I don't know if I have any points to give here, but if NPN does not make it to
2.4, it's fine with me to remove it from trunk also. Only mod_spdy is affected
afaik.
//Stefan
> Am 23.04.2015 um 06:56 schrieb Kaspar Brand :
>
>> On 22.04.2015 21:30, Rainer Jung wrote:
>>> Am 22.04.2015 um 17:49
On 22.04.2015 21:30, Rainer Jung wrote:
> Am 22.04.2015 um 17:49 schrieb Kaspar Brand:
>> Thanks. In the patch for ssl_private.h, the complete NPN block should
>> actually be dropped - the same block is are already part of
>> ssl_private.h, just 10 lines above.
>
> I've kept the new one and droppe
On 22.04.2015 18:45, Stefan Eissing wrote:
> I understand your argument. My pov is of someone trying to bring
> http/2 to the people. While bringing a new httpd on an existing
> system seems easy, installing a new system openssl is more
> challenging with its dependencies and the changes in hiding
ty, helper script updated to run validate-xml
On Wed, Apr 22, 2015 at 3:45 PM, Mike Rumph wrote:
> Hello Eric,
>
> This changed gives the following error when ./build.sh validate-xml is run:
>
> Buildfile: build.xml
>
> validate-xml:
> [xmlvalidate] /home/mrumph/httpd-trunk/docs/manual/mod/core.x
Hello Eric,
This changed gives the following error when ./build.sh validate-xml is run:
Buildfile: build.xml
validate-xml:
[xmlvalidate] /home/mrumph/httpd-trunk/docs/manual/mod/core.xml:1916:7:
The element type "p" must be terminated by the matching end-tag "".
BUILD FAILED
/home/mrumph/htt
Am 22.04.2015 um 17:49 schrieb Kaspar Brand:
On 22.04.2015 10:52, Stefan Eissing wrote:
I made two small patches based on the feedback from Kaspar. One for
the code and one for the documentation.
Thanks. In the patch for ssl_private.h, the complete NPN block should
actually be dropped - the sa
Hello Eric,
This change gives the following error when ./build.sh validate-xml is run:
Buildfile: build.xml
validate-xml:
[xmlvalidate]
/home/mrumph/httpd-trunk/docs/manual/mod/mod_authnz_ldap.xml:114:49:
Attribute "name" must be declared for element type "module".
[xmlvalidate]
/home/mrumph
>
> For me the time seems right to rip NPN out of trunk and only backport
> the ALPN code to 2.4.
>
I'd be +1 for that.
> Am 22.04.2015 um 17:49 schrieb Kaspar Brand :
>
>> On 22.04.2015 10:52, Stefan Eissing wrote:
>> I made two small patches based on the feedback from Kaspar. One for
>> the code and one for the documentation.
>
> Thanks. In the patch for ssl_private.h, the complete NPN block should
> actually b
On 22.04.2015 10:52, Stefan Eissing wrote:
> I made two small patches based on the feedback from Kaspar. One for
> the code and one for the documentation.
Thanks. In the patch for ssl_private.h, the complete NPN block should
actually be dropped - the same block is are already part of
ssl_private.h
On 22.04.2015 10:36, Jan Kaluža wrote:
> On 04/22/2015 09:50 AM, Kaspar Brand wrote:
>> Fiddling with OpenSSL internals
>> looks rather scary to me, at least at first sight - perhaps there's an
>> API for clearing a CRL store in OpenSSL?
>
> Unfortunately there's no such API in OpenSSL. There's "c
On 22.04.2015 10:12, Stefan Sperling wrote:
> On Wed, Apr 22, 2015 at 09:29:49AM +0200, Kaspar Brand wrote:
>> Sorry for having missed this in my previous review: we should also
>> #ifdef the SSL_RSSRC_EGD case in
>> ssl_engine_config.c:ssl_cmd_SSLRandomSeed(), to make sure that "egd:..."
>> settin
There is an error on this page which is "immutable" and cannot be
edited by an ordinary user (even logged in):
https://wiki.apache.org/httpd/FileSystemPermissions
The error is in this the last line:
What we've done here is to set all files to 640, or rw-r--r-- and
directories to rwxr-x---. Bec
I made two small patches based on the feedback from Kaspar. One for the code
and one for the documentation. Since I build against releases, I did not test
the doc patch building.
This code patch I tested against my already patched 2.4.12 with openssl 1.0.2
and 1.0.1 in mod_h2 sandbox.
Re NPN
On 04/22/2015 09:50 AM, Kaspar Brand wrote:
On 21.04.2015 12:20, Jan Kaluža wrote:
we used to have a patch against httpd-2.2.15 to add SSLDisableCRLCaching
option to not cache CRLs. I was trying to adapt this patch for
httpd-trunk and eventually include it upstream but now I'm in dead end.
The
On Wed, Apr 22, 2015 at 09:29:49AM +0200, Kaspar Brand wrote:
> Sorry for having missed this in my previous review: we should also
> #ifdef the SSL_RSSRC_EGD case in
> ssl_engine_config.c:ssl_cmd_SSLRandomSeed(), to make sure that "egd:..."
> settings are not silently ignored when mod_ssl is compil
On 21.04.2015 12:20, Jan Kaluža wrote:
> we used to have a patch against httpd-2.2.15 to add SSLDisableCRLCaching
> option to not cache CRLs. I was trying to adapt this patch for
> httpd-trunk and eventually include it upstream but now I'm in dead end.
>
> The patch removes all the CRLs from the
On 18.04.2015 19:03, s...@apache.org wrote:
> Author: stsp
> Date: Sat Apr 18 17:03:47 2015
> New Revision: 1674542
>
> URL: http://svn.apache.org/r1674542
> Log:
> mod_ssl: Check for RAND_egd() at configure time and only use it if present.
> Fixes the build with LibreSSL which does not provide th
18 matches
Mail list logo