aboutsummaryrefslogtreecommitdiffstats
path: root/meta-webserver
AgeCommit message (Collapse)Author
2019-10-05apache2: fix multilib file conflictsKai Kang
There are errors of apache2 about files conflicts when multilib enabled: | Error: Transaction check error: | file /etc/apache2/extra/httpd-ssl.conf conflicts between attempted installs of lib32-apache2-2.4.41-r0.core2_32 and apache2-2.4.41-r0.core2_64 | file /etc/apache2/httpd.conf conflicts between attempted installs of lib32-apache2-2.4.41-r0.core2_32 and apache2-2.4.41-r0.core2_64 | file /usr/sbin/envvars conflicts between attempted installs of lib32-apache2-2.4.41-r0.core2_32 and apache2-2.4.41-r0.core2_64 | file /usr/sbin/envvars-std conflicts between attempted installs of lib32-apache2-2.4.41-r0.core2_32 and apache2-2.4.41-r0.core2_64 It makes libexecdir point to ${libdir}. Reset to ${libexecdir} which could eliminate file conflicts of the conf files. And remove /usr/sbin/envvars and /usr/sbin/envvars-std which only used by apachectl. They only add standard library path ${libdir} to LD_LIBRARY_PATH, so remove them to avoid multilib file conflicts. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 8d4d608b4e937bb3b8e3b260bd75338c3ff7e8fd) Signed-off-by: Armin Kuster <akuster808@gmail.com>
2019-09-02apache2: upgrade 2.4.39 -> 2.4.41Yi Zhao
Security fixes: CVE-2019-10081 CVE-2019-9517 CVE-2019-10098 CVE-2019-10092 CVE-2019-10097 CVE-2019-10082 See: http://www.apache.org/dist/httpd/CHANGES_2.4.41 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2019-05-18phpmyadmin: upgrade 4.8.3 -> 4.8.5Yi Zhao
Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2019-05-07README: updated Maintainers list for WarriorArmin Kuster
Signed-off-by: Armin Kuster <akuster808@gmail.com> [v2] bump bitbake to warrior version [v3] remove bitbake ref from meta-filesystems [v4] remove thud from LAYERSERIES_COMPAT Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-04-29apache2: add back patch for set perlbinChangqing Li
Add back this patch. Without this patch, apxs's shebang will use perl under hosttools, which can be too long for shebang, and cause error: bad interpreter: No such file or directory Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-04-27apache2: Correct packaging of build and doc related filesPeter Kjellerstedt
The build related files (${datadir}/${BPN}/build and ${bindir}/apxs) belong in the -dev package, and the manual belong in the -doc package. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-04-27apache2: Correct appending to SYSROOT_PREPROCESS_FUNCSPeter Kjellerstedt
A missing space lead to problems if something else was already added to SYSROOT_PREPROCESS_FUNCS. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-04-16apache-websocket: upgrade to latest git revYi Zhao
Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-04-16apache2: upgrade 2.4.34 -> 2.4.39Yi Zhao
* Drop apache2-native recipe. Add native to BBCLASSEXTEND in apache2 recipe. * Refresh patches. Drop CVE-2018-11763.patch and apache-configure_perlbin.patch * Cleanup recipe file. Remove obsolete code. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-04-01layer.conf: Add warrior to compatible release seriesKhem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-03-29apache2: set CVE_PRODUCTQi.Chen@windriver.com
Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-03-07netdata: Link with libpthreadKhem Raj
Fixes global_statistics.c:90: undefined reference to `__atomic_fetch_add_2' | collect2: error: ld returned 1 exit status Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-02-18xdebug: upgrade 2.6.1 -> 2.7.0RC2Changqing Li
License-Update: Change http://xdebug.org to https://xdebug.org everywhere php upgrade to 3.7.2, 2.6.1 not support php 3.x, need upgrade to 2.7 which support php 3.x. Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-01-19nginx: add default proxy_paramsAndré Draszik
As per Debian packaging - to use it, see https://wiki.debian.org/Nginx/DirectoryStructure#Extra_Parameters This file is most commonly included when Nginx is acting as a reverse proxy: include /etc/nginx/proxy_params; proxy_pass http://localhost:8000; Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-01-19nginx: configuration updateAndré Draszik
Restructure the main configuration file to simplify custom configuration: * support inclusion of configuration fragments from subdirectories: - /etc/nginx/modules-enabled/*.conf - /etc/nginx/conf.d/*.conf - /etc/nginx/sites-enabled/* * default site (port 80): - move into /etc/nginx/sites-available/default_server and enable via symlink in /etc/nginx/sites-enabled/ - listen on IPv6 - drop unneeded example fragments * configure and enable gzip * update TLS settings to drop SSLv3 and enable TLSv1.3 for some safer defaults * update remaining bits to follow Debian standard configuration https://salsa.debian.org/nginx-team/nginx/blob/62a54a8ba66ee6cc1b4f8a33dab9a6f27a3fdac4/debian/conf/nginx.conf * drop unneeded example configuration bits from /etc/nginx/*.default These changes, in particular the configuration fragment support allow to easily customise nginx based on individual requirements. In addition, it is now possible for other recipes / packages to drop fragments into the respective directories in /etc/nginx without having to meddle with /etc/nginx/nginx.conf Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-01-19nginx: update systemd unit using nginx recommendationAndré Draszik
Our systemd unit doesn't follow the official recommendation, see https://www.nginx.com/resources/wiki/start/topics/examples/systemd/ Most importantly: * it should start after some additional specific targets/units * using PrivateTmp is a useful security feature, in particular to avoid cross domain scripting via the temp folder * using systemd's $MAINPID, we can distinguish between multiple running nginx instances correctly Signed-off-by: André Draszik <andre.draszik@jci.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-01-13meta-webserver: add pkg group and imageArmin Kuster
Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-12-11nginx: update stable version to 1.14.2Andrej Valek
Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-12-10nginx: update to version 1.15.7Andrej Valek
Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-11-02apache2: Fix CVE-2018-11763Mingli Yu
mod_http2: connection IO event handling reworked. Instead of reacting on incoming bytes, the state machine now acts on incoming frames that are affecting it. This reduces state transitions. Reference: https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-11763.html Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-09-30layers: Update layer compatibility to thudKhem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Andreas Müller <schnitzeltony@googlemail.com> Cc: Derek Straka <derek@asterius.io> Cc: Tim Orling <TicoTimo@gmail.com> Cc: Hongxu Jia <hongxu.jia@windriver.com> Cc: Armin Kuster <akuster808@gmail.com> Cc: Joe MacDonald <joe_macdonald@mentor.com> Cc: Andrea Adami <andrea.adami@gmail.com>
2018-09-24nginx: add PACKAGECONFIG[ssl]Max Kellermann
Signed-off-by: Max Kellermann <max.kellermann@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-09-05phpmyadmin: upgrade 4.8.2 -> 4.8.3Yi Zhao
Security fixes: CVE-2018-15605: An issue was discovered in phpMyAdmin before 4.8.3. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-08-24apache2: set files layout to debian styleYi Zhao
The default layout installs log files to /var/apache2/logs. But we assume the log directory is /var/log/apache2 in volatile.conf. Specify the layout to debian style to set the correct the log directory. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-08-21xdebug: upgrade 2.6.0 -> 2.6.1Yi Zhao
Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-08-15nginx: Upgrade to 1.15.2Khem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-08-15nostromo: Add dep on virtual/cryptKhem Raj
glibc 2.28+ this library is not part of libc package Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-08-15hiawatha: Add missing dep on virtual/cryptKhem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-08-15sthttpd: Add dependency on virtual/cryptKhem Raj
This is required with glibc 2.28+ where crypt is no longer part of glibc Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-08-08phpmyadmin: add rdepend to php-cliChangqing Li
phpmyadmin install some bin list below that depend on interpreter php, without rdepend, will report "Not found the interpreter php" /usr/share/phpmyadmin/vendor/phpmyadmin/sql-parser/bin/lint-query /usr/share/phpmyadmin/vendor/phpmyadmin/sql-parser/bin/tokenize-query /usr/share/phpmyadmin/vendor/phpmyadmin/sql-parser/bin/highlight-query Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-07-27apache2: upgrade 2.4.33 -> 2.4.34Yi Zhao
Security fixes: CVE-2018-8011 mod_md: DoS via Coredumps on specially crafted requests CVE-2018-1333 mod_http2: DoS for HTTP/2 connections by specially crafted requests Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-07-12hiawatha: use the correct CMAKE flag to disable TLSDerek Straka
Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-07-12nginx: remove the 1.13 recipe in favor of the new dev branch of 1.5.xDerek Straka
Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-07-12nginx: enable thread pools by defaultDerek Straka
The thread pool feature can be enabled without significant extra binary size. Thread pools can increase performance by an order of magnitude on some configurations Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-07-05apache2: upgrade 2.4.29 -> 2.4.33Yi Zhao
* License-Update: Correctly identify origin of util_pcre.c/ap_regex.h as pcreposix[.ch] and correct LICENSE/NOTICE to match. * Refresh patches with devtool * Drop useless patch apache-ssl-ltmain-rpath.patch * Move all patches to one directory Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-07-03phpmyadmin: upgrade 4.7.9 -> 4.8.2Yi Zhao
License-Update: move js/jquery to js/vendor/jquery Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-06-29apache2: Add PACKAGECONFIG zlib option for mod_deflateHaiqing Bai
The configure options '--enable-deflate' or '--with-z' make the package depends on zlib. PACKAGECONFIG should be defined to clear the dependency. Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-05-30xdebug: add UPSTREAM_CHECK_REGEXYi Zhao
Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-05-26fcgi: Update to 2.4.1+Adrian
Update to latest from upstream. This adds pkg-config support. Fix_EOF_not_declared_issue.patch is obsolete, fix is upstream. Signed-off-by: Adrian Freihofer <adrian.freihofer@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
2018-05-17apache2/sthttpd: add alternatives for docHongxu Jia
There is a failure to install both of sthttpd-doc and apache2-doc to rootfs. ... |Error: Transaction check error: | file /usr/share/man/man1/htpasswd.1 conflicts between attempted installs of sthttpd-doc-2.27.1 -r0.0.armv7ahf_neon and apache2-doc-2.4.27 -r0.0.armv7ahf_neon ... Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-05-17nginx: update latest development version to 1.13.12Derek Straka
Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-05-17nginx: update stable version to 1.14.0Derek Straka
License-Update: Update license file for latest copyright date Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-05-01xdebug: Add missing dep on re2c-nativeKhem Raj
Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-04-13xdebug: update to 2.6.0Armin Kuster
fixes: checking Check for supported PHP versions... configure: error: not supported. Need a PHP version >= 5.5.0 and < 7.2.0 (found 7.2.4) Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-04-13nginx: refresh patchesArmin Kuster
WARNING: nginx-1.12.2-r0 do_patch: Some of the context lines in patches were ignored. This can lead to incorrectly applied patches. The context lines in the patches can be updated with devtool: devtool modify <recipe> devtool finish --force-patch-refresh <recipe> <layer_path> Then the updated patches and the source tree (in devtool's workspace) should be reviewed to make sure the patches apply in the correct place and don't introduce duplicate lines (which can, and does happen when some of the context is ignored). Further information: http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450 Details: Applying patch nginx-cross.patch patching file auto/feature patching file auto/options Hunk #1 succeeded at 386 (offset 33 lines). Hunk #2 succeeded at 580 (offset 35 lines). Hunk #3 succeeded at 599 (offset 22 lines). patching file auto/types/sizeof patching file auto/unix Hunk #1 succeeded at 587 (offset 194 lines). Hunk #2 succeeded at 604 with fuzz 1 (offset 188 lines). Hunk #3 succeeded at 620 with fuzz 2 (offset 188 lines). Now at patch nginx-cross.patch Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-04-13webmin: refresh patchesArmin Kuster
WARNING: webmin-1.850-r0 do_patch: Some of the context lines in patches were ignored. This can lead to incorrectly applied patches. The context lines in the patches can be updated with devtool: devtool modify <recipe> devtool finish --force-patch-refresh <recipe> <layer_path> Then the updated patches and the source tree (in devtool's workspace) should be reviewed to make sure the patches apply in the correct place and don't introduce duplicate lines (which can, and does happen when some of the context is ignored). Further information: http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450 Details: Applying patch nfs-export.patch patching file exports/save_export.cgi Hunk #1 succeeded at 50 (offset 10 lines). Hunk #2 succeeded at 87 with fuzz 2 (offset 17 lines). Now at patch nfs-export.patch Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-04-13apache2: refresh patchesArmin Kuster
WARNING: apache2-2.4.29-r0 do_patch: Some of the context lines in patches were ignored. This can lead to incorrectly applied patches. The context lines in the patches can be updated with devtool: devtool modify <recipe> devtool finish --force-patch-refresh <recipe> <layer_path> Then the updated patches and the source tree (in devtool's workspace) should be reviewed to make sure the patches apply in the correct place and don't introduce duplicate lines (which can, and does happen when some of the context is ignored). Further information: http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450 Details: Applying patch apache-configure_perlbin.patch patching file configure.in Hunk #1 succeeded at 855 with fuzz 2 (offset 217 lines). Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-04-13meta-*: add LAYERSERIES_COMPAT to layer.conf filesMartin Jansa
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-03-16monkey: add a valid upstream check uri and regexDerek Straka
Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Armin Kuster <akuster808@gmail.com>
2018-03-16webmin: add a valid upstream check uri and regexDerek Straka
Signed-off-by: Derek Straka <derek@asterius.io> Signed-off-by: Armin Kuster <akuster808@gmail.com>