nixpkgs-suyu/pkgs/servers/http/apache-httpd/2.4.nix
Martin Weinelt 6bf3336975
apacheHttpd: 2.4.52 -> 2.4.53
https://downloads.apache.org/httpd/CHANGES_2.4.53

Migrating to pcre2 was recommended in the release notes, since pcre 8.x
is over 20 years old and has now reached its end of life.

Fixes: CVE-2022-23943, CVE-2022-22721, CVE-2022-22720, CVE-2022-22719
2022-03-14 13:26:41 +01:00

98 lines
2.9 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{ lib, stdenv, fetchurl, perl, zlib, apr, aprutil, pcre2, libiconv, lynx, which
, nixosTests
, proxySupport ? true
, sslSupport ? true, openssl
, http2Support ? true, nghttp2
, ldapSupport ? true, openldap
, libxml2Support ? true, libxml2
, brotliSupport ? true, brotli
, luaSupport ? false, lua5
}:
stdenv.mkDerivation rec {
pname = "apache-httpd";
version = "2.4.53";
src = fetchurl {
url = "mirror://apache/httpd/httpd-${version}.tar.bz2";
sha256 = "sha256-0LvREhpXtfKm/5LXuW+AUMWkXT8U2xGPZJedUlhY22M=";
};
# FIXME: -dev depends on -doc
outputs = [ "out" "dev" "man" "doc" ];
setOutputFlags = false; # it would move $out/modules, etc.
nativeBuildInputs = [ which ];
buildInputs = [ perl ] ++
lib.optional brotliSupport brotli ++
lib.optional sslSupport openssl ++
lib.optional ldapSupport openldap ++ # there is no --with-ldap flag
lib.optional libxml2Support libxml2 ++
lib.optional http2Support nghttp2 ++
lib.optional stdenv.isDarwin libiconv;
postPatch = ''
sed -i config.layout -e "s|installbuilddir:.*|installbuilddir: $dev/share/build|"
sed -i support/apachectl.in -e 's|@LYNX_PATH@|${lynx}/bin/lynx|'
'';
# Required for pthread_cancel.
NIX_LDFLAGS = lib.optionalString (!stdenv.isDarwin) "-lgcc_s";
configureFlags = [
"--with-apr=${apr.dev}"
"--with-apr-util=${aprutil.dev}"
"--with-z=${zlib.dev}"
"--with-pcre=${pcre2.dev}/bin/pcre2-config"
"--disable-maintainer-mode"
"--disable-debugger-mode"
"--enable-mods-shared=all"
"--enable-mpms-shared=all"
"--enable-cern-meta"
"--enable-imagemap"
"--enable-cgi"
"--includedir=${placeholder "dev"}/include"
(lib.enableFeature proxySupport "proxy")
(lib.enableFeature sslSupport "ssl")
(lib.withFeatureAs libxml2Support "libxml2" "${libxml2.dev}/include/libxml2")
"--docdir=$(doc)/share/doc"
(lib.enableFeature brotliSupport "brotli")
(lib.withFeatureAs brotliSupport "brotli" brotli)
(lib.enableFeature http2Support "http2")
(lib.withFeature http2Support "nghttp2")
(lib.enableFeature luaSupport "lua")
(lib.withFeatureAs luaSupport "lua" lua5)
];
enableParallelBuilding = true;
stripDebugList = [ "lib" "modules" "bin" ];
postInstall = ''
mkdir -p $doc/share/doc/httpd
mv $out/manual $doc/share/doc/httpd
mkdir -p $dev/bin
mv $out/bin/apxs $dev/bin/apxs
'';
passthru = {
inherit apr aprutil sslSupport proxySupport ldapSupport luaSupport lua5;
tests = {
acme-integration = nixosTests.acme;
proxy = nixosTests.proxy;
php = nixosTests.php.httpd;
};
};
meta = with lib; {
description = "Apache HTTPD, the world's most popular web server";
homepage = "https://httpd.apache.org/";
license = licenses.asl20;
platforms = platforms.linux ++ platforms.darwin;
maintainers = with maintainers; [ lovek323 ];
};
}