[Rt-commit] rt branch, 4.2/apache-2.4, created. rt-4.2.10-188-g1f7a3d2

Alex Vandiver alexmv at bestpractical.com
Tue Mar 10 18:23:07 EDT 2015


The branch, 4.2/apache-2.4 has been created
        at  1f7a3d27fa20af776e3ff16e65a3092774ffa4f6 (commit)

- Log -----------------------------------------------------------------
commit 5e5ab5bad988f8bee3ea94c1b9e8afa8cbd8098d
Author: Alex Vandiver <alexmv at bestpractical.com>
Date:   Tue Mar 10 16:02:40 2015 -0400

    Update the documentation to show the Apache 2.4 config
    
    Apache 2.4 changed the way access control is configured:
        httpd.apache.org/docs/2.4/upgrading.html#access
    
    Include the configuratio nto use in Apache 2.4.

diff --git a/docs/authentication.pod b/docs/authentication.pod
index d62a3d6..26599cd 100644
--- a/docs/authentication.pod
+++ b/docs/authentication.pod
@@ -77,10 +77,15 @@ An example of using LDAP authentication and HTTP Basic auth:
             "ldap://ldap.example.com/dc=example,dc=com"
     </Location>
     <Location /REST/1.0/NoAuth/mail-gateway>
-        Order deny,allow
-        Deny from all
-        Allow from localhost
-        Satisfy any
+        <IfVersion >= 2.4> # For Apache 2.4
+            Require local
+        </IfVersion>
+        <IfVersion < 2.4>  # For Apache 2.2
+            Order deny,allow
+            Deny from all
+            Allow from localhost
+            Satisfy any
+        </IfVersion>
     </Location>
 
 
diff --git a/docs/web_deployment.pod b/docs/web_deployment.pod
index fad3c50..a6cba44 100644
--- a/docs/web_deployment.pod
+++ b/docs/web_deployment.pod
@@ -53,8 +53,13 @@ use Apache to provide authentication.
 
         DocumentRoot "/opt/rt4/share/html"
         <Location />
-            Order allow,deny
-            Allow from all
+            <IfVersion >= 2.4> # For Apache 2.4
+                Require all granted
+            </IfVersion>
+            <IfVersion < 2.4>  # For Apache 2.2
+                Order allow,deny
+                Allow from all
+            </IfVersion>
 
             Options +ExecCGI
             AddHandler fastcgi-script fcgi
@@ -89,8 +94,13 @@ to return to the old default.
 
         DocumentRoot "/opt/rt4/share/html"
         <Location />
-            Order allow,deny
-            Allow from all
+            <IfVersion >= 2.4> # For Apache 2.4
+                Require all granted
+            </IfVersion>
+            <IfVersion < 2.4>  # For Apache 2.2
+                Order allow,deny
+                Allow from all
+            </IfVersion>
 
             Options +ExecCGI
             AddHandler fcgid-script fcgi
@@ -123,8 +133,13 @@ C<SetHandler modperl>, as the example below uses.
 
         DocumentRoot "/opt/rt4/share/html"
         <Location />
-            Order allow,deny
-            Allow from all
+            <IfVersion >= 2.4> # For Apache 2.4
+                Require all granted
+            </IfVersion>
+            <IfVersion < 2.4>  # For Apache 2.2
+                Order allow,deny
+                Allow from all
+            </IfVersion>
 
             SetHandler modperl
             PerlResponseHandler Plack::Handler::Apache2

commit 5b956a27e5eb1ca49f019f6c28319eab6042ad85
Author: Alex Vandiver <alexmv at bestpractical.com>
Date:   Wed Dec 3 15:02:51 2014 -0500

    Compat for Apache 2.4 in devel/tools/rt-apache

diff --git a/devel/tools/rt-apache b/devel/tools/rt-apache
index 40aec13..d1ab476 100755
--- a/devel/tools/rt-apache
+++ b/devel/tools/rt-apache
@@ -284,6 +284,29 @@ Defaults to F</usr/lib/apache2/modules>.
 =cut
 
 __DATA__
+Listen $PORT
+<IfDefine SSL>
+   Listen $SSL
+</IfDefine>
+
+ServerName localhost
+ServerRoot $RTHOME/var
+PidFile    $RTHOME/var/apache2.pid
+<IfVersion < 2.4>
+    LockFile   $RTHOME/var/apache2.lock
+</IfVersion>
+ServerAdmin root at localhost
+
+<IfVersion >= 2.4>
+    LoadModule mpm_prefork_module $MODULES/mod_mpm_prefork.so
+    LoadModule authz_core_module $MODULES/mod_authz_core.so
+</IfVersion>
+LoadModule authz_host_module  $MODULES/mod_authz_host.so
+LoadModule env_module         $MODULES/mod_env.so
+LoadModule alias_module       $MODULES/mod_alias.so
+LoadModule mime_module        $MODULES/mod_mime.so
+TypesConfig $TOOLS/mime.types
+
 <IfDefine SINGLE>
     <IfModule mpm_prefork_module>
         StartServers          1
@@ -304,23 +327,6 @@ __DATA__
     </IfModule>
 </IfDefine>
 
-Listen $PORT
-<IfDefine SSL>
-   Listen $SSL
-</IfDefine>
-
-ServerName localhost
-ServerRoot $RTHOME/var
-PidFile    $RTHOME/var/apache2.pid
-LockFile   $RTHOME/var/apache2.lock
-ServerAdmin root at localhost
-
-LoadModule authz_host_module  $MODULES/mod_authz_host.so
-LoadModule env_module         $MODULES/mod_env.so
-LoadModule alias_module       $MODULES/mod_alias.so
-LoadModule mime_module        $MODULES/mod_mime.so
-TypesConfig $TOOLS/mime.types
-
 <IfDefine PERL>
     LoadModule perl_module    $MODULES/mod_perl.so
 </IfDefine>
@@ -332,6 +338,9 @@ TypesConfig $TOOLS/mime.types
 </IfDefine>
 <IfDefine SSL>
     LoadModule ssl_module     $MODULES/mod_ssl.so
+    <IfVersion >= 2.4>
+        LoadModule socache_shmcb_module $MODULES/mod_socache_shmcb.so
+    </IfVersion>
 </IfDefine>
 
 <IfModule !log_config_module>
@@ -344,18 +353,17 @@ LogLevel notice
 <Directory />
     Options FollowSymLinks
     AllowOverride None
-    Order deny,allow
-    Deny from all
+    <IfVersion >= 2.4>
+        Require all denied
+    </IfVersion>
+    <IfVersion < 2.4>
+        Order deny,allow
+        Deny from all
+    </IfVersion>
 </Directory>
 
 AddDefaultCharset UTF-8
 
-DocumentRoot $RTHOME/share/html
-<Directory $RTHOME/share/html>
-    Order allow,deny
-    Allow from all
-</Directory>
-
 <IfDefine REDIRECT>
     LoadModule rewrite_module $MODULES/mod_rewrite.so
     RewriteEngine on
@@ -363,6 +371,9 @@ DocumentRoot $RTHOME/share/html
 </IfDefine>
 
 <IfDefine AUTH>
+    <IfVersion >= 2.4>
+        LoadModule authn_core_module $MODULES/mod_authn_core.so
+    </IfVersion>
     LoadModule auth_basic_module $MODULES/mod_auth_basic.so
     LoadModule authn_file_module $MODULES/mod_authn_file.so
     LoadModule authz_user_module $MODULES/mod_authz_user.so
@@ -374,8 +385,26 @@ DocumentRoot $RTHOME/share/html
         AuthUserFile $AUTH
     </Location>
     <Location $PATH/REST/1.0/NoAuth/mail-gateway>
-        Allow from localhost
-        Satisfy any
+        <IfVersion >= 2.4>
+            Require local
+        </IfVersion>
+        <IfVersion < 2.4>
+            Order deny,allow
+            Deny from all
+            Allow from localhost
+            Satisfy any
+        </IfVersion>
+    </Location>
+</IfDefine>
+<IfDefine !AUTH>
+    <Location $PATH>
+        <IfVersion >= 2.4>
+            Require all granted
+        </IfVersion>
+        <IfVersion < 2.4>
+            Order allow,deny
+            Allow from all
+        </IfVersion>
     </Location>
 </IfDefine>
 
@@ -384,8 +413,6 @@ DocumentRoot $RTHOME/share/html
 <IfDefine PERL>
     PerlSetEnv RT_SITE_CONFIG $RTHOME/etc/RT_SiteConfig.pm
     <Location $PATH>
-        Order allow,deny
-        Allow from all
         SetHandler modperl
         PerlResponseHandler Plack::Handler::Apache2
         PerlSetVar psgi_app $RTHOME/sbin/rt-server
@@ -402,8 +429,6 @@ DocumentRoot $RTHOME/share/html
     FastCgiServer $RTHOME/sbin/rt-server.fcgi -processes $PROCESSES -idle-timeout 300
     ScriptAlias $PATH $RTHOME/sbin/rt-server.fcgi/
     <Location $PATH>
-        Order allow,deny
-        Allow from all
         Options +ExecCGI
         AddHandler fastcgi-script fcgi
     </Location>
@@ -416,8 +441,6 @@ DocumentRoot $RTHOME/share/html
     FcgidMaxRequestLen 1073741824
     ScriptAlias $PATH $RTHOME/sbin/rt-server.fcgi/
     <Location $PATH>
-        Order allow,deny
-        Allow from all
         Options +ExecCGI
         AddHandler fcgid-script fcgi
     </Location>
@@ -445,8 +468,6 @@ DocumentRoot $RTHOME/share/html
     FastCgiServer $RTHOME/bin/mason_handler.fcgi -processes $PROCESSES -idle-timeout 300
     ScriptAlias $PATH $RTHOME/bin/mason_handler.fcgi/
     <Location $PATH>
-        Order allow,deny
-        Allow from all
         Options +ExecCGI
         AddHandler fastcgi-script fcgi
     </Location>
@@ -459,8 +480,6 @@ DocumentRoot $RTHOME/share/html
     FcgidMaxRequestLen 1073741824
     ScriptAlias $PATH $RTHOME/bin/mason_handler.fcgi/
     <Location $PATH>
-        Order allow,deny
-        Allow from all
         Options +ExecCGI
         AddHandler fcgid-script fcgi
     </Location>
@@ -473,7 +492,9 @@ DocumentRoot $RTHOME/share/html
     SSLRandomSeed connect builtin
     SSLRandomSeed connect file:/dev/urandom 512
     SSLSessionCache shmcb:$RTHOME/var/ssl_scache(512000)
-    SSLMutex file:$RTHOME/var/ssl_mutex
+    <IfVersion < 2.4>
+        SSLMutex file:$RTHOME/var/ssl_mutex
+    </IfVersion>
     <VirtualHost *:$SSL>
         SSLEngine on
         SSLCertificateFile    $TOOLS/localhost.crt

commit 1f7a3d27fa20af776e3ff16e65a3092774ffa4f6
Author: Alex Vandiver <alexmv at bestpractical.com>
Date:   Tue Mar 10 17:34:04 2015 -0400

    Adjust tests to run under Apache 2.4

diff --git a/.gitignore b/.gitignore
index 855514b..d88ec91 100644
--- a/.gitignore
+++ b/.gitignore
@@ -16,8 +16,8 @@
 /lib/RT/Generated.pm
 /Makefile
 /t/data/gnupg/keyrings/random_seed
-/t/data/configs/apache2.2+fastcgi.conf
-/t/data/configs/apache2.2+mod_perl.conf
+/t/data/configs/*.conf
+/t/data/configs/*.conf
 /t/security/embargo/
 /t/tmp/
 /sbin/rt-attributes-viewer
diff --git a/configure.ac b/configure.ac
index 1bcf2ba..e0a686b 100755
--- a/configure.ac
+++ b/configure.ac
@@ -460,6 +460,8 @@ AC_CONFIG_FILES([
                  etc/RT_Config.pm
                  lib/RT/Generated.pm
                  t/data/configs/apache2.2+mod_perl.conf
-                 t/data/configs/apache2.2+fastcgi.conf],
+                 t/data/configs/apache2.2+fastcgi.conf
+                 t/data/configs/apache2.4+mod_perl.conf
+                 t/data/configs/apache2.4+fastcgi.conf],
                )
 AC_OUTPUT
diff --git a/lib/RT/Test/Apache.pm b/lib/RT/Test/Apache.pm
index 29f5ed1..b8b3901 100644
--- a/lib/RT/Test/Apache.pm
+++ b/lib/RT/Test/Apache.pm
@@ -55,6 +55,10 @@ my %MODULES = (
         "mod_perl" => [qw(authz_host env alias perl)],
         "fastcgi"  => [qw(authz_host env alias mime fastcgi)],
     },
+    '2.4' => {
+        "mod_perl" => [qw(mpm_worker authz_core authn_core authz_host env alias perl)],
+        "fastcgi"  => [qw(mpm_worker authz_core authn_core authz_host env alias mime fastcgi)],
+    },
 );
 
 my $apache_module_prefix = $ENV{RT_TEST_APACHE_MODULES};
@@ -192,15 +196,12 @@ sub apache_server_info {
 
     RT::Test::diag("Using '$bin' apache executable for testing");
 
-    my $info = `$bin -V`;
+    my $info = `$bin -v`;
     ($res{'version'}) = ($info =~ m{Server\s+version:\s+Apache/(\d+\.\d+)\.});
     Test::More::BAIL_OUT(
         "Couldn't figure out version of the server"
     ) unless $res{'version'};
 
-    my %opts = ($info =~ m/^\s*-D\s+([A-Z_]+?)(?:="(.*)")$/mg);
-    %res = (%res, %opts);
-
     $res{'modules'} = [
         map {s/^\s+//; s/\s+$//; $_}
         grep $_ !~ /Compiled in modules/i,
@@ -231,6 +232,20 @@ sub apache_server_info {
         $res{'load_modules'} .=
             "LoadModule ${mod}_module $so_file\n";
     }
+
+    # Apache 2.4 wants to fully-parse a config file when running -V,
+    # because the MPM is no longer compiled-in.  Provide a trivial one.
+    require File::Temp;
+    my $tmp = File::Temp->new;
+    my ($mpm) = grep {/^mpm_/} @{$MODULES{$res{version}}{$res{variant}}};
+    print $tmp "LoadModule ${mpm}_module $apache_module_prefix/mod_${mpm}.so\n"
+        if $mpm;
+    print $tmp "ErrorLog /dev/null\n";
+    print $tmp "TransferLog /dev/null\n";
+    close $tmp;
+    $info = `$res{executable} -V -f $tmp`;
+    my %opts = ($info =~ m/^\s*-D\s+([A-Z_]+?)(?:="(.*)")$/mg);
+    %res = (%res, %opts);
     return %res;
 }
 
@@ -249,6 +264,7 @@ sub apache_mpm_type {
     if ( $out =~ /^\s*(worker|prefork|event|itk)\.c\s*$/m ) {
         return $1;
     }
+    return "worker";
 }
 
 sub fork_exec {
diff --git a/t/data/configs/apache2.4+fastcgi.conf.in b/t/data/configs/apache2.4+fastcgi.conf.in
new file mode 100644
index 0000000..665ddc4
--- /dev/null
+++ b/t/data/configs/apache2.4+fastcgi.conf.in
@@ -0,0 +1,48 @@
+ServerRoot %%SERVER_ROOT%%
+PidFile %%PID_FILE%%
+ServerAdmin root at localhost
+
+%%LOAD_MODULES%%
+
+<IfModule !mpm_netware_module>
+<IfModule !mpm_winnt_module>
+User @WEB_USER@
+Group @WEB_GROUP@
+</IfModule>
+</IfModule>
+
+ServerName localhost
+Listen %%LISTEN%%
+
+ErrorLog "%%LOG_FILE%%"
+LogLevel debug
+
+<Directory />
+    Options FollowSymLinks
+    AllowOverride None
+    Require all denied
+</Directory>
+
+AddDefaultCharset UTF-8
+
+FastCgiServer %%RT_SBIN_PATH%%/rt-server.fcgi \
+    -socket %%TMP_DIR%%/socket \
+    -processes 1 \
+    -idle-timeout 180 \
+    -initial-env RT_SITE_CONFIG=%%RT_SITE_CONFIG%% \
+    -initial-env RT_TESTING=1
+
+ScriptAlias / %%RT_SBIN_PATH%%/rt-server.fcgi/
+
+DocumentRoot "%%DOCUMENT_ROOT%%"
+<Location />
+
+    <RequireAll>
+        Require all granted
+%%BASIC_AUTH%%
+    </RequireAll>
+
+    Options +ExecCGI
+    AddHandler fastcgi-script fcgi
+</Location>
+
diff --git a/t/data/configs/apache2.4+mod_perl.conf.in b/t/data/configs/apache2.4+mod_perl.conf.in
new file mode 100644
index 0000000..eb144cb
--- /dev/null
+++ b/t/data/configs/apache2.4+mod_perl.conf.in
@@ -0,0 +1,66 @@
+<IfModule mpm_prefork_module>
+    StartServers          1
+    MinSpareServers       1
+    MaxSpareServers       1
+    MaxClients            1
+    MaxRequestsPerChild   0
+</IfModule>
+
+<IfModule mpm_worker_module>
+    StartServers          1
+    MinSpareThreads       1
+    MaxSpareThreads       1
+    ThreadLimit           1
+    ThreadsPerChild       1
+    MaxClients            1
+    MaxRequestsPerChild   0
+</IfModule>
+
+ServerRoot %%SERVER_ROOT%%
+PidFile %%PID_FILE%%
+ServerAdmin root at localhost
+
+%%LOAD_MODULES%%
+
+<IfModule !mpm_netware_module>
+<IfModule !mpm_winnt_module>
+User @WEB_USER@
+Group @WEB_GROUP@
+</IfModule>
+</IfModule>
+
+ServerName localhost
+Listen %%LISTEN%%
+
+ErrorLog "%%LOG_FILE%%"
+LogLevel debug
+
+<Directory />
+    Options FollowSymLinks
+    AllowOverride None
+    Require all denied
+</Directory>
+
+AddDefaultCharset UTF-8
+PerlSetEnv RT_SITE_CONFIG %%RT_SITE_CONFIG%%
+
+DocumentRoot "%%DOCUMENT_ROOT%%"
+<Location />
+
+    <RequireAll>
+        Require all granted
+%%BASIC_AUTH%%
+    </RequireAll>
+
+    SetHandler modperl
+
+    PerlResponseHandler Plack::Handler::Apache2
+    PerlSetVar psgi_app %%RT_SBIN_PATH%%/rt-server
+</Location>
+
+<Perl>
+    $ENV{RT_TESTING}=1;
+    use Plack::Handler::Apache2;
+    Plack::Handler::Apache2->preload("%%RT_SBIN_PATH%%/rt-server");
+</Perl>
+

-----------------------------------------------------------------------


More information about the rt-commit mailing list