diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2018-04-03 18:18:58 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2018-04-06 05:19:23 +0000 |
| commit | cd09307fe3f6c34a0608f0b31c80fa17cf6bb49e (patch) | |
| tree | a24bf7f5bfca4aebd7c5509611ce8b5e748e7527 /main/apache2 | |
| parent | ab286c75830da32c0c449d25565200e00dafcc56 (diff) | |
| download | aports-cd09307fe3f6c34a0608f0b31c80fa17cf6bb49e.tar.bz2 aports-cd09307fe3f6c34a0608f0b31c80fa17cf6bb49e.tar.xz | |
main/apache2: rebuild against libressl-2.7
Diffstat (limited to 'main/apache2')
| -rw-r--r-- | main/apache2/APKBUILD | 4 | ||||
| -rw-r--r-- | main/apache2/libressl-2.7.patch | 74 |
2 files changed, 77 insertions, 1 deletions
diff --git a/main/apache2/APKBUILD b/main/apache2/APKBUILD index 892147c55e..7353d6b2a1 100644 --- a/main/apache2/APKBUILD +++ b/main/apache2/APKBUILD @@ -3,7 +3,7 @@ pkgname=apache2 _pkgreal=httpd pkgver=2.4.33 -pkgrel=0 +pkgrel=1 pkgdesc="A high performance Unix-based HTTP server" url="http://httpd.apache.org/" arch="all" @@ -32,6 +32,7 @@ source="http://archive.apache.org/dist/$_pkgreal/$_pkgreal-$pkgver.tar.bz2 apache2.logrotate apache2.initd alpine.layout + libressl-2.7.patch conf/0001-httpd.conf-ServerRoot.patch conf/0002-httpd.conf-ServerTokens.patch conf/0003-httpd.conf-ServerSignature.patch @@ -324,6 +325,7 @@ sha512sums="e74b2b3346d67be45a8bc8a7cbb8eabf5c403a5cfe5797a976f94a539529843fbcdf 18e8859c7d99c4483792a5fd20127873aad8fa396cafbdb6f2c4253451ffe7a1093a3859ce719375e0769739c93704c88897bd087c63e1ef585e26dcc1f5dd9b apache2.logrotate 81a2d2a297d8049ba1b021b879ec863767149e056d9bdb2ac8acf63572b254935ec96c2e1580eba86639ea56433eec5c41341e4f1501f9072745dccdb3602701 apache2.initd 177c58d049fc4476fd9b9b36b67725145777c84cf81948105c9314cb09312dff6c1931fe21aaa243597abaefded6c6dfd80d83839e45a23950b50de615d73b06 alpine.layout +166e123e149162b3140b96435927a985697b2507646f3d696578eae726e8c9d259469889527d7d4259791b130fe4b1b87f8be56574f3ea1272c27516beb06ae9 libressl-2.7.patch 361e0a74f6f8f5734f074dc2f2001ff64896ecc81f88ea384b6db7db33b7738eb92b4e16163b356259581a8e7dd86adeac971d36d2584abb781e8f9b8fae6356 0001-httpd.conf-ServerRoot.patch 40f3b7579c403952ba1efcb8dfd6ffd91c2695a06a2e5530ab5a583946558790fbfa16cad259d273ac1aa7a6335dd79636aa82fd844dc3a60a34c34d90db5e17 0002-httpd.conf-ServerTokens.patch ad0c1711bc240f99cd0256d0984ad0142e03c384d30378ccca3e47cdd2596307e64bb19fbd810a56c0e4c0716577d3160bad2ae39783b1358412588bc729c113 0003-httpd.conf-ServerSignature.patch diff --git a/main/apache2/libressl-2.7.patch b/main/apache2/libressl-2.7.patch new file mode 100644 index 0000000000..cc31c8aae3 --- /dev/null +++ b/main/apache2/libressl-2.7.patch @@ -0,0 +1,74 @@ +diff --git a/modules/md/md_crypt.c b/modules/md/md_crypt.c +index 66682ea..9cc7862 100644 +--- a/modules/md/md_crypt.c ++++ b/modules/md/md_crypt.c +@@ -471,7 +471,7 @@ apr_status_t md_pkey_gen(md_pkey_t **ppkey, apr_pool_t *p, md_pkey_spec_t *spec) + } + } + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000f) + + #ifndef NID_tlsfeature + #define NID_tlsfeature 1020 +diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c +index 48d64cb..2392019 100644 +--- a/modules/ssl/mod_ssl.c ++++ b/modules/ssl/mod_ssl.c +@@ -398,7 +398,7 @@ static int ssl_hook_pre_config(apr_pool_t *pconf, + /* We must register the library in full, to ensure our configuration + * code can successfully test the SSL environment. + */ +-#if MODSSL_USE_OPENSSL_PRE_1_1_API ++#if MODSSL_USE_OPENSSL_PRE_1_1_API || defined(LIBRESSL_VERSION_NUMBER) + (void)CRYPTO_malloc_init(); + #else + OPENSSL_malloc_init(); +diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c +index a3a74f4..33ea494 100644 +--- a/modules/ssl/ssl_engine_init.c ++++ b/modules/ssl/ssl_engine_init.c +@@ -616,7 +616,8 @@ static apr_status_t ssl_init_ctx_protocol(server_rec *s, + + SSL_CTX_set_options(ctx, SSL_OP_ALL); + +-#if OPENSSL_VERSION_NUMBER < 0x10100000L ++#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20800000L) + /* always disable SSLv2, as per RFC 6176 */ + SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2); + +diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h +index a39569c..e0e1b37 100644 +--- a/modules/ssl/ssl_private.h ++++ b/modules/ssl/ssl_private.h +@@ -132,13 +132,14 @@ + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL) + #define SSL_CTX_set_max_proto_version(ctx, version) \ + SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL) +-#endif +-/* LibreSSL declares OPENSSL_VERSION_NUMBER == 2.0 but does not include most +- * changes from OpenSSL >= 1.1 (new functions, macros, deprecations, ...), so +- * we have to work around this... ++#elif LIBRESSL_VERSION_NUMBER < 0x2070000f ++/* LibreSSL before 2.7 declares OPENSSL_VERSION_NUMBER == 2.0 but does not ++ * include most changes from OpenSSL >= 1.1 (new functions, macros, ++ * deprecations, ...), so we have to work around this... + */ + #define MODSSL_USE_OPENSSL_PRE_1_1_API (1) +-#else ++#endif /* LIBRESSL_VERSION_NUMBER < 0x2060000f */ ++#else /* defined(LIBRESSL_VERSION_NUMBER) */ + #define MODSSL_USE_OPENSSL_PRE_1_1_API (OPENSSL_VERSION_NUMBER < 0x10100000L) + #endif + +@@ -238,7 +239,8 @@ void init_bio_methods(void); + void free_bio_methods(void); + #endif + +-#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER) ++#if OPENSSL_VERSION_NUMBER < 0x10002000L || \ ++ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000f) + #define X509_STORE_CTX_get0_store(x) (x->ctx) + #endif + |