diff -u -r ../apache_1.2.6/src/Configuration ./src/Configuration
--- ../apache_1.2.6/src/Configuration	Thu Feb 19 07:46:21 1998
+++ ./src/Configuration	Fri Apr 10 17:17:05 1998
@@ -44,7 +44,7 @@
 # REDHAT LINUX 5.0 USERS PLEASE NOTE!  You have to add -lcrypt to
 # EXTRA_LIBS.  This is fixed in 1.3 but will not be fixed in 1.2.
 #
-EXTRA_CFLAGS=
+EXTRA_CFLAGS=-w3 -g
 EXTRA_LFLAGS=
 EXTRA_LIBS=
 EXTRA_INCLUDES=
@@ -53,6 +53,21 @@
 #OPTIM=-O2
 #RANLIB=
 
+TARGET=httpsd
+
+#
+# SSL Related stuff. N.B. This is set up to use the SSLeay source, NOT an
+# installed version. This is because the paths differ between the source and
+# the installed version.
+#
+#SSL_BASE= /u/ben/work/scuzzy-ssleay6
+SSL_BASE= /u/ben/apache/SSLeay-0.9.0-ben
+SSL_INCLUDE= -I$(SSL_BASE)/include
+SSL_CFLAGS= -DAPACHE_SSL $(SSL_INCLUDE)
+SSL_LIB_DIR= $(SSL_BASE)
+SSL_LIBS= -L$(SSL_LIB_DIR) -lssl -lcrypto
+SSL_APP_DIR= $(SSL_BASE)/apps
+
 ################################################################
 # Rules configuration
 #
@@ -203,7 +218,7 @@
 ## NOTE: You do not want this module UNLESS you are running a proxy;
 ##       it is not needed for normal (origin server) operation.
 
-# Module proxy_module        modules/proxy/libproxy.a
+Module proxy_module        modules/proxy/libproxy.a
 
 ## The Alias module provides simple URL translation and redirection.
 
@@ -212,7 +227,7 @@
 ## mod_rewrite allows for powerful URI-to-URI and URI-to-filename mapping,
 ## using regular expressions.
 
-# Module rewrite_module      mod_rewrite.o
+Module rewrite_module      mod_rewrite.o
 
 ##
 ## Access control and authentication modules. 
@@ -223,7 +238,7 @@
 ## The anon_auth module allows for anonymous-FTP-style username/ 
 ## password authentication.
 
-# Module anon_auth_module    mod_auth_anon.o
+Module anon_auth_module    mod_auth_anon.o
 
 ## db_auth and dbm_auth work with Berkeley DB files - make sure there
 ## is support for DBM files on your system.  You may need to grab the GNU
@@ -231,7 +246,7 @@
 ## done by Configure at a later date)
 
 # Module db_auth_module      mod_auth_db.o
-# Module dbm_auth_module     mod_auth_dbm.o
+Module dbm_auth_module     mod_auth_dbm.o
 
 ## msql_auth checks against an mSQL database.  You must have mSQL installed
 ## and an "msql.h" available for this to even compile.  Additionally,
@@ -247,24 +262,28 @@
 ## "digest" implements HTTP Digest Authentication rather than the less 
 ## secure Basic Auth used by the other modules.
 
-# Module digest_module       mod_digest.o
+Module digest_module       mod_digest.o
 
 ## Optional response header manipulation modules. 
 ##
 ## cern_meta mimics the behavior of the CERN web server with regards to 
 ## metainformation files.  
 
-# Module cern_meta_module    mod_cern_meta.o
+Module cern_meta_module    mod_cern_meta.o
 
 ## The expires module can apply Expires: headers to resources,
 ## as a function of access time or modification time.
 
-# Module expires_module      mod_expires.o
+Module expires_module      mod_expires.o
 
 ## The headers module can set arbitrary HTTP response headers,
 ## as configured in server, vhost, access.conf or .htaccess configs
 
-# Module headers_module      mod_headers.o
+Module headers_module      mod_headers.o
+
+# Damn damn damn. Apache inverts the module list. SSL must go first to fake
+# basic authorization. So, uncomment this line to add SSL.
+Module ssl_module apache_ssl.o
 
 ## Miscellaneous modules
 ##
@@ -276,7 +295,7 @@
 ## You do not need this, or any other module to allow your site
 ## to use Cookies.  This module is for user tracking only
 
-# Module usertrack_module      mod_usertrack.o
+Module usertrack_module      mod_usertrack.o
 
 ## The example module, which demonstrates the use of the API.  See
 ## the file modules/example/README for details.  This module should
diff -u -r ../apache_1.2.6/src/Configuration.tmpl ./src/Configuration.tmpl
--- ../apache_1.2.6/src/Configuration.tmpl	Fri Jan 30 09:13:44 1998
+++ ./src/Configuration.tmpl	Fri Mar 27 18:06:38 1998
@@ -53,6 +53,18 @@
 #OPTIM=-O2
 #RANLIB=
 
+TARGET=httpsd
+
+#
+# SSL Related stuff. N.B. This is set up to use the SSLeay source, NOT an
+# installed version.
+#
+SSL_BASE=/u/ben/work/scuzzy-ssleay6
+SSL_INCLUDE= -I$(SSL_BASE)/include
+SSL_CFLAGS= -DAPACHE_SSL $(SSL_INCLUDE)
+SSL_LIB_DIR= $(SSL_BASE)
+SSL_LIBS= -L$(SSL_LIB_DIR) -lssl -lcrypto
+
 ################################################################
 # Rules configuration
 #
@@ -265,6 +277,10 @@
 ## as configured in server, vhost, access.conf or .htaccess configs
 
 # Module headers_module      mod_headers.o
+
+# Damn damn damn. Apache inverts the module list. SSL must go first to fake
+# basic authorization. So, uncomment this line to add SSL.
+Module ssl_module apache_ssl.o
 
 ## Miscellaneous modules
 ##
diff -u -r ../apache_1.2.6/src/Makefile.tmpl ./src/Makefile.tmpl
--- ../apache_1.2.6/src/Makefile.tmpl	Fri Jan 30 09:13:46 1998
+++ ./src/Makefile.tmpl	Fri Apr 10 17:09:16 1998
@@ -11,12 +11,12 @@
 OBJS= alloc.o http_main.o http_core.o http_config.o http_request.o \
   http_log.o http_protocol.o rfc1413.o util.o util_script.o modules.o buff.o\
   md5c.o util_md5.o explain.o http_bprintf.o util_date.o util_snprintf.o\
+  gcacheclient.o gcachecommon.o\
   $(MODULES)
 
 .c.o:
-	$(CC) -c $(INCLUDES) $(CFLAGS) $(SPACER) $<
-
-all: @@Configuration@@ httpd
+	$(CC) -c $(INCLUDES) $(CFLAGS) $(SPACER) $(SSL_CFLAGS) $<
+all: @@Configuration@@ $(TARGET) gcache
 
 @@Configuration@@: Configuration.tmpl
 	@echo "@@Configuration@@ older than Configuration.tmpl, or doesn't exist."
@@ -28,15 +28,34 @@
 httpd: $(REGLIB) $(OBJS)
 	$(CC) $(LFLAGS)  -o httpd $(OBJS) $(REGLIB) $(LIBS)
 
+httpsd: $(REGLIB) $(OBJS)
+	$(CC) $(LFLAGS) -o httpsd $(OBJS) $(REGLIB) $(SSL_LIBS) $(LIBS)
+
+gcache.o gcachecommon.o gcacheclient.o apache_ssl.o: gcache.h
+
+gcache: gcache.o gcachecommon.o
+	$(CC) $(LFLAGS) -o gcache gcache.o gcachecommon.o $(LIBS)
+
+certificate:
+	$(SSL_APP_DIR)/ssleay req -config $(SSL_APP_DIR)/ssleay.cnf \
+	-new -x509 -nodes -out ../SSLconf/conf/httpsd.pem \
+	-keyout ../SSLconf/conf/httpsd.pem; \
+	ln -sf ../SSLconf/conf/httpsd.pem ../SSLconf/conf/`$(SSL_APP_DIR)/ssleay \
+	x509 -noout -hash < ../SSLconf/conf/httpsd.pem`.0
+
 regex/libregex.a:
 	(cd regex; $(MAKE) lib CC='$(CC)' AUX_CFLAGS='$(CFLAGS)' RANLIB='$(RANLIB)')
 
 modules/last-built:
 	(cd modules; \
-	$(MAKE) CC='$(CC)' AUX_CFLAGS='$(CFLAGS)' RANLIB='$(RANLIB)')
+	$(MAKE) CC=$(CC) AUX_CFLAGS='$(CFLAGS)' RANLIB='$(RANLIB)' \
+	SSL_BASE='$(SSL_BASE)' SSL_INCLUDE='$(SSL_INCLUDE)' \
+	SSL_CFLAGS='$(SSL_CFLAGS)' SSL_LIB_DIR='$(SSL_LIB_DIR)' \
+	SSL_LIBS='$(SSL_LIBS)' SSL_APP_DIR='$(SSL_APP_DIR)' \
+	)
 
 clean:
-	rm -f httpd *.o core
+	rm -f httpd httpsd *.o core
 	cd regex; $(MAKE) clean
 	cd modules; $(MAKE) clean
 
@@ -49,7 +68,7 @@
 
 # Work around broken compilers
 http_bprintf.o: http_bprintf.c
-	$(CC) -c $(INCLUDES) $(CFLAGS) $(BROKEN_BPRINTF_FLAGS) http_bprintf.c
+	$(CC) -c $(INCLUDES) $(CFLAGS) $(BROKEN_BPRINTF_FLAGS) $(SSL_CFLAGS) http_bprintf.c
 
 # We really don't expect end users to use this rule.  It works only with
 # gcc, and rebuilds Makefile.tmpl.  You have to re-run Configure after
@@ -66,6 +85,7 @@
 
 # DO NOT REMOVE
 alloc.o: alloc.c httpd.h conf.h alloc.h buff.h
+apache_ssl.o: apache_ssl.c httpd.h conf.h alloc.h buff.h
 buff.o: buff.c conf.h alloc.h buff.h
 explain.o: explain.c explain.h
 http_bprintf.o: http_bprintf.c conf.h alloc.h buff.h
diff -u -r ../apache_1.2.6/src/buff.c ./src/buff.c
--- ../apache_1.2.6/src/buff.c	Sat Feb  7 10:26:12 1998
+++ ./src/buff.c	Fri Mar 27 18:06:39 1998
@@ -147,6 +147,11 @@
     fb->fd = -1;
     fb->fd_in = -1;
 
+#ifdef APACHE_SSL
+    fb->ssl = NULL;
+    fb->szClientX509 = NULL;
+#endif
+
     return fb;
 }
 
@@ -329,6 +334,11 @@
 	}
     }
     do {
+#ifdef APACHE_SSL
+      if (fb->ssl)
+	rv = SSL_read(fb->ssl, buf, nbyte);
+      else
+#endif
 	rv = read( fb->fd_in, buf, nbyte );
     } while (rv == -1 && errno == EINTR && !(fb->flags & B_EOUT));
     return( rv );
@@ -626,7 +636,12 @@
 	return -1;
 
     while (nbyte > 0) {
-	i = write(fb->fd, buf, nbyte);
+#ifdef APACHE_SSL
+      if (fb->ssl)
+	i = SSL_write(fb->ssl, buf, nbyte);
+      else
+#endif
+	i = write(fb->fd, buf, nbyte );
 	if (i < 0) {
 	    if (errno != EAGAIN && errno != EINTR) {
 		doerror (fb, B_WR);
@@ -664,7 +679,13 @@
 	return -1;
 
     if (!(fb->flags & B_CHUNK)) {
-	do rv = write(fb->fd, buf, nbyte);
+	do
+#ifdef APACHE_SSL
+	    if(fb->ssl)
+		rv = SSL_write(fb->ssl, buf, nbyte);
+	    else
+#endif
+		rv = write(fb->fd, buf, nbyte);
 	while (rv == -1 && errno == EINTR && !(fb->flags & B_EOUT));
 	if (rv == -1) {
 	    if (errno != EAGAIN) {
@@ -677,7 +698,7 @@
 	return rv;
     }
 
-#ifdef NO_WRITEV
+#if defined(NO_WRITEV) || defined(APACHE_SSL)
     /* without writev() this has poor performance, too bad */
 
     ap_snprintf(chunksize, sizeof(chunksize), "%x\015\012", nbyte);
@@ -801,6 +822,11 @@
 	    break;
 	}
 	do {
+#ifdef APACHE_SSL
+	if(fb->ssl)
+	    i=SSL_write(fb->ssl, fb->outbase, fb->outcnt);
+	else
+#endif
 	    i = write(fb->fd, fb->outbase, fb->outcnt);
 	} while (i == -1 && errno == EINTR && !(fb->flags & B_EOUT));
 	if (i <= 0) {
@@ -871,6 +897,11 @@
     while (fb->outcnt > 0)
     {
 	do {
+#ifdef APACHE_SSL
+	if(fb->ssl)
+	    i = SSL_write(fb->ssl, fb->outbase, fb->outcnt);
+	else
+#endif
 	    i = write(fb->fd, fb->outbase, fb->outcnt);
 	} while ((i <= 0)
 	         && !(fb->flags & B_EOUT)
@@ -955,6 +986,13 @@
     fb->flags |= B_EOF | B_EOUT;
     fb->fd = -1;
     fb->fd_in = -1;
+
+#ifdef APACHE_SSL
+    if (fb->ssl) {
+	SSL_free(fb->ssl);
+	fb->ssl = NULL;
+    }
+#endif
 
     if (rc1 != 0) return rc1;
     else if (rc2 != 0) return rc2;
diff -u -r ../apache_1.2.6/src/buff.h ./src/buff.h
--- ../apache_1.2.6/src/buff.h	Sat Feb  7 10:12:20 1998
+++ ./src/buff.h	Fri Apr 10 16:24:47 1998
@@ -52,6 +52,11 @@
 
 #include <stdarg.h>
 
+#ifdef APACHE_SSL
+# include <stdio.h>
+# include <ssl.h>
+#endif
+
 /* Reading is buffered */
 #define B_RD     (1)
 /* Writing is buffered */
@@ -96,6 +101,13 @@
 /* could also put pointers to the basic I/O routines here */
     int fd;                /* the file descriptor */
     int fd_in;             /* input file descriptor, if different */
+
+#ifdef APACHE_SSL
+    /* Add some context for SSL */
+    SSL *ssl;
+    char *szClientX509;
+    int nVerifyError;
+#endif
 };
 
 /* Options to bset/getopt */
diff -u -r ../apache_1.2.6/src/http_config.c ./src/http_config.c
--- ../apache_1.2.6/src/http_config.c	Sun Feb  1 02:47:38 1998
+++ ./src/http_config.c	Fri Mar 27 18:06:39 1998
@@ -1058,7 +1058,11 @@
 {
     server_rec *s = (server_rec *)pcalloc (p, sizeof (server_rec));
 
+#ifdef APACHE_SSL
+    s->port=0;
+#else
     s->port = DEFAULT_PORT;
+#endif
     s->server_admin = DEFAULT_ADMIN;
     s->server_hostname = NULL; 
     s->error_fname = DEFAULT_ERRORLOG;
@@ -1096,6 +1100,8 @@
     process_resource_config (s, s->access_confname, p, ptemp);
     
     fixup_virtual_hosts (p, s);
+
+    default_server_hostnames(s);
     
     return s;
 }
diff -u -r ../apache_1.2.6/src/http_main.c ./src/http_main.c
--- ../apache_1.2.6/src/http_main.c	Tue Feb 17 01:45:58 1998
+++ ./src/http_main.c	Mon Apr  6 15:16:31 1998
@@ -1926,6 +1926,16 @@
 				       (struct sockaddr_in *)&sa_server,
 				       child_num);
 
+#ifdef APACHE_SSL
+	/* 
+	 * This returns false if the connection cannot be setup,
+	 * so maybe we should do something with this here...
+	 * however it also blocks the BUFF connections
+	 * so the next bit should fall out anyway!
+	 */
+	ApacheSSLSetupConnection(current_conn);
+#endif
+
         /*
          * Read and process each request found on our connection
          * until no requests are left or we decide to close.
@@ -2204,6 +2214,7 @@
 {
     struct sockaddr_in sa_server;
     int saved_sd;
+    static BOOL bFirst=TRUE;
     int remaining_children_to_start;
 
     standalone = 1;
@@ -2225,10 +2236,13 @@
 	    kill_cleanups_for_fd (pconf, scoreboard_fd);
 	}
 #endif
-	clear_pool (pconf);
-	ptrans = make_sub_pool (pconf);
+	if(!bFirst)
+	    {
+	    clear_pool (pconf);
+	    ptrans = make_sub_pool (pconf);
 
-	server_conf = read_config (pconf, ptrans, server_confname); 
+	    server_conf = read_config (pconf, ptrans, server_confname); 
+	    }
 
 	if (listeners == NULL) {
 	    if (!is_graceful) {
@@ -2263,7 +2277,21 @@
 	    sd = -1;
 	}
 
-	init_modules (pconf, server_conf);
+	if(!bFirst)
+	    init_modules (pconf, server_conf);
+	else
+	    bFirst=FALSE;
+	/* This just gets nastier and nastier, but I see little point in
+	   trying to fix it before 2.0. Ben 25/1/98
+	   BTW, the reason you have to do this is so that gcache is in the same
+	   process group as Apache, so it dies when we do.
+	   Hmmm ... so that means that log processes are not working right with
+	   Apache-SSL. Arggg. Need a better way to do this.
+	 */
+#ifdef APACHE_SSL
+	LaunchGlobalCache(pconf);
+#endif
+
 	open_logs (server_conf, pconf);
 	set_group_privs ();
 	accept_mutex_init (pconf);
@@ -2277,7 +2305,7 @@
 	}
 #endif
 
-	default_server_hostnames (server_conf);
+	/*	default_server_hostnames (server_conf);*/
 
 	set_signals ();
 	log_pid (pconf, pid_fname);
@@ -2492,7 +2520,7 @@
     init_modules (pconf, server_conf);
     
     if(standalone) {
-        clear_pool (pconf);	/* standalone_main rereads... */
+    /*        clear_pool (pconf);	/* standalone_main rereads... */
         standalone_main(argc, argv);
     }
     else {
diff -u -r ../apache_1.2.6/src/http_protocol.c ./src/http_protocol.c
--- ../apache_1.2.6/src/http_protocol.c	Tue Feb  3 09:53:49 1998
+++ ./src/http_protocol.c	Fri Mar 27 18:12:46 1998
@@ -556,8 +556,12 @@
   server_addr_rec * sar;
 
   /* This routine parses full URLs, if they match the server */
-  if (strncasecmp(uri, "http://", 7)) return uri;
-  name = pstrdup(r->pool, uri + 7);
+  char *method=http_method(r);
+  int mlen=strlen(method);
+
+  if(strncasecmp(uri,method,mlen) || strncmp(uri+mlen,"://",3))
+      return uri;
+  name = pstrdup(r->pool, uri + mlen+3);
   
   /* Find the hostname, assuming a valid request */
   i = ind(name, '/');
@@ -566,7 +570,7 @@
   /* Find the port */
   host = getword_nc(r->pool, &name, ':');
   if (*name) port = atoi(name);
-  else port = 80;
+  else port=default_port(r);
 
   /* Make sure ports patch */
   if (port != r->server->port) {
@@ -579,7 +583,7 @@
 
   /* Save it for later use */
   r->hostname = pstrdup(r->pool, host);
-  r->hostlen = 7 + i;
+  r->hostlen = mlen+3 + i;
 
   /* The easy cases first */
   if (!strcasecmp(host, r->server->server_hostname)) {
@@ -694,7 +698,7 @@
 {
   const char *hostname=r->hostname;
   char *host = getword(r->pool, &hostname, ':');	/* Get rid of port */
-  unsigned port = (*hostname) ? atoi(hostname) : 80;
+  unsigned port = (*hostname) ? atoi(hostname) : default_port(r);
   server_rec *s = r->server;
   server_addr_rec * sar;
   int l;
diff -u -r ../apache_1.2.6/src/httpd.h ./src/httpd.h
--- ../apache_1.2.6/src/httpd.h	Thu Feb 19 07:42:59 1998
+++ ./src/httpd.h	Fri Apr 10 15:59:30 1998
@@ -54,6 +54,11 @@
  * httpd.h: header for simple (ha! not anymore) http daemon
  */
 
+/* Needed all over the place */
+typedef unsigned int BOOL;
+#define TRUE 		1
+#define FALSE 		0
+
 /* Headers in which EVERYONE has an interest... */
 
 #include "conf.h"
@@ -99,9 +104,19 @@
  */
 
 
-/* -------------- Port number for server running standalone --------------- */
-
-#define DEFAULT_PORT 80
+/* -------------- Port number and protocol for server running standalone -- */
+#ifdef APACHE_SSL
+#define HTTP_PORT	80
+#define HTTPS_PORT	443
+#define default_port(r)		((r)->connection->client->ssl ? HTTPS_PORT : HTTP_PORT)
+#define is_default_port(port,r)	((port) == default_port(r))
+#define http_method(r)		((r)->connection->client->ssl ? "https" : "http")
+#else
+#define	DEFAULT_PORT	80
+#define	default_port(r)		DEFAULT_PORT
+#define is_default_port(port,r)	((port) == DEFAULT_PORT)
+#define http_method(r)	"http"
+#endif
 
 /* --------- Default user name and group name running standalone ---------- */
 /* --- These may be specified as numbers by placing a # before a number --- */
@@ -274,7 +289,11 @@
  * Example: "Apache/1.1.0 MrWidget/0.1-alpha" 
  */
 
+#ifdef APACHE_SSL
+#define SERVER_BASEVERSION "Apache/1.2.6 Ben-SSL/1.16" /* SEE COMMENTS ABOVE */
+#else
 #define SERVER_BASEVERSION "Apache/1.2.6" /* SEE COMMENTS ABOVE */
+#endif
 #ifdef SERVER_SUBVERSION
 #define SERVER_VERSION	SERVER_BASEVERSION " " SERVER_SUBVERSION
 #else
@@ -598,6 +617,11 @@
 #define DEFAULT_VHOST_ADDR 0xfffffffful
 
 typedef struct server_addr_rec server_addr_rec;
+
+#ifdef APACHE_SSL
+int ApacheSSLSetupConnection(conn_rec *conn);
+void LaunchGlobalCache(pool *pPool);
+#endif
 struct server_addr_rec {
     server_addr_rec *next;
     struct in_addr host_addr;	/* The bound address, for this server */
@@ -698,8 +722,8 @@
 char *os_escape_path(pool *p,const char *path,int partial);
 #define escape_uri(ppool,path) os_escape_path(ppool,path,1)
 extern char *escape_html(pool *p, const char *s);
-char *construct_server(pool *p, const char *hostname, unsigned port);
-char *construct_url (pool *p, const char *path, const server_rec *s);     
+char *construct_server(pool *p, const char *hostname, unsigned port, const request_rec *r);
+char *construct_url (pool *p, const char *path, const request_rec *r);
 char *escape_shell_cmd (pool *p, const char *s);
      
 int count_dirs(const char *path);
diff -u -r ../apache_1.2.6/src/md5.h ./src/md5.h
--- ../apache_1.2.6/src/md5.h	Wed Jan  1 18:10:23 1997
+++ ./src/md5.h	Fri Mar 27 18:06:40 1998
@@ -91,9 +91,9 @@
   UINT4 state[4];                                   /* state (ABCD) */
   UINT4 count[2];        /* number of bits, modulo 2^64 (lsb first) */
   unsigned char buffer[64];                         /* input buffer */
-} MD5_CTX;
+} APACHE_MD5_CTX;
 
-extern void MD5Init(MD5_CTX *context);
-extern void MD5Update(MD5_CTX *context, const unsigned char *input,
+extern void MD5Init(APACHE_MD5_CTX *context);
+extern void MD5Update(APACHE_MD5_CTX *context, const unsigned char *input,
 		      unsigned int inputLen);
-extern void MD5Final(unsigned char digest[16], MD5_CTX *context);
+extern void MD5Final(unsigned char digest[16], APACHE_MD5_CTX *context);
diff -u -r ../apache_1.2.6/src/md5c.c ./src/md5c.c
--- ../apache_1.2.6/src/md5c.c	Wed Jan  1 18:10:24 1997
+++ ./src/md5c.c	Fri Mar 27 18:06:40 1998
@@ -158,7 +158,7 @@
 /* MD5 initialization. Begins an MD5 operation, writing a new context.
  */
 void
-MD5Init(MD5_CTX *context)
+MD5Init(APACHE_MD5_CTX *context)
 {
     context->count[0] = context->count[1] = 0;
   /* Load magic initialization constants. */
@@ -173,7 +173,7 @@
   context.
  */
 void
-MD5Update(MD5_CTX *context, const unsigned char *input, unsigned int inputLen)
+MD5Update(APACHE_MD5_CTX *context, const unsigned char *input, unsigned int inputLen)
 {
     unsigned int i, index, partLen;
 
@@ -209,7 +209,7 @@
   the message digest and zeroizing the context.
  */
 void
-MD5Final(unsigned char digest[16], MD5_CTX *context)
+MD5Final(unsigned char digest[16], APACHE_MD5_CTX *context)
 {
     unsigned char bits[8];
     unsigned int index, padLen;
diff -u -r ../apache_1.2.6/src/mod_auth.c ./src/mod_auth.c
--- ../apache_1.2.6/src/mod_auth.c	Thu Apr 24 10:16:54 1997
+++ ./src/mod_auth.c	Fri Mar 27 18:06:40 1998
@@ -70,7 +70,13 @@
 #include "http_log.h"
 #include "http_protocol.h"
 #if defined(HAVE_CRYPT_H)
+#if defined(APACHE_SSL)
+#define des_encrypt	BASE_des_encrypt
 #include <crypt.h>
+#undef des_encrypt
+#else
+#include <crypt.h>
+#endif /* APACHE_SSL */
 #endif
 
 typedef struct auth_config_struct {
diff -u -r ../apache_1.2.6/src/mod_dir.c ./src/mod_dir.c
--- ../apache_1.2.6/src/mod_dir.c	Sun Feb  1 02:47:40 1998
+++ ./src/mod_dir.c	Fri Mar 27 18:06:41 1998
@@ -810,7 +810,7 @@
 			 "/", NULL);
 
 	table_set (r->headers_out, "Location",
-		   construct_url(r->pool, ifile, r->server)); 
+		   construct_url(r->pool, ifile, r)); 
 	return HTTP_MOVED_PERMANENTLY;
     }
 
diff -u -r ../apache_1.2.6/src/mod_imap.c ./src/mod_imap.c
--- ../apache_1.2.6/src/mod_imap.c	Fri Jan 30 09:14:05 1998
+++ ./src/mod_imap.c	Fri Mar 27 18:06:41 1998
@@ -382,7 +382,7 @@
     char *my_base;
 
     if (!strcasecmp(value, "map") || !strcasecmp(value, "menu")) {
-	return construct_url(r->pool, r->uri, r->server);
+	return construct_url(r->pool, r->uri, r);
     }
 
     if (!strcasecmp(value, "nocontent") || !strcasecmp(value, "error")) {
@@ -418,7 +418,7 @@
 	    return pstrdup(r->pool, value); /* no base: use what is given */
         }
 	/* no base, no value: pick a simple default */
-	return construct_url(r->pool, "/", r->server);
+	return construct_url(r->pool, "/", r);
     }
 
     /* must be a relative URL to be combined with base */
diff -u -r ../apache_1.2.6/src/mod_log_config.c ./src/mod_log_config.c
--- ../apache_1.2.6/src/mod_log_config.c	Sun May  4 20:47:47 1997
+++ ./src/mod_log_config.c	Fri Mar 27 18:06:41 1998
@@ -118,6 +118,15 @@
  * %...l:  remote logname (from identd, if supplied)
  * %...{Foobar}n:  The contents of note "Foobar" from another module.
  * %...{Foobar}o:  The contents of Foobar: header line(s) in the reply.
+ *
+ * Additional SSL directives:
+ *
+ * %...{cipher}c:  cipher used (SSL_get_cipher)
+ * %...{clientcert}c: client certificate information
+ * %...{errcode}c: X509 verify error code
+ * %...{errstr}c: X509 verify error string
+ * %...{version}c: SSL version (SSLeay 0.8.0 and above)
+ *
  * %...p:  the port the request was served to
  * %...P:  the process ID of the child that serviced the request.
  * %...r:  first line of request
@@ -162,6 +171,10 @@
 #include "http_config.h"
 #include "http_core.h" /* For REMOTE_NAME */
 
+#ifdef APACHE_SSL
+#include <crypto.h>
+#endif
+
 module config_log_module;
 
 static int xfer_flags = ( O_WRONLY | O_APPEND | O_CREAT );
@@ -340,6 +353,11 @@
     ap_snprintf(pidnum, sizeof(pidnum), "%ld", (long)getpid());
     return pstrdup(r->pool, pidnum);
 }
+
+#ifdef APACHE_SSL
+extern char *log_ssl_info(request_rec *r, char *a);
+#endif
+
 /*****************************************************************
  *
  * Parsing the log format string
@@ -367,6 +385,9 @@
     { 'v', log_virtual_host, 0 },
     { 'p', log_server_port, 0 },
     { 'P', log_child_pid, 0 },
+#ifdef APACHE_SSL
+    { 'c', log_ssl_info, 0 },
+#endif
     { '\0' }
 };
 
@@ -487,6 +508,53 @@
     return a;
 }
 
+#ifdef APACHE_SSL
+char *log_ssl_info(request_rec *r, char *a)
+    {
+    char str[MAX_STRING_LEN];
+
+    if(!r->connection->client->ssl)
+	return NULL;
+
+    if(!strcmp(a, "cipher"))
+	return SSL_get_cipher(r->connection->client->ssl);
+
+    if(!strcmp(a, "clientcert"))
+	return r->connection->client->szClientX509;
+
+    if(!strcmp(a, "errcode"))
+	if(r->connection->client->nVerifyError)
+	    {
+	    sprintf(str, "%d", r->connection->client->nVerifyError);
+	    return pstrdup(r->pool,str);
+	    }
+	else
+	    return NULL;
+
+    if(!strcmp(a, "errstr"))
+	if(r->connection->client->nVerifyError)
+#if SSLEAY_VERSION_NUMBER < 0x0800
+	    return X509_cert_verify_error_string(r->connection->client->nVerifyError);
+#else
+	    return X509_verify_cert_error_string(r->connection->client->nVerifyError);
+#endif
+	else
+	    return NULL;
+
+#if SSLEAY_VERSION_NUMBER >= 0x0800
+    if(!strcmp(a, "version"))
+	{
+	static char v[2];
+
+	v[0]='0'+r->connection->client->ssl->session->ssl_version;
+	v[1]='\0';
+	return v;
+	}
+#endif
+    
+    return NULL;
+}
+#endif
 /*****************************************************************
  *
  * Actually logging.
diff -u -r ../apache_1.2.6/src/mod_rewrite.c ./src/mod_rewrite.c
--- ../apache_1.2.6/src/mod_rewrite.c	Sat Feb 14 02:51:37 1998
+++ ./src/mod_rewrite.c	Fri Mar 27 18:06:41 1998
@@ -885,12 +885,7 @@
 
     /* add the canonical URI of this URL */
     thisserver = r->server->server_hostname;
-#ifdef APACHE_SSL
-    if (((!r->connection->client->ssl) && (r->server->port == DEFAULT_PORT)) ||
-         ((r->connection->client->ssl) && (r->server->port == 443)))
-#else
-    if (r->server->port == DEFAULT_PORT)
-#endif 
+    if(is_default_port(r->server->port,r))
         thisport = "";
     else {
         ap_snprintf(buf, sizeof(buf), ":%u", r->server->port);
@@ -1659,12 +1654,7 @@
                && !(strlen(r->filename) > 6 &&
                     strncasecmp(r->filename, "ftp://", 6) == 0)    ) {
 
-#ifdef APACHE_SSL
-                if ((!r->connection->client->ssl && r->server->port == DEFAULT_PORT) ||
-                    ( r->connection->client->ssl && r->server->port == 443)  )
-#else
-                if (r->server->port == DEFAULT_PORT)
-#endif
+	        if(is_default_port(r->server->port,r))
                     port[0] = '\0';
                 else 
                     ap_snprintf(port, sizeof(port), ":%u", r->server->port);
@@ -1912,7 +1902,7 @@
             EOS_PARANOIA(host);
             *cp = '/';
             /* set port */
-            port = DEFAULT_PORT;
+            port = default_port(r);
             /* set remaining url */
             url = cp;
         }
@@ -1921,7 +1911,7 @@
             strncpy(host, hostp, sizeof(host)-1);
             EOS_PARANOIA(host);
             /* set port */
-            port = DEFAULT_PORT;
+            port = default_port(r);
             /* set remaining url */
             url = "/";
         }
diff -u -r ../apache_1.2.6/src/modules/proxy/proxy_util.c ./src/modules/proxy/proxy_util.c
--- ../apache_1.2.6/src/modules/proxy/proxy_util.c	Fri Jan 30 09:14:28 1998
+++ ./src/modules/proxy/proxy_util.c	Fri Mar 27 18:06:42 1998
@@ -555,7 +555,7 @@
 void
 proxy_hash(const char *it, char *val,int ndepth,int nlength)
 {
-    MD5_CTX context;
+    APACHE_MD5_CTX context;
     unsigned char digest[16];
     char tmp[22];
     int i, k, d;
diff -u -r ../apache_1.2.6/src/util.c ./src/util.c
--- ../apache_1.2.6/src/util.c	Sun Feb  1 02:47:42 1998
+++ ./src/util.c	Fri Mar 27 18:06:42 1998
@@ -796,11 +796,12 @@
     else return OK;
 }
 
-char *construct_server(pool *p, const char *hostname, unsigned port) {
-    char portnum[22];		
+char *construct_server(pool *p, const char *hostname, unsigned port, const request_rec *r) {
+    char portnum[22];
 	/* Long enough, even if port > 16 bits for some reason */
+    server_rec *s=r->server;
   
-    if (port == DEFAULT_PORT)
+    if (is_default_port(port, r))
 	return (char *)hostname;
     else {
         ap_snprintf (portnum, sizeof(portnum), "%u", port);
@@ -808,9 +809,10 @@
     }
 }
 
-char *construct_url(pool *p, const char *uri, const server_rec *s) {
-    return pstrcat (p, "http://",
-		    construct_server(p, s->server_hostname, s->port),
+char *construct_url(pool *p, const char *uri, const request_rec *r) {
+    server_rec *s=r->server;
+    return pstrcat (p, http_method(r), "://",
+		    construct_server(p, s->server_hostname, s->port, r),
 		    uri, NULL);
 }
 
diff -u -r ../apache_1.2.6/src/util_md5.c ./src/util_md5.c
--- ../apache_1.2.6/src/util_md5.c	Wed Jan  1 18:10:46 1997
+++ ./src/util_md5.c	Fri Mar 27 18:06:42 1998
@@ -84,7 +84,7 @@
 
 char *md5 (pool *p, unsigned char *string)
 {
-    MD5_CTX my_md5;
+    APACHE_MD5_CTX my_md5;
     unsigned char hash[16];
     char *r, result[33];
     int i;
@@ -149,7 +149,7 @@
 static char basis_64[] =
    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
 
-char *md5contextTo64(pool *a, MD5_CTX *context)
+char *md5contextTo64(pool *a, APACHE_MD5_CTX *context)
 {
     unsigned char digest[18];
     char *encodedDigest;
@@ -176,7 +176,7 @@
 
 char *md5digest(pool *p, FILE *infile)
 {
-    MD5_CTX context;
+    APACHE_MD5_CTX context;
     unsigned char buf[1000];
     long length = 0;
     int nbytes;
diff -u -r ../apache_1.2.6/src/util_md5.h ./src/util_md5.h
--- ../apache_1.2.6/src/util_md5.h	Wed Jan  1 18:10:46 1997
+++ ./src/util_md5.h	Fri Mar 27 18:06:42 1998
@@ -53,6 +53,6 @@
 #include "md5.h"
 
 char *md5(pool *a, unsigned char *string);
-char *md5contextTo64(pool *p, MD5_CTX *context);
+char *md5contextTo64(pool *p, APACHE_MD5_CTX *context);
 char *md5digest(pool *p, FILE *infile);
 
