* acinclude.m4: Pick up OpenSSL libs/cflags from pkg-config.
* modules/ssl/ssl_engine_io.c (ssl_io_input_read): Fix potential
infinite loop in ssl_io_input_getline if connection is aborted without
inctx->rc being set.
* modules/ssl/ssl_scache_shmcb.c (ssl_scache_shmcb_init): Use an
anonymous shm segment by default or fall back on name-based shm.
PR: 18989, 21335, 29964
Submitted by: jerenkrantz, jorton
Reviewed by: jerenkrantz, trawick, jorton, nd, minfrin
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/APACHE_2_0_BRANCH@104768
13f79535-47bb-0310-9956-
ffa450edef68
Changes with Apache 2.0.51
+ *) mod_ssl: Build on RHEL 3. PR 18989. [Justin Erenkrantz]
+
+ *) SECURITY: CAN-2004-0748 (cve.mitre.org)
+ mod_ssl: Fix a potential infinite loop. PR 29964. [Joe Orton]
+
+ *) mod_ssl: Avoid startup failure after unclean shutdown if using shmcb.
+ PR 18989. [Joe Orton]
+
*) mod_userdir: Ensure that the userdir identity is used for
suexec userdir access in a virtual host which has suexec configured.
PR 18156. [Joshua Slive]
APACHE 2.0 STATUS: -*-text-*-
-Last modified at [$Date: 2004/08/20 21:17:39 $]
+Last modified at [$Date: 2004/08/23 14:59:51 $]
Release:
PR: 30134
+1: jorton
- *) [SECURITY] mod_ssl: Fix potential infinite loop.
- http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_engine_io.c?r1=1.124&r2=1.125
- PR: 29964
- +1: jorton, nd, jerenkrantz
-
- *) mod_ssl: Use anon shm in shmcb by default.
- http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/ssl/ssl_scache_shmcb.c?r1=1.23&r2=1.24
- PR: 21335
- +1: jorton, minfrin, nd
-
*) apachectl: Fix a problem finding envvars if sbindir != bindir.
PR 30723. [Friedrich Haubensak <hsk imb-jena.de>]
http://cvs.apache.org/viewcvs.cgi/httpd-2.0/support/apachectl.in?r1=1.22&r2=1.23
which integrates the two rounds of changes)
+1 concept: trawick, nd
- * Work around RedHat bug 82359 (openssl requires pkg-config):
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=82369
- Patch (2.1 version already committed, 2.0 has diff OpenSSL config logic):
- http://www.apache.org/~jerenkrantz/httpd-openssl-pkgconfig.patch
- +1: jerenkrantz, trawick, jorton
-
CURRENT RELEASE NOTES:
* Backwards compatibility is expected of future Apache 2.0 releases,
fi
fi
APR_ADDTO(LIBS, [-lssl -lcrypto])
+ pkg-config openssl 2> /dev/null
+ if test $? -eq 0; then
+ ap_ssltk_incdep=`pkg-config --cflags-only-I openssl`
+ APR_ADDTO(INCLUDES, $ap_ssltk_incdep)
+ ap_ssltk_libdep=`pkg-config --libs openssl`
+ APR_ADDTO(LIBS, $ap_ssltk_libdep)
+ fi
ap_cv_ssltk="$ap_ssltk_base"
fi
])
while (1) {
if (!inctx->filter_ctx->pssl) {
+ /* Ensure a non-zero error code is returned */
+ if (inctx->rc == APR_SUCCESS) {
+ inctx->rc = APR_EGENERAL;
+ }
break;
}
ssl_die();
}
- if ((rv = apr_shm_create(&(mc->pSessionCacheDataMM),
- mc->nSessionCacheDataSize,
- mc->szSessionCacheDataFile,
- mc->pPool)) != APR_SUCCESS) {
+ /* Use anonymous shm by default, fall back on name-based. */
+ rv = apr_shm_create(&(mc->pSessionCacheDataMM),
+ mc->nSessionCacheDataSize,
+ NULL, mc->pPool);
+
+ if (APR_STATUS_IS_ENOTIMPL(rv)) {
+ rv = apr_shm_create(&(mc->pSessionCacheDataMM),
+ mc->nSessionCacheDataSize,
+ mc->szSessionCacheDataFile,
+ mc->pPool);
+ }
+
+ if (rv != APR_SUCCESS) {
char buf[100];
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
"Cannot allocate shared memory: (%d)%s", rv,
projects / thirdparty / apache / httpd.git / commitdiff
