On Tue, Feb 09, 1999, Toru Takinaka wrote:
> >Yeah, and at least under Solaris it's neither a bug in Apache nor in mod_ssl
> >nor in SSLeay. As it looks it's a result of a strange loading strategy in the
> >Solaris dynamic linker caused by Apache's braindead two-round initialization.
> >I've still no workaround for this Solaris problem at hand, but when I find
> >time I'll investigate again.
> I wrote a patch(?) for Solaris2.6/DSO(mod_ssl-2.1.7 or mod_ssl-2.2.2).
> This patch is useful when you use chroot.
>
> chroot /newroot /usr/local/apache/bin/httpd -DSSL
>
> *** src/modules/ssl/ssl_engine_init.c0 Tue Dec 15 20:33:53 1998
> --- src/modules/ssl/ssl_engine_init.c Tue Dec 15 20:38:59 1998
> ***************
> *** 293,298 ****
> --- 293,301 ----
> * Read the server certificate and key
> */
> ssl_init_GetCertAndKey(s, p, sc);
> +
> + /* for chroot bug T.T 1998/12/15 */
> + sc->prsaKey->meth = RSA_new()->meth;
> }
Hmmmm... I need a little bit more details about what chroot() you speak about.
Apache uses no chroot() per default, not even in suexec. So about which
chroot() do you speak here? And second, even when somewhere a chroot() is used
and it's buggy on Solaris, why does the above assignment of an RSA method
fixes anything? Please give me more background information.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
