[apparmor] [patch] mod_apparmor: for apache 2.4, use new access control hook
Steve Beattie
steve at nxnw.org
Tue Jul 8 18:01:25 UTC 2014
[This is an unmodified resend of a patch that was buried deep in a
thread and may have been overlooked.]
Use ap_hook_check_access_ex() instead of
ap_hook_access_checker() for apache 2.4; see
http://httpd.apache.org/docs/2.4/developer/new_api_2_4.html#http_request
Signed-off-by: Steve Beattie <steve at nxnw.org>
---
changehat/mod_apparmor/mod_apparmor.c | 8 ++++++++
1 file changed, 8 insertions(+)
Index: b/changehat/mod_apparmor/mod_apparmor.c
===================================================================
--- a/changehat/mod_apparmor/mod_apparmor.c
+++ b/changehat/mod_apparmor/mod_apparmor.c
@@ -404,7 +404,15 @@ register_hooks(apr_pool_t *p)
{
ap_hook_post_config(aa_init, NULL, NULL, APR_HOOK_MIDDLE);
ap_hook_child_init(aa_child_init, NULL, NULL, APR_HOOK_MIDDLE);
+
+#if AP_SERVER_MAJORVERSION_NUMBER == 2 && AP_SERVER_MINORVERSION_NUMBER < 3
+ /* Compatibility with apache 2.2 */
ap_hook_access_checker(aa_enter_hat, NULL, NULL, APR_HOOK_FIRST);
+#else
+ /* apache 2.4 mod_authz hook */
+ ap_hook_check_access_ex(aa_enter_hat, NULL, NULL, APR_HOOK_FIRST, AP_AUTH_INTERNAL_PER_CONF);
+#endif
+
/* ap_hook_post_read_request(aa_enter_hat, NULL, NULL, APR_HOOK_FIRST); */
ap_hook_log_transaction(aa_exit_hat, NULL, NULL, APR_HOOK_LAST);
}
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140708/e50b7fd5/attachment.pgp>
More information about the AppArmor
mailing list