diff -C3 -r ../apache_1.2.0/src/Configuration ./src/Configuration
*** ../apache_1.2.0/src/Configuration	Thu Jun  5 20:23:35 1997
--- ./src/Configuration	Sat Jul  5 17:46:49 1997
***************
*** 41,47 ****
  # Settings here have priority; If not set, Configure will attempt to guess
  # the C compiler, and set OPTIM to '-O2'
  #
! EXTRA_CFLAGS=
  EXTRA_LFLAGS=
  EXTRA_LIBS=
  EXTRA_INCLUDES=
--- 41,47 ----
  # Settings here have priority; If not set, Configure will attempt to guess
  # the C compiler, and set OPTIM to '-O2'
  #
! EXTRA_CFLAGS=-w3 -v -g
  EXTRA_LFLAGS=
  EXTRA_LIBS=
  EXTRA_INCLUDES=
***************
*** 50,55 ****
--- 50,67 ----
  #OPTIM=-O2
  #RANLIB=
  
+ TARGET=httpsd
+ 
+ #
+ # SSL Related stuff. N.B. This is set up to use the SSLeay source, NOT an
+ # installed version.
+ #
+ SSL_BASE=/u/ben/work/scuzzy-ssleay8
+ SSL_INCLUDE= -I$(SSL_BASE)/include
+ SSL_CFLAGS= -DAPACHE_SSL $(SSL_INCLUDE)
+ SSL_LIB_DIR= $(SSL_BASE)
+ SSL_LIBS= -L$(SSL_LIB_DIR) -lssl -lcrypto
+ 
  ################################################################
  # Rules configuration
  #
***************
*** 200,206 ****
  ## NOTE: You do not want this module UNLESS you are running a proxy;
  ##       it is not needed for normal (origin server) operation.
  
! # Module proxy_module        modules/proxy/libproxy.a
  
  ## The Alias module provides simple URL translation and redirection.
  
--- 212,218 ----
  ## NOTE: You do not want this module UNLESS you are running a proxy;
  ##       it is not needed for normal (origin server) operation.
  
! Module proxy_module        modules/proxy/libproxy.a
  
  ## The Alias module provides simple URL translation and redirection.
  
***************
*** 209,215 ****
  ## mod_rewrite allows for powerful URI-to-URI and URI-to-filename mapping,
  ## using regular expressions.
  
! # Module rewrite_module      mod_rewrite.o
  
  ##
  ## Access control and authentication modules. 
--- 221,227 ----
  ## mod_rewrite allows for powerful URI-to-URI and URI-to-filename mapping,
  ## using regular expressions.
  
! Module rewrite_module      mod_rewrite.o
  
  ##
  ## Access control and authentication modules. 
***************
*** 220,226 ****
  ## The anon_auth module allows for anonymous-FTP-style username/ 
  ## password authentication.
  
! # Module anon_auth_module    mod_auth_anon.o
  
  ## db_auth and dbm_auth work with Berkeley DB files - make sure there
  ## is support for DBM files on your system.  You may need to grab the GNU
--- 232,238 ----
  ## The anon_auth module allows for anonymous-FTP-style username/ 
  ## password authentication.
  
! Module anon_auth_module    mod_auth_anon.o
  
  ## db_auth and dbm_auth work with Berkeley DB files - make sure there
  ## is support for DBM files on your system.  You may need to grab the GNU
***************
*** 228,234 ****
  ## done by Configure at a later date)
  
  # Module db_auth_module      mod_auth_db.o
! # Module dbm_auth_module     mod_auth_dbm.o
  
  ## msql_auth checks against an mSQL database.  You must have mSQL installed
  ## and an "msql.h" available for this to even compile.  Additionally,
--- 240,246 ----
  ## done by Configure at a later date)
  
  # Module db_auth_module      mod_auth_db.o
! Module dbm_auth_module     mod_auth_dbm.o
  
  ## msql_auth checks against an mSQL database.  You must have mSQL installed
  ## and an "msql.h" available for this to even compile.  Additionally,
***************
*** 244,267 ****
  ## "digest" implements HTTP Digest Authentication rather than the less 
  ## secure Basic Auth used by the other modules.
  
! # Module digest_module       mod_digest.o
  
  ## Optional response header manipulation modules. 
  ##
  ## cern_meta mimics the behavior of the CERN web server with regards to 
  ## metainformation files.  
  
! # Module cern_meta_module    mod_cern_meta.o
  
  ## The expires module can apply Expires: headers to resources,
  ## as a function of access time or modification time.
  
! # Module expires_module      mod_expires.o
  
  ## The headers module can set arbitrary HTTP response headers,
  ## as configured in server, vhost, access.conf or .htaccess configs
  
! # Module headers_module      mod_headers.o
  
  ## Miscellaneous modules
  ##
--- 256,283 ----
  ## "digest" implements HTTP Digest Authentication rather than the less 
  ## secure Basic Auth used by the other modules.
  
! Module digest_module       mod_digest.o
  
  ## Optional response header manipulation modules. 
  ##
  ## cern_meta mimics the behavior of the CERN web server with regards to 
  ## metainformation files.  
  
! Module cern_meta_module    mod_cern_meta.o
  
  ## The expires module can apply Expires: headers to resources,
  ## as a function of access time or modification time.
  
! Module expires_module      mod_expires.o
  
  ## The headers module can set arbitrary HTTP response headers,
  ## as configured in server, vhost, access.conf or .htaccess configs
  
! Module headers_module      mod_headers.o
! 
! # Damn damn damn. Apache inverts the module list. SSL must go first to fake
! # basic authorization. So, uncomment this line to add SSL.
! Module ssl_module apache_ssl.o
  
  ## Miscellaneous modules
  ##
***************
*** 273,279 ****
  ## You do not need this, or any other module to allow your site
  ## to use Cookies.  This module is for user tracking only
  
! # Module usertrack_module      mod_usertrack.o
  
  ## The example module, which demonstrates the use of the API.  See
  ## the file modules/example/README for details.  This module should
--- 289,295 ----
  ## You do not need this, or any other module to allow your site
  ## to use Cookies.  This module is for user tracking only
  
! Module usertrack_module      mod_usertrack.o
  
  ## The example module, which demonstrates the use of the API.  See
  ## the file modules/example/README for details.  This module should
diff -C3 -r ../apache_1.2.0/src/Configuration.tmpl ./src/Configuration.tmpl
*** ../apache_1.2.0/src/Configuration.tmpl	Sat May 10 17:14:36 1997
--- ./src/Configuration.tmpl	Sun Jun 29 12:25:14 1997
***************
*** 50,55 ****
--- 50,67 ----
  #OPTIM=-O2
  #RANLIB=
  
+ TARGET=httpsd
+ 
+ #
+ # SSL Related stuff. N.B. This is set up to use the SSLeay source, NOT an
+ # installed version.
+ #
+ SSL_BASE=/u/ben/work/scuzzy-ssleay6
+ SSL_INCLUDE= -I$(SSL_BASE)/include
+ SSL_CFLAGS= -DAPACHE_SSL $(SSL_INCLUDE)
+ SSL_LIB_DIR= $(SSL_BASE)
+ SSL_LIBS= -L$(SSL_LIB_DIR) -lssl -lcrypto
+ 
  ################################################################
  # Rules configuration
  #
***************
*** 262,267 ****
--- 274,283 ----
  ## as configured in server, vhost, access.conf or .htaccess configs
  
  # Module headers_module      mod_headers.o
+ 
+ # Damn damn damn. Apache inverts the module list. SSL must go first to fake
+ # basic authorization. So, uncomment this line to add SSL.
+ Module ssl_module apache_ssl.o
  
  ## Miscellaneous modules
  ##
diff -C3 -r ../apache_1.2.0/src/Makefile.tmpl ./src/Makefile.tmpl
*** ../apache_1.2.0/src/Makefile.tmpl	Wed Jun  4 20:21:15 1997
--- ./src/Makefile.tmpl	Sun Jun 29 12:25:14 1997
***************
*** 14,22 ****
    $(MODULES)
  
  .c.o:
! 	$(CC) -c $(INCLUDES) $(CFLAGS) $(SPACER) $<
! 
! all: @@Configuration@@ httpd
  
  @@Configuration@@: Configuration.tmpl
  	@echo "@@Configuration@@ older than Configuration.tmpl, or doesn't exist."
--- 14,21 ----
    $(MODULES)
  
  .c.o:
! 	$(CC) -c $(INCLUDES) $(CFLAGS) $(SPACER) $(SSL_CFLAGS) $<
! all: @@Configuration@@ $(TARGET)
  
  @@Configuration@@: Configuration.tmpl
  	@echo "@@Configuration@@ older than Configuration.tmpl, or doesn't exist."
***************
*** 28,33 ****
--- 27,43 ----
  httpd: $(REGLIB) $(OBJS)
  	$(CC) $(LFLAGS)  -o httpd $(OBJS) $(REGLIB) $(LIBS)
  
+ httpsd: $(REGLIB) $(OBJS)
+ 	$(CC) $(LFLAGS) -o httpsd $(OBJS) $(REGLIB) $(SSL_LIBS) $(LIBS)
+ 
+ certificate:
+ 	$(SSL_LIB_DIR)/apps/ssleay req \
+ 	-config $(SSL_LIB_DIR)/apps/ssleay.conf \
+ 	-new -x509 -nodes -out ../SSLconf/conf/httpsd.pem \
+ 	-keyout ../SSLconf/conf/httpsd.pem; \
+ 	ln -sf ../SSLconf/conf/httpsd.pem ../SSLconf/conf/`$(SSL_LIB_DIR)/apps/ssleay \
+ 	x509 -noout -hash < ../SSLconf/conf/httpsd.pem`.0
+ 
  regex/libregex.a:
  	(cd regex; $(MAKE) lib CC=$(CC) AUX_CFLAGS='$(CFLAGS)' RANLIB='$(RANLIB)')
  
***************
*** 36,42 ****
  	$(MAKE) CC=$(CC) AUX_CFLAGS='$(CFLAGS)' RANLIB='$(RANLIB)')
  
  clean:
! 	rm -f httpd $(OBJS) 
  	cd regex; $(MAKE) clean
  	cd modules; $(MAKE) clean
  
--- 46,52 ----
  	$(MAKE) CC=$(CC) AUX_CFLAGS='$(CFLAGS)' RANLIB='$(RANLIB)')
  
  clean:
! 	rm -f httpd httpsd $(OBJS) 
  	cd regex; $(MAKE) clean
  	cd modules; $(MAKE) clean
  
***************
*** 49,55 ****
  
  # Work around broken compilers
  http_bprintf.o: http_bprintf.c
! 	$(CC) -c $(INCLUDES) $(CFLAGS) $(BROKEN_BPRINTF_FLAGS) http_bprintf.c
  
  #Dependencies
  
--- 59,65 ----
  
  # Work around broken compilers
  http_bprintf.o: http_bprintf.c
! 	$(CC) -c $(INCLUDES) $(CFLAGS) $(BROKEN_BPRINTF_FLAGS) $(SSL_CFLAGS) http_bprintf.c
  
  #Dependencies
  
diff -C3 -r ../apache_1.2.0/src/buff.c ./src/buff.c
*** ../apache_1.2.0/src/buff.c	Thu May 29 05:21:15 1997
--- ./src/buff.c	Sun Jun 29 12:25:16 1997
***************
*** 143,148 ****
--- 143,153 ----
      fb->fd = -1;
      fb->fd_in = -1;
  
+ #ifdef APACHE_SSL
+     fb->ssl = NULL;
+     fb->szClientX509 = NULL;
+ #endif
+ 
      return fb;
  }
  
***************
*** 324,329 ****
--- 329,339 ----
  	}
      }
      do {
+ #ifdef APACHE_SSL
+       if (fb->ssl)
+ 	rv = SSL_read(fb->ssl, buf, nbyte);
+       else
+ #endif
  	rv = read( fb->fd_in, buf, nbyte );
      } while (rv == -1 && errno == EINTR && !(fb->flags & B_EOUT));
      return( rv );
***************
*** 621,627 ****
  	return -1;
  
      while (nbyte > 0) {
! 	i = write(fb->fd, buf, nbyte);
  	if (i < 0) {
  	    if (errno != EAGAIN && errno != EINTR) {
  		return -1;
--- 631,642 ----
  	return -1;
  
      while (nbyte > 0) {
! #ifdef APACHE_SSL
!       if (fb->ssl)
! 	i = SSL_write(fb->ssl, buf, nbyte);
!       else
! #endif
! 	i = write(fb->fd, buf, nbyte );
  	if (i < 0) {
  	    if (errno != EAGAIN && errno != EINTR) {
  		return -1;
***************
*** 657,665 ****
  	return -1;
  
      if (!(fb->flags & B_CHUNK))
  	return write(fb->fd, buf, nbyte);
  
! #ifdef NO_WRITEV
      /* without writev() this has poor performance, too bad */
  
      ap_snprintf(chunksize, sizeof(chunksize), "%x\015\012", nbyte);
--- 672,685 ----
  	return -1;
  
      if (!(fb->flags & B_CHUNK))
+ #ifdef APACHE_SSL
+       if (fb->ssl)
+ 	return SSL_write(fb->ssl, buf, nbyte);
+       else
+ #endif
  	return write(fb->fd, buf, nbyte);
  
! #if defined(NO_WRITEV) || defined(APACHE_SSL)
      /* without writev() this has poor performance, too bad */
  
      ap_snprintf(chunksize, sizeof(chunksize), "%x\015\012", nbyte);
***************
*** 780,786 ****
  	            -1 : fb->outcnt;
  	}
  	else {
! 	    do i = write(fb->fd, fb->outbase, fb->outcnt);
  	    while (i == -1 && errno == EINTR && !(fb->flags & B_EOUT));
  	}
  	if (i <= 0) {
--- 800,812 ----
  	            -1 : fb->outcnt;
  	}
  	else {
! 	    do
! #ifdef APACHE_SSL
! 	      if (fb->ssl)
! 		i = SSL_write(fb->ssl, (char *)fb->outbase, fb->outcnt);
! 	      else
! #endif
! 		i = write(fb->fd, fb->outbase, fb->outcnt);
  	    while (i == -1 && errno == EINTR && !(fb->flags & B_EOUT));
  	}
  	if (i <= 0) {
***************
*** 862,868 ****
      while (fb->outcnt > 0)
      {
  	/* the buffer must be full */
! 	do i = write(fb->fd, fb->outbase, fb->outcnt);
  	while (i == -1 && errno == EINTR && !(fb->flags & B_EOUT));
  	if (i == 0) {
  	    errno = EAGAIN;
--- 888,900 ----
      while (fb->outcnt > 0)
      {
  	/* the buffer must be full */
! 	do
! #ifdef APACHE_SSL
! 	    if (fb->ssl)
! 		i = SSL_write(fb->ssl, (char *)fb->outbase, fb->outcnt);
! 	    else
! #endif
! 		i = write(fb->fd, fb->outbase, fb->outcnt);
  	while (i == -1 && errno == EINTR && !(fb->flags & B_EOUT));
  	if (i == 0) {
  	    errno = EAGAIN;
***************
*** 919,924 ****
--- 951,963 ----
      fb->flags |= B_EOF | B_EOUT;
      fb->fd = -1;
      fb->fd_in = -1;
+ 
+ #ifdef APACHE_SSL
+     if (fb->ssl) {
+ 	SSL_free(fb->ssl);
+ 	fb->ssl = NULL;
+     }
+ #endif
  
      if (rc1 != 0) return rc1;
      else if (rc2 != 0) return rc2;
diff -C3 -r ../apache_1.2.0/src/buff.h ./src/buff.h
*** ../apache_1.2.0/src/buff.h	Mon Feb 10 15:49:54 1997
--- ./src/buff.h	Sun Jun 29 12:25:16 1997
***************
*** 52,57 ****
--- 52,62 ----
  
  #include <stdarg.h>
  
+ #ifdef APACHE_SSL
+ #include <stdio.h>
+ #include <ssl.h>
+ #endif
+ 
  /* Reading is buffered */
  #define B_RD     (1)
  /* Writing is buffered */
***************
*** 94,99 ****
--- 99,111 ----
  /* could also put pointers to the basic I/O routines here */
      int fd;                /* the file descriptor */
      int fd_in;             /* input file descriptor, if different */
+ 
+ #ifdef APACHE_SSL
+     /* Add some context for SSL */
+     SSL *ssl;
+     char *szClientX509;
+     int nVerifyError;
+ #endif
  };
  
  /* Options to bset/getopt */
diff -C3 -r ../apache_1.2.0/src/http_config.c ./src/http_config.c
*** ../apache_1.2.0/src/http_config.c	Thu May 15 23:39:20 1997
--- ./src/http_config.c	Sun Jun 29 12:25:16 1997
***************
*** 1049,1055 ****
--- 1049,1059 ----
  {
      server_rec *s = (server_rec *)pcalloc (p, sizeof (server_rec));
  
+ #ifdef APACHE_SSL
+     s->port=0;
+ #else
      s->port = DEFAULT_PORT;
+ #endif
      s->server_admin = DEFAULT_ADMIN;
      s->server_hostname = NULL; 
      s->error_fname = DEFAULT_ERRORLOG;
***************
*** 1088,1093 ****
--- 1092,1099 ----
      process_resource_config (s, s->access_confname, p, ptemp);
      
      fixup_virtual_hosts (p, s);
+ 
+     default_server_hostnames(s);
      
      for (m = top_module; m; m = m->next)
          if (m->init)
diff -C3 -r ../apache_1.2.0/src/http_main.c ./src/http_main.c
*** ../apache_1.2.0/src/http_main.c	Thu May 29 04:50:27 1997
--- ./src/http_main.c	Sun Jun 29 13:09:11 1997
***************
*** 1847,1852 ****
--- 1847,1862 ----
  				       (struct sockaddr_in *)&sa_server,
  				       child_num);
  
+ #ifdef APACHE_SSL
+ 	/* 
+ 	 * This returns false if the connection cannot be setup,
+ 	 * so maybe we should do something with this here...
+ 	 * however it also blocks the BUFF connections
+ 	 * so the next bit should fall out anyway!
+ 	 */
+ 	ApacheSSLSetupConnection(current_conn);
+ #endif
+ 
          /*
           * Read and process each request found on our connection
           * until no requests are left or we decide to close.
***************
*** 2110,2115 ****
--- 2120,2126 ----
  {
      struct sockaddr_in sa_server;
      int saved_sd;
+     static BOOL bFirst=TRUE;
      int remaining_children_to_start;
  
      standalone = 1;
***************
*** 2131,2140 ****
  	    kill_cleanups_for_fd (pconf, scoreboard_fd);
  	}
  #endif
! 	clear_pool (pconf);
! 	ptrans = make_sub_pool (pconf);
  
- 	server_conf = read_config (pconf, ptrans, server_confname); 
  	open_logs (server_conf, pconf);
  	set_group_privs ();
  	accept_mutex_init (pconf);
--- 2142,2156 ----
  	    kill_cleanups_for_fd (pconf, scoreboard_fd);
  	}
  #endif
! 	if(!bFirst)
! 	    {
! 	    clear_pool (pconf);
! 	    ptrans = make_sub_pool (pconf);
! 	    server_conf = read_config(pconf, ptrans, server_confname); 
! 	    }
! 	else
! 	    bFirst=FALSE;
  
  	open_logs (server_conf, pconf);
  	set_group_privs ();
  	accept_mutex_init (pconf);
***************
*** 2148,2154 ****
  	}
  #endif
  
! 	default_server_hostnames (server_conf);
  
  	if (listeners == NULL) {
  	    if (!is_graceful) {
--- 2164,2170 ----
  	}
  #endif
  
! 	/*	default_server_hostnames (server_conf);*/
  
  	if (listeners == NULL) {
  	    if (!is_graceful) {
***************
*** 2393,2399 ****
      server_conf = read_config (pconf, ptrans, server_confname);
      
      if(standalone) {
!         clear_pool (pconf);	/* standalone_main rereads... */
          standalone_main(argc, argv);
      }
      else {
--- 2409,2415 ----
      server_conf = read_config (pconf, ptrans, server_confname);
      
      if(standalone) {
!     /*        clear_pool (pconf);	/* standalone_main rereads... */
          standalone_main(argc, argv);
      }
      else {
diff -C3 -r ../apache_1.2.0/src/http_protocol.c ./src/http_protocol.c
*** ../apache_1.2.0/src/http_protocol.c	Thu May 29 03:44:31 1997
--- ./src/http_protocol.c	Sun Jun 29 12:25:18 1997
***************
*** 551,559 ****
    unsigned port;
  
    /* This routine parses full URLs, if they match the server */
!   if (strncmp(uri, "http://", 7)) return uri;
!   name = pstrdup(r->pool, uri + 7);
!   
    /* Find the hostname, assuming a valid request */
    i = ind(name, '/');
    name[i] = '\0';
--- 551,563 ----
    unsigned port;
  
    /* This routine parses full URLs, if they match the server */
!   char *method=http_method(r);
!   int mlen=strlen(method);
! 
!   if(strncmp(uri,method,mlen))
!       return uri;
!   name = pstrdup(r->pool, uri + mlen);
! 
    /* Find the hostname, assuming a valid request */
    i = ind(name, '/');
    name[i] = '\0';
***************
*** 561,567 ****
    /* Find the port */
    host = getword_nc(r->pool, &name, ':');
    if (*name) port = atoi(name);
!   else port = 80;
  
    /* Make sure ports patch */
    if (port != r->server->port) return uri;
--- 565,571 ----
    /* Find the port */
    host = getword_nc(r->pool, &name, ':');
    if (*name) port = atoi(name);
!   else port=default_port(r);
  
    /* Make sure ports patch */
    if (port != r->server->port) return uri;
***************
*** 678,684 ****
  static void check_hostalias (request_rec *r) {
    const char *hostname=r->hostname;
    char *host = getword(r->pool, &hostname, ':');	/* Get rid of port */
!   unsigned port = (*hostname) ? atoi(hostname) : 80;
    server_rec *s;
    int l;
  
--- 682,688 ----
  static void check_hostalias (request_rec *r) {
    const char *hostname=r->hostname;
    char *host = getword(r->pool, &hostname, ':');	/* Get rid of port */
!   unsigned port = (*hostname) ? atoi(hostname) : default_port(r);
    server_rec *s;
    int l;
  
diff -C3 -r ../apache_1.2.0/src/httpd.h ./src/httpd.h
*** ../apache_1.2.0/src/httpd.h	Thu Jun  5 20:16:27 1997
--- ./src/httpd.h	Sat Jul  5 15:41:16 1997
***************
*** 60,65 ****
--- 60,66 ----
  #include "alloc.h"
  #include "buff.h"
  
+ 
  /* ----------------------------- config dir ------------------------------ */
  
  /* Define this to be the default server home dir. Anything later in this
***************
*** 97,105 ****
   */
  
  
! /* -------------- Port number for server running standalone --------------- */
! 
! #define DEFAULT_PORT 80
  
  /* --------- Default user name and group name running standalone ---------- */
  /* --- These may be specified as numbers by placing a # before a number --- */
--- 98,116 ----
   */
  
  
! /* -------------- Port number and protocol for server running standalone -- */
! #ifdef APACHE_SSL
! #define HTTP_PORT	80
! #define HTTPS_PORT	443
! #define default_port(r)		((r)->connection->client->ssl ? HTTPS_PORT : HTTP_PORT)
! #define is_default_port(port,r)	((port) == default_port(r))
! #define http_method(r)		((r)->connection->client->ssl ? "https" : "http")
! #else
! #define	DEFAULT_PORT	80
! #define	default_port(r)		DEFAULT_PORT
! #define is_default_port(port,r)	((port) == DEFAULT_PORT)
! #define http_method(r)	"http"
! #endif
  
  /* --------- Default user name and group name running standalone ---------- */
  /* --- These may be specified as numbers by placing a # before a number --- */
***************
*** 255,261 ****
--- 266,277 ----
   * Example: "Apache/1.1.0 MrWidget/0.1-alpha" 
   */
  
+ #ifdef APACHE_SSL
+ #define SERVER_BASEVERSION "Apache/1.2.0 Ben-SSL/1.8" /* SEE COMMENTS ABOVE */
+ #else
  #define SERVER_BASEVERSION "Apache/1.2.0" /* SEE COMMENTS ABOVE */
+ #endif
+ 
  #ifdef SERVER_SUBVERSION
  #define SERVER_VERSION	SERVER_BASEVERSION " " SERVER_SUBVERSION
  #else
***************
*** 573,578 ****
--- 589,602 ----
  #define DEFAULT_VHOST_ADDR 0xfffffffful
  
  typedef struct server_addr_rec server_addr_rec;
+ 
+ typedef unsigned int BOOL;
+ #define TRUE 		1
+ #define FALSE 		0
+ 
+ #ifdef APACHE_SSL
+ int ApacheSSLSetupConnection(conn_rec * conn);
+ #endif
  struct server_addr_rec {
      server_addr_rec *next;
      struct in_addr host_addr;	/* The bound address, for this server */
***************
*** 673,680 ****
  char *os_escape_path(pool *p,const char *path,int partial);
  #define escape_uri(ppool,path) os_escape_path(ppool,path,1)
  extern char *escape_html(pool *p, const char *s);
! char *construct_server(pool *p, const char *hostname, unsigned port);
! char *construct_url (pool *p, const char *path, const server_rec *s);     
  char *escape_shell_cmd (pool *p, const char *s);
       
  int count_dirs(const char *path);
--- 697,704 ----
  char *os_escape_path(pool *p,const char *path,int partial);
  #define escape_uri(ppool,path) os_escape_path(ppool,path,1)
  extern char *escape_html(pool *p, const char *s);
! char *construct_server(pool *p, const char *hostname, unsigned port, const request_rec *r);
! char *construct_url (pool *p, const char *path, const request_rec *r);
  char *escape_shell_cmd (pool *p, const char *s);
       
  int count_dirs(const char *path);
diff -C3 -r ../apache_1.2.0/src/md5.h ./src/md5.h
*** ../apache_1.2.0/src/md5.h	Wed Jan  1 18:10:23 1997
--- ./src/md5.h	Sun Jun 29 12:25:18 1997
***************
*** 91,99 ****
    UINT4 state[4];                                   /* state (ABCD) */
    UINT4 count[2];        /* number of bits, modulo 2^64 (lsb first) */
    unsigned char buffer[64];                         /* input buffer */
! } MD5_CTX;
  
! extern void MD5Init(MD5_CTX *context);
! extern void MD5Update(MD5_CTX *context, const unsigned char *input,
  		      unsigned int inputLen);
! extern void MD5Final(unsigned char digest[16], MD5_CTX *context);
--- 91,99 ----
    UINT4 state[4];                                   /* state (ABCD) */
    UINT4 count[2];        /* number of bits, modulo 2^64 (lsb first) */
    unsigned char buffer[64];                         /* input buffer */
! } APACHE_MD5_CTX;
  
! extern void MD5Init(APACHE_MD5_CTX *context);
! extern void MD5Update(APACHE_MD5_CTX *context, const unsigned char *input,
  		      unsigned int inputLen);
! extern void MD5Final(unsigned char digest[16], APACHE_MD5_CTX *context);
diff -C3 -r ../apache_1.2.0/src/md5c.c ./src/md5c.c
*** ../apache_1.2.0/src/md5c.c	Wed Jan  1 18:10:24 1997
--- ./src/md5c.c	Sun Jun 29 12:25:19 1997
***************
*** 158,164 ****
  /* MD5 initialization. Begins an MD5 operation, writing a new context.
   */
  void
! MD5Init(MD5_CTX *context)
  {
      context->count[0] = context->count[1] = 0;
    /* Load magic initialization constants. */
--- 158,164 ----
  /* MD5 initialization. Begins an MD5 operation, writing a new context.
   */
  void
! MD5Init(APACHE_MD5_CTX *context)
  {
      context->count[0] = context->count[1] = 0;
    /* Load magic initialization constants. */
***************
*** 173,179 ****
    context.
   */
  void
! MD5Update(MD5_CTX *context, const unsigned char *input, unsigned int inputLen)
  {
      unsigned int i, index, partLen;
  
--- 173,179 ----
    context.
   */
  void
! MD5Update(APACHE_MD5_CTX *context, const unsigned char *input, unsigned int inputLen)
  {
      unsigned int i, index, partLen;
  
***************
*** 209,215 ****
    the message digest and zeroizing the context.
   */
  void
! MD5Final(unsigned char digest[16], MD5_CTX *context)
  {
      unsigned char bits[8];
      unsigned int index, padLen;
--- 209,215 ----
    the message digest and zeroizing the context.
   */
  void
! MD5Final(unsigned char digest[16], APACHE_MD5_CTX *context)
  {
      unsigned char bits[8];
      unsigned int index, padLen;
diff -C3 -r ../apache_1.2.0/src/mod_auth.c ./src/mod_auth.c
*** ../apache_1.2.0/src/mod_auth.c	Thu Apr 24 10:16:54 1997
--- ./src/mod_auth.c	Sun Jun 29 12:25:19 1997
***************
*** 70,76 ****
--- 70,82 ----
  #include "http_log.h"
  #include "http_protocol.h"
  #if defined(HAVE_CRYPT_H)
+ #if defined(APACHE_SSL)
+ #define des_encrypt	BASE_des_encrypt
  #include <crypt.h>
+ #undef des_encrypt
+ #else
+ #include <crypt.h>
+ #endif /* APACHE_SSL */
  #endif
  
  typedef struct auth_config_struct {
diff -C3 -r ../apache_1.2.0/src/mod_dir.c ./src/mod_dir.c
*** ../apache_1.2.0/src/mod_dir.c	Tue May 13 04:01:50 1997
--- ./src/mod_dir.c	Sun Jun 29 12:25:20 1997
***************
*** 791,797 ****
  			 "/", NULL);
  
  	table_set (r->headers_out, "Location",
! 		   construct_url(r->pool, ifile, r->server)); 
  	return HTTP_MOVED_PERMANENTLY;
      }
  
--- 791,797 ----
  			 "/", NULL);
  
  	table_set (r->headers_out, "Location",
! 		   construct_url(r->pool, ifile, r)); 
  	return HTTP_MOVED_PERMANENTLY;
      }
  
diff -C3 -r ../apache_1.2.0/src/mod_imap.c ./src/mod_imap.c
*** ../apache_1.2.0/src/mod_imap.c	Sat Apr 12 04:24:58 1997
--- ./src/mod_imap.c	Sun Jun 29 12:25:21 1997
***************
*** 367,379 ****
    char my_base[SMALLBUF] = {'\0'};
  
    if ( ! strcasecmp(value, "map" ) || ! strcasecmp(value, "menu") ) {
!     if (r->server->port == DEFAULT_PORT ) { 
!       ap_snprintf(url, SMALLBUF,
! 		"http://%s%s", r->server->server_hostname, r->uri);
      }
      else {
!       ap_snprintf(url, SMALLBUF, "http://%s:%d%s", r->server->server_hostname,
! 	      r->server->port, r->uri);      
      }
      return;  
    }
--- 367,379 ----
    char my_base[SMALLBUF] = {'\0'};
  
    if ( ! strcasecmp(value, "map" ) || ! strcasecmp(value, "menu") ) {
!     if (is_default_port(r->server->port,r)) { 
!         ap_snprintf(url, SMALLBUF,
! 		"%s://%s%s", http_method(r), r->server->server_hostname, r->uri);
      }
      else {
!       ap_snprintf(url, SMALLBUF, "%s://%s:%d%s", http_method(r), r->server->server_hostname,
!   	      r->server->port, r->uri);      
      }
      return;  
    }
***************
*** 411,421 ****
        url[SMALLBUF-1] = '\0';
      }         
      else {                  
!       if (r->server->port == DEFAULT_PORT ) {  
! 	ap_snprintf(url, SMALLBUF, "http://%s/", r->server->server_hostname);
!       }            
!       if (r->server->port != DEFAULT_PORT ) {
! 	ap_snprintf(url, SMALLBUF, "http://%s:%d/",
  		r->server->server_hostname, r->server->port);
        }                     /* no base, no value: pick a simple default */
      }
--- 411,420 ----
        url[SMALLBUF-1] = '\0';
      }         
      else {                  
!       if (is_default_port(r->server->port, r)) {  
! 	ap_snprintf(url, SMALLBUF, "%s://%s/", http_method(r), r->server->server_hostname);
!       } else {
! 	ap_snprintf(url, SMALLBUF, "%s://%s:%d/", http_method(r),
  		r->server->server_hostname, r->server->port);
        }                     /* no base, no value: pick a simple default */
      }
diff -C3 -r ../apache_1.2.0/src/mod_log_config.c ./src/mod_log_config.c
*** ../apache_1.2.0/src/mod_log_config.c	Sun May  4 20:47:47 1997
--- ./src/mod_log_config.c	Sun Jun 29 14:37:11 1997
***************
*** 118,123 ****
--- 118,132 ----
   * %...l:  remote logname (from identd, if supplied)
   * %...{Foobar}n:  The contents of note "Foobar" from another module.
   * %...{Foobar}o:  The contents of Foobar: header line(s) in the reply.
+  *
+  * Additional SSL directives:
+  *
+  * %...{cipher}c:  cipher used (SSL_get_cipher)
+  * %...{clientcert}c: client certificate information
+  * %...{errcode}c: X509 verify error code
+  * %...{errstr}c: X509 verify error string
+  * %...{version}c: SSL version (SSLeay 0.8.0 and above)
+  *
   * %...p:  the port the request was served to
   * %...P:  the process ID of the child that serviced the request.
   * %...r:  first line of request
***************
*** 162,167 ****
--- 171,180 ----
  #include "http_config.h"
  #include "http_core.h" /* For REMOTE_NAME */
  
+ #ifdef APACHE_SSL
+ #include <crypto.h>
+ #endif
+ 
  module config_log_module;
  
  static int xfer_flags = ( O_WRONLY | O_APPEND | O_CREAT );
***************
*** 340,345 ****
--- 353,363 ----
      ap_snprintf(pidnum, sizeof(pidnum), "%ld", (long)getpid());
      return pstrdup(r->pool, pidnum);
  }
+ 
+ #ifdef APACHE_SSL
+ extern char *log_ssl_info(request_rec *r, char *a);
+ #endif
+ 
  /*****************************************************************
   *
   * Parsing the log format string
***************
*** 367,372 ****
--- 385,393 ----
      { 'v', log_virtual_host, 0 },
      { 'p', log_server_port, 0 },
      { 'P', log_child_pid, 0 },
+ #ifdef APACHE_SSL
+     { 'c', log_ssl_info, 0 },
+ #endif
      { '\0' }
  };
  
***************
*** 487,492 ****
--- 508,560 ----
      return a;
  }
  
+ #ifdef APACHE_SSL
+ char *log_ssl_info(request_rec *r, char *a)
+     {
+     char str[MAX_STRING_LEN];
+ 
+     if(!r->connection->client->ssl)
+ 	return NULL;
+ 
+     if(!strcmp(a, "cipher"))
+ 	return SSL_get_cipher(r->connection->client->ssl);
+ 
+     if(!strcmp(a, "clientcert"))
+ 	return r->connection->client->szClientX509;
+ 
+     if(!strcmp(a, "errcode"))
+ 	if(r->connection->client->nVerifyError)
+ 	    {
+ 	    sprintf(str, "%d", r->connection->client->nVerifyError);
+ 	    return pstrdup(r->pool,str);
+ 	    }
+ 	else
+ 	    return NULL;
+ 
+     if(!strcmp(a, "errstr"))
+ 	if(r->connection->client->nVerifyError)
+ #if SSLEAY_VERSION_NUMBER < 0x0800
+ 	    return X509_cert_verify_error_string(r->connection->client->nVerifyError);
+ #else
+ 	    return X509_verify_cert_error_string(r->connection->client->nVerifyError);
+ #endif
+ 	else
+ 	    return NULL;
+ 
+ #if SSLEAY_VERSION_NUMBER >= 0x0800
+     if(!strcmp(a, "version"))
+ 	{
+ 	static char v[2];
+ 
+ 	v[0]='0'+r->connection->client->ssl->session->ssl_version;
+ 	v[1]='\0';
+ 	return v;
+ 	}
+ #endif
+     
+     return NULL;
+ }
+ #endif
  /*****************************************************************
   *
   * Actually logging.
diff -C3 -r ../apache_1.2.0/src/mod_rewrite.c ./src/mod_rewrite.c
*** ../apache_1.2.0/src/mod_rewrite.c	Thu Apr 24 23:35:22 1997
--- ./src/mod_rewrite.c	Sun Jun 29 13:00:01 1997
***************
*** 886,897 ****
  
      /* add the canonical URI of this URL */
      thisserver = r->server->server_hostname;
! #ifdef APACHE_SSL
!     if (((!r->connection->client->ssl) && (r->server->port == DEFAULT_PORT)) ||
!          ((r->connection->client->ssl) && (r->server->port == 443)))
! #else
!     if (r->server->port == DEFAULT_PORT)
! #endif 
          thisport = "";
      else {
          ap_snprintf(buf, sizeof(buf), ":%u", r->server->port);
--- 886,892 ----
  
      /* add the canonical URI of this URL */
      thisserver = r->server->server_hostname;
!     if(is_default_port(r->server->port,r))
          thisport = "";
      else {
          ap_snprintf(buf, sizeof(buf), ":%u", r->server->port);
***************
*** 1626,1637 ****
                 && !(strlen(r->filename) > 6 &&
                      strncmp(r->filename, "ftp://", 6) == 0)    ) {
  
! #ifdef APACHE_SSL
!                 if ((!r->connection->client->ssl && r->server->port == DEFAULT_PORT) ||
!                     ( r->connection->client->ssl && r->server->port == 443)  )
! #else
!                 if (r->server->port == DEFAULT_PORT)
! #endif
                      port[0] = '\0';
                  else 
                      ap_snprintf(port, sizeof(port), ":%u", r->server->port);
--- 1621,1627 ----
                 && !(strlen(r->filename) > 6 &&
                      strncmp(r->filename, "ftp://", 6) == 0)    ) {
  
! 	        if(is_default_port(r->server->port,r))
                      port[0] = '\0';
                  else 
                      ap_snprintf(port, sizeof(port), ":%u", r->server->port);
***************
*** 1869,1875 ****
              EOS_PARANOIA(host);
              *cp = '/';
              /* set port */
!             port = DEFAULT_PORT;
              /* set remaining url */
              url = cp;
          }
--- 1859,1865 ----
              EOS_PARANOIA(host);
              *cp = '/';
              /* set port */
!             port = default_port(r);
              /* set remaining url */
              url = cp;
          }
***************
*** 1878,1884 ****
              strncpy(host, hostp, sizeof(host)-1);
              EOS_PARANOIA(host);
              /* set port */
!             port = DEFAULT_PORT;
              /* set remaining url */
              url = "/";
          }
--- 1868,1874 ----
              strncpy(host, hostp, sizeof(host)-1);
              EOS_PARANOIA(host);
              /* set port */
!             port = default_port(r);
              /* set remaining url */
              url = "/";
          }
diff -C3 -r ../apache_1.2.0/src/modules/proxy/proxy_util.c ./src/modules/proxy/proxy_util.c
*** ../apache_1.2.0/src/modules/proxy/proxy_util.c	Wed Jun  4 21:20:27 1997
--- ./src/modules/proxy/proxy_util.c	Sun Jun 29 12:25:22 1997
***************
*** 552,558 ****
  void
  proxy_hash(const char *it, char *val,int ndepth,int nlength)
  {
!     MD5_CTX context;
      unsigned char digest[16];
      char tmp[22];
      int i, k, d;
--- 552,558 ----
  void
  proxy_hash(const char *it, char *val,int ndepth,int nlength)
  {
!     APACHE_MD5_CTX context;
      unsigned char digest[16];
      char tmp[22];
      int i, k, d;
diff -C3 -r ../apache_1.2.0/src/util.c ./src/util.c
*** ../apache_1.2.0/src/util.c	Sat Apr 12 04:24:59 1997
--- ./src/util.c	Sun Jun 29 12:25:22 1997
***************
*** 782,792 ****
      else return OK;
  }
  
! char *construct_server(pool *p, const char *hostname, unsigned port) {
!     char portnum[22];		
  	/* Long enough, even if port > 16 bits for some reason */
    
!     if (port == DEFAULT_PORT)
  	return (char *)hostname;
      else {
          ap_snprintf (portnum, sizeof(portnum), "%u", port);
--- 782,793 ----
      else return OK;
  }
  
! char *construct_server(pool *p, const char *hostname, unsigned port, const request_rec *r) {
!     char portnum[22];
  	/* Long enough, even if port > 16 bits for some reason */
+     server_rec *s=r->server;
    
!     if (is_default_port(port, r))
  	return (char *)hostname;
      else {
          ap_snprintf (portnum, sizeof(portnum), "%u", port);
***************
*** 794,802 ****
      }
  }
  
! char *construct_url(pool *p, const char *uri, const server_rec *s) {
!     return pstrcat (p, "http://",
! 		    construct_server(p, s->server_hostname, s->port),
  		    uri, NULL);
  }
  
--- 795,804 ----
      }
  }
  
! char *construct_url(pool *p, const char *uri, const request_rec *r) {
!     server_rec *s=r->server;
!     return pstrcat (p, http_method(r), "://",
! 		    construct_server(p, s->server_hostname, s->port, r),
  		    uri, NULL);
  }
  
diff -C3 -r ../apache_1.2.0/src/util_md5.c ./src/util_md5.c
*** ../apache_1.2.0/src/util_md5.c	Wed Jan  1 18:10:46 1997
--- ./src/util_md5.c	Sun Jun 29 12:25:23 1997
***************
*** 84,90 ****
  
  char *md5 (pool *p, unsigned char *string)
  {
!     MD5_CTX my_md5;
      unsigned char hash[16];
      char *r, result[33];
      int i;
--- 84,90 ----
  
  char *md5 (pool *p, unsigned char *string)
  {
!     APACHE_MD5_CTX my_md5;
      unsigned char hash[16];
      char *r, result[33];
      int i;
***************
*** 149,155 ****
  static char basis_64[] =
     "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
  
! char *md5contextTo64(pool *a, MD5_CTX *context)
  {
      unsigned char digest[18];
      char *encodedDigest;
--- 149,155 ----
  static char basis_64[] =
     "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
  
! char *md5contextTo64(pool *a, APACHE_MD5_CTX *context)
  {
      unsigned char digest[18];
      char *encodedDigest;
***************
*** 176,182 ****
  
  char *md5digest(pool *p, FILE *infile)
  {
!     MD5_CTX context;
      unsigned char buf[1000];
      long length = 0;
      int nbytes;
--- 176,182 ----
  
  char *md5digest(pool *p, FILE *infile)
  {
!     APACHE_MD5_CTX context;
      unsigned char buf[1000];
      long length = 0;
      int nbytes;
diff -C3 -r ../apache_1.2.0/src/util_md5.h ./src/util_md5.h
*** ../apache_1.2.0/src/util_md5.h	Wed Jan  1 18:10:46 1997
--- ./src/util_md5.h	Sun Jun 29 12:25:23 1997
***************
*** 53,58 ****
  #include "md5.h"
  
  char *md5(pool *a, unsigned char *string);
! char *md5contextTo64(pool *p, MD5_CTX *context);
  char *md5digest(pool *p, FILE *infile);
  
--- 53,58 ----
  #include "md5.h"
  
  char *md5(pool *a, unsigned char *string);
! char *md5contextTo64(pool *p, APACHE_MD5_CTX *context);
  char *md5digest(pool *p, FILE *infile);
  
