On Wed, Nov 10, 2004 at 10:38:23PM -0600, William Rowe wrote:
> It's the 80/20 solution, 80%+ of other modules never need to see
> the cruft, especially the cruft related to the underlying ssl
> library.
I don't think anything should be exposed by mod_ssl.h other than
optional function hooks to
At 01:03 PM 11/10/2004, Joe Orton wrote:
>On Wed, Nov 10, 2004 at 10:54:57AM -0600, William Rowe wrote:
>> Sorry, veto on this one. I actually have a module that uses
>> mod_ssl's implementation to inject an apache ssl filter for
>> an ftp datastream. Please, revert.
>
>I guess your module has b
On Wed, Nov 10, 2004 at 10:54:57AM -0600, William Rowe wrote:
> Sorry, veto on this one. I actually have a module that uses
> mod_ssl's implementation to inject an apache ssl filter for
> an ftp datastream. Please, revert.
I guess your module has been broken against HEAD since mod_ssl.h stopped
Sorry, veto on this one. I actually have a module that uses
mod_ssl's implementation to inject an apache ssl filter for
an ftp datastream. Please, revert.
Aside from this, the solution is unlikely to be truly portable.
A better solution would be a more aggressive use of static fn()
declarations
Excelent - thank you - this has bitten me so many times !
Dw.
On Wed, 10 Nov 2004 [EMAIL PROTECTED] wrote:
> jorton 2004/11/10 03:49:38
>
> Modified:modules/ssl Tag: APACHE_2_0_BRANCH ssl_engine_init.c
> Log:
> Backport from HEAD:
>
> * modules/ssl/ssl_engine_init.c (ssl_init_p
On Tue, Jun 29, 2004 at 10:11:44AM -0400, Jeff Trawick wrote:
> [EMAIL PROTECTED] wrote:
> >martin 2004/06/29 07:06:08
> >
> > Modified:modules/ssl ssl_engine_vars.c
> > Log:
> > Use the correct Apache-2.x EBCDIC conversion function (not the old
> > apache-1.3 routine)
>
> > -#ifdef
[EMAIL PROTECTED] wrote:
martin 2004/06/29 07:06:08
Modified:modules/ssl ssl_engine_vars.c
Log:
Use the correct Apache-2.x EBCDIC conversion function (not the old apache-1.3
routine)
-#ifdef CHARSET_EBCDIC
-ascii2ebcdic(result, result,
-
[EMAIL PROTECTED] wrote:
jorton 2004/03/10 13:54:17
Modified:modules/ssl ssl_engine_log.c
Log:
* modules/ssl/ssl_engine_log.c (ssl_log_annotate, ssl_log_annotation,
ssl_log_ssl_error): const-ify annotation strings and simplify
ssl_log_annotation.
-static char *ssl_log_annotatio
On Jan 23, 2004, at 9:28 PM, PENPRAPA MUNKID wrote:
more info
www.naraico..
Sorry, I moderated that thru before I realized that it was a form of
spam.
Consider this a warning to other moderators. That was a reply to a
commit message with the spam'ers website hanging off the more info
link
more info
www.naraicoms.com
From: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: cvs commit: httpd-2.0/modules/ssl ssl_engine_io.c
Date: 23 Jan 2004 16:50:24 -
jorton 2004/01/23 08:50:24
Modified:.CHANGES
modules/ssl
--On Tuesday, December 02, 2003 14:11:20 + [EMAIL PROTECTED] wrote:
jorton 2003/12/02 06:11:20
Modified:.Tag: APACHE_2_0_BRANCH CHANGES STATUS
modules/ssl Tag: APACHE_2_0_BRANCH ssl_engine_init.c
ssl_engine_log.c
Log:
Backport from
On Thu, Aug 07, 2003 at 11:57:12PM -, [EMAIL PROTECTED] wrote:
>...
> +++ ssl_engine_kernel.c 7 Aug 2003 23:57:11 - 1.98
> @@ -880,6 +880,8 @@
>password = auth_line;
>
>if ((username[0] == '/') && strEQ(password, "password")) {
> +
Sander Striker wrote:
Hmm. You have a request_rec there. How about:
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"Encountered FakeBasicAuth spoof: %s", username);
Providing the request means that you get more information in the error_log.
Duh. Thx,
Plz assume my +1 for APACHE_2
> From: Jeff Trawick [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 08, 2003 11:17 AM
> Sander Striker wrote:
>
> >>Hmm. You have a request_rec there. How about:
> >>
> >> ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
> >> "Encountered FakeBasicAuth spoof: %s", username);
> >>
>
> From: Greg Stein [mailto:[EMAIL PROTECTED]
> Sent: Friday, August 08, 2003 11:05 AM
> On Thu, Aug 07, 2003 at 11:57:12PM -, [EMAIL PROTECTED] wrote:
> >...
> > +++ ssl_engine_kernel.c 7 Aug 2003 23:57:11 - 1.98
> > @@ -880,6 +880,8 @@
> >password = auth_line;
[EMAIL PROTECTED] wrote:
wrowe 2003/06/17 10:44:40
Modified:modules/ssl mod_ssl.c ssl_engine_init.c
Log:
Reaction to Jeff Trawick's observations
Justin's, not Jeff's :)
Thanks, Justin!
Cheers,
Erik
[EMAIL PROTECTED] wrote:
jerenkrantz2003/05/31 12:29:47
Modified:modules/ssl mod_ssl.c
Log:
Revert revision 1.81 which called non-existent SSL_load_library.
No idea where this was seen, but OpenSSL 0.9.7b does not have this. This
gets mod_ssl wor
Hmmm,
but apps/apps.h and some example apps (rsautl.c, pkcs8.c) are using
OpenSSL_add_all_algorithms() instead of SSL_load_library() and
furthermore it seems that the complete source tree (0.9.6 & 0.9.7 CVS
HEAD of yesterday) lacks any reference to SSL_load_library()?!
Perhaps I'm blind but bu
At 03:12 PM 5/27/2003, Geoff Thorpe wrote:
>> >But the better solution is to re-arrange the configuration
>> >order so the dependencies are already satisfied.
>>
>> No doubt, a project for another day (at least for my crazy schedule.)
>
>It's possiby a trivial change, and equally possibly a nightma
Hi there,
On May 27, 2003 01:17 pm, William A. Rowe, Jr. wrote:
> At 02:46 PM 5/25/2003, Geoff Thorpe wrote:
[snip]
> >OK, I can't say anything of much usefulness about SSL-C as I have no
> >experience with it. What I would suggest is that clean SSL-C support
> > in Apache2 may be useful to many p
At 02:46 PM 5/25/2003, Geoff Thorpe wrote:
>On May 24, 2003 09:38 am, William A. Rowe, Jr. wrote:
>> Well, in the SSLC case, HAVE_SSL_SET_STATE was required because
>> you can't even renegotiate without toggling the state. I tried a
>> pretty simple hack, replacing the set state code (which on Ope
William A. Rowe, Jr. wrote:
Sorry... but -1. You need a version check here because 0.9.6 isn't
going away anytime soon.
I presumed this veto meant you actually knew it failed to compile with
0.9.6, but I took the trouble to download it and I see
0.9.6
ssl.h: void (*info_callback)();
which was a
Sorry... but -1. You need a version check here because 0.9.6 isn't
going away anytime soon.
Bill
At 09:57 PM 4/3/2003, [EMAIL PROTECTED] wrote:
>trawick 2003/04/03 19:57:10
>
> Modified:.CHANGES
> modules/ssl mod_ssl.h ssl_engine_kernel.c
> Log:
> Fix a compile f
William A. Rowe, Jr. wrote:
>
> >
> >Hmmm... Well, the reason we do it for the accept mutex lockfile is
> >so when using the default setting, you can have multiple Apache instances
> >on the same server and not worry about clobbering the lockfile. If
> >we have a default lockfile for SSLMutex, the
At 07:11 PM 3/27/2003, Jim Jagielski wrote:
>William A. Rowe, Jr. wrote:
>>
>> At 06:12 PM 3/27/2003, you wrote:
>> >[EMAIL PROTECTED] wrote:
>> >>
>> >> This patch allows SSLMutex default:logs/ssl_mutex syntax. It also
>> >> removes the mod_ssl historical '.pid' suffixes - that isn't ho
William A. Rowe, Jr. wrote:
>
> At 06:12 PM 3/27/2003, you wrote:
> >[EMAIL PROTECTED] wrote:
> >>
> >> This patch allows SSLMutex default:logs/ssl_mutex syntax. It also
> >> removes the mod_ssl historical '.pid' suffixes - that isn't how Apache2
> >> specifies files.
> >>
> >
> >
At 06:12 PM 3/27/2003, you wrote:
>[EMAIL PROTECTED] wrote:
>>
>> This patch allows SSLMutex default:logs/ssl_mutex syntax. It also
>> removes the mod_ssl historical '.pid' suffixes - that isn't how Apache2
>> specifies files.
>>
>
>LockFile (for AcceptMutex) still appends .pid
Hm
At 06:25 PM 3/27/2003, you wrote:
>Cool beans... Some comments:
>
>> -else if (strcEQ(arg, "sysvsem")) {
>> +else if (!strcasecmp(meth, "sysvsem") && file) {
>
>We should not require that sysvsem lists a file..
Agreed.
>>#if APR_HAS_FLOCK_SERIALIZE
>> +else if (!strcasecmp(m
Cool beans... Some comments:
> -else if (strcEQ(arg, "sysvsem")) {
> -mc->nMutexMode = SSL_MUTEXMODE_USED;
> +else if (!strcasecmp(meth, "sysvsem") && file) {
We should not require that sysvsem lists a file..
>#endif
> -#if APR_HAS_FLOCK_SERIALIZE || APR_HAS_FCNTL_SE
[EMAIL PROTECTED] wrote:
>
> This patch allows SSLMutex default:logs/ssl_mutex syntax. It also
> removes the mod_ssl historical '.pid' suffixes - that isn't how Apache2
> specifies files.
>
LockFile (for AcceptMutex) still appends .pid
--
At 1:00 PM +0100 3/19/03, André Malo wrote:
>* William A. Rowe, Jr. wrote:
>
>> At 06:19 PM 3/18/2003, André Malo wrote:
>>>* [EMAIL PROTECTED] wrote:
>>>
if (strcEQ(arg, "none") || strcEQ(arg, "no")) {
mc->nMutexMode = SSL_MUTEXMODE_NONE;
}
+/* N
* William A. Rowe, Jr. wrote:
> At 06:19 PM 3/18/2003, André Malo wrote:
>>* [EMAIL PROTECTED] wrote:
>>
>>>if (strcEQ(arg, "none") || strcEQ(arg, "no")) {
>>>mc->nMutexMode = SSL_MUTEXMODE_NONE;
>>>}
>>> +/* NOTE: previously, 'yes' implied 'sem' */
>>> +el
At 06:19 PM 3/18/2003, André Malo wrote:
>* [EMAIL PROTECTED] wrote:
>
>>if (strcEQ(arg, "none") || strcEQ(arg, "no")) {
>>mc->nMutexMode = SSL_MUTEXMODE_NONE;
>>}
>> +/* NOTE: previously, 'yes' implied 'sem' */
>> +else if (strcEQ(arg, "default") || strcEQ(
* [EMAIL PROTECTED] wrote:
>if (strcEQ(arg, "none") || strcEQ(arg, "no")) {
>mc->nMutexMode = SSL_MUTEXMODE_NONE;
>}
> +/* NOTE: previously, 'yes' implied 'sem' */
> +else if (strcEQ(arg, "default") || strcEQ(arg, "yes")) {
> +mc->nMutexMode = SS
Good to see that at least one more individual recognized the problem!
Unfortunately with bugzilla, I have only an email addy, and don't see
a name. In any case, Madhu's patch hit first, so that's the name I went
with.
Bill
At 09:10 AM 3/6/2003, Jeff Trawick wrote:
>http://nagoya.apache.org/bugzi
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14560
William A. Rowe, Jr. wrote:
At 06:12 AM 3/6/2003, Jeff Trawick wrote:
>[EMAIL PROTECTED] wrote:
>
>
>>wrowe 2003/03/06 00:43:40
>>
>> Modified:modules/ssl ssl_engine_init.c
>> Log:
>> DougM confirms Madhu's suspicions, this chan
At 06:12 AM 3/6/2003, Jeff Trawick wrote:
>[EMAIL PROTECTED] wrote:
>
>>wrowe 2003/03/06 00:43:40
>>
>> Modified:modules/ssl ssl_engine_init.c
>> Log:
>>DougM confirms Madhu's suspicions, this change was inadvertent.
>>Reverting to no longer skip the first cert in the chain.
>
>
[EMAIL PROTECTED] wrote:
wrowe 2003/03/06 00:43:40
Modified:modules/ssl ssl_engine_init.c
Log:
DougM confirms Madhu's suspicions, this change was inadvertent.
Reverting to no longer skip the first cert in the chain.
Don't forget CHANGES and the PR number. ISTR that somebody
Sorry, presuming lazy concensus, but that probably isn't fair this
close to the release. This is a side effect of vetting the recent apr
changes to apr_dir_read() and digging in to SVNs bug (that is
already solved.)
Please look at the fields used and explain why the existing code
was correct. I'
I don't recall seeing a vote on this...
Bill
> wrowe 2002/12/23 01:10:15
>
> Modified:modules/ssl Tag: APACHE_2_0_BRANCH ssl_engine_init.c
> ssl_util_ssl.c
> Log:
> All we want is type and name, so ask for type and name.
>
> Revision ChangesPat
At 09:37 PM 11/4/2002, Justin Erenkrantz wrote:
>--On Tuesday, November 5, 2002 3:16 AM + [EMAIL PROTECTED] wrote:
>
>>wrowe 2002/11/04 19:16:33
>>
>> Modified:modules/ssl ssl_engine_io.c
>> Log:
>>At least one doc I've seen says EOF+bytes is valid. This was a
>>typo.
>
>That'd
--On Tuesday, November 05, 2002 20:47:01 + [EMAIL PROTECTED] wrote:
Index: ssl_engine_io.c
===
RCS file: /home/cvs/httpd-2.0/modules/ssl/ssl_engine_io.c,v
retrieving revision 1.95
retrieving revision 1.96
diff -u -r1.
On 5 Nov 2002 [EMAIL PROTECTED] wrote:
>
> -if (APR_STATUS_IS_EOF(status) && (status != APR_SUCCESS)) {
> +if (!APR_STATUS_IS_EOF(status) && (status != APR_SUCCESS)) {
>break;
>}
Ohhh now THAT makes sense. :) Okay. :)
--Cliff
--On Tuesday, November 5, 2002 3:16 AM + [EMAIL PROTECTED] wrote:
wrowe 2002/11/04 19:16:33
Modified:modules/ssl ssl_engine_io.c
Log:
At least one doc I've seen says EOF+bytes is valid. This was a
typo.
That'd be in the docs for apr_recv() which socket_bucket_read uses.
-Original Message-
> From: [EMAIL PROTECTED] [mailto:jerenkrantz@;apache.org]
> Sent: Friday, November 01, 2002 2:37 AM
> To: [EMAIL PROTECTED]
> Subject: cvs commit: httpd-2.0/modules/ssl ssl_engine_io.c
>
>
> jerenkrantz2002/11/01 02:37:06
>
> Modified
]
645 Howard St. [EMAIL PROTECTED]
San Francisco, CA
> -Original Message-
> From: Paul J. Reder [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, June 11, 2002 6:59 AM
> To: [EMAIL PROTECTED]
> Subject: Re: cvs commit: httpd-2.0/modules/ssl ssl_engine_kernel.c
>
Thank you kind sir, I have confirmed that this does the trick for me.
The curious question is why Ryan was never able to reproduce it...
[EMAIL PROTECTED] wrote:
> jwoolley2002/06/10 21:54:01
>
> Modified:modules/ssl ssl_engine_kernel.c
> Log:
> fix the infinite recursion problem
On 30 May 2002 [EMAIL PROTECTED] wrote:
> jwoolley02/05/30 15:39:08
>
> Modified:modules/ssl ssl_engine_pphrase.c
> Log:
> This definitely gets the award for least useful error message of the month.
>
> Index: ssl_engine_pphrase.c
> ==
At 04:17 AM 5/16/2002, Greg Stein wrote:
>On Thu, May 16, 2002 at 05:17:11AM -, [EMAIL PROTECTED] wrote:
> >...
> > SSL_LOG_TRACE and SSL_LOG_DEBUG were mapped to the APLOG_DEBUG values.
> > mod_ssl prints out a LOT of debugging information, so mod_ssl with
> LogLevel
> > Debug may not
Justin Erenkrantz wrote:
>
> The only thing I wonder is whether SSLLog and SSLLogLevel should be
> marked as deprecated (via ap_set_deprecated) or whether we should
> silently ignore these directives. Thoughts? -- justin
>
+1 for depreciation, but -1 for silently ignoring. :)
--
===
[EMAIL PROTECTED] writes:
> jerenkrantz02/05/15 16:10:34
>
> Modified:modules/ssl mod_ssl.c mod_ssl.h ssl_engine_init.c
> ssl_engine_io.c ssl_engine_kernel.c
> ssl_engine_log.c ssl_engine_pphrase.c
great stuff...
I'm glad I went to bed
On Thu, May 16, 2002 at 05:17:11AM -, [EMAIL PROTECTED] wrote:
>...
> SSL_LOG_TRACE and SSL_LOG_DEBUG were mapped to the APLOG_DEBUG values.
> mod_ssl prints out a LOT of debugging information, so mod_ssl with LogLevel
> Debug may not be a good idea - perhaps mod_ssl should be less chatt
[EMAIL PROTECTED] wrote:
>
> jerenkrantz02/05/15 16:10:34
>
> Modified:modules/ssl mod_ssl.c mod_ssl.h ssl_engine_init.c
> ssl_engine_io.c ssl_engine_kernel.c
> ssl_engine_log.c ssl_engine_pphrase.c
> Log:
> Stop using SSL_ADD_SSLERR
On Wed, May 15, 2002 at 11:19:50PM -0700, Aaron Bannert wrote:
> On Wed, May 15, 2002 at 11:14:01PM -0700, Justin Erenkrantz wrote:
> > The only thing I wonder is whether SSLLog and SSLLogLevel should be
> > marked as deprecated (via ap_set_deprecated) or whether we should
> > silently ignore thes
On Wed, May 15, 2002 at 11:14:01PM -0700, Justin Erenkrantz wrote:
> The only thing I wonder is whether SSLLog and SSLLogLevel should be
> marked as deprecated (via ap_set_deprecated) or whether we should
> silently ignore these directives. Thoughts? -- justin
I would be strongly opposed to sil
On Thu, May 16, 2002 at 06:09:14AM -, [EMAIL PROTECTED] wrote:
> jerenkrantz02/05/15 23:09:14
>
> Modified:.CHANGES
>docs/conf ssl-std.conf
>docs/manual/mod mod_ssl.xml
>modules/ssl mod_ssl.c mod_ssl.h ssl_engine_config.c
>
On 30 Apr 2002 [EMAIL PROTECTED] wrote:
> jwoolley02/04/30 10:10:12
>
> Modified:.CHANGES
>modules/ssl mod_ssl.c
> Log:
> Revert optimization from circa 2.0.34 that caused very long vhost id's
> to be unusable with mod_ssl.
>
> PR: 8572
I'm ambivalent a
At 08:38 PM 4/4/2002, you wrote:
>dear RM, please consider bumping for .34, else users with the typical ssl
>proxy config:
>
> SSLProxyEngine On
> ProxyPass/ https://foo/
> ProxyPassReverse / https://foo/
>
>will get this ugly error message on every request:
>[error] mod_ssl: C
-- Forwarded message --
Date: 5 Apr 2002 02:31:04 -
From: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: cvs commit: httpd-2.0/modules/ssl ssl_engine_kernel.c
dougm 02/04/04 18:31:04
Modified:modules/ssl ssl_engine_kernel.c
Log:
On Wed, 27 Mar 2002, Greg Stein wrote:
> Maybe this could return a status, rather than just calling ssl_die()? (and
> have the caller do the die...)
>
> Personally, I'd rather see an eventual case where you bubble up the death,
> and let Apache core do the exiting, rather than having the module
On Wed, Mar 27, 2002 at 09:07:08PM -, [EMAIL PROTECTED] wrote:
>...
> +++ ssl_engine_init.c 27 Mar 2002 21:07:08 - 1.62
>...
> +static void ssl_init_verify(server_rec *s,
> +apr_pool_t *p,
> +apr_pool_t *ptemp,
>
On Wed, Mar 27, 2002 at 02:28:16AM -, [EMAIL PROTECTED] wrote:
> dougm 02/03/26 18:28:16
>
> Modified:modules/ssl mod_ssl.h
> Added: modules/ssl ssl_toolkit_compat.h
This header file needs a license at the top.
Cheers,
-g
--
Greg Stein, http://www.lyra.org/
re at apr_rmm_malloc().
-Madhu
-Original Message-
From: Joe Orton [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 15, 2002 1:14 AM
To: [EMAIL PROTECTED]
Subject: Re: cvs commit: httpd-2.0/modules/ssl ssl_scache_shmcb.c
ssl_util_table.c
On Fri, Mar 15, 2002 at 01:46:47AM -, [EMAIL PROTECTED]
On Fri, Mar 15, 2002 at 01:46:47AM -, [EMAIL PROTECTED] wrote:
>/* This is necessary simply so that the size passed to memset() is not a
> * compile-time constant, preventing the compiler from optimising it. */
> +#if 0
> +/* XXX: this isn't used, is it needed? */
>static void
On Thu, Feb 28, 2002 at 12:01:57AM -, [EMAIL PROTECTED] wrote:
>...
> +++ mod_ssl.h 28 Feb 2002 00:01:57 - 1.60
> @@ -516,7 +516,7 @@
>apr_lock_t *pMutex;
>apr_array_header_t *aRandSeed;
>int nScoreboardSize; /* used for builtin rand
to give better
performance..
-Madhu
-Original Message-
From: Doug MacEachern [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, February 26, 2002 7:56 PM
To: [EMAIL PROTECTED]
Cc: Ralf S. Engelschall; Justin Erenkrantz; William Rowe
Subject: Re: cvs commit: httpd-2.0/modules/ssl mod_ssl.h
On Mon, 25 Feb 2002, Cliff Woolley wrote:
> ssl_rand_seed() runs on every request if you configure it that way.
this is true, when 'SSLRandomSeed connect builtin' is configured, which is
the default. not sure how much the scoreboard image changes between
requests. though somewhat related, i
m: Cliff Woolley [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, February 26, 2002 4:44 PM
> To: [EMAIL PROTECTED]
> Subject: Re: cvs commit: httpd-2.0/modules/ssl mod_ssl.h
ssl_engine_log.c
>
> On 27 Feb 2002 [EMAIL PROTECTED] wrote:
>
> >/* determine whether newline
On 27 Feb 2002 [EMAIL PROTECTED] wrote:
>/* determine whether newline should be written */
>if (add & SSL_NO_NEWLINE)
> -nstr[0] = NUL;
> +nstr = NUL;
How can that be right?
mod_ssl.h:#define NUL '\0'
So now nstr is a null pointer rather than an empty strin
On Mon, 25 Feb 2002, William A. Rowe, Jr. wrote:
> At 01:55 PM 2/25/2002, Justin Erenkrantz wrote:
> >Why was the XXX_SBENTROPY_SOLVED define removed? I believe we wanted
> >to avoid using scoreboard as an entropy source because it isn't very
> >random. Therefore, I think we should just remove
On Mon, Feb 25, 2002 at 05:14:34PM -0500, Cliff Woolley wrote:
> If that's the agreement, then fine, I'll nuke it. It certainly caused me
> quite a bit of headache to get it to work in the first place, and I was
> definitely uneasy about the assumptions it was making about the layout of
> the sco
At 01:55 PM 2/25/2002, Justin Erenkrantz wrote:
>Why was the XXX_SBENTROPY_SOLVED define removed? I believe we wanted
>to avoid using scoreboard as an entropy source because it isn't very
>random. Therefore, I think we should just remove this code
>altogether. Or, am I missing something? -- ju
On Mon, Feb 25, 2002 at 04:23:04AM -, [EMAIL PROTECTED] wrote:
> @@ -154,18 +155,21 @@
>RAND_seed(stackdata+n, 128);
>nDone += 128;
>
> -#if XXX_SBENTROPY_SOLVED
>/*
> - * XXX: This is entirely borked, sizeof
On Wed, 9 Jan 2002, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) wrote:
> mod_ssl build is broken because of the new argument introduced in
> ssl_util_ppopen().. [build breaks for ssl_engine_rand.c]
compiles again and works now too.
: httpd-2.0/modules/ssl mod_ssl.h
ssl_engine_pphrase.c ssl_util.c
dougm 02/01/09 11:24:32
Modified:.CHANGES
modules/ssl mod_ssl.h ssl_engine_pphrase.c ssl_util.c
Log:
get SSLPassPhraseDialog exec: working by passing the proper arguments
to apr_proc_create
On Fri, Nov 16, 2001 at 06:28:25PM -, [EMAIL PROTECTED] wrote:
> aaron 01/11/16 10:28:25
>
> Modified:modules/ssl ssl_util.c
> Log:
> Conversion from old apr_lock_t to new apr_thread_mutex_t
> (only converting INTRAPROCESS locks at this time).
>
> I don't see how this u
Furthermore, manually compiling mod_ssl as a DSO reveals that I can
indeed add -lssl and -lcrypto to the libtool flags, and those libraries
will be found when mod_so is loaded. I'm not so sure this works for all
other platforms, though (and I'm quite sure AIX won't play that game).
Any suggestions
On Thu, Oct 04, 2001 at 02:06:04PM -0400, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
wrote:
> Justin,
> While you're working on cleaning up the input filter logic, can you
> also please clean up the variable names / function names used - OtherBill
> had brought up this issue long time back, b
On Tuesday 18 September 2001 04:24 pm, Greg Stein wrote:
> This shouldn't be needed... isn't the whole point of VPATH to look in
> $(top_srcdir) if the file isn't present in the build dir?
>
> The value passed to flex would need the $(top_srcdir) since Make can't get
> in there and fix it, but the
This shouldn't be needed... isn't the whole point of VPATH to look in
$(top_srcdir) if the file isn't present in the build dir?
The value passed to flex would need the $(top_srcdir) since Make can't get
in there and fix it, but the dependency line "shouldn't" need the change.
Cheers,
-g
On Tue,
On Fri, 24 Aug 2001, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) wrote:
> -#if 0 /* XXX */
> -if (sc->nLogLevel >= SSL_LOG_DEBUG) {
> -BIO_set_callback(SSL_get_rbio(ssl), ssl_io_data_cb);
> -BIO_set_callback_arg(SSL_get_rbio(ssl), ssl);
> -}
> -#endif
> +
>
>
Hi,
Pl. see my comments below ..
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 24, 2001 11:07 AM
To: [EMAIL PROTECTED]
Subject: cvs commit: httpd-2.0/modules/ssl mod_ssl.c ssl_engine_io.c
dougm 01/08/24 11:06:47
Modified
On 24 Aug 2001 [EMAIL PROTECTED] wrote:
> dougm 01/08/24 10:17:35
>
> Modified:modules/ssl ssl_engine_io.c
> Log:
> churn_output should return the value of ap_pass_brigade
>
> -/* XXX: check for errors */
> -ap_pass_brigade(f->next, bb);
> +return ap_
On Fri, Aug 24, 2001 at 03:01:35AM -0400, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
wrote:
> I just built and compiled using the prefork model (without wrapping of the
> APR_HAS_THREADS - and it works !!..
>
> The ssl_util_thr_id() will be registered only if the MPM is threaded.
> However, the sy
On Fri, 24 Aug 2001, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) wrote:
> I just built and compiled using the prefork model (without wrapping of the
> APR_HAS_THREADS - and it works !!..
>
> The ssl_util_thr_id() will be registered only if the MPM is threaded.
> However, the symbol apr_os_thread_cu
!!!..
Did I miss something ?..
Thanks
-Madhu
-Original Message-
From: Justin Erenkrantz
To: [EMAIL PROTECTED]
Cc: 'Doug MacEachern '
Sent: 8/23/01 11:34 PM
Subject: Re: cvs commit: httpd-2.0/modules/ssl README mod_ssl.h ssl_engine
_init.c ssl_util.c
On Thu, Aug 23, 2001 at 11:15:
On Thu, Aug 23, 2001 at 11:15:44PM -0700, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
wrote:
> +static unsigned long ssl_util_thr_id()
> +{
> +return (unsigned long) apr_os_thread_current();
> +}
> +
This needs to be protected by #if APR_HAS_THREADS. -- justin
MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
Cc: '[EMAIL PROTECTED] '
Sent: 8/23/01 11:28 PM
Subject: RE: cvs commit: httpd-2.0/modules/ssl README mod_ssl.h ssl_engine
_init.c ssl_util.c
On Thu, 23 Aug 2001, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) wrote:
> Hi,
> I'd missed out t
On Thu, 23 Aug 2001, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) wrote:
> Hi,
> I'd missed out the CRYPRO_thread_id stuff in my earlier patch .. Here it
nice.
> -static void ssl_util_thread_locking_callback(int mode, int type,
> - const char *file, i
_util_thr_id);
+CRYPTO_set_locking_callback((void (*)())ssl_util_thr_lock);
apr_pool_cleanup_register(p, NULL,
ssl_util_thread_cleanup,
Thanks
-Madhu
-Original Message-
From: Doug MacEachern
To: [EMAIL PROTECTED]
Sent: 8/23/01 11:08 PM
Subject: Re: cvs commit: httpd-2.0
On Thu, 23 Aug 2001, Justin Erenkrantz wrote:
> If you created the locks as INTRAPROCESS before fork()ing new children,
> would each children's copy of the lock be isolated? Maybe. If so,
> then the post_config hook works, but I think child_init makes a bit
> more sense. But, that's me. -
On Thu, Aug 23, 2001 at 10:42:16PM -0700, Doug MacEachern wrote:
> > IMHO, the call to ssl_util_thread_setup should be moved to
> > ssl_init_Child and even potentially surrounded by
> > #if APR_HAS_THREADS. -- justin
>
> why child init rather than module init?
> i did turn off the locking unle
On Thu, 23 Aug 2001, Justin Erenkrantz wrote:
> I meant to review this patch, but I accidentally hit the delete key on
> the original message. Anyway, that APR_LOCKALL can be APR_INTRAPROCESS.
> We're only concerned about safety within our process not across
> multiple processes - there is no
On Thu, Aug 23, 2001 at 10:34:29PM -0700, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
wrote:
> Yes.. APR_LOCKALL can be replaced by APR_INTRAPROCESS.. I've done that
> change and also have introduced CRYPTO_dynamic locks.. I shall send that
> patch soon..
FWIW, I tried CRYPTO_dynamic locks in flood
ommit: httpd-2.0/modules/ssl README mod_ssl.h
ssl_engine_init.c ssl_util.c
On Fri, Aug 24, 2001 at 04:08:04AM -, [EMAIL PROTECTED] wrote:
> +*lock_cs = apr_palloc(p, CRYPTO_NUM_LOCKS);
> +for (i = 0; i < CRYPTO_NUM_LOCKS; i++)
> +{
> +
On Fri, Aug 24, 2001 at 04:08:04AM -, [EMAIL PROTECTED] wrote:
> +*lock_cs = apr_palloc(p, CRYPTO_NUM_LOCKS);
> +for (i = 0; i < CRYPTO_NUM_LOCKS; i++)
> +{
> +lock_count[i]=0;
> +apr_lock_create(&(lock_cs[i]), APR_MUTEX, APR_LOCKALL,
> +
From: "Cliff Woolley" <[EMAIL PROTECTED]>
Sent: Thursday, August 23, 2001 3:42 PM
> On 23 Aug 2001 [EMAIL PROTECTED] wrote:
>
> > wrowe 01/08/23 12:42:44
> >
> > Modified:modules/ssl mod_ssl.h ssl_engine_config.c ssl_engine_init.c
> > Log:
> > Add some appropriate constness to
just use ap_strchr_c instead of ap_strchr.
Ryan
On Thursday 23 August 2001 13:42, Cliff Woolley wrote:
> On 23 Aug 2001 [EMAIL PROTECTED] wrote:
> > wrowe 01/08/23 12:42:44
> >
> > Modified:modules/ssl mod_ssl.h ssl_engine_config.c
> > ssl_engine_init.c Log:
> > Add some appropr
On 23 Aug 2001 [EMAIL PROTECTED] wrote:
> wrowe 01/08/23 12:42:44
>
> Modified:modules/ssl mod_ssl.h ssl_engine_config.c ssl_engine_init.c
> Log:
> Add some appropriate constness to the config
>
> Revision ChangesPath
> 1.30 +17 -17httpd-2.0/modules/ssl/mod_ssl
On Wed, Aug 22, 2001 at 10:58:08PM -, [EMAIL PROTECTED] wrote:
> wrowe 01/08/22 15:58:08
>
> Modified:modules/ssl mod_ssl.c mod_ssl.h ssl_engine_ext.c
> ssl_engine_vars.c ssl_expr_parse.c ssl_expr_parse.h
> ssl_expr_scan.c ssl_scache
100 matches
Mail list logo
