httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From c...@decus.org (Rodent of Unusual Size)
Subject Re: config/234: REMOTE_IDENT not always available to mod_rewrite (fwd)
Date Sun, 16 Mar 1997 20:31:54 GMT
>From the fingers of Ralf S. Engelschall flowed the following:
>
>>     So mod_rewrite will incur the overhead of RFC1413 processing even if
>>     the server configuration doesn't call for it.  Or am I missing
>>     something?
>
>Correct, but this lookup is only done if there is a rewrite rule which
>explicitly asks for this value, i.e. it uses the %{REMOTE_IDENT} variable. I
>think it makes sense that a (always explicit) usage of this variable leads to
>an explicit lookup of the identification string over the net if _it is still
>not known_. Only this way you can write rulesets which do what they should.
>
>Think is is ok this way because mod_rewrite will only do the lookups if the
>user asks it to do it. 

    You make a reasonable case, but there's still something about this
    that bothers me.  For one thing, it will still call rfc1413() even
    if there's an explicit "IdentityCheck Off" directive - which doesn't
    strike me as very friendly.

    I feel uncomfortable with the idea of a module using server
    functionality (particularly with the overhead of rfc1413()) which
    a) has an explicit enabling directive, b) isn't enabled by default,
    and c) is used even if the directive has DISabled it.

    Other things which use the remote_logname (such as the logging) are
    at the mercy of it having been enabled.  If the problem is that it's
    enabled, but rfc1413() hasn't been called by the time you need it,
    *that* sounds like what should be fixed.  Otherwise, you're giving a
    patient with an head-cold a tracheostomy.

    #ken    :-/}

Mime
View raw message