[mod_wsgi/el5] backport ssl patch

jokajak jokajak at fedoraproject.org
Mon Nov 7 12:14:42 UTC 2011 

commit 31ab135ea5956ae835f93c983591343edd058a44
Author: Josh <jokajak at gmail.com>
Date:   Mon Nov 7 07:13:11 2011 -0500

    backport ssl patch

 bz719411.patch |  221 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 mod_wsgi.spec  |    7 ++-
 2 files changed, 227 insertions(+), 1 deletions(-)
---
diff --git a/bz719411.patch b/bz719411.patch
new file mode 100644
index 0000000..99312c4
--- /dev/null
+++ b/bz719411.patch
@@ -0,0 +1,221 @@
+diff -r c6904c2ee4e6 -r e1c09b0c8a2a mod_wsgi/mod_wsgi.c
+--- a/mod_wsgi/mod_wsgi.c	Mon Jul 26 05:11:44 2010 +0000
++++ b/mod_wsgi/mod_wsgi.c	Fri Jul 30 05:38:12 2010 +0000
+@@ -96,6 +96,12 @@
+ #include "http_config.h"
+ #include "ap_listen.h"
+ #include "apr_version.h"
++
++#include "apr_optional.h"
++
++typedef int (*ssl_is_https_t)(conn_rec *);
++typedef char *(*ssl_var_lookup_t)(apr_pool_t *, server_rec *, conn_rec *,
++                                  request_rec *, char *);
+ #endif
+ 
+ #include "ap_config.h"
+@@ -3610,6 +3616,23 @@
+         Py_DECREF(object);
+     }
+ 
++    /*
++     * Extensions for accessing SSL certificate information from
++     * mod_ssl when in use.
++     */
++
++#if AP_SERVER_MAJORVERSION_NUMBER >= 2
++    if (!wsgi_daemon_pool) {
++        object = PyObject_GetAttrString((PyObject *)self, "ssl_is_https");
++        PyDict_SetItemString(vars, "mod_ssl.is_https", object);
++        Py_DECREF(object);
++
++        object = PyObject_GetAttrString((PyObject *)self, "ssl_var_lookup");
++        PyDict_SetItemString(vars, "mod_ssl.var_lookup", object);
++        Py_DECREF(object);
++    }
++#endif
++
+     return vars;
+ }
+ 
+@@ -4052,10 +4075,75 @@
+     return newStreamObject(self, filelike, blksize);
+ }
+ 
++#if AP_SERVER_MAJORVERSION_NUMBER >= 2
++
++static PyObject *Adapter_ssl_is_https(AdapterObject *self, PyObject *args)
++{
++    ssl_is_https_t ssl_is_https = 0;
++
++    if (!self->r) {
++        PyErr_SetString(PyExc_RuntimeError, "request object has expired");
++        return NULL;
++    }
++
++    if (!PyArg_ParseTuple(args, ":ssl_is_https"))
++        return NULL;
++
++    ssl_is_https = (ssl_is_https_t)apr_dynamic_fn_retrieve("ssl_is_https");
++
++    if (ssl_is_https == 0)
++      return Py_BuildValue("i", 0);
++
++    return Py_BuildValue("i", ssl_is_https(self->r->connection));
++}
++
++static PyObject *Adapter_ssl_var_lookup(AdapterObject *self, PyObject *args)
++{
++    ssl_var_lookup_t ssl_var_lookup = 0;
++
++    char *name = 0;
++    char *value = 0;
++
++    if (!self->r) {
++        PyErr_SetString(PyExc_RuntimeError, "request object has expired");
++        return NULL;
++    }
++
++    if (!PyArg_ParseTuple(args, "s:ssl_var_lookup", &name))
++        return NULL;
++
++    ssl_var_lookup = (ssl_var_lookup_t)
++                      apr_dynamic_fn_retrieve("ssl_var_lookup");
++
++    if (ssl_var_lookup == 0)
++    {
++        Py_XINCREF(Py_None);
++
++        return Py_None;
++    }
++
++    value = ssl_var_lookup(self->r->pool, self->r->server,
++                           self->r->connection, self->r, name);
++
++    if (!value) {
++        Py_XINCREF(Py_None);
++
++        return Py_None;
++    }
++
++    return Py_BuildValue("s", value);
++}
++
++#endif
++
+ static PyMethodDef Adapter_methods[] = {
+     { "start_response", (PyCFunction)Adapter_start_response, METH_VARARGS, 0 },
+     { "write",          (PyCFunction)Adapter_write, METH_VARARGS, 0 },
+     { "file_wrapper",   (PyCFunction)Adapter_file_wrapper, METH_VARARGS, 0 },
++#if AP_SERVER_MAJORVERSION_NUMBER >= 2
++    { "ssl_is_https",   (PyCFunction)Adapter_ssl_is_https, METH_VARARGS, 0 },
++    { "ssl_var_lookup", (PyCFunction)Adapter_ssl_var_lookup, METH_VARARGS, 0 },
++#endif
+     { NULL, NULL}
+ };
+ 
+@@ -13685,9 +13773,95 @@
+         Py_DECREF(object);
+     }
+ 
++    /*
++     * Extensions for accessing SSL certificate information from
++     * mod_ssl when in use.
++     */
++
++#if AP_SERVER_MAJORVERSION_NUMBER >= 2
++    if (!wsgi_daemon_pool) {
++        object = PyObject_GetAttrString((PyObject *)self, "ssl_is_https");
++        PyDict_SetItemString(vars, "mod_ssl.is_https", object);
++        Py_DECREF(object);
++
++        object = PyObject_GetAttrString((PyObject *)self, "ssl_var_lookup");
++        PyDict_SetItemString(vars, "mod_ssl.var_lookup", object);
++        Py_DECREF(object);
++    }
++#endif
++
+     return vars;
+ }
+ 
++#if AP_SERVER_MAJORVERSION_NUMBER >= 2
++
++static PyObject *Auth_ssl_is_https(AuthObject *self, PyObject *args)
++{
++    ssl_is_https_t ssl_is_https = 0;
++
++    if (!self->r) {
++        PyErr_SetString(PyExc_RuntimeError, "request object has expired");
++        return NULL;
++    }
++
++    if (!PyArg_ParseTuple(args, ":ssl_is_https"))
++        return NULL;
++
++    ssl_is_https = (ssl_is_https_t)apr_dynamic_fn_retrieve("ssl_is_https");
++
++    if (ssl_is_https == 0)
++      return Py_BuildValue("i", 0);
++
++    return Py_BuildValue("i", ssl_is_https(self->r->connection));
++}
++
++static PyObject *Auth_ssl_var_lookup(AuthObject *self, PyObject *args)
++{
++    ssl_var_lookup_t ssl_var_lookup = 0;
++
++    char *name = 0;
++    char *value = 0;
++
++    if (!self->r) {
++        PyErr_SetString(PyExc_RuntimeError, "request object has expired");
++        return NULL;
++    }
++
++    if (!PyArg_ParseTuple(args, "s:ssl_var_lookup", &name))
++        return NULL;
++
++    ssl_var_lookup = (ssl_var_lookup_t)
++                      apr_dynamic_fn_retrieve("ssl_var_lookup");
++
++    if (ssl_var_lookup == 0)
++    {
++        Py_XINCREF(Py_None);
++
++        return Py_None;
++    }
++
++    value = ssl_var_lookup(self->r->pool, self->r->server,
++                           self->r->connection, self->r, name);
++
++    if (!value) {
++        Py_XINCREF(Py_None);
++
++        return Py_None;
++    }
++
++    return Py_BuildValue("s", value);
++}
++
++#endif
++
++static PyMethodDef Auth_methods[] = {
++#if AP_SERVER_MAJORVERSION_NUMBER >= 2
++    { "ssl_is_https",   (PyCFunction)Auth_ssl_is_https, METH_VARARGS, 0 },
++    { "ssl_var_lookup", (PyCFunction)Auth_ssl_var_lookup, METH_VARARGS, 0 },
++#endif
++    { NULL, NULL}
++};
++
+ static PyTypeObject Auth_Type = {
+     PyVarObject_HEAD_INIT(NULL, 0)
+     "mod_wsgi.Auth",        /*tp_name*/
+@@ -13717,7 +13891,7 @@
+     0,                      /*tp_weaklistoffset*/
+     0,                      /*tp_iter*/
+     0,                      /*tp_iternext*/
+-    0,                      /*tp_methods*/
++    Auth_methods,           /*tp_methods*/
+     0,                      /*tp_members*/
+     0,                      /*tp_getset*/
+     0,                      /*tp_base*/
diff --git a/mod_wsgi.spec b/mod_wsgi.spec
index df5faec..2942bf3 100644
--- a/mod_wsgi.spec
+++ b/mod_wsgi.spec
@@ -1,6 +1,6 @@
 Name:           mod_wsgi
 Version:        3.2
-Release:        1%{?dist}
+Release:        %{?dist}
 Summary:        A WSGI interface for Python web applications in Apache
 
 Group:          System Environment/Libraries
@@ -8,6 +8,7 @@ License:        ASL 2.0
 URL:            http://modwsgi.org
 Source0:        http://modwsgi.googlecode.com/files/%{name}-%{version}.tar.gz
 Source1:        wsgi.conf
+Patch0:         bz719411.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildRequires:  httpd-devel
@@ -24,6 +25,7 @@ existing WSGI adapters for mod_python or CGI.
 
 %prep
 %setup -q
+%patch0 -p2 -b ssl
 
 
 %build
@@ -51,6 +53,9 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Mon Nov 07 2011 Josh <jokajak at fedoraproject.org> 3.2-2
+- backport patch to support SSL options in 3.2 see bz719411
+
 * Tue Mar  9 2010 Josh Kayse <josh.kayse at gtri.gatech.edu> 3.2-1
 - update to 3.2
 - explicitly enable shared libraries

More information about the scm-commits mailing list