You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by "MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)" <ma...@hp.com> on 2001/07/07 04:48:53 UTC
RE: mod_ssl for Apache 2.0 (P-I)
Hi,
Here's the patch for the changes that I've done to get the mod_ssl
code to compile. It is based off the httpd-2_0_19 distribution (with the
very first patch to threaded that Ryan had suggested). The attached is
Part-1 of a 2 part mail (the ezmlm doesn't allow me to send mails > 100K)
I haven't been able to implement Ryan's suggestion regarding the use
of process_rec->pool->user_data. PLEASE note that this was my first step
towards getting most part of the code to compile - so I expect the changes
to evolve over time.. Please do commit accordingly..
Summary of changes :
--------------------
1. Replace ap_ctx *ap_global_ctx with a global table (apr_table_t
ap_global_ctx) created in SERVER/MAIN.C. This was just a temporary work
around - I'll be implementing the change that Ryan suggested.
2. Use conn_rec->notes, request_rec->notes to store any intermittent values
(to replace apctx).
3. SSLFilterCtx (on similar lines to TLSFilterCtx)
4. Current assumption is that the key file is not password encrypted (so, we
don't have the pass-phrase dialog restrictions)
5. The "#ifdef POSTPONE" block eliminates the pieces of code that I still
haven't looked into / which has to be investigated further.
6. Tried to change fopen, fclose... to use apr_file_* functionality.
7. Replace ap_* functions by the corresponding apr_* functions (not using
ap_compat.h purposefully). If anybody has objections, please do let me know
- it's really simple to go back to ap_* functionality.
Current Status :
----------------
1. If COMPILES_BUT_BREAKS_HTTP is set to "1" (in mod_ssl.c), the httpd
processes just come up - but none of the http requests will not be served -
I'm investigating further into the cause..
2. SSLFilter - I'm trying to use the TLSFilter code itself. (It can be
activated by setting the STILL_TESTING flag to "1" in mod_ssl.c).
Thanks
-Madhu
-----Original Message-----
From: MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)
[mailto:madhusudan_mathihalli@hp.com]
Sent: Thursday, July 05, 2001 11:27 AM
To: 'new-httpd@apache.org'
Cc: modssl-users@modssl.org
Subject: RE: mod_ssl for Apache 2.0
Fine. I'll try to incorporate the change that Ryan has suggested and shall
send out the patch today.
Thanks
-Madhu
-----Original Message-----
From: rbb@covalent.net [mailto:rbb@covalent.net]
Sent: Thursday, July 05, 2001 11:14 AM
To: new-httpd@apache.org
Cc: modssl-users@modssl.org
Subject: RE: mod_ssl for Apache 2.0
> > Thanks very much for the information. Infact over the last couple of
> > days, I've managed to eliminate most of the "#if 0 ... #endif" portions
of
> > the code - and get the code to compile (ofcourse with major
exceptions)..
>
> Cool!
>
> > I'm currently trying to develop the input / output filter.
>
> mod_tls should provide some good insight for getting that done, as it
> sounds like you've discovered.
mod_ssl should actually just be using the TLS_filters. No need to
duplicate code here.
> > Here's the set highlight of the changes that I've done :
> > 1. Replace ap_ctx *ap_global_ctx with a global table (this is just for
> > work-around, till something better can be achieved). I'm trying to
minimize
> > the amount of data that'll eventually be stored in ap_global_ctx
These should be using the process_rec->pool->user_data.
Looking forward to the patch.
Ryan
____________________________________________________________________________
_
Ryan Bloom rbb@apache.org
Covalent Technologies rbb@covalent.net
----------------------------------------------------------------------------
-