PCRE version

[Nick Gearls <ni...@gmail.com>]

Is there some limitation in using new versions of PCRE libraries ?
For example, can we use latest PCRE (5.10.x) with Apache 2.2.4 ?

 
Thanks,

Nick

Re: PCRE version

[Guenter Knauf <fu...@apache.org>]

Hi,
> Is there some limitation in using new versions of PCRE libraries ?
> For example, can we use latest PCRE (5.10.x) with Apache 2.2.4 ?
hmm, I wonder about what you call latest; or do you mean latest of 5.x line?
when I look at the site which is mentioned in NON-UNIX-USE:
ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/
I can see a latest version 7.6 released just few days ago....

I was able to compile and link with 2.2.8 with this version (NetWare platform);
nothing more tested.

Guenter.

Re: Script to create ca-bundle.crt

[Guenter Knauf <fu...@apache.org>]

Hi,
> I'm wondering "why test/?" (goes for Dirk's as well).  Although if it's
> simply too test-case specific, the test/ dir sounds fine...

> ...if it's very general for admins - why not support/ ?
sure, sounds better.

Guen.

Re: Script to create ca-bundle.crt

[Dirk-Willem van Gulik <di...@webweaving.org>]

On Feb 12, 2008, at 4:31 PM, William A. Rowe, Jr. wrote:

> Guenter Knauf wrote:
>> Hi,
>> I was recently hacking on a script to create ca-bundle.crt:
>> http://curl.haxx.se/lxr/source/lib/mk-ca-bundle.pl
>> after I had finished my script I found that Joe already hacked a  
>> very similar script 3 years ago, and offered to the OpenSSL project:
>> http://www.mail-archive.com/modssl-users@modssl.org/msg16980.html
>> unfortunately it seems that this script is only in CVS, and not  
>> distributed with AP 1.3 mod_ssl...
>> I would like to contribute my script to httpd if there's some  
>> agreement;
>> I have sucessfully tested my script on a couple of Linux hosts  
>> (also with older Perl 5.0005), on Win32 running ActivePerl, and on  
>> NetWare; and with OpenSSL 0.9.7 and 0.9.8 (where the OpenSSL  
>> commandline is only needed for optional text output).
>> I've though no idea where it should live; probably in the ./test  
>> folder?
>
> I'm wondering "why test/?" (goes for Dirk's as well).

Two days ago I would have expressed strong disagreement. To my  
surprize - the feedback I got where from people who seem to be using  
these sort of scripts not for just testing code (as I had intended)  
but as the starting point for their deployments and to generate their  
files.

> ...if it's very general for admins - why not support/ ?

Agreed,

Dw

Re: Script to create ca-bundle.crt

["William A. Rowe, Jr." <wr...@rowe-clan.net>]

Guenter Knauf wrote:
> Hi,
> I was recently hacking on a script to create ca-bundle.crt:
> http://curl.haxx.se/lxr/source/lib/mk-ca-bundle.pl
> after I had finished my script I found that Joe already hacked a very similar script 3 years ago, and offered to the OpenSSL project:
> http://www.mail-archive.com/modssl-users@modssl.org/msg16980.html
> unfortunately it seems that this script is only in CVS, and not distributed with AP 1.3 mod_ssl...
> 
> I would like to contribute my script to httpd if there's some agreement;
> I have sucessfully tested my script on a couple of Linux hosts (also with older Perl 5.0005), on Win32 running ActivePerl, and on NetWare; and with OpenSSL 0.9.7 and 0.9.8 (where the OpenSSL commandline is only needed for optional text output).
> 
> I've though no idea where it should live; probably in the ./test folder?

I'm wondering "why test/?" (goes for Dirk's as well).  Although if it's
simply too test-case specific, the test/ dir sounds fine...

...if it's very general for admins - why not support/ ?

Re: Script to create ca-bundle.crt

[Oden Eriksson <oe...@mandriva.com>]

Den Tuesday 12 February 2008 18.57.14 skrev Guenter Knauf:
> Hi Oden,
>
> > But this is the world of RPM packaging, a litte OT.
>
> when being OT - can you tell me something about license issues with
> certdata.txt ? Do you have a written permisson to import the file into CVS?
> Is such needed? Do you have any info on that topic?

The certdata.txt file itself seems pretty straight forward when it comes to 
licensing. I would find it amusing to see a CA prohibiting redistribution of 
their stuff :)

-- 
Regards // Oden Eriksson

Re: Script to create ca-bundle.crt

[Guenter Knauf <fu...@apache.org>]

Hi Oden,
> But this is the world of RPM packaging, a litte OT.
when being OT - can you tell me something about license issues with certdata.txt ?
Do you have a written permisson to import the file into CVS? Is such needed?
Do you have any info on that topic?

Guen.

Re: Script to create ca-bundle.crt

[Oden Eriksson <oe...@mandriva.com>]

Den Tuesday 12 February 2008 17.23.27 skrev Guenter Knauf:
> Hi Oden,
>
> > http://svn.mandriva.com/cgi-bin/viewvc.cgi/packages/cooker/rootcerts/curr
> >ent/
>
> from what I see this relies on the same source certdate.txt as my script;
> so what should be the benefit of maintaining copies of that?
> I wrote the script to make it easy to generate one self,
> and to be independent from others which might not be uptodate...
> and BTW. the one in this CVS repo is one version behind (1.44, Mozilla/NSS
> has 1.45).
>
> Guenter.

I see, I must admit I didn't look at your script, sorry. In Mandriva I 
introduced this "rootcerts" package in -05 (inspired by the Microsoft 
naming). What's unique with this is that we can easily add CA's like 
cacert.org, domestic ones and such. When we build the mozilla nss libs we use 
the /etc/pki/tls/mozilla/certdata.txt version instead of the bundled one in 
the source (the CA's are hardcoded into the nss libs). Of course we also get 
a ca-bundle.crt containing the added CA's. But this is the world of RPM 
packaging, a litte OT.

-- 
Regards // Oden Eriksson

Re: Script to create ca-bundle.crt

[Guenter Knauf <fu...@apache.org>]

Hi Oden,
> http://svn.mandriva.com/cgi-bin/viewvc.cgi/packages/cooker/rootcerts/current/
from what I see this relies on the same source certdate.txt as my script;
so what should be the benefit of maintaining copies of that?
I wrote the script to make it easy to generate one self, 
and to be independent from others which might not be uptodate...
and BTW. the one in this CVS repo is one version behind (1.44, Mozilla/NSS has 1.45).

Guenter.

Re: Script to create ca-bundle.crt

[Oden Eriksson <oe...@mandriva.com>]

Den Tuesday 12 February 2008 16.18.49 skrev Guenter Knauf:
> Hi,
> I was recently hacking on a script to create ca-bundle.crt:
> http://curl.haxx.se/lxr/source/lib/mk-ca-bundle.pl
> after I had finished my script I found that Joe already hacked a very
> similar script 3 years ago, and offered to the OpenSSL project:
> http://www.mail-archive.com/modssl-users@modssl.org/msg16980.html
> unfortunately it seems that this script is only in CVS, and not distributed
> with AP 1.3 mod_ssl...
>
> I would like to contribute my script to httpd if there's some agreement;
> I have sucessfully tested my script on a couple of Linux hosts (also with
> older Perl 5.0005), on Win32 running ActivePerl, and on NetWare; and with
> OpenSSL 0.9.7 and 0.9.8 (where the OpenSSL commandline is only needed for
> optional text output).
>
> I've though no idea where it should live; probably in the ./test folder?
>
> Guenter.

http://svn.mandriva.com/cgi-bin/viewvc.cgi/packages/cooker/rootcerts/current/

?


-- 
Regards // Oden Eriksson

Script to create ca-bundle.crt

[Guenter Knauf <fu...@apache.org>]

Hi,
I was recently hacking on a script to create ca-bundle.crt:
http://curl.haxx.se/lxr/source/lib/mk-ca-bundle.pl
after I had finished my script I found that Joe already hacked a very similar script 3 years ago, and offered to the OpenSSL project:
http://www.mail-archive.com/modssl-users@modssl.org/msg16980.html
unfortunately it seems that this script is only in CVS, and not distributed with AP 1.3 mod_ssl...

I would like to contribute my script to httpd if there's some agreement;
I have sucessfully tested my script on a couple of Linux hosts (also with older Perl 5.0005), on Win32 running ActivePerl, and on NetWare; and with OpenSSL 0.9.7 and 0.9.8 (where the OpenSSL commandline is only needed for optional text output).

I've though no idea where it should live; probably in the ./test folder?

Guenter.