diff options
author | Bernard Spil <brnrd@FreeBSD.org> | 2017-11-05 12:04:45 +0000 |
---|---|---|
committer | Bernard Spil <brnrd@FreeBSD.org> | 2017-11-05 12:04:45 +0000 |
commit | 36df8a34b905d2a6f6f1f16889820c5508a6c4cd (patch) | |
tree | 2fe6c64357bad485b68c6369c8341092481776ca | |
parent | - fix Makefile from r453537 (diff) |
www/mod_rpaf2: Update to 0.8.4
- Update to 0.8.4 fixing Apache 2.4 compat [1]
- Add modules.d config file [1] fixing [2]
- Add upstream fix for clang warning [1]
PR: 209869 [1], 222374 [2]
Submitted by: Geoffroy Desvernay <dgeo@centrale-marseille.fr> [1]
Reported by: mayhem30@gmail.com [2]
With hat: apache
Notes
Notes:
svn path=/head/; revision=453541
-rw-r--r-- | UPDATING | 7 | ||||
-rw-r--r-- | www/mod_rpaf2/Makefile | 27 | ||||
-rw-r--r-- | www/mod_rpaf2/distinfo | 6 | ||||
-rw-r--r-- | www/mod_rpaf2/files/200_mod_rpaf.conf.sample.in | 33 | ||||
-rw-r--r-- | www/mod_rpaf2/files/patch-mod__rpaf.c | 31 | ||||
-rw-r--r-- | www/mod_rpaf2/files/patch-mod_rpaf-2.0.c | 66 |
6 files changed, 96 insertions, 74 deletions
@@ -5,6 +5,13 @@ they are unavoidable. You should get into the habit of checking this file for changes each time you update your ports collection, before attempting any port upgrades. +20171105: + AFFECTS: users of www/mod_rpaf2 + + The configuration of mod_rpaf2 has been heavily modified since version + 0.6. Have a look at https://github.com/gnif/mod_rpaf/tree/v0.8.4 to + determine what you need to change in your configuration. + 20171031: AFFECTS: users of editors/vim AUTHOR: adamw@FreeBSD.org diff --git a/www/mod_rpaf2/Makefile b/www/mod_rpaf2/Makefile index 193da87ff967..8061c20781d0 100644 --- a/www/mod_rpaf2/Makefile +++ b/www/mod_rpaf2/Makefile @@ -2,23 +2,40 @@ # $FreeBSD$ PORTNAME= mod_rpaf -PORTVERSION= 0.6.0 +PORTVERSION= 0.8.4 DISTVERSIONPREFIX= v -PORTREVISION= 3 CATEGORIES= www PKGNAMESUFFIX= 2 MAINTAINER= apache@FreeBSD.org COMMENT= Make proxied requests appear with client IP +LICENSE= APACHE20 + USE_GITHUB= yes GH_ACCOUNT= gnif +DOCS= README.md + USE_APACHE= 22+ AP_FAST_BUILD= yes -AP_GENPLIST= yes SHORTMODNAME= rpaf -SRC_FILE= mod_rpaf-2.0.c +SRC_FILE= mod_rpaf.c + +APMOD_FILE= 200_mod_rpaf.conf.sample +PLIST_SUB+= APMOD_FILE=${APMOD_FILE} +PLIST_FILES= @sample\ %%APACHEETCDIR%%/modules.d/200_${PORTNAME}.conf.sample \ + %%APACHEMODDIR%%/${PORTNAME}.so +SUB_FILES= ${APMOD_FILE} + +PORTDOCS= README.md + +.include <bsd.port.pre.mk> + +post-install: + @${MKDIR} ${STAGEDIR}${PREFIX}/${APACHEETCDIR}/modules.d ${STAGEDIR}${DOCSDIR} + ${INSTALL_DATA} ${WRKDIR}/${APMOD_FILE} ${STAGEDIR}${PREFIX}/${APACHEETCDIR}/modules.d + ${INSTALL_DATA} ${WRKSRC}/README.md ${STAGEDIR}${DOCSDIR} -.include <bsd.port.mk> +.include <bsd.port.post.mk> diff --git a/www/mod_rpaf2/distinfo b/www/mod_rpaf2/distinfo index 0a81ac43bdb1..1abf6c1c3674 100644 --- a/www/mod_rpaf2/distinfo +++ b/www/mod_rpaf2/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1464785880 -SHA256 (gnif-mod_rpaf-v0.6.0_GH0.tar.gz) = f89e51d7331d336a00833d6dc1cc786430d9f9c53bbbac97f22a96dbe803c7e7 -SIZE (gnif-mod_rpaf-v0.6.0_GH0.tar.gz) = 7643 +TIMESTAMP = 1509882113 +SHA256 (gnif-mod_rpaf-v0.8.4_GH0.tar.gz) = b78f292d7336f839527d6fb2213116c995a525ad9aa38c344c485abbd76848f5 +SIZE (gnif-mod_rpaf-v0.8.4_GH0.tar.gz) = 6458 diff --git a/www/mod_rpaf2/files/200_mod_rpaf.conf.sample.in b/www/mod_rpaf2/files/200_mod_rpaf.conf.sample.in new file mode 100644 index 000000000000..5e6e5409c715 --- /dev/null +++ b/www/mod_rpaf2/files/200_mod_rpaf.conf.sample.in @@ -0,0 +1,33 @@ +LoadModule rpaf_module %%APACHEMODDIR%%/mod_rpaf.so +<IfModule mod_rpaf> + # Enable reverse proxy add forward + #RPAF_Enable On + + # What IPs & bitmasked subnets to adjust requests for + #RPAF_ProxyIPs 127.0.0.1 10.0.0.0/24 + + # The header to use for the real IP address + #RPAF_Header X-Forwarded-For + + # Update vhost name so ServerName & ServerAlias work + #RPAF_SetHostName Off + + # Set the HTTPS environment variable + # to the header value contained in + # X-HTTPS, or X-Forwarded-HTTPS. For + # best results make sure that mod_ssl + # is NOT enabled. + #RPAF_SetHTTPS Off + + # Set the server port to the header + # value contained in X-Port, or + # X-Forwarded-Port. + # (see https://github.com/gnif/mod_rpaf/issues/12) + #RPAF_SetPort Off + + # Option to forbid request if not from + # trusted RPAF_ProxyIPs; otherwise + # cannot be done with Allow/Deny after + # remote addr substitution + #RPAF_ForbidIfNotProxy Off +</IfModule> diff --git a/www/mod_rpaf2/files/patch-mod__rpaf.c b/www/mod_rpaf2/files/patch-mod__rpaf.c new file mode 100644 index 000000000000..7bda901e7753 --- /dev/null +++ b/www/mod_rpaf2/files/patch-mod__rpaf.c @@ -0,0 +1,31 @@ +From e93902533dd89ba6c77cea90e4e2c7d762650126 Mon Sep 17 00:00:00 2001 +From: Geoffroy Desvernay <dgeo@centrale-marseille.fr> +Date: Mon, 12 Dec 2016 10:01:14 +0100 +Subject: [PATCH] Fix warning with clang + +Fix this warning on FreeBSD 11 (clang cc by default) +./apxs.sh -c -n mod_rpaf.so mod_rpaf.c +/usr/local/share/apr/build-1/libtool --silent --mode=compile cc -prefer-pic -O2 -pipe -I/usr/local/include -DLIBICONV_PLUG -fstack-protector -fno-strict-aliasing -I/usr/local/include/apache24 -I/usr/local/include/apr-1 -I/usr/local/include/apr-1 -I/usr/local/include -I/usr/local/include/db5 -I/usr/include -c -o mod_rpaf.lo mod_rpaf.c && touch mod_rpaf.slo +mod_rpaf.c:117:18: warning: using the result of an assignment as a condition without parentheses [-Wparentheses] + if (mask = ap_strchr(ip, '/')) { + ~~~~~^~~~~~~~~~~~~~~~~~~~ +mod_rpaf.c:117:18: note: place parentheses around the assignment to silence this warning + if (mask = ap_strchr(ip, '/')) { + ^ + ( ) +mod_rpaf.c:117:18: note: use '==' to turn this assignment into an equality comparison + if (mask = ap_strchr(ip, '/')) { + ^ + == +1 warning generated. +--- mod_rpaf.c.orig 2014-09-03 06:41:36 UTC ++++ mod_rpaf.c +@@ -114,7 +114,7 @@ static const char *rpaf_set_proxy_ip(cmd + + if (rpaf_looks_like_ip(proxy_ip)) { + ip = apr_pstrdup(cmd->temp_pool, proxy_ip); +- if (mask = ap_strchr(ip, '/')) { ++ if ((mask = ap_strchr(ip, '/'))) { + *mask++ = '\0'; + } + sub = (apr_ipsubnet_t **)apr_array_push(cfg->proxy_ips); diff --git a/www/mod_rpaf2/files/patch-mod_rpaf-2.0.c b/www/mod_rpaf2/files/patch-mod_rpaf-2.0.c deleted file mode 100644 index fb9e985baef3..000000000000 --- a/www/mod_rpaf2/files/patch-mod_rpaf-2.0.c +++ /dev/null @@ -1,66 +0,0 @@ -PR: ports/179525 Fix for mod_rpaf2 compatibility with Apache 2.4 -======================================================================== ---- ./mod_rpaf-2.0.c.orig -+++ ./mod_rpaf-2.0.c -@@ -86,6 +86,23 @@ - request_rec *r; - } rpaf_cleanup_rec; - -+ -+inline apr_sockaddr_t * rpaf_client_addr(conn_rec *c) { -+#if AP_SERVER_MAJORVERSION_NUMBER >= 2 && AP_SERVER_MINORVERSION_NUMBER >= 4 -+ return c->client_addr; -+#else -+ return c->remote_addr; -+#endif -+} -+ -+inline char * rpaf_client_ip(conn_rec *c) { -+#if AP_SERVER_MAJORVERSION_NUMBER >= 2 && AP_SERVER_MINORVERSION_NUMBER >= 4 -+ return c->client_ip; -+#else -+ return c->remote_ip; -+#endif -+} -+ - static void *rpaf_create_server_cfg(apr_pool_t *p, server_rec *s) { - rpaf_server_cfg *cfg = (rpaf_server_cfg *)apr_pcalloc(p, sizeof(rpaf_server_cfg)); - if (!cfg) -@@ -147,8 +164,9 @@ - - static apr_status_t rpaf_cleanup(void *data) { - rpaf_cleanup_rec *rcr = (rpaf_cleanup_rec *)data; -- rcr->r->connection->remote_ip = apr_pstrdup(rcr->r->connection->pool, rcr->old_ip); -- rcr->r->connection->remote_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(rcr->r->connection->remote_ip); -+ char *remote_ip = rpaf_client_ip(rcr->r->connection); -+ strcpy(remote_ip,apr_pstrdup(rcr->r->connection->pool, rcr->old_ip)); -+ rpaf_client_addr(rcr->r->connection)->sa.sin.sin_addr.s_addr = apr_inet_addr(remote_ip); - return APR_SUCCESS; - } - -@@ -160,8 +178,8 @@ - - if (!cfg->enable) - return DECLINED; -- -- if (is_in_array(r->connection->remote_ip, cfg->proxy_ips) == 1) { -+ char *remote_ip = rpaf_client_ip(r->connection); -+ if (is_in_array(remote_ip, cfg->proxy_ips) == 1) { - /* check if cfg->headername is set and if it is use - that instead of X-Forwarded-For by default */ - if (cfg->headername && (fwdvalue = apr_table_get(r->headers_in, cfg->headername))) { -@@ -180,11 +198,11 @@ - if (*fwdvalue != '\0') - ++fwdvalue; - } -- rcr->old_ip = apr_pstrdup(r->connection->pool, r->connection->remote_ip); -+ rcr->old_ip = apr_pstrdup(r->connection->pool, remote_ip); - rcr->r = r; - apr_pool_cleanup_register(r->pool, (void *)rcr, rpaf_cleanup, apr_pool_cleanup_null); -- r->connection->remote_ip = apr_pstrdup(r->connection->pool, ((char **)arr->elts)[((arr->nelts)-1)]); -- r->connection->remote_addr->sa.sin.sin_addr.s_addr = apr_inet_addr(r->connection->remote_ip); -+ strcpy(remote_ip,apr_pstrdup(r->connection->pool, ((char **)arr->elts)[((arr->nelts)-1)])); -+ rpaf_client_addr(r->connection)->sa.sin.sin_addr.s_addr = apr_inet_addr(remote_ip); - if (cfg->sethostname) { - const char *hostvalue; - if (hostvalue = apr_table_get(r->headers_in, "X-Forwarded-Host")) { |