00:27 clement 

- retire www/apache2

06:52 ade 

Mass-conversion to the USE_AUTOTOOLS New World Order.  The code present
in bsd.autotools.mk essentially makes this a no-op given that all the
old variables set a USE_AUTOTOOLS_COMPAT variable, which is parsed in
exactly the same way as USE_AUTOTOOLS itself.

Moreover, USE_AUTOTOOLS has already been extensively tested by the GNOME
team -- all GNOME 2.12.x ports use it.

Preliminary documentation can be found at:
        http://people.FreeBSD.org/~ade/autotools.txt

which is in the process of being SGMLized before introduction into the
Porters Handbook.

Light blue touch-paper.  Run.

18:58 fenner 

Use the proper syntax for groups when using ${MASTER_SITE_foo}

Approved by:    MAINTAINER timeout (2 weeks)

13:54 clement 

- Update to 2.0.55

08:39 clement 

- Apply openssl 0.9.8 fix by default. OpenSSL 0.9.8 is now the default
  from ports

Reported by:    erwin

14:46 clement 

- remove a whitespace

14:26 clement 

- Fix build if WITH_OPENSSL_BETA is defined.

PR:             ports/85457
Submitted by:   Daniel Roethlisberger <daniel@roe.ch>

20:31 clement 

- Fix   CAN-2005-2700

* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that
renegotiation is performed for a transition from "SSLVerifyClient
optional" to "SSLVerifyClient require".

20:24 clement 

- Fix CAN-2005-2491 (integer overflow in pcre)
- Fix memory leak in byterange stuff, which can lead to DoS.
  http://issues.apache.org/bugzilla/show_bug.cgi?id=29962

Obtained from:  Apache SVN repo
Reported by:    simon
Approved by:    portmgr (self)

10:04 clement 

- make sure SSL dependency doesn't exists if WITHOUT_MODULES_SSL is defined

10:10 clement 

- Add fix for CAN-2005-2088
From Changelog:
  *) SECURITY: CAN-2005-2088
     core: If a request contains both Transfer-Encoding and Content-Length
     headers, remove the Content-Length, mitigating some HTTP Request
     Splitting/Spoofing attacks.  [Paul Querna, Joe Orton]

- Rename previous patch to CVE ID
- bump PORTREVISION

Security:       CAN-2005-2088
Obtained From: Apache repository

08:25 clement 

Security: fix a buffer overrun in ssl_callback_SSLVerify_CRL()
Reported by:    thierry

20:38 clement 

- Update to 2.0.54

22:18 clement 

- Fix memory leak
  *) core_input_filter: Move buckets to a persistent brigade instead of
     creating a new brigade. This stop a memory leak when proxying a
     Streaming Media Server.

Obtained from:  Apache httpd repository

13:36 clement 

- promote kqueue to not-so-experiemental status.
  Please use WITH_KQUEUE_SUPPORT instead.

Success story reported by:      pav

15:17 clement 

- Update to 2.0.53
- Download bz2'd tarball [1]
- Add print-closest-mirrors target.
  It allows you to find the 6 (3 http/3 ftp) closest mirror,
  base on http://www.apache.org/dyn/closer.cgi/httpd/
  make print-closest-mirrors >> /etc/make.conf automatically add
  the six closest mirror to the head of ${MASTER_SITE_APACHE_HTTPD}.

Requested by:   delphij

13:45 clement 

o startup script:
- Use apache{2,21}flags variable in apache{2,21}_checkconfig().
  It fixes restart when apache2ssl_enable is set to YES in rc.conf
  and httpd.conf is "old" (i.e. non -DSSL safe) [1]

o Makefile
- split post-install target to add install-startup-script:
  User can now upgrade startup script without reinstalling apache2.
  NOTE: this is NOT package-safe and NOT supported, even if in most of
  cases they're no risk.

Noticed by:     many [1]

19:52 clement 

- Bump PORTREVISION to refect recent changes.
  Since www/mod_python3 needs envvars.d stuff to work.

17:52 clement 

- Remove useless APR_FROM_PORTS check in post-install
- Add support for modular sbin/envvars
  You can now put your own scripts you want to execute at envvars
  stage in ${PREFIX}/etc/apache2/envvars.d
  Only script ending by *.env are run.

  Example:
        /usr/local/etc/apache2/envvars.d/mod_python3.env

Discussed with: perky on -apache@

10:18 clement 

- s/INSTALLS_SHILB/INSTALLS_SHLIB/

11:48 clement 

- Remove installation of unused highperformance*.conf
- Move examples config files to ${EXAMPLESDIR}
- Relax permissions on ${PREFIX}/www instead of ${PREFIX}/www/data

18:23 clement 

- minor cleanups.

18:24 clement 

- Fix memory consumption DoS, CVE CAN-2004-0942

Reported by:    josef
Obtained from:  Apache CVS

20:50 clement 

- ldconfig'ify ${PREFIX}/lib/apache2 at install time.

PR:             ports/73566
Submitted by:   lev

09:22 clement 

Makefile was errornously committed. Revert the changes

19:44 clement 

- Fix apache2 build, I hope...

Noticed by:  many
Committed from: EuroBSDcon Hotel's bar.
Pointy hat to:  me
Under supervision from: mat, thierry, erwin (former mentor)

15:32 clement 

util_ald_cache_purge() fails to relink the cache entries during a cache purge.
So apply the official patch

14:45 clement 

- Remove WITH_APR_FROM_PORTS knob
- Add a note to UPDATING, to warn users they won't be able to build apache2
  if they keep apr 0.9.x

Discussed with: Craig Rodrigues (apr maintainer), kuriyama

09:15 clement 

- Fix apr detection
  WARNING: apache2 + apr 1.0 is BROKEN
  I'm working on a small compat hack. But don't dream too much.
  apache 2.0.x is not designed to work with apr 1.x.

Forgotten by:   kuriyama

05:03 kuriyama 

- Chase apr shlib version bump.

Pointy Hat Autumn Collection 2004 to:   kuriyama

14:03 clement 

- Use ${WWWOWN} and ${WWWGRP} for apache's user. (instead of harcoded
  www/www).
  It should help to keep consistancy in www-related ports.

09:17 clement 

- Yet Another Security Fix
  Fix CAN-2004-0885:

  * modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that a
  correct cipher suite has been negotiated, else deny access.

  * modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): With OpenSSL
  0.9.7, prevent session resumption during a renegotiation to force the
  client to negotiate a new (and acceptable) cipher suite.

Credits:        Hartmut Keil, Joe Orton

08:27 clement 

- Update to 2.0.52
- Use "PORTDOCS= #" and get rid of docs entry in plist.
- Support for FreeBSD 6 in apr
- Move of cache modules from THREADS to EXPERIMENTAL category and make
  sure we enable THREADS modules (cgid only) when a threaded MPM is
  selected.
- Resurect WITH_EXTRA_MODULES knob
- powerlogo.gif is now hosted by FreeBSD mirrors
- WITH_<category> is definitively no longer supported.
- Add Includes dir when installed via a package [1]

PR:             ports/72309 [1]
Submitted by:   Christian Kratzer <ck at cksoft dot de> [1]

08:17 clement 

- Fix compilation with threads enabled on 5.x (due to PTHREAD_LIBS changes)

Approved by:    portmgr (krion)

16:54 clement 

Security fixes [1]:
  *) SECURITY: CAN-2004-0786 (cve.mitre.org)
     Fix an input validation issue in apr-util which could be
     triggered by malformed IPv6 literal addresses.  [Joe Orton]

  *) SECURITY: CAN-2004-0747 (cve.mitre.org)
     Fix buffer overflow in expansion of environment variables in
     configuration file parsing.  [Andr<E9> Malo]

  *) SECURITY: CAN-2004-0809 (cve.mitre.org)
     mod_dav_fs: Fix a segfault in the handling of an indirect lock
     refresh.  PR 31183.  [Joe Orton]

- Update documentation (finally!) and fix WITH_<CATEGORY>_MODULES
  for special modules like LDAP or SSL [2]

Noticed by:     nectar [1]
Requested by:   Emile Heitor <imil at home dot imil dot net> [2]
Approved by:    portmgr (marcus)

14:38 clement 

- Add support for exception hook:
  * WITH_EXCEPTION_HOOK now exists
  * Automatically add if WITH_DEBUG is set
  * Update still-outdated-documentation
- Remove automatic debuf mode if DEBUG_FLAGS is set

Exception hook is very useful for debugging (upcoming www/mod_backtrace
and www/mod_whatkilledus modules)

Makefile.modules.3rd:
- Fix CONFIGURE_ARGS for dynamic module selection.
  It's now fully usuable for apache13 ports
- Remove an useless WANT_APACHE check
- Move apxs detection at the beginning of the file, to use APXS_PREFIX
  for apache major version detection [1]
  The main advantage of this patch is to provide a nice way to
  have multiple apache versions, without altering ${LOCALBASE}.

Submitted by:    "ports/c0decafe.net" <ports at c0decafe dot net> [1]

19:40 clement 

- Backport security fixes in ssl_engine_io.c

* [SECURITY] mod_ssl: Fix potential input filter segfaults in
  SPECULATIVE mode. (rollback handling for AP_MODE_SPECULATIVE)
  "This issue has possible security implications; it's been assigned CVE
  CAN-2004-0751 (cve.mitre.org)."
  http://issues.apache.org/bugzilla/show_bug.cgi?id=30134

* [SECURITY] mod_ssl: Fix potential infinite loop.
  (potential infinite loop in ssl_io_input_getline if connection is
  aborted without inctx->rc being set.)
  http://issues.apache.org/bugzilla/show_bug.cgi?id=27945
  http://issues.apache.org/bugzilla/show_bug.cgi?id=29690

Obtained from:  Apache CVS (httpd-2.0 HEAD)

12:41 clement 

- Bump PORTREVISION for all previous changes
- Allow access to /home if mod_userdir is loaded
- We don't need apache2libs.sh if apr is installed from ports.
- Add recent changes to UPGRADING

20:25 clement 

Remove our config.layout support. FreeBSD layout is in apache2's one
since 2.0.48

21:46 clement 

- Add ldconfig -m to apache2's apr libs (install time and boot time)

Requested by, discussed with: lev

08:40 clement 

apache2 NG patch 2/5.
Makefile.modules:
   - Export rewritten modules selection from Makefile.modules
     to Makefile.modules.3rd
   - Remove proxy support by default.

Makefile.modules.3rd:
   - Add support for WANT_APACHE common13/common2 to share
     code/functionalities between apache13 and apache2 server ports.

Rewrite of modules selection:
   - WITH_MODULES and WITHOUT_MODULES are no more conflicting
     WITHOUT_MODULES can be safely used internally to remove conflicting
     modules
   - Selection is based on modules categories to improve flexibility
        - WITH_${category}[_MODULES]
        - WITHOUT_${category}
        - WITH_CUSTOM_${category}
   -  Support apache13, apache2{0,1}
        This is EXPERIMENTAL. I'll test it IRL with www/apache13-ssl,
        and it should be easily usuable in future bsd.apache.mk

17:04 clement 

apache2 NG patch 1/5.

o Changes in httpd.conf
  - mod_userdir:
        . set Userdir if mod_userdir is loaded [1]
        . Userdir is denied for users from /etc/ftpusers
  - set more "secure" permissions.
    By default, policy is to deny access to filesystem.
    You HAVE to _ENABLE_ access to your filesystem in httpd.conf.
  - Add an "Includes" directory to ${PREFIX}/etc/apache2/
    to make configuration more flexible
    ${PREFIX}/etc/apache2/*.conf files are now automatically loaded.

o apache.sh
  - be closer to apachectl, apache.sh need envvars [2]
    It should restore subversion behavior.

Partially submitted by:
                kuriyama [1],
                Gregory (Grisha) Trubetskoy <grisha at apache dot org> [2]

Future changes are mostly written, they should be committed during the
week-end.
If you're interrested in changes, feel free contact me.

09:32 clement 

- Fix hostname resolution if IPv4 are mapped. [1]
- Add WITHOUT_V4MAPPED knob and explicitly set --disable-v4-mapped
  if WITHOUT_V4MAPPED or WITH_IPV6_V6ONLY

Also submitted by:      Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp> [1]

16:41 clement 

- Add WITHOUT_IPV6 knob to workaround problem with IP resolution
  when --enable-v4-mapped is used (default).
  Use WITHOUT_IPV6 knob if you have problem with "HostnameLookup On" on
  IPv4-only server(s).
  I hope I can provide a real fix soon.

13:47 clement 

- Make configure script define DEFAULT_SCOREBOARD.
- Add NOTICE file to respect Apache 2.0 license

18:06 clement 

- revert ade's commit, since it breaks the ports due to something
  looking like a reverse patching.

17:06 ade 

Autotools cleanup.  Remove autoconf257 (259), automake17 (18), and
libtool14 (13/15).

PR:             67768
Submitted by:   ade
Approved by:    4-exp bento runs (thanks, kris!)

05:54 clement 

- Update to 2.0.50
  Important changes:
  *) SECURITY: CAN-2004-0493 (cve.mitre.org)
     Close a denial of service vulnerability identified by Georgi
     Guninski which could lead to memory exhaustion with certain
     input data.  [Jeff Trawick]
  *) SECURITY: CAN-2004-0488 (cve.mitre.org)
     mod_ssl: Fix a buffer overflow in the FakeBasicAuth code for a
     (trusted) client certificate subject DN which exceeds 6K in length.
     [Joe Orton]
  Details can be found here:
        http://www.apache.org/dist/httpd/CHANGES_2.0
- Use autoconf 2.59
- Add add SUEXEC_LOGFILE tunable to set suexec logfile [1]
- Silently ignore removal of libexec/apache2 directory
- Import latest version of apr_reslit.c from apr CVS which
  adds timeout feature to apr_reslist_acquire().
  This is required for future mod_logio-st.
- Add explicit dependency on libiconv (so nowwe support libiconv)
- Move Windows Update fix from MASTER_SITE_LOCAL to ports tree
- add WITH_EXPERIMENTAL_PATCHES knobs:
  These patches are backports from apache CVS HEAD or apr CVS HEAD.
  They have positive impacts on apache responsiveness but can be
instable
  and are NOT currently supported by apache/apr teams.
  * exp-http-ready.patch: add "httpready" support for ACCEPT_FILTER
    (currently apache 2 only support "dataready")
  * exp-apr-kqueue.patch: add support for kqueue in apr_poll().
    This patch greatly improves apache network performance (up to
    18% according to the author, on my test box, between 13% and 21%)
    Test and feedback on -STABLE are welcome ;)
    For more details, please see:
    http://marc.theaimsgroup.com/?t=108650227500001&r=1&w=2

Submitted by:   knu [1]

NOTE:
Please set MASTER_SITE_APACHE_HTTPD to closest mirrors.
you can easily find them from:
http://www.apache.org/dyn/closer.cgi/httpd/
Thanks :

08:06 clement 

- Security fix.
  CAN-2004-0493 - memory exhaustion denial of service
 
http://www.freebsd.org/ports/portaudit/81a8c9c2-c94f-11d8-8898-000d6111a684.html

Noticed by:     eik
Obtained from:  apache CVS

14:56 clement 

- change limits from user www to daemon class to be in sync with
  apachectl
- fix limits (missing eval)

11:14 clement 

-1- make show-options readable from a vt100 ;-)
-2- add WITH_DEBUG knob (supports DEBUG_FLAGS)
-3- convert start script to RCng [1]
    - add possibility to run limits(1) before apache starts
    - apache2.sh reload = apachectl graceful
-4- Add threadpool MPM
-5- Adapt COMMENT to fit MPM.
-6- Bump PORTREVISION

PR:             ports/66955 [1]
Submitted by:   nork [1] (partially)
Requested by:   ume [1]

08:15 clement 

- remove quotes from "bogus" IGNORE string

Noticed by:     kris

22:17 clement 

- Fix IGNORE s,(,\(,

22:07 clement 

- s/BROKEN/IGNORE/

21:37 clement 

- Fix build if WITH_APR_FROM_PORTS is defined.
- Advertise ServerToken i.e.:
Apache/2.0.49 (FreeBSD) Server at satan.cultdeadsheep.org Port 80

15:27 clement 

- Import security fix from Apache CVS...
* modules/ssl/ssl_engine_kernel.c (ssl_hook_UserCheck): Fix buffer
overflow in FakeBasicAuth code if client's subject DN exceeds 6K in
length (CVE CAN-2004-0488); switch to using apr-util base64 encoder
functions.
- ... and of course bump PORTREVISION.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488
http://secunia.com/advisories/11534/

Reported by:    Charles-Damien Orbello <tazma@cultdeadsheep.org>

11:58 clement 

- import buildconf patch in ports tree.
  It has been living out the tree for historical reason.

11:35 clement 

- use autoconf 2.57
- use libtool 1.5.6

12:27 clement 

Update to 2.0.49

Full ChangeLogand announcement:
http://www.apache.org/dist/httpd/Announcement2.html

Port changes:
- buildconf patches improvement
- Fix typo [1]

PR:             64297 [1]
Submitted by:   TSUMAI Yasuyuki <ral@ta-ko.jp> [1]

20:50 dinoex 

- CONFLICTS extended

07:58 kuriyama 

o Bump $LIB_DEPENDS line to chase expat's shlib version.
o Bump $PORTREVISION.

06:17 ade 

Whoa there, boy, that's a mighty big commit y'all have there...

Begin autotools sanitization sequence by requiring ports to explicitly
specify which version of {libtool,autoconf,automake} they need, erasing
the concept of a "system default".

For ports-in-waiting:

        USE_LIBTOOL=YES         ->      USE_LIBTOOL_VER=13
        USE_AUTOCONF=YES        ->      USE_AUTOCONF_VER=213
        USE_AUTOMAKE=YES        ->      USE_AUTOMAKE_VER=14

Ports attempting to use the old style system after June 1st 2004 will be
sorely disappointed.

10:37 clement 

Fix configure.

02:48 ade 

Replace all known incantations of WANT_{AUTOMAKE,AUTOCONF,LIBTOOL}* with
the USE_<x> equivalents.  In the current scheme of things, the WANT_
variables in this case are synonymous with the USE_ ones, and thus need
to be exterminated.

First in a series of major autotools cleanups.

12:51 clement 

Fix a mod_ssl denial-of-service.

http://www.vuxml.org/freebsd/492f8896-70fa-11d8-873f-0020ed76ef5a.html

Reported by:        nectar
Obtained from:      Apache CVS vis nectar

14:07 clement 

- Add windowsupdate.com mod_proxy fix. [1]
  you must define WITH_WINDOWSUPDATEFIX
- Fix typo/reword Makefile.doc [2]

PR:             62610 [1], 62757 [2]
Submitted by:   leafy <leafy@leafy.idv.tw> [1],
                Linh Pham <question+freebsdpr@closedsrc.org> [2]

15:40 clement 

- Improve apr from ports support.
  Thanks a lot to kuriyama.

Submitted by:   kuriyama

11:53 clement 

- Fix typo in SLAVE_DESIGNED_FOR check [1]
- Make ldap fix optional, since it may break LDAP auth [2]
  Please use WITH_LDAPFIX if you need the fix.
- Improve pthreads support
- SIZEify distinfo

Submitted by:           mharo [1]
Discussed with:         Robin P. Blanchard <robin.blanchard@gactr.uga.edu> [2]

10:01 kuriyama 

o Use appropriate comment for WITH_IPV6_V6ONLY knob.
o Fix apu-config command name in WITH_APR_FROM_PORTS condition.

21:21 clement 

Add WITH_PTHREAD_LIBS and WITH_EXPERIMENTAL_THREADS.
These options are for people who want to directly link
apache against libkse and libthr.

Usage:
    WITH_EXPERIMENTAL_THREADS=YES
            Overrides default pthread detection behaviour.
    WITH_PTHREAD_LIBS={kse;thr}
            Lets you choose your pthread lib.
            Don't even try to use "c_r"...

*** These options are unsupported ***
But all gdb backtraces are welcome :-)
AFAIK, apache works well, but mod_php4 (worker MPM) behavior
is quite funny.
All modules which use apr mutexes may crash with KSE.
Since I'm working on it, if you have coredumps, feel free
to send me the backtrace (you must compile libkse, apache
and modules with debugging symbols).
Don't forget to set kern.sugid_coredump to 1.
(using CoreDumpDirectory in httpd.conf can help too)

00:30 clement 

- Fix compilation for threaded MPM.
  This is due to partial revert of apr improvment.
  setting LIBS=${PTHREAD_LIBS} conflicts with libtool.
  All should be OK now...
  If someone can explain me why libtool impose using
  -pthread (ltshmain), I'm all ears...
  Note:
  You CAN NOT override -lc_r (i.e. setting -lkse) at compile time.
  I must fix it...
- Move patchset to MASTER_SITE_LOCAL

Noticed by:         Martin Nilsson <martin@gneto.com>
Approved by:        erwin (mentor) (implicitly)

22:12 clement 

- Remove thread support in apr. The code prevents apache from running
  on > 4.8-STABLE (from september 2003) system because apache2 used
  libc_r instead of libc.
  Compiling with -lkse (on -CURRENT) was broken too.

- bump PORTREVISION to force users to upgrade.

NOTE: on -STABLE DO NOT DEFINE WITH_THREADS.
      (unless you use a threaded MPM)

Thanks to Fritz Heinrichmeyer <fritz.heinrichmeyer@fernuni-hagen.de>
who helped me to track the problem.

Noticed by:         Fritz Heinrichmeyer <fritz.heinrichmeyer@fernuni-hagen.de>
                    HAYASHI, "Lef" Tatsuya <lef@st.rim.or.jp> [1]
PR:                 61317 [1]
Approved by:        erwin (mentor) (implicitly)

22:24 clement 

- Per popular request, add "you can you use make show-modules"-like
  message option in pre-everything:: target.
- Change OpenSSL fix. (specially when WITH_BERKELEYDB=FreeBSD is defined)
  There are too many cases of failure (at leat 3), so I can't force -STABLE
  users to use SSL_EXPERIMENT_ENGINE [1]
- Add WITH_SSL_EXPERIMENTAL_ENGINE knob [2]
- Better db42 apr-util detection [3]
- Add fastest mirror to PATCH_SITES
- Add db42 to "make show-options"

Note to users:
    Unless you have a *really* good request, no more features will be added.
    Please send me with your bug reports:
            - uname -a output
            - all config.log files
            - pkg_info output
            - your make command line

Noticed by:     apache2-test-ng.sh script [1]
                Barry Pederson <bp@barryp.org> [3]
Requested by:   jb@perso-web.com [2]

23:11 clement 

Mark apache2 as broken when devel/apr is installed and WITH_APR_FROM_PORTS
is not defined.
This workaround should avoid weird apache behaviours when apache is
linked against the wrong apr* libraries.
Time to add CONFLICTS_BUILD option to bsd.port.mk ?

Approved by:    erwin (mentor) (implicity)

18:56 clement 

- fix SSL detection problem on stable with base OpenSSL [1]
  Force the use of SSL_EXPERIMENTAL_ENGINE *only* if the user uses
  -STABLE and base OpenSSL.
  This is an *apache* problem. It's not the port.
  I strongly encourage users to use OpenSSL from ports.
   From httpd-2.0 Status:
   * mod_ssl: fix a link failure when the openssl-engine libraries are
     present but the engine headers are missing.
- fix a typo in WITH_DBM, should be bdb and not db [1]
  I keep db for backward compatibility
- Add WITH_APR_FROM_PORTS to use devel/apr with apache2.
  !!! WARNING !!! apache-2.0.48 is designed to work with apr 0.9.5.

Noticed by:     Fritz Heinrichmeyer <Fritz.Heinrichmeyer@Fernuni-Hagen.de> [1]
Approved by:    erwin (mentor)

17:42 clement 

Apache2 PORTREVISION 2:
- Move docs-related stuff to Makefile.doc
- Better MPM handling (for slave ports)
- Fix HTTP_PORT behaviour
- Make suExec more configurable [1]
- Now config script are regenerated by buildconfig, to improve slave
  ports support and minimize apr/apache2 ports conflict [2]
- Fix typo in AUTH_MODULES routine [3] [4]
- apr threaded support [5]
- Fix Segmentation fault with LDAP [6]
- Add db42 support. [7] (just uncomment related lines
  if you installed it from shar)
- add SLAVE_DESIGNED_FOR variable for slave ports to
  automaticaly mark them as BROKEN, if they are out of sync with
  apache2

PRs:                60444 [1], 61030 [4]
Requested by:       Matthias Andree <matthias.andree@gmx.de> [7]
Suggested by:       kuriyama [2] [5]
Submitted by:       Daniel Tasov <danielt@pilgerer.org> [1],
                    kuriyama [5],
                    motoyuki [3],
                    Scott Michel <scottm@cs.ucla.edu> [4]
Obtained from:      Apache CVS [6]
Reviewed by:        erwin, linimon
Approved by:        erwin (mentor)

14:16 kuriyama 

Remove duplicated WITH_EXPERIMENTAL comment.

Reviewed by:    maintainer

03:22 naddy 

- fix LDAP deps (typo) [1]
- fix nasty typo in DBM code (missing + in LIB_DEPENDS=)
- remove NO_{ERROR;WWWDATE;CGI;ICONS;WWW} and utilize WITHOUT_WWW and
  WITH_CUSTOM_WWW [2]
- HTTP_PORT => WITH_HTTP_PORT and IPV6_ONLY => WITH_IPV6_ONLY [3]
- add support for FreeBSD libc db [4]
- add db41 support [5]
- more typos and a few things...

Notified by:    Oliver Eikemeier <eikemeier@fillmore-labs.com> [1]
Discussed with: Oliver Eikemeier <eikemeier@fillmore-labs.com> [2] [3]
Requested by:   Fritz Heinrichmeyer <fritz.heinrichmeyer@fernuni-hagen.de> [4]
Submitted by:   <swp@uni-altai.ru> [5]

PR:             58739
Submitted by:   Clement Laforet <sheepkiller@cultdeadsheep.org>

09:37 perky 

Fix build.

PR:             58711
Submitted by:   Yusuke Matsuoka <yusmat@iris.dti.ne.jp>
Approved by:    maintainer

22:46 trevor 

Update to 2.0.48, which has corrections for two security bugs:
- CAN-2003-0789:  information leak in mod_cgid
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0789>
- CAN-2003-0542:  buffer overflow in mod_alias and mod_rewrite
<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542>

Use a DIST_SUBDIR.  Use the DOCSDIR macro.

Add options: HTTP_PORT, IPV6_V6ONLY, NO_CGI, NO_ERROR, NO_ICONS,
NO_WWW, NO_WWWDATA, WITHOUT_AUTH, WITHOUT_DAV, WITHOUT_MODULES,
WITHOUT_MODULES, WITHOUT_PROXY, WITH_ALL_STATIC_APACHE, WITH_BERKELEYDB,
WITH_CUSTOM_AUTH, WITH_CUSTOM_PROXY, WITH_DBM, WITH_EXTRA_MODULES,
WITH_MODULES, WITH_MPM, WITH_STATIC_APACHE, WITH_STATIC_MODULES and
WITH_STATIC_SUPPORT

PR:             58654
Submitted by:   Clement Laforet (maintainer)

20:47 dinoex 

- fix spelling in CONFLICTS

17:00 naddy 

Add forgotten file to plist.

PR:             58211
Submitted by:   Dimitry Andric <dimitry@andric.com>
Approved by:    maintainer

15:47 dinoex 

- add CONFLICTS
Submitted by:   eikemeier@fillmore-labs.com
Approved by:    kris

08:37 edwin 

Cease FreeBSD port maintainerships

        I don't have the time to give to many of the ports I maintain at
        the moment. I wasn't expecting to be so busy this summer ...

        Please set all my ports back to ports@freebsd.org.

PR:             ports/56935
Submitted by:   Dominic Marks <dom@wirespeed.org.uk>,Clement Laforet
<sheepkiller@cultdeadsheep.org>,Oliver Eikemeier <eikemeier@fillmore-labs.com>

00:49 kuriyama 

Fix non-default dependency on openldap2[012] which is broken by splitting.

# I'm not bumped port revision of them because this should not affect
# packages built on bento...

15:31 cy 

Update 2.0.46 --> 2.0.47

Approved by:    MAINTAINER (dominic.marks@btinternet.com)
Notified by:    striker@apache.org on announce@apache.org

11:12 kris 

Set GNU_CONFIGURE instead of HAS_CONFIGURE.

Reviewed by:    maintainer

08:09 erwin 

Hand maintainership to submitter

PR:             54053
Submitted by:   Dominic Marks <dom@cus.org.uk>

18:08 perky 

Set maintainer to ports@FreeBSD.org

09:35 perky 

Add a new knob WITH_LDAP that brings mod_auth_ldap and mod_ldap.

Submitted by:   Jean-Baptiste Quenot <jb.quenot@caraldi.com>
Requested by:   Moti Levy <moti@flncs.com>,
                Milan Andric <mandric@eecs.berkeley.edu>,

01:01 perky 

Change to use ${PKGINSTALL} instead of `pkg-install' to unbreak the build
when WRKDIRPREFIX is defined.

PR:             52973
Submitted by:   Morten Rodal <morten@rodal.no>

00:09 perky 

[SECURITY FIX]
Update to 2.0.46

See vulnerability details at:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0245
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0189

PR:             52768 [1]
Submitted by:   Xin Li <delphij@freebsdchina.org> [1],
                Miguel Mendez <flynn@energyhq.es.eu.org>,
                Trevor Johnson <trevor@FreeBSD.org>,
                Mark Gooderum <mark@verniernetworks.com>,
                John Walsh <zed@maths.tcd.ie>

21:33 perky 

- Utilize MASTER_SITE_APACHE_HTTPD [1]
- Allow to override SUEXEC_SAFEPATH [2]

Submitted by:   naddy [1],
                Eugene M. Kim <ab@astralblue.net> [2]

02:36 perky 

Update to 2.0.45. This update fixes a DDOS vulnerability.

PR:             50564 [1]
Submitted by:   Cy Schubert <cy@FreeBSD.org>, delphij@hotmail.com [1]
Requested by:   many

06:25 perky 

De-pkg-comment for my ports.

11:50 perky 

Remove buggy SSL warning which isn't working correctly for openssl's
version scheme change.

Submitted by:   Jos Backus <jos@catnook.com>,
                Tiller Beauchamp <tiller@cs.uoregon.edu>

17:54 perky 

Update to 2.0.44

New knob IPV6_V6ONLY=yes disables accepting v4 connection via v4-mapped
v6 socket.

11:29 perky 

Move bin/ap[ru]-config to lib/apache2/ to coexist with devel/apr-devel
Bumped PORTREVISION accordingly.

PR:             ports/39091
Submitted by:   Marc Recht <marc@informatik.uni-bremen.de>

13:35 perky 

o Change installbuilddir to $PREFIX/share/apache2/build to make porting
  3rd party modules easy. [1]
o Include <limits.h> before <sys/syslimits.h> to reduce warnings on -CURRENT

PR:             44104 [1]
Submitted by:   Clement Laforet <sheepkiller@cultdeadsheep.org> [1]

21:55 knu 

Add MASTER_SITE_RINGSERVER to MASTER_SITES.