Re: [us...@httpd] Apache Load balancing

[John Doe]

From: nima chavooshi 
> Before any thing I want to know about differences between mod_proxy
> and load balancing with UltraMonkey.

http://httpd.apache.org/docs/2.0/mod/mod_proxy.html
http://www.ultramonkey.org/

JD


  

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] about Apache HTTP Server reverse proxy

[Peter Chen]

Hi, all

I want to use Apache HTTP Server as a reverse proxy server and use it to
implement the function of load balancing.

I made architecture of High Availability with Tomcat and Apache, here I
will describe it simply.

USERS
 |
INTERNET
 |
Firewall
 |
 BigIP(F5)
  /  \
/ \
 ApacheApache
  HTTP Server HTTP Server --(in reverse
proxy mode)
 \/
  \  /
   Firewall
/  \
   / \
   Tomcat  Tomcat
   \/
\  /  
DataBase(Master)DataBase(Slave)

The BigIP is a product of F5, and I put it in front of Apache HTTP
Server, I use it to implement the function of load balancing for Apache
HTTP Server.

There are two firewalls, and I put two Apache HTTP Servers between them
to implement load balancing and reverse proxy.
Behind these two firewalls, I put two Tomcat servers as rare-end
servers.

I want to know does this architecture widely used? 

Could someone give me some instances of using this architecture? For
example, the company name, the project name?


I also worry about the security of reverse proxy mode.
For example, if a hacker want to destroy my system, he construct a
wicked HTTP request package to my system. After the Apache HTTP Server
received the HTTP request package, it will forward the package to
Tomcat. So, the Tomcat will be destroyed.

But I have read passages about reverse proxy, all of them say that
reverse proxy is very secure. If it works like I've just written, it's
not secure any more.

Am I right? Could you help me analyze it?

Thanks.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] Setting up Under Contruction page

[ericdraven]

Hello ;)

Unfortunately I'm not an Apache Expert so this question might have been
answered somewhere else. The Apache Configuration I'm trying to setup should
simply do the following:

* Be a basic under construction page to be used during service maintenance
* Requests to certain subdirectories should still work 
* All other incoming requests should simply display my static "under
construction" page (http://xxx/underconstruction.html)
* When requesting the site during maintenance, the browserline should read
http://xxx and not http://xxx/underconstruction.html so the user can simply
click reload to check if the site is available now

Could anybody give me a hint how to do this? An example configuration would
be great!

Many thanx in advance and greetings from Berlin
Erik
-- 
View this message in context: 
http://old.nabble.com/Setting-up-Under-Contruction-page-tp27074098p27074098.html
Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] about Apache HTTP Server reverse proxy

[Eric Covener]

> I also worry about the security of reverse proxy mode.
> For example, if a hacker want to destroy my system, he construct a
> wicked HTTP request package to my system. After the Apache HTTP Server
> received the HTTP request package, it will forward the package to
> Tomcat. So, the Tomcat will be destroyed.
>
> But I have read passages about reverse proxy, all of them say that
> reverse proxy is very secure. If it works like I've just written, it's
> not secure any more.

You could run something like mod_security on your proxy servers if you
were worried about what kinds of requests were forwarded to your
backend, and wanted to make something "more secure" by putting a proxy
in front of it.

As it stands now in your scenario, adding the reverse proxy does not
harm the security of the solution.

-- 
Eric Covener
cove...@gmail.com

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [us...@httpd] Setting up Under Contruction page

[Wesley Stupar]

Erik,

The http://xxx URL responds with the index.html page. Possibly for
maintenance you can temporarily rename that file and substitute the
underconstruction.html for index.html. Then after maintenance you would
change the names back.

Wes

-Original Message-
From: ericdraven [mailto:e...@schwagerus.de] 
Sent: Friday, January 08, 2010 2:39 AM
To: users@httpd.apache.org
Subject: [us...@httpd] Setting up Under Contruction page


Hello ;)

Unfortunately I'm not an Apache Expert so this question might have been
answered somewhere else. The Apache Configuration I'm trying to setup
should
simply do the following:

* Be a basic under construction page to be used during service
maintenance
* Requests to certain subdirectories should still work 
* All other incoming requests should simply display my static "under
construction" page (http://xxx/underconstruction.html)
* When requesting the site during maintenance, the browserline should
read
http://xxx and not http://xxx/underconstruction.html so the user can
simply
click reload to check if the site is available now

Could anybody give me a hint how to do this? An example configuration
would
be great!

Many thanx in advance and greetings from Berlin
Erik
-- 
View this message in context:
http://old.nabble.com/Setting-up-Under-Contruction-page-tp27074098p27074
098.html
Sent from the Apache HTTP Server - Users mailing list archive at
Nabble.com.


-
The official User-To-User support forum of the Apache HTTP Server
Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org



-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] help compiling apache 2.2.14 and openssl-0.9.8l using vs2008

[hc]

I'm not sure what you mean but thanks for responding. Do you mean it
won't compile
with vs2008 but instead something older? I probably have a older version of vs
in a closet somewhere...How are you finding out what is missing?

On Thu, Jan 7, 2010 at 11:00 PM, Pravesh Rai  wrote:
> Even we had tried this scenario, but there are several (deprecated)
> files, which are required for building these components, are not
> bundled with VS 2008.
>
> All these issues needs to be looked on case-by-case basis.
>
> Thanks,
> Pravesh
>
> On Fri, Jan 8, 2010 at 9:01 AM, hc  wrote:
>> I need to compile apache2.2.14 for windows because of cve-2009-3555.
>> It is my understanding
>> for that problem I need to compile apache with openssl-0.9.8l instead
>> of the previous which was used in
>> the 2.2.14 binary,  which was I believe,  0.9.8k.
>>
>> but I ran into a couple questions/issues. so if anyone has already
>> figured this out I'd really appreciate
>> the advice.
>>
>> These are the instructions I am following:
>> http://httpd.apache.org/docs/2.2/platform/win_compiling.html
>>
>> That instructs us to apply 3 patches.
>> http://www.apache.org/dist/httpd/binaries/win32/patches_applied/
>> 2 of those patches appear to be for previous versions of openssl?
>> I am no patch expert. Does there need to be another patch for this
>> version of openssl?
>> Anyone have any idea?
>>
>> In any case try to do this step;
>> "perl Configure no-rc5 no-idea enable-mdc2 enable-zlib VC-WIN32
>> -Ipath/to/srclib/zlib -Lpath/to/srclib/zlib
>> ms\do_masm.bat
>> nmake -f ms\ntdll.mak"
>>
>> I get an error from the last command:
>> E:\apache\httpd-2.2.14\srclib\openssl\openssl-0.9.8l>nmake -f ms\ntdll.mak
>>
>> "Microsoft (R) Program Maintenance Utility Version 9.00.30729.01
>> Copyright (C) Microsoft Corporation.  All rights reserved.
>>
>> ' in macroak(610) : fatal error U1001: syntax error : illegal character '
>> Stop.
>> "
>> Unfortunately that is way over my head. Anyone see what should be changed 
>> here?
>> it has a control-m between SSL and OBJ on line 612. I suspect that is
>> not correct but what should
>> be there? On the other hand it is complaining about a quote mark.
>> 610     $(OBJ_D)\e_ubsec.obj $(OBJ_D)\engines.obj $(OBJ_D)\e_capi.obj
>> 611
>> 612 SSL  OBJ=$(OBJ_D)\ssl.obj \
>>
>> -
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>>   "   from the digest: users-digest-unsubscr...@httpd.apache.org
>> For additional commands, e-mail: users-h...@httpd.apache.org
>>
>>
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>   "   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Apache 2.2 not working with LDAP Fail Over Auth

[Muzammel Asghar]

Hi All

Any more discussion and suggestions regarding this thread

can some one use two ldap hosts and successfully test the ldap fail over
auth with apache ?

My apache conf which i mentioned is ok or not ?

Please suggest.

On Fri, Jan 8, 2010 at 12:23 AM, Muzammel Asghar
wrote:

> Hi Eric
>
> LDAP Client = apache try to linked with ldap2 if ldap1 fails i submited the
> conf in which i use ldap auth for apache
>
> LDAPTrustedMode TLS
> LDAPConnectionTimeout 4
>
> 
>
>
> AuthName "Testing Ldap fail over"
> AuthType Basic
>
> # The LDAP server(s)
> AuthLDAPURL "ldap://ldap1.mydomain.com
> ldap2.mydomain.com/dc=mydomain,dc=com?uid??"
> AuthBasicProvider ldap
> AuthLDAPBindDN "uid=webcon,ou=WebAdmin,dc=mydomain,dc=com"
> AuthLDAPBindPassword abxxyz
>
> AuthLDAPGroupAttribute memberUid
>
> Require ldap-group cn=WEBOU,dc=mydomain,dc=com
> Order Allow,Deny
> Options Indexes FollowSymLinks Multiviews
> Allow from All
>
> 
>
> So my intention towards apache only, other ldap clients like ssh etc are
> working fine with ldap fail over.
>
> 2) Regarding logs, both apahce error and access logs are not shown any
> messaaes when try to connect with ldap2, browser page is still in processing
> try to connect ldap2 if ldap1 is goes down.
>
> 3) Its not an ldap client issue, its bascially apache ldap client issue
> which fails to connect with secondary ldap server when primary goest down,
> by using above conf.
>
> So please suggest
>
>
> On Fri, Jan 8, 2010 at 12:02 AM, Eric Covener  wrote:
>
>> On Thu, Jan 7, 2010 at 1:59 PM, Muzammel Asghar
>>  wrote:
>>
>> > So please kindly give suggestions , what i need extra to make ldap fail
>> over
>> > effective.
>>
>> What LDAP client is Apache linked with, and how does an ldapsearch
>> client behave linked to the same one?
>>
>> What's the LogLevel debug output during the failure to connect to the
>> first host?
>>
>> Can you try generating extended debug output with the module here:
>> http://people.apache.org/~covener/ldap/
>>
>> --
>> Eric Covener
>> cove...@gmail.com
>>
>> -
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>>   "   from the digest: users-digest-unsubscr...@httpd.apache.org
>> For additional commands, e-mail: users-h...@httpd.apache.org
>>
>>
>

Re: [us...@httpd] Apache 2.2 not working with LDAP Fail Over Auth

[Eric Covener]

On Fri, Jan 8, 2010 at 12:36 PM, Muzammel Asghar
 wrote:
> Hi All
>
> Any more discussion and suggestions regarding this thread
>
> can some one use two ldap hosts and successfully test the ldap fail over
> auth with apache ?

Works for me.  I couldn't understand any of your attempts to answer
the questions that were asked.

-- 
Eric Covener
cove...@gmail.com

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Apache 2.2 not working with LDAP Fail Over Auth

[Muzammel Asghar]

Hi

Thanks Erics, now i mention the conf section which i configure for ldap fail
over auth, you can please check and tell its ok or not, becuase its not
currently working with ldap fail over.

I can setup this file in my --> /etc/httpd/conf.d/ldaptest.config

I define only here below the ldap related entries only.


LDAPTrustedMode TLS
LDAPConnectionTimeout 4




AuthName "Testing Ldap fail over"
AuthType Basic

# The LDAP server(s)
AuthLDAPURL "ldap://ldap1.mydomain.com
ldap2.mydomain.com/dc=mydomain,dc=com?uid??"
AuthBasicProvider ldap
AuthLDAPBindDN "uid=webcon,ou=WebAdmin,dc=mydomain,dc=com"
AuthLDAPBindPassword abxxyz

AuthLDAPGroupAttribute memberUid

Require ldap-group cn=WEBOU,dc=mydomain,dc=com
Order Allow,Deny
Options Indexes FollowSymLinks Multiviews
Allow from All



Kindly suggest please , what i missed for fail over.


On Fri, Jan 8, 2010 at 10:48 PM, Eric Covener  wrote:

> On Fri, Jan 8, 2010 at 12:36 PM, Muzammel Asghar
>  wrote:
> > Hi All
> >
> > Any more discussion and suggestions regarding this thread
> >
> > can some one use two ldap hosts and successfully test the ldap fail over
> > auth with apache ?
>
> Works for me.  I couldn't understand any of your attempts to answer
> the questions that were asked.
>
> --
> Eric Covener
> cove...@gmail.com
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>   "   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

Re: [us...@httpd] Apache 2.2 not working with LDAP Fail Over Auth

[Eric Covener]

On Fri, Jan 8, 2010 at 12:57 PM, Muzammel Asghar
 wrote:
> Hi
>
> Thanks Erics, now i mention the conf section which i configure for ldap fail
> over auth, you can please check and tell its ok or not, becuase its not
> currently working with ldap fail over.

That is all handled by the LDAP library, not Apache. What's going on
at the network level? What does your LogLevel debug errorlog say?  Did
you try the debug moduel I posted in the first followup?

-- 
Eric Covener
cove...@gmail.com

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Apache 2.2 not working with LDAP Fail Over Auth

[Muzammel Asghar]

Hi

Thanks Eric, currently ldap is running fine, i can use ssh and ftp auth with
ldap also, its working f9 and also with ldap fail over auth.

Now in apache case, its also working f9 with ldap1 but when ldap1 goes down,
its not forward request to ldap2, this problem is for apache only, other
ldap clients are working f9, so i think its apache problem, so that's why i
submiteed my conf. please suggest.


On Fri, Jan 8, 2010 at 11:00 PM, Eric Covener  wrote:

> On Fri, Jan 8, 2010 at 12:57 PM, Muzammel Asghar
>  wrote:
> > Hi
> >
> > Thanks Erics, now i mention the conf section which i configure for ldap
> fail
> > over auth, you can please check and tell its ok or not, becuase its not
> > currently working with ldap fail over.
>
> That is all handled by the LDAP library, not Apache. What's going on
> at the network level? What does your LogLevel debug errorlog say?  Did
> you try the debug moduel I posted in the first followup?
>
> --
> Eric Covener
> cove...@gmail.com
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>   "   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

users@httpd.apache.org

[nima chavooshi]

Hi
I need to a software can test my apache server under high traffic.for
example can simulate 1000 user request or more to my server and give
me good statistic. I have found this product, but that is not free
If any one know such as this program I will happy for inform that.

Thanks in advance

-- 
N.Chavoshi

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

users@httpd.apache.org

[Dan Schaefer]

nima chavooshi wrote:

Hi
I need to a software can test my apache server under high traffic.for
example can simulate 1000 user request or more to my server and give
me good statistic. I have found this product, but that is not free
If any one know such as this program I will happy for inform that.

Thanks in advance

  

And how does the Subject line tie into your question?

Dan Schaefer
Web Developer/Systems Analyst
Performance Administration Corp.


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [us...@httpd] Apache 2.2 not working with LDAP Fail Over Auth

[Muzammel Asghar]

Hi Eric

Kindly send ur sample apache conf for ldap fail over auth so i can compare
my values with it. or please suggest how to make it effective.

Thanks

On Fri, Jan 8, 2010 at 11:06 PM, Muzammel Asghar
wrote:

> Hi
>
> Thanks Eric, currently ldap is running fine, i can use ssh and ftp auth
> with ldap also, its working f9 and also with ldap fail over auth.
>
> Now in apache case, its also working f9 with ldap1 but when ldap1 goes
> down, its not forward request to ldap2, this problem is for apache only,
> other ldap clients are working f9, so i think its apache problem, so that's
> why i submiteed my conf. please suggest.
>
>
>
> On Fri, Jan 8, 2010 at 11:00 PM, Eric Covener  wrote:
>
>> On Fri, Jan 8, 2010 at 12:57 PM, Muzammel Asghar
>>  wrote:
>> > Hi
>> >
>> > Thanks Erics, now i mention the conf section which i configure for ldap
>> fail
>> > over auth, you can please check and tell its ok or not, becuase its not
>> > currently working with ldap fail over.
>>
>> That is all handled by the LDAP library, not Apache. What's going on
>> at the network level? What does your LogLevel debug errorlog say?  Did
>> you try the debug moduel I posted in the first followup?
>>
>> --
>> Eric Covener
>> cove...@gmail.com
>>
>> -
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>>   "   from the digest: users-digest-unsubscr...@httpd.apache.org
>> For additional commands, e-mail: users-h...@httpd.apache.org
>>
>>
>

[us...@httpd] Problem connecting to apache webservices URL from .Net code

[Jai]

Hi All,

  We are having vendor connecting to our webservices URL using SSL protocal.
They send client certificate and if that is correct we accept the
connection. Now, the problem is they can't connect to our URL consistently.
First time it pass and second time it fails. Thye are using .NET code to
connect to our URL. They enabled TRace log and got following output when the
connection failed. They claim that this same code works for other companies
so the problem is in apache side. Here is the error I saw in our error_log
and error we got from .NET trace log.


[error] Re-negotiation handshake failed: Not accepted by client!?

>From Trace log (On .NET side)



System.Net.Sockets Verbose: 0 : [2856] Data from Socket#32616384::Receive
System.Net.Sockets Verbose: 0 : [2856] 0005 : 08 8E A3 5E BE 44 44 A9-8D
35 28 33 D5 33 39 7D : ...^.DD..5(3.39}
System.Net.Sockets Verbose: 0 : [2856] 0015 : A6 0B 51
0D : ..Q.
System.Net.Sockets Verbose: 0 : [2856] Exiting Socket#32616384::Receive()
 -> 20#20
System.Net Error: 0 : [2856] Decrypt returned SEC_I_RENEGOTIATE.

Re: [us...@httpd] Apache 2.2 not working with LDAP Fail Over Auth

[Muzammel Asghar]

Guys if any one successfully implement ldap fail over auth with apache then
please give suggestions, as i think its the right mailling list from where i
can put questions and need feedbacks.

Thanks

On Sat, Jan 9, 2010 at 12:44 AM, Muzammel Asghar
wrote:

> Hi Eric
>
> Kindly send ur sample apache conf for ldap fail over auth so i can compare
> my values with it. or please suggest how to make it effective.
>
> Thanks
>
>
> On Fri, Jan 8, 2010 at 11:06 PM, Muzammel Asghar  > wrote:
>
>> Hi
>>
>> Thanks Eric, currently ldap is running fine, i can use ssh and ftp auth
>> with ldap also, its working f9 and also with ldap fail over auth.
>>
>> Now in apache case, its also working f9 with ldap1 but when ldap1 goes
>> down, its not forward request to ldap2, this problem is for apache only,
>> other ldap clients are working f9, so i think its apache problem, so that's
>> why i submiteed my conf. please suggest.
>>
>>
>>
>> On Fri, Jan 8, 2010 at 11:00 PM, Eric Covener  wrote:
>>
>>> On Fri, Jan 8, 2010 at 12:57 PM, Muzammel Asghar
>>>  wrote:
>>> > Hi
>>> >
>>> > Thanks Erics, now i mention the conf section which i configure for ldap
>>> fail
>>> > over auth, you can please check and tell its ok or not, becuase its not
>>> > currently working with ldap fail over.
>>>
>>> That is all handled by the LDAP library, not Apache. What's going on
>>> at the network level? What does your LogLevel debug errorlog say?  Did
>>> you try the debug moduel I posted in the first followup?
>>>
>>> --
>>> Eric Covener
>>> cove...@gmail.com
>>>
>>> -
>>> The official User-To-User support forum of the Apache HTTP Server
>>> Project.
>>> See http://httpd.apache.org/userslist.html> for more info.
>>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>>>   "   from the digest: users-digest-unsubscr...@httpd.apache.org
>>> For additional commands, e-mail: users-h...@httpd.apache.org
>>>
>>>
>>
>

Re: [us...@httpd] help compiling apache 2.2.14 and openssl-0.9.8l using vs2008

[Pravesh Rai]

We had tried to use VS 2008 to build Apache & Openssl, but face many
difficulties (because of some missing files) & finally came back to VS
2005.

Thanks,
Pravesh

On Fri, Jan 8, 2010 at 9:45 PM, hc  wrote:
> I'm not sure what you mean but thanks for responding. Do you mean it
> won't compile
> with vs2008 but instead something older? I probably have a older version of vs
> in a closet somewhere...How are you finding out what is missing?
>
> On Thu, Jan 7, 2010 at 11:00 PM, Pravesh Rai  wrote:
>> Even we had tried this scenario, but there are several (deprecated)
>> files, which are required for building these components, are not
>> bundled with VS 2008.
>>
>> All these issues needs to be looked on case-by-case basis.
>>
>> Thanks,
>> Pravesh
>>
>> On Fri, Jan 8, 2010 at 9:01 AM, hc  wrote:
>>> I need to compile apache2.2.14 for windows because of cve-2009-3555.
>>> It is my understanding
>>> for that problem I need to compile apache with openssl-0.9.8l instead
>>> of the previous which was used in
>>> the 2.2.14 binary,  which was I believe,  0.9.8k.
>>>
>>> but I ran into a couple questions/issues. so if anyone has already
>>> figured this out I'd really appreciate
>>> the advice.
>>>
>>> These are the instructions I am following:
>>> http://httpd.apache.org/docs/2.2/platform/win_compiling.html
>>>
>>> That instructs us to apply 3 patches.
>>> http://www.apache.org/dist/httpd/binaries/win32/patches_applied/
>>> 2 of those patches appear to be for previous versions of openssl?
>>> I am no patch expert. Does there need to be another patch for this
>>> version of openssl?
>>> Anyone have any idea?
>>>
>>> In any case try to do this step;
>>> "perl Configure no-rc5 no-idea enable-mdc2 enable-zlib VC-WIN32
>>> -Ipath/to/srclib/zlib -Lpath/to/srclib/zlib
>>> ms\do_masm.bat
>>> nmake -f ms\ntdll.mak"
>>>
>>> I get an error from the last command:
>>> E:\apache\httpd-2.2.14\srclib\openssl\openssl-0.9.8l>nmake -f ms\ntdll.mak
>>>
>>> "Microsoft (R) Program Maintenance Utility Version 9.00.30729.01
>>> Copyright (C) Microsoft Corporation.  All rights reserved.
>>>
>>> ' in macroak(610) : fatal error U1001: syntax error : illegal character '
>>> Stop.
>>> "
>>> Unfortunately that is way over my head. Anyone see what should be changed 
>>> here?
>>> it has a control-m between SSL and OBJ on line 612. I suspect that is
>>> not correct but what should
>>> be there? On the other hand it is complaining about a quote mark.
>>> 610     $(OBJ_D)\e_ubsec.obj $(OBJ_D)\engines.obj $(OBJ_D)\e_capi.obj
>>> 611
>>> 612 SSL  OBJ=$(OBJ_D)\ssl.obj \
>>>
>>> -
>>> The official User-To-User support forum of the Apache HTTP Server Project.
>>> See http://httpd.apache.org/userslist.html> for more info.
>>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>>>   "   from the digest: users-digest-unsubscr...@httpd.apache.org
>>> For additional commands, e-mail: users-h...@httpd.apache.org
>>>
>>>
>>
>> -
>> The official User-To-User support forum of the Apache HTTP Server Project.
>> See http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>>   "   from the digest: users-digest-unsubscr...@httpd.apache.org
>> For additional commands, e-mail: users-h...@httpd.apache.org
>>
>>
>
> -
> The official User-To-User support forum of the Apache HTTP Server Project.
> See http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
>   "   from the digest: users-digest-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] solved: help compiling apache 2.2.14 and openssl-0.9.8l using vs2008

[hc]

Well if you can avoid zlib, you can compile apache 2.2.14 with
openssl-0.9.8l with vs2008.
Basically these instructions are correct _except_  leave out zlib or
you're  going to have to know a lot about compiling, linking and make
files because something doesn't get along
there.
http://httpd.apache.org/docs/2.2/platform/win_compiling.html

Here's what I did. (This is for any newbies if any out there. I hope I
don't insult the
expertise of the many people on this list who probably know way way
more than I do.)

I have visual studio professional 2008 (v9). and I had windows sdk 7
installed, should this
make a difference. I 'registered" sdk 7 with visual studio. I have no
idea if that was necessary.
I did install this version of awk per the instructions.
http://www.cs.princeton.edu/~bwk/btl.mirror/awk95.exe
and deleted some awk and gawk items from a cygwin install on this
machine. (which
was btw 2003 should that make a difference.)

I used the visual studio 2008 tools, command prompt to do further work.
Having extracted the apache source somewhere, create a directory
openssl under the
already existing srclib directory. Elsewhere, download openssl-0.9.8l
and gzip -d and
tar -xvf . Copy all the files from the subdirectory openssl-0.9.8l to the
srclib/openssl directory (eg using xcopy src dest /s/c ).

Download this patch to the srclib/openssl directory:
http://www.apache.org/dist/httpd/binaries/win32/patches_applied/openssl-0.9.8k-vc32.patch
It works without modification. To apply, do this being in the
srclib/openssl directory:
patch -s < openssl-0.9.8k-vc32.patch
(I was using the cygwin patch program).

Here's where I depart from the instructions and leave out zlib:
perl Configure no-rc5 no-idea enable-mdc2 VC-WIN32
ms\do_masm.bat
nmake -f ms\ntdll.mak

and that actually did work and compile it openssl! Whereas with zlib
in the loop one
can have a world of issues about duplicate definitions. It is perhaps
a problem with
linker options regarding threading/debug or not but I sure couldn't
figure it out.
I also didn't tackle mod_dbd or mod_authn_dbm

And then one can proceed to the top source level and do:
nmake /f Makefile.win _apacher

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] Default layout

[Jos Chrispijn]

I have given a user access to a text (sub)directory. Can someone tell me 
how I can change the default view layout of such a directory (the 
default Apache view when not using index.html?
I would like to provide a wider tab on first column and change file 
specific images like Word, Excel, Word and PDF format files. Thank you.


Jos Chrispijn


-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[us...@httpd] Mod rewrite

[pkm2112]

Hello experts,
Need help to mask url. I understand it can be done using RewriteRule in 
httpd.conf file. 

Can I display http://server1.ncs.com/inventoryappl as
http://s1.ncs.com/inventoryappl

rgds
pkm

-
The official User-To-User support forum of the Apache HTTP Server Project.
See http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
   "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org