Return-Path: Delivered-To: apmail-apr-dev-archive@www.apache.org Received: (qmail 44074 invoked from network); 16 Aug 2006 16:43:12 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 16 Aug 2006 16:43:12 -0000 Received: (qmail 69905 invoked by uid 500); 16 Aug 2006 16:43:10 -0000 Delivered-To: apmail-apr-dev-archive@apr.apache.org Received: (qmail 69850 invoked by uid 500); 16 Aug 2006 16:43:10 -0000 Mailing-List: contact dev-help@apr.apache.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Id: Delivered-To: mailing list dev@apr.apache.org Received: (qmail 69610 invoked by uid 99); 16 Aug 2006 16:43:10 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 16 Aug 2006 09:43:10 -0700 X-ASF-Spam-Status: No, hits=0.5 required=10.0 tests=DNS_FROM_RFC_ABUSE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: domain of rooneg@gmail.com designates 64.233.162.200 as permitted sender) Received: from [64.233.162.200] (HELO nz-out-0102.google.com) (64.233.162.200) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 16 Aug 2006 09:43:09 -0700 Received: by nz-out-0102.google.com with SMTP id s18so124357nze for ; Wed, 16 Aug 2006 09:42:48 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=VSutyWwdjU28DZ8sRd4RFCsLBWHApm61AX7PzhaYNUcUqtZhdMAK9I2Y2AkisCNiZI7RUy/5plehGgO5hfzC2/gHR7aQ4c45nkxsOzUMkERSrVi7iMgcTRwgZAXnTP7WBg6zmDj1QWRBmgvPMvnvsziJXPQC/AmmeYaBcIFxPB0= Received: by 10.65.75.19 with SMTP id c19mr920684qbl; Wed, 16 Aug 2006 09:42:48 -0700 (PDT) Received: by 10.64.243.8 with HTTP; Wed, 16 Aug 2006 09:42:48 -0700 (PDT) Message-ID: <7edfeeef0608160942m783c90e2u1e70d88f0b89edb3@mail.gmail.com> Date: Wed, 16 Aug 2006 12:42:48 -0400 From: "Garrett Rooney" Sender: rooneg@gmail.com To: "Klaus Wagner" Subject: Re: Regex encap. but not SSL? Cc: "david reid" , dev@apr.apache.org In-Reply-To: <1155725827.17030.44.camel@stalker> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <44DE3675.5080501@jetnet.co.uk> <7edfeeef0608140701x23c6a9f6ue0c1ff4ab1f1793a@mail.gmail.com> <44E09B56.6070906@jetnet.co.uk> <1155725827.17030.44.camel@stalker> X-Google-Sender-Auth: b2de22ef9111732a X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N On 8/16/06, Klaus Wagner wrote: > On Mon, 2006-08-14 at 16:48 +0100, david reid wrote: > > > I've heard this a couple of times now, so while I had thought the > > benefits spoke for themselves maybe they don't. > > As the regex encap. thread flames up I would like to know > if anyone ever intended to encap. SSL Libraries in apr-util. > > The benefits would be far greater. gnutls and openssl could be > included - maybe even microsofts crypto api. this would raise > abilities for a) applications and b) httpd greatly which by now only > supports openssl (if my understanding is correct). > > Openssl from a users view is quite hard to handle. There are several > ways to initialize ciphers wrong, mess up the code with BIO structures > and it gets even worse if nonblocking IO comes in. > > So the main benefit would be simplification and abstraction from BIO > structures, beside the ability of using different backends. > > I know that this task would be complicated and I don't know if all > crypto implementations have at least some similar functionalities > that can be wrapped. Initial implementations of ssl code have already been committed to apr-util's trunk. -garrett