Re: Apache 1.3.20/ModSSL2.8.4/OpenSSL0.9.6b builds but core dumps.

2001-07-28 Thread Magnus Stenman

I'm running imap, fetchmail, pine, etc (from redhat)
mutt, apache, php (external sources, apache from Henri G.)
stunnel, sendmail (internally made RPMs)

which all use ssl, with no problems
(well you have to force Henri's apache RPMto ignore
 the openssl 0.9.6 dependency)
on several RedHat 6.2's with the latest RH updates including the
openssl-0.9.5a-7.6.x

So if you just need standard apache-mod_ssl functionality
maybe you could just use the apache-mod_ssl-1.3.20.2.8.4-2 RPMs?

(you can always apxs compile add-on modules)



/magnus


[EMAIL PROTECTED] wrote:
 
 -Original Message-
 From: Lanny Baron [mailto:[EMAIL PROTECTED]]
 Sent: 26 July 2001 18:06
 To: [EMAIL PROTECTED]
 Subject: Re: Apache 1.3.20/ModSSL2.8.4/OpenSSL0.9.6b builds but core
 dumps .
 
 
 Hi,
 Perhaps a try..FreeBSD.
 
 Regards,
 Lanny
 
 Thanks for the hint, but we've been running RedHat for several years now.
 I'm the only one who understands how most of it works and changing to
 FreeBSD would only complicate an already difficult situation.
 
 Your suggestion is a bit like asking for directions and getting the response
 I wouldn't start from here if I were you! ;-)
 
 There does appear to be a major problem with building openssl 0.9.6a and b
 on RedHat 6.2, which I've not got to the bottom of. I have successfully
 built openssl 0.9.6 from source rpms, but I and several others cannot get
 later editions to work.
 
 I can post the folllowing if it helps:
 
 The build part of a working 0.9.6 spec file.
 The errors obtained when trying to build 0.9.6a and 0.9.6b from the
 preceding spec file.
 The build part of RedHat's spec file for building what they claim is
 equivalent to 0.9.6b (even if it doesn't look like it!)
 
 I have been in contact with the previous providers of the RPMs for RedHat,
 and received a response from one of them that he is no longer building them
 as RedHat now includes it.
 
 Actually I was going to post to the openssl list the problems with this
 issue, as RedHat 7.x depends on 0.9.6 being installed and installing a later
 version via RPMs breaks 24 other packages!
 
 -
 John Airey
 Internet Systems Support Officer, ITCSD, Royal National Institute for the
 Blind,
 Bakewell Road, Peterborough PE2 6XU,
 Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED]
 
 -
 
 NOTICE: The information contained in this email and any attachments is
 confidential and may be legally privileged. If you are not the
 intended recipient you are hereby notified that you must not use,
 disclose, distribute, copy, print or rely on this email's content. If
 you are not the intended recipient, please notify the sender
 immediately and then delete the email and any attachments from your
 system.
 
 RNIB has made strenuous efforts to ensure that emails and any
 attachments generated by its staff are free from viruses. However, it
 cannot accept any responsibility for any viruses which are
 transmitted. We therefore recommend you scan all attachments.
 
 Please note that the statements and views expressed in this email
 and any attachments are those of the author and do not necessarily
 represent those of RNIB.
 
 RNIB Registered Charity Number: 226227
 
 Website: http://www.rnib.org.uk
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: mod_ssl and name-based virtual hosts

2001-07-23 Thread Magnus Stenman

http://www.modssl.org/docs/2.8/ssl_faq.html#ToC47

[EMAIL PROTECTED] wrote:
 
 can some one send me the proper syntax for setting up name-based virtual
 host with ssl?
 I have tried several things and only nonvitrual host seem to work.
 
 thanks
 Robert
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]]On Behalf Of Michael Grant
 Sent: Wednesday, July 18, 2001 3:52 AM
 To: [EMAIL PROTECTED]
 Subject: Re: mod_ssl and name-based virtual hosts
 
 Jeff wrote:
  What is the host name (common name) in the certificates ???
  I suspect you have used *.mydomain.dom - correct ???
 
 Hmm, I'm also using name based virtual hosting with ssl as well, but
 my cert isn't *.domain.dom, it's just cn=domain.dom.  The virtual
 hosts are of the form sub1.domain.dom and sub2.domain.dom.
 
 When I first accessed the domain, my browser asked me to accept the
 cert, it never said anything about the domain names not matching.
 
 I do, however, get the following errors in my apache_ssl_engine_log:
 Init: (sub1.domain.dom:443) RSA server certificate CommonName (CN)
 `domain.dom' does NOT match server name!?
 
 but otherwise, it doesn't seem to cause any problems except that I
 have this annoying floating point error...
 
 For those who asked previously, I'm running
 
 % httpd -version
 Server version: Apache/1.3.20 (Unix)
 Server built:   May 24 2001 17:21:45
 
 % gcc --version
 2.95.3
 
 % uname -v
 FreeBSD 4.3-STABLE #0: Sat Apr 28 11:05:39 EDT 2001
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



ANNOUNCE: mod_ssl 2.6.6 RPMs

2000-08-14 Thread Magnus Stenman

Get them at the ususal place:

http://www.modssl.org/contrib/



/magnus

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: : apache+modssl+... got SEGVs

2000-07-30 Thread Magnus Stenman

On Sat, Jul 29, 2000 at 09:38:47PM +0200, Mads Toftum wrote:
 On Sat, Jul 29, 2000 at 11:49:20AM -0700, David Rees wrote:
  
  This sounds like an excellent idea.  This would surely help most users who
  would like to use RPMs, and reduce the number of issues with mismatched
  RPMs causing problems.  Now, who's going to do it?  ;-)
  
 As I said, I'll do it - if none of those contributing the rpm's will :-)

Nice idea, but we need access to the modssl.org web pages.

And they are generated with wml, I believe, so something
has to be worked out there, too.


Something Ralf has to arrange/comment on.


/magnus


PS: have you tried the RedHat 6.2 php, modperl, RPMs?
I think those are APXS compiled against an EAPI Apache.

 
 vh
 
 Mads Toftum
 -- 
 `Darn it, who spiked my coffee with water?!' - lwall
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: : apache+modssl+... got SEGVs

2000-07-28 Thread Magnus Stenman


On Fri, Jul 28, 2000 at 02:07:51AM -0700, David Rees wrote:
 On Wed, Jul 26, 2000 at 11:17:14AM +0200, Hugues Pisapia wrote:
 
  And sometimes (well, more often with MSIE than with Mozilla :), apache gets
  Segmentation faults. It seems that it comes from openssl or modssl as i tried
  many configurations. Apache gets SEGVs only when the virtual host with modssl 
  is running. I tried many thing to figure out where it comes from, but i have no
  more idea... Could someone help me, at least to give me a clue ?
  
  Last things : i tried the solution in the FAQ, i.e. to change the
  SSLSessionCache directive arguments, but i'm running apache from a rpm, so i
  don't have mm support, and my project manager will kick me if i say that i
  have to recompile apache :/, so i'd like to avoid that.


The RPMs at modssl.org have mm compiled in.


 
 No one has had good luck when using RPMs to install mod_ssl.  I'm afraid that
 recompiling Apache from scratch is the way to go.


What's the problem with the RPMs?

I roll them, and if you got a RPM specific porblem,
I'll be happy to look at it.


 
 Why will your project manager kick you for recompiling Apache?  You'll only
 be down for a second or two when you install the newly compiled Apache.

Maintenence? It's easier with RPMs...


/magnus


 
 -Dave
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: : : apache+modssl+... got SEGVs

2000-07-28 Thread Magnus Stenman

On Fri, Jul 28, 2000 at 09:03:57AM -0700, David Rees wrote:
   No one has had good luck when using RPMs to install mod_ssl.  I'm afraid that
   recompiling Apache from scratch is the way to go.
  
  What's the problem with the RPMs?
  
  I roll them, and if you got a RPM specific porblem,
  I'll be happy to look at it.
 
 Maybe if everyone used the RPMs you rolled there wouldn't be any problems,
 but it seems that people want to take one RPM from every site, throw them
 all together, and hope they work.  Then they don't because one package
 wasn't compiled with the right options (like EAPI) There just seems to be
 too many variables if you want to use RPMs to build Apache/mod_ssl,
 especially since a lot of people would also like to use RPMs to install
 other Apache modules I'm sure (php, mod_perl).  It also seems that a lot

Yeah, mixing Apache RPMs is evil, the dependency facilities in RPM
is just not enough to achieve full modularity in apache-mod_ssl

There should probably be a FAQ just for doing this...

And some things just don't run reliably as a loadable module
no matter what you do... mod_perl for example...


But I hear that RedHat 6.2 work fairly well, I haven't confirmed,
though.


 of the people that come to the list reporting Apache/mod_ssl crashes are
 using RPMs.


Yeah, and often mixing non-EAPI/EAPI stuff.

Too bad the apache group didn't include EAPI, but started to discuss
how to do it better, ending up with nothing...


/m


 
   Why will your project manager kick you for recompiling Apache?  You'll only
   be down for a second or two when you install the newly compiled Apache.
  
  Maintenence? It's easier with RPMs...
 
 Can't argue with you there.
 
 -Dave
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



ANNOUNCE: mod_ssl 2.6.5 RPMs

2000-07-13 Thread Magnus Stenman

It took some time due to vacation, but here they are:

http://www.modssl.org/contrib/

(Note that the Redhat version in the release number
 is gone now, so the filenames are
 apache-mod_ssl*-1.3.12.2.6.5-0.*
 now. There are also some other RPMs there with the
 other numbering, but I did not upload those.)

Changelog:

- mod_ssl 2.6.5
- mm 1.1.3
- removed RedHat 5.x/6.x release numbering workaround

...


-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



ANNOUNCE: mod_ssl 2.6.4 RPMs

2000-05-05 Thread Magnus Stenman

Get them at the ususal place:

http://www.modssl.org/contrib/
 


-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: installing through RPM

2000-04-28 Thread Magnus Stenman


[EMAIL PROTECTED] wrote:
 
 In a message dated 4/28/2000 7:47:22 AM Eastern Daylight Time,
 [EMAIL PROTECTED] writes:
 
  after I install the RPM, is it possible if I
   will add php3 + mysql + imap + ldap ?
 
 I don't know about them, but I am sure mod_perl works
 very badly with the RPM Apache.
 
 Beyond that, RPM Apache is not the latest, most secure
 version.

Please explain what you mean by that...

The RPM packaged version of apache-mod_ssl
is made from the latest versions.

apache-mod_ssl-1.3.12.2.6.3-0.6.0.i386.rpm
apache-mod_ssl-devel-1.3.12.2.6.3-0.6.0.i386.rpm
apache-mod_ssl-1.3.12.2.6.3-0.6.0.src.rpm

are all available in the www.modssl.org contrib area.


I have not tried compiling mod_perl with
apache-mod_ssl as a DSO (via apxs) lateley, but
if you would like to compile it statically into
apache you could do that with that SRPM.

/magnus

 -Josh
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



ANNOUNCE: apache-mod_ssl 2.6.3-1.3.12 RPMs

2000-04-18 Thread Magnus Stenman

In the usual place: http://www.modssl.org/contrib/

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



ANNOUNCE: mod_ssl 2.6.2-1.3.12 RPMs

2000-03-07 Thread Magnus Stenman

At hthe usual place:
http://www.modssl.org/contrib/

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



ANNOUNCE: mod_ssl 2.6.1-1.3.12 RPMS

2000-03-01 Thread Magnus Stenman

are in the usual place:

http://www.modssl.org/contrib/

On Tue, Feb 29, 2000 at 02:41:54PM +0100, Ralf S. Engelschall wrote:
 
 mod_ssl 2.6.1 is now available. It provides mainly PRNG changes, but
 also a few other fixes and cleanups.
 
 http://www.modssl.org/source/
  ftp://ftp.modssl.org/source/
 
 Yours,
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
 
   Changes with mod_ssl 2.6.1 (25-Feb-2000 to 29-Feb-2000)
 
*) Added support for OpenSSL 0.9.5's RAND_egd() which is now used
   to read entropy from the EGD Unix domain socket if `SSLRandSeed
   egd:/path/to/socket' is configured. 
 
*) Extended builtin PRNG seeding with a run-time stack based source.
   This way the builtin source now creates more entropy and usually
   enough to make OpenSSL = 0.9.5 happy again. If OpenSSL is still not
   happy (i.e. still not sufficient entropy exists), a warning message
   is logged by mod_ssl now.
 
*) Fixed Tanenbaum's name on the quote in ssl_intro.wml
 
*) Updated Thawte's sxnet stuff for latest OpenSSL.
 
*) Allow mod_ssl to compile also under Win32  VC++ 6.0

*) Fix OS/2 support and this way make mod_ssl again work
   also under this platform.
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: : ANNOUNCE: mod_ssl 2.6.0-1.3.12

2000-02-28 Thread Magnus Stenman

Sorry, list users
That was not intended for the list, please ignore.

/magnus

On Mon, Feb 28, 2000 at 07:49:06AM +0100, Magnus Stenman wrote:
 I made RPMs for both 2.5.1 and 2.6.0, but someone uploaded before I had
 a chance to.
 
 Problem is, those RPMs contain some errors, an invalid serial number,
 no changelog, etc
 (and as far as I've seen aren't ANNOUNCed yet.)
 
 Could you please replace them with the ones I built?
 

...
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: ANNOUNCE: mod_ssl 2.6.0-1.3.12

2000-02-27 Thread Magnus Stenman

I made RPMs for both 2.5.1 and 2.6.0, but someone uploaded before I had
a chance to.

Problem is, those RPMs contain some errors, an invalid serial number,
no changelog, etc
(and as far as I've seen aren't ANNOUNCed yet.)

Could you please replace them with the ones I built?

They are on: ftp://www.hkust.se/incoming/mod_ssl/



/magnus

PS: congrats on the marriage!

On Fri, Feb 25, 2000 at 10:31:14AM +0100, Ralf S. Engelschall wrote:
 
 Apache 1.3.12 is already around the corner and should be released
 these days (be patient, please!), so I'll release mod_ssl 2.6.0 for
 it. Because I'm not available the coming days (we have our church
 marriage-ceremony on this weekend ;) and I don't wanted to let you wait
 to use SSL with this Apache version (especially because of security
 reasons you should consider to upgrade to 1.3.12).
 
 Yours,
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
 
   Changes with mod_ssl 2.6.0 (24-Feb-2000 to 25-Feb-2000)
 
*) Merged in enhanced HTTPS Proxy Support which is derived from
   Stronghold 2.x and was originally contributed by C2Net over one
   year ago. This is still _EXPERIMENTAL_ stuff, so it is entirely
   wrapped with SSL_EXPERIMENTAL sections and has to be abled under
   built-time with --enable-rule=SSL_EXPERIMENTAL. Then the following
   new configuration directives are provided to fine-tune the HTTPS
   proxy support:
 
   o  SSLProxyProtocol [+-][SSLv2|SSLv3|TLSv1] ...
  (enable or disable SSL protocol flavors)
   o  SSLProxyCipherSuite XXX:...:XXX
  (colon-delimited list of permitted SSL ciphers)
   o  SSLProxyVerify on|off
  (whether to verify the remote certificate)
   o  SSLProxyVerifyDepth N
  (maximum certificate verification depth)
   o  SSLProxyCACertificateFile /path/to/file
  (file containing server certificates)
   o  SSLProxyCACertificatePath /path/to/dir
  (directory containing server certificates)
   o  SSLProxyMachineCertificateFile /path/to/file
  (file containing client certificates)
   o  SSLProxyMachineCertificatePath /path/to/dir
  (directory containing client certificates)
 
   This stuff is declared experimental, because it was still _NOT_
   tested in depth and is still _UNDOCUMENTED_. So keep in mind what
   SSL_EXPERIMENTAL means and use this with care!
 
*) Extended the EAPI patches to mod_proxy to allow the new
   HTTPS proxy support to be merged in.
 
*) Fixed ssl_io_suck() prototype scope in mod_ssl.h by changing
   the old #ifdef SSL_EXPERIMENTAL to the now correct #ifndef
   SSL_CONSERVATIVE.
 
*) Added "cons" and "nocons" development target to
   src/modules/ssl/Makefile.tmpl.
 
*) Upgraded to Apache version 1.3.12.
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: : RH 6.1 and apache-ssl RPM from ftp.zedz.net: Doesn't work?

2000-02-09 Thread Magnus Stenman
28 
  DARX Consulting Pty Ltd  Mobile: 04-1122 6244
  mailto:[EMAIL PROTECTED] http://www.darx.com/
  
  PGP public key: http://www.darx.com/pgp/
  __
  Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
  User Support Mailing List  [EMAIL PROTECTED]
  Automated List Manager[EMAIL PROTECTED]
  
  __
  Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
  User Support Mailing List  [EMAIL PROTECTED]
  Automated List Manager[EMAIL PROTECTED]
 Regards
 
 Rudi
 
 --
 Rudi HeitbaumPh:  +61-3-9822 1216
 Managing DirectorFax: +61-3-9822 1728 
 DARX Consulting Pty Ltd  Mobile: 04-1122 6244
 mailto:[EMAIL PROTECTED] http://www.darx.com/
 
 PGP public key: http://www.darx.com/pgp/
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: RH 6.1 and apache-ssl RPM from ftp.zedz.net: Doesn't work?

2000-02-08 Thread Magnus Stenman

What are the gcache processes doing there?

They are from apache-ssl, not apache-mod_ssl

Maybe you have ended up with files from both apache variants?

/magnus

Steve Frampton wrote:
 
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 Hi again:
 
 I discovered more up-to-date RPM's were available on ftp.modssl.org in
 /pub/contrib.  Therefore, I installed:
 
 apache-mod_ssl-1.3.9.2.4.9-0.6.0
 apache-mod_ssl-devel-1.3.9.2.4.9-0.6.0
 
 and it worked!  But on to other problems.  ;-)
 
 I am trying to get things working with PHP3.  I have downloaded the
 tarball for php-3.0.14, did a:
 
   ./configure --with-apxs=/usr/sbin/apxs --with-mysql \
   --with-apache=/usr/include
   make
   make install
 
 I then made sure that the following lines were present in my httpd.conf
 file:
 
   LoadModule php3_modulelib/apache/libphp3.so
   AddModule mod_php3.c
 
   AddType application/x-httpd-php3 .php3AddType
   application/x-httpd-php3-source .phps
 
 (PHP's "make install" procedure actually put the LoadModule and AddModule
 lines within IfDefine SSL blocks, I assumed this was incorrect so I
 moved them outside the blocks).
 
 After starting the server, connections on both ports 80 and 443 are
 refused, and there are no "httpd" processes in memory.  There *are*,
 however, a couple of gcache processes.  There are no error messages in any
 of the httpd logs, the only thing that appears after starting the server
 is the following in ssl_engine_log:
 
 [info]  Server: Apache/1.3.9, Interface: mod_ssl/2.4.9, Library: OpenSSL/0.9.4
 [info]  Init: 1st startup round (still not detached)
 [info]  Init: Initializing OpenSSL library
 [info]  Init: Loading certificate  private key of SSL-aware server localhost:443
 [info]  Init: Generating temporary RSA private keys (512/1024 bits)
 [info]  Init: Configuring temporary DH parameters (512/1024 bits)
 
 Those look normal enough.  But I can *not* interact with the server unless
 I comment out the LoadModule and AddModule lines.  :-(
 
 Any ideas?
 
 - -- LINUX: The choice of a GNU generation. --
 Steve Frampton[EMAIL PROTECTED]Japan Communications, Inc.
 Software Developer/Systems Administratorhttp://www.j-com.co.jp/
 GNU Privacy Guard ID: D055EBC5  (see http://www.gnupg.org for details)
 GNU-PG Fingerprint: EEFB F03D 29B6 07E8 AF73  EF6A 9A72 F1F5 D055 EBC5
 
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.0.0 (GNU/Linux)
 Comment: For info see http://www.gnupg.org
 
 iD8DBQE4n73amnLx9dBV68URApc3AJ93moBzZ8XykgMru4G0TpHAT2UeCwCdGrR9
 /eZS5OeyIKyDWHjOgMF2KsM=
 =kLqO
 -END PGP SIGNATURE-
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: RPM installs (mod's)

2000-01-26 Thread Magnus Stenman

No extra modules, except those in a standard apache/mod_ssl
are compiled in.

You'll have to download the SRPM and recompile it for that.


/magnus

On Tue, Jan 25, 2000 at 01:17:38PM -0800, [EMAIL PROTECTED] wrote:
 Hey All,
   I was wondering if anyone know where I can get info as 
 to what apache1.3.9+mod_ssl.rpm is compilied with in 
 terms of modules. (ie php, postgres, mysql, 
 mod_perl,etc.). Any help is greatly appreciated.
 Thanks,
 
 Harry Hoffman
 Product Systems Specialist
 Restaurants Unlimited Inc.
 (206) 634-3082 x. 270
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



ANNOUNCE: mod_ssl 2.5.0-1.3.11 RPMs

2000-01-23 Thread Magnus Stenman

At the usual location:
http://www.modssl.org/contrib/

Changelog:
* Mon Jan 24 2000 Magnus Stenman [EMAIL PROTECTED]

- mod_ssl 2.5.0
- apache 1.3.11
- suexec is compiled with umask 022
- latest RedHat logrotate and init scripts included
.
.
.

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



ANNOUNCE: apache-mod_ssl 2.4.10 RPMs

2000-01-12 Thread Magnus Stenman

In the usual place:

http://www.modssl.org/contrib/


/magnus
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



ANNOUNCE: mod_ssl 2.4.9 RPMs

1999-11-25 Thread Magnus Stenman

At the usual place:

http://www.modssl.org/contrib/
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: OT: EAPI, DSO stability

1999-10-29 Thread Magnus Stenman

Adriano Rodrigues wrote:
 
 Sorry to be a bit off topic, but I'm very curious about
 the two questions below...
 
 Does someone know if there are any plans to incorporate
 the EAPI into mainstream Apache?

There were, but somehow it never got included.
Someone on the apache list apparantly had a better solution,
which also has not been incorporated...

Status on that, Ralf?

 
 Also, I usually compile a bare bones Apache with EAPI and all my
 modules are DSO (mod_ssl, php, mod_perl, etc).
 
 But when one starts getting segfaults (mod_perl comes to mind),
 people usually recommend that you build Apache statically.

It is recommended to compile mod_perl statically.
It's a mod_perl bug, I believe.

 
 Are the problems due to Apache's DSO implementation (is it rock solid?),
 bugs in the modules, or both? Of course, I am assuming here that the
 environment is sane (a modern UNIX like FreeBSD or Linux, libs
 compiled with -fpic, etc).
 
 Thanks,
 
 --
 Adriano
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: Version

1999-10-13 Thread Magnus Stenman

http://www.apache-ssl.org/

 Charles Williams wrote:
 
 I was told we were using mod_ssl but at
 
  /apache/bin
 
 I type httpsd -v and learn:
   Server version: Apache/1.3.6 Ben-SSL/1.35 (Unix)
 
 Does anyone know where I go for documentation?
 
 Chuck Williams
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



ANNOUNCE: mod_ssl 2.4.5 RPMs

1999-10-01 Thread Magnus Stenman

RPMs and spec file at:

http://www.modssl.org/contrib/

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 ...all in all, it's just another rule in the firewall. /Ping Flood
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: ANNOUNCE: mod_ssl 2.4.4

1999-09-28 Thread Magnus Stenman

2.4.3 compiled OK on my redhat 5.2 box, but 2.4.4 barfs:

gcc -c -I../../../../mm-1.0.11 -I../../os/unix -I../../include  -O2 -m486 
-fno-strength-reduce
-DLINUX=2 -DMOD_SSL=204104 -DEAPI -DEAPI_MM -DUSE_EXPAT -I../../lib/expat-lite 
`../../apaci` -fpic
-DSHARED_MODULE -DSSL_COMPAT -I/usr/include -DMOD_SSL_VERSION=\"2.4.4\" 
ssl_engine_mutex.c  mv
ssl_engine_mutex.o ssl_engine_mutex.lo
ssl_engine_mutex.c: In function `ssl_mutex_sem_create':
ssl_engine_mutex.c:293: incompatible type for argument 4 of `semctl'
ssl_engine_mutex.c:302: incompatible type for argument 4 of `semctl'
make[4]: *** [ssl_engine_mutex.lo] Error 1
make[3]: *** [all] Error 1
make[2]: *** [subdirs] Error 1
make[2]: Leaving directory 
`/usr/src/rpmbuild/BUILD/apache-mod_ssl_1.3.9.2.4.4/apache_1.3.9/src'
make[1]: *** [build-std] Error 2
make[1]: Leaving directory 
`/usr/src/rpmbuild/BUILD/apache-mod_ssl_1.3.9.2.4.4/apache_1.3.9'
make: *** [build] Error 2
Bad exit status from /tmp/rpm-tmp.50717 (%build)



-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 ...all in all, it's just another rule in the firewall. /Ping Flood
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



ANNOUNCE: mod_ssl 2.4.3 RPMs

1999-09-27 Thread Magnus Stenman

RPM, SRPM and spec files at the usual place:

http://www.modssl.org/contrib/


changelog:

* Mon Sep 27 1999 Magnus Stenman [EMAIL PROTECTED]

- mod_ssl 2.4.3
- mm 1.0.11
- added (noreplace) to some configuration files
- removed patch to cca.sh
- added the ssl.crl and ssl.prm subdirs in conf/


-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 ...all in all, it's just another rule in the firewall. /Ping Flood
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: Apache w/ suExec + Mod SSL

1999-09-24 Thread Magnus Stenman

Take a look at the RPM spec files in the contrib area at www.modssl.org

/magnus

Chad Cordero wrote:
 
 Has anyone successfuly compiled Apache 1.3.9 + ModSSL 2.4.2 + OpenSSL 0.9.4
 or similar and also compiled Apache's suEXEC in?  I'm not shure how.
 Please help.  I can't find anything in any of the ModSSL README files or
 the FAQs.
 
 Thanks,
 
 Chad Cordero
 Telecommunications  Network Services
 California State University, San Bernardino
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: ANNOUNCE: mod_ssl 2.4.2 RPMs

1999-09-07 Thread Magnus Stenman

That's all been taken care of.


Patrick Maartense wrote:
 
 Magnus Stenman wrote:
 
  Available at
  http://www.modssl.org/contrib/
 
 
 You don't have permission to access
 /contrib/ftp/contrib/apache-mod_ssl-1.3.9.2.4.2-0.5.2.i386.rpm on this
 server.
 :-(
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 ...all in all, it's just another rule in the firewall. /Ping Flood
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: ANNOUNCE: mod_ssl 2.4.2 RPMs

1999-09-07 Thread Magnus Stenman

Right now, a binary built for 5.2 will segfault on a 6.0
system.

Henri Gomez builds the RPMs for 6.0 versions, and
they usually appear some time after I put out the 5.2 ones.

Feel free to download the .src RPM, install it, edit the
redhat version rows in the .spec file, and rebuild with
"rpm -ba apache-mod_ssl.spec"


/magnus

Patrick Maartense wrote:
 
 Magnus Stenman wrote:
 
  That's all been taken care of.
 
 
 Thankx, one more question, why only for redhat  6.0?
 
 Patrick
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 ...all in all, it's just another rule in the firewall. /Ping Flood
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



ANNOUNCE: mod_ssl 2.4.2 RPMs

1999-09-06 Thread Magnus Stenman

Available at
http://www.modssl.org/contrib/

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 ...all in all, it's just another rule in the firewall. /Ping Flood
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



ANNOUNCE: apache-mod_ssl-1.3.9.2.4.1 RPMs

1999-08-31 Thread Magnus Stenman

RPMs and spec file can be found at
http://www.modssl.org/contrib/

These RPMs are for RedHat 5.2 systems.


/magnus

--
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 ...all in all, it's just another rule in the firewall. /Ping Flood
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: Apache + mod_ssl exits cleanly on startup

1999-08-31 Thread Magnus Stenman

I have had similar problems when I tried to load
mod_perl as a DSO.

My strace showed that my apache exited in a similar manner.

Removing the mod_perl module load from the httpd.conf
cured the problem, and I have not had time to investigate
it further since.

Mod_php loads fine, so in my case the problem is mod_perl/DSO
related (DSO with mod_perl is considered alpha, I believe)

Do you use APXS compiled modules?

/magnus


Graham Leggett wrote:
 
 Hi all,
 
 I am having some hassles with Apache v1.3.9 + mod_ssl v2.4.1 under
 Redhat v6.0 (Intel).
 
 When the server is started, the server exits cleanly straight away.
 Nothing is logged, or output to stderr or stdout.
 
 An strace reveals that httpd is making a clean exit just after it's
 initialised. Anyone know what's wrong?
 
 The strace is attached.
 
 Regards,
 Graham
 --
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: GDBM error when session cache is enabled?

1999-08-27 Thread Magnus Stenman

If you haven't done so already, try to turn off the DBM
session cache in httpd.conf and use shared memory instead.

SSLSessionCache shm:/var/run/ssl_scache(512000)
#SSLSessionCache dbm:/var/run/ssl_scache

/magnus

Jeff Johnson wrote:
 
 Does anyone have any suggestions on what to do when you
 receive this error.
 
 Sorry for providing a lack of information, I'm just very
 busy at work now, right now, session cache is disabled.
 
 Server Version: Apache/1.3.9 (Unix) DAV/0.9.9 mod_fastcgi/2.2.2
 PHP/4.0B2 mod_macro/1.1.1 mod_perl/1.21 mod_frontpage/3.0.4.3
 mod_ssl/2.4.0 OpenSSL/0.9.4, using MM 1.0.9.
 
 error_log shows "gdbm error", or something similar.
 
 OS is FreeBSD 3.2.
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 ...all in all, it's just another rule in the firewall. /Ping Flood
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



ANNOUNCE: mod_ssl 2.3.11 RPMs

1999-08-03 Thread Magnus Stenman

At http://www.modssl.org/contrib/

For those of you with idling redhat 6.0 boxen,
grab the SRPM, recompile with rh defined as 6.0
and upload the RPMs...

Changelog:
* Tue Aug 03 1999 Magnus Stenman [EMAIL PROTECTED]

- mod_ssl 2.3.11
- removed some patches to the apache source, which
  now are performed by mod_ssl

* Thu Jul 29 1999 Magnus Stenman [EMAIL PROTECTED]

- mod_ssl 2.3.10

* Sun Jul 25 1999 Magnus Stenman [EMAIL PROTECTED]

- mod_ssl 2.3.8
- removed Thawte Strong Extranet Support due to
  apxs dependency problem
- changed release numbering to allow for
  simultaneous RedHat versions;
  release 0.5.2 means release 0, for RedHat 5.2
...
...


-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 ...all in all, it's just another rule in the firewall. /Ping Flood
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



ANNOUNCE: mod_ssl 2.3.1 RPMs

1999-05-28 Thread Magnus Stenman

No changes but the mod_ssl revision bump.

Get them at the usual place:
http://www.modssl.org/contrib/

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



ANNOUNCE: apache-mod_ssl-1.3.6.2.3.0 RPMs (and openssl 0.9.3 RPMs)

1999-05-26 Thread Magnus Stenman

Tested on redhat 5.2 and 6.0
Compiled on redhat 5.2

Get it at the usual place:
http://www.modssl.org/contrib/

Since I couldn't find any openssl 0.9.3 RPMs out there,
I uploaded those, too.



Name: apache-mod_ssl  Distribution: (none)
Version : 1.3.6.2.3.0   Vendor: (none)
Release : 0 Build Date: Tue May 25 17:04:37 1999
Install date: (not installed)   Build Host: starbug.inbox.se
Group   : Networking/DaemonsSource RPM: (none)
Size: 1994706  License: BSD-like
Packager: Magnus Stenman [EMAIL PROTECTED], Henri Gomez [EMAIL PROTECTED]
URL : http://www.modssl.org/
Summary : Apache HTTP daemon with SSL
Description :
apache-mod_ssl is Apache with SSL support
via mod_ssl and OpenSSL

This build is not for use in the U.S., you will have
to build your own apache-mod_ssl with RSAref for that
due to patent problems.

Built with loadable modules (all standard modules enabled).
The configuration files provided with apache
and apache-mod_ssl are unchanged.

Built for glibc6 on RedHat 5.2 and 6.0

Changes:
* Tue May 25 1999 Magnus Stenman [EMAIL PROTECTED]

- mod_ssl 2.3.0
- Changes in URLs and description
- Included more mod_ssl documentation, and
  the mod_ssl contrib directory.
- Added require for openssl = 0.9.3




-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



Re: mod_ssl-2.2.8-1.3.6 + RedHat 6.0, no ndbm found

1999-04-29 Thread Magnus Stenman

The redhat SRPM has some patches for that...
Maybe it helps?

--- apache_1.3.3/src/helpers/find-dbm-lib.nondbmFri Dec 18 17:55:25 1998
+++ apache_1.3.3/src/helpers/find-dbm-lib   Fri Dec 18 17:59:48 1998
@@ -15,8 +15,6 @@
DBM_LIB=""
if ./helpers/TestCompile lib dbm dbm_open; then
DBM_LIB="-ldbm"
-   elif ./helpers/TestCompile lib ndbm dbm_open; then
-   DBM_LIB="-lndbm"
fi
if [ "X$DBM_LIB" != "X" ]; then
LIBS="$LIBS $DBM_LIB"



Stefanita Vilcu wrote:
 
 Hello,
 
 I am trying to compile mod_ssl-2.2.8-1.3.6 on a RedHat 6.0 box  (kernel
 2.2.6).
 The problem is that the mod_ssl is looking for the ndbm package (header
 and library) which is, on the RH boxes, replaced by the gdbm package.
 Is there any patch for this or I'll have to write it?
 Below is the piece of error.
 
 === src/modules/ssl
 gcc -c  -I../../os/unix -I../../include   -DLINUX=2 -DMOD_SSL=202108
 -DUSE_HSREGEX -DEAPI `../../apaci` -DSSL_COMPAT
 -I/usr/src/openssl-0.9.2b/include -DMOD_SSL_VERSION=\"2.2.8\" mod_ssl.c
 In file included from mod_ssl.c:65:
 mod_ssl.h:282: ndbm.h: No such file or directory
 make[4]: *** [mod_ssl.o] Error 1
 
 I tried this simple trick:
 [root@test1 apache_1.3.6]# ln -s /usr/include/gdbm.h /usr/include/ndbm.h
 
 and the compilation seems to work smooth, until:
 gcc -c  -I../../os/unix -I../../include   -DLINUX=2 -DMOD_SSL=202108
 -DUSE_HSREGEX -DEAPI `../../apaci` -DSSL_COMPAT
 -I/usr/src/openssl-0.9.2b/include -DMOD_SSL_VERSION=\"2.2.8\"
 ssl_engine_scache.c
 ssl_engine_scache.c: In function `ssl_scache_dbm_init':
 ssl_engine_scache.c:227: `DBM' undeclared (first use in this function)
 ssl_engine_scache.c:227: (Each undeclared identifier is reported only
 once
 ssl_engine_scache.c:227: for each function it appears in.)
 ssl_engine_scache.c:227: `dbm' undeclared (first use in this function)
 ssl_engine_scache.c: In function `ssl_scache_dbm_store':
 ssl_engine_scache.c:276: `DBM' undeclared (first use in this function)
 ssl_engine_scache.c:276: `dbm' undeclared (first use in this function)
 ssl_engine_scache.c:277: parse error before `dbmkey'
 ssl_engine_scache.c:281: `dbmkey' undeclared (first use in this
 function)
 ssl_engine_scache.c:285: `dbmval' undeclared (first use in this
 function)
 ssl_engine_scache.c:302: `DBM_INSERT' undeclared (first use in this
 function)
 ssl_engine_scache.c: In function `ssl_scache_dbm_retrieve':
 ssl_engine_scache.c:315: `DBM' undeclared (first use in this function)
 ssl_engine_scache.c:315: `dbm' undeclared (first use in this function)
 ssl_engine_scache.c:316: parse error before `dbmkey'
 ssl_engine_scache.c:325: `dbmkey' undeclared (first use in this
 function)
 ssl_engine_scache.c:338: `dbmval' undeclared (first use in this
 function)
 ssl_engine_scache.c: In function `ssl_scache_dbm_remove':
 ssl_engine_scache.c:362: `DBM' undeclared (first use in this function)
 ssl_engine_scache.c:362: `dbm' undeclared (first use in this function)
 ssl_engine_scache.c:363: parse error before `dbmkey'
 ssl_engine_scache.c:366: `dbmkey' undeclared (first use in this
 function)
 ssl_engine_scache.c: In function `ssl_scache_dbm_expire':
 ssl_engine_scache.c:390: `DBM' undeclared (first use in this function)
 ssl_engine_scache.c:390: `dbm' undeclared (first use in this function)
 ssl_engine_scache.c:391: parse error before `dbmkey'
 ssl_engine_scache.c:414: `tNow' undeclared (first use in this function)
 ssl_engine_scache.c:415: `dbmkey' undeclared (first use in this
 function)
 ssl_engine_scache.c:417: `dbmval' undeclared (first use in this
 function)
 ssl_engine_scache.c:424: `tExpiresAt' undeclared (first use in this
 function)
 make[4]: *** [ssl_engine_scache.o] Error 1
 make[3]: *** [all] Error 1
 make[2]: *** [subdirs] Error 1
 make[2]: Leaving directory `/usr/src/apache_1.3.6/src'
 make[1]: *** [build-std] Error 2
 make[1]: Leaving directory `/usr/src/apache_1.3.6'
 make: *** [build] Error 2
 
 Thank you,
 
 -vsv
 --
 Stefanita Valeriu Valcu, Network Administrator
 Dynamic Network Technologies
 Calea Victoriei 155, bl. D1, sc. 8, et. 2
 tel: +40-1-2106863 fax: +40-1-3122745 e-mail: [EMAIL PROTECTED]
 __
 Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
 Official Support Mailing List   [EMAIL PROTECTED]
 Automated List Manager   [EMAIL PROTECTED]

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



RPM stuff

1999-04-22 Thread Magnus Stenman

For those of you who are into RPM development, I uploaded my
latest .spec for apache-mod_ssl
to http://www.engelschall.com/sw/mod_ssl/contrib/

Comments?

Btw, anyone but me having problems with mod_ssl:s libssl.so not
using shared lib{ssl,crypto}.so ?

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



Re: Updated apache-mod_ssl-1.3.6-2.2.8-1.src.rpm

1999-04-20 Thread Magnus Stenman

Mike McHenry wrote:
 
 I am in the process of uploading an updated version of the apache-mod_ssl
 package to the contrib section of sw.engelschall.com.
 
 http://www.engelschall.com/sw/mod_ssl/contrib/apache-mod_ssl-1.3.6-2.2.8-1.s
 rc.rpm
 
 I have not generated binary versions as I do not want to step on the normal
 package maintainers toes. :) Basically I merged in the latest Redhat apache
 release with the latest apache-mod_ssl package. This involved a number of
 changes to the SPEC file to get everything in synch.

Umm, I do not like that layout/spec/patchset;
it's messy
it uses the non-standard mod_bandwidth
it uses multiple config files
it does not include README documentation
   including legal aspects, licences etc

(it does some good things too -- I think I'll merge some stuff in..)

If you want to maintain the RPM releases, be my guest -- I will be
building and compiling my versions because I use them on a number of
servers -- but I won't upload them to the contrib area.

/magnus

 
 This release compiles cleanly on RH5.2 and should also compile cleanly on
 the upcoming RH6.0 release. I have this release up and running on a
 production webserver right now so I consider it to be a stable package.
 
 Mike McHenry
  Systems Administrator
  MinnNet Communications, Inc.

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



ANNOUNCE: mod_ssl 2.2.8 RPMs

1999-04-12 Thread Magnus Stenman

mod_ssl 2.2.8 RPMs are uploaded to www.engelschall.com contrib area

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



PKCS #11 Utility Package

1999-04-07 Thread Magnus Stenman

Netscape has some software that might be of
interest for some of the developers?

PKCS #11 Utility Package 1.0.5

OVERVIEW

The PKCS #11 Utility Package assists vendors of PKCS #11-compliant cryptographic 
hardware or
software verify compatibility with Netscape software. The package provides test suites 
that exercise
cryptographic modules through Netscape's security library. It also contains test 
automation tools,
as well as utilities for manipulating Netscape's security databases.

http://developer.netscape.com/software/tools/index.html?cp=dev_ltr1content=pkcs/up105.html

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



Re: PKCS #11 Utility Package

1999-04-07 Thread Magnus Stenman

Sooner or later, someone will upload it to replay.com...

Patrik Carlsson wrote:
 
 Especially for those in the US as it obey under the US export regulations :-(
 
 --Patrik
 
 Magnus Stenman wrote:
 
  Netscape has some software that might be of
  interest for some of the developers?
 
  PKCS #11 Utility Package 1.0.5
 
...

-- 
 Magnus Stenman   mailto:[EMAIL PROTECTED]   http://www.hkust.se

 Get it up, keep it up.  Linux -- Viagra for your PC
__
Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



Re: Practical solution for MSIE problems!?

1999-03-29 Thread Magnus Stenman

In which versions of MSIE did this occur?

I was thinking of a more specific regexp
so that not *all* M$IE users trigger the
unclean ssl shutdown behaviour...

/magnus
__
Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



Re: Client Test Suite: Summary

1999-03-29 Thread Magnus Stenman

Ralf S. Engelschall wrote:
 
 On Mon, Mar 29, 1999, Hans Lohmander wrote:
 
  "Ralf S. Engelschall" wrote:
  Netscape 4.5 Mac, PPC international . Failed 
[EMAIL PROTECTED]
   ``I tested the below and got "bad data from the server"
   http was fine but https was not.''
  --- deleted stuff here ---
   So, I conclude that we've NO problems at all with Netscape clients.  But we've
   problems with various IE clients. There not for all situations, but under some
   situations it looks like people can deterministically reproduce it.
  
  I still got bad data, when I tried it today, 29 mar.
  So this is still a problem with the NS 4.5 mac version.
  International 40-bit version.

I just tried NS 4.5 Mac PPC and it worked even on my unmodified mod_ssl...

 
 I cannot find any entries in the access_log from a Netscape under Macintosh.
 Are you sure you connect to en4.engelschall.com via HTTPS?  Or is it already
 failing at the top-level page before you receive anything at all?  I ask
 because your problems seems to of a different kind, but I want to setup the
 SetEnvIf for your browser, too. To allow us to check whether
 ssl-unclean-shutdown also solves your problem. So, why are there no entries
 for your connections on en4? From which IP you're coming?
 
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
 __
 Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
 Official Support Mailing List   [EMAIL PROTECTED]
 Automated List Manager   [EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



Re: Ok, Client Test Suite established

1999-03-26 Thread Magnus Stenman

Ralf S. Engelschall wrote:
 
 On Thu, Mar 25, 1999, Magnus Stenman wrote:
 
 http://en4.engelschall.com/
https://en4.engelschall.com/
 
  Dang. NS 4.08 Linux and NS 4.5 Mac work fine on all tests...
  Unfortunately I cannot give you access to my box, because it's on
  a non-public net..
  But I can enable "debug" level in the logs..
 
 Ahh... fine. I was already made-insecure and though I become totally crazy.
 So we can now conclude that at least for your situation it's seems a local
 platform problem. At least it seems it's not a general mod_ssl protocol
 problem. I've expected this, because I already went over the protocol stuff
 more than once and finally were convinced that in 2.2.5 and 2.2.6 it's now
 finally correct.
 
 Hmmm.. but nevertheless you've still the nasty problems on your platform and
 the question remains: What cause it. Using the debugging loglevel can give
 some hints, yes. It's not exactly the software versions I used, right?  I
 think the problem is inside OpenSSL, because in Apache the protocol stuff

I start to suspect that too... I use 0.9.1c (could not find newer RPMs)
but I'll upgrade to 0.9.2b and we'll see if the problem goes away.

It seems that at least some of the error reports come from
people using 0.9.1c


 wasn't changed for a long time. Have you already tried a _fresh_ (built from
 scratch!) Apache/1.3.6+mod_ssl/2.2.6+OpenSSL/0.9.2b (sorry when I ask again,
 but too much people already described their situation the last days and I
 already intermix them)?

Apache/1.3.6+mod_ssl/2.2.6+OpenSSL/0.9.1c

I included the "debug" level log snippet below


/magnus
 ssllog.gz


Re: Netscape has encountered bad data from the server.

1999-03-26 Thread Magnus Stenman

Everything works like a charm when I upgraded to OpenSSL
0.9.2b (from 0.9.1c) so that must have been the problem.

I'll release 1.3.6-2.2.6 RPMs in an hour or so.

/magnus
__
Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



ANNOUNCE: Apache-mod_ssl-1.3.6-2.2.6 RPMs

1999-03-26 Thread Magnus Stenman

Uploaded to

http://www.engelschall.com/sw/mod_ssl/contrib/

Note: you should probably be using OpenSSL 0.9.2b
  as there have been spurious problems with older versions
  combined with this apache+mod_ssl version.

Name: apache-mod_ssl  Distribution: (none)
Version : 1.3.6-2.2.6   Vendor: (none)
Release : 0 Build Date: Fri Mar 26 13:14:36 1999
Install date: (not installed)   Build Host: starbug.inbox.se
Group   : Networking/DaemonsSource RPM: 
apache-mod_ssl-1.3.6-2.2.6-0.src.rpm
Size: 4467416  License: BSD-like
Packager: Henri Gomez [EMAIL PROTECTED], Magnus Stenman [EMAIL PROTECTED]
URL : http://www.engelschall.com/sw/mod_ssl/
Summary : Apache HTTP daemon with SSL
Description :
apache-mod_ssl is Apache with SSL support
via mod_ssl and SSLeay/OpenSSL

This build is not for use in the U.S., you will have
to build your own apache-mod_ssl with RSAref for that
due to patent problems.

Built with loadable modules (all standard modules enabled).
The configuration files provided with apache
and apache-mod_ssl are unchanged.

Built for glibc6 on RedHat 5.2
__
Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



Re: Netscape has encountered bad data from the server.

1999-03-25 Thread Magnus Stenman

Here comes my trace:

[25/Mar/1999 13:10:21] [info]  Connection to child 0 established (server 
starbug.inbox.se:443)
[25/Mar/1999 13:10:21] [trace] Seeding PRNG with 1032 bytes of entropy
[25/Mar/1999 13:10:21] [trace] OpenSSL: Handshake: start
[25/Mar/1999 13:10:21] [trace] OpenSSL: Loop: before SSL initialization
[25/Mar/1999 13:10:21] [trace] OpenSSL: Loop: SSLv3 read client hello A
[25/Mar/1999 13:10:21] [trace] OpenSSL: Loop: SSLv3 write server hello A
[25/Mar/1999 13:10:21] [trace] OpenSSL: Loop: SSLv3 write certificate A
[25/Mar/1999 13:10:21] [trace] OpenSSL: Loop: SSLv3 write key exchange A
[25/Mar/1999 13:10:21] [trace] OpenSSL: Loop: SSLv3 write server done A
[25/Mar/1999 13:10:21] [trace] OpenSSL: Loop: SSLv3 flush data
[25/Mar/1999 13:10:21] [trace] OpenSSL: Read: SSLv3 read client certificate A
[25/Mar/1999 13:10:21] [trace] OpenSSL: Exit: failed in SSLv3 read client certificate A
[25/Mar/1999 13:10:21] [info]  SSL handshake stopped: connection was closed

Strange... I don't use SSLVerifyClient...


/magnus


 On Thu, Mar 25, 1999, Mark Stosberg wrote:
 
  I'm getting the same odd error as the other fellow:
  "Netscape has encountered bad data from the server." (Mac Communicator 4.51)
 
  Here's my setup:
  3.1-RELEASE FreeBSD
  Apache/1.3.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.2b
 
  And the errors from the logs:
  [Thu Mar 25 04:52:37 1999] [error] mod_ssl: SSL handshake failed (client
  199.120.185.113, server secure.infocom.com:443) (OpenSSL library error follows)
  [Thu Mar 25 04:52:37 1999] [error] OpenSSL: error:14094410:SSL
  routines:SSL3_READ_BYTES:sslv3 alert handshake failure
 
 At which state of the handshake happens this?
 Use "SSLLogLevel trace" to find this out, please.
 I wish our OpenSSL library would give more detailed descriptions...
 
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
 __
 Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
 Official Support Mailing List   [EMAIL PROTECTED]
 Automated List Manager   [EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



Re: Netscape has encountered bad data from the server.

1999-03-25 Thread Magnus Stenman

Sorry, it seems the error reports got mixed up...
My error gives the same result as Mark Stosberg saw in Netscape,
but different entries in the logs... I never get the [error]
entries, just this:

[info]  Connection to child 4 established (server starbug.inbox.se:443)
[info]  SSL handshake stopped: connection was closed

The log entries I submitted (below) is what happens if I increase the
log level to "trace"

I attached my original post to the end of this mail.

[continued]

 
  [25/Mar/1999 13:10:21] [info]  Connection to child 0 established (server 
starbug.inbox.se:443)
  [25/Mar/1999 13:10:21] [trace] Seeding PRNG with 1032 bytes of entropy
  [25/Mar/1999 13:10:21] [trace] OpenSSL: Handshake: start
  [25/Mar/1999 13:10:21] [trace] OpenSSL: Loop: before SSL initialization
  [25/Mar/1999 13:10:21] [trace] OpenSSL: Loop: SSLv3 read client hello A
  [25/Mar/1999 13:10:21] [trace] OpenSSL: Loop: SSLv3 write server hello A
  [25/Mar/1999 13:10:21] [trace] OpenSSL: Loop: SSLv3 write certificate A
  [25/Mar/1999 13:10:21] [trace] OpenSSL: Loop: SSLv3 write key exchange A
  [25/Mar/1999 13:10:21] [trace] OpenSSL: Loop: SSLv3 write server done A
  [25/Mar/1999 13:10:21] [trace] OpenSSL: Loop: SSLv3 flush data
  [25/Mar/1999 13:10:21] [trace] OpenSSL: Read: SSLv3 read client certificate A
  [25/Mar/1999 13:10:21] [trace] OpenSSL: Exit: failed in SSLv3 read client 
certificate A
  [25/Mar/1999 13:10:21] [info]  SSL handshake stopped: connection was closed
 
  Strange... I don't use SSLVerifyClient...
 
I'm getting the same odd error as the other fellow:
"Netscape has encountered bad data from the server." (Mac Communicator 4.51)
   
Here's my setup:
3.1-RELEASE FreeBSD
Apache/1.3.6 (Unix) mod_ssl/2.2.6 OpenSSL/0.9.2b
   
And the errors from the logs:
[Thu Mar 25 04:52:37 1999] [error] mod_ssl: SSL handshake failed (client
199.120.185.113, server secure.infocom.com:443) (OpenSSL library error follows)
[Thu Mar 25 04:52:37 1999] [error] OpenSSL: error:14094410:SSL
routines:SSL3_READ_BYTES:sslv3 alert handshake failure
  
   At which state of the handshake happens this?
   Use "SSLLogLevel trace" to find this out, please.
 
 But where the [error] message in your trace? Seems like you've now a different
 problem. And yes, it's strange that a client certificate is read although
 youßve not configured one. BTW, I use exactly the same software as you
 (FreeBSD 3.1, Apache 1.3.6, mod_ssl 2.2.6, OpenSSL 0.9.2b) and it works fine


I use RedHat Linux 5.2 w/ kernel 2.2.4,
Apache 1.3.6, mod_ssl 2.2.6, OpenSSL 0.9.1c

 with my local Netscape. So it really seems that those Mac-Netscapes send
 something different?  Are you sure this Netscape isn't broken? Can


It's not only Mac NS, but also Linux Netscape, and yes, they work fine
with other sites including mod_ssl ones.

 you correctly connect to other SSL sites?
 
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
 __
 Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
 Official Support Mailing List   [EMAIL PROTECTED]
 Automated List Manager   [EMAIL PROTECTED]


Original post:
--
I'm having some strange problems...

When compiling for the mod_ssl-2.2.6-1.3.6 RPMs
I get a server that works with
Win Netscape 4
Win M$IE 4,

but *not* with
Mac Netscape 4.5
Linux Netscape 4.08
(ssl connections that is, normal connections work fine)


I use Redhat 5.2, kernel 2.2.4, openssl 0.9.1c
(yeah, I know, but I did not find .2b RPMs
 and was lazy [could the former be the problem?])

Entries in ssl_engine.log:
[info]  Connection to child 2 established (server starbug.inbox.se:443)
[info]  SSL handshake stopped: connection was closed

Netscape pops up a dialog
"Netscape has encountered bad data from the server."

No errors in httpd error_log


/magnus
__
Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



Re: Netscape has encountered bad data from the server.

1999-03-25 Thread Magnus Stenman

Ralf S. Engelschall wrote:
 
 On Thu, Mar 25, 1999, Magnus Stenman wrote:
 
 [...]
  It's not only Mac NS, but also Linux Netscape, and yes, they work fine
  with other sites including mod_ssl ones.
 
 Hmmm... my problem is still that I've not found a local situation where I can
 repeat this (I can only fix something when I can repeat it myself). I'm
 currently installing NS 4.51 for FreeBSD in the hope it has the same problem
 as the Linux version (at least my 4.08 hasn't). OTOH we could do the
 following: I'll upgrade www.engelschall.com to the latest versions and you all
 try to connect. Then we'll see what fails and because I control the server I
 hopefully can find out the reason.
 
 BTW, these failures are _not_ related to any POST or other special situations,
 right? You just connect to the welcome page via https://sitename/ and it
 immediately fails with the log entries you showed, right? Strange...

Actually, om that sever the main page is a mod_rewrite to a cgi,
but I also tested with regular html files, with the same result.

Just drop a note, and I'll connect with Linux and Mac browsers.

 
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
 __
 Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
 Official Support Mailing List   [EMAIL PROTECTED]
 Automated List Manager   [EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



Re: Ok, Client Test Suite established

1999-03-25 Thread Magnus Stenman

Ralf S. Engelschall wrote:
 

Dang. NS 4.08 Linux and NS 4.5 Mac work fine on all tests...

Unfortunately I cannot give you access to my box, because it's on
a non-public net..

But I can enable "debug" level in the logs..

/magnus

 Ok, because of the problem reports with various client/platforms and the fact
 that I cannot reproduce the problems, I've now established a little test suite
 for us. Under
 
   http://en4.engelschall.com/
  https://en4.engelschall.com/
 
 an Apache/1.3.6+mod_ssl/2.2.6+OpenSSL/0.9.2b test server is running under
 FreeBSD 3.1. It has three test CGI scripts installed, debugging enabled and
 and a little mechanism to look at the last 16KB of the Apache logfiles.
 
 I've now connected with the following Netscape browsers running under X11 on
 my development FreeBSD 3.1 box here at home:
 
  Netscape 2.02
  Netscape 3.04
  Netscape 4.08
  Netscape 4.51
 
 and all four versions connected fine and passed the three CGI scripts
 successfully without any hangs, any I/O errors or other unusual things.  In
 other words, as I said: Under my development platform I cannot reproduce your
 problems. So, it's now your turn. Connect from your favorite client platform
 with your esoteric clients and hopefully let us find out something...
 
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
 __
 Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
 Official Support Mailing List   [EMAIL PROTECTED]
 Automated List Manager   [EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)  www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



2.2.6-1.3.6 problems

1999-03-24 Thread Magnus Stenman

I'm having some strange problems...

When compiling for the mod_ssl-2.2.6-1.3.6 RPMs
I get a server that works with
Win Netscape 4
Win M$IE 4,

but *not* with
Mac Netscape 4.5
Linux Netscape 4.08
(ssl connections that is, normal connections work fine)


I use Redhat 5.2, kernel 2.2.4, openssl 0.9.1c
(yeah, I know, but I did not find .2b RPMs
 and was lazy [could the former be the problem?])

Entries in ssl_engine.log:
[info]  Connection to child 2 established (server starbug.inbox.se:443)
[info]  SSL handshake stopped: connection was closed

Netscape pops up a dialog
"Netscape has encountered bad data from the server."

No errors in httpd error_log


/magnus
__
Apache Interface to SSLeay (mod_ssl)   www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



Re: ANNOUNCE: apache-mod_ssl-1.3.4-2.2.2 RPMs

1999-02-07 Thread Magnus Stenman

Ralf S. Engelschall wrote:
 
 On Fri, Feb 05, 1999, Magnus Stenman wrote:
 
  New apache-mod_ssl-1.3.4-2.2.2 RPMs are at
  http://www.engelschall.com/sw/mod_ssl/contrib/
 
 Great, Magnus. You're as fast with RPMs for the RedHat users as I'm with the
 source distribution. I've to always really sprint with the FreeBSD port I
 maintain myself to have a chance against you... ;-)

Thanks :)

BTW, is there any significant advantages yet with openssl versus SSLeay?
If so, maybe there should be some openssl RPMs, and the apache RPMs
should
require openssl instead of SSLeay.
(I guess you'd have to choose, the two ssl libs aren't interchangeable,
right?)

/magnus

 
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
 __
 Apache Interface to SSLeay (mod_ssl)   www.engelschall.com/sw/mod_ssl/
 Official Support Mailing List   [EMAIL PROTECTED]
 Automated List Manager   [EMAIL PROTECTED]
__
Apache Interface to SSLeay (mod_ssl)   www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]



Re: Wassenaar and Free Software (FSF statement)

1998-12-18 Thread Magnus Stenman

look at the GnuPG home page:
http://www.d.shuttle.de/isil/gnupg/gsn.html

Ralf S. Engelschall wrote:
 
 On Fri, Dec 18, 1998, Michael Salmon wrote:
 
 [...]
  The Wassenaar agreement has it's own definition of PD that is more in
  line with the common view than the legal view.
 
 Oh, interesting. And where is this definition written down?  Any URLs at hand?
 I ask because I want to add information to the mod_ssl FAQ for 2.1.4.
 
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
 __
 Apache Interface to SSLeay (mod_ssl)   www.engelschall.com/sw/mod_ssl/
 Official Support Mailing List   [EMAIL PROTECTED]
 Automated List Manager   [EMAIL PROTECTED]
__
Apache Interface to SSLeay (mod_ssl)   www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]