httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brad Nicholes" <BNICHO...@novell.com>
Subject Re: cvs commit: httpd-2.0/docs/manual/platform netware.xml
Date Wed, 14 Jul 2004 19:13:29 GMT
   Basically because the same semantics don't fit for mod_nw_ssl. 
mod_nw_ssl is a much simpler module than mod_ssl.  It really only has
one significant directive which is SecureListen <port> <certname>.  All
the NWSSLUpgradeable directive is doing is associating a certificate
name with an existing listen <addr:port> so that if the request to
upgrade is made, Winsock has the information it needs to upgrade the
socket.

Brad

Brad Nicholes
Senior Software Engineer
Novell, Inc., the leading provider of Net business solutions
http://www.novell.com 

>>> wrowe@rowe-clan.net Wednesday, July 14, 2004 11:17:06 AM >>>
Brad,

is this the same functionality as 'SSLEngine upgrade' for the _nw_
module?

If so, why not reuse the same semantic?

  SSLEngine on         negotation crypt - dismiss non-crypt requests
  SSLEngine upgrade    begin uncrypted - allow upgrade
  SSLEngine off          begin, and stay, uncrypted

Bill

At 11:29 AM 7/14/2004, bnicholes@apache.org wrote:
>bnicholes    2004/07/14 09:29:56
>
>  Modified:    docs/manual/mod Tag: APACHE_2_0_BRANCH mod_nw_ssl.xml
>               docs/manual/platform Tag: APACHE_2_0_BRANCH
netware.xml
>  Log:
>  Add the new directive NWSSLUpgradeable to mod_nw_ssl to allow a
non-secure connection to be upgraded to secure connections
>  
>  Revision  Changes    Path
>  No                   revision
>  No                   revision
>  1.1.2.7   +16 -1     httpd-2.0/docs/manual/mod/mod_nw_ssl.xml
>  
>  Index: mod_nw_ssl.xml
>  ===================================================================
>  RCS file: /home/cvs/httpd-2.0/docs/manual/mod/mod_nw_ssl.xml,v
>  retrieving revision 1.1.2.6
>  retrieving revision 1.1.2.7
>  diff -u -r1.1.2.6 -r1.1.2.7
>  --- mod_nw_ssl.xml    17 Apr 2004 18:43:37 -0000      1.1.2.6
>  +++ mod_nw_ssl.xml    14 Jul 2004 16:29:56 -0000      1.1.2.7
>  @@ -62,4 +62,19 @@
>   </usage>
>   </directivesynopsis>
>   
>  +<directivesynopsis>
>  +<name>NWSSLUpgradeable</name>
>  +<description>Allows a connection to be upgraded to an SSL
connection upon request</description>
>  +<syntax>NWSSLUpgradeable
[<var>IP-address</var>:]<var>portnumber</var></syntax>
>  +<contextlist><context>server config</context></contextlist>
>  +
>  +<usage>
>  +    <p>Allow a connection that was created on the specified address

>  +    and/or port to be upgraded to an SSL connection upon request
from
>  +    the client. The address and/or port must have already be
defined 
>  +    previously with a <directive
module="mpm_common">Listen</directive> 
>  +    directive.</p>
>  +</usage>
>  +</directivesynopsis>
>  +
>   </modulesynopsis>
>  
>  
>  
>  No                   revision
>  No                   revision
>  1.3.2.8   +5 -1      httpd-2.0/docs/manual/platform/netware.xml
>  
>  Index: netware.xml
>  ===================================================================
>  RCS file: /home/cvs/httpd-2.0/docs/manual/platform/netware.xml,v
>  retrieving revision 1.3.2.7
>  retrieving revision 1.3.2.8
>  diff -u -r1.3.2.7 -r1.3.2.8
>  --- netware.xml       17 Apr 2004 19:10:48 -0000      1.3.2.7
>  +++ netware.xml       14 Jul 2004 16:29:56 -0000      1.3.2.8
>  @@ -413,6 +413,10 @@
>           <li><directive
module="mod_nw_ssl">NWSSLTrustedCerts</directive> -
>           Adds trusted certificates that are used to create secure
connections to proxied servers.</li>
>         </ul>
>  +      <ul>
>  +        <li><directive
module="mod_nw_ssl">NWSSLUpgradeable</directive> -
>  +        Allow a connection created on the specified address/port to
be upgraded to an SSL connection.</li>
>  +      </ul>
>   
>       </section>
>   
>  
>  
>  



Mime
View raw message