tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
puppet/apache/files/httpsd
Ossi Herrala 0548ead8cd Allow Apache to use MD5 signed certs in Centos >=6.4. 
Centos 6.4 changed the NSS library to reject X.509 certificates which
are signed with MD5:

  "[VALID] The upstream Mozilla NSS disabled support for MD5 hash
   signed certificates in the 3.14 release, which was added to CentOS
   6.4. More details and workarounds can be found in this Fedora bugzilla
   report https://bugzilla.redhat.com/show_bug.cgi?id=895513"

This change can be reverted when the world has changed from MD5 to something else :)
2013-03-09 15:57:45 +00:00

131 lines
3.4 KiB
Bash
Executable file
Raw Permalink Blame History

#!/bin/bash
#
# httpsd Startup script for the Apache HTTP Server
#
# chkconfig: - 85 15
# description: Apache is a World Wide Web server. It is used to serve \
# HTML files and CGI.
# processname: httpsd
# config: /etc/httpd/conf/httpsd.conf
# config: /etc/sysconfig/httpsd
# pidfile: /var/run/httpsd.pid
# Source function library.
. /etc/rc.d/init.d/functions
if [ -f /etc/sysconfig/httpsd ]; then
. /etc/sysconfig/httpsd
fi
OPTIONS="${OPTIONS} -f conf/httpsd.conf"
# Start httpd in the C locale by default.
HTTPSD_LANG=${HTTPSD_LANG-"C"}
# This will prevent initlog from swallowing up a pass-phrase prompt if
# mod_ssl needs a pass-phrase from the user.
INITLOG_ARGS=""
# Set HTTPSD=/usr/sbin/httpd.worker in /etc/sysconfig/httpsd to use a server
# with the thread-based "worker" MPM; BE WARNED that some modules may not
# work correctly with a thread-based MPM; notably PHP will refuse to start.
# Path to the apachectl script, server binary, and short-form for messages.
apachectl=/usr/sbin/apachectl
httpsd=${HTTPSD-/usr/sbin/httpsd}
prog=httpsd
if [ -d /var/run/httpd ]; then
pidfile=${PIDFILE-/var/run/httpd/httpsd.pid}
else
pidfile=${PIDFILE-/var/run/httpsd.pid}
fi
lockfile=${LOCKFILE-/var/lock/subsys/httpsd}
RETVAL=0
# check for 1.3 configuration
check13 () {
CONFFILE=/etc/httpd/conf/httpsd.conf
GONE="(ServerType|BindAddress|Port|AddModule|ClearModuleList|"
GONE="${GONE}AgentLog|RefererLog|RefererIgnore|FancyIndexing|"
GONE="${GONE}AccessConfig|ResourceConfig)"
if LANG=C grep -Eiq "^[[:space:]]*($GONE)" $CONFFILE; then
echo
echo 1>&2 " Apache 1.3 configuration directives found"
echo 1>&2 " please read /usr/share/doc/httpd-2.2.3/migration.html"
failure "Apache 1.3 config directives test"
echo
exit 1
fi
}
# The semantics of these two functions differ from the way apachectl does
# things -- attempting to start while running is a failure, and shutdown
# when not running is also a failure. So we just do it the way init scripts
# are expected to behave here.
start() {
echo -n $"Starting $prog: "
check13 || exit 1
NSS_HASH_ALG_SUPPORT=+MD5 LANG=$HTTPSD_LANG daemon --pidfile=${pidfile} $httpsd $OPTIONS
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch ${lockfile}
return $RETVAL
}
# When stopping httpsd a delay of >10 second is required before SIGKILLing the
# httpsd parent; this gives enough time for the httpsd parent to SIGKILL any
# errant children.
stop() {
echo -n $"Stopping $prog: "
killproc -p ${pidfile} -d 10 $httpsd
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile}
}
reload() {
echo -n $"Reloading $prog: "
if ! LANG=$HTTPSD_LANG $httpsd $OPTIONS -t >&/dev/null; then
RETVAL=$?
echo $"not reloading due to configuration syntax error"
failure $"not reloading $httpsd due to configuration syntax error"
else
killproc -p ${pidfile} $httpsd -HUP
RETVAL=$?
fi
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status -p ${pidfile} $httpsd
RETVAL=$?
;;
restart)
stop
start
;;
condrestart)
if [ -f ${pidfile} ] ; then
stop
start
fi
;;
reload)
reload
;;
graceful|help|configtest|fullstatus)
$apachectl $@
RETVAL=$?
;;
*)
echo $"Usage: $prog {start|stop|restart|condrestart|reload|status|fullstatus|graceful|help|configtest}"
exit 1
esac
exit $RETVAL
Reference in a new issue View git blame Copy permalink