Sat May 23 07:12:46 2009 UTC ()
Pullup ticket 2778 - requested by tron
Security fix

Revisions pulled up:
- pkgsrc/www/apache22/Makefile			1.43
- pkgsrc/www/apache22/distinfo			1.18
- pkgsrc/www/apache22/patches/patch-ab		1.10

   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Fri May 22 09:46:06 UTC 2009

   Modified Files:
   	pkgsrc/www/apache22: Makefile distinfo
   Added Files:
   	pkgsrc/www/apache22/patches: patch-ab

   Log Message:
   Add patch from the Apache SVN repository to fix the information leak
   in the "mod_proxy_ajp" module reported in CVE-2009-1191.

   To generate a diff of this commit:
   cvs rdiff -u -r1.42 -r1.43 pkgsrc/www/apache22/Makefile
   cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/apache22/distinfo
   cvs rdiff -u -r0 -r1.10 pkgsrc/www/apache22/patches/patch-ab


(spz)
diff -r1.39 -r1.39.2.1 pkgsrc/www/apache22/Makefile
diff -r0 -r1.10.2.2 pkgsrc/www/apache22/patches/patch-ab
cvs diff -r1.39 -r1.39.2.1 pkgsrc/www/apache22/Attic/Makefile (switch to unified diff)

--- pkgsrc/www/apache22/Attic/Makefile 2009/02/25 15:39:38 1.39
+++ pkgsrc/www/apache22/Attic/Makefile 2009/05/23 07:12:45 1.39.2.1
@@ -1,290 +1,290 @@ @@ -1,290 +1,290 @@
1# $NetBSD: Makefile,v 1.39 2009/02/25 15:39:38 tron Exp $ 1# $NetBSD: Makefile,v 1.39.2.1 2009/05/23 07:12:45 spz Exp $
2 2
3DISTNAME= httpd-2.2.11 3DISTNAME= httpd-2.2.11
4PKGREVISION= 2 4PKGREVISION= 3
5PKGNAME= ${DISTNAME:S/httpd/apache/} 5PKGNAME= ${DISTNAME:S/httpd/apache/}
6CATEGORIES= www 6CATEGORIES= www
7MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \ 7MASTER_SITES= ${MASTER_SITE_APACHE:=httpd/} \
8 ${MASTER_SITE_APACHE:=httpd/old/} 8 ${MASTER_SITE_APACHE:=httpd/old/}
9EXTRACT_SUFX= .tar.bz2 9EXTRACT_SUFX= .tar.bz2
10 10
11MAINTAINER= tron@NetBSD.org 11MAINTAINER= tron@NetBSD.org
12HOMEPAGE= http://httpd.apache.org/ 12HOMEPAGE= http://httpd.apache.org/
13COMMENT= Apache HTTP (Web) server, version 2 13COMMENT= Apache HTTP (Web) server, version 2
14 14
15PKG_DESTDIR_SUPPORT= user-destdir 15PKG_DESTDIR_SUPPORT= user-destdir
16 16
17CONFLICTS= apache-{,*ssl}-[0-9]* apache6-[0-9]* 17CONFLICTS= apache-{,*ssl}-[0-9]* apache6-[0-9]*
18 18
19BUILD_DEFS+= IPV6_READY 19BUILD_DEFS+= IPV6_READY
20BUILD_DEFS+= VARBASE 20BUILD_DEFS+= VARBASE
21 21
22USE_TOOLS+= pax perl perl:run pkg-config 22USE_TOOLS+= pax perl perl:run pkg-config
23USE_LIBTOOL= yes 23USE_LIBTOOL= yes
24GNU_CONFIGURE= yes 24GNU_CONFIGURE= yes
25CONFIGURE_ARGS+= --enable-layout=NetBSD 25CONFIGURE_ARGS+= --enable-layout=NetBSD
26CONFIGURE_ARGS+= --with-port=80 26CONFIGURE_ARGS+= --with-port=80
27CONFIGURE_ARGS+= --enable-so 27CONFIGURE_ARGS+= --enable-so
28CONFIGURE_ENV+= perlbin=${PERL5:Q} 28CONFIGURE_ENV+= perlbin=${PERL5:Q}
29CONFIGURE_ENV+= ac_cv_path_RSYNC=/nonexistent 29CONFIGURE_ENV+= ac_cv_path_RSYNC=/nonexistent
30CONFIGURE_ARGS+= CFLAGS=${APACHE_CUSTOM_CFLAGS:Q} 30CONFIGURE_ARGS+= CFLAGS=${APACHE_CUSTOM_CFLAGS:Q}
31 31
32BUILD_DEFS+= APACHE_CUSTOM_CFLAGS 32BUILD_DEFS+= APACHE_CUSTOM_CFLAGS
33 33
34# Apache Portable Runtime library configure options 34# Apache Portable Runtime library configure options
35CONFIGURE_ARGS+= --with-apr=${BUILDLINK_PREFIX.apr} 35CONFIGURE_ARGS+= --with-apr=${BUILDLINK_PREFIX.apr}
36CONFIGURE_ARGS+= --with-apr-util=${BUILDLINK_PREFIX.apr-util} 36CONFIGURE_ARGS+= --with-apr-util=${BUILDLINK_PREFIX.apr-util}
37 37
38CHECK_INTERPRETER_SKIP+= lib/httpd/httpd.exp 38CHECK_INTERPRETER_SKIP+= lib/httpd/httpd.exp
39CHECK_PORTABILITY_SKIP+= srclib/pcre/* \ 39CHECK_PORTABILITY_SKIP+= srclib/pcre/* \
40 srclib/apr-util/* \ 40 srclib/apr-util/* \
41 srclib/apr/* 41 srclib/apr/*
42 42
43# the following must be set before bsd.prefs.mk in order to make += work 43# the following must be set before bsd.prefs.mk in order to make += work
44# in mk.conf; however, it isn't expanded until referenced, so we can 44# in mk.conf; however, it isn't expanded until referenced, so we can
45# define DFLT_APACHE_MODULES later 45# define DFLT_APACHE_MODULES later
46# 46#
47APACHE_MODULES?= ${DFLT_APACHE_MODULES} 47APACHE_MODULES?= ${DFLT_APACHE_MODULES}
48 48
49.include "../../mk/bsd.prefs.mk" 49.include "../../mk/bsd.prefs.mk"
50.include "../../devel/apr/buildlink3.mk" 50.include "../../devel/apr/buildlink3.mk"
51.include "../../devel/apr-util/buildlink3.mk" 51.include "../../devel/apr-util/buildlink3.mk"
52.include "../../textproc/expat/buildlink3.mk" 52.include "../../textproc/expat/buildlink3.mk"
53.include "../../mk/dlopen.buildlink3.mk" 53.include "../../mk/dlopen.buildlink3.mk"
54 54
55# Set the "Multi-Processing Model" used by Apache to handle requests. 55# Set the "Multi-Processing Model" used by Apache to handle requests.
56# Valid values are: 56# Valid values are:
57# event multi-threaded based in worker, designed 57# event multi-threaded based in worker, designed
58# to allow more requests to be served 58# to allow more requests to be served
59# simultaneously by passing off some processing 59# simultaneously by passing off some processing
60# work to supporting threads. 60# work to supporting threads.
61# BEWARE: does not work with SSL or input filters. 61# BEWARE: does not work with SSL or input filters.
62# prefork non-threaded, pre-forking web server 62# prefork non-threaded, pre-forking web server
63# worker hybrid multi-threaded multi-process web server 63# worker hybrid multi-threaded multi-process web server
64# 64#
65APACHE_MPM?= prefork 65APACHE_MPM?= prefork
66CONFIGURE_ARGS+= --with-mpm=${APACHE_MPM:Q} 66CONFIGURE_ARGS+= --with-mpm=${APACHE_MPM:Q}
67BUILD_DEFS+= APACHE_MPM 67BUILD_DEFS+= APACHE_MPM
68 68
69.if !empty(APACHE_MPM:Mevent) || !empty(APACHE_MPM:Mworker) 69.if !empty(APACHE_MPM:Mevent) || !empty(APACHE_MPM:Mworker)
70PLIST_SRC+= ${PKGDIR}/PLIST.worker 70PLIST_SRC+= ${PKGDIR}/PLIST.worker
71.endif 71.endif
72 72
73CONFIGURE_ARGS+= --disable-include 73CONFIGURE_ARGS+= --disable-include
74CONFIGURE_ARGS+= --disable-log-config 74CONFIGURE_ARGS+= --disable-log-config
75CONFIGURE_ARGS+= --disable-env 75CONFIGURE_ARGS+= --disable-env
76CONFIGURE_ARGS+= --disable-mime 76CONFIGURE_ARGS+= --disable-mime
77CONFIGURE_ARGS+= --disable-setenvif 77CONFIGURE_ARGS+= --disable-setenvif
78CONFIGURE_ARGS+= --disable-status 78CONFIGURE_ARGS+= --disable-status
79CONFIGURE_ARGS+= --disable-autoindex 79CONFIGURE_ARGS+= --disable-autoindex
80CONFIGURE_ARGS+= --disable-asis 80CONFIGURE_ARGS+= --disable-asis
81CONFIGURE_ARGS+= --disable-cgi 81CONFIGURE_ARGS+= --disable-cgi
82CONFIGURE_ARGS+= --disable-negotiation 82CONFIGURE_ARGS+= --disable-negotiation
83CONFIGURE_ARGS+= --disable-dir 83CONFIGURE_ARGS+= --disable-dir
84CONFIGURE_ARGS+= --disable-actions 84CONFIGURE_ARGS+= --disable-actions
85CONFIGURE_ARGS+= --disable-userdir 85CONFIGURE_ARGS+= --disable-userdir
86CONFIGURE_ARGS+= --disable-alias 86CONFIGURE_ARGS+= --disable-alias
87 87
88DFLT_APACHE_MODULES= all 88DFLT_APACHE_MODULES= all
89DFLT_APACHE_MODULES+= proxy proxy_connect proxy_ftp proxy_http 89DFLT_APACHE_MODULES+= proxy proxy_connect proxy_ftp proxy_http
90DFLT_APACHE_MODULES+= ssl deflate access auth authn_alias 90DFLT_APACHE_MODULES+= ssl deflate access auth authn_alias
91DFLT_APACHE_MODULES+= include log_config env mime setenvif 91DFLT_APACHE_MODULES+= include log_config env mime setenvif
92DFLT_APACHE_MODULES+= status autoindex asis cgi negotiation dir imap 92DFLT_APACHE_MODULES+= status autoindex asis cgi negotiation dir imap
93DFLT_APACHE_MODULES+= actions userdir alias isapi file_cache 93DFLT_APACHE_MODULES+= actions userdir alias isapi file_cache
94DFLT_APACHE_MODULES+= cache disk_cache mem_cache bucketeer echo 94DFLT_APACHE_MODULES+= cache disk_cache mem_cache bucketeer echo
95DFLT_APACHE_MODULES+= example case_filter case_filter_in 95DFLT_APACHE_MODULES+= example case_filter case_filter_in
96DFLT_APACHE_MODULES+= charset_lite 96DFLT_APACHE_MODULES+= charset_lite
97DFLT_APACHE_MODULES+= cgid dav_lock proxy_ajp proxy_balancer 97DFLT_APACHE_MODULES+= cgid dav_lock proxy_ajp proxy_balancer
98 98
99PLIST_SRC+= ${PKGDIR}/PLIST 99PLIST_SRC+= ${PKGDIR}/PLIST
100 100
101# LDAP support 101# LDAP support
102.if !empty(PKG_BUILD_OPTIONS.apr-util:Mldap) 102.if !empty(PKG_BUILD_OPTIONS.apr-util:Mldap)
103DFLT_APACHE_MODULES+= ldap authnz_ldap 103DFLT_APACHE_MODULES+= ldap authnz_ldap
104.endif 104.endif
105 105
106.include "options.mk" 106.include "options.mk"
107 107
108# APACHE_MODULES are the modules that are linked statically into the 108# APACHE_MODULES are the modules that are linked statically into the
109# apache httpd executable. 109# apache httpd executable.
110# 110#
111#.if ${APACHE_MODULES} == "all-shared" 111#.if ${APACHE_MODULES} == "all-shared"
112.if !empty(PKG_OPTIONS:Mapache-shared-modules) 112.if !empty(PKG_OPTIONS:Mapache-shared-modules)
113# XXX ldap and suexec? 113# XXX ldap and suexec?
114CONFIGURE_ARGS+= --enable-mods-shared=${DFLT_APACHE_MODULES:Q} 114CONFIGURE_ARGS+= --enable-mods-shared=${DFLT_APACHE_MODULES:Q}
115PLIST_SRC+= ${PKGDIR}/PLIST.all-shared 115PLIST_SRC+= ${PKGDIR}/PLIST.all-shared
116.else 116.else
117CONFIGURE_ARGS+= --enable-modules=${APACHE_MODULES:Q} 117CONFIGURE_ARGS+= --enable-modules=${APACHE_MODULES:Q}
118.endif 118.endif
119BUILD_DEFS+= APACHE_MODULES 119BUILD_DEFS+= APACHE_MODULES
120 120
121APACHE_USER?= www 121APACHE_USER?= www
122APACHE_GROUP?= www 122APACHE_GROUP?= www
123PKG_GROUPS= ${APACHE_GROUP} 123PKG_GROUPS= ${APACHE_GROUP}
124PKG_USERS= ${APACHE_USER}:${APACHE_GROUP} 124PKG_USERS= ${APACHE_USER}:${APACHE_GROUP}
125PKG_GROUPS_VARS+= APACHE_GROUP 125PKG_GROUPS_VARS+= APACHE_GROUP
126PKG_USERS_VARS+= APACHE_USER 126PKG_USERS_VARS+= APACHE_USER
127 127
128PKG_SYSCONFVAR= apache 128PKG_SYSCONFVAR= apache
129PKG_SYSCONFSUBDIR?= httpd 129PKG_SYSCONFSUBDIR?= httpd
130EGDIR= ${PREFIX}/share/examples/httpd 130EGDIR= ${PREFIX}/share/examples/httpd
131SBINDIR= ${PREFIX}/sbin 131SBINDIR= ${PREFIX}/sbin
132CONF_FILES+= ${EGDIR}/httpd.conf ${PKG_SYSCONFDIR}/httpd.conf 132CONF_FILES+= ${EGDIR}/httpd.conf ${PKG_SYSCONFDIR}/httpd.conf
133.for f in autoindex dav default info languages manual mpm \ 133.for f in autoindex dav default info languages manual mpm \
134 multilang-errordoc ssl userdir vhosts 134 multilang-errordoc ssl userdir vhosts
135CONF_FILES+= ${EGDIR}/extra/httpd-${f}.conf \ 135CONF_FILES+= ${EGDIR}/extra/httpd-${f}.conf \
136 ${PKG_SYSCONFDIR}/httpd-${f}.conf 136 ${PKG_SYSCONFDIR}/httpd-${f}.conf
137.endfor 137.endfor
138CONF_FILES+= ${EGDIR}/magic ${PKG_SYSCONFDIR}/magic 138CONF_FILES+= ${EGDIR}/magic ${PKG_SYSCONFDIR}/magic
139CONF_FILES+= ${EGDIR}/mime.types ${PKG_SYSCONFDIR}/mime.types 139CONF_FILES+= ${EGDIR}/mime.types ${PKG_SYSCONFDIR}/mime.types
140RCD_SCRIPTS= apache 140RCD_SCRIPTS= apache
141 141
142REQD_DIRS= ${PREFIX}/share/httpd 142REQD_DIRS= ${PREFIX}/share/httpd
143REQD_DIRS+= ${PREFIX}/share/httpd/htdocs 143REQD_DIRS+= ${PREFIX}/share/httpd/htdocs
144OWN_DIRS= ${VARBASE}/log/httpd 144OWN_DIRS= ${VARBASE}/log/httpd
145OWN_DIRS+= ${VARBASE}/db/httpd 145OWN_DIRS+= ${VARBASE}/db/httpd
146OWN_DIRS_PERMS+= ${VARBASE}/db/httpd/proxy ${APACHE_USER} ${APACHE_GROUP} 0755 146OWN_DIRS_PERMS+= ${VARBASE}/db/httpd/proxy ${APACHE_USER} ${APACHE_GROUP} 0755
147FIX_PERMS= apachectl apxs dbmmanage envvars-std mkcert 147FIX_PERMS= apachectl apxs dbmmanage envvars-std mkcert
148FIX_MAN_PERMS= man1/htdbm.1 man1/htpasswd.1 man1/htdigest.1 148FIX_MAN_PERMS= man1/htdbm.1 man1/htpasswd.1 man1/htdigest.1
149FIX_MAN_PERMS+= man1/dbmmanage.1 man8/httpd.8 man8/suexec.8 149FIX_MAN_PERMS+= man1/dbmmanage.1 man8/httpd.8 man8/suexec.8
150FIX_MAN_PERMS+= man8/rotatelogs.8 man8/logresolve.8 man8/apxs.8 150FIX_MAN_PERMS+= man8/rotatelogs.8 man8/logresolve.8 man8/apxs.8
151FIX_MAN_PERMS+= man8/apachectl.8 man8/ab.8 151FIX_MAN_PERMS+= man8/apachectl.8 man8/ab.8
152 152
153# Fix paths in the apache manpages. 153# Fix paths in the apache manpages.
154SUBST_CLASSES+= man 154SUBST_CLASSES+= man
155SUBST_STAGE.man= post-patch 155SUBST_STAGE.man= post-patch
156SUBST_FILES.man= docs/man/*.1 docs/man/*.8 156SUBST_FILES.man= docs/man/*.1 docs/man/*.8
157SUBST_SED.man= -e 's,/usr/local/etc/apache,${PKG_SYSCONFDIR},' 157SUBST_SED.man= -e 's,/usr/local/etc/apache,${PKG_SYSCONFDIR},'
158SUBST_SED.man+= -e 's,/path/to/apache/etc,${PKG_SYSCONFDIR},' 158SUBST_SED.man+= -e 's,/path/to/apache/etc,${PKG_SYSCONFDIR},'
159SUBST_SED.man+= -e 's,/usr/local/apache2,${PREFIX}/share/httpd/htdocs,' 159SUBST_SED.man+= -e 's,/usr/local/apache2,${PREFIX}/share/httpd/htdocs,'
160SUBST_SED.man+= -e 's,/usr/web,${PREFIX}/share/httpd/htdocs,' 160SUBST_SED.man+= -e 's,/usr/web,${PREFIX}/share/httpd/htdocs,'
161 161
162SUBST_CLASSES+= paths 162SUBST_CLASSES+= paths
163SUBST_STAGE.paths= pre-configure 163SUBST_STAGE.paths= pre-configure
164SUBST_FILES.paths= config.layout Makefile.in support/apxs.in 164SUBST_FILES.paths= config.layout Makefile.in support/apxs.in
165SUBST_SED.paths= -e "s|@PREFIX@|${PREFIX}|g" 165SUBST_SED.paths= -e "s|@PREFIX@|${PREFIX}|g"
166SUBST_SED.paths+= -e "s|@VARBASE@|${VARBASE}|g" 166SUBST_SED.paths+= -e "s|@VARBASE@|${VARBASE}|g"
167SUBST_SED.paths+= -e "s|@SYSCONFDIR@|${PKG_SYSCONFDIR}|g" 167SUBST_SED.paths+= -e "s|@SYSCONFDIR@|${PKG_SYSCONFDIR}|g"
168SUBST_SED.paths+= -e "s|@PAX@|${PAX}|g" 168SUBST_SED.paths+= -e "s|@PAX@|${PAX}|g"
169SUBST_SED.paths+= -e "s|@LOCALBASE@|${LOCALBASE}|g" 169SUBST_SED.paths+= -e "s|@LOCALBASE@|${LOCALBASE}|g"
170SUBST_MESSAGE.paths= Fixing paths. 170SUBST_MESSAGE.paths= Fixing paths.
171 171
172SUBST_CLASSES+= apr-lt 172SUBST_CLASSES+= apr-lt
173SUBST_STAGE.apr-lt= post-configure 173SUBST_STAGE.apr-lt= post-configure
174SUBST_FILES.apr-lt= build/config_vars.mk 174SUBST_FILES.apr-lt= build/config_vars.mk
175SUBST_SED.apr-lt= -e 's|^\(LIBTOOL =\) [^ ]*|\1 $$(SHELL) $$(top_builddir)/build/libtool|g' 175SUBST_SED.apr-lt= -e 's|^\(LIBTOOL =\) [^ ]*|\1 $$(SHELL) $$(top_builddir)/build/libtool|g'
176SUBST_MESSAGE.apr-lt= Fixing libtool references. 176SUBST_MESSAGE.apr-lt= Fixing libtool references.
177 177
178SUBST_CLASSES+= confs 178SUBST_CLASSES+= confs
179SUBST_STAGE.confs= post-configure 179SUBST_STAGE.confs= post-configure
180SUBST_MESSAGE.confs= Fixing configuration files. 180SUBST_MESSAGE.confs= Fixing configuration files.
181SUBST_FILES.confs= docs/conf/httpd.conf 181SUBST_FILES.confs= docs/conf/httpd.conf
182SUBST_FILES.confs+= docs/conf/extra/httpd-ssl.conf 182SUBST_FILES.confs+= docs/conf/extra/httpd-ssl.conf
183SUBST_SED.confs= -e "s|${EGDIR}|${PKG_SYSCONFDIR}|g" 183SUBST_SED.confs= -e "s|${EGDIR}|${PKG_SYSCONFDIR}|g"
184SUBST_SED.confs+= -e "s|${PREFIX}/htdocs|${PREFIX}/share/httpd/htdocs|g" 184SUBST_SED.confs+= -e "s|${PREFIX}/htdocs|${PREFIX}/share/httpd/htdocs|g"
185SUBST_SED.confs+= -e "s|${PREFIX}/conf|${PKG_SYSCONFDIR}|g" 185SUBST_SED.confs+= -e "s|${PREFIX}/conf|${PKG_SYSCONFDIR}|g"
186SUBST_SED.confs+= -e "s|logs/|${VARBASE}/log/httpd/|g" 186SUBST_SED.confs+= -e "s|logs/|${VARBASE}/log/httpd/|g"
187SUBST_SED.confs+= -e 's|/var/log/httpd/foo\.log|logs/foo.log/|g' 187SUBST_SED.confs+= -e 's|/var/log/httpd/foo\.log|logs/foo.log/|g'
188SUBST_SED.confs+= -e 's|^\(User[ ]\).*|\1${APACHE_USER}|g' 188SUBST_SED.confs+= -e 's|^\(User[ ]\).*|\1${APACHE_USER}|g'
189SUBST_SED.confs+= -e 's|^\(Group[ ]\).*|\1${APACHE_GROUP}|g' 189SUBST_SED.confs+= -e 's|^\(Group[ ]\).*|\1${APACHE_GROUP}|g'
190 190
191# abs_srcdir in config_vars.mk is used during install so needs to reference 191# abs_srcdir in config_vars.mk is used during install so needs to reference
192# the work dir path, and by other packages such as ap2-fastcgi after install, 192# the work dir path, and by other packages such as ap2-fastcgi after install,
193# so we fix after install to reference the installed path 193# so we fix after install to reference the installed path
194SUBST_CLASSES+= abs_srcdir 194SUBST_CLASSES+= abs_srcdir
195SUBST_STAGE.abs_srcdir= post-install 195SUBST_STAGE.abs_srcdir= post-install
196SUBST_FILES.abs_srcdir= ${DESTDIR}${PREFIX}/share/httpd/build/config_vars.mk 196SUBST_FILES.abs_srcdir= ${DESTDIR}${PREFIX}/share/httpd/build/config_vars.mk
197SUBST_SED.abs_srcdir= -e 's|^\(abs_srcdir =\) .*|\1 ${PREFIX}/share/httpd|' 197SUBST_SED.abs_srcdir= -e 's|^\(abs_srcdir =\) .*|\1 ${PREFIX}/share/httpd|'
198SUBST_MESSAGE.abs_srcdir= Fixing abs_srcdir 198SUBST_MESSAGE.abs_srcdir= Fixing abs_srcdir
199 199
200REPLACE_PERL= docs/cgi-examples/printenv 200REPLACE_PERL= docs/cgi-examples/printenv
201 201
202# Add dependencies for the modules that will be built. For each module 202# Add dependencies for the modules that will be built. For each module
203# ap_mod listed in ${APACHE_MODULES}, _AP_DEPENDS.ap_mod is a whitespace 203# ap_mod listed in ${APACHE_MODULES}, _AP_DEPENDS.ap_mod is a whitespace
204# separated list of dependencies or buildlink3.mk files needed to build 204# separated list of dependencies or buildlink3.mk files needed to build
205# ap_mod, and _AP_CFG_ARGS.ap_mod is a whitespace separated list of 205# ap_mod, and _AP_CFG_ARGS.ap_mod is a whitespace separated list of
206# configure script options for ap_mod. 206# configure script options for ap_mod.
207# 207#
208AP_DEPENDS.ssl= ../../security/openssl/buildlink3.mk 208AP_DEPENDS.ssl= ../../security/openssl/buildlink3.mk
209AP_DEPENDS.deflate= ../../devel/zlib/buildlink3.mk 209AP_DEPENDS.deflate= ../../devel/zlib/buildlink3.mk
210 210
211AP_CFG_ARGS.ssl= --with-ssl=${BUILDLINK_PREFIX.openssl} 211AP_CFG_ARGS.ssl= --with-ssl=${BUILDLINK_PREFIX.openssl}
212AP_CFG_ARGS.deflate= --with-z=${BUILDLINK_PREFIX.zlib} 212AP_CFG_ARGS.deflate= --with-z=${BUILDLINK_PREFIX.zlib}
213 213
214#.if ${APACHE_MODULES} == "all-shared" 214#.if ${APACHE_MODULES} == "all-shared"
215.if !empty(PKG_OPTIONS:Mapache-shared-modules) 215.if !empty(PKG_OPTIONS:Mapache-shared-modules)
216.include "${AP_DEPENDS.ssl}" 216.include "${AP_DEPENDS.ssl}"
217.include "${AP_DEPENDS.deflate}" 217.include "${AP_DEPENDS.deflate}"
218CONFIGURE_ARGS+= ${AP_CFG_ARGS.ssl} ${AP_CFG_ARGS.deflate} 218CONFIGURE_ARGS+= ${AP_CFG_ARGS.ssl} ${AP_CFG_ARGS.deflate}
219.else 219.else
220.for ap_mod in ${APACHE_MODULES} 220.for ap_mod in ${APACHE_MODULES}
221. if defined(AP_DEPENDS.${ap_mod}) && !empty(AP_DEPENDS.${ap_mod}) 221. if defined(AP_DEPENDS.${ap_mod}) && !empty(AP_DEPENDS.${ap_mod})
222. for ap_depend in ${AP_DEPENDS.${ap_mod}} 222. for ap_depend in ${AP_DEPENDS.${ap_mod}}
223. if exists(${ap_depend}) 223. if exists(${ap_depend})
224. include "${ap_depend}" 224. include "${ap_depend}"
225. else 225. else
226DEPENDS+= ${ap_depend} 226DEPENDS+= ${ap_depend}
227. endif 227. endif
228. endfor 228. endfor
229. endif 229. endif
230. if defined(AP_CFG_ARGS.${ap_mod}) && !empty(AP_CFG_ARGS.${ap_mod}) 230. if defined(AP_CFG_ARGS.${ap_mod}) && !empty(AP_CFG_ARGS.${ap_mod})
231CONFIGURE_ARGS+= ${AP_CFG_ARGS.${ap_mod}} 231CONFIGURE_ARGS+= ${AP_CFG_ARGS.${ap_mod}}
232. endif 232. endif
233.endfor 233.endfor
234.endif 234.endif
235 235
236post-extract: 236post-extract:
237 ${TOUCH} ${WRKSRC}/build/libtool 237 ${TOUCH} ${WRKSRC}/build/libtool
238 ${ECHO} "" >> ${WRKSRC}/docs/conf/extra/httpd-languages.conf.in 238 ${ECHO} "" >> ${WRKSRC}/docs/conf/extra/httpd-languages.conf.in
239 239
240post-build: 240post-build:
241 ${SED} "s#@PKG_SYSCONFDIR@#${PKG_SYSCONFDIR}#g" \ 241 ${SED} "s#@PKG_SYSCONFDIR@#${PKG_SYSCONFDIR}#g" \
242 < ${FILESDIR}/mkcert.sh > ${WRKDIR}/mkcert 242 < ${FILESDIR}/mkcert.sh > ${WRKDIR}/mkcert
243 243
244INSTALL_TARGET= install-conf install 244INSTALL_TARGET= install-conf install
245INSTALL_MAKE_FLAGS+= sysconfdir="${EGDIR}" 245INSTALL_MAKE_FLAGS+= sysconfdir="${EGDIR}"
246 246
247post-install: 247post-install:
248 ${LN} -sf ${LOCALBASE}/libexec/apr/libtool ${DESTDIR}${PREFIX}/share/httpd/build 248 ${LN} -sf ${LOCALBASE}/libexec/apr/libtool ${DESTDIR}${PREFIX}/share/httpd/build
249 cd ${DESTDIR}${EGDIR} && \ 249 cd ${DESTDIR}${EGDIR} && \
250 for file in \ 250 for file in \
251 httpd.conf \ 251 httpd.conf \
252 extra/httpd-ssl.conf; \ 252 extra/httpd-ssl.conf; \
253 do \ 253 do \
254 ${AWK} ' \ 254 ${AWK} ' \
255 /^Listen[ ]*80/ { \ 255 /^Listen[ ]*80/ { \
256 printf "%s", "Listen 0.0.0.0:80\n"; \ 256 printf "%s", "Listen 0.0.0.0:80\n"; \
257 next; \ 257 next; \
258 } \ 258 } \
259 /^Listen[ ]*443/ { \ 259 /^Listen[ ]*443/ { \
260 printf "%s", "Listen 0.0.0.0:443\n"; \ 260 printf "%s", "Listen 0.0.0.0:443\n"; \
261 next; \ 261 next; \
262 } \ 262 } \
263 { print; } \ 263 { print; } \
264 ' < "$${file}" >> $${file}.new; \ 264 ' < "$${file}" >> $${file}.new; \
265 ${MV} -f $${file}.new $${file}; \ 265 ${MV} -f $${file}.new $${file}; \
266 done 266 done
267 267
268 ${LN} -sf ${SBINDIR}/envvars-std ${DESTDIR}${SBINDIR}/envvars 268 ${LN} -sf ${SBINDIR}/envvars-std ${DESTDIR}${SBINDIR}/envvars
269 269
270 ${INSTALL_SCRIPT} ${WRKDIR}/mkcert ${DESTDIR}${PREFIX}/sbin 270 ${INSTALL_SCRIPT} ${WRKDIR}/mkcert ${DESTDIR}${PREFIX}/sbin
271 271
272 for file in ${FIX_PERMS}; do \ 272 for file in ${FIX_PERMS}; do \
273 ${CHOWN} ${BINOWN}:${BINGRP} ${DESTDIR}${PREFIX}/sbin/$$file && \ 273 ${CHOWN} ${BINOWN}:${BINGRP} ${DESTDIR}${PREFIX}/sbin/$$file && \
274 ${CHMOD} ${BINMODE} ${DESTDIR}${PREFIX}/sbin/$$file; \ 274 ${CHMOD} ${BINMODE} ${DESTDIR}${PREFIX}/sbin/$$file; \
275 done 275 done
276 276
277 ${CHOWN} -R ${BINOWN}:${BINGRP} ${DESTDIR}${PREFIX}/share/httpd 277 ${CHOWN} -R ${BINOWN}:${BINGRP} ${DESTDIR}${PREFIX}/share/httpd
278 ${CHOWN} -R ${BINOWN}:${BINGRP} ${DESTDIR}${PREFIX}/include/httpd 278 ${CHOWN} -R ${BINOWN}:${BINGRP} ${DESTDIR}${PREFIX}/include/httpd
279 ${CHOWN} -R ${BINOWN}:${BINGRP} ${DESTDIR}${PREFIX}/lib/httpd 279 ${CHOWN} -R ${BINOWN}:${BINGRP} ${DESTDIR}${PREFIX}/lib/httpd
280 ${CHOWN} ${BINOWN}:${BINGRP} ${DESTDIR}${PREFIX}/libexec/cgi-bin/test-cgi 280 ${CHOWN} ${BINOWN}:${BINGRP} ${DESTDIR}${PREFIX}/libexec/cgi-bin/test-cgi
281 ${CHOWN} ${BINOWN}:${BINGRP} ${DESTDIR}${PREFIX}/libexec/cgi-bin/printenv 281 ${CHOWN} ${BINOWN}:${BINGRP} ${DESTDIR}${PREFIX}/libexec/cgi-bin/printenv
282 282
283 for file in ${FIX_MAN_PERMS}; do \ 283 for file in ${FIX_MAN_PERMS}; do \
284 ${CHOWN} ${MANOWN}:${MANGRP} ${DESTDIR}${PREFIX}/${PKGMANDIR}/$$file; \ 284 ${CHOWN} ${MANOWN}:${MANGRP} ${DESTDIR}${PREFIX}/${PKGMANDIR}/$$file; \
285 done 285 done
286 286
287 ${CHMOD} -x ${DESTDIR}${PREFIX}/sbin/envvars-std 287 ${CHMOD} -x ${DESTDIR}${PREFIX}/sbin/envvars-std
288 ${TEST} ! -f ${DESTDIR}${PREFIX}/sbin/suexec || ${CHMOD} -w ${DESTDIR}${PREFIX}/sbin/suexec 288 ${TEST} ! -f ${DESTDIR}${PREFIX}/sbin/suexec || ${CHMOD} -w ${DESTDIR}${PREFIX}/sbin/suexec
289 289
290.include "../../mk/bsd.pkg.mk" 290.include "../../mk/bsd.pkg.mk"
File Added: pkgsrc/www/apache22/patches/Attic/patch-ab
$NetBSD: patch-ab,v 1.10.2.2 2009/05/23 07:12:45 spz Exp $

Patch for CVE-2009-1191 taken from the Apache SVN repository:
http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/proxy/mod_proxy_ajp.c?view=markup&pathrev=768506

--- modules/proxy/mod_proxy_ajp.c	2008/11/15 14:25:54	714273
+++ modules/proxy/mod_proxy_ajp.c	2009/04/25 09:58:52	768506
@@ -307,21 +307,17 @@
                          "proxy: read zero bytes, expecting"
                          " %" APR_OFF_T_FMT " bytes",
                          content_length);
-            status = ajp_send_data_msg(conn->sock, msg, 0);
-            if (status != APR_SUCCESS) {
-                /* We had a failure: Close connection to backend */
-                conn->close++;
-                ap_log_error(APLOG_MARK, APLOG_ERR, status, r->server,
-                            "proxy: send failed to %pI (%s)",
-                            conn->worker->cp->addr,
-                            conn->worker->hostname);
-                return HTTP_INTERNAL_SERVER_ERROR;
-            }
-            else {
-                /* Client send zero bytes with C-L > 0
-                 */
-                return HTTP_BAD_REQUEST;
-            }
+            /*
+             * We can only get here if the client closed the connection
+             * to us without sending the body.
+             * Now the connection is in the wrong state on the backend.
+             * Sending an empty data msg doesn't help either as it does
+             * not move this connection to the correct state on the backend
+             * for later resusage by the next request again.
+             * Close it to clean things up.
+             */
+            conn->close++;
+            return HTTP_BAD_REQUEST;
         }
     }