httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 41123] - Support of OCSP in mod_ssl (rewritten patch from bug #31383)
Date Fri, 09 Feb 2007 13:22:19 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41123>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41123





------- Additional Comments From marc.stern@approach.be  2007-02-09 05:22 -------
I modified and cleaned up the code as requested; I will upload a new patch.

Some questions:

1. I used the connection pool for memory allocation: c->pool from
ssl_callback_SSLVerify_Validity(). Is that correct ? I did not use any pool
cleanup, as this will be closed at the end of the connection.

2. I originally added the #ifdef NOOCSP in case you want a version that is
compiled with this code. Is this really needed ? Can I remove it ?

3. Should I replace the HTTP connection by some calls to some Apache API ? Which
API is available ?

4. Probably dependent to the previous question, is there any global setting
defining a proxy to call when opening an outgoing HTTP(S) connection ? I could
define it for the OCSP call only, but some other code (even external modules)
could also need it; this would lead to the same info being defined several time.
Should I implement it only for my code ? Or can I assume that the server will
always have a direct access to the OCSP server ?


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message