David Rees wrote:
>
> Hi Jeff,
>
> The latest version of apache/mod_ssl/openssl is what you want to be using.
> This means apache-1.3.12, mod_ssl 0.9.6 and openssl 0.9.5a or 0.9.6.
Thanks, but if you note my original message, I said we're locked into
Apache 1.3.3 because of a third party module. Or, in other words, we
can't upgrade to Apache 1.3.12 and mod_ssl 2.6.x.
We're observing large memory leaks with mod_ssl 2.0.15. So my questions
are:
1. Is 2.1.6 better than 2.0.15? Why was it deprecated? The leaks we're
seeing look to be coming from SSLeay 0.9.0, anyway, so this may be
irrelevant.
2. Is there a backport of 2.6.x (or anything later than 2.1.x) to
Apache 1.3.3? This would allow us to us OpenSSL instead of SSLeay.
Any advice would be appreciated.
Regards,
-Jeff
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED]]On Behalf Of Jeff Mayzurk
> > Sent: Wednesday, October 04, 2000 11:23 PM
> > To: [EMAIL PROTECTED]
> > Subject: Best mod_ssl version for 1.3.3?
> >
> >
> > We recently build and installed mod_ssl 2.0.15-1.3.3, as it was listed
> > among the "only use these on production servers" versions. It seems to
> > be working fine.
> >
> > Looking through the changelog, though, I'm concerned about some of the
> > fixes in later versions that we're missing. We're locked into Apache
> > 1.3.3 for now because of one 3rd party, no-source-available module.
> >
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
