Re: The Apache Question

2006-02-08 Thread Jason Crawford
On 2/8/06, Jason Crawford <[EMAIL PROTECTED]> wrote: > On 2/7/06, Marcin Wilk <[EMAIL PROTECTED]> wrote: > > Why change that > > It is apache, but with some pathes. But still iti s apache (changing > > name may be bad for futurre coders, that wouldl ike to make somep > > lugin for OpenBSD http serv

Re: The Apache Question

2006-02-08 Thread eric
On Wed, 2006-02-08 at 11:09:14 -0500, Jason Crawford proclaimed... > I think the biggest argument for changing the web server is the fact > that the Apache in tree doesn't do IPv6, and Apache 2.x does. And, > btw, if you look at early 2.0 releases, you'll see they are still > under the Apache 1.1

Re: The Apache Question

2006-02-08 Thread Felipe Scarel
Thanks there, I'll consider using lighttpd then. On 2/8/06, Bret Lambert <[EMAIL PROTECTED]> wrote: > > Felipe Scarel wrote: > > Well then, I'll take a look at you suggestion, Joachim, seems > reasonable. > > Too bad most developers actually *prefer* FTP over ssh, so it's going to > be > > difficu

Re: The Apache Question

2006-02-08 Thread Bret Lambert
Felipe Scarel wrote: Well then, I'll take a look at you suggestion, Joachim, seems reasonable. Too bad most developers actually *prefer* FTP over ssh, so it's going to be difficult to convince them. Well, looks like I'll just have to implement... they'll get used to it anyway =) Talking about th

Re: The Apache Question

2006-02-08 Thread Felipe Scarel
Well then, I'll take a look at you suggestion, Joachim, seems reasonable. Too bad most developers actually *prefer* FTP over ssh, so it's going to be difficult to convince them. Well, looks like I'll just have to implement... they'll get used to it anyway =) Talking about the Apache2 port, as soon

Re: The Apache Question

2006-02-08 Thread Jason Crawford
On 2/7/06, Marcin Wilk <[EMAIL PROTECTED]> wrote: > Why change that > It is apache, but with some pathes. But still iti s apache (changing > name may be bad for futurre coders, that wouldl ike to make somep > lugin for OpenBSD http server, & before they will start to make it, > theyw ill have to le

Re: The Apache Question

2006-02-08 Thread Joachim Schipper
On Tue, Feb 07, 2006 at 11:05:44PM -0200, Felipe Scarel wrote: > Since it's an open source project in which anyone can commit to the > repository anytime, it's not possible to add each and every user as a > system user. Instead, we're using Plone to write user information on > the htaccess-style f

Re: The Apache Question

2006-02-08 Thread Hannah Schroeter
Hello! On Tue, Feb 07, 2006 at 09:26:31PM -0200, Felipe Scarel wrote: >However, the Subversion versioning control system (which my project uses) >demands Apache2 in order to do DAV checkouts and commits, better >authentication and more. So, my only choice was to manually install Apache2 >and compi

Re: The Apache Question

2006-02-08 Thread Pierre-Yves Ritschard
> Sure OpenBSD's modified Apache 1.3 is way more secure than most stuff > out there, and is working great. > > However, the Subversion versioning control system (which my project > uses) demands Apache2 in order to do DAV checkouts and commits, better > authentication and more. So, my only choice

Re: The Apache Question

2006-02-07 Thread Daniel Ouellet
Siju George wrote: a lot while ago Henning had said that there was about 4000 lines of Code difference between the OpenBSD Apache and the one from Apache Project and Also that Apache2 is a Design Fault. It is way pass that now. Back in May 2005 it was already at 32,582 lines. http://marc.theai

Re: The Apache Question

2006-02-07 Thread Siju George
On 2/8/06, Siju George <[EMAIL PROTECTED]> wrote: > On 2/8/06, RedShift <[EMAIL PROTECTED]> wrote: > > Hi everyone > > > > I've noticed OpenBSD still uses Apache httpd 1.3. While it is good that > > on the OpenBSD side of things, it is maintained and there's an > > additional focus on security for

Re: The Apache Question

2006-02-07 Thread Siju George
On 2/8/06, RedShift <[EMAIL PROTECTED]> wrote: > Hi everyone > > I've noticed OpenBSD still uses Apache httpd 1.3. While it is good that > on the OpenBSD side of things, it is maintained and there's an > additional focus on security for httpd. However, sooner or later, > httpd 1.3 *will be deprecat

Re: The Apache Question (lighttp remote holes just fixed)

2006-02-07 Thread paul dansing
lighttpd just fixed a remote hole (case insensitive file systems) in the CURRENT VERSION! Does this inspire confidence? I mean for fck sake, the version just before they fixed %00 append bug! Next thing they will discover directory traversal. o_O YEAH, yeah I want this FINE PIECE OF SOFTWARE ru

Re: The Apache Question (lighttp remote holes just fixed)

2006-02-07 Thread Daniel Ouellet
paul dansing wrote: lighttpd just fixed a remote hole (case insensitive file systems) in the CURRENT VERSION! Does this inspire confidence? I mean for fck sake, the version just before they fixed %00 append bug! Next thing they will discover directory traversal. o_O YEAH, yeah I want this FIN

Re: The Apache Question

2006-02-07 Thread Felipe Scarel
Since it's an open source project in which anyone can commit to the repository anytime, it's not possible to add each and every user as a system user. Instead, we're using Plone to write user information on the htaccess-style file that Subversion reads. However, I guess I'm going to use your strat

Re: The Apache Question

2006-02-07 Thread Joachim Schipper
On Tue, Feb 07, 2006 at 09:26:31PM -0200, Felipe Scarel wrote: > Sure OpenBSD's modified Apache 1.3 is way more secure than most stuff out > there, and is working great. > > However, the Subversion versioning control system (which my project uses) > demands Apache2 in order to do DAV checkouts and

Re: The Apache Question

2006-02-07 Thread Bryan Irvine
On 2/7/06, Joe S <[EMAIL PROTECTED]> wrote: > RedShift wrote: > > Hi everyone > > > > I've noticed OpenBSD still uses Apache httpd 1.3. While it is good that > > on the OpenBSD side of things, it is maintained and there's an > > additional focus on security for httpd. However, sooner or later, > >

Re: The Apache Question

2006-02-07 Thread Ted Unangst
On 2/7/06, Joe S <[EMAIL PROTECTED]> wrote: > I couldn't find anything in the misc archives, but perhaps I didn't > really look that hard. But the biggest issue is the Apache 2.0 license. > I'm not sure what the problem is with the license, but I believe it may > be that Apache 2 license is more re

Re: The Apache Question

2006-02-07 Thread Felipe Scarel
Sure OpenBSD's modified Apache 1.3 is way more secure than most stuff out there, and is working great. However, the Subversion versioning control system (which my project uses) demands Apache2 in order to do DAV checkouts and commits, better authentication and more. So, my only choice was to manua

Re: The Apache Question

2006-02-07 Thread Steven Day
On 2/7/06, Joe S <[EMAIL PROTECTED]> wrote: > > RedShift wrote: > > Hi everyone > > > > I've noticed OpenBSD still uses Apache httpd 1.3. While it is good that > > on the OpenBSD side of things, it is maintained and there's an > > additional focus on security for httpd. However, sooner or later, >

Re: The Apache Question

2006-02-07 Thread Joe S
RedShift wrote: Hi everyone I've noticed OpenBSD still uses Apache httpd 1.3. While it is good that on the OpenBSD side of things, it is maintained and there's an additional focus on security for httpd. However, sooner or later, httpd 1.3 *will be deprecated* in favor of newer versions (2.0, 2.2

Re: The Apache Question

2006-02-07 Thread Jeff Ross
On Tue, 7 Feb 2006, Spruell, Darren-Perot wrote: From: [EMAIL PROTECTED] Wouldn't it be better then to start a spinoff project (openhttpd or something comes to mind) instead of still calling it apache httpd 1.3? No, because that's what it is. What you're talking about is marketing drivel. Y

Re: The Apache Question

2006-02-07 Thread Marcin Wilk
Why change that It is apache, but with some pathes. But still iti s apache (changing name may be bad for futurre coders, that wouldl ike to make somep lugin for OpenBSD http server, & before they will start to make it, theyw ill have to learn, that httpd in OBSD is just apache 1.3). Besides i

Re: The Apache Question

2006-02-07 Thread Spruell, Darren-Perot
From: [EMAIL PROTECTED] > Wouldn't it be better then to start a spinoff project (openhttpd or > something comes to mind) instead of still calling it apache httpd 1.3? No, because that's what it is. What you're talking about is marketing drivel. You don't have to keep up with the Joneses, espe

Re: The Apache Question

2006-02-07 Thread Daniel Ouellet
Steven Day wrote: Well as far as I know, Apache 1.3 is an openBSD modified version and not the 1.3 apache releases but the licensing on apache 2.0 is the reason I see OpenBSD not packaging it. http://apache.org/licenses/LICENSE-2.0 Also search back into the mailing list archives or the site for

Re: The Apache Question

2006-02-07 Thread Hannah Schroeter
Hello! On Tue, Feb 07, 2006 at 03:59:22PM -0500, Steven Day wrote: >Well as far as I know, Apache 1.3 is an openBSD modified version and not the >1.3 apache releases but the licensing on apache 2.0 is the reason I see >OpenBSD not packaging it. >http://apache.org/licenses/LICENSE-2.0 >Also searc

Re: The Apache Question

2006-02-07 Thread RedShift
Wouldn't it be better then to start a spinoff project (openhttpd or something comes to mind) instead of still calling it apache httpd 1.3? Stuart Henderson wrote: On 2006/02/07 21:23, RedShift wrote: I've noticed OpenBSD still uses Apache httpd 1.3. Well, not exactly. Diff the source trees a

Re: The Apache Question

2006-02-07 Thread Steven Day
Well as far as I know, Apache 1.3 is an openBSD modified version and not the 1.3 apache releases but the licensing on apache 2.0 is the reason I see OpenBSD not packaging it. http://apache.org/licenses/LICENSE-2.0 Also search back into the mailing list archives or the site for more specific reaso

Re: The Apache Question

2006-02-07 Thread Daniel Ouellet
RedShift wrote: Hi everyone I've noticed OpenBSD still uses Apache httpd 1.3. While it is good that on the OpenBSD side of things, it is maintained and there's an additional focus on security for httpd. However, sooner or later, httpd 1.3 *will be deprecated* in favor of newer versions (2.0, 2.2

Re: The Apache Question

2006-02-07 Thread Stuart Henderson
On 2006/02/07 21:23, RedShift wrote: > I've noticed OpenBSD still uses Apache httpd 1.3. Well, not exactly. Diff the source trees and you'll see it's not quite the same thing...

Re: The Apache Question

2006-02-07 Thread Antonios Anastasiadis
I would recommend reading the archives, but I guess a quick answer is no.

The Apache Question

2006-02-07 Thread RedShift
Hi everyone I've noticed OpenBSD still uses Apache httpd 1.3. While it is good that on the OpenBSD side of things, it is maintained and there's an additional focus on security for httpd. However, sooner or later, httpd 1.3 *will be deprecated* in favor of newer versions (2.0, 2.2), and now certai