Subject: IMPORTANT: APACHE AND APACHE-SSL PKGS UPDATED
To: None <email@example.com>
From: Todd Vierling <firstname.lastname@example.org>
Date: 12/03/1998 12:29:38
Today I added changes to the Apache, Apache-SSL, and SSLeay pkgs that update
and revise a significant amount of the build structure of these pkgs. The
updates should be visible after the next supscan.
The important things that any person wanting to update should note:
- THERE ARE NO SECURITY BUG FIXES IN APACHE 1.3.3 OVER 1.3.2.
If 1.3.2 works Fine for you, you do not need to upgrade at this time
unless you wish to try out the new build structure.
- The NEXT release of Apache (probably 1.3.4) will significantly merge the
httpd.conf, access.conf, and srm.conf files - access.conf and srm.conf
will be empty, and httpd.conf will hold all directives. Be prepared for
this change when the pkg is updated to the next Apache version.
- If you find bugs in the build system, please report them to the
email@example.com mailing list. I will see them, but in case I am not
able to fix them in a timely manner, others there may be able to help.
- mod_perl and mod_frontpage are being worked on. `Watch this space.'
I actually have mod_perl compiling, linking, and running, but it plays
with the Perl XS infrastructure, and shouldn't.
- Engelschall's mod_ssl module has been integrated into the pkg system in a
very special way, and is now located in www/ap-ssl (apache-modssl is
When you build Apache alone, it is built with "hooks" (known as the
mod_ssl EAPI) that allow mod_ssl to link itself into Apache later as a
dynamic shared object. You may then compile SSLeay and mod_ssl even after
Apache is installed.
The new mod_ssl setup HAS NOT BEEN TESTED EXTENSIVELY. It runs for me on
simple requests, but needs a blast test.
- To complement the previous point, SSLeay has been modified to generate
shared libraries with the now familiar and hated `pkglibtool' script. It
does not generate a `libRSAglue.a' any more; those routines are linked
into libcrypto only as necessary.
The new SSLeay pkg is called "ssleay" (lower case) and deliberately
conflicts with SSLeay-0.9.0b to force an upgrade of the SSLeay pkg if
building the new mod_ssl.
- httpd.conf.default now includes special sections of interest to SSL server
administrators, the most important of which is a block of directives near
the top that load and setup mod_ssl. Please check the new
httpd.conf.default and merge changes into your own httpd.conf.