📄 sslsup.patch
字号:
## _ _ ## _ __ ___ ___ __| | ___ ___| | mod_ssl## | '_ ` _ \ / _ \ / _` | / __/ __| | Apache Interface to OpenSSL## | | | | | | (_) | (_| | \__ \__ \ | www.modssl.org## |_| |_| |_|\___/ \__,_|___|___/___/_| ftp.modssl.org## |_____| ## ____________________________________________________________________________#### Annotated patch file: sslsup.patch## Copyright (c) 1998-2007 Ralf S. Engelschall, All Rights Reserved. ## Created on: 08-Feb-2008#### This file assembles changes to existing Apache source files## between the original Apache and the patched variant. It can be## automatically applied to a vanilla Apache source tree with the## 'patch' tool to upgrade those files. Each patch snippet is## annotated with a short description.#### This file contains all patches to the Apache sources which## link the SSL support tools into the Apache support tree.##+---------------------------------------------------------------------------| First patch APACI's configuration script to pass a `ssl' flag| to the Makefile.tmpl file which indicated whether mod_ssl is| activated or not. Second we add support for the SSL_BASE and| RSA_BASE variables. Third we provide the configuration| adjustments of the HTTPS port (443) similar to what is| already done by APACI for the HTTP port (80).+---------------------------------------------------------------------------Index: configure--- configure 28 Jul 2006 13:55:08 -0000 1.1.1.17+++ configure 28 Jul 2006 13:56:29 -0000 1.29@@ -217,6 +217,9 @@ iflags_script="-m 755" iflags_data="-m 644" +# ssl defaults+ssl=0+ # various other flags support=1 confadjust=1@@ -1008,7 +1011,7 @@ echo "##" >>$configstatus echo "" >>$configstatus for var in CC CPP OPTIM CFLAGS CFLAGS_SHLIB LDFLAGS LD_SHLIB LDFLAGS_SHLIB \- LDFLAGS_SHLIB_EXPORT LIBS INCLUDES RANLIB DEPS TARGET; do+ LDFLAGS_SHLIB_EXPORT LIBS INCLUDES RANLIB DEPS TARGET EAPI_MM SSL_BASE; do eval "val=\"\$$var\"" if [ "x$val" != "x" ]; then echo "$var=$val" |\@@ -1054,6 +1057,13 @@ fi ##+## SSL support+##+if [ ".$module_ssl" = .yes ]; then+ ssl=1+fi++## ## target name ## if [ "x$TARGET" != "x" ]; then@@ -1127,6 +1137,7 @@ else conf_port="80" fi+conf_port_ssl="443" conf_serveradmin="you@your.address" conf_servername="new.host.name" if [ "x$confadjust" = "x1" ]; then@@ -1150,6 +1161,7 @@ fi if [ "x`$aux/getuid.sh`" != "x0" -a "x$port" = "x" ]; then conf_port="8080"+ conf_port_ssl="8443" fi conf_serveradmin="`$aux/buildinfo.sh -n %u@%h%d`" conf_servername="`$aux/buildinfo.sh -n %h%d`"@@ -1215,6 +1227,7 @@ echo " SERVER_CONFIG_FILE: ${sysconfdir_relative}${thetarget}.conf" echo " ACCESS_CONFIG_FILE: ${sysconfdir_relative}access.conf" echo " RESOURCE_CONFIG_FILE: ${sysconfdir_relative}srm.conf"+ echo " SSL_CERTIFICATE_FILE: ${sysconfdir_relative}ssl.crt/server.crt" echo "" if [ "x$suexec" = "x1" ]; then echo "suEXEC setup:"@@ -1283,9 +1296,11 @@ -e "s%@suexec_gidmin@%$suexec_gidmin%g" \ -e "s%@suexec_safepath@%$suexec_safepath%g" \ -e "s%@suexec_umask@%$suexec_umask%g" \+-e "s%@ssl@%$ssl%g" \ -e "s%@conf_user@%$conf_user%g" \ -e "s%@conf_group@%$conf_group%g" \ -e "s%@conf_port@%$conf_port%g" \+-e "s%@conf_port_ssl@%$conf_port_ssl%g" \ -e "s%@conf_serveradmin@%$conf_serveradmin%g" \ -e "s%@conf_servername@%$conf_servername%g" \ -e "s%@build_support@%$build_support%g" \@@ -1313,6 +1328,8 @@ echo "echo '-DSERVER_CONFIG_FILE=\"${sysconfdir_relative}${thetarget}.conf\"'" >>$src/apaci echo "echo '-DACCESS_CONFIG_FILE=\"${sysconfdir_relative}access.conf\"'" >>$src/apaci echo "echo '-DRESOURCE_CONFIG_FILE=\"${sysconfdir_relative}srm.conf\"'" >>$src/apaci+echo "echo '-DSSL_CERTIFICATE_FILE=\"${sysconfdir_relative}ssl.crt/server.crt\"'" >>$src/apaci+echo "echo '-DEAPI_MM_CORE_PATH=\"${runtimedir_relative}${thetarget}.mm\"'" >>$src/apaci chmod a+x $src/apaci CFLAGS="$CFLAGS \\\`\$(SRCDIR)/apaci\\\`" @@ -1329,7 +1346,7 @@ OIFS="$IFS" IFS="$DIFS" for var in CC CPP OPTIM CFLAGS CFLAGS_SHLIB LDFLAGS LD_SHLIB LDFLAGS_SHLIB \- LDFLAGS_SHLIB_EXPORT LIBS INCLUDES RANLIB DEPS TARGET; do+ LDFLAGS_SHLIB_EXPORT LIBS INCLUDES RANLIB DEPS TARGET EAPI_MM SSL_BASE; do eval "val=\"\$$var\""; if [ "x$val" != "x" ]; then case $var in +---------------------------------------------------------------------------| Here we first incorporate support for the `make certificate'| procedure and second support for the `make install' procedure| where SSL directives in the configuration files are now also| adjusted and SSL certs/keys and support programs are now| additionally installed.+---------------------------------------------------------------------------Index: Makefile.tmpl--- Makefile.tmpl 28 Jul 2006 13:55:08 -0000 1.1.1.15+++ Makefile.tmpl 28 Jul 2006 13:56:29 -0000 1.47@@ -98,10 +98,14 @@ suexec_safepath = @suexec_safepath@ suexec_umask = @suexec_umask@ +# SSL (optional)+ssl = @ssl@+ # some substituted configuration parameters conf_user = @conf_user@ conf_group = @conf_group@ conf_port = @conf_port@+conf_port_ssl = @conf_port_ssl@ conf_serveradmin = @conf_serveradmin@ conf_servername = @conf_servername@ @@ -111,6 +115,13 @@ clean-support = @clean_support@ distclean-support = @distclean_support@ +# `make certificate' parameters+TYPE =+ALGO =+CRT =+KEY =+VIEW =+ # forwarding arguments MFWD = root=$(root) @@ -132,6 +143,7 @@ @if [ "x$(build-support)" != "x" ]; then \ $(MAKE) -f $(TOP)/$(MKF) $(MFLAGS) $(MFWD) $(build-support); \ fi+ @$(MAKE) -f $(TOP)/$(MKF) $(MFLAGS) $(MFWD) build-certificate @touch $(TOP)/$(SRC)/.apaci.build.ok @echo "<=== $(SRC)" @@ -168,6 +180,44 @@ fi @echo "<=== $(SRC)/support" +# SSL certificate generation+build-certificate:+ -@if [ ".$(ssl)" = .1 ]; then \+ if [ ".`grep '(SKIPME)' $(TOP)/conf/ssl.crt/server.crt`" != . ]; then \+ if [ ".$(QUIET)" != .1 ]; then \+ echo "+---------------------------------------------------------------------+"; \+ echo "| Before you install the package you now should prepare the SSL |"; \+ echo "| certificate system by running the 'make certificate' command. |"; \+ echo "| For different situations the following variants are provided: |"; \+ echo "| |"; \+ echo "| % make certificate TYPE=dummy (dummy self-signed Snake Oil cert) |"; \+ echo "| % make certificate TYPE=test (test cert signed by Snake Oil CA) |"; \+ echo "| % make certificate TYPE=custom (custom cert signed by own CA) |"; \+ echo "| % make certificate TYPE=existing (existing cert) |"; \+ echo "| CRT=/path/to/your.crt [KEY=/path/to/your.key] |"; \+ echo "| |"; \+ echo "| Use TYPE=dummy when you're a vendor package maintainer, |"; \+ echo "| the TYPE=test when you're an admin but want to do tests only, |"; \+ echo "| the TYPE=custom when you're an admin willing to run a real server |"; \+ echo "| and TYPE=existing when you're an admin who upgrades a server. |"; \+ echo "| (The default is TYPE=test) |"; \+ echo "| |"; \+ echo "| Additionally add ALGO=RSA (default) or ALGO=DSA to select |"; \+ echo "| the signature algorithm used for the generated certificate. |"; \+ echo "| |"; \+ echo "| Use 'make certificate VIEW=1' to display the generated data. |"; \+ echo "| |"; \+ echo "| Thanks for using Apache & mod_ssl. Ralf S. Engelschall |"; \+ echo "| rse@engelschall.com |"; \+ echo "| www.engelschall.com |"; \+ echo "+---------------------------------------------------------------------+"; \+ fi \+ fi \+ fi++certificate:+ @cd $(TOP)/$(SRC); $(MAKE) $(MFLAGS) certificate TYPE="$(TYPE)" ALGO="$(ALGO)" CRT="$(CRT)" KEY="$(KEY)" VIEW="$(VIEW)"+ ## ------------------------------------------------------------------ ## Installation Targets ## ------------------------------------------------------------------@@ -209,6 +259,10 @@ echo "| |"; \ echo "| $(sbindir)/$${apachectl} start"; \ echo "| |"; \+ echo "| Or when you want to run it with SSL enabled use: |"; \+ echo "| |"; \+ echo "| $(sbindir)/$${apachectl} startssl"; \+ echo "| |"; \ echo "| Thanks for using Apache. The Apache Group |"; \ echo "| http://www.apache.org/ |"; \ echo "+--------------------------------------------------------+"; \@@ -227,6 +281,11 @@ $(MKDIR) $(root)$(mandir)/man1 $(MKDIR) $(root)$(mandir)/man8 $(MKDIR) $(root)$(sysconfdir)+ $(MKDIR) $(root)$(sysconfdir)/ssl.crt+ $(MKDIR) $(root)$(sysconfdir)/ssl.crl+ $(MKDIR) $(root)$(sysconfdir)/ssl.csr+ $(MKDIR) $(root)$(sysconfdir)/ssl.key+ $(MKDIR) $(root)$(sysconfdir)/ssl.prm $(MKDIR) $(root)$(htdocsdir) $(MKDIR) $(root)$(manualdir) $(MKDIR) $(root)$(iconsdir)@@ -286,19 +345,34 @@ echo "$(INSTALL_DSO) $(TOP)/$(SRC)/$${mod} $(root)$(libexecdir)/$${file}"; \ $(INSTALL_DSO) $(TOP)/$(SRC)/$${mod} $(root)$(libexecdir)/$${file}; \ name=`$(TOP)/$(AUX)/fmn.sh $(TOP)/$(SRC)/$${mod}`; \+ if [ ".$$name" = .ssl_module ]; then \+ echo "<IfDefine SSL>" >>$(SRC)/.apaci.install.conf; \+ fi; \ echo dummy | awk '{ printf("LoadModule %-18s %s\n", modname, modpath); }' \ modname="$${name}" modpath="$(libexecdir_relative)$${file}" >>$(SRC)/.apaci.install.conf; \+ if [ ".$$name" = .ssl_module ]; then \⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -