Eric,
I was stepping through the Axis2/C code on Apache. I found the issue...
I was programmatically setting up the binding on the client and had missed
the fact that after I set the SendTimeout to 10 minutes, about 15 lines
farther down I set it again to 25 seconds.
Sam
On Sun, Nov 15, 2009
Hi all,
I've been wondering if there is a recommended way of using autotools
when writing an Apache module? I've seen a tutorial
http://threebit.net/tutorials/apache2_modules/tut1/tutorial1.html on
this, but it was last updated in 2005, so I'm not sure if there are any
better ways or things
Patrick McManus wrote:
Of course, the SL binary will not run on 10.5 - I get linker errors when
apache loads it. That's expected (ok, I forgot it, but its normal) - and
then I rebuilt the module with -mmacosx-version-min=10.5.
The linker errors resolved themselves. Hurrah.
However now
Hi Dave,
On Mon, Nov 16, 2009 at 11:42 PM, Dave Ingram d...@dmi.me.uk wrote:
Hi all,
I've been wondering if there is a recommended way of using autotools when
writing an Apache module? I've seen a tutorial
http://threebit.net/tutorials/apache2_modules/tut1/tutorial1.html on this,
but it was
On Tue, Nov 10, 2009 at 1:47 AM, Danny Sadinoff da...@sadinoff.com wrote:
On Tue, Nov 10, 2009 at 12:53 AM, Jeff Trawick traw...@gmail.com wrote:
On Mon, Nov 9, 2009 at 5:16 PM, Danny Sadinoff danny.sadin...@gmail.com
wrote:
2) Virtual hosts
The above item holds true even across
The statistics one gets from both /balancer-manager and mod_status are
useful but of course only exist until httpd is restarted.
It would be nice if they could be configured to periodically write some
lines to the error log (at LogLevel info or so) with these statistics so
the data can be
On 16/11/09 11:33, Mark Watts wrote:
The statistics one gets from both /balancer-manager and mod_status are
useful but of course only exist until httpd is restarted.
It would be nice if they could be configured to periodically write some
lines to the error log (at LogLevel info or so) with
I am trying to use apache-2.3's mod_proxy_fcgi in 2.2.13. It seems to be
built and run all right.
But I have noticed that the SCRIPT_FILENAME has been changed to
proxy:balancer://xx, it cann't be recognized by the remote PHP
backend. So the request failed.
In my opinion, the remote PHP
On Mon, Nov 16, 2009 at 1:04 AM, Felipe Alcacibar falcaci...@gmail.com wrote:
...
When comparing modes of PHP execution:
- CGI and FastCGI are directly comparable because the information that
Apache needs to pass to PHP is the same. (In fact, mod_cgi[d] and
mod_fcgid use the same core
On Mon, Nov 16, 2009 at 5:03 AM, Danny Sadinoff da...@sadinoff.com wrote:
On Tue, Nov 10, 2009 at 1:47 AM, Danny Sadinoff da...@sadinoff.com wrote:
On Tue, Nov 10, 2009 at 12:53 AM, Jeff Trawick traw...@gmail.com wrote:
On Mon, Nov 9, 2009 at 5:16 PM, Danny Sadinoff
Stefan Fritsch wrote:
On Tuesday 10 November 2009, Jean-Marc Desperrier wrote:
[ Apache + openssl 0.9.8l = TLS renegotiation fully disabled ]
First there's the short SSLSessionCacheTimeout problem :
https://issues.apache.org/bugzilla/show_bug.cgi?id=39243#c23
[...] If they actually are
Greetings,
I work for the US Air Force. We have a prototype that dramatically,
fundamentally increases a web server's security.
We run an Apache server within a minimized, user-level-only, Linux variant
only within RAM and from only a DVD (no harddrive). With no shells, hackers
have
On Nov 16, 2009, at 5:52 AM, Mladen Turk wrote:
Regarding xml data, it is my long standing wish to create
log output filter sub module system where the log lines would
go trough a VFS filter capable of writing to xml, database, etc
(depending on the VFS implementation).
*grin*
I'd been
I support you!
2009/11/16 Sweere, Kevin E CTR USAF AFRL/RYT kevin.swe...@wpafb.af.mil
Greetings,
I work for the US Air Force. We have a prototype that dramatically,
fundamentally increases a web server's security.
We run an Apache server within a minimized, user-level-only, Linux variant
On Mon, 2009-11-16 at 08:42 -0500, Sweere, Kevin E CTR USAF AFRL/RYT
wrote:
Greetings,
I work for the US Air Force. We have a prototype that dramatically,
fundamentally increases a web server's security.
We run an Apache server within a minimized, user-level-only, Linux variant
only
On Sun, Nov 15, 2009 at 5:09 PM, Jeff Trawick traw...@gmail.com wrote:
On Sat, Nov 14, 2009 at 8:10 PM, William A. Rowe Jr.
wr...@rowe-clan.net wrote:
./configure with both --with-mpm=worker --enable-mpms-shared provides a
really
odd result;
checking which MPM to use by default... worker
On Mon, Nov 9, 2009 at 5:16 PM, Danny Sadinoff
danny.sadin...@gmail.com wrote:
2) Virtual hosts
The above item holds true even across virtual hosts. So while
it's possible to adjust the FcgidInitialEnv items on a per-vhost
basis, this is a recipe for disaster if two vhosts point at the
On Fri, Nov 06, 2009 at 02:00:47AM +, Dirk-Willem van Gulik wrote:
What we really need is 1) a pub/priv key pair of such a cert* (or use
attached CSR) of some random domain (ideally expired and with a totally
bogus CN valye so we can post the private key publicly) and 2) obviously
a
Hi Kevin,
Definitely not the right list: this is where we discuss development of the
Apache HTTP Server code. us...@httpd.apache.org may be a better forum within
apache.org. Outside Apache, several initiatives exist to look into hardening
web servers. The Center for Internet Security
On Mon, Nov 16, 2009 at 5:11 PM, Sander Temme scte...@apache.org wrote:
Hi Kevin,
Definitely not the right list: this is where we discuss development of the
Apache HTTP Server code. us...@httpd.apache.org may be a better forum within
apache.org. Outside Apache, several initiatives exist
Hi All,
Here's my problem - I have an apache module that has been happily
running on Mac Leopard for quite a while. I installed snow leopard recently.
If I build it on the SL host, it works fine there too.
Of course, the SL binary will not run on 10.5 - I get linker errors when
apache loads it.
Jean-Marc Desperrier wrote:
Everyone who uses client certificate authentication knows that they are
many apache configurations around that will force the user to repeatedly
reauthenticate himself for apparently no good reason.
It's hard to believe the explanation is only that all of the
I'll try to do another 2.3.x on next Tuesday, the 24th.
We can vote on it over thanksgiving :-)
Thanks,
Paul
On Mon 16 Nov 2009, Jean-Marc Desperrier wrote:
Here's the wireshark captured exchange between the client and server,
note that Hello Request always *immediatly* follows the end of the
renegotiation. This is with Apache 2.2.11/Openssl 0.9.8i (not a
production server) :
217 19:30:50.745606
On Mon, Nov 16, 2009 at 08:21:20PM +0100, Jean-Marc Desperrier wrote:
Ok, so in fact I have one apache instance available locally with a
problem of this kind. It's configured to not require client
authentication by defaut, but to require it on the /authentication url
So what happens truly
Hi everybody
for clarification of https://issues.apache.org/bugzilla/show_bug.cgi?id=48204
a more detailed explanation of the described attack scenario is given here.
With the patch CVE-2009-3555-2.2.patch client initiated renegotiation has been
disabled,
as a consequence of CVE-2009-3555. But
On 16.11.2009 13:14, Jeff Trawick wrote:
On Mon, Nov 16, 2009 at 5:03 AM, Danny Sadinoff da...@sadinoff.com wrote:
On Tue, Nov 10, 2009 at 1:47 AM, Danny Sadinoff da...@sadinoff.com wrote:
On Tue, Nov 10, 2009 at 12:53 AM, Jeff Trawick traw...@gmail.com wrote:
On Mon, Nov 9, 2009 at 5:16 PM,
On 16.11.2009 20:21, Jean-Marc Desperrier wrote:
Jean-Marc Desperrier wrote:
An interesting point is that firefox is *not* reusing the ssl session in
that case, for some reason it sends a SessionID of 0 after the Hello
Request from the server. I'll forward that to the NSS team, because if
On Mon, Nov 16, 2009 at 4:51 PM, traw...@apache.org wrote:
Author: trawick
Date: Mon Nov 16 21:51:01 2009
New Revision: 880981
URL: http://svn.apache.org/viewvc?rev=880981view=rev
Log:
tweak r823613/PR 47951 change to avoid /usr/sbin/install on
Solaris
(not compatible with BSD install)
On Mon, Nov 16, 2009 at 09:59:12PM +0100, Hartmut Keil wrote:
With the change described in
https://issues.apache.org/bugzilla/show_bug.cgi?id=48204
the buffer used in ssl_io_input_read(..) will be reset, and so the second
request of
the MITM will be dropped.
The first request will be
30 matches
Mail list logo
