Ryan Bloom wrote:
>
> I would. But I have a very good reason. We already have the same
> basic idea, but done a bit safer. Basically, we have a log_error hook,
> but it is run at the end of log_error_core, so that we are sure that we
> always get the error in the error_log, even if we don't ge
Would anyone object to me committing this?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
Hi Ben,
I have a patch to httpd-2_0_18-alpha that does what I'm looking for.
Ryan Bloom wrote:
>
> I would. But I have a very good reason. We already have the same
> basic idea, but done a bit safer. Basically, we have a log_error hook,
> but it is run at the end of log_error_core, so that we are sure that we
> always get the error in the error_log, even if we don't ge
Ryan Bloom wrote:
>
> On Monday 27 August 2001 07:14, Ben Laurie wrote:
> > Ryan Bloom wrote:
> > > I would. But I have a very good reason. We already have the same
> > > basic idea, but done a bit safer. Basically, we have a log_error hook,
> > > but
Sander Striker wrote:
>
> Hi,
>
> I have a local test machine running now.
> subversion over http works as expected.
> https is broken. This is not on the svn
> side (I didn't get that far). mod_ssl
> is broken when it comes to configs such
> as these:
>
>
> SSLEngine on
>
> SSLCACe
To be completely accurate, the request is:
OPTIONS /svn HTTP/1.1
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
Doug MacEachern wrote:
>
> On Sun, 9 Sep 2001, Sander Striker wrote:
>
> mod_ssl is working fine here, passes all httpd-test tests (t/TEST -ssl)
> that includes perdir merging.
> are you up to date with httpd-2.0 from cvs?
Yes.
>
> > mod_ssl segfaults in ssl_config_perdir_merge:
> > Program r
[EMAIL PROTECTED] wrote:
>
> jim 02/05/02 06:28:46
>
> Modified:src/os/unix os.c
> Log:
> OK. This is admittedly anal. But the whole idea behind cpp macros
> is to avoid things like "we know NSLINKMODULE_OPTION_NONE is 0"
> and making such shortcuts as this. This makes it c
[EMAIL PROTECTED] wrote:
>
> jerenkrantz02/05/15 16:10:34
>
> Modified:modules/ssl mod_ssl.c mod_ssl.h ssl_engine_init.c
> ssl_engine_io.c ssl_engine_kernel.c
> ssl_engine_log.c ssl_engine_pphrase.c
> Log:
> Stop using SSL_ADD_SSLERR
Cliff Woolley wrote:
> On 23 May 2002, Jeff Trawick wrote:
>
>
>>Existing apachectl keywords are still supported for now (except for
>>some alternate spellings of "startssl" -- whats up with that stuff?).
>
>
> I always assumed it was for Apache-SSL compatibility. Ben?
Apache-SSL always has
Ryan Bloom wrote:
>>From: [EMAIL PROTECTED]
>
> [mailto:[EMAIL PROTECTED]]
>
>>Bill Stoddard wrote:
>>
>>
>>>This is a variation of the problem Aaron and I were interested in
>>
> with
>
>>CGI scripts (and
>>
>>>directly related to an open PR against 2.0.36). Unfortunately, I
>>
> think
>
>>f
Jeff Trawick wrote:
> Ben Laurie <[EMAIL PROTECTED]> writes:
>
>
>>Seems to me that you really want a apr_poll equivalent that works on
>>bucket brigades - that would make this clean, and could be quite
>>elegant (IMO).
>
>
> What seems useful (to me)
[EMAIL PROTECTED] wrote:
> jwoolley2002/05/31 00:43:22
>
> Modified:modules/test mod_bucketeer.c
> Log:
> we should be copying over all metadata buckets we don't understand, not
> just error buckets.
>
> Revision ChangesPath
> 1.12 +5 -4 httpd-2.0/modules/tes
Cliff Woolley wrote:
> On Mon, 3 Jun 2002, Ryan Bloom wrote:
>
>
>>I was actually just about to look at this problem if you are busy.
>
>
> Go for it... I'm working on something else.
Perhaps its just me, but I'm amused this is considered a bug.
Cheers,
Ben.
--
http://www.apache-ssl.org/b
Ryan Bloom wrote:
>>From: Ben Laurie [mailto:[EMAIL PROTECTED]]
>>
>>Cliff Woolley wrote:
>>
>>>On Mon, 3 Jun 2002, Ryan Bloom wrote:
>>>
>>>
>>>
>>>>I was actually just about to look at this problem if you are busy.
>>
[EMAIL PROTECTED] wrote:
> +return -1*mobj->priority;
Weirdo - why not just -mobj->priority?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert
[EMAIL PROTECTED] wrote:
> jim 2002/06/17 19:07:00
>
> Modified:src/ap ap_strtol.c
> Log:
> Just in case, handle LONG_* if limits doesn't have 'em
>
> Revision ChangesPath
> 1.4 +6 -0 apache-1.3/src/ap/ap_strtol.c
>
> Index: ap_strtol.c
>
Gabriel Ambuehl wrote:
> Hi Rasmus Lerdorf,
> you wrote.
>
> RL> libraries as well. We are going to have to fix a bunch of them and mutex
> RL> some others before Apache2 with a threaded MPM will be of any use with PHP
> RL> or mod_perl.
>
> Am I correct assuming that when they are mutex'ed tha
Rasmus Lerdorf wrote:
> That's just crap. I can say the same thing. PHP is threadsafe, it's not
> my responsibility that libxyz is not. Any Apache 2.0 module running under
> a threaded mpm linked against libxyz that contains non-threadsafe code is
> going to have exactly the same problem unless
Jim Jagielski wrote:
> [EMAIL PROTECTED] wrote:
>
>>I will make one exception to that statement. If it lands inside of
>>APR-util, under the XML directory, and it is made to work with the XML
>>parser, I can accept that landing spot. As it fits in closer with our
>>goals (I think). Jim, I can'
[EMAIL PROTECTED] wrote:
jerenkrantz2002/12/11 13:09:16
Modified:server Makefile.in
Log:
Take a stab at fixing the brokenness in our tree (grr!).
ls -1 is bound to be more portable than find -maxdepth, but I suspect it may
not be as portable as it really should.
man ls say
This patch removes some magic in request.c. I wrote it coz 2.0.28 didn't
actually work at all for me, coz the magic failed.
Somehow the magic was OK again in the snapshot I tried, but I consider
it a bad thing that it exists at all (btw, the whole directory walk I
find completely unreadable, I ou
[EMAIL PROTECTED] wrote:
>
> brianp 02/01/06 00:01:34
>
> Modified:modules/loggers mod_log_config.c
> Log:
> Bypass a strdup and an 8KB local variable in the common case where
> the logger is using the default time format
Does that really stop the stack space from being allocat
/advisory-20020301.txt
A mirror which definitely has the new version:
ftp://opensores.thebunker.net/pub/mirrors/apache-ssl/apache_1.3.22+ssl_1.46.tar.gz
Ben Laurie, March 1, 2002.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or ho
On 1 November 2014 at 09:05, Kaspar Brand wrote:
> On 30.10.2014 15:51, Jeff Trawick wrote:
>> IMO the present concerns with OCSP Stapling are:
>>
>> * not so clear that it has seen enough real-world testing; commented out
>> sample configs and better documentation will help, as will enabling by
>
On Sat, 5 Sep 2015 at 09:32 Kaspar Brand wrote:
> On 04.09.2015 17:54, Rob Stradling wrote:
> > Today, roughly 25% of HTTPS servers on the Internet have OCSP stapling
> > enabled. Browsers aren't likely to start hard-failing by default until
> > that % is a lot higher.
> >
> > The vast majority
Aaron Bannert wrote:
On Thu, Dec 11, 2003 at 01:50:46PM -0600, William A. Rowe, Jr. wrote:
But the 2.0 architecture is entirely different. We need a poll but it's not entirely
obvious where to put one...
One suggestion raised in a poll bucket: when a connection level filter cannot
read anything
[EMAIL PROTECTED] wrote:
nd 2003/12/14 10:16:50
Modified:src CHANGES
src/include ap_mmn.h httpd.h
src/main http_log.c util.c
Log:
SECURITY [CAN-2003-0020]: escape arbitrary data before writing into the
errorlog.
Index: http_log.c
==
Dirk-Willem van Gulik wrote:
Unless I missed something we nicely issue a nonce during digest auth
(based on r->request_time) - but when the reply comes in with an
(Proxy-)Authenticate header we use the nonce provided by the client; and
do not check if it was any where near reasonably likely that w
Dirk-Willem van Gulik wrote:
Right now we do not verify the nonce using in digest. This means that
an attacker can replay the response from another site or section
on the web site if
-> the users username+password is the same across the site.
-> the realm name is the same
Unfortunately that is
Dirk-Willem van Gulik wrote:
This doesn't appear to check that the timestamp is anywhere near now,
which would prevent same-site replays...
Correct - the trouble with timestap checks is that ?most/some? browsers
will NOT cache the password the user has entered; but the 'response' (i.e.
nonce+rea
Dirk-Willem van Gulik wrote:
On Thu, 18 Dec 2003, Greg Marr wrote:
Couldn't the new member be placed at the end of the request rec so
that it's only a minor bump?
Sure - does that work across all compilers ?
Yes.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.
bana-Champaign.
*/
/*
* See also support/check_forensic.
* Relate the forensic log to the transfer log by including
* %{forensic-id}n in the custom log format, for example:
* CustomLog logs/custom "%h %l %u %t \"%r\" %>s %b %{forensic-id}n"
* Ben Laurie 29/12/20
Jeff Trawick wrote:
Ben Laurie wrote:
One of the problems that crops up depressingly often is that someone
gets owned, and they can't find out why. This is generally because the
offending request didn't get logged, because the server died before it
logged it.
far more often th
Bill Stoddard wrote:
Ben Laurie wrote:
If it does nothing unless a file is specified, why not enable by default?
Like Jeff, I am more interested in this for debugging process crashes
that are not necessarily related to attacks. Might be useful to enable
this function by default in a mode where
Jeff Trawick wrote:
Ben Laurie wrote:
If it does nothing unless a file is specified, why not enable by default?
to avoid silent growth in the set of code built into somebody's
server... when does somebody have to add "--disable-foo" to create a
build compatible with what th
Colm MacCarthaigh wrote:
On Mon, Dec 29, 2003 at 01:39:28PM +, Ben Laurie wrote:
So, I've written a forensic logging module. What this does is log the
request as soon as all the headers have been read, then log again when
its complete. Any request that doesn't complete should
David Reid wrote:
Colm MacCarthaigh wrote:
On Mon, Dec 29, 2003 at 01:39:28PM +, Ben Laurie wrote:
So, I've written a forensic logging module. What this does is log the
request as soon as all the headers have been read, then log again when
its complete. Any request that doesn'
for example:
* CustomLog logs/custom "%h %l %u %t \"%r\" %>s %b %{forensic-id}n"
*
* Credit is due to Tina Bird <[EMAIL PROTECTED]>, whose
* idea this module was.
*
* Ben Laurie 29/12/2003
*/
#include "httpd.h"
#include "http_config.h&q
Bill Stoddard wrote:
Bill Stoddard wrote:
Ben Laurie wrote:
Bill Stoddard wrote:
Ben Laurie wrote:
If it does nothing unless a file is specified, why not enable by
default?
Like Jeff, I am more interested in this for debugging process
crashes that are not necessarily related to attacks
Colm MacCarthaigh wrote:
On Tue, Dec 30, 2003 at 11:49:37AM +, Ben Laurie wrote:
Could the forensic_id be tied in with mod_unique_id? It seems confusing
to have two different methods to generate unique id's for requests. Also
with unique_id, I can see it being useful to make CGI'
Sander Striker wrote:
On Tue, 2003-12-30 at 19:52, Ben Laurie wrote:
I realise that having the value of getpid() and time() to hand is useful
for forensic purposes, but a getpid():time():next_id++ will result in
duplicates accross even small clusters.
Ah, I see :-) does mod_unique_id handle that
[EMAIL PROTECTED] wrote:
nd 2004/01/01 05:26:26
Log:
update license to 2004.
Why? Unless the file changes in 2004, the copyright doesn't. And, in any
case, the earliest date applies, so it gets us nowhere.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunke
[EMAIL PROTECTED] wrote:
nd 2004/01/02 15:35:59
Modified:modules/loggers mod_log_forensic.c
Log:
prevent module from segfaulting when not configured.
Ooops, forgot to bring that forward from 1.3. Thanks.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.the
André Malo wrote:
* [EMAIL PROTECTED] wrote:
/* e is the first _invalid_ location in q
N.B. returns the terminating NUL.
*/
static char *log_escape(char *q, const char *e, const char *p)
{
for ( ; *p ; ++p) {
assert(q < e);
if (*p < ' ' || *p >= 0x7f || *p == '|' |
Joe Orton wrote:
On Sat, Jan 03, 2004 at 04:31:32PM -, [EMAIL PROTECTED] wrote:
ben 2004/01/03 08:31:32
Modified:server gen_test_char.c
Log:
Make forensic logging safe for POST data. The issue with strchr and NUL is
a red herring.
I don't think this is a safe change: 0 is
[EMAIL PROTECTED] wrote:
bnicholes2004/01/03 11:18:53
Modified:modules/loggers mod_log_forensic.c
Log:
Don't hardcode the location of the test_char.h header. The path should be added to
the INCLUDE path.
This patch is broken. Don't make me reverse it.
--
http://www.apache-ssl.org/
Brad Nicholes wrote:
Broken??? jorton already fixed up the INCLUDE path.
Ooops. Guess I screwed up, it didn't build for me. Try again. Sorry.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who
Jeff Trawick wrote:
See http://www.apache.org/~trawick/exception_hook_13.html
There is a small patch to Apache 1.3 required to make the sample modules
work. This is analogous to the toys using the Apache 2.1 exception hook
which are described at http://www.apache.org/~trawick/exception_hook.ht
Jeff Trawick wrote:
Ben Laurie wrote:
Jeff Trawick wrote:
See http://www.apache.org/~trawick/exception_hook_13.html
You should make the logged strings safe, like mod_log_forensic does,
and I think the format should be compatible (which means no space
after the colon).
Thanks for taking a
Colm MacCarthaigh wrote:
On Mon, Jan 26, 2004 at 06:28:03PM +, Colm MacCarthaigh wrote:
I'd love to find out what's causing your worker failures. Are you using
any thread-unsafe modules or libraries?
Not to my knowledge, I wasn't planning to do this till later, but
I've bumped to 2.1, I'll tr
[EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] wrote:
or Joshua's "virtual" keyword on , which I like better the
more I think about it.
ooops... s/Joshua/André/
but Joshua has excellent points about "virtualness" being a property of
the handler. Yes, the server-status handler should know that i
[EMAIL PROTECTED] wrote:
Ben Laurie wrote:
[EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] wrote:
or Joshua's "virtual" keyword on , which I like better
the more I think about it.
ooops... s/Joshua/André/
but Joshua has excellent points about "virtualness" being a
Jeff Trawick wrote:
Jim Jagielski wrote:
I'd like to float the idea of releasing 1.3.30 "soonish".
Not only are there enough changes to warrant a release, but
also to coincide with the changeover to AL 2.0.
one question: who would support putting the 1.3 versions of
mod_backtrace and mod_whatk
Roy T. Fielding wrote:
However I completely disagree that Python (or Perl or PHP) is
a good choice for use in build systems.
As part of the configure process, I would agree with you, but as part of
buildconf, I disagree--not everyone needs to run buildconf--only
developers, and if you're
Ghanta, Bose wrote:
Dear Ben and OpenSSL Team members,
Could you kindly answer the following question from one of my group
members? I very much appreciate it.
I was working on what I originally thought was a bug in our FTP client.
Your ftp site has a very long banner (due to the crypto warnin
[EMAIL PROTECTED] wrote:
jorton 2004/03/10 13:54:17
Modified:modules/ssl ssl_engine_log.c
Log:
* modules/ssl/ssl_engine_log.c (ssl_log_annotate, ssl_log_annotation,
ssl_log_ssl_error): const-ify annotation strings and simplify
ssl_log_annotation.
-static char *ssl_log_annotatio
Justin Erenkrantz wrote:
--On Sunday, March 14, 2004 11:18 PM -0600 "William A. Rowe, Jr."
<[EMAIL PROTECTED]> wrote:
as the GNU, ASF, and SF projects all discovered, full backups by third
parties are invaluable. What is the equivalent to rsync, and is it as
stable?
I think you mean cvsup not r
Justin Erenkrantz wrote:
--On Monday, March 15, 2004 10:52 AM + Ben Laurie
<[EMAIL PROTECTED]> wrote:
It is? How? Unless the committer signs (which ISTR was rejected as an
option
when I suggested it, so I'm assuming that doesn't happen), then they
must be
signed b
Justin Erenkrantz wrote:
--On Tuesday, March 16, 2004 5:27 PM + Ben Laurie
<[EMAIL PROTECTED]> wrote:
I don't see how this defends against a malicious user that has owned the
server for long enough for his changes to have been rsynced to the
"secure"
server?
Beca
William A. Rowe, Jr. wrote:
At 11:27 AM 3/16/2004, Ben Laurie wrote:
Justin Erenkrantz wrote:
--On Monday, March 15, 2004 10:52 AM + Ben Laurie <[EMAIL PROTECTED]> wrote:
It is? How? Unless the committer signs (which ISTR was rejected as an option
when I suggested it, so I'
Justin Erenkrantz wrote:
--On Tuesday, March 16, 2004 8:19 PM + Ben Laurie
<[EMAIL PROTECTED]> wrote:
c) You appear to be assuming daily snapshots maintained forever in your
story - if so, how do you deal with network problems and the like? How
can you tell a commit that didn't
Mathihalli, Madhusudan wrote:
Somehow the message just went to Sander !
-Madhu
-Original Message-
From: Mathihalli, Madhusudan
Sent: Friday, March 19, 2004 11:01 AM
To: 'Sander Striker'
Subject: RE: SEGV in allocator_free
-Original Message-
From: Sander Striker [mailto:[EMA
Bojan Smojver wrote:
On Thu, 2004-03-18 at 06:35, Greg Stein wrote:
hehe... it's probably because I sympathize. Back in '96, when I went to
work for Microsoft, I caught some heat from some random guy in the Python
community. When Guido replied with, effectively, "oh, shut the hell up.
Greg's cont
How come it wasn't in 2.0.49?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
Jeff Trawick wrote:
2) Get approval to commit to stable branch
(no attempt made IIRC; typical action is to propose a vote in STATUS
file of stable branch and await comments or votes)
Done! Votes please...
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to
Jeff Trawick wrote:
André Malo wrote:
* Jeff Trawick <[EMAIL PROTECTED]> wrote:
André Malo wrote:
* Jeff Trawick <[EMAIL PROTECTED]> wrote:
somehow I doubt there will be any problems at all getting it
approved, but
nobody acted as a champion thus far and asked for approval themselves
In
Jim Jagielski wrote:
On Apr 13, 2004, at 11:13 AM, Jim Jagielski wrote:
static const char *set_bs2000_account(cmd_parms *cmd, void *dummy, char
*name)
{
@@ -3395,6 +3446,9 @@
"An HTTP authorization type (e.g., \"Basic\")" },
{ "AuthName", set_authname, NULL, OR_AUTHCFG, TAKE1,
"The authen
Jeff Trawick wrote:
pid_t is long on Solaris
+1
Index: src/modules/standard/mod_log_forensic.c
===
RCS file: /home/cvs/apache-1.3/src/modules/standard/mod_lo
Will it be OK to do this?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.links.org/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
Plüm wrote:
> Please add it to the STATUS file of 2.2.x for voting.
Done.
>
> Regards
>
> Rüdiger
>
>> -Ursprüngliche Nachricht-
>> Von: Ben Laurie
>> Gesendet: Montag, 31. Juli 2006 16:13
>> An: Apache List
>> Betreff: Backport PCKS#7
Jeff Trawick wrote:
>> While this is probably a bad idea, I bet that if you could trick
>> ap_lingering_close() not to close your socket when the connection is
>> closed, you might be able to get away with this.
>>
>> The relevent line in server/connection.c:214 is:
>>
>> apr_socket_t *csd = ap_ge
[EMAIL PROTECTED] wrote:
> Marc M. Adkins wrote:
>
>> The ap_hook_handler() call
>> does not specify the handler key from the corresponding AddHandler
>> configuration directive. As a consequence, the specified handler
>> function
>> must look at and accept or decline each request.
>
>
>
Aaron Bannert wrote:
>> Who are the developers who could answer my "is this a race condition"
>> questions?
>
>
> Anyone on this list (or on the [EMAIL PROTECTED] list). If you think
> you've found a race condition, please just post it to the appropriate
> list so that we can all discuss it. Any
objectworlds wrote:
>
> Does Apache have a postal address in the UK ?
No.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
William A. Rowe, Jr. wrote:
>>All this shows that running UDP in Apache can make sense, and I tried
>>to get some attention about it one year ago.. But somehow everybody
>>thought that UDP inside Apache can be used only for HTTP-over-UDP,
>>which is indeed controversial.. I hope that full UDP-suppo
Thom May wrote:
> Hi folks,
> so it seems that ProxyPass operation has been broken since at least 1.3.9;
> we're currently firefighting our way through the list of debian bugs and
> found http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=57316 - ProxyPass to
> ftp urls causes apache to segfault.
>
Joe Orton wrote:
> This adds an optional hook so that modules can put their own status
> information in the server-status page when mod_status is loaded.
> (mod_ssl has code which can use this to output session cache status).
> Any objections?
>
> * mod_status.h: New file.
>
> * mod_status.c:
William A. Rowe, Jr. wrote:
> At 10:44 PM 7/31/2003, Mahadevan R wrote:
>
>
>>While trying to write an Apache2 module in C++, I found that in the command table,
>>AP_INIT_TAKE1 has to be used like this:
>>
>>AP_INIT_TAKE1( "Directive", (cmd_func) drctv_handler, NULL, OR_ALL, "help string")
>>
>
Ranier Vilela wrote:
> Sorry, the mpm_common.c.diff was empty.
>
>
>
>
> --- mpm_common.c 2003-08-31 06:06:25.0 -0300
> +++ mpm_common_old.c 2003-08-31 05:57:14.0 -0300
> @@ -808,7 +808,7 @@
>
>
[EMAIL PROTECTED] wrote:
> martin 2003/09/08 04:03:40
>
> Modified:.KEYS
> Log:
> Add my 768/FDE534D1 key
That's a little weak, isn't it?
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go i
Cliff Woolley wrote:
> Noel and I had a little discussion just now on IRC about hook ordering and
> the fact that in 2.0 we have made the admin's life a little harder by
> hard-coding the ordering of certain modules (eg mod_dav vs mod_jk2).
>
> Basically the problem is that a completely automatic
Cliff Woolley wrote:
> On Fri, 17 Oct 2003, Ben Laurie wrote:
>
>
>>> For this one, it looks like we might need a way to keep track at a
>>>global scope what hooks there are. Right now, the only list of hooks is
>>>static to the file the hooks were
Greg Stein wrote:
> On Fri, Oct 31, 2003 at 10:12:56PM +0100, Sander Striker wrote:
>
>>>From: Brad Nicholes [mailto:[EMAIL PROTECTED]
>>>Sent: Friday, October 31, 2003 9:53 PM
>>
>>> So what is the best way to resolve this? Currently NetWare won't
>>>build. It throws a compiler error in Metr
Jeff Trawick wrote:
> Piras Velandai Thiyagarajan wrote:
>> To better serve the Apache user community for easy integration, it
>> would be nice if during configure compilation option,
>> --with-mod-sun-plugin, that way just be simple effect of compilation,
>> the customers get what they want.
>
>
Astrid Keßler wrote:
>>I was just asked again by a user about the load order of modules.
>>While it seems that it is now with Apache2 less important, and also
>>ClearModuleList and AddModule are removed now with Apache2, I think it
>>is at least still important for auth modules. So I searched the
Jeff Trawick wrote:
> ranier wrote:
>
>> --- sdbm-old.c2003-07-08 19:55:04.0 -0300
>> +++ sdbm.c2003-07-08 19:57:52.0 -0300
>> @@ -495,7 +495,7 @@
>> while (dbit < db->maxbno && getdbit(db, dbit))
>> dbit = 2 * dbit + ((hash & (1 << hbit++)) ? 2 : 1);
>>
>> -
David Reid wrote:
Joe Orton wrote:
On Fri, Aug 05, 2005 at 08:00:01PM +0200, Martin Kraemer wrote:
On Tue, Aug 02, 2005 at 07:14:10PM +0200, Martin Kraemer wrote:
I wanted something like
SSLRequire "committers" in SSLPeerExtList("1.3.6.1.4.1.18060.1");
to mean "at least one extension wi
Nick Kew wrote:
> We have grown accustomed to two separate trust mechanisms
> on the 'net; server certs signed by some authority, or the PGP
> web of trust.
>
> I would like to be able to use PGP trust over the web. That would
> mean (something like) installing a certificate on the server, and
>
William A. Rowe, Jr. wrote:
> [EMAIL PROTECTED] wrote:
>> Author: ben
>> Date: Sat Jul 22 07:27:43 2006
>> New Revision: 424584
>>
>> URL: http://svn.apache.org/viewvc?rev=424584&view=rev
>> Log:
>> Add PKCS#7 support.
>>
>> Modified:
>> httpd/httpd/branches/2.2.x/modules/ssl/mod_ssl.c
>> h
Joe Orton wrote:
> On Sat, Jul 22, 2006 at 02:27:44PM -, [EMAIL PROTECTED] wrote:
>> Author: ben
>> Date: Sat Jul 22 07:27:43 2006
>> New Revision: 424584
>>
>> URL: http://svn.apache.org/viewvc?rev=424584&view=rev
>> Log:
>> Add PKCS#7 support.
>
> -1. We've had an RTC policy on the stable b
Ruediger Pluem wrote:
>
> On 07/23/2006 02:10 PM, Ben Laurie wrote:
>> Joe Orton wrote:
>
>>
>>> - use APR apr_file_* not ANSI C fopen,
>>
>> I need a FILE *.
>
> Maybe you could use BIO_new_file / PEM_read_bio_PKCS7 as it is done in simil
William A. Rowe, Jr. wrote:
> Ben Laurie wrote:
>> Ruediger Pluem wrote:
>>> On 07/23/2006 02:10 PM, Ben Laurie wrote:
>>>>>
>>>>> [Sun Jul 23 10:25:14 2006] [info] Loading certificate & private key
>>>>> of SSL-aware server
>
Justin Erenkrantz wrote:
On Sat, 11 Dec 2004, Dirk-Willem van Gulik wrote:
Sounds a lot more feasible than travelling to .us for a hack.
But I'm wondering what this actually achieves? Sure, it gets people
to focus on Getting Things Done, but a *scheduled* IRC+pastebin-based
hackathon could do that
William A. Rowe, Jr. wrote:
At 06:19 AM 12/11/2004, Dirk-Willem van Gulik wrote:
On Fri, 10 Dec 2004, Justin Erenkrantz wrote:
During ApacheCon, a number of us had talked about holding more frequent
face-to-face meetings (or summits or whatever). Fred is willing to find a
place for us at Apple w
Enrico Weigelt wrote:
* William A. Rowe, Jr. <[EMAIL PROTECTED]> wrote:
http://www.ietf.org/rfc/rfc2817.txt
spells out methods that the server can -insist- that an upgraded
connection is used, and the client can instigate an upgraded
connection as well even if the server doesn't require it.
But un
Jim Jagielski wrote:
I'm currently working on code that extended the lb method
within the 2.1/2.2 proxy from what is basically a
weighted request count to also be a weighted
traffic count (as measured by bytes transferred)
and a weighted "load" count (as measured by response
time). The former is fu
Justin Erenkrantz wrote:
--On Saturday, January 8, 2005 10:43 PM + Ben Laurie
<[EMAIL PROTECTED]> wrote:
Errr... mod_backhand?
mod_backhand doesn't support Apache 2.x:
<http://www.backhand.org/mod_backhand/FAQ.shtml#question0>
Port it?
--
http://www.apache-ssl.org/be
Joe Orton wrote:
On Wed, Feb 02, 2005 at 11:09:47AM +, David Reid wrote:
Joe Orton wrote:
On Wed, Feb 02, 2005 at 10:17:04AM +, David Reid wrote:
Basically this allows us to gain access to the actual cert structure.
I don't like the idea of exposing the X509 * directly especially not
thro
Sarat S wrote:
Hi,
I apologize if this topic is not relevant to this forum. Please direct
me to the suitable list.
I'm working on a project that aims at augmenting the Apache Web Server
with Audit capability compatible with an audit-enabled operating
system(Mac OS X,Free BSD etc).
What is an "audit
1 - 100 of 140 matches
Mail list logo