apache: update to 2.4.37.

srcpkgs/apache/patches/libressl.patch

@@ -1,62 +1,11 @@
-diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c
+--- modules/ssl/ssl_engine_init.c.orig  2018-10-30 16:25:09.084840429 +0100
-index 48d64cb..2392019 100644
++++ modules/ssl/ssl_engine_init.c       2018-10-30 16:25:55.019411636 +0100
---- ./modules/ssl/mod_ssl.c
+@@ -1492,7 +1492,7 @@
-+++ ./modules/ssl/mod_ssl.c
+     X509_STORE_CTX *sctx;
-@@ -398,7 +398,7 @@ static int ssl_hook_pre_config(apr_pool_t *pconf,
+     X509_STORE *store = SSL_CTX_get_cert_store(mctx->ssl_ctx);
-     /* We must register the library in full, to ensure our configuration
-      * code can successfully test the SSL environment.
-      */
--#if MODSSL_USE_OPENSSL_PRE_1_1_API
-+#if MODSSL_USE_OPENSSL_PRE_1_1_API || defined(LIBRESSL_VERSION_NUMBER)
-     (void)CRYPTO_malloc_init();
- #else
-     OPENSSL_malloc_init();
-diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c
-index a3a74f4..33ea494 100644
---- ./modules/ssl/ssl_engine_init.c
-+++ ./modules/ssl/ssl_engine_init.c
-@@ -616,7 +616,8 @@ static apr_status_t ssl_init_ctx_protocol(server_rec *s,
- 
-     SSL_CTX_set_options(ctx, SSL_OP_ALL);
- 
--#if OPENSSL_VERSION_NUMBER < 0x10100000L
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L  || \
-+      (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20800000L)
-     /* always disable SSLv2, as per RFC 6176 */
-     SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
- 
-diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h
-index a39569c..e0e1b37 100644
---- ./modules/ssl/ssl_private.h
-+++ ./modules/ssl/ssl_private.h
-@@ -132,13 +132,14 @@
-         SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, NULL)
- #define SSL_CTX_set_max_proto_version(ctx, version) \
-         SSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, NULL)
--#endif
--/* LibreSSL declares OPENSSL_VERSION_NUMBER == 2.0 but does not include most
-- * changes from OpenSSL >= 1.1 (new functions, macros, deprecations, ...), so
-- * we have to work around this...
-+#elif LIBRESSL_VERSION_NUMBER < 0x2070000f
-+/* LibreSSL before 2.7 declares OPENSSL_VERSION_NUMBER == 2.0 but does not
-+ * include most changes from OpenSSL >= 1.1 (new functions, macros, 
-+ * deprecations, ...), so we have to work around this...
-  */
- #define MODSSL_USE_OPENSSL_PRE_1_1_API (1)
--#else
-+#endif /* LIBRESSL_VERSION_NUMBER < 0x2060000f */
-+#else /* defined(LIBRESSL_VERSION_NUMBER) */
- #define MODSSL_USE_OPENSSL_PRE_1_1_API (OPENSSL_VERSION_NUMBER < 0x10100000L)
- #endif
- 
-@@ -238,7 +239,8 @@ void init_bio_methods(void);
- void free_bio_methods(void);
- #endif
- 
--#if OPENSSL_VERSION_NUMBER < 0x10002000L || defined(LIBRESSL_VERSION_NUMBER)
-+#if OPENSSL_VERSION_NUMBER < 0x10002000L || \
-+      (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2070000f)
- #define X509_STORE_CTX_get0_store(x) (x->ctx)
- #endif
- 
 
+-#if OPENSSL_VERSION_NUMBER >= 0x1010100fL
++#if OPENSSL_VERSION_NUMBER >= 0x1010100fL && !defined(LIBRESSL_VERSION_NUMBER)
+     /* For OpenSSL >=1.1.1, turn on client cert support which is
+      * otherwise turned off by default (by design).
+      * https://github.com/openssl/openssl/issues/6933 */

srcpkgs/apache/template

@@ -1,7 +1,6 @@
 # Template file for 'apache'
 pkgname=apache
-reverts="2.4.37_1"
+version=2.4.37
-version=2.4.35
 revision=2
 wrksrc="httpd-${version}"
 build_style=gnu-configure
@@ -38,7 +37,7 @@ homepage="http://httpd.apache.org/"
 changelog="http://www.apache.org/dist/httpd/CHANGES_2.4"
 license="Apache-2.0"
 distfiles="https://archive.apache.org/dist/httpd/httpd-${version}.tar.bz2"
-checksum=2607c6fdd4d12ac3f583127629291e9432b247b782396a563bec5678aae69b56
+checksum=3498dc5c6772fac2eb7307dc7963122ffe243b5e806e0be4fb51974ff759d726
 
 system_accounts="_${pkgname}"
 _apache_homedir="/srv/www/$pkgname"