packages/httpd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
httpd/httpd.spec
Hailiang ec640b3868 fix build error for sw_64 
(cherry picked from commit 167fb1a289e7cf080f5f72f0eaf1ddc37ec665c9)
2025-04-15 10:46:56 +08:00

802 lines
27 KiB
RPMSpec
Raw Blame History

%define contentdir %{_datadir}/httpd
%define docroot /var/www
%define suexec_caller apache
%define mmn 20120211
%define mmnisa %{mmn}%{__isa_name}%{__isa_bits}
%global mpm event
Name: httpd
Summary: Apache HTTP Server
Version: 2.4.58
Release: 8
License: ASL 2.0
URL: https://httpd.apache.org/
Source0: https://archive.apache.org/dist/httpd/httpd-%{version}.tar.bz2
Source1: index.html
Source2: httpd.logrotate
Source3: instance.conf
Source4: httpd-ssl-pass-dialog
Source5: httpd.tmpfiles
Source6: httpd.service
Source7: action-graceful.sh
Source8: action-configtest.sh
Source9: server-status.conf
Source10: httpd.conf
Source11: 00-base.conf
Source12: 00-mpm.conf
Source13: 00-lua.conf
Source14: 01-cgi.conf
Source15: 00-dav.conf
Source16: 00-proxy.conf
Source17: 00-ssl.conf
Source18: 01-ldap.conf
Source19: 00-proxyhtml.conf
Source20: userdir.conf
Source21: ssl.conf
Source22: welcome.conf
Source23: manual.conf
Source24: 00-systemd.conf
Source25: 01-session.conf
Source26: 10-listen443.conf
Source27: httpd.socket
Source28: 00-optional.conf
Source29: 01-md.conf
Source30: README.confd
Source31: README.confmod
Source32: httpd.service.xml
Source40: htcacheclean.service
Source41: htcacheclean.sysconf
Source42: httpd-init.service
Source43: httpd-ssl-gencerts
Source44: httpd@.service
Patch0: backport-httpd-2.4.1-apctl.patch
Patch1: backport-httpd-2.4.9-apxs.patch
Patch2: backport-httpd-2.4.1-deplibs.patch
Patch3: backport-httpd-2.4.3-apctl-systemd.patch
Patch4: backport-httpd-2.4.53-detect-systemd.patch
Patch5: backport-httpd-2.4.53-export.patch
Patch6: backport-httpd-2.4.43-corelimit.patch
Patch7: backport-httpd-2.4.25-selinux.patch
Patch8: backport-httpd-2.4.54-icons.patch
Patch9: backport-httpd-2.4.43-cachehardmax.patch
Patch10: backport-httpd-2.4.43-socket-activation.patch
Patch11: backport-httpd-2.4.43-sslciphdefault.patch
Patch12: backport-httpd-2.4.43-sslprotdefault.patch
Patch13: backport-httpd-2.4.43-enable-sslv3.patch
Patch14: backport-layout_add_openEuler.patch
Patch15: backport-httpd-2.4.43-gettid.patch
Patch16: backport-httpd-2.4.43-r1861793+.patch
Patch17: backport-httpd-2.4.48-r1828172+.patch
Patch18: backport-httpd-2.4.46-htcacheclean-dont-break.patch
Patch19: backport-release-memory-to-the-OS-when-needed.patch
Patch20: backport-Fix-use-after-free-warning-with-gcc-fanalyzer.patch
Patch21: backport-Use-ap_os_is_path_absolute-to-make-it-portable.patch
Patch22: backport-CVE-2024-24795-let-httpd-handle-CL-TE-for-non-http-handlers.patch
Patch23: backport-CVE-2023-38709-header-validation-after-content.patch
Patch24: backport-CVE-2024-27316-bail-after-too-many-failed-reads.patch
Patch25: backport-remove-dependency-on-xmlstring-header.patch
Patch26: backport-only-allocate-a-heap-heap-buffer.patch
Patch27: backport-CVE-2024-36387-mod_http2-early-exit-if-bb-is-null.patch
Patch28: backport-CVE-2024-38473-mod_proxy-escape-for-non-proxypass-configuration.patch
Patch29: backport-CVE-2024-38473-mod_proxy-Fixup-UDS-filename.patch
Patch30: backport-CVE-2024-38473-CVE-2024-39573-block-inadvertent-subst-of-special-filename.patch
Patch31: backport-CVE-2024-38473-fix-comparsion-of-local-path.patch
Patch32: backport-CVE-2024-38473-fix-the-filename-redirected.patch
Patch33: backport-CVE-2024-38474-CVE-2024-38475-tighten-up-prefix_stat.patch
Patch34: backport-CVE-2024-38476-add-ap_set_content_type_ex-to-differentiate-trusted-sources.patch
Patch35: backport-CVE-2024-38477-validate-hostsname.patch
Patch36: backport-CVE-2024-39884-maintain-trusted-flag.patch
Patch37: backport-CVE-2024-40725.patch
BuildRequires: gcc autoconf pkgconfig findutils xmlto perl-interpreter perl-generators systemd-devel
BuildRequires: zlib-devel libselinux-devel lua-devel brotli-devel
BuildRequires: apr-devel >= 1.5.0 apr-util-devel >= 1.5.0 pcre2-devel
Requires: mailcap system-logos-httpd mod_http2
Requires: httpd-tools = %{version}-%{release} httpd-filesystem = %{version}-%{release}
Requires(pre): httpd-filesystem
Requires(preun): systemd-units
Requires(postun): systemd-units
Requires(post): systemd-units
Provides: mod_proxy_uwsgi = %{version}-%{release}
Provides: webserver httpd-mmn = %{mmn} httpd-mmn = %{mmnisa}
Provides: mod_dav = %{version}-%{release} httpd-suexec = %{version}-%{release}
Obsoletes: mod_proxy_uwsgi < 2.0.17.1-2 httpd-suexec
Conflicts: apr < 1.5.0-1
%description
Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server.
%package devel
Summary: Development files for %{name}
Requires: apr-devel apr-util-devel pkgconfig httpd = %{version}-%{release}
%description devel
This package provides APXS binary and other files used to compile
and develop additional modules for Apache.
%package help
Summary: Documents and man pages for HTTP Server
Requires: httpd = %{version}-%{release}
BuildArch: noarch
%description help
This packages provides manual and reference guide for HTTP Server.
%package filesystem
Summary: The basic directory for HTTP Server
BuildArch: noarch
Requires(pre): shadow-utils
%description filesystem
This package contains the basic directory layout for HTTP Server.
%package tools
Summary: Related tools for use HTTP Server
%description tools
This package contains tools used for HTTP Server.
%package -n mod_ssl
Summary: SSL and TLS modules for HTTP Server
Epoch: 1
BuildRequires: openssl-devel
Requires(pre): httpd-filesystem
Requires: httpd = 0:%{version}-%{release} httpd-mmn = %{mmnisa} sscg >= 2.2.0
Conflicts: openssl-libs < 1:1.0.1h-4
%description -n mod_ssl
This module provides strong cryptography via SSL and TLS for HTTP Server.
%package -n mod_md
Summary: Certificate provisioning using ACME for HTTP Server
Requires: httpd = 0:%{version}-%{release} httpd-mmn = %{mmnisa}
BuildRequires: jansson-devel libcurl-devel
%description -n mod_md
This module manages common properties for one or more virtual hosts.
It uses the ACME protocol to automate certificate provisioning.
%package -n mod_proxy_html
Summary: HTML content filters for the HTTP Server
Requires: httpd = 0:%{version}-%{release} httpd-mmn = %{mmnisa}
BuildRequires: libxml2-devel
Epoch: 1
Obsoletes: mod_proxy_html < 1:2.4.1-2
%description -n mod_proxy_html
This module provides filters which can modify HTML link.
%package -n mod_ldap
Summary: LDAP authentication module for Apache HTTP Server
Requires: httpd = 0:%{version}-%{release} httpd-mmn = %{mmnisa}
Requires: apr-util-ldap
%description -n mod_ldap
This module adds support for LDAP authentication to Apache HTTP Server.
%package -n mod_session
Summary: Session support for Apache HTTP Server
Requires: httpd = 0:%{version}-%{release} httpd-mmn = %{mmnisa}
%description -n mod_session
Ths module provides session support for per-user.
%prep
%autosetup -p1
sed -i '/suexec/s,setcap ,echo Skipping setcap for ,' Makefile.in
sed -i 's/openEuler/%{_vendor}/g' config.layout
# Example conf for instances
cp $RPM_SOURCE_DIR/instance.conf .
sed < $RPM_SOURCE_DIR/httpd.conf >> instance.conf '
0,/^ServerRoot/d;
/# Supplemental configuration/,$d
/^ *CustomLog .logs/s,logs/,logs/${HTTPD_INSTANCE}_,
/^ *ErrorLog .logs/s,logs/,logs/${HTTPD_INSTANCE}_,
'
touch -r $RPM_SOURCE_DIR/instance.conf instance.conf
cp -p $RPM_SOURCE_DIR/server-status.conf server-status.conf
sed 's/@MPM@/%{mpm}/' < $RPM_SOURCE_DIR/httpd.service.xml \
> httpd.service.xml
xmlto man ./httpd.service.xml
%build
%ifarch loongarch64 sw_64
%_update_config_guess
%_update_config_sub
%endif
rm -rf srclib/{apr,apr-util,pcre}
autoheader && autoconf || exit 1
%{__perl} -pi -e "s:\@exp_installbuilddir\@:%{_libdir}/httpd/build:g" support/apxs.in
export CFLAGS=$RPM_OPT_FLAGS
export LDFLAGS="-Wl,-z,relro,-z,now"
export LYNX_PATH=/usr/bin/links
./configure \
--prefix=%{_sysconfdir}/httpd --exec-prefix=%{_prefix} --bindir=%{_bindir} \
--sbindir=%{_sbindir} --mandir=%{_mandir} --libdir=%{_libdir} \
--sysconfdir=%{_sysconfdir}/httpd/conf --includedir=%{_includedir}/httpd \
--libexecdir=%{_libdir}/httpd/modules --datadir=%{contentdir} \
--with-installbuilddir=%{_libdir}/httpd/build --enable-layout=%{_vendor} \
--enable-mpms-shared=all --with-apr=%{_prefix} --with-apr-util=%{_prefix} \
--enable-suexec --with-suexec --enable-suexec-capabilities \
--with-suexec-caller=%{suexec_caller} --with-suexec-docroot=%{docroot} \
--without-suexec-logfile --with-suexec-syslog \
--with-suexec-bin=%{_sbindir}/suexec --with-brotli --enable-pie --with-pcre2 \
--with-suexec-uidmin=1000 --with-suexec-gidmin=1000 \
--enable-mods-shared=all --enable-ssl --with-ssl --disable-distcache \
--enable-proxy --enable-proxy-fdpass --enable-cache --enable-disk-cache \
--enable-ldap --enable-authnz-ldap --enable-cgid --enable-cgi \
--enable-authn-anon --enable-authn-alias --enable-systemd \
--disable-imagemap --disable-file-cache --disable-http2 $*
%make_build
%install
rm -rf $RPM_BUILD_ROOT
%make_install
install -d $RPM_BUILD_ROOT%{_unitdir}
install -p -m644 $RPM_SOURCE_DIR/httpd.service $RPM_BUILD_ROOT%{_unitdir}/httpd.service
install -p -m644 $RPM_SOURCE_DIR/{htcacheclean.service,httpd.socket,httpd@.service,httpd-init.service} $RPM_BUILD_ROOT%{_unitdir}/
install -D -m644 $RPM_SOURCE_DIR/README.confd $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/README
install -D -m644 $RPM_SOURCE_DIR/README.confmod $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/README
install -p -m644 $RPM_SOURCE_DIR/0*.conf $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/
sed -i '/^#LoadModule mpm_%{mpm}_module /s/^#//' $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/00-mpm.conf
touch -r $RPM_SOURCE_DIR/00-mpm.conf $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/00-mpm.conf
install -d $RPM_BUILD_ROOT%{_unitdir}/httpd.service.d
install -D -m 644 -p $RPM_SOURCE_DIR/10-listen443.conf $RPM_BUILD_ROOT%{_unitdir}/httpd.socket.d/10-listen443.conf
install -m644 -p $RPM_SOURCE_DIR/{welcome.conf,ssl.conf,manual.conf,userdir.conf} $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/
install -m 644 docs/conf/extra/httpd-autoindex.conf $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/autoindex.conf
rm -v docs/conf/extra/httpd-{ssl,userdir}.conf
rm $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/*.conf
install -m 644 -p $RPM_SOURCE_DIR/httpd.conf $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/httpd.conf
install -D -m 644 -p $RPM_SOURCE_DIR/htcacheclean.sysconf \
$RPM_BUILD_ROOT%{_sysconfdir}/sysconfig/htcacheclean
install -D -m 644 -p $RPM_SOURCE_DIR/httpd.tmpfiles \
$RPM_BUILD_ROOT%{_prefix}/lib/tmpfiles.d/httpd.conf
install -d $RPM_BUILD_ROOT%{_localstatedir}/lib/{dav,httpd} \
$RPM_BUILD_ROOT/run/httpd/htcacheclean
sed -i \
"s,@@ServerRoot@@/var,%{_localstatedir}/lib/dav,;
s,@@ServerRoot@@/user.passwd,/etc/httpd/conf/user.passwd,;
s,@@ServerRoot@@/docs,%{docroot},;
s,@@ServerRoot@@,%{docroot},;
s,@@Port@@,80,;" \
docs/conf/extra/*.conf
install -d $RPM_BUILD_ROOT%{_localstatedir}/cache/httpd/{proxy,ssl}
install -d $RPM_BUILD_ROOT%{_rpmconfigdir}/macros.d
cat > $RPM_BUILD_ROOT%{_rpmconfigdir}/macros.d/macros.httpd <<EOF
%%_httpd_mmn %{mmnisa}
%%_httpd_apxs %%{_bindir}/apxs
%%_httpd_modconfdir %%{_sysconfdir}/httpd/conf.modules.d
%%_httpd_confdir %%{_sysconfdir}/httpd/conf.d
%%_httpd_contentdir %{contentdir}
%%_httpd_moddir %%{_libdir}/httpd/modules
EOF
install -d $RPM_BUILD_ROOT%{contentdir}/{noindex,server-status}
install -m 644 -p $RPM_SOURCE_DIR/index.html \
$RPM_BUILD_ROOT%{contentdir}/noindex/index.html
install -m 644 -p docs/server-status/* \
$RPM_BUILD_ROOT%{contentdir}/server-status
rm -rf %{contentdir}/htdocs
find $RPM_BUILD_ROOT%{contentdir}/manual \( \
-name \*.xml -o -name \*.xml.* -o -name \*.ent -o -name \*.xsl -o -name \*.dtd \
\) -print0 | xargs -0 rm -f
for f in `find $RPM_BUILD_ROOT%{contentdir}/manual -name \*.html -type f`; do
if test -f ${f}.en; then
cp ${f}.en ${f}
rm ${f}.*
fi
done
rm -v $RPM_BUILD_ROOT%{docroot}/html/*.html \
$RPM_BUILD_ROOT%{docroot}/cgi-bin/*
ln -s ../../pixmaps/poweredby.png \
$RPM_BUILD_ROOT%{contentdir}/icons/poweredby.png
ln -s ../..%{_localstatedir}/log/httpd $RPM_BUILD_ROOT/etc/httpd/logs
ln -s ../..%{_localstatedir}/lib/httpd $RPM_BUILD_ROOT/etc/httpd/state
ln -s /run/httpd $RPM_BUILD_ROOT/etc/httpd/run
ln -s ../..%{_libdir}/httpd/modules $RPM_BUILD_ROOT/etc/httpd/modules
install -D -m755 $RPM_SOURCE_DIR/httpd-ssl-pass-dialog \
$RPM_BUILD_ROOT%{_libexecdir}/httpd-ssl-pass-dialog
install -m755 $RPM_SOURCE_DIR/httpd-ssl-gencerts $RPM_BUILD_ROOT%{_libexecdir}/httpd-ssl-gencerts
install -D -p -m 755 $RPM_SOURCE_DIR/action-graceful.sh $RPM_BUILD_ROOT%{_libexecdir}/initscripts/legacy-actions/httpd/graceful
install -p -m 755 $RPM_SOURCE_DIR/action-configtest.sh $RPM_BUILD_ROOT%{_libexecdir}/initscripts/legacy-actions/httpd/configtest
install -D -m 644 -p $RPM_SOURCE_DIR/httpd.logrotate \
$RPM_BUILD_ROOT/etc/logrotate.d/httpd
install -m 644 -p httpd.service.8 httpd-init.service.8 httpd.socket.8 httpd@.service.8 \
$RPM_BUILD_ROOT%{_mandir}/man8
sed -e "s|/usr/local/apache2/conf/httpd.conf|/etc/httpd/conf/httpd.conf|" \
-e "s|/usr/local/apache2/conf/mime.types|/etc/mime.types|" \
-e "s|/usr/local/apache2/conf/magic|/etc/httpd/conf/magic|" \
-e "s|/usr/local/apache2/logs/error_log|/var/log/httpd/error_log|" \
-e "s|/usr/local/apache2/logs/access_log|/var/log/httpd/access_log|" \
-e "s|/usr/local/apache2/logs/httpd.pid|/run/httpd/httpd.pid|" \
-e "s|/usr/local/apache2|/etc/httpd|" < docs/man/httpd.8 \
> $RPM_BUILD_ROOT%{_mandir}/man8/httpd.8
sed -i '/.*DEFAULT_..._LIBEXECDIR/d;/DEFAULT_..._INSTALLBUILDDIR/d' \
$RPM_BUILD_ROOT%{_includedir}/httpd/ap_config_layout.h
rm -vf \
$RPM_BUILD_ROOT%{_libdir}/*.exp \
$RPM_BUILD_ROOT/etc/httpd/conf/mime.types \
$RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.exp \
$RPM_BUILD_ROOT%{_libdir}/httpd/build/config.nice \
$RPM_BUILD_ROOT%{_bindir}/{ap?-config,dbmmanage} \
$RPM_BUILD_ROOT%{_sbindir}/{checkgid,envvars*} \
$RPM_BUILD_ROOT%{contentdir}/htdocs/* \
$RPM_BUILD_ROOT%{_mandir}/man1/dbmmanage.* \
$RPM_BUILD_ROOT%{contentdir}/cgi-bin/*
rm -rf $RPM_BUILD_ROOT/etc/httpd/conf/{original,extra}
%pre filesystem
getent group apache >/dev/null || groupadd -g 48 -r apache
getent passwd apache >/dev/null || \
useradd -r -u 48 -g apache -s /sbin/nologin \
-d %{contentdir} -c "Apache" apache
exit 0
%post
%systemd_post httpd.service htcacheclean.service httpd.socket
%preun
%systemd_preun httpd.service htcacheclean.service httpd.socket
%postun
%systemd_postun httpd.service htcacheclean.service httpd.socket
%posttrans
test -f /etc/sysconfig/httpd-disable-posttrans || \
/bin/systemctl try-restart --no-block httpd.service htcacheclean.service >/dev/null 2>&1 || :
%check
if readelf -d $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.so | grep TEXTREL; then
: modules contain non-relocatable code
exit 1
fi
set +x
rv=0
for f in $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.so; do
m=${f##*/}
if ! grep -q $m $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/*.conf; then
echo ERROR: Module $m not configured. Disable it, or load it.
rv=1
fi
done
mods=`grep -h ^LoadModule $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/*.conf | sed 's,.*modules/,,'`
for m in $mods; do
f=$RPM_BUILD_ROOT%{_libdir}/httpd/modules/${m}
if ! test -x $f; then
echo ERROR: Module $m is configured but not built.
rv=1
fi
done
set -x
exit $rv
%files
%doc ABOUT_APACHE README CHANGES LICENSE VERSIONING NOTICE
%doc docs/conf/extra/*.conf
%doc instance.conf server-status.conf
%{_sysconfdir}/httpd/{modules,logs,*run,state}
%config(noreplace) %{_sysconfdir}/httpd/conf/{httpd.conf,magic}
%config(noreplace) %{_sysconfdir}/logrotate.d/httpd
%config(noreplace) %{_sysconfdir}/httpd/conf.d/*.conf
%exclude %{_sysconfdir}/httpd/conf.d/ssl.conf
%exclude %{_sysconfdir}/httpd/conf.d/manual.conf
%{_sysconfdir}/httpd/conf.modules.d/README
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/*.conf
%exclude %{_sysconfdir}/httpd/conf.modules.d/00-ssl.conf
%exclude %{_sysconfdir}/httpd/conf.modules.d/00-proxyhtml.conf
%exclude %{_sysconfdir}/httpd/conf.modules.d/01-ldap.conf
%exclude %{_sysconfdir}/httpd/conf.modules.d/01-session.conf
%exclude %{_sysconfdir}/httpd/conf.modules.d/01-md.conf
%config(noreplace) %{_sysconfdir}/sysconfig/htcacheclean
%ghost %{_sysconfdir}/sysconfig/httpd
%{_prefix}/lib/tmpfiles.d/httpd.conf
%{_libexecdir}/initscripts/legacy-actions/httpd/*
%{_sbindir}/ht*
%{_sbindir}/fcgistarter
%{_sbindir}/apachectl
%{_sbindir}/rotatelogs
%caps(cap_setuid,cap_setgid+pe) %attr(510,root,%{suexec_caller}) %{_sbindir}/suexec
%{_libdir}/httpd/modules/mod*.so
%exclude %{_libdir}/httpd/modules/mod_auth_form.so
%exclude %{_libdir}/httpd/modules/mod_ssl.so
%exclude %{_libdir}/httpd/modules/mod_md.so
%exclude %{_libdir}/httpd/modules/mod_*ldap.so
%exclude %{_libdir}/httpd/modules/mod_proxy_html.so
%exclude %{_libdir}/httpd/modules/mod_xml2enc.so
%exclude %{_libdir}/httpd/modules/mod_session*.so
%{contentdir}/icons/*
%{contentdir}/error/README
%{contentdir}/error/*.var
%{contentdir}/error/include/*.html
%{contentdir}/noindex/index.html
%{contentdir}/server-status/*
%attr(0710,root,apache) %dir /run/httpd
%attr(0700,apache,apache) %dir /run/httpd/htcacheclean
%attr(0700,root,root) %dir %{_localstatedir}/log/httpd
%attr(0700,apache,apache) %dir %{_localstatedir}/lib/dav
%attr(0700,apache,apache) %dir %{_localstatedir}/lib/httpd
%attr(0700,apache,apache) %dir %{_localstatedir}/cache/httpd
%attr(0700,apache,apache) %dir %{_localstatedir}/cache/httpd/proxy
%{_mandir}/man8/*
%exclude %{_mandir}/man8/httpd-init.*
%{_unitdir}/httpd.service
%{_unitdir}/httpd@.service
%{_unitdir}/htcacheclean.service
%{_unitdir}/*.socket
%files filesystem
%{_sysconfdir}/httpd/conf.d/README
%dir %{docroot}/cgi-bin
%dir %{docroot}/html
%dir %{contentdir}/icons
%attr(755,root,root) %dir %{_unitdir}/httpd.service.d
%attr(755,root,root) %dir %{_unitdir}/httpd.socket.d
%files tools
%doc LICENSE NOTICE
%{_bindir}/*
%{_mandir}/man1/*
%exclude %{_bindir}/apxs
%exclude %{_mandir}/man1/apxs.1*
%files help
%{contentdir}/manual
%config(noreplace) %{_sysconfdir}/httpd/conf.d/manual.conf
%files -n mod_ssl
%{_libdir}/httpd/modules/mod_ssl.so
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/00-ssl.conf
%config(noreplace) %{_sysconfdir}/httpd/conf.d/ssl.conf
%attr(0700,apache,root) %dir %{_localstatedir}/cache/httpd/ssl
%{_unitdir}/httpd-init.service
%{_libexecdir}/httpd-ssl-pass-dialog
%{_libexecdir}/httpd-ssl-gencerts
%{_unitdir}/httpd.socket.d/10-listen443.conf
%{_mandir}/man8/httpd-init.*
%files -n mod_proxy_html
%{_libdir}/httpd/modules/mod_proxy_html.so
%{_libdir}/httpd/modules/mod_xml2enc.so
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/00-proxyhtml.conf
%files -n mod_ldap
%{_libdir}/httpd/modules/mod_*ldap.so
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/01-ldap.conf
%files -n mod_session
%{_libdir}/httpd/modules/mod_session*.so
%{_libdir}/httpd/modules/mod_auth_form.so
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/01-session.conf
%files -n mod_md
%{_libdir}/httpd/modules/mod_md.so
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/01-md.conf
%files devel
%{_includedir}/httpd
%{_bindir}/apxs
%{_mandir}/man1/apxs.1*
%{_libdir}/httpd/build/*.mk
%{_libdir}/httpd/build/*.sh
%{_rpmconfigdir}/macros.d/macros.httpd
%changelog
* Sat Mar 15 2025 mahailiang <mahailiang@uniontech.com> - 2.4.58-8
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:fix build error for sw_64
* Fri Jul 26 2024 Han Jinpeng <hanjinpeng@kylinos.cn> - 2.4.58-7
- Type:CVE
- ID:CVE-2024-40725
- SUG:NA
- DESC:fix CVE-2024-40725
* Mon Jul 08 2024 chengyechun <chengyechun1@huawei.com> - 2.4.58-6
- Type:CVE
- ID:CVE-2024-38473,CVE-2024-38474,CVE-2024-38475,CVE-2024-38476,CVE-2024-38477,CVE-2024-39884,CVE-2024-39573
- SUG:NA
- DSEC:fix some CVEs
* Tue Jul 02 2024 wangziliang <wangziliang@kylinos.cn> - 2.4.58-5
- Type:CVE
- ID:CVE-2024-36387
- SUG:NA
- DESC:fix CVE-2024-36387
* Sat Jun 08 2024 yueyuankun <yueyuankun@kylinos.cn> - 2.4.58-4
- Type:NA
- ID:NA
- SUG:NA
- DESC: replace openEuler with _vendor
* Wed May 22 2024 zhangyaqi <zhagnyaqi@kylinos.cn> - 2.4.58-3
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:allocate a heap buffer if the configured size is greater than the stack-allocated buffer.
* Mon May 06 2024 chengyechun <chengyechun1@huaiwe.com> - 2.4.58-2
- Type:CVE
- ID:CVE-2024-24795,CVE-2023-38709,CVE-2024-27316
- SUG:NA
- DESC:fix CVE-2024-24795,CVE-2023-38709,CVE-2024-27316 and sync some patches from upstream
* Mon Jan 29 2024 chengyechun <chengyechun1@huawei.com> - 2.4.58-1
- Type:enhancement
- ID:NA
- SUG:NA
- DESC:update to httpd-2.4.58
* Fri Nov 03 2023 chengyechun <chengyechun1@huawei.com> - 2.4.55-5
- Type:CVE
- ID:CVE-2023-31122, CVE-2023-45802, CVE-2023-43622
- SUG:NA
- DESC:fix CVE-2023-31122 and CVE-2023-45802 and CVE-2023-43622
* Mon Aug 14 2023 chengyechun <chengyechun1@huawei.com> - 2.4.55-4
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:fix memory leak in calc_sha256_hash
* Thu Mar 9 2023 chengyechun <chengyechun1@huawei.com> - 2.4.55-3
- Type:CVE
- ID:CVE-2023-27522, CVE-2023-25690
- SUG:restart
- DESC:fix CVE-2023-27522, CVE-2023-25690
* Sat Mar 4 2023 Wenlong Zhang <zhangwenlong@loongson.cn> - 2.4.55-2
- Type:bugfix
- ID:NA
- SUG:restart
- DESC:fix build error for loongarch64
* Wed Feb 1 2023 chengyechun <chengyechun1@huawei.com> - 2.4.55-1
- Type:enhancement
- ID:NA
- SUG:restart
- DESC:update to httpd-2.4.55
* Thu Dec 15 2022 chengyechun <chengyechun1@huawei.com> - 2.4.51-9
- Type:bugfix
- ID:
- SUG:restart
- DESC:reduce the dependency of httpd on system-logos installation
* Tue Dec 13 2022 chengyechun <chengyechun1@huawei.com> - 2.4.51-8
- Type:bugfix
- ID:
- SUG:restart
- DESC:fix the name of the CVE
* Thu Jul 21 2022 chengyechun <chengyechun1@huawei.com> - 2.4.51-7
- Type:CVE
- ID:CVE-2022-28330
- SUG:restart
- DESC:fix CVE-2022-28330
* Sat Jun 25 2022 seuzw <930zhaowei@163.com> - 2.4.51-5
- Type:bugfix
- ID:NA
- SUG:restart
- DESC:switch from PCRE to PCRE2
* Mon Jun 20 2022 chengyechun <chengyechun1@huawei.com> - 2.4.51-5
- Type:CVE
- ID:NA
- SUG:restart
- DESC:fix CVE-2022-31813,CVE-2022-28614,CVE-2022-29404,CVE-2022-26377,CVE-2022-30522,CVE-2022-30556
* Mon Jun 20 2022 chengyechun <chengyechun1@huawei.com> - 2.4.51-4
- Type:CVE
- ID:NA
- SUG:restart
- DESC:fix CVE-2022-28615
* Wed Mar 30 2022 yanglu <yanglu72@h-partners.com> - 2.4.51-3
- Type:cves
- ID:NA
- SUG:restart
- DESC:fix CVE-2021-44224
* Mon Mar 28 2022 yanglu <yanglu72@h-partners.com> - 2.4.51-2
- Type:cves
- ID:NA
- SUG:restart
- DESC:fix CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23934
* Sat Mar 26 2022 yanglu <yanglu72@h-partners.com> - 2.4.51-1
- Type:requirement
- ID:NA
- SUG:NA
- DESC:update httpd to 2.4.51
* Mon Jan 24 2022 quanhongfei <quanhongfei@huawei.com> - 2.4.48-6
- Type:bugfix
- ID:NA
- SUG:restart
- DESC:fix mod info in configuration
* Wed Dec 29 2021 orange-snn <songnannan2@huawei.com> - 2.4.48-5
- Type:cves
- ID:NA
- SUG:restart
- DESC:fix CVE-2021-44790
* Fri Nov 05 2021 gaihuiying <gaihuiying1@huawei.com> - 2.4.48-4
- Type:bugfix
- ID:NA
- SUG:restart
- DESC:fix int overflow in ap_timeout_parameter_parse
Improve fix to please a fuzzer int overflow
* Wed Sep 29 2021 gaihuiying <gaihuiying1@huawei.com> - 2.4.48-3
- Type:cves
- ID:CVE-2021-40438 CVE-2021-39275
- SUG:restart
- DESC:fix CVE-2021-40438 fully and correctly
fix CVE-2021-39275
* Tue Sep 28 2021 gaihuiying <gaihuiying1@huawei.com> - 2.4.48-2
- Type:cves
- ID:CVE-2021-34798 CVE-2021-36160 CVE-2021-40438
- SUG:restart
- DESC:fix CVE-2021-34798 CVE-2021-36160 CVE-2021-40438
* Tue Jul 13 2021 gaihuiying<gaihuiying1@huawei.com> - 2.4.48-1
- Type:requirement
- ID:NA
- SUG:NA
- DESC:update to 2.4.48
* Wed Jun 23 2021 gaihuiying <gaihuiying1@huawei.com> - 2.4.46-5
- Type:cves
- ID:CVE-2021-26690
- SUG:NA
- DESC:fix CVE-2021-26690
* Tue Jun 22 2021 gaihuiying <gaihuiying1@huawei.com> - 2.4.46-4
- Type:cves
- ID:CVE-2021-30641
- SUG:NA
- DESC:fix CVE-2021-30641
* Mon Jun 21 2021 yanglu <yanglu72@huawei.com> - 2.4.46-3
- Type:cves
- ID:CVE-2020-13950 CVE-2020-35452
- SUG:NA
- DESC:fix CVE-2020-13950 CVE-2020-35452
* Wed Jun 16 2021 yanglu <yanglu72@huawei.com> - 2.4.46-2
- Type:cves
- ID:CVE-2021-26691
- SUG:NA
- DESC:fix CVE-2021-26691
* Tue Jan 26 2021 xihaochen<xihaochen@huawei.com> - 2.4.46-1
- Type:requirements
- ID:NA
- SUG:NA
- DESC: update httpd to 2.4.46
* Sun Sep 27 2020 yuboyun <yuboyun@huawei.com> - 2.4.43-4
- Type:cves
- ID:CVE-2020-9490 CVE-2020-11984 CVE-2020-11993
- SUG:restart
- DESC:fix CVE-2020-9490 CVE-2020-11984 CVE-2020-11993
* Sat Sep 5 2020 zhaowei<zhaowei23@huawei.com> - 2.4.43-3
- Type:enhancement
- ID:NA
- SUG:NA
- DESC: update source URL
* Thu Aug 06 2020 gaihuiying <gaihuiying1@huawei.com> - 2.4.43-2
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:fix build error
* Fri Jul 24 2020 zhujunhao <zhujunhao8@huawei.com> - 2.4.43-1
- Type:NA
- ID:NA
- SUG:NA
- DESC:Update to 2.4.43
* Thu Apr 23 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.4.34-17
- Type:cves
- ID:CVE-2019-9517 CVE-2019-10081 CVE-2019-10082 CVE-2020-1927 CVE-2020-1934
- SUG:restart
- DESC:fix CVE-2019-9517 CVE-2019-10081 CVE-2019-10082 CVE-2020-1927 CVE-2020-1934
* Wed Apr 15 2020 chenzhen <chenzhen44@huawei.com> - 2.4.34-16
- Type:cves
- ID:CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-0196 CVE-2019-0197
- SUG:NA
- DESC:fix CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-0196 CVE-2019-0197
* Mon Feb 03 2020 yanzhihua <yanzhihua4@huawei.com> - 2.4.34-15
- Type:cves
- ID:CVE-2018-17199
- SUG:NA
- DESC:fix CVE-2018-17199
* Sun Jan 19 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.4.34-14
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:add SSLCipherSuite
* Sat Jan 11 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.4.34-13
- Type:NA
- ID:NA
- SUG:NA
- DESC:delete patches
* Wed Dec 25 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.4.34-12
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:change source
* Tue Oct 29 2019 zhuchengliang <zhuchengliang4@huawei.com> - 2.4.34-11
- Type:NA
- ID:NA
- SUG:NA
- DESC:add systemd_postun para
* Wed Sep 25 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.4.34-10
- Type:cves
- ID:CVE-2019-0220
- SUG:NA
- DESC:fix CVE-2019-0220
* Sat Sep 21 2019 liyongqiang<liyongqiang10@huawei.com> - 2.4.34-9
- Package init
Reference in New Issue View Git Blame Copy Permalink