On Wed, 1 May 2002, R. DuFresne wrote: >On Wed, 1 May 2002, Lynn Gazis wrote:
>> I'm now getting unresolved externals when trying to build Apache 2.0.35 with >> SSL enabled on Solaris 7, and would like, before I go farther in trying to >> diagnose this particular problem (and the shared memory cache problem I am >> having on HP UX), to ask a couple of general questions: >> >> 1) In testing Apache 2.0, should I be testing with the latest version of >> OpenSSL 0.9.6 or with the latest pre-release version of OpenSSL 0.9.7? >> >perhaps the most stable code will be either 0.9.6b or 0.9.6c, I can't >speak for 0.9.7. Stability is one consideration, but actually not my primary consideration at this point, since I'm not in a production environment, and am testing to ensure that Rainbow's cryptographic accelerator continues to be supported by Apache, rather than because I want to put a Web server into production with Apache 2.0 here in the near future. What I'm wondering is, between OpenSSL 0.9.6 and still in production OpenSSL 0.9.7, which is Apache 2.0 actually designed to support, and which would I be best off reporting bugs against? >> 2) Is there some option that I have not found which I should be using to >> enable to engine code (right now I am doing so by modifying mod_ssl.h to >> turn SSL_EXPERIMENTAL and SSL_ENGINE on)? >There are two versions of openssl source available, the engine version and >the non-engine version. Both will work pretty much the same. But, if you >ever intend upon using hardware encryption devices you will want the >engine version. Since I'm testing cryptographic accelerator support, I have been using the engine version of OpenSSL 0.9.6b or 0.9.6c (whichever I happened to have already installed on each platform that I'm testing on). However, there is some modssl code incorporated in Apache 2.0, which allows the SSLCryptoDevice line in ssl.conf to be recognized, and I'm finding that this code does not get recognized unless I modify mod_ssl.h (whereas, in mod_ssl-2.8.6-1.3.23, I am able to turn this code on with --enable-rule=SSL_EXPERIMENTAL). >> >> 3) Should the shared memory cache be automatically included in Apache 2.0, >> or should I be somehow including mm-1.1.3, as I have been doing with modssl? >> >My understanding is that mm is not longer required. So yes, its built in. OK, in that case I should probably check further on what is going wrong on my HP platform. >> 4) Should I be reporting problems I run across in testing Apache 2.0 to a >> different list from this one? >> >This list is at least one spot, I'm sure others here might recommend other >lists to x-post such problems to. Then I'll post to this list unless and until someone recommends a different one. Thanks, Lynn Gazis Rainbow Technologies ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]