# Maintainer: Kaarle Ritvanen # Contributor: Valery Kartel pkgname=apache2 _pkgreal=httpd pkgver=2.4.27 pkgrel=2 pkgdesc="A high performance Unix-based HTTP server" url="http://httpd.apache.org/" arch="all" license="ASL 2.0" depends="" install="$pkgname.pre-install $pkgname.pre-upgrade" pkgusers="apache" pkggroups="apache" makedepends="apr-dev apr-util-dev autoconf automake libxml2-dev lua-dev nghttp2-dev libressl-dev pcre-dev sed zlib-dev" subpackages="$pkgname-ctl $pkgname-dev $pkgname-doc $pkgname-error:_error:noarch $pkgname-http2 $pkgname-icons::noarch $pkgname-ldap $pkgname-lua:_lua $pkgname-proxy-html:proxy_html $pkgname-proxy $pkgname-ssl $pkgname-utils $pkgname-webdav" source="http://archive.apache.org/dist/$_pkgreal/$_pkgreal-$pkgver.tar.bz2 libressl.patch optionsbleed.patch apache2.confd apache2.logrotate apache2.initd alpine.layout conf/0001-httpd.conf-ServerRoot.patch conf/0002-httpd.conf-ServerTokens.patch conf/0003-httpd.conf-ServerSignature.patch conf/0004-httpd.conf-User-Group.patch conf/0005-httpd.conf-ErrorLog-CustomLog-TransferLog.patch conf/0006-httpd-dav.conf-DavLockDB.patch conf/0007-httpd-ssl.conf-SSLSessionCache.patch conf/0008-httpd-ssl.conf-SSLRandomSeed.patch conf/0009-httpd-ssl.conf-SSL-File.patch conf/0010-httpd-ssl.conf-SSL-CipherSuite.patch conf/0011-httpd.conf-IncludeOptional.patch conf/0012-httpd.conf-MIMEMagicFile.patch conf/0013-httpd-.conf-IfModule.patch conf/0014-httpd-.conf-LoadModule.patch " options="suid" builddir="$srcdir"/$_pkgreal-$pkgver # secfixes: # 2.4.27-r1: # - CVE-2017-9798 # 2.4.26-r0: # - CVE-2017-3167 # - CVE-2017-3169 # - CVE-2017-7659 # - CVE-2017-7668 # - CVE-2017-7679 prepare() { cd "$builddir" for i in $source; do case $i in *.patch) msg $i; patch -p1 -i "$srcdir"/$(basename $i) || return 1;; esac done cat "$srcdir/alpine.layout" >> config.layout } build() { cd "$builddir" ./configure \ --prefix=/usr \ --enable-layout=Alpine \ --enable-so \ --enable-suexec \ --with-suexec-caller=apache \ --with-suexec-docroot=/var/www \ --with-suexec-logfile=/var/log/apache2/suexec.log \ --with-suexec-bin=/usr/sbin/suexec \ --with-suexec-uidmin=99 \ --with-suexec-gidmin=99 \ --with-apr=/usr/bin/apr-1-config \ --with-apr-util=/usr/bin/apu-1-config \ --with-pcre=/usr \ --enable-mods-shared=all \ --enable-mpms-shared=all \ --with-mpm=prefork \ --enable-ssl \ --with-ssl \ --enable-proxy \ --enable-cache \ --enable-disk-cache \ --enable-mem-cache \ --enable-file-cache \ --enable-ldap \ --enable-authnz-ldap \ --enable-cgid \ --enable-cgi \ --enable-authn-anon \ --enable-authn-alias \ --disable-imagemap \ --enable-proxy-connect \ --enable-proxy-http \ --enable-proxy-ftp \ --enable-deflate \ --enable-dbd \ --enable-exception-hook \ --enable-dav \ --enable-dav-fs \ --enable-dav-lock \ || return 1 make || return 1 } package() { cd "$builddir" make -j1 DESTDIR="$pkgdir" install || return 1 # config rm -r "$pkgdir"/etc/apache2/extra/httpd-vhosts.conf \ "$pkgdir"/etc/apache2/original || return 1 mv "$pkgdir"/etc/apache2/extra "$pkgdir"/etc/apache2/conf.d || return 1 for file in "$pkgdir"/etc/apache2/conf.d/httpd-*; do mv "$file" \ "$(dirname $file)/${file#$pkgdir/etc/apache2/conf.d/httpd-}" || \ return 1 done sed -Ei \ 's:^(\t?#?LoadModule .+ )lib/apache2/:\1modules/:;ta;b;:a;s/^#?LoadModule (dav.*|lbmethod_.+|.*ldap|lua|proxy.*|ssl|xml2enc)_module //;tb;b;:b;d' \ "$pkgdir"/etc/apache2/httpd.conf # init scripts and logrotate install -D -m755 "$srcdir"/apache2.initd \ "$pkgdir"/etc/init.d/apache2 || return 1 install -D -m644 "$srcdir"/apache2.logrotate \ "$pkgdir"/etc/logrotate.d/apache2 || return 1 install -D -m644 "$srcdir"/apache2.confd \ "$pkgdir"/etc/conf.d/apache2 || return 1 install -d "$pkgdir"/var/www || return 1 install -d -m 2750 -g wheel "$pkgdir"/var/log/apache2 || return 1 ln -fs /var/log/apache2 "$pkgdir"/var/www/logs ln -fs /run/apache2 "$pkgdir"/var/www/run ln -fs /usr/lib/apache2 "$pkgdir"/var/www/modules rm -fr "$pkgdir"/run # verify all MPMs are built # ref #2866 for i in prefork event worker; do if ! [ -e "$pkgdir"/usr/lib/apache2/mod_mpm_$i.so ]; then error "$i MPM was not built" return 1 fi done } _make_conf_dir() { _conf_dir=$subpkgdir/etc/apache2/conf.d install -d "$_conf_dir" } _mv_conf() { _make_conf_dir && mv "$pkgdir"/etc/apache2/conf.d/$1.conf "$_conf_dir" } _load_mod() { _make_conf_dir echo "LoadModule $1_module modules/mod_$1.so" >> \ "$_conf_dir"/${subpkgname#$pkgname-}.conf } _load_mods() { local path mod for path in "$subpkgdir"/usr/lib/apache2/mod_*.so; do mod=${path##/*mod_} _load_mod ${mod%.so} done } # include the builddir and apxs in -dev package dev() { local _mpm local _file default_dev depends="$depends perl apr-util-dev" # install apxs utility install -d "$subpkgdir"/usr/bin mv "$pkgdir"/usr/bin/apxs \ "$subpkgdir"/usr/bin/apxs || return 1 install -d "$subpkgdir"/usr/share/apache2 mv "$pkgdir"/usr/share/apache2/build \ "$subpkgdir"/usr/share/apache2/ || return 1 } doc() { default_doc && _mv_conf manual } _error() { pkgdesc="Apache Multi Language Custom Error Documents" install -d "$subpkgdir"/usr/share/apache2 mv "$pkgdir"/usr/share/apache2/error \ "$subpkgdir"/usr/share/apache2/ || return 1 _mv_conf multilang-errordoc } http2() { pkgdesc="HTTP/2 transport layer for the Apache HTTP Server" install -d "$subpkgdir"/usr/lib/apache2 mv "$pkgdir"/usr/lib/apache2/mod_http2.so \ "$subpkgdir"/usr/lib/apache2 || return 1 _load_mods } icons() { pkgdesc="Apache Public Domain Icons" install -d "$subpkgdir"/usr/share/apache2 mv "$pkgdir"/usr/share/apache2/icons \ "$subpkgdir"/usr/share/apache2/ || return 1 _mv_conf autoindex } utils() { pkgdesc="Apache utility programs for webservers" install -d "$subpkgdir"/usr/sbin mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ for i in checkgid htcacheclean rotatelogs envvars*; do mv "$pkgdir"/usr/sbin/$i "$subpkgdir"/usr/sbin/ done } ctl() { pkgdesc="Apache control script" depends=lynx install -d "$subpkgdir"/usr/sbin mv "$pkgdir"/usr/sbin/apachectl "$subpkgdir"/usr/sbin/ } ssl() { pkgdesc="SSL/TLS module for the Apache HTTP Server" install="apache2-ssl.post-install" depends="apache2 libressl" install -d "$subpkgdir"/usr/lib/apache2 || return 1 mv "$pkgdir"/usr/lib/apache2/mod_ssl.so \ "$subpkgdir"/usr/lib/apache2/mod_ssl.so || return 1 _mv_conf ssl || return 1 install -d "$subpkgdir"/etc/ssl/apache2 || return 1 } ldap() { pkgdesc="LDAP authentication/authorization module for the Apache HTTP Server" url="http://httpd.apache.org/docs/2.4/mod/mod_authnz_ldap.html" depends="apache2 apr-util-ldap" install -d "$subpkgdir"/usr/lib/apache2 || return 1 mv "$pkgdir"/usr/lib/apache2/mod_*ldap.so \ "$subpkgdir"/usr/lib/apache2/ || return 1 _load_mods } webdav() { pkgdesc="WebDAV support for the Apache HTTP Server" depends="apache2" replaces="apache2" install -d "$subpkgdir"/usr/lib/apache2 || return 1 mv "$pkgdir"/usr/lib/apache2/mod_dav*.so \ "$subpkgdir"/usr/lib/apache2/ || return 1 _mv_conf dav } proxy_html() { pkgdesc="HTML and XML content filters for the Apache HTTP Server" depends="apache2" install -d "$subpkgdir"/usr/lib/apache2 || return 1 mv "$pkgdir"/usr/lib/apache2/mod_proxy_html.so \ "$pkgdir"/usr/lib/apache2/mod_xml2enc.so \ "$subpkgdir"/usr/lib/apache2/ || return 1 _mv_conf proxy-html } proxy() { pkgdesc="Proxy modules for the Apache HTTP Server" depends="apache2" install -d "$subpkgdir"/usr/lib/apache2 || return 1 mv "$pkgdir"/usr/lib/apache2/mod_proxy*.so \ "$pkgdir"/usr/lib/apache2/mod_lbmethod_*.so \ "$subpkgdir"/usr/lib/apache2/ || return 1 _load_mod watchdog _load_mods } _lua() { pkgdesc="Lua support for the Apache HTTP server" depends="apache2" install -d "$subpkgdir"/usr/lib/apache2 || return 1 mv "$pkgdir"/usr/lib/apache2/mod_lua.so \ "$subpkgdir"/usr/lib/apache2/ || return 1 _load_mods } sha512sums="7e7e8070715b74cb6890096a74e194f4c6a49c14bda685b1ad832e84312f1ac4316ea03a430e679502bfd8e1853aefa544ee002a20d0f7e994b9a590c74bc42c httpd-2.4.27.tar.bz2 7ccd6ba80836e5d8481779855e5b5618f10f20fb00c765e94a3788e746e99311d687c20053ed348fc1a31532fc8900c24915c7b0aff83418f2f40dc7b94944cc libressl.patch 11582354ef82be7c1f71b44f135dd15d99c3945a2aa52e9d3213119024a9cf83a137251a730c186a416ecfd57cc4acfc166ce2c27023988b22b31b24222d1632 optionsbleed.patch 8e62b101f90c67babe864bcb74f711656180b011df3fd4b541dc766b980b72aa409e86debf3559a55be359471c1cad81b8779ef3a55add8d368229fc7e9544fc apache2.confd 18e8859c7d99c4483792a5fd20127873aad8fa396cafbdb6f2c4253451ffe7a1093a3859ce719375e0769739c93704c88897bd087c63e1ef585e26dcc1f5dd9b apache2.logrotate 81a2d2a297d8049ba1b021b879ec863767149e056d9bdb2ac8acf63572b254935ec96c2e1580eba86639ea56433eec5c41341e4f1501f9072745dccdb3602701 apache2.initd 177c58d049fc4476fd9b9b36b67725145777c84cf81948105c9314cb09312dff6c1931fe21aaa243597abaefded6c6dfd80d83839e45a23950b50de615d73b06 alpine.layout 361e0a74f6f8f5734f074dc2f2001ff64896ecc81f88ea384b6db7db33b7738eb92b4e16163b356259581a8e7dd86adeac971d36d2584abb781e8f9b8fae6356 0001-httpd.conf-ServerRoot.patch 40f3b7579c403952ba1efcb8dfd6ffd91c2695a06a2e5530ab5a583946558790fbfa16cad259d273ac1aa7a6335dd79636aa82fd844dc3a60a34c34d90db5e17 0002-httpd.conf-ServerTokens.patch ad0c1711bc240f99cd0256d0984ad0142e03c384d30378ccca3e47cdd2596307e64bb19fbd810a56c0e4c0716577d3160bad2ae39783b1358412588bc729c113 0003-httpd.conf-ServerSignature.patch 49940950d5f71c671cd1257714a95f437899a694a26e8e8557868ba65b0888b218afe2eecfa676a0ded5ad0db67bdfb15c7e9cf85f536b4559007dc7461f4c07 0004-httpd.conf-User-Group.patch 165a016a2cb9969c25fa73fab90fba5662d916e4883abd223ac104579334424103c123009d41b6fe3fcd30070daa8c6bdbb2afbb2905d08e183ecb66018578a3 0005-httpd.conf-ErrorLog-CustomLog-TransferLog.patch c27af4e0fa0b4d441534c452fd5f26e8ab28e737660c1eddf952f9a44d82c54abd1eb5e7c1b3da5191c5ecf0358fcd4e23b8fd241d805290a7c32a7fb3138a12 0006-httpd-dav.conf-DavLockDB.patch 90adca579c3c7dc69ce1f175b47acc9e9e33667d93bb33aead7cf286212f1bdb58062fcd4e01657a2bb8ea9a2ac90c7c95f4cb8f19a29f6366e28a7168240708 0007-httpd-ssl.conf-SSLSessionCache.patch 0bae3368dd64737ffc1b1aeaccbe21e597c5d497e45a5e9bc0e27c78091b9ead13690da37d28cdc5d285c58d82085720cdd627abc3b650d4f13a4cbf24021565 0008-httpd-ssl.conf-SSLRandomSeed.patch a3b0827f86902ab05afb27ae7fef0a7b9984ef103cf3aea80651b5cfb239db99e477b077bee8d7f0e576471090055fe1a78238d746aae34bd397f3db1d0eac8f 0009-httpd-ssl.conf-SSL-File.patch a3936713f8ffcbf2bb633035873249b94fa8ace9fdb758405264f075f755fbcfec4d08794f79e4699ab398fcd0049d1897b1fd5af62e1356780938ad08ac3a11 0010-httpd-ssl.conf-SSL-CipherSuite.patch eb09b3bcbab70f6a48d5efe8fc4bd62cc2b3f46def97c09d8454b846a065c02d18bd846313c421897c8d13be728e4b2ca790e2a5c5c6add3821d9e572bacfab2 0011-httpd.conf-IncludeOptional.patch 695742f569720d7bad9306acc40456de3a12ff2ff3a108499afc3fed2e8b13883027c6e14a3fac3efe387a70386b958605b5bbfd0147ec06bb87fad30f3b66fa 0012-httpd.conf-MIMEMagicFile.patch efbba3c3475bebe5c63ce8d6eaf153cf2c46188e282a65830571c8b7dbc1e657ab9ce160dc82e331097ac483fe632f5201fde6f3f5de32fe5c52dcc7dee66216 0013-httpd-.conf-IfModule.patch 56e7bb9743d153416b15c32bb5435e4cf85d84204a02f28767c8dcba08eec1ac302521d57ce74154d3e9f7a3644ab3f8a9318150e21f8559eb67e387087a0821 0014-httpd-.conf-LoadModule.patch"