A ports freeze means that commits will be few and far between and only by approval.

apache2 2.0.55 www =368

Version 2 of Apache web server with prefork MPM.
Was Maintained by: clement@FreeBSD.org
Port Added: 13 Apr 2001 02:43:49
Also Listed In: ipv6

---

---

The Apache HTTP Server Project is an effort to develop and maintain an
open-source HTTP server for various modern desktop and server operating
systems, such as UNIX and Windows NT. The goal of this project is to
provide a secure, efficient and extensible server which provides HTTP
services in sync with the current HTTP standards.
The 2.x branch of Apache Web Server includes several improvements like
threading, use of APR, native IPv6 and SSL support, and many more.

WWW: http://httpd.apache.org/

CVSWeb : Main Web Site : Distfiles Availability : PortsMon

---

Required To Build: lang/perl5.8, devel/autoconf259, devel/libtool15
Required To Run: sysutils/rc_subr, lang/perl5.8
Required Libraries: textproc/expat2, converters/libiconv

---

No installation instructions: this port has been deleted.

The package name of this deleted port was: apache2

---

Configuration Options

     No options to configure

---

Master Sites:

http://www.apache.org/dist/httpd/

http://archive.apache.org/dist/httpd/

ftp://ftp.planetmirror.com/pub/apache/dist/httpd/

ftp://ftp.pop-mg.com.br/pub/apache/dist/httpd/

ftp://ftp.gin.cz/pub/mirrors/www.apache.org/dist/httpd/

ftp://ftp-stud.fht-esslingen.de/pub/Mirrors/ftp.apache.org/dist/httpd/

ftp://ftp.apache.de/mirrors/dev.apache.org/dist/httpd/

ftp://mir1.ovh.net/ftp.apache.org/dist/httpd/

ftp://ftp.forthnet.gr/pub/www/apache/httpd/

ftp://xenia.sote.hu/pub/mirrors/www.apache.org/httpd/

ftp://ftp.esat.net/mirrors/ftp.apache.org/httpd/

ftp://ftp.heanet.ie/mirrors/www.apache.org/dist/httpd/

ftp://ftp.rhnet.is/pub/apache/httpd/

http://ring.sakura.ad.jp/archives/net/apache/dist/httpd/

http://ring.riken.jp/archives/net/apache/dist/httpd/

http://ring.ip-kyoto.ad.jp/archives/net/apache/dist/httpd/

ftp://ftp.sogang.ac.kr/www/apache/dist/httpd/

ftp://ftp.task.gda.pl/pub/www/apache/dist/httpd/

ftp://sunsite.icm.edu.pl/pub/www/apache/dist/httpd/

ftp://ftp.kappa.ro/pub/mirrors/ftp.apache.org/httpd/

ftp://apache.rinet.ru/pub/mirror/apache.org/dist/httpd/

ftp://ftp.chg.ru/pub/WWW/apache/dist/httpd/

ftp://ftp.sunet.se/pub/www/servers/apache/dist/httpd/

ftp://ftp.flirble.org/pub/web/apache/dist/httpd/

ftp://ftp.gbnet.net/pub/apache/dist/httpd/

ftp://mirrors.rmplc.co.uk/pub/apache/httpd/

ftp://apache.secsup.org/pub/apache/dist/httpd/

ftp://ftp.ccs.neu.edu/net/mirrors/Apache/dist/httpd/

ftp://ftp.tux.org/pub/net/apache/dist/httpd/

ftp://ftp.saix.net/pub/apache/dist/httpd/

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/apache2/

• 2005-12-03

  Affects: users of www/apache2

  Author: clement@FreeBSD.org

  Reason: 
    www/apache2 port directory was renamed to www/apache20 to keep
    consistency with other apache ports.
  
  



• 2004-10-15

  Affects: users of www/apache2 with devel/apr

  Author: clement@FreeBSD.org

  Reason: 
    WITH_APR_FROM_PORTS knob is no longer supported, since apr > 1.0
    doesn't conflict with apache2's one. If you use apr 0.9.x you
    won't be able to upgrade apache2 anymore.
  
  



• 2004-08-17

  Affects: users of www/apache2

  Author: clement@FreeBSD.org

  Reason: 
    Summary of recent changes:
    - Access to filesystem is denied by default.
    - mod_proxy* are no longer built by default
    - Now ${PREFIX}/etc/apache2/Includes/*.conf can be used to store
      local configuration or sample configurations.
    - Makefile.modules.3rd contains modules selection for apache 2.x and 1.3.x
  
  



• 2004-06-05

  Affects: users of www/apache2

  Author: clement@FreeBSD.org

  Reason: 
    The apache2 port must now be enabled/disabled and configured in rc.conf.
    See the pkg-message or script for details.
  
  

• port moved to www/apache20 on 2005-12-03
  REASON: renamed for consistency with other apache ports
  

- retire www/apache2

- Fix IGNORE quoting in Makefile.modules.3rd; unbreak www/mod_vhsH
While I'm here fix typo

PR:             ports/89125
Submitted by:   Ion-Mihai "IOnut" Tetcu
Pointy hat to:  clement

Mass-conversion to the USE_AUTOTOOLS New World Order.  The code present
in bsd.autotools.mk essentially makes this a no-op given that all the
old variables set a USE_AUTOTOOLS_COMPAT variable, which is parsed in
exactly the same way as USE_AUTOTOOLS itself.

Moreover, USE_AUTOTOOLS has already been extensively tested by the GNOME
team -- all GNOME 2.12.x ports use it.

Preliminary documentation can be found at:
        http://people.FreeBSD.org/~ade/autotools.txt

which is in the process of being SGMLized before introduction into the
Porters Handbook.

Light blue touch-paper.  Run.

- Backport WANT_APACHE= common21 from development version of bsd.apache.mk
  Now module selection in apache21 works properply

- Fix a misuse of .error. Replace it by IGNORE.

PR:             ports/88281
Reported by:    Lowell Gilbert <freebsd-bugs-local@be-well.ilk.org>

- Don't rerun the apache2.sh rc script on restart's, just stop and start
  normally

PR:             ports/86402
Submitted by:   Jarrod Sayers <jarrod@netleader.com.au>

Use the proper syntax for groups when using ${MASTER_SITE_foo}

Approved by:    MAINTAINER timeout (2 weeks)

- Update to 2.0.55

- Apply openssl 0.9.8 fix by default. OpenSSL 0.9.8 is now the default
  from ports

Reported by:    erwin

- remove a whitespace

- Fix build if WITH_OPENSSL_BETA is defined.

PR:             ports/85457
Submitted by:   Daniel Roethlisberger <daniel@roe.ch>

- Fix   CAN-2005-2700

* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that
renegotiation is performed for a transition from "SSLVerifyClient
optional" to "SSLVerifyClient require".

- Fix reload/restart when using profiles

Submitted by:   thomas, Jarrod <jarrod@netleader.com.au>

- Fix CAN-2005-2491 (integer overflow in pcre)
- Fix memory leak in byterange stuff, which can lead to DoS.
  http://issues.apache.org/bugzilla/show_bug.cgi?id=29962

Obtained from:  Apache SVN repo
Reported by:    simon
Approved by:    portmgr (self)

- make sure SSL dependency doesn't exists if WITHOUT_MODULES_SSL is defined

- Add fix for CAN-2005-2088
From Changelog:
  *) SECURITY: CAN-2005-2088
     core: If a request contains both Transfer-Encoding and Content-Length
     headers, remove the Content-Length, mitigating some HTTP Request
     Splitting/Spoofing attacks.  [Paul Querna, Joe Orton]

- Rename previous patch to CVE ID
- bump PORTREVISION

Security:       CAN-2005-2088
Obtained From: Apache repository

Security: fix a buffer overrun in ssl_callback_SSLVerify_CRL()
Reported by:    thierry

- Remove debug line.

- Add support for multiple instances of apache2 to startup script.
  It's a little bit experimental, but it works.

- Update to 2.0.54

- Correct misuse of APXS_PREFIX

- Fix memory leak
  *) core_input_filter: Move buckets to a persistent brigade instead of
     creating a new brigade. This stop a memory leak when proxying a
     Streaming Media Server.

Obtained from:  Apache httpd repository

- promote kqueue to not-so-experiemental status.
  Please use WITH_KQUEUE_SUPPORT instead.

Success story reported by:      pav

- Backport PORTDOCS fix from www/apache21.
  Recent changes in bsd.port.mk prevent from using PORTDOCS= #

- backout previous commit.
  I blindly committed a change from my dev tree. Since USE_APACHE design
  is flacky, it had a very annoying impact.

PR:                ports/77391 [1]
Also reported by: pointyhat via kris,
                  Scot Hetzel <swhetzel@gmail.com> [1]
Pointy hat to:    clement

- I want to keep APACHE_PORT overridable even with apache2.

- Update to 2.0.53
- Download bz2'd tarball [1]
- Add print-closest-mirrors target.
  It allows you to find the 6 (3 http/3 ftp) closest mirror,
  base on http://www.apache.org/dyn/closer.cgi/httpd/
  make print-closest-mirrors >> /etc/make.conf automatically add
  the six closest mirror to the head of ${MASTER_SITE_APACHE_HTTPD}.

Requested by:   delphij

- Fix non DSO apache detection

Noticed by:     Xavier Beaudouin <kiwi@oav.net>

Changes in Makefile.modules.3rd
o Major change(s)
   - in some cases, modules are still built as static modules, making
     modules selection useless and generate a non-desired httpd

o Minor change(s)
   - apxs detection is done only if port isn't a server one.
   - Mark modules ports as IGNORED if apaxhe is built statically
   - fix make show-modules when when WITH_ALL_STATIC_MODULES is defined

Most issues discovered by:      Jason Mealins <jason_mealins@bigfix.com>

- make WITHOUT_<CATEGORY>_MODULES really works.
  (it was still stuck with WITHOUT_<CATEGORY>)

Noticed by:     Jason Mealins <jason_mealins@bigfix.com>

- Add support for databases/db43 in apache2[1] and apache21.
- rename files/patch-srclib:apr-utils:build:dbm.m4 to
  files/patch-srclib:apr-util:build:dbm.m4

Based on PR:            ports/76152 [1]
Submitted by:           Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net> [1]

o startup script:
- Use apache{2,21}flags variable in apache{2,21}_checkconfig().
  It fixes restart when apache2ssl_enable is set to YES in rc.conf
  and httpd.conf is "old" (i.e. non -DSSL safe) [1]

o Makefile
- split post-install target to add install-startup-script:
  User can now upgrade startup script without reinstalling apache2.
  NOTE: this is NOT package-safe and NOT supported, even if in most of
  cases they're no risk.

Noticed by:     many [1]

- Add a note about the dangerousness of quotes in make.conf

- Bump PORTREVISION to refect recent changes.
  Since www/mod_python3 needs envvars.d stuff to work.

- Fix a bug in mod_ssl. When client aborts connection, mod_ssl still try
  to send its data, ad vitam eternam.

Noticed by:     Didier Bringer <bringer at echo dot fr>
Patched by:     Bruno Ducrot <ducrot at poupinou dot org>

- Remove useless APR_FROM_PORTS check in post-install
- Add support for modular sbin/envvars
  You can now put your own scripts you want to execute at envvars
  stage in ${PREFIX}/etc/apache2/envvars.d
  Only script ending by *.env are run.

  Example:
        /usr/local/etc/apache2/envvars.d/mod_python3.env

Discussed with: perky on -apache@

- s/INSTALLS_SHILB/INSTALLS_SHLIB/

- Remove installation of unused highperformance*.conf
- Move examples config files to ${EXAMPLESDIR}
- Relax permissions on ${PREFIX}/www instead of ${PREFIX}/www/data

- Rename patch file.

- As discussed on apache@, don't create httpd.conf.bak, and remove stalled
  httpd.conf.bak file at deinstall time.

- minor cleanups.

- Fix memory consumption DoS, CVE CAN-2004-0942

Reported by:    josef
Obtained from:  Apache CVS

- ldconfig'ify ${PREFIX}/lib/apache2 at install time.

PR:             ports/73566
Submitted by:   lev

- Fix previous patch :-)

Huge pointy hat to: me
Noticed by:     Meno Abels <meno.abels@adviser.com>

Makefile was errornously committed. Revert the changes

- Fix apache2 build, I hope...

Noticed by:  many
Committed from: EuroBSDcon Hotel's bar.
Pointy hat to:  me
Under supervision from: mat, thierry, erwin (former mentor)

util_ald_cache_purge() fails to relink the cache entries during a cache purge.
So apply the official patch

- sync with real life

- Fix shared module building when WITH_STATIC_MODULES is defined.

Noticed by:     Nicola Tiling <nti at w4w dot net>

- Remove WITH_APR_FROM_PORTS knob
- Add a note to UPDATING, to warn users they won't be able to build apache2
  if they keep apr 0.9.x

Discussed with: Craig Rodrigues (apr maintainer), kuriyama

- Fix apr detection
  WARNING: apache2 + apr 1.0 is BROKEN
  I'm working on a small compat hack. But don't dream too much.
  apache 2.0.x is not designed to work with apr 1.x.

Forgotten by:   kuriyama

- Chase apr shlib version bump.

Pointy Hat Autumn Collection 2004 to:   kuriyama

- Use ${WWWOWN} and ${WWWGRP} for apache's user. (instead of harcoded
  www/www).
  It should help to keep consistancy in www-related ports.

- Yet Another Security Fix
  Fix CAN-2004-0885:

  * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that a
  correct cipher suite has been negotiated, else deny access.

  * modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): With OpenSSL
  0.9.7, prevent session resumption during a renegotiation to force the
  client to negotiate a new (and acceptable) cipher suite.

Credits:        Hartmut Keil, Joe Orton

- Update to 2.0.52
- Use "PORTDOCS= #" and get rid of docs entry in plist.
- Support for FreeBSD 6 in apr
- Move of cache modules from THREADS to EXPERIMENTAL category and make
  sure we enable THREADS modules (cgid only) when a threaded MPM is
  selected.
- Resurect WITH_EXTRA_MODULES knob
- powerlogo.gif is now hosted by FreeBSD mirrors
- WITH_<category> is definitively no longer supported.
- Add Includes dir when installed via a package [1]

PR:             ports/72309 [1]
Submitted by:   Christian Kratzer <ck at cksoft dot de> [1]

- Fix compilation with threads enabled on 5.x (due to PTHREAD_LIBS changes)

Approved by:    portmgr (krion)

Security fixes [1]:
  *) SECURITY: CAN-2004-0786 (cve.mitre.org)
     Fix an input validation issue in apr-util which could be
     triggered by malformed IPv6 literal addresses.  [Joe Orton]

  *) SECURITY: CAN-2004-0747 (cve.mitre.org)
     Fix buffer overflow in expansion of environment variables in
     configuration file parsing.  [Andr<E9> Malo]

  *) SECURITY: CAN-2004-0809 (cve.mitre.org)
     mod_dav_fs: Fix a segfault in the handling of an indirect lock
     refresh.  PR 31183.  [Joe Orton]

- Update documentation (finally!) and fix WITH_<CATEGORY>_MODULES
  for special modules like LDAP or SSL [2]

Noticed by:     nectar [1]
Requested by:   Emile Heitor <imil at home dot imil dot net> [2]
Approved by:    portmgr (marcus)

- make AP_GENPLIST pseudo PREFFIX-safe until I find a correct fix.

Discussed with: eik (long time ago)

- Add a sanity check on apache2 configuration files before reloading or
  restarting apache2 (to avoid an expected failure on restart)

- Add support for exception hook:
  * WITH_EXCEPTION_HOOK now exists
  * Automatically add if WITH_DEBUG is set
  * Update still-outdated-documentation
- Remove automatic debuf mode if DEBUG_FLAGS is set

Exception hook is very useful for debugging (upcoming www/mod_backtrace
and www/mod_whatkilledus modules)

Makefile.modules.3rd:
- Fix CONFIGURE_ARGS for dynamic module selection.
  It's now fully usuable for apache13 ports
- Remove an useless WANT_APACHE check
- Move apxs detection at the beginning of the file, to use APXS_PREFIX
  for apache major version detection [1]
  The main advantage of this patch is to provide a nice way to
  have multiple apache versions, without altering ${LOCALBASE}.

Submitted by:    "ports/c0decafe.net" <ports at c0decafe dot net> [1]

- Backport security fixes in ssl_engine_io.c

* [SECURITY] mod_ssl: Fix potential input filter segfaults in
  SPECULATIVE mode. (rollback handling for AP_MODE_SPECULATIVE)
  "This issue has possible security implications; it's been assigned CVE
  CAN-2004-0751 (cve.mitre.org)."
  http://issues.apache.org/bugzilla/show_bug.cgi?id=30134

* [SECURITY] mod_ssl: Fix potential infinite loop.
  (potential infinite loop in ssl_io_input_getline if connection is
  aborted without inctx->rc being set.)
  http://issues.apache.org/bugzilla/show_bug.cgi?id=27945
  http://issues.apache.org/bugzilla/show_bug.cgi?id=29690

Obtained from:  Apache CVS (httpd-2.0 HEAD)

- Bump PORTREVISION for all previous changes
- Allow access to /home if mod_userdir is loaded
- We don't need apache2libs.sh if apr is installed from ports.
- Add recent changes to UPGRADING

Remove our config.layout support. FreeBSD layout is in apache2's one
since 2.0.48

We don't need -DFREEBSD_THREAD_HACK when using kse or thr as threading
library.

- Add ldconfig -m to apache2's apr libs (install time and boot time)

Requested by, discussed with: lev

- Fix brainless typo.

Noticed by: Roderick van Domburg <r.s.a.vandomburg@student.utwente.nl>

apache2 NG patch 2/5.
Makefile.modules:
   - Export rewritten modules selection from Makefile.modules
     to Makefile.modules.3rd
   - Remove proxy support by default.

Makefile.modules.3rd:
   - Add support for WANT_APACHE common13/common2 to share
     code/functionalities between apache13 and apache2 server ports.

Rewrite of modules selection:
   - WITH_MODULES and WITHOUT_MODULES are no more conflicting
     WITHOUT_MODULES can be safely used internally to remove conflicting
     modules
   - Selection is based on modules categories to improve flexibility
        - WITH_${category}[_MODULES]
        - WITHOUT_${category}
        - WITH_CUSTOM_${category}
   -  Support apache13, apache2{0,1}
        This is EXPERIMENTAL. I'll test it IRL with www/apache13-ssl,
        and it should be easily usuable in future bsd.apache.mk

apache2 NG patch 1/5.

o Changes in httpd.conf
  - mod_userdir:
        . set Userdir if mod_userdir is loaded [1]
        . Userdir is denied for users from /etc/ftpusers
  - set more "secure" permissions.
    By default, policy is to deny access to filesystem.
    You HAVE to _ENABLE_ access to your filesystem in httpd.conf.
  - Add an "Includes" directory to ${PREFIX}/etc/apache2/
    to make configuration more flexible
    ${PREFIX}/etc/apache2/*.conf files are now automatically loaded.

o apache.sh
  - be closer to apachectl, apache.sh need envvars [2]
    It should restore subversion behavior.

Partially submitted by:
                kuriyama [1],
                Gregory (Grisha) Trubetskoy <grisha at apache dot org> [2]

Future changes are mostly written, they should be committed during the
week-end.
If you're interrested in changes, feel free contact me.

- Disable mod_cgi if MPM is threaded.

- Update experimental apr/kqueue patch

Obtained from:  apr CVS

- Fix hostname resolution if IPv4 are mapped. [1]
- Add WITHOUT_V4MAPPED knob and explicitly set --disable-v4-mapped
  if WITHOUT_V4MAPPED or WITH_IPV6_V6ONLY

Also submitted by:      Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp> [1]