On the 2.4.x branch: (acfdb68f) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

CHANGES

+7 −0

Original line number	Diff line number	Diff line
		-- coding: utf-8 --
		Changes with Apache 2.4.34

		*) mod_md: improvements and bugfixes
		- MDNotifyCmd now takes additional parameter that are passed on to the called command.
		- ACME challenges have better checks for interference with other modules
		- ACME challenges are only handled for domains managed by the module, allowing
		other ACME clients to operate for other domains in the server.
		- better libressl integration

		*) mod_proxy_wstunnel: Add default schema ports for 'ws' and 'wss'.
		PR 62480. [Lubos Uhliarik <luhliari redhat.com>}

+3 −3

Original line number	Diff line number	Diff line
		@@ -391,15 +391,15 @@ MDCertificateAgreement https://letsencrypt.org/documents/LE-SA-v1.2-November-15-
		<directivesynopsis>
		<name>MDNotifyCmd</name>
		<description>Run a program when Managed Domain are ready.</description>
		<syntax>MDNotifyCmd <var>path</var></syntax>
		<syntax>MDNotifyCmd <var>path</var> [ <var>args</var> ]</syntax>
		<contextlist>
		<context>server config</context>
		</contextlist>
		<usage>
		<p>The configured executable is run when Managed Domains have signed up or
		renewed their certificates. It is given the names of the processed MDs as
		arguments. It should return status code 0 to indicate that it has
		run successfully.
		additional arguments (after the parameters specified here). It should
		return status code 0 to indicate that it has run successfully.
		</p>
		</usage>
		</directivesynopsis>

+9 −1

Original line number	Diff line number	Diff line
		@@ -50,6 +50,13 @@
		#include <process.h>
		#endif

		#if defined(LIBRESSL_VERSION_NUMBER)
		/* Missing from LibreSSL */
		#define MD_USE_OPENSSL_PRE_1_1_API (LIBRESSL_VERSION_NUMBER < 0x2080000f)
		#else /* defined(LIBRESSL_VERSION_NUMBER) */
		#define MD_USE_OPENSSL_PRE_1_1_API (OPENSSL_VERSION_NUMBER < 0x10100000L)
		#endif

		static int initialized;

		struct md_pkey_t {
		@@ -471,7 +478,8 @@ apr_status_t md_pkey_gen(md_pkey_t *ppkey, apr_pool_t p, md_pkey_spec_t *spec)
		}
		}

		#if OPENSSL_VERSION_NUMBER < 0x10100000L \|\| defined(LIBRESSL_VERSION_NUMBER)
		#if MD_USE_OPENSSL_PRE_1_1_API \|\| (defined(LIBRESSL_VERSION_NUMBER) && \
		LIBRESSL_VERSION_NUMBER < 0x2070000f)

		#ifndef NID_tlsfeature
		#define NID_tlsfeature 1020

+6 −3

Original line number	Diff line number	Diff line
		@@ -28,10 +28,12 @@
		* when undefining their INLINEs, we get static, unused functions, arg
		*/
		#if defined(__GNUC__)
		#if __GNUC__ > 4 \|\| (__GNUC__ == 4 && __GNUC_MINOR__ >= 6)
		#pragma GCC diagnostic push
		#pragma GCC diagnostic ignored "-Wunreachable-code"
		#endif
		#if defined(__clang__)
		#pragma GCC diagnostic ignored "-Wunused-function"
		#pragma GCC diagnostic ignored "-Wunreachable-code"
		#elif defined(__clang__)
		#pragma clang diagnostic push
		#pragma clang diagnostic ignored "-Wunused-function"
		#endif
		@@ -42,9 +44,10 @@
		#include <jansson.h>

		#if defined(__GNUC__)
		#if __GNUC__ > 4 \|\| (__GNUC__ == 4 && __GNUC_MINOR__ >= 6)
		#pragma GCC diagnostic pop
		#endif
		#if defined(__clang__)
		#elif defined(__clang__)
		#pragma clang diagnostic pop
		#endif

+2 −2

Original line number	Diff line number	Diff line
		@@ -27,7 +27,7 @@
		* @macro
		* Version number of the md module as c string
		*/
		#define MOD_MD_VERSION "1.1.8"
		#define MOD_MD_VERSION "1.1.15"

		/**
		* @macro
		@@ -35,7 +35,7 @@
		* release. This is a 24 bit number with 8 bits for major number, 8 bits
		* for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
		*/
		#define MOD_MD_VERSION_NUM 0x010108
		#define MOD_MD_VERSION_NUM 0x01010f

		#define MD_ACME_DEF_URL "https://acme-v01.api.letsencrypt.org/directory"