diff --git a/apr-util-1.3.7-nodbmdso.patch b/apr-util-1.3.7-nodbmdso.patch index fd0e206..c2ba6ef 100644 --- a/apr-util-1.3.7-nodbmdso.patch +++ b/apr-util-1.3.7-nodbmdso.patch @@ -1,10 +1,11 @@ ---- apr-util-1.3.7/build/dso.m4.nodbmdso -+++ apr-util-1.3.7/build/dso.m4 -@@ -44,6 +44,16 @@ AC_DEFUN([APU_CHECK_UTIL_DSO], [ +diff --git a/build/dso.m4 b/build/dso.m4 +index 2c5df6b..5b06570 100644 +--- a/build/dso.m4 ++++ b/build/dso.m4 +@@ -44,6 +44,15 @@ yes fi fi -+ + ### Hack: force static linking of DBM code. + objs= + test $apu_have_db = 1 && objs="$objs dbm/apr_dbm_berkeleydb.lo" @@ -17,9 +18,9 @@ if test "$apu_dso_build" = "0"; then # Statically link the drivers: -@@ -42,9 +65,6 @@ AC_DEFUN([APU_CHECK_UTIL_DSO], [ +@@ -57,9 +66,6 @@ yes + test $apu_have_sqlite2 = 1 && objs="$objs dbd/apr_dbd_sqlite2.lo" test $apu_have_sqlite3 = 1 && objs="$objs dbd/apr_dbd_sqlite3.lo" - test $apu_have_freetds = 1 && objs="$objs dbd/apr_dbd_freetds.lo" test $apu_have_odbc = 1 && objs="$objs dbd/apr_dbd_odbc.lo" - test $apu_have_db = 1 && objs="$objs dbm/apr_dbm_berkeleydb.lo" - test $apu_have_gdbm = 1 && objs="$objs dbm/apr_dbm_gdbm.lo" @@ -27,21 +28,21 @@ test $apu_has_ldap = 1 && objs="$objs ldap/apr_ldap_init.lo" test $apu_has_ldap = 1 && objs="$objs ldap/apr_ldap_option.lo" test $apu_has_ldap = 1 && objs="$objs ldap/apr_ldap_rebind.lo" -@@ -81,11 +81,9 @@ +@@ -81,11 +87,9 @@ yes - APRUTIL_LIBS="$APRUTIL_LIBS $LDADD_crypto_openssl $LDADD_crypto_nss" - APRUTIL_LIBS="$APRUTIL_LIBS $LDADD_dbd_pgsql $LDADD_dbd_sqlite2 $LDADD_dbd_sqlite3 $LDADD_dbd_oracle $LDADD_dbd_mysql $LDADD_dbd_freetds $LDADD_dbd_odbc" + APRUTIL_LIBS="$APRUTIL_LIBS $LDADD_crypto_openssl $LDADD_crypto_nss $LDADD_crypto_commoncrypto" + APRUTIL_LIBS="$APRUTIL_LIBS $LDADD_dbd_pgsql $LDADD_dbd_sqlite2 $LDADD_dbd_sqlite3 $LDADD_dbd_oracle $LDADD_dbd_mysql $LDADD_dbd_odbc" - APRUTIL_LIBS="$APRUTIL_LIBS $LDADD_dbm_db $LDADD_dbm_gdbm $LDADD_dbm_ndbm" APRUTIL_LIBS="$APRUTIL_LIBS $LDADD_ldap" - APRUTIL_EXPORT_LIBS="$APRUTIL_EXPORT_LIBS $LDADD_crypto_openssl $LDADD_crypto_nss" - APRUTIL_EXPORT_LIBS="$APRUTIL_EXPORT_LIBS $LDADD_dbd_pgsql $LDADD_dbd_sqlite2 $LDADD_dbd_sqlite3 $LDADD_dbd_oracle $LDADD_dbd_mysql $LDADD_dbd_freetds $LDADD_dbd_odbc" + APRUTIL_EXPORT_LIBS="$APRUTIL_EXPORT_LIBS $LDADD_crypto_openssl $LDADD_crypto_nss $LDADD_crypto_commoncrypto" + APRUTIL_EXPORT_LIBS="$APRUTIL_EXPORT_LIBS $LDADD_dbd_pgsql $LDADD_dbd_sqlite2 $LDADD_dbd_sqlite3 $LDADD_dbd_oracle $LDADD_dbd_mysql $LDADD_dbd_odbc" - APRUTIL_EXPORT_LIBS="$APRUTIL_EXPORT_LIBS $LDADD_dbm_db $LDADD_dbm_gdbm $LDADD_dbm_ndbm" APRUTIL_EXPORT_LIBS="$APRUTIL_EXPORT_LIBS $LDADD_ldap" else -@@ -82,9 +100,6 @@ AC_DEFUN([APU_CHECK_UTIL_DSO], [ +@@ -101,9 +105,6 @@ yes + test $apu_have_sqlite2 = 1 && dsos="$dsos dbd/apr_dbd_sqlite2.la" test $apu_have_sqlite3 = 1 && dsos="$dsos dbd/apr_dbd_sqlite3.la" - test $apu_have_freetds = 1 && dsos="$dsos dbd/apr_dbd_freetds.la" test $apu_have_odbc = 1 && dsos="$dsos dbd/apr_dbd_odbc.la" - test $apu_have_db = 1 && dsos="$dsos dbm/apr_dbm_db.la" - test $apu_have_gdbm = 1 && dsos="$dsos dbm/apr_dbm_gdbm.la" @@ -49,15 +50,17 @@ test $apu_has_ldap = 1 && dsos="$dsos ldap/apr_ldap.la" if test -n "$dsos"; then ---- apr-util-1.3.7/dbm/apr_dbm.c.nodbmdso -+++ apr-util-1.3.7/dbm/apr_dbm.c -@@ -56,6 +56,9 @@ - #error a DBM implementation was not specified - #endif +diff --git a/dbd/apr_dbd.c b/dbd/apr_dbd.c +index abf858c..0cd3a27 100644 +--- a/dbd/apr_dbd.c ++++ b/dbd/apr_dbd.c +@@ -33,6 +33,9 @@ + #include "apr_dbd.h" + #include "apu_version.h" +#undef APU_DSO_BUILD +#define APU_DSO_BUILD 0 + - #if APU_DSO_BUILD - static apr_hash_t *drivers = NULL; + static apr_uint32_t initialised = 0, in_init = 1; + diff --git a/apr-util-1.5.4-openssl11.patch b/apr-util-1.5.4-openssl11.patch deleted file mode 100644 index dfe28e4..0000000 --- a/apr-util-1.5.4-openssl11.patch +++ /dev/null @@ -1,256 +0,0 @@ - -OpenSSL 1.1.0 fixes from apr-util 1.5.x branch. - -diff -uap apr-util-1.5.4/build/crypto.m4.openssl11 apr-util-1.5.4/build/crypto.m4 ---- apr-util-1.5.4/build/crypto.m4.openssl11 -+++ apr-util-1.5.4/build/crypto.m4 -@@ -88,7 +88,7 @@ - [ - if test "$withval" = "yes"; then - AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1]) -- AC_CHECK_LIB(crypto, BN_init, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto)) -+ AC_CHECK_LIB(crypto, BN_new, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto)) - if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then - apu_have_openssl=1 - fi -@@ -104,7 +104,7 @@ - - AC_MSG_NOTICE(checking for openssl in $withval) - AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1]) -- AC_CHECK_LIB(crypto, BN_init, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto)) -+ AC_CHECK_LIB(crypto, BN_new, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto)) - if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then - apu_have_openssl=1 - APR_ADDTO(APRUTIL_LDFLAGS, [-L$withval/lib]) -@@ -113,7 +113,7 @@ - - if test "$apu_have_openssl" != "1"; then - AC_CHECK_HEADERS(openssl/x509.h, [openssl_have_headers=1]) -- AC_CHECK_LIB(crypto, BN_init, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto)) -+ AC_CHECK_LIB(crypto, BN_new, AC_CHECK_LIB(ssl, SSL_accept, [openssl_have_libs=1],,-lcrypto)) - if test "$openssl_have_headers" != "0" && test "$openssl_have_libs" != "0"; then - apu_have_openssl=1 - APR_ADDTO(APRUTIL_LDFLAGS, [-L$withval/lib]) -diff -uap apr-util-1.5.4/crypto/apr_crypto_openssl.c.openssl11 apr-util-1.5.4/crypto/apr_crypto_openssl.c ---- apr-util-1.5.4/crypto/apr_crypto_openssl.c.openssl11 -+++ apr-util-1.5.4/crypto/apr_crypto_openssl.c -@@ -64,7 +64,7 @@ - apr_pool_t *pool; - const apr_crypto_driver_t *provider; - const apr_crypto_t *f; -- EVP_CIPHER_CTX cipherCtx; -+ EVP_CIPHER_CTX *cipherCtx; - int initialised; - int ivSize; - int blockSize; -@@ -111,7 +111,11 @@ - static apr_status_t crypto_init(apr_pool_t *pool, const char *params, - const apu_err_t **result) - { -+#if OPENSSL_VERSION_NUMBER < 0x10100000L - CRYPTO_malloc_init(); -+#else -+ OPENSSL_malloc_init(); -+#endif - ERR_load_crypto_strings(); - /* SSL_load_error_strings(); */ - OpenSSL_add_all_algorithms(); -@@ -124,6 +128,30 @@ - return APR_SUCCESS; - } - -+#if OPENSSL_VERSION_NUMBER < 0x0090802fL -+ -+/* Code taken from OpenSSL 0.9.8b, see -+ * https://github.com/openssl/openssl/commit/cf6bc84148cb15af09b292394aaf2b45f0d5af0d -+ */ -+ -+EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) -+{ -+ EVP_CIPHER_CTX *ctx = OPENSSL_malloc(sizeof *ctx); -+ if (ctx) -+ EVP_CIPHER_CTX_init(ctx); -+ return ctx; -+} -+ -+void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx) -+{ -+ if (ctx) { -+ EVP_CIPHER_CTX_cleanup(ctx); -+ OPENSSL_free(ctx); -+ } -+} -+ -+#endif -+ - /** - * @brief Clean encryption / decryption context. - * @note After cleanup, a context is free to be reused if necessary. -@@ -134,7 +162,7 @@ - { - - if (ctx->initialised) { -- EVP_CIPHER_CTX_cleanup(&ctx->cipherCtx); -+ EVP_CIPHER_CTX_free(ctx->cipherCtx); - ctx->initialised = 0; - } - -@@ -491,8 +519,10 @@ - apr_pool_cleanup_null); - - /* create a new context for encryption */ -- EVP_CIPHER_CTX_init(&block->cipherCtx); -- block->initialised = 1; -+ if (!block->initialised) { -+ block->cipherCtx = EVP_CIPHER_CTX_new(); -+ block->initialised = 1; -+ } - - /* generate an IV, if necessary */ - usedIv = NULL; -@@ -519,16 +549,16 @@ - - /* set up our encryption context */ - #if CRYPTO_OPENSSL_CONST_BUFFERS -- if (!EVP_EncryptInit_ex(&block->cipherCtx, key->cipher, config->engine, -+ if (!EVP_EncryptInit_ex(block->cipherCtx, key->cipher, config->engine, - key->key, usedIv)) { - #else -- if (!EVP_EncryptInit_ex(&block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) usedIv)) { -+ if (!EVP_EncryptInit_ex(block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) usedIv)) { - #endif - return APR_EINIT; - } - - /* Clear up any read padding */ -- if (!EVP_CIPHER_CTX_set_padding(&block->cipherCtx, key->doPad)) { -+ if (!EVP_CIPHER_CTX_set_padding(block->cipherCtx, key->doPad)) { - return APR_EPADDING; - } - -@@ -582,11 +612,16 @@ - } - - #if CRYPT_OPENSSL_CONST_BUFFERS -- if (!EVP_EncryptUpdate(&ctx->cipherCtx, (*out), &outl, in, inlen)) { -+ if (!EVP_EncryptUpdate(ctx->cipherCtx, (*out), &outl, in, inlen)) { - #else -- if (!EVP_EncryptUpdate(&ctx->cipherCtx, (*out), &outl, -+ if (!EVP_EncryptUpdate(ctx->cipherCtx, (*out), &outl, - (unsigned char *) in, inlen)) { - #endif -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ EVP_CIPHER_CTX_cleanup(ctx->cipherCtx); -+#else -+ EVP_CIPHER_CTX_reset(ctx->cipherCtx); -+#endif - return APR_ECRYPT; - } - *outlen = outl; -@@ -616,14 +651,22 @@ - static apr_status_t crypto_block_encrypt_finish(unsigned char *out, - apr_size_t *outlen, apr_crypto_block_t *ctx) - { -+ apr_status_t rc = APR_SUCCESS; - int len = *outlen; - -- if (EVP_EncryptFinal_ex(&ctx->cipherCtx, out, &len) == 0) { -- return APR_EPADDING; -+ if (EVP_EncryptFinal_ex(ctx->cipherCtx, out, &len) == 0) { -+ rc = APR_EPADDING; - } -- *outlen = len; -+ else { -+ *outlen = len; -+ } -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ EVP_CIPHER_CTX_cleanup(ctx->cipherCtx); -+#else -+ EVP_CIPHER_CTX_reset(ctx->cipherCtx); -+#endif - -- return APR_SUCCESS; -+ return rc; - - } - -@@ -662,8 +705,10 @@ - apr_pool_cleanup_null); - - /* create a new context for encryption */ -- EVP_CIPHER_CTX_init(&block->cipherCtx); -- block->initialised = 1; -+ if (!block->initialised) { -+ block->cipherCtx = EVP_CIPHER_CTX_new(); -+ block->initialised = 1; -+ } - - /* generate an IV, if necessary */ - if (key->ivSize) { -@@ -674,16 +719,16 @@ - - /* set up our encryption context */ - #if CRYPTO_OPENSSL_CONST_BUFFERS -- if (!EVP_DecryptInit_ex(&block->cipherCtx, key->cipher, config->engine, -+ if (!EVP_DecryptInit_ex(block->cipherCtx, key->cipher, config->engine, - key->key, iv)) { - #else -- if (!EVP_DecryptInit_ex(&block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) iv)) { -+ if (!EVP_DecryptInit_ex(block->cipherCtx, key->cipher, config->engine, (unsigned char *) key->key, (unsigned char *) iv)) { - #endif - return APR_EINIT; - } - - /* Clear up any read padding */ -- if (!EVP_CIPHER_CTX_set_padding(&block->cipherCtx, key->doPad)) { -+ if (!EVP_CIPHER_CTX_set_padding(block->cipherCtx, key->doPad)) { - return APR_EPADDING; - } - -@@ -737,11 +782,16 @@ - } - - #if CRYPT_OPENSSL_CONST_BUFFERS -- if (!EVP_DecryptUpdate(&ctx->cipherCtx, *out, &outl, in, inlen)) { -+ if (!EVP_DecryptUpdate(ctx->cipherCtx, *out, &outl, in, inlen)) { - #else -- if (!EVP_DecryptUpdate(&ctx->cipherCtx, *out, &outl, (unsigned char *) in, -+ if (!EVP_DecryptUpdate(ctx->cipherCtx, *out, &outl, (unsigned char *) in, - inlen)) { - #endif -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ EVP_CIPHER_CTX_cleanup(ctx->cipherCtx); -+#else -+ EVP_CIPHER_CTX_reset(ctx->cipherCtx); -+#endif - return APR_ECRYPT; - } - *outlen = outl; -@@ -771,15 +821,22 @@ - static apr_status_t crypto_block_decrypt_finish(unsigned char *out, - apr_size_t *outlen, apr_crypto_block_t *ctx) - { -- -+ apr_status_t rc = APR_SUCCESS; - int len = *outlen; - -- if (EVP_DecryptFinal_ex(&ctx->cipherCtx, out, &len) == 0) { -- return APR_EPADDING; -+ if (EVP_DecryptFinal_ex(ctx->cipherCtx, out, &len) == 0) { -+ rc = APR_EPADDING; -+ } -+ else { -+ *outlen = len; - } -- *outlen = len; -+#if OPENSSL_VERSION_NUMBER < 0x10100000L -+ EVP_CIPHER_CTX_cleanup(ctx->cipherCtx); -+#else -+ EVP_CIPHER_CTX_reset(ctx->cipherCtx); -+#endif - -- return APR_SUCCESS; -+ return rc; - - } - diff --git a/apr-util.spec b/apr-util.spec index 6a7b24d..242c583 100644 --- a/apr-util.spec +++ b/apr-util.spec @@ -24,7 +24,6 @@ Source0: http://www.apache.org/dist/apr/%{name}-%{version}.tar.bz2 Patch1: apr-util-1.2.7-pkgconf.patch Patch2: apr-util-1.3.7-nodbmdso.patch Patch4: apr-util-1.4.1-private.patch -Patch5: apr-util-1.5.4-openssl11.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot BuildRequires: autoconf, apr-devel >= 1.3.0 BuildRequires: %{dbdep}, expat-devel, libuuid-devel @@ -133,7 +132,6 @@ This package provides the NSS crypto support for the apr-util. %patch1 -p1 -b .pkgconf %patch2 -p1 -b .nodbmdso %patch4 -p1 -b .private -%patch5 -p1 -b .openssl11 %build autoheader && autoconf