2.4.2-iconlink.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-
-Fix config for /icons/ dir to allow symlink to poweredby.png.
-
---- httpd-2.4.2/docs/conf/extra/httpd-autoindex.conf.in.iconlink
-+++ httpd-2.4.2/docs/conf/extra/httpd-autoindex.conf.in
-@@ -21,7 +21,7 @@ IndexOptions FancyIndexing HTMLTable Ver
- Alias /icons/ "@exp_iconsdir@/"
- 
- <Directory "@exp_iconsdir@">
--    Options Indexes MultiViews
-+    Options Indexes MultiViews FollowSymlinks
-     AllowOverride None
-     Require all granted
- </Directory>
diff --git a/httpd-2.4.2-icons.patch b/httpd-2.4.2-icons.patch
new file mode 100644
index 0000000..9f26494
--- /dev/null
+++ b/httpd-2.4.2-icons.patch
@@ -0,0 +1,25 @@
+
+- Fix config for /icons/ dir to allow symlink to poweredby.png.
+
+- Avoid using coredump GIF for a directory called "core"
+
+--- httpd-2.4.2/docs/conf/extra/httpd-autoindex.conf.in.icons
++++ httpd-2.4.2/docs/conf/extra/httpd-autoindex.conf.in
+@@ -21,7 +21,7 @@ IndexOptions FancyIndexing HTMLTable Ver
+ Alias /icons/ "@exp_iconsdir@/"
+ 
+ <Directory "@exp_iconsdir@">
+-    Options Indexes MultiViews
++    Options Indexes MultiViews FollowSymlinks
+     AllowOverride None
+     Require all granted
+ </Directory>
+@@ -53,7 +53,7 @@ AddIcon /icons/dvi.gif .dvi
+ AddIcon /icons/uuencoded.gif .uu
+ AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
+ AddIcon /icons/tex.gif .tex
+-AddIcon /icons/bomb.gif core
++AddIcon /icons/bomb.gif core.
+ 
+ AddIcon /icons/back.gif ..
+ AddIcon /icons/hand.right.gif README
diff --git a/httpd-2.4.2-r1332643.patch b/httpd-2.4.2-r1332643+.patch
index c408d29..be9b984 100644
--- a/httpd-2.4.2-r1332643.patch
+++ b/httpd-2.4.2-r1332643+.patch
@@ -1,33 +1,14 @@
+# ./pullrev.sh 1332643 1345599
 
 https://bugzilla.redhat.com//show_bug.cgi?id=809599
 
 http://svn.apache.org/viewvc?view=revision&revision=1332643
 
---- httpd-2.4.2/modules/ssl/ssl_private.h
-+++ httpd-2.4.2/modules/ssl/ssl_private.h
-@@ -139,6 +139,11 @@
- #define HAVE_FIPS
- #endif
- 
-+#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG) \
-+    && !defined(OPENSSL_NO_TLSEXT)
-+#define HAVE_TLS_NPN
-+#endif
-+
- #if (OPENSSL_VERSION_NUMBER >= 0x10000000)
- #define MODSSL_SSL_CIPHER_CONST const
- #define MODSSL_SSL_METHOD_CONST const
-@@ -811,6 +816,7 @@
- int         ssl_callback_SessionTicket(SSL *, unsigned char *, unsigned char *,
-                                        EVP_CIPHER_CTX *, HMAC_CTX *, int);
- #endif
-+int ssl_callback_AdvertiseNextProtos(SSL *ssl, const unsigned char **data, unsigned int *len, void *arg);
- 
- /**  Session Cache Support  */
- void         ssl_scache_init(server_rec *, apr_pool_t *);
---- httpd-2.4.2/modules/ssl/mod_ssl.c
+http://svn.apache.org/viewvc?view=revision&revision=1345599
+
+--- httpd-2.4.2/modules/ssl/mod_ssl.c.r1332643+
 +++ httpd-2.4.2/modules/ssl/mod_ssl.c
-@@ -260,6 +260,18 @@
+@@ -260,6 +260,18 @@ static const command_rec ssl_config_cmds
      AP_END_CMD
  };
  
@@ -46,9 +27,9 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
  /*
   *  the various processing hooks
   */
---- httpd-2.4.2/modules/ssl/mod_ssl.h
+--- httpd-2.4.2/modules/ssl/mod_ssl.h.r1332643+
 +++ httpd-2.4.2/modules/ssl/mod_ssl.h
-@@ -63,5 +63,26 @@
+@@ -63,5 +63,26 @@ APR_DECLARE_OPTIONAL_FN(int, ssl_proxy_e
  
  APR_DECLARE_OPTIONAL_FN(int, ssl_engine_disable, (conn_rec *));
  
@@ -75,9 +56,9 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
 +
  #endif /* __MOD_SSL_H__ */
  /** @} */
---- httpd-2.4.2/modules/ssl/ssl_engine_init.c
+--- httpd-2.4.2/modules/ssl/ssl_engine_init.c.r1332643+
 +++ httpd-2.4.2/modules/ssl/ssl_engine_init.c
-@@ -681,6 +681,11 @@
+@@ -681,6 +681,11 @@ static void ssl_init_ctx_callbacks(serve
  #endif
  
      SSL_CTX_set_info_callback(ctx, ssl_callback_Info);
@@ -89,7 +70,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
  }
  
  static void ssl_init_ctx_verify(server_rec *s,
---- httpd-2.4.2/modules/ssl/ssl_engine_io.c
+--- httpd-2.4.2/modules/ssl/ssl_engine_io.c.r1332643+
 +++ httpd-2.4.2/modules/ssl/ssl_engine_io.c
 @@ -28,6 +28,7 @@
                                    core keeps dumping.''
@@ -99,7 +80,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
  #include "apr_date.h"
  
  /*  _________________________________________________________________
-@@ -297,6 +298,7 @@
+@@ -297,6 +298,7 @@ typedef struct {
      apr_pool_t *pool;
      char buffer[AP_IOBUFSIZE];
      ssl_filter_ctx_t *filter_ctx;
@@ -107,7 +88,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
  } bio_filter_in_ctx_t;
  
  /*
-@@ -1374,6 +1376,27 @@
+@@ -1364,6 +1366,26 @@ static apr_status_t ssl_io_filter_input(
          APR_BRIGADE_INSERT_TAIL(bb, bucket);
      }
  
@@ -123,9 +104,8 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
 +        SSL_get0_next_proto_negotiated(
 +            inctx->ssl, &next_proto, &next_proto_len);
 +        ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, f->c,
-+                      "SSL NPN negotiated protocol: '%s'",
-+                      apr_pstrmemdup(f->c->pool, (const char*)next_proto,
-+                                     next_proto_len));
++                      APLOGNO(02306) "SSL NPN negotiated protocol: '%*s'",
++                      next_proto_len, (const char*)next_proto);
 +        modssl_run_npn_proto_negotiated_hook(
 +            f->c, (const char*)next_proto, next_proto_len);
 +        inctx->npn_finished = 1;
@@ -135,7 +115,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
      return APR_SUCCESS;
  }
  
-@@ -1855,6 +1878,7 @@
+@@ -1845,6 +1867,7 @@ static void ssl_io_input_add_filter(ssl_
      inctx->block = APR_BLOCK_READ;
      inctx->pool = c->pool;
      inctx->filter_ctx = filter_ctx;
@@ -143,7 +123,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
  }
  
  /* The request_rec pointer is passed in here only to ensure that the
---- httpd-2.4.2/modules/ssl/ssl_engine_kernel.c
+--- httpd-2.4.2/modules/ssl/ssl_engine_kernel.c.r1332643+
 +++ httpd-2.4.2/modules/ssl/ssl_engine_kernel.c
 @@ -29,6 +29,7 @@
                                    time I was too famous.''
@@ -153,7 +133,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
  #include "util_md5.h"
  
  static void ssl_configure_env(request_rec *r, SSLConnRec *sslconn);
-@@ -2143,3 +2144,84 @@
+@@ -2164,3 +2165,86 @@ int ssl_callback_SessionTicket(SSL *ssl,
      return -1;
  }
  #endif
@@ -202,7 +182,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
 +        /* If the protocol name is too long (the length must fit in one byte),
 +         * then log an error and skip it. */
 +        if (length > 255) {
-+            ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c,
++            ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(02307)
 +                          "SSL NPN protocol name too long (length=%u): %s",
 +                          length, string);
 +            continue;
@@ -226,6 +206,8 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
 +    for (i = 0; i < num_protos; ++i) {
 +        const char *string = APR_ARRAY_IDX(protos, i, const char*);
 +        apr_size_t length = strlen(string);
++        if (length > 255)
++            continue;
 +        *start = (unsigned char)length;
 +        ++start;
 +        memcpy(start, string, length * sizeof(unsigned char));
@@ -238,3 +220,25 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
 +    return SSL_TLSEXT_ERR_OK;
 +}
 +#endif
+--- httpd-2.4.2/modules/ssl/ssl_private.h.r1332643+
++++ httpd-2.4.2/modules/ssl/ssl_private.h
+@@ -139,6 +139,11 @@
+ #define HAVE_FIPS
+ #endif
+ 
++#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG) \
++    && !defined(OPENSSL_NO_TLSEXT)
++#define HAVE_TLS_NPN
++#endif
++
+ #if (OPENSSL_VERSION_NUMBER >= 0x10000000)
+ #define MODSSL_SSL_CIPHER_CONST const
+ #define MODSSL_SSL_METHOD_CONST const
+@@ -807,6 +812,7 @@ int          ssl_callback_ServerNameIndi
+ int         ssl_callback_SessionTicket(SSL *, unsigned char *, unsigned char *,
+                                        EVP_CIPHER_CTX *, HMAC_CTX *, int);
+ #endif
++int ssl_callback_AdvertiseNextProtos(SSL *ssl, const unsigned char **data, unsigned int *len, void *arg);
+ 
+ /**  Session Cache Support  */
+ void         ssl_scache_init(server_rec *, apr_pool_t *);
diff --git a/httpd-2.4.2-r1346905.patch b/httpd-2.4.2-r1346905.patch
new file mode 100644
index 0000000..e94558e
--- /dev/null
+++ b/httpd-2.4.2-r1346905.patch
@@ -0,0 +1,65 @@
+# ./pullrev.sh 1346905
+
+https://bugzilla.redhat.com/show_bug.cgi?id=818684
+
+http://svn.apache.org/viewvc?view=revision&revision=1346905
+
+--- httpd-2.4.2/support/htdbm.c
++++ httpd-2.4.2/support/htdbm.c
+@@ -288,6 +288,9 @@
+ {
+     char cpw[MAX_STRING_LEN];
+     char salt[9];
++#if (!(defined(WIN32) || defined(NETWARE)))
++    char *cbuf;
++#endif
+ 
+     switch (htdbm->alg) {
+         case ALG_APSHA:
+@@ -315,7 +318,15 @@
+             (void) srand((int) time((time_t *) NULL));
+             to64(&salt[0], rand(), 8);
+             salt[8] = '\0';
+-            apr_cpystrn(cpw, crypt(htdbm->userpass, salt), sizeof(cpw) - 1);
++            cbuf = crypt(htdbm->userpass, salt);
++            if (cbuf == NULL) {
++                char errbuf[128];
++                
++                fprintf(stderr, "crypt() failed: %s\n", 
++                        apr_strerror(errno, errbuf, sizeof errbuf));
++                exit(ERR_PWMISMATCH);
++            }
++            apr_cpystrn(cpw, cbuf, sizeof(cpw) - 1);
+             fprintf(stderr, "CRYPT is now deprecated, use MD5 instead!\n");
+ #endif
+         default:
+--- httpd-2.4.2/support/htpasswd.c
++++ httpd-2.4.2/support/htpasswd.c
+@@ -174,6 +174,9 @@
+     char pwv[MAX_STRING_LEN];
+     char salt[9];
+     apr_size_t bufsize;
++#if CRYPT_ALGO_SUPPORTED
++    char *cbuf;
++#endif
+ 
+     if (passwd != NULL) {
+         pw = passwd;
+@@ -226,7 +229,16 @@
+         to64(&salt[0], rand(), 8);
+         salt[8] = '\0';
+ 
+-        apr_cpystrn(cpw, crypt(pw, salt), sizeof(cpw) - 1);
++        cbuf = crypt(pw, salt);
++        if (cbuf == NULL) {
++            char errbuf[128];
++
++            apr_snprintf(record, rlen-1, "crypt() failed: %s", 
++                         apr_strerror(errno, errbuf, sizeof errbuf));
++            return ERR_PWMISMATCH;
++        }
++
++        apr_cpystrn(cpw, cbuf, sizeof(cpw) - 1);
+         if (strlen(pw) > 8) {
+             char *truncpw = strdup(pw);
+             truncpw[8] = '\0';
diff --git a/httpd.service b/httpd.service
index c1172b4..0e9f0c0 100644
--- a/httpd.service
+++ b/httpd.service
@@ -1,10 +1,10 @@
 [Unit]
 Description=The Apache HTTP Server
-After=syslog.target network.target remote-fs.target nss-lookup.target
+After=network.target remote-fs.target nss-lookup.target
 
 [Service]
 Type=forking
-PIDFile=/var/run/httpd/httpd.pid
+PIDFile=/run/httpd/httpd.pid
 EnvironmentFile=/etc/sysconfig/httpd
 ExecStart=/usr/sbin/httpd $OPTIONS
 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful
diff --git a/httpd.spec b/httpd.spec
index 62b6737..e46007f 100644
--- a/httpd.spec
+++ b/httpd.spec
@@ -8,7 +8,7 @@
 Summary: Apache HTTP Server
 Name: httpd
 Version: 2.4.2
-Release: 12%{?dist}
+Release: 18%{?dist}
 URL: http://httpd.apache.org/
 Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
 Source1: index.html
@@ -44,12 +44,13 @@ Patch23: httpd-2.4.1-export.patch
 Patch24: httpd-2.4.1-corelimit.patch
 Patch25: httpd-2.4.1-selinux.patch
 Patch26: httpd-2.4.2-r1337344+.patch
-Patch27: httpd-2.4.2-iconlink.patch
+Patch27: httpd-2.4.2-icons.patch
 # Bug fixes
 Patch40: httpd-2.4.2-restart.patch
 Patch41: httpd-2.4.2-r1327036+.patch
 Patch42: httpd-2.4.2-r1326980+.patch
-Patch43: httpd-2.4.2-r1332643.patch
+Patch43: httpd-2.4.2-r1332643+.patch
+Patch44: httpd-2.4.2-r1346905.patch
 License: ASL 2.0
 Group: System Environment/Daemons
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
@@ -155,12 +156,13 @@ authentication to the Apache HTTP Server.
 %patch24 -p1 -b .corelimit
 %patch25 -p1 -b .selinux
 %patch26 -p1 -b .r1337344+
-%patch27 -p1 -b .iconlink
+%patch27 -p1 -b .icons
 
 %patch40 -p1 -b .restart
 %patch41 -p1 -b .r1327036+
 %patch42 -p1 -b .r1326980+
-%patch43 -p1 -b .r1332643
+%patch43 -p1 -b .r1332643+
+%patch44 -p1 -b .r1346905
 
 # Patch in vendor/release string
 sed "s/@RELEASE@/%{vstring}/" < %{PATCH20} | patch -p1
@@ -240,9 +242,9 @@ rm -rf $RPM_BUILD_ROOT
 make DESTDIR=$RPM_BUILD_ROOT install
 
 # Install systemd service files
-mkdir -p $RPM_BUILD_ROOT/lib/systemd/system
+mkdir -p $RPM_BUILD_ROOT%{_unitdir}
 install -p -m 644 $RPM_SOURCE_DIR/httpd.service \
-        $RPM_BUILD_ROOT/lib/systemd/system/httpd.service
+        $RPM_BUILD_ROOT%{_unitdir}/httpd.service
 
 # install conf file/directory
 mkdir $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d \
@@ -279,9 +281,9 @@ install -m 644 -p $RPM_SOURCE_DIR/httpd.sysconf \
    $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/httpd
 
 # tmpfiles.d configuration
-mkdir $RPM_BUILD_ROOT%{_sysconfdir}/tmpfiles.d 
+mkdir -p $RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d 
 install -m 644 -p $RPM_SOURCE_DIR/httpd.tmpfiles \
-   $RPM_BUILD_ROOT%{_sysconfdir}/tmpfiles.d/httpd.conf
+   $RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d/httpd.conf
 
 # for holding mod_dav lock database
 mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/dav
@@ -334,7 +336,7 @@ ln -s ../../pixmaps/poweredby.png \
 
 # symlinks for /etc/httpd
 ln -s ../..%{_localstatedir}/log/httpd $RPM_BUILD_ROOT/etc/httpd/logs
-ln -s ../..%{_localstatedir}/run/httpd $RPM_BUILD_ROOT/etc/httpd/run
+ln -s /run/httpd $RPM_BUILD_ROOT/etc/httpd/run
 ln -s ../..%{_libdir}/httpd/modules $RPM_BUILD_ROOT/etc/httpd/modules
 
 # install http-ssl-pass-dialog
@@ -353,7 +355,7 @@ sed -e "s|/usr/local/apache2/conf/httpd.conf|/etc/httpd/conf/httpd.conf|" \
     -e "s|/usr/local/apache2/conf/magic|/etc/httpd/conf/magic|" \
     -e "s|/usr/local/apache2/logs/error_log|/var/log/httpd/error_log|" \
     -e "s|/usr/local/apache2/logs/access_log|/var/log/httpd/access_log|" \
-    -e "s|/usr/local/apache2/logs/httpd.pid|/var/run/httpd/httpd.pid|" \
+    -e "s|/usr/local/apache2/logs/httpd.pid|/run/httpd/httpd.pid|" \
     -e "s|/usr/local/apache2|/etc/httpd|" < docs/man/httpd.8 \
   > $RPM_BUILD_ROOT%{_mandir}/man8/httpd.8
 
@@ -483,7 +485,7 @@ rm -rf $RPM_BUILD_ROOT
 %exclude %{_sysconfdir}/httpd/conf.modules.d/01-ldap.conf
 
 %config(noreplace) %{_sysconfdir}/sysconfig/httpd
-%config %{_sysconfdir}/tmpfiles.d/httpd.conf
+%{_prefix}/lib/tmpfiles.d/httpd.conf
 
 %{_sbindir}/ht*
 %{_sbindir}/fcgistarter
@@ -513,7 +515,7 @@ rm -rf $RPM_BUILD_ROOT
 %dir %{docroot}/cgi-bin
 %dir %{docroot}/html
 
-%attr(0710,root,apache) %dir %{_localstatedir}/run/httpd
+%attr(0710,root,apache) %dir /run/httpd
 %attr(0700,root,root) %dir %{_localstatedir}/log/httpd
 %attr(0700,apache,apache) %dir %{_localstatedir}/lib/dav
 %attr(0700,apache,apache) %dir %{_localstatedir}/cache/httpd
@@ -521,7 +523,7 @@ rm -rf $RPM_BUILD_ROOT
 
 %{_mandir}/man8/*
 
-/lib/systemd/system/*.service
+%{_unitdir}/*.service
 
 %files tools
 %defattr(-,root,root)
@@ -565,6 +567,31 @@ rm -rf $RPM_BUILD_ROOT
 %{_sysconfdir}/rpm/macros.httpd
 
 %changelog
+* Sat Jun 09 2012 Remi Collet <RPMS@FamilleCollet.com> - 2.4.2-18
+- sync with rawhide, rebuild for remi repo
+
+* Fri Jun  8 2012 Joe Orton <jorton@redhat.com> - 2.4.2-18
+- avoid use of "core" GIF for a "core" directory (#168776)
+- drop use of "syslog.target" in systemd unit file
+
+* Thu Jun  7 2012 Joe Orton <jorton@redhat.com> - 2.4.2-17
+- use _unitdir for systemd unit file
+- use /run in unit file, ssl.conf
+
+* Thu Jun  7 2012 Joe Orton <jorton@redhat.com> - 2.4.2-16
+- mod_ssl: fix NPN patch merge
+
+* Wed Jun  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-15
+- move tmpfiles.d fragment into /usr/lib per new guidelines
+- package /run/httpd not /var/run/httpd
+- set runtimedir to /run/httpd likewise
+
+* Wed Jun  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-14
+- fix htdbm/htpasswd crash on crypt() failure (#818684)
+
+* Wed Jun  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-13
+- pull fix for NPN patch from upstream (r1345599)
+
 * Sat Jun 02 2012 Remi Collet <RPMS@FamilleCollet.com> - 2.4.2-12
 - sync with rawhide, rebuild for remi repo
 
diff --git a/httpd.tmpfiles b/httpd.tmpfiles
index 0cad373..49be6b8 100644
--- a/httpd.tmpfiles
+++ b/httpd.tmpfiles
@@ -1 +1 @@
-d /var/run/httpd   710 root apache
+d /run/httpd   710 root apache
diff --git a/pullrev.sh b/pullrev.sh
index 9968fa3..7ee601e 100755
--- a/pullrev.sh
+++ b/pullrev.sh
@@ -34,7 +34,7 @@ prev=/dev/null
 for r in $*; do
     echo "+ fetching ${r}"
     this=`mktemp /tmp/pullrevXXXXXX`
-    svn diff -c ${r} ${repo} | filterdiff --remove-timestamps -x 'CHANGES' \
+    svn diff -c ${r} ${repo} | filterdiff --remove-timestamps -x 'CHANGES' -x 'next-number' \
         --addprefix="${prefix}/" > ${this}
     next=`mktemp /tmp/pullrevXXXXXX`
     combinediff --quiet ${prev} ${this} > ${next}
diff --git a/ssl.conf b/ssl.conf
index c6b89e3..ff60307 100644
--- a/ssl.conf
+++ b/ssl.conf
@@ -20,7 +20,7 @@ SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
 #   Inter-Process Session Cache:
 #   Configure the SSL Session Cache: First the mechanism 
 #   to use and second the expiring timeout (in seconds).
-SSLSessionCache         shmcb:/var/run/httpd/sslcache(512000)
+SSLSessionCache         shmcb:/run/httpd/sslcache(512000)
 SSLSessionCacheTimeout  300
 
 #   Pseudo Random Number Generator (PRNG):