Before I switch the CVS source repository, import Apache 1.3.12 and
start the mod_ssl 2.6 series, I've flushed all pending bugfixes to
provide you a maximum stable last mod_ssl 2.5 version.
Yours,
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
Changes with mod_ssl 2.5.1 (22-Jan-2000 to 24-Feb-2000)
*) Made sure OpenSSL's Pseudo Random Number Generator (PRNG) is
seeded already before the temporary RSA keys are generated.
*) Fixed possible security hole in mkcert.sh script (make
certificate) by making sure we already generate the foo.key files
with proper umask instead of chmod them later (and this way
perhaps too late).
*) Fixed memory leak caused by not-freed SSL_CTX in the HTTPS proxy
support (ssl_engine_ext.c/mod_proxy).
*) Fixed quotation author in ssl_glossary.html: it's Richard Nixon,
as Lukas Bradley pointed out.
*) Use "/usr/local/ssl" as the default for $SSL_BASE only if this
path really exists. Else use "SYSTEM" and this way be more
flexible. This is especially interesting for RedHat/RPM users
where OpenSSL stays often directly under /usr.
*) Make sure libssl.module also detects OpenSSL correctly
if OpenSSL was built as shared libraries (.so)
*) Let configure script more accurately check for -h, -v and
-q options on command line.
*) Make `SSLSessionCache none' really work as expected.
*) Added support for the latest OpenSSL snapshot (>= version 0.9.4).
*) Removed the removal of "#ifdef lint.. #endif" lines from
src/modules/ssl/Makefile.tmpl to make the life of the
OpenBSD guys easier in the future.
*) Removed Unix Bourne-Shell construct "2>&1" from Win32's
configure.bat script because Win32 hates this.
*) Fixed ApacheCore.def for Win32: Some numbers occured
multiple times.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
