* [meta-webserver][PATCH v2 0/4] Add meta-webserver
@ 2012-10-03 17:08 Paul Eggleton
2012-10-03 17:08 ` [meta-webserver][PATCH v2 1/4] Add meta-webserver layer Paul Eggleton
` (3 more replies)
0 siblings, 4 replies; 6+ messages in thread
From: Paul Eggleton @ 2012-10-03 17:08 UTC (permalink / raw)
To: openembedded-devel
Since v1, fix up for feedback from Koen:
* Squash OE-Core add and fixup patches together for apache2/modphp
* Move packaging stuff after do_install
* Add LSB headers to initscript
* Add some comments about autotools_do_configure in xdebug recipe
The following changes since commit 3871d4561464eedc6a9a83b2c682ec7d29682873:
media-ctl: Update to latest upstream to fix build with latest autotools (2012-10-03 12:25:07 +0200)
are available in the git repository at:
git://git.openembedded.org/meta-openembedded-contrib paule/meta-webserver-add
http://cgit.openembedded.org/cgit.cgi/meta-openembedded-contrib/log/?h=paule/meta-webserver-add
Paul Eggleton (4):
Add meta-webserver layer
apache2: add from OE-Classic, update to version 2.4.2 and fix
modphp: add from OE-Classic, update to 5.3.14 and fix
xdebug: add new recipe
meta-webserver/COPYING.MIT | 17 +
meta-webserver/README | 37 +++
meta-webserver/conf/layer.conf | 13 +
.../apache2-2.4.2/apache-configure_perlbin.patch | 37 +++
.../apache2-2.4.2/apache-ssl-ltmain-rpath.patch | 76 +++++
.../apache2/apache2-2.4.2/fix-libtool-name.patch | 55 +++
.../apache2-2.4.2/httpd-2.4.1-corelimit.patch | 37 +++
.../apache2/apache2-2.4.2/httpd-2.4.1-export.patch | 22 ++
.../apache2-2.4.2/httpd-2.4.1-selinux.patch | 63 ++++
.../apache2-2.4.2/httpd-2.4.2-r1326980+.patch | 74 +++++
.../apache2-2.4.2/httpd-2.4.2-r1327036+.patch | 87 +++++
.../apache2-2.4.2/httpd-2.4.2-r1332643.patch | 260 +++++++++++++++
.../apache2-2.4.2/httpd-2.4.2-r1337344+.patch | 350 ++++++++++++++++++++
.../apache2-2.4.2/httpd-2.4.2-restart.patch | 35 ++
.../replace-lynx-to-curl-in-apachectl-script.patch | 52 +++
.../apache2/apache2-2.4.2/server-makefile.patch | 11 +
.../recipes-httpd/apache2/apache2-native_2.4.2.bb | 43 +++
.../recipes-httpd/apache2/apache2_2.4.2.bb | 130 ++++++++
meta-webserver/recipes-httpd/apache2/files/init | 73 ++++
.../recipes-php/modphp/files/70_mod_php5.conf | 12 +
.../recipes-php/modphp/files/configure.patch | 11 +
.../recipes-php/modphp/files/pthread-check.patch | 64 ++++
meta-webserver/recipes-php/modphp/modphp5.inc | 90 +++++
meta-webserver/recipes-php/modphp/modphp_5.3.14.bb | 5 +
meta-webserver/recipes-php/xdebug/xdebug_2.2.1.bb | 34 ++
25 files changed, 1688 insertions(+)
create mode 100644 meta-webserver/COPYING.MIT
create mode 100644 meta-webserver/README
create mode 100644 meta-webserver/conf/layer.conf
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/apache-configure_perlbin.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/apache-ssl-ltmain-rpath.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/fix-libtool-name.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.1-corelimit.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.1-export.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.1-selinux.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1326980+.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1327036+.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1332643.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1337344+.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-restart.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/replace-lynx-to-curl-in-apachectl-script.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/server-makefile.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-native_2.4.2.bb
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2_2.4.2.bb
create mode 100755 meta-webserver/recipes-httpd/apache2/files/init
create mode 100644 meta-webserver/recipes-php/modphp/files/70_mod_php5.conf
create mode 100644 meta-webserver/recipes-php/modphp/files/configure.patch
create mode 100644 meta-webserver/recipes-php/modphp/files/pthread-check.patch
create mode 100644 meta-webserver/recipes-php/modphp/modphp5.inc
create mode 100644 meta-webserver/recipes-php/modphp/modphp_5.3.14.bb
create mode 100644 meta-webserver/recipes-php/xdebug/xdebug_2.2.1.bb
--
1.7.9.5
^ permalink raw reply [flat|nested] 6+ messages in thread
* [meta-webserver][PATCH v2 1/4] Add meta-webserver layer
2012-10-03 17:08 [meta-webserver][PATCH v2 0/4] Add meta-webserver Paul Eggleton
@ 2012-10-03 17:08 ` Paul Eggleton
2012-10-03 17:08 ` [meta-webserver][PATCH v2 2/4] apache2: add from OE-Classic, update to version 2.4.2 and fix Paul Eggleton
` (2 subsequent siblings)
3 siblings, 0 replies; 6+ messages in thread
From: Paul Eggleton @ 2012-10-03 17:08 UTC (permalink / raw)
To: openembedded-devel
Add a layer for web servers, web-based applications and other related
software.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
---
meta-webserver/COPYING.MIT | 17 +++++++++++++++++
meta-webserver/README | 37 +++++++++++++++++++++++++++++++++++++
meta-webserver/conf/layer.conf | 13 +++++++++++++
3 files changed, 67 insertions(+)
create mode 100644 meta-webserver/COPYING.MIT
create mode 100644 meta-webserver/README
create mode 100644 meta-webserver/conf/layer.conf
diff --git a/meta-webserver/COPYING.MIT b/meta-webserver/COPYING.MIT
new file mode 100644
index 0000000..fb950dc
--- /dev/null
+++ b/meta-webserver/COPYING.MIT
@@ -0,0 +1,17 @@
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
diff --git a/meta-webserver/README b/meta-webserver/README
new file mode 100644
index 0000000..47136fb
--- /dev/null
+++ b/meta-webserver/README
@@ -0,0 +1,37 @@
+meta-webserver
+==============
+
+This layer provides support for building web servers, web-based
+applications and related software.
+
+
+
+Dependencies
+------------
+
+This layer depends on:
+
+URI: git://git.openembedded.org/openembedded-core
+branch: master
+revision: HEAD
+
+
+
+Maintenance
+-----------
+
+Send patches / pull requests to openembedded-devel@lists.openembedded.org
+with '[meta-webserver]' in the subject.
+
+Layer maintainer: Paul Eggleton <paul.eggleton@linux.intel.com>
+
+
+License
+-------
+
+All metadata is MIT licensed unless otherwise stated. Source code included
+in tree for individual recipes is under the LICENSE stated in each recipe
+(.bb file) unless otherwise stated.
+
+This README document is Copyright (C) 2012 Intel Corporation.
+
diff --git a/meta-webserver/conf/layer.conf b/meta-webserver/conf/layer.conf
new file mode 100644
index 0000000..6f1855b
--- /dev/null
+++ b/meta-webserver/conf/layer.conf
@@ -0,0 +1,13 @@
+# Layer configuration for meta-webserver layer
+# Copyright 2012 Intel Corporation
+
+# We have a conf and classes directory, add to BBPATH
+BBPATH .= ":${LAYERDIR}"
+
+# We have various recipe-* directories, add to BBFILES
+BBFILES += "${LAYERDIR}/recipes-*/*/*.bb ${LAYERDIR}/recipes-*/*/*.bbappend"
+
+BBFILE_COLLECTIONS += "webserver"
+BBFILE_PATTERN_webserver := "^${LAYERDIR}/"
+BBFILE_PRIORITY_webserver = "6"
+
--
1.7.9.5
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [meta-webserver][PATCH v2 2/4] apache2: add from OE-Classic, update to version 2.4.2 and fix
2012-10-03 17:08 [meta-webserver][PATCH v2 0/4] Add meta-webserver Paul Eggleton
2012-10-03 17:08 ` [meta-webserver][PATCH v2 1/4] Add meta-webserver layer Paul Eggleton
@ 2012-10-03 17:08 ` Paul Eggleton
2012-10-03 19:01 ` Koen Kooi
2012-10-03 17:08 ` [meta-webserver][PATCH v2 3/4] modphp: add from OE-Classic, update to 5.3.14 " Paul Eggleton
2012-10-03 17:08 ` [meta-webserver][PATCH v2 4/4] xdebug: add new recipe Paul Eggleton
3 siblings, 1 reply; 6+ messages in thread
From: Paul Eggleton @ 2012-10-03 17:08 UTC (permalink / raw)
To: openembedded-devel
* Enable threading for PHP
* Backport a number of patches
* Use apachectl in init script
* Install modules into a sane location
* Ensure apxs script is installed into sysroot in crossscripts directory
and modified so that it works for building PHP
* Install httpd executable for native version so that PHP configure
script can call it
* Rename server-makefile-patch to server-makefile.patch and drop
apply=yes
* Add LIC_FILES_CHKSUM
* Fix packaging QA warnings
* Add LSB headers to init script
* Clean out some cruft and move packaging stuff after do_install
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
---
.../apache2-2.4.2/apache-configure_perlbin.patch | 37 +++
.../apache2-2.4.2/apache-ssl-ltmain-rpath.patch | 76 +++++
.../apache2/apache2-2.4.2/fix-libtool-name.patch | 55 +++
.../apache2-2.4.2/httpd-2.4.1-corelimit.patch | 37 +++
.../apache2/apache2-2.4.2/httpd-2.4.1-export.patch | 22 ++
.../apache2-2.4.2/httpd-2.4.1-selinux.patch | 63 ++++
.../apache2-2.4.2/httpd-2.4.2-r1326980+.patch | 74 +++++
.../apache2-2.4.2/httpd-2.4.2-r1327036+.patch | 87 +++++
.../apache2-2.4.2/httpd-2.4.2-r1332643.patch | 260 +++++++++++++++
.../apache2-2.4.2/httpd-2.4.2-r1337344+.patch | 350 ++++++++++++++++++++
.../apache2-2.4.2/httpd-2.4.2-restart.patch | 35 ++
.../replace-lynx-to-curl-in-apachectl-script.patch | 52 +++
.../apache2/apache2-2.4.2/server-makefile.patch | 11 +
.../recipes-httpd/apache2/apache2-native_2.4.2.bb | 43 +++
.../recipes-httpd/apache2/apache2_2.4.2.bb | 130 ++++++++
meta-webserver/recipes-httpd/apache2/files/init | 73 ++++
16 files changed, 1405 insertions(+)
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/apache-configure_perlbin.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/apache-ssl-ltmain-rpath.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/fix-libtool-name.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.1-corelimit.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.1-export.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.1-selinux.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1326980+.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1327036+.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1332643.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1337344+.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-restart.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/replace-lynx-to-curl-in-apachectl-script.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.2/server-makefile.patch
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2-native_2.4.2.bb
create mode 100644 meta-webserver/recipes-httpd/apache2/apache2_2.4.2.bb
create mode 100755 meta-webserver/recipes-httpd/apache2/files/init
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/apache-configure_perlbin.patch b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/apache-configure_perlbin.patch
new file mode 100644
index 0000000..baa739f
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/apache-configure_perlbin.patch
@@ -0,0 +1,37 @@
+# Author: echo <fei.geng@windriver.com>
+# Date: April 28 2009
+# Summary:Fix perl install directory to /usr/bin
+#
+# Upstream-Status: Inappropriate [configuration]
+
+--- a/configure
++++ b/configure
+@@ -22365,13 +22365,7 @@
+ #define APACHE_MPM_DIR "$MPM_DIR"
+ _ACEOF
+
+-
+-perlbin=`$ac_aux_dir/PrintPath perl`
+-if test "x$perlbin" = "x"; then
+- perlbin="/replace/with/path/to/perl/interpreter"
+-fi
+-
+-
++perlbin='/usr/bin/perl'
+
+ BSD_MAKEFILE=no
+ ap_make_include=include
+--- a/configure.in
++++ b/configure.in
+@@ -638,10 +638,7 @@
+ AC_DEFINE_UNQUOTED(APACHE_MPM_DIR, "$MPM_DIR",
+ [Location of the source for the current MPM])
+
+-perlbin=`$ac_aux_dir/PrintPath perl`
+-if test "x$perlbin" = "x"; then
+- perlbin="/replace/with/path/to/perl/interpreter"
+-fi
++perlbin='/usr/bin/perl'
+ AC_SUBST(perlbin)
+
+ dnl If we are running on BSD/OS, we need to use the BSD .include syntax.
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/apache-ssl-ltmain-rpath.patch b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/apache-ssl-ltmain-rpath.patch
new file mode 100644
index 0000000..3a59fb0
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/apache-ssl-ltmain-rpath.patch
@@ -0,0 +1,76 @@
+--- httpd-2.2.8.orig/build/ltmain.sh
++++ httpd-2.2.8/build/ltmain.sh
+@@ -1515,7 +1515,7 @@ EOF
+ dir=`$echo "X$arg" | $Xsed -e 's/^-L//'`
+ # We need an absolute path.
+ case $dir in
+- [\\/]* | [A-Za-z]:[\\/]*) ;;
++ =* | [\\/]* | [A-Za-z]:[\\/]*) ;;
+ *)
+ absdir=`cd "$dir" && pwd`
+ if test -z "$absdir"; then
+@@ -2558,7 +2558,7 @@ EOF
+ $echo "*** $linklib is not portable!"
+ fi
+ if test "$linkmode" = lib &&
+- test "$hardcode_into_libs" = yes; then
++ test "x$wrs_use_rpaths" = "xyes" && test "$hardcode_into_libs" = yes; then
+ # Hardcode the library path.
+ # Skip directories that are in the system default run-time
+ # search path.
+@@ -2832,7 +2832,7 @@ EOF
+
+ if test "$linkmode" = lib; then
+ if test -n "$dependency_libs" &&
+- { test "$hardcode_into_libs" != yes ||
++ { test "$hardcode_into_libs" != yes || test "x$wrs_use_rpaths" != "xyes" ||
+ test "$build_old_libs" = yes ||
+ test "$link_static" = yes; }; then
+ # Extract -R from dependency_libs
+@@ -3426,7 +3426,8 @@ EOF
+ *) finalize_rpath="$finalize_rpath $libdir" ;;
+ esac
+ done
+- if test "$hardcode_into_libs" != yes || test "$build_old_libs" = yes; then
++ if test "$hardcode_into_libs" != yes || test "x$wrs_use_rpaths" != "xyes" ||
++ test "$build_old_libs" = yes; then
+ dependency_libs="$temp_xrpath $dependency_libs"
+ fi
+ fi
+@@ -3843,7 +3844,7 @@ EOF
+ case $archive_cmds in
+ *\$LD\ *) wl= ;;
+ esac
+- if test "$hardcode_into_libs" = yes; then
++ if test "$hardcode_into_libs" = yes && test "x$wrs_use_rpaths" = "xyes" ; then
+ # Hardcode the library paths
+ hardcode_libdirs=
+ dep_rpath=
+@@ -4397,6 +4398,27 @@ EOF
+ # Now hardcode the library paths
+ rpath=
+ hardcode_libdirs=
++
++ # short circuit putting rpaths in executables
++ #
++ if test "x$wrs_use_rpaths" != "xyes" ; then
++ flag=
++ for libdir in $compile_rpath; do
++ case $(echo $libdir | ${SED} 's,/[/]*,/,g') in
++ /usr/lib/* | /usr/lib32/* | /usr/lib64/* ) flag="$flag $libdir" ;;
++ esac
++ done
++ compile_rpath="$flag"
++
++ flag=
++ for libdir in $finalize_rpath; do
++ case $(echo $libdir | ${SED} 's,/[/]*,/,g') in
++ /usr/lib/* | /usr/lib32/* | /usr/lib64/* ) flag="$flag $libdir" ;;
++ esac
++ done
++ finalize_rpath="$flag"
++ fi
++
+ for libdir in $compile_rpath $finalize_rpath; do
+ if test -n "$hardcode_libdir_flag_spec"; then
+ if test -n "$hardcode_libdir_separator"; then
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/fix-libtool-name.patch b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/fix-libtool-name.patch
new file mode 100644
index 0000000..027af04
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/fix-libtool-name.patch
@@ -0,0 +1,55 @@
+Fix build scripts to use correct libtool filename
+
+Upstream-Status: Inappropriate [configuration]
+
+---
+ httpd-2.4.2/build/config_vars.sh.in | 2 +-
+ httpd-2.4.2/configure | 2 +-
+ httpd-2.4.2/configure.in | 2 +-
+ httpd-2.4.2/support/apxs.in | 2 +-
+ 4 files changed, 4 insertions(+), 4 deletions(-)
+
+--- a/build/config_vars.sh.in
++++ b/build/config_vars.sh.in
+@@ -35,7 +35,7 @@ else
+ APU_CONFIG=@APU_CONFIG@
+ fi
+
+-APR_LIBTOOL="`${APR_CONFIG} --apr-libtool`"
++APR_LIBTOOL="`${APR_CONFIG} --apr-libtool | sed -e s,libtool,${host_alias}-libtool,`"
+ APR_INCLUDEDIR="`${APR_CONFIG} --includedir`"
+ test -n "@APU_CONFIG@" && APU_INCLUDEDIR="`${APU_CONFIG} --includedir`"
+
+--- a/configure
++++ b/configure
+@@ -6205,7 +6205,7 @@ case $host in
+ if test "x$LTFLAGS" = "x"; then
+ LTFLAGS='--silent'
+ fi
+- my_libtool=`$apr_config --apr-libtool`
++ my_libtool=`$apr_config --apr-libtool | sed -e s,libtool,${host_alias}-libtool,`
+ LIBTOOL="$my_libtool \$(LTFLAGS)"
+ libtoolversion=`$my_libtool --version`
+ case $libtoolversion in
+--- a/configure.in
++++ b/configure.in
+@@ -264,7 +264,7 @@ case $host in
+ if test "x$LTFLAGS" = "x"; then
+ LTFLAGS='--silent'
+ fi
+- my_libtool=`$apr_config --apr-libtool`
++ my_libtool=`$apr_config --apr-libtool | sed -e s,libtool,${host_alias}-libtool,`
+ LIBTOOL="$my_libtool \$(LTFLAGS)"
+ libtoolversion=`$my_libtool --version`
+ case $libtoolversion in
+--- a/support/apxs.in
++++ b/support/apxs.in
+@@ -352,7 +352,7 @@ if ($apr_major_version < 2) {
+ }
+ }
+
+-my $libtool = `$apr_config --apr-libtool`;
++my $libtool = `$apr_config --apr-libtool| sed -e s,libtool,${host_alias}-libtool,`;
+ chomp($libtool);
+
+ my $apr_includedir = `$apr_config --includes`;
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.1-corelimit.patch b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.1-corelimit.patch
new file mode 100644
index 0000000..18e4107
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.1-corelimit.patch
@@ -0,0 +1,37 @@
+
+Bump up the core size limit if CoreDumpDirectory is
+configured.
+
+Upstream-Status: Pending
+
+Note: upstreaming was discussed but there are competing desires;
+ there are portability oddities here too.
+
+--- httpd-2.4.1/server/core.c.corelimit
++++ httpd-2.4.1/server/core.c
+@@ -4433,6 +4433,25 @@ static int core_post_config(apr_pool_t *
+ }
+ apr_pool_cleanup_register(pconf, NULL, ap_mpm_end_gen_helper,
+ apr_pool_cleanup_null);
++
++#ifdef RLIMIT_CORE
++ if (ap_coredumpdir_configured) {
++ struct rlimit lim;
++
++ if (getrlimit(RLIMIT_CORE, &lim) == 0 && lim.rlim_cur == 0) {
++ lim.rlim_cur = lim.rlim_max;
++ if (setrlimit(RLIMIT_CORE, &lim) == 0) {
++ ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL,
++ "core dump file size limit raised to %lu bytes",
++ lim.rlim_cur);
++ } else {
++ ap_log_error(APLOG_MARK, APLOG_NOTICE, errno, NULL,
++ "core dump file size is zero, setrlimit failed");
++ }
++ }
++ }
++#endif
++
+ return OK;
+ }
+
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.1-export.patch b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.1-export.patch
new file mode 100644
index 0000000..ed629bf
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.1-export.patch
@@ -0,0 +1,22 @@
+
+There is no need to "suck in" the apr/apr-util symbols when using
+a shared libapr{,util}, it just bloats the symbol table; so don't.
+
+Upstream-HEAD: needed
+Upstream-2.0: omit
+Upstream-Status: Pending
+
+Note: EXPORT_DIRS change is conditional on using shared apr
+
+--- httpd-2.4.1/server/Makefile.in.export
++++ httpd-2.4.1/server/Makefile.in
+@@ -57,9 +57,6 @@ export_files:
+ ( for dir in $(EXPORT_DIRS); do \
+ ls $$dir/*.h ; \
+ done; \
+- for dir in $(EXPORT_DIRS_APR); do \
+- ls $$dir/ap[ru].h $$dir/ap[ru]_*.h 2>/dev/null; \
+- done; \
+ ) | sort -u > $@
+
+ exports.c: export_files
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.1-selinux.patch b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.1-selinux.patch
new file mode 100644
index 0000000..873328d
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.1-selinux.patch
@@ -0,0 +1,63 @@
+
+Log the SELinux context at startup.
+
+Upstream-Status: Inappropriate [other]
+
+Note: unlikely to be any interest in this upstream
+
+--- httpd-2.4.1/configure.in.selinux
++++ httpd-2.4.1/configure.in
+@@ -458,6 +458,11 @@ fopen64
+ dnl confirm that a void pointer is large enough to store a long integer
+ APACHE_CHECK_VOID_PTR_LEN
+
++AC_CHECK_LIB(selinux, is_selinux_enabled, [
++ AC_DEFINE(HAVE_SELINUX, 1, [Defined if SELinux is supported])
++ APR_ADDTO(AP_LIBS, [-lselinux])
++])
++
+ AC_CACHE_CHECK([for gettid()], ac_cv_gettid,
+ [AC_TRY_RUN(#define _GNU_SOURCE
+ #include <unistd.h>
+--- httpd-2.4.1/server/core.c.selinux
++++ httpd-2.4.1/server/core.c
+@@ -58,6 +58,10 @@
+ #include <unistd.h>
+ #endif
+
++#ifdef HAVE_SELINUX
++#include <selinux/selinux.h>
++#endif
++
+ /* LimitRequestBody handling */
+ #define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1)
+ #define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 0)
+@@ -4452,6 +4456,28 @@ static int core_post_config(apr_pool_t *
+ }
+ #endif
+
++#ifdef HAVE_SELINUX
++ {
++ static int already_warned = 0;
++ int is_enabled = is_selinux_enabled() > 0;
++
++ if (is_enabled && !already_warned) {
++ security_context_t con;
++
++ if (getcon(&con) == 0) {
++
++ ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL,
++ "SELinux policy enabled; "
++ "httpd running as context %s", con);
++
++ already_warned = 1;
++
++ freecon(con);
++ }
++ }
++ }
++#endif
++
+ return OK;
+ }
+
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1326980+.patch b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1326980+.patch
new file mode 100644
index 0000000..98b226b
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1326980+.patch
@@ -0,0 +1,74 @@
+
+* modules/loggers/mod_log_debug.c: Mark private globals as static.
+http://svn.apache.org/viewvc?view=revision&revision=1326980
+
+* modules/filters/sed1.c: Mark private globals as static const.
+ (command): Change p3 pointer to const.
+http://svn.apache.org/viewvc?view=revision&revision=1326984
+
+* modules/filters/config.m4: Prevent libsed internals from polluting
+ the global symbol namespace.
+http://svn.apache.org/viewvc?view=revision&revision=1326991
+
+Upstream-Status: Backport
+
+--- httpd-2.4.2/modules/loggers/mod_log_debug.c
++++ httpd-2.4.2/modules/loggers/mod_log_debug.c
+@@ -35,8 +35,8 @@
+ apr_array_header_t *entries;
+ } log_debug_dirconf;
+
+-const char *allhooks = "all";
+-const char * const hooks[] = {
++static const char *allhooks = "all";
++static const char * const hooks[] = {
+ "log_transaction", /* 0 */
+ "quick_handler", /* 1 */
+ "handler", /* 2 */
+--- httpd-2.4.2/modules/filters/sed1.c
++++ httpd-2.4.2/modules/filters/sed1.c
+@@ -25,7 +25,7 @@
+ #include "apr_strings.h"
+ #include "regexp.h"
+
+-char *trans[040] = {
++static const char *const trans[040] = {
+ "\\01",
+ "\\02",
+ "\\03",
+@@ -58,7 +58,7 @@
+ "\\36",
+ "\\37"
+ };
+-char rub[] = {"\\177"};
++static const char rub[] = {"\\177"};
+
+ extern int sed_step(char *p1, char *p2, int circf, step_vars_storage *vars);
+ static int substitute(sed_eval_t *eval, sed_reptr_t *ipc,
+@@ -692,7 +692,8 @@
+ step_vars_storage *step_vars)
+ {
+ int i;
+- char *p1, *p2, *p3;
++ char *p1, *p2;
++ const char *p3;
+ int length;
+ char sz[32]; /* 32 bytes enough to store 64 bit integer in decimal */
+ apr_status_t rv = APR_SUCCESS;
+--- httpd-2.4.2/modules/filters/config.m4
++++ httpd-2.4.2/modules/filters/config.m4
+@@ -16,7 +16,13 @@
+ APACHE_MODULE(substitute, response content rewrite-like filtering, , , most)
+
+ sed_obj="mod_sed.lo sed0.lo sed1.lo regexp.lo"
+-APACHE_MODULE(sed, filter request and/or response bodies through sed, $sed_obj, , most)
++APACHE_MODULE(sed, filter request and/or response bodies through sed, $sed_obj, , most, [
++ if test "x$enable_sed" = "xshared"; then
++ # The only symbol which needs to be exported is the module
++ # structure, so ask libtool to hide libsed internals:
++ APR_ADDTO(MOD_SED_LDADD, [-export-symbols-regex sed_module])
++ fi
++])
+
+ if test "$ac_cv_ebcdic" = "yes"; then
+ # mod_charset_lite can be very useful on an ebcdic system,
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1327036+.patch b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1327036+.patch
new file mode 100644
index 0000000..57b5155
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1327036+.patch
@@ -0,0 +1,87 @@
+
+* server/mpm_unix.c (dummy_connection): Use a TLS 1.0 close_notify
+ alert if the chosen listener is configured for https; not perfect
+ but better than sending an HTTP request. Adjust comments.
+http://svn.apache.org/viewvc?view=revision&revision=1327036
+
+* server/mpm_unix.c (dummy_connection): Fix spello.
+http://svn.apache.org/viewvc?view=revision&revision=1327080
+
+Upstream-Status: Backport
+
+--- httpd-2.4.2/server/mpm_unix.c
++++ httpd-2.4.2/server/mpm_unix.c
+@@ -501,14 +501,14 @@
+ return rv;
+ }
+
+-/* This function connects to the server, then immediately closes the connection.
+- * This permits the MPM to skip the poll when there is only one listening
+- * socket, because it provides a alternate way to unblock an accept() when
+- * the pod is used.
+- */
++/* This function connects to the server and sends enough data to
++ * ensure the child wakes up and processes a new connection. This
++ * permits the MPM to skip the poll when there is only one listening
++ * socket, because it provides a alternate way to unblock an accept()
++ * when the pod is used. */
+ static apr_status_t dummy_connection(ap_pod_t *pod)
+ {
+- char *srequest;
++ const char *data;
+ apr_status_t rv;
+ apr_socket_t *sock;
+ apr_pool_t *p;
+@@ -574,24 +574,37 @@
+ return rv;
+ }
+
+- /* Create the request string. We include a User-Agent so that
+- * adminstrators can track down the cause of the odd-looking
+- * requests in their logs.
+- */
+- srequest = apr_pstrcat(p, "OPTIONS * HTTP/1.0\r\nUser-Agent: ",
++ if (lp->protocol && strcasecmp(lp->protocol, "https") == 0) {
++ /* Send a TLS 1.0 close_notify alert. This is perhaps the
++ * "least wrong" way to open and cleanly terminate an SSL
++ * connection. It should "work" without noisy error logs if
++ * the server actually expects SSLv3/TLSv1. With
++ * SSLv23_server_method() OpenSSL's SSL_accept() fails
++ * ungracefully on receipt of this message, since it requires
++ * an 11-byte ClientHello message and this is too short. */
++ static const unsigned char tls10_close_notify[7] = {
++ '\x15', /* TLSPlainText.type = Alert (21) */
++ '\x03', '\x01', /* TLSPlainText.version = {3, 1} */
++ '\x00', '\x02', /* TLSPlainText.length = 2 */
++ '\x01', /* Alert.level = warning (1) */
++ '\x00' /* Alert.description = close_notify (0) */
++ };
++ data = (const char *)tls10_close_notify;
++ len = sizeof(tls10_close_notify);
++ }
++ else /* ... XXX other request types here? */ {
++ /* Create an HTTP request string. We include a User-Agent so
++ * that adminstrators can track down the cause of the
++ * odd-looking requests in their logs. A complete request is
++ * used since kernel-level filtering may require that much
++ * data before returning from accept(). */
++ data = apr_pstrcat(p, "OPTIONS * HTTP/1.0\r\nUser-Agent: ",
+ ap_get_server_description(),
+ " (internal dummy connection)\r\n\r\n", NULL);
++ len = strlen(data);
++ }
+
+- /* Since some operating systems support buffering of data or entire
+- * requests in the kernel, we send a simple request, to make sure
+- * the server pops out of a blocking accept().
+- */
+- /* XXX: This is HTTP specific. We should look at the Protocol for each
+- * listener, and send the correct type of request to trigger any Accept
+- * Filters.
+- */
+- len = strlen(srequest);
+- apr_socket_send(sock, srequest, &len);
++ apr_socket_send(sock, data, &len);
+ apr_socket_close(sock);
+ apr_pool_destroy(p);
+
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1332643.patch b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1332643.patch
new file mode 100644
index 0000000..16fd7d7
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1332643.patch
@@ -0,0 +1,260 @@
+Add support for TLS Next Protocol Negotiation:
+
+* modules/ssl/mod_ssl.c, modules/ssl/mod_ssl.h: Add and implement new
+ hooks for next protocol advertisement/discovery.
+
+* modules/ssl/ssl_engine_init.c (ssl_init_ctx_callbacks): Enable
+ NPN advertisement callback in handshake.
+
+* modules/ssl/ssl_engine_io.c (ssl_io_filter_input): Invoke
+ next-protocol discovery hook.
+
+* modules/ssl/ssl_engine_kernel.c (ssl_callback_AdvertiseNextProtos):
+ New callback.
+
+* modules/ssl/ssl_private.h: Add prototype.
+
+Submitted by: Matthew Steele <mdsteele google.com>
+ with slight tweaks by jorton
+
+https://bugzilla.redhat.com//show_bug.cgi?id=809599
+
+http://svn.apache.org/viewvc?view=revision&revision=1332643
+
+Upstream-Status: Backport
+
+--- httpd-2.4.2/modules/ssl/ssl_private.h
++++ httpd-2.4.2/modules/ssl/ssl_private.h
+@@ -139,6 +139,11 @@
+ #define HAVE_FIPS
+ #endif
+
++#if OPENSSL_VERSION_NUMBER >= 0x10001000L && !defined(OPENSSL_NO_NEXTPROTONEG) \
++ && !defined(OPENSSL_NO_TLSEXT)
++#define HAVE_TLS_NPN
++#endif
++
+ #if (OPENSSL_VERSION_NUMBER >= 0x10000000)
+ #define MODSSL_SSL_CIPHER_CONST const
+ #define MODSSL_SSL_METHOD_CONST const
+@@ -811,6 +816,7 @@
+ int ssl_callback_SessionTicket(SSL *, unsigned char *, unsigned char *,
+ EVP_CIPHER_CTX *, HMAC_CTX *, int);
+ #endif
++int ssl_callback_AdvertiseNextProtos(SSL *ssl, const unsigned char **data, unsigned int *len, void *arg);
+
+ /** Session Cache Support */
+ void ssl_scache_init(server_rec *, apr_pool_t *);
+--- httpd-2.4.2/modules/ssl/mod_ssl.c
++++ httpd-2.4.2/modules/ssl/mod_ssl.c
+@@ -260,6 +260,18 @@
+ AP_END_CMD
+ };
+
++/* Implement 'modssl_run_npn_advertise_protos_hook'. */
++APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL(
++ modssl, AP, int, npn_advertise_protos_hook,
++ (conn_rec *connection, apr_array_header_t *protos),
++ (connection, protos), OK, DECLINED);
++
++/* Implement 'modssl_run_npn_proto_negotiated_hook'. */
++APR_IMPLEMENT_OPTIONAL_HOOK_RUN_ALL(
++ modssl, AP, int, npn_proto_negotiated_hook,
++ (conn_rec *connection, const char *proto_name, apr_size_t proto_name_len),
++ (connection, proto_name, proto_name_len), OK, DECLINED);
++
+ /*
+ * the various processing hooks
+ */
+--- httpd-2.4.2/modules/ssl/mod_ssl.h
++++ httpd-2.4.2/modules/ssl/mod_ssl.h
+@@ -63,5 +63,26 @@
+
+ APR_DECLARE_OPTIONAL_FN(int, ssl_engine_disable, (conn_rec *));
+
++/** The npn_advertise_protos optional hook allows other modules to add entries
++ * to the list of protocol names advertised by the server during the Next
++ * Protocol Negotiation (NPN) portion of the SSL handshake. The hook callee is
++ * given the connection and an APR array; it should push one or more char*'s
++ * pointing to null-terminated strings (such as "http/1.1" or "spdy/2") onto
++ * the array and return OK, or do nothing and return DECLINED. */
++APR_DECLARE_EXTERNAL_HOOK(modssl, AP, int, npn_advertise_protos_hook,
++ (conn_rec *connection, apr_array_header_t *protos));
++
++/** The npn_proto_negotiated optional hook allows other modules to discover the
++ * name of the protocol that was chosen during the Next Protocol Negotiation
++ * (NPN) portion of the SSL handshake. Note that this may be the empty string
++ * (in which case modules should probably assume HTTP), or it may be a protocol
++ * that was never even advertised by the server. The hook callee is given the
++ * connection, a non-null-terminated string containing the protocol name, and
++ * the length of the string; it should do something appropriate (i.e. insert or
++ * remove filters) and return OK, or do nothing and return DECLINED. */
++APR_DECLARE_EXTERNAL_HOOK(modssl, AP, int, npn_proto_negotiated_hook,
++ (conn_rec *connection, const char *proto_name,
++ apr_size_t proto_name_len));
++
+ #endif /* __MOD_SSL_H__ */
+ /** @} */
+--- httpd-2.4.2/modules/ssl/ssl_engine_init.c
++++ httpd-2.4.2/modules/ssl/ssl_engine_init.c
+@@ -681,6 +681,11 @@
+ #endif
+
+ SSL_CTX_set_info_callback(ctx, ssl_callback_Info);
++
++#ifdef HAVE_TLS_NPN
++ SSL_CTX_set_next_protos_advertised_cb(
++ ctx, ssl_callback_AdvertiseNextProtos, NULL);
++#endif
+ }
+
+ static void ssl_init_ctx_verify(server_rec *s,
+--- httpd-2.4.2/modules/ssl/ssl_engine_io.c
++++ httpd-2.4.2/modules/ssl/ssl_engine_io.c
+@@ -28,6 +28,7 @@
+ core keeps dumping.''
+ -- Unknown */
+ #include "ssl_private.h"
++#include "mod_ssl.h"
+ #include "apr_date.h"
+
+ /* _________________________________________________________________
+@@ -297,6 +298,7 @@
+ apr_pool_t *pool;
+ char buffer[AP_IOBUFSIZE];
+ ssl_filter_ctx_t *filter_ctx;
++ int npn_finished; /* 1 if NPN has finished, 0 otherwise */
+ } bio_filter_in_ctx_t;
+
+ /*
+@@ -1374,6 +1376,27 @@
+ APR_BRIGADE_INSERT_TAIL(bb, bucket);
+ }
+
++#ifdef HAVE_TLS_NPN
++ /* By this point, Next Protocol Negotiation (NPN) should be completed (if
++ * our version of OpenSSL supports it). If we haven't already, find out
++ * which protocol was decided upon and inform other modules by calling
++ * npn_proto_negotiated_hook. */
++ if (!inctx->npn_finished) {
++ const unsigned char *next_proto = NULL;
++ unsigned next_proto_len = 0;
++
++ SSL_get0_next_proto_negotiated(
++ inctx->ssl, &next_proto, &next_proto_len);
++ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, f->c,
++ "SSL NPN negotiated protocol: '%s'",
++ apr_pstrmemdup(f->c->pool, (const char*)next_proto,
++ next_proto_len));
++ modssl_run_npn_proto_negotiated_hook(
++ f->c, (const char*)next_proto, next_proto_len);
++ inctx->npn_finished = 1;
++ }
++#endif
++
+ return APR_SUCCESS;
+ }
+
+@@ -1855,6 +1878,7 @@
+ inctx->block = APR_BLOCK_READ;
+ inctx->pool = c->pool;
+ inctx->filter_ctx = filter_ctx;
++ inctx->npn_finished = 0;
+ }
+
+ /* The request_rec pointer is passed in here only to ensure that the
+--- httpd-2.4.2/modules/ssl/ssl_engine_kernel.c
++++ httpd-2.4.2/modules/ssl/ssl_engine_kernel.c
+@@ -29,6 +29,7 @@
+ time I was too famous.''
+ -- Unknown */
+ #include "ssl_private.h"
++#include "mod_ssl.h"
+ #include "util_md5.h"
+
+ static void ssl_configure_env(request_rec *r, SSLConnRec *sslconn);
+@@ -2143,3 +2144,84 @@
+ return -1;
+ }
+ #endif
++
++#ifdef HAVE_TLS_NPN
++/*
++ * This callback function is executed when SSL needs to decide what protocols
++ * to advertise during Next Protocol Negotiation (NPN). It must produce a
++ * string in wire format -- a sequence of length-prefixed strings -- indicating
++ * the advertised protocols. Refer to SSL_CTX_set_next_protos_advertised_cb
++ * in OpenSSL for reference.
++ */
++int ssl_callback_AdvertiseNextProtos(SSL *ssl, const unsigned char **data_out,
++ unsigned int *size_out, void *arg)
++{
++ conn_rec *c = (conn_rec*)SSL_get_app_data(ssl);
++ apr_array_header_t *protos;
++ int num_protos;
++ unsigned int size;
++ int i;
++ unsigned char *data;
++ unsigned char *start;
++
++ *data_out = NULL;
++ *size_out = 0;
++
++ /* If the connection object is not available, then there's nothing for us
++ * to do. */
++ if (c == NULL) {
++ return SSL_TLSEXT_ERR_OK;
++ }
++
++ /* Invoke our npn_advertise_protos hook, giving other modules a chance to
++ * add alternate protocol names to advertise. */
++ protos = apr_array_make(c->pool, 0, sizeof(char*));
++ modssl_run_npn_advertise_protos_hook(c, protos);
++ num_protos = protos->nelts;
++
++ /* We now have a list of null-terminated strings; we need to concatenate
++ * them together into a single string, where each protocol name is prefixed
++ * by its length. First, calculate how long that string will be. */
++ size = 0;
++ for (i = 0; i < num_protos; ++i) {
++ const char *string = APR_ARRAY_IDX(protos, i, const char*);
++ unsigned int length = strlen(string);
++ /* If the protocol name is too long (the length must fit in one byte),
++ * then log an error and skip it. */
++ if (length > 255) {
++ ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c,
++ "SSL NPN protocol name too long (length=%u): %s",
++ length, string);
++ continue;
++ }
++ /* Leave room for the length prefix (one byte) plus the protocol name
++ * itself. */
++ size += 1 + length;
++ }
++
++ /* If there is nothing to advertise (either because no modules added
++ * anything to the protos array, or because all strings added to the array
++ * were skipped), then we're done. */
++ if (size == 0) {
++ return SSL_TLSEXT_ERR_OK;
++ }
++
++ /* Now we can build the string. Copy each protocol name string into the
++ * larger string, prefixed by its length. */
++ data = apr_palloc(c->pool, size * sizeof(unsigned char));
++ start = data;
++ for (i = 0; i < num_protos; ++i) {
++ const char *string = APR_ARRAY_IDX(protos, i, const char*);
++ apr_size_t length = strlen(string);
++ *start = (unsigned char)length;
++ ++start;
++ memcpy(start, string, length * sizeof(unsigned char));
++ start += length;
++ }
++
++ /* Success. */
++ *data_out = data;
++ *size_out = size;
++ return SSL_TLSEXT_ERR_OK;
++}
++#endif
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1337344+.patch b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1337344+.patch
new file mode 100644
index 0000000..646976a
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-r1337344+.patch
@@ -0,0 +1,350 @@
+
+* support/suexec.c: Add gcc format-string attributes to logging
+ functions.
+ (main): Always print uid/gid as unsigned long, and cast to avoid
+ warnings (which somewhat defeats the point of the format string
+ attrs, but is necessary since the size of gid/uid varies).
+http://svn.apache.org/viewvc?view=revision&revision=1337344
+
+
+
+suexec: Add support for logging to syslog as an alternative to a
+logfile.
+
+* support/suexec.c (err_output) [AP_LOG_SYSLOG]: Log to syslog.
+ (main): Close syslog fd if open, before execv. Add -V output
+ for AP_LOG_SYSLOG.
+
+* configure.in: Add --with-suexec-syslog argument; allow
+ --without-suexec-logfile to omit definition of AP_LOG_EXEC.
+
+http://svn.apache.org/viewvc?view=revision&revision=1341905
+
+
+
+suexec: Support use of setgid/setuid capability bits on Linux, a
+weaker set of privileges than the full setuid/setgid root binary.
+
+* configure.in: Add --enable-suexec-capabilites flag.
+
+* Makefile.in: If configured, use setcap instead of chmod 7555 on
+ installed suexec binary.
+
+* modules/arch/unix/mod_unixd.c (unixd_pre_config): Drop test for
+ setuid bit if capability bits are used.
+
+* docs/manual/: Add docs.
+
+http://svn.apache.org/viewvc?view=revision&revision=1342065
+
+
+
+* docs/manual/suexec.html.en: Update for syslog logging.
+
+http://svn.apache.org/viewvc?view=revision&revision=1341930
+
+
+
+Upstream-Status: Backport
+
+--- httpd-2.4.2/configure.in.r1337344+
++++ httpd-2.4.2/configure.in
+@@ -700,7 +700,24 @@ APACHE_HELP_STRING(--with-suexec-gidmin,
+
+ AC_ARG_WITH(suexec-logfile,
+ APACHE_HELP_STRING(--with-suexec-logfile,Set the logfile),[
+- AC_DEFINE_UNQUOTED(AP_LOG_EXEC, "$withval", [SuExec log file] ) ] )
++ if test "x$withval" = "xyes"; then
++ AC_DEFINE_UNQUOTED(AP_LOG_EXEC, "$withval", [SuExec log file])
++ fi
++])
++
++AC_ARG_WITH(suexec-syslog,
++APACHE_HELP_STRING(--with-suexec-syslog,Set the logfile),[
++ if test $withval = "yes"; then
++ if test "x${with_suexec_logfile}" != "xno"; then
++ AC_MSG_NOTICE([hint: use "--without-suexec-logfile --with-suexec-syslog"])
++ AC_MSG_ERROR([suexec does not support both logging to file and syslog])
++ fi
++ AC_CHECK_FUNCS([vsyslog], [], [
++ AC_MSG_ERROR([cannot support syslog from suexec without vsyslog()])])
++ AC_DEFINE(AP_LOG_SYSLOG, 1, [SuExec log to syslog])
++ fi
++])
++
+
+ AC_ARG_WITH(suexec-safepath,
+ APACHE_HELP_STRING(--with-suexec-safepath,Set the safepath),[
+@@ -710,6 +727,15 @@ AC_ARG_WITH(suexec-umask,
+ APACHE_HELP_STRING(--with-suexec-umask,umask for suexec'd process),[
+ AC_DEFINE_UNQUOTED(AP_SUEXEC_UMASK, 0$withval, [umask for suexec'd process] ) ] )
+
++INSTALL_SUEXEC=setuid
++AC_ARG_ENABLE([suexec-capabilities],
++APACHE_HELP_STRING(--enable-suexec-capabilities,Use Linux capability bits not setuid root suexec), [
++INSTALL_SUEXEC=caps
++AC_DEFINE(AP_SUEXEC_CAPABILITIES, 1,
++ [Enable if suexec is installed with Linux capabilities, not setuid])
++])
++APACHE_SUBST(INSTALL_SUEXEC)
++
+ dnl APR should go after the other libs, so the right symbols can be picked up
+ if test x${apu_found} != xobsolete; then
+ AP_LIBS="$AP_LIBS `$apu_config --avoid-ldap --link-libtool`"
+--- httpd-2.4.2/docs/manual/suexec.html.en.r1337344+
++++ httpd-2.4.2/docs/manual/suexec.html.en
+@@ -369,6 +369,21 @@
+ together with the <code>--enable-suexec</code> option to let
+ APACI accept your request for using the suEXEC feature.</dd>
+
++ <dt><code>--enable-suexec-capabilities</code></dt>
++
++ <dd><strong>Linux specific:</strong> Normally,
++ the <code>suexec</code> binary is installed "setuid/setgid
++ root", which allows it to run with the full privileges of the
++ root user. If this option is used, the <code>suexec</code>
++ binary will instead be installed with only the setuid/setgid
++ "capability" bits set, which is the subset of full root
++ priviliges required for suexec operation. Note that
++ the <code>suexec</code> binary may not be able to write to a log
++ file in this mode; it is recommended that the
++ <code>--with-suexec-syslog --without-suexec-logfile</code>
++ options are used in conjunction with this mode, so that syslog
++ logging is used instead.</dd>
++
+ <dt><code>--with-suexec-bin=<em>PATH</em></code></dt>
+
+ <dd>The path to the <code>suexec</code> binary must be hard-coded
+@@ -430,6 +445,12 @@
+ "<code>suexec_log</code>" and located in your standard logfile
+ directory (<code>--logfiledir</code>).</dd>
+
++ <dt><code>--with-suexec-syslog</code></dt>
++
++ <dd>If defined, suexec will log notices and errors to syslog
++ instead of a logfile. This option must be combined
++ with <code>--without-suexec-logfile</code>.</dd>
++
+ <dt><code>--with-suexec-safepath=<em>PATH</em></code></dt>
+
+ <dd>Define a safe PATH environment to pass to CGI
+@@ -546,9 +567,12 @@
+
+ <p>The suEXEC wrapper will write log information
+ to the file defined with the <code>--with-suexec-logfile</code>
+- option as indicated above. If you feel you have configured and
+- installed the wrapper properly, have a look at this log and the
+- error_log for the server to see where you may have gone astray.</p>
++ option as indicated above, or to syslog if <code>--with-suexec-syslog</code>
++ is used. If you feel you have configured and
++ installed the wrapper properly, have a look at the log and the
++ error_log for the server to see where you may have gone astray.
++ The output of <code>"suexec -V"</code> will show the options
++ used to compile suexec, if using a binary distribution.</p>
+
+ </div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
+ <div class="section">
+@@ -615,4 +639,4 @@
+ </div><div id="footer">
+ <p class="apache">Copyright 2012 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p>
+ <p class="menu"><a href="./mod/">Modules</a> | <a href="./mod/directives.html">Directives</a> | <a href="./faq/">FAQ</a> | <a href="./glossary.html">Glossary</a> | <a href="./sitemap.html">Sitemap</a></p></div>
+-</body></html>
+\ No newline at end of file
++</body></html>
+--- httpd-2.4.2/Makefile.in.r1337344+
++++ httpd-2.4.2/Makefile.in
+@@ -236,11 +236,22 @@ install-man:
+ cd $(DESTDIR)$(manualdir) && find . -name ".svn" -type d -print | xargs rm -rf 2>/dev/null || true; \
+ fi
+
+-install-suexec:
++install-suexec: install-suexec-binary install-suexec-$(INSTALL_SUEXEC)
++
++install-suexec-binary:
+ @if test -f $(builddir)/support/suexec; then \
+ test -d $(DESTDIR)$(sbindir) || $(MKINSTALLDIRS) $(DESTDIR)$(sbindir); \
+ $(INSTALL_PROGRAM) $(top_builddir)/support/suexec $(DESTDIR)$(sbindir); \
+- chmod 4755 $(DESTDIR)$(sbindir)/suexec; \
++ fi
++
++install-suexec-setuid:
++ @if test -f $(builddir)/support/suexec; then \
++ chmod 4755 $(DESTDIR)$(sbindir)/suexec; \
++ fi
++
++install-suexec-caps:
++ @if test -f $(builddir)/support/suexec; then \
++ setcap 'cap_setuid,cap_setgid+pe' $(DESTDIR)$(sbindir)/suexec; \
+ fi
+
+ suexec:
+--- httpd-2.4.2/modules/arch/unix/mod_unixd.c.r1337344+
++++ httpd-2.4.2/modules/arch/unix/mod_unixd.c
+@@ -284,6 +284,13 @@ unixd_set_suexec(cmd_parms *cmd, void *d
+ return NULL;
+ }
+
++#ifdef AP_SUEXEC_CAPABILITIES
++/* If suexec is using capabilities, don't test for the setuid bit. */
++#define SETUID_TEST(finfo) (1)
++#else
++#define SETUID_TEST(finfo) (finfo.protection & APR_USETID)
++#endif
++
+ static int
+ unixd_pre_config(apr_pool_t *pconf, apr_pool_t *plog,
+ apr_pool_t *ptemp)
+@@ -300,7 +307,7 @@ unixd_pre_config(apr_pool_t *pconf, apr_
+ ap_unixd_config.suexec_enabled = 0;
+ if ((apr_stat(&wrapper, SUEXEC_BIN, APR_FINFO_NORM, ptemp))
+ == APR_SUCCESS) {
+- if ((wrapper.protection & APR_USETID) && wrapper.user == 0
++ if (SETUID_TEST(wrapper) && wrapper.user == 0
+ && (access(SUEXEC_BIN, R_OK|X_OK) == 0)) {
+ ap_unixd_config.suexec_enabled = 1;
+ ap_unixd_config.suexec_disabled_reason = "";
+--- httpd-2.4.2/support/suexec.c.r1337344+
++++ httpd-2.4.2/support/suexec.c
+@@ -58,6 +58,10 @@
+ #include <grp.h>
+ #endif
+
++#ifdef AP_LOG_SYSLOG
++#include <syslog.h>
++#endif
++
+ #if defined(PATH_MAX)
+ #define AP_MAXPATH PATH_MAX
+ #elif defined(MAXPATHLEN)
+@@ -69,7 +73,12 @@
+ #define AP_ENVBUF 256
+
+ extern char **environ;
++
++#ifdef AP_LOG_SYSLOG
++static int log_open;
++#else
+ static FILE *log = NULL;
++#endif
+
+ static const char *const safe_env_lst[] =
+ {
+@@ -128,10 +137,23 @@ static const char *const safe_env_lst[]
+ NULL
+ };
+
++static void log_err(const char *fmt,...)
++ __attribute__((format(printf,1,2)));
++static void log_no_err(const char *fmt,...)
++ __attribute__((format(printf,1,2)));
++static void err_output(int is_error, const char *fmt, va_list ap)
++ __attribute__((format(printf,2,0)));
+
+ static void err_output(int is_error, const char *fmt, va_list ap)
+ {
+-#ifdef AP_LOG_EXEC
++#if defined(AP_LOG_SYSLOG)
++ if (!log_open) {
++ openlog("suexec", LOG_PID, LOG_DAEMON);
++ log_open = 1;
++ }
++
++ vsyslog(is_error ? LOG_ERR : LOG_INFO, fmt, ap);
++#elif defined(AP_LOG_EXEC)
+ time_t timevar;
+ struct tm *lt;
+
+@@ -263,7 +285,7 @@ int main(int argc, char *argv[])
+ */
+ uid = getuid();
+ if ((pw = getpwuid(uid)) == NULL) {
+- log_err("crit: invalid uid: (%ld)\n", uid);
++ log_err("crit: invalid uid: (%lu)\n", (unsigned long)uid);
+ exit(102);
+ }
+ /*
+@@ -289,7 +311,9 @@ int main(int argc, char *argv[])
+ #ifdef AP_HTTPD_USER
+ fprintf(stderr, " -D AP_HTTPD_USER=\"%s\"\n", AP_HTTPD_USER);
+ #endif
+-#ifdef AP_LOG_EXEC
++#if defined(AP_LOG_SYSLOG)
++ fprintf(stderr, " -D AP_LOG_SYSLOG\n");
++#elif defined(AP_LOG_EXEC)
+ fprintf(stderr, " -D AP_LOG_EXEC=\"%s\"\n", AP_LOG_EXEC);
+ #endif
+ #ifdef AP_SAFE_PATH
+@@ -440,7 +464,7 @@ int main(int argc, char *argv[])
+ * a UID less than AP_UID_MIN. Tsk tsk.
+ */
+ if ((uid == 0) || (uid < AP_UID_MIN)) {
+- log_err("cannot run as forbidden uid (%d/%s)\n", uid, cmd);
++ log_err("cannot run as forbidden uid (%lu/%s)\n", (unsigned long)uid, cmd);
+ exit(107);
+ }
+
+@@ -449,7 +473,7 @@ int main(int argc, char *argv[])
+ * or as a GID less than AP_GID_MIN. Tsk tsk.
+ */
+ if ((gid == 0) || (gid < AP_GID_MIN)) {
+- log_err("cannot run as forbidden gid (%d/%s)\n", gid, cmd);
++ log_err("cannot run as forbidden gid (%lu/%s)\n", (unsigned long)gid, cmd);
+ exit(108);
+ }
+
+@@ -460,7 +484,7 @@ int main(int argc, char *argv[])
+ * and setgid() to the target group. If unsuccessful, error out.
+ */
+ if (((setgid(gid)) != 0) || (initgroups(actual_uname, gid) != 0)) {
+- log_err("failed to setgid (%ld: %s)\n", gid, cmd);
++ log_err("failed to setgid (%lu: %s)\n", (unsigned long)gid, cmd);
+ exit(109);
+ }
+
+@@ -468,7 +492,7 @@ int main(int argc, char *argv[])
+ * setuid() to the target user. Error out on fail.
+ */
+ if ((setuid(uid)) != 0) {
+- log_err("failed to setuid (%ld: %s)\n", uid, cmd);
++ log_err("failed to setuid (%lu: %s)\n", (unsigned long)uid, cmd);
+ exit(110);
+ }
+
+@@ -556,11 +580,11 @@ int main(int argc, char *argv[])
+ (gid != dir_info.st_gid) ||
+ (uid != prg_info.st_uid) ||
+ (gid != prg_info.st_gid)) {
+- log_err("target uid/gid (%ld/%ld) mismatch "
+- "with directory (%ld/%ld) or program (%ld/%ld)\n",
+- uid, gid,
+- dir_info.st_uid, dir_info.st_gid,
+- prg_info.st_uid, prg_info.st_gid);
++ log_err("target uid/gid (%lu/%lu) mismatch "
++ "with directory (%lu/%lu) or program (%lu/%lu)\n",
++ (unsigned long)uid, (unsigned long)gid,
++ (unsigned long)dir_info.st_uid, (unsigned long)dir_info.st_gid,
++ (unsigned long)prg_info.st_uid, (unsigned long)prg_info.st_gid);
+ exit(120);
+ }
+ /*
+@@ -585,6 +609,12 @@ int main(int argc, char *argv[])
+ #endif /* AP_SUEXEC_UMASK */
+
+ /* Be sure to close the log file so the CGI can't mess with it. */
++#ifdef AP_LOG_SYSLOG
++ if (log_open) {
++ closelog();
++ log_open = 0;
++ }
++#else
+ if (log != NULL) {
+ #if APR_HAVE_FCNTL_H
+ /*
+@@ -606,6 +636,7 @@ int main(int argc, char *argv[])
+ log = NULL;
+ #endif
+ }
++#endif
+
+ /*
+ * Execute the command, replacing our image with its own.
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-restart.patch b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-restart.patch
new file mode 100644
index 0000000..42254d2
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/httpd-2.4.2-restart.patch
@@ -0,0 +1,35 @@
+
+* server/main.c (main): Bail out *before* signalling the server
+ if the config is bad. (as per the claim in the docs!)
+
+https://bugzilla.redhat.com/show_bug.cgi?id=814645
+http://svn.apache.org/viewvc?view=revision&revision=1328345
+
+Upstream-Status: Backport
+
+--- httpd-2.4.2/server/main.c.restart
++++ httpd-2.4.2/server/main.c
+@@ -671,6 +671,11 @@ int main(int argc, const char * const ar
+ }
+ }
+
++ /* If our config failed, deal with that here. */
++ if (rv != OK) {
++ destroy_and_exit_process(process, 1);
++ }
++
+ signal_server = APR_RETRIEVE_OPTIONAL_FN(ap_signal_server);
+ if (signal_server) {
+ int exit_status;
+@@ -680,11 +685,6 @@ int main(int argc, const char * const ar
+ }
+ }
+
+- /* If our config failed, deal with that here. */
+- if (rv != OK) {
+- destroy_and_exit_process(process, 1);
+- }
+-
+ apr_pool_clear(plog);
+
+ if ( ap_run_open_logs(pconf, plog, ptemp, ap_server_conf) != OK) {
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/replace-lynx-to-curl-in-apachectl-script.patch b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/replace-lynx-to-curl-in-apachectl-script.patch
new file mode 100644
index 0000000..584ddc8
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/replace-lynx-to-curl-in-apachectl-script.patch
@@ -0,0 +1,52 @@
+From 760ccbb2fb046621a2aeaecabb2b1ef9aa280cf1 Mon Sep 17 00:00:00 2001
+From: Yulong Pei <Yulong.pei@windriver.com>
+Date: Thu, 1 Sep 2011 01:03:14 +0800
+Subject: [PATCH] replace lynx to curl in apachectl script
+
+Upstream-Status: Inappropriate [configuration]
+
+Signed-off-by: Yulong Pei <Yulong.pei@windriver.com>
+---
+ support/apachectl.in | 14 ++++++++++----
+ 1 files changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/support/apachectl.in b/support/apachectl.in
+index d4dff38..109ea13 100644
+--- a/support/apachectl.in
++++ b/support/apachectl.in
+@@ -51,11 +51,11 @@ fi
+ # a command that outputs a formatted text version of the HTML at the
+ # url given on the command line. Designed for lynx, however other
+ # programs may work.
+-LYNX="@LYNX_PATH@ -dump"
++CURL="/usr/bin/curl"
+ #
+ # the URL to your server's mod_status status page. If you do not
+ # have one, then status and fullstatus will not work.
+-STATUSURL="http://localhost:@PORT@/server-status"
++STATUSURL="http://localhost:@PORT@/"
+ #
+ # Set this variable to a command that increases the maximum
+ # number of file descriptors allowed per child process. This is
+@@ -91,10 +91,16 @@ configtest)
+ ERROR=$?
+ ;;
+ status)
+- $LYNX $STATUSURL | awk ' /process$/ { print; exit } { print } '
++ $CURL -s $STATUSURL | grep -o "It works!"
++ if [ $? != 0 ] ; then
++ echo The httpd server does not work!
++ fi
+ ;;
+ fullstatus)
+- $LYNX $STATUSURL
++ $CURL -s $STATUSURL | grep -o "It works!"
++ if [ $? != 0 ] ; then
++ echo The httpd server does not work!
++ fi
+ ;;
+ *)
+ $HTTPD $ARGV
+--
+1.6.4
+
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/server-makefile.patch b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/server-makefile.patch
new file mode 100644
index 0000000..f1349cb
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/apache2-2.4.2/server-makefile.patch
@@ -0,0 +1,11 @@
+--- http-2.0.54/server/Makefile.in-old 2005-12-20 13:26:56.000000000 -0500
++++ http-2.0.54/server/Makefile.in 2005-12-20 13:27:22.000000000 -0500
+@@ -27,7 +27,7 @@
+ $(LINK) $(EXTRA_LDFLAGS) $(gen_test_char_OBJECTS) $(EXTRA_LIBS)
+
+ test_char.h: gen_test_char
+- ./gen_test_char > test_char.h
++ gen_test_char > test_char.h
+
+ util.lo: test_char.h
+
diff --git a/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.2.bb b/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.2.bb
new file mode 100644
index 0000000..17482ae
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/apache2-native_2.4.2.bb
@@ -0,0 +1,43 @@
+DESCRIPTION = "The Apache HTTP Server is a powerful, efficient, and \
+extensible web server."
+SUMMARY = "Apache HTTP Server"
+HOMEPAGE = "http://httpd.apache.org/"
+DEPENDS = "expat-native pcre-native apr-native apr-util-native"
+SECTION = "net"
+LICENSE = "Apache-2.0"
+PR = "r0"
+
+inherit native
+
+SRC_URI = "http://www.apache.org/dist/httpd/httpd-${PV}.tar.bz2"
+
+S = "${WORKDIR}/httpd-${PV}"
+
+LIC_FILES_CHKSUM = "file://LICENSE;md5=eff226ae95d0516d6210ed77dfdf2dcc"
+SRC_URI[md5sum] = "6bb12f726e22656f0ad2baf91f1f8329"
+SRC_URI[sha256sum] = "5382f9c507d3d02706e33d6308ea041f39e8511b5948aef0ca188df8f90159b8"
+
+do_configure () {
+ ./configure --with-apr=${STAGING_BINDIR_CROSS}/apr-1-config \
+ --with-apr-util=${STAGING_BINDIR_CROSS}/apu-1-config \
+ --prefix=${prefix} --datadir=${datadir}/apache2
+}
+
+do_install () {
+ install -d ${D}${bindir} ${D}${libdir}
+ cp server/gen_test_char ${D}${bindir}
+ install -m 755 support/apxs ${D}${bindir}/
+ install -m 755 httpd ${D}${bindir}/
+ install -d ${D}${datadir}/apache2/build
+ cp build/*.mk ${D}${datadir}/apache2/build
+ cp build/instdso.sh ${D}${datadir}/apache2/build
+
+ install -d ${D}${includedir}/apache2
+ cp include/* ${D}${includedir}/apache2
+ cp os/unix/os.h ${D}${includedir}/apache2
+ cp os/unix/unixd.h ${D}${includedir}/apache2
+
+ cp support/envvars-std ${D}${bindir}/envvars
+ chmod 755 ${D}${bindir}/envvars
+}
+
diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.2.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.2.bb
new file mode 100644
index 0000000..15c4d02
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.2.bb
@@ -0,0 +1,130 @@
+DESCRIPTION = "The Apache HTTP Server is a powerful, efficient, and \
+extensible web server."
+SUMMARY = "Apache HTTP Server"
+HOMEPAGE = "http://httpd.apache.org/"
+DEPENDS = "libtool-native apache2-native openssl expat pcre apr apr-util"
+RDEPENDS_${PN} += "openssl libgcc"
+SECTION = "net"
+LICENSE = "Apache-2.0"
+PR = "r0"
+
+SRC_URI = "http://www.apache.org/dist/httpd/httpd-${PV}.tar.bz2 \
+ file://server-makefile.patch \
+ file://fix-libtool-name.patch \
+ file://httpd-2.4.1-corelimit.patch \
+ file://httpd-2.4.1-export.patch \
+ file://httpd-2.4.1-selinux.patch \
+ file://httpd-2.4.2-r1326980+.patch \
+ file://httpd-2.4.2-r1327036+.patch \
+ file://httpd-2.4.2-r1332643.patch \
+ file://httpd-2.4.2-r1337344+.patch \
+ file://httpd-2.4.2-restart.patch \
+ file://apache-configure_perlbin.patch \
+ file://replace-lynx-to-curl-in-apachectl-script.patch \
+ file://apache-ssl-ltmain-rpath.patch \
+ file://init"
+
+LIC_FILES_CHKSUM = "file://LICENSE;md5=eff226ae95d0516d6210ed77dfdf2dcc"
+SRC_URI[md5sum] = "6bb12f726e22656f0ad2baf91f1f8329"
+SRC_URI[sha256sum] = "5382f9c507d3d02706e33d6308ea041f39e8511b5948aef0ca188df8f90159b8"
+
+S = "${WORKDIR}/httpd-${PV}"
+
+inherit autotools update-rc.d
+
+CFLAGS_append = " -DPATH_MAX=4096"
+CFLAGS_prepend = "-I${STAGING_INCDIR}/openssl "
+EXTRA_OECONF = "--enable-ssl \
+ --with-ssl=${STAGING_LIBDIR}/.. \
+ --with-expat=${STAGING_LIBDIR}/.. \
+ --with-apr=${STAGING_BINDIR_CROSS}/apr-1-config \
+ --with-apr-util=${STAGING_BINDIR_CROSS}/apu-1-config \
+ --enable-info \
+ --enable-rewrite \
+ --with-dbm=sdbm \
+ --with-berkeley-db=no \
+ --localstatedir=/var/${PN} \
+ --with-gdbm=no \
+ --with-ndbm=no \
+ --includedir=${includedir}/${PN} \
+ --datadir=${datadir}/${PN} \
+ --sysconfdir=${sysconfdir}/${PN} \
+ --libexecdir=${libdir}/${PN}/modules \
+ ap_cv_void_ptr_lt_long=no \
+ --enable-mpms-shared \
+ ac_cv_have_threadsafe_pollset=no"
+
+do_install_append() {
+ install -d ${D}/${sysconfdir}/init.d
+ cat ${WORKDIR}/init | \
+ sed -e 's,/usr/sbin/,${sbindir}/,g' \
+ -e 's,/usr/bin/,${bindir}/,g' \
+ -e 's,/usr/lib,${libdir}/,g' \
+ -e 's,/etc/,${sysconfdir}/,g' \
+ -e 's,/usr/,${prefix}/,g' > ${D}/${sysconfdir}/init.d/${PN}
+ chmod 755 ${D}/${sysconfdir}/init.d/${PN}
+ # remove the goofy original files...
+ rm -rf ${D}/${sysconfdir}/${PN}/original
+ # Expat should be found in the staging area via DEPENDS...
+ rm -f ${D}/${libdir}/libexpat.*
+
+ # Ensure configuration file pulls in modules.d
+ printf "\nInclude ${sysconfdir}/${PN}/modules.d/*\n\n" >> ${D}/${sysconfdir}/${PN}/httpd.conf
+}
+
+SYSROOT_PREPROCESS_FUNCS += "apache_sysroot_preprocess"
+
+apache_sysroot_preprocess () {
+ install -d ${SYSROOT_DESTDIR}${bindir_crossscripts}/
+ install -m 755 ${D}${bindir}/apxs ${SYSROOT_DESTDIR}${bindir_crossscripts}/
+ sed -i 's!my $installbuilddir = .*!my $installbuilddir = "${STAGING_DIR_HOST}/${datadir}/${PN}/build";!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/apxs
+ sed -i 's!my $libtool = .*!my $libtool = "${STAGING_BINDIR_CROSS}/${TARGET_PREFIX}libtool";!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/apxs
+
+ sed -i 's!^APR_CONFIG = .*!APR_CONFIG = ${STAGING_BINDIR_CROSS}/apr-1-config!' ${SYSROOT_DESTDIR}${datadir}/${PN}/build/config_vars.mk
+ sed -i 's!^APU_CONFIG = .*!APU_CONFIG = ${STAGING_BINDIR_CROSS}/apu-1-config!' ${SYSROOT_DESTDIR}${datadir}/${PN}/build/config_vars.mk
+}
+
+#
+# implications - used by update-rc.d scripts
+#
+INITSCRIPT_NAME = "apache2"
+INITSCRIPT_PARAMS = "defaults 91 20"
+LEAD_SONAME = "libapr-1.so.0"
+
+CONFFILES_${PN} = "${sysconfdir}/${PN}/httpd.conf \
+ ${sysconfdir}/${PN}/magic \
+ ${sysconfdir}/${PN}/mime.types \
+ ${sysconfdir}/init.d/${PN} "
+
+PACKAGES = "${PN}-doc ${PN}-dev ${PN}-dbg ${PN}"
+
+# we override here rather than append so that .so links are
+# included in the runtime package rather than here (-dev)
+# and to get build, icons, error into the -dev package
+FILES_${PN}-dev = "${datadir}/${PN}/build \
+ ${datadir}/${PN}/icons \
+ ${datadir}/${PN}/error \
+ ${bindir}/apr-config ${bindir}/apu-config \
+ ${libdir}/apr*.exp \
+ ${includedir}/${PN} \
+ ${libdir}/*.la \
+ ${libdir}/*.a"
+
+# manual to manual
+FILES_${PN}-doc += " ${datadir}/${PN}/manual"
+
+#
+# override this too - here is the default, less datadir
+#
+FILES_${PN} = "${bindir} ${sbindir} ${libexecdir} ${libdir}/lib*.so.* ${sysconfdir} \
+ ${sharedstatedir} ${localstatedir} /bin /sbin /lib/*.so* \
+ ${libdir}/${PN}"
+
+# we want htdocs and cgi-bin to go with the binary
+FILES_${PN} += "${datadir}/${PN}/htdocs ${datadir}/${PN}/cgi-bin"
+
+#make sure the lone .so links also get wrapped in the base package
+FILES_${PN} += "${libdir}/lib*.so ${libdir}/pkgconfig/*"
+
+FILES_${PN}-dbg += "${libdir}/${PN}/modules/.debug"
+
diff --git a/meta-webserver/recipes-httpd/apache2/files/init b/meta-webserver/recipes-httpd/apache2/files/init
new file mode 100755
index 0000000..85af742
--- /dev/null
+++ b/meta-webserver/recipes-httpd/apache2/files/init
@@ -0,0 +1,73 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: httpd
+# Required-Start: $local_fs $remote_fs $network $named
+# Required-Stop: $local_fs $remote_fs $network
+# Should-Start: distcache
+# Short-Description: start and stop Apache HTTP Server
+# Description: The Apache HTTP Server is an extensible server
+# implementing the current HTTP standards.
+### END INIT INFO
+
+ARGS="-D SSL -k start"
+NAME=apache2
+PATH=/bin:/usr/bin:/sbin:/usr/sbin
+DAEMON=/usr/sbin/httpd
+SUEXEC=/usr/lib/apache/suexec
+PIDFILE=/var/run/$NAME.pid
+CONF=/etc/apache2/httpd.conf
+APACHECTL=/usr/sbin/apachectl
+
+trap "" 1
+export LANG=C
+export PATH
+
+test -f $DAEMON || exit 0
+test -f $APACHECTL || exit 0
+
+# ensure we don't leak environment vars into apachectl
+APACHECTL="env -i LANG=${LANG} PATH=${PATH} $APACHECTL"
+
+case "$1" in
+ start)
+ echo -n "Starting web server: $NAME"
+ $APACHECTL $ARGS
+ ;;
+
+ stop)
+ $APACHECTL stop
+ ;;
+
+ reload)
+ echo -n "Reloading $NAME configuration"
+ $APACHECTL reload
+ ;;
+
+ reload-modules)
+ echo -n "Reloading $NAME modules"
+ $APACHECTL restart
+ ;;
+
+ restart)
+ $APACHECTL restart
+ exit $?
+ ;;
+
+ force-reload)
+ $0 reload-modules
+ exit $?
+ ;;
+
+ *)
+ echo "Usage: /etc/init.d/$NAME {start|stop|reload|reload-modules|force-reload|restart}"
+ exit 1
+ ;;
+esac
+
+if [ $? = 0 ]; then
+ echo .
+ exit 0
+else
+ echo failed
+ exit 1
+fi
--
1.7.9.5
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [meta-webserver][PATCH v2 3/4] modphp: add from OE-Classic, update to 5.3.14 and fix
2012-10-03 17:08 [meta-webserver][PATCH v2 0/4] Add meta-webserver Paul Eggleton
2012-10-03 17:08 ` [meta-webserver][PATCH v2 1/4] Add meta-webserver layer Paul Eggleton
2012-10-03 17:08 ` [meta-webserver][PATCH v2 2/4] apache2: add from OE-Classic, update to version 2.4.2 and fix Paul Eggleton
@ 2012-10-03 17:08 ` Paul Eggleton
2012-10-03 17:08 ` [meta-webserver][PATCH v2 4/4] xdebug: add new recipe Paul Eggleton
3 siblings, 0 replies; 6+ messages in thread
From: Paul Eggleton @ 2012-10-03 17:08 UTC (permalink / raw)
To: openembedded-devel
* Use working SRC_URI
* Fix to use correct headers and apxs script for cross-compiling
* Enable threading
* Install headers and scripts for building extension modules
* Use proper variables instead of /etc, /usr/lib etc.
* Fix rpath QA issues
* Add LIC_FILES_CHKSUM
* Put apache config file into SRC_URI instead of referring to it using
FILESDIR
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
---
.../recipes-php/modphp/files/70_mod_php5.conf | 12 +++
.../recipes-php/modphp/files/configure.patch | 11 +++
.../recipes-php/modphp/files/pthread-check.patch | 64 ++++++++++++++
meta-webserver/recipes-php/modphp/modphp5.inc | 90 ++++++++++++++++++++
meta-webserver/recipes-php/modphp/modphp_5.3.14.bb | 5 ++
5 files changed, 182 insertions(+)
create mode 100644 meta-webserver/recipes-php/modphp/files/70_mod_php5.conf
create mode 100644 meta-webserver/recipes-php/modphp/files/configure.patch
create mode 100644 meta-webserver/recipes-php/modphp/files/pthread-check.patch
create mode 100644 meta-webserver/recipes-php/modphp/modphp5.inc
create mode 100644 meta-webserver/recipes-php/modphp/modphp_5.3.14.bb
diff --git a/meta-webserver/recipes-php/modphp/files/70_mod_php5.conf b/meta-webserver/recipes-php/modphp/files/70_mod_php5.conf
new file mode 100644
index 0000000..1de6fb1
--- /dev/null
+++ b/meta-webserver/recipes-php/modphp/files/70_mod_php5.conf
@@ -0,0 +1,12 @@
+# vim: ft=apache sw=4 ts=4
+<IfDefine PHP5>
+ # Load the module first
+ <IfModule !sapi_apache2.c>
+ LoadModule php5_module lib/apache2/modules/libphp5.so
+ </IfModule>
+
+ # Set it to handle the files
+ AddHandler php5-script .php .phtml .php3 .php4 .php5
+ AddType application/x-httpd-php-source .phps
+ DirectoryIndex index.html index.html.var index.php index.phtml
+</IfDefine>
diff --git a/meta-webserver/recipes-php/modphp/files/configure.patch b/meta-webserver/recipes-php/modphp/files/configure.patch
new file mode 100644
index 0000000..c5334c7
--- /dev/null
+++ b/meta-webserver/recipes-php/modphp/files/configure.patch
@@ -0,0 +1,11 @@
+--- php-5.1.6/configure.old 2006-09-12 07:54:14.000000000 -0700
++++ php-5.1.6/configure 2006-09-12 07:54:37.000000000 -0700
+@@ -14715,8 +14715,6 @@
+
+
+
+- unset ac_cv_func_dlopen
+- unset ac_cv_func___dlopen
+ unset found
+
+ echo $ac_n "checking for dlopen""... $ac_c" 1>&6
diff --git a/meta-webserver/recipes-php/modphp/files/pthread-check.patch b/meta-webserver/recipes-php/modphp/files/pthread-check.patch
new file mode 100644
index 0000000..1388b2b
--- /dev/null
+++ b/meta-webserver/recipes-php/modphp/files/pthread-check.patch
@@ -0,0 +1,64 @@
+Hack configure script so it does not disable pthread support when cross-compiling
+
+Upstream-Status: Inapproprate [config]
+
+Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
+
+diff --git a/configure b/configure
+index 03d8f95..6794d45 100755
+--- a/configure
++++ b/configure
+@@ -3506,7 +3506,7 @@ fi
+
+ if test "$cross_compiling" = yes; then
+
+- pthreads_working=no
++ pthreads_working=yes
+ case $host_alias in
+ *netware*)
+ pthreads_working=yes
+@@ -3566,7 +3566,7 @@ else
+
+ if test "$cross_compiling" = yes; then
+
+- pthreads_working=no
++ pthreads_working=yes
+ case $host_alias in
+ *netware*)
+ pthreads_working=yes
+@@ -3636,7 +3636,7 @@ if test "$pthreads_working" != "yes"; then
+
+ if test "$cross_compiling" = yes; then
+
+- pthreads_working=no
++ pthreads_working=yes
+ case $host_alias in
+ *netware*)
+ pthreads_working=yes
+@@ -106833,7 +106833,7 @@ fi
+
+ if test "$cross_compiling" = yes; then
+
+- pthreads_working=no
++ pthreads_working=yes
+ case $host_alias in
+ *netware*)
+ pthreads_working=yes
+@@ -106893,7 +106893,7 @@ else
+
+ if test "$cross_compiling" = yes; then
+
+- pthreads_working=no
++ pthreads_working=yes
+ case $host_alias in
+ *netware*)
+ pthreads_working=yes
+@@ -106963,7 +106963,7 @@ if test "$pthreads_working" != "yes"; then
+
+ if test "$cross_compiling" = yes; then
+
+- pthreads_working=no
++ pthreads_working=yes
+ case $host_alias in
+ *netware*)
+ pthreads_working=yes
diff --git a/meta-webserver/recipes-php/modphp/modphp5.inc b/meta-webserver/recipes-php/modphp/modphp5.inc
new file mode 100644
index 0000000..82b5ce1
--- /dev/null
+++ b/meta-webserver/recipes-php/modphp/modphp5.inc
@@ -0,0 +1,90 @@
+SECTION = "console/network"
+DESCRIPTION = "A server-side, HTML-embedded scripting language. This package provides the apache php module."
+LICENSE = "PHP"
+DEPENDS = "apache2-native apache2 zlib"
+
+SRC_URI = "http://www.php.net/distributions/php-${PV}.tar.bz2 \
+ file://configure.patch \
+ file://pthread-check.patch \
+ file://70_mod_php5.conf \
+ "
+
+S = "${WORKDIR}/php-${PV}"
+
+LIC_FILES_CHKSUM = "file://LICENSE;md5=cb564efdf78cce8ea6e4b5a4f7c05d97"
+
+inherit autotools
+
+CFLAGS += " -g -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED -I${STAGING_INCDIR}/apache2"
+
+EXTRA_OECONF = "--with-apxs2=${STAGING_BINDIR_CROSS}/apxs \
+ --enable-maintainer-zts \
+ --without-mysql \
+ --enable-force-cgi-redirect \
+ --disable-cgi \
+ --disable-cli \
+ --disable-pdo \
+ --without-pear \
+ --without-iconv \
+ --disable-ipv6 \
+ --disable-xml \
+ --disable-xmlreader \
+ --disable-xmlwriter \
+ --disable-simplexml \
+ --disable-libxml \
+ --disable-dom \
+ --disable-rpath \
+ --libdir=${libdir}/php5 \
+ --with-zlib --with-zlib-dir=${STAGING_DIR_TARGET}${exec_prefix} \
+ --with-config-file-path=${sysconfdir}/php/apache2-php5"
+
+# to get postgres support, add it to the DEPENDS above
+# and uncomment this line. similar for mysql
+#EXTRA_OECONF += " --with-pgsql=${STAGING_DIR_HOST}${layout_exec_prefix}"
+
+acpaths = ""
+
+#
+# override the autotools do_configure, which runs autoconf,
+# which breaks everything...
+#
+do_configure() {
+ find . -name config.m4 -o -name configure | xargs -n1 sed -i 's!APXS_HTTPD=.*!APXS_HTTPD=${STAGING_BINDIR_NATIVE}/httpd!'
+ export PHP_LIBXML_DIR=${STAGING_DIR_NATIVE}${layout_exec_prefix}
+ oe_runconf
+}
+
+do_install () {
+ install -d ${D}${libdir}/apache2/modules
+ install -d ${D}${sysconfdir}/apache2/modules.d
+ install -d ${D}${sysconfdir}/php/apache2-php5
+ install -m 755 libs/libphp5.so ${D}${libdir}/apache2/modules
+ install -m 644 ${WORKDIR}/70_mod_php5.conf ${D}${sysconfdir}/apache2/modules.d
+ cat ${S}/php.ini-dist | \
+ sed -e 's,extension_dir = \"\./\",extension_dir = \"/usr/lib/extensions\",' \
+ > ${D}${sysconfdir}/php/apache2-php5/php.ini
+
+ install -d ${D}${bindir}
+ install -m 755 scripts/phpize ${D}${bindir}
+ install -m 755 scripts/php-config ${D}${bindir}
+
+ oe_runmake install-build install-headers INSTALL_ROOT=${D}
+}
+
+SYSROOT_PREPROCESS_FUNCS += "php_sysroot_preprocess"
+
+php_sysroot_preprocess () {
+ install -d ${SYSROOT_DESTDIR}${bindir_crossscripts}/
+ install -m 755 ${D}${bindir}/phpize ${SYSROOT_DESTDIR}${bindir_crossscripts}/
+ install -m 755 ${D}${bindir}/php-config ${SYSROOT_DESTDIR}${bindir_crossscripts}/
+
+ sed -i 's!eval echo /!eval echo ${STAGING_DIR_HOST}/!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/phpize
+ sed -i 's!^include_dir=.*!include_dir=${STAGING_INCDIR}/php!' ${SYSROOT_DESTDIR}${bindir_crossscripts}/php-config
+}
+
+RDEPENDS_${PN} = "apache2"
+
+FILES_${PN} = "${libdir}/apache2 ${sysconfdir}"
+FILES_${PN}-dev += "${bindir}/phpize ${bindir}/php-config ${libdir}/php5"
+FILES_${PN}-dbg += "${libdir}/apache2/modules/.debug"
+
diff --git a/meta-webserver/recipes-php/modphp/modphp_5.3.14.bb b/meta-webserver/recipes-php/modphp/modphp_5.3.14.bb
new file mode 100644
index 0000000..b6a5126
--- /dev/null
+++ b/meta-webserver/recipes-php/modphp/modphp_5.3.14.bb
@@ -0,0 +1,5 @@
+include modphp5.inc
+PR = "r0"
+
+SRC_URI[md5sum] = "7caac4f71e2f21426c11ac153e538392"
+SRC_URI[sha256sum] = "c8075b6e83c5db0d26cc8426a7456856421089a76c963813b1fcac3ced041cb3"
--
1.7.9.5
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [meta-webserver][PATCH v2 4/4] xdebug: add new recipe
2012-10-03 17:08 [meta-webserver][PATCH v2 0/4] Add meta-webserver Paul Eggleton
` (2 preceding siblings ...)
2012-10-03 17:08 ` [meta-webserver][PATCH v2 3/4] modphp: add from OE-Classic, update to 5.3.14 " Paul Eggleton
@ 2012-10-03 17:08 ` Paul Eggleton
3 siblings, 0 replies; 6+ messages in thread
From: Paul Eggleton @ 2012-10-03 17:08 UTC (permalink / raw)
To: openembedded-devel
Add new recipe for the Xdebug PHP debugger/profiler.
Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
---
meta-webserver/recipes-php/xdebug/xdebug_2.2.1.bb | 34 +++++++++++++++++++++
1 file changed, 34 insertions(+)
create mode 100644 meta-webserver/recipes-php/xdebug/xdebug_2.2.1.bb
diff --git a/meta-webserver/recipes-php/xdebug/xdebug_2.2.1.bb b/meta-webserver/recipes-php/xdebug/xdebug_2.2.1.bb
new file mode 100644
index 0000000..48e1f8e
--- /dev/null
+++ b/meta-webserver/recipes-php/xdebug/xdebug_2.2.1.bb
@@ -0,0 +1,34 @@
+SUMMARY = "Debugging and profiling extension for PHP"
+LICENSE = "Xdebug"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=34df3a274aa12b795417c65634c07f16"
+
+DEPENDS = "modphp"
+
+PR = "r0"
+
+SRC_URI = "http://xdebug.org/files/xdebug-${PV}.tgz"
+
+SRC_URI[md5sum] = "5e5c467e920240c20f165687d7ac3709"
+SRC_URI[sha256sum] = "11d340eb7f87909a596bac054cc927df757dc2fc7c90b50a832c30e9bf84c9ad"
+
+inherit autotools
+
+EXTRA_OECONF += "--enable-xdebug -with-php-config=${STAGING_BINDIR_CROSS}/php-config"
+
+do_configure() {
+ ${STAGING_BINDIR_CROSS}/phpize
+
+ # Running autoreconf as autotools_do_configure would do here
+ # breaks the libtool configuration resulting in a failure later
+ # in do_compile. It's possible this may be fixable, however the
+ # easiest course of action for the moment is to avoid doing that.
+ oe_runconf
+}
+
+do_install() {
+ oe_runmake install INSTALL_ROOT=${D}
+}
+
+FILES_${PN} += "${libdir}/php5/extensions/*/*.so"
+FILES_${PN}-dbg += "${libdir}/php5/extensions/*/.debug"
+
--
1.7.9.5
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [meta-webserver][PATCH v2 2/4] apache2: add from OE-Classic, update to version 2.4.2 and fix
2012-10-03 17:08 ` [meta-webserver][PATCH v2 2/4] apache2: add from OE-Classic, update to version 2.4.2 and fix Paul Eggleton
@ 2012-10-03 19:01 ` Koen Kooi
0 siblings, 0 replies; 6+ messages in thread
From: Koen Kooi @ 2012-10-03 19:01 UTC (permalink / raw)
To: openembedded-devel
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Op 03-10-12 19:08, Paul Eggleton schreef:
> * Clean out some cruft and move packaging stuff after do_install
> diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.2.bb
> b/meta-webserver/recipes-httpd/apache2/apache2_2.4.2.bb new file mode
> 100644 index 0000000..15c4d02 --- /dev/null +++
> b/meta-webserver/recipes-httpd/apache2/apache2_2.4.2.bb @@ -0,0 +1,130
> @@ +DESCRIPTION = "The Apache HTTP Server is a powerful, efficient, and
> \ +extensible web server." +SUMMARY = "Apache HTTP Server" +HOMEPAGE =
> "http://httpd.apache.org/" +DEPENDS = "libtool-native apache2-native
> openssl expat pcre apr apr-util" +RDEPENDS_${PN} += "openssl libgcc"
^^^^^^^^^^^
Missed some "packaging stuff" to move below do_install
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
Comment: GPGTools - http://gpgtools.org
iD8DBQFQbIt2MkyGM64RGpERAkP6AJ9OUNRyfLyE7XgSscK8wuKvAyvqnwCgnhOX
fZZRGu5Klw+O8reOcuwfb8k=
=mg1u
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2012-10-05 1:43 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-10-03 17:08 [meta-webserver][PATCH v2 0/4] Add meta-webserver Paul Eggleton
2012-10-03 17:08 ` [meta-webserver][PATCH v2 1/4] Add meta-webserver layer Paul Eggleton
2012-10-03 17:08 ` [meta-webserver][PATCH v2 2/4] apache2: add from OE-Classic, update to version 2.4.2 and fix Paul Eggleton
2012-10-03 19:01 ` Koen Kooi
2012-10-03 17:08 ` [meta-webserver][PATCH v2 3/4] modphp: add from OE-Classic, update to 5.3.14 " Paul Eggleton
2012-10-03 17:08 ` [meta-webserver][PATCH v2 4/4] xdebug: add new recipe Paul Eggleton
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.