Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Lars Wendler <polynomial-c@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: www-servers/apache/
Date: Wed, 23 Jan 2019 12:05:50
Message-Id: 1548245132.83d835b33bf278c1f6bdcd8dfb22d9772a5ad4a1.polynomial-c@gentoo
1 commit: 83d835b33bf278c1f6bdcd8dfb22d9772a5ad4a1
2 Author: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
3 AuthorDate: Wed Jan 23 11:54:42 2019 +0000
4 Commit: Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
5 CommitDate: Wed Jan 23 12:05:32 2019 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=83d835b3
7
8 www-servers/apache: Security bump to version 2.4.38
9
10 Bug: https://bugs.gentoo.org/676064
11 Package-Manager: Portage-2.3.58, Repoman-2.3.12
12 Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>
13
14 www-servers/apache/Manifest | 1 +
15 www-servers/apache/apache-2.4.38.ebuild | 257 ++++++++++++++++++++++++++++++++
16 2 files changed, 258 insertions(+)
17
18 diff --git a/www-servers/apache/Manifest b/www-servers/apache/Manifest
19 index 2a4afe449bd..ea80eadb249 100644
20 --- a/www-servers/apache/Manifest
21 +++ b/www-servers/apache/Manifest
22 @@ -6,3 +6,4 @@ DIST httpd-2.4.27.tar.bz2 6527394 BLAKE2B 50a650eb2edd121dac860ff555273290010d7e
23 DIST httpd-2.4.34.tar.bz2 6942969 BLAKE2B 02ecb9980f48bef7ac915077598560353e0682001bdaa99410b7faad459c4581f8d0878b4840e38e570b1872d549d58743260cb3030c145ae93bef97fc692cc4 SHA512 2bc09213f08a4722e305929fbac5f5060c7a8444704494894bb9b61f17e4d20bb6e3d663bb93fc5b2030b04a43fb12373d260cc291422b210b299725aaf3b5c8
24 DIST httpd-2.4.35.tar.bz2 7044336 BLAKE2B b0ec5de56bfdaf7c6cf7f6cd2fedbd8748c16a76bddbde8e3442d2102aa33bc2642cf1dacce7b5e38023ddfceee393cd0059b881cd25dc57c029900385a41f59 SHA512 f5d6a849850ebdf4e38b586c84cc1063d68ac4c6737895c9ac1c8796c22655681c55b4de77ed9f1f807338fdb9f7824faf911361aa31cc46f3c3a2cbabe20543
25 DIST httpd-2.4.37.tar.bz2 7031632 BLAKE2B 53eb04e91a909b65107c587348860fbe3aa48474fa8beae5bed875c62655704e3b63f77534b2961e24bf861c9502b7a52de71a1e6099f092476135b8a50cede8 SHA512 e802915801bbe885a65dada04b0116d145b293fabfff734dddb61a79ca1c6d65326f51155d1b864b093c3ec00d0bdfdf1401ab55677bae1ea3da1d199d7bcad4
26 +DIST httpd-2.4.38.tar.bz2 7035030 BLAKE2B 52d965b0eae3402c268f1c5f5fb669ad84408699871d0518ba254c6e7c00f2198cba8cb6106114a62f0f6de67e0a8b921b5783af9530d165ed4d435312ce5164 SHA512 8bdc36fa2bd13fd83feee17fdce4a5316ed8f96c1ac32b636ba106572ba257815438c72068d2d0e900783a3fa25c90a5da34c3f83fc2c04a1dbdbf234f7ad448
27
28 diff --git a/www-servers/apache/apache-2.4.38.ebuild b/www-servers/apache/apache-2.4.38.ebuild
29 new file mode 100644
30 index 00000000000..d423352ebf6
31 --- /dev/null
32 +++ b/www-servers/apache/apache-2.4.38.ebuild
33 @@ -0,0 +1,257 @@
34 +# Copyright 1999-2019 Gentoo Authors
35 +# Distributed under the terms of the GNU General Public License v2
36 +
37 +EAPI=6
38 +
39 +# latest gentoo apache files
40 +GENTOO_PATCHSTAMP="20180716"
41 +GENTOO_DEVELOPER="polynomial-c"
42 +GENTOO_PATCHNAME="gentoo-apache-2.4.34"
43 +
44 +# IUSE/USE_EXPAND magic
45 +IUSE_MPMS_FORK="prefork"
46 +IUSE_MPMS_THREAD="event worker"
47 +
48 +# << obsolete modules:
49 +# authn_default authz_default mem_cache
50 +# mem_cache is replaced by cache_disk
51 +# ?? buggy modules
52 +# proxy_scgi: startup error: undefined symbol "ap_proxy_release_connection", no fix found
53 +# >> added modules for reason:
54 +# compat: compatibility with 2.2 access control
55 +# authz_host: new module for access control
56 +# authn_core: functionality provided by authn_alias in previous versions
57 +# authz_core: new module, provides core authorization capabilities
58 +# cache_disk: replacement for mem_cache
59 +# lbmethod_byrequests: Split off from mod_proxy_balancer in 2.3
60 +# lbmethod_bytraffic: Split off from mod_proxy_balancer in 2.3
61 +# lbmethod_bybusyness: Split off from mod_proxy_balancer in 2.3
62 +# lbmethod_heartbeat: Split off from mod_proxy_balancer in 2.3
63 +# slotmem_shm: Slot-based shared memory provider (for lbmethod_byrequests).
64 +# socache_shmcb: shared object cache provider. Default config with ssl needs it
65 +# unixd: fixes startup error: Invalid command 'User'
66 +IUSE_MODULES="access_compat actions alias asis auth_basic auth_digest
67 +authn_alias authn_anon authn_core authn_dbd authn_dbm authn_file authz_core
68 +authz_dbd authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex
69 +brotli cache cache_disk cache_socache cern_meta charset_lite cgi cgid dav dav_fs dav_lock
70 +dbd deflate dir dumpio env expires ext_filter file_cache filter headers http2
71 +ident imagemap include info lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness
72 +lbmethod_heartbeat log_config log_forensic logio macro md mime mime_magic negotiation
73 +proxy proxy_ajp proxy_balancer proxy_connect proxy_ftp proxy_html proxy_http proxy_scgi
74 +proxy_http2 proxy_fcgi proxy_wstunnel rewrite ratelimit remoteip reqtimeout setenvif
75 +slotmem_shm speling socache_shmcb status substitute unique_id userdir usertrack
76 +unixd version vhost_alias watchdog xml2enc"
77 +# The following are also in the source as of this version, but are not available
78 +# for user selection:
79 +# bucketeer case_filter case_filter_in echo http isapi optional_fn_export
80 +# optional_fn_import optional_hook_export optional_hook_import
81 +
82 +# inter-module dependencies
83 +# TODO: this may still be incomplete
84 +MODULE_DEPENDS="
85 + brotli:filter
86 + dav_fs:dav
87 + dav_lock:dav
88 + deflate:filter
89 + cache_disk:cache
90 + ext_filter:filter
91 + file_cache:cache
92 + lbmethod_byrequests:proxy_balancer
93 + lbmethod_byrequests:slotmem_shm
94 + lbmethod_bytraffic:proxy_balancer
95 + lbmethod_bybusyness:proxy_balancer
96 + lbmethod_heartbeat:proxy_balancer
97 + log_forensic:log_config
98 + logio:log_config
99 + cache_disk:cache
100 + cache_socache:cache
101 + md:watchdog
102 + mime_magic:mime
103 + proxy_ajp:proxy
104 + proxy_balancer:proxy
105 + proxy_balancer:slotmem_shm
106 + proxy_connect:proxy
107 + proxy_ftp:proxy
108 + proxy_html:proxy
109 + proxy_html:xml2enc
110 + proxy_http:proxy
111 + proxy_scgi:proxy
112 + proxy_fcgi:proxy
113 + proxy_wstunnel:proxy
114 + substitute:filter
115 +"
116 +
117 +# module<->define mappings
118 +MODULE_DEFINES="
119 + auth_digest:AUTH_DIGEST
120 + authnz_ldap:AUTHNZ_LDAP
121 + cache:CACHE
122 + cache_disk:CACHE
123 + cache_socache:CACHE
124 + dav:DAV
125 + dav_fs:DAV
126 + dav_lock:DAV
127 + file_cache:CACHE
128 + http2:HTTP2
129 + info:INFO
130 + ldap:LDAP
131 + md:SSL
132 + proxy:PROXY
133 + proxy_ajp:PROXY
134 + proxy_balancer:PROXY
135 + proxy_connect:PROXY
136 + proxy_ftp:PROXY
137 + proxy_html:PROXY
138 + proxy_http:PROXY
139 + proxy_fcgi:PROXY
140 + proxy_scgi:PROXY
141 + proxy_wstunnel:PROXY
142 + socache_shmcb:SSL
143 + ssl:SSL
144 + status:STATUS
145 + suexec:SUEXEC
146 + userdir:USERDIR
147 +"
148 +
149 +# critical modules for the default config
150 +MODULE_CRITICAL="
151 + authn_core
152 + authz_core
153 + authz_host
154 + dir
155 + mime
156 + unixd
157 +"
158 +inherit apache-2 systemd tmpfiles toolchain-funcs
159 +
160 +DESCRIPTION="The Apache Web Server"
161 +HOMEPAGE="https://httpd.apache.org/"
162 +
163 +# some helper scripts are Apache-1.1, thus both are here
164 +LICENSE="Apache-2.0 Apache-1.1"
165 +SLOT="2"
166 +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x64-macos ~x86-macos ~m68k-mint ~sparc64-solaris ~x64-solaris"
167 +
168 +# Enable http2 by default (bug #563452)
169 +# FIXME: Move to apache-2.eclass once this has reached stable.
170 +IUSE="${IUSE/apache2_modules_http2/+apache2_modules_http2}"
171 +# New suexec options (since 2.4.34)
172 +IUSE="${IUSE} +suexec-caps suexec-syslog"
173 +
174 +CDEPEND="apache2_modules_brotli? ( >=app-arch/brotli-0.6.0:= )
175 + apache2_modules_http2? ( >=net-libs/nghttp2-1.2.1 )
176 + apache2_modules_md? ( >=dev-libs/jansson-2.10 )"
177 +
178 +DEPEND+="${CDEPEND}
179 + suexec? ( suexec-caps? ( sys-libs/libcap ) )"
180 +RDEPEND+="${CDEPEND}"
181 +
182 +REQUIRED_USE="apache2_modules_http2? ( ssl )
183 + apache2_modules_md? ( ssl )"
184 +
185 +pkg_setup() {
186 + # dependend critical modules which are not allowed in global scope due
187 + # to USE flag conditionals (bug #499260)
188 + use ssl && MODULE_CRITICAL+=" socache_shmcb"
189 + use doc && MODULE_CRITICAL+=" alias negotiation setenvif"
190 + apache-2_pkg_setup
191 +}
192 +
193 +src_configure() {
194 + # Brain dead check.
195 + tc-is-cross-compiler && export ap_cv_void_ptr_lt_long="no"
196 +
197 + apache-2_src_configure
198 +}
199 +
200 +src_compile() {
201 + if tc-is-cross-compiler; then
202 + # This header is the same across targets, so use the build compiler.
203 + pushd server >/dev/null
204 + emake gen_test_char
205 + tc-export_build_env BUILD_CC
206 + ${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_CPPFLAGS} ${BUILD_LDFLAGS} \
207 + gen_test_char.c -o gen_test_char $(apr-1-config --includes) || die
208 + popd >/dev/null
209 + fi
210 +
211 + default
212 +}
213 +
214 +src_install() {
215 + apache-2_src_install
216 + local i
217 + local apache_tools_prune_list=(
218 + /usr/bin/{htdigest,logresolve,htpasswd,htdbm,ab,httxt2dbm}
219 + /usr/sbin/{checkgid,fcgistarter,htcacheclean,rotatelogs}
220 + /usr/share/man/man1/{logresolve.1,htdbm.1,htdigest.1,htpasswd.1,dbmmanage.1,ab.1}
221 + /usr/share/man/man8/{rotatelogs.8,htcacheclean.8}
222 + )
223 + for i in ${apache_tools_prune_list[@]} ; do
224 + rm "${ED%/}"/$i || die "Failed to prune apache-tools bits"
225 + done
226 +
227 + # install apxs in /usr/bin (bug #502384) and put a symlink into the
228 + # old location until all ebuilds and eclasses have been modified to
229 + # use the new location.
230 + dobin support/apxs
231 + dosym ../bin/apxs /usr/sbin/apxs
232 +
233 + # Note: wait for mod_systemd to be included in some forthcoming release,
234 + # Then apache2.4.service can be used and systemd support controlled
235 + # through --enable-systemd
236 + systemd_newunit "${FILESDIR}/apache2.2-hardened.service" "apache2.service"
237 + systemd_dotmpfilesd "${FILESDIR}/apache.conf"
238 + #insinto /etc/apache2/modules.d
239 + #doins "${FILESDIR}/00_systemd.conf"
240 +
241 + # Install http2 module config
242 + insinto /etc/apache2/modules.d
243 + doins "${FILESDIR}"/41_mod_http2.conf
244 +
245 + # Fix path to apache libdir
246 + sed "s|@LIBDIR@|$(get_libdir)|" -i "${ED%/}"/usr/sbin/apache2ctl || die
247 +}
248 +
249 +pkg_postinst() {
250 + apache-2_pkg_postinst || die "apache-2_pkg_postinst failed"
251 +
252 + tmpfiles_process apache.conf #662544
253 +
254 + # warnings that default config might not work out of the box
255 + local mod cmod
256 + for mod in ${MODULE_CRITICAL} ; do
257 + if ! use "apache2_modules_${mod}"; then
258 + echo
259 + ewarn "Warning: Critical module not installed!"
260 + ewarn "Modules 'authn_core', 'authz_core' and 'unixd'"
261 + ewarn "are highly recomended but might not be in the base profile yet."
262 + ewarn "Default config for ssl needs module 'socache_shmcb'."
263 + ewarn "Enabling the following flags is highly recommended:"
264 + for cmod in ${MODULE_CRITICAL} ; do
265 + use "apache2_modules_${cmod}" || \
266 + ewarn "+ apache2_modules_${cmod}"
267 + done
268 + echo
269 + break
270 + fi
271 + done
272 + # warning for proxy_balancer and missing load balancing scheduler
273 + if use apache2_modules_proxy_balancer; then
274 + local lbset=
275 + for mod in lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness lbmethod_heartbeat; do
276 + if use "apache2_modules_${mod}"; then
277 + lbset=1 && break
278 + fi
279 + done
280 + if [ ! ${lbset} ] ; then
281 + echo
282 + ewarn "Info: Missing load balancing scheduler algorithm module"
283 + ewarn "(They were split off from proxy_balancer in 2.3)"
284 + ewarn "In order to get the ability of load balancing, at least"
285 + ewarn "one of these modules has to be present:"
286 + ewarn "lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness lbmethod_heartbeat"
287 + echo
288 + fi
289 + fi
290 +}
Report Message
Find on MARC Find on Google Groups