whichever is fine with me. Though please explain where did you take that
standard from? I think most modules follow the followinig import
convention:
- a word 'foo' usually means symbol and you'd expect to be able to use
it in a form of ([EMAIL PROTECTED])foo.
- a tag ':foo' means,
On Apr 14, 2004, at 12:12 AM, Ben Laurie wrote:
Surely this advice is not good - this value (according to my reading)
is the only secret that prevents forgery of nonces. OTOH, its late,
and I may not be thinking clearly about this - in fact, I'm suspecting
that forgery of nonces is not an
As an aside, I am unable to successfully apply either patch to
the current apache-1.3 tree (not fuzz related, just bad patches,
eg:
patching file src/modules/standard/mod_digest.c
Hunk #2 FAILED at 329.
1 out of 2 hunks FAILED -- saving rejects to file
Joshua Slive wrote:
I do have one question about this: Is anyone actually using mod_digest?
I was under the impression that there doesn't exist any client that can
interoperate with this module (as opposed to mod_auth_digest, which
supports modern clients). If this is true, why don't we
Partial message is available.
Se eliminĂ³ Norton AntiVirus1.txt
Description: plain/text
On Apr 13, 2004, at 11:13 AM, Jim Jagielski wrote:
There is a known bug/issue in the current implementation
of mod_digest regarding the nonce. I am looking to
have this plugged for our next 1.3 release.
There are 2 suggested patches, which I will post under
separate Emails. I will also adjust
(removing [EMAIL PROTECTED]; no need to discuss there)
Jim Jagielski wrote:
Suggested patch:
Index: src/main/http_core.c
===
RCS file: /home/cvs/apache-1.3/src/main/http_core.c,v
retrieving revision 1.332
diff -u -u -r1.332
--On Friday, April 9, 2004 10:09 PM +0100 Nick Kew [EMAIL PROTECTED] wrote:
If anyone finds the time to review this, please let me have your
feedback. If people find it useful then good!
Once it's had a bit more exposure, I'll have a look at the docs
and style guide, and turn it into a patch.
On Wed, 14 Apr 2004, Justin Erenkrantz wrote:
Your changes sound fair enough in concept, but I won't really review until it
becomes a patch. ;-) -- justin
OK, I'll turn it into a patch. But maybe not just now after a second
glass of wine:-)
I'm thinking: my use of r-notes works well when
On Apr 14, 2004, at 1:57 PM, Ben Laurie wrote:
Correct - it is a nonce-seed.
AuthDigestNonce -- AuthDigestSeed or AuthDigestNonceSeed ?
It should be identical across an XS realm - but different from realm
to realm. If one realm is used on multiple
servers (e.g. non sticky loadbalancing)
I'd like to propose that I simply commit the revised
patch to CVS for us to poke around with/test/review, etc...
My guess is that we'll ship with something similar
and this will provide, at least, a nice framework.
++1 - if we can correct that directive's name on the way in.
Bill
At 04:09 PM 4/14/2004, you wrote:
I'd like to propose that I simply commit the revised
patch to CVS for us to poke around with/test/review, etc...
My guess is that we'll ship with something similar
and this will provide, at
APACHE 1.3 STATUS: -*-text-*-
Last modified at [$Date: 2004/04/14 16:17:13 $]
Release:
1.3.31-dev: In development
1.3.30: Tagged April 9, 2004.
1.3.29: Tagged October 24, 2003. Announced Oct 29, 2003.
1.3.28: Tagged July 16, 2003.
APACHE 2.0 STATUS: -*-text-*-
Last modified at [$Date: 2004/04/14 14:45:28 $]
Release:
2.0.50 : in development
2.0.49 : released March 19, 2004 as GA.
2.0.48 : released October 29, 2003 as GA.
2.0.47 : released July 09, 2003 as GA.
APACHE 2.1 STATUS: -*-text-*-
Last modified at [$Date: 2004/01/04 15:08:00 $]
Release [NOTE that only Alpha/Beta releases occur in 2.1 development]:
2.1.0 : in development
Please consult the following STATUS files for information
on related
15 matches
Mail list logo
