summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRemi Collet <fedora@famillecollet.com>2012-06-09 10:58:17 +0200
committerRemi Collet <fedora@famillecollet.com>2012-06-09 10:58:17 +0200
commite26c4bfaba5c888e3fe9a227c6ee805c4e3379f1 (patch)
tree0faf8862537e5ac89b1a851758c72617a2dd4767
parenta0b7d94015d8356e3d8b0a6f35877578512e0f5b (diff)
httpd: sync with rawhide, backport for remi-dev
-rw-r--r--httpd-2.4.1-layout.patch2
-rw-r--r--httpd-2.4.2-iconlink.patch14
-rw-r--r--httpd-2.4.2-icons.patch25
-rw-r--r--httpd-2.4.2-r1332643+.patch (renamed from httpd-2.4.2-r1332643.patch)80
-rw-r--r--httpd-2.4.2-r1346905.patch65
-rw-r--r--httpd.service4
-rw-r--r--httpd.spec55
-rw-r--r--httpd.tmpfiles2
-rwxr-xr-xpullrev.sh2
-rw-r--r--ssl.conf2
10 files changed, 179 insertions, 72 deletions
diff --git a/httpd-2.4.1-layout.patch b/httpd-2.4.1-layout.patch
index b1dcf5c..57cf13b 100644
--- a/httpd-2.4.1-layout.patch
+++ b/httpd-2.4.1-layout.patch
@@ -23,7 +23,7 @@
+ cgidir: /var/www/cgi-bin
+ includedir: ${prefix}/include/httpd
+ localstatedir: /var
-+ runtimedir: ${localstatedir}/run/httpd
++ runtimedir: /run/httpd
+ logfiledir: ${localstatedir}/log/httpd
+ proxycachedir: ${localstatedir}/cache/httpd
+</Layout>
diff --git a/httpd-2.4.2-iconlink.patch b/httpd-2.4.2-iconlink.patch
deleted file mode 100644
index 4ef8dd9..0000000
--- a/httpd-2.4.2-iconlink.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-
-Fix config for /icons/ dir to allow symlink to poweredby.png.
-
---- httpd-2.4.2/docs/conf/extra/httpd-autoindex.conf.in.iconlink
-+++ httpd-2.4.2/docs/conf/extra/httpd-autoindex.conf.in
-@@ -21,7 +21,7 @@ IndexOptions FancyIndexing HTMLTable Ver
- Alias /icons/ "@exp_iconsdir@/"
-
- <Directory "@exp_iconsdir@">
-- Options Indexes MultiViews
-+ Options Indexes MultiViews FollowSymlinks
- AllowOverride None
- Require all granted
- </Directory>
diff --git a/httpd-2.4.2-icons.patch b/httpd-2.4.2-icons.patch
new file mode 100644
index 0000000..9f26494
--- /dev/null
+++ b/httpd-2.4.2-icons.patch
@@ -0,0 +1,25 @@
+
+- Fix config for /icons/ dir to allow symlink to poweredby.png.
+
+- Avoid using coredump GIF for a directory called "core"
+
+--- httpd-2.4.2/docs/conf/extra/httpd-autoindex.conf.in.icons
++++ httpd-2.4.2/docs/conf/extra/httpd-autoindex.conf.in
+@@ -21,7 +21,7 @@ IndexOptions FancyIndexing HTMLTable Ver
+ Alias /icons/ "@exp_iconsdir@/"
+
+ <Directory "@exp_iconsdir@">
+- Options Indexes MultiViews
++ Options Indexes MultiViews FollowSymlinks
+ AllowOverride None
+ Require all granted
+ </Directory>
+@@ -53,7 +53,7 @@ AddIcon /icons/dvi.gif .dvi
+ AddIcon /icons/uuencoded.gif .uu
+ AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
+ AddIcon /icons/tex.gif .tex
+-AddIcon /icons/bomb.gif core
++AddIcon /icons/bomb.gif core.
+
+ AddIcon /icons/back.gif ..
+ AddIcon /icons/hand.right.gif README
diff --git a/httpd-2.4.2-r1332643.patch b/httpd-2.4.2-r1332643+.patch
index c408d29..be9b984 100644
--- a/httpd-2.4.2-r1332643.patch
+++ b/httpd-2.4.2-r1332643+.patch
@@ -1,33 +1,14 @@
+# ./pullrev.sh 1332643 1345599
https://bugzilla.redhat.com//show_bug.cgi?id=809599
http://svn.apache.org/viewvc?view=revision&revision=1332643
---- httpd-2.4.2/modules/ssl/ssl_private.h
-+++ httpd-2.4.2/modules/ssl/ssl_private.h
-@@ -139,6 +139,11 @@
- #define HAVE_FIPS
- #endif
-
-+#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG) \
-+ && !defined(OPENSSL_NO_TLSEXT)
-+#define HAVE_TLS_NPN
-+#endif
-+
- #if (OPENSSL_VERSION_NUMBER >= 0x10000000)
- #define MODSSL_SSL_CIPHER_CONST const
- #define MODSSL_SSL_METHOD_CONST const
-@@ -811,6 +816,7 @@
- int ssl_callback_SessionTicket(SSL *, unsigned char *, unsigned char *,
- EVP_CIPHER_CTX *, HMAC_CTX *, int);
- #endif
-+int ssl_callback_AdvertiseNextProtos(SSL *ssl, const unsigned char **data, unsigned int *len, void *arg);
-
- /** Session Cache Support */
- void ssl_scache_init(server_rec *, apr_pool_t *);
---- httpd-2.4.2/modules/ssl/mod_ssl.c
+http://svn.apache.org/viewvc?view=revision&revision=1345599
+
+--- httpd-2.4.2/modules/ssl/mod_ssl.c.r1332643+
+++ httpd-2.4.2/modules/ssl/mod_ssl.c
-@@ -260,6 +260,18 @@
+@@ -260,6 +260,18 @@ static const command_rec ssl_config_cmds
AP_END_CMD
};
@@ -46,9 +27,9 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
/*
* the various processing hooks
*/
---- httpd-2.4.2/modules/ssl/mod_ssl.h
+--- httpd-2.4.2/modules/ssl/mod_ssl.h.r1332643+
+++ httpd-2.4.2/modules/ssl/mod_ssl.h
-@@ -63,5 +63,26 @@
+@@ -63,5 +63,26 @@ APR_DECLARE_OPTIONAL_FN(int, ssl_proxy_e
APR_DECLARE_OPTIONAL_FN(int, ssl_engine_disable, (conn_rec *));
@@ -75,9 +56,9 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
+
#endif /* __MOD_SSL_H__ */
/** @} */
---- httpd-2.4.2/modules/ssl/ssl_engine_init.c
+--- httpd-2.4.2/modules/ssl/ssl_engine_init.c.r1332643+
+++ httpd-2.4.2/modules/ssl/ssl_engine_init.c
-@@ -681,6 +681,11 @@
+@@ -681,6 +681,11 @@ static void ssl_init_ctx_callbacks(serve
#endif
SSL_CTX_set_info_callback(ctx, ssl_callback_Info);
@@ -89,7 +70,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
}
static void ssl_init_ctx_verify(server_rec *s,
---- httpd-2.4.2/modules/ssl/ssl_engine_io.c
+--- httpd-2.4.2/modules/ssl/ssl_engine_io.c.r1332643+
+++ httpd-2.4.2/modules/ssl/ssl_engine_io.c
@@ -28,6 +28,7 @@
core keeps dumping.''
@@ -99,7 +80,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
#include "apr_date.h"
/* _________________________________________________________________
-@@ -297,6 +298,7 @@
+@@ -297,6 +298,7 @@ typedef struct {
apr_pool_t *pool;
char buffer[AP_IOBUFSIZE];
ssl_filter_ctx_t *filter_ctx;
@@ -107,7 +88,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
} bio_filter_in_ctx_t;
/*
-@@ -1374,6 +1376,27 @@
+@@ -1364,6 +1366,26 @@ static apr_status_t ssl_io_filter_input(
APR_BRIGADE_INSERT_TAIL(bb, bucket);
}
@@ -123,9 +104,8 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
+ SSL_get0_next_proto_negotiated(
+ inctx->ssl, &next_proto, &next_proto_len);
+ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, f->c,
-+ "SSL NPN negotiated protocol: '%s'",
-+ apr_pstrmemdup(f->c->pool, (const char*)next_proto,
-+ next_proto_len));
++ APLOGNO(02306) "SSL NPN negotiated protocol: '%*s'",
++ next_proto_len, (const char*)next_proto);
+ modssl_run_npn_proto_negotiated_hook(
+ f->c, (const char*)next_proto, next_proto_len);
+ inctx->npn_finished = 1;
@@ -135,7 +115,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
return APR_SUCCESS;
}
-@@ -1855,6 +1878,7 @@
+@@ -1845,6 +1867,7 @@ static void ssl_io_input_add_filter(ssl_
inctx->block = APR_BLOCK_READ;
inctx->pool = c->pool;
inctx->filter_ctx = filter_ctx;
@@ -143,7 +123,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
}
/* The request_rec pointer is passed in here only to ensure that the
---- httpd-2.4.2/modules/ssl/ssl_engine_kernel.c
+--- httpd-2.4.2/modules/ssl/ssl_engine_kernel.c.r1332643+
+++ httpd-2.4.2/modules/ssl/ssl_engine_kernel.c
@@ -29,6 +29,7 @@
time I was too famous.''
@@ -153,7 +133,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
#include "util_md5.h"
static void ssl_configure_env(request_rec *r, SSLConnRec *sslconn);
-@@ -2143,3 +2144,84 @@
+@@ -2164,3 +2165,86 @@ int ssl_callback_SessionTicket(SSL *ssl,
return -1;
}
#endif
@@ -202,7 +182,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
+ /* If the protocol name is too long (the length must fit in one byte),
+ * then log an error and skip it. */
+ if (length > 255) {
-+ ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c,
++ ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(02307)
+ "SSL NPN protocol name too long (length=%u): %s",
+ length, string);
+ continue;
@@ -226,6 +206,8 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
+ for (i = 0; i < num_protos; ++i) {
+ const char *string = APR_ARRAY_IDX(protos, i, const char*);
+ apr_size_t length = strlen(string);
++ if (length > 255)
++ continue;
+ *start = (unsigned char)length;
+ ++start;
+ memcpy(start, string, length * sizeof(unsigned char));
@@ -238,3 +220,25 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
+ return SSL_TLSEXT_ERR_OK;
+}
+#endif
+--- httpd-2.4.2/modules/ssl/ssl_private.h.r1332643+
++++ httpd-2.4.2/modules/ssl/ssl_private.h
+@@ -139,6 +139,11 @@
+ #define HAVE_FIPS
+ #endif
+
++#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG) \
++ && !defined(OPENSSL_NO_TLSEXT)
++#define HAVE_TLS_NPN
++#endif
++
+ #if (OPENSSL_VERSION_NUMBER >= 0x10000000)
+ #define MODSSL_SSL_CIPHER_CONST const
+ #define MODSSL_SSL_METHOD_CONST const
+@@ -807,6 +812,7 @@ int ssl_callback_ServerNameIndi
+ int ssl_callback_SessionTicket(SSL *, unsigned char *, unsigned char *,
+ EVP_CIPHER_CTX *, HMAC_CTX *, int);
+ #endif
++int ssl_callback_AdvertiseNextProtos(SSL *ssl, const unsigned char **data, unsigned int *len, void *arg);
+
+ /** Session Cache Support */
+ void ssl_scache_init(server_rec *, apr_pool_t *);
diff --git a/httpd-2.4.2-r1346905.patch b/httpd-2.4.2-r1346905.patch
new file mode 100644
index 0000000..e94558e
--- /dev/null
+++ b/httpd-2.4.2-r1346905.patch
@@ -0,0 +1,65 @@
+# ./pullrev.sh 1346905
+
+https://bugzilla.redhat.com/show_bug.cgi?id=818684
+
+http://svn.apache.org/viewvc?view=revision&revision=1346905
+
+--- httpd-2.4.2/support/htdbm.c
++++ httpd-2.4.2/support/htdbm.c
+@@ -288,6 +288,9 @@
+ {
+ char cpw[MAX_STRING_LEN];
+ char salt[9];
++#if (!(defined(WIN32) || defined(NETWARE)))
++ char *cbuf;
++#endif
+
+ switch (htdbm->alg) {
+ case ALG_APSHA:
+@@ -315,7 +318,15 @@
+ (void) srand((int) time((time_t *) NULL));
+ to64(&salt[0], rand(), 8);
+ salt[8] = '\0';
+- apr_cpystrn(cpw, crypt(htdbm->userpass, salt), sizeof(cpw) - 1);
++ cbuf = crypt(htdbm->userpass, salt);
++ if (cbuf == NULL) {
++ char errbuf[128];
++
++ fprintf(stderr, "crypt() failed: %s\n",
++ apr_strerror(errno, errbuf, sizeof errbuf));
++ exit(ERR_PWMISMATCH);
++ }
++ apr_cpystrn(cpw, cbuf, sizeof(cpw) - 1);
+ fprintf(stderr, "CRYPT is now deprecated, use MD5 instead!\n");
+ #endif
+ default:
+--- httpd-2.4.2/support/htpasswd.c
++++ httpd-2.4.2/support/htpasswd.c
+@@ -174,6 +174,9 @@
+ char pwv[MAX_STRING_LEN];
+ char salt[9];
+ apr_size_t bufsize;
++#if CRYPT_ALGO_SUPPORTED
++ char *cbuf;
++#endif
+
+ if (passwd != NULL) {
+ pw = passwd;
+@@ -226,7 +229,16 @@
+ to64(&salt[0], rand(), 8);
+ salt[8] = '\0';
+
+- apr_cpystrn(cpw, crypt(pw, salt), sizeof(cpw) - 1);
++ cbuf = crypt(pw, salt);
++ if (cbuf == NULL) {
++ char errbuf[128];
++
++ apr_snprintf(record, rlen-1, "crypt() failed: %s",
++ apr_strerror(errno, errbuf, sizeof errbuf));
++ return ERR_PWMISMATCH;
++ }
++
++ apr_cpystrn(cpw, cbuf, sizeof(cpw) - 1);
+ if (strlen(pw) > 8) {
+ char *truncpw = strdup(pw);
+ truncpw[8] = '\0';
diff --git a/httpd.service b/httpd.service
index c1172b4..0e9f0c0 100644
--- a/httpd.service
+++ b/httpd.service
@@ -1,10 +1,10 @@
[Unit]
Description=The Apache HTTP Server
-After=syslog.target network.target remote-fs.target nss-lookup.target
+After=network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
-PIDFile=/var/run/httpd/httpd.pid
+PIDFile=/run/httpd/httpd.pid
EnvironmentFile=/etc/sysconfig/httpd
ExecStart=/usr/sbin/httpd $OPTIONS
ExecReload=/usr/sbin/httpd $OPTIONS -k graceful
diff --git a/httpd.spec b/httpd.spec
index 62b6737..e46007f 100644
--- a/httpd.spec
+++ b/httpd.spec
@@ -8,7 +8,7 @@
Summary: Apache HTTP Server
Name: httpd
Version: 2.4.2
-Release: 12%{?dist}
+Release: 18%{?dist}
URL: http://httpd.apache.org/
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
Source1: index.html
@@ -44,12 +44,13 @@ Patch23: httpd-2.4.1-export.patch
Patch24: httpd-2.4.1-corelimit.patch
Patch25: httpd-2.4.1-selinux.patch
Patch26: httpd-2.4.2-r1337344+.patch
-Patch27: httpd-2.4.2-iconlink.patch
+Patch27: httpd-2.4.2-icons.patch
# Bug fixes
Patch40: httpd-2.4.2-restart.patch
Patch41: httpd-2.4.2-r1327036+.patch
Patch42: httpd-2.4.2-r1326980+.patch
-Patch43: httpd-2.4.2-r1332643.patch
+Patch43: httpd-2.4.2-r1332643+.patch
+Patch44: httpd-2.4.2-r1346905.patch
License: ASL 2.0
Group: System Environment/Daemons
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
@@ -155,12 +156,13 @@ authentication to the Apache HTTP Server.
%patch24 -p1 -b .corelimit
%patch25 -p1 -b .selinux
%patch26 -p1 -b .r1337344+
-%patch27 -p1 -b .iconlink
+%patch27 -p1 -b .icons
%patch40 -p1 -b .restart
%patch41 -p1 -b .r1327036+
%patch42 -p1 -b .r1326980+
-%patch43 -p1 -b .r1332643
+%patch43 -p1 -b .r1332643+
+%patch44 -p1 -b .r1346905
# Patch in vendor/release string
sed "s/@RELEASE@/%{vstring}/" < %{PATCH20} | patch -p1
@@ -240,9 +242,9 @@ rm -rf $RPM_BUILD_ROOT
make DESTDIR=$RPM_BUILD_ROOT install
# Install systemd service files
-mkdir -p $RPM_BUILD_ROOT/lib/systemd/system
+mkdir -p $RPM_BUILD_ROOT%{_unitdir}
install -p -m 644 $RPM_SOURCE_DIR/httpd.service \
- $RPM_BUILD_ROOT/lib/systemd/system/httpd.service
+ $RPM_BUILD_ROOT%{_unitdir}/httpd.service
# install conf file/directory
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d \
@@ -279,9 +281,9 @@ install -m 644 -p $RPM_SOURCE_DIR/httpd.sysconf \
$RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/httpd
# tmpfiles.d configuration
-mkdir $RPM_BUILD_ROOT%{_sysconfdir}/tmpfiles.d
+mkdir -p $RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d
install -m 644 -p $RPM_SOURCE_DIR/httpd.tmpfiles \
- $RPM_BUILD_ROOT%{_sysconfdir}/tmpfiles.d/httpd.conf
+ $RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d/httpd.conf
# for holding mod_dav lock database
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/dav
@@ -334,7 +336,7 @@ ln -s ../../pixmaps/poweredby.png \
# symlinks for /etc/httpd
ln -s ../..%{_localstatedir}/log/httpd $RPM_BUILD_ROOT/etc/httpd/logs
-ln -s ../..%{_localstatedir}/run/httpd $RPM_BUILD_ROOT/etc/httpd/run
+ln -s /run/httpd $RPM_BUILD_ROOT/etc/httpd/run
ln -s ../..%{_libdir}/httpd/modules $RPM_BUILD_ROOT/etc/httpd/modules
# install http-ssl-pass-dialog
@@ -353,7 +355,7 @@ sed -e "s|/usr/local/apache2/conf/httpd.conf|/etc/httpd/conf/httpd.conf|" \
-e "s|/usr/local/apache2/conf/magic|/etc/httpd/conf/magic|" \
-e "s|/usr/local/apache2/logs/error_log|/var/log/httpd/error_log|" \
-e "s|/usr/local/apache2/logs/access_log|/var/log/httpd/access_log|" \
- -e "s|/usr/local/apache2/logs/httpd.pid|/var/run/httpd/httpd.pid|" \
+ -e "s|/usr/local/apache2/logs/httpd.pid|/run/httpd/httpd.pid|" \
-e "s|/usr/local/apache2|/etc/httpd|" < docs/man/httpd.8 \
> $RPM_BUILD_ROOT%{_mandir}/man8/httpd.8
@@ -483,7 +485,7 @@ rm -rf $RPM_BUILD_ROOT
%exclude %{_sysconfdir}/httpd/conf.modules.d/01-ldap.conf
%config(noreplace) %{_sysconfdir}/sysconfig/httpd
-%config %{_sysconfdir}/tmpfiles.d/httpd.conf
+%{_prefix}/lib/tmpfiles.d/httpd.conf
%{_sbindir}/ht*
%{_sbindir}/fcgistarter
@@ -513,7 +515,7 @@ rm -rf $RPM_BUILD_ROOT
%dir %{docroot}/cgi-bin
%dir %{docroot}/html
-%attr(0710,root,apache) %dir %{_localstatedir}/run/httpd
+%attr(0710,root,apache) %dir /run/httpd
%attr(0700,root,root) %dir %{_localstatedir}/log/httpd
%attr(0700,apache,apache) %dir %{_localstatedir}/lib/dav
%attr(0700,apache,apache) %dir %{_localstatedir}/cache/httpd
@@ -521,7 +523,7 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man8/*
-/lib/systemd/system/*.service
+%{_unitdir}/*.service
%files tools
%defattr(-,root,root)
@@ -565,6 +567,31 @@ rm -rf $RPM_BUILD_ROOT
%{_sysconfdir}/rpm/macros.httpd
%changelog
+* Sat Jun 09 2012 Remi Collet <RPMS@FamilleCollet.com> - 2.4.2-18
+- sync with rawhide, rebuild for remi repo
+
+* Fri Jun 8 2012 Joe Orton <jorton@redhat.com> - 2.4.2-18
+- avoid use of "core" GIF for a "core" directory (#168776)
+- drop use of "syslog.target" in systemd unit file
+
+* Thu Jun 7 2012 Joe Orton <jorton@redhat.com> - 2.4.2-17
+- use _unitdir for systemd unit file
+- use /run in unit file, ssl.conf
+
+* Thu Jun 7 2012 Joe Orton <jorton@redhat.com> - 2.4.2-16
+- mod_ssl: fix NPN patch merge
+
+* Wed Jun 6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-15
+- move tmpfiles.d fragment into /usr/lib per new guidelines
+- package /run/httpd not /var/run/httpd
+- set runtimedir to /run/httpd likewise
+
+* Wed Jun 6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-14
+- fix htdbm/htpasswd crash on crypt() failure (#818684)
+
+* Wed Jun 6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-13
+- pull fix for NPN patch from upstream (r1345599)
+
* Sat Jun 02 2012 Remi Collet <RPMS@FamilleCollet.com> - 2.4.2-12
- sync with rawhide, rebuild for remi repo
diff --git a/httpd.tmpfiles b/httpd.tmpfiles
index 0cad373..49be6b8 100644
--- a/httpd.tmpfiles
+++ b/httpd.tmpfiles
@@ -1 +1 @@
-d /var/run/httpd 710 root apache
+d /run/httpd 710 root apache
diff --git a/pullrev.sh b/pullrev.sh
index 9968fa3..7ee601e 100755
--- a/pullrev.sh
+++ b/pullrev.sh
@@ -34,7 +34,7 @@ prev=/dev/null
for r in $*; do
echo "+ fetching ${r}"
this=`mktemp /tmp/pullrevXXXXXX`
- svn diff -c ${r} ${repo} | filterdiff --remove-timestamps -x 'CHANGES' \
+ svn diff -c ${r} ${repo} | filterdiff --remove-timestamps -x 'CHANGES' -x 'next-number' \
--addprefix="${prefix}/" > ${this}
next=`mktemp /tmp/pullrevXXXXXX`
combinediff --quiet ${prev} ${this} > ${next}
diff --git a/ssl.conf b/ssl.conf
index c6b89e3..ff60307 100644
--- a/ssl.conf
+++ b/ssl.conf
@@ -20,7 +20,7 @@ SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
# Inter-Process Session Cache:
# Configure the SSL Session Cache: First the mechanism
# to use and second the expiring timeout (in seconds).
-SSLSessionCache shmcb:/var/run/httpd/sslcache(512000)
+SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
# Pseudo Random Number Generator (PRNG):