A ports freeze means that commits will be few and far between and only by approval.

apache13-modssl 1.3.41+2.8.31 www =281

The Apache 1.3 webserver with SSL/TLS functionality
Maintained by: dinoex@FreeBSD.org
Port Added: unknown
Also Listed In: security

---

---

This is Apache version 1.3 plus mod_ssl which provides strong cryptography
via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS
v1) protocols by the help of the SSL/TLS implementation toolkit OpenSSL which
is based on SSLeay from Eric A. Young and Tim J. Hudson. The mod_ssl package
was created in April 1998 by Ralf S. Engelschall and was originally derived
from software developed by Ben Laurie for use in the Apache-SSL HTTP server
project. 

As a summary, here are its main SSL/TLS-related features:
   o  Open-Source software (BSD-style license)
   o  Useable for both commercial and non-commercial use
   o  Available for both Unix and Win32 (Windows 95/98/NT) platforms 
   o  128-bit strong cryptography world-wide
   o  Support for SSLv2, SSLv3 and TLSv1 protocols
   o  Support for both RSA and Diffie-Hellman ciphers
   o  Clean reviewable ANSI C source code 
   o  Clean Apache module architecture
   o  Integrates seamlessly into Apache through an Extended API (EAPI)
   o  Full Dynamic Shared Object (DSO) support
   o  Advanced pass-phrase handling for private keys
   o  X.509 certificate based authentication for both client and server
   o  X.509 certificate revocation list (CRL) support
   o  Support for per-URL renegotiation of SSL handshake parameters
   o  Support for explicit seeding of the PRNG from external sources
   o  Additional boolean-expression based access control facility
   o  Backward compatibility to other Apache SSL solutions
   o  Inter-process SSL session cache (DBM and Shared Memory based)
   o  Powerful dedicated SSL engine logging facility
   o  Simple and robust application to Apache source trees
   o  Fully integrated into the Apache 1.3 configuration mechanism
   o  Additional integration into the Apache Autoconf-style Interface (APACI)
   o  Assistance in X.509v3 certificate generation (both RSA and DSA)
   o  Experimental support for external Crypto Devices (OpenSSL ENGINE)

mod_snmp is a plug-in for apache-1.3.x to take apache status by SNMP

WWW: http://www.apache.org/
WWW: http://www.modssl.org/
WWW: http://www.openssl.org/
WWW: http://www.mod-snmp.com/

CVSWeb : Sources : Main Web Site : Distfiles Availability : PortsMon

---

Slave ports

www/apache13-modssl+ipv6

---

Required To Build: lang/perl5.8
Required Libraries: devel/mm, textproc/expat2

---

To install the port: cd /usr/ports/www/apache13-modssl/ && make install clean
To add the package: pkg_add -r apache+mod_ssl

---

Configuration Options

     No options to configure

---

Master Sites:

http://www.apache.org/dist/httpd/

http://archive.apache.org/dist/httpd/

ftp://ftp.planetmirror.com/pub/apache/dist/httpd/

ftp://ftp.pop-mg.com.br/data/apache/dist/httpd/

ftp://ftp.gin.cz/pub/mirrors/www.apache.org/dist/httpd/

ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/ftp.apache.org/dist/httpd/

ftp://ftp.apache.de/mirrors/dev.apache.org/dist/httpd/

ftp://mir1.ovh.net/ftp.apache.org/dist/httpd/

ftp://ftp.forthnet.gr/pub/www/apache/httpd/

ftp://xenia.sote.hu/pub/mirrors/www.apache.org/httpd/

ftp://ftp.esat.net/mirrors/ftp.apache.org/httpd/

ftp://ftp.heanet.ie/mirrors/www.apache.org/dist/httpd/

ftp://ftp.rhnet.is/pub/apache/httpd/

http://ring.nict.go.jp/archives/net/apache/httpd/

http://ring.sakura.ad.jp/archives/net/apache/httpd/

http://ring.riken.jp/archives/net/apache/httpd/

ftp://ftp.sogang.ac.kr/www/apache/dist/httpd/

ftp://ftp.task.gda.pl/pub/www/apache/dist/httpd/

ftp://sunsite.icm.edu.pl/pub/www/apache/dist/httpd/

ftp://ftp.kappa.ro/pub/mirrors/ftp.apache.org/httpd/

ftp://apache.rinet.ru/pub/mirror/apache.org/dist/httpd/

ftp://ftp.chg.ru/pub/WWW/apache/dist/httpd/

ftp://ftp.sunet.se/pub/www/servers/apache/dist/httpd/

ftp://ftp.flirble.org/pub/web/apache/dist/httpd/

ftp://mirrors.rmplc.co.uk/pub/apache/httpd/

ftp://apache.secsup.org/pub/apache/dist/httpd/

ftp://ftp.ccs.neu.edu/net/mirrors/Apache/dist/httpd/

ftp://ftp.tux.org/pub/net/apache/dist/httpd/

ftp://ftp.saix.net/pub/apache/dist/httpd/

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/

- drop case senstive checks
PR:             127464

pkg_info -> ${PKG_INFO}

- fix custom apache_flags
PR:             121479
Submitted by:   Laurent Frigault

- update to 1.3.41+2.8.31

- Security patch
Security: CVE-2007-6388
Security: CVE-2007-5000
Security: CVE-2007-3847
Reported by:    Thomas Vogt

- new option WITH_PERL
workaround till global solution in bsd.apache.mk
PR:             118647, 116984

- fix build on CURRENT
PR:             117233
Reported by:    Alexander Logvinov

- update to 2.8.28-1.3.37
- merge Configure patches

- merge security fiexs from apache 1.3.39
Security: CVE-2006-5752
Security: CVE-2007-3304

Remove thttpd from conflicts list, it has a different name for its
passwd program now.

Approved by:    maintainers/erwin

- fix build for custom locales
PR:             96703

- update to 2.8.28-1.3.37

- Security patch mod_rewrite
Security: CVE-2006-3747

- update to 1.3.36+2.8.27

- update mod_snmp homepage

- update to mod_ssl-2.8.26-1.3.35
- update to mod_accel-1.0.34
- remove patch, verfied it is in distribution

Remove the FreeBSD KEYWORD from all rc.d scripts where it appears.
We have not checked for this KEYWORD for a long time now, so this
is a complete noop, and thus no PORTREVISION bump. Removing it at
this point is mostly for pedantic reasons, and partly to avoid
perpetuating this anachronism by copy and paste to future scripts.

- support for options:
  APACHE_DATADIR,APACHE_CGIBIN_ROOT,APACHE_DOCUMENT_ROOT
- new options:
  APACHE_LOCALSTATE_DIR,APACHE_LOGFILE_DIR
Submitted by:   Bernard J. Treves Brown

- support for options:
  DEFAULT_PATH

- preserve symbolic links if modified
Suggested by:   Panagiotis Christias

Chase shlib bump of libexpat.

Replace ugly "@unexec rmdir %D... 2>/dev/null || true" with @dirrmtry

Approved by:    krion@
PR:             ports/88711 (related)

Now that new style rc.d scripts are being run as part of the
base rcorder, hard coded variable values in these scripts
are overriding the values in /etc/rc.conf[.local] (due to
the way that variables from the latter are read at boot time).

Therefore, change the boot scripts to set default values only
if the variable is unset in /etc/rc.conf[.local]. This will
allow the service to start at boot time if it's been enabled
as the user would expect.

This change will be a noop for users who have systems that
have not yet been upgraded to the new rc.d code in the base.

In many cases there are other variables in the scripts that
should get similar treatment, however I did not change
anything other than the _enable lines. I'll leave the rest
up to the maintainers to do as they see fit.

Bump PORTREVISION to make sure that users and packages
pick up this change.

- Securitry Fix
SECURITY: CVE-2005-3352 (cve.mitre.org)

Obtained from:  ports

- add SHA checksum

- Update to 2.8.25-1.3.34

- honor LDFLAGS
- fix EXPAT options
in some cases the external expat was not used.

- unbreak updated dependency (devel/mm)
Submitted by:   Michael Voucko

- update to 1.3.33+2.8.24

- fix build of mod_accel on amd64
PR:             84150
Submitted by:   Bjoern Koenig

- Security Fix CAN-2005-2088

- support new options APACHE_DATADIR, APACHE_DOCUMENT_ROOT
Suggested by: Steve Clement

- update mod_snmp_1.3.14.13, remove BROKEN

- don't create a backup of httpd.conf
- de-ugly-ing filename
Obtained from:  ports/www/apache13-modperl/files/patch-src:support:apxs.pl

- new option WITH_APACHE_LATESTLOG
that patches rotatelogs to always keep a hardlink to the latest log
file, but without the seconds-since-epoch integer. Just as a
convenience - when developing web apps, it makes it easier to just
check the log file.
Submitted by:   Palle Girgensohn

- new option WITH_APACHE_LATESTLOG
that patches rotatelogs to always keep a hardlink to the latest log
file, but without the seconds-since-epoch integer. Just as a
convenience - when developing web apps, it makes it easier to just
check the log file.
Submitted by:   Palle Girgensohn

dbmmanage doesn't recognize the $1$ md5 prefix used by FreeBSD when
checking a password using "dbmmanage passwdfile check". This patch
fixes this.
(no need to bump PORTVERSION)
Submitted by:   Palle Girgensohn

- fix package when WITHOUT_RC_SUBR=YES
and old rc files are installed.
Submitted by:   Dave Ryan

- better wording for a build error.

- update to 2.8.22-1.3.33

- Security Patch
CAN-2004-?0940
Obtained from:  apache-1.3.33

- Security update to 2.8.21-1.3.32
* CAN-2004-0492 (cve.mitre.org)
Reject responses from a remote server if sent an invalid (negative)
Content-Length.

- update mod_snmp to 1.3.14.13
- fix build dependency
:

- Security update to 2.8.20-1.3.31

- Patch for keepalive-bug
PR:             71961
Submitted by:   Kenneth Vestergaard Schmidt

- Security Fix
- update to 2.8.19-1.3.31

- handle transition from /sbin/nologin -> /usr/sbin/nologin

- sync build options with other apache ports again.
headsup: please reanme your existings options
PR:             67937
Suggested by:   eik

-new option: WITH_APACHE_INTERNAL_EXPAT

- allow customizing of CATEGORIES
PR:             67937
Submitted by:   eik

- Security Fix
mod_proxy buffer overflow  CAN-2004-0492

Don't remove www/ now that it is created by the system.

- fix extract problems with bsdtar
Reported by:    Tim Kientzle

- update to mod_deflate-1.0.21
Denis Shaposhnikov

- update to mod_ssl-2.8.18-1.3.31
Reported by: kris

- allow build without expat, new option APACHE_WITHOUT_EXPAT
To run some (mod_perl) applications, a full expat library is needed, but the
built-in one conflicts with it.  This patch allows you to build Apache without
the built-in expat so the other modules can load what they need.

PR:             66650
Submitted by:   Vivek Khera

- move USE_RC_SUBR before bsd.port.pre.mk

- Security update to 2.8.17-1.3.31
- detect fnmatch.h conficts

- add compatibility to apachectl in rcng.sh
Submitted by:   nork

s/run_rc_commmand/run_rc_command/

Pointed out by: Dan Langille <dan@langille.org>
Pointy hat to:  nork

- rcNG-fy
Submitted by:   nork

WARNING installing the package will overwrite your "etc/rc.d/apache.sh"
installing from port is safe

- new option WITHOUT_RC_SUBR

- fix empty dir in option.

- building mod_accel and friends as apache so modules
Denis Shaposhnikov

- use PLIST_FILES for options

- update CONFLICTS

- add mod_deflate
Submitted by:   Denis Shaposhniko

- CONFLICTS extended

- new option APACHE_WITH_MODACCEL
Submitted by:   Denis Shaposhnikov

- cleanup of all options
- CONFLICTS extended

- Fix build of IPV6 (no Security patch needed)
- cleanup mod_snmp option

- Add securirty Fix from cvs

http://www.apacheweek.com/features/security-13

Source:
http://cvs.apache.org/viewcvs.cgi/apache-1.3/src/modules/standard/mod_access.c?r1=1.46&r2=1.47

Link from:      nectar
Reviewed by:    Munechika Sumikawa (IPV6)

- add SIZE

Fix typo: apche-1.3 -> apache-1.3

- Fix collision when APACHE_WITH_MODSNMP and APACHE_WITH_IPV6
  are selected.

- Update PATCH_SITES for mod_snmp
Problem found by: Subhi S Hashwa

- option WITH_APACHE_IPV6
PR:             42427
Submitted by:   sec@42.org

- fix Usage

- new option APACHE_RELATIVE_RUNTIMEDIR

- add new Option APACHE_WITH_MODSNMP
PR:             43997
Submitted by:   zin@the.ne.jp

- update to 2.8.16-1.3.29
- remove the now obsolte fixes.

- Security Fix for mod_rewrite with more than 9 brackets.
http://www.apache.org/dist/httpd/Announcement.html

- extend CONFLICTS with w3c-httpd-3.*

- add CONFLICTS
- use DOCSDIR
Submitted by:   eikemeier@fillmore-labs.com [CONFLICTS]

- change ECHO -> ECHO_MSG

- drop defunctional MASTER_SITES

- use hook for bsd.openssl.mk

Call the ${PKGINSTALL} script via ${SH} so that it works in case the
ports tree is mounted noexec.

- Take maintainership

- Fix SUEXEC leaving zombies behind
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21737
http://marc.theaimsgroup.com/?l=apache-httpd-dev&m=105952652425849&w=2
Suggested by: efortenb@sdccd.cc.ca.us