1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-01 01:17:02 +00:00
Commit Graph

284 Commits

Author SHA1 Message Date
Clement Laforet
e3590ec81f - Backport PORTDOCS fix from www/apache21.
Recent changes in bsd.port.mk prevent from using PORTDOCS= #
2005-02-24 09:52:29 +00:00
Clement Laforet
826434a289 - backout previous commit.
I blindly committed a change from my dev tree. Since USE_APACHE design
  is flacky, it had a very annoying impact.

PR:		   ports/77391 [1]
Also reported by: pointyhat via kris,
                  Scot Hetzel <swhetzel@gmail.com> [1]
Pointy hat to:    clement
2005-02-11 15:46:11 +00:00
Clement Laforet
a828e013aa - I want to keep APACHE_PORT overridable even with apache2. 2005-02-08 21:40:06 +00:00
Clement Laforet
2e6e1ded1c - Update to 2.0.53
- Download bz2'd tarball [1]
- Add print-closest-mirrors target.
  It allows you to find the 6 (3 http/3 ftp) closest mirror,
  base on http://www.apache.org/dyn/closer.cgi/httpd/
  make print-closest-mirrors >> /etc/make.conf automatically add
  the six closest mirror to the head of ${MASTER_SITE_APACHE_HTTPD}.

Requested by:	delphij
2005-02-08 15:17:06 +00:00
Clement Laforet
4e5a21d57a - Fix non DSO apache detection
Noticed by:	Xavier Beaudouin <kiwi@oav.net>
2005-01-26 14:06:35 +00:00
Clement Laforet
c54346f8c3 Changes in Makefile.modules.3rd
o Major change(s)
   - in some cases, modules are still built as static modules, making
     modules selection useless and generate a non-desired httpd

o Minor change(s)
   - apxs detection is done only if port isn't a server one.
   - Mark modules ports as IGNORED if apaxhe is built statically
   - fix make show-modules when when WITH_ALL_STATIC_MODULES is defined

Most issues discovered by:      Jason Mealins <jason_mealins@bigfix.com>
2005-01-26 10:00:11 +00:00
Clement Laforet
15f899a77d - make WITHOUT_<CATEGORY>_MODULES really works.
(it was still stuck with WITHOUT_<CATEGORY>)

Noticed by:	Jason Mealins <jason_mealins@bigfix.com>
2005-01-25 10:11:34 +00:00
Clement Laforet
ae9562845c - Add support for databases/db43 in apache2[1] and apache21.
- rename files/patch-srclib:apr-utils:build:dbm.m4 to
  files/patch-srclib:apr-util:build:dbm.m4

Based on PR:		ports/76152 [1]
Submitted by:		Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net> [1]
2005-01-17 20:30:08 +00:00
Clement Laforet
4e80ec5376 o startup script:
- Use apache{2,21}flags variable in apache{2,21}_checkconfig().
  It fixes restart when apache2ssl_enable is set to YES in rc.conf
  and httpd.conf is "old" (i.e. non -DSSL safe) [1]

o Makefile
- split post-install target to add install-startup-script:
  User can now upgrade startup script without reinstalling apache2.
  NOTE: this is NOT package-safe and NOT supported, even if in most of
  cases they're no risk.

Noticed by:     many [1]
2005-01-11 13:45:05 +00:00
Clement Laforet
1bf03c0c63 - Add a note about the dangerousness of quotes in make.conf 2004-12-27 20:38:37 +00:00
Clement Laforet
a967a37908 - Bump PORTREVISION to refect recent changes.
Since www/mod_python3 needs envvars.d stuff to work.
2004-12-19 19:52:44 +00:00
Clement Laforet
d77a69574f - Fix a bug in mod_ssl. When client aborts connection, mod_ssl still try
to send its data, ad vitam eternam.

Noticed by:	Didier Bringer <bringer at echo dot fr>
Patched by:	Bruno Ducrot <ducrot at poupinou dot org>
2004-12-17 22:24:05 +00:00
Clement Laforet
2ab76c8193 - Remove useless APR_FROM_PORTS check in post-install
- Add support for modular sbin/envvars
  You can now put your own scripts you want to execute at envvars
  stage in ${PREFIX}/etc/apache2/envvars.d
  Only script ending by *.env are run.

  Example:
	/usr/local/etc/apache2/envvars.d/mod_python3.env

Discussed with:	perky on -apache@
2004-12-17 17:52:20 +00:00
Clement Laforet
91122c6017 - s/INSTALLS_SHILB/INSTALLS_SHLIB/ 2004-12-13 10:18:47 +00:00
Clement Laforet
be4ae2c39a - Remove installation of unused highperformance*.conf
- Move examples config files to ${EXAMPLESDIR}
- Relax permissions on ${PREFIX}/www instead of ${PREFIX}/www/data
2004-12-12 11:48:55 +00:00
Clement Laforet
c95fdac48a - Rename patch file. 2004-12-11 16:01:42 +00:00
Clement Laforet
7c168732cc - As discussed on apache@, don't create httpd.conf.bak, and remove stalled
httpd.conf.bak file at deinstall time.
2004-11-29 09:38:45 +00:00
Clement Laforet
c5d3398e2f - minor cleanups. 2004-11-13 18:23:34 +00:00
Clement Laforet
791aa3191a - Fix memory consumption DoS, CVE CAN-2004-0942
Reported by:    josef
Obtained from:  Apache CVS
2004-11-10 18:24:44 +00:00
Clement Laforet
eec92b731c - ldconfig'ify ${PREFIX}/lib/apache2 at install time.
PR:             ports/73566
Submitted by:   lev
2004-11-08 20:50:48 +00:00
Clement Laforet
3a52300e23 - Fix previous patch :-)
Huge pointy hat to: me
Noticed by:	Meno Abels <meno.abels@adviser.com>
2004-11-04 11:53:41 +00:00
Clement Laforet
3f55b3b4ac Makefile was errornously committed. Revert the changes 2004-10-31 09:22:21 +00:00
Clement Laforet
d189d69fdd - Fix apache2 build, I hope...
Noticed by:  many
Committed from: EuroBSDcon Hotel's bar.
Pointy hat to:	me
Under supervision from: mat, thierry, erwin (former mentor)
2004-10-30 19:44:41 +00:00
Clement Laforet
fa4c5a2a41 util_ald_cache_purge() fails to relink the cache entries during a cache purge.
So apply the official patch
2004-10-30 15:32:53 +00:00
Clement Laforet
c6d89630a7 - sync with real life 2004-10-21 07:08:46 +00:00
Clement Laforet
f247651bb8 - Fix shared module building when WITH_STATIC_MODULES is defined.
Noticed by:	Nicola Tiling <nti at w4w dot net>
2004-10-19 20:06:59 +00:00
Clement Laforet
3b4c9025f9 - Remove WITH_APR_FROM_PORTS knob
- Add a note to UPDATING, to warn users they won't be able to build apache2
  if they keep apr 0.9.x

Discussed with: Craig Rodrigues (apr maintainer), kuriyama
2004-10-16 14:45:40 +00:00
Clement Laforet
0a1a2dddcd - Fix apr detection
WARNING: apache2 + apr 1.0 is BROKEN
  I'm working on a small compat hack. But don't dream too much.
  apache 2.0.x is not designed to work with apr 1.x.

Forgotten by:	kuriyama
2004-10-16 09:15:52 +00:00
Jun Kuriyama
26dfd8e73d - Chase apr shlib version bump.
Pointy Hat Autumn Collection 2004 to:	kuriyama
2004-10-16 05:03:07 +00:00
Clement Laforet
17deeb0cd6 - Use ${WWWOWN} and ${WWWGRP} for apache's user. (instead of harcoded
www/www).
  It should help to keep consistancy in www-related ports.
2004-10-13 14:03:06 +00:00
Clement Laforet
310abe64ef - Yet Another Security Fix
Fix CAN-2004-0885:

  * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that a
  correct cipher suite has been negotiated, else deny access.

  * modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): With OpenSSL
  0.9.7, prevent session resumption during a renegotiation to force the
  client to negotiate a new (and acceptable) cipher suite.

Credits:	Hartmut Keil, Joe Orton
2004-10-13 09:17:38 +00:00
Clement Laforet
ee5d3c413a - Update to 2.0.52
- Use "PORTDOCS= #" and get rid of docs entry in plist.
- Support for FreeBSD 6 in apr
- Move of cache modules from THREADS to EXPERIMENTAL category and make
  sure we enable THREADS modules (cgid only) when a threaded MPM is
  selected.
- Resurect WITH_EXTRA_MODULES knob
- powerlogo.gif is now hosted by FreeBSD mirrors
- WITH_<category> is definitively no longer supported.
- Add Includes dir when installed via a package [1]

PR:             ports/72309 [1]
Submitted by:   Christian Kratzer <ck at cksoft dot de> [1]
2004-10-12 08:27:40 +00:00
Clement Laforet
8ffe568cee - Fix compilation with threads enabled on 5.x (due to PTHREAD_LIBS changes)
Approved by:	portmgr (krion)
2004-10-10 08:17:59 +00:00
Clement Laforet
222ecfdf5d Security fixes [1]:
*) SECURITY: CAN-2004-0786 (cve.mitre.org)
     Fix an input validation issue in apr-util which could be
     triggered by malformed IPv6 literal addresses.  [Joe Orton]

  *) SECURITY: CAN-2004-0747 (cve.mitre.org)
     Fix buffer overflow in expansion of environment variables in
     configuration file parsing.  [Andr<E9> Malo]

  *) SECURITY: CAN-2004-0809 (cve.mitre.org)
     mod_dav_fs: Fix a segfault in the handling of an indirect lock
     refresh.  PR 31183.  [Joe Orton]

- Update documentation (finally!) and fix WITH_<CATEGORY>_MODULES
  for special modules like LDAP or SSL [2]

Noticed by:     nectar [1]
Requested by:   Emile Heitor <imil at home dot imil dot net> [2]
Approved by:    portmgr (marcus)
2004-09-15 16:54:37 +00:00
Clement Laforet
6369afd447 - make AP_GENPLIST pseudo PREFFIX-safe until I find a correct fix.
Discussed with:	eik (long time ago)
2004-09-03 12:41:17 +00:00
Clement Laforet
83d8251d79 - Add a sanity check on apache2 configuration files before reloading or
restarting apache2 (to avoid an expected failure on restart)
2004-08-23 15:44:51 +00:00
Clement Laforet
ee18234277 - Add support for exception hook:
* WITH_EXCEPTION_HOOK now exists
  * Automatically add if WITH_DEBUG is set
  * Update still-outdated-documentation
- Remove automatic debuf mode if DEBUG_FLAGS is set

Exception hook is very useful for debugging (upcoming www/mod_backtrace
and www/mod_whatkilledus modules)

Makefile.modules.3rd:
- Fix CONFIGURE_ARGS for dynamic module selection.
  It's now fully usuable for apache13 ports
- Remove an useless WANT_APACHE check
- Move apxs detection at the beginning of the file, to use APXS_PREFIX
  for apache major version detection [1]
  The main advantage of this patch is to provide a nice way to
  have multiple apache versions, without altering ${LOCALBASE}.

Submitted by:    "ports/c0decafe.net" <ports at c0decafe dot net> [1]
2004-08-19 14:38:36 +00:00
Clement Laforet
a4dd64d032 - Backport security fixes in ssl_engine_io.c
* [SECURITY] mod_ssl: Fix potential input filter segfaults in
  SPECULATIVE mode. (rollback handling for AP_MODE_SPECULATIVE)
  "This issue has possible security implications; it's been assigned CVE
  CAN-2004-0751 (cve.mitre.org)."
  http://issues.apache.org/bugzilla/show_bug.cgi?id=30134

* [SECURITY] mod_ssl: Fix potential infinite loop.
  (potential infinite loop in ssl_io_input_getline if connection is
  aborted without inctx->rc being set.)
  http://issues.apache.org/bugzilla/show_bug.cgi?id=27945
  http://issues.apache.org/bugzilla/show_bug.cgi?id=29690

Obtained from:  Apache CVS (httpd-2.0 HEAD)
2004-08-18 19:40:07 +00:00
Clement Laforet
696614c16d - Bump PORTREVISION for all previous changes
- Allow access to /home if mod_userdir is loaded
- We don't need apache2libs.sh if apr is installed from ports.
- Add recent changes to UPGRADING
2004-08-17 12:41:26 +00:00
Clement Laforet
9e23477bc7 Remove our config.layout support. FreeBSD layout is in apache2's one
since 2.0.48
2004-08-07 20:25:02 +00:00
Clement Laforet
7ee53773d5 We don't need -DFREEBSD_THREAD_HACK when using kse or thr as threading
library.
2004-08-07 19:47:16 +00:00
Clement Laforet
7d02c7c2aa - Add ldconfig -m to apache2's apr libs (install time and boot time)
Requested by, discussed with: lev
2004-08-05 21:46:17 +00:00
Clement Laforet
89b5fc4b1b - Fix brainless typo.
Noticed by: Roderick van Domburg <r.s.a.vandomburg@student.utwente.nl>
2004-08-02 13:21:36 +00:00
Clement Laforet
63581d9287 apache2 NG patch 2/5.
Makefile.modules:
   - Export rewritten modules selection from Makefile.modules
     to Makefile.modules.3rd
   - Remove proxy support by default.

Makefile.modules.3rd:
   - Add support for WANT_APACHE common13/common2 to share
     code/functionalities between apache13 and apache2 server ports.

Rewrite of modules selection:
   - WITH_MODULES and WITHOUT_MODULES are no more conflicting
     WITHOUT_MODULES can be safely used internally to remove conflicting
     modules
   - Selection is based on modules categories to improve flexibility
        - WITH_${category}[_MODULES]
        - WITHOUT_${category}
        - WITH_CUSTOM_${category}
   -  Support apache13, apache2{0,1}
        This is EXPERIMENTAL. I'll test it IRL with www/apache13-ssl,
        and it should be easily usuable in future bsd.apache.mk
2004-08-02 08:40:05 +00:00
Clement Laforet
b26a90a102 apache2 NG patch 1/5.
o Changes in httpd.conf
  - mod_userdir:
        . set Userdir if mod_userdir is loaded [1]
        . Userdir is denied for users from /etc/ftpusers
  - set more "secure" permissions.
    By default, policy is to deny access to filesystem.
    You HAVE to _ENABLE_ access to your filesystem in httpd.conf.
  - Add an "Includes" directory to ${PREFIX}/etc/apache2/
    to make configuration more flexible
    ${PREFIX}/etc/apache2/*.conf files are now automatically loaded.

o apache.sh
  - be closer to apachectl, apache.sh need envvars [2]
    It should restore subversion behavior.

Partially submitted by:
                kuriyama [1],
                Gregory (Grisha) Trubetskoy <grisha at apache dot org> [2]

Future changes are mostly written, they should be committed during the
week-end.
If you're interrested in changes, feel free contact me.
2004-07-30 17:04:47 +00:00
Clement Laforet
82c002d610 - Disable mod_cgi if MPM is threaded. 2004-07-13 13:32:42 +00:00
Clement Laforet
c6f9f34532 - Update experimental apr/kqueue patch
Obtained from:	apr CVS
2004-07-13 09:53:43 +00:00
Clement Laforet
be548a19b6 - Fix hostname resolution if IPv4 are mapped. [1]
- Add WITHOUT_V4MAPPED knob and explicitly set --disable-v4-mapped
  if WITHOUT_V4MAPPED or WITH_IPV6_V6ONLY

Also submitted by:	Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp> [1]
2004-07-13 09:32:44 +00:00
Clement Laforet
c36c607e27 - Improve plist generation.
It fixes problems when you deinstall a port with $PREFIX != $(apxs -q
  prefix). Now plist is aware of real location of apache module.
2004-07-11 09:43:17 +00:00
Clement Laforet
fcd42c3e27 - Add WITHOUT_IPV6 knob to workaround problem with IP resolution
when --enable-v4-mapped is used (default).
  Use WITHOUT_IPV6 knob if you have problem with "HostnameLookup On" on
  IPv4-only server(s).
  I hope I can provide a real fix soon.
2004-07-09 16:41:38 +00:00