diff options
author | Donny Davies <woodchip@gentoo.org> | 2002-11-28 20:23:09 +0000 |
---|---|---|
committer | Donny Davies <woodchip@gentoo.org> | 2002-11-28 20:23:09 +0000 |
commit | 988dced61427cd8b41be32389dcb1b5bc5773fed (patch) | |
tree | 5e702f53aafe626110b671e2fa785f8bc95b05bd | |
parent | fix tdfx problem try #2 (diff) | |
download | gentoo-2-988dced61427cd8b41be32389dcb1b5bc5773fed.tar.gz gentoo-2-988dced61427cd8b41be32389dcb1b5bc5773fed.tar.bz2 gentoo-2-988dced61427cd8b41be32389dcb1b5bc5773fed.zip |
updated layout
24 files changed, 2423 insertions, 341 deletions
diff --git a/net-www/apache/ChangeLog b/net-www/apache/ChangeLog index 3e787018e00f..4aa29960535e 100644 --- a/net-www/apache/ChangeLog +++ b/net-www/apache/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for net-www/apache # Copyright 2002 Gentoo Technologies, Inc.; Distributed under the GPL -# $Header: /var/cvsroot/gentoo-x86/net-www/apache/ChangeLog,v 1.29 2002/11/02 08:18:52 woodchip Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-www/apache/ChangeLog,v 1.30 2002/11/28 20:23:09 woodchip Exp $ + +*apache-2.0.43-r1 (28 Nov 2002) + + 28 Nov 2002; Donny Davies <woodchip@gentoo.org> : Updated layout! + Getting closer to fully deprecating Apache1. Third party module + integration is now somewhat simplified; simply install the desired + module and edit /etc/conf.d/apache2. There's no longer the need + for the 'ebuild /var/db/pkg/.../foo.ebuild config' dance. Yay. *apache-2.0.43 (02 Nov 2002) diff --git a/net-www/apache/apache-2.0.40-r1.ebuild b/net-www/apache/apache-2.0.40-r1.ebuild deleted file mode 100644 index ffb10bf4a340..000000000000 --- a/net-www/apache/apache-2.0.40-r1.ebuild +++ /dev/null @@ -1,83 +0,0 @@ -# Copyright 1999-2002 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-www/apache/apache-2.0.40-r1.ebuild,v 1.4 2002/10/05 05:39:24 drobbins Exp $ - -IUSE="ssl" - -S="${WORKDIR}/httpd-${PV}" - -KEYWORDS="x86 ppc" -DESCRIPTION="Apache Web Server, Version 2.0.x" -SRC_URI="http://www.apache.org/dist/httpd/httpd-${PV}.tar.gz" -HOMEPAGE="http://www.apache.org" -LICENSE="Apache-1.1" -SLOT="2" - -DEPEND="virtual/glibc - >=dev-libs/mm-1.1.3 - >=sys-libs/gdbm-1.8 - >=dev-libs/expat-1.95.2 - >=sys-devel/perl-5.6.1 - ssl? >=dev-libs/openssl-0.9.6e" - -src_compile() { - PREFIX=/usr/lib/apache2 - - select_modules_config || die "determining modules" - ./configure \ - --host=${CHOST} \ - --prefix=${PREFIX} \ - --infodir=/usr/share/info \ - --mandir=/usr/share/man \ - --sysconfdir=/etc/apache2 \ - --datadir=/home/httpd \ - --enable-suexec \ - --with-suexec-uidmin=1000 \ - --with-suexec-gidmin=100 \ - ${MY_BUILTINS} \ - || die "./configure failed" - emake || die "Make failed" -} - -src_install () { - make DESTDIR=${D} install || die "make install failed" - - # Install documentation. - dodoc CHANGES INSTALL LICENSE README - - insinto /etc/conf.d; newins ${FILESDIR}/${PV}/apache2.confd apache2 - exeinto /etc/init.d; newexe ${FILESDIR}/${PV}/apache2.initd apache2 - insinfo /etc/apache2; newins ${FILESDIR}/${PV}/apache2-builtin-mods -} - -parse_modules_config() { - local filename=$1 - local name="" - local dso="" - local disable="" - [ -f ${filename} ] || return 1 - einfo ">>> using ${filename} for builtins..." - for i in `cat $filename | sed "s/^#.*//"` ; do - if [ $i == "-" ] ; then - disable="true" - elif [ -z "$name" ] && [ ! -z "`echo $i | grep "mod_"`" ] ; then - name=`echo $i | sed "s/mod_//"` - elif [ "$disable" ] && ( [ $i == "static" ] || [ $i == "shared" ] ) ; then - MY_BUILTINS="${MY_BUILTINS} --disable-$name" - name="" ; disable="" - elif [ $i == "static" ] ; then - MY_BUILTINS="${MY_BUILTINS} --enable-$name=yes" - name="" ; disable="" - elif [ $i == "shared" ] ; then - MY_BUILTINS="${MY_BUILTINS} --enable-$name=shared" - name="" ; disable="" - fi - done - einfo ">>> Here is your custom config line:\n${MY_BUILTINS}" -} - -select_modules_config() { - parse_modules_config /etc/apache/apache2-builtin-mods || \ - parse_modules_config ${FILESDIR}/${PV}/apache2-builtin-mods || \ - return 1 -} diff --git a/net-www/apache/apache-2.0.42.ebuild b/net-www/apache/apache-2.0.42.ebuild deleted file mode 100644 index a6032a70d840..000000000000 --- a/net-www/apache/apache-2.0.42.ebuild +++ /dev/null @@ -1,83 +0,0 @@ -# Copyright 1999-2002 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-www/apache/apache-2.0.42.ebuild,v 1.3 2002/10/05 05:39:24 drobbins Exp $ - -IUSE="ssl" - -S="${WORKDIR}/httpd-${PV}" - -KEYWORDS="x86 ppc" -DESCRIPTION="Apache Web Server, Version 2.0.x" -SRC_URI="http://www.apache.org/dist/httpd/httpd-${PV}.tar.gz" -HOMEPAGE="http://www.apache.org" -LICENSE="Apache-1.1" -SLOT="2" - -DEPEND="virtual/glibc - >=dev-libs/mm-1.1.3 - >=sys-libs/gdbm-1.8 - >=dev-libs/expat-1.95.2 - >=sys-devel/perl-5.6.1 - ssl? >=dev-libs/openssl-0.9.6e" - -src_compile() { - PREFIX=/usr/lib/apache2 - - select_modules_config || die "determining modules" - ./configure \ - --host=${CHOST} \ - --prefix=${PREFIX} \ - --infodir=/usr/share/info \ - --mandir=/usr/share/man \ - --sysconfdir=/etc/apache2 \ - --datadir=/home/httpd \ - --enable-suexec \ - --with-suexec-uidmin=1000 \ - --with-suexec-gidmin=100 \ - ${MY_BUILTINS} \ - || die "./configure failed" - emake || die "Make failed" -} - -src_install () { - make DESTDIR=${D} install || die "make install failed" - - # Install documentation. - dodoc CHANGES INSTALL LICENSE README - - insinto /etc/conf.d; newins ${FILESDIR}/${PV}/apache2.confd apache2 - exeinto /etc/init.d; newexe ${FILESDIR}/${PV}/apache2.initd apache2 - insinfo /etc/apache2; newins ${FILESDIR}/${PV}/apache2-builtin-mods -} - -parse_modules_config() { - local filename=$1 - local name="" - local dso="" - local disable="" - [ -f ${filename} ] || return 1 - einfo ">>> using ${filename} for builtins..." - for i in `cat $filename | sed "s/^#.*//"` ; do - if [ $i == "-" ] ; then - disable="true" - elif [ -z "$name" ] && [ ! -z "`echo $i | grep "mod_"`" ] ; then - name=`echo $i | sed "s/mod_//"` - elif [ "$disable" ] && ( [ $i == "static" ] || [ $i == "shared" ] ) ; then - MY_BUILTINS="${MY_BUILTINS} --disable-$name" - name="" ; disable="" - elif [ $i == "static" ] ; then - MY_BUILTINS="${MY_BUILTINS} --enable-$name=yes" - name="" ; disable="" - elif [ $i == "shared" ] ; then - MY_BUILTINS="${MY_BUILTINS} --enable-$name=shared" - name="" ; disable="" - fi - done - einfo ">>> Here is your custom config line:\n${MY_BUILTINS}" -} - -select_modules_config() { - parse_modules_config /etc/apache/apache2-builtin-mods || \ - parse_modules_config ${FILESDIR}/${PV}/apache2-builtin-mods || \ - return 1 -} diff --git a/net-www/apache/apache-2.0.43-r1.ebuild b/net-www/apache/apache-2.0.43-r1.ebuild new file mode 100644 index 000000000000..af08a0a1f369 --- /dev/null +++ b/net-www/apache/apache-2.0.43-r1.ebuild @@ -0,0 +1,286 @@ +# Copyright 1999-2002 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-www/apache/apache-2.0.43-r1.ebuild,v 1.1 2002/11/28 20:23:09 woodchip Exp $ + +inherit eutils + +DESCRIPTION="Apache Web Server, Version 2.0.x" +HOMEPAGE="http://www.apache.org/" + +S="${WORKDIR}/httpd-${PV}" +SRC_URI="http://www.apache.org/dist/httpd/httpd-${PV}.tar.gz + mirror://gentoo/${P}-gentoo.diff.bz2" +KEYWORDS="x86 ppc" +LICENSE="Apache-1.1" +SLOT="2" + +DEPEND="virtual/glibc sys-libs/db sys-devel/perl + >=sys-libs/zlib-1.1.4 + >=sys-libs/gdbm-1.8 + >=dev-libs/expat-1.95.2 + >=sys-devel/perl-5.6.1 + >=dev-libs/openssl-0.9.6e" +# ldap? =net-nds/openldap-2* +#IUSE="ldap" +IUSE="" + +src_unpack() { + unpack ${A} || die + cd ${S} || die + epatch ../${P}-gentoo.diff + + #give it the stamp + perl -pi -e 's|" PLATFORM "|Gentoo/Linux|;' server/core.c + #fix perl with perl! + find -type f | xargs perl -pi -e \ + "s|/usr/local/bin/perl|/usr/bin/perl|g; \ + s|/usr/local/bin/perl5|/usr/bin/perl|g; \ + s|/path/to/bin/perl|/usr/bin/perl|g;" + #dont want this cruft in /usr/bin + perl -pi -e 's|\@exp_bindir\@(/envvars)|\@exp_installbuilddir\@\1|;' \ + support/apachectl.in + + #allow users to customize their data directory by setting the + #home directory of the 'apache' user elsewhere. + local datadir=`grep ^apache: /etc/passwd | cut -d: -f6` + if [ -z "$datadir" ] + then + datadir="/home/httpd" + eerror "Please create the apache user and set his home" + eerror "directory to your desired datadir location." + eerror "Defaulting to \"/home/httpd\"." + else + einfo "$datadir is your Apache2 data directory ..." + fi + + local prefix=/usr + echo "" >>config.layout + cat >>config.layout <<-EOF + <Layout Gentoo> + prefix: ${prefix} + exec_prefix: ${prefix} + bindir: ${prefix}/bin + sbindir: ${prefix}/sbin + libdir: ${prefix}/lib + libexecdir: ${prefix}/lib/apache2 + mandir: ${prefix}/share/man + infodir: ${prefix}/share/info + includedir: ${prefix}/include/apache2 + installbuilddir: ${prefix}/lib/apache2/build + datadir: ${datadir} + errordir: ${datadir}/error + iconsdir: ${datadir}/icons + htdocsdir: ${datadir}/htdocs + cgidir: ${datadir}/cgi-bin + manualdir: /usr/share/doc/${PF}/manual + sysconfdir: /etc/apache2/conf + localstatedir: /var + runtimedir: /var/run + logfiledir: /var/log/apache2 + proxycachedir: /var/cache/apache2 + </Layout> + EOF + + ./buildconf || die +} + +src_compile() { +# local myconf +# use ldap && myconf="--with-ldap --enable-auth-ldap=shared \ +# --enable-ldap=shared" + select_modules_config || die "determining modules" + + SSL_BASE="SYSTEM" \ + ./configure \ + --with-suexec-safepath="/usr/local/bin:/usr/bin:/bin" \ + --with-suexec-logfile=/var/log/apache2/suexec_log \ + --with-suexec-bin=/usr/sbin/suexec2 \ + --with-suexec-userdir=public_html \ + --with-suexec-caller=apache \ + --with-suexec-docroot=/home \ + --with-suexec-uidmin=1000 \ + --with-suexec-gidmin=100 \ + --with-suexec-umask=077 \ + --enable-suexec=shared \ + \ + ${MY_BUILTINS} \ + \ + --with-perl=/usr/bin/perl \ + --with-expat=/usr \ + --with-pcre=/usr \ + --with-ssl=/usr \ + --with-z=/usr \ + --with-port=80 \ + --with-mpm=${MPM:=prefork} \ + --enable-layout=Gentoo \ + --with-program-name=apache2 \ + --host=${CHOST} ${myconf} || die "bad ./configure" + #--with-mpm={worker|prefork|perchild|leader|threadpool} + + emake || die "problem compiling Apache2 :(" + + #build ssl version of apache bench (ab-ssl) + cd support; rm -f ab .libs/ab ab.lo ab.o + make ab CFLAGS="${CFLAGS} -DUSE_SSL -lcrypto -lssl \ + -I/usr/include/openssl -L/usr/lib" || die + mv ab ab-ssl; mv .libs/ab .libs/ab-ssl; rm -f ab.lo ab.o + make ab || die +} + +src_install () { + local i + make DESTDIR=${D} install || die + dodoc ABOUT_APACHE CHANGES INSTALL LAYOUT \ + LICENSE README* ROADMAP ${FILESDIR}/robots.txt + + #bogus values pointing at /var/tmp/portage + #hmm theres more too.. doesnt appear to hurt anything though... + perl -pi -e "s/(APR_SOURCE_DIR=).*/\1\"\"/" ${D}/usr/bin/apr-config + perl -pi -e "s/(APU_SOURCE_DIR=).*/\1\"\"/" ${D}/usr/bin/apu-config + perl -pi -e "s/(APU_BUILD_DIR=).*/\1\"\"/" ${D}/usr/bin/apu-config + + #protect the suexec binary + local gid=`grep ^apache: /etc/group |cut -d: -f3` + [ -z "${gid}" ] && gid=81 + fowners root.${gid} /usr/sbin/suexec + fperms 4710 /usr/sbin/suexec + + #setup links in /etc/apache2 + cd ${D}/etc/apache2 + ln -sf ../../usr/lib/apache2 modules + #apxs needs this to pickup the right lib for install + ln -sf ../../usr/lib lib + ln -sf ../../var/log/apache2 logs + ln -sf ../../usr/lib/apache2-extramodules extramodules + cd ${S} + + #credits to advx.org people for these scripts + exeinto /usr/sbin + for i in apache2logserverstatus apache2splitlogfile + do + doexe ${FILESDIR}/2.0.40/$i + done + exeinto /usr/lib/ssl/apache2-mod_ssl + doexe ${FILESDIR}/2.0.40/gentestcrt.sh + + #some more scripts + exeinto /usr/sbin + for i in split-logfile list_hooks.pl logresolve.pl log_server_status + do + doexe ${S}/support/$i + done + #the ssl version of apache bench + doexe support/.libs/ab-ssl + + #move some mods to extramodules + dodir /usr/lib/apache2-extramodules + for i in mod_ssl.so mod_ldap.so mod_auth_ldap.so + do + [ -x ${D}/usr/lib/apache2/$i ] && \ + mv ${D}/usr/lib/apache2/$i ${D}/usr/lib/apache2-extramodules + done + + #modules.d config file snippets + insinto /etc/apache2/conf/modules.d + for i in 40_mod_ssl.conf 41_mod_ssl.default-vhost.conf 45_mod_dav.conf + do + doins ${FILESDIR}/2.0.40/$i + done + use ldap && doins ${FILESDIR}/2.0.40/46_mod_ldap.conf + + #drop in a convenient link to the manual + local datadir=`grep ^apache: /etc/passwd | cut -d: -f6` + [ -z "$datadir" ] && datadir="/home/httpd" + dosym /usr/share/doc/${PF}/manual ${datadir}/htdocs/manual + + #SLOT=2! can probably get rid of this junk down the road... + cd ${D} + mv -v usr/sbin/apachectl usr/sbin/apache2ctl + mv -v usr/sbin/htdigest usr/sbin/htdigest2 + mv -v usr/sbin/htpasswd usr/sbin/htpasswd2 + mv -v usr/sbin/logresolve usr/sbin/logresolve2 + mv -v usr/sbin/apxs usr/sbin/apxs2 + mv -v usr/sbin/ab usr/sbin/ab2 + mv -v usr/sbin/ab-ssl usr/sbin/ab2-ssl + mv -v usr/sbin/suexec usr/sbin/suexec2 + mv -v usr/sbin/rotatelogs usr/sbin/rotatelogs2 + mv -v usr/sbin/dbmmanage usr/sbin/dbmmanage2 + mv -v usr/sbin/checkgid usr/sbin/checkgid2 + mv -v usr/sbin/split-logfile usr/sbin/split-logfile2 + mv -v usr/sbin/list_hooks.pl usr/sbin/list_hooks2.pl + mv -v usr/sbin/logresolve.pl usr/sbin/logresolve2.pl + mv -v usr/sbin/log_server_status usr/sbin/log_server_status2 + mv -v usr/share/man/man1/htdigest.1 usr/share/man/man1/htdigest2.1 + mv -v usr/share/man/man1/htpasswd.1 usr/share/man/man1/htpasswd2.1 + mv -v usr/share/man/man1/dbmmanage.1 usr/share/man/man1/dbmmanage2.1 + mv -v usr/share/man/man8/ab.8 usr/share/man/man8/ab2.8 + mv -v usr/share/man/man8/apxs.8 usr/share/man/man8/apxs2.8 + mv -v usr/share/man/man8/apachectl.8 usr/share/man/man8/apache2ctl.8 + mv -v usr/share/man/man8/httpd.8 usr/share/man/man8/apache2.8 + mv -v usr/share/man/man8/logresolve.8 usr/share/man/man8/logresolve2.8 + mv -v usr/share/man/man8/rotatelogs.8 usr/share/man/man8/rotatelogs2.8 + mv -v usr/share/man/man8/suexec.8 usr/share/man/man8/suexec2.8 + + #tidy up + mv ${D}/usr/sbin/envvars* ${D}/usr/lib/apache2/build + dodoc ${D}/etc/apache2/conf/*-std.conf + rm -f ${D}/etc/apache2/conf/*.conf + rm -rf ${D}/var/run ${D}/var/log + + #config files + insinto /etc/conf.d; newins ${FILESDIR}/2.0.40/apache2.confd apache2 + exeinto /etc/init.d; newexe ${FILESDIR}/2.0.40/apache2.initd apache2 + insinto /etc/apache2; doins ${FILESDIR}/2.0.40/apache2-builtin-mods + insinto /etc/apache2/conf + doins ${FILESDIR}/2.0.40/commonapache2.conf + doins ${FILESDIR}/2.0.40/apache2.conf + insinto /etc/apache2/conf/vhosts + doins ${FILESDIR}/2.0.40/virtual-homepages.conf + doins ${FILESDIR}/2.0.40/dynamic-vhosts.conf + doins ${FILESDIR}/2.0.40/vhosts.conf +} + +parse_modules_config() { + local filename=$1 + local name="" + local dso="" + local disable="" + [ -f ${filename} ] || return 1 + for i in `cat $filename | sed "s/^#.*//"` ; do + if [ $i == "-" ] ; then + disable="true" + elif [ -z "$name" ] && [ ! -z "`echo $i | grep "mod_"`" ] ; then + name=`echo $i | sed "s/mod_//"` + elif [ "$disable" ] && ( [ $i == "static" ] || [ $i == "shared" ] ) ; then + MY_BUILTINS="${MY_BUILTINS} --disable-$name" + name="" ; disable="" + elif [ $i == "static" ] ; then + MY_BUILTINS="${MY_BUILTINS} --enable-$name=yes" + name="" ; disable="" + elif [ $i == "shared" ] ; then + MY_BUILTINS="${MY_BUILTINS} --enable-$name=shared" + name="" ; disable="" + fi + done + einfo "${filename} options:\n${MY_BUILTINS}" +} + +select_modules_config() { + parse_modules_config /etc/apache2/apache2-builtin-mods || \ + parse_modules_config ${FILESDIR}/2.0.40/apache2-builtin-mods || \ + return 1 +} + +pkg_postinst() { + #empty dirs... + install -d -m0755 -o root -g root ${ROOT}/var/lib/dav + install -d -m0755 -o root -g root ${ROOT}/var/log/apache2 + install -d -m0755 -o root -g root ${ROOT}/var/cache/apache2 + install -d -m0755 -o root -g root ${ROOT}/etc/apache2/conf/ssl + + cd ${ROOT}/etc/apache2/conf/ssl + einfo "Generating self-signed test certificate in /etc/apache2/conf/ssl..." + einfo "(Ignore any message from the yes command below)" + yes "" | ${ROOT}/usr/lib/ssl/apache2-mod_ssl/gentestcrt.sh >/dev/null 2>&1 + einfo +} diff --git a/net-www/apache/apache-2.0.43.ebuild b/net-www/apache/apache-2.0.43.ebuild deleted file mode 100644 index 4797b2673f92..000000000000 --- a/net-www/apache/apache-2.0.43.ebuild +++ /dev/null @@ -1,83 +0,0 @@ -# Copyright 1999-2002 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-www/apache/apache-2.0.43.ebuild,v 1.2 2002/11/26 09:02:56 aliz Exp $ - -IUSE="ssl" - -S="${WORKDIR}/httpd-${PV}" - -KEYWORDS="x86 ppc" -DESCRIPTION="Apache Web Server, Version 2.0.x" -SRC_URI="http://www.apache.org/dist/httpd/httpd-${PV}.tar.gz" -HOMEPAGE="http://www.apache.org" -LICENSE="Apache-1.1" -SLOT="2" - -DEPEND="virtual/glibc - >=dev-libs/mm-1.1.3 - >=sys-libs/gdbm-1.8 - >=dev-libs/expat-1.95.2 - >=sys-devel/perl-5.6.1 - ssl? >=dev-libs/openssl-0.9.6e" - -src_compile() { - PREFIX=/usr/lib/apache2 - - select_modules_config || die "determining modules" - ./configure \ - --host=${CHOST} \ - --prefix=${PREFIX} \ - --infodir=/usr/share/info \ - --mandir=/usr/share/man \ - --sysconfdir=/etc/apache2 \ - --datadir=/home/httpd \ - --enable-suexec \ - --with-suexec-uidmin=1000 \ - --with-suexec-gidmin=100 \ - ${MY_BUILTINS} \ - || die "./configure failed" - emake || die "Make failed" -} - -src_install () { - make DESTDIR=${D} install || die "make install failed" - - # Install documentation. - dodoc CHANGES INSTALL LICENSE README - - insinto /etc/conf.d; newins ${FILESDIR}/2.0.40/apache2.confd apache2 - exeinto /etc/init.d; newexe ${FILESDIR}/2.0.40/apache2.initd apache2 - insinto /etc/apache2; doins ${FILESDIR}/2.0.40/apache2-builtin-mods -} - -parse_modules_config() { - local filename=$1 - local name="" - local dso="" - local disable="" - [ -f ${filename} ] || return 1 - einfo ">>> using ${filename} for builtins..." - for i in `cat $filename | sed "s/^#.*//"` ; do - if [ $i == "-" ] ; then - disable="true" - elif [ -z "$name" ] && [ ! -z "`echo $i | grep "mod_"`" ] ; then - name=`echo $i | sed "s/mod_//"` - elif [ "$disable" ] && ( [ $i == "static" ] || [ $i == "shared" ] ) ; then - MY_BUILTINS="${MY_BUILTINS} --disable-$name" - name="" ; disable="" - elif [ $i == "static" ] ; then - MY_BUILTINS="${MY_BUILTINS} --enable-$name=yes" - name="" ; disable="" - elif [ $i == "shared" ] ; then - MY_BUILTINS="${MY_BUILTINS} --enable-$name=shared" - name="" ; disable="" - fi - done - einfo ">>> Here is your custom config line:\n${MY_BUILTINS}" -} - -select_modules_config() { - parse_modules_config /etc/apache/apache2-builtin-mods || \ - parse_modules_config ${FILESDIR}/2.0.40/apache2-builtin-mods || \ - return 1 -} diff --git a/net-www/apache/files/2.0.40/40_mod_ssl.conf b/net-www/apache/files/2.0.40/40_mod_ssl.conf new file mode 100644 index 000000000000..1be3e65d105c --- /dev/null +++ b/net-www/apache/files/2.0.40/40_mod_ssl.conf @@ -0,0 +1,104 @@ +<IfDefine SSL> + <IfModule !mod_ssl.c> + LoadModule ssl_module extramodules/mod_ssl.so + </IfModule> +</IfDefine> + +<IfModule mod_ssl.c> + +# +# This is the Apache server configuration file providing SSL support. +# It contains the configuration directives to instruct the server how to +# serve pages over an https connection. For detailing information about these +# directives see <URL:http://httpd.apache.org/docs-2.0/mod/mod_ssl.html> +# +# For the moment, see <URL:http://www.modssl.org/docs/> for this info. +# The documents are still being prepared from material donated by the +# modssl project. +# +# Do NOT simply read the instructions in here without understanding +# what they do. They're here only as hints or reminders. If you are unsure +# consult the online docs. You have been warned. +# + +# Until documentation is completed, please check http://www.modssl.org/ +# for additional config examples and module docmentation. Directives +# and features of mod_ssl are largely unchanged from the mod_ssl project +# for Apache 1.3. + +# +# When we also provide SSL we have to listen to the +# standard HTTP port (see above) and to the HTTPS port +# + +Listen 443 + +# +# Dynamic Shared Object (DSO) Support +# +# To be able to use the functionality of a module which was built as a DSO you +# ErrorLog logs/dummy-host.example.com-error_log +# CustomLog logs/dummy-host.example.com-access_log common + +## +## SSL Global Context +## +## All SSL configuration in this context applies both to +## the main server and all SSL-enabled virtual hosts. +## + +# +# Some MIME-types for downloading Certificates and CRLs +# + +<IfModule mod_mime.c> +AddType application/x-x509-ca-cert .crt +AddType application/x-pkcs7-crl .crl +</IfModule> + +# Pass Phrase Dialog: +# Configure the pass phrase gathering process. +# The filtering dialog program (`builtin' is a internal +# terminal dialog) has to provide the pass phrase on stdout. + +SSLPassPhraseDialog builtin + +# Inter-Process Session Cache: +# Configure the SSL Session Cache: First the mechanism +# to use and second the expiring timeout (in seconds). +#SSLSessionCache none +#SSLSessionCache shmht:logs/ssl_scache(512000) +#SSLSessionCache shmcb:logs/ssl_scache(512000) + +#SSLSessionCache dbm:logs/ssl_scache +SSLSessionCache shmht:logs/ssl_scache(128000) + +SSLSessionCacheTimeout 300 + +# Semaphore: +# Configure the path to the mutual exclusion semaphore the +# SSL engine uses internally for inter-process synchronization. + +SSLMutex file:logs/ssl_mutex + +# Pseudo Random Number Generator (PRNG): +# Configure one or more sources to seed the PRNG of the +# SSL library. The seed data should be of good random quality. +# WARNING! On some platforms /dev/random blocks if not enough entropy +# is available. This means you then cannot use the /dev/random device +# because it would lead to very long connection times (as long as +# it requires to make more entropy available). But usually those +# platforms additionally provide a /dev/urandom device which doesn't +# block. So, if available, use this one instead. Read the mod_ssl User +# Manual for more details. + +SSLRandomSeed startup builtin +SSLRandomSeed connect builtin + +#SSLRandomSeed startup file:/dev/random 512 +#SSLRandomSeed startup file:/dev/urandom 512 +#SSLRandomSeed connect file:/dev/random 512 +#SSLRandomSeed connect file:/dev/urandom 512 + + +</IfModule> diff --git a/net-www/apache/files/2.0.40/41_mod_ssl.default-vhost.conf b/net-www/apache/files/2.0.40/41_mod_ssl.default-vhost.conf new file mode 100644 index 000000000000..f79b177ce5ee --- /dev/null +++ b/net-www/apache/files/2.0.40/41_mod_ssl.default-vhost.conf @@ -0,0 +1,199 @@ +<IfDefine SSL> + <IfModule !mod_ssl.c> + LoadModule ssl_module extramodules/mod_ssl.so + </IfModule> +</IfDefine> + +<IfModule mod_ssl.c> + +## +## SSL Virtual Host Context +## + +<VirtualHost _default_:443> + +# General setup for the virtual host + +DocumentRoot "/home/httpd/htdocs" +#ServerName localhost:443 +#ServerAdmin root@localhost +ErrorLog logs/ssl_error_log +<IfModule mod_log_config.c> +TransferLog logs/ssl_access_log +</IfModule> +# SSL Engine Switch: +# Enable/Disable SSL for this virtual host. + +SSLEngine on + +# SSL Cipher Suite: +# List the ciphers that the client is permitted to negotiate. +# See the mod_ssl documentation for a complete list. + +SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + +# Server Certificate: +# Point SSLCertificateFile at a PEM encoded certificate. If +# the certificate is encrypted, then you will be prompted for a +# pass phrase. Note that a kill -HUP will prompt again. A test +# certificate can be generated with `make certificate' under +# built time. Keep in mind that if you've both a RSA and a DSA +# certificate you can configure both in parallel (to also allow +# the use of DSA ciphers, etc.) + +SSLCertificateFile conf/ssl/server.crt + +# Server Private Key: +# If the key is not combined with the certificate, use this +# directive to point at the key file. Keep in mind that if +# you've both a RSA and a DSA private key you can configure +# both in parallel (to also allow the use of DSA ciphers, etc.) + +SSLCertificateKeyFile conf/ssl/server.key + +# Server Certificate Chain: +# Point SSLCertificateChainFile at a file containing the +# concatenation of PEM encoded CA certificates which form the +# certificate chain for the server certificate. Alternatively +# the referenced file can be the same as SSLCertificateFile +# when the CA certificates are directly appended to the server +# certificate for convinience. +#SSLCertificateChainFile conf/ssl/ca.crt + +# Certificate Authority (CA): +# Set the CA certificate verification path where to find CA +# certificates for client authentication or alternatively one +# huge file containing all of them (file must be PEM encoded) +# Note: Inside SSLCACertificatePath you need hash symlinks +# to point to the certificate files. Use the provided +# Makefile to update the hash symlinks after changes. +#SSLCACertificatePath conf/ssl/ssl.crt +#SSLCACertificateFile conf/ssl/ca-bundle.crt + +# Certificate Revocation Lists (CRL): +# Set the CA revocation path where to find CA CRLs for client +# authentication or alternatively one huge file containing all +# of them (file must be PEM encoded) +# Note: Inside SSLCARevocationPath you need hash symlinks +# to point to the certificate files. Use the provided +# Makefile to update the hash symlinks after changes. +#SSLCARevocationPath conf/ssl/ssl.crl +#SSLCARevocationFile conf/ssl/ca-bundle.crl + +# Client Authentication (Type): +# Client certificate verification type and depth. Types are +# none, optional, require and optional_no_ca. Depth is a +# number which specifies how deeply to verify the certificate +# issuer chain before deciding the certificate is not valid. +#SSLVerifyClient require +#SSLVerifyDepth 10 + +# Access Control: +# With SSLRequire you can do per-directory access control based +# on arbitrary complex boolean expressions containing server +# variable checks and other lookup directives. The syntax is a +# mixture between C and Perl. See the mod_ssl documentation +# for more details. +#<Location /> +#SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ +# and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ +# and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ +# and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ +# and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ +# or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ +#</Location> + +# SSL Engine Options: +# Set various options for the SSL engine. +# o FakeBasicAuth: +# Translate the client X.509 into a Basic Authorisation. This means that +# the standard Auth/DBMAuth methods can be used for access control. The +# user name is the `one line' version of the client's X.509 certificate. +# Note that no password is obtained from the user. Every entry in the user +# file needs this password: `xxj31ZMTZzkVA'. +# o ExportCertData: +# This exports two additional environment variables: SSL_CLIENT_CERT and +# SSL_SERVER_CERT. These contain the PEM-encoded certificates of the +# server (always existing) and the client (only existing when client +# authentication is used). This can be used to import the certificates +# into CGI scripts. +# o StdEnvVars: +# This exports the standard SSL/TLS related `SSL_*' environment variables. +# Per default this exportation is switched off for performance reasons, +# because the extraction step is an expensive operation and is usually +# useless for serving static content. So one usually enables the +# exportation for CGI and SSI requests only. +# o CompatEnvVars: +# This exports obsolete environment variables for backward compatibility +# to Apache-SSL 1.x, mod_ssl 2.0.x, Sioux 1.0 and Stronghold 2.x. Use this +# to provide compatibility to existing CGI scripts. +# o StrictRequire: +# This denies access when "SSLRequireSSL" or "SSLRequire" applied even +# under a "Satisfy any" situation, i.e. when it applies access is denied +# and no other module can change it. +# o OptRenegotiate: +# This enables optimized SSL connection renegotiation handling when SSL +# directives are used in per-directory context. +#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire + +<Files ~ "\.(cgi|shtml|phtml|php?)$"> + + SSLOptions +StdEnvVars + +</Files> + +<Directory "/home/httpd/cgi-bin"> + + SSLOptions +StdEnvVars + +</Directory> + +# SSL Protocol Adjustments: +# The safe and default but still SSL/TLS standard compliant shutdown +# approach is that mod_ssl sends the close notify alert but doesn't wait for +# the close notify alert from client. When you need a different shutdown +# approach you can use one of the following variables: +# o ssl-unclean-shutdown: +# This forces an unclean shutdown when the connection is closed, i.e. no +# SSL close notify alert is send or allowed to received. This violates +# the SSL/TLS standard but is needed for some brain-dead browsers. Use +# this when you receive I/O errors because of the standard approach where +# mod_ssl sends the close notify alert. +# o ssl-accurate-shutdown: +# This forces an accurate shutdown when the connection is closed, i.e. a +# SSL close notify alert is send and mod_ssl waits for the close notify +# alert of the client. This is 100% SSL/TLS standard compliant, but in +# practice often causes hanging connections with brain-dead browsers. Use +# this only for browsers where you know that their SSL implementation +# works correctly. +# Notice: Most problems of broken clients are also related to the HTTP +# keep-alive facility, so you usually additionally want to disable +# keep-alive for those clients, too. Use variable "nokeepalive" for this. +# Similarly, one has to force some clients to use HTTP/1.0 to workaround +# their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and +# "force-response-1.0" for this. + +<IfModule mod_setenvif.c> + + SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 + +</IfModule> + +# Per-Server Logging: +# The home of a custom SSL log file. Use this when you want a +# compact non-error SSL logfile on a virtual host basis. + +<IfModule mod_log_config.c> +CustomLog logs/ssl_request_log \ + "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" +</IfModule> + +<IfModule mod_rewrite.c> +RewriteEngine On +RewriteOptions inherit +</IfModule> + +</VirtualHost> + +</IfModule> diff --git a/net-www/apache/files/2.0.40/45_mod_dav.conf b/net-www/apache/files/2.0.40/45_mod_dav.conf new file mode 100644 index 000000000000..74dffd07d218 --- /dev/null +++ b/net-www/apache/files/2.0.40/45_mod_dav.conf @@ -0,0 +1,31 @@ +<IfDefine DAV> + <IfModule !mod_dav.c> + LoadModule dav_module modules/mod_dav.so + </IfModule> +</IfDefine> + +<IfDefine DAV_FS> + <IfModule !mod_dav_fs.c> + LoadModule dav_fs_module modules/mod_dav_fs.so + </IfModule> +</IfDefine> + +<IfModule mod_dav.c> + + DavMinTimeout 600 +# <Location /mypages> +# Options None +# Dav On +# <Limit PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK> +# Require user greg +# </Limit> +# </Location> + +</IfModule> + +<IfModule mod_dav_fs.c> + + # Location of the WebDAV lock database. + DavLockDB /var/lib/dav/lockdb + +</IfModule> diff --git a/net-www/apache/files/2.0.40/46_mod_ldap.conf b/net-www/apache/files/2.0.40/46_mod_ldap.conf new file mode 100644 index 000000000000..25df4cf009b8 --- /dev/null +++ b/net-www/apache/files/2.0.40/46_mod_ldap.conf @@ -0,0 +1,40 @@ +<IfDefine LDAP> + <IfModule !util_ldap.c> + LoadModule ldap_module extramodules/mod_ldap.so + </IfModule> +</IfDefine> + +<IfDefine AUTH_LDAP> + <IfModule !mod_auth_ldap.c> + LoadModule auth_ldap_module extramodules/mod_auth_ldap.so + </IfModule> +</IfDefine> + +# Examples below are taken from the online documentation +# Refer to: +# http://localhost/manual/mod/mod_ldap.html +# http://localhost/manual/mod/mod_auth_ldap.html + +<IfModule util_ldap.c> + + LDAPSharedCacheSize 200000 + LDAPCacheEntries 1024 + LDAPCacheTTL 600 + LDAPOpCacheEntries 1024 + LDAPOpCacheTTL 600 + + <Location /ldap-status> + SetHandler ldap-status + Order deny,allow + Deny from all + Allow from 127.0.0.1 + </Location> + +</IfModule> + +<IfModule mod_auth_ldap.c> + + #AuthLDAPURL ldap://ldap1.airius.com:389/ou=People, o=Airius?uid?sub?(objectClass=*) + #require valid-user + +</IfModule> diff --git a/net-www/apache/files/2.0.40/apache2-builtin-mods b/net-www/apache/files/2.0.40/apache2-builtin-mods index 5e6a82f957e4..9fc9f10ad4e3 100644 --- a/net-www/apache/files/2.0.40/apache2-builtin-mods +++ b/net-www/apache/files/2.0.40/apache2-builtin-mods @@ -1,21 +1,9 @@ -# /space/gentoo/cvsroot/gentoo-x86/net-www/apache/files/apache-builtin-mods,v 1.2 2002/05/04 23:23:00 woodchip Exp +# $Header: /var/cvsroot/gentoo-x86/net-www/apache/files/2.0.40/apache2-builtin-mods,v 1.2 2002/11/28 20:23:09 woodchip Exp $ # -# This is a config file for choosing which Apache built-in modules you -# want and how they should be compiled. You have the option of either -# compiling them statically into the apache binary, or building them -# as DSO's (Dynamic Shared Object). Please consult some documentation -# for reasons why you'd want one versus the other. This file simply -# helps to make your life easier when customizing and upgrading your -# Apache server. The defaults are _fine_ for most users, and it is -# assumed you _know_ what you're doing if you change things in here. -# -# This file will be installed into /etc/apache when you first emerge -# Apache. If/when you upgrade by installing a newer version, it will -# be consulted for your options. In this way, your previous -# configuration is preserved without the need to edit the actual -# ebuild. The default configuration in the Apache ebuild's files/ -# directory is used as a fallback if the one in /etc/apache is not -# available. +# This file will be installed into /etc/apache2 when you first emerge +# Apache2. If/when you upgrade, it will be consulted for your options, +# thus preserving your previous configuration. The default configuration +# in files/ is used if the one in /etc/apache2 isn't available. # # To compile a module statically into the apache binary, simply put # static beside it. To compile a module as a DSO, put shared beside @@ -28,62 +16,64 @@ # - mod_alias shared ( this module would not be built at all ) # # Please be aware that if you _do_ customize these then you'll need -# to manually adjust your apache.conf file, tweaking the LoadModule -# and AddModule lines accordingly or else your server will fail to -# start! You've been warned ;) -# -# // woodchip +# to manually adjust your apache2.conf file, tweaking the LoadModule +# lines accordingly or else your server will fail to start; you've +# been warned! (woodchip@gentoo.org Nov 21 2002) +- mod_example shared mod_access shared -mod_actions shared -mod_alias shared -mod_asis shared mod_auth shared -mod_auth_anon shared mod_auth_dbm shared +mod_auth_anon shared mod_auth_digest shared -mod_autoindex shared -mod_bucketeer shared +mod_alias shared +mod_file-cache shared +mod_echo shared +mod_charset-lite shared mod_cache shared +mod_disk-cache shared +mod_mem-cache shared +mod_ext-filter shared mod_case_filter shared -mod_case_filter_in shared -mod_cern_meta shared -mod_cgi shared -mod_cgid shared -mod_charset_lite shared -mod_dav shared -mod_dav_fs shared +mod_case-filter-in shared mod_deflate shared -mod_dir shared -mod_disk_cache shared -mod_echo shared -mod_env shared -mod_example shared +mod_mime-magic shared +mod_cern-meta shared mod_expires shared -mod_ext_filter shared -mod_file_cache shared mod_headers shared -mod_imap shared -mod_include shared -mod_info shared -mod_log_config shared -mod_mem_cache shared -mod_mime shared -mod_mime_magic shared -mod_negotiation shared -mod_optional_fn_export shared -mod_optional_fn_import shared -mod_optional_hook_export shared -mod_optional_hook_import shared +mod_usertrack shared +mod_unique-id shared mod_proxy shared +mod_proxy-connect shared +mod_proxy-ftp shared +mod_proxy-http shared +mod_ssl shared +mod_optional-hook-export shared +mod_optional-hook-import shared +mod_optional-fn-import shared +mod_optional-fn-export shared +mod_bucketeer shared +mod_info shared +mod_include shared +mod_cgi shared +mod_cgid shared +mod_dav shared +mod_dav-fs shared +mod_vhost-alias shared +mod_speling shared mod_rewrite shared +mod_log_config shared +mod_logio shared +mod_env shared mod_setenvif shared -mod_so static -mod_speling shared -mod_ssl shared +mod_mime shared mod_status shared -mod_suexec shared -mod_unique_id shared +mod_autoindex shared +mod_asis shared +mod_negotiation shared +mod_dir shared +mod_imap shared +mod_actions shared mod_userdir shared -mod_usertrack shared -mod_vhost_alias shared +mod_alias shared +mod_so static diff --git a/net-www/apache/files/2.0.40/apache2.conf b/net-www/apache/files/2.0.40/apache2.conf new file mode 100644 index 000000000000..811b6a8053a7 --- /dev/null +++ b/net-www/apache/files/2.0.40/apache2.conf @@ -0,0 +1,190 @@ +### /etc/apache2/conf/apache2.conf +### $Id: apache2.conf,v 1.1 2002/11/28 20:23:09 woodchip Exp $ +### +### Main Configuration Section +### You really shouldn't change these settings unless you're a guru +### +ServerRoot /etc/apache2 +#ServerName localhost +#LockFile /etc/apache2/apache2.lock +PidFile /var/run/apache2.pid +ErrorLog logs/error_log +LogLevel warn +DocumentRoot /home/httpd/htdocs + +### Dynamic Shared Object (DSO) Support +### +### You should always leave these three, as they are needed for normal use. +### mod_access (Order, Allow, etc..) +### mod_log_config (Transferlog, etc..) +### mod_mime (AddType, etc...) +### +LoadModule access_module modules/mod_access.so +LoadModule auth_module modules/mod_auth.so +LoadModule auth_anon_module modules/mod_auth_anon.so +LoadModule auth_dbm_module modules/mod_auth_dbm.so +LoadModule auth_digest_module modules/mod_auth_digest.so +LoadModule include_module modules/mod_include.so +LoadModule log_config_module modules/mod_log_config.so +LoadModule env_module modules/mod_env.so +LoadModule mime_magic_module modules/mod_mime_magic.so +LoadModule cern_meta_module modules/mod_cern_meta.so +LoadModule expires_module modules/mod_expires.so +LoadModule headers_module modules/mod_headers.so +LoadModule usertrack_module modules/mod_usertrack.so +LoadModule unique_id_module modules/mod_unique_id.so +LoadModule setenvif_module modules/mod_setenvif.so +LoadModule proxy_module modules/mod_proxy.so +LoadModule proxy_connect_module modules/mod_proxy_connect.so +LoadModule proxy_ftp_module modules/mod_proxy_ftp.so +LoadModule proxy_http_module modules/mod_proxy_http.so +LoadModule mime_module modules/mod_mime.so +LoadModule status_module modules/mod_status.so +LoadModule autoindex_module modules/mod_autoindex.so +LoadModule asis_module modules/mod_asis.so +LoadModule info_module modules/mod_info.so +LoadModule cgi_module modules/mod_cgi.so +LoadModule cgid_module modules/mod_cgid.so +LoadModule vhost_alias_module modules/mod_vhost_alias.so +LoadModule negotiation_module modules/mod_negotiation.so +LoadModule dir_module modules/mod_dir.so +LoadModule imap_module modules/mod_imap.so +LoadModule actions_module modules/mod_actions.so +LoadModule speling_module modules/mod_speling.so +LoadModule userdir_module modules/mod_userdir.so +LoadModule alias_module modules/mod_alias.so +LoadModule rewrite_module modules/mod_rewrite.so + +### +### New Modules for 2.0 (some are experimental) +### +LoadModule file_cache_module modules/mod_file_cache.so +LoadModule echo_module modules/mod_echo.so +LoadModule charset_lite_module modules/mod_charset_lite.so +LoadModule cache_module modules/mod_cache.so +LoadModule disk_cache_module modules/mod_disk_cache.so +LoadModule mem_cache_module modules/mod_mem_cache.so +LoadModule ext_filter_module modules/mod_ext_filter.so +LoadModule case_filter_module modules/mod_case_filter.so +LoadModule case_filter_in_module modules/mod_case_filter_in.so +LoadModule deflate_module modules/mod_deflate.so +LoadModule optional_hook_export_module modules/mod_optional_hook_export.so +LoadModule optional_hook_import_module modules/mod_optional_hook_import.so +LoadModule optional_fn_import_module modules/mod_optional_fn_import.so +LoadModule optional_fn_export_module modules/mod_optional_fn_export.so +LoadModule bucketeer_module modules/mod_bucketeer.so +LoadModule logio_module modules/mod_logio.so + +### +### Global Configuration +### +# Splitting up apache2.conf into two files makes it easier to support +# multiple configurations on the same serer. In commonapache2.conf +# you keep directives that apply to all implementations and in this +# file you keep server-specific directives. While we don't yet have +# multiple configurations out-of-the-box, this allows us to do that +# in the future easily. (PERLPROXIED *ahem*) +# +# For Apache2 we load all conf files in conf/modules.d +Include conf/modules.d/*.conf +Include conf/commonapache2.conf + +### +### IP Address/Port +### +#BindAddress * +Listen 80 + +### +### Log configuration Section +### +<IfModule mod_log_config.c> +#Single logfile with access, agent and referer information +#This is the default, if vlogs are not defined for the main server +CustomLog logs/access_log combined env=!VLOG +#If VLOG is defined in conf/vhosts/vhosts.conf, we use this entry +#CustomLog "|/usr/sbin/apache2splitlogfile" vhost env=VLOG +</IfModule> + +### +### Virtual Hosts +### +# We include different templates for Virtual Hosting. Have a look in the +# vhosts directory and modify to suit your needs. +Include conf/vhosts/vhosts.conf +#Include conf/vhosts/dynamic-vhosts.conf +#Include conf/vhosts/virtual-homepages.conf + +### +### Performance settings Section +### +# +# Timeout: The number of seconds before receives and sends time out. +# +Timeout 300 + +# +# KeepAlive: Whether or not to allow persistent connections (more than +# one request per connection). Set to "Off" to deactivate. +# +KeepAlive On + +# +# MaxKeepAliveRequests: The maximum number of requests to allow +# during a persistent connection. Set to 0 to allow an unlimited amount. +# We recommend you leave this number high, for maximum performance. +# +MaxKeepAliveRequests 100 + +# +# KeepAliveTimeout: Number of seconds to wait for the next request from the +# same client on the same connection. +# +KeepAliveTimeout 15 + +# prefork MPM [THIS IS THE DEFAULT] +# StartServers: number of server processes to start +# MinSpareServers: minimum number of server processes which are kept spare +# MaxSpareServers: maximum number of server processes which are kept spare +# MaxClients: maximum number of server processes allowed to start +# MaxRequestsPerChild: maximum number of requests a server process serves +<IfModule prefork.c> +StartServers 5 +MinSpareServers 5 +MaxSpareServers 10 +MaxClients 150 +MaxRequestsPerChild 0 +</IfModule> + +# worker MPM +# StartServers: initial number of server processes to start +# MaxClients: maximum number of simultaneous client connections +# MinSpareThreads: minimum number of worker threads which are kept spare +# MaxSpareThreads: maximum number of worker threads which are kept spare +# ThreadsPerChild: constant number of worker threads in each server process +# MaxRequestsPerChild: maximum number of requests a server process serves +<IfModule worker.c> +StartServers 2 +MaxClients 150 +MinSpareThreads 25 +MaxSpareThreads 75 +ThreadsPerChild 25 +MaxRequestsPerChild 0 +</IfModule> + +# perchild MPM +# NumServers: constant number of server processes +# StartThreads: initial number of worker threads in each server process +# MinSpareThreads: minimum number of worker threads which are kept spare +# MaxSpareThreads: maximum number of worker threads which are kept spare +# MaxThreadsPerChild: maximum number of worker threads in each server process +# MaxRequestsPerChild: maximum number of connections per server process +<IfModule perchild.c> +NumServers 5 +StartThreads 5 +MinSpareThreads 5 +MaxSpareThreads 10 +MaxThreadsPerChild 20 +MaxRequestsPerChild 0 +</IfModule> + diff --git a/net-www/apache/files/2.0.40/apache2.confd b/net-www/apache/files/2.0.40/apache2.confd index 2973ae29a2cb..428c1b70e6d1 100644 --- a/net-www/apache/files/2.0.40/apache2.confd +++ b/net-www/apache/files/2.0.40/apache2.confd @@ -1,29 +1,21 @@ # Copyright 1999-2002 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License, v2 or later -# /space/gentoo/cvsroot/gentoo-x86/net-www/apache/files/apache.confd,v 1.2 2002/05/04 23:23:00 woodchip Exp +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-www/apache/files/2.0.40/apache2.confd,v 1.2 2002/11/28 20:23:09 woodchip Exp $ # Config file for /etc/init.d/apache2 -# Here's an example from /etc/apache2/conf/apache.conf using mod_ssl: +# An example from /etc/apache2/conf/modules.d/40_mod_ssl.conf: # # <IfDefine SSL> -# LoadModule ssl_module extramodules/libssl.so +# <IfModule !mod_ssl.c> +# LoadModule ssl_module extramodules/mod_ssl.so +# </IfModule> # </IfDefine> # -# This means that libssl.so is only loaded into the server when you -# pass "-D SSL" to it at startup. -# -# Anything else in apache.conf which is guarded similarly, like: -# -# <IfDefine FOO> ... </IfDefine> -# -# can be easily turned on/off by editing APACHE_OPTS2 below to -# include or to not include "-D FOO". -# -# If you installed mod_throttle, you can add "-D THROTTLE"; if you -# installed mod_dav, then add "-D DAV". For mod_gzip use "-D GZIP". -# The mod_contribs package has several options you can use. See -# your apache.conf file for more details. - +# This means that the mod_ssl.so DSO module is only loaded +# into the server when you pass "-D SSL" at startup. To +# enable WebDAV, add "-D DAV". If you installed mod_php +# then add "-D PHP". For more options, please read the +# snippets in the /etc/apache2/conf/modules.d directory. -#APACHE2_OPTS="-D SSL -D PHP4" +#APACHE2_OPTS="-D SSL" diff --git a/net-www/apache/files/2.0.40/apache2.initd b/net-www/apache/files/2.0.40/apache2.initd index b101df2aedeb..b5296d7592e6 100644 --- a/net-www/apache/files/2.0.40/apache2.initd +++ b/net-www/apache/files/2.0.40/apache2.initd @@ -1,7 +1,7 @@ #!/sbin/runscript # Copyright 1999-2002 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License, v2 or later -# /space/gentoo/cvsroot/gentoo-x86/net-www/apache/files/apache.rc6,v 1.1 2002/04/09 23:51:39 woodchip Exp +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-www/apache/files/2.0.40/apache2.initd,v 1.3 2002/11/28 20:23:09 woodchip Exp $ depend() { need net @@ -10,21 +10,23 @@ depend() { start() { ebegin "Starting apache2" - start-stop-daemon --quiet --start --startas /usr/lib/apache2/bin/httpd \ + start-stop-daemon --quiet --start --startas /usr/sbin/apache2 \ --pidfile /var/run/apache2.pid -- -k start ${APACHE2_OPTS} eend $? } stop() { ebegin "Stopping apache2" - /usr/lib/apache2/bin/httpd -k stop ${APACHE2_OPTS} - sleep 3 + /usr/sbin/apache2 -k stop ${APACHE2_OPTS}; sleep 1 start-stop-daemon -o --quiet --stop --pidfile /var/run/apache2.pid eend $? } -svc_restart() { +restart() { ebegin "Reloading apache2" - /usr/lib/apache2/bin/httpd -k reload ${APACHE2_OPTS} + svc_stop + sleep 1 + svc_start + /usr/sbin/apache2 -k reload ${APACHE2_OPTS} eend $? } diff --git a/net-www/apache/files/2.0.40/apache2logserverstatus b/net-www/apache/files/2.0.40/apache2logserverstatus new file mode 100644 index 000000000000..b27047415b4d --- /dev/null +++ b/net-www/apache/files/2.0.40/apache2logserverstatus @@ -0,0 +1,122 @@ +#!/usr/bin/perl + +## ==================================================================== +## The Apache Software License, Version 1.1 +## +## Copyright (c) 2000 The Apache Software Foundation. All rights +## reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in +## the documentation and/or other materials provided with the +## distribution. +## +## 3. The end-user documentation included with the redistribution, +## if any, must include the following acknowledgment: +## "This product includes software developed by the +## Apache Software Foundation (http://www.apache.org/)." +## Alternately, this acknowledgment may appear in the software itself, +## if and wherever such third-party acknowledgments normally appear. +## +## 4. The names "Apache" and "Apache Software Foundation" must +## not be used to endorse or promote products derived from this +## software without prior written permission. For written +## permission, please contact apache@apache.org. +## +## 5. Products derived from this software may not be called "Apache", +## nor may "Apache" appear in their name, without prior written +## permission of the Apache Software Foundation. +## +## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +## OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +## DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR +## ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +## SUCH DAMAGE. +## ==================================================================== +## +## This software consists of voluntary contributions made by many +## individuals on behalf of the Apache Software Foundation. For more +## information on the Apache Software Foundation, please see +## <http://www.apache.org/>. +## +## Portions of this software are based upon public domain software +## originally written at the National Center for Supercomputing Applications, +## University of Illinois, Urbana-Champaign. +## + + +# Log Server Status +# Mark J Cox, UK Web Ltd 1996, mark@ukweb.com +# +# This script is designed to be run at a frequent interval by something +# like cron. It connects to the server and downloads the status +# information. It reformats the information to a single line and logs +# it to a file. Make sure the directory $wherelog is writable by the +# user who runs this script. +# +require 'sys/socket.ph'; + +# Logs will be like "/var/log/apache2/status/19960312" +$wherelog = "/var/log/apache2/status/"; +$server = "localhost"; # Name of server, could be "www.foo.com" +$port = "80"; # Port on server +$request = "/status/?auto"; # Request to send + +sub tcp_connect +{ + local($host,$port) =@_; + $sockaddr='S n a4 x8'; + chop($hostname=`hostname`); + $port=(getservbyname($port, 'tcp'))[2] unless $port =~ /^\d+$/; + $me=pack($sockaddr,&AF_INET,0,(gethostbyname($hostname))[4]); + $them=pack($sockaddr,&AF_INET,$port,(gethostbyname($host))[4]); + socket(S,&PF_INET,&SOCK_STREAM,(getprotobyname('tcp'))[2]) || + die "socket: $!"; + bind(S,$me) || return "bind: $!"; + connect(S,$them) || return "connect: $!"; + select(S); + $| = 1; + select(stdout); + return ""; +} + +### Main + +{ + $year=`date +%y`; + chomp($year); + $year += ($year < 70) ? 2000 : 1900; + $date = $year . `date +%m%d:%H%M%S`; + chomp($date); + ($day,$time)=split(/:/,$date); + $res=&tcp_connect($server,$port); + open(OUT,">>$wherelog$day"); + if ($res) { + print OUT "$time:-1:-1:-1:-1:$res\n"; + exit 1; + } + print S "GET $request\n"; + while (<S>) { + $requests=$1 if ( m|^BusyServers:\ (\S+)|); + $idle=$1 if ( m|^IdleServers:\ (\S+)|); + $number=$1 if ( m|sses:\ (\S+)|); + $cpu=$1 if (m|^CPULoad:\ (\S+)|); + } + print OUT "$time:$requests:$idle:$number:$cpu\n"; +} + + diff --git a/net-www/apache/files/2.0.40/apache2splitlogfile b/net-www/apache/files/2.0.40/apache2splitlogfile new file mode 100644 index 000000000000..642fe5aced85 --- /dev/null +++ b/net-www/apache/files/2.0.40/apache2splitlogfile @@ -0,0 +1,120 @@ +#!/usr/bin/perl +# +## ==================================================================== +## The Apache Software License, Version 1.1 +## +## Copyright (c) 2000 The Apache Software Foundation. All rights +## reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted provided that the following conditions +## are met: +## +## 1. Redistributions of source code must retain the above copyright +## notice, this list of conditions and the following disclaimer. +## +## 2. Redistributions in binary form must reproduce the above copyright +## notice, this list of conditions and the following disclaimer in +## the documentation and/or other materials provided with the +## distribution. +## +## 3. The end-user documentation included with the redistribution, +## if any, must include the following acknowledgment: +## "This product includes software developed by the +## Apache Software Foundation (http://www.apache.org/)." +## Alternately, this acknowledgment may appear in the software itself, +## if and wherever such third-party acknowledgments normally appear. +## +## 4. The names "Apache" and "Apache Software Foundation" must +## not be used to endorse or promote products derived from this +## software without prior written permission. For written +## permission, please contact apache@apache.org. +## +## 5. Products derived from this software may not be called "Apache", +## nor may "Apache" appear in their name, without prior written +## permission of the Apache Software Foundation. +## +## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +## OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +## DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR +## ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +## SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +## LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +## USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +## ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +## OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +## OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +## SUCH DAMAGE. +## ==================================================================== +## +## This software consists of voluntary contributions made by many +## individuals on behalf of the Apache Software Foundation. For more +## information on the Apache Software Foundation, please see +## <http://www.apache.org/>. +## +## Portions of this software are based upon public domain software +## originally written at the National Center for Supercomputing Applications, +## University of Illinois, Urbana-Champaign. +## +## + +## Heavily modified by Jean-Michel Dault <jmdault@mandrakesoft.com> +## for use with in the Avanced Extranet Server. +## This script can now be used with the CustomLogs directive, with a pipe. +## When in combination with SetEnv VLOG <path>, it will write the log file +## in the right place. Also, it splits the log automatically with a year +## and month prefix. Finally, we open and re-close the logfile for every +## log entry. It is slower, but it permits us to check for symlinks, and +## flush the buffers so everything is realtime and we don't lose any entry. + +# +# This script will take a combined Web server access +# log file and break its contents into separate files. +# It assumes that the first field of each line is the +# virtual host identity (put there by "%v"), and that +# the logfiles should be named that+".log" in the current +# directory. +# +# The combined log file is read from stdin. Records read +# will be appended to any existing log files. +# + +while (<STDIN>) { + # + # Get the first token from the log record; it's the + # identity of the virtual host to which the record + # applies. + # + ($vhost) = split /\s/; + # + # Normalize the virtual host name to all lowercase. + # If it's blank, the request was handled by the default + # server, so supply a default name. This shouldn't + # happen, but caution rocks. + # + $vhost = lc ($vhost) or "access"; + # + + s/VLOG=(.*)[\/]*$//; + $logs=$1; + if($logs eq "") {$logs="/var/log/apache2";} + $date=`date +%Y-%m`; + chop $date; + $filename="$logs/VLOG-$date-${vhost}.log"; + if (-l $filename) { + die "File $filename is a symlink, writing too dangerous, dying!\n"; + } + open LOGFILE, ">>$filename" + or die ("Can't open $logs/$filename"); + # + # Strip off the first token (which may be null in the + # case of the default server), and write the edited + # record to the current log file. + # + s/^\S*\s+//; + print LOGFILE $_; + close(LOGFILE); +} + +exit(0); diff --git a/net-www/apache/files/2.0.40/commonapache2.conf b/net-www/apache/files/2.0.40/commonapache2.conf new file mode 100644 index 000000000000..1e85ad77be6e --- /dev/null +++ b/net-www/apache/files/2.0.40/commonapache2.conf @@ -0,0 +1,925 @@ +### /etc/apache2/conf/commonapache2.conf +### $Id: commonapache2.conf,v 1.1 2002/11/28 20:23:09 woodchip Exp $ +### +### Common server configuration. +### +User apache +Group apache + +### +### ServerAdmin: Your address, where problems with the server should be +### e-mailed. This address appears on some server-generated pages, such +### as error documents. +### +ServerAdmin root@localhost + +### +### DocumentRoot: The directory out of which you will serve your +### documents. By default, all requests are taken from this directory, but +### symbolic links and aliases may be used to point to other locations. +### DO NOT MODIFY THIS ONE, USE apache2.conf. +### +#DocumentRoot /home/httpd/htdocs + +### +### Each directory to which Apache has access, can be configured with respect +### to which services and features are allowed and/or disabled in that +### directory (and its subdirectories). +### +### First, we configure the "default" to be a very restrictive set of +### permissions. Also, for security, we disable indexes globally. +### +### Restricted set of options: +### +<Directory /> + Options -All -Multiviews + AllowOverride None + <IfModule mod_access.c> + Order deny,allow + Deny from all + </IfModule> +</Directory> + +### +### Note that from this point forward you must specifically allow +### particular features to be enabled - so if something's not working as +### you might expect, make sure that you have specifically enabled it +### below. +### + +### +### UserDir: The name of the directory which is appended onto a user's home +### directory if a ~user request is received. +### +<IfModule mod_userdir.c> + UserDir public_html +</IfModule> + +### +### DirectoryIndex: Name of the file or files to use as a pre-written HTML +### directory index. Separate multiple entries with spaces. +### +<IfModule mod_dir.c> + DirectoryIndex index.html index.html.var index.php index.php3 index.shtml index.cgi index.pl index.htm Default.htm default.htm +</IfModule> + +### +### AccessFileName: The name of the file to look for in each directory +### for access control information. +### +AccessFileName .htaccess + +### +### The following lines prevent .htaccess files from being viewed by +### Web clients. Since .htaccess files often contain authorization +### information, access is disallowed for security reasons. Comment +### these lines out if you want Web visitors to see the contents of +### .htaccess files. If you change the AccessFileName directive above, +### be sure to make the corresponding changes here. +### +### Also, folks tend to use names such as .htpasswd for password +### files, so this will protect those as well. +### +<IfModule mod_access.c> +<Files ~ "^\.ht"> + Order allow,deny + Deny from all +</Files> +</IfModule> + +### +### CacheNegotiatedDocs: By default, Apache sends "Pragma: no-cache" with each +### document that was negotiated on the basis of content. This asks proxy +### servers not to cache the document. Uncommenting the following line disables +### this behavior, and proxies will be allowed to cache the documents. +### +#CacheNegotiatedDocs + +### +### UseCanonicalName: (new for 1.3) With this setting turned on, whenever +### Apache needs to construct a self-referencing URL (a URL that refers back +### to the server the response is coming from) it will use ServerName and +### Port to form a "canonical" name. With this setting off, Apache will +### use the hostname:port that the client supplied, when possible. This +### also affects SERVER_NAME and SERVER_PORT in CGI scripts. +### +UseCanonicalName On + +### +### TypesConfig describes where the mime.types file (or equivalent) is +### to be found. +### +<IfModule mod_mime.c> + TypesConfig conf/mime.types +</IfModule> + +### +### DefaultType is the default MIME type the server will use for a document +### if it cannot otherwise determine one, such as from filename extensions. +### If your server contains mostly text or HTML documents, "text/plain" is +### a good value. If most of your content is binary, such as applications +### or images, you may want to use "application/octet-stream" instead to +### keep browsers from trying to display binary files as text. +### +DefaultType text/plain + +### +### The mod_mime_magic module allows the server to use various hints from the +### contents of the file itself to determine its type. The MIMEMagicFile +### directive tells the module where the hint definitions are located. +### mod_mime_magic is not part of the default server (you have to add +### it yourself with a LoadModule [see the DSO paragraph in the 'Global +### Environment' section], or recompile the server and include mod_mime_magic +### as part of the configuration), so it's enclosed in an <IfModule> container. +### This means that the MIMEMagicFile directive will only be processed if the +### module is part of the server. +### +<IfModule mod_mime_magic.c> + MIMEMagicFile conf/magic +</IfModule> + +### +### HostnameLookups: Log the names of clients or just their IP addresses +### e.g., www.apache.org (on) or 204.62.129.132 (off). +### The default is off because it'd be overall better for the net if people +### had to knowingly turn this feature on, since enabling it means that +### each client request will result in AT LEAST one lookup request to the +### nameserver. +### +HostnameLookups Off + +### +### EnableMMAP: Control whether memory-mapping is used to deliver +### files (assuming that the underlying OS supports it). +### The default is on; turn this off if you serve from NFS-mounted +### filesystems. On some systems, turning it off (regardless of +### filesystem) can improve performance; for details, please see +### http://httpd.apache.org/docs-2.0/mod/core.html#enablemmap +### +EnableMMAP on + +### +### The following directives define some format nicknames for use with +### a CustomLog directive (see below). +### +<IfModule mod_log_config.c> +LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %b" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent +LogFormat "%v %h %l %u %t \"%r\" %>s %b %T" script +LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" VLOG=%{VLOG}e" vhost + + <IfModule mod_logio.c> + # You need to enable mod_logio.c to use %I and %O + LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio + </IfModule> + +# The location and format of the access logfile (Common Logfile Format). +#CustomLog logs/access_log common +# +# If you would like to have agent and referer logfiles, uncomment these +#CustomLog logs/referer_log referer +#CustomLog logs/agent_log agent +# +# If you prefer a single logfile with access, agent, and referer information +# (Combined Logfile Format) you can use the following directive. +#CustomLog logs/access_log combined +# +</IfModule> +# End of Log directives. + +### +### ServerTokens +### This directive configures what you return as the Server HTTP response +### Header. The default is 'Full' which sends information about the OS-Type +### and compiled in modules. +### Set to one of: Full | OS | Minor | Minimal | Major | Prod +### where Full conveys the most information, and Prod the least. +### +ServerTokens Full + +### +### Optionally add a line containing the server version and virtual host +### name to server-generated pages (error documents, FTP directory listings, +### mod_status and mod_info output etc., but not CGI generated documents). +### Set to "EMail" to also include a mailto: link to the ServerAdmin. +### Set to one of: On | Off | EMail +### +ServerSignature On + +### +### Aliases: Add here as many aliases as you need (with no limit). The format is +### Alias fakename realname +### +<IfModule mod_alias.c> + # + # Note that if you include a trailing / on fakename then the server will + # require it to be present in the URL. So "/icons" isn't aliased in this + # example, only "/icons/".. + # + Alias /icons/ /home/httpd/icons/ + Alias /doc /usr/share/doc + + # + # ScriptAlias: This controls which directories contain server scripts. + # ScriptAliases are essentially the same as Aliases, except that + # documents in the realname directory are treated as applications and + # run by the server when requested rather than as documents sent to the client. + # The same rules about trailing "/" apply to ScriptAlias directives as to + # Alias. + # + ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/ + ScriptAlias /protected-cgi-bin/ /home/httpd/protected-cgi-bin/ + + <IfModule mod_perl.c> + #Provide two aliases to the same cgi-bin directory, + #to see the effects of the 2 different mod_perl modes + #for Apache::Registry Mode + Alias /perl/ /home/httpd/perl/ + #for Apache::Perlrun Mode + Alias /cgi-perl/ /home/httpd/perl/ + </IfModule> + +</IfModule> +# End of Alias directives. + +### +### Redirect allows you to tell clients about documents which used to exist in +### your server's namespace, but do not anymore. This allows you to tell the +### clients where to look for the relocated document. +### Format: Redirect old-URI new-URL +### +#Redirect old-URI new-URL + +### +### Directives controlling the display of server-generated directory listings. +### +<IfModule mod_autoindex.c> + # + # FancyIndexing is whether you want fancy directory indexing or standard + # + IndexOptions FancyIndexing VersionSort NameWidth=* + + # + # AddIcon* directives tell the server which icon to show for different + # files or filename extensions. These are only displayed for + # FancyIndexed directories. + # + AddIconByEncoding (CMP,/icons/compressed.png) x-compress x-gzip + + AddIconByType (TXT,/icons/text.png) text/* + AddIconByType (IMG,/icons/image2.png) image/* + AddIconByType (SND,/icons/sound2.png) audio/* + AddIconByType (VID,/icons/movie.png) video/* + + AddIcon /icons/binary.gif .bin .exe + AddIcon /icons/binhex.gif .hqx + AddIcon /icons/tar.gif .tar + AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv + AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip .bz2 + AddIcon /icons/a.gif .ps .ai .eps + AddIcon /icons/layout.gif .html .shtml .htm .pdf + AddIcon /icons/text.gif .txt + AddIcon /icons/c.gif .c + AddIcon /icons/p.gif .pl .py .php .php3 + AddIcon /icons/f.gif .for + AddIcon /icons/dvi.gif .dvi + AddIcon /icons/uuencoded.gif .uu + AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl + AddIcon /icons/tex.gif .tex + AddIcon /icons/bomb.gif core + + AddIcon /icons/back.gif .. + AddIcon /icons/hand.right.gif README + AddIcon /icons/folder.gif ^^DIRECTORY^^ + AddIcon /icons/blank.gif ^^BLANKICON^^ + + # + # DefaultIcon is which icon to show for files which do not have an icon + # explicitly set. + # + DefaultIcon /icons/unknown.gif + + # + # AddDescription allows you to place a short description after a file in + # server-generated indexes. These are only displayed for FancyIndexed + # directories. + # Format: AddDescription "description" filename + # + #AddDescription "GZIP compressed document" .gz + #AddDescription "tar archive" .tar + #AddDescription "GZIP compressed tar archive" .tgz + + # + # ReadmeName is the name of the README file the server will look for by + # default, and append to directory listings. + # + # HeaderName is the name of a file which should be prepended to + # directory indexes. + # + # If MultiViews are amongst the Options in effect, the server will + # first look for name.html and include it if found. If name.html + # doesn't exist, the server will then look for name.txt and include + # it as plaintext if found. + # + ReadmeName README.html + HeaderName HEADER.html + + # + # IndexIgnore is a set of filenames which directory indexing should ignore + # and not include in the listing. Shell-style wildcarding is permitted. + # + IndexIgnore .??* *~ *# HEADER* RCS CVS *,v *,t + +</IfModule> +# End of indexing directives. + +### +### Document types. +### +<IfModule mod_mime.c> + # + # AddEncoding allows you to have certain browsers (Mosaic/X 2.1+) uncompress + # information on the fly. Note: Not all browsers support this. + # Despite the name similarity, the following Add* directives have nothing + # to do with the FancyIndexing customization directives above. + # + AddEncoding x-compress Z + AddEncoding x-gzip gz tgz + + # + # AddLanguage allows you to specify the language of a document. You can + # then use content negotiation to give a browser a file in a language + # it can understand. + # + # Note 1: The suffix does not have to be the same as the language + # keyword --- those with documents in Polish (whose net-standard + # language code is pl) may wish to use "AddLanguage pl .po" to + # avoid the ambiguity with the common suffix for perl scripts. + # + # Note 2: The example entries below illustrate that in quite + # some cases the two character 'Language' abbreviation is not + # identical to the two character 'Country' code for its country, + # E.g. 'Danmark/dk' versus 'Danish/da'. + # + # Note 3: In the case of 'ltz' we violate the RFC by using a three char + # specifier. But there is 'work in progress' to fix this and get + # the reference data for rfc1766 cleaned up. + # + # Danish (da) - Dutch (nl) - English (en) - Estonian (ee) + # French (fr) - German (de) - Greek-Modern (el) + # Italian (it) - Korean (kr) - Norwegian (no) + # Portugese (pt) - Luxembourgeois* (ltz) + # Spanish (es) - Swedish (sv) - Catalan (ca) - Czech(cz) + # Polish (pl) - Brazilian Portuguese (pt-br) - Japanese (ja) + # Russian (ru) + # + AddLanguage ca .ca + AddLanguage cz .cz + AddLanguage da .dk + AddLanguage de .de + AddLanguage el .el + AddLanguage en .en + AddLanguage es .es + AddLanguage et .ee + AddLanguage fr .fr + AddLanguage he .he + AddLanguage hr .hr + AddLanguage it .it + AddLanguage ja .ja + AddLanguage ko .ko + AddLanguage kr .kr + AddLanguage ltz .ltz + AddLanguage ltz .lu + AddLanguage nl .nl + AddLanguage nn .nn + AddLanguage no .no + AddLanguage pl .po + AddLanguage pt-br .pt-br + AddLanguage pt .pt + AddLanguage ru .ru + AddLanguage sv .se + AddLanguage tw .tw + AddLanguage zh-tw .tw + + # + # Specify a default charset for all pages sent out. This is + # always a good idea and opens the door for future internationalisation + # of your web site, should you ever want it. Specifying it as + # a default does little harm; as the standard dictates that a page + # is in iso-8859-1 (latin1) unless specified otherwise i.e. you + # are merely stating the obvious. There are also some security + # reasons in browsers, related to javascript and URL parsing + # which encourage you to always set a default char set. + # + AddDefaultCharset ISO-8859-1 + + # LanguagePriority allows you to give precedence to some languages + # in case of a tie during content negotiation. + # + # Just list the languages in decreasing order of preference. We have + # more or less alphabetized them here. You probably want to change this. + # + <IfModule mod_negotiation.c> + LanguagePriority en fr de es it da nl et el ja kr no pl pt pt-br ru ltz ca sv tw + </IfModule> + + # + # ForceLanguagePriority allows you to serve a result page rather than + # MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback) + # [in case no accepted languages matched the available variants] + # + <IfModule mod_negotiation.c> + ForceLanguagePriority Prefer Fallback + </IfModule> + + # + # Commonly used filename extensions to character sets. You probably + # want to avoid clashes with the language extensions, unless you + # are good at carefully testing your setup after each change. + # See ftp://ftp.isi.edu/in-notes/iana/assignments/character-sets for + # the official list of charset names and their respective RFCs + # + AddCharset ISO-8859-1 .iso8859-1 .latin1 + AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen + AddCharset ISO-8859-3 .iso8859-3 .latin3 + AddCharset ISO-8859-4 .iso8859-4 .latin4 + AddCharset ISO-8859-5 .iso8859-5 .latin5 .cyr .iso-ru + AddCharset ISO-8859-6 .iso8859-6 .latin6 .arb + AddCharset ISO-8859-7 .iso8859-7 .latin7 .grk + AddCharset ISO-8859-8 .iso8859-8 .latin8 .heb + AddCharset ISO-8859-9 .iso8859-9 .latin9 .trk + AddCharset ISO-2022-JP .iso2022-jp .jis + AddCharset ISO-2022-KR .iso2022-kr .kis + AddCharset ISO-2022-CN .iso2022-cn .cis + AddCharset Big5 .Big5 .big5 + # For russian, more than one charset is used (depends on client, mostly): + AddCharset WINDOWS-1251 .cp-1251 .win-1251 + AddCharset CP866 .cp866 + AddCharset KOI8-r .koi8-r .koi8-ru + AddCharset KOI8-ru .koi8-uk .ua + AddCharset ISO-10646-UCS-2 .ucs2 + AddCharset ISO-10646-UCS-4 .ucs4 + AddCharset UTF-8 .utf8 + + # + # The set below does not map to a specific (iso) standard + # but works on a fairly wide range of browsers. Note that + # capitalization actually matters (it should not, but it + # does for some browsers). + # + # See ftp://ftp.isi.edu/in-notes/iana/assignments/character-sets + # for a list of sorts. But browsers support few. + # + AddCharset GB2312 .gb2312 .gb + AddCharset utf-7 .utf7 + AddCharset utf-8 .utf8 + AddCharset big5 .big5 .b5 + AddCharset EUC-TW .euc-tw + AddCharset EUC-JP .euc-jp + AddCharset EUC-KR .euc-kr + AddCharset shift_jis .sjis + + # + # AddType allows you to tweak mime.types without actually editing it, or to + # make certain files to be certain types. + # + AddType application/x-tar .tgz + AddType image/x-icon .ico + + # + # AddHandler allows you to map certain file extensions to "handlers", + # actions unrelated to filetype. These can be either built into the server + # or added with the Action command (see below) + # + # If you want to use server side includes, or CGI outside + # ScriptAliased directories, uncomment the following lines. + # + # To use CGI scripts: + # + AddHandler cgi-script .cgi + + # + # For type maps (negotiated resources): + # (This is enabled by default to allow the Apache "It Worked" page + # to be distributed in multiple languages.) + # + AddHandler type-map var + + # + # Filters allow you to process content before it is sent to the client. + # + # To parse .shtml files for server-side includes (SSI): + # (You will also need to add "Includes" to the "Options" directive.) + # + AddType text/html .shtml + AddOutputFilter INCLUDES .shtml + + # + # Uncomment the following line to enable Apache's send-asis HTTP file + # feature + # + #AddHandler send-as-is asis + + # + # If you wish to use server-parsed imagemap files, use + # + AddHandler imap-file map + + # + # To enable type maps, you might want to use + # + #AddHandler type-map var +</IfModule> +# End of document types. + +### +### Action lets you define media types that will execute a script whenever +### a matching file is called. This eliminates the need for repeated URL +### pathnames for oft-used CGI file processors. +### +#Action media/type /cgi-script/location +#Action handler-name /cgi-script/location + +### +### Putting this all together, we can internationalize error responses. +### +### We use Alias to redirect any /error/HTTP_<error>.html.var response to +### our collection of by-error message multi-language collections. We use +### includes to substitute the appropriate text. +### +### You can modify the messages' appearance without changing any of the +### default HTTP_<error>.html.var files by adding the line: +### +### Alias /error/include/ "/your/include/path/" +### +### which allows you to create your own set of files by starting with the +### /include/ files and copying them to /your/include/path/, +### even on a per-VirtualHost basis. The default include files will display +### your Apache version number and your ServerAdmin email address regardless +### of the setting of ServerSignature. +### +### The internationalized error documents require mod_alias, mod_include +### and mod_negotiation. To activate them, uncomment the following 30 lines. +### +# Alias /error/ "/home/httpd/error" +# +# <Directory "/home/httpd/error"> +# AllowOverride None +# Options IncludesNoExec +# AddOutputFilter Includes html +# AddHandler type-map var +# Order allow,deny +# Allow from all +# LanguagePriority en es de fr sv +# ForceLanguagePriority Prefer Fallback +# </Directory> +# +# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var +# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var +# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var +# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var +# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var +# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var +# ErrorDocument 410 /error/HTTP_GONE.html.var +# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var +# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var +# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var +# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var +# ErrorDocument 415 /error/HTTP_SERVICE_UNAVAILABLE.html.var +# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var +# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var +# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var +# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var +# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var + +### +### Customizable error responses come in three flavors: +### +# 1) plain text +#ErrorDocument 500 "The server made a boo boo." +# +# 2) local redirects +#ErrorDocument 404 /missing.html +# to redirect to local URL /missing.html +#ErrorDocument 404 "/cgi-bin/missing_handler.pl" +# N.B.: You can redirect to a script or a document using server-side-includes. +# +# 3) external redirects +#ErrorDocument 402 http://www.example.com/subscription_info.html +# N.B.: Many of the environment variables associated with the original +# request will *not* be available to such a script. + +<Location /manual> + Options Multiviews + ErrorDocument 404 "The document you requested has not been installed on your system. +</Location> + +### +### Customize behaviour based on the browser +### +<IfModule mod_setenvif.c> + # + # The following directives modify normal HTTP response behavior to + # handle known problems with browser implementations. + # + BrowserMatch "Mozilla/2" nokeepalive + BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 + BrowserMatch "RealPlayer 4\.0" force-response-1.0 + BrowserMatch "Java/1\.0" force-response-1.0 + BrowserMatch "JDK/1\.0" force-response-1.0 + + # + # The following directive disables redirects on non-GET requests for + # a directory that does not include the trailing slash. This fixes a + # problem with Microsoft WebFolders which does not appropriately handle + # redirects for folders with DAV methods. + # + BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carfully + BrowserMatch "^WebDrive" redirect-carefully + BrowserMatch "^gnome-vfs" redirect-carefully +</IfModule> +# End of browser customization directives + +### +### Allow server status reports, with the URL of http://servername/server-status +### Change the ".your_domain.com" to match your domain to enable. +### +<IfModule mod_status.c> + <Location /server-status> + SetHandler server-status + <IfModule mod_access.c> + Order deny,allow + Deny from all + allow from 127.0.0.1 + #Allow from .your_domain.com + </IfModule> + </Location> +# +# ExtendedStatus controls whether Apache will generate "full" status +# information (ExtendedStatus On) or just basic information (ExtendedStatus +# Off) when the "server-status" handler is called. The default is Off. +# +#ExtendedStatus On +</IfModule> + +### +### Allow remote server configuration reports, with the URL of +### http://servername/server-info (requires that mod_info.c be loaded). +### Change the ".your_domain.com" to match your domain to enable. +### +<IfModule mod_info.c> + <Location /server-info> + SetHandler server-info + <IfModule mod_access.c> + Order deny,allow + Deny from all + allow from 127.0.0.1 + #Allow from .your_domain.com + </IfModule> + </Location> +</IfModule> + +### +### Allow remote mod_perl configuration reports, with the URL of +### http://servername/perl-status (requires that mod_perl.c be loaded). +### Change the ".your_domain.com" to match your domain to enable. +### +<IfModule mod_perl.c> + <Location /perl-status> + SetHandler perl-script + PerlResponseHandler ModPerl::Status + <IfModule mod_access.c> + Order deny,allow + Deny from all + Allow from 127.0.0.1 + </IfModule> + </Location> +</IfModule> + +### +### Proxy Server directives. Uncomment the following lines to +### enable the proxy server: +### +#<IfModule mod_proxy.c> +# ProxyRequests On +# <Directory proxy:*> +# Order deny,allow +# Deny from all +# Allow from .your_domain.com +# </Directory> + # + # Enable/disable the handling of HTTP/1.1 "Via:" headers. + # ("Full" adds the server version; "Block" removes all outgoing Via: headers) + # Set to one of: Off | On | Full | Block + # +# ProxyVia On + # + # To enable the cache as well, edit and uncomment the following lines: + # (no caching without CacheRoot) + # +# <IfModule mod_disk_cache.c> +# CacheRoot "/var/cache/apache2" +# CacheSize 5 +# CacheGcInterval 4 +# CacheMaxExpire 24 +# CacheLastModifiedFactor 0.1 +# CacheDefaultExpire 1 +# #NoCache a-domain.com another-domain.edu joes.garage-sale.com +# </IfModule> +#</IfModule> +# End of proxy directives. + +### +### Comment me :) +### +<IfModule mod_include.c> +# XBitHack on +</IfModule> + +### +### The mod_deflate module provides the DEFLATE output filter. +### It allows output from your server to be compressed before +### being sent to the client over the network. +### +<IfModule mod_deflate.c> + <Directory "/home/httpd/htdocs/manual"> + AddOutputFilterByType DEFLATE text/html + </Directory> + + # DeflateFilterNote - Set a note to report on compression ratio +# DeflateFilterNote deflate_ratio +# LogFormat "%h %l %u %t \"%r\" %>s %b mod_deflate: %{deflate_ratio}n pct." common_with_deflate_info +# CustomLog logs/deflate.log common_with_deflate_info +# # Set the Deflate window size (1-15) +# DeflateWindowSize 10 +# # Set the Deflate Memory Level (1-9) +# DeflateMemLevel 6 +</IfModule> + +### +### This should be changed to whatever you set DocumentRoot to. +### +<Directory /home/httpd/htdocs> +# +# This may also be "None", "All", or any combination of "Indexes", +# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews". +# +# Note that "MultiViews" must be named *explicitly* --- "Options All" +# doesn't give it to you. +# + Options -Indexes FollowSymLinks MultiViews +# +# This controls which options the .htaccess files in directories can +# override. Can also be "All", or any combination of "Options", "FileInfo", +# "AuthConfig", and "Limit" +# + AllowOverride All +# +# Controls who can get stuff from this server. +# + <IfModule mod_access.c> + Order allow,deny + Allow from all + </IfModule> +</Directory> + +### +### Comment me :) +### +<Directory /home/httpd/perl> + AllowOverride All + Options -Indexes FollowSymLinks MultiViews ExecCGI + <IfModule mod_access.c> + Order allow,deny + Allow from all + </IfModule> +</Directory> + +### +### Additional mod_cgid.c settings; mod_cgid has Scriptsock <path> +### for setting UNIX socket for communicating with cgid. +### +<IfModule mod_cgid.c> +# Scriptsock /cgisock +</IfModule> + +### +### This is intended for your world-accessible CGI programs. +### +<Directory /home/httpd/cgi-bin> + AllowOverride All + Options ExecCGI + <IfModule mod_access.c> + Order allow,deny + Allow from all + </IfModule> +</Directory> + +### +### Access to these CGI programs will be restricted. +### +<Directory /home/httpd/protected-cgi-bin> + AllowOverride All + Options ExecCGI + <IfModule mod_access.c> + Order deny,allow + Deny from all + Allow from 127.0.0.1 + #allow from .your_domain.com + </IfModule> +</Directory> + +### +### Control access to UserDir directories. The following is an example +### for a site where these directories are restricted to read-only. +### +#<Directory /home/*/public_html> +# AllowOverride FileInfo AuthConfig Limit +# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec +# <Limit GET POST OPTIONS PROPFIND> +# Order allow,deny +# Allow from all +# </Limit> +# <LimitExcept GET POST OPTIONS PROPFIND> +# Order deny,allow +# Deny from all +# </LimitExcept> +#</Directory> + +### +### These settings are pretty flexible, and allow for Frontpage and XSSI +### +<Directory /home/*/public_html> + AllowOverride All + Options MultiViews -Indexes Includes FollowSymLinks + <IfModule mod_access.c> + Order allow,deny + Allow from all + </IfModule> +</Directory> + +<Directory /home/*/public_html/cgi-bin> + Options +ExecCGI -Includes -Indexes + SetHandler cgi-script +</Directory> + +<IfModule mod_perl.c> + <Directory /home/*/public_html/perl> + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlSendHeader On + </Directory> +</IfModule> + +<Directory /home/httpd/icons> + Options -Indexes MultiViews + AllowOverride None + <IfModule mod_access.c> + Order allow,deny + Allow from all + </IfModule> +</Directory> + +<Directory /usr/share/doc> + <IfModule mod_deflate.c> + AddOutputFilterByType DEFLATE text/html + </IfModule> + Options Indexes FollowSymLinks + <IfModule mod_access.c> + Order deny,allow + Deny from all + Allow from 127.0.0.1 + #allow from .your_domain.com + </IfModule> +</Directory> + +<Directory /home/httpd/htdocs/addon-modules> + Options Indexes FollowSymLinks +</Directory> + +<Location /index.shtml> + Options +Includes +</Location> + +<IfModule mod_perl.c> + PerlModule Apache::Registry + #set Apache::Registry Mode for /perl Alias + <Location /perl/*.pl> + SetHandler perl-script + PerlResponseHandler ModPerl::Registry + Options -Indexes ExecCGI + PerlSendHeader On + </Location> + + #set Apache::PerlRun Mode for /cgi-perl Alias + <Location /cgi-perl/*.pl> + SetHandler perl-script + PerlResponseHandler ModPerl::PerlRun + Options -Indexes ExecCGI + PerlSendHeader On + </Location> +</IfModule> + diff --git a/net-www/apache/files/2.0.40/dynamic-vhosts.conf b/net-www/apache/files/2.0.40/dynamic-vhosts.conf new file mode 100644 index 000000000000..3ed1946cb941 --- /dev/null +++ b/net-www/apache/files/2.0.40/dynamic-vhosts.conf @@ -0,0 +1,21 @@ +#Simple dynamic virtual hosts +# +# This extract from apache2.conf implements the virtual host arrangement +# outlined at http://www.apache.org/docs/vhosts/mass.html, using +# mod_vhost_alias. + +# get the server name from the Host: header +#UseCanonicalName Off +# +# this log format can be split per-virtual-host based on the first field +#LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon +#CustomLog logs/access_log vcommon +# +# include the server name in the filenames used to satisfy requests +#VirtualDocumentRoot /www/hosts/%0/docs +#VirtualScriptAlias /www/hosts/%0/cgi-bin +# +# This configuration can be changed into an IP-based virtual hosting +# solution by just turning UseCanonicalName Off into UseCanonicalName DNS. +# The server name that is inserted into the filename is then derived from +# the IP address of the virtual host. diff --git a/net-www/apache/files/2.0.40/gentestcrt.sh b/net-www/apache/files/2.0.40/gentestcrt.sh new file mode 100644 index 000000000000..5ccdfe2e1d36 --- /dev/null +++ b/net-www/apache/files/2.0.40/gentestcrt.sh @@ -0,0 +1,243 @@ +#!/bin/sh +## $Header: /var/cvsroot/gentoo-x86/net-www/apache/files/2.0.40/gentestcrt.sh,v 1.1 2002/11/28 20:23:09 woodchip Exp $ +## +## gentestcrt -- Create self-signed test certificate +## (C) 2001 Jean-Michel Dault <jmdault@mandrakesoft.com> and Mandrakesoft +## Based on cca.sh script by Ralf S. Engelschall +## + +# external tools +openssl="/usr/bin/openssl" + +# some optional terminal sequences +case $TERM in + xterm|xterm*|vt220|vt220*) + T_MD=`echo dummy | awk '{ printf("%c%c%c%c", 27, 91, 49, 109); }'` + T_ME=`echo dummy | awk '{ printf("%c%c%c", 27, 91, 109); }'` + ;; + vt100|vt100*) + T_MD=`echo dummy | awk '{ printf("%c%c%c%c%c%c", 27, 91, 49, 109, 0, 0); }'` + T_ME=`echo dummy | awk '{ printf("%c%c%c%c%c", 27, 91, 109, 0, 0); }'` + ;; + default) + T_MD='' + T_ME='' + ;; +esac + +# find some random files +# (do not use /dev/random here, because this device +# doesn't work as expected on all platforms) +randfiles='' +for file in /var/log/messages /var/adm/messages \ + /kernel /vmunix /vmlinuz \ + /etc/hosts /etc/resolv.conf; do + if [ -f $file ]; then + if [ ".$randfiles" = . ]; then + randfiles="$file" + else + randfiles="${randfiles}:$file" + fi + fi +done + + +echo "${T_MD}maketestcrt -- Create self-signed test certificate${T_ME}" +echo "(C) 2001 Jean-Michel Dault <jmdault@mandrakesoft.com> and Mandrakesoft" +echo "Based on cca.sh script by Ralf S. Engelschall" +echo "" + +grep -q -s DUMMY server.crt && mv server.crt server.crt.dummy +grep -q -s DUMMY server.key && mv server.key server.key.dummy + +echo "" +echo "" + +if [ ! -e ./server.crt -a ! -e ./server.key ];then + echo "Will create server.key and server.crt in `pwd`" +else + echo "server.key and server.crt already exist, dying" + exit +fi + +echo "" + + +mkdir -p /tmp/tmpssl-$$ +pushd /tmp/tmpssl-$$ > /dev/null + + + echo "${T_MD}INITIALIZATION${T_ME}" + + echo "" + echo "${T_MD}Generating custom Certificate Authority (CA)${T_ME}" + echo "______________________________________________________________________" + echo "" + echo "${T_MD}STEP 1: Generating RSA private key for CA (1024 bit)${T_ME}" + cp /dev/null ca.rnd + echo '01' >ca.ser + if [ ".$randfiles" != . ]; then + $openssl genrsa -rand $randfiles -out ca.key 1024 + else + $openssl genrsa -out ca.key 1024 + fi + if [ $? -ne 0 ]; then + echo "cca:Error: Failed to generate RSA private key" 1>&2 + exit 1 + fi + echo "______________________________________________________________________" + echo "" + echo "${T_MD}STEP 2: Generating X.509 certificate signing request for CA${T_ME}" + cat >.cfg <<EOT +[ req ] +default_bits = 1024 +distinguished_name = req_DN +RANDFILE = ca.rnd +[ req_DN ] +countryName = "1. Country Name (2 letter code)" +#countryName_default = CA +#countryName_min = 2 +countryName_max = 2 +stateOrProvinceName = "2. State or Province Name (full name) " +#stateOrProvinceName_default = "Quebec" +localityName = "3. Locality Name (eg, city) " +#localityName_default = "Montreal" +0.organizationName = "4. Organization Name (eg, company) " +0.organizationName_default = "Apache HTTP Server" +organizationalUnitName = "5. Organizational Unit Name (eg, section) " +organizationalUnitName_default = "For testing purposes only" +commonName = "6. Common Name (eg, CA name) " +commonName_max = 64 +commonName_default = "localhost" +emailAddress = "7. Email Address (eg, name@FQDN)" +emailAddress_max = 40 +#emailAddress_default = "root@localhost" +EOT + $openssl req -config .cfg -new -key ca.key -out ca.csr + if [ $? -ne 0 ]; then + echo "cca:Error: Failed to generate certificate signing request" 1>&2 + exit 1 + fi + echo "______________________________________________________________________" + echo "" + echo "${T_MD}STEP 3: Generating X.509 certificate for CA signed by itself${T_ME}" + cat >.cfg <<EOT +#extensions = x509v3 +#[ x509v3 ] +#subjectAltName = email:copy +#basicConstraints = CA:true,pathlen:0 +#nsComment = "CCA generated custom CA certificate" +#nsCertType = sslCA +EOT + $openssl x509 -extfile .cfg -req -days 365 -signkey ca.key -in ca.csr -out ca.crt + if [ $? -ne 0 ]; then + echo "cca:Error: Failed to generate self-signed CA certificate" 1>&2 + exit 1 + fi + echo "______________________________________________________________________" + echo "" + echo "${T_MD}RESULT:${T_ME}" + $openssl verify ca.crt + if [ $? -ne 0 ]; then + echo "cca:Error: Failed to verify resulting X.509 certificate" 1>&2 + exit 1 + fi + $openssl x509 -text -in ca.crt + $openssl rsa -text -in ca.key + + echo "${T_MD}CERTIFICATE GENERATION${T_ME}" + user="server" + + echo "" + echo "${T_MD}Generating custom USER${T_ME} [$user]" + echo "______________________________________________________________________" + echo "" + echo "${T_MD}STEP 5: Generating RSA private key for USER (1024 bit)${T_ME}" + if [ ".$randfiles" != . ]; then + $openssl genrsa -rand $randfiles -out $user.key 1024 + else + $openssl genrsa -out $user.key 1024 + fi + if [ $? -ne 0 ]; then + echo "cca:Error: Failed to generate RSA private key" 1>&2 + exit 1 + fi + echo "______________________________________________________________________" + echo "" + echo "${T_MD}STEP 6: Generating X.509 certificate signing request for USER${T_ME}" + cat >.cfg <<EOT +[ req ] +default_bits = 1024 +distinguished_name = req_DN +RANDFILE = ca.rnd +[ req_DN ] +countryName = "1. Country Name (2 letter code)" +#countryName_default = XY +#countryName_min = 2 +countryName_max = 2 +stateOrProvinceName = "2. State or Province Name (full name) " +#stateOrProvinceName_default = "Unknown" +localityName = "3. Locality Name (eg, city) " +#localityName_default = "Server Room" +0.organizationName = "4. Organization Name (eg, company) " +0.organizationName_default = "Apache HTTP Server" +organizationalUnitName = "5. Organizational Unit Name (eg, section) " +organizationalUnitName_default = "Test Certificate" +commonName = "6. Common Name (eg, DOMAIN NAME) " +commonName_max = 64 +commonName_default = "localhost" +emailAddress = "7. Email Address (eg, name@fqdn)" +emailAddress_max = 40 +#emailAddress_default = "root@localhost" +EOT + $openssl req -config .cfg -new -key $user.key -out $user.csr + if [ $? -ne 0 ]; then + echo "cca:Error: Failed to generate certificate signing request" 1>&2 + exit 1 + fi + rm -f .cfg + echo "______________________________________________________________________" + echo "" + echo "${T_MD}STEP 7: Generating X.509 certificate signed by own CA${T_ME}" + cat >.cfg <<EOT +#extensions = x509v3 +#[ x509v3 ] +#subjectAltName = email:copy +#basicConstraints = CA:false,pathlen:0 +#nsComment = "CCA generated client certificate" +#nsCertType = client +EOT + $openssl x509 -extfile .cfg -days 365 -CAserial ca.ser -CA ca.crt -CAkey ca.key -in $user.csr -req -out $user.crt + if [ $? -ne 0 ]; then + echo "cca:Error: Failed to generate X.509 certificate" 1>&2 + exit 1 + fi + caname="`$openssl x509 -noout -text -in ca.crt |\ + grep Subject: | sed -e 's;.*CN=;;' -e 's;/Em.*;;'`" + username="`$openssl x509 -noout -text -in $user.crt |\ + grep Subject: | sed -e 's;.*CN=;;' -e 's;/Em.*;;'`" +# echo "Assembling PKCS#12 package" +# $openssl pkcs12 -export -in $user.crt -inkey $user.key -certfile ca.crt -name "$username" -caname "$caname" -out $user.p12 + echo "______________________________________________________________________" + echo "" + echo "${T_MD}RESULT:${T_ME}" + $openssl verify -CAfile ca.crt $user.crt + if [ $? -ne 0 ]; then + echo "cca:Error: Failed to verify resulting X.509 certificate" 1>&2 + exit 1 + fi + $openssl x509 -text -in $user.crt + $openssl rsa -text -in $user.key + + +popd >/dev/null + + +rm -f /tmp/tmpssl-$$/*.csr +rm -f /tmp/tmpssl-$$/ca.* +chmod 400 /tmp/tmpssl-$$/* + +echo "Certificate creation done!" +cp /tmp/tmpssl-$$/server.* . + +rm -rf /tmp/tmpssl-$$ diff --git a/net-www/apache/files/2.0.40/vhosts.conf b/net-www/apache/files/2.0.40/vhosts.conf new file mode 100644 index 000000000000..1be1cd8a7371 --- /dev/null +++ b/net-www/apache/files/2.0.40/vhosts.conf @@ -0,0 +1,41 @@ +################# vhosts.conf +#This is where we store the VirtualHosts configuration. +# +#Since Apache 1.3.19, we modified the setup to include some nice tricks: +# +#- We added the User and Group directives so VirtualHosts now work with +# suexec directive. If set, Apache will run all cgi scripts under that +# user and group (provided the uid and gid are > 1000 for security). The +# directories and cgi files *must* belong to that user/group for the +# feature to work +#- We added the Setenv VLOG directive. This works in conjunction with +# the CustomLog in commonapache2.conf. When Setenv VLOG is set, apache will +# create a /var/log/apache2/VLOG-YYYY-MM-<ServerName>.log instead of logging +# to access_log. Use this instead of defining a special logfile for +# each vhost, otherwise you eat up file descriptors. +#- You can also specify a path for the VLOG for each Vhost, for example, +# to place the logs in each user's directory. However, if you want to +# use the file for accounting, place it in a directory owned by root, +# otherwise the user will be able to erase it. +#- I suggest only including the ErrorLog *only* if the vhost will use +# cgi scripts. Again, it saves file descriptors! + +################# IP-based Virtual Hosts +#<VirtualHost 192.168.2.100> +#User jmdault +#Group jmdault +#DocumentRoot /home/jmdault/public_html +#ServerName test2.com +#Setenv VLOG /home/jmdault/logs +#ErrorLogs /home/jmdault/test2-error_log +#RewriteEngine On +#RewriteOptions inherit +#</VirtualHost> + +################# Named VirtualHosts +#NameVirtualHost 111.222.33.44 +#<VirtualHost 111.222.33.44> +#ServerName www.domain.tld +#ServerPath /domain +#DocumentRoot /web/domain +#</VirtualHost> diff --git a/net-www/apache/files/2.0.40/virtual-homepages.conf b/net-www/apache/files/2.0.40/virtual-homepages.conf new file mode 100644 index 000000000000..0d1d68d6bbff --- /dev/null +++ b/net-www/apache/files/2.0.40/virtual-homepages.conf @@ -0,0 +1,18 @@ +#A virtually hosted homepages system +# +# This is an adjustment of the above system tailored for an ISP's +# homepages server. Using a slightly more complicated configuration we can +# select substrings of the server name to use in the filename so that e.g. +# the documents for www.user.isp.com are found in /home/user/. It uses a +# single cgi-bin directory instead of one per virtual host. + +# get the server name from the Host: header +#UseCanonicalName Off +# this log format can be split per-virtual-host based on the first field +#LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon +#CustomLog logs/access_log vcommon + +# include part of the server name in the filenames +#VirtualDocumentRoot /www/hosts/%2/docs +# single cgi-bin directory +#ScriptAlias /cgi-bin/ /www/std-cgi/ diff --git a/net-www/apache/files/digest-apache-2.0.40-r1 b/net-www/apache/files/digest-apache-2.0.40-r1 deleted file mode 100644 index c6cc220e71d7..000000000000 --- a/net-www/apache/files/digest-apache-2.0.40-r1 +++ /dev/null @@ -1 +0,0 @@ -MD5 fdb35bc3b5b7833e45a455b56a0d0be5 httpd-2.0.40.tar.gz 4676089 diff --git a/net-www/apache/files/digest-apache-2.0.42 b/net-www/apache/files/digest-apache-2.0.42 deleted file mode 100644 index 56cbaea589ed..000000000000 --- a/net-www/apache/files/digest-apache-2.0.42 +++ /dev/null @@ -1 +0,0 @@ -MD5 1ea73daf7626ae1e332da7618be81be9 httpd-2.0.42.tar.gz 4971969 diff --git a/net-www/apache/files/digest-apache-2.0.43 b/net-www/apache/files/digest-apache-2.0.43 deleted file mode 100644 index 636e0853abdc..000000000000 --- a/net-www/apache/files/digest-apache-2.0.43 +++ /dev/null @@ -1 +0,0 @@ -MD5 8051de5d160c43d4ed2cc47dc9be6fd3 httpd-2.0.43.tar.gz 4835188 diff --git a/net-www/apache/files/digest-apache-2.0.43-r1 b/net-www/apache/files/digest-apache-2.0.43-r1 new file mode 100644 index 000000000000..0f69997b32ed --- /dev/null +++ b/net-www/apache/files/digest-apache-2.0.43-r1 @@ -0,0 +1,2 @@ +MD5 8051de5d160c43d4ed2cc47dc9be6fd3 httpd-2.0.43.tar.gz 4835188 +MD5 ca5ffb06ae99440b1019566e3d3e3b9c apache-2.0.43-gentoo.diff.bz2 8139 |