RE: [EMAIL PROTECTED] mod_ssl + basic auth

2008-10-30 Thread Jorge Medina
ursday, October 30, 2008 10:21 AM To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] mod_ssl + basic auth That doesn't seem to work for me. I mean, it asks me for the certificate, however if the certificate is accepted, it will still check if it is inside the lan or if the user/pass is ok. Wh

Re: [EMAIL PROTECTED] mod_ssl + basic auth

2008-10-30 Thread Ricardo Ramos
e of the , just in your > . > > Also, seems that "optional" is not supported by all browsers. You must use > "require". > > > -- > *From:* Ricardo Ramos [mailto:[EMAIL PROTECTED] > *Sent:* Wednesday, October 29, 2008 11:06 PM > *T

RE: [EMAIL PROTECTED] mod_ssl + basic auth

2008-10-30 Thread Jorge Medina
Ramos [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 29, 2008 11:06 PM To: users@httpd.apache.org Subject: [EMAIL PROTECTED] mod_ssl + basic auth Hi! I want to do this: check if the client sends me a certificate which my self-signed CA has signed or if the client is inside the same network or if

[EMAIL PROTECTED] mod_ssl + basic auth

2008-10-29 Thread Ricardo Ramos
Hi! I want to do this: check if the client sends me a certificate which my self-signed CA has signed or if the client is inside the same network or if the client enters a username+password. However, with this, I can't have my browser(s) prompting me for a certificate.. it just seems that that par

[EMAIL PROTECTED] Mod_ssl Problems?

2008-07-16 Thread Wulf Kaiser
Hi all, It's me again ;-)) After the succesful build of httpd-2.2.9 under Solaris 10 SPARC, i ran into a SSL problem during the tests - the error_log output (Level: debug) is attached. Any ideas? Liebe Grüsse, Wulf Kaiser ___ IT Services - Web & Database Developmen

Re: [EMAIL PROTECTED] mod_ssl: creating self signed certificate on apache for multiple domains

2008-06-12 Thread Scott Courtney
On Thu, 2008-06-12 at 15:57 +0200, André Warnier wrote: > > Agnello George wrote: > >> The openssl command will always prompt you for a password. > > Just by curiosity : you cannot just enter for the pass-phrase I > guess, or ? With the versions I've used, it won't accept an empty passphrase

Re: [EMAIL PROTECTED] mod_ssl: creating self signed certificate on apache for multiple domains

2008-06-12 Thread Krist van Besien
> Is this the way to go about creating ssl certificates fro multiple domains, > or is there any other alternate way ?? You can't have namevirtual hosts with ssl support. what you are trying won't work, unless you have the SNI patch... Krist -- [EMAIL PROTECTED] [EMAIL PROTECTED] Bremgarten b.

Re: [EMAIL PROTECTED] mod_ssl: creating self signed certificate on apache for multiple domains

2008-06-12 Thread André Warnier
Agnello George wrote: The openssl command will always prompt you for a password. Just by curiosity : you cannot just enter for the pass-phrase I guess, or ? - The official User-To-User support forum of the Apache HTTP Se

Re: [EMAIL PROTECTED] mod_ssl: creating self signed certificate on apache for multiple domains

2008-06-12 Thread Agnello George
> The openssl command will always prompt you for a password. The trick is > to *remove* the password afterward by passing the cert through openssl > again. I believe the command is like this: > > openssl rsa -in server.crt -out server-nopasswd.crt > > I'm working from memory here, so check this pag

Re: [EMAIL PROTECTED] mod_ssl: creating self signed certificate on apache for multiple domains

2008-06-12 Thread Scott Courtney
On Thu, 2008-06-12 at 18:37 +0530, Agnello George wrote: > > > Try re-creating your keys, but this time without entering a > passkey. > Otherwise you'll have to enter it each time you start Apache. > > how is that done i use the following command to create the >

Re: [EMAIL PROTECTED] mod_ssl: creating self signed certificate on apache for multiple domains

2008-06-12 Thread Agnello George
> > Try re-creating your keys, but this time without entering a passkey. > Otherwise you'll have to enter it each time you start Apache. how is that done i use the following command to create the certificate cd /usr/local/apache2/conf/ openssl req -new -x509 -days 30 -keyout server.key -out ser

Re: [EMAIL PROTECTED] mod_ssl: creating self signed certificate on apache for multiple domains

2008-06-12 Thread André Warnier
Hi. Try re-creating your keys, but this time without entering a passkey. Otherwise you'll have to enter it each time you start Apache. Agnello George wrote: Hi I am trying to implement ssl on my Apache server for multiple domains . I have created a self -signed certificate using the followin

[EMAIL PROTECTED] mod_ssl: creating self signed certificate on apache for multiple domains

2008-06-12 Thread Agnello George
Hi I am trying to implement ssl on my Apache server for multiple domains . I have created a self -signed certificate using the following command . ( For domain agnello.com ) openssl req -new -x509 -days 30 -keyout /usr/local/apache2/conf/domains_ssl/agnello.com/server.key -out /usr/local/apac

Re: [EMAIL PROTECTED] mod_ssl Unable to Configure Key

2008-03-17 Thread Rich
Hi there. I realized I didn't have the right files, so I redid the cert generation by restructuring that command, and it started to work. Now if I could only get my browser to respect the self signed cert. On Mar 17, 2008, at 5:00 PM, Krist van Besien wrote: # openssl errstr 0B080074 er

Re: [EMAIL PROTECTED] mod_ssl Unable to Configure Key

2008-03-17 Thread Krist van Besien
On Mon, Mar 17, 2008 at 5:04 PM, Rich <[EMAIL PROTECTED]> wrote: > Hi folks. I'm having some issues with mod_ssl and I was told this is > the place to be asking such questions. > > [Mon Mar 17 11:47:58 2008] [error] mod_ssl: Init: (wasabi.local:443) > Unable to configure RSA server private key

[EMAIL PROTECTED] mod_ssl Unable to Configure Key

2008-03-17 Thread Rich
Hi folks. I'm having some issues with mod_ssl and I was told this is the place to be asking such questions. [Mon Mar 17 11:47:58 2008] [error] mod_ssl: Init: (wasabi.local:443) Unable to configure RSA server private key (OpenSSL library error follows) [Mon Mar 17 11:47:58 2008] [error] Ope

[EMAIL PROTECTED] mod_ssl with SSLCryptoDevice

2008-01-29 Thread Brian Cox
I'm trying to compile 2.0.63 with a mod_ssl that will accept the "SSLCryptoDevice" directive. I tried adding --enable-rule=SSL_EXPERIMENTAL to ./configure and then doing make, but that didn't work. How do I do this? Thanks, Brian

Re: [EMAIL PROTECTED] mod_ssl: behaviour with no client cert

2007-10-24 Thread Joshua Slive
On 10/24/07, William Westbrooks <[EMAIL PROTECTED]> wrote: > > How do I unsubsribe to stop recieveing these emails? Start by not being rude to all the other list subscribers. One such request for help is more than enough. Then read the bottom of each list message: > See http://httpd.apache.org/u

Re: [EMAIL PROTECTED] mod_ssl: behaviour with no client cert

2007-10-24 Thread William Westbrooks
How do I unsubsribe to stop recieveing these emails? -Original Message- >From: Joshua Slive <[EMAIL PROTECTED]> >Sent: Oct 24, 2007 10:34 AM >To: users@httpd.apache.org >Subject: Re: [EMAIL PROTECTED] mod_ssl: behaviour with no client cert > >On 10/23/07, Peng, T

Re: [EMAIL PROTECTED] mod_ssl: behaviour with no client cert

2007-10-24 Thread Joshua Slive
On 10/23/07, Peng, Thierry <[EMAIL PROTECTED]> wrote: > > > > > Hi > > > > I have a question about the mod_ssl. I've enabled the SSLVerifyClient in the > apache2.conf with the parameter require. This works perfectly, although, > when a user does not have a certificate, it sends only a not very mean

[EMAIL PROTECTED] mod_ssl: behaviour with no client cert

2007-10-23 Thread Peng, Thierry
Hi I have a question about the mod_ssl. I've enabled the SSLVerifyClient in the apache2.conf with the parameter require. This works perfectly, although, when a user does not have a certificate, it sends only a not very meaningful failure code back: in example -12195. Now, I'd like to replace t

RE: [EMAIL PROTECTED] mod_ssl revisited

2007-07-12 Thread Boyle Owen
> -Original Message- > From: Jeff Fulmer [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 11, 2007 7:23 PM > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] mod_ssl revisited > > Now I'm back to the original problem. I turned off name > resolution

[EMAIL PROTECTED] mod_ssl revisited

2007-07-11 Thread Jeff Fulmer
Now I'm back to the original problem. I turned off name resolution and I restarted apache. The virtual host for www.myserver.com:443 works as expected. However, this error continues to repeat itself in the logs: [Wed Jul 11 13:14:39 2007] [info] Connection to child 22 established (server www.myser

RE: [EMAIL PROTECTED] mod_ssl and client cert

2007-06-06 Thread TAYLOR, TIM \(CONTRACTOR\)
users@httpd.apache.org Subject: [EMAIL PROTECTED] mod_ssl and client cert Hello everyone. I've an apache 2.2.4 up and running! I've this configuration in my ssl.conf file: Listen xxx.xxx.xxx.xxx:443 ServerName xxx.xxx.xxx.xxx:443 ErrorLog /opt/CHROOT/HTTPD-2.2.4/logs/error_log TransferLog /o

[EMAIL PROTECTED] mod_ssl and client cert

2007-05-31 Thread Manuela . Vorazzo
Hello everyone. I've an apache 2.2.4 up and running! I've this configuration in my ssl.conf file: Listen xxx.xxx.xxx.xxx:443 ServerName xxx.xxx.xxx.xxx:443 ErrorLog /opt/CHROOT/HTTPD-2.2.4/logs/error_log TransferLog /opt/CHROOT/HTTPD-2.2.4/logs/access_log SSLEngine on SSLCipherSuite ALL:!ADH:!EX

Re: [EMAIL PROTECTED] Mod_ssl version?

2007-04-13 Thread William A. Rowe, Jr.
Mike VanHorn wrote: > The report that I got specifically refers to mod_ssl. It says that "mod_ssl > older than 2.87" has a buffer overflow problem; does this sound like > something that applies to Apache 1.x? 2.87 was modssl.org numbering. Someone doesn't know wth they are talking about :) -

Re: [EMAIL PROTECTED] Mod_ssl version?

2007-04-13 Thread Mike VanHorn
The report that I got specifically refers to mod_ssl. It says that "mod_ssl older than 2.87" has a buffer overflow problem; does this sound like something that applies to Apache 1.x? I have OpenSSL 0.9.7, so I would hope that's not what they're complaining about. Thanks! On 4/13/07 2:13 PM, "W

Re: [EMAIL PROTECTED] Mod_ssl version?

2007-04-13 Thread William A. Rowe, Jr.
Mike VanHorn wrote: > > I have Apache 2.2.2, and the version given for mod_ssl is 2.2.2. > > We were recently audited and the audit report notes that our version of > mod_ssl is old. 2.2.4 is current. Are you certain that is what they identified? It might also be that the version of OpenSSL wa

Re: [EMAIL PROTECTED] Mod_ssl version?

2007-04-13 Thread Joshua Slive
On 4/13/07, Mike VanHorn <[EMAIL PROTECTED]> wrote: I have Apache 2.2.2, and the version given for mod_ssl is 2.2.2. We were recently audited and the audit report notes that our version of mod_ssl is old. I can't find anything that tells me where I can go to get a newer version of mod_ssl fo

[EMAIL PROTECTED] Mod_ssl version?

2007-04-13 Thread Mike VanHorn
I have Apache 2.2.2, and the version given for mod_ssl is 2.2.2. We were recently audited and the audit report notes that our version of mod_ssl is old. I can¹t find anything that tells me where I can go to get a newer version of mod_ssl for Apache 2.2.x; I did find some higher version numbers fo

Re: [EMAIL PROTECTED] mod_ssl question

2007-03-29 Thread Sander Temme
On Mar 29, 2007, at 1:25 PM, Rodman wrote: A, that makes so much more sense. I didn't even think to have two virtual hosts of the same site but have one of them SSL while the other is standard port 80. Redirecting should be easy then. Yes, if you put your Redirect in the main server

Re: [EMAIL PROTECTED] mod_ssl question

2007-03-29 Thread Rodman
al Message - From: "Joshua Slive" <[EMAIL PROTECTED]> To: Sent: Thursday, March 29, 2007 2:46 PM Subject: Re: [EMAIL PROTECTED] mod_ssl question On 3/29/07, Rodman <[EMAIL PROTECTED]> wrote: Great!! Now I have to figure out how to do it. You wouldn't happen

Re: [EMAIL PROTECTED] mod_ssl question

2007-03-29 Thread Joshua Slive
On 3/29/07, Rodman <[EMAIL PROTECTED]> wrote: Great!! Now I have to figure out how to do it. You wouldn't happen to have a link handy with some basic instructions on how to secure just a directory instead of an entire site? I'm guessing that I would have to use some sort of SSL container insi

Re: [EMAIL PROTECTED] mod_ssl question

2007-03-29 Thread Rodman
st a guess. I'll check with godaddy and see what I can dig up for cheaper certificates... Rodman - Original Message - From: "Dragon" <[EMAIL PROTECTED]> To: Sent: Thursday, March 29, 2007 11:17 AM Subject: Re: [EMAIL PROTECTED] mod_ssl question Rodman

Re: [EMAIL PROTECTED] mod_ssl question

2007-03-29 Thread Dragon
Rodman wrote: Hello, Have a question pertaining to using mod_ssl on one of my virtual sites. I am running a web mail application in a directory on one of my sites and I was wondering if it would be possible to secure just a particular directory and everything under it. For example, my site

[EMAIL PROTECTED] mod_ssl question

2007-03-29 Thread Rodman
Hello, Have a question pertaining to using mod_ssl on one of my virtual sites. I am running a web mail application in a directory on one of my sites and I was wondering if it would be possible to secure just a particular directory and everything under it. For example, my site is www.example.c

Re: [EMAIL PROTECTED] mod_ssl

2007-01-22 Thread Sander Temme
On Jan 22, 2007, at 8:21 AM, John Flores wrote: I am looking for instrunctions on how to disable mod_ssl for 1.3 and 2.0. Comment out the LoadModule line in httpd.conf and restart your server. Alternatively, many server installations wrap the SSL configuration in an block. To turn of mo

[EMAIL PROTECTED] mod_ssl

2007-01-22 Thread John Flores
I am looking for instrunctions on how to disable mod_ssl for 1.3 and 2.0. Thanks, John Flores

[EMAIL PROTECTED] mod_ssl: using connection: upgrade leaves plaintext in reply

2006-12-21 Thread Michael Stapelberg
Hello, I'm just struggling around with using Connection: Upgrade. I issue a GET / HTTP/1.1-request (see bottom for the exact one) and the part of the reply which is generated by php is send in cleartext (the client naturally doesn't want to accept that and closes the connection): [pid 16349] recv

Re: [EMAIL PROTECTED] mod_ssl and mod_proxy

2006-09-18 Thread Serge Dubrouski
It'll be really hard to help you without seeing your config files. At least proxy and ssl part. Usually people use mod_rewrite and mod_proxy for proxying front-end HTTPS requests to the backend servers. With SSLProxyEngine on it works just fine. On 9/18/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> w

[EMAIL PROTECTED] mod_ssl and mod_proxy

2006-09-18 Thread sniedermeyer
I've been trying to find a good reference for setting up ssl between our Apache reverse proxy server and back-end web application servers. No luck so far. Here's our setup: Apache 2.2.2 reverse proxy server (RPS) === Reverse proxy function is working g

Re: [EMAIL PROTECTED] mod_ssl with Httpd2.2

2006-08-10 Thread Ashutosh Mohanty
AIL PROTECTED] > Sent: Thursday, August 10, 2006 3:48 PM > To: users@httpd.apache.org > Subject: Re: [EMAIL PROTECTED] mod_ssl with Httpd2.2 > > Hi, > > [EMAIL PROTECTED] wrote: >> Here is the error: >> >> >> Starting httpd: httpd: Syntax error on

RE: [EMAIL PROTECTED] mod_ssl with Httpd2.2

2006-08-10 Thread rajesh.gannarapu
mod_ssl.so is not available at modules directory. -Original Message- From: Ashutosh Mohanty [mailto:[EMAIL PROTECTED] Sent: Thursday, August 10, 2006 3:48 PM To: users@httpd.apache.org Subject: Re: [EMAIL PROTECTED] mod_ssl with Httpd2.2 Hi, [EMAIL PROTECTED] wrote: > Here is

Re: [EMAIL PROTECTED] mod_ssl with Httpd2.2

2006-08-10 Thread Ashutosh Mohanty
les/mod_ssl.so Ashutosh SynaptiCAD Inc. > > > > > > -Original Message- > From: Boyle Owen [mailto:[EMAIL PROTECTED] > Sent: Thursday, August 10, 2006 3:16 PM > To: users@httpd.apache.org > Subject: RE: [EMAIL PROTECTED] mod_ssl with Httpd2.2 > > > &g

RE: [EMAIL PROTECTED] mod_ssl with Httpd2.2

2006-08-10 Thread rajesh.gannarapu
[FAILED] -Original Message- From: Boyle Owen [mailto:[EMAIL PROTECTED] Sent: Thursday, August 10, 2006 3:16 PM To: users@httpd.apache.org Subject: RE: [EMAIL PROTECTED] mod_ssl with Httpd2.2 > -Original Message- > From: [EMAIL PROTECTED] [mailto:

RE: [EMAIL PROTECTED] mod_ssl with Httpd2.2

2006-08-10 Thread Boyle Owen
> -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Thursday, August 10, 2006 11:18 AM > To: users@httpd.apache.org > Subject: RE: [EMAIL PROTECTED] mod_ssl with Httpd2.2 > > > Thanks for your Prompt response Boyle, > > I

RE: [EMAIL PROTECTED] mod_ssl with Httpd2.2

2006-08-10 Thread rajesh.gannarapu
apart from the listed rpms? -- Gannarapu -Original Message- From: Boyle Owen [mailto:[EMAIL PROTECTED] Sent: Thursday, August 10, 2006 2:35 PM To: users@httpd.apache.org Subject: RE: [EMAIL PROTECTED] mod_ssl with Httpd2.2 > -Original Message- > From: [EMAIL PRO

RE: [EMAIL PROTECTED] mod_ssl with Httpd2.2

2006-08-10 Thread Boyle Owen
> -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Thursday, August 10, 2006 11:00 AM > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] mod_ssl with Httpd2.2 > > > Hi Friends, > > I want to upgrade to http2.2 from http

[EMAIL PROTECTED] mod_ssl with Httpd2.2

2006-08-10 Thread rajesh.gannarapu
Hi Friends, I want to upgrade to http2.2 from http2.0. I downloaded below rpms apr-1.2.1-1.i386.rpm apr-util-1.2.1-1.i386.rpm httpd-2.2.3-1.i386.rpm But I could not able to download the compatible version of mod_ssl rpm. Please let me where I can download the mod_ssl r

Re: [EMAIL PROTECTED] MOD_SSL not working

2006-08-08 Thread Christian Folini
Hi Laurence, I propose you try to isolate your problem. Try to get an ssl-setup without the authentication, rsa and securid stuff working. If mod_ssl still does not work, then you know where to dig further. Right now, it is difficult to tell where the problem actually lies. When you are locking d

[EMAIL PROTECTED] MOD_SSL not working

2006-08-08 Thread Cohen, Laurence
Hi,   I’m having trouble getting SSL to work on my apache 2.055 webserver, running on Solaris 8.  When I start the server up, everthing looks OK in the error_log.   start child 21965 rpc_server 21964 started by 21953 [Tue Aug 08 09:14:31 2006] [info] Init: Initializing OpenSSL library

Re: [EMAIL PROTECTED] mod_ssl: How to change the SSLCipherSuite setup

2005-11-14 Thread Jérôme Tytgat
If your main quest is to harden Cipher Suite, something like that is quite good : SSLProtocol -ALL +SSLv3 +TLSv1 SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM you should remove SSLv2 as it as weakness. Jerome Qingshan Xie a écrit : >I am using Apache 2.0.54 with.

[EMAIL PROTECTED] mod_ssl: How to change the SSLCipherSuite setup

2005-11-13 Thread Qingshan Xie
All, I am using Apache 2.0.54 with. The default SSLCipherSuite is SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL In this CipherSuite, I observed nearly all browsers(IE, Netscape, Firefox) select RC4. Tried to change it to 3DES, like SSLCipherSuite ALL:!ADH:3DES+RS

[EMAIL PROTECTED] mod_ssl causes child process to crash on Win32?

2005-09-06 Thread Issac Goldstand
Hi there, I run have a machine running Apache/2.0.54 (Win32) mod_ssl/2.0.54 OpenSSL/0.9.7g mod_perl/2.0.1 Perl/v5.8.7 From time to time in the error log, I get a notice" [info] (OS 10054)An existing connection was forcibly closed by the remote host. : core_output_filter: writing data to the n

RE: [EMAIL PROTECTED] mod_ssl for Apache 2.0.48 on Windows XP

2005-09-01 Thread Michael Louie Loria
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I have tested Apache + mod SSL and it works fine. You need to download the windows version of OpenSSL to generate the certificates. Michael Louie Loria -BEGIN PGP SIGNATURE- Comment: Public Key: https://www.biglumber.com/x/web?qs=0x4A256EC

RE: [EMAIL PROTECTED] mod_ssl for Apache 2.0.48 on Windows XP

2005-09-01 Thread Boyle Owen
> -Original Message- > From: Ivanov A.A. [mailto:[EMAIL PROTECTED] > Sent: Donnerstag, 1. September 2005 11:47 > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] mod_ssl for Apache 2.0.48 on Windows XP > > > Hello all. > I'l write on russian I

[EMAIL PROTECTED] mod_ssl for Apache 2.0.48 on Windows XP

2005-09-01 Thread Ivanov A.A.
Hello all. I'l write on russian Привет всем еще раз. Может кто ответит на русском понятно. Я не спец по Apache, только начинаю, но есть вопрос, знает ли кто, где найти mod_ssl под Apache 2.0.48 или новее для установки по Windows XP. Все дистрибутивы, находящиеся на официальном сайте только под Linu

Re: [EMAIL PROTECTED] mod_ssl missing

2005-07-29 Thread Joost de Heer
> # openssl s_client -connect (sitename):443 -debug > CONNECTED(0003) > - 3c 21 44 4f 43 54 59 20771:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown > protocol:s23_clnt.c:475: You didn't set SSLEngine on for this virtual host, so it's delivering un

Re: [EMAIL PROTECTED] mod_ssl missing

2005-07-28 Thread Tom Ray [Lists]
Craig- To answer you question, no I was not. I did a search for mod_ssl.so and I found it in /usr/lib/apache2 when I looked in httpd.conf however, there was no reference to it. I also found reference to it in loadmodule.conf under /etc/apache2 the line is: LoadModule ssl_module

Re: [EMAIL PROTECTED] mod_ssl missing

2005-07-28 Thread Craig Dunigan
On Thu, 28 Jul 2005, Tom Ray [Lists] wrote: > We built a box months ago using SuSE 9.1, and installed everything > straight from the CD's via YaST but it seems that when we tried to get a > SSL enabled site to work, it gave us errors. Doing a quick search on the > box it seems that mod_ssl.c is

[EMAIL PROTECTED] mod_ssl missing

2005-07-28 Thread Tom Ray [Lists]
We built a box months ago using SuSE 9.1, and installed everything straight from the CD's via YaST but it seems that when we tried to get a SSL enabled site to work, it gave us errors. Doing a quick search on the box it seems that mod_ssl.c isn't installed. When I do a /usr/sbin/httpd2 -l mod_s