httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 52210] Add TLS Next Protocol Negotiation (NPN) support to mod_ssl
Date Fri, 09 Jan 2015 13:40:54 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=52210

--- Comment #16 from Stefan Eissing <stefan@eissing.org> ---
Mark,

I understand. However OpenSSL 1.0.2 is currently in beta (although according to
R$ in production soon) and 1.0.1 does not have ALPN support. I also doubt,
giving the history, that everyone will deploy 1.0.2 immediately.

So, currently we have the situation where you cannot drop a mod_spdy into a 2.4
server without also replacing mod_ssl. The patch for NPN is in httpd/trunk, but
not in 2.4. 

So, everyone wanting to do ALPN/NPN with a httpd 2.4 needs to replace mod_ssl
which is not a good idea, it seems.

I today have made a clean patch for the NPN changes in trunk to be applicable
to 2.4. I want to enhance this with a second patch that uses ALPN instead of
NPN of the underlying openssl supports it (compile time).

I think this will allow for an easier transition to newer openssl and
introduction of ALPN than having everyone write her own mod_ssl version.

My question to httpd developers would be if they want to change the "npn" part
of the callback function names to "alpn" - which is worth it imho. I will put
this on the mailing list for discussion.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message