On Fri, Oct 30, 1998, [EMAIL PROTECTED] wrote:
> Nevermind. I confirmed my suspicions that this cannot be done with the
> current implementation of SSL + HTTP/1.1 name based virtual hosts. You
> might want to add this note to your documentation or to a FAQ:
>
> Name-based virtual hosts do not w
On Fri, Oct 30, 1998, Marc Slemko wrote:
> On Fri, 30 Oct 1998, Ralf S. Engelschall wrote:
>
> > So on a typical system an attacker who gained access to _any_ account (not
> > necessarily the UID of the httpd or the gcache process) can simply dropping
> > down gcache and this way all httpds by j
On Fri, 30 Oct 1998, Ralf S. Engelschall wrote:
> So on a typical system an attacker who gained access to _any_ account (not
> necessarily the UID of the httpd or the gcache process) can simply dropping
> down gcache and this way all httpds by just sending garbage to the gcache
> port.
What doe
Nevermind. I confirmed my suspicions that this cannot be done with the
current implementation of SSL + HTTP/1.1 name based virtual hosts. You
might want to add this note to your documentation or to a FAQ:
Name-based virtual hosts do not work with SSL/TLS because SSL and TLS
encrypt all HTTP h
Full_Name: Jay Soffian
Version: mod_ssl-2.0.13-1.3.3
OS: SunOS cimedia.com 5.5.1 Generic_103640-14 sun4u sparc sun4u
Submission from: redshift.cimedia.com (208.147.172.222)
There appears to be a bug when using namebased virtualhosts in
combination with mod_ssl. From what I can tell, apache is pr
In article <[EMAIL PROTECTED]> you wrote:
>[...a interesting discussion on the apache-ssl list with
>Ben Laurie whether assertions in server code are reasonable or not...]
>
> The discussion is pointless unless you can indicate a way in which it
> makes Apache-SSL function incorrectly.
How
On Fri, Oct 30, 1998, Trung Tran-Duc wrote:
> On Fri, 30 Oct 1998 16:48:26 GMT,
> Ralf S. Engelschall <[EMAIL PROTECTED]> wrote:
>
> > PS: Trung or others: It should be now possible to also build mod_ssl
> > as a .DLL under Win32. I've no experiences here, so I hope you
> > contribute
On Fri, 30 Oct 1998, Whit Blauvelt wrote:
> Will this product use it in a way that it can be incorporated into a
> custom-compiled Apache? The best product for many uses would put the
> minimum wrapping around RSA's stuff needed to have them consider it a
> valid license, and preserve the u
On Fri, 30 Oct 1998, Jake Buchholz wrote:
> I'd love to pass along more information (It'd make things easier for me
> to recompile each time a new version of SSLeay, Apache, or mod_ssl came
> out ;) but I'm not sure to what extent I'm allowed to help. (Seeing as
> how I'm in the states, yadda
On Fri, 30 Oct 1998 16:48:26 GMT,
Ralf S. Engelschall <[EMAIL PROTECTED]> wrote:
> PS: Trung or others: It should be now possible to also build mod_ssl
> as a .DLL under Win32. I've no experiences here, so I hope you
> contribute a few patches to me which allows us to build mod_ssl
>
Will this product use it in a way that it can be incorporated into a
custom-compiled Apache? The best product for many uses would put the
minimum wrapping around RSA's stuff needed to have them consider it a
valid license, and preserve the user's access to the maximal amount of
code in the fr
On Fri, Oct 30, 1998 at 09:58:57AM +0100, Ralf S. Engelschall wrote:
> On Thu, Oct 29, 1998, Jake Buchholz wrote:
> > You need to buy the BSAFE development libraries (although 4.0 exists,
> > only 3.0 is available for linux, but this is sufficient, since 4.0 seems
> > to only add stuff that doesn'
A lot of fixed and enhancements took place between 2.1b6 and 2.1b7. The most
noticeable enhancement (as I mentioned a few days ago) is Dynamic Shared
Object (DSO) support for mod_ssl. Read http://www.apache.org/docs/dso.html for
more details about DSO and the top-level INSTALL file of mod_ssl an
On Fri, 30 Oct 1998 12:26:21 GMT,
Ralf S. Engelschall <[EMAIL PROTECTED]> wrote:
> On Fri, Oct 30, 1998, Dave Paris wrote:
>
> > Email over the exe and I'll create a self-extracting exe for you. Just let
> > me know where it should default (expand) to.
>
> Oh, I was not precise enough. What
Hello again,
> > There are also missing some conditional Makerules, to prevent
> > to make the certificate stuff, if mod_ssl is disabled.
>
> Hm `make certificate' needs to know SSL_BASE and other stuff. This is
> only calculated when mod_ssl is actually enabled. So there is no chance to
On Fri, Oct 30, 1998, Dave Paris wrote:
> Email over the exe and I'll create a self-extracting exe for you. Just let
> me know where it should default (expand) to.
Oh, I was not precise enough. What I actually want is not only a
self-extracting program. My favorite would be that when I run patc
Hi Ralf~
Email over the exe and I'll create a self-extracting exe for you. Just let me
know where it should default (expand) to.
Best~
Dave
On Friday, October 30, 1998 6:53 AM, Ralf S. Engelschall
[SMTP:[EMAIL PROTECTED]] wrote:
> On Fri, Oct 30, 1998, Myers Christopher B wrote:
>
> > I saw a
On Fri, Oct 30, 1998, Myers Christopher B wrote:
> I saw a few posts in the archives looking for a port of Patch for win32.
>
> here is the one i used. (compiled fine, with some warnings. seems to work
> good in initial testing)
>
> binary and patched source
> http://www.halcyon.com/tzs/
Good,
I saw a few posts in the archives looking for a port of Patch for win32.
here is the one i used. (compiled fine, with some warnings. seems to work
good in initial testing)
binary and patched source
http://www.halcyon.com/tzs/
Chris
___
On Fri, Oct 30, 1998, Jan Wedekind wrote:
> I just tried to compile a SSL-patched (mod_ssl-2.0.13) apache version,
> but *without* activating mod_ssl:
>
> gcc -c -I../../os/unix -I../../include -DSOLARIS2=251 -DMOD_PERL
> - -DUSE_HSREGEX -DSERVER_SUBVERSION=\"PHP/3.0.3\" -O2 -DFPX_CORE_PATCH
Hello,
I just tried to compile a SSL-patched (mod_ssl-2.0.13) apache version,
but *without* activating mod_ssl:
gcc -c -I../../os/unix -I../../include -DSOLARIS2=251 -DMOD_PERL
- -DUSE_HSREGEX -DSERVER_SUBVERSION=\"PHP/3.0.3\" -O2 -DFPX_CORE_PATCH
- -I/usr/local/include `../../apaci` proxy_
On Thu, 29 Oct 1998, Ralf S. Engelschall wrote:
> On Thu, Oct 29, 1998, a wrote:
>
> > So what is the deal with using mod_ssl and SSLeay for a site that is making
> > some money? Does everyone actually buy a RSA license? Is it possible to? It
> > all seems confusing.
>
> We already discussed
On Thu, 29 Oct 1998, a wrote:
> Hi all,
> So what is the deal with using mod_ssl and SSLeay for a site that is making
> some money? Does everyone actually buy a RSA license? Is it possible to? It
> all seems confusing.
There is a commercial product coming out shortly that will use mod_ssl for
On Thu, Oct 29, 1998, Jake Buchholz wrote:
> On Thu, Oct 29, 1998 at 06:57:09PM +0100, Ralf S. Engelschall wrote:
> > We already discussed this stuff recently (look inside the sw-mod-ssl archives
> > for the details please). So it would be nice when one of the US citizens on
> > this list who kno
On Thu, Oct 29, 1998 at 06:57:09PM +0100, Ralf S. Engelschall wrote:
> We already discussed this stuff recently (look inside the sw-mod-ssl archives
> for the details please). So it would be nice when one of the US citizens on
> this list who know the current state of their law better than me can
25 matches
Mail list logo