Date: Wed, 11 Mar 2009 08:55:53 +0000 (UTC) From: "Bjoern A. Zeeb" <bzeeb+freebsdports@zabbadoz.net> To: FreeBSD-gnats-submit@FreeBSD.org Cc: "Bjoern A. Zeeb" <bzeeb+freebsdports@zabbadoz.net> Subject: ports/132528: [patch] www/apache22 no-accf fix Message-ID: <20090311085553.6D6D94899B5@storage.int.zabbadoz.net> Resent-Message-ID: <200903110910.n2B9A2eO013236@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 132528 >Category: ports >Synopsis: [patch] www/apache22 no-accf fix >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Mar 11 09:10:02 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Bjoern A. Zeeb >Release: FreeBSD 8.0-CURRENT amd64 >Organization: Zabbadoz.NeT >Environment: System: FreeBSD foo 8.0-CURRENT FreeBSD 8.0-CURRENT #0: 2009 bz@foo:/path/to/HEAD/sys/KERNEL amd64 >Description: When configuring an apache22 with virtual hosts even though apache22 is staretd with apache22_http_accept_enable="NO" and thus -DNOHTTPACCEPT it still complains that [warn] (2)No such file or directory: Failed to enable the 'httpready' Accept Filter [warn] (2)No such file or directory: Failed to enable the 'httpready' Accept Filter [warn] (2)No such file or directory: Failed to enable the 'httpready' Accept Filter [warn] (2)No such file or directory: Failed to enable the 'httpready' Accept Filter >How-To-Repeat: Configure apache22 with virtual hosts, make sure you do not have the accf_* modules loaded and start apache22 with apache22_http_accept_enable="NO". Best observed inside jails where loading the modules is not possible either. PS: I am not sure if there isn't a bug in the apache22 startup script related to return codes from apache22_accf() and how sh(1) interprets them. Especially if you cannot load the accf module, noone would set -DNOHTTPACCEPT? >Fix: To be able to configure AcceptFilter http none AcceptFilter https none and make it work like local/etc/apache22/Includes/no-accf.conf does along with virtual hosts, etc. use the following patch (below). You can alos temporarily fetch it from: http://people.freebsd.org/~bz/www-apache22-accf-fix.diff Adds the new file files/patch-server__core.c . If it proves to be correct and working for everyone I'd like to submit it upstream. Index: www/apache22/files/patch-server__core.c =================================================================== RCS file: www/apache22/files/patch-server__core.c diff -N www/apache22/files/patch-server__core.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ www/apache22/files/patch-server__core.c 11 Mar 2009 08:35:07 -0000 @@ -0,0 +1,36 @@ +--- ./server/core.c.orig 2008-06-02 23:18:18.000000000 +0200 ++++ ./server/core.c 2009-03-09 15:05:57.000000000 +0100 +@@ -494,6 +494,7 @@ + core_server_config *base = (core_server_config *)basev; + core_server_config *virt = (core_server_config *)virtv; + core_server_config *conf; ++ const char *accfb, *accfc; + + conf = (core_server_config *)apr_pmemdup(p, virt, sizeof(core_server_config)); + +@@ -509,6 +510,25 @@ + conf->protocol = base->protocol; + } + ++ /* ++ * bz accept_filter(9) disable fix. ++ * ++ * You can only configure it in the base config but the ++ * values are copied and checked into virtual host configs, ++ * so if you disable it in base it will still be on in virt. ++ * To fix it, we overwrite each virt config if it does not ++ * match what is in base config for the hardcoded http(s). ++ */ ++ accfb = apr_table_get(base->accf_map, "http"); ++ accfc = apr_table_get(conf->accf_map, "http"); ++ if (accfb && accfc && strcmp(accfb, accfc)) ++ apr_table_set(conf->accf_map, "http", accfb); ++ ++ accfb = apr_table_get(base->accf_map, "https"); ++ accfc = apr_table_get(conf->accf_map, "https"); ++ if (accfb && accfc && strcmp(accfb, accfc)) ++ apr_table_set(conf->accf_map, "https", accfb); ++ + conf->sec_dir = apr_array_append(p, base->sec_dir, virt->sec_dir); + conf->sec_url = apr_array_append(p, base->sec_url, virt->sec_url); + >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090311085553.6D6D94899B5>