httpd-modules-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hardy Griech <nt...@mardys.de>
Subject Re: mod_gnutls and mod_proxy (TLS termination)
Date Fri, 29 Apr 2011 09:25:24 GMT
On 29.04.2011 11:09, Ben Noordhuis wrote:
> On Fri, Apr 29, 2011 at 10:27, Hardy Griech<ntbox@mardys.de>  wrote:
>> I'm trying to use mod_gnutls for TLS termination without success.
>
> My first suggestion would be to use mod_ssl.

Forgot to mention:  I've patched mod_gnutls for PSK usage.

I've also thought about patching mod_ssl to recognize PSKs but there are 
several points against it:

- not easy to compile mod_ssl standalone.  To be honest I have
   problems compiling apache itself (on Debian testing)
- mod_ssl code is much larger than mod_gnutls
- mod_ssl (openssl?) does not obey the maximum fragmentation
   length requested by the clients

> Alternatively, compile Apache and mod_gnutls with -g -O0 and run it
> with `gdb --args httpd -X -e debug`. Put a breakpoint on the
> pre_connection hook and take it from there.

Thanks, I will give it a try.

Hardy

Mime
View raw message