A ports freeze means that commits will be few and far between and only by approval.

apache13-ssl 1.3.41.1.59_1 www =67

Apache secure webserver integrating OpenSSL
Maintained by: apache@FreeBSD.org
Port Added: unknown
Also Listed In: security

---

---

                       Apache + OpenSSL (Apache-SSL)

Uses the public domain SSL implementation known as OpenSSL, integrated
into the Apache server to provide a public domain HTTPS server using
Netscape Secure Sockets Layer (SSL), versions 2 and 3 and TLS version
1.  There are licensing issues in connection with use of the OpenSSL
code in the US, and there are ITAR restrictions on export, even though
the OpenSSL code is obtained from an overseas location.

Full details can be found on the web at:

WWW:	http://www.apache-ssl.org

Details of OpenSSL can be found at:

	http://www.openssl.org

CVSWeb : Sources : Main Web Site : Distfiles Availability : PortsMon

---

Required To Build: lang/perl5.8
Required To Run: lang/perl5.8

---

To install the port: cd /usr/ports/www/apache13-ssl/ && make install clean
To add the package: pkg_add -r apache+ssl

---

Configuration Options

     No options to configure

---

Master Sites:

http://www.apache.org/dist/httpd/

http://archive.apache.org/dist/httpd/

ftp://ftp.planetmirror.com/pub/apache/dist/httpd/

ftp://ftp.pop-mg.com.br/data/apache/dist/httpd/

ftp://ftp.gin.cz/pub/mirrors/www.apache.org/dist/httpd/

ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/ftp.apache.org/dist/httpd/

ftp://ftp.apache.de/mirrors/dev.apache.org/dist/httpd/

ftp://mir1.ovh.net/ftp.apache.org/dist/httpd/

ftp://ftp.forthnet.gr/pub/www/apache/httpd/

ftp://xenia.sote.hu/pub/mirrors/www.apache.org/httpd/

ftp://ftp.esat.net/mirrors/ftp.apache.org/httpd/

ftp://ftp.heanet.ie/mirrors/www.apache.org/dist/httpd/

ftp://ftp.rhnet.is/pub/apache/httpd/

http://ring.nict.go.jp/archives/net/apache/httpd/

http://ring.sakura.ad.jp/archives/net/apache/httpd/

http://ring.riken.jp/archives/net/apache/httpd/

ftp://ftp.sogang.ac.kr/www/apache/dist/httpd/

ftp://ftp.task.gda.pl/pub/www/apache/dist/httpd/

ftp://sunsite.icm.edu.pl/pub/www/apache/dist/httpd/

ftp://ftp.kappa.ro/pub/mirrors/ftp.apache.org/httpd/

ftp://apache.rinet.ru/pub/mirror/apache.org/dist/httpd/

ftp://ftp.chg.ru/pub/WWW/apache/dist/httpd/

ftp://ftp.sunet.se/pub/www/servers/apache/dist/httpd/

ftp://ftp.flirble.org/pub/web/apache/dist/httpd/

ftp://mirrors.rmplc.co.uk/pub/apache/httpd/

ftp://apache.secsup.org/pub/apache/dist/httpd/

ftp://ftp.ccs.neu.edu/net/mirrors/Apache/dist/httpd/

ftp://ftp.tux.org/pub/net/apache/dist/httpd/

ftp://ftp.saix.net/pub/apache/dist/httpd/

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/

• 2006-01-14

  Affects: users of www/apache13-ssl with suexec enabled.

  Author: clement@FreeBSD.org

  Reason: 
    The port has been converted to new apache framework, using bsd.apache.mk.
    suexec knobs have changed to WITH_SUEXEC and SUEXEC_*. See Mk/bsd.apache.mk
    for more details.
  
  

load_rc_config before testing for empty vars.

Submitted by:   dougb@

- Honor NO* vars (noticed by ionbot)
- Silence some portlint warnings
- USE_RC_SUBR from the rc.d script
- Bump PORTREVISION

PR:             125131
Submitted by:   Philip M. Gollucci

- Security update to 1.3.41+ssl_1.59
Security: CVE-2008-0555

- fix objformat
PR:             120105

Remove thttpd from conflicts list, it has a different name for its
passwd program now.

Approved by:    maintainers/erwin

- Update to 1.3.37-1.57

- Fix security issue in mod_rewrite.
All people using mod_rewrite are strongly encouraged to update.

An off-by-one flaw exists in the Rewrite module, mod_rewrite.
Depending on the manner in which Apache httpd was compiled, this
software defect may result in a vulnerability which, in combination
with certain types of Rewrite rules in the web server configuration
files, could be triggered remotely.  For vulnerable builds, the nature
of the vulnerability can be denial of service (crashing of web server
processes) or potentially allow arbitrary code execution.
This issue has been rated as having important security impact
by the Apache HTTP Server Security Team

Updates to latest versions will follow soon.

Notified by:    so@ (simon)
Obtained from:  Apache Security Team
Security:       CVE-2006-3747

Remove the FreeBSD KEYWORD from all rc.d scripts where it appears.
We have not checked for this KEYWORD for a long time now, so this
is a complete noop, and thus no PORTREVISION bump. Removing it at
this point is mostly for pedantic reasons, and partly to avoid
perpetuating this anachronism by copy and paste to future scripts.

Replace ugly "@unexec rmdir %D... 2>/dev/null || true" with @dirrmtry

Approved by:    krion@
PR:             ports/88711 (related)

- Remove duplicated mor_dir entries
- Always build (mod_)apache_ssl statically.
- Fix MAN8 logic [1]

Reported by:    pointyhat via kris [1]

- Update to 1.3.34+1.37
- Use new apache framework.

SECURITY: CVE-2005-3352 (cve.mitre.org)
   mod_imap: Escape untrusted referer header before outputting in HTML
   to avoid potential cross-site scripting.  Change also made to
   ap_escape_html so we escape quotes.  Reported by JPCERT.
   [Mark Cox]

Reported by:    simon

Remove obsolete mastersite.

Source:         distfile survey

- Fix build with OpenSSL 0.9.8

- Fix CAN-2005-2088

Obtained from:  Apache repository

- While I'm here, kick portname from COMMENT

- En1arge its maintainership

- move default configuration files to ${EXAMPLESDIR} and keep
  ${PREFIX}/etc/apache clean.

- Xmas for apache13-ssl!
  Give it a rcNG startup script

Also requested by:      sem

- Deal with httpsd.conf.bak files, like we did for apache2 previously in the
day.

- Update to 1.3.33.1.55

- update to 1.3.29+1.55

- Security Fix
  mod_proxy buffer overflow  CAN-2004-0492

Shamefully stolen from: apache13-mod-ssl port

Don't remove www/ now that it is created by the system.

- tar -> ${TAR}
  While I'm here put --target=httpsd at the right place.

- CONFLICTS extended

Fix a bug in the parsing of Allow/Deny rules using IP addresses.

http://www.vuxml.org/freebsd/09d418db-70fd-11d8-873f-0020ed76ef5a.html

Reported by:        nectar
Obtained from:      Apache CVS

- Update to apache 1.3.29
- Update to patchset 1.53

***** SECURITY FIX *****
http://www.apache-ssl.org/advisory-20040206.txt

Time to ask eik how to add it to portaudit

Rename patch.
post-patch-conf:httpd.conf-dist.orig =>
                        post-patch-conf:httpd.conf-dist

Pointed out by:     kris,
                    Koop Mast <kwm@rainbow-runner.nl>

- Update my email address

Approved and reviewed by:    erwin (mentor)

update apache-ssl patch to 1.52.
apache 1.3.29 is not yet supported.

PR:             59355
Submitted by:   Maintainer

Here's the patch.
files/patch-FixPatch was missing too.

Submitted by:   MAINTAINER

Changelog:
        - Sync with apache13 layout (and some patches)
        - use DOCSDIR
        - Add no_zombies.patch
        - use DIST_SUBDIR=apache

Removed files:
        - files/patch-aq
        - files/patch-ar

Added files:
        - files/patch-httpd.conf-dist
        - files/post-patch-conf:httpd.conf-dist.orig
        - files/patch-FixPatch
        - files/patch-SSLpatch
        - files/patch-Makefile.tmpl
        - files/patch-src::modules::standard::mod_auth_db.module
        - files/patch-src::support::dbmanage
        - files/patch-src::support::log_server_status
        - files/patch-configure

PR:             58403
Submitted By:   MAINTAINER

- fix spelling in CONFLICTS

- add CONFLICTS
Submitted by:   eikemeier@fillmore-labs.com
Approved by:    kris

- Update to 1.3.28.1.49.
- Add suexec support
- Misc changes
- Add a footnote for users, to announce them that next version
  will be a complete resync with apache13 ports layout.

PR:             57300
Submitted by:   sheepkiller@cultdeadsheep.org

- change ECHO -> ECHO_CMD
PR:             56847

- drop defunctional MASTER_SITES

- change YES -> yes

- use hook for bsd.openssl.mk
- Cleanup Makefile

- caption in MAINTAINER

- use bsd.openssl.mk

De-pkg-comment.

Use MASTER_SITE_APACHE*.

PR:             47984
Submitted by:   Kimura Fuyuki <fuyuki@hadaly.org>

- Use user and group "www"
- fix PLIST
- add patch from ports/36363 (from ryan@servercity.com)
- verify ports/36361
- fix ports/36364

- update SSL support.
defaults to openssl port (now 0.9.6.h)
New options:
use the lastest version (now 0.9.7)
        USE_OPENSSL_BETA=yes
use the base version with
        USE_OPENSSL_BASE=yes

- clean up PLIST, unbreak portbuild
- remove config if files are not altered

Unmark this port from being forbidden; the reason by its time was that
the port had been updated to 1.2.27 and ssl-1.48 which simply did not
exist then.

Now they do exist.  Since it builds, installs and runs correctly with
no further changes, and all the other apache-1.2.27-based ports are
back alive again, there's no reason to keep this one forbidden.

Don't be alarmed that the MD5 sum changes: the previous one in
distinfo was actually the checksum from apache_1.3.26+ssl_1.48.tar.gz,
since the last update to that file only changed the name but not the
MD5 sum.  Alas, i could not find any authoritative MD5 on
http://www.apache-ssl.org/ to verify against.

Add MASTER_SITE_RINGSERVER to MASTER_SITES.

Tag apache-ssl sites with :ssl.

Update to apache 1.3.27 and 2.0.43.  This fixes a security vulnerability.
Mark apache13-ssl FORBIDDEN because the new version does not yet exist.

Partially based on patches submitted by below authors.

Submitted by:   "Sergey A. Osokin" <osa@freebsd.org.ru>,
                Udo Schweigert <udo.schweigert@siemens.com>,
                Lev A. Serebryakov <lev@serebryakov.spb.ru>
PR:             ports/43682, ports/43688, ports/43666, ports/43681

Update to 1.3.26+ssl_1.48
removed FORBIDDEN

${PERL} -> ${REINPLACE_CMD}

PR:             40784
Submitted by:   corecode@corecode.ath.cx
Reviewed by:    flynn@energyhq.homeip.net

Mark FORBIDDEN until an update is available.
See <URL:http://httpd.apache.org/info/security_bulletin_20020617.txt>.

Fix a master site.

PR:             36409
Submitted by:   Kimura Fuyuki <fuyuki@mj.0038.net>

Patch buffer overflow described in
<URL:http://www.apache-ssl.org/advisory-20020301.txt>.

Change BROKEN to FORBIDDEN due to security vulnerabilities.   Add SSL
vulnerability to the list:     http://www.apache-ssl.org/advisory-20020301.txt  
 

Oops, forgot to quote the parens.  Quoting makes the line > 80   characters, so
take a slightly different approach.    

Set MAINTAINER to freebsd-ports.  Previous maintainer says, ``i no   longer
support this port as i got fed up with the port committers   ignoring my
updates.''    

Goodbye, YEAR2000.  Hello, 2001.    

Run 'make certificate' from the correct directory.    

Convert category www to new layout.  

Update all ports using OpenSSL and RSA to work without rsaref since   it is no
longer required. Apologies to the various maintainers whom I   did not yet hear
back from, but the ports freeze is coming up in a few   hours and I will be
verifying all of these ports on a 4.1 machine   myself to catch any problems.   

Cosmetic changes to reduce difference between apache13 ports.   (whitespace/tab,
re-ordering, same $DISTNAME)    

Fix up MASTER_SITES    

12 vulnerabilities affecting 34 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities