mirror/freebsd-ports
1
0
Fork 0
mirror of https://git.FreeBSD.org/ports.git synced 2025-01-15 07:56:36 +00:00
Code Issues Releases Activity

- Convert to USERS/GROUPS [1]

Browse Source 
- Resync proxy connect patch [2]
- Bump PORTREVISION since the proxy patch is unconditionally applied
  which means we can remove that OPTION too

PR:             ports/164698 [1], ports/164711 [2]
Submitted by:   jgh@ [1], freebsd@nagilum.org [2]
With Hat:       apache@
Sponsored by:   RideCharge Inc. / TaxiMagic
This commit is contained in:
Philip M. Gollucci 2012-02-08 04:35:31 +00:00
parent 36b0134643
commit 8f547039c4
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=290685
4 changed files with 76 additions and 112 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
www/apache22/Makefile
View File

@ -9,7 +9,7 @@
PORTNAME= apache
PORTVERSION= 2.2.22
#PORTREVISION= 1
PORTREVISION= 2
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_APACHE_HTTPD}
DISTNAME= httpd-${PORTVERSION}
@ -43,6 +43,9 @@ USE_PERL5= yes
USE_RC_SUBR= apache22 htcacheclean
LIBTOOLFILES= configure.in
USERS= www
GROUPS= www
MPM_ITK_VERSION?= 20110321-01
# for slave ports
@ -191,9 +194,6 @@ post-configure:
@${REINPLACE_CMD} -e "s,%%WWWOWN%%,${WWWOWN}," -e "s,%%WWWGRP%%,${WWWGRP}," ${WRKSRC}/docs/conf/httpd.conf
@${REINPLACE_CMD} -e "s,%%PREFIX%%,${PREFIX}," ${WRKSRC}/support/envvars-std
pre-install:
@PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
post-install:
@${MKDIR} ${PREFIX}/etc/apache22/envvars.d
@${MKDIR} ${PREFIX}/etc/apache22/Includes

1
www/apache22/Makefile.options
View File

@ -65,7 +65,6 @@ OPTIONS+= \
VERSION "Enable mod_version" ON \
PROXY "Enable mod_proxy" OFF \
PROXY_CONNECT "Enable mod_proxy_connect" OFF \
PATCH_PROXY_CONNECT "Patch proxy_connect SSL support" ON \
PROXY_FTP "Enable mod_proxy_ftp" OFF \
PROXY_HTTP "Enable mod_proxy_http" OFF \
PROXY_AJP "Enable mod_proxy_ajp" OFF \

142
www/apache22/files/patch-modules__proxy__mod_proxy_connect.c
View File

@ -1,5 +1,5 @@
--- ./modules/proxy/mod_proxy_connect.c.orig 2009-11-19 09:07:46.000000000 -0500
+++ ./modules/proxy/mod_proxy_connect.c 2010-05-06 19:37:54.227730259 -0400
--- ./modules/proxy/mod_proxy_connect.c.orig 2010-12-08 20:31:34.000000000 +0100
+++ ./modules/proxy/mod_proxy_connect.c 2012-02-02 17:12:20.000000000 +0100
@@ -21,6 +21,8 @@
#include "mod_proxy.h"
#include "apr_poll.h"
@ -25,27 +25,27 @@
+ do {
+ apr_brigade_cleanup(bb);
+ rv = ap_get_brigade(c_i->input_filters, bb, AP_MODE_READBYTES,
+ APR_NONBLOCK_READ, CONN_BLKSZ);
+ APR_NONBLOCK_READ, CONN_BLKSZ);
+ if (rv == APR_SUCCESS) {
+ if (APR_BRIGADE_EMPTY(bb))
+ if (APR_BRIGADE_EMPTY(bb))
+ break;
+#ifdef DEBUGGING
+ len = -1;
+ apr_brigade_length(bb, 0, &len);
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ len = -1;
+ apr_brigade_length(bb, 0, &len);
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "proxy: CONNECT: read %" APR_OFF_T_FMT
+ " bytes from %s", len, name);
+#endif
+ rv = ap_pass_brigade(c_o->output_filters, bb);
+ if (rv == APR_SUCCESS) {
+ rv = ap_pass_brigade(c_o->output_filters, bb);
+ if (rv == APR_SUCCESS) {
+ ap_fflush(c_o->output_filters, bb);
+ } else {
+ } else {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+ "proxy: CONNECT: error on %s - ap_pass_brigade",
+ name);
+ }
+ "proxy: CONNECT: error on %s - ap_pass_brigade",
+ name);
+ }
+ } else if (!APR_STATUS_IS_EAGAIN(rv)) {
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, rv, r,
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, rv, r,
+ "proxy: CONNECT: error on %s - ap_get_brigade",
+ name);
+ }
@ -69,8 +69,7 @@
+
+ apr_bucket_brigade *bb = apr_brigade_create(p, c->bucket_alloc);
apr_status_t err, rv;
- apr_size_t i, o, nbytes;
+ apr_size_t nbytes;
apr_size_t i, o, nbytes;
char buffer[HUGE_STRING_LEN];
- apr_socket_t *client_socket = ap_get_module_config(r->connection->conn_config, &core_module);
- int failed;
@ -85,25 +84,25 @@
default:
- /* XXX can we call ap_proxyerror() here to get a nice log message? */
- return HTTP_FORBIDDEN;
+ return ap_proxyerror(r, HTTP_FORBIDDEN, "Connect to remote machine blocked");
+ return ap_proxyerror(r, HTTP_FORBIDDEN, "Connect to remote machine blocked");
}
} else if(!allowed_port(conf, uri.port)) {
- /* XXX can we call ap_proxyerror() here to get a nice log message? */
- return HTTP_FORBIDDEN;
+ return ap_proxyerror(r, HTTP_FORBIDDEN, "Connect to remote machine blocked");
+ return ap_proxyerror(r, HTTP_FORBIDDEN, "Connect to remote machine blocked");
}
/*
@@ -205,18 +253,57 @@
@@ -205,19 +253,57 @@
}
}
+ /* setup polling for connection */
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "proxy: CONNECT: setting up poll()");
+ "proxy: CONNECT: setting up poll()");
+
+ if ((rv = apr_pollset_create(&pollset, 2, r->pool, 0)) != APR_SUCCESS) {
+ apr_socket_close(sock);
+ apr_socket_close(sock);
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+ "proxy: CONNECT: error apr_pollset_create()");
+ return HTTP_INTERNAL_SERVER_ERROR;
@ -133,74 +132,76 @@
- */
- r->output_filters = NULL;
- r->connection->output_filters = NULL;
-
+ backconn = ap_run_create_connection(c->pool, r->server, sock,
+ c->id, c->sbh, c->bucket_alloc);
+ c->id, c->sbh, c->bucket_alloc);
+ if (!backconn) {
+ /* peer reset */
+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
+ "proxy: an error occurred creating a new connection "
+ "to %pI (%s)", connect_addr, connectname);
+ apr_socket_close(sock);
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
+ ap_proxy_ssl_disable(backconn);
+ rc = ap_run_pre_connection(backconn, sock);
+ if (rc != OK && rc != DONE) {
+ backconn->aborted = 1;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "proxy: CONNECT: pre_connection setup failed (%d)", rc);
+ return HTTP_INTERNAL_SERVER_ERROR;
+ /* peer reset */
+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
+ "proxy: an error occurred creating a new connection "
+ "to %pI (%s)", connect_addr, connectname);
+ apr_socket_close(sock);
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
+ ap_proxy_ssl_disable(backconn);
+ rc = ap_run_pre_connection(backconn, sock);
+ if (rc != OK && rc != DONE) {
+ backconn->aborted = 1;
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "proxy: CONNECT: pre_connection setup failed (%d)", rc);
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "proxy: CONNECT: connection complete to %pI (%s)",
+ connect_addr, connectname);
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "proxy: CONNECT: connection complete to %pI (%s)",
+ connect_addr, connectname);
/* If we are connecting through a remote proxy, we need to pass
@@ -227,12 +314,11 @@
* the CONNECT request on to it.
@@ -227,12 +313,11 @@
*/
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
"proxy: CONNECT: sending the CONNECT request to the remote proxy");
- nbytes = apr_snprintf(buffer, sizeof(buffer),
+ ap_fprintf(backconn->output_filters, bb,
+ ap_fprintf(backconn->output_filters, bb,
"CONNECT %s HTTP/1.0" CRLF, r->uri);
- apr_socket_send(sock, buffer, &nbytes);
- nbytes = apr_snprintf(buffer, sizeof(buffer),
- "Proxy-agent: %s" CRLF CRLF, ap_get_server_banner());
- apr_socket_send(sock, buffer, &nbytes);
+ ap_fprintf(backconn->output_filters, bb,
+ "Proxy-agent: %s" CRLF CRLF, ap_get_server_version());
+ ap_fflush(backconn->output_filters, bb);
+ ap_fprintf(backconn->output_filters, bb,
+ "Proxy-agent: %s" CRLF CRLF, ap_get_server_version());
+ ap_fflush(backconn->output_filters, bb);
}
else {
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
@@ -240,11 +326,12 @@
@@ -240,11 +325,12 @@
nbytes = apr_snprintf(buffer, sizeof(buffer),
"HTTP/1.0 200 Connection Established" CRLF);
ap_xlate_proto_to_ascii(buffer, nbytes);
- apr_socket_send(client_socket, buffer, &nbytes);
+ ap_fwrite(c->output_filters, bb, buffer, nbytes);
+ ap_fwrite(c->output_filters, bb, buffer, nbytes);
nbytes = apr_snprintf(buffer, sizeof(buffer),
"Proxy-agent: %s" CRLF CRLF, ap_get_server_banner());
ap_xlate_proto_to_ascii(buffer, nbytes);
- apr_socket_send(client_socket, buffer, &nbytes);
+ ap_fwrite(c->output_filters, bb, buffer, nbytes);
+ ap_fflush(c->output_filters, bb);
+ ap_fflush(c->output_filters, bb);
#if 0
/* This is safer code, but it doesn't work yet. I'm leaving it
* here so that I can fix it later.
@@ -265,27 +352,15 @@
@@ -264,28 +350,16 @@
*
* Handle two way transfer of data over the socket (this is a tunnel).
*/
+ /* we are now acting as a tunnel - the input/output filter stacks should
+ * not contain any non-connection filters.
+ */
+ r->output_filters = c->output_filters;
+ r->proto_output_filters = c->output_filters;
+ r->input_filters = c->input_filters;
+ r->proto_input_filters = c->input_filters;
+ /* we are now acting as a tunnel - the input/output filter stacks should
+ * not contain any non-connection filters.
+ */
+ r->output_filters = c->output_filters;
+ r->proto_output_filters = c->output_filters;
+ r->input_filters = c->input_filters;
+ r->proto_input_filters = c->input_filters;
/* r->sent_bodyct = 1;*/
- if ((rv = apr_pollset_create(&pollset, 2, r->pool, 0)) != APR_SUCCESS) {
@ -224,8 +225,8 @@
-
while (1) { /* Infinite loop until error (one side closes the connection) */
if ((rv = apr_pollset_poll(pollset, -1, &pollcnt, &signalled)) != APR_SUCCESS) {
apr_socket_close(sock);
@@ -294,7 +369,7 @@
if (APR_STATUS_IS_EINTR(rv)) {
@@ -297,7 +371,7 @@
}
#ifdef DEBUGGING
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
@ -234,13 +235,13 @@
#endif
for (pi = 0; pi < pollcnt; pi++) {
@@ -304,72 +379,32 @@
@@ -307,72 +381,31 @@
pollevent = cur->rtnevents;
if (pollevent & APR_POLLIN) {
#ifdef DEBUGGING
- ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
- "proxy: CONNECT: sock was set");
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "proxy: CONNECT: sock was readable");
#endif
- nbytes = sizeof(buffer);
@ -267,9 +268,9 @@
}
- else
- break;
+ else if ((pollevent & APR_POLLERR) || (pollevent & APR_POLLHUP)) {
+ rv = APR_EPIPE;
+ ap_log_rerror(APLOG_MARK, APLOG_NOTICE, 0, r, "proxy: CONNECT: err/hup on backconn");
+ else if ((pollevent & APR_POLLERR) || (pollevent & APR_POLLHUP)) {
+ rv = APR_EPIPE;
+ ap_log_rerror(APLOG_MARK, APLOG_NOTICE, 0, r, "proxy: CONNECT: err/hup on backconn");
}
- else if ((pollevent & APR_POLLERR) || (pollevent & APR_POLLHUP))
- break;
@ -289,8 +290,8 @@
-#ifdef DEBUGGING
- ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
- "proxy: CONNECT: read %d from client", i);
+ ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "proxy: CONNECT: client was readable");
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r,
+ "proxy: CONNECT: client was readable");
#endif
- while(i > 0)
- {
@ -310,18 +311,17 @@
- rv = APR_EOF;
- break;
}
+ else {
+ rv = APR_EBADF;
+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
+ "proxy: CONNECT: unknown socket in pollset");
+ else {
+ rv = APR_EBADF;
+ ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
+ "proxy: CONNECT: unknown socket in pollset");
}
- else
- break;
+
}
if (rv != APR_SUCCESS) {
break;
@@ -385,7 +420,9 @@
@@ -388,7 +421,9 @@
* Close the socket and clean up
*/

35
www/apache22/pkg-install
View File

@ -1,35 +0,0 @@
#!/bin/sh
# $FreeBSD$
#
if [ "$2" != "PRE-INSTALL" ]; then
exit 0
fi
WWWUSER=www
WWWGROUP=${WWWUSER}
WWWUID=80
WWWGID=${WWWUID}
if ! pw groupshow "${WWWGROUP}" 2>/dev/null 1>&2; then
if pw groupadd ${WWWGROUP} -g ${WWWGID}; then
echo "Added group \"${WWWGROUP}\"."
else
echo "Adding group \"${WWWGROUP}\" failed..."
exit 1
fi
fi
if ! pw usershow "${WWWUSER}" 2>/dev/null 1>&2; then
if pw useradd ${WWWUSER} -u ${WWWUID} -g ${WWWGROUP} -h - \
-s "/sbin/nologin" -d "/nonexistent" \
-c "World Wide Web Owner"; \
then
echo "Added user \"${WWWUSER}\"."
else
echo "Adding user \"${WWWUSER}\" failed..."
exit 1
fi
fi
exit 0