update to 2.4.1
- adopt upstream default httpd.conf (almost verbatim) - split all LoadModules to conf.modules.d/*.conf - include conf.d/*.conf at end of httpd.conf - trim %changelog
This commit is contained in:
parent
61679dd90c
commit
3a44ff7655
78
00-base.conf
Normal file
78
00-base.conf
Normal file
@ -0,0 +1,78 @@
|
||||
#
|
||||
# This file loads most of the modules included with the Apache HTTP
|
||||
# Server itself.
|
||||
#
|
||||
|
||||
LoadModule access_compat_module modules/mod_access_compat.so
|
||||
LoadModule actions_module modules/mod_actions.so
|
||||
LoadModule alias_module modules/mod_alias.so
|
||||
LoadModule allowmethods_module modules/mod_allowmethods.so
|
||||
LoadModule auth_basic_module modules/mod_auth_basic.so
|
||||
LoadModule auth_digest_module modules/mod_auth_digest.so
|
||||
LoadModule authn_anon_module modules/mod_authn_anon.so
|
||||
LoadModule authn_core_module modules/mod_authn_core.so
|
||||
LoadModule authn_dbd_module modules/mod_authn_dbd.so
|
||||
LoadModule authn_dbm_module modules/mod_authn_dbm.so
|
||||
LoadModule authn_file_module modules/mod_authn_file.so
|
||||
LoadModule authn_socache_module modules/mod_authn_socache.so
|
||||
LoadModule authz_core_module modules/mod_authz_core.so
|
||||
LoadModule authz_dbd_module modules/mod_authz_dbd.so
|
||||
LoadModule authz_dbm_module modules/mod_authz_dbm.so
|
||||
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
|
||||
LoadModule authz_host_module modules/mod_authz_host.so
|
||||
LoadModule authz_owner_module modules/mod_authz_owner.so
|
||||
LoadModule authz_user_module modules/mod_authz_user.so
|
||||
LoadModule autoindex_module modules/mod_autoindex.so
|
||||
LoadModule cache_module modules/mod_cache.so
|
||||
LoadModule cache_disk_module modules/mod_cache_disk.so
|
||||
LoadModule data_module modules/mod_data.so
|
||||
LoadModule dbd_module modules/mod_dbd.so
|
||||
LoadModule deflate_module modules/mod_deflate.so
|
||||
LoadModule dir_module modules/mod_dir.so
|
||||
LoadModule dumpio_module modules/mod_dumpio.so
|
||||
LoadModule echo_module modules/mod_echo.so
|
||||
LoadModule env_module modules/mod_env.so
|
||||
LoadModule expires_module modules/mod_expires.so
|
||||
LoadModule ext_filter_module modules/mod_ext_filter.so
|
||||
LoadModule filter_module modules/mod_filter.so
|
||||
LoadModule headers_module modules/mod_headers.so
|
||||
LoadModule include_module modules/mod_include.so
|
||||
LoadModule info_module modules/mod_info.so
|
||||
LoadModule log_config_module modules/mod_log_config.so
|
||||
LoadModule log_debug_module modules/mod_log_debug.so
|
||||
LoadModule logio_module modules/mod_logio.so
|
||||
LoadModule mime_magic_module modules/mod_mime_magic.so
|
||||
LoadModule mime_module modules/mod_mime.so
|
||||
LoadModule negotiation_module modules/mod_negotiation.so
|
||||
LoadModule ratelimit_module modules/mod_ratelimit.so
|
||||
LoadModule remoteip_module modules/mod_remoteip.so
|
||||
LoadModule reqtimeout_module modules/mod_reqtimeout.so
|
||||
LoadModule rewrite_module modules/mod_rewrite.so
|
||||
LoadModule setenvif_module modules/mod_setenvif.so
|
||||
LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
|
||||
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
|
||||
LoadModule socache_dbm_module modules/mod_socache_dbm.so
|
||||
LoadModule socache_memcache_module modules/mod_socache_memcache.so
|
||||
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
|
||||
LoadModule status_module modules/mod_status.so
|
||||
LoadModule substitute_module modules/mod_substitute.so
|
||||
LoadModule suexec_module modules/mod_suexec.so
|
||||
LoadModule unique_id_module modules/mod_unique_id.so
|
||||
LoadModule unixd_module modules/mod_unixd.so
|
||||
LoadModule userdir_module modules/mod_userdir.so
|
||||
LoadModule version_module modules/mod_version.so
|
||||
LoadModule vhost_alias_module modules/mod_vhost_alias.so
|
||||
|
||||
#LoadModule auth_form_module modules/mod_auth_form.so
|
||||
#LoadModule buffer_module modules/mod_buffer.so
|
||||
#LoadModule watchdog_module modules/mod_watchdog.so
|
||||
#LoadModule heartbeat_module modules/mod_heartbeat.so
|
||||
#LoadModule heartmonitor_module modules/mod_heartmonitor.so
|
||||
#LoadModule usertrack_module modules/mod_usertrack.so
|
||||
#LoadModule dialup_module modules/mod_dialup.so
|
||||
#LoadModule charset_lite_module modules/mod_charset_lite.so
|
||||
#LoadModule reflector_module modules/mod_reflector.so
|
||||
#LoadModule request_module modules/mod_request.so
|
||||
#LoadModule sed_module modules/mod_sed.so
|
||||
#LoadModule speling_module modules/mod_speling.so
|
||||
#LoadModule xml2enc_module modules/mod_xml2enc.so
|
3
00-dav.conf
Normal file
3
00-dav.conf
Normal file
@ -0,0 +1,3 @@
|
||||
LoadModule dav_module modules/mod_dav.so
|
||||
LoadModule dav_fs_module modules/mod_dav_fs.so
|
||||
LoadModule dav_lock_module modules/mod_dav_lock.so
|
2
00-ldap.conf
Normal file
2
00-ldap.conf
Normal file
@ -0,0 +1,2 @@
|
||||
LoadModule ldap_module modules/mod_ldap.so
|
||||
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
|
1
00-lua.conf
Normal file
1
00-lua.conf
Normal file
@ -0,0 +1 @@
|
||||
LoadModule lua_module modules/mod_lua.so
|
19
00-mpm.conf
Normal file
19
00-mpm.conf
Normal file
@ -0,0 +1,19 @@
|
||||
# Select the MPM module which should be used by uncommenting exactly
|
||||
# one of the following LoadModule lines:
|
||||
|
||||
# prefork MPM: Implements a non-threaded, pre-forking web server
|
||||
# See: http://httpd.apache.org/docs/2.4/mod/prefork.html
|
||||
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
|
||||
|
||||
# worker MPM: Multi-Processing Module implementing a hybrid
|
||||
# multi-threaded multi-process web server
|
||||
# See: http://httpd.apache.org/docs/2.4/mod/worker.html
|
||||
#
|
||||
#LoadModule mpm_worker_module modules/mod_mpm_worker.so
|
||||
|
||||
# event MPM: A variant of the worker MPM with the goal of consuming
|
||||
# threads only for connections with active processing
|
||||
# See: http://httpd.apache.org/docs/2.4/mod/event.html
|
||||
#
|
||||
#LoadModule mpm_event_module modules/mod_mpm_event.so
|
||||
|
15
00-proxy.conf
Normal file
15
00-proxy.conf
Normal file
@ -0,0 +1,15 @@
|
||||
# This file configures all the proxy modules:
|
||||
LoadModule proxy_module modules/mod_proxy.so
|
||||
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
|
||||
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
|
||||
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
|
||||
LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
|
||||
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
|
||||
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
|
||||
LoadModule proxy_connect_module modules/mod_proxy_connect.so
|
||||
LoadModule proxy_express_module modules/mod_proxy_express.so
|
||||
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
|
||||
LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
|
||||
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
|
||||
LoadModule proxy_http_module modules/mod_proxy_http.so
|
||||
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
|
1
00-ssl.conf
Normal file
1
00-ssl.conf
Normal file
@ -0,0 +1 @@
|
||||
LoadModule ssl_module modules/mod_ssl.so
|
14
01-cgi.conf
Normal file
14
01-cgi.conf
Normal file
@ -0,0 +1,14 @@
|
||||
# This configuration file loads a CGI module appropriate to the MPM
|
||||
# which has been configured in 00-mpm.conf. mod_cgid should be used
|
||||
# with a threaded MPM; mod_cgi with the prefork MPM.
|
||||
|
||||
<IfModule mpm_worker_module>
|
||||
LoadModule cgid_module modules/mod_cgid.so
|
||||
</IfModule>
|
||||
<IfModule mpm_event_module>
|
||||
LoadModule cgid_module modules/mod_cgid.so
|
||||
</IfModule>
|
||||
<IfModule mpm_prefork_module>
|
||||
LoadModule cgi_module modules/mod_cgi.so
|
||||
</IfModule>
|
||||
|
@ -1,20 +0,0 @@
|
||||
|
||||
There is no need to "suck in" the apr/apr-util symbols when using
|
||||
a shared libapr{,util}, it just bloats the symbol table; so don't.
|
||||
|
||||
Upstream-HEAD: needed
|
||||
Upstream-2.0: omit
|
||||
Upstream-Status: EXPORT_DIRS change is conditional on using shared apr
|
||||
|
||||
--- httpd-2.2.2/server/Makefile.in.export
|
||||
+++ httpd-2.2.2/server/Makefile.in
|
||||
@@ -58,9 +58,6 @@
|
||||
for dir in $(EXPORT_DIRS); do \
|
||||
ls $$dir/*.h >> $$tmp; \
|
||||
done; \
|
||||
- for dir in $(EXPORT_DIRS_APR); do \
|
||||
- (ls $$dir/ap[ru].h $$dir/ap[ru]_*.h >> $$tmp 2>/dev/null); \
|
||||
- done; \
|
||||
sort -u $$tmp > $@; \
|
||||
rm -f $$tmp
|
||||
|
@ -1,97 +0,0 @@
|
||||
|
||||
- remove unnecessary stuff which runs httpd during build
|
||||
- drop unnecessary --libs output from ap?-?-config
|
||||
- make multilib-safe
|
||||
|
||||
Upstream-Status: The is-mod_so-linked-in hack is done better on trunk.
|
||||
The multilib hack is awful and can't go upstream.
|
||||
|
||||
--- httpd-2.2.2/support/apxs.in.apxs
|
||||
+++ httpd-2.2.2/support/apxs.in
|
||||
@@ -25,7 +25,18 @@
|
||||
|
||||
my %config_vars = ();
|
||||
|
||||
-my $installbuilddir = "@exp_installbuilddir@";
|
||||
+# Awful hack to make apxs libdir-agnostic:
|
||||
+my $pkg_config = "/usr/bin/pkg-config";
|
||||
+if (! -x "$pkg_config") {
|
||||
+ error("$pkg_config not found!");
|
||||
+ exit(1);
|
||||
+}
|
||||
+
|
||||
+my $libdir = `pkg-config --variable=libdir apr-1`;
|
||||
+chomp $libdir;
|
||||
+
|
||||
+my $installbuilddir = $libdir . "/httpd/build";
|
||||
+
|
||||
get_config_vars("$installbuilddir/config_vars.mk",\%config_vars);
|
||||
|
||||
# read the configuration variables once
|
||||
@@ -184,34 +195,6 @@
|
||||
}
|
||||
}
|
||||
|
||||
-##
|
||||
-## Initial shared object support check
|
||||
-##
|
||||
-my $httpd = get_vars("sbindir") . "/" . get_vars("progname");
|
||||
-$httpd = eval qq("$httpd");
|
||||
-$httpd = eval qq("$httpd");
|
||||
-my $envvars = get_vars("sbindir") . "/envvars";
|
||||
-$envvars = eval qq("$envvars");
|
||||
-$envvars = eval qq("$envvars");
|
||||
-
|
||||
-#allow apxs to be run from the source tree, before installation
|
||||
-if ($0 =~ m:support/apxs$:) {
|
||||
- ($httpd = $0) =~ s:support/apxs$::;
|
||||
-}
|
||||
-
|
||||
-unless (-x "$httpd") {
|
||||
- error("$httpd not found or not executable");
|
||||
- exit 1;
|
||||
-}
|
||||
-
|
||||
-unless (grep /mod_so/, `. $envvars && $httpd -l`) {
|
||||
- error("Sorry, no shared object support for Apache");
|
||||
- error("available under your platform. Make sure");
|
||||
- error("the Apache module mod_so is compiled into");
|
||||
- error("your server binary `$httpd'.");
|
||||
- exit 1;
|
||||
-}
|
||||
-
|
||||
sub get_config_vars{
|
||||
my ($file, $rh_config) = @_;
|
||||
|
||||
@@ -291,7 +274,7 @@
|
||||
$data =~ s|%NAME%|$name|sg;
|
||||
$data =~ s|%TARGET%|$CFG_TARGET|sg;
|
||||
$data =~ s|%PREFIX%|$prefix|sg;
|
||||
- $data =~ s|%INSTALLBUILDDIR%|$installbuilddir|sg;
|
||||
+ $data =~ s|%LIBDIR%|$libdir|sg;
|
||||
|
||||
my ($mkf, $mods, $src) = ($data =~ m|^(.+)-=#=-\n(.+)-=#=-\n(.+)|s);
|
||||
|
||||
@@ -433,9 +416,9 @@
|
||||
|
||||
if ($opt_p == 1) {
|
||||
|
||||
- my $apr_libs=`$apr_config --cflags --ldflags --link-libtool --libs`;
|
||||
+ my $apr_libs=`$apr_config --cflags --ldflags --link-libtool`;
|
||||
chomp($apr_libs);
|
||||
- my $apu_libs=`$apu_config --ldflags --link-libtool --libs`;
|
||||
+ my $apu_libs=`$apu_config --ldflags --link-libtool`;
|
||||
chomp($apu_libs);
|
||||
|
||||
$opt .= " ".$apu_libs." ".$apr_libs;
|
||||
@@ -646,8 +629,8 @@
|
||||
|
||||
builddir=.
|
||||
top_srcdir=%PREFIX%
|
||||
-top_builddir=%PREFIX%
|
||||
-include %INSTALLBUILDDIR%/special.mk
|
||||
+top_builddir=%LIBDIR%/httpd
|
||||
+include %LIBDIR%/httpd/build/special.mk
|
||||
|
||||
# the used tools
|
||||
APXS=apxs
|
@ -1,36 +0,0 @@
|
||||
|
||||
Support "--enable-modules=none" to build an httpd binary with
|
||||
no optional modules enabled.
|
||||
|
||||
Upstream-Status: committed to trunk, r357168
|
||||
|
||||
--- httpd-2.1.10/acinclude.m4.disablemods
|
||||
+++ httpd-2.1.10/acinclude.m4
|
||||
@@ -289,14 +289,19 @@
|
||||
|
||||
AC_ARG_ENABLE(modules,
|
||||
APACHE_HELP_STRING(--enable-modules=MODULE-LIST,Space-separated list of modules to enable | "all" | "most"),[
|
||||
- for i in $enableval; do
|
||||
- if test "$i" = "all" -o "$i" = "most"; then
|
||||
- module_selection=$i
|
||||
- else
|
||||
- i=`echo $i | sed 's/-/_/g'`
|
||||
- eval "enable_$i=yes"
|
||||
- fi
|
||||
- done
|
||||
+ if test "$enableval" = "none"; then
|
||||
+ module_default=no
|
||||
+ module_selection=none
|
||||
+ else
|
||||
+ for i in $enableval; do
|
||||
+ if test "$i" = "all" -o "$i" = "most"; then
|
||||
+ module_selection=$i
|
||||
+ else
|
||||
+ i=`echo $i | sed 's/-/_/g'`
|
||||
+ eval "enable_$i=yes"
|
||||
+ fi
|
||||
+ done
|
||||
+ fi
|
||||
])
|
||||
|
||||
AC_ARG_ENABLE(mods-shared,
|
@ -1,17 +0,0 @@
|
||||
|
||||
Tweak the default config to get installbuilddir right.
|
||||
|
||||
Upstream-Status: should really make the "RedHat" layout DTRT again and
|
||||
use that layout instead
|
||||
|
||||
--- httpd-2.1.10/config.layout.layout
|
||||
+++ httpd-2.1.10/config.layout
|
||||
@@ -20,7 +20,7 @@
|
||||
mandir: ${prefix}/man
|
||||
sysconfdir: ${prefix}/conf
|
||||
datadir: ${prefix}
|
||||
- installbuilddir: ${datadir}/build
|
||||
+ installbuilddir: ${libdir}/httpd/build
|
||||
errordir: ${datadir}/error
|
||||
iconsdir: ${datadir}/icons
|
||||
htdocsdir: ${datadir}/htdocs
|
@ -1,53 +0,0 @@
|
||||
|
||||
Hack to send the dummy HTTP request only to the first listener
|
||||
configured, to avoid spamming the SSL vhost in the default install.
|
||||
|
||||
In 2.2 lr->protocol could be used instead to do this properly, if
|
||||
that was actually initialized properly by mod_ssl.
|
||||
|
||||
Upstream-Status: not submitted, ugly hack which only makes a difference
|
||||
to the default configuration used in Fedora. Need to find
|
||||
a way to do this properly.
|
||||
|
||||
--- httpd-2.1.10/server/mpm_common.c.pod
|
||||
+++ httpd-2.1.10/server/mpm_common.c
|
||||
@@ -583,6 +584,7 @@
|
||||
apr_socket_t *sock;
|
||||
apr_pool_t *p;
|
||||
apr_size_t len;
|
||||
+ ap_listen_rec *lr;
|
||||
|
||||
/* create a temporary pool for the socket. pconf stays around too long */
|
||||
rv = apr_pool_create(&p, pod->p);
|
||||
@@ -590,8 +592,11 @@
|
||||
return rv;
|
||||
}
|
||||
|
||||
- rv = apr_socket_create(&sock, ap_listeners->bind_addr->family,
|
||||
- SOCK_STREAM, 0, p);
|
||||
+ /* Find an HTTP listener specified first in the configuration. */
|
||||
+ for (lr = ap_listeners; lr->next != NULL; lr = lr->next)
|
||||
+ /* noop */;
|
||||
+
|
||||
+ rv = apr_socket_create(&sock, lr->bind_addr->family, SOCK_STREAM, 0, p);
|
||||
if (rv != APR_SUCCESS) {
|
||||
ap_log_error(APLOG_MARK, APLOG_WARNING, rv, ap_server_conf,
|
||||
"get socket to connect to listener");
|
||||
@@ -614,7 +619,7 @@
|
||||
return rv;
|
||||
}
|
||||
|
||||
- rv = apr_socket_connect(sock, ap_listeners->bind_addr);
|
||||
+ rv = apr_socket_connect(sock, lr->bind_addr);
|
||||
if (rv != APR_SUCCESS) {
|
||||
int log_level = APLOG_WARNING;
|
||||
|
||||
@@ -627,7 +632,7 @@
|
||||
}
|
||||
|
||||
ap_log_error(APLOG_MARK, log_level, rv, ap_server_conf,
|
||||
- "connect to listener on %pI", ap_listeners->bind_addr);
|
||||
+ "connect to listener on %pI", lr->bind_addr);
|
||||
}
|
||||
|
||||
/* Create the request string. We include a User-Agent so that
|
@ -1,580 +0,0 @@
|
||||
diff --git a/support/logresolve.c b/support/logresolve.c
|
||||
index 1a36a18..612893a 100644
|
||||
--- a/support/logresolve.c
|
||||
+++ b/support/logresolve.c
|
||||
@@ -15,12 +15,13 @@
|
||||
*/
|
||||
|
||||
/*
|
||||
- * logresolve 1.1
|
||||
+ * logresolve 2.0
|
||||
*
|
||||
* Tom Rathborne - tomr uunet.ca - http://www.uunet.ca/~tomr/
|
||||
* UUNET Canada, April 16, 1995
|
||||
*
|
||||
* Rewritten by David Robinson. (drtr ast.cam.ac.uk)
|
||||
+ * Rewritten again, and ported to APR by Colm MacCarthaigh
|
||||
*
|
||||
* Usage: logresolve [-s filename] [-c] < access_log > new_log
|
||||
*
|
||||
@@ -28,7 +29,7 @@
|
||||
* -s filename name of a file to record statistics
|
||||
* -c check the DNS for a matching A record for the host.
|
||||
*
|
||||
- * Notes:
|
||||
+ * Notes: (For historical interest)
|
||||
*
|
||||
* To generate meaningful statistics from an HTTPD log file, it's good
|
||||
* to have the domain name of each machine that accessed your site, but
|
||||
@@ -55,333 +56,269 @@
|
||||
* that one of these matches the original address.
|
||||
*/
|
||||
|
||||
+#include "apr.h"
|
||||
#include "apr_lib.h"
|
||||
-#if APR_HAVE_STDIO_H
|
||||
-#include <stdio.h>
|
||||
-#endif
|
||||
+#include "apr_hash.h"
|
||||
+#include "apr_getopt.h"
|
||||
+#include "apr_strings.h"
|
||||
+#include "apr_file_io.h"
|
||||
+#include "apr_network_io.h"
|
||||
+
|
||||
#if APR_HAVE_STDLIB_H
|
||||
#include <stdlib.h>
|
||||
#endif
|
||||
-#if APR_HAVE_CTYPE_H
|
||||
-#include <ctype.h>
|
||||
-#endif
|
||||
-#if APR_HAVE_NETDB_H
|
||||
-#include <netdb.h>
|
||||
-#endif
|
||||
-#if APR_HAVE_NETINET_IN_H
|
||||
-#include <netinet/in.h>
|
||||
-#endif
|
||||
-#if APR_HAVE_STRING_H
|
||||
-#include <string.h>
|
||||
-#endif
|
||||
-#if APR_HAVE_SYS_SOCKET_H
|
||||
-#include <sys/socket.h>
|
||||
-#endif
|
||||
-#if APR_HAVE_ARPA_INET_H
|
||||
-#include <arpa/inet.h>
|
||||
-#endif
|
||||
-
|
||||
-static void cgethost(struct in_addr ipnum, char *string, int check);
|
||||
-static int get_line(char *s, int n);
|
||||
-static void stats(FILE *output);
|
||||
-
|
||||
-#ifdef BEOS
|
||||
-#define NO_ADDRESS NO_DATA
|
||||
-#endif
|
||||
-
|
||||
-
|
||||
-/* maximum line length */
|
||||
-#ifndef MAXLINE
|
||||
-#define MAXLINE 1024
|
||||
-#endif
|
||||
-
|
||||
-/* maximum length of a domain name */
|
||||
-#ifndef MAXDNAME
|
||||
-#define MAXDNAME 256
|
||||
-#endif
|
||||
-
|
||||
-/* number of buckets in cache hash apr_table_t */
|
||||
-#define BUCKETS 256
|
||||
-
|
||||
-/*
|
||||
- * struct nsrec - record of nameservice for cache linked list
|
||||
- *
|
||||
- * ipnum - IP number hostname - hostname noname - nonzero if IP number has no
|
||||
- * hostname, i.e. hostname=IP number
|
||||
- */
|
||||
-
|
||||
-struct nsrec {
|
||||
- struct in_addr ipnum;
|
||||
- char *hostname;
|
||||
- int noname;
|
||||
- struct nsrec *next;
|
||||
-} *nscache[BUCKETS];
|
||||
-
|
||||
-/*
|
||||
- * statistics - obvious
|
||||
- */
|
||||
-
|
||||
-#ifndef h_errno
|
||||
-#ifdef __CYGWIN__
|
||||
-extern __declspec(dllimport) int h_errno;
|
||||
-#else
|
||||
-extern int h_errno; /* some machines don't have this in their headers */
|
||||
-#endif
|
||||
-#endif
|
||||
-
|
||||
-/* largest value for h_errno */
|
||||
-
|
||||
-#define MAX_ERR (NO_ADDRESS)
|
||||
-#define UNKNOWN_ERR (MAX_ERR+1)
|
||||
-#define NO_REVERSE (MAX_ERR+2)
|
||||
|
||||
+static apr_file_t *errfile;
|
||||
+static const char *shortname = "logresolve";
|
||||
+static apr_hash_t *cache;
|
||||
+
|
||||
+/* Statistics */
|
||||
static int cachehits = 0;
|
||||
static int cachesize = 0;
|
||||
static int entries = 0;
|
||||
static int resolves = 0;
|
||||
static int withname = 0;
|
||||
-static int errors[MAX_ERR + 3];
|
||||
+static int doublefailed = 0;
|
||||
+static int noreverse = 0;
|
||||
|
||||
/*
|
||||
* cgethost - gets hostname by IP address, caching, and adding unresolvable
|
||||
* IP numbers with their IP number as hostname, setting noname flag
|
||||
- */
|
||||
-
|
||||
-static void cgethost (struct in_addr ipnum, char *string, int check)
|
||||
-{
|
||||
- struct nsrec **current, *new;
|
||||
- struct hostent *hostdata;
|
||||
- char *name;
|
||||
-
|
||||
- current = &nscache[((ipnum.s_addr + (ipnum.s_addr >> 8) +
|
||||
- (ipnum.s_addr >> 16) + (ipnum.s_addr >> 24)) % BUCKETS)];
|
||||
-
|
||||
- while (*current != NULL && ipnum.s_addr != (*current)->ipnum.s_addr)
|
||||
- current = &(*current)->next;
|
||||
-
|
||||
- if (*current == NULL) {
|
||||
- cachesize++;
|
||||
- new = (struct nsrec *) malloc(sizeof(struct nsrec));
|
||||
- if (new == NULL) {
|
||||
- perror("malloc");
|
||||
- fprintf(stderr, "Insufficient memory\n");
|
||||
- exit(1);
|
||||
- }
|
||||
- *current = new;
|
||||
- new->next = NULL;
|
||||
-
|
||||
- new->ipnum = ipnum;
|
||||
-
|
||||
- hostdata = gethostbyaddr((const char *) &ipnum, sizeof(struct in_addr),
|
||||
- AF_INET);
|
||||
- if (hostdata == NULL) {
|
||||
- if (h_errno > MAX_ERR)
|
||||
- errors[UNKNOWN_ERR]++;
|
||||
- else
|
||||
- errors[h_errno]++;
|
||||
- new->noname = h_errno;
|
||||
- name = strdup(inet_ntoa(ipnum));
|
||||
- }
|
||||
- else {
|
||||
- new->noname = 0;
|
||||
- name = strdup(hostdata->h_name);
|
||||
- if (check) {
|
||||
- if (name == NULL) {
|
||||
- perror("strdup");
|
||||
- fprintf(stderr, "Insufficient memory\n");
|
||||
- exit(1);
|
||||
- }
|
||||
- hostdata = gethostbyname(name);
|
||||
- if (hostdata != NULL) {
|
||||
- char **hptr;
|
||||
-
|
||||
- for (hptr = hostdata->h_addr_list; *hptr != NULL; hptr++)
|
||||
- if (((struct in_addr *) (*hptr))->s_addr == ipnum.s_addr)
|
||||
- break;
|
||||
- if (*hptr == NULL)
|
||||
- hostdata = NULL;
|
||||
- }
|
||||
- if (hostdata == NULL) {
|
||||
- fprintf(stderr, "Bad host: %s != %s\n", name,
|
||||
- inet_ntoa(ipnum));
|
||||
- new->noname = NO_REVERSE;
|
||||
- free(name);
|
||||
- name = strdup(inet_ntoa(ipnum));
|
||||
- errors[NO_REVERSE]++;
|
||||
- }
|
||||
- }
|
||||
- }
|
||||
- new->hostname = name;
|
||||
- if (new->hostname == NULL) {
|
||||
- perror("strdup");
|
||||
- fprintf(stderr, "Insufficient memory\n");
|
||||
- exit(1);
|
||||
- }
|
||||
- }
|
||||
- else
|
||||
- cachehits++;
|
||||
-
|
||||
- /* size of string == MAXDNAME +1 */
|
||||
- strncpy(string, (*current)->hostname, MAXDNAME);
|
||||
- string[MAXDNAME] = '\0';
|
||||
-}
|
||||
-
|
||||
-/*
|
||||
* prints various statistics to output
|
||||
*/
|
||||
|
||||
-static void stats (FILE *output)
|
||||
+#define NL APR_EOL_STR
|
||||
+static void print_statistics (apr_file_t *output)
|
||||
{
|
||||
- int i;
|
||||
- char *ipstring;
|
||||
- struct nsrec *current;
|
||||
- char *errstring[MAX_ERR + 3];
|
||||
-
|
||||
- for (i = 0; i < MAX_ERR + 3; i++)
|
||||
- errstring[i] = "Unknown error";
|
||||
- errstring[HOST_NOT_FOUND] = "Host not found";
|
||||
- errstring[TRY_AGAIN] = "Try again";
|
||||
- errstring[NO_RECOVERY] = "Non recoverable error";
|
||||
- errstring[NO_DATA] = "No data record";
|
||||
- errstring[NO_ADDRESS] = "No address";
|
||||
- errstring[NO_REVERSE] = "No reverse entry";
|
||||
-
|
||||
- fprintf(output, "logresolve Statistics:\n");
|
||||
-
|
||||
- fprintf(output, "Entries: %d\n", entries);
|
||||
- fprintf(output, " With name : %d\n", withname);
|
||||
- fprintf(output, " Resolves : %d\n", resolves);
|
||||
- if (errors[HOST_NOT_FOUND])
|
||||
- fprintf(output, " - Not found : %d\n", errors[HOST_NOT_FOUND]);
|
||||
- if (errors[TRY_AGAIN])
|
||||
- fprintf(output, " - Try again : %d\n", errors[TRY_AGAIN]);
|
||||
- if (errors[NO_DATA])
|
||||
- fprintf(output, " - No data : %d\n", errors[NO_DATA]);
|
||||
- if (errors[NO_ADDRESS])
|
||||
- fprintf(output, " - No address: %d\n", errors[NO_ADDRESS]);
|
||||
- if (errors[NO_REVERSE])
|
||||
- fprintf(output, " - No reverse: %d\n", errors[NO_REVERSE]);
|
||||
- fprintf(output, "Cache hits : %d\n", cachehits);
|
||||
- fprintf(output, "Cache size : %d\n", cachesize);
|
||||
- fprintf(output, "Cache buckets : IP number * hostname\n");
|
||||
-
|
||||
- for (i = 0; i < BUCKETS; i++)
|
||||
- for (current = nscache[i]; current != NULL; current = current->next) {
|
||||
- ipstring = inet_ntoa(current->ipnum);
|
||||
- if (current->noname == 0)
|
||||
- fprintf(output, " %3d %15s - %s\n", i, ipstring,
|
||||
- current->hostname);
|
||||
- else {
|
||||
- if (current->noname > MAX_ERR + 2)
|
||||
- fprintf(output, " %3d %15s : Unknown error\n", i,
|
||||
- ipstring);
|
||||
- else
|
||||
- fprintf(output, " %3d %15s : %s\n", i, ipstring,
|
||||
- errstring[current->noname]);
|
||||
- }
|
||||
- }
|
||||
+ apr_file_printf(output, "logresolve Statistics:" NL);
|
||||
+ apr_file_printf(output, "Entries: %d" NL, entries);
|
||||
+ apr_file_printf(output, " With name : %d" NL, withname);
|
||||
+ apr_file_printf(output, " Resolves : %d" NL, resolves);
|
||||
+
|
||||
+ if (noreverse) {
|
||||
+ apr_file_printf(output, " - No reverse : %d" NL,
|
||||
+ noreverse);
|
||||
+ }
|
||||
+
|
||||
+ if (doublefailed) {
|
||||
+ apr_file_printf(output, " - Double lookup failed : %d" NL,
|
||||
+ doublefailed);
|
||||
+ }
|
||||
+ apr_file_printf(output, "Cache hits : %d" NL, cachehits);
|
||||
+ apr_file_printf(output, "Cache size : %d" NL, cachesize);
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
- * gets a line from stdin
|
||||
+ * usage info
|
||||
*/
|
||||
|
||||
-static int get_line (char *s, int n)
|
||||
+static void usage(void)
|
||||
{
|
||||
- char *cp;
|
||||
-
|
||||
- if (!fgets(s, n, stdin))
|
||||
- return (0);
|
||||
- cp = strchr(s, '\n');
|
||||
- if (cp)
|
||||
- *cp = '\0';
|
||||
- return (1);
|
||||
+ apr_file_printf(errfile,
|
||||
+ "%s -- Resolve IP-addresses to hostnames in Apache log files." NL
|
||||
+ "Usage: %s [-s STATFILE] [-c]" NL
|
||||
+ NL
|
||||
+ "Options:" NL
|
||||
+ " -s Record statistics to STATFILE when finished." NL
|
||||
+ NL
|
||||
+ " -c Perform double lookups when resolving IP addresses." NL,
|
||||
+ shortname, shortname);
|
||||
+ exit(1);
|
||||
}
|
||||
|
||||
-int main (int argc, char *argv[])
|
||||
+#undef NL
|
||||
+
|
||||
+int main(int argc, const char * const argv[])
|
||||
{
|
||||
- struct in_addr ipnum;
|
||||
- char *bar, hoststring[MAXDNAME + 1], line[MAXLINE], *statfile;
|
||||
- int i, check;
|
||||
-
|
||||
-#if defined(WIN32) || (defined(NETWARE) && defined(USE_WINSOCK))
|
||||
- /* If we apr'ify this code, apr_pool_create/apr_pool_destroy
|
||||
- * should perform the WSAStartup/WSACleanup for us.
|
||||
- */
|
||||
- WSADATA wsaData;
|
||||
- WSAStartup(MAKEWORD(2, 0), &wsaData);
|
||||
+ apr_file_t * outfile;
|
||||
+ apr_file_t * infile;
|
||||
+ apr_file_t * statsfile;
|
||||
+ apr_sockaddr_t * ip;
|
||||
+ apr_sockaddr_t * ipdouble;
|
||||
+ apr_getopt_t * o;
|
||||
+ apr_pool_t * pool;
|
||||
+ apr_status_t status;
|
||||
+ const char * arg;
|
||||
+ char opt;
|
||||
+ char * stats = NULL;
|
||||
+ char * space;
|
||||
+ char * hostname;
|
||||
+#if APR_MAJOR_VERSION > 1 || (APR_MAJOR_VERSION == 1 && APR_MINOR_VERSION >= 3)
|
||||
+ char * inbuffer;
|
||||
+ char * outbuffer;
|
||||
#endif
|
||||
+ char line[2048];
|
||||
+ int doublelookups = 0;
|
||||
+
|
||||
+ if (apr_app_initialize(&argc, &argv, NULL) != APR_SUCCESS) {
|
||||
+ return 1;
|
||||
+ }
|
||||
|
||||
- check = 0;
|
||||
- statfile = NULL;
|
||||
- for (i = 1; i < argc; i++) {
|
||||
- if (strcmp(argv[i], "-c") == 0)
|
||||
- check = 1;
|
||||
- else if (strcmp(argv[i], "-s") == 0) {
|
||||
- if (i == argc - 1) {
|
||||
- fprintf(stderr, "logresolve: missing filename to -s\n");
|
||||
- exit(1);
|
||||
- }
|
||||
- i++;
|
||||
- statfile = argv[i];
|
||||
+ atexit(apr_terminate);
|
||||
+
|
||||
+ if (argc) {
|
||||
+ shortname = apr_filepath_name_get(argv[0]);
|
||||
+ }
|
||||
+
|
||||
+ if (apr_pool_create(&pool, NULL) != APR_SUCCESS) {
|
||||
+ return 1;
|
||||
+ }
|
||||
+ apr_file_open_stderr(&errfile, pool);
|
||||
+ apr_getopt_init(&o, pool, argc, argv);
|
||||
+
|
||||
+ while (1) {
|
||||
+ status = apr_getopt(o, "s:c", &opt, &arg);
|
||||
+ if (status == APR_EOF) {
|
||||
+ break;
|
||||
}
|
||||
- else {
|
||||
- fprintf(stderr, "Usage: logresolve [-s statfile] [-c] < input > output\n");
|
||||
- exit(0);
|
||||
+ else if (status != APR_SUCCESS) {
|
||||
+ usage();
|
||||
}
|
||||
+ else {
|
||||
+ switch (opt) {
|
||||
+ case 'c':
|
||||
+ if (doublelookups) {
|
||||
+ usage();
|
||||
+ }
|
||||
+ doublelookups = 1;
|
||||
+ break;
|
||||
+ case 's':
|
||||
+ if (stats) {
|
||||
+ usage();
|
||||
+ }
|
||||
+ stats = apr_pstrdup(pool, arg);
|
||||
+ break;
|
||||
+ } /* switch */
|
||||
+ } /* else */
|
||||
+ } /* while */
|
||||
+
|
||||
+ apr_file_open_stdout(&outfile, pool);
|
||||
+ apr_file_open_stdin(&infile, pool);
|
||||
+
|
||||
+#if APR_MAJOR_VERSION > 1 || (APR_MAJOR_VERSION == 1 && APR_MINOR_VERSION >= 3)
|
||||
+ /* Allocate two new 10k file buffers */
|
||||
+ if ((outbuffer = apr_palloc(pool, 10240)) == NULL ||
|
||||
+ (inbuffer = apr_palloc(pool, 10240)) == NULL) {
|
||||
+ return 1;
|
||||
}
|
||||
+
|
||||
+ /* Set the buffers */
|
||||
+ apr_file_buffer_set(infile, inbuffer, 10240);
|
||||
+ apr_file_buffer_set(outfile, outbuffer, 10240);
|
||||
+#endif
|
||||
+
|
||||
+ cache = apr_hash_make(pool);
|
||||
|
||||
- for (i = 0; i < BUCKETS; i++)
|
||||
- nscache[i] = NULL;
|
||||
- for (i = 0; i < MAX_ERR + 2; i++)
|
||||
- errors[i] = 0;
|
||||
-
|
||||
- while (get_line(line, MAXLINE)) {
|
||||
- if (line[0] == '\0')
|
||||
+ while(apr_file_gets(line, 2048, infile) == APR_SUCCESS) {
|
||||
+ if (line[0] == '\0') {
|
||||
continue;
|
||||
+ }
|
||||
+
|
||||
+ /* Count our log entries */
|
||||
entries++;
|
||||
- if (!apr_isdigit(line[0])) { /* short cut */
|
||||
- puts(line);
|
||||
- withname++;
|
||||
+
|
||||
+ /* Check if this could even be an IP address */
|
||||
+ if (!apr_isxdigit(line[0]) && line[0] != ':') {
|
||||
+ withname++;
|
||||
+ apr_file_puts(line, outfile);
|
||||
+ continue;
|
||||
+ }
|
||||
+
|
||||
+ /* Terminate the line at the next space */
|
||||
+ if((space = strchr(line, ' ')) != NULL) {
|
||||
+ *space = '\0';
|
||||
+ }
|
||||
+
|
||||
+ /* See if we have it in our cache */
|
||||
+ hostname = (char *) apr_hash_get(cache, (const void *)line,
|
||||
+ strlen(line));
|
||||
+ if (hostname) {
|
||||
+ apr_file_printf(outfile, "%s %s", hostname, space + 1);
|
||||
+ cachehits++;
|
||||
+ continue;
|
||||
+ }
|
||||
+
|
||||
+ /* Parse the IP address */
|
||||
+ status = apr_sockaddr_info_get(&ip, line, APR_UNSPEC ,0, 0, pool);
|
||||
+ if (status != APR_SUCCESS) {
|
||||
+ /* Not an IP address */
|
||||
+ withname++;
|
||||
+ *space = ' ';
|
||||
+ apr_file_puts(line, outfile);
|
||||
continue;
|
||||
}
|
||||
- bar = strchr(line, ' ');
|
||||
- if (bar != NULL)
|
||||
- *bar = '\0';
|
||||
- ipnum.s_addr = inet_addr(line);
|
||||
- if (ipnum.s_addr == 0xffffffffu) {
|
||||
- if (bar != NULL)
|
||||
- *bar = ' ';
|
||||
- puts(line);
|
||||
- withname++;
|
||||
+
|
||||
+ /* This does not make much sense, but historically "resolves" means
|
||||
+ * "parsed as an IP address". It does not mean we actually resolved
|
||||
+ * the IP address into a hostname.
|
||||
+ */
|
||||
+ resolves++;
|
||||
+
|
||||
+ /* From here on our we cache each result, even if it was not
|
||||
+ * succesful
|
||||
+ */
|
||||
+ cachesize++;
|
||||
+
|
||||
+ /* Try and perform a reverse lookup */
|
||||
+ status = apr_getnameinfo(&hostname, ip, 0) != APR_SUCCESS;
|
||||
+ if (status || hostname == NULL) {
|
||||
+ /* Could not perform a reverse lookup */
|
||||
+ *space = ' ';
|
||||
+ apr_file_puts(line, outfile);
|
||||
+ noreverse++;
|
||||
+
|
||||
+ /* Add to cache */
|
||||
+ *space = '\0';
|
||||
+ apr_hash_set(cache, (const void *) line, strlen(line),
|
||||
+ (const void *) apr_pstrdup(pool, line));
|
||||
continue;
|
||||
}
|
||||
|
||||
- resolves++;
|
||||
+ /* Perform a double lookup */
|
||||
+ if (doublelookups) {
|
||||
+ /* Do a forward lookup on our hostname, and see if that matches our
|
||||
+ * original IP address.
|
||||
+ */
|
||||
+ status = apr_sockaddr_info_get(&ipdouble, hostname, ip->family, 0,
|
||||
+ 0, pool);
|
||||
+ if (status == APR_SUCCESS ||
|
||||
+ memcmp(ipdouble->ipaddr_ptr, ip->ipaddr_ptr, ip->ipaddr_len)) {
|
||||
+ /* Double-lookup failed */
|
||||
+ *space = ' ';
|
||||
+ apr_file_puts(line, outfile);
|
||||
+ doublefailed++;
|
||||
+
|
||||
+ /* Add to cache */
|
||||
+ *space = '\0';
|
||||
+ apr_hash_set(cache, (const void *) line, strlen(line),
|
||||
+ (const void *) apr_pstrdup(pool, line));
|
||||
+ continue;
|
||||
+ }
|
||||
+ }
|
||||
|
||||
- cgethost(ipnum, hoststring, check);
|
||||
- if (bar != NULL)
|
||||
- printf("%s %s\n", hoststring, bar + 1);
|
||||
- else
|
||||
- puts(hoststring);
|
||||
- }
|
||||
+ /* Outout the resolved name */
|
||||
+ apr_file_printf(outfile, "%s %s", hostname, space + 1);
|
||||
|
||||
-#if defined(WIN32) || (defined(NETWARE) && defined(USE_WINSOCK))
|
||||
- WSACleanup();
|
||||
-#endif
|
||||
+ /* Store it in the cache */
|
||||
+ apr_hash_set(cache, (const void *) line, strlen(line),
|
||||
+ (const void *) apr_pstrdup(pool, hostname));
|
||||
+ }
|
||||
|
||||
- if (statfile != NULL) {
|
||||
- FILE *fp;
|
||||
- fp = fopen(statfile, "w");
|
||||
- if (fp == NULL) {
|
||||
- fprintf(stderr, "logresolve: could not open statistics file '%s'\n"
|
||||
- ,statfile);
|
||||
- exit(1);
|
||||
+ /* Flush any remaining output */
|
||||
+ apr_file_flush(outfile);
|
||||
+
|
||||
+ if (stats) {
|
||||
+ if (apr_file_open(&statsfile, stats,
|
||||
+ APR_FOPEN_WRITE | APR_FOPEN_CREATE | APR_FOPEN_TRUNCATE,
|
||||
+ APR_OS_DEFAULT, pool) != APR_SUCCESS) {
|
||||
+ apr_file_printf(errfile, "%s: Could not open %s for writing.",
|
||||
+ shortname, stats);
|
||||
+ return 1;
|
||||
}
|
||||
- stats(fp);
|
||||
- fclose(fp);
|
||||
+ print_statistics(statsfile);
|
||||
+ apr_file_close(statsfile);
|
||||
}
|
||||
|
||||
- return (0);
|
||||
+ return 0;
|
||||
}
|
@ -1,255 +0,0 @@
|
||||
diff --git a/modules/proxy/mod_proxy.c b/modules/proxy/mod_proxy.c
|
||||
index 1efe95c..5276cac 100644
|
||||
--- a/modules/proxy/mod_proxy.c
|
||||
+++ b/modules/proxy/mod_proxy.c
|
||||
@@ -2242,14 +2242,7 @@ static int proxy_status_hook(request_rec *r, int flags)
|
||||
char fbuf[50];
|
||||
ap_rvputs(r, "<tr>\n<td>", worker->scheme, "</td>", NULL);
|
||||
ap_rvputs(r, "<td>", worker->hostname, "</td><td>", NULL);
|
||||
- if (worker->s->status & PROXY_WORKER_DISABLED)
|
||||
- ap_rputs("Dis", r);
|
||||
- else if (worker->s->status & PROXY_WORKER_IN_ERROR)
|
||||
- ap_rputs("Err", r);
|
||||
- else if (worker->s->status & PROXY_WORKER_INITIALIZED)
|
||||
- ap_rputs("Ok", r);
|
||||
- else
|
||||
- ap_rputs("-", r);
|
||||
+ ap_rvputs(r, ap_proxy_parse_wstatus(r->pool, worker), NULL);
|
||||
ap_rvputs(r, "</td><td>", worker->s->route, NULL);
|
||||
ap_rvputs(r, "</td><td>", worker->s->redirect, NULL);
|
||||
ap_rprintf(r, "</td><td>%d</td>", worker->s->lbfactor);
|
||||
diff --git a/modules/proxy/mod_proxy.h b/modules/proxy/mod_proxy.h
|
||||
index 4a4bf17..1b4ba6d 100644
|
||||
--- a/modules/proxy/mod_proxy.h
|
||||
+++ b/modules/proxy/mod_proxy.h
|
||||
@@ -274,6 +274,16 @@ struct proxy_conn_pool {
|
||||
#define PROXY_WORKER_IN_ERROR 0x0080
|
||||
#define PROXY_WORKER_HOT_STANDBY 0x0100
|
||||
|
||||
+/* worker status flags */
|
||||
+#define PROXY_WORKER_INITIALIZED_FLAG 'O'
|
||||
+#define PROXY_WORKER_IGNORE_ERRORS_FLAG 'I'
|
||||
+#define PROXY_WORKER_IN_SHUTDOWN_FLAG 'U'
|
||||
+#define PROXY_WORKER_DISABLED_FLAG 'D'
|
||||
+#define PROXY_WORKER_STOPPED_FLAG 'S'
|
||||
+#define PROXY_WORKER_IN_ERROR_FLAG 'E'
|
||||
+#define PROXY_WORKER_HOT_STANDBY_FLAG 'H'
|
||||
+#define PROXY_WORKER_FREE_FLAG 'F'
|
||||
+
|
||||
#define PROXY_WORKER_NOT_USABLE_BITMAP ( PROXY_WORKER_IN_SHUTDOWN | \
|
||||
PROXY_WORKER_DISABLED | PROXY_WORKER_STOPPED | PROXY_WORKER_IN_ERROR )
|
||||
|
||||
@@ -776,6 +786,23 @@ PROXY_DECLARE(apr_status_t)
|
||||
ap_proxy_buckets_lifetime_transform(request_rec *r, apr_bucket_brigade *from,
|
||||
apr_bucket_brigade *to);
|
||||
|
||||
+/**
|
||||
+ * Set/unset the worker status bitfield depending on flag
|
||||
+ * @param c flag
|
||||
+ * @param set set or unset bit
|
||||
+ * @param w worker to use
|
||||
+ * @return APR_SUCCESS if valid flag
|
||||
+ */
|
||||
+PROXY_DECLARE(apr_status_t) ap_proxy_set_wstatus(char c, int set, proxy_worker *w);
|
||||
+
|
||||
+/**
|
||||
+ * Create readable representation of worker status bitfield
|
||||
+ * @param p pool
|
||||
+ * @param w worker to use
|
||||
+ * @return string representation of status
|
||||
+ */
|
||||
+PROXY_DECLARE(char *) ap_proxy_parse_wstatus(apr_pool_t *p, proxy_worker *w);
|
||||
+
|
||||
#define PROXY_LBMETHOD "proxylbmethod"
|
||||
|
||||
/* The number of dynamic workers that can be added when reconfiguring.
|
||||
diff --git a/modules/proxy/mod_proxy_balancer.c b/modules/proxy/mod_proxy_balancer.c
|
||||
index 90f3d08..e58503f 100644
|
||||
--- a/modules/proxy/mod_proxy_balancer.c
|
||||
+++ b/modules/proxy/mod_proxy_balancer.c
|
||||
@@ -675,6 +675,18 @@ static int balancer_init(apr_pool_t *p, apr_pool_t *plog,
|
||||
return OK;
|
||||
}
|
||||
|
||||
+static void create_radio(const char *name, unsigned int flag, proxy_worker *w,
|
||||
+ request_rec *r)
|
||||
+{
|
||||
+ ap_rvputs(r, "<td>Set <input name='", name, "' value='1' type=radio", NULL);
|
||||
+ if (w->s->status & flag)
|
||||
+ ap_rputs(" checked", r);
|
||||
+ ap_rvputs(r, "> <br/> Clear <input name='", name, "' value='0' type=radio", NULL);
|
||||
+ if (!(w->s->status & flag))
|
||||
+ ap_rputs(" checked", r);
|
||||
+ ap_rputs("></td>\n", r);
|
||||
+}
|
||||
+
|
||||
/* Manages the loadfactors and member status
|
||||
*/
|
||||
static int balancer_handler(request_rec *r)
|
||||
@@ -770,11 +782,17 @@ static int balancer_handler(request_rec *r)
|
||||
else
|
||||
*wsel->s->redirect = '\0';
|
||||
}
|
||||
- if ((val = apr_table_get(params, "dw"))) {
|
||||
- if (!strcasecmp(val, "Disable"))
|
||||
- wsel->s->status |= PROXY_WORKER_DISABLED;
|
||||
- else if (!strcasecmp(val, "Enable"))
|
||||
- wsel->s->status &= ~PROXY_WORKER_DISABLED;
|
||||
+ if ((val = apr_table_get(params, "status_I"))) {
|
||||
+ ap_proxy_set_wstatus('I', atoi(val), wsel);
|
||||
+ }
|
||||
+ if ((val = apr_table_get(params, "status_N"))) {
|
||||
+ ap_proxy_set_wstatus('N', atoi(val), wsel);
|
||||
+ }
|
||||
+ if ((val = apr_table_get(params, "status_D"))) {
|
||||
+ ap_proxy_set_wstatus('D', atoi(val), wsel);
|
||||
+ }
|
||||
+ if ((val = apr_table_get(params, "status_H"))) {
|
||||
+ ap_proxy_set_wstatus('H', atoi(val), wsel);
|
||||
}
|
||||
if ((val = apr_table_get(params, "ls"))) {
|
||||
int ival = atoi(val);
|
||||
@@ -784,10 +802,11 @@ static int balancer_handler(request_rec *r)
|
||||
}
|
||||
|
||||
}
|
||||
+
|
||||
if (apr_table_get(params, "xml")) {
|
||||
ap_set_content_type(r, "text/xml");
|
||||
- ap_rputs("<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n", r);
|
||||
- ap_rputs("<httpd:manager xmlns:httpd=\"http://httpd.apache.org\">\n", r);
|
||||
+ ap_rputs("<?xml version='1.0' encoding='UTF-8' ?>\n", r);
|
||||
+ ap_rputs("<httpd:manager xmlns:httpd='http://httpd.apache.org'>\n", r);
|
||||
ap_rputs(" <httpd:balancers>\n", r);
|
||||
balancer = (proxy_balancer *)conf->balancers->elts;
|
||||
for (i = 0; i < conf->balancers->nelts; i++) {
|
||||
@@ -865,18 +884,7 @@ static int balancer_handler(request_rec *r)
|
||||
ap_escape_html(r->pool, worker->s->redirect), NULL);
|
||||
ap_rprintf(r, "</td><td>%d</td>", worker->s->lbfactor);
|
||||
ap_rprintf(r, "<td>%d</td><td>", worker->s->lbset);
|
||||
- if (worker->s->status & PROXY_WORKER_DISABLED)
|
||||
- ap_rputs("Dis ", r);
|
||||
- if (worker->s->status & PROXY_WORKER_IN_ERROR)
|
||||
- ap_rputs("Err ", r);
|
||||
- if (worker->s->status & PROXY_WORKER_STOPPED)
|
||||
- ap_rputs("Stop ", r);
|
||||
- if (worker->s->status & PROXY_WORKER_HOT_STANDBY)
|
||||
- ap_rputs("Stby ", r);
|
||||
- if (PROXY_WORKER_IS_USABLE(worker))
|
||||
- ap_rputs("Ok", r);
|
||||
- if (!PROXY_WORKER_IS_INITIALIZED(worker))
|
||||
- ap_rputs("-", r);
|
||||
+ ap_rvputs(r, ap_proxy_parse_wstatus(r->pool, worker), NULL);
|
||||
ap_rputs("</td>", r);
|
||||
ap_rprintf(r, "<td>%" APR_SIZE_T_FMT "</td><td>", worker->s->elected);
|
||||
ap_rputs(apr_strfsize(worker->s->transferred, fbuf), r);
|
||||
@@ -907,21 +915,20 @@ static int balancer_handler(request_rec *r)
|
||||
ap_rvputs(r, "value=\"", ap_escape_html(r->pool, wsel->s->redirect),
|
||||
NULL);
|
||||
ap_rputs("\"></td></tr>\n", r);
|
||||
- ap_rputs("<tr><td>Status:</td><td>Disabled: <input name=\"dw\" value=\"Disable\" type=radio", r);
|
||||
- if (wsel->s->status & PROXY_WORKER_DISABLED)
|
||||
- ap_rputs(" checked", r);
|
||||
- ap_rputs("> | Enabled: <input name=\"dw\" value=\"Enable\" type=radio", r);
|
||||
- if (!(wsel->s->status & PROXY_WORKER_DISABLED))
|
||||
- ap_rputs(" checked", r);
|
||||
- ap_rputs("></td></tr>\n", r);
|
||||
- ap_rputs("<tr><td colspan=2><input type=submit value=\"Submit\"></td></tr>\n", r);
|
||||
- ap_rvputs(r, "</table>\n<input type=hidden name=\"w\" ", NULL);
|
||||
- ap_rvputs(r, "value=\"", ap_escape_uri(r->pool, wsel->name), "\">\n", NULL);
|
||||
- ap_rvputs(r, "<input type=hidden name=\"b\" ", NULL);
|
||||
- ap_rvputs(r, "value=\"", bsel->name + sizeof("balancer://") - 1,
|
||||
- "\">\n", NULL);
|
||||
- ap_rvputs(r, "<input type=hidden name=\"nonce\" value=\"",
|
||||
- balancer_nonce, "\">\n", NULL);
|
||||
+ ap_rputs("<tr><td>Status:</td>", r);
|
||||
+ ap_rputs("<td><table border='1'><tr><th>Ign</th><th>Dis</th><th>Stby</th></tr>\n<tr>", r);
|
||||
+ create_radio("status_I", PROXY_WORKER_IGNORE_ERRORS, wsel, r);
|
||||
+ create_radio("status_D", PROXY_WORKER_DISABLED, wsel, r);
|
||||
+ create_radio("status_H", PROXY_WORKER_HOT_STANDBY, wsel, r);
|
||||
+ ap_rputs("</tr></table>\n", r);
|
||||
+ ap_rputs("<tr><td colspan=2><input type=submit value='Submit'></td></tr>\n", r);
|
||||
+ ap_rvputs(r, "</table>\n<input type=hidden name='w' ", NULL);
|
||||
+ ap_rvputs(r, "value='", ap_escape_uri(r->pool, wsel->name), "'>\n", NULL);
|
||||
+ ap_rvputs(r, "<input type=hidden name='b' ", NULL);
|
||||
+ ap_rvputs(r, "value='", bsel->name + sizeof("balancer://") - 1,
|
||||
+ "'>\n", NULL);
|
||||
+ ap_rvputs(r, "<input type=hidden name='nonce' value='",
|
||||
+ balancer_nonce, "'>\n", NULL);
|
||||
ap_rvputs(r, "</form>\n", NULL);
|
||||
ap_rputs("<hr />\n", r);
|
||||
}
|
||||
diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c
|
||||
index 95f4a78..58f630b 100644
|
||||
--- a/modules/proxy/proxy_util.c
|
||||
+++ b/modules/proxy/proxy_util.c
|
||||
@@ -2678,3 +2678,69 @@ ap_proxy_buckets_lifetime_transform(request_rec *r, apr_bucket_brigade *from,
|
||||
}
|
||||
return rv;
|
||||
}
|
||||
+
|
||||
+PROXY_DECLARE(apr_status_t) ap_proxy_set_wstatus(const char c, int set, proxy_worker *w)
|
||||
+{
|
||||
+ char bit = toupper(c);
|
||||
+ switch (bit) {
|
||||
+ case PROXY_WORKER_DISABLED_FLAG :
|
||||
+ if (set)
|
||||
+ w->s->status |= PROXY_WORKER_DISABLED;
|
||||
+ else
|
||||
+ w->s->status &= ~PROXY_WORKER_DISABLED;
|
||||
+ break;
|
||||
+ case PROXY_WORKER_STOPPED_FLAG :
|
||||
+ if (set)
|
||||
+ w->s->status |= PROXY_WORKER_STOPPED;
|
||||
+ else
|
||||
+ w->s->status &= ~PROXY_WORKER_STOPPED;
|
||||
+ break;
|
||||
+ case PROXY_WORKER_IN_ERROR_FLAG :
|
||||
+ if (set)
|
||||
+ w->s->status |= PROXY_WORKER_IN_ERROR;
|
||||
+ else
|
||||
+ w->s->status &= ~PROXY_WORKER_IN_ERROR;
|
||||
+ break;
|
||||
+ case PROXY_WORKER_HOT_STANDBY_FLAG :
|
||||
+ if (set)
|
||||
+ w->s->status |= PROXY_WORKER_HOT_STANDBY;
|
||||
+ else
|
||||
+ w->s->status &= ~PROXY_WORKER_HOT_STANDBY;
|
||||
+ break;
|
||||
+ case PROXY_WORKER_IGNORE_ERRORS_FLAG :
|
||||
+ if (set)
|
||||
+ w->s->status |= PROXY_WORKER_IGNORE_ERRORS;
|
||||
+ else
|
||||
+ w->s->status &= ~PROXY_WORKER_IGNORE_ERRORS;
|
||||
+ break;
|
||||
+ default:
|
||||
+ return APR_EINVAL;
|
||||
+ break;
|
||||
+ }
|
||||
+ return APR_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+PROXY_DECLARE(char *) ap_proxy_parse_wstatus(apr_pool_t *p, proxy_worker *w)
|
||||
+{
|
||||
+ char *ret = NULL;
|
||||
+ unsigned int status = w->s->status;
|
||||
+ if (status & PROXY_WORKER_INITIALIZED)
|
||||
+ ret = apr_pstrcat(p, "Init ", NULL);
|
||||
+ else
|
||||
+ ret = apr_pstrcat(p, "!Init ", NULL);
|
||||
+ if (status & PROXY_WORKER_IGNORE_ERRORS)
|
||||
+ ret = apr_pstrcat(p, ret, "Ign ", NULL);
|
||||
+ if (status & PROXY_WORKER_IN_SHUTDOWN)
|
||||
+ ret = apr_pstrcat(p, ret, "Shut ", NULL);
|
||||
+ if (status & PROXY_WORKER_DISABLED)
|
||||
+ ret = apr_pstrcat(p, ret, "Dis ", NULL);
|
||||
+ if (status & PROXY_WORKER_STOPPED)
|
||||
+ ret = apr_pstrcat(p, ret, "Stop ", NULL);
|
||||
+ if (status & PROXY_WORKER_IN_ERROR)
|
||||
+ ret = apr_pstrcat(p, ret, "Err ", NULL);
|
||||
+ if (status & PROXY_WORKER_HOT_STANDBY)
|
||||
+ ret = apr_pstrcat(p, ret, "Stby ", NULL);
|
||||
+ if (PROXY_WORKER_IS_USABLE(w))
|
||||
+ ret = apr_pstrcat(p, ret, "Ok ", NULL);
|
||||
+ return ret;
|
||||
+}
|
@ -1,24 +0,0 @@
|
||||
|
||||
http://svn.apache.org/viewvc?view=revision&revision=r1243176
|
||||
|
||||
--- httpd-2.2.22/server/util_pcre.c.pcre830
|
||||
+++ httpd-2.2.22/server/util_pcre.c
|
||||
@@ -128,6 +128,7 @@ AP_DECLARE(int) ap_regcomp(ap_regex_t *p
|
||||
const char *errorptr;
|
||||
int erroffset;
|
||||
int options = 0;
|
||||
+int nsub;
|
||||
|
||||
if ((cflags & AP_REG_ICASE) != 0) options |= PCRE_CASELESS;
|
||||
if ((cflags & AP_REG_NEWLINE) != 0) options |= PCRE_MULTILINE;
|
||||
@@ -137,7 +138,9 @@ preg->re_erroffset = erroffset;
|
||||
|
||||
if (preg->re_pcre == NULL) return AP_REG_INVARG;
|
||||
|
||||
-preg->re_nsub = pcre_info((const pcre *)preg->re_pcre, NULL, NULL);
|
||||
+pcre_fullinfo((const pcre *)preg->re_pcre, NULL,
|
||||
+ PCRE_INFO_CAPTURECOUNT, &nsub);
|
||||
+preg->re_nsub = nsub;
|
||||
return 0;
|
||||
}
|
||||
|
@ -1,20 +0,0 @@
|
||||
|
||||
Link only against the libtool libraries to avoid pulling in
|
||||
all dependencies if libapr/libaprutil.
|
||||
|
||||
Upstream-Status: probably breaks static builds, not desired
|
||||
|
||||
--- httpd-2.2.9/configure.in.deplibs
|
||||
+++ httpd-2.2.9/configure.in
|
||||
@@ -588,9 +588,8 @@ APACHE_HELP_STRING(--with-suexec-umask,u
|
||||
AC_DEFINE_UNQUOTED(AP_SUEXEC_UMASK, 0$withval, [umask for suexec'd process] ) ] )
|
||||
|
||||
dnl APR should go after the other libs, so the right symbols can be picked up
|
||||
-apulinklibs="`$apu_config --avoid-ldap --link-libtool --libs`" \
|
||||
- || apulinklibs="`$apu_config --link-libtool --libs`"
|
||||
-AP_LIBS="$AP_LIBS $apulinklibs `$apr_config --link-libtool --libs`"
|
||||
+apulinklibs="`$apu_config --link-libtool`"
|
||||
+AP_LIBS="$AP_LIBS $apulinklibs `$apr_config --link-libtool`"
|
||||
APACHE_SUBST(AP_LIBS)
|
||||
APACHE_SUBST(AP_BUILD_SRCLIB_DIRS)
|
||||
APACHE_SUBST(AP_CLEAN_SRCLIB_DIRS)
|
@ -1,21 +0,0 @@
|
||||
Removes setuid check because we are now using capabilities to ensure proper
|
||||
suexec rights.
|
||||
|
||||
Upstream-status: Not acceptable for upstream in current status.
|
||||
suexec_enabled part is in trunk,differently
|
||||
|
||||
diff --git a/os/unix/unixd.c b/os/unix/unixd.c
|
||||
index 85d5a98..1ee1dfe 100644
|
||||
--- a/os/unix/unixd.c
|
||||
+++ b/os/unix/unixd.c
|
||||
@@ -271,8 +271,8 @@ AP_DECLARE(void) unixd_pre_config(apr_pool_t *ptemp)
|
||||
return;
|
||||
}
|
||||
|
||||
- if ((wrapper.protection & APR_USETID) && wrapper.user == 0) {
|
||||
- unixd_config.suexec_enabled = 1;
|
||||
+ if (wrapper.user == 0) {
|
||||
+ unixd_config.suexec_enabled = access(SUEXEC_BIN, R_OK|X_OK) == 0;
|
||||
}
|
||||
}
|
||||
|
@ -2,16 +2,15 @@
|
||||
- fail gracefully if links is not installed on target system
|
||||
- source sysconfig/httpd for custom env. vars etc.
|
||||
- make httpd -t work even in SELinux
|
||||
- refuse to restart into a bad config
|
||||
- pass $OPTIONS to all $HTTPD invocation
|
||||
|
||||
Upstream-HEAD: vendor
|
||||
Upstream-2.0: vendor
|
||||
Upstream-Status: Vendor-specific changes for better initscript integration
|
||||
|
||||
--- httpd-2.1.10/support/apachectl.in.apctl
|
||||
+++ httpd-2.1.10/support/apachectl.in
|
||||
@@ -43,19 +43,25 @@
|
||||
--- httpd-2.4.1/support/apachectl.in.apctl
|
||||
+++ httpd-2.4.1/support/apachectl.in
|
||||
@@ -44,19 +44,25 @@ ARGV="$@"
|
||||
# the path to your httpd binary, including options if necessary
|
||||
HTTPD='@exp_sbindir@/@progname@'
|
||||
#
|
||||
@ -42,7 +41,7 @@ Upstream-Status: Vendor-specific changes for better initscript integration
|
||||
#
|
||||
# Set this variable to a command that increases the maximum
|
||||
# number of file descriptors allowed per child process. This is
|
||||
@@ -75,29 +81,51 @@
|
||||
@@ -76,9 +82,27 @@ if [ "x$ARGV" = "x" ] ; then
|
||||
ARGV="-h"
|
||||
fi
|
||||
|
||||
@ -64,27 +63,15 @@ Upstream-Status: Vendor-specific changes for better initscript integration
|
||||
+ERROR=$?
|
||||
+}
|
||||
+
|
||||
case $ARGV in
|
||||
-start|stop|restart|graceful|graceful-stop)
|
||||
case $ACMD in
|
||||
start|stop|restart|graceful|graceful-stop)
|
||||
- $HTTPD -k $ARGV
|
||||
- ERROR=$?
|
||||
+restart|graceful)
|
||||
+ if $HTTPD $OPTIONS -t >&/dev/null; then
|
||||
+ $HTTPD $OPTIONS -k $ARGV
|
||||
+ ERROR=$?
|
||||
+ else
|
||||
+ echo "apachectl: Configuration syntax error, will not run \"$ARGV\":"
|
||||
+ testconfig
|
||||
+ fi
|
||||
ERROR=$?
|
||||
;;
|
||||
-startssl|sslstart|start-SSL)
|
||||
- echo The startssl option is no longer supported.
|
||||
- echo Please edit httpd.conf to include the SSL configuration settings
|
||||
- echo and then use "apachectl start".
|
||||
- ERROR=2
|
||||
+start|stop|graceful-stop)
|
||||
+ $HTTPD $OPTIONS -k $ARGV
|
||||
+ ERROR=$?
|
||||
startssl|sslstart|start-SSL)
|
||||
@@ -88,17 +112,18 @@ startssl|sslstart|start-SSL)
|
||||
ERROR=2
|
||||
;;
|
||||
configtest)
|
||||
- $HTTPD -t
|
||||
@ -100,8 +87,8 @@ Upstream-Status: Vendor-specific changes for better initscript integration
|
||||
$LYNX $STATUSURL
|
||||
;;
|
||||
*)
|
||||
- $HTTPD $ARGV
|
||||
+ $HTTPD $OPTIONS $ARGV
|
||||
- $HTTPD "$@"
|
||||
+ $HTTPD $OPTIONS "$@"
|
||||
ERROR=$?
|
||||
esac
|
||||
|
22
httpd-2.4.1-apr14.patch
Normal file
22
httpd-2.4.1-apr14.patch
Normal file
@ -0,0 +1,22 @@
|
||||
--- httpd-2.4.1/support/rotatelogs.c.apr14
|
||||
+++ httpd-2.4.1/support/rotatelogs.c
|
||||
@@ -52,6 +52,7 @@
|
||||
#if APR_FILES_AS_SOCKETS
|
||||
#include "apr_poll.h"
|
||||
#endif
|
||||
+#include "apr_version.h"
|
||||
|
||||
#if APR_HAVE_STDLIB_H
|
||||
#include <stdlib.h>
|
||||
@@ -295,7 +296,11 @@ static void post_rotate(apr_pool_t *pool
|
||||
if (config->verbose) {
|
||||
fprintf(stderr,"Linking %s to %s\n", newlog->name, config->linkfile);
|
||||
}
|
||||
+#if APR_VERSION_AT_LEAST(1,4,0)
|
||||
rv = apr_file_link(newlog->name, config->linkfile);
|
||||
+#else
|
||||
+ rv = APR_ENOTIMPL;
|
||||
+#endif
|
||||
if (rv != APR_SUCCESS) {
|
||||
char error[120];
|
||||
apr_strerror(rv, error, sizeof error);
|
56
httpd-2.4.1-apxs.patch
Normal file
56
httpd-2.4.1-apxs.patch
Normal file
@ -0,0 +1,56 @@
|
||||
--- httpd-2.4.1/support/apxs.in.apxs
|
||||
+++ httpd-2.4.1/support/apxs.in
|
||||
@@ -25,7 +25,18 @@ package apxs;
|
||||
|
||||
my %config_vars = ();
|
||||
|
||||
-my $installbuilddir = "@exp_installbuilddir@";
|
||||
+# Awful hack to make apxs libdir-agnostic:
|
||||
+my $pkg_config = "/usr/bin/pkg-config";
|
||||
+if (! -x "$pkg_config") {
|
||||
+ error("$pkg_config not found!");
|
||||
+ exit(1);
|
||||
+}
|
||||
+
|
||||
+my $libdir = `pkg-config --variable=libdir apr-1`;
|
||||
+chomp $libdir;
|
||||
+
|
||||
+my $installbuilddir = $libdir . "/httpd/build";
|
||||
+
|
||||
get_config_vars("$installbuilddir/config_vars.mk",\%config_vars);
|
||||
|
||||
# read the configuration variables once
|
||||
@@ -273,7 +284,7 @@ if ($opt_g) {
|
||||
$data =~ s|%NAME%|$name|sg;
|
||||
$data =~ s|%TARGET%|$CFG_TARGET|sg;
|
||||
$data =~ s|%PREFIX%|$prefix|sg;
|
||||
- $data =~ s|%INSTALLBUILDDIR%|$installbuilddir|sg;
|
||||
+ $data =~ s|%LIBDIR%|$libdir|sg;
|
||||
|
||||
my ($mkf, $mods, $src) = ($data =~ m|^(.+)-=#=-\n(.+)-=#=-\n(.+)|s);
|
||||
|
||||
@@ -450,11 +461,11 @@ if ($opt_c) {
|
||||
|
||||
if ($opt_p == 1) {
|
||||
|
||||
- my $apr_libs=`$apr_config --cflags --ldflags --link-libtool --libs`;
|
||||
+ my $apr_libs=`$apr_config --cflags --ldflags --link-libtool`;
|
||||
chomp($apr_libs);
|
||||
my $apu_libs="";
|
||||
if ($apr_major_version < 2) {
|
||||
- $apu_libs=`$apu_config --ldflags --link-libtool --libs`;
|
||||
+ $apu_libs=`$apu_config --ldflags --link-libtool`;
|
||||
chomp($apu_libs);
|
||||
}
|
||||
|
||||
@@ -669,8 +680,8 @@ __DATA__
|
||||
|
||||
builddir=.
|
||||
top_srcdir=%PREFIX%
|
||||
-top_builddir=%PREFIX%
|
||||
-include %INSTALLBUILDDIR%/special.mk
|
||||
+top_builddir=%LIBDIR%/httpd
|
||||
+include %LIBDIR%/httpd/build/special.mk
|
||||
|
||||
# the used tools
|
||||
APXS=apxs
|
@ -5,12 +5,12 @@ configured.
|
||||
Upstream-Status: Was discussed but there are competing desires;
|
||||
there are portability oddities here too.
|
||||
|
||||
--- httpd-2.2.11/server/core.c.corelimit
|
||||
+++ httpd-2.2.11/server/core.c
|
||||
@@ -3777,6 +3779,25 @@ static int core_post_config(apr_pool_t *
|
||||
|
||||
set_banner(pconf);
|
||||
ap_setup_make_content_type(pconf);
|
||||
--- httpd-2.4.1/server/core.c.corelimit
|
||||
+++ httpd-2.4.1/server/core.c
|
||||
@@ -4433,6 +4433,25 @@ static int core_post_config(apr_pool_t *
|
||||
}
|
||||
apr_pool_cleanup_register(pconf, NULL, ap_mpm_end_gen_helper,
|
||||
apr_pool_cleanup_null);
|
||||
+
|
||||
+#ifdef RLIMIT_CORE
|
||||
+ if (ap_coredumpdir_configured) {
|
19
httpd-2.4.1-deplibs.patch
Normal file
19
httpd-2.4.1-deplibs.patch
Normal file
@ -0,0 +1,19 @@
|
||||
|
||||
Link straight against .la files.
|
||||
|
||||
Upstream-Status: vendor specific
|
||||
|
||||
--- httpd-2.4.1/configure.in.deplibs
|
||||
+++ httpd-2.4.1/configure.in
|
||||
@@ -707,9 +707,9 @@ APACHE_HELP_STRING(--with-suexec-umask,u
|
||||
|
||||
dnl APR should go after the other libs, so the right symbols can be picked up
|
||||
if test x${apu_found} != xobsolete; then
|
||||
- AP_LIBS="$AP_LIBS `$apu_config --avoid-ldap --link-libtool --libs`"
|
||||
+ AP_LIBS="$AP_LIBS `$apu_config --avoid-ldap --link-libtool`"
|
||||
fi
|
||||
-AP_LIBS="$AP_LIBS `$apr_config --link-libtool --libs`"
|
||||
+AP_LIBS="$AP_LIBS `$apr_config --link-libtool`"
|
||||
APACHE_SUBST(AP_LIBS)
|
||||
APACHE_SUBST(AP_BUILD_SRCLIB_DIRS)
|
||||
APACHE_SUBST(AP_CLEAN_SRCLIB_DIRS)
|
20
httpd-2.4.1-export.patch
Normal file
20
httpd-2.4.1-export.patch
Normal file
@ -0,0 +1,20 @@
|
||||
|
||||
There is no need to "suck in" the apr/apr-util symbols when using
|
||||
a shared libapr{,util}, it just bloats the symbol table; so don't.
|
||||
|
||||
Upstream-HEAD: needed
|
||||
Upstream-2.0: omit
|
||||
Upstream-Status: EXPORT_DIRS change is conditional on using shared apr
|
||||
|
||||
--- httpd-2.4.1/server/Makefile.in.export
|
||||
+++ httpd-2.4.1/server/Makefile.in
|
||||
@@ -57,9 +57,6 @@ export_files:
|
||||
( for dir in $(EXPORT_DIRS); do \
|
||||
ls $$dir/*.h ; \
|
||||
done; \
|
||||
- for dir in $(EXPORT_DIRS_APR); do \
|
||||
- ls $$dir/ap[ru].h $$dir/ap[ru]_*.h 2>/dev/null; \
|
||||
- done; \
|
||||
) | sort -u > $@
|
||||
|
||||
exports.c: export_files
|
29
httpd-2.4.1-layout.patch
Normal file
29
httpd-2.4.1-layout.patch
Normal file
@ -0,0 +1,29 @@
|
||||
--- httpd-2.4.1/config.layout.layout
|
||||
+++ httpd-2.4.1/config.layout
|
||||
@@ -347,3 +347,26 @@
|
||||
proxycachedir: ${localstatedir}/proxy
|
||||
</Layout>
|
||||
|
||||
+# Fedora/RHEL layout
|
||||
+<Layout Fedora>
|
||||
+ prefix: /usr
|
||||
+ exec_prefix: ${prefix}
|
||||
+ bindir: ${prefix}/bin
|
||||
+ sbindir: ${prefix}/sbin
|
||||
+ libdir: ${prefix}/lib
|
||||
+ libexecdir: ${prefix}/libexec
|
||||
+ mandir: ${prefix}/man
|
||||
+ sysconfdir: /etc/httpd/conf
|
||||
+ datadir: ${prefix}/share/httpd
|
||||
+ installbuilddir: ${libdir}/httpd/build
|
||||
+ errordir: ${datadir}/error
|
||||
+ iconsdir: ${datadir}/icons
|
||||
+ htdocsdir: /var/www/html
|
||||
+ manualdir: ${datadir}/manual
|
||||
+ cgidir: /var/www/cgi-bin
|
||||
+ includedir: ${prefix}/include/httpd
|
||||
+ localstatedir: /var
|
||||
+ runtimedir: ${localstatedir}/run/httpd
|
||||
+ logfiledir: ${localstatedir}/log/httpd
|
||||
+ proxycachedir: ${localstatedir}/cache/httpd
|
||||
+</Layout>
|
@ -3,34 +3,38 @@ Log the SELinux context at startup.
|
||||
|
||||
Upstream-Status: unlikely to be any interest in this upstream
|
||||
|
||||
--- httpd-2.2.11/configure.in.selinux
|
||||
+++ httpd-2.2.11/configure.in
|
||||
@@ -412,6 +412,10 @@ getpgid
|
||||
--- httpd-2.4.1/configure.in.selinux
|
||||
+++ httpd-2.4.1/configure.in
|
||||
@@ -458,6 +458,11 @@ fopen64
|
||||
dnl confirm that a void pointer is large enough to store a long integer
|
||||
APACHE_CHECK_VOID_PTR_LEN
|
||||
|
||||
+AC_CHECK_LIB(selinux, is_selinux_enabled, [
|
||||
+ AC_DEFINE(HAVE_SELINUX, 1, [Defined if SELinux is supported])
|
||||
+ APR_ADDTO(AP_LIBS, [-lselinux])
|
||||
+])
|
||||
+
|
||||
dnl ## Check for the tm_gmtoff field in struct tm to get the timezone diffs
|
||||
AC_CACHE_CHECK([for tm_gmtoff in struct tm], ac_cv_struct_tm_gmtoff,
|
||||
[AC_TRY_COMPILE([#include <sys/types.h>
|
||||
--- httpd-2.2.11/server/core.c.selinux
|
||||
+++ httpd-2.2.11/server/core.c
|
||||
@@ -51,6 +51,8 @@
|
||||
|
||||
#include "mod_so.h" /* for ap_find_loaded_module_symbol */
|
||||
AC_CACHE_CHECK([for gettid()], ac_cv_gettid,
|
||||
[AC_TRY_RUN(#define _GNU_SOURCE
|
||||
#include <unistd.h>
|
||||
--- httpd-2.4.1/server/core.c.selinux
|
||||
+++ httpd-2.4.1/server/core.c
|
||||
@@ -58,6 +58,10 @@
|
||||
#include <unistd.h>
|
||||
#endif
|
||||
|
||||
+#ifdef HAVE_SELINUX
|
||||
+#include <selinux/selinux.h>
|
||||
+#endif
|
||||
+
|
||||
/* LimitRequestBody handling */
|
||||
#define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1)
|
||||
#define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 0)
|
||||
@@ -3796,6 +3798,26 @@ static int core_post_config(apr_pool_t *
|
||||
@@ -4452,6 +4456,28 @@ static int core_post_config(apr_pool_t *
|
||||
}
|
||||
#endif
|
||||
|
||||
+#ifdef HAVE_SELINUX
|
||||
+ {
|
||||
+ static int already_warned = 0;
|
||||
+ int is_enabled = is_selinux_enabled() > 0;
|
||||
@ -50,6 +54,7 @@ Upstream-Status: unlikely to be any interest in this upstream
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
return OK;
|
||||
}
|
18
httpd-2.4.1-suenable.patch
Normal file
18
httpd-2.4.1-suenable.patch
Normal file
@ -0,0 +1,18 @@
|
||||
Removes setuid check because we are now using capabilities to ensure proper
|
||||
suexec rights.
|
||||
|
||||
Upstream-status: vendor specific.
|
||||
|
||||
diff --git a/os/unix/unixd.c b/os/unix/unixd.c
|
||||
index 85d5a98..1ee1dfe 100644
|
||||
--- httpd-2.4.1/modules/arch/unix/mod_unixd.c.suenable
|
||||
+++ httpd-2.4.1/modules/arch/unix/mod_unixd.c
|
||||
@@ -300,7 +300,7 @@ unixd_pre_config(apr_pool_t *pconf, apr_
|
||||
ap_unixd_config.suexec_enabled = 0;
|
||||
if ((apr_stat(&wrapper, SUEXEC_BIN, APR_FINFO_NORM, ptemp))
|
||||
== APR_SUCCESS) {
|
||||
- if ((wrapper.protection & APR_USETID) && wrapper.user == 0
|
||||
+ if (wrapper.user == 0
|
||||
&& (access(SUEXEC_BIN, R_OK|X_OK) == 0)) {
|
||||
ap_unixd_config.suexec_enabled = 1;
|
||||
ap_unixd_config.suexec_disabled_reason = "";
|
975
httpd.conf
975
httpd.conf
File diff suppressed because it is too large
Load Diff
@ -1,15 +1,15 @@
|
||||
[Unit]
|
||||
Description=The Apache HTTP Server (@NAME@ MPM)
|
||||
Description=The Apache HTTP Server
|
||||
After=syslog.target network.target remote-fs.target nss-lookup.target
|
||||
|
||||
[Service]
|
||||
Type=forking
|
||||
PIDFile=/var/run/httpd/httpd.pid
|
||||
EnvironmentFile=/etc/sysconfig/httpd
|
||||
ExecStart=@EXEC@ $OPTIONS -k start
|
||||
ExecReload=@EXEC@ $OPTIONS -t
|
||||
ExecReload=/bin/kill -HUP $MAINPID
|
||||
ExecStop=@EXEC@ $OPTIONS -k stop
|
||||
ExecStart=/usr/sbin/httpd $OPTIONS -k start
|
||||
ExecReload=/usr/sbin/httpd $OPTIONS -t
|
||||
ExecReload=/usr/sbin/httpd -HUP $MAINPID
|
||||
ExecStop=/usr/sbin/httpd $OPTIONS -k graceful-stop
|
||||
PrivateTmp=true
|
||||
|
||||
[Install]
|
||||
|
545
httpd.spec
545
httpd.spec
@ -1,51 +1,54 @@
|
||||
%define contentdir /var/www
|
||||
%define contentdir %{_datadir}/httpd
|
||||
%define docroot /var/www
|
||||
%define suexec_caller apache
|
||||
%define mmn 20051115
|
||||
%define mmn 20120211
|
||||
%define mmnisa %{mmn}-%{__isa_name}-%{__isa_bits}
|
||||
%define vstring Fedora
|
||||
%define mpms worker event
|
||||
%define all_services httpd.service httpd-worker.service httpd-event.service
|
||||
|
||||
Summary: Apache HTTP Server
|
||||
Name: httpd
|
||||
Version: 2.2.22
|
||||
Release: 2%{?dist}
|
||||
Version: 2.4.1
|
||||
Release: 1%{?dist}
|
||||
URL: http://httpd.apache.org/
|
||||
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
|
||||
Source1: index.html
|
||||
Source3: httpd.logrotate
|
||||
Source5: httpd.sysconf
|
||||
Source6: httpd-ssl-pass-dialog
|
||||
Source7: httpd.tmpfiles
|
||||
Source8: httpd.service
|
||||
Source10: httpd.conf
|
||||
Source11: ssl.conf
|
||||
Source12: welcome.conf
|
||||
Source13: manual.conf
|
||||
Source14: httpd.tmpfiles
|
||||
Source15: httpd.service
|
||||
Source11: 00-base.conf
|
||||
Source12: 00-mpm.conf
|
||||
Source13: 00-lua.conf
|
||||
Source14: 01-cgi.conf
|
||||
Source15: 00-dav.conf
|
||||
Source16: 00-proxy.conf
|
||||
Source17: 00-ssl.conf
|
||||
Source18: 00-ldap.conf
|
||||
Source19: userdir.conf
|
||||
Source20: ssl.conf
|
||||
Source21: welcome.conf
|
||||
Source22: manual.conf
|
||||
# Documentation
|
||||
Source31: httpd.mpm.xml
|
||||
Source33: README.confd
|
||||
# build/scripts patches
|
||||
Patch1: httpd-2.1.10-apctl.patch
|
||||
Patch2: httpd-2.1.10-apxs.patch
|
||||
Patch3: httpd-2.2.9-deplibs.patch
|
||||
Patch4: httpd-2.1.10-disablemods.patch
|
||||
Patch5: httpd-2.1.10-layout.patch
|
||||
Patch6: httpd-2.2.22-pcre830.patch
|
||||
Patch1: httpd-2.4.1-apctl.patch
|
||||
Patch2: httpd-2.4.1-apxs.patch
|
||||
Patch3: httpd-2.4.1-deplibs.patch
|
||||
Patch5: httpd-2.4.1-layout.patch
|
||||
Patch6: httpd-2.4.1-apr14.patch
|
||||
# Features/functional changes
|
||||
Patch20: httpd-2.0.48-release.patch
|
||||
Patch22: httpd-2.1.10-pod.patch
|
||||
Patch23: httpd-2.0.45-export.patch
|
||||
Patch24: httpd-2.2.11-corelimit.patch
|
||||
Patch25: httpd-2.2.11-selinux.patch
|
||||
Patch26: httpd-2.2.9-suenable.patch
|
||||
Patch27: httpd-2.2.19-logresolve-ipv6.patch
|
||||
Patch28: httpd-2.2.21-mod_proxy-change-state.patch
|
||||
Patch23: httpd-2.4.1-export.patch
|
||||
Patch24: httpd-2.4.1-corelimit.patch
|
||||
Patch25: httpd-2.4.1-selinux.patch
|
||||
Patch26: httpd-2.4.1-suenable.patch
|
||||
License: ASL 2.0
|
||||
Group: System Environment/Daemons
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
|
||||
BuildRequires: autoconf, perl, pkgconfig, findutils, xmlto
|
||||
BuildRequires: zlib-devel, libselinux-devel
|
||||
BuildRequires: zlib-devel, libselinux-devel, lua-devel
|
||||
BuildRequires: apr-devel >= 1.2.0, apr-util-devel >= 1.2.0, pcre-devel >= 5.0
|
||||
Requires: /etc/mime.types, system-logos >= 7.92.1-1
|
||||
Obsoletes: httpd-suexec
|
||||
@ -118,17 +121,13 @@ Security (TLS) protocols.
|
||||
%patch1 -p1 -b .apctl
|
||||
%patch2 -p1 -b .apxs
|
||||
%patch3 -p1 -b .deplibs
|
||||
%patch4 -p1 -b .disablemods
|
||||
%patch5 -p1 -b .layout
|
||||
%patch6 -p1 -b .pcre830
|
||||
%patch6 -p1 -b .apr14
|
||||
|
||||
%patch22 -p1 -b .pod
|
||||
%patch23 -p1 -b .export
|
||||
%patch24 -p1 -b .corelimit
|
||||
%patch25 -p1 -b .selinux
|
||||
%patch26 -p1 -b .suenable
|
||||
%patch27 -p1 -b .logresolve-ipv6
|
||||
%patch28 -p1 -b .mod_proxy-change-state
|
||||
|
||||
# Patch in vendor/release string
|
||||
sed "s/@RELEASE@/%{vstring}/" < %{PATCH20} | patch -p1
|
||||
@ -160,24 +159,8 @@ export LDFLAGS="-Wl,-z,relro,-z,now"
|
||||
# Hard-code path to links to avoid unnecessary builddep
|
||||
export LYNX_PATH=/usr/bin/links
|
||||
|
||||
function mpmbuild()
|
||||
{
|
||||
mpm=$1; shift
|
||||
|
||||
# Build the systemd file
|
||||
sed "s,@NAME@,${mpm},g;s,@EXEC@,%{_sbindir}/httpd.${mpm},g" %{SOURCE15} > httpd-${mpm}.service
|
||||
touch -r %{SOURCE15} httpd-${mpm}.service
|
||||
|
||||
# Build the man page
|
||||
ymdate=`date +'%b %Y'`
|
||||
sed "s/@PROGNAME@/httpd.${mpm}/g;s/@DATE@/${ymdate}/g;s/@VERSION@/%{version}/g;s/@MPM@/${mpm}/g;" \
|
||||
< $RPM_SOURCE_DIR/httpd.mpm.xml > httpd.${mpm}.8.xml
|
||||
xmlto man httpd.${mpm}.8.xml
|
||||
test -f httpd.${mpm}.8 || mv man/man8/httpd.${mpm}.8 .
|
||||
|
||||
# Build the daemon
|
||||
mkdir $mpm; pushd $mpm
|
||||
../configure \
|
||||
./configure \
|
||||
--prefix=%{_sysconfdir}/httpd \
|
||||
--exec-prefix=%{_prefix} \
|
||||
--bindir=%{_bindir} \
|
||||
@ -188,69 +171,55 @@ mkdir $mpm; pushd $mpm
|
||||
--includedir=%{_includedir}/httpd \
|
||||
--libexecdir=%{_libdir}/httpd/modules \
|
||||
--datadir=%{contentdir} \
|
||||
--enable-layout=Fedora \
|
||||
--with-installbuilddir=%{_libdir}/httpd/build \
|
||||
--with-mpm=$mpm \
|
||||
--enable-mpms-shared=all \
|
||||
--with-apr=%{_prefix} --with-apr-util=%{_prefix} \
|
||||
--enable-suexec --with-suexec \
|
||||
--with-suexec-caller=%{suexec_caller} \
|
||||
--with-suexec-docroot=%{contentdir} \
|
||||
--with-suexec-docroot=%{docroot} \
|
||||
--with-suexec-logfile=%{_localstatedir}/log/httpd/suexec.log \
|
||||
--with-suexec-bin=%{_sbindir}/suexec \
|
||||
--with-suexec-uidmin=500 --with-suexec-gidmin=100 \
|
||||
--enable-pie \
|
||||
--with-pcre \
|
||||
$*
|
||||
|
||||
make %{?_smp_mflags}
|
||||
popd
|
||||
}
|
||||
|
||||
# Build everything and the kitchen sink with the prefork build
|
||||
mpmbuild prefork \
|
||||
--enable-mods-shared=all \
|
||||
--enable-ssl --with-ssl --disable-distcache \
|
||||
--enable-proxy \
|
||||
--enable-cache \
|
||||
--enable-disk-cache \
|
||||
--enable-ldap --enable-authnz-ldap \
|
||||
--enable-cgid \
|
||||
--enable-cgid --enable-cgi \
|
||||
--enable-authn-anon --enable-authn-alias \
|
||||
--disable-imagemap
|
||||
|
||||
# For the other MPMs, just build httpd and no optional modules
|
||||
for f in %{mpms}; do
|
||||
mpmbuild $f --enable-modules=none
|
||||
done
|
||||
|
||||
# Create default/prefork service file for systemd
|
||||
sed "s,@NAME@,prefork,g;s,@EXEC@,%{_sbindir}/httpd,g" %{SOURCE15} > httpd.service
|
||||
touch -r %{SOURCE15} httpd.service
|
||||
--disable-imagemap \
|
||||
--disable-proxy-html \
|
||||
--disable-xml2enc \
|
||||
--disable-session
|
||||
$*
|
||||
make %{?_smp_mflags}
|
||||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
pushd prefork
|
||||
make DESTDIR=$RPM_BUILD_ROOT install
|
||||
popd
|
||||
|
||||
# install alternative MPMs; executables, man pages, and systemd service files
|
||||
# Install systemd service files
|
||||
mkdir -p $RPM_BUILD_ROOT/lib/systemd/system
|
||||
for f in %{mpms}; do
|
||||
install -m 755 ${f}/httpd $RPM_BUILD_ROOT%{_sbindir}/httpd.${f}
|
||||
install -m 644 httpd.${f}.8 $RPM_BUILD_ROOT%{_mandir}/man8/httpd.${f}.8
|
||||
install -p -m 644 httpd-${f}.service \
|
||||
$RPM_BUILD_ROOT/lib/systemd/system/httpd-${f}.service
|
||||
done
|
||||
|
||||
# Default httpd (prefork) service file
|
||||
install -p -m 644 httpd.service \
|
||||
install -p -m 644 $RPM_SOURCE_DIR/httpd.service \
|
||||
$RPM_BUILD_ROOT/lib/systemd/system/httpd.service
|
||||
|
||||
# install conf file/directory
|
||||
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d
|
||||
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d \
|
||||
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d
|
||||
install -m 644 $RPM_SOURCE_DIR/README.confd \
|
||||
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/README
|
||||
for f in ssl.conf welcome.conf manual.conf; do
|
||||
for f in 00-base.conf 00-mpm.conf 00-lua.conf 01-cgi.conf 00-dav.conf \
|
||||
00-proxy.conf 00-ssl.conf 00-ldap.conf; do
|
||||
install -m 644 -p $RPM_SOURCE_DIR/$f \
|
||||
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.modules.d/$f
|
||||
done
|
||||
|
||||
for f in welcome.conf manual.conf ssl.conf userdir.conf; do
|
||||
install -m 644 -p $RPM_SOURCE_DIR/$f \
|
||||
$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/$f
|
||||
done
|
||||
@ -278,19 +247,19 @@ touch $RPM_BUILD_ROOT%{_localstatedir}/cache/mod_ssl/scache.{dir,pag,sem}
|
||||
# create cache root
|
||||
mkdir $RPM_BUILD_ROOT%{_localstatedir}/cache/mod_proxy
|
||||
|
||||
# move utilities to /usr/bin
|
||||
mv $RPM_BUILD_ROOT%{_sbindir}/{ab,htdbm,logresolve,htpasswd,htdigest} \
|
||||
$RPM_BUILD_ROOT%{_bindir}
|
||||
|
||||
# Make the MMN accessible to module packages
|
||||
echo %{mmnisa} > $RPM_BUILD_ROOT%{_includedir}/httpd/.mmn
|
||||
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/rpm
|
||||
echo "%%_httpd_mmn %{mmnisa}" > $RPM_BUILD_ROOT%{_sysconfdir}/rpm/macros.httpd
|
||||
cat > $RPM_BUILD_ROOT%{_sysconfdir}/rpm/macros.httpd <<EOF
|
||||
%%_httpd_mmn %{mmnisa}
|
||||
%%_httpd_apxs %{_bindir}/apxs
|
||||
EOF
|
||||
|
||||
# docroot
|
||||
mkdir $RPM_BUILD_ROOT%{contentdir}/html
|
||||
# Handle contentdir
|
||||
mkdir $RPM_BUILD_ROOT%{contentdir}/noindex
|
||||
install -m 644 -p $RPM_SOURCE_DIR/index.html \
|
||||
$RPM_BUILD_ROOT%{contentdir}/error/noindex.html
|
||||
$RPM_BUILD_ROOT%{contentdir}/noindex/index.html
|
||||
rm -rf %{contentdir}/htdocs
|
||||
|
||||
# remove manual sources
|
||||
find $RPM_BUILD_ROOT%{contentdir}/manual \( \
|
||||
@ -307,15 +276,14 @@ for f in `find $RPM_BUILD_ROOT%{contentdir}/manual -name \*.html -type f`; do
|
||||
done
|
||||
set -x
|
||||
|
||||
# Clean Document Root
|
||||
rm -v $RPM_BUILD_ROOT%{docroot}/html/*.html \
|
||||
$RPM_BUILD_ROOT%{docroot}/cgi-bin/*
|
||||
|
||||
# Symlink for the powered-by-$DISTRO image:
|
||||
ln -s ../../..%{_datadir}/pixmaps/poweredby.png \
|
||||
$RPM_BUILD_ROOT%{contentdir}/icons/poweredby.png
|
||||
|
||||
# Set up /var directories
|
||||
rmdir $RPM_BUILD_ROOT%{_sysconfdir}/httpd/logs
|
||||
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/log/httpd
|
||||
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/run/httpd
|
||||
|
||||
# symlinks for /etc/httpd
|
||||
ln -s ../..%{_localstatedir}/log/httpd $RPM_BUILD_ROOT/etc/httpd/logs
|
||||
ln -s ../..%{_localstatedir}/run/httpd $RPM_BUILD_ROOT/etc/httpd/run
|
||||
@ -399,7 +367,7 @@ fi
|
||||
/sbin/chkconfig --del httpd >/dev/null 2>&1 || :
|
||||
|
||||
%posttrans
|
||||
/bin/systemctl try-restart %{all_services} >/dev/null 2>&1 || :
|
||||
/bin/systemctl try-restart httpd.service >/dev/null 2>&1 || :
|
||||
|
||||
%define sslcert %{_sysconfdir}/pki/tls/certs/localhost.crt
|
||||
%define sslkey %{_sysconfdir}/pki/tls/private/localhost.key
|
||||
@ -437,16 +405,6 @@ if readelf -d $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.so | grep TEXTREL; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Verify that the same modules were built into the httpd binaries
|
||||
./prefork/httpd -l | grep -v prefork > prefork.mods
|
||||
for mpm in %{mpms}; do
|
||||
./${mpm}/httpd -l | grep -v ${mpm} > ${mpm}.mods
|
||||
if ! diff -u prefork.mods ${mpm}.mods; then
|
||||
: Different modules built into httpd binaries, will not proceed
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
@ -461,18 +419,24 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%{_sysconfdir}/httpd/run
|
||||
%dir %{_sysconfdir}/httpd/conf
|
||||
%config(noreplace) %{_sysconfdir}/httpd/conf/httpd.conf
|
||||
%config(noreplace) %{_sysconfdir}/httpd/conf.d/welcome.conf
|
||||
%config(noreplace) %{_sysconfdir}/httpd/conf/magic
|
||||
|
||||
%config(noreplace) %{_sysconfdir}/logrotate.d/httpd
|
||||
|
||||
%dir %{_sysconfdir}/httpd/conf.d
|
||||
%{_sysconfdir}/httpd/conf.d/README
|
||||
%config(noreplace) %{_sysconfdir}/httpd/conf.d/welcome.conf
|
||||
%config(noreplace) %{_sysconfdir}/httpd/conf.d/userdir.conf
|
||||
|
||||
%dir %{_sysconfdir}/httpd/conf.modules.d
|
||||
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/*.conf
|
||||
%exclude %{_sysconfdir}/httpd/conf.modules.d/00-ssl.conf
|
||||
|
||||
%config(noreplace) %{_sysconfdir}/sysconfig/httpd
|
||||
%config %{_sysconfdir}/tmpfiles.d/httpd.conf
|
||||
|
||||
%{_sbindir}/ht*
|
||||
%{_sbindir}/fcgistarter
|
||||
%{_sbindir}/apachectl
|
||||
%{_sbindir}/rotatelogs
|
||||
# cap_dac_override needed to write to /var/log/httpd
|
||||
@ -484,16 +448,18 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%exclude %{_libdir}/httpd/modules/mod_ssl.so
|
||||
|
||||
%dir %{contentdir}
|
||||
%dir %{contentdir}/cgi-bin
|
||||
%dir %{contentdir}/html
|
||||
%dir %{contentdir}/icons
|
||||
%dir %{contentdir}/error
|
||||
%dir %{contentdir}/error/include
|
||||
%dir %{contentdir}/noindex
|
||||
%{contentdir}/icons/*
|
||||
%{contentdir}/error/README
|
||||
%{contentdir}/error/noindex.html
|
||||
%config %{contentdir}/error/*.var
|
||||
%config %{contentdir}/error/include/*.html
|
||||
%{contentdir}/error/*.var
|
||||
%{contentdir}/error/include/*.html
|
||||
%{contentdir}/noindex/index.html
|
||||
|
||||
%dir %{docroot}/cgi-bin
|
||||
%dir %{docroot}/html
|
||||
|
||||
%attr(0710,root,apache) %dir %{_localstatedir}/run/httpd
|
||||
%attr(0700,root,root) %dir %{_localstatedir}/log/httpd
|
||||
@ -509,15 +475,17 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%{_bindir}/*
|
||||
%{_mandir}/man1/*
|
||||
%doc LICENSE NOTICE
|
||||
%exclude %{_bindir}/apxs
|
||||
|
||||
%files manual
|
||||
%defattr(-,root,root)
|
||||
%{contentdir}/manual
|
||||
%config %{_sysconfdir}/httpd/conf.d/manual.conf
|
||||
%config(noreplace) %{_sysconfdir}/httpd/conf.d/manual.conf
|
||||
|
||||
%files -n mod_ssl
|
||||
%defattr(-,root,root)
|
||||
%{_libdir}/httpd/modules/mod_ssl.so
|
||||
%config(noreplace) %{_sysconfdir}/httpd/conf.modules.d/00-ssl.conf
|
||||
%config(noreplace) %{_sysconfdir}/httpd/conf.d/ssl.conf
|
||||
%attr(0700,apache,root) %dir %{_localstatedir}/cache/mod_ssl
|
||||
%attr(0600,apache,root) %ghost %{_localstatedir}/cache/mod_ssl/scache.dir
|
||||
@ -528,7 +496,7 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%files devel
|
||||
%defattr(-,root,root)
|
||||
%{_includedir}/httpd
|
||||
%{_sbindir}/apxs
|
||||
%{_bindir}/apxs
|
||||
%{_mandir}/man1/apxs.1*
|
||||
%dir %{_libdir}/httpd/build
|
||||
%{_libdir}/httpd/build/*.mk
|
||||
@ -536,6 +504,13 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%{_sysconfdir}/rpm/macros.httpd
|
||||
|
||||
%changelog
|
||||
* Tue Mar 6 2012 Joe Orton <jorton@redhat.com> - 2.4.1-1
|
||||
- update to 2.4.1
|
||||
- adopt upstream default httpd.conf (almost verbatim)
|
||||
- split all LoadModules to conf.modules.d/*.conf
|
||||
- include conf.d/*.conf at end of httpd.conf
|
||||
- trim %%changelog
|
||||
|
||||
* Mon Feb 13 2012 Joe Orton <jorton@redhat.com> - 2.2.22-2
|
||||
- fix build against PCRE 8.30
|
||||
|
||||
@ -656,343 +631,3 @@ rm -rf $RPM_BUILD_ROOT
|
||||
* Sun Apr 04 2010 Robert Scheck <robert@fedoraproject.org> - 2.2.15-1
|
||||
- update to 2.2.15 (#572404, #579311)
|
||||
|
||||
* Thu Dec 3 2009 Joe Orton <jorton@redhat.com> - 2.2.14-1
|
||||
- update to 2.2.14
|
||||
- relax permissions on /var/run/httpd (#495780)
|
||||
- Requires(pre): httpd in mod_ssl subpackage (#543275)
|
||||
- add partial security fix for CVE-2009-3555 (#533125)
|
||||
|
||||
* Tue Oct 27 2009 Tom "spot" Callaway <tcallawa@redhat.com> 2.2.13-4
|
||||
- add additional explanatory text to test page to help prevent legal emails to Fedora
|
||||
|
||||
* Tue Sep 8 2009 Joe Orton <jorton@redhat.com> 2.2.13-2
|
||||
- restart service in posttrans (#491567)
|
||||
|
||||
* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 2.2.13-2
|
||||
- rebuilt with new openssl
|
||||
|
||||
* Tue Aug 18 2009 Joe Orton <jorton@redhat.com> 2.2.13-1
|
||||
- update to 2.2.13
|
||||
|
||||
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.11-10
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
||||
|
||||
* Tue Jun 16 2009 Joe Orton <jorton@redhat.com> 2.2.11-9
|
||||
- build -manual as noarch
|
||||
|
||||
* Tue Mar 17 2009 Joe Orton <jorton@redhat.com> 2.2.11-8
|
||||
- fix pidfile in httpd.logrotate (thanks to Rainer Traut)
|
||||
- don't build mod_mem_cache or mod_file_cache
|
||||
|
||||
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.2.11-7
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
||||
|
||||
* Thu Jan 22 2009 Joe Orton <jorton@redhat.com> 2.2.11-6
|
||||
- Require: apr-util-ldap (#471898)
|
||||
- init script changes: pass pidfile to status(), use status() in
|
||||
condrestart (#480602), support try-restart as alias for
|
||||
condrestart
|
||||
- change /etc/httpd/run symlink to have destination /var/run/httpd,
|
||||
and restore "run/httpd.conf" as default PidFile (#478688)
|
||||
|
||||
* Fri Jan 16 2009 Tomas Mraz <tmraz@redhat.com> 2.2.11-5
|
||||
- rebuild with new openssl
|
||||
|
||||
* Sat Dec 27 2008 Robert Scheck <robert@fedoraproject.org> 2.2.11-4
|
||||
- Made default configuration using /var/run/httpd for pid file
|
||||
|
||||
* Thu Dec 18 2008 Joe Orton <jorton@redhat.com> 2.2.11-3
|
||||
- update to 2.2.11
|
||||
- package new /var/run/httpd directory, and move default pidfile
|
||||
location inside there
|
||||
|
||||
* Tue Oct 21 2008 Joe Orton <jorton@redhat.com> 2.2.10-2
|
||||
- update to 2.2.10
|
||||
|
||||
* Tue Jul 15 2008 Joe Orton <jorton@redhat.com> 2.2.9-5
|
||||
- move AddTypes for SSL cert/CRL types from ssl.conf to httpd.conf (#449979)
|
||||
|
||||
* Mon Jul 14 2008 Joe Orton <jorton@redhat.com> 2.2.9-4
|
||||
- use Charset=UTF-8 in default httpd.conf (#455123)
|
||||
- only enable suexec when appropriate (Jim Radford, #453697)
|
||||
|
||||
* Thu Jul 10 2008 Tom "spot" Callaway <tcallawa@redhat.com> 2.2.9-3
|
||||
- rebuild against new db4 4.7
|
||||
|
||||
* Tue Jul 8 2008 Joe Orton <jorton@redhat.com> 2.2.9-2
|
||||
- update to 2.2.9
|
||||
- build event MPM too
|
||||
|
||||
* Wed Jun 4 2008 Joe Orton <jorton@redhat.com> 2.2.8-4
|
||||
- correct UserDir directive in default config (#449815)
|
||||
|
||||
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 2.2.8-3
|
||||
- Autorebuild for GCC 4.3
|
||||
|
||||
* Tue Jan 22 2008 Joe Orton <jorton@redhat.com> 2.2.8-2
|
||||
- update to 2.2.8
|
||||
- drop mod_imagemap
|
||||
|
||||
* Wed Dec 05 2007 Release Engineering <rel-eng at fedoraproject dot org> - 2.2.6-4
|
||||
- Rebuild for openssl bump
|
||||
|
||||
* Mon Sep 17 2007 Joe Orton <jorton@redhat.com> 2.2.6-3
|
||||
- add fix for SSL library string regression (PR 43334)
|
||||
- use powered-by logo from system-logos (#250676)
|
||||
- preserve timestamps for installed config files
|
||||
|
||||
* Fri Sep 7 2007 Joe Orton <jorton@redhat.com> 2.2.6-2
|
||||
- update to 2.2.6 (#250757, #282761)
|
||||
|
||||
* Sun Sep 2 2007 Joe Orton <jorton@redhat.com> 2.2.4-10
|
||||
- rebuild for fixed APR
|
||||
|
||||
* Wed Aug 22 2007 Joe Orton <jorton@redhat.com> 2.2.4-9
|
||||
- rebuild for expat soname bump
|
||||
|
||||
* Tue Aug 21 2007 Joe Orton <jorton@redhat.com> 2.2.4-8
|
||||
- fix License
|
||||
- require /etc/mime.types (#249223)
|
||||
|
||||
* Thu Jul 26 2007 Joe Orton <jorton@redhat.com> 2.2.4-7
|
||||
- drop -tools dependency on httpd (thanks to Matthias Saou)
|
||||
|
||||
* Wed Jul 25 2007 Joe Orton <jorton@redhat.com> 2.2.4-6
|
||||
- split out utilities into -tools subpackage, based on patch
|
||||
by Jason Tibbs (#238257)
|
||||
|
||||
* Tue Jul 24 2007 Joe Orton <jorton@redhat.com> 2.2.4-5
|
||||
- spec file cleanups: provide httpd-suexec, mod_dav;
|
||||
don't obsolete mod_jk; drop trailing dots from Summaries
|
||||
- init script
|
||||
* add LSB info header, support force-reload (#246944)
|
||||
* update description
|
||||
* drop 1.3 config check
|
||||
* pass $pidfile to daemon and pidfile everywhere
|
||||
|
||||
* Wed May 9 2007 Joe Orton <jorton@redhat.com> 2.2.4-4
|
||||
- update welcome page branding
|
||||
|
||||
* Tue Apr 3 2007 Joe Orton <jorton@redhat.com> 2.2.4-3
|
||||
- drop old triggers, old Requires, xmlto BR
|
||||
- use Requires(...) correctly
|
||||
- use standard BuildRoot
|
||||
- don't mark init script as config file
|
||||
- trim CHANGES further
|
||||
|
||||
* Mon Mar 12 2007 Joe Orton <jorton@redhat.com> 2.2.4-2
|
||||
- update to 2.2.4
|
||||
- drop the migration guide (#223605)
|
||||
|
||||
* Thu Dec 7 2006 Joe Orton <jorton@redhat.com> 2.2.3-8
|
||||
- fix path to instdso.sh in special.mk (#217677)
|
||||
- fix detection of links in "apachectl fullstatus"
|
||||
|
||||
* Tue Dec 5 2006 Joe Orton <jorton@redhat.com> 2.2.3-7
|
||||
- rebuild for libpq soname bump
|
||||
|
||||
* Sat Nov 11 2006 Joe Orton <jorton@redhat.com> 2.2.3-6
|
||||
- rebuild for BDB soname bump
|
||||
|
||||
* Mon Sep 11 2006 Joe Orton <jorton@redhat.com> 2.2.3-5
|
||||
- updated "powered by Fedora" logo (#205573, Diana Fong)
|
||||
- tweak welcome page wording slightly (#205880)
|
||||
|
||||
* Fri Aug 18 2006 Jesse Keating <jkeating@redhat.com> - 2.2.3-4
|
||||
- rebuilt with latest binutils to pick up 64K -z commonpagesize on ppc*
|
||||
(#203001)
|
||||
|
||||
* Thu Aug 3 2006 Joe Orton <jorton@redhat.com> 2.2.3-3
|
||||
- init: use killproc() delay to avoid race killing parent
|
||||
|
||||
* Fri Jul 28 2006 Joe Orton <jorton@redhat.com> 2.2.3-2
|
||||
- update to 2.2.3
|
||||
- trim %%changelog to >=2.0.52
|
||||
|
||||
* Thu Jul 20 2006 Joe Orton <jorton@redhat.com> 2.2.2-8
|
||||
- fix segfault on dummy connection failure at graceful restart (#199429)
|
||||
|
||||
* Wed Jul 19 2006 Joe Orton <jorton@redhat.com> 2.2.2-7
|
||||
- fix "apxs -g"-generated Makefile
|
||||
- fix buildconf with autoconf 2.60
|
||||
|
||||
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2.2.2-5.1
|
||||
- rebuild
|
||||
|
||||
* Wed Jun 7 2006 Joe Orton <jorton@redhat.com> 2.2.2-5
|
||||
- require pkgconfig for -devel (#194152)
|
||||
- fixes for installed support makefiles (special.mk et al)
|
||||
- BR autoconf
|
||||
|
||||
* Fri Jun 2 2006 Joe Orton <jorton@redhat.com> 2.2.2-4
|
||||
- make -devel package multilib-safe (#192686)
|
||||
|
||||
* Thu May 11 2006 Joe Orton <jorton@redhat.com> 2.2.2-3
|
||||
- build DSOs using -z relro linker flag
|
||||
|
||||
* Wed May 3 2006 Joe Orton <jorton@redhat.com> 2.2.2-2
|
||||
- update to 2.2.2
|
||||
|
||||
* Thu Apr 6 2006 Joe Orton <jorton@redhat.com> 2.2.0-6
|
||||
- rebuild to pick up apr-util LDAP interface fix (#188073)
|
||||
|
||||
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - (none):2.2.0-5.1.2
|
||||
- bump again for double-long bug on ppc(64)
|
||||
|
||||
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - (none):2.2.0-5.1.1
|
||||
- rebuilt for new gcc4.1 snapshot and glibc changes
|
||||
|
||||
* Mon Feb 6 2006 Joe Orton <jorton@redhat.com> 2.2.0-5.1
|
||||
- mod_auth_basic/mod_authn_file: if no provider is configured,
|
||||
and AuthUserFile is not configured, decline to handle authn
|
||||
silently rather than failing noisily.
|
||||
|
||||
* Fri Feb 3 2006 Joe Orton <jorton@redhat.com> 2.2.0-5
|
||||
- mod_ssl: add security fix for CVE-2005-3357 (#177914)
|
||||
- mod_imagemap: add security fix for CVE-2005-3352 (#177913)
|
||||
- add fix for AP_INIT_* designated initializers with C++ compilers
|
||||
- httpd.conf: enable HTMLTable in default IndexOptions
|
||||
- httpd.conf: add more "redirect-carefully" matches for DAV clients
|
||||
|
||||
* Thu Jan 5 2006 Joe Orton <jorton@redhat.com> 2.2.0-4
|
||||
- mod_proxy_ajp: fix Cookie handling (Mladen Turk, r358769)
|
||||
|
||||
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
|
||||
- rebuilt
|
||||
|
||||
* Wed Dec 7 2005 Joe Orton <jorton@redhat.com> 2.2.0-3
|
||||
- strip manual to just English content
|
||||
|
||||
* Mon Dec 5 2005 Joe Orton <jorton@redhat.com> 2.2.0-2
|
||||
- don't strip C-L from HEAD responses (Greg Ames, #110552)
|
||||
- load mod_proxy_balancer by default
|
||||
- add proxy_ajp.conf to load/configure mod_proxy_ajp
|
||||
- Obsolete mod_jk
|
||||
- update docs URLs in httpd.conf/ssl.conf
|
||||
|
||||
* Fri Dec 2 2005 Joe Orton <jorton@redhat.com> 2.2.0-1
|
||||
- update to 2.2.0
|
||||
|
||||
* Wed Nov 30 2005 Joe Orton <jorton@redhat.com> 2.1.10-2
|
||||
- enable mod_authn_alias, mod_authn_anon
|
||||
- update default httpd.conf
|
||||
|
||||
* Fri Nov 25 2005 Joe Orton <jorton@redhat.com> 2.1.10-1
|
||||
- update to 2.1.10
|
||||
- require apr >= 1.2.0, apr-util >= 1.2.0
|
||||
|
||||
* Wed Nov 9 2005 Tomas Mraz <tmraz@redhat.com> 2.0.54-16
|
||||
- rebuilt against new openssl
|
||||
|
||||
* Thu Nov 3 2005 Joe Orton <jorton@redhat.com> 2.0.54-15
|
||||
- log notice giving SELinux context at startup if enabled
|
||||
- drop SSLv2 and restrict default cipher suite in default
|
||||
SSL configuration
|
||||
|
||||
* Thu Oct 20 2005 Joe Orton <jorton@redhat.com> 2.0.54-14
|
||||
- mod_ssl: add security fix for SSLVerifyClient (CVE-2005-2700)
|
||||
- add security fix for byterange filter DoS (CVE-2005-2728)
|
||||
- add security fix for C-L vs T-E handling (CVE-2005-2088)
|
||||
- mod_ssl: add security fix for CRL overflow (CVE-2005-1268)
|
||||
- mod_ldap/mod_auth_ldap: add fixes from 2.0.x branch (upstream #34209 etc)
|
||||
- add fix for dummy connection handling (#167425)
|
||||
- mod_auth_digest: fix hostinfo comparison in CONNECT requests
|
||||
- mod_include: fix variable corruption in nested includes (upstream #12655)
|
||||
- mod_ssl: add fix for handling non-blocking reads
|
||||
- mod_ssl: fix to enable output buffering (upstream #35279)
|
||||
- mod_ssl: buffer request bodies for per-location renegotiation (upstream #12355)
|
||||
|
||||
* Sat Aug 13 2005 Joe Orton <jorton@redhat.com> 2.0.54-13
|
||||
- don't load by default: mod_cern_meta, mod_asis
|
||||
- do load by default: mod_ext_filter (#165893)
|
||||
|
||||
* Thu Jul 28 2005 Joe Orton <jorton@redhat.com> 2.0.54-12
|
||||
- drop broken epoch deps
|
||||
|
||||
* Thu Jun 30 2005 Joe Orton <jorton@redhat.com> 2.0.54-11
|
||||
- mod_dav_fs: fix uninitialized variable (#162144)
|
||||
- add epoch to dependencies as appropriate
|
||||
- mod_ssl: drop dependencies on dev, make
|
||||
- mod_ssl: mark post script dependencies as such
|
||||
|
||||
* Mon May 23 2005 Joe Orton <jorton@redhat.com> 2.0.54-10
|
||||
- remove broken symlink (Robert Scheck, #158404)
|
||||
|
||||
* Wed May 18 2005 Joe Orton <jorton@redhat.com> 2.0.54-9
|
||||
- add piped logger fixes (w/Jeff Trawick)
|
||||
|
||||
* Mon May 9 2005 Joe Orton <jorton@redhat.com> 2.0.54-8
|
||||
- drop old "powered by Red Hat" logos
|
||||
|
||||
* Wed May 4 2005 Joe Orton <jorton@redhat.com> 2.0.54-7
|
||||
- mod_userdir: fix memory allocation issue (upstream #34588)
|
||||
- mod_ldap: fix memory corruption issue (Brad Nicholes, upstream #34618)
|
||||
|
||||
* Tue Apr 26 2005 Joe Orton <jorton@redhat.com> 2.0.54-6
|
||||
- fix key/cert locations in post script
|
||||
|
||||
* Mon Apr 25 2005 Joe Orton <jorton@redhat.com> 2.0.54-5
|
||||
- create default dummy cert in /etc/pki/tls
|
||||
- use a pseudo-random serial number on the dummy cert
|
||||
- change default ssl.conf to point at /etc/pki/tls
|
||||
- merge back -suexec subpackage; SELinux policy can now be
|
||||
used to persistently disable suexec (#155716)
|
||||
- drop /etc/httpd/conf/ssl.* directories and Makefiles
|
||||
- unconditionally enable PIE support
|
||||
- mod_ssl: fix for picking up -shutdown options (upstream #34452)
|
||||
|
||||
* Mon Apr 18 2005 Joe Orton <jorton@redhat.com> 2.0.54-4
|
||||
- replace PreReq with Requires(pre)
|
||||
|
||||
* Mon Apr 18 2005 Joe Orton <jorton@redhat.com> 2.0.54-3
|
||||
- update to 2.0.54
|
||||
|
||||
* Tue Mar 29 2005 Joe Orton <jorton@redhat.com> 2.0.53-6
|
||||
- update default httpd.conf:
|
||||
* clarify the comments on AddDefaultCharset usage (#135821)
|
||||
* remove all the AddCharset default extensions
|
||||
* don't load mod_imap by default
|
||||
* synch with upstream 2.0.53 httpd-std.conf
|
||||
- mod_ssl: set user from SSLUserName in access hook (upstream #31418)
|
||||
- htdigest: fix permissions of created files (upstream #33765)
|
||||
- remove htsslpass
|
||||
|
||||
* Wed Mar 2 2005 Joe Orton <jorton@redhat.com> 2.0.53-5
|
||||
- apachectl: restore use of $OPTIONS again
|
||||
|
||||
* Wed Feb 9 2005 Joe Orton <jorton@redhat.com> 2.0.53-4
|
||||
- update to 2.0.53
|
||||
- move prefork/worker modules comparison to %%check
|
||||
|
||||
* Mon Feb 7 2005 Joe Orton <jorton@redhat.com> 2.0.52-7
|
||||
- fix cosmetic issues in "service httpd reload"
|
||||
- move User/Group higher in httpd.conf (#146793)
|
||||
- load mod_logio by default in httpd.conf
|
||||
- apachectl: update for correct libselinux tools locations
|
||||
|
||||
* Tue Nov 16 2004 Joe Orton <jorton@redhat.com> 2.0.52-6
|
||||
- add security fix for CVE CAN-2004-0942 (memory consumption DoS)
|
||||
- SELinux: run httpd -t under runcon in configtest (Steven Smalley)
|
||||
- fix SSLSessionCache comment for distcache in ssl.conf
|
||||
- restart using SIGHUP not SIGUSR1 after logrotate
|
||||
- add ap_save_brigade fix (upstream #31247)
|
||||
- mod_ssl: fix possible segfault in auth hook (upstream #31848)
|
||||
- add htsslpass(1) and configure as default SSLPassPhraseDialog (#128677)
|
||||
- apachectl: restore use of $OPTIONS
|
||||
- apachectl, httpd.init: refuse to restart if $HTTPD -t fails
|
||||
- apachectl: run $HTTPD -t in user SELinux context for configtest
|
||||
- update for pcre-5.0 header locations
|
||||
|
||||
* Sat Nov 13 2004 Jeff Johnson <jbj@redhat.com> 2.0.52-5
|
||||
- rebuild against db-4.3.21 aware apr-util.
|
||||
|
||||
* Thu Nov 11 2004 Jeff Johnson <jbj@jbj.org> 2.0.52-4
|
||||
- rebuild against db-4.3-21.
|
||||
|
||||
* Thu Sep 28 2004 Joe Orton <jorton@redhat.com> 2.0.52-3
|
||||
- add dummy connection address fixes from HEAD
|
||||
- mod_ssl: add security fix for CAN-2004-0885
|
||||
|
||||
* Tue Sep 28 2004 Joe Orton <jorton@redhat.com> 2.0.52-2
|
||||
- update to 2.0.52
|
||||
|
||||
|
@ -1,4 +1,8 @@
|
||||
# Configuration file for the httpd service.
|
||||
#
|
||||
# This file can be used to set additional environment variables
|
||||
# for the httpd process, or pass additional options to the httpd
|
||||
# executable
|
||||
#
|
||||
|
||||
#
|
||||
# To pass additional options (for instance, -D definitions) to the
|
||||
|
@ -2,11 +2,10 @@
|
||||
# This configuration file allows the manual to be accessed at
|
||||
# http://localhost/manual/
|
||||
#
|
||||
AliasMatch ^/manual(?:/(?:de|en|fr|ja|ko|ru))?(/.*)?$ "/var/www/manual$1"
|
||||
AliasMatch ^/manual(?:/(?:de|en|fr|ja|ko|ru))?(/.*)?$ "/usr/share/httpd/manual$1"
|
||||
|
||||
<Directory "/var/www/manual">
|
||||
<Directory "/usr/share/httpd/manual">
|
||||
Options Indexes
|
||||
AllowOverride None
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
Require all granted
|
||||
</Directory>
|
||||
|
2
sources
2
sources
@ -1 +1 @@
|
||||
9fe3093194c8a57f085ff7c3fc43715f httpd-2.2.22.tar.bz2
|
||||
7d3001c7a26b985d17caa367a868f11c httpd-2.4.1.tar.bz2
|
||||
|
39
ssl.conf
39
ssl.conf
@ -1,21 +1,8 @@
|
||||
#
|
||||
# This is the Apache server configuration file providing SSL support.
|
||||
# It contains the configuration directives to instruct the server how to
|
||||
# serve pages over an https connection. For detailing information about these
|
||||
# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>
|
||||
#
|
||||
# Do NOT simply read the instructions in here without understanding
|
||||
# what they do. They're here only as hints or reminders. If you are unsure
|
||||
# consult the online docs. You have been warned.
|
||||
#
|
||||
|
||||
LoadModule ssl_module modules/mod_ssl.so
|
||||
|
||||
#
|
||||
# When we also provide SSL we have to listen to the
|
||||
# the HTTPS port in addition.
|
||||
#
|
||||
Listen 443
|
||||
Listen 443 https
|
||||
|
||||
##
|
||||
## SSL Global Context
|
||||
@ -37,11 +24,6 @@ SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
|
||||
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
|
||||
SSLSessionCacheTimeout 300
|
||||
|
||||
# Semaphore:
|
||||
# Configure the path to the mutual exclusion semaphore the
|
||||
# SSL engine uses internally for inter-process synchronization.
|
||||
SSLMutex default
|
||||
|
||||
# Pseudo Random Number Generator (PRNG):
|
||||
# Configure one or more sources to seed the PRNG of the
|
||||
# SSL library. The seed data should be of good random quality.
|
||||
@ -96,12 +78,19 @@ SSLProtocol all -SSLv2
|
||||
# SSL Cipher Suite:
|
||||
# List the ciphers that the client is permitted to negotiate.
|
||||
# See the mod_ssl documentation for a complete list.
|
||||
SSLCipherSuite RC4-SHA:AES128-SHA:ALL:!ADH:!EXP:!LOW:!MD5:!SSLV2:!NULL
|
||||
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
|
||||
|
||||
# SSL Cipher Honor Order:
|
||||
# On a busy HTTPS server you may want to enable this directive
|
||||
# to force clients to use one of the faster ciphers like RC4-SHA
|
||||
# or AES128-SHA in the order defined by SSLCipherSuite.
|
||||
# Speed-optimized SSL Cipher configuration:
|
||||
# If speed is your main concern (on busy HTTPS servers e.g.),
|
||||
# you might want to force clients to specific, performance
|
||||
# optimized ciphers. In this case, prepend those ciphers
|
||||
# to the SSLCipherSuite list, and enable SSLHonorCipherOrder.
|
||||
# Caveat: by giving precedence to RC4-SHA and AES128-SHA
|
||||
# (as in the example below), most connections will no longer
|
||||
# have perfect forward secrecy - if the server's key is
|
||||
# compromised, captures of past or future traffic must be
|
||||
# considered compromised, too.
|
||||
#SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5
|
||||
#SSLHonorCipherOrder on
|
||||
|
||||
# Server Certificate:
|
||||
@ -215,7 +204,7 @@ SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
|
||||
# Similarly, one has to force some clients to use HTTP/1.0 to workaround
|
||||
# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
|
||||
# "force-response-1.0" for this.
|
||||
SetEnvIf User-Agent ".*MSIE.*" \
|
||||
BrowserMatch "MSIE [2-5]" \
|
||||
nokeepalive ssl-unclean-shutdown \
|
||||
downgrade-1.0 force-response-1.0
|
||||
|
||||
|
36
userdir.conf
Normal file
36
userdir.conf
Normal file
@ -0,0 +1,36 @@
|
||||
#
|
||||
# UserDir: The name of the directory that is appended onto a user's home
|
||||
# directory if a ~user request is received.
|
||||
#
|
||||
# The path to the end user account 'public_html' directory must be
|
||||
# accessible to the webserver userid. This usually means that ~userid
|
||||
# must have permissions of 711, ~userid/public_html must have permissions
|
||||
# of 755, and documents contained therein must be world-readable.
|
||||
# Otherwise, the client will only receive a "403 Forbidden" message.
|
||||
#
|
||||
<IfModule mod_userdir.c>
|
||||
#
|
||||
# UserDir is disabled by default since it can confirm the presence
|
||||
# of a username on the system (depending on home directory
|
||||
# permissions).
|
||||
#
|
||||
UserDir disabled
|
||||
|
||||
#
|
||||
# To enable requests to /~user/ to serve the user's public_html
|
||||
# directory, remove the "UserDir disabled" line above, and uncomment
|
||||
# the following line instead:
|
||||
#
|
||||
#UserDir public_html
|
||||
</IfModule>
|
||||
|
||||
#
|
||||
# Control access to UserDir directories. The following is an example
|
||||
# for a site where these directories are restricted to read-only.
|
||||
#
|
||||
<Directory "/home/*/public_html">
|
||||
AllowOverride FileInfo AuthConfig Limit Indexes
|
||||
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
|
||||
Require method GET POST OPTIONS
|
||||
</Directory>
|
||||
|
17
welcome.conf
17
welcome.conf
@ -1,11 +1,18 @@
|
||||
#
|
||||
# This configuration file enables the default "Welcome"
|
||||
# page if there is no default index page present for
|
||||
# the root URL. To disable the Welcome page, comment
|
||||
# out all the lines below.
|
||||
# This configuration file enables the default "Welcome" page if there
|
||||
# is no default index page present for the root URL. To disable the
|
||||
# Welcome page, comment out all the lines below.
|
||||
#
|
||||
# NOTE: if this file is removed, it will be restored on upgrades.
|
||||
#
|
||||
<LocationMatch "^/+$">
|
||||
Options -Indexes
|
||||
ErrorDocument 403 /error/noindex.html
|
||||
ErrorDocument 403 /.noindex.html
|
||||
</LocationMatch>
|
||||
|
||||
<Directory /usr/share/httpd/noindex>
|
||||
AllowOverride None
|
||||
Require all granted
|
||||
</Directory>
|
||||
|
||||
Alias /.noindex.html /usr/share/httpd/noindex/index.html
|
||||
|
Loading…
Reference in New Issue
Block a user