                       _             _ 
   _ __ ___   ___   __| |    ___ ___| |  
  | '_ ` _ \ / _ \ / _` |   / __/ __| |  
  | | | | | | (_) | (_| |   \__ \__ \ |  mod_ssl - Apache Interface to SSLeay  
  |_| |_| |_|\___/ \__,_|___|___/___/_|  http://www.engelschall.com/sw/mod_ssl/
                       |_____|         
  _____________________________________________________________________________


  ChangeLog
  ---------

  This file summarizes *all* types of changes to the mod_ssl package, i.e.
  changes between each patchlevel (2.x.y->2.x.(y+1) and 2.x.y->2.(x+1).0).
  Take this list as a reference for concrete and detailed information about
  every single change.

  Changes with mod_ssl 2.1b0 (17-Aug-1998 to 26-Aug-1998)

   *) Added a few files to the distribution: First my PGP public key as
      ssl.contrib/rse.pgp to the distribution so people can use it on
      forthcoming releases to verify the tarballs signature. Second the files
      WISHES and TODO which contain the mod_ssl wishlist and the ToDo-list for
      2.1.0. [Ralf S. Engelschall]

   *) Finally fixed the SSL connection deallocation and removed the old
      FREE_SESSION stuff. [Ralf S. Engelschall]

   *) Added support for annotating SSLeay error messages. Now some
      of the raw-level SSLeay error messages are automatically annotated with 
      high-level hints. For instance the unmeaningly message
      ``error:06065064:digital envelope routines:EVP_DecryptFinal:bad
      decrypt'' now reads ``...routines:EVP_DecryptFinal:bad decrypt [Hint:
      wrong pass phrase!?]'' etc.
      [Ralf S. Engelschall]

   *) Removed ERR_load_crypto_strings() call because it's already contained in
      SSL_load_error_string() from SSLeay 0.8 and 0.9.  Additionally now a
      ERR_clear_error() is done after each logfile entry was written to make
      sure no unread SSLeay errors are kept and occur with later messages
      (where they would confuse people).
      [Ralf S. Engelschall]

   *) Renamed `SSLLogFile' to `SSLLog' because it isn't always a file,
      it also can have an argument "|/path/to/filter" and act as
      a reliable pipe to a logging filter program.
      [Ralf S. Engelschall]

   *) Renamed `SSLRequiredCiphers' directive to `SSLCipherSuite'
      because the Apache-SSL directivename `SSLRequiredCiphers' was a full
      accident. Because first it always got intermixed with the per-directory
      context directive `SSLRequireCipher'. And second this sets not Ciphers
      which are all `required'. It just sets the Ciphers the clients is
      permitted to negotiate (the client actually chooses only _one_ Cipher).
      [Ralf S. Engelschall]

   *) Added SSLMutex for mutal expclusion of server process operations.
      This is currently used only for synchronizing access to the new Session
      Cache stuff. Three variants can be configured: `SSLMutex none' (no mutex
      at all - works but risky), `SSLMutex file:/path/to/lockfile' (portable)
      and `SSLMutex ipcsem' (elegant but not portable).
      [Ralf S. Engelschall]

   *) Moved the backward compatibility stuff into its own module:
      mod_sslcompat. This module now already provides configuration directive
      compatibility for both Apache-SSL and Sioux.  More (Stronghold?) can be
      add later, too. Additionally a mod_sslcompat.html document was written
      which described the provided configuration directive mapping.
      [Ralf S. Engelschall]

   *) Split the mod_ssl sources from its large 70KB file into smaller chunks,
      which are now mainly named accoring to the logical modules they contain.
      This way the source inside src/modules/ssl/ is easier to overview.  Just
      one minor drawback: We lose a lot of nice `static' and have to prefix
      really _all_ functions with `ssl_' now.
      [Ralf S. Engelschall]

   *) Replaced the gcache stuff from Apache-SSL days and replaced it
      by a more simple but even more flexible approach. Now the new
      `SSLSessionCache' directive replaces `SSLCacheServerPath' and
      `SSLCacheServerPort'.  The SSLSessionCacheTimeout remains and has the
      old semantics.  So, where is the difference? The old gcache stuff was
      like this: An extra process (ssl_gcache) was running in parallel to the
      httpd server processes and listening to a socket. Through SSLeay
      callbacks the internal SSLeay caches of all server processes were synced
      with this global cache.  For this socket connections were established.
      The drawback of this approach were:

      1. The nasty fiddling with the extra child process was totally buggy

      2. The gcache program itself used another local memory cache. This
         was totally unnecessary because SSLeay already caches the stuff in a
         local memory cache. So, under Apache-SSL tree cache layers were used
         (1: SSLeay internal, 2: gcache internal, 3: gcache external) while
         layer 2 is not needed.

      3. The gcache server process uses a TCP socket for communication
         which can be considered a security problem.

      So the intent now was to replace this with a better solution. The idea
      came from Stronghold: We either cache the information never (the
      default), in a hashfile on the local disk (the portable variant -
      already implemented) or even in a hash structure inside a shared memory
      segment ( (non-portable, but fast and elegant - still not implemented,
      only stubs were created to plug this in later).
      [Ralf S. Engelschall]

   *) CORRECTLY SOLVE THE PASS PHRASE DIALOG PROBLEM (the problem is that
      Apache detaches from the terminal before the SSLeay pass phrase dialog
      pops up). First I got rid of the ugly and unsuccessful filedescriptor
      hacks Ben added recently to Apache-SSL because they do not work under
      all platforms as expected. Second I re-ordered the control flow to allow
      the following processing:
      
      Now at the 1st round of the Apache API init cycle the servers are
      scanned for certificate and key files and the first one which uses an
      encrypted key forces the pass phrase dialog to pop up. This dialog is
      either an interactive builtin terminal dialog (`SSLPassPhraseDialog
      builtin' - which is similar to SSLeay default dialog) or can be driven
      in batch by a filtering program which is run once and has to provide the
      pass phrase on stdout (`SSLPassPhraseDialog /path/to/program').  After
      this the pass phrase is _temporarily_ stored in memory for use later in
      the 2nd round of the Apache API init cycle. Now additionally this pass
      phrase can be kept in memory (`SSLPassPhraseCaching on') for forthcoming
      server restarts (`kill -HUP') or is explicitly wiped out from memory
      (`SSLPassPhraseCaching off' - for the paranoid users).

      The following combinations are possible:

      1. THE SMART DEFAULT VARIANT:
         `SSLPassPhraseDialog builtin' + `SSLPassPhraseCaching on':
         This is the default which is reasonable for most of the users. This
         way on Apache startup time the pass phrase is requested on the
         terminal but kept in memory for all forthcoming restarts.

      2. THE THEORY VARIANT:
         `SSLPassPhraseDialog builtin' + `SSLPassPhraseCaching off':
         This combination leads to a server fall-down on any occuring restarts
         because the terminal dialog _cannot_ be done at restart time (Apache
         is already detached).  So, this combination is only interesting in
         theory but should be avoided because its not really useful in
         practice.  

      3. THE BATCH VARIANT:
         `SSLPassPhraseDialog /path/to/program' + `SSLPassPhraseCaching on':
         This is for users who want to remote control the Apache startup or
         make it automatic by controlling the dialog from within a program.
         This program is run only once at startup. Then the pass phrase is
         kept in memory for forthcoming restarts.

      4. THE PARANOIA VARIANT: 
         `SSLPassPhraseDialog /path/to/program' + `SSLPassPhraseCaching off':
         This is for the really paranoid users who want avoid any pass phrase
         caching. Instead both on startup and restart time the pass phrase has
         to be provided by an external program.
      
   *) The SSL logfile is now placed in the main server instead of the virtual
      host because its actually a global logfile, even when it could be used
      only inside a virtual server.  
      [Ralf S. Engelschall]

   *) The expensive operation of generating the temporary RSA key is now done
      before Apache forks the server processes. This speeds up the startup
      phase a little bit.
      [Ralf S. Engelschall]

   *) Added new SSLCACertificateReqFile directive which defaults to the value
      of SSLCACertificateFile. It sets the all-in-one file where one can
      assemble the Certificates of Certification Authorities (CA) whose
      servers you deal with. These are optionally used by the clients for
      SSLv3 Server Authentication to speedup processing. The file is requested
      by the client via the "SSLv3 write certificate request A" for loading
      intermediate CA certificates in the certificate chain (only SSLv3). It
      is simply the concatenation of the various PEM-encoded certification
      files, in order of preference.  
      [Ralf S. Engelschall]

   *) Inlined some functions like init_SSLeay() and init_VerifyType() because
      they were really small functions and only used once in mod_ssl. These
      were stand-alone functions in Apache-SSL without real need.
      [Ralf S. Engelschall]

   *) Made `SSLEnable'/`SSLDisable' directives obsolete by adding the simpler
      `SSEngine on|off'. The old directives are now deprecated but still can
      be used for backward-compatibility with Apache-SSL. Additionally the
      default is now `SSLEngine off' (formerly `SSLDisable') instead of the
      Apache-SSL default of `SSLEngine on'. This breaks a little bit with
      Apache-SSL semantics, but doesn't hurt as much as it sounds.  Because
      people run SSL inside a virtual hosts and thus already have a SSLDisable
      in their main (non-SSL) server. The difference is just that with mod_ssl
      one no longer has to add SSLDisable to all non-SSL virtual hosts (which
      is nasty).  OTOH SSL is an additional feature, so the logic of "disabled
      per default and have to be enabled explicity" is more useful and what is
      expected.
      [Ralf S. Engelschall, Holger Reif]

   *) The "SSL rubbish logfile" of Apache-SSL was now replaced by real
      dedicated SSL logfile which contains no longer "rubbish".  For this the
      logging mechanism in mod_ssl was completely re-written from scratch and
      now looks like this:

      1. `SSLogFile <file>' is optional
      2. `SSLogFile /dev/null' disables the logging _without_ overheads
      3. `SSLLogLevel <level>' controls the degree of verbosity in SSLLogFile
      4. `SSLogLevel none' disables the logging _without_ overheads and is the
         default.
      5. Log messages of type `error' are _always_ duplicated to 
         the Apache general error logfile, even under `SSLLogLevel none'.
      6. The maximum logging can be now achieved by using `SSLLogLevel debug'.

      Additionally obsolete logging stuff from Apache-SSL was removed from the
      source code.  Finally the logfiles in the provided default config were
      changed: ssl_log is now the dedicated SSL protocol logfile (SSLLogFile)
      while the custom logfile (CustomLog) containing only one line per
      request is now named ssl_req_log.
      [Ralf S. Engelschall]
  ____________________________________________________________________________

  Changes with mod_ssl 2.0.5 (18-Aug-1998 to 25-Aug-1998)

   *) Fix per-server configuration structure merging.
      [Ralf S. Engelschall]

   *) Added support for reliable piped logs to SSLLogFile directive which can
      be used to plug-in a filter program which receives the logfile entries.
      [Ralf S. Engelschall]

   *) Removed per-server check for valid SSLVerifyClient argument because in
      mod_ssl it's no longer possible that an invalid argument can exit under
      run-time because the argument is already validated under config-time.
      [Ralf S. Engelschall]

   *) Removed DEBUG_SSLEAY stuff from Apache-SSL because SSL_debug() does no
      longer exist in SSLeay 0.9.x.
      [Ralf S. Engelschall]

   *) Added one more digit at the MOD_SSL define value to indicate beta or
      release versions. The scheme now is the following (only important when
      one has to check against the version of an SSL-aware Apache from within
      an own module): <version>.<revision><type><level> where <version>,
      <revision> and <level> are numbers between 0 and 99 while <type> is
      either `b' (for beta versions) or `.' (for release versions). From
      this the MOD_SSL define is created similar to this command:

          sprintf("%d%02d%c%02d", <version>, <revision>, 
                                  <type> == `b' ? 0 : 1, <level>);

      As an example: the beta version 2.1b3 has MOD_SSL=201003 while
      the release version 2.1.4 has MOD_SSL=201104.
      [Ralf S. Engelschall]

   *) Fixed typos in mod_ssl.html document.
      [Jeff Baker <jeff@godzilla.tamu.edu>, Ralf S. Engelschall]

   *) Fixed typos in mod_ssl.c source.
      [Richard Lee-Morlang <rick@ihermes.com>]

   *) Created two buttons similar to the existing "Includes SSLeay
      encryption software" button: One for Apache ("Powered by Apache
      Webserver Software") and one for mod_ssl ("Secured by mod_ssl
      Interface"). These are now put on the default frontdoor webpage at
      install time.
      [Ralf S. Engelschall]

   *) Removed half done DSO-related stuff from Apache-SSL because it's
      useless.  Why? Because mod_ssl currently _cannot_ be build as a DSO,
      because:

      1. Because SSLeay is directly called from within Apache's buffer code
         (SSL_write/SSL_read) because the Apache API lacks a hook for this.
         But direct calls from the core to modules and libraries is tabu under
         DSO situation.

      2. Because mod_ssl is directly called from within Apache's main loop
         for setting up the SSL protocol after the socket connection was
         established because the Apache API lacks a hook for this.  But
         direct calls from the core to modules and libraries is tabu under
         DSO situation.

      3. Because the pass-phrase dialog can be done only before Apache
         detaches from the terminal. But the general order is this:

           a) ap_read_config (where LoadModule is done)
           b) ap_init_modules (where mod_ssl can do the pass-phrase dialog)
           c) detaching
           d) ap_read_config (where DSOs are unloaded and reloaded)
           e) ap_init_modules (where mod_ssl no longer can do the dialog)

         When mod_ssl is not a DSO it can do the pass-phrase dialog in step
         b), but when it's a DSO (assuming 1. and 2. are already solved) then
         it cannot preserve information between b) and e) because it is
         unloaded in the meantime.

      So, for DSO the Apache kernel has to be bloated up with some more
      features. Currently I want to avoid this because DSO is still not not
      really worth the effort (there are other things which can be improved in
      mod_ssl first). 
      [Ralf S. Engelschall]

  Changes with mod_ssl 2.0.4 (16-Aug-1998 to 18-Aug-1998)

   *) Added VERSIONS file to the distribution which contains the
      release date and version numbers for reference.
      [Ralf S. Engelschall]

   *) Make sure the server.pem certificate files in sysconfdir/sslcerts/ is
      not overridden on APACI re-installs. Now a message simular to other
      existing APACI messages informs the user that his certificates are
      preserved.
      [Ralf S. Engelschall]

   *) Added support for SSL_BASE=SYSTEM which means that SSLeay header files,
      libraries, configuration and binary files were not searched under a
      single SSL_BASE root. Instead they are searched inside the common system
      directories like /etc/, /usr/etc, /lib, /usr/lib, /usr/local/lib,
      /usr/include, etc. pp.
      [Khimenko Victor" <khim@sch57.msk.ru>, Ralf S. Engelschall]

   *) Replaced even more old Apache-SSL relicts to make mod_ssl really secure,
      stable and robust: sprintf -> ap_snprinf, srcpy -> ap_cpystrn, fopen ->
      ap_pfopen. [Ralf S. Engelschall]

   *) Added U.S. export law information to SUPPORT file to make sure
      mailing list users inside the United States remember the U.S. export law.
      [Brian Behlendorf, Ralf S. Engelschall]

  Changes with mod_ssl 2.0.3 (13-Aug-1998 to 16-Aug-1998)

   *) Fixed a view ap_log_error() calls where APLOG_NOERRNO was missing.
      [Ralf S. Engelschall]

   *) For better compatibility with Stronghold and because it is really more
      intuitive we now also provide the CustomLog directives %{subjectdn}c and
      %{issuerdn}c: The (more intuitive) %{subjectdn}c replaced the (confusing)
      %{clientcert}c directive (although %{clientcert}c is still accepted as an
      alias).  And the %{issuerdn}c was added (with the alias %{cacert}c :-( ).
      This way custom logfiles now can contain the certificate issuer as well.
      [Ralf S. Engelschall]

   *) For better configuration sharing with Stronghold (which uses
      the name mod_ssl.c for its module, too) mod_ssl now defines not only the
      C Pre-Processor define MOD_SSL, it now also pre-defines the Apache
      configuration define MOD_SSL. This now can be used with <IfDefine
      MOD_SSL>..</IfDefine> sections without the need to startup Apache
      explicitly with an -DSSL or -DMOD_SSL option. 
      [Ralf S. Engelschall, Dan Peterson <pete@spry.com>]
   
   *) ANSI C doesn't allow one to forward declare an array variable without
      specifying the actual array size. GCC didn't complain, but other vendor
      compilers (like /bin/cc under IRIX) do. This is now fixed by re-ordering
      the definitions in the code to make the forward declaration not
      necessary. [Daniel F. Sully <dsully@nas.nasa.gov>]

   *) Let APACI adjust the port 443 to 8443 when installing under a non-root
      UID similar to what Apache already does with adjusting port 80 to 8080.
      [Tom Vaughan <tvaughan@aventail.com>]

   *) Fix patch tool location for the situation where the user
      has to compile manually the stuff because of platforms errors.
      [Ralf S. Engelschall]

   *) Incorporated changes from Apache-SSL 1.20 to 1.21:
      Was only a single register_cleanup -> ap_register_cleanup rename,
      because all other changes were either already in mod_ssl or will be done
      totally different with the next mod_ssl changes (for instance the
      logging stuff which gets replaced by a more improved version the next
      days - because Ben's idea to now log anything to Apache's error_log
      sounds not reasonable to me).
      [Ralf S. Engelschall]

   *) Fixed variable arg usage in logging functions: va_end was missing.
      [Ralf S. Engelschall]

  Changes with mod_ssl 2.0.2 (11-Aug-1998 to 13-Aug-1998)

   *) Make egrep arguments more safe because they failed under
      Solaris and other platforms. 
      [Kevin Ying <kevin@ns1.interq.or.jp>, Ralf S. Engelschall]

   *) Replaced basename() and dirname() functions in aux/patch/backupfile.c
      to avoid conflicts with glibc2's versions of these functions.
      [Ralf S. Engelschall, Dax Kelson <dkelson@inconnect.com>,
       Tom Vaughan <tvaughan@rehab.in.aventail.com>]

   *) Removed ssl.contrib/ssleay.diff because it was only needed
      for the temporary broken SSLeay 0.9.0b which was staying around on the
      net. [Ralf S. Engelschall]

   *) Now the sslcerts dir is created with permissions 755 and sslkeys 
      with 700 for security reasons.
      [Ralf S. Engelschall]

   *) Now the FAQ inside the mod_ssl.html document has corresponding ToC
      entries. Additionally now the question "What is different between mod_ssl
      and Apache-SSL" is tried to be answered.  And a few hints were added on how
      to check HTTPS manually.
      [Ralf S. Engelschall]

   *) Make the building of the 'patch' tool more robust by checking for
      success and providing a log of the failure. Additionally in case of
      problems the user now can use a --with-patch option to force the usage
      of a vendor patch program.
      [Ralf S. Engelschall]

   *) Cleaned up the gcache stuff even more: reduced #includes
      to minimum and moved some stuff to the header file.
      [Ralf S. Engelschall]

   *) Cleaned up the httpd.conf-dist entries for SSL.
      [Ralf S. Engelschall]

   *) Cleanup mod_log_config.c patch and fixed %{version}c construct:
      It now says "SSLX" even under SSLeay 0.8.0.
      [Ralf S. Engelschall]

   *) Misc. doc ajdustments: Fixed a few comment typos in apache.patch file;
      Added Announcement text as ANNOUNCE file to distribution; Fixed
      hyperlinks in mod_ssl.html document and added more useful hyperlinks to
      the README file.
      [Ralf S. Engelschall]

   *) Replaced a lot of C constructs into shorthand defines to
      make the code even more readable and reviewable: 
      o ``strcmp ... == 0'' -> ``strEQ''
      o ``\0'' -> ``NUL''
      o ``ap_get_module_config(...)'' -> ``myXXConfig''
      o ``ap_overlay_tables'' -> ``cfgMergeTable''
      [Ralf S. Engelschall]

   *) Fixed dependencies in src/modules/ssl/Makefile.tmpl
      [Ralf S. Engelschall]

   *) Add Ben Laurie's copyright message to gcache sources, even when Ben
      missed it here. It's from Ben, so his copyright applies and credit has
      to be given. 
      [Ralf S. Engelschall]

  Changes with mod_ssl 2.0.1 (10-Aug-1998 to 11-Aug-1998)

   *) Minor documentation updates.
      [Ralf S. Engelschall]

   *) Now the ssl.patch/apache.diff file is named ssl.patch/apache.patch
      and contains descriptive annotations for each patches file. This way
      even the patches are easier reviewable.
      [Ralf S. Engelschall]
 
   *) The configure patch was not 100% correct: The SSL has not to be
      disabled for --enable-module=most (where it should be enabled, of
      course). Instead it has to be disabled automatically for
      --enable-shared=max.
      [Ralf S. Engelschall]
  
  Changes with mod_ssl 2.0.0 (April-1998 to 10-Aug-1998)
  
   *) Added "SSL library type" message to the configuration process
      to inform the user how we recognized the SSLeay location.
      [Ralf S. Engelschall]
 
   *) Added support for conf/sslkeys/ directory both to configure
      script, Makefile.tmpl and default config files. Additionally now on
      "make install" the hash symlinks are created and a dummy server cert
      file is skipped.
      [Ralf S. Engelschall]
 
   *) Fixed prop.sh script.
      [Ralf S. Engelschall]
 
   *) Cleaned up mod_ssl.html document for release.
      [Ralf S. Engelschall]
 
   *) Cleaned up the README file and added a situation report
      about the author conflict with Ben.
      [Ralf S. Engelschall]
 
   *) Incorporated changes from Apache-SSL 1.19 to 1.20:
      - Do a cleanup before starting gcache.
        [Ben Laurie <ben@algroup.co.uk>]
      - Make gcache die when httpd dies. 
        This failing in previous versions appears to be a bug in Apache. 
        [Ben Laurie <ben@algroup.co.uk>]
      - Document the biz with passphrases and sleep.
        [Ben Laurie <ben@algroup.co.uk>]
      - Do Apache-SSL on inetd connections.
        [Philippe Vanhaesendonck <pvanhaes@be.oracle.com>]
      ALL OTHER CHANGES BETWEEN APACHE-SSL 1.19 AND 1.20 WERE ALREADY DONE
      FOR MOD_SSL IN THE PAST BY Ralf S. Engelschall. Because it seems Ben
      just has drawn level Apache-SSL with the mod_ssl pre-release I sent to
      him last week.  Hmmmm...
      [Ralf S. Engelschall]
 
   *) Minor cleanups to README and mod_ssl.html file.
      [Ralf S. Engelschall]
 
   *) Now create the CHANGES.SSL in <apache>/src/ instead in <apache>/.
      [Ralf S. Engelschall]
 
   *) Moved patch to a subdir aux/patch/ and added prop.sh for
      a visual process indicator while building the aux tools.
      [Ralf S. Engelschall]
 
   *) Slightly fixed the configure scripts messages
      [Ralf S. Engelschall]
 
   *) Added support for checking the Apache version: Now mod_ssl can
      only be applied to the correct matching Apache source tree.
      [Ralf S. Engelschall]
 
   *) Added configurable support for mod_ssl version strings: Now
      a libssl.version file is created inside src/modules/ssl/ which holds
      the mod_ssl version. From this the libssl.module script creates a
      MOD_SSL_VERSION define holding the value as a string ("X.Y.Z") and a
      MOD_SSL define holding the value with a zero-spaced numerical value
      (XYYZZ). This way the mod_ssl received the string for the Server field
      and other modules can check against certain mod_ssl versions via #ifdef
      or more granular via #if MOD_SSL >= 20000 or whatever.
      [Ralf S. Engelschall]
    
   *) Added support for named to SSLVerifyClient directive: Now the ogly
      numerical levels 0-2 are still valid but can be replaced by better
      readable names: "none", "optional", "require" and "optional_no_ca".
      [Ralf S. Engelschall]
 
   *) Added Makefile for conf/sslcerts/ directory to keep <hash>.0 
      symlinks up-to-date.
      [Ralf S. Engelschall]
 
   *) Translated the FAQ into HTML format and appended it to mod_ssl.html.
      Additionally I created a ca.sign script and a Makefile for sslcert/ in
      relation to the FAQ.
      [Ralf S. Engelschall]
 
   *) Enhanced the logfile support: First I've converted nasty
      fprintf(stderr,..) to ap_log_error() variants. Second I've moved the
      fprintf(pConfig->fileLogfile,...) to ssl_log_own(pConfig,...) calls.
      And third error messages are now consistently prefixed with "mod_ssl:"
      and "SSLeay:" - dependend from which an error comes. And forth I've
      added the word "SSL" to a lot of messages to indicate that the
      SSL-relationship.  Additionally I removed doubled ERR_print_xxx calls.
      [Ralf S. Engelschall]
  
   *) Cleanup up namespace by added lots of `static's, so only the
      module structure and the SSL_HOOK_xxx symbols are now exported.
      [Ralf S. Engelschall]
 
   *) Fixed up Apache API structures for Apache 1.3: added MODULE_VAR_EXPORT
      for consistency and missing module structure dispatch pointers.
      [Ralf S. Engelschall]
       
   *) Completely renamed the functions to use common prefixes which
      indicate their relationship and ordered the functions according to this
      relationship. Additionally a complete list of prototypes is now
      provided in mod_ssl.h. The order of functions now reflects the logical
      order when one wants to review the module: 1. API structures, 2. config
      handing, 3.  directive handling, 4. init functions, 5. API hooks, 6.
      internals, 7.  caching support, 8. logfile support and 9. utility
      functions.  Additionally I cleanup up the namespace of global data
      symbols: They now all have the prefix "_g": bFirstTime -> g_bFirstTime,
      szCacheServerPort -> g_szCacheServerPort, szCacheServerPath ->
      g_szCacheServerPath, s_pServer -> g_pServer.
      [Ralf S. Engelschall]

   *) Now all stuff for SSLEay < 0.8.0 is removed because an #error was
      already given and there is now real need to support these versions any
      longer. As a consequence we now also could remove the CACHE_SESSIONS
      #ifdef mess because  this was enabled for >= 0.8.0 since a long time.
      [Ralf S. Engelschall]

   *) Cleaned up the mess inside ap_config.h where TRUE, FALSE and BOOL
      where globally defined even when they were only used my mod_ssl.  Now
      all stuff mod_ssl needs is inside mod_ssl.h and not spread over the
      Apache sources without need. I've also cleaned up the "uchar"
      definition because this was defined only by coincidence. I've also
      replaced ugly return 0's with return FALSE and -1 by UNSET when the
      context was the one for UNSET (like for VerifyType). Additionally I
      replaced some incorrect declarations (extern uid_t ap_user_id) by
      including the correct header file (http_config_globals.h). In the same
      spirit for cleaness I've replaced the numerical filedescriptor numbers
      by the STDXX_FILENO aliases.
      [Ralf S. Engelschall]

   *) Fixed a nasty bug: When a startup error occured an exit() was done.
      But an already started ssl_gcache program was not terminated because
      the exit() doesn't give Apache a chance to cleanup the pools (where the
      program is registered). Fixed by adding a bunch of ap_clear_pool()
      calls before the exit() calls. Additionally some more missing exit()'s
      were added to config checks. And last but not least a termination
      message is now created by ssl_gcache when it is terminated so one now
      see both the start and the termination of ssl_gcache program in the
      logfiles.
      [Ralf S. Engelschall]
 
   *) Replaced various sprintf()'s by the more safe and correct ap_snprintf()
      variants. Same for fopen() and ap_pfopen() and other such functions.
      [Ralf S. Engelschall]
 
   *) Prefixed all SSLeay function calls with __SSLeay to mark them
      for reviewing. I'm still not happy with this long and ugly reading
      prefix but need to use an initial one which doesn't conflict.
      Additionally I've then grep'ed out all __SSLeay prefixed symbols,
      sorted them by group and inserted them into a README which can help
      identifiying the used SSLeay API functions. The whole intent is
      just to make reviewing of the code more easier, because this is
      really important for security related sources.
      [Ralf S. Engelschall]

   *) A lot of various minor cleanups and fixes: For instance I've corrected the
      directive descriptions, added some descriptive source comments, etc.
      Really to much of these minor cleanups to write them down, sorry.
      [Ralf S. Engelschall]
 
   *) Added an FAQ file, assembled from some information found
      on www.apache-ssl.org
      [Ralf S. Engelschall, Ben Laurie <ben@algroup.co.uk>]

   *) Incorporated the changes between Apache-SSL 1.18-1.19
      [Ben Laurie <ben@algroup.co.uk>]
 
   *) Added back support for the old Apache 1.2 way of configuring and
      building by placing the SSL_BASE into src/Configuration.tmpl and
      providing steps in INSTALL, too.
      [Ralf S. Engelschall]

   *) Added a complete Apache-style mod_ssl.html document which describes all
      mod_ssl directives in detail. I've also painted a nice mod_ssl logo out
      of the old mod_rewrite logo parts and a safety lock which secures the
      feather. The SSLeay logo is also part of the document to give credit.
      [Ralf S. Engelschall]

   *) Added a `configure' frontend script for easy applying the mod_ssl
      source extension and patches to the Apache source tree. It also can
      replace APACI's configure script by running it in the background.
      Additionally a slightly changed GNU patch 2.1 tool is distributed under
      aux/ subdir to make sure the source patching works reliable because
      newer patches have problems with the apache.diff file and some systems
      have no "patch" at all.
      [Ralf S. Engelschall]

   *) Split definitions from mod_ssl.c into own mod_ssl.h and converted all
      source files to the Apache coding styles to be consistent with the
      officially distributed Apache sources.
      [Ralf S. Engelschall]
 
   *) Generation of a certificate is supported via top-level "make
      certificate" which correctly finds SSLeay both when SSLeay tree is the
      source tree or the installed tree.
      [Ralf S. Engelschall]
 
   *) Added SSLNeedsSSL to config files and cleaned up the
      SSL-related stuff at the end of httpd.conf-dist.
      [Ralf S. Engelschall]

   *) Out-of-the-box installation for a SSL-aware Apache is provided by
      automatically installing the certificate and the ssl_gcache program.
      Additionally the SSL-related directives in the extended httpd.conf file
      is adjusted, so one immediately can fire up an SSL-aware httpd.
      [Ralf S. Engelschall]

   *) The name of the binary is now again "httpd" instead of the "httpsd"
      because "httpsd" reads ugly and confuses APACI. And there is no real
      need to distinguish between them, because one still can compile a
      standard Apache even after mod_ssl was applied to the Apache source
      tree. Or why isn't everybody using httppd just because mod_perl is
      built in? Bingo!
      [Ralf S. Engelschall]
 
   *) Added Apache 1.3 Autoconf-style Interface (APACI) support to
      automatically enable the SSL module via --enable-module=ssl.  This also
      triggers the MOD_PERL define, so without this APACI option you still
      can build a standard Apache.
      [Ralf S. Engelschall]

   *) Use the official Apache 1.3 way of adding strings to the
      HTTP Server header: via ap_add_version_component() instead of patching
      the defines in httpd.h.  Additionally it now creates a header like
      ``Server: Apache/1.3.1-dev (Unix) mod_ssl/2.0.0 SSLeay/0.9.0a'' i.e.
      SSLeay is part of the Server header. Because SSLeay's version is more
      important than mod_ssl's.
      [Ralf S. Engelschall]

   *) Removed all broken parts in the original Ben-SSL patch, for instance
      incorrectly added newlines, incorrectly moved SecureWare, etc.
      [Ralf S. Engelschall]

   *) Removed nasty terminal messages like "Skip first time initialization",
      "Launching ....", etc. These can be enabled in the future by using the
      ap_log_error stuff.
      [Ralf S. Engelschall]

   *) Fixed incorrect log_ssl_info prototypes in mod_log_config.c from
      Ben-SSL patch and fixed minor other things.
      [Ralf S. Engelschall]

   *) Cleaned up mod_ssl.c (formerly apache_ssl.c): removed unused variables
      mod_ssl.c, added prototypes, moved extern prototypes. Actually I've
      made it run quietly through ``gcc -Wall -Wshadow -Wpointer-arith
      -Wcast-align -Wmissing-prototypes -Wmissing-declarations
      -Wnested-externs -Winline'', etc.
      [Ralf S. Engelschall]

   *) Renamed apache_ssl.c to mod_ssl.c for consistency and also
      to avoid problems inside APACI. Additionally the APACHE_SSL define was
      renamed to MOD_SSL which is also consistent which the behaviour of
      mod_perl which uses MOD_PERL.
      [Ralf S. Engelschall]

   *) *GENESIS*: Based the complete code on Ben Laurie's latest Apache-SSL
      patch (Ben-SSL) version "apache_1.3.0+ssl_1.18". To avoid confusion and
      to show that its second generation stuff the mod_ssl version starts
      with 2.0.0. I've merged in all my previous work on Apache-SSL for
      Apache 1.3b, i.e. especially the APACI stuff.
      [Ralf S. Engelschall]

