httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <jor...@redhat.com>
Subject Re: mod_ssl TLS/SSL upgrade...
Date Fri, 05 Mar 2004 08:35:40 GMT
On Thu, Mar 04, 2004 at 09:08:28PM -0700, Brad Nicholes wrote:
>    I would like to resurrect an old discussion.  About a year and half
> ago rbb and wrowe committed a patch for mod_ssl to provide the SSLEngine
> upgrade capability.  It seems that one of the reasons for not back
> porting it to the 2.0 tree was because there weren't really any clients
> that supported it.  Well I know of at least one now which is Novell's
> iPrint client and I suspect that there may be others out there.  Does
> anyone see any major issues with backporting this functionality to 2.0? 

There are still some protocol bugs: the client should be able to upgrade
on any request not just an OPTIONS request, and the checking of the
Connection header is wrong and unnecessary.  It looks like it will break
if a client sends an Upgrade header on a request with a body, too.

(there is no deployment of 2817-style upgrades outside IPP because the
protocol is broken w.r.t HTTP proxies, hence is not generally useful)

joe

Mime
View raw message