21:55 rene 

Remove expired ports:
2011-05-01 german/citrix_xenapp: "crashes with f10"
2011-05-01 japanese/citrix_xenapp: "crashes with f10"
2011-05-01 net/citrix_xenapp: "crashes with f10"
2011-05-11 comms/gammu-python: since version 1.29.0 comms/gammu uses python by
default
2011-05-01 java/gj: Upstream disapear and distfile is no more available
2011-05-09 net/ipv6socket_scrub: Upstream disapear and distfile is no more
available
2011-05-13 graphics/lodju: depends on rep-gtk, which doesn't build anymore.
2011-05-01 www/mod_pubcookie: will be unsupported by ASF when 2.4.0 is release,
migrate to 2.2.x+ now
2011-05-01 ftp/prozilla: Upstream disapear and distfile is no more available
2011-05-01 www/py-django11: Unsupported (no longer receive security updates or
bugfixes)
2011-05-13 x11-toolkits/rep-gtk: missing rep-config from librep port broke the
build.
2011-05-01 games/tnl: Upstream development has ceased, it doesn't work with
newer CEGUI and is generally broken
2011-06-01 net/vnc2swf: Development is now superseded by deskutils/vnc2flv

23:04 brooks 

Partially address several years of neglect of pubcookie.  Indicate the
security issues in two two ports.

I've not use pubcookie in several year and given the lack of complaint
about the deprication of mod_pubcookie, I doubt anyone else uses it from
ports.  The mod_pubcookie port has already expired and I've set a two
week expriation for pubcookie-login-server.  If not maintainer
appears I will send both to the Attic on June 6th.

While I'm here, address the use of CONF_FILES and CONF_DIRS in
pubcookie-login-server to avoid getting in the way of progress. [0]

PR:             ports/157164 [0]
Security:       vuxml:115a1389-858e-11e0-a76c-000743057ca2
                vuxml:1ca8228f-858d-11e0-a76c-000743057ca2

08:44 pgollucci 

- Corresponding to www/apache20 deprecation, deprecate ports
  that only build with www/apache20 (2.0.x)

With Hat:   apache

21:00 erwin 

Deprecate md5 in favour of sha256 checksums.  md5 checksums will no longer
be generated or checked, and will be silently ignored for now.  Also,
generalize the MD5_FILE macro to DISTINFO_FILO.

PR:             149657
Submitted by:   rene
Approved by:    portmgr
Tested on:      pointyhat i386 7-exp

20:17 pgollucci 

Mk/bsd.apache.mk can not sufficiently alter things before Mk/bsd.options.mk
in Mk/bsd.ports.mk due to ordering in Mk/bsd.port.mk.  This causes OPTIONSFILE
to be incorrectly set during some make phases as a result of the recent
PKGNAMEPREFIX for apache ports.

'Revert' some of the PKGNAMEPREFIX changes for apXX-.
   - Must be manually requested in tbe port Makefile either by
     a) AP_FAST_BUILD=yes
     b) PKGNAMEPREFIX=${APACHE_PKGNAMEPREFIX}
   - Going forward, we will only do this for ports where WITH_APACHE
       is NOT optional, but required.  mod_* ports are a good fit.

141 ports are mod_ ports
  80 of those use AP_FAST_BUILD and thus are auto hooked by this patch [a].
  61 remaining are then patched to mirror the other $lang frameworks [b].

PR:             ports/146956
Reported by:    Hans F. Nordhaug <Hans.F.Nordhaug@hiMolde.no>, several
Discussed with: pav, itectu on #bsdports
Tested by:      P6 TB run
Approved by:    portmgr (pav)

20:42 pgollucci 

- Mark MAKE_JOBS_UNSAFE=yes

PR:             ports/134611
Approved by:    Pav (#bsdports)

03:46 brooks 

Upgrade pubcookie from 3.3.0-beta2 to 3.3.0a fixing serious XSS
vulnerabilities.

23:43 brooks 

Actually compile on amd64.  This required copying in the config.guess
replacement code from bsd.port.mk because pubcookie lives in a
subdirectory of PREFIX and thus actually defining GNU_CONFIGURE won't
work.

Point hat:      brooks

03:06 brooks 

Add www/mod_pubcookie:

Pubcookie is an open-source package for intra-institutional
single-sign-on end-user web authentication. More generally, it is an
approach to identifying users as they browse to an institution's many
websites that require authentication. It helps an institution reuse
existing authentication services (like Kerberos, LDAP, or NIS), and it
limits the exposure of end-user passwords by ensuring they're only sent
to a trusted login service.

This port contains the apache module portion of the Pubcookie system.