diff options
| author | Olli Hauer <ohauer@FreeBSD.org> | 2015-05-31 12:52:00 +0000 |
|---|---|---|
| committer | Olli Hauer <ohauer@FreeBSD.org> | 2015-05-31 12:52:00 +0000 |
| commit | 887bc73476c8e2f8ac47e56dd7cec172d9720b13 (patch) | |
| tree | c03f541b7657cb201449f598b68edda41e94f16b /www | |
| parent | Update to version 1.2.2 (diff) | |
- use @sample for conf files
- backport ab from 2.4.x
- fix mode for suexec, cgi test files
- adopt http-ssl.conf.in from upstream trunk
- rebuild some patches
Notes
Notes:
svn path=/head/; revision=388056
Diffstat (limited to 'www')
26 files changed, 1357 insertions, 213 deletions
diff --git a/www/apache22/Makefile b/www/apache22/Makefile index e1aa884c1155..b925d7eb75ed 100644 --- a/www/apache22/Makefile +++ b/www/apache22/Makefile @@ -2,7 +2,7 @@ PORTNAME= apache22 PORTVERSION= 2.2.29 -PORTREVISION?= 3 +PORTREVISION?= 4 CATEGORIES= www ipv6 MASTER_SITES= APACHE_HTTPD DISTNAME= httpd-${PORTVERSION} @@ -95,11 +95,12 @@ CONFIGURE_ARGS+=--prefix=${PREFIX} \ --with-apr=${APR_CONFIG} \ --with-apr-util=${APU_CONFIG} -CONFIGURE_ENV= LOCALBASE="${LOCALBASE}" +CONFIGURE_ENV= CONFIG_SHELL="${SH}" \ + LOCALBASE="${LOCALBASE}" MAKE_ENV+= EXPR_COMPAT=yes \ INSTALL_MAN="${INSTALL_MAN}" \ - EXAMPLESDIR=${EXAMPLESDIR} + DATADIR=${DATADIR} #===================================================== # CONFIGURE_ARGS will be handled in Makefile.modules, @@ -131,7 +132,7 @@ post-extract: # remove possible leftover .svn directories in the sources @${FIND} ${WRKSRC} -type d -name .svn -print | ${XARGS} ${RM} -rf # limit grep results ... - @${FIND} ${WRKSRC} -type f \( -name 'NWGNU*' -o -name '*.ds?' -o -name '*.dep' -o -name '*.mak' -o -name '*.win' \) -delete + ${FIND} ${WRKSRC} -type f \( -name 'NWGNU*' -o -name '*.ds?' -o -name '*.dep' -o -name '*.mak' -o -name '*.win' -o -name '*.vbs' -o -name '*.wsf' \) -delete # make qa script happy, it complains on empty dirs even 'PORTDOCS=*' is set # use RMDIR in case upstream ever place some files into this dirs @@ -184,8 +185,6 @@ post-install: ${INSTALL_DATA} ${FILESDIR}/no-accf.conf ${STAGEDIR}${ETCDIR}/Includes/ # place for 3rd party module configuration ${INSTALL_DATA} ${FILESDIR}/README_modules.d ${STAGEDIR}${ETCDIR}/modules.d/ - @${MKDIR} ${STAGEDIR}/${EXAMPLESDIR}/modules.d - ${INSTALL_DATA} ${FILESDIR}/README_modules.d ${STAGEDIR}${EXAMPLESDIR}/modules.d # strip returns an error for non binary files, but we have a big mix -${STRIP_CMD} ${STAGEDIR}${PREFIX}/sbin/* 2>/dev/null -${STRIP_CMD} ${STAGEDIR}${PREFIX}/libexec/apache22/mod_*.so diff --git a/www/apache22/files/patch-Makefile.in b/www/apache22/files/patch-Makefile.in index 2c1c35a8cdcb..63b46484d46c 100644 --- a/www/apache22/files/patch-Makefile.in +++ b/www/apache22/files/patch-Makefile.in @@ -1,28 +1,46 @@ ---- ./Makefile.in.orig 2008-11-25 21:24:49.000000000 +0100 -+++ ./Makefile.in 2014-07-08 06:12:16.000000000 +0200 -@@ -31,12 +31,10 @@ +--- Makefile.in.orig 2008-11-25 20:24:49 UTC ++++ Makefile.in +@@ -31,12 +31,9 @@ include $(top_srcdir)/build/program.mk install-conf: @echo Installing configuration files @$(MKINSTALLDIRS) $(DESTDIR)$(sysconfdir) $(DESTDIR)$(sysconfdir)/extra - @$(MKINSTALLDIRS) $(DESTDIR)$(sysconfdir)/original/extra -+ @$(MKINSTALLDIRS) $(DESTDIR)$(EXAMPLESDIR) $(DESTDIR)$(EXAMPLESDIR)/extra @cd $(top_srcdir)/docs/conf; \ for i in mime.types magic; do \ - if test ! -f $(DESTDIR)$(sysconfdir)/$$i; then \ - $(INSTALL_DATA) $$i $(DESTDIR)$(sysconfdir); \ - fi; \ -+ $(INSTALL_DATA) $$i $(DESTDIR)$(EXAMPLESDIR); \ ++ $(INSTALL_DATA) $$i $(DESTDIR)$(sysconfdir)/$${i}.sample; \ done; \ for j in $(top_srcdir)/docs/conf $(top_builddir)/docs/conf ; do \ cd $$j ; \ -@@ -69,15 +67,12 @@ +@@ -59,7 +56,17 @@ install-conf: + < $$i; \ + for j in $(DSO_MODULES) "^EOL^"; do \ + if test $$j != "^EOL^"; then \ +- echo "LoadModule $${j}_module $(rel_libexecdir)/mod_$${j}.so"; \ ++ if test $$j == "cgid"; then \ ++ echo "<IfModule !mpm_prefork_module>"; \ ++ echo "LoadModule $${j}_module $(rel_libexecdir)/mod_$${j}.so"; \ ++ echo "</IfModule>"; \ ++ elif test $$j == "cgi"; then \ ++ echo "<IfModule mpm_prefork_module>"; \ ++ echo "LoadModule $${j}_module $(rel_libexecdir)/mod_$${j}.so"; \ ++ echo "</IfModule>"; \ ++ else \ ++ echo "LoadModule $${j}_module $(rel_libexecdir)/mod_$${j}.so"; \ ++ fi; \ + fi; \ + done; \ + sed -e '1,/@@LoadModule@@/d' \ +@@ -69,15 +76,12 @@ install-conf: -e 's#@@SSLPort@@#$(SSLPORT)#g' \ < $$i; \ fi \ - ) > $(DESTDIR)$(sysconfdir)/original/$$i; \ - chmod 0644 $(DESTDIR)$(sysconfdir)/original/$$i; \ -+ ) > $(DESTDIR)$(EXAMPLESDIR)/$$i; \ -+ chmod 0644 $(DESTDIR)$(EXAMPLESDIR)/$$i; \ ++ ) > $(DESTDIR)$(sysconfdir)/$${i}.sample; \ ++ chmod 0644 $(DESTDIR)$(sysconfdir)/$${i}.sample; \ file=$$i; \ if [ "$$i" = "httpd.conf" ]; then \ file=`echo $$i|sed s/.*.conf/$(PROGRAM_NAME).conf/`; \ @@ -33,7 +51,7 @@ fi; \ done ; \ done ; \ -@@ -120,48 +115,25 @@ +@@ -120,48 +124,25 @@ dox: doxygen $(top_srcdir)/docs/doxygen.conf install-htdocs: @@ -50,8 +68,8 @@ - cd $(DESTDIR)$(htdocsdir) && find . -name ".svn" -type d -print | xargs rm -rf 2>/dev/null || true; \ - fi; \ - fi -+ $(MKINSTALLDIRS) $(DESTDIR)$(EXAMPLESDIR) ; \ -+ test -d $(htdocs-srcdir) && (cd $(htdocs-srcdir) && cp -rp index.html $(DESTDIR)$(EXAMPLESDIR)) || true ++ $(MKINSTALLDIRS) $(DESTDIR)$(DATADIR)/misc ; \ ++ test -d $(htdocs-srcdir) && (cd $(htdocs-srcdir) && cp -rp index.html $(DESTDIR)$(DATADIR)/misc) || true install-error: - -@if [ -d $(DESTDIR)$(errordir) ]; then \ @@ -91,7 +109,7 @@ install-other: @test -d $(DESTDIR)$(logfiledir) || $(MKINSTALLDIRS) $(DESTDIR)$(logfiledir) -@@ -210,12 +182,7 @@ +@@ -210,12 +191,7 @@ install-man: @test -d $(DESTDIR)$(manualdir) || $(MKINSTALLDIRS) $(DESTDIR)$(manualdir) @cp -p $(top_srcdir)/docs/man/*.1 $(DESTDIR)$(mandir)/man1 @cp -p $(top_srcdir)/docs/man/*.8 $(DESTDIR)$(mandir)/man8 diff --git a/www/apache22/files/patch-acinclude.m4 b/www/apache22/files/patch-acinclude.m4 index 29c527eb3de4..ac2f04bafe1b 100644 --- a/www/apache22/files/patch-acinclude.m4 +++ b/www/apache22/files/patch-acinclude.m4 @@ -1,9 +1,10 @@ ---- acinclude.m4.orig 2012-07-06 17:23:21.000000000 +0200 -+++ acinclude.m4 2015-02-28 10:22:26.577650967 +0100 -@@ -455,6 +455,8 @@ +--- acinclude.m4.orig 2012-07-06 15:23:21 UTC ++++ acinclude.m4 +@@ -455,6 +455,9 @@ if test "x$ap_ssltk_configured" = "x"; t AC_CHECK_HEADERS([openssl/engine.h]) AC_CHECK_FUNCS([SSLeay_version SSL_CTX_new], [], [liberrors="yes"]) AC_CHECK_FUNCS([ENGINE_init ENGINE_load_builtin_engines]) ++ dnl PR 196256, https://issues.apache.org/bugzilla/show_bug.cgi?id=57395 + AC_CHECK_FUNCS([SSL_CTX_use_certificate_chain]) + AC_CHECK_LIB(crypto, RAND_egd, AC_DEFINE(HAVE_SSL_RAND_EGD, 1, [Define if the libcrypto has RAND_egd])) else diff --git a/www/apache22/files/patch-config.layout b/www/apache22/files/patch-config.layout index 67775646a0a2..9fd056ad82f5 100644 --- a/www/apache22/files/patch-config.layout +++ b/www/apache22/files/patch-config.layout @@ -1,5 +1,5 @@ ---- ./config.layout.orig 2004-11-21 13:50:36.000000000 -0500 -+++ ./config.layout 2010-05-06 19:37:54.214731918 -0400 +--- config.layout.orig 2012-02-27 22:57:18 UTC ++++ config.layout @@ -281,17 +281,17 @@ bindir: ${exec_prefix}/bin sbindir: ${exec_prefix}/sbin diff --git a/www/apache22/files/patch-configure.in b/www/apache22/files/patch-configure.in index 10bdad0f0391..eb1835e91f58 100644 --- a/www/apache22/files/patch-configure.in +++ b/www/apache22/files/patch-configure.in @@ -1,6 +1,6 @@ ---- ./configure.in.orig 2008-12-01 15:32:43.000000000 -0500 -+++ ./configure.in 2010-05-06 19:37:54.216730223 -0400 -@@ -87,9 +87,14 @@ +--- configure.in.orig 2013-06-27 16:59:04 UTC ++++ configure.in +@@ -87,9 +87,14 @@ if test "$apr_found" = "no"; then AC_MSG_ERROR([APR not found. Please read the documentation.]) fi @@ -16,7 +16,7 @@ [--enable-layout=*|\'--enable-layout=*]) dnl We must be the first to build and the last to be cleaned AP_BUILD_SRCLIB_DIRS="apr $AP_BUILD_SRCLIB_DIRS" -@@ -123,6 +128,11 @@ +@@ -123,6 +128,11 @@ if test "$apu_found" = "no"; then AC_MSG_ERROR([APR-util not found. Please read the documentation.]) fi @@ -28,7 +28,7 @@ # Catch some misconfigurations: case ${apr_found}.${apu_found} in reconfig.yes) -@@ -135,7 +145,7 @@ +@@ -135,7 +145,7 @@ esac if test "$apu_found" = "reconfig"; then APR_SUBDIR_CONFIG(srclib/apr-util, @@ -37,7 +37,19 @@ [--enable-layout=*|\'--enable-layout=*]) dnl We must be the last to build and the first to be cleaned AP_BUILD_SRCLIB_DIRS="$AP_BUILD_SRCLIB_DIRS apr-util" -@@ -653,8 +663,14 @@ +@@ -480,7 +490,10 @@ AC_ARG_ENABLE(v4-mapped,APACHE_HELP_STRI + ], + [ + case $host in +- *freebsd5*|*netbsd*|*openbsd*) ++ *freebsd[[1234]].*) ++ v4mapped=yes ++ ;; ++ *freebsd*|*netbsd*|*openbsd*) + v4mapped=no + ;; + *mingw*) +@@ -678,8 +691,14 @@ AC_DEFINE_UNQUOTED(HTTPD_ROOT, "${ap_pre [Root directory of the Apache install area]) AC_DEFINE_UNQUOTED(SERVER_CONFIG_FILE, "${rel_sysconfdir}/${progname}.conf", [Location of the config file, relative to the Apache root directory]) diff --git a/www/apache22/files/patch-docs__conf__extra__httpd-mpm.conf.in b/www/apache22/files/patch-docs__conf__extra__httpd-mpm.conf.in index 079cc48946bf..4ee823a1f30b 100644 --- a/www/apache22/files/patch-docs__conf__extra__httpd-mpm.conf.in +++ b/www/apache22/files/patch-docs__conf__extra__httpd-mpm.conf.in @@ -1,5 +1,5 @@ ---- docs/conf/extra/httpd-mpm.conf.in.bak 2007-12-29 06:08:28.000000000 +0300 -+++ docs/conf/extra/httpd-mpm.conf.in 2013-01-02 05:58:13.000000000 +0400 +--- docs/conf/extra/httpd-mpm.conf.in.orig 2007-12-29 03:08:28 UTC ++++ docs/conf/extra/httpd-mpm.conf.in @@ -17,7 +17,7 @@ # <IfModule !mpm_winnt_module> diff --git a/www/apache22/files/patch-docs__conf__extra__httpd-ssl.conf.in b/www/apache22/files/patch-docs__conf__extra__httpd-ssl.conf.in index ef6184629ad4..c3b16ba64734 100644 --- a/www/apache22/files/patch-docs__conf__extra__httpd-ssl.conf.in +++ b/www/apache22/files/patch-docs__conf__extra__httpd-ssl.conf.in @@ -1,6 +1,50 @@ ---- ./docs/conf/extra/httpd-ssl.conf.in.orig 2012-02-01 08:25:55.000000000 -0800 -+++ ./docs/conf/extra/httpd-ssl.conf.in 2012-02-01 08:27:23.000000000 -0800 -@@ -77,8 +77,8 @@ +--- docs/conf/extra/httpd-ssl.conf.in.orig 2013-11-11 14:00:57 UTC ++++ docs/conf/extra/httpd-ssl.conf.in +@@ -49,6 +49,43 @@ Listen @@SSLPort@@ + AddType application/x-x509-ca-cert .crt + AddType application/x-pkcs7-crl .crl + ++# SSL Cipher Suite: ++# List the ciphers that the client is permitted to negotiate, ++# and that httpd will negotiate as the client of a proxied server. ++# See the OpenSSL documentation for a complete list of ciphers, and ++# ensure these follow appropriate best practices for this deployment. ++# httpd 2.2.30, 2.4.13 and later force-disable aNULL, eNULL and EXP ciphers, ++# while OpenSSL disabled these by default in 0.9.8zf/1.0.0r/1.0.1m/1.0.2a. ++SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4 ++SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4 ++ ++# By the end of 2016, only TLSv1.2 ciphers should remain in use. ++# Older ciphers should be disallowed as soon as possible, while the ++# kRSA ciphers do not offer forward secrecy. These changes inhibit ++# older clients (such as IE6 SP2 or IE8 on Windows XP, or other legacy ++# non-browser tooling) from successfully connecting. ++# ++# To restrict mod_ssl to use only TLSv1.2 ciphers, and disable ++# those protocols which do not support forward secrecy, replace ++# the SSLCipherSuite and SSLProxyCipherSuite directives above with ++# the following two directives, as soon as practical. ++# SSLCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA ++# SSLProxyCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA ++ ++# User agents such as web browsers are not configured for the user's ++# own preference of either security or performance, therefore this ++# must be the prerogative of the web server administrator who manages ++# cpu load versus confidentiality, so enforce the server's cipher order. ++SSLHonorCipherOrder on ++ ++# SSL Protocol support: ++# List the protocol versions which clients are allowed to connect with. ++# Disable SSLv2 and SSLv3 by default (cf. RFC 7525 3.1.1). TLSv1 (1.0) ++# should be disabled as quickly as practical. By the end of 2016, only ++# the TLSv1.2 protocol or later should remain in use. ++SSLProtocol all -SSLv2 -SSLv3 ++SSLProxyProtocol all -SSLv2 -SSLv3 ++ + # Pass Phrase Dialog: + # Configure the pass phrase gathering process. + # The filtering dialog program (`builtin' is a internal +@@ -77,36 +114,13 @@ SSLMutex "file:@exp_runtimedir@/ssl_mut DocumentRoot "@exp_htdocsdir@" ServerName www.example.com:@@SSLPort@@ ServerAdmin you@example.com @@ -11,7 +55,35 @@ # SSL Engine Switch: # Enable/Disable SSL for this virtual host. -@@ -243,7 +243,7 @@ + SSLEngine on + +-# SSL Protocol support: +-# List the protocol versions which clients are allowed to +-# connect with. Disable SSLv2 by default (cf. RFC 6176). +-SSLProtocol all -SSLv2 +- +-# SSL Cipher Suite: +-# List the ciphers that the client is permitted to negotiate. +-# See the mod_ssl documentation for a complete list. +-SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 +- +-# Speed-optimized SSL Cipher configuration: +-# If speed is your main concern (on busy HTTPS servers e.g.), +-# you might want to force clients to specific, performance +-# optimized ciphers. In this case, prepend those ciphers +-# to the SSLCipherSuite list, and enable SSLHonorCipherOrder. +-# Caveat: by giving precedence to RC4-SHA and AES128-SHA +-# (as in the example below), most connections will no longer +-# have perfect forward secrecy - if the server's key is +-# compromised, captures of past or future traffic must be +-# considered compromised, too. +-#SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5 +-#SSLHonorCipherOrder on +- + # Server Certificate: + # Point SSLCertificateFile at a PEM encoded certificate. If + # the certificate is encrypted, then you will be prompted for a +@@ -249,7 +263,7 @@ BrowserMatch "MSIE [2-5]" \ # Per-Server Logging: # The home of a custom SSL log file. Use this when you want a # compact non-error SSL logfile on a virtual host basis. diff --git a/www/apache22/files/patch-docs__conf__extra__httpd-userdir.conf.in b/www/apache22/files/patch-docs__conf__extra__httpd-userdir.conf.in index 48fc2f5dc8ee..fbd63ed9b8df 100644 --- a/www/apache22/files/patch-docs__conf__extra__httpd-userdir.conf.in +++ b/www/apache22/files/patch-docs__conf__extra__httpd-userdir.conf.in @@ -1,5 +1,5 @@ ---- ./docs/conf/extra/httpd-userdir.conf.in.orig 2007-03-07 02:33:58.000000000 -0500 -+++ ./docs/conf/extra/httpd-userdir.conf.in 2010-05-06 19:37:54.222730166 -0400 +--- docs/conf/extra/httpd-userdir.conf.in.orig 2007-03-07 07:33:58 UTC ++++ docs/conf/extra/httpd-userdir.conf.in @@ -8,7 +8,7 @@ # the default access control for these directories, as in the example below. # @@ -9,7 +9,7 @@ # # Control access to UserDir directories. The following is an example # for a site where these directories are restricted to read-only. -@@ -25,4 +25,3 @@ +@@ -25,4 +25,3 @@ UserDir public_html Deny from all </LimitExcept> </Directory> diff --git a/www/apache22/files/patch-docs__conf__httpd.conf.in b/www/apache22/files/patch-docs__conf__httpd.conf.in index 0ab0dbe6aae3..65eb79db0ed6 100644 --- a/www/apache22/files/patch-docs__conf__httpd.conf.in +++ b/www/apache22/files/patch-docs__conf__httpd.conf.in @@ -1,6 +1,6 @@ ---- ./docs/conf/httpd.conf.in.orig 2007-12-21 06:43:00.000000000 -0500 -+++ ./docs/conf/httpd.conf.in 2010-05-06 19:37:54.224731824 -0400 -@@ -54,6 +54,9 @@ +--- docs/conf/httpd.conf.in.orig 2012-02-06 16:54:24 UTC ++++ docs/conf/httpd.conf.in +@@ -54,6 +54,9 @@ Listen @@Port@@ # @@LoadModule@@ @@ -10,7 +10,7 @@ <IfModule !mpm_netware_module> <IfModule !mpm_winnt_module> # -@@ -63,8 +63,8 @@ +@@ -64,8 +67,8 @@ Listen @@Port@@ # It is usually good practice to create a dedicated user and group for # running httpd, as with most system services. # @@ -21,7 +21,7 @@ </IfModule> </IfModule> -@@ -113,7 +113,6 @@ +@@ -114,7 +117,6 @@ DocumentRoot "@exp_htdocsdir@" # features. # <Directory /> @@ -29,7 +29,7 @@ AllowOverride None Order deny,allow Deny from all -@@ -184,7 +183,7 @@ +@@ -185,7 +187,7 @@ DocumentRoot "@exp_htdocsdir@" # logged here. If you *do* define an error logfile for a <VirtualHost> # container, that host's errors will be logged there and not here. # @@ -38,7 +38,7 @@ # # LogLevel: Control the number of messages logged to the error_log. -@@ -213,13 +212,13 @@ +@@ -214,13 +216,13 @@ LogLevel warn # define per-<VirtualHost> access logfiles, transactions will be # logged therein and *not* in this file. # @@ -54,7 +54,7 @@ </IfModule> <IfModule alias_module> -@@ -408,3 +407,5 @@ +@@ -416,3 +418,5 @@ DefaultType text/plain SSLRandomSeed startup builtin SSLRandomSeed connect builtin </IfModule> diff --git a/www/apache22/files/patch-include__ap_config_auto.h.in b/www/apache22/files/patch-include__ap_config_auto.h.in index 446378218dd9..1046824ddea4 100644 --- a/www/apache22/files/patch-include__ap_config_auto.h.in +++ b/www/apache22/files/patch-include__ap_config_auto.h.in @@ -1,5 +1,5 @@ ---- include/ap_config_auto.h.in.orig 2014-08-22 19:54:18.000000000 +0200 -+++ include/ap_config_auto.h.in 2015-02-28 10:25:55.191842645 +0100 +--- include/ap_config_auto.h.in.orig 2014-08-22 17:54:18 UTC ++++ include/ap_config_auto.h.in @@ -127,6 +127,12 @@ /* Define to 1 if you have the `SSL_CTX_new' function. */ #undef HAVE_SSL_CTX_NEW diff --git a/www/apache22/files/patch-include__httpd.h b/www/apache22/files/patch-include__httpd.h index 9c8859bdb520..b7d96113cba6 100644 --- a/www/apache22/files/patch-include__httpd.h +++ b/www/apache22/files/patch-include__httpd.h @@ -1,6 +1,6 @@ --- include/httpd.h.orig 2014-08-21 17:33:48 UTC +++ include/httpd.h -@@ -1905,12 +1905,6 @@ +@@ -1905,12 +1905,6 @@ AP_DECLARE(char *) ap_get_exec_line(apr_ const char *cmd, const char * const *argv); diff --git a/www/apache22/files/patch-modules__proxy__mod_proxy_connect.c b/www/apache22/files/patch-modules__proxy__mod_proxy_connect.c index 72c231feb990..7cf415bf8e2a 100644 --- a/www/apache22/files/patch-modules__proxy__mod_proxy_connect.c +++ b/www/apache22/files/patch-modules__proxy__mod_proxy_connect.c @@ -1,5 +1,5 @@ ---- ./modules/proxy/mod_proxy_connect.c.orig 2010-12-08 20:31:34.000000000 +0100 -+++ ./modules/proxy/mod_proxy_connect.c 2012-02-02 17:12:20.000000000 +0100 +--- modules/proxy/mod_proxy_connect.c.orig 2010-12-08 19:31:34 UTC ++++ modules/proxy/mod_proxy_connect.c @@ -21,6 +21,8 @@ #include "mod_proxy.h" #include "apr_poll.h" @@ -9,7 +9,7 @@ module AP_MODULE_DECLARE_DATA proxy_connect_module; /* -@@ -71,6 +73,50 @@ +@@ -71,6 +73,50 @@ static int proxy_connect_canon(request_r return OK; } @@ -60,7 +60,7 @@ /* CONNECT handler */ static int proxy_connect_handler(request_rec *r, proxy_worker *worker, proxy_server_conf *conf, -@@ -79,11 +125,15 @@ +@@ -79,11 +125,15 @@ static int proxy_connect_handler(request { apr_pool_t *p = r->pool; apr_socket_t *sock; @@ -78,7 +78,7 @@ apr_pollset_t *pollset; apr_pollfd_t pollfd; const apr_pollfd_t *signalled; -@@ -158,12 +208,10 @@ +@@ -158,12 +208,10 @@ static int proxy_connect_handler(request case APR_URI_SNEWS_DEFAULT_PORT: break; default: @@ -93,7 +93,7 @@ } /* -@@ -205,19 +253,57 @@ +@@ -205,19 +253,57 @@ static int proxy_connect_handler(request } } @@ -158,7 +158,7 @@ /* If we are connecting through a remote proxy, we need to pass * the CONNECT request on to it. -@@ -227,12 +313,11 @@ +@@ -227,12 +313,11 @@ static int proxy_connect_handler(request */ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, "proxy: CONNECT: sending the CONNECT request to the remote proxy"); @@ -175,7 +175,7 @@ } else { ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, -@@ -240,11 +325,12 @@ +@@ -240,11 +325,12 @@ static int proxy_connect_handler(request nbytes = apr_snprintf(buffer, sizeof(buffer), "HTTP/1.0 200 Connection Established" CRLF); ap_xlate_proto_to_ascii(buffer, nbytes); @@ -190,7 +190,7 @@ #if 0 /* This is safer code, but it doesn't work yet. I'm leaving it * here so that I can fix it later. -@@ -264,28 +350,16 @@ +@@ -264,28 +350,16 @@ static int proxy_connect_handler(request * * Handle two way transfer of data over the socket (this is a tunnel). */ @@ -226,7 +226,7 @@ while (1) { /* Infinite loop until error (one side closes the connection) */ if ((rv = apr_pollset_poll(pollset, -1, &pollcnt, &signalled)) != APR_SUCCESS) { if (APR_STATUS_IS_EINTR(rv)) { -@@ -297,7 +371,7 @@ +@@ -297,7 +371,7 @@ static int proxy_connect_handler(request } #ifdef DEBUGGING ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server, @@ -235,7 +235,7 @@ #endif for (pi = 0; pi < pollcnt; pi++) { -@@ -307,72 +381,31 @@ +@@ -307,72 +381,31 @@ static int proxy_connect_handler(request pollevent = cur->rtnevents; if (pollevent & APR_POLLIN) { #ifdef DEBUGGING @@ -321,7 +321,7 @@ } if (rv != APR_SUCCESS) { break; -@@ -388,7 +421,9 @@ +@@ -388,7 +421,9 @@ static int proxy_connect_handler(request * Close the socket and clean up */ diff --git a/www/apache22/files/patch-modules__ssl__ssl_engine_init.c b/www/apache22/files/patch-modules__ssl__ssl_engine_init.c index 43454717f1ba..0bc77478d101 100644 --- a/www/apache22/files/patch-modules__ssl__ssl_engine_init.c +++ b/www/apache22/files/patch-modules__ssl__ssl_engine_init.c @@ -1,6 +1,6 @@ ---- modules/ssl/ssl_engine_init.c.orig 2014-07-16 08:04:38.000000000 +0200 -+++ modules/ssl/ssl_engine_init.c 2015-02-28 10:52:11.571641334 +0100 -@@ -406,9 +406,11 @@ +--- modules/ssl/ssl_engine_init.c.orig 2014-07-16 06:04:38 UTC ++++ modules/ssl/ssl_engine_init.c +@@ -406,9 +406,11 @@ void ssl_init_Engine(server_rec *s, apr_ ssl_die(); } @@ -12,7 +12,7 @@ if (!ENGINE_set_default(e, ENGINE_METHOD_ALL)) { ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, -@@ -584,6 +586,10 @@ +@@ -584,6 +586,10 @@ static void ssl_init_ctx_protocol(server #endif @@ -23,7 +23,7 @@ #ifndef OPENSSL_NO_COMP if (sc->compression != TRUE) { #ifdef SSL_OP_NO_COMPRESSION -@@ -831,7 +837,11 @@ +@@ -831,7 +837,11 @@ static void ssl_init_ctx_cert_chain(serv } } diff --git a/www/apache22/files/patch-modules__ssl__ssl_engine_rand.c b/www/apache22/files/patch-modules__ssl__ssl_engine_rand.c index f48b674d03c8..44ad4f7df520 100644 --- a/www/apache22/files/patch-modules__ssl__ssl_engine_rand.c +++ b/www/apache22/files/patch-modules__ssl__ssl_engine_rand.c @@ -1,6 +1,6 @@ ---- modules/ssl/ssl_engine_rand.c.orig 2006-07-12 05:38:44.000000000 +0200 -+++ modules/ssl/ssl_engine_rand.c 2015-02-28 10:47:35.481607754 +0100 -@@ -83,17 +83,6 @@ +--- modules/ssl/ssl_engine_rand.c.orig 2006-07-12 03:38:44 UTC ++++ modules/ssl/ssl_engine_rand.c +@@ -83,17 +83,6 @@ int ssl_rand_seed(server_rec *s, apr_poo nDone += ssl_rand_feedfp(p, fp, pRandSeed->nBytes); ssl_util_ppclose(s, p, fp); } diff --git a/www/apache22/files/patch-modules__ssl__ssl_engine_vars.c b/www/apache22/files/patch-modules__ssl__ssl_engine_vars.c index fe1621c81f2d..673665651e7e 100644 --- a/www/apache22/files/patch-modules__ssl__ssl_engine_vars.c +++ b/www/apache22/files/patch-modules__ssl__ssl_engine_vars.c @@ -1,6 +1,6 @@ ---- modules/ssl/ssl_engine_vars.c.orig 2013-02-12 12:51:17.000000000 +0100 -+++ modules/ssl/ssl_engine_vars.c 2015-02-28 10:54:21.257798164 +0100 -@@ -832,7 +832,7 @@ +--- modules/ssl/ssl_engine_vars.c.orig 2013-02-12 11:51:17 UTC ++++ modules/ssl/ssl_engine_vars.c +@@ -832,7 +832,7 @@ static char *ssl_var_lookup_ssl_compress { char *result = "NULL"; #ifdef OPENSSL_VERSION_NUMBER diff --git a/www/apache22/files/patch-modules__ssl__ssl_util_ssl.c b/www/apache22/files/patch-modules__ssl__ssl_util_ssl.c index cf0888f0ee21..b3cdaea0f64e 100644 --- a/www/apache22/files/patch-modules__ssl__ssl_util_ssl.c +++ b/www/apache22/files/patch-modules__ssl__ssl_util_ssl.c @@ -1,6 +1,6 @@ ---- modules/ssl/ssl_util_ssl.c.orig 2012-08-17 19:30:46.000000000 +0200 -+++ modules/ssl/ssl_util_ssl.c 2015-02-28 10:30:48.557501618 +0100 -@@ -492,7 +492,11 @@ +--- modules/ssl/ssl_util_ssl.c.orig 2012-08-17 17:30:46 UTC ++++ modules/ssl/ssl_util_ssl.c +@@ -492,7 +492,11 @@ BOOL SSL_X509_INFO_load_path(apr_pool_t * format, possibly followed by a sequence of CA certificates that * should be sent to the peer in the SSL Certificate message. */ diff --git a/www/apache22/files/patch-modules__ssl__ssl_util_ssl.h b/www/apache22/files/patch-modules__ssl__ssl_util_ssl.h index 99d0e50e2183..9a36ee784a6f 100644 --- a/www/apache22/files/patch-modules__ssl__ssl_util_ssl.h +++ b/www/apache22/files/patch-modules__ssl__ssl_util_ssl.h @@ -1,6 +1,6 @@ ---- modules/ssl/ssl_util_ssl.h.orig 2012-08-17 19:30:46.000000000 +0200 -+++ modules/ssl/ssl_util_ssl.h 2015-02-28 10:33:07.042671521 +0100 -@@ -89,7 +89,11 @@ +--- modules/ssl/ssl_util_ssl.h.orig 2012-08-17 17:30:46 UTC ++++ modules/ssl/ssl_util_ssl.h +@@ -89,7 +89,11 @@ char *SSL_X509_NAME_to_string(apr_ BOOL SSL_X509_getCN(apr_pool_t *, X509 *, char **); BOOL SSL_X509_INFO_load_file(apr_pool_t *, STACK_OF(X509_INFO) *, const char *); BOOL SSL_X509_INFO_load_path(apr_pool_t *, STACK_OF(X509_INFO) *, const char *); diff --git a/www/apache22/files/patch-server__config.c b/www/apache22/files/patch-server__config.c index 7bd6ea83a351..60b76a7103e4 100644 --- a/www/apache22/files/patch-server__config.c +++ b/www/apache22/files/patch-server__config.c @@ -3,9 +3,9 @@ http://lists.freebsd.org/pipermail/freebsd-apache/2012-August/002836.html https://issues.apache.org/bugzilla/show_bug.cgi?id=53823 ================================================================== ---- ./server/config.c.orig 2010-10-07 18:56:54.000000000 +0200 -+++ ./server/config.c 2012-09-05 08:39:18.000000000 +0200 -@@ -1979,6 +1979,11 @@ +--- server/config.c.orig 2010-10-07 16:56:54 UTC ++++ server/config.c +@@ -1979,6 +1979,11 @@ static server_rec *init_server_config(pr /* NOT virtual host; don't match any real network interface */ rv = apr_sockaddr_info_get(&s->addrs->host_addr, NULL, APR_INET, 0, 0, p); diff --git a/www/apache22/files/patch-server__core.c b/www/apache22/files/patch-server__core.c index 2b2782772f9f..3f9f179ac3db 100644 --- a/www/apache22/files/patch-server__core.c +++ b/www/apache22/files/patch-server__core.c @@ -1,6 +1,6 @@ ---- ./server/core.c.orig 2009-07-02 17:30:36.000000000 -0400 -+++ ./server/core.c 2010-05-06 19:37:54.278731038 -0400 -@@ -500,6 +500,7 @@ +--- server/core.c.orig 2014-08-21 17:33:48 UTC ++++ server/core.c +@@ -512,6 +512,7 @@ static void *merge_core_server_configs(a core_server_config *base = (core_server_config *)basev; core_server_config *virt = (core_server_config *)virtv; core_server_config *conf; @@ -8,7 +8,7 @@ conf = (core_server_config *)apr_pmemdup(p, virt, sizeof(core_server_config)); -@@ -515,6 +516,25 @@ +@@ -527,6 +528,25 @@ static void *merge_core_server_configs(a conf->protocol = base->protocol; } @@ -34,7 +34,7 @@ conf->sec_dir = apr_array_append(p, base->sec_dir, virt->sec_dir); conf->sec_url = apr_array_append(p, base->sec_url, virt->sec_url); -@@ -2750,7 +2770,7 @@ +@@ -2778,7 +2798,7 @@ AP_DECLARE(void) ap_get_server_revision( AP_DECLARE(const char *) ap_get_server_description(void) { return server_description ? server_description : @@ -43,7 +43,7 @@ } AP_DECLARE(const char *) ap_get_server_banner(void) -@@ -2811,7 +2831,7 @@ +@@ -2839,7 +2859,7 @@ static void set_banner(apr_pool_t *pconf ap_add_version_component(pconf, AP_SERVER_BASEPRODUCT "/" AP_SERVER_MAJORVERSION); } else { @@ -52,7 +52,7 @@ } /* -@@ -2821,7 +2841,7 @@ +@@ -2849,7 +2869,7 @@ static void set_banner(apr_pool_t *pconf if (ap_server_tokens != SrvTk_FULL) { banner_locked++; } diff --git a/www/apache22/files/patch-support__Makefile.in b/www/apache22/files/patch-support__Makefile.in index 867af7b73246..72cb36ce3d18 100644 --- a/www/apache22/files/patch-support__Makefile.in +++ b/www/apache22/files/patch-support__Makefile.in @@ -1,6 +1,6 @@ ---- ./support/Makefile.in.orig 2011-04-16 21:09:47.000000000 +0200 -+++ ./support/Makefile.in 2013-09-25 21:02:44.000000000 +0200 -@@ -16,17 +16,14 @@ +--- support/Makefile.in.orig 2011-04-16 19:09:47 UTC ++++ support/Makefile.in +@@ -16,17 +16,14 @@ install: @test -d $(DESTDIR)$(sbindir) || $(MKINSTALLDIRS) $(DESTDIR)$(sbindir) @test -d $(DESTDIR)$(libexecdir) || $(MKINSTALLDIRS) $(DESTDIR)$(libexecdir) @cp -p $(top_builddir)/server/httpd.exp $(DESTDIR)$(libexecdir) diff --git a/www/apache22/files/patch-support__ab.c b/www/apache22/files/patch-support__ab.c index ab58062733d7..33ecf3d77b4d 100644 --- a/www/apache22/files/patch-support__ab.c +++ b/www/apache22/files/patch-support__ab.c @@ -1,18 +1,35 @@ ---- ./support/ab.c.orig 2010-01-07 10:11:53.000000000 -0500 -+++ ./support/ab.c 2010-05-06 19:37:54.262732305 -0400 -@@ -200,9 +200,11 @@ - #else - #define AB_SSL_CIPHER_CONST - #endif -+/* prevent build issues with openssl from ports - #ifdef SSL_OP_NO_TLSv1_2 - #define HAVE_TLSV1_X - #endif -+*/ +Backport ab from apache 2.4.x (r1663405) +============================================================= +--- support/ab.c.orig 2014-03-12 11:53:12 UTC ++++ support/ab.c +@@ -156,25 +156,8 @@ + #include "ap_config_auto.h" #endif - #include <math.h> -@@ -221,13 +221,18 @@ +-#if defined(HAVE_SSLC) +- +-/* Libraries for RSA SSL-C */ +-#include <rsa.h> +-#include <x509.h> +-#include <pem.h> +-#include <err.h> +-#include <ssl.h> +-#include <r_rand.h> +-#include <sslc.h> +-#define USE_SSL +-#define RSAREF +-#define SK_NUM(x) sk_num(x) +-#define SK_VALUE(x,y) sk_value(x,y) +-typedef STACK X509_STACK_TYPE; +- +-#elif defined(HAVE_OPENSSL) ++#if defined(HAVE_OPENSSL) + +-/* Libraries on most systems.. */ + #include <openssl/rsa.h> + #include <openssl/crypto.h> + #include <openssl/x509.h> +@@ -224,19 +207,25 @@ typedef STACK_OF(X509) X509_STACK_TYPE; /* maximum number of requests on a time limited test */ #define MAX_REQUESTS (INT_MAX > 50000 ? 50000 : INT_MAX) @@ -34,50 +51,180 @@ + STATE_READ +} connect_state_e; - #define CBUFFSIZE (2048) +-#define CBUFFSIZE (2048) ++#define CBUFFSIZE (8192) -@@ -252,6 +257,7 @@ - done; /* Connection closed */ + struct connection { + apr_pool_t *ctx; + apr_socket_t *aprsock; ++ apr_pollfd_t pollfd; + int state; + apr_size_t read; /* amount of bytes read */ + apr_size_t bread; /* amount of body read */ +@@ -267,8 +256,8 @@ struct data { + apr_interval_time_t time; /* time for connection */ + }; - int socknum; -+ apr_int16_t reqevents; /* current poll events for this socket */ - #ifdef USE_SSL - SSL *ssl; - #endif -@@ -396,6 +402,56 @@ +-#define ap_min(a,b) ((a)<(b))?(a):(b) +-#define ap_max(a,b) ((a)>(b))?(a):(b) ++#define ap_min(a,b) (((a)<(b))?(a):(b)) ++#define ap_max(a,b) (((a)>(b))?(a):(b)) + #define ap_round_ms(a) ((apr_time_t)((a) + 500)/1000) + #define ap_double_ms(a) ((double)(a)/1000.0) + #define MAX_CONCURRENCY 20000 +@@ -277,35 +266,38 @@ struct data { + + int verbosity = 0; /* no verbosity by default */ + int recverrok = 0; /* ok to proceed after socket receive errors */ +-int posting = 0; /* GET by default */ ++enum {NO_METH = 0, GET, HEAD, PUT, POST, CUSTOM_METHOD} method = NO_METH; ++const char *method_str[] = {"bug", "GET", "HEAD", "PUT", "POST", ""}; ++int send_body = 0; /* non-zero if sending body with request */ + int requests = 1; /* Number of requests to make */ + int heartbeatres = 100; /* How often do we say we're alive */ + int concurrency = 1; /* Number of multiple requests to make */ + int percentile = 1; /* Show percentile served */ ++int nolength = 0; /* Accept variable document length */ + int confidence = 1; /* Show confidence estimator and warnings */ + int tlimit = 0; /* time limit in secs */ + int keepalive = 0; /* try and do keepalive connections */ + int windowsize = 0; /* we use the OS default window size */ + char servername[1024]; /* name that server reports */ + char *hostname; /* host name from URL */ +-char *host_field; /* value of "Host:" header field */ +-char *path; /* path name */ +-char postfile[1024]; /* name of file containing post data */ ++const char *host_field; /* value of "Host:" header field */ ++const char *path; /* path name */ + char *postdata; /* *buffer containing data from postfile */ + apr_size_t postlen = 0; /* length of data to be POSTed */ +-char content_type[1024];/* content type to put in POST header */ +-char *cookie, /* optional cookie line */ +- *auth, /* optional (basic/uuencoded) auhentication */ +- *hdrs; /* optional arbitrary headers */ ++char *content_type = NULL; /* content type to put in POST header */ ++const char *cookie, /* optional cookie line */ ++ *auth, /* optional (basic/uuencoded) auhentication */ ++ *hdrs; /* optional arbitrary headers */ + apr_port_t port; /* port number */ +-char proxyhost[1024]; /* proxy host name */ ++char *proxyhost = NULL; /* proxy host name */ + int proxyport = 0; /* proxy port */ +-char *connecthost; ++const char *connecthost; ++const char *myhost; + apr_port_t connectport; +-char *gnuplot; /* GNUplot file */ +-char *csvperc; /* CSV Percentile file */ +-char url[1024]; +-char * fullurl, * colonhost; ++const char *gnuplot; /* GNUplot file */ ++const char *csvperc; /* CSV Percentile file */ ++const char *fullurl; ++const char *colonhost; + int isproxy = 0; + apr_interval_time_t aprtimeout = apr_time_from_sec(30); /* timeout value */ + +@@ -348,7 +340,7 @@ BIO *bio_out,*bio_err; + apr_time_t start, lasttime, stoptime; + + /* global request (and its length) */ +-char _request[2048]; ++char _request[8192]; + char *request = _request; + apr_size_t reqlen; + +@@ -364,6 +356,7 @@ apr_pool_t *cntxt; + + apr_pollset_t *readbits; + ++apr_sockaddr_t *mysa; + apr_sockaddr_t *destsa; + + #ifdef NOT_ASCII +@@ -377,7 +370,7 @@ static void close_connection(struct conn + + /* simple little function to write an error string and exit */ + +-static void err(char *s) ++static void err(const char *s) + { + fprintf(stderr, "%s\n", s); + if (done) +@@ -387,7 +380,7 @@ static void err(char *s) + + /* simple little function to write an APR error string and exit */ + +-static void apr_err(char *s, apr_status_t rv) ++static void apr_err(const char *s, apr_status_t rv) + { + char buf[120]; + +@@ -399,6 +392,87 @@ static void apr_err(char *s, apr_status_ exit(rv); } ++static void *xmalloc(size_t size) ++{ ++ void *ret = malloc(size); ++ if (ret == NULL) { ++ fprintf(stderr, "Could not allocate memory (%" ++ APR_SIZE_T_FMT" bytes)\n", size); ++ exit(1); ++ } ++ return ret; ++} ++ ++static void *xcalloc(size_t num, size_t size) ++{ ++ void *ret = calloc(num, size); ++ if (ret == NULL) { ++ fprintf(stderr, "Could not allocate memory (%" ++ APR_SIZE_T_FMT" bytes)\n", size*num); ++ exit(1); ++ } ++ return ret; ++} ++ ++static char *xstrdup(const char *s) ++{ ++ char *ret = strdup(s); ++ if (ret == NULL) { ++ fprintf(stderr, "Could not allocate memory (%" ++ APR_SIZE_T_FMT " bytes)\n", strlen(s)); ++ exit(1); ++ } ++ return ret; ++} ++ ++/* pool abort function */ ++static int abort_on_oom(int retcode) ++{ ++ fprintf(stderr, "Could not allocate memory\n"); ++ exit(1); ++ /* not reached */ ++ return retcode; ++} ++ +static void set_polled_events(struct connection *c, apr_int16_t new_reqevents) +{ -+ apr_int16_t old_reqevents = c->reqevents; -+ apr_pollfd_t pfd; + apr_status_t rv; -+ char buf[120]; -+ -+ if (old_reqevents != new_reqevents) { -+ pfd.desc_type = APR_POLL_SOCKET; -+ pfd.desc.s = c->aprsock; -+ pfd.client_data = c; + -+ if (old_reqevents != 0) { -+ pfd.reqevents = old_reqevents; -+ rv = apr_pollset_remove(readbits, &pfd); ++ if (c->pollfd.reqevents != new_reqevents) { ++ if (c->pollfd.reqevents != 0) { ++ rv = apr_pollset_remove(readbits, &c->pollfd); + if (rv != APR_SUCCESS) { + apr_err("apr_pollset_remove()", rv); + } + } + + if (new_reqevents != 0) { -+ pfd.reqevents = new_reqevents; -+ rv = apr_pollset_add(readbits, &pfd); ++ c->pollfd.reqevents = new_reqevents; ++ rv = apr_pollset_add(readbits, &c->pollfd); + if (rv != APR_SUCCESS) { + apr_err("apr_pollset_add()", rv); -+ exit(1); + } + } -+ -+ c->reqevents = new_reqevents; + } +} + @@ -101,7 +248,66 @@ /* --------------------------------------------------------- */ /* write out request to a connection - assumes we can write * (small) request out in one go into our new socket buffer -@@ -569,7 +625,6 @@ +@@ -464,7 +538,6 @@ static int ssl_rand_choosenum(int l, int + + static void ssl_rand_seed(void) + { +- int nDone = 0; + int n, l; + time_t t; + pid_t pid; +@@ -476,7 +549,6 @@ static void ssl_rand_seed(void) + t = time(NULL); + l = sizeof(time_t); + RAND_seed((unsigned char *)&t, l); +- nDone += l; + + /* + * seed in the current process id (usually just 4 bytes) +@@ -484,14 +556,12 @@ static void ssl_rand_seed(void) + pid = getpid(); + l = sizeof(pid_t); + RAND_seed((unsigned char *)&pid, l); +- nDone += l; + + /* + * seed in some current state of the run-time stack (128 bytes) + */ + n = ssl_rand_choosenum(0, sizeof(stackdata)-128-1); + RAND_seed(stackdata+n, 128); +- nDone += 128; + } + + static int ssl_print_connection_info(BIO *bio, SSL *ssl) +@@ -514,6 +584,7 @@ static int ssl_print_connection_info(BIO + static void ssl_print_cert_info(BIO *bio, X509 *cert) + { + X509_NAME *dn; ++ EVP_PKEY *pk; + char buf[1024]; + + BIO_printf(bio, "Certificate version: %ld\n", X509_get_version(cert)+1); +@@ -525,8 +596,10 @@ static void ssl_print_cert_info(BIO *bio + ASN1_UTCTIME_print(bio, X509_get_notAfter(cert)); + BIO_printf(bio,"\n"); + ++ pk = X509_get_pubkey(cert); + BIO_printf(bio,"Public key is %d bits\n", +- EVP_PKEY_bits(X509_get_pubkey(cert))); ++ EVP_PKEY_bits(pk)); ++ EVP_PKEY_free(pk); + + dn = X509_get_issuer_name(cert); + X509_NAME_oneline(dn, buf, sizeof(buf)); +@@ -553,7 +626,6 @@ static void ssl_print_info(struct connec + for (i=1; i<count; i++) { + cert = (X509 *)SK_VALUE(sk, i); + ssl_print_cert_info(bio_out, cert); +- X509_free(cert); + } + } + cert = SSL_get_peer_certificate(c->ssl); +@@ -574,7 +646,6 @@ static void ssl_proceed_handshake(struct while (do_next) { int ret, ecode; @@ -109,7 +315,16 @@ ret = SSL_do_handshake(c->ssl); ecode = SSL_get_error(c->ssl, ret); -@@ -601,11 +656,7 @@ +@@ -596,7 +667,7 @@ static void ssl_proceed_handshake(struct + else + pk_bits = 0; /* Anon DH */ + +- ssl_info = malloc(128); ++ ssl_info = xmalloc(128); + apr_snprintf(ssl_info, 128, "%s,%s,%d,%d", + SSL_get_version(c->ssl), + SSL_CIPHER_get_name(ci), +@@ -606,11 +677,7 @@ static void ssl_proceed_handshake(struct do_next = 0; break; case SSL_ERROR_WANT_READ: @@ -122,7 +337,27 @@ do_next = 0; break; case SSL_ERROR_WANT_WRITE: -@@ -681,16 +732,8 @@ +@@ -634,6 +701,10 @@ static void ssl_proceed_handshake(struct + + static void write_request(struct connection * c) + { ++ if (started >= requests) { ++ return; ++ } ++ + do { + apr_time_t tnow; + apr_size_t l = c->rwrite; +@@ -649,7 +720,7 @@ static void write_request(struct connect + c->connect = tnow; + c->rwrote = 0; + c->rwrite = reqlen; +- if (posting) ++ if (send_body) + c->rwrite += postlen; + } + else if (tnow > c->connect + aprtimeout) { +@@ -686,16 +757,9 @@ static void write_request(struct connect c->rwrite -= l; } while (c->rwrite); @@ -136,11 +371,177 @@ - new_pollfd.client_data = c; - apr_pollset_add(readbits, &new_pollfd); - } ++ started++; + set_conn_state(c, STATE_READ); } /* --------------------------------------------------------- */ -@@ -1210,21 +1253,12 @@ +@@ -760,7 +824,10 @@ static void output_results(int sig) + #endif + printf("\n"); + printf("Document Path: %s\n", path); +- printf("Document Length: %" APR_SIZE_T_FMT " bytes\n", doclen); ++ if (nolength) ++ printf("Document Length: Variable\n"); ++ else ++ printf("Document Length: %" APR_SIZE_T_FMT " bytes\n", doclen); + printf("\n"); + printf("Concurrency Level: %d\n", concurrency); + printf("Time taken for tests: %.3f seconds\n", timetaken); +@@ -769,16 +836,16 @@ static void output_results(int sig) + if (bad) + printf(" (Connect: %d, Receive: %d, Length: %d, Exceptions: %d)\n", + err_conn, err_recv, err_length, err_except); +- printf("Write errors: %d\n", epipe); ++ if (epipe) ++ printf("Write errors: %d\n", epipe); + if (err_response) + printf("Non-2xx responses: %d\n", err_response); + if (keepalive) + printf("Keep-Alive requests: %d\n", doneka); + printf("Total transferred: %" APR_INT64_T_FMT " bytes\n", totalread); +- if (posting == 1) +- printf("Total POSTed: %" APR_INT64_T_FMT "\n", totalposted); +- if (posting == 2) +- printf("Total PUT: %" APR_INT64_T_FMT "\n", totalposted); ++ if (send_body) ++ printf("Total body sent: %" APR_INT64_T_FMT "\n", ++ totalposted); + printf("HTML transferred: %" APR_INT64_T_FMT " bytes\n", totalbread); + + /* avoid divide by zero */ +@@ -791,11 +858,11 @@ static void output_results(int sig) + (double) timetaken * 1000 / done); + printf("Transfer rate: %.2f [Kbytes/sec] received\n", + (double) totalread / 1024 / timetaken); +- if (posting > 0) { ++ if (send_body) { + printf(" %.2f kb/s sent\n", +- (double) totalposted / timetaken / 1024); ++ (double) totalposted / 1024 / timetaken); + printf(" %.2f kb/s total\n", +- (double) (totalread + totalposted) / timetaken / 1024); ++ (double) (totalread + totalposted) / 1024 / timetaken); + } + } + +@@ -943,9 +1010,8 @@ static void output_results(int sig) + printf(" min avg max\n"); + #define CONF_FMT_STRING "%5" APR_TIME_T_FMT " %5" APR_TIME_T_FMT "%5" APR_TIME_T_FMT "\n" + printf("Connect: " CONF_FMT_STRING, mincon, meancon, maxcon); +- printf("Processing: " CONF_FMT_STRING, mintot - mincon, +- meantot - meancon, +- maxtot - maxcon); ++ printf("Processing: " CONF_FMT_STRING, mind, meand, maxd); ++ printf("Waiting: " CONF_FMT_STRING, minwait, meanwait, maxwait); + printf("Total: " CONF_FMT_STRING, mintot, meantot, maxtot); + #undef CONF_FMT_STRING + } +@@ -972,7 +1038,7 @@ static void output_results(int sig) + exit(1); + } + fprintf(out, "" "Percentage served" "," "Time in ms" "\n"); +- for (i = 0; i < 100; i++) { ++ for (i = 0; i <= 100; i++) { + double t; + if (i == 0) + t = ap_double_ms(stats[0].time); +@@ -1033,9 +1099,14 @@ static void output_html_results(void) + printf("<tr %s><th colspan=2 %s>Document Path:</th>" + "<td colspan=2 %s>%s</td></tr>\n", + trstring, tdstring, tdstring, path); +- printf("<tr %s><th colspan=2 %s>Document Length:</th>" +- "<td colspan=2 %s>%" APR_SIZE_T_FMT " bytes</td></tr>\n", +- trstring, tdstring, tdstring, doclen); ++ if (nolength) ++ printf("<tr %s><th colspan=2 %s>Document Length:</th>" ++ "<td colspan=2 %s>Variable</td></tr>\n", ++ trstring, tdstring, tdstring); ++ else ++ printf("<tr %s><th colspan=2 %s>Document Length:</th>" ++ "<td colspan=2 %s>%" APR_SIZE_T_FMT " bytes</td></tr>\n", ++ trstring, tdstring, tdstring, doclen); + printf("<tr %s><th colspan=2 %s>Concurrency Level:</th>" + "<td colspan=2 %s>%d</td></tr>\n", + trstring, tdstring, tdstring, concurrency); +@@ -1062,14 +1133,11 @@ static void output_html_results(void) + printf("<tr %s><th colspan=2 %s>Total transferred:</th>" + "<td colspan=2 %s>%" APR_INT64_T_FMT " bytes</td></tr>\n", + trstring, tdstring, tdstring, totalread); +- if (posting == 1) +- printf("<tr %s><th colspan=2 %s>Total POSTed:</th>" +- "<td colspan=2 %s>%" APR_INT64_T_FMT "</td></tr>\n", +- trstring, tdstring, tdstring, totalposted); +- if (posting == 2) +- printf("<tr %s><th colspan=2 %s>Total PUT:</th>" ++ if (send_body) ++ printf("<tr %s><th colspan=2 %s>Total body sent:</th>" + "<td colspan=2 %s>%" APR_INT64_T_FMT "</td></tr>\n", +- trstring, tdstring, tdstring, totalposted); ++ trstring, tdstring, ++ tdstring, totalposted); + printf("<tr %s><th colspan=2 %s>HTML transferred:</th>" + "<td colspan=2 %s>%" APR_INT64_T_FMT " bytes</td></tr>\n", + trstring, tdstring, tdstring, totalbread); +@@ -1078,19 +1146,19 @@ static void output_html_results(void) + if (timetaken) { + printf("<tr %s><th colspan=2 %s>Requests per second:</th>" + "<td colspan=2 %s>%.2f</td></tr>\n", +- trstring, tdstring, tdstring, (double) done * 1000 / timetaken); ++ trstring, tdstring, tdstring, (double) done / timetaken); + printf("<tr %s><th colspan=2 %s>Transfer rate:</th>" + "<td colspan=2 %s>%.2f kb/s received</td></tr>\n", +- trstring, tdstring, tdstring, (double) totalread / timetaken); +- if (posting > 0) { ++ trstring, tdstring, tdstring, (double) totalread / 1024 / timetaken); ++ if (send_body) { + printf("<tr %s><td colspan=2 %s> </td>" + "<td colspan=2 %s>%.2f kb/s sent</td></tr>\n", + trstring, tdstring, tdstring, +- (double) totalposted / timetaken); ++ (double) totalposted / 1024 / timetaken); + printf("<tr %s><td colspan=2 %s> </td>" + "<td colspan=2 %s>%.2f kb/s total</td></tr>\n", + trstring, tdstring, tdstring, +- (double) (totalread + totalposted) / timetaken); ++ (double) (totalread + totalposted) / 1024 / timetaken); + } + } + { +@@ -1171,18 +1239,30 @@ static void start_connect(struct connect + SOCK_STREAM, 0, c->ctx)) != APR_SUCCESS) { + apr_err("socket", rv); + } ++ ++ if (myhost) { ++ if ((rv = apr_socket_bind(c->aprsock, mysa)) != APR_SUCCESS) { ++ apr_err("bind", rv); ++ } ++ } ++ ++ c->pollfd.desc_type = APR_POLL_SOCKET; ++ c->pollfd.desc.s = c->aprsock; ++ c->pollfd.reqevents = 0; ++ c->pollfd.client_data = c; ++ + if ((rv = apr_socket_opt_set(c->aprsock, APR_SO_NONBLOCK, 1)) + != APR_SUCCESS) { + apr_err("socket nonblock", rv); + } + + if (windowsize != 0) { +- rv = apr_socket_opt_set(c->aprsock, APR_SO_SNDBUF, ++ rv = apr_socket_opt_set(c->aprsock, APR_SO_SNDBUF, + windowsize); + if (rv != APR_SUCCESS && rv != APR_ENOTIMPL) { + apr_err("socket send buffer", rv); + } +- rv = apr_socket_opt_set(c->aprsock, APR_SO_RCVBUF, ++ rv = apr_socket_opt_set(c->aprsock, APR_SO_RCVBUF, + windowsize); + if (rv != APR_SUCCESS && rv != APR_ENOTIMPL) { + apr_err("socket receive buffer", rv); +@@ -1215,21 +1295,12 @@ static void start_connect(struct connect #endif if ((rv = apr_socket_connect(c->aprsock, destsa)) != APR_SUCCESS) { if (APR_STATUS_IS_EINPROGRESS(rv)) { @@ -164,12 +565,12 @@ apr_socket_close(c->aprsock); err_conn++; if (bad++ > 10) { -@@ -1232,14 +1266,14 @@ +@@ -1237,15 +1308,14 @@ static void start_connect(struct connect "\nTest aborted after 10 failures\n\n"); apr_err("apr_socket_connect()", rv); } - c->state = STATE_UNCONNECTED; -+ ++ start_connect(c); return; } @@ -177,11 +578,21 @@ /* connected first time */ - c->state = STATE_CONNECTED; -+ set_conn_state(c, STATE_CONNECTED); /* will this waste a pollset call? */ - started++; +- started++; ++ set_conn_state(c, STATE_CONNECTED); #ifdef USE_SSL if (c->ssl) { -@@ -1288,21 +1322,15 @@ + ssl_proceed_handshake(c); +@@ -1274,7 +1344,7 @@ static void close_connection(struct conn + /* first time here */ + doclen = c->bread; + } +- else if (c->bread != doclen) { ++ else if ((c->bread != doclen) && !nolength) { + bad++; + err_length++; + } +@@ -1293,21 +1363,15 @@ static void close_connection(struct conn } } @@ -210,7 +621,30 @@ /* connect again */ start_connect(c); -@@ -1420,10 +1448,7 @@ +@@ -1337,11 +1401,21 @@ static void read_connection(struct conne + good++; + close_connection(c); + } ++ else if (scode == SSL_ERROR_SYSCALL ++ && status == 0 ++ && c->read != 0) { ++ /* connection closed, but in violation of the protocol, after ++ * some data has already been read; this commonly happens, so ++ * let the length check catch any response errors ++ */ ++ good++; ++ close_connection(c); ++ } + else if (scode != SSL_ERROR_WANT_WRITE + && scode != SSL_ERROR_WANT_READ) { + /* some fatal error: */ + c->read = 0; +- BIO_printf(bio_err, "SSL read failed - closing connection\n"); ++ BIO_printf(bio_err, "SSL read failed (%d) - closing connection\n", scode); + ERR_print_errors(bio_err); + close_connection(c); + } +@@ -1425,10 +1499,7 @@ static void read_connection(struct conne } else { /* header is in invalid or too big - close connection */ @@ -222,9 +656,226 @@ apr_socket_close(c->aprsock); err_response++; if (bad++ > 10) { -@@ -1748,11 +1773,7 @@ +@@ -1444,12 +1515,14 @@ static void read_connection(struct conne + * this is first time, extract some interesting info + */ + char *p, *q; ++ size_t len = 0; + p = strstr(c->cbuff, "Server:"); + q = servername; + if (p) { + p += 8; +- while (*p > 32) +- *q++ = *p++; ++ /* -1 to not overwrite last '\0' byte */ ++ while (*p > 32 && len++ < sizeof(servername) - 1) ++ *q++ = *p++; + } + *q = 0; + } +@@ -1491,12 +1564,12 @@ static void read_connection(struct conne + if (cl) { + c->keepalive = 1; + /* response to HEAD doesn't have entity body */ +- c->length = posting >= 0 ? atoi(cl + 16) : 0; ++ c->length = method != HEAD ? atoi(cl + 16) : 0; + } + /* The response may not have a Content-Length header */ + if (!cl) { + c->keepalive = 1; +- c->length = 0; ++ c->length = 0; + } } - if (rv & APR_POLLOUT) { + c->bread += c->cbx - (s + l - c->cbuff) + r - tocopy; +@@ -1517,7 +1590,7 @@ static void read_connection(struct conne + /* first time here */ + doclen = c->bread; + } +- else if (c->bread != doclen) { ++ else if ((c->bread != doclen) && !nolength) { + bad++; + err_length++; + } +@@ -1552,7 +1625,8 @@ static void read_connection(struct conne + static void test(void) + { + apr_time_t stoptime; +- apr_int16_t rv; ++ apr_int16_t rtnev; ++ apr_status_t rv; + int i; + apr_status_t status; + int snprintf_res = 0; +@@ -1578,11 +1652,16 @@ static void test(void) + fflush(stdout); + } + +- con = calloc(concurrency, sizeof(struct connection)); ++ con = xcalloc(concurrency, sizeof(struct connection)); + +- stats = calloc(requests, sizeof(struct data)); ++ /* ++ * XXX: a way to calculate the stats without requiring O(requests) memory ++ * XXX: would be nice. ++ */ ++ stats = xcalloc(requests, sizeof(struct data)); + +- if ((status = apr_pollset_create(&readbits, concurrency, cntxt, 0)) != APR_SUCCESS) { ++ if ((status = apr_pollset_create(&readbits, concurrency, cntxt, ++ APR_POLLSET_NOCOPY)) != APR_SUCCESS) { + apr_err("apr_pollset_create failed", status); + } + +@@ -1612,12 +1691,12 @@ static void test(void) + } + + /* setup request */ +- if (posting <= 0) { ++ if (!send_body) { + snprintf_res = apr_snprintf(request, sizeof(_request), + "%s %s HTTP/1.0\r\n" + "%s" "%s" "%s" + "%s" "\r\n", +- (posting == 0) ? "GET" : "HEAD", ++ method_str[method], + (isproxy) ? fullurl : path, + keepalive ? "Connection: Keep-Alive\r\n" : "", + cookie, auth, hdrs); +@@ -1630,32 +1709,28 @@ static void test(void) + "Content-type: %s\r\n" + "%s" + "\r\n", +- (posting == 1) ? "POST" : "PUT", ++ method_str[method], + (isproxy) ? fullurl : path, + keepalive ? "Connection: Keep-Alive\r\n" : "", + cookie, auth, + postlen, +- (content_type[0]) ? content_type : "text/plain", hdrs); ++ (content_type != NULL) ? content_type : "text/plain", hdrs); + } + if (snprintf_res >= sizeof(_request)) { + err("Request too long\n"); + } + + if (verbosity >= 2) +- printf("INFO: %s header == \n---\n%s\n---\n", +- (posting == 2) ? "PUT" : "POST", request); ++ printf("INFO: %s header == \n---\n%s\n---\n", ++ method_str[method], request); + + reqlen = strlen(request); + + /* +- * Combine headers and (optional) post file into one contineous buffer ++ * Combine headers and (optional) post file into one continuous buffer + */ +- if (posting >= 1) { +- char *buff = malloc(postlen + reqlen + 1); +- if (!buff) { +- fprintf(stderr, "error creating request buffer: out of memory\n"); +- return; +- } ++ if (send_body) { ++ char *buff = xmalloc(postlen + reqlen + 1); + strcpy(buff, request); + memcpy(buff + reqlen, postdata, postlen); + request = buff; +@@ -1673,8 +1748,20 @@ static void test(void) + } + #endif /* NOT_ASCII */ + +- /* This only needs to be done once */ +- if ((rv = apr_sockaddr_info_get(&destsa, connecthost, APR_UNSPEC, connectport, 0, cntxt)) ++ if (myhost) { ++ /* This only needs to be done once */ ++ if ((rv = apr_sockaddr_info_get(&mysa, myhost, APR_UNSPEC, 0, 0, cntxt)) != APR_SUCCESS) { ++ char buf[120]; ++ apr_snprintf(buf, sizeof(buf), ++ "apr_sockaddr_info_get() for %s", myhost); ++ apr_err(buf, rv); ++ } ++ } ++ ++ /* This too */ ++ if ((rv = apr_sockaddr_info_get(&destsa, connecthost, ++ myhost ? mysa->family : APR_UNSPEC, ++ connectport, 0, cntxt)) + != APR_SUCCESS) { + char buf[120]; + apr_snprintf(buf, sizeof(buf), +@@ -1686,7 +1773,7 @@ static void test(void) + start = lasttime = apr_time_now(); + stoptime = tlimit ? (start + apr_time_from_sec(tlimit)) : AB_MAX; + +-#ifdef SIGINT ++#ifdef SIGINT + /* Output the results if the user terminates the run early. */ + apr_signal(SIGINT, output_results); + #endif +@@ -1699,24 +1786,19 @@ static void test(void) + + do { + apr_int32_t n; +- const apr_pollfd_t *pollresults; ++ const apr_pollfd_t *pollresults, *pollfd; + + n = concurrency; + do { +- status = apr_pollset_poll(readbits, aprtimeout, &n, &pollresults); ++ status = apr_pollset_poll(readbits, aprtimeout, &n, &pollresults); + } while (APR_STATUS_IS_EINTR(status)); + if (status != APR_SUCCESS) +- apr_err("apr_poll", status); +- +- if (!n) { +- err("\nServer timed out\n\n"); +- } ++ apr_err("apr_pollset_poll", status); + +- for (i = 0; i < n; i++) { +- const apr_pollfd_t *next_fd = &(pollresults[i]); ++ for (i = 0, pollfd = pollresults; i < n; i++, pollfd++) { + struct connection *c; + +- c = next_fd->client_data; ++ c = pollfd->client_data; + + /* + * If the connection isn't connected how can we check it? +@@ -1724,7 +1806,7 @@ static void test(void) + if (c->state == STATE_UNCONNECTED) + continue; + +- rv = next_fd->rtnevents; ++ rtnev = pollfd->rtnevents; + + #ifdef USE_SSL + if (c->state == STATE_CONNECTED && c->ssl && SSL_in_init(c->ssl)) { +@@ -1745,22 +1827,25 @@ static void test(void) + * connection is done and we loop here endlessly calling + * apr_poll(). + */ +- if ((rv & APR_POLLIN) || (rv & APR_POLLPRI) || (rv & APR_POLLHUP)) ++ if ((rtnev & APR_POLLIN) || (rtnev & APR_POLLPRI) || (rtnev & APR_POLLHUP)) + read_connection(c); +- if ((rv & APR_POLLERR) || (rv & APR_POLLNVAL)) { ++ if ((rtnev & APR_POLLERR) || (rtnev & APR_POLLNVAL)) { + bad++; + err_except++; +- start_connect(c); ++ /* avoid apr_poll/EINPROGRESS loop on HP-UX, let recv discover ECONNREFUSED */ ++ if (c->state == STATE_CONNECTING) { ++ read_connection(c); ++ } ++ else { ++ start_connect(c); ++ } + continue; + } +- if (rv & APR_POLLOUT) { ++ if (rtnev & APR_POLLOUT) { if (c->state == STATE_CONNECTING) { - apr_pollfd_t remove_pollfd; rv = apr_socket_connect(c->aprsock, destsa); @@ -232,24 +883,26 @@ - remove_pollfd.desc.s = c->aprsock; - apr_pollset_remove(readbits, &remove_pollfd); if (rv != APR_SUCCESS) { ++ set_conn_state(c, STATE_UNCONNECTED); apr_socket_close(c->aprsock); err_conn++; -@@ -1761,12 +1782,12 @@ + if (bad++ > 10) { +@@ -1768,13 +1853,11 @@ static void test(void) "\nTest aborted after 10 failures\n\n"); apr_err("apr_socket_connect()", rv); } - c->state = STATE_UNCONNECTED; -+ set_conn_state(c, STATE_UNCONNECTED); start_connect(c); continue; } else { - c->state = STATE_CONNECTED; +- started++; + set_conn_state(c, STATE_CONNECTED); - started++; #ifdef USE_SSL if (c->ssl) -@@ -1780,22 +1801,6 @@ + ssl_proceed_handshake(c); +@@ -1787,25 +1870,9 @@ static void test(void) write_request(c); } } @@ -271,4 +924,425 @@ - } } } while (lasttime < stoptime && done < requests); - +- ++ + if (heartbeatres) + fprintf(stderr, "Finished %d requests\n", done); + else +@@ -1823,14 +1890,14 @@ static void test(void) + static void copyright(void) + { + if (!use_html) { +- printf("This is ApacheBench, Version %s\n", AP_AB_BASEREVISION " <$Revision: 655654 $>"); ++ printf("This is ApacheBench, Version %s\n", AP_AB_BASEREVISION " <$Revision: 1663405 $>"); + printf("Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/\n"); + printf("Licensed to The Apache Software Foundation, http://www.apache.org/\n"); + printf("\n"); + } + else { + printf("<p>\n"); +- printf(" This is ApacheBench, Version %s <i><%s></i><br>\n", AP_AB_BASEREVISION, "$Revision: 655654 $"); ++ printf(" This is ApacheBench, Version %s <i><%s></i><br>\n", AP_AB_BASEREVISION, "$Revision: 1663405 $"); + printf(" Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/<br>\n"); + printf(" Licensed to The Apache Software Foundation, http://www.apache.org/<br>\n"); + printf("</p>\n<p>\n"); +@@ -1849,12 +1916,16 @@ static void usage(const char *progname) + */ + fprintf(stderr, "Options are:\n"); + fprintf(stderr, " -n requests Number of requests to perform\n"); +- fprintf(stderr, " -c concurrency Number of multiple requests to make\n"); +- fprintf(stderr, " -t timelimit Seconds to max. wait for responses\n"); ++ fprintf(stderr, " -c concurrency Number of multiple requests to make at a time\n"); ++ fprintf(stderr, " -t timelimit Seconds to max. to spend on benchmarking\n"); ++ fprintf(stderr, " This implies -n 50000\n"); ++ fprintf(stderr, " -s timeout Seconds to max. wait for each response\n"); ++ fprintf(stderr, " Default is 30 seconds\n"); + fprintf(stderr, " -b windowsize Size of TCP send/receive buffer, in bytes\n"); ++ fprintf(stderr, " -B address Address to bind to when making outgoing connections\n"); + fprintf(stderr, " -p postfile File containing data to POST. Remember also to set -T\n"); + fprintf(stderr, " -u putfile File containing data to PUT. Remember also to set -T\n"); +- fprintf(stderr, " -T content-type Content-type header for POSTing, eg.\n"); ++ fprintf(stderr, " -T content-type Content-type header to use for POST/PUT data, eg.\n"); + fprintf(stderr, " 'application/x-www-form-urlencoded'\n"); + fprintf(stderr, " Default is 'text/plain'\n"); + fprintf(stderr, " -v verbosity How much troubleshooting info to print\n"); +@@ -1863,7 +1934,7 @@ static void usage(const char *progname) + fprintf(stderr, " -x attributes String to insert as table attributes\n"); + fprintf(stderr, " -y attributes String to insert as tr attributes\n"); + fprintf(stderr, " -z attributes String to insert as td or th attributes\n"); +- fprintf(stderr, " -C attribute Add cookie, eg. 'Apache=1234. (repeatable)\n"); ++ fprintf(stderr, " -C attribute Add cookie, eg. 'Apache=1234'. (repeatable)\n"); + fprintf(stderr, " -H attribute Add Arbitrary header line, eg. 'Accept-Encoding: gzip'\n"); + fprintf(stderr, " Inserted after all normal header lines. (repeatable)\n"); + fprintf(stderr, " -A attribute Add Basic WWW Authentication, the attributes\n"); +@@ -1875,9 +1946,12 @@ static void usage(const char *progname) + fprintf(stderr, " -k Use HTTP KeepAlive feature\n"); + fprintf(stderr, " -d Do not show percentiles served table.\n"); + fprintf(stderr, " -S Do not show confidence estimators and warnings.\n"); ++ fprintf(stderr, " -q Do not show progress when doing more than 150 requests\n"); ++ fprintf(stderr, " -l Accept variable document length (use this for dynamic pages)\n"); + fprintf(stderr, " -g filename Output collected data to gnuplot format file.\n"); + fprintf(stderr, " -e filename Output CSV file with percentages served\n"); + fprintf(stderr, " -r Don't exit on socket receive errors.\n"); ++ fprintf(stderr, " -m method Method name\n"); + fprintf(stderr, " -h Display usage information (this message)\n"); + #ifdef USE_SSL + +@@ -1894,7 +1968,7 @@ static void usage(const char *progname) + #endif + + fprintf(stderr, " -Z ciphersuite Specify SSL/TLS cipher suite (See openssl ciphers)\n"); +- fprintf(stderr, " -f protocol Specify SSL/TLS protocol\n"); ++ fprintf(stderr, " -f protocol Specify SSL/TLS protocol\n"); + fprintf(stderr, " (" SSL2_HELP_MSG "SSL3, TLS1" TLS1_X_HELP_MSG " or ALL)\n"); + #endif + exit(EINVAL); +@@ -1904,7 +1978,7 @@ static void usage(const char *progname) + + /* split URL into parts */ + +-static int parse_url(char *url) ++static int parse_url(const char *url) + { + char *cp; + char *h; +@@ -1935,9 +2009,7 @@ static int parse_url(char *url) + + if ((cp = strchr(url, '/')) == NULL) + return 1; +- h = apr_palloc(cntxt, cp - url + 1); +- memcpy(h, url, cp - url); +- h[cp - url] = '\0'; ++ h = apr_pstrmemdup(cntxt, url, cp - url); + rv = apr_parse_addr_port(&hostname, &scope_id, &port, h, cntxt); + if (rv != APR_SUCCESS || !hostname || scope_id) { + return 1; +@@ -1974,9 +2046,9 @@ static int parse_url(char *url) + + /* ------------------------------------------------------- */ + +-/* read data to POST from file, save contents and length */ ++/* read data to POST/PUT from file, save contents and length */ + +-static int open_postfile(const char *pfile) ++static apr_status_t open_postfile(const char *pfile) + { + apr_file_t *postfd; + apr_finfo_t finfo; +@@ -1997,11 +2069,7 @@ static int open_postfile(const char *pfi + return rv; + } + postlen = (apr_size_t)finfo.size; +- postdata = malloc(postlen); +- if (!postdata) { +- fprintf(stderr, "ab: Could not allocate POST data buffer\n"); +- return APR_ENOMEM; +- } ++ postdata = xmalloc(postlen); + rv = apr_file_read_full(postfd, postdata, postlen, NULL); + if (rv != APR_SUCCESS) { + fprintf(stderr, "ab: Could not read POST data file: %s\n", +@@ -2009,7 +2077,7 @@ static int open_postfile(const char *pfi + return rv; + } + apr_file_close(postfd); +- return 0; ++ return APR_SUCCESS; + } + + /* ------------------------------------------------------- */ +@@ -2017,11 +2085,11 @@ static int open_postfile(const char *pfi + /* sort out command-line args and call test */ + int main(int argc, const char * const argv[]) + { +- int r, l; ++ int l; + char tmp[1024]; + apr_status_t status; + apr_getopt_t *opt; +- const char *optarg; ++ const char *opt_arg; + char c; + #ifdef USE_SSL + AB_SSL_METHOD_CONST SSL_METHOD *meth = SSLv23_client_method(); +@@ -2033,12 +2101,13 @@ int main(int argc, const char * const ar + tdstring = "bgcolor=white"; + cookie = ""; + auth = ""; +- proxyhost[0] = '\0'; ++ proxyhost = ""; + hdrs = ""; + + apr_app_initialize(&argc, &argv, NULL); + atexit(apr_terminate); + apr_pool_create(&cntxt, NULL); ++ apr_pool_abort_set(abort_on_oom, cntxt); + + #ifdef NOT_ASCII + status = apr_xlate_open(&to_ascii, "ISO-8859-1", APR_DEFAULT_CHARSET, cntxt); +@@ -2058,15 +2127,17 @@ int main(int argc, const char * const ar + } + #endif + ++ myhost = NULL; /* 0.0.0.0 or :: */ ++ + apr_getopt_init(&opt, cntxt, argc, argv); +- while ((status = apr_getopt(opt, "n:c:t:b:T:p:u:v:rkVhwix:y:z:C:H:P:A:g:X:de:Sq" ++ while ((status = apr_getopt(opt, "n:c:t:s:b:T:p:u:v:lrkVhwix:y:z:C:H:P:A:g:X:de:SqB:m:" + #ifdef USE_SSL + "Z:f:" + #endif +- ,&c, &optarg)) == APR_SUCCESS) { ++ ,&c, &opt_arg)) == APR_SUCCESS) { + switch (c) { + case 'n': +- requests = atoi(optarg); ++ requests = atoi(opt_arg); + if (requests <= 0) { + err("Invalid number of requests\n"); + } +@@ -2078,76 +2149,80 @@ int main(int argc, const char * const ar + heartbeatres = 0; + break; + case 'c': +- concurrency = atoi(optarg); ++ concurrency = atoi(opt_arg); + break; + case 'b': +- windowsize = atoi(optarg); ++ windowsize = atoi(opt_arg); + break; + case 'i': +- if (posting > 0) +- err("Cannot mix POST/PUT and HEAD\n"); +- posting = -1; ++ if (method != NO_METH) ++ err("Cannot mix HEAD with other methods\n"); ++ method = HEAD; + break; + case 'g': +- gnuplot = strdup(optarg); ++ gnuplot = xstrdup(opt_arg); + break; + case 'd': + percentile = 0; + break; + case 'e': +- csvperc = strdup(optarg); ++ csvperc = xstrdup(opt_arg); + break; + case 'S': + confidence = 0; + break; ++ case 's': ++ aprtimeout = apr_time_from_sec(atoi(opt_arg)); /* timeout value */ ++ break; + case 'p': +- if (posting != 0) +- err("Cannot mix POST and HEAD\n"); +- if (0 == (r = open_postfile(optarg))) { +- posting = 1; +- } +- else if (postdata) { +- exit(r); ++ if (method != NO_METH) ++ err("Cannot mix POST with other methods\n"); ++ if (open_postfile(opt_arg) != APR_SUCCESS) { ++ exit(1); + } ++ method = POST; ++ send_body = 1; + break; + case 'u': +- if (posting != 0) +- err("Cannot mix PUT and HEAD\n"); +- if (0 == (r = open_postfile(optarg))) { +- posting = 2; +- } +- else if (postdata) { +- exit(r); ++ if (method != NO_METH) ++ err("Cannot mix PUT with other methods\n"); ++ if (open_postfile(opt_arg) != APR_SUCCESS) { ++ exit(1); + } ++ method = PUT; ++ send_body = 1; ++ break; ++ case 'l': ++ nolength = 1; + break; + case 'r': + recverrok = 1; + break; + case 'v': +- verbosity = atoi(optarg); ++ verbosity = atoi(opt_arg); + break; + case 't': +- tlimit = atoi(optarg); ++ tlimit = atoi(opt_arg); + requests = MAX_REQUESTS; /* need to size data array on + * something */ + break; + case 'T': +- strcpy(content_type, optarg); ++ content_type = apr_pstrdup(cntxt, opt_arg); + break; + case 'C': +- cookie = apr_pstrcat(cntxt, "Cookie: ", optarg, "\r\n", NULL); ++ cookie = apr_pstrcat(cntxt, "Cookie: ", opt_arg, "\r\n", NULL); + break; + case 'A': + /* + * assume username passwd already to be in colon separated form. + * Ready to be uu-encoded. + */ +- while (apr_isspace(*optarg)) +- optarg++; +- if (apr_base64_encode_len(strlen(optarg)) > sizeof(tmp)) { ++ while (apr_isspace(*opt_arg)) ++ opt_arg++; ++ if (apr_base64_encode_len(strlen(opt_arg)) > sizeof(tmp)) { + err("Authentication credentials too long\n"); + } +- l = apr_base64_encode(tmp, optarg, strlen(optarg)); ++ l = apr_base64_encode(tmp, opt_arg, strlen(opt_arg)); + tmp[l] = '\0'; + + auth = apr_pstrcat(cntxt, auth, "Authorization: Basic ", tmp, +@@ -2157,27 +2232,27 @@ int main(int argc, const char * const ar + /* + * assume username passwd already to be in colon separated form. + */ +- while (apr_isspace(*optarg)) +- optarg++; +- if (apr_base64_encode_len(strlen(optarg)) > sizeof(tmp)) { ++ while (apr_isspace(*opt_arg)) ++ opt_arg++; ++ if (apr_base64_encode_len(strlen(opt_arg)) > sizeof(tmp)) { + err("Proxy credentials too long\n"); + } +- l = apr_base64_encode(tmp, optarg, strlen(optarg)); ++ l = apr_base64_encode(tmp, opt_arg, strlen(opt_arg)); + tmp[l] = '\0'; + + auth = apr_pstrcat(cntxt, auth, "Proxy-Authorization: Basic ", + tmp, "\r\n", NULL); + break; + case 'H': +- hdrs = apr_pstrcat(cntxt, hdrs, optarg, "\r\n", NULL); ++ hdrs = apr_pstrcat(cntxt, hdrs, opt_arg, "\r\n", NULL); + /* + * allow override of some of the common headers that ab adds + */ +- if (strncasecmp(optarg, "Host:", 5) == 0) { ++ if (strncasecmp(opt_arg, "Host:", 5) == 0) { + opt_host = 1; +- } else if (strncasecmp(optarg, "Accept:", 7) == 0) { ++ } else if (strncasecmp(opt_arg, "Accept:", 7) == 0) { + opt_accept = 1; +- } else if (strncasecmp(optarg, "User-Agent:", 11) == 0) { ++ } else if (strncasecmp(opt_arg, "User-Agent:", 11) == 0) { + opt_useragent = 1; + } + break; +@@ -2190,7 +2265,7 @@ int main(int argc, const char * const ar + */ + case 'x': + use_html = 1; +- tablestring = optarg; ++ tablestring = opt_arg; + break; + case 'X': + { +@@ -2198,22 +2273,22 @@ int main(int argc, const char * const ar + /* + * assume proxy-name[:port] + */ +- if ((p = strchr(optarg, ':'))) { ++ if ((p = strchr(opt_arg, ':'))) { + *p = '\0'; + p++; + proxyport = atoi(p); + } +- strcpy(proxyhost, optarg); ++ proxyhost = apr_pstrdup(cntxt, opt_arg); + isproxy = 1; + } + break; + case 'y': + use_html = 1; +- trstring = optarg; ++ trstring = opt_arg; + break; + case 'z': + use_html = 1; +- tdstring = optarg; ++ tdstring = opt_arg; + break; + case 'h': + usage(argv[0]); +@@ -2221,26 +2296,33 @@ int main(int argc, const char * const ar + case 'V': + copyright(); + return 0; ++ case 'B': ++ myhost = apr_pstrdup(cntxt, opt_arg); ++ break; + #ifdef USE_SSL + case 'Z': +- ssl_cipher = strdup(optarg); ++ ssl_cipher = strdup(opt_arg); ++ break; ++ case 'm': ++ method = CUSTOM_METHOD; ++ method_str[CUSTOM_METHOD] = strdup(opt_arg); + break; + case 'f': +- if (strncasecmp(optarg, "ALL", 3) == 0) { ++ if (strncasecmp(opt_arg, "ALL", 3) == 0) { + meth = SSLv23_client_method(); + #ifndef OPENSSL_NO_SSL2 +- } else if (strncasecmp(optarg, "SSL2", 4) == 0) { ++ } else if (strncasecmp(opt_arg, "SSL2", 4) == 0) { + meth = SSLv2_client_method(); + #endif +- } else if (strncasecmp(optarg, "SSL3", 4) == 0) { ++ } else if (strncasecmp(opt_arg, "SSL3", 4) == 0) { + meth = SSLv3_client_method(); + #ifdef HAVE_TLSV1_X +- } else if (strncasecmp(optarg, "TLS1.1", 6) == 0) { ++ } else if (strncasecmp(opt_arg, "TLS1.1", 6) == 0) { + meth = TLSv1_1_client_method(); +- } else if (strncasecmp(optarg, "TLS1.2", 6) == 0) { ++ } else if (strncasecmp(opt_arg, "TLS1.2", 6) == 0) { + meth = TLSv1_2_client_method(); + #endif +- } else if (strncasecmp(optarg, "TLS1", 4) == 0) { ++ } else if (strncasecmp(opt_arg, "TLS1", 4) == 0) { + meth = TLSv1_client_method(); + } + break; +@@ -2253,6 +2335,10 @@ int main(int argc, const char * const ar + usage(argv[0]); + } + ++ if (method == NO_METH) { ++ method = GET; ++ } ++ + if (parse_url(apr_pstrdup(cntxt, opt->argv[opt->ind++]))) { + fprintf(stderr, "%s: invalid URL\n", argv[0]); + usage(argv[0]); +@@ -2296,6 +2382,10 @@ int main(int argc, const char * const ar + exit(1); + } + SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL); ++#ifdef SSL_MODE_RELEASE_BUFFERS ++ /* Keep memory usage as low as possible */ ++ SSL_CTX_set_mode (ssl_ctx, SSL_MODE_RELEASE_BUFFERS); ++#endif + if (ssl_cipher != NULL) { + if (!SSL_CTX_set_cipher_list(ssl_ctx, ssl_cipher)) { + fprintf(stderr, "error setting cipher list [%s]\n", ssl_cipher); diff --git a/www/apache22/files/patch-support__apachectl.in b/www/apache22/files/patch-support__apachectl.in index 8c3b8d5df6f8..844f05c1bd10 100644 --- a/www/apache22/files/patch-support__apachectl.in +++ b/www/apache22/files/patch-support__apachectl.in @@ -1,5 +1,5 @@ ---- ./support/apachectl.in.orig 2006-07-11 23:38:44.000000000 -0400 -+++ ./support/apachectl.in 2010-05-06 19:37:54.265730461 -0400 +--- support/apachectl.in.orig 2006-07-12 03:38:44 UTC ++++ support/apachectl.in @@ -35,6 +35,7 @@ # When multiple arguments are given, only the error from the _last_ # one is reported. Run "apachectl help" for usage info @@ -8,7 +8,7 @@ ARGV="$@" # # |||||||||||||||||||| START CONFIGURATION SECTION |||||||||||||||||||| -@@ -42,6 +43,7 @@ +@@ -42,6 +43,7 @@ ARGV="$@" # # the path to your httpd binary, including options if necessary HTTPD='@exp_sbindir@/@progname@' @@ -16,7 +16,7 @@ # # pick up any necessary environment variables if test -f @exp_sbindir@/envvars; then -@@ -65,19 +67,21 @@ +@@ -65,19 +67,21 @@ ULIMIT_MAX_FILES="@APACHECTL_ULIMIT@" # -------------------- -------------------- # |||||||||||||||||||| END CONFIGURATION SECTION |||||||||||||||||||| @@ -43,7 +43,7 @@ ERROR=$? ;; startssl|sslstart|start-SSL) -@@ -87,17 +91,19 @@ +@@ -87,17 +91,19 @@ startssl|sslstart|start-SSL) ERROR=2 ;; configtest) diff --git a/www/apache22/files/patch-support__apxs.in b/www/apache22/files/patch-support__apxs.in index 6d00017ff58e..016be2fdb1cb 100644 --- a/www/apache22/files/patch-support__apxs.in +++ b/www/apache22/files/patch-support__apxs.in @@ -1,6 +1,6 @@ ---- support/apxs.in.orig 2010-07-26 08:42:53.271215110 +0900 -+++ support/apxs.in 2010-07-26 08:43:37.927545200 +0900 -@@ -612,7 +612,13 @@ +--- support/apxs.in.orig 2010-05-10 20:02:56 UTC ++++ support/apxs.in +@@ -612,7 +612,13 @@ if ($opt_i or $opt_e) { } } else { # replace already existing LoadModule line @@ -15,7 +15,7 @@ } $lmd =~ m|LoadModule\s+(.+?)_module.*|; notice("[$what module `$1' in $CFG_SYSCONFDIR/$CFG_TARGET.conf]"); -@@ -621,8 +627,7 @@ +@@ -621,8 +627,7 @@ if ($opt_i or $opt_e) { if (open(FP, ">$CFG_SYSCONFDIR/$CFG_TARGET.conf.new")) { print FP $content; close(FP); diff --git a/www/apache22/files/patch-support__envvars-std.in b/www/apache22/files/patch-support__envvars-std.in index 6f1c3c6665f4..39fd1bca480e 100644 --- a/www/apache22/files/patch-support__envvars-std.in +++ b/www/apache22/files/patch-support__envvars-std.in @@ -1,6 +1,6 @@ ---- ./support/envvars-std.in.orig 2006-07-11 23:38:44.000000000 -0400 -+++ ./support/envvars-std.in 2012-10-28 20:07:32.000000000 +0100 -@@ -26,3 +26,10 @@ +--- support/envvars-std.in.orig 2012-05-22 21:42:41 UTC ++++ support/envvars-std.in +@@ -26,3 +26,10 @@ fi export @SHLIBPATH_VAR@ # @OS_SPECIFIC_VARS@ diff --git a/www/apache22/files/patch-support__log_server_status.in b/www/apache22/files/patch-support__log_server_status.in index 7aeb579dbad8..013cb8b0c8f1 100644 --- a/www/apache22/files/patch-support__log_server_status.in +++ b/www/apache22/files/patch-support__log_server_status.in @@ -1,5 +1,5 @@ ---- ./support/log_server_status.in.orig 2006-07-11 23:38:44.000000000 -0400 -+++ ./support/log_server_status.in 2010-05-06 19:37:54.273730386 -0400 +--- support/log_server_status.in.orig 2006-07-12 03:38:44 UTC ++++ support/log_server_status.in @@ -27,7 +27,7 @@ # require 'sys/socket.ph'; @@ -9,7 +9,7 @@ $server = "localhost"; # Name of server, could be "www.foo.com" $port = "80"; # Port on server $request = "/status/?auto"; # Request to send -@@ -60,7 +60,7 @@ +@@ -60,7 +60,7 @@ sub tcp_connect chomp($date); ($day,$time)=split(/:/,$date); $res=&tcp_connect($server,$port); diff --git a/www/apache22/pkg-plist b/www/apache22/pkg-plist index 784d70d3122b..5f532d46ca73 100644 --- a/www/apache22/pkg-plist +++ b/www/apache22/pkg-plist @@ -1,4 +1,18 @@ %%ETCDIR%%/Includes/no-accf.conf +@sample %%ETCDIR%%/extra/httpd-autoindex.conf.sample +@sample %%ETCDIR%%/extra/httpd-dav.conf.sample +@sample %%ETCDIR%%/extra/httpd-default.conf.sample +@sample %%ETCDIR%%/extra/httpd-info.conf.sample +@sample %%ETCDIR%%/extra/httpd-languages.conf.sample +@sample %%ETCDIR%%/extra/httpd-manual.conf.sample +@sample %%ETCDIR%%/extra/httpd-mpm.conf.sample +@sample %%ETCDIR%%/extra/httpd-multilang-errordoc.conf.sample +@sample %%ETCDIR%%/extra/httpd-ssl.conf.sample +@sample %%ETCDIR%%/extra/httpd-userdir.conf.sample +@sample %%ETCDIR%%/extra/httpd-vhosts.conf.sample +@sample %%ETCDIR%%/httpd.conf.sample +@sample %%ETCDIR%%/magic.sample +@sample %%ETCDIR%%/mime.types.sample %%ETCDIR%%/modules.d/README_modules.d include/apache22/ap_compat.h include/apache22/ap_config.h @@ -156,7 +170,7 @@ sbin/httxt2dbm sbin/logresolve sbin/rotatelogs sbin/split-logfile -%%SUEXEC%%sbin/suexec +%%SUEXEC%%@(,,4755) sbin/suexec %%DATADIR%%/build/config.nice %%DATADIR%%/build/config_vars.mk %%DATADIR%%/build/instdso.sh @@ -166,55 +180,11 @@ sbin/split-logfile %%DATADIR%%/build/program.mk %%DATADIR%%/build/rules.mk %%DATADIR%%/build/special.mk -@unexec if cmp -s %D/%%ETCDIR%%/extra/httpd-autoindex.conf %D/%%EXAMPLESDIR%%/extra/httpd-autoindex.conf; then rm -f %D/%%ETCDIR%%/extra/httpd-autoindex.conf; fi -%%EXAMPLESDIR%%/extra/httpd-autoindex.conf -@exec [ -f %D/%%ETCDIR%%/extra/httpd-autoindex.conf ] || cp %D/%%EXAMPLESDIR%%/extra/httpd-autoindex.conf %D/%%ETCDIR%%/extra/httpd-autoindex.conf -@unexec if cmp -s %D/%%ETCDIR%%/extra/httpd-dav.conf %D/%%EXAMPLESDIR%%/extra/httpd-dav.conf; then rm -f %D/%%ETCDIR%%/extra/httpd-dav.conf; fi -%%EXAMPLESDIR%%/extra/httpd-dav.conf -@exec [ -f %D/%%ETCDIR%%/extra/httpd-dav.conf ] || cp %D/%%EXAMPLESDIR%%/extra/httpd-dav.conf %D/%%ETCDIR%%/extra/httpd-dav.conf -@unexec if cmp -s %D/%%ETCDIR%%/extra/httpd-default.conf %D/%%EXAMPLESDIR%%/extra/httpd-default.conf; then rm -f %D/%%ETCDIR%%/extra/httpd-default.conf; fi -%%EXAMPLESDIR%%/extra/httpd-default.conf -@exec [ -f %D/%%ETCDIR%%/extra/httpd-default.conf ] || cp %D/%%EXAMPLESDIR%%/extra/httpd-default.conf %D/%%ETCDIR%%/extra/httpd-default.conf -@unexec if cmp -s %D/%%ETCDIR%%/extra/httpd-info.conf %D/%%EXAMPLESDIR%%/extra/httpd-info.conf; then rm -f %D/%%ETCDIR%%/extra/httpd-info.conf; fi -%%EXAMPLESDIR%%/extra/httpd-info.conf -@exec [ -f %D/%%ETCDIR%%/extra/httpd-info.conf ] || cp %D/%%EXAMPLESDIR%%/extra/httpd-info.conf %D/%%ETCDIR%%/extra/httpd-info.conf -@unexec if cmp -s %D/%%ETCDIR%%/extra/httpd-languages.conf %D/%%EXAMPLESDIR%%/extra/httpd-languages.conf; then rm -f %D/%%ETCDIR%%/extra/httpd-languages.conf; fi -%%EXAMPLESDIR%%/extra/httpd-languages.conf -@exec [ -f %D/%%ETCDIR%%/extra/httpd-languages.conf ] || cp %D/%%EXAMPLESDIR%%/extra/httpd-languages.conf %D/%%ETCDIR%%/extra/httpd-languages.conf -@unexec if cmp -s %D/%%ETCDIR%%/extra/httpd-manual.conf %D/%%EXAMPLESDIR%%/extra/httpd-manual.conf; then rm -f %D/%%ETCDIR%%/extra/httpd-manual.conf; fi -%%EXAMPLESDIR%%/extra/httpd-manual.conf -@exec [ -f %D/%%ETCDIR%%/extra/httpd-manual.conf ] || cp %D/%%EXAMPLESDIR%%/extra/httpd-manual.conf %D/%%ETCDIR%%/extra/httpd-manual.conf -@unexec if cmp -s %D/%%ETCDIR%%/extra/httpd-mpm.conf %D/%%EXAMPLESDIR%%/extra/httpd-mpm.conf; then rm -f %D/%%ETCDIR%%/extra/httpd-mpm.conf; fi -%%EXAMPLESDIR%%/extra/httpd-mpm.conf -@exec [ -f %D/%%ETCDIR%%/extra/httpd-mpm.conf ] || cp %D/%%EXAMPLESDIR%%/extra/httpd-mpm.conf %D/%%ETCDIR%%/extra/httpd-mpm.conf -@unexec if cmp -s %D/%%ETCDIR%%/extra/httpd-multilang-errordoc.conf %D/%%EXAMPLESDIR%%/extra/httpd-multilang-errordoc.conf; then rm -f %D/%%ETCDIR%%/extra/httpd-multilang-errordoc.conf; fi -%%EXAMPLESDIR%%/extra/httpd-multilang-errordoc.conf -@exec [ -f %D/%%ETCDIR%%/extra/httpd-multilang-errordoc.conf ] || cp %D/%%EXAMPLESDIR%%/extra/httpd-multilang-errordoc.conf %D/%%ETCDIR%%/extra/httpd-multilang-errordoc.conf -@unexec if cmp -s %D/%%ETCDIR%%/extra/httpd-ssl.conf %D/%%EXAMPLESDIR%%/extra/httpd-ssl.conf; then rm -f %D/%%ETCDIR%%/extra/httpd-ssl.conf; fi -%%EXAMPLESDIR%%/extra/httpd-ssl.conf -@exec [ -f %D/%%ETCDIR%%/extra/httpd-ssl.conf ] || cp %D/%%EXAMPLESDIR%%/extra/httpd-ssl.conf %D/%%ETCDIR%%/extra/httpd-ssl.conf -@unexec if cmp -s %D/%%ETCDIR%%/extra/httpd-userdir.conf %D/%%EXAMPLESDIR%%/extra/httpd-userdir.conf; then rm -f %D/%%ETCDIR%%/extra/httpd-userdir.conf; fi -%%EXAMPLESDIR%%/extra/httpd-userdir.conf -@exec [ -f %D/%%ETCDIR%%/extra/httpd-userdir.conf ] || cp %D/%%EXAMPLESDIR%%/extra/httpd-userdir.conf %D/%%ETCDIR%%/extra/httpd-userdir.conf -@unexec if cmp -s %D/%%ETCDIR%%/extra/httpd-vhosts.conf %D/%%EXAMPLESDIR%%/extra/httpd-vhosts.conf; then rm -f %D/%%ETCDIR%%/extra/httpd-vhosts.conf; fi -%%EXAMPLESDIR%%/extra/httpd-vhosts.conf -@exec [ -f %D/%%ETCDIR%%/extra/httpd-vhosts.conf ] || cp %D/%%EXAMPLESDIR%%/extra/httpd-vhosts.conf %D/%%ETCDIR%%/extra/httpd-vhosts.conf -@unexec if cmp %D/%%ETCDIR%%/httpd.conf %D/%%EXAMPLESDIR%%/httpd.conf; then rm -vf %D/%%ETCDIR%%/httpd.conf; fi -%%EXAMPLESDIR%%/httpd.conf -@exec [ -f %D/%%ETCDIR%%/httpd.conf ] || cp -v %D/%%EXAMPLESDIR%%/httpd.conf %D/%%ETCDIR%%/httpd.conf -@unexec if cmp -s %D/%%WWWDIR%%/data/index.html %D/%%EXAMPLESDIR%%/index.html; then rm -f %D/%%WWWDIR%%/data/index.html; fi -%%EXAMPLESDIR%%/index.html -@exec [ -d %D/%%WWWDIR%%/data ] || mkdir -p %D/%%WWWDIR%%/data -@exec [ -f %D/%%WWWDIR%%/data/index.html ] || cp %D/%%EXAMPLESDIR%%/index.html %D/%%WWWDIR%%/data/index.html -@unexec if cmp -s %D/%%ETCDIR%%/magic %D/%%EXAMPLESDIR%%/magic; then rm -f %D/%%ETCDIR%%/magic; fi -%%EXAMPLESDIR%%/magic -@exec [ -f %D/%%ETCDIR%%/magic ] || cp %D/%%EXAMPLESDIR%%/magic %D/%%ETCDIR%%/magic -@unexec if cmp -s %D/%%ETCDIR%%/mime.types %D/%%EXAMPLESDIR%%/mime.types; then rm -f %D/%%ETCDIR%%/mime.types; fi -%%EXAMPLESDIR%%/mime.types -@exec [ -f %D/%%ETCDIR%%/mime.types ] || cp %D/%%EXAMPLESDIR%%/mime.types %D/%%ETCDIR%%/mime.types -%%EXAMPLESDIR%%/modules.d/README_modules.d -%%WWWDIR%%/cgi-bin/printenv -%%WWWDIR%%/cgi-bin/test-cgi +@unexec if cmp -s %D/%%WWWDIR%%/data/index.html %D/%%DATADIR%%/misc/index.html; then rm -f %D/%%WWWDIR%%/data/index.html; fi +%%DATADIR%%/misc/index.html +@exec [ -f %D/%%WWWDIR%%/data/index.html ] || cp %D/%%DATADIR%%/misc/index.html %D/%%WWWDIR%%/data/index.html +@(,,0400) %%WWWDIR%%/cgi-bin/printenv +@(,,0400) %%WWWDIR%%/cgi-bin/test-cgi %%WWWDIR%%/error/HTTP_BAD_GATEWAY.html.var %%WWWDIR%%/error/HTTP_BAD_REQUEST.html.var %%WWWDIR%%/error/HTTP_FORBIDDEN.html.var @@ -459,7 +429,5 @@ sbin/split-logfile %%WWWDIR%%/icons/world2.gif %%WWWDIR%%/icons/world2.png @unexec rm -f %D/%%ETCDIR%%/httpd.conf.bak 2> /dev/null || true -@dir %%ETCDIR%%/Includes @dir %%ETCDIR%%/envvars.d -@dir %%ETCDIR%%/extra @dir %%WWWDIR%%/data |