svn commit: r388056 - in head/www/apache22: . files
Olli Hauer
ohauer at FreeBSD.org
Sun May 31 12:52:07 UTC 2015
Author: ohauer
Date: Sun May 31 12:52:00 2015
New Revision: 388056
URL: https://svnweb.freebsd.org/changeset/ports/388056
Log:
- use @sample for conf files
- backport ab from 2.4.x
- fix mode for suexec, cgi test files
- adopt http-ssl.conf.in from upstream trunk
- rebuild some patches
Modified:
head/www/apache22/Makefile
head/www/apache22/files/patch-Makefile.in
head/www/apache22/files/patch-acinclude.m4
head/www/apache22/files/patch-config.layout
head/www/apache22/files/patch-configure.in
head/www/apache22/files/patch-docs__conf__extra__httpd-mpm.conf.in
head/www/apache22/files/patch-docs__conf__extra__httpd-ssl.conf.in
head/www/apache22/files/patch-docs__conf__extra__httpd-userdir.conf.in
head/www/apache22/files/patch-docs__conf__httpd.conf.in
head/www/apache22/files/patch-include__ap_config_auto.h.in
head/www/apache22/files/patch-include__httpd.h
head/www/apache22/files/patch-modules__proxy__mod_proxy_connect.c
head/www/apache22/files/patch-modules__ssl__ssl_engine_init.c
head/www/apache22/files/patch-modules__ssl__ssl_engine_rand.c
head/www/apache22/files/patch-modules__ssl__ssl_engine_vars.c
head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.c
head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.h
head/www/apache22/files/patch-server__config.c
head/www/apache22/files/patch-server__core.c
head/www/apache22/files/patch-support__Makefile.in
head/www/apache22/files/patch-support__ab.c
head/www/apache22/files/patch-support__apachectl.in
head/www/apache22/files/patch-support__apxs.in
head/www/apache22/files/patch-support__envvars-std.in
head/www/apache22/files/patch-support__log_server_status.in
head/www/apache22/pkg-plist
Modified: head/www/apache22/Makefile
==============================================================================
--- head/www/apache22/Makefile Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/Makefile Sun May 31 12:52:00 2015 (r388056)
@@ -2,7 +2,7 @@
PORTNAME= apache22
PORTVERSION= 2.2.29
-PORTREVISION?= 3
+PORTREVISION?= 4
CATEGORIES= www ipv6
MASTER_SITES= APACHE_HTTPD
DISTNAME= httpd-${PORTVERSION}
@@ -95,11 +95,12 @@ CONFIGURE_ARGS+=--prefix=${PREFIX} \
--with-apr=${APR_CONFIG} \
--with-apr-util=${APU_CONFIG}
-CONFIGURE_ENV= LOCALBASE="${LOCALBASE}"
+CONFIGURE_ENV= CONFIG_SHELL="${SH}" \
+ LOCALBASE="${LOCALBASE}"
MAKE_ENV+= EXPR_COMPAT=yes \
INSTALL_MAN="${INSTALL_MAN}" \
- EXAMPLESDIR=${EXAMPLESDIR}
+ DATADIR=${DATADIR}
#=====================================================
# CONFIGURE_ARGS will be handled in Makefile.modules,
@@ -131,7 +132,7 @@ post-extract:
# remove possible leftover .svn directories in the sources
@${FIND} ${WRKSRC} -type d -name .svn -print | ${XARGS} ${RM} -rf
# limit grep results ...
- @${FIND} ${WRKSRC} -type f \( -name 'NWGNU*' -o -name '*.ds?' -o -name '*.dep' -o -name '*.mak' -o -name '*.win' \) -delete
+ ${FIND} ${WRKSRC} -type f \( -name 'NWGNU*' -o -name '*.ds?' -o -name '*.dep' -o -name '*.mak' -o -name '*.win' -o -name '*.vbs' -o -name '*.wsf' \) -delete
# make qa script happy, it complains on empty dirs even 'PORTDOCS=*' is set
# use RMDIR in case upstream ever place some files into this dirs
@@ -184,8 +185,6 @@ post-install:
${INSTALL_DATA} ${FILESDIR}/no-accf.conf ${STAGEDIR}${ETCDIR}/Includes/
# place for 3rd party module configuration
${INSTALL_DATA} ${FILESDIR}/README_modules.d ${STAGEDIR}${ETCDIR}/modules.d/
- @${MKDIR} ${STAGEDIR}/${EXAMPLESDIR}/modules.d
- ${INSTALL_DATA} ${FILESDIR}/README_modules.d ${STAGEDIR}${EXAMPLESDIR}/modules.d
# strip returns an error for non binary files, but we have a big mix
-${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/* 2>/dev/null
-${STRIP_CMD} ${STAGEDIR}${PREFIX}/libexec/apache22/mod_*.so
Modified: head/www/apache22/files/patch-Makefile.in
==============================================================================
--- head/www/apache22/files/patch-Makefile.in Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-Makefile.in Sun May 31 12:52:00 2015 (r388056)
@@ -1,28 +1,46 @@
---- ./Makefile.in.orig 2008-11-25 21:24:49.000000000 +0100
-+++ ./Makefile.in 2014-07-08 06:12:16.000000000 +0200
-@@ -31,12 +31,10 @@
+--- Makefile.in.orig 2008-11-25 20:24:49 UTC
++++ Makefile.in
+@@ -31,12 +31,9 @@ include $(top_srcdir)/build/program.mk
install-conf:
@echo Installing configuration files
@$(MKINSTALLDIRS) $(DESTDIR)$(sysconfdir) $(DESTDIR)$(sysconfdir)/extra
- @$(MKINSTALLDIRS) $(DESTDIR)$(sysconfdir)/original/extra
-+ @$(MKINSTALLDIRS) $(DESTDIR)$(EXAMPLESDIR) $(DESTDIR)$(EXAMPLESDIR)/extra
@cd $(top_srcdir)/docs/conf; \
for i in mime.types magic; do \
- if test ! -f $(DESTDIR)$(sysconfdir)/$$i; then \
- $(INSTALL_DATA) $$i $(DESTDIR)$(sysconfdir); \
- fi; \
-+ $(INSTALL_DATA) $$i $(DESTDIR)$(EXAMPLESDIR); \
++ $(INSTALL_DATA) $$i $(DESTDIR)$(sysconfdir)/$${i}.sample; \
done; \
for j in $(top_srcdir)/docs/conf $(top_builddir)/docs/conf ; do \
cd $$j ; \
-@@ -69,15 +67,12 @@
+@@ -59,7 +56,17 @@ install-conf:
+ < $$i; \
+ for j in $(DSO_MODULES) "^EOL^"; do \
+ if test $$j != "^EOL^"; then \
+- echo "LoadModule $${j}_module $(rel_libexecdir)/mod_$${j}.so"; \
++ if test $$j == "cgid"; then \
++ echo "<IfModule !mpm_prefork_module>"; \
++ echo "LoadModule $${j}_module $(rel_libexecdir)/mod_$${j}.so"; \
++ echo "</IfModule>"; \
++ elif test $$j == "cgi"; then \
++ echo "<IfModule mpm_prefork_module>"; \
++ echo "LoadModule $${j}_module $(rel_libexecdir)/mod_$${j}.so"; \
++ echo "</IfModule>"; \
++ else \
++ echo "LoadModule $${j}_module $(rel_libexecdir)/mod_$${j}.so"; \
++ fi; \
+ fi; \
+ done; \
+ sed -e '1,/@@LoadModule@@/d' \
+@@ -69,15 +76,12 @@ install-conf:
-e 's#@@SSLPort@@#$(SSLPORT)#g' \
< $$i; \
fi \
- ) > $(DESTDIR)$(sysconfdir)/original/$$i; \
- chmod 0644 $(DESTDIR)$(sysconfdir)/original/$$i; \
-+ ) > $(DESTDIR)$(EXAMPLESDIR)/$$i; \
-+ chmod 0644 $(DESTDIR)$(EXAMPLESDIR)/$$i; \
++ ) > $(DESTDIR)$(sysconfdir)/$${i}.sample; \
++ chmod 0644 $(DESTDIR)$(sysconfdir)/$${i}.sample; \
file=$$i; \
if [ "$$i" = "httpd.conf" ]; then \
file=`echo $$i|sed s/.*.conf/$(PROGRAM_NAME).conf/`; \
@@ -33,7 +51,7 @@
fi; \
done ; \
done ; \
-@@ -120,48 +115,25 @@
+@@ -120,48 +124,25 @@ dox:
doxygen $(top_srcdir)/docs/doxygen.conf
install-htdocs:
@@ -50,8 +68,8 @@
- cd $(DESTDIR)$(htdocsdir) && find . -name ".svn" -type d -print | xargs rm -rf 2>/dev/null || true; \
- fi; \
- fi
-+ $(MKINSTALLDIRS) $(DESTDIR)$(EXAMPLESDIR) ; \
-+ test -d $(htdocs-srcdir) && (cd $(htdocs-srcdir) && cp -rp index.html $(DESTDIR)$(EXAMPLESDIR)) || true
++ $(MKINSTALLDIRS) $(DESTDIR)$(DATADIR)/misc ; \
++ test -d $(htdocs-srcdir) && (cd $(htdocs-srcdir) && cp -rp index.html $(DESTDIR)$(DATADIR)/misc) || true
install-error:
- - at if [ -d $(DESTDIR)$(errordir) ]; then \
@@ -91,7 +109,7 @@
install-other:
@test -d $(DESTDIR)$(logfiledir) || $(MKINSTALLDIRS) $(DESTDIR)$(logfiledir)
-@@ -210,12 +182,7 @@
+@@ -210,12 +191,7 @@ install-man:
@test -d $(DESTDIR)$(manualdir) || $(MKINSTALLDIRS) $(DESTDIR)$(manualdir)
@cp -p $(top_srcdir)/docs/man/*.1 $(DESTDIR)$(mandir)/man1
@cp -p $(top_srcdir)/docs/man/*.8 $(DESTDIR)$(mandir)/man8
Modified: head/www/apache22/files/patch-acinclude.m4
==============================================================================
--- head/www/apache22/files/patch-acinclude.m4 Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-acinclude.m4 Sun May 31 12:52:00 2015 (r388056)
@@ -1,9 +1,10 @@
---- acinclude.m4.orig 2012-07-06 17:23:21.000000000 +0200
-+++ acinclude.m4 2015-02-28 10:22:26.577650967 +0100
-@@ -455,6 +455,8 @@
+--- acinclude.m4.orig 2012-07-06 15:23:21 UTC
++++ acinclude.m4
+@@ -455,6 +455,9 @@ if test "x$ap_ssltk_configured" = "x"; t
AC_CHECK_HEADERS([openssl/engine.h])
AC_CHECK_FUNCS([SSLeay_version SSL_CTX_new], [], [liberrors="yes"])
AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines])
++ dnl PR 196256, https://issues.apache.org/bugzilla/show_bug.cgi?id=57395
+ AC_CHECK_FUNCS([SSL_CTX_use_certificate_chain])
+ AC_CHECK_LIB(crypto, RAND_egd, AC_DEFINE(HAVE_SSL_RAND_EGD, 1, [Define if the libcrypto has RAND_egd]))
else
Modified: head/www/apache22/files/patch-config.layout
==============================================================================
--- head/www/apache22/files/patch-config.layout Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-config.layout Sun May 31 12:52:00 2015 (r388056)
@@ -1,5 +1,5 @@
---- ./config.layout.orig 2004-11-21 13:50:36.000000000 -0500
-+++ ./config.layout 2010-05-06 19:37:54.214731918 -0400
+--- config.layout.orig 2012-02-27 22:57:18 UTC
++++ config.layout
@@ -281,17 +281,17 @@
bindir: ${exec_prefix}/bin
sbindir: ${exec_prefix}/sbin
Modified: head/www/apache22/files/patch-configure.in
==============================================================================
--- head/www/apache22/files/patch-configure.in Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-configure.in Sun May 31 12:52:00 2015 (r388056)
@@ -1,6 +1,6 @@
---- ./configure.in.orig 2008-12-01 15:32:43.000000000 -0500
-+++ ./configure.in 2010-05-06 19:37:54.216730223 -0400
-@@ -87,9 +87,14 @@
+--- configure.in.orig 2013-06-27 16:59:04 UTC
++++ configure.in
+@@ -87,9 +87,14 @@ if test "$apr_found" = "no"; then
AC_MSG_ERROR([APR not found. Please read the documentation.])
fi
@@ -16,7 +16,7 @@
[--enable-layout=*|\'--enable-layout=*])
dnl We must be the first to build and the last to be cleaned
AP_BUILD_SRCLIB_DIRS="apr $AP_BUILD_SRCLIB_DIRS"
-@@ -123,6 +128,11 @@
+@@ -123,6 +128,11 @@ if test "$apu_found" = "no"; then
AC_MSG_ERROR([APR-util not found. Please read the documentation.])
fi
@@ -28,7 +28,7 @@
# Catch some misconfigurations:
case ${apr_found}.${apu_found} in
reconfig.yes)
-@@ -135,7 +145,7 @@
+@@ -135,7 +145,7 @@ esac
if test "$apu_found" = "reconfig"; then
APR_SUBDIR_CONFIG(srclib/apr-util,
@@ -37,7 +37,19 @@
[--enable-layout=*|\'--enable-layout=*])
dnl We must be the last to build and the first to be cleaned
AP_BUILD_SRCLIB_DIRS="$AP_BUILD_SRCLIB_DIRS apr-util"
-@@ -653,8 +663,14 @@
+@@ -480,7 +490,10 @@ AC_ARG_ENABLE(v4-mapped,APACHE_HELP_STRI
+ ],
+ [
+ case $host in
+- *freebsd5*|*netbsd*|*openbsd*)
++ *freebsd[[1234]].*)
++ v4mapped=yes
++ ;;
++ *freebsd*|*netbsd*|*openbsd*)
+ v4mapped=no
+ ;;
+ *mingw*)
+@@ -678,8 +691,14 @@ AC_DEFINE_UNQUOTED(HTTPD_ROOT, "${ap_pre
[Root directory of the Apache install area])
AC_DEFINE_UNQUOTED(SERVER_CONFIG_FILE, "${rel_sysconfdir}/${progname}.conf",
[Location of the config file, relative to the Apache root directory])
Modified: head/www/apache22/files/patch-docs__conf__extra__httpd-mpm.conf.in
==============================================================================
--- head/www/apache22/files/patch-docs__conf__extra__httpd-mpm.conf.in Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-docs__conf__extra__httpd-mpm.conf.in Sun May 31 12:52:00 2015 (r388056)
@@ -1,5 +1,5 @@
---- docs/conf/extra/httpd-mpm.conf.in.bak 2007-12-29 06:08:28.000000000 +0300
-+++ docs/conf/extra/httpd-mpm.conf.in 2013-01-02 05:58:13.000000000 +0400
+--- docs/conf/extra/httpd-mpm.conf.in.orig 2007-12-29 03:08:28 UTC
++++ docs/conf/extra/httpd-mpm.conf.in
@@ -17,7 +17,7 @@
#
<IfModule !mpm_winnt_module>
Modified: head/www/apache22/files/patch-docs__conf__extra__httpd-ssl.conf.in
==============================================================================
--- head/www/apache22/files/patch-docs__conf__extra__httpd-ssl.conf.in Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-docs__conf__extra__httpd-ssl.conf.in Sun May 31 12:52:00 2015 (r388056)
@@ -1,6 +1,50 @@
---- ./docs/conf/extra/httpd-ssl.conf.in.orig 2012-02-01 08:25:55.000000000 -0800
-+++ ./docs/conf/extra/httpd-ssl.conf.in 2012-02-01 08:27:23.000000000 -0800
-@@ -77,8 +77,8 @@
+--- docs/conf/extra/httpd-ssl.conf.in.orig 2013-11-11 14:00:57 UTC
++++ docs/conf/extra/httpd-ssl.conf.in
+@@ -49,6 +49,43 @@ Listen @@SSLPort@@
+ AddType application/x-x509-ca-cert .crt
+ AddType application/x-pkcs7-crl .crl
+
++# SSL Cipher Suite:
++# List the ciphers that the client is permitted to negotiate,
++# and that httpd will negotiate as the client of a proxied server.
++# See the OpenSSL documentation for a complete list of ciphers, and
++# ensure these follow appropriate best practices for this deployment.
++# httpd 2.2.30, 2.4.13 and later force-disable aNULL, eNULL and EXP ciphers,
++# while OpenSSL disabled these by default in 0.9.8zf/1.0.0r/1.0.1m/1.0.2a.
++SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
++SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4
++
++# By the end of 2016, only TLSv1.2 ciphers should remain in use.
++# Older ciphers should be disallowed as soon as possible, while the
++# kRSA ciphers do not offer forward secrecy. These changes inhibit
++# older clients (such as IE6 SP2 or IE8 on Windows XP, or other legacy
++# non-browser tooling) from successfully connecting.
++#
++# To restrict mod_ssl to use only TLSv1.2 ciphers, and disable
++# those protocols which do not support forward secrecy, replace
++# the SSLCipherSuite and SSLProxyCipherSuite directives above with
++# the following two directives, as soon as practical.
++# SSLCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA
++# SSLProxyCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA
++
++# User agents such as web browsers are not configured for the user's
++# own preference of either security or performance, therefore this
++# must be the prerogative of the web server administrator who manages
++# cpu load versus confidentiality, so enforce the server's cipher order.
++SSLHonorCipherOrder on
++
++# SSL Protocol support:
++# List the protocol versions which clients are allowed to connect with.
++# Disable SSLv2 and SSLv3 by default (cf. RFC 7525 3.1.1). TLSv1 (1.0)
++# should be disabled as quickly as practical. By the end of 2016, only
++# the TLSv1.2 protocol or later should remain in use.
++SSLProtocol all -SSLv2 -SSLv3
++SSLProxyProtocol all -SSLv2 -SSLv3
++
+ # Pass Phrase Dialog:
+ # Configure the pass phrase gathering process.
+ # The filtering dialog program (`builtin' is a internal
+@@ -77,36 +114,13 @@ SSLMutex "file:@exp_runtimedir@/ssl_mut
DocumentRoot "@exp_htdocsdir@"
ServerName www.example.com:@@SSLPort@@
ServerAdmin you at example.com
@@ -11,7 +55,35 @@
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
-@@ -243,7 +243,7 @@
+ SSLEngine on
+
+-# SSL Protocol support:
+-# List the protocol versions which clients are allowed to
+-# connect with. Disable SSLv2 by default (cf. RFC 6176).
+-SSLProtocol all -SSLv2
+-
+-# SSL Cipher Suite:
+-# List the ciphers that the client is permitted to negotiate.
+-# See the mod_ssl documentation for a complete list.
+-SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
+-
+-# Speed-optimized SSL Cipher configuration:
+-# If speed is your main concern (on busy HTTPS servers e.g.),
+-# you might want to force clients to specific, performance
+-# optimized ciphers. In this case, prepend those ciphers
+-# to the SSLCipherSuite list, and enable SSLHonorCipherOrder.
+-# Caveat: by giving precedence to RC4-SHA and AES128-SHA
+-# (as in the example below), most connections will no longer
+-# have perfect forward secrecy - if the server's key is
+-# compromised, captures of past or future traffic must be
+-# considered compromised, too.
+-#SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5
+-#SSLHonorCipherOrder on
+-
+ # Server Certificate:
+ # Point SSLCertificateFile at a PEM encoded certificate. If
+ # the certificate is encrypted, then you will be prompted for a
+@@ -249,7 +263,7 @@ BrowserMatch "MSIE [2-5]" \
# Per-Server Logging:
# The home of a custom SSL log file. Use this when you want a
# compact non-error SSL logfile on a virtual host basis.
Modified: head/www/apache22/files/patch-docs__conf__extra__httpd-userdir.conf.in
==============================================================================
--- head/www/apache22/files/patch-docs__conf__extra__httpd-userdir.conf.in Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-docs__conf__extra__httpd-userdir.conf.in Sun May 31 12:52:00 2015 (r388056)
@@ -1,5 +1,5 @@
---- ./docs/conf/extra/httpd-userdir.conf.in.orig 2007-03-07 02:33:58.000000000 -0500
-+++ ./docs/conf/extra/httpd-userdir.conf.in 2010-05-06 19:37:54.222730166 -0400
+--- docs/conf/extra/httpd-userdir.conf.in.orig 2007-03-07 07:33:58 UTC
++++ docs/conf/extra/httpd-userdir.conf.in
@@ -8,7 +8,7 @@
# the default access control for these directories, as in the example below.
#
@@ -9,7 +9,7 @@
#
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
-@@ -25,4 +25,3 @@
+@@ -25,4 +25,3 @@ UserDir public_html
Deny from all
</LimitExcept>
</Directory>
Modified: head/www/apache22/files/patch-docs__conf__httpd.conf.in
==============================================================================
--- head/www/apache22/files/patch-docs__conf__httpd.conf.in Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-docs__conf__httpd.conf.in Sun May 31 12:52:00 2015 (r388056)
@@ -1,6 +1,6 @@
---- ./docs/conf/httpd.conf.in.orig 2007-12-21 06:43:00.000000000 -0500
-+++ ./docs/conf/httpd.conf.in 2010-05-06 19:37:54.224731824 -0400
-@@ -54,6 +54,9 @@
+--- docs/conf/httpd.conf.in.orig 2012-02-06 16:54:24 UTC
++++ docs/conf/httpd.conf.in
+@@ -54,6 +54,9 @@ Listen @@Port@@
#
@@LoadModule@@
@@ -10,7 +10,7 @@
<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>
#
-@@ -63,8 +63,8 @@
+@@ -64,8 +67,8 @@ Listen @@Port@@
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
#
@@ -21,7 +21,7 @@
</IfModule>
</IfModule>
-@@ -113,7 +113,6 @@
+@@ -114,7 +117,6 @@ DocumentRoot "@exp_htdocsdir@"
# features.
#
<Directory />
@@ -29,7 +29,7 @@
AllowOverride None
Order deny,allow
Deny from all
-@@ -184,7 +183,7 @@
+@@ -185,7 +187,7 @@ DocumentRoot "@exp_htdocsdir@"
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
@@ -38,7 +38,7 @@
#
# LogLevel: Control the number of messages logged to the error_log.
-@@ -213,13 +212,13 @@
+@@ -214,13 +216,13 @@ LogLevel warn
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
#
@@ -54,7 +54,7 @@
</IfModule>
<IfModule alias_module>
-@@ -408,3 +407,5 @@
+@@ -416,3 +418,5 @@ DefaultType text/plain
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
Modified: head/www/apache22/files/patch-include__ap_config_auto.h.in
==============================================================================
--- head/www/apache22/files/patch-include__ap_config_auto.h.in Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-include__ap_config_auto.h.in Sun May 31 12:52:00 2015 (r388056)
@@ -1,5 +1,5 @@
---- include/ap_config_auto.h.in.orig 2014-08-22 19:54:18.000000000 +0200
-+++ include/ap_config_auto.h.in 2015-02-28 10:25:55.191842645 +0100
+--- include/ap_config_auto.h.in.orig 2014-08-22 17:54:18 UTC
++++ include/ap_config_auto.h.in
@@ -127,6 +127,12 @@
/* Define to 1 if you have the `SSL_CTX_new' function. */
#undef HAVE_SSL_CTX_NEW
Modified: head/www/apache22/files/patch-include__httpd.h
==============================================================================
--- head/www/apache22/files/patch-include__httpd.h Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-include__httpd.h Sun May 31 12:52:00 2015 (r388056)
@@ -1,6 +1,6 @@
--- include/httpd.h.orig 2014-08-21 17:33:48 UTC
+++ include/httpd.h
-@@ -1905,12 +1905,6 @@
+@@ -1905,12 +1905,6 @@ AP_DECLARE(char *) ap_get_exec_line(apr_
const char *cmd,
const char * const *argv);
Modified: head/www/apache22/files/patch-modules__proxy__mod_proxy_connect.c
==============================================================================
--- head/www/apache22/files/patch-modules__proxy__mod_proxy_connect.c Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-modules__proxy__mod_proxy_connect.c Sun May 31 12:52:00 2015 (r388056)
@@ -1,5 +1,5 @@
---- ./modules/proxy/mod_proxy_connect.c.orig 2010-12-08 20:31:34.000000000 +0100
-+++ ./modules/proxy/mod_proxy_connect.c 2012-02-02 17:12:20.000000000 +0100
+--- modules/proxy/mod_proxy_connect.c.orig 2010-12-08 19:31:34 UTC
++++ modules/proxy/mod_proxy_connect.c
@@ -21,6 +21,8 @@
#include "mod_proxy.h"
#include "apr_poll.h"
@@ -9,7 +9,7 @@
module AP_MODULE_DECLARE_DATA proxy_connect_module;
/*
-@@ -71,6 +73,50 @@
+@@ -71,6 +73,50 @@ static int proxy_connect_canon(request_r
return OK;
}
@@ -60,7 +60,7 @@
/* CONNECT handler */
static int proxy_connect_handler(request_rec *r, proxy_worker *worker,
proxy_server_conf *conf,
-@@ -79,11 +125,15 @@
+@@ -79,11 +125,15 @@ static int proxy_connect_handler(request
{
apr_pool_t *p = r->pool;
apr_socket_t *sock;
@@ -78,7 +78,7 @@
apr_pollset_t *pollset;
apr_pollfd_t pollfd;
const apr_pollfd_t *signalled;
-@@ -158,12 +208,10 @@
+@@ -158,12 +208,10 @@ static int proxy_connect_handler(request
case APR_URI_SNEWS_DEFAULT_PORT:
break;
default:
@@ -93,7 +93,7 @@
}
/*
-@@ -205,19 +253,57 @@
+@@ -205,19 +253,57 @@ static int proxy_connect_handler(request
}
}
@@ -158,7 +158,7 @@
/* If we are connecting through a remote proxy, we need to pass
* the CONNECT request on to it.
-@@ -227,12 +313,11 @@
+@@ -227,12 +313,11 @@ static int proxy_connect_handler(request
*/
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
"proxy: CONNECT: sending the CONNECT request to the remote proxy");
@@ -175,7 +175,7 @@
}
else {
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
-@@ -240,11 +325,12 @@
+@@ -240,11 +325,12 @@ static int proxy_connect_handler(request
nbytes = apr_snprintf(buffer, sizeof(buffer),
"HTTP/1.0 200 Connection Established" CRLF);
ap_xlate_proto_to_ascii(buffer, nbytes);
@@ -190,7 +190,7 @@
#if 0
/* This is safer code, but it doesn't work yet. I'm leaving it
* here so that I can fix it later.
-@@ -264,28 +350,16 @@
+@@ -264,28 +350,16 @@ static int proxy_connect_handler(request
*
* Handle two way transfer of data over the socket (this is a tunnel).
*/
@@ -226,7 +226,7 @@
while (1) { /* Infinite loop until error (one side closes the connection) */
if ((rv = apr_pollset_poll(pollset, -1, &pollcnt, &signalled)) != APR_SUCCESS) {
if (APR_STATUS_IS_EINTR(rv)) {
-@@ -297,7 +371,7 @@
+@@ -297,7 +371,7 @@ static int proxy_connect_handler(request
}
#ifdef DEBUGGING
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
@@ -235,7 +235,7 @@
#endif
for (pi = 0; pi < pollcnt; pi++) {
-@@ -307,72 +381,31 @@
+@@ -307,72 +381,31 @@ static int proxy_connect_handler(request
pollevent = cur->rtnevents;
if (pollevent & APR_POLLIN) {
#ifdef DEBUGGING
@@ -321,7 +321,7 @@
}
if (rv != APR_SUCCESS) {
break;
-@@ -388,7 +421,9 @@
+@@ -388,7 +421,9 @@ static int proxy_connect_handler(request
* Close the socket and clean up
*/
Modified: head/www/apache22/files/patch-modules__ssl__ssl_engine_init.c
==============================================================================
--- head/www/apache22/files/patch-modules__ssl__ssl_engine_init.c Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-modules__ssl__ssl_engine_init.c Sun May 31 12:52:00 2015 (r388056)
@@ -1,6 +1,6 @@
---- modules/ssl/ssl_engine_init.c.orig 2014-07-16 08:04:38.000000000 +0200
-+++ modules/ssl/ssl_engine_init.c 2015-02-28 10:52:11.571641334 +0100
-@@ -406,9 +406,11 @@
+--- modules/ssl/ssl_engine_init.c.orig 2014-07-16 06:04:38 UTC
++++ modules/ssl/ssl_engine_init.c
+@@ -406,9 +406,11 @@ void ssl_init_Engine(server_rec *s, apr_
ssl_die();
}
@@ -12,7 +12,7 @@
if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
-@@ -584,6 +586,10 @@
+@@ -584,6 +586,10 @@ static void ssl_init_ctx_protocol(server
#endif
@@ -23,7 +23,7 @@
#ifndef OPENSSL_NO_COMP
if (sc->compression != TRUE) {
#ifdef SSL_OP_NO_COMPRESSION
-@@ -831,7 +837,11 @@
+@@ -831,7 +837,11 @@ static void ssl_init_ctx_cert_chain(serv
}
}
Modified: head/www/apache22/files/patch-modules__ssl__ssl_engine_rand.c
==============================================================================
--- head/www/apache22/files/patch-modules__ssl__ssl_engine_rand.c Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-modules__ssl__ssl_engine_rand.c Sun May 31 12:52:00 2015 (r388056)
@@ -1,6 +1,6 @@
---- modules/ssl/ssl_engine_rand.c.orig 2006-07-12 05:38:44.000000000 +0200
-+++ modules/ssl/ssl_engine_rand.c 2015-02-28 10:47:35.481607754 +0100
-@@ -83,17 +83,6 @@
+--- modules/ssl/ssl_engine_rand.c.orig 2006-07-12 03:38:44 UTC
++++ modules/ssl/ssl_engine_rand.c
+@@ -83,17 +83,6 @@ int ssl_rand_seed(server_rec *s, apr_poo
nDone += ssl_rand_feedfp(p, fp, pRandSeed->nBytes);
ssl_util_ppclose(s, p, fp);
}
Modified: head/www/apache22/files/patch-modules__ssl__ssl_engine_vars.c
==============================================================================
--- head/www/apache22/files/patch-modules__ssl__ssl_engine_vars.c Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-modules__ssl__ssl_engine_vars.c Sun May 31 12:52:00 2015 (r388056)
@@ -1,6 +1,6 @@
---- modules/ssl/ssl_engine_vars.c.orig 2013-02-12 12:51:17.000000000 +0100
-+++ modules/ssl/ssl_engine_vars.c 2015-02-28 10:54:21.257798164 +0100
-@@ -832,7 +832,7 @@
+--- modules/ssl/ssl_engine_vars.c.orig 2013-02-12 11:51:17 UTC
++++ modules/ssl/ssl_engine_vars.c
+@@ -832,7 +832,7 @@ static char *ssl_var_lookup_ssl_compress
{
char *result = "NULL";
#ifdef OPENSSL_VERSION_NUMBER
Modified: head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.c
==============================================================================
--- head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.c Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.c Sun May 31 12:52:00 2015 (r388056)
@@ -1,6 +1,6 @@
---- modules/ssl/ssl_util_ssl.c.orig 2012-08-17 19:30:46.000000000 +0200
-+++ modules/ssl/ssl_util_ssl.c 2015-02-28 10:30:48.557501618 +0100
-@@ -492,7 +492,11 @@
+--- modules/ssl/ssl_util_ssl.c.orig 2012-08-17 17:30:46 UTC
++++ modules/ssl/ssl_util_ssl.c
+@@ -492,7 +492,11 @@ BOOL SSL_X509_INFO_load_path(apr_pool_t
* format, possibly followed by a sequence of CA certificates that
* should be sent to the peer in the SSL Certificate message.
*/
Modified: head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.h
==============================================================================
--- head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.h Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-modules__ssl__ssl_util_ssl.h Sun May 31 12:52:00 2015 (r388056)
@@ -1,6 +1,6 @@
---- modules/ssl/ssl_util_ssl.h.orig 2012-08-17 19:30:46.000000000 +0200
-+++ modules/ssl/ssl_util_ssl.h 2015-02-28 10:33:07.042671521 +0100
-@@ -89,7 +89,11 @@
+--- modules/ssl/ssl_util_ssl.h.orig 2012-08-17 17:30:46 UTC
++++ modules/ssl/ssl_util_ssl.h
+@@ -89,7 +89,11 @@ char *SSL_X509_NAME_to_string(apr_
BOOL SSL_X509_getCN(apr_pool_t *, X509 *, char **);
BOOL SSL_X509_INFO_load_file(apr_pool_t *, STACK_OF(X509_INFO) *, const char *);
BOOL SSL_X509_INFO_load_path(apr_pool_t *, STACK_OF(X509_INFO) *, const char *);
Modified: head/www/apache22/files/patch-server__config.c
==============================================================================
--- head/www/apache22/files/patch-server__config.c Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-server__config.c Sun May 31 12:52:00 2015 (r388056)
@@ -3,9 +3,9 @@ http://lists.freebsd.org/pipermail/freeb
https://issues.apache.org/bugzilla/show_bug.cgi?id=53823
==================================================================
---- ./server/config.c.orig 2010-10-07 18:56:54.000000000 +0200
-+++ ./server/config.c 2012-09-05 08:39:18.000000000 +0200
-@@ -1979,6 +1979,11 @@
+--- server/config.c.orig 2010-10-07 16:56:54 UTC
++++ server/config.c
+@@ -1979,6 +1979,11 @@ static server_rec *init_server_config(pr
/* NOT virtual host; don't match any real network interface */
rv = apr_sockaddr_info_get(&s->addrs->host_addr,
NULL, APR_INET, 0, 0, p);
Modified: head/www/apache22/files/patch-server__core.c
==============================================================================
--- head/www/apache22/files/patch-server__core.c Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-server__core.c Sun May 31 12:52:00 2015 (r388056)
@@ -1,6 +1,6 @@
---- ./server/core.c.orig 2009-07-02 17:30:36.000000000 -0400
-+++ ./server/core.c 2010-05-06 19:37:54.278731038 -0400
-@@ -500,6 +500,7 @@
+--- server/core.c.orig 2014-08-21 17:33:48 UTC
++++ server/core.c
+@@ -512,6 +512,7 @@ static void *merge_core_server_configs(a
core_server_config *base = (core_server_config *)basev;
core_server_config *virt = (core_server_config *)virtv;
core_server_config *conf;
@@ -8,7 +8,7 @@
conf = (core_server_config *)apr_pmemdup(p, virt, sizeof(core_server_config));
-@@ -515,6 +516,25 @@
+@@ -527,6 +528,25 @@ static void *merge_core_server_configs(a
conf->protocol = base->protocol;
}
@@ -34,7 +34,7 @@
conf->sec_dir = apr_array_append(p, base->sec_dir, virt->sec_dir);
conf->sec_url = apr_array_append(p, base->sec_url, virt->sec_url);
-@@ -2750,7 +2770,7 @@
+@@ -2778,7 +2798,7 @@ AP_DECLARE(void) ap_get_server_revision(
AP_DECLARE(const char *) ap_get_server_description(void)
{
return server_description ? server_description :
@@ -43,7 +43,7 @@
}
AP_DECLARE(const char *) ap_get_server_banner(void)
-@@ -2811,7 +2831,7 @@
+@@ -2839,7 +2859,7 @@ static void set_banner(apr_pool_t *pconf
ap_add_version_component(pconf, AP_SERVER_BASEPRODUCT "/" AP_SERVER_MAJORVERSION);
}
else {
@@ -52,7 +52,7 @@
}
/*
-@@ -2821,7 +2841,7 @@
+@@ -2849,7 +2869,7 @@ static void set_banner(apr_pool_t *pconf
if (ap_server_tokens != SrvTk_FULL) {
banner_locked++;
}
Modified: head/www/apache22/files/patch-support__Makefile.in
==============================================================================
--- head/www/apache22/files/patch-support__Makefile.in Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-support__Makefile.in Sun May 31 12:52:00 2015 (r388056)
@@ -1,6 +1,6 @@
---- ./support/Makefile.in.orig 2011-04-16 21:09:47.000000000 +0200
-+++ ./support/Makefile.in 2013-09-25 21:02:44.000000000 +0200
-@@ -16,17 +16,14 @@
+--- support/Makefile.in.orig 2011-04-16 19:09:47 UTC
++++ support/Makefile.in
+@@ -16,17 +16,14 @@ install:
@test -d $(DESTDIR)$(sbindir) || $(MKINSTALLDIRS) $(DESTDIR)$(sbindir)
@test -d $(DESTDIR)$(libexecdir) || $(MKINSTALLDIRS) $(DESTDIR)$(libexecdir)
@cp -p $(top_builddir)/server/httpd.exp $(DESTDIR)$(libexecdir)
Modified: head/www/apache22/files/patch-support__ab.c
==============================================================================
--- head/www/apache22/files/patch-support__ab.c Sun May 31 10:59:38 2015 (r388055)
+++ head/www/apache22/files/patch-support__ab.c Sun May 31 12:52:00 2015 (r388056)
@@ -1,18 +1,35 @@
---- ./support/ab.c.orig 2010-01-07 10:11:53.000000000 -0500
-+++ ./support/ab.c 2010-05-06 19:37:54.262732305 -0400
-@@ -200,9 +200,11 @@
- #else
- #define AB_SSL_CIPHER_CONST
- #endif
-+/* prevent build issues with openssl from ports
- #ifdef SSL_OP_NO_TLSv1_2
- #define HAVE_TLSV1_X
- #endif
-+*/
+Backport ab from apache 2.4.x (r1663405)
+=============================================================
+--- support/ab.c.orig 2014-03-12 11:53:12 UTC
++++ support/ab.c
+@@ -156,25 +156,8 @@
+ #include "ap_config_auto.h"
#endif
- #include <math.h>
-@@ -221,13 +221,18 @@
+-#if defined(HAVE_SSLC)
+-
+-/* Libraries for RSA SSL-C */
+-#include <rsa.h>
+-#include <x509.h>
+-#include <pem.h>
+-#include <err.h>
+-#include <ssl.h>
+-#include <r_rand.h>
+-#include <sslc.h>
+-#define USE_SSL
+-#define RSAREF
+-#define SK_NUM(x) sk_num(x)
+-#define SK_VALUE(x,y) sk_value(x,y)
+-typedef STACK X509_STACK_TYPE;
+-
+-#elif defined(HAVE_OPENSSL)
++#if defined(HAVE_OPENSSL)
+
+-/* Libraries on most systems.. */
+ #include <openssl/rsa.h>
+ #include <openssl/crypto.h>
+ #include <openssl/x509.h>
+@@ -224,19 +207,25 @@ typedef STACK_OF(X509) X509_STACK_TYPE;
/* maximum number of requests on a time limited test */
#define MAX_REQUESTS (INT_MAX > 50000 ? 50000 : INT_MAX)
@@ -34,50 +51,180 @@
+ STATE_READ
+} connect_state_e;
- #define CBUFFSIZE (2048)
+-#define CBUFFSIZE (2048)
++#define CBUFFSIZE (8192)
-@@ -252,6 +257,7 @@
- done; /* Connection closed */
+ struct connection {
+ apr_pool_t *ctx;
+ apr_socket_t *aprsock;
++ apr_pollfd_t pollfd;
+ int state;
+ apr_size_t read; /* amount of bytes read */
+ apr_size_t bread; /* amount of body read */
+@@ -267,8 +256,8 @@ struct data {
+ apr_interval_time_t time; /* time for connection */
+ };
- int socknum;
-+ apr_int16_t reqevents; /* current poll events for this socket */
- #ifdef USE_SSL
- SSL *ssl;
- #endif
-@@ -396,6 +402,56 @@
+-#define ap_min(a,b) ((a)<(b))?(a):(b)
+-#define ap_max(a,b) ((a)>(b))?(a):(b)
++#define ap_min(a,b) (((a)<(b))?(a):(b))
++#define ap_max(a,b) (((a)>(b))?(a):(b))
+ #define ap_round_ms(a) ((apr_time_t)((a) + 500)/1000)
+ #define ap_double_ms(a) ((double)(a)/1000.0)
+ #define MAX_CONCURRENCY 20000
+@@ -277,35 +266,38 @@ struct data {
+
+ int verbosity = 0; /* no verbosity by default */
+ int recverrok = 0; /* ok to proceed after socket receive errors */
+-int posting = 0; /* GET by default */
++enum {NO_METH = 0, GET, HEAD, PUT, POST, CUSTOM_METHOD} method = NO_METH;
++const char *method_str[] = {"bug", "GET", "HEAD", "PUT", "POST", ""};
++int send_body = 0; /* non-zero if sending body with request */
+ int requests = 1; /* Number of requests to make */
+ int heartbeatres = 100; /* How often do we say we're alive */
+ int concurrency = 1; /* Number of multiple requests to make */
+ int percentile = 1; /* Show percentile served */
++int nolength = 0; /* Accept variable document length */
+ int confidence = 1; /* Show confidence estimator and warnings */
+ int tlimit = 0; /* time limit in secs */
+ int keepalive = 0; /* try and do keepalive connections */
+ int windowsize = 0; /* we use the OS default window size */
+ char servername[1024]; /* name that server reports */
+ char *hostname; /* host name from URL */
+-char *host_field; /* value of "Host:" header field */
+-char *path; /* path name */
+-char postfile[1024]; /* name of file containing post data */
++const char *host_field; /* value of "Host:" header field */
++const char *path; /* path name */
+ char *postdata; /* *buffer containing data from postfile */
+ apr_size_t postlen = 0; /* length of data to be POSTed */
+-char content_type[1024];/* content type to put in POST header */
+-char *cookie, /* optional cookie line */
+- *auth, /* optional (basic/uuencoded) auhentication */
+- *hdrs; /* optional arbitrary headers */
++char *content_type = NULL; /* content type to put in POST header */
++const char *cookie, /* optional cookie line */
++ *auth, /* optional (basic/uuencoded) auhentication */
++ *hdrs; /* optional arbitrary headers */
+ apr_port_t port; /* port number */
+-char proxyhost[1024]; /* proxy host name */
++char *proxyhost = NULL; /* proxy host name */
+ int proxyport = 0; /* proxy port */
+-char *connecthost;
++const char *connecthost;
++const char *myhost;
+ apr_port_t connectport;
+-char *gnuplot; /* GNUplot file */
+-char *csvperc; /* CSV Percentile file */
+-char url[1024];
+-char * fullurl, * colonhost;
++const char *gnuplot; /* GNUplot file */
++const char *csvperc; /* CSV Percentile file */
++const char *fullurl;
++const char *colonhost;
+ int isproxy = 0;
+ apr_interval_time_t aprtimeout = apr_time_from_sec(30); /* timeout value */
+
+@@ -348,7 +340,7 @@ BIO *bio_out,*bio_err;
+ apr_time_t start, lasttime, stoptime;
+
+ /* global request (and its length) */
+-char _request[2048];
++char _request[8192];
+ char *request = _request;
+ apr_size_t reqlen;
+
+@@ -364,6 +356,7 @@ apr_pool_t *cntxt;
+
+ apr_pollset_t *readbits;
+
++apr_sockaddr_t *mysa;
+ apr_sockaddr_t *destsa;
+
+ #ifdef NOT_ASCII
+@@ -377,7 +370,7 @@ static void close_connection(struct conn
+
+ /* simple little function to write an error string and exit */
+
+-static void err(char *s)
++static void err(const char *s)
+ {
+ fprintf(stderr, "%s\n", s);
+ if (done)
+@@ -387,7 +380,7 @@ static void err(char *s)
+
+ /* simple little function to write an APR error string and exit */
+
+-static void apr_err(char *s, apr_status_t rv)
++static void apr_err(const char *s, apr_status_t rv)
+ {
+ char buf[120];
+
+@@ -399,6 +392,87 @@ static void apr_err(char *s, apr_status_
exit(rv);
}
++static void *xmalloc(size_t size)
++{
++ void *ret = malloc(size);
++ if (ret == NULL) {
++ fprintf(stderr, "Could not allocate memory (%"
++ APR_SIZE_T_FMT" bytes)\n", size);
++ exit(1);
++ }
++ return ret;
++}
++
++static void *xcalloc(size_t num, size_t size)
++{
++ void *ret = calloc(num, size);
++ if (ret == NULL) {
++ fprintf(stderr, "Could not allocate memory (%"
++ APR_SIZE_T_FMT" bytes)\n", size*num);
++ exit(1);
++ }
++ return ret;
++}
++
++static char *xstrdup(const char *s)
++{
++ char *ret = strdup(s);
++ if (ret == NULL) {
++ fprintf(stderr, "Could not allocate memory (%"
++ APR_SIZE_T_FMT " bytes)\n", strlen(s));
++ exit(1);
++ }
++ return ret;
++}
++
++/* pool abort function */
++static int abort_on_oom(int retcode)
++{
++ fprintf(stderr, "Could not allocate memory\n");
++ exit(1);
++ /* not reached */
++ return retcode;
++}
++
+static void set_polled_events(struct connection *c, apr_int16_t new_reqevents)
+{
-+ apr_int16_t old_reqevents = c->reqevents;
-+ apr_pollfd_t pfd;
+ apr_status_t rv;
-+ char buf[120];
+
-+ if (old_reqevents != new_reqevents) {
-+ pfd.desc_type = APR_POLL_SOCKET;
-+ pfd.desc.s = c->aprsock;
-+ pfd.client_data = c;
-+
-+ if (old_reqevents != 0) {
-+ pfd.reqevents = old_reqevents;
-+ rv = apr_pollset_remove(readbits, &pfd);
++ if (c->pollfd.reqevents != new_reqevents) {
++ if (c->pollfd.reqevents != 0) {
++ rv = apr_pollset_remove(readbits, &c->pollfd);
+ if (rv != APR_SUCCESS) {
+ apr_err("apr_pollset_remove()", rv);
+ }
+ }
+
+ if (new_reqevents != 0) {
-+ pfd.reqevents = new_reqevents;
-+ rv = apr_pollset_add(readbits, &pfd);
++ c->pollfd.reqevents = new_reqevents;
++ rv = apr_pollset_add(readbits, &c->pollfd);
+ if (rv != APR_SUCCESS) {
+ apr_err("apr_pollset_add()", rv);
-+ exit(1);
+ }
+ }
-+
-+ c->reqevents = new_reqevents;
+ }
+}
+
@@ -101,7 +248,66 @@
/* --------------------------------------------------------- */
/* write out request to a connection - assumes we can write
* (small) request out in one go into our new socket buffer
-@@ -569,7 +625,6 @@
+@@ -464,7 +538,6 @@ static int ssl_rand_choosenum(int l, int
+
+ static void ssl_rand_seed(void)
+ {
+- int nDone = 0;
+ int n, l;
+ time_t t;
+ pid_t pid;
+@@ -476,7 +549,6 @@ static void ssl_rand_seed(void)
+ t = time(NULL);
+ l = sizeof(time_t);
+ RAND_seed((unsigned char *)&t, l);
+- nDone += l;
+
+ /*
+ * seed in the current process id (usually just 4 bytes)
+@@ -484,14 +556,12 @@ static void ssl_rand_seed(void)
+ pid = getpid();
+ l = sizeof(pid_t);
+ RAND_seed((unsigned char *)&pid, l);
+- nDone += l;
+
+ /*
+ * seed in some current state of the run-time stack (128 bytes)
+ */
+ n = ssl_rand_choosenum(0, sizeof(stackdata)-128-1);
+ RAND_seed(stackdata+n, 128);
+- nDone += 128;
+ }
+
+ static int ssl_print_connection_info(BIO *bio, SSL *ssl)
+@@ -514,6 +584,7 @@ static int ssl_print_connection_info(BIO
+ static void ssl_print_cert_info(BIO *bio, X509 *cert)
+ {
+ X509_NAME *dn;
++ EVP_PKEY *pk;
+ char buf[1024];
+
+ BIO_printf(bio, "Certificate version: %ld\n", X509_get_version(cert)+1);
+@@ -525,8 +596,10 @@ static void ssl_print_cert_info(BIO *bio
+ ASN1_UTCTIME_print(bio, X509_get_notAfter(cert));
+ BIO_printf(bio,"\n");
+
++ pk = X509_get_pubkey(cert);
+ BIO_printf(bio,"Public key is %d bits\n",
+- EVP_PKEY_bits(X509_get_pubkey(cert)));
++ EVP_PKEY_bits(pk));
++ EVP_PKEY_free(pk);
+
+ dn = X509_get_issuer_name(cert);
+ X509_NAME_oneline(dn, buf, sizeof(buf));
+@@ -553,7 +626,6 @@ static void ssl_print_info(struct connec
+ for (i=1; i<count; i++) {
+ cert = (X509 *)SK_VALUE(sk, i);
+ ssl_print_cert_info(bio_out, cert);
+- X509_free(cert);
+ }
+ }
+ cert = SSL_get_peer_certificate(c->ssl);
+@@ -574,7 +646,6 @@ static void ssl_proceed_handshake(struct
while (do_next) {
int ret, ecode;
@@ -109,7 +315,16 @@
ret = SSL_do_handshake(c->ssl);
ecode = SSL_get_error(c->ssl, ret);
-@@ -601,11 +656,7 @@
+@@ -596,7 +667,7 @@ static void ssl_proceed_handshake(struct
+ else
+ pk_bits = 0; /* Anon DH */
+
+- ssl_info = malloc(128);
++ ssl_info = xmalloc(128);
+ apr_snprintf(ssl_info, 128, "%s,%s,%d,%d",
+ SSL_get_version(c->ssl),
+ SSL_CIPHER_get_name(ci),
+@@ -606,11 +677,7 @@ static void ssl_proceed_handshake(struct
do_next = 0;
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-ports-all
mailing list