rpms / httpd24-httpd

Clone
Source Code
GIT

Blame SPECS/httpd.spec

c7
  1.   9364d6057bd9904a31a01c728c9151c904542105
  2.   SPECS
  3.   httpd.spec
Blob History Raw
af9b8b 
%{?scl:%scl_package httpd}
af9b8b
f0c688 
%if 0%{?rhel} >= 7
af9b8b 
%define use_systemd 1
af9b8b 
%define use_system_apr 1
69c05d 
%define enable_mod_md 1
f0c688 
%else
f0c688 
%define use_systemd 0
f0c688 
%define use_system_apr 0
69c05d 
%define enable_mod_md 0
f0c688 
%endif
af9b8b
af9b8b 
# If we are using system APR and building as collection, we have to set
af9b8b 
# apr prefix to _root_prefix
af9b8b 
%if %{use_system_apr} && %{?scl:1}0
af9b8b 
%define apr_prefix %_root_prefix
af9b8b 
%else
af9b8b 
%define apr_prefix %_prefix
af9b8b 
%endif
af9b8b
af9b8b 
%if %{?scl}0
af9b8b 
%define _localstatedir %{_scl_root}/var
af9b8b 
%define httpd_service %{scl_prefix}httpd.service
af9b8b 
%define htcacheclean_service %{scl_prefix}htcacheclean.service
af9b8b 
%define httpd_logrotate %{scl_prefix}httpd
af9b8b 
%define httpd_init %{scl_prefix}httpd
af9b8b 
%define htcacheclean_init %{scl_prefix}htcacheclean
af9b8b 
%define httpd_logdir %{_root_localstatedir}/log/httpd24
af9b8b 
%else
af9b8b 
%define httpd_service httpd.service
af9b8b 
%define htcacheclean_service htcacheclean.service
af9b8b 
%define httpd_logrotate httpd
af9b8b 
%define httpd_init httpd
af9b8b 
%define htcacheclean_init htcacheclean
af9b8b 
%define httpd_logdir %{_localstatedir}/log/httpd
af9b8b 
%endif
af9b8b
af9b8b 
%define contentdir %{_datadir}/httpd
af9b8b 
%define docroot %{?scl:%_scl_root}/var/www
af9b8b 
%define suexec_caller apache
af9b8b 
%define mmn 20120211
af9b8b 
%define mmnisa %{mmn}%{__isa_name}%{__isa_bits}
af9b8b 
%define vstring Red Hat
af9b8b
af9b8b 
# Drop automatic provides for module DSOs
af9b8b 
%{?filter_setup:
af9b8b 
%filter_provides_in %{_libdir}/httpd/modules/.*\.so$
af9b8b 
%filter_setup
af9b8b 
}
af9b8b
af9b8b 
Summary: Apache HTTP Server
af9b8b 
Name: %{?scl:%scl_prefix}httpd
69c05d 
Version: 2.4.34
9364d6 
Release: 22%{?dist}
af9b8b 
URL: http://httpd.apache.org/
af9b8b 
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
af9b8b 
Source1: index.html
af9b8b 
Source3: httpd.logrotate
af9b8b 
Source4: httpd.init
af9b8b 
Source5: httpd.sysconf
af9b8b 
Source6: httpd-ssl-pass-dialog
af9b8b 
Source7: httpd.tmpfiles
af9b8b 
Source8: httpd.service
af9b8b 
Source10: httpd.conf
af9b8b 
Source11: 00-base.conf
af9b8b 
Source12: 00-mpm.conf
af9b8b 
Source13: 00-lua.conf
af9b8b 
Source14: 01-cgi.conf
af9b8b 
Source15: 00-dav.conf
af9b8b 
Source16: 00-proxy.conf
af9b8b 
Source17: 00-ssl.conf
af9b8b 
Source18: 01-ldap.conf
af9b8b 
Source19: 00-proxyhtml.conf
af9b8b 
Source20: userdir.conf
af9b8b 
Source21: ssl.conf
af9b8b 
Source22: welcome.conf
af9b8b 
Source23: manual.conf
af9b8b 
Source24: 00-systemd.conf
af9b8b 
Source25: 01-session.conf
af9b8b 
Source26: action-graceful.sh
af9b8b 
Source27: action-configtest.sh
33b929 
Source28: 00-optional.conf
33b929 
Source29: httpd-scl-wrapper
ad4e62 
Source31: config.layout
69c05d
af9b8b 
# Documentation
af9b8b 
Source40: htcacheclean.service
af9b8b 
Source41: htcacheclean.sysconf
af9b8b 
Source42: htcacheclean.init
69c05d 
Source43: README.confd
69c05d
af9b8b 
# build/scripts patches
af9b8b 
Patch1: httpd-2.4.1-apctl.patch
3fd4d8 
Patch2: httpd-2.4.25-apxs.patch
af9b8b 
Patch3: httpd-2.4.1-deplibs.patch
af9b8b 
Patch6: httpd-2.4.3-apctl-systemd.patch
69c05d 
Patch7: httpd-2.4.34-skiplist.patch
3fd4d8 
Patch8: httpd-2.4.25-detect-systemd.patch
af9b8b 
# Features/functional changes
3fd4d8 
Patch20: httpd-2.4.10-mod_systemd.patch
af9b8b 
Patch21: httpd-2.4.6-full-release.patch
69c05d 
Patch23: httpd-2.4.34-export.patch
af9b8b 
Patch24: httpd-2.4.1-corelimit.patch
3fd4d8 
Patch25: httpd-2.4.25-selinux.patch
af9b8b 
Patch27: httpd-2.4.2-icons.patch
af9b8b 
Patch30: httpd-2.4.4-cachehardmax.patch
9364d6 
# https://bugzilla.redhat.com/show_bug.cgi?id=1823836
9364d6 
Patch31: httpd-2.4.34-session-expiry-updt-int.patch
9364d6
af9b8b 
# Bug fixes
f0c688 
Patch62: httpd-2.4.6-apachectl-status.patch
f0c688 
Patch65: httpd-2.4.17-autoindex-revert.patch
f0c688 
Patch69: httpd-2.4.6-apachectl-httpd-env.patch
f0c688 
Patch70: httpd-2.4.6-bomb.patch
f0c688 
Patch71: httpd-2.4.18-apachectl-httpd-env2.patch
3fd4d8 
Patch74: httpd-2.4.25-rev-r1748324+.patch
69c05d 
Patch75: httpd-2.4.34-apr-escape.patch
69c05d 
Patch76: httpd-2.4.34-scl-libnghttp2.patch
69c05d 
Patch77: httpd-2.4.34-scl-libcurl.patch
69c05d 
Patch78: httpd-2.4.33-mddefault.patch
69c05d 
Patch79: httpd-2.4.34-r1836472.patch
69c05d 
Patch80: httpd-2.4.34-statements-comment.patch
ad4e62 
# https://bugzilla.redhat.com/show_bug.cgi?id=1707636
ad4e62 
Patch81: httpd-2.4.34-r1844002.patch
ad4e62 
# https://bugzilla.redhat.com/show_bug.cgi?id=1669213
ad4e62 
Patch82: httpd-2.4.34-r1840554.patch
ad4e62 
# https://bugzilla.redhat.com/show_bug.cgi?id=1673019
ad4e62 
Patch83: httpd-2.4.34-mod-md-perms.patch
ad4e62 
# https://bugzilla.redhat.com/show_bug.cgi?id=1673019
ad4e62 
Patch84: httpd-2.4.34-r1842929+.patch
ad4e62 
# https://bugzilla.redhat.com/show_bug.cgi?id=1725922
ad4e62 
Patch85: httpd-2.4.34-r1847288.patch
ad4e62 
# https://bugzilla.redhat.com/show_bug.cgi?id=1744120
ad4e62 
Patch86: httpd-2.4.34-r1865740.patch
e8122d 
# https://bugzilla.redhat.com/show_bug.cgi?id=1788976
e8122d 
# patch only RHEL-7, where we ship mod_md
e8122d 
%if %{enable_mod_md}
e8122d 
Patch87: httpd-2.4.34-mod-md-mod-ssl-hooks.patch
e8122d 
%endif
9364d6 
# https://bugzilla.redhat.com/show_bug.cgi?id=1600579
9364d6 
Patch88: httpd-2.4.34-r1864000.patch
9364d6 
# https://bugzilla.redhat.com/show_bug.cgi?id=1809494
9364d6 
Patch89: httpd-2.4.34-r1738878.patch
9364d6 
# https://bugzilla.redhat.com/show_bug.cgi?id=1828812
9364d6 
Patch90: httpd-2.4.34-r1862604.patch
9364d6 
# https://bugzilla.redhat.com/show_bug.cgi?id=1637891
9364d6 
Patch91: httpd-2.4.34-pr37355.patch
9364d6 
# https://bugzilla.redhat.com/show_bug.cgi?id=1607737
9364d6 
Patch92: httpd-2.4.34-r1841263+.patch
69c05d
f5da3f 
# Security fixes
69c05d 
Patch200: httpd-2.4.34-CVE-2018-11763.patch
a68583 
# https://bugzilla.redhat.com/show_bug.cgi?id=1694980
a68583 
Patch201: httpd-2.4.34-CVE-2019-0211.patch
ad4e62 
# https://bugzilla.redhat.com/show_bug.cgi?id=1696095
ad4e62 
Patch202: httpd-2.4.34-CVE-2019-0220.patch
ad4e62 
# https://bugzilla.redhat.com/show_bug.cgi?id=1696140
ad4e62 
Patch203: httpd-2.4.34-CVE-2019-0217.patch
ad4e62 
# https://bugzilla.redhat.com/show_bug.cgi?id=1677498
ad4e62 
Patch204: httpd-2.4.34-CVE-2018-17199.patch
376e24 
# https://bugzilla.redhat.com/show_bug.cgi?id=1741860
376e24 
# https://bugzilla.redhat.com/show_bug.cgi?id=1741864
376e24 
# https://bugzilla.redhat.com/show_bug.cgi?id=1741868
ad4e62 
Patch205: httpd-2.4.34-CVE-2019-9511-and-9516-and-9517.patch
ad4e62 
# https://bugzilla.redhat.com/show_bug.cgi?id=1668497
ad4e62 
Patch206: httpd-2.4.34-CVE-2018-17189.patch
ad4e62 
# https://bugzilla.redhat.com/show_bug.cgi?id=1747282
ad4e62 
Patch207: httpd-2.4.34-CVE-2019-10092.patch
ad4e62 
# https://bugzilla.redhat.com/show_bug.cgi?id=1747290
ad4e62 
Patch208: httpd-2.4.34-CVE-2019-10097.patch
e8122d 
# https://bugzilla.redhat.com/show_bug.cgi?id=1747285
e8122d 
Patch209: httpd-2.4.34-CVE-2019-10098.patch
9364d6 
# https://bugzilla.redhat.com/show_bug.cgi?id=1869069
68a0fa 
Patch210: httpd-2.4.34-CVE-2020-9490.patch
9364d6 
# https://bugzilla.redhat.com/show_bug.cgi?id=1866563
9364d6 
Patch211: httpd-2.4.34-CVE-2020-11984.patch
9364d6 
# httpd-2.4.34-CVE-2020-11993.patch
9364d6 
Patch212: httpd-2.4.34-CVE-2020-11993.patch
69c05d
af9b8b 
License: ASL 2.0
af9b8b 
Group: System Environment/Daemons
af9b8b 
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
af9b8b 
BuildRequires: autoconf, perl, pkgconfig, findutils, xmlto
af9b8b 
BuildRequires: zlib-devel, libselinux-devel, lua-devel
af9b8b 
%if %{use_system_apr}
af9b8b 
BuildRequires: apr-devel >= 1.4.0, apr-util-devel >= 1.2.0
af9b8b 
%else
af9b8b 
BuildRequires: %{?scl:%scl_prefix}apr-devel >= 1.4.0, %{?scl:%scl_prefix}apr-util-devel >= 1.2.0
af9b8b 
%endif
f0c688 
BuildRequires: %{?scl:%scl_prefix}libnghttp2-devel
af9b8b 
BuildRequires: pcre-devel >= 5.0
af9b8b 
Requires: /etc/mime.types, system-logos >= 7.92.1-1
af9b8b 
Provides: %{?scl:%scl_prefix}mod_dav = %{version}-%{release}, %{?scl:%scl_prefix}httpd-suexec = %{version}-%{release}
af9b8b 
Provides: %{?scl:%scl_prefix}httpd-mmn = %{mmn}, %{?scl:%scl_prefix}httpd-mmn = %{mmnisa}
af9b8b 
Requires: %{?scl:%scl_prefix}httpd-tools = %{version}-%{release}
af9b8b 
Requires(pre): /usr/sbin/useradd
6670f0 
Requires(pre): /usr/sbin/groupadd
af9b8b 
%if %{use_systemd}
af9b8b 
BuildRequires: systemd-devel
af9b8b 
Requires(preun): systemd-units
af9b8b 
Requires(postun): systemd-units
af9b8b 
Requires(post): systemd-units
af9b8b 
%else
af9b8b 
Requires(post): chkconfig
af9b8b 
%endif
f0c688 
Requires(post): policycoreutils
f0c688 
Requires(post): policycoreutils-python
af9b8b 
%{?scl:Requires:%scl_runtime}
af9b8b
af9b8b 
%description
af9b8b 
The Apache HTTP Server is a powerful, efficient, and extensible
af9b8b 
web server.
af9b8b
af9b8b 
%package devel
af9b8b 
Group: Development/Libraries
af9b8b 
Summary: Development interfaces for the Apache HTTP server
af9b8b 
%if %{use_system_apr}
af9b8b 
Requires: apr-devel, apr-util-devel
af9b8b 
%else
af9b8b 
Requires: %{?scl:%scl_prefix}apr-devel, %{?scl:%scl_prefix}apr-util-devel
af9b8b 
%endif
af9b8b 
Requires: pkgconfig
af9b8b 
Requires: %{?scl:%scl_prefix}httpd = %{version}-%{release}
f0c688 
%if 0%{?rhel} < 7
f0c688 
Requires(post): policycoreutils
f0c688 
Requires(post): policycoreutils-python
f0c688 
%endif
af9b8b
af9b8b 
%description devel
af9b8b 
The httpd-devel package contains the APXS binary and other files
af9b8b 
that you need to build Dynamic Shared Objects (DSOs) for the
af9b8b 
Apache HTTP Server.
af9b8b
af9b8b 
If you are installing the Apache HTTP server and you want to be
af9b8b 
able to compile or develop additional modules for Apache, you need
af9b8b 
to install this package.
af9b8b
af9b8b 
%package manual
af9b8b 
Group: Documentation
af9b8b 
Summary: Documentation for the Apache HTTP server
af9b8b 
Requires: %{?scl:%scl_prefix}httpd = %{version}-%{release}
f0c688 
%if 0%{?rhel} < 7
f0c688 
Requires(post): policycoreutils
f0c688 
Requires(post): policycoreutils-python
f0c688 
%endif
af9b8b 
BuildArch: noarch
af9b8b
af9b8b 
%description manual
af9b8b 
The httpd-manual package contains the complete manual and
af9b8b 
reference guide for the Apache HTTP server. The information can
af9b8b 
also be found at http://httpd.apache.org/docs/2.2/.
af9b8b
af9b8b 
%package tools
af9b8b 
Group: System Environment/Daemons
af9b8b 
Summary: Tools for use with the Apache HTTP Server
f0c688 
Requires(post):    policycoreutils
f0c688 
Requires(post):    policycoreutils-python
af9b8b
af9b8b 
%description tools
af9b8b 
The httpd-tools package contains tools which can be used with
af9b8b 
the Apache HTTP Server.
af9b8b
af9b8b 
%package -n %{?scl:%scl_prefix}mod_ssl
af9b8b 
Group: System Environment/Daemons
af9b8b 
Summary: SSL/TLS module for the Apache HTTP Server
af9b8b 
Epoch: 1
af9b8b 
BuildRequires: openssl-devel
af9b8b 
Requires(post): openssl, /bin/cat
af9b8b 
Requires(pre): %{?scl:%scl_prefix}httpd
af9b8b 
Requires: %{?scl:%scl_prefix}httpd = 0:%{version}-%{release}, %{?scl:%scl_prefix}httpd-mmn = %{mmnisa}
f0c688 
%if 0%{?rhel} < 7
f0c688 
Requires(post): policycoreutils
f0c688 
Requires(post): policycoreutils-python
f0c688 
%endif
af9b8b
af9b8b 
%description -n %{?scl:%scl_prefix}mod_ssl
af9b8b 
The mod_ssl module provides strong cryptography for the Apache Web
af9b8b 
server via the Secure Sockets Layer (SSL) and Transport Layer
af9b8b 
Security (TLS) protocols.
af9b8b
af9b8b 
%package -n %{?scl:%scl_prefix}mod_proxy_html
af9b8b 
Group: System Environment/Daemons
af9b8b 
Summary: HTML and XML content filters for the Apache HTTP Server
af9b8b 
Requires: %{?scl:%scl_prefix}httpd = 0:%{version}-%{release}, %{?scl:%scl_prefix}httpd-mmn = %{mmnisa}
af9b8b 
BuildRequires: libxml2-devel
f0c688 
%if 0%{?rhel} < 7
f0c688 
Requires(post): policycoreutils
f0c688 
Requires(post): policycoreutils-python
f0c688 
%endif
af9b8b 
Epoch: 1
af9b8b
af9b8b 
%description -n %{?scl:%scl_prefix}mod_proxy_html
af9b8b 
The mod_proxy_html and mod_xml2enc modules provide filters which can
af9b8b 
transform and modify HTML and XML content.
af9b8b
af9b8b 
%package -n %{?scl:%scl_prefix}mod_ldap
af9b8b 
Group: System Environment/Daemons
af9b8b 
Summary: LDAP authentication modules for the Apache HTTP Server
af9b8b 
Requires: %{?scl:%scl_prefix}httpd = 0:%{version}-%{release}, %{?scl:%scl_prefix}httpd-mmn = %{mmnisa}
af9b8b 
%if %{use_system_apr}
af9b8b 
Requires: apr-util-ldap
af9b8b 
%else
af9b8b 
Requires: %{?scl:%scl_prefix}apr-util-ldap
af9b8b 
%endif
f0c688 
%if 0%{?rhel} < 7
f0c688 
Requires(post): policycoreutils
f0c688 
Requires(post): policycoreutils-python
f0c688 
%endif
af9b8b
af9b8b 
%description -n %{?scl:%scl_prefix}mod_ldap
af9b8b 
The mod_ldap and mod_authnz_ldap modules add support for LDAP
af9b8b 
authentication to the Apache HTTP Server.
af9b8b
af9b8b 
%package -n %{?scl:%scl_prefix}mod_session
af9b8b 
Group: System Environment/Daemons
af9b8b 
Summary: Session interface for the Apache HTTP Server
af9b8b 
Requires: %{?scl:%scl_prefix}httpd = 0:%{version}-%{release}, %{?scl:%scl_prefix}httpd-mmn = %{mmnisa}
69c05d 
%if %{use_system_apr}
69c05d 
Requires: apr-util-openssl
69c05d 
%else
69c05d 
Requires: %{?scl:%scl_prefix}apr-util-openssl
69c05d 
%endif
f0c688 
%if 0%{?rhel} < 7
f0c688 
Requires(post): policycoreutils
f0c688 
Requires(post): policycoreutils-python
f0c688 
%endif
af9b8b
af9b8b 
%description -n %{?scl:%scl_prefix}mod_session
af9b8b 
The mod_session module and associated backends provide an abstract
af9b8b 
interface for storing and accessing per-user session data.
af9b8b
af9b8b 
%prep
af9b8b 
%if %{?scl}0
af9b8b 
export LD_LIBRARY_PATH=%{_libdir}:$LD_LIBRARY_PATH
af9b8b 
%endif
af9b8b 
%setup -q %{?scl:-n %{pkg_name}-%{version}}
69c05d
af9b8b 
%patch1 -p1 -b .apctl
af9b8b 
%patch2 -p1 -b .apxs
af9b8b 
%patch3 -p1 -b .deplibs
f0c688 
%if %{use_systemd}
af9b8b 
%patch6 -p1 -b .apctlsystemd
33b929 
%patch7 -p1 -b .skiplist
f0c688 
%else
f0c688 
%patch62 -p1 -b .apachectlstatus
f0c688 
%patch71 -p1 -b .envhttpd2
f0c688 
%endif
6670f0 
%patch8 -p1 -b .detect-systemd
af9b8b
3fd4d8 
%patch20 -p1 -b .mod_systemd
af9b8b 
%patch21 -p1 -b .fullrelease
af9b8b 
%patch23 -p1 -b .export
af9b8b 
%patch24 -p1 -b .corelimit
af9b8b 
%patch25 -p1 -b .selinux
af9b8b 
%patch27 -p1 -b .icons
af9b8b 
%patch30 -p1 -b .cachehardmax
9364d6 
%patch31 -p1 -b .session-expiry
69c05d
f0c688 
%patch65 -p1 -b .autoindexrevert
f0c688 
%patch69 -p1 -b .envhttpd
f0c688 
%patch70 -p1 -b .bomb
3fd4d8 
%patch74 -p1 -b .rev-r1748324+
69c05d 
%patch75 -p1 -b .apr_escape
69c05d 
%patch76 -p1 -b .scl_libnghttp2
69c05d 
%patch77 -p1 -b .scl_libcurl
69c05d 
%patch78 -p1 -b .md_default
69c05d 
%patch79 -p1 -b .r1836472
69c05d 
%patch80 -p1 -b .statementscomment
ad4e62 
%patch81 -p1 -b .r1844002
ad4e62 
%patch82 -p1 -b .r1840554
ad4e62 
%patch83 -p1 -b .mod-md-perms
ad4e62 
%patch84 -p1 -b .r1842929+
ad4e62 
%patch85 -p1 -b .r1847288
ad4e62 
%patch86 -p1 -b .r1865740
e8122d 
# patch only RHEL-7, where we ship mod_md
e8122d 
%if %{enable_mod_md}
e8122d 
%patch87 -p1 -b .mod-md-mod-ssl-hooks
e8122d 
%endif
9364d6 
%patch88 -p1 -b .r1864000
9364d6 
%patch89 -p1 -b .r1738878
9364d6 
%patch90 -p1 -b .r1862604
9364d6 
%patch91 -p1 -b .pr37355
9364d6 
%patch92 -p1 -b .r1841263+
f5da3f
69c05d 
%patch200 -p1 -b .CVE-2018-11763
a68583 
%patch201 -p1 -b .CVE-2019-0211
ad4e62 
%patch202 -p1 -b .CVE-2019-0220
ad4e62 
%patch203 -p1 -b .CVE-2019-0217
ad4e62 
%patch204 -p1 -b .CVE-2018-17199
ad4e62 
%patch205 -p1 -b .CVE-2019-9511-and-9516-and-9517
ad4e62 
%patch206 -p1 -b .CVE-2018-17189
ad4e62 
%patch207 -p1 -b .CVE-2019-10092
ad4e62 
%patch208 -p1 -b .CVE-2019-10097
e8122d 
%patch209 -p1 -b .CVE-2019-10098
68a0fa 
%patch210 -p1 -b .CVE-2020-9490
9364d6 
%patch211 -p1 -b .CVE-2020-11984
9364d6 
%patch212 -p1 -b .CVE-2020-11993
760d5c
af9b8b 
# Patch in the vendor string and the release string
af9b8b 
sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h
af9b8b 
sed -i 's/@RELEASE@/%{release}/' server/core.c
af9b8b
af9b8b 
# Prevent use of setcap in "install-suexec-caps" target.
af9b8b 
sed -i '/suexec/s,setcap ,echo Skipping setcap for ,' Makefile.in
af9b8b
af9b8b 
# Safety check: prevent build if defined MMN does not equal upstream MMN.
af9b8b 
vmmn=`echo MODULE_MAGIC_NUMBER_MAJOR | cpp -include include/ap_mmn.h | sed -n '/^2/p'`
af9b8b 
if test "x${vmmn}" != "x%{mmn}"; then
af9b8b 
   : Error: Upstream MMN is now ${vmmn}, packaged MMN is %{mmn}
af9b8b 
   : Update the mmn macro and rebuild.
af9b8b 
   exit 1
af9b8b 
fi
af9b8b
af9b8b 
: Building with MMN %{mmn}, MMN-ISA %{mmnisa} and vendor string '%{vstring}'
af9b8b
ad4e62 
# Provide default layout
ad4e62 
cp $RPM_SOURCE_DIR/config.layout .
ad4e62
af9b8b 
%build
af9b8b 
# forcibly prevent use of bundled apr, apr-util, pcre
af9b8b 
rm -rf srclib/{apr,apr-util,pcre}
af9b8b
af9b8b 
# regenerate configure scripts
af9b8b 
autoheader && autoconf || exit 1
af9b8b
af9b8b 
# Before configure; fix location of build dir in generated apxs
af9b8b 
%{__perl} -pi -e "s:\@exp_installbuilddir\@:%{_libdir}/httpd/build:g" \
af9b8b 
	support/apxs.in
af9b8b
af9b8b 
export CFLAGS=$RPM_OPT_FLAGS
af9b8b 
export LDFLAGS="-Wl,-z,relro,-z,now"
af9b8b
af9b8b 
# Hard-code path to links to avoid unnecessary builddep
af9b8b 
export LYNX_PATH=/usr/bin/links
af9b8b
af9b8b 
# Build the daemon
af9b8b 
./configure \
af9b8b 
 	--prefix=%{_sysconfdir}/httpd \
af9b8b 
 	--exec-prefix=%{_prefix} \
af9b8b 
 	--bindir=%{_bindir} \
af9b8b 
 	--sbindir=%{_sbindir} \
af9b8b 
 	--mandir=%{_mandir} \
af9b8b 
	--libdir=%{_libdir} \
af9b8b 
	--sysconfdir=%{_sysconfdir}/httpd/conf \
af9b8b 
	--includedir=%{_includedir}/httpd \
af9b8b 
	--libexecdir=%{_libdir}/httpd/modules \
af9b8b 
	--datadir=%{contentdir} \
af9b8b 
        --enable-layout=Fedora \
af9b8b 
        --with-installbuilddir=%{_libdir}/httpd/build \
af9b8b 
        --enable-mpms-shared=all \
af9b8b 
        --with-apr=%{apr_prefix} --with-apr-util=%{apr_prefix} \
af9b8b 
	--enable-suexec --with-suexec \
f0c688 
%if 0%{?rhel} >= 7
af9b8b 
        --enable-suexec-capabilities \
f0c688 
%endif
af9b8b 
	--with-suexec-caller=%{suexec_caller} \
af9b8b 
	--with-suexec-docroot=%{docroot} \
f0c688 
%if 0%{?rhel} >= 7
af9b8b 
	--without-suexec-logfile \
af9b8b 
        --with-suexec-syslog \
f0c688 
%else
f0c688 
	--with-suexec-logfile=%{_root_localstatedir}/log/httpd/suexec.log \
f0c688 
%endif
af9b8b 
	--with-suexec-bin=%{_sbindir}/suexec \
af9b8b 
	--with-suexec-uidmin=500 --with-suexec-gidmin=100 \
af9b8b 
        --enable-pie \
af9b8b 
        --with-pcre \
af9b8b 
        --enable-mods-shared=all \
af9b8b 
	--enable-ssl --with-ssl --disable-distcache \
6670f0 
%if 0%{?rhel} >= 7
6670f0 
	--enable-tls-alpn-thunks \
6670f0 
%endif
af9b8b 
	--enable-proxy \
af9b8b 
        --enable-cache \
af9b8b 
        --enable-disk-cache \
af9b8b 
        --enable-ldap --enable-authnz-ldap \
af9b8b 
        --enable-cgid --enable-cgi \
af9b8b 
        --enable-authn-anon --enable-authn-alias \
af9b8b 
        --disable-imagemap  \
e8122d 
%if %{enable_mod_md}
e8122d 
        --disable-md \
e8122d 
%endif
af9b8b 
	--localstatedir=%{_localstatedir}
af9b8b 
make %{?_smp_mflags}
af9b8b
af9b8b 
%install
af9b8b 
rm -rf $RPM_BUILD_ROOT
af9b8b
af9b8b 
make DESTDIR=$RPM_BUILD_ROOT install
af9b8b
af9b8b 
%if %{use_systemd}
af9b8b 
# Install systemd service files
af9b8b 
mkdir -p $RPM_BUILD_ROOT%{_unitdir}
af9b8b 
install -p -m 644 $RPM_SOURCE_DIR/httpd.service \
af9b8b 
        $RPM_BUILD_ROOT%{_unitdir}/%{httpd_service}
af9b8b 
install -p -m 644 $RPM_SOURCE_DIR/htcacheclean.service \
af9b8b 
        $RPM_BUILD_ROOT%{_unitdir}/%{htcacheclean_service}
af9b8b
af9b8b 
# Change the httpd.service paths
af9b8b 
sed -i 's|\$sbindir|%{_sbindir}|' \
af9b8b 
    $RPM_BUILD_ROOT%{_unitdir}/%{httpd_service}
af9b8b 
sed -i 's|\$sysconfdir|%{_sysconfdir}|' \
af9b8b 
    $RPM_BUILD_ROOT%{_unitdir}/%{httpd_service}
af9b8b 
sed -i 's|\$localstatedir|%{_localstatedir}|' \
af9b8b 
    $RPM_BUILD_ROOT%{_unitdir}/%{httpd_service}
33b929 
sed -i 's|\$sclscripts|%{?_scl_scripts}|' \
33b929 
    $RPM_BUILD_ROOT%{_unitdir}/%{httpd_service}
af9b8b
af9b8b 
# Change the htcacheclean.service paths
af9b8b 
sed -i 's|\$sbindir|%{_sbindir}|' \
af9b8b 
    $RPM_BUILD_ROOT%{_unitdir}/%{htcacheclean_service}
af9b8b 
sed -i 's|\$sysconfdir|%{_sysconfdir}|' \
af9b8b 
    $RPM_BUILD_ROOT%{_unitdir}/%{htcacheclean_service}
af9b8b 
sed -i 's|\$localstatedir|%{_localstatedir}|' \
af9b8b 
    $RPM_BUILD_ROOT%{_unitdir}/%{htcacheclean_service}
af9b8b 
sed -i 's|\$httpd_service|%{httpd_service}|' \
af9b8b 
    $RPM_BUILD_ROOT%{_unitdir}/%{htcacheclean_service}
33b929 
sed -i 's|\$sclscripts|%{?_scl_scripts}|' \
33b929 
    $RPM_BUILD_ROOT%{_unitdir}/%{htcacheclean_service}
af9b8b 
%else
af9b8b 
# install SYSV init stuff
af9b8b 
mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d
af9b8b 
install -m755 $RPM_SOURCE_DIR/httpd.init \
af9b8b 
	$RPM_BUILD_ROOT/etc/rc.d/init.d/%{httpd_init}
af9b8b 
install -m755 $RPM_SOURCE_DIR/htcacheclean.init \
af9b8b 
	$RPM_BUILD_ROOT/etc/rc.d/init.d/%{htcacheclean_init}
af9b8b
af9b8b 
# Change the httpd.init paths
af9b8b 
sed -i 's|\$sbindir|%{_sbindir}|' \
af9b8b 
    $RPM_BUILD_ROOT/etc/rc.d/init.d/%{httpd_init}
af9b8b 
sed -i 's|\$sysconfdir|%{_sysconfdir}|' \
af9b8b 
    $RPM_BUILD_ROOT/etc/rc.d/init.d/%{httpd_init}
af9b8b 
sed -i 's|\$localstatedir|%{_localstatedir}|' \
af9b8b 
    $RPM_BUILD_ROOT/etc/rc.d/init.d/%{httpd_init}
33b929 
sed -i 's|\$sclscripts|%{?_scl_scripts}|' \
33b929 
    $RPM_BUILD_ROOT/etc/rc.d/init.d/%{httpd_init}
af9b8b
af9b8b 
# Change the htcacheclean.init paths
af9b8b 
sed -i 's|\$sbindir|%{_sbindir}|' \
af9b8b 
    $RPM_BUILD_ROOT/etc/rc.d/init.d/%{htcacheclean_init}
af9b8b 
sed -i 's|\$sysconfdir|%{_sysconfdir}|' \
af9b8b 
    $RPM_BUILD_ROOT/etc/rc.d/init.d/%{htcacheclean_init}
af9b8b 
sed -i 's|\$localstatedir|%{_localstatedir}|' \
af9b8b 
    $RPM_BUILD_ROOT/etc/rc.d/init.d/%{htcacheclean_init}
33b929 
sed -i 's|\$sclscripts|%{?_scl_scripts}|' \
33b929 
    $RPM_BUILD_ROOT/etc/rc.d/init.d/%{htcacheclean_init}
af9b8b 
%endif
af9b8b
af9b8b 
# install conf file/directory
af9b8b 
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d \
af9b8b 
      $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d
af9b8b 
install -m 644 $RPM_SOURCE_DIR/README.confd \
af9b8b 
    $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/README
af9b8b 
for f in 00-base.conf 00-mpm.conf 00-lua.conf 01-cgi.conf 00-dav.conf \
af9b8b 
         00-proxy.conf 00-ssl.conf 01-ldap.conf 00-proxyhtml.conf \
f0c688 
%if %{use_systemd}
f0c688 
         00-systemd.conf \
f0c688 
%endif
f0c688 
         01-ldap.conf 01-session.conf 00-optional.conf; do
af9b8b 
  install -m 644 -p $RPM_SOURCE_DIR/$f \
af9b8b 
        $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/$f
af9b8b 
done
af9b8b
af9b8b 
for f in welcome.conf ssl.conf manual.conf userdir.conf; do
af9b8b 
  install -m 644 -p $RPM_SOURCE_DIR/$f \
af9b8b 
        $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
af9b8b 
	sed -i 's|\$localstatedir|%{_localstatedir}|' \
af9b8b 
		$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
af9b8b 
	sed -i 's|\$libexecdir|%{_libexecdir}|' \
af9b8b 
		$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
af9b8b 
	sed -i 's|\$datadir|%{_datadir}|' \
af9b8b 
		$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
f0c688 
  touch -r $RPM_SOURCE_DIR/$f \
f0c688 
        $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
af9b8b 
done
af9b8b
af9b8b 
# Split-out extra config shipped as default in conf.d:
af9b8b 
for f in autoindex; do
af9b8b 
  mv docs/conf/extra/httpd-${f}.conf \
af9b8b 
        $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/${f}.conf
af9b8b 
done
af9b8b
af9b8b 
# Extra config trimmed:
af9b8b 
rm -v docs/conf/extra/httpd-{ssl,userdir}.conf
af9b8b
af9b8b 
rm $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/*.conf
af9b8b 
install -m 644 -p $RPM_SOURCE_DIR/httpd.conf \
af9b8b 
   $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/httpd.conf
af9b8b 
sed -i 's|\$sysconfdir|%{_sysconfdir}|' \
af9b8b 
    $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/httpd.conf
af9b8b 
sed -i 's|\$localstatedir|%{_localstatedir}|' \
af9b8b 
    $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/httpd.conf
af9b8b
af9b8b
af9b8b 
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig
af9b8b 
for s in httpd htcacheclean; do
af9b8b 
  install -m 644 -p $RPM_SOURCE_DIR/${s}.sysconf \
af9b8b 
                    $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/${s}
af9b8b 
  sed -i 's|\$localstatedir|%{_localstatedir}|' \
af9b8b 
      $RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/${s}
af9b8b 
done
af9b8b
f0c688 
%if 0%{?rhel} < 7
f0c688 
sed -i 's|LANG|HTTPD_LANG|' \
f0c688 
	$RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/httpd
f0c688 
%endif
f0c688
af9b8b 
# tmpfiles.d configuration
af9b8b 
%if 0%{?rhel} >= 7 && ! %{?scl:1}0
af9b8b 
mkdir $RPM_BUILD_ROOT/etc/tmpfiles.d
af9b8b 
install -m 644 -p $RPM_SOURCE_DIR/httpd.tmpfiles \
af9b8b 
   $RPM_BUILD_ROOT/etc/tmpfiles.d/%{name}.conf
af9b8b 
sed -i 's|\$localstatedir|%{_localstatedir}|' \
af9b8b 
    $RPM_BUILD_ROOT/etc/tmpfiles.d/%{name}.conf
af9b8b 
%endif
af9b8b
af9b8b 
# Other directories
af9b8b 
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/dav \
69c05d 
         $RPM_BUILD_ROOT%{_localstatedir}/lib/httpd \
af9b8b 
         $RPM_BUILD_ROOT%{_localstatedir}/run/httpd/htcacheclean
af9b8b
af9b8b 
# Create cache directory
af9b8b 
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/cache/httpd \
af9b8b 
         $RPM_BUILD_ROOT%{_localstatedir}/cache/httpd/proxy \
af9b8b 
         $RPM_BUILD_ROOT%{_localstatedir}/cache/httpd/ssl
af9b8b
af9b8b 
# Make the MMN accessible to module packages
af9b8b 
echo %{mmnisa} > $RPM_BUILD_ROOT%{_includedir}/httpd/.mmn
af9b8b
f0c688 
# When building as SCL, use different prefix for macros
af9b8b 
%if %{?scl}0
af9b8b 
mkdir -p $RPM_BUILD_ROOT%{_root_sysconfdir}/rpm/
af9b8b 
cat > $RPM_BUILD_ROOT%{_root_sysconfdir}/rpm/macros.httpd24 <
af9b8b 
%%_httpd24_mmn %{mmnisa}
af9b8b 
%%_httpd24_apxs %{_bindir}/apxs
af9b8b 
%%_httpd24_modconfdir %{_sysconfdir}/httpd/conf.modules.d
af9b8b 
%%_httpd24_confdir %{_sysconfdir}/httpd/conf.d
af9b8b 
%%_httpd24_contentdir %{contentdir}
af9b8b 
%%_httpd24_moddir %{_libdir}/httpd/modules
af9b8b 
EOF
af9b8b 
%else
af9b8b 
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rpm
af9b8b 
cat > $RPM_BUILD_ROOT%{_sysconfdir}/rpm/macros.httpd <
af9b8b 
%%_httpd_mmn %{mmnisa}
af9b8b 
%%_httpd_apxs %%{_bindir}/apxs
af9b8b 
%%_httpd_modconfdir %%{_sysconfdir}/httpd/conf.modules.d
af9b8b 
%%_httpd_confdir %%{_sysconfdir}/httpd/conf.d
af9b8b 
%%_httpd_contentdir %{contentdir}
af9b8b 
%%_httpd_moddir %%{_libdir}/httpd/modules
af9b8b 
EOF
af9b8b 
%endif
af9b8b
af9b8b 
# Handle contentdir
af9b8b 
mkdir $RPM_BUILD_ROOT%{contentdir}/noindex
af9b8b 
install -m 644 -p $RPM_SOURCE_DIR/index.html \
af9b8b 
        $RPM_BUILD_ROOT%{contentdir}/noindex/index.html
af9b8b 
rm -rf %{contentdir}/htdocs
af9b8b
af9b8b 
# remove manual sources
af9b8b 
find $RPM_BUILD_ROOT%{contentdir}/manual \( \
af9b8b 
    -name \*.xml -o -name \*.xml.* -o -name \*.ent -o -name \*.xsl -o -name \*.dtd \
af9b8b 
    \) -print0 | xargs -0 rm -f
af9b8b
af9b8b 
# Strip the manual down just to English and replace the typemaps with flat files:
af9b8b 
set +x
af9b8b 
for f in `find $RPM_BUILD_ROOT%{contentdir}/manual -name \*.html -type f`; do
af9b8b 
   if test -f ${f}.en; then
af9b8b 
      cp ${f}.en ${f}
af9b8b 
      rm ${f}.*
af9b8b 
   fi
af9b8b 
done
af9b8b 
set -x
af9b8b
af9b8b 
# Clean Document Root
af9b8b 
rm -v $RPM_BUILD_ROOT%{docroot}/html/*.html \
af9b8b 
      $RPM_BUILD_ROOT%{docroot}/cgi-bin/*
af9b8b
af9b8b 
# Symlink for the powered-by-$DISTRO image:
af9b8b 
ln -s /usr/share/pixmaps/poweredby.png \
af9b8b 
        $RPM_BUILD_ROOT%{contentdir}/icons/poweredby.png
af9b8b
af9b8b 
# symlinks for /etc/httpd
ad4e62 
rmdir $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/{state,run}
af9b8b 
ln -s %{httpd_logdir} $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/logs
69c05d 
ln -s %{_localstatedir}/lib/httpd $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/state
af9b8b 
ln -s %{_localstatedir}/run/httpd $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/run
af9b8b 
ln -s %{_libdir}/httpd/modules $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/modules
af9b8b
af9b8b 
# install http-ssl-pass-dialog
af9b8b 
mkdir -p $RPM_BUILD_ROOT/%{_libexecdir}
af9b8b 
install -m755 $RPM_SOURCE_DIR/httpd-ssl-pass-dialog \
af9b8b 
	$RPM_BUILD_ROOT/%{_libexecdir}/httpd-ssl-pass-dialog
af9b8b
af9b8b 
%if %{use_systemd}
af9b8b 
# Install action scripts
33b929 
mkdir -p $RPM_BUILD_ROOT/%{_root_libexecdir}/initscripts/legacy-actions/%{?scl:%scl_prefix}httpd
af9b8b 
for f in graceful configtest; do
af9b8b 
	install -p -m 755 $RPM_SOURCE_DIR/action-${f}.sh \
33b929 
			$RPM_BUILD_ROOT/%{_root_libexecdir}/initscripts/legacy-actions/%{?scl:%scl_prefix}httpd/${f}
3fd4d8 
	sed -i 's|\$sbindir|%{_sbindir}|;s|\$sysconfdir|%{_sysconfdir}/sysconfig|' \
33b929 
		$RPM_BUILD_ROOT/%{_root_libexecdir}/initscripts/legacy-actions/%{?scl:%scl_prefix}httpd/${f}
af9b8b 
done
af9b8b 
%endif
af9b8b
af9b8b 
# Install logrotate config
af9b8b 
mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d
af9b8b 
install -m 644 -p $RPM_SOURCE_DIR/httpd.logrotate \
af9b8b 
	$RPM_BUILD_ROOT/etc/logrotate.d/%{httpd_logrotate}
af9b8b
af9b8b 
# Change the httpd logrotate script paths
af9b8b 
sed -i 's|\$httpd_service|%{name}|' \
af9b8b 
    $RPM_BUILD_ROOT/etc/logrotate.d/%{httpd_logrotate}
af9b8b 
sed -i 's|\$logdir|%{httpd_logdir}|' \
af9b8b 
    $RPM_BUILD_ROOT/etc/logrotate.d/%{httpd_logrotate}
af9b8b
af9b8b 
# fix man page paths
af9b8b 
sed -e "s|/usr/local/apache2/conf/httpd.conf|/etc/httpd/conf/httpd.conf|" \
af9b8b 
    -e "s|/usr/local/apache2/conf/mime.types|/etc/mime.types|" \
af9b8b 
    -e "s|/usr/local/apache2/conf/magic|/etc/httpd/conf/magic|" \
af9b8b 
    -e "s|/usr/local/apache2/logs/error_log|%{httpd_logdir}/error_log|" \
af9b8b 
    -e "s|/usr/local/apache2/logs/access_log|%{httpd_logdir}/access_log|" \
af9b8b 
    -e "s|/usr/local/apache2/logs/httpd.pid|%{_localstatedir}/run/httpd/httpd.pid|" \
af9b8b 
    -e "s|/usr/local/apache2|/etc/httpd|" < docs/man/httpd.8 \
af9b8b 
  > $RPM_BUILD_ROOT%{_mandir}/man8/httpd.8
af9b8b
af9b8b 
# Make ap_config_layout.h libdir-agnostic
af9b8b 
sed -i '/.*DEFAULT_..._LIBEXECDIR/d;/DEFAULT_..._INSTALLBUILDDIR/d' \
af9b8b 
    $RPM_BUILD_ROOT%{_includedir}/httpd/ap_config_layout.h
af9b8b
af9b8b 
# Fix path to instdso in special.mk
af9b8b 
sed -i '/instdso/s,top_srcdir,top_builddir,' \
af9b8b 
    $RPM_BUILD_ROOT%{_libdir}/httpd/build/special.mk
af9b8b
af9b8b 
# Remove unpackaged files
af9b8b 
rm -vf \
af9b8b 
      $RPM_BUILD_ROOT%{_libdir}/*.exp \
af9b8b 
      $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/mime.types \
af9b8b 
      $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.exp \
af9b8b 
      $RPM_BUILD_ROOT%{_libdir}/httpd/build/config.nice \
33b929 
      $RPM_BUILD_ROOT%{_bindir}/{ap?-config,dbmmanage} \
af9b8b 
      $RPM_BUILD_ROOT%{_sbindir}/{checkgid,dbmmanage,envvars*} \
af9b8b 
      $RPM_BUILD_ROOT%{contentdir}/htdocs/* \
af9b8b 
      $RPM_BUILD_ROOT%{_mandir}/man1/dbmmanage.* \
af9b8b 
      $RPM_BUILD_ROOT%{contentdir}/cgi-bin/*
af9b8b
af9b8b 
rm -rf $RPM_BUILD_ROOT/%{_sysconfdir}/httpd/conf/{original,extra}
af9b8b
af9b8b 
# Make suexec a+rw so it can be stripped.  %%files lists real permissions
af9b8b 
chmod 755 $RPM_BUILD_ROOT%{_sbindir}/suexec
af9b8b
f0c688 
%if %{use_systemd}
33b929 
install -pm 0755 %{SOURCE29} %{buildroot}%{_sbindir}/httpd-scl-wrapper
f0c688 
%endif
f0c688
f0c688 
# replace $sbindir in apachectl with right path
f0c688 
sed -i 's|\$sbindir|%{_sbindir}|' \
f0c688 
    %{buildroot}%{_sbindir}/apachectl
33b929
af9b8b 
%pre
6670f0 
# Add the "apache" group and user
6670f0 
/usr/sbin/groupadd -g 48 -r apache 2> /dev/null || :
6670f0 
/usr/sbin/useradd -c "Apache" -u 48 -g apache \
af9b8b 
	-s /sbin/nologin -r -d %{contentdir} apache 2> /dev/null || :
af9b8b
af9b8b 
%post
f0c688 
%if 0%{?rhel} < 7
f0c688 
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
f0c688 
%endif
f0c688
af9b8b 
%if %{use_systemd}
af9b8b 
%systemd_post %{httpd_service} %{htcacheclean_service}
f0c688
3fd4d8 
semanage fcontext -a -t httpd_exec_t "%{_root_sbindir}/httpd-scl-wrapper" >/dev/null 2>&1 || :
f0c688 
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
af9b8b 
%else
af9b8b 
# Register the httpd service
af9b8b 
/sbin/chkconfig --add %{?scl:%scl_prefix}httpd
af9b8b 
/sbin/chkconfig --add %{?scl:%scl_prefix}htcacheclean
f0c688
f0c688 
semanage fcontext -a -e /etc/rc.d/init.d/httpd /etc/rc.d/init.d/httpd24-httpd >/dev/null 2>&1 || :
f0c688 
restorecon -R /etc/rc.d/init.d/httpd24-httpd >/dev/null 2>&1 || :
f0c688
f0c688 
semanage fcontext -a -e /etc/rc.d/init.d/htcacheclean /etc/rc.d/init.d/httpd24-htcacheclean >/dev/null 2>&1 || :
f0c688 
restorecon -R /etc/rc.d/init.d/httpd24-htcacheclean >/dev/null 2>&1 || :
af9b8b 
%endif
f0c688
af9b8b 
semanage fcontext -a -e /var/log/httpd %{httpd_logdir} >/dev/null 2>&1 || :
af9b8b 
restorecon -R %{httpd_logdir} >/dev/null 2>&1 || :
af9b8b
af9b8b 
%preun
af9b8b 
%if %{use_systemd}
af9b8b 
%systemd_preun %{httpd_service} %{htcacheclean_service}
af9b8b 
%else
af9b8b 
if [ $1 = 0 ]; then
af9b8b 
	/sbin/service %{?scl:%scl_prefix}httpd stop > /dev/null 2>&1 || :
af9b8b 
	/sbin/chkconfig --del %{?scl:%scl_prefix}httpd || :
af9b8b 
	/sbin/service %{?scl:%scl_prefix}htcacheclean stop > /dev/null 2>&1 || :
af9b8b 
	/sbin/chkconfig --del %{?scl:%scl_prefix}htcacheclean || :
af9b8b 
fi
af9b8b 
%endif
af9b8b
af9b8b 
%postun
af9b8b 
%if %{use_systemd}
af9b8b 
%systemd_postun
af9b8b 
%else
af9b8b 
/sbin/service %{?scl:%scl_prefix}httpd condrestart >/dev/null 2>&1 || :
af9b8b 
%endif
af9b8b
af9b8b 
%posttrans
af9b8b 
%if %{use_systemd}
af9b8b 
test -f %{_sysconfdir}/sysconfig/httpd-disable-posttrans || \
af9b8b 
  /bin/systemctl try-restart %{httpd_service} %{htcacheclean_service} >/dev/null 2>&1 || :
f0c688 
%else
f0c688 
test -f %{_sysconfdir}/sysconfig/httpd-disable-posttrans || \
f0c688 
  /sbin/service %{?scl:%scl_prefix}httpd condrestart >/dev/null 2>&1 || :
f0c688 
test -f %{_sysconfdir}/sysconfig/httpd-disable-posttrans || \
f0c688 
  /sbin/service %{?scl:%scl_prefix}htcacheclean condrestart >/dev/null 2>&1 || :
af9b8b 
%endif
af9b8b
af9b8b 
%define sslcert %{_root_sysconfdir}/pki/tls/certs/localhost.crt
af9b8b 
%define sslkey %{_root_sysconfdir}/pki/tls/private/localhost.key
af9b8b
af9b8b 
%post -n %{?scl:%scl_prefix}mod_ssl
f0c688 
%if 0%{?rhel} < 7
f0c688 
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
f0c688 
%endif
af9b8b 
umask 077
af9b8b
af9b8b 
if [ -f %{sslkey} -o -f %{sslcert} ]; then
af9b8b 
   exit 0
af9b8b 
fi
af9b8b
33b929 
%{_root_bindir}/openssl genrsa -rand /proc/apm:/proc/cpuinfo:/proc/dma:/proc/filesystems:/proc/interrupts:/proc/ioports:/proc/pci:/proc/rtc:/proc/uptime 2048 > %{sslkey} 2> /dev/null
af9b8b
af9b8b 
FQDN=`hostname`
3fd4d8 
# A >59 char FQDN means "root@FQDN" exceeds 64-char max length for emailAddress
3fd4d8 
if [ "x${FQDN}" = "x" -o ${#FQDN} -gt 59 ]; then
af9b8b 
   FQDN=localhost.localdomain
af9b8b 
fi
af9b8b
af9b8b 
cat << EOF | %{_root_bindir}/openssl req -new -key %{sslkey} \
33b929 
         -x509 -sha256 -days 365 -set_serial $RANDOM -extensions v3_req \
af9b8b 
         -out %{sslcert} 2>/dev/null
af9b8b 
--
af9b8b 
SomeState
af9b8b 
SomeCity
af9b8b 
SomeOrganization
af9b8b 
SomeOrganizationalUnit
af9b8b 
${FQDN}
af9b8b 
root@${FQDN}
af9b8b 
EOF
af9b8b
f0c688 
%if 0%{?rhel} < 7
f0c688 
%post tools
f0c688 
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
f0c688
f0c688 
%post manual
f0c688 
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
f0c688
f0c688 
%post -n %{?scl:%scl_prefix}mod_proxy_html
f0c688 
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
f0c688
f0c688 
%post -n %{?scl:%scl_prefix}mod_ldap
f0c688 
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
f0c688
f0c688 
%post -n %{?scl:%scl_prefix}mod_session
f0c688 
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
f0c688
f0c688 
%post devel
f0c688 
restorecon -R %{_scl_root} >/dev/null 2>&1 || :
f0c688 
%endif
f0c688
af9b8b 
%check
af9b8b 
# Check the built modules are all PIC
af9b8b 
if readelf -d $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.so | grep TEXTREL; then
af9b8b 
   : modules contain non-relocatable code
af9b8b 
   exit 1
af9b8b 
fi
3fd4d8 
set +x
3fd4d8 
rv=0
f0c688 
# Ensure every mod_* that's built is loaded.
f0c688 
for f in $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.so; do
f0c688 
  m=${f##*/}
f0c688 
  if ! grep -q $m $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/*.conf; then
f0c688 
    echo ERROR: Module $m not configured.  Disable it, or load it.
3fd4d8 
    rv=1
3fd4d8 
  fi
3fd4d8 
done
3fd4d8 
# Ensure every loaded mod_* is actually built
3fd4d8 
mods=`grep -h ^LoadModule $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/*.conf | sed 's,.*modules/,,'`
3fd4d8 
for m in $mods; do
3fd4d8 
  f=$RPM_BUILD_ROOT%{_libdir}/httpd/modules/${m}
3fd4d8 
  if ! test -x $f; then
3fd4d8 
    echo ERROR: Module $m is configured but not built.
3fd4d8 
    rv=1
f0c688 
  fi
f0c688 
done
3fd4d8 
set -x
3fd4d8 
exit $rv
af9b8b
af9b8b 
%clean
af9b8b 
rm -rf $RPM_BUILD_ROOT
af9b8b
af9b8b 
%files
af9b8b 
%defattr(-,root,root)
af9b8b
af9b8b 
%doc ABOUT_APACHE README CHANGES LICENSE VERSIONING NOTICE
af9b8b 
%doc docs/conf/extra/*.conf
af9b8b
af9b8b 
%dir %{_sysconfdir}/httpd
af9b8b 
%{_sysconfdir}/httpd/modules
af9b8b 
%{_sysconfdir}/httpd/logs
69c05d 
%{_sysconfdir}/httpd/state
af9b8b 
%{_sysconfdir}/httpd/run
af9b8b 
%dir %{_sysconfdir}/httpd/conf
af9b8b 
%config(noreplace) %{_sysconfdir}/httpd/conf/httpd.conf
af9b8b 
%config(noreplace) %{_sysconfdir}/httpd/conf/magic
af9b8b
af9b8b 
%config(noreplace) /etc/logrotate.d/%{httpd_logrotate}
af9b8b
af9b8b 
%dir %{_sysconfdir}/httpd/conf.d
af9b8b 
%{_sysconfdir}/httpd/conf.d/README
af9b8b 
%config(noreplace) %{_sysconfdir}/httpd/conf.d/*.conf
af9b8b 
%exclude %{_sysconfdir}/httpd/conf.d/ssl.conf
af9b8b 
%exclude %{_sysconfdir}/httpd/conf.d/manual.conf
af9b8b
af9b8b 
%dir %{_sysconfdir}/httpd/conf.modules.d
af9b8b 
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/*.conf
af9b8b 
%exclude %{_sysconfdir}/httpd/conf.modules.d/00-ssl.conf
af9b8b 
%exclude %{_sysconfdir}/httpd/conf.modules.d/00-proxyhtml.conf
af9b8b 
%exclude %{_sysconfdir}/httpd/conf.modules.d/01-ldap.conf
af9b8b 
%exclude %{_sysconfdir}/httpd/conf.modules.d/01-session.conf
af9b8b
af9b8b 
%config(noreplace) %{_sysconfdir}/sysconfig/httpd
af9b8b 
%config(noreplace) %{_sysconfdir}/sysconfig/htcacheclean
af9b8b 
%if 0%{?rhel} >= 7 && ! %{?scl:1}0
af9b8b 
%config /etc/tmpfiles.d/%{name}.conf
af9b8b 
%endif
af9b8b
af9b8b 
%if %{use_systemd}
af9b8b 
%dir %{_root_libexecdir}/initscripts/legacy-actions/%{?scl:%scl_prefix}httpd
af9b8b 
%{_root_libexecdir}/initscripts/legacy-actions/%{?scl:%scl_prefix}httpd/*
af9b8b 
%endif
af9b8b
f0c688 
%if %{use_systemd}
f0c688 
%dir %{_root_libexecdir}/initscripts/legacy-actions/%{?scl:%scl_prefix}httpd
f0c688 
%{_root_libexecdir}/initscripts/legacy-actions/%{?scl:%scl_prefix}httpd/*
f0c688 
%endif
f0c688
af9b8b 
%{_sbindir}/ht*
af9b8b 
%{_sbindir}/fcgistarter
af9b8b 
%{_sbindir}/apachectl
af9b8b 
%{_sbindir}/rotatelogs
f0c688 
%if 0%{?rhel} >= 7
33b929 
%{_sbindir}/httpd-scl-wrapper
af9b8b 
%caps(cap_setuid,cap_setgid+pe) %attr(510,root,%{suexec_caller}) %{_sbindir}/suexec
f0c688 
%else
f0c688 
%attr(4510,root,%{suexec_caller}) %{_sbindir}/suexec
f0c688 
%endif
af9b8b
af9b8b 
%dir %{_libdir}/httpd
af9b8b 
%dir %{_libdir}/httpd/modules
af9b8b 
%{_libdir}/httpd/modules/mod*.so
af9b8b 
%exclude %{_libdir}/httpd/modules/mod_auth_form.so
af9b8b 
%exclude %{_libdir}/httpd/modules/mod_ssl.so
af9b8b 
%exclude %{_libdir}/httpd/modules/mod_*ldap.so
af9b8b 
%exclude %{_libdir}/httpd/modules/mod_proxy_html.so
af9b8b 
%exclude %{_libdir}/httpd/modules/mod_xml2enc.so
af9b8b 
%exclude %{_libdir}/httpd/modules/mod_session*.so
af9b8b
af9b8b 
%dir %{contentdir}
af9b8b 
%dir %{contentdir}/icons
af9b8b 
%dir %{contentdir}/error
af9b8b 
%dir %{contentdir}/error/include
af9b8b 
%dir %{contentdir}/noindex
af9b8b 
%{contentdir}/icons/*
af9b8b 
%{contentdir}/error/README
af9b8b 
%{contentdir}/error/*.var
af9b8b 
%{contentdir}/error/include/*.html
af9b8b 
%{contentdir}/noindex/index.html
af9b8b
af9b8b 
%dir %{docroot}
af9b8b 
%dir %{docroot}/cgi-bin
af9b8b 
%dir %{docroot}/html
af9b8b
af9b8b 
%attr(0710,root,apache) %dir %{_localstatedir}/run/httpd
af9b8b 
%attr(0700,apache,apache) %dir %{_localstatedir}/run/httpd/htcacheclean
af9b8b 
%attr(0700,root,root) %dir %{httpd_logdir}
af9b8b 
%attr(0700,apache,apache) %dir %{_localstatedir}/lib/dav
69c05d 
%attr(0700,apache,apache) %dir %{_localstatedir}/lib/httpd
af9b8b 
%attr(0700,apache,apache) %dir %{_localstatedir}/cache/httpd
af9b8b 
%attr(0700,apache,apache) %dir %{_localstatedir}/cache/httpd/proxy
af9b8b
af9b8b 
%{_mandir}/man8/*
af9b8b
af9b8b 
%if %{use_systemd}
af9b8b 
%{_unitdir}/*.service
af9b8b 
%else
af9b8b 
/etc/rc.d/init.d/%{httpd_init}
af9b8b 
/etc/rc.d/init.d/%{htcacheclean_init}
af9b8b 
%endif
af9b8b
af9b8b 
%files tools
af9b8b 
%defattr(-,root,root)
af9b8b 
%{_bindir}/*
af9b8b 
%{_mandir}/man1/*
af9b8b 
%doc LICENSE NOTICE
af9b8b 
%exclude %{_bindir}/apxs
af9b8b 
%exclude %{_mandir}/man1/apxs.1*
af9b8b
af9b8b 
%files manual
af9b8b 
%defattr(-,root,root)
af9b8b 
%{contentdir}/manual
af9b8b 
%config(noreplace) %{_sysconfdir}/httpd/conf.d/manual.conf
af9b8b
af9b8b 
%files -n %{?scl:%scl_prefix}mod_ssl
af9b8b 
%defattr(-,root,root)
af9b8b 
%{_libdir}/httpd/modules/mod_ssl.so
af9b8b 
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/00-ssl.conf
af9b8b 
%config(noreplace) %{_sysconfdir}/httpd/conf.d/ssl.conf
af9b8b 
%attr(0700,apache,root) %dir %{_localstatedir}/cache/httpd/ssl
af9b8b 
%{_libexecdir}/httpd-ssl-pass-dialog
af9b8b
af9b8b 
%files -n %{?scl:%scl_prefix}mod_proxy_html
af9b8b 
%defattr(-,root,root)
af9b8b 
%{_libdir}/httpd/modules/mod_proxy_html.so
af9b8b 
%{_libdir}/httpd/modules/mod_xml2enc.so
af9b8b 
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/00-proxyhtml.conf
af9b8b
af9b8b 
%files -n %{?scl:%scl_prefix}mod_ldap
af9b8b 
%defattr(-,root,root)
af9b8b 
%{_libdir}/httpd/modules/mod_*ldap.so
af9b8b 
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/01-ldap.conf
af9b8b
af9b8b 
%files -n %{?scl:%scl_prefix}mod_session
af9b8b 
%defattr(-,root,root)
af9b8b 
%{_libdir}/httpd/modules/mod_session*.so
af9b8b 
%{_libdir}/httpd/modules/mod_auth_form.so
af9b8b 
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/01-session.conf
af9b8b
af9b8b 
%files devel
af9b8b 
%defattr(-,root,root)
af9b8b 
%{_includedir}/httpd
af9b8b 
%{_bindir}/apxs
af9b8b 
%{_mandir}/man1/apxs.1*
af9b8b 
%dir %{_libdir}/httpd/build
af9b8b 
%{_libdir}/httpd/build/*.mk
af9b8b 
%{_libdir}/httpd/build/*.sh
af9b8b 
%if %{?scl}0
af9b8b 
%{_root_sysconfdir}/rpm/macros.httpd24
af9b8b 
%else
af9b8b 
%{_sysconfdir}/rpm/macros.httpd
af9b8b 
%endif
af9b8b
af9b8b 
%changelog
9364d6 
* Mon Sep 21 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-22
9364d6 
- Resolves: #1869076 - CVE-2020-11984 httpd24-httpd: httpd: mod_proxy_uswgi
9364d6 
  buffer overflow
9364d6 
- Resolves: #1607737 - TCP healthchecks failing falsely / not actually checking
9364d6 
- Resolves: #1869078 - CVE-2020-11993 httpd24-httpd: httpd: mod_http2 concurrent
9364d6 
  pool usage
9364d6
9364d6 
* Wed Sep 02 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-21
9364d6 
- Resolves: #1637891 - RHSCL httpd : mod_proxy should allow to specify
9364d6 
  Proxy-Authorization in ProxyRemote directive
9364d6
9364d6 
* Mon Aug 31 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-20
9364d6 
- Resolves: #1869069 - CVE-2020-9490 httpd24-httpd: httpd: Push diary crash
9364d6 
  on specifically crafted HTTP/2 header
9364d6
9364d6 
* Thu Jul 30 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-19
9364d6 
- Resolves: #1823836 - Backport of SessionExpiryUpdateInterval directive
9364d6 
- Resolves: #1600579 - mod_proxy_hcheck Doesn't perform checks in VirtualHost
9364d6 
- Resolves: #1809494 - Backport Apache Bug 53098 - mod_proxy_ajp: patch to set
9364d6 
  worker secret passed to tomcat
9364d6 
- Resolves: #1828812 - httpd response contains garbage in Content-Type header
68a0fa
e8122d 
* Tue Mar 17 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-18
e8122d 
- Related: #1743959 (CVE-2019-10098) - CVE-2019-10098 httpd: mod_rewrite
e8122d 
  potential open redirect
e8122d
e8122d 
* Mon Feb 03 2020 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-16
e8122d 
- remove bundled mod_md module
e8122d 
- Resolves: #1788976 - RFE: updated collection for httpd 2.4
e8122d 
- Resolves: #1743959 (CVE-2019-10098) - CVE-2019-10098 httpd: mod_rewrite
e8122d 
  potential open redirect
e8122d
ad4e62 
* Wed Nov 13 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-15
ad4e62 
- Related: #1725922 - duplicated cookie in Apache httpd with mod_session
ad4e62
ad4e62 
* Tue Oct 08 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-14
ad4e62 
- Resolves: #1743996 (CVE-2019-10097) - CVE-2019-10097 httpd: null-pointer
ad4e62 
  dereference in mod_remoteip
ad4e62 
- Resolves: #1747282 - CVE-2019-10092 httpd24-httpd: httpd: limited cross-site
ad4e62 
  scripting in mod_proxy error page
ad4e62
ad4e62 
* Tue Oct 08 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-13
ad4e62 
- Resolves: #1744120 - Unexpected OCSP in proxy SSL connection
ad4e62
ad4e62 
* Fri Oct 04 2019 Joe Orton <jorton@redhat.com> - 2.4.34-12
ad4e62 
- Resolves: #1725922 - duplicated cookie in Apache httpd with mod_session
ad4e62
ad4e62 
* Tue Sep 24 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-11
ad4e62 
- Resolves: #1678567 (CVE-2018-17189) - CVE-2018-17189 httpd: mod_http2:
ad4e62 
  DoS via slow, unneeded request bodies
ad4e62
ad4e62 
* Wed Aug 28 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-10
ad4e62 
- Resolves: #1745695 - CVE-2019-9511 httpd24-httpd: HTTP/2: large amount of
ad4e62 
  data request leads to denial of service
ad4e62 
- Resolves: #1745680 - CVE-2019-9516 httpd24-httpd: HTTP/2: 0-length headers
376e24 
  leads to denial of service
ad4e62 
- Resolves: #1745683 - CVE-2019-9517 httpd24-httpd: HTTP/2: request for large
376e24 
  response leads to denial of service
376e24
ad4e62 
* Wed Aug 07 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-9
ad4e62 
- Resolves: #1696140 - CVE-2019-0217 httpd24-httpd: httpd: mod_auth_digest:
ad4e62 
  access control bypass due to race condition
ad4e62 
- Resolves: #1696095 - CVE-2019-0220 httpd24-httpd: httpd: URL normalization
ad4e62 
  inconsistency
ad4e62 
- Resolves: #1677498 - CVE-2018-17199 httpd24-httpd: httpd: mod_session_cookie
ad4e62 
  does not respect expiry time
ad4e62 
- Resolves: #1707636 - fix a regression introduced in r1740928
ad4e62 
- Resolves: #1669213 - `ExtendedStatus Off` directive when using mod_systemd
ad4e62 
  causes systemctl to hang
ad4e62 
- Resolves: #1673019 - httpd can not be started with mod_md enabled
ad4e62
376e24 
* Wed Apr 03 2019 Lubos Uhliarik <luhliari@redhat.com> - 2.4.34-8
376e24 
- Resolves: #1695429 - CVE-2019-0211 httpd24-httpd: httpd: privilege escalation
a68583 
  from modules scripts
a68583
69c05d 
* Tue Nov 06 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.34-7
69c05d 
- Resolves: #1646937 - Unable to start httpd
69c05d 
- Resolves: #1638711 - comments should be allowed at the end of Allow from
69c05d 
  statements
69c05d
69c05d 
* Wed Oct 31 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.34-6
69c05d 
- Resolves: #1644643 - httpd 2.4.34 regressions
69c05d
69c05d 
* Thu Oct 25 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.34-5
69c05d 
- Resolves: #1640722 - mod_md is missing in httpd24-httpd
69c05d 
- Resolves: #1635838 - CVE-2018-11763 httpd24-httpd: httpd:
69c05d 
  DoS for HTTP/2 connections by continuous SETTINGS
69c05d
69c05d 
* Thu Sep 27 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.34-3
69c05d 
- Resolves: #1633260 - mod_session missing apr-util-openssl
69c05d
69c05d 
* Thu Sep 13 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.34-2
69c05d 
- Resolves: #1540167 - provides without httpd24 pre/in-fix
69c05d
69c05d 
* Thu Jul 19 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.34-1
69c05d 
- update to version 2.4.34
69c05d 
- removed upstread Fedora layout
69c05d 
- load mod_proxy_uwsgi by default
69c05d
69c05d 
* Wed May 02 2018 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-9
69c05d 
- Resolves: #1518737 - HTTP/2 connections hang and timeout
7be15e
6670f0 
* Wed Sep 20 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-8
6670f0 
- Resolves: #1480506 - mod_authz_dbd segfaults when AuthzDBDQuery missing
6670f0
6670f0 
* Mon Sep 18 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-7
6670f0 
- Related: #1487164 - apache user is not created during httpd
6670f0 
  installation when apache group already exist with GID other than 48
6670f0
6670f0 
* Tue Sep 12 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-6
6670f0 
- Resolves: #1490947 - CVE-2017-9798 httpd: Use-after-free by limiting
6670f0 
  unregistered HTTP method
6670f0
6670f0 
* Wed Sep 06 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-5
6670f0 
- Resolves: #1488541 - rotatelogs %Z does not use correct timezone
6670f0 
  respecting DST
6670f0
6670f0 
* Thu Aug 31 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-4
6670f0 
- Resolves: #1486832 - RFE: run mod_rewrite external mapping program as non-root
6670f0
6670f0 
* Thu Aug 31 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-3
6670f0 
- Resolves: #1486843 - apache user is not created during httpd
6670f0 
  installation when apache group already exist
6670f0 
- Resolves: #1487164 - apache user is not created during httpd
6670f0 
  installation when apache group already exist with GID other than 48
6670f0
6670f0 
* Tue Aug 08 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-2
6670f0 
- Resolves: #1475450 - update apr_skiplist to current APR code
6670f0
6670f0 
* Mon Jul 31 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.27-1
6670f0 
- new version 2.4.27
6670f0
6670f0 
* Wed Jul 26 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.26-5
6670f0 
- Resolves: #1472846 - CVE-2017-9788 CVE-2017-9789 httpd24-httpd: various flaws
6670f0 
- updated mod_systemd patch
6670f0
6670f0 
* Mon Jun 26 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.26-4
6670f0 
- Resolves: #1440858 - graceful start of stopped service fail
6670f0
6670f0 
* Fri Jun 23 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.26-3
6670f0 
- Resolves: #1418395 - httpd stop prints failure if service already stopped
6670f0
6670f0 
* Thu Jun 22 2017 Joe Orton <jorton@redhat.com> - 2.4.26-2
6670f0 
- mod_ssl: add support for ALPN if newer OpenSSL loaded (#1327548)
6670f0
6670f0 
* Mon Jun 19 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.26-1
6670f0 
- Resolves: #1461819 - RFE: rebase httpd to 2.4.26
6670f0
6670f0 
* Wed May 24 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.25-12
6670f0 
- rebuild
760d5c
3fd4d8 
* Fri Mar 24 2017 Joe Orton <jorton@redhat.com> - 2.4.25-9
3fd4d8 
- link only httpd, not support/* against -lselinux -lsystemd (#1433474)
3fd4d8 
- don't enable SO_REUSEPORT in default configuration (#1432249)
3fd4d8
3fd4d8 
* Thu Mar  2 2017 Joe Orton <jorton@redhat.com> - 2.4.25-8
3fd4d8 
- always require policycoreutils; fail silently if SELinux is disabled (#1376738)
3fd4d8
3fd4d8 
* Thu Mar  2 2017 Joe Orton <jorton@redhat.com> - 2.4.25-7
3fd4d8 
- run restorecon during apxs -i (#1093057)
3fd4d8
3fd4d8 
* Thu Mar  2 2017 Joe Orton <jorton@redhat.com> - 2.4.25-6
3fd4d8 
- fix legacy systemd actions (#1329639)
3fd4d8
3fd4d8 
* Thu Mar  2 2017 Joe Orton <jorton@redhat.com> - 2.4.25-5
3fd4d8 
- mod_proxy_fcgi: revert to pre-2.4.23 SCRIPT_FILENAME mangling (#1414037)
3fd4d8 
- mod_proxy: fix regression in per-dir ProxyPass (#1417482)
3fd4d8
3fd4d8 
* Fri Jan 20 2017 Joe Orton <jorton@redhat.com> - 2.4.25-4
3fd4d8 
- mod_watchdog: fix pool lifetime issue (#1410883)
3fd4d8
3fd4d8 
* Fri Jan 20 2017 Joe Orton <jorton@redhat.com> - 2.4.25-3
3fd4d8 
- update systemd library detection
3fd4d8
3fd4d8 
* Fri Jan 20 2017 Joe Orton <jorton@redhat.com> - 2.4.25-2
3fd4d8 
- merge default config changes from Fedora
3fd4d8 
- mod_ssl: use "localhost" in the dummy SSL cert if len(FQDN) > 59 chars
3fd4d8
3fd4d8 
* Thu Jan 12 2017 Luboš Uhliarik <luhliari@redhat.com> - 2.4.25-1
3fd4d8 
- Resolves: #1404778 - RFE: update httpd24 collection
3fd4d8
f5da3f 
* Wed Jul 13 2016 Joe Orton <jorton@redhat.com> - 2.4.18-11
f5da3f 
- add security fix for CVE-2016-5387
f5da3f 
- mod_ssl: add security fix for CVE-2016-4979
f5da3f
f0c688 
* Fri Apr 15 2016 Joe Orton <jorton@redhat.com> - 2.4.18-10
f0c688 
- load more built modules (including mod_http2) by default (#1302653)
f0c688 
- lower log-level for mod_ssl NPN debugging (#1302653)
f0c688
f0c688 
* Thu Apr 14 2016 Joe Orton <jorton@redhat.com> - 2.4.18-9
f0c688 
- mod_ssl: restore NPN behaviour with no Protocol configured (#1302653)
f0c688
f0c688 
* Tue Apr 12 2016 Joe Orton <jorton@redhat.com> - 2.4.18-8
f0c688 
- mod_ssl: allow protocol upgrades via NPN (#1302653)
f0c688
f0c688 
* Fri Apr  8 2016 Joe Orton <jorton@redhat.com> - 2.4.18-7
f0c688 
- mod_lua: use anonymous shm segment (#1225116)
f0c688 
- revert 'apachectl graceful' to start httpd if stopped (#1221702)
f0c688
f0c688 
* Wed Apr  6 2016 Joe Orton <jorton@redhat.com> - 2.4.18-6
f0c688 
- fix apxs generated Makefile path to build directory (#1319837)
f0c688 
- use redirects for lang-specific /manual/ URLs (#1324406)
f0c688
f0c688 
* Wed Mar 30 2016 Jan Kaluza <jkaluza@redhat.com> - 2.4.18-5
f0c688 
- apachectl: use httpd from the SCL in apachectl (#1319780)
f0c688 
- apachectl: ignore HTTPD variable also on RHEL6 (#1221681)
f0c688
f0c688 
* Tue Feb 23 2016 Jan Kaluza <jkaluza@redhat.com> - 2.4.18-4
f0c688 
- apxs: fix querying installbuilddir
f0c688
f0c688 
* Thu Feb 11 2016 Jan Kaluza <jkaluza@redhat.com> - 2.4.18-3
f0c688 
- correct the AliasMatch in manual.conf (#1282481)
f0c688
f0c688 
* Wed Feb 10 2016 Jan Kaluza <jkaluza@redhat.com> - 2.4.18-2
f0c688 
- use HTTPD_LANG in sysconfig file on RHEL6 (#1222055)
f0c688 
- ignore HTTPD sysconfig variable on RHEL6 (#1204075)
f0c688 
- call restorecon on /etc/rc.d/init.d/htcacheclean after install (#1222494)
f0c688
f0c688 
* Wed Feb 03 2016 Jan Kaluza <jkaluza@redhat.com> - 2.4.18-1
f0c688 
- update to version 2.4.18
f0c688 
- add support for http/2
f0c688 
- mod_auth_digest: use anonymous shared memory (#1225116)
f0c688 
- core: improve error message for inaccessible DocumentRoot (#1207093)
f0c688 
- ab: try all addresses instead of failing on first one when not available (#1209552)
f0c688 
- apachectl: ignore HTTPD variable from sysconfig (#1221681)
f0c688 
- apachectl: fix "graceful" documentation (#1221702)
f0c688 
- apachectl: fix "graceful" behaviour when httpd is not running (#1221650)
f0c688 
- do not display "bomb" icon for files ending with "core" (#1196553)
f0c688 
- mod_proxy_wstunnel: load this module by default (#1253396)
f0c688
f0c688 
* Tue Dec 15 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-8
f0c688 
- Add httpd-2.4.3-sslsninotreq.patch as we did in rhscl-2.0 (#1249800)
f0c688
f0c688 
* Tue Aug 11 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-7
495d07 
- core: fix chunk header parsing defect (CVE-2015-3183)
495d07 
- core: replace of ap_some_auth_required with ap_some_authn_required
495d07 
  and ap_force_authn hook (CVE-2015-3185)
495d07 
- core: fix pointer dereference crash with ErrorDocument 400 pointing
495d07 
  to a local URL-path (CVE-2015-0253)
495d07 
- mod_lua: fix possible mod_lua crash due to websocket bug (CVE-2015-0228)
495d07
33b929 
* Thu Mar 05 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-6
33b929 
- remove old sslsninotreq patch (#1199040)
33b929
33b929 
* Thu Feb 26 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-5
33b929 
- fix wrong path to document root in httpd.conf (#1196559)
33b929
33b929 
* Tue Feb 17 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-4
33b929 
- fix SELinux context of httpd-scl-wrapper (#1193456)
33b929
33b929 
* Tue Feb 03 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-3
33b929 
- include apr_skiplist and build against system APR/APR-util (#1187646)
33b929
33b929 
* Mon Feb 02 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-2
33b929 
- rebuild against new APR/APR-util (#1187646)
33b929
33b929 
* Wed Jan 28 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.12-1
33b929 
- update to version 2.4.12
33b929 
- fix possible crash in SIGINT handling (#1184034)
33b929
33b929 
* Thu Jan 08 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.10-2
33b929 
- allow enabling additional SCLs using service-environment file
33b929 
- enable mod_request by default for mod_auth_form
33b929 
- move disabled-by-default modules from 00-base.conf to 00-optional.conf
33b929
33b929 
* Fri Jan 02 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.10-1
33b929 
- update to 2.4.10
33b929 
- remove mod_proxy_html obsolete (#1174790)
33b929 
- remove dbmmanage from httpd-tools (#1151375)
33b929 
- add slash before root_libexecdir macro (#1149076)
33b929 
- ab: fix integer overflow when printing stats with lot of requests (#1091650)
33b929 
- mod_ssl: use 2048-bit RSA key with SHA-256 signature in dummy certificate (#1079925)
33b929
62b793 
* Tue Nov 25 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-25
62b793 
- Remove mod_proxy_fcgi fix for heap-based buffer overflow,
62b793 
  httpd-2.4.6 is not affected (CVE-2014-3583)
62b793
62b793 
* Tue Nov 25 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-24
62b793 
- mod_proxy_wstunnel: Fix the use of SSL with the "wss:" scheme (#1141950)
62b793
62b793 
* Mon Nov 24 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-23
62b793 
- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704)
62b793 
- mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581)
62b793 
- mod_proxy_fcgi: fix heap-based buffer overflow (CVE-2014-3583)
62b793
62b793 
* Fri Jul 18 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-22
8d96ca 
- mod_cgid: add security fix for CVE-2014-0231
8d96ca 
- mod_proxy: add security fix for CVE-2014-0117
8d96ca 
- mod_deflate: add security fix for CVE-2014-0118
8d96ca 
- mod_status: add security fix for CVE-2014-0226
8d96ca 
- mod_cache: add secutiry fix for CVE-2013-4352
8d96ca
af9b8b 
* Thu Mar 20 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-19
af9b8b 
- mod_dav: add security fix for CVE-2013-6438 (#1077885)
af9b8b 
- mod_log_config: add security fix for CVE-2014-0098 (#1077885)
af9b8b
af9b8b 
* Wed Feb 05 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-18
af9b8b 
- add legacy action scripts and htcacheclean service file,
af9b8b 
  use syslog for suexec logging (#1061009)
af9b8b 
- mod_dav: fix locktoken handling (#1061010)
af9b8b 
- mod_ssl: sanity-check use of "SSLCompression" (#1061011)
af9b8b 
- mod_ssl: allow SSLEngine to override Listen-based default (#1061016)
af9b8b
af9b8b 
* Fri Jan 10 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-17
af9b8b 
- rebuild because of File bug which caused no perl in provides
af9b8b
af9b8b 
* Tue Jan 07 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-16
af9b8b 
- don't run posttrans restart if httpd-disable-posttrans exists (#1047097)
af9b8b 
- mod_proxy: fix crash in brigade cleanup under high load (#1040448)
af9b8b 
- remove "webserver" from provides (#1042877)
af9b8b
af9b8b 
* Tue Nov 26 2013 Joe Orton <jorton@redhat.com> - 2.4.6-15
af9b8b 
- fix logs symlink
af9b8b
af9b8b 
* Tue Nov 26 2013 Joe Orton <jorton@redhat.com> - 2.4.6-14
af9b8b 
- fix systemd unitdir again
af9b8b
af9b8b 
* Tue Nov 26 2013 Joe Orton <jorton@redhat.com> - 2.4.6-13
af9b8b 
- mod_ssl: generate localhost keypair in root /etc/pki
af9b8b
af9b8b 
* Tue Nov 26 2013 Joe Orton <jorton@redhat.com> - 2.4.6-12
af9b8b 
- fix mod_ssl post script
af9b8b 
- adapt logrotate config
af9b8b
af9b8b 
* Tue Nov 26 2013 Joe Orton <jorton@redhat.com> - 2.4.6-11
af9b8b 
- use system /var/log for logging
af9b8b
af9b8b 
* Tue Nov 26 2013 Joe Orton <jorton@redhat.com> - 2.4.6-10
af9b8b 
- move systemd service to libdir
af9b8b
af9b8b 
* Wed Sep 25 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-8
af9b8b 
- build with mod_systemd support
af9b8b
af9b8b 
* Tue Sep 24 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-7
af9b8b 
- set proper path installbuilddir in apxs script
af9b8b
af9b8b 
* Tue Sep 24 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-6
af9b8b 
- really set proper path to apxs in macros.httpd24
af9b8b
af9b8b 
* Tue Sep 24 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-5
af9b8b 
- set proper path to apxs in macros.httpd24
af9b8b
af9b8b 
* Mon Sep 23 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-4
af9b8b 
- build with system APR/APR-util
af9b8b 
- fix logrotate script to restart httpd from SCL
af9b8b
af9b8b 
* Wed Sep 18 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-3
af9b8b 
- rebuild for new APR/APR-util
af9b8b
af9b8b 
* Tue Aug 13 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.6-2
af9b8b 
- update to 2.4.6
af9b8b 
- revert fix for dumping vhosts twice
af9b8b
af9b8b 
* Mon Jul 29 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-7
af9b8b 
- use expanded directory variables in macros, remove '-' from mmnisa
af9b8b
af9b8b 
* Mon Jul 29 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-6
af9b8b 
- when building as SCL, use _httpd24_ prefix for macros
af9b8b
af9b8b 
* Thu Jul 11 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-12
af9b8b 
- mod_unique_id: replace use of hostname + pid with PRNG output (#976666)
af9b8b 
- apxs: mention -p option in manpage
af9b8b
af9b8b 
* Tue Jul  2 2013 Joe Orton <jorton@redhat.com> - 2.4.4-11
af9b8b 
- add patch for aarch64 (Dennis Gilmore, #925558)
af9b8b
af9b8b 
* Mon Jul  1 2013 Joe Orton <jorton@redhat.com> - 2.4.4-10
af9b8b 
- remove duplicate apxs man page from httpd-tools
af9b8b
af9b8b 
* Mon Jun 17 2013 Joe Orton <jorton@redhat.com> - 2.4.4-9
af9b8b 
- remove zombie dbmmanage script
af9b8b
af9b8b 
* Fri May 31 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-8
af9b8b 
- return 400 Bad Request on malformed Host header
af9b8b
af9b8b 
* Mon May 20 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-6
af9b8b 
- htpasswd/htdbm: fix hash generation bug (#956344)
af9b8b 
- do not dump vhosts twice in httpd -S output (#928761)
af9b8b 
- mod_cache: fix potential crash caused by uninitialized variable (#954109)
af9b8b
af9b8b 
* Thu Apr 18 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-5
af9b8b 
- execute systemctl reload as result of apachectl graceful
af9b8b 
- mod_ssl: ignore SNI hints unless required by config
af9b8b 
- mod_cache: forward-port CacheMaxExpire "hard" option
af9b8b 
- mod_ssl: fall back on another module's proxy hook if mod_ssl proxy
af9b8b 
  is not configured.
af9b8b
af9b8b 
* Tue Apr 16 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-4
af9b8b 
- fix service file to not send SIGTERM after ExecStop (#906321, #912288)
af9b8b
af9b8b 
* Tue Mar 26 2013 Jan Kaluza <jkaluza@redhat.com> - 2.4.4-3
af9b8b 
- protect MIMEMagicFile with IfModule (#893949)
af9b8b
af9b8b 
* Tue Feb 26 2013 Joe Orton <jorton@redhat.com> - 2.4.4-2
af9b8b 
- really package mod_auth_form in mod_session (#915438)
af9b8b
af9b8b 
* Tue Feb 26 2013 Joe Orton <jorton@redhat.com> - 2.4.4-1
af9b8b 
- update to 2.4.4
af9b8b 
- fix duplicate ownership of mod_session config (#914901)
af9b8b
af9b8b 
* Fri Feb 22 2013 Joe Orton <jorton@redhat.com> - 2.4.3-17
af9b8b 
- add mod_session subpackage, move mod_auth_form there (#894500)
af9b8b
af9b8b 
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.3-16
af9b8b 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
af9b8b
af9b8b 
* Tue Jan  8 2013 Joe Orton <jorton@redhat.com> - 2.4.3-15
af9b8b 
- add systemd service for htcacheclean
af9b8b
af9b8b 
* Tue Nov 13 2012 Joe Orton <jorton@redhat.com> - 2.4.3-14
af9b8b 
- drop patch for r1344712
af9b8b
af9b8b 
* Tue Nov 13 2012 Joe Orton <jorton@redhat.com> - 2.4.3-13
af9b8b 
- filter mod_*.so auto-provides (thanks to rcollet)
af9b8b 
- pull in syslog logging fix from upstream (r1344712)
af9b8b
af9b8b 
* Fri Oct 26 2012 Joe Orton <jorton@redhat.com> - 2.4.3-12
af9b8b 
- rebuild to pick up new apr-util-ldap
af9b8b
af9b8b 
* Tue Oct 23 2012 Joe Orton <jorton@redhat.com> - 2.4.3-11
af9b8b 
- rebuild
af9b8b
af9b8b 
* Wed Oct  3 2012 Joe Orton <jorton@redhat.com> - 2.4.3-10
af9b8b 
- pull upstream patch r1392850 in addition to r1387633
af9b8b
af9b8b 
* Mon Oct  1 2012 Joe Orton <jorton@redhat.com> - 2.4.3-9.1
af9b8b 
- restore "ServerTokens Full-Release" support (#811714)
af9b8b
af9b8b 
* Mon Oct  1 2012 Joe Orton <jorton@redhat.com> - 2.4.3-9
af9b8b 
- define PLATFORM in os.h using vendor string
af9b8b
af9b8b 
* Mon Oct  1 2012 Joe Orton <jorton@redhat.com> - 2.4.3-8
af9b8b 
- use systemd script unconditionally (#850149)
af9b8b
af9b8b 
* Mon Oct  1 2012 Joe Orton <jorton@redhat.com> - 2.4.3-7
af9b8b 
- use systemd scriptlets if available (#850149)
af9b8b 
- don't run posttrans restart if /etc/sysconfig/httpd-disable-posttrans exists
af9b8b
af9b8b 
* Mon Oct 01 2012 Jan Kaluza <jkaluza@redhat.com> - 2.4.3-6
af9b8b 
- use systemctl from apachectl (#842736)
af9b8b
af9b8b 
* Wed Sep 19 2012 Joe Orton <jorton@redhat.com> - 2.4.3-5
af9b8b 
- fix some error log spam with graceful-stop (r1387633)
af9b8b 
- minor mod_systemd tweaks
af9b8b
af9b8b 
* Thu Sep 13 2012 Joe Orton <jorton@redhat.com> - 2.4.3-4
af9b8b 
- use IncludeOptional for conf.d/*.conf inclusion
af9b8b
af9b8b 
* Fri Sep 07 2012 Jan Kaluza <jkaluza@redhat.com> - 2.4.3-3
af9b8b 
- adding mod_systemd to integrate with systemd better
af9b8b
af9b8b 
* Tue Aug 21 2012 Joe Orton <jorton@redhat.com> - 2.4.3-2
af9b8b 
- mod_ssl: add check for proxy keypair match (upstream r1374214)
af9b8b
af9b8b 
* Tue Aug 21 2012 Joe Orton <jorton@redhat.com> - 2.4.3-1
af9b8b 
- update to 2.4.3 (#849883)
af9b8b 
- own the docroot (#848121)
af9b8b
af9b8b 
* Mon Aug  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-23
af9b8b 
- add mod_proxy fixes from upstream (r1366693, r1365604)
af9b8b
af9b8b 
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.4.2-22
af9b8b 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
af9b8b
af9b8b 
* Fri Jul  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-21
af9b8b 
- drop explicit version requirement on initscripts
af9b8b
af9b8b 
* Thu Jul  5 2012 Joe Orton <jorton@redhat.com> - 2.4.2-20
af9b8b 
- mod_ext_filter: fix error_log warnings
af9b8b
af9b8b 
* Mon Jul  2 2012 Joe Orton <jorton@redhat.com> - 2.4.2-19
af9b8b 
- support "configtest" and "graceful" as initscripts "legacy actions"
af9b8b
af9b8b 
* Fri Jun  8 2012 Joe Orton <jorton@redhat.com> - 2.4.2-18
af9b8b 
- avoid use of "core" GIF for a "core" directory (#168776)
af9b8b 
- drop use of "syslog.target" in systemd unit file
af9b8b
af9b8b 
* Thu Jun  7 2012 Joe Orton <jorton@redhat.com> - 2.4.2-17
af9b8b 
- use _unitdir for systemd unit file
af9b8b 
- use /run in unit file, ssl.conf
af9b8b
af9b8b 
* Thu Jun  7 2012 Joe Orton <jorton@redhat.com> - 2.4.2-16
af9b8b 
- mod_ssl: fix NPN patch merge
af9b8b
af9b8b 
* Wed Jun  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-15
af9b8b 
- move tmpfiles.d fragment into /usr/lib per new guidelines
af9b8b 
- package /run/httpd not /var/run/httpd
af9b8b 
- set runtimedir to /run/httpd likewise
af9b8b
af9b8b 
* Wed Jun  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-14
af9b8b 
- fix htdbm/htpasswd crash on crypt() failure (#818684)
af9b8b
af9b8b 
* Wed Jun  6 2012 Joe Orton <jorton@redhat.com> - 2.4.2-13
af9b8b 
- pull fix for NPN patch from upstream (r1345599)
af9b8b
af9b8b 
* Thu May 31 2012 Joe Orton <jorton@redhat.com> - 2.4.2-12
af9b8b 
- update suexec patch to use LOG_AUTHPRIV facility
af9b8b
af9b8b 
* Thu May 24 2012 Joe Orton <jorton@redhat.com> - 2.4.2-11
af9b8b 
- really fix autoindex.conf (thanks to remi@)
af9b8b
af9b8b 
* Thu May 24 2012 Joe Orton <jorton@redhat.com> - 2.4.2-10
af9b8b 
- fix autoindex.conf to allow symlink to poweredby.png
af9b8b
af9b8b 
* Wed May 23 2012 Joe Orton <jorton@redhat.com> - 2.4.2-9
af9b8b 
- suexec: use upstream version of patch for capability bit support
af9b8b
af9b8b 
* Wed May 23 2012 Joe Orton <jorton@redhat.com> - 2.4.2-8
af9b8b 
- suexec: use syslog rather than suexec.log, drop dac_override capability
af9b8b
af9b8b 
* Tue May  1 2012 Joe Orton <jorton@redhat.com> - 2.4.2-7
af9b8b 
- mod_ssl: add TLS NPN support (r1332643, #809599)
af9b8b
af9b8b 
* Tue May  1 2012 Joe Orton <jorton@redhat.com> - 2.4.2-6
af9b8b 
- add BR on APR >= 1.4.0
af9b8b
af9b8b 
* Fri Apr 27 2012 Joe Orton <jorton@redhat.com> - 2.4.2-5
af9b8b 
- use systemctl from logrotate (#221073)
af9b8b
af9b8b 
* Fri Apr 27 2012 Joe Orton <jorton@redhat.com> - 2.4.2-4
af9b8b 
- pull from upstream:
af9b8b 
  * use TLS close_notify alert for dummy_connection (r1326980+)
af9b8b 
  * cleanup symbol exports (r1327036+)
af9b8b
af9b8b 
* Fri Apr 27 2012 Joe Orton <jorton@redhat.com> - 2.4.2-3.2
af9b8b 
- rebuild
af9b8b
af9b8b 
* Fri Apr 20 2012 Joe Orton <jorton@redhat.com> - 2.4.2-3
af9b8b 
- really fix restart
af9b8b
af9b8b 
* Fri Apr 20 2012 Joe Orton <jorton@redhat.com> - 2.4.2-2
af9b8b 
- tweak default ssl.conf
af9b8b 
- fix restart handling (#814645)
af9b8b 
- use graceful restart by default
af9b8b
af9b8b 
* Wed Apr 18 2012 Jan Kaluza <jkaluza@redhat.com> - 2.4.2-1
af9b8b 
- update to 2.4.2
af9b8b
af9b8b 
* Fri Mar 23 2012 Joe Orton <jorton@redhat.com> - 2.4.1-6
af9b8b 
- fix macros
af9b8b
af9b8b 
* Fri Mar 23 2012 Joe Orton <jorton@redhat.com> - 2.4.1-5
af9b8b 
- add _httpd_moddir to macros
af9b8b
af9b8b 
* Tue Mar 13 2012 Joe Orton <jorton@redhat.com> - 2.4.1-4
af9b8b 
- fix symlink for poweredby.png
af9b8b 
- fix manual.conf
af9b8b
af9b8b 
* Tue Mar 13 2012 Joe Orton <jorton@redhat.com> - 2.4.1-3
af9b8b 
- add mod_proxy_html subpackage (w/mod_proxy_html + mod_xml2enc)
af9b8b 
- move mod_ldap, mod_authnz_ldap to mod_ldap subpackage
af9b8b
af9b8b 
* Tue Mar 13 2012 Joe Orton <jorton@redhat.com> - 2.4.1-2
af9b8b 
- clean docroot better
af9b8b 
- ship proxy, ssl directories within /var/cache/httpd
af9b8b 
- default config:
af9b8b 
 * unrestricted access to (only) /var/www
af9b8b 
 * remove (commented) Mutex, MaxRanges, ScriptSock
af9b8b 
 * split autoindex config to conf.d/autoindex.conf
af9b8b 
- ship additional example configs in docdir
af9b8b
af9b8b 
* Tue Mar  6 2012 Joe Orton <jorton@redhat.com> - 2.4.1-1
af9b8b 
- update to 2.4.1
af9b8b 
- adopt upstream default httpd.conf (almost verbatim)
af9b8b 
- split all LoadModules to conf.modules.d/*.conf
af9b8b 
- include conf.d/*.conf at end of httpd.conf
af9b8b 
- trim %%changelog
af9b8b
af9b8b 
* Mon Feb 13 2012 Joe Orton <jorton@redhat.com> - 2.2.22-2
af9b8b 
- fix build against PCRE 8.30
af9b8b
af9b8b 
* Mon Feb 13 2012 Joe Orton <jorton@redhat.com> - 2.2.22-1
af9b8b 
- update to 2.2.22
af9b8b
af9b8b 
* Fri Feb 10 2012 Petr Pisar <ppisar@redhat.com> - 2.2.21-8
af9b8b 
- Rebuild against PCRE 8.30
af9b8b
af9b8b 
* Mon Jan 23 2012 Jan Kaluza <jkaluza@redhat.com> - 2.2.21-7
af9b8b 
- fix #783629 - start httpd after named
af9b8b
af9b8b 
* Mon Jan 16 2012 Joe Orton <jorton@redhat.com> - 2.2.21-6
af9b8b 
- complete conversion to systemd, drop init script (#770311)
af9b8b 
- fix comments in /etc/sysconfig/httpd (#771024)
af9b8b 
- enable PrivateTmp in service file (#781440)
af9b8b 
- set LANG=C in /etc/sysconfig/httpd
af9b8b
af9b8b 
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.21-5
af9b8b 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
af9b8b
af9b8b 
* Tue Dec 06 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.21-4
af9b8b 
- fix #751591 - start httpd after remote-fs
af9b8b
af9b8b 
* Mon Oct 24 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.21-3
af9b8b 
- allow change state of BalancerMember in mod_proxy_balancer web interface
af9b8b
af9b8b 
* Thu Sep 22 2011 Ville Skyttä <ville.skytta@iki.fi> - 2.2.21-2
af9b8b 
- Make mmn available as %%{_httpd_mmn}.
af9b8b 
- Add .svgz to AddEncoding x-gzip example in httpd.conf.
af9b8b
af9b8b 
* Tue Sep 13 2011 Joe Orton <jorton@redhat.com> - 2.2.21-1
af9b8b 
- update to 2.2.21
af9b8b
af9b8b 
* Mon Sep  5 2011 Joe Orton <jorton@redhat.com> - 2.2.20-1
af9b8b 
- update to 2.2.20
af9b8b 
- fix MPM stub man page generation
af9b8b
af9b8b 
* Wed Aug 10 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.19-5
af9b8b 
- fix #707917 - add httpd-ssl-pass-dialog to ask for SSL password using systemd
af9b8b
af9b8b 
* Fri Jul 22 2011 Iain Arnell <iarnell@gmail.com> 1:2.2.19-4
af9b8b 
- rebuild while rpm-4.9.1 is untagged to remove trailing slash in provided
af9b8b 
  directory names
af9b8b
af9b8b 
* Wed Jul 20 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.19-3
af9b8b 
- fix #716621 - suexec now works without setuid bit
af9b8b
af9b8b 
* Thu Jul 14 2011 Jan Kaluza <jkaluza@redhat.com> - 2.2.19-2
af9b8b 
- fix #689091 - backported patch from 2.3 branch to support IPv6 in logresolve
af9b8b
af9b8b 
* Fri Jul  1 2011 Joe Orton <jorton@redhat.com> - 2.2.19-1
af9b8b 
- update to 2.2.19
af9b8b 
- enable dbd, authn_dbd in default config
af9b8b
af9b8b 
* Thu Apr 14 2011 Joe Orton <jorton@redhat.com> - 2.2.17-13
af9b8b 
- fix path expansion in service files
af9b8b
af9b8b 
* Tue Apr 12 2011 Joe Orton <jorton@redhat.com> - 2.2.17-12
af9b8b 
- add systemd service files (#684175, thanks to Jóhann B. Guðmundsson)
af9b8b
af9b8b 
* Wed Mar 23 2011 Joe Orton <jorton@redhat.com> - 2.2.17-11
af9b8b 
- minor updates to httpd.conf
af9b8b 
- drop old patches
af9b8b
af9b8b 
* Wed Mar  2 2011 Joe Orton <jorton@redhat.com> - 2.2.17-10
af9b8b 
- rebuild
af9b8b
af9b8b 
* Wed Feb 23 2011 Joe Orton <jorton@redhat.com> - 2.2.17-9
af9b8b 
- use arch-specific mmn
af9b8b
af9b8b 
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.17-8
af9b8b 
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
af9b8b
af9b8b 
* Mon Jan 31 2011 Joe Orton <jorton@redhat.com> - 2.2.17-7
af9b8b 
- generate dummy mod_ssl cert with CA:FALSE constraint (#667841)
af9b8b 
- add man page stubs for httpd.event, httpd.worker
af9b8b 
- drop distcache support
af9b8b 
- add STOP_TIMEOUT support to init script
af9b8b
af9b8b 
* Sat Jan  8 2011 Joe Orton <jorton@redhat.com> - 2.2.17-6
af9b8b 
- update default SSLCipherSuite per upstream trunk
af9b8b
af9b8b 
* Wed Jan  5 2011 Joe Orton <jorton@redhat.com> - 2.2.17-5
af9b8b 
- fix requires (#667397)
af9b8b
af9b8b 
* Wed Jan  5 2011 Joe Orton <jorton@redhat.com> - 2.2.17-4
af9b8b 
- de-ghost /var/run/httpd
af9b8b
af9b8b 
* Tue Jan  4 2011 Joe Orton <jorton@redhat.com> - 2.2.17-3
af9b8b 
- add tmpfiles.d configuration, ghost /var/run/httpd (#656600)
af9b8b
af9b8b 
* Sat Nov 20 2010 Joe Orton <jorton@redhat.com> - 2.2.17-2
af9b8b 
- drop setuid bit, use capabilities for suexec binary
af9b8b
af9b8b 
* Wed Oct 27 2010 Joe Orton <jorton@redhat.com> - 2.2.17-1
af9b8b 
- update to 2.2.17
af9b8b
af9b8b 
* Fri Sep 10 2010 Joe Orton <jorton@redhat.com> - 2.2.16-2
af9b8b 
- link everything using -z relro and -z now
af9b8b
af9b8b 
* Mon Jul 26 2010 Joe Orton <jorton@redhat.com> - 2.2.16-1
af9b8b 
- update to 2.2.16
af9b8b
af9b8b 
* Fri Jul  9 2010 Joe Orton <jorton@redhat.com> - 2.2.15-3
af9b8b 
- default config tweaks:
af9b8b 
 * harden httpd.conf w.r.t. .htaccess restriction (#591293)
af9b8b 
 * load mod_substitute, mod_version by default
af9b8b 
 * drop proxy_ajp.conf, load mod_proxy_ajp in httpd.conf
af9b8b 
 * add commented list of shipped-but-unloaded modules
af9b8b 
 * bump up worker defaults a little
af9b8b 
 * drop KeepAliveTimeout to 5 secs per upstream
af9b8b 
- fix LSB compliance in init script (#522074)
af9b8b 
- bundle NOTICE in -tools
af9b8b 
- use init script in logrotate postrotate to pick up PIDFILE
af9b8b 
- drop some old Obsoletes/Conflicts
af9b8b
af9b8b 
* Sun Apr 04 2010 Robert Scheck <robert@fedoraproject.org> - 2.2.15-1
af9b8b 
- update to 2.2.15 (#572404, #579311)
af9b8b

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation