httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)" <>
Subject FW: mod_ssl for Apache 2.0 (P-II)
Date Sat, 07 Jul 2001 02:50:02 GMT
Here comes Part-2 (of 2)


-----Original Message-----
Sent: Friday, July 06, 2001 7:49 PM
To: ''
Subject: RE: mod_ssl for Apache 2.0 (P-I)

	Here's the patch for the changes that I've done to get the mod_ssl
code to compile. It is based off the httpd-2_0_19 distribution (with the
very first patch to threaded that Ryan had suggested). The attached is
Part-1 of a 2 part mail (the ezmlm doesn't allow me to send mails > 100K)

	I haven't been able to implement Ryan's suggestion regarding the use
of process_rec->pool->user_data. PLEASE note that this was my first step
towards getting most part of the code to compile - so I expect the changes
to evolve over time.. Please do commit accordingly..

Summary of changes :
1. Replace ap_ctx *ap_global_ctx with a global table (apr_table_t
ap_global_ctx) created in SERVER/MAIN.C. This was just a temporary work
around - I'll be implementing the change that Ryan suggested.
2. Use conn_rec->notes, request_rec->notes to store any intermittent values
(to replace apctx). 
3. SSLFilterCtx (on similar lines to TLSFilterCtx)
4. Current assumption is that the key file is not password encrypted (so, we
don't have the pass-phrase dialog restrictions)
5. The "#ifdef POSTPONE" block eliminates the pieces of code that I still
haven't looked into / which has to be investigated further.
6. Tried to change fopen, fclose... to use apr_file_* functionality.
7. Replace ap_* functions by the corresponding apr_* functions (not using
ap_compat.h purposefully). If anybody has objections, please do let me know
- it's really simple to go back to ap_* functionality.

Current Status :
1. If COMPILES_BUT_BREAKS_HTTP is set to "1" (in mod_ssl.c), the httpd
processes just come up - but none of the http requests will not be served -
I'm investigating further into the cause.. 
2. SSLFilter - I'm trying to use the TLSFilter code itself. (It can be
activated by setting the STILL_TESTING flag to "1" in mod_ssl.c).


-----Original Message-----
Sent: Thursday, July 05, 2001 11:27 AM
To: ''
Subject: RE: mod_ssl for Apache 2.0

Fine. I'll try to incorporate the change that Ryan has suggested and shall
send out the patch today.


-----Original Message-----
From: []
Sent: Thursday, July 05, 2001 11:14 AM
Subject: RE: mod_ssl for Apache 2.0

> > 	Thanks very much for the information. Infact over the last couple of
> > days, I've managed to eliminate most of the "#if 0 ... #endif" portions
> > the code - and get the code to compile (ofcourse with major
> Cool!
> > I'm currently trying to develop the input / output filter.
> mod_tls should provide some good insight for getting that done, as it
> sounds like you've discovered.

mod_ssl should actually just be using the TLS_filters.  No need to
duplicate code here.

> > 	Here's the set highlight of the changes that I've done :
> > 1. Replace ap_ctx *ap_global_ctx with a global table (this is just for
> > work-around, till something better can be achieved). I'm trying to
> > the amount of data that'll eventually be stored in ap_global_ctx

These should be using the process_rec->pool->user_data.

Looking forward to the patch.


Ryan Bloom               
Covalent Technologies

View raw message