www/mod_rpaf2: Update to 0.8.4

- Update to 0.8.4 fixing Apache 2.4 compat [1] - Add modules.d config file [1] fixing [2] - Add upstream fix for clang warning [1] PR: 209869 [1], 222374 [2] Submitted by: Geoffroy Desvernay <dgeo@centrale-marseille.fr> [1] Reported by: mayhem30@gmail.com [2] With hat: apache
author: Bernard Spil <brnrd@FreeBSD.org> 2017-11-05 12:04:45 +0000
committer: Bernard Spil <brnrd@FreeBSD.org> 2017-11-05 12:04:45 +0000
commit: 36df8a34b905d2a6f6f1f16889820c5508a6c4cd (patch)
tree: 2fe6c64357bad485b68c6369c8341092481776ca
parent: - fix Makefile from r453537 (diff)
6 files changed, 96 insertions, 74 deletions
diff --git a/UPDATING b/UPDATING
index 1720d845df56..06432e0b4925 100644
--- a/UPDATING
+++ b/UPDATING
@@ -5,6 +5,13 @@ they are unavoidable.
 You should get into the habit of checking this file for changes each time
 you update your ports collection, before attempting any port upgrades.
 
+20171105:
+  AFFECTS: users of www/mod_rpaf2
+
+  The configuration of mod_rpaf2 has been heavily modified since version
+  0.6. Have a look at https://github.com/gnif/mod_rpaf/tree/v0.8.4 to 
+  determine what you need to change in your configuration.
+
 20171031:
   AFFECTS: users of editors/vim
   AUTHOR: adamw@FreeBSD.org
diff --git a/www/mod_rpaf2/Makefile b/www/mod_rpaf2/Makefile
index 193da87ff967..8061c20781d0 100644
--- a/www/mod_rpaf2/Makefile
+++ b/www/mod_rpaf2/Makefile
@@ -2,23 +2,40 @@
 # $FreeBSD$
 
 PORTNAME=	mod_rpaf
-PORTVERSION=	0.6.0
+PORTVERSION=	0.8.4
 DISTVERSIONPREFIX=	v
-PORTREVISION=	3
 CATEGORIES=	www
 PKGNAMESUFFIX=	2
 
 MAINTAINER=	apache@FreeBSD.org
 COMMENT=	Make proxied requests appear with client IP
 
+LICENSE=	APACHE20
+
 USE_GITHUB=	yes
 GH_ACCOUNT=	gnif
 
+DOCS=	README.md
+
 USE_APACHE=	22+
 AP_FAST_BUILD=	yes
-AP_GENPLIST=	yes
 SHORTMODNAME=	rpaf
 
-SRC_FILE=	mod_rpaf-2.0.c
+SRC_FILE=	mod_rpaf.c
+
+APMOD_FILE=	200_mod_rpaf.conf.sample
+PLIST_SUB+=	APMOD_FILE=${APMOD_FILE}
+PLIST_FILES=	@sample\ %%APACHEETCDIR%%/modules.d/200_${PORTNAME}.conf.sample \
+		%%APACHEMODDIR%%/${PORTNAME}.so
+SUB_FILES=	${APMOD_FILE}
+
+PORTDOCS=	README.md
+
+.include <bsd.port.pre.mk>
+
+post-install:
+	@${MKDIR} ${STAGEDIR}${PREFIX}/${APACHEETCDIR}/modules.d ${STAGEDIR}${DOCSDIR}
+	${INSTALL_DATA} ${WRKDIR}/${APMOD_FILE} ${STAGEDIR}${PREFIX}/${APACHEETCDIR}/modules.d
+	${INSTALL_DATA} ${WRKSRC}/README.md ${STAGEDIR}${DOCSDIR}
 
-.include <bsd.port.mk>
+.include <bsd.port.post.mk>
diff --git a/www/mod_rpaf2/distinfo b/www/mod_rpaf2/distinfo
index 0a81ac43bdb1..1abf6c1c3674 100644
--- a/www/mod_rpaf2/distinfo
+++ b/www/mod_rpaf2/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1464785880
-SHA256 (gnif-mod_rpaf-v0.6.0_GH0.tar.gz) = f89e51d7331d336a00833d6dc1cc786430d9f9c53bbbac97f22a96dbe803c7e7
-SIZE (gnif-mod_rpaf-v0.6.0_GH0.tar.gz) = 7643
+TIMESTAMP = 1509882113
+SHA256 (gnif-mod_rpaf-v0.8.4_GH0.tar.gz) = b78f292d7336f839527d6fb2213116c995a525ad9aa38c344c485abbd76848f5
+SIZE (gnif-mod_rpaf-v0.8.4_GH0.tar.gz) = 6458
diff --git a/www/mod_rpaf2/files/200_mod_rpaf.conf.sample.in b/www/mod_rpaf2/files/200_mod_rpaf.conf.sample.in
new file mode 100644
index 000000000000..5e6e5409c715
--- /dev/null
+++ b/www/mod_rpaf2/files/200_mod_rpaf.conf.sample.in
@@ -0,0 +1,33 @@
+LoadModule rpaf_module	%%APACHEMODDIR%%/mod_rpaf.so
+<IfModule mod_rpaf>
+  # Enable reverse proxy add forward
+  #RPAF_Enable On
+
+  # What IPs & bitmasked subnets to adjust requests for
+  #RPAF_ProxyIPs 127.0.0.1 10.0.0.0/24
+
+  # The header to use for the real IP address
+  #RPAF_Header X-Forwarded-For
+
+  # Update vhost name so ServerName & ServerAlias work
+  #RPAF_SetHostName Off
+
+  # Set the HTTPS environment variable
+  # to the header value contained in
+  # X-HTTPS, or X-Forwarded-HTTPS. For
+  # best results make sure that mod_ssl
+  # is NOT enabled.
+  #RPAF_SetHTTPS Off
+
+  # Set the server port to the header
+  # value contained in X-Port, or
+  # X-Forwarded-Port.
+  # (see https://github.com/gnif/mod_rpaf/issues/12)
+  #RPAF_SetPort Off
+
+  # Option to forbid request if not from
+  # trusted RPAF_ProxyIPs; otherwise
+  # cannot be done with Allow/Deny after
+  # remote addr substitution
+  #RPAF_ForbidIfNotProxy Off
+</IfModule>
diff --git a/www/mod_rpaf2/files/patch-mod__rpaf.c b/www/mod_rpaf2/files/patch-mod__rpaf.c
new file mode 100644
index 000000000000..7bda901e7753
--- /dev/null
+++ b/www/mod_rpaf2/files/patch-mod__rpaf.c
@@ -0,0 +1,31 @@
+From e93902533dd89ba6c77cea90e4e2c7d762650126 Mon Sep 17 00:00:00 2001
+From: Geoffroy Desvernay <dgeo@centrale-marseille.fr>
+Date: Mon, 12 Dec 2016 10:01:14 +0100
+Subject: [PATCH] Fix warning with clang
+
+Fix this warning on FreeBSD 11 (clang cc by default)
+./apxs.sh -c -n mod_rpaf.so mod_rpaf.c
+/usr/local/share/apr/build-1/libtool --silent --mode=compile cc -prefer-pic -O2 -pipe -I/usr/local/include -DLIBICONV_PLUG -fstack-protector -fno-strict-aliasing    -I/usr/local/include/apache24  -I/usr/local/include/apr-1   -I/usr/local/include/apr-1 -I/usr/local/include -I/usr/local/include/db5 -I/usr/include  -c -o mod_rpaf.lo mod_rpaf.c && touch mod_rpaf.slo
+mod_rpaf.c:117:18: warning: using the result of an assignment as a condition without parentheses [-Wparentheses]
+        if (mask = ap_strchr(ip, '/')) {
+            ~~~~~^~~~~~~~~~~~~~~~~~~~
+mod_rpaf.c:117:18: note: place parentheses around the assignment to silence this warning
+        if (mask = ap_strchr(ip, '/')) {
+                 ^
+            (                        )
+mod_rpaf.c:117:18: note: use '==' to turn this assignment into an equality comparison
+        if (mask = ap_strchr(ip, '/')) {
+                 ^
+                 ==
+1 warning generated.
+--- mod_rpaf.c.orig	2014-09-03 06:41:36 UTC
++++ mod_rpaf.c
+@@ -114,7 +114,7 @@ static const char *rpaf_set_proxy_ip(cmd
+ 
+     if (rpaf_looks_like_ip(proxy_ip)) {
+         ip = apr_pstrdup(cmd->temp_pool, proxy_ip);
+-        if (mask = ap_strchr(ip, '/')) {
++        if ((mask = ap_strchr(ip, '/'))) {
+             *mask++ = '\0';
+         }
+         sub = (apr_ipsubnet_t **)apr_array_push(cfg->proxy_ips);
diff --git a/www/mod_rpaf2/files/patch-mod_rpaf-2.0.c b/www/mod_rpaf2/files/patch-mod_rpaf-2.0.c
deleted file mode 100644
index fb9e985baef3..000000000000
--- a/www/mod_rpaf2/files/patch-mod_rpaf-2.0.c
+++ /dev/null
@@ -1,66 +0,0 @@
-PR: ports/179525 	Fix for mod_rpaf2 compatibility with Apache 2.4
-========================================================================
---- ./mod_rpaf-2.0.c.orig
-+++ ./mod_rpaf-2.0.c
-@@ -86,6 +86,23 @@
-     request_rec *r;
- } rpaf_cleanup_rec;
- 
-+
-+inline apr_sockaddr_t * rpaf_client_addr(conn_rec *c) {
-+#if AP_SERVER_MAJORVERSION_NUMBER >= 2 && AP_SERVER_MINORVERSION_NUMBER >= 4
-+  return c->client_addr;
-+#else
-+  return c->remote_addr;
-+#endif
-+}
-+
-+inline char * rpaf_client_ip(conn_rec *c) {
-+#if AP_SERVER_MAJORVERSION_NUMBER >= 2 && AP_SERVER_MINORVERSION_NUMBER >= 4
-+  return c->client_ip;
-+#else
-+  return c->remote_ip;
-+#endif
-+}
-+
- static void *rpaf_create_server_cfg(apr_pool_t *p, server_rec *s) {
-     rpaf_server_cfg *cfg = (rpaf_server_cfg *)apr_pcalloc(p, sizeof(rpaf_server_cfg));
-     if (!cfg)
-@@ -147,8 +164,9 @@
- 
- static apr_status_t rpaf_cleanup(void *data) {
-     rpaf_cleanup_rec *rcr = (rpaf_cleanup_rec *)data;
--    rcr->r->connection->remote_ip   = apr_pstrdup(rcr->r->connection->pool, rcr->old_ip);
--    rcr->r->connection->remote_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(rcr->r->connection->remote_ip);
-+    char *remote_ip = rpaf_client_ip(rcr->r->connection);
-+    strcpy(remote_ip,apr_pstrdup(rcr->r->connection->pool, rcr->old_ip)); 
-+    rpaf_client_addr(rcr->r->connection)->sa.sin.sin_addr.s_addr = apr_inet_addr(remote_ip);
-     return APR_SUCCESS;
- }
- 
-@@ -160,8 +178,8 @@
- 
-     if (!cfg->enable)
-         return DECLINED;
--
--    if (is_in_array(r->connection->remote_ip, cfg->proxy_ips) == 1) {
-+    char *remote_ip = rpaf_client_ip(r->connection);
-+    if (is_in_array(remote_ip, cfg->proxy_ips) == 1) {
-         /* check if cfg->headername is set and if it is use
-            that instead of X-Forwarded-For by default */
-         if (cfg->headername && (fwdvalue = apr_table_get(r->headers_in, cfg->headername))) {
-@@ -180,11 +198,11 @@
-                 if (*fwdvalue != '\0')
-                     ++fwdvalue;
-             }
--            rcr->old_ip = apr_pstrdup(r->connection->pool, r->connection->remote_ip);
-+            rcr->old_ip = apr_pstrdup(r->connection->pool, remote_ip);
-             rcr->r = r;
-             apr_pool_cleanup_register(r->pool, (void *)rcr, rpaf_cleanup, apr_pool_cleanup_null);
--            r->connection->remote_ip = apr_pstrdup(r->connection->pool, ((char **)arr->elts)[((arr->nelts)-1)]);
--            r->connection->remote_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(r->connection->remote_ip);
-+            strcpy(remote_ip,apr_pstrdup(r->connection->pool, ((char **)arr->elts)[((arr->nelts)-1)]));
-+            rpaf_client_addr(r->connection)->sa.sin.sin_addr.s_addr = apr_inet_addr(remote_ip);
-             if (cfg->sethostname) {
-                 const char *hostvalue;
-                 if (hostvalue = apr_table_get(r->headers_in, "X-Forwarded-Host")) {
author	Bernard Spil <brnrd@FreeBSD.org>	2017-11-05 12:04:45 +0000
committer	Bernard Spil <brnrd@FreeBSD.org>	2017-11-05 12:04:45 +0000
commit	36df8a34b905d2a6f6f1f16889820c5508a6c4cd (patch)
tree	2fe6c64357bad485b68c6369c8341092481776ca
parent	- fix Makefile from r453537 (diff)