rpms/mod_nss/FC-5 mod_nss-eccinit.patch, NONE, 1.1 mod_nss-conf.patch, 1.1, 1.2 mod_nss.spec, 1.1, 1.2
Robert Crittenden (rcritten)
fedora-extras-commits at redhat.com
Fri Aug 4 20:11:03 UTC 2006
- Previous message (by thread): check-mirrors check-mirrors.py, 1.26, 1.27 return-mirrorlist.py, 1.12, 1.13
- Next message (by thread): rpms/mod_nss/devel mod_nss-eccinit.patch, NONE, 1.1 mod_nss-conf.patch, 1.1, 1.2 mod_nss.spec, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: rcritten
Update of /cvs/extras/rpms/mod_nss/FC-5
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28837/FC-5
Modified Files:
mod_nss-conf.patch mod_nss.spec
Added Files:
mod_nss-eccinit.patch
Log Message:
Bump spec to mod_nss-1.0.3-4
Use the %ghost directive to own the database files.
Use custom logs for mod_nss
Add a default LogLevel to nss.conf
Patch to fix some uninitialized variables
mod_nss-eccinit.patch:
--- NEW FILE mod_nss-eccinit.patch ---
--- mod_nss-1.0.3/nss_engine_config.c 2 Mar 2006 19:21:54 -0000 1.10
+++ mod_nss-1.0.3/nss_engine_config.c 5 Jul 2006 15:03:47 -0000
@@ -82,6 +82,8 @@
mctx->nickname = NULL;
#ifdef NSS_ENABLE_ECC
mctx->eccnickname = NULL;
+ mctx->eccservercert = NULL;
+ mctx->eccserverkey = NULL;
#endif
mctx->servercert = NULL;
mctx->serverkey = NULL;
mod_nss-conf.patch:
Index: mod_nss-conf.patch
===================================================================
RCS file: /cvs/extras/rpms/mod_nss/FC-5/mod_nss-conf.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- mod_nss-conf.patch 18 Jul 2006 18:05:12 -0000 1.1
+++ mod_nss-conf.patch 4 Aug 2006 20:11:02 -0000 1.2
@@ -1,5 +1,5 @@
---- mod_nss-1.0.2/nss.conf.in.orig 2006-06-20 23:09:14.000000000 -0400
-+++ mod_nss-1.0.2/nss.conf.in 2006-06-20 23:10:23.000000000 -0400
+--- mod_nss-1.0.3/nss.conf.in.orig 2006-08-04 14:06:50.000000000 -0400
++++ mod_nss-1.0.3/nss.conf.in 2006-08-04 15:24:34.000000000 -0400
@@ -8,14 +8,16 @@
# consult the online docs. You have been warned.
#
@@ -28,7 +28,7 @@
# Configure the SSL Session Cache.
# NSSSessionCacheSize is the number of entries in the cache.
-@@ -68,11 +70,11 @@
+@@ -68,16 +70,18 @@
## SSL Virtual Host Context
##
@@ -41,8 +41,18 @@
+#ServerName www.example.com:8443
#ServerAdmin you at example.com
- # mod_nss can log to separate log files, you can choose to do that if you'd like
-@@ -111,7 +113,7 @@
+-# mod_nss can log to separate log files, you can choose to do that if you'd like
+-#ErrorLog @apache_prefix@/logs/error_log
+-#TransferLog @apache_prefix@/logs/access_log
++# Use separate log files for the SSL virtual host; note that LogLevel
++# is not inherited from httpd.conf.
++ErrorLog @apache_prefix@/logs/nss_error_log
++TransferLog @apache_prefix@/logs/nss_access_log
++LogLevel warn
+
+ # SSL Engine Switch:
+ # Enable/Disable SSL for this virtual host.
+@@ -111,7 +115,7 @@
# The NSS security database directory that holds the certificates and
# keys. The database consists of 3 files: cert8.db, key3.db and secmod.db.
# Provide the directory that these files exist.
@@ -51,7 +61,7 @@
# Database Prefix:
# In order to be able to store multiple NSS databases in one directory
-@@ -175,7 +177,7 @@
+@@ -175,7 +179,7 @@
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
NSSOptions +StdEnvVars
</Files>
Index: mod_nss.spec
===================================================================
RCS file: /cvs/extras/rpms/mod_nss/FC-5/mod_nss.spec,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- mod_nss.spec 18 Jul 2006 18:05:12 -0000 1.1
+++ mod_nss.spec 4 Aug 2006 20:11:02 -0000 1.2
@@ -1,6 +1,6 @@
Name: mod_nss
Version: 1.0.3
-Release: 1%{?dist}
+Release: 4%{?dist}
Summary: SSL/TLS module for the Apache HTTP server
Group: System Environment/Daemons
License: Apache Software License
@@ -15,6 +15,7 @@
Requires: nss >= 3.11, nss-tools >= 3.11
Patch1: mod_nss-conf.patch
Patch2: mod_nss-gencert.patch
+Patch3: mod_nss-eccinit.patch
%description
The mod_nss module provides strong cryptography for the Apache Web
@@ -26,6 +27,7 @@
%setup -q
%patch1 -p1 -b .conf
%patch2 -p1 -b .gencert
+%patch3 -p1 -b .eccinit
# Touch expression parser sources to prevent regenerating it
touch nss_expr_*.[chyl]
@@ -56,8 +58,6 @@
# The install target of the Makefile isn't used because that uses apxs
# which tries to enable the module in the build host httpd instead of in
# the build root.
-# The "temporary file" text in secmod.db, cert8.db and key3.db is done so
-# the RPM "owns" these 3 files. We don't want any orphans.
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf
@@ -71,9 +71,10 @@
install -m 755 nss_pcache $RPM_BUILD_ROOT%{_sbindir}/
install -m 755 gencert $RPM_BUILD_ROOT%{_sbindir}/
ln -s ../../..%{_libdir}/libnssckbi.so $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/
-echo "temporary file" > $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/secmod.db
-echo "temporary file" > $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/cert8.db
-echo "temporary file" > $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/key3.db
+touch $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/secmod.db
+touch $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/cert8.db
+touch $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/key3.db
+touch $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/install.log
perl -pi -e "s:$NSS_LIB_DIR:$NSS_BIN:" $RPM_BUILD_ROOT%{_sbindir}/gencert
@@ -84,8 +85,7 @@
umask 077
if [ "$1" -eq 1 ] ; then
- if [ `grep -c "temporary file" %{_sysconfdir}/httpd/alias/key3.db` -eq 1 ]; then
- rm -f %{_sysconfdir}/httpd/alias/{secmod,cert8,key3}.db
+ if [ ! -e %{_sysconfdir}/httpd/alias/key3.db ]; then
%{_sbindir}/gencert %{_sysconfdir}/httpd/alias > %{_sysconfdir}/httpd/alias/install.log 2>&1
echo ""
echo "%{name} certificate database generated."
@@ -99,13 +99,23 @@
%config(noreplace) %{_sysconfdir}/httpd/conf.d/nss.conf
%{_libdir}/httpd/modules/libmodnss.so
%dir %{_sysconfdir}/httpd/alias/
-%config(noreplace) %{_sysconfdir}/httpd/alias/secmod.db
-%config(noreplace) %{_sysconfdir}/httpd/alias/cert8.db
-%config(noreplace) %{_sysconfdir}/httpd/alias/key3.db
+%ghost %config(noreplace) %{_sysconfdir}/httpd/alias/secmod.db
+%ghost %config(noreplace) %{_sysconfdir}/httpd/alias/cert8.db
+%ghost %config(noreplace) %{_sysconfdir}/httpd/alias/key3.db
+%ghost %config(noreplace) %{_sysconfdir}/httpd/alias/install.log
%{_sysconfdir}/httpd/alias/libnssckbi.so
%{_sbindir}/nss_pcache
%{_sbindir}/gencert
%changelog
+* Fri Aug 04 2006 Rob Crittenden <rcritten at redhat.com> 1.0.3-4
+- Include LogLevel warn in nss.conf and use separate log files
+
+* Fri Aug 04 2006 Rob Crittenden <rcritten at redhat.com> 1.0.3-3
+- Need to initialize ECC certificate and key variables
+
+* Fri Aug 04 2006 Jarod Wilson <jwilson at redhat.com> 1.0.3-2
+- Use %%ghost for db files and install.log
+
* Tue Jun 20 2006 Rob Crittenden <rcritten at redhat.com> 1.0.3-1
- Initial build
- Previous message (by thread): check-mirrors check-mirrors.py, 1.26, 1.27 return-mirrorlist.py, 1.12, 1.13
- Next message (by thread): rpms/mod_nss/devel mod_nss-eccinit.patch, NONE, 1.1 mod_nss-conf.patch, 1.1, 1.2 mod_nss.spec, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list