path: root/httpd.spec

%define contentdir /var/www
%define suexec_caller apache
%define mmn 20020903

Summary: Apache HTTP Server
Name: httpd
Version: 2.0.48
Release: 10
URL: http://httpd.apache.org/
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz
Source1: index.html
Source3: httpd.logrotate
Source4: httpd.init
Source6: powered_by.gif
Source7: powered_by_fedora.png
Source10: httpd.conf
Source11: ssl.conf
Source12: welcome.conf
Source14: mod_ssl-Makefile.crt
Source15: mod_ssl-Makefile.crl
# Documentation
Source30: migration.xml
Source31: migration.css
Source32: html.xsl
Source33: README.confd
# build/scripts patches
Patch1: httpd-2.0.40-apctl.patch
Patch2: httpd-2.0.36-apxs.patch
Patch3: httpd-2.0.48-linkmods.patch
Patch4: httpd-2.0.45-parallel.patch
Patch5: httpd-2.0.45-deplibs.patch
Patch6: httpd-2.0.47-pie.patch
Patch7: httpd-2.0.45-syspcre.patch
Patch8: httpd-2.0.48-suexeclibs.patch
Patch9: httpd-2.0.48-vpathinc.patch
# Bug fixes
Patch20: httpd-2.0.45-encode.patch
Patch21: httpd-2.0.45-davfs.patch
Patch22: httpd-2.0.45-davetag.patch
Patch23: httpd-headusage.patch
Patch24: httpd-2.0.47-sslcleanup.patch
Patch25: httpd-2.0.47-ldapshm.patch
Patch26: httpd-2.0.46-shmcb.patch
Patch27: httpd-2.0.46-sslmutex.patch
Patch28: httpd-2.0.46-sslio.patch
Patch29: httpd-2.0.46-graceful.patch
Patch30: httpd-2.0.46-metharray.patch
Patch31: httpd-2.0.48-usertrack.patch
Patch32: httpd-2.0.46-execfail.patch
Patch33: httpd-2.0.46-logtimez.patch
Patch34: httpd-2.0.46-sslerr.patch
Patch35: httpd-2.0.46-md5dig.patch
Patch36: httpd-2.0.48-sslvars.patch
Patch37: httpd-2.0.48-include.patch
Patch38: httpd-2.0.48-autoindex.patch
Patch39: httpd-2.0.48-proxy11.patch
# Features/functional changes
Patch70: httpd-2.0.48-release.patch
Patch71: httpd-2.0.40-xfsz.patch
Patch72: httpd-2.0.40-pod.patch
Patch73: httpd-2.0.40-noshmht.patch
Patch74: httpd-2.0.45-proxy.patch
Patch75: httpd-2.0.45-export.patch
Patch76: httpd-2.0.48-dynlimit.patch
Patch77: httpd-2.0.48-dynamic.patch
Patch78: httpd-2.0.48-status.patch
Patch79: httpd-2.0.48-sslstatus.patch
Patch80: httpd-2.0.48-corelimit.patch
Patch81: httpd-2.0.46-rolog.patch
Patch82: httpd-2.0.48-distcache.patch
# Security fixes
Patch120: httpd-2.0.48-CAN-2003-0020.patch
# Documentation fixes
Patch170: httpd-2.0.48-manpages.patch
License: Apache Software License
Group: System Environment/Daemons
BuildRoot: %{_tmppath}/%{name}-root
BuildRequires: db4-devel, expat-devel, findutils, perl, pkgconfig, xmlto >= 0.0.11
BuildRequires: apr-devel >= 0.9.3-10, apr-util-devel, pcre-devel
Requires: /etc/mime.types, gawk, /usr/share/magic.mime, /usr/bin/find
Prereq: /sbin/chkconfig, /bin/mktemp, /bin/rm, /bin/mv
Prereq: sh-utils, textutils, /usr/sbin/useradd
Provides: webserver
Provides: httpd-mmn = %{mmn}
Obsoletes: apache, secureweb, mod_dav, mod_gzip, stronghold-apache, stronghold-htdocs
Obsoletes: mod_put, mod_roaming

%description
Apache is a powerful, full-featured, efficient, and freely-available
Web server. Apache is also the most popular Web server on the
Internet.

%package devel
Group: Development/Libraries
Summary: Development tools for the Apache HTTP server.
Obsoletes: secureweb-devel, apache-devel, stronghold-apache-devel
Requires: apr-devel, apr-util-devel, httpd = %{version}

%description devel
The httpd-devel package contains the APXS binary and other files
that you need to build Dynamic Shared Objects (DSOs) for Apache.

If you are installing the Apache HTTP server and you want to be
able to compile or develop additional modules for Apache, you need
to install this package.

%package manual
Group: Documentation
Summary: Documentation for the Apache HTTP server.
Obsoletes: secureweb-manual, apache-manual

%description manual
The httpd-manual package contains the complete manual and
reference guide for the Apache HTTP server. The information can
also be found at http://httpd.apache.org/docs-2.0/.

%package -n mod_ssl
Group: System Environment/Daemons
Summary: SSL/TLS module for the Apache HTTP server
Serial: 1
BuildRequires: openssl-devel, distcache-devel
Prereq: openssl, dev, /bin/cat
Requires: httpd = %{version}-%{release}, make, httpd-mmn = %{mmn}
Obsoletes: stronghold-mod_ssl

%description -n mod_ssl
The mod_ssl module provides strong cryptography for the Apache Web
server via the Secure Sockets Layer (SSL) and Transport Layer
Security (TLS) protocols.

%prep
%setup -q
%patch1 -p0 -b .apctl
%patch2 -p1 -b .apxs
%patch3 -p1 -b .linkmods
%patch4 -p1 -b .parallel
%patch5 -p1 -b .deplibs
%patch7 -p1 -b .syspcre
%patch8 -p1 -b .suexeclibs
%patch9 -p1 -b .vpathinc

# no -b to prevent droplets in install root
%patch20 -p1
%patch21 -p1 -b .davfs
%patch22 -p1 -b .davetag
%patch23 -p1 -b .head
%patch24 -p1 -b .sslcleanup
%patch25 -p1 -b .ldapshm
%patch26 -p1 -b .shmcb
%patch27 -p1 -b .sslmutex
%patch28 -p1 -b .sslio
%patch29 -p1 -b .graceful
%patch30 -p1 -b .metharray
%patch31 -p1 -b .usertrack
%patch32 -p1 -b .execfail
%patch33 -p1 -b .logtimez
%patch34 -p1 -b .sslerr
%patch35 -p1 -b .md5dig
%patch36 -p1 -b .sslvars
%patch37 -p1 -b .include
%patch38 -p1 -b .autoindex
%patch39 -p1 -b .proxy11

%patch71 -p0 -b .xfsz
%patch72 -p0 -b .pod
%patch73 -p1 -b .noshmht
%patch74 -p1 -b .proxy
%patch75 -p1 -b .export
%patch76 -p1 -b .dynlimit
%patch77 -p1 -b .dynamic
%patch78 -p1 -b .status
%patch79 -p1 -b .sslstatus
%patch80 -p1 -b .corelimit
%patch81 -p1 -b .rolog
%patch82 -p1 -b .distcache

%patch120 -p1 -b .can0020

%patch170 -p1 -b .manpages

# Patch in vendor/release string
sed "s/@RELEASE@/Fedora/" < %{PATCH70} | patch -p1

# Safety check: prevent build if defined MMN does not equal upstream MMN.
vmmn=`echo MODULE_MAGIC_NUMBER_MAJOR | cpp -include \`pwd\`/include/ap_mmn.h | sed -n '/^2/p'`
if test "x${vmmn}" != "x%{mmn}"; then
   : Error: Upstream MMN is now ${vmmn}, packaged MMN is %{mmn}.
   : Update the mmn macro and rebuild.
   exit 1
fi

# Conditionally enable PIE support
if echo 'static int foo[30000]; int main () { return 0; }' | 
   gcc -pie -fpie -O2 -xc - -o pietest 2>/dev/null && 
   ./pietest; then
%patch6 -p1 -b .pie
  : PIE support enabled
else
  : WARNING: PIE support not enabled
fi

%build
# regenerate configure scripts
./buildconf

# Before configure; fix location of build dir in generated apxs
%{__perl} -pi -e "s:\@exp_installbuilddir\@:%{_libdir}/httpd/build:g" \
	support/apxs.in
# update location of migration guide in apachectl
%{__perl} -pi -e "s:\@docdir\@:%{_docdir}/%{name}-%{version}:g" \
	support/apachectl.in

# forcibly prevent use of bundled apr, apr-util
rm -rf srclib/{apr,apr-util}

# build the migration guide
xmlto --skip-validation -x $RPM_SOURCE_DIR/html.xsl html-nochunks $RPM_SOURCE_DIR/migration.xml
cp $RPM_SOURCE_DIR/migration.css . # make %%doc happy

CFLAGS="$RPM_OPT_FLAGS -DSSL_EXPERIMENTAL_ENGINE"
if pkg-config openssl ; then
	# configure -C barfs with trailing spaces in CFLAGS
	CFLAGS="$CFLAGS `pkg-config --cflags openssl | sed 's/ *$//'`"
	AP_LIBS="$AP_LIBS `pkg-config --libs openssl`"
else
	AP_LIBS="-lssl -lcrypto"
fi
export CFLAGS
export AP_LIBS

function mpmbuild()
{
mpm=$1; shift
mkdir $mpm; pushd $mpm
../configure \
 	--prefix=%{_sysconfdir}/httpd \
 	--exec-prefix=%{_prefix} \
 	--bindir=%{_bindir} \
 	--sbindir=%{_sbindir} \
 	--mandir=%{_mandir} \
	--libdir=%{_libdir} \
	--sysconfdir=%{_sysconfdir}/httpd/conf \
	--includedir=%{_includedir}/httpd \
	--libexecdir=%{_libdir}/httpd/modules \
	--datadir=%{contentdir} \
        --with-installbuilddir=%{_libdir}/httpd/build \
	--with-mpm=$mpm \
        --with-apr=%{_prefix} --with-apr-util=%{_prefix} \
	--enable-suexec --with-suexec \
	--with-suexec-caller=%{suexec_caller} \
	--with-suexec-docroot=%{contentdir} \
	--with-suexec-logfile=%{_localstatedir}/log/httpd/suexec.log \
	--with-suexec-bin=%{_sbindir}/suexec \
	--with-suexec-uidmin=500 --with-suexec-gidmin=100 \
	$*

make %{?_smp_mflags}
popd
}

# Only bother enabling optional modules for main build.
mpmbuild prefork --enable-mods-shared=all \
	--enable-ssl --with-ssl --enable-distcache \
	--enable-deflate \
	--enable-proxy --enable-proxy-connect \
	--enable-proxy-http --enable-proxy-ftp \
        --disable-ext-filter \
        --enable-cache --enable-mem-cache \
        --enable-file-cache --enable-disk-cache \
        --enable-ldap --enable-auth-ldap \
        --enable-logio

# To prevent most modules being built statically into httpd.worker, 
# easiest way seems to be enable them shared.
mpmbuild worker --enable-mods-shared=all

# Verify that the same modules were built into the two httpd binaries
./prefork/httpd -l | grep -v prefork > prefork.mods
./worker/httpd -l | grep -v worker > worker.mods
if ! diff -u prefork.mods worker.mods; then
  : Different modules built into httpd binaries, will not proceed
  exit 1
fi

%install
rm -rf $RPM_BUILD_ROOT

# Classify ab and logresolve as section 1 commands, as they are in /usr/bin
mv docs/man/ab.8 docs/man/ab.1
mv docs/man/logresolve.8 docs/man/logresolve.1

pushd prefork
make DESTDIR=$RPM_BUILD_ROOT install
popd
# install worker binary
install -m 755 worker/httpd $RPM_BUILD_ROOT%{_sbindir}/httpd.worker

# install conf file/directory
mkdir $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d
install -m 644 $RPM_SOURCE_DIR/README.confd \
   $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/README
install -m 644 $RPM_SOURCE_DIR/ssl.conf \
   $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/ssl.conf
install -m 644 $RPM_SOURCE_DIR/welcome.conf \
   $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf.d/welcome.conf

rm $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/*.conf
install -m 644 $RPM_SOURCE_DIR/httpd.conf \
   $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/httpd.conf

# mod_ssl bits
for suffix in crl crt csr key prm; do
   mkdir $RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/ssl.${suffix}
done

# Makefiles for certificate management
for ext in crt crl; do 
  install -m 644 $RPM_SOURCE_DIR/mod_ssl-Makefile.${ext} \
	$RPM_BUILD_ROOT%{_sysconfdir}/httpd/conf/ssl.${ext}/Makefile.${ext}
done
ln -s ../../../usr/share/ssl/certs/Makefile $RPM_BUILD_ROOT/etc/httpd/conf

# for holding mod_dav lock database
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/dav

# create a prototype session cache
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/cache/mod_ssl
touch $RPM_BUILD_ROOT%{_localstatedir}/cache/mod_ssl/scache.{dir,pag,sem}

# create cache root
mkdir $RPM_BUILD_ROOT%{_localstatedir}/cache/mod_proxy

# move utilities to /usr/bin
mv $RPM_BUILD_ROOT%{_sbindir}/{ab,htdbm,logresolve,htpasswd,htdigest} \
   $RPM_BUILD_ROOT%{_bindir}

# move builddir to the right place
mv $RPM_BUILD_ROOT%{contentdir}/build $RPM_BUILD_ROOT%{_libdir}/httpd/build

# point to the correct libtool
apr_libtool=`apr-config --apr-libtool | sed -e 's|/bin/sh ||'`
ln -s ../../../..${apr_libtool} $RPM_BUILD_ROOT%{_libdir}/httpd/build/libtool

# Install and sanitize config_vars file: relocate the build directory into 
# libdir; reference correct libtool; fix EXTRA_INCLUDES
sed -e "s|%{contentdir}/build|%{_libdir}/httpd/build|g" \
    -e "/AP_LIBS/d" -e "/abs_srcdir/d" \
    -e "/^LIBTOOL/s|/bin/sh /[^ ]*/libtool|/bin/sh ${apr_libtool}|" \
    -e "s|^EXTRA_INCLUDES.*$|EXTRA_INCLUDES = -I\$(includedir) -I\$(APR_INCLUDEDIR) -I%{_includedir}/openssl|g" \
  < prefork/build/config_vars.mk \
  > $RPM_BUILD_ROOT%{_libdir}/httpd/build/config_vars.mk
install -m 644 build/special.mk \
    $RPM_BUILD_ROOT%{_libdir}/httpd/build/special.mk

# Make the MMN accessible to module packages
echo %{mmn} > $RPM_BUILD_ROOT%{_includedir}/httpd/.mmn

# docroot
mkdir $RPM_BUILD_ROOT%{contentdir}/html
install -m 644 $RPM_SOURCE_DIR/index.html \
	$RPM_BUILD_ROOT%{contentdir}/error/noindex.html

# remove manual sources
find $RPM_BUILD_ROOT%{contentdir}/manual \( \
    -name \*.xml -o -name \*.xml.* -o -name \*.ent -o -name \*.xsl -o -name \*.dtd \
    \) -print0 | xargs -0 rm -f

install -m 644 $RPM_SOURCE_DIR/powered_by.gif \
	$RPM_BUILD_ROOT%{contentdir}/icons
install -m 644 $RPM_SOURCE_DIR/powered_by_fedora.png \
	$RPM_BUILD_ROOT%{contentdir}/icons

# logs
rmdir $RPM_BUILD_ROOT%{_sysconfdir}/httpd/logs
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/log/httpd

# symlinks for /etc/httpd
ln -s ../..%{_localstatedir}/log/httpd $RPM_BUILD_ROOT/etc/httpd/logs
ln -s ../..%{_localstatedir}/run $RPM_BUILD_ROOT/etc/httpd/run
ln -s ../..%{_libdir}/httpd/modules $RPM_BUILD_ROOT/etc/httpd/modules
ln -s ../..%{_libdir}/httpd/build $RPM_BUILD_ROOT/etc/httpd/build

# install SYSV init stuff
mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d
install -m755 $RPM_SOURCE_DIR/httpd.init \
	$RPM_BUILD_ROOT/etc/rc.d/init.d/httpd
%{__perl} -pi -e "s:\@docdir\@:%{_docdir}/%{name}-%{version}:g" \
	$RPM_BUILD_ROOT/etc/rc.d/init.d/httpd	

# install log rotation stuff
mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d
install -m644 $RPM_SOURCE_DIR/httpd.logrotate \
	$RPM_BUILD_ROOT/etc/logrotate.d/httpd

# fix man page paths
sed -e "s|/usr/local/apache2/conf/httpd.conf|/etc/httpd/conf/httpd.conf|" \
    -e "s|/usr/local/apache2/conf/mime.types|/etc/mime.types|" \
    -e "s|/usr/local/apache2/conf/magic|/etc/httpd/conf/magic|" \
    -e "s|/usr/local/apache2/logs/error_log|/var/log/httpd/error_log|" \
    -e "s|/usr/local/apache2/logs/access_log|/var/log/httpd/access_log|" \
    -e "s|/usr/local/apache2/logs/httpd.pid|/var/run/httpd.pid|" \
    -e "s|/usr/local/apache2|/etc/httpd|" < docs/man/httpd.8 \
  > $RPM_BUILD_ROOT%{_mandir}/man8/httpd.8

# Remove unpackaged files
rm -f $RPM_BUILD_ROOT%{_libdir}/*.exp \
      $RPM_BUILD_ROOT/etc/httpd/conf/mime.types \
      $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.exp \
      $RPM_BUILD_ROOT%{_libdir}/httpd/build/config.nice \
      $RPM_BUILD_ROOT%{_bindir}/ap?-config \
      $RPM_BUILD_ROOT%{_sbindir}/{checkgid,dbmmanage,envvars*} \
      $RPM_BUILD_ROOT%{contentdir}/htdocs/* \
      $RPM_BUILD_ROOT%{_mandir}/man1/dbmmanage.* \
      $RPM_BUILD_ROOT%{contentdir}/cgi-bin/*

# Remove headers which needn't be public
rm -f $RPM_BUILD_ROOT%{_includedir}/httpd/{ssl_expr_parse.h,ssl_util_table.h}

# Make suexec a+rw so it can be stripped.  %%files lists real permissions
chmod 755 $RPM_BUILD_ROOT%{_sbindir}/suexec

%pre
# Add the "apache" user
/usr/sbin/useradd -c "Apache" -u 48 \
	-s /sbin/nologin -r -d %{contentdir} apache 2> /dev/null || :

%triggerpostun -- apache < 2.0, stronghold-apache < 2.0
/sbin/chkconfig --add httpd

# Prevent removal of index.html on upgrades from 1.3
%triggerun -- apache < 2.0, stronghold-apache < 2.0
if [ -r %{contentdir}/index.html -a ! -r %{contentdir}/index.html.rpmold ]; then
  mv %{contentdir}/index.html %{contentdir}/index.html.rpmold
fi

%post
# Register the httpd service
/sbin/chkconfig --add httpd

%preun
if [ $1 = 0 ]; then
	/sbin/service httpd stop > /dev/null 2>&1
	/sbin/chkconfig --del httpd
fi

%post -n mod_ssl
/sbin/ldconfig ### is this needed?
umask 077

if [ ! -f %{_sysconfdir}/httpd/conf/ssl.key/server.key ] ; then
%{_bindir}/openssl genrsa -rand /proc/apm:/proc/cpuinfo:/proc/dma:/proc/filesystems:/proc/interrupts:/proc/ioports:/proc/pci:/proc/rtc:/proc/uptime 1024 > %{_sysconfdir}/httpd/conf/ssl.key/server.key 2> /dev/null
fi

FQDN=`hostname`
if [ "x${FQDN}" = "x" ]; then
   FQDN=localhost.localdomain
fi

if [ ! -f %{_sysconfdir}/httpd/conf/ssl.crt/server.crt ] ; then
cat << EOF | %{_bindir}/openssl req -new -key %{_sysconfdir}/httpd/conf/ssl.key/server.key -x509 -days 365 -out %{_sysconfdir}/httpd/conf/ssl.crt/server.crt 2>/dev/null
--
SomeState
SomeCity
SomeOrganization
SomeOrganizationalUnit
${FQDN}
root@${FQDN}
EOF
fi

%check
# Check the built modules are all PIC
if readelf -d $RPM_BUILD_ROOT%{_libdir}/httpd/modules/*.so | grep TEXTREL; then
   : modules contain non-relocatable code
   exit 1
fi

%clean
rm -rf $RPM_BUILD_ROOT

%files
%defattr(-,root,root)

%doc ABOUT_APACHE README CHANGES LICENSE VERSIONING
%doc migration.html migration.css

%dir %{_sysconfdir}/httpd
%{_sysconfdir}/httpd/modules
%{_sysconfdir}/httpd/logs
%{_sysconfdir}/httpd/run
%dir %{_sysconfdir}/httpd/conf
%config(noreplace) %{_sysconfdir}/httpd/conf/*.conf
%config(noreplace) %{_sysconfdir}/httpd/conf.d/welcome.conf
%config(noreplace) %{_sysconfdir}/httpd/conf/magic

%config(noreplace) %{_sysconfdir}/logrotate.d/httpd
%config %{_sysconfdir}/rc.d/init.d/httpd

%dir %{_sysconfdir}/httpd/conf.d
%{_sysconfdir}/httpd/conf.d/README

%{_bindir}/ab
%{_bindir}/ht*
%{_bindir}/logresolve
%{_sbindir}/httpd
%{_sbindir}/httpd.worker
%{_sbindir}/apachectl
%{_sbindir}/rotatelogs
%attr(4510,root,%{suexec_caller}) %{_sbindir}/suexec

%dir %{_libdir}/httpd
%dir %{_libdir}/httpd/modules
%{_libdir}/httpd/modules/mod*.so
%exclude %{_libdir}/httpd/modules/mod_ssl.so

%dir %{contentdir}
%dir %{contentdir}/cgi-bin
%dir %{contentdir}/html
%dir %{contentdir}/icons
%dir %{contentdir}/error
%dir %{contentdir}/error/include
%{contentdir}/icons/*
%{contentdir}/error/README
%{contentdir}/error/noindex.html
%config %{contentdir}/error/*.var
%config %{contentdir}/error/include/*.html

%attr(0700,root,root) %dir %{_localstatedir}/log/httpd
%attr(0700,apache,apache) %dir %{_localstatedir}/lib/dav
%attr(0700,apache,apache) %dir %{_localstatedir}/cache/mod_proxy

%{_mandir}/man?/*
%exclude %{_mandir}/man8/apxs.8*

%files manual
%defattr(-,root,root)
%{contentdir}/manual

%files -n mod_ssl
%defattr(-,root,root)
%{_libdir}/httpd/modules/mod_ssl.so
%config(noreplace) %{_sysconfdir}/httpd/conf.d/ssl.conf
%attr(0700,root,root) %dir %{_sysconfdir}/httpd/conf/ssl.*
%config %{_sysconfdir}/httpd/conf/Makefile
%config %{_sysconfdir}/httpd/conf/ssl.*/*
%attr(0700,apache,root) %dir %{_localstatedir}/cache/mod_ssl
%attr(0600,apache,root) %ghost %{_localstatedir}/cache/mod_ssl/scache.dir
%attr(0600,apache,root) %ghost %{_localstatedir}/cache/mod_ssl/scache.pag
%attr(0600,apache,root) %ghost %{_localstatedir}/cache/mod_ssl/scache.sem

%files devel
%defattr(-,root,root)
%{_includedir}/httpd
%{_sysconfdir}/httpd/build
%{_sbindir}/apxs
%{_mandir}/man8/apxs.8*
%dir %{_libdir}/httpd/build
%{_libdir}/httpd/build/*.mk
%{_libdir}/httpd/build/instdso.sh
%{_libdir}/httpd/build/libtool

%changelog
* Tue Jan 27 2004 Joe Orton <jorton@redhat.com> 2.0.48-10
- update to ab from HEAD
- remove dbmmanage man page (part of #114080)
- mod_ssl: fix streaming nph- CGI scripts over SSL
- mod_autoindex: fixes from 2.0 branch (André Malo)
- add NameVirtualHost vs mod_ssl warning to httpd.conf (#114315)
- mod_proxy: HTTP/1.1-compliance fixes from HEAD

* Tue Jan 20 2004 Joe Orton <jorton@redhat.com> 2.0.48-9
- use a large BSS in the test PIE executable to trigger bugs early
- tighten check on CPP output in MMN check (#113934)

* Mon Jan 19 2004 Joe Orton <jorton@redhat.com> 2.0.48-8
- add man page fixes
- mod_include: use parser rewrite+fixes from 2.0 branch (André Malo et al)
- mod_ssl: add distcache support (Geoff Thorpe)
- mod_ssl: SSL variable handling fixes for non-SSL connections (various)
- allow linking modules against specific libraries found during configure

* Mon Jan 19 2004 Joe Orton <jorton@redhat.com> 2.0.48-7
- hack to ensure that /usr/sbin/suexec gets stripped
- merges from upstream:
 * fix for CVE CAN-2003-0020 (André Malo)
 * open log files read-only (Jeff Trawick)
 * mod_cgi: fix logging of script exec failure messages (Jeff Trawick)
 * mod_proxy: fix leak in request body handling (Larry Toppi)
- merges from Taroon:
 * move away /var/www/html/index.html before upgrade from 1.3 (#70705)
 * allow upgrade from Stronghold 4.0
 * migration guide updates 
 * mod_log_config: fix logging of timezone (upstream #23642)
 * mod_ssl: restore readable error descriptions in error log

* Mon Jan 19 2004 Joe Orton <jorton@redhat.com> 2.0.48-6
- fix httpd.init issues reported by Behdad Esfahbod
- add fix for mod_usertrack (#113269)
- automatically raise RLIMIT_CORE if CoreDumpDirectory is used
- emit warning at end of %%prep if PIE support is not enabled
- add symlink to libtool script from build directory (#113720)
- don't link suexec against the world

* Sun Jan 04 2004 Joe Orton <jorton@redhat.com> 2.0.48-5
- use graceful restart in logrotate
- bump default MaxRequestsPerChild for prefork to 4000
- move vendor string for Server header into spec file
- include mod_status extension hook and use it in mod_ssl to include
  SSL session cache statistics in server-status output

* Thu Dec 18 2003 Joe Orton <jorton@redhat.com> 2.0.48-4
- rebuild

* Sat Dec 13 2003 Jeff Johnson <jbj@jbj.org> 2.0.48-3
- rebuild against db-4.2.52.

* Tue Oct 28 2003 Joe Orton <jorton@redhat.com> 2.0.48-2
- update to 2.0.48
- includes security fix for CVE CAN-2003-0542
- include mpm*.h to fix mod_fastcgi build (#108080)
- increase DYNAMIC_MODULE_LIMIT to 128
- re-enable ap_hack_* export trimming patch
- only use -export-dynamic when linking httpd, not suexec etc
- don't load mod_unique_id by default

* Thu Oct 23 2003 Joe Orton <jorton@redhat.com> 2.0.47-10
- httpd.conf: configure test page in welcome.conf, load suexec, 
 don't use custom error docs by default, sync with upstream.
- add "Powered by Fedora" icon (Garrett LeSage)
- migration guide updates
- drop mod_cgid
- enable SSL_EXPERIMENTAL_ENGINE (#106858)
- drop minimum suexec gid to 100 (#74753, #107083)
- speed up graceful restarts in prefork (#105725)
- mod_ssl fixes

* Wed Oct 22 2003 Joe Orton <jorton@redhat.com> 2.0.47-9
- updated index.html (Matt Wilson, #107378)
- change server version string comment to "(Fedora)"

* Mon Oct 13 2003 Jeff Johnson <jbj@jbj.org> 2.0.47-8.1
- rebuild against db-4.2.42.

* Wed Oct  8 2003 Joe Orton <jorton@redhat.com> 2.0.47-8
- use -fPIE not -fpie to fix s390x (Florian La Roche)
- include VERSIONING in docdir

* Mon Oct  6 2003 Joe Orton <jorton@redhat.com> 2.0.47-7
- enable PIE support
- include bug fix for #78019

* Mon Sep  8 2003 Joe Orton <jorton@redhat.com> 2.0.47-6
- update httpd.conf for manual changes (alietss@yahoo.com, #101015)
- use anonymous shm for LDAP auth cache (#103566)

* Sun Sep  7 2003 Joe Orton <jorton@redhat.com> 2.0.47-5
- include unixd.h again
- fix EXTRA_INCLUDES

* Mon Jul 28 2003 Joe Orton <jorton@redhat.com> 2.0.47-4
- add mod_include fixes from upstream
- httpd.conf updates: wording fixes from upstream; load
  mod_deflate by default, update AddLanguage section (#98455)
- don't add eNULL cipher in default ssl.conf (#98401)
- only bind to IPv4 addresses in default config (#98916)

* Thu Jul 24 2003 Joe Orton <jorton@redhat.com> 2.0.47-3
- fix for segfaults in php-snmp init (#97207)

* Wed Jul 23 2003 Joe Orton <jorton@redhat.com> 2.0.47-2
- fix apxs -c again

* Mon Jul 14 2003 Joe Orton <jorton@redhat.com> 2.0.47-1
- update to 2.0.47
- add mod_logio (#100436)
- remove Vendor tag

* Thu Jul 10 2003 Joe Orton <jorton@redhat.com> 2.0.45-14
- use libtool script included in apr
- fix apxs -q LIBTOOL (more #92313)

* Tue Jul  8 2003 Joe Orton <jorton@redhat.com> 2.0.45-13
- use system pcre library

* Thu Jul  3 2003 Joe Orton <jorton@redhat.com> 2.0.45-12
- remove some installed headers
- fix for use of libtool 1.5

* Wed Jun 5 2003 Elliot Lee <sopwith@redhat.com>
- rebuilt

* Thu Jun  5 2003 Joe Orton <jorton@redhat.com> 2.0.45-10
- fix apxs -g (#92313)

* Sat May 31 2003 Joe Orton <jorton@redhat.com> 2.0.45-9
- trim manual sources properly
- remove ExcludeArch

* Thu May 29 2003 Joe Orton <jorton@redhat.com> 2.0.45-8
- rebuild

* Mon May 19 2003 Joe Orton <jorton@redhat.com> 2.0.45-6
- don't load /usr/sbin/envvars from apxs
- add fix for mod_dav_fs namespace handling
- add fix for mod_dav If header etag comparison
- remove irrelevant warning from mod_proxy
- don't conflict with thttpd (#91422)

* Sun May 18 2003 Joe Orton <jorton@redhat.com> 2.0.45-5
- don't package any XML sources in httpd-manual
- fix examples in default httpd.conf for enabling caching

* Sun May 18 2003 Joe Orton <jorton@redhat.com> 2.0.45-4
- change default charset to UTF-8 (#88964)

* Thu May 15 2003 Joe Orton <jorton@redhat.com> 2.0.45-3
- update httpd.conf for changes from default in 2.0.45
- include conf.d/*.conf after loading standard modules
- include LDAP and cache modules (#75370, #88277)
- run buildconf in %%build not %%prep

* Tue May 13 2003 Joe Orton <jorton@redhat.com> 2.0.45-2
- have apxs always use /usr/bin/libtool

* Mon May 5 2003 Joe Orton <jorton@redhat.com> 2.0.45-1
- update to 2.0.45 (#82227)
- use separate apr, apr-util packages (#74951)
- mark logrotate file as noreplace (#85654)
- mark all of /var/www/error as %%config-not-noreplace
- remove dates from error pages (#86474)
- don't enable mod_cgid for worker MPM (#88819)

* Wed Apr 30 2003 Elliot Lee <sopwith@redhat.com> 2.0.40-22
- headusage patch to fix build on ppc64 etc.

* Tue Apr  1 2003 Joe Orton <jorton@redhat.com> 2.0.40-21.1
- add security fixes for CAN-2003-0020, CAN-2003-0132, CAN-2003-0083
- add security fix for file descriptor leaks, #82142
- add bug fix for #82587

* Mon Feb 24 2003 Joe Orton <jorton@redhat.com> 2.0.40-21
- add security fix for CAN-2003-0020; replace non-printable characters
  with '!' when printing to error log.
- disable debuginfo on IA64.

* Tue Feb 11 2003 Joe Orton <jorton@redhat.com> 2.0.40-20
- disable POSIX semaphores to support 2.4.18 kernel (#83324)

* Wed Jan 29 2003 Joe Orton <jorton@redhat.com> 2.0.40-19
- require xmlto 0.0.11 or later
- fix apr_strerror on glibc2.3

* Wed Jan 22 2003 Tim Powers <timp@redhat.com> 2.0.40-18
- rebuilt

* Thu Jan 16 2003 Joe Orton <jorton@redhat.com> 2.0.40-17
- add mod_cgid and httpd binary built with worker MPM (#75496)
- allow choice of httpd binary in init script
- pick appropriate CGI module based on loaded MPM in httpd.conf
- source /etc/sysconfig/httpd in apachectl to get httpd choice
- make "apachectl status" fail gracefully when links isn't found (#78159)

* Mon Jan 13 2003 Joe Orton <jorton@redhat.com> 2.0.40-16
- rebuild for OpenSSL 0.9.7

* Fri Jan  3 2003 Joe Orton <jorton@redhat.com> 2.0.40-15
- fix possible infinite recursion in config dir processing (#77206)
- fix memory leaks in request body processing (#79282)

* Thu Dec 12 2002 Joe Orton <jorton@redhat.com> 2.0.40-14
- remove unstable shmht session cache from mod_ssl
- get SSL libs from pkg-config if available (Nalin Dahyabhai)
- stop "apxs -a -i" from inserting AddModule into httpd.conf (#78676)

* Wed Nov  6 2002 Joe Orton <jorton@redhat.com> 2.0.40-13
- fix location of installbuilddir in apxs when libdir!=/usr/lib

* Wed Nov  6 2002 Joe Orton <jorton@redhat.com> 2.0.40-12
- pass libdir to configure; clean up config_vars.mk
- package instdso.sh, fixing apxs -i (#73428)
- prevent build if upstream MMN differs from mmn macro
- remove installed but unpackaged files

* Wed Oct  9 2002 Joe Orton <jorton@redhat.com> 2.0.40-11
- correct SERVER_NAME encoding in i18n error pages (thanks to Andre Malo)

* Wed Oct  9 2002 Joe Orton <jorton@redhat.com> 2.0.40-10
- fix patch for CAN-2002-0840 to also cover i18n error pages

* Wed Oct  2 2002 Joe Orton <jorton@redhat.com> 2.0.40-9
- security fixes for CAN-2002-0840 and CAN-2002-0843
- fix for possible mod_dav segfault for certain requests

* Tue Sep 24 2002 Gary Benson <gbenson@redhat.com>
- updates to the migration guide

* Wed Sep  4 2002 Nalin Dahyabhai <nalin@redhat.com> 2.0.40-8
- link httpd with libssl to avoid library loading/unloading weirdness

* Tue Sep  3 2002 Joe Orton <jorton@redhat.com> 2.0.40-7
- add LoadModule lines for proxy modules in httpd.conf (#73349)
- fix permissions of conf/ssl.*/ directories; add Makefiles for
  certificate management (#73352)

* Mon Sep  2 2002 Joe Orton <jorton@redhat.com> 2.0.40-6
- provide "httpd-mmn" to manage module ABI compatibility

* Sun Sep  1 2002 Joe Orton <jorton@redhat.com> 2.0.40-5
- fix SSL session cache (#69699)
- revert addition of LDAP support to apr-util

* Mon Aug 26 2002 Joe Orton <jorton@redhat.com> 2.0.40-4
- set SIGXFSZ disposition to "ignored" (#69520)
- make dummy connections to the first listener in config (#72692)

* Mon Aug 26 2002 Joe Orton <jorton@redhat.com> 2.0.40-3
- allow "apachectl configtest" on a 1.3 httpd.conf
- add mod_deflate
- enable LDAP support in apr-util
- don't package everything in /var/www/error as config(noreplace)

* Wed Aug 21 2002 Bill Nottingham <notting@redhat.com> 2.0.40-2
- add trigger (#68657)

* Mon Aug 12 2002 Joe Orton <jorton@redhat.com> 2.0.40-1
- update to 2.0.40

* Wed Jul 24 2002 Joe Orton <jorton@redhat.com> 2.0.36-8
- improve comment on use of UserDir in default config (#66886)

* Wed Jul 10 2002 Joe Orton <jorton@redhat.com> 2.0.36-7
- use /sbin/nologin as shell for apache user (#68371)
- add patch from CVS to fix possible infinite loop when processing
  internal redirects

* Wed Jun 26 2002 Gary Benson <gbenson@redhat.com> 2.0.36-6
- modify init script to detect 1.3.x httpd.conf's and direct users
  to the migration guide

* Tue Jun 25 2002 Gary Benson <gbenson@redhat.com> 2.0.36-5
- patch apachectl to detect 1.3.x httpd.conf's and direct users
  to the migration guide
- ship the migration guide

* Fri Jun 21 2002 Joe Orton <jorton@redhat.com>
- move /etc/httpd2 back to /etc/httpd
- add noindex.html page and poweredby logo; tweak default config
  to load noindex.html if no default "/" page is present.
- add patch to prevent mutex errors on graceful restart

* Fri Jun 21 2002 Tim Powers <timp@redhat.com> 2.0.36-4
- automated rebuild

* Wed Jun 12 2002 Joe Orton <jorton@redhat.com> 2.0.36-3
- add patch to fix SSL mutex handling

* Wed Jun 12 2002 Joe Orton <jorton@redhat.com> 2.0.36-2
- improved config directory patch

* Mon May 20 2002 Joe Orton <jorton@redhat.com>
- initial build; based heavily on apache.spec and mod_ssl.spec
- fixes: #65214, #58490, #57376, #61265, #65518, #58177, #57245