diff options
| author |   Benedikt Boehm <hollow@gentoo.org> | 2005-01-08 21:43:06 +0000 |
|---|---|---|
| committer | Benedikt Boehm <hollow@gentoo.org> | 2005-01-08 21:43:06 +0000 |
| commit | 6ffe7ab9a760d09100207e63ffb666727f0bfc12 (patch) | |
| tree | 505fc6c4d8da26732b2edd06934543749eb7da83 /net-www/mod_ssl | |
| parent | Version bump. Fixes bug #39943 and bug #69669. (Manifest recommit) (diff) | |
| download | gentoo-2-6ffe7ab9a760d09100207e63ffb666727f0bfc12.tar.gz gentoo-2-6ffe7ab9a760d09100207e63ffb666727f0bfc12.tar.bz2 gentoo-2-6ffe7ab9a760d09100207e63ffb666727f0bfc12.zip | |
Apache herd package refresh
Diffstat (limited to 'net-www/mod_ssl')
| -rw-r--r-- | net-www/mod_ssl/ChangeLog | 10 | ||||
| -rw-r--r-- | net-www/mod_ssl/Manifest | 28 | ||||
| -rw-r--r-- | net-www/mod_ssl/files/10_mod_ssl.conf | 80 | ||||
| -rw-r--r-- | net-www/mod_ssl/files/default-ssl.conf | 155 | ||||
| -rw-r--r-- | net-www/mod_ssl/files/digest-mod_ssl-2.8.22 | 1 | ||||
| -rw-r--r-- | net-www/mod_ssl/metadata.xml | 8 | ||||
| -rw-r--r-- | net-www/mod_ssl/mod_ssl-2.8.17.ebuild | 4 | ||||
| -rw-r--r-- | net-www/mod_ssl/mod_ssl-2.8.18.ebuild | 4 | ||||
| -rw-r--r-- | net-www/mod_ssl/mod_ssl-2.8.19.ebuild | 4 | ||||
| -rw-r--r-- | net-www/mod_ssl/mod_ssl-2.8.20.ebuild | 4 | ||||
| -rw-r--r-- | net-www/mod_ssl/mod_ssl-2.8.21.ebuild | 4 | ||||
| -rw-r--r-- | net-www/mod_ssl/mod_ssl-2.8.22.ebuild | 74 |
12 files changed, 350 insertions, 26 deletions
diff --git a/net-www/mod_ssl/ChangeLog b/net-www/mod_ssl/ChangeLog index 119ce3b4857e..b5548f36811b 100644 --- a/net-www/mod_ssl/ChangeLog +++ b/net-www/mod_ssl/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-www/mod_ssl -# Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/ChangeLog,v 1.62 2004/12/29 21:11:58 ciaranm Exp $ +# Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/ChangeLog,v 1.63 2005/01/08 21:43:06 hollow Exp $ + +*mod_ssl-2.8.22 (08 Jan 2005) + + 08 Jan 2005; Benedikt Boehm <hollow@gentoo.org> metadata.xml, + +files/10_mod_ssl.conf, +files/default-ssl.conf, +mod_ssl-2.8.22.ebuild: + Apache herd package refresh 29 Dec 2004; Ciaran McCreesh <ciaranm@gentoo.org> : Change encoding to UTF-8 for GLEP 31 compliance diff --git a/net-www/mod_ssl/Manifest b/net-www/mod_ssl/Manifest index 09be6afa53b6..85b2a7bbb87b 100644 --- a/net-www/mod_ssl/Manifest +++ b/net-www/mod_ssl/Manifest @@ -1,15 +1,19 @@ -MD5 cfd9c7caa14eb7b323a6a6d4d62d71b0 mod_ssl-2.8.19.ebuild 2283 -MD5 b7d4e3358a286e937f7b86970e3e2d8f mod_ssl-2.8.21.ebuild 2417 -MD5 2639ab1fff66a8ce4a968fc7496a9b51 ChangeLog 7448 -MD5 039d11eaea2cf73a6585e177bd8e6ed9 mod_ssl-2.8.20.ebuild 2283 -MD5 7f02b177b06559b9aab3444c173343bc mod_ssl-2.8.17.ebuild 2183 -MD5 9eba5451e8883ea7e9cedf5b02c97e62 mod_ssl-2.8.18.ebuild 2183 -MD5 d2da0e45d7e39184d1cb7abbe3879086 metadata.xml 159 -MD5 8270779f233bc311118f53ebce7338e7 files/ssl.default-vhost.conf 6985 -MD5 dd92adba34e6b36ef6fd2750869e1a18 files/gentestcrt.sh 8801 -MD5 289c880e2ff1c2de91eda32e7e486085 files/digest-mod_ssl-2.8.21 73 +MD5 07f3d73c41956faadfc02c8e3b1fa73c ChangeLog 7649 +MD5 41d6c0ba999d7b4af929e07368693a3f metadata.xml 261 +MD5 31863075d2c289e92a2812d4f4f1de7f mod_ssl-2.8.17.ebuild 2183 +MD5 30fe8f7e67feda15c2ae27a547634737 mod_ssl-2.8.18.ebuild 2183 +MD5 943bb80898a14de12af99181d76aae83 mod_ssl-2.8.19.ebuild 2283 +MD5 c97d4431d633918b3d429518fe5b1dfa mod_ssl-2.8.20.ebuild 2283 +MD5 fccca9a09b8582cd32c4e33eed06ad91 mod_ssl-2.8.21.ebuild 2417 +MD5 dd85b3cb2afcc5ac4a5176a5635db1c1 mod_ssl-2.8.22.ebuild 1762 +MD5 9ba9eb8eced950cd59cb8dadd090f908 files/digest-mod_ssl-2.8.17 73 MD5 f53031df0c0d1a5bd75a9151d0810e9e files/digest-mod_ssl-2.8.18 73 MD5 89239995d079a1bd9abc580e2264c71b files/digest-mod_ssl-2.8.19 73 -MD5 71ac46d211c8aa42c7a5e51c6165862a files/mod_ssl.conf 2460 -MD5 9ba9eb8eced950cd59cb8dadd090f908 files/digest-mod_ssl-2.8.17 73 MD5 dd87f058ab62ac5c5da4b03713e9184a files/digest-mod_ssl-2.8.20 73 +MD5 289c880e2ff1c2de91eda32e7e486085 files/digest-mod_ssl-2.8.21 73 +MD5 dd92adba34e6b36ef6fd2750869e1a18 files/gentestcrt.sh 8801 +MD5 71ac46d211c8aa42c7a5e51c6165862a files/mod_ssl.conf 2460 +MD5 8270779f233bc311118f53ebce7338e7 files/ssl.default-vhost.conf 6985 +MD5 4b5d51650bcc2628a638d218191f0465 files/10_mod_ssl.conf 2760 +MD5 d86048fda6b41251c56c22a0882fbcc7 files/default-ssl.conf 7553 +MD5 54cbf53816f2c9c80600ea9f37ab02ba files/digest-mod_ssl-2.8.22 73 diff --git a/net-www/mod_ssl/files/10_mod_ssl.conf b/net-www/mod_ssl/files/10_mod_ssl.conf new file mode 100644 index 000000000000..fc639333292a --- /dev/null +++ b/net-www/mod_ssl/files/10_mod_ssl.conf @@ -0,0 +1,80 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/files/10_mod_ssl.conf,v 1.1 2005/01/08 21:43:06 hollow Exp $ + +<IfDefine SSL> + <IfModule !mod_ssl.c> + LoadModule ssl_module modules/libssl.so + </IfModule> +</IfDefine> + +# +# See http://www.modssl.org/docs/2.8/ for details +# +<IfModule mod_ssl.c> + ##-------------------------------------------------------------------------- + ## Add additional SSL configuration directives which provide a + ## robust default configuration: virtual server on port 443 + ## which speaks SSL. + ##-------------------------------------------------------------------------- + ## + ## SSL Support + ## + ## When we also provide SSL we have to listen to the + ## standard HTTP port (see above) and to the HTTPS port + ## + Listen 443 + + ## + ## SSL Global Context + ## + ## All SSL configuration in this context applies both to + ## the main server and all SSL-enabled virtual hosts. + ## + # + # Some MIME-types for downloading Certificates and CRLs + # + AddType application/x-x509-ca-cert .crt + AddType application/x-pkcs7-crl .crl + + # Pass Phrase Dialog: + # Configure the pass phrase gathering process. + # The filtering dialog program (`builtin' is a internal + # terminal dialog) has to provide the pass phrase on stdout. + SSLPassPhraseDialog builtin + + # Inter-Process Session Cache: + # Configure the SSL Session Cache: First either `none' + # or `dbm:/path/to/file' for the mechanism to use and + # second the expiring timeout (in seconds). + #SSLSessionCache none + #SSLSessionCache dbm:logs/ssl_scache + #SSLSessionCache shm:/var/cache/apache/ssl_scache + SSLSessionCache shm:/var/cache/apache/ssl_scache(512000) + SSLSessionCacheTimeout 300 + + # Semaphore: + # Configure the path to the mutual explusion semaphore the + # SSL engine uses internally for inter-process synchronization. + SSLMutex sem + + # Pseudo Random Number Generator (PRNG): + # Configure one or more sources to seed the PRNG of the + # SSL library. The seed data should be of good random quality. + SSLRandomSeed startup builtin + SSLRandomSeed connect builtin + #SSLRandomSeed startup file:/dev/random 512 + #SSLRandomSeed startup file:/dev/urandom 512 + #SSLRandomSeed connect file:/dev/random 512 + #SSLRandomSeed connect file:/dev/urandom 512 + + # Logging: + # The home of the dedicated SSL protocol logfile. Errors are + # additionally duplicated in the general error log file. Put + # this somewhere where it cannot be used for symlink attacks on + # a real server (i.e. somewhere where only root can write). + # Log levels are (ascending order: higher ones include lower ones): + # none, error, warn, info, trace, debug. + SSLLog logs/ssl_engine_log + SSLLogLevel info +</IfModule> diff --git a/net-www/mod_ssl/files/default-ssl.conf b/net-www/mod_ssl/files/default-ssl.conf new file mode 100644 index 000000000000..e0bdee00d40c --- /dev/null +++ b/net-www/mod_ssl/files/default-ssl.conf @@ -0,0 +1,155 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/files/default-ssl.conf,v 1.1 2005/01/08 21:43:06 hollow Exp $ + +<IfModule mod_ssl.c> + <VirtualHost _default_:80> + SSLEngine off + </VirtualHost> + + ## + ## SSL Virtual Host Context + ## + + <VirtualHost _default_:443> + # General setup for the virtual host + DocumentRoot /var/www/localhost/htdocs + #ServerName new.host.name + #ServerAdmin you@your.address + ErrorLog logs/ssl-error_log + TransferLog logs/ssl-access_log + + # SSL Engine Switch: + # Enable/Disable SSL for this virtual host. + SSLEngine on + + # SSL Cipher Suite: + # List the ciphers that the client is permitted to negotiate. + # See the mod_ssl documentation for a complete list. + SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL + + # Server Certificate: + # Point SSLCertificateFile at a PEM encoded certificate. If + # the certificate is encrypted, then you will be prompted for a + # pass phrase. Note that a kill -HUP will prompt again. A test + # certificate can be generated with `make certificate' under + # built time. + SSLCertificateFile conf/ssl/server.crt + + # Server Private Key: + # If the key is not combined with the certificate, use this + # directive to point at the key file. + SSLCertificateKeyFile conf/ssl/server.key + + # Server Certificate Chain: + # Point SSLCertificateChainFile at a file containing the + # concatenation of PEM encoded CA certificates which form the + # certificate chain for the server certificate. Alternatively + # the referenced file can be the same as SSLCertificateFile + # when the CA certificates are directly appended to the server + # certificate for convinience. + #SSLCertificateChainFile @@ServerRoot@@/conf/ssl/ssl.crt/ca.crt + + # Certificate Authority (CA): + # Set the CA certificate verification path where to find CA + # certificates for client authentication or alternatively one + # huge file containing all of them (file must be PEM encoded) + # Note: Inside SSLCACertificatePath you need hash symlinks + # to point to the certificate files. Use the provided + # Makefile to update the hash symlinks after changes. + #SSLCACertificatePath @@ServerRoot@@/conf/ssl/ssl.crt + #SSLCACertificateFile @@ServerRoot@@/conf/sssl/sl.crt/ca-bundle.crt + + # Certificate Revocation Lists (CRL): + # Set the CA revocation path where to find CA CRLs for client + # authentication or alternatively one huge file containing all + # of them (file must be PEM encoded) + # Note: Inside SSLCARevocationPath you need hash symlinks + # to point to the certificate files. Use the provided + # Makefile to update the hash symlinks after changes. + #SSLCARevocationPath @@ServerRoot@@/conf/ssl/ssl.crl + #SSLCARevocationFile @@ServerRoot@@/conf/ssl/ssl.crl/ca-bundle.crl + + # Client Authentication (Type): + # Client certificate verification type and depth. Types are + # none, optional, require and optional_no_ca. Depth is a + # number which specifies how deeply to verify the certificate + # issuer chain before deciding the certificate is not valid. + #SSLVerifyClient require + #SSLVerifyDepth 10 + + # Access Control: + # With SSLRequire you can do per-directory access control based + # on arbitrary complex boolean expressions containing server + # variable checks and other lookup directives. The syntax is a + # mixture between C and Perl. See the mod_ssl documentation + # for more details. + #<Location /> + #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ \ + # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ + # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ + # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ + # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \ + # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ + #</Location> + + # SSL Engine Options: + # Set various options for the SSL engine. + # FakeBasicAuth: + # Translate the client X.509 into a Basic Authorisation. This means that + # the standard Auth/DBMAuth methods can be used for access control. The + # user name is the `one line' version of the client's X.509 certificate. + # Note that no password is obtained from the user. Every entry in the user + # file needs this password: `xxj31ZMTZzkVA'. + # ExportCertData: + # This exports two additional environment variables: SSL_CLIENT_CERT and + # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the + # server (always existing) and the client (only existing when client + # authentication is used). This can be used to import the certificates + # into CGI scripts. + # CompatEnvVars: + # This exports obsolete environment variables for backward compatibility + # to Apache-SSL 1.x, mod_ssl 2.0.x, Sioux 1.0 and Stronghold 2.x. Use this + # to provide compatibility to existing CGI scripts. + # StrictRequire: + # This denies access when "SSLRequireSSL" or "SSLRequire" applied even + # under a "Satisfy any" situation, i.e. when it applies access is denied + # and no other module can change it. + # OptRenegotiate: + # This enables optimized SSL connection renegotiation handling when SSL + # directives are used in per-directory context. + #SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire + + # SSL Protocol Adjustments: + # The safe and default but still SSL/TLS standard compliant shutdown + # approach is that mod_ssl sends the close notify alert but doesn't wait for + # the close notify alert from client. When you need a different shutdown + # approach you can use one of the following variables: + # ssl-unclean-shutdown: + # This forces an unclean shutdown when the connection is closed, i.e. no + # SSL close notify alert is send or allowed to received. This violates + # the SSL/TLS standard but is needed for some brain-dead browsers. Use + # this when you receive I/O errors because of the standard approach where + # mod_ssl sends the close notify alert. + # ssl-accurate-shutdown: + # This forces an accurate shutdown when the connection is closed, i.e. a + # SSL close notify alert is send and mod_ssl waits for the close notify + # alert of the client. This is 100% SSL/TLS standard compliant, but in + # practice often causes hanging connections with brain-dead browsers. Use + # this only for browsers where you know that their SSL implementation + # works correctly. + # Notice: Most problems of broken clients are also related to the HTTP + # keep-alive facility, so you usually additionally want to disable + # keep-alive for those clients, too. Use variable "nokeepalive" for this. + SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown + + # Per-Server Logging: + # The home of a custom SSL log file. Use this when you want a + # compact non-error SSL logfile on a virtual host basis. + CustomLog logs/ssl_request_log \ + "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + RewriteEngine On + RewriteOptions inherit + </VirtualHost> +</IfModule> diff --git a/net-www/mod_ssl/files/digest-mod_ssl-2.8.22 b/net-www/mod_ssl/files/digest-mod_ssl-2.8.22 new file mode 100644 index 000000000000..267b39a4c268 --- /dev/null +++ b/net-www/mod_ssl/files/digest-mod_ssl-2.8.22 @@ -0,0 +1 @@ +MD5 cdfdf1f576f77768c90825b43b462405 mod_ssl-2.8.22-1.3.33.tar.gz 754606 diff --git a/net-www/mod_ssl/metadata.xml b/net-www/mod_ssl/metadata.xml index c054a8cd9b61..22bb50eb3661 100644 --- a/net-www/mod_ssl/metadata.xml +++ b/net-www/mod_ssl/metadata.xml @@ -1,5 +1,9 @@ -<?xml version="1.0" encoding="UTF-8"?> +<?xml version='1.0' encoding='UTF-8'?> <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> -<herd>apache</herd> + <herd>apache</herd> + <maintainer> + <email>hollow@gentoo.org</email> + <name>Benedikt Boehm</name> + </maintainer> </pkgmetadata> diff --git a/net-www/mod_ssl/mod_ssl-2.8.17.ebuild b/net-www/mod_ssl/mod_ssl-2.8.17.ebuild index 84bd304f745f..5b2c80c75c8c 100644 --- a/net-www/mod_ssl/mod_ssl-2.8.17.ebuild +++ b/net-www/mod_ssl/mod_ssl-2.8.17.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2004 Gentoo Foundation +# Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/mod_ssl-2.8.17.ebuild,v 1.9 2004/06/25 01:04:16 agriffis Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/mod_ssl-2.8.17.ebuild,v 1.10 2005/01/08 21:43:06 hollow Exp $ MY_P=${P}-1.3.31 S=${WORKDIR}/${MY_P} diff --git a/net-www/mod_ssl/mod_ssl-2.8.18.ebuild b/net-www/mod_ssl/mod_ssl-2.8.18.ebuild index 63ac3b12b88e..5f1957010943 100644 --- a/net-www/mod_ssl/mod_ssl-2.8.18.ebuild +++ b/net-www/mod_ssl/mod_ssl-2.8.18.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2004 Gentoo Foundation +# Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/mod_ssl-2.8.18.ebuild,v 1.8 2004/06/25 01:04:16 agriffis Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/mod_ssl-2.8.18.ebuild,v 1.9 2005/01/08 21:43:06 hollow Exp $ MY_P=${P}-1.3.31 S=${WORKDIR}/${MY_P} diff --git a/net-www/mod_ssl/mod_ssl-2.8.19.ebuild b/net-www/mod_ssl/mod_ssl-2.8.19.ebuild index c6503f0927e6..4c7f051ff6cc 100644 --- a/net-www/mod_ssl/mod_ssl-2.8.19.ebuild +++ b/net-www/mod_ssl/mod_ssl-2.8.19.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2004 Gentoo Foundation +# Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/mod_ssl-2.8.19.ebuild,v 1.9 2004/10/29 13:14:59 stuart Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/mod_ssl-2.8.19.ebuild,v 1.10 2005/01/08 21:43:06 hollow Exp $ MY_P=${P}-1.3.31 S=${WORKDIR}/${MY_P} diff --git a/net-www/mod_ssl/mod_ssl-2.8.20.ebuild b/net-www/mod_ssl/mod_ssl-2.8.20.ebuild index ef7329544647..2e0a0a3d1235 100644 --- a/net-www/mod_ssl/mod_ssl-2.8.20.ebuild +++ b/net-www/mod_ssl/mod_ssl-2.8.20.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2004 Gentoo Foundation +# Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/mod_ssl-2.8.20.ebuild,v 1.1 2004/10/21 01:48:40 kloeri Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/mod_ssl-2.8.20.ebuild,v 1.2 2005/01/08 21:43:06 hollow Exp $ MY_P=${P}-1.3.31 S=${WORKDIR}/${MY_P} diff --git a/net-www/mod_ssl/mod_ssl-2.8.21.ebuild b/net-www/mod_ssl/mod_ssl-2.8.21.ebuild index cc1f1c66a60c..c597ff1c2ea8 100644 --- a/net-www/mod_ssl/mod_ssl-2.8.21.ebuild +++ b/net-www/mod_ssl/mod_ssl-2.8.21.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2004 Gentoo Foundation +# Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/mod_ssl-2.8.21.ebuild,v 1.12 2004/11/10 06:06:57 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/mod_ssl-2.8.21.ebuild,v 1.13 2005/01/08 21:43:06 hollow Exp $ MY_P=${P}-1.3.32 S=${WORKDIR}/${MY_P} diff --git a/net-www/mod_ssl/mod_ssl-2.8.22.ebuild b/net-www/mod_ssl/mod_ssl-2.8.22.ebuild new file mode 100644 index 000000000000..3a3be07da975 --- /dev/null +++ b/net-www/mod_ssl/mod_ssl-2.8.22.ebuild @@ -0,0 +1,74 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-www/mod_ssl/mod_ssl-2.8.22.ebuild,v 1.1 2005/01/08 21:43:06 hollow Exp $ + +inherit apache-module + +MY_P=${P}-1.3.33 + +DESCRIPTION="An SSL module for the Apache Web server" +HOMEPAGE="http://www.modssl.org/" +SRC_URI="http://www.modssl.org/source/${MY_P}.tar.gz" + +KEYWORDS="~x86 ~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~sparc" +LICENSE="as-is" +SLOT="0" +IUSE="" + +DEPEND=">=dev-libs/openssl-0.9.6k" + +S=${WORKDIR}/${MY_P} + +APACHE1_MOD_FILE="${S}/pkg.sslmod/libssl.so" +APACHE1_MOD_CONF="10_${PN}" +APACHE1_MOD_DEFINE="SSL" + +VHOSTFILE="default-ssl" + +DOCFILES="ANNOUNCE CHANGES CREDITS LICENSE NEWS README*" + +need_apache1 + +src_unpack() { + unpack ${A} || die + cd ${S} || die + + # proper path to openssl + sed -i -e 's:^\(openssl=\).*:\1"/usr/bin/openssl":' pkg.contrib/cca.sh +} + +src_compile() { + if has_version '=sys-libs/gdbm-1.8.3*' ; then + myconf="--enable-rule=SSL_SDBM" + fi + + SSL_BASE=SYSTEM \ + ./configure \ + --with-apxs=${APXS1} ${myconf} || die "bad ./configure" + make || die "compile problem" +} + +src_install() { + apache1_src_install + + insinto ${APACHE1_VHOSTDIR} + doins ${FILESDIR}/${VHOSTFILE}.conf + + exeinto /usr/lib/ssl/mod_ssl + doexe pkg.contrib/*.sh ${FILESDIR}/gentestcrt.sh + + dodir /usr/share/doc/${PF}/html + cp -a pkg.ssldoc/* ${D}/usr/share/doc/${PF}/html +} + +pkg_postinst() { + install -d -o root -g root -m0755 ${ROOT}${APACHE1_CONFDIR}/ssl + + apache1_pkg_postinst + + cd ${ROOT}${APACHE1_CONFDIR}/ssl + einfo "Generating self-signed test certificate in ${APACHE1_CONFDIR}/ssl..." + einfo "(Ignore any message from the yes command below)" + yes "" | ${ROOT}/usr/lib/ssl/mod_ssl/gentestcrt.sh >/dev/null 2>&1 + einfo +} |