The NetBSD Project

CVS log for pkgsrc/www/ap-ssl/Attic/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / www / ap-ssl

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.118, Tue Jun 10 15:22:16 2014 UTC (4 years, 10 months ago) by joerg
Branch: MAIN
CVS Tags: HEAD
Changes since 1.117: +1 -1 lines
FILE REMOVED

Retire Apache 1.3 and 2.0.

Revision 1.117 / (download) - annotate - [select for diffs], Thu May 29 23:37:55 2014 UTC (4 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.116: +2 -2 lines
Diff to previous 1.116 (colored)

Bump for perl-5.20.0.
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.

Revision 1.116 / (download) - annotate - [select for diffs], Wed Feb 12 23:18:43 2014 UTC (5 years, 2 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1
Changes since 1.115: +2 -2 lines
Diff to previous 1.115 (colored)

Recursive PKGREVISION bump for OpenSSL API version bump.

Revision 1.115 / (download) - annotate - [select for diffs], Fri May 31 12:42:30 2013 UTC (5 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2013Q4-base, pkgsrc-2013Q4, pkgsrc-2013Q3-base, pkgsrc-2013Q3, pkgsrc-2013Q2-base, pkgsrc-2013Q2
Changes since 1.114: +2 -2 lines
Diff to previous 1.114 (colored)

Bump all packages for perl-5.18, that
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package

Like last time, where this caused no complaints.

Revision 1.114 / (download) - annotate - [select for diffs], Sat Apr 6 13:24:21 2013 UTC (6 years ago) by rodent
Branch: MAIN
Changes since 1.113: +3 -3 lines
Diff to previous 1.113 (colored)

".for variable names should not contain uppercase letters"

Revision 1.113 / (download) - annotate - [select for diffs], Wed Feb 6 23:23:57 2013 UTC (6 years, 2 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base, pkgsrc-2013Q1
Changes since 1.112: +2 -2 lines
Diff to previous 1.112 (colored)

PKGREVISION bumps for the security/openssl 1.0.1d update.

Revision 1.112 / (download) - annotate - [select for diffs], Sun Oct 28 06:30:05 2012 UTC (6 years, 5 months ago) by asau
Branch: MAIN
CVS Tags: pkgsrc-2012Q4-base, pkgsrc-2012Q4
Changes since 1.111: +1 -3 lines
Diff to previous 1.111 (colored)

Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.

Revision 1.111 / (download) - annotate - [select for diffs], Wed Oct 3 21:58:26 2012 UTC (6 years, 6 months ago) by wiz
Branch: MAIN
Changes since 1.110: +2 -2 lines
Diff to previous 1.110 (colored)

Bump all packages that use perl, or depend on a p5-* package, or
are called p5-*.

I hope that's all of them.

Revision 1.110 / (download) - annotate - [select for diffs], Tue Feb 16 16:18:14 2010 UTC (9 years, 2 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2012Q3-base, pkgsrc-2012Q3, pkgsrc-2012Q2-base, pkgsrc-2012Q2, pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2, pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4, pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2, pkgsrc-2010Q1-base, pkgsrc-2010Q1
Changes since 1.109: +26 -26 lines
Diff to previous 1.109 (colored)

DESTDIR support

Revision 1.107.20.1 / (download) - annotate - [select for diffs], Wed Feb 10 20:37:32 2010 UTC (9 years, 2 months ago) by spz
Branch: pkgsrc-2009Q4
Changes since 1.107: +2 -2 lines
Diff to previous 1.107 (colored) next main 1.108 (colored)

Pullup ticket 2996 - requested by dholland
security update

Revisions pulled up:
- pkgsrc/www/apache/Makefile		1.199
- pkgsrc/www/apache/distinfo		1.60
- pkgsrc/www/ap-ssl/Makefile		1.109
- pkgsrc/www/ap-ssl/distinfo		1.35

Files added:
pkgsrc/www/ap-ssl/patches/patch-ac

   -------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   dholland
   Date:           Tue Feb  9 07:22:06 UTC 2010

   Modified Files:
           pkgsrc/www/apache: Makefile distinfo

   Log Message:
   Update to 1.3.42, fixing CVE-2010-0010. Note: this package is now EOL
   upstream. The next security bug probably won't get patched, so if you're
   still using this, it's time to migrate to 2.x.


   To generate a diff of this commit:
   cvs rdiff -u -r1.198 -r1.199 pkgsrc/www/apache/Makefile
   cvs rdiff -u -r1.59 -r1.60 pkgsrc/www/apache/distinfo

   -------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   dholland
   Date:           Wed Feb 10 03:55:18 UTC 2010

   Modified Files:
           pkgsrc/www/ap-ssl: Makefile distinfo
   Added Files:
           pkgsrc/www/ap-ssl/patches: patch-ac

   Log Message:
   Hack this to build against Apache 1.3.42. As 1.3.42 doesn't change
   anything significant in the internals, all this requires is patching
   the accepted version and bumping BUILDLINK_API_DEPENDS. PKGREVISION++.


   To generate a diff of this commit:
   cvs rdiff -u -r1.108 -r1.109 pkgsrc/www/ap-ssl/Makefile
   cvs rdiff -u -r1.34 -r1.35 pkgsrc/www/ap-ssl/distinfo
   cvs rdiff -u -r0 -r1.3 pkgsrc/www/ap-ssl/patches/patch-ac

Revision 1.109 / (download) - annotate - [select for diffs], Wed Feb 10 03:55:18 2010 UTC (9 years, 2 months ago) by dholland
Branch: MAIN
Changes since 1.108: +3 -3 lines
Diff to previous 1.108 (colored)

Hack this to build against Apache 1.3.42. As 1.3.42 doesn't change
anything significant in the internals, all this requires is patching
the accepted version and bumping BUILDLINK_API_DEPENDS. PKGREVISION++.

Revision 1.108 / (download) - annotate - [select for diffs], Sun Jan 17 12:02:47 2010 UTC (9 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.107: +2 -1 lines
Diff to previous 1.107 (colored)

Recursive PKGREVISION bump for jpeg update to 8.

Revision 1.107 / (download) - annotate - [select for diffs], Sun Feb 24 05:29:21 2008 UTC (11 years, 2 months ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base, pkgsrc-2009Q3-base, pkgsrc-2009Q3, pkgsrc-2009Q2-base, pkgsrc-2009Q2, pkgsrc-2009Q1-base, pkgsrc-2009Q1, pkgsrc-2008Q4-base, pkgsrc-2008Q4, pkgsrc-2008Q3-base, pkgsrc-2008Q3, pkgsrc-2008Q2-base, pkgsrc-2008Q2, pkgsrc-2008Q1-base, pkgsrc-2008Q1, cwrapper, cube-native-xorg-base, cube-native-xorg
Branch point for: pkgsrc-2009Q4
Changes since 1.106: +4 -5 lines
Diff to previous 1.106 (colored)

Update ap-ssl to 2.8.31.

2.8.31: For Apache 1.3.41
2.8.30: Bug Fix
2.8.29: For Apache 1.3.39

Revision 1.106 / (download) - annotate - [select for diffs], Fri Jan 18 05:09:47 2008 UTC (11 years, 3 months ago) by tnn
Branch: MAIN
Changes since 1.105: +2 -1 lines
Diff to previous 1.105 (colored)

Per the process outlined in revbump(1), perform a recursive revbump
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@

Revision 1.105 / (download) - annotate - [select for diffs], Sun Dec 2 12:31:16 2007 UTC (11 years, 4 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2007Q4-base, pkgsrc-2007Q4
Changes since 1.104: +2 -3 lines
Diff to previous 1.104 (colored)

Remove Ex-MASTER_SITE. From Zafer Aydogan.

Revision 1.104 / (download) - annotate - [select for diffs], Sun Jun 10 08:34:25 2007 UTC (11 years, 10 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2007Q3-base, pkgsrc-2007Q3, pkgsrc-2007Q2-base, pkgsrc-2007Q2
Changes since 1.103: +4 -3 lines
Diff to previous 1.103 (colored)

Resort Apache dependency to get the more specific pattern first.

Revision 1.101.2.2 / (download) - annotate - [select for diffs], Sun Jul 30 19:29:43 2006 UTC (12 years, 8 months ago) by salo
Branch: pkgsrc-2006Q2
Changes since 1.101.2.1: +4 -4 lines
Diff to previous 1.101.2.1 (colored) to branchpoint 1.101 (colored) next main 1.102 (colored)

Pullup ticket 1763 - requested by wiz
security update for apache

Revisions pulled up:
- pkgsrc/www/apache/Makefile			1.188
- pkgsrc/www/apache/distinfo			1.53
- pkgsrc/www/ap-ssl/Makefile			1.103
- pkgsrc/www/ap-ssl/distinfo			1.33

   Module Name:		pkgsrc
   Committed By:	jdolecek
   Date:		Sun Jul 30 11:17:51 UTC 2006

   Modified Files:
   	pkgsrc/www/apache: Makefile distinfo

   Log Message:
   Update to 1.3.37:

   Changes with Apache 1.3.37

     *) SECURITY: CVE-2006-3747 (cve.mitre.org)
        mod_rewrite: Fix an off-by-one security problem in the ldap scheme
        handling.  For some RewriteRules this could lead to a pointer being
        written out of bounds.  Reported by Mark Dowd of McAfee.
        [Mark Cox]
---
   Module Name:		pkgsrc
   Committed By:	jdolecek
   Date:		Sun Jul 30 11:19:38 UTC 2006

   Modified Files:
   	pkgsrc/www/ap-ssl: Makefile distinfo

   Log Message:
   Update to 2.8.28, for apache-1.3.37

   No changes besides the apache version update.

Revision 1.101.2.1 / (download) - annotate - [select for diffs], Sun Jul 30 19:22:33 2006 UTC (12 years, 8 months ago) by salo
Branch: pkgsrc-2006Q2
Changes since 1.101: +4 -4 lines
Diff to previous 1.101 (colored)

Pullup ticket 1762 - requested by wiz
sync ap-ssl with apache update

Revisions pulled up:
- pkgsrc/www/ap-ssl/Makefile			1.102
- pkgsrc/www/ap-ssl/distinfo			1.32

   Module Name:		pkgsrc
   Committed By:	wiz
   Date:		Sun Jul 23 17:25:56 UTC 2006

   Modified Files:
   	pkgsrc/www/ap-ssl: Makefile distinfo

   Log Message:
   Update to 2.8.27, for apache-1.3.36.
   Fixes PR 34060.

   Changes unknown.

Revision 1.103 / (download) - annotate - [select for diffs], Sun Jul 30 11:19:38 2006 UTC (12 years, 8 months ago) by jdolecek
Branch: MAIN
CVS Tags: pkgsrc-2007Q1-base, pkgsrc-2007Q1, pkgsrc-2006Q4-base, pkgsrc-2006Q4, pkgsrc-2006Q3-base, pkgsrc-2006Q3
Changes since 1.102: +4 -4 lines
Diff to previous 1.102 (colored)

Update to 2.8.28, for apache-1.3.37

No changes besides the apache version update.

Revision 1.102 / (download) - annotate - [select for diffs], Sun Jul 23 17:25:56 2006 UTC (12 years, 9 months ago) by wiz
Branch: MAIN
Changes since 1.101: +4 -4 lines
Diff to previous 1.101 (colored)

Update to 2.8.27, for apache-1.3.36.
Fixes PR 34060.

Changes unknown.

Revision 1.101 / (download) - annotate - [select for diffs], Fri Jun 2 18:27:59 2006 UTC (12 years, 10 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2006Q2-base
Branch point for: pkgsrc-2006Q2
Changes since 1.100: +3 -3 lines
Diff to previous 1.100 (colored)

Rename all PHP 4 packages to php4-*, all PHP 5 packages to php5-*,
all PEAR packages to php?-pear-* and all Apache packages to ap13-* or
ap2-* respectively. Add new variables to simplify the Makefile
handling. Add CONFLICTS on the old names. Reset revisions of bumped
packages. ap-php will now depend on the default Apache and PHP version.
All programs using it have an implicit option of the Apache version
as well.

OK from jlam@ and adrianp@.

Revision 1.100 / (download) - annotate - [select for diffs], Thu Apr 6 06:22:53 2006 UTC (13 years ago) by reed
Branch: MAIN
Changes since 1.99: +2 -2 lines
Diff to previous 1.99 (colored)

Over 1200 files touched but no revisions bumped :)

RECOMMENDED is removed. It becomes ABI_DEPENDS.

BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.

BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.

BUILDLINK_DEPENDS does not change.

IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".

Added to obsolete.mk checking for IGNORE_RECOMMENDED.

I did not manually go through and fix any aesthetic tab/spacing issues.

I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.

I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.

As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.

As discussed on tech-pkg.

I will commit to revbump, pkglint, pkg_install, createbuildlink separately.

Note that if you use wip, it will fail!  I will commit to pkgsrc-wip
later (within day).

Revision 1.99 / (download) - annotate - [select for diffs], Sat Mar 4 21:30:56 2006 UTC (13 years, 1 month ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2006Q1-base, pkgsrc-2006Q1
Changes since 1.98: +2 -2 lines
Diff to previous 1.98 (colored)

Point MAINTAINER to pkgsrc-users@NetBSD.org in the case where no
developer is officially maintaining the package.

The rationale for changing this from "tech-pkg" to "pkgsrc-users" is
that it implies that any user can try to maintain the package (by
submitting patches to the mailing list).  Since the folks most likely
to care about the package are the folks that want to use it or are
already using it, this would leverage the energy of users who aren't
developers.

Revision 1.98 / (download) - annotate - [select for diffs], Sun Feb 5 23:11:18 2006 UTC (13 years, 2 months ago) by joerg
Branch: MAIN
Changes since 1.97: +2 -2 lines
Diff to previous 1.97 (colored)

Recursive revision bump / recommended bump for gettext ABI change.

Revision 1.97 / (download) - annotate - [select for diffs], Tue Jan 24 07:32:42 2006 UTC (13 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.96: +2 -1 lines
Diff to previous 1.96 (colored)

Bump BUILDLINK_RECOMMENDED of textproc/expat to 2.0.0 because
of the shlib major bump.
PKGREVISION++ for the dependencies.

Revision 1.96 / (download) - annotate - [select for diffs], Thu Jan 5 21:21:54 2006 UTC (13 years, 3 months ago) by joerg
Branch: MAIN
Changes since 1.95: +13 -16 lines
Diff to previous 1.95 (colored)

Use SUBST framework, patch files directly.

Revision 1.95 / (download) - annotate - [select for diffs], Thu Dec 29 06:22:21 2005 UTC (13 years, 3 months ago) by jlam
Branch: MAIN
Changes since 1.94: +1 -2 lines
Diff to previous 1.94 (colored)

Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.

Revision 1.94 / (download) - annotate - [select for diffs], Mon Dec 5 23:55:22 2005 UTC (13 years, 4 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2005Q4-base, pkgsrc-2005Q4
Changes since 1.93: +2 -2 lines
Diff to previous 1.93 (colored)

Ran "pkglint --autofix", which corrected some of the quoting issues in
CONFIGURE_ARGS.

Revision 1.93 / (download) - annotate - [select for diffs], Mon Dec 5 20:51:10 2005 UTC (13 years, 4 months ago) by rillig
Branch: MAIN
Changes since 1.92: +3 -3 lines
Diff to previous 1.92 (colored)

Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in

    http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html

Revision 1.91.2.1 / (download) - annotate - [select for diffs], Wed Oct 19 22:04:48 2005 UTC (13 years, 6 months ago) by salo
Branch: pkgsrc-2005Q3
Changes since 1.91: +3 -3 lines
Diff to previous 1.91 (colored) next main 1.92 (colored)

Pullup ticket 842 - requested by Manuel Bouyer
security update for apache

Revisions pulled up:
- pkgsrc/www/apache/Makefile		1.173
- pkgsrc/www/apache/distinfo		1.47
- pkgsrc/www/apache/PLIST		1.14
- pkgsrc/www/ap-ssl/Makefile		1.92
- pkgsrc/www/ap-ssl/distinfo		1.30

   Module Name:		pkgsrc
   Committed By:	bouyer
   Date:		Wed Oct 19 20:30:21 UTC 2005

   Modified Files:
   	pkgsrc/www/apache: Makefile distinfo

   Log Message:
   Update to 1.3.34. This is a security fix release, fix pkg/31868 by
   Zafer Aydogan. Changes from 1.3.33:
     *) hsregex: fix potential core dumping on 64 bit machines, such as
        AMD64. bug 31858. [Glenn Strauss < gs-apache-dev gluelogic.com>]

     *) SECURITY: core: If a request contains both Transfer-Encoding and
        Content-Length headers, remove the Content-Length, mitigating some
        HTTP Request Splitting/Spoofing attacks.  This has no impact on
        mod_proxy_http, yet affects any module which supports chunked
        encoding yet fails to prefer T-E: chunked over the Content-Length
        purported value.  [Paul Querna, Joe Orton]

     *) Added TraceEnable [on|off|extended] per-server directive to alter
        the behavior of the TRACE method.  This addresses a flaw in proxy
        conformance to RFC 2616 - previously the proxy server would accept
        a TRACE request body although the RFC prohibited it.  The default
        remains 'TraceEnable on'.
        [William Rowe]

     *) mod_digest: Fix another nonce string calculation issue.
        [Eric Covener]
---
   Module Name:		pkgsrc
   Committed By:	bouyer
   Date:		Wed Oct 19 20:33:44 UTC 2005

   Modified Files:
   	pkgsrc/www/ap-ssl: Makefile distinfo

   Log Message:
   Update to mod_ssl 2.8.25. The only change is support for apache 1.3.34.
---
   Module Name:		pkgsrc
   Committed By:	bouyer
   Date:		Wed Oct 19 21:42:59 UTC 2005

   Modified Files:
   	pkgsrc/www/apache: PLIST

   Log Message:
   Add missing entry for a new file. Pointed out by Lubomir Sedlacik.
   Close enouth to the package update to not bump pkgrevision.

Revision 1.92 / (download) - annotate - [select for diffs], Wed Oct 19 20:33:44 2005 UTC (13 years, 6 months ago) by bouyer
Branch: MAIN
Changes since 1.91: +3 -3 lines
Diff to previous 1.91 (colored)

Update to mod_ssl 2.8.25. The only change is support for apache 1.3.34.

Revision 1.91 / (download) - annotate - [select for diffs], Fri Sep 16 13:53:56 2005 UTC (13 years, 7 months ago) by salo
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base
Branch point for: pkgsrc-2005Q3
Changes since 1.90: +3 -3 lines
Diff to previous 1.90 (colored)

Update ap-ssl to version 2.8.24.

- Fix a security issue (CAN-2005-2700) where "SSLVerifyClient require"
  was not enforced in per-location context if "SSLVerifyClient optional"
  was configured in the global virtual host configuration.

Sync apache with the latest ap-ssl.

Revision 1.90 / (download) - annotate - [select for diffs], Fri Aug 19 18:12:39 2005 UTC (13 years, 8 months ago) by jlam
Branch: MAIN
Changes since 1.89: +5 -5 lines
Diff to previous 1.89 (colored)

Merge CONF_FILES/SUPPORT_FILES and CONF_FILES_PERMS/SUPPORT_FILES_PERMS
as the INSTALL and DEINSTALL scripts no longer distinguish between
the two types of files.  Drop SUPPORT_FILES{,_PERMS} and modify the
packages in pkgsrc accordingly.

Revision 1.89 / (download) - annotate - [select for diffs], Thu Jul 14 04:04:58 2005 UTC (13 years, 9 months ago) by wiz
Branch: MAIN
Changes since 1.88: +3 -3 lines
Diff to previous 1.88 (colored)

Update to 2.8.23:

  Changes with mod_ssl 2.8.23 (30-Oct-2004 to 06-Jul-2005)

   *) Ported to OpenSSL 0.9.8

   *) Fixed connection timeout handling by calling the EAPI connection
      close hook after (and not before) the B_OUT flag was set on the
      underlying I/O buffer in order to prevent attempted buffer flushes
      from blocking the connection.

   *) Updated the ca-bundle.crt file from Mozilla's "certdata.txt"
      (CVS revision 1.37).

   *) Fix timeout handling in POST request processing by resetting
      timeouts.

   *) Fixed double-definition of OPENSSL_free under OpenSSL 0.9.6 by
      fixing the version test in ssl_util_ssl.h

   *) Adjusted all copyright messages to contain the new year 2005 ;)

Revision 1.88 / (download) - annotate - [select for diffs], Mon Apr 11 21:47:51 2005 UTC (14 years ago) by tv
Branch: MAIN
CVS Tags: pkgsrc-2005Q2-base, pkgsrc-2005Q2
Changes since 1.87: +1 -2 lines
Diff to previous 1.87 (colored)

Remove USE_BUILDLINK3 and NO_BUILDLINK; these are no longer used.

Revision 1.87 / (download) - annotate - [select for diffs], Fri Feb 18 14:07:50 2005 UTC (14 years, 2 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2005Q1-base, pkgsrc-2005Q1
Changes since 1.86: +4 -5 lines
Diff to previous 1.86 (colored)

Update to 2.8.22:
  Changes with mod_ssl 2.8.22 (22-Oct-2004 to 30-Oct-2004)

   *) Upgraded to Apache 1.3.33

Revision 1.86 / (download) - annotate - [select for diffs], Fri Oct 29 14:12:23 2004 UTC (14 years, 5 months ago) by abs
Branch: MAIN
CVS Tags: pkgsrc-2004Q4-base, pkgsrc-2004Q4
Changes since 1.85: +2 -1 lines
Diff to previous 1.85 (colored)

Update to ap-ssl-2.8.21nb1
Patch to work against apache 1.3.32

Revision 1.85 / (download) - annotate - [select for diffs], Mon Oct 25 08:51:23 2004 UTC (14 years, 6 months ago) by tron
Branch: MAIN
Changes since 1.84: +4 -4 lines
Diff to previous 1.84 (colored)

Update "ap-ssl" package to version 2.8.21. Changes since version 2.8.20:
- Upgraded to Apache 1.3.32

Revision 1.82.2.1 / (download) - annotate - [select for diffs], Sun Oct 24 11:52:09 2004 UTC (14 years, 6 months ago) by agc
Branch: pkgsrc-2004Q3
Changes since 1.82: +3 -3 lines
Diff to previous 1.82 (colored) next main 1.83 (colored)

Security Pullup - requested by Matthias Scheler
security fix for ap-ssl

	Modified Files:
		pkgsrc/www/ap-ssl: Makefile distinfo

	Log Message:
	Update "ap-ssl" package to version 2.8.20. Changes since version 2.8.19:
	- With OpenSSL 0.9.7, prevent session resumption during a
	  renegotiation to force the client to negotiate a new (and
	  acceptable to mod_ssl) cipher suite. Additionally, ensure
	  that a correct cipher suite has been negotiated afterwards
	  (CAN-2004-0885).
	- Fixed more printf(3) style format string bugs (not security
	  related) which could crash the server if mod_ssl's trace
	  or debug log level is enabled.


	To generate a diff of this commit:
	cvs rdiff -r1.83 -r1.84 pkgsrc/www/ap-ssl/Makefile
	cvs rdiff -r1.22 -r1.23 pkgsrc/www/ap-ssl/distinfo

Revision 1.84 / (download) - annotate - [select for diffs], Mon Oct 18 09:27:18 2004 UTC (14 years, 6 months ago) by tron
Branch: MAIN
Changes since 1.83: +3 -4 lines
Diff to previous 1.83 (colored)

Update "ap-ssl" package to version 2.8.20. Changes since version 2.8.19:
- With OpenSSL 0.9.7, prevent session resumption during a
  renegotiation to force the client to negotiate a new (and
  acceptable to mod_ssl) cipher suite. Additionally, ensure
  that a correct cipher suite has been negotiated afterwards
  (CAN-2004-0885).
- Fixed more printf(3) style format string bugs (not security
  related) which could crash the server if mod_ssl's trace
  or debug log level is enabled.

Revision 1.83 / (download) - annotate - [select for diffs], Sun Oct 3 00:18:24 2004 UTC (14 years, 6 months ago) by tv
Branch: MAIN
Changes since 1.82: +2 -1 lines
Diff to previous 1.82 (colored)

Libtool fix for PR pkg/26633, and other issues.  Update libtool to 1.5.10
in the process.  (More information on tech-pkg.)

Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.

Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.

Revision 1.82 / (download) - annotate - [select for diffs], Fri Aug 27 06:29:11 2004 UTC (14 years, 8 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2004Q3-base
Branch point for: pkgsrc-2004Q3
Changes since 1.81: +2 -2 lines
Diff to previous 1.81 (colored)

Replace RPATH_FLAG with LINKER_RPATH_FLAG and COMPILER_RPATH_FLAG,
which are the full option names used to set rpath directives for the
linker and the compiler, respectively.  In places were we are invoking
the linker, use "${LINKER_RPATH_FLAG} <path>", where the space is
inserted in case the flag is a word, e.g. -rpath.  The default values
of *_RPATH_FLAG are set by the compiler/*.mk files, depending on the
compiler that you use.  They may be overridden on a ${OPSYS}-specific
basis by setting _OPSYS_LINKER_RPATH_FLAG and _OPSYS_COMPILER_RPATH_FLAG,
respectively.  Garbage-collect _OPSYS_RPATH_NAME and _COMPILER_LD_FLAG.

Revision 1.80.2.1 / (download) - annotate - [select for diffs], Tue Jul 20 21:56:58 2004 UTC (14 years, 9 months ago) by agc
Branch: pkgsrc-2004Q2
Changes since 1.80: +3 -3 lines
Diff to previous 1.80 (colored) next main 1.81 (colored)

Pull up ticket 62 to the pkgsrc-2004Q2 branch, requested by Grant Beattie.

Security fix for ap-ssl and apache:

	Module Name:    pkgsrc
	Committed By:   tron
	Date:           Sat Jul 17 12:44:28 UTC 2004

	Modified Files:
		pkgsrc/www/apache: Makefile distinfo

	Log Message:
	Use "mod_ssl-2.8.19" sources for SSL hooks, bump package revision.

and

	Module Name:    pkgsrc
	Committed By:   tron
	Date:           Sat Jul 17 12:43:37 UTC 2004

	Modified Files:
		pkgsrc/www/ap-ssl: Makefile distinfo

	Log Message:
	Update "ap-ssl" package to version 2.8.19:
	- Fix ssl_log() related format string vulnerability in mod_proxy
	  hook functions.

Revision 1.81 / (download) - annotate - [select for diffs], Sat Jul 17 12:43:37 2004 UTC (14 years, 9 months ago) by tron
Branch: MAIN
Changes since 1.80: +3 -3 lines
Diff to previous 1.80 (colored)

Update "ap-ssl" package to version 2.8.19:
- Fix ssl_log() related format string vulnerability in mod_proxy
  hook functions.

Revision 1.76.2.2 / (download) - annotate - [select for diffs], Mon May 31 10:35:22 2004 UTC (14 years, 10 months ago) by grant
Branch: pkgsrc-2004Q1
Changes since 1.76.2.1: +4 -4 lines
Diff to previous 1.76.2.1 (colored) to branchpoint 1.76 (colored) next main 1.77 (colored)

Pull up revision 1.80 (requested by taca in ticket #33):

updated mod_ssl to 2.8.18.

   *) Fix buffer overflow in "SSLOptions +FakeBasicAuth" implementation
      if the Subject-DN in the client certificate exceeds 6KB in length.
      (CVE CAN-2004-0488).

Revision 1.80 / (download) - annotate - [select for diffs], Sun May 30 10:29:00 2004 UTC (14 years, 10 months ago) by grant
Branch: MAIN
CVS Tags: pkgsrc-2004Q2-base
Branch point for: pkgsrc-2004Q2
Changes since 1.79: +4 -4 lines
Diff to previous 1.79 (colored)

updated mod_ssl to 2.8.18.

- fix installation of example README.CSR.


  Changes with mod_ssl 2.8.18 (11-May-2004 to 27-May-2004)

   *) Fix buffer overflow in "SSLOptions +FakeBasicAuth" implementation
      if the Subject-DN in the client certificate exceeds 6KB in length.
      (CVE CAN-2004-0488).

   *) Handle the case of OpenSSL retry requests after interrupted system
      calls during the SSL handshake phase.

   *) Remove some unused functions.

Revision 1.76.2.1 / (download) - annotate - [select for diffs], Wed May 26 10:58:47 2004 UTC (14 years, 11 months ago) by grant
Branch: pkgsrc-2004Q1
Changes since 1.76: +4 -5 lines
Diff to previous 1.76 (colored)

Pull up revision 1.79 (requested by taca in ticket #31):

Update ap-ssl package (mod_ssl) to 2.8.17.
Upgraded to Apache 1.3.31.

Revision 1.79 / (download) - annotate - [select for diffs], Thu May 13 11:40:14 2004 UTC (14 years, 11 months ago) by taca
Branch: MAIN
Changes since 1.78: +4 -5 lines
Diff to previous 1.78 (colored)

Update ap-ssl package (mod_ssl) to 2.8.17.

  Changes with mod_ssl 2.8.17 (01-Nov-2003 to 11-May-2004)

   *) Upgraded to Apache 1.3.31

   *) Log the OpenSSL error stack contents if the crypto engine
      load/init fails.

   *) Fixed segfault in lookup of variable SESSION_ID
      in case SSL_get_session() returns NULL.

   *) Bugfix "dbm" session cache: the DBM file was closed
      too early (before accessing the data).

   *) Bugfix "shmcb" session cache for situations where
      the session data is bigger than the cache size.

   *) Adjusted all copyright messages to contain the new year 2004 ;)

Revision 1.78 / (download) - annotate - [select for diffs], Mon Apr 26 20:28:54 2004 UTC (15 years ago) by jlam
Branch: MAIN
Changes since 1.77: +8 -8 lines
Diff to previous 1.77 (colored)

bl3ify

Revision 1.77 / (download) - annotate - [select for diffs], Sat Apr 24 22:46:12 2004 UTC (15 years ago) by jlam
Branch: MAIN
Changes since 1.76: +2 -2 lines
Diff to previous 1.76 (colored)

Relinquish maintainership of packages to tech-pkg@NetBSD.org.

Revision 1.76 / (download) - annotate - [select for diffs], Fri Mar 26 02:27:56 2004 UTC (15 years, 1 month ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2004Q1-base
Branch point for: pkgsrc-2004Q1
Changes since 1.75: +2 -2 lines
Diff to previous 1.75 (colored)

PKGREVISION bump after openssl-security-fix-update to 0.9.6m.
Buildlink files: RECOMMENDED version changed to current version.

Revision 1.75 / (download) - annotate - [select for diffs], Wed Nov 12 03:39:43 2003 UTC (15 years, 5 months ago) by jschauma
Branch: MAIN
CVS Tags: pkgsrc-2003Q4-base, pkgsrc-2003Q4
Changes since 1.74: +2 -1 lines
Diff to previous 1.74 (colored)

PKGREVISION++ after openssl update.

Revision 1.74 / (download) - annotate - [select for diffs], Sun Nov 2 05:38:56 2003 UTC (15 years, 5 months ago) by grant
Branch: MAIN
Changes since 1.73: +4 -4 lines
Diff to previous 1.73 (colored)

Updated ap-ssl to 2.8.16.

Major changes since 2.8.15:

   *) Upgraded to Apache 1.3.29

   *) Avoid memory corruption in certificate handling caused by a heap
      memory double-freeing situation.

   *) Allow "HTTPS" variable to be passed through by suEXEC.

   *) Clear the OpenSSL error code in pass phrase reading code to
      workaround the following situation: multiple keys, all with
      different passphrases -- entering the correct pass phrase at each
      prompt leads to an OpenSSL error message after the last prompt.

   *) Reverted the recent change where ap_cleanup_for_exec() called
      ap_kill_alloc_shared(). This caused nasty side-effects in other
      processes and is not necessary at all (because shared memory
      segments are not inherited across exec).

   *) mod_ssl was checking the OpenSSL error reason code against
      SSL_R_HTTP_REQUEST and concluded the result is an SSL error. Since
      OpenSSL reason codes are not unique, this isn't always the case.
      It now additionally checks that the library is the SSL library.

Revision 1.73 / (download) - annotate - [select for diffs], Fri Sep 12 20:07:29 2003 UTC (15 years, 7 months ago) by grant
Branch: MAIN
Changes since 1.72: +1 -2 lines
Diff to previous 1.72 (colored)

kill all references to gcc.buildlink2.mk and compiler.mk, and define
USE_GCC2 or USE_GCC3 where appropriate.

the functionality of the old gcc.buildlink2.mk has been rolled into
compiler.mk now, which is automatically used.

more changes to come later...

Revision 1.66.2.1 / (download) - annotate - [select for diffs], Tue Aug 5 11:56:23 2003 UTC (15 years, 8 months ago) by grant
Branch: netbsd-1-6-1
Changes since 1.66: +5 -6 lines
Diff to previous 1.66 (colored) next main 1.67 (colored)

Pull up revisions 1.68, 1.71-1.72 (requested by tron in ticket #1381):

Update to 2.8.14.

s/netbsd.org/NetBSD.org/

Update "ap-ssl" package to version 2.8.15.

Revision 1.72 / (download) - annotate - [select for diffs], Sat Jul 19 12:34:18 2003 UTC (15 years, 9 months ago) by tron
Branch: MAIN
Changes since 1.71: +4 -4 lines
Diff to previous 1.71 (colored)

Update "ap-ssl" package to version 2.8.15. Changes since version 2.8.14:
- Upgraded to Apache 1.3.28
- Take over security fix from Apache 2.0 related to per-directory
  renogotiations.

Revision 1.71 / (download) - annotate - [select for diffs], Thu Jul 17 22:55:27 2003 UTC (15 years, 9 months ago) by grant
Branch: MAIN
Changes since 1.70: +2 -2 lines
Diff to previous 1.70 (colored)

s/netbsd.org/NetBSD.org/

Revision 1.70 / (download) - annotate - [select for diffs], Tue May 27 08:49:18 2003 UTC (15 years, 11 months ago) by grant
Branch: MAIN
Changes since 1.69: +2 -2 lines
Diff to previous 1.69 (colored)

use mk/gcc.buildlink2.mk

Revision 1.69 / (download) - annotate - [select for diffs], Tue Apr 15 02:21:22 2003 UTC (16 years ago) by grant
Branch: MAIN
Changes since 1.68: +2 -1 lines
Diff to previous 1.68 (colored)

include lang/gcc/buildlink2.mk, so this can find libgcc from lang/gcc
if we're using it.

Revision 1.68 / (download) - annotate - [select for diffs], Thu Apr 10 08:36:41 2003 UTC (16 years ago) by wiz
Branch: MAIN
Changes since 1.67: +4 -5 lines
Diff to previous 1.67 (colored)

Update to 2.8.14:
  Changes with mod_ssl 2.8.14 (18-Mar-2002 to 21-Mar-2003)

   *) Fixed logic in the destruction of a temporary certificate
      structure and this way avoid a crash due to freeing NULL object.

   *) Removed one newly introduced X509_free() call in the context of
      SSL_get_certificate(), because this function does not increment a
      reference count (although SSL_get_peer_certificate() does).

   *) Fixed hash-table based shared memory session cache (shmht)
      implementation by making sure that the underlying hash table
      library does not crash if memory cannot be allocated.

  Changes with mod_ssl 2.8.13 (23-Oct-2002 to 18-Mar-2003)

   *) Always enforce RSA blinding on RSA private keys in order to be
      resistent to timing attacks.

   *) Added timeout also to the "pre-sucking" of the trailing data in
      POST request handling.

   *) Correctly shutdown shared memory pools on fork+exec situations.

   *) Bugfix SSL client certificate verification: OpenSSL was not
      informed with SSL_set_verify_result(ssl, X509_V_OK) in case
      mod_ssl forced the verification to be ok.

   *) Consistently use OPENSSL_free() instead of plain free() to
      deallocate memory chunks allocated inside OpenSSL.

   *) Fixed various memory leaks related to X509 certificates.

New patch-ac sent to maintainer.

Revision 1.67 / (download) - annotate - [select for diffs], Fri Mar 14 19:37:59 2003 UTC (16 years, 1 month ago) by jlam
Branch: MAIN
Changes since 1.66: +4 -4 lines
Diff to previous 1.66 (colored)

(1) Publicly export the value of _OPSYS_RPATH_NAME as RPATH_FLAG;
    Makefiles simply need to use this value often, for better or for
    worse.

(2) Create a new variable FIX_RPATH that lists variables that should
    be cleansed of -R or -rpath values if ${_USE_RPATH} is "no".  By
    default, FIX_RPATH contains LIBS, X11_LDFLAGS, and LDFLAGS, and
    additional variables may be appended from package Makefiles.

Revision 1.66 / (download) - annotate - [select for diffs], Tue Jan 28 22:04:26 2003 UTC (16 years, 2 months ago) by jlam
Branch: MAIN
CVS Tags: netbsd-1-6-1-base
Branch point for: netbsd-1-6-1
Changes since 1.65: +2 -2 lines
Diff to previous 1.65 (colored)

Instead of including bsd.pkg.install.mk directly in a package Makefile,
have it be automatically included by bsd.pkg.mk if USE_PKGINSTALL is set
to "YES".  This enforces the requirement that bsd.pkg.install.mk be
included at the end of a package Makefile.  Idea suggested by Julio M.
Merino Vidal <jmmv at menta.net>.

Revision 1.65 / (download) - annotate - [select for diffs], Tue Nov 19 23:03:53 2002 UTC (16 years, 5 months ago) by jlam
Branch: MAIN
Changes since 1.64: +3 -4 lines
Diff to previous 1.64 (colored)

Bump PKGREVISION of ap-ssl: no longer install apache_start.conf; Apache/SSL
users should just add:

	apache_start="startssl"

to /etc/rc.conf.

Revision 1.64 / (download) - annotate - [select for diffs], Mon Nov 18 08:15:19 2002 UTC (16 years, 5 months ago) by martti
Branch: MAIN
Changes since 1.63: +2 -2 lines
Diff to previous 1.63 (colored)

Fix BUILDLINK_DEPENDS.apache

Revision 1.63 / (download) - annotate - [select for diffs], Fri Oct 25 09:00:30 2002 UTC (16 years, 6 months ago) by tron
Branch: MAIN
Changes since 1.62: +2 -2 lines
Diff to previous 1.62 (colored)

Update "apache" package to version 1.3.27nb1 which is now based version
2.8.12-1.3.27 of "mod_ssl" module so that one doesn't need two version
of the "mod_ssl" sources to build "apache".

Revision 1.62 / (download) - annotate - [select for diffs], Fri Oct 25 02:29:10 2002 UTC (16 years, 6 months ago) by taca
Branch: MAIN
Changes since 1.61: +3 -3 lines
Diff to previous 1.61 (colored)

Update ap-ssl package to 2.8.12.

  Changes with mod_ssl 2.8.12 (04-Oct-2002 to 23-Oct-2002)

   *) Fixed potential Cross-Site-Scripting bug.

   *) Allow also 8192 bytes of shared memory data size.

Revision 1.58.4.1 / (download) - annotate - [select for diffs], Fri Oct 11 21:09:04 2002 UTC (16 years, 6 months ago) by agc
Branch: netbsd-1-6
Changes since 1.58: +4 -5 lines
Diff to previous 1.58 (colored) next main 1.59 (colored)

Pullup the following versions:

ap-ssl/Makefile 1.61
ap-ssl/distinfo 1.14
apache/Makefile 1.108
apache/PLIST 1.7
apache/distinfo 1.23

to the netbsd-1-6 branch of pkgsrc.

Requested by Manuel Bouyer.

These patches update apache and ap-ssl for securities issues.  Tested
on one 1.6 and 2 1.5.3 servers with a few other modules (ap-php,
ap-roaming) without problems.

Revision 1.61 / (download) - annotate - [select for diffs], Fri Oct 4 19:16:46 2002 UTC (16 years, 6 months ago) by tron
Branch: MAIN
Changes since 1.60: +4 -5 lines
Diff to previous 1.60 (colored)

Update "ap-ssl" package to version 2.8.11. Changes since 2.8.10:
- Upgraded to Apache 1.3.27.
- Fixed internal error handling for CRL verification.
- Initialize OpenSSL ENGINE before initializing OpenSSL
  to workaround problems with the PRNG.
- Also find "openssl" executable in "sbin" directories.
- Honor specified number of maximum bytes on SSLRandomSeed
  if reading from EGD.
- Fixed generation of SSL_CLIENT_CERT_CHAIN_[0-9] variables.

Revision 1.60 / (download) - annotate - [select for diffs], Fri Sep 27 03:43:43 2002 UTC (16 years, 7 months ago) by taca
Branch: MAIN
Changes since 1.59: +2 -2 lines
Diff to previous 1.59 (colored)

Update BUILDLINK_DEPENDS.apache to apache-1.3.26nb5.

Should I bump ap-ssl's PKG_REVISION, too?

Revision 1.59 / (download) - annotate - [select for diffs], Sun Aug 25 21:51:52 2002 UTC (16 years, 8 months ago) by jlam
Branch: MAIN
Changes since 1.58: +13 -6 lines
Diff to previous 1.58 (colored)

Merge packages from the buildlink2 branch back into the main trunk that
have been converted to USE_BUILDLINK2.

Revision 1.47.2.3 / (download) - annotate - [select for diffs], Sun Aug 25 21:22:05 2002 UTC (16 years, 8 months ago) by jlam
Branch: buildlink2
Changes since 1.47.2.2: +5 -4 lines
Diff to previous 1.47.2.2 (colored) to branchpoint 1.47 (colored) next main 1.48 (colored)

Merge changes in the main trunk into the buildlink2 branch for those
packages that have been converted to USE_BUILDLINK2.

Revision 1.58 / (download) - annotate - [select for diffs], Thu Aug 1 01:03:17 2002 UTC (16 years, 8 months ago) by mycroft
Branch: MAIN
CVS Tags: netbsd-1-6-RELEASE-base, buildlink2-base
Branch point for: netbsd-1-6
Changes since 1.57: +2 -1 lines
Diff to previous 1.57 (colored)

Crank PKGREVISION here, too.

Revision 1.57 / (download) - annotate - [select for diffs], Thu Aug 1 01:02:25 2002 UTC (16 years, 8 months ago) by mycroft
Branch: MAIN
Changes since 1.56: +2 -2 lines
Diff to previous 1.56 (colored)

Grrrr, stupid static version number for apache.

Revision 1.56 / (download) - annotate - [select for diffs], Wed Jul 31 00:57:18 2002 UTC (16 years, 8 months ago) by wiz
Branch: MAIN
Changes since 1.55: +2 -2 lines
Diff to previous 1.55 (colored)

Want apache-1.3.26nb3 now.

Revision 1.47.2.2 / (download) - annotate - [select for diffs], Mon Jul 1 17:45:13 2002 UTC (16 years, 9 months ago) by jlam
Branch: buildlink2
Changes since 1.47.2.1: +13 -6 lines
Diff to previous 1.47.2.1 (colored) to branchpoint 1.47 (colored)

Convert from using buildlink1 to using the new buildlink2 framework.

Revision 1.55 / (download) - annotate - [select for diffs], Mon Jun 24 16:36:27 2002 UTC (16 years, 10 months ago) by tron
Branch: MAIN
CVS Tags: pkgviews-base, pkgviews
Changes since 1.54: +2 -2 lines
Diff to previous 1.54 (colored)

Fix version number in dependence on "apache" package.

Revision 1.54 / (download) - annotate - [select for diffs], Mon Jun 24 16:26:49 2002 UTC (16 years, 10 months ago) by taca
Branch: MAIN
Changes since 1.53: +3 -3 lines
Diff to previous 1.53 (colored)

Update ap-ssl to 2.8.10 (mod_ssl 2.8.10).

  Changes with mod_ssl 2.8.10 (19-Jun-2002 to 24-Jun-2002)

   *) Fixed off-by-one buffer overflow bug in the compatibility
      functionality (mapping of old directives to new ones).

   *) Fixed memory leak in processing of CA certificates.

   *) In case there is actually a certificate chain in the session cache,
      we now use the value of SSL_get_peer_certificate(ssl) to verify as
      it will have been removed from the chain before it was put in the
      cache.

   *) Seed the PRNG with a maximum of 1K from the internal scoreboard.

Revision 1.47.2.1 / (download) - annotate - [select for diffs], Sun Jun 23 19:03:24 2002 UTC (16 years, 10 months ago) by jlam
Branch: buildlink2
Changes since 1.47: +7 -5 lines
Diff to previous 1.47 (colored)

Merge from pkgsrc-current to buildlink2 branch.

Revision 1.53 / (download) - annotate - [select for diffs], Wed Jun 19 15:22:37 2002 UTC (16 years, 10 months ago) by tron
Branch: MAIN
Changes since 1.52: +2 -2 lines
Diff to previous 1.52 (colored)

Add missing "source/" to master site entries for "ftp.funet.fi".

Revision 1.52 / (download) - annotate - [select for diffs], Wed Jun 19 13:54:39 2002 UTC (16 years, 10 months ago) by tron
Branch: MAIN
Changes since 1.51: +2 -2 lines
Diff to previous 1.51 (colored)

Fix dependence on "apachage" package.

Revision 1.51 / (download) - annotate - [select for diffs], Wed Jun 19 11:03:58 2002 UTC (16 years, 10 months ago) by jdolecek
Branch: MAIN
Changes since 1.50: +3 -8 lines
Diff to previous 1.50 (colored)

update for now-available mod_ssl-2.8.9-1.3.26

Revision 1.50 / (download) - annotate - [select for diffs], Wed Jun 19 10:20:06 2002 UTC (16 years, 10 months ago) by jdolecek
Branch: MAIN
Changes since 1.49: +6 -1 lines
Diff to previous 1.49 (colored)

add hack to compile with Apache 1.3.26; this should be removed once
newer version of mod_ssl would be available.

Revision 1.49 / (download) - annotate - [select for diffs], Wed Jun 19 07:10:59 2002 UTC (16 years, 10 months ago) by tron
Branch: MAIN
Changes since 1.48: +5 -3 lines
Diff to previous 1.48 (colored)

Add a two mirror sites because the main site isn't that fast.

Revision 1.48 / (download) - annotate - [select for diffs], Tue Jun 18 11:36:35 2002 UTC (16 years, 10 months ago) by tron
Branch: MAIN
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)

Update version number in dependence on "apache".

Revision 1.47 / (download) - annotate - [select for diffs], Tue Apr 2 14:22:23 2002 UTC (17 years ago) by jlam
Branch: MAIN
CVS Tags: netbsd-1-5-PATCH003
Branch point for: buildlink2
Changes since 1.46: +4 -4 lines
Diff to previous 1.46 (colored)

Update www/ap-ssl to 2.8.8.  Changes from version 2.8.7 include:

   *) Upgraded to Apache 1.3.24
   *) Support leading whitespaces in commands of SSLLog "|..." directives.
   *) Fixed timeout handling on connection establishment by correctly
      resetting the timeout on errors.
   *) Fixed two memory leaks related to CA certificate configuration.
   *) Fixed memory leak related to temporary DH key handling.
   *) Fixed memory leak on shutdown if CRLs are used.
   *) Fixed remaining SIGBUS problems on SPARC inside SHMCB session
      cache implementation.

Revision 1.46 / (download) - annotate - [select for diffs], Thu Feb 28 05:45:44 2002 UTC (17 years, 1 month ago) by jlam
Branch: MAIN
Changes since 1.45: +5 -5 lines
Diff to previous 1.45 (colored)

Update www/ap-ssl to 2.8.7 from the mod_ssl-2.8.7-1.3.23 distribution.
Relevant changes from version 2.8.6 include:

   *) Fixed potential buffer overflow in DBM and SHMHT session
      cache if very very large certificate chains are used.

   *) Compliance with POSIX 1003.1-2001 (SUSv3) by replacing obsolete
      "head -1" and "tail -1" constructs with sed variants in scripts.

Revision 1.45 / (download) - annotate - [select for diffs], Fri Feb 1 16:05:15 2002 UTC (17 years, 2 months ago) by jlam
Branch: MAIN
Changes since 1.44: +8 -12 lines
Diff to previous 1.44 (colored)

Update www/ap-ssl to 2.8.6:

   *) Upgraded to Apache 1.3.23

   *) Fixed a subtle indexing bug in SHMCB. Each sub-cache used an
      indexing structure that (correctly) used index values (and ranges)
      as "unsigned int", but the meta-structure in the header had these
      ranged as "unsigned char".

   *) Perform the SHMCB remove operation under mutual exclusion
      to prevent a inter-process synchronization problem.

   *) Made sure that mod_ssl does not segfault in case of
      SCOREBOARD_SIZE < 1024.

   *) Merged in the SDBM patch from Uwe Ohse which fixes a problem with
      sdbms .dir file, which arrises when a second .dir block is needed
      for the first time. read() returns 0 in that case, and the library
      forgot to initialize that new block. A related problem is that the
      calculation of db->maxbno is wrong. It just appends 4096*BYTESIZ
      bits, which is not enough except for small databases (.dir
      basically doubles everytime it's too small).

Revision 1.44 / (download) - annotate - [select for diffs], Tue Jan 1 06:12:38 2002 UTC (17 years, 3 months ago) by jlam
Branch: MAIN
Changes since 1.43: +21 -22 lines
Diff to previous 1.43 (colored)

Move ownership of SSL-related config directories from www/apache to this
package.

Revision 1.43 / (download) - annotate - [select for diffs], Sun Dec 2 06:56:45 2001 UTC (17 years, 4 months ago) by jlam
Branch: MAIN
Changes since 1.42: +1 -3 lines
Diff to previous 1.42 (colored)

bsd.pkg.install.mk calls the INSTALL script at the right times
automatically, so no need to do it ourselves.

Revision 1.42 / (download) - annotate - [select for diffs], Sun Nov 25 18:59:48 2001 UTC (17 years, 5 months ago) by jlam
Branch: MAIN
Changes since 1.41: +11 -13 lines
Diff to previous 1.41 (colored)

PKG_SYSCONFDIR is where the configuration files for a package may be found.
This value may be customized in various ways:

PKG_SYSCONFBASE is the main config directory under which all package
	configuration files are to be found.

PKG_SYSCONFSUBDIR is the subdirectory of PKG_SYSCONFBASE under which the
	configuration files for a particular package may be found.

PKG_SYSCONFDIR.${PKGBASE} overrides the value of ${PKG_SYSCONFDIR} for a
	particular package.

Users will typically want to set PKG_SYSCONFBASE to /etc, or accept the
default location of ${PREFIX}/etc.

This obsoletes the use of CONFDIR, which was active for only 6 days, so no
need to have a workaround to still accept old CONFDIR settings.

Revision 1.41 / (download) - annotate - [select for diffs], Mon Nov 19 16:23:12 2001 UTC (17 years, 5 months ago) by jlam
Branch: MAIN
Changes since 1.40: +35 -32 lines
Diff to previous 1.40 (colored)

Adapt to use shared INSTALL/DEINSTALL scripts by using the logic in
bsd.pkg.install.mk:

	* Remove old DEINSTALL/INSTALL scripts.
	* Move some text printed at POST-INSTALL time into the MESSAGE file.
	* Adjust rc.d scripts to respect rc.conf settings, so that the
	  script may be directly copied into /etc/rc.d.

Revision 1.40 / (download) - annotate - [select for diffs], Wed Oct 17 19:17:11 2001 UTC (17 years, 6 months ago) by jlam
Branch: MAIN
Changes since 1.39: +9 -7 lines
Diff to previous 1.39 (colored)

Update ap-ssl to 2.8.5 from the mod_ssl-2.8.5-1.3.22 distribution.
Changes from version 2.8.4 include:

   *) Upgraded to Apache 1.3.22
   *) Fixed check whether server certificate wildcard CommonName (CN)
      matches the configured server name.
   *) Fixed buffer overflow.

Revision 1.39 / (download) - annotate - [select for diffs], Thu Sep 27 23:18:51 2001 UTC (17 years, 7 months ago) by jlam
Branch: MAIN
Changes since 1.38: +2 -2 lines
Diff to previous 1.38 (colored)

Mechanical changes to 375 files to change dependency patterns of the form
foo-* to foo-[0-9]*.  This is to cause the dependencies to match only the
packages whose base package name is "foo", and not those named "foo-bar".
A concrete example is p5-Net-* matching p5-Net-DNS as well as p5-Net.  Also
change dependency examples in Packages.txt to reflect this.

Revision 1.38 / (download) - annotate - [select for diffs], Fri Jul 13 07:09:24 2001 UTC (17 years, 9 months ago) by jlam
Branch: MAIN
Changes since 1.37: +2 -1 lines
Diff to previous 1.37 (colored)

In package Makefiles, create FILES_SUBST instead of duplicating sed
expression for substituting in DEINSTALL/INSTALL scripts.  Use "${CMP} -s"
instead of "diff -q" since the former is more portable across OSes.

Revision 1.37 / (download) - annotate - [select for diffs], Sat Jun 9 06:50:24 2001 UTC (17 years, 10 months ago) by jlam
Branch: MAIN
Changes since 1.36: +19 -17 lines
Diff to previous 1.36 (colored)

Update ap-ssl to 2.8.4 using mod_ssl-2.8.4-1.3.20.  The only relevant change
from version 2.8.3 is upgrading the mod_ssl sources to patch against Apache
1.3.20.  The pkgsrc changes include unifying repeated SED replacement info
for various files into one location, FILES_SUBST.

Revision 1.36 / (download) - annotate - [select for diffs], Mon May 14 14:02:47 2001 UTC (17 years, 11 months ago) by jlam
Branch: MAIN
Changes since 1.35: +4 -4 lines
Diff to previous 1.35 (colored)

Update ap-ssl to 2.8.3.  Changes from version 2.8.2 include:

   *) Allow loadcacert.cgi script to work inside mod_perl.

   *) Fixed typo in the directive descriptions in mod_ssl.c

   *) Fixed ENGINE support: the engine support is are now already
      loaded at configure time. Else mod_ssl fails to find them.

Revision 1.35 / (download) - annotate - [select for diffs], Mon Apr 30 04:27:34 2001 UTC (17 years, 11 months ago) by jlam
Branch: MAIN
CVS Tags: netbsd-1-5-PATCH001
Changes since 1.34: +3 -1 lines
Diff to previous 1.34 (colored)

Add APACHE_SYSCONFDIR to BUILD_DEFS.

Revision 1.34 / (download) - annotate - [select for diffs], Sun Apr 29 20:40:32 2001 UTC (17 years, 11 months ago) by jlam
Branch: MAIN
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)

Need apache>=1.3.19nb1, the apache package version with the mod_ssl-2.8.2
patches.

Revision 1.33 / (download) - annotate - [select for diffs], Sun Apr 29 20:36:47 2001 UTC (17 years, 11 months ago) by jlam
Branch: MAIN
Changes since 1.32: +47 -17 lines
Diff to previous 1.32 (colored)

Update ap-ssl to 2.8.2.  Relevant changes from version 2.8.1:

   *) Moved the Shared Memory Cyclic Buffer (SHMCB) session cache
      variant from "experimental" state to "production" by removing the
      `#ifdef SSL_EXPERIMENTAL_SHMCB ...#endif' wrappers. This means
      that now `SSLSessionCache shmcb:...' is unconditionally available.

   *) Made the mutex handling more robust by retrying the
      semaphore-based operations in interrupt situations
      (errno == EINTR).

   *) Also log the OpenSSL error message if the RSA temporary
      key(s) cannot be generated.

   *) Fixed mod_ssl Auth handler: it now returns DECLINED instead of
      OK if authentication is passed successfully to allow other modules
      (usually mod_auth) to still deny the request.

   *) Fixed certificate DN handling under EBCDIC platforms.

Revision 1.32 / (download) - annotate - [select for diffs], Tue Mar 27 03:20:22 2001 UTC (18 years, 1 month ago) by hubertf
Branch: MAIN
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)

Change BUILD_DEPENDS semantics:
first component is now a package name+version/pattern, no more
executable/patchname/whatnot.

While there, introduce BUILD_USES_MSGFMT as shorthand to pull in
devel/gettext unless /usr/bin/msgfmt exists (i.e. on post-1.5 -current).

Patch by Alistair Crooks <agc@netbsd.org>

Revision 1.31 / (download) - annotate - [select for diffs], Tue Mar 13 20:54:47 2001 UTC (18 years, 1 month ago) by jlam
Branch: MAIN
Changes since 1.30: +5 -5 lines
Diff to previous 1.30 (colored)

Update ap-ssl to 2.8.1.  No functional changes from ap-ssl-2.8.0 -- just
update work with apache-1.3.19.

Revision 1.30 / (download) - annotate - [select for diffs], Sat Feb 17 17:21:53 2001 UTC (18 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.29: +2 -1 lines
Diff to previous 1.29 (colored)

Update to new COMMENT style: COMMENT var in Makefile instead of pkg/COMMENT.

Revision 1.29 / (download) - annotate - [select for diffs], Wed Feb 7 15:23:29 2001 UTC (18 years, 2 months ago) by tron
Branch: MAIN
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)

Fix incorrect version number in dependence on "apache" package.

Revision 1.28 / (download) - annotate - [select for diffs], Fri Feb 2 16:41:22 2001 UTC (18 years, 2 months ago) by jlam
Branch: MAIN
Changes since 1.27: +32 -35 lines
Diff to previous 1.27 (colored)

Update ap-ssl to 2.8.0.  Relevant changes from version 2.7.1:

   -) Rename mod_ssl.conf to apache_start.conf.
   *) Upgraded to Apache 1.3.17 as base version.
   *) Allow %{ENV:variable} in SSLRequire expressions, too.
   *) Make sure the user is not able to fake the client certificate
      based authentication by just entering an X.509 Subject DN
      ("/XX=YYY/XX=YYY/..") as the username and "password" as the
      password if "SSLVerifyClient optional" is used in combination
      with "SSLOptions +FakeBasicAuth".

Revision 1.27 / (download) - annotate - [select for diffs], Mon Jan 29 11:34:44 2001 UTC (18 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.26: +1 -5 lines
Diff to previous 1.26 (colored)

Add automatic ${VARIABLE} handling for MESSAGE files.
Convert most MESSAGE files to new syntax (${VARIABLE} gets replaced,
not @VARIABLE@, nor @@VARIABLE@@).
By default, substitutions are done for LOCALBASE, PKGNAME, PREFIX,
X11BASE, X11PREFIX; additional patterns can be added via MESSAGE_SUBST.
Clean up some packages while I'm there; add RCS tags to most MESSAGEs.
Remove some uninteresting MESSAGEs.

Revision 1.26 / (download) - annotate - [select for diffs], Sat Jan 13 15:30:49 2001 UTC (18 years, 3 months ago) by tv
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)

Change DEPENDS to 1.3.14nb1.

Revision 1.25 / (download) - annotate - [select for diffs], Tue Oct 17 18:14:16 2000 UTC (18 years, 6 months ago) by jlam
Branch: MAIN
CVS Tags: netbsd-1-5-RELEASE, netbsd-1-4-PATCH003
Changes since 1.24: +4 -4 lines
Diff to previous 1.24 (colored)

Update ap-ssl to 2.7.1 using mod_ssl-2.7.1-1.3.14.  Also update apache to
1.3.14.1, adding a superminor version number to indicate possible EAPI
update.

   *) Fixed the parsing of SSLSessionCache directives. The prefixes were
      incorrectly skipped and leaded to "unable to open semaphore file"
      errors.

Revision 1.24 / (download) - annotate - [select for diffs], Fri Oct 13 21:48:01 2000 UTC (18 years, 6 months ago) by jlam
Branch: MAIN
Changes since 1.23: +4 -19 lines
Diff to previous 1.23 (colored)

Update ap-ssl to 2.7.0.  Major changes from version 2.6.6:

    o  Added experimental support for OpenSSL's crypto device support
    o  Completely removed RSAref support
    o  Added new Cyclic Buffer based Shared Memory Session Cache variant
    o  Restructured the Session Cache implementation(s)
    o  Upgrade to Apache 1.3.14

Revision 1.23 / (download) - annotate - [select for diffs], Thu Oct 5 14:07:37 2000 UTC (18 years, 6 months ago) by fredb
Branch: MAIN
Changes since 1.22: +2 -1 lines
Diff to previous 1.22 (colored)

Make USE_RSAREF2=NO the default. Missed this one on the last sweep.

Revision 1.22 / (download) - annotate - [select for diffs], Tue Sep 12 14:52:43 2000 UTC (18 years, 7 months ago) by jlam
Branch: MAIN
Changes since 1.21: +2 -1 lines
Diff to previous 1.21 (colored)

Provide mechanism for ap-ssl to force start of apache with "startssl".

Revision 1.21 / (download) - annotate - [select for diffs], Tue Sep 12 14:05:16 2000 UTC (18 years, 7 months ago) by jlam
Branch: MAIN
Changes since 1.20: +35 -11 lines
Diff to previous 1.20 (colored)

Update ap-ssl to 2.6.6.  Important fixes for memory leaks and segfaults.
Also make me the maintainer.  Relevant changes from version 2.6.3:

   -) Install ${sbindir}/mkcert.sh to ease generation of SSL certificates.

   *) Fixed server restarts: Under non-DSO run-time situation, the
      OpenSSL library was shutdown (and never re-initialized) and this
      way caused segfaults on server restarts. This affected only
      installations where mod_ssl+OpenSSL were built as a static module
      instead of a DSO. This nasty bug was unfortunately introduced in
      2.6.5 as a side-effect of an (otherwise correct) memory leak bugfix.

   *) Various typo fixes in user manual.

   *) Removed more memory leaks by freeing even more stuff
      from the OpenSSL toolkit on module shutdown.

   *) Added missing TLSv1, EXP40 and EXP56 keywords to
      ssl_reference's documentation of SSLCipherSuite.

   *) Added hints about MSIE workarounds (-SSLv3, !EXP56, etc.)
      to the FAQ entry about MSIE errors.

   *) Added !EXP56 to pre-configured SSLCipherSuite in order to avoid
      MSIE5.x problems in advance.

   *) Allow spaces in ServerRoot and SSLPassPhraseDialog arguments
      which is especially important for the Win32 environment.

   *) Fixed syntax errors in ssl_howto.wml: "Deny all" -> "Deny from all"

   *) Removed a left-over ssl_scache_expire() call in ssl_scache_init()
      which made the life of vendors complicated.

   *) Allow more fine-tuned overriding of ap_server_root_relative calls
      by providing the context of the call.

   *) Added Equifax Secure CA certificates to ca-bundle.crt.

   *) Let the pass phrase dialog force the prompt to occur only once
      (no verification step), because mod_ssl uses the dialog only for
      pass phrases which are required for reading private keys. This as a
      side-effect should fix a problem under Win32 where a second prompt
      occured for unknown reasons.

   *) Added more compatibility to Stronghold v2's SSL_SessionCache.

   *) Added two more EAPI hools under SSL_VENDOR: one for overriding
      ap_server_root_relative calls and one for hooking into the server
      configuration step.

   *) Fixed SSL display for mod_status in `short report' situation.

   *) Fixed memory leak caused by not-freed SSL_CTX in the HTTPS proxy
      support (ssl_engine_ext.c/mod_proxy) under _NOT_ SSL_EXPERIMENTAL.

Revision 1.20 / (download) - annotate - [select for diffs], Tue Sep 5 09:33:17 2000 UTC (18 years, 7 months ago) by jlam
Branch: MAIN
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)

Update build dependency on perl to build in correct directory if perl
interpreter is not found.

Revision 1.19 / (download) - annotate - [select for diffs], Sun Sep 3 13:36:36 2000 UTC (18 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.18: +5 -5 lines
Diff to previous 1.18 (colored)

grep -> ${GREP}

Revision 1.18 / (download) - annotate - [select for diffs], Mon Aug 28 09:14:52 2000 UTC (18 years, 8 months ago) by jlam
Branch: MAIN
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)

Use PERL5 variable for location of perl5 binary.

Revision 1.17 / (download) - annotate - [select for diffs], Fri Jul 21 16:59:28 2000 UTC (18 years, 9 months ago) by tron
Branch: MAIN
Changes since 1.16: +9 -5 lines
Diff to previous 1.16 (colored)

Don't install dummy server key and certificate which would overwrite the
real certifacte and key during. Fixes PR pkg/10644 by Olaf Seibert.

Revision 1.16 / (download) - annotate - [select for diffs], Wed Apr 26 21:18:53 2000 UTC (19 years ago) by tron
Branch: MAIN
Changes since 1.15: +3 -3 lines
Diff to previous 1.15 (colored)

Switch to "USE_SSL".

Revision 1.15 / (download) - annotate - [select for diffs], Mon Apr 24 13:45:52 2000 UTC (19 years ago) by tron
Branch: MAIN
Changes since 1.14: +12 -12 lines
Diff to previous 1.14 (colored)

Clean up dependences lists.

Revision 1.14 / (download) - annotate - [select for diffs], Fri Apr 21 02:17:38 2000 UTC (19 years ago) by explorer
Branch: MAIN
Changes since 1.13: +5 -5 lines
Diff to previous 1.13 (colored)

upgrade to mod_ssl-2.6.3-1.3.12, which will handle openssl-0.9.5a

Revision 1.13 / (download) - annotate - [select for diffs], Thu Feb 17 04:21:58 2000 UTC (19 years, 2 months ago) by jwise
Branch: MAIN
CVS Tags: netbsd-1-4-PATCH002
Changes since 1.12: +5 -5 lines
Diff to previous 1.12 (colored)

Update ap-ssl to mod_ssl-2.5.0.

Main change is support for apache-1.3.11.

In more detail:

  Changes with mod_ssl 2.5.0 (08-Jan-2000 to 22-Jan-2000)

   *) Switched the old "POST for HTTPS" support code from
      defined(SSL_EXPERIMENTAL) to !defined(SSL_CONSERVATIVE), because this
      code is both already stable (even it's not a conservative approach) and
      important. This way POST support is now available per default, but still
      can be disabled/removed by very conservative people with an easy
      --enable-rule=SSL_CONSERVATIVE.

   *) Added SSL_CONSERVATIVE rule to src/Configuration.tmpl which
      complements SSL_EXPERIMENTAL. Both rules are per default set
      to "no", i.e. disabled. But while SSL_EXPERIMENTAL still enables
      experimental code, enables SSL_CONSERVATIVE conservative code.  That is,
      actually per default some non-conservative things might be enabled which
      can be _disabled_ by forcing mod_ssl to use only conservative
      approaches.

   *) Added entry about "no shared ciphers" to FAQ.

   *) Upgraded to the new Apache version: 1.3.11 (BTW, Apache 1.3.10
      was never released). This moves the mod_ssl community to the
      latest Apache state and this way implicitly provides them over 70
      bugfixes and cleanups which 1.3.11 provides over 1.3.9.

  Changes with mod_ssl 2.4.10 (24-Nov-1999 to 08-Jan-2000)

   *) Mentioned MD5-encrypted password in ssl_reference.wml in addition
      to DES-encrypted password.

   *) Added a new FAQ entry about the path internally pre-defined by
      EAPI_MM_CORE_PATH.

   *) Adjust the name-based-vhost complain: Talk say "you should not
      use" instead of "you cannot use", because first there are
      situations where it can be reasonable to use name-based vhosts with
      SSL and second there is no technical restriction on the mod_ssl side,
      of course.

   *) Changed the license on mod_define.c from the BSD/Apache-style
      license to a even less restrictive MIT-style license to allow
      everyone to do with this module what they want.

   *) Fixed a compile-time warning under very strict compilers by using
      a more correct `ssl_verify_t' (enum based) instead of `int' in
      ssl_engine_config.c.

   *) Various minor documentation updates.

   *) Made the EAPI-vs-plain-API complain in mod_so more clear.

   *) Adjusted all copyright messages to contain the new year 2000 ;)

   *) Fixed INSTALL.W32 document for latest OpenSSL versions.

   *) Fixed SSL session id context configuration: the value is now an
      MD5 of `server:port' and this way always a string of just 32 bytes,
      so OpenSSL's SSL_set_session_id_context() doesn't fail.

   *) Removed old CVS informations from etc/patch.tar tarball.

  Changes with mod_ssl 2.4.9 (05-Nov-1999 to 24-Nov-1999)

   *) Fixed SSLRequire expression evaluation for number strings.
      Expressions like `SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128'
      didn't work if SSL_CIPHER_USEKEYSIZE was "40" because the evaluation
      used strcmp(3) and this fails to compare numbers of different length.
      An own comparison function is now used to avoid this problem.

   *) Now on Win32 a warning is logged once on startup that mod_ssl is
      NOT officially supported under Win32 and people have to use it there on
      their own risk (and so shouldn't complain if it doesn't work). Because
      only the Unix platform is officially supported and mod_ssl is checked
      for security issues only related this platform.

   *) For performance reasons it is unreasonable to create the SSL_*
      CGI/SSI variables _all the time_, because their creation is
      a rather expensive operation which slows down the server
      noticeable. Instead it is more reasonable to let them create for
      CGI and SSI requests _only_. For consistency reason with other
      `SSLOptions' variables (which all have positive names) and to
      avoid necessary cleanups changes in the future, I decided to make
      the incompatibility change _NOW_ (sorry).

      In short: With mod_ssl 2.4.9 per default no SSI/CGI variables
      SSL_* are created any longer (only the special "HTTPS" variable is
      always created). Instead one has to use `SSLOptions +StdEnvVars'
      to switch the creation on.

   *) Added an `SSLOptions' variable `StdEnvVars' which now controls
      the creation of the numerious SSL_* CGI/SSI variables.

   *) Renamed old variable SSL_{CLIENT,SERVER}_{S,I}_DN_SP to more
      correct SSL_{CLIENT,SERVER}_{S,I}_DN_ST variable to conform to
      RFC2156 and current OpenSSL state (which also prints this OID as
      "ST" and no longer "SP").

   *) Added support for SSL_{CLIENT,SERVER}_{S,I}_DN_{T,I,G,S,D,UID}
      variables (corresponding to X.509 title, initials, givenName, surname,
      description and uniqueIdentifier OIDs) to allow the checking of more
      X.509 certificate ingredients.

   *) Allow mod_rewrite to also lookup the "HTTPS" variable, for instance
      via ``RewriteCond %{HTTPS} !=on''.

   *) Removed old URL references to rsaref20.tar.Z from INSTALL document.

   *) Now an explicit error message is logged also if an SSL session cannot be
      stored to the DBM file via dbm_store (and not just if dbm_open failed).

   *) Now the pass phrase dialog no longer uses the hard-coded
      filedescriptor 10 as the storage for stderr while the pass phrase dialog
      is displayed. Instead (at least under Unix) it tries to open /dev/null
      and uses this filedescriptor instead. And when this fails (or always
      under Win32) it uses the hard-coded filedescriptor 50 (a lot higher than
      10 to avoid problems with logfile rotation programs and other things
      Apache could have started).

   *) Fixed SSL_make_ciphersuite() function: it calculated the required string
      length incorrectly and could segfault. BUT THIS FUNCTION IS STILL NOT
      USED IN MOD_SSL AT ALL, so don't panic. This function is for debugging
      purposes only.

   *) Fixed a filedescriptor leak which happened if encrypted private keys
      were used. Here the pass phrase dialog forgot to close a temporary
      filedescriptor.

   *) Added three new OpenSSL log entry annotations: First, "*no start
      line*" now triggers "Bad file contents or format - or even just
      a forgotten SSLCertificate KeyFile?" and "*bad password read*"
      triggers "You entered an incorrect pass phrase!?". Additionally
      "*bad mac decode*" now triggers "Browser still remembered details
      of a re-created server certificate?" because people often get "bad
      data" dialog boxes while (re-)testing with Snake Oil certs.

   *) Added hint about possibly blocking /dev/random devices also to
      httpd.conf-default to make sure people don't overlook this subtle
      platform-dependent problem. Additionally a new FAQ entry was
      made about this, too.

   *) Added an entry to the FAQ about GIDs and their intermediate
      certificate which has to be configured with SSLCertificateChainFile.

   *) Fixed some external URLs in the FAQ.

Revision 1.12 / (download) - annotate - [select for diffs], Tue Feb 15 09:26:24 2000 UTC (19 years, 2 months ago) by agc
Branch: MAIN
Changes since 1.11: +3 -3 lines
Diff to previous 1.11 (colored)

When multi-line dependencies occur, use a "DEPENDS+= package" format
for each of the continuation lines, rather than using backslashes to
continue a single, long definition. This makes it much easier to spot
pre-requisite packages and other dependencies.

Revision 1.11 / (download) - annotate - [select for diffs], Tue Dec 7 20:15:16 1999 UTC (19 years, 4 months ago) by bad
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)

Fix path to RSAref library.  Fixes PR pkg/8968 by Paul Dokas.

XXX Maybe we could tell the configure script that OpenSSL and RSAref
are in the "system" location and have the configure script pick it up with
the -I and -L flags.

Revision 1.10 / (download) - annotate - [select for diffs], Wed Dec 1 01:00:17 1999 UTC (19 years, 4 months ago) by bad
Branch: MAIN
Changes since 1.9: +15 -22 lines
Diff to previous 1.9 (colored)

Update to mod_ssl-2.3.8-1.3.9 so that this works again with the updated
Apache server and OpenSSl-0.9.4.

Makefile: Take advantage of the working configure script.

patches/patch-aa: replace this with a gross hack that finds the libssl
	shared library with our current version of the OpenSSL pkg.

Revision 1.9 / (download) - annotate - [select for diffs], Fri Jul 23 18:20:04 1999 UTC (19 years, 9 months ago) by itojun
Branch: MAIN
CVS Tags: comdex-fall-1999
Changes since 1.8: +2 -2 lines
Diff to previous 1.8 (colored)

add CONFLICTS+= apache6-*.

Revision 1.8 / (download) - annotate - [select for diffs], Fri Apr 30 23:51:39 1999 UTC (19 years, 11 months ago) by tv
Branch: MAIN
CVS Tags: netbsd-1-4-RELEASE, netbsd-1-4-PATCH001
Changes since 1.7: +3 -3 lines
Diff to previous 1.7 (colored)

Wow, the mod_ssl distribution site changed right from under me.
Update it to the new location.

Revision 1.7 / (download) - annotate - [select for diffs], Fri Apr 30 17:05:21 1999 UTC (19 years, 11 months ago) by tv
Branch: MAIN
Changes since 1.6: +14 -11 lines
Diff to previous 1.6 (colored)

Update Apache to 1.3.6, mod_ssl to 2.2.8, and mod_perl to 1.19.  mod_ssl
now makes use of OpenSSL.

Revision 1.6 / (download) - annotate - [select for diffs], Wed Apr 14 18:00:48 1999 UTC (20 years ago) by bad
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)

${LOCALBAASE}/bin/perl or bust.

Revision 1.5 / (download) - annotate - [select for diffs], Mon Dec 28 07:56:35 1998 UTC (20 years, 4 months ago) by marc
Branch: MAIN
Changes since 1.4: +3 -1 lines
Diff to previous 1.4 (colored)

.include "../../mk/bsd.prefs.mk" early, so that USE_RSAREF2 can be
defined in /etc/mk.conf

Revision 1.4 / (download) - annotate - [select for diffs], Mon Dec 7 21:29:09 1998 UTC (20 years, 4 months ago) by tv
Branch: MAIN
Changes since 1.3: +3 -3 lines
Diff to previous 1.3 (colored)

Update to 2.1.3.  Minor bug fixes in this release; see the homepage at
http://www.engelschall.com/sw/mod_ssl/ for details.

Revision 1.3 / (download) - annotate - [select for diffs], Fri Dec 4 17:25:59 1998 UTC (20 years, 4 months ago) by tv
Branch: MAIN
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)

Bump Apache version to `1.3.3.2'.

Revision 1.2 / (download) - annotate - [select for diffs], Thu Dec 3 22:27:27 1998 UTC (20 years, 4 months ago) by tv
Branch: MAIN
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)

Bump Apache version to 1.3.3.1.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Thu Dec 3 17:22:01 1998 UTC (20 years, 4 months ago) by tv
Branch: TNF
CVS Tags: pkgsrc-base
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored)

Update Apache and mod_ssl using new build layout (see post to tech-pkg for 
details).  No security fixes in Apache 1.3.3, so immediate upgrade from    
1.3.2 is not necessary.

Revision 1.1 / (download) - annotate - [select for diffs], Thu Dec 3 17:22:01 1998 UTC (20 years, 4 months ago) by tv
Branch: MAIN

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>