- for older distros, still use SuSEFirewall2 [bsc#1071548c#7]

- Replace SuSEFirewall2 by firewalld (fate#323460)

OBS-URL: https://build.opensuse.org/package/show/Apache/apache2?expand=0&rev=546

apache2.changes

@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Tue Jan 30 09:16:26 UTC 2018 - pgajdos@suse.com
+
+- for older distros, still use SuSEFirewall2 [bsc#1071548c#7]
+
+-------------------------------------------------------------------
+Mon Jan 29 09:23:46 UTC 2018 - knut.anderssen@suse.com
+
+- Replace SuSEFirewall2 by firewalld (fate#323460)
+
 -------------------------------------------------------------------
 Wed Dec 20 16:18:56 UTC 2017 - pgajdos@suse.com
 

apache2.firewalld

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+  <short>WWW (HTTP)</short>
+  <description>HTTP is the protocol used to serve Web pages. If you plan to make your Web server publicly available, enable this option. This option is not required for viewing pages locally or developing Web pages.</description>
+  <port protocol="tcp" port="80"/>
+</service>
+

apache2.spec

@@ -57,6 +57,11 @@
 %define runtimedir	%{_localstatedir}/run
 %define mods_static unixd
 %endif
+%if 0%{?suse_version} >= 1500
+%define use_firewalld 1
+%else
+%define use_firewalld 0
+%endif
 Name:           apache2
 Version:        2.4.29
 Release:        0
@@ -88,8 +93,13 @@ Source31:       apache2-README-instances.txt
 Source45:       sysconf_addword
 Source46:       a2enflag
 Source47:       a2enmod
-Source49:       apache2.firewall
-Source50:       apache2.ssl-firewall
+%if %{use_firewalld}
+Source49:       apache2.firewalld
+Source50:       apache2.ssl.firewalld
+%else
+Source51:       apache2.susefirewall
+Source52:       apache2.ssl.susefirewall
+%endif
 Source100:      apache2-httpd.conf
 Source101:      apache2-errors.conf
 Source102:      apache2-default-server.conf
@@ -686,9 +696,14 @@ pushd %{buildroot}/%{_bindir}
 popd
 
 # install firewall information file
+%if %{use_firewalld}
+install -D -m 644 %{SOURCE49} %{buildroot}%{_libexecdir}/firewalld/services/%{name}.xml
+install -D -m 644 %{SOURCE50} %{buildroot}%{_libexecdir}/firewalld/services/%{name}-ssl.xml
+%else
 install -d %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/
-install -m 644 %{SOURCE49} %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}
-install -m 644 %{SOURCE50} %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}-ssl
+install -m 644 %{SOURCE51} %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}
+install -m 644 %{SOURCE52} %{buildroot}%{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}-ssl
+%endif
 ln -sf %{_bindir}/apxs %{buildroot}%{_sbindir}
 #
 # compat symlinks apache2 -> apache
@@ -861,8 +876,15 @@ mv %{buildroot}/%{sysconfdir}/original .
 %{_datadir}/%{name}/deprecated-scripts
 %{_datadir}/%{name}/script-helpers
 %{_datadir}/%{name}/sysconf_addword
+%if %{use_firewalld}
+%dir %{_libexecdir}/firewalld
+%dir %{_libexecdir}/firewalld/services
+%{_libexecdir}/firewalld/services/%{name}.xml
+%{_libexecdir}/firewalld/services/%{name}-ssl.xml
+%else
 %config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}
 %config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/%{name}-ssl
+%endif
 %if 0%{?suse_version} == 1110
 /usr/share/apache2/find_mpm
 /usr/share/apache2/get_includes

apache2.ssl.firewalld

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<service>
+  <short>Secure WWW (HTTPS)</short>
+  <description>HTTPS is a modified HTTP used to serve Web pages when security is important. Examples are sites that require logins like stores or web mail. This option is not required for viewing pages locally or developing Web pages. You need the httpd package installed for this option to be useful.</description>
+  <port protocol="tcp" port="443"/>
+</service>