OpenBSD, Apache, and IPv6

(Last modified: 02/23/02)

Introduction

The Apache httpd daemon in OpenBSD 3.0 does not support IPv6 natively. It must be patched. Unfortunately, patching the source tree w/ the patches provided by the KAME team fails miserably. This document provides information for compiling a new, IPv6-enabled httpd, with defaults similar to those used in the default configuration of the native OpenBSD httpd.

This document references Apache 1.3.19 and Mod_SSL 2.8.3-1.3.19.

Compilation

Download a copy of the Apache IPv6 patch from ftp://ftp.kame.net/pub/kame/misc/.
Download Apache from http://www.apache.org/.
Download Mod_SSL from http://www.modssl.org/.

Decompress the archives, then:

cd mod_ssl-2.8.3-1.3.19
./configure --with-apache=../apache_1.3.19 --enable-rule=INET6 \
--with-layout=OpenBSD --enable-suexec --enable-module=ssl \
--suexec-caller=www --suexec-docroot=/var/www/htdocs \
--suexec-logfile=/var/log/suexec_log --suexec-userdir=public_html \
--suexec-uidmin=1000 --suexec-gidmin=1000 \
--suexec-safepath=/usr/bin:/bin:/usr/local/bin

cd ..
patch < /path/to/apache.patch
cd apache_1.3.19
cp /usr/src/usr.sbin/httpd/config.layout .
sh ./configure.v6 --with-layout=OpenBSD --enable-rule=INET6 --enable-suexec \
--suexec-caller=www --suexec-docroot=/var/www/htdocs \
--suexec-logfile=/var/log/suexec_log --suexec-userdir=public_html \
--suexec-uidmin=1000 --suexec-gidmin=1000 \
--suexec-safepath=/usr/bin:/bin:/usr/local/bin --enable-module=ssl
make && make install

Configuration

Note that if you are upgrading from a non-IPv6 enabled version of Apache, you may need to update your httpd.conf. There are some significant changes that will effect the server's operation. Run apachectl configtest to see if there are any immediate errors.

Running

Finally, stop and restart httpd (simply restarting will not do the trick, since we are working with a new binary):

apachectl stop && apachectl start

Credits

Written by Robert Mooney (rjmooney\@impetus\.us).

The method used above is described in http://www.tateoka.org/~tate/diary/20000919e/. Unfortunately, it's not in English. It was, however, useful in creating this document.

Copyright (c) 2001-2002 Robert Mooney, All rights reserved.

This document may be freely distributed and modified, so long as the original author is credited.

Donate!

Support a starving software engineer! If you are inclined, you can leave me a tip with PayPal. Sign up for it.

 Return to the Main index