httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject Re: Crypto and initialisation
Date Sun, 14 Sep 2008 16:39:18 GMT
Graham Leggett wrote:
> Paul Querna wrote:
> 
>> Then the API is broken.
>>
>> OpenSSL and GnuTLS both allow 'double' initialization, as long as they 
>> are also deinitiilzed the same number of times, just like APR does too.
>>
>>> What I propose to do to fix this for v2.4 and beyond is write a 
>>> simple module mod_crypto whose job it is to initialise the user's 
>>> chosen crypto(s) at most once, and serve as a parent module to 
>>> mod_ssl and any other crypto module that wants to play.
>>
>> Make the API authors fix their APIs, don't add another module.
> 
> I suspect we are 12 years too late on this particular issue. While the 
> httpd project certainly is well known, I would be pressed to think that 
> Microsoft or NSS will change their long established APIs on our account.

Nonsense.  In the MS world, double initialization and thread safety are
entirely mandated by design.

Once upon a time, there was a need for a program to accept SSL input and
do something other with it.  A single use of SSL and nothing further.

Today, the program which accepts SSL input then needs to ask questions of
several other programs in an unconnected manner, also using SSL.  Take auth,
for example.  Even inquiring about the current processes credentials
(think nss/pam/ldap) is going to trigger the necessity of an SSL provider.

So any SSL provider incapable of double initialization today is irrelevant
from its inception.  That includes nss; perhaps this is a significant reason
it's never been more widely adopted?  My experiences using nss-based ldap
have not been particularly fun in terms of interop.

Bill


Mime
View raw message