Hi Steve,
Do you also agree with David's proposal to change the calls to
BIO_ctrl(, BIO_CTRL_INFO, ) into BIO_wpending() in ssl/*.c? It seems
to
make sense to me.
Yes, I've applied it to all branches now. Many thanks David. Ticket
resolved.
Just a postscript to the issue. The above
Hi Steve,
Do you also agree with David's proposal to change the calls to
BIO_ctrl(, BIO_CTRL_INFO, ) into BIO_wpending() in ssl/*.c? It seems
to
make sense to me.
Yes, I've applied it to all branches now. Many thanks David. Ticket
resolved.
Just a postscript to the issue. The above
On Thu, Jun 25, 2009 at 06:05:08PM +0200, Stephen Henson via RT wrote:
[david.sm...@cern.ch - Tue Jun 23 11:06:26 2009]:
The bug report over on the apache tracker:
https://issues.apache.org/bugzilla/show_bug.cgi?id=46952
has been updated - there is a utility to generate a set of CA
On Thu, Jun 25, 2009 at 06:05:08PM +0200, Stephen Henson via RT wrote:
[david.sm...@cern.ch - Tue Jun 23 11:06:26 2009]:
The bug report over on the apache tracker:
https://issues.apache.org/bugzilla/show_bug.cgi?id=46952
has been updated - there is a utility to generate a set of CA
On Jun 26, 2009, at 2:40 PM, Joe Orton wrote:
This is a good point. We already do this conditionally, in fact.
David, could you try this mod_ssl patch as an alternative solution,
which doesn't necessitate fixes to OpenSSL?
Index: ssl_engine_io.c
[...]
Hello Joe,
Thanks for the mod_ssl
On Jun 26, 2009, at 2:40 PM, Joe Orton wrote:
This is a good point. We already do this conditionally, in fact.
David, could you try this mod_ssl patch as an alternative solution,
which doesn't necessitate fixes to OpenSSL?
Index: ssl_engine_io.c
[...]
Hello Joe,
Thanks for the mod_ssl
Hello,
The bug report over on the apache tracker:
https://issues.apache.org/bugzilla/show_bug.cgi?id=46952
has been updated - there is a utility to generate a set of CA
certificates, which should allow one to reproduce the problem and more
information about when the failure has been seen.
On Mon, Jun 15, 2009, Kyle Hamilton wrote:
These scripts pull the latest version of the Mozilla-approved CAs.
OpenSSL is not in the business of making CA certificates available,
but having the ability to do this in the stock package might be very
good for the users. (Make sure that such a
Hi Stephen,
I can't see how anything could cause an issue with 85 CAs. The attached
descriptions imply it might be a mod_ssl issue (not reproducible with
s_server).
There is a bit more information now in our ticket:
https://savannah.cern.ch/bugs/?48458
Romain Wartel wrote:
So 4
Hi Stephen,
I can't see how anything could cause an issue with 85 CAs. The attached
descriptions imply it might be a mod_ssl issue (not reproducible with
s_server).
There is a bit more information now in our ticket:
https://savannah.cern.ch/bugs/?48458
Romain Wartel wrote:
So 4
Maarten Litmaath wrote:
Hi Stephen,
I can't see how anything could cause an issue with 85 CAs. The attached
descriptions imply it might be a mod_ssl issue (not reproducible with
s_server).
There is a bit more information now in our ticket:
https://savannah.cern.ch/bugs/?48458
Romain
Maarten Litmaath wrote:
Hi Stephen,
I can't see how anything could cause an issue with 85 CAs. The attached
descriptions imply it might be a mod_ssl issue (not reproducible with
s_server).
There is a bit more information now in our ticket:
https://savannah.cern.ch/bugs/?48458
Hi Roumen,
it hangs the same , remove a few cas and it works.
# rpm -q httpd mod_ssl openssl fedora-release
httpd-2.2.11-8.x86_64
mod_ssl-2.2.11-8.x86_64
openssl-0.9.8k-4.fc11.x86_64
fedora-release-11-1.noarch
[...]
May be problem is in 64-bit OpenSSL (fedora?)
Hi,
Roumen Petrov schrieb:
In the past we can download a file with CA certificates (
ca-bundle.crt.tar.gz ) from mod_ssl site. Now file is removed but it
contain more then 90 certificates (PEM format concatenated together).
many use the Perl script I've hacked for cURL to create a
These scripts pull the latest version of the Mozilla-approved CAs.
OpenSSL is not in the business of making CA certificates available,
but having the ability to do this in the stock package might be very
good for the users. (Make sure that such a tool warns the user that
the CA certificates are
15 matches
Mail list logo
