Moved apache-ssl/apache-ssl-1.3.20.2.4.0.ebuild package into

apache/apache-1.3.20 and made it check USE for the presence of "ssl" and
act accordingly. Also updated the REDEPENDS of needed files.

4 files changed, 1534 insertions, 0 deletions

diff --git a/net-www/apache/apache-1.3.20-r1.ebuild b/net-www/apache/apache-1.3.20-r1.ebuild
new file mode 100644
index 000000000000..6606aba45ab3
--- /dev/null
+++ b/net-www/apache/apache-1.3.20-r1.ebuild
@@ -0,0 +1,114 @@
+# Copyright 1999-2000 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License, v2 or later
+# Author Achim Gottinger <achim@gentoo.org>
+# $Header: /var/cvsroot/gentoo-x86/net-www/apache/apache-1.3.20-r1.ebuild,v 1.1 2001/08/28 04:17:27 lamer Exp $
+
+AV="1.3.20"
+MSV="2.8.4"
+
+A="apache_${AV}.tar.gz mod_ssl-${MSV}-${AV}.tar.gz"
+S=${WORKDIR}/apache_${AV}
+DESCRIPTION="The Apache Web Server v1.3.19 with mod_ssl"
+SRC_URI="http://httpd.apache.org/dist/httpd/apache_${AV}.tar.gz
+	 ftp://ftp.modssl.org/source/mod_ssl-${MSV}-${AV}.tar.gz"
+HOMEPAGE="http://www.apache.org http://www.modssl.org"
+
+DEPEND="virtual/glibc
+	>=sys-libs/db-3.2.3h-r3
+	=sys-libs/db-1.85-r1
+	nls? ( >=dev-libs/openssl-0.9.6b )"
+
+
+src_compile() {                           
+   export SSL_BASE=SYSTEM
+	export CFLAGS="${CFLAGS} -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"
+if [ "`use ssl`" ]; then
+   cd ${S}/../mod_ssl-${MSV}-${AV}
+    try ./configure --with-apache=${S} --with-ssl=SYSTEM
+   cd ${S}
+fi
+local myconf
+if [ "`use ssl`" ]; then
+	myconf="--enable-module=ssl"
+fi
+   export RULE_EXPAT=NO
+   try ./configure --prefix=/usr/local/httpd --bindir=/usr/bin \
+	--sbindir=/usr/sbin --datadir=/usr/local/httpd \
+	--sysconfdir=/etc/httpd --libexecdir=/usr/lib/apache \
+	--mandir=/usr/share/man --logfiledir=/var/log/apache --localstatedir=/var/lock \
+	--proxycachedir=/var/cache/httpd --includedir=/usr/include/apache \
+	--enable-module=all \
+	--enable-shared=max --suexec-caller=wwwrun \
+	--suexec-userdir=public_html --suexec-uidmin=96 \
+	--suexec-gidmin=96 --suexec-safepath="/bin:/usr/bin" \
+	--disable-rule=EXPAT --with-perl=/usr/bin/perl ${myconf}
+#	--disable-module=auth_dbm"
+	
+    try make
+if [ "`use ssl`" ]; then
+    try make certificate TYPE=dummy
+fi
+}
+
+src_install() { 
+    try make install-quiet root=${D}
+    dosed "s:/usr/local/bin/perl5:/usr/bin/perl:" /usr/local/httpd/htdocs/manual/search/manual-index.cgi
+    cd ${D}/usr/sbin
+    cp apachectl apachectl.orig
+    sed -e "s:^PIDFILE.*:PIDFILE=/var/run/httpd.pid:" \
+	apachectl.orig > apachectl
+    rm apachectl.orig
+    cd ${S}
+    dodoc ABOUT_APACHE Announcement INSTALL* KEYS LICENSE* README* WARNING*
+if [ "`use ssl`" ];then
+    docinto mod_ssl
+    cd ../mod_ssl-${MSV}-${AV}
+fi
+    dodoc ANNOUNCE CHANGES CREDITS INSTALL* LICENSE NEWS README*
+    dodir /etc/rc.d/init.d
+    cp ${FILESDIR}/httpd.conf ${D}/etc/httpd
+    cp ${FILESDIR}/httpd ${D}/etc/rc.d/init.d
+	 dodir /etc/skel/public_html
+}
+
+pkg_config() {
+
+  source ${ROOT}/etc/rc.d/config/functions
+
+  if [ "$ServerName" = "" ]
+  then
+    ServerName=`uname -n`
+  fi
+  if [ "$ServerAdmin" = "" ]
+
+  then
+    ServerAdmin="webmaster\@$ServerName"
+  fi
+
+  # Make apache start at boot
+  ${ROOT}/usr/sbin/rc-update add httpd
+
+  # Set ServerName and ServerAdmin
+  einfo "Setting Servername to $ServerName..."
+  cp ${ROOT}/etc/httpd/httpd.conf ${ROOT}/etc/httpd/httpd.conf.orig
+  sed -e "s/^\#ServerName.*/ServerName $ServerName/" \
+      -e "s/^ServerName.*/ServerName $ServerName/" \
+      -e "s/^ServerAdmin.*/ServerAdmin $ServerAdmin/" \
+	${ROOT}/etc/httpd/httpd.conf.orig > ${ROOT}/etc/httpd/httpd.conf
+
+}
+
+pkg_prerm() {
+
+  source ${ROOT}/etc/rc.d/config/functions
+  if [ "$ROOT" = "/" ] 
+  then
+    if [ -f /var/run/httpd.pid ]
+    then
+      einfo "Stopping running daemon..."
+      /etc/rc.d/init.d/httpd stop
+    fi
+  fi
+
+}
+
diff --git a/net-www/apache/files/digest-apache-1.3.20-r1 b/net-www/apache/files/digest-apache-1.3.20-r1
new file mode 100644
index 000000000000..f0233c05351f
--- /dev/null
+++ b/net-www/apache/files/digest-apache-1.3.20-r1
@@ -0,0 +1,2 @@
+MD5 d58d373b5f528a61a3490daec5e8f91f apache_1.3.20.tar.gz
+MD5 ff1a548c2387f123a3df4436a1e884f9 mod_ssl-2.8.4-1.3.20.tar.gz
diff --git a/net-www/apache/files/httpd b/net-www/apache/files/httpd
new file mode 100644
index 000000000000..a2d9da0b897c
--- /dev/null
+++ b/net-www/apache/files/httpd
@@ -0,0 +1,121 @@
+#!/bin/sh
+#RCUPDATE:3 4:75:This line is required for script management
+#
+
+. /etc/rc.d/config/functions
+. /etc/rc.d/config/basic
+
+# Apache control script designed to allow an easy command line interface
+# to controlling Apache.  Written by Marc Slemko, 1997/08/23
+# 
+# The exit codes returned are:
+#	0 - operation completed successfully
+#	1 - 
+#	2 - usage error
+#	3 - httpd could not be started
+#	4 - httpd could not be stopped
+#	5 - httpd could not be started during a restart
+#	6 - httpd could not be restarted during a restart
+#	7 - httpd could not be restarted during a graceful restart
+#	8 - configuration syntax error
+#
+# When multiple arguments are given, only the error from the _last_
+# one is reported.  Run "apachectl help" for usage info
+#
+#
+# |||||||||||||||||||| START CONFIGURATION SECTION  ||||||||||||||||||||
+# --------------------                              --------------------
+# 
+# the path to your PID file
+PIDFILE=/var/run/httpd.pid
+#
+# the path to your httpd binary, including options if necessary
+HTTPD=/usr/sbin/httpd
+#
+# a command that outputs a formatted text version of the HTML at the
+# url given on the command line.  Designed for lynx, however other
+# programs may work.  
+LYNX="lynx -dump"
+#
+# the URL to your server's mod_status status page.  If you do not
+# have one, then status and fullstatus will not work.
+STATUSURL="http://localhost/server-status"
+#
+# --------------------                              --------------------
+# ||||||||||||||||||||   END CONFIGURATION SECTION  ||||||||||||||||||||
+
+ERROR=0
+ARGV="$@"
+
+if [ "x$ARGV" = "x" ] ; then 
+    ARGS="help"
+fi
+
+RUNNING=0
+check_pid() {
+
+    # check for pidfile
+    if [ -f $PIDFILE ] ; then
+	PID=`cat $PIDFILE`
+	if [ "x$PID" != "x" ] && kill -0 $PID 2>/dev/null ; then
+	    STATUS="httpd (pid $PID) running"
+	    RUNNING=1
+	else
+	    STATUS="httpd (pid $PID?) not running"
+	    RUNNING=0
+	fi
+    else
+	STATUS="httpd (no pid file) not running"
+	RUNNING=0
+    fi
+}
+
+SERVICE="Apache Webserver"
+opts="start stop restart status"
+
+start() {
+        check_pid
+	if [ $RUNNING -eq 1 ]; then
+	    echo "$0 $ARG: httpd (pid $PID) already running"
+	    break
+	fi
+	ebegin "Starting service $SERVICE"
+	start-stop-daemon --quiet --start --exec $HTTPD -- $HTTPD_OPTS 1>&2
+	eend $? "Error starting $SERVICE"
+}
+
+stop() {
+	check_pid
+	if [ $RUNNING -eq 0 ]; then
+	    echo "$0 $ARG: $STATUS"
+	fi
+	ebegin "Stopping service $SERVICE"
+	start-stop-daemon --quiet --stop --pid $PIDFILE 1>&2
+	eend $? "Error stopping $SERVICE"
+}
+
+restart () {
+
+	stop
+	start
+
+}
+ 
+status() {
+	$LYNX $STATUSURL | awk ' /process$/ { print; exit } { print } '
+}
+
+fullstatus () {
+	$LYNX $STATUSURL
+}
+
+configtest () {
+	if $HTTPD -t; then
+	    :
+	else
+	    ERROR=8
+	fi
+}
+
+doservice ${@}
+
diff --git a/net-www/apache/files/httpd.conf b/net-www/apache/files/httpd.conf
new file mode 100644
index 000000000000..d08ecac80c78
--- /dev/null
+++ b/net-www/apache/files/httpd.conf
@@ -0,0 +1,1297 @@
+##
+## httpd.conf -- Apache HTTP server configuration file
+##
+
+#
+# Based upon the NCSA server configuration files originally by Rob McCool.
+#
+# This is the main Apache server configuration file.  It contains the
+# configuration directives that give the server its instructions.
+# See <URL:http://www.apache.org/docs/> for detailed information about
+# the directives.
+#
+# Do NOT simply read the instructions in here without understanding
+# what they do.  They're here only as hints or reminders.  If you are unsure
+# consult the online docs. You have been warned.  
+#
+# After this file is processed, the server will look for and process
+# /usr/local/httpd/conf/srm.conf and then /usr/local/httpd/conf/access.conf
+# unless you have overridden these with ResourceConfig and/or
+# AccessConfig directives here.
+#
+# The configuration directives are grouped into three basic sections:
+#  1. Directives that control the operation of the Apache server process as a
+#     whole (the 'global environment').
+#  2. Directives that define the parameters of the 'main' or 'default' server,
+#     which responds to requests that aren't handled by a virtual host.
+#     These directives also provide default values for the settings
+#     of all virtual hosts.
+#  3. Settings for virtual hosts, which allow Web requests to be sent to
+#     different IP addresses or hostnames and have them handled by the
+#     same Apache server process.
+#
+# Configuration and logfile names: If the filenames you specify for many
+# of the server's control files begin with "/" (or "drive:/" for Win32), the
+# server will use that explicit path.  If the filenames do *not* begin
+# with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
+# with ServerRoot set to "/usr/local/apache" will be interpreted by the
+# server as "/usr/local/apache/logs/foo.log".
+#
+
+### Section 1: Global Environment
+#
+# The directives in this section affect the overall operation of Apache,
+# such as the number of concurrent requests it can handle or where it
+# can find its configuration files.
+#
+
+#
+# ServerType is either inetd, or standalone.  Inetd mode is only supported on
+# Unix platforms.
+#
+ServerType standalone
+
+#
+# ServerRoot: The top of the directory tree under which the server's
+# configuration, error, and log files are kept.
+#
+# NOTE!  If you intend to place this on an NFS (or otherwise network)
+# mounted filesystem then please read the LockFile documentation
+# (available at <URL:http://www.apache.org/docs/mod/core.html#lockfile>);
+# you will save yourself a lot of trouble.
+#
+# Do NOT add a slash at the end of the directory path.
+#
+ServerRoot "/usr/local/httpd"
+
+#
+# The LockFile directive sets the path to the lockfile used when Apache
+# is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or
+# USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at
+# its default value. The main reason for changing it is if the logs
+# directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL
+# DISK. The PID of the main server process is automatically appended to
+# the filename. 
+#
+#LockFile /var/log/apache/httpd.lock
+
+#
+# PidFile: The file in which the server should record its process
+# identification number when it starts.
+#
+PidFile /var/run/httpd.pid
+
+#
+# ScoreBoardFile: File used to store internal server process information.
+# Not all architectures require this.  But if yours does (you'll know because
+# this file will be  created when you run Apache) then you *must* ensure that
+# no two invocations of Apache share the same scoreboard file.
+#
+ScoreBoardFile /var/log/apache/httpd.scoreboard
+
+#
+# In the standard configuration, the server will process this file,
+# srm.conf, and access.conf in that order.  The latter two files are
+# now distributed empty, as it is recommended that all directives
+# be kept in a single file for simplicity.  The commented-out values
+# below are the built-in defaults.  You can have the server ignore
+# these files altogether by using "/dev/null" (for Unix) or
+# "nul" (for Win32) for the arguments to the directives.
+#
+#ResourceConfig conf/srm.conf
+#AccessConfig conf/access.conf
+
+#
+# Timeout: The number of seconds before receives and sends time out.
+#
+Timeout 300
+
+#
+# KeepAlive: Whether or not to allow persistent connections (more than
+# one request per connection). Set to "Off" to deactivate.
+#
+KeepAlive On
+
+#
+# MaxKeepAliveRequests: The maximum number of requests to allow
+# during a persistent connection. Set to 0 to allow an unlimited amount.
+# We recommend you leave this number high, for maximum performance.
+#
+MaxKeepAliveRequests 100
+
+#
+# KeepAliveTimeout: Number of seconds to wait for the next request from the
+# same client on the same connection.
+#
+KeepAliveTimeout 15
+
+#
+# Server-pool size regulation.  Rather than making you guess how many
+# server processes you need, Apache dynamically adapts to the load it
+# sees --- that is, it tries to maintain enough server processes to
+# handle the current load, plus a few spare servers to handle transient
+# load spikes (e.g., multiple simultaneous requests from a single
+# Netscape browser).
+#
+# It does this by periodically checking how many servers are waiting
+# for a request.  If there are fewer than MinSpareServers, it creates
+# a new spare.  If there are more than MaxSpareServers, some of the
+# spares die off.  The default values are probably OK for most sites.
+#
+MinSpareServers 5
+MaxSpareServers 10
+
+#
+# Number of servers to start initially --- should be a reasonable ballpark
+# figure.
+#
+StartServers 5
+
+#
+# Limit on total number of servers running, i.e., limit on the number
+# of clients who can simultaneously connect --- if this limit is ever
+# reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW.
+# It is intended mainly as a brake to keep a runaway server from taking
+# the system with it as it spirals down...
+#
+MaxClients 150
+
+#
+# MaxRequestsPerChild: the number of requests each child process is
+# allowed to process before the child dies.  The child will exit so
+# as to avoid problems after prolonged use when Apache (and maybe the
+# libraries it uses) leak memory or other resources.  On most systems, this
+# isn't really needed, but a few (such as Solaris) do have notable leaks
+# in the libraries. For these platforms, set to something like 10000
+# or so; a setting of 0 means unlimited.
+#
+# NOTE: This value does not include keepalive requests after the initial
+#       request per connection. For example, if a child process handles
+#       an initial request and 10 subsequent "keptalive" requests, it
+#       would only count as 1 request towards this limit.
+#
+MaxRequestsPerChild 0
+
+#
+# Listen: Allows you to bind Apache to specific IP addresses and/or
+# ports, in addition to the default. See also the <VirtualHost>
+# directive.
+#
+#Listen 3000
+#Listen 12.34.56.78:80
+
+#
+# BindAddress: You can support virtual hosts with this option. This directive
+# is used to tell the server which IP address to listen to. It can either
+# contain "*", an IP address, or a fully qualified Internet domain name.
+# See also the <VirtualHost> and Listen directives.
+#
+#BindAddress *
+
+#
+# Dynamic Shared Object (DSO) Support
+#
+# To be able to use the functionality of a module which was built as a DSO you
+# have to place corresponding `LoadModule' lines at this location so the
+# directives contained in it are actually available _before_ they are used.
+# Please read the file README.DSO in the Apache 1.3 distribution for more
+# details about the DSO mechanism and run `httpd -l' for the list of already
+# built-in (statically linked and thus always available) modules in your httpd
+# binary.
+#
+# Note: The order is which modules are loaded is important.  Don't change
+# the order below without expert advice.
+#
+# Example:
+# LoadModule foo_module libexec/mod_foo.so
+LoadModule mmap_static_module /usr/lib/apache/mod_mmap_static.so
+LoadModule vhost_alias_module /usr/lib/apache/mod_vhost_alias.so
+LoadModule env_module         /usr/lib/apache/mod_env.so
+LoadModule define_module      /usr/lib/apache/mod_define.so
+LoadModule config_log_module  /usr/lib/apache/mod_log_config.so
+LoadModule agent_log_module   /usr/lib/apache/mod_log_agent.so
+LoadModule referer_log_module /usr/lib/apache/mod_log_referer.so
+LoadModule mime_magic_module  /usr/lib/apache/mod_mime_magic.so
+LoadModule mime_module        /usr/lib/apache/mod_mime.so
+LoadModule negotiation_module /usr/lib/apache/mod_negotiation.so
+LoadModule status_module      /usr/lib/apache/mod_status.so
+LoadModule info_module        /usr/lib/apache/mod_info.so
+LoadModule includes_module    /usr/lib/apache/mod_include.so
+LoadModule autoindex_module   /usr/lib/apache/mod_autoindex.so
+LoadModule dir_module         /usr/lib/apache/mod_dir.so
+LoadModule cgi_module         /usr/lib/apache/mod_cgi.so
+LoadModule asis_module        /usr/lib/apache/mod_asis.so
+LoadModule imap_module        /usr/lib/apache/mod_imap.so
+LoadModule action_module      /usr/lib/apache/mod_actions.so
+LoadModule speling_module     /usr/lib/apache/mod_speling.so
+LoadModule userdir_module     /usr/lib/apache/mod_userdir.so
+LoadModule alias_module       /usr/lib/apache/mod_alias.so
+LoadModule rewrite_module     /usr/lib/apache/mod_rewrite.so
+LoadModule access_module      /usr/lib/apache/mod_access.so
+LoadModule auth_module        /usr/lib/apache/mod_auth.so
+LoadModule anon_auth_module   /usr/lib/apache/mod_auth_anon.so
+LoadModule dbm_auth_module    /usr/lib/apache/mod_auth_dbm.so
+LoadModule db_auth_module     /usr/lib/apache/mod_auth_db.so
+LoadModule digest_module      /usr/lib/apache/mod_digest.so
+LoadModule proxy_module       /usr/lib/apache/libproxy.so
+LoadModule cern_meta_module   /usr/lib/apache/mod_cern_meta.so
+LoadModule expires_module     /usr/lib/apache/mod_expires.so
+LoadModule headers_module     /usr/lib/apache/mod_headers.so
+LoadModule usertrack_module   /usr/lib/apache/mod_usertrack.so
+LoadModule example_module     /usr/lib/apache/mod_example.so
+LoadModule unique_id_module   /usr/lib/apache/mod_unique_id.so
+LoadModule setenvif_module    /usr/lib/apache/mod_setenvif.so
+
+<IfDefine PERL>
+LoadModule perl_module	      /usr/lib/apache/libperl.so
+</IfDefine>
+<IfDefine PHP4>
+LoadModule php4_module	      /usr/lib/apache/libphp4.so
+</IfDefine>
+<IfDefine SSL>
+LoadModule ssl_module         /usr/lib/apache/libssl.so
+</IfDefine>
+
+#  Reconstruction of the complete module list from all available modules
+#  (static and shared ones) to achieve correct module execution order.
+#  [WHENEVER YOU CHANGE THE LOADMODULE SECTION ABOVE UPDATE THIS, TOO]
+ClearModuleList
+AddModule mod_mmap_static.c
+AddModule mod_vhost_alias.c
+AddModule mod_env.c
+AddModule mod_define.c
+AddModule mod_log_config.c
+AddModule mod_log_agent.c
+AddModule mod_log_referer.c
+AddModule mod_mime_magic.c
+AddModule mod_mime.c
+AddModule mod_negotiation.c
+AddModule mod_status.c
+AddModule mod_info.c
+AddModule mod_include.c
+AddModule mod_autoindex.c
+AddModule mod_dir.c
+AddModule mod_cgi.c
+AddModule mod_asis.c
+AddModule mod_imap.c
+AddModule mod_actions.c
+AddModule mod_speling.c
+AddModule mod_userdir.c
+AddModule mod_alias.c
+AddModule mod_rewrite.c
+AddModule mod_access.c
+AddModule mod_auth.c
+AddModule mod_auth_anon.c
+AddModule mod_auth_dbm.c
+AddModule mod_auth_db.c
+AddModule mod_digest.c
+AddModule mod_proxy.c
+AddModule mod_cern_meta.c
+AddModule mod_expires.c
+AddModule mod_headers.c
+AddModule mod_usertrack.c
+AddModule mod_example.c
+AddModule mod_unique_id.c
+AddModule mod_so.c
+AddModule mod_setenvif.c
+<IfDefine PHP4>
+AddModule mod_php4.c
+</IfDefine>
+<IfDefine PERL>
+AddModule mod_perl.c
+</IfDefine>
+<IfDefine SSL>
+AddModule mod_ssl.c
+</IfDefine>
+
+#
+# ExtendedStatus controls whether Apache will generate "full" status
+# information (ExtendedStatus On) or just basic information (ExtendedStatus
+# Off) when the "server-status" handler is called. The default is Off.
+#
+#ExtendedStatus On
+
+### Section 2: 'Main' server configuration
+#
+# The directives in this section set up the values used by the 'main'
+# server, which responds to any requests that aren't handled by a
+# <VirtualHost> definition.  These values also provide defaults for
+# any <VirtualHost> containers you may define later in the file.
+#
+# All of these directives may appear inside <VirtualHost> containers,
+# in which case these default settings will be overridden for the
+# virtual host being defined.
+#
+
+#
+# If your ServerType directive (set earlier in the 'Global Environment'
+# section) is set to "inetd", the next few directives don't have any
+# effect since their settings are defined by the inetd configuration.
+# Skip ahead to the ServerAdmin directive.
+#
+
+#
+# Port: The port to which the standalone server listens. For
+# ports < 1023, you will need httpd to be run as root initially.
+#
+Port 80
+
+##
+##  SSL Support
+##
+##  When we also provide SSL we have to listen to the 
+##  standard HTTP port (see above) and to the HTTPS port
+##
+<IfDefine SSL>
+Listen 80
+Listen 443
+</IfDefine>
+
+#
+# If you wish httpd to run as a different user or group, you must run
+# httpd as root initially and it will switch.  
+#
+# User/Group: The name (or #number) of the user/group to run httpd as.
+#  . On SCO (ODT 3) use "User nouser" and "Group nogroup".
+#  . On HPUX you may not be able to use shared memory as nobody, and the
+#    suggested workaround is to create a user www and use that user.
+#  NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
+#  when the value of (unsigned)Group is above 60000; 
+#  don't use Group nobody on these systems!
+#
+User nobody
+Group nobody
+
+#
+# ServerAdmin: Your address, where problems with the server should be
+# e-mailed.  This address appears on some server-generated pages, such
+# as error documents.
+#
+ServerAdmin webmaster@linux.bagwan
+
+#
+# ServerName allows you to set a host name which is sent back to clients for
+# your server if it's different than the one the program would get (i.e., use
+# "www" instead of the host's real name).
+#
+# Note: You cannot just invent host names and hope they work. The name you 
+# define here must be a valid DNS name for your host. If you don't understand
+# this, ask your network administrator.
+# If your host doesn't have a registered DNS name, enter its IP address here.
+# You will have to access it by its address (e.g., http://123.45.67.89/)
+# anyway, and this will make redirections work in a sensible way.
+#
+#ServerName linux
+
+#
+# DocumentRoot: The directory out of which you will serve your
+# documents. By default, all requests are taken from this directory, but
+# symbolic links and aliases may be used to point to other locations.
+#
+DocumentRoot "/usr/local/httpd/htdocs"
+
+#
+# Each directory to which Apache has access, can be configured with respect
+# to which services and features are allowed and/or disabled in that
+# directory (and its subdirectories). 
+#
+# First, we configure the "default" to be a very restrictive set of 
+# permissions.  
+#
+<Directory />
+    Options FollowSymLinks
+    AllowOverride None
+</Directory>
+
+#
+# Note that from this point forward you must specifically allow
+# particular features to be enabled - so if something's not working as
+# you might expect, make sure that you have specifically enabled it
+# below.
+#
+
+#
+# This should be changed to whatever you set DocumentRoot to.
+#
+<Directory "/usr/local/httpd/htdocs">
+
+#
+# This may also be "None", "All", or any combination of "Indexes",
+# "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
+#
+# Note that "MultiViews" must be named *explicitly* --- "Options All"
+# doesn't give it to you.
+#
+    Options Indexes FollowSymLinks MultiViews
+
+#
+# This controls which options the .htaccess files in directories can
+# override. Can also be "All", or any combination of "Options", "FileInfo", 
+# "AuthConfig", and "Limit"
+#
+    AllowOverride None
+
+#
+# Controls who can get stuff from this server.
+#
+    Order allow,deny
+    Allow from all
+</Directory>
+
+#
+# UserDir: The name of the directory which is appended onto a user's home
+# directory if a ~user request is received.
+#
+<IfModule mod_userdir.c>
+    UserDir public_html
+</IfModule>
+
+#
+# Control access to UserDir directories.  The following is an example
+# for a site where these directories are restricted to read-only.
+#
+#<Directory /home/*/public_html>
+#    AllowOverride FileInfo AuthConfig Limit
+#    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
+#    <Limit GET POST OPTIONS PROPFIND>
+#        Order allow,deny
+#        Allow from all
+#    </Limit>
+#    <LimitExcept GET POST OPTIONS PROPFIND>
+#        Order deny,allow
+#        Deny from all
+#    </LimitExcept>
+#</Directory>
+
+#
+# DirectoryIndex: Name of the file or files to use as a pre-written HTML
+# directory index.  Separate multiple entries with spaces.
+#
+<IfModule mod_dir.c>
+    DirectoryIndex index.html index.htm
+</IfModule>
+
+#
+# AccessFileName: The name of the file to look for in each directory
+# for access control information.
+#
+AccessFileName .htaccess
+
+#
+# The following lines prevent .htaccess files from being viewed by
+# Web clients.  Since .htaccess files often contain authorization
+# information, access is disallowed for security reasons.  Comment
+# these lines out if you want Web visitors to see the contents of
+# .htaccess files.  If you change the AccessFileName directive above,
+# be sure to make the corresponding changes here.
+#
+# Also, folks tend to use names such as .htpasswd for password
+# files, so this will protect those as well.
+#
+<Files ~ "^\.ht">
+    Order allow,deny
+    Deny from all
+</Files>
+
+#
+# CacheNegotiatedDocs: By default, Apache sends "Pragma: no-cache" with each
+# document that was negotiated on the basis of content. This asks proxy
+# servers not to cache the document. Uncommenting the following line disables
+# this behavior, and proxies will be allowed to cache the documents.
+#
+#CacheNegotiatedDocs
+
+#
+# UseCanonicalName:  (new for 1.3)  With this setting turned on, whenever
+# Apache needs to construct a self-referencing URL (a URL that refers back
+# to the server the response is coming from) it will use ServerName and
+# Port to form a "canonical" name.  With this setting off, Apache will
+# use the hostname:port that the client supplied, when possible.  This
+# also affects SERVER_NAME and SERVER_PORT in CGI scripts.
+#
+UseCanonicalName On
+
+#
+# TypesConfig describes where the mime.types file (or equivalent) is
+# to be found.
+#
+<IfModule mod_mime.c>
+    TypesConfig /etc/httpd/mime.types
+</IfModule>
+
+#
+# DefaultType is the default MIME type the server will use for a document
+# if it cannot otherwise determine one, such as from filename extensions.
+# If your server contains mostly text or HTML documents, "text/plain" is
+# a good value.  If most of your content is binary, such as applications
+# or images, you may want to use "application/octet-stream" instead to
+# keep browsers from trying to display binary files as though they are
+# text.
+#
+DefaultType text/plain
+
+#
+# The mod_mime_magic module allows the server to use various hints from the
+# contents of the file itself to determine its type.  The MIMEMagicFile
+# directive tells the module where the hint definitions are located.
+# mod_mime_magic is not part of the default server (you have to add
+# it yourself with a LoadModule [see the DSO paragraph in the 'Global
+# Environment' section], or recompile the server and include mod_mime_magic
+# as part of the configuration), so it's enclosed in an <IfModule> container.
+# This means that the MIMEMagicFile directive will only be processed if the
+# module is part of the server.
+#
+<IfModule mod_mime_magic.c>
+    MIMEMagicFile /etc/httpd/magic
+</IfModule>
+
+#
+# HostnameLookups: Log the names of clients or just their IP addresses
+# e.g., www.apache.org (on) or 204.62.129.132 (off).
+# The default is off because it'd be overall better for the net if people
+# had to knowingly turn this feature on, since enabling it means that
+# each client request will result in AT LEAST one lookup request to the
+# nameserver.
+#
+HostnameLookups Off
+
+#
+# ErrorLog: The location of the error log file.
+# If you do not specify an ErrorLog directive within a <VirtualHost>
+# container, error messages relating to that virtual host will be
+# logged here.  If you *do* define an error logfile for a <VirtualHost>
+# container, that host's errors will be logged there and not here.
+#
+ErrorLog /var/log/apache/error_log
+
+#
+# LogLevel: Control the number of messages logged to the error_log.
+# Possible values include: debug, info, notice, warn, error, crit,
+# alert, emerg.
+#
+LogLevel warn
+
+#
+# The following directives define some format nicknames for use with
+# a CustomLog directive (see below).
+#
+LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %b" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+
+#
+# The location and format of the access logfile (Common Logfile Format).
+# If you do not define any access logfiles within a <VirtualHost>
+# container, they will be logged here.  Contrariwise, if you *do*
+# define per-<VirtualHost> access logfiles, transactions will be
+# logged therein and *not* in this file.
+#
+CustomLog /var/log/apache/access_log common
+
+#
+# If you would like to have agent and referer logfiles, uncomment the
+# following directives.
+#
+#CustomLog /var/log/apache/referer_log referer
+#CustomLog /var/log/apache/agent_log agent
+
+#
+# If you prefer a single logfile with access, agent, and referer information
+# (Combined Logfile Format) you can use the following directive.
+#
+#CustomLog /var/log/apache/access_log combined
+
+#
+# Optionally add a line containing the server version and virtual host
+# name to server-generated pages (error documents, FTP directory listings,
+# mod_status and mod_info output etc., but not CGI generated documents).
+# Set to "EMail" to also include a mailto: link to the ServerAdmin.
+# Set to one of:  On | Off | EMail
+#
+ServerSignature On
+
+#
+# Aliases: Add here as many aliases as you need (with no limit). The format is 
+# Alias fakename realname
+#
+<IfModule mod_alias.c>
+
+    #
+    # Note that if you include a trailing / on fakename then the server will
+    # require it to be present in the URL.  So "/icons" isn't aliased in this
+    # example, only "/icons/"..
+    #
+    Alias /icons/ "/usr/local/httpd/icons/"
+
+    <Directory "/usr/local/httpd/icons">
+        Options Indexes MultiViews
+        AllowOverride None
+        Order allow,deny
+        Allow from all
+    </Directory>
+
+    #
+    # ScriptAlias: This controls which directories contain server scripts.
+    # ScriptAliases are essentially the same as Aliases, except that
+    # documents in the realname directory are treated as applications and
+    # run by the server when requested rather than as documents sent to the client.
+    # The same rules about trailing "/" apply to ScriptAlias directives as to
+    # Alias.
+    #
+    ScriptAlias /cgi-bin/ "/usr/local/httpd/cgi-bin/"
+
+    #
+    # "/usr/local/httpd/cgi-bin" should be changed to whatever your ScriptAliased
+    # CGI directory exists, if you have that configured.
+    #
+    <Directory "/usr/local/httpd/cgi-bin">
+        AllowOverride None
+        Options None
+        Order allow,deny
+        Allow from all
+    </Directory>
+
+</IfModule>
+<IfModule mod_perl.c>
+PerlHandler Apache::Registry
+PerlSendHeader On
+</IfModule>
+
+# End of aliases.
+
+#
+# Redirect allows you to tell clients about documents which used to exist in
+# your server's namespace, but do not anymore. This allows you to tell the
+# clients where to look for the relocated document.
+# Format: Redirect old-URI new-URL
+#
+
+#
+# Directives controlling the display of server-generated directory listings.
+#
+<IfModule mod_autoindex.c>
+
+    #
+    # FancyIndexing is whether you want fancy directory indexing or standard
+    #
+    IndexOptions FancyIndexing
+
+    #
+    # AddIcon* directives tell the server which icon to show for different
+    # files or filename extensions.  These are only displayed for
+    # FancyIndexed directories.
+    #
+    AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
+
+    AddIconByType (TXT,/icons/text.gif) text/*
+    AddIconByType (IMG,/icons/image2.gif) image/*
+    AddIconByType (SND,/icons/sound2.gif) audio/*
+    AddIconByType (VID,/icons/movie.gif) video/*
+
+    AddIcon /icons/binary.gif .bin .exe
+    AddIcon /icons/binhex.gif .hqx
+    AddIcon /icons/tar.gif .tar
+    AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
+    AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
+    AddIcon /icons/a.gif .ps .ai .eps
+    AddIcon /icons/layout.gif .html .shtml .htm .pdf
+    AddIcon /icons/text.gif .txt
+    AddIcon /icons/c.gif .c
+    AddIcon /icons/p.gif .pl .py
+    AddIcon /icons/f.gif .for
+    AddIcon /icons/dvi.gif .dvi
+    AddIcon /icons/uuencoded.gif .uu
+    AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
+    AddIcon /icons/tex.gif .tex
+    AddIcon /icons/bomb.gif core
+
+    AddIcon /icons/back.gif ..
+    AddIcon /icons/hand.right.gif README
+    AddIcon /icons/folder.gif ^^DIRECTORY^^
+    AddIcon /icons/blank.gif ^^BLANKICON^^
+
+    #
+    # DefaultIcon is which icon to show for files which do not have an icon
+    # explicitly set.
+    #
+    DefaultIcon /icons/unknown.gif
+
+    #
+    # AddDescription allows you to place a short description after a file in
+    # server-generated indexes.  These are only displayed for FancyIndexed
+    # directories.
+    # Format: AddDescription "description" filename
+    #
+    #AddDescription "GZIP compressed document" .gz
+    #AddDescription "tar archive" .tar
+    #AddDescription "GZIP compressed tar archive" .tgz
+
+    #
+    # ReadmeName is the name of the README file the server will look for by
+    # default, and append to directory listings.
+    #
+    # HeaderName is the name of a file which should be prepended to
+    # directory indexes. 
+    #
+    # If MultiViews are amongst the Options in effect, the server will
+    # first look for name.html and include it if found.  If name.html
+    # doesn't exist, the server will then look for name.txt and include
+    # it as plaintext if found.
+    #
+    ReadmeName README
+    HeaderName HEADER
+
+    #
+    # IndexIgnore is a set of filenames which directory indexing should ignore
+    # and not include in the listing.  Shell-style wildcarding is permitted.
+    #
+    IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
+
+</IfModule>
+# End of indexing directives.
+
+#
+# Document types.
+#
+<IfModule mod_mime.c>
+
+    #
+    # AddEncoding allows you to have certain browsers (Mosaic/X 2.1+) uncompress
+    # information on the fly. Note: Not all browsers support this.
+    # Despite the name similarity, the following Add* directives have nothing
+    # to do with the FancyIndexing customization directives above.
+    #
+    AddEncoding x-compress Z
+    AddEncoding x-gzip gz tgz
+
+    #
+    # AddLanguage allows you to specify the language of a document. You can
+    # then use content negotiation to give a browser a file in a language
+    # it can understand.  
+    #
+    # Note 1: The suffix does not have to be the same as the language 
+    # keyword --- those with documents in Polish (whose net-standard 
+    # language code is pl) may wish to use "AddLanguage pl .po" to 
+    # avoid the ambiguity with the common suffix for perl scripts.
+    #
+    # Note 2: The example entries below illustrate that in quite
+    # some cases the two character 'Language' abbriviation is not
+    # identical to the two character 'Country' code for its country,
+    # E.g. 'Danmark/dk' versus 'Danish/da'.
+    #
+    # Note 3: In the case of 'ltz' we violate the RFC by using a three char 
+    # specifier. But there is 'work in progress' to fix this and get 
+    # the reference data for rfc1766 cleaned up.
+    #
+    # Danish (da) - Dutch (nl) - English (en) - Estonian (ee)
+    # French (fr) - German (de) - Greek-Modern (el)
+    # Italian (it) - Portugese (pt) - Luxembourgeois* (ltz)
+    # Spanish (es) - Swedish (sv) - Catalan (ca) - Czech(cz)
+    # Polish (pl) - Brazilian Portuguese (pt-br) - Japanese (ja)
+    #
+    AddLanguage da .dk
+    AddLanguage nl .nl
+    AddLanguage en .en
+    AddLanguage et .ee
+    AddLanguage fr .fr
+    AddLanguage de .de
+    AddLanguage el .el
+    AddLanguage it .it
+    AddLanguage ja .ja
+    AddCharset ISO-2022-JP .jis
+    AddLanguage pl .po
+    AddCharset ISO-8859-2 .iso-pl
+    AddLanguage pt .pt
+    AddLanguage pt-br .pt-br
+    AddLanguage ltz .lu
+    AddLanguage ca .ca
+    AddLanguage es .es
+    AddLanguage sv .se
+    AddLanguage cz .cz
+
+    # LanguagePriority allows you to give precedence to some languages
+    # in case of a tie during content negotiation.
+    #
+    # Just list the languages in decreasing order of preference. We have
+    # more or less alphabetized them here. You probably want to change this.
+    #
+    <IfModule mod_negotiation.c>
+        LanguagePriority en da nl et fr de el it ja pl pt pt-br ltz ca es sv
+    </IfModule>
+
+    #
+    # AddType allows you to tweak mime.types without actually editing it, or to
+    # make certain files to be certain types.
+    #
+    # For example, the PHP 3.x module (not part of the Apache distribution - see
+    # http://www.php.net) will typically use:
+    #
+    <IfDefine PHP3>
+    AddType application/x-httpd-php3 .php3
+    AddType application/x-httpd-php3-source .php3s
+    </IfDefine>
+    #
+    # And for PHP 4.x, use:
+    #
+    <IfDefine PHP4>
+    AddType application/x-httpd-php .php
+    AddType application/x-httpd-php-source .phps
+    </IfDefine>
+
+    AddType application/x-tar .tgz
+
+    #
+    # AddHandler allows you to map certain file extensions to "handlers",
+    # actions unrelated to filetype. These can be either built into the server
+    # or added with the Action command (see below)
+    #
+    # If you want to use server side includes, or CGI outside
+    # ScriptAliased directories, uncomment the following lines.
+    #
+    # To use CGI scripts:
+    #
+    #AddHandler cgi-script .cgi
+
+    #
+    # To use server-parsed HTML files
+    #
+    #AddType text/html .shtml
+    #AddHandler server-parsed .shtml
+
+    #
+    # Uncomment the following line to enable Apache's send-asis HTTP file
+    # feature
+    #
+    #AddHandler send-as-is asis
+
+    #
+    # If you wish to use server-parsed imagemap files, use
+    #
+    #AddHandler imap-file map
+
+    #
+    # To enable type maps, you might want to use
+    #
+    #AddHandler type-map var
+
+</IfModule>
+# End of document types.
+
+#
+# Action lets you define media types that will execute a script whenever
+# a matching file is called. This eliminates the need for repeated URL
+# pathnames for oft-used CGI file processors.
+# Format: Action media/type /cgi-script/location
+# Format: Action handler-name /cgi-script/location
+#
+
+#
+# MetaDir: specifies the name of the directory in which Apache can find
+# meta information files. These files contain additional HTTP headers
+# to include when sending the document
+#
+#MetaDir .web
+
+#
+# MetaSuffix: specifies the file name suffix for the file containing the
+# meta information.
+#
+#MetaSuffix .meta
+
+#
+# Customizable error response (Apache style)
+#  these come in three flavors
+#
+#    1) plain text
+#ErrorDocument 500 "The server made a boo boo.
+#  n.b.  the (") marks it as text, it does not get output
+#
+#    2) local redirects
+#ErrorDocument 404 /missing.html
+#  to redirect to local URL /missing.html
+#ErrorDocument 404 /cgi-bin/missing_handler.pl
+#  N.B.: You can redirect to a script or a document using server-side-includes.
+#
+#    3) external redirects
+#ErrorDocument 402 http://some.other_server.com/subscription_info.html
+#  N.B.: Many of the environment variables associated with the original
+#  request will *not* be available to such a script.
+
+#
+# Customize behaviour based on the browser
+#
+<IfModule mod_setenvif.c>
+
+    #
+    # The following directives modify normal HTTP response behavior.
+    # The first directive disables keepalive for Netscape 2.x and browsers that
+    # spoof it. There are known problems with these browser implementations.
+    # The second directive is for Microsoft Internet Explorer 4.0b2
+    # which has a broken HTTP/1.1 implementation and does not properly
+    # support keepalive when it is used on 301 or 302 (redirect) responses.
+    #
+    BrowserMatch "Mozilla/2" nokeepalive
+    BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
+
+    #
+    # The following directive disables HTTP/1.1 responses to browsers which
+    # are in violation of the HTTP/1.0 spec by not being able to grok a
+    # basic 1.1 response.
+    #
+    BrowserMatch "RealPlayer 4\.0" force-response-1.0
+    BrowserMatch "Java/1\.0" force-response-1.0
+    BrowserMatch "JDK/1\.0" force-response-1.0
+
+</IfModule>
+
+#
+# Allow server status reports, with the URL of http://servername/server-status
+# Change the ".your_domain.com" to match your domain to enable.
+#
+#<Location /server-status>
+#    SetHandler server-status
+#    Order deny,allow
+#    Deny from all
+#    Allow from .your_domain.com
+#</Location>
+
+#
+# Allow remote server configuration reports, with the URL of
+#  http://servername/server-info (requires that mod_info.c be loaded).
+# Change the ".your_domain.com" to match your domain to enable.
+#
+#<Location /server-info>
+#    SetHandler server-info
+#    Order deny,allow
+#    Deny from all
+#    Allow from .your_domain.com
+#</Location>
+
+#
+# There have been reports of people trying to abuse an old bug from pre-1.1
+# days.  This bug involved a CGI script distributed as a part of Apache.
+# By uncommenting these lines you can redirect these attacks to a logging 
+# script on phf.apache.org.  Or, you can record them yourself, using the script
+# support/phf_abuse_log.cgi.
+#
+#<Location /cgi-bin/phf*>
+#    Deny from all
+#    ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi
+#</Location>
+
+#
+# Proxy Server directives. Uncomment the following lines to
+# enable the proxy server:
+#
+#<IfModule mod_proxy.c>
+    #ProxyRequests On
+    #
+    #<Directory proxy:*>
+    #    Order deny,allow
+    #    Deny from all
+    #    Allow from .your_domain.com
+    #</Directory>
+
+    #
+    # Enable/disable the handling of HTTP/1.1 "Via:" headers.
+    # ("Full" adds the server version; "Block" removes all outgoing Via: headers)
+    # Set to one of: Off | On | Full | Block
+    #
+    #ProxyVia On
+
+    #
+    # To enable the cache as well, edit and uncomment the following lines:
+    # (no cacheing without CacheRoot)
+    #
+    #CacheRoot "/var/cache/httpd"
+    #CacheSize 5
+    #CacheGcInterval 4
+    #CacheMaxExpire 24
+    #CacheLastModifiedFactor 0.1
+    #CacheDefaultExpire 1
+    #NoCache a_domain.com another_domain.edu joes.garage_sale.com
+
+#</IfModule>
+# End of proxy directives.
+
+### Section 3: Virtual Hosts
+#
+# VirtualHost: If you want to maintain multiple domains/hostnames on your
+# machine you can setup VirtualHost containers for them.
+# Please see the documentation at <URL:http://www.apache.org/docs/vhosts/>
+# for further details before you try to setup virtual hosts.
+# You may use the command line option '-S' to verify your virtual host
+# configuration.
+
+#
+# If you want to use name-based virtual hosts you need to define at
+# least one IP address (and port number) for them.
+#
+#NameVirtualHost 12.34.56.78:80
+#NameVirtualHost 12.34.56.78
+
+#
+# VirtualHost example:
+# Almost any Apache directive may go into a VirtualHost container.
+#
+#<VirtualHost ip.address.of.host.some_domain.com>
+#    ServerAdmin webmaster@host.some_domain.com
+#    DocumentRoot /www/docs/host.some_domain.com
+#    ServerName host.some_domain.com
+#    ErrorLog logs/host.some_domain.com-error_log
+#    CustomLog logs/host.some_domain.com-access_log common
+#</VirtualHost>
+
+#<VirtualHost _default_:*>
+#</VirtualHost>
+
+##
+##  SSL Global Context
+##
+##  All SSL configuration in this context applies both to
+##  the main server and all SSL-enabled virtual hosts.
+##
+
+#
+#   Some MIME-types for downloading Certificates and CRLs
+#
+<IfDefine SSL>
+AddType application/x-x509-ca-cert .crt
+AddType application/x-pkcs7-crl    .crl
+</IfDefine>
+
+<IfModule mod_ssl.c>
+
+#   Pass Phrase Dialog:
+#   Configure the pass phrase gathering process.
+#   The filtering dialog program (`builtin' is a internal
+#   terminal dialog) has to provide the pass phrase on stdout.
+SSLPassPhraseDialog  builtin
+
+#   Inter-Process Session Cache:
+#   Configure the SSL Session Cache: First either `none'
+#   or `dbm:/path/to/file' for the mechanism to use and
+#   second the expiring timeout (in seconds).
+#SSLSessionCache        none
+#SSLSessionCache        shm:/var/log/apache/ssl_scache(512000)
+SSLSessionCache         dbm:/var/log/apache/ssl_scache
+SSLSessionCacheTimeout  300
+
+#   Semaphore:
+#   Configure the path to the mutual explusion semaphore the
+#   SSL engine uses internally for inter-process synchronization.
+SSLMutex  file:/var/log/apache/ssl_mutex
+
+#   Pseudo Random Number Generator (PRNG):
+#   Configure one or more sources to seed the PRNG of the
+#   SSL library. The seed data should be of good random quality.
+#   WARNING! On some platforms /dev/random blocks if not enough entropy
+#   is available. This means you then cannot use the /dev/random device
+#   because it would lead to very long connection times (as long as
+#   it requires to make more entropy available). But usually those
+#   platforms additionally provide a /dev/urandom device which doesn't
+#   block. So, if available, use this one instead. Read the mod_ssl User
+#   Manual for more details.
+SSLRandomSeed startup builtin
+SSLRandomSeed connect builtin
+#SSLRandomSeed startup file:/dev/random  512
+#SSLRandomSeed startup file:/dev/urandom 512
+#SSLRandomSeed connect file:/dev/random  512
+#SSLRandomSeed connect file:/dev/urandom 512
+
+#   Logging:
+#   The home of the dedicated SSL protocol logfile. Errors are
+#   additionally duplicated in the general error log file.  Put
+#   this somewhere where it cannot be used for symlink attacks on
+#   a real server (i.e. somewhere where only root can write).
+#   Log levels are (ascending order: higher ones include lower ones):
+#   none, error, warn, info, trace, debug.
+SSLLog      /var/log/apache/ssl_engine_log
+SSLLogLevel info
+
+</IfModule>
+
+<IfDefine SSL>
+
+##
+## SSL Virtual Host Context
+##
+
+<VirtualHost _default_:443>
+
+#  General setup for the virtual host
+DocumentRoot "/usr/local/httpd/htdocs"
+ServerName linux.bagwan
+ServerAdmin webmaster@linux.bagwan
+ErrorLog /var/log/apache/error_log
+TransferLog /var/log/apache/access_log
+
+#   SSL Engine Switch:
+#   Enable/Disable SSL for this virtual host.
+SSLEngine on
+
+#   SSL Cipher Suite:
+#   List the ciphers that the client is permitted to negotiate.
+#   See the mod_ssl documentation for a complete list.
+#SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
+
+#   Server Certificate:
+#   Point SSLCertificateFile at a PEM encoded certificate.  If
+#   the certificate is encrypted, then you will be prompted for a
+#   pass phrase.  Note that a kill -HUP will prompt again. A test
+#   certificate can be generated with `make certificate' under
+#   built time. Keep in mind that if you've both a RSA and a DSA
+#   certificate you can configure both in parallel (to also allow
+#   the use of DSA ciphers, etc.)
+SSLCertificateFile /etc/httpd/ssl.crt/server.crt
+#SSLCertificateFile /etc/httpd/ssl.crt/server-dsa.crt
+
+#   Server Private Key:
+#   If the key is not combined with the certificate, use this
+#   directive to point at the key file.  Keep in mind that if
+#   you've both a RSA and a DSA private key you can configure
+#   both in parallel (to also allow the use of DSA ciphers, etc.)
+SSLCertificateKeyFile /etc/httpd/ssl.key/server.key
+#SSLCertificateKeyFile /etc/httpd/ssl.key/server-dsa.key
+
+#   Server Certificate Chain:
+#   Point SSLCertificateChainFile at a file containing the
+#   concatenation of PEM encoded CA certificates which form the
+#   certificate chain for the server certificate. Alternatively
+#   the referenced file can be the same as SSLCertificateFile
+#   when the CA certificates are directly appended to the server
+#   certificate for convinience.
+#SSLCertificateChainFile /etc/httpd/ssl.crt/ca.crt
+
+#   Certificate Authority (CA):
+#   Set the CA certificate verification path where to find CA
+#   certificates for client authentication or alternatively one
+#   huge file containing all of them (file must be PEM encoded)
+#   Note: Inside SSLCACertificatePath you need hash symlinks
+#         to point to the certificate files. Use the provided
+#         Makefile to update the hash symlinks after changes.
+#SSLCACertificatePath /etc/httpd/ssl.crt
+#SSLCACertificateFile /etc/httpd/ssl.crt/ca-bundle.crt
+
+#   Certificate Revocation Lists (CRL):
+#   Set the CA revocation path where to find CA CRLs for client
+#   authentication or alternatively one huge file containing all
+#   of them (file must be PEM encoded)
+#   Note: Inside SSLCARevocationPath you need hash symlinks
+#         to point to the certificate files. Use the provided
+#         Makefile to update the hash symlinks after changes.
+#SSLCARevocationPath /etc/httpd/ssl.crl
+#SSLCARevocationFile /etc/httpd/ssl.crl/ca-bundle.crl
+
+#   Client Authentication (Type):
+#   Client certificate verification type and depth.  Types are
+#   none, optional, require and optional_no_ca.  Depth is a
+#   number which specifies how deeply to verify the certificate
+#   issuer chain before deciding the certificate is not valid.
+#SSLVerifyClient require
+#SSLVerifyDepth  10
+
+#   Access Control:
+#   With SSLRequire you can do per-directory access control based
+#   on arbitrary complex boolean expressions containing server
+#   variable checks and other lookup directives.  The syntax is a
+#   mixture between C and Perl.  See the mod_ssl documentation
+#   for more details.
+#<Location />
+#SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ \
+#            and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
+#            and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
+#            and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
+#            and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20       ) \
+#           or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
+#</Location>
+
+#   SSL Engine Options:
+#   Set various options for the SSL engine.
+#   o FakeBasicAuth:
+#     Translate the client X.509 into a Basic Authorisation.  This means that
+#     the standard Auth/DBMAuth methods can be used for access control.  The
+#     user name is the `one line' version of the client's X.509 certificate.
+#     Note that no password is obtained from the user. Every entry in the user
+#     file needs this password: `xxj31ZMTZzkVA'.
+#   o ExportCertData:
+#     This exports two additional environment variables: SSL_CLIENT_CERT and
+#     SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
+#     server (always existing) and the client (only existing when client
+#     authentication is used). This can be used to import the certificates
+#     into CGI scripts.
+#   o StdEnvVars:
+#     This exports the standard SSL/TLS related `SSL_*' environment variables.
+#     Per default this exportation is switched off for performance reasons,
+#     because the extraction step is an expensive operation and is usually
+#     useless for serving static content. So one usually enables the
+#     exportation for CGI and SSI requests only.
+#   o CompatEnvVars:
+#     This exports obsolete environment variables for backward compatibility
+#     to Apache-SSL 1.x, mod_ssl 2.0.x, Sioux 1.0 and Stronghold 2.x. Use this
+#     to provide compatibility to existing CGI scripts.
+#   o StrictRequire:
+#     This denies access when "SSLRequireSSL" or "SSLRequire" applied even
+#     under a "Satisfy any" situation, i.e. when it applies access is denied
+#     and no other module can change it.
+#   o OptRenegotiate:
+#     This enables optimized SSL connection renegotiation handling when SSL
+#     directives are used in per-directory context. 
+#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
+<Files ~ "\.(cgi|shtml)$">
+    SSLOptions +StdEnvVars
+</Files>
+<Directory "/usr/local/httpd/cgi-bin">
+    SSLOptions +StdEnvVars
+</Directory>
+
+#   SSL Protocol Adjustments:
+#   The safe and default but still SSL/TLS standard compliant shutdown
+#   approach is that mod_ssl sends the close notify alert but doesn't wait for
+#   the close notify alert from client. When you need a different shutdown
+#   approach you can use one of the following variables:
+#   o ssl-unclean-shutdown:
+#     This forces an unclean shutdown when the connection is closed, i.e. no
+#     SSL close notify alert is send or allowed to received.  This violates
+#     the SSL/TLS standard but is needed for some brain-dead browsers. Use
+#     this when you receive I/O errors because of the standard approach where
+#     mod_ssl sends the close notify alert.
+#   o ssl-accurate-shutdown:
+#     This forces an accurate shutdown when the connection is closed, i.e. a
+#     SSL close notify alert is send and mod_ssl waits for the close notify
+#     alert of the client. This is 100% SSL/TLS standard compliant, but in
+#     practice often causes hanging connections with brain-dead browsers. Use
+#     this only for browsers where you know that their SSL implementation
+#     works correctly.
+#   Notice: Most problems of broken clients are also related to the HTTP
+#   keep-alive facility, so you usually additionally want to disable
+#   keep-alive for those clients, too. Use variable "nokeepalive" for this.
+SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
+
+#   Per-Server Logging:
+#   The home of a custom SSL log file. Use this when you want a
+#   compact non-error SSL logfile on a virtual host basis.
+CustomLog /var/log/apache/ssl_request_log \
+          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
+
+</VirtualHost>                                  
+
+</IfDefine>
+
+<IfDefine TOMCAT>
+Include /etc/httpd/httpd.tomcat
+</IfDefine>
+
+<IfDefine MODLOGAN>
+Include /etc/httpd/httpd.modlogan
+</IfDefine>
+
+<IfDefine WEBALIZER>
+Include /etc/httpd/httpd.webalizer
+</IfDefine>
+
+<IfDefine AXKIT>
+Include /etc/httpd/httpd.axkit
+</IfDefine>
+