httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@covalent.net>
Subject Re: [patch] AP_MODE_INIT
Date Mon, 19 Nov 2001 15:52:02 GMT
From: "Doug MacEachern" <dougm@covalent.net>
Sent: Friday, November 16, 2001 6:18 PM


> i mentioned a while back that i had hacked jim winstead's "colobus" NNTP
> server (designed to run under tcpserver or inetd) into a protocol handler
> using modperl-2.0.  and that i had it working with mod_ssl.  however, to
> get it working with ssl required a special case hack that didn't always
> work.  nntp needs to respond to the client before the client sends any
> request data.  ftp has a similar requirement, i imagine other protocols 
> may as well.  the ssl filter currently assumes we will be reading request
> data from the client first and does the handshake at that time.  if we try
> to write the nntp welcome message before reading any client data, the
> handshake hasn't happened and things break.  the patch below allows such a
> protocol module to trigger the handshake, which is a noop without ssl in
> the filter chain.
> 
> for a simple example of what needs to happen, see:
> httpd-test/perl-framework/c-modules/nntp_like/mod_nntp_like.c
> with this patch applied the test works both with and without ssl.
> if somebody sees a better way todo this, you can use that test to develop
> it.  or i can take a shot if there are other suggestions.

This patch looks right.

IIRC, SSL over HTTP will need to send this same INIT handshake as part of
the request phase when trying to play an Upgrade-Connection: game.  We would 
need to upgrade the connection, and determine the SSL connection negotation,
after the user's request, but prior to creating any more output.

So +1.

Bill


Mime
View raw message