summaryrefslogtreecommitdiff
path: root/www-servers/apache
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2017-10-09 18:53:29 +0100
committerV3n3RiX <venerix@redcorelinux.org>2017-10-09 18:53:29 +0100
commit4f2d7949f03e1c198bc888f2d05f421d35c57e21 (patch)
treeba5f07bf3f9d22d82e54a462313f5d244036c768 /www-servers/apache
reinit the tree, so we can have metadata
Diffstat (limited to 'www-servers/apache')
-rw-r--r--www-servers/apache/Manifest22
-rw-r--r--www-servers/apache/apache-2.2.31-r1.ebuild118
-rw-r--r--www-servers/apache/apache-2.2.34.ebuild114
-rw-r--r--www-servers/apache/apache-2.4.27-r1.ebuild238
-rw-r--r--www-servers/apache/apache-2.4.27.ebuild238
-rw-r--r--www-servers/apache/apache-2.4.28.ebuild238
-rw-r--r--www-servers/apache/files/41_mod_http2.conf9
-rw-r--r--www-servers/apache/files/apache-asf-httpoxy.patch20
-rw-r--r--www-servers/apache/files/apache.conf2
-rw-r--r--www-servers/apache/files/apache2.2-hardened.service27
-rw-r--r--www-servers/apache/files/apache2.2.service19
-rw-r--r--www-servers/apache/metadata.xml39
12 files changed, 1084 insertions, 0 deletions
diff --git a/www-servers/apache/Manifest b/www-servers/apache/Manifest
new file mode 100644
index 000000000000..e670d46a07d4
--- /dev/null
+++ b/www-servers/apache/Manifest
@@ -0,0 +1,22 @@
+AUX 41_mod_http2.conf 189 SHA256 cd047b552a2d336a31316ca60472591992d6b2eac7bab4d8e6b50c3afa0b785e SHA512 3d56a24ea98bc3188e5d6f8e2e0148e4b718e04f23452e77750bca984c44fc7c3acd4521a945b4c415284d0a5dac0f7e846bb60daf70fe61ce2632e8fa201ed6 WHIRLPOOL 4ae759dca0656c61f737c6beaf752677377da90938754ad1b585df38f67f613aa6b68de2460a3be6e1d7ad3200f3b03ac9156b54f8ef607a96b758ff23c3893b
+AUX apache-asf-httpoxy.patch 830 SHA256 5ea2bf7f64dfde9c8141578208fa9eb17702769a18eb5eb5e875bb1f44c425e8 SHA512 efa44896c55cb9a0c87d5c2fff3684e9d0bb949b3e9ca8cf15b1bffa1cafe1d4f85cff8bd949129c0b4e7123940cfe7fba06121a948b6938eef054bec4c5fb94 WHIRLPOOL 2fce1d8dc9dc0ea2e7afa4c93edd97e53c30e2a2d6d1faf2eb658ef86ccfb7260568ec1fcb10c11fc2921795cf4efa7aa2b98aab09642839441c2ade368c414a
+AUX apache.conf 55 SHA256 ea616c5cc37979a006d69c51bda43fca15a4327d33175762652b29f5cdea1c7b SHA512 3a53beb7a283d17c14383f16ad14c0602681ac1b193cce8f5aca50ae9d9af3a71054ce4a9ab11cbcb72fe913459e1b306fd54660154e66afe10272f8c0f149f3 WHIRLPOOL fa348414f320a9f70001386dfb77d57ca4836c3ef3d251976077b7ad545d7f6752e534efadbf28c7dcb777388e3d844eba84b939dcf48881983388daf6ac23f0
+AUX apache2.2-hardened.service 970 SHA256 aaddbfb3953ad24b3714c54769df625d990833a24a075cfc0a10976c60dfa774 SHA512 c206e7103d592dcf4f2d62979a20f7ab3cc7ce357ffe3c06ae8137064c812b9727e01a53fd602a0a55a64ed609664061de680ff42329381db787e2dae9310c48 WHIRLPOOL 0dbec118e471363e84e00b6163ee6e7f7d9062d486523171da9c9df1f9eb3a7733bbc7262daa7f1ac9d47c1d4155d94ffd2f4b8d7905fa9372c1e275ea111b95
+AUX apache2.2.service 716 SHA256 e850ad73585fbba52ade58a39ca91adbfd52f56a0bbd426ebcadb340a7dcb62b SHA512 5f736c803772077598248bbb41f76dff396dfd2f11a60d1ba929a619275efb8c1b4c0dab78cbcdf83b9ec94db67b958b3333b01f67d71eb3b2e07dba4bca2a7c WHIRLPOOL 776a928422b8f37a12099111a1503674ca901934b60dca8596dc8bc287390be9a0e912d7ba6226dcb22eb7c669fa298ddc20fd7bf5c275b0cf019bae0d594839
+DIST gentoo-apache-2.2.29-20140922.tar.bz2 64135 SHA256 8c69c36c2f40fb81ee905b4dd72ab74aab4563c75149d302f372a451498e2678 SHA512 1d9aa12aa3ab79b5f80ee3fda020b33ff6798e5b1abbcbc138acea06a1ab9968ad240d2bdf9c5dbb9640fa9fb6718eec7175df7cc0fb8574cc4d7d5cdfb5bcc4 WHIRLPOOL f655300f0dcd2f4503cbdb25983fed902e4b717ff57e06f66486bebd0ed7cb8df56387be74b4259bfffad949bb446c5ec28f89065b6d5239585324b610be7b88
+DIST gentoo-apache-2.2.34-20170918.tar.bz2 64390 SHA256 27a1755e3cee4bf4976fd3ed7aeb55db7ad3c0076ae2081ae626d4133c91aac2 SHA512 10b42e50dcc196f60bcaefe90c382d62a61339dd8a56e899d6afb6998be4acdd376e2c3509791f22a0acf99d06add497e32703b6d523f640306a6db5e05f358a WHIRLPOOL 4480bc9ff7a7291eacdc4a8c77e12e58c48f8e1c87ed164a4af42dbdaceebd554343384291723310cbf20d8d0660817f59aa72e7cf541283a142d9f1b3fa58c2
+DIST gentoo-apache-2.4.18-r1-20160303.tar.bz2 24505 SHA256 d81e32d876594b48a7ff6d9123bf776c5bea5453eddd2fe40f4a9b79c11537aa SHA512 68f0c4de38ae05c45839fe692cbb7de641e331ca133b8aaaf69f3659dec15833cda95e6e074edb3a5b6b6d59b3fc5a4ee3589fff810707fe27417a25cd8a4c4d WHIRLPOOL fb61224b2104e611237e1d09eb4dfb3d2b8f023348c9622f7f19434b6b77d63786c41af17a300d994c14d983676f3753ab6fa52f7a7fcd07b9cea3d7eeacc9b9
+DIST gentoo-apache-2.4.27-20170918.tar.bz2 24850 SHA256 10c7404707508ce91ce59974f55fe4368ee153b299f697441f703dab1aefd17a SHA512 c58a9a0b171188ff163f6b45c47f243797d4050cf461ba1a642115350285879005be6496cee2031bffaccc0d8beda4c27de87afa2ded17cbe559f792eb7c00e8 WHIRLPOOL 143092df671320d353bb8221fe62351f5f70262fa5e83cad6904633bcbbd177810717f297081d59e3e3a37e2cb42a004c0575fb55d52e0d1ae7197768b96aef8
+DIST httpd-2.2.31.tar.bz2 5610489 SHA256 f32f9d19f535dac63b06cb55dfc023b40dcd28196b785f79f9346779e22f26ac SHA512 5aa47d4b76f692bbd8b309135ff99152df98cf69b505b9daf3f13f7f2a31443eaf4995161adfbc47a133b4d0e091fda2d95fc6b87a956f0ada18d7466ee28e74 WHIRLPOOL a2e3e53c51719cb6f7e641b41788cd89ce7b4d2ea105b403bfa3b3d4479b69c5604228269062f66722594e105e91121d05b1c9f27ca7dc4ecfcf339da8b8375c
+DIST httpd-2.2.34.tar.bz2 5779739 SHA256 e53183d5dfac5740d768b4c9bea193b1099f4b06b57e5f28d7caaf9ea7498160 SHA512 e6dac5865a48533c025fe17523ee74d68c3a23f9512c9441b78a140e33cfb6835573eb049b0ad424eb5c5ca78a1915778c54e8a409da95fbdd3890cb99e08240 WHIRLPOOL 0bd86b3644fae79c74928c0cd8bc3e4b7d821544a760dbe6459df43210f690d3c4dc74168e029b0b5bbaba6fcd0433aeb4312794455d91b00b7c36c537dfdefd
+DIST httpd-2.4.27.tar.bz2 6527394 SHA256 71fcc128238a690515bd8174d5330a5309161ef314a326ae45c7c15ed139c13a SHA512 7e7e8070715b74cb6890096a74e194f4c6a49c14bda685b1ad832e84312f1ac4316ea03a430e679502bfd8e1853aefa544ee002a20d0f7e994b9a590c74bc42c WHIRLPOOL 35aeaa01b2bf5772ad21d1011e619befd75fdaade5aa0ca7c61367e7b7a66af28dccf8729a53418f2598199721b68aac7d8c575797ed218150d00af4e8dd4dba
+DIST httpd-2.4.28.tar.bz2 6553163 SHA256 c1197a3a62a4ab5c584ab89b249af38cf28b4adee9c0106b62999fd29f920666 SHA512 8de8e32b87e6de220e492e74db9df0882fae11c3b9732f3d3316da048c04767ac4429c0433c36f87d8705263e3376f97a7e1f66a9d7a518632a67b6fe617590a WHIRLPOOL a4c8be522d5e900e01cefc0fc6d196e3e49e45e2daffa9ec22b2dc44deace506da5a4cf68afd04b0062b87ffcd27b6e59d0b8ae71cc2304d5080d066174e95ed
+EBUILD apache-2.2.31-r1.ebuild 3046 SHA256 24ce15f98c4a7aa7e095aedf4aed23f763a3b540bce5976523961c9a96440ca2 SHA512 d3f5c471783365f53a9fd0678ae806d69d6ea3b872cb5ccfe5abdc5e7ad548402a5bac11ebcd1e6100c4245f220663b956ec8b22c1d3963d7ef45b9256def3d7 WHIRLPOOL 638a1978bd526a7e0d1e3c0c77c49a2e82d8869c69a5434c3a84ae83bf5cad18fb294d53c50dd0b5acc1e0e22ad787808b336c1d0b1a31b073fba0693c0092e5
+EBUILD apache-2.2.34.ebuild 2990 SHA256 be262e41891a3fdb2096de2174fd70a027ebdb60e5b84c18afabcfa25a7d6e50 SHA512 41e284116118d0e0a354fe5fb7ec9751a9b913d6d3fdb5663dcf26dda8d715c63bfd4be8029b7ac8be06639e8baf7fe22aad9adf1cfb621f272d4a2f7b25b2e0 WHIRLPOOL d3585090f386833b207935bf133761a3c8eee335ef8a4a4af8da1ae6bec058543cca4c3fb1fbb02eb005643bc6aa0dc8a621164a620fa14e47c6b116131f0a3f
+EBUILD apache-2.4.27-r1.ebuild 7751 SHA256 d40f1ec93debfd1807f6a8480584836fea988684220eb8ba5eec8065cf09c241 SHA512 aa93a1a4d18fca111289b47cc4cc81371c75ba578746e8c5c3078f3a7cb824e229ec90d1ba81bc6f81eb66e53d45665a50c273f3c4c528c365b4a3e49b9e0973 WHIRLPOOL 2c2011e1d1bd6eb497a507ff4a9a7f11e24bfa1b9344ec9eca7ee19925b7f6821c45ffbfda8012e2217ce34ffba71a1b86a4664708ac8f516f6ca634972be850
+EBUILD apache-2.4.27.ebuild 7761 SHA256 02a0e6b6d8150ee9766e9e1462ccff5036e00f97cda6540daa4bde08d356bca9 SHA512 efb043984a186acfa87e5cdbef60a65b16d33e870010d2c55ace8e7c9356202bdaec8c6c89586a1664967f27b57f0baaaf62da217c2168d9db0381ed564c1083 WHIRLPOOL 16b20195bede9c2c70451a58ba8fd8b85294a66f24a022feb683cd49719dd6cfc2dc43d451a50539727a6ba1fe5bb0a066cdb5a62fe8c4516b0b342bfe49536f
+EBUILD apache-2.4.28.ebuild 7767 SHA256 e3ac8d458f9a64c1e20b31428ffe2586215a5a61387be9585a8a5cf10e02d7df SHA512 18d72e8d5d107cb127a29752ae507df58b2c2c5c2a01cce9fc85efd18fb75fd2121d2511793036144883425ef2f0054e66f09df2d728f29fda92d13a803918f0 WHIRLPOOL 496f1e3320beaa065b1a9057d507f9a51c2809500f7c39839466dc1d3fb68832ed9041719ab8229819f9d23a9b08060e2287d5fbbf36c89707e4d247f5232d70
+MISC ChangeLog 13802 SHA256 23fdf1fc5c8aedb3511251cc41d097c99895ab24e50f48377fe91a39c17b9ddc SHA512 1b92ff6422e0db92f25546ffc37b1d2200060959cb7f1af91159e08b181d66df45baae15df31586a3333877e78cc49e2fa3621a950f52193e43e861fc03babf0 WHIRLPOOL 42e008d07b470d3620d2bfd02049f97463f4dfffe9756bbcde277eb4c1b6ce21f6b2a0f8853226166510012316e22ca3a4b730180c18aa692a929041dc127830
+MISC ChangeLog-2008 105137 SHA256 4afec18ad3c76df40314edb37b5512f81ca6223c38a899534d9d15342481accf SHA512 92dfd339b1c4ddec29222076a597220dc7faa504e2ee770339892f155febbf34004e60395f9eb21b43d3b1feb5f362c2946b69cc65151b5ba00fb53b35ccb9c6 WHIRLPOOL 89d77300aafb53ae0632904118064de19313fe51f635512314471e845574e7a624a770ae4ca4e335cff67d4fee92e062d28ef985a54c577a1b8b3ea0f621c0f8
+MISC ChangeLog-2015 30572 SHA256 2608174e0cdfe351d5c8d25d21cbe9c6b7b98c6de9ee6d04da23c3de9fb95d6b SHA512 b76aaa5b8bc20f2fb45346e5d6f1f094e9f6b6f740054755bdc0399f581c78fd0c087f183ca756a63a08e8d96eedb292ffc4d2f6ddc00c8374435866e15fac9b WHIRLPOOL 8dd5292ae8fa15422c6d663420e7655cb13247380831d2f147dfdd0deaa51d6899e1c7f3b8ae9ae111074c8464e0bd94a38d491981ce84fc6268ab83c0af9396
+MISC metadata.xml 3360 SHA256 0a01a693df933e8ffeaf0795636a135cfd140dca0681b107cbde13920b516f86 SHA512 acbaf64bdaf376e4e1be9134878faf0d000d77138fe9b20f93d3c69d43d65c5e6817522f52b95028e47d1d9a2448c4ae8c1961acd90a31d6515c5e158db3364f WHIRLPOOL 1ee3e882c38d777a67ce4eb5cba9fd8a269f2feecb8b17ace06485179effd7e123b7e3235da5f40e0ea7840dbe1ea14d5eef2199a535c4661fe6105bcf156ef3
diff --git a/www-servers/apache/apache-2.2.31-r1.ebuild b/www-servers/apache/apache-2.2.31-r1.ebuild
new file mode 100644
index 000000000000..7aa6f4ad3c01
--- /dev/null
+++ b/www-servers/apache/apache-2.2.31-r1.ebuild
@@ -0,0 +1,118 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+# latest gentoo apache files
+GENTOO_PATCHSTAMP="20140922"
+GENTOO_DEVELOPER="polynomial-c"
+GENTOO_PATCHNAME="gentoo-apache-2.2.29"
+
+# IUSE/USE_EXPAND magic
+IUSE_MPMS_FORK="itk peruser prefork"
+IUSE_MPMS_THREAD="event worker"
+
+IUSE_MODULES="actions alias asis auth_basic auth_digest authn_alias authn_anon
+authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default
+authz_groupfile authz_host authz_owner authz_user autoindex cache cern_meta
+charset_lite cgi cgid dav dav_fs dav_lock dbd deflate dir disk_cache dumpio
+env expires ext_filter file_cache filter headers ident imagemap include info
+log_config log_forensic logio mem_cache mime mime_magic negotiation proxy
+proxy_ajp proxy_balancer proxy_connect proxy_ftp proxy_http proxy_scgi rewrite
+reqtimeout setenvif speling status substitute unique_id userdir usertrack
+version vhost_alias"
+# The following are also in the source as of this version, but are not available
+# for user selection:
+# bucketeer case_filter case_filter_in echo http isapi optional_fn_export
+# optional_fn_import optional_hook_export optional_hook_import
+
+# inter-module dependencies
+# TODO: this may still be incomplete
+MODULE_DEPENDS="
+ dav_fs:dav
+ dav_lock:dav
+ deflate:filter
+ disk_cache:cache
+ ext_filter:filter
+ file_cache:cache
+ log_forensic:log_config
+ logio:log_config
+ mem_cache:cache
+ mime_magic:mime
+ proxy_ajp:proxy
+ proxy_balancer:proxy
+ proxy_connect:proxy
+ proxy_ftp:proxy
+ proxy_http:proxy
+ proxy_scgi:proxy
+ substitute:filter
+"
+
+# module<->define mappings
+MODULE_DEFINES="
+ auth_digest:AUTH_DIGEST
+ authnz_ldap:AUTHNZ_LDAP
+ cache:CACHE
+ dav:DAV
+ dav_fs:DAV
+ dav_lock:DAV
+ disk_cache:CACHE
+ file_cache:CACHE
+ info:INFO
+ ldap:LDAP
+ mem_cache:CACHE
+ proxy:PROXY
+ proxy_ajp:PROXY
+ proxy_balancer:PROXY
+ proxy_connect:PROXY
+ proxy_ftp:PROXY
+ proxy_http:PROXY
+ ssl:SSL
+ status:STATUS
+ suexec:SUEXEC
+ userdir:USERDIR
+"
+
+# critical modules for the default config
+MODULE_CRITICAL="
+ authz_host
+ dir
+ mime
+"
+
+inherit apache-2 systemd toolchain-funcs
+
+DESCRIPTION="The Apache Web Server"
+HOMEPAGE="https://httpd.apache.org/"
+
+# some helper scripts are Apache-1.1, thus both are here
+LICENSE="Apache-2.0 Apache-1.1"
+SLOT="2"
+KEYWORDS="alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
+IUSE=""
+
+PATCHES=(
+ "${FILESDIR}/${PN}-asf-httpoxy.patch"
+)
+
+src_configure() {
+ # Brain dead check.
+ tc-is-cross-compiler && export ap_cv_void_ptr_lt_long="no"
+
+ apache-2_src_configure
+}
+
+src_install() {
+ apache-2_src_install
+
+ # install apxs in /usr/bin (bug #502384) and put a symlink into the
+ # old location until all ebuilds and eclasses have been modified to
+ # use the new location.
+ local apxs_dir="/usr/bin"
+ dodir ${apxs_dir}
+ mv "${D}"/usr/sbin/apxs "${D}"${apxs_dir} || die
+ ln -s ../bin/apxs "${D}"/usr/sbin/apxs || die
+
+ systemd_newunit "${FILESDIR}/apache2.2.service" "apache2.service"
+ systemd_dotmpfilesd "${FILESDIR}/apache.conf"
+}
diff --git a/www-servers/apache/apache-2.2.34.ebuild b/www-servers/apache/apache-2.2.34.ebuild
new file mode 100644
index 000000000000..0aad98f00777
--- /dev/null
+++ b/www-servers/apache/apache-2.2.34.ebuild
@@ -0,0 +1,114 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=5
+
+# latest gentoo apache files
+GENTOO_PATCHSTAMP="20170918"
+GENTOO_DEVELOPER="whissi"
+GENTOO_PATCHNAME="gentoo-apache-2.2.34"
+
+# IUSE/USE_EXPAND magic
+IUSE_MPMS_FORK="itk peruser prefork"
+IUSE_MPMS_THREAD="event worker"
+
+IUSE_MODULES="actions alias asis auth_basic auth_digest authn_alias authn_anon
+authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default
+authz_groupfile authz_host authz_owner authz_user autoindex cache cern_meta
+charset_lite cgi cgid dav dav_fs dav_lock dbd deflate dir disk_cache dumpio
+env expires ext_filter file_cache filter headers ident imagemap include info
+log_config log_forensic logio mem_cache mime mime_magic negotiation proxy
+proxy_ajp proxy_balancer proxy_connect proxy_ftp proxy_http proxy_scgi rewrite
+reqtimeout setenvif speling status substitute unique_id userdir usertrack
+version vhost_alias"
+# The following are also in the source as of this version, but are not available
+# for user selection:
+# bucketeer case_filter case_filter_in echo http isapi optional_fn_export
+# optional_fn_import optional_hook_export optional_hook_import
+
+# inter-module dependencies
+# TODO: this may still be incomplete
+MODULE_DEPENDS="
+ dav_fs:dav
+ dav_lock:dav
+ deflate:filter
+ disk_cache:cache
+ ext_filter:filter
+ file_cache:cache
+ log_forensic:log_config
+ logio:log_config
+ mem_cache:cache
+ mime_magic:mime
+ proxy_ajp:proxy
+ proxy_balancer:proxy
+ proxy_connect:proxy
+ proxy_ftp:proxy
+ proxy_http:proxy
+ proxy_scgi:proxy
+ substitute:filter
+"
+
+# module<->define mappings
+MODULE_DEFINES="
+ auth_digest:AUTH_DIGEST
+ authnz_ldap:AUTHNZ_LDAP
+ cache:CACHE
+ dav:DAV
+ dav_fs:DAV
+ dav_lock:DAV
+ disk_cache:CACHE
+ file_cache:CACHE
+ info:INFO
+ ldap:LDAP
+ mem_cache:CACHE
+ proxy:PROXY
+ proxy_ajp:PROXY
+ proxy_balancer:PROXY
+ proxy_connect:PROXY
+ proxy_ftp:PROXY
+ proxy_http:PROXY
+ ssl:SSL
+ status:STATUS
+ suexec:SUEXEC
+ userdir:USERDIR
+"
+
+# critical modules for the default config
+MODULE_CRITICAL="
+ authz_host
+ dir
+ mime
+"
+
+inherit apache-2 systemd toolchain-funcs
+
+DESCRIPTION="The Apache Web Server"
+HOMEPAGE="https://httpd.apache.org/"
+
+# some helper scripts are Apache-1.1, thus both are here
+LICENSE="Apache-2.0 Apache-1.1"
+SLOT="2"
+KEYWORDS="~alpha amd64 ~arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
+IUSE=""
+
+src_configure() {
+ # Brain dead check.
+ tc-is-cross-compiler && export ap_cv_void_ptr_lt_long="no"
+
+ apache-2_src_configure
+}
+
+src_install() {
+ apache-2_src_install
+
+ # install apxs in /usr/bin (bug #502384) and put a symlink into the
+ # old location until all ebuilds and eclasses have been modified to
+ # use the new location.
+ local apxs_dir="/usr/bin"
+ dodir ${apxs_dir}
+ mv "${D}"/usr/sbin/apxs "${D}"${apxs_dir} || die
+ ln -s ../bin/apxs "${D}"/usr/sbin/apxs || die
+
+ systemd_newunit "${FILESDIR}/apache2.2.service" "apache2.service"
+ systemd_dotmpfilesd "${FILESDIR}/apache.conf"
+}
diff --git a/www-servers/apache/apache-2.4.27-r1.ebuild b/www-servers/apache/apache-2.4.27-r1.ebuild
new file mode 100644
index 000000000000..960206e6c476
--- /dev/null
+++ b/www-servers/apache/apache-2.4.27-r1.ebuild
@@ -0,0 +1,238 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+# latest gentoo apache files
+GENTOO_PATCHSTAMP="20170918"
+GENTOO_DEVELOPER="whissi"
+GENTOO_PATCHNAME="gentoo-apache-2.4.27"
+
+# IUSE/USE_EXPAND magic
+IUSE_MPMS_FORK="prefork"
+IUSE_MPMS_THREAD="event worker"
+
+# << obsolete modules:
+# authn_default authz_default mem_cache
+# mem_cache is replaced by cache_disk
+# ?? buggy modules
+# proxy_scgi: startup error: undefined symbol "ap_proxy_release_connection", no fix found
+# >> added modules for reason:
+# compat: compatibility with 2.2 access control
+# authz_host: new module for access control
+# authn_core: functionality provided by authn_alias in previous versions
+# authz_core: new module, provides core authorization capabilities
+# cache_disk: replacement for mem_cache
+# lbmethod_byrequests: Split off from mod_proxy_balancer in 2.3
+# lbmethod_bytraffic: Split off from mod_proxy_balancer in 2.3
+# lbmethod_bybusyness: Split off from mod_proxy_balancer in 2.3
+# lbmethod_heartbeat: Split off from mod_proxy_balancer in 2.3
+# slotmem_shm: Slot-based shared memory provider (for lbmethod_byrequests).
+# socache_shmcb: shared object cache provider. Default config with ssl needs it
+# unixd: fixes startup error: Invalid command 'User'
+IUSE_MODULES="access_compat actions alias asis auth_basic auth_digest
+authn_alias authn_anon authn_core authn_dbd authn_dbm authn_file authz_core
+authz_dbd authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex
+cache cache_disk cache_socache cern_meta charset_lite cgi cgid dav dav_fs dav_lock
+dbd deflate dir dumpio env expires ext_filter file_cache filter headers http2
+ident imagemap include info lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness
+lbmethod_heartbeat log_config log_forensic logio macro mime mime_magic negotiation
+proxy proxy_ajp proxy_balancer proxy_connect proxy_ftp proxy_html proxy_http proxy_scgi
+proxy_fcgi proxy_wstunnel rewrite ratelimit remoteip reqtimeout setenvif
+slotmem_shm speling socache_shmcb status substitute unique_id userdir usertrack
+unixd version vhost_alias xml2enc"
+# The following are also in the source as of this version, but are not available
+# for user selection:
+# bucketeer case_filter case_filter_in echo http isapi optional_fn_export
+# optional_fn_import optional_hook_export optional_hook_import
+
+# inter-module dependencies
+# TODO: this may still be incomplete
+MODULE_DEPENDS="
+ dav_fs:dav
+ dav_lock:dav
+ deflate:filter
+ cache_disk:cache
+ ext_filter:filter
+ file_cache:cache
+ lbmethod_byrequests:proxy_balancer
+ lbmethod_byrequests:slotmem_shm
+ lbmethod_bytraffic:proxy_balancer
+ lbmethod_bybusyness:proxy_balancer
+ lbmethod_heartbeat:proxy_balancer
+ log_forensic:log_config
+ logio:log_config
+ cache_disk:cache
+ cache_socache:cache
+ mime_magic:mime
+ proxy_ajp:proxy
+ proxy_balancer:proxy
+ proxy_balancer:slotmem_shm
+ proxy_connect:proxy
+ proxy_ftp:proxy
+ proxy_html:proxy
+ proxy_html:xml2enc
+ proxy_http:proxy
+ proxy_scgi:proxy
+ proxy_fcgi:proxy
+ proxy_wstunnel:proxy
+ substitute:filter
+"
+
+# module<->define mappings
+MODULE_DEFINES="
+ auth_digest:AUTH_DIGEST
+ authnz_ldap:AUTHNZ_LDAP
+ cache:CACHE
+ cache_disk:CACHE
+ cache_socache:CACHE
+ dav:DAV
+ dav_fs:DAV
+ dav_lock:DAV
+ file_cache:CACHE
+ http2:HTTP2
+ info:INFO
+ ldap:LDAP
+ proxy:PROXY
+ proxy_ajp:PROXY
+ proxy_balancer:PROXY
+ proxy_connect:PROXY
+ proxy_ftp:PROXY
+ proxy_html:PROXY
+ proxy_http:PROXY
+ proxy_fcgi:PROXY
+ proxy_scgi:PROXY
+ proxy_wstunnel:PROXY
+ socache_shmcb:SSL
+ ssl:SSL
+ status:STATUS
+ suexec:SUEXEC
+ userdir:USERDIR
+"
+
+# critical modules for the default config
+MODULE_CRITICAL="
+ authn_core
+ authz_core
+ authz_host
+ dir
+ mime
+ unixd
+"
+inherit eutils apache-2 systemd toolchain-funcs
+
+DESCRIPTION="The Apache Web Server"
+HOMEPAGE="https://httpd.apache.org/"
+
+# some helper scripts are Apache-1.1, thus both are here
+LICENSE="Apache-2.0 Apache-1.1"
+SLOT="2"
+KEYWORDS="~alpha amd64 ~arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x64-macos ~x86-macos ~m68k-mint ~sparc64-solaris ~x64-solaris"
+
+DEPEND+="apache2_modules_http2? ( >=net-libs/nghttp2-1.2.1 )"
+
+REQUIRED_USE="apache2_modules_http2? ( ssl )"
+
+pkg_setup() {
+ # dependend critical modules which are not allowed in global scope due
+ # to USE flag conditionals (bug #499260)
+ use ssl && MODULE_CRITICAL+=" socache_shmcb"
+ use doc && MODULE_CRITICAL+=" alias negotiation setenvif"
+ apache-2_pkg_setup
+}
+
+src_configure() {
+ # Brain dead check.
+ tc-is-cross-compiler && export ap_cv_void_ptr_lt_long="no"
+
+ apache-2_src_configure
+}
+
+src_compile() {
+ if tc-is-cross-compiler; then
+ # This header is the same across targets, so use the build compiler.
+ pushd server >/dev/null
+ emake gen_test_char
+ tc-export_build_env BUILD_CC
+ ${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_CPPFLAGS} ${BUILD_LDFLAGS} \
+ gen_test_char.c -o gen_test_char $(apr-1-config --includes) || die
+ popd >/dev/null
+ fi
+
+ default
+}
+
+src_install() {
+ apache-2_src_install
+ for i in /usr/bin/{htdigest,logresolve,htpasswd,htdbm,ab,httxt2dbm}; do
+ rm "${ED}"/$i || die "Failed to prune apache-tools bits"
+ done
+ for i in /usr/share/man/man8/{rotatelogs.8,htcacheclean.8}; do
+ rm "${ED}"/$i || die "Failed to prune apache-tools bits"
+ done
+ for i in /usr/share/man/man1/{logresolve.1,htdbm.1,htdigest.1,htpasswd.1,dbmmanage.1,ab.1}; do
+ rm "${ED}"/$i || die "Failed to prune apache-tools bits"
+ done
+ for i in /usr/sbin/{checkgid,fcgistarter,htcacheclean,rotatelogs}; do
+ rm "${ED}/"$i || die "Failed to prune apache-tools bits"
+ done
+
+ # install apxs in /usr/bin (bug #502384) and put a symlink into the
+ # old location until all ebuilds and eclasses have been modified to
+ # use the new location.
+ local apxs="/usr/bin/apxs"
+ cp "${S}"/support/apxs "${ED%/}/${apxs}" || die "Failed to install apxs"
+ ln -s ../bin/apxs "${ED%/}/usr/sbin/apxs" || die
+ chmod 0755 "${ED%/}${apxs}" || die
+
+ # Note: wait for mod_systemd to be included in some forthcoming release,
+ # Then apache2.4.service can be used and systemd support controlled
+ # through --enable-systemd
+ systemd_newunit "${FILESDIR}/apache2.2-hardened.service" "apache2.service"
+ systemd_dotmpfilesd "${FILESDIR}/apache.conf"
+ #insinto /etc/apache2/modules.d
+ #doins "${FILESDIR}/00_systemd.conf"
+
+ # Install http2 module config
+ insinto /etc/apache2/modules.d
+ doins "${FILESDIR}"/41_mod_http2.conf
+}
+
+pkg_postinst() {
+ apache-2_pkg_postinst || die "apache-2_pkg_postinst failed"
+ # warnings that default config might not work out of the box
+ for mod in $MODULE_CRITICAL; do
+ if ! use "apache2_modules_${mod}"; then
+ echo
+ ewarn "Warning: Critical module not installed!"
+ ewarn "Modules 'authn_core', 'authz_core' and 'unixd'"
+ ewarn "are highly recomended but might not be in the base profile yet."
+ ewarn "Default config for ssl needs module 'socache_shmcb'."
+ ewarn "Enabling the following flags is highly recommended:"
+ for cmod in $MODULE_CRITICAL; do
+ use "apache2_modules_${cmod}" || \
+ ewarn "+ apache2_modules_${cmod}"
+ done
+ echo
+ break
+ fi
+ done
+ # warning for proxy_balancer and missing load balancing scheduler
+ if use apache2_modules_proxy_balancer; then
+ local lbset=
+ for mod in lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness lbmethod_heartbeat; do
+ if use "apache2_modules_${mod}"; then
+ lbset=1 && break
+ fi
+ done
+ if [ ! ${lbset} ] ; then
+ echo
+ ewarn "Info: Missing load balancing scheduler algorithm module"
+ ewarn "(They were split off from proxy_balancer in 2.3)"
+ ewarn "In order to get the ability of load balancing, at least"
+ ewarn "one of these modules has to be present:"
+ ewarn "lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness lbmethod_heartbeat"
+ echo
+ fi
+ fi
+}
diff --git a/www-servers/apache/apache-2.4.27.ebuild b/www-servers/apache/apache-2.4.27.ebuild
new file mode 100644
index 000000000000..90b38c3e0a0b
--- /dev/null
+++ b/www-servers/apache/apache-2.4.27.ebuild
@@ -0,0 +1,238 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+# latest gentoo apache files
+GENTOO_PATCHSTAMP="20160303"
+GENTOO_DEVELOPER="polynomial-c"
+GENTOO_PATCHNAME="gentoo-apache-2.4.18-r1"
+
+# IUSE/USE_EXPAND magic
+IUSE_MPMS_FORK="prefork"
+IUSE_MPMS_THREAD="event worker"
+
+# << obsolete modules:
+# authn_default authz_default mem_cache
+# mem_cache is replaced by cache_disk
+# ?? buggy modules
+# proxy_scgi: startup error: undefined symbol "ap_proxy_release_connection", no fix found
+# >> added modules for reason:
+# compat: compatibility with 2.2 access control
+# authz_host: new module for access control
+# authn_core: functionality provided by authn_alias in previous versions
+# authz_core: new module, provides core authorization capabilities
+# cache_disk: replacement for mem_cache
+# lbmethod_byrequests: Split off from mod_proxy_balancer in 2.3
+# lbmethod_bytraffic: Split off from mod_proxy_balancer in 2.3
+# lbmethod_bybusyness: Split off from mod_proxy_balancer in 2.3
+# lbmethod_heartbeat: Split off from mod_proxy_balancer in 2.3
+# slotmem_shm: Slot-based shared memory provider (for lbmethod_byrequests).
+# socache_shmcb: shared object cache provider. Default config with ssl needs it
+# unixd: fixes startup error: Invalid command 'User'
+IUSE_MODULES="access_compat actions alias asis auth_basic auth_digest
+authn_alias authn_anon authn_core authn_dbd authn_dbm authn_file authz_core
+authz_dbd authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex
+cache cache_disk cache_socache cern_meta charset_lite cgi cgid dav dav_fs dav_lock
+dbd deflate dir dumpio env expires ext_filter file_cache filter headers http2
+ident imagemap include info lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness
+lbmethod_heartbeat log_config log_forensic logio macro mime mime_magic negotiation
+proxy proxy_ajp proxy_balancer proxy_connect proxy_ftp proxy_html proxy_http proxy_scgi
+proxy_fcgi proxy_wstunnel rewrite ratelimit remoteip reqtimeout setenvif
+slotmem_shm speling socache_shmcb status substitute unique_id userdir usertrack
+unixd version vhost_alias xml2enc"
+# The following are also in the source as of this version, but are not available
+# for user selection:
+# bucketeer case_filter case_filter_in echo http isapi optional_fn_export
+# optional_fn_import optional_hook_export optional_hook_import
+
+# inter-module dependencies
+# TODO: this may still be incomplete
+MODULE_DEPENDS="
+ dav_fs:dav
+ dav_lock:dav
+ deflate:filter
+ cache_disk:cache
+ ext_filter:filter
+ file_cache:cache
+ lbmethod_byrequests:proxy_balancer
+ lbmethod_byrequests:slotmem_shm
+ lbmethod_bytraffic:proxy_balancer
+ lbmethod_bybusyness:proxy_balancer
+ lbmethod_heartbeat:proxy_balancer
+ log_forensic:log_config
+ logio:log_config
+ cache_disk:cache
+ cache_socache:cache
+ mime_magic:mime
+ proxy_ajp:proxy
+ proxy_balancer:proxy
+ proxy_balancer:slotmem_shm
+ proxy_connect:proxy
+ proxy_ftp:proxy
+ proxy_html:proxy
+ proxy_html:xml2enc
+ proxy_http:proxy
+ proxy_scgi:proxy
+ proxy_fcgi:proxy
+ proxy_wstunnel:proxy
+ substitute:filter
+"
+
+# module<->define mappings
+MODULE_DEFINES="
+ auth_digest:AUTH_DIGEST
+ authnz_ldap:AUTHNZ_LDAP
+ cache:CACHE
+ cache_disk:CACHE
+ cache_socache:CACHE
+ dav:DAV
+ dav_fs:DAV
+ dav_lock:DAV
+ file_cache:CACHE
+ http2:HTTP2
+ info:INFO
+ ldap:LDAP
+ proxy:PROXY
+ proxy_ajp:PROXY
+ proxy_balancer:PROXY
+ proxy_connect:PROXY
+ proxy_ftp:PROXY
+ proxy_html:PROXY
+ proxy_http:PROXY
+ proxy_fcgi:PROXY
+ proxy_scgi:PROXY
+ proxy_wstunnel:PROXY
+ socache_shmcb:SSL
+ ssl:SSL
+ status:STATUS
+ suexec:SUEXEC
+ userdir:USERDIR
+"
+
+# critical modules for the default config
+MODULE_CRITICAL="
+ authn_core
+ authz_core
+ authz_host
+ dir
+ mime
+ unixd
+"
+inherit eutils apache-2 systemd toolchain-funcs
+
+DESCRIPTION="The Apache Web Server"
+HOMEPAGE="https://httpd.apache.org/"
+
+# some helper scripts are Apache-1.1, thus both are here
+LICENSE="Apache-2.0 Apache-1.1"
+SLOT="2"
+KEYWORDS="alpha amd64 arm ~arm64 ~hppa ia64 ~mips ~ppc ~ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x64-macos ~x86-macos ~m68k-mint ~sparc64-solaris ~x64-solaris"
+
+DEPEND+="apache2_modules_http2? ( >=net-libs/nghttp2-1.2.1 )"
+
+REQUIRED_USE="apache2_modules_http2? ( ssl )"
+
+pkg_setup() {
+ # dependend critical modules which are not allowed in global scope due
+ # to USE flag conditionals (bug #499260)
+ use ssl && MODULE_CRITICAL+=" socache_shmcb"
+ use doc && MODULE_CRITICAL+=" alias negotiation setenvif"
+ apache-2_pkg_setup
+}
+
+src_configure() {
+ # Brain dead check.
+ tc-is-cross-compiler && export ap_cv_void_ptr_lt_long="no"
+
+ apache-2_src_configure
+}
+
+src_compile() {
+ if tc-is-cross-compiler; then
+ # This header is the same across targets, so use the build compiler.
+ pushd server >/dev/null
+ emake gen_test_char
+ tc-export_build_env BUILD_CC
+ ${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_CPPFLAGS} ${BUILD_LDFLAGS} \
+ gen_test_char.c -o gen_test_char $(apr-1-config --includes) || die
+ popd >/dev/null
+ fi
+
+ default
+}
+
+src_install() {
+ apache-2_src_install
+ for i in /usr/bin/{htdigest,logresolve,htpasswd,htdbm,ab,httxt2dbm}; do
+ rm "${ED}"/$i || die "Failed to prune apache-tools bits"
+ done
+ for i in /usr/share/man/man8/{rotatelogs.8,htcacheclean.8}; do
+ rm "${ED}"/$i || die "Failed to prune apache-tools bits"
+ done
+ for i in /usr/share/man/man1/{logresolve.1,htdbm.1,htdigest.1,htpasswd.1,dbmmanage.1,ab.1}; do
+ rm "${ED}"/$i || die "Failed to prune apache-tools bits"
+ done
+ for i in /usr/sbin/{checkgid,fcgistarter,htcacheclean,rotatelogs}; do
+ rm "${ED}/"$i || die "Failed to prune apache-tools bits"
+ done
+
+ # install apxs in /usr/bin (bug #502384) and put a symlink into the
+ # old location until all ebuilds and eclasses have been modified to
+ # use the new location.
+ local apxs="/usr/bin/apxs"
+ cp "${S}"/support/apxs "${ED%/}/${apxs}" || die "Failed to install apxs"
+ ln -s ../bin/apxs "${ED%/}/usr/sbin/apxs" || die
+ chmod 0755 "${ED%/}${apxs}" || die
+
+ # Note: wait for mod_systemd to be included in some forthcoming release,
+ # Then apache2.4.service can be used and systemd support controlled
+ # through --enable-systemd
+ systemd_newunit "${FILESDIR}/apache2.2-hardened.service" "apache2.service"
+ systemd_dotmpfilesd "${FILESDIR}/apache.conf"
+ #insinto /etc/apache2/modules.d
+ #doins "${FILESDIR}/00_systemd.conf"
+
+ # Install http2 module config
+ insinto /etc/apache2/modules.d
+ doins "${FILESDIR}"/41_mod_http2.conf
+}
+
+pkg_postinst() {
+ apache-2_pkg_postinst || die "apache-2_pkg_postinst failed"
+ # warnings that default config might not work out of the box
+ for mod in $MODULE_CRITICAL; do
+ if ! use "apache2_modules_${mod}"; then
+ echo
+ ewarn "Warning: Critical module not installed!"
+ ewarn "Modules 'authn_core', 'authz_core' and 'unixd'"
+ ewarn "are highly recomended but might not be in the base profile yet."
+ ewarn "Default config for ssl needs module 'socache_shmcb'."
+ ewarn "Enabling the following flags is highly recommended:"
+ for cmod in $MODULE_CRITICAL; do
+ use "apache2_modules_${cmod}" || \
+ ewarn "+ apache2_modules_${cmod}"
+ done
+ echo
+ break
+ fi
+ done
+ # warning for proxy_balancer and missing load balancing scheduler
+ if use apache2_modules_proxy_balancer; then
+ local lbset=
+ for mod in lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness lbmethod_heartbeat; do
+ if use "apache2_modules_${mod}"; then
+ lbset=1 && break
+ fi
+ done
+ if [ ! ${lbset} ] ; then
+ echo
+ ewarn "Info: Missing load balancing scheduler algorithm module"
+ ewarn "(They were split off from proxy_balancer in 2.3)"
+ ewarn "In order to get the ability of load balancing, at least"
+ ewarn "one of these modules has to be present:"
+ ewarn "lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness lbmethod_heartbeat"
+ echo
+ fi
+ fi
+}
diff --git a/www-servers/apache/apache-2.4.28.ebuild b/www-servers/apache/apache-2.4.28.ebuild
new file mode 100644
index 000000000000..33dec2f1025a
--- /dev/null
+++ b/www-servers/apache/apache-2.4.28.ebuild
@@ -0,0 +1,238 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+# latest gentoo apache files
+GENTOO_PATCHSTAMP="20160303"
+GENTOO_DEVELOPER="polynomial-c"
+GENTOO_PATCHNAME="gentoo-apache-2.4.18-r1"
+
+# IUSE/USE_EXPAND magic
+IUSE_MPMS_FORK="prefork"
+IUSE_MPMS_THREAD="event worker"
+
+# << obsolete modules:
+# authn_default authz_default mem_cache
+# mem_cache is replaced by cache_disk
+# ?? buggy modules
+# proxy_scgi: startup error: undefined symbol "ap_proxy_release_connection", no fix found
+# >> added modules for reason:
+# compat: compatibility with 2.2 access control
+# authz_host: new module for access control
+# authn_core: functionality provided by authn_alias in previous versions
+# authz_core: new module, provides core authorization capabilities
+# cache_disk: replacement for mem_cache
+# lbmethod_byrequests: Split off from mod_proxy_balancer in 2.3
+# lbmethod_bytraffic: Split off from mod_proxy_balancer in 2.3
+# lbmethod_bybusyness: Split off from mod_proxy_balancer in 2.3
+# lbmethod_heartbeat: Split off from mod_proxy_balancer in 2.3
+# slotmem_shm: Slot-based shared memory provider (for lbmethod_byrequests).
+# socache_shmcb: shared object cache provider. Default config with ssl needs it
+# unixd: fixes startup error: Invalid command 'User'
+IUSE_MODULES="access_compat actions alias asis auth_basic auth_digest
+authn_alias authn_anon authn_core authn_dbd authn_dbm authn_file authz_core
+authz_dbd authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex
+cache cache_disk cache_socache cern_meta charset_lite cgi cgid dav dav_fs dav_lock
+dbd deflate dir dumpio env expires ext_filter file_cache filter headers http2
+ident imagemap include info lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness
+lbmethod_heartbeat log_config log_forensic logio macro mime mime_magic negotiation
+proxy proxy_ajp proxy_balancer proxy_connect proxy_ftp proxy_html proxy_http proxy_scgi
+proxy_fcgi proxy_wstunnel rewrite ratelimit remoteip reqtimeout setenvif
+slotmem_shm speling socache_shmcb status substitute unique_id userdir usertrack
+unixd version vhost_alias xml2enc"
+# The following are also in the source as of this version, but are not available
+# for user selection:
+# bucketeer case_filter case_filter_in echo http isapi optional_fn_export
+# optional_fn_import optional_hook_export optional_hook_import
+
+# inter-module dependencies
+# TODO: this may still be incomplete
+MODULE_DEPENDS="
+ dav_fs:dav
+ dav_lock:dav
+ deflate:filter
+ cache_disk:cache
+ ext_filter:filter
+ file_cache:cache
+ lbmethod_byrequests:proxy_balancer
+ lbmethod_byrequests:slotmem_shm
+ lbmethod_bytraffic:proxy_balancer
+ lbmethod_bybusyness:proxy_balancer
+ lbmethod_heartbeat:proxy_balancer
+ log_forensic:log_config
+ logio:log_config
+ cache_disk:cache
+ cache_socache:cache
+ mime_magic:mime
+ proxy_ajp:proxy
+ proxy_balancer:proxy
+ proxy_balancer:slotmem_shm
+ proxy_connect:proxy
+ proxy_ftp:proxy
+ proxy_html:proxy
+ proxy_html:xml2enc
+ proxy_http:proxy
+ proxy_scgi:proxy
+ proxy_fcgi:proxy
+ proxy_wstunnel:proxy
+ substitute:filter
+"
+
+# module<->define mappings
+MODULE_DEFINES="
+ auth_digest:AUTH_DIGEST
+ authnz_ldap:AUTHNZ_LDAP
+ cache:CACHE
+ cache_disk:CACHE
+ cache_socache:CACHE
+ dav:DAV
+ dav_fs:DAV
+ dav_lock:DAV
+ file_cache:CACHE
+ http2:HTTP2
+ info:INFO
+ ldap:LDAP
+ proxy:PROXY
+ proxy_ajp:PROXY
+ proxy_balancer:PROXY
+ proxy_connect:PROXY
+ proxy_ftp:PROXY
+ proxy_html:PROXY
+ proxy_http:PROXY
+ proxy_fcgi:PROXY
+ proxy_scgi:PROXY
+ proxy_wstunnel:PROXY
+ socache_shmcb:SSL
+ ssl:SSL
+ status:STATUS
+ suexec:SUEXEC
+ userdir:USERDIR
+"
+
+# critical modules for the default config
+MODULE_CRITICAL="
+ authn_core
+ authz_core
+ authz_host
+ dir
+ mime
+ unixd
+"
+inherit eutils apache-2 systemd toolchain-funcs
+
+DESCRIPTION="The Apache Web Server"
+HOMEPAGE="https://httpd.apache.org/"
+
+# some helper scripts are Apache-1.1, thus both are here
+LICENSE="Apache-2.0 Apache-1.1"
+SLOT="2"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x64-macos ~x86-macos ~m68k-mint ~sparc64-solaris ~x64-solaris"
+
+DEPEND+="apache2_modules_http2? ( >=net-libs/nghttp2-1.2.1 )"
+
+REQUIRED_USE="apache2_modules_http2? ( ssl )"
+
+pkg_setup() {
+ # dependend critical modules which are not allowed in global scope due
+ # to USE flag conditionals (bug #499260)
+ use ssl && MODULE_CRITICAL+=" socache_shmcb"
+ use doc && MODULE_CRITICAL+=" alias negotiation setenvif"
+ apache-2_pkg_setup
+}
+
+src_configure() {
+ # Brain dead check.
+ tc-is-cross-compiler && export ap_cv_void_ptr_lt_long="no"
+
+ apache-2_src_configure
+}
+
+src_compile() {
+ if tc-is-cross-compiler; then
+ # This header is the same across targets, so use the build compiler.
+ pushd server >/dev/null
+ emake gen_test_char
+ tc-export_build_env BUILD_CC
+ ${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_CPPFLAGS} ${BUILD_LDFLAGS} \
+ gen_test_char.c -o gen_test_char $(apr-1-config --includes) || die
+ popd >/dev/null
+ fi
+
+ default
+}
+
+src_install() {
+ apache-2_src_install
+ for i in /usr/bin/{htdigest,logresolve,htpasswd,htdbm,ab,httxt2dbm}; do
+ rm "${ED}"/$i || die "Failed to prune apache-tools bits"
+ done
+ for i in /usr/share/man/man8/{rotatelogs.8,htcacheclean.8}; do
+ rm "${ED}"/$i || die "Failed to prune apache-tools bits"
+ done
+ for i in /usr/share/man/man1/{logresolve.1,htdbm.1,htdigest.1,htpasswd.1,dbmmanage.1,ab.1}; do
+ rm "${ED}"/$i || die "Failed to prune apache-tools bits"
+ done
+ for i in /usr/sbin/{checkgid,fcgistarter,htcacheclean,rotatelogs}; do
+ rm "${ED}/"$i || die "Failed to prune apache-tools bits"
+ done
+
+ # install apxs in /usr/bin (bug #502384) and put a symlink into the
+ # old location until all ebuilds and eclasses have been modified to
+ # use the new location.
+ local apxs="/usr/bin/apxs"
+ cp "${S}"/support/apxs "${ED%/}/${apxs}" || die "Failed to install apxs"
+ ln -s ../bin/apxs "${ED%/}/usr/sbin/apxs" || die
+ chmod 0755 "${ED%/}${apxs}" || die
+
+ # Note: wait for mod_systemd to be included in some forthcoming release,
+ # Then apache2.4.service can be used and systemd support controlled
+ # through --enable-systemd
+ systemd_newunit "${FILESDIR}/apache2.2-hardened.service" "apache2.service"
+ systemd_dotmpfilesd "${FILESDIR}/apache.conf"
+ #insinto /etc/apache2/modules.d
+ #doins "${FILESDIR}/00_systemd.conf"
+
+ # Install http2 module config
+ insinto /etc/apache2/modules.d
+ doins "${FILESDIR}"/41_mod_http2.conf
+}
+
+pkg_postinst() {
+ apache-2_pkg_postinst || die "apache-2_pkg_postinst failed"
+ # warnings that default config might not work out of the box
+ for mod in $MODULE_CRITICAL; do
+ if ! use "apache2_modules_${mod}"; then
+ echo
+ ewarn "Warning: Critical module not installed!"
+ ewarn "Modules 'authn_core', 'authz_core' and 'unixd'"
+ ewarn "are highly recomended but might not be in the base profile yet."
+ ewarn "Default config for ssl needs module 'socache_shmcb'."
+ ewarn "Enabling the following flags is highly recommended:"
+ for cmod in $MODULE_CRITICAL; do
+ use "apache2_modules_${cmod}" || \
+ ewarn "+ apache2_modules_${cmod}"
+ done
+ echo
+ break
+ fi
+ done
+ # warning for proxy_balancer and missing load balancing scheduler
+ if use apache2_modules_proxy_balancer; then
+ local lbset=
+ for mod in lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness lbmethod_heartbeat; do
+ if use "apache2_modules_${mod}"; then
+ lbset=1 && break
+ fi
+ done
+ if [ ! ${lbset} ] ; then
+ echo
+ ewarn "Info: Missing load balancing scheduler algorithm module"
+ ewarn "(They were split off from proxy_balancer in 2.3)"
+ ewarn "In order to get the ability of load balancing, at least"
+ ewarn "one of these modules has to be present:"
+ ewarn "lbmethod_byrequests lbmethod_bytraffic lbmethod_bybusyness lbmethod_heartbeat"
+ echo
+ fi
+ fi
+}
diff --git a/www-servers/apache/files/41_mod_http2.conf b/www-servers/apache/files/41_mod_http2.conf
new file mode 100644
index 000000000000..e4c9454e0127
--- /dev/null
+++ b/www-servers/apache/files/41_mod_http2.conf
@@ -0,0 +1,9 @@
+<IfDefine SSL>
+ <IfModule http2_module>
+ # enable debugging for this module
+ #LogLevel http2:info
+
+ #Enable HTTP/2 support
+ Protocols h2 h2c http/1.1
+ </IfModule>
+</IfDefine>
diff --git a/www-servers/apache/files/apache-asf-httpoxy.patch b/www-servers/apache/files/apache-asf-httpoxy.patch
new file mode 100644
index 000000000000..68e3d869a77e
--- /dev/null
+++ b/www-servers/apache/files/apache-asf-httpoxy.patch
@@ -0,0 +1,20 @@
+https://bugs.gentoo.org/589226
+https://www.apache.org/security/asf-httpoxy-response.txt
+
+--- server/util_script.c (revision 1752426)
++++ server/util_script.c (working copy)
+@@ -186,6 +186,14 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r
+ else if (!strcasecmp(hdrs[i].key, "Content-length")) {
+ apr_table_addn(e, "CONTENT_LENGTH", hdrs[i].val);
+ }
++ /* HTTP_PROXY collides with a popular envvar used to configure
++ * proxies, don't let clients set/override it. But, if you must...
++ */
++#ifndef SECURITY_HOLE_PASS_PROXY
++ else if (!strcasecmp(hdrs[i].key, "Proxy")) {
++ ;
++ }
++#endif
+ /*
+ * You really don't want to disable this check, since it leaves you
+ * wide open to CGIs stealing passwords and people viewing them
diff --git a/www-servers/apache/files/apache.conf b/www-servers/apache/files/apache.conf
new file mode 100644
index 000000000000..56e23aefaf8e
--- /dev/null
+++ b/www-servers/apache/files/apache.conf
@@ -0,0 +1,2 @@
+d /run/apache2 710 root apache
+d /run/apache_ssl_mutex
diff --git a/www-servers/apache/files/apache2.2-hardened.service b/www-servers/apache/files/apache2.2-hardened.service
new file mode 100644
index 000000000000..7a512a733e72
--- /dev/null
+++ b/www-servers/apache/files/apache2.2-hardened.service
@@ -0,0 +1,27 @@
+[Unit]
+Description=The Apache HTTP Server
+After=network.target remote-fs.target nss-lookup.target
+
+[Service]
+EnvironmentFile=/etc/conf.d/apache2
+ExecStart=/usr/sbin/apache2 $APACHE2_OPTS -DFOREGROUND
+ExecReload=/usr/sbin/apache2 $APACHE2_OPTS -k graceful
+ExecStop=/usr/sbin/apache2 $APACHE2_OPTS -k graceful-stop
+# We want systemd to give httpd some time to finish gracefully, but still want
+# it to kill httpd after TimeoutStopSec if something went wrong during the
+# graceful stop. Normally, Systemd sends SIGTERM signal right after the
+# ExecStop, which would kill httpd. We are sending useless SIGCONT here to give
+# httpd time to finish.
+KillSignal=SIGCONT
+PrivateTmp=true
+#Hardening
+PrivateTmp=true
+CapabilityBoundingSet=CAP_CHOWN CAP_SETGID CAP_SETUID CAP_DAC_OVERRIDE CAP_KILL CAP_NET_BIND_SERVICE CAP_IPC_LOCK
+SecureBits=noroot-locked
+ProtectSystem=full
+NoNewPrivileges=true
+PrivateDevices=true
+MemoryDenyWriteExecute=true
+
+[Install]
+WantedBy=multi-user.target
diff --git a/www-servers/apache/files/apache2.2.service b/www-servers/apache/files/apache2.2.service
new file mode 100644
index 000000000000..76f783a423b9
--- /dev/null
+++ b/www-servers/apache/files/apache2.2.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=The Apache HTTP Server
+After=network.target remote-fs.target nss-lookup.target
+
+[Service]
+EnvironmentFile=/etc/conf.d/apache2
+ExecStart=/usr/sbin/apache2 $APACHE2_OPTS -DFOREGROUND
+ExecReload=/usr/sbin/apache2 $APACHE2_OPTS -k graceful
+ExecStop=/usr/sbin/apache2 $APACHE2_OPTS -k graceful-stop
+# We want systemd to give httpd some time to finish gracefully, but still want
+# it to kill httpd after TimeoutStopSec if something went wrong during the
+# graceful stop. Normally, Systemd sends SIGTERM signal right after the
+# ExecStop, which would kill httpd. We are sending useless SIGCONT here to give
+# httpd time to finish.
+KillSignal=SIGCONT
+PrivateTmp=true
+
+[Install]
+WantedBy=multi-user.target
diff --git a/www-servers/apache/metadata.xml b/www-servers/apache/metadata.xml
new file mode 100644
index 000000000000..631209d0e12f
--- /dev/null
+++ b/www-servers/apache/metadata.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>polynomial-c@gentoo.org</email>
+ <name>Lars Wendler</name>
+ </maintainer>
+ <longdescription>
+ The Apache HTTP Server Project is an effort to develop and maintain an
+ open-source HTTP server for modern operating systems. The goal of this
+ project is to provide a secure, efficient and extensible server that
+ provides HTTP services in sync with the current HTTP standards.
+ </longdescription>
+ <use>
+ <flag name="suexec">Install suexec with apache</flag>
+ <flag name="static">Link in apache2 modules statically rather then plugins</flag>
+ <flag name="apache2_modules_access_compat">Group authorizations based on host (name or IP address). Available as a compatibility module with previous versions.</flag>
+ <flag name="apache2_modules_authn_core">Provides core authentication capabilities common to all authentication providers (functionality provided by authn_alias in previous versions).</flag>
+ <flag name="apache2_modules_authz_core">Provides core authorization capabilities to various authorization/authorization modules, such as authn_file and authz_user.</flag>
+ <flag name="apache2_modules_authz_dbd">Provides authorization capabilities via SQL database so that authenticated users can be allowed or denied access to portions of the web site by group membership.</flag>
+ <flag name="apache2_modules_cache_disk">Disk based storage module for the HTTP caching filter (similar to mem_cache in previous versions).</flag>
+ <flag name="apache2_modules_cache_socache">Shared object cache (socache) based storage module for the HTTP caching filter.</flag>
+ <flag name="apache2_modules_proxy_html">Module to rewrite links in html pages behind a reverse proxy</flag>
+ <flag name="apache2_modules_http2">Enable http2/alpn module</flag>
+ <flag name="apache2_modules_lbmethod_byrequests">Request counting load balancer scheduler algorithm for proxy_balancer.</flag>
+ <flag name="apache2_modules_lbmethod_bytraffic">Weighted traffic counting load balancer scheduler algorithm for proxy_balancer.</flag>
+ <flag name="apache2_modules_lbmethod_bybusyness">Pending request counting load balancer scheduler algorithm for proxy_balancer.</flag>
+ <flag name="apache2_modules_lbmethod_heartbeat">Heartbeat traffic counting load balancer scheduler algorithm for proxy_balancer.</flag>
+ <flag name="apache2_modules_macro">Macros for the Apache config file.</flag>
+ <flag name="apache2_modules_slotmem_shm">Slot-based shared memory provider.</flag>
+ <flag name="apache2_modules_socache_shmcb">A shared object cache provider using a high-performance cyclic buffer inside a shared memory segment.</flag>
+ <flag name="apache2_modules_unixd">Basic (required) security for Unix-family platforms.</flag>
+ <flag name="apache2_modules_proxy_fcgi">FCGI support module for mod_proxy.</flag>
+ <flag name="apache2_modules_proxy_wstunnel">Provides support for the tunnelling of web socket connections to a backend websockets server.</flag>
+ <flag name="apache2_modules_ratelimit">Ratelimit module for transfer rate management</flag>
+ <flag name="apache2_modules_remoteip">Remotip module for logging</flag>
+ <flag name="apache2_modules_xml2enc">Enable xml2 encoding module</flag>
+ </use>
+</pkgmetadata>