Posts tagged ‘Apache’

Ant script, build Apache 2.2 and Mod_ssl

A friend of mine wanted to run the latest Aspache Mod_ssl available as some vulnerable holes have been patched in OpenSsl, but in order to do that you need to build it your self. Can you take a look he said, sure why not, he gave me a couple of links for instructions which is really all you need.

Instructions
Apachelounge
Devside

Source code(s)
OpenSsl
Apache
Zlib

Now I’m expecting my friend will need to do this again with another version in the future. So I figured why don’t we just create Ant script out of it. That way next time around we only need to change a couple of params about the source packages and we are off to the races. One click ant script should do the trick.

There are a couple of things that you have to have installed first on your system before you start. One is perl, I’m using ActivePerl but you should also be able to use other compatible perl packages. Another is awk, you might have to use gawk which you can then rename as awk on you computer before you start. Both of those need to be installed and available in the system path. I also have Vs2005 installed and that’s the one that will be used to do the compile. Also Zdll.lib was extracted from the Zlib binary as I got up against naming conflict on that one, put that one in \lib\zlib

Of course a simple Ant script to compile those would be impossible without the instructions mentioned before. And of course above all the people that put in the work to create the make files etc. Without them I would still be lost !

Here is the Ant script,

<project name=“nativeIndian” default=“ApacheBuild” basedir=“.”>

        <!–
    11/2009 – ORN
    ===
    – Apache –
    http://www.apachelounge.com/viewtopic.php?t=778
    http://www.devside.net/guides/windows/apache
    –
    http://www.openssl.org/source/
    http://httpd.apache.org/download.cgi
    http://www.zlib.net/

    ****
      Note –
      ActivePerl and Awk need to be present and available in the path.
      VS2005 is used to compile.
    ****

    This script will attempt the following
    ==========================================
    * Unzip sources
    * Set sources in place for compile
    * Compile OpenSsl
    * Test OpenSsl
    * Compile Apache
        –>

        <!– set global properties for this build –>
  <property name=“ApacheName” value=“Apache22” />
  <property name=“srcDir” location=“${basedir}/../” />
  <property name=“libDir” location=“${basedir}/../lib/” />
  <property name=“zipLibDir” location=“${basedir}/../lib/zlib/” />
  <!– Source –>
  <property name=“OpenSslTop” value=“openssl-0.9.8l” />
  <property name=“OpenSslSourceGz” location=“${basedir}/../${OpenSslTop}.tar.gz” />
  <property name=“OpenSslSourceTar” location=“${basedir}/../${OpenSslTop}.tar” />
  <property name=“ZlibTop” value=“zlib-1.2.3” />
  <property name=“ZlibSourceGz” location=“${basedir}/../${ZlibTop}.tar.gz” />
  <property name=“ZlibSourceTar” location=“${basedir}/../${ZlibTop}.tar” />
  <property name=“ApacheSourceTop” value=“httpd-2.2.14” />
  <property name=“ApacheSource” location=“${basedir}/../${ApacheSourceTop}-win32-src.zip” />
  <property name=“ApacheBin” value=“Apache_bin.zip” />
  <!– Build dirs–>
  <property name=“buildDir” location=“${basedir}/aphache/” />
  <property name=“buildLibDir” location=“${buildDir}/${ApacheSourceTop}/srclib/” />
  <property name=“buildLibZlibDir” location=“${buildDir}/${ApacheSourceTop}/srclib/zlib/” />
  <property name=“buildLibOpenSslDir” location=“${buildDir}/${ApacheSourceTop}/srclib/OpenSsl/” />

  <!– Hardcoded, VS2005 location –>
  <property name=“VsEnvir” location=“D:\apps\dev\Ide\vs2005\VC\vcvarsall.bat” />

  <!– TIMESTAMPS –>
        <tstamp>
                <format property=“TheStartTime” pattern=“dd-MM-yyyy hh:mm aa” />
        </tstamp>

 
  <!– DEFAULT RUN TARGETS  –>
  <target name=“ApacheBuild” depends=“startme,cleanUp,setup,compile,zipbin” >
    <echo message=“– Ending=${TheStartTime}” />
    <echo message=“– Done !” />
  </target>

 
  <!– Startup –>
  <target name=“startme” >
    <echo message=“– Start startme:” />
    <echo message=“– ${TheStartTime}” />
    <mkdir dir=“${buildDir}” />
  </target>

  <!– Fails on cleanup, as it might be clean already, or never created –>
        <target name=“cleanUp” >
    <echo message=“– Start cleanup:” />
                <delete dir=“${buildDir}” failonerror=“yes”/>
    <delete file=“${basedir}/${ApacheBin}” />
        </target>

  <!– Unzip and copy –>
  <target name=“setup” >
    <echo message=“– Start setup:” />
   
    <!– make sure the build dir is present –>
    <mkdir dir=“${buildDir}” />
   
    <!– Apache source –>
    <unzip src=“${ApacheSource}” dest=“${buildDir}”/>
   
    <!– OpenSsl source –>
    <gunzip src=“${OpenSslSourceGz}”/>
    <untar src=“${OpenSslSourceTar}” dest=“${buildDir}”/>
    <!– Add openssl to source dir –>
    <move todir=“${buildLibOpenSslDir}”>
      <fileset dir=“${buildDir}/${OpenSslTop}”/>
    </move>

    <!– Zlib source –>
    <gunzip src=“${ZlibSourceGz}”/>
    <untar src=“${ZlibSourceTar}” dest=“${buildDir}”/>
    <!– Add Zlib to source dir –>
    <move todir=“${buildLibZlibDir}”>
      <fileset dir=“${buildDir}/${ZlibTop}”/>
    </move>
    <!– Add zlib lib to source dir as well –>
    <copy file=“${zipLibDir}/zdll.lib” todir=“${buildLibZlibDir}”/>

  </target>
 
 
 
  <!– Compile packages  –>
  <target name=“compile” >
    <echo message=“– Start compile:” />

    <!– Vs2005 environment variables –>
    <exec executable=“cmd”>
      <arg value=“/c”/>
      <arg value=“${VsEnvir}”/>
    </exec>

    <!– Build OpenSsl –>
    <echo message=“– Start compile OpenSsl:” />
    <exec executable=“cmd” dir=“${buildLibOpenSslDir}” >
      <arg value=“/c”/>
      <arg value=“perl Configure VC-WIN32”/>
    </exec>
    <exec executable=“cmd” dir=“${buildLibOpenSslDir}”>
      <arg value=“/c”/>
      <arg value=“ms\do_masm”/>
    </exec>
    <exec executable=“cmd” dir=“${buildLibOpenSslDir}”>
      <arg value=“/c”/>
      <arg value=“nmake -f ms\ntdll.mak”/>
    </exec>
    <!– Test OpenSsl –>
    <echo message=“– Start test OpenSsl:” />
    <exec executable=“cmd” dir=“${buildLibOpenSslDir}/out32dll”>
      <arg value=“/c”/>
      <arg value=“..\ms\test”/>
    </exec>

   
    <!– Build Apache with the default localhost, port 80 –>
    <echo message=“– Start compile Apache:” />
    <exec executable=“cmd” dir=“${buildDir}/${ApacheSourceTop}”>
      <arg value=“/c”/>
      <arg value=“nmake /f Makefile.win SERVERNAME=localhost PORT=80 INSTDIR=${buildDir}/../${ApacheName} installr”/>
    </exec>

  </target>

  <!– Zip up the Apache  –>
  <target name=“zipbin” >
    <zip
      destfile=“${basedir}/${ApacheBin}”
      basedir=“${buildDir}/../${ApacheName}”
    />

  </target>

</project>

Bundled Apache + SVN

I finally installed Subversion as my local repository. I had used the windows CollabNet server at work it works great, but I decided to try VisualSVN at home. I have to say I like VisualSVN better. With the latest version both of them give you the ability to install Apache during install, but VisualSVN takes the win with their management console. Very easy to use GUI, similar to the Microsoft Sql Server. From the console you can setup up your repositories, users and groups. It is also very convenient to setup group permissions for your repositories.

visualsvn

Note, when you install the Apache server wants to use port 80 or 443 / SSL port. Of course if you have IIS running you will most likely be using those ports for IIS. So either shut down IIS, or figure out which ones gets to use the default port.

Installing on Windows and using the VisualSVN console I had one user and two repositories up in about 5 minutes, very snappy indeed.

Apache http access for SVN Repository

I had to add http access for our SVN repository at work, which was happily serving on the default SVN port. However after changing to our new network the SVN port has been shut down and the IT guys are in no hurry to open it up. I thought I remembered Apache can be chained with SVN for http access, went looking and sure enough. So here is a quick step tutorial with minimum configuration if you need to do the same.



1 – Download and install Apache 2.2
http://httpd.apache.org/download.cgi
I’m installing at c:\apps\apache2.



2 – Copy modules from Subversion to Apache modules
c:\apps\subversion\bin\mod_dav_svn.so
c:\apps\subversion\bin\mod_authz_svn.so
to
c:\apps\apach2\modules

and
c:\apps\subversion\bin\libdb44.dll
c:\apps\subversion\bin\intl3_svn.dll
to
c:\apps\apache2\bin
if needed



3 – Modify the Apache httpd.conf to load the SVN modules
Add the following two lines to your
c:\apps\apache2\conf\httpd.conf
file, just look for all of the lines that start with LoadModule, put them at the end of the list

LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so

Now un-comment this line in httpd.conf, it will look like this
LoadModule dav_module modules/mod_dav.so



4 – Add your svn location info to httpd.conf
At the very bottom of your httpd.conf file add these lines:

<Location /svn>
DAV svn
SVNParentPath  c:\apps\subversion\svn_repos

AuthType Basic
AuthName "Subversion Repository"
AuthUserFile conf/password.pass
Require valid-user
</Location>



5 – Create an Apache password file
To allow Apache to handle authentication for you, you’ll need to create a password file. Open a command prompt,
cd c:\apps\apache2\bin
then
htpasswd –c passwords.pass newuser

Enter the password for newuser, to add additional users

htpasswd passwords.pass anotherUser

When you have added all the users copy the passwords.pass file over to the
c:\apps\apache2\conf
directory



6 – Start the Apache service from Services
If you get errors open dos window and run Apache manually
c:\apps\apache2\bin\httpd.exe
You should see the errors reported.



7 – Access your repository over http
With Tortiese goto the repo browser, enter the appropriate path, something like the following.
http:///10.0.0.1/svn/yourRepo
You will be prompted for the user and password and should be all good to go. You should also be able to open the location in a web browser.



This quick step guide is based on the more comprehensive guide at inetsolution. That guide is great and covers setup of SVN+Apache, SSL access and group permissions.