Re: WinNT + Apache + mod_ssl + openssl - VC++6 = doesn't work?!

1999-05-20 Thread Trung Tran-Duc 

Ingo Zitzmann [EMAIL PROTECTED] writes:

 Hi folks,
 
 I am trying to compile Apache 1.3.6, mod_ssl-2.2.7-1.3.6,
 opensssl-0.9.2b using VisualC++ 6.0 and apparently it compiles the
 openssl option into apache (I checked it by hiding the ssleay.dll and
 the libeay32.dll) but when I call "apache -l" I don't see the mod_ssl.c.

No, you can't see mod_ssl.c in the output of "apache -l". On NT
mod_ssl is build as an DLL (==DSO). "apache -l" only lists the
modules compiled and statically linked in apachecore.dll.

Just go ahead and configure ssl. This is the ssl-related part of my
httpd.conf

Listen 80
Listen 443

;; NT specific
LoadModule ssl_module modules/ApacheModuleSSL.dll

IfModule mod_ssl.c
SSLMutex sem
SSLSessionCache dbm:logs/ssl_gcache_data
SSLSessionCacheTimeout 15
SSLLog logs/ssl.log
SSLLogLevel warn

VirtualHost _default_:443
SSLEngine On
SSLCertificateFile cert/server.crt
SSLCertificateKeyFile cert/server.key.unsecure

ServerName myserver.mydomain.dom

# this is the common stuff for http and https virtual hosts
# DocumentRoot, Alias and the likes
Include conf/tranduc.conf

/VirtualHost

/IfModule



  Of course I can't use SSLEnable for example. I followed the
 instructions in install.Win32.
 
 Can anybody help?
 
 thanx,
 Ingo.
 
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]

__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: Basic auth with SSL - again

1999-03-24 Thread Trung Tran-Duc 

   "Ralf S. Engelschall" [EMAIL PROTECTED] wrote:

 [...]
 
  Thanks for the answer, Ralf. My problem is that I can't build
  applications under Win32 platform.
  
  Is anybody able to build and uplownload on
  ftp://contrib:[EMAIL PROTECTED]/sw/mod_ssl/ (read/write
  access). an update version of Apache (Win32) with mod_ssl/mod_ssl/2.2.5
  ?
 
 Perhaps one of the Win32 users can put a binary there.  I cannot do it,
 because my Win32 box is still totally messed up. 

I've uploaded

Apache_1.3.6-mod_ssl_2.2.6-openssl_0.9.2b-WIN32-i386.zip

to the contrib area.

(The mod_proxy source was patched to fix one crash bug and a bug preventing
cache GC from functioning)

__
Apache Interface to SSLeay (mod_ssl)   www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Win32: Apache-1.1.3 + mod_ssl 2.1b8 + mod_jserv

1998-11-09 Thread Trung Tran-Duc 

On Mon, 09 Nov 1998 10:03:23 GMT,
  Ralf S. Engelschall [EMAIL PROTECTED] wrote:

 [...]
 This way we init SSLeay on every init under DSO/DLL situation but not under
 Unix/non-DSO. And the pass phrase handling is done only on the first init.

Rhetoric question: what would happen if I change the mod_ssl config,
the new private key file is encrypted with _different_ pass phrase and
I restart Apache? Of course Apache cannot regain the terminal to ask
for the pass phrase. Is it correct? In this case will it fail or hang
in reading from an invisible terminal?

 
 Can you verify that this code variant works under Win32, too?

Yes.

-trung

__
Apache Interface to SSLeay (mod_ssl)   www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Win32: Apache-1.1.3 + mod_ssl 2.1b8 + mod_jserv

1998-11-06 Thread Trung Tran-Duc 

On Fri, 06 Nov 1998 15:59:30 GMT,
  Ralf S. Engelschall [EMAIL PROTECTED] wrote:

 [...]
 Also apache crashes on NT
  when I try to restart it (apache.exe -k restart). It's inside ssleay.
  I'm going to debug it...
 
 Perhaps we have to actually shutdown SSLeay in some way (at the restart)
 before we can re-init it (at the new startup)? Perhaps Tim Hudson has some
 hints for us. Tim? 
 
 From the Apache side it's easy: We can do this inside Apache with a callback
 function configured via ap_register_cleanup(). Or inside the new remove_module
 hook of the Extended API. We just have to know what SSLeay functions we have
 to call on server restart time.

No, it's something else. I've solved it. From src/main/http_main.c

--8--
5568:do { /* restart-pending */

[cut]
ap_init_modules(pconf, server_conf);
[cut]
++generation;
5693:} while (restart_pending);
--8--

It's run in the master process. I don't know how restart is done on
UNIX, init_module is run in each restart. The master process is the
same. We must be very careful to init everything, especially we cannot
rely on global vars are init'ed to zero and such. On Windoze there is
no fork(), no detach, etc. (We've run into this before, do you
remember?) ssl_ModConfig-nInitCount can be million. We must init
ssleay each time.

-trung

P.S. I'm going to print Apache source to have some reading over the
weekend :-(

Here is the diff

*** ssl_engine_init.c~  Wed Nov 04 13:03:10 1998
--- ssl_engine_init.c   Fri Nov 06 17:21:53 1998
***
*** 137,152 
   *  Ok, now try to solve this totally ugly situation...
   */
  
  if (ssl_ModConfig-nInitCount == 1) {
  ssl_init_SSLeay(s);
  ssl_pphrase_Handle(s, p);
- #ifndef WIN32
  return;
- #endif
  }
  if (ssl_ModConfig-nInitCount == 2) {
  ssl_init_SSLeay(s);
  }
  
  /*
   * Warn the user that he should use the session cache.
--- 137,155 
   *  Ok, now try to solve this totally ugly situation...
   */
  
+ #ifndef WIN32
  if (ssl_ModConfig-nInitCount == 1) {
  ssl_init_SSLeay(s);
  ssl_pphrase_Handle(s, p);
  return;
  }
  if (ssl_ModConfig-nInitCount == 2) {
  ssl_init_SSLeay(s);
  }
+ #else /* WIN32 */
+ ssl_init_SSLeay(s);
+ ssl_pphrase_Handle(s, p);
+ #endif /* !WIN32 */
  
  /*
   * Warn the user that he should use the session cache.


__
Apache Interface to SSLeay (mod_ssl)   www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Patch for Win32

1998-10-30 Thread Trung Tran-Duc 

On Fri, 30 Oct 1998 12:26:21 GMT,
  Ralf S. Engelschall [EMAIL PROTECTED] wrote:

 On Fri, Oct 30, 1998, Dave Paris wrote:
 
  Email over the exe and I'll create a self-extracting exe for you.  Just let
  me know where it should default (expand) to.
 
 Oh, I was not precise enough. What I actually want is not only a
 self-extracting program. My favorite would be that when I run patch.exe it
 extracts itself (in memory on in current working dir) and immediately runs
 itself. So I can use the packed patch.exe similar to the unpacked patch.exe.
 At least under my C64 times the years ago this was common practice.  Exists
 such stuff for Windows NT? Or did I misunderstand you and you mean exactly
 this? Then it should unpack into the current working directory because this is
 maximum portable, IMHO.

Ralf, I don't see your point here. Why do you want to compress the
patch.exe file? The tarball distribution is a compressed file itself.
Do you have difficulty putting binary file into CVS?

I notice you have patch's source files in ./etc and compile and run it
for UNIX platforms. Can we do the same for Win32? The user must have
the C compiler in any case. I can prepare the makefile and modify
Configure.bat accordingly.

-trung

P.S. Info-ZIP can (almost) do what you want: compress the file, add a
small executable stub to that. The resultant file is a self-extracting
file, which extracts itself in a working dir. The catch is that the
stub is of fixed size; for small files (like patch.exe), it's too big.


patch.exe (~120K) - patch_exe.zip (~60K) ...

 unzipsfx.exe + patch_exe.zip
...   patch_exe_zip.exe (~150K)


Not good.


__
Apache Interface to SSLeay (mod_ssl)   www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: ANNOUNCE: mod_ssl 2.1b7 (DSO support!)

1998-10-30 Thread Trung Tran-Duc 

On Fri, 30 Oct 1998 16:48:26 GMT,
  Ralf S. Engelschall [EMAIL PROTECTED] wrote:

 PS: Trung or others: It should be now possible to also build mod_ssl
 as a .DLL under Win32. I've no experiences here, so I hope you
 contribute a few patches to me which allows us to build mod_ssl
 the same way other Apache modules are build.

Done.


I'm going to make DLL the default for Win32, just like the other
modules. The name is ApacheModuleSSL.DLL. Okay?

Please, wait until Monday. I clean it up a little and send you a diff.
(I've just added a few export declarations and modified the Makefile)

-trung

__
Apache Interface to SSLeay (mod_ssl)   www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: Installing mod_ssl, error with configure script

1998-10-13 Thread Trung Tran-Duc 

"Lin" [EMAIL PROTECTED] writes:

 I had the same problem with WINDOWS NT. But I thought that was due to the
 utility incompatibiliies.  Like to know why, too.

For Windows NT you need mod_ssl mod_ssl 2.1b

-trung

__
Apache Interface to SSLeay (mod_ssl)   www.engelschall.com/sw/mod_ssl/
Official Support Mailing List   [EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]