You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Cliff Woolley <cl...@yahoo.com> on 2001/07/05 20:10:35 UTC

RE: mod_ssl for Apache 2.0

 [new-httpd: I'm crossposting this message from modssl-users.  new-httpd
  is probably the more appropriate place for the discussion at this point.
  The short-short version: Madhu from HP has been working on getting
  mod_ssl further ported to 2.0.  =-) ]


On Thu, 5 Jul 2001, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) wrote:

> 	Thanks very much for the information. Infact over the last couple of
> days, I've managed to eliminate most of the "#if 0 ... #endif" portions of
> the code - and get the code to compile (ofcourse with major exceptions)..

Cool!

> I'm currently trying to develop the input / output filter.

mod_tls should provide some good insight for getting that done, as it
sounds like you've discovered.

> I can send out the set of my changes to the mailing list - but I'm
> afraid if it'll be useful - as the current set of changes is still
> work in progress and not complete.

Nice.  If you send in a patch, send it to new-httpd@apache.org.  It
doesn't matter in this case if the patch is incomplete... any progress is
good as far as I'm concerned.

> 	Here's the set highlight of the changes that I've done :
> 1. Replace ap_ctx *ap_global_ctx with a global table (this is just for
> work-around, till something better can be achieved). I'm trying to minimize
> the amount of data that'll eventually be stored in ap_global_ctx
> 2. Use conn_rec->notes to store any intermittant values (replaces apctx -
> again trying to miminize the use of this, and rather use SSLFilterCtx to
> store connection specific data)
> 3. SSLFilterCtx (on similar lines to TLSFilterCtx)
> 4. Current assumption is that the key file is not password encrypted (so, we
> don't have the pass-phrase dialog restrictions)
>
> 	It'll be great if anybody can let me know if I'm proceeding in the
> right direction (or if it's too pre-mature to start dealing with mod_ssl)..
>
> Thanks
> -Madhu

--Cliff


--------------------------------------------------------------
   Cliff Woolley
   cliffwoolley@yahoo.com
   Charlottesville, VA

RE: mod_ssl for Apache 2.0

Posted by rb...@covalent.net.

> > 	Thanks very much for the information. Infact over the last couple of
> > days, I've managed to eliminate most of the "#if 0 ... #endif" portions of
> > the code - and get the code to compile (ofcourse with major exceptions)..
>
> Cool!
>
> > I'm currently trying to develop the input / output filter.
>
> mod_tls should provide some good insight for getting that done, as it
> sounds like you've discovered.

mod_ssl should actually just be using the TLS_filters.  No need to
duplicate code here.

> > 	Here's the set highlight of the changes that I've done :
> > 1. Replace ap_ctx *ap_global_ctx with a global table (this is just for
> > work-around, till something better can be achieved). I'm trying to minimize
> > the amount of data that'll eventually be stored in ap_global_ctx

These should be using the process_rec->pool->user_data.

Looking forward to the patch.

Ryan

_____________________________________________________________________________
Ryan Bloom                        	rbb@apache.org
Covalent Technologies			rbb@covalent.net
-----------------------------------------------------------------------------