From d02e3a30ec001d4e5f262b83a0f0ff7b320da459 Mon Sep 17 00:00:00 2001 From: Olli Hauer Date: Sun, 24 Nov 2013 19:56:26 +0000 Subject: - update to 2.2.26 - add new directory for modules (APACHEETCDIR/modules.d) New modules can be registered here with a simple file that contains the LoadModule directives. Additonal Maintaines can write instructions to the conf file and keep pkg-message short. As bonus the config file can be installed like every other config file with a .sample extention so modules are not disabled during pkg upgrades. Module config files should begin with three digits followed by '_' e.g. 100_php5.conf. The load order can be controlled via the three digits. Please wait some time before adopting the new directory so users have time to update and adjust axisting configs Changes with Apache 2.2.26 *) mod_dav: dav_resource->uri treated as unencoded. This was an unnecessary ABI changed introduced in 2.2.25 PR 55397. [Ben Reser] *) mod_dav: Do not validate locks against parent collection of COPY source URI. PR 55304. [Ben Reser] *) mod_ssl: Check SNI hostname against Host header case-insensitively. PR 49491. [Mayank Agrawal ] *) mod_ssl: enable support for ECC keys and ECDH ciphers. Tested against OpenSSL 1.0.0b3. [Vipul Gupta vipul.gupta sun.com, Sander Temme, Stefan Fritsch] *) mod_ssl: Change default for SSLCompression to off, as compression causes security issues in most setups. (The so called "CRIME" attack). [Stefan Fritsch] *) mod_ssl: Fix compilation error when OpenSSL does not contain support for SSLv2. Problem was introduced in 2.2.25. PR 55194. [Rainer Jung, Kaspar Brand] *) mod_dav: Fix double encoding of URIs in XML and Location header (caused by unintential ABI change in 2.2.25). PR 55397. [Ben Reser] --- www/apache22/Makefile | 9 ++-- www/apache22/distinfo | 4 +- www/apache22/files/README_modules.d | 14 ++++++ www/apache22/files/patch-bug-55306 | 50 ---------------------- www/apache22/files/patch-docs__conf__httpd.conf.in | 10 +++++ www/apache22/pkg-plist | 2 + 6 files changed, 33 insertions(+), 56 deletions(-) create mode 100644 www/apache22/files/README_modules.d delete mode 100644 www/apache22/files/patch-bug-55306 (limited to 'www/apache22') diff --git a/www/apache22/Makefile b/www/apache22/Makefile index cd3472462411..63c6571f1ac1 100644 --- a/www/apache22/Makefile +++ b/www/apache22/Makefile @@ -1,8 +1,8 @@ # $FreeBSD$ PORTNAME= apache22 -PORTVERSION= 2.2.25 -PORTREVISION?= 1 +PORTVERSION= 2.2.26 +#PORTREVISION?= 1 CATEGORIES= www ipv6 MASTER_SITES= ${MASTER_SITE_APACHE_HTTPD} DISTNAME= httpd-${PORTVERSION} @@ -62,7 +62,7 @@ SUEXEC_USERDIR_EXTRA_PATCHES= ${FILESDIR}/extra-patch-suexec_userdir .include -ETC_SUBDIRS= Includes envvars.d extra +ETC_SUBDIRS= Includes envvars.d extra modules.d .if ! ${PORT_OPTIONS:MDOCS} MAKE_ENV+= NOPORTDOCS=yes @@ -151,7 +151,8 @@ post-configure: post-install: @${MKDIR} ${ETC_SUBDIRS:S|^|${STAGEDIR}${ETCDIR}/|} - @${INSTALL_DATA} ${FILESDIR}/no-accf.conf ${STAGEDIR}${ETCDIR}/Includes/ + ${INSTALL_DATA} ${FILESDIR}/no-accf.conf ${STAGEDIR}${ETCDIR}/Includes/ + ${INSTALL_DATA} ${FILESDIR}/README_modules.d ${STAGEDIR}/${ETCDIR}/modules.d/ .if ${PORT_OPTIONS:MLOG_FORENSIC} @${INSTALL_SCRIPT} ${WRKSRC}/support/check_forensic ${STAGEDIR}${PREFIX}/sbin diff --git a/www/apache22/distinfo b/www/apache22/distinfo index a9c6d4ffbbc4..1a1fb6e2a5a7 100644 --- a/www/apache22/distinfo +++ b/www/apache22/distinfo @@ -1,2 +1,2 @@ -SHA256 (apache22/httpd-2.2.25.tar.bz2) = 4bcaf3524796a514b31aa5c64ce80b0cdb484bab5735416de29d00f6d50fa65a -SIZE (apache22/httpd-2.2.25.tar.bz2) = 5524905 +SHA256 (apache22/httpd-2.2.26.tar.bz2) = af908e3dd5673f1c6f0ccc615e11d435e77517940af00e518e68ea25284b42b6 +SIZE (apache22/httpd-2.2.26.tar.bz2) = 5390190 diff --git a/www/apache22/files/README_modules.d b/www/apache22/files/README_modules.d new file mode 100644 index 000000000000..2d50ce539aeb --- /dev/null +++ b/www/apache22/files/README_modules.d @@ -0,0 +1,14 @@ +# =================================================== +# Directory for third party module config files. +# +# Modules can be disabled by adding a '#' in front +# of the "LoadModule" line e.g. "#LoadModule" +# +# Files are automatically included if the name +# begins with a three digit number followed by '_' +# and ending in '.conf' e.g. '080_mod_php.conf' +# +# Maintainers can also include instructions how to +# use the module (instead pkg-message). +# + diff --git a/www/apache22/files/patch-bug-55306 b/www/apache22/files/patch-bug-55306 deleted file mode 100644 index 22ec8f55b105..000000000000 --- a/www/apache22/files/patch-bug-55306 +++ /dev/null @@ -1,50 +0,0 @@ -PR: ports/183685 -[1] http://svn.apache.org/viewvc?view=revision&revision=1528718 -[2] https://issues.apache.org/bugzilla/show_bug.cgi?id=55306 -=========================================================================== ---- modules/dav/main/mod_dav.c.orig 2013-06-27 18:54:14.000000000 +0200 -+++ modules/dav/main/mod_dav.c 2013-11-05 16:31:51.000000000 +0100 -@@ -2733,7 +2733,9 @@ - */ - if ((err = dav_validate_request(r, resource, depth, NULL, - &multi_response, -- DAV_VALIDATE_PARENT -+ (is_move ? DAV_VALIDATE_PARENT -+ :DAV_VALIDATE_RESOURCE -+ |DAV_VALIDATE_NO_MODIFY) - | DAV_VALIDATE_USE_424, - NULL)) != NULL) { - err = dav_push_error(r->pool, err->status, 0, ---- modules/dav/main/mod_dav.h.orig 2013/10/03 05:06:08 1528717 -+++ modules/dav/main/mod_dav.h 2013/10/03 05:29:35 1528718 -@@ -1297,6 +1297,9 @@ - the 424 DAV:response */ - #define DAV_VALIDATE_USE_424 0x0080 /* return 424 status, not 207 */ - #define DAV_VALIDATE_IS_PARENT 0x0100 /* for internal use */ -+#define DAV_VALIDATE_NO_MODIFY 0x0200 /* resource is not being modified -+ so allow even if lock token -+ is not provided */ - - /* Lock-null related public lock functions */ - DAV_DECLARE(int) dav_get_resource_state(request_rec *r, ---- modules/dav/main/util.c.orig 2013/10/03 05:06:08 1528717 -+++ modules/dav/main/util.c 2013/10/03 05:29:35 1528718 -@@ -954,13 +954,16 @@ - /* - ** For methods other than LOCK: - ** -- ** If we have no locks, then can be set to true -- -+ ** If we have no locks or if the resource is not being modified -+ ** (per RFC 4918 the lock token is not required on resources -+ ** we are not changing), then can be set to true -- - ** pretending that we've already met the requirement of seeing one - ** of the resource's locks in the If: header. - ** - ** Otherwise, it must be cleared and we'll look for one. - */ -- seen_locktoken = (lock_list == NULL); -+ seen_locktoken = (lock_list == NULL -+ || flags & DAV_VALIDATE_NO_MODIFY); - } - - /* diff --git a/www/apache22/files/patch-docs__conf__httpd.conf.in b/www/apache22/files/patch-docs__conf__httpd.conf.in index e53d974aa7c0..0ab0dbe6aae3 100644 --- a/www/apache22/files/patch-docs__conf__httpd.conf.in +++ b/www/apache22/files/patch-docs__conf__httpd.conf.in @@ -1,5 +1,15 @@ --- ./docs/conf/httpd.conf.in.orig 2007-12-21 06:43:00.000000000 -0500 +++ ./docs/conf/httpd.conf.in 2010-05-06 19:37:54.224731824 -0400 +@@ -54,6 +54,9 @@ + # + @@LoadModule@@ + ++# Third party modules ++Include @rel_sysconfdir@/modules.d/[0-9][0-9][0-9]_*.conf ++ + + + # @@ -63,8 +63,8 @@ # It is usually good practice to create a dedicated user and group for # running httpd, as with most system services. diff --git a/www/apache22/pkg-plist b/www/apache22/pkg-plist index f08777f74428..b06b8ef67b36 100644 --- a/www/apache22/pkg-plist +++ b/www/apache22/pkg-plist @@ -4,6 +4,7 @@ @exec mkdir -p %D/%%ETCDIR%%/extra @exec mkdir -p %D/%%ETCDIR%%/Includes %%ETCDIR%%/Includes/no-accf.conf +%%ETCDIR%%/modules.d/README_modules.d include/apache22/ap_compat.h include/apache22/ap_config.h include/apache22/ap_config_auto.h @@ -475,6 +476,7 @@ sbin/split-logfile @dirrmtry libexec/apache22 @dirrmtry include/apache22 @unexec rm -f %D/%%ETCDIR%%/httpd.conf.bak 2> /dev/null || true +@dirrmtry %%ETCDIR%%/modules.d @dirrmtry %%ETCDIR%%/extra @dirrmtry %%ETCDIR%%/envvars.d @dirrmtry %%ETCDIR%%/Includes -- cgit v1.2.3