diff options
| author | Olli Hauer <ohauer@FreeBSD.org> | 2015-01-31 15:22:51 +0000 |
|---|---|---|
| committer | Olli Hauer <ohauer@FreeBSD.org> | 2015-01-31 15:22:51 +0000 |
| commit | 5391a9beb25ff182889d175356652b09d50248ac (patch) | |
| tree | dcd30bc82233b25763d1750b23d08afd11943175 /www/apache24/files/patch-modules__ssl__ssl_engine_init.c | |
| parent | Update WWW. Old URL no longer exists. (diff) | |
- update to 2.4.12
- change MPM backend from static to dynamic,
but keep mpm_prefork for compatiblity with e.g. php modules
- install dedicated MPM load file in case httpd was build with modular MPM
(modules.d/000_mpm_prefork_fallback.conf)
- disable SSLv3 and SSLv2 fallback in sample httpd-ssl-conf
- use @sample macro instead EXAMPLESDIR
- add some SSLCipherSuite examples for OpenSSL >= 1.0.x
- add libressl support [1]
- add pkg-install script (to handle new modular MPM build)
- build now most all modules, so users using packages don't have
to run a custom build for missing modules
- fix suexec mode
PR: 196139 [1]
MFH: 2015Q1
Diffstat (limited to 'www/apache24/files/patch-modules__ssl__ssl_engine_init.c')
| -rw-r--r-- | www/apache24/files/patch-modules__ssl__ssl_engine_init.c | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/www/apache24/files/patch-modules__ssl__ssl_engine_init.c b/www/apache24/files/patch-modules__ssl__ssl_engine_init.c new file mode 100644 index 000000000000..a82cbdc6df5a --- /dev/null +++ b/www/apache24/files/patch-modules__ssl__ssl_engine_init.c @@ -0,0 +1,31 @@ +# libressl support +# https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196139 +# https://issues.apache.org/bugzilla/show_bug.cgi?id=57375 + +--- modules/ssl/ssl_engine_init.c.orig 2015-01-15 12:20:33 UTC ++++ modules/ssl/ssl_engine_init.c +@@ -353,9 +353,11 @@ apr_status_t ssl_init_Engine(server_rec + return ssl_die(s); + } + ++#ifdef ENGINE_CTRL_CHIL_SET_FORKCHECK + if (strEQ(mc->szCryptoDevice, "chil")) { + ENGINE_ctrl(e, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0); + } ++#endif + + if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) { + ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(01889) +@@ -838,7 +840,11 @@ static apr_status_t ssl_init_ctx_cert_ch + } + } + +- n = SSL_CTX_use_certificate_chain(mctx->ssl_ctx, ++#ifndef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN ++ n = SSL_CTX_use_certificate_chain(mctx->ssl_ctx, ++#else ++ n = _SSL_CTX_use_certificate_chain(mctx->ssl_ctx, ++#endif + (char *)chain, + skip_first, NULL); + if (n < 0) { |