rpms/httpd/devel httpd-2.0.52-htdigperms.patch, NONE, 1.1 httpd-2.0.52-ssluser.patch, NONE, 1.1 httpd.conf, 1.17, 1.18 httpd.init, 1.10, 1.11 httpd.spec, 1.59, 1.60 htsslpass.c, 1.1, NONE htsslpass.xml, 1.1, NONE
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue Mar 29 12:19:43 UTC 2005
Update of /cvs/dist/rpms/httpd/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv4343
Modified Files:
httpd.conf httpd.init httpd.spec
Added Files:
httpd-2.0.52-htdigperms.patch httpd-2.0.52-ssluser.patch
Removed Files:
htsslpass.c htsslpass.xml
Log Message:
* Tue Mar 29 2005 Joe Orton <jorton at redhat.com> 2.0.53-6
- update default httpd.conf:
* clarify the comments on AddDefaultCharset usage (#135821)
* remove all the AddCharset default extensions
* don't load mod_imap by default
* synch with upstream 2.0.53 httpd-std.conf
- remove htsslpass
- mod_ssl: set user from SSLUserName in access hook (upstream #31418)
- htdigest: fix permissions of created files (upstream #33765)
httpd-2.0.52-htdigperms.patch:
htdigest.c | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
--- NEW FILE httpd-2.0.52-htdigperms.patch ---
--- httpd-2.0.52/support/htdigest.c.htdigperms
+++ httpd-2.0.52/support/htdigest.c
@@ -211,7 +211,8 @@
if (argc == 5) {
if (strcmp(argv[1], "-c"))
usage();
- rv = apr_file_open(&f, argv[2], APR_WRITE | APR_CREATE, -1, cntxt);
+ rv = apr_file_open(&f, argv[2], APR_WRITE | APR_CREATE,
+ APR_OS_DEFAULT, cntxt);
if (rv != APR_SUCCESS) {
char errmsg[120];
@@ -241,7 +242,7 @@
exit(1);
}
- if (apr_file_open(&f, argv[1], APR_READ, -1, cntxt) != APR_SUCCESS) {
+ if (apr_file_open(&f, argv[1], APR_READ, APR_OS_DEFAULT, cntxt) != APR_SUCCESS) {
apr_file_printf(errfile,
"Could not open passwd file %s for reading.\n", argv[1]);
apr_file_printf(errfile, "Use -c option to create new one.\n");
httpd-2.0.52-ssluser.patch:
ssl_engine_kernel.c | 25 ++++++++++++++-----------
1 files changed, 14 insertions(+), 11 deletions(-)
--- NEW FILE httpd-2.0.52-ssluser.patch ---
Set r->user from SSLUserName in access hook (upstream #31418).
--- httpd-2.0.52/modules/ssl/ssl_engine_kernel.c.ssluser
+++ httpd-2.0.52/modules/ssl/ssl_engine_kernel.c
@@ -736,6 +736,20 @@
}
}
+ /* If we're trying to have the user name set from a client
+ * certificate then we need to set it here. This should be safe as
+ * the user name probably isn't important from an auth checking point
+ * of view as the certificate supplied acts in that capacity.
+ * However, if FakeAuth is being used then this isn't the case so
+ * we need to postpone setting the username until later.
+ */
+ if ((dc->nOptions & SSL_OPT_FAKEBASICAUTH) == 0 && dc->szUserName) {
+ char *val = ssl_var_lookup(r->pool, r->server, r->connection,
+ r, (char *)dc->szUserName);
+ if (val && val[0])
+ r->user = val;
+ }
+
/*
* Check SSLRequire boolean expressions
*/
@@ -1022,17 +1036,6 @@
}
/*
- * Set r->user if requested
- */
- if (dc->szUserName) {
- val = ssl_var_lookup(r->pool, r->server, r->connection,
- r, (char *)dc->szUserName);
- if (val && val[0]) {
- r->user = val;
- }
- }
-
- /*
* Annotate the SSI/CGI environment with standard SSL information
*/
/* the always present HTTPS (=HTTP over SSL) flag! */
Index: httpd.conf
===================================================================
RCS file: /cvs/dist/rpms/httpd/devel/httpd.conf,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- httpd.conf 7 Feb 2005 15:14:50 -0000 1.17
+++ httpd.conf 29 Mar 2005 12:19:40 -0000 1.18
@@ -153,6 +153,7 @@
LoadModule auth_ldap_module modules/mod_auth_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
+LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule cern_meta_module modules/mod_cern_meta.so
@@ -171,7 +172,6 @@
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
-LoadModule imap_module modules/mod_imap.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
@@ -187,7 +187,6 @@
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule mem_cache_module modules/mod_mem_cache.so
LoadModule cgi_module modules/mod_cgi.so
-LoadModule logio_module modules/mod_logio.so
#
# Load config files from the config directory "/etc/httpd/conf.d".
@@ -247,7 +246,7 @@
# You will have to access it by its address anyway, and this will make
# redirections work in a sensible way.
#
-#ServerName new.host.name:80
+#ServerName www.example.com:80
#
# UseCanonicalName: Determines how Apache constructs self-referencing
@@ -472,6 +471,10 @@
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
+# "combinedio" includes actual counts of actual bytes received (%I) and sent (%O); this
+# requires the mod_logio module to be loaded.
+#LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
+
#
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
@@ -482,8 +485,8 @@
#CustomLog logs/access_log common
#
-# If you would like to have agent and referer logfiles, uncomment the
-# following directives.
+# If you would like to have separate agent and referer logfiles, uncomment
+# the following directives.
#
#CustomLog logs/referer_log referer
#CustomLog logs/agent_log agent
@@ -719,64 +722,15 @@
ForceLanguagePriority Prefer Fallback
#
-# Specify a default charset for all pages sent out. This is
-# always a good idea and opens the door for future internationalisation
-# of your web site, should you ever want it. Specifying it as
-# a default does little harm; as the standard dictates that a page
-# is in iso-8859-1 (latin1) unless specified otherwise i.e. you
-# are merely stating the obvious. There are also some security
-# reasons in browsers, related to javascript and URL parsing
-# which encourage you to always set a default char set.
+# Specify a default charset for all content served; this enables
+# interpretation of all content as UTF-8 by default. To use the
+# default browser choice (ISO-8859-1), or to allow the META tags
+# in HTML content to override this choice, comment out this
+# directive:
#
AddDefaultCharset UTF-8
#
-# Commonly used filename extensions to character sets. You probably
-# want to avoid clashes with the language extensions, unless you
-# are good at carefully testing your setup after each change.
-# See http://www.iana.org/assignments/character-sets for the
-# official list of charset names and their respective RFCs.
-#
-AddCharset ISO-8859-1 .iso8859-1 .latin1
-AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
-AddCharset ISO-8859-3 .iso8859-3 .latin3
-AddCharset ISO-8859-4 .iso8859-4 .latin4
-AddCharset ISO-8859-5 .iso8859-5 .latin5 .cyr .iso-ru
-AddCharset ISO-8859-6 .iso8859-6 .latin6 .arb
-AddCharset ISO-8859-7 .iso8859-7 .latin7 .grk
-AddCharset ISO-8859-8 .iso8859-8 .latin8 .heb
-AddCharset ISO-8859-9 .iso8859-9 .latin9 .trk
-AddCharset ISO-2022-JP .iso2022-jp .jis
-AddCharset ISO-2022-KR .iso2022-kr .kis
-AddCharset ISO-2022-CN .iso2022-cn .cis
-AddCharset Big5 .Big5 .big5
-# For russian, more than one charset is used (depends on client, mostly):
-AddCharset WINDOWS-1251 .cp-1251 .win-1251
-AddCharset CP866 .cp866
-AddCharset KOI8-r .koi8-r .koi8-ru
-AddCharset KOI8-ru .koi8-uk .ua
-AddCharset ISO-10646-UCS-2 .ucs2
-AddCharset ISO-10646-UCS-4 .ucs4
-AddCharset UTF-8 .utf8
-
-# The set below does not map to a specific (iso) standard
-# but works on a fairly wide range of browsers. Note that
-# capitalization actually matters (it should not, but it
-# does for some browsers).
-#
-# See http://www.iana.org/assignments/character-sets
-# for a list of sorts. But browsers support few.
-#
-AddCharset GB2312 .gb2312 .gb
-AddCharset utf-7 .utf7
-AddCharset utf-8 .utf8
-AddCharset big5 .big5 .b5
-AddCharset EUC-TW .euc-tw
-AddCharset EUC-JP .euc-jp
-AddCharset EUC-KR .euc-kr
-AddCharset shift_jis .sjis
-
-#
# AddType allows you to add to or override the MIME configuration
# file mime.types for specific file types.
#
@@ -813,11 +767,6 @@
#AddHandler send-as-is asis
#
-# For server-parsed imagemap files:
-#
-AddHandler imap-file map
-
-#
# For type maps (negotiated resources):
# (This is enabled by default to allow the Apache "It Worked" page
# to be distributed in multiple languages.)
Index: httpd.init
===================================================================
RCS file: /cvs/dist/rpms/httpd/devel/httpd.init,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- httpd.init 2 Mar 2005 08:17:41 -0000 1.10
+++ httpd.init 29 Mar 2005 12:19:40 -0000 1.11
@@ -77,7 +77,7 @@
if ! LANG=$HTTPD_LANG $httpd $OPTIONS -t >&/dev/null; then
RETVAL=$?
echo $"not reloading due to configuration syntax error"
- failure $"Not reloading $httpd due to configuration syntax errors"
+ failure $"not reloading $httpd due to configuration syntax error"
else
killproc $httpd -HUP
RETVAL=$?
Index: httpd.spec
===================================================================
RCS file: /cvs/dist/rpms/httpd/devel/httpd.spec,v
retrieving revision 1.59
retrieving revision 1.60
diff -u -r1.59 -r1.60
--- httpd.spec 2 Mar 2005 08:17:41 -0000 1.59
+++ httpd.spec 29 Mar 2005 12:19:40 -0000 1.60
@@ -7,7 +7,7 @@
Summary: Apache HTTP Server
Name: httpd
Version: 2.0.53
-Release: 5
+Release: 6
URL: http://httpd.apache.org/
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz
Source1: index.html
@@ -23,13 +23,11 @@
Source13: manual.conf
Source14: mod_ssl-Makefile.crt
Source15: mod_ssl-Makefile.crl
-Source16: htsslpass.c
# Documentation
Source30: migration.xml
Source31: migration.css
Source32: html.xsl
Source33: README.confd
-Source34: htsslpass.xml
# build/scripts patches
Patch1: httpd-2.0.40-apctl.patch
Patch2: httpd-2.0.36-apxs.patch
@@ -52,6 +50,8 @@
Patch29: httpd-2.0.48-workerhup.patch
Patch30: httpd-2.0.48-davmisc.patch
Patch39: httpd-2.0.50-reclaim.patch
+Patch40: httpd-2.0.52-htdigperms.patch
+Patch41: httpd-2.0.52-ssluser.patch
# Features/functional changes
Patch70: httpd-2.0.48-release.patch
Patch71: httpd-2.0.40-xfsz.patch
@@ -165,6 +165,8 @@
%patch29 -p1 -b .workerhup
%patch30 -p1 -b .davmisc
%patch39 -p1 -b .reclaim
+%patch40 -p1 -b .htdigperms
+%patch41 -p1 -b .ssluser
%patch71 -p0 -b .xfsz
%patch72 -p1 -b .pod
@@ -233,13 +235,6 @@
xmlto -x $RPM_SOURCE_DIR/html.xsl html-nochunks migration.xml
cp $RPM_SOURCE_DIR/migration.css . # make %%doc happy
-# Build the htsslpass man page
-xmlto man $RPM_SOURCE_DIR/htsslpass.xml
-
-# Build htsslpass
-cp $RPM_SOURCE_DIR/htsslpass.c . || exit 1
-gcc $RPM_OPT_FLAGS -Wall -Werror htsslpass.c -o htsslpass
-
CFLAGS=$RPM_OPT_FLAGS
CPPFLAGS="-DSSL_EXPERIMENTAL_ENGINE"
export CFLAGS CPPFLAGS
@@ -305,10 +300,6 @@
# link to system pcreposix.h
ln -s ../pcreposix.h $RPM_BUILD_ROOT%{_includedir}/httpd/pcreposix.h
-# install htsslpass(1) and man page
-install -m 755 htsslpass $RPM_BUILD_ROOT%{_bindir}/htsslpass
-install -m 644 htsslpass.1 $RPM_BUILD_ROOT%{_mandir}/man1/htsslpass.1
-
# install conf file/directory
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d
install -m 644 $RPM_SOURCE_DIR/README.confd \
@@ -532,7 +523,6 @@
%{_sbindir}/httpd.worker
%{_sbindir}/apachectl
%{_sbindir}/rotatelogs
-%exclude %{_bindir}/htsslpass
%dir %{_libdir}/httpd
%dir %{_libdir}/httpd/modules
@@ -558,7 +548,6 @@
%{_mandir}/man?/*
%exclude %{_mandir}/man8/apxs.8*
%exclude %{_mandir}/man8/suexec.8*
-%exclude %{_mandir}/man1/htsslpass.1*
%files manual
%defattr(-,root,root)
@@ -567,8 +556,6 @@
%files -n mod_ssl
%defattr(-,root,root)
-%{_bindir}/htsslpass
-%{_mandir}/man1/htsslpass.1*
%{_libdir}/httpd/modules/mod_ssl.so
%config(noreplace) %{_sysconfdir}/httpd/conf.d/ssl.conf
%attr(0700,root,root) %dir %{_sysconfdir}/httpd/conf/ssl.*
@@ -596,6 +583,16 @@
%{_mandir}/man8/suexec.8*
%changelog
+* Tue Mar 29 2005 Joe Orton <jorton at redhat.com> 2.0.53-6
+- update default httpd.conf:
+ * clarify the comments on AddDefaultCharset usage (#135821)
+ * remove all the AddCharset default extensions
+ * don't load mod_imap by default
+ * synch with upstream 2.0.53 httpd-std.conf
+- mod_ssl: set user from SSLUserName in access hook (upstream #31418)
+- htdigest: fix permissions of created files (upstream #33765)
+- remove htsslpass
+
* Wed Mar 2 2005 Joe Orton <jorton at redhat.com> 2.0.53-5
- apachectl: restore use of $OPTIONS again
--- htsslpass.c DELETED ---
--- htsslpass.xml DELETED ---
More information about the fedora-cvs-commits
mailing list