Commit graph

100 commits

Author SHA1 Message Date
adam
56652ca3be Changes 1.4.2:
* Undo a crash-bug introduced in 1.3.9 affecting some applications of
  the apr hash and table structures, reported to affect Subversion

Changes 1.4.1:
* Win32: Properly handle the ERROR_DIRECTORY system error code.

Changes 1.4.0:
* Add apr_global_mutex_lockfile() for retrieving the file, if any,
  associated with the mutex.  Add apr_global_mutex_name() for retrieving
  the name of the lock mechanism used by the underlying proc mutex.

* Add apr_socket_atreadeof to determine whether the receive part of the
  socket has been closed by the peer.

* Make apr_pollset and apr_pollcb implementations using providers.
  Added apr_pollset_create_ex and apr_pollcb_create_ex that allows
  choosing non-default providers.

* apr_temp_dir_get() now checks the TMPDIR environment variable first,
  instead of third.

* Add apr_file_sync() and apr_file_datasync() calls.

* apr_pollset_wakeup() on Windows: Fix core caused by closing the
  file_socket_pipe with standard file_close.

* Introduce apr_hash_do() for iterating over a hash table.

* Make sure WIN32 behaves the same as posix for file-backed shared memory
  by removing the file on cleanup/remove.

* Introduce apr_pollset_wakeup() for interrupting the blocking
  apr_pollset_poll() call.

* Add apr_file_link() function.
2010-11-01 17:20:03 +00:00
fhajny
5239362357 Update to 1.3.9 (security fix).
Changes for APR 1.3.9

  *) SECURITY: CVE-2009-2699 (cve.mitre.org)
     Faulty error handling in the Solaris pollset support
     (Event Port backend) which could trigger hangs in the prefork
     and event MPMs on that platform.  PR 47645.  [Jeff Trawick]
2009-12-02 11:36:27 +00:00
gdt
743071d160 Update to 1.3.8 (security fix).
Changes for APR 1.3.8

  *) SECURITY: CVE-2009-2412 (cve.mitre.org)
     Fix overflow in pools and rmm, where size alignment was taking place.
     [Matt Lewis <mattlewis@google.com>, Sander Striker]

  *) Make sure that "make check" is used in the RPM spec file, consistent
     with apr-util. [Graham Leggett]

  *) Pass default environment to testflock, testoc and testpipe children,
     so that tests run when APR is compiled with Intel C Compiler.
     [Bojan Smojver]
2009-08-07 14:29:44 +00:00
tonnerre
45fa3c3899 Update to apr version 1.3.7, which, other than 1.3.5, is still downloadable.
Changes since 1.3.5:
 - On Linux/hppa flock() returns EAGAIN instead of EWOULDBLOCK. This
   causes proc mutex failures.
 - Set CLOEXEC flags where appropriate. Either use new O_CLOEXEC flag and
   associated functions, such as dup3(), accept4(), epoll_create1() etc.,
   or simply set CLOEXEC flag using fcntl().
 - More elaborate detection for dup3(), accept4() and epoll_create1().
2009-08-04 10:09:35 +00:00
joerg
0268c554bd Remove @dirrm entries from PLISTs 2009-06-14 17:38:38 +00:00
tron
526479e5d2 Update "apr" package to version 1.3.3. Changes since version 1.3.5:
- Dropped kqueue and apr_poll detection from Mac OS/X 10.5/Darwin 9
  due to various reported problems.
- apr_strerror() on OS/2: Fix problem with calculating buffer size.
  Bug 45689.
- Prefer glibtool1/glibtoolize1.
- Fix buildconf with libtool 2.2.
- Fix a bug with the APR_DELONCLOSE flag. Child processes were (also)
  unlinking the file.
- Fix compilation error on systems that do not have IPV6.
  Bug 46601
- apr_socket_sendfile() on Solaris: Fix handling of files truncated
  after the sender determines the length.  (This fixes a busy loop in
  httpd when a file being served is truncated.)
- Fix documentation for apr_temp_dir_get().
  Bug 46303
- Add AC_MSG_RESULT after AC_MSG_CHECKING.
  Bug 46427
- Reset errno to zero in apr_strtoi64 to prevent returning an errno not
  equal zero in cases where the operation worked fine.
- Win32: Do not error out on apr_pollset_poll() when there are no sockets.
- Fix apr_tokenize_to_argv parsing. Bug 46128
2009-06-08 14:23:10 +00:00
joerg
2d1ba244e9 Simply and speed up buildlink3.mk files and processing.
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
2009-03-20 19:23:50 +00:00
wiz
3d45c43a75 Update to 1.3.3:
Changes for APR 1.3.3

  *) Rename apr_pool_create_core to apr_pool_create_unmanaged and
     deprecate the old API name. It better reflects the scope and usage
     of this function. [Mladen Turk]

  *) Use proper return code for fcntl-based apr_proc_mutex_trylock()
     on platforms that return EACCES instead of EAGAIN when the lock
     is already held (AIX, HP-UX).
     [Eric Covener]

  *) Fix APR_PID_T_FMT detection on Solaris.  PR 45513
     [Rainer Jung <rainer.jung kippdata.de>]

Changes for APR 1.3.2

  *) Fix getservbyname_r() detection.  [Ruediger Pluem]

Changes for APR 1.3.1

  *) Fix win32 apr.hw to pick up XP/2003 TCP/IP multicast constants and
     revert to IPV6 disabled-by-default (a change present only in 1.3.0).
     [William Rowe]

  *) Fix autoconf cached detection of atomic builtins.  [Jim Jagielski]

  *) Use thread safe versions of getservbyname().  [Bojan Smojver]

  *) Use thread safe getpass_r on Netware.  [Guenter Knauf]

Changes for APR 1.3.0

  *) Fix Solaris poll failure.  PR 43000
     [Henry Jen <henryjen ztune.net>]

  *) apr_getservbyname(): Use proper method for converting port
     to host byte order.  PR 44903.
     [Chris Taylor <ctaylor wadeford.plus.com>]

  *) Use /dev/urandom in preference to /dev/random as entropy source
     for apr_generate_random_bytes.  PR 44881.  [Bojan Smojver]

  *) Implement apr_proc_wait_all_procs for windows.
     The implementation uses tool help library present
     on Windows 2000 and later. APR_ENOTIMPL is returned
     on platforms missing tool help from kernel32.dll.
     [Mladen Turk]

  *) Introduce apr_pool_pre_cleanup_register() for registering
     a cleanup that is called before any subpool is destroyed
     within apr_pool_clear or apr_pool_destroy.
     This allows to register a cleanup that will notify subpools
     about its inevitable destruction.
     [Mladen Turk]

  *) Introduce apr_pool_create_core_ex() for creation of standalone
     pools without parent. This function should be used for short
     living pools, usually ones that are created and destroyed
     either in a loop or inside function call. Since the pools
     created with this function doesn't have a parent they must
     be explicitly destroyed when done.
     [Mladen Turk]

  *) Fix return value when apr_pollset_poll interrupted.
     PR 42580 [Basant Kumar Kukreja <basant.kukreja sun.com>]

  *) Add missing semi-colon in Win9x code path of apr_file_open that breaks
     Win9X Debug builds. PR 44329. [Curt Arnold]

  *) z/OS: return standard apr_status_t codes from apr_dso_load()
     and apr_dso_sym().  [David Jones <oscaremma gmail.com>]

  *) Fix the make test target in the spec file. [Graham Leggett]

  *) Fix DSO-related crash on z/OS caused by incorrect memory
     allocation.  [David Jones <oscaremma gmail.com>]

  *) Implement Darwin-semantic (9.0.0 and later) sendfile support.
     Use writev in lieu of hdtr vecs since how Darwin counts the
     data is undocumented. [Geoff Greer <angryparsley mipsisrisc.com>,
     William Rowe, Jim Jagielski]

  *) Implemented the APR_FOPEN_SPARSE flag, permits win32 to create
     sparse data files.  Also bestow apr_fileinfo_t csize field for
     Windows versions 2000 and later, which helps in the detection
     that a sparse file is truly in use (see test/testlfs.c for an
     example, because different filesystems can vary in behavior
     even on an OS supporting sparse files).  [William Rowe]

  *) Corrected for Darwin and others to toggle APR_HAS_LARGE_FILES
     where large off_t's are enabled without any extra defines, hints
     or additional functions.  This is binary compatible, but apps
     may need to be recompiled to take full advantage depending on how
     they detect this feature.  [William Rowe]

  *) Implement apr_atomic_casptr() and apr_atomic_xchgptr() for z/OS.
     [David Jones <oscaremma gmail.com>]

  *) Introduce apr_file_pipe_create_ex() to portably permit one pipe
     end or another to be entirely blocking for non-APR applications
     (e.g. stdio streams) and the other (or both ends) non blocking,
     with a timeout of 0 by default.
     [William Rowe]

  *) apr_procattr_io_set() on Windows: Set non-blocking pipe handles
     to a default timeout of 0, following the Unix default.  No effect
     on pipe handles configured to block.  PR 43522.
     [Eric Covener <covener gmail.com>]

  *) apr_file_write() on Windows: Fix return code when writing to a non-
     blocking pipe would have blocked.  PR 43563.
     [Eric Covener <covener gmail.com>]

  *) Introduce APR_NO_FILE as an option to apr_procattr_io_set() for any
     of the three stdio streams to cause the corresponding streams to be
     closed to the child process.  This becomes effective in 1.3.0 across
     platforms (equivilant to APR_NO_PIPE in 1.2.x except on Win32.)
     [William Rowe]

  *) Solve WinNT inherited pipe leaks by mutexing apr_proc_create calls,
     on WinNT (not WinCE, nor 9x) so that we toggle the inherited state
     of the stdin/out/err pipes.  All other file handles are treated as
     not-inherited until apr_file_dup2'ed a std handle of this process,
     or while they are used by apr_proc_create.  [William Rowe]

  *) Define the Mac OS/X filesystem_encoding as utf-8 (in previous
     releases the interpretation would vary).  [Branko Čibej]

  *) Add table cloning (deep copy) convenience function.
     [Davi Arnaut]

  *) Rework the WIN32 CV code to signal the condition only if one or
     more threads are blocked on the condition variable. If no threads
     are waiting on the condition variable, nothing happens. The change
     also eliminates the thundering-herd problem of the manual-reset
     event, which (theoretically) wakes up all threads waiting on. Now
     the behavior of the CV's should be the same on Unix and win32
     platforms. PR 42305.  [Davi Arnaut]

  *) Define SEM_FAILED if it isn't already defined, as the proc mutex
     code already does it. Also search for the sem_open function in
     the realtime library. (This fixes HP-UX sem_open detection).
     [Davi Arnaut]

  *) Define the _HPUX_SOURCE feature test macro to obtain maximum
     functionality.
     PR 42261.  [Davi Arnaut]

  *) Stop invoking the testshm* helpers upon 'make test' invocation.
     [Kurt Miller <kurt intricatesoftware.com>]

  *) Register a cleanup only if APR_FILE_NOCLEANUP was not flagged in
     apr_file_mktemp. [Brian J. France <list firehawksystems.com>]

  *) Numerous build fixes for non-GCC builds and GCC builds on Win32,
     as well as WinCE builds.  [Davi Arnaut <davi haxent.com.br>,
     Curt Arnold <carnold apache.org>, John Mark Vandenberg,
     Kouhei Sutou <kou cozmixng.org>, William Rowe]

  *) Discard file buffers when running cleanups for exec.
     PR 41119.  [Davi Arnaut <davi haxent.com.br>, Bojan Smojver]

  *) Improve thread safety of assorted file_io functions.
     PR 42400.  [Davi Arnaut <davi haxent.com.br>]

  *) Add the apr_pollcb API as an alternative more efficient method
     of polling sockets, compared to apr_pollset. [Paul Querna]

  *) Fix possible crash in apr_pool_initialize() when built with
     verbose pool debugging.  PR 41063.
     [Peter Steiner <peter.steiner+apache hugwi.ch>]

  *) Fix --disable-ipv6 build on platforms with getifaddrs().
     PR 39199.  [Joe Orton]

  *) Correctly retrieve 'empty' environment values with apr_env_get
     on Win32 (e.g. "VAR="), and added validation to testall suite.
     PR 40764.  [Issac Goldstand <margol beamartyr.net>]

  *) Portably check for EEXIST in mktemp code.  PR 40818
     [Kenneth Golomb <KGolomb TradeCard.com>]

  *) Fix apr_socket_recvfrom() to ensure the peer's address is returned
     through the "from" parameter.  [Joe Orton]

  *) Fix error checking in kqueue, epoll and event port versions of
     apr_pollset_create.  PR 40660, 40661, 40662
     [Larry Cipriani <lvc lucent.com>]

  *) Add some documentation on the format matched by apr_fnmatch.
     [David Glasser <glasser mit.edu>]

  *) Add apr_hash_clear.  [Daniel L. Rall <dlr apache.org>]

  *) Don't try to build apr_app.c on MinGW.
     [Matthias Miller <Blog outofhanwell.com>]

  *) Fix the timeout converstion in apr_pollset with the KQueue
     backend. [Marco Molteni <mmolteni cisco.com>]

  *) Support MinGW.  [John Vandenberg, Justin Erenkrantz]

  *) Implement apr_thread_yield on Unix in terms of pthread_yield or
     sched_yield. [Keisuke Nishida <keisuke.nishida gmail.com>]

  *) Provide folding in autogenerated .manifest files for Win32 builders
     using VisualStudio 2005  [William Rowe]

  *) Utilise Solaris' native atomic_* functions for apr_atomics
     where appropriate. [Colm MacCárthaigh]

  *) Make apr_socket_recvfrom initialize the port field in the from
     sockaddr.  PR 39325 [Anthony Minessale <anthmct yahoo.com>]

  *) NetBSD: Avoid leaving zombie process when using apr_signal()
     to ignore SIGCHLD.  PR 36750.  [Todd Vierling <tv pobox.com>]

  *) Implement support for apr_proc_mutex_trylock() on Unix platforms.
     PR 38785.  [Chris Darroch <chrisd pearsoncmg.com>]

  *) APR_FIND_APR macro now supports customisable detailed checks on
     each installed apr. [Justin Erenkrantz, Colm MacCárthaigh]

  *) APR_FIND_APR macro no longer checks /usr/local/apache2/
     [Colm MacCárthaigh]

  *) Add APR_POLLSET_NOCOPY option to apr_pollset API to eliminate
     O(n)-time lookup in apr_pollset_remove() (currently implemented
     only for epoll).  [Brian Pane]

  *) Add apr_file_buffer_set() and apr_file_buffer_size_get() functions
     to support variable buffer sizes with APR file handles.
     [Colm MacCárthaigh]

  *) Add apr_file_open_flags_std[err|out|in]() functions.
     [Colm MacCárthaigh]

  *) stdio: apr_file_open_std[err|out|in]() functions now set the APR_WRITE
     or APR_READ flag as appropriate. [Colm MacCárthaigh]

  *) multicast: apr_mcast_*() no longer return APR_ENOTIMPL when invoked
     for non-UDP/RAW sockets. The caller is expected to ensure that the
     socket-type is suitable for multicast. [Colm MacCárthaigh]

  *) Add apr_sockaddr_ip_getbuf() function.  [Joe Orton]

  *) Fix handling of %pI in apr_psprintf.  [Joe Orton]

  *) Provide APR_VERSION_AT_LEAST() macro for applications which
     want to enable features based on a required level of APR.
     [Jeff Trawick]

  *) jlibtool: Teach to use static libraries with -static.
     [Justin Erenkrantz]

  *) Fix checks for alloca() support in configure.  PR 13037.
     [Noah Misch <noah cs.caltech.edu>]

  *) Add %pm support to apr_snprintf() for printing the error string
     corresponding to an apr_status_t value.  [Joe Orton]

  *) Add APR_ARRAY_IDX() and APR_ARRAY_PUSH() convenience macros to
     apr_tables.h.  [Garrett Rooney]
2008-09-06 16:39:25 +00:00
jklos
5bf0fa3d90 Updated to 1.2.12. This includes apr_socket_sendfile for OS X 10.5. 2007-12-09 22:08:32 +00:00
tron
f30a0b6c99 Update "apr" package to version 1.2.11. Changes since version 1.2.9:
- Win32 apr_file_read; Correctly handle completion-based read-to-EOF.
- Fixed Win32 regression of stdout inheritance in apr_proc_create.
- Solve winNT inherited pipe leaks by mutexing apr_proc_create calls,
  on WinNT (not WinCE, nor 9x) so that we toggle the inherited state
  of the stdin/out/err pipes.  All other file handles are treated as
  not-inherited until apr_file_dup2'ed a std handle of this process,
  or while they are used by apr_proc_create.
- Define the Mac OS/X filesystem_encoding as utf-8 (in previous
  releases the interpretation would vary).
- Fix day of year (tm_day) calculation for July. The bug only affects
  Windows builds.  Apache Bug #42953.
- Fix LFS detection when building over NFS. The mode must be
  specified when O_CREAT is in the flags to open().
  Apache Bug #42821.
- Avoid overwriting the hash_mutex table for applications that
  incorrectly calls apr_atomic_init().  Apache Bug #42760.
- Allow IPv6 connectivity test to fail, avoiding a potentially fatal
  error.
- The MinGW Windows headers effectively redefines WINADVAPI from
  __stdcall to empty which results in a link failure when wincrypt.h
  is placed after an include to apr_private.h.
  Apache Bug #42293.
- Define SEM_FAILED if it isn't already defined, as the proc mutex
  code already does it. Also search for the sem_open function in
  the realtime library. (This fixes HP-UX sem_open detection).
- Define the _HPUX_SOURCE feature test macro to obtain maximum
  functionality. Fixes broken sendfile with LFS support on HP-UX.
  Apache Bug #42261.
2007-10-11 09:12:08 +00:00
xtraeme
71750535e6 Update to 1.2.9:
*) Stop invoking the testshm* helpers upon 'make test' invocation.
       [Kurt Miller <kurt intricatesoftware.com>]
*) Register a cleanup only if APR_FILE_NOCLEANUP was not flagged in
    apr_file_mktemp. [Brian J. France <list firehawksystems.com>]
*) Numerous build fixes for non-GCC builds and GCC builds on Win32,
   as well as WinCE builds.
*) Discard file buffers when running cleanups for exec.
*) If apr_proc_create() fails to exec in the fork()ed child, call
   _exit() not exit() to avoid running atexit()-registered functions
   in the child. [Joe Orton]
*) Improve thread safety of assorted file_io functions.
   [Davi Arnaut <davi haxent.com.br>]
*) Fix file pointer position calculation in apr_file_writev() on
   buffered file. [Davi Arnaut <davi haxent.com.br>]
*) Fix formatting of unsigned integers larger than 2^63 in the
   vformatter/apr_*printf.
   [Wynn Wilkes <wynn bungeelabs.com>]
*) Fix possible EFAULT failures in apr_socket_sendfile() on 32-bit
   Solaris with LFS enabled.
*) Fix deadlock in apr_file_gets() for a file opened with both the
   APR_BUFFERED and APR_XTHREAD flags.
2007-09-05 13:47:36 +00:00
joerg
0826bb4cf5 Make live easier for Apache 2.2 modules and provide apr-config and
apu-config in .buildlink/bin.
2007-06-30 15:04:55 +00:00
schmonz
c4c6bb5878 Add "include/apr-1" to BUILDLINK_INCDIRS.apr, as programs using
this library apparently expect to find it in their include path.
2007-05-29 22:39:17 +00:00
xtraeme
9ac67a4418 I don't have time to maintain packages that might be affected by
security vulnerabilities.
2007-05-22 10:53:20 +00:00
epg
76ab9ed2ab Set PKGNAME=apr-1.2.8.2.2.4 and PKGREVISION=1 so as to appear newer than
devel/apr1 installations in the wild.  Suggested by Todd Vierling.
2007-01-25 17:05:35 +00:00
epg
e4f20d343c devel/apr:
Update to 1.2.8 (formerly in devel/apr1), no longer build from the
    httpd distfile.

devel/rapidsvn:
devel/subversion-base:
parallel/ganglia-monitor-core:
security/hydra:
www/apache2:
    Use devel/apr0.

www/apache22:
    Use devel/apr and devel/apr-util.
2007-01-24 19:46:45 +00:00
joerg
5e43280b23 Replace mk/bsd.prefs.mk includes with bsd.fast.prefs.mk includes.
The redundant parsing of bsd.prefs.mk is mostly avoided now and
parse time e.g. for x11/kdebase3 gets reduced by up to 10%.
2006-12-12 21:52:34 +00:00
xtraeme
66d5334084 There's no need to CONFLICT between apr and apr1, cube said so. 2006-12-09 00:52:23 +00:00
xtraeme
4b4c1f4db7 This package cannot co-exist with apr1, update CONFLICTS
properly.

Bump PKGREVISION.
2006-12-08 23:50:47 +00:00
joerg
b63c1df7c4 Include iconv's b3.mk for systems without native iconv to allow
proper linking.
2006-10-23 09:55:22 +00:00
joerg
f75176b39c Flag a number of packages I use as supporting (user-)destdir.
apg is a bit special as it has some hardcoded ownership, so
mark that as "destdir".
2006-10-09 12:52:34 +00:00
tron
c9f2d2ffff Include "libiconv" buildlink3 glue code to make sure that the
apr_xlate_*() functions support non-ASCII characters properly.

This should allow the "ap2-subversion" package to deal with filenames
including non-ASCII characters and therefore fix PR pkg/26056.
2006-10-05 17:05:59 +00:00
rillig
d24590a24e Added a patch to make the tests runnable on NetBSD. Sadly, they seem to
reach an endless loop.
2006-10-04 21:51:31 +00:00
tron
659d0b0b2c Update "apr" package to version 0.9.12.2.0.59 and "apache2" package
to version 2.0.59. Changes since *2.0.58:
- SECURITY: CVE-2006-3747 (cve.mitre.org)
  mod_rewrite: Fix an off-by-one security problem in the ldap scheme
  handling. For some RewriteRules this could lead to a pointer being
  written out of bounds.  Reported by Mark Dowd of McAfee.
2006-07-28 10:38:36 +00:00
jlam
c16221a4db Change the format of BUILDLINK_ORDER to contain depth information as well,
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.

For example, "make show-buildlink3" in fonts/Xft2 displays:

	zlib
	fontconfig
	    iconv
	    zlib
	    freetype2
	    expat
	freetype2
	Xrender
	    renderproto
2006-07-08 23:10:35 +00:00
jlam
9430e49307 Track information in a new variable BUILDLINK_ORDER that informs us
of the order in which buildlink3.mk files are (recursively) included
by a package Makefile.
2006-07-08 22:38:58 +00:00
rillig
0e7593e467 Fixed pkglint warnings. 2006-06-09 07:04:48 +00:00
ghen
2eca3d9f2c The databases/openldap package has been split in -client and -server component
packages.  Convert LDAP-based applications to depend on openldap-client, and
bump PKGREVISION for those that depend on it by default.
2006-05-31 18:22:23 +00:00
tron
97d23b0a13 Update "apr" package to version 0.9.12.2.0.58 and "apache" package
to version 2.0.58. Change since Apache relase 2.0.55:
- Legal: Restored original years in copyright notices.
- mod_cgid: run the get_suexec_identity hook within the request-handler
  instead of within cgid. Apache#36410.
- core: Prevent read of unitialized memory in ap_rgetline_core.
  Apache#39282.
- mod_proxy: Report the proxy server name correctly in the "Via:" header,
  when UseCanonicalName is Off. Apache#11971.
- mod_isapi: Various trivial code-fixes to permit mod_isapi to load and
  run on Unix.
- HTML-escape the Expect error message.  Not classed as security as
  an attacker has no way to influence the Expect header a victim will
  send to a target site.  Reported by Thiago Zaninotti
  <thiango nstalker.com>.
- SECURITY: CVE-2005-3357 (cve.mitre.org)
  mod_ssl: Fix a possible crash during access control checks if a
  non-SSL request is processed for an SSL vhost (such as the
  "HTTP request received on SSL port" error message when an 400
  ErrorDocument is configured, or if using "SSLEngine optional").
  Apache#37791.
- SECURITY: CVE-2005-3352 (cve.mitre.org)
  mod_imap: Escape untrusted referer header before outputting in HTML
  to avoid potential cross-site scripting.  Change also made to
  ap_escape_html so we escape quotes.  Reported by JPCERT.
- Add APR/APR-Util Compiled and Runtime Version numbers to the
  output of 'httpd -V'.
- Ensure that the proper status line is written to the client, fixing
  incorrect status lines caused by filters which modify r->status without
  resetting r->status_line, such as the built-in byterange filter.
- Default handler: Don't return output filter apr_status_t values.
  Apache#31759.
- mod_speling: Stop crashing with certain non-file requests.
- keep the Content-Length header for a HEAD with no response body.
  Apache#18757
- Modify apr[util] .h detection to avoid breakage on VPATH builds
  using Solaris make (amoung others) and avoid breakage in ./buildconf
  when srclib/apr[-util] are symlinks rather than directories proper.
- Avoid server-driven negotiation when a CGI script has emitted an
  explicit "Status:" header. Apache#38070.
- mod_log_config now logs all Set-Cookie headers if the %{Set-Cookie}o
  format is used. Apache#27787.
- mod_cache: Correctly handle responses with a 301 status. Apache#37347.
- mod_proxy_http: Prevent data corruption of POST request bodies when
  client accesses proxied resources with SSL. Apache#37145.
- Elimiated the NET_TIME filter, restructuring the timeout logic.
  This provides a working mod_echo on all platforms, and ensures any
  custom protocol module is at least given an initial timeout value
  based on the <VirtualHost > context's Timeout directive.
- mod_ssl: Correct issue where mod_ssl does not pick up the
  ssl-unclean-shutdown setting when configured. Apache#34452.
- Document the ReceiveBufferSize change done in r157583.
- mod_deflate: Merge the Vary header, instead of Setting it. Fixes
  applications that send the Vary Header themselves. Apache#37559.
- mod_dav: Fix a null pointer dereference in an error code path during the
  handling of MKCOL.
- mod_mime_magic: Handle CRLF-format magic files so that it works with
  the default installation on Windows.
- Write message to error log if AuthGroupFile cannot be opened.
  Apache#37566.
- Add ReceiveBufferSize directive to control the TCP receive buffer.
- mod_cache: Fix 'Vary: *' behavior to be RFC compliant. Apache#16125.
- Remove the base href tag from proxy_ftp, as it breaks relative
  links for clients not using an Authorization header.
- http_request.c: Add missing va_end call.
- Add httxt2dbm to support/ for creating RewriteMap DBM Files.
- support/check_forensic: Fix temp file usage
- Chunk filter: Fix chunk filter to create correct chunks in the case that
  a flush bucket is surrounded by data buckets.
- mod_cgi(d): Remove block on OPTIONS method so that scripts can
  respond to OPTIONS directly rather than via server default.
  Apache#15242
- Added new module mod_version, which provides version dependent
  configuration containers.
- Add core version query function (ap_get_server_revision) and
  accompanying ap_version_t structure (minor MMN bump).
2006-05-07 12:35:27 +00:00
joerg
ab276a7221 Install arch/unix headers as well, useful for mostly platform independent
programs normally getting it from internal apr. Bump revision.
2006-04-30 21:58:12 +00:00
rillig
9fc2d7d281 Removed the superfluous "quotes" and 'quotes' from variables that don't
need them, for example RESTRICTED and SUBST_MESSAGE.*.
2006-04-22 09:22:05 +00:00
heinz
5851e5bff0 Added appropriate TEST_TARGET. 2006-04-14 18:14:34 +00:00
rillig
96fc47c14f Aligned the last line of the buildlink3.mk files with the first line, so
that they look nicer.
2006-04-12 10:26:59 +00:00
reed
5abef9be14 Over 1200 files touched but no revisions bumped :)
RECOMMENDED is removed. It becomes ABI_DEPENDS.

BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.

BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.

BUILDLINK_DEPENDS does not change.

IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".

Added to obsolete.mk checking for IGNORE_RECOMMENDED.

I did not manually go through and fix any aesthetic tab/spacing issues.

I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.

I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.

As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.

As discussed on tech-pkg.

I will commit to revbump, pkglint, pkg_install, createbuildlink separately.

Note that if you use wip, it will fail!  I will commit to pkgsrc-wip
later (within day).
2006-04-06 06:21:32 +00:00
joerg
5911def816 Recursive revision bump / recommended bump for gettext ABI change. 2006-02-05 23:08:03 +00:00
wiz
768c589c29 Bump BUILDLINK_RECOMMENDED of textproc/expat to 2.0.0 because
of the shlib major bump.
PKGREVISION++ for the dependencies.
2006-01-24 07:31:52 +00:00
rillig
b71a1d488b Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in

    http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
2005-12-05 20:49:47 +00:00
tron
2563f528ef Update "apr" package to version 0.9.7. Changes since version 0.9.6:
- Fix crash in apr_dir_make_recursive() for relative path
  when the working directory has been deleted.  [Joe Orton]
- Win32: fix apr_proc_mutex_trylock() to handle WAIT_TIMEOUT,
  returning APR_EBUSY.  [Ronen Mizrahi <ronen@tversity.com>]
- Fix apr_file_read() to catch write failures when flushing pending
  writes for a buffered file.  [Joe Orton]
- Fix apr_file_write() infinite loop on write failure for buffered
  files.  [Erik Huelsmann <ehuels gmail.com>]
- Fix error handling where apr_uid_* and apr_gid_* could segfault
  or return APR_SUCCESS in failure cases.  PR 34053.  [Joe Orton,
  Paul Querna]
- Refactor Win32 condition variables code to address bugs 27654, 34336.
  [Henry Jen <henryjen ztune.net>, E Holyat <eholyat yahoo.com>]
- Support APR_SO_SNDBUF and APR_SO_RCVBUF on Windows.  PR 32177.
  [Sim <sgobbi datamanagement.it>, Jeff Trawick]
- Fix detection of rwlocks on Mac OS X. [Aaron Bannert]
- Fix issue with poll() followed by net I/O yielding EAGAIN on
  Mac OS 10.4 (Darwin 8). [Wilfredo Sanchez]

Update based on patches supplied by Ben Collver. Addresses first part
of PR pkg/31817 by Zafer Aydogan.
2005-10-17 10:28:46 +00:00
tv
527eb9553e Extend the Darwin avoid_zombies() signal hack to NetBSD, which needs
explicit waits as well.  Eliminates the CGI zombie problem on NetBSD 2.0+
using the "worker" MPM in Apache 2.
2005-09-21 00:01:01 +00:00
reed
b9b0d61d1e Add support for DragonFly from Joerg Sonnenberger. Okayed by tron. 2005-09-07 11:39:55 +00:00
reed
566435a644 Move the PKGREVISION from the Makefile.common. It should be used
for revisions for a single package. I don't think this "suexec"
PKGREVISION was meant for the apr package, but since it was used
it is now there.

I noticed this problem when building wip/apachebench2 which has
nothing to do with suexec. Although, I did not make this change
for pkgsrc-wip's wip/apachebench2 since this is a work in progress.
2005-05-21 03:49:52 +00:00
jlam
0dbd0c0762 Rename MAKE_VARS to MAKEVARS so that it more closely resembles
"MAKEFLAGS".  Both "MAKEVARS" and "MAKEFLAGS" affect the package-level
make process, not the software's own make process.
2005-05-11 22:08:18 +00:00
jlam
4fd08abc6e I mixed up MAKE_FLAGS with MAKEFLAGS. The latter is what we actually use
to pass make flags to bmake.
2005-05-11 22:03:52 +00:00
jlam
67ca8c8715 Don't assign to PKG_OPTIONS.<pkg> which has special meaning to the
options framework.  Rename PKG_OPTIONS.* to PKG_BUILD_OPTIONS.*.
2005-05-09 05:14:08 +00:00
jlam
03e9337879 Teach bsd.pkg.mk to create a phase-specific "makevars.mk" file that
caches variable definitions that were computed by make.  These variables
are specified by listing them in MAKE_VARS, e.g.,

	.if !defined(FOO)
	FOO!=	very_time_consuming_command
	.endif
	MAKE_VARS+=	FOO

bsd.pkg.mk will include only the one generated during the most recent
phase.  A particular phase's makevars.mk file consists of variable
definitions that are a superset of all of the ones produced in previous
phases of the build.

The caching is useful because bsd.pkg.mk invokes make recursively,
which in the example above has the potential to run the very time-consuming
command each time unless we cause FOO to be defined for the sub-make
processes.  We don't cache via MAKE_FLAGS because MAKE_FLAGS isn't
consistently applied to every invocation of make, and also because
MAKE_FLAGS can overflow the maximum length of a make variable very
quickly if we add many values to it.

One important and desirable property of variables cached via MAKE_VARS
is that they only apply to the current package, and not to any
dependencies whose builds may have been triggered by the current
package.

The makevars.mk files are generated by new targets fetch-vars,
extract-vars, patch-vars, etc., and these targets are built during
the corresponding real-* target to ensure that they are being invoked
with PKG_PHASE set to the proper value.

Also, remove the variables cache file that bsd.wrapper.mk was generating
since the new makevars.mk files provide the same functionality at a
higher level.  Change all WRAPPER_VARS definitions that were used by
the old wrapper-phase cache file into MAKE_VARS definitions.
2005-05-09 05:06:55 +00:00
jlam
949a7c95f1 PKG_OPTIONS.<pkg> isn't a good approximation to PKG_OPTIONS for the
package because PKG_OPTION.<pkg> could contain negative options, which
are never part of PKG_OPTIONS.  Instead, use the show-var target to
display the value.  We cache it in WRAPPER_VARS and in MAKE_FLAGS to
prevent reinvoking the show-var target recursively.
2005-05-08 12:03:56 +00:00
adam
bba3dab699 Changes 2.0.54:
*) mod_cache: Add CacheIgnoreHeaders directive.
  *) mod_ldap: Added the directive LDAPConnectionTimeout to configure
     the ldap socket connection timeout value.
  *) Correctly export all mod_dav public functions.
  *) Add a build script to create a solaris package.
  *) worker MPM: Fix a problem which could cause httpd processes to
     remain active after shutdown.
  *) Unix MPMs: Shut down the server more quickly when child processes are
     slow to exit.
  *) Remove formatting characters from ap_log_error() calls.  These
     were escaped as fallout from CAN-2003-0020.
  *) mod_ssl: If SSLUsername is used, set r->user earlier.
  *) htdigest: Fix permissions of created files.
  *) core_input_filter: Move buckets to a persistent brigade instead of
     creating a new brigade. This stop a memory leak when proxying a
     Streaming Media Server.
  *) mod_win32: Ignore both PATH_INFO as well as PATH_TRANSLATED to avoid
     hiccups from additional path information passed in non-utf-8 format.
2005-04-25 09:13:02 +00:00
tv
f816d81489 Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used. 2005-04-11 21:44:48 +00:00
agc
4a3d2f7ce2 Add RMD160 digests. 2005-02-23 22:24:08 +00:00
grant
679546f54b fix typo 2005-02-16 09:53:35 +00:00