ANNOUNCE: mod_ssl 2.6.0-1.3.12

Fri, 25 Feb 2000 01:41:48 -0800 


Apache 1.3.12 is already around the corner and should be released
these days (be patient, please!), so I'll release mod_ssl 2.6.0 for
it. Because I'm not available the coming days (we have our church
marriage-ceremony on this weekend ;) and I don't wanted to let you wait
to use SSL with this Apache version (especially because of security
reasons you should consider to upgrade to 1.3.12).

Yours,
                                       Ralf S. Engelschall
                                       [EMAIL PROTECTED]
                                       www.engelschall.com

  Changes with mod_ssl 2.6.0 (24-Feb-2000 to 25-Feb-2000)

   *) Merged in enhanced HTTPS Proxy Support which is derived from
      Stronghold 2.x and was originally contributed by C2Net over one
      year ago. This is still _EXPERIMENTAL_ stuff, so it is entirely
      wrapped with SSL_EXPERIMENTAL sections and has to be abled under
      built-time with --enable-rule=SSL_EXPERIMENTAL. Then the following
      new configuration directives are provided to fine-tune the HTTPS
      proxy support:

          o  SSLProxyProtocol [+-][SSLv2|SSLv3|TLSv1] ...
             (enable or disable SSL protocol flavors)
          o  SSLProxyCipherSuite XXX:...:XXX
             (colon-delimited list of permitted SSL ciphers)
          o  SSLProxyVerify on|off
             (whether to verify the remote certificate)
          o  SSLProxyVerifyDepth N
             (maximum certificate verification depth)
          o  SSLProxyCACertificateFile /path/to/file
             (file containing server certificates)
          o  SSLProxyCACertificatePath /path/to/dir
             (directory containing server certificates)
          o  SSLProxyMachineCertificateFile /path/to/file
             (file containing client certificates)
          o  SSLProxyMachineCertificatePath /path/to/dir
             (directory containing client certificates)

      This stuff is declared experimental, because it was still _NOT_
      tested in depth and is still _UNDOCUMENTED_. So keep in mind what
      SSL_EXPERIMENTAL means and use this with care!

   *) Extended the EAPI patches to mod_proxy to allow the new
      HTTPS proxy support to be merged in.

   *) Fixed ssl_io_suck() prototype scope in mod_ssl.h by changing
      the old #ifdef SSL_EXPERIMENTAL to the now correct #ifndef
      SSL_CONSERVATIVE.

   *) Added "cons" and "nocons" development target to
      src/modules/ssl/Makefile.tmpl.

   *) Upgraded to Apache version 1.3.12.

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to