ANNOUNCE: mod_ssl 2.6.3

Sun, 16 Apr 2000 04:07:57 -0700 


mod_ssl 2.6.3 now available. Nothing fancy, just the usual amount of
maintainance cleanups and fixes (for details see the appended CHANGES
entries). Grab it from:

http://www.modssl.org/source/
 ftp://ftp.modssl.org/source/

Yours,
                                       Ralf S. Engelschall
                                       [EMAIL PROTECTED]
                                       www.engelschall.com

  Changes with mod_ssl 2.6.3 (02-Mar-2000 to 16-Apr-2000)

   *) Moved the session cache expire time calculation and handling in
      ssl_engine_scache.c down to the particular cache-type dependent
      expire functions to allow a custom vendor supplied cache to perform
      its own expire handling.

   *) The sub-shells from libssl.module are now called with an
      explicitly determined Bourne Shell (instead of the implicit she-bang
      line). This both avoids problems on brain-dead platforms where
      /bin/sh is broken (Ultrix, etc.) and workarounds a CVS problem in
      OpenBSD where on read-only checkouts the x-bits sometimes get lost.

   *) Do a slightly better initialization of the random file
      in src/support/mkcert.sh if $HOME/.rnd doesn't exist.

   *) Be aware of OpenSSL 0.9.5's X509_V_ERR_CERT_UNTRUSTED error.

   *) Cleaned up and optimized ssl_engine_vars.c by kicking out the old
      static cipher table and calculating the cipher bits dynamically. This
      avoids lots of string comparisons, reduces further maintainance costs
      and makes the code smaller.

   *) Cleaned up pkg.contrib/truerand.c: volatile variables,
      correct function return types, etc.

   *) Fix HTTPS proxy support: if SSLProxyVerify is Off, we don't need
      to log any errors if the certification fails. Additionally we now
      don't free the proxy context after a connection, because we will need
      it for the next proxy connection we make.

   *) Activate `SSLMutex sem' also on HPUX.

   *) Allow libssl.module to handle CFLAGS="cc -flags".

   *) Fixed typo in ssl_intro.wml: "message" was written twice

   *) Added two eval casts for ap_md5() calls.

   *) Fixed typo in ssl_faq.wml: SSLRandSeed -> SSLRandomSeed.

   *) Add final messages also under "configure --with-eapi-only" which
      give a hint to proceed with --enable-module=so --enable-rule=EAPI in
      the Apache source tree.

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to