httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <>
Subject Re: httpd-2.0 STATUS
Date Thu, 30 May 2002 15:43:54 GMT
At 01:07 AM 5/30/2002, you wrote:
>On Thu, 30 May 2002, William A. Rowe, Jr. wrote:
> > is modules/ssl/README even valuable anymore?
>yes.  fine to remove the stale stuff, but not the whole damn thing.  there
>was a useful roadmap of the source in there ...

Then I'll ask a simple question before I resurrect ... Do we want individual
READMEs or LAYOUTs that describe all the files throughout each Apache
source tree directory, only one top-level LAYOUT that describes the entire
directory tree and it's contents, or neither?

List, what is your preference?

I'll be happy to create the single template or all the LAYOUT skeletons
and the group can populate all of them over time?

>... and everything that was in the
>TODO section is still valid:
>  o SSL renegotiations in combination with POST request
>  o Port all remaining code (code inside #if 0...#endif blocks)
>  o Do we need SSL_set_read_ahead()?
>  o the ssl_expr api is NOT THREAD SAFE.  race conditions exist:
>    -in ssl_expr_comp() if SSLRequire is used in .htaccess
>     (ssl_expr_info is global)
>    -is ssl_expr_eval() if there is an error
>     (ssl_expr_error is global)
>  o SSLRequire directive (parsing of) leaks memory
>  o Diffie-Hellman-Parameters for temporary keys are hardcoded in
>    ssl_engine_dh.c, while the comment in ssl_engine_kernel.c says:
>    "it is suggested that keys be changed daily or every 500
>     transactions, and more often if possible."
>  o ssl_var_lookup could be rewritten to be MUCH faster
>  o CRL callback should be pluggable
>  o session cache store should be pluggable
>  o init functions should return status code rather than ssl_die()
>  o ssl_engine_pphrase.c needs to be reworked so it is generic enough
>    to also decrypt proxy keys
>  o the shmcb code should just align its memory segment rather than
>    jumping through all the "safe" memcpy and memset hoops

Adding to our top-level STATUS, thanks Doug!!!


View raw message