And remove/update the reference to it off http://httpd.apache.org/modules/
On Wed, Mar 15, 2017 at 1:36 PM, Jose Kahan wrote:
> Hi,
>
> It's been a couple of months (if not more) that the 3rd party
> module repo is unavailable. the last discussion I saw about
> this site dates from Nov 2016, wh
My profound respect and gratitude to all the individuals involved in
supporting, developing, testing and documenting h2.
With love and awe,
Buanzo.
On 14 Oct 2015 11:02 am, "Nick Kew" wrote:
> On Wed, 14 Oct 2015 08:58:48 -0400
> Jim Jagielski wrote:
>
>
> > Once again, I'd like to thank them p
+1
On Nov 29, 2012 2:34 PM, "Gregg Smith" wrote:
> On 11/29/2012 7:42 AM, Igor Galić wrote:
>
>>
>> Has anyone consider that in the meanwhile we update our
>> website to officially endorse ApacheLounge?
>>
>> Not endorse any, just list the possibilities, there are a few.
>
NICE
On Oct 3, 2012 5:28 AM, "Joe Orton" wrote:
> On Wed, Sep 26, 2012 at 11:10:07AM -0400, Jan Kaluza wrote:
> > attached patch adds new module called mod_systemd. Systemd [1] is
> > service manager for Linux. Although httpd works with systemd normally,
> > systemd provides sd_notify(...) funct
It is a wonderful tool, my vote does not count, but please +1 !!
On Tue, Dec 13, 2011 at 12:46 PM, Issac Goldstand wrote:
> +1 on adopting
>
> On 13/12/2011 17:19, Graham Leggett wrote:
>> Hi all,
>>
>> I have concluded negotiation with the BBC to open source some httpd modules
>> that I wrote u
gt; Thanks Bill, and thanks as well for your service!
>
- --
? Arturo "Buanzo" Busleiman ? - http://soundcloud.com/no-carrier -
Independent Linux and Security Consultant - 16+y of IT exp. at your service .
OWASPer - http://www.buanzo.com.ar/pro/eng.html ..:
-BE
Been there, done that:
http://wiki.buanzo.org (enigform and mod_openpgp)
Not x509, though.
On 11/20/10, Rob Lemaster wrote:
> I would like to propose an enhancement to the Apache web server for
> secure authentication.
>
> If this is the wrong list, pls. reply with the correct list and I will
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Eric Covener wrote:
> mod_gzip is not part of the Apache HTTP Server source distribution --
> it's third-party. I'm assuming you meant mod_deflate.
It should. It's great.
- --
Arturo "Buanzo" Busleiman
Independen
"), a non-http protocol for web
transport...
- --
Arturo "Buanzo" Busleiman
Independent Linux and Security Consultant - OWASP - SANS - OISSG
http://www.buanzo.com.ar/pro/eng.html
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla
I haven't released any mod_openpgp code
for any other thing
other than Apache for a reason: i love it.
- --
Arturo "Buanzo" Busleiman
Independent Linux and Security Consultant - OWASP - SANS - OISSG
http://www.buanzo.com.ar/pro/eng.html
-BEGIN PGP SIGNATURE-
Vers
is wrong with current
Apache.
Great thread.
- --
Arturo "Buanzo" Busleiman
Independent Linux and Security Consultant - OWASP - SANS - OISSG
http://www.buanzo.com.ar/pro/eng.html
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://e
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Jérôme Renard wrote:
> Hope that helps.
Indeed it does. Very concise and clear code, Jérôme. Merci.
- --
Arturo "Buanzo" Busleiman / Arturo Busleiman @ 4:900/107
Independent Linux and Security Consultant - SANS - OISSG
e, so I don't need no persistant
dbd pools, nothing
fancy... just... one query :) Any pointers or should I just -lsqlite3 ? :)
- --
Arturo "Buanzo" Busleiman / Arturo Busleiman @ 4:900/107
Independent Linux and Security Consultant - SANS - OISSG - OWASP
http://www.buanzo.com.ar/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
John David Duncan wrote:
>if(strcmp(r->handler,my_name)) return DECLINED;
why aren't you using strncmp?!
Sorry, couldn't help it. I've seen (and exploited) way too many vulns like this.
- --
Arturo "Buanzo"
d modules.
I agree... that, or mod_lua_wombat :P
- --
Arturo "Buanzo" Busleiman
Independent Linux and Security Consultant - SANS - OISSG - OWASP
http://www.buanzo.com.ar/pro/eng.html
Mailing List Archives at http://archiver.mailfighter.net
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Paul Querna wrote:
> Any other ideas?
mod_lua_wombat ?
- --
Arturo "Buanzo" Busleiman
Independent Linux and Security Consultant - SANS - OISSG - OWASP
http://www.buanzo.com.ar/pro/eng.html
Mailing List Archives at http://archiver.ma
dn't work on lighttpd, I suppose.
Exactly, that's why I still use Apache for them. (example: pmwiki)
> Mod_security can front fastcgi quite easily. There may be some instances
> where it doesn't work for all types of rules. (?)
I'd appreciate more information from y
a lot of Apache for
reverse-proxy
setups, for instance, using lighttpd to serve static content, but keep Apache
in the front for
mod_security, for example.
- --
Arturo "Buanzo" Busleiman
Independent Linux and Security Consultant - SANS - OISSG - OWASP
http://www.buanzo.com.ar/pro/eng.html
Ma
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Paul Querna wrote:
> One might just magically appear if people would like it
I would! Abracadabra!
- --
Arturo "Buanzo" Busleiman
Independent Linux and Security Consultant - SANS - OISSG - OWASP
http://www.buanzo.com.ar/pro/eng
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
William A. Rowe, Jr. wrote:
> I'm pointing out this isn't a connection limit, it's a request limit, and
> we should probably commit it with an appropriate module name :)
mod_req_limit or another variant thereof?
- --
Artu
you are, then rename it to something
entirely different
like mod_null.
- --
Arturo "Buanzo" Busleiman
Independent Linux and Security Consultant - SANS - OISSG - OWASP
http://www.buanzo.com.ar/pro/eng.html
Mailing List Archives at http://archiver.mailfighter.net
-BEGIN PGP SIGNA
che dev team will be near there and would like to
join me for some beer +
geek talk, just let me know via private eMail.
- --
Arturo "Buanzo" Busleiman
Independent Linux and Security Consultant - SANS - OISSG - OWASP
http://www.buanzo.com.ar/pro/eng.html
Mailing List Archives at h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
No feedback in modules-dev. Anyone in here?
- Original Message
Subject: apr_dbm and python/ruby/etc
Date: Sun, 22 Jun 2008 18:31:35 -0300
From: Arturo 'Buanzo' Busleiman <[EMAIL PROTECTED]>
Organization: GNU/B
Hi Andrew!
buanzo:gZtiobxUnO/vc
Use that.
Too bad about the short notice, but I'll do my best.
Yours,
Andrew Ford wrote:
Nick Gearls wrote:
I'm interested
If you are still interested drop me a htpasswd entry and I'll give you
access to the review site. I am running late but I hav
declare my parsing struct on the
config and keep it there, or
does anyone have a better idea?
Sincerely,
PS: Happy New year!!!!
- --
Arturo "Buanzo" Busleiman
BUSCO Baterista para estilo brit-pop Zona Norte BsAs
Independent Security Consultant
,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
== end netcat output ==
As you can see, #anchors are not sent in the request. They are just
browser-side named references.
You'll never get those. At least not with firefox.
- --
Arturo "B
On 11/30/07, Sam Carleton <[EMAIL PROTECTED]> wrote:
> That is exactly what I was think about! I read the article and read
> through the apr_buckets.h and am still seeking more info. Does anyone
> know if any of the existing modules use a simply bucket system to
> build a string as an example for
might be talking about bucket brigades. You can create a brigade, transform
each string into a
bucket, then insert/append after/before another reference bucket, etc.
This will give you an idea:
http://www.onlamp.com/pub/a/apache/2001/09/20/apache_2.html
- --
Arturo "Buanzo" Bu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Guenter Knauf wrote:
> application/x-7-zip 7z
Some GNU/Linux distributions already add it!
- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
Servicios Ofrecidos: http://www.
version for 2.x.)
I'm using it. And it works perfectly.
- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
Servicios Ofrecidos: http://www.buanzo.com.ar/pro/
Unase a los Foros GNU/Buanzo - La palabra Comunidad en su maxima expresion.
-BEGIN PGP SI
ed, but software-aided I guess,
feature. Yes,
clueless admins might be open to XSI attacks, but... PHP for instance, provides
register_globals in
Off default. Knowledgeable admins still can enable it if they know (or believe
to know) what they're
doing. Sounds pretty similar a discussion t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Julian Williams wrote:
> Is it just not possible to modify the headers at this point in the
> processing 'pipeline' or is there a different way that I can do it?
What TYPE of input filter is it?
- --
Arturo "Buanzo&q
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
prasanna wrote:
> Any help to divert the url request to new url without browser knowledge?
mod_rewrite ?
- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
Servicios Ofrecidos: http://www.buanzo.com.ar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Joe Lewis wrote:
> Rather inactive when it comes to the ASF.
Ouch :)
- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
SHOW DE FUTURABANDA - Sabado 18 de Agosto 2007 (Speed King, Capital Fede
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Joe Lewis wrote:
> Just for kicks and giggles, I went out and put "ryan bloom apache output
Talking about Ryan, where is he?
- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
SHOW DE FUTURABA
have a need for serverside session information
> to be shared across all workers, or you wouldn't have asked.]
You're quite right, as usual.
- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
SHOW DE FUTURABANDA - Sabado 18 de Agosto 20
r) options.
- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
SHOW DE FUTURABANDA - Sabado 18 de Agosto 2007 (Speed King, Capital Federal)
Entradas anticipadas a traves de www.futurabanda.com.ar - Punk Rock Melodico
-BEGIN PGP SIGNATURE-
Version: Gnu
ole
request first).
Sincerely,
- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
SHOW DE FUTURABANDA - Sabado 18 de Agosto 2007 (Speed King, Capital Federal)
Entradas anticipadas a traves de www.futurabanda.com.ar - Punk Rock Melodico
-BEGIN PGP SIGNATURE
t; game" to pull this from within a BODY data
> input filter.
Might sound like it.
> But if simple internal-redirect works to get you
> to your "secret" document and your existing filter
> is able to successfully decrypt the PGP payload...
>
> ...does THIS
to interpret the Upgrade header.
WAY interesting. I'll see if I can come up with a scheme that utilizes it.
Thanks for the pointer,
William.
- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
SHOW DE FUTURABANDA - Sabado 18 de Agosto 2007 (Speed King,
crypting the required headers, body, and maybe the
itself, or the query
string if it is a GET request. But it would add LOTS of overhead. A simple 2
character string could
become a 1024 bytes monster when using openpgp. Encrypting the whole request
allows for less
overhead, more privacy, less CPU us
u/7Hh1WOm7sIzOsglxI3C/gtG6xFBq9S6Nc13shGfY9WojVVGMUKRPt5
hmcD4bE595UcunoBb8VAKloZ15jD149fqc/evzgeMZIEpVloqd2dj98E6d0m5LPR
+7NBnqaKrn+Z5lTA8z1mhMMv17pSi0XxczA/3Vs2Vn+/zpuupR7fdXZY1uiu6vGr
3SwZkRx6hJHdVA6y+J7OC5YOtBKUxTGc1N4oa1uUhhPmViwFURCuZqxqRbE=
=OPnL
- -END_PGP_MESSAGE-
- --
Arturo "Bua
connection filter" just
> like mod_ssl does but does NOT require EAPI or any rewrites
> to standard Apache. The methods used in the legacy mod_gzip
> will still work in the 2.0 series, if desired.
I'll take a good look at that. Thanks for the suggestion.
- --
Arturo "Buanzo&qu
the whole
request before attempting to decrypt it, that's the nature of openpgp-encrypted
data.
Regarding mod_ssl, I believe that as it is stream-oriented, it encrypts by
chunks, and decrypts in
the same fashion, something like a direct replacement stage.
- --
Arturo "Buanzo" Buslei
er to "what the heck" is now clear.
- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
SHOW DE FUTURABANDA - Sabado 18 de Agosto 2007 (Speed King, Capital Federal)
Entradas anticipadas a traves de www.futurabanda.com.ar - Punk Rock Melodico
-BEGIN PGP SI
HTTP/1.1\r\n), and "then", append mode bucket brigades. But HOW to actually do
this is eluding me.
Any ideas or different approaches to this problem?
The source for the function can be obtained from:
http://www.buanzo.com.ar/files/openpgp.conn.filter.in.c
It's a ripoff from the
v than modules-dev (although I've
been there since I
first started mod_openpgp, OpenPGP request/response encryption should
definitely be httpd-dev assisted).
I will not started with questions right now, but I'll politely wait for your
questions, if you have
any, so I do not disturb the
ore details, I don't want to post a long message
again:
http://mail-archives.apache.org/mod_mbox/httpd-modules-dev/200706.mbox/browser
Thanks!
- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
¿Su empresa consume demasiado ancho de banda? ¡Consult
ost-config?
Sincerely,
Buanzo
- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
OpenPGP for HTTP: New Web-Auth Scheme: http://freshmeat.net/articles/view/2599
Consulting and Secure Mail Hosting: http://www.buanzo.com.ar/pro/
-BEGIN PGP SIGNATURE-
V
little bit more experienced, I'll check out mod_echo and follow your
hints!
Thanks!
- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
Foros GNU/Buanzo: Respeto, Soluciones y Buena Onda: http://foros.buanzo.com.ar
Consulting and Secure Mail Hostin
erbs GET, POST, etc, but couldn't get
to it, so I developed
the firefox extension by adding headers (much more clean and backwards
compatible), but now that the
subject arises... Can you give me any pointers?
- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Inf
that will be
enabled to access the
Apache instance your Enigform-enabled Firefox will connect to.
To download the horrible source tarball, go here:
http://www.buanzo.com.ar/files/mod_auth_openpgp-alpha1.tgz
Check out the included README.
And remember, this is ALPHA! :P
- --
Arturo "B
d be previewing?
Sincerely,
Buanzo
- --
Arturo "Buanzo" Busleiman - Consultor Independiente en Seguridad Informatica
Foros GNU/Buanzo: Respeto, Soluciones y Buena Onda: http://foros.buanzo.com.ar
Consulting and Secure Mail Hosting: http://www.buanzo.com.ar/pro/
-BEGIN
53 matches
Mail list logo