summaryrefslogtreecommitdiffstats
path: root/meta-webserver
Commit message (Collapse)AuthorAgeFilesLines
* phpmyadmin: upgrade 4.8.5 -> 4.9.0.1Yi Zhao2019-06-151-2/+2
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* xdebug: upgrade 2.7.0RC2 -> 2.7.2Yi Zhao2019-06-151-2/+2
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* fcgi: upgrade 2.4.1+git -> 2.4.2Yi Zhao2019-06-152-22/+3
| | | | | | | | Remove add_foreign_to_AM_INIT_AUTOMAKE.patch as the issue had been fixed upstream. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: fix kill path in nginx systemd unit filenick83ola2019-05-272-2/+2
| | | | | | | the kill utility is located in /bin/kill -> use base_bindir instead of bindir Signed-off-by: Nicola Lunghi <nick83ola@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: add PACKAGECONFIG[http-auth-request]nick83ola2019-05-271-0/+1
| | | | | Signed-off-by: Nicola Lunghi <nick83ola@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: update stable version to 1.16.0nick83ola2019-05-272-10/+10
| | | | | | | | | | | | | The LIC_FILES_CHKSUM needs also to be updated due to the updated year in the LICENSE file - * Copyright (C) 2002-2018 Igor Sysoev - * Copyright (C) 2011-2018 Nginx, Inc. + * Copyright (C) 2002-2019 Igor Sysoev + * Copyright (C) 2011-2019 Nginx, Inc. Signed-off-by: Nicola Lunghi <nick83ola@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: update to version 1.17.0nick83ola2019-05-272-6/+6
| | | | | | | | | | | | | The LIC_FILES_CHKSUM needs also to be updated due to the updated year in the LICENSE file - * Copyright (C) 2002-2018 Igor Sysoev - * Copyright (C) 2011-2018 Nginx, Inc. + * Copyright (C) 2002-2019 Igor Sysoev + * Copyright (C) 2011-2019 Nginx, Inc. Signed-off-by: Nicola Lunghi <nick83ola@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache2: add all extra/*.conf to conffilesAlejandro del Castillo2019-05-231-1/+2
| | | | | Signed-off-by: Alejandro del Castillo <alejandro.delcastillo@ni.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* phpmyadmin: upgrade 4.8.3 -> 4.8.5Yi Zhao2019-05-021-2/+2
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache2: add back patch for set perlbinChangqing Li2019-04-292-0/+35
| | | | | | | | | | Add back this patch. Without this patch, apxs's shebang will use perl under hosttools, which can be too long for shebang, and cause error: bad interpreter: No such file or directory Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache2: Correct packaging of build and doc related filesPeter Kjellerstedt2019-04-271-2/+7
| | | | | | | | The build related files (${datadir}/${BPN}/build and ${bindir}/apxs) belong in the -dev package, and the manual belong in the -doc package. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache2: Correct appending to SYSROOT_PREPROCESS_FUNCSPeter Kjellerstedt2019-04-271-1/+1
| | | | | | | | A missing space lead to problems if something else was already added to SYSROOT_PREPROCESS_FUNCS. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache-websocket: upgrade to latest git revYi Zhao2019-04-161-5/+5
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache2: upgrade 2.4.34 -> 2.4.39Yi Zhao2019-04-1613-713/+157
| | | | | | | | | | | | | * Drop apache2-native recipe. Add native to BBCLASSEXTEND in apache2 recipe. * Refresh patches. Drop CVE-2018-11763.patch and apache-configure_perlbin.patch * Cleanup recipe file. Remove obsolete code. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* layer.conf: Add warrior to compatible release seriesKhem Raj2019-04-011-1/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache2: set CVE_PRODUCTQi.Chen@windriver.com2019-03-291-0/+2
| | | | | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* netdata: Link with libpthreadKhem Raj2019-03-071-0/+2
| | | | | | | | Fixes global_statistics.c:90: undefined reference to `__atomic_fetch_add_2' | collect2: error: ld returned 1 exit status Signed-off-by: Khem Raj <raj.khem@gmail.com>
* xdebug: upgrade 2.6.1 -> 2.7.0RC2Changqing Li2019-02-181-3/+3
| | | | | | | | | | License-Update: Change http://xdebug.org to https://xdebug.org everywhere php upgrade to 3.7.2, 2.6.1 not support php 3.x, need upgrade to 2.7 which support php 3.x. Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: add default proxy_paramsAndré Draszik2019-01-192-0/+7
| | | | | | | | | | | | | As per Debian packaging - to use it, see https://wiki.debian.org/Nginx/DirectoryStructure#Extra_Parameters This file is most commonly included when Nginx is acting as a reverse proxy: include /etc/nginx/proxy_params; proxy_pass http://localhost:8000; Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: configuration updateAndré Draszik2019-01-193-105/+62
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Restructure the main configuration file to simplify custom configuration: * support inclusion of configuration fragments from subdirectories: - /etc/nginx/modules-enabled/*.conf - /etc/nginx/conf.d/*.conf - /etc/nginx/sites-enabled/* * default site (port 80): - move into /etc/nginx/sites-available/default_server and enable via symlink in /etc/nginx/sites-enabled/ - listen on IPv6 - drop unneeded example fragments * configure and enable gzip * update TLS settings to drop SSLv3 and enable TLSv1.3 for some safer defaults * update remaining bits to follow Debian standard configuration https://salsa.debian.org/nginx-team/nginx/blob/62a54a8ba66ee6cc1b4f8a33dab9a6f27a3fdac4/debian/conf/nginx.conf * drop unneeded example configuration bits from /etc/nginx/*.default These changes, in particular the configuration fragment support allow to easily customise nginx based on individual requirements. In addition, it is now possible for other recipes / packages to drop fragments into the respective directories in /etc/nginx without having to meddle with /etc/nginx/nginx.conf Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: update systemd unit using nginx recommendationAndré Draszik2019-01-192-3/+8
| | | | | | | | | | | | | | | | | | Our systemd unit doesn't follow the official recommendation, see https://www.nginx.com/resources/wiki/start/topics/examples/systemd/ Most importantly: * it should start after some additional specific targets/units * using PrivateTmp is a useful security feature, in particular to avoid cross domain scripting via the temp folder * using systemd's $MAINPID, we can distinguish between multiple running nginx instances correctly Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* meta-webserver: add pkg group and imageArmin Kuster2019-01-133-0/+47
| | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: update stable version to 1.14.2Andrej Valek2018-12-111-2/+2
| | | | | Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: update to version 1.15.7Andrej Valek2018-12-102-6/+6
| | | | | Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache2: Fix CVE-2018-11763Mingli Yu2018-11-023-0/+514
| | | | | | | | | | | | mod_http2: connection IO event handling reworked. Instead of reacting on incoming bytes, the state machine now acts on incoming frames that are affecting it. This reduces state transitions. Reference: https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-11763.html Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* layers: Update layer compatibility to thudKhem Raj2018-09-301-1/+1
| | | | | | | | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Andreas Müller <schnitzeltony@googlemail.com> Cc: Derek Straka <derek@asterius.io> Cc: Tim Orling <TicoTimo@gmail.com> Cc: Hongxu Jia <hongxu.jia@windriver.com> Cc: Armin Kuster <akuster808@gmail.com> Cc: Joe MacDonald <joe_macdonald@mentor.com> Cc: Andrea Adami <andrea.adami@gmail.com>
* nginx: add PACKAGECONFIG[ssl]Max Kellermann2018-09-241-2/+4
| | | | | Signed-off-by: Max Kellermann <max.kellermann@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* phpmyadmin: upgrade 4.8.2 -> 4.8.3Yi Zhao2018-09-051-2/+2
| | | | | | | | | | | Security fixes: CVE-2018-15605: An issue was discovered in phpMyAdmin before 4.8.3. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache2: set files layout to debian styleYi Zhao2018-08-241-2/+4
| | | | | | | | | The default layout installs log files to /var/apache2/logs. But we assume the log directory is /var/log/apache2 in volatile.conf. Specify the layout to debian style to set the correct the log directory. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* xdebug: upgrade 2.6.0 -> 2.6.1Yi Zhao2018-08-211-2/+2
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: Upgrade to 1.15.2Khem Raj2018-08-152-6/+6
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nostromo: Add dep on virtual/cryptKhem Raj2018-08-151-1/+1
| | | | | | glibc 2.28+ this library is not part of libc package Signed-off-by: Khem Raj <raj.khem@gmail.com>
* hiawatha: Add missing dep on virtual/cryptKhem Raj2018-08-151-1/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* sthttpd: Add dependency on virtual/cryptKhem Raj2018-08-151-1/+1
| | | | | | | This is required with glibc 2.28+ where crypt is no longer part of glibc Signed-off-by: Khem Raj <raj.khem@gmail.com>
* phpmyadmin: add rdepend to php-cliChangqing Li2018-08-081-1/+1
| | | | | | | | | | | | phpmyadmin install some bin list below that depend on interpreter php, without rdepend, will report "Not found the interpreter php" /usr/share/phpmyadmin/vendor/phpmyadmin/sql-parser/bin/lint-query /usr/share/phpmyadmin/vendor/phpmyadmin/sql-parser/bin/tokenize-query /usr/share/phpmyadmin/vendor/phpmyadmin/sql-parser/bin/highlight-query Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache2: upgrade 2.4.33 -> 2.4.34Yi Zhao2018-07-272-4/+4
| | | | | | | | | | | | | Security fixes: CVE-2018-8011 mod_md: DoS via Coredumps on specially crafted requests CVE-2018-1333 mod_http2: DoS for HTTP/2 connections by specially crafted requests Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* hiawatha: use the correct CMAKE flag to disable TLSDerek Straka2018-07-121-1/+1
| | | | | Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: remove the 1.13 recipe in favor of the new dev branch of 1.5.xDerek Straka2018-07-122-10/+10
| | | | | Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nginx: enable thread pools by defaultDerek Straka2018-07-121-0/+1
| | | | | | | The thread pool feature can be enabled without significant extra binary size. Thread pools can increase performance by an order of magnitude on some configurations Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache2: upgrade 2.4.29 -> 2.4.33Yi Zhao2018-07-0512-141/+117
| | | | | | | | | | | | | | * License-Update: Correctly identify origin of util_pcre.c/ap_regex.h as pcreposix[.ch] and correct LICENSE/NOTICE to match. * Refresh patches with devtool * Drop useless patch apache-ssl-ltmain-rpath.patch * Move all patches to one directory Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* phpmyadmin: upgrade 4.7.9 -> 4.8.2Yi Zhao2018-07-031-3/+3
| | | | | | | License-Update: move js/jquery to js/vendor/jquery Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache2: Add PACKAGECONFIG zlib option for mod_deflateHaiqing Bai2018-06-291-0/+1
| | | | | | | | | The configure options '--enable-deflate' or '--with-z' make the package depends on zlib. PACKAGECONFIG should be defined to clear the dependency. Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* xdebug: add UPSTREAM_CHECK_REGEXYi Zhao2018-05-301-0/+2
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* fcgi: Update to 2.4.1+Adrian2018-05-263-23/+8
| | | | | | | | Update to latest from upstream. This adds pkg-config support. Fix_EOF_not_declared_issue.patch is obsolete, fix is upstream. Signed-off-by: Adrian Freihofer <adrian.freihofer@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* apache2/sthttpd: add alternatives for docHongxu Jia2018-05-172-2/+9
| | | | | | | | | | | | | | | There is a failure to install both of sthttpd-doc and apache2-doc to rootfs. ... |Error: Transaction check error: | file /usr/share/man/man1/htpasswd.1 conflicts between attempted installs of sthttpd-doc-2.27.1 -r0.0.armv7ahf_neon and apache2-doc-2.4.27 -r0.0.armv7ahf_neon ... Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nginx: update latest development version to 1.13.12Derek Straka2018-05-172-10/+10
| | | | | Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nginx: update stable version to 1.14.0Derek Straka2018-05-172-6/+6
| | | | | | | License-Update: Update license file for latest copyright date Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* xdebug: Add missing dep on re2c-nativeKhem Raj2018-05-011-1/+1
| | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* xdebug: update to 2.6.0Armin Kuster2018-04-131-2/+2
| | | | | | | fixes: checking Check for supported PHP versions... configure: error: not supported. Need a PHP version >= 5.5.0 and < 7.2.0 (found 7.2.4) Signed-off-by: Armin Kuster <akuster808@gmail.com>
* nginx: refresh patchesArmin Kuster2018-04-131-26/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | WARNING: nginx-1.12.2-r0 do_patch: Some of the context lines in patches were ignored. This can lead to incorrectly applied patches. The context lines in the patches can be updated with devtool: devtool modify <recipe> devtool finish --force-patch-refresh <recipe> <layer_path> Then the updated patches and the source tree (in devtool's workspace) should be reviewed to make sure the patches apply in the correct place and don't introduce duplicate lines (which can, and does happen when some of the context is ignored). Further information: http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450 Details: Applying patch nginx-cross.patch patching file auto/feature patching file auto/options Hunk #1 succeeded at 386 (offset 33 lines). Hunk #2 succeeded at 580 (offset 35 lines). Hunk #3 succeeded at 599 (offset 22 lines). patching file auto/types/sizeof patching file auto/unix Hunk #1 succeeded at 587 (offset 194 lines). Hunk #2 succeeded at 604 with fuzz 1 (offset 188 lines). Hunk #3 succeeded at 620 with fuzz 2 (offset 188 lines). Now at patch nginx-cross.patch Signed-off-by: Armin Kuster <akuster808@gmail.com>