diff --git a/www/apache24/Makefile b/www/apache24/Makefile index ef0e70f496d8..5bd46dbaa1b6 100644 --- a/www/apache24/Makefile +++ b/www/apache24/Makefile @@ -1,245 +1,245 @@ PORTNAME= apache24 PORTVERSION= 2.4.61 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= www MASTER_SITES= APACHE_HTTPD DISTNAME= httpd-${PORTVERSION} DIST_SUBDIR= apache24 MAINTAINER= apache@FreeBSD.org COMMENT= Version 2.4.x of Apache web server WWW= https://httpd.apache.org/ LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE LIB_DEPENDS= libexpat.so:textproc/expat2 \ libapr-1.so:devel/apr1 \ libpcre2-8.so:devel/pcre2 USES= apache:server,2.4 autoreconf compiler:c11 cpe iconv libtool perl5 tar:bzip2 USE_PERL5= run USE_RC_SUBR= apache24 htcacheclean GNU_CONFIGURE= yes GNU_CONFIGURE_MANPREFIX=${PREFIX}/share CONFLICTS_INSTALL= py*-circuits # bin/htpasswd CPE_VENDOR= apache CPE_PRODUCT= http_server PORTDOCS= * SUB_FILES= pkg-install pkg-deinstall # Fallback MPM after switching from static to modular MPM SUB_LIST+= MPMF="000_mpm_prefork_fallback.conf" USERS= www GROUPS= www .include "${.CURDIR}/Makefile.options" .include "${.CURDIR}/Makefile.options.desc" OPTIONS_SUB= yes # IMPLIES AUTHN_DBD_IMPLIES= DBD HEARTBEAT_IMPLIES= WATCHDOG STATUS HEARTMONITOR_IMPLIES= WATCHDOG STATUS LBMETHOD_HEARTBEAT_IMPLIES= WATCHDOG STATUS HEARTMONITOR PROXY_HCHECK_IMPLIES= WATCHDOG PROXY_HTTP2_IMPLIES= PROXY_BALANCER .for module in ${PROXY_ENABLED_MODULES:NPROXY} ${PROXY_DISABLED_MODULES} ${module}_IMPLIES= PROXY .endfor .for module in ${SESSION_ENABLED_MODULES:NSESSION} ${SESSION_DISABLED_MODULES} ${module}_IMPLIES= SESSION .endfor # Multi-Processing Modules options handling MPM_PREFORK_CONFIGURE_ON= --with-mpm=prefork MPM_WORKER_CONFIGURE_ON= --with-mpm=worker MPM_EVENT_CONFIGURE_ON= --with-mpm=event MPM_SHARED_CONFIGURE_ON= --enable-mpms-shared=all MPM_SHARED_SUB_LIST= MPM_FALLBACK_CHECK="" MPM_SHARED_SUB_LIST_OFF= MPM_FALLBACK_CHECK="\#" AUTHNZ_LDAP_CONFIGURE_ON= --enable-authnz-ldap BROTLI_CONFIGURE_WITH= brotli=${LOCALBASE} BROTLI_LIB_DEPENDS= libbrotlicommon.so:archivers/brotli HTTP2_CONFIGURE_ON= --with-nghttp2=${LOCALBASE} \ --with-ssl=${OPENSSLBASE} HTTP2_LIB_DEPENDS= libnghttp2.so:www/libnghttp2 HTTP2_USES= ssl IPV4_MAPPED_CONFIGURE_ENABLE= v4-mapped LDAP_CONFIGURE_ON= --enable-ldap=shared LUAJIT_LIB_DEPENDS= libluajit-5.1.so:lang/luajit LUA_CONFIGURE_ENV= LUA_CFLAGS="-I${LUA_INCDIR}" \ LUA_LIBS="-L${LUA_LIBDIR} -llua-${LUA_VER}" LUA_CONFIGURE_WITH= lua=${LOCALBASE} LUA_USES= lua MD_CONFIGURE_ON= --with-curl=${LOCALBASE} \ --with-jansson=${LOCALBASE} \ --with-ssl=${OPENSSLBASE} MD_LIB_DEPENDS= libcurl.so:ftp/curl \ libjansson.so:devel/jansson MD_USES= ssl PROXY_HTML_USE= GNOME=libxml2 PROXY_HTML_USES= gnome PROXY_HTTP2_CONFIGURE_ON= --with-nghttp2=${LOCALBASE} PROXY_HTTP2_LIB_DEPENDS= libnghttp2.so:www/libnghttp2 SOCACHE_DC_CONFIGURE_ON= --with-distcache=${LOCALBASE} SOCACHE_DC_LIB_DEPENDS= libdistcache.so:security/distcache # Note: OpenSSL version (base/ports) depends how devel/apr1 was built # apu-1-config --(includes|ldflags) and apr_rules.mk SSL_CONFIGURE_ON= --with-ssl=${OPENSSLBASE} SSL_USES= ssl TLS_CONFIGURE_ON= --with-rustls=${LOCALBASE} -TLS_BUILD_DEPENDS= ${LOCALBASE}/lib/librustls.a:security/rustls-ffi +TLS_LIB_DEPENDS= librustls.so:security/rustls-ffi SUEXEC_SYSLOG_CONFIGURE_ON= --without-suexec-logfile --with-suexec-syslog XML2ENC_USE= GNOME=libxml2 XML2ENC_USES= gnome ETC_SUBDIRS= Includes envvars.d extra modules.d APR_CONFIG?= ${LOCALBASE}/bin/apr-1-config APU_CONFIG?= ${LOCALBASE}/bin/apu-1-config APU_LDAP?= ${LOCALBASE}/lib/apr-util-1/apr_ldap.so APU_CRYPTO_OPENSSL?= ${LOCALBASE}/lib/apr-util-1/apr_crypto_openssl.so APU_CRYPTO_NSS?= ${LOCALBASE}/lib/apr-util-1/apr_crypto_nss.so .include PREFIX_RELDEST= ${PREFIX:S,^${DESTDIR},,} CONFIGURE_ARGS+=--prefix=${PREFIX_RELDEST} \ --enable-layout=FreeBSD \ --enable-http \ --with-pcre=${LOCALBASE} \ --with-apr=${APR_CONFIG} \ --with-apr-util=${APU_CONFIG} CONFIGURE_ENV+= LOCALBASE="${LOCALBASE}" \ CONFIG_SHELL="${SH}" MAKE_ENV+= EXPR_COMPAT=yes \ INSTALL_MAN="${INSTALL_MAN}" \ DATADIR=${DATADIR} .for module in ${ALL_MODULES} .if ${PORT_OPTIONS:M${module}} CONFIGURE_ARGS+= --enable-${module:S/_/-/g:tl}=shared .else CONFIGURE_ARGS+= --disable-${module:S/_/-/g:tl} .endif .endfor #===================================================== # here we do only OPTIONS fixups # Check for APR-util module exists .if exists(${APU_CONFIG}) . if (${PORT_OPTIONS:MLDAP} || ${PORT_OPTIONS:MAUTHNZ_LDAP}) && !exists(${APU_LDAP}) IGNORE= LDAP and AUTHNZ_LDAP requires APR-util to have LDAP support built in.\ Please rebuild APR with LDAP support . endif . if ${PORT_OPTIONS:MSESSION_CRYPTO} && \ !(exists(${APU_CRYPTO_OPENSSL}) || exists(${APU_CRYPTO_NSS})) IGNORE= SESSION_CRYPTO requires APR-util to have crypto openssl support built in.\ Please rebuild APR with crypto openssl support . endif .endif # exists APU_CONFIG .if ( ${PORT_OPTIONS:MAUTH_BASIC} || ${PORT_OPTIONS:MAUTH_DIGEST} ) && \ empty(PORT_OPTIONS:MAUTHN*) IGNORE= AUTH_BASIC and AUTH_DIGEST need at least one AUTHN provider .endif .if ${PORT_OPTIONS:MAUTH_BASIC} && empty(PORT_OPTIONS:MAUTHZ*) IGNORE= AUTH_BASIC needs at least one AUTHZ provider .endif # Non options-NG option handling .if ${PORT_OPTIONS:MXML2ENC} || ${PORT_OPTIONS:MPROXY_HTML} CONFIGURE_ARGS+= --with-libxml2=${LOCALBASE}/include/libxml2 .else CONFIGURE_ARGS+= --without-libxml2 .endif # WITH_STATIC_SUPPORT, WITH_DEBUG, WITH_EXCEPTION_HOOK # Only to be used for special builds .if defined(WITH_STATIC_SUPPORT) CONFIGURE_ARGS+= --enable-static-support .endif .if defined(WITH_DEBUG) # debug overrides CFLAGS DEBUG_FLAGS?= -O0 -g -ggdb3 CFLAGS= ${DEBUG_FLAGS} CONFIGURE_ARGS+= --enable-maintainer-mode WITH_EXCEPTION_HOOK= yes .else CONFIGURE_ENV+= INSTALL_PROG_FLAGS="-s" EXTRA_PATCHES+= ${FILESDIR}/extra-patch-server_buildmark.c .endif .if defined(WITH_EXCEPTION_HOOK) CONFIGURE_ARGS+= --enable-exception-hook .endif pre-extract-SUEXEC-on: @${ECHO_CMD} "" @${ECHO_CMD} "suexec builds with user '${USERS}' and docroot '${PREFIX}/www' by default," @${ECHO_CMD} "use SUEXEC_DOCROOT and SUEXEC_USERDIR in /etc/make.conf to adjust." @${ECHO_CMD} "" post-extract: # make sure the configure script contains our patches, preserve the original script for comparsion -${MV} -v ${WRKSRC}/configure ${WRKSRC}/configure.upstream # make stage-qa script happy, it complains on empty dirs even 'PORTDOCS=*' is set # use RMDIR in case upstream ever place some files into this directories .for d in xsl/util xsl lang -${RMDIR} ${WRKSRC}/docs/manual/style/${d} .endfor post-patch: ${REINPLACE_CMD} -e 's," PLATFORM ",FreeBSD,' ${WRKSRC}/server/core.c ${REINPLACE_CMD} -e 's|logs/error_log|/var/log/httpd-error.log|' \ ${WRKSRC}/include/httpd.h ${REINPLACE_CMD} -e 's|perlbin=.*|perlbin=${PERL}|' \ ${WRKSRC}/configure.in ${RM} ${WRKSRC}/docs/docroot/*.bak ${INSTALL_DATA} ${WRKSRC}/NOTICE ${WRKSRC}/docs/manual pre-configure:: # silence autotools -@${MV} -v ${WRKSRC}/configure.in ${WRKSRC}/configure.ac 2>/dev/null post-configure: @FTPUSERS=`${EGREP} -v '^#' /etc/ftpusers| ${TR} -s "\n" " "` ;\ ${REINPLACE_CMD} -e "s,%%FTPUSERS%%,$${FTPUSERS}," \ ${WRKSRC}/docs/conf/extra/httpd-userdir.conf ${REINPLACE_CMD} -e "/EXTRA_LDFLAGS/s|-L/usr/lib||g" ${WRKSRC}/build/config_vars.mk ${REINPLACE_CMD} -e "s,%%WWWOWN%%,${WWWOWN}," -e "s,%%WWWGRP%%,${WWWGRP}," \ ${WRKSRC}/docs/conf/httpd.conf ${REINPLACE_CMD} -e "s,%%PREFIX%%,${PREFIX}," ${WRKSRC}/support/envvars-std post-install: @${MKDIR} ${ETC_SUBDIRS:S|^|${STAGEDIR}${ETCDIR}/|} ${INSTALL_DATA} ${FILESDIR}/no-accf.conf ${STAGEDIR}${ETCDIR}/Includes/ ${INSTALL_DATA} ${FILESDIR}/README_modules.d ${STAGEDIR}${ETCDIR}/modules.d/ -${STRIP_CMD} ${STAGEDIR}${PREFIX}/libexec/apache24/mod_*.so # Remove files left behind by strip ${RM} ${STAGEDIR}${DATADIR}/build/ecp.???????? 2>/dev/null post-install-LOG_FORENSIC-on: ${INSTALL_SCRIPT} ${WRKSRC}/support/check_forensic ${STAGEDIR}${PREFIX}/sbin # maintainer only, check for new modules modlist: extract @${AWK} '/: checking whether to enable mod_/ \ {printf "%%%%%s%%%%libexec/apache24/%s.so\n", \ toupper($$8), $$8}' ${WRKSRC}/configure.upstream \ | ${TR} -d '"' \ | ${SORT} -u \ | ${GREP} -E -v '^%%MOD_(HTTP|ISAPI|LOG_CONFIG|PRIVILEGES|SO|UNIXD)%%' .include diff --git a/www/apache24/Makefile.options.desc b/www/apache24/Makefile.options.desc index afd7eda58d88..9385206566d1 100644 --- a/www/apache24/Makefile.options.desc +++ b/www/apache24/Makefile.options.desc @@ -1,172 +1,172 @@ # vim: syntax=make ts=8 noet # ===================================== # OPTIONS HEADING PROXY_DESC= Build enabled PROXY modules SESSION_DESC= Build enabled SESSION modules DEFAULT_MPM_DESC= The default MPM module SHARED_MPM_DESC= Build all MPMs as shared Module EXAMPLE_DESC= Example and devel modules (do not use in prod) # ===================================== # MPMs MPM_SHARED_DESC= all MPMs as loadable module MPM_PREFORK_DESC= non-threaded, pre-forking web server MPM_WORKER_DESC= hybrid multi-threaded multi-process web server MPM_EVENT_DESC= MPM worker variant with the goal of consuming threads only for connections with active processing # ===================================== # additional (no modules) IPV4_MAPPED_DESC= Allow IPv6 sockets to handle IPv4 connections LUAJIT_DESC= LuaJit Support # ===================================== # modules # DESC from modules/*/config.m4 files ACCESS_COMPAT_DESC= mod_access compatibility ACTIONS_DESC= Action triggering on requests ALIAS_DESC= Mapping of requests to different filesystem parts ALLOWMETHODS_DESC= Restrict allowed HTTP methods ASIS_DESC= Sends files that contain their own HTTP headers AUTHNZ_FCGI_DESC= FastCGI authorizer-based authentication and authorization AUTHNZ_LDAP_DESC= LDAP based authentication AUTHN_ANON_DESC= Anonymous user authentication control AUTHN_CORE_DESC= Core authentication module AUTHN_DBD_DESC= SQL-based authentication control AUTHN_DBM_DESC= DBM-based authentication control AUTHN_FILE_DESC= File-based authentication control AUTHN_SOCACHE_DESC= Cached authentication control AUTHZ_CORE_DESC= Core authorization provider vector module AUTHZ_DBD_DESC= SQL based authorization and Login/Session support AUTHZ_DBM_DESC= DBM-based authorization control AUTHZ_GROUPFILE_DESC= "require group" authorization control AUTHZ_HOST_DESC= Host-based authorization control AUTHZ_OWNER_DESC= "require file-owner" authorization control AUTHZ_USER_DESC= "require user" authorization control AUTH_BASIC_DESC= Basic authentication AUTH_DIGEST_DESC= RFC2617 Digest authentication AUTH_FORM_DESC= Form authentication AUTOINDEX_DESC= Directory listing BROTLI_DESC= Brotli compression support BUCKETEER_DESC= (dev) buckets manipulation filter BUFFER_DESC= Filter Buffering CACHE_DESC= Dynamic file caching CACHE_DISK_DESC= Disk caching module CACHE_SOCACHE_DESC= Shared object cacheing module CASE_FILTER_DESC= (dev) example uppercase conversion filter CASE_FILTER_IN_DESC= (dev) example uppercase conversion input filter CERN_META_DESC= CERN-type meta files CGID_DESC= CGI scripts (threaded MPMs) CGI_DESC= CGI scripts (non-threaded MPMs) CHARSET_LITE_DESC= Character set translation. Enabled by default only on EBCDIC systems DATA_DESC= RFC2397 data encoder DAV_DESC= WebDAV protocol handling. --enable-dav also enables mod_dav_fs DAV_FS_DESC= DAV provider for the filesystem. --enable-dav also enables mod_dav_fs DAV_LOCK_DESC= DAV provider for generic locking DBD_DESC= Apache DBD Framework DEFLATE_DESC= Deflate transfer encoding support DIALUP_DESC= Rate limits static files to dialup modem speeds DIR_DESC= Directory request handling DUMPIO_DESC= I/O dump filter ECHO_DESC= (dev) example echo server ENV_DESC= Clearing/setting of ENV vars EXAMPLE_HOOKS_DESC= (dev) example hook callback handler module EXAMPLE_IPC_DESC= (dev) example of shared memory and mutex usage EXPIRES_DESC= Expires header control EXT_FILTER_DESC= External filter module FILE_CACHE_DESC= File cache FILTER_DESC= Smart Filtering HEADERS_DESC= HTTP header control HEARTBEAT_DESC= Generates Heartbeats HEARTMONITOR_DESC= Collects Heartbeats HTTP2_DESC= HTTP/2 (RFC 7540) support IDENT_DESC= RFC 1413 ident lookups IMAGEMAP_DESC= Server-side imagemaps INCLUDE_DESC= Server-side includes INFO_DESC= Server information LBMETHOD_BYBUSYNESS_DESC= Apache proxy Load balancing by busyness LBMETHOD_BYREQUESTS_DESC= Apache proxy Load balancing by request counting LBMETHOD_BYTRAFFIC_DESC= Apache proxy Load balancing by traffic counting LBMETHOD_HEARTBEAT_DESC= Apache proxy Load balancing from Heartbeats LDAP_DESC= LDAP caching and connection pooling services LOGIO_DESC= Input and output logging LOG_CONFIG_DESC= logging configuration LOG_DEBUG_DESC= Configurable debug logging LOG_FORENSIC_DESC= Forensic logging LUA_DESC= Apache Lua Framework MACRO_DESC= Define and use macros in configuration files MD_DESC= Managing domains across virtual hosts, certificate provisioning via the ACME protocol MIME_DESC= Mapp file-ext. to MIME (recommended) MIME_MAGIC_DESC= Automagically determining MIME type NEGOTIATION_DESC= Content negotiation OPTIONAL_FN_EXPORT_DESC= (dev) example optional function exporter OPTIONAL_FN_IMPORT_DESC= (dev) example optional function importer OPTIONAL_HOOK_EXPORT_DESC= (dev) example optional hook exporter OPTIONAL_HOOK_IMPORT_DESC= (dev) example optional hook importer #PRIVILEGES_DESC= Per-virtualhost Unix UserIDs and enhanced security for Solaris PROXY_AJP_DESC= AJP support module for mod_proxy PROXY_BALANCER_DESC= mod_proxy extension for load balancing PROXY_CONNECT_DESC= mod_proxy extension for CONNECT request handling PROXY_EXPRESS_DESC= Dynamic mass reverse proxy extension for mod_proxy PROXY_FCGI_DESC= FastCGI support module for mod_proxy PROXY_FDPASS_DESC= fdpass external process support module for mod_proxy PROXY_FTP_DESC= FTP support module for mod_proxy PROXY_HCHECK_DESC= Dynamic health check of Balancer members (workers) for mod_proxy PROXY_HTML_DESC= Fix HTML Links in a Reverse Proxy PROXY_HTTP_DESC= HTTP support module for mod_proxy PROXY_HTTP2_DESC= HTTP/2 support module for h2 and h2c PROXY_SCGI_DESC= SCGI gateway module for mod_proxy PROXY_UWSGI_DESC= UWSGI gateway module for mod_proxy PROXY_WSTUNNEL_DESC= Websockets Tunnel module for mod_proxy RATELIMIT_DESC= Output Bandwidth Limiting REFLECTOR_DESC= Reflect request through the output filter stack REMOTEIP_DESC= Translate header contents to an apparent client remote_ip REQTIMEOUT_DESC= Limit time waiting for request from client REQUEST_DESC= Request Body Filtering REWRITE_DESC= Rule based URL manipulation SED_DESC= Filter request and/or response bodies through sed SESSION_COOKIE_DESC= Session cookie module SESSION_CRYPTO_DESC= Session crypto module SESSION_DBD_DESC= Session dbd module SETENVIF_DESC= Modify ENV vars based on characteristics of the request SLOTMEM_PLAIN_DESC= Slotmem provider that uses plain memory SLOTMEM_SHM_DESC= Slotmem provider that uses shared memory SOCACHE_DBM_DESC= dbm small object cache provider SOCACHE_DC_DESC= distcache small object cache provider SOCACHE_MEMCACHE_DESC= memcache small object cache provider SOCACHE_REDIS_DESC= Redis based shared object cache provider SOCACHE_SHMCB_DESC= shmcb small object cache provider SPELING_DESC= Correct common URL misspellings SSL_DESC= SSL/TLS support (mod_ssl) STATUS_DESC= Process/thread monitoring SUBSTITUTE_DESC= Response content rewrite-like filtering SUEXEC_DESC= Set uid and gid for spawned processes SUEXEC_SYSLOG_DESC= Enable syslog for suexec -TLS_DESC= TLS support via memory-safe rustls library (Exprimental) +TLS_DESC= TLS support via memory-safe rustls library (Experimental) UNIQUE_ID_DESC= Per-request unique ids UNIXD_DESC= (required) security for Unix-family platforms USERDIR_DESC= Mapping of requests to user-specific directories USERTRACK_DESC= User-session tracking VERSION_DESC= Determining httpd version in config files VHOST_ALIAS_DESC= Mass virtual hosting WATCHDOG_DESC= Watchdog module XML2ENC_DESC= i18n support for markup filters