[Rt-commit] rt branch, 4.2/apache-2.4, created. rt-4.2.10-188-g1f7a3d2
Alex Vandiver
alexmv at bestpractical.com
Tue Mar 10 18:23:07 EDT 2015
The branch, 4.2/apache-2.4 has been created
at 1f7a3d27fa20af776e3ff16e65a3092774ffa4f6 (commit)
- Log -----------------------------------------------------------------
commit 5e5ab5bad988f8bee3ea94c1b9e8afa8cbd8098d
Author: Alex Vandiver <alexmv at bestpractical.com>
Date: Tue Mar 10 16:02:40 2015 -0400
Update the documentation to show the Apache 2.4 config
Apache 2.4 changed the way access control is configured:
httpd.apache.org/docs/2.4/upgrading.html#access
Include the configuratio nto use in Apache 2.4.
diff --git a/docs/authentication.pod b/docs/authentication.pod
index d62a3d6..26599cd 100644
--- a/docs/authentication.pod
+++ b/docs/authentication.pod
@@ -77,10 +77,15 @@ An example of using LDAP authentication and HTTP Basic auth:
"ldap://ldap.example.com/dc=example,dc=com"
</Location>
<Location /REST/1.0/NoAuth/mail-gateway>
- Order deny,allow
- Deny from all
- Allow from localhost
- Satisfy any
+ <IfVersion >= 2.4> # For Apache 2.4
+ Require local
+ </IfVersion>
+ <IfVersion < 2.4> # For Apache 2.2
+ Order deny,allow
+ Deny from all
+ Allow from localhost
+ Satisfy any
+ </IfVersion>
</Location>
diff --git a/docs/web_deployment.pod b/docs/web_deployment.pod
index fad3c50..a6cba44 100644
--- a/docs/web_deployment.pod
+++ b/docs/web_deployment.pod
@@ -53,8 +53,13 @@ use Apache to provide authentication.
DocumentRoot "/opt/rt4/share/html"
<Location />
- Order allow,deny
- Allow from all
+ <IfVersion >= 2.4> # For Apache 2.4
+ Require all granted
+ </IfVersion>
+ <IfVersion < 2.4> # For Apache 2.2
+ Order allow,deny
+ Allow from all
+ </IfVersion>
Options +ExecCGI
AddHandler fastcgi-script fcgi
@@ -89,8 +94,13 @@ to return to the old default.
DocumentRoot "/opt/rt4/share/html"
<Location />
- Order allow,deny
- Allow from all
+ <IfVersion >= 2.4> # For Apache 2.4
+ Require all granted
+ </IfVersion>
+ <IfVersion < 2.4> # For Apache 2.2
+ Order allow,deny
+ Allow from all
+ </IfVersion>
Options +ExecCGI
AddHandler fcgid-script fcgi
@@ -123,8 +133,13 @@ C<SetHandler modperl>, as the example below uses.
DocumentRoot "/opt/rt4/share/html"
<Location />
- Order allow,deny
- Allow from all
+ <IfVersion >= 2.4> # For Apache 2.4
+ Require all granted
+ </IfVersion>
+ <IfVersion < 2.4> # For Apache 2.2
+ Order allow,deny
+ Allow from all
+ </IfVersion>
SetHandler modperl
PerlResponseHandler Plack::Handler::Apache2
commit 5b956a27e5eb1ca49f019f6c28319eab6042ad85
Author: Alex Vandiver <alexmv at bestpractical.com>
Date: Wed Dec 3 15:02:51 2014 -0500
Compat for Apache 2.4 in devel/tools/rt-apache
diff --git a/devel/tools/rt-apache b/devel/tools/rt-apache
index 40aec13..d1ab476 100755
--- a/devel/tools/rt-apache
+++ b/devel/tools/rt-apache
@@ -284,6 +284,29 @@ Defaults to F</usr/lib/apache2/modules>.
=cut
__DATA__
+Listen $PORT
+<IfDefine SSL>
+ Listen $SSL
+</IfDefine>
+
+ServerName localhost
+ServerRoot $RTHOME/var
+PidFile $RTHOME/var/apache2.pid
+<IfVersion < 2.4>
+ LockFile $RTHOME/var/apache2.lock
+</IfVersion>
+ServerAdmin root at localhost
+
+<IfVersion >= 2.4>
+ LoadModule mpm_prefork_module $MODULES/mod_mpm_prefork.so
+ LoadModule authz_core_module $MODULES/mod_authz_core.so
+</IfVersion>
+LoadModule authz_host_module $MODULES/mod_authz_host.so
+LoadModule env_module $MODULES/mod_env.so
+LoadModule alias_module $MODULES/mod_alias.so
+LoadModule mime_module $MODULES/mod_mime.so
+TypesConfig $TOOLS/mime.types
+
<IfDefine SINGLE>
<IfModule mpm_prefork_module>
StartServers 1
@@ -304,23 +327,6 @@ __DATA__
</IfModule>
</IfDefine>
-Listen $PORT
-<IfDefine SSL>
- Listen $SSL
-</IfDefine>
-
-ServerName localhost
-ServerRoot $RTHOME/var
-PidFile $RTHOME/var/apache2.pid
-LockFile $RTHOME/var/apache2.lock
-ServerAdmin root at localhost
-
-LoadModule authz_host_module $MODULES/mod_authz_host.so
-LoadModule env_module $MODULES/mod_env.so
-LoadModule alias_module $MODULES/mod_alias.so
-LoadModule mime_module $MODULES/mod_mime.so
-TypesConfig $TOOLS/mime.types
-
<IfDefine PERL>
LoadModule perl_module $MODULES/mod_perl.so
</IfDefine>
@@ -332,6 +338,9 @@ TypesConfig $TOOLS/mime.types
</IfDefine>
<IfDefine SSL>
LoadModule ssl_module $MODULES/mod_ssl.so
+ <IfVersion >= 2.4>
+ LoadModule socache_shmcb_module $MODULES/mod_socache_shmcb.so
+ </IfVersion>
</IfDefine>
<IfModule !log_config_module>
@@ -344,18 +353,17 @@ LogLevel notice
<Directory />
Options FollowSymLinks
AllowOverride None
- Order deny,allow
- Deny from all
+ <IfVersion >= 2.4>
+ Require all denied
+ </IfVersion>
+ <IfVersion < 2.4>
+ Order deny,allow
+ Deny from all
+ </IfVersion>
</Directory>
AddDefaultCharset UTF-8
-DocumentRoot $RTHOME/share/html
-<Directory $RTHOME/share/html>
- Order allow,deny
- Allow from all
-</Directory>
-
<IfDefine REDIRECT>
LoadModule rewrite_module $MODULES/mod_rewrite.so
RewriteEngine on
@@ -363,6 +371,9 @@ DocumentRoot $RTHOME/share/html
</IfDefine>
<IfDefine AUTH>
+ <IfVersion >= 2.4>
+ LoadModule authn_core_module $MODULES/mod_authn_core.so
+ </IfVersion>
LoadModule auth_basic_module $MODULES/mod_auth_basic.so
LoadModule authn_file_module $MODULES/mod_authn_file.so
LoadModule authz_user_module $MODULES/mod_authz_user.so
@@ -374,8 +385,26 @@ DocumentRoot $RTHOME/share/html
AuthUserFile $AUTH
</Location>
<Location $PATH/REST/1.0/NoAuth/mail-gateway>
- Allow from localhost
- Satisfy any
+ <IfVersion >= 2.4>
+ Require local
+ </IfVersion>
+ <IfVersion < 2.4>
+ Order deny,allow
+ Deny from all
+ Allow from localhost
+ Satisfy any
+ </IfVersion>
+ </Location>
+</IfDefine>
+<IfDefine !AUTH>
+ <Location $PATH>
+ <IfVersion >= 2.4>
+ Require all granted
+ </IfVersion>
+ <IfVersion < 2.4>
+ Order allow,deny
+ Allow from all
+ </IfVersion>
</Location>
</IfDefine>
@@ -384,8 +413,6 @@ DocumentRoot $RTHOME/share/html
<IfDefine PERL>
PerlSetEnv RT_SITE_CONFIG $RTHOME/etc/RT_SiteConfig.pm
<Location $PATH>
- Order allow,deny
- Allow from all
SetHandler modperl
PerlResponseHandler Plack::Handler::Apache2
PerlSetVar psgi_app $RTHOME/sbin/rt-server
@@ -402,8 +429,6 @@ DocumentRoot $RTHOME/share/html
FastCgiServer $RTHOME/sbin/rt-server.fcgi -processes $PROCESSES -idle-timeout 300
ScriptAlias $PATH $RTHOME/sbin/rt-server.fcgi/
<Location $PATH>
- Order allow,deny
- Allow from all
Options +ExecCGI
AddHandler fastcgi-script fcgi
</Location>
@@ -416,8 +441,6 @@ DocumentRoot $RTHOME/share/html
FcgidMaxRequestLen 1073741824
ScriptAlias $PATH $RTHOME/sbin/rt-server.fcgi/
<Location $PATH>
- Order allow,deny
- Allow from all
Options +ExecCGI
AddHandler fcgid-script fcgi
</Location>
@@ -445,8 +468,6 @@ DocumentRoot $RTHOME/share/html
FastCgiServer $RTHOME/bin/mason_handler.fcgi -processes $PROCESSES -idle-timeout 300
ScriptAlias $PATH $RTHOME/bin/mason_handler.fcgi/
<Location $PATH>
- Order allow,deny
- Allow from all
Options +ExecCGI
AddHandler fastcgi-script fcgi
</Location>
@@ -459,8 +480,6 @@ DocumentRoot $RTHOME/share/html
FcgidMaxRequestLen 1073741824
ScriptAlias $PATH $RTHOME/bin/mason_handler.fcgi/
<Location $PATH>
- Order allow,deny
- Allow from all
Options +ExecCGI
AddHandler fcgid-script fcgi
</Location>
@@ -473,7 +492,9 @@ DocumentRoot $RTHOME/share/html
SSLRandomSeed connect builtin
SSLRandomSeed connect file:/dev/urandom 512
SSLSessionCache shmcb:$RTHOME/var/ssl_scache(512000)
- SSLMutex file:$RTHOME/var/ssl_mutex
+ <IfVersion < 2.4>
+ SSLMutex file:$RTHOME/var/ssl_mutex
+ </IfVersion>
<VirtualHost *:$SSL>
SSLEngine on
SSLCertificateFile $TOOLS/localhost.crt
commit 1f7a3d27fa20af776e3ff16e65a3092774ffa4f6
Author: Alex Vandiver <alexmv at bestpractical.com>
Date: Tue Mar 10 17:34:04 2015 -0400
Adjust tests to run under Apache 2.4
diff --git a/.gitignore b/.gitignore
index 855514b..d88ec91 100644
--- a/.gitignore
+++ b/.gitignore
@@ -16,8 +16,8 @@
/lib/RT/Generated.pm
/Makefile
/t/data/gnupg/keyrings/random_seed
-/t/data/configs/apache2.2+fastcgi.conf
-/t/data/configs/apache2.2+mod_perl.conf
+/t/data/configs/*.conf
+/t/data/configs/*.conf
/t/security/embargo/
/t/tmp/
/sbin/rt-attributes-viewer
diff --git a/configure.ac b/configure.ac
index 1bcf2ba..e0a686b 100755
--- a/configure.ac
+++ b/configure.ac
@@ -460,6 +460,8 @@ AC_CONFIG_FILES([
etc/RT_Config.pm
lib/RT/Generated.pm
t/data/configs/apache2.2+mod_perl.conf
- t/data/configs/apache2.2+fastcgi.conf],
+ t/data/configs/apache2.2+fastcgi.conf
+ t/data/configs/apache2.4+mod_perl.conf
+ t/data/configs/apache2.4+fastcgi.conf],
)
AC_OUTPUT
diff --git a/lib/RT/Test/Apache.pm b/lib/RT/Test/Apache.pm
index 29f5ed1..b8b3901 100644
--- a/lib/RT/Test/Apache.pm
+++ b/lib/RT/Test/Apache.pm
@@ -55,6 +55,10 @@ my %MODULES = (
"mod_perl" => [qw(authz_host env alias perl)],
"fastcgi" => [qw(authz_host env alias mime fastcgi)],
},
+ '2.4' => {
+ "mod_perl" => [qw(mpm_worker authz_core authn_core authz_host env alias perl)],
+ "fastcgi" => [qw(mpm_worker authz_core authn_core authz_host env alias mime fastcgi)],
+ },
);
my $apache_module_prefix = $ENV{RT_TEST_APACHE_MODULES};
@@ -192,15 +196,12 @@ sub apache_server_info {
RT::Test::diag("Using '$bin' apache executable for testing");
- my $info = `$bin -V`;
+ my $info = `$bin -v`;
($res{'version'}) = ($info =~ m{Server\s+version:\s+Apache/(\d+\.\d+)\.});
Test::More::BAIL_OUT(
"Couldn't figure out version of the server"
) unless $res{'version'};
- my %opts = ($info =~ m/^\s*-D\s+([A-Z_]+?)(?:="(.*)")$/mg);
- %res = (%res, %opts);
-
$res{'modules'} = [
map {s/^\s+//; s/\s+$//; $_}
grep $_ !~ /Compiled in modules/i,
@@ -231,6 +232,20 @@ sub apache_server_info {
$res{'load_modules'} .=
"LoadModule ${mod}_module $so_file\n";
}
+
+ # Apache 2.4 wants to fully-parse a config file when running -V,
+ # because the MPM is no longer compiled-in. Provide a trivial one.
+ require File::Temp;
+ my $tmp = File::Temp->new;
+ my ($mpm) = grep {/^mpm_/} @{$MODULES{$res{version}}{$res{variant}}};
+ print $tmp "LoadModule ${mpm}_module $apache_module_prefix/mod_${mpm}.so\n"
+ if $mpm;
+ print $tmp "ErrorLog /dev/null\n";
+ print $tmp "TransferLog /dev/null\n";
+ close $tmp;
+ $info = `$res{executable} -V -f $tmp`;
+ my %opts = ($info =~ m/^\s*-D\s+([A-Z_]+?)(?:="(.*)")$/mg);
+ %res = (%res, %opts);
return %res;
}
@@ -249,6 +264,7 @@ sub apache_mpm_type {
if ( $out =~ /^\s*(worker|prefork|event|itk)\.c\s*$/m ) {
return $1;
}
+ return "worker";
}
sub fork_exec {
diff --git a/t/data/configs/apache2.4+fastcgi.conf.in b/t/data/configs/apache2.4+fastcgi.conf.in
new file mode 100644
index 0000000..665ddc4
--- /dev/null
+++ b/t/data/configs/apache2.4+fastcgi.conf.in
@@ -0,0 +1,48 @@
+ServerRoot %%SERVER_ROOT%%
+PidFile %%PID_FILE%%
+ServerAdmin root at localhost
+
+%%LOAD_MODULES%%
+
+<IfModule !mpm_netware_module>
+<IfModule !mpm_winnt_module>
+User @WEB_USER@
+Group @WEB_GROUP@
+</IfModule>
+</IfModule>
+
+ServerName localhost
+Listen %%LISTEN%%
+
+ErrorLog "%%LOG_FILE%%"
+LogLevel debug
+
+<Directory />
+ Options FollowSymLinks
+ AllowOverride None
+ Require all denied
+</Directory>
+
+AddDefaultCharset UTF-8
+
+FastCgiServer %%RT_SBIN_PATH%%/rt-server.fcgi \
+ -socket %%TMP_DIR%%/socket \
+ -processes 1 \
+ -idle-timeout 180 \
+ -initial-env RT_SITE_CONFIG=%%RT_SITE_CONFIG%% \
+ -initial-env RT_TESTING=1
+
+ScriptAlias / %%RT_SBIN_PATH%%/rt-server.fcgi/
+
+DocumentRoot "%%DOCUMENT_ROOT%%"
+<Location />
+
+ <RequireAll>
+ Require all granted
+%%BASIC_AUTH%%
+ </RequireAll>
+
+ Options +ExecCGI
+ AddHandler fastcgi-script fcgi
+</Location>
+
diff --git a/t/data/configs/apache2.4+mod_perl.conf.in b/t/data/configs/apache2.4+mod_perl.conf.in
new file mode 100644
index 0000000..eb144cb
--- /dev/null
+++ b/t/data/configs/apache2.4+mod_perl.conf.in
@@ -0,0 +1,66 @@
+<IfModule mpm_prefork_module>
+ StartServers 1
+ MinSpareServers 1
+ MaxSpareServers 1
+ MaxClients 1
+ MaxRequestsPerChild 0
+</IfModule>
+
+<IfModule mpm_worker_module>
+ StartServers 1
+ MinSpareThreads 1
+ MaxSpareThreads 1
+ ThreadLimit 1
+ ThreadsPerChild 1
+ MaxClients 1
+ MaxRequestsPerChild 0
+</IfModule>
+
+ServerRoot %%SERVER_ROOT%%
+PidFile %%PID_FILE%%
+ServerAdmin root at localhost
+
+%%LOAD_MODULES%%
+
+<IfModule !mpm_netware_module>
+<IfModule !mpm_winnt_module>
+User @WEB_USER@
+Group @WEB_GROUP@
+</IfModule>
+</IfModule>
+
+ServerName localhost
+Listen %%LISTEN%%
+
+ErrorLog "%%LOG_FILE%%"
+LogLevel debug
+
+<Directory />
+ Options FollowSymLinks
+ AllowOverride None
+ Require all denied
+</Directory>
+
+AddDefaultCharset UTF-8
+PerlSetEnv RT_SITE_CONFIG %%RT_SITE_CONFIG%%
+
+DocumentRoot "%%DOCUMENT_ROOT%%"
+<Location />
+
+ <RequireAll>
+ Require all granted
+%%BASIC_AUTH%%
+ </RequireAll>
+
+ SetHandler modperl
+
+ PerlResponseHandler Plack::Handler::Apache2
+ PerlSetVar psgi_app %%RT_SBIN_PATH%%/rt-server
+</Location>
+
+<Perl>
+ $ENV{RT_TESTING}=1;
+ use Plack::Handler::Apache2;
+ Plack::Handler::Apache2->preload("%%RT_SBIN_PATH%%/rt-server");
+</Perl>
+
-----------------------------------------------------------------------
More information about the rt-commit
mailing list