21485757 Upgrade Apache Web Server to version 2.4.16
21479241 problem in UTILITY/APACHE
--- a/components/apache24/Makefile Wed Sep 16 01:25:52 2015 -0700
+++ b/components/apache24/Makefile Wed Sep 16 01:26:22 2015 -0700
@@ -23,17 +23,17 @@
include ../../make-rules/shared-macros.mk
COMPONENT_NAME= apache2
-COMPONENT_VERSION= 2.4.12
+COMPONENT_VERSION= 2.4.16
COMPONENT_PROJECT_URL= http://httpd.apache.org/
COMPONENT_SRC_NAME= httpd
COMPONENT_SRC= $(COMPONENT_SRC_NAME)-$(COMPONENT_VERSION)
COMPONENT_ARCHIVE= $(COMPONENT_SRC).tar.gz
COMPONENT_ARCHIVE_HASH= \
- sha256:ee1e6901485feab7384371dbdd91c40fcb1b5e3f75583bb0d387b90d8c4176c8
+ sha256:2fc18017801944cfcfde76a24f16c1276c866c2a6e512ee895f566bef9368fae
COMPONENT_ARCHIVE_URL= http://archive.apache.org/dist/httpd/$(COMPONENT_ARCHIVE)
COMPONENT_BUGDB= utility/apache
-TPNO= 21402
+TPNO= 23618
CONFIGURE_DEFAULT_DIRS=no
--- a/components/apache24/patches/Makefile.in.patch Wed Sep 16 01:25:52 2015 -0700
+++ b/components/apache24/patches/Makefile.in.patch Wed Sep 16 01:26:22 2015 -0700
@@ -13,7 +13,7 @@
< $$i; \
else \
sed -n -e '/@@LoadModule@@/q' \
-@@ -96,6 +99,19 @@
+@@ -116,6 +119,19 @@
cp -p envvars-std $(DESTDIR)$(sbindir)/envvars ; \
fi ; \
fi
@@ -33,7 +33,7 @@
# Create a sanitized config_vars.mk
build/config_vars.out: build/config_vars.mk
-@@ -182,7 +198,6 @@
+@@ -202,7 +218,6 @@
install-other:
@test -d $(DESTDIR)$(logfiledir) || $(MKINSTALLDIRS) $(DESTDIR)$(logfiledir)
--- a/components/apache24/patches/no_ssl3.patch Wed Sep 16 01:25:52 2015 -0700
+++ b/components/apache24/patches/no_ssl3.patch Wed Sep 16 01:26:22 2015 -0700
@@ -1,5 +1,7 @@
Patch origin: in-house
-Patch status: will be submitted to upstream
+Patch status: unclear; so far they disable it just in configuration file
+
+https://bz.apache.org/bugzilla/show_bug.cgi?id=57120
--- modules/ssl/ssl_private.h
+++ modules/ssl/ssl_private.h
@@ -18,7 +20,7 @@
--- docs/manual/mod/mod_ssl.html.en
+++ docs/manual/mod/mod_ssl.html.en
-@@ -1348,9 +1348,7 @@
+@@ -1369,9 +1361,7 @@
<li><code>all</code>
<p>
@@ -31,7 +33,7 @@
</div>
--- docs/manual/mod/mod_ssl.html.fr
+++ docs/manual/mod/mod_ssl.html.fr
-@@ -1518,8 +1518,7 @@
+@@ -1548,8 +1545,7 @@
<li><code>all</code>
<p>
--- a/components/apache24/patches/ssl.conf.patch Wed Sep 16 01:25:52 2015 -0700
+++ b/components/apache24/patches/ssl.conf.patch Wed Sep 16 01:26:22 2015 -0700
@@ -1,5 +1,8 @@
Patch origin: in-house
Patch status: Solaris-specific; not suitable for upstream
+Patch status: SSLProtocol part submitted to upstream
+
+https://bz.apache.org/bugzilla/show_bug.cgi?id=57120
--- docs/conf/extra/httpd-ssl.conf.in
+++ docs/conf/extra/httpd-ssl.conf.in
@@ -24,9 +27,24 @@
+#SSLFIPS on
+
# SSL Cipher Suite:
- # List the ciphers that the client is permitted to negotiate.
- # See the mod_ssl documentation for a complete list.
-@@ -103,7 +107,7 @@
+ # List the ciphers that the client is permitted to negotiate,
+ # and that httpd will negotiate as the client of a proxied server.
+@@ -73,11 +77,11 @@
+
+ # SSL Protocol support:
+ # List the protocol versions which clients are allowed to connect with.
+-# Disable SSLv3 by default (cf. RFC 7525 3.1.1). TLSv1 (1.0) should be
++# SSLv3 is disabled by default (cf. RFC 7525 3.1.1). TLSv1 (1.0) should be
+ # disabled as quickly as practical. By the end of 2016, only the TLSv1.2
+ # protocol or later should remain in use.
+-SSLProtocol all -SSLv3
+-SSLProxyProtocol all -SSLv3
++SSLProtocol all
++SSLProxyProtocol all
+
+ # Pass Phrase Dialog:
+ # Configure the pass phrase gathering process.
+@@ -122,7 +126,7 @@
# General setup for the virtual host
DocumentRoot "@exp_htdocsdir@"