with authorization and downstream REMOTE_USER
processing.
Paul J. Reder
On 09/08/2009 11:09 AM, Graham Leggett wrote:
Udo Rader wrote:
Maybe a more concrete sample can help clarify what I am talking about,
here's my approximate setup:
Location /fooBar
SSLVerifyClient require
On 08/20/2009 12:00 AM, William A. Rowe, Jr. wrote:
Hardening Enterprise Apache Installations Against Attacks by Sander Temme
Heh... Couldn't you just buy Sander a beer and ask him nicely not to attack
your Apache installation?
Sorry... I couldn't resist.
--
Paul J. Reder
this return 414 when it gets APR_ENAMETOOLONG or is it valid to return
403?
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
AND, OR, and OVERRIDE, but if it was designed to be explicit then the user would
have specific control over each authbit along the way.
Paul J. Reder
Brad Nicholes wrote:
On 4/4/2008 at 11:37 AM, in message [EMAIL PROTECTED], Chris
Darroch [EMAIL PROTECTED] wrote:
William A. Rowe, Jr. wrote:
I've been
that, logically, it should be directory scoped.
I'm committing the doc now (directory scoped, to match the code I committed)
and I'll look at making sure the processing addresses that (via merge, etc).
Graham Leggett wrote:
Paul J. Reder wrote:
Now that you ask that question it makes me realize
or should it be turned on/off and limited on a server-wide
scope?
util_ldap_create_config, /* create server config */
util_ldap_merge_config, /* merge server config */
Regards
Rüdiger
--
Paul J. Reder
---
The strength
the purpose of this?
Regards
Rüdiger
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his share in this defense
, util_ldap_set_connection_timeout,
NULL, RSRC_CONF,
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his
true and thus the
new code
would be the same as the old one.
Regards
Rüdiger
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty
Okay, there is a 2.2.x branch version of the nested groups patch at
http://people.apache.org/~rederpj/NestedGroups_2.2.xBranch.diff
Nick Kew wrote:
On Sat, 28 Jul 2007 10:58:27 -0400
Paul J. Reder [EMAIL PROTECTED] wrote:
I'm quite certain that it applies since I developed the code on 2.2.4
:
Author: rederpj
Date: Fri Jul 27 14:22:36 2007
New Revision: 560386
URL: http://svn.apache.org/viewvc?view=revrev=560386
Log:
Add backport request for nested groups patch.
In view of the substantial authnz reworking in /trunk/,
are you sure this patch is compatible with 2.2?
--
Paul J. Reder
I didn't commit it to 2.2.x. I committed it to trunk and submitted it for
backport.
Did I miss something?
Paul J. Reder
Ruediger Pluem wrote:
-1.
Please revert. You did not have enough votes for backport. You need to have
three votes for a backport and you only had your own one.
2.2.x is RTC
performance, and reports
subgroup status in ldap-status.
I'll wait until Monday to commit this to trunk and submit for backport voting.
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend
palatable.
Either way, the code is pretty much the same except for which files contain
which code.
In evaluating/verifying these patches you would look at either:
SplitRebind_Apache.diff + SplitRebind_apr-util.diff
-- OR --
AllApacheRebind.diff
--
Paul J. Reder
the cache_conditional logic for the top level code-path choice
(thus avoiding the whole filter adding issue).
Paul J. Reder
Bill Stoddard wrote:
Graham Leggett wrote:
Bill Stoddard wrote:
Stale objects are discarded and fetched from the origin server.
So we're missing all the code to handle RFC 2616 section
if (geteuid() == 0) {
ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_NOTICE, 0, s,
CoreDumpDirectory not set; core dumps may not be written
for
child process crashes);
}
}
}
}
--
Paul J. Reder
,
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his share in this defense are the constitutional rights secure.
-- Albert
... from what
I do know this looks good, but some doc for the function might be useful to
help folks know when they might be legally able to weaken a tag.
Paul J. Reder
Geoffrey Young wrote:
hi all
this is something I've been meaning to do for a while. as mod_include
demonstrates, output filters
aspects of my patch irrelevant, but I suspect
it will still need to be there for other errors.
anyway, as usual, thanks for listening.
--Geoff
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
.
I have to finish a piece of high priority work up today and tomorrow
and then, hopefully, I can get back to this.
Paul J. Reder
CASTELLE Thomas wrote:
Hello everyone,
I reported a few months ago a problem concerning mod_cache not sending a
If-Modified-Since when the cache is staled (see
it, is needed to address the RFC violation of
not returning an Expires header in 304 responses. It may also be helpful
in solving other issues related to mod_headers or other filters that should
do some processing during errors.
--
Paul J. Reder
, t);
}
}
Ah, would you mind to use the other patch provided in the PR? IMHO the other
one addresses more the problem than the symptom.
nd
--
Paul J. Reder
---
The strength of the Constitution lies entirely
, but concerns
me enough to ask for other ideas.
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his share in this defense
/patches.html. But there is also a new
section that discusses what level of code can be used for creating the
patch.
Comments?
Thanks,
Jeff
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
;
*/
return -1*mobj-priority;
}
Thoughts?
--Cliff
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his
formatted in !one true way I'd have to vote to
keep it that way. IMHO, an exception for multiline conditionals would
just confuse things.
Now if we want to talk about reformatting *all* the code to the
one true way...:)*duck*
--
Paul J. Reder
, nor does
the message say which file this is referring to. Anyone know?
Regards,
Graham
--
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen
will be submitted for backporting votes immediately.
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his share in this defense
PROTECTED] wrote:
rederpj 2003/07/15 14:03:10
Modified:.CHANGES
...
This should be simply
*) Eliminate creation of a temporary table in ap_get_mime_headers_core()
[Joe Schaefer [EMAIL PROTECTED]]
In the CVS commit message, put Brian Pane, Paul J. Reder in the
Reviewed by: field
Well I would if I could, but it seems that /tmp is full and
cvs activity is failing for me.
Jeff Trawick wrote:
Paul J. Reder wrote:
Specifically, my thinking was that *I* wasn't the one who had
initially done the work and felt felt I shouldn't take credit
for anything other than what I did
'P':
+if (!strncasecmp(uri, roxy:, 5)) { /* proxy: */
+return 6;
}
break;
}
uhmm. Why that? I bet that breaks some things, since proxy: is not a real
scheme.
nd
--
Paul J. Reder
. Does that
make sense?
Paul J. Reder
André Malo wrote:
* Paul J. Reder wrote:
With the other changes, the way I read the patch was as:
if (ctx-state == PRE_HEAD) {
if (!empty) {
pass
/* reset deleted from here */
}
reset /* reset added here
. Does that
make sense?
Paul J. Reder
André Malo wrote:
* Paul J. Reder wrote:
With the other changes, the way I read the patch was as:
if (ctx-state == PRE_HEAD) {
if (!empty) {
pass
/* reset deleted from here */
}
reset /* reset added here
BYTE_COUNT_THRESHOLD then
we forward the initial part of the brigade. This is to keep from
buffering up huge chunks of data.
I concur with the rest of the patch (from a visual perspective,
I haven't tested it).
Paul J. Reder
Cliff Woolley wrote:
yOn Wed, 9 Jul 2003, Ron Park wrote:
This problem revolves around
condition... */
...
}
else {/* Entire brigade is middle chunk of SSI tag... */
...
}
My contention is simply that the reset should be coupled with
the pass, inside the if. Did I miss something in the patch?
Paul J. Reder
André Malo wrote:
* Paul J
soon.
Thanks for the kickstart on this.
Paul J. Reder
CASTELLE Thomas wrote:
Thanks for looking into this Paul !
Concerning the second question, I totally agree with you. I tested it
and it works. It is obviously more logical...
I hope you will be able to integrate this patch in the next apache
a lot for this really great product !
Thomas.
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his share in this defense
to serve default welcome pages?
/* DECLINE urls ending in / ??? EGP: why? */
if (url[urllen-1] == '/') {
return DECLINED;
}
Allan
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination
of the things I will be looking at over the
next several months, no promises on schedule though. Other things take
higher priority for me at the moment.
Currently the CacheSize directive does nothing for the disk cache so
it will be as efficient as you or I (or someone else) make it. :)
Paul J. Reder
back from Monticello late tonight.
(Can you put the corefile and matching binary somewhere that I can get to
it, if it's for some OS I happen to have access to? Might save me a bit
of time, which I'm short on at the moment.)
--Cliff
--
Paul J. Reder
looking at that part.
--Cliff
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his share in this defense
:forbidden error.
http://your.machine.name:port/
You'll get the page foo.html.
I can spend more time tracking this if you want, but it won't be
till this afternoon.
--
Paul J. Reder
---
The strength of the Constitution lies entirely
)
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his share in this defense are the constitutional rights secure
Content-Encoding:
Base64
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his share in this defense
would have resulted in creation of 2.2-stable and 2.3-dev.
Anyway, the long and short of it is, I like the parallel streams, I like the
rules setup in the ROADMAP, I like odd=dev and even=stable, and I like officially
recognizing the wild, unstable, and fun nature of X.0.y.
--
Paul J. Reder
was seeing.
Thanks.
Brian Pane wrote:
On Sat, 2002-10-12 at 20:26, Paul J. Reder wrote:
Okay, this takes care of item 4 from the list below. Thanks Brian, saves
me from having to do the commit. :)
What about the other 3? Should they be fixed by the change from
apr_time_t to apr_int64_t
(apr_int64_t under
the covers) to apr_int64_t is going to remove the need for 1-3.
On Fri, 2002-10-11 at 16:04, Paul J. Reder wrote:
I have run into a problem where the cache code randomly decides that a
cached entry is stale or that the last modified date is some time in
the future. I tracked
().
Please see the attached patch.
With no objections (and a litle help from someone who has APR commit
authority) I would like to commit this this weekend.
Thanks,
--
Paul J. Reder
---
The strength of the Constitution lies entirely
It looks to me like you and I are on the same path. I'm currently
fixing a problem related to freshness computations, but I'm also
looking in to why it seems to fetch files more than it needs to.
I'll let you know if I find anything. Please keep me posted.
Thanks,
Paul J. Reder
Matthieu
, the r-headers_out are all
available, but when the others brigade are going throught the
mod_cache, there is no more r-headers_out.
I'll take a look at this as soon as I have time (probably this Saturday).
Brian
--
Paul J. Reder
now.
I don't see this as a huge problem, to be honest. I think it's probably more
important to get a .43 release out which has had at least some testing
rather than reroll with changes...
-Thom
--
Paul J. Reder
---
The strength
amount of
time to complete, I would assume that the cache code should decide not
to cache any response with a pipe bucket, correct?
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen
Ryan Bloom wrote:
On Tue, 1 Oct 2002, Paul J. Reder wrote:
I've been working on the caching code and ran across a core dump...
A particular file contains an SSI call to a cgi. The cgi causes a pipe
bucket to pass down the chain. cache_in_filter tries to save the bucket
away and core
William A. Rowe, Jr. wrote:
At 03:27 PM 10/1/2002, Paul J. Reder wrote:
Ryan Bloom wrote:
On Tue, 1 Oct 2002, Paul J. Reder wrote:
I've been working on the caching code and ran across a core dump...
A particular file contains an SSI call to a cgi. The cgi causes a pipe
bucket to pass
Matthieu,
Could you possibly provide your changes as an attached diff instead of
the entire file. Your version of the file has changed the spacing of most
of the file so I can't easily determine what you changed.
Thanks,
Paul J. Reder
Matthieu Estrade wrote:
Hi again,
Just to say when i
?
The cache filter is supposed to run after all the filters for maximum
caching advantage.
Regards,
Graham
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only
Kris,
I am in the process of adding virtual host info into the key
generation too. I'll include your work with mine if that's okay.
Paul J. Reder
Kris Verbeeck wrote:
Hi,
Some of our QA people discovered a problem when performing request
with a query string on a mod_cache enabled Apache
= apr_pstrcat(p,r-uri, ?, r-args, NULL);
return APR_SUCCESS;
}
Hm... This should be something like:
If (r-args) {
*key = apr_pstrcat(p,r-uri, ?, r-args, NULL);
} else {
*key = apr_pstrdup(p,r-uri);
}
But I might be severely stupid...
Pier
--
Paul J. Reder
But I'm also factoring the hostname into key creation, which
also might be NULL. So even if the args issue could be ignored, the
hostname can't (or at least the possibility of 1 out of 2 NULL
can't be ignored).
Pier Fumagalli wrote:
Paul J. Reder [EMAIL PROTECTED] wrote:
Yes, I believe
Ian Holsman wrote:
On Thu, 12 Sep 2002 03:47:58 -0700, Paul J. Reder wrote:
Yes, I believe it should check r-args. I don't think you are stupid,
severely or otherwise... ;)
it should not make a difference really
if r-args is null than the strcat should terminate there anyway
, they have to be
in a brigade. An orphan bucket won't be freed. -- justin
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound
.
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his share in this defense are the constitutional rights secure
of seconds).
- ask
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his share in this defense
on sounds pretty silly. Wouldn't it be better if it was
CacheOn yes or just Cache on? :-)
- ask
--
ask bjoern hansen, http://www.askbjoernhansen.com/ !try; do();
--
Paul J. Reder
---
The strength of the Constitution lies
/mod_ext_filter.c
apr/strings/apr_cpystrn.c
I will commit the CHANGES and mod_ext_filter.c changes. If someone in
APR would commit the apr_cpystrn changes I would appreciate it.
Thanks,
--
Paul J. Reder
---
The strength of the Constitution lies entirely
By the way, this was submitted by me and reviewed by Jeff Trawick.
Paul J. Reder wrote:
I am both embedding and attaching the APR fix since my e-mail editor
seems to munge patches...
This is to fix the command arg parsing for mod_ext_filter to provide
the normal quote and escaped quote
it, and it is exported from APR. Look in
strings/apr_cpystrn.c for apr_tokenize_to_argv.
Ryan
Bill
At 03:31 PM 8/19/2002, Paul J. Reder wrote:
After fixing the parse_cmd code to be able to handle escaped quotes (so that
it would process the full
/bin/awk '{print NR\: \ $N}'
instead
desk checked it and the concept looks fine.
At this point I would recommend finishing your testing and submit
all of your work (in parts if too big) and I or someone else will
commit it for you.
Thanks.
Paul J. Reder
Eric Prud'hommeaux wrote:
On Thu, Aug 01, 2002 at 07:55:32PM -0400, Paul J
look at your code with comments and commit
your patch for you.
Let me know.
By the way, how tested is your code?
Thanks,
Paul J. Reder
Eric Prud'hommeaux wrote:
On Thu, Aug 01, 2002 at 08:52:49AM -0400, Bill Stoddard wrote:
mod_mem_cache fomr HEAD should work. mod_disk_cache is still broken
...as in stick a fork in it, its 'DONE. ;)
Rasmus Lerdorf wrote:
As it happens, DONE is defined to be -2. :-)
Ok, I will use that, but 'DONE' doesn't really give the impression of
being a fatal error return value.
-Rasmus
--
Paul J. Reder
just thought there was no sense fixing each of the
symptoms if there is a bigger problem, but Ryan pointed out that it
only *looked* the same. So, never mind...
Greg Ames wrote:
Paul J. Reder wrote:
This looks exactly like the problem that Allan and I ran into when you
tried to send a request
needs to be setup or tagged differently so that the
error doesn't go back through all the same code that generated the
error condition in the first place. Just a clueless guess on my part.
Paul J. Reder
Greg Ames wrote:
Colm MacCárthaigh wrote:
also; anyone looking to replicate, I can produce
of ap_strtol.c, so those will
require attention. TR's coming soon!!
Thanks,
Cliff
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen
noted
in CAN-2002-0392 (mitre.org) [CERT VU#944335] regarding a vulnerability
in the handling of chunked transfer encoding. We would like to thank
Mark Litchfield of ngssoftware.com for discovering and reporting the
vulnerability.
--
Paul J. Reder
with HTTP-on-the-HTTPS port.
Reported by: Paul J. Reder
Submitted by: Ryan Bloom
Revision ChangesPath
1.76 +7 -0 httpd-2.0/modules/ssl/ssl_engine_kernel.c
Index: ssl_engine_kernel.c
===
RCS
).
Thanks for any pointers here.
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his share in this defense
ap_die and ap_discard_request_body() on Friday evening.
Ryan
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
Bad news. I just finished running
cvs update -dP httpd-2.0;cd httpd-2.0;make distclean;buildconf;config.nice;make;make
install
and tested it. The same thing still happens with the config I referenced earlier.
Any other ideas?
Paul J. Reder wrote:
Hmmm, I missed them. I'm updating
contains a build of apache. Admittedly, it is
pretty
difficult to comunicate much information in a filename, but I think we
can
improve on this.
So -win32-build-src isn't terribly ambigious, or should we name it
-win32-make-src, or simply -win32-src?
Bill
--
Paul J. Reder
, , FALSE);
}
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his share in this defense are the constitutional
.
*/
rv = apr_thread_create(threads[i], thread_attr,
worker_thread, my_info, pchild);
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
to apples comparisson, here is the status at the
1 hour mark (above). Requests per second has remained close to 100
the whole time. An extra 2 GB of data was sent, about 20,000 extra
requests were processed with less system thrashing.
--
Paul J. Reder
to starve even though there are a
small (but growing) number of new threads.
This patch allows the server to maintain a higher level of responsiveness
during the ramp up time.
Paul J. Reder
Jeff Trawick wrote:
Bill Stoddard [EMAIL PROTECTED] writes:
(I would have quoted but the text is way out
the results may not hold up in the
long run...
Paul J. Reder
Aaron Bannert wrote:
On Thu, Apr 25, 2002 at 11:30:54AM -0400, Bill Stoddard wrote:
Would someone care to see if this fixes the worker MPM performance problem reported
earlier on the list (request-per-second dropping when clients
J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his share in this defense are the constitutional rights secure.
-- Albert
This is *not* equivalent code. In the deleted line the increment happens
*after* the check. In the replacement line of code the increment happens
during the check. This patch is wrong and should be backed out.
Paul J. Reder
[EMAIL PROTECTED] wrote:
bnicholes02/03/28 16:39:56
Modified
Nevermind. Should have read the rest of my mail before commenting. I see
that it has already been fixed. Sorry for the noise.
Paul J. Reder wrote:
This is *not* equivalent code. In the deleted line the increment happens
*after* the check. In the replacement line of code the increment happens
problem, not mod_include this time. :) I'm still tracking a different core
dump in mod_include. Hopefully I'll have it fixed soon.
Paul J. Reder
Doug MacEachern wrote:
not sure if this is related to the bucket list change or mod_includes
changes or what, but i just checked in a test adapted
That patch seems to solve at least one of the problems that I am seeing,
but I have at least one other problem and a core dump inside
send_parsed_content. I'm currently stepping though, trying to find the
source of the core dump.
I'll let you know what I find.
Paul J. Reder
Brian Pane wrote
Brian,
I'm looking into this right now. I'll let you all know what I find out.
I have some concerns about the suggested fix. I hope to have a fix
by this afternoon.
Paul J. Reder
Brian Pane wrote:
Cliff Woolley wrote:
I've spent the entire evening chasing some wacky mod_include bugs
Okay, I have recreated at least two problems in include processing, one
of which results in a core dump. I am in process of tracking them down.
It might be tomorrow before I have a patch.
Paul J. Reder
Paul J. Reder wrote:
Brian,
I'm looking into this right now. I'll let you all know what
at the latest.
Paul J. Reder
Paul J. Reder wrote:
Okay, I have recreated at least two problems in include processing, one
of which results in a core dump. I am in process of tracking them down.
It might be tomorrow before I have a patch.
Paul J. Reder
Paul J. Reder wrote:
Brian,
I'm
--
Cliff Woolley
[EMAIL PROTECTED]
Charlottesville, VA
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only
\
--disable-cgid \
--enable-cgi \
--with-ldap-include=/usr/local/include/ \
--with-ldap-lib=/usr/local/lib \
--with-ldap \
--enable-ldap \
--enable-auth_ldap \
--enable-status \
$
If it doesn't work, I need to fix something.
Cheers,
Paul J. Reder
Graham Leggett wrote:
Tim Moloney wrote:
I want
Greg Stein wrote:
As Ryan pointed out, there is no such thing as...
Cheers,
-g
You two agreeing on so many things is starting to worry me. It can *only*
be a sign of the end times. :)
--
Paul J. Reder
---
The strength
:/path/to/3rdparty/mod_foo.c
Unfortunately, configure doesn't like --add-module. Since the
documentation is wrong and/or out of data, how can I tell configure
to find and use httpd-ldap? Thanks.
--
Paul J. Reder
---
The strength
in order to get the httpd-ldap
code to configure when checked out into the httpd-2.0/modules directory.
The httpd-ldap code still doesn't compile clean, due to the lock, shm, and
rmm changes that occurred recently. I'm working on that. I'll have code
for that soon.
--
Paul J. Reder
. Reder wrote:
Perhaps I'm just really dense, but I don't see where (in the
mod_auth_digest.c code in httpd-2.0 HEAD) the following variable:
...
What obvious point am I missing?
Unless we're both blind, it's missing a call to apr_rmm_init().
-aaron
--
Paul J. Reder
to malloc are within an #if APR_HAS_SHARED_MEMORY
block, but most of the calls are not.
What obvious point am I missing?
Thanks,
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen
and clean up.
--
Paul J. Reder
---
The strength of the Constitution lies entirely in the determination of each
citizen to defend it. Only if every single citizen feels duty bound to do
his share in this defense are the constitutional rights
1 - 100 of 102 matches
Mail list logo