Index: branches/2015Q3/www/apache24/Makefile =================================================================== --- branches/2015Q3/www/apache24/Makefile (revision 392170) +++ branches/2015Q3/www/apache24/Makefile (revision 392171) @@ -1,184 +1,184 @@ # $FreeBSD$ PORTNAME= apache24 -PORTVERSION= 2.4.12 +PORTVERSION= 2.4.16 CATEGORIES= www ipv6 MASTER_SITES= APACHE_HTTPD DISTNAME= httpd-${PORTVERSION} DIST_SUBDIR= apache24 MAINTAINER= apache@FreeBSD.org COMMENT= Version 2.4.x of Apache web server LIB_DEPENDS= libexpat.so:${PORTSDIR}/textproc/expat2 \ libapr-1.so:${PORTSDIR}/devel/apr1 \ libpcre.so:${PORTSDIR}/devel/pcre CONFLICTS_INSTALL= caudium14-1.* \ apache-*-2.2.* apache22-* USE_APACHE= common24 -USES= tar:bzip2 iconv perl5 libtool cpe +USES= autoreconf cpe iconv libtool perl5 tar:bzip2 USE_PERL5= run -USE_AUTOTOOLS= autoconf USE_RC_SUBR= apache24 htcacheclean +GNU_CONFIGURE= yes CPE_VENDOR= apache CPE_PRODUCT= http_server PORTDOCS= * SUB_FILES= pkg-install pkg-deinstall # Fallback MPM after switching from static to modular MPM SUB_LIST+= MPMF="000_mpm_prefork_fallback.conf" USERS= www GROUPS= www # for slave ports .if !defined(MASTERDIR) APACHEDIR= ${.CURDIR} .else APACHEDIR= ${MASTERDIR} .endif WITH_HTTP_PORT?= 80 WITH_SSL_PORT?= 443 .include "${APACHEDIR}/Makefile.options" .include "${APACHEDIR}/Makefile.options.desc" AUTHNZ_LDAP_CONFIGURE_ON= --enable-authnz-ldap # http://httpd.apache.org/docs/2.4/bind.html IPV4_MAPPED_CONFIGURE_ENABLE= v4-mapped LDAP_CONFIGURE_ON= --enable-ldap=shared LUAJIT_LIB_DEPENDS= libluajit-5.1.so:${PORTSDIR}/lang/luajit LUA_CONFIGURE_WITH= lua LUA_USES= lua SOCACHE_DC_CONFIGURE_ON= --with-distcache=${LOCALBASE} SOCACHE_DC_LIB_DEPENDS= libdistcache.so:${PORTSDIR}/security/distcache # Note: # OpenSSL version (base/ports) depends how devel/apr1 was build # apu-1-config --(includes|ldflags) and apr_rules.mk SSL_CFLAGS= -I${OPENSSLINC} SSL_CONFIGURE_ON= --with-ssl=${OPENSSLBASE} SSL_LDFLAGS= -L${OPENSSLLIB} SSL_USE= OPENSSL=yes .include ETC_SUBDIRS= Includes envvars.d extra modules.d APR_CONFIG?= ${LOCALBASE}/bin/apr-1-config APU_CONFIG?= ${LOCALBASE}/bin/apu-1-config # APU modules used by AUTHN_DBD DBD APU_DBD_MYSQL?= ${LOCALBASE}/lib/apr-util-1/apr_dbd_mysql.so APU_DBD_PGSQL?= ${LOCALBASE}/lib/apr-util-1/apr_dbd_pgsql.so APU_DBD_SQLITE3?= ${LOCALBASE}/lib/apr-util-1/apr_dbd_sqlite3.so # APU module used by AUTHNZ_LDAP LDAP APU_LDAP?= ${LOCALBASE}/lib/apr-util-1/apr_ldap.so # APU module used by SESSION_CRYPTO APU_CRYPTO_OPENSSL?= ${LOCALBASE}/lib/apr-util-1/apr_crypto_openssl.so APU_CRYPTO_NSS?= ${LOCALBASE}/lib/apr-util-1/apr_crypto_nss.so PREFIX_RELDEST= ${PREFIX:S,^${DESTDIR},,} CONFIGURE_ARGS+=--prefix=${PREFIX_RELDEST} \ --enable-layout=FreeBSD \ --with-port=${WITH_HTTP_PORT} \ --with-sslport=${WITH_SSL_PORT} \ --with-expat=${LOCALBASE} \ --with-iconv=${ICONV_PREFIX} \ --enable-http \ --with-pcre=${LOCALBASE} \ --with-apr=${APR_CONFIG} \ --with-apr-util=${APU_CONFIG} CONFIGURE_ENV= LOCALBASE="${LOCALBASE}" MAKE_ENV+= EXPR_COMPAT=yes \ INSTALL_MAN="${INSTALL_MAN}" \ DATADIR=${DATADIR} #===================================================== # CONFIGURE_ARGS will be handled in Makefile.modules, # here we do only OPTIONS fixups .if ${PORT_OPTIONS:MLUA} CONFIGURE_ENV+= LUA_CFLAGS="-I${LUA_INCDIR}" \ LUA_LIBS="-L${LUA_LIBDIR} -llua-${LUA_VER}" .endif .if ${PORT_OPTIONS:MPROXY_HTML} || ${PORT_OPTIONS:MXML2ENC} USE_GNOME= libxml2 .endif .include .include "${APACHEDIR}/Makefile.modules" pre-configure:: @${ECHO_MSG} "" @${ECHO_MSG} " You can check your modules configuration by using make show-modules" @${ECHO_MSG} "" post-extract: # remove possible leftover .svn directories in the sources @${FIND} ${WRKSRC} -type d -name .svn -print | ${XARGS} ${RM} -rf # limit grep results ... @${FIND} ${WRKSRC} -type f \( -name 'NWGNU*' -o -name '*.ds?' -o -name '*.dep' -o -name '*.mak' -o -name '*.win' -o -name '*.vbs' -o -name '*.wsf' \) -delete # make sure the configure script contains our patches, preserve the original script for comparsion -${MV} -v ${WRKSRC}/configure ${WRKSRC}/configure.upstream # make stage-qa script happy, it complains on empty dirs even 'PORTDOCS=*' is set # use RMDIR in case upstream ever place some files into this directories .for d in xsl/util xsl lang -${RMDIR} ${WRKSRC}/docs/manual/style/${d} .endfor post-patch: ${REINPLACE_CMD} -e 's," PLATFORM ",FreeBSD,' ${WRKSRC}/server/core.c ${REINPLACE_CMD} -e 's|logs/error_log|/var/log/httpd-error.log|' \ ${WRKSRC}/include/httpd.h ${REINPLACE_CMD} -e 's|perlbin=.*|perlbin=${PERL}|' \ ${WRKSRC}/configure.in ${RM} -f ${WRKSRC}/docs/docroot/*.bak ${INSTALL_DATA} ${WRKSRC}/NOTICE ${WRKSRC}/docs/manual post-configure: @FTPUSERS=`${EGREP} -v '^#' /etc/ftpusers| ${TR} -s "\n" " "` ;\ ${REINPLACE_CMD} -e "s,%%FTPUSERS%%,$${FTPUSERS}," \ ${WRKSRC}/docs/conf/extra/httpd-userdir.conf ${REINPLACE_CMD} -e "s,%%WWWOWN%%,${WWWOWN}," -e "s,%%WWWGRP%%,${WWWGRP}," \ ${WRKSRC}/docs/conf/httpd.conf ${REINPLACE_CMD} -e "s,%%PREFIX%%,${PREFIX}," ${WRKSRC}/support/envvars-std post-install: @${MKDIR} ${ETC_SUBDIRS:S|^|${STAGEDIR}${ETCDIR}/|} ${INSTALL_DATA} ${FILESDIR}/no-accf.conf ${STAGEDIR}${ETCDIR}/Includes/ # place for 3rd party module configuration ${INSTALL_DATA} ${FILESDIR}/README_modules.d ${STAGEDIR}${ETCDIR}/modules.d/ # strip returns an error for non binary files, but we have a big mix -${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/* 2>/dev/null -${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/* -${STRIP_CMD} ${STAGEDIR}${PREFIX}/libexec/apache24/mod_*.so .if ${PORT_OPTIONS:MLOG_FORENSIC} ${INSTALL_SCRIPT} ${WRKSRC}/support/check_forensic ${STAGEDIR}${PREFIX}/sbin .endif # maintainer only, check for new modules modlist: extract @${AWK} '/: checking whether to enable mod_/ \ {printf "%%%%%s%%%%libexec/apache24/%s.so\n", \ toupper($$8), $$8}' ${WRKSRC}/configure \ | ${TR} -d '"' \ | ${SORT} -u \ | ${GREP} -E -v '^%%MOD_(HTTP|ISAPI|LOG_CONFIG|PRIVILEGES|SO|UNIXD)%%' .include Index: branches/2015Q3/www/apache24/distinfo =================================================================== --- branches/2015Q3/www/apache24/distinfo (revision 392170) +++ branches/2015Q3/www/apache24/distinfo (revision 392171) @@ -1,2 +1,2 @@ -SHA256 (apache24/httpd-2.4.12.tar.bz2) = ad6d39edfe4621d8cc9a2791f6f8d6876943a9da41ac8533d77407a2e630eae4 -SIZE (apache24/httpd-2.4.12.tar.bz2) = 5054838 +SHA256 (apache24/httpd-2.4.16.tar.bz2) = ac660b47aaa7887779a6430404dcb40c0b04f90ea69e7bd49a40552e9ff13743 +SIZE (apache24/httpd-2.4.16.tar.bz2) = 5101005 Index: branches/2015Q3/www/apache24/files/patch-acinclude.m4 =================================================================== --- branches/2015Q3/www/apache24/files/patch-acinclude.m4 (revision 392170) +++ branches/2015Q3/www/apache24/files/patch-acinclude.m4 (nonexistent) @@ -1,24 +0,0 @@ ---- acinclude.m4.orig 2014-01-05 08:37:21 UTC -+++ acinclude.m4 -@@ -267,9 +267,10 @@ DISTCLEAN_TARGETS = modules.mk - static = - shared = $libname - EOF -+ dnl https://issues.apache.org/bugzilla/show_bug.cgi?id=53882 -+ DSO_MODULES="$DSO_MODULES mpm_$1" - # add default MPM to LoadModule list - if test $1 = $default_mpm; then -- DSO_MODULES="$DSO_MODULES mpm_$1" - ENABLED_DSO_MODULES="${ENABLED_DSO_MODULES},mpm_$1" - fi - fi -@@ -576,7 +577,8 @@ AC_DEFUN(APACHE_CHECK_OPENSSL,[ - liberrors="" - AC_CHECK_HEADERS([openssl/engine.h]) - AC_CHECK_FUNCS([SSLeay_version SSL_CTX_new], [], [liberrors="yes"]) -- AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines]) -+ dnl PR 196139, https://issues.apache.org/bugzilla/show_bug.cgi?id=57375 -+ AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines SSL_CTX_use_certificate_chain RAND_egd]) - if test "x$liberrors" != "x"; then - AC_MSG_WARN([OpenSSL libraries are unusable]) - fi Property changes on: branches/2015Q3/www/apache24/files/patch-acinclude.m4 ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: branches/2015Q3/www/apache24/files/patch-include__ap_config_auto.h.in =================================================================== --- branches/2015Q3/www/apache24/files/patch-include__ap_config_auto.h.in (revision 392170) +++ branches/2015Q3/www/apache24/files/patch-include__ap_config_auto.h.in (nonexistent) @@ -1,26 +0,0 @@ -# libressl support -# https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196139 -# https://issues.apache.org/bugzilla/show_bug.cgi?id=57375 - ---- include/ap_config_auto.h.in.orig 2015-01-15 19:59:13 UTC -+++ include/ap_config_auto.h.in -@@ -130,6 +130,9 @@ - /* Define to 1 if you have the header file. */ - #undef HAVE_PWD_H - -+/* Define to 1 if you have the `RAND_egd' function. */ -+#undef HAVE_RAND_EGD -+ - /* Define to 1 if you have the `setsid' function. */ - #undef HAVE_SETSID - -@@ -139,6 +142,9 @@ - /* Define to 1 if you have the `SSL_CTX_new' function. */ - #undef HAVE_SSL_CTX_NEW - -+/* Define to 1 if you have the `SSL_CTX_use_certificate_chain' function. */ -+#undef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN -+ - /* Define to 1 if you have the header file. */ - #undef HAVE_STDINT_H - Property changes on: branches/2015Q3/www/apache24/files/patch-include__ap_config_auto.h.in ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: branches/2015Q3/www/apache24/files/patch-modules__ssl__ssl_engine_init.c =================================================================== --- branches/2015Q3/www/apache24/files/patch-modules__ssl__ssl_engine_init.c (revision 392170) +++ branches/2015Q3/www/apache24/files/patch-modules__ssl__ssl_engine_init.c (nonexistent) @@ -1,31 +0,0 @@ -# libressl support -# https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196139 -# https://issues.apache.org/bugzilla/show_bug.cgi?id=57375 - ---- modules/ssl/ssl_engine_init.c.orig 2015-01-15 12:20:33 UTC -+++ modules/ssl/ssl_engine_init.c -@@ -353,9 +353,11 @@ apr_status_t ssl_init_Engine(server_rec - return ssl_die(s); - } - -+#ifdef ENGINE_CTRL_CHIL_SET_FORKCHECK - if (strEQ(mc->szCryptoDevice, "chil")) { - ENGINE_ctrl(e, ENGINE_CTRL_CHIL_SET_FORKCHECK, 1, 0, 0); - } -+#endif - - if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) { - ap_log_error(APLOG_MARK, APLOG_EMERG, 0, s, APLOGNO(01889) -@@ -838,7 +840,11 @@ static apr_status_t ssl_init_ctx_cert_ch - } - } - -- n = SSL_CTX_use_certificate_chain(mctx->ssl_ctx, -+#ifndef HAVE_SSL_CTX_USE_CERTIFICATE_CHAIN -+ n = SSL_CTX_use_certificate_chain(mctx->ssl_ctx, -+#else -+ n = _SSL_CTX_use_certificate_chain(mctx->ssl_ctx, -+#endif - (char *)chain, - skip_first, NULL); - if (n < 0) { Property changes on: branches/2015Q3/www/apache24/files/patch-modules__ssl__ssl_engine_init.c ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: branches/2015Q3/www/apache24/files/patch-modules__ssl__ssl_engine_rand.c =================================================================== --- branches/2015Q3/www/apache24/files/patch-modules__ssl__ssl_engine_rand.c (revision 392170) +++ branches/2015Q3/www/apache24/files/patch-modules__ssl__ssl_engine_rand.c (nonexistent) @@ -1,22 +0,0 @@ -# libressl support -# https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196139 -# https://issues.apache.org/bugzilla/show_bug.cgi?id=57375 - ---- modules/ssl/ssl_engine_rand.c.orig 2011-12-05 00:08:01 UTC -+++ modules/ssl/ssl_engine_rand.c -@@ -81,6 +81,7 @@ int ssl_rand_seed(server_rec *s, apr_poo - nDone += ssl_rand_feedfp(p, fp, pRandSeed->nBytes); - ssl_util_ppclose(s, p, fp); - } -+#ifdef HAVE_RAND_EGD - else if (pRandSeed->nSrc == SSL_RSSRC_EGD) { - /* - * seed in contents provided by the external -@@ -90,6 +91,7 @@ int ssl_rand_seed(server_rec *s, apr_poo - continue; - nDone += n; - } -+#endif - else if (pRandSeed->nSrc == SSL_RSSRC_BUILTIN) { - struct { - time_t t; Property changes on: branches/2015Q3/www/apache24/files/patch-modules__ssl__ssl_engine_rand.c ___________________________________________________________________ Deleted: fbsd:nokeywords ## -1 +0,0 ## -yes \ No newline at end of property Deleted: svn:eol-style ## -1 +0,0 ## -native \ No newline at end of property Deleted: svn:mime-type ## -1 +0,0 ## -text/plain \ No newline at end of property Index: branches/2015Q3/www/apache24/files/patch-Makefile.in =================================================================== --- branches/2015Q3/www/apache24/files/patch-Makefile.in (revision 392170) +++ branches/2015Q3/www/apache24/files/patch-Makefile.in (revision 392171) @@ -1,144 +1,106 @@ ---- Makefile.in.orig 2012-12-17 11:50:41 UTC +--- Makefile.in.orig 2015-04-15 18:06:04 UTC +++ Makefile.in @@ -32,12 +32,9 @@ include $(top_srcdir)/build/program.mk install-conf: @echo Installing configuration files @$(MKINSTALLDIRS) $(DESTDIR)$(sysconfdir) $(DESTDIR)$(sysconfdir)/extra - @$(MKINSTALLDIRS) $(DESTDIR)$(sysconfdir)/original/extra @cd $(top_srcdir)/docs/conf; \ for i in mime.types magic; do \ - if test ! -f $(DESTDIR)$(sysconfdir)/$$i; then \ - $(INSTALL_DATA) $$i $(DESTDIR)$(sysconfdir); \ - fi; \ + $(INSTALL_DATA) $$i $(DESTDIR)$(sysconfdir)/$${i}.sample; \ done; \ for j in $(top_srcdir)/docs/conf $(top_builddir)/docs/conf ; do \ cd $$j ; \ -@@ -58,6 +55,16 @@ install-conf: +@@ -98,15 +95,12 @@ install-conf: -e 's#@@SSLPort@@#$(SSLPORT)#g' \ - -e 'p' \ < $$i; \ -+ if echo " $(DSO_MODULES) "|$(EGREP) " cgi " > /dev/null ; then \ -+ have_cgi="1"; \ -+ else \ -+ have_cgi="0"; \ -+ fi; \ -+ if echo " $(DSO_MODULES) "|$(EGREP) " cgid " > /dev/null ; then \ -+ have_cgid="1"; \ -+ else \ -+ have_cgid="0"; \ -+ fi; \ - for j in $(DSO_MODULES) "^EOL^"; do \ - if test $$j != "^EOL^"; then \ - if echo ",$(ENABLED_DSO_MODULES),"|$(EGREP) ",$$j," > /dev/null ; then \ -@@ -68,8 +75,18 @@ install-conf: - if test "$(LOAD_ALL_MODULES)" = "yes"; then \ - loading_disabled=""; \ - fi; \ -- echo "$${loading_disabled}LoadModule $${j}_module $(rel_libexecdir)/mod_$${j}.so"; \ -- fi; \ -+ if test $$j = "cgid" -a "$$have_cgi" = "1"; then \ -+ echo ""; \ -+ echo " $${loading_disabled}LoadModule $${j}_module $(rel_libexecdir)/mod_$${j}.so"; \ -+ echo ""; \ -+ elif test $$j = "cgi" -a "$$have_cgid" = "1"; then \ -+ echo ""; \ -+ echo " $${loading_disabled}LoadModule $${j}_module $(rel_libexecdir)/mod_$${j}.so"; \ -+ echo ""; \ -+ else \ -+ echo "$${loading_disabled}LoadModule $${j}_module $(rel_libexecdir)/mod_$${j}.so"; \ -+ fi; \ -+ fi; \ - done; \ - sed -e '1,/@@LoadModule@@/d' \ - -e '/@@LoadModule@@/d' \ -@@ -78,15 +95,12 @@ install-conf: - -e 's#@@SSLPort@@#$(SSLPORT)#g' \ - < $$i; \ fi \ - ) > $(DESTDIR)$(sysconfdir)/original/$$i; \ - chmod 0644 $(DESTDIR)$(sysconfdir)/original/$$i; \ + ) > $(DESTDIR)$(sysconfdir)/$${i}.sample; \ + chmod 0644 $(DESTDIR)$(sysconfdir)/$${i}.sample; \ file=$$i; \ if [ "$$i" = "httpd.conf" ]; then \ file=`echo $$i|sed s/.*.conf/$(PROGRAM_NAME).conf/`; \ fi; \ - if test ! -f $(DESTDIR)$(sysconfdir)/$$file; then \ - $(INSTALL_DATA) $(DESTDIR)$(sysconfdir)/original/$$i $(DESTDIR)$(sysconfdir)/$$file; \ - fi; \ fi; \ done ; \ done ; \ -@@ -137,48 +151,25 @@ dox: +@@ -157,48 +151,25 @@ dox: doxygen $(top_srcdir)/docs/doxygen.conf install-htdocs: - -@if [ -d $(DESTDIR)$(htdocsdir) ]; then \ - echo "[PRESERVING EXISTING HTDOCS SUBDIR: $(DESTDIR)$(htdocsdir)]"; \ - else \ - echo Installing HTML documents ; \ + @echo Installing HTML documents ; \ $(MKINSTALLDIRS) $(DESTDIR)$(htdocsdir) ; \ - if test -d $(htdocs-srcdir) && test "x$(RSYNC)" != "x" && test -x $(RSYNC) ; then \ - $(RSYNC) --exclude .svn -rlpt --numeric-ids $(htdocs-srcdir)/ $(DESTDIR)$(htdocsdir)/; \ - else \ - test -d $(htdocs-srcdir) && (cd $(htdocs-srcdir) && cp -rp * $(DESTDIR)$(htdocsdir)) ; \ - cd $(DESTDIR)$(htdocsdir) && find . -name ".svn" -type d -print | xargs rm -rf 2>/dev/null || true; \ - fi; \ - fi + $(MKINSTALLDIRS) $(DESTDIR)$(DATADIR)/misc ; \ + test -d $(htdocs-srcdir) && (cd $(htdocs-srcdir) && cp -rp index.html $(DESTDIR)$(DATADIR)/misc) || true install-error: - -@if [ -d $(DESTDIR)$(errordir) ]; then \ - echo "[PRESERVING EXISTING ERROR SUBDIR: $(DESTDIR)$(errordir)]"; \ - else \ - echo Installing error documents ; \ + @echo Installing error documents ; \ $(MKINSTALLDIRS) $(DESTDIR)$(errordir) ; \ - cd $(top_srcdir)/docs/error && cp -rp * $(DESTDIR)$(errordir) ; \ - test "x$(errordir)" != "x" && cd $(DESTDIR)$(errordir) && find . -name ".svn" -type d -print | xargs rm -rf 2>/dev/null || true; \ - fi + cd $(top_srcdir)/docs/error && cp -rp * $(DESTDIR)$(errordir) ; install-icons: - -@if [ -d $(DESTDIR)$(iconsdir) ]; then \ - echo "[PRESERVING EXISTING ICONS SUBDIR: $(DESTDIR)$(iconsdir)]"; \ - else \ - echo Installing icons ; \ + @echo Installing icons ; \ $(MKINSTALLDIRS) $(DESTDIR)$(iconsdir) ; \ - cd $(top_srcdir)/docs/icons && cp -rp * $(DESTDIR)$(iconsdir) ; \ - test "x$(iconsdir)" != "x" && cd $(DESTDIR)$(iconsdir) && find . -name ".svn" -type d -print | xargs rm -rf 2>/dev/null || true; \ - fi + cd $(top_srcdir)/docs/icons && cp -rp * $(DESTDIR)$(iconsdir) ; install-cgi: - -@if [ -d $(DESTDIR)$(cgidir) ];then \ - echo "[PRESERVING EXISTING CGI SUBDIR: $(DESTDIR)$(cgidir)]"; \ - else \ - echo Installing CGIs ; \ + @echo Installing CGIs ; \ $(MKINSTALLDIRS) $(DESTDIR)$(cgidir) ; \ - cd $(top_srcdir)/docs/cgi-examples && cp -rp * $(DESTDIR)$(cgidir) ; \ - test "x$(cgidir)" != "x" && cd $(DESTDIR)$(cgidir) && find . -name ".svn" -type d -print | xargs rm -rf 2>/dev/null || true; \ - fi + cd $(top_srcdir)/docs/cgi-examples && cp -rp * $(DESTDIR)$(cgidir) ; install-other: @test -d $(DESTDIR)$(logfiledir) || $(MKINSTALLDIRS) $(DESTDIR)$(logfiledir) -@@ -231,12 +222,7 @@ install-man: +@@ -251,12 +222,7 @@ install-man: @test -d $(DESTDIR)$(manualdir) || $(MKINSTALLDIRS) $(DESTDIR)$(manualdir) @cp -p $(top_srcdir)/docs/man/*.1 $(DESTDIR)$(mandir)/man1 @cp -p $(top_srcdir)/docs/man/*.8 $(DESTDIR)$(mandir)/man8 - @if test "x$(RSYNC)" != "x" && test -x $(RSYNC) ; then \ - $(RSYNC) --exclude .svn -rlpt --numeric-ids $(top_srcdir)/docs/manual/ $(DESTDIR)$(manualdir)/; \ - else \ - cd $(top_srcdir)/docs/manual && cp -rp * $(DESTDIR)$(manualdir); \ - cd $(DESTDIR)$(manualdir) && find . -name ".svn" -type d -print | xargs rm -rf 2>/dev/null || true; \ - fi + cd $(top_srcdir)/docs/manual && cp -rp * $(DESTDIR)$(manualdir) install-suexec: @if test -f $(builddir)/support/suexec; then \ Index: branches/2015Q3/www/apache24/files/patch-docs__conf__extra__httpd-ssl.conf.in =================================================================== --- branches/2015Q3/www/apache24/files/patch-docs__conf__extra__httpd-ssl.conf.in (revision 392170) +++ branches/2015Q3/www/apache24/files/patch-docs__conf__extra__httpd-ssl.conf.in (revision 392171) @@ -1,53 +1,22 @@ ---- docs/conf/extra/httpd-ssl.conf.in.orig 2015-01-31 12:20:34 UTC -+++ docs/conf/extra/httpd-ssl.conf.in -@@ -42,11 +42,30 @@ Listen @@SSLPort@@ - ## the main server and all SSL-enabled virtual hosts. - ## - -+## disable unsecure SSL protocols -+SSLProtocol ALL -SSLv2 -SSLv3 -+ - # SSL Cipher Suite: - # List the ciphers that the client is permitted to negotiate. - # See the mod_ssl documentation for a complete list. - SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 - -+## The following entries can be used as suggestions, -+## for more information see: -+## - http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslciphersuite -+## - http://blog.ivanristic.com/2013/08/configuring-apache-nginx-and-openssl-for-forward-secrecy.html -+## -+## To test your SSL implementation use for example security/sslscan or for public reachable systems https://www.ssllabs.com/ -+ -+## sample for OpenSSL >= 1.0.x (with RC4) -+# SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS" -+ -+## sample for OpenSSL >= 1.0.x (keep support for IE8 on XP) -+# SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS +RC4 RC4" -+ -+## sample for OpenSSL >= 1.0.x (no RC4 support) -+# SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4" -+ - # Speed-optimized SSL Cipher configuration: - # If speed is your main concern (on busy HTTPS servers e.g.), - # you might want to force clients to specific, performance -@@ -105,8 +124,8 @@ SSLSessionCacheTimeout 300 +--- docs/conf/extra/httpd-ssl.conf.in.orig 2015-05-27 13:59:59.000000000 -0500 ++++ docs/conf/extra/httpd-ssl.conf.in 2015-07-15 09:50:31.369623000 -0500 +@@ -124,8 +124,8 @@ DocumentRoot "@exp_htdocsdir@" ServerName www.example.com:@@SSLPort@@ ServerAdmin you@example.com -ErrorLog "@exp_logfiledir@/error_log" -TransferLog "@exp_logfiledir@/access_log" +ErrorLog "@exp_logfiledir@/httpd-error.log" +TransferLog "@exp_logfiledir@/httpd-access.log" # SSL Engine Switch: # Enable/Disable SSL for this virtual host. -@@ -265,7 +284,7 @@ BrowserMatch "MSIE [2-5]" \ +@@ -284,7 +284,7 @@ # Per-Server Logging: # The home of a custom SSL log file. Use this when you want a # compact non-error SSL logfile on a virtual host basis. -CustomLog "@exp_logfiledir@/ssl_request_log" \ +CustomLog "@exp_logfiledir@/httpd-ssl_request.log" \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" Index: branches/2015Q3 =================================================================== --- branches/2015Q3 (revision 392170) +++ branches/2015Q3 (revision 392171) Property changes on: branches/2015Q3 ___________________________________________________________________ Modified: svn:mergeinfo ## -0,0 +0,1 ## Merged /head:r392170