# Maintainer: Kaarle Ritvanen # Contributor: Valery Kartel pkgname=apache2 _pkgreal=httpd pkgver=2.4.35 pkgrel=0 pkgdesc="A high performance Unix-based HTTP server" url="http://httpd.apache.org/" arch="all" license="ASL 2.0" depends="" install="$pkgname.pre-install $pkgname.pre-upgrade" pkgusers="apache" pkggroups="apache" makedepends="apr-dev apr-util-dev autoconf automake libxml2-dev lua-dev nghttp2-dev libressl-dev pcre-dev sed zlib-dev" subpackages="$pkgname-dev $pkgname-doc $pkgname-error:_error:noarch $pkgname-http2 $pkgname-icons::noarch $pkgname-ldap $pkgname-lua:_lua $pkgname-proxy-html:proxy_html $pkgname-proxy $pkgname-ssl $pkgname-utils $pkgname-webdav" source="http://archive.apache.org/dist/$_pkgreal/$_pkgreal-$pkgver.tar.bz2 apache2.confd apache2.logrotate apache2.initd alpine.layout apache-2.4.34-libressl-compatibility.patch libressl-compat-patch-fix.patch conf/0001-httpd.conf-ServerRoot.patch conf/0002-httpd.conf-ServerTokens.patch conf/0003-httpd.conf-ServerSignature.patch conf/0004-httpd.conf-User-Group.patch conf/0005-httpd.conf-ErrorLog-CustomLog-TransferLog.patch conf/0006-httpd-dav.conf-DavLockDB.patch conf/0007-httpd-ssl.conf-SSLSessionCache.patch conf/0008-httpd-ssl.conf-SSLRandomSeed.patch conf/0009-httpd-ssl.conf-SSL-File.patch conf/0010-httpd-ssl.conf-SSL-CipherSuite.patch conf/0011-httpd.conf-IncludeOptional.patch conf/0012-httpd.conf-MIMEMagicFile.patch conf/0013-httpd-.conf-IfModule.patch conf/0014-httpd-.conf-LoadModule.patch " options="suid" builddir="$srcdir"/$_pkgreal-$pkgver # secfixes: # 2.4.35-r0: # - CVE-2018-11763 # 2.4.34-r0: # - CVE-2018-1333 # - CVE-2018-8011 # 2.4.33-r0: # - CVE-2017-15710 # - CVE-2017-15715 # - CVE-2018-1283 # - CVE-2018-1301 # - CVE-2018-1302 # - CVE-2018-1303 # - CVE-2018-1312 # 2.4.27-r1: # - CVE-2017-9798 # 2.4.26-r0: # - CVE-2017-3167 # - CVE-2017-3169 # - CVE-2017-7659 # - CVE-2017-7668 # - CVE-2017-7679 # 2.4.27-r0: # - CVE-2017-9789 prepare() { cd "$builddir" for i in $source; do case $i in *.patch) msg $i; patch -p1 -i "$srcdir"/$(basename $i) || return 1;; esac done cat "$srcdir/alpine.layout" >> config.layout } build() { cd "$builddir" ./configure \ --prefix=/usr \ --enable-layout=Alpine \ --enable-so \ --enable-suexec \ --with-suexec-caller=apache \ --with-suexec-docroot=/var/www \ --with-suexec-logfile=/var/log/apache2/suexec.log \ --with-suexec-bin=/usr/sbin/suexec \ --with-suexec-uidmin=99 \ --with-suexec-gidmin=99 \ --with-apr=/usr/bin/apr-1-config \ --with-apr-util=/usr/bin/apu-1-config \ --with-pcre=/usr \ --enable-mods-shared=all \ --enable-mpms-shared=all \ --with-mpm=prefork \ --enable-ssl \ --with-ssl \ --enable-proxy \ --enable-cache \ --enable-disk-cache \ --enable-mem-cache \ --enable-file-cache \ --enable-ldap \ --enable-authnz-ldap \ --enable-cgid \ --enable-cgi \ --enable-authn-anon \ --enable-authn-alias \ --disable-imagemap \ --enable-proxy-connect \ --enable-proxy-http \ --enable-proxy-ftp \ --enable-deflate \ --enable-dbd \ --enable-exception-hook \ --enable-dav \ --enable-dav-fs \ --enable-dav-lock \ || return 1 make || return 1 } package() { cd "$builddir" make -j1 DESTDIR="$pkgdir" install || return 1 # config rm -r "$pkgdir"/etc/apache2/extra/httpd-vhosts.conf \ "$pkgdir"/etc/apache2/original || return 1 mv "$pkgdir"/etc/apache2/extra "$pkgdir"/etc/apache2/conf.d || return 1 for file in "$pkgdir"/etc/apache2/conf.d/httpd-*; do mv "$file" \ "$(dirname $file)/${file#$pkgdir/etc/apache2/conf.d/httpd-}" || \ return 1 done sed -Ei \ 's:^(\t?#?LoadModule .+ )lib/apache2/:\1modules/:;ta;b;:a;s/^#?LoadModule (dav.*|lbmethod_.+|.*ldap|lua|proxy.*|ssl|xml2enc)_module //;tb;b;:b;d' \ "$pkgdir"/etc/apache2/httpd.conf # init scripts and logrotate install -D -m755 "$srcdir"/apache2.initd \ "$pkgdir"/etc/init.d/apache2 || return 1 install -D -m644 "$srcdir"/apache2.logrotate \ "$pkgdir"/etc/logrotate.d/apache2 || return 1 install -D -m644 "$srcdir"/apache2.confd \ "$pkgdir"/etc/conf.d/apache2 || return 1 install -d "$pkgdir"/var/www || return 1 install -d -m 2750 -g wheel "$pkgdir"/var/log/apache2 || return 1 ln -fs /var/log/apache2 "$pkgdir"/var/www/logs ln -fs /run/apache2 "$pkgdir"/var/www/run ln -fs /usr/lib/apache2 "$pkgdir"/var/www/modules rm -fr "$pkgdir"/run # verify all MPMs are built # ref #2866 for i in prefork event worker; do if ! [ -e "$pkgdir"/usr/lib/apache2/mod_mpm_$i.so ]; then error "$i MPM was not built" return 1 fi done } _make_conf_dir() { _conf_dir=$subpkgdir/etc/apache2/conf.d install -d "$_conf_dir" } _mv_conf() { _make_conf_dir && mv "$pkgdir"/etc/apache2/conf.d/$1.conf "$_conf_dir" } _load_mod() { _make_conf_dir echo "LoadModule $1_module modules/mod_$1.so" >> \ "$_conf_dir"/${subpkgname#$pkgname-}.conf } _load_mods() { local path mod for path in "$subpkgdir"/usr/lib/apache2/mod_*.so; do mod=${path##/*mod_} _load_mod ${mod%.so} done } # include the builddir and apxs in -dev package dev() { local _mpm local _file default_dev depends="$depends perl apr-util-dev" # install apxs utility install -d "$subpkgdir"/usr/bin mv "$pkgdir"/usr/bin/apxs \ "$subpkgdir"/usr/bin/apxs || return 1 install -d "$subpkgdir"/usr/share/apache2 mv "$pkgdir"/usr/share/apache2/build \ "$subpkgdir"/usr/share/apache2/ || return 1 } doc() { default_doc && _mv_conf manual } _error() { pkgdesc="Apache Multi Language Custom Error Documents" install -d "$subpkgdir"/usr/share/apache2 mv "$pkgdir"/usr/share/apache2/error \ "$subpkgdir"/usr/share/apache2/ || return 1 _mv_conf multilang-errordoc } http2() { pkgdesc="HTTP/2 transport layer for the Apache HTTP Server" install -d "$subpkgdir"/usr/lib/apache2 mv "$pkgdir"/usr/lib/apache2/mod_http2.so \ "$subpkgdir"/usr/lib/apache2 || return 1 _load_mods } icons() { pkgdesc="Apache Public Domain Icons" install -d "$subpkgdir"/usr/share/apache2 mv "$pkgdir"/usr/share/apache2/icons \ "$subpkgdir"/usr/share/apache2/ || return 1 _mv_conf autoindex } utils() { local _bin pkgdesc="Apache utility programs for webservers" depends=lynx install -d "$subpkgdir"/usr/sbin || return 1 mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ for i in checkgid htcacheclean rotatelogs apachectl envvars*; do mv "$pkgdir"/usr/sbin/$i "$subpkgdir"/usr/sbin/ || return 1 done } ssl() { pkgdesc="SSL/TLS module for the Apache HTTP Server" install="apache2-ssl.post-install" depends="apache2 libressl" install -d "$subpkgdir"/usr/lib/apache2 || return 1 mv "$pkgdir"/usr/lib/apache2/mod_ssl.so \ "$subpkgdir"/usr/lib/apache2/mod_ssl.so || return 1 _mv_conf ssl || return 1 install -d "$subpkgdir"/etc/ssl/apache2 || return 1 } ldap() { pkgdesc="LDAP authentication/authorization module for the Apache HTTP Server" url="http://httpd.apache.org/docs/2.4/mod/mod_authnz_ldap.html" depends="apache2 apr-util-ldap" install -d "$subpkgdir"/usr/lib/apache2 || return 1 mv "$pkgdir"/usr/lib/apache2/mod_*ldap.so \ "$subpkgdir"/usr/lib/apache2/ || return 1 _load_mods } webdav() { pkgdesc="WebDAV support for the Apache HTTP Server" depends="apache2" replaces="apache2" install -d "$subpkgdir"/usr/lib/apache2 || return 1 mv "$pkgdir"/usr/lib/apache2/mod_dav*.so \ "$subpkgdir"/usr/lib/apache2/ || return 1 _mv_conf dav } proxy_html() { pkgdesc="HTML and XML content filters for the Apache HTTP Server" depends="apache2" install -d "$subpkgdir"/usr/lib/apache2 || return 1 mv "$pkgdir"/usr/lib/apache2/mod_proxy_html.so \ "$pkgdir"/usr/lib/apache2/mod_xml2enc.so \ "$subpkgdir"/usr/lib/apache2/ || return 1 _mv_conf proxy-html } proxy() { pkgdesc="Proxy modules for the Apache HTTP Server" depends="apache2" install -d "$subpkgdir"/usr/lib/apache2 || return 1 mv "$pkgdir"/usr/lib/apache2/mod_proxy*.so \ "$pkgdir"/usr/lib/apache2/mod_lbmethod_*.so \ "$subpkgdir"/usr/lib/apache2/ || return 1 _load_mod watchdog _load_mods } _lua() { pkgdesc="Lua support for the Apache HTTP server" depends="apache2" install -d "$subpkgdir"/usr/lib/apache2 || return 1 mv "$pkgdir"/usr/lib/apache2/mod_lua.so \ "$subpkgdir"/usr/lib/apache2/ || return 1 _load_mods } sha512sums="f5d6a849850ebdf4e38b586c84cc1063d68ac4c6737895c9ac1c8796c22655681c55b4de77ed9f1f807338fdb9f7824faf911361aa31cc46f3c3a2cbabe20543 httpd-2.4.35.tar.bz2 8e62b101f90c67babe864bcb74f711656180b011df3fd4b541dc766b980b72aa409e86debf3559a55be359471c1cad81b8779ef3a55add8d368229fc7e9544fc apache2.confd 18e8859c7d99c4483792a5fd20127873aad8fa396cafbdb6f2c4253451ffe7a1093a3859ce719375e0769739c93704c88897bd087c63e1ef585e26dcc1f5dd9b apache2.logrotate 81a2d2a297d8049ba1b021b879ec863767149e056d9bdb2ac8acf63572b254935ec96c2e1580eba86639ea56433eec5c41341e4f1501f9072745dccdb3602701 apache2.initd 177c58d049fc4476fd9b9b36b67725145777c84cf81948105c9314cb09312dff6c1931fe21aaa243597abaefded6c6dfd80d83839e45a23950b50de615d73b06 alpine.layout fb0e896666126fd2c79cf12533a09f19ff991a44ede33ab7933381fbe5ebf94008ffb4c824a9958e47d2277fd4b985f14597fa533b2964666e3d4684e8ede9d9 apache-2.4.34-libressl-compatibility.patch 470b1c472094e59a812be3e7a68889b7ef8b3c985c9c211dabf9274ec95c1f01f606df57a4aebe75f7007e0832258415b9236645f059fbe7bfdf6bd0ea73b2f5 libressl-compat-patch-fix.patch 361e0a74f6f8f5734f074dc2f2001ff64896ecc81f88ea384b6db7db33b7738eb92b4e16163b356259581a8e7dd86adeac971d36d2584abb781e8f9b8fae6356 0001-httpd.conf-ServerRoot.patch 40f3b7579c403952ba1efcb8dfd6ffd91c2695a06a2e5530ab5a583946558790fbfa16cad259d273ac1aa7a6335dd79636aa82fd844dc3a60a34c34d90db5e17 0002-httpd.conf-ServerTokens.patch ad0c1711bc240f99cd0256d0984ad0142e03c384d30378ccca3e47cdd2596307e64bb19fbd810a56c0e4c0716577d3160bad2ae39783b1358412588bc729c113 0003-httpd.conf-ServerSignature.patch 49940950d5f71c671cd1257714a95f437899a694a26e8e8557868ba65b0888b218afe2eecfa676a0ded5ad0db67bdfb15c7e9cf85f536b4559007dc7461f4c07 0004-httpd.conf-User-Group.patch 165a016a2cb9969c25fa73fab90fba5662d916e4883abd223ac104579334424103c123009d41b6fe3fcd30070daa8c6bdbb2afbb2905d08e183ecb66018578a3 0005-httpd.conf-ErrorLog-CustomLog-TransferLog.patch c27af4e0fa0b4d441534c452fd5f26e8ab28e737660c1eddf952f9a44d82c54abd1eb5e7c1b3da5191c5ecf0358fcd4e23b8fd241d805290a7c32a7fb3138a12 0006-httpd-dav.conf-DavLockDB.patch 90adca579c3c7dc69ce1f175b47acc9e9e33667d93bb33aead7cf286212f1bdb58062fcd4e01657a2bb8ea9a2ac90c7c95f4cb8f19a29f6366e28a7168240708 0007-httpd-ssl.conf-SSLSessionCache.patch 0bae3368dd64737ffc1b1aeaccbe21e597c5d497e45a5e9bc0e27c78091b9ead13690da37d28cdc5d285c58d82085720cdd627abc3b650d4f13a4cbf24021565 0008-httpd-ssl.conf-SSLRandomSeed.patch a3b0827f86902ab05afb27ae7fef0a7b9984ef103cf3aea80651b5cfb239db99e477b077bee8d7f0e576471090055fe1a78238d746aae34bd397f3db1d0eac8f 0009-httpd-ssl.conf-SSL-File.patch a3936713f8ffcbf2bb633035873249b94fa8ace9fdb758405264f075f755fbcfec4d08794f79e4699ab398fcd0049d1897b1fd5af62e1356780938ad08ac3a11 0010-httpd-ssl.conf-SSL-CipherSuite.patch eb09b3bcbab70f6a48d5efe8fc4bd62cc2b3f46def97c09d8454b846a065c02d18bd846313c421897c8d13be728e4b2ca790e2a5c5c6add3821d9e572bacfab2 0011-httpd.conf-IncludeOptional.patch 695742f569720d7bad9306acc40456de3a12ff2ff3a108499afc3fed2e8b13883027c6e14a3fac3efe387a70386b958605b5bbfd0147ec06bb87fad30f3b66fa 0012-httpd.conf-MIMEMagicFile.patch efbba3c3475bebe5c63ce8d6eaf153cf2c46188e282a65830571c8b7dbc1e657ab9ce160dc82e331097ac483fe632f5201fde6f3f5de32fe5c52dcc7dee66216 0013-httpd-.conf-IfModule.patch 56e7bb9743d153416b15c32bb5435e4cf85d84204a02f28767c8dcba08eec1ac302521d57ce74154d3e9f7a3644ab3f8a9318150e21f8559eb67e387087a0821 0014-httpd-.conf-LoadModule.patch"