head 1.9; access; symbols pkgsrc-2013Q2:1.9.0.46 pkgsrc-2013Q2-base:1.9 pkgsrc-2012Q4:1.9.0.44 pkgsrc-2012Q4-base:1.9 pkgsrc-2011Q4:1.9.0.42 pkgsrc-2011Q4-base:1.9 pkgsrc-2011Q2:1.9.0.40 pkgsrc-2011Q2-base:1.9 TNF:1.1.1 pkgsrc-2009Q4:1.9.0.38 pkgsrc-2009Q4-base:1.9 pkgsrc-2008Q4:1.9.0.36 pkgsrc-2008Q4-base:1.9 pkgsrc-2008Q3:1.9.0.34 pkgsrc-2008Q3-base:1.9 cube-native-xorg:1.9.0.32 cube-native-xorg-base:1.9 pkgsrc-2008Q2:1.9.0.30 pkgsrc-2008Q2-base:1.9 pkgsrc-2008Q1:1.9.0.28 pkgsrc-2008Q1-base:1.9 pkgsrc-2007Q4:1.9.0.26 pkgsrc-2007Q4-base:1.9 pkgsrc-2007Q3:1.9.0.24 pkgsrc-2007Q3-base:1.9 pkgsrc-2007Q2:1.9.0.22 pkgsrc-2007Q2-base:1.9 pkgsrc-2007Q1:1.9.0.20 pkgsrc-2007Q1-base:1.9 pkgsrc-2006Q4:1.9.0.18 pkgsrc-2006Q4-base:1.9 pkgsrc-2006Q3:1.9.0.16 pkgsrc-2006Q3-base:1.9 pkgsrc-2006Q2:1.9.0.14 pkgsrc-2006Q2-base:1.9 pkgsrc-2006Q1:1.9.0.12 pkgsrc-2006Q1-base:1.9 pkgsrc-2005Q4:1.9.0.10 pkgsrc-2005Q4-base:1.9 pkgsrc-2005Q3:1.9.0.8 pkgsrc-2005Q3-base:1.9 pkgsrc-2005Q2:1.9.0.6 pkgsrc-2005Q2-base:1.9 pkgsrc-2005Q1:1.9.0.4 pkgsrc-2005Q1-base:1.9 pkgsrc-2004Q4:1.9.0.2 pkgsrc-2004Q4-base:1.9 pkgsrc-2004Q3:1.8.0.8 pkgsrc-2004Q3-base:1.8 pkgsrc-2004Q2:1.8.0.6 pkgsrc-2004Q2-base:1.8 pkgsrc-2004Q1:1.8.0.4 pkgsrc-2004Q1-base:1.8 pkgsrc-2003Q4:1.8.0.2 pkgsrc-2003Q4-base:1.8 netbsd-1-6-1:1.7.0.6 netbsd-1-6-1-base:1.7 netbsd-1-6:1.7.0.8 netbsd-1-6-RELEASE-base:1.7 pkgviews:1.7.0.4 pkgviews-base:1.7 buildlink2:1.7.0.2 buildlink2-base:1.7 netbsd-1-5-PATCH003:1.7 netbsd-1-5-PATCH001:1.4 netbsd-1-5-RELEASE:1.3 netbsd-1-4-PATCH003:1.3 netbsd-1-4-PATCH002:1.3 comdex-fall-1999:1.3 pkgsrc_www_apache_19990724:1.1.1.1; locks; strict; comment @# @; 1.9 date 2004.11.25.15.21.08; author wiz; state dead; branches; next 1.8; 1.8 date 2003.09.12.08.26.46; author itojun; state Exp; branches 1.8.8.1; next 1.7; 1.7 date 2002.01.01.06.22.55; author jlam; state Exp; branches; next 1.6; 1.6 date 2001.11.15.07.12.18; author jlam; state Exp; branches; next 1.5; 1.5 date 2001.10.17.07.47.53; author martti; state Exp; branches; next 1.4; 1.4 date 2001.02.06.10.58.18; author itojun; state Exp; branches; next 1.3; 1.3 date 99.09.01.07.41.03; author itojun; state Exp; branches; next 1.2; 1.2 date 99.07.23.18.19.30; author itojun; state Exp; branches; next 1.1; 1.1 date 99.07.23.17.53.30; author itojun; state Exp; branches 1.1.1.1; next ; 1.8.8.1 date 2004.11.27.16.51.06; author salo; state dead; branches; next ; 1.1.1.1 date 99.07.23.17.53.30; author itojun; state Exp; branches; next ; desc @@ 1.9 log @Forgot removing the patches when I removed the package. @ text @$NetBSD: patch-aa,v 1.8 2003/09/12 08:26:46 itojun Exp $ --- Makefile.tmpl.orig 2003-04-28 22:32:12.000000000 +0900 +++ Makefile.tmpl 2003-09-12 17:20:50.000000000 +0900 @@@@ -328,20 +328,7 @@@@ file=`echo $${mod} | sed -e 's;^.*/\([^/]*\);\1;'`; \ echo "$(INSTALL_DSO) $(TOP)/$(SRC)/$${mod} $(root)$(libexecdir)/$${file}"; \ $(INSTALL_DSO) $(TOP)/$(SRC)/$${mod} $(root)$(libexecdir)/$${file}; \ - name=`$(TOP)/$(AUX)/fmn.sh $(TOP)/$(SRC)/$${mod}`; \ - echo dummy | awk '{ printf("LoadModule %-18s %s\n", modname, modpath); }' \ - modname="$${name}" modpath="$(libexecdir_relative)$${file}" >>$(SRC)/.apaci.install.conf; \ done; \ - echo "" >>$(SRC)/.apaci.install.conf; \ - echo "# Reconstruction of the complete module list from all available modules" >>$(SRC)/.apaci.install.conf; \ - echo "# (static and shared ones) to achieve correct module execution order." >>$(SRC)/.apaci.install.conf; \ - echo "# [WHENEVER YOU CHANGE THE LOADMODULE SECTION ABOVE UPDATE THIS, TOO]" >>$(SRC)/.apaci.install.conf; \ - echo "ClearModuleList" >>$(SRC)/.apaci.install.conf; \ - egrep "^[ ]*(Add|Shared)Module" $(SRC)/Configuration.apaci |\ - sed -e 's:SharedModule:AddModule:' \ - -e 's:modules/[^/]*/::' \ - -e 's:[ ]lib: mod_:' \ - -e 's:\.[dsoam].*$$:.c:' >>$(SRC)/.apaci.install.conf; \ fi @@echo "<=== [programs]" @@@@ -459,7 +446,7 @@@@ # icons and distributed CGI scripts. install-data: @@echo "===> [data: Installing initial data files]" - -@@if [ -f $(root)$(htdocsdir)/index.html ] || [ -f $(root)$(htdocsdir)/index.html.en ]; then \ + -@@if false; then \ echo "[PRESERVING EXISTING DATA SUBDIR: $(root)$(htdocsdir)/]"; \ else \ echo "Copying tree $(TOP)/htdocs/ -> $(root)$(htdocsdir)/"; \ @@@@ -481,9 +468,10 @@@@ for script in printenv test-cgi; do \ cat $(TOP)/cgi-bin/$${script} |\ sed -e 's;^#!/.*perl;#!$(PERL);' \ + -e 's;LD_LIBRARY_PATH=.*;LD_LIBRARY_PATH=/usr/lib:$(prefix)/lib:/usr/local/lib;' \ > $(TOP)/$(SRC)/.apaci.install.tmp; \ - echo "$(INSTALL_DATA) $(TOP)/conf/$${script}[*] $(root)$(cgidir)/$${script}"; \ - $(INSTALL_DATA) $(TOP)/$(SRC)/.apaci.install.tmp $(root)$(cgidir)/$${script}; \ + echo "$(INSTALL_SCRIPT) $(TOP)/conf/$${script}[*] $(root)$(cgidir)/$${script}"; \ + $(INSTALL_SCRIPT) $(TOP)/$(SRC)/.apaci.install.tmp $(root)$(cgidir)/$${script}; \ done; \ fi @@echo "Copying tree $(TOP)/icons/ -> $(root)$(iconsdir)/"; \ @@@@ -497,7 +485,7 @@@@ # and initial config files while preserving existing ones. install-config: @@echo "===> [config: Installing Apache configuration files]" - -@@for conf in httpd.conf access.conf srm.conf; do \ + -@@for conf in httpd.conf; do \ if [ .$$conf = .httpd.conf ]; then \ target_conf="$(TARGET).conf"; \ else \ @ 1.8 log @upgrade to 1.3.28 + IPv6 patch. This version of Apache is principally a security and bug fix release. Of particular note is that 1.3.28 addresses and fixes the following issues: CAN-2003-0460 (cve.mitre.org) (rotatelogs bug), VU#379828 (infinite loop potential), and file descriptor leakage . @ text @d1 1 a1 1 $NetBSD$ @ 1.8.8.1 log @Pullup ticket 160 - requested by Thomas Klausner remove apache6 package removed from -current because of too many vulnerabilities and no newer version available (people are expected to switch to apache2). @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.8 2003/09/12 08:26:46 itojun Exp $ @ 1.7 log @Fix installation so that existing config files are preserved when building from source instead of installing from a binary package (problem noted in private email by George Coulouris . @ text @d3 2 a4 2 --- Makefile.tmpl.orig Sat Oct 6 18:01:09 2001 +++ Makefile.tmpl d22 1 a22 1 - -e 's:\.[soam].*$$:.c:' >>$(SRC)/.apaci.install.conf; \ d26 1 a26 1 @@@@ -457,7 +444,7 @@@@ d35 1 a35 1 @@@@ -479,9 +466,10 @@@@ d48 1 a48 1 @@@@ -495,7 +483,7 @@@@ @ 1.6 log @Fix installation when an old config file exists. @ text @d35 1 a35 8 @@@@ -473,15 +460,16 @@@@ find $(root)$(manualdir)/ -type d -exec chmod a+rx {} \; ; \ find $(root)$(manualdir)/ -type f -print | xargs chmod a+r ; \ fi - -@@if [ -f $(root)$(cgidir)/printenv ]; then \ + -@@if false; then \ echo "[PRESERVING EXISTING CGI SUBDIR: $(root)$(cgidir)/]"; \ else \ a55 18 else \ @@@@ -536,7 +524,7 @@@@ > $(TOP)/$(SRC)/.apaci.install.tmp && \ echo "$(INSTALL_DATA) $(TOP)/conf/$${conf}-dist[*] $(root)$(sysconfdir)/$${target_conf}.default"; \ $(INSTALL_DATA) $(TOP)/$(SRC)/.apaci.install.tmp $(root)$(sysconfdir)/$${target_conf}.default; \ - if [ ! -f "$(root)$(sysconfdir)/$${target_conf}" ]; then \ + if true; then \ echo "$(INSTALL_DATA) $(TOP)/conf/$${conf}-dist[*] $(root)$(sysconfdir)/$${target_conf}"; \ $(INSTALL_DATA) $(TOP)/$(SRC)/.apaci.install.tmp $(root)$(sysconfdir)/$${target_conf}; \ else \ @@@@ -546,7 +534,7 @@@@ -@@for conf in mime.types magic; do \ echo "$(INSTALL_DATA) $(TOP)/conf/$${conf} $(root)$(sysconfdir)/$${conf}.default"; \ $(INSTALL_DATA) $(TOP)/conf/$${conf} $(root)$(sysconfdir)/$${conf}.default; \ - if [ ! -f "$(root)$(sysconfdir)/$${conf}" ]; then \ + if true; then \ echo "$(INSTALL_DATA) $(TOP)/conf/$${conf} $(root)$(sysconfdir)/$${conf}"; \ $(INSTALL_DATA) $(TOP)/conf/$${conf} $(root)$(sysconfdir)/$${conf}; \ @ 1.5 log @- Updated to Apache 1.3.22 - Updated the IPv6 patch Apache 1.3.20 - 1.3.22 Major changes Security vulnerabilities * A vulnerability was found in the Win32 port of Apache 1.3.20. A client submitting a very long URI could cause a directory listing to be returned rather than the default index page. A 403 Forbidden will now be returned. CAN-2001-0729 * A vulnerability was found in the split-logfile support program. A request with a specially crafted Host: header could allow any file with a .log extension on the system to be written to. PR#7848 CAN-2001-0730 * A vulnerability was found when Multiviews are used to negotiate the directory index. In some configurations, requesting a URI with a QUERY_STRING of M=D could return a directory listing rather than the expected index page. CAN-2001-0731 The security issues above have been assigned standardized names, CAN- by the Common Vulnerabilities and Exposures project (cve.mitre.org) New features The main new features in 1.3.22 (compared to 1.3.20) are: * The user manual has been updated. As well as a number of small fixes these updates include new translations into French and Japanese, a guide to using Apache httpd on Cygwin, a lexicon of Apache error messages, updated TPF documentation, and a comprehensive guide to using log files * The user manual can now be moved out of the htdocs DocumentRoot during installation by invoking configure with the --manualdir= switch, to allow separation of on-line docs from regular contents. * The supplied icons are now also distributed in PNG format * A significant overhaul to the Apache Bench program, ab has taken place, as first reported in April. The new Apache Bench includes fixes, additional statistics, csv and gnuplot output, and some SSL support * New directives have been added to the mod_usertrack module, The first, CookieDomain, can be used to customise the Domain attribute. The patch to add the CookieDomain directive was first submitted over two years ago. Historically mod_usertrack has used the obsolete Netscape cookie syntax. The new CookieStyle directive allows use of the RFC2109 or RFC2965 syntax instead. PR#5023, PR#5920, PR#6140. * The server will now display a warning if line-end comments (#) are found in the configuration file. Not all directives are able to handle comments on the same line * A new directive, AcceptMutex, allows run-time configuration of the mutex type used for accept serialization, currently a compile-time only setting in 1.3. Since different types of mutex have different performance characteristics on different platforms, this directive will allow administrators to tune their Apache server more easily. The current list of possible methods is: uslock, pthread, sysvsem, fcntl, flock, os2sem, tpfcore, none. Not all platforms support all methods * mod_auth has been enhanced to allow access to a document to be controlled based on the owner of the file being served. Require file-owner will only allow files to be served where the authenticated username matches the user that owns the document. Require file-group works in a similar way checking that the group matches New features that relate to specific platforms: * A new directive, AcceptFilter, has been added to control BSD accept filters at run-time. This should make it easier to move server binaries across different BSD machines without requiring recompilation. Support for accept filters was first added to version 1.3.14, the functionality can postpone the requirement for a child process to handle a new connection until an HTTP request has arrived, therefore increasing the number of connections that a given number of child processes can handle * On Win32 mod_unique_id, mod_mime_magic, and the mod_vhost_alias modules are now enabled * The Cygwin port includes a number of fixes and updates. Cygwin support was first introduced in version 1.3.20 * On Windows 2000, the service display names can now be modified by the user (use the service control panel applet) * On Win32 a new option -W can be used to set up a dependency on another service, see win_service.html * The server will now take advantage of recent improvements to the TPF operating system which include an enhanced system fork and exec, updates to allow non-blocking file descriptors, and an update to shutdown processing Bugs fixed The following bugs were found in Apache 1.3.20 and have been fixed in Apache 1.3.22: * Under certain circumstances a child may crash due to a bug in mod_include. If a server uses an ErrorDocument for 404 (request not found) errors which points to a server-parsed HTML file which uses a section, then a request containing %2f will result in a segfault. The segfault is harmless and does not cause a security problem, but is being triggered by the recent IIS worm * The Multiviews functionality has been fixed to prevent mod_negotiation from serving any multiview variant that contains unknown filename extensions. PR#8130 * Apache will prefer installed version of the Expat library over the bundled version. This fixes conflicts when multiple copies of the Expat library get loaded (notably when using mod_perl and XML::Parsers::Expat) * UnsetEnv now works from the main body of a configuration file. PR#8254 * When used as a reverse proxy any headers set by other modules (such as mod_usertrack or mod_securid) now get passed on to the back-end server. PR#6055 * Server response headers can now be logged via the proxy. PR#7461 * mod_proxy will now pay attention to HTTP headers that specify the request is not to be cached. PR#5668 * When a client making a request via mod_proxy died unexpectedly, mod_proxy did not close its connection. PR#8090 * The CacheForceCompletion directive has been fixed PR#7383, PR#8067, PR#6585 * A memory leak has been fixed in the mod_mime_magic module * A Satisfy All option has been added to the default container designed to stop access to .htaccess files. Without this directive, these files could still be fetched if they were within the scope of a Satisfy Any directive. The following bugs relate to specific platforms: * A number of fixes for NetWare have been added. These include: enabling long file names in htpasswd and htdigest, protection against ill behaved modules, better handling of abnormal shutdowns, dealing with the limited stack space during server side includes, and recognising special filenames such as proxy:http:// correctly * A shutdown hang could occur on Solaris when using lots of piped TransferLogs and at least one piped ErrorLog * On EBCDIC platforms a bug in the proxy module stopped SSL proxying working * On Win32, mod_unique_id did not guarantee a unique ID due to threading * The Win32 Makefiles are now 100% compatible with the Microsoft Visual C++ compiler versions 5,6,7 @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.4 2001/02/06 10:58:18 itojun Exp $ d3 2 a4 2 --- Makefile.tmpl.orig Sat Oct 6 22:01:09 2001 +++ Makefile.tmpl Tue Oct 16 22:34:00 2001 d26 9 d63 18 @ 1.4 log @upgrade to 1.3.17 + IPv6 patch. pkgsrc directory is much more similar to pksrc/www/apache. see pkgsrc/www/apache changelog for full changelog. @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 3 --- Makefile.tmpl.orig Tue Jan 16 01:26:17 2001 +++ Makefile.tmpl Tue Feb 6 19:41:48 2001 @@@@ -326,20 +326,7 @@@@ d26 3 a28 3 @@@@ -464,15 +451,16 @@@@ find $(root)$(htdocsdir)/ -type d -exec chmod a+rx {} \; ; \ find $(root)$(htdocsdir)/ -type f -exec chmod a+r {} \; ; \ d32 1 a32 1 echo "[PRESERVING EXISTING DATA SUBDIR: $(root)$(cgidir)/]"; \ d46 1 a46 1 @@@@ -486,7 +474,7 @@@@ @ 1.3 log @upgrade apache original version to 1.3.9. use latest IPv6 patch from ftp://ftp.kame.net/pub/kame/misc/. fixes PR: 8307 @ text @d3 24 a26 3 --- Makefile.tmpl.orig Thu Aug 12 23:58:18 1999 +++ Makefile.tmpl Wed Sep 1 00:08:27 1999 @@@@ -450,12 +450,13 @@@@ d39 8 a46 3 echo "$(INSTALL_DATA) $(TOP)/conf/$${script}[*] $(root)$(cgidir)/$${script}"; \ $(INSTALL_DATA) $(TOP)/$(SRC)/.apaci.install.tmp $(root)$(cgidir)/$${script}; \ @@@@ -472,7 +473,7 @@@@ @ 1.2 log @provide and enable IPv6-ready apache. This is provided as separate package because: # This package does not compile in mod_ssl support hooks, as it conflicts # with IPv6 enable patch. # IPv6 enable patch conflicts with third-party modules anyway, due to # sanity fixes in apache module API (for example, avoid u_long for IPv4 addrs) @ text @d3 3 a5 12 --- Makefile.tmpl.orig Mon Mar 15 16:38:46 1999 +++ Makefile.tmpl Fri Jul 23 10:07:16 1999 @@@@ -114,7 +114,7 @@@@ datadir = @@datadir@@ iconsdir = $(datadir)/icons htdocsdir = $(datadir)/htdocs -cgidir = $(datadir)/cgi-bin +cgidir = $(prefix)/libexec/cgi-bin includedir = @@includedir@@ localstatedir = @@localstatedir@@ runtimedir = @@runtimedir@@ @@@@ -388,12 +388,13 @@@@ d20 1 a20 1 @@@@ -410,7 +411,7 @@@@ @ 1.1 log @Initial revision @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.10 1999/05/07 13:46:43 tv Exp $ d3 2 a4 2 --- Makefile.tmpl.orig Fri May 7 09:49:05 1999 +++ Makefile.tmpl Fri May 7 09:52:16 1999 d14 1 a14 36 @@@@ -344,34 +344,6 @@@@ file=`echo $${mod} | sed -e 's;^.*/\([^/]*\);\1;'`; \ echo "$(INSTALL_DSO) $(TOP)/$(SRC)/$${mod} $(root)$(libexecdir)/$${file}"; \ $(INSTALL_DSO) $(TOP)/$(SRC)/$${mod} $(root)$(libexecdir)/$${file}; \ - name=`$(TOP)/$(AUX)/fmn.sh $(TOP)/$(SRC)/$${mod}`; \ - if [ ".$$name" = .ssl_module ]; then \ - echo "" >>$(SRC)/.apaci.install.conf; \ - fi; \ - echo dummy | awk '{ printf("LoadModule %-18s %s\n", modname, modpath); }' \ - modname="$${name}" modpath="$(libexecdir_relative)$${file}" >>$(SRC)/.apaci.install.conf; \ - if [ ".$$name" = .ssl_module ]; then \ - echo "" >>$(SRC)/.apaci.install.conf; \ - fi; \ - done; \ - echo "" >>$(SRC)/.apaci.install.conf; \ - echo "# Reconstruction of the complete module list from all available modules" >>$(SRC)/.apaci.install.conf; \ - echo "# (static and shared ones) to achieve correct module execution order." >>$(SRC)/.apaci.install.conf; \ - echo "# [WHENEVER YOU CHANGE THE LOADMODULE SECTION ABOVE UPDATE THIS, TOO]" >>$(SRC)/.apaci.install.conf; \ - echo "ClearModuleList" >>$(SRC)/.apaci.install.conf; \ - for mod in `egrep "^[ ]*(Add|Shared)Module" $(SRC)/Configuration.apaci |\ - sed -e 's:[ ]*SharedModule::' \ - -e 's:[ ]*AddModule::' \ - -e 's:modules/[^/]*/::' \ - -e 's:[ ]lib: mod_:' \ - -e 's:\.[soam]*$$:.c:'`; do \ - if [ ".$$mod" = .mod_ssl.c ]; then \ - echo "" >>$(SRC)/.apaci.install.conf; \ - fi; \ - echo "AddModule $$mod" >>$(SRC)/.apaci.install.conf; \ - if [ ".$$mod" = .mod_ssl.c ]; then \ - echo "" >>$(SRC)/.apaci.install.conf; \ - fi; \ done; \ fi @@echo "<=== [programs]" @@@@ -453,12 +425,13 @@@@ d29 1 a29 1 @@@@ -475,7 +448,7 @@@@ @ 1.1.1.1 log @import pkgsrc/www/apache into pkgsrc/www/apache6, to make a IPv6-ready version of apache package. @ text @@