From ed17d95907e6357fdf85a6de3b42322866a2860e Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Fri, 21 Feb 2014 13:23:58 -0500
Subject: Apache 2.4 compatibility changes

---
 ChangeLog           | 1 +
 mod_nss.c           | 2 +-
 mod_nss.h           | 3 +--
 nss_engine_init.c   | 2 +-
 nss_engine_io.c     | 6 +++---
 nss_engine_kernel.c | 4 ++--
 nss_engine_log.c    | 4 ++--
 nss_engine_vars.c   | 4 ++--
 8 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 0612b8f..d40ce8b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,7 @@
     * Fix CVE-2013-4566
     * Move nss_pcache to /usr/libexec
     * Fix argument handling in nss_pcache
+    * Support httpd 2.4+
 
 2013-10-11  Tomas Hoger <thoger@redhat.com>
     * Documentation formatting fixes
diff --git a/mod_nss.c b/mod_nss.c
index 3c3cb29..8ccc604 100644
--- a/mod_nss.c
+++ b/mod_nss.c
@@ -362,7 +362,7 @@ static int nss_hook_pre_connection(conn_rec *c, void *csd)
     ap_log_error(APLOG_MARK, APLOG_INFO, 0, c->base_server,
                  "Connection to child %ld established "
                  "(server %s, client %s)", c->id, sc->vhost_id, 
-                 c->remote_ip ? c->remote_ip : "unknown");
+                 c->client_ip ? c->client_ip : "unknown");
 
     mctx = sslconn->is_proxy ? sc->proxy : sc->server;
 
diff --git a/mod_nss.h b/mod_nss.h
index 6fea121..8c57577 100644
--- a/mod_nss.h
+++ b/mod_nss.h
@@ -28,7 +28,6 @@
 #include "mod_ssl.h"
 #include "util_script.h"
 #include "util_filter.h"
-#include "mpm.h"
 #include "apr.h"
 #include "apr_strings.h"
 #define APR_WANT_STRFUNC
@@ -481,7 +480,7 @@ int nss_rand_seed(server_rec *s, apr_pool_t *p, ssl_rsctx_t nCtx, char *prefix);
 SECStatus nss_Init_Tokens(server_rec *s);
 
 /* Logging */
-void nss_log_nss_error(const char *file, int line, int level, server_rec *s);
+void nss_log_nss_error(const char *file, int line, int module_index, int level, server_rec *s);
 void nss_die(void);
 
 /* NSS callback */
diff --git a/nss_engine_init.c b/nss_engine_init.c
index 283468f..32b095a 100644
--- a/nss_engine_init.c
+++ b/nss_engine_init.c
@@ -15,7 +15,7 @@
 
 #include "mod_nss.h"
 #include "apr_thread_proc.h"
-#include "ap_mpm.h"
+#include "mpm_common.h"
 #include "secmod.h"
 #include "sslerr.h"
 #include "pk11func.h"
diff --git a/nss_engine_io.c b/nss_engine_io.c
index 2f9559f..f55f7e0 100644
--- a/nss_engine_io.c
+++ b/nss_engine_io.c
@@ -621,13 +621,13 @@ static apr_status_t nss_filter_io_shutdown(nss_filter_ctx_t *filter_ctx,
     PR_Close(ssl);
 
     /* log the fact that we've closed the connection */
-    if (c->base_server->loglevel >= APLOG_INFO) {
+    if (c->base_server->log.level >= APLOG_INFO) {
         ap_log_error(APLOG_MARK, APLOG_INFO, 0, c->base_server,
                      "Connection to child %ld closed "
                      "(server %s, client %s)",
                      c->id,
                      nss_util_vhostid(c->pool, c->base_server),
-                     c->remote_ip ? c->remote_ip : "unknown");
+                     c->client_ip ? c->client_ip : "unknown");
     }
 
     /* deallocate the SSL connection */
@@ -1165,7 +1165,7 @@ static PRStatus PR_CALLBACK nspr_filter_getpeername(PRFileDesc *fd, PRNetAddr *a
     filter_ctx = (nss_filter_ctx_t *)(fd->secret);
     c = filter_ctx->c;
 
-    return PR_StringToNetAddr(c->remote_ip, addr);
+    return PR_StringToNetAddr(c->client_ip, addr);
 }
 
 /* 
diff --git a/nss_engine_kernel.c b/nss_engine_kernel.c
index b343382..deb91a0 100644
--- a/nss_engine_kernel.c
+++ b/nss_engine_kernel.c
@@ -73,7 +73,7 @@ int nss_hook_ReadReq(request_rec *r)
     /*
      * Log information about incoming HTTPS requests
      */
-    if (r->server->loglevel >= APLOG_INFO && ap_is_initial_req(r)) {
+    if (r->server->log.level >= APLOG_INFO && ap_is_initial_req(r)) {
         ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server,
                      "%s HTTPS request received for child %ld (server %s)",
                      (r->connection->keepalives <= 0 ?
@@ -530,7 +530,7 @@ int nss_hook_Access(request_rec *r)
             ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server,
                          "Access to %s denied for %s "
                          "(requirement expression not fulfilled)",
-                         r->filename, r->connection->remote_ip);
+                         r->filename, r->connection->client_ip);
 
             ap_log_error(APLOG_MARK, APLOG_INFO, 0, r->server,
                          "Failed expression: %s", req->cpExpr);
diff --git a/nss_engine_log.c b/nss_engine_log.c
index 2b3d21b..62a4de8 100644
--- a/nss_engine_log.c
+++ b/nss_engine_log.c
@@ -321,7 +321,7 @@ void nss_die(void)
     exit(1); 
 }
 
-void nss_log_nss_error(const char *file, int line, int level, server_rec *s)
+void nss_log_nss_error(const char *file, int line, int module_index, int level, server_rec *s)
 {
     const char *err;
     PRInt32 error;
@@ -340,7 +340,7 @@ void nss_log_nss_error(const char *file, int line, int level, server_rec *s)
          err = "Unknown";
     }
 
-    ap_log_error(file, line, level, 0, s,
+    ap_log_error(file, line, module_index, level, 0, s,
                  "SSL Library Error: %d %s",
                  error, err);
 }
diff --git a/nss_engine_vars.c b/nss_engine_vars.c
index 8eba2df..8ecf43a 100644
--- a/nss_engine_vars.c
+++ b/nss_engine_vars.c
@@ -196,7 +196,7 @@ char *nss_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r,
                  && sslconn && sslconn->ssl)
             result = nss_var_lookup_ssl(p, c, var+4);
         else if (strcEQ(var, "REMOTE_ADDR"))
-            result = c->remote_ip;
+            result = c->client_ip;
         else if (strcEQ(var, "HTTPS")) {
             if (sslconn && sslconn->ssl)
                 result = "on";
@@ -212,7 +212,7 @@ char *nss_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r,
         if (strlen(var) > 12 && strcEQn(var, "SSL_VERSION_", 12))
             result = nss_var_lookup_nss_version(p, var+12);
         else if (strcEQ(var, "SERVER_SOFTWARE"))
-            result = (char *)ap_get_server_version();
+            result = (char *)ap_get_server_banner();
         else if (strcEQ(var, "API_VERSION")) {
             result = apr_psprintf(p, "%d", MODULE_MAGIC_NUMBER);
             resdup = FALSE;
-- 
cgit