Commit graph

7 commits

Author SHA1 Message Date
obache
11b8c01a4d Update ap2-fcgid to 2.3.6.
Changes with mod_fcgid 2.3.6

  *) SECURITY: CVE-2010-3872 (cve.mitre.org)
     Fix possible stack buffer overwrite.  Diagnosed by the reporter.
     P R 49406.  [Edgar Frank <ef-lists email.de>]

  *) Change the default for FcgidMaxRequestLen from 1GB to 128K.
     Administrators should change this to an appropriate value based on
     site requirements.  [Jeff Trawick]

  *) Allow FastCGI apps more time to exit at shutdown before being
     forcefully killed.  [Jeff Trawick]

  *) Correct a problem that resulted in FcgidMaxProcesses being ignored
     in some situations.  P R 48981.  [<rkosolapov gmail.com>]

  *) Fix the search for processes with the proper vhost config when
     ServerName isn't set in every vhost or a module updates
     r->server->server_hostname dynamically (e.g., mod_vhost_cdb)
     or a module updates r->server dynamically (e.g., mod_vhost_ldap).
     [Jeff Trawick]

  *) FcgidPassHeader now maps header names to environment variable names
     in the usual manner: The header name is converted to upper case and
     is prefixed with HTTP_.  An additional environment variable is
     created with the legacy name.  P R 48964.  [Jeff Trawick]

  *) Allow processes to be reused within multiple phases of a request
     by releasing them into the free list as soon as possible.
     [Chris Darroch]

  *) Fix lookup of process command lines when using FcgidWrapper or
     access control directives, including within .htaccess files.
     [Chris Darroch]

  *) Resolve a regression in 2.3.5 with httpd 2.0.x on some Unix platforms;
     ownership of mutex files was incorrect, resulting in a startup failure.
     P R 48651.  [Jeff Trawick, <pservit gmail.com>]

  *) Return 500 instead of segfaulting when the application returns no output.
     [Tatsuki Sugiura <sugi nemui.org>, Jeff Trawick]

  *) In FCGI_AUTHORIZER role, avoid spawning a new process for every
     different HTTP request.  [Chris Darroch]
2010-11-23 11:55:15 +00:00
joerg
250c97c570 Deal with apxs fallout. 2010-07-02 20:50:34 +00:00
fhajny
35a6903023 Updated mod_fcgid to 2.3.5.
This covers the transition to ASF that mod_fcgi was donated to in the course
of 2009. No longer backwards compatible as far as configuration is concerned!

Changes with mod_fcgid 2.3.5
*) Stop using the unsuppressable "notice" log level for debug and
   informational messages.  PR 48536.  [Jeff Trawick]
*) Respect DEFAULT_REL_RUNTIMEDIR for default values of FcgidIPCDir and
   FcgidProcessTableFile.  [Jeff Trawick]
*) Resolve fatal EDEADLK errors with threaded MPMs on Solaris.  [Jeff Trawick]
*) Display information about active processes in the server-status page.
   [Ryan Pan]
*) Fix compatibility of httpd.conf-editing logic with non-GNU awk.  PR 48067.
   [Hans Werner Strube <strube physik3.gwdg.de>]
*) Fix startup errors creating shared memory in constrained systems, such
   as OS X in its default configuration.  This is a regression since mod_fcgid
   2.2.  [Jeff Trawick]
*) Recover from most "Resource temporarily unavailable" errors writing the
   request to the FastCGI application.  These were common with large request
   bodies on Mac OS X and intermittent on Solaris.  PR 48025.  [Jeff Trawick]
*) Fix a bug in fixconf.sed that resulted in a prefix of "FcgidFcgid" on the
   updated directives.  [Dan Hulme <dhulme gmail.com>]
*) Fix possible corruption or truncation of request bodies which exceed
   FcgidMaxRequestInMem.  This is a regression since mod_fcgid 2.2, which
   effectively ignored FcgidMaxRequestInMem if larger than 8K.  PR 48021.
   [Jeff Trawick]
*) Fix handling of the request body when a FastCGI access checker/
   authenticator/authorizer (AAA) was configured.  The body wasn't available
   for the request handler.  PR 47973.
   [Jeff Trawick, Barry Scott <barry.scott onelan.co.uk>]
*) Fix handling of FcgidCmdOptions so that it can apply to wrapper scripts
   which were defined with command-line arguments on the FcgidWrapper
   directive.  [Jeff Trawick]

Changes with mod_fcgid 2.3.4
*) Corrected unix 'make install' target regression in 2.3.3.  [Jeff Trawick]

Changes with mod_fcgid 2.3.3
*) Add FcgidCmdOptions directive to associate some of the existing
   configuration settings with a specific command.  [Jeff Trawick]
*) Allow/respect virtual host settings for the following directives:
   FcgidBusyTimeout, FcgidMaxProcessesPerClass, FcgidMinProcessesPerClass,
   FcgidIdleTimeout, and FcgidProcessLifetime.  [Jeff Trawick]

Changes with mod_fcgid 2.3.2
*) Fix a make install DESTDIR problem handling the reference manual and
   potentially other files (specific to 2.3.1).
   [Paul Howarth <paul city-fan.org>]
*) Fix a mod_fcgid 2.3.1 failure with <sys/mutex.h> when building for
   httpd 2.0.x on some platforms.  [Paul Howarth <paul city-fan.org>]
*) Termination of idle processes after inactivity timeout can now be
   disabled by setting FcgidIdleTimeout to 0.  Termination of idle
   processes based on the process lifetime can now be disabled by setting
   FcgidProcessLifeTime to 0.  FcgidMaxRequestsPerProcess now accepts 0
   for unlimited.  [Ricardo Cantu <ricardo smartcsc.com>]
*) All directives have been renamed in order to use a common prefix "Fcgid".
   Underscores in directive names have been eliminated in favor of
   CamelCase. The old directive names will still work but are deprecated.
   To fix your configuration you can use the sed script build/fixconf.sed.
   The following tables contains old and new directive names.
   Old Name                           New Name
   ...................................................................
   BusyScanInterval                   FcgidBusyScanInterval
   BusyTimeout                        FcgidBusyTimeout
   DefaultInitEnv                     FcgidInitialEnv
   DefaultMaxClassProcessCount        FcgidMaxProcessesPerClass
   DefaultMinClassProcessCount        FcgidMinProcessesPerClass
   ErrorScanInterval                  FcgidErrorScanInterval
   FastCgiAccessChecker               FcgidAccessChecker
   FastCgiAccessCheckerAuthoritative  FcgidAccessCheckerAuthoritative
   FastCgiAuthenticator               FcgidAuthenticator
   FastCgiAuthenticatorAuthoritative  FcgidAuthenticatorAuthoritative
   FastCgiAuthorizer                  FcgidAuthorizer
   FastCgiAuthorizerAuthoritative     FcgidAuthorizerAuthoritative
   FCGIWrapper                        FcgidWrapper
   IdleScanInterval                   FcgidIdleScanInterval
   IdleTimeout                        FcgidIdleTimeout
   IPCCommTimeout                     FcgidIOTimeout
   IPCConnectTimeout                  FcgidConnectTimeout
   MaxProcessCount                    FcgidMaxProcesses
   MaxRequestInMem                    FcgidMaxRequestInMem
   MaxRequestLen                      FcgidMaxRequestLen
   MaxRequestsPerProcess              FcgidMaxRequestsPerProcess
   OutputBufferSize                   FcgidOutputBufferSize
   PassHeader                         FcgidPassHeader
   PHP_Fix_Pathinfo_Enable            FcgidFixPathinfo
   ProcessLifeTime                    FcgidProcessLifeTime
   SharememPath                       FcgidProcessTableFile
   SocketPath                         FcgidIPCDir
   SpawnScore                         FcgidSpawnScore
   SpawnScoreUpLimit                  FcgidSpawnScoreUpLimit
   TerminationScore                   FcgidTerminationScore
   TimeScore                          FcgidTimeScore
   ZombieScanInterval                 FcgidZombieScanInterval
*) Separate classes by virtual host also on Windows.  [Rainer Jung]
*) Log client IP address with many more error log messages.  [Jeff Trawick]
*) Fix basic implementation of FcgidMaxRequestInMem and FcgidMaxRequestLen
   directives.  [Jeff Trawick]
*) Merge per-directory directives so that they can be inherited or
   overridden within other containers as expected.  Merge server config/
   virtual host directives so that they can be inherited or overridden
   within a virtual host as expected. [Jeff Trawick]
*) Use the virtual host settings for the request being processed instead
   of those of the first FastCGI request handled by this httpd child process.
   Affected directives: FcgidBusyTimeout, FcgidIOTimeout,
   FcgidConnectTimeout, FcgidMaxRequestsPerProcess, and FcgidOutputBufferSize.
   [Jeff Trawick]
*) Directives which previously were ignored in a virtual host context are no
   longer allowed.  [Jeff Trawick]
*) Add an optional flag "virtual" to FcgidWrapper.
   If virtual is set, the URLs passed to the wrapper are not
   checked, whether they resolve to a file.  [Rainer Jung]
*) Make the second argument (suffix) for FcgidWrapper optional.
   A wrapper defined without a suffix applies to all URLs, unless
   there is another more specific wrapper with a suffix.  [Rainer Jung]

Changes with mod_fcgid 2.3.1
*) Suppress "need AuthType to note auth failure" error-level messages when a
   FastCGIAccessChecker fails without any other kind of authentication
   (Basic, Digest) configured.  [Eric Covener]
*) Complete the unix port to 2.3-dev trunk.  [William Rowe]
*) Provide a default, mandatory environment as with mod_cgi (with the
   inclusion of LD_LIBRARY_PATH or similar variables on other platforms),
   unless overridden by DefaultInitEnv.  [William Rowe]
*) Handle DefaultInitEnv for case-insensitive platforms by forcing the env
   variable names to uppercase on Win32, OS2 and Netware.  [William Rowe]
*) Don't try to set the ownership of the socket directory unless running
   as root and the directory was just created.  This allows the default
   httpd.conf (with some daemon User/Group) to be used by non-root.
   [Jeff Trawick]
*) Fix formatting of several messages, including the oft-seen "mod_fcgid:
   Can't create shared memory for size %zu byte".  [Jeff Trawick]
*) Fix declared names of FastCgiAuthenticator and FastCgiAuthenticator-
   Authoritative directives, allowing them to be used.  [Ulf Haueisen
   <ulf dvlp.de>]
*) Fix vhost-specific DefaultInitEnv settings.  Previously, when setting
   multiple virtual hosts with the same SuexecUserGroup user and group, the
   process manager use the same process pool for both virtual hosts. This
   means if one virtual host has a DefaultInitEnv and the other has
   different values set, a fastcgi request from any of these virtual host
   can go to the same processes, which is inconsistent (a request from
   virtualhost a with DefaultInitEnv VAL "a", can go to a process spawned
   with virtualhost b with DefaultInitEnv VAL "b" set).  [Gabriel Barazer
   <gabriel oxeva.fr>]
2010-02-15 11:38:44 +00:00
joerg
ba171a91fa Add DESTDIR support. 2008-06-12 02:14:13 +00:00
abs
a72acf7b7e update www/ap2-fcgid from 2.0 to 2.2
pkgsrc changes: replace MAKE_FLAGS+= INCLUDES="-I${LOCALBASE}/include/httpd"
with MAKE_FLAGS+= INCLUDES="-I${BUILDLINK_PREFIX.apache}/include/httpd"

Version2.2 (Jul 31st 2007)
1. Support configuration "PassHeader"

        Thank Hans Christian Saustrup for the suggestion.

2. Support apr_shm_remove() in httpd.2.0.X

        Thank Hans Christian Saustrup for bug report.

3. Support configuration "TimeScore"

        Thank Tim Jensen for the patch.

4. Support new configurations "MaxRequestInMem" and "MaxRequestLen"

        If the length of http request longer than "MaxRequestInMem", it will store in tmp file.

        It the length of http request longer than "MaxRequestLen", it will return internal server error.

        Thank Gabriel Barazer(gabriel at oxeva.fr) for the bug report.

        Thank Steffen(info at apachelounge.com) for the help on this issue.

5. Fix miner Sanity check bug

        Thank Yuya Tanaka for bug report

UNIX&Win32 source:   mod_fcgid.2.2.tar.gz



Version2.1 ( Feb 15th 2007 )
1. Add missing config.m4 and Makefile.in for static linking
Thank Mark Drago for notice
2. FCGIWrapper disallowed in .htaccess
Thank Balinares for patch
3. Bug fix. Authoritative flag reversed
Thank Chris Darroch for the patch
4. Support arguments in FCGIWrapper
Thank Andre Nathan for suggestion and great help on testing it.
5. Support new config "SharememPath", which specifies the location of share memory path.
6. Check running user is root or not, while suexec is enabled.
Thank Chris Holleman for the bug report.
7. Bug fix. Should not pass respond to auth checkers.
Thank Szabolcs Hock for bug report.
2008-04-17 18:18:08 +00:00
joerg
7ac9657102 Change naming of Apache 2.2 modules to use ap22 prefix.
Allow apache22 in some more case and add a hack to devel/subversion
to determine the module by the state of the apache22 option.
This comes from www/ap2-subversion and should be fixed to properly
use build options or so.

OK agc@
2007-06-30 16:09:07 +00:00
abs
78b96acdc6 Import www/ap2-fcgid-2.0nb1 into pkgsrc:
The mod_fcgid Apache module is a binary compatible alternative to
Apache module mod_fastcgi, but only for apache2 and later.
FastCGI provides a high-performance alternative to CGI for writing
webserver applications.
2007-01-25 20:22:54 +00:00