[httpd] mod_ssl: fix NPN patch merge
jorton
jorton at fedoraproject.org
Thu Jun 7 10:09:31 UTC 2012
commit 7e10e903e3c8c1f69b01dd4e2e166b7fa634ab1c
Author: Joe Orton <jorton at redhat.com>
Date: Thu Jun 7 11:09:21 2012 +0100
mod_ssl: fix NPN patch merge
httpd-2.4.2-r1332643+.patch | 71 ++++++++++++++++++++++--------------------
httpd.spec | 5 ++-
2 files changed, 41 insertions(+), 35 deletions(-)
---
diff --git a/httpd-2.4.2-r1332643+.patch b/httpd-2.4.2-r1332643+.patch
index a8ff500..be9b984 100644
--- a/httpd-2.4.2-r1332643+.patch
+++ b/httpd-2.4.2-r1332643+.patch
@@ -6,31 +6,9 @@ http://svn.apache.org/viewvc?view=revision&revision=1332643
http://svn.apache.org/viewvc?view=revision&revision=1345599
---- httpd-2.4.2/modules/ssl/ssl_private.h
-+++ httpd-2.4.2/modules/ssl/ssl_private.h
-@@ -139,6 +139,11 @@
- #define HAVE_FIPS
- #endif
-
-+#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG) \
-+ && !defined(OPENSSL_NO_TLSEXT)
-+#define HAVE_TLS_NPN
-+#endif
-+
- #if (OPENSSL_VERSION_NUMBER >= 0x10000000)
- #define MODSSL_SSL_CIPHER_CONST const
- #define MODSSL_SSL_METHOD_CONST const
-@@ -811,6 +816,7 @@
- int ssl_callback_SessionTicket(SSL *, unsigned char *, unsigned char *,
- EVP_CIPHER_CTX *, HMAC_CTX *, int);
- #endif
-+int ssl_callback_AdvertiseNextProtos(SSL *ssl, const unsigned char **data, unsigned int *len, void *arg);
-
- /** Session Cache Support */
- void ssl_scache_init(server_rec *, apr_pool_t *);
---- httpd-2.4.2/modules/ssl/mod_ssl.c
+--- httpd-2.4.2/modules/ssl/mod_ssl.c.r1332643+
+++ httpd-2.4.2/modules/ssl/mod_ssl.c
-@@ -260,6 +260,18 @@
+@@ -260,6 +260,18 @@ static const command_rec ssl_config_cmds
AP_END_CMD
};
@@ -49,9 +27,9 @@ http://svn.apache.org/viewvc?view=revision&revision=1345599
/*
* the various processing hooks
*/
---- httpd-2.4.2/modules/ssl/mod_ssl.h
+--- httpd-2.4.2/modules/ssl/mod_ssl.h.r1332643+
+++ httpd-2.4.2/modules/ssl/mod_ssl.h
-@@ -63,5 +63,26 @@
+@@ -63,5 +63,26 @@ APR_DECLARE_OPTIONAL_FN(int, ssl_proxy_e
APR_DECLARE_OPTIONAL_FN(int, ssl_engine_disable, (conn_rec *));
@@ -78,9 +56,9 @@ http://svn.apache.org/viewvc?view=revision&revision=1345599
+
#endif /* __MOD_SSL_H__ */
/** @} */
---- httpd-2.4.2/modules/ssl/ssl_engine_init.c
+--- httpd-2.4.2/modules/ssl/ssl_engine_init.c.r1332643+
+++ httpd-2.4.2/modules/ssl/ssl_engine_init.c
-@@ -681,6 +681,11 @@
+@@ -681,6 +681,11 @@ static void ssl_init_ctx_callbacks(serve
#endif
SSL_CTX_set_info_callback(ctx, ssl_callback_Info);
@@ -92,7 +70,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1345599
}
static void ssl_init_ctx_verify(server_rec *s,
---- httpd-2.4.2/modules/ssl/ssl_engine_io.c
+--- httpd-2.4.2/modules/ssl/ssl_engine_io.c.r1332643+
+++ httpd-2.4.2/modules/ssl/ssl_engine_io.c
@@ -28,6 +28,7 @@
core keeps dumping.''
@@ -102,7 +80,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1345599
#include "apr_date.h"
/* _________________________________________________________________
-@@ -297,6 +298,7 @@
+@@ -297,6 +298,7 @@ typedef struct {
apr_pool_t *pool;
char buffer[AP_IOBUFSIZE];
ssl_filter_ctx_t *filter_ctx;
@@ -110,7 +88,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1345599
} bio_filter_in_ctx_t;
/*
-@@ -1374,6 +1376,26 @@
+@@ -1364,6 +1366,26 @@ static apr_status_t ssl_io_filter_input(
APR_BRIGADE_INSERT_TAIL(bb, bucket);
}
@@ -137,7 +115,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1345599
return APR_SUCCESS;
}
-@@ -1855,6 +1877,7 @@
+@@ -1845,6 +1867,7 @@ static void ssl_io_input_add_filter(ssl_
inctx->block = APR_BLOCK_READ;
inctx->pool = c->pool;
inctx->filter_ctx = filter_ctx;
@@ -145,7 +123,7 @@ http://svn.apache.org/viewvc?view=revision&revision=1345599
}
/* The request_rec pointer is passed in here only to ensure that the
---- httpd-2.4.2/modules/ssl/ssl_engine_kernel.c
+--- httpd-2.4.2/modules/ssl/ssl_engine_kernel.c.r1332643+
+++ httpd-2.4.2/modules/ssl/ssl_engine_kernel.c
@@ -29,6 +29,7 @@
time I was too famous.''
@@ -155,7 +133,10 @@ http://svn.apache.org/viewvc?view=revision&revision=1345599
#include "util_md5.h"
static void ssl_configure_env(request_rec *r, SSLConnRec *sslconn);
-@@ -2145,0 +2147,83 @@
+@@ -2164,3 +2165,86 @@ int ssl_callback_SessionTicket(SSL *ssl,
+ return -1;
+ }
+ #endif
+
+#ifdef HAVE_TLS_NPN
+/*
@@ -239,3 +220,25 @@ http://svn.apache.org/viewvc?view=revision&revision=1345599
+ return SSL_TLSEXT_ERR_OK;
+}
+#endif
+--- httpd-2.4.2/modules/ssl/ssl_private.h.r1332643+
++++ httpd-2.4.2/modules/ssl/ssl_private.h
+@@ -139,6 +139,11 @@
+ #define HAVE_FIPS
+ #endif
+
++#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG) \
++ && !defined(OPENSSL_NO_TLSEXT)
++#define HAVE_TLS_NPN
++#endif
++
+ #if (OPENSSL_VERSION_NUMBER >= 0x10000000)
+ #define MODSSL_SSL_CIPHER_CONST const
+ #define MODSSL_SSL_METHOD_CONST const
+@@ -807,6 +812,7 @@ int ssl_callback_ServerNameIndi
+ int ssl_callback_SessionTicket(SSL *, unsigned char *, unsigned char *,
+ EVP_CIPHER_CTX *, HMAC_CTX *, int);
+ #endif
++int ssl_callback_AdvertiseNextProtos(SSL *ssl, const unsigned char **data, unsigned int *len, void *arg);
+
+ /** Session Cache Support */
+ void ssl_scache_init(server_rec *, apr_pool_t *);
diff --git a/httpd.spec b/httpd.spec
index 94cf9e9..8313b3e 100644
--- a/httpd.spec
+++ b/httpd.spec
@@ -8,7 +8,7 @@
Summary: Apache HTTP Server
Name: httpd
Version: 2.4.2
-Release: 15%{?dist}
+Release: 16%{?dist}
URL: http://httpd.apache.org/
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
Source1: index.html
@@ -567,6 +567,9 @@ rm -rf $RPM_BUILD_ROOT
%{_sysconfdir}/rpm/macros.httpd
%changelog
+* Thu Jun 7 2012 Joe Orton <jorton at redhat.com> - 2.4.2-16
+- mod_ssl: fix NPN patch merge
+
* Wed Jun 6 2012 Joe Orton <jorton at redhat.com> - 2.4.2-15
- move tmpfiles.d fragment into /usr/lib per new guidelines
- package /run/httpd not /var/run/httpd
More information about the scm-commits
mailing list