httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 41123] - Support of OCSP in mod_ssl (rewritten patch from bug #31383)
Date Wed, 28 Nov 2007 19:37:19 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41123>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41123





------- Additional Comments From jorton@redhat.com  2007-11-28 11:37 -------
Created an attachment (id=21201)
 --> (http://issues.apache.org/bugzilla/attachment.cgi?id=21201&action=view)
final patch

Final patch before committing to trunk.  Changes:

1) factors out the HTTP client into ssl_util_ocsp, and re-implements using APR
functions directly; fixing I/O timeout handling, server address handling, and
adding response memory use constraints rather than streaming into RAM
indefinitely (!) as the OpenSSL code does.  Also allows this code to be easily
switched out for a Real HTTP Client (TM) later.

2) removes the debugging code which dumps base64-encoded which seems overkill;
tcpdump/wireshark works for such case.

3) use a temporary pool to constrain connection pool memory use


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message