mod_ssl: Check for RAND_egd() at configure time and only use it if present. Fixes the build with LibreSSL which does not provide this function.

Avoid valgrind warnings in mod_ssl random number generator We intentionally add uninitialized stack memory. To avoid warnings, make valgrind believe that the memory is defined. Add configure option to enable valgrind support

Add lots of unique tags to error log messages

Enforce OpenSSL 0.9.7 as a minimum requirement in configure, and remove #ifdef'ed code which was relevant for earlier versions only.

remove more unused variables revove some obsolete comments netware file is untested

- Be less verbose at levels INFO and DEBUG in mod_proxy* and mod_ssl - Add some trace logging to core and http

update license header text

Update the copyright year in all .c, .h and .xml files

No functional Change: Removing trailing whitespace. This also means that "blank" lines consisting of just spaces or tabs are now really blank lines

Update copyright year to 2005 and standardize on current copyright owner line.

Move mod_ssl-internal interfaces into ssl_private.h; allow mod_ssl.h to be included even when mod_ssl is not enabled. * Makefile.in (install-include): Only install mod_ssl.h. * modules/ssl/ssl_private.h: New file. * modules/ssl/mod_ssl.h: Move everything apart from than the optional hook definitions into ssl_private.h. * modules/ssl/*.c: Include ssl_private.h not mod_ssl.h * modules/ssl/config.m4: Always add the mod_ssl directory to the include path so other modules can find mod_ssl.h. * modules/proxy/mod_proxy.c: Include mod_ssl.h to pick up the optional hook definitions rather than copy'n'pasting them.

fix name of The Apache Software Foundation

fix copyright dates according to the first check in

apply Apache License, Version 2.0

update license to 2004.

finished that boring job: update license to 2003. Happy New Year! ;-))

reword an error message

stop using APLOG_NOERRNO in calls to ap_log_[pr]error()

Change mod_ssl from using ssl_log() to ap_log_error(). The issue is that ssl_log doesn't handle apr_status_t result codes. This leads to a number of places (esp. with mutexes) where the error codes get lost. Rather than extending ssl_log further, since mod_ssl is part of our core, migrate to ap_log_error. This means that mod_ssl no longer does its own logging. Most uses of SSL_ADD_ERRNO are now mapped correctly to apr_status_t values (mainly because the APIs that used to return errnos are now APRized and have apr_status_t codes available). SSL_LOG_TRACE and SSL_LOG_DEBUG were mapped to the APLOG_DEBUG values. mod_ssl prints out a LOT of debugging information, so mod_ssl with LogLevel Debug may not be a good idea - perhaps mod_ssl should be less chatty. Numerous printf type collisions were also resolved. (The ssl logging code itself will be removed in a subsequent commit.) This has been discussed on dev@httpd, but the fact that there isn't much to review besides the mindless changes, I'm going to commit now and rely on CTR if I screwed up anything on the translation.

typo fix s/EDG/EGD/g

sslc does not currently support RAND_egd or RAND_status

Update our copyright for this year.

remove version checks for using EGD

Consensus is that we should not use the scoreboard as a source of entropy. Reviewed by: OtherBill, Justin, Madhu

Forward port of changes in mod_ssl for Apache 1.3 up through mod_ssl version 2.8.7-1.3.23.

This patch eliminated from the _SHARED_ segment of the scoreboard all pointer math. This is required for portable scoreboards. vhost becomes the 'vhost name string' so it now survives ap_generation clicks. next was apparently never used. This patch also accounts for the changes to the apr_shm api, and gives Win32 the magic of a shared scoreboard. Breakage aplenty on non-win32 platforms, I suspect, but this radical surgery, and culling of unused functions, was really, really needed.

get SSLRandomSeed exec: working by passing the proper arguments to apr_proc_create()

tiny cleanup to remove bogus SCOREBOARD_SIZE define

Close a real GP fault. This is the _wrong_solution_, but stops the segfaults against very odd RAND_seed errors given garbage in.

SSL_rand() does a mutex lock/unlock with threaded MPMs, so collapse two calls that seed pid and time into one. PR: Obtained from: Submitted by: Reviewed by:

move srand() call from ssl_rand_choosenum() to ssl_init_Child() this was being called twice per-connection with 'SSLRandom connect builtin' configured (which is in the default config) this also gets rid of two time() syscalls per-connection PR: Obtained from: Submitted by: Reviewed by:

call getpid() once at child init and save in the SSLModConfigRec to avoid getpid() calls at request time PR: Obtained from: Submitted by: Reviewed by:

Apply mod_ssl MEGA porting patch. This is a cleaned up version of the latest patches from Madhusudan which makes mod_ssl 95% working inside Apache 2.0. There is still a lot of more work (both porting and cleanup) to do be done. See modules/ssl/README for details. Submitted by: Madhusudan Mathihalli <madhusudan_mathihalli@hp.com>

Next step in mod_ssl integration: Add missing files to build environment.

mod_ssl integration step 2: transfer copyright of all code to ASF by using Apache Software License v1.1

Initial revision