Jim, would you post a chart of the now-three proposed behaviors,
with the various effects broken out? It would help us all understand
why we need a third way.
Bill
At 02:53 PM 5/11/2004, you wrote:
IMO, we need more control over the port number that Apache
determines to be canonical beyond that
+1 to Bill's comment. I don't quite understand what is confusing and
why we would need UseCanonicalPort. IMO, all that really needs to be
done is to fix UseCanonicalName so that it works according to the
documentation. As was explained previously, when UseCanonicalName is
OFF, both 1.3 and 2.1
Hello,
I plan to add OCSP support to mod_ssl.
I have the code for the OCSP check, but I'd like to check the integration
with everybody, as I will give the code back to you - if you're interesting
in it :-)
Here is what I currently plan:
1. Add a parameter UseOCSP in the config file
2. In
Randy Kobes wrote:
On Sun, 9 May 2004, Stas Bekman wrote:
Yes, that sounds like a much better idea. There should be
a way to tell the application that certain symbols will be
resolved at run-time, and no matter who will provide them
(application, another library or else). On AIX the linker
is
On May 10, 2004, at 5:02 PM, Brian Akins wrote:
Any reason why expires set by mod_expires are not added to redirected
requests? Should I hack up my own expires that does?
Thats a bug! Either file it in the bug database - or propose a patch. I
would expect that that some of the prev/next
-Original Message-
From: Hotmail [mailto:[EMAIL PROTECTED]
[SNIP]
I have the code for the OCSP check, but I'd like to check the
integration with everybody, as I will give the code back to
you - if you're interesting in it :-)
Great !
[SNIP]
Is somebody interesting in testing that
I'd like to announce and release the 11th.
Are we still on track for this? Reports seem to have been good ...
Kean
One way of handling the diffs between how 1.3 and 2.0 handles
UCN Off.
Index: src/CHANGES
===
RCS file: /home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.1939
diff -u -r1.1939 CHANGES
--- src/CHANGES 7 May 2004 14:43:04 -
On May 11, 2004, at 12:28 PM, Jim Jagielski wrote:
One way of handling the diffs between how 1.3 and 2.0 handles
UCN Off.
*) SECURITY: CAN-2003-0987 (cve.mitre.org)
Index: src/include/ap_mmn.h
===
RCS file:
On May 11, 2004 02:23 am, Hotmail wrote:
I plan to add OCSP support to mod_ssl.
Cool, this will probably make quite a few people happy(ier).
[snip]
3. In ssl_callback_SSLVerify_Validity( ):
- if the parameter UseOCSP is on, try an OCSP check
- if the OCSP check failed because the
My module (for Apache 2.x, I'm using the 2.0.47 code) needs to check the
Server HTTP response header.
{bg info begin
this is to see if a proxy module running before me had changed it.
bg info end}
So I hook using ap_hook_log_transaction(), and in there I check
r-headers_out for Server. But it's
IMO, we need more control over the port number that Apache
determines to be canonical beyond that which is provided
by UseCanonicalName, simply because there are so
many options and permutations which are possible
and applicable for different environments.
To that end, instead of overloading
12 matches
Mail list logo