diff options
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | mod_nss-httpd24.patch | 135 | ||||
| -rw-r--r-- | mod_nss.spec | 12 |
3 files changed, 147 insertions, 2 deletions
@@ -1,4 +1,4 @@ SRCDIR := $(shell pwd) NAME := $(shell basename $(SRCDIR)) -include ../common/Makefile +include ../../common/Makefile diff --git a/mod_nss-httpd24.patch b/mod_nss-httpd24.patch new file mode 100644 index 0000000..4863140 --- /dev/null +++ b/mod_nss-httpd24.patch @@ -0,0 +1,135 @@ +diff -ru mod_nss/mod_nss.c mod_nss-1.0.8/mod_nss.c +--- mod_nss/mod_nss.c 2012-06-12 12:23:29.961000000 -0700 ++++ mod_nss-1.0.8/mod_nss.c 2012-06-12 12:00:35.957002099 -0700 +@@ -349,7 +349,7 @@ + ap_log_error(APLOG_MARK, APLOG_INFO, 0, c->base_server, + "Connection to child %ld established " + "(server %s, client %s)", c->id, sc->vhost_id, +- c->remote_ip ? c->remote_ip : "unknown"); ++ c->client_ip ? c->client_ip : "unknown"); + + mctx = sslconn->is_proxy ? sc->proxy : sc->server; + +diff -ru mod_nss/mod_nss.h mod_nss-1.0.8/mod_nss.h +--- mod_nss/mod_nss.h 2012-06-12 12:23:29.962000000 -0700 ++++ mod_nss-1.0.8/mod_nss.h 2012-06-12 12:00:35.955002240 -0700 +@@ -27,7 +27,6 @@ + #include "http_protocol.h" + #include "util_script.h" + #include "util_filter.h" +-#include "mpm.h" + #include "apr.h" + #include "apr_strings.h" + #define APR_WANT_STRFUNC +@@ -490,7 +489,7 @@ + SECStatus nss_Init_Tokens(server_rec *s); + + /* Logging */ +-void nss_log_nss_error(const char *file, int line, int level, server_rec *s); ++void nss_log_nss_error(const char *file, int line, int module_index, int level, server_rec *s); + void nss_die(void); + + /* NSS callback */ +diff -ru mod_nss/nss_engine_init.c mod_nss-1.0.8/nss_engine_init.c +--- mod_nss/nss_engine_init.c 2012-06-12 12:23:29.962000000 -0700 ++++ mod_nss-1.0.8/nss_engine_init.c 2012-06-12 12:00:35.955002240 -0700 +@@ -15,7 +15,7 @@ + + #include "mod_nss.h" + #include "apr_thread_proc.h" +-#include "ap_mpm.h" ++#include "mpm_common.h" + #include "secmod.h" + #include "sslerr.h" + #include "pk11func.h" +diff -ru mod_nss/nss_engine_io.c mod_nss-1.0.8/nss_engine_io.c +--- mod_nss/nss_engine_io.c 2012-06-12 12:23:29.963000000 -0700 ++++ mod_nss-1.0.8/nss_engine_io.c 2012-06-12 12:00:35.956002167 -0700 +@@ -621,13 +621,13 @@ + PR_Close(ssl); + + /* log the fact that we've closed the connection */ +- if (c->base_server->loglevel >= APLOG_INFO) { ++ if (c->base_server->log.level >= APLOG_INFO) { + ap_log_error(APLOG_MARK, APLOG_INFO, 0, c->base_server, + "Connection to child %ld closed " + "(server %s, client %s)", + c->id, + nss_util_vhostid(c->pool, c->base_server), +- c->remote_ip ? c->remote_ip : "unknown"); ++ c->client_ip ? c->client_ip : "unknown"); + } + + /* deallocate the SSL connection */ +@@ -1165,7 +1165,7 @@ + filter_ctx = (nss_filter_ctx_t *)(fd->secret); + c = filter_ctx->c; + +- return PR_StringToNetAddr(c->remote_ip, addr); ++ return PR_StringToNetAddr(c->client_ip, addr); + } + + /* +diff -ru mod_nss/nss_engine_kernel.c mod_nss-1.0.8/nss_engine_kernel.c +--- mod_nss/nss_engine_kernel.c 2012-06-12 12:23:29.963000000 -0700 ++++ mod_nss-1.0.8/nss_engine_kernel.c 2012-06-12 12:00:35.954002314 -0700 +@@ -73,7 +73,7 @@ + /* + * Log information about incoming HTTPS requests + */ +- if (r->server->loglevel >= APLOG_INFO && ap_is_initial_req(r)) { ++ if (r->server->log.level >= APLOG_INFO && ap_is_initial_req(r)) { + ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server, + "%s HTTPS request received for child %ld (server %s)", + (r->connection->keepalives <= 0 ? +@@ -530,7 +530,7 @@ + ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server, + "Access to %s denied for %s " + "(requirement expression not fulfilled)", +- r->filename, r->connection->remote_ip); ++ r->filename, r->connection->client_ip); + + ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server, + "Failed expression: %s", req->cpExpr); +diff -ru mod_nss/nss_engine_log.c mod_nss-1.0.8/nss_engine_log.c +--- mod_nss/nss_engine_log.c 2012-06-12 12:23:29.964000000 -0700 ++++ mod_nss-1.0.8/nss_engine_log.c 2012-06-12 12:00:35.955002240 -0700 +@@ -321,7 +321,7 @@ + exit(1); + } + +-void nss_log_nss_error(const char *file, int line, int level, server_rec *s) ++void nss_log_nss_error(const char *file, int line, int module_index, int level, server_rec *s) + { + const char *err; + PRInt32 error; +@@ -340,7 +340,7 @@ + err = "Unknown"; + } + +- ap_log_error(file, line, level, 0, s, ++ ap_log_error(file, line, module_index, level, 0, s, + "SSL Library Error: %d %s", + error, err); + } +diff -ru mod_nss/nss_engine_vars.c mod_nss-1.0.8/nss_engine_vars.c +--- mod_nss/nss_engine_vars.c 2012-06-12 12:23:29.965000000 -0700 ++++ mod_nss-1.0.8/nss_engine_vars.c 2012-06-12 12:00:35.948002812 -0700 +@@ -178,7 +178,7 @@ + && sslconn && sslconn->ssl) + result = nss_var_lookup_ssl(p, c, var+4); + else if (strcEQ(var, "REMOTE_ADDR")) +- result = c->remote_ip; ++ result = c->client_ip; + else if (strcEQ(var, "HTTPS")) { + if (sslconn && sslconn->ssl) + result = "on"; +@@ -194,7 +194,7 @@ + if (strlen(var) > 12 && strcEQn(var, "SSL_VERSION_", 12)) + result = nss_var_lookup_nss_version(p, var+12); + else if (strcEQ(var, "SERVER_SOFTWARE")) +- result = (char *)ap_get_server_version(); ++ result = (char *)ap_get_server_banner(); + else if (strcEQ(var, "API_VERSION")) { + result = apr_psprintf(p, "%d", MODULE_MAGIC_NUMBER); + resdup = FALSE; diff --git a/mod_nss.spec b/mod_nss.spec index 35ec708..83544a3 100644 --- a/mod_nss.spec +++ b/mod_nss.spec @@ -7,7 +7,7 @@ Name: mod_nss Version: 1.0.8 -Release: 16%{?dist} +Release: 17%{?dist} Summary: SSL/TLS module for the Apache HTTP server Group: System Environment/Daemons License: ASL 2.0 @@ -29,6 +29,7 @@ Patch5: mod_nss-reverseproxy.patch Patch6: mod_nss-pcachesignal.h Patch7: mod_nss-reseterror.patch Patch8: mod_nss-lockpcache.patch +Patch9: mod_nss-httpd24.patch %description The mod_nss module provides strong cryptography for the Apache Web @@ -46,6 +47,9 @@ security library. %patch6 -p1 -b .pcachesignal.h %patch7 -p1 -b .reseterror %patch8 -p1 -b .lockpcache +#if 0%{?fedora} >= 18 +%patch9 -p1 -b .httpd24 +#endif # Touch expression parser sources to prevent regenerating it touch nss_expr_*.[chyl] @@ -144,6 +148,12 @@ fi %{_sbindir}/gencert %changelog +* Wed Jun 12 2012 Remi Collet <RPMS@FamilleCollet.com> 1.0.8-17 +- rebuild for remi repo and http 2.4 + +* Tue Jun 12 2012 Nathan Kinder <nkinder@redhat.com> - 1.0.8-17 +- Port mod_nss to work with httpd 2.4 + * Tue Apr 24 2012 Remi Collet <RPMS@FamilleCollet.com> 1.0.8-16 - rebuild for remi repo and http 2.4 |