[httpd: 1/2] mod_ssl: allow SSLEngine to override Listen-based default (r1537535)
jorton
jorton at fedoraproject.org
Thu Oct 31 16:09:51 UTC 2013
commit 42eaf6a3752067ff0179a5b68d86ea2474181bbd
Author: Joe Orton <jorton at redhat.com>
Date: Thu Oct 31 15:54:58 2013 +0000
mod_ssl: allow SSLEngine to override Listen-based default (r1537535)
httpd-2.4.6-r1537535.patch | 38 ++++++++++++++++++++++++++++++++++++++
httpd.spec | 7 ++++++-
2 files changed, 44 insertions(+), 1 deletions(-)
---
diff --git a/httpd-2.4.6-r1537535.patch b/httpd-2.4.6-r1537535.patch
new file mode 100644
index 0000000..dc2c6c9
--- /dev/null
+++ b/httpd-2.4.6-r1537535.patch
@@ -0,0 +1,38 @@
+# ./pullrev.sh 1537535
+
+http://svn.apache.org/viewvc?view=revision&revision=1537535
+
+--- httpd-2.4.6/modules/ssl/ssl_engine_config.c.r1537535
++++ httpd-2.4.6/modules/ssl/ssl_engine_config.c
+@@ -198,7 +198,7 @@ static SSLSrvConfigRec *ssl_config_serve
+ SSLSrvConfigRec *sc = apr_palloc(p, sizeof(*sc));
+
+ sc->mc = NULL;
+- sc->enabled = SSL_ENABLED_FALSE;
++ sc->enabled = SSL_ENABLED_UNSET;
+ sc->proxy_enabled = UNSET;
+ sc->vhost_id = NULL; /* set during module init */
+ sc->vhost_id_len = 0; /* set during module init */
+--- httpd-2.4.6/modules/ssl/ssl_engine_init.c.r1537535
++++ httpd-2.4.6/modules/ssl/ssl_engine_init.c
+@@ -289,13 +289,16 @@ int ssl_init_Module(apr_pool_t *p, apr_p
+ sc->vhost_id = ssl_util_vhostid(p, s);
+ sc->vhost_id_len = strlen(sc->vhost_id);
+
+- if (ap_get_server_protocol(s) &&
+- strcmp("https", ap_get_server_protocol(s)) == 0) {
++ /* Default to enabled if SSLEngine is not set explicitly, and
++ * the protocol is https. */
++ if (ap_get_server_protocol(s)
++ && strcmp("https", ap_get_server_protocol(s)) == 0
++ && sc->enabled == SSL_ENABLED_UNSET) {
+ sc->enabled = SSL_ENABLED_TRUE;
+ }
+
+- /* If sc->enabled is UNSET, then SSL is optional on this vhost */
+- /* Fix up stuff that may not have been set */
++ /* Fix up stuff that may not have been set. If sc->enabled is
++ * UNSET, then SSL is disabled on this vhost. */
+ if (sc->enabled == SSL_ENABLED_UNSET) {
+ sc->enabled = SSL_ENABLED_FALSE;
+ }
diff --git a/httpd.spec b/httpd.spec
index 6fdb368..b4f4063 100644
--- a/httpd.spec
+++ b/httpd.spec
@@ -14,7 +14,7 @@
Summary: Apache HTTP Server
Name: httpd
Version: 2.4.6
-Release: 4%{?dist}
+Release: 5%{?dist}
URL: http://httpd.apache.org/
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
Source1: index.html
@@ -62,6 +62,7 @@ Patch28: httpd-2.4.6-r1332643+.patch
Patch29: httpd-2.4.3-mod_systemd.patch
Patch30: httpd-2.4.4-cachehardmax.patch
Patch31: httpd-2.4.6-sslmultiproxy.patch
+Patch32: httpd-2.4.6-r1537535.patch
# Bug fixes
Patch51: httpd-2.4.3-sslsninotreq.patch
Patch55: httpd-2.4.4-malformed-host.patch
@@ -189,6 +190,7 @@ interface for storing and accessing per-user session data.
%patch29 -p1 -b .systemd
%patch30 -p1 -b .cachehardmax
%patch31 -p1 -b .sslmultiproxy
+%patch32 -p1 -b .r1537535
%patch51 -p1 -b .sninotreq
%patch55 -p1 -b .malformedhost
@@ -621,6 +623,9 @@ rm -rf $RPM_BUILD_ROOT
%{_sysconfdir}/rpm/macros.httpd
%changelog
+* Thu Oct 31 2013 Joe Orton <jorton at redhat.com> - 2.4.6-5
+- mod_ssl: allow SSLEngine to override Listen-based default (r1537535)
+
* Mon Oct 21 2013 Joe Orton <jorton at redhat.com> - 2.4.6-4
- load mod_macro by default (#998452)
- add README to conf.modules.d
More information about the scm-commits
mailing list