Changeset View
Standalone View
www/apache24/Makefile
# $FreeBSD$ | # $FreeBSD$ | ||||
PORTNAME= apache24 | PORTNAME= apache24 | ||||
PORTVERSION= 2.4.33 | PORTVERSION= 2.4.34 | ||||
PORTREVISION= 1 | |||||
CATEGORIES= www ipv6 | CATEGORIES= www ipv6 | ||||
MASTER_SITES= APACHE_HTTPD | MASTER_SITES= APACHE_HTTPD | ||||
DISTNAME= httpd-${PORTVERSION} | DISTNAME= httpd-${PORTVERSION} | ||||
DIST_SUBDIR= apache24 | DIST_SUBDIR= apache24 | ||||
MAINTAINER= apache@FreeBSD.org | MAINTAINER= apache@FreeBSD.org | ||||
COMMENT= Version 2.4.x of Apache web server | COMMENT= Version 2.4.x of Apache web server | ||||
▲ Show 20 Lines • Show All 48 Lines • ▼ Show 20 Lines | |||||
MPM_EVENT_CONFIGURE_ON= --with-mpm=event | MPM_EVENT_CONFIGURE_ON= --with-mpm=event | ||||
MPM_SHARED_CONFIGURE_ON= --enable-mpms-shared=all | MPM_SHARED_CONFIGURE_ON= --enable-mpms-shared=all | ||||
MPM_SHARED_SUB_LIST= MPM_FALLBACK_CHECK="" | MPM_SHARED_SUB_LIST= MPM_FALLBACK_CHECK="" | ||||
MPM_SHARED_SUB_LIST_OFF= MPM_FALLBACK_CHECK="\#" | MPM_SHARED_SUB_LIST_OFF= MPM_FALLBACK_CHECK="\#" | ||||
AUTHNZ_LDAP_CONFIGURE_ON= --enable-authnz-ldap | AUTHNZ_LDAP_CONFIGURE_ON= --enable-authnz-ldap | ||||
BROTLI_CONFIGURE_WITH= brotli=${LOCALBASE} | BROTLI_CONFIGURE_WITH= brotli=${LOCALBASE} | ||||
BROTLI_LIB_DEPENDS= libbrotlicommon.so:archivers/brotli | BROTLI_LIB_DEPENDS= libbrotlicommon.so:archivers/brotli | ||||
HTTP2_CONFIGURE_ON= --with-nghttp2=${LOCALBASE} | HTTP2_CONFIGURE_ON= --with-nghttp2=${LOCALBASE} \ | ||||
--with-ssl=${OPENSSLBASE} | |||||
brnrd: As we don't have
```
HTTP2_IMPLIES= SSL
```
I don't think this is OK.
You can build Apache… | |||||
brnrdUnsubmitted Not Done Inline ActionsSo yes, this is OK, and exactly what my point is/was. It should be added. brnrd: So yes, this //is// OK, and exactly what my point is/was. It should be added.
Not sure about… | |||||
HTTP2_LIB_DEPENDS= libnghttp2.so:www/libnghttp2 | HTTP2_LIB_DEPENDS= libnghttp2.so:www/libnghttp2 | ||||
HTTP2_USES= ssl | |||||
matUnsubmitted Not Done Inline ActionsThen HTTP2_IMPLIES=SSL, and this, and the added --with-ssl above, can be removed. mat: Then `HTTP2_IMPLIES=SSL`, and this, and the added `--with-ssl` above, can be removed. | |||||
brnrdUnsubmitted Not Done Inline ActionsIt is not a requirement to build the mod_ssl module (which is what the SSL option in Apache 2.4 does) if you want the mod_http2 module. See also earlier comment. brnrd: It is not a requirement to build the `mod_ssl` module (which is what the `SSL` option in Apache… | |||||
IPV4_MAPPED_CONFIGURE_ENABLE= v4-mapped | IPV4_MAPPED_CONFIGURE_ENABLE= v4-mapped | ||||
LDAP_CONFIGURE_ON= --enable-ldap=shared | LDAP_CONFIGURE_ON= --enable-ldap=shared | ||||
LUAJIT_LIB_DEPENDS= libluajit-5.1.so:lang/luajit | LUAJIT_LIB_DEPENDS= libluajit-5.1.so:lang/luajit | ||||
LUA_CONFIGURE_ENV= LUA_CFLAGS="-I${LUA_INCDIR}" \ | LUA_CONFIGURE_ENV= LUA_CFLAGS="-I${LUA_INCDIR}" \ | ||||
LUA_LIBS="-L${LUA_LIBDIR} -llua-${LUA_VER}" | LUA_LIBS="-L${LUA_LIBDIR} -llua-${LUA_VER}" | ||||
brnrdUnsubmitted Not Done Inline ActionsWhat's going on with indentation here? It aligns OK for me already. brnrd: What's going on with indentation here? It aligns OK for me already. | |||||
LUA_CONFIGURE_WITH= lua=${LOCALBASE} | LUA_CONFIGURE_WITH= lua=${LOCALBASE} | ||||
LUA_USES= lua | LUA_USES= lua | ||||
MD_CONFIGURE_ON= --with-curl=${LOCALBASE} \ | MD_CONFIGURE_ON= --with-curl=${LOCALBASE} \ | ||||
--with-jansson=${LOCALBASE} \ | --with-jansson=${LOCALBASE} \ | ||||
--with-openssl=${OPENSSLBASE} | --with-ssl=${OPENSSLBASE} | ||||
MD_LIB_DEPENDS= libcurl.so:ftp/curl \ | MD_LIB_DEPENDS= libcurl.so:ftp/curl \ | ||||
libjansson.so:devel/jansson | libjansson.so:devel/jansson | ||||
MD_USES= ssl | MD_USES= ssl | ||||
matUnsubmitted Not Done Inline ActionsMD_IMPLIES= SSL and remove the USES=ssl and --with-ssl. mat: ```
MD_IMPLIES= SSL
```
and remove the USES=ssl and --with-ssl. | |||||
brnrdUnsubmitted Not Done Inline ActionsAs before. The SSL option toggles the mod_ssl module. Almost all options in the port are prefixed with mod_ to enable them during build. brnrd: As before. The SSL option toggles the `mod_ssl` module. Almost all options in the port are… | |||||
PROXY_HTML_USE= GNOME=libxml2 | PROXY_HTML_USE= GNOME=libxml2 | ||||
PROXY_HTTP2_CONFIGURE_ON= --with-nghttp2=${LOCALBASE} | PROXY_HTTP2_CONFIGURE_ON= --with-nghttp2=${LOCALBASE} | ||||
PROXY_HTTP2_LIB_DEPENDS= libnghttp2.so:www/libnghttp2 | PROXY_HTTP2_LIB_DEPENDS= libnghttp2.so:www/libnghttp2 | ||||
SOCACHE_DC_CONFIGURE_ON= --with-distcache=${LOCALBASE} | SOCACHE_DC_CONFIGURE_ON= --with-distcache=${LOCALBASE} | ||||
SOCACHE_DC_LIB_DEPENDS= libdistcache.so:security/distcache | SOCACHE_DC_LIB_DEPENDS= libdistcache.so:security/distcache | ||||
XML2ENC_USE= GNOME=libxml2 | XML2ENC_USE= GNOME=libxml2 | ||||
# Note: OpenSSL version (base/ports) depends how devel/apr1 was built | # Note: OpenSSL version (base/ports) depends how devel/apr1 was built | ||||
# apu-1-config --(includes|ldflags) and apr_rules.mk | # apu-1-config --(includes|ldflags) and apr_rules.mk | ||||
brnrdUnsubmitted Not Done Inline ActionsAny reason not to keep the SSL_* entries not in alphabetical order? Think that's mostly historical. brnrd: Any reason not to keep the SSL_* entries not in alphabetical order? Think that's mostly… | |||||
SSL_CFLAGS= -I${OPENSSLINC} | |||||
SSL_CONFIGURE_ON= --with-ssl=${OPENSSLBASE} | SSL_CONFIGURE_ON= --with-ssl=${OPENSSLBASE} | ||||
SSL_LDFLAGS= -L${OPENSSLLIB} | |||||
SSL_USES= ssl | SSL_USES= ssl | ||||
ETC_SUBDIRS= Includes envvars.d extra modules.d | ETC_SUBDIRS= Includes envvars.d extra modules.d | ||||
APR_CONFIG?= ${LOCALBASE}/bin/apr-1-config | APR_CONFIG?= ${LOCALBASE}/bin/apr-1-config | ||||
APU_CONFIG?= ${LOCALBASE}/bin/apu-1-config | APU_CONFIG?= ${LOCALBASE}/bin/apu-1-config | ||||
APU_LDAP?= ${LOCALBASE}/lib/apr-util-1/apr_ldap.so | APU_LDAP?= ${LOCALBASE}/lib/apr-util-1/apr_ldap.so | ||||
APU_CRYPTO_OPENSSL?= ${LOCALBASE}/lib/apr-util-1/apr_crypto_openssl.so | APU_CRYPTO_OPENSSL?= ${LOCALBASE}/lib/apr-util-1/apr_crypto_openssl.so | ||||
APU_CRYPTO_NSS?= ${LOCALBASE}/lib/apr-util-1/apr_crypto_nss.so | APU_CRYPTO_NSS?= ${LOCALBASE}/lib/apr-util-1/apr_crypto_nss.so | ||||
.include <bsd.port.pre.mk> | .include <bsd.port.pre.mk> | ||||
PREFIX_RELDEST= ${PREFIX:S,^${DESTDIR},,} | PREFIX_RELDEST= ${PREFIX:S,^${DESTDIR},,} | ||||
CONFIGURE_ARGS+=--prefix=${PREFIX_RELDEST} \ | CONFIGURE_ARGS+=--prefix=${PREFIX_RELDEST} \ | ||||
--enable-layout=FreeBSD \ | --enable-layout=FreeBSD \ | ||||
brnrdUnsubmitted Not Done Inline ActionsIf we remove these, we can also remove lines 37 and 38 37 WITH_HTTP_PORT?= 80 38 WITH_SSL_PORT?= 443 People should do that with Listen and <VirtualHost> directives anyway. brnrd: If we remove these, we can also remove lines 37 and 38
```
37 WITH_HTTP_PORT?= 80… | |||||
brnrdUnsubmitted Not Done Inline ActionsJust checked, the config files we ship have 52 Listen 80 etc/extra/httpd-ssl.conf 36 Listen 443 so WITH_HTTP_PORT and WITH_SSL_PORT are indeed redundant. brnrd: Just checked, the config files we ship have
etc/httpd.conf
```
52 Listen 80
```… | |||||
--with-port=${WITH_HTTP_PORT} \ | |||||
--with-sslport=${WITH_SSL_PORT} \ | |||||
--with-expat=${LOCALBASE} \ | |||||
--enable-http \ | --enable-http \ | ||||
--with-pcre=${LOCALBASE} \ | --with-pcre=${LOCALBASE} \ | ||||
--with-apr=${APR_CONFIG} \ | --with-apr=${APR_CONFIG} \ | ||||
--with-apr-util=${APU_CONFIG} | --with-apr-util=${APU_CONFIG} | ||||
CONFIGURE_ENV+= LOCALBASE="${LOCALBASE}" \ | CONFIGURE_ENV+= LOCALBASE="${LOCALBASE}" \ | ||||
CONFIG_SHELL="${SH}" | CONFIG_SHELL="${SH}" | ||||
▲ Show 20 Lines • Show All 128 Lines • Show Last 20 Lines |
As we don't have
I don't think this is OK.
You can build Apache with HTTP2 but without SSL (even though I wouldn't know why someone would).
Looks to me like mod_h2 does require libcrypto: https://github.com/icing/mod_h2/blob/master/configure.ac#L105 but not 100% sure.