Sprout from master 2002-03-05 19:58:50 UTC Jakub Bogusz <qboosh@pld-linux.org> '- fixed undefined symbols (Malloc,Free) in mod_sxnet'
Delete:
apache-mod_ssl-server.crt
apache-mod_ssl-server.key
apache-mod_ssl-sxnet.html
apache-mod_ssl.conf
apache-mod_ssl.logrotate
apache1-mod_ssl-server.crt
apache1-mod_ssl-server.key
apache1-mod_ssl-sxnet.html
apache1-mod_ssl.logrotate
mod_ssl-cca-openssl-path.patch
mod_ssl-db3.patch
+++ /dev/null
-issuer :/C=AU/ST=Some-State/L=Somewhere/O=Linux Test Server/OU=Test Certificate/CN=localhost/Email=root@localhost
-subject:/C=AU/ST=Some-State/L=Somewhare/O=Linux Test Server/OU=Test Certificate/CN=localhost/Email=root@localhost
-serial :01
-
-Certificate:
- Data:
- Version: 1 (0x0)
- Serial Number: 1 (0x1)
- Signature Algorithm: md5WithRSAEncryption
- Issuer: C=AU, ST=Some-State, L=Somewhere, O=Linux Test Server, OU=Test Certificate, CN=localhost/Email=root@localhost
- Validity
- Not Before: May 22 00:47:08 1999 GMT
- Not After : May 21 00:47:08 2000 GMT
- Subject: C=AU, ST=Some-State, L=Somewhare, O=Linux Test Server, OU=Test Certificate, CN=localhost/Email=root@localhost
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:b5:69:d7:83:50:91:13:b0:04:34:05:68:6d:61:
- 48:76:b1:d6:7b:8a:10:1a:f3:66:8d:06:2b:fe:de:
- 1e:22:c1:f2:ae:4e:0e:3a:a3:33:0e:ff:4f:19:d4:
- 9a:6a:6f:94:34:d0:6a:74:3d:7c:a0:07:a8:a4:8a:
- c4:2a:e2:89:62:ed:57:e0:9f:0c:24:1f:da:ab:e4:
- 45:ad:b9:c4:27:19:da:d2:99:c3:c1:7c:04:31:fa:
- 8b:be:40:44:ae:bf:bf:a0:8b:3c:d3:ff:5a:84:72:
- d6:89:09:3e:0d:c5:bd:f4:b3:d1:49:48:22:00:76:
- 06:71:b9:7d:bb:b4:2e:34:83
- Exponent: 65537 (0x10001)
- Signature Algorithm: md5WithRSAEncryption
- 5d:98:a4:ab:74:ce:5c:0e:26:7a:59:fb:ba:04:d8:73:56:f3:
- 26:61:60:2f:a6:47:e8:86:14:e1:be:30:67:6f:af:88:cc:20:
- bc:f8:3c:6c:f0:1e:04:ba:e8:1c:63:62:0e:98:9e:2f:1f:d5:
- ac:35:b6:fa:28:62:3c:04:3e:1d:69:cf:97:ab:d3:e1:9a:e7:
- 65:ed:97:0a:83:08:75:4d:56:5c:21:d1:2f:9f:fd:c8:2c:cb:
- c7:c0:10:4c:41:ca:a8:fc:55:e6:27:d9:b6:54:e2:88:f3:89:
- e5:68:99:01:92:a1:88:ac:06:02:5c:9f:6c:53:92:38:72:69:
- d9:a6
-
------BEGIN CERTIFICATE-----
-MIICsTCCAhoCAQEwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21ld2hlcmUxGjAYBgNVBAoTEUxp
-bnV4IFRlc3QgU2VydmVyMRkwFwYDVQQLExBUZXN0IENlcnRpZmljYXRlMRIwEAYD
-VQQDEwlsb2NhbGhvc3QxHTAbBgkqhkiG9w0BCQEWDnJvb3RAbG9jYWxob3N0MB4X
-DTk5MDUyMjAwNDcwOFoXDTAwMDUyMTAwNDcwOFowgaAxCzAJBgNVBAYTAkFVMRMw
-EQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21ld2hhcmUxGjAYBgNVBAoT
-EUxpbnV4IFRlc3QgU2VydmVyMRkwFwYDVQQLExBUZXN0IENlcnRpZmljYXRlMRIw
-EAYDVQQDEwlsb2NhbGhvc3QxHTAbBgkqhkiG9w0BCQEWDnJvb3RAbG9jYWxob3N0
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1adeDUJETsAQ0BWhtYUh2sdZ7
-ihAa82aNBiv+3h4iwfKuTg46ozMO/08Z1Jpqb5Q00Gp0PXygB6ikisQq4oli7Vfg
-nwwkH9qr5EWtucQnGdrSmcPBfAQx+ou+QESuv7+gizzT/1qEctaJCT4Nxb30s9FJ
-SCIAdgZxuX27tC40gwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAF2YpKt0zlwOJnpZ
-+7oE2HNW8yZhYC+mR+iGFOG+MGdvr4jMILz4PGzwHgS66BxjYg6Yni8f1aw1tvoo
-YjwEPh1pz5er0+Ga52XtlwqDCHVNVlwh0S+f/cgsy8fAEExByqj8VeYn2bZU4ojz
-ieVomQGSoYisBgJcn2xTkjhyadmm
------END CERTIFICATE-----
-
+++ /dev/null
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQC1adeDUJETsAQ0BWhtYUh2sdZ7ihAa82aNBiv+3h4iwfKuTg46
-ozMO/08Z1Jpqb5Q00Gp0PXygB6ikisQq4oli7VfgnwwkH9qr5EWtucQnGdrSmcPB
-fAQx+ou+QESuv7+gizzT/1qEctaJCT4Nxb30s9FJSCIAdgZxuX27tC40gwIDAQAB
-AoGBAIJ5iD3ykRUm0C8WAKBCipqLlyYtCx5HFuewm63n1KbM9Ry2GPfFbrCHoT2D
-sjeA3ogJqbbGjj6Oo5UMFMB/Q61DU3J7EOyjtraUd3Z38mN9yIK+w1taEESe8KBx
-/NhSEpdqHUbVUTXs/rrvIi3AcJeBxt81w3pCL0olaeaUdGxJAkEA5Q5p164+X+HP
-pKoa6dApnxZy1DZJoTVk52k6PMt6zZiHqA8sh7rUhb9YumrW9qGmSRSyqzqbDvno
-J7eWt24BdwJBAMrAwY7saJWQNdGoeRO4E3xitQ50haMICAuxVourl4yd5DIHwWdM
-HasCzOKMQYhE+x3SwjNI7fujb6+XUQ9ECFUCQQCFBbXaF8sJi+42xsMSfl1tkm/l
-ZhGkmYmcCrRTkigjNi2yH/3QZWP+uH0i5eEpIf+b+XU5k7NxIxj719ajeDNJAkAX
-upNsnLJovqXt0Z/J9QMizZKPDIgPWoNGiwyr7/sek+P/DvVNl5TpTLyZzvxkbF5P
-UTk1M1XW23vYuwbbmIS5AkBTmQu6nKkGa2IiYCmo9OWH4eINxKs0F3h9tch9Xz8g
-L/0cBZIsnckVV0K1YrQdv/2IfhUSVM0xzrLcAY49dfm2
------END RSA PRIVATE KEY-----
+++ /dev/null
-<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
-<html>
-<head>
- <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
- <meta name="GENERATOR" content="Mozilla/4.6 [en] (X11; I; Linux 2.2.9-23mdk i686) [Netscape]">
- <title>Test Page for Mandrake Linux's Apache Installation</title>
-<!-- Background white, links blue (unvisited), navy (visited), red (active) -->
-</head>
-<body text="#000000" bgcolor="#FFFFFF" link="#0000FF" vlink="#000080" alink="#FF0000">
-
-<center><a href="http://www.thawte.com/">
-<img SRC="http://www.thawte.com/certs/logos/thawte1.gif" BORDER=0></a>
-</center>
-
-<TITLE>About the Strong Extranet</TITLE>
-
-<H1> About the Strong Extranet</H1>
-<pre>
-The Strong Extranet allows you to use digital certificates to authenticate
-users on your web server. Typically, your users enroll in your Strong
-Extranet, under your control, through the Thawte Personal Cert System.
-
-BENEFITS OF THE STRONG EXTRANET
-
- 1. SXNet certificates contain usernames. You can allocate these usernames
- to users as required, and your server will extract the username from the
- certificate when a user accesses your server. Your CGI scripts can
- obtain the username in the same way they do so with password
- authentication, through the REMOTE_USER environment variable.
-
- 2. Low cost of CA. Thawte provides a full-server CA infrastructure for
- your Strong Extranet users for $1000 per year for up to 10 000 users.
- That's the lowest cost CA program, period.
-
- 3. Full control and security. Users are enrolled in your Strong Extranet
- under your full control. There are several enrollment methods with
- different levels of security. Choose the one which suits your business
- processes and requirements.
-
-MORE INFORMATION
-
-<A HREF="http://www.thawte.com/certs/strongextranet/">
-http://www.thawte.com/certs/strongextranet/</A>
-
-<HR>
-USING THE MODULE:
-
- The module adds the following directives:
-
- AuthType StrongExtranet
- SXNetZone a number (the zone number)
- SXNetGroupFile /path/to/groups/file
- SXNetB64EncodeID on/off
-
- "AuthType StrongExtranet" tells the server to use Strong Extranet
- Authentication in that directory. It's the equivalent of
- "AuthType Basic" or "AuthType Digest". Note that you need to
- have turned ON client certificate requesting, and set the CA
- details, as part of normal SSL configuration.
-
- The SXNetZone is a single integer. It defines the zone in which
- the client has to have an ID in order to gain access to the directory.
- The Thawte ACME Test Zone is 2, so use that for demos.
-
- The SXNetGroupFile is a file that can be used to put users in groups,
- just like the standard Basic authentication mechanism.
-
- SXNetB64EncodeID allows you to have the ID base64 encoded before it
- is put into the REMOTE_USER CGI variable. Use this if your ID can be
- 8-bit.
-
-Example:
-
-The following configuration snippet will setup the server to require
-that client certs have the StrongExtranet extension, with an ID in
-zone 23 embedded:
-
- <Directory />
- AuthType StrongExtranet
- AuthName Test Extranet
- SXNetB64EncodeID on
- SXNetZone 23
- SXNetGroupFile /etc/httpd/groups
- require valid-user
- </Directory>
-
-</PRE>
+++ /dev/null
-LoadModule ssl_module lib/apache/libssl.so
-AddModule mod_ssl.c
-
-##--------------------------------------------------------------------------
-## Add additional SSL configuration directives which provide a
-## robust default configuration: virtual server on port 443
-## which speaks SSL.
-##--------------------------------------------------------------------------
-##
-## SSL Support
-##
-## When we also provide SSL we have to listen to the
-## standard HTTP port (see above) and to the HTTPS port
-##
-Listen 443
-
-##
-## SSL Global Context
-##
-## All SSL configuration in this context applies both to
-## the main server and all SSL-enabled virtual hosts.
-##
-
-#
-# Some MIME-types for downloading Certificates and CRLs
-#
-AddType application/x-x509-ca-cert .crt
-AddType application/x-pkcs7-crl .crl
-
-# Pass Phrase Dialog:
-# Configure the pass phrase gathering process.
-# The filtering dialog program (`builtin' is a internal
-# terminal dialog) has to provide the pass phrase on stdout.
-SSLPassPhraseDialog builtin
-
-# Inter-Process Session Cache:
-# Configure the SSL Session Cache: First either `none'
-# or `dbm:/path/to/file' for the mechanism to use and
-# second the expiring timeout (in seconds).
-#SSLSessionCache none
-#SSLSessionCache dbm:logs/ssl_scache
-SSLSessionCache shm:/var/run/ssl_scache(512000)
-SSLSessionCacheTimeout 300
-
-# Semaphore:
-# Configure the path to the mutual explusion semaphore the
-# SSL engine uses internally for inter-process synchronization.
-SSLMutex file:/var/run/ssl_mutex
-
-# Pseudo Random Number Generator (PRNG):
-# Configure one or more sources to seed the PRNG of the
-# SSL library. The seed data should be of good random quality.
-SSLRandomSeed startup builtin
-SSLRandomSeed connect builtin
-#SSLRandomSeed startup file:/dev/random 512
-#SSLRandomSeed startup file:/dev/urandom 512
-#SSLRandomSeed connect file:/dev/random 512
-#SSLRandomSeed connect file:/dev/urandom 512
-
-# Logging:
-# The home of the dedicated SSL protocol logfile. Errors are
-# additionally duplicated in the general error log file. Put
-# this somewhere where it cannot be used for symlink attacks on
-# a real server (i.e. somewhere where only root can write).
-# Log levels are (ascending order: higher ones include lower ones):
-# none, error, warn, info, trace, debug.
-SSLLog /var/log/httpd/ssl_engine_log
-SSLLogLevel info
-
-<VirtualHost _default_:443>
-SSLEngine on
-#SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
-SSLCertificateFile /etc/httpd/server.crt
-SSLCertificateKeyFile /etc/httpd/server.key
-#SSLCertificateChainFile /etc/httpd/conf/ssl.crt/ca.crt
-#SSLCACertificatePath /etc/httpd/conf/ssl.crt
-#SSLCACertificateFile /etc/httpd/conf/ssl.crt/ca-bundle.crt
-#SSLCARevocationPath /etc/httpd/conf/ssl.crl
-#SSLCARevocationFile /etc/httpd/conf/ssl.crl/ca-bundle.crl
-#SSLVerifyClient require
-#SSLVerifyDepth 10
-
-#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
-<Files ~ "\.(cgi|shtml)$">
- SSLOptions +StdEnvVars
-</Files>
-<Directory "/home/httpd/html/cgi-bin">
- SSLOptions +StdEnvVars
-</Directory>
-SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
-CustomLog /var/log/httpd/ssl_request_log \
- "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
-
-</VirtualHost>
+++ /dev/null
-/var/log/httpd/ssl_engine_log {
- olddir /var/log/archiv/httpd
- postrotate
- /bin/killall -HUP httpd
- endscript
-}
-
-/var/log/httpd/ssl_request_log {
- olddir /var/log/archiv/httpd
- postrotate
- /bin/killall -HUP httpd
- endscript
-}
+++ /dev/null
-issuer :/C=AU/ST=Some-State/L=Somewhere/O=Linux Test Server/OU=Test Certificate/CN=localhost/Email=root@localhost
-subject:/C=AU/ST=Some-State/L=Somewhare/O=Linux Test Server/OU=Test Certificate/CN=localhost/Email=root@localhost
-serial :01
-
-Certificate:
- Data:
- Version: 1 (0x0)
- Serial Number: 1 (0x1)
- Signature Algorithm: md5WithRSAEncryption
- Issuer: C=AU, ST=Some-State, L=Somewhere, O=Linux Test Server, OU=Test Certificate, CN=localhost/Email=root@localhost
- Validity
- Not Before: May 22 00:47:08 1999 GMT
- Not After : May 21 00:47:08 2000 GMT
- Subject: C=AU, ST=Some-State, L=Somewhare, O=Linux Test Server, OU=Test Certificate, CN=localhost/Email=root@localhost
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:b5:69:d7:83:50:91:13:b0:04:34:05:68:6d:61:
- 48:76:b1:d6:7b:8a:10:1a:f3:66:8d:06:2b:fe:de:
- 1e:22:c1:f2:ae:4e:0e:3a:a3:33:0e:ff:4f:19:d4:
- 9a:6a:6f:94:34:d0:6a:74:3d:7c:a0:07:a8:a4:8a:
- c4:2a:e2:89:62:ed:57:e0:9f:0c:24:1f:da:ab:e4:
- 45:ad:b9:c4:27:19:da:d2:99:c3:c1:7c:04:31:fa:
- 8b:be:40:44:ae:bf:bf:a0:8b:3c:d3:ff:5a:84:72:
- d6:89:09:3e:0d:c5:bd:f4:b3:d1:49:48:22:00:76:
- 06:71:b9:7d:bb:b4:2e:34:83
- Exponent: 65537 (0x10001)
- Signature Algorithm: md5WithRSAEncryption
- 5d:98:a4:ab:74:ce:5c:0e:26:7a:59:fb:ba:04:d8:73:56:f3:
- 26:61:60:2f:a6:47:e8:86:14:e1:be:30:67:6f:af:88:cc:20:
- bc:f8:3c:6c:f0:1e:04:ba:e8:1c:63:62:0e:98:9e:2f:1f:d5:
- ac:35:b6:fa:28:62:3c:04:3e:1d:69:cf:97:ab:d3:e1:9a:e7:
- 65:ed:97:0a:83:08:75:4d:56:5c:21:d1:2f:9f:fd:c8:2c:cb:
- c7:c0:10:4c:41:ca:a8:fc:55:e6:27:d9:b6:54:e2:88:f3:89:
- e5:68:99:01:92:a1:88:ac:06:02:5c:9f:6c:53:92:38:72:69:
- d9:a6
-
------BEGIN CERTIFICATE-----
-MIICsTCCAhoCAQEwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAkFVMRMwEQYD
-VQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21ld2hlcmUxGjAYBgNVBAoTEUxp
-bnV4IFRlc3QgU2VydmVyMRkwFwYDVQQLExBUZXN0IENlcnRpZmljYXRlMRIwEAYD
-VQQDEwlsb2NhbGhvc3QxHTAbBgkqhkiG9w0BCQEWDnJvb3RAbG9jYWxob3N0MB4X
-DTk5MDUyMjAwNDcwOFoXDTAwMDUyMTAwNDcwOFowgaAxCzAJBgNVBAYTAkFVMRMw
-EQYDVQQIEwpTb21lLVN0YXRlMRIwEAYDVQQHEwlTb21ld2hhcmUxGjAYBgNVBAoT
-EUxpbnV4IFRlc3QgU2VydmVyMRkwFwYDVQQLExBUZXN0IENlcnRpZmljYXRlMRIw
-EAYDVQQDEwlsb2NhbGhvc3QxHTAbBgkqhkiG9w0BCQEWDnJvb3RAbG9jYWxob3N0
-MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1adeDUJETsAQ0BWhtYUh2sdZ7
-ihAa82aNBiv+3h4iwfKuTg46ozMO/08Z1Jpqb5Q00Gp0PXygB6ikisQq4oli7Vfg
-nwwkH9qr5EWtucQnGdrSmcPBfAQx+ou+QESuv7+gizzT/1qEctaJCT4Nxb30s9FJ
-SCIAdgZxuX27tC40gwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAF2YpKt0zlwOJnpZ
-+7oE2HNW8yZhYC+mR+iGFOG+MGdvr4jMILz4PGzwHgS66BxjYg6Yni8f1aw1tvoo
-YjwEPh1pz5er0+Ga52XtlwqDCHVNVlwh0S+f/cgsy8fAEExByqj8VeYn2bZU4ojz
-ieVomQGSoYisBgJcn2xTkjhyadmm
------END CERTIFICATE-----
-
+++ /dev/null
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQC1adeDUJETsAQ0BWhtYUh2sdZ7ihAa82aNBiv+3h4iwfKuTg46
-ozMO/08Z1Jpqb5Q00Gp0PXygB6ikisQq4oli7VfgnwwkH9qr5EWtucQnGdrSmcPB
-fAQx+ou+QESuv7+gizzT/1qEctaJCT4Nxb30s9FJSCIAdgZxuX27tC40gwIDAQAB
-AoGBAIJ5iD3ykRUm0C8WAKBCipqLlyYtCx5HFuewm63n1KbM9Ry2GPfFbrCHoT2D
-sjeA3ogJqbbGjj6Oo5UMFMB/Q61DU3J7EOyjtraUd3Z38mN9yIK+w1taEESe8KBx
-/NhSEpdqHUbVUTXs/rrvIi3AcJeBxt81w3pCL0olaeaUdGxJAkEA5Q5p164+X+HP
-pKoa6dApnxZy1DZJoTVk52k6PMt6zZiHqA8sh7rUhb9YumrW9qGmSRSyqzqbDvno
-J7eWt24BdwJBAMrAwY7saJWQNdGoeRO4E3xitQ50haMICAuxVourl4yd5DIHwWdM
-HasCzOKMQYhE+x3SwjNI7fujb6+XUQ9ECFUCQQCFBbXaF8sJi+42xsMSfl1tkm/l
-ZhGkmYmcCrRTkigjNi2yH/3QZWP+uH0i5eEpIf+b+XU5k7NxIxj719ajeDNJAkAX
-upNsnLJovqXt0Z/J9QMizZKPDIgPWoNGiwyr7/sek+P/DvVNl5TpTLyZzvxkbF5P
-UTk1M1XW23vYuwbbmIS5AkBTmQu6nKkGa2IiYCmo9OWH4eINxKs0F3h9tch9Xz8g
-L/0cBZIsnckVV0K1YrQdv/2IfhUSVM0xzrLcAY49dfm2
------END RSA PRIVATE KEY-----
+++ /dev/null
-<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
-<html>
-<head>
- <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
- <meta name="GENERATOR" content="Mozilla/4.6 [en] (X11; I; Linux 2.2.9-23mdk i686) [Netscape]">
- <title>Test Page for Mandrake Linux's Apache Installation</title>
-<!-- Background white, links blue (unvisited), navy (visited), red (active) -->
-</head>
-<body text="#000000" bgcolor="#FFFFFF" link="#0000FF" vlink="#000080" alink="#FF0000">
-
-<center><a href="http://www.thawte.com/">
-<img SRC="http://www.thawte.com/certs/logos/thawte1.gif" BORDER=0></a>
-</center>
-
-<TITLE>About the Strong Extranet</TITLE>
-
-<H1> About the Strong Extranet</H1>
-<pre>
-The Strong Extranet allows you to use digital certificates to authenticate
-users on your web server. Typically, your users enroll in your Strong
-Extranet, under your control, through the Thawte Personal Cert System.
-
-BENEFITS OF THE STRONG EXTRANET
-
- 1. SXNet certificates contain usernames. You can allocate these usernames
- to users as required, and your server will extract the username from the
- certificate when a user accesses your server. Your CGI scripts can
- obtain the username in the same way they do so with password
- authentication, through the REMOTE_USER environment variable.
-
- 2. Low cost of CA. Thawte provides a full-server CA infrastructure for
- your Strong Extranet users for $1000 per year for up to 10 000 users.
- That's the lowest cost CA program, period.
-
- 3. Full control and security. Users are enrolled in your Strong Extranet
- under your full control. There are several enrollment methods with
- different levels of security. Choose the one which suits your business
- processes and requirements.
-
-MORE INFORMATION
-
-<A HREF="http://www.thawte.com/certs/strongextranet/">
-http://www.thawte.com/certs/strongextranet/</A>
-
-<HR>
-USING THE MODULE:
-
- The module adds the following directives:
-
- AuthType StrongExtranet
- SXNetZone a number (the zone number)
- SXNetGroupFile /path/to/groups/file
- SXNetB64EncodeID on/off
-
- "AuthType StrongExtranet" tells the server to use Strong Extranet
- Authentication in that directory. It's the equivalent of
- "AuthType Basic" or "AuthType Digest". Note that you need to
- have turned ON client certificate requesting, and set the CA
- details, as part of normal SSL configuration.
-
- The SXNetZone is a single integer. It defines the zone in which
- the client has to have an ID in order to gain access to the directory.
- The Thawte ACME Test Zone is 2, so use that for demos.
-
- The SXNetGroupFile is a file that can be used to put users in groups,
- just like the standard Basic authentication mechanism.
-
- SXNetB64EncodeID allows you to have the ID base64 encoded before it
- is put into the REMOTE_USER CGI variable. Use this if your ID can be
- 8-bit.
-
-Example:
-
-The following configuration snippet will setup the server to require
-that client certs have the StrongExtranet extension, with an ID in
-zone 23 embedded:
-
- <Directory />
- AuthType StrongExtranet
- AuthName Test Extranet
- SXNetB64EncodeID on
- SXNetZone 23
- SXNetGroupFile /etc/httpd/groups
- require valid-user
- </Directory>
-
-</PRE>
+++ /dev/null
-/var/log/httpd/ssl_engine_log {
- olddir /var/log/archiv/httpd
- postrotate
- /bin/killall -HUP httpd
- endscript
-}
-
-/var/log/httpd/ssl_request_log {
- olddir /var/log/archiv/httpd
- postrotate
- /bin/killall -HUP httpd
- endscript
-}
+++ /dev/null
-diff -Naur mod_ssl-2.7.1-1.3.14/pkg.contrib/cca.sh mod_ssl-2.7.1-1.3.14-p/pkg.contrib/cca.sh
---- mod_ssl-2.7.1-1.3.14/pkg.contrib/cca.sh Thu Dec 30 22:12:10 1999
-+++ mod_ssl-2.7.1-1.3.14-p/pkg.contrib/cca.sh Fri Jan 5 17:04:23 2001
-@@ -5,7 +5,7 @@
- ##
-
- # external tools
--openssl="/usr/local/ssl/bin/openssl"
-+openssl="openssl"
-
- # some optional terminal sequences
- case $TERM in
+++ /dev/null
---- mod_ssl-2.8.4-1.3.20/pkg.sslmod/mod_ssl.h~ Wed May 3 18:28:56 2000
-+++ mod_ssl-2.8.4-1.3.20/pkg.sslmod/mod_ssl.h Sun Nov 12 00:04:04 2000
-@@ -338,6 +338,15 @@
- #define SSL_DBM_FILE_SUFFIX_PAG ".pag"
- #else /* !SSL_USE_SDBM */
-+#if defined(__GLIBC__) && defined(__GLIBC_MINOR__) \
-+ && __GLIBC__ >= 2 && __GLIBC_MINOR__ == 1
-+#include <db1/ndbm.h>
-+#elif defined(__GLIBC__) && defined(__GLIBC_MINOR__) \
-+ && __GLIBC__ >= 2 && __GLIBC_MINOR__ >= 2
-+#define DB_DBM_HSEARCH 1
-+#include <db.h>
-+#else
- #include <ndbm.h>
-+#endif
- #define ssl_dbm_open dbm_open
- #define ssl_dbm_close dbm_close
- #define ssl_dbm_store dbm_store
---- mod_ssl-2.6.6-1.3.12/pkg.sslmod/Makefile.tmpl~ Thu Feb 24 20:33:23 2000
-+++ mod_ssl-2.6.6-1.3.12/pkg.sslmod/Makefile.tmpl Sun Nov 12 00:02:32 2000
-@@ -133,7 +133,7 @@
-
- libssl.so: $(OBJS_PIC)
- rm -f $@
-- $(LD_SHLIB) $(SSL_LDFLAGS) $(LDFLAGS_SHLIB) -o $@ $(OBJS_PIC) $(SSL_LIBS) $(LIBS_SHLIB)
-+ $(LD_SHLIB) $(SSL_LDFLAGS) $(LDFLAGS_SHLIB) -o $@ $(OBJS_PIC) $(SSL_LIBS) $(LIBS_SHLIB) -lndbm
-
- .SUFFIXES: .o .lo
-
projects / packages / apache1-mod_ssl.git / commitdiff