Although I have a personal aversion on two-character wide patchlevels, here is version 2.3.10 - because we've to tweak 2.3 until it is really stable before we can proceed with 2.4. This version provides a fix for the SSLMutex problems ("file not found") and an experimental solution for the POST problems which occured under per-URL SSL parameter re-configuration (read below for more details). Greetings, Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com Changes with mod_ssl 2.3.10 (26-Jul-1999 to 28-Jul-1999) *) Changed the handling of the `per-URL SSL re-configuration in conjunction with POST method based HTTP requests' problem: Per default mod_ssl now returns a METHOD_NOT_ALLOWED HTTP error when one tries to POST to a URL which has SSL parameters re-configured, because mod_ssl per default cannot handle this situation (for technical reasons). This way the I/O errors which occured in the past are now at least replaced by a correct error message. But when you build with --enable-rule=SSL_EXPERIMENTAL you get experimental support for this situation and you then _CAN_ use POST even in conjunction with per-URL SSL re-configurations. But nevertheless one have to keep in mind that the POST body is still transferred under the global SSL parameters and that the renegotiation (typically to a stronger cipher, etc.) happens only before the response is sent (and not before the POST data is read!). The rule of thumb is: per-URL SSL parameters _CANNOT_ be applied to _ANY_ part of the _REQUEST_, they are only guarrantied to be applied to the _RESPONSE_. In practice there are situations (for instance when the client resumes the request already with previously renegotiated parameters, etc.) where the situation _CAN_ be better. But you cannot _EXPECT_ it to be better and mod_ssl _CANNOT GUARRANTY_ it to be better, of course. *) Added support for latest OpenSSL 0.9.4-dev snapshot version. *) Fixed initialization and cleanup relazed problems with SSLMutex: The mutex is now closed before the chown and the mutex is removed only in the parent on module shutdown. *) Removed HTTPD_ROOT from EAPI_MM_CORE_PATH definition in httpd.h because it is redundant and can cause problems. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]