- upgrade mod-ssl to 2.8.12 so that distfile could be fetchable again.

- add support of login classes to suexec. - some portlint. # adding PORTCOMMENT was discarded. PR: ports/45140 Submitted by: maintainer
author: SADA Kenji <sada@FreeBSD.org> 2002-11-11 00:53:35 +0000
committer: SADA Kenji <sada@FreeBSD.org> 2002-11-11 00:53:35 +0000
commit: 17bd37008e8ca0de0e5c4c15c711694ca1f8541b (patch)
tree: c082624b30a151f713a61b4de11e6215c9e8e2fb /russian/apache13-modssl
parent: Add login classes support for suexec (diff)
4 files changed, 107 insertions, 10 deletions
diff --git a/russian/apache13-modssl/Makefile b/russian/apache13-modssl/Makefile
index a072e14df2b0..40e5893e89cb 100644
--- a/russian/apache13-modssl/Makefile
+++ b/russian/apache13-modssl/Makefile
@@ -8,7 +8,8 @@
 PORTNAME=	apache+mod_ssl
 PORTVERSION=	${VERSION_APACHE}.${VERSION_RA}.${VERSION_MODSSL}
 CATEGORIES=	russian www security
-MASTER_SITES=	http://www.apache.org/dist/httpd/ \
+MASTER_SITES=	http://nagoya.apache.org/dist/httpd/ \
+		http://www.apache.org/dist/httpd/ \
 		ftp://ftp.ccs.neu.edu/net/mirrors/ftp.apache.org/apache/dist/httpd/ \
 		ftp://ftp.rge.com/pub/infosystems/apache/dist/httpd/ \
 		ftp://apache.compuex.com/pub/apache/dist/httpd/ \
@@ -39,7 +40,6 @@ MASTER_SITES_MODSSL=	http://www.modssl.org/source/ \
 MASTER_SITES_RA=	ftp://ftp.lexa.ru/pub/apache-rus/ \
 			ftp://ftp.lexa.ru/pub/apache-rus/old-versions/
 
-
 DISTNAME=	apache_${VERSION_APACHE}
 DISTFILES=	${DISTNAME}${EXTRACT_SUFX} \
 		mod_ssl-${VERSION_MODSSL}-${VERSION_APACHE}${EXTRACT_SUFX}:modssl \
@@ -55,7 +55,7 @@ USE_PERL5=	yes
 LIB_DEPENDS=	mm.12:${PORTSDIR}/devel/mm
 
 VERSION_APACHE=	1.3.27
-VERSION_MODSSL=	2.8.11
+VERSION_MODSSL=	2.8.12
 VERSION_RA=	30.16
 
 #
@@ -72,15 +72,16 @@ DEFAULT_PATH?=/bin:/usr/bin:${PREFIX}/bin
 .if defined(WITH_APACHE_SUEXEC)
 
 APACHE_SUEXEC_DOCROOT?=${DOCUMENT_ROOT}
+APACHE_SUEXEC_LOG?=/var/log/httpd-suexec.log
 APACHE_SUEXEC_USERDIR?=public_html
 
-SUEXEC_CONF= \
+SUEXEC_CONF=\
 	 --enable-suexec \
 	 --suexec-docroot=${APACHE_SUEXEC_DOCROOT} \
 	 --suexec-caller=www \
 	 --suexec-uidmin=1000 \
 	 --suexec-gidmin=1000 \
-	 --suexec-logfile=/var/log/httpd-suexec.log \
+	 --suexec-logfile=${APACHE_SUEXEC_LOG} \
 	 --suexec-userdir=${APACHE_SUEXEC_USERDIR} \
 	 --suexec-safepath=${DEFAULT_PATH}
 
@@ -119,7 +120,7 @@ OPTIM=		-DHARD_SERVER_LIMIT=512 \
 		-DACCEPT_FILTER_NAME=\\"httpready\\"
 
 .if defined(WITH_DSO_MODULES)
-CONFIGURE_ARGS+= \
+CONFIGURE_ARGS+=\
 		 --enable-shared=max \
 		 --disable-shared=so \
 		 --disable-shared=charset \
@@ -132,7 +133,7 @@ CONFIGURE_ARGS+= \
 
 PLIST_SUB+=	 DSO_MOD=""
 .else
-CONFIGURE_ARGS+= \
+CONFIGURE_ARGS+=\
 		 --enable-shared=remain \
 		 --enable-module=most \
 		 --enable-module=auth_db \
@@ -150,7 +151,7 @@ PLIST_SUB+=	 DSO_MOD="@comment "
 OPTIM=		 -DDOCUMENT_LOCATION=\\"${DOCUMENT_ROOT}\\" \
 		 -DDEFAULT_PATH=\\"${DEFAULT_PATH}\\"
 
-.if defined(APACHE_HARD_SERVER_LIMIT)                                                                                   
+.if defined(APACHE_HARD_SERVER_LIMIT)
 OPTIM+=		 -DHARD_SERVER_LIMIT=${APACHE_HARD_SERVER_LIMIT}
 .else
 OPTIM+=		 -DHARD_SERVER_LIMIT=512
@@ -200,7 +201,8 @@ pre-fetch:
 	@${ECHO_MSG} "   suexec docroot:  ${APACHE_SUEXEC_DOCROOT}"
 	@${ECHO_MSG} "   suexec userdir:  ${APACHE_SUEXEC_USERDIR}"
 	@${ECHO_MSG} "   suexec safepath: ${DEFAULT_PATH}"
-	@${ECHO_MSG} "   These values could be defined as APACHE_SUEXEC_DOCROOT, APACHE_SUEXEC_USERDIR and DEFAULT_PATH."
+	@${ECHO_MSG} "   suexec log:      ${APACHE_SUEXEC_LOG}"
+	@${ECHO_MSG} "   These values could be defined as APACHE_SUEXEC_DOCROOT, APACHE_SUEXEC_USERDIR, DEFAULT_PATH and APACHE_SUEXEC_LOG."
 .else
 	@${ECHO_MSG} "You could define WITH_APACHE_SUEXEC to build suexec support."
 .endif
diff --git a/russian/apache13-modssl/distinfo b/russian/apache13-modssl/distinfo
index 193566e259df..de859d70b364 100644
--- a/russian/apache13-modssl/distinfo
+++ b/russian/apache13-modssl/distinfo
@@ -1,3 +1,3 @@
 MD5 (apache_1.3.27.tar.gz) = 65b89365a65dcad71d4402b4862beeaa
-MD5 (mod_ssl-2.8.11-1.3.27.tar.gz) = f84bd971aa8db28f31ad6bab2e7acc2c
+MD5 (mod_ssl-2.8.12-1.3.27.tar.gz) = 6d52df71a602ae150898fb8483fa22a4
 MD5 (patches_1.3.27rusPL30.16.tar.gz) = e33a0e9ed40d39ce67fea77bbfe342ba
diff --git a/russian/apache13-modssl/files/patch-ba b/russian/apache13-modssl/files/patch-ba
new file mode 100644
index 000000000000..1f92bd360250
--- /dev/null
+++ b/russian/apache13-modssl/files/patch-ba
@@ -0,0 +1,20 @@
+--- src/support/Makefile.tmpl.orig	Sat Mar  2 20:46:23 2002
++++ src/support/Makefile.tmpl	Tue Oct 22 00:31:18 2002
+@@ -7,7 +7,7 @@
+ # LIBS=-L$(SSLLOC)/lib -lssl -lcrypto -lm -lap -los $(EXTRA_LIBS) $(LIBS1)
+ # INCLUDES=-I$(SSLLOC)/include $(INCLUDES1) $(INCLUDES0) $(EXTRA_INCLUDES)
+ 
+-CFLAGS=$(OPTIM) $(CFLAGS1) $(EXTRA_CFLAGS)
++CFLAGS=-DLOGIN_CAP $(OPTIM) $(CFLAGS1) $(EXTRA_CFLAGS)
+ LIBS=-lm -lap -los $(EXTRA_LIBS) $(LIBS1)
+ INCLUDES=$(INCLUDES1) $(INCLUDES0) $(EXTRA_INCLUDES)
+ LDFLAGS=$(LDFLAGS1) $(EXTRA_LDFLAGS) -L$(OSDIR) -L$(SRCDIR)/ap
+@@ -50,7 +50,7 @@
+ 	    -e 's%@LIBS_SHLIB@%$(LIBS_SHLIB)%g' && chmod a+x apxs
+ 
+ suexec: suexec.o
+-	$(CC) $(CFLAGS) -o suexec $(LDFLAGS) suexec.o $(LIBS)
++	$(CC) $(CFLAGS) -lutil -o suexec $(LDFLAGS) suexec.o $(LIBS)
+ 
+ clean:
+ 	rm -f $(TARGETS) *.o
diff --git a/russian/apache13-modssl/files/patch-bb b/russian/apache13-modssl/files/patch-bb
new file mode 100644
index 000000000000..1f2731eb4aff
--- /dev/null
+++ b/russian/apache13-modssl/files/patch-bb
@@ -0,0 +1,75 @@
+--- src/support/suexec.c.orig	Thu Mar 14 00:05:37 2002
++++ src/support/suexec.c	Wed Sep 25 00:22:18 2002
+@@ -90,6 +90,9 @@
+ #include <sys/types.h>
+ 
+ #include <stdarg.h>
++#ifdef LOGIN_CAP
++#include <login_cap.h>
++#endif
+ 
+ #include "suexec.h"
+ 
+@@ -296,11 +299,14 @@
+         fprintf(stderr, " -D DOC_ROOT=\"%s\"\n", DOC_ROOT);
+ #endif
+ #ifdef GID_MIN
+-        fprintf(stderr, " -D GID_MID=%d\n", GID_MIN);
++        fprintf(stderr, " -D GID_MIN=%d\n", GID_MIN);
+ #endif
+ #ifdef HTTPD_USER
+         fprintf(stderr, " -D HTTPD_USER=\"%s\"\n", HTTPD_USER);
+ #endif
++#ifdef LOGIN_CAP
++        fprintf(stderr, " -D LOGIN_CAP\n");
++#endif
+ #ifdef LOG_EXEC
+         fprintf(stderr, " -D LOG_EXEC=\"%s\"\n", LOG_EXEC);
+ #endif
+@@ -311,7 +317,7 @@
+         fprintf(stderr, " -D SUEXEC_UMASK=%03o\n", SUEXEC_UMASK);
+ #endif
+ #ifdef UID_MIN
+-        fprintf(stderr, " -D UID_MID=%d\n", UID_MIN);
++        fprintf(stderr, " -D UID_MIN=%d\n", UID_MIN);
+ #endif
+ #ifdef USERDIR_SUFFIX
+         fprintf(stderr, " -D USERDIR_SUFFIX=\"%s\"\n", USERDIR_SUFFIX);
+@@ -461,7 +467,28 @@
+ 
+     /*
+      * Change UID/GID here so that the following tests work over NFS.
+-     *
++     */
++
++#ifdef LOGIN_CAP
++    /*
++     * Set user context (resources, priority and grouplist).
++     * If unsuccessful, error out.
++     */
++    if (setusercontext(NULL, pw, uid, LOGIN_SETRESOURCES | LOGIN_SETPRIORITY |
++      LOGIN_SETGROUP | LOGIN_SETLOGIN) == -1) {
++	log_err("emerg: failed to set user context (%ld: %s)\n", uid, cmd);
++	exit(108);
++    }
++
++    /*
++     * Set gid to the target group. If unsuccessful, error out.
++     */
++    if ((setgid(gid)) != 0) {
++	log_err("emerg: failed to setgid (%ld: %s)\n", gid, cmd);
++	exit(109);
++    }
++#else /* !LOGIN_CAP */
++    /*
+      * Initialize the group access list for the target user,
+      * and setgid() to the target group. If unsuccessful, error out.
+      */
+@@ -469,6 +496,7 @@
+ 	log_err("emerg: failed to setgid (%ld: %s)\n", gid, cmd);
+ 	exit(109);
+     }
++#endif /* LOGIN_CAP */
+ 
+     /*
+      * setuid() to the target user.  Error out on fail.
author	SADA Kenji <sada@FreeBSD.org>	2002-11-11 00:53:35 +0000
committer	SADA Kenji <sada@FreeBSD.org>	2002-11-11 00:53:35 +0000
commit	17bd37008e8ca0de0e5c4c15c711694ca1f8541b (patch)
tree	c082624b30a151f713a61b4de11e6215c9e8e2fb /russian/apache13-modssl
parent	Add login classes support for suexec (diff)