From 6356941d7174ac4cb94ba9bb2d6fe71849128384 Mon Sep 17 00:00:00 2001 From: cvsdist Date: Thu, 9 Sep 2004 06:16:56 +0000 Subject: [PATCH] auto-import httpd-2.0.48-10 from httpd-2.0.48-10.src.rpm --- httpd-2.0.45-export.patch | 46 +++++++ httpd-2.0.48-corelimit.patch | 32 +++++ httpd-2.0.48-release.patch | 11 ++ httpd.conf | 8 +- httpd.init | 5 +- httpd.logrotate | 2 +- httpd.spec | 242 +++++++++++++++++++++++++---------- index.html | 2 +- migration.xml | 10 +- ssl.conf | 1 + 10 files changed, 282 insertions(+), 77 deletions(-) create mode 100644 httpd-2.0.45-export.patch create mode 100644 httpd-2.0.48-corelimit.patch create mode 100644 httpd-2.0.48-release.patch diff --git a/httpd-2.0.45-export.patch b/httpd-2.0.45-export.patch new file mode 100644 index 0000000..6bcaef9 --- /dev/null +++ b/httpd-2.0.45-export.patch @@ -0,0 +1,46 @@ + +There is no need to "suck in" the apr/apr-util symbols when using +a shared libapr{,util}, it just bloats the symbol table; so don't. + +--- httpd-2.0.48/server/main.c.export ++++ httpd-2.0.48/server/main.c +@@ -669,28 +669,6 @@ + return 0; /* Termination 'ok' */ + } + +-/* force Expat to be linked into the server executable */ +-#if defined(USE_EXPAT) && !defined(SHARED_CORE_BOOTSTRAP) +-#include "xmlparse.h" +-const XML_LChar *suck_in_expat(void); +-const XML_LChar *suck_in_expat(void) +-{ +- return XML_ErrorString(XML_ERROR_NONE); +-} +-#endif /* USE_EXPAT */ +- +-#ifndef SHARED_CORE_BOOTSTRAP +-/* +- * Force apr_password_validate() into the image so that modules like +- * mod_auth can use it even if they're dynamically loaded. +- */ +-void suck_in_apr_password_validate(void); +-void suck_in_apr_password_validate(void) +-{ +- apr_password_validate("a", "b"); +-} +-#endif +- + #ifdef AP_USING_AUTOCONF + /* This ugly little hack pulls any function referenced in exports.c into + * the web server. exports.c is generated during the build, and it +--- httpd-2.0.48/server/Makefile.in.export ++++ httpd-2.0.48/server/Makefile.in +@@ -30,7 +30,7 @@ + + util.lo: test_char.h + +-EXPORT_DIRS = $(top_srcdir)/include $(top_srcdir)/os/$(OS_DIR) $(APR_INCLUDEDIR) $(APU_INCLUDEDIR) $(top_srcdir)/modules/http ++EXPORT_DIRS = $(top_srcdir)/include $(top_srcdir)/os/$(OS_DIR) $(top_srcdir)/modules/http + + # If export_files is a dependency here, but we remove it during this stage, + # when exports.c is generated, make will not detect that export_files is no diff --git a/httpd-2.0.48-corelimit.patch b/httpd-2.0.48-corelimit.patch new file mode 100644 index 0000000..1496b4b --- /dev/null +++ b/httpd-2.0.48-corelimit.patch @@ -0,0 +1,32 @@ + +Automatically raise the core file size limit if CoreDumpDirectory +is configured. + +--- httpd-2.0.48/server/core.c.corelimit ++++ httpd-2.0.48/server/core.c +@@ -4233,6 +4233,25 @@ + + ap_set_version(pconf); + ap_setup_make_content_type(pconf); ++ ++#ifdef RLIMIT_CORE ++ if (ap_coredumpdir_configured) { ++ struct rlimit lim; ++ ++ if (getrlimit(RLIMIT_CORE, &lim) == 0 && lim.rlim_cur == 0) { ++ lim.rlim_cur = lim.rlim_max; ++ if (setrlimit(RLIMIT_CORE, &lim) == 0) { ++ ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, ++ "core dump file size limit raised to %lu bytes", ++ lim.rlim_cur); ++ } else { ++ ap_log_error(APLOG_MARK, APLOG_NOTICE, errno, NULL, ++ "core dump file size is zero, setrlimit failed"); ++ } ++ } ++ } ++#endif ++ + return OK; + } + diff --git a/httpd-2.0.48-release.patch b/httpd-2.0.48-release.patch new file mode 100644 index 0000000..924d3c4 --- /dev/null +++ b/httpd-2.0.48-release.patch @@ -0,0 +1,11 @@ +--- httpd-2.0.48/server/core.c.release ++++ httpd-2.0.48/server/core.c +@@ -2429,7 +2429,7 @@ + ap_add_version_component(pconf, AP_SERVER_BASEPRODUCT "/" AP_SERVER_MAJORVERSION); + } + else { +- ap_add_version_component(pconf, AP_SERVER_BASEVERSION " (" PLATFORM ")"); ++ ap_add_version_component(pconf, AP_SERVER_BASEVERSION " (@RELEASE@)"); + } + + /* diff --git a/httpd.conf b/httpd.conf index 4dabb4a..7d7f90d 100644 --- a/httpd.conf +++ b/httpd.conf @@ -110,7 +110,7 @@ StartServers 8 MinSpareServers 5 MaxSpareServers 20 MaxClients 150 -MaxRequestsPerChild 1000 +MaxRequestsPerChild 4000 # worker MPM @@ -168,7 +168,6 @@ LoadModule expires_module modules/mod_expires.so LoadModule deflate_module modules/mod_deflate.so LoadModule headers_module modules/mod_headers.so LoadModule usertrack_module modules/mod_usertrack.so -LoadModule unique_id_module modules/mod_unique_id.so LoadModule setenvif_module modules/mod_setenvif.so LoadModule mime_module modules/mod_mime.so LoadModule dav_module modules/mod_dav.so @@ -1034,6 +1033,11 @@ BrowserMatch "^gnome-vfs" redirect-carefully # Use name-based virtual hosting. # #NameVirtualHost *:80 +# +# NOTE: NameVirtualHost cannot be used without a port specifier +# (e.g. :80) if mod_ssl is being used, due to the nature of the +# SSL protocol. +# # # VirtualHost example: diff --git a/httpd.init b/httpd.init index d6c3f25..cf65f48 100755 --- a/httpd.init +++ b/httpd.init @@ -1,13 +1,14 @@ #!/bin/bash # -# Startup script for the Apache Web Server +# httpd Startup script for the Apache HTTP Server # # chkconfig: - 85 15 # description: Apache is a World Wide Web server. It is used to serve \ # HTML files and CGI. # processname: httpd -# pidfile: /var/run/httpd.pid # config: /etc/httpd/conf/httpd.conf +# config: /etc/sysconfig/httpd +# pidfile: /var/run/httpd.pid # Source function library. . /etc/rc.d/init.d/functions diff --git a/httpd.logrotate b/httpd.logrotate index dd0ce1b..8be0f0e 100644 --- a/httpd.logrotate +++ b/httpd.logrotate @@ -3,6 +3,6 @@ notifempty sharedscripts postrotate - /bin/kill -HUP `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null || true + /bin/kill -USR1 `cat /var/run/httpd.pid 2>/dev/null` 2> /dev/null || true endscript } diff --git a/httpd.spec b/httpd.spec index d5c988e..f506764 100644 --- a/httpd.spec +++ b/httpd.spec @@ -5,7 +5,7 @@ Summary: Apache HTTP Server Name: httpd Version: 2.0.48 -Release: 1.2 +Release: 10 URL: http://httpd.apache.org/ Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.gz Source1: index.html @@ -26,41 +26,64 @@ Source33: README.confd # build/scripts patches Patch1: httpd-2.0.40-apctl.patch Patch2: httpd-2.0.36-apxs.patch -Patch3: httpd-2.0.36-sslink.patch +Patch3: httpd-2.0.48-linkmods.patch Patch4: httpd-2.0.45-parallel.patch Patch5: httpd-2.0.45-deplibs.patch Patch6: httpd-2.0.47-pie.patch Patch7: httpd-2.0.45-syspcre.patch +Patch8: httpd-2.0.48-suexeclibs.patch +Patch9: httpd-2.0.48-vpathinc.patch # Bug fixes Patch20: httpd-2.0.45-encode.patch Patch21: httpd-2.0.45-davfs.patch Patch22: httpd-2.0.45-davetag.patch Patch23: httpd-headusage.patch Patch24: httpd-2.0.47-sslcleanup.patch -Patch26: httpd-2.0.47-ldapshm.patch -Patch27: httpd-2.0.46-shmcb.patch -Patch32: httpd-2.0.46-sslmutex.patch -Patch34: httpd-2.0.46-sslio.patch -Patch36: httpd-2.0.46-graceful.patch -# features/functional changes -Patch41: httpd-2.0.36-redhat.patch -Patch42: httpd-2.0.40-xfsz.patch -Patch43: httpd-2.0.40-pod.patch -Patch44: httpd-2.0.40-noshmht.patch -Patch45: httpd-2.0.45-proxy.patch -# Ugly hacks which should never see the light of day -Patch60: httpd-2.0.48-ssl47to48.patch +Patch25: httpd-2.0.47-ldapshm.patch +Patch26: httpd-2.0.46-shmcb.patch +Patch27: httpd-2.0.46-sslmutex.patch +Patch28: httpd-2.0.46-sslio.patch +Patch29: httpd-2.0.46-graceful.patch +Patch30: httpd-2.0.46-metharray.patch +Patch31: httpd-2.0.48-usertrack.patch +Patch32: httpd-2.0.46-execfail.patch +Patch33: httpd-2.0.46-logtimez.patch +Patch34: httpd-2.0.46-sslerr.patch +Patch35: httpd-2.0.46-md5dig.patch +Patch36: httpd-2.0.48-sslvars.patch +Patch37: httpd-2.0.48-include.patch +Patch38: httpd-2.0.48-autoindex.patch +Patch39: httpd-2.0.48-proxy11.patch +# Features/functional changes +Patch70: httpd-2.0.48-release.patch +Patch71: httpd-2.0.40-xfsz.patch +Patch72: httpd-2.0.40-pod.patch +Patch73: httpd-2.0.40-noshmht.patch +Patch74: httpd-2.0.45-proxy.patch +Patch75: httpd-2.0.45-export.patch +Patch76: httpd-2.0.48-dynlimit.patch +Patch77: httpd-2.0.48-dynamic.patch +Patch78: httpd-2.0.48-status.patch +Patch79: httpd-2.0.48-sslstatus.patch +Patch80: httpd-2.0.48-corelimit.patch +Patch81: httpd-2.0.46-rolog.patch +Patch82: httpd-2.0.48-distcache.patch +# Security fixes +Patch120: httpd-2.0.48-CAN-2003-0020.patch +# Documentation fixes +Patch170: httpd-2.0.48-manpages.patch License: Apache Software License Group: System Environment/Daemons BuildRoot: %{_tmppath}/%{name}-root -BuildPrereq: db4-devel, expat-devel, findutils, perl, pkgconfig, xmlto >= 0.0.11 -BuildPrereq: apr-devel >= 0.9.3-10, apr-util-devel, pcre-devel +BuildRequires: db4-devel, expat-devel, findutils, perl, pkgconfig, xmlto >= 0.0.11 +BuildRequires: apr-devel >= 0.9.3-10, apr-util-devel, pcre-devel Requires: /etc/mime.types, gawk, /usr/share/magic.mime, /usr/bin/find Prereq: /sbin/chkconfig, /bin/mktemp, /bin/rm, /bin/mv Prereq: sh-utils, textutils, /usr/sbin/useradd Provides: webserver Provides: httpd-mmn = %{mmn} -Obsoletes: apache, secureweb, mod_dav +Obsoletes: apache, secureweb, mod_dav, mod_gzip, stronghold-apache, stronghold-htdocs +Obsoletes: mod_put, mod_roaming %description Apache is a powerful, full-featured, efficient, and freely-available @@ -70,7 +93,7 @@ Internet. %package devel Group: Development/Libraries Summary: Development tools for the Apache HTTP server. -Obsoletes: secureweb-devel, apache-devel +Obsoletes: secureweb-devel, apache-devel, stronghold-apache-devel Requires: apr-devel, apr-util-devel, httpd = %{version} %description devel @@ -95,9 +118,10 @@ also be found at http://httpd.apache.org/docs-2.0/. Group: System Environment/Daemons Summary: SSL/TLS module for the Apache HTTP server Serial: 1 -BuildPrereq: openssl-devel +BuildRequires: openssl-devel, distcache-devel Prereq: openssl, dev, /bin/cat -Requires: httpd, make, httpd-mmn = %{mmn} +Requires: httpd = %{version}-%{release}, make, httpd-mmn = %{mmn} +Obsoletes: stronghold-mod_ssl %description -n mod_ssl The mod_ssl module provides strong cryptography for the Apache Web @@ -108,15 +132,12 @@ Security (TLS) protocols. %setup -q %patch1 -p0 -b .apctl %patch2 -p1 -b .apxs -%patch3 -p0 -b .sslink -%patch4 -p0 -b .parallel +%patch3 -p1 -b .linkmods +%patch4 -p1 -b .parallel %patch5 -p1 -b .deplibs %patch7 -p1 -b .syspcre - -# Conditionally enable PIE support -if echo 'int main () { return 0; }' | gcc -pie -fpie -O2 -xc - -o pietest 2>/dev/null; then -%patch6 -p1 -b .pie -fi +%patch8 -p1 -b .suexeclibs +%patch9 -p1 -b .vpathinc # no -b to prevent droplets in install root %patch20 -p1 @@ -124,28 +145,60 @@ fi %patch22 -p1 -b .davetag %patch23 -p1 -b .head %patch24 -p1 -b .sslcleanup -%patch26 -p1 -b .ldapshm -%patch27 -p1 -b .shmcb -%patch32 -p1 -b .sslmutex -%patch34 -p1 -b .sslio -%patch36 -p1 -b .graceful +%patch25 -p1 -b .ldapshm +%patch26 -p1 -b .shmcb +%patch27 -p1 -b .sslmutex +%patch28 -p1 -b .sslio +%patch29 -p1 -b .graceful +%patch30 -p1 -b .metharray +%patch31 -p1 -b .usertrack +%patch32 -p1 -b .execfail +%patch33 -p1 -b .logtimez +%patch34 -p1 -b .sslerr +%patch35 -p1 -b .md5dig +%patch36 -p1 -b .sslvars +%patch37 -p1 -b .include +%patch38 -p1 -b .autoindex +%patch39 -p1 -b .proxy11 -%patch41 -p0 -b .redhat -%patch42 -p0 -b .xfsz -%patch43 -p0 -b .pod -%patch44 -p1 -b .noshmht -%patch45 -p1 -b .proxy +%patch71 -p0 -b .xfsz +%patch72 -p0 -b .pod +%patch73 -p1 -b .noshmht +%patch74 -p1 -b .proxy +%patch75 -p1 -b .export +%patch76 -p1 -b .dynlimit +%patch77 -p1 -b .dynamic +%patch78 -p1 -b .status +%patch79 -p1 -b .sslstatus +%patch80 -p1 -b .corelimit +%patch81 -p1 -b .rolog +%patch82 -p1 -b .distcache -%patch60 -p1 -b .ssl47to48 +%patch120 -p1 -b .can0020 + +%patch170 -p1 -b .manpages + +# Patch in vendor/release string +sed "s/@RELEASE@/Fedora/" < %{PATCH70} | patch -p1 # Safety check: prevent build if defined MMN does not equal upstream MMN. -vmmn=`echo MODULE_MAGIC_NUMBER_MAJOR | cpp -include \`pwd\`/include/ap_mmn.h | grep -v '#'` +vmmn=`echo MODULE_MAGIC_NUMBER_MAJOR | cpp -include \`pwd\`/include/ap_mmn.h | sed -n '/^2/p'` if test "x${vmmn}" != "x%{mmn}"; then : Error: Upstream MMN is now ${vmmn}, packaged MMN is %{mmn}. : Update the mmn macro and rebuild. exit 1 fi +# Conditionally enable PIE support +if echo 'static int foo[30000]; int main () { return 0; }' | + gcc -pie -fpie -O2 -xc - -o pietest 2>/dev/null && + ./pietest; then +%patch6 -p1 -b .pie + : PIE support enabled +else + : WARNING: PIE support not enabled +fi + %build # regenerate configure scripts ./buildconf @@ -179,11 +232,7 @@ function mpmbuild() { mpm=$1; shift mkdir $mpm; pushd $mpm -cat > config.cache < docs/man/logresolve.1 -rm docs/man/logresolve.8 +mv docs/man/logresolve.8 docs/man/logresolve.1 pushd prefork make DESTDIR=$RPM_BUILD_ROOT install @@ -363,19 +410,29 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/*.exp \ $RPM_BUILD_ROOT%{_bindir}/ap?-config \ $RPM_BUILD_ROOT%{_sbindir}/{checkgid,dbmmanage,envvars*} \ $RPM_BUILD_ROOT%{contentdir}/htdocs/* \ - $RPM_BUILD_ROOT%{contentdir}/cgi-bin/* + $RPM_BUILD_ROOT%{_mandir}/man1/dbmmanage.* \ + $RPM_BUILD_ROOT%{contentdir}/cgi-bin/* # Remove headers which needn't be public rm -f $RPM_BUILD_ROOT%{_includedir}/httpd/{ssl_expr_parse.h,ssl_util_table.h} +# Make suexec a+rw so it can be stripped. %%files lists real permissions +chmod 755 $RPM_BUILD_ROOT%{_sbindir}/suexec + %pre # Add the "apache" user /usr/sbin/useradd -c "Apache" -u 48 \ -s /sbin/nologin -r -d %{contentdir} apache 2> /dev/null || : -%triggerpostun -- apache < 2.0 +%triggerpostun -- apache < 2.0, stronghold-apache < 2.0 /sbin/chkconfig --add httpd +# Prevent removal of index.html on upgrades from 1.3 +%triggerun -- apache < 2.0, stronghold-apache < 2.0 +if [ -r %{contentdir}/index.html -a ! -r %{contentdir}/index.html.rpmold ]; then + mv %{contentdir}/index.html %{contentdir}/index.html.rpmold +fi + %post # Register the httpd service /sbin/chkconfig --add httpd @@ -453,10 +510,8 @@ rm -rf $RPM_BUILD_ROOT %dir %{_libdir}/httpd %dir %{_libdir}/httpd/modules -# everything but mod_ssl.so: -%{_libdir}/httpd/modules/mod_[a-r]*.so -%{_libdir}/httpd/modules/mod_s[petu]*.so -%{_libdir}/httpd/modules/mod_[t-z]*.so +%{_libdir}/httpd/modules/mod*.so +%exclude %{_libdir}/httpd/modules/mod_ssl.so %dir %{contentdir} %dir %{contentdir}/cgi-bin @@ -474,12 +529,8 @@ rm -rf $RPM_BUILD_ROOT %attr(0700,apache,apache) %dir %{_localstatedir}/lib/dav %attr(0700,apache,apache) %dir %{_localstatedir}/cache/mod_proxy -%{_mandir}/man1/* - -%{_mandir}/man8/apachectl* -%{_mandir}/man8/httpd* -%{_mandir}/man8/rotatelogs* -%{_mandir}/man8/suexec* +%{_mandir}/man?/* +%exclude %{_mandir}/man8/apxs.8* %files manual %defattr(-,root,root) @@ -506,15 +557,71 @@ rm -rf $RPM_BUILD_ROOT %dir %{_libdir}/httpd/build %{_libdir}/httpd/build/*.mk %{_libdir}/httpd/build/instdso.sh +%{_libdir}/httpd/build/libtool %changelog -* Wed Nov 19 2003 Joe Orton 2.0.48-1.2 -- bug fix for #110184 +* Tue Jan 27 2004 Joe Orton 2.0.48-10 +- update to ab from HEAD +- remove dbmmanage man page (part of #114080) +- mod_ssl: fix streaming nph- CGI scripts over SSL +- mod_autoindex: fixes from 2.0 branch (André Malo) +- add NameVirtualHost vs mod_ssl warning to httpd.conf (#114315) +- mod_proxy: HTTP/1.1-compliance fixes from HEAD -* Tue Oct 28 2003 Joe Orton 2.0.48-1.1 -- update to 2.0.48 (#108608, thanks to Robert Scheck) +* Tue Jan 20 2004 Joe Orton 2.0.48-9 +- use a large BSS in the test PIE executable to trigger bugs early +- tighten check on CPP output in MMN check (#113934) + +* Mon Jan 19 2004 Joe Orton 2.0.48-8 +- add man page fixes +- mod_include: use parser rewrite+fixes from 2.0 branch (André Malo et al) +- mod_ssl: add distcache support (Geoff Thorpe) +- mod_ssl: SSL variable handling fixes for non-SSL connections (various) +- allow linking modules against specific libraries found during configure + +* Mon Jan 19 2004 Joe Orton 2.0.48-7 +- hack to ensure that /usr/sbin/suexec gets stripped +- merges from upstream: + * fix for CVE CAN-2003-0020 (André Malo) + * open log files read-only (Jeff Trawick) + * mod_cgi: fix logging of script exec failure messages (Jeff Trawick) + * mod_proxy: fix leak in request body handling (Larry Toppi) +- merges from Taroon: + * move away /var/www/html/index.html before upgrade from 1.3 (#70705) + * allow upgrade from Stronghold 4.0 + * migration guide updates + * mod_log_config: fix logging of timezone (upstream #23642) + * mod_ssl: restore readable error descriptions in error log + +* Mon Jan 19 2004 Joe Orton 2.0.48-6 +- fix httpd.init issues reported by Behdad Esfahbod +- add fix for mod_usertrack (#113269) +- automatically raise RLIMIT_CORE if CoreDumpDirectory is used +- emit warning at end of %%prep if PIE support is not enabled +- add symlink to libtool script from build directory (#113720) +- don't link suexec against the world + +* Sun Jan 04 2004 Joe Orton 2.0.48-5 +- use graceful restart in logrotate +- bump default MaxRequestsPerChild for prefork to 4000 +- move vendor string for Server header into spec file +- include mod_status extension hook and use it in mod_ssl to include + SSL session cache statistics in server-status output + +* Thu Dec 18 2003 Joe Orton 2.0.48-4 +- rebuild + +* Sat Dec 13 2003 Jeff Johnson 2.0.48-3 +- rebuild against db-4.2.52. + +* Tue Oct 28 2003 Joe Orton 2.0.48-2 +- update to 2.0.48 - includes security fix for CVE CAN-2003-0542 -- reinstate mpm_common.h (#108080) +- include mpm*.h to fix mod_fastcgi build (#108080) +- increase DYNAMIC_MODULE_LIMIT to 128 +- re-enable ap_hack_* export trimming patch +- only use -export-dynamic when linking httpd, not suexec etc +- don't load mod_unique_id by default * Thu Oct 23 2003 Joe Orton 2.0.47-10 - httpd.conf: configure test page in welcome.conf, load suexec, @@ -531,6 +638,9 @@ rm -rf $RPM_BUILD_ROOT - updated index.html (Matt Wilson, #107378) - change server version string comment to "(Fedora)" +* Mon Oct 13 2003 Jeff Johnson 2.0.47-8.1 +- rebuild against db-4.2.42. + * Wed Oct 8 2003 Joe Orton 2.0.47-8 - use -fPIE not -fpie to fix s390x (Florian La Roche) - include VERSIONING in docdir diff --git a/index.html b/index.html index 89ad8d4..6f9033f 100644 --- a/index.html +++ b/index.html @@ -116,7 +116,7 @@

You may now add content to the directory /var/www/html/. Note that until you do so, people visiting your website will see this page, and not your content. To prevent this page from ever being used, follow the instructions in the file /etc/httpd/conf.d/welcome.conf.

-

You are free to use the image below on Apache and Fedora Core powered HTTP server. Thanks for using Apache and Fedora Core!

+

You are free to use the images below on Apache and Fedora Core powered HTTP servers. Thanks for using Apache and Fedora Core!

[ Powered by Apache ] [ Powered by Fedora Core ]

diff --git a/migration.xml b/migration.xml index db5d5e3..5face4c 100644 --- a/migration.xml +++ b/migration.xml @@ -31,10 +31,10 @@ This HOWTO covers the migration of &distro; web servers from -version 1.3 of the Apache HTTP server to version 2.0. It explains the -relevant differences between the 1.3 and 2.0 packages, and describes -the process required to migrate the server configuration from 1.3 to -2.0. +Apache 1.3 packages to Apache 2.0 packages. It +explains the relevant differences between the 1.3 and 2.0 packages, +and describes the process required to migrate your server's +configuration from 1.3 to 2.0. @@ -101,7 +101,7 @@ for both 1.3 and 2.0 are divided into three sections, and for each of these this document will suggest what is hopefully the easiest route. -If your &httpdconf; has been modified from the default +If your &httpdconf; has been modified from the default configuration and you have saved a copy of the original then you may find the diff command comes in handy. Invoked as: diff --git a/ssl.conf b/ssl.conf index abf13bc..ffcd9ff 100644 --- a/ssl.conf +++ b/ssl.conf @@ -57,6 +57,7 @@ SSLPassPhraseDialog builtin # to use and second the expiring timeout (in seconds). #SSLSessionCache none #SSLSessionCache dbm:/var/cache/mod_ssl/scache(512000) +#SSLSessionCache dc:UNIX/var/cache/mod_ssl/distcache SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000) SSLSessionCacheTimeout 300