commit apache2 for openSUSE:Factory

2020-10-18 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2020-10-18 16:18:39

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.3486 (New)


Package is "apache2"

Sun Oct 18 16:18:39 2020 rev:174 rq:841747 version:2.4.46

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2020-09-25 
16:28:17.399717938 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new.3486/apache2.changes
2020-10-18 16:18:44.996419485 +0200
@@ -1,0 +2,10 @@
+Wed Oct 14 09:43:08 UTC 2020 - Franck Bui 
+
+- /var/run is depracted, /run should be used instead
+
+---
+Wed Oct 14 06:43:21 UTC 2020 - Franck Bui 
+
+- systemd-ask-password is located in /usr/bin
+
+---



Other differences:
--
++ apache2-systemd-ask-pass ++
--- /var/tmp/diff_new_pack.vfSjf1/_old  2020-10-18 16:18:46.768420274 +0200
+++ /var/tmp/diff_new_pack.vfSjf1/_new  2020-10-18 16:18:46.768420274 +0200
@@ -1,2 +1,2 @@
 #!/bin/sh
-exec /bin/systemd-ask-password "Enter SSL pass phrase for $1 ($2): "
+exec /usr/bin/systemd-ask-password "Enter SSL pass phrase for $1 ($2): "




++ start_apache2 ++
--- /var/tmp/diff_new_pack.vfSjf1/_old  2020-10-18 16:18:47.016420384 +0200
+++ /var/tmp/diff_new_pack.vfSjf1/_new  2020-10-18 16:18:47.016420384 +0200
@@ -79,7 +79,7 @@
 # be used in the configuration to change this, otherwise
 # stopping will not work
 #
-pid_file=/var/run/httpd${instance_suffix}.pid
+pid_file=/run/httpd${instance_suffix}.pid
 
 unset sysconfig_setting
 #




commit apache2 for openSUSE:Factory

2020-09-25 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2020-09-25 16:25:23

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.4249 (New)


Package is "apache2"

Fri Sep 25 16:25:23 2020 rev:173 rq:836064 version:2.4.46

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2020-09-21 
17:04:04.534957256 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new.4249/apache2.changes
2020-09-25 16:28:17.399717938 +0200
@@ -1,0 +2,5 @@
+Tue Sep 22 09:12:31 UTC 2020 - Jacek Tomasiak 
+
+- gensslcert: fix SAN in final cert generation
+
+---



Other differences:
--


++ gensslcert ++
--- /var/tmp/diff_new_pack.OJfjzS/_old  2020-09-25 16:28:19.323719641 +0200
+++ /var/tmp/diff_new_pack.OJfjzS/_new  2020-09-25 16:28:19.323719641 +0200
@@ -174,7 +174,7 @@
 cat >/root/.mkcert.cfg <

commit apache2 for openSUSE:Factory

2020-09-21 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2020-09-21 17:02:39

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.4249 (New)


Package is "apache2"

Mon Sep 21 17:02:39 2020 rev:172 rq:835144 version:2.4.46

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2020-09-01 
20:05:49.320549023 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new.4249/apache2.changes
2020-09-21 17:04:04.534957256 +0200
@@ -1,0 +2,8 @@
+Fri Sep 11 15:24:39 UTC 2020 - Franck Bui 
+
+- Make use of %service_del_postun_without_restart
+
+  And stop using DISABLE_RESTART_ON_UPDATE as this interface is
+  obsolete.
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.Hh5tdk/_old  2020-09-21 17:04:08.038960406 +0200
+++ /var/tmp/diff_new_pack.Hh5tdk/_new  2020-09-21 17:04:08.042960410 +0200
@@ -1438,8 +1438,7 @@
 
 %postun
 %if 0%{?suse_version} >= 1210
-DISABLE_RESTART_ON_UPDATE='yes'
-%service_del_postun apache2.target
+%service_del_postun_without_restart apache2.target
 if [ "$1" = 1 ]; then
   %apache_request_restart
 fi







commit apache2 for openSUSE:Factory

2020-09-01 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2020-09-01 20:04:49

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.3399 (New)


Package is "apache2"

Tue Sep  1 20:04:49 2020 rev:171 rq:830804 version:2.4.46

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2020-08-27 
14:42:13.081219501 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new.3399/apache2.changes
2020-09-01 20:05:49.320549023 +0200
@@ -1,0 +2,11 @@
+Mon Aug 31 11:08:16 UTC 2020 - Jacek Tomasiak 
+
+- gensslcert: add -a argument to override default SAN value
+
+---
+Tue Aug 31 09:07:44 UTC 2020 - Antonio Larrosa 
+
+- Provide mod_ssl to keep compatibility with other distributions.
+  Now obsoletes mod_ssl < %{version} instead of mod_ssl < 2.8.16.
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.AgcDUW/_old  2020-09-01 20:05:52.820550660 +0200
+++ /var/tmp/diff_new_pack.AgcDUW/_new  2020-09-01 20:05:52.824550662 +0200
@@ -201,7 +201,8 @@
 Obsoletes:  %{name}-mod_macro <= 1.2.1
 Provides:   apache = %{version}
 Obsoletes:  apache < 1.3.29
-Obsoletes:  mod_ssl < 2.8.16
+Provides:   mod_ssl = %{version}
+Obsoletes:  mod_ssl < %{version}
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 %if 0%{?suse_version} >= 1210
 BuildRequires:  pkgconfig



++ gensslcert ++
--- /var/tmp/diff_new_pack.AgcDUW/_old  2020-09-01 20:05:53.416550939 +0200
+++ /var/tmp/diff_new_pack.AgcDUW/_new  2020-09-01 20:05:53.420550940 +0200
@@ -24,6 +24,7 @@
-u  organisational unit "$U"
-n  fully qualified domain name $CN (hostname -f)
-e  email address of webmaster  webmaster@$CN
+   -a  subject alternative name$altName
-y  days server cert is valid for   $srvdays
-Y  days CA cert is valid for   $CAdays
-d  run in debug mode   
@@ -61,10 +62,11 @@
O="SUSE Linux Web Server"
CN=$FQHOSTNAME
 email=webmaster@$FQHOSTNAME
+  altName=DNS:$CN
CAdays=$((365 * 6))
   srvdays=$((365 * 2))
 
-while getopts C:N:c:s:l:o:u:n:e:y:Y:dh OPT; do
+while getopts C:N:c:s:l:o:u:n:e:a:y:Y:dh OPT; do
 case $OPT in
 N) comment=$OPTARG;;
 c) C=$OPTARG;;
@@ -74,6 +76,7 @@
 o) O=$OPTARG;;
 n) CN=$OPTARG;;
 e) email=$OPTARG;;
+a) altName=$OPTARG;;
y) srvdays=$OPTARG;;
Y) CAdays=$OPTARG;;
 d) set -x;;
@@ -84,7 +87,7 @@
 
 GO_LEFT="\033[80D"
 GO_MIDDLE="$GO_LEFT\033[15C"
-for i in comment C ST L U O CN email srvdays CAdays; do 
+for i in comment C ST L U O CN email altName srvdays CAdays; do 
eval "echo -e $i\"$GO_MIDDLE\" \$$i;"
 done
 
@@ -156,7 +159,7 @@
 emailAddress   = $email
 
 [ x509v3 ]
-subjectAltName = DNS:$CN
+subjectAltName = $altName
 nsComment  = $comment
 nsCertType = server
 





commit apache2 for openSUSE:Factory

2020-08-27 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2020-08-27 14:42:09

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.3399 (New)


Package is "apache2"

Thu Aug 27 14:42:09 2020 rev:170 rq:829974 version:2.4.46

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2020-08-16 
20:33:05.822291291 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new.3399/apache2.changes
2020-08-27 14:42:13.081219501 +0200
@@ -1,0 +2,6 @@
+Thu Aug 27 11:33:07 UTC 2020 - Dominique Leuenberger 
+
+- Install firewalld service files to %{_prefix}/lib/firewalld, NOT
+  %{_libexecdir}/firewalld (boo#1174075).
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.tS47XR/_old  2020-08-27 14:42:14.465218215 +0200
+++ /var/tmp/diff_new_pack.tS47XR/_new  2020-08-27 14:42:14.473218208 +0200
@@ -697,8 +697,8 @@
 
 # install firewall information file
 %if %{use_firewalld}
-install -D -m 644 %{SOURCE49} 
%{buildroot}%{_libexecdir}/firewalld/services/%{name}.xml
-install -D -m 644 %{SOURCE50} 
%{buildroot}%{_libexecdir}/firewalld/services/%{name}-ssl.xml
+install -D -m 644 %{SOURCE49} 
%{buildroot}%{_prefix}/lib/firewalld/services/%{name}.xml
+install -D -m 644 %{SOURCE50} 
%{buildroot}%{_prefix}/lib/firewalld/services/%{name}-ssl.xml
 %else
 install -d %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/
 install -m 644 %{SOURCE51} 
%{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}
@@ -885,10 +885,10 @@
 %{_datadir}/%{name}/script-helpers
 %{_datadir}/%{name}/sysconf_addword
 %if %{use_firewalld}
-%dir %{_libexecdir}/firewalld
-%dir %{_libexecdir}/firewalld/services
-%{_libexecdir}/firewalld/services/%{name}.xml
-%{_libexecdir}/firewalld/services/%{name}-ssl.xml
+%dir %{_prefix}/lib/firewalld
+%dir %{_prefix}/lib/firewalld/services
+%{_prefix}/lib/firewalld/services/%{name}.xml
+%{_prefix}/lib/firewalld/services/%{name}-ssl.xml
 %else
 %config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}
 %config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}-ssl







commit apache2 for openSUSE:Factory

2020-08-16 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2020-08-16 20:33:03

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.3399 (New)


Package is "apache2"

Sun Aug 16 20:33:03 2020 rev:169 rq:826679 version:2.4.46

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2020-07-17 
20:47:21.880700643 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new.3399/apache2.changes
2020-08-16 20:33:05.822291291 +0200
@@ -1,0 +2,58 @@
+Fri Aug  7 12:25:58 UTC 2020 - pgaj...@suse.com
+
+- version update to 2.4.46
+  Changes with Apache 2.4.46
+  *) mod_proxy_fcgi: Fix build warnings for Windows platform
+ [Eric Covener, Christophe Jaillet]
+  Changes with Apache 2.4.45
+  *) mod_http2: remove support for abandoned http-wg draft
+ .
+ [Stefan Eissing]
+  Changes with Apache 2.4.44
+  *) mod_proxy_uwsgi: Error out on HTTP header larger than 16K (hard
+ protocol limit).  [Yann Ylavic]
+  *) mod_http2:
+ Fixes :
+ "LimitRequestFields 0" now disables the limit, as documented.
+ Fixes :
+ Do not count repeated headers with same name against the field
+ count limit. The are merged internally, as if sent in a single HTTP/1 
line.
+ [Stefan Eissing]
+  *) mod_http2: Avoid segfaults in case of handling certain responses for
+ already aborted connections.  [Stefan Eissing, Ruediger Pluem]
+  *) mod_http2: The module now handles master/secondary connections and has 
marked
+ methods according to use. [Stefan Eissing]
+  *) core: Drop an invalid Last-Modified header value coming
+ from a FCGI/CGI script instead of replacing it with Unix epoch.
+ [Yann Ylavic, Luca Toscano]
+  *) Add support for strict content-length parsing through addition of
+ ap_parse_strict_length() [Yann Ylavic]
+  *) mod_proxy_fcgi: ProxyFCGISetEnvIf unsets variables when expression
+ evaluates to false.  PR64365. [Michael König ]
+  *) mod_proxy_http: flush spooled request body in one go to avoid
+ leaking (or long lived) temporary file. PR 64452. [Yann Ylavic]
+  *) mod_ssl: Fix a race condition and possible crash when using a proxy client
+ certificate (SSLProxyMachineCertificateFile).
+ [Armin Abfalterer ]
+  *) mod_ssl: Fix memory leak in stapling code. PR63687. [Stefan Eissing]
+  *) mod_http2: Fixed regression that no longer set H2_STREAM_ID and 
H2_STREAM_TAG.
+ PR64330 [Stefan Eissing]
+  *) mod_http2: Fixed regression that caused connections to close when 
mod_reqtimeout
+ was configured with a handshake timeout. Fixes gitub issue #196.
+ [Stefan Eissing]
+  *) mod_proxy_http2: the "ping" proxy parameter
+ (see ) is now used
+ when checking the liveliness of a new or reused h2 connection to the 
backend.
+ With short durations, this makes load-balancing more responsive. The 
module
+ will hold back requests until ping conditions are met, using features of 
the
+ HTTP/2 protocol alone. [Ruediger Pluem, Stefan Eissing]
+  *) core: httpd is no longer linked against -lsystemd if mod_systemd
+ is enabled (and built as a DSO).  [Rainer Jung]
+  *) mod_proxy_http2: respect ProxyTimeout settings on backend connections
+ while waiting on incoming data. [Ruediger Pluem, Stefan Eissing]
+- modified patches
+  % apache2-mod_proxy_uwsgi-fix-crash.patch (refreshed)
+- modified sources
+  % apache2.keyring
+
+---

Old:

  httpd-2.4.43.tar.bz2
  httpd-2.4.43.tar.bz2.asc

New:

  httpd-2.4.46.tar.bz2
  httpd-2.4.46.tar.bz2.asc



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.wFIzIG/_old  2020-08-16 20:33:09.398293268 +0200
+++ /var/tmp/diff_new_pack.wFIzIG/_new  2020-08-16 20:33:09.402293270 +0200
@@ -65,7 +65,7 @@
 %define build_http2 0
 %endif
 Name:   apache2
-Version:2.4.43
+Version:2.4.46
 Release:0
 Summary:The Apache Web Server
 License:Apache-2.0

++ apache2-mod_proxy_uwsgi-fix-crash.patch ++
--- /var/tmp/diff_new_pack.wFIzIG/_old  2020-08-16 20:33:09.738293456 +0200
+++ /var/tmp/diff_new_pack.wFIzIG/_new  2020-08-16 20:33:09.738293456 +0200
@@ -1,5 +1,7 @@
 a/modules/proxy/mod_proxy_uwsgi.c  2020/07/15 07:48:38 1879877
-+++ b/modules/proxy/mod_proxy_uwsgi.c  2020/07/15 08:24:13 1879878
+Index: httpd-2.4.46/modules/proxy/mod_proxy_uwsgi.c
+===
+--- httpd-2.

commit apache2 for openSUSE:Factory

2020-07-17 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2020-07-17 20:46:39

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.3592 (New)


Package is "apache2"

Fri Jul 17 20:46:39 2020 rev:168 rq:821097 version:2.4.43

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2020-04-07 
10:25:46.350126082 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new.3592/apache2.changes
2020-07-17 20:47:21.880700643 +0200
@@ -1,0 +2,9 @@
+Wed Jul 15 09:16:02 UTC 2020 - pgaj...@suse.com
+
+- fix crash in mod_proxy_uwsgi for empty values of environment
+  variables [bsc#1174052]
+- added patches
+  fix https://svn.apache.org/viewvc?view=revision
+  + apache2-mod_proxy_uwsgi-fix-crash.patch
+
+---

New:

  apache2-mod_proxy_uwsgi-fix-crash.patch



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.CgFXbu/_old  2020-07-17 20:47:25.596704603 +0200
+++ /var/tmp/diff_new_pack.CgFXbu/_new  2020-07-17 20:47:25.608704616 +0200
@@ -144,6 +144,8 @@
 # PATCH-FEATURE-UPSTREAM kstreit...@suse.com -- backport of 
HttpContentLengthHeadZero and HttpExpectStrict
 Patch115:   httpd-2.4.x-fate317766-config-control-two-protocol-options.diff
 Patch116:   deprecated-scripts-arch.patch
+# https://svn.apache.org/viewvc?view=revision
+Patch117:   apache2-mod_proxy_uwsgi-fix-crash.patch
 BuildRequires:  apache-rpm-macros-control
 BuildRequires:  apr-util-devel
 #Since 2.4.7 the event MPM requires apr 1.5.0 or later.
@@ -332,6 +334,7 @@
 %if 0%{?suse_version} == 1110
 %patch116 -p1
 %endif
+%patch117 -p1
 cat %{_sourcedir}/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{SOURCE22})

++ apache2-mod_proxy_uwsgi-fix-crash.patch ++
--- a/modules/proxy/mod_proxy_uwsgi.c   2020/07/15 07:48:38 1879877
+++ b/modules/proxy/mod_proxy_uwsgi.c   2020/07/15 08:24:13 1879878
@@ -175,7 +175,7 @@ static int uwsgi_send_headers(request_re
 env = (apr_table_entry_t *) env_table->elts;
 
 for (j = 0; j < env_table->nelts; ++j) {
-headerlen += 2 + strlen(env[j].key) + 2 + strlen(env[j].val);
+headerlen += 2 + strlen(env[j].key) + 2 + (env[j].val ? 
strlen(env[j].val) : 0);
 }
 
 ptr = buf = apr_palloc(r->pool, headerlen);
@@ -189,10 +189,12 @@ static int uwsgi_send_headers(request_re
 memcpy(ptr, env[j].key, keylen);
 ptr += keylen;
 
-vallen = strlen(env[j].val);
+vallen = env[j].val ? strlen(env[j].val) : 0;
 *ptr++ = (apr_byte_t) (vallen & 0xff);
 *ptr++ = (apr_byte_t) ((vallen >> 8) & 0xff);
-memcpy(ptr, env[j].val, vallen);
+if (env[j].val) {
+memcpy(ptr, env[j].val, vallen);
+}
 ptr += vallen;
 }
 







commit apache2 for openSUSE:Factory

2020-04-07 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2020-04-07 10:25:21

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.3248 (New)


Package is "apache2"

Tue Apr  7 10:25:21 2020 rev:167 rq:791205 version:2.4.43

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2020-02-29 
21:19:53.002008040 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new.3248/apache2.changes
2020-04-07 10:25:46.350126082 +0200
@@ -1,0 +2,128 @@
+Fri Apr  3 12:09:55 UTC 2020 - pgaj...@suse.com
+
+- declare ap_sock_disable_nagle to fix loading mod_proxy_http2
+  (thanks to mli...@suse.com)
+- modified patches
+  % httpd-visibility.patch (refreshed)
+
+---
+Thu Apr  2 08:56:48 UTC 2020 - pgaj...@suse.com
+
+- version update to 2.4.43
+  *) mod_ssl: Fix memory leak of OCSP stapling response. [Yann Ylavic]
+  *) mod_proxy_http: Fix the forwarding of requests with content body when a
+ balancer member is unavailable; the retry on the next member was issued
+ with an empty body (regression introduced in 2.4.41). PR63891.
+ [Yann Ylavic]
+  *) mod_http2: Fixes issue where mod_unique_id would generate non-unique 
request
+ identifier under load, see .
+ [Michael Kaufmann, Stefan Eissing]
+  *) mod_proxy_hcheck: Allow healthcheck expressions to use %{Content-Type}.
+ PR64140. [Renier Velazco ]
+  *) mod_authz_groupfile: Drop AH01666 from loglevel "error" to "info".
+ PR64172.
+  *) mod_usertrack: Add CookieSameSite, CookieHTTPOnly, and CookieSecure
+ to allow customization of the usertrack cookie. PR64077.
+ [Prashant Keshvani , Eric Covener]
+  *) mod_proxy_ajp: Add "secret" parameter to proxy workers to implement legacy
+ AJP13 authentication.  PR 53098. [Dmitry A. Bakshaev ]
+  *) mpm_event: avoid possible KeepAliveTimeout off by -100 ms.
+ [Eric Covener, Yann Ylavic]
+  *) Add a config layout for OpenWRT. [Graham Leggett]
+  *) Add support for cross compiling to apxs. If apxs is being executed from
+ somewhere other than its target location, add that prefix to includes and
+ library directories. Without this, apxs would fail to find config_vars.mk
+ and exit. [Graham Leggett]
+  *) mod_ssl: Disable client verification on ACME ALPN challenges. Fixes github
+ issue mod_md#172 (https://github.com/icing/mod_md/issues/172).
+ [Michael Kaufmann , Stefan Eissing]
+  *) mod_ssl: use OPENSSL_init_ssl() to initialise OpenSSL on versions 1.1+.
+ [Graham Leggett]
+  *) mod_ssl: Support use of private keys and certificates from an
+ OpenSSL ENGINE via PKCS#11 URIs in SSLCertificateFile/KeyFile.
+ [Anderson Sasaki , Joe Orton]
+  *) mod_md:
+ - Prefer MDContactEmail directive to ServerAdmin for registration. New 
directive
+   thanks to Timothe Litt (@tlhackque).
+ - protocol check for pre-configured "tls-alpn-01" challenge has been 
improved. It will now
+   check all matching virtual hosts for protocol support. Thanks to @mkauf.
+ - Corrected a check when OCSP stapling was configured for hosts
+   where the responsible MDomain is not clear, by Michal Karm Babacek 
(@Karm).
+ - Softening the restrictions where mod_md configuration directives may 
appear. This should
+   allow for use in  and  sections. If all possible variations 
lead to the configuration
+   you wanted in the first place, is another matter.
+ [Michael Kaufmann , Timothe Litt (@tlhackque),
+  Michal Karm Babacek (@Karm), Stefan Eissing (@icing)]
+  *) test: Added continuous testing with Travis CI.
+ This tests various scenarios on Ubuntu with the full test suite.
+ Architectures tested: amd64, s390x, ppc64le, arm64
+ The tests pass successfully.
+ [Luca Toscano, Joe Orton, Mike Rumph, and others]
+  *) core: Be stricter in parsing of Transfer-Encoding headers.
+ [ZeddYu , Eric Covener]
+  *) mod_ssl: negotiate the TLS protocol version per name based vhost
+ configuration, when linked with OpenSSL-1.1.1 or later. The base vhost's
+ SSLProtocol (from the first vhost declared on the IP:port) is now only
+ relevant if no SSLProtocol is declared for the vhost or globally,
+ otherwise the vhost or global value apply.  [Yann Ylavic]
+  *) mod_cgi, mod_cgid: Fix a memory leak in some error cases with large script
+ output.  PR 64096.  [Joe Orton]
+  *) config: Speed up graceful restarts by using pre-hashed command table. PR 
64066.
+ [Giovanni Bechis , Jim Jagielski]
+  *) mod_systemd: New module providing integration with systemd.  [Jan Kaluza]
+  *) mod_lua: Add r:headers_in_table, r:headers_out_table, 
r:err_headers_out_table,
+ r:notes_table,

commit apache2 for openSUSE:Factory

2020-02-29 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2020-02-29 21:19:40

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.26092 (New)


Package is "apache2"

Sat Feb 29 21:19:40 2020 rev:166 rq:779357 version:2.4.41

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2020-02-06 
13:06:57.132294587 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new.26092/apache2.changes   
2020-02-29 21:19:53.002008040 +0100
@@ -1,0 +2,24 @@
+Wed Feb 26 10:33:47 UTC 2020 - pgaj...@suse.com
+
+- use r1874196 [SLE-7653]
+- modified patches
+  % apache2-load-private-keys-from-pkcs11.patch (upstream 2.4.x port)
+- deleted patches
+  - apache2-load-certificates-from-pkcs11.patch (merged to above)
+
+---
+Tue Feb 18 12:49:55 UTC 2020 - pgaj...@suse.com
+
+- require just libbrotli-devel
+
+---
+Thu Feb 13 18:38:57 UTC 2020 - pgaj...@suse.com
+
+- build mod_proxy_http2 extension
+
+---
+Wed Feb 12 13:13:05 UTC 2020 - pgaj...@suse.com
+
+- fix build for older distributions
+
+---

Old:

  apache2-load-certificates-from-pkcs11.patch



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.79uBrn/_old  2020-02-29 21:19:57.618005831 +0100
+++ /var/tmp/diff_new_pack.79uBrn/_new  2020-02-29 21:19:57.622005829 +0100
@@ -146,10 +146,8 @@
 # PATCH-FEATURE-UPSTREAM kstreit...@suse.com -- backport of 
HttpContentLengthHeadZero and HttpExpectStrict
 Patch115:   httpd-2.4.x-fate317766-config-control-two-protocol-options.diff
 Patch116:   deprecated-scripts-arch.patch
-# load private keys from openssl engine
+# https://svn.apache.org/viewvc?view=revision&revision=1874196
 Patch117:   apache2-load-private-keys-from-pkcs11.patch
-# load certificates from openssl engine
-Patch118:   apache2-load-certificates-from-pkcs11.patch
 BuildRequires:  apache-rpm-macros-control
 BuildRequires:  apr-util-devel
 #Since 2.4.7 the event MPM requires apr 1.5.0 or later.
@@ -159,8 +157,7 @@
 BuildRequires:  firewall-macros
 %endif
 %if 0%{?suse_version} >= 1315
-BuildRequires:  pkgconfig(libbrotlidec)
-BuildRequires:  pkgconfig(libbrotlienc)
+BuildRequires:  libbrotli-devel
 %endif
 BuildRequires:  db-devel
 BuildRequires:  ed
@@ -344,7 +341,6 @@
 %patch116 -p1
 %endif
 %patch117 -p1
-%patch118 -p1
 cat %{_sourcedir}/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{SOURCE22})
@@ -408,6 +404,9 @@
--enable-case_filter \
--enable-case_filter_in \
--enable-imagemap \
+%if 0%{?build_http2}
+--enable-http2 \
+%endif
--with-ldap \
--enable-ldap \
--enable-authnz_ldap \
@@ -416,6 +415,9 @@
--enable-proxy-connect \
--enable-proxy-ftp \
--enable-proxy-http \
+%if 0%{?build_http2}
+--enable-proxy-http2 \
+%endif
--enable-proxy-fdpass \
--enable-cache \
--enable-disk-cache \
@@ -802,6 +804,19 @@
-e debug -t -f %{buildroot}/%{sysconfdir}/httpd.conf.test || exit 1
 rm %{buildroot}/%{sysconfdir}/*.test
 
+# taken from kdump/kdump.spec, thanks!
+# Compatibility cruft
+# there is no %%license prior to SLE12
+%if %{undefined _defaultlicensedir}
+%define license %doc
+%else
+# filesystem before SLE12 SP3 lacks /usr/share/licenses
+%if 0%(test ! -d %{_defaultlicensedir} && echo 1)
+%define _defaultlicensedir %{_defaultdocdir}
+%endif
+%endif
+# End of compatibility cruft
+
 %files -f filelist
 %defattr(-,root,root)
 %doc INSTALL READM* ABOUT_APACHE CHANGES
@@ -952,6 +967,7 @@
 %{_libdir}/%{name}-prefork/mod_heartmonitor.so
 %if 0%{?build_http2}
 %{_libdir}/%{name}-prefork/mod_http2.so
+%{_libdir}/%{name}-prefork/mod_proxy_http2.so
 %endif
 %{_libdir}/%{name}-prefork/mod_imagemap.so
 %{_libdir}/%{name}-prefork/mod_include.so
@@ -1080,6 +1096,7 @@
 %{_libdir}/%{name}-worker/mod_heartmonitor.so
 %if 0%{?build_http2}
 %{_libdir}/%{name}-worker/mod_http2.so
+%{_libdir}/%{name}-worker/mod_proxy_http2.so
 %endif
 %{_libdir}/%{name}-worker/mod_imagemap.so
 %{_libdir}/%{name}-worker/mod_include.so
@@ -1207,6 +1224,7 @@
 %{_libdir}/%{name}-event/mod_headers.so
 %if 0%{?build_http2}
 %{_libdir}/%{name}-event/mod_http2.so
+%{_libdir}/%{name}-event/mod_proxy_http2.so
 %endif
 %{_libdir}/%{name}-event/mod_heartmonitor.so
 %{_libdir}/%{name}-event/mod_imagemap.so

++ apache2-load-private-keys-from-pkcs11.patch 

commit apache2 for openSUSE:Factory

2020-02-06 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2020-02-06 13:06:54

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.26092 (New)


Package is "apache2"

Thu Feb  6 13:06:54 2020 rev:165 rq:769465 version:2.4.41

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2020-01-23 
16:10:16.735613258 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new.26092/apache2.changes   
2020-02-06 13:06:57.132294587 +0100
@@ -1,0 +2,10 @@
+Fri Jan 31 18:22:09 UTC 2020 - Cristian Rodríguez 
+
+- define DEFAULT_LISTENBACKLOG=APR_INT32_MAX. We want apache
+  to honour net.core.somaxconn sysctl as the mandatory limit. 
+  the old value of 511 was never used as until v5.4-rc6 it was 
+  clamped to 128, in current kernels the default limit is 4096. 
+  Cannot use the apr_socket_listen(.., -1) idiom because the function
+  expects a positive integer argument.
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.209URz/_old  2020-02-06 13:06:58.852295523 +0100
+++ /var/tmp/diff_new_pack.209URz/_new  2020-02-06 13:06:58.852295523 +0100
@@ -451,7 +451,7 @@
mv include/ap_config_auto.h.new include/ap_config_auto.h
sed -i -e "s@%{_localstatedir}/run@%{runtimedir}@g" 
include/ap_config_layout.h
 
-   make CFLAGS="%{optflags} -fvisibility=hidden -fPIC -Wall 
-DDEFAULT_ERRORLOG='\"%{logfiledir}/error_log\"'" %{?_smp_mflags}
+   make CFLAGS="%{optflags} -fvisibility=hidden -fPIC -Wall 
-DDEFAULT_LISTENBACKLOG=APR_INT32_MAX 
-DDEFAULT_ERRORLOG='\"%{logfiledir}/error_log\"'" %{?_smp_mflags}
make DESTDIR=%{buildroot} install -j1
 
# show pathnames in config files







commit apache2 for openSUSE:Factory

2020-01-23 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2020-01-23 16:09:26

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.26092 (New)


Package is "apache2"

Thu Jan 23 16:09:26 2020 rev:164 rq:765787 version:2.4.41

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2019-12-23 
22:42:06.309941642 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new.26092/apache2.changes   
2020-01-23 16:10:16.735613258 +0100
@@ -1,0 +2,5 @@
+Mon Jan 20 13:04:23 UTC 2020 - pgaj...@suse.com
+
+- apache2-devel now provides httpd-devel [bsc#1160100]
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.xCOV8Z/_old  2020-01-23 16:10:20.899615725 +0100
+++ /var/tmp/diff_new_pack.xCOV8Z/_new  2020-01-23 16:10:20.903615728 +0100
@@ -292,6 +292,7 @@
 Requires:   apr-devel
 Requires:   apr-util-devel
 Requires:   gcc
+Provides:   httpd-devel = %{version}
 
 %description devel
 This package contains header files and include files that are needed







commit apache2 for openSUSE:Factory

2019-12-23 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2019-12-23 22:39:16

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.6675 (New)


Package is "apache2"

Mon Dec 23 22:39:16 2019 rev:163 rq:757900 version:2.4.41

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2019-11-10 
22:19:30.595656752 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new.6675/apache2.changes
2019-12-23 22:42:06.309941642 +0100
@@ -1,0 +2,7 @@
+Wed Dec 18 16:36:08 UTC 2019 - pgaj...@suse.com
+
+- add openssl call to DEFAULT_SUSE comment [bsc#1159480]
+- modified sources
+  % apache2-ssl-global.conf
+
+---



Other differences:
--
++ apache2-ssl-global.conf ++
--- /var/tmp/diff_new_pack.3aVkZf/_old  2019-12-23 22:42:07.713942251 +0100
+++ /var/tmp/diff_new_pack.3aVkZf/_new  2019-12-23 22:42:07.713942251 +0100
@@ -94,7 +94,7 @@
#   List the ciphers that the client is permitted to negotiate.
#   See the mod_ssl documentation for a complete list.
#   The magic string "DEFAULT_SUSE" expands to an openssl defined
-   #   secure list of default ciphers.
+   #   secure list of default ciphers (openssl ciphers -v DEFAULT_SUSE).
SSLCipherSuite DEFAULT_SUSE
 
#   SSLHonorCipherOrder







commit apache2 for openSUSE:Factory

2019-11-10 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2019-11-10 22:19:28

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.2990 (New)


Package is "apache2"

Sun Nov 10 22:19:28 2019 rev:162 rq:746513 version:2.4.41

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2019-10-25 
18:38:20.683682706 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new.2990/apache2.changes
2019-11-10 22:19:30.595656752 +0100
@@ -1,0 +2,5 @@
+Fri Nov  8 08:58:25 UTC 2019 - pgaj...@suse.com
+
+- use %license [bsc#1156171]
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.VfoWtD/_old  2019-11-10 22:19:32.083658804 +0100
+++ /var/tmp/diff_new_pack.VfoWtD/_new  2019-11-10 22:19:32.091658815 +0100
@@ -803,7 +803,8 @@
 
 %files -f filelist
 %defattr(-,root,root)
-%doc INSTALL READM* LICENSE ABOUT_APACHE CHANGES
+%doc INSTALL READM* ABOUT_APACHE CHANGES
+%license LICENSE
 %doc support/SHA1
 %{_mandir}/man?/apachectl.?.*
 %{_mandir}/man?/apache2ctl.?.*







commit apache2 for openSUSE:Factory

2019-10-25 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2019-10-25 18:38:19

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.2990 (New)


Package is "apache2"

Fri Oct 25 18:38:19 2019 rev:161 rq:741682 version:2.4.41

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2019-10-14 
12:31:02.672340325 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new.2990/apache2.changes
2019-10-25 18:38:20.683682706 +0200
@@ -1,0 +2,10 @@
+Tue Oct 22 07:01:23 UTC 2019 - pgaj...@suse.com
+
+- load private keys and certificates from pkcs11 token [SLE-7653]
+- added patches
+  load certificates from openssl engine
+  + apache2-load-certificates-from-pkcs11.patch
+  load private keys from openssl engine
+  + apache2-load-private-keys-from-pkcs11.patch
+
+---

New:

  apache2-load-certificates-from-pkcs11.patch
  apache2-load-private-keys-from-pkcs11.patch



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.X5dmyR/_old  2019-10-25 18:38:21.695683659 +0200
+++ /var/tmp/diff_new_pack.X5dmyR/_new  2019-10-25 18:38:21.695683659 +0200
@@ -146,6 +146,10 @@
 # PATCH-FEATURE-UPSTREAM kstreit...@suse.com -- backport of 
HttpContentLengthHeadZero and HttpExpectStrict
 Patch115:   httpd-2.4.x-fate317766-config-control-two-protocol-options.diff
 Patch116:   deprecated-scripts-arch.patch
+# load private keys from openssl engine
+Patch117:   apache2-load-private-keys-from-pkcs11.patch
+# load certificates from openssl engine
+Patch118:   apache2-load-certificates-from-pkcs11.patch
 BuildRequires:  apache-rpm-macros-control
 BuildRequires:  apr-util-devel
 #Since 2.4.7 the event MPM requires apr 1.5.0 or later.
@@ -338,6 +342,8 @@
 %if 0%{?suse_version} == 1110
 %patch116 -p1
 %endif
+%patch117 -p1
+%patch118 -p1
 cat %{_sourcedir}/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{SOURCE22})

++ apache2-load-certificates-from-pkcs11.patch ++
Index: httpd-2.4.41/modules/ssl/ssl_util.c
===
--- httpd-2.4.41.orig/modules/ssl/ssl_util.c2019-10-21 21:29:44.081536735 
+0200
+++ httpd-2.4.41/modules/ssl/ssl_util.c 2019-10-21 21:29:44.093536806 +0200
@@ -481,7 +481,7 @@ void ssl_util_thread_id_setup(apr_pool_t
 
 #endif /* #if APR_HAS_THREADS && MODSSL_USE_OPENSSL_PRE_1_1_API */
 
-int modssl_is_engine_key(const char *name)
+int modssl_is_engine_id(const char *name)
 {
 #if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT)
 /* ### Can handle any other special ENGINE key names here? */
Index: httpd-2.4.41/modules/ssl/ssl_engine_config.c
===
--- httpd-2.4.41.orig/modules/ssl/ssl_engine_config.c   2019-10-21 
21:29:44.081536735 +0200
+++ httpd-2.4.41/modules/ssl/ssl_engine_config.c2019-10-21 
21:31:14.970078134 +0200
@@ -916,7 +916,9 @@ const char *ssl_cmd_SSLCertificateFile(c
 SSLSrvConfigRec *sc = mySrvConfig(cmd->server);
 const char *err;
 
-if ((err = ssl_cmd_check_file(cmd, &arg))) {
+/* Only check for non-ENGINE based certs. */
+if (!modssl_is_engine_id(arg)
+&& (err = ssl_cmd_check_file(cmd, &arg))) {
 return err;
 }
 
@@ -933,7 +935,7 @@ const char *ssl_cmd_SSLCertificateKeyFil
 const char *err;
 
 /* Check keyfile exists for non-ENGINE keys. */
-if (!modssl_is_engine_key(arg)
+if (!modssl_is_engine_id(arg)
 && (err = ssl_cmd_check_file(cmd, &arg))) {
 return err;
 }
Index: httpd-2.4.41/modules/ssl/ssl_engine_init.c
===
--- httpd-2.4.41.orig/modules/ssl/ssl_engine_init.c 2019-10-21 
21:29:44.081536735 +0200
+++ httpd-2.4.41/modules/ssl/ssl_engine_init.c  2019-10-21 21:29:44.097536830 
+0200
@@ -1248,13 +1248,17 @@ static apr_status_t ssl_init_server_cert
   const char *));
  i++) {
 EVP_PKEY *pkey;
+const char *engine_certfile = NULL;
 
 key_id = apr_psprintf(ptemp, "%s:%d", vhost_id, i);
 
 ERR_clear_error();
 
 /* first the certificate (public key) */
-if (mctx->cert_chain) {
+if (modssl_is_engine_id(certfile)) {
+engine_certfile = certfile;
+}
+else if (mctx->cert_chain) {
 if ((SSL_CTX_use_certificate_file(mctx->ssl_ctx, certfile,
   SSL_FILETYPE_PEM) < 1)) {
 ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(02561)
@@ -1283,13 +1287,28 @@ static apr_status_t ssl_ini

commit apache2 for openSUSE:Factory

2019-10-14 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2019-10-14 12:31:01

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.2352 (New)


Package is "apache2"

Mon Oct 14 12:31:01 2019 rev:160 rq:735601 version:2.4.41

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2019-09-07 
11:25:12.630496755 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new.2352/apache2.changes
2019-10-14 12:31:02.672340325 +0200
@@ -1,0 +2,5 @@
+Sat Oct  5 14:03:54 UTC 2019 - Yunhe Guo 
+
+- Add custom log files to logrotate according to apache2-vhost.template
+
+---



Other differences:
--

++ apache2.logrotate ++
--- /var/tmp/diff_new_pack.9M51bf/_old  2019-10-14 12:31:04.928334446 +0200
+++ /var/tmp/diff_new_pack.9M51bf/_new  2019-10-14 12:31:04.932334436 +0200
@@ -1,4 +1,4 @@
-/var/log/apache2/access_log /var/log/apache2/ssl_request_log {
+/var/log/apache2/access_log /var/log/apache2/*-access_log 
/var/log/apache2/ssl_request_log {
 compress
 dateext
 maxage 365
@@ -14,7 +14,7 @@
 endscript
 }
 
-/var/log/apache2/error_log /var/log/apache2/suexec.log 
/var/log/apache2/ssl_engine_log /var/log/apache2/deflate.log {
+/var/log/apache2/error_log /var/log/apache2/*-error_log 
/var/log/apache2/suexec.log /var/log/apache2/ssl_engine_log 
/var/log/apache2/deflate.log {
 compress
 dateext
 maxage 365






commit apache2 for openSUSE:Factory

2019-09-07 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2019-09-07 11:25:11

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.7948 (New)


Package is "apache2"

Sat Sep  7 11:25:11 2019 rev:159 rq:726493 version:2.4.41

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2019-08-24 
18:43:04.805776548 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new.7948/apache2.changes
2019-09-07 11:25:12.630496755 +0200
@@ -1,0 +2,5 @@
+Fri Aug 23 18:06:12 UTC 2019 - Jan Engelhardt 
+
+- Remove redundant metadata from summary.
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.CA1dvb/_old  2019-09-07 11:25:13.810496591 +0200
+++ /var/tmp/diff_new_pack.CA1dvb/_new  2019-09-07 11:25:13.814496590 +0200
@@ -67,7 +67,7 @@
 Name:   apache2
 Version:2.4.41
 Release:0
-Summary:The Apache Web Server Version 2.4
+Summary:The Apache Web Server
 License:Apache-2.0
 Group:  Productivity/Networking/Web/Servers
 Url:http://httpd.apache.org/







commit apache2 for openSUSE:Factory

2019-08-24 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2019-08-24 18:43:03

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.7948 (New)


Package is "apache2"

Sat Aug 24 18:43:03 2019 rev:158 rq:724999 version:2.4.41

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2019-07-08 
15:01:46.518602624 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new.7948/apache2.changes
2019-08-24 18:43:04.805776548 +0200
@@ -1,0 +2,16 @@
+Thu Aug 15 09:05:22 UTC 2019 - Michael Ströder 
+
+- version update to 2.4.41 with security fixes:
+  * low: Limited cross-site scripting in mod_proxy
+error page (CVE-2019-10092)
+  * low: mod_rewrite potential open redirect (CVE-2019-10098)
+  * moderate: mod_http2, read-after-free in h2
+connection shutdown (CVE-2019-10082)
+  * moderate: mod_http2, memory corruption on
+early pushes (CVE-2019-10081)
+  * moderate: mod_http2, DoS attack by exhausting
+h2 workers. (CVE-2019-9517)
+  * moderate: mod_remoteip: Stack buffer overflow and
+NULL pointer dereference (CVE-2019-10097)
+
+---

Old:

  httpd-2.4.39.tar.bz2
  httpd-2.4.39.tar.bz2.asc

New:

  httpd-2.4.41.tar.bz2
  httpd-2.4.41.tar.bz2.asc



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.MTNKtj/_old  2019-08-24 18:43:07.66272 +0200
+++ /var/tmp/diff_new_pack.MTNKtj/_new  2019-08-24 18:43:07.681776272 +0200
@@ -65,7 +65,7 @@
 %define build_http2 0
 %endif
 Name:   apache2
-Version:2.4.39
+Version:2.4.41
 Release:0
 Summary:The Apache Web Server Version 2.4
 License:Apache-2.0



++ httpd-2.4.39.tar.bz2 -> httpd-2.4.41.tar.bz2 ++
/work/SRC/openSUSE:Factory/apache2/httpd-2.4.39.tar.bz2 
/work/SRC/openSUSE:Factory/.apache2.new.7948/httpd-2.4.41.tar.bz2 differ: char 
11, line 1




commit apache2 for openSUSE:Factory

2019-07-08 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2019-07-08 15:01:45

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.4615 (New)


Package is "apache2"

Mon Jul  8 15:01:45 2019 rev:157 rq:713174 version:2.4.39

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2019-05-17 
23:36:23.746133634 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new.4615/apache2.changes
2019-07-08 15:01:46.518602624 +0200
@@ -1,0 +2,7 @@
+Wed Jun 26 07:34:16 UTC 2019 - pgaj...@suse.com
+
+- fix typo
+- modified sources
+  % apache2-README-instances.txt
+
+---



Other differences:
--
++ apache2-README-instances.txt ++
--- /var/tmp/diff_new_pack.Gooesi/_old  2019-07-08 15:01:48.106605025 +0200
+++ /var/tmp/diff_new_pack.Gooesi/_new  2019-07-08 15:01:48.106605025 +0200
@@ -26,7 +26,7 @@
 NOTES:
 * /etc/sysconfig/apache2@ can hold any sysconfig variable
   /etc/sysconfig/apache2 can, including module loading and MPM setting, 
-* default instance do not have to run when running other instances
+* default instance does not have to run when running other instances
 * a2enmod, a2dismod and apachectl operates over default instance if
   not specified otherwise via HTTPD_INSTANCE. For example,
 







commit apache2 for openSUSE:Factory

2019-05-17 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2019-05-17 23:36:22

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.5148 (New)


Package is "apache2"

Fri May 17 23:36:22 2019 rev:156 rq:702763 version:2.4.39

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2019-04-04 
14:12:11.701292827 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new.5148/apache2.changes
2019-05-17 23:36:23.746133634 +0200
@@ -1,0 +2,7 @@
+Mon May 13 14:31:22 UTC 2019 - pgaj...@suse.com
+
+- revive apache-22-24-upgrade [bsc#1134294] (internal)
+- added sources
+  + apache-22-24-upgrade
+
+---

New:

  apache-22-24-upgrade



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.P3EfxG/_old  2019-05-17 23:36:25.006132970 +0200
+++ /var/tmp/diff_new_pack.P3EfxG/_new  2019-05-17 23:36:25.010132968 +0200
@@ -124,6 +124,7 @@
 Source130:  apache2-vhost.template
 Source131:  apache2-vhost-ssl.template
 Source140:  apache2-check_forensic
+Source141:  apache-22-24-upgrade
 Source142:  start_apache2
 Source143:  apache2-systemd-ask-pass
 Source144:  apache2.service
@@ -562,6 +563,7 @@
 install -m 644 %{_sourcedir}/apache2-script-helpers 
%{buildroot}/%{_datadir}/%{name}/script-helpers
 install -m 744 %{_sourcedir}/start_apache2 %{buildroot}/%{_sbindir}/
 cp -r deprecated-scripts %{buildroot}/%{_datadir}/%{name}/
+install -m 755 %{_sourcedir}/apache-22-24-upgrade 
%{buildroot}/%{_datadir}/%{name}/
 %if 0%{?suse_version} >= 1210
 mkdir -p %{buildroot}%{_unitdir}/
 install -m 700 %{_sourcedir}/apache2-systemd-ask-pass %{buildroot}/%{_sbindir}/
@@ -861,6 +863,7 @@
 %{_libdir}/%{name}/mod_*.so
 %dir %{installbuilddir}
 %dir %{_datadir}/%{name}
+%{_datadir}/%{name}/apache-22-24-upgrade
 %{_datadir}/%{name}/deprecated-scripts
 %{_datadir}/%{name}/script-helpers
 %{_datadir}/%{name}/sysconf_addword
@@ -1448,6 +1451,7 @@
 exit 0
 
 %posttrans
+%{_datadir}/%{name}/apache-22-24-upgrade
 %apache_restart_if_needed
 
 %verifyscript

++ apache-22-24-upgrade ++
#!/bin/bash

# obsolete 2.2 modules -> 2.4 modules

for module in mod_authn_default mod_authz_default mod_mem_cache authz_default 
authn_default mem_cache; do
if /usr/sbin/a2enmod -q "$module"; then
echo "!!ATTENTION! $module was removed from apache version 2.4 or 
later, CHECK YOUR CONFIGURATION!!!"
/usr/sbin/a2dismod "$module"
fi
done

if ! /usr/sbin/a2enmod -q authn_core; then
  /usr/sbin/a2enmod authn_core
fi

if ! /usr/sbin/a2enmod -q authz_core; then
  /usr/sbin/a2enmod authz_core
fi

if ! /usr/sbin/a2enmod -q log_config; then
  /usr/sbin/a2enmod log_config
fi






commit apache2 for openSUSE:Factory

2019-04-04 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2019-04-04 14:12:08

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.3908 (New)


Package is "apache2"

Thu Apr  4 14:12:08 2019 rev:155 rq:690621 version:2.4.39

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2019-03-01 
20:26:24.678054918 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new.3908/apache2.changes
2019-04-04 14:12:11.701292827 +0200
@@ -1,0 +2,86 @@
+Tue Apr  2 10:26:21 UTC 2019 - pgaj...@suse.com
+
+- version update to 2.4.39
+  * mod_proxy/ssl: Cleanup per-request SSL configuration anytime a
+backend connection is recycled/reused to avoid a possible crash
+with some SSLProxy configurations in  or 
+context. PR 63256. [Yann Ylavic]
+  * mod_ssl: Correctly restore SSL verify state after TLSv1.3 PHA
+failure. [Michael Kaufmann ]
+  * mod_log_config: Support %{c}h for conn-hostname, %h for
+useragent_host PR 55348
+  * mod_socache_redis: Support for Redis as socache storage
+provider.
+  * core: new configuration option 'MergeSlashes on|off' that
+controls handling of multiple, consecutive slash ('/')
+characters in the path component of the request URL. [Eric
+Covener]
+  * mod_http2: when SSL renegotiation is inhibited and a 403
+ErrorDocument is in play, the proper HTTP/2 stream reset did
+not trigger with H2_ERR_HTTP_1_1_REQUIRED. Fixed. [Michael
+Kaufmann]
+  * mod_http2: new configuration directive: `H2Padding numbits` to
+control padding of HTTP/2 payload frames. 'numbits' is a number
+from 0-8, controlling the range of padding bytes added to a
+frame. The actual number added is chosen randomly per frame.
+This applies to HEADERS, DATA and PUSH_PROMISE frames equally.
+The default continues to be 0, e.g. no padding. [Stefan
+Eissing]
+  * mod_http2: ripping out all the h2_req_engine internal features
+now that mod_proxy_http2 has no more need for it. Optional
+functions are still declared but no longer implemented. While
+previous mod_proxy_http2 will work with this, it is
+recommeneded to run the matching versions of both modules.
+[Stefan Eissing]
+  * mod_proxy_http2: changed mod_proxy_http2 implementation and
+fixed several bugs which resolve PR63170. The proxy module does
+now a single h2 request on the (reused) connection and returns.
+[Stefan Eissing]
+  * mod_http2/mod_proxy_http2: proxy_http2 checks correct master
+connection aborted status to trigger immediate shutdown of
+backend connections. This is now always signalled by mod_http2
+when the the session is being released. proxy_http2 now only
+sends a PING frame to the backend when there is not already one
+in flight. [Stefan Eissing]
+  * mod_proxy_http2: fixed an issue where a proxy_http2 handler
+entered an infinite loop when encountering certain errors on
+the backend connection. See
+. [Stefan
+Eissing]
+  * mod_http2: Configuration directives H2Push and H2Upgrade can
+now be specified per Location/Directory, e.g. disabling PUSH
+for a specific set of resources. [Stefan Eissing]
+  * mod_http2: HEAD requests to some module such as mod_cgid caused
+the stream to terminate improperly and cause a HTTP/2
+PROTOCOL_ERROR. Fixes
+. [Michael
+Kaufmann]
+  * http: Fix possible empty response with mod_ratelimit for HEAD
+requests. PR 63192. [Yann Ylavic]
+  * mod_cache_socache: Avoid reallocations and be safe with
+outgoing data lifetime. [Yann Ylavic]
+  * MPMs unix: bind the bucket number of each child to its slot
+number, for a more efficient per bucket maintenance. [Yann
+Ylavic]
+  * mod_auth_digest: Fix a race condition. Authentication with
+valid credentials could be refused in case of concurrent
+accesses from different users. PR 63124. [Simon Kappel
+]
+  * mod_http2: enable re-use of slave connections again. Fixed
+slave connection keepalives counter. [Stefan Eissing]
+  * mod_reqtimeout: Allow to configure (TLS-)handshake timeouts. PR
+61310. [Yann Ylavic]
+  * mod_proxy_wstunnel: Fix websocket proxy over UDS. PR 62932
+
+  * mod_ssl: Don't unset FIPS mode on restart unless it's forced by
+configuration (SSLFIPS on) and not active by default in
+OpenSSL. PR 63136. [Yann Ylavic]
+- deleted patches
+  - apache2-mod_http2-issue-167.patch (upstreamed)
+
+---
+Mon Mar 18 21:44:17 UTC 2019 - Jan Engelhardt 
+
+- Reduce scriptlets' hard dependency on systemd.
+
+---

commit apache2 for openSUSE:Factory

2019-03-01 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2019-03-01 20:26:23

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.28833 (New)


Package is "apache2"

Fri Mar  1 20:26:23 2019 rev:154 rq:679836 version:2.4.38

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2019-02-04 
21:23:29.131623991 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new.28833/apache2.changes   
2019-03-01 20:26:24.678054918 +0100
@@ -1,0 +2,13 @@
+Wed Feb 27 14:15:52 UTC 2019 - pgaj...@suse.com
+
+- added patches
+  fix https://github.com/icing/mod_h2/issues/167 [bsc#1125965]
+  + apache2-mod_http2-issue-167.patch
+
+---
+Fri Feb  8 01:58:37 UTC 2019 - Jan Engelhardt 
+
+- Replace old $RPM_* shell vars. Avoid old tar syntax.
+- Tag scriptlets as explicitly requiring bash.
+
+---

New:

  apache2-mod_http2-issue-167.patch



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.s6sjpl/_old  2019-03-01 20:26:26.026054602 +0100
+++ /var/tmp/diff_new_pack.s6sjpl/_new  2019-03-01 20:26:26.038054600 +0100
@@ -145,6 +145,8 @@
 # PATCH-FEATURE-UPSTREAM kstreit...@suse.com -- backport of 
HttpContentLengthHeadZero and HttpExpectStrict
 Patch115:   httpd-2.4.x-fate317766-config-control-two-protocol-options.diff
 Patch116:   deprecated-scripts-arch.patch
+# fix https://github.com/icing/mod_h2/issues/167 [bsc#1125965]
+Patch117:   apache2-mod_http2-issue-167.patch
 BuildRequires:  apache-rpm-macros-control
 BuildRequires:  apr-util-devel
 #Since 2.4.7 the event MPM requires apr 1.5.0 or later.
@@ -334,7 +336,8 @@
 %if 0%{?suse_version} == 1110
 %patch116 -p1
 %endif
-cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
+%patch117 -p1
+cat %{_sourcedir}/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{SOURCE22})
 cp %{SOURCE22} ./${a##%{name}-}
@@ -454,8 +457,8 @@
#mv %{buildroot}/%{sysconfdir}/httpd2-prefork.conf 
%{buildroot}/%{sysconfdir}/httpd-std.conf$mpm_suffix
# fix up and rename config_vars file: remove references to the RPM 
build dir;
# remove references to RPM build root; fix apr/apu includedir
-   sed -e "/^EXTRA_INCLUDES/s|-I$RPM_BUILD_DIR[^ ]* ||g" \
-   -e "/^AP._INCLUDEDIR/s|$RPM_BUILD_DIR.*$|%{includedir}$mpm_suffix|" 
\
+   sed -e "/^EXTRA_INCLUDES/s|-I%{_builddir}[^ ]* ||g" \
+   -e "/^AP._INCLUDEDIR/s|%{builddir}.*$|%{includedir}$mpm_suffix|" \
-e "/abs_srcdir/d" \
-e "/AP_LIBS/d" \
  < %{buildroot}/%{installbuilddir}/config_vars.mk \
@@ -544,33 +547,33 @@
 install -m 755 support/split-logfile   %{buildroot}/%{_bindir}/
 install -m 755 support/logresolve.pl   %{buildroot}/%{_sbindir}/
 mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
-install -m 644 $RPM_SOURCE_DIR/%{name}.logrotate 
%{buildroot}%{_sysconfdir}/logrotate.d/%{name}
+install -m 644 %{_sourcedir}/%{name}.logrotate 
%{buildroot}/%{_sysconfdir}/logrotate.d/%{name}
 %if 0%{?suse_version} == 1110
-install -m 644 $RPM_SOURCE_DIR/%{name}-init.logrotate 
%{buildroot}%{_sysconfdir}/logrotate.d/%{name}
+install -m 644 %{_sourcedir}/%{name}-init.logrotate 
%{buildroot}/%{_sysconfdir}/logrotate.d/%{name}
 %endif
-install -m 755 $RPM_SOURCE_DIR/apache2-check_forensic 
%{buildroot}/%{_bindir}/check_forensic
-install -m 755 $RPM_SOURCE_DIR/apache2-find-directives %{buildroot}/%{_bindir}/
+install -m 755 %{_sourcedir}/apache2-check_forensic 
%{buildroot}/%{_bindir}/check_forensic
+install -m 755 %{_sourcedir}/apache2-find-directives %{buildroot}/%{_bindir}/
 #
 # ssl stuff
 install -m 755 %{SOURCE25} %{buildroot}/%{_bindir}/
-tar xjf %{SOURCE29} -C %{buildroot}/%{sysconfdir}
+tar -xjf %{SOURCE29} -C %{buildroot}/%{sysconfdir}
 #
 # init script and friends
-install -m 644 $RPM_SOURCE_DIR/apache2-script-helpers 
%{buildroot}/%{_datadir}/%{name}/script-helpers
-install -m 744 $RPM_SOURCE_DIR/start_apache2 %{buildroot}%{_sbindir}/
+install -m 644 %{_sourcedir}/apache2-script-helpers 
%{buildroot}/%{_datadir}/%{name}/script-helpers
+install -m 744 %{_sourcedir}/start_apache2 %{buildroot}/%{_sbindir}/
 cp -r deprecated-scripts %{buildroot}/%{_datadir}/%{name}/
 %if 0%{?suse_version} >= 1210
 mkdir -p %{buildroot}%{_unitdir}/
-install -m 700 $RPM_SOURCE_DIR/apache2-systemd-ask-pass 
%{buildroot}%{_sbindir}/
-install -m 644 $RPM_SOURCE_DIR/apache2.service %{buildroot}%{_unitdir}/
-install -m 644 $RPM_SOURCE_DIR/apache2@.service %{buildroot}%{_unitdir}/
-install -m 644 $RPM_SOURCE_DIR/apache2.target %{buildroot}%{_unitdir}/
+install -m 700 %{_sourcedir}/apache2-systemd-ask-

commit apache2 for openSUSE:Factory

2019-02-04 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2019-02-04 21:23:25

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.28833 (New)


Package is "apache2"

Mon Feb  4 21:23:25 2019 rev:153 rq:667841 version:2.4.38

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2019-01-15 
13:16:21.532358537 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new.28833/apache2.changes   
2019-02-04 21:23:29.131623991 +0100
@@ -1,0 +2,43 @@
+Fri Jan 18 15:12:08 UTC 2019 - Manu Maier 
+
+- updated to 2.4.38
+  * mod_ssl: Clear retry flag before aborting client-initiated renegotiation.
+PR 63052 [Joe Orton]
+  * mod_negotiation: Treat LanguagePriority as case-insensitive to match
+AddLanguage behavior and HTTP specification. PR 39730 [Christophe Jaillet]
+  * mod_md: incorrect behaviour when synchronizing ongoing ACME challenges
+have been fixed. [Michael Kaufmann, Stefan Eissing]
+  * mod_setenvif: We can have expressions that become true if a regex pattern
+in the expression does NOT match. In this case val is NULL
+and we should just set the value for the environment variable 
+like in the pattern case. [Ruediger Pluem]
+  * mod_session: Always decode session attributes early. [Hank Ibell]
+  * core: Incorrect values for environment variables are substituted when
+multiple environment variables are specified in a directive. [Hank Ibell]
+  * mod_rewrite: Only create the global mutex used by "RewriteMap prg:" when
+this type of map is present in the configuration.  PR62311.  
+[Hank Ibell ]
+  * mod_dav: Fix invalid Location header when a resource is created by
+passing an absolute URI on the request line [Jim Jagielski]
+  * mod_session_cookie: avoid duplicate Set-Cookie header in the response.
+[Emmanuel Dreyfus , Luca Toscano]
+  * mod_ssl: clear *SSL errors before loading certificates and checking
+afterwards. Otherwise errors are reported when other SSL using modules
+are in play. Fixes PR 62880. [Michael Kaufmann]
+  * mod_ssl: Fix the error code returned in an error path of
+'ssl_io_filter_handshake()'. This messes-up error handling performed
+in 'ssl_io_filter_error()' [Yann Ylavic]
+  * mod_ssl: Fix $HTTPS definition for "SSLEngine optional" case, and fix
+authz provider so "Require ssl" works correctly in HTTP/2.
+PR 61519, 62654.  [Joe Orton, Stefan Eissing]
+  * mod_proxy: If ProxyPassReverse is used for reverse mapping of relative
+redirects, subsequent ProxyPassReverse statements, whether they are
+relative or absolute, may fail.  PR 60408.  [Peter Haworth ]
+  * mod_lua: Now marked as a stable module [https://s.apache.org/Xnh1]
+
+---
+Wed Jan 16 08:56:20 UTC 2019 - Arjen de Korte 
+
+- SSLProtocol use TLSv1.2 or higher
+
+---

Old:

  httpd-2.4.37.tar.bz2
  httpd-2.4.37.tar.bz2.asc

New:

  httpd-2.4.38.tar.bz2
  httpd-2.4.38.tar.bz2.asc



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.ZYSp5F/_old  2019-02-04 21:23:31.667623371 +0100
+++ /var/tmp/diff_new_pack.ZYSp5F/_new  2019-02-04 21:23:31.667623371 +0100
@@ -65,7 +65,7 @@
 %define build_http2 0
 %endif
 Name:   apache2
-Version:2.4.37
+Version:2.4.38
 Release:0
 Summary:The Apache Web Server Version 2.4
 License:Apache-2.0

++ apache2-ssl-global.conf ++
--- /var/tmp/diff_new_pack.ZYSp5F/_old  2019-02-04 21:23:32.031623282 +0100
+++ /var/tmp/diff_new_pack.ZYSp5F/_new  2019-02-04 21:23:32.031623282 +0100
@@ -85,16 +85,16 @@
#SSLRandomSeed startup file:/dev/urandom 512
#SSLRandomSeed connect file:/dev/urandom 512
 
-   # SSL protocols
-   # Allow TLS version 1.2 only, which is a recommended default these days
-   # by international information security standards.
-   SSLProtocol TLSv1.2
+   #   SSL protocols
+   #   Allow TLS version 1.2 or higher, which is a recommended default
+#   these days by international information security standards.
+   SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
 
#   SSL Cipher Suite:
#   List the ciphers that the client is permitted to negotiate.
#   See the mod_ssl documentation for a complete list.
-#   The magic string "DEFAULT_SUSE" expands to an openssl defined
-#   secure list of default ciphers.
+   #   The magic string "DEFAULT_SUSE" expands to an openssl defined
+   #   secure list of default ciphers.
SSLCipherSuite DEFAULT_SUSE
 
#   SSLHonorCipherOrder



++ 

commit apache2 for openSUSE:Factory

2019-01-15 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2019-01-15 13:16:19

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new.28833 (New)


Package is "apache2"

Tue Jan 15 13:16:19 2019 rev:152 rq:664057 version:2.4.37

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2018-11-06 
15:34:39.335678254 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new.28833/apache2.changes   
2019-01-15 13:16:21.532358537 +0100
@@ -1,0 +2,11 @@
+Wed Jan  9 10:26:46 UTC 2019 - Petr Gajdos 
+
+- do not create sysconfig.d when already exists [bsc#1121086]
+
+---
+Sun Jan  6 15:14:43 UTC 2019 - Dirk Mueller 
+
+- use secure http sites by default in configs
+- Switch to DEFAULT_SUSE Cipher suite
+
+---
@@ -1763 +1774 @@
-READ http://httpd.apache.org/docs/2.4/upgrading.html
+READ https://httpd.apache.org/docs/2.4/upgrading.html
@@ -1768 +1779 @@
-  at http://httpd.apache.org/docs/2.4/new_features_2_4.html 
+  at https://httpd.apache.org/docs/2.4/new_features_2_4.html 



Other differences:
--
++ apache2-default-server.conf ++
--- /var/tmp/diff_new_pack.RxWsXp/_old  2019-01-15 13:16:23.156357258 +0100
+++ /var/tmp/diff_new_pack.RxWsXp/_new  2019-01-15 13:16:23.156357258 +0100
@@ -17,7 +17,7 @@
# doesn't give it to you.
#
# The Options directive is both complicated and important.  Please see
-   # http://httpd.apache.org/docs/2.4/mod/core.html#options
+   # https://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
# NOTE: For directories where RewriteRule is used, FollowSymLinks
# or SymLinksIfOwnerMatch needs to be set in Options directive.

++ apache2-httpd.conf ++
--- /var/tmp/diff_new_pack.RxWsXp/_old  2019-01-15 13:16:23.208357217 +0100
+++ /var/tmp/diff_new_pack.RxWsXp/_new  2019-01-15 13:16:23.212357214 +0100
@@ -3,7 +3,7 @@
 #
 # This is the main Apache server configuration file.  It contains the
 # configuration directives that give the server its instructions.
-# See http://httpd.apache.org/docs/2.4/> for detailed information about
+# See https://httpd.apache.org/docs/2.4/> for detailed information about
 # the directives.
 
 # Based upon the default apache configuration file that ships with apache,
@@ -15,7 +15,7 @@
 # configuration of your virtual hosts.
 
 # Quickstart guide:
-# http://en.opensuse.org/SDB:Apache_installation
+# https://en.opensuse.org/SDB:Apache_installation
 
 
 # Overview of include files, chronologically:
@@ -218,7 +218,7 @@
 # IP addresses. This is indicated by the asterisks in the directives below.
 #
 # Please see the documentation at
-# http://httpd.apache.org/docs/2.4/vhosts/>
+# https://httpd.apache.org/docs/2.4/vhosts/>
 # for further details before you try to setup virtual hosts.
 #
 # You may use the command line option '-S' to verify your virtual host

++ apache2-listen.conf ++
--- /var/tmp/diff_new_pack.RxWsXp/_old  2019-01-15 13:16:23.240357192 +0100
+++ /var/tmp/diff_new_pack.RxWsXp/_new  2019-01-15 13:16:23.240357192 +0100
@@ -1,7 +1,7 @@
 # Listen: Allows you to bind Apache to specific IP addresses and/or
 # ports. See also the  directive.
 #
-# http://httpd.apache.org/docs/2.4/mod/mpm_common.html#listen
+# https://httpd.apache.org/docs/2.4/mod/mpm_common.html#listen
 #
 # Change this to Listen on specific IP addresses as shown below to 
 # prevent Apache from glomming onto all bound IP addresses (0.0.0.0)

++ apache2-mod_autoindex-defaults.conf ++
--- /var/tmp/diff_new_pack.RxWsXp/_old  2019-01-15 13:16:23.280357161 +0100
+++ /var/tmp/diff_new_pack.RxWsXp/_new  2019-01-15 13:16:23.280357161 +0100
@@ -1,7 +1,7 @@
 #
 # Directives controlling the display of server-generated directory listings.
 #
-# see http://httpd.apache.org/docs/2.4/mod/mod_autoindex.html
+# see https://httpd.apache.org/docs/2.4/mod/mod_autoindex.html
 #
 
 

++ apache2-mod_info.conf ++
--- /var/tmp/diff_new_pack.RxWsXp/_old  2019-01-15 13:16:23.312357135 +0100
+++ /var/tmp/diff_new_pack.RxWsXp/_new  2019-01-15 13:16:23.312357135 +0100
@@ -2,7 +2,7 @@
 # Allow remote server configuration reports, with the URL of
 #  http://servername/server-info (requires that mod_info.c be loaded).
 #
-# see http://httpd.apache.org/docs/2.4/mod/mod_info.html
+# see https://httpd.apache.org/docs/2.4/mod/mod_info.html
 #
 


++ apache2-mod_log_config.conf ++
--- /var/tmp/diff_new_pack.RxWsXp/_old  2019-01-15 13:16:23.332357120 +0100
+++ /var/tmp/diff_new_pack.RxWsXp/_new  2019-01-15 13:16:23.336357117 +0100
@@ -2,7 +2,7 @@

commit apache2 for openSUSE:Factory

2018-11-06 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2018-11-06 15:34:28

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Tue Nov  6 15:34:28 2018 rev:151 rq:645904 version:2.4.37

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2018-10-29 
14:56:51.245716852 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2018-11-06 
15:34:39.335678254 +0100
@@ -1,0 +2,7 @@
+Thu Oct 25 17:28:42 UTC 2018 - Arjen de Korte 
+
+- the "event" MPM is fully supported since 2.4
+- configure an OCSP stapling cache by default (still requires enabling
+  SSLUseStapling in vhost)
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.wXf5Po/_old  2018-11-06 15:34:41.395675133 +0100
+++ /var/tmp/diff_new_pack.wXf5Po/_new  2018-11-06 15:34:41.399675127 +0100
@@ -264,8 +264,7 @@
 process dies it will not affect other servers.
 
 %description event
-The event MPM (multi-Processing Module) is experimental, so it may or
-may not work as expected.
+"event" MPM (multi-Processing Module)
 
 It uses a separate thread to handle Keep Alive requests and accepting
 connections. Keep Alive requests have traditionally required httpd to

++ apache2-ssl-global.conf ++
--- /var/tmp/diff_new_pack.wXf5Po/_old  2018-11-06 15:34:41.723674636 +0100
+++ /var/tmp/diff_new_pack.wXf5Po/_new  2018-11-06 15:34:41.723674636 +0100
@@ -46,12 +46,27 @@
#SSLSessionCache dbm:/var/lib/apache2/ssl_scache
#
 
-
+   
SSLSessionCache shmcb:/var/lib/apache2/ssl_scache(512000)
-
+   
 
SSLSessionCacheTimeout  300
 
+   #   Configures the cache used to store OCSP responses which get 
included in
+   #   the TLS handshake if SSLUseStapling is enabled. Configuration of a 
cache
+   #   is mandatory for OCSP stapling. With the exception of none and 
nonenotnull,
+   #   the same storage types are supported as with SSLSessionCache.
+   #
+   #SSLStaplingCache   dbm:/var/lib/apache2/ssl_stapling
+   #
+
+   
+   SSLStaplingCacheshmcb:/var/lib/apache2/ssl_stapling(64000)
+   
+
+   SSLStaplingStandardCacheTimeout 86400
+   SSLStaplingErrorCacheTimeout300
+   SSLStaplingReturnResponderErrorsOff
 
#   Pseudo Random Number Generator (PRNG):
#   Configure one or more sources to seed the PRNG of the 
@@ -72,13 +87,13 @@
 
# SSL protocols
# Allow TLS version 1.2 only, which is a recommended default these days
-# by international information security standards.
+   # by international information security standards.
SSLProtocol TLSv1.2
 
#   SSL Cipher Suite:
#   List the ciphers that the client is permitted to negotiate.
#   See the mod_ssl documentation for a complete list.
-SSLCipherSuite 
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
+   SSLCipherSuite 
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
 
#   SSLHonorCipherOrder
#   If SSLHonorCipherOrder is disabled, then the client's preferences

++ apache2-vhost-ssl.template ++
--- /var/tmp/diff_new_pack.wXf5Po/_old  2018-11-06 15:34:41.739674612 +0100

commit apache2 for openSUSE:Factory

2018-10-29 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2018-10-29 14:14:39

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Mon Oct 29 14:14:39 2018 rev:150 rq:643962 version:2.4.37

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2018-10-04 
19:00:15.423281154 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2018-10-29 
14:56:51.245716852 +0100
@@ -1,0 +2,50 @@
+Thu Oct 18 20:41:02 UTC 2018 - Manu Maier 
+
+- updated to 2.4.37
+  * mod_ssl: Fix HTTP/2 failures when using OpenSSL 1.1.1. [Rainer Jung]
+  * mod_ssl: Fix crash during SSL renegotiation with OptRenegotiate set,
+when client certificates are available from the original handshake
+but were originally not verified and should get verified now.
+This is a regression in 2.4.36 (unreleased). [Ruediger Pluem]
+  * mod_ssl: Correctly merge configurations that have client certificates set
+by SSLProxyMachineCertificate{File|Path}. [Ruediger Pluem]
+- updated to 2.4.36
+  * mod_brotli, mod_deflate: Restore the separate handling of 304 Not Modified
+responses. Regression introduced in 2.4.35.
+  * mod_proxy_scgi, mod_proxy_uwsgi: improve error handling when sending the
+body of the response. [Jim Jagielski]
+  * mod_http2: adding defensive code for stream EOS handling, in case the 
request handler
+missed to signal it the normal way (eos buckets). Addresses github issues 
+https://github.com/icing/mod_h2/issues/164, 
https://github.com/icing/mod_h2/issues/167
+and https://github.com/icing/mod_h2/issues/170. [Stefan Eissing] 
+  * ab: Add client certificate support. [Graham Leggett]
+  * ab: Disable printing temp key for OpenSSL before
+version 1.0.2. SSL_get_server_tmp_key is not available
+there. [Rainer Jung]
+  * mod_ssl: Fix a regression that the configuration settings for verify mode
+and verify depth were taken from the frontend connection in case of
+connections by the proxy to the backend. PR 62769. [Ruediger Pluem]
+  * MPMs: Initialize all runtime/asynchronous objects on a dedicated pool and
+before signals handling to avoid lifetime issues on restart or shutdown.
+PR 62658. [Yann Ylavic]
+  * mod_ssl: Add support for OpenSSL 1.1.1 and TLSv1.3.  TLSv1.3 has
+behavioural changes compared to v1.2 and earlier; client and
+configuration changes should be expected.  SSLCipherSuite is
+enhanced for TLSv1.3 ciphers, but applies at vhost level only.
+[Stefan Eissing, Yann Ylavic, Ruediger Pluem, Joe Orton]
+  * mod_auth_basic: Be less tolerant when parsing the credencial. Only spaces
+should be accepted after the authorization scheme. \t are also tolerated.
+[Christophe Jaillet]
+  * mod_proxy_hcheck: Fix issues with interval determination. PR 62318
+[Jim Jagielski]
+  * mod_proxy_hcheck: Fix issues with TCP health checks. PR 61499
+[Dominik Stillhard ]
+  * mod_proxy_hcheck: take balancer's SSLProxy* directives into account.
+[Jim Jagielski]
+  * mod_status, mod_echo: Fix the display of client addresses.
+They were truncated to 31 characters which is not enough for IPv6 
addresses.
+This is done by deprecating the use of the 'client' field and using
+the new 'client64' field in worker_score.
+PR 54848 [Bernhard Schmidt , Jim Jagielski]
+
+---

Old:

  httpd-2.4.35.tar.bz2
  httpd-2.4.35.tar.bz2.asc

New:

  httpd-2.4.37.tar.bz2
  httpd-2.4.37.tar.bz2.asc



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.uBStzm/_old  2018-10-29 14:56:52.605721902 +0100
+++ /var/tmp/diff_new_pack.uBStzm/_new  2018-10-29 14:56:52.613721932 +0100
@@ -65,7 +65,7 @@
 %define build_http2 0
 %endif
 Name:   apache2
-Version:2.4.35
+Version:2.4.37
 Release:0
 Summary:The Apache Web Server Version 2.4
 License:Apache-2.0



++ httpd-2.4.35.tar.bz2 -> httpd-2.4.37.tar.bz2 ++
/work/SRC/openSUSE:Factory/apache2/httpd-2.4.35.tar.bz2 
/work/SRC/openSUSE:Factory/.apache2.new/httpd-2.4.37.tar.bz2 differ: char 11, 
line 1




commit apache2 for openSUSE:Factory

2018-10-04 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2018-10-04 19:00:13

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Thu Oct  4 19:00:13 2018 rev:149 rq:639405 version:2.4.35

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2018-10-01 
09:06:59.323811752 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2018-10-04 
19:00:15.423281154 +0200
@@ -1,0 +2,16 @@
+Mon Oct  1 13:38:05 UTC 2018 - Petr Gajdos 
+
+- consider also patterns in APACHE_CONF_INCLUDE_DIRS as documentation
+  says (patch Juergen Gleiss)
+
+---
+Thu Sep 27 10:25:40 UTC 2018 - Petr Gajdos 
+
+- relink /usr/sbin/httpd after apache2-MPM uninstall [bsc#1107930c#1]
+- simplify find_mpm function from script-helpers
+- /usr/sbin/httpd is now created depending on preference hardcoded
+  in find_mpm (script-helpers), not depending on alphabetical
+  order of MPMs
+- simplify spec file a bit
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.He9Oyy/_old  2018-10-04 19:00:16.891279619 +0200
+++ /var/tmp/diff_new_pack.He9Oyy/_new  2018-10-04 19:00:16.903279606 +0200
@@ -25,11 +25,7 @@
 %define apache_mmn %(test -s %{SOURCE0} && { echo -n apache_mmn_; bzcat 
%{SOURCE0} | awk '/^#define MODULE_MAGIC_NUMBER_MAJOR/ {printf "%d", $3}'; } || 
echo apache_mmn_notfound)
 %define suse_maintenance_mmn  0
 %definedefault_mpm prefork
-%define prefork 1
-%define worker 1
-%define event 1
-%define mpms_to_build  %(test %{prefork} = 1 && printf prefork) %(test 
%{worker} = 1 && printf worker) %(test %{event} = 1 && printf event)
-# dir names
+%define mpms_to_build  prefork worker event
 %define datadir/srv/www
 %define htdocsdir  %{datadir}/htdocs
 %define manualdir  %{_datadir}/%{name}/manual
@@ -228,7 +224,6 @@
  See %{_docdir}/apache2/, http://httpd.apache.org/, and
 http://httpd.apache.org/docs-2.4/upgrading.html.
 
-%if %worker
 %package worker
 Summary:Apache 2 worker MPM (Multi-Processing Module)
 Group:  Productivity/Networking/Web/Servers
@@ -236,9 +231,7 @@
 # the post scriptlet sources /usr/share/apache2/script-helpers
 Requires(post): %{name} = %{version}
 Provides:   %{name}-MPM
-%endif
 
-%if %prefork
 %package prefork
 Summary:Apache 2 "prefork" MPM (Multi-Processing Module)
 Group:  Productivity/Networking/Web/Servers
@@ -247,9 +240,7 @@
 Requires(post): %{name} = %{version}
 Provides:   %{name}-MPM
 Provides:   apache:%{_sbindir}/httpd
-%endif
 
-%if %event
 %package event
 Summary:Apache 2 event MPM (Multi-Processing Module)
 Group:  Productivity/Networking/Web/Servers
@@ -257,27 +248,21 @@
 # the post scriptlet sources /usr/share/apache2/script-helpers
 Requires(post): %{name} = %{version}
 Provides:   %{name}-MPM
-%endif
 
-%if %worker
 %description worker
 The worker MPM (multi-Processing Module) implementing a hybrid
 multi-threaded multi-process web server.
 
 This combination offers a performance boost and retains some of the
 stability of the multi-process model.
-%endif
 
-%if %{prefork}
 %description prefork
 "prefork" MPM (Multi-Processing Module)
 
 This MPM is basically the one that Apache 1.3.x used. It warrants the
 maximum stability because each server runs in its own process. If a
 process dies it will not affect other servers.
-%endif
 
-%if %{event}
 %description event
 The event MPM (multi-Processing Module) is experimental, so it may or
 may not work as expected.
@@ -289,7 +274,6 @@
 
 This MPM depends on APR's atomic compare-and-swap operations for thread
 synchronization.
-%endif
 
 %package devel
 Summary:Apache 2 Header and Include Files
@@ -894,7 +878,6 @@
 /usr/share/apache2/load_configuration
 %endif
 
-%if %{prefork}
 %files prefork
 %defattr(-,root,root)
 %{_sbindir}/httpd-prefork
@@ -1021,9 +1004,7 @@
 %{_libdir}/%{name}-prefork/mod_vhost_alias.so
 %{_libdir}/%{name}-prefork/mod_watchdog.so
 %{_libdir}/%{name}-prefork/mod_xml2enc.so
-%endif
 
-%if %{worker}
 %files worker
 %defattr(-,root,root)
 %{_sbindir}/httpd-worker
@@ -1150,9 +1131,7 @@
 %{_libdir}/%{name}-worker/mod_vhost_alias.so
 %{_libdir}/%{name}-worker/mod_watchdog.so
 %{_libdir}/%{name}-worker/mod_xml2enc.so
-%endif
 
-%if %{event}
 %files event
 %defattr(-,root,root)
 %{_sbindir}/httpd-event
@@ -1279,7 +1258,6 @@
 %{_libdir}/%{name}-event/mod_vhost_alias.so
 %{_libdir}/%{name}-event/mod_watchdog.so
 %{_libdir}/%{name}-event/mod_xml2enc.so
-%endif
 
 %files devel -f filelist-deve

commit apache2 for openSUSE:Factory

2018-10-01 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2018-10-01 09:06:57

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Mon Oct  1 09:06:57 2018 rev:148 rq:637684 version:2.4.35

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2018-08-03 
12:29:45.274900831 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2018-10-01 
09:06:59.323811752 +0200
@@ -1,0 +2,29 @@
+Mon Sep 24 12:53:08 UTC 2018 - Michael Ströder 
+
+- updated to 2.4.35:
+  * http: Enforce consistently no response body with both 204 and 304
+statuses.
+  * mod_status: Cumulate CPU time of exited child processes in the
+"cu" and "cs" values. Add CPU time of the parent process to the
+"c" and "s" values.
+  * mod_proxy: Improve the balancer member data shown in mod_status when
+"ProxyStatus" is "On": add "busy" count and show byte counts in
+auto mode always in units of kilobytes.
+  * mod_status: Add cumulated response duration time in milliseconds.
+  * mod_status: Complete the data shown for async MPMs in "auto" mode.
+Added number of processes, number of stopping processes and number
+of busy and idle workers.
+  * mod_ratelimit: Don't interfere with "chunked" encoding, fixing regression
+introduced in 2.4.34.  PR 62568.
+  * mod_proxy: Remove load order and link dependency between mod_lbmethod_*
+modules and mod_proxy. PR 62557.
+  * Allow the argument to , , , ,
+and  to be quoted.  This is primarily for the benefit of
+.
+  * mod_watchdog: Correct some log messages.
+  * mod_md: When the last domain name from an MD is moved to another one,
+that now empty MD gets moved to the store archive. PR 62572.
+  * mod_ssl: Fix merging of SSLOCSPOverrideResponder.
+  * mod_proxy_balancer: Restore compatibility with APR 1.4.
+
+---

Old:

  httpd-2.4.34.tar.bz2
  httpd-2.4.34.tar.bz2.asc

New:

  httpd-2.4.35.tar.bz2
  httpd-2.4.35.tar.bz2.asc



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.wpIV8G/_old  2018-10-01 09:07:00.759810521 +0200
+++ /var/tmp/diff_new_pack.wpIV8G/_new  2018-10-01 09:07:00.763810517 +0200
@@ -69,7 +69,7 @@
 %define build_http2 0
 %endif
 Name:   apache2
-Version:2.4.34
+Version:2.4.35
 Release:0
 Summary:The Apache Web Server Version 2.4
 License:Apache-2.0



++ httpd-2.4.34.tar.bz2 -> httpd-2.4.35.tar.bz2 ++
/work/SRC/openSUSE:Factory/apache2/httpd-2.4.34.tar.bz2 
/work/SRC/openSUSE:Factory/.apache2.new/httpd-2.4.35.tar.bz2 differ: char 11, 
line 1




commit apache2 for openSUSE:Factory

2018-08-03 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2018-08-03 12:29:41

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Fri Aug  3 12:29:41 2018 rev:147 rq:626658 version:2.4.34

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2018-07-26 
09:49:44.480937594 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2018-08-03 
12:29:45.274900831 +0200
@@ -1,0 +2,110 @@
+Mon Jul 16 12:03:39 UTC 2018 - pgaj...@suse.com
+
+- updated to 2.4.34:
+  *) Introduce zh-cn and zh-tw (simplified and traditional Chinese) error
+ document translations. [CodeingBoy, popcorner]
+  *) event: avoid possible race conditions with modules on the child pool.
+ [Stefan Fritsch]
+  *) mod_proxy: Fix a corner case where the ProxyPassReverseCookieDomain or
+ ProxyPassReverseCookiePath directive could fail to update correctly
+ 'domain=' or 'path=' in the 'Set-Cookie' header.  PR 61560.
+ [Christophe Jaillet]
+  *) mod_ratelimit: fix behavior when proxing content. PR 62362.
+ [Luca Toscano, Yann Ylavic]
+  *) core: Re-allow '_' (underscore) in hostnames.
+ [Eric Covener]
+  *) mod_authz_core: If several parameters are used in a AuthzProviderAlias
+ directive, if these parameters are not enclosed in quotation mark, only
+ the first one is handled. The other ones are silently ignored.
+ Add a message to warn about such a spurious configuration.
+ PR 62469 [Hank Ibell , Christophe Jaillet]
+  *) mod_md: improvements and bugfixes
+ - MDNotifyCmd now takes additional parameter that are passed on to the 
called command.
+ - ACME challenges have better checks for interference with other modules
+ - ACME challenges are only handled for domains managed by the module, 
allowing
+   other ACME clients to operate for other domains in the server.
+ - better libressl integration
+  *) mod_proxy_wstunnel: Add default schema ports for 'ws' and 'wss'.
+ PR 62480. [Lubos Uhliarik }
+  *) logging: Some early logging-related startup messages could be lost
+ when using syslog for the global ErrorLog. [Eric Covener]
+  *) mod_cache: Handle case of an invalid Expires header value RFC compliant
+ like the case of an Expires time in the past: allow to overwrite the
+ non-caching decision using CacheStoreExpired and respect Cache-Control
+ "max-age" and "s-maxage".  [Rainer Jung]
+  *) mod_xml2enc: Fix forwarding of error metadata/responses. PR 62180.
+ [Micha Lenk , Yann Ylavic]
+  *) mod_proxy_http: Fix response header thrown away after the previous one
+ was considered too large and truncated. PR 62196. [Yann Ylavic]
+  *) core: Add and handle AP_GETLINE_NOSPC_EOL flag for ap_getline() family
+ of functions to consume the end of line when the buffer is exhausted.
+ PR 62198. [Yann Ylavic]
+  *) mod_proxy_http: Add new worker parameter 'responsefieldsize' to
+ allow maximum HTTP response header size to be increased past 8192
+ bytes.  PR 62199.  [Hank Ibell ]
+  *) mod_ssl: Extend SSLOCSPEnable with mode 'leaf' that only checks the leaf
+ of a certificate chain.  PR62112.
+ [Ricardo Martin Camarero ]
+  *) http: Fix small memory leak per request when handling persistent
+ connections.  [Ruediger Pluem, Joe Orton]
+  *) mod_proxy_html: Fix variable interpolation and memory allocation failure
+ in ProxyHTMLURLMap.  [Ewald Dieterich ]
+  *) mod_remoteip: Fix RemoteIP{Trusted,Internal}ProxyList loading broken by 
2.4.30.
+ PR 62220.  [Chritophe Jaillet, Yann Ylavic]
+  *) mod_remoteip: When overriding the useragent address from X-Forwarded-For,
+ zero out what had been initialized as the connection-level port.  PR59931.
+ [Hank Ibell ]
+  *) core: In ONE_PROCESS/debug mode, cleanup everything when exiting.
+ [Yann Ylavic]
+  *) mod_proxy_balancer: Add hot spare member type and corresponding flag (R).
+ Hot spare members are used as drop-in replacements for unusable workers
+ in the same load balancer set. This differs from hot standbys which are
+ only used when all workers in a set are unusable. PR 61140. [Jim Riggs]
+  *) suexec: Add --enable-suexec-capabilites support on Linux, to use
+ setuid/setgid capability bits rather than a setuid root binary.
+ [Joe Orton]
+  *) suexec: Add support for logging to syslog as an alternative to
+ logging to a file; use --without-suexec-logfile --with-suexec-syslog.
+ [Joe Orton]
+  *) mod_ssl: Restore 2.4.29 behaviour in SSL vhost merging/enabling
+ which broke some rare but previously-working configs.  [Joe Orton]
+  *) core, log: improve sanity checks for the ErrorLog's syslog config, and
+ explicitly allow only lowercase 'syslog' set

commit apache2 for openSUSE:Factory

2018-07-26 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2018-07-26 09:49:39

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Thu Jul 26 09:49:39 2018 rev:146 rq: version:2.4.33

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2018-07-25 
16:04:02.208838383 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2018-07-26 
09:49:44.480937594 +0200
@@ -2,110 +1,0 @@
-Mon Jul 16 12:03:39 UTC 2018 - pgaj...@suse.com
-
-- updated to 2.4.34:
-  *) Introduce zh-cn and zh-tw (simplified and traditional Chinese) error
- document translations. [CodeingBoy, popcorner]
-  *) event: avoid possible race conditions with modules on the child pool.
- [Stefan Fritsch]
-  *) mod_proxy: Fix a corner case where the ProxyPassReverseCookieDomain or
- ProxyPassReverseCookiePath directive could fail to update correctly
- 'domain=' or 'path=' in the 'Set-Cookie' header.  PR 61560.
- [Christophe Jaillet]
-  *) mod_ratelimit: fix behavior when proxing content. PR 62362.
- [Luca Toscano, Yann Ylavic]
-  *) core: Re-allow '_' (underscore) in hostnames.
- [Eric Covener]
-  *) mod_authz_core: If several parameters are used in a AuthzProviderAlias
- directive, if these parameters are not enclosed in quotation mark, only
- the first one is handled. The other ones are silently ignored.
- Add a message to warn about such a spurious configuration.
- PR 62469 [Hank Ibell , Christophe Jaillet]
-  *) mod_md: improvements and bugfixes
- - MDNotifyCmd now takes additional parameter that are passed on to the 
called command.
- - ACME challenges have better checks for interference with other modules
- - ACME challenges are only handled for domains managed by the module, 
allowing
-   other ACME clients to operate for other domains in the server.
- - better libressl integration
-  *) mod_proxy_wstunnel: Add default schema ports for 'ws' and 'wss'.
- PR 62480. [Lubos Uhliarik }
-  *) logging: Some early logging-related startup messages could be lost
- when using syslog for the global ErrorLog. [Eric Covener]
-  *) mod_cache: Handle case of an invalid Expires header value RFC compliant
- like the case of an Expires time in the past: allow to overwrite the
- non-caching decision using CacheStoreExpired and respect Cache-Control
- "max-age" and "s-maxage".  [Rainer Jung]
-  *) mod_xml2enc: Fix forwarding of error metadata/responses. PR 62180.
- [Micha Lenk , Yann Ylavic]
-  *) mod_proxy_http: Fix response header thrown away after the previous one
- was considered too large and truncated. PR 62196. [Yann Ylavic]
-  *) core: Add and handle AP_GETLINE_NOSPC_EOL flag for ap_getline() family
- of functions to consume the end of line when the buffer is exhausted.
- PR 62198. [Yann Ylavic]
-  *) mod_proxy_http: Add new worker parameter 'responsefieldsize' to
- allow maximum HTTP response header size to be increased past 8192
- bytes.  PR 62199.  [Hank Ibell ]
-  *) mod_ssl: Extend SSLOCSPEnable with mode 'leaf' that only checks the leaf
- of a certificate chain.  PR62112.
- [Ricardo Martin Camarero ]
-  *) http: Fix small memory leak per request when handling persistent
- connections.  [Ruediger Pluem, Joe Orton]
-  *) mod_proxy_html: Fix variable interpolation and memory allocation failure
- in ProxyHTMLURLMap.  [Ewald Dieterich ]
-  *) mod_remoteip: Fix RemoteIP{Trusted,Internal}ProxyList loading broken by 
2.4.30.
- PR 62220.  [Chritophe Jaillet, Yann Ylavic]
-  *) mod_remoteip: When overriding the useragent address from X-Forwarded-For,
- zero out what had been initialized as the connection-level port.  PR59931.
- [Hank Ibell ]
-  *) core: In ONE_PROCESS/debug mode, cleanup everything when exiting.
- [Yann Ylavic]
-  *) mod_proxy_balancer: Add hot spare member type and corresponding flag (R).
- Hot spare members are used as drop-in replacements for unusable workers
- in the same load balancer set. This differs from hot standbys which are
- only used when all workers in a set are unusable. PR 61140. [Jim Riggs]
-  *) suexec: Add --enable-suexec-capabilites support on Linux, to use
- setuid/setgid capability bits rather than a setuid root binary.
- [Joe Orton]
-  *) suexec: Add support for logging to syslog as an alternative to
- logging to a file; use --without-suexec-logfile --with-suexec-syslog.
- [Joe Orton]
-  *) mod_ssl: Restore 2.4.29 behaviour in SSL vhost merging/enabling
- which broke some rare but previously-working configs.  [Joe Orton]
-  *) core, log: improve sanity checks for the ErrorLog's syslog config, and
- explicitly allow only lowercase 'syslog' settings.

commit apache2 for openSUSE:Factory

2018-07-25 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2018-07-25 16:03:51

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Wed Jul 25 16:03:51 2018 rev:145 rq:623132 version:2.4.34

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2018-04-23 
15:24:38.309213933 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2018-07-25 
16:04:02.208838383 +0200
@@ -1,0 +2,110 @@
+Mon Jul 16 12:03:39 UTC 2018 - pgaj...@suse.com
+
+- updated to 2.4.34:
+  *) Introduce zh-cn and zh-tw (simplified and traditional Chinese) error
+ document translations. [CodeingBoy, popcorner]
+  *) event: avoid possible race conditions with modules on the child pool.
+ [Stefan Fritsch]
+  *) mod_proxy: Fix a corner case where the ProxyPassReverseCookieDomain or
+ ProxyPassReverseCookiePath directive could fail to update correctly
+ 'domain=' or 'path=' in the 'Set-Cookie' header.  PR 61560.
+ [Christophe Jaillet]
+  *) mod_ratelimit: fix behavior when proxing content. PR 62362.
+ [Luca Toscano, Yann Ylavic]
+  *) core: Re-allow '_' (underscore) in hostnames.
+ [Eric Covener]
+  *) mod_authz_core: If several parameters are used in a AuthzProviderAlias
+ directive, if these parameters are not enclosed in quotation mark, only
+ the first one is handled. The other ones are silently ignored.
+ Add a message to warn about such a spurious configuration.
+ PR 62469 [Hank Ibell , Christophe Jaillet]
+  *) mod_md: improvements and bugfixes
+ - MDNotifyCmd now takes additional parameter that are passed on to the 
called command.
+ - ACME challenges have better checks for interference with other modules
+ - ACME challenges are only handled for domains managed by the module, 
allowing
+   other ACME clients to operate for other domains in the server.
+ - better libressl integration
+  *) mod_proxy_wstunnel: Add default schema ports for 'ws' and 'wss'.
+ PR 62480. [Lubos Uhliarik }
+  *) logging: Some early logging-related startup messages could be lost
+ when using syslog for the global ErrorLog. [Eric Covener]
+  *) mod_cache: Handle case of an invalid Expires header value RFC compliant
+ like the case of an Expires time in the past: allow to overwrite the
+ non-caching decision using CacheStoreExpired and respect Cache-Control
+ "max-age" and "s-maxage".  [Rainer Jung]
+  *) mod_xml2enc: Fix forwarding of error metadata/responses. PR 62180.
+ [Micha Lenk , Yann Ylavic]
+  *) mod_proxy_http: Fix response header thrown away after the previous one
+ was considered too large and truncated. PR 62196. [Yann Ylavic]
+  *) core: Add and handle AP_GETLINE_NOSPC_EOL flag for ap_getline() family
+ of functions to consume the end of line when the buffer is exhausted.
+ PR 62198. [Yann Ylavic]
+  *) mod_proxy_http: Add new worker parameter 'responsefieldsize' to
+ allow maximum HTTP response header size to be increased past 8192
+ bytes.  PR 62199.  [Hank Ibell ]
+  *) mod_ssl: Extend SSLOCSPEnable with mode 'leaf' that only checks the leaf
+ of a certificate chain.  PR62112.
+ [Ricardo Martin Camarero ]
+  *) http: Fix small memory leak per request when handling persistent
+ connections.  [Ruediger Pluem, Joe Orton]
+  *) mod_proxy_html: Fix variable interpolation and memory allocation failure
+ in ProxyHTMLURLMap.  [Ewald Dieterich ]
+  *) mod_remoteip: Fix RemoteIP{Trusted,Internal}ProxyList loading broken by 
2.4.30.
+ PR 62220.  [Chritophe Jaillet, Yann Ylavic]
+  *) mod_remoteip: When overriding the useragent address from X-Forwarded-For,
+ zero out what had been initialized as the connection-level port.  PR59931.
+ [Hank Ibell ]
+  *) core: In ONE_PROCESS/debug mode, cleanup everything when exiting.
+ [Yann Ylavic]
+  *) mod_proxy_balancer: Add hot spare member type and corresponding flag (R).
+ Hot spare members are used as drop-in replacements for unusable workers
+ in the same load balancer set. This differs from hot standbys which are
+ only used when all workers in a set are unusable. PR 61140. [Jim Riggs]
+  *) suexec: Add --enable-suexec-capabilites support on Linux, to use
+ setuid/setgid capability bits rather than a setuid root binary.
+ [Joe Orton]
+  *) suexec: Add support for logging to syslog as an alternative to
+ logging to a file; use --without-suexec-logfile --with-suexec-syslog.
+ [Joe Orton]
+  *) mod_ssl: Restore 2.4.29 behaviour in SSL vhost merging/enabling
+ which broke some rare but previously-working configs.  [Joe Orton]
+  *) core, log: improve sanity checks for the ErrorLog's syslog config, and
+ explicitly allow only lowercase 'syslog' set

commit apache2 for openSUSE:Factory

2018-04-23 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2018-04-23 15:24:35

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Mon Apr 23 15:24:35 2018 rev:144 rq:591693 version:2.4.33

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2018-03-26 
11:52:23.121929905 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2018-04-23 
15:24:38.309213933 +0200
@@ -1,0 +2,147 @@
+Tue Mar 27 15:22:00 UTC 2018 - mikhail.kasi...@gmail.com
+
+- Updated description for SSLProtocol option. [bsc#1086854]
+---
+Tue Mar 27 14:19:00 UTC 2018 - mikhail.kasi...@gmail.com
+
+- Updated description (PCI DSS) for SSLProtocol option. [bsc#1086854]
+---
+Mon Mar 26 14:16:14 UTC 2018 - pgaj...@suse.com
+
+- SSLProtocol TLSv1.2 [bsc#1086854]
+
+---
+Mon Mar 19 09:15:28 UTC 2018 - pgaj...@suse.com
+
+- updated to 2.4.33:
+  *) core: Fix request timeout logging and possible crash for error_log hooks.
+ [Yann Ylavic]
+  *) mod_slomem_shm: Fix failure to create balancers's slotmems in Windows MPM,
+ where children processes need to attach them instead since they are owned
+ by the parent process already.  [Yann Ylavic]
+  *) ab: try all destination socket addresses returned by
+ apr_sockaddr_info_get instead of failing on first one when not available.
+ Needed for instance if localhost resolves to both ::1 and 127.0.0.1
+ e.g. if both are in /etc/hosts.  [Jan Kaluza]
+  *) ab: Use only one connection to determine working destination socket
+ address.  [Jan Kaluza]
+  *) ab: LibreSSL doesn't have or require Windows applink.c.  [Gregg L. Smith]
+  *) htpasswd/htdigest: Disable support for bcrypt on EBCDIC platforms.
+ apr-util's bcrypt implementation doesn't tolerate EBCDIC.  [Eric Covener]
+  *) htpasswd/htdbm: report the right limit when get_password() overflows.
+ [Yann Ylavic]
+  *) htpasswd: Don't fail in -v mode if password file is unwritable.
+ PR 61631.  [Joe Orton]
+  *) htpasswd: don't point to (unused) stack memory on output
+ to make static analysers happy.  PR 60634.
+ [Yann Ylavic, reported by shqking and Zhenwei Zou]
+  *) mod_access_compat: Fail if a comment is found in an Allow or Deny
+ directive.  [Jan Kaluza]
+  *) mod_authz_host: Ignore comments after "Require host", logging a
+ warning, or logging an error if the line is otherwise empty.
+ [Jan Kaluza, Joe Orton]
+  *) rotatelogs: Fix expansion of %Z in localtime (-l) mode, and fix
+ Y2K38 bug.  [Joe Orton]
+  *) mod_ssl: Support SSL DN raw variable extraction without conversion
+ to UTF-8, using _RAW suffix on variable names.  [Joe Orton]
+  *) ab: Fix https:// connection failures (regression in 2.4.30); fix
+ crash generating CSV output for large -n.  [Joe Orton, Jan Kaluza]
+  *) mod_proxy_fcgi: Add the support for mod_proxy's flushpackets and flushwait
+ parameters. [Luca Toscano, Ruediger Pluem, Yann Ylavic]
+  *) mod_ldap: Avoid possible crashes, hangs, and busy loops due to
+ improper merging of the cache lock in vhost config.
+ PR 43164 [Eric Covener]
+  *) mpm_event: Do lingering close in worker(s).  [Yann Ylavic]
+  *) mpm_queue: Put fdqueue code in common for MPMs event and worker.
+ [Yann Ylavic]
+  *) mod_session: Strip Session header when SessionEnv is on.  [Yann Ylavic]
+  *) mod_cache_socache: Fix caching of empty headers up to carriage return.
+ [Yann Ylavic]
+  *) core: For consistency, ensure that read lines are NUL terminated on any
+ error, not only on buffer full.  [Yann Ylavic]
+  *) mod_authnz_ldap: Fix language long names detection as short name.
+ [Yann Ylavic]
+  *) mod_proxy: Worker schemes and hostnames which are too large are no
+ longer fatal errors; it is logged and the truncated values are stored.
+ [Jim Jagielski]
+  *) regex: Allow to configure global/default options for regexes, like
+ caseless matching or extended format.  [Yann Ylavic]
+  *) mod_auth_digest: Actually use the secret when generating nonces. This 
change
+ may cause problems if used with round robin load balancers. PR 54637
+ [Stefan Fritsch]
+  *) mod_proxy: Allow setting options to globally defined balancer from
+ ProxyPass used in VirtualHost. Balancers are now merged using the new
+ merge_balancers method which merges the balancers options.  [Jan Kaluza]
+  *) logresolve: Fix incorrect behavior or segfault if -c flag is used
+ Fixes: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823259
+ [Stefan Fritsch]
+  *) mod_remoteip: Add

commit apache2 for openSUSE:Factory

2018-03-26 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2018-03-26 11:52:11

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Mon Mar 26 11:52:11 2018 rev:143 rq:588443 version:2.4.29

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2018-02-14 
09:19:56.436880482 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2018-03-26 
11:52:23.121929905 +0200
@@ -1,0 +2,5 @@
+Mon Mar 19 07:53:04 UTC 2018 - pgaj...@suse.com
+
+- Replace SuSEFirewall2 by firewalld II (fate#323460) [bsc#1083492]
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.SQ4vBW/_old  2018-03-26 11:52:26.293815474 +0200
+++ /var/tmp/diff_new_pack.SQ4vBW/_new  2018-03-26 11:52:26.297815330 +0200
@@ -153,6 +153,9 @@
 #Since 2.4.7 the event MPM requires apr 1.5.0 or later.
 BuildRequires:  apr-devel >= 1.5.0
 BuildRequires:  automake
+%if %{use_firewalld}
+BuildRequires:  firewall-macros
+%endif
 %if 0%{?suse_version} >= 1315
 BuildRequires:  pkgconfig(libbrotlidec)
 BuildRequires:  pkgconfig(libbrotlienc)
@@ -1492,6 +1495,9 @@
   ln -sf $HTTPD_SBIN_BASE-$HTTPD_MPM $HTTPD_SBIN_BASE
 fi
 #
+%if %{use_firewalld}
+%firewalld_reload
+%endif
 exit 0
 
 %posttrans







commit apache2 for openSUSE:Factory

2018-02-14 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2018-02-14 09:19:51

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Wed Feb 14 09:19:51 2018 rev:142 rq:575500 version:2.4.29

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2018-02-05 
10:46:46.345828381 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2018-02-14 
09:19:56.436880482 +0100
@@ -1,0 +2,5 @@
+Mon Feb  5 07:14:03 UTC 2018 - pgaj...@suse.com
+
+- build mod_http2 also for 42.3
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.SgF6V5/_old  2018-02-14 09:19:58.128819157 +0100
+++ /var/tmp/diff_new_pack.SgF6V5/_new  2018-02-14 09:19:58.132819012 +0100
@@ -62,6 +62,11 @@
 %else
 %define use_firewalld 0
 %endif
+%if 0%{?suse_version} >= 1500 || 0%{?is_opensuse}
+%define build_http2 1
+%else
+%define build_http2 0
+%endif
 Name:   apache2
 Version:2.4.29
 Release:0
@@ -204,7 +209,7 @@
 BuildRequires:  pkgconfig(libsystemd)
 BuildRequires:  pkgconfig(systemd)
 %endif
-%if 0%{?suse_version} > 1320
+%if 0%{?build_http2}
 BuildRequires:  pkgconfig(libnghttp2) >= 1.2.1
 %endif
 
@@ -952,7 +957,7 @@
 %{_libdir}/%{name}-prefork/mod_filter.so
 %{_libdir}/%{name}-prefork/mod_headers.so
 %{_libdir}/%{name}-prefork/mod_heartmonitor.so
-%if 0%{?suse_version} > 1320
+%if 0%{?build_http2}
 %{_libdir}/%{name}-prefork/mod_http2.so
 %endif
 %{_libdir}/%{name}-prefork/mod_imagemap.so
@@ -1080,7 +1085,7 @@
 %{_libdir}/%{name}-worker/mod_filter.so
 %{_libdir}/%{name}-worker/mod_headers.so
 %{_libdir}/%{name}-worker/mod_heartmonitor.so
-%if 0%{?suse_version} > 1320
+%if 0%{?build_http2}
 %{_libdir}/%{name}-worker/mod_http2.so
 %endif
 %{_libdir}/%{name}-worker/mod_imagemap.so
@@ -1207,7 +1212,7 @@
 %{_libdir}/%{name}-event/mod_file_cache.so
 %{_libdir}/%{name}-event/mod_filter.so
 %{_libdir}/%{name}-event/mod_headers.so
-%if 0%{?suse_version} > 1320
+%if 0%{?build_http2}
 %{_libdir}/%{name}-event/mod_http2.so
 %endif
 %{_libdir}/%{name}-event/mod_heartmonitor.so







commit apache2 for openSUSE:Factory

2018-02-05 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2018-02-05 10:46:29

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Mon Feb  5 10:46:29 2018 rev:141 rq:572001 version:2.4.29

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2018-01-09 
14:37:56.658705338 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2018-02-05 
10:46:46.345828381 +0100
@@ -1,0 +2,15 @@
+Fri Feb  2 07:39:23 UTC 2018 - pgaj...@suse.com
+
+- remove NameVirtualHost from documentation [bsc#1078557]
+
+---
+Tue Jan 30 09:16:26 UTC 2018 - pgaj...@suse.com
+
+- for older distros, still use SuSEFirewall2 [bsc#1071548c#7]
+
+---
+Mon Jan 29 09:23:46 UTC 2018 - knut.anders...@suse.com
+
+- Replace SuSEFirewall2 by firewalld (fate#323460)
+
+---

Old:

  apache2.firewall
  apache2.ssl-firewall

New:

  apache2.firewalld
  apache2.ssl.firewalld
  apache2.ssl.susefirewall
  apache2.susefirewall



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.TmEBJe/_old  2018-02-05 10:46:58.093278388 +0100
+++ /var/tmp/diff_new_pack.TmEBJe/_new  2018-02-05 10:46:58.097278200 +0100
@@ -57,6 +57,11 @@
 %define runtimedir %{_localstatedir}/run
 %define mods_static unixd
 %endif
+%if 0%{?suse_version} >= 1500
+%define use_firewalld 1
+%else
+%define use_firewalld 0
+%endif
 Name:   apache2
 Version:2.4.29
 Release:0
@@ -88,8 +93,13 @@
 Source45:   sysconf_addword
 Source46:   a2enflag
 Source47:   a2enmod
-Source49:   apache2.firewall
-Source50:   apache2.ssl-firewall
+#%%if %{use_firewalld}
+Source49:   apache2.firewalld
+Source50:   apache2.ssl.firewalld
+#%%%else
+Source51:   apache2.susefirewall
+Source52:   apache2.ssl.susefirewall
+#%%endif
 Source100:  apache2-httpd.conf
 Source101:  apache2-errors.conf
 Source102:  apache2-default-server.conf
@@ -686,9 +696,14 @@
 popd
 
 # install firewall information file
+%if %{use_firewalld}
+install -D -m 644 %{SOURCE49} 
%{buildroot}%{_libexecdir}/firewalld/services/%{name}.xml
+install -D -m 644 %{SOURCE50} 
%{buildroot}%{_libexecdir}/firewalld/services/%{name}-ssl.xml
+%else
 install -d %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/
-install -m 644 %{SOURCE49} 
%{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}
-install -m 644 %{SOURCE50} 
%{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}-ssl
+install -m 644 %{SOURCE51} 
%{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}
+install -m 644 %{SOURCE52} 
%{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}-ssl
+%endif
 ln -sf %{_bindir}/apxs %{buildroot}%{_sbindir}
 #
 # compat symlinks apache2 -> apache
@@ -861,8 +876,15 @@
 %{_datadir}/%{name}/deprecated-scripts
 %{_datadir}/%{name}/script-helpers
 %{_datadir}/%{name}/sysconf_addword
+%if %{use_firewalld}
+%dir %{_libexecdir}/firewalld
+%dir %{_libexecdir}/firewalld/services
+%{_libexecdir}/firewalld/services/%{name}.xml
+%{_libexecdir}/firewalld/services/%{name}-ssl.xml
+%else
 %config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}
 %config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}-ssl
+%endif
 %if 0%{?suse_version} == 1110
 /usr/share/apache2/find_mpm
 /usr/share/apache2/get_includes

++ apache2-listen.conf ++
--- /var/tmp/diff_new_pack.TmEBJe/_old  2018-02-05 10:46:58.333267152 +0100
+++ /var/tmp/diff_new_pack.TmEBJe/_new  2018-02-05 10:46:58.333267152 +0100
@@ -30,18 +30,3 @@
 
 
 
-# Use name-based virtual hosting
-# 
-# - on a specified address / port:
-#
-#NameVirtualHost 12.34.56.78:80
-#
-# - name-based virtual hosting:
-#
-#NameVirtualHost *:80
-#
-# - on all addresses and ports. This is your best bet when you are on
-#   dynamically assigned IP addresses:
-#
-#NameVirtualHost *
-

++ apache2-vhost-ssl.template ++
--- /var/tmp/diff_new_pack.TmEBJe/_old  2018-02-05 10:46:58.537257601 +0100
+++ /var/tmp/diff_new_pack.TmEBJe/_new  2018-02-05 10:46:58.537257601 +0100
@@ -4,9 +4,6 @@
 #
 # See /usr/share/doc/packages/apache2/README.QUICKSTART for further hints
 # about virtual hosts.
-
-# NameVirtualHost statements should be added to /etc/apache2/listen.conf.
-
 #
 # This is the Apache server configuration file providing SSL support.
 # It contains the configuration directives to instruct the server how to

++ apache2-vhost.template ++
--- /var/tmp/diff_new_pack.TmEBJe

commit apache2 for openSUSE:Factory

2018-01-09 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2018-01-09 14:37:52

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Tue Jan  9 14:37:52 2018 rev:140 rq:561062 version:2.4.29

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2017-12-08 
21:47:27.126904130 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2018-01-09 
14:37:56.658705338 +0100
@@ -1,0 +2,20 @@
+Wed Dec 20 16:18:56 UTC 2017 - pgaj...@suse.com
+
+- build brotli module
+
+---
+Wed Dec 20 13:17:46 UTC 2017 - fcro...@suse.com
+
+- Do not requires w3m, only recommends it.
+
+---
+Tue Dec 19 09:47:13 UTC 2017 - pgaj...@suse.com
+
+- do not build with nghttp2 for SLE-12-SP3
+
+---
+Fri Dec 15 13:05:29 UTC 2017 - pgaj...@suse.com
+
+- which was split after SLE11
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.uzkIeP/_old  2018-01-09 14:37:58.022641363 +0100
+++ /var/tmp/diff_new_pack.uzkIeP/_new  2018-01-09 14:37:58.030640988 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package apache2
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -135,11 +135,15 @@
 Patch116:   deprecated-scripts-arch.patch
 BuildRequires:  apache-rpm-macros-control
 BuildRequires:  apr-util-devel
+#Since 2.4.7 the event MPM requires apr 1.5.0 or later.
+BuildRequires:  apr-devel >= 1.5.0
 BuildRequires:  automake
+%if 0%{?suse_version} >= 1315
+BuildRequires:  pkgconfig(libbrotlidec)
+BuildRequires:  pkgconfig(libbrotlienc)
+%endif
 BuildRequires:  db-devel
 BuildRequires:  ed
-#Since 2.4.7 the event MPM requires apr 1.5.0 or later.
-BuildRequires:  apr-devel >= 1.5.0
 BuildRequires:  libcap-devel
 #for mod_proxy_html and mod_xml2enc
 BuildRequires:  libxml2-devel
@@ -153,8 +157,10 @@
 Requires:   %{_sysconfdir}/mime.types
 Requires:   %{name}-MPM
 Requires:   logrotate
-Requires:   w3m
+Recommends: w3m
+%if 0%{?suse_version} >= 1315
 Requires:   which
+%endif
 %if 0%{?suse_version} < 1210
 Requires(post): %insserv_prereq
 %endif
@@ -188,7 +194,7 @@
 BuildRequires:  pkgconfig(libsystemd)
 BuildRequires:  pkgconfig(systemd)
 %endif
-%if 0%{?suse_version} > 1320 || 0%{?sle_version} >= 120200
+%if 0%{?suse_version} > 1320
 BuildRequires:  pkgconfig(libnghttp2) >= 1.2.1
 %endif
 
@@ -375,6 +381,9 @@
--enable-ssl=shared \
--disable-isapi \
--enable-deflate \
+%if 0%{?suse_version} >= 1315
+--enable-brotli \
+%endif
--enable-echo \
--enable-filter \
--enable-ext-filter \
@@ -907,6 +916,9 @@
 %{_libdir}/%{name}-prefork/mod_dav_lock.so
 %{_libdir}/%{name}-prefork/mod_dbd.so
 %{_libdir}/%{name}-prefork/mod_deflate.so
+%if 0%{?suse_version} >= 1315
+%{_libdir}/%{name}-prefork/mod_brotli.so
+%endif
 %{_libdir}/%{name}-prefork/mod_dialup.so
 %{_libdir}/%{name}-prefork/mod_dir.so
 %{_libdir}/%{name}-prefork/mod_dumpio.so
@@ -918,7 +930,7 @@
 %{_libdir}/%{name}-prefork/mod_filter.so
 %{_libdir}/%{name}-prefork/mod_headers.so
 %{_libdir}/%{name}-prefork/mod_heartmonitor.so
-%if 0%{?suse_version} > 1320 || 0%{?sle_version} >= 120200
+%if 0%{?suse_version} > 1320
 %{_libdir}/%{name}-prefork/mod_http2.so
 %endif
 %{_libdir}/%{name}-prefork/mod_imagemap.so
@@ -1032,6 +1044,9 @@
 %{_libdir}/%{name}-worker/mod_dav_lock.so
 %{_libdir}/%{name}-worker/mod_dbd.so
 %{_libdir}/%{name}-worker/mod_deflate.so
+%if 0%{?suse_version} >= 1315
+%{_libdir}/%{name}-worker/mod_brotli.so
+%endif
 %{_libdir}/%{name}-worker/mod_dialup.so
 %{_libdir}/%{name}-worker/mod_dir.so
 %{_libdir}/%{name}-worker/mod_dumpio.so
@@ -1043,7 +1058,7 @@
 %{_libdir}/%{name}-worker/mod_filter.so
 %{_libdir}/%{name}-worker/mod_headers.so
 %{_libdir}/%{name}-worker/mod_heartmonitor.so
-%if 0%{?suse_version} > 1320 || 0%{?sle_version} >= 120200
+%if 0%{?suse_version} > 1320
 %{_libdir}/%{name}-worker/mod_http2.so
 %endif
 %{_libdir}/%{name}-worker/mod_imagemap.so
@@ -1156,6 +1171,9 @@
 %{_libdir}/%{name}-event/mod_dav_fs.so
 %{_libdir}/%{name}-event/mod_dav_lock.so
 %{_libdir}/%{name}-event/mod_dbd.so
+%if 0%{?suse_version} >= 1315
+%{_libdir}/%{name}-event/mod_brotli.so
+%endif
 %{_li

commit apache2 for openSUSE:Factory

2017-12-08 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2017-12-08 21:46:26

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Fri Dec  8 21:46:26 2017 rev:139 rq:548029 version:2.4.29

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2017-11-23 
09:37:17.656101233 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2017-12-08 
21:47:27.126904130 +0100
@@ -1,0 +2,11 @@
+Sun Nov 26 17:25:10 UTC 2017 - sergiolindo.empr...@gmail.com
+
+- Add which and w3m as dependencies. poo#28406 
+
+---
+Thu Nov 23 13:43:30 UTC 2017 - rbr...@suse.com
+
+- Replace references to /var/adm/fillup-templates with new 
+  %_fillupdir macro (boo#1069468)
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.PQ8VEI/_old  2017-12-08 21:47:28.534843565 +0100
+++ /var/tmp/diff_new_pack.PQ8VEI/_new  2017-12-08 21:47:28.542843221 +0100
@@ -16,6 +16,11 @@
 #
 
 
+#Compat macro for new _fillupdir macro introduced in Nov 2017
+%if ! %{defined _fillupdir}
+  %define _fillupdir /var/adm/fillup-templates
+%endif
+
 %define apache_mmn %(test -s %{SOURCE0} && { echo -n apache_mmn_; bzcat 
%{SOURCE0} | awk '/^#define MODULE_MAGIC_NUMBER_MAJOR/ {printf "%d", $3}'; })
 %define suse_maintenance_mmn  0
 %definedefault_mpm prefork
@@ -148,6 +153,8 @@
 Requires:   %{_sysconfdir}/mime.types
 Requires:   %{name}-MPM
 Requires:   logrotate
+Requires:   w3m
+Requires:   which
 %if 0%{?suse_version} < 1210
 Requires(post): %insserv_prereq
 %endif
@@ -517,7 +524,7 @@
 rm %{buildroot}/%{sysconfdir}/httpd-*.conf
 #
 # create directories
-mkdir -p %{buildroot}/%{_var}/adm/fillup-templates \
+mkdir -p %{buildroot}/%{_fillupdir} \
 %{buildroot}/%{proxycachedir} \
 %{buildroot}/%{localstatedir}
 #
@@ -574,7 +581,7 @@
 #
 # install sysconfig template
 install -m 644 $RPM_SOURCE_DIR/sysconfig.%{name} \
-   %{buildroot}/%{_var}/adm/fillup-templates/sysconfig.%{name}
+   %{buildroot}/%{_fillupdir}/sysconfig.%{name}
 #
 # install configuration files:
 mkdir -p %{buildroot}/%{runtimedir}
@@ -609,7 +616,7 @@
 %if "%{_lib}" != "lib64"
 sed -e 's/lib64/%{_lib}/' -i \
   %{buildroot}/%{sysconfdir}/loadmodule.conf \
-  %{buildroot}/%{_var}/adm/fillup-templates/sysconfig.%{name}
+  %{buildroot}/%{_fillupdir}/sysconfig.%{name}
 %endif
 
 # remove configuration for mpms which have not been built
@@ -836,7 +843,7 @@
 %{_sbindir}/suexec2
 %{iconsdir}
 %{errordir}
-%{_var}/adm/fillup-templates/sysconfig.%{name}
+%{_fillupdir}/sysconfig.%{name}
 %attr(755,root,root) %{_libdir}/%{name}_MMN
 %dir %{_libdir}/%{name}
 %{_libdir}/%{name}/mod_*.so







commit apache2 for openSUSE:Factory

2017-11-23 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2017-11-23 09:37:15

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Thu Nov 23 09:37:15 2017 rev:138 rq:543119 version:2.4.29

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2017-10-23 
16:42:08.116012366 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2017-11-23 
09:37:17.656101233 +0100
@@ -1,0 +2,6 @@
+Mon Nov 20 08:43:45 UTC 2017 - pgaj...@suse.com
+
+- APACHE_MODULES now contains authn_core in default configuration
+  [bsc#101]
+
+---



Other differences:
--



++ sysconfig.apache2 ++
--- /var/tmp/diff_new_pack.CyZbLG/_old  2017-11-23 09:37:20.276005645 +0100
+++ /var/tmp/diff_new_pack.CyZbLG/_new  2017-11-23 09:37:20.280005499 +0100
@@ -77,7 +77,7 @@
 # apache's default installation
 # APACHE_MODULES="authz_host actions alias asis auth autoindex cgi dir imap 
include log_config mime negotiation setenvif status userdir"
 # your settings
-APACHE_MODULES="actions alias auth_basic authn_file authz_host authz_groupfile 
authz_core authz_user autoindex cgi dir env expires include log_config mime 
negotiation setenvif ssl socache_shmcb userdir reqtimeout"
+APACHE_MODULES="actions alias auth_basic authn_core authn_file authz_host 
authz_groupfile authz_core authz_user autoindex cgi dir env expires include 
log_config mime negotiation setenvif ssl socache_shmcb userdir reqtimeout"
 
 
 ## Type:   string




commit apache2 for openSUSE:Factory

2017-10-23 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2017-10-23 16:42:00

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Mon Oct 23 16:42:00 2017 rev:137 rq:535888 version:2.4.29

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2017-10-10 
11:37:51.104994283 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2017-10-23 
16:42:08.116012366 +0200
@@ -1,0 +2,35 @@
+Wed Oct 18 09:22:41 UTC 2017 - pgaj...@suse.com
+
+- updated to 2.4.29:
+  *) mod_unique_id: Use output of the PRNG rather than IP address and
+ pid, avoiding sleep() call and possible DNS issues at startup,
+ plus improving randomness for IPv6-only hosts.  [Jan Kaluza]
+  *) mod_rewrite, core: Avoid the 'Vary: Host' response header when HTTP_HOST
+ is used in a condition that evaluates to true. PR 58231 [Luca Toscano]
+  *) mod_http2: v0.10.12, removed optimization for mutex handling in bucket
+ beams that could lead to assertion failure in edge cases.
+ [Stefan Eissing]
+  *) mod_proxy: Fix regression for non decimal loadfactor parameter introduced
+ in 2.4.28.  [Jim Jagielski]
+  *) mod_authz_dbd: fix a segmentation fault if AuthzDBDQuery is not set.
+ PR 61546.  [Lubos Uhliarik ]
+  *) mod_rewrite: Add support for starting External Rewriting Programs
+ as non-root user on UNIX systems by specifying username and group
+ name as third argument of RewriteMap directive.  [Jan Kaluza]
+  *) core: Rewrite the Content-Length filter to avoid excessive memory
+ consumption. Chunked responses will be generated in more cases
+ than in previous releases.  PR 61222.  [Joe Orton, Ruediger Pluem]
+  *) mod_ssl: Fix SessionTicket callback return value, which does seem to
+ matter with OpenSSL 1.1. [Yann Ylavic]
+
+---
+Tue Oct 17 12:41:23 UTC 2017 - pgaj...@suse.com
+
+- gensslcert:
+  * set also SAN [bsc#1045159]
+  * drop -C argument, it was not mapped to CN actually
+  * consider also case when hostname does return empty string or 
+does not exist [bsc#1057406]
+  * do not consider environment ROOT variable
+
+---

Old:

  httpd-2.4.28.tar.bz2
  httpd-2.4.28.tar.bz2.asc

New:

  httpd-2.4.29.tar.bz2
  httpd-2.4.29.tar.bz2.asc



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.TcfTih/_old  2017-10-23 16:42:21.327394085 +0200
+++ /var/tmp/diff_new_pack.TcfTih/_new  2017-10-23 16:42:21.331393898 +0200
@@ -53,7 +53,7 @@
 %define mods_static unixd
 %endif
 Name:   apache2
-Version:2.4.28
+Version:2.4.29
 Release:0
 Summary:The Apache Web Server Version 2.4
 License:Apache-2.0



++ gensslcert ++
--- /var/tmp/diff_new_pack.TcfTih/_old  2017-10-23 16:42:21.987363199 +0200
+++ /var/tmp/diff_new_pack.TcfTih/_new  2017-10-23 16:42:21.987363199 +0200
@@ -16,7 +16,6 @@
 
These options are recognized:   Default:
 
-   -C  Common name "$name"
-N  comment "$comment"
-c  country (two letters, e.g. DE)  $C
-s  state   $ST
@@ -38,18 +37,23 @@
 function error { echo $RED$@$NORMAL; }
 function myexit { error something ugly seems to have happened in line $1...; 
exit $2; }
 
-r=$ROOT
-. $r/etc/sysconfig/network/config
-FQHOSTNAME=`hostname -f`
-
-fqlength=`echo $FQHOSTNAME|wc -c`
-if [ $fqlength -gt 63 ]; then
-   FQHOSTNAME=`hostname`
+hostname=/usr/bin/hostname
+FQHOSTNAME=""
+if [ -x $hostname ]; then
+FQHOSTNAME=`$hostname -f 2>/dev/null`
+# bsc#1035829
+fqlength=`echo -n $FQHOSTNAME|wc -c`
+if [ $fqlength -gt 64 ]; then
+FQHOSTNAME=`$hostname 2>/dev/null`
+fi
+fi
+# bsc#1057406
+if [ -z $FQHOSTNAME ]; then
+FQHOSTNAME='localhost'
 fi
 
 # defaults
   comment="mod_ssl server certificate"
- name=
 C=XY
ST=unknown
 L=unknown
@@ -62,7 +66,6 @@
 
 while getopts C:N:c:s:l:o:u:n:e:y:Y:dh OPT; do
 case $OPT in
-C) name=$OPTARG-;;
 N) comment=$OPTARG;;
 c) C=$OPTARG;;
 s) ST=$OPTARG;;
@@ -81,24 +84,26 @@
 
 GO_LEFT="\033[80D"
 GO_MIDDLE="$GO_LEFT\033[15C"
-for i in comment name C ST L U O CN email srvdays CAdays; do 
+for i in comment C ST L U O CN email srvdays CAdays; do 
eval "echo -e $i\"$GO_MIDDLE\" \$$i;"
 done
 
 
-openssl=$r/usr/bin/openssl
-sslcrtdir=$r/etc/apache2/ssl.crt
-sslcsrdir=$r/etc/apache2/ssl.csr
-sslkeydir=$r/etc/apache2/ssl.key
-sslprmdir=$r/etc/apache2/ssl.

commit apache2 for openSUSE:Factory

2017-10-10 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2017-10-10 11:37:47

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Tue Oct 10 11:37:47 2017 rev:136 rq:532105 version:2.4.28

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2017-07-30 
11:22:09.829557508 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2017-10-10 
11:37:51.104994283 +0200
@@ -1,0 +2,57 @@
+Fri Oct  6 07:45:55 UTC 2017 - pgaj...@suse.com
+
+- updated to 2.4.28:
+  *) SECURITY: CVE-2017-9798 (cve.mitre.org)
+ Corrupted or freed memory access.  must now be used in the
+ main configuration file (httpd.conf) to register HTTP methods before the
+ .htaccess files.  [Yann Ylavic]
+  *) event: Avoid possible blocking in the listener thread when shutting down
+ connections. PR 60956.  [Yann Ylavic]
+  *) mod_speling: Don't embed referer data in a link in error page.
+ PR 38923 [Nick Kew]
+  *) htdigest: prevent a buffer overflow when a string exceeds the allowed max
+ length in a password file.
+ [Luca Toscano, Hanno Böck ]
+  *) mod_proxy: loadfactor parameter can now be a decimal number (eg: 1.25).
+ [Jim Jagielski]
+  *) mod_proxy_wstunnel: Allow upgrade to any protocol dynamically.
+ PR 61142.
+  *) mod_watchdog/mod_proxy_hcheck: Time intervals can now be spefified
+ down to the millisecond. Supports 'mi' (minute), 'ms' (millisecond),
+ 's' (second) and 'hr' (hour!) time suffixes. [Jim Jagielski]
+  *) mod_http2: Fix for stalling when more than 32KB are written to a
+ suspended stream.  [Stefan Eissing]
+  *) build: allow configuration without APR sources.  [Jacob Champion]
+  *) mod_ssl, ab: Fix compatibility with LibreSSL.  PR 61184.
+ [Bernard Spil , Michael Schlenker ,
+  Yann Ylavic]
+  *) core/log: Support use of optional "tag" in syslog entries.
+ PR 60525. [Ben Rubson , Jim Jagielski]
+  *) mod_proxy: Fix ProxyAddHeaders merging.  [Joe Orton]
+  *) core: Disallow multiple Listen on the same IP:port when listener buckets
+ are configured (ListenCoresBucketsRatio > 0), consistently with the single
+ bucket case (default), thus avoiding the leak of the corresponding socket
+ descriptors on graceful restart.  [Yann Ylavic]
+  *) event: Avoid listener periodic wake ups by using the pollset wake-ability
+ when available.  PR 57399.  [Yann Ylavic, Luca Toscano]
+  *) mod_proxy_wstunnel: Fix detection of unresponded request which could have
+ led to spurious HTTP 502 error messages sent on upgrade connections.
+ PR 61283.  [Yann Ylavic]
+
+---
+Thu Oct  5 12:57:56 UTC 2017 - pgaj...@suse.com
+
+- suexec binary moved to main package [bsc#1054741]
+
+---
+Tue Oct  3 16:13:13 UTC 2017 - pgaj...@suse.com
+
+- do not call and do not ship apache-22-24-upgrade [bsc#1042037]
+
+---
+Mon Jul 24 15:25:09 UTC 2017 - schneem...@b1-systems.de
+
+- make the package runable on non systemd systems 
+  + deprecated-scripts-arch.patch
+
+---

Old:

  apache-22-24-upgrade
  httpd-2.4.27.tar.bz2
  httpd-2.4.27.tar.bz2.asc

New:

  apache2-init.logrotate
  deprecated-scripts-arch.patch
  httpd-2.4.28.tar.bz2
  httpd-2.4.28.tar.bz2.asc



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.d8wYIL/_old  2017-10-10 11:37:53.084907388 +0200
+++ /var/tmp/diff_new_pack.d8wYIL/_new  2017-10-10 11:37:53.088907211 +0200
@@ -53,7 +53,7 @@
 %define mods_static unixd
 %endif
 Name:   apache2
-Version:2.4.27
+Version:2.4.28
 Release:0
 Summary:The Apache Web Server Version 2.4
 License:Apache-2.0
@@ -107,7 +107,6 @@
 Source130:  apache2-vhost.template
 Source131:  apache2-vhost-ssl.template
 Source140:  apache2-check_forensic
-Source141:  apache-22-24-upgrade
 Source142:  start_apache2
 Source143:  apache2-systemd-ask-pass
 Source144:  apache2.service
@@ -115,6 +114,7 @@
 Source146:  apache2@.service
 Source147:  apache2-script-helpers
 Source148:  apache2.target
+Source149:  %{name}-init.logrotate
 Patch2: httpd-2.1.3alpha-layout.dif
 Patch23:httpd-apachectl.patch
 Patch66:httpd-2.0.54-envvars.dif
@@ -127,6 +127,7 @@
 Patch111:   httpd-visibility.patch
 # PATCH-FEATURE-UPSTREAM kstreit...@suse.com -- backport of 
HttpContentLengthHeadZero and HttpExpectStrict
 Patch115:   httpd-2.

commit apache2 for openSUSE:Factory

2017-07-30 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2017-07-30 11:22:08

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Sun Jul 30 11:22:08 2017 rev:135 rq:510917 version:2.4.27

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2017-06-21 
13:52:49.768289620 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2017-07-30 
11:22:09.829557508 +0200
@@ -1,0 +2,34 @@
+Mon Jul 17 09:30:36 UTC 2017 - pgaj...@suse.com
+
+- updated to 2.4.27:
+  *) COMPATIBILITY: mod_lua: Remove the undocumented exported 'apr_table'
+ global variable when using Lua 5.2 or later. This was exported as a
+ side effect from luaL_register, which is no longer supported as of
+ Lua 5.2 which deprecates pollution of the global namespace.
+ [Rainer Jung]
+  *) COMPATIBILITY: mod_http2: Disable and give warning when using Prefork.
+ The server will continue to run, but HTTP/2 will no longer be negotiated.
+ [Stefan Eissing]
+  *) COMPATIBILITY: mod_proxy_fcgi: Revert to 2.4.20 FCGI behavior for the
+ default ProxyFCGIBackendType, fixing a regression with PHP-FPM. PR 61202.
+ [Jacob Champion, Jim Jagielski]
+  *) mod_lua: Improve compatibility with Lua 5.1, 5.2 and 5.3.
+ PR58188, PR60831, PR61245. [Rainer Jung]
+  *) mod_http2: Simplify ready queue, less memory and better performance. 
Update
+ mod_http2 version to 1.10.7. [Stefan Eissing]
+  *) Allow single-char field names inadvertantly disallowed in 2.4.25.
+ PR 61220. [Yann Ylavic]
+  *) htpasswd / htdigest: Do not apply the strict permissions of the temporary
+ passwd file to a possibly existing passwd file. PR 61240. [Ruediger Pluem]
+  *) core: Avoid duplicate HEAD in Allow header.
+ This is a regression in 2.4.24 (unreleased), 2.4.25 and 2.4.26.
+ PR 61207. [Christophe Jaillet]
+- drop upstreamed patch: 
+  * httpd-2.4.12-lua-5.2.patch (see upstream's PR#58188 for details)
+
+---
+Wed Jul 12 06:37:57 UTC 2017 - mplus...@suse.com
+
+- Adjust dependencies for rename apr/apr-util packages
+
+---

Old:

  httpd-2.4.12-lua-5.2.patch
  httpd-2.4.26.tar.bz2
  httpd-2.4.26.tar.bz2.asc

New:

  httpd-2.4.27.tar.bz2
  httpd-2.4.27.tar.bz2.asc



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.HFBE0k/_old  2017-07-30 11:22:12.797138757 +0200
+++ /var/tmp/diff_new_pack.HFBE0k/_new  2017-07-30 11:22:12.805137628 +0200
@@ -53,7 +53,7 @@
 %define mods_static unixd
 %endif
 Name:   apache2
-Version:2.4.26
+Version:2.4.27
 Release:0
 Summary:The Apache Web Server Version 2.4
 License:Apache-2.0
@@ -125,17 +125,15 @@
 # PATCH-FEATURE-UPSTREAM httpd-2.4.3-mod_systemd.patch 
crrodrig...@opensuse.org simple module provides systemd integration.
 Patch109:   httpd-2.4.3-mod_systemd.patch
 Patch111:   httpd-visibility.patch
-# PATCH-FIX-UPSTREAM marguer...@opensuse.org -- compability for lua 5.2+ 
https://bz.apache.org/bugzilla/show_bug.cgi?id=58188
-Patch114:   httpd-2.4.12-lua-5.2.patch
 # PATCH-FEATURE-UPSTREAM kstreit...@suse.com -- backport of 
HttpContentLengthHeadZero and HttpExpectStrict
 Patch115:   httpd-2.4.x-fate317766-config-control-two-protocol-options.diff
 BuildRequires:  apache-rpm-macros-control
+BuildRequires:  apr-util-devel
 BuildRequires:  automake
 BuildRequires:  db-devel
 BuildRequires:  ed
-BuildRequires:  libapr-util1-devel
 #Since 2.4.7 the event MPM requires apr 1.5.0 or later.
-BuildRequires:  libapr1-devel >= 1.5.0
+BuildRequires:  apr-devel >= 1.5.0
 BuildRequires:  libcap-devel
 #for mod_proxy_html and mod_xml2enc
 BuildRequires:  libxml2-devel
@@ -267,9 +265,9 @@
 Requires:   %{name}-MPM
 Requires:   apache-rpm-macros-control
 Requires:   apache2-prefork
+Requires:   apr-devel
+Requires:   apr-util-devel
 Requires:   gcc
-Requires:   libapr-util1-devel
-Requires:   libapr1-devel
 
 %description devel
 This package contains header files and include files that are needed
@@ -316,7 +314,6 @@
 %patch109 -p1
 %endif
 %patch111 -p1
-%patch114 -p1
 %patch115 -p1
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs



++ httpd-2.4.26.tar.bz2 -> httpd-2.4.27.tar.bz2 ++
/work/SRC/openSUSE:Factory/apache2/httpd-2.4.26.tar.bz2 
/work/SRC/openSUSE:Factory/.apache2.new/httpd-2.4.27.tar.bz2 differ: char 11, 
line 1




commit apache2 for openSUSE:Factory

2017-06-21 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2017-06-21 13:52:48

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Wed Jun 21 13:52:48 2017 rev:134 rq:505095 version:2.4.26

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2017-06-05 
18:48:52.793584240 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2017-06-21 
13:52:49.768289620 +0200
@@ -1,0 +2,19 @@
+Tue Jun 20 13:57:18 UTC 2017 - pgaj...@suse.com
+
+-  remove /usr/bin/http2 symlink only during apache2 package
+  uninstall, not upgrade [bsc#1041830]
+
+---
+Mon Jun 19 08:15:40 UTC 2017 - pgaj...@suse.com
+
+- updated to 2.4.26: This release of Apache is a security, feature, 
+  and bug fix release. For details, see
+  http://httpd.apache.org/dev/dist/CHANGES_2.4.26
+- refreshed patches:
+  . httpd-2.4.12-lua-5.2.patch
+  . httpd-2.4.x-fate317766-config-control-two-protocol-options.diff
+- removed patches (upstreamed)
+  . httpd-cache-forward-http-proxy.patch
+  . httpd-cache-revert-svn1773397.patch
+
+---

Old:

  httpd-2.4.25.tar.bz2
  httpd-2.4.25.tar.bz2.asc
  httpd-cache-forward-http-proxy.patch
  httpd-cache-revert-svn1773397.patch

New:

  httpd-2.4.26.tar.bz2
  httpd-2.4.26.tar.bz2.asc



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.VaZnn8/_old  2017-06-21 13:52:52.183948867 +0200
+++ /var/tmp/diff_new_pack.VaZnn8/_new  2017-06-21 13:52:52.191947738 +0200
@@ -53,7 +53,7 @@
 %define mods_static unixd
 %endif
 Name:   apache2
-Version:2.4.25
+Version:2.4.26
 Release:0
 Summary:The Apache Web Server Version 2.4
 License:Apache-2.0
@@ -129,10 +129,6 @@
 Patch114:   httpd-2.4.12-lua-5.2.patch
 # PATCH-FEATURE-UPSTREAM kstreit...@suse.com -- backport of 
HttpContentLengthHeadZero and HttpExpectStrict
 Patch115:   httpd-2.4.x-fate317766-config-control-two-protocol-options.diff
-# https://bz.apache.org/bugzilla/show_bug.cgi?id=60577 comment 5
-Patch116:   httpd-cache-forward-http-proxy.patch
-# http://svn.apache.org/viewvc?view=revision&revision=1781324
-Patch117:   httpd-cache-revert-svn1773397.patch
 BuildRequires:  apache-rpm-macros-control
 BuildRequires:  automake
 BuildRequires:  db-devel
@@ -322,8 +318,6 @@
 %patch111 -p1
 %patch114 -p1
 %patch115 -p1
-%patch116 -p0
-%patch117 -p1
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{SOURCE22})
@@ -1380,11 +1374,14 @@
 %if 0%{?suse_version} >= 1210
 %service_del_preun apache2.target
 %endif
-for i in %{_sbindir}/httpd \
+# removing the symlink in case of uninstall (not upgrade) [bsc#1041830]
+if [ $1 -eq 0 ]; then
+  for i in %{_sbindir}/httpd \
 %{installbuilddir}/config_vars.mk
-do
+  do
test -L $i && rm $i
-done
+  done
+fi
 exit 0
 
 %postun



++ httpd-2.4.12-lua-5.2.patch ++
--- /var/tmp/diff_new_pack.VaZnn8/_old  2017-06-21 13:52:52.987835470 +0200
+++ /var/tmp/diff_new_pack.VaZnn8/_new  2017-06-21 13:52:52.987835470 +0200
@@ -1,8 +1,8 @@
-Index: httpd-2.4.16/modules/lua/mod_lua.c
+Index: httpd-2.4.26/modules/lua/mod_lua.c
 ===
 httpd-2.4.16.orig/modules/lua/mod_lua.c
-+++ httpd-2.4.16/modules/lua/mod_lua.c
-@@ -1078,7 +1078,11 @@ static const char *register_named_block_
+--- httpd-2.4.26.orig/modules/lua/mod_lua.c2017-03-01 17:54:35.0 
+0100
 httpd-2.4.26/modules/lua/mod_lua.c 2017-06-19 10:04:42.413328131 +0200
+@@ -1086,7 +1086,11 @@ static const char *register_named_block_
  lua_dump(lvm, ldump_writer, &b);
  #endif
  luaL_pushresult(&b);
@@ -14,10 +14,10 @@
  spec->bytecode = apr_pstrmemdup(cmd->pool, lua_tostring(lvm, -1),
  spec->bytecode_len);
  lua_close(lvm);
-Index: httpd-2.4.16/modules/lua/lua_apr.c
+Index: httpd-2.4.26/modules/lua/lua_apr.c
 ===
 httpd-2.4.16.orig/modules/lua/lua_apr.c
-+++ httpd-2.4.16/modules/lua/lua_apr.c
+--- httpd-2.4.26.orig/modules/lua/lua_apr.c2014-09-05 16:20:27.0 
+0200
 httpd-2.4.26/modules/lua/lua_apr.c 2017-06-19 10:04:42.413328131 +0200
 @@ -82,7 +82,11 @@ static const luaL_Reg lua_table_methods[
  int ap_lua_init(lua_State *L, apr_pool_t *p)
  {
@@ -30,11 +30,11 @@
  lua_pushstring(L, "__index");
  lua_pushstring(L, "get");
  lua_gettable(L, 2);
-Index: httpd-2.4.16/modules/lua/lua_config.c
+

commit apache2 for openSUSE:Factory

2017-06-05 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2017-06-05 18:48:46

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Mon Jun  5 18:48:46 2017 rev:133 rq:500571 version:2.4.25

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2017-03-29 
13:21:44.836416945 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2017-06-05 
18:48:52.793584240 +0200
@@ -1,0 +2,12 @@
+Fri Jun  2 07:36:43 UTC 2017 - pgaj...@suse.com
+
+- server-tunning.conf: MaxClients was renamed to MaxRequestWorkers
+  [bsc#1037731]
+- gensslcert: use hostname when fqdn is too long [bsc#1035829]
+
+---
+Fri May 19 09:01:33 UTC 2017 - pgaj...@suse.com
+
+- remove apache-doc and apache-example-pages obsoletes/provides
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.f37bwE/_old  2017-06-05 18:48:54.613327746 +0200
+++ /var/tmp/diff_new_pack.f37bwE/_new  2017-06-05 18:48:54.617327182 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package apache2
 #
-# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -282,9 +282,6 @@
 %package doc
 Summary:Additional Package Documentation
 Group:  Documentation/Other
-# Remove after 13.2 is out of support scope
-Provides:   apache-doc = %{version}
-Obsoletes:  apache-doc < %{version}
 %if 0%{?suse_version} >= 1120
 BuildArch:  noarch
 %endif
@@ -296,9 +293,6 @@
 %package example-pages
 Summary:Example Pages for the Apache 2 Web Server
 Group:  Productivity/Networking/Web/Servers
-# Remove after 13.2 is out of support scope
-Provides:   apache-example-pages
-Obsoletes:  apache-example-pages
 
 %description example-pages
 Some Example pages for Apache that show information about the installed

++ apache2-server-tuning.conf ++
--- /var/tmp/diff_new_pack.f37bwE/_old  2017-06-05 18:48:55.145252770 +0200
+++ /var/tmp/diff_new_pack.f37bwE/_new  2017-06-05 18:48:55.149252206 +0200
@@ -18,12 +18,12 @@
# maximum number of server processes which are kept spare
# http://httpd.apache.org/docs/2.4/mod/prefork.html#maxspareservers
MaxSpareServers 10
-   # highest possible MaxClients setting for the lifetime of the Apache 
process.
+   # highest possible MaxRequestWorkers setting for the lifetime of the 
Apache process.
# http://httpd.apache.org/docs/2.4/mod/mpm_common.html#serverlimit
ServerLimit150
-   # maximum number of server processes allowed to start
-   # http://httpd.apache.org/docs/2.4/mod/mpm_common.html#maxclients
-   MaxClients 150
+   # maximum number of server processes allowed to start (formerly 
MaxClients)
+   # http://httpd.apache.org/docs/2.4/mod/mpm_common.html#maxrequestworkers
+   MaxRequestWorkers 150
# maximum number of requests a server process serves
# 
http://httpd.apache.org/docs/2.4/mod/mpm_common.html#maxrequestsperchild
MaxRequestsPerChild  1
@@ -43,9 +43,9 @@
# upper limit on the configurable number of threads per child process
# http://httpd.apache.org/docs/2.4/mod/mpm_common.html#threadlimit
ThreadLimit 64
-   # maximum number of simultaneous client connections
-   # http://httpd.apache.org/docs/2.4/mod/mpm_common.html#maxclients
-   MaxClients 150
+   # maximum number of simultaneous client connections (formerly 
MaxClients)
+   # http://httpd.apache.org/docs/2.4/mod/mpm_common.html#maxrequestworkers
+   MaxRequestWorkers 150
# number of worker threads created by each child process
# http://httpd.apache.org/docs/2.4/mod/mpm_common.html#threadsperchild
ThreadsPerChild 25
@@ -54,23 +54,6 @@
MaxRequestsPerChild  1
 
 
-# leader MPM
-
-   # initial number of server processes to start
-   StartServers 2
-   # minimum number of worker threads which are kept spare
-   MinSpareThreads 25
-   # maximum number of worker threads which are kept spare
-   MaxSpareThreads 75 
-   # maximum number of simultaneous client connections
-   MaxClients 150
-   # constant number of worker threads in each server process
-   ThreadsPerChild 25
-   # maximum number o

commit apache2 for openSUSE:Factory

2017-03-29 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2017-03-29 13:21:41

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Wed Mar 29 13:21:41 2017 rev:132 rq:481459 version:2.4.25

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2017-03-10 
21:45:09.300241941 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2017-03-29 
13:21:44.836416945 +0200
@@ -1,0 +2,5 @@
+Thu Mar 16 18:59:58 UTC 2017 - ku...@suse.com
+
+- PreRequire user wwwrun and group www
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.NKBUFn/_old  2017-03-29 13:21:46.580170339 +0200
+++ /var/tmp/diff_new_pack.NKBUFn/_new  2017-03-29 13:21:46.584169773 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package apache2
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -164,6 +164,10 @@
 Requires(post): pwdutils
 Requires(post): sed
 Requires(post): textutils
+%if 0%{?suse_version} > 1320
+Requires(pre):  user(wwwrun)
+Requires(pre):  group(www)
+%endif
 Suggests:   apache2-%{default_mpm}
 Provides:   %{apache_mmn}
 Provides:   %{name}-mod_macro = %{version}
@@ -277,8 +281,8 @@
 
 %package doc
 Summary:Additional Package Documentation
-# Remove after 13.2 is out of support scope
 Group:  Documentation/Other
+# Remove after 13.2 is out of support scope
 Provides:   apache-doc = %{version}
 Obsoletes:  apache-doc < %{version}
 %if 0%{?suse_version} >= 1120
@@ -291,8 +295,8 @@
 
 %package example-pages
 Summary:Example Pages for the Apache 2 Web Server
-# Remove after 13.2 is out of support scope
 Group:  Productivity/Networking/Web/Servers
+# Remove after 13.2 is out of support scope
 Provides:   apache-example-pages
 Obsoletes:  apache-example-pages
 







commit apache2 for openSUSE:Factory

2017-03-10 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2017-03-10 21:45:08

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Fri Mar 10 21:45:08 2017 rev:131 rq:477566 version:2.4.25

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2017-02-26 
17:02:17.419299372 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2017-03-10 
21:45:09.300241941 +0100
@@ -1,0 +2,7 @@
+Tue Mar  7 15:14:29 UTC 2017 - pgaj...@suse.com
+
+- start_apache2: include individual sysconfig.d files instead of
+  sysconfig.d dir, include sysconfig.d/include.conf after httpd.conf
+  is processed [bsc#1023616]
+
+---



Other differences:
--



++ start_apache2 ++
--- /var/tmp/diff_new_pack.1VW0ji/_old  2017-03-10 21:45:11.675904990 +0100
+++ /var/tmp/diff_new_pack.1VW0ji/_new  2017-03-10 21:45:11.675904990 +0100
@@ -157,9 +157,12 @@
 # run Apache
 #
 
-exec $apache_bin -f $httpd_conf $server_flags \
+exec $apache_bin $server_flags \
 -C "PidFile $pid_file" \
--C "Include $sysconfd_dir" \
+-C "Include $sysconfd_dir/loadmodule.conf" \
+-C "Include $sysconfd_dir/global.conf" \
+-f $httpd_conf \
+-c "Include $sysconfd_dir/include.conf" \
 "${sysconfig_setting[@]}" \
 $@
 




commit apache2 for openSUSE:Factory

2017-02-26 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2017-02-26 17:02:16

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2017-02-22 
13:52:36.116279612 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2017-02-26 
17:02:17.419299372 +0100
@@ -1,0 +2,6 @@
+Thu Feb 23 14:12:48 UTC 2017 - pgaj...@suse.com
+
+- revert an attempt to fix PR 60458
+  + httpd-cache-revert-svn1773397.patch
+
+---

New:

  httpd-cache-revert-svn1773397.patch



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.vP9QZK/_old  2017-02-26 17:02:21.726646019 +0100
+++ /var/tmp/diff_new_pack.vP9QZK/_new  2017-02-26 17:02:21.730645412 +0100
@@ -131,6 +131,8 @@
 Patch115:   httpd-2.4.x-fate317766-config-control-two-protocol-options.diff
 # https://bz.apache.org/bugzilla/show_bug.cgi?id=60577 comment 5
 Patch116:   httpd-cache-forward-http-proxy.patch
+# http://svn.apache.org/viewvc?view=revision&revision=1781324
+Patch117:   httpd-cache-revert-svn1773397.patch
 BuildRequires:  apache-rpm-macros-control
 BuildRequires:  automake
 BuildRequires:  db-devel
@@ -323,6 +325,7 @@
 %patch114 -p1
 %patch115 -p1
 %patch116 -p0
+%patch117 -p1
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{SOURCE22})




++ httpd-cache-revert-svn1773397.patch ++
Index: httpd-2.4.25/modules/proxy/mod_proxy.c
===
--- httpd-2.4.25.orig/modules/proxy/mod_proxy.c 2016-12-12 16:20:04.0 
+0100
+++ httpd-2.4.25/modules/proxy/mod_proxy.c  2017-02-23 15:02:21.509606618 
+0100
@@ -771,29 +771,18 @@ static int proxy_trans(request_rec *r)
  */
 
 dconf = ap_get_module_config(r->per_dir_config, &proxy_module);
-conf = (proxy_server_conf *) ap_get_module_config(r->server->module_config,
-  &proxy_module);
+
 /* short way - this location is reverse proxied? */
 if (dconf->alias) {
 int rv = ap_proxy_trans_match(r, dconf->alias, dconf);
-if (OK == rv) { 
-/* Got a hit. Need to make sure it's not explicitly declined */
-if (conf->aliases->nelts) {
-ent = (struct proxy_alias *) conf->aliases->elts;
-for (i = 0; i < conf->aliases->nelts; i++) {
-int rv = ap_proxy_trans_match(r, &ent[i], dconf);
-if (DECLINED == rv) { 
-return DECLINED;
-}
-}
-}
-return OK; 
-}
 if (DONE != rv) {
 return rv;
 }
 }
 
+conf = (proxy_server_conf *) ap_get_module_config(r->server->module_config,
+  &proxy_module);
+
 /* long way - walk the list of aliases, find a match */
 if (conf->aliases->nelts) {
 ent = (struct proxy_alias *) conf->aliases->elts;



commit apache2 for openSUSE:Factory

2017-02-22 Thread root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2017-02-22 13:52:34

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2017-01-15 
11:02:57.550888222 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2017-02-22 
13:52:36.116279612 +0100
@@ -1,0 +2,11 @@
+Tue Feb 21 07:22:19 UTC 2017 - pgaj...@suse.com
+
+- fix caching of forward proxy
+  + httpd-cache-forward-http-proxy.patch
+
+---
+Sat Feb 18 17:49:58 UTC 2017 - ku...@suse.com
+
+- Don't require insserv if we don't need it.
+
+---

New:

  httpd-cache-forward-http-proxy.patch



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.PfF2UT/_old  2017-02-22 13:52:37.960017225 +0100
+++ /var/tmp/diff_new_pack.PfF2UT/_new  2017-02-22 13:52:37.964016656 +0100
@@ -129,6 +129,8 @@
 Patch114:   httpd-2.4.12-lua-5.2.patch
 # PATCH-FEATURE-UPSTREAM kstreit...@suse.com -- backport of 
HttpContentLengthHeadZero and HttpExpectStrict
 Patch115:   httpd-2.4.x-fate317766-config-control-two-protocol-options.diff
+# https://bz.apache.org/bugzilla/show_bug.cgi?id=60577 comment 5
+Patch116:   httpd-cache-forward-http-proxy.patch
 BuildRequires:  apache-rpm-macros-control
 BuildRequires:  automake
 BuildRequires:  db-devel
@@ -149,7 +151,10 @@
 Requires:   %{_sysconfdir}/mime.types
 Requires:   %{name}-MPM
 Requires:   logrotate
-Requires(post): %insserv_prereq %fillup_prereq
+%if 0%{?suse_version} < 1210
+Requires(post): %insserv_prereq
+%endif
+Requires(post): %fillup_prereq
 Requires(post): %{name}-utils
 Requires(post): fileutils
 Requires(post): grep
@@ -317,6 +322,7 @@
 %patch111 -p1
 %patch114 -p1
 %patch115 -p1
+%patch116 -p0
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{SOURCE22})




++ httpd-cache-forward-http-proxy.patch ++
https://bz.apache.org/bugzilla/show_bug.cgi?id=60577 comment 5
--- modules/cache/cache_storage.c   (revision 1783795)
+++ modules/cache/cache_storage.c   (working copy)
@@ -427,7 +427,7 @@ int cache_select(cache_request_rec *cache, request
 }
 
 static apr_status_t cache_canonicalise_key(request_rec *r, apr_pool_t* p,
-   const char *uri, const char *query,
+   const char *path, const char *query,
apr_uri_t *parsed_uri,
const char **key)
 {
@@ -435,8 +435,8 @@ static apr_status_t cache_canonicalise_key(request
 char *port_str, *hn, *lcs;
 const char *hostname, *scheme;
 int i;
-const char *path;
-char *querystring;
+const char *kpath;
+const char *kquery;
 
 if (*key) {
 /*
@@ -564,8 +564,8 @@ static apr_status_t cache_canonicalise_key(request
  * Check if we need to ignore session identifiers in the URL and do so
  * if needed.
  */
-path = uri;
-querystring = apr_pstrdup(p, query ? query : parsed_uri->query);
+kpath = path;
+kquery = conf->ignorequerystring ? NULL : query;
 if (conf->ignore_session_id->nelts) {
 int i;
 char **identifier;
@@ -580,24 +580,23 @@ static apr_status_t cache_canonicalise_key(request
  * Check that we have a parameter separator in the last segment
  * of the path and that the parameter matches our identifier
  */
-if ((param = ap_strrchr_c(path, ';'))
+if ((param = ap_strrchr_c(kpath, ';'))
 && !strncmp(param + 1, *identifier, len)
 && (*(param + len + 1) == '=')
 && !ap_strchr_c(param + len + 2, '/')) {
-path = apr_pstrmemdup(p, path, param - path);
+kpath = apr_pstrmemdup(p, kpath, param - kpath);
 continue;
 }
 /*
- * Check if the identifier is in the querystring and cut it out.
+ * Check if the identifier is in the query string and cut it out.
  */
-if (querystring && *querystring) {
+if (kquery && *kquery) {
 /*
  * First check if the identifier is at the beginning of the
- * querystring and followed by a '='
+ * query string and followed by a '='
  */
-if (!strncmp(querystring, *identifier, len)
-&& (*(querystring + 

commit apache2 for openSUSE:Factory

2016-09-25 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2016-09-25 14:28:35

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2016-08-16 
13:03:02.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2016-09-25 
14:28:37.0 +0200
@@ -1,0 +2,5 @@
+Tue Sep 13 06:39:50 UTC 2016 - pgaj...@suse.com
+
+- add NotifyAccess=all to service file [bsc#980663]
+
+---



Other differences:
--

++ apache2.service ++
--- /var/tmp/diff_new_pack.7zp0zK/_old  2016-09-25 14:28:39.0 +0200
+++ /var/tmp/diff_new_pack.7zp0zK/_new  2016-09-25 14:28:39.0 +0200
@@ -12,6 +12,7 @@
 ExecStop=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful-stop
 KillMode=mixed
 TasksMax=infinity
+NotifyAccess=all
 
 [Install]
 WantedBy=multi-user.target

++ apache2@.service ++
--- /var/tmp/diff_new_pack.7zp0zK/_old  2016-09-25 14:28:39.0 +0200
+++ /var/tmp/diff_new_pack.7zp0zK/_new  2016-09-25 14:28:39.0 +0200
@@ -13,6 +13,7 @@
 ExecStop=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful-stop
 KillMode=mixed
 TasksMax=infinity
+NotifyAccess=all
 
 [Install]
 WantedBy=multi-user.target





commit apache2 for openSUSE:Factory

2016-08-16 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2016-08-16 13:03:00

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2016-07-18 
21:23:06.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2016-08-16 
13:03:02.0 +0200
@@ -1,0 +2,11 @@
+Fri Aug  5 11:36:28 UTC 2016 - tchva...@suse.com
+
+- Remove the omc xml config. It is useless nowdays
+
+---
+Fri Aug  5 09:15:11 UTC 2016 - pgaj...@suse.com
+
+- readd the support of multiple entries in APACHE_ACCESS_LOG 
+  [bsc#991032]
+
+---
@@ -20,0 +32,6 @@
+
+---
+Wed Jul  6 06:29:57 UTC 2016 - f...@suse.com
+
+- Remove pkgconfig(libsystemd-daemon). Nowadays pkgconfig(libsystemd)
+  is enough and replaces all libsystemd-* libs which are obsolete.

Old:

  apache2.xml



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.Hejesn/_old  2016-08-16 13:03:06.0 +0200
+++ /var/tmp/diff_new_pack.Hejesn/_new  2016-08-16 13:03:06.0 +0200
@@ -80,7 +80,6 @@
 Source45:   sysconf_addword
 Source46:   a2enflag
 Source47:   a2enmod
-Source48:   apache2.xml
 Source49:   apache2.firewall
 Source50:   apache2.ssl-firewall
 Source100:  apache2-httpd.conf
@@ -169,7 +168,7 @@
 %{?systemd_requires}
 %if 0%{?suse_version} >= 1210
 BuildRequires:  pkgconfig
-BuildRequires:  pkgconfig(libsystemd-daemon)
+BuildRequires:  pkgconfig(libsystemd)
 BuildRequires:  pkgconfig(systemd)
 %endif
 %if 0%{?suse_version} > 1320
@@ -525,10 +524,6 @@
 install -m 755 $RPM_SOURCE_DIR/apache2-check_forensic 
%{buildroot}/%{_bindir}/check_forensic
 install -m 755 $RPM_SOURCE_DIR/apache2-find-directives %{buildroot}/%{_bindir}/
 #
-# xml stuff
-install -d %{buildroot}%{_datadir}/omc/svcinfo.d/
-install -m 644 %{SOURCE48} %{buildroot}%{_datadir}/omc/svcinfo.d/
-#
 # ssl stuff
 install -m 755 %{SOURCE25} %{buildroot}/%{_bindir}/
 tar xjf %{SOURCE29} -C %{buildroot}/%{sysconfdir}
@@ -794,7 +789,6 @@
 %dir %{sysconfdir}/conf.d
 %dir %{sysconfdir}/vhosts.d
 %config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
-%{_datadir}/omc/svcinfo.d/apache2.xml
 %if 0%{?suse_version} >= 1210
 %{_unitdir}/apache2.service
 %{_unitdir}/apache2@.service



++ start_apache2 ++
--- /var/tmp/diff_new_pack.Hejesn/_old  2016-08-16 13:03:06.0 +0200
+++ /var/tmp/diff_new_pack.Hejesn/_new  2016-08-16 13:03:06.0 +0200
@@ -91,7 +91,7 @@
 done
 # APACHE_ACCESS_LOG -> global.conf
 if [ -n "$APACHE_ACCESS_LOG" ]; then
-echo "CustomLog $APACHE_ACCESS_LOG" >> ${sysconfd_dir}/global.conf
+echo "CustomLog $APACHE_ACCESS_LOG" | sed 's:,:\nCustomLog :' >> 
${sysconfd_dir}/global.conf
 fi
 # APACHE_CONF_INCLUDE_FILES -> include.conf
 for file in $APACHE_CONF_INCLUDE_FILES; do




commit apache2 for openSUSE:Factory

2016-07-18 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2016-07-18 21:23:04

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2016-06-03 
16:35:24.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2016-07-18 
21:23:06.0 +0200
@@ -1,0 +2,21 @@
+Tue Jul 12 14:49:09 UTC 2016 - kstreit...@suse.com
+
+- add httpd-2.4.x-fate317766-config-control-two-protocol-options.diff
+  Introduces directives to control two protocol options:
+   * HttpContentLengthHeadZero - allow Content-Length of 0 to be
+ returned on HEAD
+   * HttpExpectStrict - allow admin to control whether we must 
+ see "100-continue"
+  [bsc#894225], [fate#317766]
+
+---
+Wed Jul  6 16:16:57 UTC 2016 - crrodrig...@opensuse.org
+
+- version 2.4.23 
+*  Fixes CVE-2016-4979 [bsc#987365]
+* mod_proxy_hcheck was missing due to upstream bug.
+* mod_proxy_fdpass needs explicit configure line now.
+* Full list of changes:
+  http://www-eu.apache.org/dist//httpd/CHANGES_2.4.23
+
+---

Old:

  httpd-2.4.20.tar.bz2

New:

  httpd-2.4.23.tar.bz2
  httpd-2.4.x-fate317766-config-control-two-protocol-options.diff



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.3wqG5t/_old  2016-07-18 21:23:08.0 +0200
+++ /var/tmp/diff_new_pack.3wqG5t/_new  2016-07-18 21:23:08.0 +0200
@@ -51,7 +51,7 @@
 %endif
 
 Name:   apache2
-Version:2.4.20
+Version:2.4.23
 Release:0
 Summary:The Apache Web Server Version 2.4
 License:Apache-2.0
@@ -124,6 +124,8 @@
 Patch111:   httpd-visibility.patch
 # PATCH-FIX-UPSTREAM marguer...@opensuse.org -- compability for lua 5.2+ 
https://bz.apache.org/bugzilla/show_bug.cgi?id=58188
 Patch114:   httpd-2.4.12-lua-5.2.patch
+# PATCH-FEATURE-UPSTREAM kstreit...@suse.com -- backport of 
HttpContentLengthHeadZero and HttpExpectStrict
+Patch115:   httpd-2.4.x-fate317766-config-control-two-protocol-options.diff
 BuildRequires:  apache-rpm-macros-control
 BuildRequires:  automake
 BuildRequires:  db-devel
@@ -311,6 +313,7 @@
 %endif
 %patch111 -p1
 %patch114 -p1
+%patch115
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{SOURCE22})
@@ -379,6 +382,7 @@
--enable-proxy-connect \
--enable-proxy-ftp \
--enable-proxy-http \
+   --enable-proxy-fdpass \
--enable-cache \
--enable-disk-cache \
--enable-mem-cache \
@@ -916,6 +920,7 @@
 %{_libdir}/%{name}-prefork/mod_proxy_fcgi.so
 %{_libdir}/%{name}-prefork/mod_proxy_fdpass.so
 %{_libdir}/%{name}-prefork/mod_proxy_ftp.so
+%{_libdir}/%{name}-prefork/mod_proxy_hcheck.so
 %{_libdir}/%{name}-prefork/mod_proxy_html.so
 %{_libdir}/%{name}-prefork/mod_proxy_http.so
 %{_libdir}/%{name}-prefork/mod_proxy_scgi.so
@@ -1040,6 +1045,7 @@
 %{_libdir}/%{name}-worker/mod_proxy_fcgi.so
 %{_libdir}/%{name}-worker/mod_proxy_fdpass.so
 %{_libdir}/%{name}-worker/mod_proxy_ftp.so
+%{_libdir}/%{name}-worker/mod_proxy_hcheck.so
 %{_libdir}/%{name}-worker/mod_proxy_html.so
 %{_libdir}/%{name}-worker/mod_proxy_http.so
 %{_libdir}/%{name}-worker/mod_proxy_scgi.so
@@ -1164,6 +1170,7 @@
 %{_libdir}/%{name}-event/mod_proxy_fcgi.so
 %{_libdir}/%{name}-event/mod_proxy_fdpass.so
 %{_libdir}/%{name}-event/mod_proxy_ftp.so
+%{_libdir}/%{name}-event/mod_proxy_hcheck.so
 %{_libdir}/%{name}-event/mod_proxy_html.so
 %{_libdir}/%{name}-event/mod_proxy_http.so
 %{_libdir}/%{name}-event/mod_proxy_scgi.so




++ httpd-2.4.20.tar.bz2 -> httpd-2.4.23.tar.bz2 ++
/work/SRC/openSUSE:Factory/apache2/httpd-2.4.20.tar.bz2 
/work/SRC/openSUSE:Factory/.apache2.new/httpd-2.4.23.tar.bz2 differ: char 11, 
line 1

++ httpd-2.4.x-fate317766-config-control-two-protocol-options.diff ++
>From 530b5797af919d6d7ab7d6418d9feeb1abb914ae Mon Sep 17 00:00:00 2001
From: Justin Erenkrantz 
Date: Mon, 30 Dec 2013 20:01:14 +
Subject: [PATCH] Add directives to control two protocol options:

 HttpContentLengthHeadZero - allow Content-Length of 0 to be returned on HEAD
 HttpExpectStrict - allow admin to control whether we must see "100-continue"

This is helpful when using Ceph's radosgw and httpd.

Inspired by: Yehuda Sadeh 
See https://github.com/ceph/apache2/commits/precise

* include/http_core.h
  (core_server_config): Add http_cl_head_zero and http_expect_strict fields.
* modules/http/http_filters.c
  (ap_http_header_filte

commit apache2 for openSUSE:Factory

2016-06-03 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2016-06-03 16:35:23

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2016-05-20 
11:54:55.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2016-06-03 
16:35:24.0 +0200
@@ -1,0 +2,11 @@
+Thu May 26 08:13:16 UTC 2016 - pgaj...@suse.com
+
+- remove Alias= from [Install] of the template service 
+  [bsc#981541c#10]
+
+---
+Wed May 18 06:30:34 UTC 2016 - pgaj...@suse.com
+
+- remove unneded httpd-2.4.17-debug-crash.patch
+
+---

Old:

  httpd-2.4.17-debug-crash.patch



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.OcAxL0/_old  2016-06-03 16:35:31.0 +0200
+++ /var/tmp/diff_new_pack.OcAxL0/_new  2016-06-03 16:35:31.0 +0200
@@ -124,8 +124,6 @@
 Patch111:   httpd-visibility.patch
 # PATCH-FIX-UPSTREAM marguer...@opensuse.org -- compability for lua 5.2+ 
https://bz.apache.org/bugzilla/show_bug.cgi?id=58188
 Patch114:   httpd-2.4.12-lua-5.2.patch
-# http://svn.apache.org/viewvc?view=revision&revision=1711479
-Patch115:   httpd-2.4.17-debug-crash.patch
 BuildRequires:  apache-rpm-macros-control
 BuildRequires:  automake
 BuildRequires:  db-devel
@@ -313,7 +311,6 @@
 %endif
 %patch111 -p1
 %patch114 -p1
-%patch115 -p1
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{SOURCE22})



++ apache2@.service ++
--- /var/tmp/diff_new_pack.OcAxL0/_old  2016-06-03 16:35:31.0 +0200
+++ /var/tmp/diff_new_pack.OcAxL0/_new  2016-06-03 16:35:31.0 +0200
@@ -16,5 +16,4 @@
 
 [Install]
 WantedBy=multi-user.target
-Alias=httpd@.service apache@.service
 





commit apache2 for openSUSE:Factory

2016-05-20 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2016-05-20 11:54:53

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2016-05-10 
09:25:15.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2016-05-20 
11:54:55.0 +0200
@@ -1,0 +2,5 @@
+Mon May  9 13:57:54 UTC 2016 - pgaj...@suse.com
+
+- start apache services after remote-fs [bsc#978543]
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.yrTHQ1/_old  2016-05-20 11:54:56.0 +0200
+++ /var/tmp/diff_new_pack.yrTHQ1/_new  2016-05-20 11:54:56.0 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package apache2
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -126,8 +126,8 @@
 Patch114:  httpd-2.4.12-lua-5.2.patch
 # http://svn.apache.org/viewvc?view=revision&revision=1711479
 Patch115:   httpd-2.4.17-debug-crash.patch
-BuildRequires:  automake
 BuildRequires:  apache-rpm-macros-control
+BuildRequires:  automake
 BuildRequires:  db-devel
 BuildRequires:  ed
 BuildRequires:  libapr-util1-devel
@@ -153,11 +153,11 @@
 Requires(post): sed
 Requires(post): textutils
 Provides:   %{apache_mmn}
-Provides:   suse_maintenance_mmn_%{suse_maintenance_mmn}
+Provides:   %{name}-mod_macro = %{version}
 Provides:   http_daemon
 Provides:   httpd
 Provides:   suse_help_viewer
-Provides:   %{name}-mod_macro = %{version}
+Provides:   suse_maintenance_mmn_%{suse_maintenance_mmn}
 Obsoletes:  %{name}-mod_macro <= 1.2.1
 Provides:   apache = %{version}
 Obsoletes:  apache < 1.3.29
@@ -255,11 +255,11 @@
 Group:  Development/Libraries/C and C++
 Requires:   %{name} = %{version}
 Requires:   %{name}-MPM
+Requires:   apache-rpm-macros-control
 Requires:   apache2-prefork
 Requires:   gcc
 Requires:   libapr-util1-devel
 Requires:   libapr1-devel
-Requires:   apache-rpm-macros-control
 
 %description devel
 This package contains header files and include files that are needed


++ apache2.service ++
--- /var/tmp/diff_new_pack.yrTHQ1/_old  2016-05-20 11:54:57.0 +0200
+++ /var/tmp/diff_new_pack.yrTHQ1/_new  2016-05-20 11:54:57.0 +0200
@@ -1,6 +1,6 @@
 [Unit]
 Description=The Apache Webserver
-After=network.target nss-lookup.target time-sync.target
+After=network.target nss-lookup.target time-sync.target remote-fs.target
 Before=getty@tty1.service plymouth-quit.service xdm.service
 PartOf=apache2.target
 


++ apache2@.service ++
--- /var/tmp/diff_new_pack.yrTHQ1/_old  2016-05-20 11:54:57.0 +0200
+++ /var/tmp/diff_new_pack.yrTHQ1/_new  2016-05-20 11:54:57.0 +0200
@@ -1,6 +1,6 @@
 [Unit]
 Description=The Apache Webserver %I
-After=network.target nss-lookup.target time-sync.target
+After=network.target nss-lookup.target time-sync.target remote-fs.target
 Before=getty@tty1.service plymouth-quit.service xdm.service
 PartOf=apache2.target
 





commit apache2 for openSUSE:Factory

2016-05-10 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2016-05-10 09:25:13

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2016-04-12 
18:58:08.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2016-05-10 
09:25:15.0 +0200
@@ -1,0 +2,10 @@
+Thu May  5 07:06:05 UTC 2016 - pgaj...@suse.com
+
+- removed note about ulimits in sysconfig file [bsc#976711]
+
+---
+Mon May  2 07:48:44 UTC 2016 - pgaj...@suse.com
+
+- do not build mod_http2 for 13.2
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.C5V82l/_old  2016-05-10 09:25:17.0 +0200
+++ /var/tmp/diff_new_pack.C5V82l/_new  2016-05-10 09:25:17.0 +0200
@@ -172,7 +172,7 @@
 BuildRequires:  pkgconfig(libsystemd-daemon)
 BuildRequires:  pkgconfig(systemd)
 %endif
-%if 0%{?suse_version} >= 1320
+%if 0%{?suse_version} > 1320
 BuildRequires:  pkgconfig(libnghttp2) >= 1.0.0
 %endif
 
@@ -887,7 +887,7 @@
 %{_libdir}/%{name}-prefork/mod_filter.so
 %{_libdir}/%{name}-prefork/mod_headers.so
 %{_libdir}/%{name}-prefork/mod_heartmonitor.so
-%if 0%{?suse_version} >= 1320
+%if 0%{?suse_version} > 1320
 %{_libdir}/%{name}-prefork/mod_http2.so
 %endif
 %{_libdir}/%{name}-prefork/mod_imagemap.so
@@ -1011,7 +1011,7 @@
 %{_libdir}/%{name}-worker/mod_filter.so
 %{_libdir}/%{name}-worker/mod_headers.so
 %{_libdir}/%{name}-worker/mod_heartmonitor.so
-%if 0%{?suse_version} >= 1320
+%if 0%{?suse_version} > 1320
 %{_libdir}/%{name}-worker/mod_http2.so
 %endif
 %{_libdir}/%{name}-worker/mod_imagemap.so
@@ -1134,7 +1134,7 @@
 %{_libdir}/%{name}-event/mod_file_cache.so
 %{_libdir}/%{name}-event/mod_filter.so
 %{_libdir}/%{name}-event/mod_headers.so
-%if 0%{?suse_version} >= 1320
+%if 0%{?suse_version} > 1320
 %{_libdir}/%{name}-event/mod_http2.so
 %endif
 %{_libdir}/%{name}-event/mod_heartmonitor.so




++ sysconfig.apache2 ++
--- /var/tmp/diff_new_pack.C5V82l/_old  2016-05-10 09:25:17.0 +0200
+++ /var/tmp/diff_new_pack.C5V82l/_new  2016-05-10 09:25:17.0 +0200
@@ -117,16 +117,6 @@
 # (if not set, /etc/apache2/httpd.conf is used.)
 # It is unusual to need to use this setting.
 #
-# Note about ulimits:
-#   if you want to set ulimits, e.g. to increase the max number of open file 
handle, 
-#   or to allow core files, you can do so by editing /etc/sysconfig/apache2 and
-#   simply write the ulimit commands into that file.
-#   Example:
-# ulimit -n 16384
-# ulimit -H -n 16384
-# ulimit -c unlimited
-#   See the output of "help ulimit" in the bash, or "man 1 ulimit".
-#
 APACHE_HTTPD_CONF=""
 
 ## Type:   list(prefork,worker,event,itk)




commit apache2 for openSUSE:Factory

2016-04-12 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2016-04-12 18:58:07

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-12-23 
09:56:54.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2016-04-12 
18:58:08.0 +0200
@@ -1,0 +2,13 @@
+Mon Apr 11 04:43:21 UTC 2016 - crrodrig...@opensuse.org
+
+- Update to version 2.4.20 (2.4.19 was never released)
+* Drop httpd-2.4.18-missing-semicolon.patch now upstream
+- Big changelog available, see:
+  http://www.apache.org/dist/httpd/CHANGES_2.4.20 for details.
+
+---
+Mon Apr  4 11:19:14 UTC 2016 - pgaj...@suse.com
+
+- enable authnz_fcgi module
+
+---

Old:

  httpd-2.4.18-missing-semicolon.patch
  httpd-2.4.18.tar.bz2

New:

  httpd-2.4.20.tar.bz2



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.j8Quhq/_old  2016-04-12 18:58:10.0 +0200
+++ /var/tmp/diff_new_pack.j8Quhq/_new  2016-04-12 18:58:10.0 +0200
@@ -51,7 +51,7 @@
 %endif
 
 Name:   apache2
-Version:2.4.18
+Version:2.4.20
 Release:0
 Summary:The Apache Web Server Version 2.4
 License:Apache-2.0
@@ -126,8 +126,6 @@
 Patch114:  httpd-2.4.12-lua-5.2.patch
 # http://svn.apache.org/viewvc?view=revision&revision=1711479
 Patch115:   httpd-2.4.17-debug-crash.patch
-# reported to ylavic.dev gmail.com
-Patch116:   httpd-2.4.18-missing-semicolon.patch
 BuildRequires:  automake
 BuildRequires:  apache-rpm-macros-control
 BuildRequires:  db-devel
@@ -316,7 +314,6 @@
 %patch111 -p1
 %patch114 -p1
 %patch115 -p1
-%patch116
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{SOURCE22})
@@ -380,6 +377,7 @@
--with-ldap \
--enable-ldap \
--enable-authnz_ldap \
+   --enable-authnz-fcgi \
--enable-proxy \
--enable-proxy-connect \
--enable-proxy-ftp \
@@ -854,6 +852,7 @@
 %{_libdir}/%{name}-prefork/mod_authn_file.so
 %{_libdir}/%{name}-prefork/mod_authn_socache.so
 %{_libdir}/%{name}-prefork/mod_authnz_ldap.so
+%{_libdir}/%{name}-prefork/mod_authnz_fcgi.so
 %{_libdir}/%{name}-prefork/mod_authz_core.so
 %{_libdir}/%{name}-prefork/mod_authz_dbd.so
 %{_libdir}/%{name}-prefork/mod_authz_dbm.so
@@ -977,6 +976,7 @@
 %{_libdir}/%{name}-worker/mod_authn_file.so
 %{_libdir}/%{name}-worker/mod_authn_socache.so
 %{_libdir}/%{name}-worker/mod_authnz_ldap.so
+%{_libdir}/%{name}-worker/mod_authnz_fcgi.so
 %{_libdir}/%{name}-worker/mod_authz_core.so
 %{_libdir}/%{name}-worker/mod_authz_dbd.so
 %{_libdir}/%{name}-worker/mod_authz_dbm.so
@@ -1100,6 +1100,7 @@
 %{_libdir}/%{name}-event/mod_authn_file.so
 %{_libdir}/%{name}-event/mod_authn_socache.so
 %{_libdir}/%{name}-event/mod_authnz_ldap.so
+%{_libdir}/%{name}-event/mod_authnz_fcgi.so
 %{_libdir}/%{name}-event/mod_authz_core.so
 %{_libdir}/%{name}-event/mod_authz_dbd.so
 %{_libdir}/%{name}-event/mod_authz_dbm.so




++ httpd-2.4.17-debug-crash.patch ++
--- /var/tmp/diff_new_pack.j8Quhq/_old  2016-04-12 18:58:10.0 +0200
+++ /var/tmp/diff_new_pack.j8Quhq/_new  2016-04-12 18:58:10.0 +0200
@@ -1,9 +1,9 @@
 http://permalink.gmane.org/gmane.comp.apache.cvs/44631
-diff --git a/server/mpm/event/event.c b/server/mpm/event/event.c
-index cd70b7d..94813af 100644
 a/server/mpm/event/event.c
-+++ b/server/mpm/event/event.c
-@@ -3042,8 +3042,7 @@ static int event_open_logs(apr_pool_t * p, apr_pool_t * 
plog,
+Index: httpd-2.4.20/server/mpm/event/event.c
+===
+--- httpd-2.4.20.orig/server/mpm/event/event.c
 httpd-2.4.20/server/mpm/event/event.c
+@@ -3094,8 +3094,7 @@ static int event_open_logs(apr_pool_t *
  
  all_buckets = apr_pcalloc(pconf, num_buckets * sizeof(*all_buckets));
  for (i = 0; i < num_buckets; i++) {
@@ -13,25 +13,11 @@
  ap_log_error(APLOG_MARK, APLOG_CRIT | level_flags, rv,
   (startup ? NULL : s),
   "could not open pipe-of-death");
-diff --git a/server/mpm/prefork/prefork.c b/server/mpm/prefork/prefork.c
-index 343e51d..f4c3dbe 100644
 a/server/mpm/prefork/prefork.c
-+++ b/server/mpm/prefork/prefork.c
-@@ -1326,8 +1326,7 @@ static int prefork_open_logs(apr_pool_t *p, apr_pool_t 
*plog, apr_pool_t *ptemp,
- all_buckets = apr_pcalloc(pconf, num_buckets *
-

commit apache2 for openSUSE:Factory

2015-12-23 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-12-23 09:56:52

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-12-09 
19:33:53.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-12-23 
09:56:54.0 +0100
@@ -1,0 +2,14 @@
+Mon Dec 14 16:44:55 UTC 2015 - pgaj...@suse.com
+
+- fix build for SLE_11_SP4:
+  + httpd-2.4.18-missing-semicolon.patch
+
+---
+Sat Dec 12 15:57:21 UTC 2015 - crrodrig...@opensuse.org
+
+- Update to version 2.4.18 
+* drop 2.4.17-protocols.patch in upstream.
+- Change list too long to mention here see: 
+  http://www.apache.org/dist/httpd/CHANGES_2.4.18 for details.
+
+---

Old:

  2.4.17-protocols.patch
  httpd-2.4.17.tar.bz2

New:

  httpd-2.4.18-missing-semicolon.patch
  httpd-2.4.18.tar.bz2



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.QTVjJL/_old  2015-12-23 09:56:57.0 +0100
+++ /var/tmp/diff_new_pack.QTVjJL/_new  2015-12-23 09:56:57.0 +0100
@@ -51,7 +51,7 @@
 %endif
 
 Name:   apache2
-Version:2.4.17
+Version:2.4.18
 Release:0
 Summary:The Apache Web Server Version 2.4
 License:Apache-2.0
@@ -124,8 +124,10 @@
 Patch111:   httpd-visibility.patch
 # PATCH-FIX-UPSTREAM marguer...@opensuse.org -- compability for lua 5.2+ 
https://bz.apache.org/bugzilla/show_bug.cgi?id=58188
 Patch114:  httpd-2.4.12-lua-5.2.patch
+# http://svn.apache.org/viewvc?view=revision&revision=1711479
 Patch115:   httpd-2.4.17-debug-crash.patch
-Patch1000:  
https://raw.githubusercontent.com/icing/mod_h2/master/sandbox/httpd/patches/2.4.17-protocols.patch
+# reported to ylavic.dev gmail.com
+Patch116:   httpd-2.4.18-missing-semicolon.patch
 BuildRequires:  automake
 BuildRequires:  apache-rpm-macros-control
 BuildRequires:  db-devel
@@ -314,7 +316,7 @@
 %patch111 -p1
 %patch114 -p1
 %patch115 -p1
-%patch1000
+%patch116
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{SOURCE22})




++ httpd-2.4.18-missing-semicolon.patch ++
Index: modules/ssl/ssl_engine_io.c
===
--- modules/ssl/ssl_engine_io.c.orig2015-11-19 20:55:25.0 +0100
+++ modules/ssl/ssl_engine_io.c 2015-12-14 17:36:04.787124154 +0100
@@ -217,7 +217,7 @@
  * so limit the performance impact to handshake time.
  */
 #if OPENSSL_VERSION_NUMBER < 0x0009080df
- need_flush = !SSL_is_init_finished(outctx->filter_ctx->pssl)
+ need_flush = !SSL_is_init_finished(outctx->filter_ctx->pssl);
 #else
  need_flush = SSL_in_connect_init(outctx->filter_ctx->pssl);
 #endif
++ httpd-2.4.17.tar.bz2 -> httpd-2.4.18.tar.bz2 ++
 20785 lines of diff (skipped)




commit apache2 for openSUSE:Factory

2015-12-09 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-12-09 19:33:51

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-11-24 
22:30:01.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-12-09 
19:33:53.0 +0100
@@ -1,0 +2,19 @@
+Mon Dec  7 18:05:37 UTC 2015 - crrodrig...@opensuse.org
+
+- systemd: Set TasksMax=infinity for current systemd releases.
+  The default limit of 512 is too small and prevents the creation of 
+  new server processes. Apache has its own runtime/harcoded limits.
+
+---
+Thu Dec  3 10:00:28 UTC 2015 - pgaj...@suse.com
+
+- fix crash when for -X
+  + httpd-2.4.17-debug-crash.patch
+
+---
+Mon Nov 23 11:02:19 UTC 2015 - pgaj...@suse.com
+
+- add a note: FollowSymLinks or SymLinksIfOwnerMatch is neccessary
+  for RewriteRule in given dir [bnc#955701]
+
+---

New:

  httpd-2.4.17-debug-crash.patch



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.RF9tUs/_old  2015-12-09 19:33:55.0 +0100
+++ /var/tmp/diff_new_pack.RF9tUs/_new  2015-12-09 19:33:55.0 +0100
@@ -124,6 +124,7 @@
 Patch111:   httpd-visibility.patch
 # PATCH-FIX-UPSTREAM marguer...@opensuse.org -- compability for lua 5.2+ 
https://bz.apache.org/bugzilla/show_bug.cgi?id=58188
 Patch114:  httpd-2.4.12-lua-5.2.patch
+Patch115:   httpd-2.4.17-debug-crash.patch
 Patch1000:  
https://raw.githubusercontent.com/icing/mod_h2/master/sandbox/httpd/patches/2.4.17-protocols.patch
 BuildRequires:  automake
 BuildRequires:  apache-rpm-macros-control
@@ -312,6 +313,7 @@
 %endif
 %patch111 -p1
 %patch114 -p1
+%patch115 -p1
 %patch1000
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs


++ apache2-default-server.conf ++
--- /var/tmp/diff_new_pack.RF9tUs/_old  2015-12-09 19:33:55.0 +0100
+++ /var/tmp/diff_new_pack.RF9tUs/_new  2015-12-09 19:33:55.0 +0100
@@ -19,6 +19,8 @@
# The Options directive is both complicated and important.  Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
+   # NOTE: For directories where RewriteRule is used, FollowSymLinks
+   # or SymLinksIfOwnerMatch needs to be set in Options directive.
Options None
# AllowOverride controls what directives may be placed in .htaccess 
files.
# It can be "All", "None", or any combination of the keywords:

++ apache2.service ++
--- /var/tmp/diff_new_pack.RF9tUs/_old  2015-12-09 19:33:55.0 +0100
+++ /var/tmp/diff_new_pack.RF9tUs/_new  2015-12-09 19:33:55.0 +0100
@@ -11,6 +11,7 @@
 ExecReload=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful
 ExecStop=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful-stop
 KillMode=mixed
+TasksMax=infinity
 
 [Install]
 WantedBy=multi-user.target


++ apache2@.service ++
--- /var/tmp/diff_new_pack.RF9tUs/_old  2015-12-09 19:33:56.0 +0100
+++ /var/tmp/diff_new_pack.RF9tUs/_new  2015-12-09 19:33:56.0 +0100
@@ -12,6 +12,7 @@
 ExecReload=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful
 ExecStop=/usr/sbin/start_apache2 -DSYSTEMD -DFOREGROUND -k graceful-stop
 KillMode=mixed
+TasksMax=infinity
 
 [Install]
 WantedBy=multi-user.target


++ httpd-2.4.17-debug-crash.patch ++
http://permalink.gmane.org/gmane.comp.apache.cvs/44631
diff --git a/server/mpm/event/event.c b/server/mpm/event/event.c
index cd70b7d..94813af 100644
--- a/server/mpm/event/event.c
+++ b/server/mpm/event/event.c
@@ -3042,8 +3042,7 @@ static int event_open_logs(apr_pool_t * p, apr_pool_t * 
plog,
 
 all_buckets = apr_pcalloc(pconf, num_buckets * sizeof(*all_buckets));
 for (i = 0; i < num_buckets; i++) {
-if (!one_process && /* no POD in one_process mode */
-(rv = ap_mpm_podx_open(pconf, &all_buckets[i].pod))) {
+if (rv = ap_mpm_podx_open(pconf, &all_buckets[i].pod)) {
 ap_log_error(APLOG_MARK, APLOG_CRIT | level_flags, rv,
  (startup ? NULL : s),
  "could not open pipe-of-death");
diff --git a/server/mpm/prefork/prefork.c b/server/mpm/prefork/prefork.c
index 343e51d..f4c3dbe 100644
--- a/server/mpm/prefork/prefork.c
+++ b/server/mpm/prefork/prefork.c
@@ -1326,8 +1326,7 @@ static int prefork_open_logs(apr_pool_t *p, apr_pool_t 
*plog, apr_pool_t *ptem

commit apache2 for openSUSE:Factory

2015-11-24 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-11-24 22:29:59

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-11-08 
14:35:31.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-11-24 
22:30:01.0 +0100
@@ -1,0 +2,7 @@
+Fri Nov  6 10:06:19 UTC 2015 - pgaj...@suse.com
+
+- restart apache once after the rpm or zypper transaction 
+  [bnc#893659]
+- drop some old compat code from %post
+
+---

New:

  apache2.target



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.ropazp/_old  2015-11-24 22:30:03.0 +0100
+++ /var/tmp/diff_new_pack.ropazp/_new  2015-11-24 22:30:03.0 +0100
@@ -19,9 +19,9 @@
 %define apache_mmn %(test -s %{SOURCE0} && { echo -n apache_mmn_; bzcat 
%{SOURCE0} | awk '/^#define MODULE_MAGIC_NUMBER_MAJOR/ {printf "%d", $3}'; })
 %define suse_maintenance_mmn  0
 %definedefault_mpm prefork
-%{!?prefork:%define prefork 1}
-%{!?worker:%define worker 1}
-%{!?event:%define event 1}
+%define prefork 1
+%define worker 1
+%define event 1
 %define mpms_to_build  %(test %{prefork} = 1 && printf prefork) %(test 
%{worker} = 1 && printf worker) %(test %{event} = 1 && printf event)
 # dir names
 %define datadir/srv/www
@@ -49,6 +49,7 @@
 %define runtimedir %{_localstatedir}/run
 %define mods_static unixd
 %endif
+
 Name:   apache2
 Version:2.4.17
 Release:0
@@ -110,6 +111,7 @@
 Source145:  apache2-find-directives
 Source146:  apache2@.service
 Source147:  apache2-script-helpers
+Source148:  apache2.target
 Patch2: httpd-2.1.3alpha-layout.dif
 Patch23:httpd-apachectl.patch
 Patch66:httpd-2.0.54-envvars.dif
@@ -124,6 +126,7 @@
 Patch114:  httpd-2.4.12-lua-5.2.patch
 Patch1000:  
https://raw.githubusercontent.com/icing/mod_h2/master/sandbox/httpd/patches/2.4.17-protocols.patch
 BuildRequires:  automake
+BuildRequires:  apache-rpm-macros-control
 BuildRequires:  db-devel
 BuildRequires:  ed
 BuildRequires:  libapr-util1-devel
@@ -255,6 +258,7 @@
 Requires:   gcc
 Requires:   libapr-util1-devel
 Requires:   libapr1-devel
+Requires:   apache-rpm-macros-control
 
 %description devel
 This package contains header files and include files that are needed
@@ -534,6 +538,7 @@
 install -m 700 $RPM_SOURCE_DIR/apache2-systemd-ask-pass 
%{buildroot}%{_sbindir}/
 install -m 644 $RPM_SOURCE_DIR/apache2.service %{buildroot}%{_unitdir}/
 install -m 644 $RPM_SOURCE_DIR/apache2@.service %{buildroot}%{_unitdir}/
+install -m 644 $RPM_SOURCE_DIR/apache2.target %{buildroot}%{_unitdir}/
 ln -sf service %{buildroot}/%{_sbindir}/rcapache2
 %else
 mkdir -p %{buildroot}%{_sysconfdir}/init.d
@@ -790,6 +795,7 @@
 %if 0%{?suse_version} >= 1210
 %{_unitdir}/apache2.service
 %{_unitdir}/apache2@.service
+%{_unitdir}/apache2.target
 %{_sbindir}/apache2-systemd-ask-pass
 %else
 %{_initddir}/%{name}
@@ -1262,6 +1268,7 @@
 %{_sbindir}/suexec2
 
 %if %{prefork}
+#
 %post prefork
 # install /usr/sbin/httpd link
 if [ -f /usr/share/apache2/script-helpers ]; then
@@ -1274,8 +1281,18 @@
   find_mpm
   ln -sf $HTTPD_SBIN_BASE-$HTTPD_MPM $HTTPD_SBIN_BASE
 fi
+exit 0
+#
+%postun prefork
+if [ $1 -eq 1 ]; then
+  %apache_request_restart
+fi
+exit 0
 #
+%posttrans prefork
+%apache_restart_if_needed
 exit 0
+#
 %endif
 
 %if %{worker}
@@ -1291,8 +1308,18 @@
   find_mpm
   ln -sf $HTTPD_SBIN_BASE-$HTTPD_MPM $HTTPD_SBIN_BASE
 fi
+exit 0
+#
+%postun worker
+if [ $1 -eq 1 ]; then
+  %apache_request_restart
+fi
+exit 0
 #
+%posttrans worker
+%apache_restart_if_needed
 exit 0
+#
 %endif
 
 %if %{event}
@@ -1308,20 +1335,28 @@
   find_mpm
   ln -sf $HTTPD_SBIN_BASE-$HTTPD_MPM $HTTPD_SBIN_BASE
 fi
+exit 0
+#
+%postun event
+if [ $1 -eq 1 ]; then
+  %apache_request_restart
+fi
+exit 0
 #
+%posttrans event
+%apache_restart_if_needed
 exit 0
+#
 %endif
 
 %pre
 %if 0%{?suse_version} >= 1210
 %service_add_pre apache2.service
-%service_add_pre apache2@.service
 %endif
 
 %preun
 %if 0%{?suse_version} >= 1210
-%service_del_preun apache2.service
-%service_del_preun apache2@.service
+%service_del_preun apache2.target
 %endif
 for i in %{_sbindir}/httpd \
 %{installbuilddir}/config_vars.mk
@@ -1332,8 +1367,11 @@
 
 %postun
 %if 0%{?suse_version} >= 1210
-%service_del_postun apache2.service
-%service_del_postun apache2@.service
+DISABLE_RESTART_ON_UPDATE='yes'
+%service_del_postun apache2.target
+if [ $1 -eq 1 ]; then
+  %apache_request_restart
+fi
 %

commit apache2 for openSUSE:Factory

2015-11-08 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-11-08 14:35:30

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-11-06 
00:09:24.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-11-08 
14:35:31.0 +0100
@@ -1,0 +2,16 @@
+Thu Nov  5 16:52:45 UTC 2015 - crrodrig...@opensuse.org
+
+- 2.4.17-protocols.patch from upstream http2 module:
+* master conn_rec* addition to conn_rec
+* improved ALPN and Upgrade handling
+* allowing requests for servers whose TLS configuration is compatible
+  to the SNI server ones
+* disabling TLS renegotiation for slave connections
+
+---
+Wed Nov  4 06:29:27 UTC 2015 - pgaj...@suse.com
+
+- LogLevel directive into correct config file, thanks Michael Calmer 
+  for the fix [bsc#953329]
+
+---

New:

  2.4.17-protocols.patch



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.CoTFYR/_old  2015-11-08 14:35:33.0 +0100
+++ /var/tmp/diff_new_pack.CoTFYR/_new  2015-11-08 14:35:33.0 +0100
@@ -122,6 +122,7 @@
 Patch111:   httpd-visibility.patch
 # PATCH-FIX-UPSTREAM marguer...@opensuse.org -- compability for lua 5.2+ 
https://bz.apache.org/bugzilla/show_bug.cgi?id=58188
 Patch114:  httpd-2.4.12-lua-5.2.patch
+Patch1000:  
https://raw.githubusercontent.com/icing/mod_h2/master/sandbox/httpd/patches/2.4.17-protocols.patch
 BuildRequires:  automake
 BuildRequires:  db-devel
 BuildRequires:  ed
@@ -307,6 +308,7 @@
 %endif
 %patch111 -p1
 %patch114 -p1
+%patch1000
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{SOURCE22})

++ 2.4.17-protocols.patch ++
 819 lines (skipped)




++ start_apache2 ++
--- /var/tmp/diff_new_pack.CoTFYR/_old  2015-11-08 14:35:34.0 +0100
+++ /var/tmp/diff_new_pack.CoTFYR/_new  2015-11-08 14:35:34.0 +0100
@@ -125,7 +125,7 @@
 fi
 # APACHE_LOGLEVEL -> global.conf
 if [ -n "$APACHE_LOGLEVEL" ]; then
-echo "LogLevel $APACHE_LOGLEVEL" >> global.conf
+echo "LogLevel $APACHE_LOGLEVEL" >> ${sysconfd_dir}/global.conf
 fi
 # APACHE_USE_CANONICAL_NAME -> global.conf
 if [ -n "$APACHE_USE_CANONICAL_NAME" ]; then




commit apache2 for openSUSE:Factory

2015-11-05 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-11-06 00:09:23

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-10-26 
12:47:12.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-11-06 
00:09:24.0 +0100
@@ -1,0 +2,18 @@
+Mon Oct 26 09:34:28 UTC 2015 - pgaj...@suse.com
+
+- do not build mod_http2 for older distros than 13.2 for now (nghttp2 
+  does not build there)
+
+---
+Mon Oct 26 09:14:29 UTC 2015 - pgaj...@suse.com
+
+- Include directives really into /etc/apache2/sysconfig.d/include.conf,
+  fix from Erik Wegner [bsc#951901]
+
+---
+Wed Oct 21 07:35:30 UTC 2015 - pgaj...@suse.com
+
+- gensslcert: CN now defaults to `hostname -f` [bnc#949766] 
+  (internal), fix help [bnc#949771] (internal)
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.UWHmYq/_old  2015-11-06 00:09:26.0 +0100
+++ /var/tmp/diff_new_pack.UWHmYq/_new  2015-11-06 00:09:26.0 +0100
@@ -167,7 +167,9 @@
 BuildRequires:  pkgconfig(libsystemd-daemon)
 BuildRequires:  pkgconfig(systemd)
 %endif
+%if 0%{?suse_version} >= 1320
 BuildRequires:  pkgconfig(libnghttp2) >= 1.0.0
+%endif
 
 %description
 This version of httpd is a major release of the 2.4 stable branch,
@@ -874,7 +876,9 @@
 %{_libdir}/%{name}-prefork/mod_filter.so
 %{_libdir}/%{name}-prefork/mod_headers.so
 %{_libdir}/%{name}-prefork/mod_heartmonitor.so
+%if 0%{?suse_version} >= 1320
 %{_libdir}/%{name}-prefork/mod_http2.so
+%endif
 %{_libdir}/%{name}-prefork/mod_imagemap.so
 %{_libdir}/%{name}-prefork/mod_include.so
 %{_libdir}/%{name}-prefork/mod_info.so
@@ -995,7 +999,9 @@
 %{_libdir}/%{name}-worker/mod_filter.so
 %{_libdir}/%{name}-worker/mod_headers.so
 %{_libdir}/%{name}-worker/mod_heartmonitor.so
+%if 0%{?suse_version} >= 1320
 %{_libdir}/%{name}-worker/mod_http2.so
+%endif
 %{_libdir}/%{name}-worker/mod_imagemap.so
 %{_libdir}/%{name}-worker/mod_include.so
 %{_libdir}/%{name}-worker/mod_info.so
@@ -1115,7 +1121,9 @@
 %{_libdir}/%{name}-event/mod_file_cache.so
 %{_libdir}/%{name}-event/mod_filter.so
 %{_libdir}/%{name}-event/mod_headers.so
+%if 0%{?suse_version} >= 1320
 %{_libdir}/%{name}-event/mod_http2.so
+%endif
 %{_libdir}/%{name}-event/mod_heartmonitor.so
 %{_libdir}/%{name}-event/mod_imagemap.so
 %{_libdir}/%{name}-event/mod_include.so




++ gensslcert ++
--- /var/tmp/diff_new_pack.UWHmYq/_old  2015-11-06 00:09:27.0 +0100
+++ /var/tmp/diff_new_pack.UWHmYq/_new  2015-11-06 00:09:27.0 +0100
@@ -23,7 +23,7 @@
-l  city$L
-o  organisation"$O"
-u  organisational unit "$U"
-   -n  fully qualified domain name $CN (\$FQHOSTNAME)
+   -n  fully qualified domain name $CN (hostname -f)
-e  email address of webmaster  webmaster@$CN
-y  days server cert is valid for   $srvdays
-Y  days CA cert is valid for   $CAdays
@@ -40,7 +40,7 @@
 
 r=$ROOT
 . $r/etc/sysconfig/network/config
-FQHOSTNAME=`cat /etc/HOSTNAME`
+FQHOSTNAME=`hostname -f`
 
 # defaults
   comment="mod_ssl server certificate"

++ start_apache2 ++
--- /var/tmp/diff_new_pack.UWHmYq/_old  2015-11-06 00:09:27.0 +0100
+++ /var/tmp/diff_new_pack.UWHmYq/_new  2015-11-06 00:09:27.0 +0100
@@ -95,11 +95,19 @@
 fi
 # APACHE_CONF_INCLUDE_FILES -> include.conf
 for file in $APACHE_CONF_INCLUDE_FILES; do
-echo "Include $file" >> include.conf
+test ${file:0:1} = / || file=/etc/apache2/$file
+if [ ! -e $file ]; then
+  continue
+fi
+echo "Include $file" >> ${sysconfd_dir}/include.conf
 done
 # APACHE_CONF_INCLUDE_DIRS -> include.conf
 for dir in $APACHE_CONF_INCLUDE_DIRS; do
-echo "Include $dir" >> include.conf
+test ${dir:0:1} = / || dir=/etc/apache2/$dir
+if [ ! -e $dir ]; then
+  continue
+fi
+echo "Include $dir" >> ${sysconfd_dir}/include.conf
 done
 # APACHE_SERVERADMIN -> global.conf
 if [ -n "$APACHE_SERVERADMIN" ]; then




commit apache2 for openSUSE:Factory

2015-10-26 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-10-26 12:47:11

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-10-17 
16:36:30.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-10-26 
12:47:12.0 +0100
@@ -1,0 +2,10 @@
+Sun Oct 18 03:47:09 UTC 2015 - crrodrig...@opensuse.org
+
+-  Update to 2.4.17
+- Enable mod_http2/ BuildRequire nghttp2
+- MPMs: Support SO_REUSEPORT to create multiple duplicated listener
+  records for scalability
+- mod_ssl: Support compilation against libssl built with OPENSSL_NO_SSL3
+- For more changes see: http://www.apache.org/dist/httpd/CHANGES_2.4.17
+
+---

Old:

  httpd-2.4.16.tar.bz2

New:

  httpd-2.4.17.tar.bz2



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.9c5Pyo/_old  2015-10-26 12:47:14.0 +0100
+++ /var/tmp/diff_new_pack.9c5Pyo/_new  2015-10-26 12:47:14.0 +0100
@@ -50,7 +50,7 @@
 %define mods_static unixd
 %endif
 Name:   apache2
-Version:2.4.16
+Version:2.4.17
 Release:0
 Summary:The Apache Web Server Version 2.4
 License:Apache-2.0
@@ -167,6 +167,7 @@
 BuildRequires:  pkgconfig(libsystemd-daemon)
 BuildRequires:  pkgconfig(systemd)
 %endif
+BuildRequires:  pkgconfig(libnghttp2) >= 1.0.0
 
 %description
 This version of httpd is a major release of the 2.4 stable branch,
@@ -873,6 +874,7 @@
 %{_libdir}/%{name}-prefork/mod_filter.so
 %{_libdir}/%{name}-prefork/mod_headers.so
 %{_libdir}/%{name}-prefork/mod_heartmonitor.so
+%{_libdir}/%{name}-prefork/mod_http2.so
 %{_libdir}/%{name}-prefork/mod_imagemap.so
 %{_libdir}/%{name}-prefork/mod_include.so
 %{_libdir}/%{name}-prefork/mod_info.so
@@ -993,6 +995,7 @@
 %{_libdir}/%{name}-worker/mod_filter.so
 %{_libdir}/%{name}-worker/mod_headers.so
 %{_libdir}/%{name}-worker/mod_heartmonitor.so
+%{_libdir}/%{name}-worker/mod_http2.so
 %{_libdir}/%{name}-worker/mod_imagemap.so
 %{_libdir}/%{name}-worker/mod_include.so
 %{_libdir}/%{name}-worker/mod_info.so
@@ -1112,6 +1115,7 @@
 %{_libdir}/%{name}-event/mod_file_cache.so
 %{_libdir}/%{name}-event/mod_filter.so
 %{_libdir}/%{name}-event/mod_headers.so
+%{_libdir}/%{name}-event/mod_http2.so
 %{_libdir}/%{name}-event/mod_heartmonitor.so
 %{_libdir}/%{name}-event/mod_imagemap.so
 %{_libdir}/%{name}-event/mod_include.so




++ httpd-2.4.16.tar.bz2 -> httpd-2.4.17.tar.bz2 ++
 33564 lines of diff (skipped)




commit apache2 for openSUSE:Factory

2015-10-17 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-10-17 16:36:29

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-08-14 
14:45:55.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-10-17 
16:36:30.0 +0200
@@ -1,0 +2,7 @@
+Mon Oct 12 09:00:27 UTC 2015 - pgaj...@suse.com
+
+- start_apache2: reintroduce sysconfig.d, include it on
+  command line (not in httpd.conf) instead of individual directives
+  [bnc#949434] (internal), [bnc#941331]
+
+---



Other differences:
--

++ apache2-README-instances.txt ++
--- /var/tmp/diff_new_pack.9eJmNT/_old  2015-10-17 16:36:32.0 +0200
+++ /var/tmp/diff_new_pack.9eJmNT/_new  2015-10-17 16:36:32.0 +0200
@@ -15,7 +15,7 @@
 
 systemctl start apache2@
 
-for example
+where  is ASCII identifier of the instance. For example
 
 systemctl start apac...@myweb.org
 



++ start_apache2 ++
--- /var/tmp/diff_new_pack.9eJmNT/_old  2015-10-17 16:36:32.0 +0200
+++ /var/tmp/diff_new_pack.9eJmNT/_new  2015-10-17 16:36:32.0 +0200
@@ -70,6 +70,11 @@
 httpd_conf=${APACHE_HTTPD_CONF:-/etc/apache2${instance_suffix}/httpd.conf}
 
 #
+# where to write configuration depending on sysconfig variables
+#
+sysconfd_dir=$(dirname $httpd_conf)/sysconfig${instance_suffix}.d/
+
+#
 # set PidFile to this file name; PidFile should not
 # be used in the configuration to change this, otherwise
 # stopping will not work
@@ -80,54 +85,58 @@
 #
 # involve the sysconfig variables
 #
-# APACHE_ACCESS_LOG 
+mkdir -p ${sysconfd_dir} || exit 1
+for c in global.conf include.conf loadmodule.conf; do
+  echo "# File generated from $SYSCONFIG_FILE, do not edit. Edit the sysconfig 
file instead." > ${sysconfd_dir}/$c
+done
+# APACHE_ACCESS_LOG -> global.conf
 if [ -n "$APACHE_ACCESS_LOG" ]; then
-sysconfig_setting=("${sysconfig_setting[@]}" "-C" "CustomLog 
$APACHE_ACCESS_LOG")
+echo "CustomLog $APACHE_ACCESS_LOG" >> ${sysconfd_dir}/global.conf
 fi
-# APACHE_CONF_INCLUDE_FILES
+# APACHE_CONF_INCLUDE_FILES -> include.conf
 for file in $APACHE_CONF_INCLUDE_FILES; do
-sysconfig_setting=("${sysconfig_setting[@]}" "-C" "Include $file")
+echo "Include $file" >> include.conf
 done
-# APACHE_CONF_INCLUDE_DIRS
+# APACHE_CONF_INCLUDE_DIRS -> include.conf
 for dir in $APACHE_CONF_INCLUDE_DIRS; do
-sysconfig_setting=("${sysconfig_setting[@]}" "-C" "Include $dir")
+echo "Include $dir" >> include.conf
 done
-# APACHE_SERVERADMIN
+# APACHE_SERVERADMIN -> global.conf
 if [ -n "$APACHE_SERVERADMIN" ]; then
-sysconfig_setting=("${sysconfig_setting[@]}" "-C" "ServerAdmin 
$APACHE_SERVERADMIN")
+echo "ServerAdmin $APACHE_SERVERADMIN" >> ${sysconfd_dir}/global.conf
 fi
-# APACHE_SERVERNAME
+# APACHE_SERVERNAME -> global.conf
 if [ -n "$APACHE_SERVERNAME" ]; then
-sysconfig_setting=("${sysconfig_setting[@]}" "-C" "ServerName 
$APACHE_SERVERNAME")
+echo "ServerName $APACHE_SERVERNAME" >> ${sysconfd_dir}/global.conf
 fi
 # APACHE_START_TIMEOUT
 # not used nowadays
-# APACHE_SERVERSIGNATURE
+# APACHE_SERVERSIGNATURE -> global.conf
 if [ -n "$APACHE_SERVERSIGNATURE" ]; then
-sysconfig_setting=("${sysconfig_setting[@]}" "-C" "ServerSignature 
$APACHE_SERVERSIGNATURE")
+echo "ServerSignature $APACHE_SERVERSIGNATURE" >> 
${sysconfd_dir}/global.conf
 fi
-# APACHE_LOGLEVEL
+# APACHE_LOGLEVEL -> global.conf
 if [ -n "$APACHE_LOGLEVEL" ]; then
-sysconfig_setting=("${sysconfig_setting[@]}" "-C" "LogLevel 
$APACHE_LOGLEVEL")
+echo "LogLevel $APACHE_LOGLEVEL" >> global.conf
 fi
-# APACHE_USE_CANONICAL_NAME
+# APACHE_USE_CANONICAL_NAME -> global.conf
 if [ -n "$APACHE_USE_CANONICAL_NAME" ]; then
-sysconfig_setting=("${sysconfig_setting[@]}" "-C" "UseCanonicalName 
$APACHE_USE_CANONICAL_NAME")
+echo "UseCanonicalName $APACHE_USE_CANONICAL_NAME" >> 
${sysconfd_dir}/global.conf
 fi
-# APACHE_SERVERTOKENS
+# APACHE_SERVERTOKENS -> global.conf
 if [ -n "$APACHE_SERVERTOKENS" ]; then
-sysconfig_setting=("${sysconfig_setting[@]}" "-C" "ServerTokens 
$APACHE_SERVERTOKENS")
+echo "ServerTokens $APACHE_SERVERTOKENS" >> ${sysconfd_dir}/global.conf
 fi
-# APACHE_EXTENDED_STATUS
+# APACHE_EXTENDED_STATUS -> global.conf
 if [ -n "$APACHE_EXTENDED_STATUS" ]; then
-sysconfig_setting=("${sysconfig_setting[@]}" "-C" "ExtendedStatus 
$APACHE_EXTENDED_STATUS")
+echo "ExtendedStatus $APACHE_EXTENDED_STATUS" >> 
${sysconfd_dir}/global.conf
 fi
-# APACHE_MODULES
+# APACHE_MODULES -> loadmodule.conf

commit apache2 for openSUSE:Factory

2015-08-14 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-08-14 14:45:53

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-08-07 
00:18:23.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-08-14 
14:45:55.0 +0200
@@ -1,0 +2,14 @@
+Thu Aug 13 13:04:00 UTC 2015 - sch...@suse.de
+
+- Fixup libdir in installed files
+
+---
+Tue Aug 11 15:52:42 UTC 2015 - kstreit...@suse.com
+
+- fix Logjam vulnerability: change SSLCipherSuite cipherstring to 
+  disable export cipher suites and deploy Ephemeral Elliptic-Curve
+  Diffie-Hellman (ECDHE) ciphers. Adjust 'gensslcert' script to 
+  generate a strong and unique Diffie Hellman Group and append it
+  to the server certificate file [bnc#931723], [CVE-2015-4000] 
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.nXDpsb/_old  2015-08-14 14:45:56.0 +0200
+++ /var/tmp/diff_new_pack.nXDpsb/_new  2015-08-14 14:45:56.0 +0200
@@ -578,6 +578,13 @@
Group %{httpdgroup}
 EOF
 
+# fixup libdir
+%if "%{_lib}" != "lib64"
+sed -e 's/lib64/%{_lib}/' -i \
+  %{buildroot}/%{sysconfdir}/loadmodule.conf \
+  %{buildroot}/%{_var}/adm/fillup-templates/sysconfig.%{name}
+%endif
+
 # remove configuration for mpms which have not been built
 mpm_confs="$(awk '/IfModule .*\.c/ {print $2}' 
%{buildroot}/%{sysconfdir}/server-tuning.conf | cut -d. -f1 | tr '\n' ' ')"
 for mpm_conf in $mpm_confs; do


++ apache2-ssl-global.conf ++
--- /var/tmp/diff_new_pack.nXDpsb/_old  2015-08-14 14:45:57.0 +0200
+++ /var/tmp/diff_new_pack.nXDpsb/_new  2015-08-14 14:45:57.0 +0200
@@ -77,8 +77,7 @@
#   SSL Cipher Suite:
#   List the ciphers that the client is permitted to negotiate.
#   See the mod_ssl documentation for a complete list.
-#   
https://community.qualys.com/blogs/securitylabs/2013/08/05/configuring-apache-nginx-and-openssl-for-forward-secrecy
-   SSLCipherSuite 
EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS
+SSLCipherSuite 
ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
 
#   SSLHonorCipherOrder
#   If SSLHonorCipherOrder is disabled, then the client's preferences



++ gensslcert ++
--- /var/tmp/diff_new_pack.nXDpsb/_old  2015-08-14 14:45:57.0 +0200
+++ /var/tmp/diff_new_pack.nXDpsb/_new  2015-08-14 14:45:57.0 +0200
@@ -193,6 +193,9 @@
 myexit $LINENO $?
 fi
 
+echo;myecho generating dhparams and appending it to the server certificate 
file...
+openssl dhparam 2048  >> $sslcrtdir/${name}server.crt
+
 
 exit 0
 




commit apache2 for openSUSE:Factory

2015-08-06 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-08-07 00:18:22

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-07-23 
15:21:30.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-08-07 
00:18:23.0 +0200
@@ -1,0 +2,5 @@
+Wed Jul 29 06:22:59 UTC 2015 - pgaj...@suse.com
+
+- add reference upstream bug#58188 along httpd-2.4.12-lua-5.2.patch
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.mQh7mN/_old  2015-08-07 00:18:25.0 +0200
+++ /var/tmp/diff_new_pack.mQh7mN/_new  2015-08-07 00:18:25.0 +0200
@@ -120,7 +120,7 @@
 # PATCH-FEATURE-UPSTREAM httpd-2.4.3-mod_systemd.patch 
crrodrig...@opensuse.org simple module provides systemd integration.
 Patch109:   httpd-2.4.3-mod_systemd.patch
 Patch111:   httpd-visibility.patch
-# PATCH-FIX-UPSTREAM marguer...@opensuse.org -- compability for lua 5.2+
+# PATCH-FIX-UPSTREAM marguer...@opensuse.org -- compability for lua 5.2+ 
https://bz.apache.org/bugzilla/show_bug.cgi?id=58188
 Patch114:  httpd-2.4.12-lua-5.2.patch
 BuildRequires:  automake
 BuildRequires:  db-devel







commit apache2 for openSUSE:Factory

2015-07-23 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-07-23 15:21:28

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-07-20 
11:21:49.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-07-23 
15:21:30.0 +0200
@@ -1,0 +2,10 @@
+Mon Jul 20 13:35:21 UTC 2015 - kstreit...@suse.com
+
+- update to 2.4.16
+  * changes http://www.apache.org/dist/httpd/CHANGES_2.4.16
+  * remove the following patches (fixed in 2.4.16)
+  * httpd-2.4.x-mod_lua_websocket_DoS.patch
+  * httpd-2.4.12-CVE-2015-0253.patch
+  * update httpd-2.4.12-lua-5.2.patch
+
+---

Old:

  httpd-2.4.12-CVE-2015-0253.patch
  httpd-2.4.12.tar.bz2
  httpd-2.4.x-mod_lua_websocket_DoS.patch

New:

  httpd-2.4.16.tar.bz2



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.TVBZVi/_old  2015-07-23 15:21:31.0 +0200
+++ /var/tmp/diff_new_pack.TVBZVi/_new  2015-07-23 15:21:31.0 +0200
@@ -50,7 +50,7 @@
 %define mods_static unixd
 %endif
 Name:   apache2
-Version:2.4.12
+Version:2.4.16
 Release:0
 Summary:The Apache Web Server Version 2.4
 License:Apache-2.0
@@ -120,9 +120,6 @@
 # PATCH-FEATURE-UPSTREAM httpd-2.4.3-mod_systemd.patch 
crrodrig...@opensuse.org simple module provides systemd integration.
 Patch109:   httpd-2.4.3-mod_systemd.patch
 Patch111:   httpd-visibility.patch
-# PATCH-FIX-UPSTREAM bnc#918352 kstreit...@suse.com -- fix mod_lua - 
maliciously crafted websockets PING after a script calls r:wsupgrade() can 
cause a child process crash
-Patch112:   httpd-2.4.x-mod_lua_websocket_DoS.patch
-Patch113:   httpd-2.4.12-CVE-2015-0253.patch
 # PATCH-FIX-UPSTREAM marguer...@opensuse.org -- compability for lua 5.2+
 Patch114:  httpd-2.4.12-lua-5.2.patch
 BuildRequires:  automake
@@ -306,8 +303,6 @@
 %patch109 -p1
 %endif
 %patch111 -p1
-%patch112 -p1
-%patch113 -p3
 %patch114 -p1
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs




++ httpd-2.4.12-lua-5.2.patch ++
--- /var/tmp/diff_new_pack.TVBZVi/_old  2015-07-23 15:21:32.0 +0200
+++ /var/tmp/diff_new_pack.TVBZVi/_new  2015-07-23 15:21:32.0 +0200
@@ -1,29 +1,23 @@
-Index: httpd-2.4.12/modules/lua/mod_lua.c
+Index: httpd-2.4.16/modules/lua/mod_lua.c
 ===
 httpd-2.4.12.orig/modules/lua/mod_lua.c
-+++ httpd-2.4.12/modules/lua/mod_lua.c
-@@ -1072,9 +1072,17 @@ static const char *register_named_block_
- else {
- luaL_Buffer b;
- luaL_buffinit(lvm, &b);
-+#if LUA_VERSION_NUM < 503
+--- httpd-2.4.16.orig/modules/lua/mod_lua.c
 httpd-2.4.16/modules/lua/mod_lua.c
+@@ -1078,7 +1078,11 @@ static const char *register_named_block_
  lua_dump(lvm, ldump_writer, &b);
-+#else
-+  lua_dump(lvm, ldump_writer, &b, 0);
-+#endif
+ #endif
  luaL_pushresult(&b);
 +#if LUA_VERSION_NUM < 502
  spec->bytecode_len = lua_strlen(lvm, -1);
 +#else
-+  spec->bytecode_len = lua_rawlen(lvm, -1);
++spec->bytecode_len = lua_rawlen(lvm, -1);
 +#endif
  spec->bytecode = apr_pstrmemdup(cmd->pool, lua_tostring(lvm, -1),
  spec->bytecode_len);
  lua_close(lvm);
-Index: httpd-2.4.12/modules/lua/lua_apr.c
+Index: httpd-2.4.16/modules/lua/lua_apr.c
 ===
 httpd-2.4.12.orig/modules/lua/lua_apr.c
-+++ httpd-2.4.12/modules/lua/lua_apr.c
+--- httpd-2.4.16.orig/modules/lua/lua_apr.c
 httpd-2.4.16/modules/lua/lua_apr.c
 @@ -82,7 +82,11 @@ static const luaL_Reg lua_table_methods[
  int ap_lua_init(lua_State *L, apr_pool_t *p)
  {
@@ -36,10 +30,10 @@
  lua_pushstring(L, "__index");
  lua_pushstring(L, "get");
  lua_gettable(L, 2);
-Index: httpd-2.4.12/modules/lua/lua_config.c
+Index: httpd-2.4.16/modules/lua/lua_config.c
 ===
 httpd-2.4.12.orig/modules/lua/lua_config.c
-+++ httpd-2.4.12/modules/lua/lua_config.c
+--- httpd-2.4.16.orig/modules/lua/lua_config.c
 httpd-2.4.16/modules/lua/lua_config.c
 @@ -263,13 +263,20 @@ void ap_lua_load_config_lmodule(lua_Stat
  lua_pushvalue(L, -1);
  
@@ -62,10 +56,10 @@
 +#endif
  
  }
-Index: httpd-2.4.12/modules/lua/lua_request.c
+Index: httpd-2.4.16/modules/lua/lua_request.c
 ===

commit apache2 for openSUSE:Factory

2015-07-20 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-07-20 11:21:48

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-07-14 
17:20:54.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-07-20 
11:21:49.0 +0200
@@ -1,0 +2,31 @@
+Sat Jul 18 03:50:24 UTC 2015 - i...@marguerite.su
+
+- add patch: httpd-2.4.12-lua-5.2.patch
+  * lua_dump introduced a new strip option in 5.3, set it to 0 
+to get the old behavior
+  * luaL_register was deprecated in 5.2, use luaL_setfuncs and
+luaL_newlib instead
+  * luaL_optint was deprecated in 5.3, use luaL_optinteger instead
+  * lua_strlen and lua_objlen wad deprecated in 5.2, use lua_rawlen
+instead
+
+---
+Thu Jul 16 08:46:22 UTC 2015 - pgaj...@suse.com
+
+- change Provides: from suse_maintenance_mmn = # to 
+  suse_maintenance_mmn_#
+
+---
+Wed Jul 15 14:47:33 UTC 2015 - pgaj...@suse.com
+
+- apache2 Suggests:, not Recommends: apache2-prefork; that means
+  for example, that `zypper in apache2-worker` will not pull 
+  apache2-prefork also
+- installing /usr/sbin/httpd link:
+  * do not try to install it in '%post ' when apache2 (which 
+includes /usr/share/apache2/script-helpers) is not installed 
+yet (fixes installation on 11sp3)
+  * install it in '%post' if apache2 is installed after 
+apache2- to be sure it is there
+
+---

New:

  httpd-2.4.12-lua-5.2.patch



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.2IClQI/_old  2015-07-20 11:21:51.0 +0200
+++ /var/tmp/diff_new_pack.2IClQI/_new  2015-07-20 11:21:51.0 +0200
@@ -123,6 +123,8 @@
 # PATCH-FIX-UPSTREAM bnc#918352 kstreit...@suse.com -- fix mod_lua - 
maliciously crafted websockets PING after a script calls r:wsupgrade() can 
cause a child process crash
 Patch112:   httpd-2.4.x-mod_lua_websocket_DoS.patch
 Patch113:   httpd-2.4.12-CVE-2015-0253.patch
+# PATCH-FIX-UPSTREAM marguer...@opensuse.org -- compability for lua 5.2+
+Patch114:  httpd-2.4.12-lua-5.2.patch
 BuildRequires:  automake
 BuildRequires:  db-devel
 BuildRequires:  ed
@@ -140,6 +142,7 @@
 BuildRequires:  zlib-devel
 Requires:   %{_sysconfdir}/mime.types
 Requires:   %{name}-MPM
+Suggests:   apache2-%{default_mpm}
 Requires:   logrotate
 Requires(post): %insserv_prereq %fillup_prereq permissions pwdutils
 Requires(post): %{name}-utils
@@ -147,9 +150,8 @@
 Requires(post): grep
 Requires(post): sed
 Requires(post): textutils
-Recommends: apache2-%{default_mpm}
 Provides:   %{apache_mmn}
-Provides:   suse_maintenance_mmn = %{suse_maintenance_mmn}
+Provides:   suse_maintenance_mmn_%{suse_maintenance_mmn}
 Provides:   http_daemon
 Provides:   httpd
 Provides:   suse_help_viewer
@@ -306,6 +308,7 @@
 %patch111 -p1
 %patch112 -p1
 %patch113 -p3
+%patch114 -p1
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{SOURCE22})
@@ -1244,28 +1247,52 @@
 
 %if %{prefork}
 %post prefork
-# install /usr/sbin/httpd
-. /usr/share/apache2/script-helpers
-find_mpm
-ln -sf $HTTPD_SBIN_BASE-$HTTPD_MPM $HTTPD_SBIN_BASE
+# install /usr/sbin/httpd link
+if [ -f /usr/share/apache2/script-helpers ]; then
+  # it might happen that apache2 including 
+  # /usr/share/apache2/script-helpers is not installed 
+  # yet even if apache2- has Requires(post): apache2
+  # because of circular dependency between apache2
+  # and apache2-MPM
+  . /usr/share/apache2/script-helpers
+  find_mpm
+  ln -sf $HTTPD_SBIN_BASE-$HTTPD_MPM $HTTPD_SBIN_BASE
+fi
+#
 exit 0
 %endif
 
 %if %{worker}
 %post worker
-# install /usr/sbin/httpd
-. /usr/share/apache2/script-helpers
-find_mpm
-ln -sf $HTTPD_SBIN_BASE-$HTTPD_MPM $HTTPD_SBIN_BASE
+# install /usr/sbin/httpd link
+if [ -f /usr/share/apache2/script-helpers ]; then
+  # it might happen that apache2 including 
+  # /usr/share/apache2/script-helpers is not installed 
+  # yet even if apache2- has Requires(post): apache2
+  # because of circular dependency between apache2
+  # and apache2-MPM
+  . /usr/share/apache2/script-helpers
+  find_mpm
+  ln -sf $HTTPD_SBIN_BASE-$HTTPD_MPM $HTTPD_SBIN_BASE
+fi
+#
 exit 0
 %endif
 
 %if %{event}
 %post event
-# install /usr/sbin/httpd
-. /usr/share/apache2/script-helpers
-find_mpm
-ln -sf $HTTPD_SBIN_BASE-$HTTPD_MPM $HTTPD_SBIN_BASE
+# install /usr/sbin/httpd link
+if [ -f /usr/share/apache2/sc

commit apache2 for openSUSE:Factory

2015-07-14 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-07-14 17:20:52

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-06-17 
16:14:59.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-07-14 
17:20:54.0 +0200
@@ -1,0 +2,119 @@
+Tue Jul 14 07:32:00 UTC 2015 - pgaj...@suse.com
+
+- access_compat shared also for 11sp3
+
+---
+Mon Jul 13 15:14:20 UTC 2015 - pgaj...@suse.com
+
+- apache2-implicit-pointer-decl.patch renamed to 
+  httpd-implicit-pointer-decl.patch to align with other
+  patches names
+
+---
+Mon Jul 13 15:12:29 UTC 2015 - pgaj...@suse.com
+
+- apachectl is now wrapper to start_apache2; therefore, it honors 
+  HTTPD_INSTANCE variable, see README-instances.txt for details 
+  + httpd-apachectl.patch
+  - httpd-2.4.10-apachectl.patch
+
+---
+Mon Jul 13 13:37:53 UTC 2015 - pgaj...@suse.com
+
+- a2enmod/a2dismod and a2enflag/a2disflag now respect 
+  HTTPD_INSTANCE= environment variable, which can be 
+  used to specify apache instance name; sysconfig file is expected 
+  at /etc/sysconfig/apache2@ 
+ (see README-instances.txt for details)
+
+---
+Mon Jul 13 11:21:43 UTC 2015 - pgaj...@suse.com
+
+- provides suse_maintenance_mmn symbol [bnc#915666] (internal)
+
+---
+Mon Jul 13 10:05:17 UTC 2015 - pgaj...@suse.com
+
+- credits to Roman Drahtmueller:
+  * add reference to /etc/permissions.local to output of %post if
+setting the permissions of suexec2 fails
+  * do not enable mod_php5 by default any longer
+  * httpd-2.0.49-log_server_status.dif obsoleted
+  * apache2-mod_ssl_npn.patch removed because not used
+  * include mod_reqtimeout.conf in httpd.conf
+  * added cgid-timeout.conf, include
+it in httpd.conf
+- fix default value APACHE_MODULES in sysconfig file
+- %service_* macros for apache2@.service
+
+---
+Mon Jul 13 09:52:21 UTC 2015 - pgaj...@suse.com
+
+- reenable 690734.patch, it should be upstreamed by the author 
+  (Adrian Schroeter) though
+   + httpd-2.4.9-bnc690734.patch
+   - httpd-2.2.x-bnc690734.patch
+
+---
+Mon Jul 13 09:51:34 UTC 2015 - pgaj...@suse.com
+
+- drop startssl from start_apache2
+
+---
+Wed Jul  1 09:41:31 UTC 2015 - pgaj...@suse.com
+
+- allow to run multiple instances of Apache on one system
+  [fate#317786] (internal)
+  * distributed httpd.conf no longer includes sysconfig.d, nor this 
+directory is shipped. httpd.conf includes loadmodule.conf and 
+global.conf which are former sysconfig.d/loadmodule.conf and 
+sysconfig.d/global.conf for default /etc/sysconfig/apache2
+global.conf and loadmodule.conf are not included when
+sysconfig variables could have been read by start_apache2
+startup script (run with systemd services). Therefore, when
+starting server via /usr/sbin/httpd, sysconfig variables
+are not taken into account.
+  * some not-maintained scripts are moved from
+/usr/share/apache2 to /usr/share/apache2/deprecated-scripts
+  * all modules comment in sysconfig file is not generated 
+anymore
+  * added README-instances.txt
+  * removed Sources:
+load_configuration
+find_mpm
+get_module_list
+get_includes
+find_httpd_includes
+apache-find-directives
+  * added Sources:
+deprecated-scripts.tar.xz
+apache2-README-instances.txt
+apache2-loadmodule.conf
+apache2-global.conf
+apache2-find-directives
+apache2@.service
+apache2-script-helpers
+
+---
+Thu Jun 25 15:52:14 UTC 2015 - kstreit...@suse.com
+
+- add SSLHonorCipherOrder directive to apache2-ssl-global.conf
+- adopt SSLCipherSuite directive value from SLE12
+- remove default-vhost-ssl.conf and default-vhost.conf from
+  /etc/apache2. These two files are not (!) read by the 
+  configuration framework, but are named *.conf, which is
+  misleading. The files are almost identical with the vhost 
+  templates in /etc/apache2/vhosts.d/. The two templates there do
+  it right because they are not named *.conf and are not sourced
+  either. apache's response with no explicit (eg. default, vanilla) 
+  configuration is contained in /etc/apache2/defaul

commit apache2 for openSUSE:Factory

2015-06-17 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-06-17 16:14:58

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-06-10 
09:15:14.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-06-17 
16:14:59.0 +0200
@@ -1,0 +2,7 @@
+Thu Jun 11 09:09:05 UTC 2015 - pgaj...@suse.com
+
+- dropped 2.0 -> 2.2 modules transition during upgrade
+  * apache-20-22-upgrade renamed to apache-22-24-upgrade
+- apache-*-upgrade script is called in %posttrans now [bnc#927223]
+
+---

Old:

  apache-20-22-upgrade

New:

  apache-22-24-upgrade



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.yeLNM2/_old  2015-06-17 16:15:00.0 +0200
+++ /var/tmp/diff_new_pack.yeLNM2/_new  2015-06-17 16:15:00.0 +0200
@@ -105,7 +105,7 @@
 Source132:  apache2-default-vhost.conf
 Source133:  apache2-default-vhost-ssl.conf
 Source140:  apache2-check_forensic
-Source141:  apache-20-22-upgrade
+Source141:  apache-22-24-upgrade
 Source142:  start_apache2
 Source143:  apache2-systemd-ask-pass
 Source144:  apache2.service
@@ -544,7 +544,7 @@
 install -m 755 $RPM_SOURCE_DIR/find_mpm   
%{buildroot}/%{_datadir}/%{name}/
 install -m 755 $RPM_SOURCE_DIR/get_includes   
%{buildroot}/%{_datadir}/%{name}/
 install -m 755 $RPM_SOURCE_DIR/find_httpd_includes 
%{buildroot}/%{_datadir}/%{name}/
-install -m 755 $RPM_SOURCE_DIR/apache-20-22-upgrade 
%{buildroot}/%{_datadir}/%{name}/
+install -m 755 $RPM_SOURCE_DIR/apache-22-24-upgrade 
%{buildroot}/%{_datadir}/%{name}/
 sed 's+%{_prefix}/lib+%{_libdir}+' $RPM_SOURCE_DIR/get_module_list \
> %{buildroot}/%{_datadir}/%{name}/get_module_list
 chmod 755 %{buildroot}/%{_datadir}/%{name}/get_module_list
@@ -822,7 +822,7 @@
 %{_libdir}/%{name}/mod_*.so
 %dir %{installbuilddir}
 %dir %{_datadir}/%{name}
-%{_datadir}/%{name}/apache-20-22-upgrade
+%{_datadir}/%{name}/apache-22-24-upgrade
 %{_datadir}/%{name}/get_module_list
 %{_datadir}/%{name}/get_includes
 %{_datadir}/%{name}/find_httpd_includes
@@ -1354,10 +1354,12 @@
 fi
 
 rm -rf $tmpdir
-%{_datadir}/%{name}/apache-20-22-upgrade
 %{_datadir}/%{name}/get_module_list >/dev/null 2>&1
 exit 0
 
+%posttrans
+%{_datadir}/%{name}/apache-22-24-upgrade
+
 %verifyscript
 %verify_permissions -e %{_sbindir}/suexec
 


++ apache-20-22-upgrade -> apache-22-24-upgrade ++
--- /work/SRC/openSUSE:Factory/apache2/apache-20-22-upgrade 2013-10-24 
14:07:26.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache-22-24-upgrade
2015-06-17 16:14:59.0 +0200
@@ -1,66 +1,8 @@
 #!/bin/bash
 
-# obsolete 2.0 modules -> 2.2 modules
+# obsolete 2.2 modules -> 2.4 modules
 
-echo 'looking for old 2.0 modules to be renamed...'
-
-if a2enmod -q auth; then
-   echo 'auth -> auth_basic authn_file'
-
-   a2dismod auth 
-   a2enmod auth_basic 
-   a2enmod authn_file
-   a2enmod authz_groupfile
-   a2enmod authz_default
-   a2enmod authz_user
-   cat <<-EOF
-   
-   
-   !!!ATTENTION!!!
-   
-   If you use basic authentication, you will need to update your
-   configuration. Typically, you need to add
-AuthBasicProvider file
-   (example for file-based authentication) below "AuthType Basic".
-   
-   !!!ATTENTION!!!
-   
-   
-   EOF
-
-fi
-
-if a2enmod -q access; then
-   echo 'access -> authz_host'
-   a2dismod access 
-   a2enmod authz_host 
-fi
-
-if a2enmod -q auth_dbm; then
-   echo 'auth_dbm -> authn_dbm'
-   a2dismod auth_dbm
-   a2enmod authn_dbm
-fi
-
-if a2enmod -q imap; then
-   echo 'imap -> imagemap'
-   a2dismod imap
-   a2enmod imagemap
-fi
-
-if a2enmod -q image_map; then
-   echo 'image_map -> imagemap'
-   a2dismod image_map
-   a2enmod imagemap
-fi
-
-if a2enmod -q auth_ldap; then
-   echo 'auth_ldap -> mod_authnz_ldap'
-   a2dismod auth_ldap
-   a2enmod mod_authnz_ldap
-fi
-
-for module in mod_authn_default mod_authz_default mod_mem_cache authz_default; 
do
+for module in mod_authn_default mod_authz_default mod_mem_cache authz_default 
authn_default mem_cache; do
if a2enmod -q "$module"; then
echo "!!ATTENTION! $module was removed from apache version 2.4 or 
later, CHECK YOUR CONFIGURATION!!!"
a2dismod "$module"
@@ -78,5 +20,3 @@
 if ! a2enmod -q log_config; then
   a2enmod log_config
 fi
-
-echo 'Done.'






commit apache2 for openSUSE:Factory

2015-06-10 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-06-10 09:15:13

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-05-28 
09:48:36.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-06-10 
09:15:14.0 +0200
@@ -1,0 +2,19 @@
+Tue Jun  9 09:04:32 UTC 2015 - pgaj...@suse.com
+
+- fix find_mpm to echo mpm binary
+
+---
+Tue Jun  2 23:17:40 UTC 2015 - crrodrig...@opensuse.org
+
+- apache2.service: Only order us after network.target and 
+  nss-lookup.target but not pull the units in.
+- apache2.service: SSL requires correct system time to
+  work properly, order after time-sync.target
+
+---
+Tue May 26 11:57:44 UTC 2015 - pgaj...@suse.com
+
+- align filenames with upstream names (and add compat symlinks)
+- find_httpd2_includes renamed to find_httpd_includes
+
+---

Old:

  find_httpd2_includes

New:

  find_httpd_includes



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.MVSNjg/_old  2015-06-10 09:15:17.0 +0200
+++ /var/tmp/diff_new_pack.MVSNjg/_new  2015-06-10 09:15:17.0 +0200
@@ -16,8 +16,6 @@
 #
 
 
-%define vers   2
-%define httpd  httpd2
 %define apache_mmn %(test -s %{SOURCE0} && { echo -n apache_mmn_; bzcat 
%{SOURCE0} | awk '/^#define MODULE_MAGIC_NUMBER_MAJOR/ {printf "%d", $3}'; })
 %definedefault_mpm prefork
 %{!?prefork:%define prefork 1}
@@ -78,7 +76,7 @@
 Source41:   find_mpm
 Source42:   get_module_list
 Source43:   get_includes
-Source44:   find_httpd2_includes
+Source44:   find_httpd_includes
 # sysconf_addword is part of aaa_base.rpm starting with openSUSE 11.0
 # we bring our own copy for the cases where it is not available
 Source45:   sysconf_addword
@@ -343,7 +341,7 @@
CPPFLAGS="-DSSL_EXPERIMENTAL_ENGINE -DMAX_SERVER_LIMIT=20 
-DLDAP_DEPRECATED -DMAXLINE=4096" \
./configure \
--enable-layout=SuSE81%(test "%{_lib}" = lib64 && echo -n _64) \
-   --with-program-name=httpd%{vers}$mpm_suffix \
+   --with-program-name=httpd$mpm_suffix \
--with-apr=%{_bindir}/apr-1-config \
--with-apr-util=%{_bindir}/apu-1-config \
--with-mpm=$mpm \
@@ -391,7 +389,7 @@
--enable-optional-fn-import \
--enable-optional-fn-export \
--enable-suexec \
-   --with-suexec-bin=%{_sbindir}/suexec%{vers} \
+   --with-suexec-bin=%{_sbindir}/suexec \
--with-suexec-caller=%{httpduser} \
--with-suexec-docroot=%{datadir} \
--with-suexec-logfile=%{logfiledir}/suexec.log \
@@ -410,7 +408,7 @@
echo -e "\n\n\n \e[01m* Building $mpm MPM *\e[00m\n\n\n"
export mpm_suffix=-$mpm
configure
-   sed "s/%{vers}-$mpm//" include/ap_config_auto.h > 
include/ap_config_auto.h.new
+   sed "s/-$mpm//" include/ap_config_auto.h > include/ap_config_auto.h.new
mv include/ap_config_auto.h.new include/ap_config_auto.h
sed -i -e "s@%{_localstatedir}/run@%{runtimedir}@g" 
include/ap_config_layout.h
 
@@ -422,8 +420,8 @@
echo;echo;echo; diff -U1 docs/conf/ssl-std.conf.in   
docs/conf/ssl-std.conf ||:
# show compile settings
pwd
-   printf "\n\n\n"; ./%{httpd}$mpm_suffix -V
-   printf "\n\n\n"; ./%{httpd}$mpm_suffix -l
+   printf "\n\n\n"; ./httpd$mpm_suffix -V
+   printf "\n\n\n"; ./httpd$mpm_suffix -l
#mv %{buildroot}/%{sysconfdir}/httpd-std.conf 
%{buildroot}/%{sysconfdir}/httpd-std.conf$mpm_suffix
#mv %{buildroot}/%{sysconfdir}/httpd2-prefork.conf 
%{buildroot}/%{sysconfdir}/httpd-std.conf$mpm_suffix
# fix up and rename config_vars file: remove references to the RPM 
build dir;
@@ -442,13 +440,13 @@
 
 # remove references to mpm type in config_vars
 sed -e "s^%{_libdir}/%{name}-%{default_mpm}^%{_libdir}/%{name}^" \
--e "s/httpd$/%{httpd}-%{default_mpm}/" \
+-e "s/httpd$/httpd-%{default_mpm}/" \
 -e "s/%{name}-%{default_mpm}/%{name}/" \
   < %{buildroot}/%{installbuilddir}/config_vars.mk-%{default_mpm} \
   > %{buildroot}/%{installbuilddir}/config_vars.mk
 
 # get rid of modules that do not differ between the MPMs (since most of them 
are the same)
-# by putting them in /usr/lib/apache%{vers}
+# by putting them in

commit apache2 for openSUSE:Factory

2015-05-28 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-05-28 09:48:35

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-05-16 
20:07:24.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-05-28 
09:48:36.0 +0200
@@ -1,0 +2,10 @@
+Mon May 25 10:27:13 UTC 2015 - pgaj...@suse.com
+
+- access_compat now built as shared and disabled by default
+- amend config to use also old syntax when access_compat is
+  loaded
+- added apache2-README-access_compat.txt
+- added apache-find-directive script
+- see [bnc#896083] and its duplicates
+
+---

New:

  apache-find-directives
  apache2-README-access_compat.txt



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.4LDgPy/_old  2015-05-28 09:48:39.0 +0200
+++ /var/tmp/diff_new_pack.4LDgPy/_new  2015-05-28 09:48:39.0 +0200
@@ -45,7 +45,7 @@
 %define httpdgroup www
 %if 0%{?suse_version} >= 1220
 %define runtimedir /run
-%define mods_static access_compat unixd systemd
+%define mods_static unixd systemd
 %else
 %define runtimedir %{_localstatedir}/run
 %define mods_static access_compat unixd
@@ -70,6 +70,7 @@
 Source23:   apache2-README.QUICKSTART
 Source24:   apache2-README.default-vhost
 Source25:   gensslcert
+Source26:   apache2-README-access_compat.txt
 Source27:   %{name}.logrotate
 Source28:   permissions.%{name}
 Source29:   apache-ssl-stuff.tar.bz2
@@ -110,6 +111,7 @@
 Source142:  start_apache2
 Source143:  apache2-systemd-ask-pass
 Source144:  apache2.service
+Source145:  apache-find-directives
 Patch2: httpd-2.1.3alpha-layout.dif
 Patch23:httpd-2.4.10-apachectl.patch
 #Patch65:httpd-2.0.49-log_server_status.dif
@@ -319,6 +321,8 @@
 cp %{SOURCE23} ./${b##%{name}-}
 c=$(basename %{SOURCE24})
 cp %{SOURCE24} ./${c##%{name}-}
+d=$(basename %{SOURCE26})
+cp %{SOURCE26} ./${d##%{name}-}
 
 #
 # replace PLATFORM string that's seen in the "Server:" header
@@ -516,6 +520,7 @@
 mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d
 install -m 644 $RPM_SOURCE_DIR/%{name}.logrotate 
%{buildroot}%{_sysconfdir}/logrotate.d/%{name}
 install -m 755 $RPM_SOURCE_DIR/apache2-check_forensic 
%{buildroot}/%{_bindir}/check_forensic%{vers}
+install -m 755 $RPM_SOURCE_DIR/apache-find-directives %{buildroot}/%{_bindir}
 #
 # xml stuff
 install -d %{buildroot}%{_datadir}/omc/svcinfo.d/
@@ -811,6 +816,7 @@
 %{_sbindir}/%{httpd}-prefork
 %dir %{_libdir}/%{name}-prefork
 # hardcoded list so we do not lose mods by accident
+%{_libdir}/%{name}-prefork/mod_access_compat.so
 %{_libdir}/%{name}-prefork/mod_actions.so
 %{_libdir}/%{name}-prefork/mod_alias.so
 %{_libdir}/%{name}-prefork/mod_allowmethods.so
@@ -929,6 +935,7 @@
 %{_sbindir}/%{httpd}-worker
 %dir %{_libdir}/%{name}-worker
 # hardcoded list so we do not lose mods by accident
+%{_libdir}/%{name}-worker/mod_access_compat.so
 %{_libdir}/%{name}-worker/mod_actions.so
 %{_libdir}/%{name}-worker/mod_alias.so
 %{_libdir}/%{name}-worker/mod_allowmethods.so
@@ -1047,6 +1054,7 @@
 %{_sbindir}/%{httpd}-event
 %dir %{_libdir}/%{name}-event
 # hardcoded list so we do not lose mods by accident
+%{_libdir}/%{name}-event/mod_access_compat.so
 %{_libdir}/%{name}-event/mod_actions.so
 %{_libdir}/%{name}-event/mod_alias.so
 %{_libdir}/%{name}-event/mod_allowmethods.so
@@ -1195,6 +1203,7 @@
 %{_mandir}/man8/fcgistarter2.8.*
 %{_bindir}/check_forensic%{vers}
 %{_bindir}/dbmmanage%{vers}
+%{_bindir}/apache-find-directives
 %{_bindir}/gensslcert
 %{_bindir}/htdbm%{vers}
 %{_bindir}/htdigest%{vers}


++ apache-find-directives ++
#!/bin/bash

exit_code=1

function usage
{
  echo "Check for directives in apache configuration (including"
  echo "potentially reachable .htaccess files)"
  echo ""
  echo "Usage: $0 [options]"
  echo ""
  echo "   options: "
  echo "  -s stringsystem configuration root"
  echo "   [default: $system_conf_root]"
  echo "  -d stringdirectives to search"
  echo "   [default: $check_directives]"
  echo "  -n stringhtaccess file name(s)"
  echo "   [default: $htaccess_names]"
  echo "  -q   do not print where directive(s) was found"
  echo "  -v   as -v plus trace and matched lines"
  echo "  -h   this help"
  echo ""
  echo "Return Value:  0at least one occurence found in apache config"
  echo 

commit apache2 for openSUSE:Factory

2015-05-16 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-05-16 20:07:23

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-05-06 
11:18:11.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-05-16 
20:07:24.0 +0200
@@ -1,0 +2,8 @@
+Mon May 11 13:34:40 UTC 2015 - h...@suse.com
+
+- add httpd-2.4.12-CVE-2015-0253.patch to fix SECURITY: CVE-2015-0253
+  (cve.mitre.org) core: Fix a crash introduced in with ErrorDocument
+  400 pointing to a local URL-path with the INCLUDES filter active,
+  introduced in 2.4.11. PR 57531. [Yann Ylavic]
+
+---

New:

  httpd-2.4.12-CVE-2015-0253.patch



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.Z7zxBu/_old  2015-05-16 20:07:25.0 +0200
+++ /var/tmp/diff_new_pack.Z7zxBu/_new  2015-05-16 20:07:25.0 +0200
@@ -126,6 +126,7 @@
 Patch111:   httpd-visibility.patch
 # PATCH-FIX-UPSTREAM bnc#918352 kstreit...@suse.com -- fix mod_lua - 
maliciously crafted websockets PING after a script calls r:wsupgrade() can 
cause a child process crash
 Patch112:   httpd-2.4.x-mod_lua_websocket_DoS.patch
+Patch113:   httpd-2.4.12-CVE-2015-0253.patch
 BuildRequires:  automake
 BuildRequires:  db-devel
 BuildRequires:  ed
@@ -309,6 +310,7 @@
 %endif
 %patch111 -p1
 %patch112 -p1
+%patch113 -p3
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{SOURCE22})




++ httpd-2.4.12-CVE-2015-0253.patch ++
SECURITY: CVE-2015-0253 (cve.mitre.org)
core: Fix a crash introduced in with ErrorDocument 400 pointing
to a local URL-path with the INCLUDES filter active, introduced
in 2.4.11. PR 57531. [Yann Ylavic]
--- httpd/httpd/trunk/server/protocol.c 2015/03/05 02:31:42 1664204
+++ httpd/httpd/trunk/server/protocol.c 2015/03/05 02:33:16 1664205
@@ -606,8 +606,6 @@
  */
 if (APR_STATUS_IS_ENOSPC(rv)) {
 r->status= HTTP_REQUEST_URI_TOO_LARGE;
-r->proto_num = HTTP_VERSION(1,0);
-r->protocol  = apr_pstrdup(r->pool, "HTTP/1.0");
 }
 else if (APR_STATUS_IS_TIMEUP(rv)) {
 r->status = HTTP_REQUEST_TIME_OUT;
@@ -615,6 +613,8 @@
 else if (APR_STATUS_IS_EINVAL(rv)) {
 r->status = HTTP_BAD_REQUEST;
 }
+r->proto_num = HTTP_VERSION(1,0);
+r->protocol  = apr_pstrdup(r->pool, "HTTP/1.0");
 return 0;
 }
 } while ((len <= 0) && (++num_blank_lines < max_blank_lines));



commit apache2 for openSUSE:Factory

2015-05-06 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-05-06 11:18:10

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-04-12 
00:09:48.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-05-06 
11:18:11.0 +0200
@@ -1,0 +2,13 @@
+Tue May  5 12:36:10 UTC 2015 - kstreit...@suse.com
+
+- simplify apache2.logrotate, use sharedscripts [bnc#713581]
+
+---
+Tue May  5 12:17:21 UTC 2015 - kstreit...@suse.com
+
+- remove curly brackets around format sequence "%y" in 
+  `stat --format="%{y}" %{SOURCE1}` that caused an incorrect
+  evaluation. Add escaping to proper spec-cleaner processing in
+  the future
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.OcY8Ee/_old  2015-05-06 11:18:13.0 +0200
+++ /var/tmp/diff_new_pack.OcY8Ee/_new  2015-05-06 11:18:13.0 +0200
@@ -324,7 +324,7 @@
 sed 's,(" PLATFORM "),(%{platform_string}),' server/core.c > tmp_file && mv 
tmp_file server/core.c
 sed 's/public_html/%{userdir}/g' docs/conf/extra/httpd-userdir.conf.in > 
tmp_file && mv tmp_file docs/conf/extra/httpd-userdir.conf.in
 # Use mtime of .changes for build time
-CHANGES=`stat --format="%{y}" %{SOURCE1}`
+CHANGES=`stat --format="%%y" %{SOURCE1}`
 sed -i -e "s/__DATE__ \" \" __TIME__;/\"$CHANGES\";/" server/buildmark.c
 #
 # now configure Apache


++ apache2.logrotate ++
--- /var/tmp/diff_new_pack.OcY8Ee/_old  2015-05-06 11:18:13.0 +0200
+++ /var/tmp/diff_new_pack.OcY8Ee/_new  2015-05-06 11:18:13.0 +0200
@@ -1,4 +1,4 @@
-/var/log/apache2/access_log {
+/var/log/apache2/access_log /var/log/apache2/ssl_request_log {
 compress
 dateext
 maxage 365
@@ -7,12 +7,14 @@
 notifempty
 missingok
 create 644 root root
+sharedscripts
 postrotate
-systemctl reload apache2.service
+ systemctl reload apache2.service
+ sleep 60
 endscript
 }
 
-/var/log/apache2/error_log {
+/var/log/apache2/error_log /var/log/apache2/suexec.log 
/var/log/apache2/ssl_engine_log /var/log/apache2/deflate.log {
 compress
 dateext
 maxage 365
@@ -21,49 +23,9 @@
 notifempty
 missingok
 create 644 root root
+sharedscripts
 postrotate
-systemctl reload apache2.service
-endscript
-}
-
-/var/log/apache2/suexec.log {
-compress
-dateext
-maxage 365
-rotate 99
-size=+1024k
-notifempty
-missingok
-create 644 root root
-postrotate
-systemctl reload apache2.service
-endscript
-}
-
-/var/log/apache2/ssl_request_log {
-compress
-dateext
-maxage 365
-rotate 99
-size=+4096k
-notifempty
-missingok
-create 644 root root
-postrotate
-systemctl reload apache2.service
-endscript
-}
-
-/var/log/apache2/ssl_engine_log {
-compress
-dateext
-maxage 365
-rotate 99
-size=+1024k
-notifempty
-missingok
-create 644 root root
-postrotate
-systemctl reload apache2.service
+ systemctl reload apache2.service
+ sleep 60
 endscript
 }






commit apache2 for openSUSE:Factory

2015-04-11 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-04-12 00:09:47

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-03-12 
16:38:18.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-04-12 
00:09:48.0 +0200
@@ -1,0 +2,19 @@
+Thu Apr  9 15:53:27 UTC 2015 - kstreit...@suse.com
+
+- remove 'exit 0' from the %post section in the specfile that was
+  placed here incorrectly and caused that the rest of the %post
+  section couldn't be executed. 
+
+---
+Thu Apr  9 13:12:46 UTC 2015 - pgaj...@suse.com
+
+- /etc/init.d/apache2 reload -> systemctl reload apache2.service
+  in apache2.logrotate [bnc#926523]
+
+---
+Mon Mar 30 08:42:07 UTC 2015 - pgaj...@suse.com
+
+- authz_default -> authz_core in sysconfig.apache2/APACHE_MODULES
+  [bnc#922236]
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.3FQpNC/_old  2015-04-12 00:09:50.0 +0200
+++ /var/tmp/diff_new_pack.3FQpNC/_new  2015-04-12 00:09:50.0 +0200
@@ -1295,7 +1295,6 @@
chown --reference=./%{sysconfdir}/httpd.conf $tmpfile
cmp -s $tmpfile ./%{sysconfdir}/httpd.conf || cp -p $tmpfile 
./%{sysconfdir}/httpd.conf
 fi
-exit 0
 
 rm -rf $tmpdir
 %{_datadir}/%{name}/apache-20-22-upgrade


++ apache2.logrotate ++
--- /var/tmp/diff_new_pack.3FQpNC/_old  2015-04-12 00:09:50.0 +0200
+++ /var/tmp/diff_new_pack.3FQpNC/_new  2015-04-12 00:09:50.0 +0200
@@ -8,7 +8,7 @@
 missingok
 create 644 root root
 postrotate
- /etc/init.d/apache2 reload
+systemctl reload apache2.service
 endscript
 }
 
@@ -22,7 +22,7 @@
 missingok
 create 644 root root
 postrotate
- /etc/init.d/apache2 reload
+systemctl reload apache2.service
 endscript
 }
 
@@ -36,7 +36,7 @@
 missingok
 create 644 root root
 postrotate
- /etc/init.d/apache2 reload
+systemctl reload apache2.service
 endscript
 }
 
@@ -50,7 +50,7 @@
 missingok
 create 644 root root
 postrotate
- /etc/init.d/apache2 reload
+systemctl reload apache2.service
 endscript
 }
 
@@ -64,6 +64,6 @@
 missingok
 create 644 root root
 postrotate
- /etc/init.d/apache2 reload
+systemctl reload apache2.service
 endscript
 }



++ sysconfig.apache2 ++
--- /var/tmp/diff_new_pack.3FQpNC/_old  2015-04-12 00:09:50.0 +0200
+++ /var/tmp/diff_new_pack.3FQpNC/_new  2015-04-12 00:09:50.0 +0200
@@ -79,7 +79,7 @@
 # apache's default installation
 # APACHE_MODULES="authz_host actions alias asis auth autoindex cgi dir imap 
include log_config mime negotiation setenvif status userdir"
 # your settings
-APACHE_MODULES="actions alias auth_basic authn_file authz_host authz_groupfile 
authz_default authz_user autoindex cgi dir env expires include log_config mime 
negotiation setenvif ssl socache_shmcb userdir php5 reqtimeout"
+APACHE_MODULES="actions alias auth_basic authn_file authz_host authz_groupfile 
authz_core authz_user autoindex cgi dir env expires include log_config mime 
negotiation setenvif ssl socache_shmcb userdir php5 reqtimeout"
 
 
 ## Type:   string




commit apache2 for openSUSE:Factory

2015-03-12 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-03-12 16:38:16

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-03-03 
11:10:39.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-03-12 
16:38:18.0 +0100
@@ -1,0 +2,10 @@
+Tue Mar 10 17:16:21 UTC 2015 - dims...@opensuse.org
+
+- Add Requires(post) apache2 to the subpackage -worker, -event and
+  -prefork: their respective post scriptlets execute
+  /usr/share/apache2/get_module_list, which is shipped as part of
+  the main package. This script has the side-effect to call
+  find_mpm, which in turn creates the corresponding /usr/sbin/httpd2
+  symlink.
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.xYVDfe/_old  2015-03-12 16:38:20.0 +0100
+++ /var/tmp/diff_new_pack.xYVDfe/_new  2015-03-12 16:38:20.0 +0100
@@ -188,6 +188,8 @@
 Group:  Productivity/Networking/Web/Servers
 Requires:   %{name} = %{version}
 Provides:   %{name}-MPM
+# the post scriptlet executes /usr/share/apache2/get_module_list
+Requires(post): %{name} = %{version}
 %endif
 
 %if %prefork
@@ -197,6 +199,8 @@
 Requires:   %{name} = %{version}
 Provides:   %{name}-MPM
 Provides:   apache:%{_sbindir}/httpd
+# the post scriptlet executes /usr/share/apache2/get_module_list
+Requires(post): %{name} = %{version}
 %endif
 
 %if %event
@@ -205,6 +209,8 @@
 Group:  Productivity/Networking/Web/Servers
 Requires:   %{name} = %{version}
 Provides:   %{name}-MPM
+# the post scriptlet executes /usr/share/apache2/get_module_list
+Requires(post): %{name} = %{version}
 %endif
 
 %if %worker




-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2015-03-03 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-03-03 11:10:37

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-02-20 
12:43:08.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-03-03 
11:10:39.0 +0100
@@ -1,0 +2,55 @@
+Thu Feb 26 08:17:42 UTC 2015 - jseg...@novell.com
+
+- Patched get_module_list to ensure proper SELinux context for
+  sysconfig.d/loadmodule.conf
+
+---
+Wed Feb 25 21:02:59 UTC 2015 - tchva...@suse.com
+
+- Pname -> name variable reduction
+- Try to fix sle11 build
+
+---
+Wed Feb 25 19:59:36 UTC 2015 - tchva...@suse.com
+
+- Version bumpt o 2.4.12:
+  *) mpm_winnt: Accept utf-8 (Unicode) service names and descriptions for
+ internationalization.  [William Rowe]
+  *) mpm_winnt: Normalize the error and status messages emitted by service.c,
+ the service control interface for Windows.  [William Rowe]
+  *) configure: Fix --enable-v4-mapped configuration on *BSD. PR 53824.
+ [ olli hauer , Yann Ylavic ]
+
+---
+Wed Feb 25 18:03:20 UTC 2015 - tchva...@suse.com
+
+- Exit cleanly on end of the post and cleanup the update detection
+- Remove Apache.xpm as it ain't used
+
+---
+Wed Feb 25 15:59:26 UTC 2015 - tchva...@suse.com
+
+- Cleanup init/unit decision making and provide just systemd service
+  on systemd systems
+
+---
+Wed Feb 25 13:53:16 UTC 2015 - tchva...@suse.com
+
+- Deprecate realver define as it is equal to version.
+- Explicitely state MPM mods to ensure we don't lose some bnc#444878
+
+---
+Wed Feb 25 13:23:40 UTC 2015 - tchva...@suse.com
+
+- Pass over spec-cleaner, there should be no actual technical
+  change in this just reduction of lines in the spec
+
+---
+Mon Feb 23 16:58:11 UTC 2015 - kstreit...@suse.com
+
+- add httpd-2.4.x-mod_lua_websocket_DoS.patch to fix mod_lua bug
+  where a maliciously crafted websockets PING after a script calls
+  r:wsupgrade() can cause a child process crash
+  [CVE-2015-0228], [bnc#918352]. 
+
+---

Old:

  Apache.xpm
  httpd-2.4.11.tar.bz2

New:

  httpd-2.4.12.tar.bz2
  httpd-2.4.x-mod_lua_websocket_DoS.patch



Other differences:
--
++ apache2.spec ++
 1514 lines (skipped)
 between /work/SRC/openSUSE:Factory/apache2/apache2.spec
 and /work/SRC/openSUSE:Factory/.apache2.new/apache2.spec




++ get_module_list ++
--- /var/tmp/diff_new_pack.VmzxrA/_old  2015-03-03 11:10:42.0 +0100
+++ /var/tmp/diff_new_pack.VmzxrA/_new  2015-03-03 11:10:42.0 +0100
@@ -105,7 +105,12 @@
 echo >&3 -e "#\n"
 exec 3<&-
 chmod 644 $TMPFILE
-mv $TMPFILE $sysconfdir/sysconfig.d/loadmodule.conf
+if ! mv -Z $TMPFILE $sysconfdir/sysconfig.d/loadmodule.conf 2>/dev/null; then
+  mv $TMPFILE $sysconfdir/sysconfig.d/loadmodule.conf
+  if selinuxenabled; then
+restorecon $sysconfdir/sysconfig.d/loadmodule.conf
+  fi
+fi
 #echo -n ". "
 
 

++ httpd-2.4.11.tar.bz2 -> httpd-2.4.12.tar.bz2 ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/httpd-2.4.11/CHANGES new/httpd-2.4.12/CHANGES
--- old/httpd-2.4.11/CHANGES2015-01-15 13:20:33.0 +0100
+++ new/httpd-2.4.12/CHANGES2015-01-22 18:32:27.0 +0100
@@ -1,5 +1,16 @@
  -*- coding: utf-8 -*-
 
+Changes with Apache 2.4.12
+
+  *) mpm_winnt: Accept utf-8 (Unicode) service names and descriptions for
+ internationalization.  [William Rowe]
+
+  *) mpm_winnt: Normalize the error and status messages emitted by service.c,
+ the service control interface for Windows.  [William Rowe]
+
+  *) configure: Fix --enable-v4-mapped configuration on *BSD. PR 53824.
+ [ olli hauer , Yann Ylavic ]
+
 Changes with Apache 2.4.11
   
   *) SECURITY: CVE-2014-3583 (cve.mitre.org)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/httpd-2.4.11/configure new/httpd-2.4.12/configure
--- old/httpd-2.4.11/configure  2015-01-15 20:59:14.0 +0100
+++ new/httpd-2.4.12/configure  2015-01-22 19:50:04.0 +0100
@

commit apache2 for openSUSE:Factory

2015-02-20 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-02-20 12:43:06

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-02-06 
10:18:46.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-02-20 
12:43:08.0 +0100
@@ -6,0 +7,8 @@
+Mon Jan 19 19:18:28 UTC 2015 - crrodrig...@opensuse.org
+
+- httpd-2.4.3-mod_systemd.patch find libsystemd-daemon 
+  with pkg-config, this is the only correct way, in current
+  versions sd_notify is in libsystemd and in old products
+  in libsystemd-daemon.
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.UtOCNX/_old  2015-02-20 12:43:10.0 +0100
+++ /var/tmp/diff_new_pack.UtOCNX/_new  2015-02-20 12:43:10.0 +0100
@@ -38,6 +38,7 @@
 BuildRequires:  libcap-devel
 %endif
 %if 0%{?suse_version} >= 1210
+BuildRequires:  pkgconfig
 BuildRequires:  pkgconfig(systemd)
 BuildRequires:  pkgconfig(libsystemd-daemon)
 %endif




++ httpd-2.4.3-mod_systemd.patch ++
--- /var/tmp/diff_new_pack.UtOCNX/_old  2015-02-20 12:43:10.0 +0100
+++ /var/tmp/diff_new_pack.UtOCNX/_new  2015-02-20 12:43:10.0 +0100
@@ -1,26 +1,20 @@
 httpd-2.4.6.orig/modules/arch/unix/config5.m4
-+++ httpd-2.4.6/modules/arch/unix/config5.m4
-@@ -18,6 +18,18 @@ APACHE_MODULE(privileges, Per-virtualhos
+--- httpd-2.4.11.orig/modules/arch/unix/config5.m4
 httpd-2.4.11/modules/arch/unix/config5.m4
+@@ -18,6 +18,12 @@ APACHE_MODULE(privileges, Per-virtualhos
fi
  ])
  
 +
 +APACHE_MODULE(systemd, Systemd support, , , $unixd_mods_enabled, [
-+  AC_CHECK_LIB(systemd-daemon, sd_notify, SYSTEMD_LIBS="-lsystemd-daemon")
-+  AC_CHECK_HEADERS(systemd/sd-daemon.h, [ap_HAVE_SD_DAEMON_H="yes"], 
[ap_HAVE_SD_DAEMON_H="no"])
-+  if test $ap_HAVE_SD_DAEMON_H = "no" || test -z "${SYSTEMD_LIBS}"; then
-+AC_MSG_WARN([Your system does not support systemd.])
-+enable_systemd="no"
-+  else
++PKG_CHECK_MODULES([SYSTEMD], [libsystemd-daemon])
 +APR_ADDTO(MOD_SYSTEMD_LDADD, [$SYSTEMD_LIBS])
-+  fi
 +])
 +
  APR_ADDTO(INCLUDES, [-I\$(top_srcdir)/$modpath_current])
  
  APACHE_MODPATH_FINISH
 --- /dev/null
-+++ httpd-2.4.6/modules/arch/unix/mod_systemd.c
 httpd-2.4.11/modules/arch/unix/mod_systemd.c
 @@ -0,0 +1,138 @@
 +/* Licensed to the Apache Software Foundation (ASF) under one or more
 + * contributor license agreements.  See the NOTICE file distributed with
@@ -160,3 +154,13 @@
 +NULL,
 +systemd_register_hooks,
 +};
+--- httpd-2.4.11.orig/configure.in
 httpd-2.4.11/configure.in
+@@ -77,6 +77,7 @@ dnl shared library support for these pac
+ dnl work on some platforms
+ 
+ AC_CANONICAL_SYSTEM
++PKG_PROG_PKG_CONFIG
+ 
+ orig_prefix="$prefix"
+ 

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2015-02-06 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-02-06 10:18:45

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-01-22 
21:48:23.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-02-06 
10:18:46.0 +0100
@@ -1,0 +2,5 @@
+Tue Feb  3 15:12:04 UTC 2015 - pgaj...@suse.com
+
+- httpd2.pid in rc.apache2 was wrong [bnc#898193]
+
+---



Other differences:
--



++ rc.apache2 ++
--- /var/tmp/diff_new_pack.FWK2Qj/_old  2015-02-06 10:18:49.0 +0100
+++ /var/tmp/diff_new_pack.FWK2Qj/_new  2015-02-06 10:18:49.0 +0100
@@ -29,7 +29,7 @@
 : ${sysconfdir:=/etc/$pname}
 : ${apache_link:=/usr/sbin/httpd2}
 : ${sysconfig_apache:=/etc/sysconfig/$pname}
-: ${pidfile:=/var/run/httpd2.pid}
+: ${pidfile:=/var/run/httpd.pid}
 : ${logdir:=/var/log/$pname}
 : ${homedir:=/var/lib/$pname}
 

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2015-01-22 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-01-22 21:48:16

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-01-15 
16:00:44.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-01-22 
21:48:23.0 +0100
@@ -1,0 +2,209 @@
+Fri Jan 16 04:24:04 UTC 2015 - crrodrig...@opensuse.org
+
+- remove obsolete patches 
+* httpd-2.4.10-check_null_pointer_dereference.patch
+* httpd-event-deadlock.patch
+* httpd-2.4.x-bnc871310-CVE-2013-5704-mod_headers_chunked_requests.patch
+* httpd-2.4.x-bnc909715-CVE-2014-8109-mod_lua_handling_of_Require_line.patch
+
+---
+Fri Jan 16 04:13:59 UTC 2015 - crrodrig...@opensuse.org
+
+- Apache 2.4.11 
+
+  *) SECURITY: CVE-2014-3583 (cve.mitre.org)
+ mod_proxy_fcgi: Fix a potential crash due to buffer over-read, with 
+ response headers' size above 8K.  [Yann Ylavic, Jeff Trawick]
+
+  *) SECURITY: CVE-2014-3581 (cve.mitre.org)
+ mod_cache: Avoid a crash when Content-Type has an empty value.
+ PR 56924.  [Mark Montague , Jan Kaluza]
+
+  *) SECURITY: CVE-2014-8109 (cve.mitre.org)
+ mod_lua: Fix handling of the Require line when a LuaAuthzProvider is
+ used in multiple Require directives with different arguments.
+ PR57204 [Edward Lu ]
+
+  *) SECURITY: CVE-2013-5704 (cve.mitre.org)
+ core: HTTP trailers could be used to replace HTTP headers
+ late during request processing, potentially undoing or
+ otherwise confusing modules that examined or modified
+ request headers earlier.  Adds "MergeTrailers" directive to restore
+ legacy behavior.  [Edward Lu, Yann Ylavic, Joe Orton, Eric Covener]
+
+  *) mod_ssl: New directive SSLSessionTickets (On|Off).
+ The directive controls the use of TLS session tickets (RFC 5077),
+ default value is "On" (unchanged behavior).
+ Session ticket creation uses a random key created during web
+ server startup and recreated during restarts. No other key
+ recreation mechanism is available currently. Therefore using session
+ tickets without restarting the web server with an appropriate frequency
+ (e.g. daily) compromises perfect forward secrecy. [Rainer Jung]
+
+  *) mod_proxy_fcgi: Provide some basic alternate options for specifying 
+ how PATH_INFO is passed to FastCGI backends by adding significance to
+ the value of proxy-fcgi-pathinfo. PR 55329. [Eric Covener]
+ 
+  *) mod_proxy_fcgi: Enable UDS backends configured with SetHandler/RewriteRule
+ to opt-in to connection reuse and other Proxy options via explicitly
+ declared "proxy workers" (]
+
+  *) mod_proxy_fcgi: Remove proxy:balancer:// prefix from SCRIPT_FILENAME
+ passed to fastcgi backends. [Eric Covener]
+
+  *) core: Configuration files with long lines and continuation characters
+ are not read properly. PR 55910. [Manuel Mausz ]
+
+  *) mod_include: the 'env' function was incorrectly handled as 'getenv' if the
+ leading 'e' was written in upper case in 
+ statements. [Christophe Jaillet]
+
+  *) split-logfile: Fix perl error:  'Can't use string ("example.org:80") 
+ as a symbol ref while "strict refs"'. PR 56329.
+ [Holger Mauermann ]
+
+  *) mod_proxy: Prevent ProxyPassReverse from doing a substitution when
+ the URL parameter interpolates to an empty string. PR 56603.
+ []
+
+  *) core: Fix -D[efined] or [d] variables lifetime accross restarts. 
+ PR 57328.  [Armin Abfalterer , Yann Ylavic].
+
+  *) mod_proxy: Preserve original request headers even if they differ
+ from the ones to be forwarded to the backend. PR 45387.
+ [Yann Ylavic]
+
+  *) mod_ssl: dump SSL IO/state for the write side of the connection(s),
+ like reads (level TRACE4). [Yann Ylavic]
+
+  *) mod_proxy_fcgi: Ignore body data from backend for 304 responses. PR 57198.
+ [Jan Kaluza]
+
+  *) mod_ssl: Do not crash when looking up SSL related variables during
+ expression evaluation on non SSL connections. PR 57070  [Ruediger Pluem]
+
+  *) mod_proxy_ajp: Fix handling of the default port (8009) in the
+ ProxyPass and  configurations.  PR 57259.  [Yann Ylavic]
+
+  *) mpm_event: Avoid a possible use after free when notifying the end of
+ connection during lingering close.  PR 57268.  [Eric Covener, Yann Ylavic]
+
+  *) mod_ssl: Fix recognition of OCSP stapling responses that are encoded
+ improperly or too large.  [Jeff Trawick]
+
+  *) core: Add ap_log_data(), ap_log_rdata(), etc. for logging buffers.
+ [Jeff Trawick]
+
+  *) mod_proxy_fcgi, mod_authnz_fcgi: stop reading the response and issue an
+ erro

commit apache2 for openSUSE:Factory

2015-01-15 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-01-15 16:00:42

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-01-10 
23:06:47.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-01-15 
16:00:44.0 +0100
@@ -1,0 +2,8 @@
+Mon Jan 12 10:51:32 UTC 2015 - br...@ioda-net.ch
+
+- Redone lost patch to fix boo#859439 
+  + service reload can cause log data to be lost with logrotate
+  under some circumstances: remove "-t" from service reload.
+  [bnc#859439]
+
+---



Other differences:
--

++ apache2.service ++
--- /var/tmp/diff_new_pack.66nmbj/_old  2015-01-15 16:00:46.0 +0100
+++ /var/tmp/diff_new_pack.66nmbj/_new  2015-01-15 16:00:46.0 +0100
@@ -9,7 +9,7 @@
 PrivateTmp=true
 EnvironmentFile=/etc/sysconfig/apache2
 ExecStart=/usr/sbin/start_apache2 -D SYSTEMD -DFOREGROUND -k start
-ExecReload=/usr/sbin/start_apache2 -D SYSTEMD -DFOREGROUND -t -k graceful
+ExecReload=/usr/sbin/start_apache2 -D SYSTEMD -DFOREGROUND -k graceful
 ExecStop=/usr/sbin/start_apache2 -D SYSTEMD -DFOREGROUND -k graceful-stop
 
 [Install]



-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2015-01-10 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-01-10 23:06:46

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2015-01-03 
22:02:16.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-01-10 
23:06:47.0 +0100
@@ -1,0 +2,5 @@
+Thu Jan  8 13:03:24 UTC 2015 - sch...@linux-m68k.org
+
+- Fix URL syntax in various files
+
+---



Other differences:
--

++ apache2-README ++
--- /var/tmp/diff_new_pack.of3751/_old  2015-01-10 23:06:50.0 +0100
+++ /var/tmp/diff_new_pack.of3751/_new  2015-01-10 23:06:50.0 +0100
@@ -48,14 +48,14 @@
 http://www.onlamp.com/pub/a/apache/2004/06/17/apacheckbk.html
 
 See 
-http:///httpd.apache.org/docs/2.4/mpm.html  and
-http:///httpd.apache.org/docs/2.4/misc/perf-tuning.html#compiletime 
+http://httpd.apache.org/docs/2.4/mpm.html  and
+http://httpd.apache.org/docs/2.4/misc/perf-tuning.html#compiletime 
 for more technical details.
 
 In general, using a threaded MPM (worker) requires that all libraries that are
 loaded into apache (and libraries loaded by them in turn) be threadsafe as 
well.
 See
-http:///httpd.apache.org/docs/2.4/developer/thread_safety.html for a status on
+http://httpd.apache.org/docs/2.4/developer/thread_safety.html for a status on
 some libraries.
 
 

++ apache2-default-server.conf ++
--- /var/tmp/diff_new_pack.of3751/_old  2015-01-10 23:06:51.0 +0100
+++ /var/tmp/diff_new_pack.of3751/_new  2015-01-10 23:06:51.0 +0100
@@ -17,7 +17,7 @@
# doesn't give it to you.
#
# The Options directive is both complicated and important.  Please see
-   # http:///httpd.apache.org/docs/2.4/mod/core.html#options
+   # http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
Options None
# AllowOverride controls what directives may be placed in .htaccess 
files.

++ apache2-default-vhost-ssl.conf ++
--- /var/tmp/diff_new_pack.of3751/_old  2015-01-10 23:06:51.0 +0100
+++ /var/tmp/diff_new_pack.of3751/_new  2015-01-10 23:06:51.0 +0100
@@ -2,7 +2,7 @@
 # This is the Apache server configuration file providing SSL support.
 # It contains the configuration directives to instruct the server how to
 # serve pages over an https connection. For detailing information about these 
-# directives see http:///httpd.apache.org/docs/2.4/mod/mod_ssl.html>
+# directives see http://httpd.apache.org/docs/2.4/mod/mod_ssl.html>
 #
 # Do NOT simply read the instructions in here without understanding
 # what they do.  They're here only as hints or reminders.  If you are unsure

++ apache2-default-vhost.conf ++
--- /var/tmp/diff_new_pack.of3751/_old  2015-01-10 23:06:51.0 +0100
+++ /var/tmp/diff_new_pack.of3751/_new  2015-01-10 23:06:51.0 +0100
@@ -92,7 +92,7 @@
# doesn't give it to you.
#
# The Options directive is both complicated and important.  Please see
-   # http:///httpd.apache.org/docs/2.4/mod/core.html#options
+   # http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options +Indexes +MultiViews +FollowSymLinks

++ apache2-httpd.conf ++
--- /var/tmp/diff_new_pack.of3751/_old  2015-01-10 23:06:51.0 +0100
+++ /var/tmp/diff_new_pack.of3751/_new  2015-01-10 23:06:51.0 +0100
@@ -3,7 +3,7 @@
 #
 # This is the main Apache server configuration file.  It contains the
 # configuration directives that give the server its instructions.
-# See http:///httpd.apache.org/docs/2.4/> for detailed information about
+# See http://httpd.apache.org/docs/2.4/> for detailed information about
 # the directives.
 
 # Based upon the default apache configuration file that ships with apache,
@@ -193,7 +193,7 @@
 # IP addresses. This is indicated by the asterisks in the directives below.
 #
 # Please see the documentation at
-# http:///httpd.apache.org/docs/2.4/vhosts/>
+# http://httpd.apache.org/docs/2.4/vhosts/>
 # for further details before you try to setup virtual hosts.
 #
 # You may use the command line option '-S' to verify your virtual host

++ apache2-listen.conf ++
--- /var/tmp/diff_new_pack.of3751/_old  2015-01-10 23:06:51.0 +0100
+++ /var/tmp/diff_new_pack.of3751/_new  2015-01-10 23:06:51.0 +0100
@@ -1,7 +1,7 @@
 # Listen: Allows you to bind Apache to specific IP addresses and/or
 # ports. See also the  directive.
 #
-# http:///httpd.apache.org/docs/2.4/mod/mpm_common.ht

commit apache2 for openSUSE:Factory

2015-01-03 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2015-01-03 22:02:13

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2014-12-30 
00:49:23.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2015-01-03 
22:02:16.0 +0100
@@ -1,0 +2,5 @@
+Mon Dec 29 15:12:51 UTC 2014 - pgaj...@suse.com
+
+- fix IfModule directive around SSLSessionCache [bnc#842377c#11]
+
+---



Other differences:
--

++ apache2-ssl-global.conf ++
--- /var/tmp/diff_new_pack.C0knxR/_old  2015-01-03 22:02:18.0 +0100
+++ /var/tmp/diff_new_pack.C0knxR/_new  2015-01-03 22:02:18.0 +0100
@@ -42,11 +42,11 @@
#   Note that on most platforms shared memory segments are not allowed 
to be on 
#   network-mounted drives, so in that case you need to use the dbm 
method.
#SSLSessionCachenone
-   #
+   #
#SSLSessionCache dbm:/var/lib/apache2/ssl_scache
#
 
-
+
SSLSessionCache shmcb:/var/lib/apache2/ssl_scache(512000)
 
 



-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2014-12-29 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2014-12-30 00:49:20

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2014-12-09 
09:16:44.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2014-12-30 
00:49:23.0 +0100
@@ -1,0 +2,16 @@
+Mon Dec 15 17:29:28 UTC 2014 - kstreit...@suse.com
+
+- added httpd-2.4.x-bnc871310-CVE-2013-5704-mod_headers_chunked_requests.patch
+  to fix flaw in the way mod_headers handled chunked requests. Adds
+  "MergeTrailers" directive to restore legacy behavior 
+  [bnc#871310], [CVE-2013-5704].
+
+---
+Fri Dec 12 15:46:29 UTC 2014 - kstreit...@suse.com
+
+- added 
httpd-2.4.x-bnc909715-CVE-2014-8109-mod_lua_handling_of_Require_line.patch
+  that fixes handling of the Require line when a LuaAuthzProvider is
+  used in multiple Require directives with different arguments
+  [bnc#909715], [CVE-2014-8109]. 
+
+---

New:

  httpd-2.4.x-bnc871310-CVE-2013-5704-mod_headers_chunked_requests.patch
  httpd-2.4.x-bnc909715-CVE-2014-8109-mod_lua_handling_of_Require_line.patch



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.FHwfiC/_old  2014-12-30 00:49:26.0 +0100
+++ /var/tmp/diff_new_pack.FHwfiC/_new  2014-12-30 00:49:26.0 +0100
@@ -166,6 +166,10 @@
 Patch111:   httpd-visibility.patch
 # PATCH-FIX-UPSTREAM bnc#899836 kstreit...@suse.com -- avoid a crash when 
Content-Type has an empty value
 Patch112:   httpd-2.4.10-check_null_pointer_dereference.patch
+# PATCH-FIX-UPSTREAM bnc#909715 kstreit...@suse.com -- Fix handling of the 
Require line when a LuaAuthzProvider is used in multiple Require directives 
with different arguments.
+Patch113:   
httpd-2.4.x-bnc909715-CVE-2014-8109-mod_lua_handling_of_Require_line.patch
+# PATCH-FIX-UPSTREAM bnc#871310 kstreit...@suse.com -- Fix the flaw in the way 
mod_headers handled chunked requests. 
+Patch114:   
httpd-2.4.x-bnc871310-CVE-2013-5704-mod_headers_chunked_requests.patch
 Url:http://httpd.apache.org/
 Icon:   Apache.xpm
 Summary:The Apache Web Server Version 2.4
@@ -346,6 +350,8 @@
 %patch109 -p1
 %patch111 -p1
 %patch112 -p1
+%patch113 -p1
+%patch114 -p1
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{S:22})




++ httpd-2.4.x-bnc871310-CVE-2013-5704-mod_headers_chunked_requests.patch 
++
>From 6688f9d102ad29d6bb4167d690ee495d709e47b6 Mon Sep 17 00:00:00 2001
From: "William A. Rowe Jr" 
Date: Fri, 22 Aug 2014 18:18:08 +
Subject: [PATCH] SECURITY: CVE-2013-5704 (cve.mitre.org)

core: HTTP trailers could be used to replace HTTP headers
late during request processing, potentially undoing or
otherwise confusing modules that examined or modified
request headers earlier.  Adds "MergeTrailers" directive to restore
legacy behavior.

Submitted by: Edward Lu, Yann Ylavic, Joe Orton, Eric Covener
Backports: r1610814
Reviewed by: covener, wrowe, ylavic


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1619884 
13f79535-47bb-0310-9956-ffa450edef68

diff --git a/include/http_core.h b/include/http_core.h
index 8730d1f..5cef622 100644
--- a/include/http_core.h
+++ b/include/http_core.h
@@ -667,6 +667,10 @@ typedef struct {
 #define AP_TRACE_ENABLE1
 #define AP_TRACE_EXTENDED  2
 int trace_enable;
+#define AP_MERGE_TRAILERS_UNSET0
+#define AP_MERGE_TRAILERS_ENABLE   1
+#define AP_MERGE_TRAILERS_DISABLE  2
+int merge_trailers;
 
 } core_server_config;
 
diff --git a/include/httpd.h b/include/httpd.h
index e1510be..c6cd827 100644
--- a/include/httpd.h
+++ b/include/httpd.h
@@ -1035,6 +1035,11 @@ struct request_rec {
  */
 apr_sockaddr_t *useragent_addr;
 char *useragent_ip;
+
+/** MIME trailer environment from the request */
+apr_table_t *trailers_in;
+/** MIME trailer environment from the response */
+apr_table_t *trailers_out;
 };
 
 /**
diff --git a/modules/http/http_filters.c b/modules/http/http_filters.c
index 2a0a979..0b86009 100644
--- a/modules/http/http_filters.c
+++ b/modules/http/http_filters.c
@@ -231,6 +231,49 @@ static apr_status_t get_chunk_line(http_ctx_t *ctx, 
apr_bucket_brigade *b,
 }
 
 
+static apr_status_t read_chunked_trailers(http_ctx_t *ctx, ap_filter_t *f,
+  apr_bucket_brigade *b, int merge)
+{
+int rv;
+apr_bucket *e;
+request_rec *r = f->r;
+apr_table_t *saved_headers_in = r->

commit apache2 for openSUSE:Factory

2014-12-09 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2014-12-09 09:17:05

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2014-12-05 
21:07:34.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2014-12-09 
09:16:44.0 +0100
@@ -1,0 +2,5 @@
+Fri Dec  5 20:10:28 UTC 2014 - pgaj...@suse.com
+
+- fixed start at boot for ssl and encrypted key [bnc#792309]
+
+---



Other differences:
--

++ apache2.service ++
--- /var/tmp/diff_new_pack.N2fvkv/_old  2014-12-09 09:16:46.0 +0100
+++ /var/tmp/diff_new_pack.N2fvkv/_new  2014-12-09 09:16:46.0 +0100
@@ -2,7 +2,7 @@
 Description=The Apache Webserver
 Wants=network.target nss-lookup.target
 After=network.target nss-lookup.target
-Before=getty@tty1.service
+Before=getty@tty1.service plymouth-quit.service xdm.service
 
 [Service]
 Type=notify



-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2014-12-05 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2014-12-05 21:07:34

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2014-11-29 
08:39:29.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2014-12-05 
21:07:34.0 +0100
@@ -1,0 +2,6 @@
+Sat Nov 29 02:43:00 UTC 2014 - Led 
+
+- fix shebang in start_apache2 script that contains bash-specific
+  constructions
+
+---



Other differences:
--



++ start_apache2 ++
--- /var/tmp/diff_new_pack.pctPp9/_old  2014-12-05 21:07:38.0 +0100
+++ /var/tmp/diff_new_pack.pctPp9/_new  2014-12-05 21:07:38.0 +0100
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 #
 # Copyright (c) 1996, 1997, 1998 S.u.S.E. GmbH
 # Copyright (c) 1998, 1999, 2000, 2001 SuSE GmbH

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2014-11-28 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2014-11-29 08:39:28

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2014-11-13 
09:21:37.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2014-11-29 
08:39:29.0 +0100
@@ -1,0 +2,5 @@
+Thu Nov 27 13:38:25 UTC 2014 - pgaj...@suse.com
+
+- small improvement of ssl instructions [bnc#891813]
+
+---



Other differences:
--



++ gensslcert ++
--- /var/tmp/diff_new_pack.voBbrl/_old  2014-11-29 08:39:32.0 +0100
+++ /var/tmp/diff_new_pack.voBbrl/_new  2014-11-29 08:39:32.0 +0100
@@ -182,14 +182,14 @@
 modkey=`$openssl rsa -noout -modulus -in $sslkeydir/${name}server.key | sed -e 
's;.*Modulus=;;' || myexit $LINENO $?`
 
 if [ ".$modcrt" != ".$modkey" ]; then
-error "mkcert.sh:Error: Failed to verify modulus on resulting X.509 
certificate" 1>&2
+error "gensslcert:Error: Failed to verify modulus on resulting X.509 
certificate" 1>&2
 myexit $LINENO $?
 fi
 
 echo;myecho Verify: matching certificate signature
 $openssl verify -CAfile $sslcrtdir/${name}ca.crt 
$sslcrtdir/${name}server.crt || myexit $LINENO $?
 if [ $? -ne 0 ]; then
-error "mkcert.sh:Error: Failed to verify signature on resulting X.509 
certificate" 1>&2
+error "gensslcert:Error: Failed to verify signature on resulting X.509 
certificate" 1>&2
 myexit $LINENO $?
 fi
 

++ sysconfig.apache2 ++
--- /var/tmp/diff_new_pack.voBbrl/_old  2014-11-29 08:39:32.0 +0100
+++ /var/tmp/diff_new_pack.voBbrl/_new  2014-11-29 08:39:32.0 +0100
@@ -51,16 +51,22 @@
 # * In the APACHE_MODULES variable, you can use mod_xyz or just xyz syntax.
 #   You may also name an absolute path if you like.
 #
-# * NOTE ON SSL: before you can use mod_ssl, you need a server certificate. 
-#   A test certificate can be created by (as root):
-#   cd /usr/share/doc/packages/apache2; /bin/sh ./mkcert.sh make 
--no-print-directory /usr/bin/openssl /usr/sbin/ test
-#   Please feel free to have a look at the mkcert.sh script to see how 
certificates can be created.
-#   Also, you need to set the ServerName inside the  
-#   block to the fully qualified domain name (see /etc/HOSTNAME).
-# * if your server certificate is protected by a passphrase you should 
increase the
-#   APACHE_START_TIMEOUT (see above)
-# * to finally enable ssl support, you need to add 'SSL' to 
APACHE_SERVER_FLAGS 
-#   below.
+# * NOTES ON SSL: 
+#   1. Before you can use mod_ssl, you need a server certificate. 
+#  A test certificate can be created by entering e. g.
+#
+#  $ gensslcert -n a.com -C a.com -e webmas...@a.com
+#
+#  See gensslcert -h for or gensslcert script itself for details.
+#   2. Also, you need to set the ServerName inside the  
+#  block to the fully qualified domain name (see /etc/HOSTNAME).
+#   3. If your server certificate is protected by a passphrase you should 
increase the
+#  APACHE_START_TIMEOUT (see above)
+#   4. Consider to load also socache_shmcb module, see
+#  http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslsessioncache
+#  for details.
+#   5. To finally enable ssl support, you need to add 'SSL' to 
APACHE_SERVER_FLAGS 
+#  below.
 #
 # * modules listed here will be ignored if they are not installed
 #

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2014-11-13 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2014-11-13 09:21:36

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2014-11-05 
16:26:45.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2014-11-13 
09:21:37.0 +0100
@@ -1,0 +2,12 @@
+Sun Nov 09 00:57:00 UTC 2014 - Led 
+
+- fix bashisms in post scripts
+
+---
+Fri Nov  7 15:52:47 UTC 2014 - kstreit...@suse.com
+
+- added httpd-2.4.10-check_null_pointer_dereference.patch to avoid
+  a crash when Content-Type has an empty value [bnc#899836], 
+  CVE-2014-3581
+
+---
@@ -5,0 +18,6 @@
+
+---
+Sat Oct 18 16:21:00 UTC 2014 - Led 
+
+- httpd-2.1.9-apachectl.dif renamed to httpd-2.4.10-apachectl.patch 
+  and updated (fixed bashism).

Old:

  httpd-2.1.9-apachectl.dif

New:

  httpd-2.4.10-apachectl.patch
  httpd-2.4.10-check_null_pointer_dereference.patch



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.UJxwV3/_old  2014-11-13 09:21:40.0 +0100
+++ /var/tmp/diff_new_pack.UJxwV3/_new  2014-11-13 09:21:40.0 +0100
@@ -150,7 +150,7 @@
 Source143:  apache2-systemd-ask-pass
 Source144:  apache2.service
 Patch2: httpd-2.1.3alpha-layout.dif
-Patch23:httpd-2.1.9-apachectl.dif
+Patch23:httpd-2.4.10-apachectl.patch
 #Patch65:httpd-2.0.49-log_server_status.dif
 Patch66:httpd-2.0.54-envvars.dif
 Patch67:httpd-2.2.0-apxs-a2enmod.dif
@@ -164,6 +164,8 @@
 # PATCH-FEATURE-UPSTREAM httpd-2.4.3-mod_systemd.patch 
crrodrig...@opensuse.org simple module provides systemd integration.
 Patch109:   httpd-2.4.3-mod_systemd.patch
 Patch111:   httpd-visibility.patch
+# PATCH-FIX-UPSTREAM bnc#899836 kstreit...@suse.com -- avoid a crash when 
Content-Type has an empty value
+Patch112:   httpd-2.4.10-check_null_pointer_dereference.patch
 Url:http://httpd.apache.org/
 Icon:   Apache.xpm
 Summary:The Apache Web Server Version 2.4
@@ -343,6 +345,7 @@
 #%patch108 -p1
 %patch109 -p1
 %patch111 -p1
+%patch112 -p1
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{S:22})
@@ -981,19 +984,19 @@
 %if %prefork
 
 %post prefork
-/usr/share/%{pname}/get_module_list &>/dev/null
+/usr/share/%{pname}/get_module_list >/dev/null 2>&1
 exit 0
 %endif
 %if %worker
 
 %post worker
-/usr/share/%{pname}/get_module_list &>/dev/null
+/usr/share/%{pname}/get_module_list >/dev/null 2>&1
 exit 0
 %endif
 %if %event
 
 %post event
-/usr/share/%{pname}/get_module_list &>/dev/null
+/usr/share/%{pname}/get_module_list >/dev/null 2>&1
 exit 0
 %endif
 
@@ -1006,7 +1009,7 @@
 %pre
 %if %{?suse_version:0}%{!?suse_version:1}
 # on Fedora, add the "apache" user
-if ! /usr/bin/getent passwd %httpduser &>/dev/null; then
+if ! /usr/bin/getent passwd %httpduser >/dev/null 2>&1; then
   echo "Creating %httpduser user"
   /usr/sbin/useradd -c "Apache" -u 48 \
 -s /sbin/nologin -r -d %{localstatedir} %httpduser 2> /dev/null || :
@@ -1086,7 +1089,7 @@
 
 rm -rf $tmpdir
 /usr/share/%{pname}/apache-20-22-upgrade
-/usr/share/%{pname}/get_module_list &>/dev/null
+/usr/share/%{pname}/get_module_list >/dev/null 2>&1
 %if 0%{?suse_version} >= 1210
 %service_add_post apache2.service
 %endif




++ httpd-2.4.10-apachectl.patch ++
diff -Ndurp httpd-2.4.10/support/apachectl.in 
httpd-2.4.10-apachectl/support/apachectl.in
--- httpd-2.4.10/support/apachectl.in   2012-02-01 05:47:28.0 +0200
+++ httpd-2.4.10-apachectl/support/apachectl.in 2014-10-18 19:18:51.203692588 
+0300
@@ -42,17 +42,32 @@ ARGV="$@"
 #   
 # 
 # the path to your httpd binary, including options if necessary
-HTTPD='@exp_sbindir@/@progname@'
+HTTPD='@exp_sbindir@/httpd2'
 #
 # pick up any necessary environment variables
 if test -f @exp_sbindir@/envvars; then
   . @exp_sbindir@/envvars
 fi
+
+pname=apache2
+sysconfig_apache=/etc/sysconfig/$pname
+sysconfdir=/etc/$pname
+
+test -s $sysconfig_apache && . $sysconfig_apache
+httpd_conf=${APACHE_HTTPD_CONF:-$sysconfdir/httpd.conf}
+
 #
 # a command that outputs a formatted text version of the HTML at the
 # url given on the command line.  Designed for lynx, however other
 # programs may work.  
-LYNX="@LYNX_PATH@ -dump"
+
+if [ -x "`which w3m`" ]; then
+LYNX="w3m -dump -cols ${COLUMNS:-80}"
+elif [ -x 

commit apache2 for openSUSE:Factory

2014-11-05 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2014-11-05 16:26:43

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2014-10-25 
08:32:22.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2014-11-05 
16:26:45.0 +0100
@@ -1,0 +2,6 @@
+Fri Oct 31 16:04:15 UTC 2014 - crrodrig...@opensuse.org
+
+- httpd-event-deadlock.patch:  Fix worker-listener 
+  deadlock in graceful restart.
+
+---

New:

  httpd-event-deadlock.patch



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.koHxXJ/_old  2014-11-05 16:26:46.0 +0100
+++ /var/tmp/diff_new_pack.koHxXJ/_new  2014-11-05 16:26:46.0 +0100
@@ -157,6 +157,7 @@
 Patch68:httpd-2.x.x-logresolve.patch
 Patch69:httpd-2.2.x-bnc690734.patch
 Patch70:apache2-implicit-pointer-decl.patch
+Patch71:httpd-event-deadlock.patch
 # PATCH-FEATURE-UPSTREAM apache2-mod_ssl_npn.patch dims...@opensuse.org -- Add 
npn support to mod_ssl (needed for spdy)
 #Patch108:   apache2-mod_ssl_npn.patch
 #Provides:   apache2(mod_ssl+npn)
@@ -338,6 +339,7 @@
 %patch68 -p1
 #%patch69
 %patch70 -p1
+%patch71 -p1
 #%patch108 -p1
 %patch109 -p1
 %patch111 -p1




++ httpd-event-deadlock.patch ++
--- httpd-2.4.10.orig/server/mpm/event/event.c
+++ httpd-2.4.10/server/mpm/event/event.c
@@ -1271,13 +1271,13 @@ static void get_worker(int *have_idle_wo
 else
 rc = ap_queue_info_try_get_idler(worker_queue_info);
 
-if (rc == APR_SUCCESS) {
+if (rc == APR_SUCCESS || APR_STATUS_IS_EOF(rc)) {
 *have_idle_worker_p = 1;
 }
 else if (!blocking && rc == APR_EAGAIN) {
 *all_busy = 1;
 }
-else if (!APR_STATUS_IS_EOF(rc)) {
+else {
 ap_log_error(APLOG_MARK, APLOG_ERR, rc, ap_server_conf, APLOGNO(00472)
  "ap_queue_info_wait_for_idler failed.  "
  "Attempting to shutdown process gracefully");
-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2014-10-24 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2014-10-25 08:32:21

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2014-10-15 
21:58:42.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2014-10-25 
08:32:22.0 +0200
@@ -1,0 +2,7 @@
+Thu Oct 16 12:29:06 UTC 2014 - pgaj...@suse.com
+
+- drop (turned off) itk mpm spec file code as mpm-itk is now 
+  provided as a separate module, not via patch 
+  (see http://mpm-itk.sesse.net/ and [bnc#851229])
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.DbMJR0/_old  2014-10-25 08:32:24.0 +0200
+++ /var/tmp/diff_new_pack.DbMJR0/_new  2014-10-25 08:32:24.0 +0200
@@ -59,8 +59,7 @@
 %{!?prefork:%define prefork 1}
 %{!?worker:%define worker 1}
 %{!?event:%define event 1}
-%{!?itk:%define itk 0}
-%define mpms_to_build  %(test %prefork = 1 && printf prefork) %(test %worker = 
1 && printf worker) %(test %event = 1 && printf event) %(test %itk = 1 && 
printf itk)
+%define mpms_to_build  %(test %prefork = 1 && printf prefork) %(test %worker = 
1 && printf worker) %(test %event = 1 && printf event) 
 # dir names
 %define datadir/srv/www
 %define htdocsdir  %{datadir}/htdocs
@@ -235,14 +234,6 @@
 Provides:   %{pname}-MPM
 Requires:   %{name} = %{version}
 %endif
-%if %itk
-
-%package itk
-Summary:Apache 2 "ITK" MPM (Multi-Processing Module)
-Group:  Productivity/Networking/Web/Servers
-Provides:   %{pname}-MPM
-Requires:   %{name} = %{version}
-%endif
 %if %worker
 
 %description worker
@@ -278,21 +269,6 @@
 synchronization.
 
 %endif
-%if %itk
-
-%description itk
-The "ITK" MPM (Multi-Processing Module) is experimental and NOT officially
-endorsed by the Apache Software Foundation, so it may or may not work as 
-expected.
-
-Apache2-mpm-itk (just mpm-itk for short) is a MPM for the Apache 2 web server. 
-mpm-itk allows you to run each of your vhosts under a separate uid and gid -- 
-in short, the scripts and configuration files for one vhost no longer have to 
-be readable for all the other vhosts.
-
-See http://mpm-itk.sesse.net/
-
-%endif
 
 %package devel
 Summary:Apache 2 Header and Include Files
@@ -952,14 +928,6 @@
 %dir %{_libdir}/%{pname}-event
 %{_libdir}/%{pname}-event/mod_*.so
 %endif
-%if %itk
-
-%files itk
-%defattr(-,root,root)
-%{_sbindir}/%{httpd}-itk
-%dir %{_libdir}/%{pname}-itk
-%{_libdir}/%{pname}-itk/mod_*.so
-%endif
 
 %files devel -f filelist-devel
 %defattr(-,root,root)
@@ -1026,12 +994,6 @@
 /usr/share/%{pname}/get_module_list &>/dev/null
 exit 0
 %endif
-%if %itk
-
-%post itk
-/usr/share/%{pname}/get_module_list &>/dev/null
-exit 0
-%endif
 
 #  
 #  O/ ._ .__/ ._  _  __|_




-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2014-10-15 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2014-10-15 21:58:41

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2014-10-11 
22:41:49.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2014-10-15 
21:58:42.0 +0200
@@ -1,0 +2,5 @@
+Mon Oct 13 12:34:44 UTC 2014 - pgaj...@suse.com
+
+- enable mod_imagemap [bnc#866366]
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.t0aW03/_old  2014-10-15 21:58:44.0 +0200
+++ /var/tmp/diff_new_pack.t0aW03/_new  2014-10-15 21:58:44.0 +0200
@@ -437,6 +437,7 @@
--enable-bucketeer \
--enable-case_filter \
--enable-case_filter_in \
+--enable-imagemap \
\
--with-ldap \
--enable-ldap \




-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2014-10-11 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2014-10-11 22:41:45

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2014-10-09 
12:52:04.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2014-10-11 
22:41:49.0 +0200
@@ -1,0 +2,5 @@
+Fri Oct 10 07:48:45 UTC 2014 - pgaj...@suse.com
+
+- fixed link to Apache quickstart [bnc#624681], [bnc#789806]
+
+---



Other differences:
--

++ apache2-README.QUICKSTART ++
--- /var/tmp/diff_new_pack.aqbuoQ/_old  2014-10-11 22:41:52.0 +0200
+++ /var/tmp/diff_new_pack.aqbuoQ/_new  2014-10-11 22:41:52.0 +0200
@@ -1,6 +1,4 @@
 
 This README is now online:
-http://en.opensuse.org/Apache_Quickstart_HOWTO
+http://en.opensuse.org/SDB:Apache_installation
 
-General starting point:
-http://www.opensuse.org/Apache

++ apache2-httpd.conf ++
--- /var/tmp/diff_new_pack.aqbuoQ/_old  2014-10-11 22:41:52.0 +0200
+++ /var/tmp/diff_new_pack.aqbuoQ/_new  2014-10-11 22:41:52.0 +0200
@@ -15,7 +15,7 @@
 # configuration of your virtual hosts.
 
 # Quickstart guide:
-# http://en.opensuse.org/Apache_Quickstart_HOWTO
+# http://en.opensuse.org/SDB:Apache_installation
 
 
 # Overview of include files, chronologically:



-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2014-10-09 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2014-10-09 12:52:02

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2014-03-31 
20:43:12.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2014-10-09 
12:52:04.0 +0200
@@ -1,0 +2,60 @@
+Mon Oct  6 12:30:07 UTC 2014 - kstreit...@suse.com
+
+- the following unused patches were removed from the package:
+  * apache2-mod_ssl_npn.patch
+  * httpd-2.0.49-log_server_status.dif 
+
+---
+Mon Sep 29 11:57:40 UTC 2014 - pgaj...@suse.com
+
+- 700 permissions for /usr/sbin/apache2-systemd-ask-pass and
+  /usr/sbin/start_apache2 [bnc#851627]
+
+---
+Wed Sep 26 15:38:17 UTC 2014 - ohole...@suse.com
+
+- allow only TCP ports in Yast2 firewall files
+
+---
+Fri Sep 26 15:00:45 UTC 2014 - pgaj...@suse.com
+
+- more 2.2 -> 2.4 [bnc#862058]
+
+---
+Thu Sep 25 14:39:05 UTC 2014 - pgaj...@suse.com
+
+- ServerSignature=Off and ServerTokens=Prod by request from 
+  security team [bnc#716495]
+
+---
+Wed Sep 24 13:11:16 UTC 2014 - pgaj...@suse.com
+
+- fix documentation links 2.2 -> 2.4 [bnc#888163] (internal)
+
+---
+Mon Jul 21 16:23:51 UTC 2014 - crrodrig...@opensuse.org
+
+- Update package Summary and Description. 
+- version 2.4.10
+* SECURITY: CVE-2014-0117 (cve.mitre.org)
+* SECURITY: CVE-2014-3523 (cve.mitre.org)
+* SECURITY: CVE-2014-0226 (cve.mitre.org)
+* SECURITY: CVE-2014-0118 (cve.mitre.org)
+* SECURITY: CVE-2014-0231 (cve.mitre.org)
+* Multiple bugfixes to mod_ssl, mod_cache, mod_deflate, mod_lua
+* mod_proxy_fcgi supports unix sockets.
+
+---
+Mon Jul 21 07:21:21 UTC 2014 - m...@suse.com
+
+- provide httpd.service as alias for apache2.service for
+  compatibility reasons (bnc#888093)
+
+---
+Mon Apr 14 08:47:02 UTC 2014 - lnus...@suse.de
+
+- move most ssl options to ssl-global.conf. There is usually no need
+  for every vhost to re-define the ciphers for example (bnc#865582).
+  Drop some commented entries that only lead to confusion.
+
+---

Old:

  apache2-mod_ssl_npn.patch
  httpd-2.0.49-log_server_status.dif
  httpd-2.4.9.tar.bz2

New:

  httpd-2.4.10.tar.bz2



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.2czHpi/_old  2014-10-09 12:52:06.0 +0200
+++ /var/tmp/diff_new_pack.2czHpi/_new  2014-10-09 12:52:06.0 +0200
@@ -93,8 +93,8 @@
 # "Server:" header
 %define VENDOR SUSE
 %define platform_stringLinux/%VENDOR
-%define realver 2.4.9
-Version:2.4.9
+%define realver 2.4.10
+Version:2.4.10
 Release:0
 #Source0:  http://www.apache.org/dist/httpd-%{version}.tar.bz2
 Source0:httpd-%{realver}.tar.bz2
@@ -166,7 +166,7 @@
 Patch111:   httpd-visibility.patch
 Url:http://httpd.apache.org/
 Icon:   Apache.xpm
-Summary:The Apache Web Server Version 2.2
+Summary:The Apache Web Server Version 2.4
 License:Apache-2.0
 Group:  Productivity/Networking/Web/Servers
 Provides:   %{apache_mmn}
@@ -198,36 +198,15 @@
 %endif
 
 %description
-Apache 2, the successor to Apache 1.
+This version of httpd is a major release of the 2.4 stable branch,
+and represents the best available version of Apache HTTP Server.
+New features include Loadable MPMs, major improvements to OCSP support,
+mod_lua, Dynamic Reverse Proxy configuration, Improved Authentication/
+Authorization, FastCGI Proxy, New Expression Parser, and a Small Object
+Caching API.
 
-Apache is the most used Web server software worldwide.
-
-Some new features in Apache 2: - hybrid multiprocess, multithreaded
-   mode for improved scalability
-
-- multiprotocol support
-
-- stream filtering
-
-- IPv6 support
-
-- new module API
-
-New modules include: - mod_auth_db
-
-- mod_auth_digest
-
-- mod_charset_lite
-
-- mod_dav
-
-- mod_file_cache
-
-Mod_ssl is no longer a separate package, but is now included in the
-Apache distribution.
-
-See /usr/share/doc/packages/apache2/, http://httpd.apache.org/, and
-http://httpd.apache.org/docs-2.2/upgra

commit apache2 for openSUSE:Factory

2014-03-31 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2014-03-31 20:43:06

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2014-02-26 
23:20:26.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2014-03-31 
20:43:12.0 +0200
@@ -1,0 +2,9 @@
+Thu Mar 27 16:18:27 UTC 2014 - crrodrig...@opensuse.org
+
+- version 2.4.9 
+* SECURITY: CVE-2014-0098
+* SECURITY: CVE-2013-6438
+* multiple bugfixes and improvements to mod_ssl, mod_lua,
+  mod_session and core, see CHANGES for details.
+
+---

Old:

  httpd-2.4.7.tar.bz2

New:

  httpd-2.4.9.tar.bz2



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.HzBFZx/_old  2014-03-31 20:43:14.0 +0200
+++ /var/tmp/diff_new_pack.HzBFZx/_new  2014-03-31 20:43:14.0 +0200
@@ -93,8 +93,8 @@
 # "Server:" header
 %define VENDOR SUSE
 %define platform_stringLinux/%VENDOR
-%define realver 2.4.7
-Version:2.4.7
+%define realver 2.4.9
+Version:2.4.9
 Release:0
 #Source0:  http://www.apache.org/dist/httpd-%{version}.tar.bz2
 Source0:httpd-%{realver}.tar.bz2




++ httpd-2.4.7.tar.bz2 -> httpd-2.4.9.tar.bz2 ++
 73221 lines of diff (skipped)

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2014-02-26 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2014-02-26 23:20:22

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2014-02-13 
06:53:04.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2014-02-26 
23:20:26.0 +0100
@@ -1,0 +2,13 @@
+Mon Feb 17 18:31:11 CET 2014 - dr...@suse.de
+
+- /etc/sysconfig/apache2: add socache_shmcb to the list of modules
+  that are enabled.
+  /etc/apache2/ssl-global.conf: make SSLSessionCache shmcb...
+  conditional on IfModule socache_shmcb.
+  The same applies to SSLSessionCache dmb:* via module socache_dbm
+  in commented section of same file. [bnc#864185]
+- /etc/sysconfig/apache2: remove reference to non-existing script
+  /usr/share/doc/packages/apache2/certificate.sh, which was only a
+  wrapper to mkcert.sh anyways. [bnc#864185]
+
+---



Other differences:
--

++ apache2-ssl-global.conf ++
--- /var/tmp/diff_new_pack.d0KnoL/_old  2014-02-26 23:20:27.0 +0100
+++ /var/tmp/diff_new_pack.d0KnoL/_new  2014-02-26 23:20:27.0 +0100
@@ -39,13 +39,17 @@
#   Inter-Process Session Cache:
#   Configure the SSL Session Cache: First the mechanism 
#   to use and second the expiring timeout (in seconds).
-   #   shm means the same as shmht. 
#   Note that on most platforms shared memory segments are not allowed 
to be on 
#   network-mounted drives, so in that case you need to use the dbm 
method.
#SSLSessionCachenone
+   #
#SSLSessionCache dbm:/var/lib/apache2/ssl_scache
-   #SSLSessionCacheshmht:/var/lib/apache2/ssl_scache(512000)
+   #
+
+
SSLSessionCache shmcb:/var/lib/apache2/ssl_scache(512000)
+
+
SSLSessionCacheTimeout  300
 
 



++ sysconfig.apache2 ++
--- /var/tmp/diff_new_pack.d0KnoL/_old  2014-02-26 23:20:27.0 +0100
+++ /var/tmp/diff_new_pack.d0KnoL/_new  2014-02-26 23:20:27.0 +0100
@@ -52,8 +52,9 @@
 #   You may also name an absolute path if you like.
 #
 # * NOTE ON SSL: before you can use mod_ssl, you need a server certificate. 
-#   A test certificate can be created by entering 
-#   'cd /usr/share/doc/packages/apache2; ./certificate.sh' as root.
+#   A test certificate can be created by (as root):
+#   cd /usr/share/doc/packages/apache2; /bin/sh ./mkcert.sh make 
--no-print-directory /usr/bin/openssl /usr/sbin/ test
+#   Please feel free to have a look at the mkcert.sh script to see how 
certificates can be created.
 #   Also, you need to set the ServerName inside the  
 #   block to the fully qualified domain name (see /etc/HOSTNAME).
 # * if your server certificate is protected by a passphrase you should 
increase the
@@ -72,7 +73,7 @@
 # apache's default installation
 # APACHE_MODULES="authz_host actions alias asis auth autoindex cgi dir imap 
include log_config mime negotiation setenvif status userdir"
 # your settings
-APACHE_MODULES="actions alias auth_basic authn_file authz_host authz_groupfile 
authz_default authz_user autoindex cgi dir env expires include log_config mime 
negotiation setenvif ssl userdir php5 reqtimeout"
+APACHE_MODULES="actions alias auth_basic authn_file authz_host authz_groupfile 
authz_default authz_user autoindex cgi dir env expires include log_config mime 
negotiation setenvif ssl socache_shmcb userdir php5 reqtimeout"
 
 
 ## Type:   string

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2014-02-12 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2014-02-13 06:53:02

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2013-11-17 
15:58:01.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2014-02-13 
06:53:04.0 +0100
@@ -1,0 +2,21 @@
+Mon Nov 25 22:15:51 UTC 2013 - crrodrig...@opensuse.org
+
+- update to apache 2.4.7, important changes:
+
+* This release requires both apr and apr-util 1.5.x series
+  and therefore will no longer build in older released products
+* mod_ssl: Improve handling of ephemeral DH and ECDH keys
+  (obsoletes httpd-mod_ssl_ephemeralkeyhandling.patch)
+* event MPM: Fix possible crashes
+* mod_deflate: Improve error detection
+* core: Add open_htaccess hook  in conjunction with dirwalk_stat.
+* mod_rewrite: Make rewrite websocket-aware to allow proxying.
+* mod_ssl: drop support for export-grade ciphers with ephemeral RSA
+  keys, and unconditionally disable aNULL, eNULL and EXP ciphers
+  (not overridable via SSLCipherSuite)
+* core, mod_ssl: Enable the ability for a module to reverse the
+  sense of a poll event from a read to a write or vice versa
+  (obsoletes httpd-event-ssl.patch)
+* see CHANGES for more details
+
+---

Old:

  httpd-2.4.6.tar.bz2
  httpd-event-ssl.patch
  httpd-mod_ssl_ephemeralkeyhandling.patch

New:

  httpd-2.4.7.tar.bz2



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.A5ndM1/_old  2014-02-13 06:53:05.0 +0100
+++ /var/tmp/diff_new_pack.A5ndM1/_new  2014-02-13 06:53:05.0 +0100
@@ -21,9 +21,11 @@
 BuildRequires:  db-devel
 BuildRequires:  ed
 BuildRequires:  libapr-util1-devel
-BuildRequires:  libapr1-devel >= 1.4.2
+#Since 2.4.7 the event MPM requires apr 1.5.0 or later.
+BuildRequires:  libapr1-devel >= 1.5.0
+#
 BuildRequires:  openldap2-devel
-BuildRequires:  openssl-devel
+BuildRequires:  openssl-devel >= 0.9.8a
 BuildRequires:  pcre-devel
 BuildRequires:  xz
 BuildRequires:  zlib-devel
@@ -91,8 +93,8 @@
 # "Server:" header
 %define VENDOR SUSE
 %define platform_stringLinux/%VENDOR
-%define realver 2.4.6
-Version:2.4.6
+%define realver 2.4.7
+Version:2.4.7
 Release:0
 #Source0:  http://www.apache.org/dist/httpd-%{version}.tar.bz2
 Source0:httpd-%{realver}.tar.bz2
@@ -161,9 +163,7 @@
 #Provides:   apache2(mod_ssl+npn)
 # PATCH-FEATURE-UPSTREAM httpd-2.4.3-mod_systemd.patch 
crrodrig...@opensuse.org simple module provides systemd integration.
 Patch109:   httpd-2.4.3-mod_systemd.patch
-Patch110:   http://people.apache.org/~minfrin/httpd-event-ssl.patch
 Patch111:   httpd-visibility.patch
-Patch112:   httpd-mod_ssl_ephemeralkeyhandling.patch
 Url:http://httpd.apache.org/
 Icon:   Apache.xpm
 Summary:The Apache Web Server Version 2.2
@@ -385,9 +385,7 @@
 %patch70 -p1
 #%patch108 -p1
 %patch109 -p1
-%patch110 
 %patch111 -p1
-%patch112 -p1
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{S:22})




++ httpd-2.4.6.tar.bz2 -> httpd-2.4.7.tar.bz2 ++
 22364 lines of diff (skipped)

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2013-11-17 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2013-11-17 15:58:00

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2013-11-12 
09:49:42.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2013-11-17 
15:58:01.0 +0100
@@ -1,0 +2,7 @@
+Sat Nov 16 00:52:15 UTC 2013 - crrodrig...@opensuse.org
+
+- httpd-mod_ssl_ephemeralkeyhandling.patch obsoletes
+ mod_ssl-2.4.x-ekh.diff this new patch is the final
+  form of the rework, merged for 2.4.7.
+
+---

Old:

  mod_ssl-2.4.x-ekh.diff

New:

  httpd-mod_ssl_ephemeralkeyhandling.patch



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.gt8kyF/_old  2013-11-17 15:58:03.0 +0100
+++ /var/tmp/diff_new_pack.gt8kyF/_new  2013-11-17 15:58:03.0 +0100
@@ -163,7 +163,7 @@
 Patch109:   httpd-2.4.3-mod_systemd.patch
 Patch110:   http://people.apache.org/~minfrin/httpd-event-ssl.patch
 Patch111:   httpd-visibility.patch
-Patch112:   mod_ssl-2.4.x-ekh.diff
+Patch112:   httpd-mod_ssl_ephemeralkeyhandling.patch
 Url:http://httpd.apache.org/
 Icon:   Apache.xpm
 Summary:The Apache Web Server Version 2.2
@@ -387,7 +387,7 @@
 %patch109 -p1
 %patch110 
 %patch111 -p1
-%patch112
+%patch112 -p1
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{S:22})




++ httpd-mod_ssl_ephemeralkeyhandling.patch ++
 1619 lines (skipped)

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2013-11-12 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2013-11-12 09:49:40

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2013-11-07 
08:33:46.0 +0100
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2013-11-12 
09:49:42.0 +0100
@@ -1,0 +2,6 @@
+Mon Nov  4 20:55:52 UTC 2013 - fr...@opensuse.org
+
+- Removed obsolete directive DefaultType
+- Changed all access control to new Require directive
+
+---



Other differences:
--

++ apache2-default-server.conf ++
--- /var/tmp/diff_new_pack.fSfpp3/_old  2013-11-12 09:49:44.0 +0100
+++ /var/tmp/diff_new_pack.fSfpp3/_new  2013-11-12 09:49:44.0 +0100
@@ -25,8 +25,7 @@
#   Options FileInfo AuthConfig Limit
AllowOverride None
# Controls who can get stuff from this server.
-   Order allow,deny
-   Allow from all
+   Require all granted
 
 
 # Aliases: aliases can be added as needed (with no limit). The format is 
@@ -46,8 +45,7 @@
 
Options Indexes MultiViews
AllowOverride None
-   Order allow,deny
-   Allow from all
+   Require all granted
 
 
 # ScriptAlias: This controls which directories contain server scripts.
@@ -65,8 +63,7 @@
 
AllowOverride None
Options +ExecCGI -Includes
-   Order allow,deny
-   Allow from all
+   Require all granted
 
 
 # UserDir: The name of the directory that is appended onto a user's home

++ apache2-default-vhost-ssl.conf ++
--- /var/tmp/diff_new_pack.fSfpp3/_old  2013-11-12 09:49:44.0 +0100
+++ /var/tmp/diff_new_pack.fSfpp3/_new  2013-11-12 09:49:44.0 +0100
@@ -190,15 +190,18 @@
#AuthUserFile /srv/www/passwd/default
 
#
-   # Controls who can get stuff from this server.
+   # Controls who can get stuff from this server. The example gives access 
to:
+   # either a valid user, a user on the same system as the server, a system
+   # which name ends with .example.com and of which the reverse lookup of 
the
+   # IP address matches with the IP address that has been received by 
looking
+   # up that name in the DNS irrespective of any setting of 
HostnameLookups.
#
#
-   #  Require valid-user
-   #  Order Deny,Allow
-   #  Deny from All
-   #  Allow from 127.0.0.1
-   #  Allow from .example.com
-   #  Satisfy any
+   #  
+   #Require valid-user
+   #Require local
+   #Require host .example.com
+   #  
#
 
 

++ apache2-default-vhost.conf ++
--- /var/tmp/diff_new_pack.fSfpp3/_old  2013-11-12 09:49:44.0 +0100
+++ /var/tmp/diff_new_pack.fSfpp3/_new  2013-11-12 09:49:44.0 +0100
@@ -52,8 +52,7 @@
 
AllowOverride None
Options +ExecCGI -Includes
-   Order allow,deny
-   Allow from all
+   Require all granted
 
 
 
@@ -109,8 +108,7 @@
#
# Controls who can get stuff from this server.
#
-   Order allow,deny
-   Allow from all
+   Require all granted
 
 
 

++ apache2-errors.conf ++
--- /var/tmp/diff_new_pack.fSfpp3/_old  2013-11-12 09:49:44.0 +0100
+++ /var/tmp/diff_new_pack.fSfpp3/_new  2013-11-12 09:49:44.0 +0100
@@ -40,8 +40,7 @@
 Options IncludesNoExec
 AddOutputFilter Includes html
 AddHandler type-map var
-Order allow,deny
-Allow from all
+Require all granted
 LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
 ForceLanguagePriority Prefer Fallback
 

++ apache2-httpd.conf ++
--- /var/tmp/diff_new_pack.fSfpp3/_old  2013-11-12 09:49:44.0 +0100
+++ /var/tmp/diff_new_pack.fSfpp3/_new  2013-11-12 09:49:44.0 +0100
@@ -137,7 +137,6 @@
 
 # associate MIME types with filename extensions
 TypesConfig /etc/apache2/mime.types
-DefaultType text/plain
 Include /etc/apache2/mod_mime-defaults.conf
 
 # set up (customizable) error responses
@@ -151,16 +150,14 @@
 
 Options None
 AllowOverride None
-Order deny,allow
-Deny from all
+Require all denied
 
 
 # use .htaccess files for overriding,
 AccessFileName .htaccess
 # and never show them
 
-Order allow,deny
-Deny from all
+Require all denied
 
 
 # List of resources to look for when the client requests a directory

++ apache2-manual.conf ++
--- /var/tmp/diff_new_pack.fSfpp3/_old  2013-11-12 09:49:44.0 +0100
+++ /var/tmp/diff_new_pack.fSfpp3/_new  201

commit apache2 for openSUSE:Factory

2013-11-06 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2013-11-07 08:33:45

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2013-10-24 
14:07:26.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2013-11-07 
08:33:46.0 +0100
@@ -1,0 +2,5 @@
+Fri Oct 25 00:05:02 UTC 2013 - crrodrig...@opensuse.org
+
+- reenable mod_ssl-2.4.x-ekh.diff  
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.5emAxL/_old  2013-11-07 08:33:49.0 +0100
+++ /var/tmp/diff_new_pack.5emAxL/_new  2013-11-07 08:33:49.0 +0100
@@ -163,7 +163,7 @@
 Patch109:   httpd-2.4.3-mod_systemd.patch
 Patch110:   http://people.apache.org/~minfrin/httpd-event-ssl.patch
 Patch111:   httpd-visibility.patch
-#Patch112:   mod_ssl-2.4.x-ekh.diff
+Patch112:   mod_ssl-2.4.x-ekh.diff
 Url:http://httpd.apache.org/
 Icon:   Apache.xpm
 Summary:The Apache Web Server Version 2.2
@@ -387,7 +387,7 @@
 %patch109 -p1
 %patch110 
 %patch111 -p1
-#%patch112
+%patch112
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{S:22})




-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2013-10-24 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2013-10-24 14:07:25

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2013-10-17 
13:57:43.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2013-10-24 
14:07:26.0 +0200
@@ -1,0 +2,33 @@
+Tue Oct 22 15:43:53 UTC 2013 - crrodrig...@opensuse.org
+
+- Correct build in old distros. 
+
+---
+Tue Oct 22 15:09:21 UTC 2013 - crrodrig...@opensuse.org
+
+- disable (revert) mod_ssl changes in the previous
+  commit so it does not end in factory or 13.1 yet.
+
+---
+Tue Oct 22 15:06:19 UTC 2013 - crrodrig...@opensuse.org
+
+- make mod_systemd static so scenarios described in 
+  [bnc#846897] do not happen again.
+
+---
+Mon Oct 21 23:44:19 UTC 2013 - crrodrig...@opensuse.org
+
+- mod_ssl: improve ephemeral key handling in particular, support DH params
+  with more than 1024 bits, and allow custom configuration.
+  This patch adjust DH parameters according to the relevant RFC 
+  recommendations and permanently disables the usage of "export"
+  and "NULL" ciphers no matter what the user configuration is
+  (mod_ssl-2.4.x-ekh.diff, to be in 2.4.7)
+
+---
+Mon Oct 21 23:27:56 UTC 2013 - crrodrig...@opensuse.org
+
+- fix [bnc#846897] problems building kiwi images due to 
+  systemd not being running in chroot. (submit to 13.1 ASAP)
+
+---

New:

  mod_ssl-2.4.x-ekh.diff



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.BaqCOe/_old  2013-10-24 14:07:29.0 +0200
+++ /var/tmp/diff_new_pack.BaqCOe/_new  2013-10-24 14:07:29.0 +0200
@@ -69,10 +69,12 @@
 %define localstatedir  /var/lib/%{pname}
 %define proxycachedir  /var/cache/%{pname}
 %define logfiledir /var/log/%{pname}
-%if %suse_version > 1220
+%if %suse_version >= 1220
 %define runtimedir /run
+%define mods_static access_compat unixd systemd
 %else
 %define runtimedir /var/run
+%define mods_static access_compat unixd
 %endif
 %define sysconfdir /etc/%{pname}
 %define includedir %{_includedir}/%{pname}
@@ -85,6 +87,7 @@
 %else
 %define _unitdir /lib/systemd
 %endif
+
 # "Server:" header
 %define VENDOR SUSE
 %define platform_stringLinux/%VENDOR
@@ -160,6 +163,7 @@
 Patch109:   httpd-2.4.3-mod_systemd.patch
 Patch110:   http://people.apache.org/~minfrin/httpd-event-ssl.patch
 Patch111:   httpd-visibility.patch
+#Patch112:   mod_ssl-2.4.x-ekh.diff
 Url:http://httpd.apache.org/
 Icon:   Apache.xpm
 Summary:The Apache Web Server Version 2.2
@@ -383,6 +387,7 @@
 %patch109 -p1
 %patch110 
 %patch111 -p1
+#%patch112
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{S:22})
@@ -440,7 +445,7 @@
--enable-pie \
 %endif
--enable-mods-shared=all \
---enable-mods-static="access_compat unixd" \
+   --enable-mods-static="%{mods_static}" \
--enable-ssl=shared \
\
--disable-isapi \


++ apache-20-22-upgrade ++
--- /var/tmp/diff_new_pack.BaqCOe/_old  2013-10-24 14:07:29.0 +0200
+++ /var/tmp/diff_new_pack.BaqCOe/_new  2013-10-24 14:07:29.0 +0200
@@ -67,10 +67,6 @@
fi
 done
 
-if [ -x /usr/bin/systemd-notify ] && /usr/bin/systemd-notify --booted && ! 
a2enmod -q systemd; then
-  a2enmod systemd
-fi
-
 if ! a2enmod -q authn_core; then
   a2enmod authn_core
 fi



++ httpd-2.4.3-mod_systemd.patch ++
--- /var/tmp/diff_new_pack.BaqCOe/_old  2013-10-24 14:07:30.0 +0200
+++ /var/tmp/diff_new_pack.BaqCOe/_new  2013-10-24 14:07:30.0 +0200
@@ -1,6 +1,6 @@
 httpd-2.4.3/modules/arch/unix/config5.m4.systemd
-+++ httpd-2.4.3/modules/arch/unix/config5.m4
-@@ -18,6 +18,19 @@ APACHE_MODULE(privileges, Per-virtualhos
+--- httpd-2.4.6.orig/modules/arch/unix/config5.m4
 httpd-2.4.6/modules/arch/unix/config5.m4
+@@ -18,6 +18,18 @@ APACHE_MODULE(privileges, Per-virtualhos
fi
  ])
  
@@ -13,15 +13,14 @@
 +enable_systemd="no"
 +  else
 +APR_ADDTO(MOD_SYSTEMD_LDADD, [$SYSTEMD_LIBS])
-+enable_systemd="yes"
 +  fi
 +])
 +
  APR_ADDTO(INCLUDES, [-I\$(top_srcdir)/$modpath_current])
  
  APACHE_MODPATH_FINISH
 httpd-2.4.3/modules/arch/unix/mod_systemd.c.systemd
-+++

commit apache2 for openSUSE:Factory

2013-10-17 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2013-10-17 13:57:41

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2013-09-04 
13:16:55.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2013-10-17 
13:57:43.0 +0200
@@ -1,0 +2,5 @@
+Mon Oct 14 19:58:23 UTC 2013 - a...@suse.com
+
+- Fix SUSE spelling.
+
+---



Other differences:
--

++ SUSE-NOTICE ++
--- /var/tmp/diff_new_pack.Ay3rHT/_old  2013-10-17 13:57:46.0 +0200
+++ /var/tmp/diff_new_pack.Ay3rHT/_new  2013-10-17 13:57:46.0 +0200
@@ -1,5 +1,5 @@
 
-The SuSE build of apache2 contains the following modifications:
+The SUSE build of apache2 contains the following modifications:
   * assert HAVE_POLL during compilation (safety measure)
   * small fixes in apachectl to make it work with multiple MPMs, and 
 use w3m alternatively to lynx



++ gensslcert ++
--- /var/tmp/diff_new_pack.Ay3rHT/_old  2013-10-17 13:57:46.0 +0200
+++ /var/tmp/diff_new_pack.Ay3rHT/_new  2013-10-17 13:57:46.0 +0200
@@ -49,7 +49,7 @@
ST=unknown
 L=unknown
 U="web server"
-   O="SuSE Linux Web Server"
+   O="SUSE Linux Web Server"
CN=$FQHOSTNAME
 email=webmaster@$FQHOSTNAME
CAdays=$((365 * 6))

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2013-09-04 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2013-09-04 13:16:53

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2013-09-02 
14:55:31.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2013-09-04 
13:16:55.0 +0200
@@ -1,0 +2,13 @@
+Tue Sep  3 15:37:37 UTC 2013 - crrodrig...@opensuse.org
+
+- Also fix subtle non-obvious systemd unit confusion
+  we really mean -DFOREGROUND not -DNO_DETACH the latter only 
+  inhibits the parent from forking, not quite the same as 
+  running in well.. the foreground as required.
+
+---
+Tue Sep  3 03:58:27 UTC 2013 - crrodrig...@opensuse.org
+
+- Ensure we only use /run and not /var/run 
+
+---



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.i4vZYe/_old  2013-09-04 13:16:56.0 +0200
+++ /var/tmp/diff_new_pack.i4vZYe/_new  2013-09-04 13:16:56.0 +0200
@@ -69,7 +69,11 @@
 %define localstatedir  /var/lib/%{pname}
 %define proxycachedir  /var/cache/%{pname}
 %define logfiledir /var/log/%{pname}
+%if %suse_version > 1220
+%define runtimedir /run
+%else
 %define runtimedir /var/run
+%endif
 %define sysconfdir /etc/%{pname}
 %define includedir %{_includedir}/%{pname}
 %define libexecdir %_libdir/%{pname}
@@ -500,10 +504,10 @@
configure 
sed "s/%{vers}-$mpm//" include/ap_config_auto.h > 
include/ap_config_auto.h.new
mv include/ap_config_auto.h.new include/ap_config_auto.h
+sed -i -e "s@/var/run@%{runtimedir}@g" include/ap_config_layout.h
 
make CFLAGS="$RPM_OPT_FLAGS -fvisibility=hidden -fPIC \
-Wall \
-   -DDEFAULT_PIDLOG='\"%{runtimedir}/%{httpd}.pid\"' \
-DDEFAULT_ERRORLOG='\"%{logfiledir}/error_log\"' " \
%{?jobs:-j%jobs} 
 


++ apache2.service ++
--- /var/tmp/diff_new_pack.i4vZYe/_old  2013-09-04 13:16:56.0 +0200
+++ /var/tmp/diff_new_pack.i4vZYe/_new  2013-09-04 13:16:56.0 +0200
@@ -8,9 +8,9 @@
 Type=notify
 PrivateTmp=true
 EnvironmentFile=/etc/sysconfig/apache2
-ExecStart=/usr/sbin/start_apache2 -D SYSTEMD -DNO_DETACH -k start
-ExecReload=/usr/sbin/start_apache2 -D SYSTEMD -DNO_DETACH -t -k graceful
-ExecStop=/usr/sbin/start_apache2 -D SYSTEMD -DNO_DETACH -k graceful-stop
+ExecStart=/usr/sbin/start_apache2 -D SYSTEMD -DFOREGROUND -k start
+ExecReload=/usr/sbin/start_apache2 -D SYSTEMD -DFOREGROUND -t -k graceful
+ExecStop=/usr/sbin/start_apache2 -D SYSTEMD -DFOREGROUND -k graceful-stop
 
 [Install]
 WantedBy=multi-user.target



-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org



commit apache2 for openSUSE:Factory

2013-09-02 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2013-09-02 14:55:29

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2013-08-04 
16:48:08.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2013-09-02 
14:55:31.0 +0200
@@ -1,0 +2,14 @@
+Fri Aug 30 04:48:07 UTC 2013 - crrodrig...@opensuse.org
+
+- Really use %requires_ge for libapr1 and libapr-util1 
+  mentioned but not implemented in the previous commit.
+
+---
+Wed Aug 28 07:29:47 UTC 2013 - crrodrig...@opensuse.org
+
+- Use %requires_ge for libapr1 and libapr-util1
+- apache2-default-server.conf: Need to use IncludeOptional
+- apache-20-22-upgrade: also load authz_core
+- httpd-visibility.patch: Use compiler symbol visibility.
+
+---

New:

  httpd-visibility.patch



Other differences:
--
++ apache2.spec ++
--- /var/tmp/diff_new_pack.gnel1J/_old  2013-09-02 14:55:32.0 +0200
+++ /var/tmp/diff_new_pack.gnel1J/_new  2013-09-02 14:55:32.0 +0200
@@ -155,6 +155,7 @@
 # PATCH-FEATURE-UPSTREAM httpd-2.4.3-mod_systemd.patch 
crrodrig...@opensuse.org simple module provides systemd integration.
 Patch109:   httpd-2.4.3-mod_systemd.patch
 Patch110:   http://people.apache.org/~minfrin/httpd-event-ssl.patch
+Patch111:   httpd-visibility.patch
 Url:http://httpd.apache.org/
 Icon:   Apache.xpm
 Summary:The Apache Web Server Version 2.2
@@ -170,11 +171,9 @@
 Requires:   /etc/mime.types
 PreReq: %{name}-utils
 Requires:   logrotate
-# in the past, libapr1 >= 1.0 was sufficient. But since 2.2.16, a failure to
-# create listen sockets can occur, unless newer libapr1 is used, with certain 
kernels.
-# see https://bugzilla.redhat.com/show_bug.cgi?id=516331
-Requires:   libapr1 < 2.0
-Requires:   libapr1 >= 1.4.2
+#for some reason the parser barfs if not conditional
+%{?requires_ge:%requires_ge libapr1}
+%{?requires_ge:%requires_ge libapr-util1}
 %{?systemd_requires}
 PreReq: fileutils textutils grep sed 
 %if %{?suse_version:1}0
@@ -379,8 +378,8 @@
 #%patch108 -p1
 %patch109 -p1
 %patch110 
+%patch111 -p1
 cat $RPM_SOURCE_DIR/SUSE-NOTICE >> NOTICE
-
 # install READMEs
 a=$(basename %{S:22})
 cp %{S:22} ./${a##%{name}-}
@@ -502,7 +501,7 @@
sed "s/%{vers}-$mpm//" include/ap_config_auto.h > 
include/ap_config_auto.h.new
mv include/ap_config_auto.h.new include/ap_config_auto.h
 
-   make CFLAGS="$RPM_OPT_FLAGS -fPIC \
+   make CFLAGS="$RPM_OPT_FLAGS -fvisibility=hidden -fPIC \
-Wall \
-DDEFAULT_PIDLOG='\"%{runtimedir}/%{httpd}.pid\"' \
-DDEFAULT_ERRORLOG='\"%{logfiledir}/error_log\"' " \


++ apache-20-22-upgrade ++
--- /var/tmp/diff_new_pack.gnel1J/_old  2013-09-02 14:55:32.0 +0200
+++ /var/tmp/diff_new_pack.gnel1J/_new  2013-09-02 14:55:32.0 +0200
@@ -75,6 +75,10 @@
   a2enmod authn_core
 fi
 
+if ! a2enmod -q authz_core; then
+  a2enmod authz_core
+fi
+
 if ! a2enmod -q log_config; then
   a2enmod log_config
 fi

++ apache2-default-server.conf ++
--- /var/tmp/diff_new_pack.gnel1J/_old  2013-09-02 14:55:32.0 +0200
+++ /var/tmp/diff_new_pack.gnel1J/_new  2013-09-02 14:55:32.0 +0200
@@ -99,7 +99,7 @@
 # You can comment this out here if you want those bits include only in a
 # certain virtual host, but not here.
 #
-Include /etc/apache2/conf.d/*.conf
+IncludeOptional /etc/apache2/conf.d/*.conf
 
 # The manual... if it is installed ('?' means it won't complain)
 IncludeOptional /etc/apache2/conf.d/apache2-manual?conf



++ httpd-visibility.patch ++
--- httpd-2.4.6.orig/include/ap_config.h
+++ httpd-2.4.6/include/ap_config.h
@@ -64,7 +64,7 @@
  * AP_DECLARE(rettype) ap_func(args)
  * @endcode
  */
-#define AP_DECLARE(type)type
+#define AP_DECLARE(type)__attribute__ ((visibility ("default"))) 
type
 
 /**
  * Apache Core dso variable argument and hook functions are declared with
@@ -74,7 +74,7 @@
  * AP_DECLARE_NONSTD(rettype) ap_func(args [...])
  * @endcode
  */
-#define AP_DECLARE_NONSTD(type) type
+#define AP_DECLARE_NONSTD(type) __attribute__ ((visibility ("default"))) 
type
 
 /**
  * Apache Core dso variables are declared with AP_MODULE_DECLARE_DATA.
@@ -86,7 +86,7 @@
  * AP_DECLARE_DATA type apr_variable
  * @endcode
  */
-#define AP_DECLARE_DATA
+#define AP_DECLARE_DATA __attribute__ ((visibility ("default")))
 
 #e

commit apache2 for openSUSE:Factory

2013-08-04 Thread h_root
Hello community,

here is the log from the commit of package apache2 for openSUSE:Factory checked 
in at 2013-08-04 16:48:07

Comparing /work/SRC/openSUSE:Factory/apache2 (Old)
 and  /work/SRC/openSUSE:Factory/.apache2.new (New)


Package is "apache2"

Changes:

--- /work/SRC/openSUSE:Factory/apache2/apache2.changes  2013-08-01 
17:14:28.0 +0200
+++ /work/SRC/openSUSE:Factory/.apache2.new/apache2.changes 2013-08-04 
16:48:08.0 +0200
@@ -1,0 +2,6 @@
+Fri Aug  2 08:18:03 UTC 2013 - meiss...@suse.com
+
+- Make the default keysize in the sample gensslcerts 2048 bits to match
+  government recommendations.
+
+---



Other differences:
--



++ gensslcert ++
--- /var/tmp/diff_new_pack.kqKGhu/_old  2013-08-04 16:48:10.0 +0200
+++ /var/tmp/diff_new_pack.kqKGhu/_new  2013-08-04 16:48:10.0 +0200
@@ -95,7 +95,7 @@
 
 cat >$r/root/.mkcert.cfg <$r/root/.mkcert.cfg <

  1   2   >