William A. Rowe, Jr. wrote: > William A. Rowe, Jr. wrote: >> httpd was patched for httpd -v some time ago to report both the compiled >> and loaded versions of apr[-util]. >> >> I'd like to get this into trunk/2.2/2.0 similarly for openssl. >> >> It's very common for users to hotfix openssl for security vulnerabilities, >> but the apache error log remains 'scary' to auditors and administrators... >> >> [Tue Mar 20 15:54:21 2007] [notice] Apache/2.0.59 (Unix) DAV/2 >> CovalentSNMP/3.0. >> 3 mod_jk/1.2.18 mod_ssl/2.0.59 OpenSSL/0.9.7i PHP/4.4.4 mod_perl/1.999.21 >> Perl/v >> 5.8.8 configured -- resuming normal operations >> [Tue Mar 20 15:59:51 2007] [info] Server: Apache/2.0.59, Interface: >> mod_ssl/2.0. >> 59, Library: OpenSSL/0.9.7i
Committed to trunk for your review, but unless you deliberately trip this, you probably wouldn't notice the case such as... [Tue Mar 20 20:19:22 2007] [info] mod_ssl/2.0.59 compiled against Server: Apache/2.0.59, Library: OpenSSL/0.9.7l [Tue Mar 20 20:19:22 2007] [notice] Apache/2.0.59 (Unix) DAV/2 CovalentSNMP/3.0.3 mod_jk/1.2.18 mod_ssl/2.0.59 OpenSSL/0.9.7g-fips PHP/4.4.4 mod_perl/1.999.21 Perl/v5.8.8 configured -- resuming normal operations This illustrates mod_ssl built against OpenSSL/0.9.7l, but actually running against OpenSSL/0.9.7g-fips. Bill
