[Pkg-apache-commits] r1304 - in /trunk/apache2: changelog patches/00list patches/083_openssl_no_sslv2.dpatch patches/084_libcrypt_linkage.dpatch
sf at alioth.debian.org
sf at alioth.debian.org
Mon Apr 25 19:02:44 UTC 2011
Author: sf
Date: Mon Apr 25 19:02:42 2011
New Revision: 1304
URL: http://svn.debian.org/wsvn/pkg-apache/?sc=1&rev=1304
Log:
commit 2.2.17-3 changes:
* Fix compilation with OpenSSL without SSLv2 support. Closes: #622049
* Fix link errors with -no-add-needed/--no-copy-dt-needed-entries in
htpasswd/htdbm.
Added:
trunk/apache2/patches/083_openssl_no_sslv2.dpatch
trunk/apache2/patches/084_libcrypt_linkage.dpatch (with props)
Modified:
trunk/apache2/changelog
trunk/apache2/patches/00list
Modified: trunk/apache2/changelog
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/changelog?rev=1304&op=diff
==============================================================================
--- trunk/apache2/changelog (original)
+++ trunk/apache2/changelog Mon Apr 25 19:02:42 2011
@@ -1,3 +1,11 @@
+apache2 (2.2.17-3) unstable; urgency=low
+
+ * Fix compilation with OpenSSL without SSLv2 support. Closes: #622049
+ * Fix link errors with -no-add-needed/--no-copy-dt-needed-entries in
+ htpasswd/htdbm.
+
+ -- Stefan Fritsch <sf at debian.org> Sun, 10 Apr 2011 20:43:55 +0200
+
apache2 (2.2.17-2) unstable; urgency=high
* New mpm_itk upstream version 2.2.17-01:
Modified: trunk/apache2/patches/00list
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/patches/00list?rev=1304&op=diff
==============================================================================
--- trunk/apache2/patches/00list (original)
+++ trunk/apache2/patches/00list Mon Apr 25 19:02:42 2011
@@ -23,6 +23,8 @@
077_CacheIgnoreURLSessionIdentifiers.dpatch
079_polish_translation.dpatch
082_ab_num_requests
+083_openssl_no_sslv2.dpatch
+084_libcrypt_linkage.dpatch
099_config_guess_sub_update
200_cp_suexec.dpatch
201_build_suexec-custom.dpatch
Added: trunk/apache2/patches/083_openssl_no_sslv2.dpatch
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/patches/083_openssl_no_sslv2.dpatch?rev=1304&op=file
==============================================================================
--- trunk/apache2/patches/083_openssl_no_sslv2.dpatch (added)
+++ trunk/apache2/patches/083_openssl_no_sslv2.dpatch Mon Apr 25 19:02:42 2011
@@ -1,0 +1,83 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+ at DPATCH@
+diff --git a/modules/ssl/ssl_engine_config.c b/modules/ssl/ssl_engine_config.c
+index d800bb6..8d3b99d 100644
+--- a/modules/ssl/ssl_engine_config.c
++++ b/modules/ssl/ssl_engine_config.c
+@@ -1273,6 +1273,11 @@ static const char *ssl_cmd_protocol_parse(cmd_parms *parms,
+ }
+
+ if (strcEQ(w, "SSLv2")) {
++#ifdef OPENSSL_NO_SSL2
++ if (action != '-') {
++ return "SSLv2 not supported by this version of OpenSSL";
++ }
++#endif
+ thisopt = SSL_PROTOCOL_SSLV2;
+ }
+ else if (strcEQ(w, "SSLv3")) {
+diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
+index e97a105..3453541 100644
+--- a/modules/ssl/ssl_engine_init.c
++++ b/modules/ssl/ssl_engine_init.c
+@@ -465,13 +465,16 @@ static void ssl_init_ctx_protocol(server_rec *s,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
+ "Creating new SSL context (protocols: %s)", cp);
+
++#ifndef OPENSSL_NO_SSL2
+ if (protocol == SSL_PROTOCOL_SSLV2) {
+ method = mctx->pkp ?
+ SSLv2_client_method() : /* proxy */
+ SSLv2_server_method(); /* server */
+ ctx = SSL_CTX_new(method); /* only SSLv2 is left */
+ }
+- else {
++ else
++#endif
++ {
+ method = mctx->pkp ?
+ SSLv23_client_method() : /* proxy */
+ SSLv23_server_method(); /* server */
+diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h
+index af6d0f7..15deb8f 100644
+--- a/modules/ssl/ssl_private.h
++++ b/modules/ssl/ssl_private.h
+@@ -218,7 +218,11 @@ typedef int ssl_opt_t;
+ #define SSL_PROTOCOL_SSLV2 (1<<0)
+ #define SSL_PROTOCOL_SSLV3 (1<<1)
+ #define SSL_PROTOCOL_TLSV1 (1<<2)
++#ifndef OPENSSL_NO_SSL2
+ #define SSL_PROTOCOL_ALL (SSL_PROTOCOL_SSLV2|SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1)
++#else
++#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1)
++#endif
+ typedef int ssl_proto_t;
+
+ /**
+diff --git a/support/ab.c b/support/ab.c
+index ce8b209..3744864 100644
+--- a/support/ab.c
++++ b/support/ab.c
+@@ -1876,7 +1876,11 @@ static void usage(const char *progname)
+ fprintf(stderr, " -h Display usage information (this message)\n");
+ #ifdef USE_SSL
+ fprintf(stderr, " -Z ciphersuite Specify SSL/TLS cipher suite (See openssl ciphers)\n");
++#ifndef OPENSSL_NO_SSL2
+ fprintf(stderr, " -f protocol Specify SSL/TLS protocol (SSL2, SSL3, TLS1, or ALL)\n");
++#else
++ fprintf(stderr, " -f protocol Specify SSL/TLS protocol (SSL3, TLS1, or ALL)\n");
++#endif
+ #endif
+ exit(EINVAL);
+ }
+@@ -2209,8 +2213,10 @@ int main(int argc, const char * const argv[])
+ case 'f':
+ if (strncasecmp(optarg, "ALL", 3) == 0) {
+ meth = SSLv23_client_method();
++#ifndef OPENSSL_NO_SSL2
+ } else if (strncasecmp(optarg, "SSL2", 4) == 0) {
+ meth = SSLv2_client_method();
++#endif
+ } else if (strncasecmp(optarg, "SSL3", 4) == 0) {
+ meth = SSLv3_client_method();
+ } else if (strncasecmp(optarg, "TLS1", 4) == 0) {
Added: trunk/apache2/patches/084_libcrypt_linkage.dpatch
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/patches/084_libcrypt_linkage.dpatch?rev=1304&op=file
==============================================================================
--- trunk/apache2/patches/084_libcrypt_linkage.dpatch (added)
+++ trunk/apache2/patches/084_libcrypt_linkage.dpatch Mon Apr 25 19:02:42 2011
@@ -1,0 +1,128 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 084_libcrypt_linkage.dpatch by Stefan Fritsch <sf at debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1071426
+
+ at DPATCH@
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' httpd-2.2.17~/configure httpd-2.2.17/configure
+--- httpd-2.2.17~/configure 2011-04-10 20:29:33.000000000 +0200
++++ httpd-2.2.17/configure 2011-04-10 20:37:13.641570637 +0200
+@@ -806,6 +806,7 @@
+ MOD_AUTHN_FILE_LDADD
+ PILDFLAGS
+ PICFLAGS
++CRYPT_LIBS
+ MKDEP
+ EGREP
+ GREP
+@@ -7676,6 +7677,71 @@
+
+
+
++saved_LIBS="$LIBS"
++LIBS=""
++{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing crypt" >&5
++$as_echo_n "checking for library containing crypt... " >&6; }
++if ${ac_cv_search_crypt+:} false; then :
++ $as_echo_n "(cached) " >&6
++else
++ ac_func_search_save_LIBS=$LIBS
++cat confdefs.h - <<_ACEOF >conftest.$ac_ext
++/* end confdefs.h. */
++
++/* Override any GCC internal prototype to avoid an error.
++ Use char because int might match the return type of a GCC
++ builtin and then its argument prototype would still apply. */
++#ifdef __cplusplus
++extern "C"
++#endif
++char crypt ();
++int
++main ()
++{
++return crypt ();
++ ;
++ return 0;
++}
++_ACEOF
++for ac_lib in '' crypt; do
++ if test -z "$ac_lib"; then
++ ac_res="none required"
++ else
++ ac_res=-l$ac_lib
++ LIBS="-l$ac_lib $ac_func_search_save_LIBS"
++ fi
++ if ac_fn_c_try_link "$LINENO"; then :
++ ac_cv_search_crypt=$ac_res
++fi
++rm -f core conftest.err conftest.$ac_objext \
++ conftest$ac_exeext
++ if ${ac_cv_search_crypt+:} false; then :
++ break
++fi
++done
++if ${ac_cv_search_crypt+:} false; then :
++
++else
++ ac_cv_search_crypt=no
++fi
++rm conftest.$ac_ext
++LIBS=$ac_func_search_save_LIBS
++fi
++{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_crypt" >&5
++$as_echo "$ac_cv_search_crypt" >&6; }
++ac_res=$ac_cv_search_crypt
++if test "$ac_res" != no; then :
++ test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
++
++fi
++
++CRYPT_LIBS="$LIBS"
++
++ APACHE_VAR_SUBST="$APACHE_VAR_SUBST CRYPT_LIBS"
++
++
++LIBS="$saved_LIBS"
++
+
+
+
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' httpd-2.2.17~/configure.in httpd-2.2.17/configure.in
+--- httpd-2.2.17~/configure.in 2011-04-10 20:29:33.000000000 +0200
++++ httpd-2.2.17/configure.in 2011-04-10 20:34:12.181570692 +0200
+@@ -397,6 +397,13 @@
+ dnl ## Check for library functions
+ AC_SEARCH_LIBS(sqrt, m)
+
++saved_LIBS="$LIBS"
++LIBS=""
++AC_SEARCH_LIBS(crypt, crypt)
++CRYPT_LIBS="$LIBS"
++APACHE_SUBST(CRYPT_LIBS)
++LIBS="$saved_LIBS"
++
+ dnl See Comment #Spoon
+
+ AC_CHECK_FUNCS( \
+diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' httpd-2.2.17~/support/Makefile.in httpd-2.2.17/support/Makefile.in
+--- httpd-2.2.17~/support/Makefile.in 2011-04-10 20:29:33.000000000 +0200
++++ httpd-2.2.17/support/Makefile.in 2011-04-10 20:34:12.181570692 +0200
+@@ -31,7 +31,7 @@
+
+ htpasswd_OBJECTS = htpasswd.lo
+ htpasswd: $(htpasswd_OBJECTS)
+- $(LINK) $(htpasswd_LTFLAGS) $(htpasswd_OBJECTS) $(PROGRAM_LDADD)
++ $(LINK) $(htpasswd_LTFLAGS) $(htpasswd_OBJECTS) $(PROGRAM_LDADD) $(CRYPT_LIBS)
+
+ htdigest_OBJECTS = htdigest.lo
+ htdigest: $(htdigest_OBJECTS)
+@@ -47,7 +47,7 @@
+
+ htdbm_OBJECTS = htdbm.lo
+ htdbm: $(htdbm_OBJECTS)
+- $(LINK) $(htdbm_LTFLAGS) $(htdbm_OBJECTS) $(PROGRAM_LDADD)
++ $(LINK) $(htdbm_LTFLAGS) $(htdbm_OBJECTS) $(PROGRAM_LDADD) $(CRYPT_LIBS)
+
+ ab_OBJECTS = ab.lo
+ ab_LDADD = $(PROGRAM_LDADD) $(SSL_LIBS)
Propchange: trunk/apache2/patches/084_libcrypt_linkage.dpatch
------------------------------------------------------------------------------
svn:executable = *
More information about the Pkg-apache-commits
mailing list