Patchwork [meta-webserver,0/3] Apache / PHP upgrades

login
register
mail settings
Submitter Paul Eggleton
Date Jan. 13, 2014, 10:38 a.m.
Message ID <cover.1389609476.git.paul.eggleton@linux.intel.com>
Download mbox
Permalink /patch/64619/
State Superseded, archived
Headers show

Pull-request

git://git.openembedded.org/meta-openembedded-contrib paule/webserver-upgrades

Comments

Paul Eggleton - Jan. 13, 2014, 10:38 a.m.
The following changes since commit a1b6699ad26e1035f5c29918e059b8b57fde57ff:

  add libcrypt-openssl-rsa-perl (2014-01-13 09:59:45 +0000)

are available in the git repository at:

  git://git.openembedded.org/meta-openembedded-contrib paule/webserver-upgrades
  http://cgit.openembedded.org/cgit.cgi/meta-openembedded-contrib/log/?h=paule/webserver-upgrades

Paul Eggleton (3):
  apache2: update to 2.4.7
  modphp: upgrade to 5.5.8
  phpmyadmin: update to 4.1.4

 .../apache2-2.4.6/httpd-2.4.4-r1332643.patch       | 260 ---------------------
 ...he2-native_2.4.6.bb => apache2-native_2.4.7.bb} |   6 +-
 .../apache-configure_perlbin.patch                 |   0
 .../apache-ssl-ltmain-rpath.patch                  |   0
 .../fix-libtool-name.patch                         |   0
 .../httpd-2.4.1-corelimit.patch                    |   0
 .../httpd-2.4.1-selinux.patch                      |   0
 .../httpd-2.4.4-export.patch                       |   0
 .../replace-lynx-to-curl-in-apachectl-script.patch |   0
 .../server-makefile.patch                          |   0
 .../apache2/{apache2_2.4.6.bb => apache2_2.4.7.bb} |   7 +-
 meta-webserver/recipes-php/modphp/modphp_5.5.2.bb  |   7 -
 meta-webserver/recipes-php/modphp/modphp_5.5.8.bb  |   7 +
 .../{phpmyadmin_4.0.5.bb => phpmyadmin_4.1.4.bb}   |   4 +-
 14 files changed, 15 insertions(+), 276 deletions(-)
 delete mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.6/httpd-2.4.4-r1332643.patch
 rename meta-webserver/recipes-httpd/apache2/{apache2-native_2.4.6.bb => apache2-native_2.4.7.bb} (84%)
 rename meta-webserver/recipes-httpd/apache2/{apache2-2.4.6 => apache2}/apache-configure_perlbin.patch (100%)
 rename meta-webserver/recipes-httpd/apache2/{apache2-2.4.6 => apache2}/apache-ssl-ltmain-rpath.patch (100%)
 rename meta-webserver/recipes-httpd/apache2/{apache2-2.4.6 => apache2}/fix-libtool-name.patch (100%)
 rename meta-webserver/recipes-httpd/apache2/{apache2-2.4.6 => apache2}/httpd-2.4.1-corelimit.patch (100%)
 rename meta-webserver/recipes-httpd/apache2/{apache2-2.4.6 => apache2}/httpd-2.4.1-selinux.patch (100%)
 rename meta-webserver/recipes-httpd/apache2/{apache2-2.4.6 => apache2}/httpd-2.4.4-export.patch (100%)
 rename meta-webserver/recipes-httpd/apache2/{apache2-2.4.6 => apache2}/replace-lynx-to-curl-in-apachectl-script.patch (100%)
 rename meta-webserver/recipes-httpd/apache2/{apache2-2.4.6 => apache2}/server-makefile.patch (100%)
 rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.6.bb => apache2_2.4.7.bb} (95%)
 delete mode 100644 meta-webserver/recipes-php/modphp/modphp_5.5.2.bb
 create mode 100644 meta-webserver/recipes-php/modphp/modphp_5.5.8.bb
 rename meta-webserver/recipes-php/phpmyadmin/{phpmyadmin_4.0.5.bb => phpmyadmin_4.1.4.bb} (87%)
Randy MacLeod - Jan. 16, 2014, 2:31 p.m.
On 14-01-13 05:38 AM, Paul Eggleton wrote:
> The following changes since commit a1b6699ad26e1035f5c29918e059b8b57fde57ff:
>
>    add libcrypt-openssl-rsa-perl (2014-01-13 09:59:45 +0000)
>
> are available in the git repository at:
>
>    git://git.openembedded.org/meta-openembedded-contrib paule/webserver-upgrades
>    http://cgit.openembedded.org/cgit.cgi/meta-openembedded-contrib/log/?h=paule/webserver-upgrades
>
> Paul Eggleton (3):
>    apache2: update to 2.4.7
>    modphp: upgrade to 5.5.8
>    phpmyadmin: update to 4.1.4
>
>   .../apache2-2.4.6/httpd-2.4.4-r1332643.patch       | 260 ---------------------

Hi Paul,

You asked me about dropping this patch and I've done a bit of digging.

My conclusion is that the  patch is not integrated into 2.4.7 and
it would be "nice to have" since we've supported it so far.
It seems that apache2-2.6.x will include the patch.

The intended use is primarily to support SPDY as described here:
    https://technotes.googlecode.com/git/nextprotoneg.html
and I skimmed though this:
 
http://googledevelopers.blogspot.ca/2012/04/add-spdy-support-to-your-apache-server.html


As for generating a new patch, the STATUS file in 2.4.7 says:
...
    * mod_ssl: Add support for Next Protocol Negotiation.
      Trunk patch:
        http://svn.apache.org/viewvc?view=revision&revision=1332643
      2.4.x patch:
        Trunk patch works.
      +1: ben
      sf says: Needs r1345599, too.
           And wrowe's comment about the 2.2 patch is also valid for 2.4:
           http://svn.apache.org/viewvc?view=revision&revision=1354823


Does that help? Do you want someone @WR to work on the patch, the 
mod_spdy module and testing? A few more comments and links given
below.

../Randy

---

This patch has:
    Upstream-Status: Backport
and I do see the _reworked_ feature and our patch upstream
in the git-svn repo:
    https://github.com/apache/httpd.git
specifically, the re-worked commit here:
 
https://github.com/apache/httpd/commit/afa9bc99edf96a8ff3a81786cc4ef52a9f3cf310

and a commit with identical content to our patch here:
 
https://github.com/apache/httpd/commit/79d4d4d3ce586bf526178ed6d05e1b0dca7051c4

but they are both on the trunk branch (aka 2.5) so
they are not include in 2.4.7.

The original defect is:
    https://issues.apache.org/bugzilla/show_bug.cgi?id=52210

    OpenSSL 1.0.1 added support for TLS Next Protocol Negotiation (NPN)
    [1], a feature which allows client and server to negotiate what
    protocol should be used over the secure connection.  I propose
    adding hooks into mod_ssl to allow other modules to access
    this feature.

---

>   ...he2-native_2.4.6.bb => apache2-native_2.4.7.bb} |   6 +-
>   .../apache-configure_perlbin.patch                 |   0
>   .../apache-ssl-ltmain-rpath.patch                  |   0
>   .../fix-libtool-name.patch                         |   0
>   .../httpd-2.4.1-corelimit.patch                    |   0
>   .../httpd-2.4.1-selinux.patch                      |   0
>   .../httpd-2.4.4-export.patch                       |   0
>   .../replace-lynx-to-curl-in-apachectl-script.patch |   0
>   .../server-makefile.patch                          |   0
>   .../apache2/{apache2_2.4.6.bb => apache2_2.4.7.bb} |   7 +-
>   meta-webserver/recipes-php/modphp/modphp_5.5.2.bb  |   7 -
>   meta-webserver/recipes-php/modphp/modphp_5.5.8.bb  |   7 +
>   .../{phpmyadmin_4.0.5.bb => phpmyadmin_4.1.4.bb}   |   4 +-
>   14 files changed, 15 insertions(+), 276 deletions(-)
>   delete mode 100644 meta-webserver/recipes-httpd/apache2/apache2-2.4.6/httpd-2.4.4-r1332643.patch
>   rename meta-webserver/recipes-httpd/apache2/{apache2-native_2.4.6.bb => apache2-native_2.4.7.bb} (84%)
>   rename meta-webserver/recipes-httpd/apache2/{apache2-2.4.6 => apache2}/apache-configure_perlbin.patch (100%)
>   rename meta-webserver/recipes-httpd/apache2/{apache2-2.4.6 => apache2}/apache-ssl-ltmain-rpath.patch (100%)
>   rename meta-webserver/recipes-httpd/apache2/{apache2-2.4.6 => apache2}/fix-libtool-name.patch (100%)
>   rename meta-webserver/recipes-httpd/apache2/{apache2-2.4.6 => apache2}/httpd-2.4.1-corelimit.patch (100%)
>   rename meta-webserver/recipes-httpd/apache2/{apache2-2.4.6 => apache2}/httpd-2.4.1-selinux.patch (100%)
>   rename meta-webserver/recipes-httpd/apache2/{apache2-2.4.6 => apache2}/httpd-2.4.4-export.patch (100%)
>   rename meta-webserver/recipes-httpd/apache2/{apache2-2.4.6 => apache2}/replace-lynx-to-curl-in-apachectl-script.patch (100%)
>   rename meta-webserver/recipes-httpd/apache2/{apache2-2.4.6 => apache2}/server-makefile.patch (100%)
>   rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.6.bb => apache2_2.4.7.bb} (95%)
>   delete mode 100644 meta-webserver/recipes-php/modphp/modphp_5.5.2.bb
>   create mode 100644 meta-webserver/recipes-php/modphp/modphp_5.5.8.bb
>   rename meta-webserver/recipes-php/phpmyadmin/{phpmyadmin_4.0.5.bb => phpmyadmin_4.1.4.bb} (87%)
>
Paul Eggleton - Jan. 16, 2014, 3:15 p.m.
Hi Randy,

On Thursday 16 January 2014 09:31:28 Randy MacLeod wrote:
> You asked me about dropping this patch and I've done a bit of digging.
> 
> My conclusion is that the  patch is not integrated into 2.4.7 and
> it would be "nice to have" since we've supported it so far.
> It seems that apache2-2.6.x will include the patch.
> 
> The intended use is primarily to support SPDY as described here:
>     https://technotes.googlecode.com/git/nextprotoneg.html
> and I skimmed though this:
> 
> http://googledevelopers.blogspot.ca/2012/04/add-spdy-support-to-your-apache-> server.html
> 
> 
> As for generating a new patch, the STATUS file in 2.4.7 says:
> ...
>     * mod_ssl: Add support for Next Protocol Negotiation.
>       Trunk patch:
>         http://svn.apache.org/viewvc?view=revision&revision=1332643
>       2.4.x patch:
>         Trunk patch works.
>       +1: ben
>       sf says: Needs r1345599, too.
>            And wrowe's comment about the 2.2 patch is also valid for 2.4:
>            http://svn.apache.org/viewvc?view=revision&revision=1354823
> 
> 
> Does that help? Do you want someone @WR to work on the patch, the
> mod_spdy module and testing? A few more comments and links given
> below.
> 
> ../Randy
> 
> ---
> 
> This patch has:
>     Upstream-Status: Backport
> and I do see the _reworked_ feature and our patch upstream
> in the git-svn repo:
>     https://github.com/apache/httpd.git
> specifically, the re-worked commit here:
> 
> https://github.com/apache/httpd/commit/afa9bc99edf96a8ff3a81786cc4ef52a9f3cf
> 310
> 
> and a commit with identical content to our patch here:
> 
> https://github.com/apache/httpd/commit/79d4d4d3ce586bf526178ed6d05e1b0dca705
> 1c4
> 
> but they are both on the trunk branch (aka 2.5) so
> they are not include in 2.4.7.
> 
> The original defect is:
>     https://issues.apache.org/bugzilla/show_bug.cgi?id=52210
> 
>     OpenSSL 1.0.1 added support for TLS Next Protocol Negotiation (NPN)
>     [1], a feature which allows client and server to negotiate what
>     protocol should be used over the secure connection.  I propose
>     adding hooks into mod_ssl to allow other modules to access
>     this feature.


Thanks for looking deeper into this. I'm not quite sure what they mean by 
"Trunk patch works" but I just retrieved the trunk patch and tried to apply it 
but there are conflicts; I also tried a cherry-pick on that git repository but 
that didn't work either. 

I suspect that it would be good to have someone else who knows more about this 
feature create and test a new patch, so if you have someone who could do that 
that would be great.

Cheers,
Paul
Randy MacLeod - Jan. 16, 2014, 3:24 p.m.
On 14-01-16 10:15 AM, Paul Eggleton wrote:
> Hi Randy,
>
> On Thursday 16 January 2014 09:31:28 Randy MacLeod wrote:
>> You asked me about dropping this patch and I've done a bit of digging.
>>
>> My conclusion is that the  patch is not integrated into 2.4.7 and
>> it would be "nice to have" since we've supported it so far.
>> It seems that apache2-2.6.x will include the patch.
>>
>> The intended use is primarily to support SPDY as described here:
>>      https://technotes.googlecode.com/git/nextprotoneg.html
>> and I skimmed though this:
>>
>> http://googledevelopers.blogspot.ca/2012/04/add-spdy-support-to-your-apache-> server.html
>>
>>
>> As for generating a new patch, the STATUS file in 2.4.7 says:
>> ...
>>      * mod_ssl: Add support for Next Protocol Negotiation.
>>        Trunk patch:
>>          http://svn.apache.org/viewvc?view=revision&revision=1332643
>>        2.4.x patch:
>>          Trunk patch works.
>>        +1: ben
>>        sf says: Needs r1345599, too.
>>             And wrowe's comment about the 2.2 patch is also valid for 2.4:
>>             http://svn.apache.org/viewvc?view=revision&revision=1354823
>>
>>
>> Does that help? Do you want someone @WR to work on the patch, the
>> mod_spdy module and testing? A few more comments and links given
>> below.
>>
>> ../Randy
>>
>> ---
>>
>> This patch has:
>>      Upstream-Status: Backport
>> and I do see the _reworked_ feature and our patch upstream
>> in the git-svn repo:
>>      https://github.com/apache/httpd.git
>> specifically, the re-worked commit here:
>>
>> https://github.com/apache/httpd/commit/afa9bc99edf96a8ff3a81786cc4ef52a9f3cf
>> 310
>>
>> and a commit with identical content to our patch here:
>>
>> https://github.com/apache/httpd/commit/79d4d4d3ce586bf526178ed6d05e1b0dca705
>> 1c4
>>
>> but they are both on the trunk branch (aka 2.5) so
>> they are not include in 2.4.7.
>>
>> The original defect is:
>>      https://issues.apache.org/bugzilla/show_bug.cgi?id=52210
>>
>>      OpenSSL 1.0.1 added support for TLS Next Protocol Negotiation (NPN)
>>      [1], a feature which allows client and server to negotiate what
>>      protocol should be used over the secure connection.  I propose
>>      adding hooks into mod_ssl to allow other modules to access
>>      this feature.
>
>
> Thanks for looking deeper into this. I'm not quite sure what they mean by
> "Trunk patch works" but I just retrieved the trunk patch and tried to apply it
> but there are conflicts; I also tried a cherry-pick on that git repository but
> that didn't work either.
>
> I suspect that it would be good to have someone else who knows more about this
> feature create and test a new patch, so if you have someone who could do that
> that would be great.

Will do. It may have to wait until after the Chinese Spring festival but
we'll get it on the "to do" list.

../Randy
>
> Cheers,
> Paul
>