diff options
Diffstat (limited to 'meta-webserver')
77 files changed, 4484 insertions, 0 deletions
diff --git a/meta-webserver/COPYING.MIT b/meta-webserver/COPYING.MIT new file mode 100644 index 000000000..fb950dc69 --- /dev/null +++ b/meta-webserver/COPYING.MIT | |||
@@ -0,0 +1,17 @@ | |||
1 | Permission is hereby granted, free of charge, to any person obtaining a copy | ||
2 | of this software and associated documentation files (the "Software"), to deal | ||
3 | in the Software without restriction, including without limitation the rights | ||
4 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||
5 | copies of the Software, and to permit persons to whom the Software is | ||
6 | furnished to do so, subject to the following conditions: | ||
7 | |||
8 | The above copyright notice and this permission notice shall be included in | ||
9 | all copies or substantial portions of the Software. | ||
10 | |||
11 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||
12 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
13 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||
14 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||
15 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||
16 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN | ||
17 | THE SOFTWARE. | ||
diff --git a/meta-webserver/README b/meta-webserver/README new file mode 100644 index 000000000..ead9e2a82 --- /dev/null +++ b/meta-webserver/README | |||
@@ -0,0 +1,59 @@ | |||
1 | meta-webserver | ||
2 | ============== | ||
3 | |||
4 | This layer provides support for building web servers, web-based | ||
5 | applications and related software. | ||
6 | |||
7 | |||
8 | |||
9 | Dependencies | ||
10 | ------------ | ||
11 | |||
12 | This layer depends on: | ||
13 | |||
14 | URI: git://github.com/openembedded/oe-core.git | ||
15 | subdirectory: meta | ||
16 | branch: dizzy | ||
17 | revision: HEAD | ||
18 | |||
19 | For some recipes, the meta-oe layer is required: | ||
20 | |||
21 | URI: git://github.com/openembedded/meta-oe.git | ||
22 | subdirectory: meta-oe | ||
23 | branch: dizzy | ||
24 | revision: HEAD | ||
25 | |||
26 | |||
27 | |||
28 | Layout | ||
29 | ------ | ||
30 | |||
31 | recipes-httpd/ Web servers | ||
32 | recipes-php/ PHP and PHP applications | ||
33 | recipes-webadmin/ Standalone web administration interfaces | ||
34 | |||
35 | |||
36 | |||
37 | Maintenance | ||
38 | ----------- | ||
39 | |||
40 | Send patches / pull requests to openembedded-devel@lists.openembedded.org | ||
41 | with '[meta-webserver][dizzy]' in the subject. | ||
42 | |||
43 | Layer maintainer: Paul Eggleton <paul.eggleton@linux.intel.com> | ||
44 | |||
45 | Dizzy branch maintainers: | ||
46 | Otavio Salvador <otavio@ossystems.com.br> | ||
47 | Armin Kuster <akuster808@gmail.com> | ||
48 | |||
49 | Prefix email subject with: [dizzy] | ||
50 | |||
51 | License | ||
52 | ------- | ||
53 | |||
54 | All metadata is MIT licensed unless otherwise stated. Source code included | ||
55 | in tree for individual recipes is under the LICENSE stated in each recipe | ||
56 | (.bb file) unless otherwise stated. | ||
57 | |||
58 | This README document is Copyright (C) 2012 Intel Corporation. | ||
59 | |||
diff --git a/meta-webserver/conf/layer.conf b/meta-webserver/conf/layer.conf new file mode 100644 index 000000000..a4d6a2723 --- /dev/null +++ b/meta-webserver/conf/layer.conf | |||
@@ -0,0 +1,20 @@ | |||
1 | # Layer configuration for meta-webserver layer | ||
2 | # Copyright 2012 Intel Corporation | ||
3 | |||
4 | # We have a conf and classes directory, add to BBPATH | ||
5 | BBPATH .= ":${LAYERDIR}" | ||
6 | |||
7 | # We have various recipe-* directories, add to BBFILES | ||
8 | BBFILES += "${LAYERDIR}/recipes-*/*/*.bb ${LAYERDIR}/recipes-*/*/*.bbappend" | ||
9 | |||
10 | BBFILE_COLLECTIONS += "webserver" | ||
11 | BBFILE_PATTERN_webserver := "^${LAYERDIR}/" | ||
12 | BBFILE_PRIORITY_webserver = "6" | ||
13 | |||
14 | # This should only be incremented on significant changes that will | ||
15 | # cause compatibility issues with other layers | ||
16 | LAYERVERSION_webserver = "1" | ||
17 | |||
18 | LAYERDEPENDS_webserver = "core" | ||
19 | |||
20 | LICENSE_PATH += "${LAYERDIR}/licenses" | ||
diff --git a/meta-webserver/licenses/Xdebug b/meta-webserver/licenses/Xdebug new file mode 100644 index 000000000..3cdbf0598 --- /dev/null +++ b/meta-webserver/licenses/Xdebug | |||
@@ -0,0 +1,60 @@ | |||
1 | -------------------------------------------------------------------- | ||
2 | The Xdebug License, version 1.01 | ||
3 | (Based on "The PHP License", version 3.0) | ||
4 | Copyright (c) 2003-2012 Derick Rethans. All rights reserved. | ||
5 | -------------------------------------------------------------------- | ||
6 | |||
7 | Redistribution and use in source and binary forms, with or without | ||
8 | modification, is permitted provided that the following conditions | ||
9 | are met: | ||
10 | |||
11 | 1. Redistributions of source code must retain the above copyright | ||
12 | notice, this list of conditions and the following disclaimer. | ||
13 | |||
14 | 2. Redistributions in binary form must reproduce the above copyright | ||
15 | notice, this list of conditions and the following disclaimer in | ||
16 | the documentation and/or other materials provided with the | ||
17 | distribution. | ||
18 | |||
19 | 3. The name "Xdebug" must not be used to endorse or promote products | ||
20 | derived from this software without prior written permission. For | ||
21 | written permission, please contact derick@xdebug.org. | ||
22 | |||
23 | 4. Products derived from this software may not be called "Xdebug", nor | ||
24 | may "Xdebug" appear in their name, without prior written permission | ||
25 | from derick@xdebug.org. | ||
26 | |||
27 | 5. Derick Rethans may publish revised and/or new versions of the | ||
28 | license from time to time. Each version will be given a | ||
29 | distinguishing version number. Once covered code has been | ||
30 | published under a particular version of the license, you may | ||
31 | always continue to use it under the terms of that version. You | ||
32 | may also choose to use such covered code under the terms of any | ||
33 | subsequent version of the license published by Derick Rethans. No | ||
34 | one other than Derick Rethans has the right to modify the terms | ||
35 | applicable to covered code created under this License. | ||
36 | |||
37 | 6. Redistributions of any form whatsoever must retain the following | ||
38 | acknowledgment: "This product includes Xdebug, freely available | ||
39 | from <http://xdebug.org/>". | ||
40 | |||
41 | THIS SOFTWARE IS PROVIDED BY DERICK RETHANS ``AS IS'' AND ANY | ||
42 | EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
43 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
44 | PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE PHP DEVELOPMENT TEAM OR | ||
45 | ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
46 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | ||
47 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||
48 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||
49 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||
50 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | ||
51 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||
52 | |||
53 | -------------------------------------------------------------------- | ||
54 | |||
55 | This software consists of voluntary contributions made by some | ||
56 | individuals on behalf of Derick Rethans. | ||
57 | |||
58 | Derick Rethans can be contacted via e-mail at derick@xdebug.org. | ||
59 | |||
60 | For more information Xdebug, please see <http://xdebug.org>. | ||
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.10.bb b/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.10.bb new file mode 100644 index 000000000..5963b7943 --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.10.bb | |||
@@ -0,0 +1,45 @@ | |||
1 | DESCRIPTION = "The Apache HTTP Server is a powerful, efficient, and \ | ||
2 | extensible web server." | ||
3 | SUMMARY = "Apache HTTP Server" | ||
4 | HOMEPAGE = "http://httpd.apache.org/" | ||
5 | DEPENDS = "expat-native pcre-native apr-native apr-util-native" | ||
6 | SECTION = "net" | ||
7 | LICENSE = "Apache-2.0" | ||
8 | |||
9 | inherit autotools pkgconfig native | ||
10 | |||
11 | SRC_URI = "http://www.apache.org/dist/httpd/httpd-${PV}.tar.bz2 \ | ||
12 | file://0001-configure-use-pkg-config-for-PCRE-detection.patch \ | ||
13 | " | ||
14 | |||
15 | S = "${WORKDIR}/httpd-${PV}" | ||
16 | |||
17 | LIC_FILES_CHKSUM = "file://LICENSE;md5=dbff5a2b542fa58854455bf1a0b94b83" | ||
18 | SRC_URI[md5sum] = "44543dff14a4ebc1e9e2d86780507156" | ||
19 | SRC_URI[sha256sum] = "176c4dac1a745f07b7b91e7f4fd48f9c48049fa6f088efe758d61d9738669c6a" | ||
20 | |||
21 | EXTRA_OECONF = "--with-apr=${STAGING_BINDIR_CROSS}/apr-1-config \ | ||
22 | --with-apr-util=${STAGING_BINDIR_CROSS}/apu-1-config \ | ||
23 | --prefix=${prefix} --datadir=${datadir}/apache2 \ | ||
24 | " | ||
25 | |||
26 | do_install () { | ||
27 | install -d ${D}${bindir} ${D}${libdir} | ||
28 | cp server/gen_test_char ${D}${bindir} | ||
29 | install -m 755 support/apxs ${D}${bindir}/ | ||
30 | install -m 755 httpd ${D}${bindir}/ | ||
31 | install -d ${D}${datadir}/apache2/build | ||
32 | cp ${S}/build/*.mk ${D}${datadir}/apache2/build | ||
33 | cp build/*.mk ${D}${datadir}/apache2/build | ||
34 | cp ${S}/build/instdso.sh ${D}${datadir}/apache2/build | ||
35 | |||
36 | install -d ${D}${includedir}/apache2 | ||
37 | cp ${S}/include/* ${D}${includedir}/apache2 | ||
38 | cp include/* ${D}${includedir}/apache2 | ||
39 | cp ${S}/os/unix/os.h ${D}${includedir}/apache2 | ||
40 | cp ${S}/os/unix/unixd.h ${D}${includedir}/apache2 | ||
41 | |||
42 | cp support/envvars-std ${D}${bindir}/envvars | ||
43 | chmod 755 ${D}${bindir}/envvars | ||
44 | } | ||
45 | |||
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/apache-CVE-2014-0117.patch b/meta-webserver/recipes-httpd/apache2/apache2/apache-CVE-2014-0117.patch new file mode 100644 index 000000000..8585f0bb3 --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/apache2/apache-CVE-2014-0117.patch | |||
@@ -0,0 +1,289 @@ | |||
1 | apache: CVE-2014-0117 | ||
2 | |||
3 | The patch comes from upstream: | ||
4 | http://svn.apache.org/viewvc?view=revision&revision=1610674 | ||
5 | |||
6 | SECURITY (CVE-2014-0117): Fix a crash in mod_proxy. In a | ||
7 | reverse proxy configuration, a remote attacker could send a carefully crafted | ||
8 | request which could crash a server process, resulting in denial of service. | ||
9 | |||
10 | Thanks to Marek Kroemeke working with HP's Zero Day Initiative for | ||
11 | reporting this issue. | ||
12 | |||
13 | Upstream-Status: Backport | ||
14 | |||
15 | Submitted by: Edward Lu, breser, covener | ||
16 | Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com> | ||
17 | --- | ||
18 | modules/proxy/mod_proxy_http.c | 8 +++- | ||
19 | include/httpd.h | 17 ++++++++ | ||
20 | modules/proxy/proxy_util.c | 67 ++++++++++++++---------------- | ||
21 | server/util.c | 89 ++++++++++++++++++++++++++++++++++++++++++ | ||
22 | 4 files changed, 143 insertions(+), 38 deletions(-) | ||
23 | |||
24 | diff --git a/modules/proxy/mod_proxy_http.c b/modules/proxy/mod_proxy_http.c | ||
25 | index cffad2e..f11c16f 100644 | ||
26 | --- a/modules/proxy/mod_proxy_http.c | ||
27 | +++ b/modules/proxy/mod_proxy_http.c | ||
28 | @@ -1362,6 +1362,7 @@ apr_status_t ap_proxy_http_process_response(apr_pool_t * p, request_rec *r, | ||
29 | */ | ||
30 | if (apr_date_checkmask(buffer, "HTTP/#.# ###*")) { | ||
31 | int major, minor; | ||
32 | + int toclose; | ||
33 | |||
34 | major = buffer[5] - '0'; | ||
35 | minor = buffer[7] - '0'; | ||
36 | @@ -1470,7 +1471,12 @@ apr_status_t ap_proxy_http_process_response(apr_pool_t * p, request_rec *r, | ||
37 | te = apr_table_get(r->headers_out, "Transfer-Encoding"); | ||
38 | |||
39 | /* strip connection listed hop-by-hop headers from response */ | ||
40 | - backend->close = ap_proxy_clear_connection_fn(r, r->headers_out); | ||
41 | + toclose = ap_proxy_clear_connection_fn(r, r->headers_out); | ||
42 | + backend->close = (toclose != 0); | ||
43 | + if (toclose < 0) { | ||
44 | + return ap_proxyerror(r, HTTP_BAD_REQUEST, | ||
45 | + "Malformed connection header"); | ||
46 | + } | ||
47 | |||
48 | if ((buf = apr_table_get(r->headers_out, "Content-Type"))) { | ||
49 | ap_set_content_type(r, apr_pstrdup(p, buf)); | ||
50 | diff --git a/include/httpd.h b/include/httpd.h | ||
51 | index 36cd58d..9a2cf5c 100644 | ||
52 | --- a/include/httpd.h | ||
53 | +++ b/include/httpd.h | ||
54 | @@ -1528,6 +1528,23 @@ AP_DECLARE(int) ap_find_etag_weak(apr_pool_t *p, const char *line, const char *t | ||
55 | AP_DECLARE(int) ap_find_etag_strong(apr_pool_t *p, const char *line, const char *tok); | ||
56 | |||
57 | /** | ||
58 | + * Retrieve an array of tokens in the format "1#token" defined in RFC2616. Only | ||
59 | + * accepts ',' as a delimiter, does not accept quoted strings, and errors on | ||
60 | + * any separator. | ||
61 | + * @param p The pool to allocate from | ||
62 | + * @param tok The line to read tokens from | ||
63 | + * @param tokens Pointer to an array of tokens. If not NULL, must be an array | ||
64 | + * of char*, otherwise it will be allocated on @a p when a token is found | ||
65 | + * @param skip_invalid If true, when an invalid separator is encountered, it | ||
66 | + * will be ignored. | ||
67 | + * @return NULL on success, an error string otherwise. | ||
68 | + * @remark *tokens may be NULL on output if NULL in input and no token is found | ||
69 | + */ | ||
70 | +AP_DECLARE(const char *) ap_parse_token_list_strict(apr_pool_t *p, const char *tok, | ||
71 | + apr_array_header_t **tokens, | ||
72 | + int skip_invalid); | ||
73 | + | ||
74 | +/** | ||
75 | * Retrieve a token, spacing over it and adjusting the pointer to | ||
76 | * the first non-white byte afterwards. Note that these tokens | ||
77 | * are delimited by semis and commas and can also be delimited | ||
78 | diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c | ||
79 | index 67dc939..58daa21 100644 | ||
80 | --- a/modules/proxy/proxy_util.c | ||
81 | +++ b/modules/proxy/proxy_util.c | ||
82 | @@ -2847,68 +2847,59 @@ PROXY_DECLARE(proxy_balancer_shared *) ap_proxy_find_balancershm(ap_slotmem_prov | ||
83 | typedef struct header_connection { | ||
84 | apr_pool_t *pool; | ||
85 | apr_array_header_t *array; | ||
86 | - const char *first; | ||
87 | - unsigned int closed:1; | ||
88 | + const char *error; | ||
89 | + int is_req; | ||
90 | } header_connection; | ||
91 | |||
92 | static int find_conn_headers(void *data, const char *key, const char *val) | ||
93 | { | ||
94 | header_connection *x = data; | ||
95 | - const char *name; | ||
96 | - | ||
97 | - do { | ||
98 | - while (*val == ',' || *val == ';') { | ||
99 | - val++; | ||
100 | - } | ||
101 | - name = ap_get_token(x->pool, &val, 0); | ||
102 | - if (!strcasecmp(name, "close")) { | ||
103 | - x->closed = 1; | ||
104 | - } | ||
105 | - if (!x->first) { | ||
106 | - x->first = name; | ||
107 | - } | ||
108 | - else { | ||
109 | - const char **elt; | ||
110 | - if (!x->array) { | ||
111 | - x->array = apr_array_make(x->pool, 4, sizeof(char *)); | ||
112 | - } | ||
113 | - elt = apr_array_push(x->array); | ||
114 | - *elt = name; | ||
115 | - } | ||
116 | - } while (*val); | ||
117 | |||
118 | - return 1; | ||
119 | + x->error = ap_parse_token_list_strict(x->pool, val, &x->array, !x->is_req); | ||
120 | + return !x->error; | ||
121 | } | ||
122 | |||
123 | /** | ||
124 | * Remove all headers referred to by the Connection header. | ||
125 | + * Returns -1 on error. Otherwise, returns 1 if 'Close' was seen in | ||
126 | + * the Connection header tokens, and 0 if not. | ||
127 | */ | ||
128 | static int ap_proxy_clear_connection(request_rec *r, apr_table_t *headers) | ||
129 | { | ||
130 | - const char **name; | ||
131 | + int closed = 0; | ||
132 | header_connection x; | ||
133 | |||
134 | x.pool = r->pool; | ||
135 | x.array = NULL; | ||
136 | - x.first = NULL; | ||
137 | - x.closed = 0; | ||
138 | + x.error = NULL; | ||
139 | + x.is_req = (headers == r->headers_in); | ||
140 | |||
141 | apr_table_unset(headers, "Proxy-Connection"); | ||
142 | |||
143 | apr_table_do(find_conn_headers, &x, headers, "Connection", NULL); | ||
144 | - if (x.first) { | ||
145 | - /* fast path - no memory allocated for one header */ | ||
146 | - apr_table_unset(headers, "Connection"); | ||
147 | - apr_table_unset(headers, x.first); | ||
148 | + apr_table_unset(headers, "Connection"); | ||
149 | + | ||
150 | + if (x.error) { | ||
151 | + ap_log_rerror(APLOG_MARK, APLOG_NOTICE, 0, r, APLOGNO() | ||
152 | + "Error parsing Connection header: %s", x.error); | ||
153 | + return -1; | ||
154 | } | ||
155 | + | ||
156 | if (x.array) { | ||
157 | - /* two or more headers */ | ||
158 | - while ((name = apr_array_pop(x.array))) { | ||
159 | - apr_table_unset(headers, *name); | ||
160 | + int i; | ||
161 | + for (i = 0; i < x.array->nelts; i++) { | ||
162 | + const char *name = APR_ARRAY_IDX(x.array, i, const char *); | ||
163 | + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO() | ||
164 | + "Removing header '%s' listed in Connection header", | ||
165 | + name); | ||
166 | + if (!strcasecmp(name, "close")) { | ||
167 | + closed = 1; | ||
168 | + } | ||
169 | + apr_table_unset(headers, name); | ||
170 | } | ||
171 | } | ||
172 | |||
173 | - return x.closed; | ||
174 | + return closed; | ||
175 | } | ||
176 | |||
177 | PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p, | ||
178 | @@ -3095,7 +3086,9 @@ PROXY_DECLARE(int) ap_proxy_create_hdrbrgd(apr_pool_t *p, | ||
179 | * apr is compiled with APR_POOL_DEBUG. | ||
180 | */ | ||
181 | headers_in_copy = apr_table_copy(r->pool, r->headers_in); | ||
182 | - ap_proxy_clear_connection(r, headers_in_copy); | ||
183 | + if (ap_proxy_clear_connection(r, headers_in_copy) < 0) { | ||
184 | + return HTTP_BAD_REQUEST; | ||
185 | + } | ||
186 | /* send request headers */ | ||
187 | headers_in_array = apr_table_elts(headers_in_copy); | ||
188 | headers_in = (const apr_table_entry_t *) headers_in_array->elts; | ||
189 | diff --git a/server/util.c b/server/util.c | ||
190 | index e0ba5c2..541c9f0 100644 | ||
191 | --- a/server/util.c | ||
192 | +++ b/server/util.c | ||
193 | @@ -1449,6 +1449,95 @@ AP_DECLARE(int) ap_find_etag_weak(apr_pool_t *p, const char *line, | ||
194 | return find_list_item(p, line, tok, AP_ETAG_WEAK); | ||
195 | } | ||
196 | |||
197 | +/* Grab a list of tokens of the format 1#token (from RFC7230) */ | ||
198 | +AP_DECLARE(const char *) ap_parse_token_list_strict(apr_pool_t *p, | ||
199 | + const char *str_in, | ||
200 | + apr_array_header_t **tokens, | ||
201 | + int skip_invalid) | ||
202 | +{ | ||
203 | + int in_leading_space = 1; | ||
204 | + int in_trailing_space = 0; | ||
205 | + int string_end = 0; | ||
206 | + const char *tok_begin; | ||
207 | + const char *cur; | ||
208 | + | ||
209 | + if (!str_in) { | ||
210 | + return NULL; | ||
211 | + } | ||
212 | + | ||
213 | + tok_begin = cur = str_in; | ||
214 | + | ||
215 | + while (!string_end) { | ||
216 | + const unsigned char c = (unsigned char)*cur; | ||
217 | + | ||
218 | + if (!TEST_CHAR(c, T_HTTP_TOKEN_STOP) && c != '\0') { | ||
219 | + /* Non-separator character; we are finished with leading | ||
220 | + * whitespace. We must never have encountered any trailing | ||
221 | + * whitespace before the delimiter (comma) */ | ||
222 | + in_leading_space = 0; | ||
223 | + if (in_trailing_space) { | ||
224 | + return "Encountered illegal whitespace in token"; | ||
225 | + } | ||
226 | + } | ||
227 | + else if (c == ' ' || c == '\t') { | ||
228 | + /* "Linear whitespace" only includes ASCII CRLF, space, and tab; | ||
229 | + * we can't get a CRLF since headers are split on them already, | ||
230 | + * so only look for a space or a tab */ | ||
231 | + if (in_leading_space) { | ||
232 | + /* We're still in leading whitespace */ | ||
233 | + ++tok_begin; | ||
234 | + } | ||
235 | + else { | ||
236 | + /* We must be in trailing whitespace */ | ||
237 | + ++in_trailing_space; | ||
238 | + } | ||
239 | + } | ||
240 | + else if (c == ',' || c == '\0') { | ||
241 | + if (!in_leading_space) { | ||
242 | + /* If we're out of the leading space, we know we've read some | ||
243 | + * characters of a token */ | ||
244 | + if (*tokens == NULL) { | ||
245 | + *tokens = apr_array_make(p, 4, sizeof(char *)); | ||
246 | + } | ||
247 | + APR_ARRAY_PUSH(*tokens, char *) = | ||
248 | + apr_pstrmemdup((*tokens)->pool, tok_begin, | ||
249 | + (cur - tok_begin) - in_trailing_space); | ||
250 | + } | ||
251 | + /* We're allowed to have null elements, just don't add them to the | ||
252 | + * array */ | ||
253 | + | ||
254 | + tok_begin = cur + 1; | ||
255 | + in_leading_space = 1; | ||
256 | + in_trailing_space = 0; | ||
257 | + string_end = (c == '\0'); | ||
258 | + } | ||
259 | + else { | ||
260 | + /* Encountered illegal separator char */ | ||
261 | + if (skip_invalid) { | ||
262 | + /* Skip to the next separator */ | ||
263 | + const char *temp; | ||
264 | + temp = ap_strchr_c(cur, ','); | ||
265 | + if(!temp) { | ||
266 | + temp = ap_strchr_c(cur, '\0'); | ||
267 | + } | ||
268 | + | ||
269 | + /* Act like we haven't seen a token so we reset */ | ||
270 | + cur = temp - 1; | ||
271 | + in_leading_space = 1; | ||
272 | + in_trailing_space = 0; | ||
273 | + } | ||
274 | + else { | ||
275 | + return apr_psprintf(p, "Encountered illegal separator " | ||
276 | + "'\\x%.2x'", (unsigned int)c); | ||
277 | + } | ||
278 | + } | ||
279 | + | ||
280 | + ++cur; | ||
281 | + } | ||
282 | + | ||
283 | + return NULL; | ||
284 | +} | ||
285 | + | ||
286 | /* Retrieve a token, spacing over it and returning a pointer to | ||
287 | * the first non-white byte afterwards. Note that these tokens | ||
288 | * are delimited by semis and commas; and can also be delimited | ||
289 | -- | ||
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/apache-configure_perlbin.patch b/meta-webserver/recipes-httpd/apache2/apache2/apache-configure_perlbin.patch new file mode 100644 index 000000000..c90279d44 --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/apache2/apache-configure_perlbin.patch | |||
@@ -0,0 +1,20 @@ | |||
1 | # Author: echo <fei.geng@windriver.com> | ||
2 | # Date: April 28 2009 | ||
3 | # Summary:Fix perl install directory to /usr/bin | ||
4 | # | ||
5 | # Upstream-Status: Inappropriate [configuration] | ||
6 | |||
7 | --- a/configure.in | ||
8 | +++ b/configure.in | ||
9 | @@ -638,10 +638,7 @@ | ||
10 | AC_DEFINE_UNQUOTED(APACHE_MPM_DIR, "$MPM_DIR", | ||
11 | [Location of the source for the current MPM]) | ||
12 | |||
13 | -perlbin=`$ac_aux_dir/PrintPath perl` | ||
14 | -if test "x$perlbin" = "x"; then | ||
15 | - perlbin="/replace/with/path/to/perl/interpreter" | ||
16 | -fi | ||
17 | +perlbin='/usr/bin/perl' | ||
18 | AC_SUBST(perlbin) | ||
19 | |||
20 | dnl If we are running on BSD/OS, we need to use the BSD .include syntax. | ||
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/apache-ssl-ltmain-rpath.patch b/meta-webserver/recipes-httpd/apache2/apache2/apache-ssl-ltmain-rpath.patch new file mode 100644 index 000000000..3a59fb079 --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/apache2/apache-ssl-ltmain-rpath.patch | |||
@@ -0,0 +1,76 @@ | |||
1 | --- httpd-2.2.8.orig/build/ltmain.sh | ||
2 | +++ httpd-2.2.8/build/ltmain.sh | ||
3 | @@ -1515,7 +1515,7 @@ EOF | ||
4 | dir=`$echo "X$arg" | $Xsed -e 's/^-L//'` | ||
5 | # We need an absolute path. | ||
6 | case $dir in | ||
7 | - [\\/]* | [A-Za-z]:[\\/]*) ;; | ||
8 | + =* | [\\/]* | [A-Za-z]:[\\/]*) ;; | ||
9 | *) | ||
10 | absdir=`cd "$dir" && pwd` | ||
11 | if test -z "$absdir"; then | ||
12 | @@ -2558,7 +2558,7 @@ EOF | ||
13 | $echo "*** $linklib is not portable!" | ||
14 | fi | ||
15 | if test "$linkmode" = lib && | ||
16 | - test "$hardcode_into_libs" = yes; then | ||
17 | + test "x$wrs_use_rpaths" = "xyes" && test "$hardcode_into_libs" = yes; then | ||
18 | # Hardcode the library path. | ||
19 | # Skip directories that are in the system default run-time | ||
20 | # search path. | ||
21 | @@ -2832,7 +2832,7 @@ EOF | ||
22 | |||
23 | if test "$linkmode" = lib; then | ||
24 | if test -n "$dependency_libs" && | ||
25 | - { test "$hardcode_into_libs" != yes || | ||
26 | + { test "$hardcode_into_libs" != yes || test "x$wrs_use_rpaths" != "xyes" || | ||
27 | test "$build_old_libs" = yes || | ||
28 | test "$link_static" = yes; }; then | ||
29 | # Extract -R from dependency_libs | ||
30 | @@ -3426,7 +3426,8 @@ EOF | ||
31 | *) finalize_rpath="$finalize_rpath $libdir" ;; | ||
32 | esac | ||
33 | done | ||
34 | - if test "$hardcode_into_libs" != yes || test "$build_old_libs" = yes; then | ||
35 | + if test "$hardcode_into_libs" != yes || test "x$wrs_use_rpaths" != "xyes" || | ||
36 | + test "$build_old_libs" = yes; then | ||
37 | dependency_libs="$temp_xrpath $dependency_libs" | ||
38 | fi | ||
39 | fi | ||
40 | @@ -3843,7 +3844,7 @@ EOF | ||
41 | case $archive_cmds in | ||
42 | *\$LD\ *) wl= ;; | ||
43 | esac | ||
44 | - if test "$hardcode_into_libs" = yes; then | ||
45 | + if test "$hardcode_into_libs" = yes && test "x$wrs_use_rpaths" = "xyes" ; then | ||
46 | # Hardcode the library paths | ||
47 | hardcode_libdirs= | ||
48 | dep_rpath= | ||
49 | @@ -4397,6 +4398,27 @@ EOF | ||
50 | # Now hardcode the library paths | ||
51 | rpath= | ||
52 | hardcode_libdirs= | ||
53 | + | ||
54 | + # short circuit putting rpaths in executables | ||
55 | + # | ||
56 | + if test "x$wrs_use_rpaths" != "xyes" ; then | ||
57 | + flag= | ||
58 | + for libdir in $compile_rpath; do | ||
59 | + case $(echo $libdir | ${SED} 's,/[/]*,/,g') in | ||
60 | + /usr/lib/* | /usr/lib32/* | /usr/lib64/* ) flag="$flag $libdir" ;; | ||
61 | + esac | ||
62 | + done | ||
63 | + compile_rpath="$flag" | ||
64 | + | ||
65 | + flag= | ||
66 | + for libdir in $finalize_rpath; do | ||
67 | + case $(echo $libdir | ${SED} 's,/[/]*,/,g') in | ||
68 | + /usr/lib/* | /usr/lib32/* | /usr/lib64/* ) flag="$flag $libdir" ;; | ||
69 | + esac | ||
70 | + done | ||
71 | + finalize_rpath="$flag" | ||
72 | + fi | ||
73 | + | ||
74 | for libdir in $compile_rpath $finalize_rpath; do | ||
75 | if test -n "$hardcode_libdir_flag_spec"; then | ||
76 | if test -n "$hardcode_libdir_separator"; then | ||
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/fix-libtool-name.patch b/meta-webserver/recipes-httpd/apache2/apache2/fix-libtool-name.patch new file mode 100644 index 000000000..027af04c3 --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/apache2/fix-libtool-name.patch | |||
@@ -0,0 +1,55 @@ | |||
1 | Fix build scripts to use correct libtool filename | ||
2 | |||
3 | Upstream-Status: Inappropriate [configuration] | ||
4 | |||
5 | --- | ||
6 | httpd-2.4.2/build/config_vars.sh.in | 2 +- | ||
7 | httpd-2.4.2/configure | 2 +- | ||
8 | httpd-2.4.2/configure.in | 2 +- | ||
9 | httpd-2.4.2/support/apxs.in | 2 +- | ||
10 | 4 files changed, 4 insertions(+), 4 deletions(-) | ||
11 | |||
12 | --- a/build/config_vars.sh.in | ||
13 | +++ b/build/config_vars.sh.in | ||
14 | @@ -35,7 +35,7 @@ else | ||
15 | APU_CONFIG=@APU_CONFIG@ | ||
16 | fi | ||
17 | |||
18 | -APR_LIBTOOL="`${APR_CONFIG} --apr-libtool`" | ||
19 | +APR_LIBTOOL="`${APR_CONFIG} --apr-libtool | sed -e s,libtool,${host_alias}-libtool,`" | ||
20 | APR_INCLUDEDIR="`${APR_CONFIG} --includedir`" | ||
21 | test -n "@APU_CONFIG@" && APU_INCLUDEDIR="`${APU_CONFIG} --includedir`" | ||
22 | |||
23 | --- a/configure | ||
24 | +++ b/configure | ||
25 | @@ -6205,7 +6205,7 @@ case $host in | ||
26 | if test "x$LTFLAGS" = "x"; then | ||
27 | LTFLAGS='--silent' | ||
28 | fi | ||
29 | - my_libtool=`$apr_config --apr-libtool` | ||
30 | + my_libtool=`$apr_config --apr-libtool | sed -e s,libtool,${host_alias}-libtool,` | ||
31 | LIBTOOL="$my_libtool \$(LTFLAGS)" | ||
32 | libtoolversion=`$my_libtool --version` | ||
33 | case $libtoolversion in | ||
34 | --- a/configure.in | ||
35 | +++ b/configure.in | ||
36 | @@ -264,7 +264,7 @@ case $host in | ||
37 | if test "x$LTFLAGS" = "x"; then | ||
38 | LTFLAGS='--silent' | ||
39 | fi | ||
40 | - my_libtool=`$apr_config --apr-libtool` | ||
41 | + my_libtool=`$apr_config --apr-libtool | sed -e s,libtool,${host_alias}-libtool,` | ||
42 | LIBTOOL="$my_libtool \$(LTFLAGS)" | ||
43 | libtoolversion=`$my_libtool --version` | ||
44 | case $libtoolversion in | ||
45 | --- a/support/apxs.in | ||
46 | +++ b/support/apxs.in | ||
47 | @@ -352,7 +352,7 @@ if ($apr_major_version < 2) { | ||
48 | } | ||
49 | } | ||
50 | |||
51 | -my $libtool = `$apr_config --apr-libtool`; | ||
52 | +my $libtool = `$apr_config --apr-libtool| sed -e s,libtool,${host_alias}-libtool,`; | ||
53 | chomp($libtool); | ||
54 | |||
55 | my $apr_includedir = `$apr_config --includes`; | ||
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.1-corelimit.patch b/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.1-corelimit.patch new file mode 100644 index 000000000..18e4107ec --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.1-corelimit.patch | |||
@@ -0,0 +1,37 @@ | |||
1 | |||
2 | Bump up the core size limit if CoreDumpDirectory is | ||
3 | configured. | ||
4 | |||
5 | Upstream-Status: Pending | ||
6 | |||
7 | Note: upstreaming was discussed but there are competing desires; | ||
8 | there are portability oddities here too. | ||
9 | |||
10 | --- httpd-2.4.1/server/core.c.corelimit | ||
11 | +++ httpd-2.4.1/server/core.c | ||
12 | @@ -4433,6 +4433,25 @@ static int core_post_config(apr_pool_t * | ||
13 | } | ||
14 | apr_pool_cleanup_register(pconf, NULL, ap_mpm_end_gen_helper, | ||
15 | apr_pool_cleanup_null); | ||
16 | + | ||
17 | +#ifdef RLIMIT_CORE | ||
18 | + if (ap_coredumpdir_configured) { | ||
19 | + struct rlimit lim; | ||
20 | + | ||
21 | + if (getrlimit(RLIMIT_CORE, &lim) == 0 && lim.rlim_cur == 0) { | ||
22 | + lim.rlim_cur = lim.rlim_max; | ||
23 | + if (setrlimit(RLIMIT_CORE, &lim) == 0) { | ||
24 | + ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, | ||
25 | + "core dump file size limit raised to %lu bytes", | ||
26 | + lim.rlim_cur); | ||
27 | + } else { | ||
28 | + ap_log_error(APLOG_MARK, APLOG_NOTICE, errno, NULL, | ||
29 | + "core dump file size is zero, setrlimit failed"); | ||
30 | + } | ||
31 | + } | ||
32 | + } | ||
33 | +#endif | ||
34 | + | ||
35 | return OK; | ||
36 | } | ||
37 | |||
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.1-selinux.patch b/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.1-selinux.patch new file mode 100644 index 000000000..873328d9b --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.1-selinux.patch | |||
@@ -0,0 +1,63 @@ | |||
1 | |||
2 | Log the SELinux context at startup. | ||
3 | |||
4 | Upstream-Status: Inappropriate [other] | ||
5 | |||
6 | Note: unlikely to be any interest in this upstream | ||
7 | |||
8 | --- httpd-2.4.1/configure.in.selinux | ||
9 | +++ httpd-2.4.1/configure.in | ||
10 | @@ -458,6 +458,11 @@ fopen64 | ||
11 | dnl confirm that a void pointer is large enough to store a long integer | ||
12 | APACHE_CHECK_VOID_PTR_LEN | ||
13 | |||
14 | +AC_CHECK_LIB(selinux, is_selinux_enabled, [ | ||
15 | + AC_DEFINE(HAVE_SELINUX, 1, [Defined if SELinux is supported]) | ||
16 | + APR_ADDTO(AP_LIBS, [-lselinux]) | ||
17 | +]) | ||
18 | + | ||
19 | AC_CACHE_CHECK([for gettid()], ac_cv_gettid, | ||
20 | [AC_TRY_RUN(#define _GNU_SOURCE | ||
21 | #include <unistd.h> | ||
22 | --- httpd-2.4.1/server/core.c.selinux | ||
23 | +++ httpd-2.4.1/server/core.c | ||
24 | @@ -58,6 +58,10 @@ | ||
25 | #include <unistd.h> | ||
26 | #endif | ||
27 | |||
28 | +#ifdef HAVE_SELINUX | ||
29 | +#include <selinux/selinux.h> | ||
30 | +#endif | ||
31 | + | ||
32 | /* LimitRequestBody handling */ | ||
33 | #define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1) | ||
34 | #define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 0) | ||
35 | @@ -4452,6 +4456,28 @@ static int core_post_config(apr_pool_t * | ||
36 | } | ||
37 | #endif | ||
38 | |||
39 | +#ifdef HAVE_SELINUX | ||
40 | + { | ||
41 | + static int already_warned = 0; | ||
42 | + int is_enabled = is_selinux_enabled() > 0; | ||
43 | + | ||
44 | + if (is_enabled && !already_warned) { | ||
45 | + security_context_t con; | ||
46 | + | ||
47 | + if (getcon(&con) == 0) { | ||
48 | + | ||
49 | + ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, | ||
50 | + "SELinux policy enabled; " | ||
51 | + "httpd running as context %s", con); | ||
52 | + | ||
53 | + already_warned = 1; | ||
54 | + | ||
55 | + freecon(con); | ||
56 | + } | ||
57 | + } | ||
58 | + } | ||
59 | +#endif | ||
60 | + | ||
61 | return OK; | ||
62 | } | ||
63 | |||
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.4-export.patch b/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.4-export.patch new file mode 100644 index 000000000..afbed8e55 --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/apache2/httpd-2.4.4-export.patch | |||
@@ -0,0 +1,22 @@ | |||
1 | |||
2 | There is no need to "suck in" the apr/apr-util symbols when using | ||
3 | a shared libapr{,util}, it just bloats the symbol table; so don't. | ||
4 | |||
5 | Upstream-HEAD: needed | ||
6 | Upstream-2.0: omit | ||
7 | Upstream-Status: Pending | ||
8 | |||
9 | Note: EXPORT_DIRS change is conditional on using shared apr | ||
10 | |||
11 | --- httpd-2.4.4/server/Makefile.in.export | ||
12 | +++ httpd-2.4.4/server/Makefile.in | ||
13 | @@ -57,9 +57,6 @@ export_files: | ||
14 | ( for dir in $(EXPORT_DIRS); do \ | ||
15 | ls $$dir/*.h ; \ | ||
16 | done; \ | ||
17 | - for dir in $(EXPORT_DIRS_APR); do \ | ||
18 | - ls $$dir/ap[ru].h $$dir/ap[ru]_*.h 2>/dev/null; \ | ||
19 | - done; \ | ||
20 | ) | sed -e s,//,/,g | sort -u > $@ | ||
21 | |||
22 | exports.c: export_files | ||
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/npn-patch-2.4.7.patch b/meta-webserver/recipes-httpd/apache2/apache2/npn-patch-2.4.7.patch new file mode 100644 index 000000000..a4f185501 --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/apache2/npn-patch-2.4.7.patch | |||
@@ -0,0 +1,289 @@ | |||
1 | Add support for TLS Next Protocol Negotiation: | ||
2 | |||
3 | * modules/ssl/mod_ssl.c, modules/ssl/mod_ssl.h: Add and implement new | ||
4 | hooks for next protocol advertisement/discovery. | ||
5 | |||
6 | * modules/ssl/ssl_engine_init.c (ssl_init_ctx_callbacks): Enable | ||
7 | NPN advertisement callback in handshake. | ||
8 | |||
9 | * modules/ssl/ssl_engine_io.c (ssl_io_filter_input): Invoke | ||
10 | next-protocol discovery hook. | ||
11 | |||
12 | * modules/ssl/ssl_engine_kernel.c (ssl_callback_AdvertiseNextProtos): | ||
13 | New callback. | ||
14 | |||
15 | * modules/ssl/ssl_private.h: Add prototype. | ||
16 | |||
17 | Submitted by: Matthew Steele <mdsteele google.com> | ||
18 | with slight tweaks by jorton | ||
19 | |||
20 | http://svn.apache.org/viewvc?view=revision&revision=1332643 | ||
21 | https://bugzilla.redhat.com//show_bug.cgi?id=809599 | ||
22 | Upstream-Status: Backport | ||
23 | Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> | ||
24 | --- | ||
25 | CHANGES | 2 + | ||
26 | modules/ssl/mod_ssl.c | 12 ++++++ | ||
27 | modules/ssl/mod_ssl.h | 21 +++++++++++ | ||
28 | modules/ssl/ssl_engine_init.c | 5 +++ | ||
29 | modules/ssl/ssl_engine_io.c | 24 ++++++++++++ | ||
30 | modules/ssl/ssl_engine_kernel.c | 82 +++++++++++++++++++++++++++++++++++++++++ | ||
31 | modules/ssl/ssl_private.h | 6 +++ | ||
32 | 7 files changed, 152 insertions(+) | ||
33 | |||
34 | diff --git a/CHANGES b/CHANGES | ||
35 | --- a/CHANGES | ||
36 | +++ b/CHANGES | ||
37 | @@ -1,6 +1,8 @@ | ||
38 | -*- coding: utf-8 -*- | ||
39 | |||
40 | Changes with Apache 2.4.7 | ||
41 | + *) mod_ssl: Add support for TLS Next Protocol Negotiation. PR 52210. | ||
42 | + [Matthew Steele <mdsteele google.com>] | ||
43 | |||
44 | *) APR 1.5.0 or later is now required for the event MPM. | ||
45 | |||
46 | diff --git a/modules/ssl/mod_ssl.c b/modules/ssl/mod_ssl.c | ||
47 | --- a/modules/ssl/mod_ssl.c | ||
48 | +++ b/modules/ssl/mod_ssl.c | ||
49 | @@ -275,6 +275,18 @@ static const command_rec ssl_config_cmds[] = { | ||
50 | AP_END_CMD | ||
51 | }; | ||
52 | |||
53 | +/* Implement 'modssl_run_npn_advertise_protos_hook'. */ | ||
54 | +APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL( | ||
55 | + modssl, AP, int, npn_advertise_protos_hook, | ||
56 | + (conn_rec *connection, apr_array_header_t *protos), | ||
57 | + (connection, protos), OK, DECLINED); | ||
58 | + | ||
59 | +/* Implement 'modssl_run_npn_proto_negotiated_hook'. */ | ||
60 | +APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL( | ||
61 | + modssl, AP, int, npn_proto_negotiated_hook, | ||
62 | + (conn_rec *connection, const char *proto_name, apr_size_t proto_name_len), | ||
63 | + (connection, proto_name, proto_name_len), OK, DECLINED); | ||
64 | + | ||
65 | /* | ||
66 | * the various processing hooks | ||
67 | */ | ||
68 | diff --git a/modules/ssl/mod_ssl.h b/modules/ssl/mod_ssl.h | ||
69 | --- a/modules/ssl/mod_ssl.h | ||
70 | +++ b/modules/ssl/mod_ssl.h | ||
71 | @@ -63,5 +63,26 @@ APR_DECLARE_OPTIONAL_FN(int, ssl_proxy_enable, (conn_rec *)); | ||
72 | |||
73 | APR_DECLARE_OPTIONAL_FN(int, ssl_engine_disable, (conn_rec *)); | ||
74 | |||
75 | +/** The npn_advertise_protos optional hook allows other modules to add entries | ||
76 | + * to the list of protocol names advertised by the server during the Next | ||
77 | + * Protocol Negotiation (NPN) portion of the SSL handshake. The hook callee is | ||
78 | + * given the connection and an APR array; it should push one or more char*'s | ||
79 | + * pointing to null-terminated strings (such as "http/1.1" or "spdy/2") onto | ||
80 | + * the array and return OK, or do nothing and return DECLINED. */ | ||
81 | +APR_DECLARE_EXTERNAL_HOOK(modssl, AP, int, npn_advertise_protos_hook, | ||
82 | + (conn_rec *connection, apr_array_header_t *protos)); | ||
83 | + | ||
84 | +/** The npn_proto_negotiated optional hook allows other modules to discover the | ||
85 | + * name of the protocol that was chosen during the Next Protocol Negotiation | ||
86 | + * (NPN) portion of the SSL handshake. Note that this may be the empty string | ||
87 | + * (in which case modules should probably assume HTTP), or it may be a protocol | ||
88 | + * that was never even advertised by the server. The hook callee is given the | ||
89 | + * connection, a non-null-terminated string containing the protocol name, and | ||
90 | + * the length of the string; it should do something appropriate (i.e. insert or | ||
91 | + * remove filters) and return OK, or do nothing and return DECLINED. */ | ||
92 | +APR_DECLARE_EXTERNAL_HOOK(modssl, AP, int, npn_proto_negotiated_hook, | ||
93 | + (conn_rec *connection, const char *proto_name, | ||
94 | + apr_size_t proto_name_len)); | ||
95 | + | ||
96 | #endif /* __MOD_SSL_H__ */ | ||
97 | /** @} */ | ||
98 | diff --git a/modules/ssl/ssl_engine_init.c b/modules/ssl/ssl_engine_init.c | ||
99 | --- a/modules/ssl/ssl_engine_init.c | ||
100 | +++ b/modules/ssl/ssl_engine_init.c | ||
101 | @@ -546,6 +546,11 @@ static void ssl_init_ctx_callbacks(server_rec *s, | ||
102 | SSL_CTX_set_tmp_dh_callback(ctx, ssl_callback_TmpDH); | ||
103 | |||
104 | SSL_CTX_set_info_callback(ctx, ssl_callback_Info); | ||
105 | + | ||
106 | +#ifdef HAVE_TLS_NPN | ||
107 | + SSL_CTX_set_next_protos_advertised_cb( | ||
108 | + ctx, ssl_callback_AdvertiseNextProtos, NULL); | ||
109 | +#endif | ||
110 | } | ||
111 | |||
112 | static void ssl_init_ctx_verify(server_rec *s, | ||
113 | diff --git a/modules/ssl/ssl_engine_io.c b/modules/ssl/ssl_engine_io.c | ||
114 | --- a/modules/ssl/ssl_engine_io.c | ||
115 | +++ b/modules/ssl/ssl_engine_io.c | ||
116 | @@ -28,6 +28,7 @@ | ||
117 | core keeps dumping.'' | ||
118 | -- Unknown */ | ||
119 | #include "ssl_private.h" | ||
120 | +#include "mod_ssl.h" | ||
121 | #include "apr_date.h" | ||
122 | |||
123 | /* _________________________________________________________________ | ||
124 | @@ -297,6 +298,7 @@ typedef struct { | ||
125 | apr_pool_t *pool; | ||
126 | char buffer[AP_IOBUFSIZE]; | ||
127 | ssl_filter_ctx_t *filter_ctx; | ||
128 | + int npn_finished; /* 1 if NPN has finished, 0 otherwise */ | ||
129 | } bio_filter_in_ctx_t; | ||
130 | |||
131 | /* | ||
132 | @@ -1412,6 +1414,27 @@ static apr_status_t ssl_io_filter_input(ap_filter_t *f, | ||
133 | APR_BRIGADE_INSERT_TAIL(bb, bucket); | ||
134 | } | ||
135 | |||
136 | +#ifdef HAVE_TLS_NPN | ||
137 | + /* By this point, Next Protocol Negotiation (NPN) should be completed (if | ||
138 | + * our version of OpenSSL supports it). If we haven't already, find out | ||
139 | + * which protocol was decided upon and inform other modules by calling | ||
140 | + * npn_proto_negotiated_hook. */ | ||
141 | + if (!inctx->npn_finished) { | ||
142 | + const unsigned char *next_proto = NULL; | ||
143 | + unsigned next_proto_len = 0; | ||
144 | + | ||
145 | + SSL_get0_next_proto_negotiated( | ||
146 | + inctx->ssl, &next_proto, &next_proto_len); | ||
147 | + ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, f->c, | ||
148 | + "SSL NPN negotiated protocol: '%s'", | ||
149 | + apr_pstrmemdup(f->c->pool, (const char*)next_proto, | ||
150 | + next_proto_len)); | ||
151 | + modssl_run_npn_proto_negotiated_hook( | ||
152 | + f->c, (const char*)next_proto, next_proto_len); | ||
153 | + inctx->npn_finished = 1; | ||
154 | + } | ||
155 | +#endif | ||
156 | + | ||
157 | return APR_SUCCESS; | ||
158 | } | ||
159 | |||
160 | @@ -1893,6 +1916,7 @@ static void ssl_io_input_add_filter(ssl_filter_ctx_t *filter_ctx, conn_rec *c, | ||
161 | inctx->block = APR_BLOCK_READ; | ||
162 | inctx->pool = c->pool; | ||
163 | inctx->filter_ctx = filter_ctx; | ||
164 | + inctx->npn_finished = 0; | ||
165 | } | ||
166 | |||
167 | /* The request_rec pointer is passed in here only to ensure that the | ||
168 | diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c | ||
169 | --- a/modules/ssl/ssl_engine_kernel.c | ||
170 | +++ b/modules/ssl/ssl_engine_kernel.c | ||
171 | @@ -29,6 +29,7 @@ | ||
172 | time I was too famous.'' | ||
173 | -- Unknown */ | ||
174 | #include "ssl_private.h" | ||
175 | +#include "mod_ssl.h" | ||
176 | #include "util_md5.h" | ||
177 | |||
178 | static void ssl_configure_env(request_rec *r, SSLConnRec *sslconn); | ||
179 | @@ -2139,3 +2140,84 @@ int ssl_callback_SRPServerParams(SSL *ssl, int *ad, void *arg) | ||
180 | } | ||
181 | |||
182 | #endif /* HAVE_SRP */ | ||
183 | + | ||
184 | +#ifdef HAVE_TLS_NPN | ||
185 | +/* | ||
186 | + * This callback function is executed when SSL needs to decide what protocols | ||
187 | + * to advertise during Next Protocol Negotiation (NPN). It must produce a | ||
188 | + * string in wire format -- a sequence of length-prefixed strings -- indicating | ||
189 | + * the advertised protocols. Refer to SSL_CTX_set_next_protos_advertised_cb | ||
190 | + * in OpenSSL for reference. | ||
191 | + */ | ||
192 | +int ssl_callback_AdvertiseNextProtos(SSL *ssl, const unsigned char **data_out, | ||
193 | + unsigned int *size_out, void *arg) | ||
194 | +{ | ||
195 | + conn_rec *c = (conn_rec*)SSL_get_app_data(ssl); | ||
196 | + apr_array_header_t *protos; | ||
197 | + int num_protos; | ||
198 | + unsigned int size; | ||
199 | + int i; | ||
200 | + unsigned char *data; | ||
201 | + unsigned char *start; | ||
202 | + | ||
203 | + *data_out = NULL; | ||
204 | + *size_out = 0; | ||
205 | + | ||
206 | + /* If the connection object is not available, then there's nothing for us | ||
207 | + * to do. */ | ||
208 | + if (c == NULL) { | ||
209 | + return SSL_TLSEXT_ERR_OK; | ||
210 | + } | ||
211 | + | ||
212 | + /* Invoke our npn_advertise_protos hook, giving other modules a chance to | ||
213 | + * add alternate protocol names to advertise. */ | ||
214 | + protos = apr_array_make(c->pool, 0, sizeof(char*)); | ||
215 | + modssl_run_npn_advertise_protos_hook(c, protos); | ||
216 | + num_protos = protos->nelts; | ||
217 | + | ||
218 | + /* We now have a list of null-terminated strings; we need to concatenate | ||
219 | + * them together into a single string, where each protocol name is prefixed | ||
220 | + * by its length. First, calculate how long that string will be. */ | ||
221 | + size = 0; | ||
222 | + for (i = 0; i < num_protos; ++i) { | ||
223 | + const char *string = APR_ARRAY_IDX(protos, i, const char*); | ||
224 | + unsigned int length = strlen(string); | ||
225 | + /* If the protocol name is too long (the length must fit in one byte), | ||
226 | + * then log an error and skip it. */ | ||
227 | + if (length > 255) { | ||
228 | + ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c, | ||
229 | + "SSL NPN protocol name too long (length=%u): %s", | ||
230 | + length, string); | ||
231 | + continue; | ||
232 | + } | ||
233 | + /* Leave room for the length prefix (one byte) plus the protocol name | ||
234 | + * itself. */ | ||
235 | + size += 1 + length; | ||
236 | + } | ||
237 | + | ||
238 | + /* If there is nothing to advertise (either because no modules added | ||
239 | + * anything to the protos array, or because all strings added to the array | ||
240 | + * were skipped), then we're done. */ | ||
241 | + if (size == 0) { | ||
242 | + return SSL_TLSEXT_ERR_OK; | ||
243 | + } | ||
244 | + | ||
245 | + /* Now we can build the string. Copy each protocol name string into the | ||
246 | + * larger string, prefixed by its length. */ | ||
247 | + data = apr_palloc(c->pool, size * sizeof(unsigned char)); | ||
248 | + start = data; | ||
249 | + for (i = 0; i < num_protos; ++i) { | ||
250 | + const char *string = APR_ARRAY_IDX(protos, i, const char*); | ||
251 | + apr_size_t length = strlen(string); | ||
252 | + *start = (unsigned char)length; | ||
253 | + ++start; | ||
254 | + memcpy(start, string, length * sizeof(unsigned char)); | ||
255 | + start += length; | ||
256 | + } | ||
257 | + | ||
258 | + /* Success. */ | ||
259 | + *data_out = data; | ||
260 | + *size_out = size; | ||
261 | + return SSL_TLSEXT_ERR_OK; | ||
262 | +} | ||
263 | +#endif /* HAVE_TLS_NPN */ | ||
264 | diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h | ||
265 | --- a/modules/ssl/ssl_private.h | ||
266 | +++ b/modules/ssl/ssl_private.h | ||
267 | @@ -123,6 +123,11 @@ | ||
268 | #define MODSSL_SSL_METHOD_CONST | ||
269 | #endif | ||
270 | |||
271 | +#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG) \ | ||
272 | + && !defined(OPENSSL_NO_TLSEXT) | ||
273 | +#define HAVE_TLS_NPN | ||
274 | +#endif | ||
275 | + | ||
276 | #if defined(OPENSSL_FIPS) | ||
277 | #define HAVE_FIPS | ||
278 | #endif | ||
279 | @@ -800,6 +805,7 @@ int ssl_callback_ServerNameIndication(SSL *, int *, modssl_ctx_t *); | ||
280 | int ssl_callback_SessionTicket(SSL *, unsigned char *, unsigned char *, | ||
281 | EVP_CIPHER_CTX *, HMAC_CTX *, int); | ||
282 | #endif | ||
283 | +int ssl_callback_AdvertiseNextProtos(SSL *ssl, const unsigned char **data, unsigned int *len, void *arg); | ||
284 | |||
285 | /** Session Cache Support */ | ||
286 | void ssl_scache_init(server_rec *, apr_pool_t *); | ||
287 | -- | ||
288 | 1.8.1.2 | ||
289 | |||
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/replace-lynx-to-curl-in-apachectl-script.patch b/meta-webserver/recipes-httpd/apache2/apache2/replace-lynx-to-curl-in-apachectl-script.patch new file mode 100644 index 000000000..584ddc8d9 --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/apache2/replace-lynx-to-curl-in-apachectl-script.patch | |||
@@ -0,0 +1,52 @@ | |||
1 | From 760ccbb2fb046621a2aeaecabb2b1ef9aa280cf1 Mon Sep 17 00:00:00 2001 | ||
2 | From: Yulong Pei <Yulong.pei@windriver.com> | ||
3 | Date: Thu, 1 Sep 2011 01:03:14 +0800 | ||
4 | Subject: [PATCH] replace lynx to curl in apachectl script | ||
5 | |||
6 | Upstream-Status: Inappropriate [configuration] | ||
7 | |||
8 | Signed-off-by: Yulong Pei <Yulong.pei@windriver.com> | ||
9 | --- | ||
10 | support/apachectl.in | 14 ++++++++++---- | ||
11 | 1 files changed, 10 insertions(+), 4 deletions(-) | ||
12 | |||
13 | diff --git a/support/apachectl.in b/support/apachectl.in | ||
14 | index d4dff38..109ea13 100644 | ||
15 | --- a/support/apachectl.in | ||
16 | +++ b/support/apachectl.in | ||
17 | @@ -51,11 +51,11 @@ fi | ||
18 | # a command that outputs a formatted text version of the HTML at the | ||
19 | # url given on the command line. Designed for lynx, however other | ||
20 | # programs may work. | ||
21 | -LYNX="@LYNX_PATH@ -dump" | ||
22 | +CURL="/usr/bin/curl" | ||
23 | # | ||
24 | # the URL to your server's mod_status status page. If you do not | ||
25 | # have one, then status and fullstatus will not work. | ||
26 | -STATUSURL="http://localhost:@PORT@/server-status" | ||
27 | +STATUSURL="http://localhost:@PORT@/" | ||
28 | # | ||
29 | # Set this variable to a command that increases the maximum | ||
30 | # number of file descriptors allowed per child process. This is | ||
31 | @@ -91,10 +91,16 @@ configtest) | ||
32 | ERROR=$? | ||
33 | ;; | ||
34 | status) | ||
35 | - $LYNX $STATUSURL | awk ' /process$/ { print; exit } { print } ' | ||
36 | + $CURL -s $STATUSURL | grep -o "It works!" | ||
37 | + if [ $? != 0 ] ; then | ||
38 | + echo The httpd server does not work! | ||
39 | + fi | ||
40 | ;; | ||
41 | fullstatus) | ||
42 | - $LYNX $STATUSURL | ||
43 | + $CURL -s $STATUSURL | grep -o "It works!" | ||
44 | + if [ $? != 0 ] ; then | ||
45 | + echo The httpd server does not work! | ||
46 | + fi | ||
47 | ;; | ||
48 | *) | ||
49 | $HTTPD $ARGV | ||
50 | -- | ||
51 | 1.6.4 | ||
52 | |||
diff --git a/meta-webserver/recipes-httpd/apache2/apache2/server-makefile.patch b/meta-webserver/recipes-httpd/apache2/apache2/server-makefile.patch new file mode 100644 index 000000000..f1349cb6a --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/apache2/server-makefile.patch | |||
@@ -0,0 +1,11 @@ | |||
1 | --- http-2.0.54/server/Makefile.in-old 2005-12-20 13:26:56.000000000 -0500 | ||
2 | +++ http-2.0.54/server/Makefile.in 2005-12-20 13:27:22.000000000 -0500 | ||
3 | @@ -27,7 +27,7 @@ | ||
4 | $(LINK) $(EXTRA_LDFLAGS) $(gen_test_char_OBJECTS) $(EXTRA_LIBS) | ||
5 | |||
6 | test_char.h: gen_test_char | ||
7 | - ./gen_test_char > test_char.h | ||
8 | + gen_test_char > test_char.h | ||
9 | |||
10 | util.lo: test_char.h | ||
11 | |||
diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.10.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.10.bb new file mode 100644 index 000000000..d79d40bd2 --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.10.bb | |||
@@ -0,0 +1,160 @@ | |||
1 | DESCRIPTION = "The Apache HTTP Server is a powerful, efficient, and \ | ||
2 | extensible web server." | ||
3 | SUMMARY = "Apache HTTP Server" | ||
4 | HOMEPAGE = "http://httpd.apache.org/" | ||
5 | DEPENDS = "libtool-native apache2-native openssl expat pcre apr apr-util" | ||
6 | SECTION = "net" | ||
7 | LICENSE = "Apache-2.0" | ||
8 | |||
9 | SRC_URI = "http://www.apache.org/dist/httpd/httpd-${PV}.tar.bz2 \ | ||
10 | file://server-makefile.patch \ | ||
11 | file://httpd-2.4.1-corelimit.patch \ | ||
12 | file://httpd-2.4.4-export.patch \ | ||
13 | file://httpd-2.4.1-selinux.patch \ | ||
14 | file://apache-configure_perlbin.patch \ | ||
15 | file://replace-lynx-to-curl-in-apachectl-script.patch \ | ||
16 | file://apache-ssl-ltmain-rpath.patch \ | ||
17 | file://httpd-2.4.3-fix-race-issue-of-dir-install.patch \ | ||
18 | file://npn-patch-2.4.7.patch \ | ||
19 | file://0001-configure-use-pkg-config-for-PCRE-detection.patch \ | ||
20 | file://init \ | ||
21 | file://apache2-volatile.conf \ | ||
22 | file://apache2.service \ | ||
23 | file://apache-CVE-2014-0117.patch \ | ||
24 | " | ||
25 | |||
26 | LIC_FILES_CHKSUM = "file://LICENSE;md5=dbff5a2b542fa58854455bf1a0b94b83" | ||
27 | SRC_URI[md5sum] = "44543dff14a4ebc1e9e2d86780507156" | ||
28 | SRC_URI[sha256sum] = "176c4dac1a745f07b7b91e7f4fd48f9c48049fa6f088efe758d61d9738669c6a" | ||
29 | |||
30 | S = "${WORKDIR}/httpd-${PV}" | ||
31 | |||
32 | inherit autotools update-rc.d pkgconfig systemd | ||
33 | |||
34 | SYSTEMD_SERVICE_${PN} = "apache2.service" | ||
35 | SYSTEMD_AUTO_ENABLE_${PN} = "disable" | ||
36 | |||
37 | SSTATE_SCAN_FILES += "apxs config_vars.mk config.nice" | ||
38 | |||
39 | CFLAGS_append = " -DPATH_MAX=4096" | ||
40 | CFLAGS_prepend = "-I${STAGING_INCDIR}/openssl " | ||
41 | EXTRA_OECONF = "--enable-ssl \ | ||
42 | --with-ssl=${STAGING_LIBDIR}/.. \ | ||
43 | --with-expat=${STAGING_LIBDIR}/.. \ | ||
44 | --with-apr=${STAGING_BINDIR_CROSS}/apr-1-config \ | ||
45 | --with-apr-util=${STAGING_BINDIR_CROSS}/apu-1-config \ | ||
46 | --enable-info \ | ||
47 | --enable-rewrite \ | ||
48 | --with-dbm=sdbm \ | ||
49 | --with-berkeley-db=no \ | ||
50 | --localstatedir=/var/${BPN} \ | ||
51 | --with-gdbm=no \ | ||
52 | --with-ndbm=no \ | ||
53 | --includedir=${includedir}/${BPN} \ | ||
54 | --datadir=${datadir}/${BPN} \ | ||
55 | --sysconfdir=${sysconfdir}/${BPN} \ | ||
56 | --libexecdir=${libdir}/${BPN}/modules \ | ||
57 | ap_cv_void_ptr_lt_long=no \ | ||
58 | --enable-mpms-shared \ | ||
59 | ac_cv_have_threadsafe_pollset=no" | ||
60 | |||
61 | do_install_append() { | ||
62 | install -d ${D}/${sysconfdir}/init.d | ||
63 | cat ${WORKDIR}/init | \ | ||
64 | sed -e 's,/usr/sbin/,${sbindir}/,g' \ | ||
65 | -e 's,/usr/bin/,${bindir}/,g' \ | ||
66 | -e 's,/usr/lib,${libdir}/,g' \ | ||
67 | -e 's,/etc/,${sysconfdir}/,g' \ | ||
68 | -e 's,/usr/,${prefix}/,g' > ${D}/${sysconfdir}/init.d/${BPN} | ||
69 | chmod 755 ${D}/${sysconfdir}/init.d/${BPN} | ||
70 | # remove the goofy original files... | ||
71 | rm -rf ${D}/${sysconfdir}/${BPN}/original | ||
72 | # Expat should be found in the staging area via DEPENDS... | ||
73 | rm -f ${D}/${libdir}/libexpat.* | ||
74 | |||
75 | install -d ${D}${sysconfdir}/${BPN}/conf.d | ||
76 | install -d ${D}${sysconfdir}/${BPN}/modules.d | ||
77 | |||
78 | # Ensure configuration file pulls in conf.d and modules.d | ||
79 | printf "\nIncludeOptional ${sysconfdir}/${BPN}/conf.d/*.conf" >> ${D}/${sysconfdir}/${BPN}/httpd.conf | ||
80 | printf "\nIncludeOptional ${sysconfdir}/${BPN}/modules.d/*.conf\n\n" >> ${D}/${sysconfdir}/${BPN}/httpd.conf | ||
81 | # match with that is in init script | ||
82 | printf "\nPidFile /run/httpd.pid" >> ${D}/${sysconfdir}/${BPN}/httpd.conf | ||
83 | # Set 'ServerName' to fix error messages when restart apache service | ||
84 | sed -i 's/^#ServerName www.example.com/ServerName localhost/' ${D}/${sysconfdir}/${BPN}/httpd.conf | ||
85 | |||
86 | if ${@base_contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then | ||
87 | install -d ${D}${sysconfdir}/tmpfiles.d/ | ||
88 | install -m 0644 ${WORKDIR}/apache2-volatile.conf ${D}${sysconfdir}/tmpfiles.d/ | ||
89 | fi | ||
90 | |||
91 | install -d ${D}${systemd_unitdir}/system | ||
92 | install -m 0644 ${WORKDIR}/apache2.service ${D}${systemd_unitdir}/system | ||
93 | sed -i -e 's,@SBINDIR@,${sbindir},g' ${D}${systemd_unitdir}/system/apache2.service | ||
94 | sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' ${D}${systemd_unitdir}/system/apache2.service | ||
95 | } | ||
96 | |||
97 | SYSROOT_PREPROCESS_FUNCS += "apache_sysroot_preprocess" | ||
98 | |||
99 | apache_sysroot_preprocess () { | ||
100 | install -d ${SYSROOT_DESTDIR}${bindir_crossscripts}/ | ||
101 | install -m 755 ${D}${bindir}/apxs ${SYSROOT_DESTDIR}${bindir_crossscripts}/ | ||
102 | sed -i 's!my $installbuilddir = .*!my $installbuilddir = "${STAGING_DIR_HOST}/${datadir}/${BPN}/build";!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/apxs | ||
103 | sed -i 's!my $libtool = .*!my $libtool = "${STAGING_BINDIR_CROSS}/${TARGET_PREFIX}libtool";!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/apxs | ||
104 | |||
105 | sed -i 's!^APR_CONFIG = .*!APR_CONFIG = ${STAGING_BINDIR_CROSS}/apr-1-config!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk | ||
106 | sed -i 's!^APU_CONFIG = .*!APU_CONFIG = ${STAGING_BINDIR_CROSS}/apu-1-config!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk | ||
107 | sed -i 's!^includedir = .*!includedir = ${STAGING_INCDIR}/apache2!' ${SYSROOT_DESTDIR}${datadir}/${BPN}/build/config_vars.mk | ||
108 | } | ||
109 | |||
110 | # | ||
111 | # implications - used by update-rc.d scripts | ||
112 | # | ||
113 | INITSCRIPT_NAME = "apache2" | ||
114 | INITSCRIPT_PARAMS = "defaults 91 20" | ||
115 | LEAD_SONAME = "libapr-1.so.0" | ||
116 | |||
117 | PACKAGES = "${PN}-scripts ${PN}-doc ${PN}-dev ${PN}-dbg ${PN}" | ||
118 | |||
119 | CONFFILES_${PN} = "${sysconfdir}/${BPN}/httpd.conf \ | ||
120 | ${sysconfdir}/${BPN}/magic \ | ||
121 | ${sysconfdir}/${BPN}/mime.types \ | ||
122 | ${sysconfdir}/init.d/${BPN} " | ||
123 | |||
124 | # we override here rather than append so that .so links are | ||
125 | # included in the runtime package rather than here (-dev) | ||
126 | # and to get build, icons, error into the -dev package | ||
127 | FILES_${PN}-dev = "${datadir}/${BPN}/build \ | ||
128 | ${datadir}/${BPN}/icons \ | ||
129 | ${datadir}/${BPN}/error \ | ||
130 | ${bindir}/apr-config ${bindir}/apu-config \ | ||
131 | ${libdir}/apr*.exp \ | ||
132 | ${includedir}/${BPN} \ | ||
133 | ${libdir}/*.la \ | ||
134 | ${libdir}/*.a \ | ||
135 | ${bindir}/apxs \ | ||
136 | " | ||
137 | |||
138 | |||
139 | # manual to manual | ||
140 | FILES_${PN}-doc += " ${datadir}/${BPN}/manual" | ||
141 | |||
142 | FILES_${PN}-scripts += "${bindir}/dbmmanage" | ||
143 | |||
144 | # | ||
145 | # override this too - here is the default, less datadir | ||
146 | # | ||
147 | FILES_${PN} = "${bindir} ${sbindir} ${libexecdir} ${libdir}/lib*.so.* ${sysconfdir} \ | ||
148 | ${sharedstatedir} ${localstatedir} /bin /sbin /lib/*.so* \ | ||
149 | ${libdir}/${BPN}" | ||
150 | |||
151 | # we want htdocs and cgi-bin to go with the binary | ||
152 | FILES_${PN} += "${datadir}/${BPN}/htdocs ${datadir}/${BPN}/cgi-bin" | ||
153 | |||
154 | #make sure the lone .so links also get wrapped in the base package | ||
155 | FILES_${PN} += "${libdir}/lib*.so ${libdir}/pkgconfig/*" | ||
156 | |||
157 | FILES_${PN}-dbg += "${libdir}/${BPN}/modules/.debug" | ||
158 | |||
159 | RDEPENDS_${PN} += "openssl libgcc" | ||
160 | RDEPENDS_${PN}-scripts += "perl ${PN}" | ||
diff --git a/meta-webserver/recipes-httpd/apache2/files/0001-configure-use-pkg-config-for-PCRE-detection.patch b/meta-webserver/recipes-httpd/apache2/files/0001-configure-use-pkg-config-for-PCRE-detection.patch new file mode 100644 index 000000000..63096db0a --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/files/0001-configure-use-pkg-config-for-PCRE-detection.patch | |||
@@ -0,0 +1,52 @@ | |||
1 | From d8837756f2a48adcfe5d645c39cf163d96eac76c Mon Sep 17 00:00:00 2001 | ||
2 | From: Koen Kooi <koen.kooi@linaro.org> | ||
3 | Date: Tue, 17 Jun 2014 09:10:57 +0200 | ||
4 | Subject: [PATCH] configure: use pkg-config for PCRE detection | ||
5 | |||
6 | Signed-off-by: Koen Kooi <koen.kooi@linaro.org> | ||
7 | Upstream-Status: pending | ||
8 | --- | ||
9 | configure.in | 27 +++++---------------------- | ||
10 | 1 file changed, 5 insertions(+), 22 deletions(-) | ||
11 | |||
12 | diff --git a/configure.in b/configure.in | ||
13 | index 864d7c7..da4138e 100644 | ||
14 | --- a/configure.in | ||
15 | +++ b/configure.in | ||
16 | @@ -215,28 +215,11 @@ fi | ||
17 | AC_ARG_WITH(pcre, | ||
18 | APACHE_HELP_STRING(--with-pcre=PATH,Use external PCRE library)) | ||
19 | |||
20 | -AC_PATH_PROG(PCRE_CONFIG, pcre-config, false) | ||
21 | -if test -d "$with_pcre" && test -x "$with_pcre/bin/pcre-config"; then | ||
22 | - PCRE_CONFIG=$with_pcre/bin/pcre-config | ||
23 | -elif test -x "$with_pcre"; then | ||
24 | - PCRE_CONFIG=$with_pcre | ||
25 | -fi | ||
26 | - | ||
27 | -if test "$PCRE_CONFIG" != "false"; then | ||
28 | - if $PCRE_CONFIG --version >/dev/null 2>&1; then :; else | ||
29 | - AC_MSG_ERROR([Did not find pcre-config script at $PCRE_CONFIG]) | ||
30 | - fi | ||
31 | - case `$PCRE_CONFIG --version` in | ||
32 | - [[1-5].*]) | ||
33 | - AC_MSG_ERROR([Need at least pcre version 6.0]) | ||
34 | - ;; | ||
35 | - esac | ||
36 | - AC_MSG_NOTICE([Using external PCRE library from $PCRE_CONFIG]) | ||
37 | - APR_ADDTO(PCRE_INCLUDES, [`$PCRE_CONFIG --cflags`]) | ||
38 | - APR_ADDTO(PCRE_LIBS, [`$PCRE_CONFIG --libs`]) | ||
39 | -else | ||
40 | - AC_MSG_ERROR([pcre-config for libpcre not found. PCRE is required and available from http://pcre.org/]) | ||
41 | -fi | ||
42 | +PKG_CHECK_MODULES([PCRE], [libpcre], [ | ||
43 | + AC_DEFINE([HAVE_PCRE], [1], [Define if you have PCRE library]) | ||
44 | +], [ | ||
45 | + AC_MSG_ERROR([$PCRE_PKG_ERRORS]) | ||
46 | +]) | ||
47 | APACHE_SUBST(PCRE_LIBS) | ||
48 | |||
49 | AC_MSG_NOTICE([]) | ||
50 | -- | ||
51 | 1.9.3 | ||
52 | |||
diff --git a/meta-webserver/recipes-httpd/apache2/files/apache2-volatile.conf b/meta-webserver/recipes-httpd/apache2/files/apache2-volatile.conf new file mode 100644 index 000000000..ff2c58704 --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/files/apache2-volatile.conf | |||
@@ -0,0 +1,2 @@ | |||
1 | d /var/run/apache2 0755 root root - | ||
2 | d /var/log/apache2 0755 root root - | ||
diff --git a/meta-webserver/recipes-httpd/apache2/files/apache2.service b/meta-webserver/recipes-httpd/apache2/files/apache2.service new file mode 100644 index 000000000..f4bcf9efa --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/files/apache2.service | |||
@@ -0,0 +1,14 @@ | |||
1 | [Unit] | ||
2 | Decription=The Apache HTTP Server | ||
3 | After=network.target remote-fs.target nss-lookup.target | ||
4 | |||
5 | [Service] | ||
6 | Type=simple | ||
7 | Environment=LANG=C | ||
8 | ExecStart=@SBINDIR@/httpd -DFOREGROUND -D SSL -D PHP5 -k start | ||
9 | ExecStop=@BASE_BINDIR@/kill -WINCH ${MAINPID} | ||
10 | KillSignal=SIGCONT | ||
11 | PrivateTmp=true | ||
12 | |||
13 | [Install] | ||
14 | WantedBy=multi-user.target | ||
diff --git a/meta-webserver/recipes-httpd/apache2/files/httpd-2.4.3-fix-race-issue-of-dir-install.patch b/meta-webserver/recipes-httpd/apache2/files/httpd-2.4.3-fix-race-issue-of-dir-install.patch new file mode 100644 index 000000000..b948753b4 --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/files/httpd-2.4.3-fix-race-issue-of-dir-install.patch | |||
@@ -0,0 +1,21 @@ | |||
1 | Upstream-Status: Pending | ||
2 | |||
3 | fix following race issue when do parallel install | ||
4 | | mkdir: cannot create directory `/home/mypc/workspace/poky/build_p4080ds_release/tmp/work/ppce500mc-fsl_networking-linux/apache2/2.4.3-r1/image/usr/share/apache2': File exists | ||
5 | ... | ||
6 | | mkdir: cannot create directory `/home/mypc/workspace/poky/build_p4080ds_release/tmp/work/ppce500mc-fsl_networking-linux/apache2/2.4.3-r1/image/usr/share/apache2': File exists | ||
7 | | make[1]: *** [install-man] Error 1 | ||
8 | | make[1]: *** Waiting for unfinished jobs.... | ||
9 | |||
10 | -Signed-off-by: Zhenhua Luo <zhenhua.luo@freescale.com> | ||
11 | --- httpd-2.4.3/build/mkdir.sh.orig 2013-01-25 03:47:21.565255420 -0600 | ||
12 | +++ httpd-2.4.3/build/mkdir.sh 2013-01-25 03:46:17.833051230 -0600 | ||
13 | @@ -39,7 +39,7 @@ | ||
14 | esac | ||
15 | if test ! -d "$pathcomp"; then | ||
16 | echo "mkdir $pathcomp" 1>&2 | ||
17 | - mkdir "$pathcomp" || errstatus=$? | ||
18 | + mkdir -p "$pathcomp" || errstatus=$? | ||
19 | fi | ||
20 | pathcomp="$pathcomp/" | ||
21 | done | ||
diff --git a/meta-webserver/recipes-httpd/apache2/files/init b/meta-webserver/recipes-httpd/apache2/files/init new file mode 100755 index 000000000..a1adbd74f --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/files/init | |||
@@ -0,0 +1,73 @@ | |||
1 | #!/bin/sh | ||
2 | ### BEGIN INIT INFO | ||
3 | # Provides: httpd | ||
4 | # Required-Start: $local_fs $remote_fs $network $named | ||
5 | # Required-Stop: $local_fs $remote_fs $network | ||
6 | # Should-Start: distcache | ||
7 | # Short-Description: start and stop Apache HTTP Server | ||
8 | # Description: The Apache HTTP Server is an extensible server | ||
9 | # implementing the current HTTP standards. | ||
10 | ### END INIT INFO | ||
11 | |||
12 | ARGS="-D SSL -D PHP5 -k start" | ||
13 | NAME=apache2 | ||
14 | PATH=/bin:/usr/bin:/sbin:/usr/sbin | ||
15 | DAEMON=/usr/sbin/httpd | ||
16 | SUEXEC=/usr/lib/apache/suexec | ||
17 | PIDFILE=/run/httpd.pid | ||
18 | CONF=/etc/apache2/httpd.conf | ||
19 | APACHECTL=/usr/sbin/apachectl | ||
20 | |||
21 | trap "" 1 | ||
22 | export LANG=C | ||
23 | export PATH | ||
24 | |||
25 | test -f $DAEMON || exit 0 | ||
26 | test -f $APACHECTL || exit 0 | ||
27 | |||
28 | # ensure we don't leak environment vars into apachectl | ||
29 | APACHECTL="env -i LANG=${LANG} PATH=${PATH} $APACHECTL" | ||
30 | |||
31 | case "$1" in | ||
32 | start) | ||
33 | echo -n "Starting web server: $NAME" | ||
34 | $APACHECTL $ARGS | ||
35 | ;; | ||
36 | |||
37 | stop) | ||
38 | $APACHECTL stop | ||
39 | ;; | ||
40 | |||
41 | reload) | ||
42 | echo -n "Reloading $NAME configuration" | ||
43 | kill -HUP `cat $PIDFILE` | ||
44 | ;; | ||
45 | |||
46 | reload-modules) | ||
47 | echo -n "Reloading $NAME modules" | ||
48 | $APACHECTL restart | ||
49 | ;; | ||
50 | |||
51 | restart) | ||
52 | $APACHECTL restart | ||
53 | exit $? | ||
54 | ;; | ||
55 | |||
56 | force-reload) | ||
57 | $0 reload-modules | ||
58 | exit $? | ||
59 | ;; | ||
60 | |||
61 | *) | ||
62 | echo "Usage: /etc/init.d/$NAME {start|stop|reload|reload-modules|force-reload|restart}" | ||
63 | exit 1 | ||
64 | ;; | ||
65 | esac | ||
66 | |||
67 | if [ $? = 0 ]; then | ||
68 | echo . | ||
69 | exit 0 | ||
70 | else | ||
71 | echo failed | ||
72 | exit 1 | ||
73 | fi | ||
diff --git a/meta-webserver/recipes-httpd/cherokee/cherokee/cherokee-install-configured.py-once.patch b/meta-webserver/recipes-httpd/cherokee/cherokee/cherokee-install-configured.py-once.patch new file mode 100644 index 000000000..3336f7df7 --- /dev/null +++ b/meta-webserver/recipes-httpd/cherokee/cherokee/cherokee-install-configured.py-once.patch | |||
@@ -0,0 +1,40 @@ | |||
1 | From 98a0f19df0a31d5649ad89d395fd1b8de5591827 Mon Sep 17 00:00:00 2001 | ||
2 | From: Robert Yang <liezhi.yang@windriver.com> | ||
3 | Date: Thu, 3 Apr 2014 21:33:25 +0800 | ||
4 | Subject: [PATCH] admin/Makefile.am: only install configured.py once | ||
5 | |||
6 | Both the two rules install-adminpyDATA and install-generatedDATA will | ||
7 | install the configured.py to the same location, they can run parallel, | ||
8 | and they use "install -m", which would might build failures: | ||
9 | |||
10 | /usr/bin/install: setting permissions for `/path/to/configured.py': No such file or directory | ||
11 | |||
12 | This is because the first install is setting the permission while the | ||
13 | second install is removing the file an re-install. | ||
14 | |||
15 | Only install the configured.py once will fix the problem, I think that | ||
16 | there is no side effect since it installed the same file to the same | ||
17 | location twice in the past. | ||
18 | |||
19 | Upstream-Status: Pending | ||
20 | |||
21 | Signed-off-by: Robert Yang <liezhi.yang@windriver.com> | ||
22 | --- | ||
23 | admin/Makefile.am | 1 - | ||
24 | 1 file changed, 1 deletion(-) | ||
25 | |||
26 | diff --git a/admin/Makefile.am b/admin/Makefile.am | ||
27 | index ce5937b..6f96934 100644 | ||
28 | --- a/admin/Makefile.am | ||
29 | +++ b/admin/Makefile.am | ||
30 | @@ -73,7 +73,6 @@ SystemStatsWidgets.py \ | ||
31 | Wizard.py \ | ||
32 | XMLServerDigest.py \ | ||
33 | config_version.py \ | ||
34 | -configured.py \ | ||
35 | consts.py \ | ||
36 | util.py \ | ||
37 | popen.py \ | ||
38 | -- | ||
39 | 1.8.2.1 | ||
40 | |||
diff --git a/meta-webserver/recipes-httpd/cherokee/cherokee/cherokee.init b/meta-webserver/recipes-httpd/cherokee/cherokee/cherokee.init new file mode 100644 index 000000000..93603b84d --- /dev/null +++ b/meta-webserver/recipes-httpd/cherokee/cherokee/cherokee.init | |||
@@ -0,0 +1,32 @@ | |||
1 | #!/bin/sh | ||
2 | DAEMON=/usr/sbin/cherokee | ||
3 | CONFIG=/etc/cherokee/cherokee.conf | ||
4 | PIDFILE=/var/run/cherokee.pid | ||
5 | NAME="cherokee" | ||
6 | DESC="Cherokee http server" | ||
7 | |||
8 | test -r /etc/default/cherokee && . /etc/default/cherokee | ||
9 | test -x "$DAEMON" || exit 0 | ||
10 | test ! -r "$CONFIG" && exit 0 | ||
11 | |||
12 | case "$1" in | ||
13 | start) | ||
14 | echo "Starting $DESC: " | ||
15 | start-stop-daemon --oknodo -S -x $DAEMON -- -d -C $CONFIG | ||
16 | ;; | ||
17 | |||
18 | stop) | ||
19 | echo "Stopping $DESC:" | ||
20 | start-stop-daemon -K -p $PIDFILE | ||
21 | ;; | ||
22 | |||
23 | restart) | ||
24 | $0 stop >/dev/null 2>&1 | ||
25 | $0 start | ||
26 | ;; | ||
27 | |||
28 | *) | ||
29 | echo "Usage: $0 {start|stop|restart}" | ||
30 | exit 0 | ||
31 | ;; | ||
32 | esac | ||
diff --git a/meta-webserver/recipes-httpd/cherokee/cherokee/cherokee.service b/meta-webserver/recipes-httpd/cherokee/cherokee/cherokee.service new file mode 100644 index 000000000..a2d703185 --- /dev/null +++ b/meta-webserver/recipes-httpd/cherokee/cherokee/cherokee.service | |||
@@ -0,0 +1,10 @@ | |||
1 | [Unit] | ||
2 | Description=Cherokee web server | ||
3 | After=syslog.target | ||
4 | |||
5 | [Service] | ||
6 | Type=forking | ||
7 | ExecStart=/usr/sbin/cherokee -d -C /etc/cherokee/cherokee.conf | ||
8 | |||
9 | [Install] | ||
10 | WantedBy=multi-user.target | ||
diff --git a/meta-webserver/recipes-httpd/cherokee/cherokee_1.2.98.bb b/meta-webserver/recipes-httpd/cherokee/cherokee_1.2.98.bb new file mode 100644 index 000000000..054858ed3 --- /dev/null +++ b/meta-webserver/recipes-httpd/cherokee/cherokee_1.2.98.bb | |||
@@ -0,0 +1,67 @@ | |||
1 | SUMMARY = "Cherokee Web Server fast and secure" | ||
2 | SUMMARY_cget = "Small downloader based in the Cherokee client library" | ||
3 | HOMEPAGE = "http://www.cherokee-project.com/" | ||
4 | SECTION = "network" | ||
5 | LICENSE = "GPLv2" | ||
6 | LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" | ||
7 | |||
8 | PR = "r9" | ||
9 | |||
10 | DEPENDS = "libpcre openssl mysql5 ${@base_contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" | ||
11 | |||
12 | SRC_URI = "http://www.cherokee-project.de/mirrors/cherokee/1.2/${PV}/cherokee-${PV}.tar.gz \ | ||
13 | file://cherokee.init \ | ||
14 | file://cherokee.service \ | ||
15 | file://cherokee-install-configured.py-once.patch \ | ||
16 | " | ||
17 | SRC_URI[md5sum] = "21b01e7d45c0e82ecc0c4257a9c27feb" | ||
18 | SRC_URI[sha256sum] = "042b5687b1a3db3ca818167548ce5d32c35e227c6640732dcb622a6f4a078b7d" | ||
19 | |||
20 | inherit autotools pkgconfig binconfig update-rc.d systemd | ||
21 | |||
22 | PACKAGECONFIG ??= "" | ||
23 | PACKAGECONFIG[ffmpeg] = "--with-ffmpeg,--without-ffmpeg,libav" | ||
24 | PACKAGECONFIG[ldap] = "--with-ldap,--without-ldap,openldap" | ||
25 | |||
26 | EXTRA_OECONF = "--disable-static \ | ||
27 | --disable-nls \ | ||
28 | ${@base_contains('DISTRO_FEATURES', 'pam', '--enable-pam', '--disable-pam', d)} \ | ||
29 | --with-wwwroot=${localstatedir}/www/cherokee \ | ||
30 | " | ||
31 | |||
32 | do_install_append () { | ||
33 | install -m 0755 -d ${D}${sysconfdir}/init.d | ||
34 | install -m 755 ${WORKDIR}/cherokee.init ${D}${sysconfdir}/init.d/cherokee | ||
35 | |||
36 | # clean up .la files for plugins | ||
37 | rm -f ${D}${libdir}/cherokee/*.la | ||
38 | |||
39 | install -d ${D}${systemd_unitdir}/system | ||
40 | install -m 0644 ${WORKDIR}/cherokee.service ${D}${systemd_unitdir}/system | ||
41 | rmdir "${D}${localstatedir}/run" | ||
42 | rmdir --ignore-fail-on-non-empty "${D}${localstatedir}" | ||
43 | } | ||
44 | |||
45 | # Put -dev near the front so we can move the .la files into it with a wildcard | ||
46 | PACKAGES =+ "libcherokee-server libcherokee-client libcherokee-base cget" | ||
47 | |||
48 | FILES_cget = "${bindir}/cget" | ||
49 | FILES_libcherokee-server = "${libdir}/libcherokee-server${SOLIBS}" | ||
50 | FILES_libcherokee-client = "${libdir}/libcherokee-client${SOLIBS}" | ||
51 | FILES_libcherokee-base = "${libdir}/libcherokee-base${SOLIBS}" | ||
52 | |||
53 | # Pack the htdocs | ||
54 | FILES_${PN} += "${localstatedir}/www/cherokee" | ||
55 | |||
56 | CONFFILES_${PN} = " \ | ||
57 | ${sysconfdir}/cherokee/cherokee.conf \ | ||
58 | ${sysconfdir}/init.d/cherokee \ | ||
59 | " | ||
60 | |||
61 | INITSCRIPT_NAME = "cherokee" | ||
62 | INITSCRIPT_PARAMS = "defaults 91 91" | ||
63 | |||
64 | RPROVIDES_${PN} += "${PN}-systemd" | ||
65 | RREPLACES_${PN} += "${PN}-systemd" | ||
66 | RCONFLICTS_${PN} += "${PN}-systemd" | ||
67 | SYSTEMD_SERVICE_${PN} = "cherokee.service" | ||
diff --git a/meta-webserver/recipes-httpd/hiawatha/files/hiawatha-init b/meta-webserver/recipes-httpd/hiawatha/files/hiawatha-init new file mode 100644 index 000000000..47fc0877a --- /dev/null +++ b/meta-webserver/recipes-httpd/hiawatha/files/hiawatha-init | |||
@@ -0,0 +1,44 @@ | |||
1 | #!/bin/sh | ||
2 | |||
3 | ### BEGIN INIT INFO | ||
4 | # Provides: hiawatha httpd httpd-cgi | ||
5 | # Required-Start: $syslog $network $remote_fs | ||
6 | # Required-Stop: $syslog $network $remote_fs | ||
7 | # Default-Start: 2 3 4 5 | ||
8 | # Default-Stop: 0 1 6 | ||
9 | # Short-Description: Hiawatha webserver | ||
10 | # Description: Hiawatha, a secure and advanced webserver. | ||
11 | ### END INIT INFO | ||
12 | |||
13 | PATH=/sbin:/bin:/usr/sbin:/usr/bin | ||
14 | DAEMON=sed_sbin_path/hiawatha | ||
15 | NAME=hiawatha | ||
16 | DESC="Hiawatha Web Server" | ||
17 | OPTS="" | ||
18 | |||
19 | case "$1" in | ||
20 | start) | ||
21 | echo -n "Starting $DESC: " | ||
22 | start-stop-daemon --start -x "$DAEMON" -- $OPTS | ||
23 | echo "$NAME." | ||
24 | ;; | ||
25 | stop) | ||
26 | echo -n "Stopping $DESC: " | ||
27 | start-stop-daemon --stop -x "$DAEMON" | ||
28 | echo "$NAME." | ||
29 | ;; | ||
30 | restart|force-reload) | ||
31 | echo -n "Restarting $DESC: " | ||
32 | start-stop-daemon --stop -x "$DAEMON" | ||
33 | sleep 1 | ||
34 | start-stop-daemon --start -x "$DAEMON" -- $OPTS | ||
35 | echo "$NAME." | ||
36 | ;; | ||
37 | *) | ||
38 | N=/etc/init.d/$NAME | ||
39 | echo "Usage: $N {start|stop|restart|force-reload}" >&2 | ||
40 | exit 1 | ||
41 | ;; | ||
42 | esac | ||
43 | |||
44 | exit 0 | ||
diff --git a/meta-webserver/recipes-httpd/hiawatha/files/hiawatha.service b/meta-webserver/recipes-httpd/hiawatha/files/hiawatha.service new file mode 100644 index 000000000..26cb8d03d --- /dev/null +++ b/meta-webserver/recipes-httpd/hiawatha/files/hiawatha.service | |||
@@ -0,0 +1,16 @@ | |||
1 | [Unit] | ||
2 | Description=Hiawatha Web Server | ||
3 | After=network.target remote-fs.target nss-lookup.target | ||
4 | |||
5 | [Service] | ||
6 | Type=simple | ||
7 | SyslogIdentifier=hiawatha | ||
8 | ExecStartPre=/usr/sbin/hiawatha -k ; /usr/sbin/wigwam | ||
9 | ExecStart= /usr/sbin/hiawatha -d | ||
10 | TimeoutSec=10 | ||
11 | #(doesn't like this setting. Can't find files) PrivateTmp=true | ||
12 | LimitNOFILE=infinity | ||
13 | CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_CHOWN CAP_DAC_OVERRIDE CAP_FOWNER CAP_FSETID CAP_SETGID CAP_SETUID | ||
14 | |||
15 | [Install] | ||
16 | WantedBy=multi-user.target | ||
diff --git a/meta-webserver/recipes-httpd/hiawatha/hiawatha_9.2.bb b/meta-webserver/recipes-httpd/hiawatha/hiawatha_9.2.bb new file mode 100644 index 000000000..b9fa5cde8 --- /dev/null +++ b/meta-webserver/recipes-httpd/hiawatha/hiawatha_9.2.bb | |||
@@ -0,0 +1,66 @@ | |||
1 | SUMMARY = "Lightweight secure web server" | ||
2 | HOMEPAGE = "http://www.hiawatha-webserver.org" | ||
3 | LICENSE = "GPLv2" | ||
4 | LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe" | ||
5 | DEPENDS = "libxml2 libxslt" | ||
6 | |||
7 | SECTION = "net" | ||
8 | |||
9 | SRC_URI = "http://hiawatha-webserver.org/files/${BP}.tar.gz \ | ||
10 | file://hiawatha-init \ | ||
11 | file://hiawatha.service " | ||
12 | |||
13 | SRC_URI[md5sum] = "a77f044634884c4cc5d21dab44e822a3" | ||
14 | SRC_URI[sha256sum] = "5d9cdec51c618bb3efab747030e593d9bd49dfaf3236254c8e0cb60715716dbf" | ||
15 | |||
16 | INITSCRIPT_NAME = "hiawatha" | ||
17 | INITSCRIPT_PARAMS = "defaults 70" | ||
18 | |||
19 | SYSTEMD_SERVICE_${PN} = "hiawatha.service" | ||
20 | |||
21 | inherit cmake update-rc.d systemd | ||
22 | |||
23 | EXTRA_OECMAKE = " -DENABLE_IPV6=OFF \ | ||
24 | -DENABLE_CACHE=OFF \ | ||
25 | -DENABLE_DEBUG=OFF \ | ||
26 | -DENABLE_SSL=OFF \ | ||
27 | -DENABLE_TOOLKIT=OFF \ | ||
28 | -DENABLE_CHROOT=OFF \ | ||
29 | -DENABLE_XSLT=ON \ | ||
30 | -DENABLE_TOMAHAWK=OFF \ | ||
31 | -DCMAKE_INSTALL_MANDIR=${mandir} \ | ||
32 | -DCMAKE_INSTALL_BINDIR=${bindir} \ | ||
33 | -DCMAKE_INSTALL_SBINDIR=${sbindir} \ | ||
34 | -DCMAKE_INSTALL_SYSCONFDIR=${sysconfdir} \ | ||
35 | -DCMAKE_INSTALL_LIBDIR=${libdir} \ | ||
36 | -DLOG_DIR=/var/log/hiawatha \ | ||
37 | -DPID_DIR=/var/run \ | ||
38 | -DWEBROOT_DIR=/var/www/hiawatha \ | ||
39 | -DWORK_DIR=/var/lib/hiawatha " | ||
40 | |||
41 | do_install_append() { | ||
42 | # Copy over init script and sed in the correct sbin path | ||
43 | sed -i 's,sed_sbin_path,${sbindir},' ${WORKDIR}/hiawatha-init | ||
44 | mkdir -p ${D}${sysconfdir}/init.d | ||
45 | install -m 0755 ${WORKDIR}/hiawatha-init ${D}${sysconfdir}/init.d/hiawatha | ||
46 | |||
47 | # configure php-fcgi to have a working configuration | ||
48 | # by default if php is installed | ||
49 | echo "Server = ${bindir}/php-cgi ; 2 ; 127.0.0.1:2005 ; nobody:nobody ; ${sysconfdir}/php/hiawatha-php5/php.ini" >> ${D}${sysconfdir}/hiawatha/php-fcgi.conf | ||
50 | |||
51 | if ${@base_contains('DISTRO_FEATURES','systemd','true','false',d)}; then | ||
52 | install -d ${D}/${systemd_unitdir}/system | ||
53 | install -m 644 ${WORKDIR}/hiawatha.service ${D}/${systemd_unitdir}/system | ||
54 | fi | ||
55 | |||
56 | rmdir "${D}${localstatedir}/run" | ||
57 | rmdir --ignore-fail-on-non-empty "${D}${localstatedir}" | ||
58 | } | ||
59 | |||
60 | CONFFILES_${PN} = " \ | ||
61 | ${sysconfdir}/hiawatha/cgi-wrapper.conf \ | ||
62 | ${sysconfdir}/hiawatha/hiawatha.conf \ | ||
63 | ${sysconfdir}/hiawatha/index.xslt \ | ||
64 | ${sysconfdir}/hiawatha/mimetype.conf \ | ||
65 | ${sysconfdir}/hiawatha/php-fcgi.conf \ | ||
66 | " | ||
diff --git a/meta-webserver/recipes-httpd/monkey/files/monkey.init b/meta-webserver/recipes-httpd/monkey/files/monkey.init new file mode 100644 index 000000000..40b21182e --- /dev/null +++ b/meta-webserver/recipes-httpd/monkey/files/monkey.init | |||
@@ -0,0 +1,34 @@ | |||
1 | #!/bin/sh | ||
2 | |||
3 | PATH=/sbin:/bin:/usr/sbin:/usr/bin | ||
4 | DAEMON=/usr/bin/monkey | ||
5 | NAME=monkey | ||
6 | DESC="Monkey HTTP Server" | ||
7 | OPTS="--daemon" | ||
8 | |||
9 | case "$1" in | ||
10 | start) | ||
11 | echo -n "Starting $DESC: " | ||
12 | start-stop-daemon --start -x "$DAEMON" -- $OPTS | ||
13 | echo "$NAME." | ||
14 | ;; | ||
15 | stop) | ||
16 | echo -n "Stopping $DESC: " | ||
17 | start-stop-daemon --stop -x "$DAEMON" | ||
18 | echo "$NAME." | ||
19 | ;; | ||
20 | restart|force-reload) | ||
21 | echo -n "Restarting $DESC: " | ||
22 | start-stop-daemon --stop -x "$DAEMON" | ||
23 | sleep 1 | ||
24 | start-stop-daemon --start -x "$DAEMON" -- $OPTS | ||
25 | echo "$NAME." | ||
26 | ;; | ||
27 | *) | ||
28 | N=/etc/init.d/$NAME | ||
29 | echo "Usage: $N {start|stop|restart|force-reload}" >&2 | ||
30 | exit 1 | ||
31 | ;; | ||
32 | esac | ||
33 | |||
34 | exit 0 | ||
diff --git a/meta-webserver/recipes-httpd/monkey/files/monkey.service b/meta-webserver/recipes-httpd/monkey/files/monkey.service new file mode 100644 index 000000000..f9aa57f91 --- /dev/null +++ b/meta-webserver/recipes-httpd/monkey/files/monkey.service | |||
@@ -0,0 +1,12 @@ | |||
1 | [Unit] | ||
2 | Description=Monkey HTTP Server | ||
3 | After=network.target remote-fs.target | ||
4 | |||
5 | [Service] | ||
6 | Type=forking | ||
7 | ExecStart=/usr/bin/monkey --daemon | ||
8 | PIDFile=/var/run/monkey.pid.2001 | ||
9 | TimeoutSec=10 | ||
10 | |||
11 | [Install] | ||
12 | WantedBy=multi-user.target | ||
diff --git a/meta-webserver/recipes-httpd/monkey/monkey_1.5.4.bb b/meta-webserver/recipes-httpd/monkey/monkey_1.5.4.bb new file mode 100644 index 000000000..a4963afcd --- /dev/null +++ b/meta-webserver/recipes-httpd/monkey/monkey_1.5.4.bb | |||
@@ -0,0 +1,64 @@ | |||
1 | SUMMARY = "Fast and Lightweight HTTP Server for Linux" | ||
2 | HOMEPAGE = "http://monkey-project.com" | ||
3 | BUGTRACKER = "https://github.com/monkey/monkey/issues" | ||
4 | |||
5 | LICENSE = "Apache-2.0" | ||
6 | LIC_FILES_CHKSUM = "file://LICENSE;md5=2ee41112a44fe7014dce33e26468ba93" | ||
7 | |||
8 | SECTION = "net" | ||
9 | |||
10 | SRC_URI = "http://monkey-project.com/releases/1.5/monkey-${PV}.tar.gz \ | ||
11 | file://monkey.service \ | ||
12 | file://monkey.init" | ||
13 | |||
14 | SRC_URI[md5sum] = "b794724ac38cfedee2a5d27c175bc87e" | ||
15 | SRC_URI[sha256sum] = "662bbafc614d32f645059e6e00258fed640665594f5b7f11cf4c4763cf09ddcf" | ||
16 | |||
17 | EXTRA_OECONF = "--plugdir=${libdir}/monkey/ \ | ||
18 | --logdir=${localstatedir}/log/monkey/ \ | ||
19 | --pidfile=${localstatedir}/run/monkey.pid \ | ||
20 | --default-user=www-data \ | ||
21 | --datadir=${localstatedir}/www/monkey/ \ | ||
22 | --sysconfdir=${sysconfdir}/monkey/ \ | ||
23 | --enable-plugins=* \ | ||
24 | --disable-plugins=polarssl \ | ||
25 | --debug \ | ||
26 | --malloc-libc" | ||
27 | |||
28 | inherit autotools-brokensep pkgconfig update-rc.d systemd | ||
29 | |||
30 | INITSCRIPT_NAME = "monkey" | ||
31 | INITSCRIPT_PARAMS = "defaults 70" | ||
32 | |||
33 | SYSTEMD_SERVICE_${PN} = "monkey.service" | ||
34 | |||
35 | FILES_${PN} += "${localstatedir}/www/monkey/" | ||
36 | |||
37 | CONFFILES_${PN} = "${sysconfdir}/monkey/monkey.conf \ | ||
38 | ${sysconfdir}/monkey/sites/default \ | ||
39 | ${sysconfdir}/monkey/monkey.mime \ | ||
40 | ${sysconfdir}/monkey/plugins.load \ | ||
41 | ${sysconfdir}/monkey/plugins/proxy_reverse/proxy_reverse.conf \ | ||
42 | ${sysconfdir}/monkey/plugins/mandril/mandril.conf \ | ||
43 | ${sysconfdir}/monkey/plugins/fastcgi/fastcgi.conf \ | ||
44 | ${sysconfdir}/monkey/plugins/logger/logger.conf \ | ||
45 | ${sysconfdir}/monkey/plugins/cgi/cgi.conf \ | ||
46 | ${sysconfdir}/monkey/plugins/cheetah/cheetah.conf \ | ||
47 | ${sysconfdir}/monkey/plugins/dirlisting/dirhtml.conf \ | ||
48 | ${sysconfdir}/monkey/plugins/dirlisting/themes/guineo/header.theme \ | ||
49 | ${sysconfdir}/monkey/plugins/dirlisting/themes/guineo/footer.theme \ | ||
50 | ${sysconfdir}/monkey/plugins/dirlisting/themes/guineo/entry.theme \ | ||
51 | ${sysconfdir}/monkey/plugins/auth/README \ | ||
52 | ${sysconfdir}/monkey/plugins/auth/monkey.users \ | ||
53 | " | ||
54 | |||
55 | do_install_append() { | ||
56 | |||
57 | mkdir -p ${D}${sysconfdir}/init.d | ||
58 | install -m 0755 ${WORKDIR}/monkey.init ${D}${sysconfdir}/init.d/monkey | ||
59 | |||
60 | if ${@base_contains('DISTRO_FEATURES','systemd','true','false',d)}; then | ||
61 | install -d ${D}${systemd_unitdir}/system | ||
62 | install -m 644 ${WORKDIR}/monkey.service ${D}/${systemd_unitdir}/system | ||
63 | fi | ||
64 | } | ||
diff --git a/meta-webserver/recipes-httpd/nginx/files/nginx-cross.patch b/meta-webserver/recipes-httpd/nginx/files/nginx-cross.patch new file mode 100644 index 000000000..5f899a1d8 --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/files/nginx-cross.patch | |||
@@ -0,0 +1,217 @@ | |||
1 | We do not have capability to run binaries when cross compiling | ||
2 | |||
3 | Upstream-Status: Pending | ||
4 | |||
5 | |||
6 | diff -uraN nginx-1.0.11.orig/auto/feature nginx-1.0.11/auto/feature | ||
7 | --- nginx-1.0.11.orig/auto/feature 2011-05-11 06:50:19.000000000 -0500 | ||
8 | +++ nginx-1.0.11/auto/feature 2011-12-27 13:56:42.323370040 -0600 | ||
9 | @@ -48,12 +48,20 @@ | ||
10 | |||
11 | if [ -x $NGX_AUTOTEST ]; then | ||
12 | |||
13 | + if [ ".$NGX_CROSS_COMPILE" = ".yes" ]; then | ||
14 | + NGX_AUTOTEST_EXEC="true" | ||
15 | + NGX_FOUND_MSG=" (not tested, cross compiling)" | ||
16 | + else | ||
17 | + NGX_AUTOTEST_EXEC="$NGX_AUTOTEST" | ||
18 | + NGX_FOUND_MSG="" | ||
19 | + fi | ||
20 | + | ||
21 | case "$ngx_feature_run" in | ||
22 | |||
23 | yes) | ||
24 | # /bin/sh is used to intercept "Killed" or "Abort trap" messages | ||
25 | - if /bin/sh -c $NGX_AUTOTEST >> $NGX_AUTOCONF_ERR 2>&1; then | ||
26 | - echo " found" | ||
27 | + if /bin/sh -c $NGX_AUTOTEST_EXEC >> $NGX_AUTOCONF_ERR 2>&1; then | ||
28 | + echo " found$NGX_FOUND_MSG" | ||
29 | ngx_found=yes | ||
30 | |||
31 | if test -n "$ngx_feature_name"; then | ||
32 | @@ -67,17 +75,27 @@ | ||
33 | |||
34 | value) | ||
35 | # /bin/sh is used to intercept "Killed" or "Abort trap" messages | ||
36 | - if /bin/sh -c $NGX_AUTOTEST >> $NGX_AUTOCONF_ERR 2>&1; then | ||
37 | - echo " found" | ||
38 | + if /bin/sh -c $NGX_AUTOTEST_EXEC >> $NGX_AUTOCONF_ERR 2>&1; then | ||
39 | + echo " found$NGX_FOUND_MSG" | ||
40 | ngx_found=yes | ||
41 | |||
42 | - cat << END >> $NGX_AUTO_CONFIG_H | ||
43 | + if [ ".$NGX_CROSS_COMPILE" = ".yes" ]; then | ||
44 | + cat << END >> $NGX_AUTO_CONFIG_H | ||
45 | |||
46 | #ifndef $ngx_feature_name | ||
47 | -#define $ngx_feature_name `$NGX_AUTOTEST` | ||
48 | +#define $ngx_feature_name $(eval "echo \$NGX_WITH_${ngx_feature_name}") | ||
49 | #endif | ||
50 | |||
51 | END | ||
52 | + else | ||
53 | + cat << END >> $NGX_AUTO_CONFIG_H | ||
54 | + | ||
55 | +#ifndef $ngx_feature_name | ||
56 | +#define $ngx_feature_name `$NGX_AUTOTEST_EXEC` | ||
57 | +#endif | ||
58 | + | ||
59 | +END | ||
60 | + fi | ||
61 | else | ||
62 | echo " found but is not working" | ||
63 | fi | ||
64 | @@ -85,7 +103,7 @@ | ||
65 | |||
66 | bug) | ||
67 | # /bin/sh is used to intercept "Killed" or "Abort trap" messages | ||
68 | - if /bin/sh -c $NGX_AUTOTEST >> $NGX_AUTOCONF_ERR 2>&1; then | ||
69 | + if /bin/sh -c $NGX_AUTOTEST_EXEC >> $NGX_AUTOCONF_ERR 2>&1; then | ||
70 | echo " not found" | ||
71 | |||
72 | else | ||
73 | diff -uraN nginx-1.0.11.orig/auto/options nginx-1.0.11/auto/options | ||
74 | --- nginx-1.0.11.orig/auto/options 2011-12-14 07:34:16.000000000 -0600 | ||
75 | +++ nginx-1.0.11/auto/options 2011-12-27 13:56:42.323370040 -0600 | ||
76 | @@ -289,6 +289,18 @@ | ||
77 | --test-build-rtsig) NGX_TEST_BUILD_RTSIG=YES ;; | ||
78 | --test-build-solaris-sendfilev) NGX_TEST_BUILD_SOLARIS_SENDFILEV=YES ;; | ||
79 | |||
80 | + # cross compile support | ||
81 | + --with-int=*) NGX_WITH_INT="$value" ;; | ||
82 | + --with-long=*) NGX_WITH_LONG="$value" ;; | ||
83 | + --with-long-long=*) NGX_WITH_LONG_LONG="$value" ;; | ||
84 | + --with-ptr-size=*) NGX_WITH_PTR_SIZE="$value" ;; | ||
85 | + --with-sig-atomic-t=*) NGX_WITH_SIG_ATOMIC_T="$value" ;; | ||
86 | + --with-size-t=*) NGX_WITH_SIZE_T="$value" ;; | ||
87 | + --with-off-t=*) NGX_WITH_OFF_T="$value" ;; | ||
88 | + --with-time-t=*) NGX_WITH_TIME_T="$value" ;; | ||
89 | + --with-sys-nerr=*) NGX_WITH_NGX_SYS_NERR="$value" ;; | ||
90 | + --with-endian=*) NGX_WITH_ENDIAN="$value" ;; | ||
91 | + | ||
92 | *) | ||
93 | echo "$0: error: invalid option \"$option\"" | ||
94 | exit 1 | ||
95 | @@ -434,6 +446,17 @@ | ||
96 | |||
97 | --with-debug enable debug logging | ||
98 | |||
99 | + --with-int=VALUE force int size | ||
100 | + --with-long=VALUE force long size | ||
101 | + --with-long-long=VALUE force long long size | ||
102 | + --with-ptr-size=VALUE force pointer size | ||
103 | + --with-sig-atomic-t=VALUE force sig_atomic_t size | ||
104 | + --with-size-t=VALUE force size_t size | ||
105 | + --with-off-t=VALUE force off_t size | ||
106 | + --with-time-t=VALUE force time_t size | ||
107 | + --with-sys-nerr=VALUE force sys_nerr value | ||
108 | + --with-endian=VALUE force system endianess | ||
109 | + | ||
110 | END | ||
111 | |||
112 | exit 1 | ||
113 | @@ -455,6 +478,8 @@ | ||
114 | |||
115 | if [ ".$NGX_PLATFORM" = ".win32" ]; then | ||
116 | NGX_WINE=$WINE | ||
117 | +elif [ ! -z "$NGX_PLATFORM" ]; then | ||
118 | + NGX_CROSS_COMPILE="yes" | ||
119 | fi | ||
120 | |||
121 | |||
122 | diff -uraN nginx-1.0.11.orig/auto/types/sizeof nginx-1.0.11/auto/types/sizeof | ||
123 | --- nginx-1.0.11.orig/auto/types/sizeof 2006-06-28 11:00:26.000000000 -0500 | ||
124 | +++ nginx-1.0.11/auto/types/sizeof 2011-12-27 13:56:42.323370040 -0600 | ||
125 | @@ -11,9 +11,12 @@ | ||
126 | |||
127 | END | ||
128 | |||
129 | -ngx_size= | ||
130 | +ngx_size=$(eval "echo \$NGX_WITH_${ngx_param}") | ||
131 | |||
132 | -cat << END > $NGX_AUTOTEST.c | ||
133 | +if [ ".$ngx_size" != "." ]; then | ||
134 | + echo " $ngx_size bytes" | ||
135 | +else | ||
136 | + cat << END > $NGX_AUTOTEST.c | ||
137 | |||
138 | #include <sys/types.h> | ||
139 | #include <sys/time.h> | ||
140 | @@ -31,19 +34,20 @@ | ||
141 | END | ||
142 | |||
143 | |||
144 | -ngx_test="$CC $CC_TEST_FLAGS $CC_AUX_FLAGS \ | ||
145 | - -o $NGX_AUTOTEST $NGX_AUTOTEST.c $NGX_LD_OPT $ngx_feature_libs" | ||
146 | + ngx_test="$CC $CC_TEST_FLAGS $CC_AUX_FLAGS \ | ||
147 | + -o $NGX_AUTOTEST $NGX_AUTOTEST.c $NGX_LD_OPT $ngx_feature_libs" | ||
148 | |||
149 | -eval "$ngx_test >> $NGX_AUTOCONF_ERR 2>&1" | ||
150 | + eval "$ngx_test >> $NGX_AUTOCONF_ERR 2>&1" | ||
151 | |||
152 | |||
153 | -if [ -x $NGX_AUTOTEST ]; then | ||
154 | - ngx_size=`$NGX_AUTOTEST` | ||
155 | - echo " $ngx_size bytes" | ||
156 | -fi | ||
157 | + if [ -x $NGX_AUTOTEST ]; then | ||
158 | + ngx_size=`$NGX_AUTOTEST` | ||
159 | + echo " $ngx_size bytes" | ||
160 | + fi | ||
161 | |||
162 | |||
163 | -rm -f $NGX_AUTOTEST | ||
164 | + rm -f $NGX_AUTOTEST | ||
165 | +fi | ||
166 | |||
167 | |||
168 | case $ngx_size in | ||
169 | diff -uraN nginx-1.0.11.orig/auto/unix nginx-1.0.11/auto/unix | ||
170 | --- nginx-1.0.11.orig/auto/unix 2011-12-14 07:34:16.000000000 -0600 | ||
171 | +++ nginx-1.0.11/auto/unix 2011-12-27 13:56:42.327370060 -0600 | ||
172 | @@ -393,13 +393,13 @@ | ||
173 | |||
174 | # C types | ||
175 | |||
176 | -ngx_type="int"; . auto/types/sizeof | ||
177 | +ngx_type="int"; ngx_param="INT"; . auto/types/sizeof | ||
178 | |||
179 | -ngx_type="long"; . auto/types/sizeof | ||
180 | +ngx_type="long"; ngx_param="LONG"; . auto/types/sizeof | ||
181 | |||
182 | -ngx_type="long long"; . auto/types/sizeof | ||
183 | +ngx_type="long long"; ngx_param="LONG_LONG"; . auto/types/sizeof | ||
184 | |||
185 | -ngx_type="void *"; . auto/types/sizeof; ngx_ptr_size=$ngx_size | ||
186 | +ngx_type="void *"; ngx_param="PTR_SIZE"; . auto/types/sizeof; ngx_ptr_size=$ngx_size | ||
187 | ngx_param=NGX_PTR_SIZE; ngx_value=$ngx_size; . auto/types/value | ||
188 | |||
189 | |||
190 | @@ -416,7 +416,7 @@ | ||
191 | |||
192 | ngx_type="uint64_t"; ngx_types="u_int64_t"; . auto/types/typedef | ||
193 | |||
194 | -ngx_type="sig_atomic_t"; ngx_types="int"; . auto/types/typedef | ||
195 | +ngx_type="sig_atomic_t"; ngx_param="SIG_ATOMIC_T"; ngx_types="int"; . auto/types/typedef | ||
196 | . auto/types/sizeof | ||
197 | ngx_param=NGX_SIG_ATOMIC_T_SIZE; ngx_value=$ngx_size; . auto/types/value | ||
198 | |||
199 | @@ -432,15 +432,15 @@ | ||
200 | |||
201 | . auto/endianess | ||
202 | |||
203 | -ngx_type="size_t"; . auto/types/sizeof | ||
204 | +ngx_type="size_t"; ngx_param="SIZE_T"; . auto/types/sizeof | ||
205 | ngx_param=NGX_MAX_SIZE_T_VALUE; ngx_value=$ngx_max_value; . auto/types/value | ||
206 | ngx_param=NGX_SIZE_T_LEN; ngx_value=$ngx_max_len; . auto/types/value | ||
207 | |||
208 | -ngx_type="off_t"; . auto/types/sizeof | ||
209 | +ngx_type="off_t"; ngx_param="OFF_T"; . auto/types/sizeof | ||
210 | ngx_param=NGX_MAX_OFF_T_VALUE; ngx_value=$ngx_max_value; . auto/types/value | ||
211 | ngx_param=NGX_OFF_T_LEN; ngx_value=$ngx_max_len; . auto/types/value | ||
212 | |||
213 | -ngx_type="time_t"; . auto/types/sizeof | ||
214 | +ngx_type="time_t"; ngx_param="TIME_T"; . auto/types/sizeof | ||
215 | ngx_param=NGX_TIME_T_SIZE; ngx_value=$ngx_size; . auto/types/value | ||
216 | ngx_param=NGX_TIME_T_LEN; ngx_value=$ngx_max_len; . auto/types/value | ||
217 | |||
diff --git a/meta-webserver/recipes-httpd/nginx/files/nginx-volatile.conf b/meta-webserver/recipes-httpd/nginx/files/nginx-volatile.conf new file mode 100644 index 000000000..93f3c6634 --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/files/nginx-volatile.conf | |||
@@ -0,0 +1,2 @@ | |||
1 | d www www-data 0755 /run/nginx none | ||
2 | d root root 0755 /var/log/nginx none | ||
diff --git a/meta-webserver/recipes-httpd/nginx/files/nginx.conf b/meta-webserver/recipes-httpd/nginx/files/nginx.conf new file mode 100644 index 000000000..fb7e4b65d --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/files/nginx.conf | |||
@@ -0,0 +1,118 @@ | |||
1 | |||
2 | user www-data; | ||
3 | worker_processes 1; | ||
4 | |||
5 | error_log /var/log/nginx/error.log; | ||
6 | #error_log logs/error.log notice; | ||
7 | #error_log logs/error.log info; | ||
8 | |||
9 | pid /run/nginx/nginx.pid; | ||
10 | |||
11 | |||
12 | events { | ||
13 | worker_connections 1024; | ||
14 | } | ||
15 | |||
16 | |||
17 | http { | ||
18 | include mime.types; | ||
19 | default_type application/octet-stream; | ||
20 | |||
21 | log_format main '$remote_addr - $remote_user [$time_local] "$request" ' | ||
22 | '$status $body_bytes_sent "$http_referer" ' | ||
23 | '"$http_user_agent" "$http_x_forwarded_for"'; | ||
24 | |||
25 | access_log /var/log/nginx/access.log main; | ||
26 | |||
27 | sendfile on; | ||
28 | #tcp_nopush on; | ||
29 | |||
30 | #keepalive_timeout 0; | ||
31 | keepalive_timeout 65; | ||
32 | |||
33 | #gzip on; | ||
34 | |||
35 | server { | ||
36 | listen 80; | ||
37 | server_name localhost; | ||
38 | |||
39 | #charset koi8-r; | ||
40 | |||
41 | #access_log logs/host.access.log main; | ||
42 | |||
43 | location / { | ||
44 | root /var/www/localhost/html; | ||
45 | index index.html index.htm; | ||
46 | } | ||
47 | |||
48 | #error_page 404 /404.html; | ||
49 | |||
50 | # redirect server error pages to the static page /50x.html | ||
51 | # | ||
52 | error_page 500 502 503 504 /50x.html; | ||
53 | location = /50x.html { | ||
54 | root /var/www/localhost/html; | ||
55 | } | ||
56 | |||
57 | # proxy the PHP scripts to Apache listening on 127.0.0.1:80 | ||
58 | # | ||
59 | #location ~ \.php$ { | ||
60 | # proxy_pass http://127.0.0.1; | ||
61 | #} | ||
62 | |||
63 | # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 | ||
64 | # | ||
65 | #location ~ \.php$ { | ||
66 | # root html; | ||
67 | # fastcgi_pass 127.0.0.1:9000; | ||
68 | # fastcgi_index index.php; | ||
69 | # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; | ||
70 | # include fastcgi_params; | ||
71 | #} | ||
72 | |||
73 | # deny access to .htaccess files, if Apache's document root | ||
74 | # concurs with nginx's one | ||
75 | # | ||
76 | #location ~ /\.ht { | ||
77 | # deny all; | ||
78 | #} | ||
79 | } | ||
80 | |||
81 | |||
82 | # another virtual host using mix of IP-, name-, and port-based configuration | ||
83 | # | ||
84 | #server { | ||
85 | # listen 8000; | ||
86 | # listen somename:8080; | ||
87 | # server_name somename alias another.alias; | ||
88 | |||
89 | # location / { | ||
90 | # root html; | ||
91 | # index index.html index.htm; | ||
92 | # } | ||
93 | #} | ||
94 | |||
95 | |||
96 | # HTTPS server | ||
97 | # | ||
98 | #server { | ||
99 | # listen 443; | ||
100 | # server_name localhost; | ||
101 | |||
102 | # ssl on; | ||
103 | # ssl_certificate cert.pem; | ||
104 | # ssl_certificate_key cert.key; | ||
105 | |||
106 | # ssl_session_timeout 5m; | ||
107 | |||
108 | # ssl_protocols SSLv2 SSLv3 TLSv1; | ||
109 | # ssl_ciphers HIGH:!aNULL:!MD5; | ||
110 | # ssl_prefer_server_ciphers on; | ||
111 | |||
112 | # location / { | ||
113 | # root html; | ||
114 | # index index.html index.htm; | ||
115 | # } | ||
116 | #} | ||
117 | |||
118 | } | ||
diff --git a/meta-webserver/recipes-httpd/nginx/files/nginx.init b/meta-webserver/recipes-httpd/nginx/files/nginx.init new file mode 100755 index 000000000..0f38b9cdb --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/files/nginx.init | |||
@@ -0,0 +1,52 @@ | |||
1 | #! /bin/sh | ||
2 | PATH=/sbin:/bin:/usr/sbin:/usr/bin | ||
3 | DAEMON=/usr/sbin/nginx | ||
4 | NAME=nginx | ||
5 | DESC=nginx | ||
6 | PID=/var/run/nginx/nginx.pid | ||
7 | |||
8 | test -x $DAEMON || exit 0 | ||
9 | |||
10 | # Include nginx defaults if available | ||
11 | if [ -f /etc/default/nginx ] ; then | ||
12 | . /etc/default/nginx | ||
13 | fi | ||
14 | |||
15 | set -e | ||
16 | |||
17 | case "$1" in | ||
18 | start) | ||
19 | echo -n "Starting $DESC: " | ||
20 | start-stop-daemon --start --quiet --pidfile $PID \ | ||
21 | --name $NAME --exec $DAEMON -- $DAEMON_OPTS | ||
22 | echo "$NAME." | ||
23 | ;; | ||
24 | stop) | ||
25 | echo -n "Stopping $DESC: " | ||
26 | start-stop-daemon -K --quiet --pidfile $PID \ | ||
27 | --name $NAME | ||
28 | echo "$NAME." | ||
29 | ;; | ||
30 | restart|force-reload) | ||
31 | echo -n "Restarting $DESC: " | ||
32 | start-stop-daemon -K --quiet --pidfile $PID \ | ||
33 | --name $NAME | ||
34 | sleep 1 | ||
35 | start-stop-daemon --start --quiet --pidfile $PID \ | ||
36 | --name $NAME --exec $DAEMON -- $DAEMON_OPTS | ||
37 | echo "$NAME." | ||
38 | ;; | ||
39 | reload) | ||
40 | echo -n "Reloading $DESC configuration: " | ||
41 | start-stop-daemon --stop --signal HUP --quiet --pidfile $PID \ | ||
42 | --exec $DAEMON | ||
43 | echo "$NAME." | ||
44 | ;; | ||
45 | *) | ||
46 | N=/etc/init.d/$NAME | ||
47 | echo "Usage: $N {start|stop|restart|force-reload}" >&2 | ||
48 | exit 1 | ||
49 | ;; | ||
50 | esac | ||
51 | |||
52 | exit 0 | ||
diff --git a/meta-webserver/recipes-httpd/nginx/nginx_1.4.4.bb b/meta-webserver/recipes-httpd/nginx/nginx_1.4.4.bb new file mode 100644 index 000000000..e78ed34dd --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/nginx_1.4.4.bb | |||
@@ -0,0 +1,117 @@ | |||
1 | SUMMARY = "HTTP and reverse proxy server" | ||
2 | |||
3 | DESCRIPTION = "Nginx is a web server and a reverse proxy server for \ | ||
4 | HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high \ | ||
5 | concurrency, performance and low memory usage." | ||
6 | |||
7 | HOMEPAGE = "http://nginx.org/" | ||
8 | LICENSE = "BSD-2-Clause" | ||
9 | LIC_FILES_CHKSUM = "file://LICENSE;md5=917bfdf005ffb6fd025550414ff05a9f" | ||
10 | SECTION = "net" | ||
11 | |||
12 | DEPENDS = "libpcre gzip openssl" | ||
13 | |||
14 | SRC_URI = " \ | ||
15 | http://nginx.org/download/nginx-${PV}.tar.gz \ | ||
16 | file://nginx-cross.patch \ | ||
17 | file://nginx.conf \ | ||
18 | file://nginx.init \ | ||
19 | file://nginx-volatile.conf \ | ||
20 | " | ||
21 | SRC_URI[md5sum] = "5dfaba1cbeae9087f3949860a02caa9f" | ||
22 | SRC_URI[sha256sum] = "7c989a58e5408c9593da0bebcd0e4ffc3d892d1316ba5042ddb0be5b0b4102b9" | ||
23 | |||
24 | inherit update-rc.d useradd | ||
25 | |||
26 | do_configure () { | ||
27 | if [ "${SITEINFO_BITS}" = "64" ]; then | ||
28 | PTRSIZE=8 | ||
29 | else | ||
30 | PTRSIZE=4 | ||
31 | fi | ||
32 | |||
33 | echo $CFLAGS | ||
34 | echo $LDFLAGS | ||
35 | |||
36 | ./configure \ | ||
37 | --crossbuild=Linux:${TUNE_ARCH} \ | ||
38 | --with-endian=${@base_conditional('SITEINFO_ENDIANNESS', 'le', 'little', 'big', d)} \ | ||
39 | --with-int=4 \ | ||
40 | --with-long=${PTRSIZE} \ | ||
41 | --with-long-long=8 \ | ||
42 | --with-ptr-size=${PTRSIZE} \ | ||
43 | --with-sig-atomic-t=${PTRSIZE} \ | ||
44 | --with-size-t=${PTRSIZE} \ | ||
45 | --with-off-t=${PTRSIZE} \ | ||
46 | --with-time-t=${PTRSIZE} \ | ||
47 | --with-sys-nerr=132 \ | ||
48 | --conf-path=${sysconfdir}/nginx/nginx.conf \ | ||
49 | --http-log-path=${localstatedir}/log/nginx/access.log \ | ||
50 | --error-log-path=${localstatedir}/log/nginx/error.log \ | ||
51 | --pid-path=/run/nginx/nginx.pid \ | ||
52 | --prefix=${prefix} \ | ||
53 | --with-http_ssl_module \ | ||
54 | --with-http_gzip_static_module | ||
55 | } | ||
56 | |||
57 | do_install () { | ||
58 | oe_runmake 'DESTDIR=${D}' install | ||
59 | rm -fr ${D}${localstatedir}/run ${D}/run | ||
60 | if ${@base_contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then | ||
61 | install -d ${D}${sysconfdir}/tmpfiles.d | ||
62 | echo "d /run/${BPN} - - - -" \ | ||
63 | > ${D}${sysconfdir}/tmpfiles.d/${BPN}.conf | ||
64 | fi | ||
65 | install -d ${D}${sysconfdir}/${BPN} | ||
66 | ln -snf ${localstatedir}/run/${BPN} ${D}${sysconfdir}/${BPN}/run | ||
67 | install -d ${D}${localstatedir}/www/localhost | ||
68 | mv ${D}/usr/html ${D}${localstatedir}/www/localhost/ | ||
69 | chown www:www-data -R ${D}${localstatedir} | ||
70 | |||
71 | install -d ${D}${sysconfdir}/init.d | ||
72 | install -m 0755 ${WORKDIR}/nginx.init ${D}${sysconfdir}/init.d/nginx | ||
73 | sed -i 's,/usr/sbin/,${sbindir}/,g' ${D}${sysconfdir}/init.d/nginx | ||
74 | sed -i 's,/etc/,${sysconfdir}/,g' ${D}${sysconfdir}/init.d/nginx | ||
75 | |||
76 | install -d ${D}${sysconfdir}/nginx | ||
77 | install -m 0644 ${WORKDIR}/nginx.conf ${D}${sysconfdir}/nginx/nginx.conf | ||
78 | sed -i 's,/var/,${localstatedir}/,g' ${D}${sysconfdir}/nginx/nginx.conf | ||
79 | install -d ${D}${sysconfdir}/nginx/sites-enabled | ||
80 | |||
81 | install -d ${D}${sysconfdir}/default/volatiles | ||
82 | install -m 0644 ${WORKDIR}/nginx-volatile.conf ${D}${sysconfdir}/default/volatiles/99_nginx | ||
83 | sed -i 's,/var/,${localstatedir}/,g' ${D}${sysconfdir}/default/volatiles/99_nginx | ||
84 | } | ||
85 | |||
86 | pkg_postinst_${PN} () { | ||
87 | if [ -z "$D" ]; then | ||
88 | if type systemd-tmpfiles >/dev/null; then | ||
89 | systemd-tmpfiles --create | ||
90 | elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then | ||
91 | ${sysconfdir}/init.d/populate-volatile.sh update | ||
92 | fi | ||
93 | fi | ||
94 | } | ||
95 | |||
96 | FILES_${PN} += "${localstatedir}/" | ||
97 | |||
98 | CONFFILES_${PN} = "${sysconfdir}/nginx/nginx.conf \ | ||
99 | ${sysconfdir}/nginx/fastcgi.conf\ | ||
100 | ${sysconfdir}/nginx/fastcgi_params \ | ||
101 | ${sysconfdir}/nginx/koi-utf \ | ||
102 | ${sysconfdir}/nginx/koi-win \ | ||
103 | ${sysconfdir}/nginx/mime.types \ | ||
104 | ${sysconfdir}/nginx/scgi_params \ | ||
105 | ${sysconfdir}/nginx/uwsgi_params \ | ||
106 | ${sysconfdir}/nginx/win-utf \ | ||
107 | " | ||
108 | |||
109 | INITSCRIPT_NAME = "nginx" | ||
110 | INITSCRIPT_PARAMS = "defaults 92 20" | ||
111 | |||
112 | USERADD_PACKAGES = "${PN}" | ||
113 | USERADD_PARAM_${PN} = " \ | ||
114 | --system --no-create-home \ | ||
115 | --home ${localstatedir}/www/localhost \ | ||
116 | --groups www-data \ | ||
117 | --user-group www" | ||
diff --git a/meta-webserver/recipes-httpd/nostromo/files/0001-GNUmakefile-add-possibility-to-override-variables.patch b/meta-webserver/recipes-httpd/nostromo/files/0001-GNUmakefile-add-possibility-to-override-variables.patch new file mode 100644 index 000000000..7cf011b1c --- /dev/null +++ b/meta-webserver/recipes-httpd/nostromo/files/0001-GNUmakefile-add-possibility-to-override-variables.patch | |||
@@ -0,0 +1,141 @@ | |||
1 | From 7fa0d31ec5c0be9dca84a03851b2d44f61527ec8 Mon Sep 17 00:00:00 2001 | ||
2 | From: =?UTF-8?q?Eric=20B=C3=A9nard?= <eric@eukrea.com> | ||
3 | Date: Sun, 4 Dec 2011 16:01:04 +0100 | ||
4 | Subject: [PATCH] GNUmakefile: add possibility to override variables | ||
5 | MIME-Version: 1.0 | ||
6 | Content-Type: text/plain; charset=UTF-8 | ||
7 | Content-Transfer-Encoding: 8bit | ||
8 | |||
9 | this is useful for cross compilation | ||
10 | |||
11 | Signed-off-by: Eric Bénard <eric@eukrea.com> | ||
12 | --- | ||
13 | Upstream-Status: Inappropriate [embedded specific] | ||
14 | src/libbsd/GNUmakefile | 10 +++++----- | ||
15 | src/libmy/GNUmakefile | 26 +++++++++++++------------- | ||
16 | src/nhttpd/GNUmakefile | 12 ++++++------ | ||
17 | src/tools/GNUmakefile | 8 ++++---- | ||
18 | 4 files changed, 28 insertions(+), 28 deletions(-) | ||
19 | |||
20 | diff --git a/src/libbsd/GNUmakefile b/src/libbsd/GNUmakefile | ||
21 | index e2d01a3..b034bc6 100644 | ||
22 | --- a/src/libbsd/GNUmakefile | ||
23 | +++ b/src/libbsd/GNUmakefile | ||
24 | @@ -1,12 +1,12 @@ | ||
25 | -CCFLAGS = -O2 -pipe -Wall -Werror -Wstrict-prototypes -c | ||
26 | +CFLAGS := -O2 -pipe -Wall -Werror -Wstrict-prototypes -c | ||
27 | |||
28 | libbsd.a: strlcpy.o strlcat.o | ||
29 | - ar -r libbsd.a strlcpy.o strlcat.o | ||
30 | - ranlib libbsd.a | ||
31 | + $(AR) -r libbsd.a strlcpy.o strlcat.o | ||
32 | + $(RANLIB) libbsd.a | ||
33 | |||
34 | strlcpy.o: strlcpy.c | ||
35 | - cc ${CCFLAGS} strlcpy.c | ||
36 | + $(CC) $(CFLAGS) strlcpy.c | ||
37 | strlcat.o: strlcat.c | ||
38 | - cc ${CCFLAGS} strlcat.c | ||
39 | + $(CC) $(CFLAGS) strlcat.c | ||
40 | clean: | ||
41 | rm -f libbsd.a *.o | ||
42 | diff --git a/src/libmy/GNUmakefile b/src/libmy/GNUmakefile | ||
43 | index ce90dd9..891ffea 100644 | ||
44 | --- a/src/libmy/GNUmakefile | ||
45 | +++ b/src/libmy/GNUmakefile | ||
46 | @@ -1,30 +1,30 @@ | ||
47 | -CCFLAGS = -O2 -Wall -Werror -Wstrict-prototypes -c | ||
48 | +CFLAGS := -O2 -Wall -Werror -Wstrict-prototypes -c | ||
49 | |||
50 | libmy.a: strcutl.o strcutw.o strcuts.o strcuti.o strcutf.o flog.o flogd.o fparse.o strlower.o strb64d.o | ||
51 | - ar -r libmy.a strcutl.o strcutw.o strcuts.o strcuti.o strcutf.o flog.o flogd.o fparse.o strlower.o strb64d.o | ||
52 | - ranlib libmy.a | ||
53 | + $(AR) -r libmy.a strcutl.o strcutw.o strcuts.o strcuti.o strcutf.o flog.o flogd.o fparse.o strlower.o strb64d.o | ||
54 | + $(RANLIB) libmy.a | ||
55 | |||
56 | strcutl.o: strcutl.c | ||
57 | - cc ${CCFLAGS} strcutl.c | ||
58 | + $(CC) $(CFLAGS) strcutl.c | ||
59 | strcutw.o: strcutw.c | ||
60 | - cc ${CCFLAGS} strcutw.c | ||
61 | + $(CC) $(CFLAGS) strcutw.c | ||
62 | strcuts.o: strcuts.c | ||
63 | - cc ${CCFLAGS} strcuts.c | ||
64 | + $(CC) $(CFLAGS) strcuts.c | ||
65 | strcuti.o: strcuti.c | ||
66 | - cc ${CCFLAGS} strcuti.c | ||
67 | + $(CC) $(CFLAGS) strcuti.c | ||
68 | strcutf.o: strcutf.c | ||
69 | - cc ${CCFLAGS} strcutf.c | ||
70 | + $(CC) $(CFLAGS) strcutf.c | ||
71 | strlower.o: strlower.c | ||
72 | - cc ${CCFLAGS} strlower.c | ||
73 | + $(CC) $(CFLAGS) strlower.c | ||
74 | strb64d.o: strb64d.c | ||
75 | - cc ${CCFLAGS} strb64d.c | ||
76 | + $(CC) $(CFLAGS) strb64d.c | ||
77 | |||
78 | flog.o: flog.c | ||
79 | - cc ${CCFLAGS} flog.c | ||
80 | + $(CC) $(CFLAGS) flog.c | ||
81 | flogd.o: flogd.c | ||
82 | - cc ${CCFLAGS} flogd.c | ||
83 | + $(CC) $(CFLAGS) flogd.c | ||
84 | fparse.o: fparse.c | ||
85 | - cc ${CCFLAGS} fparse.c | ||
86 | + $(CC) $(CFLAGS) fparse.c | ||
87 | |||
88 | clean: | ||
89 | rm -f libmy.a *.o | ||
90 | diff --git a/src/nhttpd/GNUmakefile b/src/nhttpd/GNUmakefile | ||
91 | index f6d12de..9524911 100644 | ||
92 | --- a/src/nhttpd/GNUmakefile | ||
93 | +++ b/src/nhttpd/GNUmakefile | ||
94 | @@ -1,18 +1,18 @@ | ||
95 | -CCFLAGS = -O2 -pipe -Wall -Wstrict-prototypes -c | ||
96 | +CFLAGS := -O2 -pipe -Wall -Wstrict-prototypes -c | ||
97 | |||
98 | nhttpd: main.o http.o sys.o | ||
99 | - cc -L../libmy -L../libbsd -o nhttpd main.o http.o sys.o -lmy -lbsd -lssl -lcrypt | ||
100 | - strip nhttpd | ||
101 | + $(CC) -L../libmy -L../libbsd -o nhttpd main.o http.o sys.o -lmy -lbsd -lssl -lcrypt | ||
102 | +# $(STRIP) nhttpd | ||
103 | nroff -Tascii -c -mandoc nhttpd.8 > nhttpd.cat8 | ||
104 | |||
105 | main.o: main.c | ||
106 | - cc ${CCFLAGS} main.c | ||
107 | + $(CC) $(CFLAGS) main.c | ||
108 | |||
109 | http.o: http.c | ||
110 | - cc ${CCFLAGS} http.c | ||
111 | + $(CC) $(CFLAGS) http.c | ||
112 | |||
113 | sys.o: sys.c | ||
114 | - cc ${CCFLAGS} sys.c | ||
115 | + $(CC) $(CFLAGS) sys.c | ||
116 | |||
117 | clean: | ||
118 | rm -f nhttpd nhttpd.cat8 *.o | ||
119 | diff --git a/src/tools/GNUmakefile b/src/tools/GNUmakefile | ||
120 | index 15bea61..663ddb5 100644 | ||
121 | --- a/src/tools/GNUmakefile | ||
122 | +++ b/src/tools/GNUmakefile | ||
123 | @@ -1,11 +1,11 @@ | ||
124 | -CCFLAGS = -O2 -pipe -Wall -Werror -Wstrict-prototypes -c | ||
125 | +CCFLAGS := -O2 -pipe -Wall -Werror -Wstrict-prototypes | ||
126 | |||
127 | crypt: crypt.o | ||
128 | - cc -o crypt crypt.o -lcrypt | ||
129 | - strip crypt | ||
130 | + $(CC) $(CFLAGS) -o crypt crypt.o -lcrypt | ||
131 | +# $(STRIP) crypt | ||
132 | |||
133 | crypt.o: crypt.c | ||
134 | - cc ${CCFLAGS} crypt.c | ||
135 | + $(CC) $(CFLAGS) -c crypt.c | ||
136 | |||
137 | clean: | ||
138 | rm -f crypt *.o | ||
139 | -- | ||
140 | 1.7.6.4 | ||
141 | |||
diff --git a/meta-webserver/recipes-httpd/nostromo/files/nhttpd.conf b/meta-webserver/recipes-httpd/nostromo/files/nhttpd.conf new file mode 100644 index 000000000..6674bb696 --- /dev/null +++ b/meta-webserver/recipes-httpd/nostromo/files/nhttpd.conf | |||
@@ -0,0 +1,55 @@ | |||
1 | # MAIN [MANDATORY] | ||
2 | |||
3 | servername localhost | ||
4 | #servername www.nazgul.ch:8080 | ||
5 | serverlisten * | ||
6 | #serverlisten 81.221.21.250 127.0.0.1 ::1 | ||
7 | serveradmin webmaster@localhost | ||
8 | serverroot /var/nostromo | ||
9 | servermimes /var/nostromo/conf/mimes | ||
10 | docroot /var/nostromo/htdocs | ||
11 | docindex index.html | ||
12 | |||
13 | # LOGS [OPTIONAL] | ||
14 | |||
15 | logpid /var/run/nostromo/nhttpd.pid | ||
16 | #logaccess /var/log/nostromo/access_log | ||
17 | |||
18 | # SETUID [RECOMMENDED] | ||
19 | |||
20 | user www-data | ||
21 | |||
22 | # BASIC AUTHENTICATION [OPTIONAL] | ||
23 | |||
24 | #htaccess .htaccess | ||
25 | #htpasswd /var/nostromo/conf/.htpasswd | ||
26 | #htpasswd +bsdauth | ||
27 | #htpasswd +bsdauthnossl | ||
28 | |||
29 | # SSL [OPTIONAL] | ||
30 | |||
31 | #sslport 443 | ||
32 | #sslcert /etc/ssl/server.crt | ||
33 | #sslcertkey /etc/ssl/server.key | ||
34 | |||
35 | # CUSTOM RESPONSES [OPTIONAL] | ||
36 | # | ||
37 | # The custom responses are searched in the corresponding document root. | ||
38 | |||
39 | #custom_401 custom_401.html | ||
40 | #custom_403 custom_403.html | ||
41 | #custom_404 custom_404.html | ||
42 | |||
43 | # ALIASES [OPTIONAL] | ||
44 | |||
45 | /icons /var/nostromo/icons | ||
46 | |||
47 | # VIRTUAL HOSTS [OPTIONAL] | ||
48 | |||
49 | #www.rahel.ch /var/nostromo/htdocs/www.rahel.ch | ||
50 | #www.rahel.ch:8080 /var/nostromo/htdocs/www.rahel.ch | ||
51 | |||
52 | # HOMEDIRS [OPTIONAL] | ||
53 | |||
54 | #homedirs /home | ||
55 | #homedirs_public public_www | ||
diff --git a/meta-webserver/recipes-httpd/nostromo/files/nostromo b/meta-webserver/recipes-httpd/nostromo/files/nostromo new file mode 100644 index 000000000..8a2886882 --- /dev/null +++ b/meta-webserver/recipes-httpd/nostromo/files/nostromo | |||
@@ -0,0 +1,34 @@ | |||
1 | #!/bin/sh | ||
2 | |||
3 | PATH=/sbin:/bin:/usr/sbin:/usr/bin | ||
4 | DAEMON=nhttpd | ||
5 | NAME=nhttpd | ||
6 | DESC="Nostromo Web Server" | ||
7 | OPTS="-c /etc/nhttpd.conf" | ||
8 | |||
9 | case "$1" in | ||
10 | start) | ||
11 | echo -n "Starting $DESC: " | ||
12 | start-stop-daemon --start -x "$DAEMON" -- $OPTS | ||
13 | echo "$NAME." | ||
14 | ;; | ||
15 | stop) | ||
16 | echo -n "Stopping $DESC: " | ||
17 | start-stop-daemon --stop -x "$DAEMON" | ||
18 | echo "$NAME." | ||
19 | ;; | ||
20 | restart|force-reload) | ||
21 | echo -n "Restarting $DESC: " | ||
22 | start-stop-daemon --stop -x "$DAEMON" | ||
23 | sleep 1 | ||
24 | start-stop-daemon --start -x "$DAEMON" -- $OPTS | ||
25 | echo "$NAME." | ||
26 | ;; | ||
27 | *) | ||
28 | N=/etc/init.d/$NAME | ||
29 | echo "Usage: $N {start|stop|restart|force-reload}" >&2 | ||
30 | exit 1 | ||
31 | ;; | ||
32 | esac | ||
33 | |||
34 | exit 0 | ||
diff --git a/meta-webserver/recipes-httpd/nostromo/files/tmpfiles.conf b/meta-webserver/recipes-httpd/nostromo/files/tmpfiles.conf new file mode 100644 index 000000000..b7a9f4886 --- /dev/null +++ b/meta-webserver/recipes-httpd/nostromo/files/tmpfiles.conf | |||
@@ -0,0 +1 @@ | |||
d /run/nostromo - www-data www-data - | |||
diff --git a/meta-webserver/recipes-httpd/nostromo/files/volatiles b/meta-webserver/recipes-httpd/nostromo/files/volatiles new file mode 100644 index 000000000..40924960c --- /dev/null +++ b/meta-webserver/recipes-httpd/nostromo/files/volatiles | |||
@@ -0,0 +1,2 @@ | |||
1 | d www-data www-data 0775 /var/run/nostromo none | ||
2 | d www-data www-data 0775 /var/log/nostromo none | ||
diff --git a/meta-webserver/recipes-httpd/nostromo/nostromo_1.9.5.bb b/meta-webserver/recipes-httpd/nostromo/nostromo_1.9.5.bb new file mode 100644 index 000000000..fe860ec9a --- /dev/null +++ b/meta-webserver/recipes-httpd/nostromo/nostromo_1.9.5.bb | |||
@@ -0,0 +1,69 @@ | |||
1 | SUMMARY = "A simple, fast and secure HTTP server" | ||
2 | HOMEPAGE = "http://www.nazgul.ch/dev_nostromo.html" | ||
3 | LICENSE = "MIT" | ||
4 | LIC_FILES_CHKSUM = "file://src/nhttpd/main.c;beginline=2;endline=14;md5=e5ec3fa723b29b7d59d205afd8d36938" | ||
5 | |||
6 | SRC_URI = "http://www.nazgul.ch/dev/${BPN}-${PV}.tar.gz \ | ||
7 | file://0001-GNUmakefile-add-possibility-to-override-variables.patch \ | ||
8 | file://nhttpd.conf \ | ||
9 | file://volatiles \ | ||
10 | file://tmpfiles.conf \ | ||
11 | file://nostromo \ | ||
12 | " | ||
13 | |||
14 | SRC_URI[md5sum] = "dc6cfd6b5aae04c370c7f818fa7bde55" | ||
15 | SRC_URI[sha256sum] = "5f62578285e02449406b46cf06a7888fe3dc4a90bedf58cc18523bad62f6b914" | ||
16 | |||
17 | TARGET_CC_ARCH += "${LDFLAGS}" | ||
18 | |||
19 | DEPENDS = "openssl" | ||
20 | |||
21 | inherit update-rc.d useradd | ||
22 | |||
23 | INITSCRIPT_NAME = "nostromo" | ||
24 | INITSCRIPT_PARAMS = "defaults 70" | ||
25 | |||
26 | do_compile() { | ||
27 | oe_runmake | ||
28 | } | ||
29 | |||
30 | # we need user/group www-data to exist when we install | ||
31 | # | ||
32 | USERADD_PACKAGES = "${PN}" | ||
33 | USERADD_PARAM_${PN} = "--system -g www-data www-data" | ||
34 | |||
35 | do_install() { | ||
36 | install -d ${D}/${sbindir} | ||
37 | install -m 0755 src/nhttpd/nhttpd ${D}/${sbindir}/nhttpd | ||
38 | install -m 0755 src/tools/crypt ${D}/${sbindir}/crypt | ||
39 | install -d ${D}/${mandir}/man8 | ||
40 | install -m 0444 src/nhttpd/nhttpd.8 ${D}/${mandir}/man8/nhttpd.8 | ||
41 | install -d ${D}${localstatedir}/nostromo/conf | ||
42 | install -d ${D}${localstatedir}/nostromo/htdocs/cgi-bin | ||
43 | install -d ${D}${localstatedir}/nostromo/icons | ||
44 | install -d ${D}${sysconfdir}/init.d | ||
45 | install -m 0644 conf/mimes ${D}${localstatedir}/nostromo/conf/mimes | ||
46 | install -m 0644 ${WORKDIR}/nhttpd.conf ${D}${sysconfdir} | ||
47 | install -m 0755 ${WORKDIR}/nostromo ${D}${sysconfdir}/init.d | ||
48 | install -D -m 0644 ${WORKDIR}/volatiles ${D}${sysconfdir}/default/volatiles/nostromo | ||
49 | if ${@base_contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then | ||
50 | install -D -m 0644 ${WORKDIR}/tmpfiles.conf ${D}${sysconfdir}/tmpfiles.d/nostromo.conf | ||
51 | fi | ||
52 | install -m 0644 htdocs/index.html ${D}${localstatedir}/nostromo/htdocs/index.html | ||
53 | install -m 0644 htdocs/nostromo.gif ${D}${localstatedir}/nostromo/htdocs/nostromo.gif | ||
54 | install -m 0644 icons/dir.gif ${D}${localstatedir}/nostromo/icons/dir.gif | ||
55 | install -m 0644 icons/file.gif ${D}${localstatedir}/nostromo/icons/file.gif | ||
56 | chown -R www-data:www-data ${D}/${localstatedir}/nostromo | ||
57 | } | ||
58 | |||
59 | CONFFILES_${PN} += "/var/nostromo/conf/mimes ${sysconfdir}/nhttpd.conf" | ||
60 | |||
61 | pkg_postinst_${PN} () { | ||
62 | if [ -z "$D" ]; then | ||
63 | if [ -e /sys/fs/cgroup/systemd ]; then | ||
64 | systemd-tmpfiles --create ${sysconfdir}/tmpfiles.d/nostromo.conf | ||
65 | elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then | ||
66 | ${sysconfdir}/init.d/populate-volatile.sh update | ||
67 | fi | ||
68 | fi | ||
69 | } | ||
diff --git a/meta-webserver/recipes-httpd/sthttpd/sthttpd/init b/meta-webserver/recipes-httpd/sthttpd/sthttpd/init new file mode 100644 index 000000000..f5f7b0124 --- /dev/null +++ b/meta-webserver/recipes-httpd/sthttpd/sthttpd/init | |||
@@ -0,0 +1,52 @@ | |||
1 | #!/bin/sh | ||
2 | |||
3 | ### BEGIN INIT INFO | ||
4 | # Provides: thttpd | ||
5 | # Required-Start: $remote_fs $syslog | ||
6 | # Required-Stop: $remote_fs $syslog | ||
7 | # Default-Start: 2 3 4 5 | ||
8 | # Default-Stop: 0 1 6 | ||
9 | # Short-Description: Small http server | ||
10 | # Description: thttpd is a simple, small, portable, fast, and secure HTTP server. | ||
11 | ### END INIT INFO | ||
12 | |||
13 | |||
14 | thttpd=/usr/sbin/thttpd | ||
15 | test -x "$thttpd" || exit 0 | ||
16 | |||
17 | |||
18 | case "$1" in | ||
19 | start) | ||
20 | echo -n "Starting thttpd" | ||
21 | start-stop-daemon --start --quiet --exec $thttpd -- -C @@CONFFILE | ||
22 | echo "." | ||
23 | ;; | ||
24 | stop) | ||
25 | echo -n "Stopping thttpd" | ||
26 | start-stop-daemon --stop --quiet --exec $thttpd | ||
27 | echo "." | ||
28 | ;; | ||
29 | reload|force-reload) | ||
30 | start-stop-daemon --stop --quiet --signal 1 --exec $thttpd | ||
31 | ;; | ||
32 | restart) | ||
33 | echo -n "Stopping thttpd" | ||
34 | start-stop-daemon --stop --quiet --exec $thttpd -- -C @@CONFFILE | ||
35 | echo "." | ||
36 | echo -n "Waiting for thttpd to die off" | ||
37 | for i in 1 2 3 ; | ||
38 | do | ||
39 | sleep 1 | ||
40 | echo -n "." | ||
41 | done | ||
42 | echo "" | ||
43 | echo -n "Starting thttpd" | ||
44 | start-stop-daemon --start --quiet --exec $thttpd -- -C @@CONFFILE | ||
45 | echo "." | ||
46 | ;; | ||
47 | *) | ||
48 | echo "Usage: /etc/init.d/thttpd {start|stop|reload|restart|force-reload}" | ||
49 | exit 1 | ||
50 | esac | ||
51 | |||
52 | exit 0 | ||
diff --git a/meta-webserver/recipes-httpd/sthttpd/sthttpd/thttpd.conf b/meta-webserver/recipes-httpd/sthttpd/sthttpd/thttpd.conf new file mode 100644 index 000000000..397984f36 --- /dev/null +++ b/meta-webserver/recipes-httpd/sthttpd/sthttpd/thttpd.conf | |||
@@ -0,0 +1 @@ | |||
dir=@@SRVDIR | |||
diff --git a/meta-webserver/recipes-httpd/sthttpd/sthttpd/thttpd.service b/meta-webserver/recipes-httpd/sthttpd/sthttpd/thttpd.service new file mode 100644 index 000000000..f1095007c --- /dev/null +++ b/meta-webserver/recipes-httpd/sthttpd/sthttpd/thttpd.service | |||
@@ -0,0 +1,10 @@ | |||
1 | [Unit] | ||
2 | Description=Tiny/Turbo/Throttling Web Server | ||
3 | |||
4 | [Service] | ||
5 | Type=forking | ||
6 | ExecStart=/usr/sbin/thttpd -C @@CONFFILE -c cgi-bin/* -i /var/run/thttpd.pid | ||
7 | PIDFile=/var/run/thttpd.pid | ||
8 | |||
9 | [Install] | ||
10 | WantedBy=multi-user.target | ||
diff --git a/meta-webserver/recipes-httpd/sthttpd/sthttpd_2.26.4.bb b/meta-webserver/recipes-httpd/sthttpd/sthttpd_2.26.4.bb new file mode 100644 index 000000000..703492167 --- /dev/null +++ b/meta-webserver/recipes-httpd/sthttpd/sthttpd_2.26.4.bb | |||
@@ -0,0 +1,45 @@ | |||
1 | SUMMARY = "A simple, small, portable, fast, and secure HTTP server" | ||
2 | DESCRIPTION = "A simple, small, portable, fast, and secure HTTP server (supported fork of thttpd)." | ||
3 | HOMEPAGE = "http://opensource.dyc.edu/sthttpd" | ||
4 | LICENSE = "BSD-2-Clause" | ||
5 | LIC_FILES_CHKSUM = "file://src/thttpd.c;beginline=1;endline=26;md5=0c5762c2c34dcbe9eb18815516502872" | ||
6 | |||
7 | SRC_URI = "http://opensource.dyc.edu/pub/sthttpd/sthttpd-${PV}.tar.gz \ | ||
8 | file://thttpd.service \ | ||
9 | file://thttpd.conf \ | ||
10 | file://init" | ||
11 | |||
12 | SRC_URI[md5sum] = "e645a85a97d3cb883011a35bc2211815" | ||
13 | SRC_URI[sha256sum] = "78e87979140cbda123c81b4051552242dbbffb5dec1a17e5f95ec4826b1eaddb" | ||
14 | |||
15 | S = "${WORKDIR}/sthttpd-${PV}" | ||
16 | |||
17 | inherit autotools update-rc.d systemd | ||
18 | |||
19 | SRV_DIR ?= "${servicedir}/www" | ||
20 | |||
21 | EXTRA_OEMAKE += "'WEBDIR=${SRV_DIR}'" | ||
22 | |||
23 | do_install_append () { | ||
24 | install -d ${D}${sysconfdir}/init.d | ||
25 | install -c -m 755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/thttpd | ||
26 | install -c -m 755 ${WORKDIR}/thttpd.conf ${D}${sysconfdir} | ||
27 | sed -i -e 's,@@CONFFILE,${sysconfdir}/thttpd.conf,g' ${D}${sysconfdir}/init.d/thttpd | ||
28 | sed -i -e 's,@@SRVDIR,${SRV_DIR},g' ${D}${sysconfdir}/thttpd.conf | ||
29 | sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${sysconfdir}/init.d/thttpd | ||
30 | |||
31 | install -d ${D}${systemd_unitdir}/system | ||
32 | install -m 0644 ${WORKDIR}/thttpd.service ${D}${systemd_unitdir}/system | ||
33 | sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${systemd_unitdir}/system/thttpd.service | ||
34 | sed -i 's!/var/!${localstatedir}/!g' ${D}${systemd_unitdir}/system/thttpd.service | ||
35 | sed -i -e 's,@@CONFFILE,${sysconfdir}/thttpd.conf,g' ${D}${systemd_unitdir}/system/thttpd.service | ||
36 | } | ||
37 | |||
38 | INITSCRIPT_NAME = "thttpd" | ||
39 | INITSCRIPT_PARAMS = "defaults" | ||
40 | |||
41 | SYSTEMD_SERVICE_${PN} = "thttpd.service" | ||
42 | |||
43 | FILES_${PN} += "${SRV_DIR}" | ||
44 | FILES_${PN}-dbg += "${SRV_DIR}/cgi-bin/.debug" | ||
45 | |||
diff --git a/meta-webserver/recipes-php/modphp/files/0001-using-pkgconfig-to-check-libxml.patch b/meta-webserver/recipes-php/modphp/files/0001-using-pkgconfig-to-check-libxml.patch new file mode 100644 index 000000000..bab5ff2dc --- /dev/null +++ b/meta-webserver/recipes-php/modphp/files/0001-using-pkgconfig-to-check-libxml.patch | |||
@@ -0,0 +1,74 @@ | |||
1 | [PATCH] using pkgconfig to check libxml | ||
2 | |||
3 | Upstream-Status: Pending | ||
4 | |||
5 | Use pkg-config for the libxml2 dependency, not the -config script. | ||
6 | |||
7 | Signed-off-by: Roy.Li <rongqing.li@windriver.com> | ||
8 | --- | ||
9 | acinclude.m4 | 48 ++++++------------------------------------------ | ||
10 | 1 file changed, 6 insertions(+), 42 deletions(-) | ||
11 | |||
12 | diff --git a/acinclude.m4 b/acinclude.m4 | ||
13 | index d348f57..9f691a5 100644 | ||
14 | --- a/acinclude.m4 | ||
15 | +++ b/acinclude.m4 | ||
16 | @@ -2530,49 +2530,13 @@ dnl | ||
17 | dnl Common setup macro for libxml | ||
18 | dnl | ||
19 | AC_DEFUN([PHP_SETUP_LIBXML], [ | ||
20 | -AC_CACHE_CHECK([for xml2-config path], ac_cv_php_xml2_config_path, | ||
21 | -[ | ||
22 | - for i in $PHP_LIBXML_DIR /usr/local /usr; do | ||
23 | - if test -x "$i/bin/xml2-config"; then | ||
24 | - ac_cv_php_xml2_config_path="$i/bin/xml2-config" | ||
25 | - break | ||
26 | - fi | ||
27 | - done | ||
28 | -]) | ||
29 | + PKG_CHECK_MODULES(PKG_XML2, [libxml-2.0],,) | ||
30 | + if test "x$PKG_XML2_CFLAGS" != "x"; then | ||
31 | + PHP_EVAL_INCLINE($PKG_XML2_CFLAGS, $1) | ||
32 | + PHP_EVAL_LIBLINE($PKG_XML2_LIBS) | ||
33 | + AC_DEFINE(HAVE_LIBXML, 1, [ ]) | ||
34 | + $2 | ||
35 | |||
36 | - if test -x "$ac_cv_php_xml2_config_path"; then | ||
37 | - XML2_CONFIG="$ac_cv_php_xml2_config_path" | ||
38 | - libxml_full_version=`$XML2_CONFIG --version` | ||
39 | - ac_IFS=$IFS | ||
40 | - IFS="." | ||
41 | - set $libxml_full_version | ||
42 | - IFS=$ac_IFS | ||
43 | - LIBXML_VERSION=`expr [$]1 \* 1000000 + [$]2 \* 1000 + [$]3` | ||
44 | - if test "$LIBXML_VERSION" -ge "2006011"; then | ||
45 | - LIBXML_LIBS=`$XML2_CONFIG --libs` | ||
46 | - LIBXML_INCS=`$XML2_CONFIG --cflags` | ||
47 | - PHP_EVAL_LIBLINE($LIBXML_LIBS, $1) | ||
48 | - PHP_EVAL_INCLINE($LIBXML_INCS) | ||
49 | - | ||
50 | - dnl Check that build works with given libs | ||
51 | - AC_CACHE_CHECK(whether libxml build works, php_cv_libxml_build_works, [ | ||
52 | - PHP_TEST_BUILD(xmlInitParser, | ||
53 | - [ | ||
54 | - php_cv_libxml_build_works=yes | ||
55 | - ], [ | ||
56 | - AC_MSG_RESULT(no) | ||
57 | - AC_MSG_ERROR([build test failed. Please check the config.log for details.]) | ||
58 | - ], [ | ||
59 | - [$]$1 | ||
60 | - ]) | ||
61 | - ]) | ||
62 | - if test "$php_cv_libxml_build_works" = "yes"; then | ||
63 | - AC_DEFINE(HAVE_LIBXML, 1, [ ]) | ||
64 | - fi | ||
65 | - $2 | ||
66 | - else | ||
67 | - AC_MSG_ERROR([libxml2 version 2.6.11 or greater required.]) | ||
68 | - fi | ||
69 | ifelse([$3],[],,[else $3]) | ||
70 | fi | ||
71 | ]) | ||
72 | -- | ||
73 | 1.9.1 | ||
74 | |||
diff --git a/meta-webserver/recipes-php/modphp/files/70_mod_php5.conf b/meta-webserver/recipes-php/modphp/files/70_mod_php5.conf new file mode 100644 index 000000000..1de6fb11a --- /dev/null +++ b/meta-webserver/recipes-php/modphp/files/70_mod_php5.conf | |||
@@ -0,0 +1,12 @@ | |||
1 | # vim: ft=apache sw=4 ts=4 | ||
2 | <IfDefine PHP5> | ||
3 | # Load the module first | ||
4 | <IfModule !sapi_apache2.c> | ||
5 | LoadModule php5_module lib/apache2/modules/libphp5.so | ||
6 | </IfModule> | ||
7 | |||
8 | # Set it to handle the files | ||
9 | AddHandler php5-script .php .phtml .php3 .php4 .php5 | ||
10 | AddType application/x-httpd-php-source .phps | ||
11 | DirectoryIndex index.html index.html.var index.php index.phtml | ||
12 | </IfDefine> | ||
diff --git a/meta-webserver/recipes-php/modphp/files/configure.patch b/meta-webserver/recipes-php/modphp/files/configure.patch new file mode 100644 index 000000000..c5334c706 --- /dev/null +++ b/meta-webserver/recipes-php/modphp/files/configure.patch | |||
@@ -0,0 +1,11 @@ | |||
1 | --- php-5.1.6/configure.old 2006-09-12 07:54:14.000000000 -0700 | ||
2 | +++ php-5.1.6/configure 2006-09-12 07:54:37.000000000 -0700 | ||
3 | @@ -14715,8 +14715,6 @@ | ||
4 | |||
5 | |||
6 | |||
7 | - unset ac_cv_func_dlopen | ||
8 | - unset ac_cv_func___dlopen | ||
9 | unset found | ||
10 | |||
11 | echo $ac_n "checking for dlopen""... $ac_c" 1>&6 | ||
diff --git a/meta-webserver/recipes-php/modphp/files/php-CVE-2014-3587.patch b/meta-webserver/recipes-php/modphp/files/php-CVE-2014-3587.patch new file mode 100644 index 000000000..e1c40f244 --- /dev/null +++ b/meta-webserver/recipes-php/modphp/files/php-CVE-2014-3587.patch | |||
@@ -0,0 +1,31 @@ | |||
1 | modphp: Security Advisory - php - CVE-2014-3587 | ||
2 | |||
3 | Upstream-Status: Backport | ||
4 | |||
5 | Signed-off-by: Yue Tao <yue.tao@windriver.com> | ||
6 | |||
7 | From 7ba1409a1aee5925180de546057ddd84ff267947 Mon Sep 17 00:00:00 2001 | ||
8 | From: Remi Collet <rcollet@redhat.com> | ||
9 | Date: Thu, 14 Aug 2014 17:19:03 -0700 | ||
10 | Subject: [PATCH] Fix bug #67716 - Segfault in cdf.c | ||
11 | |||
12 | --- | ||
13 | ext/fileinfo/libmagic/cdf.c | 2 +- | ||
14 | 2 files changed, 2 insertions(+), 1 deletion(-) | ||
15 | |||
16 | diff --git a/ext/fileinfo/libmagic/cdf.c b/ext/fileinfo/libmagic/cdf.c | ||
17 | index 429f3b9..2c0a2d9 100644 | ||
18 | --- a/ext/fileinfo/libmagic/cdf.c | ||
19 | +++ b/ext/fileinfo/libmagic/cdf.c | ||
20 | @@ -820,7 +820,7 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, | ||
21 | q = (const uint8_t *)(const void *) | ||
22 | ((const char *)(const void *)p + ofs | ||
23 | - 2 * sizeof(uint32_t)); | ||
24 | - if (q > e) { | ||
25 | + if (q < p || q > e) { | ||
26 | DPRINTF(("Ran of the end %p > %p\n", q, e)); | ||
27 | goto out; | ||
28 | } | ||
29 | -- | ||
30 | 1.7.9.5 | ||
31 | |||
diff --git a/meta-webserver/recipes-php/modphp/files/php-CVE-2014-3597.patch b/meta-webserver/recipes-php/modphp/files/php-CVE-2014-3597.patch new file mode 100644 index 000000000..73f4e32c6 --- /dev/null +++ b/meta-webserver/recipes-php/modphp/files/php-CVE-2014-3597.patch | |||
@@ -0,0 +1,282 @@ | |||
1 | modphp: Security Advisory - php - CVE-2014-3597 | ||
2 | |||
3 | Upstream-Status: Backport | ||
4 | |||
5 | Signed-off-by: Yue Tao <yue.tao@windriver.com> | ||
6 | |||
7 | From 2fefae47716d501aec41c1102f3fd4531f070b05 Mon Sep 17 00:00:00 2001 | ||
8 | From: Remi Collet <remi@php.net> | ||
9 | Date: Tue, 19 Aug 2014 08:33:49 +0200 | ||
10 | Subject: [PATCH] Fixed Sec Bug #67717 segfault in dns_get_record | ||
11 | CVE-2014-3597 | ||
12 | |||
13 | Incomplete fix for CVE-2014-4049 | ||
14 | |||
15 | Check possible buffer overflow | ||
16 | - pass real buffer end to dn_expand calls | ||
17 | - check buffer len before each read | ||
18 | --- | ||
19 | ext/standard/dns.c | 84 +++++++++++++++++++++++++++++++++++++--------------- | ||
20 | 1 file changed, 60 insertions(+), 24 deletions(-) | ||
21 | |||
22 | diff --git a/ext/standard/dns.c b/ext/standard/dns.c | ||
23 | index 214a7dc..0b5e69c 100644 | ||
24 | --- a/ext/standard/dns.c | ||
25 | +++ b/ext/standard/dns.c | ||
26 | @@ -412,8 +412,14 @@ PHP_FUNCTION(dns_check_record) | ||
27 | |||
28 | #if HAVE_FULL_DNS_FUNCS | ||
29 | |||
30 | +#define CHECKCP(n) do { \ | ||
31 | + if (cp + n > end) { \ | ||
32 | + return NULL; \ | ||
33 | + } \ | ||
34 | +} while (0) | ||
35 | + | ||
36 | /* {{{ php_parserr */ | ||
37 | -static u_char *php_parserr(u_char *cp, querybuf *answer, int type_to_fetch, int store, int raw, zval **subarray) | ||
38 | +static u_char *php_parserr(u_char *cp, u_char *end, querybuf *answer, int type_to_fetch, int store, int raw, zval **subarray) | ||
39 | { | ||
40 | u_short type, class, dlen; | ||
41 | u_long ttl; | ||
42 | @@ -425,16 +431,18 @@ static u_char *php_parserr(u_char *cp, querybuf *answer, int type_to_fetch, int | ||
43 | |||
44 | *subarray = NULL; | ||
45 | |||
46 | - n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, sizeof(name) - 2); | ||
47 | + n = dn_expand(answer->qb2, end, cp, name, sizeof(name) - 2); | ||
48 | if (n < 0) { | ||
49 | return NULL; | ||
50 | } | ||
51 | cp += n; | ||
52 | |||
53 | + CHECKCP(10); | ||
54 | GETSHORT(type, cp); | ||
55 | GETSHORT(class, cp); | ||
56 | GETLONG(ttl, cp); | ||
57 | GETSHORT(dlen, cp); | ||
58 | + CHECKCP(dlen); | ||
59 | if (type_to_fetch != T_ANY && type != type_to_fetch) { | ||
60 | cp += dlen; | ||
61 | return cp; | ||
62 | @@ -461,12 +469,14 @@ static u_char *php_parserr(u_char *cp, querybuf *answer, int type_to_fetch, int | ||
63 | |||
64 | switch (type) { | ||
65 | case DNS_T_A: | ||
66 | + CHECKCP(4); | ||
67 | add_assoc_string(*subarray, "type", "A", 1); | ||
68 | snprintf(name, sizeof(name), "%d.%d.%d.%d", cp[0], cp[1], cp[2], cp[3]); | ||
69 | add_assoc_string(*subarray, "ip", name, 1); | ||
70 | cp += dlen; | ||
71 | break; | ||
72 | case DNS_T_MX: | ||
73 | + CHECKCP(2); | ||
74 | add_assoc_string(*subarray, "type", "MX", 1); | ||
75 | GETSHORT(n, cp); | ||
76 | add_assoc_long(*subarray, "pri", n); | ||
77 | @@ -485,7 +495,7 @@ static u_char *php_parserr(u_char *cp, querybuf *answer, int type_to_fetch, int | ||
78 | if (type == DNS_T_PTR) { | ||
79 | add_assoc_string(*subarray, "type", "PTR", 1); | ||
80 | } | ||
81 | - n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) - 2); | ||
82 | + n = dn_expand(answer->qb2, end, cp, name, (sizeof name) - 2); | ||
83 | if (n < 0) { | ||
84 | return NULL; | ||
85 | } | ||
86 | @@ -495,18 +505,22 @@ static u_char *php_parserr(u_char *cp, querybuf *answer, int type_to_fetch, int | ||
87 | case DNS_T_HINFO: | ||
88 | /* See RFC 1010 for values */ | ||
89 | add_assoc_string(*subarray, "type", "HINFO", 1); | ||
90 | + CHECKCP(1); | ||
91 | n = *cp & 0xFF; | ||
92 | cp++; | ||
93 | + CHECKCP(n); | ||
94 | add_assoc_stringl(*subarray, "cpu", (char*)cp, n, 1); | ||
95 | cp += n; | ||
96 | + CHECKCP(1); | ||
97 | n = *cp & 0xFF; | ||
98 | cp++; | ||
99 | + CHECKCP(n); | ||
100 | add_assoc_stringl(*subarray, "os", (char*)cp, n, 1); | ||
101 | cp += n; | ||
102 | break; | ||
103 | case DNS_T_TXT: | ||
104 | { | ||
105 | - int ll = 0; | ||
106 | + int l1 = 0, l2 = 0; | ||
107 | zval *entries = NULL; | ||
108 | |||
109 | add_assoc_string(*subarray, "type", "TXT", 1); | ||
110 | @@ -515,37 +529,41 @@ static u_char *php_parserr(u_char *cp, querybuf *answer, int type_to_fetch, int | ||
111 | MAKE_STD_ZVAL(entries); | ||
112 | array_init(entries); | ||
113 | |||
114 | - while (ll < dlen) { | ||
115 | - n = cp[ll]; | ||
116 | - if ((ll + n) >= dlen) { | ||
117 | + while (l1 < dlen) { | ||
118 | + n = cp[l1]; | ||
119 | + if ((l1 + n) >= dlen) { | ||
120 | // Invalid chunk length, truncate | ||
121 | - n = dlen - (ll + 1); | ||
122 | + n = dlen - (l1 + 1); | ||
123 | + } | ||
124 | + if (n) { | ||
125 | + memcpy(tp + l2 , cp + l1 + 1, n); | ||
126 | + add_next_index_stringl(entries, cp + l1 + 1, n, 1); | ||
127 | } | ||
128 | - memcpy(tp + ll , cp + ll + 1, n); | ||
129 | - add_next_index_stringl(entries, cp + ll + 1, n, 1); | ||
130 | - ll = ll + n + 1; | ||
131 | + l1 = l1 + n + 1; | ||
132 | + l2 = l2 + n; | ||
133 | } | ||
134 | - tp[dlen] = '\0'; | ||
135 | + tp[l2] = '\0'; | ||
136 | cp += dlen; | ||
137 | |||
138 | - add_assoc_stringl(*subarray, "txt", tp, (dlen>0)?dlen - 1:0, 0); | ||
139 | + add_assoc_stringl(*subarray, "txt", tp, l2, 0); | ||
140 | add_assoc_zval(*subarray, "entries", entries); | ||
141 | } | ||
142 | break; | ||
143 | case DNS_T_SOA: | ||
144 | add_assoc_string(*subarray, "type", "SOA", 1); | ||
145 | - n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) -2); | ||
146 | + n = dn_expand(answer->qb2, end, cp, name, (sizeof name) -2); | ||
147 | if (n < 0) { | ||
148 | return NULL; | ||
149 | } | ||
150 | cp += n; | ||
151 | add_assoc_string(*subarray, "mname", name, 1); | ||
152 | - n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) -2); | ||
153 | + n = dn_expand(answer->qb2, end, cp, name, (sizeof name) -2); | ||
154 | if (n < 0) { | ||
155 | return NULL; | ||
156 | } | ||
157 | cp += n; | ||
158 | add_assoc_string(*subarray, "rname", name, 1); | ||
159 | + CHECKCP(5*4); | ||
160 | GETLONG(n, cp); | ||
161 | add_assoc_long(*subarray, "serial", n); | ||
162 | GETLONG(n, cp); | ||
163 | @@ -559,6 +577,7 @@ static u_char *php_parserr(u_char *cp, querybuf *answer, int type_to_fetch, int | ||
164 | break; | ||
165 | case DNS_T_AAAA: | ||
166 | tp = (u_char*)name; | ||
167 | + CHECKCP(8*2); | ||
168 | for(i=0; i < 8; i++) { | ||
169 | GETSHORT(s, cp); | ||
170 | if (s != 0) { | ||
171 | @@ -593,6 +612,7 @@ static u_char *php_parserr(u_char *cp, querybuf *answer, int type_to_fetch, int | ||
172 | case DNS_T_A6: | ||
173 | p = cp; | ||
174 | add_assoc_string(*subarray, "type", "A6", 1); | ||
175 | + CHECKCP(1); | ||
176 | n = ((int)cp[0]) & 0xFF; | ||
177 | cp++; | ||
178 | add_assoc_long(*subarray, "masklen", n); | ||
179 | @@ -628,6 +648,7 @@ static u_char *php_parserr(u_char *cp, querybuf *answer, int type_to_fetch, int | ||
180 | cp++; | ||
181 | } | ||
182 | for (i = (n + 8) / 16; i < 8; i++) { | ||
183 | + CHECKCP(2); | ||
184 | GETSHORT(s, cp); | ||
185 | if (s != 0) { | ||
186 | if (tp > (u_char *)name) { | ||
187 | @@ -657,7 +678,7 @@ static u_char *php_parserr(u_char *cp, querybuf *answer, int type_to_fetch, int | ||
188 | tp[0] = '\0'; | ||
189 | add_assoc_string(*subarray, "ipv6", name, 1); | ||
190 | if (cp < p + dlen) { | ||
191 | - n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) - 2); | ||
192 | + n = dn_expand(answer->qb2, end, cp, name, (sizeof name) - 2); | ||
193 | if (n < 0) { | ||
194 | return NULL; | ||
195 | } | ||
196 | @@ -666,6 +687,7 @@ static u_char *php_parserr(u_char *cp, querybuf *answer, int type_to_fetch, int | ||
197 | } | ||
198 | break; | ||
199 | case DNS_T_SRV: | ||
200 | + CHECKCP(3*2); | ||
201 | add_assoc_string(*subarray, "type", "SRV", 1); | ||
202 | GETSHORT(n, cp); | ||
203 | add_assoc_long(*subarray, "pri", n); | ||
204 | @@ -673,7 +695,7 @@ static u_char *php_parserr(u_char *cp, querybuf *answer, int type_to_fetch, int | ||
205 | add_assoc_long(*subarray, "weight", n); | ||
206 | GETSHORT(n, cp); | ||
207 | add_assoc_long(*subarray, "port", n); | ||
208 | - n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) - 2); | ||
209 | + n = dn_expand(answer->qb2, end, cp, name, (sizeof name) - 2); | ||
210 | if (n < 0) { | ||
211 | return NULL; | ||
212 | } | ||
213 | @@ -681,21 +703,35 @@ static u_char *php_parserr(u_char *cp, querybuf *answer, int type_to_fetch, int | ||
214 | add_assoc_string(*subarray, "target", name, 1); | ||
215 | break; | ||
216 | case DNS_T_NAPTR: | ||
217 | + CHECKCP(2*2); | ||
218 | add_assoc_string(*subarray, "type", "NAPTR", 1); | ||
219 | GETSHORT(n, cp); | ||
220 | add_assoc_long(*subarray, "order", n); | ||
221 | GETSHORT(n, cp); | ||
222 | add_assoc_long(*subarray, "pref", n); | ||
223 | + | ||
224 | + CHECKCP(1); | ||
225 | n = (cp[0] & 0xFF); | ||
226 | - add_assoc_stringl(*subarray, "flags", (char*)++cp, n, 1); | ||
227 | + cp++; | ||
228 | + CHECKCP(n); | ||
229 | + add_assoc_stringl(*subarray, "flags", (char*)cp, n, 1); | ||
230 | cp += n; | ||
231 | + | ||
232 | + CHECKCP(1); | ||
233 | n = (cp[0] & 0xFF); | ||
234 | - add_assoc_stringl(*subarray, "services", (char*)++cp, n, 1); | ||
235 | + cp++; | ||
236 | + CHECKCP(n); | ||
237 | + add_assoc_stringl(*subarray, "services", (char*)cp, n, 1); | ||
238 | cp += n; | ||
239 | + | ||
240 | + CHECKCP(1); | ||
241 | n = (cp[0] & 0xFF); | ||
242 | - add_assoc_stringl(*subarray, "regex", (char*)++cp, n, 1); | ||
243 | + cp++; | ||
244 | + CHECKCP(n); | ||
245 | + add_assoc_stringl(*subarray, "regex", (char*)cp, n, 1); | ||
246 | cp += n; | ||
247 | - n = dn_expand(answer->qb2, answer->qb2+65536, cp, name, (sizeof name) - 2); | ||
248 | + | ||
249 | + n = dn_expand(answer->qb2, end, cp, name, (sizeof name) - 2); | ||
250 | if (n < 0) { | ||
251 | return NULL; | ||
252 | } | ||
253 | @@ -888,7 +924,7 @@ PHP_FUNCTION(dns_get_record) | ||
254 | while (an-- && cp && cp < end) { | ||
255 | zval *retval; | ||
256 | |||
257 | - cp = php_parserr(cp, &answer, type_to_fetch, store_results, raw, &retval); | ||
258 | + cp = php_parserr(cp, end, &answer, type_to_fetch, store_results, raw, &retval); | ||
259 | if (retval != NULL && store_results) { | ||
260 | add_next_index_zval(return_value, retval); | ||
261 | } | ||
262 | @@ -901,7 +937,7 @@ PHP_FUNCTION(dns_get_record) | ||
263 | while (ns-- > 0 && cp && cp < end) { | ||
264 | zval *retval = NULL; | ||
265 | |||
266 | - cp = php_parserr(cp, &answer, DNS_T_ANY, authns != NULL, raw, &retval); | ||
267 | + cp = php_parserr(cp, end, &answer, DNS_T_ANY, authns != NULL, raw, &retval); | ||
268 | if (retval != NULL) { | ||
269 | add_next_index_zval(authns, retval); | ||
270 | } | ||
271 | @@ -913,7 +949,7 @@ PHP_FUNCTION(dns_get_record) | ||
272 | while (ar-- > 0 && cp && cp < end) { | ||
273 | zval *retval = NULL; | ||
274 | |||
275 | - cp = php_parserr(cp, &answer, DNS_T_ANY, 1, raw, &retval); | ||
276 | + cp = php_parserr(cp, end, &answer, DNS_T_ANY, 1, raw, &retval); | ||
277 | if (retval != NULL) { | ||
278 | add_next_index_zval(addtl, retval); | ||
279 | } | ||
280 | -- | ||
281 | 1.7.9.5 | ||
282 | |||
diff --git a/meta-webserver/recipes-php/modphp/files/php-CVE-2014-5120.patch b/meta-webserver/recipes-php/modphp/files/php-CVE-2014-5120.patch new file mode 100644 index 000000000..f2e23b3f0 --- /dev/null +++ b/meta-webserver/recipes-php/modphp/files/php-CVE-2014-5120.patch | |||
@@ -0,0 +1,35 @@ | |||
1 | modphp: Security Advisory - php - CVE-2014-5120 | ||
2 | |||
3 | Upstream-Status: Backport | ||
4 | |||
5 | Signed-off-by Yue Tao <yue.tao@windriver.com> | ||
6 | |||
7 | From 706aefb78112a44d4932d4c9430c6a898696f51f Mon Sep 17 00:00:00 2001 | ||
8 | From: Stanislav Malyshev <stas@php.net> | ||
9 | Date: Mon, 18 Aug 2014 22:49:10 -0700 | ||
10 | Subject: [PATCH] Fix bug #67730 - Null byte injection possible with imagexxx | ||
11 | functions | ||
12 | |||
13 | --- | ||
14 | ext/gd/gd_ctx.c | 5 +++++ | ||
15 | 2 files changed, 7 insertions(+) | ||
16 | |||
17 | diff --git a/ext/gd/gd_ctx.c b/ext/gd/gd_ctx.c | ||
18 | index bff691f..eafbab5 100644 | ||
19 | --- a/ext/gd/gd_ctx.c | ||
20 | +++ b/ext/gd/gd_ctx.c | ||
21 | @@ -124,6 +124,11 @@ static void _php_image_output_ctx(INTERNAL_FUNCTION_PARAMETERS, int image_type, | ||
22 | RETURN_FALSE; | ||
23 | } | ||
24 | } else if (Z_TYPE_P(to_zval) == IS_STRING) { | ||
25 | + if (CHECK_ZVAL_NULL_PATH(to_zval)) { | ||
26 | + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Invalid 2nd parameter, filename must not contain null bytes"); | ||
27 | + RETURN_FALSE; | ||
28 | + } | ||
29 | + | ||
30 | stream = php_stream_open_wrapper(Z_STRVAL_P(to_zval), "wb", REPORT_ERRORS|IGNORE_PATH|IGNORE_URL_WIN, NULL); | ||
31 | if (stream == NULL) { | ||
32 | RETURN_FALSE; | ||
33 | -- | ||
34 | 1.7.9.5 | ||
35 | |||
diff --git a/meta-webserver/recipes-php/modphp/files/pthread-check-threads-m4.patch b/meta-webserver/recipes-php/modphp/files/pthread-check-threads-m4.patch new file mode 100644 index 000000000..0c564cd88 --- /dev/null +++ b/meta-webserver/recipes-php/modphp/files/pthread-check-threads-m4.patch | |||
@@ -0,0 +1,30 @@ | |||
1 | From d8067ceacbf54e79c9c6b68675332c09eaa0b55d Mon Sep 17 00:00:00 2001 | ||
2 | From: Jackie Huang <jackie.huang@windriver.com> | ||
3 | Date: Mon, 8 Apr 2013 14:29:51 +0800 | ||
4 | Subject: [PATCH] pthread-check | ||
5 | |||
6 | Enable pthreads support when cross-compiling | ||
7 | |||
8 | Upstream-Status: Inapproprate [config] | ||
9 | |||
10 | Signed-off-by: Jackie Huang <jackie.huang@windriver.com> | ||
11 | --- | ||
12 | TSRM/threads.m4 | 2 +- | ||
13 | 1 files changed, 1 insertions(+), 1 deletions(-) | ||
14 | |||
15 | diff --git a/TSRM/threads.m4 b/TSRM/threads.m4 | ||
16 | index 38494ce..15d9454 100644 | ||
17 | --- a/TSRM/threads.m4 | ||
18 | +++ b/TSRM/threads.m4 | ||
19 | @@ -86,7 +86,7 @@ int main() { | ||
20 | pthreads_working=no | ||
21 | ], [ | ||
22 | dnl For cross compiling running this test is of no use. NetWare supports pthreads | ||
23 | - pthreads_working=no | ||
24 | + pthreads_working=yes | ||
25 | case $host_alias in | ||
26 | *netware*) | ||
27 | pthreads_working=yes | ||
28 | -- | ||
29 | 1.7.4.1 | ||
30 | |||
diff --git a/meta-webserver/recipes-php/modphp/modphp5.inc b/meta-webserver/recipes-php/modphp/modphp5.inc new file mode 100644 index 000000000..f60c7bbfc --- /dev/null +++ b/meta-webserver/recipes-php/modphp/modphp5.inc | |||
@@ -0,0 +1,112 @@ | |||
1 | SECTION = "console/network" | ||
2 | DESCRIPTION = "A server-side, HTML-embedded scripting language. This package provides the apache php module." | ||
3 | LICENSE = "PHP-3.0" | ||
4 | INC_PR = "r1" | ||
5 | DEPENDS = "apache2-native apache2 zlib bzip2 libmcrypt" | ||
6 | |||
7 | SRC_URI = "http://www.php.net/distributions/php-${PV}.tar.bz2 \ | ||
8 | file://configure.patch \ | ||
9 | file://pthread-check-threads-m4.patch \ | ||
10 | file://70_mod_php5.conf \ | ||
11 | file://0001-using-pkgconfig-to-check-libxml.patch \ | ||
12 | file://php-CVE-2014-5120.patch \ | ||
13 | file://php-CVE-2014-3587.patch \ | ||
14 | file://php-CVE-2014-3597.patch \ | ||
15 | " | ||
16 | |||
17 | S = "${WORKDIR}/php-${PV}" | ||
18 | |||
19 | LIC_FILES_CHKSUM = "file://LICENSE;md5=52dd90569008fee5bcdbb22d945b1108" | ||
20 | |||
21 | inherit autotools pkgconfig | ||
22 | |||
23 | PNBLACKLIST[modphp] ?= "CONFLICT: 466 header files conflict with php" | ||
24 | # e.g. sysroots/qemux86-64/usr/include/php/main/win95nt.h | ||
25 | |||
26 | CFLAGS += " -g -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED -I${STAGING_INCDIR}/apache2" | ||
27 | |||
28 | EXTRA_OECONF = "--with-apxs2=${STAGING_BINDIR_CROSS}/apxs \ | ||
29 | --with-pic \ | ||
30 | --enable-maintainer-zts \ | ||
31 | --without-mysql \ | ||
32 | --disable-cgi \ | ||
33 | --disable-cli \ | ||
34 | --disable-pdo \ | ||
35 | --without-pear \ | ||
36 | --without-iconv \ | ||
37 | --disable-ipv6 \ | ||
38 | --disable-xml \ | ||
39 | --disable-xmlreader \ | ||
40 | --disable-xmlwriter \ | ||
41 | --disable-simplexml \ | ||
42 | --disable-dom \ | ||
43 | --disable-rpath \ | ||
44 | --libdir=${libdir}/php5 \ | ||
45 | --with-zlib --with-zlib-dir=${STAGING_DIR_TARGET}${exec_prefix} \ | ||
46 | --with-bz2=${STAGING_DIR_TARGET}${exec_prefix} \ | ||
47 | --with-mcrypt=${STAGING_DIR_TARGET}${exec_prefix} \ | ||
48 | --enable-zip \ | ||
49 | --enable-mbstring \ | ||
50 | --with-config-file-path=${sysconfdir}/php/apache2-php5 \ | ||
51 | ${@base_conditional('SITEINFO_ENDIANNESS', 'le', 'ac_cv_c_bigendian_php=no', 'ac_cv_c_bigendian_php=yes', d)}" | ||
52 | |||
53 | PACKAGECONFIG ??= "mysql" | ||
54 | PACKAGECONFIG[mysql] = "--with-mysqli=${STAGING_BINDIR_CROSS}/mysql_config,--without-mysqli,mysql5" | ||
55 | PACKAGECONFIG[pgsql] = "--with-pgsql=${STAGING_DIR_TARGET}${exec_prefix},--without-pgsql,mysql5" | ||
56 | PACKAGECONFIG[libxml] = "--enable-libxml,--disable-libxml,libxml2" | ||
57 | PACKAGECONFIG[soap] = "--enable-libxml --enable-soap, --disable-soap, libxml2" | ||
58 | |||
59 | acpaths = "" | ||
60 | |||
61 | do_configure_prepend () { | ||
62 | rm -f ${S}/build/libtool.m4 ${S}/ltmain.sh ${S}/aclocal.m4 | ||
63 | find ${S} -name config.m4 | xargs -n1 sed -i 's!APXS_HTTPD=.*!APXS_HTTPD=${STAGING_BINDIR_NATIVE}/httpd!' | ||
64 | } | ||
65 | |||
66 | do_configure_append() { | ||
67 | # No libtool, we really don't want rpath set... | ||
68 | sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' ${HOST_SYS}-libtool | ||
69 | sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' ${HOST_SYS}-libtool | ||
70 | } | ||
71 | |||
72 | do_install () { | ||
73 | install -d ${D}${libdir}/apache2/modules | ||
74 | install -d ${D}${sysconfdir}/apache2/modules.d | ||
75 | install -d ${D}${sysconfdir}/php/apache2-php5 | ||
76 | install -m 755 libs/libphp5.so ${D}${libdir}/apache2/modules | ||
77 | install -m 644 ${WORKDIR}/70_mod_php5.conf ${D}${sysconfdir}/apache2/modules.d | ||
78 | sed -i s,lib/,${libdir}/, ${D}${sysconfdir}/apache2/modules.d/70_mod_php5.conf | ||
79 | cat ${S}/php.ini-production | \ | ||
80 | sed -e 's,extension_dir = \"\./\",extension_dir = \"/usr/lib/extensions\",' \ | ||
81 | > ${D}${sysconfdir}/php/apache2-php5/php.ini | ||
82 | |||
83 | install -d ${D}${bindir} | ||
84 | install -m 755 scripts/phpize ${D}${bindir} | ||
85 | install -m 755 scripts/php-config ${D}${bindir} | ||
86 | cat aclocal-copy/libtool.m4 aclocal-copy/lt~obsolete.m4 aclocal-copy/ltoptions.m4 \ | ||
87 | aclocal-copy/ltsugar.m4 aclocal-copy/ltversion.m4 > ${S}/build/libtool.m4 | ||
88 | |||
89 | oe_runmake install-build install-headers INSTALL_ROOT=${D} | ||
90 | } | ||
91 | |||
92 | SYSROOT_PREPROCESS_FUNCS += "php_sysroot_preprocess" | ||
93 | |||
94 | php_sysroot_preprocess () { | ||
95 | install -d ${SYSROOT_DESTDIR}${bindir_crossscripts}/ | ||
96 | install -m 755 ${D}${bindir}/phpize ${SYSROOT_DESTDIR}${bindir_crossscripts}/ | ||
97 | install -m 755 ${D}${bindir}/php-config ${SYSROOT_DESTDIR}${bindir_crossscripts}/ | ||
98 | |||
99 | sed -i 's!eval echo /!eval echo ${STAGING_DIR_HOST}/!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/phpize | ||
100 | sed -i 's!^include_dir=.*!include_dir=${STAGING_INCDIR}/php!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/php-config | ||
101 | } | ||
102 | |||
103 | # phpize is not scanned for absolute paths by default (but php-config is). | ||
104 | # | ||
105 | SSTATE_SCAN_FILES += "phpize" | ||
106 | |||
107 | RDEPENDS_${PN} = "apache2" | ||
108 | |||
109 | FILES_${PN} = "${libdir}/apache2 ${sysconfdir}" | ||
110 | FILES_${PN}-dev += "${bindir}/phpize ${bindir}/php-config ${libdir}/php5" | ||
111 | FILES_${PN}-dbg += "${libdir}/apache2/modules/.debug" | ||
112 | |||
diff --git a/meta-webserver/recipes-php/modphp/modphp_5.5.15.bb b/meta-webserver/recipes-php/modphp/modphp_5.5.15.bb new file mode 100644 index 000000000..aed620f5b --- /dev/null +++ b/meta-webserver/recipes-php/modphp/modphp_5.5.15.bb | |||
@@ -0,0 +1,7 @@ | |||
1 | include modphp5.inc | ||
2 | |||
3 | EXTRA_OECONF += "--disable-opcache" | ||
4 | |||
5 | SRC_URI[md5sum] = "5cb5f2ed9099299f8a4c952d59d93812" | ||
6 | SRC_URI[sha256sum] = "00f24226b12fee27e332383b6304f1b9ed3f4d9173dd728a68c5c3f5a59b8ba7" | ||
7 | |||
diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-bug-4504-security-Self-XSS-in-query-charts.patch b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-bug-4504-security-Self-XSS-in-query-charts.patch new file mode 100644 index 000000000..27eac7762 --- /dev/null +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-bug-4504-security-Self-XSS-in-query-charts.patch | |||
@@ -0,0 +1,29 @@ | |||
1 | From 90ddeecf60fc029608b972e490b735f3a65ed0cb Mon Sep 17 00:00:00 2001 | ||
2 | From: Madhura Jayaratne <madhura.cj@gmail.com> | ||
3 | Date: Sun, 17 Aug 2014 08:52:05 -0400 | ||
4 | Subject: [PATCH] bug #4504 [security] Self-XSS in query charts | ||
5 | |||
6 | Upstream-status: Backport | ||
7 | |||
8 | Signed-off-by: Marc Delisle <marc@infomarc.info> | ||
9 | --- | ||
10 | js/tbl_chart.js | 2 +- | ||
11 | 2 files changed, 2 insertions(+), 1 deletion(-) | ||
12 | |||
13 | 4.2.7.0 (2014-07-31) | ||
14 | diff --git a/js/tbl_chart.js b/js/tbl_chart.js | ||
15 | index 943d4ae..04c9c40 100644 | ||
16 | --- a/js/tbl_chart.js | ||
17 | +++ b/js/tbl_chart.js | ||
18 | @@ -47,7 +47,7 @@ function PMA_queryChart(data, columnNames, settings) { | ||
19 | }, | ||
20 | axes : { | ||
21 | xaxis : { | ||
22 | - label : settings.xaxisLabel | ||
23 | + label : escapeHtml(settings.xaxisLabel) | ||
24 | }, | ||
25 | yaxis : { | ||
26 | label : settings.yaxisLabel | ||
27 | -- | ||
28 | 1.7.10.4 | ||
29 | |||
diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-bug-4505-security-XSS-in-view-operations-page.patch b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-bug-4505-security-XSS-in-view-operations-page.patch new file mode 100644 index 000000000..164a072ef --- /dev/null +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/0001-bug-4505-security-XSS-in-view-operations-page.patch | |||
@@ -0,0 +1,43 @@ | |||
1 | From 0cd293f5e13aa245e4a57b8d373597cc0e421b6f Mon Sep 17 00:00:00 2001 | ||
2 | From: Madhura Jayaratne <madhura.cj@gmail.com> | ||
3 | Date: Sun, 17 Aug 2014 08:41:57 -0400 | ||
4 | Subject: [PATCH] bug #4505 [security] XSS in view operations page | ||
5 | |||
6 | Upstream-Status: Backport | ||
7 | |||
8 | Signed-off-by: Marc Delisle <marc@infomarc.info> | ||
9 | --- | ||
10 | ChangeLog | 3 +++ | ||
11 | js/functions.js | 2 +- | ||
12 | 2 files changed, 4 insertions(+), 1 deletion(-) | ||
13 | |||
14 | diff --git a/ChangeLog b/ChangeLog | ||
15 | index 7afac1a..cec9d77 100644 | ||
16 | --- a/ChangeLog | ||
17 | +++ b/ChangeLog | ||
18 | @@ -1,6 +1,9 @@ | ||
19 | phpMyAdmin - ChangeLog | ||
20 | ====================== | ||
21 | |||
22 | +4.2.7.1 (2014-08-17) | ||
23 | +- bug #4505 [security] XSS in view operations page | ||
24 | + | ||
25 | 4.2.7.0 (2014-07-31) | ||
26 | - bug Broken links on home page | ||
27 | - bug #4494 Overlap in navigation panel | ||
28 | diff --git a/js/functions.js b/js/functions.js | ||
29 | index 09bfeda..a970a81 100644 | ||
30 | --- a/js/functions.js | ||
31 | +++ b/js/functions.js | ||
32 | @@ -3585,7 +3585,7 @@ AJAX.registerOnload('functions.js', function () { | ||
33 | var question = PMA_messages.strDropTableStrongWarning + ' '; | ||
34 | question += $.sprintf( | ||
35 | PMA_messages.strDoYouReally, | ||
36 | - 'DROP VIEW ' + PMA_commonParams.get('table') | ||
37 | + 'DROP VIEW ' + escapeHtml(PMA_commonParams.get('table')) | ||
38 | ); | ||
39 | |||
40 | $(this).PMA_confirm(question, $(this).attr('href'), function (url) { | ||
41 | -- | ||
42 | 1.7.10.4 | ||
43 | |||
diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/apache.conf b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/apache.conf new file mode 100644 index 000000000..94cbd865c --- /dev/null +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/apache.conf | |||
@@ -0,0 +1,42 @@ | |||
1 | # phpMyAdmin default Apache configuration | ||
2 | |||
3 | Alias /phpmyadmin /usr/share/phpmyadmin | ||
4 | |||
5 | <Directory /usr/share/phpmyadmin> | ||
6 | Options FollowSymLinks | ||
7 | DirectoryIndex index.php | ||
8 | Require all granted | ||
9 | |||
10 | <IfModule mod_php5.c> | ||
11 | AddType application/x-httpd-php .php | ||
12 | |||
13 | php_flag magic_quotes_gpc Off | ||
14 | php_flag track_vars On | ||
15 | php_flag register_globals Off | ||
16 | php_admin_flag allow_url_fopen Off | ||
17 | php_value include_path . | ||
18 | php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp | ||
19 | php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/ | ||
20 | </IfModule> | ||
21 | </Directory> | ||
22 | |||
23 | # Authorize for setup | ||
24 | <Directory /usr/share/phpmyadmin/setup> | ||
25 | <IfModule mod_authn_file.c> | ||
26 | AuthType Basic | ||
27 | AuthName "phpMyAdmin Setup" | ||
28 | AuthUserFile /etc/phpmyadmin/htpasswd.setup | ||
29 | </IfModule> | ||
30 | Require valid-user | ||
31 | </Directory> | ||
32 | |||
33 | # Disallow web access to directories that don't need it | ||
34 | <Directory /usr/share/phpmyadmin/libraries> | ||
35 | Order Deny,Allow | ||
36 | Deny from All | ||
37 | </Directory> | ||
38 | <Directory /usr/share/phpmyadmin/setup/lib> | ||
39 | Order Deny,Allow | ||
40 | Deny from All | ||
41 | </Directory> | ||
42 | |||
diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb new file mode 100644 index 000000000..447b77884 --- /dev/null +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.2.7.bb | |||
@@ -0,0 +1,34 @@ | |||
1 | SUMMARY = "Web-based MySQL administration interface" | ||
2 | HOMEPAGE = "http://www.phpmyadmin.net" | ||
3 | # Main code is GPLv2, libraries/tcpdf is under LGPLv3, js/jquery is under MIT | ||
4 | LICENSE = "GPLv2 & LGPLv3 & MIT" | ||
5 | LIC_FILES_CHKSUM = "file://LICENSE;md5=eb723b61539feef013de476e68b5c50a \ | ||
6 | file://libraries/tcpdf/LICENSE.TXT;md5=5c87b66a5358ebcc495b03e0afcd342c" | ||
7 | |||
8 | SRC_URI = "${SOURCEFORGE_MIRROR}/phpmyadmin/phpMyAdmin/${PV}/phpMyAdmin-${PV}-all-languages.tar.xz \ | ||
9 | file://0001-bug-4504-security-Self-XSS-in-query-charts.patch \ | ||
10 | file://0001-bug-4505-security-XSS-in-view-operations-page.patch \ | ||
11 | file://apache.conf" | ||
12 | |||
13 | SRC_URI[md5sum] = "0dcd755450dac819f33502590c88ad29" | ||
14 | SRC_URI[sha256sum] = "5d101dd88a99a869bc0c684a7f687cf290abc4bf306daac73337cbde2d7743e4" | ||
15 | |||
16 | S = "${WORKDIR}/phpMyAdmin-${PV}-all-languages" | ||
17 | |||
18 | inherit allarch | ||
19 | |||
20 | do_install() { | ||
21 | install -d ${D}${datadir}/${BPN} | ||
22 | cp -a * ${D}${datadir}/${BPN} | ||
23 | |||
24 | install -d ${D}${sysconfdir}/apache2/conf.d | ||
25 | install -m 0644 ${WORKDIR}/apache.conf ${D}${sysconfdir}/apache2/conf.d/phpmyadmin.conf | ||
26 | |||
27 | # Remove a few scripts that explicitly require bash (!) | ||
28 | rm -f ${D}${datadir}/phpmyadmin/libraries/transformations/*.sh | ||
29 | } | ||
30 | |||
31 | FILES_${PN} = "${datadir}/${BPN} \ | ||
32 | ${sysconfdir}/apache2/conf.d" | ||
33 | |||
34 | RDEPENDS_${PN} += "bash" | ||
diff --git a/meta-webserver/recipes-php/xdebug/xdebug_2.2.5.bb b/meta-webserver/recipes-php/xdebug/xdebug_2.2.5.bb new file mode 100644 index 000000000..66aff5e33 --- /dev/null +++ b/meta-webserver/recipes-php/xdebug/xdebug_2.2.5.bb | |||
@@ -0,0 +1,36 @@ | |||
1 | SUMMARY = "Debugging and profiling extension for PHP" | ||
2 | LICENSE = "Xdebug" | ||
3 | LIC_FILES_CHKSUM = "file://LICENSE;md5=34df3a274aa12b795417c65634c07f16" | ||
4 | |||
5 | DEPENDS = "modphp" | ||
6 | |||
7 | PNBLACKLIST[xdebug] ?= "CONFLICT: depends on blocked modphp" | ||
8 | |||
9 | SRC_URI = "http://xdebug.org/files/xdebug-${PV}.tgz" | ||
10 | |||
11 | SRC_URI[md5sum] = "7e571ce8eb6fa969fd8263969019849d" | ||
12 | SRC_URI[sha256sum] = "adc6fe92dcff2368be94d20a5997aadb4d46d74551e2dd6602a704a35a195a6f" | ||
13 | |||
14 | inherit autotools | ||
15 | |||
16 | EXTRA_OECONF += "--enable-xdebug -with-php-config=${STAGING_BINDIR_CROSS}/php-config" | ||
17 | |||
18 | do_configure() { | ||
19 | cd ${S} | ||
20 | ${STAGING_BINDIR_CROSS}/phpize | ||
21 | cd ${B} | ||
22 | |||
23 | # Running autoreconf as autotools_do_configure would do here | ||
24 | # breaks the libtool configuration resulting in a failure later | ||
25 | # in do_compile. It's possible this may be fixable, however the | ||
26 | # easiest course of action for the moment is to avoid doing that. | ||
27 | oe_runconf | ||
28 | } | ||
29 | |||
30 | do_install() { | ||
31 | oe_runmake install INSTALL_ROOT=${D} | ||
32 | } | ||
33 | |||
34 | FILES_${PN} += "${libdir}/php5/extensions/*/*.so" | ||
35 | FILES_${PN}-dbg += "${libdir}/php5/extensions/*/.debug" | ||
36 | |||
diff --git a/meta-webserver/recipes-support/fcgi/fcgi/Fix_EOF_not_declared_issue.patch b/meta-webserver/recipes-support/fcgi/fcgi/Fix_EOF_not_declared_issue.patch new file mode 100644 index 000000000..51ddeaac2 --- /dev/null +++ b/meta-webserver/recipes-support/fcgi/fcgi/Fix_EOF_not_declared_issue.patch | |||
@@ -0,0 +1,17 @@ | |||
1 | Upstream-Status: Pending | ||
2 | |||
3 | Fix EOF not declared issue, following is the error log. | ||
4 | fcgio.cpp:70:72: error: 'EOF' was not declared in this scope | ||
5 | if (FCGX_PutStr(pbase(), plen, this->fcgx) != plen) return EOF; | ||
6 | |||
7 | Signed-off-by: Yang Haibo <b40869@freescale.com> | ||
8 | --- fcgi-ori/libfcgi/fcgio.cpp 2014-07-28 18:01:00.000000000 +0800 | ||
9 | +++ fcgi-2.4.0/libfcgi/fcgio.cpp 2014-07-28 18:01:22.000000000 +0800 | ||
10 | @@ -22,6 +22,7 @@ | ||
11 | #define DLLAPI __declspec(dllexport) | ||
12 | #endif | ||
13 | |||
14 | +#include <stdio.h> | ||
15 | #include <limits.h> | ||
16 | #include "fcgio.h" | ||
17 | |||
diff --git a/meta-webserver/recipes-support/fcgi/fcgi/add_foreign_to_AM_INIT_AUTOMAKE.patch b/meta-webserver/recipes-support/fcgi/fcgi/add_foreign_to_AM_INIT_AUTOMAKE.patch new file mode 100644 index 000000000..eca694adc --- /dev/null +++ b/meta-webserver/recipes-support/fcgi/fcgi/add_foreign_to_AM_INIT_AUTOMAKE.patch | |||
@@ -0,0 +1,18 @@ | |||
1 | Upstream-Status: Pending | ||
2 | |||
3 | use automake options "foreign" to set the strictness as appropriate | ||
4 | |||
5 | Signed-off-by: Yang Haibo <b40869@freescale.com> | ||
6 | --- fcgi-ori/configure.in 2014-08-05 14:58:35.000000000 +0800 | ||
7 | +++ fcgi-2.4.0/configure.in 2014-08-05 14:59:08.000000000 +0800 | ||
8 | @@ -4,8 +4,8 @@ | ||
9 | dnl generate the file "configure", which is run during the build | ||
10 | dnl to configure the system for the local environment. | ||
11 | |||
12 | -AC_INIT | ||
13 | -AM_INIT_AUTOMAKE(fcgi, 2.4.0) | ||
14 | +AC_INIT([fcgi], [2.4.0]) | ||
15 | +AM_INIT_AUTOMAKE([foreign]) | ||
16 | |||
17 | AM_CONFIG_HEADER(fcgi_config.h) | ||
18 | |||
diff --git a/meta-webserver/recipes-support/fcgi/fcgi_2.4.0.bb b/meta-webserver/recipes-support/fcgi/fcgi_2.4.0.bb new file mode 100644 index 000000000..ed718aefd --- /dev/null +++ b/meta-webserver/recipes-support/fcgi/fcgi_2.4.0.bb | |||
@@ -0,0 +1,15 @@ | |||
1 | DESCRIPTION = "FastCGI is a protocol for interfacing interactive programs with a web server." | ||
2 | HOMEPAGE = "http://www.fastcgi.com" | ||
3 | LICENSE = "OML" | ||
4 | LIC_FILES_CHKSUM = "file://LICENSE.TERMS;md5=e3aacac3a647af6e7e31f181cda0a06a" | ||
5 | |||
6 | SRC_URI = "http://fossies.org/linux/www/${BP}.tar.gz \ | ||
7 | file://Fix_EOF_not_declared_issue.patch \ | ||
8 | file://add_foreign_to_AM_INIT_AUTOMAKE.patch \ | ||
9 | " | ||
10 | SRC_URI[md5sum] = "d15060a813b91383a9f3c66faf84867e" | ||
11 | SRC_URI[sha256sum] = "66fc45c6b36a21bf2fbbb68e90f780cc21a9da1fffbae75e76d2b4402d3f05b9" | ||
12 | |||
13 | inherit autotools | ||
14 | |||
15 | PARALLEL_MAKE = "" | ||
diff --git a/meta-webserver/recipes-webadmin/webmin/files/disable-version-check.patch b/meta-webserver/recipes-webadmin/webmin/files/disable-version-check.patch new file mode 100644 index 000000000..a9ee40507 --- /dev/null +++ b/meta-webserver/recipes-webadmin/webmin/files/disable-version-check.patch | |||
@@ -0,0 +1,45 @@ | |||
1 | Disable OS version check in status screen | ||
2 | |||
3 | The code is not able to accurately detect the correct distro/version at | ||
4 | the moment. | ||
5 | |||
6 | Upstream-status: Inappropriate | ||
7 | |||
8 | Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> | ||
9 | |||
10 | diff --git a/webmin/webmin-lib.pl b/webmin/webmin-lib.pl | ||
11 | index 57a37f7..838b944 100755 | ||
12 | --- a/webmin/webmin-lib.pl | ||
13 | +++ b/webmin/webmin-lib.pl | ||
14 | @@ -1059,18 +1059,19 @@ my %miniserv; | ||
15 | &load_theme_library(); # So that UI functions work | ||
16 | |||
17 | # Need OS upgrade | ||
18 | -my %realos = &detect_operating_system(undef, 1); | ||
19 | -if (($realos{'os_version'} ne $gconfig{'os_version'} || | ||
20 | - $realos{'os_type'} ne $gconfig{'os_type'}) && | ||
21 | - $realos{'os_version'} && $realos{'os_type'} && | ||
22 | - &foreign_available("webmin")) { | ||
23 | - push(@notifs, | ||
24 | - &ui_form_start("$gconfig{'webprefix'}/webmin/fix_os.cgi"). | ||
25 | - &text('os_incorrect', $realos{'real_os_type'}, | ||
26 | - $realos{'real_os_version'})."<p>\n". | ||
27 | - &ui_form_end([ [ undef, $text{'os_fix'} ] ]) | ||
28 | - ); | ||
29 | - } | ||
30 | +# Disabled for now as os-chooser.pl does not work on our system | ||
31 | +#my %realos = &detect_operating_system(undef, 1); | ||
32 | +#if (($realos{'os_version'} ne $gconfig{'os_version'} || | ||
33 | +# $realos{'os_type'} ne $gconfig{'os_type'}) && | ||
34 | +# $realos{'os_version'} && $realos{'os_type'} && | ||
35 | +# &foreign_available("webmin")) { | ||
36 | +# push(@notifs, | ||
37 | +# &ui_form_start("$gconfig{'webprefix'}/webmin/fix_os.cgi"). | ||
38 | +# &text('os_incorrect', $realos{'real_os_type'}, | ||
39 | +# $realos{'real_os_version'})."<p>\n". | ||
40 | +# &ui_form_end([ [ undef, $text{'os_fix'} ] ]) | ||
41 | +# ); | ||
42 | +# } | ||
43 | |||
44 | # Password close to expiry | ||
45 | my $warn_days = $config{'warn_days'}; | ||
diff --git a/meta-webserver/recipes-webadmin/webmin/files/exports-lib.pl.patch b/meta-webserver/recipes-webadmin/webmin/files/exports-lib.pl.patch new file mode 100644 index 000000000..177d8a372 --- /dev/null +++ b/meta-webserver/recipes-webadmin/webmin/files/exports-lib.pl.patch | |||
@@ -0,0 +1,32 @@ | |||
1 | From 7eba4c98c6953fa6ea76c1620d19524bcfa3a576 Mon Sep 17 00:00:00 2001 | ||
2 | From: Kevin Strasser <kevin.strasser@linux.intel.com> | ||
3 | Date: Wed, 1 Aug 2012 11:51:26 -0700 | ||
4 | Subject: [PATCH] nfs export: remove nfsd check | ||
5 | |||
6 | nfsd runs as a kernel process and does not have a pid. This means | ||
7 | that the command assigned to apply_cmd will never be executed when | ||
8 | the user tries to apply changes to nfs exports. | ||
9 | |||
10 | Upstream-Status: Inappropriate [config] | ||
11 | |||
12 | Signed-off-by: Kevin Strasser <kevin.strasser@linux.intel.com> | ||
13 | --- | ||
14 | exports/exports-lib.pl | 2 +- | ||
15 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
16 | |||
17 | diff --git a/exports/exports-lib.pl b/exports/exports-lib.pl | ||
18 | index 22891c0..1c67494 100755 | ||
19 | --- a/exports/exports-lib.pl | ||
20 | +++ b/exports/exports-lib.pl | ||
21 | @@ -273,7 +273,7 @@ return !&has_command("rpc.nfsd") && !&has_command("nfsd") && | ||
22 | sub restart_mountd | ||
23 | { | ||
24 | # Try exportfs -r first | ||
25 | -if ($config{'apply_cmd'} && &find_byname("nfsd") && &find_byname("mountd")) { | ||
26 | +if ($config{'apply_cmd'} && &find_byname("mountd")) { | ||
27 | my $out = &backquote_logged("$config{'apply_cmd'} 2>&1 </dev/null"); | ||
28 | if (!$? && $out !~ /invalid|error|failed/i) { | ||
29 | # Looks like it worked! | ||
30 | -- | ||
31 | 1.7.9.5 | ||
32 | |||
diff --git a/meta-webserver/recipes-webadmin/webmin/files/init-exclude.patch b/meta-webserver/recipes-webadmin/webmin/files/init-exclude.patch new file mode 100644 index 000000000..5563227d5 --- /dev/null +++ b/meta-webserver/recipes-webadmin/webmin/files/init-exclude.patch | |||
@@ -0,0 +1,78 @@ | |||
1 | # Hack in support for an "exclude" config option for the init module, so | ||
2 | # we can hide certain system services that shouldn't really be configurable | ||
3 | # via the web interface | ||
4 | # | ||
5 | # Upstream-status: Pending | ||
6 | # | ||
7 | # Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> | ||
8 | # Signed-off-by: Jackie Huang <jackie.huang@windriver.com> | ||
9 | --- | ||
10 | init/index.cgi | 27 ++++++++++++++------------- | ||
11 | init/init-lib.pl | 5 +++-- | ||
12 | 2 files changed, 17 insertions(+), 15 deletions(-) | ||
13 | |||
14 | diff --git a/init/index.cgi b/init/index.cgi | ||
15 | index d48b793..30dafd4 100755 | ||
16 | --- a/init/index.cgi | ||
17 | +++ b/init/index.cgi | ||
18 | @@ -45,19 +45,20 @@ elsif ($init_mode eq "init" && $access{'bootup'}) { | ||
19 | : "$config{'init_dir'}/$ac[0]"); | ||
20 | } | ||
21 | @runlevels = &list_runlevels(); | ||
22 | - foreach $r (@runlevels) { | ||
23 | - foreach $w ("S", "K") { | ||
24 | - foreach $a (&runlevel_actions($r, $w)) { | ||
25 | - @ac = split(/\s+/, $a); | ||
26 | - if (!$nodemap{$ac[2]}) { | ||
27 | - push(@acts, $ac[1]); | ||
28 | - push(@actsl, | ||
29 | - "1+$r+$ac[0]+$ac[1]+$ac[2]+$w"); | ||
30 | - push(@actsf, "$config{'init_base'}/rc$r.d/$w$ac[0]$ac[1]"); | ||
31 | - } | ||
32 | - } | ||
33 | - } | ||
34 | - } | ||
35 | + # Assume there won't be any of these broken actions | ||
36 | + #foreach $r (@runlevels) { | ||
37 | + # foreach $w ("S", "K") { | ||
38 | + # foreach $a (&runlevel_actions($r, $w)) { | ||
39 | + # @ac = split(/\s+/, $a); | ||
40 | + # if (!$nodemap{$ac[2]}) { | ||
41 | + # push(@acts, $ac[1]); | ||
42 | + # push(@actsl, | ||
43 | + # "1+$r+$ac[0]+$ac[1]+$ac[2]+$w"); | ||
44 | + # push(@actsf, "$config{'init_base'}/rc$r.d/$w$ac[0]$ac[1]"); | ||
45 | + # } | ||
46 | + # } | ||
47 | + # } | ||
48 | + # } | ||
49 | |||
50 | # For each action, look at /etc/rc*.d/* files to see if it is | ||
51 | # started at boot | ||
52 | diff --git a/init/init-lib.pl b/init/init-lib.pl | ||
53 | index ead21ed..b41794b 100755 | ||
54 | --- a/init/init-lib.pl | ||
55 | +++ b/init/init-lib.pl | ||
56 | @@ -119,8 +119,9 @@ List boot time action names from init.d, such as httpd and cron. | ||
57 | =cut | ||
58 | sub list_actions | ||
59 | { | ||
60 | -local($dir, $f, @stbuf, @rv); | ||
61 | +local($dir, $f, @stbuf, @rv, @exclude); | ||
62 | $dir = $config{init_dir}; | ||
63 | +@exclude = split(/,/, $config{exclude}); | ||
64 | opendir(DIR, $dir); | ||
65 | foreach $f (sort { lc($a) cmp lc($b) } readdir(DIR)) { | ||
66 | if ($f eq "." || $f eq ".." || $f =~ /\.bak$/ || $f eq "functions" || | ||
67 | @@ -128,7 +129,7 @@ foreach $f (sort { lc($a) cmp lc($b) } readdir(DIR)) { | ||
68 | -d "$dir/$f" || $f =~ /\.swp$/ || $f eq "skeleton" || | ||
69 | $f =~ /\.lock$/ || $f =~ /\.dpkg-(old|dist)$/ || | ||
70 | $f =~ /^\.depend\./ || $f eq '.legacy-bootordering' || | ||
71 | - $f =~ /^mandrake/) { next; } | ||
72 | + $f =~ /^mandrake/ || grep {$_ eq $f} @exclude ) { next; } | ||
73 | if (@stbuf = stat("$dir/$f")) { | ||
74 | push(@rv, "$f $stbuf[1]"); | ||
75 | } | ||
76 | -- | ||
77 | 2.0.0 | ||
78 | |||
diff --git a/meta-webserver/recipes-webadmin/webmin/files/media-tomb.patch b/meta-webserver/recipes-webadmin/webmin/files/media-tomb.patch new file mode 100644 index 000000000..46f310979 --- /dev/null +++ b/meta-webserver/recipes-webadmin/webmin/files/media-tomb.patch | |||
@@ -0,0 +1,65 @@ | |||
1 | diff -Nru webmin-1.570.bak/mediatomb/index.cgi webmin-1.570/mediatomb/index.cgi | ||
2 | --- webmin-1.570.bak/mediatomb/index.cgi 1969-12-31 16:00:00.000000000 -0800 | ||
3 | +++ webmin-1.570/mediatomb/index.cgi 2011-10-26 10:00:05.992522036 -0700 | ||
4 | @@ -0,0 +1,13 @@ | ||
5 | +#!/usr/bin/perl | ||
6 | +# index.cgi | ||
7 | +# Display MediaTomb option categories | ||
8 | + | ||
9 | +require './mediatomb-lib.pl'; | ||
10 | + | ||
11 | +ui_print_header(undef, $text{'index_title'}, "", undef, 1, 1); | ||
12 | + | ||
13 | + | ||
14 | +$ipaddress = &get_my_address(); | ||
15 | +print &text('index_desc', $ipaddress),"<p>\n"; | ||
16 | + | ||
17 | +ui_print_footer("/", $text{'index'}); | ||
18 | diff -Nru webmin-1.570.bak/mediatomb/lang/en webmin-1.570/mediatomb/lang/en | ||
19 | --- webmin-1.570.bak/mediatomb/lang/en 1969-12-31 16:00:00.000000000 -0800 | ||
20 | +++ webmin-1.570/mediatomb/lang/en 2011-10-26 10:01:13.340522186 -0700 | ||
21 | @@ -0,0 +1,2 @@ | ||
22 | +index_title=MediaTomb | ||
23 | +index_desc=MediaTomb is an open source (GPL) UPnP MediaServer with a nice web user interface. You can access it via <a href='http://$1:49153'>here</a>. | ||
24 | diff -Nru webmin-1.570.bak/mediatomb/mediatomb-lib.pl webmin-1.570/mediatomb/mediatomb-lib.pl | ||
25 | --- webmin-1.570.bak/mediatomb/mediatomb-lib.pl 1969-12-31 16:00:00.000000000 -0800 | ||
26 | +++ webmin-1.570/mediatomb/mediatomb-lib.pl 2011-10-26 10:01:34.692522079 -0700 | ||
27 | @@ -0,0 +1,31 @@ | ||
28 | +#!/usr/bin/perl | ||
29 | +# mediatomb-lib.pl | ||
30 | +# Common functions for the MediaTomb module | ||
31 | + | ||
32 | +BEGIN { push(@INC, ".."); }; | ||
33 | +use WebminCore; | ||
34 | +&init_config(); | ||
35 | + | ||
36 | +sub get_my_address | ||
37 | +{ | ||
38 | +my $myip; | ||
39 | +if (&foreign_check("net")) { | ||
40 | + # Try to get ethernet interface | ||
41 | + &foreign_require("net", "net-lib.pl"); | ||
42 | + my @act = &net::active_interfaces(); | ||
43 | + my @ifaces = grep { &net::iface_type($_->{'fullname'}) =~ /ether/i } | ||
44 | + @act; | ||
45 | + @ifaces = ( $act[0] ) if (!@ifaces && @act); | ||
46 | + if (@ifaces) { | ||
47 | + return wantarray ? ( map { $_->{'address'} } @ifaces ) | ||
48 | + : $ifaces[0]->{'address'}; | ||
49 | + } | ||
50 | + } | ||
51 | +$myip = &to_ipaddress(&get_system_hostname()); | ||
52 | +if ($myip) { | ||
53 | + # Can resolve hostname .. use that | ||
54 | + return wantarray ? ( $myip ) : $myip; | ||
55 | + } | ||
56 | +return wantarray ? ( ) : undef; | ||
57 | +} | ||
58 | + | ||
59 | diff -Nru webmin-1.570.bak/mediatomb/module.info webmin-1.570/mediatomb/module.info | ||
60 | --- webmin-1.570.bak/mediatomb/module.info 1969-12-31 16:00:00.000000000 -0800 | ||
61 | +++ webmin-1.570/mediatomb/module.info 2011-10-26 09:59:50.428528369 -0700 | ||
62 | @@ -0,0 +1,3 @@ | ||
63 | +desc=MediaTomb | ||
64 | +category=others | ||
65 | +longdesc=MediaTomb access module | ||
diff --git a/meta-webserver/recipes-webadmin/webmin/files/mount-excludefs.patch b/meta-webserver/recipes-webadmin/webmin/files/mount-excludefs.patch new file mode 100644 index 000000000..8cb74c4b1 --- /dev/null +++ b/meta-webserver/recipes-webadmin/webmin/files/mount-excludefs.patch | |||
@@ -0,0 +1,25 @@ | |||
1 | Add excludefs config option to mount module | ||
2 | |||
3 | Adds a configuration option (currently hidden) to allow the distro to | ||
4 | hide certain filesystems from the mount module within Webmin (e.g. /dev) | ||
5 | since these shouldn't be modified from the web interface. | ||
6 | |||
7 | Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> | ||
8 | |||
9 | Upstream-status: Pending | ||
10 | |||
11 | --- webmin-1.570.orig/mount/index.cgi | ||
12 | +++ webmin-1.570/mount/index.cgi | ||
13 | @@ -33,10 +33,12 @@ elsif ($config{'sort_mode'} == 1) { | ||
14 | } | ||
15 | |||
16 | # Build visible filesystems list | ||
17 | +@excludefs = split(/,/, $config{excludefs}); | ||
18 | foreach $m (@all) { | ||
19 | @minfo = @$m; | ||
20 | $p = &simplify_mount_path($minfo[0], $minfo[2]); | ||
21 | next if ($ignore{$minfo[2]}); | ||
22 | + next if (grep {$_ eq $minfo[2]} @excludefs); | ||
23 | @mmodes = &mount_modes($minfo[2], $minfo[0], $minfo[1]); | ||
24 | $canedit = $can_edit{$minfo[2]} && !$mmodes[4] && | ||
25 | &can_edit_fs(@minfo); | ||
diff --git a/meta-webserver/recipes-webadmin/webmin/files/net-generic.patch b/meta-webserver/recipes-webadmin/webmin/files/net-generic.patch new file mode 100644 index 000000000..7d20affb2 --- /dev/null +++ b/meta-webserver/recipes-webadmin/webmin/files/net-generic.patch | |||
@@ -0,0 +1,21 @@ | |||
1 | # Add support for configuring network interfaces on a generic linux system | ||
2 | # | ||
3 | # Upstream-status: Not appropriate [config] | ||
4 | # | ||
5 | # Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> | ||
6 | --- webmin-1.570.orig/net/module.info | ||
7 | +++ webmin-1.570/net/module.info | ||
8 | @@ -11,7 +11,7 @@ desc_ko_KR.UTF-8=ë„¤íŠ¸ì›Œí¬ êµ¬ì„± | ||
9 | name=Networking | ||
10 | desc_tr=Að Yapýlandýrmasý | ||
11 | desc_de=Netzwerkkonfiguration | ||
12 | -os_support=solaris coherent-linux redhat-linux/5.0-* mandrake-linux united-linux suse-linux/6.0-* open-linux unixware turbo-linux/4.0 freebsd/3.2-* openbsd debian-linux/2.2-* cobalt-linux/2.2-* msc-linux gentoo-linux macos/1.5-* trustix-linux slackware-linux/8.0-* openmamba-linux cygwin windows pardus-linux | ||
13 | +os_support=generic-linux solaris coherent-linux redhat-linux/5.0-* mandrake-linux united-linux suse-linux/6.0-* open-linux unixware turbo-linux/4.0 freebsd/3.2-* openbsd debian-linux/2.2-* cobalt-linux/2.2-* msc-linux gentoo-linux macos/1.5-* trustix-linux slackware-linux/8.0-* openmamba-linux cygwin windows pardus-linux | ||
14 | desc_sk=Konfigurácia siete | ||
15 | desc_zh_CN=ÍøÂçÅäÖà | ||
16 | risk=low medium high | ||
17 | --- /dev/null | ||
18 | +++ webmin-1.570/net/generic-linux-lib.pl | ||
19 | @@ -0,0 +1,2 @@ | ||
20 | +do 'linux-lib.pl'; | ||
21 | + | ||
diff --git a/meta-webserver/recipes-webadmin/webmin/files/net-lib.pl.patch b/meta-webserver/recipes-webadmin/webmin/files/net-lib.pl.patch new file mode 100644 index 000000000..bdba5e73f --- /dev/null +++ b/meta-webserver/recipes-webadmin/webmin/files/net-lib.pl.patch | |||
@@ -0,0 +1,19 @@ | |||
1 | Upstream-Status: Inappropriate [config] | ||
2 | |||
3 | XXX: need to work out a better fix. | ||
4 | |||
5 | Signed-off-by: Dexuan Cui <dexuan.cui@intel.com> | ||
6 | |||
7 | diff -Nru webmin-1.570.orig//net/net-lib.pl webmin-1.570/net/net-lib.pl | ||
8 | --- webmin-1.570.orig//net/net-lib.pl 2011-10-03 09:01:48.000000000 +0800 | ||
9 | +++ webmin-1.570/net/net-lib.pl 2011-10-28 13:52:56.138873664 +0800 | ||
10 | @@ -21,7 +21,8 @@ | ||
11 | do "$gconfig{'os_type'}-9.1-ALL-lib.pl"; | ||
12 | } | ||
13 | else { | ||
14 | - do "$gconfig{'os_type'}-lib.pl"; | ||
15 | + #do "$gconfig{'os_type'}-lib.pl"; | ||
16 | + do "debian-linux-lib.pl"; | ||
17 | } | ||
18 | |||
19 | # list_hosts() | ||
diff --git a/meta-webserver/recipes-webadmin/webmin/files/nfs-export.patch b/meta-webserver/recipes-webadmin/webmin/files/nfs-export.patch new file mode 100644 index 000000000..c17e3b216 --- /dev/null +++ b/meta-webserver/recipes-webadmin/webmin/files/nfs-export.patch | |||
@@ -0,0 +1,39 @@ | |||
1 | commit e48f61d2f6df32a518bcb84db8c6eacfe5435c32 | ||
2 | Author: Yu Ke <ke.yu@intel.com> | ||
3 | Date: Fri Oct 28 14:40:51 2011 +0800 | ||
4 | |||
5 | NFS export: fix syntax issue | ||
6 | |||
7 | fix two syntax issue in /etc/exports: | ||
8 | 1. if it is exported to everyone, should use "*", e.g. "/export *(xxx)" | ||
9 | 2. explicitly specify subtree_check or no_subtree_check, required by latest nfs-utils | ||
10 | |||
11 | Upstream-Status: Pending | ||
12 | |||
13 | Signed-off-by: Yu Ke <ke.yu@intel.com> | ||
14 | |||
15 | diff --git a/exports/save_export.cgi b/exports/save_export.cgi | ||
16 | index 3bc2f97..3e60298 100755 | ||
17 | --- a/exports/save_export.cgi | ||
18 | +++ b/exports/save_export.cgi | ||
19 | @@ -40,7 +40,7 @@ else { | ||
20 | &error(&text('save_enetmask', $in{'netmask'})); | ||
21 | $exp{'host'} = $in{'network'}."/".$in{'netmask'}; | ||
22 | } | ||
23 | - elsif ($in{'mode'} == 3) { $exp{'host'} = ""; } | ||
24 | + elsif ($in{'mode'} == 3) { $exp{'host'} = "*"; } | ||
25 | else { | ||
26 | $in{'host'} =~ /\*/ || &to_ipaddress($in{'host'}) || | ||
27 | &error(&text('save_ehost', $in{'host'})); | ||
28 | @@ -70,6 +70,11 @@ else { | ||
29 | |||
30 | delete($opts{'no_subtree_check'}); delete($opts{'subtree_check'}); | ||
31 | $opts{'no_subtree_check'} = "" if ($in{'no_subtree_check'}); | ||
32 | + if ($in{'no_subtree_check'}) { | ||
33 | + $opts{'no_subtree_check'} = ""; | ||
34 | + } else { | ||
35 | + $opts{'subtree_check'} = ""; | ||
36 | + } | ||
37 | |||
38 | delete($opts{'nohide'}); delete($opts{'hide'}); | ||
39 | $opts{'nohide'} = "" if ($in{'nohide'}); | ||
diff --git a/meta-webserver/recipes-webadmin/webmin/files/proftpd-config-fix.patch b/meta-webserver/recipes-webadmin/webmin/files/proftpd-config-fix.patch new file mode 100644 index 000000000..492a652d4 --- /dev/null +++ b/meta-webserver/recipes-webadmin/webmin/files/proftpd-config-fix.patch | |||
@@ -0,0 +1,18 @@ | |||
1 | Upstream-status: Inappropriate [configuration] | ||
2 | |||
3 | Signed-off-by: Zhai Edwin <edwin.zhai@intel.com> | ||
4 | |||
5 | Index: webmin-1.570/proftpd/config | ||
6 | =================================================================== | ||
7 | --- webmin-1.570.orig/proftpd/config 2011-10-25 20:18:37.000000000 +0800 | ||
8 | +++ webmin-1.570/proftpd/config 2011-10-25 20:21:13.000000000 +0800 | ||
9 | @@ -1,6 +1,6 @@ | ||
10 | -proftpd_path=/usr/local/sbin/proftpd | ||
11 | -proftpd_conf=/usr/local/etc/proftpd.conf | ||
12 | -pid_file=/usr/local/var/proftpd.pid | ||
13 | +proftpd_path=/usr/sbin/proftpd | ||
14 | +proftpd_conf=/etc/proftpd.conf | ||
15 | +pid_file=/var/proftpd.pid | ||
16 | ftpusers=/etc/ftpusers | ||
17 | test_config=1 | ||
18 | test_always=0 | ||
diff --git a/meta-webserver/recipes-webadmin/webmin/files/remove-python2.3.patch b/meta-webserver/recipes-webadmin/webmin/files/remove-python2.3.patch new file mode 100644 index 000000000..75e5bd1ea --- /dev/null +++ b/meta-webserver/recipes-webadmin/webmin/files/remove-python2.3.patch | |||
@@ -0,0 +1,25 @@ | |||
1 | From 6f04699d5d417122b67e8118fd1955c769f17e76 Mon Sep 17 00:00:00 2001 | ||
2 | From: Robert Yang <liezhi.yang@windriver.com> | ||
3 | Date: Tue, 2 Sep 2014 00:11:05 -0700 | ||
4 | Subject: [PATCH] ajaxterm/ajaxterm/qweb.py: fix hardcode of python2.3 | ||
5 | |||
6 | Upstream-Status: Pending | ||
7 | |||
8 | Signed-off-by: Robert Yang <liezhi.yang@windriver.com> | ||
9 | --- | ||
10 | ajaxterm/ajaxterm/qweb.py | 2 +- | ||
11 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
12 | |||
13 | diff --git a/ajaxterm/ajaxterm/qweb.py b/ajaxterm/ajaxterm/qweb.py | ||
14 | index 20c5092..c658a6b 100644 | ||
15 | --- a/ajaxterm/ajaxterm/qweb.py | ||
16 | +++ b/ajaxterm/ajaxterm/qweb.py | ||
17 | @@ -1,4 +1,4 @@ | ||
18 | -#!/usr/bin/python2.3 | ||
19 | +#!/usr/bin/env python | ||
20 | # | ||
21 | # vim:set et ts=4 fdc=0 fdn=2 fdl=0: | ||
22 | # | ||
23 | -- | ||
24 | 1.7.9.5 | ||
25 | |||
diff --git a/meta-webserver/recipes-webadmin/webmin/files/remove-startup-option.patch b/meta-webserver/recipes-webadmin/webmin/files/remove-startup-option.patch new file mode 100644 index 000000000..8493af852 --- /dev/null +++ b/meta-webserver/recipes-webadmin/webmin/files/remove-startup-option.patch | |||
@@ -0,0 +1,29 @@ | |||
1 | # Remove "start on boot" option from webmin configuration, as | ||
2 | # end-users should not need to configure this from the web interface | ||
3 | # | ||
4 | # Upstream-status: Inappropriate | ||
5 | # | ||
6 | # Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> | ||
7 | --- webmin-1.570.orig/webmin/index.cgi | ||
8 | +++ webmin-1.570/webmin/index.cgi | ||
9 | @@ -79,20 +79,6 @@ print &ui_buttons_start(); | ||
10 | my %miniserv; | ||
11 | &get_miniserv_config(\%miniserv); | ||
12 | |||
13 | -if (&foreign_check("init")) { | ||
14 | - &foreign_require("init", "init-lib.pl"); | ||
15 | - my $starting = &init::action_status("webmin"); | ||
16 | - print &ui_buttons_row("bootup.cgi", | ||
17 | - $text{'index_boot'}, | ||
18 | - $text{'index_bootmsg'}. | ||
19 | - ($miniserv{'inetd'} ? "<b>$text{'index_inetd'}</b>" : | ||
20 | - !$ENV{'MINISERV_CONFIG'} ? "<b>$text{'index_apache'}</b>" : ""), | ||
21 | - &ui_hidden("starting", $starting), | ||
22 | - &ui_radio("boot", $starting == 2 ? 1 : 0, | ||
23 | - [ [ 1, $text{'yes'} ], | ||
24 | - [ 0, $text{'no'} ] ])); | ||
25 | - } | ||
26 | - | ||
27 | # Restart Webmin | ||
28 | if (!$miniserv{'inetd'} && $ENV{'MINISERV_CONFIG'}) { | ||
29 | print &ui_buttons_row("restart.cgi", | ||
diff --git a/meta-webserver/recipes-webadmin/webmin/files/samba-config-fix.patch b/meta-webserver/recipes-webadmin/webmin/files/samba-config-fix.patch new file mode 100644 index 000000000..46645ac30 --- /dev/null +++ b/meta-webserver/recipes-webadmin/webmin/files/samba-config-fix.patch | |||
@@ -0,0 +1,32 @@ | |||
1 | Upstream-status: Inappropriate [configuration] | ||
2 | |||
3 | Signed-off-by: Zhai Edwin <edwin.zhai@intel.com> | ||
4 | |||
5 | Index: webmin-1.570/samba/config-generic-linux | ||
6 | =================================================================== | ||
7 | --- webmin-1.570.orig/samba/config-generic-linux 2011-10-25 20:11:35.000000000 +0800 | ||
8 | +++ webmin-1.570/samba/config-generic-linux 2011-10-25 20:15:41.000000000 +0800 | ||
9 | @@ -1,15 +1,15 @@ | ||
10 | list_printers_command=lpc status | grep "[A-z0-9]:" | sed -e 's/://g' | ||
11 | -smb_passwd=/usr/local/samba/private/smbpasswd | ||
12 | +smb_passwd=/usr/bin/smbpasswd | ||
13 | text_lists=0 | ||
14 | dont_convert=-499 | ||
15 | -name_server=/usr/local/samba/bin/nmbd | ||
16 | -smb_conf=/usr/local/samba/lib/smb.conf | ||
17 | -samba_server=/usr/local/samba/bin/smbd | ||
18 | +name_server=/usr/sbin/nmbd | ||
19 | +smb_conf=/etc/samba/smb.conf | ||
20 | +samba_server=/usr/sbin/smbd | ||
21 | run_from_inetd=0 | ||
22 | -samba_password_program=/usr/local/samba/bin/smbpasswd | ||
23 | -samba_status_program=/usr/local/samba/bin/smbstatus | ||
24 | +samba_password_program=/usr/bin/smbpasswd | ||
25 | +samba_status_program=/usr/bin/smbstatus | ||
26 | swat_path=/usr/local/samba/bin/swat | ||
27 | sort_mode=0 | ||
28 | smbgroupedit=/usr/local/samba/bin/smbgroupedit | ||
29 | -pdbedit=/usr/local/samba/bin/pdbedit | ||
30 | -net=/usr/local/samba/bin/net | ||
31 | +pdbedit=/usr/bin/pdbedit | ||
32 | +net=/usr/bin/net | ||
diff --git a/meta-webserver/recipes-webadmin/webmin/files/setup.sh b/meta-webserver/recipes-webadmin/webmin/files/setup.sh new file mode 100755 index 000000000..8d24f928f --- /dev/null +++ b/meta-webserver/recipes-webadmin/webmin/files/setup.sh | |||
@@ -0,0 +1,340 @@ | |||
1 | #!/bin/sh | ||
2 | # Modified version of setup.sh distributed with webmin | ||
3 | |||
4 | if [ "$wadir" = "" ]; then | ||
5 | echo "ERROR: wadir not specified" | ||
6 | echo "" | ||
7 | exit 1 | ||
8 | fi | ||
9 | |||
10 | config_dir_runtime=$config_dir | ||
11 | config_dir=$prefix$config_dir | ||
12 | |||
13 | wadir_runtime=$wadir | ||
14 | wadir=$prefix$wadir | ||
15 | |||
16 | ver=`cat "$wadir/version"` | ||
17 | |||
18 | cd "$wadir" | ||
19 | |||
20 | # Work out perl library path | ||
21 | PERLLIB=$wadir | ||
22 | |||
23 | # Validate source directory | ||
24 | allmods=`cd "$wadir"; echo */module.info | sed -e 's/\/module.info//g'` | ||
25 | if [ "$allmods" = "" ]; then | ||
26 | echo "ERROR: Failed to get module list" | ||
27 | echo "" | ||
28 | exit 1 | ||
29 | fi | ||
30 | echo "" | ||
31 | |||
32 | if [ "$login" = "webmin" ]; then | ||
33 | echo "ERROR: Username 'webmin' is reserved for internal use" | ||
34 | echo "" | ||
35 | exit 14 | ||
36 | fi | ||
37 | |||
38 | # Create webserver config file | ||
39 | echo $perl > $config_dir/perl-path | ||
40 | echo $var_dir > $config_dir/var-path | ||
41 | echo "Creating web server config files.." | ||
42 | cfile=$config_dir/miniserv.conf | ||
43 | echo "port=$port" >> $cfile | ||
44 | echo "root=$wadir_runtime" >> $cfile | ||
45 | echo "mimetypes=$wadir_runtime/mime.types" >> $cfile | ||
46 | echo "addtype_cgi=internal/cgi" >> $cfile | ||
47 | echo "realm=Webmin Server" >> $cfile | ||
48 | echo "logfile=$var_dir/miniserv.log" >> $cfile | ||
49 | echo "errorlog=$var_dir/miniserv.error" >> $cfile | ||
50 | echo "pidfile=$var_dir/miniserv.pid" >> $cfile | ||
51 | echo "logtime=168" >> $cfile | ||
52 | echo "ppath=$ppath" >> $cfile | ||
53 | echo "ssl=$ssl" >> $cfile | ||
54 | echo "env_WEBMIN_CONFIG=$config_dir_runtime" >> $cfile | ||
55 | echo "env_WEBMIN_VAR=$var_dir" >> $cfile | ||
56 | echo "atboot=$atboot" >> $cfile | ||
57 | echo "logout=$config_dir_runtime/logout-flag" >> $cfile | ||
58 | if [ "$listen" != "" ]; then | ||
59 | echo "listen=$listen" >> $cfile | ||
60 | else | ||
61 | echo "listen=10000" >> $cfile | ||
62 | fi | ||
63 | echo "denyfile=\\.pl\$" >> $cfile | ||
64 | echo "log=1" >> $cfile | ||
65 | echo "blockhost_failures=5" >> $cfile | ||
66 | echo "blockhost_time=60" >> $cfile | ||
67 | echo "syslog=1" >> $cfile | ||
68 | if [ "$allow" != "" ]; then | ||
69 | echo "allow=$allow" >> $cfile | ||
70 | fi | ||
71 | if [ "$session" != "" ]; then | ||
72 | echo "session=$session" >> $cfile | ||
73 | else | ||
74 | echo "session=1" >> $cfile | ||
75 | fi | ||
76 | if [ "$pam" != "" ]; then | ||
77 | echo "pam=$pam" >> $cfile | ||
78 | fi | ||
79 | if [ "$no_pam" != "" ]; then | ||
80 | echo "no_pam=$no_pam" >> $cfile | ||
81 | fi | ||
82 | echo premodules=WebminCore >> $cfile | ||
83 | echo "server=MiniServ/$ver" >> $cfile | ||
84 | |||
85 | md5pass=`$perl -e 'print crypt("test", "\\$1\\$A9wB3O18\\$zaZgqrEmb9VNltWTL454R/") eq "\\$1\\$A9wB3O18\\$zaZgqrEmb9VNltWTL454R/" ? "1\n" : "0\n"'` | ||
86 | |||
87 | ufile=$config_dir/miniserv.users | ||
88 | if [ "$crypt" != "" ]; then | ||
89 | echo "$login:$crypt:0" > $ufile | ||
90 | else | ||
91 | if [ "$md5pass" = "1" ]; then | ||
92 | $perl -e 'print "$ARGV[0]:",crypt($ARGV[1], "\$1\$XXXXXXXX"),":0\n"' "$login" "$password" > $ufile | ||
93 | else | ||
94 | $perl -e 'print "$ARGV[0]:",crypt($ARGV[1], "XX"),":0\n"' "$login" "$password" > $ufile | ||
95 | fi | ||
96 | fi | ||
97 | chmod 600 $ufile | ||
98 | echo "userfile=$config_dir_runtime/miniserv.users" >> $cfile | ||
99 | |||
100 | kfile=$config_dir/miniserv.pem | ||
101 | openssl version >/dev/null 2>&1 | ||
102 | if [ "$?" = "0" ]; then | ||
103 | # We can generate a new SSL key for this host | ||
104 | host=`hostname` | ||
105 | openssl req -newkey rsa:512 -x509 -nodes -out $tempdir/cert -keyout $tempdir/key -days 1825 >/dev/null 2>&1 <<EOF | ||
106 | . | ||
107 | . | ||
108 | . | ||
109 | Webmin Webserver on $host | ||
110 | . | ||
111 | * | ||
112 | root@$host | ||
113 | EOF | ||
114 | if [ "$?" = "0" ]; then | ||
115 | cat $tempdir/cert $tempdir/key >$kfile | ||
116 | fi | ||
117 | rm -f $tempdir/cert $tempdir/key | ||
118 | fi | ||
119 | if [ ! -r $kfile ]; then | ||
120 | # Fall back to the built-in key | ||
121 | cp "$wadir/miniserv.pem" $kfile | ||
122 | fi | ||
123 | chmod 600 $kfile | ||
124 | echo "keyfile=$config_dir_runtime/miniserv.pem" >> $cfile | ||
125 | |||
126 | chmod 600 $cfile | ||
127 | echo "..done" | ||
128 | echo "" | ||
129 | |||
130 | echo "Creating access control file.." | ||
131 | afile=$config_dir/webmin.acl | ||
132 | rm -f $afile | ||
133 | if [ "$defaultmods" = "" ]; then | ||
134 | echo "$login: $allmods" >> $afile | ||
135 | else | ||
136 | echo "$login: $defaultmods" >> $afile | ||
137 | fi | ||
138 | chmod 600 $afile | ||
139 | echo "..done" | ||
140 | echo "" | ||
141 | |||
142 | if [ "$login" != "root" -a "$login" != "admin" ]; then | ||
143 | # Allow use of RPC by this user | ||
144 | echo rpc=1 >>$config_dir/$login.acl | ||
145 | fi | ||
146 | |||
147 | if [ "$noperlpath" = "" ]; then | ||
148 | echo "Inserting path to perl into scripts.." | ||
149 | (find "$wadir" -name '*.cgi' -print ; find "$wadir" -name '*.pl' -print) | $perl "$wadir/perlpath.pl" $perl_runtime - | ||
150 | echo "..done" | ||
151 | echo "" | ||
152 | fi | ||
153 | |||
154 | echo "Creating start and stop scripts.." | ||
155 | rm -f $config_dir/stop $config_dir/start $config_dir/restart $config_dir/reload | ||
156 | echo "#!/bin/sh" >>$config_dir/start | ||
157 | echo "echo Starting Webmin server in $wadir_runtime" >>$config_dir/start | ||
158 | echo "trap '' 1" >>$config_dir/start | ||
159 | echo "LANG=" >>$config_dir/start | ||
160 | echo "export LANG" >>$config_dir/start | ||
161 | echo "#PERLIO=:raw" >>$config_dir/start | ||
162 | echo "unset PERLIO" >>$config_dir/start | ||
163 | echo "export PERLIO" >>$config_dir/start | ||
164 | echo "PERLLIB=$PERLLIB" >>$config_dir/start | ||
165 | echo "export PERLLIB" >>$config_dir/start | ||
166 | uname -a | grep -i 'HP/*UX' >/dev/null | ||
167 | if [ $? = "0" ]; then | ||
168 | echo "exec '$wadir_runtime/miniserv.pl' $config_dir_runtime/miniserv.conf &" >>$config_dir/start | ||
169 | else | ||
170 | echo "exec '$wadir_runtime/miniserv.pl' $config_dir_runtime/miniserv.conf" >>$config_dir/start | ||
171 | fi | ||
172 | |||
173 | echo "#!/bin/sh" >>$config_dir/stop | ||
174 | echo "echo Stopping Webmin server in $wadir_runtime" >>$config_dir/stop | ||
175 | echo "pidfile=\`grep \"^pidfile=\" $config_dir_runtime/miniserv.conf | sed -e 's/pidfile=//g'\`" >>$config_dir/stop | ||
176 | echo "kill \`cat \$pidfile\`" >>$config_dir/stop | ||
177 | |||
178 | echo "#!/bin/sh" >>$config_dir/restart | ||
179 | echo "$config_dir_runtime/stop && $config_dir_runtime/start" >>$config_dir/restart | ||
180 | |||
181 | echo "#!/bin/sh" >>$config_dir/reload | ||
182 | echo "echo Reloading Webmin server in $wadir_runtime" >>$config_dir/reload | ||
183 | echo "pidfile=\`grep \"^pidfile=\" $config_dir_runtime/miniserv.conf | sed -e 's/pidfile=//g'\`" >>$config_dir/reload | ||
184 | echo "kill -USR1 \`cat \$pidfile\`" >>$config_dir/reload | ||
185 | |||
186 | chmod 755 $config_dir/start $config_dir/stop $config_dir/restart $config_dir/reload | ||
187 | echo "..done" | ||
188 | echo "" | ||
189 | |||
190 | if [ "$upgrading" = 1 ]; then | ||
191 | echo "Updating config files.." | ||
192 | else | ||
193 | echo "Copying config files.." | ||
194 | fi | ||
195 | newmods=`$perl "$wadir/copyconfig.pl" "$os_type/$real_os_type" "$os_version/$real_os_version" "$wadir" $config_dir "" $allmods` | ||
196 | # Store the OS and version | ||
197 | echo "os_type=$os_type" >> $config_dir/config | ||
198 | echo "os_version=$os_version" >> $config_dir/config | ||
199 | echo "real_os_type=$real_os_type" >> $config_dir/config | ||
200 | echo "real_os_version=$real_os_version" >> $config_dir/config | ||
201 | if [ -r /etc/system.cnf ]; then | ||
202 | # Found a caldera system config file .. get the language | ||
203 | source /etc/system.cnf | ||
204 | if [ "$CONF_LST_LANG" = "us" ]; then | ||
205 | CONF_LST_LANG=en | ||
206 | elif [ "$CONF_LST_LANG" = "uk" ]; then | ||
207 | CONF_LST_LANG=en | ||
208 | fi | ||
209 | grep "lang=$CONF_LST_LANG," "$wadir/lang_list.txt" >/dev/null 2>&1 | ||
210 | if [ "$?" = 0 ]; then | ||
211 | echo "lang=$CONF_LST_LANG" >> $config_dir/config | ||
212 | fi | ||
213 | fi | ||
214 | |||
215 | # Turn on logging by default | ||
216 | echo "log=1" >> $config_dir/config | ||
217 | |||
218 | # Use licence module specified by environment variable | ||
219 | if [ "$licence_module" != "" ]; then | ||
220 | echo licence_module=$licence_module >>$config_dir/config | ||
221 | fi | ||
222 | |||
223 | # Disallow unknown referers by default | ||
224 | echo "referers_none=1" >>$config_dir/config | ||
225 | echo $ver > $config_dir/version | ||
226 | echo "..done" | ||
227 | echo "" | ||
228 | |||
229 | # Set passwd_ fields in miniserv.conf from global config | ||
230 | for field in passwd_file passwd_uindex passwd_pindex passwd_cindex passwd_mindex; do | ||
231 | grep $field= $config_dir/miniserv.conf >/dev/null | ||
232 | if [ "$?" != "0" ]; then | ||
233 | grep $field= $config_dir/config >> $config_dir/miniserv.conf | ||
234 | fi | ||
235 | done | ||
236 | grep passwd_mode= $config_dir/miniserv.conf >/dev/null | ||
237 | if [ "$?" != "0" ]; then | ||
238 | echo passwd_mode=0 >> $config_dir/miniserv.conf | ||
239 | fi | ||
240 | |||
241 | # If Perl crypt supports MD5, then make it the default | ||
242 | if [ "$md5pass" = "1" ]; then | ||
243 | echo md5pass=1 >> $config_dir/config | ||
244 | fi | ||
245 | |||
246 | # Set a special theme if none was set before | ||
247 | if [ "$theme" = "" ]; then | ||
248 | theme=`cat "$wadir/defaulttheme" 2>/dev/null` | ||
249 | fi | ||
250 | oldthemeline=`grep "^theme=" $config_dir/config` | ||
251 | oldtheme=`echo $oldthemeline | sed -e 's/theme=//g'` | ||
252 | if [ "$theme" != "" ] && [ "$oldthemeline" = "" ] && [ -d "$wadir/$theme" ]; then | ||
253 | themelist=$theme | ||
254 | fi | ||
255 | |||
256 | # Set a special overlay if none was set before | ||
257 | if [ "$overlay" = "" ]; then | ||
258 | overlay=`cat "$wadir/defaultoverlay" 2>/dev/null` | ||
259 | fi | ||
260 | if [ "$overlay" != "" ] && [ "$theme" != "" ] && [ -d "$wadir/$overlay" ]; then | ||
261 | themelist="$themelist $overlay" | ||
262 | fi | ||
263 | |||
264 | # Apply the theme and maybe overlay | ||
265 | if [ "$themelist" != "" ]; then | ||
266 | echo "theme=$themelist" >> $config_dir/config | ||
267 | echo "preroot=$themelist" >> $config_dir/miniserv.conf | ||
268 | fi | ||
269 | |||
270 | # Set the product field in the global config | ||
271 | grep product= $config_dir/config >/dev/null | ||
272 | if [ "$?" != "0" ]; then | ||
273 | echo product=webmin >> $config_dir/config | ||
274 | fi | ||
275 | |||
276 | if [ "$makeboot" = "1" ]; then | ||
277 | echo "Configuring Webmin to start at boot time.." | ||
278 | (cd "$wadir/init" ; WEBMIN_CONFIG=$config_dir WEBMIN_VAR=$var_dir "$wadir/init/atboot.pl" $bootscript) | ||
279 | echo "..done" | ||
280 | echo "" | ||
281 | fi | ||
282 | |||
283 | # If password delays are not specifically disabled, enable them | ||
284 | grep passdelay= $config_dir/miniserv.conf >/dev/null | ||
285 | if [ "$?" != "0" ]; then | ||
286 | echo passdelay=1 >> $config_dir/miniserv.conf | ||
287 | fi | ||
288 | |||
289 | echo "Changing ownership and permissions .." | ||
290 | # Make all config dirs non-world-readable | ||
291 | for m in $newmods; do | ||
292 | chown -R root $config_dir/$m | ||
293 | chgrp -R bin $config_dir/$m | ||
294 | chmod -R og-rw $config_dir/$m | ||
295 | done | ||
296 | # Make miniserv config files non-world-readable | ||
297 | for f in miniserv.conf miniserv.pem miniserv.users; do | ||
298 | chown -R root $config_dir/$f | ||
299 | chgrp -R bin $config_dir/$f | ||
300 | chmod -R og-rw $config_dir/$f | ||
301 | done | ||
302 | chmod +r $config_dir/version | ||
303 | if [ "$nochown" = "" ]; then | ||
304 | # Make program directory non-world-writable, but executable | ||
305 | chown -R root "$wadir" | ||
306 | chgrp -R bin "$wadir" | ||
307 | chmod -R og-w "$wadir" | ||
308 | chmod -R a+rx "$wadir" | ||
309 | fi | ||
310 | if [ $var_dir != "/var" ]; then | ||
311 | # Make log directory non-world-readable or writable | ||
312 | chown -R root $prefix$var_dir | ||
313 | chgrp -R bin $prefix$var_dir | ||
314 | chmod -R og-rwx $prefix$var_dir | ||
315 | fi | ||
316 | # Fix up bad permissions from some older installs | ||
317 | for m in ldap-client ldap-server ldap-useradmin mailboxes mysql postgresql servers virtual-server; do | ||
318 | if [ -d "$config_dir/$m" ]; then | ||
319 | chown root $config_dir/$m | ||
320 | chgrp bin $config_dir/$m | ||
321 | chmod og-rw $config_dir/$m | ||
322 | chmod og-rw $config_dir/$m/config 2>/dev/null | ||
323 | fi | ||
324 | done | ||
325 | |||
326 | if [ "$nopostinstall" = "" ]; then | ||
327 | echo "Running postinstall scripts .." | ||
328 | (cd "$wadir" ; WEBMIN_CONFIG=$config_dir WEBMIN_VAR=$var_dir "$wadir/run-postinstalls.pl") | ||
329 | echo "..done" | ||
330 | echo "" | ||
331 | fi | ||
332 | |||
333 | # Enable background collection | ||
334 | if [ "$upgrading" != 1 -a -r $config_dir/system-status/enable-collection.pl ]; then | ||
335 | echo "Enabling background status collection .." | ||
336 | $config_dir/system-status/enable-collection.pl 5 | ||
337 | echo "..done" | ||
338 | echo "" | ||
339 | fi | ||
340 | |||
diff --git a/meta-webserver/recipes-webadmin/webmin/webmin_1.700.bb b/meta-webserver/recipes-webadmin/webmin/webmin_1.700.bb new file mode 100644 index 000000000..2a363cbcf --- /dev/null +++ b/meta-webserver/recipes-webadmin/webmin/webmin_1.700.bb | |||
@@ -0,0 +1,150 @@ | |||
1 | SUMMARY = "Web-based administration interface" | ||
2 | HOMEPAGE = "http://www.webmin.com" | ||
3 | LICENSE = "BSD" | ||
4 | LIC_FILES_CHKSUM = "file://LICENCE;md5=0373ac9f611e542ddebe1ec6394afc3c" | ||
5 | |||
6 | SRC_URI = "${SOURCEFORGE_MIRROR}/webadmin/webmin-${PV}.tar.gz \ | ||
7 | file://setup.sh \ | ||
8 | file://init-exclude.patch \ | ||
9 | file://net-generic.patch \ | ||
10 | file://remove-startup-option.patch \ | ||
11 | file://disable-version-check.patch \ | ||
12 | file://nfs-export.patch \ | ||
13 | file://exports-lib.pl.patch \ | ||
14 | file://mount-excludefs.patch \ | ||
15 | file://samba-config-fix.patch \ | ||
16 | file://proftpd-config-fix.patch \ | ||
17 | file://net-lib.pl.patch \ | ||
18 | file://media-tomb.patch \ | ||
19 | file://remove-python2.3.patch \ | ||
20 | " | ||
21 | |||
22 | SRC_URI[md5sum] = "e5261114a6a6ed10caf570d3239ed5b7" | ||
23 | SRC_URI[sha256sum] = "1a6a8aa62c32c04932b902d17fc1864ee8f3fba03012bd25f709aa65e7e9b0f2" | ||
24 | |||
25 | inherit perlnative update-rc.d | ||
26 | |||
27 | do_configure() { | ||
28 | # Remove binaries and plugins for other platforms | ||
29 | rm -rf acl/Authen-SolarisRBAC-0.1* | ||
30 | rm -rf format bsdexports hpuxexports sgiexports | ||
31 | rm -rf zones rbac smf ipfw ipfilter dfsadmin | ||
32 | rm -f mount/freebsd-mounts* mount/netbsd-mounts* | ||
33 | rm -f mount/openbsd-mounts* mount/macos-mounts* | ||
34 | |||
35 | # Remove some plugins for the moment | ||
36 | rm -rf lilo frox wuftpd telnet pserver cpan shorewall webalizer cfengine fsdump pap | ||
37 | rm -rf majordomo fetchmail sendmail mailboxes procmail filter mailcap dovecot exim spam qmailadmin postfix | ||
38 | rm -rf stunnel squid sarg pptp-client pptp-server jabber openslp sentry cluster-* vgetty burner heartbeat | ||
39 | |||
40 | # Adjust configs | ||
41 | [ -f init/config-debian-linux ] && mv init/config-debian-linux init/config-generic-linux | ||
42 | sed -i "s/shutdown_command=.*/shutdown_command=poweroff/" init/config-generic-linux | ||
43 | echo "exclude=bootmisc.sh,single,halt,reboot,hostname.sh,modutils.sh,mountall.sh,mountnfs.sh,networking,populate-volatile.sh,rmnologin.sh,save-rtc.sh,umountfs,umountnfs.sh,hwclock.sh,checkroot.sh,banner.sh,udev,udev-cache,devpts.sh,psplash.sh,sendsigs,fbsetup,bootlogd,stop-bootlogd,sysfs.sh,syslog,syslog.busybox,urandom,webmin,functions.initscripts,read-only-rootfs-hook.sh" >> init/config-generic-linux | ||
44 | echo "excludefs=devpts,devtmpfs,usbdevfs,proc,tmpfs,sysfs,debugfs" >> mount/config-generic-linux | ||
45 | |||
46 | [ -f exports/config-debian-linux ] && mv exports/config-debian-linux exports/config-generic-linux | ||
47 | sed -i "s/killall -HUP rpc.nfsd && //" exports/config-generic-linux | ||
48 | sed -i "s/netstd_nfs/nfsserver/g" exports/config-generic-linux | ||
49 | |||
50 | # Fix insane naming that causes problems at packaging time (must be done before deleting below) | ||
51 | find . -name "*\**" | while read from | ||
52 | do | ||
53 | to=`echo "$from" | sed "s/*/ALL/"` | ||
54 | mv "$from" "$to" | ||
55 | done | ||
56 | |||
57 | # Remove some other files we don't need | ||
58 | find . -name "config-*" -a \! -name "config-generic-linux" -a \! -name "config-ALL-linux" -a \! -name "*.pl" -delete | ||
59 | find . -regextype posix-extended -regex ".*/(openserver|aix|osf1|osf|openbsd|netbsd|freebsd|unixware|solaris|macos|irix|hpux|cygwin|windows)-lib\.pl" -delete | ||
60 | rm -f webmin-gentoo-init webmin-caldera-init webmin-debian-pam webmin-pam | ||
61 | |||
62 | # Don't need these at runtime (and we have our own setup script) | ||
63 | rm -f setup.sh | ||
64 | rm -f setup.pl | ||
65 | |||
66 | # Use pidof for finding PIDs | ||
67 | sed -i "s/find_pid_command=.*/find_pid_command=pidof NAME/" config-generic-linux | ||
68 | } | ||
69 | |||
70 | WEBMIN_LOGIN ?= "admin" | ||
71 | WEBMIN_PASSWORD ?= "password" | ||
72 | |||
73 | do_install() { | ||
74 | install -d ${D}${sysconfdir} | ||
75 | install -d ${D}${sysconfdir}/webmin | ||
76 | install -d ${D}${sysconfdir}/init.d | ||
77 | install -m 0755 webmin-init ${D}${sysconfdir}/init.d/webmin | ||
78 | |||
79 | install -d ${D}${localstatedir} | ||
80 | install -d ${D}${localstatedir}/webmin | ||
81 | |||
82 | install -d ${D}${libexecdir}/webmin | ||
83 | cp -pPR ${S}/* ${D}${libexecdir}/webmin | ||
84 | rm -f ${D}${libexecdir}/webmin/webmin-init | ||
85 | rm -rf ${D}${libexecdir}/webmin/patches | ||
86 | |||
87 | # Run setup script | ||
88 | export perl=perl | ||
89 | export perl_runtime=${bindir}/perl | ||
90 | export prefix=${D} | ||
91 | export tempdir=${S}/install_tmp | ||
92 | export wadir=${libexecdir}/webmin | ||
93 | export config_dir=${sysconfdir}/webmin | ||
94 | export var_dir=${localstatedir}/webmin | ||
95 | export os_type=generic-linux | ||
96 | export os_version=0 | ||
97 | export real_os_type="${DISTRO_NAME}" | ||
98 | export real_os_version="${DISTRO_VERSION}" | ||
99 | export port=10000 | ||
100 | export login=${WEBMIN_LOGIN} | ||
101 | export password=${WEBMIN_PASSWORD} | ||
102 | export ssl=0 | ||
103 | export atboot=1 | ||
104 | export no_pam=1 | ||
105 | mkdir -p $tempdir | ||
106 | ${S}/../setup.sh | ||
107 | } | ||
108 | |||
109 | INITSCRIPT_NAME = "webmin" | ||
110 | INITSCRIPT_PARAMS = "start 99 5 3 2 . stop 10 0 1 6 ." | ||
111 | |||
112 | # FIXME: some of this should be figured out automatically | ||
113 | RDEPENDS_${PN} += "perl perl-module-socket perl-module-exporter perl-module-exporter-heavy perl-module-carp perl-module-strict" | ||
114 | RDEPENDS_${PN} += "perl-module-warnings perl-module-xsloader perl-module-posix perl-module-autoloader" | ||
115 | RDEPENDS_${PN} += "perl-module-fcntl perl-module-tie-hash perl-module-vars perl-module-time-local perl-module-config perl-module-constant" | ||
116 | RDEPENDS_${PN} += "perl-module-file-glob perl-module-file-copy perl-module-sdbm perl-module-sdbm-file perl-module-feature" | ||
117 | |||
118 | PACKAGES_DYNAMIC += "webmin-module-* webmin-theme-*" | ||
119 | RRECOMMENDS_${PN} += "webmin-module-system-status" | ||
120 | |||
121 | PACKAGES += "${PN}-module-proc ${PN}-module-raid ${PN}-module-exports ${PN}-module-fdisk ${PN}-module-lvm" | ||
122 | RDEPENDS_${PN}-module-proc = "procps" | ||
123 | RDEPENDS_${PN}-module-raid = "mdadm" | ||
124 | RDEPENDS_${PN}-module-exports = "perl-module-file-basename perl-module-file-path perl-module-cwd perl-module-file-spec perl-module-file-spec-unix" | ||
125 | RRECOMMENDS_${PN}-module-fdisk = "parted" | ||
126 | RRECOMMENDS_${PN}-module-lvm = "lvm2" | ||
127 | |||
128 | python populate_packages_prepend() { | ||
129 | import os, os.path | ||
130 | |||
131 | wadir = bb.data.expand('${libexecdir}/webmin', d) | ||
132 | wadir_image = bb.data.expand('${D}', d) + wadir | ||
133 | modules = [] | ||
134 | themes = [] | ||
135 | for mod in os.listdir(wadir_image): | ||
136 | modinfo = os.path.join(wadir_image, mod, "module.info") | ||
137 | themeinfo = os.path.join(wadir_image, mod, "theme.info") | ||
138 | if os.path.exists(modinfo): | ||
139 | modules.append(mod) | ||
140 | elif os.path.exists(themeinfo): | ||
141 | themes.append(mod) | ||
142 | |||
143 | do_split_packages(d, wadir, '^(%s)$' % "|".join(modules), 'webmin-module-%s', 'Webmin module for %s', allow_dirs=True, prepend=True) | ||
144 | do_split_packages(d, wadir, '^(%s)$' % "|".join(themes), 'webmin-theme-%s', 'Webmin theme for %s', allow_dirs=True, prepend=True) | ||
145 | } | ||
146 | |||
147 | # Time-savers | ||
148 | package_do_pkgconfig() { | ||
149 | : | ||
150 | } | ||