Update to 2.4.17, and provide modules.sample / modules directories
for use with a pending diff for PHP to install the conf fragment in
the right place (as already done for apache-httpd-openbsd).
Amongst other changes, this adds http2 support.
Working for me here (only lightly tested though)... any comments? OK?
Index: Makefile
===================================================================
RCS file: /cvs/ports/www/apache-httpd/Makefile,v
retrieving revision 1.68
diff -u -p -r1.68 Makefile
--- Makefile 24 Oct 2015 12:17:50 -0000 1.68
+++ Makefile 26 Oct 2015 12:38:40 -0000
@@ -3,15 +3,13 @@
COMMENT-main= apache HTTP server
COMMENT-common= shared files for Apache 1 and 2
-V= 2.4.16
+V= 2.4.17
DISTNAME= httpd-${V}
PKGNAME= apache-httpd-${V}
PKGNAME-main= ${PKGNAME}
FULLPKGNAME-common= apache-httpd-common-${V}
FULLPKGPATH-common= www/apache-httpd,-common
-
-REVISION-main= 5
CATEGORIES= www net
Index: distinfo
===================================================================
RCS file: /cvs/ports/www/apache-httpd/distinfo,v
retrieving revision 1.19
diff -u -p -r1.19 distinfo
--- distinfo 18 Jul 2015 00:55:09 -0000 1.19
+++ distinfo 26 Oct 2015 12:38:40 -0000
@@ -1,2 +1,2 @@
-SHA256 (httpd-2.4.16.tar.gz) = L8GAF4AZRM/P3naiTxbBJ2yGbCpuUS7olfVmvvk2j64=
-SIZE (httpd-2.4.16.tar.gz) = 6899517
+SHA256 (httpd-2.4.17.tar.gz) = uM0pVJDI0qDMAjfjstiEE27KoXOY0WMbJDPON7eawzM=
+SIZE (httpd-2.4.17.tar.gz) = 7013365
Index: patches/patch-configure
===================================================================
RCS file: /cvs/ports/www/apache-httpd/patches/patch-configure,v
retrieving revision 1.11
diff -u -p -r1.11 patch-configure
--- patches/patch-configure 15 May 2015 08:08:04 -0000 1.11
+++ patches/patch-configure 26 Oct 2015 12:38:40 -0000
@@ -1,7 +1,7 @@
$OpenBSD: patch-configure,v 1.11 2015/05/15 08:08:04 stsp Exp $
---- configure.orig Tue Jul 15 19:15:03 2014
-+++ configure Sat Jan 10 14:33:24 2015
-@@ -3397,7 +3397,7 @@ do
+--- configure.orig Fri Oct 9 18:32:07 2015
++++ configure Mon Oct 26 12:26:50 2015
+@@ -3414,7 +3414,7 @@ do
ap_last="${ap_cur}"
ap_cur=`eval "echo ${ap_cur}"`
done
@@ -10,7 +10,7 @@ $OpenBSD: patch-configure,v 1.11 2015/05
APACHE_VAR_SUBST="$APACHE_VAR_SUBST exp_sysconfdir"
-@@ -4603,7 +4603,7 @@ APR_INCLUDEDIR=`$apr_config --includedir`
+@@ -4620,7 +4620,7 @@ APR_INCLUDEDIR=`$apr_config --includedir`
APR_INCLUDES=`$apr_config --includes`
APR_VERSION=`$apr_config --version`
apr_major_version=`echo ${APR_VERSION} | sed 's,\..*,,'`
Index: patches/patch-docs_conf_httpd_conf_in
===================================================================
RCS file: /cvs/ports/www/apache-httpd/patches/patch-docs_conf_httpd_conf_in,v
retrieving revision 1.4
diff -u -p -r1.4 patch-docs_conf_httpd_conf_in
--- patches/patch-docs_conf_httpd_conf_in 15 May 2015 08:08:04 -0000
1.4
+++ patches/patch-docs_conf_httpd_conf_in 26 Oct 2015 12:38:40 -0000
@@ -1,6 +1,6 @@
$OpenBSD: patch-docs_conf_httpd_conf_in,v 1.4 2015/05/15 08:08:04 stsp Exp $
---- docs/conf/httpd.conf.in.orig Thu Nov 8 04:05:38 2012
-+++ docs/conf/httpd.conf.in Sat Jan 10 15:10:12 2015
+--- docs/conf/httpd.conf.in.orig Thu Oct 8 13:55:53 2015
++++ docs/conf/httpd.conf.in Mon Oct 26 12:28:59 2015
@@ -74,8 +74,8 @@ Listen @@Port@@
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
@@ -12,3 +12,9 @@ $OpenBSD: patch-docs_conf_httpd_conf_in,
</IfModule>
+@@ -418,3 +418,5 @@ SSLRandomSeed connect builtin
+ #RequestHeader unset DNT env=bad_DNT
+ #</IfModule>
+
++# Include extra module configuration files
++Include @rel_sysconfdir@/modules/*.conf
Index: patches/patch-modules_ssl_mod_ssl_c
===================================================================
RCS file: patches/patch-modules_ssl_mod_ssl_c
diff -N patches/patch-modules_ssl_mod_ssl_c
--- patches/patch-modules_ssl_mod_ssl_c 13 Sep 2015 12:31:45 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,25 +0,0 @@
-$OpenBSD: patch-modules_ssl_mod_ssl_c,v 1.1 2015/09/13 12:31:45 sthen Exp $
-
-https://bz.apache.org/bugzilla/attachment.cgi?id=33101
-https://bz.apache.org/bugzilla/show_bug.cgi?id=58349
-
---- modules/ssl/mod_ssl.c.orig Sat May 23 13:13:21 2015
-+++ modules/ssl/mod_ssl.c Sun Sep 13 14:00:17 2015
-@@ -125,10 +125,15 @@ static const command_rec ssl_config_cmds[] = {
- SSL_CMD_SRV(SessionCacheTimeout, TAKE1,
- "SSL Session Cache object lifetime "
- "('N' - number of seconds)")
-+#ifdef OPENSSL_NO_SSL3
-+#define SSLv3_PROTO_PREFIX ""
-+#else
-+#define SSLv3_PROTO_PREFIX "SSLv3|"
-+#endif
- #ifdef HAVE_TLSV1_X
--#define SSL_PROTOCOLS "SSLv3|TLSv1|TLSv1.1|TLSv1.2"
-+#define SSL_PROTOCOLS SSLv3_PROTO_PREFIX "TLSv1|TLSv1.1|TLSv1.2"
- #else
--#define SSL_PROTOCOLS "SSLv3|TLSv1"
-+#define SSL_PROTOCOLS SSLv3_PROTO_PREFIX "TLSv1"
- #endif
- SSL_CMD_SRV(Protocol, RAW_ARGS,
- "Enable or disable various SSL protocols "
Index: patches/patch-modules_ssl_ssl_engine_config_c
===================================================================
RCS file: patches/patch-modules_ssl_ssl_engine_config_c
diff -N patches/patch-modules_ssl_ssl_engine_config_c
--- patches/patch-modules_ssl_ssl_engine_config_c 13 Sep 2015 12:31:46
-0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,23 +0,0 @@
-$OpenBSD: patch-modules_ssl_ssl_engine_config_c,v 1.1 2015/09/13 12:31:46
sthen Exp $
-
-https://bz.apache.org/bugzilla/attachment.cgi?id=33101
-https://bz.apache.org/bugzilla/show_bug.cgi?id=58349
-
---- modules/ssl/ssl_engine_config.c.orig Tue Jun 16 19:21:09 2015
-+++ modules/ssl/ssl_engine_config.c Sun Sep 13 14:00:17 2015
-@@ -1343,7 +1343,15 @@ static const char *ssl_cmd_protocol_parse(cmd_parms *p
- }
- }
- else if (strcEQ(w, "SSLv3")) {
-+#ifdef OPENSSL_NO_SSL3
-+ if (action != '-') {
-+ return "SSLv3 not supported by this version of OpenSSL";
-+ }
-+ /* Nothing to do, the flag is not present to be toggled */
-+ continue;
-+#else
- thisopt = SSL_PROTOCOL_SSLV3;
-+#endif
- }
- else if (strcEQ(w, "TLSv1")) {
- thisopt = SSL_PROTOCOL_TLSV1;
Index: patches/patch-modules_ssl_ssl_engine_init_c
===================================================================
RCS file: patches/patch-modules_ssl_ssl_engine_init_c
diff -N patches/patch-modules_ssl_ssl_engine_init_c
--- patches/patch-modules_ssl_ssl_engine_init_c 13 Sep 2015 12:31:46 -0000
1.7
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,46 +0,0 @@
-$OpenBSD: patch-modules_ssl_ssl_engine_init_c,v 1.7 2015/09/13 12:31:46 sthen
Exp $
-
-https://bz.apache.org/bugzilla/attachment.cgi?id=33101
-https://bz.apache.org/bugzilla/show_bug.cgi?id=58349
-
---- modules/ssl/ssl_engine_init.c.orig Wed May 27 18:33:10 2015
-+++ modules/ssl/ssl_engine_init.c Sun Sep 13 14:06:45 2015
-@@ -471,7 +471,9 @@ static apr_status_t ssl_init_ctx_protocol(server_rec *
- }
-
- cp = apr_pstrcat(p,
-+#ifndef OPENSSL_NO_SSL3
- (protocol & SSL_PROTOCOL_SSLV3 ? "SSLv3, " : ""),
-+#endif
- (protocol & SSL_PROTOCOL_TLSV1 ? "TLSv1, " : ""),
- #ifdef HAVE_TLSV1_X
- (protocol & SSL_PROTOCOL_TLSV1_1 ? "TLSv1.1, " : ""),
-@@ -483,12 +485,15 @@ static apr_status_t ssl_init_ctx_protocol(server_rec *
- ap_log_error(APLOG_MARK, APLOG_TRACE3, 0, s,
- "Creating new SSL context (protocols: %s)", cp);
-
-+#ifndef OPENSSL_NO_SSL3
- if (protocol == SSL_PROTOCOL_SSLV3) {
- method = mctx->pkp ?
- SSLv3_client_method() : /* proxy */
- SSLv3_server_method(); /* server */
- }
-- else if (protocol == SSL_PROTOCOL_TLSV1) {
-+ else
-+#endif
-+ if (protocol == SSL_PROTOCOL_TLSV1) {
- method = mctx->pkp ?
- TLSv1_client_method() : /* proxy */
- TLSv1_server_method(); /* server */
-@@ -519,9 +524,11 @@ static apr_status_t ssl_init_ctx_protocol(server_rec *
- /* always disable SSLv2, as per RFC 6176 */
- SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
-
-+#ifndef OPENSSL_NO_SSL3
- if (!(protocol & SSL_PROTOCOL_SSLV3)) {
- SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv3);
- }
-+#endif
-
- if (!(protocol & SSL_PROTOCOL_TLSV1)) {
- SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1);
Index: patches/patch-modules_ssl_ssl_engine_io_c
===================================================================
RCS file: patches/patch-modules_ssl_ssl_engine_io_c
diff -N patches/patch-modules_ssl_ssl_engine_io_c
--- patches/patch-modules_ssl_ssl_engine_io_c 13 Sep 2015 12:31:46 -0000
1.3
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,17 +0,0 @@
-$OpenBSD: patch-modules_ssl_ssl_engine_io_c,v 1.3 2015/09/13 12:31:46 sthen
Exp $
-
-https://bz.apache.org/bugzilla/attachment.cgi?id=33101
-https://bz.apache.org/bugzilla/show_bug.cgi?id=58349
-
---- modules/ssl/ssl_engine_io.c.orig Fri May 29 22:07:15 2015
-+++ modules/ssl/ssl_engine_io.c Sun Sep 13 14:00:17 2015
-@@ -1077,7 +1077,9 @@ static apr_status_t ssl_io_filter_handshake(ssl_filter
- * IPv4 and IPv6 addresses are not permitted".)
- */
- if (hostname_note &&
-+#ifndef OPENSSL_NO_SSL3
- sc->proxy->protocol != SSL_PROTOCOL_SSLV3 &&
-+#endif
- apr_ipsubnet_create(&ip, hostname_note, NULL,
- c->pool) != APR_SUCCESS) {
- if (SSL_set_tlsext_host_name(filter_ctx->pssl, hostname_note)) {
Index: patches/patch-modules_ssl_ssl_private_h
===================================================================
RCS file: patches/patch-modules_ssl_ssl_private_h
diff -N patches/patch-modules_ssl_ssl_private_h
--- patches/patch-modules_ssl_ssl_private_h 13 Sep 2015 12:31:46 -0000
1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,33 +0,0 @@
-$OpenBSD: patch-modules_ssl_ssl_private_h,v 1.1 2015/09/13 12:31:46 sthen Exp $
-
-https://bz.apache.org/bugzilla/attachment.cgi?id=33101
-https://bz.apache.org/bugzilla/show_bug.cgi?id=58349
-
---- modules/ssl/ssl_private.h.orig Sat May 23 13:13:21 2015
-+++ modules/ssl/ssl_private.h Sun Sep 13 14:00:17 2015
-@@ -292,16 +292,22 @@ typedef int ssl_opt_t;
- * Define the SSL Protocol options
- */
- #define SSL_PROTOCOL_NONE (0)
--#define SSL_PROTOCOL_SSLV2 (1<<0)
-+#ifndef OPENSSL_NO_SSL3
- #define SSL_PROTOCOL_SSLV3 (1<<1)
-+#endif
- #define SSL_PROTOCOL_TLSV1 (1<<2)
-+#ifndef OPENSSL_NO_SSL3
-+#define SSL_PROTOCOL_BASIC SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1
-+#else
-+#define SSL_PROTOCOL_BASIC SSL_PROTOCOL_TLSV1
-+#endif
- #ifdef HAVE_TLSV1_X
- #define SSL_PROTOCOL_TLSV1_1 (1<<3)
- #define SSL_PROTOCOL_TLSV1_2 (1<<4)
--#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1| \
-+#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_BASIC| \
- SSL_PROTOCOL_TLSV1_1|SSL_PROTOCOL_TLSV1_2)
- #else
--#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1)
-+#define SSL_PROTOCOL_ALL (SSL_PROTOCOL_BASIC)
- #endif
- typedef int ssl_proto_t;
-
Index: patches/patch-support_ab_c
===================================================================
RCS file: patches/patch-support_ab_c
diff -N patches/patch-support_ab_c
--- patches/patch-support_ab_c 13 Sep 2015 12:31:46 -0000 1.2
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,40 +0,0 @@
-$OpenBSD: patch-support_ab_c,v 1.2 2015/09/13 12:31:46 sthen Exp $
-
-https://bz.apache.org/bugzilla/attachment.cgi?id=33101
-https://bz.apache.org/bugzilla/show_bug.cgi?id=58349
-
---- support/ab.c.orig Mon Mar 2 20:31:16 2015
-+++ support/ab.c Sun Sep 13 14:00:17 2015
-@@ -1961,6 +1961,12 @@ static void usage(const char *progname)
- #define SSL2_HELP_MSG ""
- #endif
-
-+#ifndef OPENSSL_NO_SSL3
-+#define SSL3_HELP_MSG "SSL3, "
-+#else
-+#define SSL3_HELP_MSG ""
-+#endif
-+
- #ifdef HAVE_TLSV1_X
- #define TLS1_X_HELP_MSG ", TLS1.1, TLS1.2"
- #else
-@@ -1969,7 +1975,7 @@ static void usage(const char *progname)
-
- fprintf(stderr, " -Z ciphersuite Specify SSL/TLS cipher suite (See
openssl ciphers)\n");
- fprintf(stderr, " -f protocol Specify SSL/TLS protocol\n");
-- fprintf(stderr, " (" SSL2_HELP_MSG "SSL3, TLS1"
TLS1_X_HELP_MSG " or ALL)\n");
-+ fprintf(stderr, " (" SSL2_HELP_MSG SSL3_HELP_MSG
"TLS1" TLS1_X_HELP_MSG " or ALL)\n");
- #endif
- exit(EINVAL);
- }
-@@ -2314,8 +2320,10 @@ int main(int argc, const char * const argv[])
- } else if (strncasecmp(opt_arg, "SSL2", 4) == 0) {
- meth = SSLv2_client_method();
- #endif
-+#ifndef OPENSSL_NO_SSL3
- } else if (strncasecmp(opt_arg, "SSL3", 4) == 0) {
- meth = SSLv3_client_method();
-+#endif
- #ifdef HAVE_TLSV1_X
- } else if (strncasecmp(opt_arg, "TLS1.1", 6) == 0) {
- meth = TLSv1_1_client_method();
Index: pkg/PLIST-main
===================================================================
RCS file: /cvs/ports/www/apache-httpd/pkg/PLIST-main,v
retrieving revision 1.7
diff -u -p -r1.7 PLIST-main
--- pkg/PLIST-main 24 Oct 2015 12:17:50 -0000 1.7
+++ pkg/PLIST-main 26 Oct 2015 12:38:40 -0000
@@ -718,6 +718,8 @@ share/doc/apache2/mod/mod_heartbeat.html
share/doc/apache2/mod/mod_heartmonitor.html
share/doc/apache2/mod/mod_heartmonitor.html.en
share/doc/apache2/mod/mod_heartmonitor.html.fr
+share/doc/apache2/mod/mod_http2.html
+share/doc/apache2/mod/mod_http2.html.en
share/doc/apache2/mod/mod_ident.html
share/doc/apache2/mod/mod_ident.html.en
share/doc/apache2/mod/mod_ident.html.fr
@@ -1355,6 +1357,8 @@ share/examples/apache2/conf/magic
@sample ${CONFDIR}/magic
share/examples/apache2/conf/mime.types
@sample ${CONFDIR}/mime.types
+@sample ${CONFDIR}/modules/
+@sample ${CONFDIR}/modules.sample/
share/examples/apache2/conf/original/
share/examples/apache2/conf/original/extra/
share/examples/apache2/conf/original/extra/httpd-autoindex.conf
