On Mon, Sep 10, 2007, Ralf S. Engelschall wrote:
Apache 1.3.39 was released recently.
An updated mod_ssl 2.8.29 for Apache 1.3.39 is now available, too.
Find it on: http://www.modssl.org/
Unfortunately, there was a bug in the auto-generated patch caused by a
changed amount of patch hunks
Apache 1.3.39 was released recently.
An updated mod_ssl 2.8.29 for Apache 1.3.39 is now available, too.
Find it on: http://www.modssl.org/
Ralf S. Engelschall
[EMAIL PROTECTED
Apache 1.3.37 was released because of security issues.
Find a corresponding mod_ssl 2.8.28-1.3.37 at modssl.org now, too.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
Today Apache 1.3.36 was released.
An updated mod_ssl 2.8.27 for Apache 1.3.36 is now available, too.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
in the ssl_hook_CloseConnection()
function which comes after your ssl_hook_LogRequest() anyway. Do I
understand correctly: under Win32 the r-pool is cleaned up _before_
ssl_hook_CloseConnection() is called?
Ralf S. Engelschall
mod_ssl 2.8.26 for Apache 1.3.35 is now available:
o http://www.modssl.org/source/
o ftp://ftp.modssl.org/source/
Yours,
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
Apache 1.3.34 was released, so I've upgraded mod_ssl to apply cleanly to
this Apache version. No other changes. Fetch mod_ssl 2.8.25-1.3.34 from
the usual locations:
o http://www.modssl.org/source/
o ftp://ftp.modssl.org/source/
Yours,
Ralf S. Engelschall
:
o http://www.modssl.org/source/
o ftp://ftp.modssl.org/source/
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
2.8.23 I've now adjusted the two calls to
ap_call_close_connection_hook() to occur _after_ the ap_bsetflag() call.
Thanks for your feedback.
Ralf S. Engelschall
[EMAIL PROTECTED
/
Yours,
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
Changes with mod_ssl 2.8.23 (30-Oct-2004 to 06-Jul-2005)
*) Ported to OpenSSL 0.9.8
*) Fixed connection
in ssl_util_ssl.h without recognizing this. I'll use the following now:
-#if SSL_LIBRARY_VERSION 0x00906100
+#if SSL_LIBRARY_VERSION 0x00906000
Thanks for the hint.
Ralf S. Engelschall
[EMAIL PROTECTED
Apache 1.3.32's mod_ssl 2.8.21 still works fine for Apache 1.3.33.
Nevertheless I've rolled a new patch-adjusted version mod_ssl 2.8.22
which fits 1:1 for Apache 1.3.33.
Ralf S. Engelschall
[EMAIL PROTECTED
Apache 1.3.32 was released. Although mod_ssl 2.8.20-1.3.31 both applies
and works fine with Apache 1.3.32 I've upgraded mod_ssl to this new
Apache version and released the results as mod_ssl 2.8.21-1.3.32.
Ralf S. Engelschall
Prompted by a security issue (see below), mod_ssl 2.8.20 for Apache
1.3.31 was released today. You can get it at the usual location:
o http://www.modssl.org/source/
o ftp://ftp.modssl.org/source/
Yours,
Ralf S. Engelschall
Prompted by a security issue (see below), mod_ssl 2.8.20 for Apache
1.3.31 was released today. You can get it at the usual location:
o http://www.modssl.org/source/
o ftp://ftp.modssl.org/source/
Yours,
Ralf S. Engelschall
In article [EMAIL PROTECTED] you wrote:
Ralf S. Engelschall wrote:
Yes, although they are not security related, they could crash the
server, too. So we should fix those formatting bugs, too. A little bit
of extra casting might be required, I think. I've now committed to my
CVS
)));
/*
* return 0 which means to OpenSSL that the pNew is still
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl
:
o http://www.modssl.org/source/
o ftp://ftp.modssl.org/source/
Yours,
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
On Fri, May 14, 2004, a k wrote:
Did you add my eintr fix ?
[...]
Ops, I seem to have overlooked this.
I'll include this into mod_ssl 2.8.18.
Thanks.
Ralf S. Engelschall
[EMAIL PROTECTED
A security issue was discovered.
It is now fixed with mod_ssl 2.8.18.
Please upgrade your installations ASAP.
o http://www.modssl.org/source/
o ftp://ftp.modssl.org/source/
Ralf S. Engelschall
[EMAIL PROTECTED
/
Yours,
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
Changes with mod_ssl 2.8.17 (01-Nov-2003 to 11-May-2004)
*) Upgraded to Apache 1.3.31
*) Log the OpenSSL
and I will try to remove all of them from the list
manually.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
pending in my maintainance queue (see CHANGES entries below).
Fetch mod_ssl 2.8.16 from:
o http://www.modssl.org/source/
o ftp://ftp.modssl.org/source/
Yours,
Ralf S. Engelschall
[EMAIL PROTECTED
. I've
already upgraded mod_ssl to Apache 1.3.29, but I've still to include
some other fixes. But 2.8.15 works fine with Apache 1.3.29, so no need
to hurry here...
Ralf S. Engelschall
[EMAIL PROTECTED
,
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User
.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing
On Fri, Mar 21, 2003, Joe Orton wrote:
On Fri, Mar 21, 2003 at 12:30:36PM +0100, Ralf S. Engelschall wrote:
-if ((xs = SSL_get_certificate(ssl)) != NULL)
+if ((xs = SSL_get_certificate(ssl)) != NULL) {
result = ssl_var_lookup_ssl_cert(p, xs, var+7
On Fri, Mar 21, 2003, Ralf S. Engelschall wrote:
I can see the same segmentation fault :
[...]
Ok, can the people who are able to reproduce the segfault problem,
please apply the following patch, retry it and give feedback? I think
these two bugfixes should fix the problem now. If yes, I'll
/source/
o ftp://ftp.modssl.org/source/
Yours,
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
Changes with mod_ssl 2.8.14 (18-Mar-2002 to 21-Mar-2003)
*) Fixed logic
Another maintainance release of mod_ssl 2.8 for Apache 1.3 delivers to
you mod_ssl 2.8.13 for Apache 1.3.27. Changes are listed below. Grab it
from the following locations:
o http://www.modssl.org/source/
o ftp://ftp.modssl.org/source/
Yours,
Ralf S
Just for your information: the Apache mod_ssl project environment was
migrated to a new location. In case of any problems, contact me.
Ralf S. Engelschall
[EMAIL PROTECTED
On Sun, Dec 15, 2002, Mads Toftum wrote:
On Sun, Dec 15, 2002 at 09:41:11AM +0100, Ralf S. Engelschall wrote:
Just for your information: the Apache mod_ssl project environment was
migrated to a new location. In case of any problems, contact me.
It seems that cvs is broken - http
updates, thus modssl is now moving entirely into the source for apache
2.0?
Err... mod_ssl already _IS_ included in the official Apache 2 source tree...
Ralf S. Engelschall
[EMAIL PROTECTED
Because of a found Cross-Side-Scripting (XSS) bug in mod_ssl, the fixed
maintainance version mod_ssl 2.8.12 is available for use with Apache
1.3.27.
http://www.modssl.org/source/
ftp://ftp.modssl.org/source/
Ralf S. Engelschall
Because of a found Cross-Side-Scripting (XSS) bug in mod_ssl, the fixed
maintainance version mod_ssl 2.8.12 is available for use with Apache
1.3.27.
http://www.modssl.org/source/
ftp://ftp.modssl.org/source/
Ralf S. Engelschall
/
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
Changes with mod_ssl 2.8.11 (24-Jun-2002 to 04-Oct-2002)
*) Upgraded to Apache 1.3.27.
*) Fixed internal error handling for CRL verification
Another bugfixing round in the maintainance of mod_ssl 2.8 for Apache 1.3.
Fetch it and upgrade from:
o http://www.modssl.org/source/
o ftp://ftp.modssl.org/source/
Yours,
Ralf S. Engelschall
[EMAIL PROTECTED
On demand by the release of Apache 1.3.26 I've made available
mod_ssl 2.8.9. The details are appended below.
Fetch it from:
o http://www.modssl.org/source/
o ftp://ftp.modssl.org/source/
Yours,
Ralf S. Engelschall
way shortly, but was
looking for something in the meantime to close up any possible problems.
mod_ssl 2.8.9 will be released within a few hours. Just be patient, please.
Ralf S. Engelschall
[EMAIL PROTECTED
questions might be rejected if the question cannot be
answered in a reasonable short time.
Thanks for your understanding.
Yours,
Ralf S. Engelschall
[EMAIL PROTECTED
.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support
://ftp.modssl.org/source/
Yours,
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
Changes with mod_ssl 2.8.8 (23-Feb-2002 to 27-Mar-2002)
*) Upgraded to Apache 1.3.24
In article [EMAIL PROTECTED] you wrote:
Just wanted to know if there's a mod_ssl version for apache 1.3.24?
Since the current version will not compile with apache 1.3.24.
Will be released within the next 48 hours.
Ralf S. Engelschall
,
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
Changes with mod_ssl 2.8.7 (01-Feb-2002 to 23-Feb-2002)
*) Support for the latest OpenSSL 0.9.7 snapshots.
*) Fixed potential buffer
the RedirectMatch only into the VirtualHost of
the HTTP-only virtual server or (in case you do it globally) you have to
use a RewriteRule with a RewriteCond which checks the %{HTTPS} variable
to avoid looping.
Ralf S. Engelschall
certificate is also important and required for the secure
exchange of the crytography parameters of SSL/TLS. Without this, the
client and server would not be able to securely exchange the necessary
symmetric encryption parameters.
Ralf S. Engelschall
In article [EMAIL PROTECTED] you wrote:
When is planned the final release ?
For today.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
mod_ssl 2.8.6 for Apache 1.3.23 is now available.
The corresponding CHANGES entries are appended.
You can fetch it from:
o http://www.modssl.org/source/
o ftp://ftp.modssl.org/source/
Yours,
Ralf S. Engelschall
On Mon, Jan 28, 2002, Ralf S. Engelschall wrote:
[...]
And, the mod_ssl I get from CVS is for 1.3.20, which is *less* than the
one that is downloadable already built for 1.3.22, shooting holes in my
initial theory that going to the CVS was even getting me closer to now...
Ops, my
cronjob was broken which updated the CVS copy
from my master machine. Now fixed.
For Apache 1.3.23: Expect an mod_ssl update for 1.3.23 within the next
days.
Ralf S. Engelschall
[EMAIL PROTECTED
.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support
and visit our
project site at http://www.openpkg.org/. Thanks for listening and...
happy packaging! Oh, and we have also packaged OpenSSL and Apache+modssl
in OpenPKG, of course ;)
Yours,
Ralf S. Engelschall
[EMAIL PROTECTED
your private key.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL
.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl
. Oh, and can you also show us the output
of gcc -v and uname -a?
On one of my Solaris 2.8 boxes on SPARC I see a fine checking for
shared memory maximum segment size... 64MB (soft limit) so it certainly
is not a problem in general with Solaris 2.8.
Ralf S
Now available: mod_ssl 2.8.3 for Apache 1.3.19.
Just the usual amount of cleanups and bugfixes
(see CHANGES entries below).
Grab it from:
o http://www.modssl.org/source/
o ftp://ftp.modssl.org/source/
Yours,
Ralf S. Engelschall
strongly recommend) use the current Apache 1.3.12 and
mod_ssl 2.6.4 version.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
the word. Now fixed for 2.8.3
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl)
On Tue, Apr 03, 2001, Ralf S. Engelschall wrote:
I'm now leaving for attending ApacheCon 2001 in Santa Clara, CA.
For the modssl-user's who also attend ApacheCon: freel free to
share our interest by visiting our talk W24 on Wednesday evening.
For those of us who are not attending ApacheCon
h 2.8.2.
I guess you are looking at an older version, right?
Please use the latest one.
Ralf S. Engelschall
[EMAIL PROTECTED]
/apachecon2001/ and at least watch the
presentation's slide-set.
cu@ApacheCon!
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
logfile say?
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl
, then I'll try to add another slide, dedicated to the session caching
variants
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
#endif
if ((err = ap_check_cmd_context(cmd, GLOBAL_ONLY)) != NULL)
return err;
if (strcEQ(arg, "builtin")) {
Ralf S. Engelschall
[EMAIL PROTECTED]
ays what the problem is. Make sure the module which implements
"LoadModule" is present. In your case, this is mod_so and can be enabled
with --enable-module=so on the APACI command line while building Apache.
Ralf S. Engelschall
;)
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl
r
feedback.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSS
/
o ftp://ftp.modssl.org/source/
Yours,
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
Changes with mod_ssl 2.8.2 (03-Mar-2001 to 30-Mar-2001)
*) Moved the Shared
.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing
with HTTPS to a port where only HTTP is spoken.
Check your server configuration, it's certainly a configure error.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl
workarounds in mod_ssl.
I'm sure your glibc is broken.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
is just for information. It not parsed by
mod_ssl/OpenSSL. It is there just for human reading.
I wonder how I can create such a format for my CA cert.
Do you have an idea?
$ openssl x509 -text -noout -in file
Ralf S. Engelschall
adjust any parameters. But look at the CHANGES
file, there is experimental support for SSLProxy directives which
can help you.
Ralf S. Engelschall
[EMAIL PROTECTED
, Ralf, can you update the link?
Ops, good catch. Fixed.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
ent solution). And I also know
that someone (not necessarily me) will again find this not satisfactory.
What approach then is used to change this we all still don't know...
Ralf S. Engelschall
-1.3.17.tar.gz can only be used with Apache
1.3.17. But if you want to use Apache 1.3.19 you now should use
mod_ssl-2.8.1-1.3.19.tar.gz. It is already available.
Ralf S. Engelschall
[EMAIL PROTECTED
Sorry for the short delay, but here it finally is: mod_ssl 2.8.1 for
Apache 1.3.19. The corresponding CHANGES entries are appended below.
Grab it from:
http://www.modssl.org/source/
ftp://ftp.modssl.org/source/
Yours,
Ralf S. Engelschall
On Thu, Mar 01, 2001, ModSSL user wrote:
Just to know when mod_ssl 2.8.1 for apache 1.3.19 will be
available ?
Now ;)
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
be unhappy that I personally cannot
respond, because we have other really great guys here who do an even
better job in answering questions than I ever would be able to do.
Yours,
Ralf S. Engelschall
[EMAIL PROTECTED
safe after errors--compilation aborted at configure.bat line 283.
C:\apdev\modssl
Ops, I forgot a complete line to add to configure.bat.
Now fixed in CVS. The next CVS snapshot will have it fixed.
Ralf S. Engelschall
r 1.3.17 was cleanup
and adjusted by our Win32 guys inside the ASF. I expect that building
mod_ssl is now horribly broken under Win32. But as I already said: I
cannot fix this myself. A Win32 guys has to fix this and provide the
necessary patches. I'm happy to take them over...
. The ChangeLog entries are appended below.
Grab mod_ssl-2.8.0-1.3.17.tar.gz from:
http://www.modssl.org/source/
ftp://ftp.modssl.org/source/
Yours,
Ralf S. Engelschall
[EMAIL PROTECTED
at mm-1.1.3. Will you also release a mm-1.1.4 with the patch from apr
applied ?
Yes, but not with all APR changes (because some are not needed).
Ralf S. Engelschall
[EMAIL PROTECTED
distribution.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl
stored ?
No, the hash table is shared over all server processes, because the
underlaying memory allocator is shared memory based. This means that all
server processes can store sessions and every other can reuse it.
Ralf S. Engelschall
I wish you all a Happy New Year 2001!
PS: In a few days mod_ssl 2.8.0 will be available for Apache
1.3.15, if 1.3.15 finally come out after longer delays ;)
Yours,
Ralf S. Engelschall
[EMAIL PROTECTED
.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User
from ftp.modssl.org if you're using Win32.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface
On Fri, Nov 10, 2000, B. Burke wrote:
Does anyone know mirror sites for these servers?
Only FTP area is mirrored world-wide.
It seems they are having troubles this morning.
Already fixed. Just try again, please.
Ralf S. Engelschall
I can find the source for this?
Look for certbundle-1.0.tar.gz in the contrib area of www.modssl.org.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engel
.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl
.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User
presentation ;-)
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl
d be never a call to
lex/yacc and the compilations should work fine. Additionally: use 2.7.1
and not 2.7.0, please.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engel
the time to be there :(
No problem -- that's why the complete slide-set is available online ;)
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
On Tue, Oct 17, 2000, Adinolfi Giovanni wrote:
into istruction have one mistake you must change into configure.bat the
world makefile.nt with makefile.win.
Fixed for mod_ssl 2.7.2 now.
Ralf S. Engelschall
[EMAIL
ap_ctx_set
ApacheCore.def : error LNK2001: unresolved external symbol ap_global_ctx
Your problem is that 2.7.1 is still broken for Win32.
For Win32 you have to use the latest snapshot from
ftp://ftp.modssl.org/snapshot/.
Ralf S. Engelschall
into trouble.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
__
Apache Interface to OpenSSL (mod_ssl
1 - 100 of 1055 matches
Mail list logo