From 8b997112958c454bae20d41ef052dd4d63a122d1 Mon Sep 17 00:00:00 2001
From: Thomas Bellman <bellman@nsc.liu.se>
Date: Wed, 4 Apr 2018 19:15:43 +0200
Subject: [PATCH] Handle removal of SSLMutex directive in mod_ssl.

In Apache httpd 2.4, the SSLMutex directive to the mod_ssl module has
been replaced with use of the more general Mutex directive, and Mutex
has saner defaults than SSLMutex had.  Don't put an SSLMutex directive
into ssl.conf if we are using version 2.4 of httpd.
---
 manifests/mod_ssl.pp | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/manifests/mod_ssl.pp b/manifests/mod_ssl.pp
index 15233c6..efd7970 100644
--- a/manifests/mod_ssl.pp
+++ b/manifests/mod_ssl.pp
@@ -17,7 +17,10 @@ class apache::mod_ssl
     $default_options = {
 	'SSLSessionCache'	 => 'shmcb:/var/cache/mod_ssl/scache(512000)',
 	'SSLSessionCacheTimeout' => '300',
-	'SSLMutex'		 => 'default',
+	'SSLMutex'		 => $apache::standard_version ? {
+	    '2.2' => 'default',	# 2.2 defaults to none
+	    '2.4' => false, # SSLMutex replaced with Mutex, with sane default
+	},
 	'SSLRandomSeed startup'	 => 'file:/dev/urandom 256',
 	'SSLRandomSeed connect'	 => 'builtin',
 	'SSLCryptoDevice'	 => 'builtin',
-- 
GitLab