Security bump to address CAN-2005-2700. Fixes bug 104807

(Portage version: 2.0.51.22-r2)
author: Michael Stewart <vericgar@gentoo.org> 2005-09-10 22:32:08 +0000
committer: Michael Stewart <vericgar@gentoo.org> 2005-09-10 22:32:08 +0000
commit: a16c3c3080964e370f5e31f158779e4a092b5d0f (patch)
tree: 2b5109fab735020e010a253e4cc96ca4648f14ca /net-www
parent: Mark 0.08 stable on alpha (diff)
download: gentoo-2-a16c3c3080964e370f5e31f158779e4a092b5d0f.tar.gz
gentoo-2-a16c3c3080964e370f5e31f158779e4a092b5d0f.tar.bz2
gentoo-2-a16c3c3080964e370f5e31f158779e4a092b5d0f.zip
12 files changed, 764 insertions, 26 deletions
diff --git a/net-www/apache/ChangeLog b/net-www/apache/ChangeLog
index fb094fc73347..2a65ae1bd530 100644
--- a/net-www/apache/ChangeLog
+++ b/net-www/apache/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for net-www/apache
 # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-www/apache/ChangeLog,v 1.405 2005/09/10 20:30:07 vericgar Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-www/apache/ChangeLog,v 1.406 2005/09/10 22:32:08 vericgar Exp $
+
+*apache-1.3.33-r11 (10 Sep 2005)
+*apache-1.3.33-r6 (10 Sep 2005)
+
+  10 Sep 2005; Michael Stewart <vericgar@gentoo.org>
+  +apache-1.3.33-r6.ebuild, +apache-1.3.33-r11.ebuild:
+  Security bump to address CAN-2005-2700. Fixes bug 104807
 
   10 Sep 2005; Michael Stewart <vericgar@gentoo.org> -apache-2.0.50.ebuild,
   -apache-2.0.51.ebuild, -apache-2.0.51-r1.ebuild, -apache-2.0.52.ebuild,
diff --git a/net-www/apache/Manifest b/net-www/apache/Manifest
index 7699d255aca1..bc62300f1576 100644
--- a/net-www/apache/Manifest
+++ b/net-www/apache/Manifest
@@ -12,8 +12,10 @@ MD5 7ffd5d16d8cb2f8192d1fc48b75371df apache-1.3.33-r3.ebuild 6952
 MD5 2c34b40a3fe461014b19ca5e4763203e apache-1.3.33-r4.ebuild 8673
 MD5 eb173dd548089cf594c543d29b48948c apache-1.3.33-r5.ebuild 7105
 MD5 ca6b47f0c2a0006b71fc1153937824e5 apache-1.3.33.ebuild 6927
+MD5 01fa2653732fe47fe5df668b34140e83 apache-1.3.33-r11.ebuild 8773
+MD5 6cf3bcd425167f139c53184a5300dd31 apache-1.3.33-r6.ebuild 7112
 MD5 b5d4fed77e07a1465c1d9edab4e306db apache-2.0.54-r30.ebuild 12649
-MD5 1a78b4da48fe9045403a1302ec3b01ea ChangeLog 68710
+MD5 034d08846952cbea971f92b2a99b6726 ChangeLog 68944
 MD5 37f5ed6f2423381241b029e6685bcdd2 metadata.xml 493
 MD5 6984dca404209fbedd4492e8ffdd8298 apache-2.0.54-r9.ebuild 12609
 MD5 8b12871dd74fcd3f4fdf451c9d8c259e files/00_apache_manual.conf 781
@@ -46,6 +48,8 @@ MD5 7534b79d78a91297c44cc69ac4545cc8 files/digest-apache-1.3.33-r2 286
 MD5 bb9ffec6d5f5d409b6705a2d8c19bc6a files/digest-apache-1.3.33-r3 212
 MD5 0282c9d20ad05b752812c62f655b50ce files/digest-apache-1.3.33-r4 286
 MD5 b75d2bfc008916e050f1bafb8a04c944 files/digest-apache-1.3.33-r5 221
+MD5 81bbd0e99cf3c40a3f803533fd41370d files/digest-apache-1.3.33-r11 287
+MD5 324e63ccba6d27b9d9b08209c9992fe4 files/digest-apache-1.3.33-r6 221
 MD5 b9ff3534313dae1b8ac96df0e3e01373 files/httpd-2.0.48-ipv6.patch 865
 MD5 d52999376f67a872ee48cbae72db0160 files/httpd-2.0.49-cgi.patch 10319
 MD5 8cb4313e58d7bd5dc369eb92f75daa2b files/httpd-2.0.49-ipv6.patch 788
diff --git a/net-www/apache/apache-1.3.33-r11.ebuild b/net-www/apache/apache-1.3.33-r11.ebuild
new file mode 100644
index 000000000000..14bfde21b54f
--- /dev/null
+++ b/net-www/apache/apache-1.3.33-r11.ebuild
@@ -0,0 +1,311 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-www/apache/apache-1.3.33-r11.ebuild,v 1.1 2005/09/10 22:32:08 vericgar Exp $
+
+inherit eutils fixheadtails
+
+# latest gentoo apache files
+GENTOO_PATCHNAME="gentoo-apache-${PVR}"
+GENTOO_PATCHSTAMP="20050910"
+GENTOO_DEVSPACE="vericgar"
+GENTOO_PATCHDIR="${WORKDIR}/${GENTOO_PATCHNAME}"
+
+# The mod_ssl archive is only for providing the EAPI patch in here.
+# You should install the net-www/mod_ssl package for the actual DSO.
+mod_ssl_ver=2.8.24
+lingerd_ver=0.94
+
+DESCRIPTION="The Apache Web Server"
+HOMEPAGE="http://httpd.apache.org"
+SRC_URI="mirror://apache/httpd/apache_${PV}.tar.gz
+		ssl? ( ftp://ftp.modssl.org/source/mod_ssl-${mod_ssl_ver}-${PV}.tar.gz )
+		lingerd? ( http://images.iagora.com/media/software/lingerd/lingerd-${lingerd_ver}.tar.gz )
+		http://dev.gentoo.org/~${GENTOO_DEVSPACE}/dist/apache/${GENTOO_PATCHNAME}-${GENTOO_PATCHSTAMP}.tar.bz2"
+
+LICENSE="Apache-2.0"
+SLOT="1"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86"
+IUSE="doc ssl pam lingerd no-suexec static-modules apache2 selinux"
+
+DEPEND="dev-lang/perl
+		>=sys-libs/db-1.85-r1
+		>=dev-libs/mm-1.1.3
+		>=sys-libs/gdbm-1.8
+		>=dev-libs/expat-1.95.2
+		net-www/gentoo-webroot-default
+		app-misc/mime-types
+		selinux? ( sec-policy/selinux-apache )
+		lingerd? ( =net-www/lingerd-${lingerd_ver} )"
+
+# so leave it out until it's available
+PDEPEND="ssl? ( =net-www/mod_ssl-${mod_ssl_ver}-r1 )"
+
+S=${WORKDIR}/${PN}_${PV}
+
+src_unpack() {
+	unpack ${A} || die
+	cd ${S} || die
+
+	EPATCH_SUFFIX="patch"
+	epatch ${GENTOO_PATCHDIR}/patches/[0-2]*
+
+	# setup the filesystem layout config
+	cat ${GENTOO_PATCHDIR}/patches/config.layout >> config.layout
+	sed -i -e 's:version:${PF}:g' config.layout
+
+	if useq pam; then
+		epatch ${GENTOO_PATCHDIR}/patches/31_all_gentoo_suexec_pam.patch || die "pam patch failed"
+	fi
+
+	# fix obsolete 'head -1' and 'tail -1' calls
+	ht_fix_file src/Configure src/helpers/getuid.sh src/helpers/buildinfo.sh src/helpers/fmn.sh
+
+	# setup mod_ssl eapi
+	if useq ssl; then
+		local myssl
+		myssl=${WORKDIR}/mod_ssl-${mod_ssl_ver}-${PV}
+		cp ${myssl}/pkg.eapi/*.h src/include
+		cp ${myssl}/pkg.eapi/*.c src/ap
+		epatch ${myssl}/pkg.eapi/eapi.patch || die "failed to setup mod_ssl eapi"
+	fi
+
+	# set a reasonable MM_CORE_PATH location..
+	sed -i -e 's:logs/mm:/var/cache/apache-mm/mm:' src/include/httpd.h
+
+	if useq lingerd; then
+		local mylingerd=${WORKDIR}/lingerd-${lingerd_ver}
+		cp ${mylingerd}/apache-1.3/ap_lingerd.c ${mylingerd}/li_config.h src/main
+		cd src
+		if useq ssl; then
+			epatch ${mylingerd}/apache-1.3/aplinger-ssl.diff
+		else
+			epatch ${mylingerd}/apache-1.3/aplinger.diff
+		fi
+		cd ..
+	fi
+}
+
+src_compile() {
+	local myconf
+
+	setup_apache_vars
+
+	select_modules_config || die "determining modules"
+
+	if ! useq no-suexec; then
+		myconf="${myconf}
+				--enable-suexec
+				--suexec-uidmin=1000 \
+				--suexec-gidmin=100 \
+				--suexec-caller=apache \
+				--suexec-userdir=public_html \
+				--suexec-docroot=/var/www \
+				--suexec-safepath="/usr/local/bin:/usr/bin:/bin" \
+				--suexec-logfile=/var/log/apache/suexec_log"
+	fi
+
+	if useq ssl; then
+		myconf="${myconf} --enable-rule=EAPI"
+	fi
+
+	OPTIM="${MY_CFLAGS} -DHARD_SERVER_LIMIT=${HARD_SERVER_LIMIT:=512} \
+		-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64" \
+	LIBS="-ldb -lgdbm -lgdbm_compat -lpthread" \
+	EAPI_MM=SYSTEM \
+	./configure \
+		--with-layout=Gentoo \
+		--target=apache \
+		--server-uid=apache \
+		--server-gid=apache \
+		--with-perl=/usr/bin/perl \
+		--enable-rule=SHARED_CHAIN \
+		${MY_BUILTINS} ${myconf} || die "bad ./configure please submit bug report to bugs.gentoo.org. Include your config.layout and config.log"
+
+	emake || die "problem compiling apache"
+
+	# build ssl version of apache bench (ab-ssl)
+	if useq ssl; then
+		cd src/support
+		rm -f ab ab.o
+		make ab CFLAGS="${CFLAGS} -DUSE_SSL -lcrypto -lssl -I/usr/include/openssl -L/usr/lib" || die
+		mv ab ab-ssl
+		rm -f ab.o
+		make ab || die
+	fi
+}
+
+src_install() {
+	# setup apache user and group
+	enewgroup apache 81
+	enewuser apache 81 -1 /var/www apache
+
+	# general install
+	make install-quiet root=${D} || die
+	dodoc ABOUT_APACHE Announcement INSTALL LICENSE README* ${GENTOO_PATCHDIR}/docs/robots.txt
+
+	# protect the suexec binary
+	if ! useq no-suexec; then
+		fowners root:apache /usr/sbin/suexec
+		fperms 4710 /usr/sbin/suexec
+	fi
+
+	# apxs needs this to pickup the right lib for install
+	dosym /usr/lib /usr/lib/apache/lib
+	dosym /var/log/apache /usr/lib/apache/logs
+	dosym /etc/apache /usr/lib/apache/conf
+
+	# nice support scripts
+	exeinto /usr/sbin
+	for i in apachelogserverstatus apachesplitlogfile; do
+		doexe ${GENTOO_PATCHDIR}/scripts/${i}
+	done
+
+	# some more scripts
+	for i in split-logfile logresolve.pl log_server_status; do
+		doexe ${S}/src/support/${i}
+	done
+
+	# the ssl version of apache bench
+	if useq ssl; then
+		doexe src/support/ab-ssl
+	fi
+
+	# drop in a convenient link to the manual
+	if useq doc; then
+		insinto /etc/apache/modules.d
+		doins ${GENTOO_PATCHDIR}/conf/modules.d/00_apache_manual.conf
+		sed -i -e "s:1.3.32:${PVR}:" ${D}/etc/apache/modules.d/00_apache_manual.conf
+	else
+		rm -rf ${D}/usr/share/doc/${PF}/manual
+	fi
+
+	# tidy up
+	cd ${D}
+	dodoc etc/apache/*.default
+	rm -f etc/apache/*.default
+	rm -f etc/apache/*.conf
+	rm -f etc/apache/mime.types
+
+	# we DEPEND on net-www/gentoo-webroot-default for sharing this by now
+	rm -rf var/www/localhost
+
+	# config files
+	insinto /etc/conf.d
+	newins ${GENTOO_PATCHDIR}/init/apache.confd apache
+
+	exeinto /etc/init.d
+	newexe ${GENTOO_PATCHDIR}/init/apache.initd apache
+
+	insinto /etc/apache
+	doins ${GENTOO_PATCHDIR}/conf/apache-builtin-mods
+	doins ${GENTOO_PATCHDIR}/conf/httpd.conf
+
+	insinto /etc/apache/vhosts.d
+	doins ${GENTOO_PATCHDIR}/conf/vhosts.d/00_default_vhost.conf
+
+	keepdir /etc/apache/vhosts.d
+	keepdir /etc/apache/modules.d
+
+	# Added by Jason Wever <weeve@gentoo.org>
+	# A little sedfu to fix bug #7172 for sparc64s
+	if [ ${ARCH} = "sparc" ]; then
+		sed -i -e '15a\AcceptMutex fcntl' ${D}/etc/apache/httpd.conf
+	fi
+
+	if useq lingerd; then
+		sed -i 's:\(need net.*\):\1 lingerd:g' ${D}/etc/init.d/apache
+	fi
+
+	if useq pam; then
+		insinto /etc/pam.d
+		newins ${GENTOO_PATCHDIR}/patches/suexec.pam suexec
+	fi
+
+	# empty dirs
+	for i in /var/log/apache /var/cache/apache /var/cache/apache-mm; do
+		keepdir ${i}
+		fowners apache:apache ${i}
+		fperms 755 ${i}
+	done
+}
+
+pkg_postinst() {
+	einfo
+	einfo "Please remember to update your config files in /etc/apache"
+	einfo "as --datadir has been changed to ${DATADIR}, and ServerRoot"
+	einfo "has changed to /usr/lib/apache!"
+	einfo
+
+	# Check for obsolete symlinks
+	local list=""
+	for i in lib logs modules extramodules; do
+		local d="/etc/apache/${i}"
+		[ -s "${d}" ] && list="${list} ${d}"
+	done
+	[ -n "${list}" ] && einfo "You should delete these old symlinks: ${list}"
+
+	if has_version '<net-www/apache-1.3.33-r10' ; then
+		einfo "Configuration locations have changed, you will need to migrate"
+		einfo "your configuration from /etc/apache/conf/apache.conf and"
+		einfo "/etc/apache/conf/commonapache.conf to /etc/apache/httpd.conf."
+		einfo
+		einfo "Apache now checks for the old configuration and refuses to start"
+		einfo "if it exists. You must remove the old configuration first"
+		einfo
+		einfo "For more information, see"
+		einfo "  http://www.gentoo.org/doc/en/apache-upgrading.xml"
+		einfo
+	fi
+
+	if use apache2 ; then
+		ewarn "You have apache2 in USE. Any modules that you"
+		ewarn "install may depend on apache-2.* instead of"
+		ewarn "apache-1*. It's recommended that you remove"
+		ewarn "apache2 from USE."
+	fi
+
+
+}
+
+setup_apache_vars() {
+	MY_CFLAGS="${CFLAGS}"
+	unset CFLAGS
+	unset CXXFLAGS
+
+	# standard location for Gentoo Linux
+	DATADIR="${DATADIR:-/var/www/localhost}"
+	einfo "DATADIR is set to: ${DATADIR}"
+}
+
+parse_modules_config() {
+	local name=""
+	local disable=""
+	[ -f ${1} ] || return 1
+
+	for i in `cat $1 | sed "s/^#.*//"` ; do
+		if [ $i == "-" ]; then
+			disable="true"
+		elif [ -z "$name" ] && [ ! -z "`echo $i | grep "mod_"`" ]; then
+			name=`echo $i | sed "s/mod_//"`
+		elif [ "$disable" ] && ( [ $i == "static" ] || [ $i == "shared" ] ); then
+			MY_BUILTINS="${MY_BUILTINS} --disable-module=$name"
+			name="" ; disable=""
+		elif [ $i == "static" ] || useq static-modules; then
+			MY_BUILTINS="${MY_BUILTINS} --enable-module=$name --disable-shared=$name"
+			name="" ; disable=""
+		elif [ $i == "shared" ]; then
+			MY_BUILTINS="${MY_BUILTINS} --enable-module=$name --enable-shared=$name"
+			name="" ; disable=""
+		fi
+	done
+
+	einfo "${1} options:\n${MY_BUILTINS}"
+}
+
+select_modules_config() {
+	parse_modules_config /etc/apache/apache-builtin-mods || \
+	parse_modules_config ${GENTOO_PATCHDIR}/conf/apache-builtin-mods || \
+	return 1
+}
+
+# vim:ts=4
diff --git a/net-www/apache/apache-1.3.33-r6.ebuild b/net-www/apache/apache-1.3.33-r6.ebuild
new file mode 100644
index 000000000000..83a60cf2bf7a
--- /dev/null
+++ b/net-www/apache/apache-1.3.33-r6.ebuild
@@ -0,0 +1,252 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-www/apache/apache-1.3.33-r6.ebuild,v 1.1 2005/09/10 22:32:08 vericgar Exp $
+
+# Gentoo ARCH teams
+#
+# Do NOT mark this ebuild as stable unless the corresponding mod_ssl package
+# can also be marked as stable on your arch.
+#
+# Thanks,
+# stuart@gentoo.org
+
+inherit eutils fixheadtails
+
+IUSE="pam ssl selinux"
+
+mod_ssl_dep=2.8.24
+mod_ssl_ver=2.8.24-1.3.33
+
+S=${WORKDIR}/${PN}_${PV}
+DESCRIPTION="The Apache Web Server"
+HOMEPAGE="http://www.apache.org http://www.modssl.org"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc x86"
+SRC_URI="mirror://apache/httpd/apache_${PV}.tar.gz
+	ftp://ftp.modssl.org/source/mod_ssl-${mod_ssl_ver}.tar.gz
+	http://dev.gentoo.org/~vericgar/dist/apache/old/apache-patches-1.3.33-20050711.tar.bz2"
+
+
+# The mod_ssl archive is only for providing the EAPI patch in here.
+# You should install the net-www/mod_ssl package for the actual DSO.
+
+DEPEND="dev-lang/perl
+	<=sys-libs/db-4.1
+	>=dev-libs/mm-1.1.3
+	>=sys-libs/gdbm-1.8
+	>=dev-libs/expat-1.95.2
+	=sys-libs/db-1*
+	selinux? ( sec-policy/selinux-apache )
+	!dev-libs/apr
+	!dev-libs/apr-util"
+
+PDEPEND="ssl? ( =net-www/mod_ssl-${mod_ssl_dep} )"
+
+LICENSE="Apache-2.0"
+SLOT="1"
+
+#Standard location for Gentoo Linux
+DATADIR="/var/www/localhost"
+
+src_unpack() {
+	local myssl
+	unpack ${A} || die
+	cd ${S} || die
+
+	EPATCH_SUFFIX="patch"
+	epatch ${WORKDIR}/apache-patches-1.3.33/[0-2]* || die
+
+	if useq pam; then
+		epatch ${WORKDIR}/apache-patches-1.3.33/31_all_gentoo_suexec_pam.patch || die "pam patch failed"
+	fi
+
+	#Obsolete 'head -1' and 'tail -1' calls.
+	ht_fix_file src/Configure src/helpers/getuid.sh \
+		src/helpers/fmn.sh src/helpers/buildinfo.sh
+
+	# setup eapi...
+	myssl=${WORKDIR}/mod_ssl-${mod_ssl_ver}
+	cp ${myssl}/pkg.eapi/*.h src/include
+	cp ${myssl}/pkg.eapi/*.c src/ap
+	epatch ${myssl}/pkg.eapi/eapi.patch || die "eapi"
+
+	# set a reasonable MM_CORE_PATH location..
+	sed -i -e 's:logs/mm:/var/cache/apache-mm/mm:' \
+		src/include/httpd.h
+}
+
+src_compile() {
+	local myconf mycflags
+	mycflags="${CFLAGS}"
+	unset CFLAGS ; unset CXXFLAGS
+
+	select_modules_config || die "determining modules"
+
+	#-DBUFFERED_LOGS
+	OPTIM="${mycflags} -DHARD_SERVER_LIMIT=${HARD_SERVER_LIMIT:=512} \
+		-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64" \
+	LIBS="-ldb -lgdbm -lgdbm_compat -lpthread" \
+	EAPI_MM=SYSTEM \
+	./configure \
+		--prefix=/usr \
+		--exec-prefix=/usr \
+		--bindir=/usr/bin \
+		--sbindir=/usr/sbin \
+		--libexecdir=/usr/lib/apache \
+		--mandir=/usr/share/man \
+		--sysconfdir=/etc/apache/conf \
+		--datadir=${DATADIR} \
+		--cgidir=${DATADIR}/cgi-bin \
+		--iconsdir=${DATADIR}/icons \
+		--htdocsdir=${DATADIR}/htdocs \
+		--manualdir=/usr/share/doc/${PF}/manual \
+		--includedir=/usr/include/apache \
+		--localstatedir=/var \
+		--runtimedir=/var/run \
+		--logfiledir=/var/log/apache \
+		--proxycachedir=/var/cache/apache \
+		--serverroot=/etc/apache \
+		--target=apache \
+		--server-uid=apache \
+		--server-gid=apache \
+		--with-perl=/usr/bin/perl \
+		--enable-rule=EAPI \
+		--enable-rule=SHARED_CHAIN \
+		${MY_BUILTINS} \
+		--enable-suexec \
+		--suexec-uidmin=1000 \
+		--suexec-gidmin=100 \
+		--suexec-caller=apache \
+		--suexec-userdir=public_html \
+		--suexec-docroot=/var/www \
+		--suexec-safepath="/bin:/usr/bin" \
+		--suexec-logfile=/var/log/apache/suexec_log \
+		\
+		${myconf} || die "bad ./configure"
+
+	emake || die "compile problem"
+}
+
+src_install() {
+	local myfile
+
+	GID=`id -g apache`
+	if [ -z "${GID}" ]; then
+		einfo "Using default GID of 81 for Apache"
+		GID=81
+	fi
+
+	make install-quiet root=${D} || die
+	dodoc ABOUT_APACHE Announcement INSTALL* LICENSE* README* WARNING* \
+		${FILESDIR}/robots.txt
+
+	#protect the suexec binary
+	fowners root:${GID} /usr/sbin/suexec
+	fperms 4710 /usr/sbin/suexec
+
+	# nice support scripts..
+	for myfile in apacheaddmod apachedelmod \
+		apachelogserverstatus apachesplitlogfile
+	do
+		exeinto /usr/sbin
+		doexe ${FILESDIR}/$myfile
+	done
+
+	# setup links in /etc/apache..
+	cd ${D}/etc/apache
+	ln -sf ../../usr/lib/apache modules
+	# apxs needs this to pickup the right lib for install..
+	ln -sf ../../usr/lib lib
+	ln -sf ../../var/log/apache logs
+	ln -sf ../../usr/lib/apache-extramodules extramodules
+
+	# drop in a convenient link to the manual
+	dosym /usr/share/doc/${PF}/manual ${DATADIR}/htdocs/manual
+
+	# deprecated config files, empty dirs..
+	rm -f ${D}/etc/apache/conf/apache.conf.default
+	rm -f ${D}/etc/apache/conf/access.conf*
+	rm -f ${D}/etc/apache/conf/srm.conf*
+
+	# now the config files..
+	insinto /etc/apache/conf
+	doins ${FILESDIR}/conf/commonapache.conf
+	doins ${FILESDIR}/conf/apache.conf
+
+	# Added by Jason Wever <weeve@gentoo.org>
+	# A little sedfu to fix bug #7172 for sparc64s
+	if [ ${ARCH} = "sparc" ]
+	then
+		sed -i -e '15a\AcceptMutex fcntl' \
+		${D}/etc/apache/conf/apache.conf
+	fi
+
+	insinto /etc/apache/conf/vhosts
+	doins ${FILESDIR}/conf/VirtualHomePages.conf
+	doins ${FILESDIR}/conf/DynamicVhosts.conf
+	doins ${FILESDIR}/conf/Vhosts.conf
+
+	exeinto /etc/init.d ; newexe ${FILESDIR}/apache.rc6 apache
+	insinto /etc/conf.d ; newins ${FILESDIR}/apache.confd apache
+	insinto /etc/apache ; doins ${FILESDIR}/apache-builtin-mods
+
+	if use pam; then
+		insinto /etc/pam.d ; newins ${FILESDIR}/suexec.pam suexec
+	fi
+
+	#empty dirs
+	keepdir /var/cache/apache /var/cache/apache-mm /usr/lib/apache-extramodules /etc/apache/conf/addon-modules /var/log/apache
+}
+
+pkg_postinst() {
+	# these are in baselayout now; it will not hurt to leave them here though
+	# moved to pkg_postinst by jnelson, moved to pkg_preinst by lostlogic
+	getent group apache >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+		groupadd -g 81 apache || die "problem adding group apache"
+	fi
+
+	# usermod returns 2 on user-exists-but-no-flags-given
+	#usermod apache &>/dev/null
+	#if [ $? != 2 ]; then
+	getent passwd apache >/dev/null 2>&1
+	if [ $? -ne 0 ]; then
+		useradd -u 81 -g apache -s /bin/false -d /var/www/localhost -c "apache" apache
+		assert "problem adding user apache"
+	fi
+
+	einfo
+	einfo "Please remember to update your config files in /etc/apache"
+	einfo "as --datadir has been changed to ${DATADIR}!"
+	einfo
+}
+
+parse_modules_config() {
+	local filename=$1
+	local name=""
+	local dso=""
+	local disable=""
+	[ -f ${filename} ] || return 1
+	einfo "Using ${filename} for builtins."
+	for i in `cat $filename | sed "s/^#.*//"` ; do
+		if [ $i == "-" ] ; then
+			disable="true"
+		elif [ -z "$name" ] && [ ! -z "`echo $i | grep "mod_"`" ] ; then
+			name=`echo $i | sed "s/mod_//"`
+		elif [ "$disable" ] && ( [ $i == "static" ] || [ $i == "shared" ] ) ; then
+			MY_BUILTINS="${MY_BUILTINS} --disable-module=$name"
+			name="" ; disable=""
+		elif [ $i == "static" ] ; then
+			MY_BUILTINS="${MY_BUILTINS} --enable-module=$name --disable-shared=$name"
+			name="" ; disable=""
+		elif [ $i == "shared" ] ; then
+			MY_BUILTINS="${MY_BUILTINS} --enable-module=$name --enable-shared=$name"
+			name="" ; disable=""
+		fi
+	done
+}
+
+select_modules_config() {
+	parse_modules_config /etc/apache/apache-builtin-mods || \
+	parse_modules_config ${FILESDIR}/apache-builtin-mods || \
+	return 1
+}
diff --git a/net-www/apache/files/digest-apache-1.3.33-r11 b/net-www/apache/files/digest-apache-1.3.33-r11
new file mode 100644
index 000000000000..1d8a228f0553
--- /dev/null
+++ b/net-www/apache/files/digest-apache-1.3.33-r11
@@ -0,0 +1,4 @@
+MD5 3dfd2c3778f37a2dfc22b97417a61407 apache_1.3.33.tar.gz 2468567
+MD5 4f28dcf0f090a7dc2ab148e6a503e99a mod_ssl-2.8.24-1.3.33.tar.gz 820292
+MD5 6401015bafad4f44fdf8a9a1795d9258 lingerd-0.94.tar.gz 33938
+MD5 de14b5fc8e0da45b926015f3401933ca gentoo-apache-1.3.33-r11-20050910.tar.bz2 28566
diff --git a/net-www/apache/files/digest-apache-1.3.33-r6 b/net-www/apache/files/digest-apache-1.3.33-r6
new file mode 100644
index 000000000000..95facf7e37da
--- /dev/null
+++ b/net-www/apache/files/digest-apache-1.3.33-r6
@@ -0,0 +1,3 @@
+MD5 3dfd2c3778f37a2dfc22b97417a61407 apache_1.3.33.tar.gz 2468567
+MD5 4f28dcf0f090a7dc2ab148e6a503e99a mod_ssl-2.8.24-1.3.33.tar.gz 820292
+MD5 e27f09389d8b8b8c5a75816d98329a72 apache-patches-1.3.33-20050711.tar.bz2 14272
diff --git a/net-www/mod_ssl/ChangeLog b/net-www/mod_ssl/ChangeLog
index 40fb73e7b711..9be376703078 100644
--- a/net-www/mod_ssl/ChangeLog
+++ b/net-www/mod_ssl/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for net-www/mod_ssl
 # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/ChangeLog,v 1.79 2005/07/16 23:40:52 josejx Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/ChangeLog,v 1.80 2005/09/10 22:30:23 vericgar Exp $
+
+*mod_ssl-2.8.24-r1 (10 Sep 2005)
+*mod_ssl-2.8.24 (10 Sep 2005)
+
+  10 Sep 2005; Michael Stewart <vericgar@gentoo.org> +mod_ssl-2.8.24.ebuild,
+  +mod_ssl-2.8.24-r1.ebuild:
+  Security bump to address CAN-2005-2700. Fixes bug 104807
 
   16 Jul 2005; Joseph Jezak <josejx@gentoo.org> mod_ssl-2.8.22.ebuild:
   Marked ppc stable for bug #88666.
diff --git a/net-www/mod_ssl/Manifest b/net-www/mod_ssl/Manifest
index 89ad48ed47c3..d978776a59ee 100644
--- a/net-www/mod_ssl/Manifest
+++ b/net-www/mod_ssl/Manifest
@@ -1,31 +1,25 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
-MD5 bbb586df2f07216912fce9393932984b mod_ssl-2.8.22-r1.ebuild 1780
-MD5 8caaa97021cfd052c33fc36ec9a5458a mod_ssl-2.8.20.ebuild 2289
+MD5 ba252cc54bec64fd91b38fe0380c8cc8 ChangeLog 9170
 MD5 0d18f0fe5d603b41b988373892caf195 metadata.xml 226
-MD5 c6e2135048cbccc9899a3131fc60a845 mod_ssl-2.8.19.ebuild 2290
+MD5 5fb666b241c86fff4ddc0880de44be48 mod_ssl-2.8.17.ebuild 2188
 MD5 13338aa13b7124ea1609e8560cbaabeb mod_ssl-2.8.18.ebuild 2188
+MD5 c6e2135048cbccc9899a3131fc60a845 mod_ssl-2.8.19.ebuild 2290
+MD5 8caaa97021cfd052c33fc36ec9a5458a mod_ssl-2.8.20.ebuild 2289
 MD5 86c74e1d2f258764b5586a33b1bf609a mod_ssl-2.8.21.ebuild 2300
 MD5 b349032c6051d3e3ae1bf53f52859a25 mod_ssl-2.8.22.ebuild 2309
-MD5 5fb666b241c86fff4ddc0880de44be48 mod_ssl-2.8.17.ebuild 2188
-MD5 ba252cc54bec64fd91b38fe0380c8cc8 ChangeLog 9170
-MD5 515630b3e53faa458b8ec7a0e73bef55 files/10_mod_ssl.conf 2859
-MD5 959a0125c23ead91b0071f4ffc54e9bc files/default-ssl.conf 7653
+MD5 bbb586df2f07216912fce9393932984b mod_ssl-2.8.22-r1.ebuild 1780
+MD5 c7a13d2b0a098ecaed8fd40c0ce4edb5 mod_ssl-2.8.24.ebuild 2318
+MD5 bbb586df2f07216912fce9393932984b mod_ssl-2.8.24-r1.ebuild 1780
+MD5 9ba9eb8eced950cd59cb8dadd090f908 files/digest-mod_ssl-2.8.17 73
 MD5 f53031df0c0d1a5bd75a9151d0810e9e files/digest-mod_ssl-2.8.18 73
+MD5 89239995d079a1bd9abc580e2264c71b files/digest-mod_ssl-2.8.19 73
+MD5 dd87f058ab62ac5c5da4b03713e9184a files/digest-mod_ssl-2.8.20 73
 MD5 289c880e2ff1c2de91eda32e7e486085 files/digest-mod_ssl-2.8.21 73
-MD5 54cbf53816f2c9c80600ea9f37ab02ba files/digest-mod_ssl-2.8.22-r1 73
-MD5 8270779f233bc311118f53ebce7338e7 files/ssl.default-vhost.conf 6985
-MD5 9ba9eb8eced950cd59cb8dadd090f908 files/digest-mod_ssl-2.8.17 73
-MD5 71ac46d211c8aa42c7a5e51c6165862a files/mod_ssl.conf 2460
 MD5 dd92adba34e6b36ef6fd2750869e1a18 files/gentestcrt.sh 8801
+MD5 71ac46d211c8aa42c7a5e51c6165862a files/mod_ssl.conf 2460
+MD5 8270779f233bc311118f53ebce7338e7 files/ssl.default-vhost.conf 6985
+MD5 515630b3e53faa458b8ec7a0e73bef55 files/10_mod_ssl.conf 2859
+MD5 959a0125c23ead91b0071f4ffc54e9bc files/default-ssl.conf 7653
 MD5 54cbf53816f2c9c80600ea9f37ab02ba files/digest-mod_ssl-2.8.22 73
-MD5 dd87f058ab62ac5c5da4b03713e9184a files/digest-mod_ssl-2.8.20 73
-MD5 89239995d079a1bd9abc580e2264c71b files/digest-mod_ssl-2.8.19 73
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.2 (GNU/Linux)
-
-iD8DBQFDAW/YgIKl8Uu19MoRAhUvAJ91o3DYEFngmCTt9d1IPrzHu4wE4ACeM9C9
-eHvVyEctq3jzHAD9fJRz6PM=
-=rFHU
------END PGP SIGNATURE-----
+MD5 54cbf53816f2c9c80600ea9f37ab02ba files/digest-mod_ssl-2.8.22-r1 73
+MD5 a68a0b56a629886ec3ebd08bfb0f638c files/digest-mod_ssl-2.8.24-r1 73
+MD5 a68a0b56a629886ec3ebd08bfb0f638c files/digest-mod_ssl-2.8.24 73
diff --git a/net-www/mod_ssl/files/digest-mod_ssl-2.8.24 b/net-www/mod_ssl/files/digest-mod_ssl-2.8.24
new file mode 100644
index 000000000000..59f8c0f8e97d
--- /dev/null
+++ b/net-www/mod_ssl/files/digest-mod_ssl-2.8.24
@@ -0,0 +1 @@
+MD5 4f28dcf0f090a7dc2ab148e6a503e99a mod_ssl-2.8.24-1.3.33.tar.gz 820292
diff --git a/net-www/mod_ssl/files/digest-mod_ssl-2.8.24-r1 b/net-www/mod_ssl/files/digest-mod_ssl-2.8.24-r1
new file mode 100644
index 000000000000..59f8c0f8e97d
--- /dev/null
+++ b/net-www/mod_ssl/files/digest-mod_ssl-2.8.24-r1
@@ -0,0 +1 @@
+MD5 4f28dcf0f090a7dc2ab148e6a503e99a mod_ssl-2.8.24-1.3.33.tar.gz 820292
diff --git a/net-www/mod_ssl/mod_ssl-2.8.24-r1.ebuild b/net-www/mod_ssl/mod_ssl-2.8.24-r1.ebuild
new file mode 100644
index 000000000000..8b8c48fb0f3b
--- /dev/null
+++ b/net-www/mod_ssl/mod_ssl-2.8.24-r1.ebuild
@@ -0,0 +1,74 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/mod_ssl-2.8.24-r1.ebuild,v 1.1 2005/09/10 22:30:23 vericgar Exp $
+
+inherit apache-module
+
+MY_P=${P}-1.3.33
+
+DESCRIPTION="An SSL module for the Apache 1.3 Web server"
+HOMEPAGE="http://www.modssl.org/"
+SRC_URI="http://www.modssl.org/source/${MY_P}.tar.gz"
+
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86"
+LICENSE="as-is"
+SLOT="0"
+IUSE=""
+
+DEPEND=">=dev-libs/openssl-0.9.6k"
+
+S=${WORKDIR}/${MY_P}
+
+APACHE1_MOD_FILE="${S}/pkg.sslmod/libssl.so"
+APACHE1_MOD_CONF="10_${PN}"
+APACHE1_MOD_DEFINE="SSL"
+
+VHOSTFILE="default-ssl"
+
+DOCFILES="ANNOUNCE CHANGES CREDITS LICENSE NEWS README*"
+
+need_apache1
+
+src_unpack() {
+	unpack ${A} || die
+	cd ${S} || die
+
+	# proper path to openssl
+	sed -i -e 's:^\(openssl=\).*:\1"/usr/bin/openssl":' pkg.contrib/cca.sh
+}
+
+src_compile() {
+	if has_version '=sys-libs/gdbm-1.8.3*' ; then
+	     myconf="--enable-rule=SSL_SDBM"
+	fi
+
+	SSL_BASE=SYSTEM \
+	./configure \
+		--with-apxs=${APXS1} ${myconf} || die "bad ./configure"
+	make || die "compile problem"
+}
+
+src_install() {
+	apache1_src_install
+
+	insinto ${APACHE1_VHOSTDIR}
+	doins ${FILESDIR}/${VHOSTFILE}.conf
+
+	exeinto /usr/lib/ssl/mod_ssl
+	doexe pkg.contrib/*.sh ${FILESDIR}/gentestcrt.sh
+
+	dodir /usr/share/doc/${PF}/html
+	cp -a pkg.ssldoc/* ${D}/usr/share/doc/${PF}/html
+}
+
+pkg_postinst() {
+	install -d -o root -g root -m0755 ${ROOT}${APACHE1_CONFDIR}/ssl
+
+	apache1_pkg_postinst
+
+	cd ${ROOT}${APACHE1_CONFDIR}/ssl
+	einfo "Generating self-signed test certificate in ${APACHE1_CONFDIR}/ssl..."
+	einfo "(Ignore any message from the yes command below)"
+	yes "" | ${ROOT}/usr/lib/ssl/mod_ssl/gentestcrt.sh >/dev/null 2>&1
+	einfo
+}
diff --git a/net-www/mod_ssl/mod_ssl-2.8.24.ebuild b/net-www/mod_ssl/mod_ssl-2.8.24.ebuild
new file mode 100644
index 000000000000..7b68dbffef3b
--- /dev/null
+++ b/net-www/mod_ssl/mod_ssl-2.8.24.ebuild
@@ -0,0 +1,80 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/mod_ssl-2.8.24.ebuild,v 1.1 2005/09/10 22:30:23 vericgar Exp $
+
+MY_P=${P}-1.3.33
+S=${WORKDIR}/${MY_P}
+DESCRIPTION="An SSL module for the Apache 1.3 Web server"
+HOMEPAGE="http://www.modssl.org/"
+SRC_URI="http://www.modssl.org/source/${MY_P}.tar.gz"
+
+LICENSE="as-is"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc x86"
+IUSE=""
+
+DEPEND="=net-www/apache-1.3.33*
+		>=dev-libs/openssl-0.9.6k"
+
+src_unpack() {
+	unpack ${A} ; cd ${S}
+	# proper path to openssl
+	cp pkg.contrib/cca.sh pkg.contrib/cca.sh.orig
+	sed -e 's%^\(openssl=\).*%\1"/usr/bin/openssl"%' \
+		pkg.contrib/cca.sh.orig > pkg.contrib/cca.sh
+}
+
+src_compile() {
+	if has_version '=sys-libs/gdbm-1.8.3*' ; then
+	     myconf="--enable-rule=SSL_SDBM"
+	fi
+
+	SSL_BASE=SYSTEM \
+	./configure \
+		--with-apxs=/usr/sbin/apxs ${myconf} || die "bad ./configure"
+	make || die "compile problem"
+}
+
+src_install() {
+	exeinto /usr/lib/apache-extramodules
+	doexe pkg.sslmod/libssl.so
+
+	exeinto /usr/lib/ssl/mod_ssl
+	doexe pkg.contrib/*.sh ${FILESDIR}/gentestcrt.sh
+
+	dodoc ANNOUNCE CHANGES CREDITS LICENSE NEWS README*
+	dodir /usr/share/doc/${PF}/html
+	cp -a pkg.ssldoc/* ${D}/usr/share/doc/${PF}/html
+
+	insinto /etc/apache/conf/vhosts
+	doins ${FILESDIR}/ssl.default-vhost.conf
+
+	insinto /etc/apache/conf/addon-modules
+	doins ${FILESDIR}/mod_ssl.conf
+}
+
+pkg_postinst() {
+	install -d -o root -g root -m0755 ${ROOT}/etc/apache/conf/ssl
+
+	einfo
+	einfo "Execute \"ebuild /var/db/pkg/net-www/${PF}/${PF}.ebuild config\""
+	einfo "to have your apache.conf auto-updated for use with this module."
+	einfo "You should then edit your /etc/conf.d/apache file to suit."
+	einfo
+
+	cd ${ROOT}/etc/apache/conf/ssl
+	einfo "Generating self-signed test certificate in /etc/apache/conf/ssl..."
+	einfo "(Ignore any message from the yes command below)"
+	yes "" | ${ROOT}/usr/lib/ssl/mod_ssl/gentestcrt.sh >/dev/null 2>&1
+	einfo
+}
+
+pkg_config() {
+	${ROOT}/usr/sbin/apacheaddmod \
+		${ROOT}/etc/apache/conf/apache.conf \
+		extramodules/libssl.so mod_ssl.c ssl_module \
+		define=SSL addconf=conf/addon-modules/mod_ssl.conf
+
+	echo "Include  conf/vhosts/ssl.default-vhost.conf" \
+		>> ${ROOT}/etc/apache/conf/apache.conf
+}
author	Michael Stewart <vericgar@gentoo.org>	2005-09-10 22:32:08 +0000
committer	Michael Stewart <vericgar@gentoo.org>	2005-09-10 22:32:08 +0000
commit	a16c3c3080964e370f5e31f158779e4a092b5d0f (patch)
tree	2b5109fab735020e010a253e4cc96ca4648f14ca /net-www
parent	Mark 0.08 stable on alpha (diff)
download	gentoo-2-a16c3c3080964e370f5e31f158779e4a092b5d0f.tar.gz gentoo-2-a16c3c3080964e370f5e31f158779e4a092b5d0f.tar.bz2 gentoo-2-a16c3c3080964e370f5e31f158779e4a092b5d0f.zip