Re: problem compiling on windows

2005-06-03 Thread Michael . Straessle 
I suggest you follow the procedure in the openssl source package
(install.w32) instead of using the perl commands in the apache httpd
documentation. This worked fine for me.

HTH
michael


-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im
Auftrag von b h
Gesendet: Freitag, 3. Juni 2005 00:34
An: modssl-users@modssl.org
Betreff: problem compiling on windows



Hi

to begin, platform winxp pro, visual studio 6

I downloaded and extracted httpd-2.0.54-win32-src.zip, openssl-0.9.7g.tar.gz
from their respective websites. 
And I was following
http://httpd.apache.org/docs-2.0/platform/win_compiling.html

I placed awk.exe in the path, extracted all the
openssl files into srclib/openssl, ran all the perl
lines configuring, and nmaking in the srclib/openssl
directory (and they seemed to work without any
error)...

but then when running 

nmake /f Makefile.win _apacher

after a couple minutes I end up with fatal errors: 
see last few lines before the error following...

-
   Creating library .\Release\mod_proxy.lib and object
.\Release\mod_proxy.exp
NMAKE -nologo -f mod_proxy_connect.mak CFG=mod_proxy_connect -
Win32 Release RECURSE=0
tempfile.bat
cl.exe
@C:\DOCUME~1\brad\LOCALS~1\Temp\nma00480.
proxy_connect.c
link.exe
@C:\DOCUME~1\brad\LOCALS~1\Temp\nmb00480.
   Creating library .\Release\mod_proxy_connect.lib
and object .\Release\mod_proxy_connect.exp
NMAKE -nologo -f mod_proxy_ftp.mak  
CFG=mod_proxy_ftp - Win32 Release RECURSE=0
tempfile.bat
cl.exe
@C:\DOCUME~1\brad\LOCALS~1\Temp\nma03996.
proxy_ftp.c
link.exe
@C:\DOCUME~1\brad\LOCALS~1\Temp\nmb03996.
   Creating library .\Release\mod_proxy_ftp.lib and
object .\Release\mod_proxy_ftp.exp
NMAKE -nologo -f mod_proxy_http.mak 
CFG=mod_proxy_http - Win32 Release RECURSE=0
tempfile.bat
cl.exe
@C:\DOCUME~1\brad\LOCALS~1\Temp\nma01708.
proxy_http.c
link.exe
@C:\DOCUME~1\brad\LOCALS~1\Temp\nmb01708.
   Creating library .\Release\mod_proxy_http.lib and
object .\Release\mod_proxy_http.exp
cd ..\..
cd modules\ssl
NMAKE -nologo -f mod_ssl.mak
CFG=mod_ssl - Win32 Release RECURSE=0 
.\Release\mod_ssl.so
NMAKE : fatal error U1073: don't know how to make
'..\..\srclib\openssl\inc32\openssl\asn1.h'
Stop.
NMAKE : fatal error U1077: 'C:\Program
Files\Microsoft Visual Studio\VC98\bin\NMAKE.EXE' :
return code '0x2'
Stop.
NMAKE : fatal error U1077: 'C:\Program
Files\Microsoft Visual Studio\VC98\bin\NMAKE.EXE' :
return code '0x2'
Stop.

C:\Documents and Settings\brad\Desktop\httpd-2.0.54


everything was working perfectly and I thought I was
following all the instructions properly.  

What did I forget to do or can anyone tell me what is
wrong?  I ask here because it seems to be in the
mod_ssl portion at that time.  Please let me know if
there is a more appropriate place to ask.

(And I know it's rude to ask, but please cc me in any
responses)

thanks
b.

__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  modssl-users@modssl.org
Automated List Manager[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  modssl-users@modssl.org
Automated List Manager[EMAIL PROTECTED]

AW: SSLSessionCaching on Win32

2003-01-13 Thread Michael . Straessle 
...depends on your configuration. SSLSessionCache works fine with my apache
1.3.27, but I had some problems with apache 2. with 2.0.39, session cache
was not honoured on win32 (bugzilla 10170), but this may have changed in the
meantime.

rgds
michael

 -Ursprüngliche Nachricht-
 Von: Wilkins, Craig [mailto:[EMAIL PROTECTED]]
 Gesendet: Montag, 13. Januar 2003 17:09
 An: '[EMAIL PROTECTED]'
 Betreff: SSLSessionCaching on Win32
 
 
  
   I am having trouble getting the SSLSessionCache directive 
   working on Win NT and have been unable to find any examples 
   or information where others have been able to implement this.
   
   Does anyone know if this directive is supported on Win32?
   
  
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
 
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

RE: mod ssl for windows

2002-07-15 Thread Michael . Straessle 

...this _does_ work with mod_jserv, as long as it's compiled with -DEAPI.
binaries are available in the modssl contributions section.
rgds
michael

 -Ursprungliche Nachricht-
 Von: Noah White [mailto:[EMAIL PROTECTED]]
 Gesendet: Donnerstag, 11. Juli 2002 16:40
 An: '[EMAIL PROTECTED]'
 Betreff: RE: mod ssl for windows
 
 
 
 Just as an FYI. This does not work with mod_jserv.
 
  -Original Message-
  From: JOURDAIN Philippe [mailto:[EMAIL PROTECTED]]
  Sent: Thursday, July 11, 2002 10:41 AM
  To: [EMAIL PROTECTED]
  Subject: RE: mod ssl for windows
  
  
  
 http://www.modssl.org/contrib/Apache_1.3.26-Mod_SSL_2.8.10-Ope
nSSL_0.9.6d-
 Wi
 n32.zip
 

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

AW: mod ssl for windows

2002-07-11 Thread Michael . Straessle 

 Hi
 Currently have a system working fine under Apache 1.3.19 on NT 
 but cannot find a version of mod_ssl.so for NT that will work with 
 1.3.26. Does one exist? 
 Any info gratefully received
 Alex
 
http://www.modssl.org/contrib/
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Apache 2.0.37-dev +mod_ssl win32 binaries

2002-06-11 Thread Michael . Straessle 

for testing purposes, i have compiled a 2.0.37-dev snapshot on NT. as there
doesn't seem to be any apache 2 binaries with mod_ssl around, i have put
them in the modssl user contribution area. they are not intended to be used
in a production environment, of course ;-)

regards
michael


__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Apache 2.0.37-dev +mod_ssl win32 binaries

2002-06-11 Thread Michael Straessle 

for testing purposes, i have compiled a 2.0.37-dev snapshot on NT. as there doesn't 
seem to be any apache 2 binaries with mod_ssl around, i have put them in the modssl 
user contribution area. they are not intended to be used in a production environment, 
of course ;-)

regards
michael
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

AW: Re: WIN32-apache 1.3.x (windows NT) problem of serving concurrent https requests

2002-05-07 Thread Michael . Straessle 

 -Ursprüngliche Nachricht-
 Von: Johannes Bertscheit [mailto:[EMAIL PROTECTED]]
 Gesendet: Samstag, 4. Mai 2002 19:27
 An: [EMAIL PROTECTED]
 Cc: [EMAIL PROTECTED]
 Betreff: Re: Re: WIN32-apache 1.3.x (windows NT) problem of serving
 concurrent https requests
(cut)

 Are there any people out there - stating that they have a 
 apache mod_ssl 
 running on windows NT RELIABLE ???
 
 johannes

hmm.. now this calls for an answer. 

we are running ssl-enabled apache on NT since end 99, first ibm http server
1.3.6.2 with 56bit ssl encryption, since december 01 Apache/1.3.22 (Win32)
mod_jk/1.2.0 ApacheJServ/1.1.2 mod_ssl/2.8.5 OpenSSL/0.9.6b. there were some
crashes with mod_ssl in the beginning, but none since i set KeepAlive Off in
httpd.conf. average hits per day on the webserver are 100k.
availability ist 99.97% over the past 2 months, the remaining 0.03% are
caused by hardware changes. the only unplanned reboot since start of
production on this machine in may 99 was due to someone pulling out the
power cable between server and ups.

michael


 -Ursprüngliche Nachricht-
 Von: Johannes Bertscheit [mailto:[EMAIL PROTECTED]]
 Gesendet: Samstag, 4. Mai 2002 19:27
 An: [EMAIL PROTECTED]
 Cc: [EMAIL PROTECTED]
 Betreff: Re: Re: WIN32-apache 1.3.x (windows NT) problem of serving
 concurrent https requests
(cut)

 Are there any people out there - stating that they have a 
 apache mod_ssl 
 running on windows NT RELIABLE ???
 
 johannes
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

RE: How to install mod_ssl + mod_webapp?

2002-02-26 Thread Michael . Straessle 

i did compile a post-1.1.2 EAPI version of mod_jserv which works fine - and
without warnings - with my configuration (apache 1.3.22/mod_ssl 2.8.5):

http://www.modssl.org/contrib/mod_jserv-1.1.3-dev-eapi-WIN32.zip

...had to set 
KeepAlive Off 
in httpd.conf however (BUG #569) to get production quality.

michael

 -Ursprungliche Nachricht-
 Von: Will Guaraldi [mailto:[EMAIL PROTECTED]]
 Gesendet: Freitag, 22. Februar 2002 15:36
 An: [EMAIL PROTECTED]
 Betreff: RE: How to install mod_ssl + mod_webapp?
 
 
 For the record, we're running Apache 1.3.20/mod_ssl 2.8.4 
 with ApacheJServer
 1.1.2 and we get the same warning when it loads JServ that 
 you get with
 mod_webapp.c and our application works fine.  So you might not have to
 recompile the mod_webapp module with -DEAPI.
 
 /will
 
  -Original Message-
  From: [EMAIL PROTECTED]
  [mailto:[EMAIL PROTECTED]]On Behalf Of Wes Barris
  Sent: Thursday, February 21, 2002 5:21 PM
  To: modssl list
  Subject: How to install mod_ssl + mod_webapp?
 
 
  We are currently using Jakarta-tomcat-4.0.1 with Apache httpd 1.3.22
  (binary distributions for linux downloaded from the www.apache.org
  website).  I also have mod_webapp installed (downloaded from the
  same website).
 
  Now, I want to add mod_ssl functionality to this mix.  From what I
  gather from the www.modssl.org website, I must throw away what I
  have and compile from sources in order to use mod_ssl.
 
  I followed the instructions on this page:
 
  http://www.modssl.org/example/
 
  and everything seemed to build properly.  After copying 
 mod_ssl.so to
  the new ./libexec directory and adding the following two lines to
  ./conf/httpd.conf:
 
  LoadModule webapp_module  libexec/mod_webapp.so
  AddModule mod_webapp.c
 
  I get this error message:
 
  root@redhat# /usr/local/apache-ssl/bin/apachectl configtest
  [Wed Feb 20 15:59:04 2002] [warn] Loaded DSO
  libexec/mod_webapp.so uses plain Apache 1.3 API, this module
  might crash under EAPI! (please recompile it with -DEAPI)
  [Wed Feb 20 15:59:04 2002] [warn] module mod_webapp.c is already
  added, skipping
  Syntax OK
 
  I can read the words but I don't really know what to do.  It seems
  to be saying that I have to compile mod_webapp using -DEAPI.  Can
  anyone provide some guidance?
 
  --
  Wes Barris
  E-Mail: [EMAIL PROTECTED]
  Phone: 07-3346-2504
  
 __
  Apache Interface to OpenSSL (mod_ssl)   
www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]


__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

AW: Connection hangs when using SSL

2002-02-04 Thread Michael . Straessle 

habe you set

Listen 443

in your conf?

-Ursprungliche Nachricht-
Von: Ken Tune [mailto:[EMAIL PROTECTED]]
Gesendet: Montag, 4. Februar 2002 19:03
An: '[EMAIL PROTECTED]'
Betreff: Connection hangs when using SSL


I'm trying to get Apache up and running on WinNT, with SSL 
I'm using 
Apache/1.3.19 (Win32) 
mod_ssl/2.8.3 
OpenSSL/0.9.6a 
My Apache config is as follows ... 
SSLMutex sem 
SSLRandomSeed startup builtin 
SSLRandomSeed connect builtin 
SSLSessionCache none 
SSLLog logs/SSL.log 
SSLLogLevel debug 
VirtualHost MY_HOST:443 
ServerName MY_HOST 
SSLEngine on 
SSLCipherSuite
ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL 
SSLCertificateFile D:/apache/ssl/my-server.cert 
SSLCertificateKeyFile D:/apache/ssl/my-server.key 
SetEnvIf User-Agent .*MSIE.* \ 
 nokeepalive ssl-unclean-shutdown \ 
 downgrade-1.0 force-response-1.0 
CustomLog logs/ssl_request_log combined 
/VirtualHost 
My problem is that when I issue https://MY_HOST through the browser the
browser simply hangs  - there's no response from apache.
If I try and connect to 443 directly using openssl I get 
$ openssl s_client  -connect  MY_HOST:443 -state -debug 
CONNECTED(0003) 
SSL_connect:before/connect initialization 
write to 0A01ED48 [0A01F788] (130 bytes = 130 (0x82)) 
 - 80 80 01 03 01 00 57 00-00 00 20 00 00 16 00 00   ..W... . 
0010 - 13 00 00 0a 07 00 c0 00-00 66 00 00 07 00 00 05   .f.. 
0020 - 00 00 04 05 00 80 03 00-80 01 00 80 08 00 80 00    
0030 - 00 65 00 00 64 00 00 63-00 00 62 00 00 61 00 00   .e..d..c..b..a.. 
0040 - 60 00 00 15 00 00 12 00-00 09 06 00 40 00 00 14   `...@... 
0050 - 00 00 11 00 00 08 00 00-06 00 00 03 04 00 80 02    
0060 - 00 80 46 fe 76 0c 2a 63-8a 04 72 25 77 e3 3c 15   ..F.v.*c..r%w.. 
0070 - 22 77 46 a4 69 b9 20 85-03 7d 7b ad 85 b9 db ed   wF.i. ..}{. 
0080 - b6 1c .. 
SSL_connect:SSLv2/v3 write client hello A 
... and nothing more. 
I've tried using the -ssl2 and -ssl3 flags, but get the same result. 
I've tried connecting using telnet and trying to speak http to the port and
that doesn't work so that's not the issue. 
Furthermore, when I try and connect I get an entry in my ssl.log ... 
[04/Feb/2002 17:01:01 00193] [info]  Connection to child 4 established
(server MY_HOST:443, client MY_IP) 
Any suggestions gratefully received 
Regards 
Ken Tune 
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

RE: Apache modssl last release ...

2002-01-16 Thread Michael . Straessle 

  [ Falk Großwig ] wrote:
  
  Hello,
  
  i just installed the mod_ssl for Apache. First it workes fine, but i
  cant tell how, the Apache shuts down the mod_ssl ...
  
  i cant reach the mod_ssl url if i open a new browser window.
  
 
  
  VirtualHost ssl.design-4-you.ath.cx
  ServerAdmin [EMAIL PROTECTED]
  ServerName design-4-you
  DocumentRoot E:/Server/secure/
  ErrorLog E:/Server/logs/secure.design-4-you.ath.cx-error_log
  CustomLog 
 E:/Server/logs/secure.design-4-you.ath.cx-access_log common
  SSLEngine On
  SSLCertificateFile conf/ssl/www.design-4-you.ath.cx.cert
  SSLCertificateKeyFile conf/ssl/www.design-4-you.ath.cx.key
  /VirtualHost
 
 So this is your SSL VH?
 
 First, you need:
 
 Listen 443
 
 before the VH so apache listens to port 443, which is where SSL works.
 
 Second, you need to define port 443 in the VH, i.e.
 
 VirtualHost ssl.design-4-you.ath.cx:443
 
 Third, you need to start apache with SSL. In unix, the command is:
 
 # apachectl startssl
 
 or (more primitively)
 
 # ./httpd -DSSL
 
 check the docs for the appropriate command under windows.

...which would be

apache -D SSL

Fourth, your apache needs to be compiled with the -EAPI flag, otherwise
mod_ssl will not work. if you use a binary distribution, this is most
probably not the case. AFAIK there is no such distribution for 1.3.22
/win32. 




__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

mutex warnings

2001-12-12 Thread Michael . Straessle 

Hi Group

I'm running the following: Apache/1.3.22 (Win32) mod_jk/1.1.0 tomcat/1.0
mod_ssl/2.8.5 OpenSSL/0.9.6b
with the standard settings for win32. everything fine with this, except that
I get a lot (up to 7 per second) warnings:

[10/Dez/2001 09:23:45 00393] [warn]  Failed to release global mutex lock

could anybody explain what this means, and if there's anything that can be
done about it - besides setting log level to error;-)

thanks
Michael
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

RE: [BugDB] Configuration problems (PR#640)

2001-12-11 Thread Michael . Straessle 

the following conf might work:

...
...
# restrict general server conf to localhost
BindAddress 127.0.0.1
...
...
IfDefine HAVE_SSL
Listen 80
Listen 443
/IfDefine

IfDefine HAVE_SSL
##
## SSL Virtual Host Context
##

VirtualHost 20.30.70.40:443
...
...
/VirtualHost

VirtualHost 20.30.70.40:80
...
...
/VirtualHost

VirtualHost 20.30.70.48:443
...
...
/VirtualHost
VirtualHost 20.30.70.48:80
...
...
/VirtualHost

/IfDefine


 -Ursprungliche Nachricht-
 Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
 Gesendet: Montag, 10. Dezember 2001 22:52
 An: [EMAIL PROTECTED]
 Cc: [EMAIL PROTECTED]
 Betreff: [BugDB] Configuration problems (PR#640)
 
 
 Full_Name: 
 Version: 2.8.5
 OS: Linux
 Submission from: (NULL) (216.72.177.4)
 
 
 I have defined 2 domains in one server, based on IP address
 my etc/hosts file is like:
 20.30.70.40server_namewww.domain_A  domain_A
 20.30.70.48   server_name   www.domain_B   domain_B
 
 my httpd.conf is like
 ..
 ..
 ..
 Listen 80
 NameVirtualHost 20.30.70.40
 
 VirtualHost 20.30.70.40
 ServerAdmin admin@domain_A
 DocumentRoot /home/httpd/file_A/www
 ServerName Domain_A
 Directory Index htm html cgi
 ###
 Directory /home/httpd/file_A/www/
 order allow,deny
 Options Indexes Includes FollowSymLinks ExecCGI
 deny from all
 /Directory
 
 ErrorLog logs/Domain_A-error_log
 CustomLog /var/log/httpd/Domain_A-access_log common
 /VirtualHost
 
 VirtualHost 20.30.70.48
 DocumentRoot /home/httpd/domain_B
 ServerName www.domain_B
 ServerAdmin admin@domain_B
 ErrorLog /var/log/httpd/domain_B-error_log
 CustomLog /var/log/httpd/domain_B-access_log common
 DirectoryIndex index.htm index.html
 
 Directory /home/httpd/domain_B
 AllowOverride None
 Options Indexes Includes FollowSymLinks ExecCGI
 Order allow,deny
 Allow from all
 /Directory
 
 
 /VirtualHost
 
 IfDefine HAVE_SSL
 ##
 ## SSL Virtual Host Context
 ##
 Listen 443
 VirtualHost 20.30.70.40:443
 DocumentRoot /home/httpd/domain_A/www
 ServerName www.domain_A
 SSLEngine on
 SSLProtocol all -SSLv3
 #   Server Certificate:
  SSLCertificateFile /etc/httpd/conf/propio/certisur_A.crt
 #   Server Private Key:
 SSLCertificateKeyFile /etc/httpd/conf/propio/server_A.key
 
 Files ~ \.(cgi|shtml)$
 SSLOptions +StdEnvVars
 /Files
 Directory /var/www/cgi-bin
 SSLOptions +StdEnvVars
 /Directory
 
 SetEnvIf User-Agent .*MSIE.* nokeepalive ssl-unclean-shutdown
 CustomLog /var/log/httpd/ssl_request_log \
   %t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \%r\ %b
 
 /VirtualHost
 
 VirtualHost 20.30.70.48:443
  ServerName www.Domain_B
  DocumentRoot /home/httpd/domain_B
  Directory /home/httpd/domain_B
   AllowOverride None
   Options Indexes Includes FollowSymLinks ExecCGI
   Order allow,deny
   Allow from all
  /Directory
  SSLEngine on
  SSLProtocol all -SSLv3
  SSLCertificateFile /etc/httpd/conf/mallgallery/certisur_B.crt
  SSLCertificateKeyFile /etc/httpd/conf/mallgallery/server_B.key
 
  Files ~ \.(cgi|shtml)$
 SSLOptions +StdEnvVars
  /Files
  Directory /var/www/cgi-bin
  SSLOptions +StdEnvVars
  /Directory
  CustomLog /var/log/httpd/ssl_request_log \
   %t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \%r\ %b
 
 /VirtualHost
 /IfDefine
 
  If I call Domain_A or Domain_B in non secure 
 operation(hhttp) I haven't
 problems, but if in secure conditions (https) the server only 
 respond to
 Domain_A calls 
 I waiting for some comments please 
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
 
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]