head	1.6;
access;
symbols
	pkgsrc-2013Q2:1.6.0.54
	pkgsrc-2013Q2-base:1.6
	pkgsrc-2012Q4:1.6.0.52
	pkgsrc-2012Q4-base:1.6
	pkgsrc-2011Q4:1.6.0.50
	pkgsrc-2011Q4-base:1.6
	pkgsrc-2011Q2:1.6.0.48
	pkgsrc-2011Q2-base:1.6
	pkgsrc-2009Q4:1.6.0.46
	pkgsrc-2009Q4-base:1.6
	pkgsrc-2008Q4:1.6.0.44
	pkgsrc-2008Q4-base:1.6
	pkgsrc-2008Q3:1.6.0.42
	pkgsrc-2008Q3-base:1.6
	cube-native-xorg:1.6.0.40
	cube-native-xorg-base:1.6
	pkgsrc-2008Q2:1.6.0.38
	pkgsrc-2008Q2-base:1.6
	pkgsrc-2008Q1:1.6.0.36
	pkgsrc-2008Q1-base:1.6
	pkgsrc-2007Q4:1.6.0.34
	pkgsrc-2007Q4-base:1.6
	pkgsrc-2007Q3:1.6.0.32
	pkgsrc-2007Q3-base:1.6
	pkgsrc-2007Q2:1.6.0.30
	pkgsrc-2007Q2-base:1.6
	pkgsrc-2007Q1:1.6.0.28
	pkgsrc-2007Q1-base:1.6
	pkgsrc-2006Q4:1.6.0.26
	pkgsrc-2006Q4-base:1.6
	pkgsrc-2006Q3:1.6.0.24
	pkgsrc-2006Q3-base:1.6
	pkgsrc-2006Q2:1.6.0.22
	pkgsrc-2006Q2-base:1.6
	pkgsrc-2006Q1:1.6.0.20
	pkgsrc-2006Q1-base:1.6
	pkgsrc-2005Q4:1.6.0.18
	pkgsrc-2005Q4-base:1.6
	pkgsrc-2005Q3:1.6.0.16
	pkgsrc-2005Q3-base:1.6
	pkgsrc-2005Q2:1.6.0.14
	pkgsrc-2005Q2-base:1.6
	pkgsrc-2005Q1:1.6.0.12
	pkgsrc-2005Q1-base:1.6
	pkgsrc-2004Q4:1.6.0.10
	pkgsrc-2004Q4-base:1.6
	pkgsrc-2004Q3:1.6.0.8
	pkgsrc-2004Q3-base:1.6
	pkgsrc-2004Q2:1.6.0.6
	pkgsrc-2004Q2-base:1.6
	pkgsrc-2004Q1:1.6.0.4
	pkgsrc-2004Q1-base:1.6
	pkgsrc-2003Q4:1.6.0.2
	pkgsrc-2003Q4-base:1.6
	netbsd-1-6-1:1.5.0.2
	netbsd-1-6-1-base:1.5
	netbsd-1-6:1.2.0.8
	netbsd-1-6-RELEASE-base:1.2
	pkgviews:1.2.0.4
	pkgviews-base:1.2
	buildlink2-base:1.2
	buildlink2:1.2.0.2;
locks; strict;
comment	@# @;


1.6
date	2003.05.25.08.58.11;	author epg;	state dead;
branches;
next	1.5;

1.5
date	2003.01.28.14.21.58;	author martti;	state Exp;
branches;
next	1.4;

1.4
date	2002.08.29.14.12.29;	author martti;	state Exp;
branches;
next	1.3;

1.3
date	2002.08.25.21.51.57;	author jlam;	state Exp;
branches;
next	1.2;

1.2
date	2002.06.18.23.58.07;	author itojun;	state Exp;
branches
	1.2.2.1
	1.2.8.1;
next	1.1;

1.1
date	2002.06.18.02.17.18;	author itojun;	state Exp;
branches;
next	;

1.2.2.1
date	2002.06.18.23.58.07;	author jlam;	state dead;
branches;
next	1.2.2.2;

1.2.2.2
date	2002.06.23.19.03.33;	author jlam;	state Exp;
branches;
next	;

1.2.8.1
date	2002.10.12.17.34.25;	author agc;	state Exp;
branches;
next	;


desc
@@


1.6
log
@Split some stuff out into a new Makefile.common so that the new
deve/apr package can use it.  Depend on the new apr package.

Approved by jlam@@netbsd.org.
@
text
@$NetBSD: patch-an,v 1.5 2003/01/28 14:21:58 martti Exp $

--- srclib/apr/configure.in.orig	2003-01-06 21:04:08.000000000 +0200
+++ srclib/apr/configure.in	2003-01-28 16:11:24.000000000 +0200
@@@@ -1635,7 +1635,7 @@@@
   if test "$apr_devrandom" = "yes"; then
     # /dev/random on OpenBSD doesn't provide random data, so
     # prefer /dev/arandom, which does; see random(4).
-    for f in /dev/arandom /dev/random /dev/urandom; do
+    for f in /dev/arandom /dev/urandom /dev/random; do
       if test -r $f; then
         apr_devrandom=$f
         rand=1
@


1.5
log
@Updated apache2 to 2.0.44 (patch provided by Eric Gillespie in pkg/20086)

* lots of bug fixes
@
text
@d1 1
a1 1
$NetBSD: patch-an,v 1.4 2002/08/29 14:12:29 martti Exp $
@


1.4
log
@Updated apache to 2.0.40

  *  SECURITY: [CAN-2002-0661] Close a very significant security hole that
     applies only to the Win32, OS2 and Netware platforms.  Unix was not
     affected, Cygwin may be affected.  Certain URIs will bypass security
     and allow users to invoke or access any file depending on the system
     configuration.  Without upgrading, a single .conf change will close
     the vulnerability.  Add the following directive in the global server
     httpd.conf context before any other Alias or Redirect directives;
         RedirectMatch 400 "\\\.\."
     Reported by Auriemma Luigi <bugtest@@sitoverde.com>.
     [Brad Nicholes]

  *  SECURITY:  Close a path-revealing exposure in multiview type
     map negotiation (such as the default error documents) where the
     module would report the full path of the typemapped .var file when
     multiple documents or no documents could be served based on the mime
     negotiation.  Reported by Auriemma Luigi <bugtest@@sitoverde.com>.
     [CAN-2002-0654]  [William Rowe]

  *  SECURITY:  Close a path-revealing exposure in cgi/cgid when we
     fail to invoke a script.  The modules would report "couldn't create
     child process /path-to-script/script.pl" revealing the full path
     of the script.  Reported by Jim Race <jrace@@qualys.com>.
     [CAN-2002-0654]  [Bill Stoddard]

  *  More bug fixes (see the CHANGES file)
@
text
@d1 1
a1 1
$NetBSD: patch-an,v 1.3 2002/08/25 21:51:57 jlam Exp $
d3 11
a13 13
--- srclib/apr/configure.in.orig	Mon Aug  5 11:28:24 2002
+++ srclib/apr/configure.in	Mon Aug 12 15:02:37 2002
@@@@ -1590,8 +1590,8 @@@@
     fi
   elif test "$apr_devrandom" != "no"; then
     if test -r "$apr_devrandom"; then
-      AC_DEFINE(DEV_RANDOM, [$apr_devrandom])
-      AC_MSG_RESULT($apr_devrandom)
+      AC_DEFINE(DEV_RANDOM, [/dev/urandom])
+      AC_MSG_RESULT([/dev/urandom])
       rand="1"
     else
       AC_ERROR([$apr_devrandom not found or unreadable.])
@


1.3
log
@Merge packages from the buildlink2 branch back into the main trunk that
have been converted to USE_BUILDLINK2.
@
text
@d1 1
a1 1
$NetBSD: patch-an,v 1.2.2.1 2002/06/23 19:03:33 jlam Exp $
d3 3
a5 5
--with-randomdev=foo does not work.

--- srclib/apr/configure.in-	Wed Jun 19 08:23:52 2002
+++ srclib/apr/configure.in	Wed Jun 19 08:32:09 2002
@@@@ -1561,8 +1561,8 @@@@
@


1.2
log
@upgrade to 2.0.39, which should correct chunk encoding security issue.

Changes with Apache 2.0.39
  *) Fixed a build problem in htpasswd.c on Win32.
     [Guenter Knauf <eflash@@gmx.net>, Cliff Woolley]
Changes with Apache 2.0.38
  *) Rewrite htpasswd to use APR.  The removes the annoying warning about
     tmpnam being unsafe.   [Ryan Bloom]
  *) We must set the MIME-type for .shtml files to text/html if we want them
     to be parsed for SSI tags.  Add the config for that to the default
     config file so that it is easier to enable .shtml parsing.
     [Dave Dyer <ddyer@@real-me.net>]
  *) Fixed a problem with 'make install' on ReliantUnix.
     [Jean-frederic Clere <jfrederic.clere@@fujitsu-siemens.com>]
  *) Make the default_handler catch all requests that aren't served by
     another handler.  This also gets us to return a 404 if a directory
     is requested, there is no DirectoryIndex, and mod_autoindex isn't
     loaded.  [Justin Erenkrantz]
  *) Fixed the handling of nested if-statements in shtml files.
     PR 9866  [Brian Pane]
  *) Allow 'make install DESTDIR=/path'.  This allows packagers to install
     into a directory different from the one that was configured.  This
     also mirrors the root= feature from 1.3.  We cannot use prefix=,
     because both APR and APR-util resolve their installation paths at
     configuration time.  This means that there is no variable prefix
     to replace.  [Andreas Hasenack <andreas@@netbank.com.br>]
  *) AIX 4.3.2 and above: Define SINGLE_LISTEN_UNSERIALIZED_ACCEPT.
     These levels of AIX don't have a thundering herd problem with
     accept().  [Jeff Trawick]
  *) prefork MPM: Ignore mutex errors during graceful restart.  For
     certain types of mutexes (particularly SysV semaphores), we
     should expect to occasionally fail to obtain or release the
     mutex during restart processing.  [Jeff Trawick]
  *) Fix install-bindist.sh so that it finds any perl instead of just
     early perl 5.x versions.  This is consistent with a build/install
     from source, and it allows the perl scripts installed by a bindist
     to work on systems with perl 5.6.  [Jeff Trawick]
  *) Fix apxs so that the makefile created by "apxs -g" works on AIX and
     Tru64 (and probably some other platforms).  [Jeff Trawick]
  *) Allow CGI scripts to return their Content-Length.  This also fixes a
     hang on HEAD requests seen on certain platforms (such as FreeBSD).
     [Justin Erenkrantz]
  *) Added log rotation based on file size to the RotateLog support
     utility. [Brad Nicholes]
  *) Fix some casting in mod_rewrite which broke random maps.
     PR 9770  [Allan Edwards, Greg Ames, Jeff Trawick]
Changes with Apache 2.0.37
  *) allow POST method over SSL when per-directory client cert
     authentication is used with 'SSLOptions +OptRenegotiate' enabled
     and a client cert was found in the ssl session cache.
  *) 'SSLOptions +OptRengotiate' will use client cert in from the ssl
     session cache when there is no cert chain in the cache.  prior to
     the fix this situation would result in a FORBIDDEN response and
     error message "Cannot find peer certificate chain"
     [Doug MacEachern]
  *) ap_finalize_sub_req_protocol() shouldn't send an EOS bucket if
     one was already sent.  PR 9644  [Jeff Trawick]
  *) Fix the display of the default name for the mime types config
     file.  PR 9729  [Matthew Brecknell <mbrecknell@@orchestream.com>]
  *) Fix the working directory *for WinNT/2K/XP services only* to
     change to the Apache directory (one level above the location
     of Apache.exe, in the case that Apache.exe resides in bin/.)
     Solves the case of ServerRoot /foo paths where /foo was not
     on the same drive as /winnt/system32.  [William Rowe]
  *) Make 2.0's "AcceptMutex" startup message now "completely"
     match how 1.3 does it. [Jim Jagielski]
  *) Implement a fixed size memory cache using a priority queue
     [Ian Holsman]
  *) Fix apxs to allow "apxs -q installbuilddir" and to allow
     querying certain other variables from config_vars.mk.  PR 9316
     [Jeff Trawick]
  *) Added the "detached" attribute to the cgi_exec_info_t internals
     so that Win32 and Netware won't create a new window or console
     for each CGI invoked.  PR 8387
     [Brad Nicholes, William Rowe]
  *) Consolidated the command line parameters and attributes that are
     manipulated by the optional function ap_cgi_build_command() in
     mod_cgi into a single structure.
     [Brad Nicholes]
  *) Get rid of uninitialized value errors with "apxs -q" on certain
     variables.  [Stas Bekman <stas@@stason.org>]
  *) Fix apxs to allow it to work when the build directory is somewhere
     besides server-root/build.  PR 8453
     [Jeff Trawick and a host of others]
  *) Allow ap_discard_request_body to be called multiple times in the
     same request.  Essentially, ap_http_filter keeps track of whether
     it has sent an EOS bucket up the stack, if so, it will only ever
     send an EOS bucket for this request.
     [Ryan Bloom, Justin Erenkrantz, Greg Stein]
  *) Remove all special mod_ssl URIs.  This also fixes the bug where
     redirecting (.*) will allow an SSL protected page to be viewed
     without SSL.  [Ryan Bloom]
  *) Fix the binary build install script so that the build logic
     created by "apxs -g" will work when the user has a binary
     build.  [Jeff Trawick]
  *) Allow instdso.sh to work with full paths to the shared module.
     [Justin Erenkrantz]
  *) NetWare: Enabled CGI functionality and added mod_cgi as a built
     in module for NetWare  [Brad Nicholes]
  *) Changed cgi and piped log behavior to accept 65536 characters
     on Win32 (matching Linux) before deadlocking between outputing
     client stdin, slurping the output from stdout and then the stderr
     stream.  PR 8179  [William Rowe]
  *) Fixed Win32 wintty.exe support to assure the window title is valid.
     Elimiates possible gpfault or garbage title without the -t option.
     [William Rowe]
  *) Rewrite mod_cgi, mod_cgid, and mod_proxy input handling to use
     brigades and input filters.  [Justin Erenkrantz]
  *) Allow ap_http_filter (HTTP_IN) to return EOS when there is no request
     body.  [Justin Erenkrantz]

  *) NetWare: Piping log entries through RotateLogs using the
     CustomLogs directive is finally supported now that we have
     the pipes and spawning functionality working.
     [Brad Nicholes]
  *) Detect overflow when reading the hex bytes forming a chunk line.
     [Aaron Bannert]
  *) Allow RewriteMap prg:'s to take command-line arguments.  PR 8464.
     [James Tait <JTait@@wyrddreams.demon.co.uk>]
  *) Correctly return 413 when an invalid chunk size is given on
     input.  Also modify ap_discard_request_body to not do anything
     on sub-requests or when the connection will be dropped.
     [Justin Erenkrantz]
  *) Fix the TIME_* SSL var lookups to be threadsafe.  PR 9469.
     [Cliff Woolley]
  *) Ensure that apr_brigade_write() flushes in all of the cases that
     it should to avoid conditions in some modules that could cause
     large amounts of data to be buffered.  [Cliff Woolley]
  *) Fix problem where mod_cache/mod_disk_cache was incorrectly
     stripping the content_type from cached responses.
     [Bill Stoddard]
  *) apachectl passes through any httpd options.  Note: apachectl
     should be used in preference to httpd since it ensures that any
     appropriate environment variables have been set up.
     [Jeff Trawick]
  *) Fix the combination of mod_cgid, mod_setuexec, and mod_userdir.
     PR 7810  [Colm MacCarthaigh <colmmacc@@redbrick.dcu.ie>]
  *) Fix suexec execution of CGI scripts from mod_include.
     PR 7791, 8291  [Colm MacCarthaigh <colmmacc@@redbrick.dcu.ie>]
  *) Fix segfaults at startup on some platforms when mod_auth_digest,
     mod_suexec, or mod_ssl were used as DSO's due to the way they
     were tracking the current init phase since DSO's get completely
     unloaded and reloaded between phases.  PR 9413.
     [Tsuyoshi Sasamoto <nazonazo@@super.win.ne.jp>, Brad Nicholes]
  *) Fix mod_include's handling of regular expressions in
     "<!--#if" directives [Julius Gawlas <julius_gawlas@@hp.com>]
  *) Fix the worker MPM deadlock problem  [Brian Pane]
  *) Modify the module documentation to allow for translations.
     [Yoshiki Hayashi, Joshua Slive]
  *) Fix a file permissions problem which prevented mod_disk_cache
     from working on Unix.  [Jeff Trawick]
  *) Add "-k start|restart|graceful|stop" support to httpd for the Unix
     MPMs.  These have semantics very similar to the old apachectl
     commands of the same name.  [Justin Erenkrantz, Jeff Trawick]
  *) Make sure that the runtime dir is created by make install.
     PR 9233.  [Jeff Trawick]
  *) Fix an unusual set of ./configure arguments that could cause
     mod_http to be built as a DSO, which it currently doesn't
     support.  PR 9244.
     [Cliff Woolley, Robin Johnson <robbat2@@orbis-terrarum.net>]
  *) Win32: Fix bug in apr_sendfile() that caused incorrect operation
     of the %X, %b and %B logformat options. PR 8253, 8996.
     [Bill Stoddard]
  *) If content-encoding is already present, do not run deflate (PR 9222)
     [Kazuhisa ASADA <kaz@@asada.sytes.net>]
  *) The APLOG_NOERRNO flag to ap_log_[r]error() is now deprecated.
     It is currently ignored and it will be removed in a future release
     of Apache.  [Jeff Trawick]
  *) Removed documentation references to the no-longer-supported
     "make certificate" feature of mod_ssl for Apache 1.3.x.  Test
     certificates, if truly desired, can be generated using openssl
     commands.  PR 8724.  [Cliff Woolley]
  *) Remove SSLLog and SSLLogLevel directives in favor of having
     mod_ssl use the standard ErrorLog directives.  [Justin Erenkrantz]
  *) OS/390: LIBPATH no longer has to be manually uncommented in
     envvars to get apachectl to set up httpd properly.  [Jeff Trawick]
  *) mod_isapi: All mod_isapi directives, excluding ISAPICacheFile,
     may now be specified to the <File/Directory > container, rather
     than by vhost.  [William Rowe]
  *) mod_isapi: Experimental support for faux async support for ISAPI
     modules.  [William Rowe]
  *) mod_isapi: Major refactoring of the code to rely on apr internals
     rather than MS APIs (using our own mod_isapi.h headers for ISAPI
     symbol definitions.)  [William Rowe]
  *) mod_isapi: Fixed the return string length from GetServerVariable
     callback, it was not including the trailing null in the consumed
     buffer size.  This was particularly bad for Delphi 6.0 users.
     PR 8934  [Sebastian Hantsch <sebastian.hantsch@@gmx.de>]
  *) Fixed Win32 builds for Microsoft VisualStudio 7.0 (.net).
     [William Rowe]
  *) Make apxs look in the correct directory for envvars.  It was
     broken when sbindir != bindir.  PR 8869
     [Andreas Sundström <sunkan@@zappa.cx>]
  *) Fix mod_deflate corruption when using multiple buckets.  PR 9014.
     [Asada Kazuhisa <kaz@@asada.sytes.net>]
  *) Performance enhancements for access logger when using
     default timestamp formatting  [Brian Pane]
  *) Added EnableMMAP config directive to enable the server
     administrator to disable memory-mapping of delivered files
     on a per-directory basis.  [Brian Pane]
  *) Performance enhancements for mod_setenvif  [Brian Pane]
  *) Fix a mod_ssl build problem on OS/390.  [Jeff Trawick]
  *) Fixed If-Modified-Since on Win32, which would give false positives
     because of the sub-second resolution of file timestamps on that
     platform.  [Cliff Woolley]
  *) Reverse the hook ordering for mod_userdir and mod_alias so
     that Alias/ScriptAlias will override Userdir.  PR 8841
     [Joshua Slive]
  *) Move mod_deflate out of experimental and into filters.
     [Justin Erenkrantz]
  *) Get proxy CONNECT basically working.  [Jeff Trawick]
  *) Fix mod_rewrite hang when APR uses SysV Semaphores and
     RewriteLogLevel is set to anything other than 0.  PR: 8143
     [Aaron Bannert, Cliff Woolley]
  *) Fix byterange requests from returning 416 when using dynamic data
     (such as filters like mod_include).  [Justin Erenkrantz]
  *) Allow mod_rewrite's set of "int:" internal RewriteMap functions
     to be extended by third-party modules via an optional function.
     [Tahiry Ramanamampanoharana <nomentsoa@@hotmail.com>, Cliff Woolley]
  *) Fix mod_include expression parser's handling of unquoted strings
     followed immediately by a closing paren.  PR 8462.  [Brian Pane]
  *) Remove autom4te.cache in 'make distclean'.
     [Thom May <thom@@planetarytramp.net>]
  *) Fix generated httpd.conf to respect layout for LoadModule lines.
     PR 8170.  [Thom May <thom@@planetarytramp.net>]
  *) Win32: During a graceful restart, threads in the new process
     were accessing scoreboard slots still in use by active threads in
     the the old process. [Bill Stoddard]
@
text
@d1 1
a1 1
$NetBSD$
@


1.2.2.1
log
@file patch-an was added on branch buildlink2 on 2002-06-23 19:03:33 +0000
@
text
@d1 17
@


1.2.2.2
log
@Merge from pkgsrc-current to buildlink2 branch.
@
text
@a0 17
$NetBSD: patch-an,v 1.2.2.1 2002/06/23 19:03:33 jlam Exp $

--with-randomdev=foo does not work.

--- srclib/apr/configure.in-	Wed Jun 19 08:23:52 2002
+++ srclib/apr/configure.in	Wed Jun 19 08:32:09 2002
@@@@ -1561,8 +1561,8 @@@@
     fi
   elif test "$apr_devrandom" != "no"; then
     if test -r "$apr_devrandom"; then
-      AC_DEFINE(DEV_RANDOM, [$apr_devrandom])
-      AC_MSG_RESULT($apr_devrandom)
+      AC_DEFINE(DEV_RANDOM, [/dev/urandom])
+      AC_MSG_RESULT([/dev/urandom])
       rand="1"
     else
       AC_ERROR([$apr_devrandom not found or unreadable.])
@


1.2.8.1
log
@Pull up the following revisions

Makefile 1.12, 1.15-1.16
PLIST 1.7-1.9
distinfo 1.10-1.12
patches/patch-aa 1.7
patches/patch-al 1.2
patches/patch-an 1.4
patches/patch-ao 1.4

of pkgsrc/www/apache2 files to the netbsd-1-6 pkgsrc branch.

Requested by Manuel Bouyer.

They update apache2 to 2.0.43 for security issues.  Tested by Manuel on
1.6/sparc with IPv6 connectivity.
@
text
@d1 1
a1 1
$NetBSD: patch-an,v 1.4 2002/08/29 14:12:29 martti Exp $
d3 5
a7 3
--- srclib/apr/configure.in.orig	Mon Aug  5 11:28:24 2002
+++ srclib/apr/configure.in	Mon Aug 12 15:02:37 2002
@@@@ -1590,8 +1590,8 @@@@
@


1.1
log
@use /dev/urandom, not /dev/random, for random number source.
(if you don't have Pentium 4, httpd will need more than 1 minutes to start up)
@
text
@d3 15
a17 21
--- srclib/apr/configure.in-	Tue Jun 18 11:12:46 2002
+++ srclib/apr/configure.in	Tue Jun 18 11:13:38 2002
@@@@ -1450,13 +1450,13 @@@@
 dnl #----------------------------- Checking for /dev/random 
 AC_MSG_CHECKING(for /dev/random)
 
-if test -r "/dev/random"; then
-    AC_DEFINE(DEV_RANDOM, [/dev/random])
-    AC_MSG_RESULT(/dev/random)
-    rand="1"
-elif test -r "/dev/urandom"; then
+if test -r "/dev/urandom"; then
     AC_DEFINE(DEV_RANDOM, [/dev/urandom])
     AC_MSG_RESULT(/dev/urandom)
+    rand="1"
+elif test -r "/dev/random"; then
+    AC_DEFINE(DEV_RANDOM, [/dev/random])
+    AC_MSG_RESULT(/dev/random)
     rand="1"
 else
     case $host in
@