Contact Us Contact Us

hpe Apache-based web server v.1.3.27.00 on hp-ux 11.0 and 11i (pa-risc) - archive

  Software Depot
Electronic download
Frequently asked questions
Product details and specifications
Overview

hpe Apache-based web server for hp-ux 11.0/11i

v.1.3.27.00


Security vulnerabilities have been identified in this release.

This archive is available for your reference. All updates and enhancements are contained in the current release of the product and customers are urged to install the current release.

  • HPE Apache-based Web Server v.1.3.x ends support starting July 01, 2003

    This is an update to the previous communication (since September 2002) of the obsolescence of HPE Apache-based Web Server v.1.3.x.

    Between now and end of June 2003, the HPE Apache-based Web Server v.1.3.x releases will only consist of fixes to critical defects. Starting July 01, 2003, the HPE Apache-based Web Server v.1.3.x for 11.0, 11i, 11i v1.5 and 11i v1.6 will no longer be supported by HPE.

    In the meantime, customers should begin the transition process by taking advantages of the no-charge, higher performance, and more flexible HP-UX Web Server Suite. In addition, to assist with this transition, HPE has also created the "migration guide - HPE Apache-based web server version 1.3.x to HP-UX Web Server Suite," which can be downloaded free of charge from the technical tips page.

    For more information on HPE Apache-based web server, please visit us at https://www.hpe.com/us/en/servers/hp-ux.html


what is the hpe Apache-based web server?

According to Netcraft (www.netcraft.com/survey), the Apache Web Server dominates over 60% of today's web server market as the most popular and frequently deployed web server for publishing and serving static and dynamic web pages.

Engineered through state-of-the art processes for the highest quality and tailored to run smoothly on HP-UX platforms, HPE offers the HPE Apache-based Web server as a total solution for web server deployment. The Open Source Apache Web Server software developed by the Apache Software Foundation (Apache HTTP Server Project described at httpd.apache.org) serves as the foundation for the HPE Apache-based Web Server. In addition to the base HTTP server, HPE has combined numerous popular modules from other Open Source projects as well as HPE-developed valued features, such as performance tuning, user guides, and security modules, so the HPE Apache-based Web Server is highly optimized for the HP-UX environment.

what's new with hpe Apache-based web server v.1.3.27?

HPE Apache-based Web Server 1.3.27.00:

       This version is principally a security-fix and bug-fix release.

  • Apache 1.3.27: Addresses and fixes three security vulnerabilities in this release:
    1. CAN-2002-0839: ownership permissions of System V shared memory based scoreboards. The fix resulted in the new ShmemUIDisUser directive.
    2. CAN-2002-0840: cross-site scripting vulnerability in the default error page when using wildcard DNS.
    3. CAN-2002-0843: possible overflows in ab.c which could be exploited by a malicious server.
    For more information about the security vulnerabilities, go to http://cve.mitre.org/, and search for:
         CAN-2002-0839, CAN-2002-0840, CAN-2002-0843

    Highlights of enhancements and bug-fixes included in this release:

    • ErrorHeader is a new directive that allows headers (such as cookies) to be specified that will accompany any error pages or redirects.
    • Include directives may now have wildcards in the final part of the path.
    • ProtocolReqCheck is a new directive which determines if Apache will verify the protocol string in the request, and return HTTP_BAD_REQUEST if not valid.
    • mod_proxy contains fixes for incorrectly updating Content-Length and modules adding unnecessary headers to the response headers.

  • mod_ssl 2.8.11
Security Advisories Previously Addressed
This release contains all changes from previous HPE Apache-based Web Server releases including the following security advisories:
  Apache 1.3.26 CA-2002-17 (http://www.cert.org/advisories/)
CAN-2002-0392 (http://cve.mitre.org/)
  OpenSSL 0.9.6g CAN-2002-0656, CAN-2002-0657, CAN-2002-0655 (http://cve.mitre.org/)
  MM 1.2.1 CAN-2002-0658 (http://cve.mitre.org/)
  PHP 4.2.2 CA-2002-21 (http://www.cert.org/advisories/)

why use the hpe Apache-based web server?

From displaying information on simple, static web pages to serving as a secured e-Commerce store handling many simultaneous clients, today's web site must support a wide variety of technologies. To meet these needs, HPE offers customers the HPE Apache-based Web Server for their HP-UX environment.

  • investment protection by leveraging the Open Source community and industry investment in continuous leading-edge development of the most popular web server. HPE has bundled many valuable technologies with the core Apache Web Server to provide a highly optimized web server solution. HPE customers receive direct cost savings because the HPE Apache-based Web Server is absolutely free and is pre-bundled with the HP-UX Operating Environment.
  • rich and flexible features with breadth when compared to other commercial web servers, new functionality is easily added with Perl, C and C++ Apache modules. Server-side Java technologies are supported using JServ and Tomcat for servlets and JavaServer Pages (JSPs). Delivery of dynamic data is quick and easy using the PHP scripting lanugage with its built-in database connectivity. HPE Apache-based Web Server offers tools to assist with integration and support of 3rd party plug-ins such as the BroadVision plug-in, which provides out-of-the box support for the BroadVision e-commerce application suite.
  • security you can trust for secured transactions with the full strength 128-bit/168-bit encryption of RSA's BSAFE Crypto-C libraries and the bundled solutions from the most popular Open Source security modules, mod_ssl and OpenSSL. The HPE Apache-based Web Server also supports Digital Badge/certificate and authentication, and file system security (Chroot) to provide additional layers of protection from intruders. The HPE Apache-based Web Server offers high-speed data encryption so HPE customers don't have to sacrifice performance for good security.
  • out-of-the-box experience is what HPE customers can expect. The HPE Apache-based Web Server allows customers to install in simple steps, manage using the easy to use web-based admin customization capability. The HPE Apache-based Web Server is available as a free web download or pre-bundled with HP-UX.

product specifications

  • Apache Web Server v.1.3.27

  • Modules statically included http_core, mod_so
    Other standard modules dynamically included mod_access, mod_actions, mod_alias, mod_asis, mod_auth, mod_auth_anon, mod_auth_dbm, mod_autoindex, mod_cern_meta, mod_cgi, mod_define, mod_digest, mod_dir, mod_env, mod_expires, mod_headers, mod_imap, mod_include, mod_info, mod_log_config, mod_mime, mod_mime_magic, mod_negotiation, mod_proxy, mod_rewrite, mod_setenvif, mod_speling, mod_status, mod_unique_id, mod_userdir, mod_usertrack, mod_vhost_alias

      hpe-added features for v.1.3.27:

  • Modules dynamically included:auth_ldap, mod_jk, mod_jserv, mod_perl, mod_php, mod_ssl
  • RSA's BSAFE Crypto-C Library v.5.2 has U.S. Commerce approval for worldwide export of 128-bit strong encryption.
  • OpenSSL v.0.9.6g is an Open Source toolkit that implements the SSL/TLS security protocols.
  • mod_ssl v.2.8.11 provides strong cryptography for Apache over SSL using OpenSSL toolkit and BSAFE Crytpo-C libraries.
  • auth_ldap v.1.6 is the connector between Apache and an LDAP directory server module allowing Apache to authenticate HTTP clients by using entries in an LDAP directory. Auth_ldap supports iPlanet (Netscape) Directory Server and OpenLDAP Server and can be configured to use the stunnel program for secure SSL queries to the LDAP server. Stunnel is started and stopped using the bin/stunnel_ctl.sh utility.
  • mod_perl v.1.27 is a server plug-in that glues together the Perl runtime library, server software and an object oriented Perl interface to the server's C language API. This makes it possible to write Apache modules entirely in Perl. It is configured for Perl v.5.6.1.
  • mod_jk v.1.2.0 is the servlet connector to Tomcat in addition to the mod_jserv servlet connector found in previous versions of HPE Apache-based Web Server. mod_jk can use either the original ajpv12 protocol or the newer ajpv13 protocol.
  • Apache JServ v.1.1.1 is a Java servlet engine compliant with Java Servlet Development Kit 2.0. HPE Apache-based Web Server uses mod_jserv as the connector.
  • Tomcat v.3.3.1 is a servlet container which is compliant with Java Servlets 2.2 and JavaServer Pages 1.1.
  • PHP v.4.2.2 is a popular, server-side, cross-platform, HTML-embedded, full-featured language with a Java/C++ syntax. It also supports many databases.
  • Webmin v.0.980 is a web-based administration and configuration tool from Webmin. It has been enhanced to handle administration and configuration for the Apache Web Server.
  • Perl v.5.6.1 support for mod_perl module.
  • Support for loading customized Apache modules implemented in C++
  • Third Party Support: BroadVision plug-in provides out-of-the box support for BroadVision e-commerce application suite.
  • Automatic Restart of Apache/Tomcat/Webmin on reboot. More information on customization/configuration of this feature can be found in the Config Notes.
  • Chroot causes the named directory to become the root directory, the starting point for path searches. A malicious user cannot get to the root file system. Our chroot includes SSL enhancements. For example pass phrase exits in 60 seconds and limits retries. We include a script for copying OS files under your chroot directory.
  • MM v. 1.2.1 is a 2-layer abstraction library which simplifies the usage of shared memory between forked (and this way strongly related) processes under Unix platforms. MM support allows the httpd.conf SSLSessionCache directives shm:/opt/apache/logs/ssl_scache(512000) to be used.
  • certmig makes sharing of certificates between the Netscape Enterprise Server and any server that supports PKCS#12 formats possible. The certmig utility is an extension of the pk12util utility, provided by the Mozilla community. In addition to the pk12util functionality, certmig lists and extracts certificates from Netscape certificate databases.
  • Helper utilities make creating certificates (mkcert.sh) and starting and stopping stunnel (stunnel_ctl.sh) much easier. These two utilities can be found in the /opt/apache/bin/ directory.

system requirements

The installation paths are /opt/apache/ and /opt/tomcat/.

The HPE Apache-based Web Server can be installed on HP-UX 11.0 and 11i (PA-RISC). In addition, the following are bundle requirements:

  1. Binaries are dependent on the B.11.25 or later versions of ld and libdld. To determine the version on your machine, type ld -V and what /usr/lib/libdld.sl at the command line. Install PHSS_24303 or later to solve this problem. To download, go to the IT Resource Center for Americas and Asia Pacific or Europe. Note that on any given system, the versions of ld and libdld should be the same.
  2. Tomcat requires HPE JRE 1.3 or higher to be used. If your web application uses JSPs (Java Server Pages) then you will also need the JDK (Java Development Kit) so you can compile the JSPs.
    The latest version of Java 1.3 can be downloaded from https://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumber=HPUXJAVAHOME
  3. Using Apache JServ instead of Tomcat requires the Java Servlet Development Kit (JSDK) 2.0, which can be downloaded for Unix here.
  4. mod_perl requires Perl v.5.6.1, which can be downloaded from HPE Software Depot using the search keywords: Perl v.5.6.1, or directly, go here.
  5. Webmin depends on Perl 5. To use Perl v.5.6.1, use the same download steps as specified for mod_perl.
  6. Building DSOs using apxs (Apache Extension Tool) depends on Perl. The expected location for Perl is /opt/perl/bin/perl. Either download and install Perl as described for mod_perl, or change the path in the apxs script to the Perl location installed on your machine.

technical support

  • HPE Apache-based Web Server is supported by the HPE Worldwide Response Centers for customers with an HP-UX support contract.

Date released: 2002/10/18

 
Additional product information
Product #: B9415AAPA1327
Version: 1.3.27.00
Software specification:
Installation