Hi,
flood_farm.c contains these lines for almost 9 years (since Revision 89675):
#if 0 /* this gets uncommented after apr_thread_exit() fixes are commited */
apr_thread_exit(thd, APR_SUCCESS);
#endif
Are those fixes committed now?
I mean is the apr_thread_exit to be called now or are those
On Tue, May 25, 2010 at 03:49:33AM +, Philip M. Gollucci wrote:
Is there any easy way to run this for 2.0.x ?
The test suite should run for 2.0 just the same as for 2.2, though there
may be many more test failures. Is it broken?
Regards, Joe
Adam Hasselbalch Hansen wrote:
We have a setup that uses an in-house module which works not entirely
unlike mod_vhost_alias, in that it has a single virtual host configured,
and then determines stuff like domain name, docroot, etc, from the request.
We'd love to be able to use SSL in this
You are assuming that the domain name will be in the SSL handshake.
While it will be, in many cases, a very large number of browsers won't
send it. In particular, Internet Explorer running on Windows XP does
not support SNI. For more information, have a look at:
On Tue, May 25, 2010 at 3:50 AM, Joe Orton jor...@redhat.com wrote:
On Tue, May 25, 2010 at 03:49:33AM +, Philip M. Gollucci wrote:
Is there any easy way to run this for 2.0.x ?
The test suite should run for 2.0 just the same as for 2.2, though there
may be many more test failures. Is it
Ivan Ristic wrote:
You are assuming that the domain name will be in the SSL handshake.
While it will be, in many cases, a very large number of browsers won't
send it. In particular, Internet Explorer running on Windows XP does
not support SNI. For more information, have a look at:
I'd like to drop support for versions of OpenSSL older than 1.0 in the
trunk mod_ssl. We have 200+ lines of compat macro junk and still six
different compiler warnings remain in a trunk build against 1.0.0.
pro: simplify code: remove ssl_toolkit_compat.h and all compat macro
mess which
On Tue, May 25, 2010 at 7:05 AM, Adam Hasselbalch Hansen a...@one.com wrote:
So what I'm attempting to get feedback on is whether or not it will be
possible or even feasible to move certificate loading (as in the actual
reading of certificate files) from startup time to request time, and if so,
On 25/05/2010 13:45, Joe Orton wrote:
I'd like to drop support for versions of OpenSSL older than 1.0 in the
trunk mod_ssl. We have 200+ lines of compat macro junk and still six
different compiler warnings remain in a trunk build against 1.0.0.
pro: simplify code: remove
-Original Message-
From: Joe Orton
Sent: Dienstag, 25. Mai 2010 14:46
To: dev@httpd.apache.org
Subject: RFC: drop support for OpenSSL 1.0 in trunk/2.3?
I'd like to drop support for versions of OpenSSL older than
1.0 in the
trunk mod_ssl. We have 200+ lines of compat macro
On Tue, May 25, 2010 at 8:45 AM, Joe Orton jor...@redhat.com wrote:
I'd like to drop support for versions of OpenSSL older than 1.0 in the
trunk mod_ssl. We have 200+ lines of compat macro junk and still six
different compiler warnings remain in a trunk build against 1.0.0.
pro: simplify
On Tue, May 25, 2010 at 9:03 AM, Dr Stephen Henson
shen...@oss-institute.org wrote:
On 25/05/2010 13:45, Joe Orton wrote:
con: means FIPS 140-2 support would be dropped too. FIPS 140-2 is not
supported
in 1.0.0, only 0.9.8 (well 0.9.7 too but we recommend everyone use the 1.2
module with
Loading processing server certificates, keys, trust chains, and CRLs
Request time doesn't make sense to me, unless it's implemented as a
one-time cost for the first use of a dynamic virtual host. Are these
virtual hosts truly dynamic? It seems that there would have to be some
a priori knowledge
On Tuesday 25 May 2010, Plüm, Rüdiger, VF-Group wrote:
While the pros sound promising this is a real strong con.
Especially as this would mean that 2.4 would not work with OpenSSL
1.0. The problem I see is that if you want to use other OS
provided libraries like openldap they have
14 matches
Mail list logo
