| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
Lot of changes, for details see
http://www.mozilla.org/projects/seamonkey/release-notes/m18-detail.html#whats_new
This is supposed to improve speed and stability.
I am commiting this now (during freeze) because (a) about nothing depends
on it and it is know to realy only work on i386/elf yet (although some
changes to fix problems on MacPPC, sparc and mips have been integrated);
and (b) Taya mentioned update problems (which I couldn't reproduce) from
M17 to M18, so it's better to avoid these by having the newer version
in the tagged pkgsrc.
|
|
one is: segv on ftp transfer (with no proxy) is fixed.
|
|
o Added experimental support for OpenSSL's crypto device support
o Completely removed RSAref support
o Added new Cyclic Buffer based Shared Memory Session Cache variant
o Restructured the Session Cache implementation(s)
o Upgrade to Apache 1.3.14
|
|
The security fixes are:
* A problem with the Rewrite module, mod_rewrite, allowed access to
any file on the web server under certain circumstances
* The handling of Host: headers in mass virtual hosting
configurations, mod_vhost_alias, could allow access to any file on
the server
* If a cgi-bin directory is under the document root, the source to
the scripts inside it could be sent if using mass virtual hosting
The main new features include:
* Support for a directory-based configuration system. If any of the
configuration directives point to directories instead of files,
all files in that directory (and in subdirectories) will be also
parsed as configuration files
* Support name-based virtual hosting without needing to specify an
IP address in the Apache configuration file. This enables sites
that use dynamic IP addresses to support name-based virtual
hosting as well as allowing identical machines to share a
configuration file, say in a load-balanced cluster
* The SetEnvIf and BrowserMatch range of directives are now able to
be used in .htaccess files.
* Administrators who are nervous about their full server version
details being public can use the new keyword 'ProductOnly' in the
ServerTokens directive. This keyword forces the server to only
return the string "Apache" as the server version.
* The new digest authentication module, mod_auth_digest has had a
number of fixes and upgrades applied
|
|
stop completely.
|
|
|
|
|
|
Problem noted by Olaf Seibert in private e-mail.
|
|
created during configure).
|
|
|
|
|
|
through the environment, and using the value in the configure script.
|
|
Add -Dunix to CFLAGS
Pass MOTIFBASE down through the environment, so that the configure
script can pick this up, and find lesstif if xpkgwedge is installed.
|
|
|
|
Noticed by Gary Duzan.
|
|
|
|
|
|
(gillham@vaultron.com), in <200010021201.e92C1Gp08569@flash.vaultron.com>
message to current-users.
Provide basic instructions relating to php3.ini
|
|
It doesn't work yet (due to toolchain issues), but that's another story.
The patches were created by wtc@netscape.com and are going to be applied
to the mozilla mainline.
|
|
|
|
|
|
how NetBSD's rc.d system interprets script names. Also add appropriate
REQUIRE and PROVIDE sections to allow direct use in NetBSD's rc.d system.
|
|
|
|
we call stop, then start. This correctly restarts httpd with SSL support
if it was initially started with SSL support.
|
|
if we're sourcing the former.
|
|
it, and the default is "off" anyhow.
|
|
|
|
|
|
|
|
EAPI didn't change so no need to change Apache's version number.
Also standardize package builds to have Apache listen on ports 80/443
regardless of UID of user that builds the package, and make MAINTAINER
point to me.
|
|
|
|
Also make me the maintainer. Relevant changes from version 2.6.3:
-) Install ${sbindir}/mkcert.sh to ease generation of SSL certificates.
*) Fixed server restarts: Under non-DSO run-time situation, the
OpenSSL library was shutdown (and never re-initialized) and this
way caused segfaults on server restarts. This affected only
installations where mod_ssl+OpenSSL were built as a static module
instead of a DSO. This nasty bug was unfortunately introduced in
2.6.5 as a side-effect of an (otherwise correct) memory leak bugfix.
*) Various typo fixes in user manual.
*) Removed more memory leaks by freeing even more stuff
from the OpenSSL toolkit on module shutdown.
*) Added missing TLSv1, EXP40 and EXP56 keywords to
ssl_reference's documentation of SSLCipherSuite.
*) Added hints about MSIE workarounds (-SSLv3, !EXP56, etc.)
to the FAQ entry about MSIE errors.
*) Added !EXP56 to pre-configured SSLCipherSuite in order to avoid
MSIE5.x problems in advance.
*) Allow spaces in ServerRoot and SSLPassPhraseDialog arguments
which is especially important for the Win32 environment.
*) Fixed syntax errors in ssl_howto.wml: "Deny all" -> "Deny from all"
*) Removed a left-over ssl_scache_expire() call in ssl_scache_init()
which made the life of vendors complicated.
*) Allow more fine-tuned overriding of ap_server_root_relative calls
by providing the context of the call.
*) Added Equifax Secure CA certificates to ca-bundle.crt.
*) Let the pass phrase dialog force the prompt to occur only once
(no verification step), because mod_ssl uses the dialog only for
pass phrases which are required for reading private keys. This as a
side-effect should fix a problem under Win32 where a second prompt
occured for unknown reasons.
*) Added more compatibility to Stronghold v2's SSL_SessionCache.
*) Added two more EAPI hools under SSL_VENDOR: one for overriding
ap_server_root_relative calls and one for hooking into the server
configuration step.
*) Fixed SSL display for mod_status in `short report' situation.
*) Fixed memory leak caused by not-freed SSL_CTX in the HTTPS proxy
support (ssl_engine_ext.c/mod_proxy) under _NOT_ SSL_EXPERIMENTAL.
|
|
jsdk20 package can fetch it's distfile.
|
|
target to actually go out and fetch the jsdk distribution by using urlget
to navigate Sun's web forms.
Make this behavior depend on the value sun-jsdk20-license being in
ACCEPTABLE_LICENSES.
|
|
RESTRICTED= variables that were predicated on former U.S. export
regulations. Add CRYPTO=, as necessary, so it's still possible to
exclude all crypto packages from a build by setting MKCRYPTO=no
(but "lintpkgsrc -R" will no longer catch them).
Specifically,
- - All packages which set USE_SSL just lose their RESTRICTED
variable, since MKCRYPTO responds to USE_SSL directly.
- - realplayer7 and ns-flash keep their RESTRICTED, which is based
on license terms, but also gain the CRYPTO variable.
- - srp-client is now marked broken, since the distfile is evidently
no longer available. On this, we're no worse off than before.
[We haven't been mirroring the distfile, or testing the build!]
- - isakmpd gets CRYPTO for RESTRICTED, but remains broken.
- - crack loses all restrictions, as it does not evidently empower
a user to utilize strong encryption (working definition: ability
to encode a message that requires a secret key plus big number
arithmetic to decode).
|
|
|
|
(URL parser makes mistake on certain pattern)
|
|
|
|
|
|
find shared DynaLoader_pic.o needed by mod_perl.so.
|
|
|
|
|
|
|
|
package admin where the cruft is that may need to be manually removed.
* Factor out the making of extra directories and the copying of config files
into a separate INSTALL script.
* Rearrange the Makefile a bit to handle changes in the PLIST.
* Remove erroneous information from pkg/DESCR.
|
|
version numbers change, and it doesn't work correctly on a.out anyway.
Closes pkg/10309.
|
|
Do not crank communicator version as this would make the matching in
'netscape' something of a nightmare (the version already varies based on
architecture due to 4.61 being the last SunOS/sparc release).
|
|
interpreter is not found.
|
|
|
