update to new version 2.4.18

4 files changed, 32 insertions, 24 deletions

diff --git a/.gitignore b/.gitignore
index 2abdf3f..455deea 100644
--- a/.gitignore
+++ b/.gitignore
@@ -21,3 +21,4 @@ x86_64
 /httpd-2.4.12.tar.bz2
 /httpd-2.4.16.tar.bz2
 /httpd-2.4.17.tar.bz2
+/httpd-2.4.18.tar.bz2
diff --git a/httpd-2.4.6-sslmultiproxy.patch b/httpd-2.4.18-sslmultiproxy.patch
index f8a3b4b..3f00f3f 100644
--- a/httpd-2.4.6-sslmultiproxy.patch
+++ b/httpd-2.4.18-sslmultiproxy.patch
@@ -1,9 +1,8 @@
-
-Ugly hack to enable mod_ssl and mod_nss to "share" hooks.
-
---- httpd-2.4.6/modules/ssl/mod_ssl.c.sslmultiproxy
-+++ httpd-2.4.6/modules/ssl/mod_ssl.c
-@@ -369,6 +369,9 @@ static SSLConnRec *ssl_init_connection_c
+diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c
+index 717a694..a3ce718 100644
+--- a/modules/ssl/mod_ssl.c
++++ b/modules/ssl/mod_ssl.c
+@@ -395,6 +395,9 @@ static SSLConnRec *ssl_init_connection_ctx(conn_rec *c)
      return sslconn;
  }
  
@@ -13,7 +12,7 @@ Ugly hack to enable mod_ssl and mod_nss to "share" hooks.
  int ssl_proxy_enable(conn_rec *c)
  {
      SSLSrvConfigRec *sc;
-@@ -377,6 +380,12 @@ int ssl_proxy_enable(conn_rec *c)
+@@ -403,6 +406,12 @@ int ssl_proxy_enable(conn_rec *c)
      sc = mySrvConfig(sslconn->server);
  
      if (!sc->proxy_enabled) {
@@ -26,7 +25,7 @@ Ugly hack to enable mod_ssl and mod_nss to "share" hooks.
          ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(01961)
                        "SSL Proxy requested for %s but not enabled "
                        "[Hint: SSLProxyEngine]", sc->vhost_id);
-@@ -396,6 +405,10 @@ int ssl_engine_disable(conn_rec *c)
+@@ -422,6 +431,10 @@ int ssl_engine_disable(conn_rec *c)
  
      SSLConnRec *sslconn = myConnConfig(c);
  
@@ -37,7 +36,7 @@ Ugly hack to enable mod_ssl and mod_nss to "share" hooks.
      if (sslconn) {
          sc = mySrvConfig(sslconn->server);
      }
-@@ -612,6 +625,9 @@ static void ssl_register_hooks(apr_pool_
+@@ -621,6 +634,9 @@ static void ssl_register_hooks(apr_pool_t *p)
      ap_hook_post_read_request(ssl_hook_ReadReq, pre_prr,NULL, APR_HOOK_MIDDLE);
  
      ssl_var_register(p);
@@ -47,26 +46,31 @@ Ugly hack to enable mod_ssl and mod_nss to "share" hooks.
  
      APR_REGISTER_OPTIONAL_FN(ssl_proxy_enable);
      APR_REGISTER_OPTIONAL_FN(ssl_engine_disable);
---- httpd-2.4.6/modules/ssl/ssl_engine_vars.c.sslmultiproxy
-+++ httpd-2.4.6/modules/ssl/ssl_engine_vars.c
-@@ -53,10 +53,15 @@ static void  ssl_var_lookup_ssl_cipher_b
+diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c
+index a6b0d0d..24fd8c7 100644
+--- a/modules/ssl/ssl_engine_vars.c
++++ b/modules/ssl/ssl_engine_vars.c
+@@ -54,6 +54,8 @@ static char *ssl_var_lookup_ssl_cipher(apr_pool_t *p, SSLConnRec *sslconn, char
+ static void  ssl_var_lookup_ssl_cipher_bits(SSL *ssl, int *usekeysize, int *algkeysize);
  static char *ssl_var_lookup_ssl_version(apr_pool_t *p, char *var);
  static char *ssl_var_lookup_ssl_compress_meth(SSL *ssl);
- 
 +static APR_OPTIONAL_FN_TYPE(ssl_is_https) *othermod_is_https;
 +static APR_OPTIONAL_FN_TYPE(ssl_var_lookup) *othermod_var_lookup;
-+
+ 
+ static SSLConnRec *ssl_get_effective_config(conn_rec *c)
+ {
+@@ -68,7 +70,9 @@ static SSLConnRec *ssl_get_effective_config(conn_rec *c)
  static int ssl_is_https(conn_rec *c)
  {
-     SSLConnRec *sslconn = myConnConfig(c);
+     SSLConnRec *sslconn = ssl_get_effective_config(c);
 -    return sslconn && sslconn->ssl;
-+    
++
 +    return (sslconn && sslconn->ssl)
 +        || (othermod_is_https && othermod_is_https(c));
  }
  
  static const char var_interface[] = "mod_ssl/" AP_SERVER_BASEREVISION;
-@@ -106,6 +111,9 @@ void ssl_var_register(apr_pool_t *p)
+@@ -137,6 +141,9 @@ void ssl_var_register(apr_pool_t *p)
  {
      char *cp, *cp2;
  
@@ -76,10 +80,10 @@ Ugly hack to enable mod_ssl and mod_nss to "share" hooks.
      APR_REGISTER_OPTIONAL_FN(ssl_is_https);
      APR_REGISTER_OPTIONAL_FN(ssl_var_lookup);
      APR_REGISTER_OPTIONAL_FN(ssl_ext_list);
-@@ -241,6 +249,15 @@ char *ssl_var_lookup(apr_pool_t *p, serv
+@@ -272,6 +279,15 @@ char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r,
       */
      if (result == NULL && c != NULL) {
-         SSLConnRec *sslconn = myConnConfig(c);
+         SSLConnRec *sslconn = ssl_get_effective_config(c);
 +
 +        if (strlen(var) > 4 && strcEQn(var, "SSL_", 4)
 +            && (!sslconn || !sslconn->ssl) && othermod_var_lookup) {
@@ -91,4 +95,4 @@ Ugly hack to enable mod_ssl and mod_nss to "share" hooks.
 +
          if (strlen(var) > 4 && strcEQn(var, "SSL_", 4)
              && sslconn && sslconn->ssl)
-             result = ssl_var_lookup_ssl(p, c, r, var+4);
+             result = ssl_var_lookup_ssl(p, sslconn, r, var+4);
diff --git a/httpd.spec b/httpd.spec
index 6318a9e..4a1b3e6 100644
--- a/httpd.spec
+++ b/httpd.spec
@@ -7,8 +7,8 @@
 
 Summary: Apache HTTP Server
 Name: httpd
-Version: 2.4.17
-Release: 4%{?dist}
+Version: 2.4.18
+Release: 1%{?dist}
 URL: http://httpd.apache.org/
 Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
 Source1: index.html
@@ -59,7 +59,7 @@ Patch26: httpd-2.4.4-r1337344+.patch
 Patch27: httpd-2.4.2-icons.patch
 Patch29: httpd-2.4.10-mod_systemd.patch
 Patch30: httpd-2.4.4-cachehardmax.patch
-Patch31: httpd-2.4.6-sslmultiproxy.patch
+Patch31: httpd-2.4.18-sslmultiproxy.patch
 Patch34: httpd-2.4.17-socket-activation.patch
 Patch35: httpd-2.4.17-sslciphdefault.patch
 # Bug fixes
@@ -675,6 +675,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_rpmconfigdir}/macros.d/macros.httpd
 
 %changelog
+* Mon Dec 14 2015 Jan Kaluza <jkaluza@redhat.com> - 2.4.18-1
+- update to new version 2.4.18
+
 * Wed Dec  9 2015 Joe Orton <jorton@redhat.com> - 2.4.17-4
 - re-enable mod_asis due to popular demand (#1284315)
 
diff --git a/sources b/sources
index c7410a8..101e022 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-cf4dfee11132cde836022f196611a8b7  httpd-2.4.17.tar.bz2
+3690b3cc991b7dfd22aea9e1264a11b9  httpd-2.4.18.tar.bz2