mirror of
https://git.freebsd.org/ports.git
synced 2025-07-14 07:49:16 -04:00
cc99aa9fab
- fix apache-mpm-peruser graceful reload [1]
Changes with Apache 2.2.27
*) SECURITY: CVE-2014-0098 (cve.mitre.org)
Clean up cookie logging with fewer redundant string parsing passes.
Log only cookies with a value assignment. Prevents segfaults when
logging truncated cookies.
[William Rowe, Ruediger Pluem, Jim Jagielski]
*) SECURITY: CVE-2013-6438 (cve.mitre.org)
mod_dav: Keep track of length of cdata properly when removing
leading spaces. Eliminates a potential denial of service from
specifically crafted DAV WRITE requests
[Amin Tora <Amin.Tora neustar.biz>]
*) core: draft-ietf-httpbis-p1-messaging-23 corrections regarding
TE/CL conflicts. [Yann Ylavic <ylavic.dev gmail com>, Jim Jagielski]
*) mod_proxy_http: Core dumped under high load. PR 50335.
[Jan Kaluza <jkaluza redhat.com>]
*) proxy_util: NULL terminate the right buffer in 'send_http_connect'.
[Christophe Jaillet]
*) mod_proxy: Remove (never documented) <Proxy ~ wildcard-url> syntax which
is equivalent to <ProxyMatch wildcard-url>. [Christophe Jaillet]
*) mod_ldap: Fix a potential memory leak or corruption. PR 54936.
[Zhenbo Xu <zhenbo1987 gmail com>]
*) mod_ssl: Do not perform SNI / Host header comparison in case of a
forward proxy request. [Ruediger Pluem]
*) mod_rewrite: Add mod_rewrite.h to the headers installed on Windows.
PR46679 [Bob Ionescu]
PR: ports/182947 [1]
Submitted by: Andrew Azarov <andrew@azar-a.net> [1]
204 lines
5.6 KiB
Bash
204 lines
5.6 KiB
Bash
#!/bin/sh
|
|
#
|
|
# $FreeBSD$
|
|
#
|
|
|
|
# PROVIDE: apache22
|
|
# REQUIRE: LOGIN cleanvar sshd
|
|
# KEYWORD: shutdown
|
|
|
|
#
|
|
# Add the following lines to /etc/rc.conf to enable apache22:
|
|
# apache22_enable (bool): Set to "NO" by default.
|
|
# Set it to "YES" to enable apache22
|
|
# apache22_profiles (str): Set to "" by default.
|
|
# Define your profiles here.
|
|
# apache22limits_enable (bool):Set to "NO" by default.
|
|
# Set it to yes to run `limits $limits_args`
|
|
# just before apache starts.
|
|
# apache22_flags (str): Set to "" by default.
|
|
# Extra flags passed to start command.
|
|
# apache22limits_args (str): Default to "-e -C daemon"
|
|
# Arguments of pre-start limits run.
|
|
# apache22_http_accept_enable (bool): Set to "NO" by default.
|
|
# Set to yes to check for accf_http kernel
|
|
# module on start up and load if not loaded.
|
|
# apache22_fib (str): Set an altered default network view for apache
|
|
|
|
. /etc/rc.subr
|
|
|
|
name="apache22"
|
|
rcvar=apache22_enable
|
|
|
|
start_precmd="apache22_prestart"
|
|
restart_precmd="apache22_checkconfig"
|
|
reload_precmd="apache22_checkconfig"
|
|
reload_cmd="apache22_%%RELOAD_CMD%%"
|
|
graceful_cmd="apache22_graceful"
|
|
gracefulstop_cmd="apache22_gracefulstop"
|
|
configtest_cmd="apache22_checkconfig"
|
|
command="%%PREFIX%%/sbin/httpd"
|
|
_pidprefix="/var/run/httpd"
|
|
pidfile="${_pidprefix}.pid"
|
|
required_files=%%PREFIX%%/etc/apache22/httpd.conf
|
|
envvars="%%PREFIX%%/sbin/envvars"
|
|
|
|
[ -z "$apache22_enable" ] && apache22_enable="NO"
|
|
[ -z "$apache22limits_enable" ] && apache22limits_enable="NO"
|
|
[ -z "$apache22limits_args" ] && apache22limits_args="-e -C daemon"
|
|
[ -z "$apache22_http_accept_enable" ] && apache22_http_accept_enable="NO"
|
|
|
|
apache22_accf() {
|
|
|
|
if checkyesno apache22_http_accept_enable; then
|
|
/sbin/kldstat -v | grep accf_http > /dev/null 2>&1 || /sbin/kldload accf_http || return ${?}
|
|
/sbin/kldstat -v | grep accf_data > /dev/null 2>&1 || /sbin/kldload accf_data || return ${?}
|
|
else
|
|
apache22_flags="${apache22_flags} -DNOHTTPACCEPT"
|
|
fi
|
|
}
|
|
|
|
load_rc_config $name
|
|
|
|
if [ -n "$2" ]; then
|
|
profile="$2"
|
|
if [ "x${apache22_profiles}" != "x" ]; then
|
|
pidfile="${_pidprefix}.${profile}.pid"
|
|
eval apache22_configfile="\${apache22_${profile}_configfile:-}"
|
|
if [ "x${apache22_configfile}" = "x" ]; then
|
|
echo "You must define a configuration file (apache22_${profile}_configfile)"
|
|
exit 1
|
|
fi
|
|
required_files="${apache22_configfile}"
|
|
eval apache22_enable="\${apache22_${profile}_enable:-${apache22_enable}}"
|
|
eval apache22_flags="\${apache22_${profile}_flags:-${apache22_flags}}"
|
|
eval apache22_http_accept_enable="\${apache22_${profile}_http_accept_enable:-${apache22_http_accept_enable}}"
|
|
eval apache22limits_enable="\${apache22limits_${profile}_enable:-${apache22limits_enable}}"
|
|
eval apache22limits_args="\${apache22limits_${profile}_args:-${apache22limits_args}}"
|
|
eval apache22_fib="\${apache22_${profile}_fib:-${apache22_fib}}"
|
|
eval command="\${apache22_${profile}_command:-${command}}"
|
|
eval pidfile="\${apache22_${profile}_pidfile:-${pidfile}}"
|
|
eval apache22_envvars="\${apache22_${profile}_envvars:-${envvars}}"
|
|
apache22_flags="-f ${apache22_configfile} -c \"PidFile ${pidfile}\" ${apache22_flags}"
|
|
else
|
|
echo "$0: extra argument ignored"
|
|
fi
|
|
else
|
|
eval apache22_envvars=${envvars}
|
|
if [ "x${apache22_profiles}" != "x" -a "x$1" != "x" ]; then
|
|
for profile in ${apache22_profiles}; do
|
|
eval _enable="\${apache22_${profile}_enable}"
|
|
case "x${_enable:-${apache22_enable}}" in
|
|
x|x[Nn][Oo]|x[Nn][Oo][Nn][Ee])
|
|
continue
|
|
;;
|
|
x[Yy][Ee][Ss])
|
|
;;
|
|
*)
|
|
if test -z "$_enable"; then
|
|
_var=apache22_enable
|
|
else
|
|
_var=apache22_"${profile}"_enable
|
|
fi
|
|
echo "Bad value" \
|
|
"'${_enable:-${apache22_enable}}'" \
|
|
"for ${_var}. " \
|
|
"Profile ${profile} skipped."
|
|
continue
|
|
;;
|
|
esac
|
|
echo "===> apache22 profile: ${profile}"
|
|
%%PREFIX%%/etc/rc.d/apache22 $1 ${profile}
|
|
retcode="$?"
|
|
if [ "0${retcode}" -ne 0 ]; then
|
|
failed="${profile} (${retcode}) ${failed:-}"
|
|
else
|
|
success="${profile} ${success:-}"
|
|
fi
|
|
done
|
|
exit 0
|
|
fi
|
|
fi
|
|
|
|
if [ "${1}" != "stop" ] ; then \
|
|
apache22_accf
|
|
fi
|
|
|
|
apache22_requirepidfile()
|
|
{
|
|
apache22_checkconfig
|
|
|
|
if [ ! "0`check_pidfile ${pidfile} ${command}`" -gt 1 ]; then
|
|
echo "${name} not running? (check $pidfile)."
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
apache22_checkconfig()
|
|
{
|
|
if test -f ${apache22_envvars}
|
|
then
|
|
. ${apache22_envvars}
|
|
fi
|
|
|
|
echo "Performing sanity check on apache22 configuration:"
|
|
eval ${command} ${apache22_flags} -t
|
|
}
|
|
|
|
apache22_graceful() {
|
|
apache22_requirepidfile
|
|
|
|
echo "Performing a graceful restart"
|
|
eval ${command} ${apache22_flags} -k graceful
|
|
}
|
|
|
|
apache22_hrestart() {
|
|
apache22_requirepidfile
|
|
|
|
echo "Performing a graceful restart"
|
|
eval ${command} ${apache22_flags} -k restart
|
|
}
|
|
|
|
apache22_gracefulstop() {
|
|
apache22_requirepidfile
|
|
|
|
echo "Performing a graceful stop"
|
|
eval ${command} ${apache22_flags} -k graceful-stop
|
|
}
|
|
|
|
apache22_precmd()
|
|
{
|
|
apache22_checkconfig
|
|
|
|
if checkyesno apache22limits_enable
|
|
then
|
|
eval `/usr/bin/limits ${apache22limits_args}` 2>/dev/null
|
|
else
|
|
return 0
|
|
fi
|
|
|
|
}
|
|
|
|
apache22_checkfib () {
|
|
if command -v check_namevarlist > /dev/null 2>&1; then
|
|
check_namevarlist fib && return 0
|
|
fi
|
|
|
|
$SYSCTL net.fibs >/dev/null 2>&1 || return 0
|
|
|
|
apache22_fib=${apache22_fib:-"NONE"}
|
|
if [ "x$apache22_fib" != "xNONE" ]
|
|
then
|
|
command="/usr/sbin/setfib -F ${apache22_fib} ${command}"
|
|
else
|
|
return 0
|
|
fi
|
|
}
|
|
|
|
apache22_prestart() {
|
|
apache22_checkfib
|
|
apache22_precmd
|
|
}
|
|
|
|
extra_commands="reload graceful gracefulstop configtest"
|
|
run_rc_command "$1"
|