On Wed, 1 May 2002, R. DuFresne wrote:

>On Wed, 1 May 2002, Lynn Gazis wrote:

>> I'm now getting unresolved externals when trying to build Apache 2.0.35
with
>> SSL enabled on Solaris 7, and would like, before I go farther in trying
to
>> diagnose this particular problem (and the shared memory cache problem I
am
>> having on HP UX), to ask a couple of general questions:
>> 
>> 1) In testing Apache 2.0, should I be testing with the latest version of
>> OpenSSL 0.9.6 or with the latest pre-release version of OpenSSL 0.9.7?
>> 

>perhaps the most stable code will be either 0.9.6b or 0.9.6c, I can't
>speak for 0.9.7.

Stability is one consideration, but actually not my primary consideration at
this point, since I'm not in a production environment, and am testing to
ensure that Rainbow's cryptographic accelerator continues to be supported by
Apache, rather than because I want to put a Web server into production with
Apache 2.0 here in the near future.  What I'm wondering is, between OpenSSL
0.9.6 and still in production OpenSSL 0.9.7, which is Apache 2.0 actually
designed to support, and which would I be best off reporting bugs against?

>> 2) Is there some option that I have not found which I should be using to
>> enable to engine code (right now I am doing so by modifying mod_ssl.h to
>> turn SSL_EXPERIMENTAL and SSL_ENGINE on)?

>There are two versions of openssl source available, the engine version and
>the non-engine version.  Both will work pretty much the same.  But, if you
>ever intend upon using hardware encryption devices you will want the
>engine version.

Since I'm testing cryptographic accelerator support, I have been using the
engine version of OpenSSL 0.9.6b or 0.9.6c (whichever I happened to have
already installed on each platform that I'm testing on).  However, there is
some modssl code incorporated in Apache 2.0, which allows the
SSLCryptoDevice line in ssl.conf to be recognized, and I'm finding that this
code does not get recognized unless I modify mod_ssl.h (whereas, in
mod_ssl-2.8.6-1.3.23, I am able to turn this code on with
--enable-rule=SSL_EXPERIMENTAL).


>> 
>> 3) Should the shared memory cache be automatically included in Apache
2.0,
>> or should I be somehow including mm-1.1.3, as I have been doing with
modssl?
>> 

>My understanding is that mm is not longer required.  So yes, its built in.

OK, in that case I should probably check further on what is going wrong on
my HP platform. 

>> 4) Should I be reporting problems I run across in testing Apache 2.0 to a
>> different list from this one?
>> 

>This list is at least one spot, I'm sure others here might recommend other
>lists to x-post such problems to.

Then I'll post to this list unless and until someone recommends a different
one.

Thanks,

Lynn Gazis
Rainbow Technologies

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to