Accidentally found out the apache 1.3.31 was released by custom apache.

For what apache is updated, see here.
http://www.apache.org/dist/httpd/CHANGES_1.3

OK, here we start :

1. First go to directadmin custom apache directory
# cd /usr/local/directadmin/customapache/

2. Clean everything
# ./build clean

3. Update Apache
# ./build update

4. Now we need to edit this file :
# vi configure.apache_ssl

Change to this :
#!/bin/sh
OPTIM="-DHARD_SERVER_LIMIT=32768 -DFD_SETSIZE=32768 " \
EAPI_MM="SYSTEM" \
SSL_BASE="/usr" \
PORTOBJFORMAT=elf \
./configure \
--with-apache=../apache_1.3.31 \
--with-ssl=/usr \
--prefix=/etc/httpd \
--exec-prefix=/etc/httpd \
--bindir=/usr/bin \
--sbindir=/usr/sbin \

:wq


5. Now start recompile
# ./build apache_mod_ssl

6. After recompiled, safely restart apache
# service httpd restart



Finished~
If any problem comes out, I will try my best to answer the basic ones...

Cheers,

Jeffery :D

Originally posted by jeffery
Accidentally found out the apache 1.3.31 was released by custom apache.
Are you saying that the custom apache script now automatically loads and builds 1.1.31?

If so, then if it doesn't also automatically update configure.apache_ssl that's got to be classified as a bug.

So we need to get this clarified.

Are you saying it does automatically load and configure 1.3.31, but doesn't fix configure.apache_ssl?

Thanks for any clarification.

Jeff

Originally posted by jlasman
Are you saying that the custom apache script now automatically loads and builds 1.1.31?

If so, then if it doesn't also automatically update configure.apache_ssl that's got to be classified as a bug.

So we need to get this clarified.

Are you saying it does automatically load and configure 1.3.31, but doesn't fix configure.apache_ssl?

Thanks for any clarification.

Jeff


Yes, Custom Apache automatically download 1.3.31 and set all thing except the file configure.apache_ssl.

The version no of configure.apache_ssl is 'hardcoded' and so I need to manaully change it. Isn't it classified a bug? :D

I'd call it a bug and I'll bring it to John's attention.

Jeff

Thanks for the update..

Did all the changes stated and everything is working fine and updated! :D

Dec

Originally posted by dec
Thanks for the update..

Did all the changes stated and everything is working fine and updated! :D

Dec

Yes, including those SSL certificate settings.

It should keep your existing httpd conf(s). ;)

http://help.directadmin.com/item.php?id=1

thanks, John. I printed it out and will file it with my "update stuff".

Jeff

Thanks~ John

:cool:

By the way, the configure.apache_ssl script was not updating the apache version number. The update process for apache included removing the configure.apache_ssl file then doing a "./build update" to get the new one. Jeff sent me an email about this so I just added a bit of perl code to replace older version #'s with the current one so the "rm -f configure.apache_ssl" is no longer required during a "build update" for apache.

John

FYI: Update runs smoothly on FreeBSD 5.2.1

Originally posted by DirectAdmin Support
By the way, the configure.apache_ssl script was not updating the apache version number. The update process for apache included removing the configure.apache_ssl file then doing a "./build update" to get the new one. Jeff sent me an email about this so I just added a bit of perl code to replace older version #'s with the current one so the "rm -f configure.apache_ssl" is no longer required during a "build update" for apache.

John

I followed the build script exactly and the version number on Apache is still showing 1.3.29 even though it shows that everything was updated successfully.

I am using Freebsd 4.9

Originally posted by i2iweb
I followed the build script exactly and the version number on Apache is still showing 1.3.29 even though it shows that everything was updated successfully.

I am using Freebsd 4.9

Have you restarted your httpd?

Yep I restarted httpd.

And you did ./build clean ?

I tried building it again to be on the safe side and still the same results. I pasted the output of what I did at the following url below:


Here is what I did (http://www.i2iwebsolutions.com/speedtest/apache_error.htm)

Ok now that is odd.. I did the same thing (though on 5.2.1) and it worked. Might be weird but instead of ./httpd restart try ./httpd stop and after a few seconds ./httpd start and see what the outcome is.

Your problem is all the "Operation not permitted" errors you were getting when it was trying to install ap, apachectl, httpd... You were saying yes to overwrite, but then there was an error about operation not permitted. You need to fix that. Are you doing this as root?

Thanks for the info toml, it works now. When I looked more closely at the permissions errors I realized I forgot to unlock some directories that I had locked down. Thanks all for all your help...

Kevin

santacruz# httpd -v
Server version: Apache/1.3.31 (Unix)
Server built: May 26 2004 11:38:11

Worked like a charm on FreeBSD 4.10

Originally posted by DirectAdmin Support
http://help.directadmin.com/item.php?id=1
That worked great for me, minus this:[root@server1 admin]# httpd -v
bash: httpd: command not found
:)

Had to do[root@server1 admin]# /usr/sbin/httpd -v
Server version: Apache/1.3.31 (Unix)
Server built: May 25 2004 22:22:48

Also none of the handy service commands work:[root@server1 admin]# service httpd restart
bash: service: command not found
Have to do:/etc/rc.d/init.d/httpd restart(however I just noticed /sbin/service httpd restart does indeed work.)

I'm on RHEL3.

How did you login?

if you used su from admin, make sure you use:

su -

NOT

su

Since both httpd and service commands dont work, it seems your paths are incorrect which is what the above would cause ;)

Chris

WOW! I never would have guessed that the cause..

Good job! :)

Commands specified at http://help.directadmin.com/item.php?id=1 worked fine form me. My Apache version is now 1.3.31. Thanks, John.

Apache 1.3.31 is not OK I read at www.webwereld.nl
(sorry dutch)
Apache 1.3.32 is out now include the patch to fix the securety problem.

Is the update here avalible?

Theres nothing on the apache website about a release

Originally posted by jmstacey
Theres nothing on the apache website about a release
Well let's see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492
Or http://www.apacheweek.com/issues/04-06-11 for the entire story & information.

quote from apacheweek:[br]CAN-2004-0492: Important flaw in mod_proxy
An important security issue was reported in mod_proxy on the 10th June. The Common Vulnerabilities and Exposures project has assigned the name CAN-2004-0492 to this issue.

The flaw affects Apache httpd versions 1.3.26, 1.3.27, 1.3.28, 1.3.29 and 1.3.31 that have mod_proxy enabled and configured. Apache httpd 2.0 and other versions of Apache httpd 1.3 are unaffected.
In default installs of DA, mod_proxy is disabled as far as i know...
So this wouldn't be dangerous for us.