- The previous update to the rc.d script didn't quite maintain the old behavior
  correctly.  This fixes the pid file name

PR:                             ports/151623
Submitted by:   Vivek Khera <vivek@khera.org>
With Hat:               apache@
Point hat to:   myself (pgollucci)

- Update to 2.2.17

**
* Note, no CVE affects the FREEBSD port.  devel/apr1 was updated to
* apr-util 1.3.10 on 2010/10/06 05:32:24.
**

Changes:        http://www.apache.org/dist/httpd/CHANGES_2.2
PR:             ports/151594
Submitted by:   Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>
With Hat:       apache@

<ChangeLog>
  *) prefork MPM: Run cleanups for final request when process exits gracefully
     to work around a flaw in apr-util.  PR 43857.  [Tom Donovan]

Punt autoconf267->autoconf268

- s,/usr/local,%%PREFIX%%,'

Reported by:    stas

- Allow overriding of the following on a profile basis.
    pidfile
    command
    envvars

Without profiles, the old defaults remain unchanged.  With profiles the old
defaults
remain unchanged.

Sponsored by:           RideCharge Inc. / TaxiMagic
Tested by:                      RideCharge Inc. / TaxiMagic (> 1 yr in
production)
With Hat:                       apache@

Autotools update.   Read ports/UPDATING 20100915 for details.

Approved by:    portmgr (for Mk/bsd.port.mk part)
Tested by:      Multiple -exp runs

- Upgrade to 2.2.16.

Security:       CVE-2010-1452 (mod_{cache,dev} remote DoS),
                CVE-2010-2068 (mod_{proxy_{ajp,http},reqtimeout} related on some
platforms)

Bump PORTREVISION forgotten in last commit, by /home/ncvs lied to me.

- Fix misnamed patch that was unconditionally applied.

PR:             ports/146789
Submitted by:   Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net>
With Hat:       apache@

- Fix misnamed patch that was unconditionally applied.

PR:             ports/146789
Submitted by:   Sunpoet Po-Chuan Hsieh <sunpoet@sunpoet.net>
With Hat:       apache@

- Enable,build, and install mod_reqtimeout.so which mitigates solaris attacks.
- Default on, so bump PORTREVISION

Reuested by:        Jonas Eckerman <jonas@fsdb.org> (via apache@)
With Hat:           apache@

- Bump PORTREVISION

With Hat:   apache@

- Whitespace only

With Hat:   apache@

-  only need to set grandfather deps
   the dbm maze is a bit harder so is left alone for now

With Hat:   apache@

- file is only in devel/apr[01] now.

With Hat:   apache@

- remove apr/apr-util vestiges
- fullbuild not needed anymore
- buildconf not needed anymore
- scripts_env not needed anymore

With Hat:   apache@

- Remove WITH_APR_FROM_PORTS option. Always use devel/apr1 port now.
  Bundled srclib/apr is never used now.

With Hat:   apache@

- Chase devel/apr -> devel/apr1 shuffling

PR:             ports/146553
Submitted by:   myself (pgollucci@)
With Hat:       apache@

- Convert ports/ to devel/apr1

PR:             ports/146553
Submitted by:   myself (pgollucci@)
With Hat:       apache@

- blasted whitespace

By default suexec doesn't enforces different resource limitations configured in
login.conf(5). This is probably because resource limitations are handled
differently on various different platforms.

This modifies suexec behaviour to set resource limits for CGI's
from /etc/login.conf before execing the customers CGI script.

Doesn't affect default package, so no PORTREVISION bumps.

I will follow up at dev@httpd.apache.org to see about adding this
with #ifdefs.

PR:             ports/136091
Submitted by:   Alexey V.Degtyarev <alexey@renatasystems.org>
With Hat:       apache@

- Remove use of $] which is deprecated in perl and gone in perl 5.12
  This is already being discussed at dev@httpd and will be committed upstream

Reported by:    brad clawsie <clawsie@fastmail.fm> (on apache@ list)
With Hat:       apache@

- Continuation of ports/133704
  apxs -A comments out the LoadModule line
  This adds custom FreeBSD mod to 'DELETE' the line so that it works with
  our pkg-plists in packages.
- Remove -s form the cmp httpd.conf in pkg-plist to be blatant about why
  it didn't get removed
- Tested with lang/php5
- Bump PORTREVISION

PR:             ports/133704
With Hat:       apache@

- Fix -A and -a options for apxs to correctly ignore whitespace.
  This will fix about 100 pkg-plist left overs for httpd.conf
- Bump PORTREVISION
-  This will be in 2.2.16.

PR:             ports/133704
Obtained from:  http://svn.apache.org/viewvc?rev=942210&view=rev
Reported by:    olli hauer <ohauer@gmx.de> (and very good pr!)
With Hat:       apache@

- FreeBSD doesn't use EGD sockets. Also the option handling doesn't honor
  without-egd.
  Carry the devel/apr fix through

PR:             ports/146376
Submitted by:   Guido Fals

2/2:    fix mod_auth_digest builds which needs EGD and DEVRANDOM.
        This fixes both bundled apr using the port (devel/apr for
WITH_APR_FROM_PORTS)

PR: ports/134577
Requested by: Pascal Vizeli <pvizeli@yahoo.de>
With Hat: apache@

- silence this warning -- libtool: ignoring unknown tag CXX

With Hat:   apache@

- fix ldap support (duplicate www/apache20 fix)
    --with-ldap switches on LDAP library linking in apr-util
    --enable-ldap option switches on the LDAP caching module
    --enable-authnz-ldap option switches on the LDAP authentication module
   [AAA was rewritten in 3 peices in 2.4.x, hence the option change]
  - no custom patch, the linking was fixed in 2.2.x
  - ldap is not in the default package, so no PORTREVISION bump

PR:             ports/128079
Reported by:    koitsu, skreuzer
With Hat:       apache@

- Fix the owner to be root:wheel on files* when running sudo make ...
  This doesn't affect the package b/c pointyhat/tb run as root

PR:             ports/134456
With Hat:       apache@

- Forced commit to note the following CVEs were fixed in 2.2.15
  [from CHANGES file]

  *) SECURITY: CVE-2009-3555 (cve.mitre.org)
     mod_ssl: Comprehensive fix of the TLS renegotiation prefix injection
     attack when compiled against OpenSSL version 0.9.8m or later. Introduces
     the 'SSLInsecureRenegotiation' directive to reopen this vulnerability
     and offer unsafe legacy renegotiation with clients which do not yet
     support the new secure renegotiation protocol, RFC 5746.
     [Joe Orton, and with thanks to the OpenSSL Team]

  *) SECURITY: CVE-2009-3555 (cve.mitre.org)
     mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
     for OpenSSL versions prior to 0.9.8l; reject any client-initiated
     renegotiations. Forcibly disable keepalive for the connection if there

- Update CONFLICTS to make apr package names.

With Hat:   apache@

- Regenerate patch files with make makepatch for they have
  piled up and additional patches conflict.
  This also will help when we try to syncronize www/apache20&www/apache22
- Unconditionally apply the mod_proxy_connect patch, you just may or may
  not actually compile the file to save some logic in Makefile

With Hat:   apache@

- This file isn't even used, it doesn't matter anyway devel/apr(1.4.2) and
  the apr bundled with www/apache22 include this file as the licensing
  issue was resolved ages ago

With Hat:   apache@

- Install check_forensic script if mod_log_forensic is enabled

PR:             ports/144292
Submitted by:   Dan Mahoney <danm@prime.gushi.org>
With Hat:       apache@

- move OPTION handling out of targets section [no-op]

With Hat:   apache@

- whitespace only

With Hat:   apache@

- fix /etc/ftpusers [really this time], bump PORTREVISION
- DISTFILES is not needed
- CFLAGS is already in CONFIGURE_ENV
- drop apache21 from CONFLICTS
- fix caudium CONFLICTS

2/5: Update to httpd 2.2.15, default to using devel/apr instead of bundled apr

PR:             ports/146130
Approved by:    portmgr (pav)
Tested by:      -exp run (pav)
With Hat:       apache@

- Fix typo preventing install/deinstall when /etc/ftpusers was present

Note if you already have www/apache20 or www/apache22 installed this is
not worth updating for; however, you should verify your  [if you use it]
${PREFIX}/etc/apacheXX/extra/httpd-userdir.conf:
  DisableUser dir setting correct lists the users you don't want
  to have the ~/dir visible via http requests.

PR:             ports/144422
Reported by:    several
With hat:       apache@

Begin the process of deprecating sysutils/rc_subr by
s#. %%RC_SUBR%%#. /etc/rc.subr#

- Fix plist with WITH_BDB case.

- Add support for db48 (with WITH_BDB=t and WITH_BDB_VER=48) by
  updating patch to dbm.m4.  Old patch for dbm.m4 is for db47.  But
  recent apache dist already includes code block for db47, so update a
  patch by replacing it to db48.
- No $PORTREVISION bump (no effect to packages with default options).

Submitted by:   ume

- Allow install by a user other then root
[Duplicate fix for devel/apr here in www/apache22 too]

PR:             ports/13876 [based on]
Submitted by:   Mel Flynn <mel at rachie.is-a-geek.net>
                miwi@

whitespace fixes only

- envvars needs to be sourced before _all_ commands if it exists

PR:             ports/138466 (based on)
Submitted by:   Dmitry Pryanishnikov <lynx.ripe@gmail.com>

- Fix handling of apache22_http_accept_enable="YES|NO"
  o Note, don't use required_modules you can not check the return value
    to conditionalize the -DNOHTTPACCEPT flag

PR:             ports/138373
Submitted by:   Helmut Schneider <jumper99@gmx.de>

- Fix option WITH_PATCH_PROXY_CONNECT

PR:             ports/138846
Submitted by:   "George D." <gi@azagal.com>

- OPTIONS+= PROXY_SCGI

PR:             ports/140137
Submitted by:   olli hauer <ohauer@gmx.de>

- Update to 2.2.14
- With hat apache@

Note: The 3 CVE's are a no-op for the FreeBSD port --

date: 2009/08/25 05:33:03;  author: kuriyama;  state: Exp;  lines: +0 -0
(Forced commit)

- 2.2.13 (acutally 2.2.12) includes fixes for several CVEs. [1]
  but in our ports tree, APR related ones (CVE-2009-0023,
  CVE-2009-1955, CVE-2009-1956) were already backported in 2.2.11_5.

References:     http://www.apache.org/dist/httpd/CHANGES_2.2.12 [1]

Changes:

- Update MPM-ITK patch to 20090414-00

PR:             ports/137953
Submitted by:   Emil Mikulic <emikulic@gmail.com>
Feature safe:   yes

(Forced commit)

- 2.2.13 (acutally 2.2.12) includes fixes for several CVEs. [1]
  but in our ports tree, APR related ones (CVE-2009-0023,
  CVE-2009-1955, CVE-2009-1956) were already backported in 2.2.11_5.

References:     http://www.apache.org/dist/httpd/CHANGES_2.2.12 [1]

- Upgrade to 2.2.13.

PR:             ports/137651
Submitted by:   Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp>

-Repocopy devel/libtool15 -> libtool22 and libltdl15 -> libltdl22.
-Update libtool and libltdl to 2.2.6a.
-Remove devel/libtool15 and devel/libltdl15.
-Fix ports build with libtool22/libltdl22.
-Bump ports that depend on libltdl22 due to shared library version change.
-Explain what to do update in the UPDATING.

It has been tested with GNOME2, XFCE4, KDE3, KDE4 and other many wm/desktop
and applications in the runtime.

With help:      marcus and kwm
Pointyhat-exp:  a few times by pav
Tested by:      pgollucci, "Romain Tartière" <romain@blogreen.org>, and
                a few MarcusCom CVS users. Also, I might have missed a few.
Repocopy by:    marcus
Approved by:    portmgr

Fix a few "bad example" problems in the rc.d scripts that have been
propogated by copy and paste.

1. Primarily the "empty variable" default assignment, which is mostly
${name}_flags="", but fix a few others as well.
2. Where they are not already documented, add the existence of the _flags
(or other deleted empties) option to the comments, and in some cases add
comments from scratch.
3. Replace things that look like:
prefix=%%PREFIX%%
command=${prefix}/sbin/foo
to just use %%PREFIX%%. In many cases the $prefix variable is only used
once, and in some cases it is not used at all.
4. In a few cases remove ${name}_flags from command_args
5. Remove a long-stale comment about putting the port's rc.d script in
/etc/rc.d (which is no longer necessary).

No PORTREVISION bumps because all of these changes are noops.

- Change OPTION help text for WITH_APR_FROM_PORTS
  beware -> preferred

  In preparation for making it the default and dropping the option.

Discussed on:   ports@, apache@

- Revert the bdb change in the last batch

- Reported by: Serveral

With Hat:   apache@

- forced commit to note that previous message had an incorrect pr #
  ports/135457 should have been ports/134457

crap, that was supposed to be in the previous commit

- Drop .sh suffices on rc.d scripts, add note to UPDATING
- Commit the final part of the bdb patch improving the value passed
  to --with-berkely-db [1]
- Silence the blasted warnings about accf [2]
  (Will send this upstream)
- Address httpd issue 42829* -  graceful restart with multiple listeners
   using prefork MPM can result in hung processes [3]
- Address httpd issue 29744+ - CONNECT does not work over existing
   SSL connection [4]
- Drop .sh suffices on rc.d scripts, add note to UPDATING [5]
- Bump PORTREVISION

PRs:                ports/110651 [1], ports/132528 [2], ports/134457 [3]
                    ports/135478
Submitted by:       "Timur I. Bakeyev" <timur@gnu.org> [1]
                    bz@ [2]
                    Alexander <freebsd@nagilum.org> [4]
                    myself (pgollucci@) [5]
Requested by:       apache@ (several) [3]

Tested by:          P6 TB (running live > 5 days)
                    RideCharge TB (running live > 3 days)
                    Apache Software Foundation (ASF) TB (running live > 1 day)

Sponosored by:      RideCharge Inc.

- Backport apr-util security fixes pending the 2.2.12 release (forthcomming)

Security:      
http://www.vuxml.org/freebsd/eb9212f7-526b-11de-bbf2-001b77d09812
PR:             ports/135310
Submitted by:   Eygene Ryabinkin <rea-fbsd@codelabs.ru>
With Hat:       apache

- Mark SAFE apache@ ports MAKE_JOBS_SAFE=yes

Add note tp pkg-message informing users of FAQ:
  your hostname must be resolvable via at least
  1 mechanism configured in /etc/nsswitch.conf
  or depending on the modules you hae loaded
  apache might not be able to start.

PRs:            ports/131563, ports/131564, ports/131565
Submitted by:   Glen Barber <glen.j.barber@gmail.com>
Discussed with: me

- Add a patch to fix ab(1) fails to connect with "Operation already in
  progress (37)" errno.

References:     https://issues.apache.org/bugzilla/show_bug.cgi?id=44584
Obtained from: 
http://svn.apache.org/viewvc/httpd/httpd/trunk/support/ab.c?r1=748396&r2=749438
Reviewed by:    apache@ (pgollucci@)

- www/apache22-peruser-mpm overwrites the apache22.tbz package in Latest/
  due to the Master/Slave relationship
  (Needs LATEST_LINK et al)

Discussed on:   apache@
Reported by:    John Hay <jhay@meraka.org.za>
Approved by:    Jille Timmermans <jille@quis.cx>

With hat:       apache

remove now unused option WITH_SVN

Chase devel/apr-svn removal

Reported by:    tabthorpe
Pointyhat:      me

- Re-assign www/apache* ports to apache@
- Previous MATAINERs please welcome yourself to the apache@ team.

Approved by: portmgr (pav, flz), secteam (simon), clement

- Remove conditional checks for FreeBSD 5.x and older

Approved by:    pav

- Update to 2.2.11
- Always depend on pcre from ports [1]
- Fix plist with LDAP/without apr-util DSO
- source envvars as late as possible [2]

Requested by:           ale
                        Eygene Ryabinkin <rea-fbsd at codelabs dot ru> [2]
PR:                     ports/127418 [2]

- Fix @comment string

Pointy hat to:  clement
Reported by:    Christer Solskogen

- Fix @comment string

Pointy hat to:  clement
Reported by:    Christer Solskogen

- Fix plist where apr_dbd is used
- Fix Postgresql build, don't trust pg_config
- Don't overwrite apr_dbd_mysql.c
- Bump PORTREVISION

No cookie for:  clement

- Update MPM itk patch to 20080727-00 (it is actually a no op
  on FreeBSD)
- Move mpm-itk patch to EXTRA_PATCHES to avoid conflicts with
  alternative mpm patches [1]
- update PLIST_SUBS when SLAVE_PORT_MPM is defined

Requested by:           Jille Timmermans [1]

- Fix incorrect redirection order in startup script
- Bump PORTREVISION

PR:             ports/127038 [1]
Submitted by:   edwin@ [1]
Reported by:    Tod McQuillin

- Yet Another Plist Fix [1]
- Completely shut up rc.d script when no profiles are enabled
  (add add support to disable profiles) [2]
- Fix CVE-2008-2939 for mod_proxy_ftp
  (XSS attacks when using wildcards in the path of the FTP URL)
- Add "apache22_fib" to start apache22 prefixed by
  "setfib -F ${apache22_fib}", so apache can use an alternate
  network view (not carefully tested yet)
- Revert previous patch to "fix" missing rc.d scripts. It
  actually breaks profiles.
- Bump PORTREVISION

PR:             ports/126670 [1],
                ports/116627 [2]
Submitted by:   Joseph S. Atkinson [1],
                Eygene Ryabinkin [2]
Security:       CVE-2008-2939

Special thanks to: pgollucci@

- Fix plist when NOPORTDOCS is defined [1]
- Add WITH_SVN knob. It enables BDB for apache22 port and
  force dependency on dev/apr-svn when WITH_APR_FROM_PORTS is
  defined. (should help fixing [2]).
  Introduce APR_PORT.
- Add support for db-4.7 [3]
- Add mod_ldap OPTIONS fixup [4]
- Sometimes, rc scripts aren't included in package
  Try to fix this. [5]

PR:    ports/126053 [2], ports/125520 [3]
       ports/124651 [4], ports/126670 [5] (partially)

Reported by: QA Tindy [1],
             Crazig Leres [2],
             Larry Rosenman [4]
             Kirk Strauser [3],
             Joseph S. Atkinson [5]

Update CONFIGURE_ARGS for how we pass CONFIGURE_TARGET to configure script.
Specifically, newer autoconf (> 2.13) has different semantic of the
configure target. In short, one should use --build=CONFIGURE_TARGET
instead of CONFIGURE_TARGET directly. Otherwise, you will get a warning
and the old semantic may be removed in later autoconf releases.

To workaround this issue, many ports hack the CONFIGURE_TARGET variable
so that it contains the ``--build='' prefix.

To solve this issue, under the fact that some ports still have
configure script generated by the old autoconf, we use runtime detection
in the do-configure target so that the proper argument can be used.

Changes to Mk/*:
 - Add runtime detection magic in bsd.port.mk

Conversion from (now defunct) autoconf-2.61 to autoconf-2.62

Tested by:      exp build run (erwin)

 - Update to 2.2.9
 - Add a note to UPDATING about the forced build of subversion
   because of apr/apu bumped version.

- Fix recursive use of WITH_BDB_VER when WITH_BERKELEYDB and WITH_BDB_VER
  are both defined.

Reported by:    Vivek Khera <VIVEK@KHERA.ORG>

- s/bsd.databases.mk/bsd.database.mk/

PR:             ports/119823
Submitted by:   mm

- Update to 2.2.8
- Update documentation
- Use BDB from bsd.databases.mk instead of homebrew [1]

PR:             ports/119711 [1]
Submitted by:   mm [1]

- Add support for db45 and db46

PR:             ports/117937
Submitted by:   mm
Approved by:    maintainer timeout

- Fix slave ports [1]
- Fix plist [2]
- Fix CONFLICTS with devel/apr-svn [3]
- Fix install when index.html is modified
- Bump PORT_REVISION

PR:             ports/118348 [1], ports/118338 [2],ports/117097 [2]
                ports/90088 [3], ports/118349 [3]
Submitted by:   Andrey Beresovsky <and at sfedu dot ru> [1],
                Dimitry Andric <dimitry at andric dot com> [2],
                YAMAMOTO Takao <yamamoto at computec dot co dot jp>
                Melvyn Sopacua <melvyn atmelvyn dot homeunix dot org> [3],
                Dominic Fandrey <lon_kamikaze at gmx dot de> [3]

Switch autoconf dependencies from 2.53 or 2.59 to 2.61.

PR:             ports/116639
Submitted by:   aDe

- Make port more OPTIONS compliant (more OPTIONS workarounds)
- Add some IGNORE entries to warn users when the choose conflicting options

- Fix PCRE_FROM_PORTS. it wasn't processed by OPTIONS stff [1]
  (I forgot to re-apply the patch locally)

Reminded by:    bland@

- Fix PCRE_FROM_PORTS. it wasn't processed by OPTIONS stff [1]
- Preserve index.html
- We no longer install images in default DocumentRoot (there're still in icons/)
- Various plist cleanup
- bump PORTREVISION since we are now safe with index.html

Reminded by:    bland@

- remove duplicate entry of mod_charset_lite [1]
- add PCRE_FROM_PORTS to OPTIONS
- use @dirrmtry for include/apache22
- workaround plist issues when upgrading, but it's not as safe as I
  would expect, it requires more work.

Spotted by:     bland@ [1]

- Add experimental support of OPTIONS.
  From UPDATING:

  By popular request, OPTIONS support has been added. When actived
  (default), these knobs are ignored:
          * WITH_<CATEGORY>_MODULES
          * WITHOUT_<CATEGORY>_MODULES
          * WITH_CUSTOM_<CATEGORY>
          * WITH_MODULES
          * WITHOUT_MODULES
          * WITH_STATIC_MODULES
  However, you can disable OPTIONS by defining WITHOUT_APACHE_OPTIONS.

- move envvars support to the beginning of apache22_checkconfig() to be
  sure we're using envvars during configtest [1]

PR:             ports/116329 [1]
Submitted by:   Ruud Althuizen <ruud@il.fontys.nl> [1]

- Fix build when WITHOUT_IPV6 is defined and system is IPv6-free

PR:                     ports/115200
Submitted by:           anray
Also reported by:       Peter Jeremy

- Import MySQL DBD backend
  This will definitively fix checksum mismatches. Time to investigate...

Reported by:    many

\

- Cleanup MPM selection
- Update mpm itk to 20070425-00

- Update to 2.2.6
- Fix restart when profiles are used [1]

Submitted by:   Jarrod Sayers <jarrod at netleader dot com dot au>

- Remove the DESTDIR modifications from individual ports as we have a new,
  fully chrooted DESTDIR, which does not need such any more.

Sponsored by:   Google Summer of Code 2007
Approved by:    portmgr (pav)

- Add htcacheclean startup script [1]
- Add support for PCRE from ports (WITH_PCRE_FROM_PORTS) [2]
- Install split-logfile [3]

Submitted by:   Christopher Shumway <cshumway at titan-project dot org> [1]
Requested by:   Gergely CZUCZY <phoemix at harmless dot hu>, [2]
                many [3]

Remove thttpd from conflicts list, it has a different name for its
passwd program now.

Approved by:    maintainers/erwin

- backout OpenSSL part of previous commit.
  Forcing -rpath can lead to strange side effects when using apxs

- Ensure we use correct OpenSSL libs [1]
- Fix multiprofiles support in rc script [2]

PR:             ports/100315 [1],
                ports/109536 [2]
Submitted by:   Jo Rhett <jrhett@svcolo.com> [1]
                Eygene Ryabinkin <rea-fbsd@codelabs.ru> [2]

- Ensure configure script won't force us to use an unwanted apr dbd backend.

- Update to 2.2.4
- Add dumpio module
- Fix rcorder [1]

PR:             ports/106429 [1]
Submitted by:   Dmitry Pryanishnikov <dmitry@atlantis.dp.ua> [1]