RE: Urgent Help required!
Hi, how did you solve your problem? Could you tell me? Bhati, Vidushi wrote: Thanks Toftum :) -- View this message in context: http://www.nabble.com/mod-proxy%2C-path-rewrite%2C-and-digest-authentication-tp16098622p17207979.html Sent from the Apache HTTP Server - Module Writers mailing list archive at Nabble.com.
Missing vote for persistent SSL backend proxy connections
I know that the following patch really requires some work to review, but it is missing only one vote and it would be really worth to be included in 2.2.9: * mod_proxy: Allow for keepalive backend proxies (PR43238), which also addresses PR44026 and PR44543. These are pretty much interwrapped here. Trunk version of patch: http://svn.apache.org/viewvc?view=revrevision=602542 http://svn.apache.org/viewvc?view=revrevision=603237 http://svn.apache.org/viewvc?view=revrevision=603502 http://svn.apache.org/viewvc?view=revrevision=603543 http://svn.apache.org/viewvc?view=revrevision=604447 http://svn.apache.org/viewvc?view=revrevision=604449 http://svn.apache.org/viewvc?view=revrevision=605314 http://svn.apache.org/viewvc?view=revrevision=605838 Backport version for 2.2.x of patch: http://people.apache.org/~rpluem/patches/proxy-ssl-44026-patch.txt +1: jim, rpluem Regards RĂ¼diger
Impact of OpenSSL Randomness issues on Debian
If you are just catching up: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0166 http://it.slashdot.org/article.pl?sid=08/05/13/1533212 Most of the talk has been about how SSH Servers and Client private keys are vulnerable. However, Private x509 Keys generated by a vulnerable machine, and used by HTTPS are also guessable. Debian and Ubuntu have made several tools to detect weak key signatures in OpenSSH and OpenVPN. 1) Shouldn't it be possible to write something that detects the weak private key fingerprint from the SSL handshake? 2) Should we remind users on [EMAIL PROTECTED] or another medium, that any x509 keys generated on an debian or ubuntu server, such as those used for HTTPS, in the last 2 years, should be re-generated? Thanks, -Paul
Re: [PATCH] DTrace probes patch.
I see no issues with making this the default and having a --disable-dtrace. I can see a reason that someone might wish to turn them off -- thought that someone isn't me. +1 --disable-dtrace could be useful in certain scenarios e.g dtrace internal bugs. IMHO, by default it should be enabled. Regards, Basant.