[Pkg-apache-commits] r1304 - in /trunk/apache2: changelog patches/00list patches/083_openssl_no_sslv2.dpatch patches/084_libcrypt_linkage.dpatch

sf at alioth.debian.org sf at alioth.debian.org
Mon Apr 25 19:02:44 UTC 2011 

Author: sf
Date: Mon Apr 25 19:02:42 2011
New Revision: 1304

URL: http://svn.debian.org/wsvn/pkg-apache/?sc=1&rev=1304
Log:
commit 2.2.17-3 changes:

* Fix compilation with OpenSSL without SSLv2 support. Closes: #622049
* Fix link errors with -no-add-needed/--no-copy-dt-needed-entries in
  htpasswd/htdbm.


Added:
    trunk/apache2/patches/083_openssl_no_sslv2.dpatch
    trunk/apache2/patches/084_libcrypt_linkage.dpatch   (with props)
Modified:
    trunk/apache2/changelog
    trunk/apache2/patches/00list

Modified: trunk/apache2/changelog
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/changelog?rev=1304&op=diff
==============================================================================
--- trunk/apache2/changelog (original)
+++ trunk/apache2/changelog Mon Apr 25 19:02:42 2011
@@ -1,3 +1,11 @@
+apache2 (2.2.17-3) unstable; urgency=low
+
+  * Fix compilation with OpenSSL without SSLv2 support. Closes: #622049
+  * Fix link errors with -no-add-needed/--no-copy-dt-needed-entries in
+    htpasswd/htdbm.
+
+ -- Stefan Fritsch <sf at debian.org>  Sun, 10 Apr 2011 20:43:55 +0200
+
 apache2 (2.2.17-2) unstable; urgency=high
 
   * New mpm_itk upstream version 2.2.17-01:

Modified: trunk/apache2/patches/00list
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/patches/00list?rev=1304&op=diff
==============================================================================
--- trunk/apache2/patches/00list (original)
+++ trunk/apache2/patches/00list Mon Apr 25 19:02:42 2011
@@ -23,6 +23,8 @@
 077_CacheIgnoreURLSessionIdentifiers.dpatch
 079_polish_translation.dpatch
 082_ab_num_requests
+083_openssl_no_sslv2.dpatch
+084_libcrypt_linkage.dpatch
 099_config_guess_sub_update
 200_cp_suexec.dpatch
 201_build_suexec-custom.dpatch

Added: trunk/apache2/patches/083_openssl_no_sslv2.dpatch
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/patches/083_openssl_no_sslv2.dpatch?rev=1304&op=file
==============================================================================
--- trunk/apache2/patches/083_openssl_no_sslv2.dpatch (added)
+++ trunk/apache2/patches/083_openssl_no_sslv2.dpatch Mon Apr 25 19:02:42 2011
@@ -1,0 +1,83 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+ at DPATCH@
+diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c
+index d800bb6..8d3b99d 100644
+--- a/modules/ssl/ssl_engine_config.c
++++ b/modules/ssl/ssl_engine_config.c
+@@ -1273,6 +1273,11 @@ static const char *ssl_cmd_protocol_parse(cmd_parms *parms,
+         }
+ 
+         if (strcEQ(w, "SSLv2")) {
++#ifdef OPENSSL_NO_SSL2
++            if (action != '-') {
++                return "SSLv2 not supported by this version of OpenSSL";
++            }
++#endif
+             thisopt = SSL_PROTOCOL_SSLV2;
+         }
+         else if (strcEQ(w, "SSLv3")) {
+diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
+index e97a105..3453541 100644
+--- a/modules/ssl/ssl_engine_init.c
++++ b/modules/ssl/ssl_engine_init.c
+@@ -465,13 +465,16 @@ static void ssl_init_ctx_protocol(server_rec *s,
+     ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
+                  "Creating new SSL context (protocols: %s)", cp);
+ 
++#ifndef OPENSSL_NO_SSL2
+     if (protocol == SSL_PROTOCOL_SSLV2) {
+         method = mctx->pkp ?
+             SSLv2_client_method() : /* proxy */
+             SSLv2_server_method();  /* server */
+         ctx = SSL_CTX_new(method);  /* only SSLv2 is left */
+     }
+-    else {
++    else
++#endif
++    {
+         method = mctx->pkp ?
+             SSLv23_client_method() : /* proxy */
+             SSLv23_server_method();  /* server */
+diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h
+index af6d0f7..15deb8f 100644
+--- a/modules/ssl/ssl_private.h
++++ b/modules/ssl/ssl_private.h
+@@ -218,7 +218,11 @@ typedef int ssl_opt_t;
+ #define SSL_PROTOCOL_SSLV2 (1<<0)
+ #define SSL_PROTOCOL_SSLV3 (1<<1)
+ #define SSL_PROTOCOL_TLSV1 (1<<2)
++#ifndef OPENSSL_NO_SSL2
+ #define SSL_PROTOCOL_ALL   (SSL_PROTOCOL_SSLV2|SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1)
++#else
++#define SSL_PROTOCOL_ALL   (SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1)
++#endif
+ typedef int ssl_proto_t;
+ 
+ /**
+diff --git a/support/ab.c b/support/ab.c
+index ce8b209..3744864 100644
+--- a/support/ab.c
++++ b/support/ab.c
+@@ -1876,7 +1876,11 @@ static void usage(const char *progname)
+     fprintf(stderr, "    -h              Display usage information (this message)\n");
+ #ifdef USE_SSL
+     fprintf(stderr, "    -Z ciphersuite  Specify SSL/TLS cipher suite (See openssl ciphers)\n");
++#ifndef OPENSSL_NO_SSL2
+     fprintf(stderr, "    -f protocol     Specify SSL/TLS protocol (SSL2, SSL3, TLS1, or ALL)\n");
++#else
++    fprintf(stderr, "    -f protocol     Specify SSL/TLS protocol (SSL3, TLS1, or ALL)\n");
++#endif
+ #endif
+     exit(EINVAL);
+ }
+@@ -2209,8 +2213,10 @@ int main(int argc, const char * const argv[])
+             case 'f':
+                 if (strncasecmp(optarg, "ALL", 3) == 0) {
+                     meth = SSLv23_client_method();
++#ifndef OPENSSL_NO_SSL2
+                 } else if (strncasecmp(optarg, "SSL2", 4) == 0) {
+                     meth = SSLv2_client_method();
++#endif
+                 } else if (strncasecmp(optarg, "SSL3", 4) == 0) {
+                     meth = SSLv3_client_method();
+                 } else if (strncasecmp(optarg, "TLS1", 4) == 0) {

Added: trunk/apache2/patches/084_libcrypt_linkage.dpatch
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/patches/084_libcrypt_linkage.dpatch?rev=1304&op=file
==============================================================================
--- trunk/apache2/patches/084_libcrypt_linkage.dpatch (added)
+++ trunk/apache2/patches/084_libcrypt_linkage.dpatch Mon Apr 25 19:02:42 2011
@@ -1,0 +1,128 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 084_libcrypt_linkage.dpatch by Stefan Fritsch <sf at debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1071426
+
+ at DPATCH@
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' httpd-2.2.17~/configure httpd-2.2.17/configure
+--- httpd-2.2.17~/configure	2011-04-10 20:29:33.000000000 +0200
++++ httpd-2.2.17/configure	2011-04-10 20:37:13.641570637 +0200
+@@ -806,6 +806,7 @@
+ MOD_AUTHN_FILE_LDADD
+ PILDFLAGS
+ PICFLAGS
++CRYPT_LIBS
+ MKDEP
+ EGREP
+ GREP
+@@ -7676,6 +7677,71 @@
+ 
+ 
+ 
++saved_LIBS="$LIBS"
++LIBS=""
++{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing crypt" >&5
++$as_echo_n "checking for library containing crypt... " >&6; }
++if ${ac_cv_search_crypt+:} false; then :
++  $as_echo_n "(cached) " >&6
++else
++  ac_func_search_save_LIBS=$LIBS
++cat confdefs.h - <<_ACEOF >conftest.$ac_ext
++/* end confdefs.h.  */
++
++/* Override any GCC internal prototype to avoid an error.
++   Use char because int might match the return type of a GCC
++   builtin and then its argument prototype would still apply.  */
++#ifdef __cplusplus
++extern "C"
++#endif
++char crypt ();
++int
++main ()
++{
++return crypt ();
++  ;
++  return 0;
++}
++_ACEOF
++for ac_lib in '' crypt; do
++  if test -z "$ac_lib"; then
++    ac_res="none required"
++  else
++    ac_res=-l$ac_lib
++    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
++  fi
++  if ac_fn_c_try_link "$LINENO"; then :
++  ac_cv_search_crypt=$ac_res
++fi
++rm -f core conftest.err conftest.$ac_objext \
++    conftest$ac_exeext
++  if ${ac_cv_search_crypt+:} false; then :
++  break
++fi
++done
++if ${ac_cv_search_crypt+:} false; then :
++
++else
++  ac_cv_search_crypt=no
++fi
++rm conftest.$ac_ext
++LIBS=$ac_func_search_save_LIBS
++fi
++{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_crypt" >&5
++$as_echo "$ac_cv_search_crypt" >&6; }
++ac_res=$ac_cv_search_crypt
++if test "$ac_res" != no; then :
++  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
++
++fi
++
++CRYPT_LIBS="$LIBS"
++
++  APACHE_VAR_SUBST="$APACHE_VAR_SUBST CRYPT_LIBS"
++
++
++LIBS="$saved_LIBS"
++
+ 
+ 
+ 
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' httpd-2.2.17~/configure.in httpd-2.2.17/configure.in
+--- httpd-2.2.17~/configure.in	2011-04-10 20:29:33.000000000 +0200
++++ httpd-2.2.17/configure.in	2011-04-10 20:34:12.181570692 +0200
+@@ -397,6 +397,13 @@
+ dnl ## Check for library functions
+ AC_SEARCH_LIBS(sqrt, m)
+ 
++saved_LIBS="$LIBS"
++LIBS=""
++AC_SEARCH_LIBS(crypt, crypt)
++CRYPT_LIBS="$LIBS"
++APACHE_SUBST(CRYPT_LIBS)
++LIBS="$saved_LIBS"
++
+ dnl See Comment #Spoon
+ 
+ AC_CHECK_FUNCS( \
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' httpd-2.2.17~/support/Makefile.in httpd-2.2.17/support/Makefile.in
+--- httpd-2.2.17~/support/Makefile.in	2011-04-10 20:29:33.000000000 +0200
++++ httpd-2.2.17/support/Makefile.in	2011-04-10 20:34:12.181570692 +0200
+@@ -31,7 +31,7 @@
+ 
+ htpasswd_OBJECTS = htpasswd.lo
+ htpasswd: $(htpasswd_OBJECTS)
+-	$(LINK) $(htpasswd_LTFLAGS) $(htpasswd_OBJECTS) $(PROGRAM_LDADD)
++	$(LINK) $(htpasswd_LTFLAGS) $(htpasswd_OBJECTS) $(PROGRAM_LDADD) $(CRYPT_LIBS)
+ 
+ htdigest_OBJECTS = htdigest.lo
+ htdigest: $(htdigest_OBJECTS)
+@@ -47,7 +47,7 @@
+ 
+ htdbm_OBJECTS = htdbm.lo
+ htdbm: $(htdbm_OBJECTS)
+-	$(LINK) $(htdbm_LTFLAGS) $(htdbm_OBJECTS) $(PROGRAM_LDADD)
++	$(LINK) $(htdbm_LTFLAGS) $(htdbm_OBJECTS) $(PROGRAM_LDADD) $(CRYPT_LIBS)
+ 
+ ab_OBJECTS = ab.lo
+ ab_LDADD = $(PROGRAM_LDADD) $(SSL_LIBS)

Propchange: trunk/apache2/patches/084_libcrypt_linkage.dpatch
------------------------------------------------------------------------------
    svn:executable = *

More information about the Pkg-apache-commits mailing list