[mod_wsgi/el5] backport ssl patch
jokajak
jokajak at fedoraproject.org
Mon Nov 7 12:14:42 UTC 2011
commit 31ab135ea5956ae835f93c983591343edd058a44
Author: Josh <jokajak at gmail.com>
Date: Mon Nov 7 07:13:11 2011 -0500
backport ssl patch
bz719411.patch | 221 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
mod_wsgi.spec | 7 ++-
2 files changed, 227 insertions(+), 1 deletions(-)
---
diff --git a/bz719411.patch b/bz719411.patch
new file mode 100644
index 0000000..99312c4
--- /dev/null
+++ b/bz719411.patch
@@ -0,0 +1,221 @@
+diff -r c6904c2ee4e6 -r e1c09b0c8a2a mod_wsgi/mod_wsgi.c
+--- a/mod_wsgi/mod_wsgi.c Mon Jul 26 05:11:44 2010 +0000
++++ b/mod_wsgi/mod_wsgi.c Fri Jul 30 05:38:12 2010 +0000
+@@ -96,6 +96,12 @@
+ #include "http_config.h"
+ #include "ap_listen.h"
+ #include "apr_version.h"
++
++#include "apr_optional.h"
++
++typedef int (*ssl_is_https_t)(conn_rec *);
++typedef char *(*ssl_var_lookup_t)(apr_pool_t *, server_rec *, conn_rec *,
++ request_rec *, char *);
+ #endif
+
+ #include "ap_config.h"
+@@ -3610,6 +3616,23 @@
+ Py_DECREF(object);
+ }
+
++ /*
++ * Extensions for accessing SSL certificate information from
++ * mod_ssl when in use.
++ */
++
++#if AP_SERVER_MAJORVERSION_NUMBER >= 2
++ if (!wsgi_daemon_pool) {
++ object = PyObject_GetAttrString((PyObject *)self, "ssl_is_https");
++ PyDict_SetItemString(vars, "mod_ssl.is_https", object);
++ Py_DECREF(object);
++
++ object = PyObject_GetAttrString((PyObject *)self, "ssl_var_lookup");
++ PyDict_SetItemString(vars, "mod_ssl.var_lookup", object);
++ Py_DECREF(object);
++ }
++#endif
++
+ return vars;
+ }
+
+@@ -4052,10 +4075,75 @@
+ return newStreamObject(self, filelike, blksize);
+ }
+
++#if AP_SERVER_MAJORVERSION_NUMBER >= 2
++
++static PyObject *Adapter_ssl_is_https(AdapterObject *self, PyObject *args)
++{
++ ssl_is_https_t ssl_is_https = 0;
++
++ if (!self->r) {
++ PyErr_SetString(PyExc_RuntimeError, "request object has expired");
++ return NULL;
++ }
++
++ if (!PyArg_ParseTuple(args, ":ssl_is_https"))
++ return NULL;
++
++ ssl_is_https = (ssl_is_https_t)apr_dynamic_fn_retrieve("ssl_is_https");
++
++ if (ssl_is_https == 0)
++ return Py_BuildValue("i", 0);
++
++ return Py_BuildValue("i", ssl_is_https(self->r->connection));
++}
++
++static PyObject *Adapter_ssl_var_lookup(AdapterObject *self, PyObject *args)
++{
++ ssl_var_lookup_t ssl_var_lookup = 0;
++
++ char *name = 0;
++ char *value = 0;
++
++ if (!self->r) {
++ PyErr_SetString(PyExc_RuntimeError, "request object has expired");
++ return NULL;
++ }
++
++ if (!PyArg_ParseTuple(args, "s:ssl_var_lookup", &name))
++ return NULL;
++
++ ssl_var_lookup = (ssl_var_lookup_t)
++ apr_dynamic_fn_retrieve("ssl_var_lookup");
++
++ if (ssl_var_lookup == 0)
++ {
++ Py_XINCREF(Py_None);
++
++ return Py_None;
++ }
++
++ value = ssl_var_lookup(self->r->pool, self->r->server,
++ self->r->connection, self->r, name);
++
++ if (!value) {
++ Py_XINCREF(Py_None);
++
++ return Py_None;
++ }
++
++ return Py_BuildValue("s", value);
++}
++
++#endif
++
+ static PyMethodDef Adapter_methods[] = {
+ { "start_response", (PyCFunction)Adapter_start_response, METH_VARARGS, 0 },
+ { "write", (PyCFunction)Adapter_write, METH_VARARGS, 0 },
+ { "file_wrapper", (PyCFunction)Adapter_file_wrapper, METH_VARARGS, 0 },
++#if AP_SERVER_MAJORVERSION_NUMBER >= 2
++ { "ssl_is_https", (PyCFunction)Adapter_ssl_is_https, METH_VARARGS, 0 },
++ { "ssl_var_lookup", (PyCFunction)Adapter_ssl_var_lookup, METH_VARARGS, 0 },
++#endif
+ { NULL, NULL}
+ };
+
+@@ -13685,9 +13773,95 @@
+ Py_DECREF(object);
+ }
+
++ /*
++ * Extensions for accessing SSL certificate information from
++ * mod_ssl when in use.
++ */
++
++#if AP_SERVER_MAJORVERSION_NUMBER >= 2
++ if (!wsgi_daemon_pool) {
++ object = PyObject_GetAttrString((PyObject *)self, "ssl_is_https");
++ PyDict_SetItemString(vars, "mod_ssl.is_https", object);
++ Py_DECREF(object);
++
++ object = PyObject_GetAttrString((PyObject *)self, "ssl_var_lookup");
++ PyDict_SetItemString(vars, "mod_ssl.var_lookup", object);
++ Py_DECREF(object);
++ }
++#endif
++
+ return vars;
+ }
+
++#if AP_SERVER_MAJORVERSION_NUMBER >= 2
++
++static PyObject *Auth_ssl_is_https(AuthObject *self, PyObject *args)
++{
++ ssl_is_https_t ssl_is_https = 0;
++
++ if (!self->r) {
++ PyErr_SetString(PyExc_RuntimeError, "request object has expired");
++ return NULL;
++ }
++
++ if (!PyArg_ParseTuple(args, ":ssl_is_https"))
++ return NULL;
++
++ ssl_is_https = (ssl_is_https_t)apr_dynamic_fn_retrieve("ssl_is_https");
++
++ if (ssl_is_https == 0)
++ return Py_BuildValue("i", 0);
++
++ return Py_BuildValue("i", ssl_is_https(self->r->connection));
++}
++
++static PyObject *Auth_ssl_var_lookup(AuthObject *self, PyObject *args)
++{
++ ssl_var_lookup_t ssl_var_lookup = 0;
++
++ char *name = 0;
++ char *value = 0;
++
++ if (!self->r) {
++ PyErr_SetString(PyExc_RuntimeError, "request object has expired");
++ return NULL;
++ }
++
++ if (!PyArg_ParseTuple(args, "s:ssl_var_lookup", &name))
++ return NULL;
++
++ ssl_var_lookup = (ssl_var_lookup_t)
++ apr_dynamic_fn_retrieve("ssl_var_lookup");
++
++ if (ssl_var_lookup == 0)
++ {
++ Py_XINCREF(Py_None);
++
++ return Py_None;
++ }
++
++ value = ssl_var_lookup(self->r->pool, self->r->server,
++ self->r->connection, self->r, name);
++
++ if (!value) {
++ Py_XINCREF(Py_None);
++
++ return Py_None;
++ }
++
++ return Py_BuildValue("s", value);
++}
++
++#endif
++
++static PyMethodDef Auth_methods[] = {
++#if AP_SERVER_MAJORVERSION_NUMBER >= 2
++ { "ssl_is_https", (PyCFunction)Auth_ssl_is_https, METH_VARARGS, 0 },
++ { "ssl_var_lookup", (PyCFunction)Auth_ssl_var_lookup, METH_VARARGS, 0 },
++#endif
++ { NULL, NULL}
++};
++
+ static PyTypeObject Auth_Type = {
+ PyVarObject_HEAD_INIT(NULL, 0)
+ "mod_wsgi.Auth", /*tp_name*/
+@@ -13717,7 +13891,7 @@
+ 0, /*tp_weaklistoffset*/
+ 0, /*tp_iter*/
+ 0, /*tp_iternext*/
+- 0, /*tp_methods*/
++ Auth_methods, /*tp_methods*/
+ 0, /*tp_members*/
+ 0, /*tp_getset*/
+ 0, /*tp_base*/
diff --git a/mod_wsgi.spec b/mod_wsgi.spec
index df5faec..2942bf3 100644
--- a/mod_wsgi.spec
+++ b/mod_wsgi.spec
@@ -1,6 +1,6 @@
Name: mod_wsgi
Version: 3.2
-Release: 1%{?dist}
+Release: %{?dist}
Summary: A WSGI interface for Python web applications in Apache
Group: System Environment/Libraries
@@ -8,6 +8,7 @@ License: ASL 2.0
URL: http://modwsgi.org
Source0: http://modwsgi.googlecode.com/files/%{name}-%{version}.tar.gz
Source1: wsgi.conf
+Patch0: bz719411.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: httpd-devel
@@ -24,6 +25,7 @@ existing WSGI adapters for mod_python or CGI.
%prep
%setup -q
+%patch0 -p2 -b ssl
%build
@@ -51,6 +53,9 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Mon Nov 07 2011 Josh <jokajak at fedoraproject.org> 3.2-2
+- backport patch to support SSL options in 3.2 see bz719411
+
* Tue Mar 9 2010 Josh Kayse <josh.kayse at gtri.gatech.edu> 3.2-1
- update to 3.2
- explicitly enable shared libraries
More information about the scm-commits
mailing list