./www/apache24, Apache HTTP (Web) server, version 2.4

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.4.20, Package name: apache-2.4.20, Maintainer: ryoon

The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for various modern desktop and server operating
systems, such as UNIX and Windows NT. The goal of this project is to
provide a secure, efficient and extensible server which provides HTTP
services in sync with the current HTTP standards.

This package tracks 2.4.x release.


Required to run:
[devel/apr] [devel/apr-util] [devel/pcre] [devel/readline]


Package options: apache-mpm-event, apache-mpm-prefork, apache-mpm-worker

Master sites: (Expand)

SHA1: cefe8ea4a3f81c7a08e36c80ebbd792c67ab361b
RMD160: 6dc7254363d7de5027604c7604ed6c96b96b1fa4
Filesize: 6182.953 KB

Version history: (Expand)


CVS history: (Expand)


   2016-04-14 14:38:23 by Thomas Klausner | Files touched by this commit (1)
Log message:
Add comment:

When updating this package, make sure that no strings like
"PR 12345" are in the commit message. Upstream likes
to reference their own PRs this way, but this ends up
in NetBSD GNATS.
   2016-04-14 14:16:10 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
Changes with Apache 2.4.20

  *) core: Do not read .htaccess if AllowOverride and AllowOverrideList
     are "None". PR 58528.

  *) mod_proxy_express: Fix possible use of DB handle after close.  PR 59230.

  *) core/util_script: relax alphanumeric filter of enviroment variable names
     on Windows to allow '(' and ')' for passing PROGRAMFILES(X86) et.al.
     unadulterated in 64 bit versions of Windows. PR 46751.

  *) mod_http2: incrementing keepalives on each request started so that logging
     %k gives increasing numbers per master http2 connection.
     New documented variables in env, usable in custom log formats: H2_PUSH,
     H2_PUSHED, H2_PUSHED_ON, H2_STREAM_ID and H2_STREAM_TAG.

  *) mod_http2: more efficient passing of response bodies with less contention
     and file bucket forwarding.

  *) mod_http2: fix for missing score board updates on request count, fix for
     memory leak on slave connection reuse.

  *) mod_http2: Fix build on Windows from dsp files.
   2016-03-05 12:29:49 by Jonathan Perkin | Files touched by this commit (1813) | Package updated
Log message:
Bump PKGREVISION for security/openssl ABI bump.
   2016-01-31 08:49:23 by Ryo ONODERA | Files touched by this commit (1)
Log message:
Detect pkgsrc lua. Fix PR pkg/50724
   2016-01-20 14:29:30 by Pierre Pronchery | Files touched by this commit (2)
Log message:
Remove support for APACHE_CUSTOM_CFLAGS

This goes as far back as 2001 (mk.conf.example) but there should not be any
reason to explicitly set CFLAGS for specific packages. In practice this
even fixes support for global CFLAGS in www/apache{22,24}.

ok gdt@
   2015-12-27 13:50:54 by Adam Ciarcinski | Files touched by this commit (2)
Log message:
Changes with Apache 2.4.18

*) mod_ssl: for all ssl_engine_vars.c lookups, fall back to master connection
   if conn_rec itself holds no valid SSLConnRec*. Fixes 58666.

*) mod_http2: connection level window for flow control is set to protocol
   maximum of 2GB-1, preventing window exhaustion when sending data on many
   streams with higher cumulative window size.
   Reducing write frequency unless push promises need to be flushed.

*) mod_http2: required minimum version of libnghttp2 is 1.2.1

*) mod_proxy_fdpass: Fix AH01153 error when using the default configuration.
   In earlier version of httpd, you can explicitelly set the 'flusher' parameter
   to 'flush' as a workaround. (i.e. flusher=flush)
   Add documentation for the 'flusher' parameter when defining a proxy worker.

*) mod_ssl: For the "SSLStaplingReturnResponderErrors off" case, make sure
   to only staple responses with certificate status "good".

*) mod_http2: new directive 'H2PushPriority' to allow priority specifications
   on server pushed streams according to their content-type.

*) mod_http2: fixes crash on connection abort for a busy connection.
   fixes crash on a request that did not produce any response.

*) mod_http2: trailers are sent after reponse body if set in request_rec
   trailers_out before the end-of-request bucket is sent through the
   output filters.

*) mod_http2: incoming trailers (headers after request body) are properly
   forwarded to the processing engine.

*) mod_http2: new directive 'H2Push' to en-/disable HTTP/2 server
   pushes a server/virtual host. Pushes are initiated by the presence
   of 'Link:' headers with relation 'preload' on a response.

*) mod_http2: write performance of http2 improved for larger resources,
   especially static files.

*) core: if the first HTTP/1.1 request on a connection goes to a server that
   prefers different protocols, these protocols are announced in a Upgrade:
   header on the response, mentioning the preferred protocols.

*) mod_http2: new directives 'H2TLSWarmUpSize' and 'H2TLSCoolDownSecs'
   to control TLS record sizes during connection lifetime.

*) mod_http2: new directive 'H2ModernTLSOnly' to enforce security
   requirements of RFC 7540 on TLS connections.

*) core: add ap_get_protocol_upgrades() to retrieve the list of protocols
   that a client could possibly upgrade to. Use in first request on a
   connection to announce protocol choices.

*) mod_http2: reworked deallocation on connection shutdown and worker
   abort. Separate parent pool for all workers. worker threads are joined
   on planned worker shutdown.

*) mod_ssl: when receiving requests for other virtual hosts than the handshake
   server, the SSL parameters are checked for equality. With equal
   configuration, requests are passed for processing. Any change will trigger
   the old behaviour of "421 Misdirected Request".
   SSL now remembers the cipher suite that was used for the last handshake.
   This is compared against for any vhost/directory cipher specification.
   Detailed examination of renegotiation is only done when these do not
   match.
   Renegotiation is 403ed when a master connection is present. Exact reason
   is given additionally in a request note.

*) core: Fix scoreboard crash (SIGBUS) on hardware requiring strict 64bit
   alignment (SPARC64, PPC64).

*) mod_cache: Accept HT (Horizontal Tab) when parsing cache related header
   fields as described in RFC7230.

*) core/util_script: making REDIRECT_URL a full URL is now opt-in
   via new 'QualifyRedirectURL' directive.

*) core: Limit to ten the number of tolerated empty lines between request,
   and consume them before the pipelining check to avoid possible response
   delay when reading the next request without flushing.

*) mod_ssl: Extend expression parser registration to support ssl variables
   in any expression using mod_rewrite syntax "%{SSL:VARNAME}" or function
   syntax "ssl(VARNAME)".
   2015-11-25 13:54:07 by Jonathan Perkin | Files touched by this commit (8)
Log message:
Remove mk/find-prefix.mk usage from the www category.

The find-prefix infrastructure was required in a pkgviews world where
packages installed from pkgsrc could have different installation
prefixes, and this was a way for a dependency prefix to be determined.

Now that pkgviews has been removed there is no longer any need for the
overhead of this infrastructure.  Instead we use BUILDLINK_PREFIX.pkg
for dependencies pulled in via buildlink, or LOCALBASE/PREFIX where the
dependency is coming from pkgsrc.

Provides a reasonable performance win due to the reduction of `pkg_info
-qp` calls, some of which were redundant anyway as they were duplicating
the same information provided by BUILDLINK_PREFIX.pkg.
   2015-10-17 12:16:35 by Adam Ciarcinski | Files touched by this commit (4)
Log message:
Changes with Apache 2.4.17

  *) mod_http2: added donated HTTP/2 implementation via core module. Similar
     configuration options to mod_ssl.

  *) mod_proxy: don't recyle backend announced "Connection: close" \ 
connections
     to avoid reusing it should the close be effective after some new request
     is ready to be sent.

  *) mod_substitute: Allow to configure the patterns merge order with the new
     SubstituteInheritBefore on|off directive.

  *) mod_proxy: Fix ProxySourceAddress binding failure with AH00938.

  *) mod_ssl: Support compilation against libssl built with OPENSSL_NO_SSL3,
     and change the compiled-in default for SSL[Proxy]Protocol to "all \ 
-SSLv3",
     in accordance with RFC 7568.

  *) mod_ssl: append :!aNULL:!eNULL:!EXP to the cipher string settings,
     instead of prepending !aNULL:!eNULL:!EXP: (as was the case in 2.4.7
     and later). Enables support for configuring the SUITEB* cipher
     strings introduced in OpenSSL 1.0.2.

  *) mod_ssl: Add support for extracting the msUPN and dnsSRV forms
     of subjectAltName entries of type "otherName" into
     SSL_{CLIENT,SERVER}_SAN_OTHER_{msUPN,dnsSRV}_n environment
     variables.

  *) mod_logio: Fix logging of %^FB (time to first byte) on the first request on
     an SSL connection.

  *) mod_cache: r->err_headers_out is not merged into
     r->headers when mod_cache is enabled and the response
     is cached for the first time.

  *) mod_slotmem_shm: Fix slots/SHM files names on restart for systems that
     can't create new (clear) slots while previous children gracefully stopping
     still use the old ones (e.g. Windows, OS2). mod_proxy_balancer failed to
     restart whenever the number of configured balancers/members changed during
     restart.

  *) core/util_script: make REDIRECT_URL a full URL.

  *) MPMs: Support SO_REUSEPORT to create multiple duplicated listener
     records for scalability.

  *) mod_proxy: Fix a race condition that caused a failed worker to be retried
     before the retry period is over.

  *) mod_autoindex: Allow autoindexes when neither mod_dir nor mod_mime are
     loaded.

  *) mod_rewrite:  Allow cookies set by mod_rewrite to contain ':' by accepting
     ';' as an alternate separator.

  *) apxs: Add HTTPD_VERSION and HTTPD_MMN to the variables available with
     apxs -q.

  *) mod_rewrite: Avoid a crash when lacking correct DB access permissions
     when using RewriteMap with MapType dbd or fastdbd.

  *) mod_authz_dbd: Avoid a crash when lacking correct DB access permissions.

  *) mod_socache_memcache: Add the 'MemcacheConnTTL' directive to control how
     long to keep idle connections with the memcache server(s).
     Change default value from 600 usec (!) to 15 sec.

  *) mod_dir: Prevent the internal identifier "httpd/unix-directory" from
     appearing as a Content-Type response header when requests for a directory
     are rewritten by mod_rewrite.