summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorYi Zhao <yi.zhao@windriver.com>2019-04-15 11:39:38 +0800
committerArmin Kuster <akuster808@gmail.com>2019-09-02 19:53:53 -0700
commita42f773baae90558c4a2e9f207579db7edb830a5 (patch)
treed76db6c29d7a485f0151c47cbbb845ed853b1675
parent63acd997e6eb92e59ef84a1598d90279a794549c (diff)
downloadmeta-openembedded-a42f773baae90558c4a2e9f207579db7edb830a5.tar.gz
apache2: upgrade 2.4.34 -> 2.4.39
* Drop apache2-native recipe. Add native to BBCLASSEXTEND in apache2 recipe. * Refresh patches. Drop CVE-2018-11763.patch and apache-configure_perlbin.patch * Cleanup recipe file. Remove obsolete code. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> [Bug fix only update: Includes CVES: CVE-2018-17189 CVE-2018-17199 CVE-2019-0190 CVE-2019-0220 CVE-2019-0196 CVE-2019-0197 CVE-2019-0215 CVE-2019-0217 CVE-2019-0211 ] Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2-native_2.4.34.bb46
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2/0001-configure-use-pkg-config-for-PCRE-detection.patch8
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2/0002-apache2-bump-up-the-core-size-limit-if-CoreDumpDirec.patch (renamed from meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.1-corelimit.patch)12
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2/0003-apache2-do-not-export-apr-apr-util-symbols-when-usin.patch (renamed from meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.4-export.patch)10
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch (renamed from meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.1-selinux.patch)23
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2/0005-replace-lynx-to-curl-in-apachectl-script.patch (renamed from meta-webserver/recipes-httpd/apache2/apache2/replace-lynx-to-curl-in-apachectl-script.patch)6
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2/0006-apache2-fix-the-race-issue-of-parallel-installation.patch (renamed from meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.3-fix-race-issue-of-dir-install.patch)6
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2/0007-apache2-allow-to-disable-selinux-support.patch (renamed from meta-webserver/recipes-httpd/apache2/apache2/configure-allow-to-disable-selinux-support.patch)8
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2/0008-apache2-do-not-use-relative-path-for-gen_test_char.patch (renamed from meta-webserver/recipes-httpd/apache2/apache2/server-makefile.patch)8
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2/CVE-2018-11763.patch512
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2/apache-configure_perlbin.patch27
-rw-r--r--meta-webserver/recipes-httpd/apache2/apache2_2.4.39.bb (renamed from meta-webserver/recipes-httpd/apache2/apache2_2.4.34.bb)204
-rw-r--r--[-rwxr-xr-x]meta-webserver/recipes-httpd/apache2/files/init0
13 files changed, 157 insertions, 713 deletions
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.34.bb b/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.34.bb
deleted file mode 100644
index 4cc384546..000000000
--- a/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.34.bb
+++ /dev/null
@@ -1,46 +0,0 @@
1DESCRIPTION = "The Apache HTTP Server is a powerful, efficient, and \
2extensible web server."
3SUMMARY = "Apache HTTP Server"
4HOMEPAGE = "http://httpd.apache.org/"
5DEPENDS = "expat-native pcre-native apr-native apr-util-native"
6SECTION = "net"
7LICENSE = "Apache-2.0"
8
9inherit autotools pkgconfig native
10
11SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \
12 file://0001-configure-use-pkg-config-for-PCRE-detection.patch \
13 file://CVE-2018-11763.patch \
14 "
15
16S = "${WORKDIR}/httpd-${PV}"
17
18LIC_FILES_CHKSUM = "file://LICENSE;md5=d52d0fd0bc788f068e647116c01ddfcd"
19SRC_URI[md5sum] = "818adca52f3be187fe45d6822755be95"
20SRC_URI[sha256sum] = "fa53c95631febb08a9de41fd2864cfff815cf62d9306723ab0d4b8d7aa1638f0"
21
22EXTRA_OECONF = "--with-apr=${STAGING_BINDIR_CROSS}/apr-1-config \
23 --with-apr-util=${STAGING_BINDIR_CROSS}/apu-1-config \
24 --prefix=${prefix} --datadir=${datadir}/apache2 \
25 "
26
27do_install () {
28 install -d ${D}${bindir} ${D}${libdir}
29 cp server/gen_test_char ${D}${bindir}
30 install -m 755 support/apxs ${D}${bindir}/
31 install -m 755 httpd ${D}${bindir}/
32 install -d ${D}${datadir}/apache2/build
33 cp ${S}/build/*.mk ${D}${datadir}/apache2/build
34 cp build/*.mk ${D}${datadir}/apache2/build
35 cp ${S}/build/instdso.sh ${D}${datadir}/apache2/build
36
37 install -d ${D}${includedir}/apache2
38 cp ${S}/include/* ${D}${includedir}/apache2
39 cp include/* ${D}${includedir}/apache2
40 cp ${S}/os/unix/os.h ${D}${includedir}/apache2
41 cp ${S}/os/unix/unixd.h ${D}${includedir}/apache2
42
43 cp support/envvars-std ${D}${bindir}/envvars
44 chmod 755 ${D}${bindir}/envvars
45}
46
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/0001-configure-use-pkg-config-for-PCRE-detection.patch b/meta-webserver/recipes-httpd/apache2/apache2/0001-configure-use-pkg-config-for-PCRE-detection.patch
index da38a8cfd..6c0286457 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2/0001-configure-use-pkg-config-for-PCRE-detection.patch
+++ b/meta-webserver/recipes-httpd/apache2/apache2/0001-configure-use-pkg-config-for-PCRE-detection.patch
@@ -1,4 +1,4 @@
1From 419181e242892ded050f5a375a709b9588fb581d Mon Sep 17 00:00:00 2001 1From d2cedfa3394365689a3f7c8cfe8e0dd56b29bed9 Mon Sep 17 00:00:00 2001
2From: Koen Kooi <koen.kooi@linaro.org> 2From: Koen Kooi <koen.kooi@linaro.org>
3Date: Tue, 17 Jun 2014 09:10:57 +0200 3Date: Tue, 17 Jun 2014 09:10:57 +0200
4Subject: [PATCH] configure: use pkg-config for PCRE detection 4Subject: [PATCH] configure: use pkg-config for PCRE detection
@@ -6,13 +6,12 @@ Subject: [PATCH] configure: use pkg-config for PCRE detection
6Upstream-Status: Pending 6Upstream-Status: Pending
7 7
8Signed-off-by: Koen Kooi <koen.kooi@linaro.org> 8Signed-off-by: Koen Kooi <koen.kooi@linaro.org>
9
10--- 9---
11 configure.in | 27 +++++---------------------- 10 configure.in | 27 +++++----------------------
12 1 file changed, 5 insertions(+), 22 deletions(-) 11 1 file changed, 5 insertions(+), 22 deletions(-)
13 12
14diff --git a/configure.in b/configure.in 13diff --git a/configure.in b/configure.in
15index be7bd25..54dfd0d 100644 14index 9feaceb..dc6ea15 100644
16--- a/configure.in 15--- a/configure.in
17+++ b/configure.in 16+++ b/configure.in
18@@ -215,28 +215,11 @@ fi 17@@ -215,28 +215,11 @@ fi
@@ -49,3 +48,6 @@ index be7bd25..54dfd0d 100644
49 APACHE_SUBST(PCRE_LIBS) 48 APACHE_SUBST(PCRE_LIBS)
50 49
51 AC_MSG_NOTICE([]) 50 AC_MSG_NOTICE([])
51--
522.7.4
53
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.1-corelimit.patch b/meta-webserver/recipes-httpd/apache2/apache2/0002-apache2-bump-up-the-core-size-limit-if-CoreDumpDirec.patch
index ae4ff0c5e..85fe6ae4b 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.1-corelimit.patch
+++ b/meta-webserver/recipes-httpd/apache2/apache2/0002-apache2-bump-up-the-core-size-limit-if-CoreDumpDirec.patch
@@ -1,7 +1,8 @@
1From 55ebb07cc57854cbfb372c3a688365039b809bc8 Mon Sep 17 00:00:00 2001 1From 7df207ad4d0dcda2ad36e5642296e0dec7e13647 Mon Sep 17 00:00:00 2001
2From: Paul Eggleton <paul.eggleton@linux.intel.com> 2From: Paul Eggleton <paul.eggleton@linux.intel.com>
3Date: Tue, 17 Jul 2012 11:27:39 +0100 3Date: Tue, 17 Jul 2012 11:27:39 +0100
4Subject: [PATCH] apache2: add from OE-Classic, update to version 2.4.2 and fix 4Subject: [PATCH] apache2: bump up the core size limit if CoreDumpDirectory
5 is configured
5 6
6Bump up the core size limit if CoreDumpDirectory is 7Bump up the core size limit if CoreDumpDirectory is
7configured. 8configured.
@@ -16,10 +17,10 @@ Note: upstreaming was discussed but there are competing desires;
16 1 file changed, 19 insertions(+) 17 1 file changed, 19 insertions(+)
17 18
18diff --git a/server/core.c b/server/core.c 19diff --git a/server/core.c b/server/core.c
19index 4af0816..4fd2b9f 100644 20index eacb54f..7aa841f 100644
20--- a/server/core.c 21--- a/server/core.c
21+++ b/server/core.c 22+++ b/server/core.c
22@@ -4940,6 +4940,25 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte 23@@ -4965,6 +4965,25 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte
23 } 24 }
24 apr_pool_cleanup_register(pconf, NULL, ap_mpm_end_gen_helper, 25 apr_pool_cleanup_register(pconf, NULL, ap_mpm_end_gen_helper,
25 apr_pool_cleanup_null); 26 apr_pool_cleanup_null);
@@ -45,3 +46,6 @@ index 4af0816..4fd2b9f 100644
45 return OK; 46 return OK;
46 } 47 }
47 48
49--
502.7.4
51
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.4-export.patch b/meta-webserver/recipes-httpd/apache2/apache2/0003-apache2-do-not-export-apr-apr-util-symbols-when-usin.patch
index 843226c0c..081a02baa 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.4-export.patch
+++ b/meta-webserver/recipes-httpd/apache2/apache2/0003-apache2-do-not-export-apr-apr-util-symbols-when-usin.patch
@@ -1,7 +1,8 @@
1From a5627edbcc88cd50caaa42ca051ac7ed3d870172 Mon Sep 17 00:00:00 2001 1From ddd560024a6d526187fd126f306b59533ca3f7e2 Mon Sep 17 00:00:00 2001
2From: Paul Eggleton <paul.eggleton@linux.intel.com> 2From: Paul Eggleton <paul.eggleton@linux.intel.com>
3Date: Tue, 17 Jul 2012 11:27:39 +0100 3Date: Tue, 17 Jul 2012 11:27:39 +0100
4Subject: [PATCH] apache2: add from OE-Classic, update to version 2.4.2 and fix 4Subject: [PATCH] apache2: do not export apr/apr-util symbols when using
5 shared libapr
5 6
6There is no need to "suck in" the apr/apr-util symbols when using 7There is no need to "suck in" the apr/apr-util symbols when using
7a shared libapr{,util}, it just bloats the symbol table; so don't. 8a shared libapr{,util}, it just bloats the symbol table; so don't.
@@ -15,7 +16,7 @@ Note: EXPORT_DIRS change is conditional on using shared apr
15 1 file changed, 3 deletions(-) 16 1 file changed, 3 deletions(-)
16 17
17diff --git a/server/Makefile.in b/server/Makefile.in 18diff --git a/server/Makefile.in b/server/Makefile.in
18index cb11684..0d48924 100644 19index 1fa3344..f635d76 100644
19--- a/server/Makefile.in 20--- a/server/Makefile.in
20+++ b/server/Makefile.in 21+++ b/server/Makefile.in
21@@ -60,9 +60,6 @@ export_files: 22@@ -60,9 +60,6 @@ export_files:
@@ -28,3 +29,6 @@ index cb11684..0d48924 100644
28 ) | sed -e s,//,/,g | sort -u > $@ 29 ) | sed -e s,//,/,g | sort -u > $@
29 30
30 exports.c: export_files 31 exports.c: export_files
32--
332.7.4
34
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.1-selinux.patch b/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch
index 015034c75..78a04d9af 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.1-selinux.patch
+++ b/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch
@@ -1,4 +1,4 @@
1From 33c0f2d88ccfe02777f183eb785bb2b891aff168 Mon Sep 17 00:00:00 2001 1From dfa834ebd449df299f54e98f0fb3a7bb4008fb03 Mon Sep 17 00:00:00 2001
2From: Paul Eggleton <paul.eggleton@linux.intel.com> 2From: Paul Eggleton <paul.eggleton@linux.intel.com>
3Date: Tue, 17 Jul 2012 11:27:39 +0100 3Date: Tue, 17 Jul 2012 11:27:39 +0100
4Subject: [PATCH] Log the SELinux context at startup. 4Subject: [PATCH] Log the SELinux context at startup.
@@ -15,10 +15,10 @@ Note: unlikely to be any interest in this upstream
15 2 files changed, 31 insertions(+) 15 2 files changed, 31 insertions(+)
16 16
17diff --git a/configure.in b/configure.in 17diff --git a/configure.in b/configure.in
18index 761e836..d828512 100644 18index dc6ea15..caa6f54 100644
19--- a/configure.in 19--- a/configure.in
20+++ b/configure.in 20+++ b/configure.in
21@@ -483,6 +483,11 @@ getloadavg 21@@ -466,6 +466,11 @@ getloadavg
22 dnl confirm that a void pointer is large enough to store a long integer 22 dnl confirm that a void pointer is large enough to store a long integer
23 APACHE_CHECK_VOID_PTR_LEN 23 APACHE_CHECK_VOID_PTR_LEN
24 24
@@ -31,7 +31,7 @@ index 761e836..d828512 100644
31 [AC_TRY_RUN(#define _GNU_SOURCE 31 [AC_TRY_RUN(#define _GNU_SOURCE
32 #include <unistd.h> 32 #include <unistd.h>
33diff --git a/server/core.c b/server/core.c 33diff --git a/server/core.c b/server/core.c
34index 4fd2b9f..c61304a 100644 34index 7aa841f..79f34db 100644
35--- a/server/core.c 35--- a/server/core.c
36+++ b/server/core.c 36+++ b/server/core.c
37@@ -59,6 +59,10 @@ 37@@ -59,6 +59,10 @@
@@ -45,7 +45,7 @@ index 4fd2b9f..c61304a 100644
45 /* LimitRequestBody handling */ 45 /* LimitRequestBody handling */
46 #define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1) 46 #define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1)
47 #define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 0) 47 #define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 0)
48@@ -4959,6 +4963,28 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte 48@@ -4984,6 +4988,28 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte
49 } 49 }
50 #endif 50 #endif
51 51
@@ -53,18 +53,18 @@ index 4fd2b9f..c61304a 100644
53+ { 53+ {
54+ static int already_warned = 0; 54+ static int already_warned = 0;
55+ int is_enabled = is_selinux_enabled() > 0; 55+ int is_enabled = is_selinux_enabled() > 0;
56+ 56+
57+ if (is_enabled && !already_warned) { 57+ if (is_enabled && !already_warned) {
58+ security_context_t con; 58+ security_context_t con;
59+ 59+
60+ if (getcon(&con) == 0) { 60+ if (getcon(&con) == 0) {
61+ 61+
62+ ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, 62+ ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL,
63+ "SELinux policy enabled; " 63+ "SELinux policy enabled; "
64+ "httpd running as context %s", con); 64+ "httpd running as context %s", con);
65+ 65+
66+ already_warned = 1; 66+ already_warned = 1;
67+ 67+
68+ freecon(con); 68+ freecon(con);
69+ } 69+ }
70+ } 70+ }
@@ -74,3 +74,6 @@ index 4fd2b9f..c61304a 100644
74 return OK; 74 return OK;
75 } 75 }
76 76
77--
782.7.4
79
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/replace-lynx-to-curl-in-apachectl-script.patch b/meta-webserver/recipes-httpd/apache2/apache2/0005-replace-lynx-to-curl-in-apachectl-script.patch
index 020f1d797..47320a9ee 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2/replace-lynx-to-curl-in-apachectl-script.patch
+++ b/meta-webserver/recipes-httpd/apache2/apache2/0005-replace-lynx-to-curl-in-apachectl-script.patch
@@ -1,4 +1,4 @@
1From 94a9e2241ea27e75babbfdeb38043b13049e23b0 Mon Sep 17 00:00:00 2001 1From 7db1b650bb4b01a5194a34cd7573f915656a595b Mon Sep 17 00:00:00 2001
2From: Yulong Pei <Yulong.pei@windriver.com> 2From: Yulong Pei <Yulong.pei@windriver.com>
3Date: Thu, 1 Sep 2011 01:03:14 +0800 3Date: Thu, 1 Sep 2011 01:03:14 +0800
4Subject: [PATCH] replace lynx to curl in apachectl script 4Subject: [PATCH] replace lynx to curl in apachectl script
@@ -6,7 +6,6 @@ Subject: [PATCH] replace lynx to curl in apachectl script
6Upstream-Status: Inappropriate [configuration] 6Upstream-Status: Inappropriate [configuration]
7 7
8Signed-off-by: Yulong Pei <Yulong.pei@windriver.com> 8Signed-off-by: Yulong Pei <Yulong.pei@windriver.com>
9
10--- 9---
11 support/apachectl.in | 14 ++++++++++---- 10 support/apachectl.in | 14 ++++++++++----
12 1 file changed, 10 insertions(+), 4 deletions(-) 11 1 file changed, 10 insertions(+), 4 deletions(-)
@@ -48,3 +47,6 @@ index 3281c2e..6ab4ba5 100644
48 ;; 47 ;;
49 *) 48 *)
50 $HTTPD "$@" 49 $HTTPD "$@"
50--
512.7.4
52
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.3-fix-race-issue-of-dir-install.patch b/meta-webserver/recipes-httpd/apache2/apache2/0006-apache2-fix-the-race-issue-of-parallel-installation.patch
index 2262e9f87..227d04064 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.3-fix-race-issue-of-dir-install.patch
+++ b/meta-webserver/recipes-httpd/apache2/apache2/0006-apache2-fix-the-race-issue-of-parallel-installation.patch
@@ -1,4 +1,4 @@
1From 3b079a9df7582e305246fd805837d87a2c4ef534 Mon Sep 17 00:00:00 2001 1From 4f4d7d6b88b6e440263ebeb22dfb40c52bb30fd8 Mon Sep 17 00:00:00 2001
2From: Zhenhua Luo <zhenhua.luo@freescale.com> 2From: Zhenhua Luo <zhenhua.luo@freescale.com>
3Date: Fri, 25 Jan 2013 18:10:50 +0800 3Date: Fri, 25 Jan 2013 18:10:50 +0800
4Subject: [PATCH] apache2: fix the race issue of parallel installation 4Subject: [PATCH] apache2: fix the race issue of parallel installation
@@ -13,7 +13,6 @@ fix following race issue when do parallel install
13| make[1]: *** Waiting for unfinished jobs.... 13| make[1]: *** Waiting for unfinished jobs....
14 14
15Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com> 15Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com>
16
17--- 16---
18 build/mkdir.sh | 2 +- 17 build/mkdir.sh | 2 +-
19 1 file changed, 1 insertion(+), 1 deletion(-) 18 1 file changed, 1 insertion(+), 1 deletion(-)
@@ -31,3 +30,6 @@ index e2d5bb6..dde5ae0 100755
31 fi 30 fi
32 pathcomp="$pathcomp/" 31 pathcomp="$pathcomp/"
33 done 32 done
33--
342.7.4
35
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/configure-allow-to-disable-selinux-support.patch b/meta-webserver/recipes-httpd/apache2/apache2/0007-apache2-allow-to-disable-selinux-support.patch
index a6ccfb6a8..fed6b5010 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2/configure-allow-to-disable-selinux-support.patch
+++ b/meta-webserver/recipes-httpd/apache2/apache2/0007-apache2-allow-to-disable-selinux-support.patch
@@ -1,4 +1,4 @@
1From 166cbc02f72d13d5e7bf08ac2351c0f07e1ff4b9 Mon Sep 17 00:00:00 2001 1From 964ef2c1af74984602f46e7db938d3b95b148385 Mon Sep 17 00:00:00 2001
2From: Wenzong Fan <wenzong.fan@windriver.com> 2From: Wenzong Fan <wenzong.fan@windriver.com>
3Date: Mon, 1 Dec 2014 02:08:27 -0500 3Date: Mon, 1 Dec 2014 02:08:27 -0500
4Subject: [PATCH] apache2: allow to disable selinux support 4Subject: [PATCH] apache2: allow to disable selinux support
@@ -6,13 +6,12 @@ Subject: [PATCH] apache2: allow to disable selinux support
6Upstream-Status: Pending 6Upstream-Status: Pending
7 7
8Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> 8Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
9
10--- 9---
11 configure.in | 14 ++++++++++---- 10 configure.in | 14 ++++++++++----
12 1 file changed, 10 insertions(+), 4 deletions(-) 11 1 file changed, 10 insertions(+), 4 deletions(-)
13 12
14diff --git a/configure.in b/configure.in 13diff --git a/configure.in b/configure.in
15index 54dfd0d..377e062 100644 14index caa6f54..eab2090 100644
16--- a/configure.in 15--- a/configure.in
17+++ b/configure.in 16+++ b/configure.in
18@@ -466,10 +466,16 @@ getloadavg 17@@ -466,10 +466,16 @@ getloadavg
@@ -36,3 +35,6 @@ index 54dfd0d..377e062 100644
36 35
37 AC_CACHE_CHECK([for gettid()], ac_cv_gettid, 36 AC_CACHE_CHECK([for gettid()], ac_cv_gettid,
38 [AC_TRY_RUN(#define _GNU_SOURCE 37 [AC_TRY_RUN(#define _GNU_SOURCE
38--
392.7.4
40
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/server-makefile.patch b/meta-webserver/recipes-httpd/apache2/apache2/0008-apache2-do-not-use-relative-path-for-gen_test_char.patch
index 5476d4f32..82e9e8c35 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2/server-makefile.patch
+++ b/meta-webserver/recipes-httpd/apache2/apache2/0008-apache2-do-not-use-relative-path-for-gen_test_char.patch
@@ -1,6 +1,7 @@
1From aa02bbfd8f16871db5563a95fa94dd170964949f Mon Sep 17 00:00:00 2001 1From b62c4cd2295c98b2ebe12641e5f01590bd96ae94 Mon Sep 17 00:00:00 2001
2From: Paul Eggleton <paul.eggleton@linux.intel.com> 2From: Paul Eggleton <paul.eggleton@linux.intel.com>
3Date: Tue, 17 Jul 2012 11:27:39 +0100 3Date: Tue, 17 Jul 2012 11:27:39 +0100
4Subject: [PATCH] apache2: do not use relative path for gen_test_char
4 5
5Upstream-Status: Inappropriate [embedded specific] 6Upstream-Status: Inappropriate [embedded specific]
6 7
@@ -9,7 +10,7 @@ Upstream-Status: Inappropriate [embedded specific]
9 1 file changed, 1 insertion(+), 1 deletion(-) 10 1 file changed, 1 insertion(+), 1 deletion(-)
10 11
11diff --git a/server/Makefile.in b/server/Makefile.in 12diff --git a/server/Makefile.in b/server/Makefile.in
12index 1fa3344..cb11684 100644 13index f635d76..0d48924 100644
13--- a/server/Makefile.in 14--- a/server/Makefile.in
14+++ b/server/Makefile.in 15+++ b/server/Makefile.in
15@@ -29,7 +29,7 @@ gen_test_char: $(gen_test_char_OBJECTS) 16@@ -29,7 +29,7 @@ gen_test_char: $(gen_test_char_OBJECTS)
@@ -21,3 +22,6 @@ index 1fa3344..cb11684 100644
21 22
22 util.lo: test_char.h 23 util.lo: test_char.h
23 24
25--
262.7.4
27
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/CVE-2018-11763.patch b/meta-webserver/recipes-httpd/apache2/apache2/CVE-2018-11763.patch
deleted file mode 100644
index a2c5b2e02..000000000
--- a/meta-webserver/recipes-httpd/apache2/apache2/CVE-2018-11763.patch
+++ /dev/null
@@ -1,512 +0,0 @@
1From 484aba5048e3457dc1d15189f1910d007b1a4a76 Mon Sep 17 00:00:00 2001
2From: Jim Jagielski <jim@apache.org>
3Date: Wed, 12 Sep 2018 20:38:02 +0000
4Subject: [PATCH] Merge r1840010 from trunk:
5
6On the trunk:
7
8mod_http2: connection IO event handling reworked. Instead of reacting on
9 incoming bytes, the state machine now acts on incoming frames that are
10 affecting it. This reduces state transitions.
11
12
13Submitted by: icing
14Reviewed by: icing, ylavic, jim
15
16
17git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1840757 13f79535-47bb-0310-9956-ffa450edef68
18CVE: CVE-2018-11763
19Upstream-Status: Backport [https://github.com/apache/httpd/commit/484aba5048e3457dc1d15189f1910d007b1a4a76]
20
21Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
22---
23 modules/http2/h2_session.c | 238 +++++++++++++++++++++++--------------
24 modules/http2/h2_session.h | 7 +-
25 modules/http2/h2_version.h | 4 +-
26 3 files changed, 158 insertions(+), 97 deletions(-)
27
28diff --git a/modules/http2/h2_session.c b/modules/http2/h2_session.c
29index 805d6774dc..a1b31d2b30 100644
30--- a/modules/http2/h2_session.c
31+++ b/modules/http2/h2_session.c
32@@ -235,6 +235,7 @@ static int on_data_chunk_recv_cb(nghttp2_session *ngh2, uint8_t flags,
33 stream = h2_session_stream_get(session, stream_id);
34 if (stream) {
35 status = h2_stream_recv_DATA(stream, flags, data, len);
36+ dispatch_event(session, H2_SESSION_EV_STREAM_CHANGE, 0, "stream data rcvd");
37 }
38 else {
39 ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03064)
40@@ -317,9 +318,9 @@ static int on_header_cb(nghttp2_session *ngh2, const nghttp2_frame *frame,
41 }
42
43 /**
44- * nghttp2 session has received a complete frame. Most, it uses
45- * for processing of internal state. HEADER and DATA frames however
46- * we need to handle ourself.
47+ * nghttp2 session has received a complete frame. Most are used by nghttp2
48+ * for processing of internal state. Some, like HEADER and DATA frames,
49+ * we need to act on.
50 */
51 static int on_frame_recv_cb(nghttp2_session *ng2s,
52 const nghttp2_frame *frame,
53@@ -378,6 +379,9 @@ static int on_frame_recv_cb(nghttp2_session *ng2s,
54 "h2_stream(%ld-%d): WINDOW_UPDATE incr=%d",
55 session->id, (int)frame->hd.stream_id,
56 frame->window_update.window_size_increment);
57+ if (nghttp2_session_want_write(session->ngh2)) {
58+ dispatch_event(session, H2_SESSION_EV_FRAME_RCVD, 0, "window update");
59+ }
60 break;
61 case NGHTTP2_RST_STREAM:
62 ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, session->c, APLOGNO(03067)
63@@ -404,6 +408,12 @@ static int on_frame_recv_cb(nghttp2_session *ng2s,
64 frame->goaway.error_code, NULL);
65 }
66 break;
67+ case NGHTTP2_SETTINGS:
68+ if (APLOGctrace2(session->c)) {
69+ ap_log_cerror(APLOG_MARK, APLOG_TRACE2, 0, session->c,
70+ H2_SSSN_MSG(session, "SETTINGS, len=%ld"), (long)frame->hd.length);
71+ }
72+ break;
73 default:
74 if (APLOGctrace2(session->c)) {
75 char buffer[256];
76@@ -415,7 +425,40 @@ static int on_frame_recv_cb(nghttp2_session *ng2s,
77 }
78 break;
79 }
80- return (APR_SUCCESS == rv)? 0 : NGHTTP2_ERR_PROTO;
81+
82+ if (session->state == H2_SESSION_ST_IDLE) {
83+ /* We received a frame, but session is in state IDLE. That means the frame
84+ * did not really progress any of the (possibly) open streams. It was a meta
85+ * frame, e.g. SETTINGS/WINDOW_UPDATE/unknown/etc.
86+ * Remember: IDLE means we cannot send because either there are no streams open or
87+ * all open streams are blocked on exhausted WINDOWs for outgoing data.
88+ * The more frames we receive that do not change this, the less interested we
89+ * become in serving this connection. This is expressed in increasing "idle_delays".
90+ * Eventually, the connection will timeout and we'll close it. */
91+ session->idle_frames = H2MIN(session->idle_frames + 1, session->frames_received);
92+ ap_log_cerror( APLOG_MARK, APLOG_TRACE2, 0, session->c,
93+ H2_SSSN_MSG(session, "session has %ld idle frames"),
94+ (long)session->idle_frames);
95+ if (session->idle_frames > 10) {
96+ apr_size_t busy_frames = H2MAX(session->frames_received - session->idle_frames, 1);
97+ int idle_ratio = (int)(session->idle_frames / busy_frames);
98+ if (idle_ratio > 100) {
99+ session->idle_delay = apr_time_from_msec(H2MIN(1000, idle_ratio));
100+ }
101+ else if (idle_ratio > 10) {
102+ session->idle_delay = apr_time_from_msec(10);
103+ }
104+ else if (idle_ratio > 1) {
105+ session->idle_delay = apr_time_from_msec(1);
106+ }
107+ else {
108+ session->idle_delay = 0;
109+ }
110+ }
111+ }
112+
113+ if (APR_SUCCESS != rv) return NGHTTP2_ERR_PROTO;
114+ return 0;
115 }
116
117 static int h2_session_continue_data(h2_session *session) {
118@@ -1603,23 +1646,57 @@ static void update_child_status(h2_session *session, int status, const char *msg
119
120 static void transit(h2_session *session, const char *action, h2_session_state nstate)
121 {
122+ apr_time_t timeout;
123+ int ostate, loglvl;
124+ const char *s;
125+
126 if (session->state != nstate) {
127- int loglvl = APLOG_DEBUG;
128- if ((session->state == H2_SESSION_ST_BUSY && nstate == H2_SESSION_ST_WAIT)
129- || (session->state == H2_SESSION_ST_WAIT && nstate == H2_SESSION_ST_BUSY)){
130+ ostate = session->state;
131+ session->state = nstate;
132+
133+ loglvl = APLOG_DEBUG;
134+ if ((ostate == H2_SESSION_ST_BUSY && nstate == H2_SESSION_ST_WAIT)
135+ || (ostate == H2_SESSION_ST_WAIT && nstate == H2_SESSION_ST_BUSY)){
136 loglvl = APLOG_TRACE1;
137 }
138 ap_log_cerror(APLOG_MARK, loglvl, 0, session->c,
139 H2_SSSN_LOG(APLOGNO(03078), session,
140 "transit [%s] -- %s --> [%s]"),
141- h2_session_state_str(session->state), action,
142+ h2_session_state_str(ostate), action,
143 h2_session_state_str(nstate));
144- session->state = nstate;
145+
146 switch (session->state) {
147 case H2_SESSION_ST_IDLE:
148- update_child_status(session, (session->open_streams == 0?
149- SERVER_BUSY_KEEPALIVE
150- : SERVER_BUSY_READ), "idle");
151+ if (!session->remote.emitted_count) {
152+ /* on fresh connections, with async mpm, do not return
153+ * to mpm for a second. This gives the first request a better
154+ * chance to arrive (und connection leaving IDLE state).
155+ * If we return to mpm right away, this connection has the
156+ * same chance of being cleaned up by the mpm as connections
157+ * that already served requests - not fair. */
158+ session->idle_sync_until = apr_time_now() + apr_time_from_sec(1);
159+ s = "timeout";
160+ timeout = H2MAX(session->s->timeout, session->s->keep_alive_timeout);
161+ update_child_status(session, SERVER_BUSY_READ, "idle");
162+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, session->c,
163+ H2_SSSN_LOG("", session, "enter idle, timeout = %d sec"),
164+ (int)apr_time_sec(H2MAX(session->s->timeout, session->s->keep_alive_timeout)));
165+ }
166+ else if (session->open_streams) {
167+ s = "timeout";
168+ timeout = session->s->keep_alive_timeout;
169+ update_child_status(session, SERVER_BUSY_KEEPALIVE, "idle");
170+ }
171+ else {
172+ /* normal keepalive setup */
173+ s = "keepalive";
174+ timeout = session->s->keep_alive_timeout;
175+ update_child_status(session, SERVER_BUSY_KEEPALIVE, "idle");
176+ }
177+ session->idle_until = apr_time_now() + timeout;
178+ ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, session->c,
179+ H2_SSSN_LOG("", session, "enter idle, %s = %d sec"),
180+ s, (int)apr_time_sec(timeout));
181 break;
182 case H2_SESSION_ST_DONE:
183 update_child_status(session, SERVER_CLOSING, "done");
184@@ -1726,8 +1803,6 @@ static void h2_session_ev_no_io(h2_session *session, int arg, const char *msg)
185 * This means we only wait for WINDOW_UPDATE from the
186 * client and can block on READ. */
187 transit(session, "no io (flow wait)", H2_SESSION_ST_IDLE);
188- session->idle_until = apr_time_now() + session->s->timeout;
189- session->keep_sync_until = session->idle_until;
190 /* Make sure we have flushed all previously written output
191 * so that the client will react. */
192 if (h2_conn_io_flush(&session->io) != APR_SUCCESS) {
193@@ -1738,12 +1813,7 @@ static void h2_session_ev_no_io(h2_session *session, int arg, const char *msg)
194 }
195 else if (session->local.accepting) {
196 /* When we have no streams, but accept new, switch to idle */
197- apr_time_t now = apr_time_now();
198 transit(session, "no io (keepalive)", H2_SESSION_ST_IDLE);
199- session->idle_until = (session->remote.emitted_count?
200- session->s->keep_alive_timeout :
201- session->s->timeout) + now;
202- session->keep_sync_until = now + apr_time_from_sec(1);
203 }
204 else {
205 /* We are no longer accepting new streams and there are
206@@ -1758,12 +1828,25 @@ static void h2_session_ev_no_io(h2_session *session, int arg, const char *msg)
207 }
208 }
209
210-static void h2_session_ev_data_read(h2_session *session, int arg, const char *msg)
211+static void h2_session_ev_frame_rcvd(h2_session *session, int arg, const char *msg)
212+{
213+ switch (session->state) {
214+ case H2_SESSION_ST_IDLE:
215+ case H2_SESSION_ST_WAIT:
216+ transit(session, "frame received", H2_SESSION_ST_BUSY);
217+ break;
218+ default:
219+ /* nop */
220+ break;
221+ }
222+}
223+
224+static void h2_session_ev_stream_change(h2_session *session, int arg, const char *msg)
225 {
226 switch (session->state) {
227 case H2_SESSION_ST_IDLE:
228 case H2_SESSION_ST_WAIT:
229- transit(session, "data read", H2_SESSION_ST_BUSY);
230+ transit(session, "stream change", H2_SESSION_ST_BUSY);
231 break;
232 default:
233 /* nop */
234@@ -1803,16 +1886,6 @@ static void h2_session_ev_pre_close(h2_session *session, int arg, const char *ms
235 static void ev_stream_open(h2_session *session, h2_stream *stream)
236 {
237 h2_iq_append(session->in_process, stream->id);
238- switch (session->state) {
239- case H2_SESSION_ST_IDLE:
240- if (session->open_streams == 1) {
241- /* enter timeout, since we have a stream again */
242- session->idle_until = (session->s->timeout + apr_time_now());
243- }
244- break;
245- default:
246- break;
247- }
248 }
249
250 static void ev_stream_closed(h2_session *session, h2_stream *stream)
251@@ -1825,11 +1898,6 @@ static void ev_stream_closed(h2_session *session, h2_stream *stream)
252 }
253 switch (session->state) {
254 case H2_SESSION_ST_IDLE:
255- if (session->open_streams == 0) {
256- /* enter keepalive timeout, since we no longer have streams */
257- session->idle_until = (session->s->keep_alive_timeout
258- + apr_time_now());
259- }
260 break;
261 default:
262 break;
263@@ -1887,6 +1955,7 @@ static void on_stream_state_enter(void *ctx, h2_stream *stream)
264 default:
265 break;
266 }
267+ dispatch_event(session, H2_SESSION_EV_STREAM_CHANGE, 0, "stream state change");
268 }
269
270 static void on_stream_event(void *ctx, h2_stream *stream,
271@@ -1945,8 +2014,8 @@ static void dispatch_event(h2_session *session, h2_session_event_t ev,
272 case H2_SESSION_EV_NO_IO:
273 h2_session_ev_no_io(session, arg, msg);
274 break;
275- case H2_SESSION_EV_DATA_READ:
276- h2_session_ev_data_read(session, arg, msg);
277+ case H2_SESSION_EV_FRAME_RCVD:
278+ h2_session_ev_frame_rcvd(session, arg, msg);
279 break;
280 case H2_SESSION_EV_NGH2_DONE:
281 h2_session_ev_ngh2_done(session, arg, msg);
282@@ -1957,6 +2026,9 @@ static void dispatch_event(h2_session *session, h2_session_event_t ev,
283 case H2_SESSION_EV_PRE_CLOSE:
284 h2_session_ev_pre_close(session, arg, msg);
285 break;
286+ case H2_SESSION_EV_STREAM_CHANGE:
287+ h2_session_ev_stream_change(session, arg, msg);
288+ break;
289 default:
290 ap_log_cerror(APLOG_MARK, APLOG_TRACE1, 0, session->c,
291 H2_SSSN_MSG(session, "unknown event %d"), ev);
292@@ -1990,13 +2062,15 @@ apr_status_t h2_session_process(h2_session *session, int async)
293 apr_status_t status = APR_SUCCESS;
294 conn_rec *c = session->c;
295 int rv, mpm_state, trace = APLOGctrace3(c);
296-
297+ apr_time_t now;
298+
299 if (trace) {
300 ap_log_cerror( APLOG_MARK, APLOG_TRACE3, status, c,
301 H2_SSSN_MSG(session, "process start, async=%d"), async);
302 }
303
304 while (session->state != H2_SESSION_ST_DONE) {
305+ now = apr_time_now();
306 session->have_read = session->have_written = 0;
307
308 if (session->local.accepting
309@@ -2034,39 +2108,42 @@ apr_status_t h2_session_process(h2_session *session, int async)
310 break;
311
312 case H2_SESSION_ST_IDLE:
313- /* We trust our connection into the default timeout/keepalive
314- * handling of the core filters/mpm iff:
315- * - keep_sync_until is not set
316- * - we have an async mpm
317- * - we have no open streams to process
318- * - we are not sitting on a Upgrade: request
319- * - we already have seen at least one request
320- */
321- if (!session->keep_sync_until && async && !session->open_streams
322- && !session->r && session->remote.emitted_count) {
323+ if (session->idle_until && (apr_time_now() + session->idle_delay) > session->idle_until) {
324+ ap_log_cerror( APLOG_MARK, APLOG_TRACE1, status, c,
325+ H2_SSSN_MSG(session, "idle, timeout reached, closing"));
326+ if (session->idle_delay) {
327+ apr_table_setn(session->c->notes, "short-lingering-close", "1");
328+ }
329+ dispatch_event(session, H2_SESSION_EV_CONN_TIMEOUT, 0, "timeout");
330+ goto out;
331+ }
332+
333+ if (session->idle_delay) {
334+ /* we are less interested in spending time on this connection */
335+ ap_log_cerror( APLOG_MARK, APLOG_TRACE2, status, c,
336+ H2_SSSN_MSG(session, "session is idle (%ld ms), idle wait %ld sec left"),
337+ (long)apr_time_as_msec(session->idle_delay),
338+ (long)apr_time_sec(session->idle_until - now));
339+ apr_sleep(session->idle_delay);
340+ session->idle_delay = 0;
341+ }
342+
343+ h2_conn_io_flush(&session->io);
344+ if (async && !session->r && (now > session->idle_sync_until)) {
345 if (trace) {
346 ap_log_cerror(APLOG_MARK, APLOG_TRACE3, status, c,
347 H2_SSSN_MSG(session,
348 "nonblock read, %d streams open"),
349 session->open_streams);
350 }
351- h2_conn_io_flush(&session->io);
352 status = h2_session_read(session, 0);
353
354 if (status == APR_SUCCESS) {
355 session->have_read = 1;
356- dispatch_event(session, H2_SESSION_EV_DATA_READ, 0, NULL);
357 }
358- else if (APR_STATUS_IS_EAGAIN(status)
359- || APR_STATUS_IS_TIMEUP(status)) {
360- if (apr_time_now() > session->idle_until) {
361- dispatch_event(session,
362- H2_SESSION_EV_CONN_TIMEOUT, 0, NULL);
363- }
364- else {
365- status = APR_EAGAIN;
366- goto out;
367- }
368+ else if (APR_STATUS_IS_EAGAIN(status) || APR_STATUS_IS_TIMEUP(status)) {
369+ status = APR_EAGAIN;
370+ goto out;
371 }
372 else {
373 ap_log_cerror(APLOG_MARK, APLOG_DEBUG, status, c,
374@@ -2078,7 +2155,6 @@ apr_status_t h2_session_process(h2_session *session, int async)
375 }
376 else {
377 /* make certain, we send everything before we idle */
378- h2_conn_io_flush(&session->io);
379 if (trace) {
380 ap_log_cerror(APLOG_MARK, APLOG_TRACE3, status, c,
381 H2_SSSN_MSG(session,
382@@ -2090,7 +2166,6 @@ apr_status_t h2_session_process(h2_session *session, int async)
383 */
384 status = h2_mplx_idle(session->mplx);
385 if (status == APR_EAGAIN) {
386- dispatch_event(session, H2_SESSION_EV_DATA_READ, 0, NULL);
387 break;
388 }
389 else if (status != APR_SUCCESS) {
390@@ -2101,33 +2176,11 @@ apr_status_t h2_session_process(h2_session *session, int async)
391 status = h2_session_read(session, 1);
392 if (status == APR_SUCCESS) {
393 session->have_read = 1;
394- dispatch_event(session, H2_SESSION_EV_DATA_READ, 0, NULL);
395 }
396 else if (status == APR_EAGAIN) {
397 /* nothing to read */
398 }
399 else if (APR_STATUS_IS_TIMEUP(status)) {
400- apr_time_t now = apr_time_now();
401- if (now > session->keep_sync_until) {
402- /* if we are on an async mpm, now is the time that
403- * we may dare to pass control to it. */
404- session->keep_sync_until = 0;
405- }
406- if (now > session->idle_until) {
407- if (trace) {
408- ap_log_cerror(APLOG_MARK, APLOG_TRACE3, status, c,
409- H2_SSSN_MSG(session,
410- "keepalive timeout"));
411- }
412- dispatch_event(session,
413- H2_SESSION_EV_CONN_TIMEOUT, 0, "timeout");
414- }
415- else if (trace) {
416- ap_log_cerror(APLOG_MARK, APLOG_TRACE3, status, c,
417- H2_SSSN_MSG(session,
418- "keepalive, %f sec left"),
419- (session->idle_until - now) / 1000000.0f);
420- }
421 /* continue reading handling */
422 }
423 else if (APR_STATUS_IS_ECONNABORTED(status)
424@@ -2145,6 +2198,18 @@ apr_status_t h2_session_process(h2_session *session, int async)
425 dispatch_event(session, H2_SESSION_EV_CONN_ERROR, 0, "error");
426 }
427 }
428+ if (nghttp2_session_want_write(session->ngh2)) {
429+ ap_update_child_status(session->c->sbh, SERVER_BUSY_WRITE, NULL);
430+ status = h2_session_send(session);
431+ if (status == APR_SUCCESS) {
432+ status = h2_conn_io_flush(&session->io);
433+ }
434+ if (status != APR_SUCCESS) {
435+ dispatch_event(session, H2_SESSION_EV_CONN_ERROR,
436+ H2_ERR_INTERNAL_ERROR, "writing");
437+ break;
438+ }
439+ }
440 break;
441
442 case H2_SESSION_ST_BUSY:
443@@ -2154,7 +2219,6 @@ apr_status_t h2_session_process(h2_session *session, int async)
444 status = h2_session_read(session, 0);
445 if (status == APR_SUCCESS) {
446 session->have_read = 1;
447- dispatch_event(session, H2_SESSION_EV_DATA_READ, 0, NULL);
448 }
449 else if (status == APR_EAGAIN) {
450 /* nothing to read */
451@@ -2218,7 +2282,7 @@ apr_status_t h2_session_process(h2_session *session, int async)
452 session->iowait);
453 if (status == APR_SUCCESS) {
454 session->wait_us = 0;
455- dispatch_event(session, H2_SESSION_EV_DATA_READ, 0, NULL);
456+ dispatch_event(session, H2_SESSION_EV_STREAM_CHANGE, 0, NULL);
457 }
458 else if (APR_STATUS_IS_TIMEUP(status)) {
459 /* go back to checking all inputs again */
460diff --git a/modules/http2/h2_session.h b/modules/http2/h2_session.h
461index 486938b009..df2a862445 100644
462--- a/modules/http2/h2_session.h
463+++ b/modules/http2/h2_session.h
464@@ -66,10 +66,11 @@ typedef enum {
465 H2_SESSION_EV_PROTO_ERROR, /* protocol error */
466 H2_SESSION_EV_CONN_TIMEOUT, /* connection timeout */
467 H2_SESSION_EV_NO_IO, /* nothing has been read or written */
468- H2_SESSION_EV_DATA_READ, /* connection data has been read */
469+ H2_SESSION_EV_FRAME_RCVD, /* a frame has been received */
470 H2_SESSION_EV_NGH2_DONE, /* nghttp2 wants neither read nor write anything */
471 H2_SESSION_EV_MPM_STOPPING, /* the process is stopping */
472 H2_SESSION_EV_PRE_CLOSE, /* connection will close after this */
473+ H2_SESSION_EV_STREAM_CHANGE, /* a stream (state/input/output) changed */
474 } h2_session_event_t;
475
476 typedef struct h2_session {
477@@ -118,7 +119,9 @@ typedef struct h2_session {
478 apr_size_t max_stream_mem; /* max buffer memory for a single stream */
479
480 apr_time_t idle_until; /* Time we shut down due to sheer boredom */
481- apr_time_t keep_sync_until; /* Time we sync wait until passing to async mpm */
482+ apr_time_t idle_sync_until; /* Time we sync wait until keepalive handling kicks in */
483+ apr_size_t idle_frames; /* number of rcvd frames that kept session in idle state */
484+ apr_interval_time_t idle_delay; /* Time we delay processing rcvd frames in idle state */
485
486 apr_bucket_brigade *bbtmp; /* brigade for keeping temporary data */
487 struct apr_thread_cond_t *iowait; /* our cond when trywaiting for data */
488diff --git a/modules/http2/h2_version.h b/modules/http2/h2_version.h
489index 5c53abd575..2ac718fc0f 100644
490--- a/modules/http2/h2_version.h
491+++ b/modules/http2/h2_version.h
492@@ -27,7 +27,7 @@
493 * @macro
494 * Version number of the http2 module as c string
495 */
496-#define MOD_HTTP2_VERSION "1.10.20"
497+#define MOD_HTTP2_VERSION "1.11.0"
498
499 /**
500 * @macro
501@@ -35,7 +35,7 @@
502 * release. This is a 24 bit number with 8 bits for major number, 8 bits
503 * for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
504 */
505-#define MOD_HTTP2_VERSION_NUM 0x010a14
506+#define MOD_HTTP2_VERSION_NUM 0x010b00
507
508
509 #endif /* mod_h2_h2_version_h */
510--
5112.17.1
512
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/apache-configure_perlbin.patch b/meta-webserver/recipes-httpd/apache2/apache2/apache-configure_perlbin.patch
deleted file mode 100644
index a2bc6e02c..000000000
--- a/meta-webserver/recipes-httpd/apache2/apache2/apache-configure_perlbin.patch
+++ /dev/null
@@ -1,27 +0,0 @@
1From 5412077c398dec74321388fe6e593a44c4c80de6 Mon Sep 17 00:00:00 2001
2From: echo <fei.geng@windriver.com>
3Date: Tue, 28 Apr 2009 03:11:06 +0000
4Subject: [PATCH] Fix perl install directory to /usr/bin
5
6Upstream-Status: Inappropriate [configuration]
7
8---
9 configure.in | 5 +----
10 1 file changed, 1 insertion(+), 4 deletions(-)
11
12diff --git a/configure.in b/configure.in
13index d828512..be7bd25 100644
14--- a/configure.in
15+++ b/configure.in
16@@ -855,10 +855,7 @@ AC_DEFINE_UNQUOTED(SERVER_CONFIG_FILE, "${rel_sysconfdir}/${progname}.conf",
17 AC_DEFINE_UNQUOTED(AP_TYPES_CONFIG_FILE, "${rel_sysconfdir}/mime.types",
18 [Location of the MIME types config file, relative to the Apache root directory])
19
20-perlbin=`$ac_aux_dir/PrintPath perl`
21-if test "x$perlbin" = "x"; then
22- perlbin="/replace/with/path/to/perl/interpreter"
23-fi
24+perlbin='/usr/bin/perl'
25 AC_SUBST(perlbin)
26
27 dnl If we are running on BSD/OS, we need to use the BSD .include syntax.
diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.34.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.39.bb
index 80c8b20d0..d58ccb8f2 100644
--- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.34.bb
+++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.39.bb
@@ -2,91 +2,98 @@ DESCRIPTION = "The Apache HTTP Server is a powerful, efficient, and \
2extensible web server." 2extensible web server."
3SUMMARY = "Apache HTTP Server" 3SUMMARY = "Apache HTTP Server"
4HOMEPAGE = "http://httpd.apache.org/" 4HOMEPAGE = "http://httpd.apache.org/"
5DEPENDS = "libtool-native apache2-native openssl expat pcre apr apr-util"
6SECTION = "net" 5SECTION = "net"
7LICENSE = "Apache-2.0" 6LICENSE = "Apache-2.0"
8 7
9SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \ 8SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \
10 file://server-makefile.patch \
11 file://httpd-2.4.1-corelimit.patch \
12 file://httpd-2.4.4-export.patch \
13 file://httpd-2.4.1-selinux.patch \
14 file://apache-configure_perlbin.patch \
15 file://replace-lynx-to-curl-in-apachectl-script.patch \
16 file://httpd-2.4.3-fix-race-issue-of-dir-install.patch \
17 file://0001-configure-use-pkg-config-for-PCRE-detection.patch \ 9 file://0001-configure-use-pkg-config-for-PCRE-detection.patch \
18 file://configure-allow-to-disable-selinux-support.patch \ 10 file://0002-apache2-bump-up-the-core-size-limit-if-CoreDumpDirec.patch \
19 file://CVE-2018-11763.patch \ 11 file://0003-apache2-do-not-export-apr-apr-util-symbols-when-usin.patch \
12 file://0004-apache2-log-the-SELinux-context-at-startup.patch \
13 file://0005-replace-lynx-to-curl-in-apachectl-script.patch \
14 file://0006-apache2-fix-the-race-issue-of-parallel-installation.patch \
15 file://0007-apache2-allow-to-disable-selinux-support.patch \
16 "
17
18SRC_URI_append_class-target = " \
19 file://0008-apache2-do-not-use-relative-path-for-gen_test_char.patch \
20 file://init \ 20 file://init \
21 file://apache2-volatile.conf \ 21 file://apache2-volatile.conf \
22 file://apache2.service \ 22 file://apache2.service \
23 file://volatiles.04_apache2 \ 23 file://volatiles.04_apache2 \
24 " 24 "
25 25
26LIC_FILES_CHKSUM = "file://LICENSE;md5=d52d0fd0bc788f068e647116c01ddfcd" 26LIC_FILES_CHKSUM = "file://LICENSE;md5=d52d0fd0bc788f068e647116c01ddfcd"
27SRC_URI[md5sum] = "818adca52f3be187fe45d6822755be95" 27SRC_URI[md5sum] = "930e217ba2d71e708a3f1521ecae7ec0"
28SRC_URI[sha256sum] = "fa53c95631febb08a9de41fd2864cfff815cf62d9306723ab0d4b8d7aa1638f0" 28SRC_URI[sha256sum] = "b4ca9d05773aa59b54d66cd8f4744b945289f084d3be17d7981d1783a5decfa2"
29 29
30S = "${WORKDIR}/httpd-${PV}" 30S = "${WORKDIR}/httpd-${PV}"
31 31
32inherit autotools update-rc.d pkgconfig systemd update-alternatives 32inherit autotools update-rc.d pkgconfig systemd update-alternatives
33 33
34CVE_PRODUCT = "http_server" 34DEPENDS = "openssl expat pcre apr apr-util apache2-native "
35 35
36ALTERNATIVE_${PN}-doc = "htpasswd.1" 36CVE_PRODUCT = "http_server"
37ALTERNATIVE_LINK_NAME[htpasswd.1] = "${mandir}/man1/htpasswd.1"
38
39SYSTEMD_SERVICE_${PN} = "apache2.service"
40SYSTEMD_AUTO_ENABLE_${PN} = "disable"
41 37
42SSTATE_SCAN_FILES += "apxs config_vars.mk config.nice" 38SSTATE_SCAN_FILES += "apxs config_vars.mk config.nice"
43 39
40PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'selinux', d)}"
41PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux,libselinux"
42PACKAGECONFIG[openldap] = "--enable-ldap --enable-authnz-ldap,--disable-ldap --disable-authnz-ldap,openldap"
43PACKAGECONFIG[zlib] = "--enable-deflate,,zlib,zlib"
44
44CFLAGS_append = " -DPATH_MAX=4096" 45CFLAGS_append = " -DPATH_MAX=4096"
45CFLAGS_prepend = "-I${STAGING_INCDIR}/openssl " 46
46EXTRA_OECONF = "--enable-ssl \ 47EXTRA_OECONF_class-target = "\
47 --with-ssl=${STAGING_LIBDIR}/.. \ 48 --enable-layout=Debian \
48 --with-expat=${STAGING_LIBDIR}/.. \ 49 --prefix=${base_prefix} \
49 --with-apr=${STAGING_BINDIR_CROSS}/apr-1-config \ 50 --exec_prefix=${exec_prefix} \
50 --with-apr-util=${STAGING_BINDIR_CROSS}/apu-1-config \
51 --enable-info \
52 --enable-rewrite \
53 --with-dbm=sdbm \
54 --with-berkeley-db=no \
55 --localstatedir=/var/${BPN} \
56 --with-gdbm=no \
57 --with-ndbm=no \
58 --includedir=${includedir}/${BPN} \ 51 --includedir=${includedir}/${BPN} \
59 --datadir=${datadir}/${BPN} \
60 --sysconfdir=${sysconfdir}/${BPN} \ 52 --sysconfdir=${sysconfdir}/${BPN} \
53 --datadir=${datadir}/${BPN} \
54 --libdir=${libdir} \
61 --libexecdir=${libdir}/${BPN}/modules \ 55 --libexecdir=${libdir}/${BPN}/modules \
62 ap_cv_void_ptr_lt_long=no \ 56 --localstatedir=${localstatedir} \
57 --enable-ssl \
58 --with-dbm=sdbm \
59 --with-gdbm=no \
60 --with-ndbm=no \
61 --with-berkeley-db=no \
62 --enable-info \
63 --enable-rewrite \
63 --enable-mpms-shared \ 64 --enable-mpms-shared \
65 ap_cv_void_ptr_lt_long=no \
64 ac_cv_have_threadsafe_pollset=no \ 66 ac_cv_have_threadsafe_pollset=no \
65 --enable-layout=Debian \ 67 "
66 --prefix=${base_prefix}/"
67 68
68PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'selinux', d)}" 69EXTRA_OECONF_class-native = "\
69PACKAGECONFIG[selinux] = "--enable-selinux,--disable-selinux,libselinux,libselinux" 70 --prefix=${prefix} \
70PACKAGECONFIG[openldap] = "--enable-ldap --enable-authnz-ldap,--disable-ldap --disable-authnz-ldap,openldap" 71 --includedir=${includedir}/${BPN} \
71PACKAGECONFIG[zlib] = "--enable-deflate --with-z=${STAGING_LIBDIR},,zlib,zlib" 72 --sysconfdir=${sysconfdir}/${BPN} \
73 --datadir=${datadir}/${BPN} \
74 --libdir=${libdir} \
75 --libexecdir=${libdir}/${BPN}/modules \
76 --localstatedir=${localstatedir} \
77 "
72 78
73do_configure_prepend() { 79do_configure_prepend() {
74 sed -i -e 's:$''{prefix}/usr/lib/cgi-bin:$''{libdir}/cgi-bin:g' ${S}/config.layout 80 sed -i -e 's:$''{prefix}/usr/lib/cgi-bin:$''{libdir}/cgi-bin:g' ${S}/config.layout
75} 81}
76 82
77do_install_append() { 83do_install_append_class-target() {
78 install -d ${D}/${sysconfdir}/init.d 84 install -d ${D}/${sysconfdir}/init.d
85
79 cat ${WORKDIR}/init | \ 86 cat ${WORKDIR}/init | \
80 sed -e 's,/usr/sbin/,${sbindir}/,g' \ 87 sed -e 's,/usr/sbin/,${sbindir}/,g' \
81 -e 's,/usr/bin/,${bindir}/,g' \ 88 -e 's,/usr/bin/,${bindir}/,g' \
82 -e 's,/usr/lib,${libdir}/,g' \ 89 -e 's,/usr/lib/,${libdir}/,g' \
83 -e 's,/etc/,${sysconfdir}/,g' \ 90 -e 's,/etc/,${sysconfdir}/,g' \
84 -e 's,/usr/,${prefix}/,g' > ${D}/${sysconfdir}/init.d/${BPN} 91 -e 's,/usr/,${prefix}/,g' > ${D}/${sysconfdir}/init.d/${BPN}
92
85 chmod 755 ${D}/${sysconfdir}/init.d/${BPN} 93 chmod 755 ${D}/${sysconfdir}/init.d/${BPN}
86 # remove the goofy original files... 94
95 # Remove the goofy original files...
87 rm -rf ${D}/${sysconfdir}/${BPN}/original 96 rm -rf ${D}/${sysconfdir}/${BPN}/original
88 # Expat should be found in the staging area via DEPENDS...
89 rm -f ${D}/${libdir}/libexpat.*
90 97
91 install -d ${D}${sysconfdir}/${BPN}/conf.d 98 install -d ${D}${sysconfdir}/${BPN}/conf.d
92 install -d ${D}${sysconfdir}/${BPN}/modules.d 99 install -d ${D}${sysconfdir}/${BPN}/modules.d
@@ -95,44 +102,58 @@ do_install_append() {
95 printf "\nIncludeOptional ${sysconfdir}/${BPN}/conf.d/*.conf" >> ${D}/${sysconfdir}/${BPN}/httpd.conf 102 printf "\nIncludeOptional ${sysconfdir}/${BPN}/conf.d/*.conf" >> ${D}/${sysconfdir}/${BPN}/httpd.conf
96 printf "\nIncludeOptional ${sysconfdir}/${BPN}/modules.d/*.load" >> ${D}/${sysconfdir}/${BPN}/httpd.conf 103 printf "\nIncludeOptional ${sysconfdir}/${BPN}/modules.d/*.load" >> ${D}/${sysconfdir}/${BPN}/httpd.conf
97 printf "\nIncludeOptional ${sysconfdir}/${BPN}/modules.d/*.conf\n\n" >> ${D}/${sysconfdir}/${BPN}/httpd.conf 104 printf "\nIncludeOptional ${sysconfdir}/${BPN}/modules.d/*.conf\n\n" >> ${D}/${sysconfdir}/${BPN}/httpd.conf
98 # match with that is in init script 105
106 # Match with that is in init script
99 printf "\nPidFile /run/httpd.pid" >> ${D}/${sysconfdir}/${BPN}/httpd.conf 107 printf "\nPidFile /run/httpd.pid" >> ${D}/${sysconfdir}/${BPN}/httpd.conf
108
100 # Set 'ServerName' to fix error messages when restart apache service 109 # Set 'ServerName' to fix error messages when restart apache service
101 sed -i 's/^#ServerName www.example.com/ServerName localhost/' ${D}/${sysconfdir}/${BPN}/httpd.conf 110 sed -i 's/^#ServerName www.example.com/ServerName localhost/' ${D}/${sysconfdir}/${BPN}/httpd.conf
102 111
112 sed -i 's/^ServerRoot/#ServerRoot/' ${D}/${sysconfdir}/${BPN}/httpd.conf
113
114 sed -i -e 's,${STAGING_DIR_TARGET},,g' \
115 -e 's,${DEBUG_PREFIX_MAP},,g' \
116 -e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g' \
117 -e 's,${HOSTTOOLS_DIR}/,,g' \
118 -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \
119 -e 's,APU_CONFIG = .*,APU_CONFIG = ,g' ${D}${datadir}/apache2/build/config_vars.mk
120
121 sed -i -e 's,--sysroot=${STAGING_DIR_TARGET},,g' \
122 -e 's,${DEBUG_PREFIX_MAP},,g' \
123 -e 's,${RECIPE_SYSROOT},,g' \
124 -e 's,-fdebug-prefix-map[^ ]*,,g; s,-fmacro-prefix-map[^ ]*,,g' \
125 -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \
126 -e 's,".*/configure","configure",g' ${D}${datadir}/apache2/build/config.nice
127
103 if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then 128 if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
104 install -d ${D}${sysconfdir}/tmpfiles.d/ 129 install -d ${D}${sysconfdir}/tmpfiles.d/
105 install -m 0644 ${WORKDIR}/apache2-volatile.conf ${D}${sysconfdir}/tmpfiles.d/ 130 install -m 0644 ${WORKDIR}/apache2-volatile.conf ${D}${sysconfdir}/tmpfiles.d/
131
132 install -d ${D}${systemd_unitdir}/system
133 install -m 0644 ${WORKDIR}/apache2.service ${D}${systemd_unitdir}/system
134 sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_unitdir}/system/apache2.service
135 sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' ${D}${systemd_unitdir}/system/apache2.service
106 elif ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then 136 elif ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then
107 install -d ${D}${sysconfdir}/default/volatiles 137 install -d ${D}${sysconfdir}/default/volatiles
108 install -m 0644 ${WORKDIR}/volatiles.04_apache2 ${D}${sysconfdir}/default/volatiles/04_apache2 138 install -m 0644 ${WORKDIR}/volatiles.04_apache2 ${D}${sysconfdir}/default/volatiles/04_apache2
109 fi 139 fi
110 140
111 install -d ${D}${systemd_unitdir}/system 141 rm -rf ${D}${localstatedir}
112 install -m 0644 ${WORKDIR}/apache2.service ${D}${systemd_unitdir}/system
113 sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_unitdir}/system/apache2.service
114 sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' ${D}${systemd_unitdir}/system/apache2.service
115
116 chown -R root:root ${D} 142 chown -R root:root ${D}
117} 143}
118 144
119do_install_append_class-target() { 145do_install_append_class-native() {
120 sed -i -e 's,${STAGING_DIR_HOST},,g' \ 146 install -d ${D}${bindir} ${D}${libdir}
121 -e 's,APU_INCLUDEDIR = .*,APU_INCLUDEDIR = ,g' \ 147 install -m 755 server/gen_test_char ${D}${bindir}
122 -e 's,APU_CONFIG = .*,APU_CONFIG = ,g' ${D}${datadir}/apache2/build/config_vars.mk
123
124 sed -i -e 's,${STAGING_DIR_HOST},,g' \
125 -e 's,".*/configure","configure",g' ${D}${datadir}/apache2/build/config.nice
126 rm -rf ${D}${localstatedir}/run
127} 148}
128 149
129SYSROOT_PREPROCESS_FUNCS += "apache_sysroot_preprocess" 150SYSROOT_PREPROCESS_FUNCS_append_class-target = "apache_sysroot_preprocess"
130 151
131apache_sysroot_preprocess () { 152apache_sysroot_preprocess() {
132 install -d ${SYSROOT_DESTDIR}${bindir_crossscripts}/ 153 install -d ${SYSROOT_DESTDIR}${bindir_crossscripts}
133 install -m 755 ${D}${bindir}/apxs ${SYSROOT_DESTDIR}${bindir_crossscripts}/ 154 install -m 755 ${D}${bindir}/apxs ${SYSROOT_DESTDIR}${bindir_crossscripts}
134 install -d ${SYSROOT_DESTDIR}${sbindir}/ 155 install -d ${SYSROOT_DESTDIR}${sbindir}
135 install -m 755 ${D}${sbindir}/apachectl ${SYSROOT_DESTDIR}${sbindir}/ 156 install -m 755 ${D}${sbindir}/apachectl ${SYSROOT_DESTDIR}${sbindir}
136 sed -i 's!my $installbuilddir = .*!my $installbuilddir = "${STAGING_DIR_HOST}/${datadir}/${BPN}/build";!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/apxs 157 sed -i 's!my $installbuilddir = .*!my $installbuilddir = "${STAGING_DIR_HOST}/${datadir}/${BPN}/build";!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/apxs
137 sed -i 's!my $libtool = .*!my $libtool = "${STAGING_BINDIR_CROSS}/${HOST_SYS}-libtool";!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/apxs 158 sed -i 's!my $libtool = .*!my $libtool = "${STAGING_BINDIR_CROSS}/${HOST_SYS}-libtool";!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/apxs
138 159
@@ -145,52 +166,38 @@ apache_sysroot_preprocess () {
145 sed -i 's!--sysroot=[^ ]*!--sysroot=${STAGING_DIR_HOST}!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk 166 sed -i 's!--sysroot=[^ ]*!--sysroot=${STAGING_DIR_HOST}!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk
146} 167}
147 168
148# 169# Implications - used by update-rc.d scripts
149# implications - used by update-rc.d scripts
150#
151INITSCRIPT_NAME = "apache2" 170INITSCRIPT_NAME = "apache2"
152INITSCRIPT_PARAMS = "defaults 91 20" 171INITSCRIPT_PARAMS = "defaults 91 20"
153LEAD_SONAME = "libapr-1.so.0" 172
173SYSTEMD_SERVICE_${PN} = "apache2.service"
174SYSTEMD_AUTO_ENABLE_${PN} = "enable"
175
176ALTERNATIVE_${PN}-doc = "htpasswd.1"
177ALTERNATIVE_LINK_NAME[htpasswd.1] = "${mandir}/man1/htpasswd.1"
154 178
155PACKAGES = "${PN}-scripts ${PN}-doc ${PN}-dev ${PN}-dbg ${PN}" 179PACKAGES = "${PN}-scripts ${PN}-doc ${PN}-dev ${PN}-dbg ${PN}"
156 180
157CONFFILES_${PN} = "${sysconfdir}/${BPN}/httpd.conf \ 181CONFFILES_${PN} = "${sysconfdir}/${BPN}/httpd.conf \
158 ${sysconfdir}/${BPN}/magic \ 182 ${sysconfdir}/${BPN}/magic \
159 ${sysconfdir}/${BPN}/mime.types \ 183 ${sysconfdir}/${BPN}/mime.types"
160 ${sysconfdir}/init.d/${BPN} "
161 184
162# we override here rather than append so that .so links are 185# We override here rather than append so that .so links are
163# included in the runtime package rather than here (-dev) 186# included in the runtime package rather than here (-dev)
164# and to get build, icons, error into the -dev package 187# and to get icons, error into the -dev package
165FILES_${PN}-dev = "${datadir}/${BPN}/build \ 188FILES_${PN}-dev = "${datadir}/${BPN}/icons \
166 ${datadir}/${BPN}/icons \
167 ${datadir}/${BPN}/error \ 189 ${datadir}/${BPN}/error \
168 ${bindir}/apr-config ${bindir}/apu-config \
169 ${libdir}/apr*.exp \
170 ${includedir}/${BPN} \ 190 ${includedir}/${BPN} \
171 ${libdir}/*.la \ 191 "
172 ${libdir}/*.a \
173 ${bindir}/apxs \
174 "
175
176
177# manual to manual
178FILES_${PN}-doc += " ${datadir}/${BPN}/manual"
179 192
180FILES_${PN}-scripts += "${bindir}/dbmmanage" 193FILES_${PN}-scripts += "${bindir}/dbmmanage"
181 194
182# 195# Override this too - here is the default, less datadir
183# override this too - here is the default, less datadir 196FILES_${PN} = "${bindir} ${sbindir} ${libexecdir} ${libdir} \
184# 197 ${sysconfdir} ${libdir}/${BPN}"
185FILES_${PN} = "${bindir} ${sbindir} ${libexecdir} ${libdir}/lib*.so.* ${sysconfdir} \
186 ${sharedstatedir} ${localstatedir} /bin /sbin /lib/*.so* \
187 ${libdir}/${BPN}"
188
189# we want htdocs and cgi-bin to go with the binary
190FILES_${PN} += "${datadir}/${BPN}/htdocs ${datadir}/${BPN}/cgi-bin"
191 198
192#make sure the lone .so links also get wrapped in the base package 199# We want htdocs and cgi-bin to go with the binary
193FILES_${PN} += "${libdir}/lib*.so ${libdir}/pkgconfig/*" 200FILES_${PN} += "${datadir}/${BPN}/ ${libdir}/cgi-bin"
194 201
195FILES_${PN}-dbg += "${libdir}/${BPN}/modules/.debug" 202FILES_${PN}-dbg += "${libdir}/${BPN}/modules/.debug"
196 203
@@ -198,5 +205,4 @@ RDEPENDS_${PN} += "openssl libgcc"
198RDEPENDS_${PN}-scripts += "perl ${PN}" 205RDEPENDS_${PN}-scripts += "perl ${PN}"
199RDEPENDS_${PN}-dev = "perl" 206RDEPENDS_${PN}-dev = "perl"
200 207
201FILES_${PN} += "${libdir}/cgi-bin" 208BBCLASSEXTEND = "native"
202FILES_${PN} += "${datadir}/${BPN}/"
diff --git a/meta-webserver/recipes-httpd/apache2/files/init b/meta-webserver/recipes-httpd/apache2/files/init
index 758d133b9..758d133b9 100755..100644
--- a/meta-webserver/recipes-httpd/apache2/files/init
+++ b/meta-webserver/recipes-httpd/apache2/files/init
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-01 15:56:20 +0000