[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Raq3 attempt of OpenSSL Fix

Subject: Re: [cobalt-users] Raq3 attempt of OpenSSL Fix
From: "Steve Bassi" <steve@xxxxxxxxx>
Date: Tue Sep 17 03:01:02 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

----- Original Message -----
From: "Gerald Waugh" <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
To: <cobalt-users@xxxxxxxxxxxxxxx>
Sent: Tuesday, September 17, 2002 10:41 AM
Subject: Re: [cobalt-users] Raq3 attempt of OpenSSL Fix


> On Tuesday 17 September 2002 04:58, Andy Brown wrote:
> > Hi,
> > I've tried this on our RaQ3 and get errors so mod_ssl won't compile, any
> > pointers anyone?? i've pointed out where things go pear-shaped....
>
> I ended up in a similar place with the RaQ3
> I think it is the old version of apache.


If you have a RAQ3 with the original apxs file you need to change this.
http://www.firstwebspace.com/raq/apxs.tar.gz
(download that untar it and then make a backup of your original and then
copy this file over)

These are the updated install notes for RAQ3 ONLY
(Chris Burton & I did a while back)

Please note I have not tested this recently as I have no RAQ3 anymore. So
perhaps someone would like to test and let the list know.
Also ... watch out for the line wrap on the email.
(it may be better to get these notes from
http://www.camelbackup.com/raq3-apache-1.3.26.html)

Rgds Bassi


mkdir /tmp/bassiupgrade ;  cd /tmp/bassiupgrade
wget http://www.apache.org/dist/httpd/apache_1.3.26.tar.gz
wget http://pam.sourceforge.net/mod_auth_pam/dist/mod_auth_pam.tar.gz
wget http://perl.apache.org/dist/mod_perl-1.27.tar.gz
wget http://www.modssl.org/source/mod_ssl-2.8.10-1.3.26.tar.gz
wget http://www.openssl.org/source/openssl-0.9.6g.tar.gz

tar -xzvf apache_1.3.26.tar.gz -C /tmp/bassiupgrade
tar -xzvf mod_auth_pam.tar.gz -C /tmp/bassiupgrade
tar -xzvf mod_perl-1.27.tar.gz -C /tmp/bassiupgrade
tar -xzvf mod_ssl-2.8.10-1.3.26.tar.gz -C /tmp/bassiupgrade
tar -xzvf openssl-0.9.6g.tar.gz -C /tmp/bassiupgrade

chown -R 0.0 *

mv apache_1.3.26 apache
mv mod_auth_pam-1.1.1 mod_auth_pam
mv mod_perl-1.27 mod_perl
mv mod_ssl-2.8.10-1.3.26 mod_ssl
mv openssl-0.9.6g openssl

cd /tmp/bassiupgrade/apache
./configure --prefix=/etc/httpd

cd /tmp/bassiupgrade/openssl
./config --prefix=/usr --openssldir=/usr/local/ssl
make

cd /tmp/bassiupgrade/mod_ssl
./configure --with-apache=../apache

cd /tmp/bassiupgrade/mod_perl
perl ./Makefile.PL APACHE_SRC=../apache/src/ DO_HTTPD=1 USE_APACI=1
PREP_HTTPD=1 EVERYTHING=1;make;make install


cp /tmp/bassiupgrade/mod_auth_pam/mod_auth_pam.c
/tmp/bassiupgrade/apache/src/modules/extra/

cd /tmp/bassiupgrade/openssl
make install

cd /tmp/bassiupgrade/apache

export CFLAGS="-DBIG_SECURITY_HOLE"
export LIBS="-lpam -ldl"
export SSL_BASE="/tmp/bassiupgrade/openssl"

./configure --prefix=/etc/httpd --runtimedir=/var/run --logfiledir=/var/log/
httpd \
--enable-module=ssl --enable-module=setenvif --enable-module=so --enable-mod
ule=example \
--enable-module=unique_id --enable-module=usertrack --enable-module=expires
\
--enable-module=cern_meta --enable-module=digest --enable-module=auth_db \
--enable-module=auth_anon --enable-module=auth --enable-module=access \
--enable-module=rewrite --enable-module=alias --enable-module=proxy \
--enable-module=userdir --enable-module=speling --enable-module=actions \
--enable-module=imap --enable-module=asis --enable-module=cgi \
--enable-module=dir --enable-module=autoindex --enable-module=include \
--enable-module=auth_dbm \
--enable-module=info --enable-module=status --enable-module=negotiation \
--enable-module=mime --enable-module=mime_magic --enable-module=log_referer
\
--enable-module=log_agent --enable-module=log_config --enable-module=env \
--enable-module=mmap_static  --enable-module=define \
--enable-module=headers --enable-module=vhost_alias \
--activate-module=src/modules/extra/mod_auth_pam.o --activate-module=src/mod
ules/extra/mod_define.o \
--activate-module=src/modules/perl/libperl.a


mv -f src/apaci tmp
cat tmp | sed "s/\/etc\/httpd\/bin/\/usr\/bin/" | sed
"s/\/etc\/httpd\/libexec/\/usr\/lib\/apache/" > src/apaci
rm -f tmp
chmod a+x src/apaci

make

mv -f /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.bassi.orig
cat /etc/httpd/conf/httpd.conf.bassi.orig | sed s/ssl_scache-80/ssl_scache/
| sed s/ssl_mutex-80/ssl_mutex/ |sed s/ssl_scache/ssl_scache-80/ | sed
s/ssl_mutex/ssl_mutex-80/ > /etc/httpd/conf/httpd.conf



if [ -f /usr/sbin/httpd.bassi.orig ]
then
 echo Reinstall of Bassi/ChrisB Apache making dated backup
 mv /usr/sbin/httpd /usr/sbin/httpd.bassi.orig.`date +%s`
else
 echo First install of Bassi/ChrisB Apache backing up original apache
 mv /usr/sbin/httpd /usr/sbin/httpd.bassi.orig
fi

/etc/rc.d/init.d/httpd stop
/etc/rc.d/init.d/admserv stop

cp src/httpd /usr/sbin


/etc/rc.d/init.d/admserv start
/etc/rc.d/init.d/httpd start

# You can remove the /tmp/bassiupgrade directory once you are happy with the
install

References:
- RE: [cobalt-users] Raq3 attempt of OpenSSL Fix
  - From: Andy Brown
- Re: [cobalt-users] Raq3 attempt of OpenSSL Fix
  - From: Gerald Waugh

Prev by Date: Re: [cobalt-users] Raq3 attempt of OpenSSL Fix
Next by Date: Re: [cobalt-users] Raq3 attempt of OpenSSL Fix
Previous by thread: Re: [cobalt-users] Raq3 attempt of OpenSSL Fix
Next by thread: Re: [cobalt-users] Raq3 attempt of OpenSSL Fix

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index