head 1.9; access; symbols pkgsrc-2014Q1:1.8.0.28 pkgsrc-2014Q1-base:1.8 pkgsrc-2013Q4:1.8.0.26 pkgsrc-2013Q4-base:1.8 pkgsrc-2013Q3:1.8.0.24 pkgsrc-2013Q3-base:1.8 pkgsrc-2013Q2:1.8.0.22 pkgsrc-2013Q2-base:1.8 pkgsrc-2013Q1:1.8.0.20 pkgsrc-2013Q1-base:1.8 pkgsrc-2012Q4:1.8.0.18 pkgsrc-2012Q4-base:1.8 pkgsrc-2012Q3:1.8.0.16 pkgsrc-2012Q3-base:1.8 pkgsrc-2012Q2:1.8.0.14 pkgsrc-2012Q2-base:1.8 pkgsrc-2012Q1:1.8.0.12 pkgsrc-2012Q1-base:1.8 pkgsrc-2011Q4:1.8.0.10 pkgsrc-2011Q4-base:1.8 pkgsrc-2011Q3:1.8.0.8 pkgsrc-2011Q3-base:1.8 pkgsrc-2011Q2:1.8.0.6 pkgsrc-2011Q2-base:1.8 pkgsrc-2011Q1:1.8.0.4 pkgsrc-2011Q1-base:1.8 pkgsrc-2010Q4:1.8.0.2 pkgsrc-2010Q4-base:1.8 pkgsrc-2010Q3:1.7.0.8 pkgsrc-2010Q3-base:1.7 pkgsrc-2010Q2:1.7.0.6 pkgsrc-2010Q2-base:1.7 pkgsrc-2010Q1:1.7.0.4 pkgsrc-2010Q1-base:1.7 pkgsrc-2009Q4:1.7.0.2 pkgsrc-2009Q4-base:1.7 pkgsrc-2009Q3:1.6.0.36 pkgsrc-2009Q3-base:1.6 pkgsrc-2009Q2:1.6.0.34 pkgsrc-2009Q2-base:1.6 pkgsrc-2009Q1:1.6.0.32 pkgsrc-2009Q1-base:1.6 pkgsrc-2008Q4:1.6.0.30 pkgsrc-2008Q4-base:1.6 pkgsrc-2008Q3:1.6.0.28 pkgsrc-2008Q3-base:1.6 cube-native-xorg:1.6.0.26 cube-native-xorg-base:1.6 pkgsrc-2008Q2:1.6.0.24 pkgsrc-2008Q2-base:1.6 cwrapper:1.6.0.22 pkgsrc-2008Q1:1.6.0.20 pkgsrc-2008Q1-base:1.6 pkgsrc-2007Q4:1.6.0.18 pkgsrc-2007Q4-base:1.6 pkgsrc-2007Q3:1.6.0.16 pkgsrc-2007Q3-base:1.6 pkgsrc-2007Q2:1.6.0.14 pkgsrc-2007Q2-base:1.6 pkgsrc-2007Q1:1.6.0.12 pkgsrc-2007Q1-base:1.6 pkgsrc-2006Q4:1.6.0.10 pkgsrc-2006Q4-base:1.6 pkgsrc-2006Q3:1.6.0.8 pkgsrc-2006Q3-base:1.6 pkgsrc-2006Q2:1.6.0.6 pkgsrc-2006Q2-base:1.6 pkgsrc-2006Q1:1.6.0.4 pkgsrc-2006Q1-base:1.6 pkgsrc-2005Q4:1.6.0.2 pkgsrc-2005Q4-base:1.6 pkgsrc-2005Q3:1.5.0.4 pkgsrc-2005Q3-base:1.5 pkgsrc-2005Q2:1.5.0.2 pkgsrc-2005Q2-base:1.5 pkgsrc-2005Q1:1.4.0.2 pkgsrc-2005Q1-base:1.4 pkgsrc-2004Q4:1.3.0.10 pkgsrc-2004Q4-base:1.3 pkgsrc-2004Q3:1.3.0.8 pkgsrc-2004Q3-base:1.3 pkgsrc-2004Q2:1.3.0.6 pkgsrc-2004Q2-base:1.3 pkgsrc-2004Q1:1.3.0.4 pkgsrc-2004Q1-base:1.3 pkgsrc-2003Q4:1.3.0.2 pkgsrc-2003Q4-base:1.3 buildlink2-base:1.3 netbsd-1-5-PATCH003:1.2 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.9 date 2014.06.10.15.22.18; author joerg; state dead; branches; next 1.8; commitid djgMkPoOrhNxnZDx; 1.8 date 2010.11.01.18.03.04; author adam; state Exp; branches; next 1.7; 1.7 date 2009.11.27.13.28.11; author joerg; state Exp; branches; next 1.6; 1.6 date 2005.10.17.10.37.11; author tron; state Exp; branches; next 1.5; 1.5 date 2005.04.25.09.13.14; author adam; state Exp; branches 1.5.4.1; next 1.4; 1.4 date 2005.01.03.01.04.26; author minskim; state Exp; branches; next 1.3; 1.3 date 2002.04.13.21.35.52; author jlam; state dead; branches; next 1.2; 1.2 date 2002.03.05.23.56.24; author jlam; state Exp; branches; next 1.1; 1.1 date 2002.03.05.23.24.07; author jlam; state Exp; branches 1.1.1.1; next ; 1.5.4.1 date 2005.10.18.21.21.27; author seb; state Exp; branches; next ; 1.1.1.1 date 2002.03.05.23.24.07; author jlam; state Exp; branches; next ; desc @@ 1.9 log @Retire Apache 1.3 and 2.0. @ text @$NetBSD: patch-ac,v 1.8 2010/11/01 18:03:04 adam Exp $ --- configure.orig 2010-10-14 18:00:29.000000000 +0000 +++ configure @@@@ -5384,7 +5384,7 @@@@ case $host in LTCFLAGS="-prefer-non-pic -static" ;; *) - SH_LIBTOOL='$(SHELL) $(top_builddir)/shlibtool $(LTFLAGS)' + SH_LIBTOOL='shlibtool' SHLTCFLAGS="" LTCFLAGS="" ;; @@@@ -18868,7 +18868,6 @@@@ cat >>confdefs.h <<_ACEOF _ACEOF -perlbin=`$ac_aux_dir/PrintPath perl` if test "x$perlbin" = "x"; then perlbin="/replace/with/path/to/perl/interpreter" fi @ 1.8 log @Changes 2.0.64: * SECURITY: CVE-2010-1452 (cve.mitre.org) mod_dav: Fix Handling of requests without a path segment. * SECURITY: CVE-2009-1891 (cve.mitre.org) Fix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects. * SECURITY: CVE-2009-3095 (cve.mitre.org) mod_proxy_ftp: sanity check authn credentials. * SECURITY: CVE-2009-3094 (cve.mitre.org) mod_proxy_ftp: NULL pointer dereference on error paths. * SECURITY: CVE-2009-3555 (cve.mitre.org) mod_ssl: Comprehensive fix of the TLS renegotiation prefix injection attack when compiled against OpenSSL version 0.9.8m or later. Introduces the 'SSLInsecureRenegotiation' directive to reopen this vulnerability and offer unsafe legacy renegotiation with clients which do not yet support the new secure renegotiation protocol, RFC 5746. * SECURITY: CVE-2009-3555 (cve.mitre.org) mod_ssl: A partial fix for the TLS renegotiation prefix injection attack for OpenSSL versions prior to 0.9.8l; reject any client-initiated renegotiations. Forcibly disable keepalive for the connection if there is any buffered data readable. Any configuration which requires renegotiation for per-directory/location access control is still vulnerable, unless using openssl 0.9.8l or later. * SECURITY: CVE-2010-0434 (cve.mitre.org) Ensure each subrequest has a shallow copy of headers_in so that the parent request headers are not corrupted. Elimiates a problematic optimization in the case of no request body. * SECURITY: CVE-2008-2364 (cve.mitre.org) mod_proxy_http: Better handling of excessive interim responses from origin server to prevent potential denial of service and high memory usage. * SECURITY: CVE-2010-0425 (cve.mitre.org) mod_isapi: Do not unload an isapi .dll module until the request processing is completed, avoiding orphaned callback pointers. * SECURITY: CVE-2008-2939 (cve.mitre.org) mod_proxy_ftp: Prevent XSS attacks when using wildcards in the path of the FTP URL. Discovered by Marc Bevand of Rapid7. * Fix recursive ErrorDocument handling. * mod_ssl: Do not do overlapping memcpy. * Add Set-Cookie and Set-Cookie2 to the list of headers allowed to pass through on a 304 response. * apxs: Fix -A and -a options to ignore whitespace in httpd.conf @ text @d1 1 a1 1 $NetBSD$ @ 1.7 log @Call the real shlibtool, not some non-existing copy. Bump revision. @ text @d3 1 a3 1 --- configure.orig 2008-01-10 17:49:36.000000000 +0100 d5 1 a5 1 @@@@ -5253,7 +5253,7 @@@@ case $host in d14 1 a14 1 @@@@ -18939,7 +18939,6 @@@@ cat >>confdefs.h <<_ACEOF @ 1.6 log @Update "apache2" package to version 2.0.55. Patches supplied by Ben Collver. Addresses PR pkg/31817 by Zafer Aydogan. @ text @d1 1 a1 1 $NetBSD: patch-ac,v 1.5 2005/04/25 09:13:14 adam Exp $ d3 1 a3 1 --- configure.orig 2005-10-09 18:34:38.000000000 -0700 d5 10 a14 1 @@@@ -17086,7 +17086,6 @@@@ cat >>confdefs.h <<_ACEOF @ 1.5 log @Changes 2.0.54: *) mod_cache: Add CacheIgnoreHeaders directive. *) mod_ldap: Added the directive LDAPConnectionTimeout to configure the ldap socket connection timeout value. *) Correctly export all mod_dav public functions. *) Add a build script to create a solaris package. *) worker MPM: Fix a problem which could cause httpd processes to remain active after shutdown. *) Unix MPMs: Shut down the server more quickly when child processes are slow to exit. *) Remove formatting characters from ap_log_error() calls. These were escaped as fallout from CAN-2003-0020. *) mod_ssl: If SSLUsername is used, set r->user earlier. *) htdigest: Fix permissions of created files. *) core_input_filter: Move buckets to a persistent brigade instead of creating a new brigade. This stop a memory leak when proxying a Streaming Media Server. *) mod_win32: Ignore both PATH_INFO as well as PATH_TRANSLATED to avoid hiccups from additional path information passed in non-utf-8 format. @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 --- configure.orig 2005-04-11 21:04:54.000000000 +0000 d5 1 a5 1 @@@@ -17035,7 +17035,6 @@@@ cat >>confdefs.h <<_ACEOF @ 1.5.4.1 log @Pullup ticket 838 - requested by Matthias Scheler sync devel/apr and www/apache2 with HEAD as precautionary/preventive step Revisions pulled up: - devel/apr/Makefile 1.37 - devel/apr/distinfo 1.16 - devel/apr/patches/patch-ao 1.3 - www/apache2/Makefile 1.84 - www/apache2/Makefile.common 1.19 - www/apache2/PLIST 1.31 - www/apache2/distinfo 1.43,1.44 - www/apache2/patches/patch-ac 1.6 - www/apache2/patches/patch-ae removed - www/apache2/patches/patch-af removed - www/apache2/patches/patch-ah removed - www/apache2/patches/patch-aj removed - www/apache2/patches/patch-ao 1.7 Module Name: pkgsrc Committed By: joerg Date: Tue Oct 11 20:10:35 UTC 2005 Modified Files: pkgsrc/www/apache2: distinfo Added Files: pkgsrc/www/apache2/patches: patch-ao Log Message: Allow mod_ssl to build with OpenSSL 0.9.8. The patch is from Georg v. Zezschwitz on dev@@httpd.apache.org. --- Module Name: pkgsrc Committed By: tron Date: Mon Oct 17 10:28:46 UTC 2005 Modified Files: pkgsrc/devel/apr: Makefile distinfo pkgsrc/devel/apr/patches: patch-ao pkgsrc/www/apache2: Makefile Log Message: Update "apr" package to version 0.9.7. Changes since version 0.9.6: - Fix crash in apr_dir_make_recursive() for relative path when the working directory has been deleted. [Joe Orton] - Win32: fix apr_proc_mutex_trylock() to handle WAIT_TIMEOUT, returning APR_EBUSY. [Ronen Mizrahi ] - Fix apr_file_read() to catch write failures when flushing pending writes for a buffered file. [Joe Orton] - Fix apr_file_write() infinite loop on write failure for buffered files. [Erik Huelsmann ] - Fix error handling where apr_uid_* and apr_gid_* could segfault or return APR_SUCCESS in failure cases. Bug 34053. [Joe Orton, Paul Querna] - Refactor Win32 condition variables code to address bugs 27654, 34336. [Henry Jen , E Holyat ] - Support APR_SO_SNDBUF and APR_SO_RCVBUF on Windows. Bug 32177. [Sim , Jeff Trawick] - Fix detection of rwlocks on Mac OS X. [Aaron Bannert] - Fix issue with poll() followed by net I/O yielding EAGAIN on Mac OS 10.4 (Darwin 8). [Wilfredo Sanchez] Update based on patches supplied by Ben Collver. Addresses first part of PR pkg/31817 by Zafer Aydogan. --- Module Name: pkgsrc Committed By: tron Date: Mon Oct 17 10:37:11 UTC 2005 Modified Files: pkgsrc/www/apache2: Makefile.common PLIST distinfo pkgsrc/www/apache2/patches: patch-ac Removed Files: pkgsrc/www/apache2/patches: patch-ae patch-af patch-ah patch-aj Log Message: Update "apache2" package to version 2.0.55. Changes since version 2.0.54: - worker MPM: Fix a memory leak which can occur after an aborted connection in some limited circumstances. [Greg Ames] - mod_ldap: Fix Bug 36563. Keep track of the number of attributes retrieved from LDAP so that all of the values can be properly cached even if the value is NULL. [Brad Nicholes, Ondrej Sury ] - Added TraceEnable [on|off|extended] per-server directive to alter the behavior of the TRACE method. This addresses a flaw in proxy conformance to RFC 2616 - previously the proxy server would accept a TRACE request body although the RFC prohibited it. The default remains 'TraceEnable on'. [William Rowe] - Add ap_log_cerror() for logging messages associated with particular client connections. [Jeff Trawick] - Correct mod_cgid's argv[0] so that the full path can be delved by the invoked cgi application, to conform to the behavior of mod_cgi. [Pradeep Kumar S ] - mod_include: Fix possible environment variable corruption when using nested includes. Bug 12655. [Joe Orton] - Support the suppress-error-charset setting, as with Apache 1.3.x. Bug 31274. [Jeff Trawick] - EBCDIC: Handle chunked input from client or, with proxy, origin server. [Jeff Trawick] - Fix bad globbing comparison which could result in getting a directory listing when a file was requested. Bug 34512. [sean ] - Fix core dump if mod_auth_ldap's mod_auth_ldap_auth_checker() was called even if mod_auth_ldap_check_user_id() was not (or if it didn't succeed) for non-authoritative cases. [Jim Jagielski] - mod_proxy: Fix over-eager handling of '%' for reverse proxies. Bug 15207. [Jim Jagielski] - mod_ldap: Fix various shared memory cache handling bugs. Bug 34209. [Joe Orton] - Fix a file descriptor leak when starting piped loggers. Bug 33748. [Joe Orton] - mod_ldap: Avoid segfaults when opening connections if using a version of OpenLDAP older than 2.2.21. Bug 34618. [Brad Nicholes] - mod_ssl: Fix build with OpenSSL 0.9.8. Bug 35757. [William Rowe] - proxy HTTP: If a response contains both Transfer-Encoding and a Content-Length, remove the Content-Length and don't reuse the connection, mitigating some HTTP Response Splitting attacks. [Jeff Trawick] - Prevent hangs of child processes when writing to piped loggers at the time of graceful restart. Bug 26467. [Jeff Trawick] - SECURITY: CAN-2005-1268 (cve.mitre.org) mod_ssl: Fix off-by-one overflow whilst printing CRL information at "LogLevel debug" which could be triggered if configured to use a "malicious" CRL. Bug 35081. [Marc Stern ] - mod_userdir: Fix possible memory corruption issue. Bug 34588. [David Leonard ] - worker mpm: don't take down the whole server for a transient thread creation failure. Bug 34514 [Greg Ames] - mod_rewrite: use buffered I/O to improve performance with large RewriteMap txt: files. [Greg Ames] - proxy HTTP: Rework the handling of request bodies to handle chunked input and input filters which modify content length, and avoid spooling arbitrary-sized request bodies in memory. Bug 15859. [Jeff Trawick] Patches supplied by Ben Collver. Addresses PR pkg/31817 by Zafer Aydogan. @ text @d1 1 a1 1 $NetBSD: patch-ac,v 1.6 2005/10/17 10:37:11 tron Exp $ d3 1 a3 1 --- configure.orig 2005-10-09 18:34:38.000000000 -0700 d5 1 a5 1 @@@@ -17086,7 +17086,6 @@@@ cat >>confdefs.h <<_ACEOF @ 1.4 log @Add a patch missed in the previous commit. Bump PKGREVISION becuase this patch will change the binary package. @ text @d3 1 a3 1 --- configure.orig 2004-09-23 13:35:39.000000000 -0500 d5 1 a5 1 @@@@ -16511,7 +16511,6 @@@@ cat >>confdefs.h <<_ACEOF @ 1.3 log @-------------------------------------------------------------------------------- Update www/apache2 to 2.0.35, the first stable release of Apache 2.x. Pkgsrc changes include: *) Compiling the included modules statically. Add-ons will be built dynamically. *) Match improvements to www/apache rc.d script. *) Automatically add "Listen 0.0.0.0:80" to the sample config files as the default install of NetBSD is IPv4/IPv6 and we want the default install of Apache to work out-of-the-box. *) Automatically reset the User and Group directives to match the ones for suEXEC in the config files to ease the use of suEXEC in Apache. Changes from version 2.0.32 beta include: *) Small bug fixes across the board. *) Bug fixes to the various MPMs. *) Performance improvements. *) Fixes for mod_include errors on boundary conditions *) Bug fixes for mod_proxy to prevent hangs and for RFC2616 compliance. *) Improvements to mod_dav for improved API and for RFC 3253 compliance *) Improvemants to mod_ssl to support SSL proxy and RSA SSLC 1.x/2.x *) Greatly improve mod_cache (disk/mem) [this is disabled in pkgsrc] *) New scoreboard file implementation that is readable by 3rd-party apps. *) Allow all Perchild directives to accept either numerical UID/GID or logical user/group names. *) Add support for macro expansion within the variable names in and directives *) Implement SSLSessionCache shmht and shmcb. *) New directive ProxyIOBufferSize. Sets the size of the buffer used when reading from a remote HTTP server in proxy. *) Scrap CacheMaxExpireMin and CacheDefaultExpireMin. Change CacheMaxExpire and CacheDefaultExpire to use seconds rather than hours. *) New Directive SSIUndefinedEcho. to change the '(none)' echoed for a undefined variable. *) Introduce PassPhraseDialog "|/path/to/pipe" mechanism to mod_ssl. *) New Directive for mod_proxy: ProxyRemoteMatch. *) Fix IPv6 name-based virtual hosts. *) Introduce AddOutputFilterByType directive. @ text @d1 1 a1 1 $NetBSD: patch-ac,v 1.2 2002/03/05 23:56:24 jlam Exp $ d3 4 a6 7 --- build/rules.mk.in.orig Sun Dec 30 09:05:55 2001 +++ build/rules.mk.in @@@@ -93,6 +93,7 @@@@ INSTALL = $(LIBTOOL) --mode=install $(abs_srcdir)/build/install.sh -c INSTALL_DATA = $(INSTALL) -m 644 INSTALL_PROGRAM = $(INSTALL) -m 755 $(INSTALL_PROG_FLAGS) +INSTALL_SCRIPT = $(INSTALL) -m 755 a7 14 # # Standard build rules @@@@ -200,6 +201,12 @@@@ test -d $(sbindir) || $(MKINSTALLDIRS) $(sbindir); \ list='$(PROGRAMS)'; for i in $$list; do \ $(INSTALL_PROGRAM) $$i $(sbindir); \ + done; \ + fi + @@if test -n '$(SCRIPTS)'; then \ + test -d $(sbindir) || $(MKINSTALLDIRS) $(sbindir); \ + list='$(SCRIPTS)'; for i in $$list; do \ + $(INSTALL_SCRIPT) $$i $(sbindir); \ done; \ fi d9 4 @ 1.2 log @Update www/apache2 to 2.0.32 beta. Pkgsrc changes from the previous version include: *) Move the binaries back into ${PREFIX}/sbin to match the locations for www/apache. *) Build the Apache modules (including mod_ssl) so that apache2 has the same functionality as apache. *) Support shared modules on platforms that support them. Otherwise, link the modules statically into the server. *) Support suEXEC in the same way as for www/apache. *) Honor PKG_SYSCONFDIR. *) Add a rc.d-style control script based on www/apache/files/apache.sh. *) Strongly buildlinkify again after previous changes broke it. Relevant changes from version 2.0.28 beta include: *) A ton of bug fixes in both the main server code and the module code (it _is_ a beta release following a previous beta release). *) Several performance and memory optimizations. *) The Location: response header field, used for external redirect, *must* be an absoluteURI. The Redirect directive tested for that, but RedirectMatch didn't -- it would allow almost anything through. Now it will try to turn an abs_path into an absoluteURI, but it will correctly varf like Redirect if the final redirection target isn't an absoluteURI. *) Add several new mod_proxy directives: ProxyTimeout, ProxyPreserveHost, ProxyPass. *) FTP directory listings are now always retrieved in ASCII mode. The FTP proxy properly escapes URI's and HTML in the generated listing, and escapes the path components when talking to the FTP server. *) Add FileETag directive to allow configurable control of what data are used to form ETag values for file-based URIs. *) Introduced the ForceLanguagePriority directive, to prevent returning MULTIPLE_CHOICES or NONE_ACCEPTABLE in some cases, when using Multiviews. @ text @d1 1 a1 1 $NetBSD$ @ 1.1 log @Initial revision @ text @d1 1 a1 1 $NetBSD: patch-ac,v 1.2 2002/01/04 09:45:10 martti Exp $ d3 23 a25 14 --- srclib/apr-util/build/apu-conf.m4.orig Tue Aug 21 20:44:26 2001 +++ srclib/apr-util/build/apu-conf.m4 Thu Dec 6 17:50:19 2001 @@@@ -328,6 +328,11 @@@@ expat_include_dir="$1/include/xml" expat_libs="-L$1/lib -lexpat" expat_old=yes + elif test -r "$1/include/expat.h"; then + dnl previously installed expat + expat_include_dir="$1/include" + expat_libs="-Wl,-R${LOCALBASE}/lib -lexpat" + expat_old=yes elif test -r "$1/include/xmltok/xmlparse.h"; then dnl Debian distribution expat_include_dir="$1/include/xmltok" @ 1.1.1.1 log @Reimport pkgsrc/www/apache-current as pkgsrc/www/apache2. @ text @@