[httpd] conflict with pre-1.5.0 APR

[jorton]

commit a2e9cec246c3fefa0752bc042b5bb264d3be014e
Author: Joe Orton <jorton at redhat.com>
Date:   Thu Dec 12 14:13:38 2013 +0000

    conflict with pre-1.5.0 APR
    
    - fix sslsninotreq patch

 httpd-2.4.7-sslsninotreq.patch |   78 ++++++++++++++++++++++++++++++++++++++-
 httpd.spec                     |    9 ++++-
 2 files changed, 83 insertions(+), 4 deletions(-)
---
diff --git a/httpd-2.4.7-sslsninotreq.patch b/httpd-2.4.7-sslsninotreq.patch
index a5d124b..55d6fb3 100644
--- a/httpd-2.4.7-sslsninotreq.patch
+++ b/httpd-2.4.7-sslsninotreq.patch
@@ -1,2 +1,76 @@
-diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c
-index 15993f1..53ed6f1 100644
+
+--- httpd-2.4.7/modules/ssl/ssl_engine_config.c.sslsninotreq
++++ httpd-2.4.7/modules/ssl/ssl_engine_config.c
+@@ -55,6 +55,7 @@ SSLModConfigRec *ssl_config_global_creat
+     mc = (SSLModConfigRec *)apr_palloc(pool, sizeof(*mc));
+     mc->pPool = pool;
+     mc->bFixed = FALSE;
++    mc->sni_required = FALSE;
+ 
+     /*
+      * initialize per-module configuration
+--- httpd-2.4.7/modules/ssl/ssl_engine_init.c.sslsninotreq
++++ httpd-2.4.7/modules/ssl/ssl_engine_init.c
+@@ -234,7 +234,7 @@ int ssl_init_Module(apr_pool_t *p, apr_p
+     /*
+      * Configuration consistency checks
+      */
+-    ssl_init_CheckServers(base_server, ptemp);
++    ssl_init_CheckServers(mc, base_server, ptemp);
+ 
+     /*
+      *  Announce mod_ssl and SSL library in HTTP Server field
+@@ -1322,7 +1322,7 @@ void ssl_init_ConfigureServer(server_rec
+     }
+ }
+ 
+-void ssl_init_CheckServers(server_rec *base_server, apr_pool_t *p)
++void ssl_init_CheckServers(SSLModConfigRec *mc, server_rec *base_server, apr_pool_t *p)
+ {
+     server_rec *s, *ps;
+     SSLSrvConfigRec *sc;
+@@ -1404,6 +1404,7 @@ void ssl_init_CheckServers(server_rec *b
+     }
+ 
+     if (conflict) {
++        mc->sni_required = TRUE;
+ #ifndef HAVE_TLSEXT
+         ap_log_error(APLOG_MARK, APLOG_WARNING, 0, base_server, APLOGNO(01917)
+                      "Init: You should not use name-based "
+--- httpd-2.4.7/modules/ssl/ssl_engine_kernel.c.sslsninotreq
++++ httpd-2.4.7/modules/ssl/ssl_engine_kernel.c
+@@ -164,6 +164,7 @@ int ssl_hook_ReadReq(request_rec *r)
+     }
+ #ifdef HAVE_TLSEXT
+     if ((servername = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name))) {
++    if (myModConfig(r->server)->sni_required) {
+         char *host, *scope_id;
+         apr_port_t port;
+         apr_status_t rv;
+@@ -205,6 +206,7 @@ int ssl_hook_ReadReq(request_rec *r)
+                      " virtual host");
+         return HTTP_FORBIDDEN;
+     }
++    }
+ #endif
+     SSL_set_app_data2(ssl, r);
+ 
+--- httpd-2.4.7/modules/ssl/ssl_private.h.sslsninotreq
++++ httpd-2.4.7/modules/ssl/ssl_private.h
+@@ -520,6 +520,7 @@ typedef struct {
+     struct {
+         void *pV1, *pV2, *pV3, *pV4, *pV5, *pV6, *pV7, *pV8, *pV9, *pV10;
+     } rCtx;
++    BOOL            sni_required;
+ } SSLModConfigRec;
+ 
+ /** Structure representing configured filenames for certs and keys for
+@@ -765,7 +766,7 @@ const char *ssl_cmd_SSLFIPS(cmd_parms *c
+ int          ssl_init_Module(apr_pool_t *, apr_pool_t *, apr_pool_t *, server_rec *);
+ void         ssl_init_Engine(server_rec *, apr_pool_t *);
+ void         ssl_init_ConfigureServer(server_rec *, apr_pool_t *, apr_pool_t *, SSLSrvConfigRec *);
+-void         ssl_init_CheckServers(server_rec *, apr_pool_t *);
++void         ssl_init_CheckServers(SSLModConfigRec *mc, server_rec *, apr_pool_t *);
+ STACK_OF(X509_NAME)
+             *ssl_init_FindCAList(server_rec *, apr_pool_t *, const char *, const char *);
+ void         ssl_init_Child(apr_pool_t *, server_rec *);
diff --git a/httpd.spec b/httpd.spec
index c448ddc..4bd92e8 100644
--- a/httpd.spec
+++ b/httpd.spec
@@ -15,7 +15,7 @@
 Summary: Apache HTTP Server
 Name: httpd
 Version: 2.4.7
-Release: 1%{?dist}
+Release: 2%{?dist}
 URL: http://httpd.apache.org/
 Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
 Source1: index.html
@@ -85,6 +85,7 @@ Requires(pre): /usr/sbin/useradd
 Requires(preun): systemd-units
 Requires(postun): systemd-units
 Requires(post): systemd-units
+Conflicts: apr < 1.5.0-1
 
 %description
 The Apache HTTP Server is a powerful, efficient, and extensible
@@ -190,7 +191,7 @@ interface for storing and accessing per-user session data.
 %patch31 -p1 -b .sslmultiproxy
 %patch32 -p1 -b .r1537535
 
-%patch51 -p1 -b .sninotreq
+%patch51 -p1 -b .sslsninotreq
 %patch55 -p1 -b .malformedhost
 %patch56 -p1 -b .uniqueid
 %patch58 -p1 -b .r1534321
@@ -620,6 +621,10 @@ rm -rf $RPM_BUILD_ROOT
 %{_sysconfdir}/rpm/macros.httpd
 
 %changelog
+* Thu Dec 12 2013 Joe Orton <jorton at redhat.com> - 2.4.7-2
+- conflict with pre-1.5.0 APR
+- fix sslsninotreq patch
+
 * Wed Nov 27 2013 Joe Orton <jorton at redhat.com> - 2.4.7-1
 - update to 2.4.7 (#1034071)