There is a memory leak in mod_ssl-2.8.11-1.3.27 when client-authentication
is used. The peer certificates are leaked - as much as 3-4K per request.
I am enclosing a description of the memory leak, and a suggested patch to
mod_ssl-2.8.11-1.3.27 to fix it. I'd appreciate if it (or some variant of
th
Browsers cache the username/password and should continue to allow access
until they are restarted -- at least all that I've used do. It is not
controlled by a setting on the server as they are cached and controlled
client-side.
Jamie Furtner
-Original Message-
From: Ron McKeever [mailto:r
Hello
I have an Apache/1.3.27/mod_ssl/2.8.12/OpenSSL/0.9.6e/Solaris 8 system.
I wanted to use .htaccess without the file .htaccess. SO I found the option to
use SSLFakeBasicAuth in the httpd.conf file. It works and asks for my login.
My question is what is the timeout after asking for the SSLFa
On Friday 25 Oct 2002 2:01 pm, I wrote:
> Anyway, if you get the Apache2 source code, (a tarball from the horse's
> mouth mouth, or via source RPMs from Redhat or elsewhere), then you
^^^
I am reminded from time to time that perhaps "vi" might not, after all,
be as appropriate for quick
Hi,
On Friday 25 Oct 2002 1:30 pm, Mike Pacheco wrote:
> Hi All,
>
> Been on the mod_ssl site from top to bottom and I can not find mod_ssl
> for apache 2.0.40 - I do a custom install of RedHat 8.0 - pick httpd
> and mod_ssl and then query the installed packages after it finishes and
> I test apac
Hi All,
Been on the mod_ssl site from top to bottom and I can not find mod_ssl for
apache 2.0.40 - I do a custom install of RedHat 8.0 - pick httpd and mod_ssl
and then query the installed packages after it finishes and I test apache
with ssl successfully and I get:
rpm -q mod_ssl = mod_ssl-2.0.4
When I try to access port 443 I get a session where it informs you that you
are accessing
a secure document . and then it prompts you for the pass phrase. I have
accessed secure servers before
and although the browser informs you tha you are accessing a secure document
you do not
have to enga