From 30d13f80b5e2bc50f489e0297db152cd61f76439 Mon Sep 17 00:00:00 2001
From: Carl George <carl@george.computer>
Date: Thu, 29 Mar 2018 15:46:58 -0500
Subject: [PATCH] Latest upstream

---
 SOURCES/httpd-2.4.18-sslmultiproxy.patch      | 99 -------------------
 ...export.patch => httpd-2.4.33-export.patch} |  8 +-
 SPECS/httpd24u.spec                           |  9 +-
 3 files changed, 9 insertions(+), 107 deletions(-)
 delete mode 100644 SOURCES/httpd-2.4.18-sslmultiproxy.patch
 rename SOURCES/{httpd-2.4.4-export.patch => httpd-2.4.33-export.patch} (75%)

diff --git a/SOURCES/httpd-2.4.18-sslmultiproxy.patch b/SOURCES/httpd-2.4.18-sslmultiproxy.patch
deleted file mode 100644
index f860b93..0000000
--- a/SOURCES/httpd-2.4.18-sslmultiproxy.patch
+++ /dev/null
@@ -1,99 +0,0 @@
-# From Fedora, http://pkgs.fedoraproject.org/cgit/httpd.git/commit/?id=c791d40a6bdaaea3878c0fcde882db9d7d5a8213
-diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c
-index 717a694..a3ce718 100644
---- a/modules/ssl/mod_ssl.c
-+++ b/modules/ssl/mod_ssl.c
-@@ -395,6 +395,9 @@ static SSLConnRec *ssl_init_connection_ctx(conn_rec *c)
-     return sslconn;
- }
- 
-+static typeof(ssl_proxy_enable) *othermod_proxy_enable;
-+static typeof(ssl_engine_disable) *othermod_engine_disable;
-+
- int ssl_proxy_enable(conn_rec *c)
- {
-     SSLSrvConfigRec *sc;
-@@ -403,6 +406,12 @@ int ssl_proxy_enable(conn_rec *c)
-     sc = mySrvConfig(sslconn->server);
- 
-     if (!sc->proxy_enabled) {
-+        if (othermod_proxy_enable) {
-+            ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c,
-+                          "mod_ssl proxy not configured, passing through to other module.");
-+            return othermod_proxy_enable(c);
-+        }
-+
-         ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, APLOGNO(01961)
-                       "SSL Proxy requested for %s but not enabled "
-                       "[Hint: SSLProxyEngine]", sc->vhost_id);
-@@ -422,6 +431,10 @@ int ssl_engine_disable(conn_rec *c)
- 
-     SSLConnRec *sslconn = myConnConfig(c);
- 
-+    if (othermod_engine_disable) {
-+        othermod_engine_disable(c);
-+    }
-+
-     if (sslconn) {
-         sc = mySrvConfig(sslconn->server);
-     }
-@@ -621,6 +634,9 @@ static void ssl_register_hooks(apr_pool_t *p)
-     ap_hook_post_read_request(ssl_hook_ReadReq, pre_prr,NULL, APR_HOOK_MIDDLE);
- 
-     ssl_var_register(p);
-+    
-+    othermod_proxy_enable = APR_RETRIEVE_OPTIONAL_FN(ssl_proxy_enable);
-+    othermod_engine_disable = APR_RETRIEVE_OPTIONAL_FN(ssl_engine_disable);
- 
-     APR_REGISTER_OPTIONAL_FN(ssl_proxy_enable);
-     APR_REGISTER_OPTIONAL_FN(ssl_engine_disable);
-diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c
-index a6b0d0d..24fd8c7 100644
---- a/modules/ssl/ssl_engine_vars.c
-+++ b/modules/ssl/ssl_engine_vars.c
-@@ -54,6 +54,8 @@ static char *ssl_var_lookup_ssl_cipher(apr_pool_t *p, SSLConnRec *sslconn, char
- static void  ssl_var_lookup_ssl_cipher_bits(SSL *ssl, int *usekeysize, int *algkeysize);
- static char *ssl_var_lookup_ssl_version(apr_pool_t *p, char *var);
- static char *ssl_var_lookup_ssl_compress_meth(SSL *ssl);
-+static APR_OPTIONAL_FN_TYPE(ssl_is_https) *othermod_is_https;
-+static APR_OPTIONAL_FN_TYPE(ssl_var_lookup) *othermod_var_lookup;
- 
- static SSLConnRec *ssl_get_effective_config(conn_rec *c)
- {
-@@ -68,7 +70,9 @@ static SSLConnRec *ssl_get_effective_config(conn_rec *c)
- static int ssl_is_https(conn_rec *c)
- {
-     SSLConnRec *sslconn = ssl_get_effective_config(c);
--    return sslconn && sslconn->ssl;
-+
-+    return (sslconn && sslconn->ssl)
-+        || (othermod_is_https && othermod_is_https(c));
- }
- 
- static const char var_interface[] = "mod_ssl/" AP_SERVER_BASEREVISION;
-@@ -137,6 +141,9 @@ void ssl_var_register(apr_pool_t *p)
- {
-     char *cp, *cp2;
- 
-+    othermod_is_https = APR_RETRIEVE_OPTIONAL_FN(ssl_is_https);
-+    othermod_var_lookup = APR_RETRIEVE_OPTIONAL_FN(ssl_var_lookup);
-+
-     APR_REGISTER_OPTIONAL_FN(ssl_is_https);
-     APR_REGISTER_OPTIONAL_FN(ssl_var_lookup);
-     APR_REGISTER_OPTIONAL_FN(ssl_ext_list);
-@@ -272,6 +279,15 @@ char *ssl_var_lookup(apr_pool_t *p, server_rec *s, conn_rec *c, request_rec *r,
-      */
-     if (result == NULL && c != NULL) {
-         SSLConnRec *sslconn = ssl_get_effective_config(c);
-+
-+        if (strlen(var) > 4 && strcEQn(var, "SSL_", 4)
-+            && (!sslconn || !sslconn->ssl) && othermod_var_lookup) {
-+            /* For an SSL_* variable, if mod_ssl is not enabled for
-+             * this connection and another SSL module is present, pass
-+             * through to that module. */
-+            return othermod_var_lookup(p, s, c, r, var);
-+        }
-+
-         if (strlen(var) > 4 && strcEQn(var, "SSL_", 4)
-             && sslconn && sslconn->ssl)
-             result = ssl_var_lookup_ssl(p, sslconn, r, var+4);
diff --git a/SOURCES/httpd-2.4.4-export.patch b/SOURCES/httpd-2.4.33-export.patch
similarity index 75%
rename from SOURCES/httpd-2.4.4-export.patch
rename to SOURCES/httpd-2.4.33-export.patch
index eb670c6..9adf398 100644
--- a/SOURCES/httpd-2.4.4-export.patch
+++ b/SOURCES/httpd-2.4.33-export.patch
@@ -6,12 +6,12 @@ Upstream-HEAD: needed
 Upstream-2.0: omit
 Upstream-Status: EXPORT_DIRS change is conditional on using shared apr
 
---- httpd-2.4.4/server/Makefile.in.export
-+++ httpd-2.4.4/server/Makefile.in
-@@ -57,9 +57,6 @@ export_files:
- 	( for dir in $(EXPORT_DIRS); do \
+--- httpd-2.4.33/server/Makefile.in.export
++++ httpd-2.4.33/server/Makefile.in
+@@ -60,9 +60,6 @@
  	      ls $$dir/*.h ; \
  	  done; \
+ 	  echo "$(top_srcdir)/server/mpm_fdqueue.h"; \
 -	  for dir in $(EXPORT_DIRS_APR); do \
 -	      ls $$dir/ap[ru].h $$dir/ap[ru]_*.h 2>/dev/null; \
 -	  done; \
diff --git a/SPECS/httpd24u.spec b/SPECS/httpd24u.spec
index 970213f..6de628c 100644
--- a/SPECS/httpd24u.spec
+++ b/SPECS/httpd24u.spec
@@ -35,7 +35,7 @@
 
 Summary: Apache HTTP Server
 Name: httpd24u
-Version: 2.4.29
+Version: 2.4.33
 Release: 1.ius%{?dist}
 URL: https://httpd.apache.org/
 Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
@@ -85,7 +85,7 @@ Patch8: httpd-2.4.3-layout-legacy.patch
 # Needed for socket activation and mod_systemd patch
 Patch19: httpd-2.4.25-detect-systemd.patch
 # Features/functional changes
-Patch23: httpd-2.4.4-export.patch
+Patch23: httpd-2.4.33-export.patch
 Patch24: httpd-2.4.1-corelimit.patch
 Patch25: httpd-2.4.25-selinux.patch
 Patch26: httpd-2.4.4-r1337344+.patch
@@ -93,7 +93,6 @@ Patch27: httpd-2.4.2-icons.patch
 Patch28: httpd-2.4.6-r1332643+.patch
 Patch29: httpd-2.4.27-systemd.patch
 Patch30: httpd-2.4.4-cachehardmax.patch
-Patch31: httpd-2.4.18-sslmultiproxy.patch
 Patch34: httpd-2.4.17-socket-activation.patch
 
 # Bug fixes
@@ -299,7 +298,6 @@ interface for storing and accessing per-user session data.
 %patch28 -p1 -b .r1332643+
 %{?with_systemd:%patch29 -p1 -b .systemd}
 %patch30 -p1 -b .cachehardmax
-%patch31 -p1 -b .sslmultiproxy
 %{?with_systemd:%patch34 -p1 -b .socketactivation}
 
 # Patch in the vendor string
@@ -819,6 +817,9 @@ exit $rv
 
 
 %changelog
+* Thu Mar 29 2018 Carl George <carl@george.computer> - 2.4.33-1.ius
+- Latest upstream
+
 * Mon Oct 23 2017 Carl George <carl@george.computer> - 2.4.29-1.ius
 - Latest upstream
 - Correct link in -manual %%description