On Fri, Feb 19, 1999, Volker Borchert wrote:
> I'm just starting to get my Apache 1.3.4 ssl-ly. I have the general
> custom to keep every source or config file under SCCS control. To
> follow this with mod_ssl configuration, I could have saved some time
> spent on replicating Apache sources, "diff -rq"ing them, etc. were
> there a list of Apache files changed during configuration included
> with mod_ssl. Does anybody else feel a need for such a list?
You don't have to invent the wheel twice. When you fetch the CVS version of
mod_ssl, under the admin/ directory there is a file named do.assemble.cfg
which I append you. It's the configuration file which is used to assemble the
patches of changed files from the pkg.apache/ subtree to the pkg.mod_ssl
subtree (= the distribution).
> What's more, the included version of "patch" did not interact with
> SunOS 4.1.4 sccs correctly.
<grin> But this patch is not intended to be used manually by you for other
things, of couse ;-)
> I tried vanilla GNU patch 2.4 and 2.5,
> and these were even worse. I do not know enough about either patch
> or SCCS to judge whether this is a problem with SunOS's SCCS or
> with patch or with the way it is invoked during ./configure. Has
> anybody had similar problems, or can somebody confirm that "this
> version of SCCS/RCS and that version of patch work for me"?
I've not used SCCS/RCS directly for years now. We all use mainly CVS only for
development. And I recommend you to use CVS for version controlling your
files, too. And with CVS you usually don't need a list of changed files (that
I need one has to do with other things like annotation with notices, etc. -
but not with CVS).
OTOH I've still not understood why you keep mod_ssl version controlled
locally. mod_ssl is already version controlled in a CVS tree and all you have
to do is to use RSync to fetch this CVS tree from time to time to be up to
date. Look at the website, there are details on how to accomplish this.
> (I ended up tar'ring the SCCS repositories up, removing them from
> the Apache sources completely, configuring mod_ssl, untar'ring
> the SCCS repositories back in, and finally committing the changes.)
Sounds too complicated to me...
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
##
## do.assemble.cfg -- mod_ssl Source and Patch Assembling Configuration
## Copyright (c) 1998 Ralf S. Engelschall, All Rights Reserved.
##
#
# General Configuration
#
DST_DIR pkg.mod_ssl
SRC_DIR pkg.apache
SRC_TAG upstream
#
# Extended API (EAPI)
#
CREATED src/ap/ap_hook.c pkg.eapi/ap_hook.c
CREATED src/ap/ap_ctx.c pkg.eapi/ap_ctx.c
CREATED src/include/ap_hook.h pkg.eapi/ap_hook.h
CREATED src/include/ap_ctx.h pkg.eapi/ap_ctx.h
PATCHED src/Configuration.tmpl:+2 pkg.eapi/eapi.patch
PATCHED src/Configure pkg.eapi/eapi.patch
PATCHED src/ap/Makefile.tmpl pkg.eapi/eapi.patch
PATCHED src/ap/ap.mak pkg.eapi/eapi.patch
PATCHED src/include/ap_mmn.h pkg.eapi/eapi.patch
PATCHED src/include/buff.h pkg.eapi/eapi.patch
PATCHED src/include/http_config.h pkg.eapi/eapi.patch
PATCHED src/include/http_conf_globals.h pkg.eapi/eapi.patch
PATCHED src/include/http_main.h pkg.eapi/eapi.patch
PATCHED src/include/httpd.h pkg.eapi/eapi.patch
PATCHED src/main/buff.c pkg.eapi/eapi.patch
PATCHED src/main/http_config.c pkg.eapi/eapi.patch
PATCHED src/main/http_main.c pkg.eapi/eapi.patch
PATCHED src/main/http_request.c pkg.eapi/eapi.patch
PATCHED src/main/http_protocol.c pkg.eapi/eapi.patch
PATCHED src/modules/standard/mod_so.c pkg.eapi/eapi.patch
PATCHED src/modules/standard/mod_log_config.c pkg.eapi/eapi.patch
PATCHED src/modules/standard/mod_rewrite.c pkg.eapi/eapi.patch
PATCHED src/modules/proxy/mod_proxy.c pkg.eapi/eapi.patch
PATCHED src/modules/proxy/proxy_http.c pkg.eapi/eapi.patch
PATCHED src/support/apxs.pl pkg.eapi/eapi.patch
PATCHED src/support/httpd.exp pkg.eapi/eapi.patch
PATCHED src/ApacheCore.def pkg.eapi/eapi.patch
COMMENT eapi.patch {
This file contains all patches to the Apache source
tree which add the Extended API (EAPI) support.
}
COMMENT src/Configuration.tmpl:+2 {
Add the EAPI configuration rule which triggers the EAPI patches.
}
COMMENT src/Configure {
Patch in implementation of the EAPI rule.
}
COMMENT src/ap/Makefile.tmpl {
Add the build support for the ap_hook.c and ap_ctx.c sources (Unix)
}
COMMENT src/ap/ap.mak {
Add the build support for the ap_hook.c and ap_ctx.c sources (Win32)
}
COMMENT src/include/ap_mmn.h {
Replace the MODULE_MAGIC_COOKIE to allow us to distinguish between
EAPI-aware modules and standard modules.
}
COMMENT src/include/buff.h {
Add the additional context variable `ctx' for BUFF structures.
}
COMMENT src/include/http_config.h {
Add the four additional Apache API module hooks.
}
COMMENT src/include/http_conf_globals.h {
Add the additional variable `ap_global_ctx' for holding
global module context.
}
COMMENT src/include/http_main.h {
Export the ap_set_callback_and_alarm() function because this
first is a useful thing and second we need it because all
other API/timeout functions deal with a request_rec while
mod_ssl needs a generic timeout mechanism.
}
COMMENT src/include/httpd.h {
First add support for the HTTPS protocol scheme via hooks,
second add the additional context variable `ctx' for the
conn_rec, server_rec and request_rec structures. And third
add a prototype for the additional ap_add_config_define()
function.
}
COMMENT src/main/buff.c {
Patch the low-level buffer routines to additionally allow
modules to intercept the I/O processing via hooks.
}
COMMENT src/main/http_config.c {
Add the implementation of the additional `add_module' and
`rewrite_command' module hooks. Additionally the `ctx'
variables are initialized.
}
COMMENT src/main/http_main.c {
Add the ap_global_ctx variable and the new
ap_add_config_define() function. Additionally the
implementation of the additional `new_connection' module hook
is added plus the initialization of one more `ctx' variable.
}
COMMENT src/main/http_request.c {
Just add the initialization of the `ctx' variable for
conn_rec structures.
}
COMMENT src/main/http_protocol.c {
Just add the initialization of the `ctx' variable for
request_rec structures.
}
COMMENT src/modules/standard/mod_so.c {
Add support for loading both EAPI and AP13 modules.
}
COMMENT src/modules/standard/mod_log_config.c {
Add additional logging functions to the CustomLog directive
which can be used by other modules to create additional
logfile tags. Actually we add two types of hooks: One hook
for intercepting the new and generic %x (eXtension) tag and
one hook for creating new %x tags at all.
}
COMMENT src/modules/standard/mod_rewrite.c {
Allow RewriteCond and RewriteRule directives to lookup SSL
variables via mod_ssl.
}
COMMENT src/modules/proxy/mod_proxy.c {
Add hooks to the scheme processing to allow other modules to
recognize more schemes by intercepting this processing.
}
COMMENT src/modules/proxy/proxy_http.c {
Add hooks to the HTTP processing to allow other modules
to enhance it by intercepting this processing.
}
COMMENT src/support/apxs.pl {
Add EAPI hooks in module structure for APXS generated samples.
}
COMMENT src/support/httpd.exp {
Add the EAPI functions, so mod_ssl can be built under AIX
and similar braindead platforms as DSO.
}
COMMENT src/ApacheCore.def {
Add the EAPI functions, so mod_ssl can be built under Windows 95
and similar braindead platforms as DDL.
}
#
# SSL Module Source
#
CREATED src/modules/ssl/README pkg.sslmod/
CREATED src/modules/ssl/README.dsov.fig pkg.sslmod/
CREATED src/modules/ssl/README.dsov.ps pkg.sslmod/
CREATED src/modules/ssl/Makefile.libdir pkg.sslmod/
CREATED src/modules/ssl/Makefile.tmpl pkg.sslmod/
CREATED src/modules/ssl/Makefile.win32 pkg.sslmod/
CREATED src/modules/ssl/libssl.module pkg.sslmod/
CREATED src/modules/ssl/libssl.version pkg.sslmod/
CREATED src/modules/ssl/mod_ssl.c pkg.sslmod/
CREATED src/modules/ssl/mod_ssl.h pkg.sslmod/
CREATED src/modules/ssl/ssl_engine_compat.c pkg.sslmod/
CREATED src/modules/ssl/ssl_engine_config.c pkg.sslmod/
CREATED src/modules/ssl/ssl_engine_ds.c pkg.sslmod/
CREATED src/modules/ssl/ssl_engine_init.c pkg.sslmod/
CREATED src/modules/ssl/ssl_engine_kernel.c pkg.sslmod/
CREATED src/modules/ssl/ssl_engine_io.c pkg.sslmod/
CREATED src/modules/ssl/ssl_engine_log.c pkg.sslmod/
CREATED src/modules/ssl/ssl_engine_mutex.c pkg.sslmod/
CREATED src/modules/ssl/ssl_engine_pphrase.c pkg.sslmod/
CREATED src/modules/ssl/ssl_engine_rand.c pkg.sslmod/
CREATED src/modules/ssl/ssl_engine_scache.c pkg.sslmod/
CREATED src/modules/ssl/ssl_engine_vars.c pkg.sslmod/
CREATED src/modules/ssl/ssl_engine_ext.c pkg.sslmod/
CREATED src/modules/ssl/ssl_expr.c pkg.sslmod/
CREATED src/modules/ssl/ssl_expr.h pkg.sslmod/
CREATED src/modules/ssl/ssl_expr_eval.c pkg.sslmod/
CREATED src/modules/ssl/ssl_expr_parse.c pkg.sslmod/
CREATED src/modules/ssl/ssl_expr_parse.h pkg.sslmod/
CREATED src/modules/ssl/ssl_expr_parse.y pkg.sslmod/
CREATED src/modules/ssl/ssl_expr_scan.c pkg.sslmod/
CREATED src/modules/ssl/ssl_expr_scan.l pkg.sslmod/
CREATED src/modules/ssl/ssl_util.c pkg.sslmod/
CREATED src/modules/ssl/ssl_util_sdbm.c pkg.sslmod/
CREATED src/modules/ssl/ssl_util_sdbm.h pkg.sslmod/
CREATED src/modules/ssl/ssl_util_ssl.c pkg.sslmod/
CREATED src/modules/ssl/ssl_util_ssl.h pkg.sslmod/
PATCHED src/Configuration.tmpl:+,-2 pkg.sslmod/sslmod.patch
COMMENT sslmod.patch {
This file contains all patches to the Apache source tree
which add additional (but optional) support for the SSL
module. Those changes are just to provide a little bit more
comfort, but aren't really required.
}
COMMENT src/Configuration.tmpl:+,-2 {
Add the SSL_BASE and RSA_BASE variables, the SSL_COMPAT rule and the
AddModule entry for mod_ssl (libssl.a). This way an SSL-aware Apache can
still be built with the old Apache 1.2 configuration procedure and no
extra --activate-module=ssl is required.
}
#
# SSL Configuration
#
CREATED conf/ssl.crt/Makefile pkg.sslcfg/
CREATED conf/ssl.crt/README.CRT pkg.sslcfg/
CREATED conf/ssl.crt/ca-bundle.crt pkg.sslcfg/
CREATED conf/ssl.crt/snakeoil-ca.crt pkg.sslcfg/
CREATED conf/ssl.crt/snakeoil.crt pkg.sslcfg/
CREATED conf/ssl.crt/server.crt pkg.sslcfg/
CREATED conf/ssl.csr/README.CSR pkg.sslcfg/
CREATED conf/ssl.csr/server.csr pkg.sslcfg/
CREATED conf/ssl.key/README.KEY pkg.sslcfg/
CREATED conf/ssl.key/snakeoil-ca.key pkg.sslcfg/
CREATED conf/ssl.key/snakeoil.key pkg.sslcfg/
CREATED conf/ssl.key/server.key pkg.sslcfg/
PATCHED conf/httpd.conf-dist pkg.sslcfg/sslcfg.patch
PATCHED conf/httpd.conf-dist-win pkg.sslcfg/sslcfg.patch
COMMENT sslcfg.patch {
This file contains all patches to the Apache source
tree which link the SSL default setup into the Apache
configuration tree.
}
COMMENT conf/httpd.conf-dist {
Add additional SSL configuration directives which provide a
robust default configuration: virtual server on port 443
which speaks SSL.
}
#
# SSL Module Documenation
#
CREATED htdocs/manual/images/apache_pb.gif pkg.ssldoc/
CREATED htdocs/manual/images/mod_ssl_sb.gif pkg.ssldoc/
CREATED htdocs/manual/images/ssleay.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/.wmlrc pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/Makefile pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/index.html pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_compat.gfont000.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_compat.wml pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_compat.html pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_cover.wml pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_cover_logo.jpg pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_cover_title.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_faq.gfont000.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_faq.wml pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_faq.html pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_glossary.wml pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_glossary.html pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_howto.gfont000.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_howto.wml pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_howto.html pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_intro.gfont000.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_intro.wml pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_intro.html pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_intro_fig1.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_intro_fig2.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_intro_fig3.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_overview.gfont000.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_overview.wml pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_overview.html pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_overview_fig1.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_reference.gfont000.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_reference.wml pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_reference.html pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.head-chapter.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.head-num-1.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.head-num-2.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.head-num-3.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.head-num-4.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.head-num-5.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.head-num-6.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.head-num-7.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.imgdot-1x1-000000.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.imgdot-1x1-transp.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.navbut-next-n.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.navbut-next-s.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.navbut-prev-n.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.navbut-prev-s.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.title-abstract.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.title-compat.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.title-faq.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.title-gloss.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.title-howto.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.title-intro.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.title-over.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.title-preface.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.title-ref.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.title-toc.gif pkg.ssldoc/
CREATED htdocs/manual/mod/mod_ssl/ssl_template.title-tutor.gif pkg.ssldoc/
PATCHED htdocs/index.html pkg.ssldoc/ssldoc.patch
PATCHED htdocs/manual/mod/index.html pkg.ssldoc/ssldoc.patch
PATCHED htdocs/manual/mod/directives.html pkg.ssldoc/ssldoc.patch
COMMENT ssldoc.patch {
This file contains all patches to the Apache source
tree which link the SSL documentation into the Apache
documents tree.
}
COMMENT htdocs/index.html {
Adjust the default frontdoor webpage where we now indicate that
this is an SSL-aware Apache, give additional hyperlinks to mod_ssl and
provide the three new "powered by Apache", "secured by mod_ssl" and
"includes SSLeay" buttons.
}
COMMENT htdocs/manual/mod/index.html {
Add a hyperlink to the mod_ssl.html document.
}
COMMENT htdocs/manual/mod/directives.html {
Add hyperlinks for all SSL directives which are
documented inside the mod_ssl.html document.
}
#
# SSL Support Stuff
#
CREATED src/support/mkcert.sh pkg.sslsup/
CREATED src/support/ca-fix.c pkg.sslsup/
PATCHED configure pkg.sslsup/sslsup.patch
PATCHED Makefile.tmpl pkg.sslsup/sslsup.patch
PATCHED src/Makefile.tmpl pkg.sslsup/sslsup.patch
PATCHED src/support/Makefile.tmpl pkg.sslsup/sslsup.patch
PATCHED src/support/apachectl pkg.sslsup/sslsup.patch
PATCHED src/support/suexec.c pkg.sslsup/sslsup.patch
COMMENT sslsup.patch {
This file contains all patches to the Apache sources which
link the SSL support tools into the Apache support tree.
}
COMMENT configure {
First patch APACI's configuration script to pass a `ssl' flag
to the Makefile.tmpl file which indicated whether mod_ssl is
activated or not. Second we add support for the SSL_BASE and
RSA_BASE variables. Third we provide the configuration
adjustments of the HTTPS port (443) similar to what is
already done by APACI for the HTTP port (80).
}
COMMENT Makefile.tmpl {
Here we first incorporate support for the `make certificate'
procedure and second support for the `make install' procedure
where SSL directives in the configuration files are now also
adjusted and SSL certs/keys and support programs are now
additionally installed.
}
COMMENT src/Makefile.tmpl {
Add the `certificate' Make target which can be used to create
various forms of server certificates through the mkcert.sh
script.
}
COMMENT src/support/Makefile.tmpl {
Add build support for the additional ca-fix utility
used at the `make certificate' command.
}
COMMENT src/support/apachectl {
Provide an additional `startssl' command to supplement the
standard `start' command. The difference is just that
`startssl' adds a -DSSL define when starting httpd.
}
COMMENT src/support/suexec.c {
Add support for the HTTPS scheme and the additional SSL_XXXX
environment variables mod_ssl provides to CGI scripts.
}
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
