, for the Debian GNU/Linux system
+(but may be used by others).
--- apache2-2.2.21.orig/debian/default-index.html
+++ apache2-2.2.21/debian/default-index.html
@@ -0,0 +1,4 @@
+It works!
+This is the default web page for this server.
+The web server software is running but no content has been added, yet.
+
--- apache2-2.2.21.orig/debian/secondary-init-script
+++ apache2-2.2.21/debian/secondary-init-script
@@ -0,0 +1,19 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: apache2-XXX
+# Required-Start: $local_fs $remote_fs $network $syslog $named
+# Required-Stop: $local_fs $remote_fs $network $syslog $named
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# X-Interactive: true
+# Short-Description: Start/stop apache2 web server (config /etc/apache2-XXX)
+### END INIT INFO
+
+set -e
+
+#
+# this init script can be installed as /etc/init.d/apache2-XXX
+#
+
+# source original init script to keep $0 and other arguments
+. /etc/init.d/apache2
--- apache2-2.2.21.orig/debian/mpms.preinst
+++ apache2-2.2.21/debian/mpms.preinst
@@ -0,0 +1,30 @@
+#!/bin/sh -e
+
+#Debian preinstall handling for apache2
+# Thom May
+
+if [ "$2" ] && dpkg --compare-versions "$2" lt 2.2; then
+ if [ -x "/etc/init.d/apache2" ]; then
+ if [ -x /usr/sbin/invoke-rc.d ]; then
+ invoke-rc.d apache2 stop || true
+ else
+ /etc/init.d/apache2 stop || true
+ fi
+ fi
+ chmod -x /usr/sbin/apache2
+fi
+
+case "$1" in
+ install)
+ rm -f /var/cache/apache2/reload
+ ;;
+ upgrade)
+ if [ -d /var/cache/apache2 ]; then
+ touch /var/cache/apache2/reload
+ fi
+ ;;
+ *)
+ ;;
+esac
+
+#DEBHELPER#
--- apache2-2.2.21.orig/debian/apache2.2-common.postrm
+++ apache2-2.2.21/debian/apache2.2-common.postrm
@@ -0,0 +1,79 @@
+#! /bin/sh
+
+set -e
+
+# Allow apache 2.4 to override what we do.
+if [ -x /etc/apache2/upgrade-to-2.4-in-progress ] ; then
+ set +e
+ /etc/apache2/upgrade-to-2.4-in-progress $0 "$@"
+ ret=$?
+ set -e
+ case $ret in
+ 42)
+ exit 0
+ ;;
+ 43)
+ DONT_PURGE=1
+ ;;
+ 0)
+ : # do nothing
+ ;;
+ *)
+ exit $ret
+ ;;
+ esac
+fi
+
+
+if [ "$1" = purge -a "$DONT_PURGE" != 1 ] ; then
+ rm -f /etc/apache2/httpd.conf \
+ /var/cache/apache2/reload \
+ /var/log/apache2/access.log* \
+ /var/log/apache2/other_vhosts_access.log* \
+ /var/log/apache2/error.log*
+
+ rm -rf /var/cache/apache2/proxy \
+ /var/cache/apache2/mod_disk_cache \
+ /var/run/apache2 \
+ /var/lock/apache2
+
+ for f in /etc/apache2/sites-enabled/* \
+ /etc/apache2/mods-enabled/* ; do
+ [ -L "$f" ] && rm -f "$f"
+ done
+
+ for d in /etc/apache2/sites-enabled/ \
+ /etc/apache2/mods-enabled/ \
+ /etc/apache2/conf.d \
+ /etc/apache2 \
+ /var/log/apache2 \
+ /var/cache/apache2 ; do
+ rmdir $d 2> /dev/null || true
+ done
+
+fi
+
+restore_conffile() {
+ if [ -e $1.dpkg-apache2.2-common.old ] ; then
+ echo Restoring previous version of $1 ...
+ mv $1.dpkg-apache2.2-common.old $1
+ fi
+}
+
+if [ "$1" = abort-upgrade ] ; then
+ restore_conffile /etc/default/apache2
+ restore_conffile /etc/apache2/ports.conf
+ restore_conffile /etc/apache2/conf.d/charset
+fi
+
+if [ "$1" = remove ] ; then
+ MD5SUM="`md5sum /var/www/index.html 2>/dev/null | cut -d ' ' -f 1`"
+ case "$MD5SUM" in
+ 5388f60d7695cb57b87c799ee62d20b2|\
+ 21dde95d9d269cbb2fa6560309dca40c)
+ rm -f /var/www/index.html
+ ;;
+ esac
+fi
+
+#DEBHELPER#
--- apache2-2.2.21.orig/debian/apache2-threaded-dev.install
+++ apache2-2.2.21/debian/apache2-threaded-dev.install
@@ -0,0 +1 @@
+usr/share/man/man8/apxs2.8
--- apache2-2.2.21.orig/debian/source.lintian-overrides
+++ apache2-2.2.21/debian/source.lintian-overrides
@@ -0,0 +1,2 @@
+apache2 source: ancient-autotools-helper-file srclib/apr-util/xml/expat/conftools/config.sub 2002-03-07
+apache2 source: ancient-autotools-helper-file srclib/apr-util/xml/expat/conftools/config.guess 2002-03-20
--- apache2-2.2.21.orig/debian/clean
+++ apache2-2.2.21/debian/clean
@@ -0,0 +1,28 @@
+debian/apache2-mpm-worker.postinst
+debian/apache2-mpm-worker.preinst
+debian/apache2-mpm-worker.prerm
+debian/apache2-mpm-worker.lintian-overrides
+debian/apache2-mpm-worker.dirs
+debian/apache2-mpm-worker.links
+debian/apache2-mpm-event.postinst
+debian/apache2-mpm-event.preinst
+debian/apache2-mpm-event.prerm
+debian/apache2-mpm-event.lintian-overrides
+debian/apache2-mpm-event.dirs
+debian/apache2-mpm-event.links
+debian/apache2-mpm-prefork.postinst
+debian/apache2-mpm-prefork.preinst
+debian/apache2-mpm-prefork.prerm
+debian/apache2-mpm-prefork.lintian-overrides
+debian/apache2-mpm-prefork.dirs
+debian/apache2-mpm-prefork.links
+debian/apache2-mpm-itk.postinst
+debian/apache2-mpm-itk.preinst
+debian/apache2-mpm-itk.prerm
+debian/apache2-mpm-itk.lintian-overrides
+debian/apache2-mpm-itk.dirs
+debian/apache2-mpm-itk.links
+debian/apache2-prefork-dev.postinst
+debian/apache2-threaded-dev.postinst
+debian/tmp-worker
+debian/tmp-prefork
--- apache2-2.2.21.orig/debian/apache2ctl.8
+++ apache2-2.2.21/debian/apache2ctl.8
@@ -0,0 +1,182 @@
+.TH apache2ctl 8 "April 2008"
+.\" The Apache Software License, Version 1.1
+.\"
+.\" Copyright (c) 2000-2002 The Apache Software Foundation. All rights
+.\" reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in
+.\" the documentation and/or other materials provided with the
+.\" distribution.
+.\"
+.\" 3. The end-user documentation included with the redistribution,
+.\" if any, must include the following acknowledgment:
+.\" "This product includes software developed by the
+.\" Apache Software Foundation (http://www.apache.org/)."
+.\" Alternately, this acknowledgment may appear in the software itself,
+.\" if and wherever such third-party acknowledgments normally appear.
+.\"
+.\" 4. The names "Apache" and "Apache Software Foundation" must
+.\" not be used to endorse or promote products derived from this
+.\" software without prior written permission. For written
+.\" permission, please contact apache@apache.org.
+.\"
+.\" 5. Products derived from this software may not be called "Apache",
+.\" nor may "Apache" appear in their name, without prior written
+.\" permission of the Apache Software Foundation.
+.\"
+.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
+.\" WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+.\" DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
+.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+.\" LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
+.\" USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+.\" ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+.\" OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+.\" OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" This software consists of voluntary contributions made by many
+.\" individuals on behalf of the Apache Software Foundation. For more
+.\" information on the Apache Software Foundation, please see
+.\" .
+.\"
+.SH NAME
+apache2ctl \- Apache HTTP server control interface
+.SH SYNOPSIS
+When acting in SysV init mode, apache2ctl takes simple, one-word commands,
+defined below.
+.PP
+.B apachectl
+.I command
+.PP
+.B apache2ctl
+.I command
+.PP
+When acting in pass-through mode, apache2ctl can take all the arguments available
+for the httpd binary.
+.PP
+.B apachectl
+.RI [ httpd-argument ]
+.PP
+.B apache2ctl
+.RI [ httpd-argument ]
+.PP
+.SH DESCRIPTION
+.B apache2ctl
+is a front end to the Apache HyperText Transfer Protocol (HTTP)
+server. It is designed to help the administrator control the
+functioning of the Apache
+.B apache2
+daemon.
+.PP
+.B NOTE:
+The default Debian configuration requires the environment variables
+.BR APACHE_RUN_USER ,
+.BR APACHE_RUN_GROUP ,
+and
+.B APACHE_PID_FILE
+to be set in
+.BR /etc/apache2/envvars .
+.PP
+The
+.B apache2ctl
+script returns a 0 exit value on success, and >0 if an error
+occurs. For more details, view the comments in the script.
+.PP
+.SH OPTIONS
+The \fIcommand\fP can be any one or more of the following options:
+.TP 14
+.BI start
+Start the Apache daemon. Gives an error if it is already running.
+.TP
+.BI stop
+Stops the Apache daemon.
+.TP
+.BI restart
+Restarts the Apache daemon by sending it a SIGHUP. If the daemon
+is not running, it is started.
+This command automatically checks the configuration files via
+.BI configtest
+before initiating the restart to to catch the most obvious errors.
+However, it is still possible for the daemon to die because of problems
+with the configuration.
+.TP
+.BI fullstatus
+Displays a full status report from
+.B mod_status.
+For this to work, you need to have mod_status enabled on your server
+and a text-based browser such as \fIlynx\fP available on your system. The
+URL used to access the status report can be set by setting the
+.B APACHE_STATUSURL
+variable in
+.BR /etc/apache2/envvars .
+.TP
+.BI status
+Displays a brief status report. Similar to the fullstatus option,
+except that the list of requests currently being served is omitted.
+.TP
+.BI graceful
+Gracefully restarts the Apache daemon by sending it a SIGUSR1. If
+the daemon is not running, it is started. This differs from a
+normal restart in that currently open connections are not aborted.
+A side effect is that old log files will not be closed immediately.
+This means that if used in a log rotation script, a substantial delay may be
+necessary to ensure that the old log files are closed before processing them.
+This command automatically checks the configuration files via apache2ctl
+configtest before initiating the restart to to catch the most obvious errors.
+However, it is still possible for the daemon to die because of problems with
+the configuration.
+.TP
+.BI graceful-stop
+Gracefully stops the Apache httpd daemon.
+This differs from a normal stop in that currently open connections are not
+aborted.
+A side effect is that old log files will not be closed immediately.
+.TP
+.BI configtest
+Run a configuration file syntax test. It parses the configuration
+files and either reports
+.B "Syntax Ok"
+or information about the particular syntax error. This test does not catch
+all errors.
+.TP
+.BI help
+Displays a short help message.
+.TP
+The following option was available in earlier versions but has been removed.
+.TP
+.BI startssl
+To start httpd with SSL support, you should edit your configuration file to
+include the relevant directives and then use the normal apache2ctl start.
+.SH ENVIRONMENT
+The behaviour of
+.B apache2ctl
+can be influenced with these environment variables:
+.BR APACHE_HTTPD ,
+.BR APACHE_LYNX ,
+.BR APACHE_STATUSURL ,
+.BR APACHE_ULIMIT_MAX_FILES ,
+.BR APACHE_RUN_DIR ,
+.BR APACHE_LOCK_DIR ,
+.BR APACHE_RUN_USER ,
+.BR APACHE_ARGUMENTS ,
+.BR APACHE_ENVVARS .
+See the comments in the script for details.
+These variables (except
+.BR APACHE_ENVVARS )
+can be set in
+.BR /etc/apache2/envvars .
+.SH SEE ALSO
+.BR apache2(8) ,
+.BR /usr/share/doc/apache2.2-common/README.Debian.gz
+.
--- apache2-2.2.21.orig/debian/ask-for-passphrase
+++ apache2-2.2.21/debian/ask-for-passphrase
@@ -0,0 +1,42 @@
+#!/bin/bash
+#
+# ask-for-passphrase - designed to be used by SSLPassPhraseDialog exec:
+#
+# Copyright Canonical, Ltd. 2010, All Rights Reserved
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see .
+#
+
+sitename=$1
+keytype=$2
+
+prompt="Apache needs to decrypt your SSL Keys for $sitename ($keytype)
+Please enter passphrase:"
+if [ -x /bin/plymouth ] && plymouth --ping ; then
+ echo $prompt | logger
+ exec plymouth ask-for-password --prompt="$prompt"
+else
+ tty=`tty`
+ if [ "$tty" = "not a tty" ] ; then
+ # Apache gives us a pipe for stdin, but we want to
+ # talk to apache's terminal.
+ tty=`tty < /proc/${PPID}/fd/0`
+ if [ "$tty" = "not a tty" ] ; then
+ exit 1
+ fi
+ fi
+ # We must not print anything on stdout except the passphrase
+ read -s -p "$prompt" passphrase > $tty 2>&1 < $tty
+ echo $passphrase
+fi
--- apache2-2.2.21.orig/debian/apache2.2-common.bug-control
+++ apache2-2.2.21/debian/apache2.2-common.bug-control
@@ -0,0 +1 @@
+package-status: apache2-mpm-prefork apache2-mpm-worker apache2-mpm-event apache2-mpm-itk
--- apache2-2.2.21.orig/debian/suexec-custom.config
+++ apache2-2.2.21/debian/suexec-custom.config
@@ -0,0 +1,7 @@
+/var/www
+public_html/cgi-bin
+# The first two lines contain the suexec document root and the suexec userdir
+# suffix. If one of them is disabled by prepending a # character, suexec will
+# refuse the corresponding type of request.
+# This config file is only used by the apache2-suexec-custom package. See the
+# suexec man page included in the package for more details.
--- apache2-2.2.21.orig/debian/README.source
+++ apache2-2.2.21/debian/README.source
@@ -0,0 +1,17 @@
+Debian-apache uses dpatch to make changes to the upstream source.
+
+To apply all of the patches run:
+./debian/rules patch
+
+To unapply all of the patches run:
+./debian/rules unpatch
+
+To add (or edit) a patch run:
+dpatch-edit-patch name_of_patch_goes_here
+#make your changes
+exit
+
+dpatch will make a new patch in debian/patches/ if one with that name doesn't already exist, otherwise it will change the existing one.
+To make it get used add it to debian/patches/00list .
+
+To make a patch not get used remove it from debian/patches/00list .
--- apache2-2.2.21.orig/debian/apache2.2-common.postinst
+++ apache2-2.2.21/debian/apache2.2-common.postinst
@@ -0,0 +1,97 @@
+#!/bin/sh -e
+
+if [ "$1" != "configure" ]; then
+ exit 0
+fi
+
+mod_is_enabled() {
+ test -L /etc/apache2/mods-enabled/$1.load
+}
+
+#set up default site and dummy error and access logs
+if [ -z "$2" ]; then
+ if [ ! -L /etc/apache2/sites-enabled/000-default -a \
+ ! -f /etc/apache2/sites-enabled/000-default ]; then
+ a2ensite -q default
+ fi
+ touch /var/log/apache2/error.log /var/log/apache2/access.log
+ chown root:adm /var/log/apache2/error.log /var/log/apache2/access.log
+ chmod 0640 /var/log/apache2/error.log /var/log/apache2/access.log
+fi
+
+# Note, this line catches new installs as well as upgrades
+if dpkg --compare-versions "$2" lt 2.2.3-3.1; then
+ a2enmod -q alias
+ a2enmod -q autoindex
+ a2enmod -q dir
+ a2enmod -q env
+ a2enmod -q mime
+ a2enmod -q negotiation
+ a2enmod -q setenvif
+ a2enmod -q status
+ a2enmod -q auth_basic
+ a2enmod -q deflate
+
+ # Those come from mod_auth:
+ a2enmod -q authz_default
+ a2enmod -q authz_user
+ a2enmod -q authz_groupfile
+ a2enmod -q authn_file
+
+ # This comes from mod_access:
+ a2enmod -q authz_host
+
+fi
+
+if [ -n "$2" ] && dpkg --compare-versions "$2" lt 2.2.15-4~ ; then
+ echo activating new config files ...
+ for a in ldap proxy_balancer proxy_ftp ; do
+ if mod_is_enabled $a && [ ! -e /etc/apache2/mods-enabled/$a.conf ] ; then
+ a2enmod -q $a
+ fi
+ done
+ echo " done."
+fi
+
+# Note, this line catches new installs as well as upgrades
+if dpkg --compare-versions "$2" lt 2.2.7-1~0; then
+ if [ ! -e /var/www/index.html -a \
+ ! -h /var/www/index.html -a \
+ ! -e /var/www/index.cgi -a \
+ ! -e /var/www/index.pl -a \
+ ! -e /var/www/index.php -a \
+ ! -e /var/www/index.xhtml -a \
+ ! -e /var/www/index.htm ] ; then
+ cp /usr/share/apache2/default-site/index.html /var/www/index.html
+ fi
+fi
+
+# DavLockDB format change
+if dpkg --compare-versions "$2" lt 2.2.14-3~; then
+ rm -f /var/lock/apache2/DAVLock.dir /var/lock/apache2/DAVLock.pag
+fi
+
+# Note, this line catches new installs as well as upgrades
+if dpkg --compare-versions "$2" lt 2.2.15-1~0; then
+ a2enmod -q reqtimeout
+fi
+
+# The definition of other_vhost_access.log has been moved.
+# Disable the new definition if the admin has changed the old
+# one (as determined by preinst).
+if [ -e /etc/apache2/disable-other-vhost-access-log.dpkg-apache2.2-common ] ; then
+ echo "Disabling /etc/apache2/conf.d/other-vhosts-access-log"
+ perl -p -i -e 's/^(CustomLog.*)$/#$1/' /etc/apache2/conf.d/other-vhosts-access-log
+ rm /etc/apache2/disable-other-vhost-access-log.dpkg-apache2.2-common
+fi
+
+rm -f /etc/apache2/ports.conf.dpkg-apache2.2-common.old
+rm -f /etc/default/apache2.dpkg-apache2.2-common.old
+rm -f /etc/apache2/conf.d/charset.dpkg-apache2.2-common.old
+
+[ -f /etc/apache2/httpd.conf ] || touch /etc/apache2/httpd.conf
+
+#DEBHELPER#
+
+exit 0
+
--- apache2-2.2.21.orig/debian/compat
+++ apache2-2.2.21/debian/compat
@@ -0,0 +1 @@
+7
--- apache2-2.2.21.orig/debian/apache2.2-common.lintian-overrides
+++ apache2-2.2.21/debian/apache2.2-common.lintian-overrides
@@ -0,0 +1,3 @@
+apache2.2-common: setuid-binary usr/lib/apache2/suexec 4754 root/www-data
+apache2.2-common: non-standard-dir-perm var/log/apache2/ 0750 != 0755
+apache2.2-common: package-contains-empty-directory usr/lib/cgi-bin/
--- apache2-2.2.21.orig/debian/apache2-suexec.install
+++ apache2-2.2.21/debian/apache2-suexec.install
@@ -0,0 +1,2 @@
+usr/sbin/suexec usr/lib/apache2
+usr/share/man/man8/suexec.8
--- apache2-2.2.21.orig/debian/a2enmod.8
+++ apache2-2.2.21/debian/a2enmod.8
@@ -0,0 +1,73 @@
+.\" Hey, EMACS: -*- nroff -*-
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH A2ENMOD 8 "12 October 2006"
+.\" Please adjust this date whenever revising the manpage.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp insert n+1 empty lines
+.\" for manpage-specific macros, see man(7)
+.SH NAME
+a2enmod, a2dismod \- enable or disable an apache2 module
+.SH SYNOPSIS
+.B a2enmod
+.RI [ module ]
+.PP
+.B a2dismod
+.RI [ module ]
+.SH DESCRIPTION
+This manual page documents briefly the
+.B a2enmod
+and
+.B a2dismod
+commands.
+.PP
+.B a2enmod
+is a script that enables the specified module within the
+.B apache2
+configuration. It does this by creating symlinks within
+.BR /etc/apache2/mods-enabled .
+Likewise,
+.B a2dismod
+disables a module by removing those symlinks. It is not an error to
+enable a module which is already enabled, or to disable one which is
+already disabled.
+.PP
+Note that many modules have, in addition to a .load file, an
+associated .conf file. Enabling the module puts the configuration
+directives in the .conf file as directives into the main server context of
+.B apache2
+.SH EXAMPLES
+.RS
+.B "a2enmod imagemap"
+.br
+.B "a2dismod mime_magic"
+.RE
+.PP
+Enables the
+.B mod_imagemap
+module, and disables the
+.B mod_mime_magic
+module.
+.SH FILES
+.TP
+.B /etc/apache2/mods-available
+Directory with files giving information on available modules.
+.TP
+.B /etc/apache2/mods-enabled
+Directory with links to the files in
+.B mods-available
+for enabled modules.
+.SH "SEE ALSO"
+.BR apache2ctl (8).
+.SH AUTHOR
+This manual page was written by Daniel Stone for the Debian
+GNU/Linux distribution, as it is a Debian-specific script with the package.
--- apache2-2.2.21.orig/debian/checkgid.8
+++ apache2-2.2.21/debian/checkgid.8
@@ -0,0 +1,36 @@
+.\" Hey, EMACS: -*- nroff -*-
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH CHECKGID 8 "November 3rd, 2001"
+.\" Please adjust this date whenever revising the manpage.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp insert n+1 empty lines
+.\" for manpage-specific macros, see man(7)
+.SH NAME
+checkgid \- checks the gid
+.SH SYNOPSIS
+.B checkgid group
+.SH DESCRIPTION
+This manual page documents briefly the
+.B checkgid
+command.
+.PP
+.\" TeX users may be more comfortable with the \fB\fP and
+.\" \fI\fP escape sequences to invode bold face and italics,
+.\" respectively.
+\fBcheckgid\fP is a program that checks whether it can setgid to the group
+specified. This is to see if it is a valid group for apache2 to use at runtime.
+If the user (should be run as superuser) is in that group, or can setgid to it,
+it will return 0.
+.SH AUTHOR
+This manual page was written by Daniel Stone for the Debian
+GNU/Linux distribution, as the original did not have a manpage.
--- apache2-2.2.21.orig/debian/apache2-doc.install
+++ apache2-2.2.21/debian/apache2-doc.install
@@ -0,0 +1,3 @@
+usr/share/apache2/default-site/htdocs/manual usr/share/doc/apache2-doc
+usr/lib/cgi-bin/printenv usr/share/doc/apache2-doc/cgi-examples
+usr/lib/cgi-bin/test-cgi usr/share/doc/apache2-doc/cgi-examples
--- apache2-2.2.21.orig/debian/NEWS
+++ apache2-2.2.21/debian/NEWS
@@ -0,0 +1,165 @@
+apache2 (2.2.15-4) unstable; urgency=low
+
+ * Note to people using mod_proxy as forward proxy, i.e. with
+ 'ProxyRequests on':
+ This release disables the configuration in mods-available/proxy.conf
+ by default. You should verify that access control for proxy access
+ still works as intended. This is especially important if you have
+ your forward proxy configuration in a different configuration file
+ than proxy.conf.
+
+ -- Stefan Fritsch Mon, 19 Apr 2010 22:36:57 +0200
+
+apache2 (2.2.15-1) unstable; urgency=low
+
+ * To fix a security vulnerability in the design of the SSL/TLS protocol
+ (CVE-2009-3555), the protocol had to be extended (RFC 5746). By default,
+ session renegotiation is no longer supported with old clients that do not
+ implement this extension. This breaks certain configurations with client
+ certificate authentication. If you still need to support old clients, you
+ may restore the old (insecure) behaviour by uncommenting the
+
+ SSLInsecureRenegotiation on
+
+ line in /etc/apache2/mods-available/ssl.conf
+
+ * This release adds and enables mod_reqtimeout, which limits the time
+ Apache waits for a client to send a complete request. This helps to
+ mitigate against certain denial of service attacks. In case of problems
+ with slow clients, the timeout values can be adjusted in
+ /etc/apache2/mods-available/reqtimeout.conf , or the module can be
+ disabled with "a2dismod reqtimeout".
+
+ -- Stefan Fritsch