Full Disclosure mailing list archives

OpenSSL problem: what about apache2 binaries?

From: full-disclosure () lists netsys com (Dr. Peter Bieringer)
Date: Mon, 05 Aug 2002 10:23:49 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

- --On Freitag, 2. August 2002 13:58 -0500 Ron DuFresne
<dufresne () winternet com> wrote:

Apache2 has built-in SSL capability, I think (but not tested) also in the
Windows binary. If yes, which SSL code is used here?

Latest available is 2.0.39 from 18-Jun-2002
http://www.apache.org/dist/httpd/binaries/win32/



The issue is not with the mod-ssl code in either 1.3 nor 2.0 versions of
apache, it's with the openssl code, so upgrade onessl, then recompile you
apache which is most likely liked off the openssl stuff.


That's ok for *nix systems, but for the Windows platform it's not so easy
(I have no Windows compiler here). Also I think that the SSL code in 2.0
has to be linked statically or a OpenSSL lib is included in Apache2
installer. Both results in a recompile/repackage I think.

Comment?

        Peter

- --
Dr. Peter Bieringer                        Phone: +49-8102-895190
AERAsec Network Services and Security GmbH   Fax: +49-8102-895199
Wagenberger Straße 1                      Mobile: +49-174-9015046
D-85662 Hohenbrunn                   mailto:pbieringer () aerasec de
Germany                           Internet: http://www.aerasec.de
PGP/GPG:  http://www.aerasec.de/wir/publickeys/PeterBieringer.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6-2 (MingW32)

iD8DBQE9TjYWznfbvpHmKq4RAqKOAKClC03QkxpiyNQ79Z0zUuxbhcBBOQCdF5Ep
nkZ/menSQ6AFlObWTyGTRfc=
=Aqfp
-----END PGP SIGNATURE-----

Current thread:

OpenSSL problem: what about apache2 binaries? Dr. Peter Bieringer (Aug 02)
- <Possible follow-ups>
- OpenSSL problem: what about apache2 binaries? Dr. Peter Bieringer (Aug 05)