diff options
| author | Bob Beck <beck@cvs.openbsd.org> | 2000-01-28 18:24:20 +0000 |
|---|---|---|
| committer | Bob Beck <beck@cvs.openbsd.org> | 2000-01-28 18:24:20 +0000 |
| commit | 1253f9f58056d54537a2b0596cc33f9b9ed3608b (patch) | |
| tree | 2016da852a9b8ac847dd3d387268c082ca8f1ce4 /usr.sbin/httpd | |
| parent | 328569ec35f7f78497c1bc1321a8e810fe54ec50 (diff) | |
More apache 1.3.11 changes
Diffstat (limited to 'usr.sbin/httpd')
| -rw-r--r-- | usr.sbin/httpd/Announcement | 86 | ||||
| -rw-r--r-- | usr.sbin/httpd/INSTALL | 42 | ||||
| -rw-r--r-- | usr.sbin/httpd/INSTALL.SSL | 28 | ||||
| -rw-r--r-- | usr.sbin/httpd/KEYS | 77 | ||||
| -rw-r--r-- | usr.sbin/httpd/LICENSE.SSL | 2 | ||||
| -rw-r--r-- | usr.sbin/httpd/Makefile.bsd-wrapper | 5 | ||||
| -rw-r--r-- | usr.sbin/httpd/Makefile.tmpl | 25 | ||||
| -rw-r--r-- | usr.sbin/httpd/README.SSL | 3 | ||||
| -rw-r--r-- | usr.sbin/httpd/README.configure | 49 | ||||
| -rw-r--r-- | usr.sbin/httpd/config.layout | 42 | ||||
| -rw-r--r-- | usr.sbin/httpd/configure | 137 |
11 files changed, 341 insertions, 155 deletions
diff --git a/usr.sbin/httpd/Announcement b/usr.sbin/httpd/Announcement index 4c9996294e0..758b5cc4b66 100644 --- a/usr.sbin/httpd/Announcement +++ b/usr.sbin/httpd/Announcement @@ -1,53 +1,57 @@ -Apache 1.3.6 Released -===================== +Apache 1.3.11 Released +====================== -The Apache Group is pleased to announce the release of version -1.3.6 of the Apache HTTP server. +The Apache Software Foundation and The Apache Server Project are +pleased to announce the release of version 1.3.11 of the Apache HTTP server. +Apache 1.3.10 was not released due to a last-minute bug found and +fixed after the source was tagged and tested. -This new Apache version incorporates over 60 significant improvements +This new Apache version incorporates numerous significant improvements to the server. Apart from portability and security fixes, documentation enhancements, performance improvements, and assorted other minor features or fixes notable changes are: - - mod_log_config now supports conditional logging based upon - environment variables and support for multiline entries. - - - New CustomLog directive %V: This logs the hostname according to the - UseCanonicalName setting (this is the pre-1.3.4 behaviour of %v). - - - Enhanced mod_rewrite's mapfile handling: The in-core cache for text - and DBM format mapfiles now uses a hash table with LRU functionality. - Furthermore map lookups for non-existent keys are now cached as well. - The changes drastically improve the performance when large rewrite - maps are in use. - - - Ability to handle DES or MD5 authentication passwords. - - - New <LimitExcept> directive to allow the user to assign authentication - control to any HTTP method that is *not* given in the argument list; - i.e., the logical negation of the <Limit> directive. - - - Improved content negotiation. - - - New ScriptInterpreterSource directive to enable searching the - Win32 registry for script interpreters. - - - The FAQ document was reorganised. - - - Overhauled ApacheBench benchmark program. - - - Several new API functions have been added. + - Binary and shared builds on several platforms have been + improved. + + - The time that a parent waits for its children to die + after SIGKILL has been sent has been reduced. + + - Various suexec improvements. + + - More rigorous checking of Host: headers to fix security problems + with mass name-based virtual hosting. + + - Addition of the %q logging format directive (logs "?" and the query + string part of a query, or the empty string if no query). + + - Improvement of the OS390 port. + + - Several EBCDIC fixes. + + - Better error reporting during the "compiler sanity" check. + + - Fixed the `quad integer' (aka `long long') handling in ap_snprintf.c + + - mod_rewrite's general substitution function was overhauled. + + - Several WIN32 bugs have been fixed, including: + - CGIs broken if script calls other programs which deliver on stdout + (Search this file for "DETACHED") + - 16 bit CGIs should work now + - Server will not start if passed the -d option with spaces in the + argument. A complete listing with detailed descriptions is provided in the src/CHANGES file. -We consider Apache 1.3.6 to be the best version of Apache available and +We consider Apache 1.3.11 to be the best version of Apache available and we strongly recommend that users of older versions, especially of the 1.1.x and 1.2.x family, upgrade as soon as possible. No further releases will be made in the 1.2.x family. -Apache 1.3.6 is available for download from +Apache 1.3.11 is available for download from http://www.apache.org/dist/ @@ -58,7 +62,7 @@ Binary distributions are available from http://www.apache.org/dist/binaries/ -As of Apache 1.3.6 binary distributions contain all standard Apache +As of Apache 1.3.11 binary distributions contain all standard Apache modules as shared objects (if supported by the platform) and include full source code. Installation is easily done by executing the included install script. See the README.bindist and INSTALL.bindist @@ -86,10 +90,16 @@ its variants. IMPORTANT NOTE FOR WIN32 USERS: Over the years, many users have come to trust Apache as a secure and stable server. It must -be realized that the current Win32 code has not yet reached these -levels and should still be considered to be of beta quality. Any +be realized that the current Win32 code has not yet reached the +levels of the Unix version, but is of acceptable quality. Any Win32 stability or security problems do not impact, in any way, Apache on other platforms. With the continued donation of time and resources by individuals and companies, we hope that the Win32 version of Apache will grow stronger through the 1.3.x release cycle. + +Thank you for using Apache. +-- +See you at ApacheCon 2000 in Orlanda, Florida, March 8-10, 2000. + http://www.Apachecon.com/ + diff --git a/usr.sbin/httpd/INSTALL b/usr.sbin/httpd/INSTALL index 6e79938e247..b485c7d4f99 100644 --- a/usr.sbin/httpd/INSTALL +++ b/usr.sbin/httpd/INSTALL @@ -160,6 +160,8 @@ [--without-support] [--suexec-gidmin=GID] [--without-confadjust] [--suexec-safepath=PATH] [--without-execstrip] + [--server-uid=UID] + [--server-gid=GID] Use the CC, OPTIM, CFLAGS, INCLUDES, LDFLAGS, LIBS, CFLAGS_SHLIB, LD_SHLIB, LDFLAGS_SHLIB, LDFLAGS_SHLIB_EXPORT, RANLIB, DEPS and TARGET @@ -234,21 +236,23 @@ Use the --add-module=FILE option to copy a module source file to the Apache src/modules/extra/ directory and on-the-fly add an entry for it in the configuration file. FILE has to be a valid path to a C source file - outside the Apache source tree, for instance /path/to/mod_foo.c. The added - module this is way is automatically activated and enabled. Use this option - to automatically include a simple third-party module to the Apache build - process. - + outside the Apache source tree, for instance /path/to/mod_foo.c, or a + path to an already existing C source code file in src/modules/extra/, such + as src/modules/extra/mod_foo.c, in which case no copying will be done. + The added module this is way is automatically activated and enabled. Use + this option to automatically include a simple third-party module to the + Apache build process. + Use the --activate-module=FILE option to add an entry for an existing - module source file into the configuration file on-the-fly. FILE has to be - a valid path beginning with "src/modules/", and the file has to have been - copied to this location in the Apache source tree before running - configure. The module is automatically enabled. Use this option to - automatically include a complex third-party module to the Apache build - process where, for instance a module like mod_perl or mod_php3 consisting - of more than one file which are created by a third-party configuration - scheme. - + module object or library file into the configuration file on-the-fly. + FILE has to be a valid path beginning with "src/modules/", and the + corresponding file has to have been copied to this location in the Apache + source tree before running configure. The module is automatically + enabled. Use this option to automatically include a complex third-party + module to the Apache build process where, for instance a module like + mod_perl or mod_php3 consisting of more than one file which are created + by a third-party configuration scheme. + Use the --enable-module=NAME and --disable-module=NAME options to enable or disable a particular already distributed module from the Apache src/Configuration.tmpl file. The correct module names (no `mod_' prefix!) @@ -301,7 +305,7 @@ Request Logging (+) mod_log_config ... Customizable logging of requests (-) mod_log_agent .... Specialized HTTP User-Agent logging (deprecated) - (-) mod_log_refer .... Specialized HTTP Referrer logging (deprecated) + (-) mod_log_referer .. Specialized HTTP Referrer logging (deprecated) (-) mod_usertrack .... Logging of user click-trails via HTTP Cookies Miscellaneous (+) mod_imap ......... Server-side Image Map support @@ -411,6 +415,14 @@ Use the --verbose option to enable additional verbose messages. + Use the --server-uid option to specify the user ID you want the server to run + as. If not specified the server will run as user nobody. If the user ID + specified is different than the ID of the user starting the server, you need to + start the server as root. + + Use the --server-gid option to specify the group ID you want the server user ID to + be a member of. If not specified, the group ID will be #-1. + 4. Building the package -------------------- diff --git a/usr.sbin/httpd/INSTALL.SSL b/usr.sbin/httpd/INSTALL.SSL index 2e55ce7d4d7..d714a408658 100644 --- a/usr.sbin/httpd/INSTALL.SSL +++ b/usr.sbin/httpd/INSTALL.SSL @@ -37,12 +37,12 @@ Type: MANDATORY o Package: mod_ssl - Version: 2.4.x + Version: 2.5.x Description: The Apache Interface to OpenSSL Reason: The interface module for Apache Homepage: http://www.modssl.org/ Distribution: ftp://ftp.modssl.org/source/ - Tarball: mod_ssl-2.4.x-1.3.x.tar.gz + Tarball: mod_ssl-2.5.x-1.3.x.tar.gz Location: Zurich, Switzerland, Europe Author(s): Ralf S. Engelschall <rse@engelschall.com> Type: MANDATORY @@ -127,7 +127,7 @@ 2. Extract the required packages: $ gzip -d -c apache_1.3.x.tar.gz | tar xvf - ALL - $ gzip -d -c mod_ssl-2.4.x-1.3.x.tar.gz | tar xvf - ALL + $ gzip -d -c mod_ssl-2.5.x-1.3.x.tar.gz | tar xvf - ALL $ gzip -d -c openssl-0.9.x.tar.gz | tar xvf - ALL $ gzip -d -c mm-1.0.x.tar.gz | tar xvf - OPTIONAL $ mkdir rsaref-2.0 US @@ -231,7 +231,7 @@ RSA_BASE variables but get no intermediate chance to add more third-party Apache modules (e.g. mod_perl, PHP3, etc). - $ cd mod_ssl-2.4.x-1.3.x ALL + $ cd mod_ssl-2.5.x-1.3.x ALL $ ./configure \ ALL --with-apache=../apache_1.3.x \ ALL --with-ssl=../openssl-0.9.x \ ALL @@ -304,7 +304,7 @@ EAPI_MM variables manually and either copy your existing certificate manually to conf/ssl.crt/server.crt or use `make certificate': - $ cd mod_ssl-2.4.x-1.3.x ALL + $ cd mod_ssl-2.5.x-1.3.x ALL $ ./configure \ ALL --with-apache=../apache_1.3.x \ ALL --with-crt=/path/to/your/server.crt \ OPTIONAL @@ -378,7 +378,7 @@ EAPI_MM variables manually and more important: you have to install the Apache package manually, too. But feel free to be masochistic ;-) - $ cd mod_ssl-2.4.x-1.3.x ALL + $ cd mod_ssl-2.5.x-1.3.x ALL $ ./configure \ ALL --with-apache=../apache_1.3.x \ ALL --with-crt=/path/to/your/server.crt \ OPTIONAL @@ -437,7 +437,7 @@ o Read the mod_ssl user manual very carefully to understand the SSL-part of your Apache configuration: - $ netscape http://www.modssl.org/docs/2.4/ (official) + $ netscape http://www.modssl.org/docs/2.5/ (official) $ netscape http://localhost/manual/mod/mod_ssl/ (local copy) o Adjust your Apache configuration to your personal requirements. @@ -464,7 +464,7 @@ long as the Extended API (EAPI) didn't change and you've OpenSSL installed somewhere. For this you can use the following procedure: - $ cd mod_ssl-2.4.x-1.3.x ALL + $ cd mod_ssl-2.5.x-1.3.x ALL $ ./configure \ ALL --with-apxs[=/path/to/apache/sbin/apxs] \ ALL --with-ssl=/path/to/openssl \ ALL @@ -504,11 +504,11 @@ # extract the packages $ gzip -d -c apache_1.3.x.tar.gz | tar xvf - - $ gzip -d -c mod_ssl-2.4.x-1.3.x.tar.gz | tar xvf - + $ gzip -d -c mod_ssl-2.5.x-1.3.x.tar.gz | tar xvf - $ gzip -d -c mod_perl-1.xx.tar.gz | tar xvf - # apply mod_ssl to Apache source tree - $ cd mod_ssl-2.4.x-1.3.x + $ cd mod_ssl-2.5.x-1.3.x $ ./configure \ --with-apache=../apache_1.3.x $ cd .. @@ -541,7 +541,7 @@ # cleanup after work $ rm -rf mod_perl-1.xx - $ rm -rf mod_ssl-2.4.x-1.3.x + $ rm -rf mod_ssl-2.5.x-1.3.x $ rm -rf apache_1.3.x o Apache + mod_ssl/OpenSSL + PHP3/MySQL @@ -559,11 +559,11 @@ # extract the packages $ gzip -d -c apache_1.3.x.tar.gz | tar xvf - - $ gzip -d -c mod_ssl-2.4.x-1.3.x.tar.gz | tar xvf - + $ gzip -d -c mod_ssl-2.5.x-1.3.x.tar.gz | tar xvf - $ gzip -d -c php-3.0.x.tar.gz | tar xvf - # apply mod_ssl to Apache source tree - $ cd /mod_ssl-2.4.x-1.3.x + $ cd /mod_ssl-2.5.x-1.3.x $ ./configure \ --with-apache=../apache_1.3.x $ cd .. @@ -601,6 +601,6 @@ # cleanup after work $ rm -rf php-3.0.x - $ rm -rf mod_ssl-2.4.x-1.3.x + $ rm -rf mod_ssl-2.5.x-1.3.x $ rm -rf apache_1.3.x diff --git a/usr.sbin/httpd/KEYS b/usr.sbin/httpd/KEYS index 38f901631e7..5482538d688 100644 --- a/usr.sbin/httpd/KEYS +++ b/usr.sbin/httpd/KEYS @@ -40,14 +40,16 @@ q5He4RrTiXeAEFBzz+J+R+EQ -----END PGP PUBLIC KEY BLOCK----- -Type Bits/KeyID Date User ID -pub 1024/A99F75DD 1997/01/24 Rodent of Unusual Size <Ken.Coar@Golux.Com> - Rodent of Unusual Size <coar@Apache.Org> - Rodent of Unusual Size <Coar@Raleigh.IBM.Com> - Rodent of Unusual Size <Coar@DECUS.Org> +Type Bits KeyID Created Expires Algorithm Use +sec+ 1024 0xA99F75DD 1997-01-24 ---------- RSA Sign & Encrypt +uid Rodent of Unusual Size <Ken.Coar@Golux.Com> +uid Rodent of Unusual Size <coar@Apache.Org> +uid Rodent of Unusual Size <Coar@Raleigh.IBM.Com> +uid Rodent of Unusual Size <Ken.Coar@MeepZor.Com> +uid Rodent of Unusual Size <Ken@Coar.Org> -----BEGIN PGP PUBLIC KEY BLOCK----- -Version: 2.6.3a +Version: PGPfreeware 5.0i for non-commercial use mQCNAzLpIyUAAAEEAN9KC8CxTeozPYJjsnhFpJ14d4Hhf2M6OTgqPQFRHOswM/3j B7IW0s+HwVyQ5/SjIlo+8ur9X7yaj1FS2GQmKD1x9LKeHRAoosBIs33okRtoeDRy @@ -56,17 +58,47 @@ tCtSb2RlbnQgb2YgVW51c3VhbCBTaXplIDxLZW4uQ29hckBHb2x1eC5Db20+iQCV AwUQNiiZ2JrNPMCpn3XdAQGlgwP+JLlZvNV/fJ2azKIwjibDa4n2LUDxa7ofKboU QL+D7FD24zQcmzmkBQm/BL/FSUtxZasJkvdVbU98N3G4h3C4AyErfQOFcrepyGAB M88onQ1DbQ6tiUA3gw9gIB+2l1C5R8wBOtlwoRJM4GFvjjtRp+KaQqvN3f+lLMMt -hKYB70m0KFJvZGVudCBvZiBVbnVzdWFsIFNpemUgPGNvYXJAQXBhY2hlLk9yZz6J -AJUDBRA2KJmIms08wKmfdd0BAT3yBADEDHAn++77n7bLA/u9QYM2LBQHnXdw5Is8 -YGHpHcNZVDA8CtRTOdub8rhe9qgsid/jEry0hT9Sygfx/ry5ntjmF12ltnxBDPdZ -uU2DaHaIh/zBUAv0hyaQeAXEYiV9J75GrDkTj5Jrrnd623uyIRoMZPKYb+oqsZ4H -jIe/w+CDfrQtUm9kZW50IG9mIFVudXN1YWwgU2l6ZSA8Q29hckBSYWxlaWdoLklC -TS5Db20+iQCVAwUQNiiiaZrNPMCpn3XdAQFnMwP/cX21KHwg6ID7NoGzEKxsfZE/ -dEgRGHFp5T6vznI9fO9WZZ2HmISWjEjri5zAAmXvQG2nWEYFVcF1oWph/ndLgLws -PfIsZiPXpj1LD7oon5PEXvJlkFfpHDqiG4xOORbbGWBcv1sqkx6djkpfyXLoMD36 -5YazFuKurHpWPwAQRJK0J1JvZGVudCBvZiBVbnVzdWFsIFNpemUgPENvYXJAREVD -VVMuT3JnPg== -=kWdi +hKYB70mJAJUDBRAz3QWlms08wKmfdd0BAQMfBAC1c+9gr7ELthxwzYGTB7LiBk+p +UABsPG/hT9z/cTGN8YQbK6VXV74sPAaeyD/t56xFUI9CRktZCinXp2cxvbNTe3Q0 +MLtD/PlCSRsgwsEIoM+1An1S3qOXWiGBXoXl/DgRzz9GVnB04m5/SP9XLE4Tmz+1 +X/Gu4TJnRjZZxN4xoYkAPwMFEDb44af9b4jGIdCnGxECiFUAnR3RORpXVyclwFEl +euOwoynPQbY6AJ9H5rwHnz4gkE+AVp95++HmyeDkYIkAlQMFEDb45Ogxpj2W7BQL +gQEBaS4D/R+EzfuRPiX5LgV7C70xtplIgS1iK+h0ddkPAr3P3zPxY0AEOjM81hiz +Ol2Kf0TUMhhcLqO0UjNK9EyIHpO+Bf7pQoV050XYvcIwzNyVez5VCbDM7JA+vVeG +/Pb+O/tPyEs7peSpdJAP4Kbg4Eu4b6+1QTLKrBCTWkEuNHABOuzDiQCVAwUQNzs2 +CairDeBjG1dJAQGb7AQAzHChrwaosl01sLcmlItrsqmzSFL5hbLor9Wh8UjVeYxX +FMVgTQGs/AwN1B0W8PApOsz8mg0pSJm8VPHv+pc4Z9eNhUokfUsRJ4LHjREpr3Gh ++5LoZ53nk1f62VQSOCxOOJ50cAH2rqv/ym9EVCaZ7evfHIR7/KH5+sVpcs14c/20 +KFJvZGVudCBvZiBVbnVzdWFsIFNpemUgPGNvYXJAQXBhY2hlLk9yZz6JAJUDBRA2 +KJmIms08wKmfdd0BAT3yBADEDHAn++77n7bLA/u9QYM2LBQHnXdw5Is8YGHpHcNZ +VDA8CtRTOdub8rhe9qgsid/jEry0hT9Sygfx/ry5ntjmF12ltnxBDPdZuU2DaHaI +h/zBUAv0hyaQeAXEYiV9J75GrDkTj5Jrrnd623uyIRoMZPKYb+oqsZ4HjIe/w+CD +fokAPwMFEDb44bT9b4jGIdCnGxECzDAAoNR8md7KvzarecOh/6NpTb5r8JXJAJ0a +JtTzsoNXpLaVwSMiGdm5ts2qOYkAlQMFEDb45PYxpj2W7BQLgQEBxKID/11Dft+U +eLddkIDFjaJGrIOfQ11y+QlJWaQ2Him/qNzNP8w8ZJ/meAb4PMSeQOI3PVKulf8v +Mp3Z0Jh2irfn1ycqsui4kDe6azvd5PultRKTRljtwVIDuqsrVMVq/zNAC2bN6CUn +kkdZ2O7a5qIkDDYnyRzAEwKhJxleWrXYHiIhiQCVAwUQNzs2GqirDeBjG1dJAQHc +YgP/eRCEQW5DJ6JQol5HQ26UnjBfQGdXsRvpT6gFNCDy/Nv+b886WC9j99T3IU+A +ztXfOPfPh7oU/2yC0VOmSaZS9SQ/PuuFdNhMggR8Q7goWothdBsMOUyO3iYrQCRn +V3mLNsOT+/gpSt9diLujs7SpiQeHZmQaNMQUrJPBp7tTbsa0LVJvZGVudCBvZiBV +bnVzdWFsIFNpemUgPENvYXJAUmFsZWlnaC5JQk0uQ29tPokAlQMFEDYoommazTzA +qZ913QEBZzMD/3F9tSh8IOiA+zaBsxCsbH2RP3RIERhxaeU+r85yPXzvVmWdh5iE +loxI64ucwAJl70Btp1hGBVXBdaFqYf53S4C8LD3yLGYj16Y9Sw+6KJ+TxF7yZZBX +6Rw6ohuMTjkW2xlgXL9bKpMenY5KX8ly6DA9+uWGsxbirqx6Vj8AEESSiQA/AwUQ +Nvjhv/1viMYh0KcbEQI04wCfcrpxqgqoy0oaupHCgVoI+MGA6LkAoJzV0/kcC3IW +WhAbFLZ8DAmn0OnyiQCVAwUQNvjlADGmPZbsFAuBAQFfWAP/U7/1XFenZrzKuVXa +onrEn1Td8Iv85VROuAODPD/bX2N5eCIbQIAzQClns1KqT3lpFIpmpagm9Njkr4/h +G4agwnUliNCLZ9eIJIejh8MXZE9NfGoKitCrozxywmqlDKSJRBF3od8pJRGTVZF+ +8aqLaLCIJAaKmp3SSbPJDZZISO+0LVJvZGVudCBvZiBVbnVzdWFsIFNpemUgPEtl +bi5Db2FyQE1lZXBab3IuQ29tPokAlQMFEDexh0+azTzAqZ913QEByLkD/Rt0Wjm1 +i94iNsaCFrN7Oi9CxZ6Bb/0aytDRxA8tGBJvS6nlafOhfULzgPpId8kn1T7cW8LD +ALMAJKm71jYu1Nl89FfSiZpxJyRS5ox6EwTaWoUxhU5zsXB+F/ue5gAM2wlslxbx +rE9m/KK7HrdEFag4VYcDixii5V1sw4kHa2NftCVSb2RlbnQgb2YgVW51c3VhbCBT +aXplIDxLZW5AQ29hci5Pcmc+iQCVAwUQN7Gd35rNPMCpn3XdAQHcoQQArrWwFNeS +A5Yu1nEXevfStfkSUQqzA6qsREPgrczIOgsCfDR/RA/1P7GcxiOvY5mtckuvgkP0 +A9atWkCFX4A0UzerKAKaSirUd/V6Dm8w3hOR/e66I/rbQifZoV/KqvofRsxESV4U ++uXoBsleePwhpmDarpx1BlMJrjwhDDmGaVY= +=FPho -----END PGP PUBLIC KEY BLOCK----- Type Bits/KeyID Date User ID @@ -158,9 +190,10 @@ MxvPP+92zSyN3dyj/xWZYoRLwll+ync9d4KUFwKw45DALAvz1CKHMOpQPD7dIWdE Type Bits/KeyID Date User ID pub 1024/631B5749 1996/06/21 Randy Terbush <randy@zyzzyva.com> + Randy Terbush <randy@covalent.net> -----BEGIN PGP PUBLIC KEY BLOCK----- -Version: 2.6.3 +Version: 2.6.3ia mQCNAzHLBS8AAAEEANGFXb9o0NPVfVjSLvQh1j3fN6cMeVNA5BGUJ6HZGP/NDxTE i8hwejJqakkU4ux/g6Kqckrx3h8WR7OXZZ+R8CsA0bg9Sr42ndEQCUISgArg+lXZ @@ -168,8 +201,12 @@ gRUniARPPA7tamTSq8v1mnxqy9s26Ht2rAG2D6IiK/7v0JlezKirDeBjG1dJAAUR tCFSYW5keSBUZXJidXNoIDxyYW5keUB6eXp6eXZhLmNvbT6JAJUDBRAxywUwqKsN 4GMbV0kBAegnA/sH63WyfwMFmn3nWe8T/5IXO/QkMYoMGLS1i7IxMY9O8BVvKQM+ oxEcJdFAG7zPZkpgKzTBxmExz5hMZ9hwJ42XhrslWoP7JVvADJcdthrUAYW9W+jx -GcDYAW3qW5DpKsQchfvXq9QOBDxP+Kbbe2B8xGEyGUhLkacISFTrIhhQSg== -=8P8s +GcDYAW3qW5DpKsQchfvXq9QOBDxP+Kbbe2B8xGEyGUhLkacISFTrIhhQSrQiUmFu +ZHkgVGVyYnVzaCA8cmFuZHlAY292YWxlbnQubmV0PokAlQMFEDXwEhioqw3gYxtX +SQEBnaED/1AJCYW7jKCtBaZZLhp5TRtYSQxBMTmT2b4bDE4mbTb0VtDgpfrp5yOu +xTtJxiQ53jIenv58qYLMhVBUsuMjWjnTVtNF6531n0T6v/K0ByNmUqKwStH/8qLX +i+I4VWinALYcSOZDxranDey+1oVyw0NpvJMFFEhF0fmPRlSpaq5c +=x5FB -----END PGP PUBLIC KEY BLOCK----- Type Bits/KeyID Date User ID diff --git a/usr.sbin/httpd/LICENSE.SSL b/usr.sbin/httpd/LICENSE.SSL index abe9a13f1dc..cad8b6f65c6 100644 --- a/usr.sbin/httpd/LICENSE.SSL +++ b/usr.sbin/httpd/LICENSE.SSL @@ -18,7 +18,7 @@ detailed license information follows. ==================================================================== - Copyright (c) 1998-1999 Ralf S. Engelschall. All rights reserved. + Copyright (c) 1998-2000 Ralf S. Engelschall. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions diff --git a/usr.sbin/httpd/Makefile.bsd-wrapper b/usr.sbin/httpd/Makefile.bsd-wrapper index 7d9eb7eb063..83a160a5dd4 100644 --- a/usr.sbin/httpd/Makefile.bsd-wrapper +++ b/usr.sbin/httpd/Makefile.bsd-wrapper @@ -1,5 +1,5 @@ # Build wrapper for Apache -# $OpenBSD: Makefile.bsd-wrapper,v 1.11 2000/01/04 17:43:12 beck Exp $ +# $OpenBSD: Makefile.bsd-wrapper,v 1.12 2000/01/28 18:24:19 beck Exp $ # Our lndir is hacked; specify a full path to avoid potential conflicts # with the one installed with X11. @@ -328,6 +328,7 @@ MANUALFILES= \ manual/new_features_1_1.html \ manual/new_features_1_2.html \ manual/new_features_1_3.html \ + manual/netware.html \ manual/process-model.html \ manual/readme-tpf.html \ manual/sections.html \ @@ -349,6 +350,7 @@ MANUALFILES= \ manual/images/apache_pb.gif \ manual/images/mod_ssl_sb.gif \ manual/images/openssl_ics.gif \ + manual/images/feather.jpg \ manual/misc/API.html \ manual/misc/fin_wait_2.html \ manual/misc/FAQ.html \ @@ -370,6 +372,7 @@ MANUALFILES= \ manual/misc/security_tips.html \ manual/misc/perf.html \ manual/misc/vif-info.html \ + manual/misc/rewriteguide.html \ manual/misc/windoz_keepalive.html \ manual/search/manual-index.cgi \ manual/vhosts/details.html \ diff --git a/usr.sbin/httpd/Makefile.tmpl b/usr.sbin/httpd/Makefile.tmpl index 424779777ee..ab57a227e56 100644 --- a/usr.sbin/httpd/Makefile.tmpl +++ b/usr.sbin/httpd/Makefile.tmpl @@ -69,6 +69,9 @@ # safe environment SHELL = @SHELL@ +# what platform are we on +PLATFORM = @PLATFORM@ + # paths to the source tree parts TOP = . SRC = @SRC@ @@ -132,6 +135,7 @@ suexec_userdir = @suexec_userdir@ suexec_uidmin = @suexec_uidmin@ suexec_gidmin = @suexec_gidmin@ suexec_safepath = @suexec_safepath@ +suexec_umask = @suexec_umask@ # SSL (optional) ssl = @ssl@ @@ -188,12 +192,18 @@ build-quiet: # build the standard stuff build-std: - @cd $(TOP)/$(SRC); $(MAKE) $(MFLAGS) SDP=$(SRC)/ all + @case "x$(PLATFORM)" in \ + x*390*) _C89_STEPS="0xffffffff"; export _C89_STEPS;; \ + esac; \ + cd $(TOP)/$(SRC); $(MAKE) $(MFLAGS) SDP=$(SRC)/ all # build the additional support stuff build-support: @echo "===> $(SRC)/support"; \ - cd $(TOP)/$(SRC)/support; $(MAKE) $(MFLAGS) all; \ + case "x$(PLATFORM)" in \ + x*390*) _C89_STEPS="0xffffffff"; export _C89_STEPS;; \ + esac; \ + cd $(TOP)/$(SRC)/support; $(MAKE) $(MFLAGS) all || exit 1; \ if [ ".$(suexec)" = .1 ]; then \ $(MAKE) $(MFLAGS) \ EXTRA_CFLAGS='\ @@ -203,10 +213,11 @@ build-support: -DUSERDIR_SUFFIX=\"$(suexec_userdir)\" \ -DLOG_EXEC=\"$(suexec_logexec)\" \ -DDOC_ROOT=\"$(suexec_docroot)\" \ - -DSAFE_PATH=\"$(suexec_safepath)\" ' \ + -DSAFE_PATH=\"$(suexec_safepath)\" \ + $(suexec_umask)' \ suexec; \ - fi; \ - echo "<=== $(SRC)/support" + fi + @echo "<=== $(SRC)/support" # SSL certificate generation build-certificate: @@ -326,7 +337,7 @@ install-mktree: echo "chown $(conf_user) $(root)$(proxycachedir)"; \ chown $(conf_user) $(root)$(proxycachedir); \ echo "chgrp $(conf_group) $(root)$(proxycachedir)"; \ - chgrp $(conf_group) $(root)$(proxycachedir); \ + chgrp "$(conf_group)" $(root)$(proxycachedir); \ fi @echo "<=== [mktree]" @@ -515,7 +526,7 @@ install-include: # icons and distributed CGI scripts. install-data: @echo "===> [data: Installing initial data files]" - -@if [ -f $(root)$(htdocsdir)/index.html ]; then \ + -@if [ -f $(root)$(htdocsdir)/index.html ] || [ -f $(root)$(htdocsdir)/index.html.en ]; then \ echo "[PRESERVING EXISTING DATA SUBDIR: $(root)$(htdocsdir)/]"; \ else \ echo "Copying tree $(TOP)/htdocs/ -> $(root)$(htdocsdir)/"; \ diff --git a/usr.sbin/httpd/README.SSL b/usr.sbin/httpd/README.SSL index e8a09d268b8..e9522ba7899 100644 --- a/usr.sbin/httpd/README.SSL +++ b/usr.sbin/httpd/README.SSL @@ -36,9 +36,10 @@ o Open-Source software (BSD-style license) o Useable for both commercial and non-commercial use - o Available for both Unix and Win32 platforms + o Available for both Unix and Win32 (Windows 95/98/NT) platforms o 128-bit strong cryptography world-wide o Support for SSLv2, SSLv3 and TLSv1 protocols + o Support for both RSA and Diffie-Hellman ciphers o Clean reviewable ANSI C source code o Clean Apache module architecture o Integrates seamlessly into Apache through an Extended API (EAPI) diff --git a/usr.sbin/httpd/README.configure b/usr.sbin/httpd/README.configure index 4a7e0c50031..4c2b4e7da17 100644 --- a/usr.sbin/httpd/README.configure +++ b/usr.sbin/httpd/README.configure @@ -64,27 +64,27 @@ $ make install This builds Apache 1.3 with the standard set of enabled modules - (automatically determined from src/Configuration.tmpl) with a GNU-conforming - subdirectory layout under /path/to/apache. For using the old Apache 1.2 - subdirectory layout additionally use the --compat option: + (automatically determined from src/Configuration.tmpl) with an Apache 1.2 + conforming subdirectory layout under /path/to/apache. For using the GNU + style subdirectory layout additionally use the --with-layout=GNU option: - $ ./configure --compat --prefix=/path/to/apache + $ ./configure --with-layout=GNU --prefix=/path/to/apache $ make $ make install If you are not sure which directory layout you want, you can use the - --layout option. It displays the directory layout which would be used but - immediately exits without configuring anything. Examples: + --show-layout option. It displays the directory layout which would be used + but immediately exits without configuring anything. Examples: - $ ./configure --layout - $ ./configure --prefix=/path/to/apache --layout - $ ./configure --compat --prefix=/path/to/apache --layout + $ ./configure --show-layout + $ ./configure --prefix=/path/to/apache --show-layout + $ ./configure --with-layout=GNU --prefix=/path/to/apache --show-layout Additionally if some of the shown paths still don't fit for your particular situation, you can use the --bindir, --sbindir, --libexecdir, --mandir, --sysconfdir, --datadir, --localstatedir, --runtimedir, --logfiledir and --proxycachedir options to adjust the layout as required. Always check with - --layout the resulting directory layout which would be used for + --show-layout the resulting directory layout which would be used for installation. suEXEC support @@ -263,28 +263,7 @@ $ make $ make install - 2. How you can install Apache with a dynamically linked PHP: - - $ gunzip <apache_1.3.X.tar.gz | tar xvf - - $ gunzip <php-3.0.tar.gz | tar xvf - - $ cd apache_1.3.X - $ ./configure --prefix=/path/to/apache - $ cd ../php-3.0 - $ ./configure --with-shared-apache=../apache_1.3.X - $ make - $ make install - - [optionally you now have the chance to prepare or add more - third-party modules to the Apache source tree] - - $ cd ../apache_1.3.X - $ ./configure --prefix=/path/to/apache \ - --activate-module=src/modules/php3/libphp3.a \ - --enable-shared=php3 - $ make - $ make install - - 3. You can also use APXS: + 2. You can also use APXS: $ cd apache-1.3.X $ ./configure --prefix=/path/to/apache --enable-shared=max @@ -298,8 +277,12 @@ $ make install At this point don't forget to edit your conf/httpd.conf file and - make sure the file contains the line: + make sure the file contains the line for PHP 3: AddType application/x-httpd-php3 .php3 + Or this line for PHP 4: + + AddType application/x-httpd-php .php + Then restart your server. diff --git a/usr.sbin/httpd/config.layout b/usr.sbin/httpd/config.layout index 9e8c0c72337..aa0948fc74d 100644 --- a/usr.sbin/httpd/config.layout +++ b/usr.sbin/httpd/config.layout @@ -150,6 +150,46 @@ proxycachedir: $localstatedir/proxy </Layout> +# SuSE 6.x layout +<Layout SuSE> + prefix: /usr + exec_prefix: $prefix + bindir: $prefix/bin + sbindir: $prefix/sbin + libexecdir: $prefix/lib/apache + mandir: $prefix/man + sysconfdir: /etc/httpd + datadir: /usr/local/httpd + iconsdir: $datadir/icons + htdocsdir: $datadir/htdocs + cgidir: $datadir/cgi-bin + includedir: $prefix/include/apache + localstatedir: /var + runtimedir: $localstatedir/run + logfiledir: $localstatedir/log/httpd + proxycachedir: $localstatedir/cache/httpd +</Layout> + +# BSD/OS layout +<Layout BSDI> + prefix: /var/www + exec_prefix: /usr/contrib + bindir: $exec_prefix/bin + sbindir: $exec_prefix/bin + libexecdir: $exec_prefix/libexec/apache + mandir: $exec_prefix/man + sysconfdir: $prefix/conf + datadir: $prefix + iconsdir: $datadir/icons + htdocsdir: $datadir/htdocs + cgidir: $datadir/cgi-bin + includedir: $exec_prefix/include/apache + localstatedir: /var + runtimedir: $localstatedir/run + logfiledir: $localstatedir/log/httpd + proxycachedir: $localstatedir/proxy +</Layout> + # OpenBSD apache path layout. <Layout OpenBSD> prefix: /var/www @@ -168,4 +208,4 @@ runtimedir: /var/www/logs logfiledir: /var/www/logs proxycachedir: /var/www/proxy -</Layout> +</Layout>
\ No newline at end of file diff --git a/usr.sbin/httpd/configure b/usr.sbin/httpd/configure index b78b851c315..58e05e2b58d 100644 --- a/usr.sbin/httpd/configure +++ b/usr.sbin/httpd/configure @@ -55,16 +55,16 @@ ## project, please see <http://www.apache.org/>. ## -## Force SSL_BASE=SYSTEM -SSL_BASE=SYSTEM -export SSL_BASE - ## ## configure -- Apache Autoconf-style Interface (APACI) ## ## Initially written by Ralf S. Engelschall <rse@apache.org> ## +## Force SSL_BASE=SYSTEM +SSL_BASE=SYSTEM +export SSL_BASE + # default input separator chars: <space><tab><cr> DIFS=' ' @@ -138,6 +138,7 @@ if [ $# -eq 0 ]; then fi ## +## ## determine path to (optional) Perl interpreter ## PERL=no-perl-on-this-system @@ -201,6 +202,16 @@ case "`$TAR -tf /dev/null --version 2>/dev/null`" in esac ## +## Request USTAR format for tar files on OS/390 +## Request that prelink step be used for 390 +## +case $PLATFORM in + *-IBM-OS390*) + TAROPT="${TAROPT}U" + ;; +esac + +## ## determine path to sh, it's not /bin/sh on ALL systems ## SHELL=/bin/sh @@ -233,6 +244,8 @@ suexec_userdir=public_html suexec_uidmin=100 suexec_gidmin=100 suexec_safepath="/usr/local/bin:/usr/bin:/bin" +# if the umask is undefined, we don't change it +#suexec_umask=0755 # the installation flags iflags_program="-m 755 -s" @@ -240,12 +253,6 @@ iflags_core="-m 755" iflags_dso="-m 755" iflags_script="-m 755" iflags_data="-m 644" -case $PLATFORM in - *OS/2* ) - iflags_program="$iflags_program -e .exe" - iflags_core="$iflags_core -e .exe" - ;; -esac # ssl defaults ssl=0 @@ -264,7 +271,7 @@ IFS=' for rule in `grep '^Rule' $src/Configuration.tmpl`; do rule=`echo "$rule" | sed -e 's/^Rule[ ]*//'` name=`echo "$rule" | sed -e 's/=.*$//'` - namelow=`echo "$name" | tr 'A-Z' 'a-z'` + namelow=`echo "$name" | tr '[A-Z]' '[a-z]'` arg=`echo "$rule" | sed -e 's/^.*=//'` eval "rule_$namelow=$arg" rules="$rules:$namelow" @@ -334,7 +341,16 @@ case $PLATFORM in iflags_core="${iflags_core} -S \"-S\"" iflags_dso="${iflags_dso} -S \"-S\"" ;; - *) + *OS/2* ) + default_layout="Apache" + iflags_program="${iflags_program} -e .exe" + iflags_core="${iflags_core} -e .exe" + ;; + *MPE/iX* ) + default_layout="Apache" + iflags_program="-m 755" + ;; + *) default_layout="Apache" ;; esac @@ -355,6 +371,12 @@ case "$*" in esac ## +## Initialize server user ID and group ID variables +## +conf_user="" +conf_group="" + +## ## Iterate over the command line options the first time. ## ## This time we pre-process options which need high priority @@ -421,9 +443,12 @@ do echo " --enable-shared=NAME enable build of Module named 'NAME' as a DSO" echo " --disable-shared=NAME disable build of Module named 'NAME' as a DSO" echo " --with-perl=FILE path to the optional Perl interpreter" + echo " --with-port=PORT set the port number for httpd.conf" echo " --without-support disable the build and installation of support tools" echo " --without-confadjust disable the user/situation adjustments in config" echo " --without-execstrip disable the stripping of executables on installation" + echo " --server-uid=UID set the user ID the web server should run as [nobody]" + echo " --server-gid=GID set the group ID the web server UID is a memeber of [-1]" echo "" echo "suEXEC options:" echo " --enable-suexec enable the suEXEC feature" @@ -434,6 +459,7 @@ do echo " --suexec-uidmin=UID set the suEXEC minimal allowed UID [$suexec_uidmin]" echo " --suexec-gidmin=GID set the suEXEC minimal allowed GID [$suexec_gidmin]" echo " --suexec-safepath=PATH set the suEXEC safe PATH [$suexec_safepath]" + echo " --suexec-umask=UMASK set the umask for the suEXEC'd script [server's umask]" echo "" echo "Deprecated options:" echo " --layout backward compat only: use --show-layout" @@ -552,9 +578,7 @@ do ;; esac # determine GNU platform triple - # (the use of `awk' and not `$AWK' here is correct, because this - # Makefile is for platform bootstrapping, so don't hardcode paths) - gnutriple=`$aux/GuessOS | sed -e 's:/:-:g' | awk '{ printf("%s",$1); }'` + gnutriple=`$aux/GuessOS | sed -e 's:/:-:g' | $AWK '{ printf("%s",$1); }'` # create Makefile wrapper (the first time only) if [ "x`ls $top/src.* 2>/dev/null`" = "x" ]; then if [ "x$quiet" = "xno" ]; then @@ -569,7 +593,9 @@ do else echo "SHADOW=." >> Makefile fi - echo "GNUTRIPLE=\`$aux/GuessOS | sed -e 's:/:-:g' | $AWK '{ printf(\"%s\",\$\$1); }'\`" >> Makefile + # (the use of `awk' and not `$AWK' here is correct, because this + # Makefile is for platform bootstrapping, so don't hardcode paths) + echo "GNUTRIPLE=\`$aux/GuessOS | sed -e 's:/:-:g' | awk '{ printf(\"%s\",\$\$1); }'\`" >> Makefile echo "" >> Makefile echo "all build install install-quiet clean distclean:" >> Makefile echo " @cd \$(SHADOW); \$(MAKE) -f Makefile.\$(GNUTRIPLE) \$(MFLAGS) \$@" >> Makefile @@ -634,6 +660,18 @@ do datadir="$apc_optarg" autosuffix_datadir=no ;; + --iconsdir=*) + iconsdir="$apc_optarg" + autosuffix_iconsdir=no + ;; + --htdocsdir=*) + htdocsdir="$apc_optarg" + autosuffix_htdocsdir=no + ;; + --cgidir=*) + cgidir="$apc_optarg" + autosuffix_cgidir=no + ;; --includedir=*) includedir="$apc_optarg" autosuffix_includedir=no @@ -909,6 +947,9 @@ do --with-perl=*) PERL="$apc_optarg" ;; + --with-port=*) + port="$apc_optarg" + ;; --without-support) support=0 ;; @@ -946,6 +987,27 @@ do suexec_safepath="$apc_optarg" suexec_ok=1 ;; + --suexec-umask=*) + suexec_umask_val="$apc_optarg" + suexec_umask="-DSUEXEC_UMASK=$apc_optarg" + suexec_ok=1 + ;; + --server-uid=*) + conf_user="$apc_optarg" + # protect the '#' against interpretation as comment + case x"${conf_user}" in + "#"*) conf_user="\\\\${conf_user}";; + "\\#"*)conf_user="\\${conf_user}";; + esac + ;; + --server-gid=*) + conf_group="$apc_optarg" + # protect the '#' against interpretation as comment + case x"${conf_group}" in + "#"*) conf_group="\\\\${conf_group}";; + "\\#"*)conf_group="\\${conf_group}";; + esac + ;; * ) echo "configure:Error: invalid option '$apc_option'" 1>&2 exit 1 @@ -1046,9 +1108,9 @@ IFS="$DIFS" for var in prefix exec_prefix bindir sbindir libexecdir mandir \ sysconfdir datadir iconsdir htdocsdir cgidir includedir \ localstatedir runtimedir logfiledir proxycachedir \ - suexec_docroot suexec_logexec; do + suexec_docroot suexec_logexec ; do eval "val=\"\$$var\""; - val=`echo $val | sed -e 's:/*$::'` + val=`echo $val | sed -e 's:\(.\)/*$:\1:'` eval "$var=\"$val\"" # expand value eval "val=\$$var" @@ -1097,20 +1159,25 @@ fi ## on platforms using NIS. But then you propably do not want a ## UID/GID as production oriented as a web server in NIS anyway. ## -conf_user="nobody" -conf_group="#-1" -conf_port="80" +if [ "x$port" != "x" ]; then + conf_port=$port +else + conf_port="80" +fi conf_port_ssl="443" conf_serveradmin="you@your.address" conf_servername="new.host.name" if [ "x$confadjust" = "x1" ]; then if [ -f /etc/passwd ]; then + if [ "x$conf_user" = "x" ]; then for uid in nobody www daemon demon http httpd; do if [ "x`egrep \^${uid}: /etc/passwd`" != "x" ]; then conf_user="$uid" break fi done + fi + if [ "x$conf_group" = "x" ]; then for gid in nobody nogroup www daemon demon http httpd; do if [ "x`egrep \^${gid}: /etc/group`" != "x" ]; then conf_group="$gid" @@ -1118,7 +1185,8 @@ if [ "x$confadjust" = "x1" ]; then fi done fi - if [ "x`${SHELL} $aux/getuid.sh`" != "x0" ]; then + fi + if [ "x`${SHELL} $aux/getuid.sh`" != "x0" -a "x$port" = "x" ]; then conf_port="8080" conf_port_ssl="8443" fi @@ -1127,6 +1195,17 @@ if [ "x$confadjust" = "x1" ]; then fi ## +## Default server user id and group id if not specified on configure invocation and none +## of the ids in /etc/passwd or /etc/group worked. +## +if [ "x$conf_user" = "x" ]; then + conf_user="nobody" +fi +if [ "x$conf_group" = "x" ]; then + conf_group="\\\\#-1" +fi + +## ## determine prefix-relative paths for directories ## because Apache supports them for the -d and -f ## options, the LoadModule directive, etc. @@ -1187,6 +1266,11 @@ if [ "x$show_layout" = "x1" ]; then echo " caller ID: $suexec_caller" echo " minimum user ID: $suexec_uidmin" echo " minimum group ID: $suexec_gidmin" + if [ "x$suexec_umask" != "x" ]; then + echo " umask: $suexec_umask_val" + else + echo " umask: running server's" + fi echo "" fi exit 0 @@ -1199,6 +1283,7 @@ if [ "x$quiet" = "xno" ]; then echo "Creating $mkf" fi sed <Makefile.tmpl >$mkf \ +-e "s%@PLATFORM@%$PLATFORM%g" \ -e "s%@PERL@%$PERL%g" \ -e "s%@TAR@%$TAR%g" \ -e "s%@TAROPT@%$TAROPT%g" \ @@ -1236,6 +1321,7 @@ sed <Makefile.tmpl >$mkf \ -e "s%@suexec_uidmin@%$suexec_uidmin%g" \ -e "s%@suexec_gidmin@%$suexec_gidmin%g" \ -e "s%@suexec_safepath@%$suexec_safepath%g" \ +-e "s%@suexec_umask@%$suexec_umask%g" \ -e "s%@ssl@%$ssl%g" \ -e "s%@conf_user@%$conf_user%g" \ -e "s%@conf_group@%$conf_group%g" \ @@ -1490,10 +1576,13 @@ rm -f $tplconf 2>/dev/null ## create all other Makefiles by running the proprietary ## $src/Configure script with our custom Configuration.apaci file ## +if [ "x$verbose" = "xyes" ]; then + vflag="-v"; +fi if [ "x$quiet" = "xyes" ]; then - (cd $src; ${SHELL} ./Configure -file Configuration.apaci >/dev/null); + (cd $src; ${SHELL} ./Configure ${vflag} -file Configuration.apaci >/dev/null); else - (cd $src; ${SHELL} ./Configure -file Configuration.apaci |\ + (cd $src; ${SHELL} ./Configure ${vflag} -file Configuration.apaci |\ sed -e '/^Using config file:.*/d' \ -e "s:Makefile in :Makefile in $src\\/:" \ -e "s:Makefile\$:Makefile in $src:") |