httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Stoddard" <>
Subject Re: client_socket bogosity...
Date Sat, 26 Jan 2002 02:25:56 GMT
The create_connection hook has a fatal design flaw. create_conn is run before
ap_update_vhost_given_ip(), which means that it is impossible to install input and output
filters based on vhost info.

I want to install SSL_IN and SSL_OUT filters if the request is coming in to a vhost/port
enabled for SSL and that can't be done with the create_connection hook.


> > One Nov. 12, Ryan committed a patch creating the create_conn hook. The
> > idea was to move
> > the client_socket out of the conn_rec presumably to make available
> only to
> > the core_in and
> > core_out filters.  However, I just found a backdoor...
> >
> > In core_create_conn() the socket is saved away thusly:
> > ap_set_module_config(net->c->conn_config, &core_module, csd);
> >
> > And whoever needs to access the socket does this:
> > apr_socket_t *csd = ap_get_module_config(f->c->conn_config,
> &core_module);
> That hack was added because the proxy does the completely wrong thing
> with regard to handing sockets.  In order to finish the Nov. 12 patch, I
> need to rip a lot of logic out of the proxy and re-implement, which I
> haven't had time to do recently.  The only other module that should use
> the get_module_config hack is the perchild module, which is also doing
> to completely wrong thing with regard to sockets, but I haven't had time
> to fix that one either.
> > So the goal of hiding the socket is completely blown.  The Nov. 11
> change
> > added a lot of
> > complexity to the server (hard to read/understand code) in pursuit of
> a
> > goal that is then
> > immediately circumvented by the ap_get|set_module_config. So we made
> the
> > server more
> > complex for no reason.
> It actually isn't blown.  Try writing a module that implements a non TCP
> socket, and it will work as long as you don't use the proxy or the
> perchild module.  As proof, look at the fact that the Unix MPMs have
> been using that mechanism to handle the pipe_of_death.  This allowed me
> to remove the ugly hacks at the beginning of the accept loop, which
> checked for the POD.
> Also, a big portion of the Nov 12 patch was to consolidate the accept
> functions for Unix and BeOS, which has meant far less duplicated code in
> the server.
> > I am on the verge of vetoing the Nov. 12 patch in favor of moving the
> > client_socket back
> > into the con_rec.
> >
> > Comments?
> Please don't let two mis-behaved modules color your judgment on this.
> Both proxy and perchild must be re-written if they are going to be
> clean, and once that is done the stupid set_module_config can be
> removed.  In fact, the server ran for over a day without the
> set_module_config, but that broke the proxy, so I added the hack to
> allow the proxy to continue to work, while I worked to solve the
> underlying problem.  Unfortunately, work and some extracurricular
> activities have stopped me from contributing much code recently.
> Hopefully, I will have time to code again soon.
> Ryan

View raw message