httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <jor...@redhat.com>
Subject Re: SSL Upgrade support.
Date Mon, 07 Oct 2002 09:22:47 GMT
On Sun, Oct 06, 2002 at 11:50:04PM -0400, Ryan Bloom wrote:
> Just a heads up.  I wrote SSL Upgrade support this weekend for Apache
> 2.0.  In my (currently) limited testing, things look pretty good.  We
> currently respond to all requests correctly, and I think I have the SSL
> filters being inserted properly.  However, there are no clients that I
> know of that support this feature yet.  My hope was to have time to add it
> to Neon this weekend, but it didn't happen.  I won't commit the Apache
> code until I can test it with a client, so if anybody wants to
> help me implement the client side, or if anybody knows of any clients that
> already support this, please let me know.

I did have TLS upgrade support in neon but removed it in 0.22.0 since it
was unused in practice and not really very useful even in theory (see
ietf-tls archives).

You can try cadaver 0.19.1 with this patch, which will send the Upgrade
header, and should switch to SSL on receiving a 101 interim response,
though I haven't tested that.  (It will continue sending the Upgrade
header on requests sent via SSL, which it shouldn't, so watch out for
that)

--- ./src/cadaver.c.1	2002-10-07 10:09:37.000000000 +0100
+++ ./src/cadaver.c	2002-10-07 10:10:08.000000000 +0100
@@ -367,6 +367,8 @@
 
     init_locking(lockstore);
     
+    ne_set_request_secure_upgrade(session, 1);
+
     ne_set_progress(session, transfer_progress, NULL);
     ne_set_status(session, connection_status, NULL);
 
--- ./libneon/ne_request.c.1	2002-10-07 10:13:23.000000000 +0100
+++ ./libneon/ne_request.c	2002-10-07 10:15:57.000000000 +0100
@@ -455,6 +455,9 @@
     req->reqbuf = ne_buffer_create();
     req->respbuf = ne_buffer_create_sized(BUFSIZ);
 
+    if (sess->request_secure_upgrade == 1)
+	req->upgrade_to_tls = 1;
+
     /* Add in the fixed headers */
     add_fixed_headers(req);
 
@@ -474,10 +477,6 @@
 	req->use_proxy = sess->have_proxy;
     }
 
-    if (sess->request_secure_upgrade == 1) {
-	req->upgrade_to_tls = 1;
-    }
-
     /* Add in handlers for all the standard HTTP headers. */
 
     ne_add_response_header_handler(req, "Content-Length", 

Mime
View raw message