? I think
these two bugfixes should fix the problem now. If yes, I'll release
mod_ssl 2.8.14 with it. Thanks for your help.
The patch fixed the problem for me (no php, RH 7.3.)
--
Ed Kubaitis - [EMAIL PROTECTED]
CITES/STS - University of Illinois at Urbana-Champaign
In
problems with modssl 2.8.12 and OpenSSL 0.9.7a
-- either with or without the Ben Laurie patch.
I have made the error_log and ssl_engine_log for the
failure with 2.8.13 available at
http://ejk.cso.uiuc.edu/modssl-2.8.13-logs/
--
Ed Kubaitis - [EMAIL PROTECTED]
CITES/STS - University of Illinois at Urbana
used by
~5% of IE users and ~4% of all users:
http://www.ews.uiuc.edu/bstats/latest-month.html
--
Ed Kubaitis - [EMAIL PROTECTED]
CCSO - University of Illinois at Urbana-Champaign
>
> -
> John Airey
> Internet systems support officer, ITCSD, Royal National Institute for the
> Blind,
L client implementation
with client-side SSL session cacheing to do such
indexing. Otherwise they would probably get angry
complaints from https server operators about excessive
SSL session startup overhead caused by the indexing.
------
Ed Kubaitis ([EMAIL PROTECTED])
CCSO -
> The leaks are apparently only happening in the DSO case. I'm guessing that you have
> mod_ssl statically linked into Apache, right?
Ahh. Right, both those servers were statically linked.
Ed
------
Ed Kubaitis ([EMAIL PROTECTED])
CCSO - University of Illino
Ed Kubaitis wrote:
> ...
> Ok, but here's an Apache modssl 2.5.3 parent that was started
> yesterday morning at 9:33:
> ...
Oops - typo. Meant modssl 2.6.3
------
Ed Kubaitis ([EMAIL PROTECTED])
CCSO - University of Illinois -
COMMAND
root 9445 0.0 1.0 5792 2344 ?S Apr 19 0:04 /www/apache/bin/ht
These are both on Ultra 2300's running Solaris 2.6.
Ed
--
Ed Kubaitis ([EMAIL PROTECTED])
CCSO - University of Illinois at Urbana-Champaign
om/tech/crypto/
Ed
------
Ed Kubaitis ([EMAIL PROTECTED])
CCSO - University of Illinois at Urbana-Champaign
__
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL P
ore.
> ...
But with the httpd.conf MaxRequestsPerChild parameter available to force
any and all memory leaks back to ground zero periodically, how bad *is*
this memory leak, compared to the number of people who find they can
no longer rotate their production server logs at modssl
ion server
now backed off to modssl 2.6.3. So I'll report back early
tomorrow morning (wrt UTC -0500) with the results.
Ed
--
Ed Kubaitis ([EMAIL PROTECTED])
CCSO - University of Illinois - Urbana-Champaign
__
Mads Toftum wrote:
>
> On Wed, Jul 26, 2000 at 08:44:11AM -0500, Ed Kubaitis wrote:
> >
> > Same thing with SSLSessionCache set to none. I guess that
> > clears mm-1.1.3.
> >
> Yeah - did you compile with -g before running the core through the debugger
0,0x0,0x0) + 7a8
> >
> > mod_ssl-2.6.3 with mm-1.0.12 does not have this problem.
>
> Could you try setting SSLSessionCache to none, just to check wether it has
> something to do with mm or not.
Same thing with SSLSessionCache set to none. I guess that
clears mm-1.1.3.
Ed
countering this problem.
I note that since Dana and Barry reported this problem, a
similar coredump backtrace (SSL_CTX_ctrl) was reported on
modssl-users by [EMAIL PROTECTED] (Subject: Problem with Apache)
------
Ed Kubaitis ([EMAIL PROTECTED])
CCSO - University of Illinoi
lso a man-in-the-middle-attack on PK/SSL systems I
seem to remember reading about if there isn't a trusted third
party for a client to validate a server certificate -- a
particular problem for ssh as I remember.
Those are just my recollections -- I could be wrong.
------
E
Apache 1.3.11 plus
the css patch build, install, and appear to run fine -
including the new AddCharSet... directives introduced by the
patch. So this appears to be a minor cosmetic issue only.
--
Ed Kubaitis - [EMAIL PROTECTED]
CCSO - University of Illinois at Urbana
Jay J wrote:
>
> - Original Message -
> From: "Ed Kubaitis" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Monday, December 06, 1999 12:32 PM
> Subject: Re: IE3 query
>
> > Joe McMahon wrote:
> > >
> > > Am I cor
t's worth, it's not a general problem. We have three
Solaris 2.6 machines running Apache with openssl 0.94, mod_ssl 2.4.9,
and RSAREF 2.0 with User-Agent logging, and we see successful SSL
sessions established with MSIE 3.0, 3.01, and 3.02, both Win95 and
WinNT.
-----
u sure encrypting those images/files is costing you *that* much
in terms of server CPU resources?
(Of course, if you're running a porn/mp3/warez download site, they
*might* be;-)
You can run these openssl benchmarks on your server by
ing to connect.
> Everything else seems fine. Any ideas?
>
> Jeff
> ...
Seems I vaguely remember this symptom from a while back. If I
recall, it was fixed by exiting/restarting the Netscape browsers
in my case.
--
Ed Kubaitis - [EMAIL PROTECTED]
CCSO
r way to do it. Just glad
that he took the time to document *this* one.
Welcome to the low-blood-pressure world of open-source
support:-)
Ed
------
Ed Kubaitis - [EMAIL PROTECTED]
CCSO - University of Illinois at Urbana-Champaign
Steven Pokrandt wrote:
>
> May I vent
reduced
the time out to five minutes, the problem started about five
minutes after server startup.
The same production server configured to use dbm cacheing does
not have these problems.
Ed
------
Ed Kubaitis ([EMAIL PROTECTED])
CCSO - University of Illinois - Urbana-Champaig
wnload an up-to-date browser:-)
I don't have a clue what means "Intermediate CA". This is
just my novice $0.02.
Enjoy your weekend.
--
Ed Kubaitis - [EMAIL PROTECTED]
CCSO - University of Illinois at Urbana-Champaign
"Ralf S. Engelschall"
on NT4... No problems (except
> for a certificate containing the wrong domain name).
>
> Christian.
>
> --
> ir. Christian Buysschaert - VP Engineering & Operations
> GlobalSign nv-sa - http://www.globalsign.net
>
>
Hi,
Same results as Christian with MSIE 4.0 (4.7
1.3.6 + openssl-0.9.2b
+ rsaref-2.0 on a production server tomorrow morning to
see if my fond hope is wrong.
Two background URLs:
http://www.progressive-comp.com/Lists/?l=openssl-dev&m=92211886324200&w=2
http://www.cis.ohio-state.edu/htbin/rfc/rfc2437.html
Ed
--
E
24 matches
Mail list logo
