From ad2289539025930128771f245b896a5ab6a20ea8 Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Fri, 27 Apr 2012 17:21:14 +0200 Subject: httpd: sync with rawhide --- httpd-2.4.2-r1326980+.patch | 65 ++++++++++++++++++++++++++++++++++++ httpd-2.4.2-r1327036+.patch | 80 +++++++++++++++++++++++++++++++++++++++++++++ httpd.spec | 14 +++++++- pullrev.sh | 51 +++++++++++++++++++++++++++++ 4 files changed, 209 insertions(+), 1 deletion(-) create mode 100644 httpd-2.4.2-r1326980+.patch create mode 100644 httpd-2.4.2-r1327036+.patch create mode 100755 pullrev.sh diff --git a/httpd-2.4.2-r1326980+.patch b/httpd-2.4.2-r1326980+.patch new file mode 100644 index 0000000..3d37c3f --- /dev/null +++ b/httpd-2.4.2-r1326980+.patch @@ -0,0 +1,65 @@ + +http://svn.apache.org/viewvc?view=revision&revision=1326980 +http://svn.apache.org/viewvc?view=revision&revision=1326984 +http://svn.apache.org/viewvc?view=revision&revision=1326991 + +--- httpd-2.4.2/modules/loggers/mod_log_debug.c ++++ httpd-2.4.2/modules/loggers/mod_log_debug.c +@@ -35,8 +35,8 @@ + apr_array_header_t *entries; + } log_debug_dirconf; + +-const char *allhooks = "all"; +-const char * const hooks[] = { ++static const char *allhooks = "all"; ++static const char * const hooks[] = { + "log_transaction", /* 0 */ + "quick_handler", /* 1 */ + "handler", /* 2 */ +--- httpd-2.4.2/modules/filters/sed1.c ++++ httpd-2.4.2/modules/filters/sed1.c +@@ -25,7 +25,7 @@ + #include "apr_strings.h" + #include "regexp.h" + +-char *trans[040] = { ++static const char *const trans[040] = { + "\\01", + "\\02", + "\\03", +@@ -58,7 +58,7 @@ + "\\36", + "\\37" + }; +-char rub[] = {"\\177"}; ++static const char rub[] = {"\\177"}; + + extern int sed_step(char *p1, char *p2, int circf, step_vars_storage *vars); + static int substitute(sed_eval_t *eval, sed_reptr_t *ipc, +@@ -692,7 +692,8 @@ + step_vars_storage *step_vars) + { + int i; +- char *p1, *p2, *p3; ++ char *p1, *p2; ++ const char *p3; + int length; + char sz[32]; /* 32 bytes enough to store 64 bit integer in decimal */ + apr_status_t rv = APR_SUCCESS; +--- httpd-2.4.2/modules/filters/config.m4 ++++ httpd-2.4.2/modules/filters/config.m4 +@@ -16,7 +16,13 @@ + APACHE_MODULE(substitute, response content rewrite-like filtering, , , most) + + sed_obj="mod_sed.lo sed0.lo sed1.lo regexp.lo" +-APACHE_MODULE(sed, filter request and/or response bodies through sed, $sed_obj, , most) ++APACHE_MODULE(sed, filter request and/or response bodies through sed, $sed_obj, , most, [ ++ if test "x$enable_sed" = "xshared"; then ++ # The only symbol which needs to be exported is the module ++ # structure, so ask libtool to hide libsed internals: ++ APR_ADDTO(MOD_SED_LDADD, [-export-symbols-regex sed_module]) ++ fi ++]) + + if test "$ac_cv_ebcdic" = "yes"; then + # mod_charset_lite can be very useful on an ebcdic system, diff --git a/httpd-2.4.2-r1327036+.patch b/httpd-2.4.2-r1327036+.patch new file mode 100644 index 0000000..63ef401 --- /dev/null +++ b/httpd-2.4.2-r1327036+.patch @@ -0,0 +1,80 @@ + +http://svn.apache.org/viewvc?view=revision&revision=1327036 +http://svn.apache.org/viewvc?view=revision&revision=1327080 + +--- httpd-2.4.2/server/mpm_unix.c ++++ httpd-2.4.2/server/mpm_unix.c +@@ -501,14 +501,14 @@ + return rv; + } + +-/* This function connects to the server, then immediately closes the connection. +- * This permits the MPM to skip the poll when there is only one listening +- * socket, because it provides a alternate way to unblock an accept() when +- * the pod is used. +- */ ++/* This function connects to the server and sends enough data to ++ * ensure the child wakes up and processes a new connection. This ++ * permits the MPM to skip the poll when there is only one listening ++ * socket, because it provides a alternate way to unblock an accept() ++ * when the pod is used. */ + static apr_status_t dummy_connection(ap_pod_t *pod) + { +- char *srequest; ++ const char *data; + apr_status_t rv; + apr_socket_t *sock; + apr_pool_t *p; +@@ -574,24 +574,37 @@ + return rv; + } + +- /* Create the request string. We include a User-Agent so that +- * adminstrators can track down the cause of the odd-looking +- * requests in their logs. +- */ +- srequest = apr_pstrcat(p, "OPTIONS * HTTP/1.0\r\nUser-Agent: ", ++ if (lp->protocol && strcasecmp(lp->protocol, "https") == 0) { ++ /* Send a TLS 1.0 close_notify alert. This is perhaps the ++ * "least wrong" way to open and cleanly terminate an SSL ++ * connection. It should "work" without noisy error logs if ++ * the server actually expects SSLv3/TLSv1. With ++ * SSLv23_server_method() OpenSSL's SSL_accept() fails ++ * ungracefully on receipt of this message, since it requires ++ * an 11-byte ClientHello message and this is too short. */ ++ static const unsigned char tls10_close_notify[7] = { ++ '\x15', /* TLSPlainText.type = Alert (21) */ ++ '\x03', '\x01', /* TLSPlainText.version = {3, 1} */ ++ '\x00', '\x02', /* TLSPlainText.length = 2 */ ++ '\x01', /* Alert.level = warning (1) */ ++ '\x00' /* Alert.description = close_notify (0) */ ++ }; ++ data = (const char *)tls10_close_notify; ++ len = sizeof(tls10_close_notify); ++ } ++ else /* ... XXX other request types here? */ { ++ /* Create an HTTP request string. We include a User-Agent so ++ * that adminstrators can track down the cause of the ++ * odd-looking requests in their logs. A complete request is ++ * used since kernel-level filtering may require that much ++ * data before returning from accept(). */ ++ data = apr_pstrcat(p, "OPTIONS * HTTP/1.0\r\nUser-Agent: ", + ap_get_server_description(), + " (internal dummy connection)\r\n\r\n", NULL); ++ len = strlen(data); ++ } + +- /* Since some operating systems support buffering of data or entire +- * requests in the kernel, we send a simple request, to make sure +- * the server pops out of a blocking accept(). +- */ +- /* XXX: This is HTTP specific. We should look at the Protocol for each +- * listener, and send the correct type of request to trigger any Accept +- * Filters. +- */ +- len = strlen(srequest); +- apr_socket_send(sock, srequest, &len); ++ apr_socket_send(sock, data, &len); + apr_socket_close(sock); + apr_pool_destroy(p); + diff --git a/httpd.spec b/httpd.spec index c951af2..dff64b1 100644 --- a/httpd.spec +++ b/httpd.spec @@ -8,7 +8,7 @@ Summary: Apache HTTP Server Name: httpd Version: 2.4.2 -Release: 3%{?dist} +Release: 4%{?dist} URL: http://httpd.apache.org/ Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2 Source1: index.html @@ -47,6 +47,8 @@ Patch25: httpd-2.4.1-selinux.patch Patch26: httpd-2.4.1-suenable.patch # Bug fixes Patch40: httpd-2.4.2-restart.patch +Patch41: httpd-2.4.2-r1327036+.patch +Patch42: httpd-2.4.2-r1326980+.patch License: ASL 2.0 Group: System Environment/Daemons BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root @@ -155,6 +157,8 @@ authentication to the Apache HTTP Server. %patch26 -p1 -b .suenable %patch40 -p1 -b .restart +%patch41 -p1 -b .r1327036+ +%patch42 -p1 -b .r1326980+ # Patch in vendor/release string sed "s/@RELEASE@/%{vstring}/" < %{PATCH20} | patch -p1 @@ -558,6 +562,14 @@ rm -rf $RPM_BUILD_ROOT %{_sysconfdir}/rpm/macros.httpd %changelog +* Fri Apr 27 2012 Remi Collet - 2.4.2-4 +- sync with rawhide, rebuild for remi repo + +* Fri Apr 27 2012 Joe Orton - 2.4.2-4 +- pull from upstream: + * use TLS close_notify alert for dummy_connection (r1326980+) + * cleanup symbol exports (r1327036+) + * Fri Apr 20 2012 Remi Collet - 2.4.2-3 - sync with rawhide, rebuild for remi repo diff --git a/pullrev.sh b/pullrev.sh new file mode 100755 index 0000000..14477ad --- /dev/null +++ b/pullrev.sh @@ -0,0 +1,51 @@ +#!/bin/sh + +if [ $# -lt 1 ]; then + echo "What?" + exit 1 +fi + +repo="https://svn.apache.org/repos/asf/httpd/httpd/trunk" +ver=2.4.2 +prefix="httpd-${ver}" +suffix="r$1${2:++}" +fn="${prefix}-${suffix}.patch" +vcurl="http://svn.apache.org/viewvc?view=revision&revision=" + +if test -f ${fn}; then + mv -v -f ${fn} ${fn}\~ + sed '/^--- /,$d' < ${fn}\~ > ${fn} +else + echo > ${fn} +fi + +new=0 +for r in $*; do + if ! grep -q "${vcurl}${r}" ${fn}; then + echo "${vcurl}${r}" + new=1 + fi +done >> ${fn} + +[ $new -eq 0 ] || echo >> ${fn} + +prev=/dev/null +for r in $*; do + echo "+ fetching ${r}" + this=`mktemp /tmp/pullrevXXXXXX` + svn diff -c ${r} ${repo} | filterdiff --remove-timestamps --addprefix="${prefix}/" > ${this} + next=`mktemp /tmp/pullrevXXXXXX` + combinediff --quiet ${prev} ${this} > ${next} + rm -f "${this}" + [ "${prev}" = "/dev/null" ] || rm -f "${prev}" + prev=${next} +done + +cat ${prev} >> ${fn} + +vi "${fn}" +echo "+ git add ${fn}" +git add "${fn}" +echo "+ spec template:" +echo "PatchN: ${fn}" +echo "%patchN -p1 -b .${suffix}" -- cgit