- enable the checks that the suexec wrapper is a setuid root binary;
  so if people turn off setuid on the binary, suexec won't be enabled.

- fix hardcoded path to suexec2

- remove checks requiring /usr/sbin/httpd to be present: this is
  unnecessary, we know that httpd contains mod_so, and only the
  httpd-devel package should be required to build modules.

- Allow startup after unclean shutdown: remove mutex before
  creating it, use anonymous shm in shmcb.

- allow server/exports.c to be generated in a parallel build successfully

- ensure that when mod_ssl is unloaded, libcrypto doesn't still have the
  thread_id callback pointing at a mod_ssl function.

- make apache2ctl source /etc/conf.d/apache2 for startup options


diff -uNr httpd-2.0.48/include/httpd.h httpd-2.0.48-gentoo/include/httpd.h
--- httpd-2.0.48/include/httpd.h	2003-10-24 12:19:31.000000000 -0400
+++ httpd-2.0.48-gentoo/include/httpd.h	2003-10-29 21:58:46.000000000 -0500
@@ -180,7 +180,7 @@
 
 /* The path to the suExec wrapper, can be overridden in Configuration */
 #ifndef SUEXEC_BIN
-#define SUEXEC_BIN  HTTPD_ROOT "/bin/suexec"
+#define SUEXEC_BIN  "/usr/sbin/suexec2"
 #endif
 
 /* The timeout for waiting for messages */
diff -uNr httpd-2.0.48/modules/ssl/ssl_engine_mutex.c httpd-2.0.48-gentoo/modules/ssl/ssl_engine_mutex.c
--- httpd-2.0.48/modules/ssl/ssl_engine_mutex.c	2003-09-15 21:00:06.000000000 -0400
+++ httpd-2.0.48-gentoo/modules/ssl/ssl_engine_mutex.c	2003-10-29 22:04:22.000000000 -0500
@@ -74,6 +74,8 @@
     if (mc->nMutexMode == SSL_MUTEXMODE_NONE) 
         return TRUE;
 
+    apr_file_remove(mc->szMutexFile, p);
+
     if ((rv = apr_global_mutex_create(&mc->pMutex, mc->szMutexFile,
                                 mc->nMutexMech, p)) != APR_SUCCESS) {
         if (mc->szMutexFile)
diff -uNr httpd-2.0.48/modules/ssl/ssl_scache_shmcb.c httpd-2.0.48-gentoo/modules/ssl/ssl_scache_shmcb.c
--- httpd-2.0.48/modules/ssl/ssl_scache_shmcb.c	2003-02-03 12:31:54.000000000 -0500
+++ httpd-2.0.48-gentoo/modules/ssl/ssl_scache_shmcb.c	2003-10-29 22:04:22.000000000 -0500
@@ -375,7 +375,7 @@
 
     if ((rv = apr_shm_create(&(mc->pSessionCacheDataMM), 
                              mc->nSessionCacheDataSize, 
-                             mc->szSessionCacheDataFile,
+                             NULL,
                              mc->pPool)) != APR_SUCCESS) {
         char buf[100];
         ap_log_error(APLOG_MARK, APLOG_ERR, 0, s,
diff -uNr httpd-2.0.48/modules/ssl/ssl_util.c httpd-2.0.48-gentoo/modules/ssl/ssl_util.c
--- httpd-2.0.48/modules/ssl/ssl_util.c	2003-05-16 14:12:19.000000000 -0400
+++ httpd-2.0.48-gentoo/modules/ssl/ssl_util.c	2003-10-29 23:06:06.000000000 -0500
@@ -455,6 +455,8 @@
 {
     CRYPTO_set_locking_callback(NULL);
 
+    CRYPTO_set_id_callback(NULL);
+
     /* Let the registered mutex cleanups do their own thing 
      */
     return APR_SUCCESS;
diff -uNr httpd-2.0.48/os/unix/unixd.c httpd-2.0.48-gentoo/os/unix/unixd.c
--- httpd-2.0.48/os/unix/unixd.c	2003-09-15 21:00:06.000000000 -0400
+++ httpd-2.0.48-gentoo/os/unix/unixd.c	2003-10-29 21:57:35.000000000 -0500
@@ -243,23 +243,20 @@
 
 AP_DECLARE(void) unixd_pre_config(apr_pool_t *ptemp)
 {
-    apr_finfo_t wrapper;
+    struct stat wrapper;
 
     unixd_config.user_name = DEFAULT_USER;
     unixd_config.user_id = ap_uname2id(DEFAULT_USER);
     unixd_config.group_id = ap_gname2id(DEFAULT_GROUP);
 
     /* Check for suexec */
-    unixd_config.suexec_enabled = 0;
-    if ((apr_stat(&wrapper, SUEXEC_BIN, 
-                  APR_FINFO_NORM, ptemp)) != APR_SUCCESS) {
-        return;
-    }
-
-    /* XXX - apr_stat is incapable of checking suid bits (grumble) */
-    /* if ((wrapper.filetype & S_ISUID) && wrapper.user == 0) { */
+    if (stat(SUEXEC_BIN, &wrapper) == 0 && 
+	(wrapper.st_mode & S_ISUID) && wrapper.st_uid == 0) {
         unixd_config.suexec_enabled = 1;
-    /* } */
+    } else {
+	unixd_config.suexec_enabled = 0;
+    }
+    
 }
 
 
diff -uNr httpd-2.0.48/server/Makefile.in httpd-2.0.48-gentoo/server/Makefile.in
--- httpd-2.0.48/server/Makefile.in	2003-03-11 10:41:55.000000000 -0500
+++ httpd-2.0.48-gentoo/server/Makefile.in	2003-10-29 22:07:41.000000000 -0500
@@ -70,6 +70,9 @@
 # wtf does this have to be explicit????
 exports.lo: exports.c
 
+# Needed to allow exports.c to be generated in a parallel build successfully
+.NOTPARALLEL: $(top_builddir)/server/exports.c
+
 # Rule to make def file for OS/2 core dll
 ApacheCoreOS2.def: exports.c export_vars.h $(top_srcdir)/os/$(OS_DIR)/core_header.def
 	cat $(top_srcdir)/os/$(OS_DIR)/core_header.def > $@
diff -uNr httpd-2.0.48/support/apachectl.in httpd-2.0.48-gentoo/support/apachectl.in
--- httpd-2.0.48/support/apachectl.in	2003-02-03 12:32:08.000000000 -0500
+++ httpd-2.0.48-gentoo/support/apachectl.in	2003-10-29 23:08:58.000000000 -0500
@@ -28,7 +28,8 @@
 # --------------------                              --------------------
 # 
 # the path to your httpd binary, including options if necessary
-HTTPD='@exp_sbindir@/@progname@'
+. /etc/conf.d/apache2
+HTTPD="@exp_sbindir@/@progname@ ${APACHE2_OPTS}"
 #
 # pick up any necessary environment variables
 if test -f @exp_bindir@/envvars; then
diff -uNr httpd-2.0.48/support/apxs.in httpd-2.0.48-gentoo/support/apxs.in
--- httpd-2.0.48/support/apxs.in	2003-05-21 07:39:52.000000000 -0400
+++ httpd-2.0.48-gentoo/support/apxs.in	2003-10-29 22:02:48.000000000 -0500
@@ -237,19 +237,6 @@
     ($httpd = $0) =~ s:support/apxs$::;
 }
 
-unless (-x "$httpd") {
-	error("$httpd not found or not executable");
-	exit 1;
-}
-
-unless (grep /mod_so/, `. $envvars && $httpd -l`) {
-    error("Sorry, no shared object support for Apache");
-    error("available under your platform. Make sure");
-    error("the Apache module mod_so is compiled into");
-    error("your server binary `$httpd'.");
-    exit 1;
-}
-
 sub get_config_vars{
     my ($file, $rh_config) = @_;