1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
|
%{!?_httpd_apxs: %{expand: %%global _httpd_apxs %%{_sbindir}/apxs}}
%{!?_httpd_mmn: %{expand: %%global _httpd_mmn %%(cat %{_includedir}/httpd/.mmn || echo missing-httpd-devel)}}
%{!?_httpd_confdir: %{expand: %%global _httpd_confdir %%{_sysconfdir}/httpd/conf.d}}
# /etc/httpd/conf.d with httpd < 2.4 and defined as /etc/httpd/conf.modules.d with httpd >= 2.4
%{!?_httpd_modconfdir: %{expand: %%global _httpd_modconfdir %%{_sysconfdir}/httpd/conf.d}}
Name: mod_revocator
Version: 1.0.3
Release: 14%{?dist}
Summary: CRL retrieval module for the Apache HTTP server
Group: System Environment/Daemons
License: ASL 2.0
URL: http://directory.fedora.redhat.com/wiki/Mod_revocator
Source: http://directory.fedora.redhat.com/sources/%{name}-%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: nspr-devel >= 4.6, nss-devel >= 3.11.9
BuildRequires: nss-pkcs11-devel >= 3.11
BuildRequires: nss-pkcs11-devel-static
BuildRequires: httpd-devel >= 0:2.0.52, apr-devel, apr-util-devel
BuildRequires: pkgconfig, autoconf, automake, libtool
BuildRequires: openldap-devel >= 2.2.29
Requires: mod_nss >= 1.0.8
Requires: httpd-mmn = %{_httpd_mmn}
Patch1: mod_revocator-libpath.patch
Patch2: mod_revocator-kill.patch
Patch3: mod_revocator-segfault-fix.patch
Patch4: mod_revocator-32-bit-semaphore-fix.patch
Patch5: mod_revocator-array-size.patch
Patch6: mod_revocator-waitpid.patch
%description
The mod_revocator module retrieves and installs remote
Certificate Revocate Lists (CRLs) into an Apache web server.
%prep
%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%build
autoreconf -fvi
# Needed for ppc64, automake can't be run here
for file in %{_datadir}/automake-*/config.{guess,sub}
do
cp -f $file .
done
CFLAGS="$RPM_OPT_FLAGS"
export CFLAGS
NSPR_INCLUDE_DIR=`/usr/bin/pkg-config --variable=includedir nspr`
NSPR_LIB_DIR=`/usr/bin/pkg-config --variable=libdir nspr`
NSS_INCLUDE_DIR=`/usr/bin/pkg-config --variable=includedir nss`
NSS_LIB_DIR=`/usr/bin/pkg-config --variable=libdir nss`
NSS_BIN=`/usr/bin/pkg-config --variable=exec_prefix nss`
%configure \
--with-nss-lib=$NSS_LIB_DIR \
--with-nss-inc=$NSS_INCLUDE_DIR \
--with-nspr-lib=$NSPR_LIB_DIR \
--with-nspr-inc=$NSPR_INCLUDE_DIR \
--with-apr-config --enable-openldap \
--with-apxs=%{_httpd_apxs}
make %{?_smp_flags} all
%install
# The install target of the Makefile isn't used because that uses apxs
# which tries to enable the module in the build host httpd instead of in
# the build root.
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT%{_httpd_confdir} $RPM_BUILD_ROOT%{_httpd_modconfdir} \
$RPM_BUILD_ROOT%{_libdir}/httpd/modules $RPM_BUILD_ROOT%{_bindir}
%if "%{_httpd_modconfdir}" != "%{_httpd_confdir}"
# httpd >= 2.4.x
sed -n /^LoadModule/p revocator.conf > 11-revocator.conf
sed -i /^LoadModule/d revocator.conf
install -m 644 11-revocator.conf $RPM_BUILD_ROOT%{_httpd_modconfdir}/11-revocator.conf
%endif
install -m 644 revocator.conf $RPM_BUILD_ROOT%{_httpd_confdir}/revocator.conf
install -m 755 .libs/libmodrev.so $RPM_BUILD_ROOT%{_libdir}/httpd/modules/mod_rev.so
# Ugh, manually create the ldconfig symbolic links
version=`grep -v '^\#' ./libtool-version`
current=`echo $version | cut -d: -f1`
revision=`echo $version | cut -d: -f2`
age=`echo $version | cut -d: -f3`
install -m 755 .libs/librevocation.so.$current.$revision.$age $RPM_BUILD_ROOT%{_libdir}/
(cd $RPM_BUILD_ROOT%{_libdir} && ln -s librevocation.so.$current.$revision.$age librevocation.so.0)
(cd $RPM_BUILD_ROOT%{_libdir} && ln -s librevocation.so.$current.$revision.$age librevocation.so)
install -m 755 ldapget $RPM_BUILD_ROOT%{_bindir}/
install -m 755 crlhelper $RPM_BUILD_ROOT%{_bindir}/
%clean
rm -rf $RPM_BUILD_ROOT
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%files
%defattr(-,root,root,-)
%doc README LICENSE docs/mod_revocator.html
%config(noreplace) %{_httpd_confdir}/*.conf
%if "%{_httpd_modconfdir}" != "%{_httpd_confdir}"
%config(noreplace) %{_httpd_modconfdir}/*.conf
%endif
%{_libdir}/httpd/modules/mod_rev.so
# rpmlint will complain that librevocation.so is a shared library but this
# must be ignored because this file is loaded directly by name by the Apache
# module.
%{_libdir}/librevocation.*so*
%{_bindir}/ldapget
%{_bindir}/crlhelper
%changelog
* Sat Nov 17 2012 Remi Collet <RPMS@FamilleCollet.com> - 1.0.3-14
- rebuild for remi repo and httpd 2.4
* Mon Oct 8 2012 Matthew Harmsen <mharmsen@redhat.com> - 1.0.3-14
- Bugzilla Bug #861999 - mod_revocator exec CLR URIs fail to load: unable to
load Revocation module, NSS error -8187 - stephen.capstick64@gmail.com
(mod_revocator-waitpid.patch)
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.3-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Tue Apr 24 2012 Remi Collet <RPMS@FamilleCollet.com> - 1.0.3-12
- rebuild for remi repo and httpd 2.4
* Mon Apr 23 2012 Joe Orton <jorton@redhat.com> - 1.0.3-12
- use 11- prefix for config file w/2.4
* Wed Apr 18 2012 Remi Collet <RPMS@FamilleCollet.com> - 1.0.3-11
- rebuild for remi repo and httpd 2.4
* Wed Apr 18 2012 Joe Orton <jorton@redhat.com> - 1.0.3-11
- fix deps, packaging for 2.4 (#803074)
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.3-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Thu Oct 27 2011 Matthew Harmsen <mharmsen@redhat.com> - 1.0.3-9
- Bugzilla Bug #716874 - httpd (32 bit) failed to start if mod_revocator
(32 bit) is installed on ppc64
* Fri Oct 21 2011 Matthew Harmsen <mharmsen@redhat.com> - 1.0.3-7
- Bugzilla Bug #716355 - mod_revocator does not shut down httpd server if
expired CRL is fetched
- Bugzilla Bug #716361 - mod_revocator does not bring down httpd server if
CRLUpdate fails
* Tue Oct 11 2011 Matthew Harmsen <mharmsen@redhat.com> - 1.0.3-6
- Bugzilla Bug #737556 - CRLS are not downloaded when mod_revocator module
is loaded successfully. And no error was thrown in httpd error_log -
mharmsen
- Add 'autoreconf -fvi' to build section - mharmsen
- Fix shutting down Apache if CRLUpdateCritical is on and a CRL
is not available at startup (#654378) - rcritten@redhat.com
- Updated mod_revocator-kill patch. The ownership of the semaphore used to
control access to crlhelper was not always changed to the Apache user
(#648546) - rcritten@redhat.com
- Actually apply the patch (#648546) - rcritten@redhat.com
- Fix killing the web server if updatecritical is set (#648546) -
rcritten@redhat.com
* Mon Mar 7 2011 Rob Crittenden <rcritten@redhat.com> - 1.0.3-4
- Use correct package name, nss-pkcs11-devel-static (#640293)
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Tue Oct 4 2010 Rob Crittenden <rcritten@redhat.com> - 1.0.3-2
- Add BuildRequires: nss-pkcs11-static (#640293)
* Tue Apr 14 2010 Rob Crittenden <rcritten@redhat.com> - 1.0.3-1
- Update to upstream 1.0.3
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.2-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Wed Mar 04 2009 Robert Scheck <robert@fedoraproject.org> - 1.0.2-7
- Solve the ppc64-redhat-linux-gnu configure target error
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Mon Aug 11 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 1.0.2-5
- fix license tag
* Mon Feb 25 2008 Rob Crittenden <rcritten@redhat.com> 1.0.2-4
- The nss package changed the location of the NSS shared libraries to /lib from
/usr/lib. Static libraries remained in /usr/lib. They then updated their
devel package to put symlinks back from /lib to /usr. Respin to pick that up.
BZ 434395.
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 1.0.2-3
- Autorebuild for GCC 4.3
* Wed Dec 5 2007 Rob Crittenden <rcritten@redhat.com> 1.0.2-2
- Respin to pick up new openldap
* Mon Oct 16 2006 Rob Crittenden <rcritten@redhat.com> 1.0.2-1
- Initial build
|
