httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wr...@apache.org
Subject cvs commit: httpd-2.0 STATUS
Date Thu, 30 May 2002 16:00:28 GMT
wrowe       02/05/30 09:00:28

  Modified:    .        STATUS
  Log:
    Thanks for verifying these are valid, Doug.  Now this [much shorter]
    list should be living in our STATUS file.  Question of module maps
    and file layout is already off to the list.
  
  Revision  Changes    Path
  1.644     +47 -9     httpd-2.0/STATUS
  
  Index: STATUS
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/STATUS,v
  retrieving revision 1.643
  retrieving revision 1.644
  diff -u -r1.643 -r1.644
  --- STATUS	30 May 2002 06:02:15 -0000	1.643
  +++ STATUS	30 May 2002 16:00:28 -0000	1.644
  @@ -1,5 +1,5 @@
   APACHE 2.0 STATUS:                                              -*-text-*-
  -Last modified at [$Date: 2002/05/30 06:02:15 $]
  +Last modified at [$Date: 2002/05/30 16:00:28 $]
   
   Release:
   
  @@ -393,14 +393,6 @@
           - Bring the Win9xConHook.dll from 1.3 into 2.0 (no sense till it
           actually works) and add in a splash of Win9x service code.
   
  -    * In order to use a DSO version of mod_ssl we have to link with
  -      -lssl and -lcrypto. A workaround is in place right now where the
  -      entire EXTRA_LIBS macro is being appended to the objects list, but
  -      this is a hack. We should either revamp the APACHE_CHECK_SSL_TOOLKIT
  -      autoconf function or come up with some other autoconf checks to
  -      search for libssl and libcrypto and properly add them to mod_ssl's
  -      link flags.
  -
       * Fix the worker MPM to use POD to kill child processes instead
         of ap_os_killpg, regardless of how they should die. (Ryan Bloom)
   
  @@ -410,6 +402,52 @@
         later recanted. See this message to dev@apr.apache.org:
         Message-ID: <Pine.LNX.4.44.0203011354090.16457-200000@deepthought
                     .cs.virginia.edu>
  +
  +TODO ISSUES REMAINING IN MOD_SSL:
  +
  +    * In order to use a DSO version of mod_ssl we have to link with
  +      -lssl and -lcrypto. A workaround is in place right now where the
  +      entire EXTRA_LIBS macro is being appended to the objects list, but
  +      this is a hack. We should either revamp the APACHE_CHECK_SSL_TOOLKIT
  +      autoconf function or come up with some other autoconf checks to
  +      search for libssl and libcrypto and properly add them to mod_ssl's
  +      link flags.
  +
  +    * SSL renegotiations in combination with POST request
  +
  +    * Port or dispose all code inside #if 0...#endif blocks that remain
  +      from the porting effort.
  +
  +    * Do we need SSL_set_read_ahead()?
  +
  +    * the ssl_expr api is NOT THREAD SAFE.  race conditions exist:
  +       -in ssl_expr_comp() if SSLRequire is used in .htaccess
  +        (ssl_expr_info is global)
  +       -is ssl_expr_eval() if there is an error
  +        (ssl_expr_error is global)
  +
  +    * SSLRequire directive (parsing of) leaks memory
  +
  +    * Diffie-Hellman-Parameters for temporary keys are hardcoded in
  +      ssl_engine_dh.c, while the comment in ssl_engine_kernel.c says:
  +      "it is suggested that keys be changed daily or every 500
  +      transactions, and more often if possible."
  +
  +    * ssl_var_lookup could be rewritten to be MUCH faster
  +
  +
  +    * CRL callback should be pluggable
  +
  +    * session cache store should be pluggable
  +
  +    * init functions should return status code rather than ssl_die()
  +
  +    * ssl_engine_pphrase.c needs to be reworked so it is generic enough
  +      to also decrypt proxy keys
  +
  +    * the shmcb code should just align its memory segment rather than
  +      jumping through all the "safe" memcpy and memset hoops
  +
   
   EXPERIMENTAL MODULES:
       Experimental modules should eventually be be promoted to fully supported
  
  
  

Mime
View raw message