|
 |
af9b8b |
%{?scl:%scl_package httpd}
|
|
|
af9b8b |
|
|
|
f0c688 |
%if 0%{?rhel} >= 7
|
|
|
af9b8b |
%define use_systemd 1
|
|
|
af9b8b |
%define use_system_apr 1
|
|
|
69c05d |
%define enable_mod_md 1
|
|
|
f0c688 |
%else
|
|
|
f0c688 |
%define use_systemd 0
|
|
|
f0c688 |
%define use_system_apr 0
|
|
|
69c05d |
%define enable_mod_md 0
|
|
|
f0c688 |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
# If we are using system APR and building as collection, we have to set
|
|
|
af9b8b |
# apr prefix to _root_prefix
|
|
|
af9b8b |
%if %{use_system_apr} && %{?scl:1}0
|
|
|
af9b8b |
%define apr_prefix %_root_prefix
|
|
|
af9b8b |
%else
|
|
|
af9b8b |
%define apr_prefix %_prefix
|
|
|
af9b8b |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
%if %{?scl}0
|
|
|
af9b8b |
%define _localstatedir %{_scl_root}/var
|
|
|
af9b8b |
%define httpd_service %{scl_prefix}httpd.service
|
|
|
af9b8b |
%define htcacheclean_service %{scl_prefix}htcacheclean.service
|
|
|
af9b8b |
%define httpd_logrotate %{scl_prefix}httpd
|
|
|
af9b8b |
%define httpd_init %{scl_prefix}httpd
|
|
|
af9b8b |
%define htcacheclean_init %{scl_prefix}htcacheclean
|
|
|
af9b8b |
%define httpd_logdir %{_root_localstatedir}/log/httpd24
|
|
|
af9b8b |
%else
|
|
|
af9b8b |
%define httpd_service httpd.service
|
|
|
af9b8b |
%define htcacheclean_service htcacheclean.service
|
|
|
af9b8b |
%define httpd_logrotate httpd
|
|
|
af9b8b |
%define httpd_init httpd
|
|
|
af9b8b |
%define htcacheclean_init htcacheclean
|
|
|
af9b8b |
%define httpd_logdir %{_localstatedir}/log/httpd
|
|
|
af9b8b |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
%define contentdir %{_datadir}/httpd
|
|
|
af9b8b |
%define docroot %{?scl:%_scl_root}/var/www
|
|
|
af9b8b |
%define suexec_caller apache
|
|
|
af9b8b |
%define mmn 20120211
|
|
|
af9b8b |
%define mmnisa %{mmn}%{__isa_name}%{__isa_bits}
|
|
|
af9b8b |
%define vstring Red Hat
|
|
|
af9b8b |
|
|
|
af9b8b |
# Drop automatic provides for module DSOs
|
|
|
af9b8b |
%{?filter_setup:
|
|
|
af9b8b |
%filter_provides_in %{_libdir}/httpd/modules/.*\.so$
|
|
|
af9b8b |
%filter_setup
|
|
|
af9b8b |
}
|
|
|
af9b8b |
|
|
|
af9b8b |
Summary: Apache HTTP Server
|
|
|
af9b8b |
Name: %{?scl:%scl_prefix}httpd
|
|
|
69c05d |
Version: 2.4.34
|
|
|
68a0fa |
Release: 18%{?dist}.1
|
|
|
af9b8b |
URL: http://httpd.apache.org/
|
|
|
af9b8b |
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
|
|
|
af9b8b |
Source1: index.html
|
|
|
af9b8b |
Source3: httpd.logrotate
|
|
|
af9b8b |
Source4: httpd.init
|
|
|
af9b8b |
Source5: httpd.sysconf
|
|
|
af9b8b |
Source6: httpd-ssl-pass-dialog
|
|
|
af9b8b |
Source7: httpd.tmpfiles
|
|
|
af9b8b |
Source8: httpd.service
|
|
|
af9b8b |
Source10: httpd.conf
|
|
|
af9b8b |
Source11: 00-base.conf
|
|
|
af9b8b |
Source12: 00-mpm.conf
|
|
|
af9b8b |
Source13: 00-lua.conf
|
|
|
af9b8b |
Source14: 01-cgi.conf
|
|
|
af9b8b |
Source15: 00-dav.conf
|
|
|
af9b8b |
Source16: 00-proxy.conf
|
|
|
af9b8b |
Source17: 00-ssl.conf
|
|
|
af9b8b |
Source18: 01-ldap.conf
|
|
|
af9b8b |
Source19: 00-proxyhtml.conf
|
|
|
af9b8b |
Source20: userdir.conf
|
|
|
af9b8b |
Source21: ssl.conf
|
|
|
af9b8b |
Source22: welcome.conf
|
|
|
af9b8b |
Source23: manual.conf
|
|
|
af9b8b |
Source24: 00-systemd.conf
|
|
|
af9b8b |
Source25: 01-session.conf
|
|
|
af9b8b |
Source26: action-graceful.sh
|
|
|
af9b8b |
Source27: action-configtest.sh
|
|
|
33b929 |
Source28: 00-optional.conf
|
|
|
33b929 |
Source29: httpd-scl-wrapper
|
|
|
ad4e62 |
Source31: config.layout
|
|
|
69c05d |
|
|
|
af9b8b |
# Documentation
|
|
|
af9b8b |
Source40: htcacheclean.service
|
|
|
af9b8b |
Source41: htcacheclean.sysconf
|
|
|
af9b8b |
Source42: htcacheclean.init
|
|
|
69c05d |
Source43: README.confd
|
|
|
69c05d |
|
|
|
af9b8b |
# build/scripts patches
|
|
|
af9b8b |
Patch1: httpd-2.4.1-apctl.patch
|
|
|
3fd4d8 |
Patch2: httpd-2.4.25-apxs.patch
|
|
|
af9b8b |
Patch3: httpd-2.4.1-deplibs.patch
|
|
|
af9b8b |
Patch6: httpd-2.4.3-apctl-systemd.patch
|
|
|
69c05d |
Patch7: httpd-2.4.34-skiplist.patch
|
|
|
3fd4d8 |
Patch8: httpd-2.4.25-detect-systemd.patch
|
|
|
af9b8b |
# Features/functional changes
|
|
|
3fd4d8 |
Patch20: httpd-2.4.10-mod_systemd.patch
|
|
|
af9b8b |
Patch21: httpd-2.4.6-full-release.patch
|
|
|
69c05d |
Patch23: httpd-2.4.34-export.patch
|
|
|
af9b8b |
Patch24: httpd-2.4.1-corelimit.patch
|
|
|
3fd4d8 |
Patch25: httpd-2.4.25-selinux.patch
|
|
|
af9b8b |
Patch27: httpd-2.4.2-icons.patch
|
|
|
af9b8b |
Patch30: httpd-2.4.4-cachehardmax.patch
|
|
|
af9b8b |
# Bug fixes
|
|
|
f0c688 |
Patch62: httpd-2.4.6-apachectl-status.patch
|
|
|
f0c688 |
Patch65: httpd-2.4.17-autoindex-revert.patch
|
|
|
f0c688 |
Patch69: httpd-2.4.6-apachectl-httpd-env.patch
|
|
|
f0c688 |
Patch70: httpd-2.4.6-bomb.patch
|
|
|
f0c688 |
Patch71: httpd-2.4.18-apachectl-httpd-env2.patch
|
|
|
3fd4d8 |
Patch74: httpd-2.4.25-rev-r1748324+.patch
|
|
|
69c05d |
Patch75: httpd-2.4.34-apr-escape.patch
|
|
|
69c05d |
Patch76: httpd-2.4.34-scl-libnghttp2.patch
|
|
|
69c05d |
Patch77: httpd-2.4.34-scl-libcurl.patch
|
|
|
69c05d |
Patch78: httpd-2.4.33-mddefault.patch
|
|
|
69c05d |
Patch79: httpd-2.4.34-r1836472.patch
|
|
|
69c05d |
Patch80: httpd-2.4.34-statements-comment.patch
|
|
|
ad4e62 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1707636
|
|
|
ad4e62 |
Patch81: httpd-2.4.34-r1844002.patch
|
|
|
ad4e62 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1669213
|
|
|
ad4e62 |
Patch82: httpd-2.4.34-r1840554.patch
|
|
|
ad4e62 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1673019
|
|
|
ad4e62 |
Patch83: httpd-2.4.34-mod-md-perms.patch
|
|
|
ad4e62 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1673019
|
|
|
ad4e62 |
Patch84: httpd-2.4.34-r1842929+.patch
|
|
|
ad4e62 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1725922
|
|
|
ad4e62 |
Patch85: httpd-2.4.34-r1847288.patch
|
|
|
ad4e62 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1744120
|
|
|
ad4e62 |
Patch86: httpd-2.4.34-r1865740.patch
|
|
|
e8122d |
# https://bugzilla.redhat.com/show_bug.cgi?id=1788976
|
|
|
e8122d |
# patch only RHEL-7, where we ship mod_md
|
|
|
e8122d |
%if %{enable_mod_md}
|
|
|
e8122d |
Patch87: httpd-2.4.34-mod-md-mod-ssl-hooks.patch
|
|
|
e8122d |
%endif
|
|
|
69c05d |
|
|
|
f5da3f |
# Security fixes
|
|
|
69c05d |
Patch200: httpd-2.4.34-CVE-2018-11763.patch
|
|
|
a68583 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1694980
|
|
|
a68583 |
Patch201: httpd-2.4.34-CVE-2019-0211.patch
|
|
|
ad4e62 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1696095
|
|
|
ad4e62 |
Patch202: httpd-2.4.34-CVE-2019-0220.patch
|
|
|
ad4e62 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1696140
|
|
|
ad4e62 |
Patch203: httpd-2.4.34-CVE-2019-0217.patch
|
|
|
ad4e62 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1677498
|
|
|
ad4e62 |
Patch204: httpd-2.4.34-CVE-2018-17199.patch
|
|
|
376e24 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1741860
|
|
|
376e24 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1741864
|
|
|
376e24 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1741868
|
|
|
ad4e62 |
Patch205: httpd-2.4.34-CVE-2019-9511-and-9516-and-9517.patch
|
|
|
ad4e62 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1668497
|
|
|
ad4e62 |
Patch206: httpd-2.4.34-CVE-2018-17189.patch
|
|
|
ad4e62 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1747282
|
|
|
ad4e62 |
Patch207: httpd-2.4.34-CVE-2019-10092.patch
|
|
|
ad4e62 |
# https://bugzilla.redhat.com/show_bug.cgi?id=1747290
|
|
|
ad4e62 |
Patch208: httpd-2.4.34-CVE-2019-10097.patch
|
|
|
e8122d |
# https://bugzilla.redhat.com/show_bug.cgi?id=1747285
|
|
|
e8122d |
Patch209: httpd-2.4.34-CVE-2019-10098.patch
|
|
|
68a0fa |
# https://bugzilla.redhat.com/show_bug.cgi?id=1866560
|
|
|
68a0fa |
Patch210: httpd-2.4.34-CVE-2020-9490.patch
|
|
|
69c05d |
|
|
|
af9b8b |
License: ASL 2.0
|
|
|
af9b8b |
Group: System Environment/Daemons
|
|
|
af9b8b |
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
|
|
|
af9b8b |
BuildRequires: autoconf, perl, pkgconfig, findutils, xmlto
|
|
|
af9b8b |
BuildRequires: zlib-devel, libselinux-devel, lua-devel
|
|
|
af9b8b |
%if %{use_system_apr}
|
|
|
af9b8b |
BuildRequires: apr-devel >= 1.4.0, apr-util-devel >= 1.2.0
|
|
|
af9b8b |
%else
|
|
|
af9b8b |
BuildRequires: %{?scl:%scl_prefix}apr-devel >= 1.4.0, %{?scl:%scl_prefix}apr-util-devel >= 1.2.0
|
|
|
af9b8b |
%endif
|
|
|
f0c688 |
BuildRequires: %{?scl:%scl_prefix}libnghttp2-devel
|
|
|
af9b8b |
BuildRequires: pcre-devel >= 5.0
|
|
|
af9b8b |
Requires: /etc/mime.types, system-logos >= 7.92.1-1
|
|
|
af9b8b |
Provides: %{?scl:%scl_prefix}mod_dav = %{version}-%{release}, %{?scl:%scl_prefix}httpd-suexec = %{version}-%{release}
|
|
|
af9b8b |
Provides: %{?scl:%scl_prefix}httpd-mmn = %{mmn}, %{?scl:%scl_prefix}httpd-mmn = %{mmnisa}
|
|
|
af9b8b |
Requires: %{?scl:%scl_prefix}httpd-tools = %{version}-%{release}
|
|
|
af9b8b |
Requires(pre): /usr/sbin/useradd
|
|
|
6670f0 |
Requires(pre): /usr/sbin/groupadd
|
|
|
af9b8b |
%if %{use_systemd}
|
|
|
af9b8b |
BuildRequires: systemd-devel
|
|
|
af9b8b |
Requires(preun): systemd-units
|
|
|
af9b8b |
Requires(postun): systemd-units
|
|
|
af9b8b |
Requires(post): systemd-units
|
|
|
af9b8b |
%else
|
|
|
af9b8b |
Requires(post): chkconfig
|
|
|
af9b8b |
%endif
|
|
|
f0c688 |
Requires(post): policycoreutils
|
|
|
f0c688 |
Requires(post): policycoreutils-python
|
|
|
af9b8b |
%{?scl:Requires:%scl_runtime}
|
|
|
af9b8b |
|
|
|
af9b8b |
%description
|
|
|
af9b8b |
The Apache HTTP Server is a powerful, efficient, and extensible
|
|
|
af9b8b |
web server.
|
|
|
af9b8b |
|
|
|
af9b8b |
%package devel
|
|
|
af9b8b |
Group: Development/Libraries
|
|
|
af9b8b |
Summary: Development interfaces for the Apache HTTP server
|
|
|
af9b8b |
%if %{use_system_apr}
|
|
|
af9b8b |
Requires: apr-devel, apr-util-devel
|
|
|
af9b8b |
%else
|
|
|
af9b8b |
Requires: %{?scl:%scl_prefix}apr-devel, %{?scl:%scl_prefix}apr-util-devel
|
|
|
af9b8b |
%endif
|
|
|
af9b8b |
Requires: pkgconfig
|
|
|
af9b8b |
Requires: %{?scl:%scl_prefix}httpd = %{version}-%{release}
|
|
|
f0c688 |
%if 0%{?rhel} < 7
|
|
|
f0c688 |
Requires(post): policycoreutils
|
|
|
f0c688 |
Requires(post): policycoreutils-python
|
|
|
f0c688 |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
%description devel
|
|
|
af9b8b |
The httpd-devel package contains the APXS binary and other files
|
|
|
af9b8b |
that you need to build Dynamic Shared Objects (DSOs) for the
|
|
|
af9b8b |
Apache HTTP Server.
|
|
|
af9b8b |
|
|
|
af9b8b |
If you are installing the Apache HTTP server and you want to be
|
|
|
af9b8b |
able to compile or develop additional modules for Apache, you need
|
|
|
af9b8b |
to install this package.
|
|
|
af9b8b |
|
|
|
af9b8b |
%package manual
|
|
|
af9b8b |
Group: Documentation
|
|
|
af9b8b |
Summary: Documentation for the Apache HTTP server
|
|
|
af9b8b |
Requires: %{?scl:%scl_prefix}httpd = %{version}-%{release}
|
|
|
f0c688 |
%if 0%{?rhel} < 7
|
|
|
f0c688 |
Requires(post): policycoreutils
|
|
|
f0c688 |
Requires(post): policycoreutils-python
|
|
|
f0c688 |
%endif
|
|
|
af9b8b |
BuildArch: noarch
|
|
|
af9b8b |
|
|
|
af9b8b |
%description manual
|
|
|
af9b8b |
The httpd-manual package contains the complete manual and
|
|
|
af9b8b |
reference guide for the Apache HTTP server. The information can
|
|
|
af9b8b |
also be found at http://httpd.apache.org/docs/2.2/.
|
|
|
af9b8b |
|
|
|
af9b8b |
%package tools
|
|
|
af9b8b |
Group: System Environment/Daemons
|
|
|
af9b8b |
Summary: Tools for use with the Apache HTTP Server
|
|
|
f0c688 |
Requires(post): policycoreutils
|
|
|
f0c688 |
Requires(post): policycoreutils-python
|
|
|
af9b8b |
|
|
|
af9b8b |
%description tools
|
|
|
af9b8b |
The httpd-tools package contains tools which can be used with
|
|
|
af9b8b |
the Apache HTTP Server.
|
|
|
af9b8b |
|
|
|
af9b8b |
%package -n %{?scl:%scl_prefix}mod_ssl
|
|
|
af9b8b |
Group: System Environment/Daemons
|
|
|
af9b8b |
Summary: SSL/TLS module for the Apache HTTP Server
|
|
|
af9b8b |
Epoch: 1
|
|
|
af9b8b |
BuildRequires: openssl-devel
|
|
|
af9b8b |
Requires(post): openssl, /bin/cat
|
|
|
af9b8b |
Requires(pre): %{?scl:%scl_prefix}httpd
|
|
|
af9b8b |
Requires: %{?scl:%scl_prefix}httpd = 0:%{version}-%{release}, %{?scl:%scl_prefix}httpd-mmn = %{mmnisa}
|
|
|
f0c688 |
%if 0%{?rhel} < 7
|
|
|
f0c688 |
Requires(post): policycoreutils
|
|
|
f0c688 |
Requires(post): policycoreutils-python
|
|
|
f0c688 |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
%description -n %{?scl:%scl_prefix}mod_ssl
|
|
|
af9b8b |
The mod_ssl module provides strong cryptography for the Apache Web
|
|
|
af9b8b |
server via the Secure Sockets Layer (SSL) and Transport Layer
|
|
|
af9b8b |
Security (TLS) protocols.
|
|
|
af9b8b |
|
|
|
af9b8b |
%package -n %{?scl:%scl_prefix}mod_proxy_html
|
|
|
af9b8b |
Group: System Environment/Daemons
|
|
|
af9b8b |
Summary: HTML and XML content filters for the Apache HTTP Server
|
|
|
af9b8b |
Requires: %{?scl:%scl_prefix}httpd = 0:%{version}-%{release}, %{?scl:%scl_prefix}httpd-mmn = %{mmnisa}
|
|
|
af9b8b |
BuildRequires: libxml2-devel
|
|
|
f0c688 |
%if 0%{?rhel} < 7
|
|
|
f0c688 |
Requires(post): policycoreutils
|
|
|
f0c688 |
Requires(post): policycoreutils-python
|
|
|
f0c688 |
%endif
|
|
|
af9b8b |
Epoch: 1
|
|
|
af9b8b |
|
|
|
af9b8b |
%description -n %{?scl:%scl_prefix}mod_proxy_html
|
|
|
af9b8b |
The mod_proxy_html and mod_xml2enc modules provide filters which can
|
|
|
af9b8b |
transform and modify HTML and XML content.
|
|
|
af9b8b |
|
|
|
af9b8b |
%package -n %{?scl:%scl_prefix}mod_ldap
|
|
|
af9b8b |
Group: System Environment/Daemons
|
|
|
af9b8b |
Summary: LDAP authentication modules for the Apache HTTP Server
|
|
|
af9b8b |
Requires: %{?scl:%scl_prefix}httpd = 0:%{version}-%{release}, %{?scl:%scl_prefix}httpd-mmn = %{mmnisa}
|
|
|
af9b8b |
%if %{use_system_apr}
|
|
|
af9b8b |
Requires: apr-util-ldap
|
|
|
af9b8b |
%else
|
|
|
af9b8b |
Requires: %{?scl:%scl_prefix}apr-util-ldap
|
|
|
af9b8b |
%endif
|
|
|
f0c688 |
%if 0%{?rhel} < 7
|
|
|
f0c688 |
Requires(post): policycoreutils
|
|
|
f0c688 |
Requires(post): policycoreutils-python
|
|
|
f0c688 |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
%description -n %{?scl:%scl_prefix}mod_ldap
|
|
|
af9b8b |
The mod_ldap and mod_authnz_ldap modules add support for LDAP
|
|
|
af9b8b |
authentication to the Apache HTTP Server.
|
|
|
af9b8b |
|
|
|
af9b8b |
%package -n %{?scl:%scl_prefix}mod_session
|
|
|
af9b8b |
Group: System Environment/Daemons
|
|
|
af9b8b |
Summary: Session interface for the Apache HTTP Server
|
|
|
af9b8b |
Requires: %{?scl:%scl_prefix}httpd = 0:%{version}-%{release}, %{?scl:%scl_prefix}httpd-mmn = %{mmnisa}
|
|
|
69c05d |
%if %{use_system_apr}
|
|
|
69c05d |
Requires: apr-util-openssl
|
|
|
69c05d |
%else
|
|
|
69c05d |
Requires: %{?scl:%scl_prefix}apr-util-openssl
|
|
|
69c05d |
%endif
|
|
|
f0c688 |
%if 0%{?rhel} < 7
|
|
|
f0c688 |
Requires(post): policycoreutils
|
|
|
f0c688 |
Requires(post): policycoreutils-python
|
|
|
f0c688 |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
%description -n %{?scl:%scl_prefix}mod_session
|
|
|
af9b8b |
The mod_session module and associated backends provide an abstract
|
|
|
af9b8b |
interface for storing and accessing per-user session data.
|
|
|
af9b8b |
|
|
|
af9b8b |
%prep
|
|
|
af9b8b |
%if %{?scl}0
|
|
|
af9b8b |
export LD_LIBRARY_PATH=%{_libdir}:$LD_LIBRARY_PATH
|
|
|
af9b8b |
%endif
|
|
|
af9b8b |
%setup -q %{?scl:-n %{pkg_name}-%{version}}
|
|
|
69c05d |
|
|
|
af9b8b |
%patch1 -p1 -b .apctl
|
|
|
af9b8b |
%patch2 -p1 -b .apxs
|
|
|
af9b8b |
%patch3 -p1 -b .deplibs
|
|
|
f0c688 |
%if %{use_systemd}
|
|
|
af9b8b |
%patch6 -p1 -b .apctlsystemd
|
|
|
33b929 |
%patch7 -p1 -b .skiplist
|
|
|
f0c688 |
%else
|
|
|
f0c688 |
%patch62 -p1 -b .apachectlstatus
|
|
|
f0c688 |
%patch71 -p1 -b .envhttpd2
|
|
|
f0c688 |
%endif
|
|
|
6670f0 |
%patch8 -p1 -b .detect-systemd
|
|
|
af9b8b |
|
|
|
3fd4d8 |
%patch20 -p1 -b .mod_systemd
|
|
|
af9b8b |
%patch21 -p1 -b .fullrelease
|
|
|
af9b8b |
%patch23 -p1 -b .export
|
|
|
af9b8b |
%patch24 -p1 -b .corelimit
|
|
|
af9b8b |
%patch25 -p1 -b .selinux
|
|
|
af9b8b |
%patch27 -p1 -b .icons
|
|
|
af9b8b |
%patch30 -p1 -b .cachehardmax
|
|
|
69c05d |
|
|
|
f0c688 |
%patch65 -p1 -b .autoindexrevert
|
|
|
f0c688 |
%patch69 -p1 -b .envhttpd
|
|
|
f0c688 |
%patch70 -p1 -b .bomb
|
|
|
3fd4d8 |
%patch74 -p1 -b .rev-r1748324+
|
|
|
69c05d |
%patch75 -p1 -b .apr_escape
|
|
|
69c05d |
%patch76 -p1 -b .scl_libnghttp2
|
|
|
69c05d |
%patch77 -p1 -b .scl_libcurl
|
|
|
69c05d |
%patch78 -p1 -b .md_default
|
|
|
69c05d |
%patch79 -p1 -b .r1836472
|
|
|
69c05d |
%patch80 -p1 -b .statementscomment
|
|
|
ad4e62 |
%patch81 -p1 -b .r1844002
|
|
|
ad4e62 |
%patch82 -p1 -b .r1840554
|
|
|
ad4e62 |
%patch83 -p1 -b .mod-md-perms
|
|
|
ad4e62 |
%patch84 -p1 -b .r1842929+
|
|
|
ad4e62 |
%patch85 -p1 -b .r1847288
|
|
|
ad4e62 |
%patch86 -p1 -b .r1865740
|
|
|
e8122d |
# patch only RHEL-7, where we ship mod_md
|
|
|
e8122d |
%if %{enable_mod_md}
|
|
|
e8122d |
%patch87 -p1 -b .mod-md-mod-ssl-hooks
|
|
|
e8122d |
%endif
|
|
|
f5da3f |
|
|
|
69c05d |
%patch200 -p1 -b .CVE-2018-11763
|
|
|
a68583 |
%patch201 -p1 -b .CVE-2019-0211
|
|
|
ad4e62 |
%patch202 -p1 -b .CVE-2019-0220
|
|
|
ad4e62 |
%patch203 -p1 -b .CVE-2019-0217
|
|
|
ad4e62 |
%patch204 -p1 -b .CVE-2018-17199
|
|
|
ad4e62 |
%patch205 -p1 -b .CVE-2019-9511-and-9516-and-9517
|
|
|
ad4e62 |
%patch206 -p1 -b .CVE-2018-17189
|
|
|
ad4e62 |
%patch207 -p1 -b .CVE-2019-10092
|
|
|
ad4e62 |
%patch208 -p1 -b .CVE-2019-10097
|
|
|
e8122d |
%patch209 -p1 -b .CVE-2019-10098
|
|
|
68a0fa |
%patch210 -p1 -b .CVE-2020-9490
|
|
|
760d5c |
|
|
|
af9b8b |
# Patch in the vendor string and the release string
|
|
|
af9b8b |
sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h
|
|
|
af9b8b |
sed -i 's/@RELEASE@/%{release}/' server/core.c
|
|
|
af9b8b |
|
|
|
af9b8b |
# Prevent use of setcap in "install-suexec-caps" target.
|
|
|
af9b8b |
sed -i '/suexec/s,setcap ,echo Skipping setcap for ,' Makefile.in
|
|
|
af9b8b |
|
|
|
af9b8b |
# Safety check: prevent build if defined MMN does not equal upstream MMN.
|
|
|
af9b8b |
vmmn=`echo MODULE_MAGIC_NUMBER_MAJOR | cpp -include include/ap_mmn.h | sed -n '/^2/p'`
|
|
|
af9b8b |
if test "x${vmmn}" != "x%{mmn}"; then
|
|
|
af9b8b |
: Error: Upstream MMN is now ${vmmn}, packaged MMN is %{mmn}
|
|
|
af9b8b |
: Update the mmn macro and rebuild.
|
|
|
af9b8b |
exit 1
|
|
|
af9b8b |
fi
|
|
|
af9b8b |
|
|
|
af9b8b |
: Building with MMN %{mmn}, MMN-ISA %{mmnisa} and vendor string '%{vstring}'
|
|
|
af9b8b |
|
|
|
ad4e62 |
# Provide default layout
|
|
|
ad4e62 |
cp $RPM_SOURCE_DIR/config.layout .
|
|
|
ad4e62 |
|
|
|
af9b8b |
%build
|
|
|
af9b8b |
# forcibly prevent use of bundled apr, apr-util, pcre
|
|
|
af9b8b |
rm -rf srclib/{apr,apr-util,pcre}
|
|
|
af9b8b |
|
|
|
af9b8b |
# regenerate configure scripts
|
|
|
af9b8b |
autoheader && autoconf || exit 1
|
|
|
af9b8b |
|
|
|
af9b8b |
# Before configure; fix location of build dir in generated apxs
|
|
|
af9b8b |
%{__perl} -pi -e "s:\@exp_installbuilddir\@:%{_libdir}/httpd/build:g" \
|
|
|
af9b8b |
support/apxs.in
|
|
|
af9b8b |
|
|
|
af9b8b |
export CFLAGS=$RPM_OPT_FLAGS
|
|
|
af9b8b |
export LDFLAGS="-Wl,-z,relro,-z,now"
|
|
|
af9b8b |
|
|
|
af9b8b |
# Hard-code path to links to avoid unnecessary builddep
|
|
|
af9b8b |
export LYNX_PATH=/usr/bin/links
|
|
|
af9b8b |
|
|
|
af9b8b |
# Build the daemon
|
|
|
af9b8b |
./configure \
|
|
|
af9b8b |
--prefix=%{_sysconfdir}/httpd \
|
|
|
af9b8b |
--exec-prefix=%{_prefix} \
|
|
|
af9b8b |
--bindir=%{_bindir} \
|
|
|
af9b8b |
--sbindir=%{_sbindir} \
|
|
|
af9b8b |
--mandir=%{_mandir} \
|
|
|
af9b8b |
--libdir=%{_libdir} \
|
|
|
af9b8b |
--sysconfdir=%{_sysconfdir}/httpd/conf \
|
|
|
af9b8b |
--includedir=%{_includedir}/httpd \
|
|
|
af9b8b |
--libexecdir=%{_libdir}/httpd/modules \
|
|
|
af9b8b |
--datadir=%{contentdir} \
|
|
|
af9b8b |
--enable-layout=Fedora \
|
|
|
af9b8b |
--with-installbuilddir=%{_libdir}/httpd/build \
|
|
|
af9b8b |
--enable-mpms-shared=all \
|
|
|
af9b8b |
--with-apr=%{apr_prefix} --with-apr-util=%{apr_prefix} \
|
|
|
af9b8b |
--enable-suexec --with-suexec \
|
|
|
f0c688 |
%if 0%{?rhel} >= 7
|
|
|
af9b8b |
--enable-suexec-capabilities \
|
|
|
f0c688 |
%endif
|
|
|
af9b8b |
--with-suexec-caller=%{suexec_caller} \
|
|
|
af9b8b |
--with-suexec-docroot=%{docroot} \
|
|
|
f0c688 |
%if 0%{?rhel} >= 7
|
|
|
af9b8b |
--without-suexec-logfile \
|
|
|
af9b8b |
--with-suexec-syslog \
|
|
|
f0c688 |
%else
|
|
|
f0c688 |
--with-suexec-logfile=%{_root_localstatedir}/log/httpd/suexec.log \
|
|
|
f0c688 |
%endif
|
|
|
af9b8b |
--with-suexec-bin=%{_sbindir}/suexec \
|
|
|
af9b8b |
--with-suexec-uidmin=500 --with-suexec-gidmin=100 \
|
|
|
af9b8b |
--enable-pie \
|
|
|
af9b8b |
--with-pcre \
|
|
|
af9b8b |
--enable-mods-shared=all \
|
|
|
af9b8b |
--enable-ssl --with-ssl --disable-distcache \
|
|
|
6670f0 |
%if 0%{?rhel} >= 7
|
|
|
6670f0 |
--enable-tls-alpn-thunks \
|
|
|
6670f0 |
%endif
|
|
|
af9b8b |
--enable-proxy \
|
|
|
af9b8b |
--enable-cache \
|
|
|
af9b8b |
--enable-disk-cache \
|
|
|
af9b8b |
--enable-ldap --enable-authnz-ldap \
|
|
|
af9b8b |
--enable-cgid --enable-cgi \
|
|
|
af9b8b |
--enable-authn-anon --enable-authn-alias \
|
|
|
af9b8b |
--disable-imagemap \
|
|
|
e8122d |
%if %{enable_mod_md}
|
|
|
e8122d |
--disable-md \
|
|
|
e8122d |
%endif
|
|
|
af9b8b |
--localstatedir=%{_localstatedir}
|
|
|
af9b8b |
make %{?_smp_mflags}
|
|
|
af9b8b |
|
|
|
af9b8b |
%install
|
|
|
af9b8b |
rm -rf $RPM_BUILD_ROOT
|
|
|
af9b8b |
|
|
|
af9b8b |
make DESTDIR=$RPM_BUILD_ROOT install
|
|
|
af9b8b |
|
|
|
af9b8b |
%if %{use_systemd}
|
|
|
af9b8b |
# Install systemd service files
|
|
|
af9b8b |
mkdir -p $RPM_BUILD_ROOT%{_unitdir}
|
|
|
af9b8b |
install -p -m 644 $RPM_SOURCE_DIR/httpd.service \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_unitdir}/%{httpd_service}
|
|
|
af9b8b |
install -p -m 644 $RPM_SOURCE_DIR/htcacheclean.service \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_unitdir}/%{htcacheclean_service}
|
|
|
af9b8b |
|
|
|
af9b8b |
# Change the httpd.service paths
|
|
|
af9b8b |
sed -i 's|\$sbindir|%{_sbindir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_unitdir}/%{httpd_service}
|
|
|
af9b8b |
sed -i 's|\$sysconfdir|%{_sysconfdir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_unitdir}/%{httpd_service}
|
|
|
af9b8b |
sed -i 's|\$localstatedir|%{_localstatedir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_unitdir}/%{httpd_service}
|
|
|
33b929 |
sed -i 's|\$sclscripts|%{?_scl_scripts}|' \
|
|
|
33b929 |
$RPM_BUILD_ROOT%{_unitdir}/%{httpd_service}
|
|
|
af9b8b |
|
|
|
af9b8b |
# Change the htcacheclean.service paths
|
|
|
af9b8b |
sed -i 's|\$sbindir|%{_sbindir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_unitdir}/%{htcacheclean_service}
|
|
|
af9b8b |
sed -i 's|\$sysconfdir|%{_sysconfdir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_unitdir}/%{htcacheclean_service}
|
|
|
af9b8b |
sed -i 's|\$localstatedir|%{_localstatedir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_unitdir}/%{htcacheclean_service}
|
|
|
af9b8b |
sed -i 's|\$httpd_service|%{httpd_service}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_unitdir}/%{htcacheclean_service}
|
|
|
33b929 |
sed -i 's|\$sclscripts|%{?_scl_scripts}|' \
|
|
|
33b929 |
$RPM_BUILD_ROOT%{_unitdir}/%{htcacheclean_service}
|
|
|
af9b8b |
%else
|
|
|
af9b8b |
# install SYSV init stuff
|
|
|
af9b8b |
mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d
|
|
|
af9b8b |
install -m755 $RPM_SOURCE_DIR/httpd.init \
|
|
|
af9b8b |
$RPM_BUILD_ROOT/etc/rc.d/init.d/%{httpd_init}
|
|
|
af9b8b |
install -m755 $RPM_SOURCE_DIR/htcacheclean.init \
|
|
|
af9b8b |
$RPM_BUILD_ROOT/etc/rc.d/init.d/%{htcacheclean_init}
|
|
|
af9b8b |
|
|
|
af9b8b |
# Change the httpd.init paths
|
|
|
af9b8b |
sed -i 's|\$sbindir|%{_sbindir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT/etc/rc.d/init.d/%{httpd_init}
|
|
|
af9b8b |
sed -i 's|\$sysconfdir|%{_sysconfdir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT/etc/rc.d/init.d/%{httpd_init}
|
|
|
af9b8b |
sed -i 's|\$localstatedir|%{_localstatedir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT/etc/rc.d/init.d/%{httpd_init}
|
|
|
33b929 |
sed -i 's|\$sclscripts|%{?_scl_scripts}|' \
|
|
|
33b929 |
$RPM_BUILD_ROOT/etc/rc.d/init.d/%{httpd_init}
|
|
|
af9b8b |
|
|
|
af9b8b |
# Change the htcacheclean.init paths
|
|
|
af9b8b |
sed -i 's|\$sbindir|%{_sbindir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT/etc/rc.d/init.d/%{htcacheclean_init}
|
|
|
af9b8b |
sed -i 's|\$sysconfdir|%{_sysconfdir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT/etc/rc.d/init.d/%{htcacheclean_init}
|
|
|
af9b8b |
sed -i 's|\$localstatedir|%{_localstatedir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT/etc/rc.d/init.d/%{htcacheclean_init}
|
|
|
33b929 |
sed -i 's|\$sclscripts|%{?_scl_scripts}|' \
|
|
|
33b929 |
$RPM_BUILD_ROOT/etc/rc.d/init.d/%{htcacheclean_init}
|
|
|
af9b8b |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
# install conf file/directory
|
|
|
af9b8b |
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d
|
|
|
af9b8b |
install -m 644 $RPM_SOURCE_DIR/README.confd \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/README
|
|
|
af9b8b |
for f in 00-base.conf 00-mpm.conf 00-lua.conf 01-cgi.conf 00-dav.conf \
|
|
|
af9b8b |
00-proxy.conf 00-ssl.conf 01-ldap.conf 00-proxyhtml.conf \
|
|
|
f0c688 |
%if %{use_systemd}
|
|
|
f0c688 |
00-systemd.conf \
|
|
|
f0c688 |
%endif
|
|
|
f0c688 |
01-ldap.conf 01-session.conf 00-optional.conf; do
|
|
|
af9b8b |
install -m 644 -p $RPM_SOURCE_DIR/$f \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/$f
|
|
|
af9b8b |
done
|
|
|
af9b8b |
|
|
|
af9b8b |
for f in welcome.conf ssl.conf manual.conf userdir.conf; do
|
|
|
af9b8b |
install -m 644 -p $RPM_SOURCE_DIR/$f \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
|
|
|
af9b8b |
sed -i 's|\$localstatedir|%{_localstatedir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
|
|
|
af9b8b |
sed -i 's|\$libexecdir|%{_libexecdir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
|
|
|
af9b8b |
sed -i 's|\$datadir|%{_datadir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
|
|
|
f0c688 |
touch -r $RPM_SOURCE_DIR/$f \
|
|
|
f0c688 |
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
|
|
|
af9b8b |
done
|
|
|
af9b8b |
|
|
|
af9b8b |
# Split-out extra config shipped as default in conf.d:
|
|
|
af9b8b |
for f in autoindex; do
|
|
|
af9b8b |
mv docs/conf/extra/httpd-${f}.conf \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/${f}.conf
|
|
|
af9b8b |
done
|
|
|
af9b8b |
|
|
|
af9b8b |
# Extra config trimmed:
|
|
|
af9b8b |
rm -v docs/conf/extra/httpd-{ssl,userdir}.conf
|
|
|
af9b8b |
|
|
|
af9b8b |
rm $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/*.conf
|
|
|
af9b8b |
install -m 644 -p $RPM_SOURCE_DIR/httpd.conf \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/httpd.conf
|
|
|
af9b8b |
sed -i 's|\$sysconfdir|%{_sysconfdir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/httpd.conf
|
|
|
af9b8b |
sed -i 's|\$localstatedir|%{_localstatedir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/httpd.conf
|
|
|
af9b8b |
|
|
|
af9b8b |
|
|
|
af9b8b |
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig
|
|
|
af9b8b |
for s in httpd htcacheclean; do
|
|
|
af9b8b |
install -m 644 -p $RPM_SOURCE_DIR/${s}.sysconf \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/${s}
|
|
|
af9b8b |
sed -i 's|\$localstatedir|%{_localstatedir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/${s}
|
|
|
af9b8b |
done
|
|
|
af9b8b |
|
|
|
f0c688 |
%if 0%{?rhel} < 7
|
|
|
f0c688 |
sed -i 's|LANG|HTTPD_LANG|' \
|
|
|
f0c688 |
$RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/httpd
|
|
|
f0c688 |
%endif
|
|
|
f0c688 |
|
|
|
af9b8b |
# tmpfiles.d configuration
|
|
|
af9b8b |
%if 0%{?rhel} >= 7 && ! %{?scl:1}0
|
|
|
af9b8b |
mkdir $RPM_BUILD_ROOT/etc/tmpfiles.d
|
|
|
af9b8b |
install -m 644 -p $RPM_SOURCE_DIR/httpd.tmpfiles \
|
|
|
af9b8b |
$RPM_BUILD_ROOT/etc/tmpfiles.d/%{name}.conf
|
|
|
af9b8b |
sed -i 's|\$localstatedir|%{_localstatedir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT/etc/tmpfiles.d/%{name}.conf
|
|
|
af9b8b |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
# Other directories
|
|
|
af9b8b |
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/dav \
|
|
|
69c05d |
$RPM_BUILD_ROOT%{_localstatedir}/lib/httpd \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_localstatedir}/run/httpd/htcacheclean
|
|
|
af9b8b |
|
|
|
af9b8b |
# Create cache directory
|
|
|
af9b8b |
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/cache/httpd \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_localstatedir}/cache/httpd/proxy \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_localstatedir}/cache/httpd/ssl
|
|
|
af9b8b |
|
|
|
af9b8b |
# Make the MMN accessible to module packages
|
|
|
af9b8b |
echo %{mmnisa} > $RPM_BUILD_ROOT%{_includedir}/httpd/.mmn
|
|
|
af9b8b |
|
|
|
f0c688 |
# When building as SCL, use different prefix for macros
|
|
|
af9b8b |
%if %{?scl}0
|
|
|
af9b8b |
mkdir -p $RPM_BUILD_ROOT%{_root_sysconfdir}/rpm/
|
|
|
af9b8b |
cat > $RPM_BUILD_ROOT%{_root_sysconfdir}/rpm/macros.httpd24 <
|
|
|
af9b8b |
%%_httpd24_mmn %{mmnisa}
|
|
|
af9b8b |
%%_httpd24_apxs %{_bindir}/apxs
|
|
|
af9b8b |
%%_httpd24_modconfdir %{_sysconfdir}/httpd/conf.modules.d
|
|
|
af9b8b |
%%_httpd24_confdir %{_sysconfdir}/httpd/conf.d
|
|
|
af9b8b |
%%_httpd24_contentdir %{contentdir}
|
|
|
af9b8b |
%%_httpd24_moddir %{_libdir}/httpd/modules
|
|
|
af9b8b |
EOF
|
|
|
af9b8b |
%else
|
|
|
af9b8b |
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rpm
|
|
|
af9b8b |
cat > $RPM_BUILD_ROOT%{_sysconfdir}/rpm/macros.httpd <
|
|
|
af9b8b |
%%_httpd_mmn %{mmnisa}
|
|
|
af9b8b |
%%_httpd_apxs %%{_bindir}/apxs
|
|
|
af9b8b |
%%_httpd_modconfdir %%{_sysconfdir}/httpd/conf.modules.d
|
|
|
af9b8b |
%%_httpd_confdir %%{_sysconfdir}/httpd/conf.d
|
|
|
af9b8b |
%%_httpd_contentdir %{contentdir}
|
|
|
af9b8b |
%%_httpd_moddir %%{_libdir}/httpd/modules
|
|
|
af9b8b |
EOF
|
|
|
af9b8b |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
# Handle contentdir
|
|
|
af9b8b |
mkdir $RPM_BUILD_ROOT%{contentdir}/noindex
|
|
|
af9b8b |
install -m 644 -p $RPM_SOURCE_DIR/index.html \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{contentdir}/noindex/index.html
|
|
|
af9b8b |
rm -rf %{contentdir}/htdocs
|
|
|
af9b8b |
|
|
|
af9b8b |
# remove manual sources
|
|
|
af9b8b |
find $RPM_BUILD_ROOT%{contentdir}/manual \( \
|
|
|
af9b8b |
-name \*.xml -o -name \*.xml.* -o -name \*.ent -o -name \*.xsl -o -name \*.dtd \
|
|
|
af9b8b |
\) -print0 | xargs -0 rm -f
|
|
|
af9b8b |
|
|
|
af9b8b |
# Strip the manual down just to English and replace the typemaps with flat files:
|
|
|
af9b8b |
set +x
|
|
|
af9b8b |
for f in `find $RPM_BUILD_ROOT%{contentdir}/manual -name \*.html -type f`; do
|
|
|
af9b8b |
if test -f ${f}.en; then
|
|
|
af9b8b |
cp ${f}.en ${f}
|
|
|
af9b8b |
rm ${f}.*
|
|
|
af9b8b |
fi
|
|
|
af9b8b |
done
|
|
|
af9b8b |
set -x
|
|
|
af9b8b |
|
|
|
af9b8b |
# Clean Document Root
|
|
|
af9b8b |
rm -v $RPM_BUILD_ROOT%{docroot}/html/*.html \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{docroot}/cgi-bin/*
|
|
|
af9b8b |
|
|
|
af9b8b |
# Symlink for the powered-by-$DISTRO image:
|
|
|
af9b8b |
ln -s /usr/share/pixmaps/poweredby.png \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{contentdir}/icons/poweredby.png
|
|
|
af9b8b |
|
|
|
af9b8b |
# symlinks for /etc/httpd
|
|
|
ad4e62 |
rmdir $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/{state,run}
|
|
|
af9b8b |
ln -s %{httpd_logdir} $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/logs
|
|
|
69c05d |
ln -s %{_localstatedir}/lib/httpd $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/state
|
|
|
af9b8b |
ln -s %{_localstatedir}/run/httpd $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/run
|
|
|
af9b8b |
ln -s %{_libdir}/httpd/modules $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/modules
|
|
|
af9b8b |
|
|
|
af9b8b |
# install http-ssl-pass-dialog
|
|
|
af9b8b |
mkdir -p $RPM_BUILD_ROOT/%{_libexecdir}
|
|
|
af9b8b |
install -m755 $RPM_SOURCE_DIR/httpd-ssl-pass-dialog \
|
|
|
af9b8b |
$RPM_BUILD_ROOT/%{_libexecdir}/httpd-ssl-pass-dialog
|
|
|
af9b8b |
|
|
|
af9b8b |
%if %{use_systemd}
|
|
|
af9b8b |
# Install action scripts
|
|
|
33b929 |
mkdir -p $RPM_BUILD_ROOT/%{_root_libexecdir}/initscripts/legacy-actions/%{?scl:%scl_prefix}httpd
|
|
|
af9b8b |
for f in graceful configtest; do
|
|
|
af9b8b |
install -p -m 755 $RPM_SOURCE_DIR/action-${f}.sh \
|
|
|
33b929 |
$RPM_BUILD_ROOT/%{_root_libexecdir}/initscripts/legacy-actions/%{?scl:%scl_prefix}httpd/${f}
|
|
|
3fd4d8 |
sed -i 's|\$sbindir|%{_sbindir}|;s|\$sysconfdir|%{_sysconfdir}/sysconfig|' \
|
|
|
33b929 |
$RPM_BUILD_ROOT/%{_root_libexecdir}/initscripts/legacy-actions/%{?scl:%scl_prefix}httpd/${f}
|
|
|
af9b8b |
done
|
|
|
af9b8b |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
# Install logrotate config
|
|
|
af9b8b |
mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d
|
|
|
af9b8b |
install -m 644 -p $RPM_SOURCE_DIR/httpd.logrotate \
|
|
|
af9b8b |
$RPM_BUILD_ROOT/etc/logrotate.d/%{httpd_logrotate}
|
|
|
af9b8b |
|
|
|
af9b8b |
# Change the httpd logrotate script paths
|
|
|
af9b8b |
sed -i 's|\$httpd_service|%{name}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT/etc/logrotate.d/%{httpd_logrotate}
|
|
|
af9b8b |
sed -i 's|\$logdir|%{httpd_logdir}|' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT/etc/logrotate.d/%{httpd_logrotate}
|
|
|
af9b8b |
|
|
|
af9b8b |
# fix man page paths
|
|
|
af9b8b |
sed -e "s|/usr/local/apache2/conf/httpd.conf|/etc/httpd/conf/httpd.conf|" \
|
|
|
af9b8b |
-e "s|/usr/local/apache2/conf/mime.types|/etc/mime.types|" \
|
|
|
af9b8b |
-e "s|/usr/local/apache2/conf/magic|/etc/httpd/conf/magic|" \
|
|
|
af9b8b |
-e "s|/usr/local/apache2/logs/error_log|%{httpd_logdir}/error_log|" \
|
|
|
af9b8b |
-e "s|/usr/local/apache2/logs/access_log|%{httpd_logdir}/access_log|" \
|
|
|
af9b8b |
-e "s|/usr/local/apache2/logs/httpd.pid|%{_localstatedir}/run/httpd/httpd.pid|" \
|
|
|
af9b8b |
-e "s|/usr/local/apache2|/etc/httpd|" < docs/man/httpd.8 \
|
|
|
af9b8b |
> $RPM_BUILD_ROOT%{_mandir}/man8/httpd.8
|
|
|
af9b8b |
|
|
|
af9b8b |
# Make ap_config_layout.h libdir-agnostic
|
|
|
af9b8b |
sed -i '/.*DEFAULT_..._LIBEXECDIR/d;/DEFAULT_..._INSTALLBUILDDIR/d' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_includedir}/httpd/ap_config_layout.h
|
|
|
af9b8b |
|
|
|
af9b8b |
# Fix path to instdso in special.mk
|
|
|
af9b8b |
sed -i '/instdso/s,top_srcdir,top_builddir,' \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_libdir}/httpd/build/special.mk
|
|
|
af9b8b |
|
|
|
af9b8b |
# Remove unpackaged files
|
|
|
af9b8b |
rm -vf \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_libdir}/*.exp \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/mime.types \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.exp \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_libdir}/httpd/build/config.nice \
|
|
|
33b929 |
$RPM_BUILD_ROOT%{_bindir}/{ap?-config,dbmmanage} \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_sbindir}/{checkgid,dbmmanage,envvars*} \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{contentdir}/htdocs/* \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{_mandir}/man1/dbmmanage.* \
|
|
|
af9b8b |
$RPM_BUILD_ROOT%{contentdir}/cgi-bin/*
|
|
|
af9b8b |
|
|
|
af9b8b |
rm -rf $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf/{original,extra}
|
|
|
af9b8b |
|
|
|
af9b8b |
# Make suexec a+rw so it can be stripped. %%files lists real permissions
|
|
|
af9b8b |
chmod 755 $RPM_BUILD_ROOT%{_sbindir}/suexec
|
|
|
af9b8b |
|
|
|
f0c688 |
%if %{use_systemd}
|
|
|
33b929 |
install -pm 0755 %{SOURCE29} %{buildroot}%{_sbindir}/httpd-scl-wrapper
|
|
|
f0c688 |
%endif
|
|
|
f0c688 |
|
|
|
f0c688 |
# replace $sbindir in apachectl with right path
|
|
|
f0c688 |
sed -i 's|\$sbindir|%{_sbindir}|' \
|
|
|
f0c688 |
%{buildroot}%{_sbindir}/apachectl
|
|
|
33b929 |
|
|
|
af9b8b |
%pre
|
|
|
6670f0 |
# Add the "apache" group and user
|
|
|
6670f0 |
/usr/sbin/groupadd -g 48 -r apache 2> /dev/null || :
|
|
|
6670f0 |
/usr/sbin/useradd -c "Apache" -u 48 -g apache \
|
|
|
af9b8b |
-s /sbin/nologin -r -d %{contentdir} apache 2> /dev/null || :
|
|
|
af9b8b |
|
|
|
af9b8b |
%post
|
|
|
f0c688 |
%if 0%{?rhel} < 7
|
|
|
f0c688 |
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
|
|
|
f0c688 |
%endif
|
|
|
f0c688 |
|
|
|
af9b8b |
%if %{use_systemd}
|
|
|
af9b8b |
%systemd_post %{httpd_service} %{htcacheclean_service}
|
|
|
f0c688 |
|
|
|
3fd4d8 |
semanage fcontext -a -t httpd_exec_t "%{_root_sbindir}/httpd-scl-wrapper" >/dev/null 2>&1 || :
|
|
|
f0c688 |
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
|
|
|
af9b8b |
%else
|
|
|
af9b8b |
# Register the httpd service
|
|
|
af9b8b |
/sbin/chkconfig --add %{?scl:%scl_prefix}httpd
|
|
|
af9b8b |
/sbin/chkconfig --add %{?scl:%scl_prefix}htcacheclean
|
|
|
f0c688 |
|
|
|
f0c688 |
semanage fcontext -a -e /etc/rc.d/init.d/httpd /etc/rc.d/init.d/httpd24-httpd >/dev/null 2>&1 || :
|
|
|
f0c688 |
restorecon -R /etc/rc.d/init.d/httpd24-httpd >/dev/null 2>&1 || :
|
|
|
f0c688 |
|
|
|
f0c688 |
semanage fcontext -a -e /etc/rc.d/init.d/htcacheclean /etc/rc.d/init.d/httpd24-htcacheclean >/dev/null 2>&1 || :
|
|
|
f0c688 |
restorecon -R /etc/rc.d/init.d/httpd24-htcacheclean >/dev/null 2>&1 || :
|
|
|
af9b8b |
%endif
|
|
|
f0c688 |
|
|
|
af9b8b |
semanage fcontext -a -e /var/log/httpd %{httpd_logdir} >/dev/null 2>&1 || :
|
|
|
af9b8b |
restorecon -R %{httpd_logdir} >/dev/null 2>&1 || :
|
|
|
af9b8b |
|
|
|
af9b8b |
%preun
|
|
|
af9b8b |
%if %{use_systemd}
|
|
|
af9b8b |
%systemd_preun %{httpd_service} %{htcacheclean_service}
|
|
|
af9b8b |
%else
|
|
|
af9b8b |
if [ $1 = 0 ]; then
|
|
|
af9b8b |
/sbin/service %{?scl:%scl_prefix}httpd stop > /dev/null 2>&1 || :
|
|
|
af9b8b |
/sbin/chkconfig --del %{?scl:%scl_prefix}httpd || :
|
|
|
af9b8b |
/sbin/service %{?scl:%scl_prefix}htcacheclean stop > /dev/null 2>&1 || :
|
|
|
af9b8b |
/sbin/chkconfig --del %{?scl:%scl_prefix}htcacheclean || :
|
|
|
af9b8b |
fi
|
|
|
af9b8b |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
%postun
|
|
|
af9b8b |
%if %{use_systemd}
|
|
|
af9b8b |
%systemd_postun
|
|
|
af9b8b |
%else
|
|
|
af9b8b |
/sbin/service %{?scl:%scl_prefix}httpd condrestart >/dev/null 2>&1 || :
|
|
|
af9b8b |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
%posttrans
|
|
|
af9b8b |
%if %{use_systemd}
|
|
|
af9b8b |
test -f %{_sysconfdir}/sysconfig/httpd-disable-posttrans || \
|
|
|
af9b8b |
/bin/systemctl try-restart %{httpd_service} %{htcacheclean_service} >/dev/null 2>&1 || :
|
|
|
f0c688 |
%else
|
|
|
f0c688 |
test -f %{_sysconfdir}/sysconfig/httpd-disable-posttrans || \
|
|
|
f0c688 |
/sbin/service %{?scl:%scl_prefix}httpd condrestart >/dev/null 2>&1 || :
|
|
|
f0c688 |
test -f %{_sysconfdir}/sysconfig/httpd-disable-posttrans || \
|
|
|
f0c688 |
/sbin/service %{?scl:%scl_prefix}htcacheclean condrestart >/dev/null 2>&1 || :
|
|
|
af9b8b |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
%define sslcert %{_root_sysconfdir}/pki/tls/certs/localhost.crt
|
|
|
af9b8b |
%define sslkey %{_root_sysconfdir}/pki/tls/private/localhost.key
|
|
|
af9b8b |
|
|
|
af9b8b |
%post -n %{?scl:%scl_prefix}mod_ssl
|
|
|
f0c688 |
%if 0%{?rhel} < 7
|
|
|
f0c688 |
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
|
|
|
f0c688 |
%endif
|
|
|
af9b8b |
umask 077
|
|
|
af9b8b |
|
|
|
af9b8b |
if [ -f %{sslkey} -o -f %{sslcert} ]; then
|
|
|
af9b8b |
exit 0
|
|
|
af9b8b |
fi
|
|
|
af9b8b |
|
|
|
33b929 |
%{_root_bindir}/openssl genrsa -rand /proc/apm:/proc/cpuinfo:/proc/dma:/proc/filesystems:/proc/interrupts:/proc/ioports:/proc/pci:/proc/rtc:/proc/uptime 2048 > %{sslkey} 2> /dev/null
|
|
|
af9b8b |
|
|
|
af9b8b |
FQDN=`hostname`
|
|
|
3fd4d8 |
# A >59 char FQDN means "root@FQDN" exceeds 64-char max length for emailAddress
|
|
|
3fd4d8 |
if [ "x${FQDN}" = "x" -o ${#FQDN} -gt 59 ]; then
|
|
|
af9b8b |
FQDN=localhost.localdomain
|
|
|
af9b8b |
fi
|
|
|
af9b8b |
|
|
|
af9b8b |
cat << EOF | %{_root_bindir}/openssl req -new -key %{sslkey} \
|
|
|
33b929 |
-x509 -sha256 -days 365 -set_serial $RANDOM -extensions v3_req \
|
|
|
af9b8b |
-out %{sslcert} 2>/dev/null
|
|
|
af9b8b |
--
|
|
|
af9b8b |
SomeState
|
|
|
af9b8b |
SomeCity
|
|
|
af9b8b |
SomeOrganization
|
|
|
af9b8b |
SomeOrganizationalUnit
|
|
|
af9b8b |
${FQDN}
|
|
|
af9b8b |
root@${FQDN}
|
|
|
af9b8b |
EOF
|
|
|
af9b8b |
|
|
|
f0c688 |
%if 0%{?rhel} < 7
|
|
|
f0c688 |
%post tools
|
|
|
f0c688 |
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
|
|
|
f0c688 |
|
|
|
f0c688 |
%post manual
|
|
|
f0c688 |
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
|
|
|
f0c688 |
|
|
|
f0c688 |
%post -n %{?scl:%scl_prefix}mod_proxy_html
|
|
|
f0c688 |
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
|
|
|
f0c688 |
|
|
|
f0c688 |
%post -n %{?scl:%scl_prefix}mod_ldap
|
|
|
f0c688 |
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
|
|
|
f0c688 |
|
|
|
f0c688 |
%post -n %{?scl:%scl_prefix}mod_session
|
|
|
f0c688 |
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
|
|
|
f0c688 |
|
|
|
f0c688 |
%post devel
|
|
|
f0c688 |
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
|
|
|
f0c688 |
%endif
|
|
|
f0c688 |
|
|
|
af9b8b |
%check
|
|
|
af9b8b |
# Check the built modules are all PIC
|
|
|
af9b8b |
if readelf -d $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.so | grep TEXTREL; then
|
|
|
af9b8b |
: modules contain non-relocatable code
|
|
|
af9b8b |
exit 1
|
|
|
af9b8b |
fi
|
|
|
3fd4d8 |
set +x
|
|
|
3fd4d8 |
rv=0
|
|
|
f0c688 |
# Ensure every mod_* that's built is loaded.
|
|
|
f0c688 |
for f in $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.so; do
|
|
|
f0c688 |
m=${f##*/}
|
|
|
f0c688 |
if ! grep -q $m $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/*.conf; then
|
|
|
f0c688 |
echo ERROR: Module $m not configured. Disable it, or load it.
|
|
|
3fd4d8 |
rv=1
|
|
|
3fd4d8 |
fi
|
|
|
3fd4d8 |
done
|
|
|
3fd4d8 |
# Ensure every loaded mod_* is actually built
|
|
|
3fd4d8 |
mods=`grep -h ^LoadModule $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/*.conf | sed 's,.*modules/,,'`
|
|
|
3fd4d8 |
for m in $mods; do
|
|
|
3fd4d8 |
f=$RPM_BUILD_ROOT%{_libdir}/httpd/modules/${m}
|
|
|
3fd4d8 |
if ! test -x $f; then
|
|
|
3fd4d8 |
echo ERROR: Module $m is configured but not built.
|
|
|
3fd4d8 |
rv=1
|
|
|
f0c688 |
fi
|
|
|
f0c688 |
done
|
|
|
3fd4d8 |
set -x
|
|
|
3fd4d8 |
exit $rv
|
|
|
af9b8b |
|
|
|
af9b8b |
%clean
|
|
|
af9b8b |
rm -rf $RPM_BUILD_ROOT
|
|
|
af9b8b |
|
|
|
af9b8b |
%files
|
|
|
af9b8b |
%defattr(-,root,root)
|
|
|
af9b8b |
|
|
|
af9b8b |
%doc ABOUT_APACHE README CHANGES LICENSE VERSIONING NOTICE
|
|
|
af9b8b |
%doc docs/conf/extra/*.conf
|
|
|
af9b8b |
|
|
|
af9b8b |
%dir %{_sysconfdir}/httpd
|
|
|
af9b8b |
%{_sysconfdir}/httpd/modules
|
|
|
af9b8b |
%{_sysconfdir}/httpd/logs
|
|
|
69c05d |
%{_sysconfdir}/httpd/state
|
|
|
af9b8b |
%{_sysconfdir}/httpd/run
|
|
|
af9b8b |
%dir %{_sysconfdir}/httpd/conf
|
|
|
af9b8b |
%config(noreplace) %{_sysconfdir}/httpd/conf/httpd.conf
|
|
|
af9b8b |
%config(noreplace) %{_sysconfdir}/httpd/conf/magic
|
|
|
af9b8b |
|
|
|
af9b8b |
%config(noreplace) /etc/logrotate.d/%{httpd_logrotate}
|
|
|
af9b8b |
|
|
|
af9b8b |
%dir %{_sysconfdir}/httpd/conf.d
|
|
|
af9b8b |
%{_sysconfdir}/httpd/conf.d/README
|
|
|
af9b8b |
%config(noreplace) %{_sysconfdir}/httpd/conf.d/*.conf
|
|
|
af9b8b |
%exclude %{_sysconfdir}/httpd/conf.d/ssl.conf
|
|
|
af9b8b |
%exclude %{_sysconfdir}/httpd/conf.d/manual.conf
|
|
|
af9b8b |
|
|
|
af9b8b |
%dir %{_sysconfdir}/httpd/conf.modules.d
|
|
|
af9b8b |
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/*.conf
|
|
|
af9b8b |
%exclude %{_sysconfdir}/httpd/conf.modules.d/00-ssl.conf
|
|
|
af9b8b |
%exclude %{_sysconfdir}/httpd/conf.modules.d/00-proxyhtml.conf
|
|
|
af9b8b |
%exclude %{_sysconfdir}/httpd/conf.modules.d/01-ldap.conf
|
|
|
af9b8b |
%exclude %{_sysconfdir}/httpd/conf.modules.d/01-session.conf
|
|
|
af9b8b |
|
|
|
af9b8b |
%config(noreplace) %{_sysconfdir}/sysconfig/httpd
|
|
|
af9b8b |
%config(noreplace) %{_sysconfdir}/sysconfig/htcacheclean
|
|
|
af9b8b |
%if 0%{?rhel} >= 7 && ! %{?scl:1}0
|
|
|
af9b8b |
%config /etc/tmpfiles.d/%{name}.conf
|
|
|
af9b8b |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
%if %{use_systemd}
|
|
|
af9b8b |
%dir %{_root_libexecdir}/initscripts/legacy-actions/%{?scl:%scl_prefix}httpd
|
|
|
af9b8b |
%{_root_libexecdir}/initscripts/legacy-actions/%{?scl:%scl_prefix}httpd/*
|
|
|
af9b8b |
%endif
|
|
|
af9b8b |
|
|
|
f0c688 |
%if %{use_systemd}
|
|
|
f0c688 |
%dir %{_root_libexecdir}/initscripts/legacy-actions/%{?scl:%scl_prefix}httpd
|
|
|
f0c688 |
%{_root_libexecdir}/initscripts/legacy-actions/%{?scl:%scl_prefix}httpd/*
|
|
|
f0c688 |
%endif
|
|
|
f0c688 |
|
|
|
af9b8b |
%{_sbindir}/ht*
|
|
|
af9b8b |
%{_sbindir}/fcgistarter
|
|
|
af9b8b |
%{_sbindir}/apachectl
|
|
|
af9b8b |
%{_sbindir}/rotatelogs
|
|
|
f0c688 |
%if 0%{?rhel} >= 7
|
|
|
33b929 |
%{_sbindir}/httpd-scl-wrapper
|
|
|
af9b8b |
%caps(cap_setuid,cap_setgid+pe) %attr(510,root,%{suexec_caller}) %{_sbindir}/suexec
|
|
|
f0c688 |
%else
|
|
|
f0c688 |
%attr(4510,root,%{suexec_caller}) %{_sbindir}/suexec
|
|
|
f0c688 |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
%dir %{_libdir}/httpd
|
|
|
af9b8b |
%dir %{_libdir}/httpd/modules
|
|
|
af9b8b |
%{_libdir}/httpd/modules/mod*.so
|
|
|
af9b8b |
%exclude %{_libdir}/httpd/modules/mod_auth_form.so
|
|
|
af9b8b |
%exclude %{_libdir}/httpd/modules/mod_ssl.so
|
|
|
af9b8b |
%exclude %{_libdir}/httpd/modules/mod_*ldap.so
|
|
|
af9b8b |
%exclude %{_libdir}/httpd/modules/mod_proxy_html.so
|
|
|
af9b8b |
%exclude %{_libdir}/httpd/modules/mod_xml2enc.so
|
|
|
af9b8b |
%exclude %{_libdir}/httpd/modules/mod_session*.so
|
|
|
af9b8b |
|
|
|
af9b8b |
%dir %{contentdir}
|
|
|
af9b8b |
%dir %{contentdir}/icons
|
|
|
af9b8b |
%dir %{contentdir}/error
|
|
|
af9b8b |
%dir %{contentdir}/error/include
|
|
|
af9b8b |
%dir %{contentdir}/noindex
|
|
|
af9b8b |
%{contentdir}/icons/*
|
|
|
af9b8b |
%{contentdir}/error/README
|
|
|
af9b8b |
%{contentdir}/error/*.var
|
|
|
af9b8b |
%{contentdir}/error/include/*.html
|
|
|
af9b8b |
%{contentdir}/noindex/index.html
|
|
|
af9b8b |
|
|
|
af9b8b |
%dir %{docroot}
|
|
|
af9b8b |
%dir %{docroot}/cgi-bin
|
|
|
af9b8b |
%dir %{docroot}/html
|
|
|
af9b8b |
|
|
|
af9b8b |
%attr(0710,root,apache) %dir %{_localstatedir}/run/httpd
|
|
|
af9b8b |
%attr(0700,apache,apache) %dir %{_localstatedir}/run/httpd/htcacheclean
|
|
|
af9b8b |
%attr(0700,root,root) %dir %{httpd_logdir}
|
|
|
af9b8b |
%attr(0700,apache,apache) %dir %{_localstatedir}/lib/dav
|
|
|
69c05d |
%attr(0700,apache,apache) %dir %{_localstatedir}/lib/httpd
|
|
|
af9b8b |
%attr(0700,apache,apache) %dir %{_localstatedir}/cache/httpd
|
|
|
af9b8b |
%attr(0700,apache,apache) %dir %{_localstatedir}/cache/httpd/proxy
|
|
|
af9b8b |
|
|
|
af9b8b |
%{_mandir}/man8/*
|
|
|
af9b8b |
|
|
|
af9b8b |
%if %{use_systemd}
|
|
|
af9b8b |
%{_unitdir}/*.service
|
|
|
af9b8b |
%else
|
|
|
af9b8b |
/etc/rc.d/init.d/%{httpd_init}
|
|
|
af9b8b |
/etc/rc.d/init.d/%{htcacheclean_init}
|
|
|
af9b8b |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
%files tools
|
|
|
af9b8b |
%defattr(-,root,root)
|
|
|
af9b8b |
%{_bindir}/*
|
|
|
af9b8b |
%{_mandir}/man1/*
|
|
|
af9b8b |
%doc LICENSE NOTICE
|
|
|
af9b8b |
%exclude %{_bindir}/apxs
|
|
|
af9b8b |
%exclude %{_mandir}/man1/apxs.1*
|
|
|
af9b8b |
|
|
|
af9b8b |
%files manual
|
|
|
af9b8b |
%defattr(-,root,root)
|
|
|
af9b8b |
%{contentdir}/manual
|
|
|
af9b8b |
%config(noreplace) %{_sysconfdir}/httpd/conf.d/manual.conf
|
|
|
af9b8b |
|
|
|
af9b8b |
%files -n %{?scl:%scl_prefix}mod_ssl
|
|
|
af9b8b |
%defattr(-,root,root)
|
|
|
af9b8b |
%{_libdir}/httpd/modules/mod_ssl.so
|
|
|
af9b8b |
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/00-ssl.conf
|
|
|
af9b8b |
%config(noreplace) %{_sysconfdir}/httpd/conf.d/ssl.conf
|
|
|
af9b8b |
%attr(0700,apache,root) %dir %{_localstatedir}/cache/httpd/ssl
|
|
|
af9b8b |
%{_libexecdir}/httpd-ssl-pass-dialog
|
|
|
af9b8b |
|
|
|
af9b8b |
%files -n %{?scl:%scl_prefix}mod_proxy_html
|
|
|
af9b8b |
%defattr(-,root,root)
|
|
|
af9b8b |
%{_libdir}/httpd/modules/mod_proxy_html.so
|
|
|
af9b8b |
%{_libdir}/httpd/modules/mod_xml2enc.so
|
|
|
af9b8b |
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/00-proxyhtml.conf
|
|
|
af9b8b |
|
|
|
af9b8b |
%files -n %{?scl:%scl_prefix}mod_ldap
|
|
|
af9b8b |
%defattr(-,root,root)
|
|
|
af9b8b |
%{_libdir}/httpd/modules/mod_*ldap.so
|
|
|
af9b8b |
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/01-ldap.conf
|
|
|
af9b8b |
|
|
|
af9b8b |
%files -n %{?scl:%scl_prefix}mod_session
|
|
|
af9b8b |
%defattr(-,root,root)
|
|
|
af9b8b |
%{_libdir}/httpd/modules/mod_session*.so
|
|
|
af9b8b |
%{_libdir}/httpd/modules/mod_auth_form.so
|
|
|
af9b8b |
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/01-session.conf
|
|
|
af9b8b |
|
|
|
af9b8b |
%files devel
|
|
|
af9b8b |
%defattr(-,root,root)
|
|
|
af9b8b |
%{_includedir}/httpd
|
|
|
af9b8b |
%{_bindir}/apxs
|
|
|
af9b8b |
%{_mandir}/man1/apxs.1*
|
|
|
af9b8b |
%dir %{_libdir}/httpd/build
|
|
|
af9b8b |
%{_libdir}/httpd/build/*.mk
|
|
|
af9b8b |
%{_libdir}/httpd/build/*.sh
|
|
|
af9b8b |
%if %{?scl}0
|
|
|
af9b8b |
%{_root_sysconfdir}/rpm/macros.httpd24
|
|
|
af9b8b |
%else
|
|
|
af9b8b |
%{_sysconfdir}/rpm/macros.httpd
|
|
|
af9b8b |
%endif
|
|
|
af9b8b |
|
|
|
af9b8b |
%changelog
|
|
|
68a0fa |
* Mon Aug 31 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-18.1
|
|
|
68a0fa |
- Resolves: #1869068 - CVE-2020-9490 httpd24-httpd: httpd: Push diary
|
|
|
68a0fa |
crash on specifically crafted HTTP/2 header
|
|
|
68a0fa |
|
|
|
e8122d |
* Tue Mar 17 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-18
|
|
|
e8122d |
- Related: #1743959 (CVE-2019-10098) - CVE-2019-10098 httpd: mod_rewrite
|
|
|
e8122d |
potential open redirect
|
|
|
e8122d |
|
|
|
e8122d |
* Mon Feb 03 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-16
|
|
|
e8122d |
- remove bundled mod_md module
|
|
|
e8122d |
- Resolves: #1788976 - RFE: updated collection for httpd 2.4
|
|
|
e8122d |
- Resolves: #1743959 (CVE-2019-10098) - CVE-2019-10098 httpd: mod_rewrite
|
|
|
e8122d |
potential open redirect
|
|
|
e8122d |
|
|
|
ad4e62 |
* Wed Nov 13 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-15
|
|
|
ad4e62 |
- Related: #1725922 - duplicated cookie in Apache httpd with mod_session
|
|
|
ad4e62 |
|
|
|
ad4e62 |
* Tue Oct 08 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-14
|
|
|
ad4e62 |
- Resolves: #1743996 (CVE-2019-10097) - CVE-2019-10097 httpd: null-pointer
|
|
|
ad4e62 |
dereference in mod_remoteip
|
|
|
ad4e62 |
- Resolves: #1747282 - CVE-2019-10092 httpd24-httpd: httpd: limited cross-site
|
|
|
ad4e62 |
scripting in mod_proxy error page
|
|
|
ad4e62 |
|
|
|
ad4e62 |
* Tue Oct 08 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-13
|
|
|
ad4e62 |
- Resolves: #1744120 - Unexpected OCSP in proxy SSL connection
|
|
|
ad4e62 |
|
|
|
ad4e62 |
* Fri Oct 04 2019 Joe Orton <jorton@redhat.com> - 2.4.34-12
|
|
|
ad4e62 |
- Resolves: #1725922 - duplicated cookie in Apache httpd with mod_session
|
|
|
ad4e62 |
|
|
|
ad4e62 |
* Tue Sep 24 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-11
|
|
|
ad4e62 |
- Resolves: #1678567 (CVE-2018-17189) - CVE-2018-17189 httpd: mod_http2:
|
|
|
ad4e62 |
DoS via slow, unneeded request bodies
|
|
|
ad4e62 |
|
|
|
ad4e62 |
* Wed Aug 28 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-10
|
|
|
ad4e62 |
- Resolves: #1745695 - CVE-2019-9511 httpd24-httpd: HTTP/2: large amount of
|
|
|
ad4e62 |
data request leads to denial of service
|
|
|
ad4e62 |
- Resolves: #1745680 - CVE-2019-9516 httpd24-httpd: HTTP/2: 0-length headers
|
|
|
376e24 |
leads to denial of service
|
|
|
ad4e62 |
- Resolves: #1745683 - CVE-2019-9517 httpd24-httpd: HTTP/2: request for large
|
|
|
376e24 |
response leads to denial of service
|
|
|
376e24 |
|
|
|
ad4e62 |
* Wed Aug 07 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-9
|
|
|
ad4e62 |
- Resolves: #1696140 - CVE-2019-0217 httpd24-httpd: httpd: mod_auth_digest:
|
|
|
ad4e62 |
access control bypass due to race condition
|
|
|
ad4e62 |
- Resolves: #1696095 - CVE-2019-0220 httpd24-httpd: httpd: URL normalization
|
|
|
ad4e62 |
inconsistency
|
|
|
ad4e62 |
- Resolves: #1677498 - CVE-2018-17199 httpd24-httpd: httpd: mod_session_cookie
|
|
|
ad4e62 |
does not respect expiry time
|
|
|
ad4e62 |
- Resolves: #1707636 - fix a regression introduced in r1740928
|
|
|
ad4e62 |
- Resolves: #1669213 - `ExtendedStatus Off` directive when using mod_systemd
|
|
|
ad4e62 |
causes systemctl to hang
|
|
|
ad4e62 |
- Resolves: #1673019 - httpd can not be started with mod_md enabled
|
|
|
ad4e62 |
|
|
|
376e24 |
* Wed Apr 03 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-8
|
|
|
376e24 |
- Resolves: #1695429 - CVE-2019-0211 httpd24-httpd: httpd: privilege escalation
|
|
|
a68583 |
from modules scripts
|
|
|
a68583 |
|
|
|
69c05d |
* Tue Nov 06 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.34-7
|
|
|
69c05d |
- Resolves: #1646937 - Unable to start httpd
|
|
|
69c05d |
- Resolves: #1638711 - comments should be allowed at the end of Allow from
|
|
|
69c05d |
statements
|
|
|
69c05d |
|
|
|
69c05d |
* Wed Oct 31 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.34-6
|
|
|
69c05d |
- Resolves: #1644643 - httpd 2.4.34 regressions
|
|
|
69c05d |
|
|
|
69c05d |
* Thu Oct 25 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.34-5
|
|
|
69c05d |
- Resolves: #1640722 - mod_md is missing in httpd24-httpd
|
|
|
69c05d |
- Resolves: #1635838 - CVE-2018-11763 httpd24-httpd: httpd:
|
|
|
69c05d |
DoS for HTTP/2 connections by continuous SETTINGS
|
|
|
69c05d |
|
|
|
69c05d |
* Thu Sep 27 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.34-3
|
|
|
69c05d |
- Resolves: #1633260 - mod_session missing apr-util-openssl
|
|
|
69c05d |
|
|
|
69c05d |
* Thu Sep 13 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.34-2
|
|
|
69c05d |
- Resolves: #1540167 - provides without httpd24 pre/in-fix
|
|
|
69c05d |
|
|
|
69c05d |
* Thu Jul 19 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.34-1
|
|
|
69c05d |
- update to version 2.4.34
|
|
|
69c05d |
- removed upstread Fedora layout
|
|
|
69c05d |
- load mod_proxy_uwsgi by default
|
|
|
69c05d |
|
|
|
69c05d |
* Wed May 02 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-9
|
|
|
69c05d |
- Resolves: #1518737 - HTTP/2 connections hang and timeout
|
|
|
7be15e |
|
|
|
6670f0 |
* Wed Sep 20 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-8
|
|
|
6670f0 |
- Resolves: #1480506 - mod_authz_dbd segfaults when AuthzDBDQuery missing
|
|
|
6670f0 |
|
|
|
6670f0 |
* Mon Sep 18 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-7
|
|
|
6670f0 |
- Related: #1487164 - apache user is not created during httpd
|
|
|
6670f0 |
installation when apache group already exist with GID other than 48
|
|
|
6670f0 |
|
|
|
6670f0 |
* Tue Sep 12 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-6
|
|
|
6670f0 |
- Resolves: #1490947 - CVE-2017-9798 httpd: Use-after-free by limiting
|
|
|
6670f0 |
unregistered HTTP method
|
|
|
6670f0 |
|
|
|
6670f0 |
* Wed Sep 06 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-5
|
|
|
6670f0 |
- Resolves: #1488541 - rotatelogs %Z does not use correct timezone
|
|
|
6670f0 |
respecting DST
|
|
|
6670f0 |
|
|
|
6670f0 |
* Thu Aug 31 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-4
|
|
|
6670f0 |
- Resolves: #1486832 - RFE: run mod_rewrite external mapping program as non-root
|
|
|
6670f0 |
|
|
|
6670f0 |
* Thu Aug 31 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-3
|
|
|
6670f0 |
- Resolves: #1486843 - apache user is not created during httpd
|
|
|
6670f0 |
installation when apache group already exist
|
|
|
6670f0 |
- Resolves: #1487164 - apache user is not created during httpd
|
|
|
6670f0 |
installation when apache group already exist with GID other than 48
|
|
|
6670f0 |
|
|
|
6670f0 |
* Tue Aug 08 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-2
|
|
|
6670f0 |
- Resolves: #1475450 - update apr_skiplist to current APR code
|
|
|
6670f0 |
|
|
|
6670f0 |
* Mon Jul 31 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-1
|
|
|
6670f0 |
- new version 2.4.27
|
|
|
6670f0 |
|
|
|
6670f0 |
* Wed Jul 26 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.26-5
|
|
|
6670f0 |
- Resolves: #1472846 - CVE-2017-9788 CVE-2017-9789 httpd24-httpd: various flaws
|
|
|
6670f0 |
- updated mod_systemd patch
|
|
|
6670f0 |
|
|
|
6670f0 |
* Mon Jun 26 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.26-4
|
|
|
6670f0 |
- Resolves: #1440858 - graceful start of stopped service fail
|
|
|
6670f0 |
|
|
|
6670f0 |
* Fri Jun 23 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.26-3
|
|
|
6670f0 |
- Resolves: #1418395 - httpd stop prints failure if service already stopped
|
|
|
6670f0 |
|
|
|
6670f0 |
* Thu Jun 22 2017 Joe Orton <jorton@redhat.com> - 2.4.26-2
|
|
|
6670f0 |
- mod_ssl: add support for ALPN if newer OpenSSL loaded (#1327548)
|
|
|
6670f0 |
|
|
|
6670f0 |
* Mon Jun 19 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.26-1
|
|
|
6670f0 |
- Resolves: #1461819 - RFE: rebase httpd to 2.4.26
|
|
|
6670f0 |
|
|
|
6670f0 |
* Wed May 24 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.25-12
|
|
|
6670f0 |
- rebuild
|
|
|
760d5c |
|
|
|
3fd4d8 |
* Fri Mar 24 2017 Joe Orton <jorton@redhat.com> - 2.4.25-9
|
|
|
3fd4d8 |
- link only httpd, not support/* against -lselinux -lsystemd (#1433474)
|
|
|
3fd4d8 |
- don't enable SO_REUSEPORT in default configuration (#1432249)
|
|
|
3fd4d8 |
|
|
|
3fd4d8 |
* Thu Mar 2 2017 Joe Orton <jorton@redhat.com> - 2.4.25-8
|
|
|
3fd4d8 |
- always require policycoreutils; fail silently if SELinux is disabled (#1376738)
|
|
|
3fd4d8 |
|
|
|
3fd4d8 |
* Thu Mar 2 2017 Joe Orton <jorton@redhat.com> - 2.4.25-7
|
|
|
3fd4d8 |
- run restorecon during apxs -i (#1093057)
|
|
|
3fd4d8 |
|
|
|
3fd4d8 |
* Thu Mar 2 2017 Joe Orton <jorton@redhat.com> - 2.4.25-6
|
|
|
3fd4d8 |
- fix legacy systemd actions (#1329639)
|
|
|
3fd4d8 |
|
|
|
3fd4d8 |
* Thu Mar 2 2017 Joe Orton <jorton@redhat.com> - 2.4.25-5
|
|
|
3fd4d8 |
- mod_proxy_fcgi: revert to pre-2.4.23 SCRIPT_FILENAME mangling (#1414037)
|
|
|
3fd4d8 |
- mod_proxy: fix regression in per-dir ProxyPass (#1417482)
|
|
|
3fd4d8 |
|
|
|
3fd4d8 |
* Fri Jan 20 2017 Joe Orton <jorton@redhat.com> - 2.4.25-4
|
|
|
3fd4d8 |
- mod_watchdog: fix pool lifetime issue (#1410883)
|
|
|
3fd4d8 |
|
|
|
3fd4d8 |
* Fri Jan 20 2017 Joe Orton <jorton@redhat.com> - 2.4.25-3
|
|
|
3fd4d8 |
- update systemd library detection
|
|
|
3fd4d8 |
|
|
|
3fd4d8 |
* Fri Jan 20 2017 Joe Orton <jorton@redhat.com> - 2.4.25-2
|
|
|
3fd4d8 |
- merge default config changes from Fedora
|
|
|
3fd4d8 |
- mod_ssl: use "localhost" in the dummy SSL cert if len(FQDN) > 59 chars
|
|
|
3fd4d8 |
|
|
|
3fd4d8 |
* Thu Jan 12 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.25-1
|
|
|
3fd4d8 |
- Resolves: #1404778 - RFE: update httpd24 collection
|
|
|
3fd4d8 |
|
|
|
f5da3f |
* Wed Jul 13 2016 Joe Orton <jorton@redhat.com> - 2.4.18-11
|
|
|
f5da3f |
- add security fix for CVE-2016-5387
|
|
|
f5da3f |
- mod_ssl: add security fix for CVE-2016-4979
|
|
|
f5da3f |
|
|
|
f0c688 |
* Fri Apr 15 2016 Joe Orton <jorton@redhat.com> - 2.4.18-10
|
|
|
f0c688 |
- load more built modules (including mod_http2) by default (#1302653)
|
|
|
f0c688 |
- lower log-level for mod_ssl NPN debugging (#1302653)
|
|
|
f0c688 |
|
|
|
f0c688 |
* Thu Apr 14 2016 Joe Orton <jorton@redhat.com> - 2.4.18-9
|
|
|
f0c688 |
- mod_ssl: restore NPN behaviour with no Protocol configured (#1302653)
|
|
|
f0c688 |
|
|
|
f0c688 |
* Tue Apr 12 2016 Joe Orton <jorton@redhat.com> - 2.4.18-8
|
|
|
f0c688 |
- mod_ssl: allow protocol upgrades via NPN (#1302653)
|
|
|
f0c688 |
|
|
|
f0c688 |
* Fri Apr 8 2016 Joe Orton <jorton@redhat.com> - 2.4.18-7
|
|
|
f0c688 |
- mod_lua: use anonymous shm segment (#1225116)
|
|
|
f0c688 |
- revert 'apachectl graceful' to start httpd if stopped (#1221702)
|
|
|
f0c688 |
|
|
|
f0c688 |
* Wed Apr 6 2016 Joe Orton <jorton@redhat.com> - 2.4.18-6
|
|
|
f0c688 |
- fix apxs generated Makefile path to build directory (#1319837)
|
|
|
f0c688 |
- use redirects for lang-specific /manual/ URLs (#1324406)
|
|
|
f0c688 |
|
|
|
f0c688 |
* Wed Mar 30 2016 Jan Kaluza <jkaluza@redhat.com> - 2.4.18-5
|
|
|
f0c688 |
- apachectl: use httpd from the SCL in apachectl (#1319780)
|
|
|
f0c688 |
- apachectl: ignore HTTPD variable also on RHEL6 (#1221681)
|
|
|
f0c688 |
|
|
|
f0c688 |
* Tue Feb 23 2016 Jan Kaluza <jkaluza@redhat.com> - 2.4.18-4
|
|
|
f0c688 |
- apxs: fix querying installbuilddir
|
|
|
f0c688 |
|
|
|
f0c688 |
* Thu Feb 11 2016 Jan Kaluza <jkaluza@redhat.com> - 2.4.18-3
|
|
|
f0c688 |
- correct the AliasMatch in manual.conf (#1282481)
|
|
|
f0c688 |
|
|
|
f0c688 |
* Wed Feb 10 2016 Jan Kaluza <jkaluza@redhat.com> - 2.4.18-2
|
|
|
f0c688 |
- use HTTPD_LANG in sysconfig file on RHEL6 (#1222055)
|
|
|
f0c688 |
- ignore HTTPD sysconfig variable on RHEL6 (#1204075)
|
|
|
f0c688 |
- call restorecon on /etc/rc.d/init.d/htcacheclean after install (#1222494)
|
|
|
f0c688 |
|
|
|
f0c688 |
* Wed Feb 03 2016 Jan Kaluza <jkaluza@redhat.com> - 2.4.18-1
|
|
|
f0c688 |
- update to version 2.4.18
|
|
|
f0c688 |
- add support for http/2
|
|
|
f0c688 |
- mod_auth_digest: use anonymous shared memory (#1225116)
|
|
|
f0c688 |
- core: improve error message for inaccessible DocumentRoot (#1207093)
|
|
|
f0c688 |
- ab: try all addresses instead of failing on first one when not available (#1209552)
|
|
|
f0c688 |
- apachectl: ignore HTTPD variable from sysconfig (#1221681)
|
|
|
f0c688 |
- apachectl: fix "graceful" documentation (#1221702)
|
|
|
f0c688 |
- apachectl: fix "graceful" behaviour when httpd is not running (#1221650)
|
|
|
f0c688 |
- do not display "bomb" icon for files ending with "core" (#1196553)
|
|
|
f0c688 |
- mod_proxy_wstunnel: load this module by default (#1253396)
|
|
|
f0c688 |
|
|
|
f0c688 |
* Tue Dec 15 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-8
|
|
|
f0c688 |
- Add httpd-2.4.3-sslsninotreq.patch as we did in rhscl-2.0 (#1249800)
|
|
|
f0c688 |
|
|
|
f0c688 |
* Tue Aug 11 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-7
|
|
|
495d07 |
- core: fix chunk header parsing defect (CVE-2015-3183)
|
|
|
495d07 |
- core: replace of ap_some_auth_required with ap_some_authn_required
|
|
|
495d07 |
and ap_force_authn hook (CVE-2015-3185)
|
|
|
495d07 |
- core: fix pointer dereference crash with ErrorDocument 400 pointing
|
|
|
495d07 |
to a local URL-path (CVE-2015-0253)
|
|
|
495d07 |
- mod_lua: fix possible mod_lua crash due to websocket bug (CVE-2015-0228)
|
|
|
495d07 |
|
|
|
33b929 |
* Thu Mar 05 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-6
|
|
|
33b929 |
- remove old sslsninotreq patch (#1199040)
|
|
|
33b929 |
|
|
|
33b929 |
* Thu Feb 26 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-5
|
|
|
33b929 |
- fix wrong path to document root in httpd.conf (#1196559)
|
|
|
33b929 |
|
|
|
33b929 |
* Tue Feb 17 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-4
|
|
|
33b929 |
- fix SELinux context of httpd-scl-wrapper (#1193456)
|
|
|
33b929 |
|
|
|
33b929 |
* Tue Feb 03 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-3
|
|
|
33b929 |
- include apr_skiplist and build against system APR/APR-util (#1187646)
|
|
|
33b929 |
|
|
|
33b929 |
* Mon Feb 02 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-2
|
|
|
33b929 |
- rebuild against new APR/APR-util (#1187646)
|
|
|
33b929 |
|
|
|
33b929 |
* Wed Jan 28 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-1
|
|
|
33b929 |
- update to version 2.4.12
|
|
|
33b929 |
- fix possible crash in SIGINT handling (#1184034)
|
|
|
33b929 |
|
|
|
33b929 |
* Thu Jan 08 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.10-2
|
|
|
33b929 |
- allow enabling additional SCLs using service-environment file
|
|
|
33b929 |
- enable mod_request by default for mod_auth_form
|
|
|
33b929 |
- move disabled-by-default modules from 00-base.conf to 00-optional.conf
|
|
|
33b929 |
|
|
|
33b929 |
* Fri Jan 02 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.10-1
|
|
|
33b929 |
- update to 2.4.10
|
|
|
33b929 |
- remove mod_proxy_html obsolete (#1174790)
|
|
|
33b929 |
- remove dbmmanage from httpd-tools (#1151375)
|
|
|
33b929 |
- add slash before root_libexecdir macro (#1149076)
|
|
|
33b929 |
- ab: fix integer overflow when printing stats with lot of requests (#1091650)
|
|
|
33b929 |
- mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1079925)
|
|
|
33b929 |
|
|
|
62b793 |
* Tue Nov 25 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-25
|
|
|
62b793 |
- Remove mod_proxy_fcgi fix for heap-based buffer overflow,
|
|
|
62b793 |
httpd-2.4.6 is not affected (CVE-2014-3583)
|
|
|
62b793 |
|
|
|
62b793 |
* Tue Nov 25 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-24
|
|
|
62b793 |
- mod_proxy_wstunnel: Fix the use of SSL with the "wss:" scheme (#1141950)
|
|
|
62b793 |
|
|
|
62b793 |
* Mon Nov 24 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-23
|
|
|
62b793 |
- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704)
|
|
|
62b793 |
- mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581)
|
|
|
62b793 |
- mod_proxy_fcgi: fix heap-based buffer overflow (CVE-2014-3583)
|
|
|
62b793 |
|
|
|
62b793 |
* Fri Jul 18 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-22
|
|
|
8d96ca |
- mod_cgid: add security fix for CVE-2014-0231
|
|
|
8d96ca |
- mod_proxy: add security fix for CVE-2014-0117
|
|
|
8d96ca |
- mod_deflate: add security fix for CVE-2014-0118
|
|
|
8d96ca |
- mod_status: add security fix for CVE-2014-0226
|
|
|
8d96ca |
- mod_cache: add secutiry fix for CVE-2013-4352
|
|
|
8d96ca |
|
|
|
af9b8b |
* Thu Mar 20 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-19
|
|
|
af9b8b |
- mod_dav: add security fix for CVE-2013-6438 (#1077885)
|
|
|
af9b8b |
- mod_log_config: add security fix for CVE-2014-0098 (#1077885)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Feb 05 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-18
|
|
|
af9b8b |
- add legacy action scripts and htcacheclean service file,
|
|
|
af9b8b |
use syslog for suexec logging (#1061009)
|
|
|
af9b8b |
- mod_dav: fix locktoken handling (#1061010)
|
|
|
af9b8b |
- mod_ssl: sanity-check use of "SSLCompression" (#1061011)
|
|
|
af9b8b |
- mod_ssl: allow SSLEngine to override Listen-based default (#1061016)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Jan 10 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-17
|
|
|
af9b8b |
- rebuild because of File bug which caused no perl in provides
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Jan 07 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-16
|
|
|
af9b8b |
- don't run posttrans restart if httpd-disable-posttrans exists (#1047097)
|
|
|
af9b8b |
- mod_proxy: fix crash in brigade cleanup under high load (#1040448)
|
|
|
af9b8b |
- remove "webserver" from provides (#1042877)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Nov 26 2013 Joe Orton <jorton@redhat.com> - 2.4.6-15
|
|
|
af9b8b |
- fix logs symlink
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Nov 26 2013 Joe Orton <jorton@redhat.com> - 2.4.6-14
|
|
|
af9b8b |
- fix systemd unitdir again
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Nov 26 2013 Joe Orton <jorton@redhat.com> - 2.4.6-13
|
|
|
af9b8b |
- mod_ssl: generate localhost keypair in root /etc/pki
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Nov 26 2013 Joe Orton <jorton@redhat.com> - 2.4.6-12
|
|
|
af9b8b |
- fix mod_ssl post script
|
|
|
af9b8b |
- adapt logrotate config
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Nov 26 2013 Joe Orton <jorton@redhat.com> - 2.4.6-11
|
|
|
af9b8b |
- use system /var/log for logging
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Nov 26 2013 Joe Orton <jorton@redhat.com> - 2.4.6-10
|
|
|
af9b8b |
- move systemd service to libdir
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Sep 25 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-8
|
|
|
af9b8b |
- build with mod_systemd support
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Sep 24 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-7
|
|
|
af9b8b |
- set proper path installbuilddir in apxs script
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Sep 24 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-6
|
|
|
af9b8b |
- really set proper path to apxs in macros.httpd24
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Sep 24 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-5
|
|
|
af9b8b |
- set proper path to apxs in macros.httpd24
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Sep 23 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-4
|
|
|
af9b8b |
- build with system APR/APR-util
|
|
|
af9b8b |
- fix logrotate script to restart httpd from SCL
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Sep 18 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-3
|
|
|
af9b8b |
- rebuild for new APR/APR-util
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Aug 13 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-2
|
|
|
af9b8b |
- update to 2.4.6
|
|
|
af9b8b |
- revert fix for dumping vhosts twice
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Jul 29 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-7
|
|
|
af9b8b |
- use expanded directory variables in macros, remove '-' from mmnisa
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Jul 29 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-6
|
|
|
af9b8b |
- when building as SCL, use _httpd24_ prefix for macros
|
|
|
af9b8b |
|
|
|
af9b8b |
* Thu Jul 11 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-12
|
|
|
af9b8b |
- mod_unique_id: replace use of hostname + pid with PRNG output (#976666)
|
|
|
af9b8b |
- apxs: mention -p option in manpage
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Jul 2 2013 Joe Orton <jorton@redhat.com> - 2.4.4-11
|
|
|
af9b8b |
- add patch for aarch64 (Dennis Gilmore, #925558)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Jul 1 2013 Joe Orton <jorton@redhat.com> - 2.4.4-10
|
|
|
af9b8b |
- remove duplicate apxs man page from httpd-tools
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Jun 17 2013 Joe Orton <jorton@redhat.com> - 2.4.4-9
|
|
|
af9b8b |
- remove zombie dbmmanage script
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri May 31 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-8
|
|
|
af9b8b |
- return 400 Bad Request on malformed Host header
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon May 20 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-6
|
|
|
af9b8b |
- htpasswd/htdbm: fix hash generation bug (#956344)
|
|
|
af9b8b |
- do not dump vhosts twice in httpd -S output (#928761)
|
|
|
af9b8b |
- mod_cache: fix potential crash caused by uninitialized variable (#954109)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Thu Apr 18 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-5
|
|
|
af9b8b |
- execute systemctl reload as result of apachectl graceful
|
|
|
af9b8b |
- mod_ssl: ignore SNI hints unless required by config
|
|
|
af9b8b |
- mod_cache: forward-port CacheMaxExpire "hard" option
|
|
|
af9b8b |
- mod_ssl: fall back on another module's proxy hook if mod_ssl proxy
|
|
|
af9b8b |
is not configured.
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Apr 16 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-4
|
|
|
af9b8b |
- fix service file to not send SIGTERM after ExecStop (#906321, #912288)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Mar 26 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-3
|
|
|
af9b8b |
- protect MIMEMagicFile with IfModule (#893949)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Feb 26 2013 Joe Orton <jorton@redhat.com> - 2.4.4-2
|
|
|
af9b8b |
- really package mod_auth_form in mod_session (#915438)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Feb 26 2013 Joe Orton <jorton@redhat.com> - 2.4.4-1
|
|
|
af9b8b |
- update to 2.4.4
|
|
|
af9b8b |
- fix duplicate ownership of mod_session config (#914901)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Feb 22 2013 Joe Orton <jorton@redhat.com> - 2.4.3-17
|
|
|
af9b8b |
- add mod_session subpackage, move mod_auth_form there (#894500)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.3-16
|
|
|
af9b8b |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Jan 8 2013 Joe Orton <jorton@redhat.com> - 2.4.3-15
|
|
|
af9b8b |
- add systemd service for htcacheclean
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Nov 13 2012 Joe Orton <jorton@redhat.com> - 2.4.3-14
|
|
|
af9b8b |
- drop patch for r1344712
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Nov 13 2012 Joe Orton <jorton@redhat.com> - 2.4.3-13
|
|
|
af9b8b |
- filter mod_*.so auto-provides (thanks to rcollet)
|
|
|
af9b8b |
- pull in syslog logging fix from upstream (r1344712)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Oct 26 2012 Joe Orton <jorton@redhat.com> - 2.4.3-12
|
|
|
af9b8b |
- rebuild to pick up new apr-util-ldap
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Oct 23 2012 Joe Orton <jorton@redhat.com> - 2.4.3-11
|
|
|
af9b8b |
- rebuild
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Oct 3 2012 Joe Orton <jorton@redhat.com> - 2.4.3-10
|
|
|
af9b8b |
- pull upstream patch r1392850 in addition to r1387633
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Oct 1 2012 Joe Orton <jorton@redhat.com> - 2.4.3-9.1
|
|
|
af9b8b |
- restore "ServerTokens Full-Release" support (#811714)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Oct 1 2012 Joe Orton <jorton@redhat.com> - 2.4.3-9
|
|
|
af9b8b |
- define PLATFORM in os.h using vendor string
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Oct 1 2012 Joe Orton <jorton@redhat.com> - 2.4.3-8
|
|
|
af9b8b |
- use systemd script unconditionally (#850149)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Oct 1 2012 Joe Orton <jorton@redhat.com> - 2.4.3-7
|
|
|
af9b8b |
- use systemd scriptlets if available (#850149)
|
|
|
af9b8b |
- don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Oct 01 2012 Jan Kaluza <jkaluza@redhat.com> - 2.4.3-6
|
|
|
af9b8b |
- use systemctl from apachectl (#842736)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Sep 19 2012 Joe Orton <jorton@redhat.com> - 2.4.3-5
|
|
|
af9b8b |
- fix some error log spam with graceful-stop (r1387633)
|
|
|
af9b8b |
- minor mod_systemd tweaks
|
|
|
af9b8b |
|
|
|
af9b8b |
* Thu Sep 13 2012 Joe Orton <jorton@redhat.com> - 2.4.3-4
|
|
|
af9b8b |
- use IncludeOptional for conf.d/*.conf inclusion
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Sep 07 2012 Jan Kaluza <jkaluza@redhat.com> - 2.4.3-3
|
|
|
af9b8b |
- adding mod_systemd to integrate with systemd better
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Aug 21 2012 Joe Orton <jorton@redhat.com> - 2.4.3-2
|
|
|
af9b8b |
- mod_ssl: add check for proxy keypair match (upstream r1374214)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Aug 21 2012 Joe Orton <jorton@redhat.com> - 2.4.3-1
|
|
|
af9b8b |
- update to 2.4.3 (#849883)
|
|
|
af9b8b |
- own the docroot (#848121)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Aug 6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-23
|
|
|
af9b8b |
- add mod_proxy fixes from upstream (r1366693, r1365604)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.2-22
|
|
|
af9b8b |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Jul 6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-21
|
|
|
af9b8b |
- drop explicit version requirement on initscripts
|
|
|
af9b8b |
|
|
|
af9b8b |
* Thu Jul 5 2012 Joe Orton <jorton@redhat.com> - 2.4.2-20
|
|
|
af9b8b |
- mod_ext_filter: fix error_log warnings
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Jul 2 2012 Joe Orton <jorton@redhat.com> - 2.4.2-19
|
|
|
af9b8b |
- support "configtest" and "graceful" as initscripts "legacy actions"
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Jun 8 2012 Joe Orton <jorton@redhat.com> - 2.4.2-18
|
|
|
af9b8b |
- avoid use of "core" GIF for a "core" directory (#168776)
|
|
|
af9b8b |
- drop use of "syslog.target" in systemd unit file
|
|
|
af9b8b |
|
|
|
af9b8b |
* Thu Jun 7 2012 Joe Orton <jorton@redhat.com> - 2.4.2-17
|
|
|
af9b8b |
- use _unitdir for systemd unit file
|
|
|
af9b8b |
- use /run in unit file, ssl.conf
|
|
|
af9b8b |
|
|
|
af9b8b |
* Thu Jun 7 2012 Joe Orton <jorton@redhat.com> - 2.4.2-16
|
|
|
af9b8b |
- mod_ssl: fix NPN patch merge
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Jun 6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-15
|
|
|
af9b8b |
- move tmpfiles.d fragment into /usr/lib per new guidelines
|
|
|
af9b8b |
- package /run/httpd not /var/run/httpd
|
|
|
af9b8b |
- set runtimedir to /run/httpd likewise
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Jun 6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-14
|
|
|
af9b8b |
- fix htdbm/htpasswd crash on crypt() failure (#818684)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Jun 6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-13
|
|
|
af9b8b |
- pull fix for NPN patch from upstream (r1345599)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Thu May 31 2012 Joe Orton <jorton@redhat.com> - 2.4.2-12
|
|
|
af9b8b |
- update suexec patch to use LOG_AUTHPRIV facility
|
|
|
af9b8b |
|
|
|
af9b8b |
* Thu May 24 2012 Joe Orton <jorton@redhat.com> - 2.4.2-11
|
|
|
af9b8b |
- really fix autoindex.conf (thanks to remi@)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Thu May 24 2012 Joe Orton <jorton@redhat.com> - 2.4.2-10
|
|
|
af9b8b |
- fix autoindex.conf to allow symlink to poweredby.png
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed May 23 2012 Joe Orton <jorton@redhat.com> - 2.4.2-9
|
|
|
af9b8b |
- suexec: use upstream version of patch for capability bit support
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed May 23 2012 Joe Orton <jorton@redhat.com> - 2.4.2-8
|
|
|
af9b8b |
- suexec: use syslog rather than suexec.log, drop dac_override capability
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue May 1 2012 Joe Orton <jorton@redhat.com> - 2.4.2-7
|
|
|
af9b8b |
- mod_ssl: add TLS NPN support (r1332643, #809599)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue May 1 2012 Joe Orton <jorton@redhat.com> - 2.4.2-6
|
|
|
af9b8b |
- add BR on APR >= 1.4.0
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Apr 27 2012 Joe Orton <jorton@redhat.com> - 2.4.2-5
|
|
|
af9b8b |
- use systemctl from logrotate (#221073)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Apr 27 2012 Joe Orton <jorton@redhat.com> - 2.4.2-4
|
|
|
af9b8b |
- pull from upstream:
|
|
|
af9b8b |
* use TLS close_notify alert for dummy_connection (r1326980+)
|
|
|
af9b8b |
* cleanup symbol exports (r1327036+)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Apr 27 2012 Joe Orton <jorton@redhat.com> - 2.4.2-3.2
|
|
|
af9b8b |
- rebuild
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Apr 20 2012 Joe Orton <jorton@redhat.com> - 2.4.2-3
|
|
|
af9b8b |
- really fix restart
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Apr 20 2012 Joe Orton <jorton@redhat.com> - 2.4.2-2
|
|
|
af9b8b |
- tweak default ssl.conf
|
|
|
af9b8b |
- fix restart handling (#814645)
|
|
|
af9b8b |
- use graceful restart by default
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Apr 18 2012 Jan Kaluza <jkaluza@redhat.com> - 2.4.2-1
|
|
|
af9b8b |
- update to 2.4.2
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Mar 23 2012 Joe Orton <jorton@redhat.com> - 2.4.1-6
|
|
|
af9b8b |
- fix macros
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Mar 23 2012 Joe Orton <jorton@redhat.com> - 2.4.1-5
|
|
|
af9b8b |
- add _httpd_moddir to macros
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Mar 13 2012 Joe Orton <jorton@redhat.com> - 2.4.1-4
|
|
|
af9b8b |
- fix symlink for poweredby.png
|
|
|
af9b8b |
- fix manual.conf
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Mar 13 2012 Joe Orton <jorton@redhat.com> - 2.4.1-3
|
|
|
af9b8b |
- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc)
|
|
|
af9b8b |
- move mod_ldap, mod_authnz_ldap to mod_ldap subpackage
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Mar 13 2012 Joe Orton <jorton@redhat.com> - 2.4.1-2
|
|
|
af9b8b |
- clean docroot better
|
|
|
af9b8b |
- ship proxy, ssl directories within /var/cache/httpd
|
|
|
af9b8b |
- default config:
|
|
|
af9b8b |
* unrestricted access to (only) /var/www
|
|
|
af9b8b |
* remove (commented) Mutex, MaxRanges, ScriptSock
|
|
|
af9b8b |
* split autoindex config to conf.d/autoindex.conf
|
|
|
af9b8b |
- ship additional example configs in docdir
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Mar 6 2012 Joe Orton <jorton@redhat.com> - 2.4.1-1
|
|
|
af9b8b |
- update to 2.4.1
|
|
|
af9b8b |
- adopt upstream default httpd.conf (almost verbatim)
|
|
|
af9b8b |
- split all LoadModules to conf.modules.d/*.conf
|
|
|
af9b8b |
- include conf.d/*.conf at end of httpd.conf
|
|
|
af9b8b |
- trim %%changelog
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Feb 13 2012 Joe Orton <jorton@redhat.com> - 2.2.22-2
|
|
|
af9b8b |
- fix build against PCRE 8.30
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Feb 13 2012 Joe Orton <jorton@redhat.com> - 2.2.22-1
|
|
|
af9b8b |
- update to 2.2.22
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Feb 10 2012 Petr Pisar <ppisar@redhat.com> - 2.2.21-8
|
|
|
af9b8b |
- Rebuild against PCRE 8.30
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Jan 23 2012 Jan Kaluza <jkaluza@redhat.com> - 2.2.21-7
|
|
|
af9b8b |
- fix #783629 - start httpd after named
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Jan 16 2012 Joe Orton <jorton@redhat.com> - 2.2.21-6
|
|
|
af9b8b |
- complete conversion to systemd, drop init script (#770311)
|
|
|
af9b8b |
- fix comments in /etc/sysconfig/httpd (#771024)
|
|
|
af9b8b |
- enable PrivateTmp in service file (#781440)
|
|
|
af9b8b |
- set LANG=C in /etc/sysconfig/httpd
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.21-5
|
|
|
af9b8b |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Dec 06 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.21-4
|
|
|
af9b8b |
- fix #751591 - start httpd after remote-fs
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Oct 24 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.21-3
|
|
|
af9b8b |
- allow change state of BalancerMember in mod_proxy_balancer web interface
|
|
|
af9b8b |
|
|
|
af9b8b |
* Thu Sep 22 2011 Ville Skyttä <ville.skytta@iki.fi> - 2.2.21-2
|
|
|
af9b8b |
- Make mmn available as %%{_httpd_mmn}.
|
|
|
af9b8b |
- Add .svgz to AddEncoding x-gzip example in httpd.conf.
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Sep 13 2011 Joe Orton <jorton@redhat.com> - 2.2.21-1
|
|
|
af9b8b |
- update to 2.2.21
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Sep 5 2011 Joe Orton <jorton@redhat.com> - 2.2.20-1
|
|
|
af9b8b |
- update to 2.2.20
|
|
|
af9b8b |
- fix MPM stub man page generation
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Aug 10 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.19-5
|
|
|
af9b8b |
- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Jul 22 2011 Iain Arnell <iarnell@gmail.com> 1:2.2.19-4
|
|
|
af9b8b |
- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided
|
|
|
af9b8b |
directory names
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Jul 20 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.19-3
|
|
|
af9b8b |
- fix #716621 - suexec now works without setuid bit
|
|
|
af9b8b |
|
|
|
af9b8b |
* Thu Jul 14 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.19-2
|
|
|
af9b8b |
- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Jul 1 2011 Joe Orton <jorton@redhat.com> - 2.2.19-1
|
|
|
af9b8b |
- update to 2.2.19
|
|
|
af9b8b |
- enable dbd, authn_dbd in default config
|
|
|
af9b8b |
|
|
|
af9b8b |
* Thu Apr 14 2011 Joe Orton <jorton@redhat.com> - 2.2.17-13
|
|
|
af9b8b |
- fix path expansion in service files
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Apr 12 2011 Joe Orton <jorton@redhat.com> - 2.2.17-12
|
|
|
af9b8b |
- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Mar 23 2011 Joe Orton <jorton@redhat.com> - 2.2.17-11
|
|
|
af9b8b |
- minor updates to httpd.conf
|
|
|
af9b8b |
- drop old patches
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Mar 2 2011 Joe Orton <jorton@redhat.com> - 2.2.17-10
|
|
|
af9b8b |
- rebuild
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Feb 23 2011 Joe Orton <jorton@redhat.com> - 2.2.17-9
|
|
|
af9b8b |
- use arch-specific mmn
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.17-8
|
|
|
af9b8b |
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Jan 31 2011 Joe Orton <jorton@redhat.com> - 2.2.17-7
|
|
|
af9b8b |
- generate dummy mod_ssl cert with CA:FALSE constraint (#667841)
|
|
|
af9b8b |
- add man page stubs for httpd.event, httpd.worker
|
|
|
af9b8b |
- drop distcache support
|
|
|
af9b8b |
- add STOP_TIMEOUT support to init script
|
|
|
af9b8b |
|
|
|
af9b8b |
* Sat Jan 8 2011 Joe Orton <jorton@redhat.com> - 2.2.17-6
|
|
|
af9b8b |
- update default SSLCipherSuite per upstream trunk
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Jan 5 2011 Joe Orton <jorton@redhat.com> - 2.2.17-5
|
|
|
af9b8b |
- fix requires (#667397)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Jan 5 2011 Joe Orton <jorton@redhat.com> - 2.2.17-4
|
|
|
af9b8b |
- de-ghost /var/run/httpd
|
|
|
af9b8b |
|
|
|
af9b8b |
* Tue Jan 4 2011 Joe Orton <jorton@redhat.com> - 2.2.17-3
|
|
|
af9b8b |
- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)
|
|
|
af9b8b |
|
|
|
af9b8b |
* Sat Nov 20 2010 Joe Orton <jorton@redhat.com> - 2.2.17-2
|
|
|
af9b8b |
- drop setuid bit, use capabilities for suexec binary
|
|
|
af9b8b |
|
|
|
af9b8b |
* Wed Oct 27 2010 Joe Orton <jorton@redhat.com> - 2.2.17-1
|
|
|
af9b8b |
- update to 2.2.17
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Sep 10 2010 Joe Orton <jorton@redhat.com> - 2.2.16-2
|
|
|
af9b8b |
- link everything using -z relro and -z now
|
|
|
af9b8b |
|
|
|
af9b8b |
* Mon Jul 26 2010 Joe Orton <jorton@redhat.com> - 2.2.16-1
|
|
|
af9b8b |
- update to 2.2.16
|
|
|
af9b8b |
|
|
|
af9b8b |
* Fri Jul 9 2010 Joe Orton <jorton@redhat.com> - 2.2.15-3
|
|
|
af9b8b |
- default config tweaks:
|
|
|
af9b8b |
* harden httpd.conf w.r.t. .htaccess restriction (#591293)
|
|
|
af9b8b |
* load mod_substitute, mod_version by default
|
|
|
af9b8b |
* drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf
|
|
|
af9b8b |
* add commented list of shipped-but-unloaded modules
|
|
|
af9b8b |
* bump up worker defaults a little
|
|
|
af9b8b |
* drop KeepAliveTimeout to 5 secs per upstream
|
|
|
af9b8b |
- fix LSB compliance in init script (#522074)
|
|
|
af9b8b |
- bundle NOTICE in -tools
|
|
|
af9b8b |
- use init script in logrotate postrotate to pick up PIDFILE
|
|
|
af9b8b |
- drop some old Obsoletes/Conflicts
|
|
|
af9b8b |
|
|
|
af9b8b |
* Sun Apr 04 2010 Robert Scheck <robert@fedoraproject.org> - 2.2.15-1
|
|
|
af9b8b |
- update to 2.2.15 (#572404, #579311)
|
|
|
af9b8b |
|