Fixed a few bugzilla items & version/security bump.

author: Donny Davies <woodchip@gentoo.org> 2003-10-30 17:51:24 +0000
committer: Donny Davies <woodchip@gentoo.org> 2003-10-30 17:51:24 +0000
commit: ddbf8154088820ea3463a0224283b08d777cf6d0 (patch)
tree: 84358986512f45275190587af6872f3022f98bbf /net-www/apache
parent: Fixed a few bugzilla items & version/security bump. (diff)
download: gentoo-2-ddbf8154088820ea3463a0224283b08d777cf6d0.tar.gz
gentoo-2-ddbf8154088820ea3463a0224283b08d777cf6d0.tar.bz2
gentoo-2-ddbf8154088820ea3463a0224283b08d777cf6d0.zip
10 files changed, 514 insertions, 22 deletions
diff --git a/net-www/apache/ChangeLog b/net-www/apache/ChangeLog
index 23affacae4fa..388f56e7c512 100644
--- a/net-www/apache/ChangeLog
+++ b/net-www/apache/ChangeLog
@@ -1,6 +1,17 @@
 # ChangeLog for net-www/apache
 # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-www/apache/ChangeLog,v 1.74 2003/10/30 15:44:07 weeve Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-www/apache/ChangeLog,v 1.75 2003/10/30 17:51:18 woodchip Exp $
+
+*apache-2.0.48 (30 Oct 2003)
+
+  30 Oct 2003; Donny Davies <woodchip@gentoo.org> apache-2.0.48.ebuild,
+  files/apache-2.0.48-gentoo.diff, files/2.0.40/40_mod_ssl.conf,
+  files/2.0.40/apache2-builtin-mods, files/2.0.40/apache2.initd,
+  files/2.0.40/vhosts.con, files/apache.rc6:
+  Bump for security fixes.  Remove dupe 'mod_alias' from apache2-builtin-mods.
+  Re-diff our patch; added two mod_ssl fixes from Rawhide and fix hardcoded
+  path to /usr/sbin/suexec2.  Fix/close #31427, #32035, #31787, #31503, #30161.
+  Added comments to the patchfile (please maintain these).
 
   30 Oct 2003; Jason Wever <weeve@gentoo.org> apache-2.0.47.ebuild:
   Marked stable for sparc.
diff --git a/net-www/apache/Manifest b/net-www/apache/Manifest
index e7645d61ec67..d31894615161 100644
--- a/net-www/apache/Manifest
+++ b/net-www/apache/Manifest
@@ -1,7 +1,7 @@
-MD5 a729abd9e1fa180f0c556627fa9cda97 apache-2.0.48.ebuild 10711
+MD5 90b7174ec6fa48a662d48ae3c0a08844 apache-2.0.48.ebuild 10707
 MD5 246f3d374581e892615e2e5c8cb59e2a apache-1.3.27-r3.ebuild 7884
 MD5 03c997dee35fcd0c56d77294ef557ab0 apache-2.0.47.ebuild 11434
-MD5 f150dafb85a4d5eba46fd513c265ffbe ChangeLog 15339
+MD5 c227444ed676efe718c6e78835bad590 ChangeLog 15342
 MD5 09fa626c00f029bdfb266b1e5d16193e apache-1.3.28-r1.ebuild 7905
 MD5 bd80c41f0d8d92374c3712c4cac4d2ff metadata.xml 503
 MD5 235d2261cabdf2fbf72bee4b0ddd519f apache-2.0.47-r1.ebuild 10711
@@ -20,7 +20,7 @@ MD5 78ec0e944bbdb4246ed75478e6d8e52a files/digest-apache-2.0.47-r1 65
 MD5 5dbbb01b1f4e39ff052a49389caa76ed files/apache-1.3.27_db4_gentoo.patch 956
 MD5 43283cd264b5b1a6b3e5a4adba5ee2c1 files/apache-2.0.48-gentoo.diff 5905
 MD5 f2c60b199c12729b25716ed451a24e38 files/apache-2.0.44-gentoo.diff 4895
-MD5 54819d4905ff8b382b722e57b7e6f68c files/apache.rc6 1039
+MD5 bbbaadd120cba9ffe9ace07f4c8105aa files/apache.rc6 1039
 MD5 998b4b7df08eb15641e0b9132443b365 files/apache-1.3.27-apachectl.patch 1328
 MD5 8d790bf68c47c08951c761815cd66a1c files/apachelogserverstatus 4763
 MD5 df54361aa8754197cf3bafe99d32c7ec files/robots.txt 340
@@ -44,7 +44,7 @@ MD5 819ee444395cf42ccc8009529a94af37 files/2.0.40/45_mod_dav.conf 583
 MD5 50b76a8df795c79378c02f1edea750a4 files/2.0.40/46_mod_ldap.conf 902
 MD5 b610d37fd521de1f8fc782069e165969 files/2.0.40/apache2logserverstatus 4652
 MD5 a14d8565fd5ca2b5753799477a85b1af files/2.0.40/apache2splitlogfile 4844
-MD5 8da38257300972c66c6aa81128b854cd files/2.0.40/apache2-builtin-mods 2213
+MD5 3dfd53805dfe77a12507c3af371dbeae files/2.0.40/apache2-builtin-mods 2213
 MD5 b335411e582a8fd58aacf2f35e75291f files/2.0.40/gentestcrt.sh 8805
 MD5 9375735d739344987fe4b2a3990de273 files/2.0.40/highperformance.conf 1959
 MD5 5c47dec8c730edf1cb755b581327bd49 files/2.0.40/httpd.conf 35481
@@ -52,7 +52,7 @@ MD5 0055923f696c9ba3be7eeb5518603d40 files/2.0.40/ssl.conf 11082
 MD5 1d10cc98714a34ddc38525743c2989f9 files/2.0.40/41_mod_ssl.default-vhost.conf 8053
 MD5 9a54f9faa53622b7db4b7e119016c549 files/2.0.40/commonapache2.conf 31777
 MD5 7648aa0e65d9bfd6ee5dc7109bc94fbc files/2.0.40/apache2.confd 784
-MD5 1b11facb60817cc8c81731bf91511160 files/2.0.40/apache2.initd 1140
+MD5 96870fc583bbab847ef92d446902d4e5 files/2.0.40/apache2.initd 1140
 MD5 66bf65c4f0a2072d612b781599515807 files/2.0.40/apache2.conf 7649
 MD5 d9e0ecfbc1591486a698494a388b091c files/2.0.40/vhosts.conf 1695
 MD5 b69bf7c3126e471a2abff013e716367f files/2.0.40/virtual-homepages.conf 780
diff --git a/net-www/apache/apache-2.0.48.ebuild b/net-www/apache/apache-2.0.48.ebuild
new file mode 100644
index 000000000000..3a6e859f68da
--- /dev/null
+++ b/net-www/apache/apache-2.0.48.ebuild
@@ -0,0 +1,338 @@
+# Copyright 1999-2003 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-www/apache/apache-2.0.48.ebuild,v 1.1 2003/10/30 17:51:18 woodchip Exp $
+
+inherit flag-o-matic
+has_version =sys-libs/glibc-2.2* && filter-flags -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE
+
+DESCRIPTION="Apache Web Server, Version 2.0.x"
+HOMEPAGE="http://www.apache.org/"
+
+S="${WORKDIR}/httpd-${PV}"
+SRC_URI="http://www.apache.org/dist/httpd/httpd-${PV}.tar.gz"
+KEYWORDS="x86 ~ppc ~alpha ~hppa ~mips ~sparc ~amd64"
+LICENSE="Apache-1.1"
+SLOT="2"
+
+#Standard location for Gentoo Linux
+DATADIR="/var/www/localhost"
+
+DEPEND="dev-util/yacc
+	dev-lang/perl
+	sys-libs/zlib
+	dev-libs/expat
+	dev-libs/openssl
+	berkdb? sys-libs/db
+	gdbm? sys-libs/gdbm
+	ldap? =net-nds/openldap-2*"
+IUSE="berkdb gdbm ldap"
+
+src_unpack() {
+	unpack ${A} || die
+	cd ${S} || die
+	patch -p1 <${FILESDIR}/apache-2.0.48-gentoo.diff || die
+
+	#avoid utf-8 charset problems
+	export LC_CTYPE=C
+
+	#the -1 shortcut is obsolete
+	perl -pi -e 's|head -1|head -n 1|;' srclib/apr/build/buildcheck.sh
+
+	#give it the stamp
+	perl -pi -e 's|" PLATFORM "|Gentoo/Linux|;' server/core.c
+	#fix perl with perl!
+	find -type f | xargs perl -pi -e \
+		"s|/usr/local/bin/perl|/usr/bin/perl|g; \
+		s|/usr/local/bin/perl5|/usr/bin/perl|g; \
+		s|/path/to/bin/perl|/usr/bin/perl|g;"
+	#dont want this cruft in /usr/bin
+	perl -pi -e 's|\@exp_bindir\@(/envvars)|\@exp_installbuilddir\@\1|;' \
+		support/apachectl.in
+
+	#setup the filesystem layout config
+	local prefix=/usr
+	cat >>config.layout <<-EOF
+	<Layout Gentoo>
+	prefix:          ${prefix}
+	exec_prefix:     ${prefix}
+	bindir:          ${prefix}/bin
+	sbindir:         ${prefix}/sbin
+	libdir:          ${prefix}/lib
+	libexecdir:      ${prefix}/lib/apache2
+	mandir:          ${prefix}/share/man
+	infodir:         ${prefix}/share/info
+	includedir:      ${prefix}/include/apache2
+	installbuilddir: ${prefix}/lib/apache2/build
+	datadir:         ${DATADIR}
+	errordir:        ${DATADIR}/error
+	iconsdir:        ${DATADIR}/icons
+	htdocsdir:       ${DATADIR}/htdocs
+	cgidir:          ${DATADIR}/cgi-bin
+	manualdir:       /usr/share/doc/${PF}/manual
+	sysconfdir:      /etc/apache2/conf
+	localstatedir:   /var
+	runtimedir:      /var/run
+	logfiledir:      /var/log/apache2
+	proxycachedir:   /var/cache/apache2
+	</Layout>
+	EOF
+
+	#gotta do these next two as well :\
+	cat >>srclib/apr/config.layout <<-EOF
+	<Layout Gentoo>
+	prefix:          ${prefix}
+	exec_prefix:     ${prefix}
+	bindir:          ${prefix}/bin
+	sbindir:         ${prefix}/sbin
+	libdir:          ${prefix}/lib
+	libexecdir:      ${prefix}/lib/apache2
+	mandir:          ${prefix}/share/man
+	sysconfdir:      /etc/apache2/conf
+	datadir:         ${DATADIR}
+	installbuilddir: ${prefix}/lib/apache2/build
+	includedir:      ${prefix}/include/apache2
+	localstatedir:   /var
+	libsuffix:       -\${APR_MAJOR_VERSION}
+	</Layout>
+	EOF
+
+	cat >>srclib/apr-util/config.layout <<-EOF
+	<Layout Gentoo>
+	prefix:          ${prefix}
+	exec_prefix:     ${prefix}
+	bindir:          ${prefix}/bin
+	sbindir:         ${prefix}/sbin
+	libdir:          ${prefix}/lib
+	libexecdir:      ${prefix}/lib/apache2
+	mandir:          ${prefix}/share/man
+	sysconfdir:      /etc/apache2/conf
+	datadir:         ${DATADIR}
+	installbuilddir: ${prefix}/lib/apache2/build
+	includedir:      ${prefix}/include/apache2
+	localstatedir:   /var
+	libsuffix:       -\${APRUTIL_MAJOR_VERSION}
+	</Layout>
+	EOF
+
+	./buildconf || die "buildconf failed"
+}
+
+src_compile() {
+	local myconf
+	use ldap && \
+		myconf="--with-ldap --enable-auth-ldap=shared --enable-ldap=shared"
+
+	select_modules_config || die "determining modules"
+
+	SSL_BASE="SYSTEM" \
+	./configure \
+		--with-suexec-safepath="/usr/local/bin:/usr/bin:/bin" \
+		--with-suexec-logfile=/var/log/apache2/suexec_log \
+		--with-suexec-bin=/usr/sbin/suexec2 \
+		--with-suexec-userdir=public_html \
+		--with-suexec-caller=apache \
+		--with-suexec-docroot=/home \
+		--with-suexec-uidmin=1000 \
+		--with-suexec-gidmin=100 \
+		--with-suexec-umask=077 \
+		--enable-suexec=shared \
+		\
+		${MY_BUILTINS} \
+		\
+		--with-perl=/usr/bin/perl \
+		--with-expat=/usr \
+		--with-ssl=/usr \
+		--with-z=/usr \
+		--with-port=80 \
+		--with-mpm=${MPM:=prefork} \
+		--enable-layout=Gentoo \
+		--with-program-name=apache2 \
+		--host=${CHOST} ${myconf} || die "bad ./configure"
+		#--with-mpm={worker|prefork|perchild|leader|threadpool}
+
+	emake || die "problem compiling Apache2 :("
+
+	#build ssl version of apache bench (ab-ssl)
+	cd support; rm -f ab .libs/ab ab.lo ab.o
+	make ab CFLAGS="${CFLAGS} -DUSE_SSL -lcrypto -lssl \
+		-I/usr/include/openssl -L/usr/lib" || die
+	mv ab ab-ssl; mv .libs/ab .libs/ab-ssl; rm -f ab.lo ab.o
+	make ab || die
+}
+
+src_install () {
+	local i
+	make DESTDIR=${D} install || die
+	dodoc ABOUT_APACHE CHANGES INSTALL LAYOUT \
+		LICENSE README* ${FILESDIR}/robots.txt
+
+	#bogus values pointing at /var/tmp/portage
+	perl -pi -e "s/(APR_SOURCE_DIR=).*/\1\"\"/" ${D}/usr/bin/apr-config
+	perl -pi -e "s/(APU_SOURCE_DIR=).*/\1\"\"/" ${D}/usr/bin/apu-config
+	perl -pi -e "s/(APU_BUILD_DIR=).*/\1\"\"/" ${D}/usr/bin/apu-config
+
+	#protect the suexec binary
+	local gid=`getent group apache |cut -d: -f3`
+	[ -z "${gid}" ] && gid=81
+	fowners root.${gid} /usr/sbin/suexec
+	fperms 4710 /usr/sbin/suexec
+
+	#setup links in /etc/apache2
+	cd ${D}/etc/apache2
+	ln -sf ../../usr/lib/apache2 modules
+	#apxs needs this to pickup the right lib for install
+	ln -sf ../../usr/lib lib
+	ln -sf ../../var/log/apache2 logs
+	ln -sf ../../usr/lib/apache2-extramodules extramodules
+	cd ${S}
+
+	#Credits to advx.org people for these scripts. Heck, thanks for
+	#the nice layout and everything else ;-)
+	exeinto /usr/sbin
+	for i in apache2logserverstatus apache2splitlogfile
+	do
+		doexe ${FILESDIR}/2.0.40/$i
+	done
+	exeinto /usr/lib/ssl/apache2-mod_ssl
+	doexe ${FILESDIR}/2.0.40/gentestcrt.sh
+
+	#some more scripts
+	exeinto /usr/sbin
+	for i in split-logfile list_hooks.pl logresolve.pl log_server_status
+	do
+		doexe ${S}/support/$i
+	done
+	#the ssl version of apache bench
+	doexe support/.libs/ab-ssl
+
+	#move some mods to extramodules
+	dodir /usr/lib/apache2-extramodules
+	for i in mod_ssl.so mod_ldap.so mod_auth_ldap.so
+	do
+		[ -x ${D}/usr/lib/apache2/$i ] && \
+		mv ${D}/usr/lib/apache2/$i ${D}/usr/lib/apache2-extramodules
+	done
+
+	#modules.d config file snippets
+	insinto /etc/apache2/conf/modules.d
+	for i in 40_mod_ssl.conf 41_mod_ssl.default-vhost.conf 45_mod_dav.conf
+	do
+		doins ${FILESDIR}/2.0.40/$i
+	done
+	use ldap && doins ${FILESDIR}/2.0.40/46_mod_ldap.conf
+
+	#drop in a convenient link to the manual
+	dosym /usr/share/doc/${PF}/manual ${DATADIR}/htdocs/manual
+
+	#SLOT=2!!!
+	cd ${D}
+	mv -v usr/sbin/apachectl usr/sbin/apache2ctl
+	mv -v usr/sbin/htdigest usr/sbin/htdigest2
+	mv -v usr/sbin/htpasswd usr/sbin/htpasswd2
+	mv -v usr/sbin/logresolve usr/sbin/logresolve2
+	mv -v usr/sbin/apxs usr/sbin/apxs2
+	mv -v usr/sbin/ab usr/sbin/ab2
+	mv -v usr/sbin/ab-ssl usr/sbin/ab2-ssl
+	mv -v usr/sbin/suexec usr/sbin/suexec2
+	mv -v usr/sbin/rotatelogs usr/sbin/rotatelogs2
+	mv -v usr/sbin/dbmmanage usr/sbin/dbmmanage2
+	mv -v usr/sbin/checkgid usr/sbin/checkgid2
+	mv -v usr/sbin/split-logfile usr/sbin/split-logfile2
+	mv -v usr/sbin/list_hooks.pl usr/sbin/list_hooks2.pl
+	mv -v usr/sbin/logresolve.pl usr/sbin/logresolve2.pl
+	mv -v usr/sbin/log_server_status usr/sbin/log_server_status2
+	mv -v usr/share/man/man1/htdigest.1 usr/share/man/man1/htdigest2.1
+	mv -v usr/share/man/man1/htpasswd.1 usr/share/man/man1/htpasswd2.1
+	mv -v usr/share/man/man1/dbmmanage.1 usr/share/man/man1/dbmmanage2.1
+	mv -v usr/share/man/man8/ab.8 usr/share/man/man8/ab2.8
+	mv -v usr/share/man/man8/apxs.8 usr/share/man/man8/apxs2.8
+	mv -v usr/share/man/man8/apachectl.8 usr/share/man/man8/apache2ctl.8
+	mv -v usr/share/man/man8/httpd.8 usr/share/man/man8/apache2.8
+	mv -v usr/share/man/man8/logresolve.8 usr/share/man/man8/logresolve2.8
+	mv -v usr/share/man/man8/rotatelogs.8 usr/share/man/man8/rotatelogs2.8
+	mv -v usr/share/man/man8/suexec.8 usr/share/man/man8/suexec2.8
+
+	#tidy up
+	mv ${D}/usr/sbin/envvars* ${D}/usr/lib/apache2/build
+	dodoc ${D}/etc/apache2/conf/*-std.conf
+	rm -f ${D}/etc/apache2/conf/*.conf
+	rm -rf ${D}/var/run ${D}/var/log
+
+	#config files
+	insinto /etc/conf.d; newins ${FILESDIR}/2.0.40/apache2.confd apache2
+	exeinto /etc/init.d; newexe ${FILESDIR}/2.0.40/apache2.initd apache2
+	insinto /etc/apache2; doins ${FILESDIR}/2.0.40/apache2-builtin-mods
+	insinto /etc/apache2/conf
+	doins ${FILESDIR}/2.0.40/commonapache2.conf
+	doins ${FILESDIR}/2.0.40/apache2.conf
+	insinto /etc/apache2/conf/vhosts
+	doins ${FILESDIR}/2.0.40/virtual-homepages.conf
+	doins ${FILESDIR}/2.0.40/dynamic-vhosts.conf
+	doins ${FILESDIR}/2.0.40/vhosts.conf
+
+	# Added by Jason Wever <weeve@gentoo.org>
+	# A little sedfu to fix bug #7172 for sparc64s
+	if [ ${ARCH} = "sparc" ]
+	then
+		sed -i -e '13a\AcceptMutex fcntl' \
+			${D}/etc/apache2/conf/apache2.conf
+	fi
+}
+
+parse_modules_config() {
+	local filename=$1
+	local name=""
+	local dso=""
+	local disable=""
+	[ -f ${filename} ] || return 1
+	for i in `cat $filename | sed "s/^#.*//"` ; do
+		if [ $i == "-" ] ; then
+			disable="true"
+		elif [ -z "$name" ] && [ ! -z "`echo $i | grep "mod_"`" ] ; then
+			name=`echo $i | sed "s/mod_//"`
+		elif [ "$disable" ] && ( [ $i == "static" ] || [ $i == "shared" ] ) ; then
+			MY_BUILTINS="${MY_BUILTINS} --disable-$name"
+			name="" ; disable=""
+		elif [ $i == "static" ] ; then
+			MY_BUILTINS="${MY_BUILTINS} --enable-$name=yes"
+			name="" ; disable=""
+		elif [ $i == "shared" ] ; then
+			MY_BUILTINS="${MY_BUILTINS} --enable-$name=shared"
+			name="" ; disable=""
+		fi
+	done
+	einfo "${filename} options:\n${MY_BUILTINS}"
+}
+
+select_modules_config() {
+	parse_modules_config /etc/apache2/apache2-builtin-mods || \
+	parse_modules_config ${FILESDIR}/2.0.40/apache2-builtin-mods || \
+	return 1
+}
+
+pkg_postinst() {
+	#empty dirs...
+	install -d -m0755 -o apache -g apache ${ROOT}/var/lib/dav
+	install -d -m0755 -o root -g root ${ROOT}/var/log/apache2
+	install -d -m0755 -o root -g root ${ROOT}/var/cache/apache2
+	install -d -m0755 -o root -g root ${ROOT}/etc/apache2/conf/ssl
+
+	cd ${ROOT}/etc/apache2/conf/ssl
+	einfo
+	einfo "Generating self-signed test certificate in /etc/apache2/conf/ssl..."
+	yes "" 2>/dev/null | ${ROOT}/usr/lib/ssl/apache2-mod_ssl/gentestcrt.sh >/dev/null 2>&1
+	einfo
+
+	if has_version '=net-www/apache-1*' ; then
+	ewarn
+	ewarn "Please add the 'apache2' flag to your USE variable and (re)install"
+	ewarn "any additional DSO modules you may wish to use with Apache-2.x."
+	ewarn "Addon modules are configured in /etc/apache2/conf/modules.d/"
+	ewarn
+	fi
+
+	einfo
+	einfo "Please remember to update your config files in /etc/apache2"
+	einfo "as --datadir has been changed to ${DATADIR}!"
+	einfo
+}
diff --git a/net-www/apache/files/2.0.40/40_mod_ssl.conf b/net-www/apache/files/2.0.40/40_mod_ssl.conf
index 2db5457d3b17..196b1bff5304 100644
--- a/net-www/apache/files/2.0.40/40_mod_ssl.conf
+++ b/net-www/apache/files/2.0.40/40_mod_ssl.conf
@@ -33,13 +33,6 @@
 
 Listen 443
 
-#
-# Dynamic Shared Object (DSO) Support
-#
-# To be able to use the functionality of a module which was built as a DSO you
-#    ErrorLog logs/dummy-host.example.com-error_log
-#    CustomLog logs/dummy-host.example.com-access_log common
-
 ##
 ##  SSL Global Context
 ##
diff --git a/net-www/apache/files/2.0.40/apache2-builtin-mods b/net-www/apache/files/2.0.40/apache2-builtin-mods
index ab80ad525062..5eac55c3044e 100644
--- a/net-www/apache/files/2.0.40/apache2-builtin-mods
+++ b/net-www/apache/files/2.0.40/apache2-builtin-mods
@@ -1,4 +1,4 @@
-# $Header: /var/cvsroot/gentoo-x86/net-www/apache/files/2.0.40/apache2-builtin-mods,v 1.3 2003/02/23 19:39:22 woodchip Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-www/apache/files/2.0.40/apache2-builtin-mods,v 1.4 2003/10/30 17:51:18 woodchip Exp $
 #
 # This file will be installed into /etc/apache2 when you first emerge
 # Apache2.  If/when you upgrade, it will be consulted for your options,
@@ -75,5 +75,4 @@ mod_dir shared
 mod_imap shared
 mod_actions shared
 mod_userdir shared
-mod_alias shared
 mod_so static
diff --git a/net-www/apache/files/2.0.40/apache2.initd b/net-www/apache/files/2.0.40/apache2.initd
index ff98a2984df9..c0cb071d60ab 100644
--- a/net-www/apache/files/2.0.40/apache2.initd
+++ b/net-www/apache/files/2.0.40/apache2.initd
@@ -1,7 +1,7 @@
 #!/sbin/runscript
 # Copyright 1999-2003 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-www/apache/files/2.0.40/apache2.initd,v 1.10 2003/09/25 02:20:48 woodchip Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-www/apache/files/2.0.40/apache2.initd,v 1.11 2003/10/30 17:51:18 woodchip Exp $
 
 opts="${opts} reload"
 
@@ -14,7 +14,7 @@ depend() {
 start() {
 	ebegin "Starting apache2"
 	[ -f /var/log/apache2/ssl_scache ] && rm /var/log/apache2/ssl_scache
-	start-stop-daemon --quiet --start --startas /usr/sbin/apache2 \
+	env -i start-stop-daemon --quiet --start --startas /usr/sbin/apache2 \
 		--pidfile /var/run/apache2.pid -- -k start ${APACHE2_OPTS}
 	eend $?
 }
diff --git a/net-www/apache/files/2.0.40/vhosts.conf b/net-www/apache/files/2.0.40/vhosts.conf
index 1be1cd8a7371..36d1b2717f01 100644
--- a/net-www/apache/files/2.0.40/vhosts.conf
+++ b/net-www/apache/files/2.0.40/vhosts.conf
@@ -3,7 +3,7 @@
 #
 #Since Apache 1.3.19, we modified the setup to include some nice tricks:
 #
-#- We added the User and Group directives so VirtualHosts now work with
+#- Added SuExecUserGroup [user] [group] directive so VirtualHosts now work with
 #  suexec directive. If set, Apache will run all cgi scripts under that
 #  user and group (provided the uid and gid are > 1000 for security). The
 #  directories and cgi files *must* belong to that user/group for the
@@ -22,8 +22,7 @@
 
 ################# IP-based Virtual Hosts 
 #<VirtualHost 192.168.2.100>
-#User jmdault
-#Group jmdault
+#SuExecUserGroup jmdault jmdault
 #DocumentRoot /home/jmdault/public_html
 #ServerName test2.com
 #Setenv VLOG /home/jmdault/logs
diff --git a/net-www/apache/files/apache-2.0.48-gentoo.diff b/net-www/apache/files/apache-2.0.48-gentoo.diff
new file mode 100644
index 000000000000..6c5c02193543
--- /dev/null
+++ b/net-www/apache/files/apache-2.0.48-gentoo.diff
@@ -0,0 +1,151 @@
+- enable the checks that the suexec wrapper is a setuid root binary;
+  so if people turn off setuid on the binary, suexec won't be enabled.
+
+- fix hardcoded path to suexec2
+
+- remove checks requiring /usr/sbin/httpd to be present: this is
+  unnecessary, we know that httpd contains mod_so, and only the
+  httpd-devel package should be required to build modules.
+
+- Allow startup after unclean shutdown: remove mutex before
+  creating it, use anonymous shm in shmcb.
+
+- allow server/exports.c to be generated in a parallel build successfully
+
+- ensure that when mod_ssl is unloaded, libcrypto doesn't still have the
+  thread_id callback pointing at a mod_ssl function.
+
+- make apache2ctl source /etc/conf.d/apache2 for startup options
+
+
+diff -uNr httpd-2.0.48/include/httpd.h httpd-2.0.48-gentoo/include/httpd.h
+--- httpd-2.0.48/include/httpd.h	2003-10-24 12:19:31.000000000 -0400
++++ httpd-2.0.48-gentoo/include/httpd.h	2003-10-29 21:58:46.000000000 -0500
+@@ -180,7 +180,7 @@
+ 
+ /* The path to the suExec wrapper, can be overridden in Configuration */
+ #ifndef SUEXEC_BIN
+-#define SUEXEC_BIN  HTTPD_ROOT "/bin/suexec"
++#define SUEXEC_BIN  "/usr/sbin/suexec2"
+ #endif
+ 
+ /* The timeout for waiting for messages */
+diff -uNr httpd-2.0.48/modules/ssl/ssl_engine_mutex.c httpd-2.0.48-gentoo/modules/ssl/ssl_engine_mutex.c
+--- httpd-2.0.48/modules/ssl/ssl_engine_mutex.c	2003-09-15 21:00:06.000000000 -0400
++++ httpd-2.0.48-gentoo/modules/ssl/ssl_engine_mutex.c	2003-10-29 22:04:22.000000000 -0500
+@@ -74,6 +74,8 @@
+     if (mc->nMutexMode == SSL_MUTEXMODE_NONE) 
+         return TRUE;
+ 
++    apr_file_remove(mc->szMutexFile, p);
++
+     if ((rv = apr_global_mutex_create(&mc->pMutex, mc->szMutexFile,
+                                 mc->nMutexMech, p)) != APR_SUCCESS) {
+         if (mc->szMutexFile)
+diff -uNr httpd-2.0.48/modules/ssl/ssl_scache_shmcb.c httpd-2.0.48-gentoo/modules/ssl/ssl_scache_shmcb.c
+--- httpd-2.0.48/modules/ssl/ssl_scache_shmcb.c	2003-02-03 12:31:54.000000000 -0500
++++ httpd-2.0.48-gentoo/modules/ssl/ssl_scache_shmcb.c	2003-10-29 22:04:22.000000000 -0500
+@@ -375,7 +375,7 @@
+ 
+     if ((rv = apr_shm_create(&(mc->pSessionCacheDataMM), 
+                              mc->nSessionCacheDataSize, 
+-                             mc->szSessionCacheDataFile,
++                             NULL,
+                              mc->pPool)) != APR_SUCCESS) {
+         char buf[100];
+         ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
+diff -uNr httpd-2.0.48/modules/ssl/ssl_util.c httpd-2.0.48-gentoo/modules/ssl/ssl_util.c
+--- httpd-2.0.48/modules/ssl/ssl_util.c	2003-05-16 14:12:19.000000000 -0400
++++ httpd-2.0.48-gentoo/modules/ssl/ssl_util.c	2003-10-29 23:06:06.000000000 -0500
+@@ -455,6 +455,8 @@
+ {
+     CRYPTO_set_locking_callback(NULL);
+ 
++    CRYPTO_set_id_callback(NULL);
++
+     /* Let the registered mutex cleanups do their own thing 
+      */
+     return APR_SUCCESS;
+diff -uNr httpd-2.0.48/os/unix/unixd.c httpd-2.0.48-gentoo/os/unix/unixd.c
+--- httpd-2.0.48/os/unix/unixd.c	2003-09-15 21:00:06.000000000 -0400
++++ httpd-2.0.48-gentoo/os/unix/unixd.c	2003-10-29 21:57:35.000000000 -0500
+@@ -243,23 +243,20 @@
+ 
+ AP_DECLARE(void) unixd_pre_config(apr_pool_t *ptemp)
+ {
+-    apr_finfo_t wrapper;
++    struct stat wrapper;
+ 
+     unixd_config.user_name = DEFAULT_USER;
+     unixd_config.user_id = ap_uname2id(DEFAULT_USER);
+     unixd_config.group_id = ap_gname2id(DEFAULT_GROUP);
+ 
+     /* Check for suexec */
+-    unixd_config.suexec_enabled = 0;
+-    if ((apr_stat(&wrapper, SUEXEC_BIN, 
+-                  APR_FINFO_NORM, ptemp)) != APR_SUCCESS) {
+-        return;
+-    }
+-
+-    /* XXX - apr_stat is incapable of checking suid bits (grumble) */
+-    /* if ((wrapper.filetype & S_ISUID) && wrapper.user == 0) { */
++    if (stat(SUEXEC_BIN, &wrapper) == 0 && 
++	(wrapper.st_mode & S_ISUID) && wrapper.st_uid == 0) {
+         unixd_config.suexec_enabled = 1;
+-    /* } */
++    } else {
++	unixd_config.suexec_enabled = 0;
++    }
++    
+ }
+ 
+ 
+diff -uNr httpd-2.0.48/server/Makefile.in httpd-2.0.48-gentoo/server/Makefile.in
+--- httpd-2.0.48/server/Makefile.in	2003-03-11 10:41:55.000000000 -0500
++++ httpd-2.0.48-gentoo/server/Makefile.in	2003-10-29 22:07:41.000000000 -0500
+@@ -70,6 +70,9 @@
+ # wtf does this have to be explicit????
+ exports.lo: exports.c
+ 
++# Needed to allow exports.c to be generated in a parallel build successfully
++.NOTPARALLEL: $(top_builddir)/server/exports.c
++
+ # Rule to make def file for OS/2 core dll
+ ApacheCoreOS2.def: exports.c export_vars.h $(top_srcdir)/os/$(OS_DIR)/core_header.def
+ 	cat $(top_srcdir)/os/$(OS_DIR)/core_header.def > $@
+diff -uNr httpd-2.0.48/support/apachectl.in httpd-2.0.48-gentoo/support/apachectl.in
+--- httpd-2.0.48/support/apachectl.in	2003-02-03 12:32:08.000000000 -0500
++++ httpd-2.0.48-gentoo/support/apachectl.in	2003-10-29 23:08:58.000000000 -0500
+@@ -28,7 +28,8 @@
+ # --------------------                              --------------------
+ # 
+ # the path to your httpd binary, including options if necessary
+-HTTPD='@exp_sbindir@/@progname@'
++. /etc/conf.d/apache2
++HTTPD="@exp_sbindir@/@progname@ ${APACHE2_OPTS}"
+ #
+ # pick up any necessary environment variables
+ if test -f @exp_bindir@/envvars; then
+diff -uNr httpd-2.0.48/support/apxs.in httpd-2.0.48-gentoo/support/apxs.in
+--- httpd-2.0.48/support/apxs.in	2003-05-21 07:39:52.000000000 -0400
++++ httpd-2.0.48-gentoo/support/apxs.in	2003-10-29 22:02:48.000000000 -0500
+@@ -237,19 +237,6 @@
+     ($httpd = $0) =~ s:support/apxs$::;
+ }
+ 
+-unless (-x "$httpd") {
+-	error("$httpd not found or not executable");
+-	exit 1;
+-}
+-
+-unless (grep /mod_so/, `. $envvars && $httpd -l`) {
+-    error("Sorry, no shared object support for Apache");
+-    error("available under your platform. Make sure");
+-    error("the Apache module mod_so is compiled into");
+-    error("your server binary `$httpd'.");
+-    exit 1;
+-}
+-
+ sub get_config_vars{
+     my ($file, $rh_config) = @_;
+ 
diff --git a/net-www/apache/files/apache.rc6 b/net-www/apache/files/apache.rc6
index 9f424076bcaf..a65c62e46656 100644
--- a/net-www/apache/files/apache.rc6
+++ b/net-www/apache/files/apache.rc6
@@ -1,7 +1,7 @@
 #!/sbin/runscript
 # Copyright 1999-2003 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-www/apache/files/apache.rc6,v 1.13 2003/09/27 04:47:18 woodchip Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-www/apache/files/apache.rc6,v 1.14 2003/10/30 17:51:18 woodchip Exp $
 
 opts="${opts} reload"
 
@@ -13,7 +13,7 @@ depend() {
 
 start() {
 	ebegin "Starting apache"
-	start-stop-daemon -o --quiet --start --startas /usr/sbin/apache \
+	env -i start-stop-daemon -o --quiet --start --startas /usr/sbin/apache \
 		--pidfile /var/run/apache.pid -- ${APACHE_OPTS}
 	eend $?
 }
diff --git a/net-www/apache/files/digest-apache-2.0.48 b/net-www/apache/files/digest-apache-2.0.48
new file mode 100644
index 000000000000..1b6f6924c8bf
--- /dev/null
+++ b/net-www/apache/files/digest-apache-2.0.48
@@ -0,0 +1 @@
+MD5 466c63bb71b710d20a5c353df8c1a19c httpd-2.0.48.tar.gz 6258490
author	Donny Davies <woodchip@gentoo.org>	2003-10-30 17:51:24 +0000
committer	Donny Davies <woodchip@gentoo.org>	2003-10-30 17:51:24 +0000
commit	ddbf8154088820ea3463a0224283b08d777cf6d0 (patch)
tree	84358986512f45275190587af6872f3022f98bbf /net-www/apache
parent	Fixed a few bugzilla items & version/security bump. (diff)
download	gentoo-2-ddbf8154088820ea3463a0224283b08d777cf6d0.tar.gz gentoo-2-ddbf8154088820ea3463a0224283b08d777cf6d0.tar.bz2 gentoo-2-ddbf8154088820ea3463a0224283b08d777cf6d0.zip