httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <>
Subject SSL upgrade [was: Final patch for a long time]
Date Thu, 12 Dec 2002 07:08:08 GMT
At 11:46 AM 10/15/2002, wrote:
>The second is SSL upgrade.  I have the patches, they haven't been
>committed yet.  I have attached them at the bottom of this message.  The
>reason they haven't been committed, is that I don't have a client to test
>them with, and I haven't had time to create one.  The responses are
>correct I have checked them in plain text.  The place that bugs most
>likely exist, is the actual upgrade code that does the handshake.  This is
>an important feature, and I would really like to see it in 2.0.

I see a couple of very important aspects to this patch:

1) we must have an implementation of connection: upgrade for libwww, since
   that is the mechanism we use for httpd-test/perl-framework.  I don't have 
   such a fix, so I'm just asking the community if anyone has explored that 

2) it has to be maintained.  I've looked at this patch, it appears quite correct.
   I'm going to begin working on applying it to cvs HEAD.  I'm not concerned
   about it quickly appearing in 2.0 since there are no clients right now.  I'm
   much more concerned about it's availability once clients can support it.

3) right now, the ssl code (ssl_engine_io) was already pretty heavily refactored.
   The patch wasn't easy to apply.  We are discussing other refactorings that
   will make SSL much simpler to follow and far less error-prone.  Those will
   effectively invalidate the effort Ryan has already invested.

My proposed solution is to review the patch and apply it to cvs HEAD.  Get it
committed.  Of course there are no test suites right now, and there won't be
for a little while yet.  But once the code exists, it will be simpler to keep the
SSL upgrade facility maintained, and debug it as the clients become available
(most especially, libwww exercises through perl-framework.)

Any disagreement?

The current patch that applies to cvs HEAD is attached.


View raw message