svn commit: r362371 - in head/www/apache24: . files
Olli Hauer
ohauer at FreeBSD.org
Sun Jul 20 20:49:34 UTC 2014
Author: ohauer
Date: Sun Jul 20 20:49:32 2014
New Revision: 362371
URL: http://svnweb.freebsd.org/changeset/ports/362371
QAT: https://qat.redports.org/buildarchive/r362371/
Log:
- security update to release 2.4.10
- add OPTION for new mod_authnz_fcgi module
- s/libluajit.so/libluajit-5.1.so/ (there is no libluajit.so)
- backport for mod_lua: Don't quote values in cookies
Make IE happy again [#56734]
http://svn.apache.org/viewvc?view=revision&revision=1611744
- disable sanity check on demand [1]
Release Notes:
http://www.apache.org/dist/httpd/CHANGES_2.4.10
PR: 191398 [1]
Submitted by: Robert Schulze <rs at bytecamp.net>
MFH: 2014Q3
Security: 4364e1f1-0f44-11e4-b090-20cf30e32f6d
CVE-2014-0117
CVE-2014-3523
CVE-2014-0226
CVE-2014-0118
CVE-2014-0231
Added:
head/www/apache24/files/patch-r1611744-modules__lua__lua_request.c (contents, props changed)
Deleted:
head/www/apache24/files/patch-mod_authn_socache.c
Modified:
head/www/apache24/Makefile
head/www/apache24/Makefile.options
head/www/apache24/Makefile.options.desc
head/www/apache24/distinfo
head/www/apache24/files/apache24.in
head/www/apache24/pkg-plist
Modified: head/www/apache24/Makefile
==============================================================================
--- head/www/apache24/Makefile Sun Jul 20 20:42:31 2014 (r362370)
+++ head/www/apache24/Makefile Sun Jul 20 20:49:32 2014 (r362371)
@@ -1,8 +1,7 @@
# $FreeBSD$
PORTNAME= apache24
-PORTVERSION= 2.4.9
-PORTREVISION= 4
+PORTVERSION= 2.4.10
CATEGORIES= www ipv6
MASTER_SITES= ${MASTER_SITE_APACHE_HTTPD}
DISTNAME= httpd-${PORTVERSION}
@@ -53,7 +52,7 @@ IPV4_MAPPED_CONFIGURE_ENABLE= v4-mapped
LDAP_CONFIGURE_ON= --enable-ldap=shared
-LUAJIT_LIB_DEPENDS= libluajit.so:${PORTSDIR}/lang/luajit
+LUAJIT_LIB_DEPENDS= libluajit-5.1.so:${PORTSDIR}/lang/luajit
LUA_CONFIGURE_WITH= lua
LUA_USES= lua
@@ -156,7 +155,7 @@ post-install:
@${MKDIR} ${STAGEDIR}/${EXAMPLESDIR}/modules.d
${INSTALL_DATA} ${FILESDIR}/README_modules.d ${STAGEDIR}/${EXAMPLESDIR}/modules.d
-# supress warnings about all the non binary files
+# suppress warning for non binary files
-@${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/* \
${STAGEDIR}${PREFIX}/bin/* \
${STAGEDIR}${PREFIX}/libexec/apache24/*.so 2>/dev/null
Modified: head/www/apache24/Makefile.options
==============================================================================
--- head/www/apache24/Makefile.options Sun Jul 20 20:42:31 2014 (r362370)
+++ head/www/apache24/Makefile.options Sun Jul 20 20:49:32 2014 (r362371)
@@ -57,7 +57,7 @@ MOST_ENABLED_MODULES= \
VERSION VHOST_ALIAS
MOST_DISABLED_MODULES:= \
- AUTHNZ_LDAP LDAP CHARSET_LITE DATA DAV_LOCK DIALUP IDENT LOG_FORENSIC \
+ AUTHNZ_LDAP AUTHNZ_FCGI LDAP CHARSET_LITE DATA DAV_LOCK DIALUP IDENT LOG_FORENSIC \
LUA REFLECTOR SLOTMEM_PLAIN SLOTMEM_SHM SOCACHE_DC SUEXEC USERTRACK \
XML2ENC WATCHDOG ${HEARTBEAT_MODULES} ${EXAMPLE_MODULES} ${DEV_MODULES}
Modified: head/www/apache24/Makefile.options.desc
==============================================================================
--- head/www/apache24/Makefile.options.desc Sun Jul 20 20:42:31 2014 (r362370)
+++ head/www/apache24/Makefile.options.desc Sun Jul 20 20:49:32 2014 (r362371)
@@ -42,6 +42,7 @@ ACTIONS_DESC= Action triggering on req
ALIAS_DESC= Mapping of requests to different filesystem parts
ALLOWMETHODS_DESC= Easily restrict what HTTP methods can be used on the server
ASIS_DESC= Sends files that contain their own HTTP headers
+AUTHNZ_FCGI_DESC= Allows a FastCGI authorizer to handle the check_authn hook
AUTHNZ_LDAP_DESC= LDAP based authentication
AUTHN_ANON_DESC= Anonymous user authentication control
AUTHN_CORE_DESC= Core authentication module
Modified: head/www/apache24/distinfo
==============================================================================
--- head/www/apache24/distinfo Sun Jul 20 20:42:31 2014 (r362370)
+++ head/www/apache24/distinfo Sun Jul 20 20:49:32 2014 (r362371)
@@ -1,2 +1,2 @@
-SHA256 (apache24/httpd-2.4.9.tar.bz2) = f78cc90dfa47caf3d83ad18fd6b4e85f237777c1733fc9088594b70ce2847603
-SIZE (apache24/httpd-2.4.9.tar.bz2) = 4994460
+SHA256 (apache24/httpd-2.4.10.tar.bz2) = 176c4dac1a745f07b7b91e7f4fd48f9c48049fa6f088efe758d61d9738669c6a
+SIZE (apache24/httpd-2.4.10.tar.bz2) = 5031834
Modified: head/www/apache24/files/apache24.in
==============================================================================
--- head/www/apache24/files/apache24.in Sun Jul 20 20:42:31 2014 (r362370)
+++ head/www/apache24/files/apache24.in Sun Jul 20 20:49:32 2014 (r362371)
@@ -23,6 +23,7 @@
# Set to yes to check for accf_http kernel
# module on start up and load if not loaded.
# apache24_fib (str): Set an altered default network view for apache
+# apache24_configcheck_disable (bool): Set to "YES" to disable sanity check on startup
. /etc/rc.subr
@@ -46,6 +47,7 @@ envvars="%%PREFIX%%/sbin/envvars"
[ -z "$apache24limits_enable" ] && apache24limits_enable="NO"
[ -z "$apache24limits_args" ] && apache24limits_args="-e -C daemon"
[ -z "$apache24_http_accept_enable" ] && apache24_http_accept_enable="NO"
+[ -z "$apache24_configcheck_disable" ] && apache24_configcheck_disable="NO"
apache24_accf()
{
@@ -75,6 +77,7 @@ if [ -n "$2" ]; then
eval apache24limits_enable="\${apache24limits_${profile}_enable:-${apache24limits_enable}}"
eval apache24limits_args="\${apache24limits_${profile}_args:-${apache24limits_args}}"
eval apache24_fib="\${apache24_${profile}_fib:-${apache24_fib}}"
+ eval apache24_configcheck_disable="\${apache24_${profile}_configcheck_disable:-${apache24_configcheck_disable}}"
eval command="\${apache24_${profile}_command:-${command}}"
eval pidfile="\${apache24_${profile}_pidfile:-${pidfile}}"
eval apache24_envvars="\${apache24_${profile}_envvars:-${envvars}}"
@@ -123,10 +126,14 @@ if [ "${1}" != "stop" ] ; then \
apache24_accf
fi
+if checkyesno apache24_configcheck_disable
+then
+ unset restart_precmd
+ unset reload_precmd
+fi
+
apache24_requirepidfile()
{
- apache24_checkconfig
-
if [ ! "0`check_pidfile ${pidfile} ${command}`" -gt 1 ]; then
echo "${name} not running? (check $pidfile)."
exit 1
@@ -147,6 +154,11 @@ apache24_checkconfig()
apache24_graceful() {
apache24_requirepidfile
+ if ! checkyesno apache24_configcheck_disable
+ then
+ apache24_checkconfig
+ fi
+
echo "Performing a graceful restart"
eval ${command} ${apache24_flags} -k graceful
}
@@ -154,13 +166,21 @@ apache24_graceful() {
apache24_gracefulstop() {
apache24_requirepidfile
+ if ! checkyesno apache24_configcheck_disable
+ then
+ apache24_checkconfig
+ fi
+
echo "Performing a graceful stop"
eval ${command} ${apache24_flags} -k graceful-stop
}
apache24_precmd()
{
- apache24_checkconfig
+ if ! checkyesno apache24_configcheck_disable
+ then
+ apache24_checkconfig
+ fi
if checkyesno apache24limits_enable
then
Added: head/www/apache24/files/patch-r1611744-modules__lua__lua_request.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/www/apache24/files/patch-r1611744-modules__lua__lua_request.c Sun Jul 20 20:49:32 2014 (r362371)
@@ -0,0 +1,22 @@
+backport for mod_lua: Don't quote values in cookies; Make IE happy again [#56734]
+http://svn.apache.org/viewvc?view=revision&revision=1611744
+
+
+--- ./modules/lua/lua_request.c.orig 2014-07-20 10:48:19.000000000 +0200
++++ ./modules/lua/lua_request.c 2014-07-20 10:48:46.000000000 +0200
+@@ -2086,13 +2086,13 @@
+ if (expires > 0) {
+ rv = apr_rfc822_date(cdate, apr_time_from_sec(expires));
+ if (rv == APR_SUCCESS) {
+- strexpires = apr_psprintf(r->pool, "Expires=\"%s\";", cdate);
++ strexpires = apr_psprintf(r->pool, "Expires=%s;", cdate);
+ }
+ }
+
+ /* Create path segment */
+ if (path != NULL && strlen(path) > 0) {
+- strpath = apr_psprintf(r->pool, "Path=\"%s\";", path);
++ strpath = apr_psprintf(r->pool, "Path=%s;", path);
+ }
+
+ /* Create domain segment */
Modified: head/www/apache24/pkg-plist
==============================================================================
--- head/www/apache24/pkg-plist Sun Jul 20 20:42:31 2014 (r362370)
+++ head/www/apache24/pkg-plist Sun Jul 20 20:49:32 2014 (r362371)
@@ -78,6 +78,7 @@ libexec/apache24/httpd.exp
%%MOD_ALIAS%%libexec/apache24/mod_alias.so
%%MOD_ALLOWMETHODS%%libexec/apache24/mod_allowmethods.so
%%MOD_ASIS%%libexec/apache24/mod_asis.so
+%%MOD_AUTHNZ_FCGI%%libexec/apache24/mod_authnz_fcgi.so
%%MOD_AUTHNZ_LDAP%%libexec/apache24/mod_authnz_ldap.so
%%MOD_AUTHN_ANON%%libexec/apache24/mod_authn_anon.so
%%MOD_AUTHN_CORE%%libexec/apache24/mod_authn_core.so
More information about the svn-ports-all
mailing list