You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Martin Kraemer <ma...@apache.org> on 2005/09/19 11:40:24 UTC
[PATCH] Mixed-cased SSLRequire operators in mod_ssl ?
On Tue, Aug 02, 2005 at 07:14:10PM +0200, Martin Kraemer wrote:
> Of course. BTW: do you think case insensitivity for the keywords
> is a good idea? I do, but I don't know if it would cause
> misinterpretation for some existing config files. Like, when
> someone was looking for a string "EQ", will the parser now bail
> out because it becomes a keyword?
I saw no discussion about this question. What does everybody think --
should I apply something like the appended patch to allow for a more
liberal syntax, e.g. using "AND", "oR" or "In" in the example
directive from the docs:
SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ \
and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
WDYT?
Martin
--
<Ma...@Fujitsu-Siemens.com> | Fujitsu Siemens
Fon: +49-89-636-46021, FAX: +49-89-636-48332 | 81730 Munich, Germany
Re: [PATCH] Mixed-cased SSLRequire operators in mod_ssl ?
Posted by David Reid <da...@jetnet.co.uk>.
Joe Orton wrote:
> On Mon, Sep 19, 2005 at 11:40:24AM +0200, Martin Kraemer wrote:
>
>>On Tue, Aug 02, 2005 at 07:14:10PM +0200, Martin Kraemer wrote:
>>
>>>Of course. BTW: do you think case insensitivity for the keywords
>>>is a good idea? I do, but I don't know if it would cause
>>>misinterpretation for some existing config files. Like, when
>>>someone was looking for a string "EQ", will the parser now bail
>>>out because it becomes a keyword?
>>
>>I saw no discussion about this question. What does everybody think --
>>should I apply something like the appended patch to allow for a more
>>liberal syntax, e.g. using "AND", "oR" or "In" in the example
>
>
> I'm pretty much indifferent, lacking a strong motivation to change it
> I'd leave it as-is...
While I can see this making writing the config easier, I'm not sure it's
something we should change... -0 from me as well.
david
Re: [PATCH] Mixed-cased SSLRequire operators in mod_ssl ?
Posted by Joe Orton <jo...@redhat.com>.
On Mon, Sep 19, 2005 at 11:40:24AM +0200, Martin Kraemer wrote:
> On Tue, Aug 02, 2005 at 07:14:10PM +0200, Martin Kraemer wrote:
> > Of course. BTW: do you think case insensitivity for the keywords
> > is a good idea? I do, but I don't know if it would cause
> > misinterpretation for some existing config files. Like, when
> > someone was looking for a string "EQ", will the parser now bail
> > out because it becomes a keyword?
>
> I saw no discussion about this question. What does everybody think --
> should I apply something like the appended patch to allow for a more
> liberal syntax, e.g. using "AND", "oR" or "In" in the example
I'm pretty much indifferent, lacking a strong motivation to change it
I'd leave it as-is...
Regards,
joe