mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-04 02:31:27 +00:00
Code Issues Projects Releases Wiki Activity

apache2: update to 2.4.7

Browse Source 
* LIC_FILES_CHKSUM changed because of the introduction of an extra blank
  line in the LICENSE file (!)
* Refreshed TLS Next Protocol Negotiation support patch for conflict
  with 2.4.7. Thanks to Hongxu Jia for doing this work.

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
This commit is contained in:
Paul Eggleton
2014-01-12 16:52:45 +00:00
parent 279ebafb9d
commit 50f28a183f
11 changed files with 77 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-webserver/recipes-httpd/apache2/apache2-native_2.4.6.bb → meta-webserver/recipes-httpd/apache2/apache2-native_2.4.7.bb
+3 -3
View File
@@ -12,9 +12,9 @@ SRC_URI = "http://www.apache.org/dist/httpd/httpd-${PV}.tar.bz2"
S = "${WORKDIR}/httpd-${PV}" S = "${WORKDIR}/httpd-${PV}"
LIC_FILES_CHKSUM = "file://LICENSE;md5=eff226ae95d0516d6210ed77dfdf2dcc" LIC_FILES_CHKSUM = "file://LICENSE;md5=dbff5a2b542fa58854455bf1a0b94b83"
SRC_URI[md5sum] = "ea5e361ca37b8d7853404419dd502efe" SRC_URI[md5sum] = "170d7fb6fe5f28b87d1878020a9ab94e"
SRC_URI[sha256sum] = "dc9f3625ebc08bea55eeb0d16e71fba656f252e6cd0aa244ee7806dc3b022fea" SRC_URI[sha256sum] = "64368d8301836815ae237f2b62d909711c896c1bd34573771e0ee5ad808ce71b"
do_configure () { do_configure () {
./configure --with-apr=${STAGING_BINDIR_CROSS}/apr-1-config \ ./configure --with-apr=${STAGING_BINDIR_CROSS}/apr-1-config \
meta-webserver/recipes-httpd/apache2/apache2-2.4.6/apache-configure_perlbin.patch → meta-webserver/recipes-httpd/apache2/apache2/apache-configure_perlbin.patch
View File
meta-webserver/recipes-httpd/apache2/apache2-2.4.6/apache-ssl-ltmain-rpath.patch → meta-webserver/recipes-httpd/apache2/apache2/apache-ssl-ltmain-rpath.patch
View File
meta-webserver/recipes-httpd/apache2/apache2-2.4.6/fix-libtool-name.patch → meta-webserver/recipes-httpd/apache2/apache2/fix-libtool-name.patch
View File
meta-webserver/recipes-httpd/apache2/apache2-2.4.6/httpd-2.4.1-corelimit.patch → meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.1-corelimit.patch
View File
meta-webserver/recipes-httpd/apache2/apache2-2.4.6/httpd-2.4.1-selinux.patch → meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.1-selinux.patch
View File
meta-webserver/recipes-httpd/apache2/apache2-2.4.6/httpd-2.4.4-export.patch → meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.4-export.patch
View File
meta-webserver/recipes-httpd/apache2/apache2-2.4.6/httpd-2.4.4-r1332643.patch → meta-webserver/recipes-httpd/apache2/apache2/npn-patch-2.4.7.patch
+70 -41
View File
@@ -9,7 +9,7 @@ Add support for TLS Next Protocol Negotiation:
* modules/ssl/ssl_engine_io.c (ssl_io_filter_input): Invoke * modules/ssl/ssl_engine_io.c (ssl_io_filter_input): Invoke
next-protocol discovery hook. next-protocol discovery hook.
* modules/ssl/ssl_engine_kernel.c (ssl_callback_AdvertiseNextProtos): * modules/ssl/ssl_engine_kernel.c (ssl_callback_AdvertiseNextProtos):
New callback. New callback.
* modules/ssl/ssl_private.h: Add prototype. * modules/ssl/ssl_private.h: Add prototype.
@@ -17,37 +17,36 @@ Add support for TLS Next Protocol Negotiation:
Submitted by: Matthew Steele <mdsteele google.com> Submitted by: Matthew Steele <mdsteele google.com>
with slight tweaks by jorton with slight tweaks by jorton
https://bugzilla.redhat.com//show_bug.cgi?id=809599
http://svn.apache.org/viewvc?view=revision&revision=1332643 http://svn.apache.org/viewvc?view=revision&revision=1332643
https://bugzilla.redhat.com//show_bug.cgi?id=809599
Upstream-Status: Backport Upstream-Status: Backport
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
CHANGES | 2 +
modules/ssl/mod_ssl.c | 12 ++++++
modules/ssl/mod_ssl.h | 21 +++++++++++
modules/ssl/ssl_engine_init.c | 5 +++
modules/ssl/ssl_engine_io.c | 24 ++++++++++++
modules/ssl/ssl_engine_kernel.c | 82 +++++++++++++++++++++++++++++++++++++++++
modules/ssl/ssl_private.h | 6 +++
7 files changed, 152 insertions(+)
--- httpd-2.4.4/modules/ssl/ssl_private.h diff --git a/CHANGES b/CHANGES
+++ httpd-2.4.4/modules/ssl/ssl_private.h --- a/CHANGES
@@ -139,6 +139,11 @@ +++ b/CHANGES
#define HAVE_FIPS @@ -1,6 +1,8 @@
#endif -*- coding: utf-8 -*-
+#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG) \ Changes with Apache 2.4.7
+ && !defined(OPENSSL_NO_TLSEXT) + *) mod_ssl: Add support for TLS Next Protocol Negotiation. PR 52210.
+#define HAVE_TLS_NPN + [Matthew Steele <mdsteele google.com>]
+#endif
+
#if (OPENSSL_VERSION_NUMBER >= 0x10000000)
#define MODSSL_SSL_CIPHER_CONST const
#define MODSSL_SSL_METHOD_CONST const
@@ -840,6 +845,7 @@ int ssl_callback_ServerNameIndication(SSL *, int *, modssl_ctx_t *);
int ssl_callback_SessionTicket(SSL *, unsigned char *, unsigned char *,
EVP_CIPHER_CTX *, HMAC_CTX *, int);
#endif
+int ssl_callback_AdvertiseNextProtos(SSL *ssl, const unsigned char **data, unsigned int *len, void *arg);
/** Session Cache Support */ *) APR 1.5.0 or later is now required for the event MPM.
void ssl_scache_init(server_rec *, apr_pool_t *);
--- httpd-2.4.4/modules/ssl/mod_ssl.c diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c
+++ httpd-2.4.4/modules/ssl/mod_ssl.c --- a/modules/ssl/mod_ssl.c
@@ -272,6 +272,18 @@ static const command_rec ssl_config_cmds[] = { +++ b/modules/ssl/mod_ssl.c
@@ -275,6 +275,18 @@ static const command_rec ssl_config_cmds[] = {
AP_END_CMD AP_END_CMD
}; };
@@ -66,8 +65,9 @@ Upstream-Status: Backport
/* /*
* the various processing hooks * the various processing hooks
*/ */
--- httpd-2.4.4/modules/ssl/mod_ssl.h diff --git a/modules/ssl/mod_ssl.h b/modules/ssl/mod_ssl.h
+++ httpd-2.4.4/modules/ssl/mod_ssl.h --- a/modules/ssl/mod_ssl.h
+++ b/modules/ssl/mod_ssl.h
@@ -63,5 +63,26 @@ APR_DECLARE_OPTIONAL_FN(int, ssl_proxy_enable, (conn_rec *)); @@ -63,5 +63,26 @@ APR_DECLARE_OPTIONAL_FN(int, ssl_proxy_enable, (conn_rec *));
APR_DECLARE_OPTIONAL_FN(int, ssl_engine_disable, (conn_rec *)); APR_DECLARE_OPTIONAL_FN(int, ssl_engine_disable, (conn_rec *));
@@ -95,10 +95,11 @@ Upstream-Status: Backport
+ +
#endif /* __MOD_SSL_H__ */ #endif /* __MOD_SSL_H__ */
/** @} */ /** @} */
--- httpd-2.4.4/modules/ssl/ssl_engine_init.c diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
+++ httpd-2.4.4/modules/ssl/ssl_engine_init.c --- a/modules/ssl/ssl_engine_init.c
@@ -725,6 +725,11 @@ static void ssl_init_ctx_callbacks(server_rec *s, +++ b/modules/ssl/ssl_engine_init.c
#endif @@ -546,6 +546,11 @@ static void ssl_init_ctx_callbacks(server_rec *s,
SSL_CTX_set_tmp_dh_callback(ctx, ssl_callback_TmpDH);
SSL_CTX_set_info_callback(ctx, ssl_callback_Info); SSL_CTX_set_info_callback(ctx, ssl_callback_Info);
+ +
@@ -109,8 +110,9 @@ Upstream-Status: Backport
} }
static void ssl_init_ctx_verify(server_rec *s, static void ssl_init_ctx_verify(server_rec *s,
--- httpd-2.4.4/modules/ssl/ssl_engine_io.c diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c
+++ httpd-2.4.4/modules/ssl/ssl_engine_io.c --- a/modules/ssl/ssl_engine_io.c
+++ b/modules/ssl/ssl_engine_io.c
@@ -28,6 +28,7 @@ @@ -28,6 +28,7 @@
core keeps dumping.'' core keeps dumping.''
-- Unknown */ -- Unknown */
@@ -127,7 +129,7 @@ Upstream-Status: Backport
} bio_filter_in_ctx_t; } bio_filter_in_ctx_t;
/* /*
@@ -1385,6 +1387,27 @@ static apr_status_t ssl_io_filter_input(ap_filter_t *f, @@ -1412,6 +1414,27 @@ static apr_status_t ssl_io_filter_input(ap_filter_t *f,
APR_BRIGADE_INSERT_TAIL(bb, bucket); APR_BRIGADE_INSERT_TAIL(bb, bucket);
} }
@@ -155,7 +157,7 @@ Upstream-Status: Backport
return APR_SUCCESS; return APR_SUCCESS;
} }
@@ -1866,6 +1889,7 @@ static void ssl_io_input_add_filter(ssl_filter_ctx_t *filter_ctx, conn_rec *c, @@ -1893,6 +1916,7 @@ static void ssl_io_input_add_filter(ssl_filter_ctx_t *filter_ctx, conn_rec *c,
inctx->block = APR_BLOCK_READ; inctx->block = APR_BLOCK_READ;
inctx->pool = c->pool; inctx->pool = c->pool;
inctx->filter_ctx = filter_ctx; inctx->filter_ctx = filter_ctx;
@@ -163,8 +165,9 @@ Upstream-Status: Backport
} }
/* The request_rec pointer is passed in here only to ensure that the /* The request_rec pointer is passed in here only to ensure that the
--- httpd-2.4.4/modules/ssl/ssl_engine_kernel.c diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
+++ httpd-2.4.4/modules/ssl/ssl_engine_kernel.c --- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -29,6 +29,7 @@ @@ -29,6 +29,7 @@
time I was too famous.'' time I was too famous.''
-- Unknown */ -- Unknown */
@@ -173,10 +176,10 @@ Upstream-Status: Backport
#include "util_md5.h" #include "util_md5.h"
static void ssl_configure_env(request_rec *r, SSLConnRec *sslconn); static void ssl_configure_env(request_rec *r, SSLConnRec *sslconn);
@@ -2186,3 +2187,84 @@ int ssl_callback_SRPServerParams(SSL *ssl, int *ad, void *arg) @@ -2139,3 +2140,84 @@ int ssl_callback_SRPServerParams(SSL *ssl, int *ad, void *arg)
} }
#endif /* OPENSSL_NO_SRP */ #endif /* HAVE_SRP */
+ +
+#ifdef HAVE_TLS_NPN +#ifdef HAVE_TLS_NPN
+/* +/*
@@ -257,4 +260,30 @@ Upstream-Status: Backport
+ *size_out = size; + *size_out = size;
+ return SSL_TLSEXT_ERR_OK; + return SSL_TLSEXT_ERR_OK;
+} +}
+#endif /* HAVE_TLS_NPN */
diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h
--- a/modules/ssl/ssl_private.h
+++ b/modules/ssl/ssl_private.h
@@ -123,6 +123,11 @@
#define MODSSL_SSL_METHOD_CONST
#endif
+#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG) \
+ && !defined(OPENSSL_NO_TLSEXT)
+#define HAVE_TLS_NPN
+#endif +#endif
+
#if defined(OPENSSL_FIPS)
#define HAVE_FIPS
#endif
@@ -800,6 +805,7 @@ int ssl_callback_ServerNameIndication(SSL *, int *, modssl_ctx_t *);
int ssl_callback_SessionTicket(SSL *, unsigned char *, unsigned char *,
EVP_CIPHER_CTX *, HMAC_CTX *, int);
#endif
+int ssl_callback_AdvertiseNextProtos(SSL *ssl, const unsigned char **data, unsigned int *len, void *arg);
/** Session Cache Support */
void ssl_scache_init(server_rec *, apr_pool_t *);
--
1.8.1.2
meta-webserver/recipes-httpd/apache2/apache2-2.4.6/replace-lynx-to-curl-in-apachectl-script.patch → meta-webserver/recipes-httpd/apache2/apache2/replace-lynx-to-curl-in-apachectl-script.patch
View File
meta-webserver/recipes-httpd/apache2/apache2-2.4.6/server-makefile.patch → meta-webserver/recipes-httpd/apache2/apache2/server-makefile.patch
View File
meta-webserver/recipes-httpd/apache2/apache2_2.4.6.bb → meta-webserver/recipes-httpd/apache2/apache2_2.4.7.bb
+4 -4
View File
@@ -11,17 +11,17 @@ SRC_URI = "http://www.apache.org/dist/httpd/httpd-${PV}.tar.bz2 \
file://httpd-2.4.1-corelimit.patch \ file://httpd-2.4.1-corelimit.patch \
file://httpd-2.4.4-export.patch \ file://httpd-2.4.4-export.patch \
file://httpd-2.4.1-selinux.patch \ file://httpd-2.4.1-selinux.patch \
file://httpd-2.4.4-r1332643.patch \
file://apache-configure_perlbin.patch \ file://apache-configure_perlbin.patch \
file://replace-lynx-to-curl-in-apachectl-script.patch \ file://replace-lynx-to-curl-in-apachectl-script.patch \
file://apache-ssl-ltmain-rpath.patch \ file://apache-ssl-ltmain-rpath.patch \
file://httpd-2.4.3-fix-race-issue-of-dir-install.patch \ file://httpd-2.4.3-fix-race-issue-of-dir-install.patch \
file://npn-patch-2.4.7.patch \
file://init \ file://init \
file://apache2-volatile.conf" file://apache2-volatile.conf"
LIC_FILES_CHKSUM = "file://LICENSE;md5=eff226ae95d0516d6210ed77dfdf2dcc" LIC_FILES_CHKSUM = "file://LICENSE;md5=dbff5a2b542fa58854455bf1a0b94b83"
SRC_URI[md5sum] = "ea5e361ca37b8d7853404419dd502efe" SRC_URI[md5sum] = "170d7fb6fe5f28b87d1878020a9ab94e"
SRC_URI[sha256sum] = "dc9f3625ebc08bea55eeb0d16e71fba656f252e6cd0aa244ee7806dc3b022fea" SRC_URI[sha256sum] = "64368d8301836815ae237f2b62d909711c896c1bd34573771e0ee5ad808ce71b"
S = "${WORKDIR}/httpd-${PV}" S = "${WORKDIR}/httpd-${PV}"